# Flog Txt Version 1
# Analyzer Version: 3.2.2
# Analyzer Build Date: Mar 3 2020 14:14:30
# Log Creation Date: 31.03.2020 13:11:02.062
Process:
id = "1"
image_name = "bb ransomware.exe"
filename = "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"
page_root = "0x1afd4000"
os_pid = "0xe48"
os_integrity_level = "0x3000"
os_privileges = "0x60800000"
monitor_reason = "analysis_target"
parent_id = "0"
os_parent_pid = "0x560"
cmd_line = "\"C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe\" "
cur_dir = "C:\\Users\\FD1HVy\\Desktop\\"
os_username = "NQDPDE\\FD1HVy"
bitness = "32"
os_groups = "NQDPDE\\Domain Users" [0x7], "Everyone" [0x7], "NT AUTHORITY\\Local account and member of Administrators group" [0x7], "BUILTIN\\Administrators" [0xf], "BUILTIN\\Users" [0x7], "NT AUTHORITY\\INTERACTIVE" [0x7], "CONSOLE LOGON" [0x7], "NT AUTHORITY\\Authenticated Users" [0x7], "NT AUTHORITY\\This Organization" [0x7], "NT AUTHORITY\\Local account" [0x7], "NT AUTHORITY\\Logon Session 00000000:0000fd03" [0xc0000007], "LOCAL" [0x7], "NT AUTHORITY\\NTLM Authentication" [0x7]
Thread:
id = 1
os_tid = 0xf50
[0098.372] CoInitializeEx (pvReserved=0x0, dwCoInit=0x2) returned 0x0
[0099.235] RoInitialize () returned 0x1
[0099.235] RoUninitialize () returned 0x0
[0105.740] RegisterClipboardFormatW (lpszFormat="WM_GETCONTROLNAME") returned 0xc151
[0105.740] RegisterClipboardFormatW (lpszFormat="WM_GETCONTROLTYPE") returned 0xc19c
[0106.089] GetCurrentProcess () returned 0xffffffff
[0106.091] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7e9f4 | out: TokenHandle=0xd7e9f4*=0x2b8) returned 1
[0106.120] GetCurrentProcess () returned 0xffffffff
[0106.121] DuplicateHandle (in: hSourceProcessHandle=0xffffffff, hSourceHandle=0xfffffffe, hTargetProcessHandle=0xffffffff, lpTargetHandle=0xd7ea54, dwDesiredAccess=0x0, bInheritHandle=0, dwOptions=0x2 | out: lpTargetHandle=0xd7ea54*=0x2c0) returned 1
[0107.376] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x105, lpBuffer=0xd7db88, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", lpFilePart=0x0) returned 0x30
[0107.382] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\.NETFramework\\AppContext", ulOptions=0x0, samDesired=0x20019, phkResult=0xd7d8b0 | out: phkResult=0xd7d8b0*=0x0) returned 0x2
[0107.383] RegCloseKey (hKey=0x80000002) returned 0x0
[0107.955] GetCurrentProcess () returned 0xffffffff
[0107.955] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7def0 | out: TokenHandle=0xd7def0*=0xe4) returned 1
[0108.024] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\", nBufferLength=0x104, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\", lpFilePart=0x0) returned 0x2e
[0108.031] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\config\\machine.config"), fInfoLevelId=0x0, lpFileInformation=0xd7dee8 | out: lpFileInformation=0xd7dee8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x56a29ff, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97df7583, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97df7583, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x8c8f)) returned 1
[0108.033] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x44
[0108.033] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x44, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", lpFilePart=0x0) returned 0x43
[0108.034] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\config\\machine.config"), fInfoLevelId=0x0, lpFileInformation=0xd7def0 | out: lpFileInformation=0xd7def0*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x56a29ff, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97df7583, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97df7583, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x8c8f)) returned 1
[0108.035] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x44
[0108.035] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x44, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", lpFilePart=0x0) returned 0x43
[0108.036] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7de28) returned 1
[0108.037] CreateFileW (lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\config\\machine.config"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x2d0
[0108.037] GetFileType (hFile=0x2d0) returned 0x1
[0108.037] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7de24) returned 1
[0108.037] GetFileType (hFile=0x2d0) returned 0x1
[0108.116] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="SOFTWARE\\Microsoft\\.NETFramework\\XML", ulOptions=0x0, samDesired=0x20019, phkResult=0xd7de74 | out: phkResult=0xd7de74*=0x0) returned 0x2
[0108.117] RegOpenKeyExW (in: hKey=0x80000001, lpSubKey="SOFTWARE\\Microsoft\\.NETFramework\\XML", ulOptions=0x0, samDesired=0x20019, phkResult=0xd7de74 | out: phkResult=0xd7de74*=0x0) returned 0x2
[0108.122] GetFileSize (in: hFile=0x2d0, lpFileSizeHigh=0xd7dee4 | out: lpFileSizeHigh=0xd7dee4*=0x0) returned 0x8c8f
[0108.123] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dea0, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dea0*=0x1000, lpOverlapped=0x0) returned 1
[0108.202] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dd4c, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dd4c*=0x1000, lpOverlapped=0x0) returned 1
[0108.204] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dc00, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dc00*=0x1000, lpOverlapped=0x0) returned 1
[0108.205] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dc00, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dc00*=0x1000, lpOverlapped=0x0) returned 1
[0108.205] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dc00, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dc00*=0x1000, lpOverlapped=0x0) returned 1
[0108.205] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7db38, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7db38*=0x1000, lpOverlapped=0x0) returned 1
[0108.212] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dcbc, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dcbc*=0x1000, lpOverlapped=0x0) returned 1
[0108.214] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dbc8, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dbc8*=0x1000, lpOverlapped=0x0) returned 1
[0108.214] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dbc8, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dbc8*=0xc8f, lpOverlapped=0x0) returned 1
[0108.215] ReadFile (in: hFile=0x2d0, lpBuffer=0x2c098f0, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7dc8c, lpOverlapped=0x0 | out: lpBuffer=0x2c098f0*, lpNumberOfBytesRead=0xd7dc8c*=0x0, lpOverlapped=0x0) returned 1
[0108.215] CloseHandle (hObject=0x2d0) returned 1
[0108.216] GetCurrentProcess () returned 0xffffffff
[0108.217] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7e038 | out: TokenHandle=0xd7e038*=0x2d0) returned 1
[0108.217] GetCurrentProcess () returned 0xffffffff
[0108.217] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7e038 | out: TokenHandle=0xd7e038*=0x2d8) returned 1
[0108.218] GetCurrentProcess () returned 0xffffffff
[0108.218] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7def0 | out: TokenHandle=0xd7def0*=0x2dc) returned 1
[0108.218] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe.config"), fInfoLevelId=0x0, lpFileInformation=0xd7dee8 | out: lpFileInformation=0xd7dee8*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0108.218] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0108.218] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", lpFilePart=0x0) returned 0x30
[0108.218] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe.config"), fInfoLevelId=0x0, lpFileInformation=0xd7def0 | out: lpFileInformation=0xd7def0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0108.219] GetCurrentProcess () returned 0xffffffff
[0108.219] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7e038 | out: TokenHandle=0xd7e038*=0x2e0) returned 1
[0108.219] GetCurrentProcess () returned 0xffffffff
[0108.219] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7e038 | out: TokenHandle=0xd7e038*=0x2e4) returned 1
[0108.294] GetCurrentProcess () returned 0xffffffff
[0108.294] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7de98 | out: TokenHandle=0xd7de98*=0x2e8) returned 1
[0108.300] GetCurrentProcess () returned 0xffffffff
[0108.300] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7dea8 | out: TokenHandle=0xd7dea8*=0x2ec) returned 1
[0108.308] GetCurrentProcess () returned 0xffffffff
[0108.308] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7e5d8 | out: TokenHandle=0xd7e5d8*=0x2f0) returned 1
[0108.308] GetCurrentProcess () returned 0xffffffff
[0108.308] OpenProcessToken (in: ProcessHandle=0xffffffff, DesiredAccess=0x2000000, TokenHandle=0xd7e5e8 | out: TokenHandle=0xd7e5e8*=0x2f4) returned 1
[0108.373] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x0
[0108.377] LoadLibraryW (lpLibFileName="comctl32.dll") returned 0x6fd40000
[0110.374] GetModuleHandleW (lpModuleName="user32.dll") returned 0x750c0000
[0110.374] GetProcAddress (hModule=0x750c0000, lpProcName="DefWindowProcW") returned 0x743c0140
[0110.375] GetStockObject (i=5) returned 0x900015
[0110.380] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0110.386] CoTaskMemAlloc (cb=0x5a) returned 0x11a0c18
[0110.386] RegisterClassW (lpWndClass=0xd7e868) returned 0xc19b
[0110.387] CoTaskMemFree (pv=0x11a0c18)
[0110.387] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0110.388] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x2010000, X=0, Y=0, nWidth=0, nHeight=0, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x302cc
[0110.389] SetWindowLongW (hWnd=0x302cc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0110.390] GetWindowLongW (hWnd=0x302cc, nIndex=-4) returned 1950089536
[0110.392] RegOpenKeyExW (in: hKey=0x80000002, lpSubKey="Software\\Microsoft\\.NETFramework", ulOptions=0x0, samDesired=0x20019, phkResult=0xd7e088 | out: phkResult=0xd7e088*=0x2fc) returned 0x0
[0110.392] RegQueryValueExW (in: hKey=0x2fc, lpValueName="DbgJITDebugLaunchSetting", lpReserved=0x0, lpType=0xd7e0a8, lpData=0x0, lpcbData=0xd7e0a4*=0x0 | out: lpType=0xd7e0a8*=0x0, lpData=0x0, lpcbData=0xd7e0a4*=0x0) returned 0x2
[0110.393] RegQueryValueExW (in: hKey=0x2fc, lpValueName="DbgManagedDebugger", lpReserved=0x0, lpType=0xd7e0a8, lpData=0x0, lpcbData=0xd7e0a4*=0x0 | out: lpType=0xd7e0a8*=0x0, lpData=0x0, lpcbData=0xd7e0a4*=0x0) returned 0x2
[0110.393] RegCloseKey (hKey=0x2fc) returned 0x0
[0110.394] SetWindowLongW (hWnd=0x302cc, nIndex=-4, dwNewLong=19924494) returned 1950089536
[0110.394] GetWindowLongW (hWnd=0x302cc, nIndex=-4) returned 19924494
[0110.394] GetWindowLongW (hWnd=0x302cc, nIndex=-16) returned 113311744
[0110.413] RegisterClipboardFormatW (lpszFormat="WinFormsMouseEnter") returned 0xc19e
[0110.452] RegisterClipboardFormatW (lpszFormat="WinFormsUnSubclass") returned 0xc19f
[0110.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302cc, Msg=0x81, wParam=0x0, lParam=0xd7e3d8) returned 0x1
[0110.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302cc, Msg=0x83, wParam=0x0, lParam=0xd7e3c4) returned 0x0
[0110.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302cc, Msg=0x1, wParam=0x0, lParam=0xd7e3d8) returned 0x0
[0110.841] GetClientRect (in: hWnd=0x302cc, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0110.841] GetWindowRect (in: hWnd=0x302cc, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0110.843] GetParent (hWnd=0x302cc) returned 0x0
[0113.349] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0113.349] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0113.360] IsAppThemed () returned 0x1
[0113.362] CoTaskMemAlloc (cb=0xf0) returned 0x119b5e0
[0113.362] CreateActCtxA (pActCtx=0xd7ed40) returned 0x11b39e4
[0113.574] CoTaskMemFree (pv=0x119b5e0)
[0114.525] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0114.587] AdjustWindowRectEx (in: lpRect=0xd7e8cc, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e8cc) returned 1
[0114.901] EtwEventRegister (in: ProviderId=0x2c283d8, EnableCallback=0x1300636, CallbackContext=0x0, RegHandle=0x2c283b4 | out: RegHandle=0x2c283b4) returned 0x0
[0114.985] GetSystemDefaultLCID () returned 0x409
[0114.986] GetStockObject (i=17) returned 0xa01c1
[0114.988] GetObjectW (in: h=0xa01c1, c=92, pv=0xd7e3f0 | out: pv=0xd7e3f0) returned 92
[0114.989] GetDC (hWnd=0x0) returned 0x60100ce
[0115.222] GdiplusStartup (in: token=0xf27d10, input=0xd7d9a8, output=0xd7d9f8 | out: token=0xf27d10, output=0xd7d9f8) returned 0x0
[0115.232] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0115.349] GdipCreateFontFromLogfontW (hdc=0x60100ce, logfont=0x11a0c18, font=0xd7e4b8) returned 0x0
[0117.159] CoTaskMemFree (pv=0x11a0c18)
[0117.160] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0117.161] CoTaskMemFree (pv=0x11a0c18)
[0117.161] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0117.161] CoTaskMemFree (pv=0x11a0c18)
[0117.161] GdipGetFontUnit (font=0x54e1f08, unit=0xd7e480) returned 0x0
[0117.161] GdipGetFontSize (font=0x54e1f08, size=0xd7e484) returned 0x0
[0117.162] GdipGetFontStyle (font=0x54e1f08, style=0xd7e47c) returned 0x0
[0117.162] GdipGetFamily (font=0x54e1f08, family=0xd7e478) returned 0x0
[0117.162] GdipGetFontSize (font=0x54e1f08, size=0x2c28c60) returned 0x0
[0117.163] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0117.163] GetDC (hWnd=0x0) returned 0x107b9
[0117.163] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e494) returned 0x0
[0117.171] GdipGetDpiY (graphics=0x65ff260, dpi=0x2c28d3c) returned 0x0
[0117.172] GdipGetFontHeight (font=0x54e1f08, graphics=0x65ff260, height=0xd7e48c) returned 0x0
[0117.172] GdipGetEmHeight (family=0x54e99a0, style=0, EmHeight=0xd7e494) returned 0x0
[0117.172] GdipGetLineSpacing (family=0x54e99a0, style=0, LineSpacing=0xd7e494) returned 0x0
[0117.173] GdipDeleteGraphics (graphics=0x65ff260) returned 0x0
[0117.173] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0117.173] GdipCreateFont (fontFamily=0x54e99a0, emSize=0x41040000, style=0, unit=0x3, font=0x2c28d58) returned 0x0
[0117.173] GdipGetFontSize (font=0x54eef48, size=0x2c28d5c) returned 0x0
[0117.174] GdipDeleteFont (font=0x54e1f08) returned 0x0
[0117.174] GetDC (hWnd=0x0) returned 0x107b9
[0117.174] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e508) returned 0x0
[0117.174] GdipGetFontHeight (font=0x54eef48, graphics=0x65ff260, height=0xd7e500) returned 0x0
[0117.174] GdipDeleteGraphics (graphics=0x65ff260) returned 0x0
[0117.175] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0117.176] GetSystemMetrics (nIndex=5) returned 1
[0117.176] GetSystemMetrics (nIndex=6) returned 1
[0117.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.178] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e630) returned 1
[0117.181] GetDC (hWnd=0x0) returned 0x107b9
[0117.181] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e508) returned 0x0
[0117.181] GdipGetFontHeight (font=0x54eef48, graphics=0x65ff260, height=0xd7e500) returned 0x0
[0117.181] GdipDeleteGraphics (graphics=0x65ff260) returned 0x0
[0117.181] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0117.182] GetSystemMetrics (nIndex=5) returned 1
[0117.182] GetSystemMetrics (nIndex=6) returned 1
[0117.182] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.182] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e630) returned 1
[0117.184] GetDC (hWnd=0x0) returned 0x107b9
[0117.185] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e508) returned 0x0
[0117.185] GdipGetFontHeight (font=0x54eef48, graphics=0x65ff260, height=0xd7e500) returned 0x0
[0117.185] GdipDeleteGraphics (graphics=0x65ff260) returned 0x0
[0117.185] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0117.185] GetSystemMetrics (nIndex=5) returned 1
[0117.185] GetSystemMetrics (nIndex=6) returned 1
[0117.186] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.186] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e630) returned 1
[0117.220] GetDC (hWnd=0x0) returned 0x107b9
[0117.220] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e508) returned 0x0
[0117.220] GdipGetFontHeight (font=0x54eef48, graphics=0x65ff260, height=0xd7e500) returned 0x0
[0117.220] GdipDeleteGraphics (graphics=0x65ff260) returned 0x0
[0117.220] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0117.220] GetSystemMetrics (nIndex=5) returned 1
[0117.220] GetSystemMetrics (nIndex=6) returned 1
[0117.221] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.221] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e630) returned 1
[0117.223] GetDC (hWnd=0x0) returned 0x107b9
[0117.223] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e508) returned 0x0
[0117.223] GdipGetFontHeight (font=0x54eef48, graphics=0x65ff260, height=0xd7e500) returned 0x0
[0117.223] GdipDeleteGraphics (graphics=0x65ff260) returned 0x0
[0117.223] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0117.224] GetSystemMetrics (nIndex=5) returned 1
[0117.224] GetSystemMetrics (nIndex=6) returned 1
[0117.224] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.224] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e630) returned 1
[0117.227] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.228] AdjustWindowRectEx (in: lpRect=0xd7e634, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e634) returned 1
[0117.233] GetDC (hWnd=0x0) returned 0x107b9
[0117.233] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e508) returned 0x0
[0117.234] GdipGetFontHeight (font=0x54eef48, graphics=0x65ff260, height=0xd7e500) returned 0x0
[0117.234] GdipDeleteGraphics (graphics=0x65ff260) returned 0x0
[0117.234] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0117.234] GetSystemMetrics (nIndex=5) returned 1
[0117.234] GetSystemMetrics (nIndex=6) returned 1
[0117.234] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.234] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e630) returned 1
[0117.236] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.237] AdjustWindowRectEx (in: lpRect=0xd7e634, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e634) returned 1
[0117.239] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.239] AdjustWindowRectEx (in: lpRect=0xd7e634, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e634) returned 1
[0117.242] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.242] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e630) returned 1
[0117.246] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.246] AdjustWindowRectEx (in: lpRect=0xd7e630, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e630) returned 1
[0117.251] GetSystemMetrics (nIndex=5) returned 1
[0117.251] GetSystemMetrics (nIndex=6) returned 1
[0117.252] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.252] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e594) returned 1
[0117.254] GetSystemMetrics (nIndex=5) returned 1
[0117.254] GetSystemMetrics (nIndex=6) returned 1
[0117.254] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.254] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e594) returned 1
[0117.256] GetSystemMetrics (nIndex=5) returned 1
[0117.256] GetSystemMetrics (nIndex=6) returned 1
[0117.256] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.256] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e594) returned 1
[0117.258] GetSystemMetrics (nIndex=5) returned 1
[0117.258] GetSystemMetrics (nIndex=6) returned 1
[0117.259] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.259] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e594) returned 1
[0117.261] GetSystemMetrics (nIndex=5) returned 1
[0117.261] GetSystemMetrics (nIndex=6) returned 1
[0117.261] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.261] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e594) returned 1
[0117.475] GdipCreateFontFamilyFromName (name="Microsoft Sans Serif", fontCollection=0x0, fontFamily=0xd7e610) returned 0x0
[0117.476] GdipCreateFont (fontFamily=0x54e99a0, emSize=0x41ae0000, style=1, unit=0x3, font=0x2c2a288) returned 0x0
[0117.476] GdipGetFontSize (font=0x54e1f08, size=0x2c2a28c) returned 0x0
[0117.478] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.478] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e594) returned 1
[0117.488] GetUserObjectInformationA (in: hObj=0x13c, nIndex=1, pvInfo=0x2c2a980, nLength=0xc, lpnLengthNeeded=0xd7e470 | out: pvInfo=0x2c2a980, lpnLengthNeeded=0xd7e470) returned 1
[0117.490] SetConsoleCtrlHandler (HandlerRoutine=0x130065e, Add=1) returned 1
[0117.491] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0117.491] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0117.493] GetClassInfoW (in: hInstance=0x9c0000, lpClassName=".NET-BroadcastEventWindow.4.0.0.0.141b42a.0", lpWndClass=0x2c2a9e4 | out: lpWndClass=0x2c2a9e4) returned 0
[0117.495] CoTaskMemAlloc (cb=0x58) returned 0x11b8978
[0117.495] RegisterClassW (lpWndClass=0xd7e3c0) returned 0xc1a1
[0117.495] CoTaskMemFree (pv=0x11b8978)
[0117.496] CreateWindowExW (dwExStyle=0x0, lpClassName=".NET-BroadcastEventWindow.4.0.0.0.141b42a.0", lpWindowName=".NET-BroadcastEventWindow.4.0.0.0.141b42a.0", dwStyle=0x80000000, X=0, Y=0, nWidth=0, nHeight=0, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x300ec
[0117.501] NtdllDefWindowProc_W (hWnd=0x300ec, Msg=0x83, wParam=0x0, lParam=0xd7deec) returned 0x0
[0117.501] NtdllDefWindowProc_W (hWnd=0x300ec, Msg=0x1, wParam=0x0, lParam=0xd7df00) returned 0x0
[0117.502] NtdllDefWindowProc_W (hWnd=0x300ec, Msg=0x5, wParam=0x0, lParam=0x0) returned 0x0
[0117.502] NtdllDefWindowProc_W (hWnd=0x300ec, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0117.507] GetSysColor (nIndex=10) returned 0xb4b4b4
[0117.507] GetSysColor (nIndex=2) returned 0xd1b499
[0117.507] GetSysColor (nIndex=9) returned 0x0
[0117.507] GetSysColor (nIndex=12) returned 0xababab
[0117.507] GetSysColor (nIndex=15) returned 0xf0f0f0
[0117.507] GetSysColor (nIndex=20) returned 0xffffff
[0117.507] GetSysColor (nIndex=16) returned 0xa0a0a0
[0117.507] GetSysColor (nIndex=15) returned 0xf0f0f0
[0117.507] GetSysColor (nIndex=16) returned 0xa0a0a0
[0117.507] GetSysColor (nIndex=21) returned 0x696969
[0117.507] GetSysColor (nIndex=22) returned 0xe3e3e3
[0117.507] GetSysColor (nIndex=20) returned 0xffffff
[0117.507] GetSysColor (nIndex=18) returned 0x0
[0117.507] GetSysColor (nIndex=1) returned 0x0
[0117.507] GetSysColor (nIndex=27) returned 0xead1b9
[0117.507] GetSysColor (nIndex=28) returned 0xf2e4d7
[0117.507] GetSysColor (nIndex=17) returned 0x6d6d6d
[0117.507] GetSysColor (nIndex=13) returned 0xd77800
[0117.507] GetSysColor (nIndex=14) returned 0xffffff
[0117.507] GetSysColor (nIndex=26) returned 0xcc6600
[0117.507] GetSysColor (nIndex=11) returned 0xfcf7f4
[0117.508] GetSysColor (nIndex=3) returned 0xdbcdbf
[0117.508] GetSysColor (nIndex=19) returned 0x0
[0117.508] GetSysColor (nIndex=24) returned 0xe1ffff
[0117.508] GetSysColor (nIndex=23) returned 0x0
[0117.508] GetSysColor (nIndex=4) returned 0xf0f0f0
[0117.508] GetSysColor (nIndex=30) returned 0xf0f0f0
[0117.508] GetSysColor (nIndex=29) returned 0xd77800
[0117.508] GetSysColor (nIndex=7) returned 0x0
[0117.508] GetSysColor (nIndex=0) returned 0xc8c8c8
[0117.508] GetSysColor (nIndex=5) returned 0xffffff
[0117.508] GetSysColor (nIndex=6) returned 0x646464
[0117.508] GetSysColor (nIndex=8) returned 0x0
[0117.508] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.509] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e594) returned 1
[0117.511] GetSystemMetrics (nIndex=5) returned 1
[0117.511] GetSystemMetrics (nIndex=6) returned 1
[0117.511] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.511] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e594) returned 1
[0117.513] GdipCreateFontFamilyFromName (name="Microsoft Sans Serif", fontCollection=0x0, fontFamily=0xd7e610) returned 0x0
[0117.513] GdipCreateFont (fontFamily=0x54e99a0, emSize=0x41400000, style=0, unit=0x3, font=0x2c2af40) returned 0x0
[0117.513] GdipGetFontSize (font=0x65fabd0, size=0x2c2af44) returned 0x0
[0117.513] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.514] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e594) returned 1
[0117.514] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.514] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e594) returned 1
[0117.516] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.516] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e594) returned 1
[0117.516] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.517] AdjustWindowRectEx (in: lpRect=0xd7e594, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e594) returned 1
[0117.520] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.520] AdjustWindowRectEx (in: lpRect=0xd7e5c0, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e5c0) returned 1
[0117.523] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.523] AdjustWindowRectEx (in: lpRect=0xd7e5c0, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e5c0) returned 1
[0117.523] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0117.523] AdjustWindowRectEx (in: lpRect=0xd7e5c0, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e5c0) returned 1
[0117.646] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x105, lpBuffer=0xd7dea8, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", lpFilePart=0x0) returned 0x30
[0117.646] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e364) returned 1
[0117.647] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe.config"), fInfoLevelId=0x0, lpFileInformation=0xd7e3e0 | out: lpFileInformation=0xd7e3e0*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0117.647] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e360) returned 1
[0118.125] GdipLoadImageFromStream (stream=0x5090030, image=0xd7e040) returned 0x0
[0120.185] GdipImageForceValidation (image=0x65ff260) returned 0x0
[0120.190] GdipGetImageType (image=0x65ff260, type=0xd7e03c) returned 0x0
[0120.190] GdipGetImageRawFormat (image=0x65ff260, format=0xd7dfb0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0120.203] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0120.204] AdjustWindowRectEx (in: lpRect=0xd7e5f4, dwStyle=0x2cf0000, bMenu=0, dwExStyle=0x50000 | out: lpRect=0xd7e5f4) returned 1
[0120.204] GetSystemMetrics (nIndex=59) returned 1460
[0120.204] GetSystemMetrics (nIndex=60) returned 920
[0120.204] GetSystemMetrics (nIndex=34) returned 136
[0120.204] GetSystemMetrics (nIndex=35) returned 39
[0120.204] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0120.204] AdjustWindowRectEx (in: lpRect=0xd7e4f4, dwStyle=0x2cf0000, bMenu=0, dwExStyle=0x50000 | out: lpRect=0xd7e4f4) returned 1
[0120.205] GetCurrentThreadId () returned 0xf50
[0120.205] GetCurrentThreadId () returned 0xf50
[0120.205] GetCurrentThreadId () returned 0xf50
[0120.205] GetCurrentThreadId () returned 0xf50
[0120.205] GetCurrentThreadId () returned 0xf50
[0120.205] GetCurrentThreadId () returned 0xf50
[0120.206] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0120.206] AdjustWindowRectEx (in: lpRect=0xd7e3ec, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e3ec) returned 1
[0120.271] GdipGetFamilyName (in: family=0x54e99a0, name=0xd7e2d8, language=0x409 | out: name="Microsoft Sans Serif") returned 0x0
[0120.288] CreateCompatibleDC (hdc=0x0) returned 0x65010512
[0120.289] GetCurrentObject (hdc=0x65010512, type=0x1) returned 0xb00017
[0120.289] GetCurrentObject (hdc=0x65010512, type=0x2) returned 0x900010
[0120.289] GetCurrentObject (hdc=0x65010512, type=0x7) returned 0x85000f
[0120.289] GetCurrentObject (hdc=0x65010512, type=0x6) returned 0x8a01c2
[0120.290] SaveDC (hdc=0x65010512) returned 1
[0120.290] GetDeviceCaps (hdc=0x65010512, index=90) returned 96
[0120.291] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0120.291] CreateFontIndirectW (lplf=0x11a0c18) returned 0x6d0a0520
[0120.291] CoTaskMemFree (pv=0x11a0c18)
[0120.292] GetObjectW (in: h=0x6d0a0520, c=92, pv=0xd7e29c | out: pv=0xd7e29c) returned 92
[0120.292] GetCurrentObject (hdc=0x65010512, type=0x6) returned 0x8a01c2
[0120.292] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e204 | out: pv=0xd7e204) returned 92
[0120.293] SelectObject (hdc=0x65010512, h=0x6d0a0520) returned 0x8a01c2
[0120.293] GetMapMode (hdc=0x65010512) returned 1
[0120.293] GetTextMetricsW (in: hdc=0x65010512, lptm=0xd7e2cc | out: lptm=0xd7e2cc) returned 1
[0120.295] DrawTextExW (in: hdc=0x65010512, lpchText="Path:", cchText=5, lprc=0xd7e3d8, format=0x2400, lpdtp=0x2c46774 | out: lpchText="Path:", lprc=0xd7e3d8) returned 13
[0120.720] GetCurrentThreadId () returned 0xf50
[0120.720] GetCurrentThreadId () returned 0xf50
[0120.721] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0120.721] AdjustWindowRectEx (in: lpRect=0xd7e3ec, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e3ec) returned 1
[0120.721] GdipGetFamilyName (in: family=0x54e99a0, name=0xd7e2d8, language=0x409 | out: name="Microsoft Sans Serif") returned 0x0
[0120.721] GetDeviceCaps (hdc=0x65010512, index=90) returned 96
[0120.721] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0120.722] CreateFontIndirectW (lplf=0x11a0c18) returned 0x730a0538
[0120.722] CoTaskMemFree (pv=0x11a0c18)
[0120.722] GetObjectW (in: h=0x730a0538, c=92, pv=0xd7e29c | out: pv=0xd7e29c) returned 92
[0120.724] SelectObject (hdc=0x65010512, h=0x730a0538) returned 0x6d0a0520
[0120.724] GetMapMode (hdc=0x65010512) returned 1
[0120.724] GetTextMetricsW (in: hdc=0x65010512, lptm=0xd7e2cc | out: lptm=0xd7e2cc) returned 1
[0120.724] DrawTextExW (in: hdc=0x65010512, lpchText="If you have a special decrypt code, please select Path and\r\ndecrypt file", cchText=72, lprc=0xd7e3d8, format=0x2400, lpdtp=0x2c46a6c | out: lpchText="If you have a special decrypt code, please select Path and\r\ndecrypt file", lprc=0xd7e3d8) returned 40
[0120.752] GetCurrentThreadId () returned 0xf50
[0120.752] GetCurrentThreadId () returned 0xf50
[0120.752] GetCurrentThreadId () returned 0xf50
[0120.752] GetCurrentThreadId () returned 0xf50
[0120.753] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0120.753] AdjustWindowRectEx (in: lpRect=0xd7e3ec, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e3ec) returned 1
[0120.753] GdipGetFamilyName (in: family=0x54e99a0, name=0xd7e2d8, language=0x409 | out: name="Microsoft Sans Serif") returned 0x0
[0120.753] GetDeviceCaps (hdc=0x65010512, index=90) returned 96
[0120.753] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0120.753] CreateFontIndirectW (lplf=0x11a0c18) returned 0x460a052c
[0120.753] CoTaskMemFree (pv=0x11a0c18)
[0120.754] GetObjectW (in: h=0x460a052c, c=92, pv=0xd7e29c | out: pv=0xd7e29c) returned 92
[0120.754] SelectObject (hdc=0x65010512, h=0x460a052c) returned 0x730a0538
[0120.754] GetMapMode (hdc=0x65010512) returned 1
[0120.754] GetTextMetricsW (in: hdc=0x65010512, lptm=0xd7e2cc | out: lptm=0xd7e2cc) returned 1
[0120.771] DrawTextExW (in: hdc=0x65010512, lpchText="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code", cchText=146, lprc=0xd7e3d8, format=0x2400, lpdtp=0x2c46e14 | out: lpchText="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code", lprc=0xd7e3d8) returned 231
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0120.839] GetCurrentThreadId () returned 0xf50
[0121.020] GetSystemMetrics (nIndex=11) returned 32
[0121.020] GetSystemMetrics (nIndex=12) returned 32
[0121.020] GetDC (hWnd=0x0) returned 0xf0105ee
[0121.021] GetDeviceCaps (hdc=0xf0105ee, index=12) returned 32
[0121.021] GetDeviceCaps (hdc=0xf0105ee, index=14) returned 1
[0121.021] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0121.022] CreateIconFromResourceEx (presbits=0x2c52cdc, dwResSize=0x10a8, fIcon=1, dwVer=0x30000, cxDesired=0, cyDesired=0, Flags=0x0) returned 0xa0091
[0121.025] CreateCompatibleDC (hdc=0x0) returned 0x1f01067a
[0121.025] GetDC (hWnd=0x0) returned 0xf0105ee
[0121.025] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e41c) returned 0x0
[0121.026] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0121.026] GdipGetLogFontW (font=0x54eef48, graphics=0x65ffb70, logfontW=0x11a0c18) returned 0x0
[0121.070] CoTaskMemFree (pv=0x11a0c18)
[0121.070] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0121.070] CoTaskMemFree (pv=0x11a0c18)
[0121.071] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0121.071] CoTaskMemFree (pv=0x11a0c18)
[0121.071] GdipDeleteGraphics (graphics=0x65ffb70) returned 0x0
[0121.071] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0121.071] CoTaskMemAlloc (cb=0x5c) returned 0x11a0c18
[0121.071] CreateFontIndirectW (lplf=0x11a0c18) returned 0x230a0786
[0121.071] CoTaskMemFree (pv=0x11a0c18)
[0121.071] SelectObject (hdc=0x1f01067a, h=0x230a0786) returned 0x8a01c2
[0121.072] GetTextMetricsW (in: hdc=0x1f01067a, lptm=0xd7e528 | out: lptm=0xd7e528) returned 1
[0121.072] GetTextExtentPoint32W (in: hdc=0x1f01067a, lpString="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", c=52, psizl=0x2c54598 | out: psizl=0x2c54598) returned 1
[0121.073] SelectObject (hdc=0x1f01067a, h=0x8a01c2) returned 0x230a0786
[0121.073] DeleteDC (hdc=0x1f01067a) returned 1
[0121.074] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.074] AdjustWindowRectEx (in: lpRect=0xd7e290, dwStyle=0x2cc0000, bMenu=0, dwExStyle=0x50000 | out: lpRect=0xd7e290) returned 1
[0121.074] AdjustWindowRectEx (in: lpRect=0xd7e4b4, dwStyle=0x2cc0000, bMenu=0, dwExStyle=0x50000 | out: lpRect=0xd7e4b4) returned 1
[0121.075] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.075] AdjustWindowRectEx (in: lpRect=0xd7e208, dwStyle=0x2cc0000, bMenu=0, dwExStyle=0x50000 | out: lpRect=0xd7e208) returned 1
[0121.075] AdjustWindowRectEx (in: lpRect=0xd7e2ec, dwStyle=0x2cc0000, bMenu=0, dwExStyle=0x50000 | out: lpRect=0xd7e2ec) returned 1
[0121.075] GetSystemMetrics (nIndex=34) returned 136
[0121.075] GetSystemMetrics (nIndex=35) returned 39
[0121.075] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.076] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e4ac) returned 1
[0121.076] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.076] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e310) returned 1
[0121.076] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.076] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e4ac) returned 1
[0121.077] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.077] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e310) returned 1
[0121.077] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.077] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e4ac) returned 1
[0121.077] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.077] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e310) returned 1
[0121.077] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.077] AdjustWindowRectEx (in: lpRect=0xd7e168, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e168) returned 1
[0121.078] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.078] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e4ac) returned 1
[0121.078] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.078] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e310) returned 1
[0121.078] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.078] AdjustWindowRectEx (in: lpRect=0xd7e168, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e168) returned 1
[0121.078] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.079] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e4ac) returned 1
[0121.079] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.079] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x560100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e310) returned 1
[0121.079] GetSystemMetrics (nIndex=5) returned 1
[0121.079] GetSystemMetrics (nIndex=6) returned 1
[0121.079] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.079] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e4ac) returned 1
[0121.079] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.079] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e310) returned 1
[0121.079] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.080] AdjustWindowRectEx (in: lpRect=0xd7e168, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e168) returned 1
[0121.080] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.080] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e4ac) returned 1
[0121.080] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.080] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e310) returned 1
[0121.080] GetSystemMetrics (nIndex=5) returned 1
[0121.080] GetSystemMetrics (nIndex=6) returned 1
[0121.080] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.080] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e4ac) returned 1
[0121.080] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.080] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e310) returned 1
[0121.080] GetSystemMetrics (nIndex=5) returned 1
[0121.080] GetSystemMetrics (nIndex=6) returned 1
[0121.081] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.081] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e4ac) returned 1
[0121.081] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.081] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e310) returned 1
[0121.081] GetSystemMetrics (nIndex=5) returned 1
[0121.081] GetSystemMetrics (nIndex=6) returned 1
[0121.081] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.081] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e4ac) returned 1
[0121.081] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.081] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e310) returned 1
[0121.081] GetSystemMetrics (nIndex=5) returned 1
[0121.081] GetSystemMetrics (nIndex=6) returned 1
[0121.082] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.082] AdjustWindowRectEx (in: lpRect=0xd7e4ac, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e4ac) returned 1
[0121.082] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6fd40000
[0121.082] AdjustWindowRectEx (in: lpRect=0xd7e310, dwStyle=0x460100c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e310) returned 1
[0121.082] GetSystemMetrics (nIndex=5) returned 1
[0121.082] GetSystemMetrics (nIndex=6) returned 1
[0121.091] GetCurrentActCtx (in: lphActCtx=0xd7edb4 | out: lphActCtx=0xd7edb4*=0x0) returned 1
[0121.091] ActivateActCtx (in: hActCtx=0x11b39e4, lpCookie=0xd7edc4 | out: hActCtx=0x11b39e4, lpCookie=0xd7edc4) returned 1
[0121.091] GetCurrentActCtx (in: lphActCtx=0xd7ebd4 | out: lphActCtx=0xd7ebd4*=0x11b39e4) returned 1
[0121.092] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x0
[0121.094] LoadLibraryW (lpLibFileName="comctl32.dll") returned 0x6f520000
[0122.465] AdjustWindowRectEx (in: lpRect=0xd7eb34, dwStyle=0x2cc0000, bMenu=0, dwExStyle=0x50000 | out: lpRect=0xd7eb34) returned 1
[0122.465] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.465] CreateWindowExW (dwExStyle=0x50000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2cc0000, X=-2147483648, Y=-2147483648, nWidth=817, nHeight=492, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x7005c
[0122.466] SetWindowLongW (hWnd=0x7005c, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0122.466] GetWindowLongW (hWnd=0x7005c, nIndex=-4) returned 1950089536
[0122.467] SetWindowLongW (hWnd=0x7005c, nIndex=-4, dwNewLong=19925766) returned 1950089536
[0122.467] GetWindowLongW (hWnd=0x7005c, nIndex=-4) returned 19925766
[0122.467] GetWindowLongW (hWnd=0x7005c, nIndex=-16) returned 114032640
[0122.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x81, wParam=0x0, lParam=0xd7e5f8) returned 0x1
[0122.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x83, wParam=0x0, lParam=0xd7e5e4) returned 0x0
[0122.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1, wParam=0x0, lParam=0xd7e5f8) returned 0x0
[0122.472] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e2b0 | out: lpRect=0xd7e2b0) returned 1
[0122.472] GetWindowRect (in: hWnd=0x7005c, lpRect=0xd7e2b0 | out: lpRect=0xd7e2b0) returned 1
[0122.473] SetWindowTextW (hWnd=0x7005c, lpString="BB ransomware") returned 1
[0122.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc, wParam=0x0, lParam=0x2c280c0) returned 0x1
[0122.475] GetStartupInfoW (in: lpStartupInfo=0x2c54b74 | out: lpStartupInfo=0x2c54b74*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0122.477] GetParent (hWnd=0x7005c) returned 0x0
[0122.477] SetWindowLongW (hWnd=0x7005c, nIndex=-8, dwNewLong=0) returned 0
[0122.479] GetSystemMetrics (nIndex=49) returned 16
[0122.479] GetSystemMetrics (nIndex=50) returned 16
[0122.479] CreateIconFromResourceEx (presbits=0x2c54bf4, dwResSize=0x468, fIcon=1, dwVer=0x30000, cxDesired=0, cyDesired=0, Flags=0x0) returned 0x501ed
[0122.483] SendMessageW (hWnd=0x7005c, Msg=0x80, wParam=0x0, lParam=0x501ed) returned 0x0
[0122.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x80, wParam=0x0, lParam=0x501ed) returned 0x0
[0122.485] SendMessageW (hWnd=0x7005c, Msg=0x80, wParam=0x1, lParam=0xa0091) returned 0x0
[0122.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x80, wParam=0x1, lParam=0xa0091) returned 0x0
[0122.486] GetSystemMenu (hWnd=0x7005c, bRevert=0) returned 0x3f009d
[0122.686] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7ebe4 | out: lpwndpl=0xd7ebe4) returned 1
[0122.686] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0122.686] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0122.686] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0122.686] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0122.686] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf000, uEnable=0x0) returned 0
[0122.687] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7ec28 | out: lpRect=0xd7ec28) returned 1
[0122.687] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7eb88 | out: lpRect=0xd7eb88) returned 1
[0122.687] GetWindowRect (in: hWnd=0x7005c, lpRect=0xd7eb88 | out: lpRect=0xd7eb88) returned 1
[0122.687] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0122.688] GetWindowLongW (hWnd=0x7005c, nIndex=-16) returned 114032640
[0122.688] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0122.688] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0122.688] GetSystemMetrics (nIndex=42) returned 0
[0122.689] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7eb1c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0122.689] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7eb1c) returned 0xd
[0122.689] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0122.689] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0122.689] GetSystemMetrics (nIndex=42) returned 0
[0122.689] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7eb1c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0122.689] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7eb1c) returned 0xd
[0122.690] GetWindowLongW (hWnd=0x7005c, nIndex=-16) returned 114032640
[0122.690] GetWindowLongW (hWnd=0x7005c, nIndex=-20) returned 327936
[0122.690] SetWindowLongW (hWnd=0x7005c, nIndex=-16, dwNewLong=46923776) returned 114032640
[0122.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7eb84) returned 0x0
[0122.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7eb84) returned 0x0
[0122.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x501ed
[0122.694] SetWindowLongW (hWnd=0x7005c, nIndex=-20, dwNewLong=327680) returned 327936
[0122.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7c, wParam=0xffffffec, lParam=0xd7eb84) returned 0x0
[0122.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7d, wParam=0xffffffec, lParam=0xd7eb84) returned 0x0
[0122.695] SetWindowPos (hWnd=0x7005c, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0122.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7eb9c) returned 0x0
[0122.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x83, wParam=0x1, lParam=0xd7eb74) returned 0x0
[0122.696] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e8c8 | out: lpwndpl=0xd7e8c8) returned 1
[0122.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x47, wParam=0x0, lParam=0xd7eb9c) returned 0x0
[0122.697] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e878 | out: lpRect=0xd7e878) returned 1
[0122.697] GetWindowRect (in: hWnd=0x7005c, lpRect=0xd7e878 | out: lpRect=0xd7e878) returned 1
[0122.698] RedrawWindow (hWnd=0x7005c, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0122.698] GetSystemMenu (hWnd=0x7005c, bRevert=0) returned 0x3f009d
[0122.698] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7ebd4 | out: lpwndpl=0xd7ebd4) returned 1
[0122.698] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0122.698] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0122.698] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0122.698] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0122.698] EnableMenuItem (hMenu=0x3f009d, uIDEnableItem=0xf000, uEnable=0x0) returned 0
[0122.698] ShowWindow (hWnd=0x7005c, nCmdShow=5) returned 0
[0122.699] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0122.699] GetCurrentActCtx (in: lphActCtx=0xd7e824 | out: lphActCtx=0xd7e824*=0x11b39e4) returned 1
[0122.699] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0122.700] GetClassInfoW (in: hInstance=0x0, lpClassName="BUTTON", lpWndClass=0x2c5529c | out: lpWndClass=0x2c5529c) returned 1
[0122.749] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.750] CoTaskMemAlloc (cb=0x56) returned 0x11b8978
[0122.750] RegisterClassW (lpWndClass=0xd7e6d8) returned 0xc1a2
[0122.750] CoTaskMemFree (pv=0x11b8978)
[0122.750] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.750] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="Get me a decrypt code (check payment)", dwStyle=0x5601000b, X=550, Y=350, nWidth=222, nHeight=42, hWndParent=0x7005c, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x70036
[0122.841] SetWindowLongW (hWnd=0x70036, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0122.842] GetWindowLongW (hWnd=0x70036, nIndex=-4) returned 1868032000
[0122.842] SetWindowLongW (hWnd=0x70036, nIndex=-4, dwNewLong=19925846) returned 1868032000
[0122.842] GetWindowLongW (hWnd=0x70036, nIndex=-4) returned 19925846
[0122.842] GetWindowLongW (hWnd=0x70036, nIndex=-16) returned 1174470667
[0122.842] GetWindowLongW (hWnd=0x70036, nIndex=-12) returned 0
[0122.842] SetWindowLongW (hWnd=0x70036, nIndex=-12, dwNewLong=458806) returned 0
[0122.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x81, wParam=0x0, lParam=0xd7e248) returned 0x1
[0122.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x83, wParam=0x0, lParam=0xd7e234) returned 0x0
[0122.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x1, wParam=0x0, lParam=0xd7e248) returned 0x0
[0122.847] SendMessageW (hWnd=0x70036, Msg=0x2055, wParam=0x70036, lParam=0x3) returned 0x2
[0122.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0122.848] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0122.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0122.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0122.848] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0122.848] RedrawWindow (hWnd=0x70036, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0122.848] RedrawWindow (hWnd=0x7005c, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0122.849] GetWindow (hWnd=0x70036, uCmd=0x3) returned 0x0
[0122.849] GetClientRect (in: hWnd=0x70036, lpRect=0xd7dee8 | out: lpRect=0xd7dee8) returned 1
[0122.849] GetWindowRect (in: hWnd=0x70036, lpRect=0xd7dee8 | out: lpRect=0xd7dee8) returned 1
[0122.849] GetParent (hWnd=0x70036) returned 0x7005c
[0122.849] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7dee8, cPoints=0x2 | out: lpPoints=0xd7dee8) returned -13893822
[0122.850] SetWindowTextW (hWnd=0x70036, lpString="Get me a decrypt code (check payment)") returned 1
[0122.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0xc, wParam=0x0, lParam=0x2c2802c) returned 0x1
[0122.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x5, wParam=0x0, lParam=0x2a00de) returned 0x0
[0122.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x3, wParam=0x0, lParam=0x15e0226) returned 0x0
[0122.851] GetClientRect (in: hWnd=0x70036, lpRect=0xd7df40 | out: lpRect=0xd7df40) returned 1
[0122.851] GetWindowRect (in: hWnd=0x70036, lpRect=0xd7df40 | out: lpRect=0xd7df40) returned 1
[0122.851] GetParent (hWnd=0x70036) returned 0x7005c
[0122.851] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7df40, cPoints=0x2 | out: lpPoints=0xd7df40) returned -13893822
[0122.851] SendMessageW (hWnd=0x70036, Msg=0x2210, wParam=0x360001, lParam=0x70036) returned 0x0
[0122.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x2210, wParam=0x360001, lParam=0x70036) returned 0x0
[0122.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0122.851] GetParent (hWnd=0x70036) returned 0x7005c
[0122.851] GetCurrentActCtx (in: lphActCtx=0xd7e824 | out: lphActCtx=0xd7e824*=0x11b39e4) returned 1
[0122.852] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0122.852] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.852] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="Decrypt file", dwStyle=0x5601000b, X=29, Y=402, nWidth=75, nHeight=23, hWndParent=0x7005c, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x602c4
[0122.853] SetWindowLongW (hWnd=0x602c4, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0122.853] GetWindowLongW (hWnd=0x602c4, nIndex=-4) returned 1868032000
[0122.853] SetWindowLongW (hWnd=0x602c4, nIndex=-4, dwNewLong=19925886) returned 1868032000
[0122.853] GetWindowLongW (hWnd=0x602c4, nIndex=-4) returned 19925886
[0122.853] GetWindowLongW (hWnd=0x602c4, nIndex=-16) returned 1174470667
[0122.853] GetWindowLongW (hWnd=0x602c4, nIndex=-12) returned 0
[0122.853] SetWindowLongW (hWnd=0x602c4, nIndex=-12, dwNewLong=393924) returned 0
[0122.854] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x81, wParam=0x0, lParam=0xd7e248) returned 0x1
[0122.854] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x83, wParam=0x0, lParam=0xd7e234) returned 0x0
[0122.854] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x1, wParam=0x0, lParam=0xd7e248) returned 0x0
[0122.856] SendMessageW (hWnd=0x602c4, Msg=0x2055, wParam=0x602c4, lParam=0x3) returned 0x2
[0122.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0122.856] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0122.856] GetWindow (hWnd=0x602c4, uCmd=0x3) returned 0x70036
[0122.856] GetClientRect (in: hWnd=0x602c4, lpRect=0xd7dee8 | out: lpRect=0xd7dee8) returned 1
[0122.856] GetWindowRect (in: hWnd=0x602c4, lpRect=0xd7dee8 | out: lpRect=0xd7dee8) returned 1
[0122.856] GetParent (hWnd=0x602c4) returned 0x7005c
[0122.856] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7dee8, cPoints=0x2 | out: lpPoints=0xd7dee8) returned -13893822
[0122.856] SetWindowTextW (hWnd=0x602c4, lpString="Decrypt file") returned 1
[0122.856] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc, wParam=0x0, lParam=0x2c27fe8) returned 0x1
[0122.857] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x5, wParam=0x0, lParam=0x17004b) returned 0x0
[0122.857] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x3, wParam=0x0, lParam=0x192001d) returned 0x0
[0122.857] GetClientRect (in: hWnd=0x602c4, lpRect=0xd7df40 | out: lpRect=0xd7df40) returned 1
[0122.857] GetWindowRect (in: hWnd=0x602c4, lpRect=0xd7df40 | out: lpRect=0xd7df40) returned 1
[0122.857] GetParent (hWnd=0x602c4) returned 0x7005c
[0122.857] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7df40, cPoints=0x2 | out: lpPoints=0xd7df40) returned -13893822
[0122.857] SendMessageW (hWnd=0x602c4, Msg=0x2210, wParam=0x2c40001, lParam=0x602c4) returned 0x0
[0122.857] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2210, wParam=0x2c40001, lParam=0x602c4) returned 0x0
[0122.857] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0122.858] GetParent (hWnd=0x602c4) returned 0x7005c
[0122.858] GetCurrentActCtx (in: lphActCtx=0xd7e824 | out: lphActCtx=0xd7e824*=0x11b39e4) returned 1
[0122.858] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0122.858] GetClassInfoW (in: hInstance=0x0, lpClassName="STATIC", lpWndClass=0x2c556f8 | out: lpWndClass=0x2c556f8) returned 1
[0122.859] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.859] CoTaskMemAlloc (cb=0x56) returned 0x11b8e58
[0122.859] RegisterClassW (lpWndClass=0xd7e6d8) returned 0xc1a3
[0122.860] CoTaskMemFree (pv=0x11b8e58)
[0122.860] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.860] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName="Path:", dwStyle=0x5600000d, X=7, Y=379, nWidth=32, nHeight=13, hWndParent=0x7005c, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x901f8
[0122.860] SetWindowLongW (hWnd=0x901f8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0122.860] GetWindowLongW (hWnd=0x901f8, nIndex=-4) returned 1868147648
[0122.861] SetWindowLongW (hWnd=0x901f8, nIndex=-4, dwNewLong=19925966) returned 1868147648
[0122.861] GetWindowLongW (hWnd=0x901f8, nIndex=-4) returned 19925966
[0122.861] GetWindowLongW (hWnd=0x901f8, nIndex=-16) returned 1174405133
[0122.861] GetWindowLongW (hWnd=0x901f8, nIndex=-12) returned 0
[0122.861] SetWindowLongW (hWnd=0x901f8, nIndex=-12, dwNewLong=590328) returned 0
[0122.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x81, wParam=0x0, lParam=0xd7e248) returned 0x1
[0122.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x83, wParam=0x0, lParam=0xd7e234) returned 0x0
[0122.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x1, wParam=0x0, lParam=0xd7e248) returned 0x0
[0122.863] GetWindow (hWnd=0x901f8, uCmd=0x3) returned 0x602c4
[0122.863] GetClientRect (in: hWnd=0x901f8, lpRect=0xd7def4 | out: lpRect=0xd7def4) returned 1
[0122.864] GetWindowRect (in: hWnd=0x901f8, lpRect=0xd7def4 | out: lpRect=0xd7def4) returned 1
[0122.864] GetParent (hWnd=0x901f8) returned 0x7005c
[0122.864] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7def4, cPoints=0x2 | out: lpPoints=0xd7def4) returned -13893822
[0122.864] SetWindowTextW (hWnd=0x901f8, lpString="Path:") returned 1
[0122.864] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0xc, wParam=0x0, lParam=0x2c27fb4) returned 0x1
[0122.864] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x5, wParam=0x0, lParam=0xd0020) returned 0x0
[0122.865] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x3, wParam=0x0, lParam=0x17b0007) returned 0x0
[0122.865] GetClientRect (in: hWnd=0x901f8, lpRect=0xd7df4c | out: lpRect=0xd7df4c) returned 1
[0122.865] GetWindowRect (in: hWnd=0x901f8, lpRect=0xd7df4c | out: lpRect=0xd7df4c) returned 1
[0122.865] GetParent (hWnd=0x901f8) returned 0x7005c
[0122.865] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7df4c, cPoints=0x2 | out: lpPoints=0xd7df4c) returned -13893822
[0122.865] SendMessageW (hWnd=0x901f8, Msg=0x2210, wParam=0x1f80001, lParam=0x901f8) returned 0x0
[0122.865] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x2210, wParam=0x1f80001, lParam=0x901f8) returned 0x0
[0122.865] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0122.865] GetParent (hWnd=0x901f8) returned 0x7005c
[0122.865] GetCurrentActCtx (in: lphActCtx=0xd7e824 | out: lphActCtx=0xd7e824*=0x11b39e4) returned 1
[0122.866] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0122.866] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.866] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName="If you have a special decrypt code, please select Path and\r\ndecrypt file", dwStyle=0x5600000d, X=14, Y=307, nWidth=416, nHeight=40, hWndParent=0x7005c, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x70030
[0122.867] SetWindowLongW (hWnd=0x70030, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0122.867] GetWindowLongW (hWnd=0x70030, nIndex=-4) returned 1868147648
[0122.867] SetWindowLongW (hWnd=0x70030, nIndex=-4, dwNewLong=19926006) returned 1868147648
[0122.867] GetWindowLongW (hWnd=0x70030, nIndex=-4) returned 19926006
[0122.867] GetWindowLongW (hWnd=0x70030, nIndex=-16) returned 1174405133
[0122.867] GetWindowLongW (hWnd=0x70030, nIndex=-12) returned 0
[0122.867] SetWindowLongW (hWnd=0x70030, nIndex=-12, dwNewLong=458800) returned 0
[0122.867] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x81, wParam=0x0, lParam=0xd7e248) returned 0x1
[0122.868] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x83, wParam=0x0, lParam=0xd7e234) returned 0x0
[0122.868] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x1, wParam=0x0, lParam=0xd7e248) returned 0x0
[0122.869] GetWindow (hWnd=0x70030, uCmd=0x3) returned 0x901f8
[0122.869] GetClientRect (in: hWnd=0x70030, lpRect=0xd7def4 | out: lpRect=0xd7def4) returned 1
[0122.869] GetWindowRect (in: hWnd=0x70030, lpRect=0xd7def4 | out: lpRect=0xd7def4) returned 1
[0122.869] GetParent (hWnd=0x70030) returned 0x7005c
[0122.869] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7def4, cPoints=0x2 | out: lpPoints=0xd7def4) returned -13893822
[0122.869] SetWindowTextW (hWnd=0x70030, lpString="If you have a special decrypt code, please select Path and\r\ndecrypt file") returned 1
[0122.869] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0xc, wParam=0x0, lParam=0x2c27ef8) returned 0x1
[0122.870] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x5, wParam=0x0, lParam=0x2801a0) returned 0x0
[0122.870] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x3, wParam=0x0, lParam=0x133000e) returned 0x0
[0122.870] GetClientRect (in: hWnd=0x70030, lpRect=0xd7df4c | out: lpRect=0xd7df4c) returned 1
[0122.870] GetWindowRect (in: hWnd=0x70030, lpRect=0xd7df4c | out: lpRect=0xd7df4c) returned 1
[0122.870] GetParent (hWnd=0x70030) returned 0x7005c
[0122.870] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7df4c, cPoints=0x2 | out: lpPoints=0xd7df4c) returned -13893822
[0122.870] SendMessageW (hWnd=0x70030, Msg=0x2210, wParam=0x300001, lParam=0x70030) returned 0x0
[0122.870] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x2210, wParam=0x300001, lParam=0x70030) returned 0x0
[0122.870] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0122.871] GetParent (hWnd=0x70030) returned 0x7005c
[0122.871] GetCurrentActCtx (in: lphActCtx=0xd7e800 | out: lphActCtx=0xd7e800*=0x11b39e4) returned 1
[0122.871] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0122.871] GetClassInfoW (in: hInstance=0x0, lpClassName="EDIT", lpWndClass=0x2c55b0c | out: lpWndClass=0x2c55b0c) returned 1
[0122.872] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.873] CoTaskMemAlloc (cb=0x52) returned 0x11b8b58
[0122.873] RegisterClassW (lpWndClass=0xd7e6b4) returned 0xc1a5
[0122.873] CoTaskMemFree (pv=0x11b8b58)
[0122.873] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.873] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x560100c0, X=45, Y=376, nWidth=100, nHeight=20, hWndParent=0x7005c, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x6002e
[0122.874] SetWindowLongW (hWnd=0x6002e, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0122.874] GetWindowLongW (hWnd=0x6002e, nIndex=-4) returned 1868026976
[0122.874] SetWindowLongW (hWnd=0x6002e, nIndex=-4, dwNewLong=19926086) returned 1868026976
[0122.874] GetWindowLongW (hWnd=0x6002e, nIndex=-4) returned 19926086
[0122.874] GetWindowLongW (hWnd=0x6002e, nIndex=-16) returned 1174470848
[0122.874] GetWindowLongW (hWnd=0x6002e, nIndex=-12) returned 0
[0122.874] SetWindowLongW (hWnd=0x6002e, nIndex=-12, dwNewLong=393262) returned 0
[0122.874] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x81, wParam=0x0, lParam=0xd7e220) returned 0x1
[0122.878] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x83, wParam=0x0, lParam=0xd7e20c) returned 0x0
[0122.878] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x1, wParam=0x0, lParam=0xd7e220) returned 0x1
[0122.887] SendMessageW (hWnd=0x6002e, Msg=0x2055, wParam=0x6002e, lParam=0x3) returned 0x2
[0122.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0122.887] GetWindow (hWnd=0x6002e, uCmd=0x3) returned 0x70030
[0122.887] GetClientRect (in: hWnd=0x6002e, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0122.887] GetWindowRect (in: hWnd=0x6002e, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0122.887] GetParent (hWnd=0x6002e) returned 0x7005c
[0122.887] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7dee0, cPoints=0x2 | out: lpPoints=0xd7dee0) returned -13893822
[0122.887] SendMessageW (hWnd=0x6002e, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0122.887] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0122.888] SendMessageW (hWnd=0x6002e, Msg=0xd3, wParam=0x3, lParam=0x0) returned 0x0
[0122.888] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd3, wParam=0x3, lParam=0x0) returned 0x0
[0122.888] GetSystemMetrics (nIndex=5) returned 1
[0122.888] GetSystemMetrics (nIndex=6) returned 1
[0122.888] SendMessageW (hWnd=0x6002e, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0122.888] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0122.888] SendMessageW (hWnd=0x6002e, Msg=0xd2, wParam=0x0, lParam=0x0) returned 0x0
[0122.889] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd2, wParam=0x0, lParam=0x0) returned 0x0
[0122.889] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x5, wParam=0x0, lParam=0x100060) returned 0x0
[0122.890] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x3, wParam=0x0, lParam=0x17a002f) returned 0x0
[0122.890] GetClientRect (in: hWnd=0x6002e, lpRect=0xd7df38 | out: lpRect=0xd7df38) returned 1
[0122.890] GetWindowRect (in: hWnd=0x6002e, lpRect=0xd7df38 | out: lpRect=0xd7df38) returned 1
[0122.890] GetParent (hWnd=0x6002e) returned 0x7005c
[0122.890] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7df38, cPoints=0x2 | out: lpPoints=0xd7df38) returned -13893822
[0122.890] SendMessageW (hWnd=0x6002e, Msg=0x2210, wParam=0x2e0001, lParam=0x6002e) returned 0x0
[0122.890] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x2210, wParam=0x2e0001, lParam=0x6002e) returned 0x0
[0122.890] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0122.890] GetParent (hWnd=0x6002e) returned 0x7005c
[0122.890] GetCurrentActCtx (in: lphActCtx=0xd7e824 | out: lphActCtx=0xd7e824*=0x11b39e4) returned 1
[0122.891] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0122.891] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0122.891] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code", dwStyle=0x5600000d, X=12, Y=9, nWidth=657, nHeight=231, hWndParent=0x7005c, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x202d4
[0122.892] SetWindowLongW (hWnd=0x202d4, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0122.892] GetWindowLongW (hWnd=0x202d4, nIndex=-4) returned 1868147648
[0122.892] SetWindowLongW (hWnd=0x202d4, nIndex=-4, dwNewLong=19926126) returned 1868147648
[0122.892] GetWindowLongW (hWnd=0x202d4, nIndex=-4) returned 19926126
[0122.892] GetWindowLongW (hWnd=0x202d4, nIndex=-16) returned 1174405133
[0122.892] GetWindowLongW (hWnd=0x202d4, nIndex=-12) returned 0
[0122.893] SetWindowLongW (hWnd=0x202d4, nIndex=-12, dwNewLong=131796) returned 0
[0122.893] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x81, wParam=0x0, lParam=0xd7e248) returned 0x1
[0122.893] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x83, wParam=0x0, lParam=0xd7e234) returned 0x0
[0122.894] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x1, wParam=0x0, lParam=0xd7e248) returned 0x0
[0122.895] GetWindow (hWnd=0x202d4, uCmd=0x3) returned 0x6002e
[0122.895] GetClientRect (in: hWnd=0x202d4, lpRect=0xd7def4 | out: lpRect=0xd7def4) returned 1
[0122.895] GetWindowRect (in: hWnd=0x202d4, lpRect=0xd7def4 | out: lpRect=0xd7def4) returned 1
[0122.895] GetParent (hWnd=0x202d4) returned 0x7005c
[0122.895] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7def4, cPoints=0x2 | out: lpPoints=0xd7def4) returned -13893822
[0122.895] SetWindowTextW (hWnd=0x202d4, lpString="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code") returned 1
[0122.895] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0xc, wParam=0x0, lParam=0x2c27d88) returned 0x1
[0122.896] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x5, wParam=0x0, lParam=0xe70291) returned 0x0
[0122.896] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x3, wParam=0x0, lParam=0x9000c) returned 0x0
[0122.896] GetClientRect (in: hWnd=0x202d4, lpRect=0xd7df4c | out: lpRect=0xd7df4c) returned 1
[0122.896] GetWindowRect (in: hWnd=0x202d4, lpRect=0xd7df4c | out: lpRect=0xd7df4c) returned 1
[0122.896] GetParent (hWnd=0x202d4) returned 0x7005c
[0122.896] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x7005c, lpPoints=0xd7df4c, cPoints=0x2 | out: lpPoints=0xd7df4c) returned -13893822
[0122.896] SendMessageW (hWnd=0x202d4, Msg=0x2210, wParam=0x2d40001, lParam=0x202d4) returned 0x0
[0122.896] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x2210, wParam=0x2d40001, lParam=0x202d4) returned 0x0
[0122.896] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0122.897] GetParent (hWnd=0x202d4) returned 0x7005c
[0122.897] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0122.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0122.898] GetSystemMetrics (nIndex=42) returned 0
[0122.898] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e7c0, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0122.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e7c0) returned 0xd
[0129.999] CoTaskMemAlloc (cb=0x20c) returned 0x1183358
[0129.999] SHGetFolderPathW (in: hwnd=0x0, csidl=39, hToken=0x0, dwFlags=0x0, pszPath=0x1183358 | out: pszPath="C:\\Users\\FD1HVy\\Pictures") returned 0x0
[0130.005] CoTaskMemFree (pv=0x1183358)
[0130.005] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0130.005] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0130.097] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0130.097] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0130.132] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0130.132] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0130.132] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x10
[0130.133] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy", nBufferLength=0x10, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy", lpFilePart=0x0) returned 0xf
[0130.133] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0130.133] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0130.133] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6ac) returned 1
[0130.133] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures" (normalized: "c:\\users\\fd1hvy\\pictures"), fInfoLevelId=0x0, lpFileInformation=0xd7e728 | out: lpFileInformation=0xd7e728*(dwFileAttributes=0x11, ftCreationTime.dwLowDateTime=0x3476bd48, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0xe888ac60, ftLastAccessTime.dwHighDateTime=0x1d5f12a, ftLastWriteTime.dwLowDateTime=0xe888ac60, ftLastWriteTime.dwHighDateTime=0x1d5f12a, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
[0130.133] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a8) returned 1
[0130.133] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0130.133] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0130.133] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a0) returned 1
[0130.133] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures" (normalized: "c:\\users\\fd1hvy\\pictures"), fInfoLevelId=0x0, lpFileInformation=0xd7e71c | out: lpFileInformation=0xd7e71c*(dwFileAttributes=0x11, ftCreationTime.dwLowDateTime=0x3476bd48, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0xe888ac60, ftLastAccessTime.dwHighDateTime=0x1d5f12a, ftLastWriteTime.dwLowDateTime=0xe888ac60, ftLastWriteTime.dwHighDateTime=0x1d5f12a, nFileSizeHigh=0x0, nFileSizeLow=0x1000)) returned 1
[0130.133] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e69c) returned 1
[0130.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e708) returned 1
[0130.174] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x10
[0130.174] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy", nBufferLength=0x10, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy", lpFilePart=0x0) returned 0xf
[0130.175] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", lpFindFileData=0xd7e430 | out: lpFindFileData=0xd7e430*(dwFileAttributes=0x11, ftCreationTime.dwLowDateTime=0x3476bd48, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0xe888ac60, ftLastAccessTime.dwHighDateTime=0x1d5f12a, ftLastWriteTime.dwLowDateTime=0xe888ac60, ftLastWriteTime.dwHighDateTime=0x1d5f12a, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="Pictures", cAlternateFileName="")) returned 0x11a1650
[0130.178] FindNextFileW (in: hFindFile=0x11a1650, lpFindFileData=0xd7e43c | out: lpFindFileData=0xd7e43c*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0130.178] FindClose (in: hFindFile=0x11a1650 | out: hFindFile=0x11a1650) returned 1
[0130.178] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6c4) returned 1
[0130.178] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0130.178] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e774) returned 1
[0130.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0130.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0130.179] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\*", lpFindFileData=0xd7e49c | out: lpFindFileData=0xd7e49c*(dwFileAttributes=0x11, ftCreationTime.dwLowDateTime=0x3476bd48, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0xe888ac60, ftLastAccessTime.dwHighDateTime=0x1d5f12a, ftLastWriteTime.dwLowDateTime=0xe888ac60, ftLastWriteTime.dwHighDateTime=0x1d5f12a, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName=".", cAlternateFileName="")) returned 0x11a1210
[0130.180] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x11, ftCreationTime.dwLowDateTime=0x3476bd48, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0xe888ac60, ftLastAccessTime.dwHighDateTime=0x1d5f12a, ftLastWriteTime.dwLowDateTime=0xe888ac60, ftLastWriteTime.dwHighDateTime=0x1d5f12a, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="..", cAlternateFileName="")) returned 1
[0130.180] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1b909f60, ftCreationTime.dwHighDateTime=0x1d5f0b4, ftLastAccessTime.dwLowDateTime=0x8bf9f730, ftLastAccessTime.dwHighDateTime=0x1d5e64e, ftLastWriteTime.dwLowDateTime=0x8bf9f730, ftLastWriteTime.dwHighDateTime=0x1d5e64e, nFileSizeHigh=0x0, nFileSizeLow=0x52f7, dwReserved0=0x0, dwReserved1=0x0, cFileName="5rqjW_ugsw1wGmp9oS5p.bmp", cAlternateFileName="5RQJW_~1.BMP")) returned 1
[0130.181] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x9d24a480, ftCreationTime.dwHighDateTime=0x1d5ed18, ftLastAccessTime.dwLowDateTime=0x52d1a140, ftLastAccessTime.dwHighDateTime=0x1d5e434, ftLastWriteTime.dwLowDateTime=0x52d1a140, ftLastWriteTime.dwHighDateTime=0x1d5e434, nFileSizeHigh=0x0, nFileSizeLow=0xcea7, dwReserved0=0x0, dwReserved1=0x0, cFileName="7ETK mHdCHVI4g.jpg", cAlternateFileName="7ETKMH~1.JPG")) returned 1
[0130.181] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x48729130, ftCreationTime.dwHighDateTime=0x1d5ede1, ftLastAccessTime.dwLowDateTime=0xc3daf3e0, ftLastAccessTime.dwHighDateTime=0x1d5e174, ftLastWriteTime.dwLowDateTime=0xc3daf3e0, ftLastWriteTime.dwHighDateTime=0x1d5e174, nFileSizeHigh=0x0, nFileSizeLow=0x5227, dwReserved0=0x0, dwReserved1=0x0, cFileName="7LPg.gif", cAlternateFileName="")) returned 1
[0130.181] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfb766fc0, ftCreationTime.dwHighDateTime=0x1d5f0a9, ftLastAccessTime.dwLowDateTime=0xdcb5de50, ftLastAccessTime.dwHighDateTime=0x1d5f03f, ftLastWriteTime.dwLowDateTime=0xdcb5de50, ftLastWriteTime.dwHighDateTime=0x1d5f03f, nFileSizeHigh=0x0, nFileSizeLow=0xe638, dwReserved0=0x0, dwReserved1=0x0, cFileName="AApAl2.bmp", cAlternateFileName="")) returned 1
[0130.181] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x11, ftCreationTime.dwLowDateTime=0x51278b1d, ftCreationTime.dwHighDateTime=0x1d32715, ftLastAccessTime.dwLowDateTime=0xd45b4543, ftLastAccessTime.dwHighDateTime=0x1d47ca3, ftLastWriteTime.dwLowDateTime=0x51278b1d, ftLastWriteTime.dwHighDateTime=0x1d32715, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="Camera Roll", cAlternateFileName="CAMERA~1")) returned 1
[0130.182] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x26, ftCreationTime.dwLowDateTime=0x44053085, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0x44053085, ftLastAccessTime.dwHighDateTime=0x1d32722, ftLastWriteTime.dwLowDateTime=0xce2f1526, ftLastWriteTime.dwHighDateTime=0x1d32743, nFileSizeHigh=0x0, nFileSizeLow=0x1f8, dwReserved0=0x0, dwReserved1=0x0, cFileName="desktop.ini", cAlternateFileName="")) returned 1
[0130.182] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xdb09b280, ftCreationTime.dwHighDateTime=0x1d5e97c, ftLastAccessTime.dwLowDateTime=0xac2048e0, ftLastAccessTime.dwHighDateTime=0x1d5edb8, ftLastWriteTime.dwLowDateTime=0xac2048e0, ftLastWriteTime.dwHighDateTime=0x1d5edb8, nFileSizeHigh=0x0, nFileSizeLow=0xfd5b, dwReserved0=0x0, dwReserved1=0x0, cFileName="GEhqqA3sYQSkI7fC9OYU.gif", cAlternateFileName="GEHQQA~1.GIF")) returned 1
[0130.182] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x3cd79c30, ftCreationTime.dwHighDateTime=0x1d5e3fa, ftLastAccessTime.dwLowDateTime=0xbe854ec0, ftLastAccessTime.dwHighDateTime=0x1d5e58b, ftLastWriteTime.dwLowDateTime=0xbe854ec0, ftLastWriteTime.dwHighDateTime=0x1d5e58b, nFileSizeHigh=0x0, nFileSizeLow=0x15055, dwReserved0=0x0, dwReserved1=0x0, cFileName="ki_dMhqLHqic_TxbGMI.png", cAlternateFileName="KI_DMH~1.PNG")) returned 1
[0130.182] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xe46a0e90, ftCreationTime.dwHighDateTime=0x1d5e893, ftLastAccessTime.dwLowDateTime=0xa4ace9e0, ftLastAccessTime.dwHighDateTime=0x1d5e879, ftLastWriteTime.dwLowDateTime=0xa4ace9e0, ftLastWriteTime.dwHighDateTime=0x1d5e879, nFileSizeHigh=0x0, nFileSizeLow=0xf949, dwReserved0=0x0, dwReserved1=0x0, cFileName="MousZfNe-KkO2Ra2yCe.jpg", cAlternateFileName="MOUSZF~1.JPG")) returned 1
[0130.183] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1abb6f10, ftCreationTime.dwHighDateTime=0x1d5ec14, ftLastAccessTime.dwLowDateTime=0x4a2c73f0, ftLastAccessTime.dwHighDateTime=0x1d5e4d2, ftLastWriteTime.dwLowDateTime=0x4a2c73f0, ftLastWriteTime.dwHighDateTime=0x1d5e4d2, nFileSizeHigh=0x0, nFileSizeLow=0xa0cb, dwReserved0=0x0, dwReserved1=0x0, cFileName="Ond8yRC_W27YxY.gif", cAlternateFileName="OND8YR~1.GIF")) returned 1
[0130.183] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x34bca180, ftCreationTime.dwHighDateTime=0x1d5e2ab, ftLastAccessTime.dwLowDateTime=0x10d21f60, ftLastAccessTime.dwHighDateTime=0x1d5efdb, ftLastWriteTime.dwLowDateTime=0x10d21f60, ftLastWriteTime.dwHighDateTime=0x1d5efdb, nFileSizeHigh=0x0, nFileSizeLow=0xbd54, dwReserved0=0x0, dwReserved1=0x0, cFileName="OxeAL5Z.png", cAlternateFileName="")) returned 1
[0130.183] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xb9dc9f50, ftCreationTime.dwHighDateTime=0x1d5e56c, ftLastAccessTime.dwLowDateTime=0x957aee90, ftLastAccessTime.dwHighDateTime=0x1d5e6ad, ftLastWriteTime.dwLowDateTime=0x957aee90, ftLastWriteTime.dwHighDateTime=0x1d5e6ad, nFileSizeHigh=0x0, nFileSizeLow=0xd20b, dwReserved0=0x0, dwReserved1=0x0, cFileName="s8nj.png", cAlternateFileName="")) returned 1
[0130.183] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x11, ftCreationTime.dwLowDateTime=0x51311410, ftCreationTime.dwHighDateTime=0x1d32715, ftLastAccessTime.dwLowDateTime=0xd45b4e37, ftLastAccessTime.dwHighDateTime=0x1d47ca3, ftLastWriteTime.dwLowDateTime=0x51311410, ftLastWriteTime.dwHighDateTime=0x1d32715, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="Saved Pictures", cAlternateFileName="SAVEDP~1")) returned 1
[0130.183] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x6fb066e0, ftCreationTime.dwHighDateTime=0x1d5eb8f, ftLastAccessTime.dwLowDateTime=0x1db404b0, ftLastAccessTime.dwHighDateTime=0x1d5ec0b, ftLastWriteTime.dwLowDateTime=0x1db404b0, ftLastWriteTime.dwHighDateTime=0x1d5ec0b, nFileSizeHigh=0x0, nFileSizeLow=0x10ab2, dwReserved0=0x0, dwReserved1=0x0, cFileName="vjEaj00hwfV8Ke_N_Svq.png", cAlternateFileName="VJEAJ0~1.PNG")) returned 1
[0130.184] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x46337150, ftCreationTime.dwHighDateTime=0x1d5e5b7, ftLastAccessTime.dwLowDateTime=0x41593130, ftLastAccessTime.dwHighDateTime=0x1d5e501, ftLastWriteTime.dwLowDateTime=0x41593130, ftLastWriteTime.dwHighDateTime=0x1d5e501, nFileSizeHigh=0x0, nFileSizeLow=0x14257, dwReserved0=0x0, dwReserved1=0x0, cFileName="WUFAiJkFD.jpg", cAlternateFileName="WUFAIJ~1.JPG")) returned 1
[0130.184] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x10, ftCreationTime.dwLowDateTime=0xb51f0140, ftCreationTime.dwHighDateTime=0x1d5eb40, ftLastAccessTime.dwLowDateTime=0x205a8090, ftLastAccessTime.dwHighDateTime=0x1d5eb2f, ftLastWriteTime.dwLowDateTime=0x205a8090, ftLastWriteTime.dwHighDateTime=0x1d5eb2f, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="X9xLWVc2yfU5t8Iatv", cAlternateFileName="X9XLWV~1")) returned 1
[0130.184] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x83995b90, ftCreationTime.dwHighDateTime=0x1d5ed50, ftLastAccessTime.dwLowDateTime=0xe09f8820, ftLastAccessTime.dwHighDateTime=0x1d5ed6c, ftLastWriteTime.dwLowDateTime=0xe09f8820, ftLastWriteTime.dwHighDateTime=0x1d5ed6c, nFileSizeHigh=0x0, nFileSizeLow=0xf912, dwReserved0=0x0, dwReserved1=0x0, cFileName="yGO_eUa0GP_FKyiBj.bmp", cAlternateFileName="YGO_EU~1.BMP")) returned 1
[0130.184] FindNextFileW (in: hFindFile=0x11a1210, lpFindFileData=0xd7e4a8 | out: lpFindFileData=0xd7e4a8*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0130.184] FindClose (in: hFindFile=0x11a1210 | out: hFindFile=0x11a1210) returned 1
[0130.184] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e730) returned 1
[0130.185] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e73c) returned 1
[0130.209] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0130.209] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFilePart=0x0) returned 0x31
[0130.209] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0130.209] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\5rqjw_ugsw1wgmp9os5p.bmp"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3fc
[0130.209] GetFileType (hFile=0x3fc) returned 0x1
[0130.209] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0130.209] GetFileType (hFile=0x3fc) returned 0x1
[0130.210] ReadFile (in: hFile=0x3fc, lpBuffer=0x2c5973c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c5973c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0130.263] ReadFile (in: hFile=0x3fc, lpBuffer=0x2c5973c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c5973c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0130.263] ReadFile (in: hFile=0x3fc, lpBuffer=0x2c5973c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c5973c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0130.265] ReadFile (in: hFile=0x3fc, lpBuffer=0x2c5973c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c5973c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0130.266] ReadFile (in: hFile=0x3fc, lpBuffer=0x2c5973c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c5973c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0130.267] ReadFile (in: hFile=0x3fc, lpBuffer=0x2c5973c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c5973c*, lpNumberOfBytesRead=0xd7e6fc*=0x2f7, lpOverlapped=0x0) returned 1
[0130.268] ReadFile (in: hFile=0x3fc, lpBuffer=0x2c5973c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c5973c*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0130.269] CloseHandle (hObject=0x3fc) returned 1
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFilePart=0x0) returned 0x31
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFilePart=0x0) returned 0x31
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0131.649] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFilePart=0x0) returned 0x31
[0131.649] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0131.649] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\5rqjw_ugsw1wgmp9os5p.bmp"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1b909f60, ftCreationTime.dwHighDateTime=0x1d5f0b4, ftLastAccessTime.dwLowDateTime=0x8bf9f730, ftLastAccessTime.dwHighDateTime=0x1d5e64e, ftLastWriteTime.dwLowDateTime=0x8bf9f730, ftLastWriteTime.dwHighDateTime=0x1d5e64e, nFileSizeHigh=0x0, nFileSizeLow=0x52f7)) returned 1
[0131.650] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0131.650] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0131.650] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0131.650] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0131.650] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1b909f60, ftCreationTime.dwHighDateTime=0x1d5f0b4, ftLastAccessTime.dwLowDateTime=0x8bf9f730, ftLastAccessTime.dwHighDateTime=0x1d5e64e, ftLastWriteTime.dwLowDateTime=0x8bf9f730, ftLastWriteTime.dwHighDateTime=0x1d5e64e, nFileSizeHigh=0x0, nFileSizeLow=0x52f7, dwReserved0=0x0, dwReserved1=0x0, cFileName="5rqjW_ugsw1wGmp9oS5p.bmp", cAlternateFileName="5RQJW_~1.BMP")) returned 0x11e0b80
[0131.652] FindNextFileW (in: hFindFile=0x11e0b80, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0131.652] FindClose (in: hFindFile=0x11e0b80 | out: hFindFile=0x11e0b80) returned 1
[0131.652] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0131.652] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0131.652] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0131.652] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFilePart=0x0) returned 0x31
[0131.655] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0131.655] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFilePart=0x0) returned 0x31
[0131.655] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0131.655] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\5rqjw_ugsw1wgmp9os5p.bmp"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1b909f60, ftCreationTime.dwHighDateTime=0x1d5f0b4, ftLastAccessTime.dwLowDateTime=0x8bf9f730, ftLastAccessTime.dwHighDateTime=0x1d5e64e, ftLastWriteTime.dwLowDateTime=0x8bf9f730, ftLastWriteTime.dwHighDateTime=0x1d5e64e, nFileSizeHigh=0x0, nFileSizeLow=0x52f7)) returned 1
[0131.655] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0131.655] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0131.655] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp", lpFilePart=0x0) returned 0x31
[0131.656] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\5rqjw_ugsw1wgmp9os5p.bmp")) returned 1
[0131.773] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0131.774] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0131.774] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\5rqjw_ugsw1wgmp9os5p.bmp.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0131.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0131.774] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0131.775] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0131.775] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\5rqjw_ugsw1wgmp9os5p.bmp.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0131.775] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0131.775] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0131.775] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0131.775] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0131.775] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\5rqjW_ugsw1wGmp9oS5p.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\5rqjw_ugsw1wgmp9os5p.bmp.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0131.776] GetFileType (hFile=0x3e4) returned 0x1
[0131.776] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0131.776] GetFileType (hFile=0x3e4) returned 0x1
[0131.776] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0131.779] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.780] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.780] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.781] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.781] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.781] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.782] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.782] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.782] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.783] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.783] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.783] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.784] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.784] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ccf490*, nNumberOfBytesToWrite=0x191, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2ccf490*, lpNumberOfBytesWritten=0xd7e700*=0x191, lpOverlapped=0x0) returned 1
[0131.784] CloseHandle (hObject=0x3e4) returned 1
[0131.787] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0131.787] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFilePart=0x0) returned 0x2b
[0131.787] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0131.787] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\7etk mhdchvi4g.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0131.788] GetFileType (hFile=0x3e4) returned 0x1
[0131.788] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0131.788] GetFileType (hFile=0x3e4) returned 0x1
[0131.788] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.791] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.792] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.793] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.794] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.795] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.795] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.798] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.843] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.844] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.845] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.846] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.847] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0xea7, lpOverlapped=0x0) returned 1
[0131.848] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd0833, nNumberOfBytesToRead=0x159, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd0833*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0131.848] ReadFile (in: hFile=0x3e4, lpBuffer=0x2cd1200, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2cd1200*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0131.850] CloseHandle (hObject=0x3e4) returned 1
[0131.874] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0131.874] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFilePart=0x0) returned 0x2b
[0131.874] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0131.874] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFilePart=0x0) returned 0x2b
[0131.874] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0131.874] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0131.874] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0131.875] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFilePart=0x0) returned 0x2b
[0131.875] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0131.875] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\7etk mhdchvi4g.jpg"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x9d24a480, ftCreationTime.dwHighDateTime=0x1d5ed18, ftLastAccessTime.dwLowDateTime=0x52d1a140, ftLastAccessTime.dwHighDateTime=0x1d5e434, ftLastWriteTime.dwLowDateTime=0x52d1a140, ftLastWriteTime.dwHighDateTime=0x1d5e434, nFileSizeHigh=0x0, nFileSizeLow=0xcea7)) returned 1
[0131.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0131.876] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0131.876] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0131.876] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0131.876] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x9d24a480, ftCreationTime.dwHighDateTime=0x1d5ed18, ftLastAccessTime.dwLowDateTime=0x52d1a140, ftLastAccessTime.dwHighDateTime=0x1d5e434, ftLastWriteTime.dwLowDateTime=0x52d1a140, ftLastWriteTime.dwHighDateTime=0x1d5e434, nFileSizeHigh=0x0, nFileSizeLow=0xcea7, dwReserved0=0x0, dwReserved1=0x0, cFileName="7ETK mHdCHVI4g.jpg", cAlternateFileName="7ETKMH~1.JPG")) returned 0x11e09c0
[0131.877] FindNextFileW (in: hFindFile=0x11e09c0, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0131.877] FindClose (in: hFindFile=0x11e09c0 | out: hFindFile=0x11e09c0) returned 1
[0131.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0131.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0131.877] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0131.877] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFilePart=0x0) returned 0x2b
[0131.877] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0131.877] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFilePart=0x0) returned 0x2b
[0131.877] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0131.877] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\7etk mhdchvi4g.jpg"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x9d24a480, ftCreationTime.dwHighDateTime=0x1d5ed18, ftLastAccessTime.dwLowDateTime=0x52d1a140, ftLastAccessTime.dwHighDateTime=0x1d5e434, ftLastWriteTime.dwLowDateTime=0x52d1a140, ftLastWriteTime.dwHighDateTime=0x1d5e434, nFileSizeHigh=0x0, nFileSizeLow=0xcea7)) returned 1
[0131.878] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0131.878] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0131.878] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg", lpFilePart=0x0) returned 0x2b
[0131.878] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\7etk mhdchvi4g.jpg")) returned 1
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0131.921] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0131.921] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\7etk mhdchvi4g.jpg.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0131.921] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0131.921] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0131.922] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0131.922] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0131.922] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\7etk mhdchvi4g.jpg.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0131.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0131.922] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0131.922] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0131.922] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0131.922] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\7ETK mHdCHVI4g.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\7etk mhdchvi4g.jpg.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0131.922] GetFileType (hFile=0x3e4) returned 0x1
[0131.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0131.922] GetFileType (hFile=0x3e4) returned 0x1
[0131.922] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0131.927] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.928] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.928] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.928] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.929] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.929] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.929] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.930] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.930] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.930] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.931] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.931] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.931] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.933] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.934] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.934] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.934] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.936] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.936] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.937] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.937] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.937] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.938] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.938] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.938] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.939] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.939] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.939] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.940] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.940] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.940] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.940] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0131.940] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d44a50*, nNumberOfBytesToWrite=0x8bd, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2d44a50*, lpNumberOfBytesWritten=0xd7e700*=0x8bd, lpOverlapped=0x0) returned 1
[0131.941] CloseHandle (hObject=0x3e4) returned 1
[0131.949] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0131.949] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFilePart=0x0) returned 0x21
[0131.949] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0131.949] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\7lpg.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0131.949] GetFileType (hFile=0x3e4) returned 0x1
[0131.949] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0131.949] GetFileType (hFile=0x3e4) returned 0x1
[0131.949] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d467ac, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d467ac*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.951] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d467ac, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d467ac*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.953] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d467ac, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d467ac*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.953] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d467ac, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d467ac*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.955] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d467ac, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d467ac*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0131.955] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d467ac, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d467ac*, lpNumberOfBytesRead=0xd7e6fc*=0x227, lpOverlapped=0x0) returned 1
[0131.955] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d467ac, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d467ac*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0131.956] CloseHandle (hObject=0x3e4) returned 1
[0132.001] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0132.001] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFilePart=0x0) returned 0x21
[0132.001] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0132.001] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFilePart=0x0) returned 0x21
[0132.001] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.001] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.001] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0132.002] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFilePart=0x0) returned 0x21
[0132.002] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.002] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\7lpg.gif"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x48729130, ftCreationTime.dwHighDateTime=0x1d5ede1, ftLastAccessTime.dwLowDateTime=0xc3daf3e0, ftLastAccessTime.dwHighDateTime=0x1d5e174, ftLastWriteTime.dwLowDateTime=0xc3daf3e0, ftLastWriteTime.dwHighDateTime=0x1d5e174, nFileSizeHigh=0x0, nFileSizeLow=0x5227)) returned 1
[0132.002] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.002] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0132.002] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.002] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.002] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x48729130, ftCreationTime.dwHighDateTime=0x1d5ede1, ftLastAccessTime.dwLowDateTime=0xc3daf3e0, ftLastAccessTime.dwHighDateTime=0x1d5e174, ftLastWriteTime.dwLowDateTime=0xc3daf3e0, ftLastWriteTime.dwHighDateTime=0x1d5e174, nFileSizeHigh=0x0, nFileSizeLow=0x5227, dwReserved0=0x0, dwReserved1=0x0, cFileName="7LPg.gif", cAlternateFileName="")) returned 0x11e07c0
[0132.002] FindNextFileW (in: hFindFile=0x11e07c0, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0132.002] FindClose (in: hFindFile=0x11e07c0 | out: hFindFile=0x11e07c0) returned 1
[0132.003] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0132.003] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0132.003] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0132.003] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFilePart=0x0) returned 0x21
[0132.003] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0132.003] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFilePart=0x0) returned 0x21
[0132.003] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0132.003] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\7lpg.gif"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x48729130, ftCreationTime.dwHighDateTime=0x1d5ede1, ftLastAccessTime.dwLowDateTime=0xc3daf3e0, ftLastAccessTime.dwHighDateTime=0x1d5e174, ftLastWriteTime.dwLowDateTime=0xc3daf3e0, ftLastWriteTime.dwHighDateTime=0x1d5e174, nFileSizeHigh=0x0, nFileSizeLow=0x5227)) returned 1
[0132.003] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0132.003] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0132.003] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif", lpFilePart=0x0) returned 0x21
[0132.003] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\7lpg.gif")) returned 1
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0132.054] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0132.054] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\7lpg.gif.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.054] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0132.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0132.055] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.055] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\7lpg.gif.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.055] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0132.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0132.055] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0132.055] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\7LPg.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\7lpg.gif.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0132.055] GetFileType (hFile=0x3e4) returned 0x1
[0132.055] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0132.055] GetFileType (hFile=0x3e4) returned 0x1
[0132.055] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0132.060] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.061] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.061] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.061] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.062] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.062] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.062] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.063] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.063] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.064] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.064] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.064] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.065] WriteFile (in: hFile=0x3e4, lpBuffer=0x2dbb08c*, nNumberOfBytesToWrite=0xf25, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2dbb08c*, lpNumberOfBytesWritten=0xd7e700*=0xf25, lpOverlapped=0x0) returned 1
[0132.065] CloseHandle (hObject=0x3e4) returned 1
[0132.068] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x24
[0132.068] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x24, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFilePart=0x0) returned 0x23
[0132.068] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0132.068] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\aapal2.bmp"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0132.069] GetFileType (hFile=0x3e4) returned 0x1
[0132.069] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0132.069] GetFileType (hFile=0x3e4) returned 0x1
[0132.069] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.071] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.071] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.073] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.073] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.075] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.075] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.077] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbcdec, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbcdec*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.156] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.156] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.157] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.157] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.158] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.158] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.158] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x638, lpOverlapped=0x0) returned 1
[0132.159] ReadFile (in: hFile=0x3e4, lpBuffer=0x2dbc3b0, nNumberOfBytesToRead=0x1c8, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2dbc3b0*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0132.159] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c34e84, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c34e84*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0132.161] CloseHandle (hObject=0x3e4) returned 1
[0132.184] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x24
[0132.184] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x24, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFilePart=0x0) returned 0x23
[0132.184] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x24
[0132.184] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x24, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFilePart=0x0) returned 0x23
[0132.184] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.185] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.185] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x24
[0132.185] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x24, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFilePart=0x0) returned 0x23
[0132.185] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.185] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\aapal2.bmp"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfb766fc0, ftCreationTime.dwHighDateTime=0x1d5f0a9, ftLastAccessTime.dwLowDateTime=0xdcb5de50, ftLastAccessTime.dwHighDateTime=0x1d5f03f, ftLastWriteTime.dwLowDateTime=0xdcb5de50, ftLastWriteTime.dwHighDateTime=0x1d5f03f, nFileSizeHigh=0x0, nFileSizeLow=0xe638)) returned 1
[0132.185] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.185] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0132.185] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.185] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.185] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfb766fc0, ftCreationTime.dwHighDateTime=0x1d5f0a9, ftLastAccessTime.dwLowDateTime=0xdcb5de50, ftLastAccessTime.dwHighDateTime=0x1d5f03f, ftLastWriteTime.dwLowDateTime=0xdcb5de50, ftLastWriteTime.dwHighDateTime=0x1d5f03f, nFileSizeHigh=0x0, nFileSizeLow=0xe638, dwReserved0=0x0, dwReserved1=0x0, cFileName="AApAl2.bmp", cAlternateFileName="")) returned 0x11e0b80
[0132.186] FindNextFileW (in: hFindFile=0x11e0b80, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0132.187] FindClose (in: hFindFile=0x11e0b80 | out: hFindFile=0x11e0b80) returned 1
[0132.187] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0132.187] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0132.187] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x24
[0132.187] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x24, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFilePart=0x0) returned 0x23
[0132.187] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x24
[0132.187] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x24, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFilePart=0x0) returned 0x23
[0132.187] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0132.187] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\aapal2.bmp"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xfb766fc0, ftCreationTime.dwHighDateTime=0x1d5f0a9, ftLastAccessTime.dwLowDateTime=0xdcb5de50, ftLastAccessTime.dwHighDateTime=0x1d5f03f, ftLastWriteTime.dwLowDateTime=0xdcb5de50, ftLastWriteTime.dwHighDateTime=0x1d5f03f, nFileSizeHigh=0x0, nFileSizeLow=0xe638)) returned 1
[0132.188] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0132.188] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x24
[0132.188] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", nBufferLength=0x24, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp", lpFilePart=0x0) returned 0x23
[0132.188] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\aapal2.bmp")) returned 1
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x31
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x31
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.190] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x31
[0132.190] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0132.190] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\aapal2.bmp.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.191] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0132.191] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.191] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x31
[0132.434] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.434] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\aapal2.bmp.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.434] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.434] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.434] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x31
[0132.434] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0132.434] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\AApAl2.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\aapal2.bmp.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0132.435] GetFileType (hFile=0x3e4) returned 0x1
[0132.435] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0132.435] GetFileType (hFile=0x3e4) returned 0x1
[0132.435] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0132.438] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.439] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.439] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.440] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.440] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.441] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.442] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.442] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.443] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.443] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.444] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.445] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.447] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.447] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.447] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.448] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.448] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.449] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.449] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.449] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.450] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.450] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.451] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.451] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.451] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.452] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.452] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.452] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.454] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.454] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.454] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.454] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c82384*, nNumberOfBytesToWrite=0x3c5, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2c82384*, lpNumberOfBytesWritten=0xd7e700*=0x3c5, lpOverlapped=0x0) returned 1
[0132.454] CloseHandle (hObject=0x3e4) returned 1
[0132.615] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0132.616] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFilePart=0x0) returned 0x24
[0132.616] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0132.616] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini" (normalized: "c:\\users\\fd1hvy\\pictures\\desktop.ini"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0132.616] GetFileType (hFile=0x3e4) returned 0x1
[0132.616] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0132.616] GetFileType (hFile=0x3e4) returned 0x1
[0132.616] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c840e4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c840e4*, lpNumberOfBytesRead=0xd7e6fc*=0x1f8, lpOverlapped=0x0) returned 1
[0132.617] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c840e4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c840e4*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0132.617] CloseHandle (hObject=0x3e4) returned 1
[0132.620] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0132.620] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFilePart=0x0) returned 0x24
[0132.620] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0132.620] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFilePart=0x0) returned 0x24
[0132.621] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.621] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.621] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0132.621] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFilePart=0x0) returned 0x24
[0132.621] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.621] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini" (normalized: "c:\\users\\fd1hvy\\pictures\\desktop.ini"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x26, ftCreationTime.dwLowDateTime=0x44053085, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0x44053085, ftLastAccessTime.dwHighDateTime=0x1d32722, ftLastWriteTime.dwLowDateTime=0xce2f1526, ftLastWriteTime.dwHighDateTime=0x1d32743, nFileSizeHigh=0x0, nFileSizeLow=0x1f8)) returned 1
[0132.621] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.621] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0132.621] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.621] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.622] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x26, ftCreationTime.dwLowDateTime=0x44053085, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0x44053085, ftLastAccessTime.dwHighDateTime=0x1d32722, ftLastWriteTime.dwLowDateTime=0xce2f1526, ftLastWriteTime.dwHighDateTime=0x1d32743, nFileSizeHigh=0x0, nFileSizeLow=0x1f8, dwReserved0=0x0, dwReserved1=0x0, cFileName="desktop.ini", cAlternateFileName="")) returned 0x11e0ac0
[0132.622] FindNextFileW (in: hFindFile=0x11e0ac0, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0132.622] FindClose (in: hFindFile=0x11e0ac0 | out: hFindFile=0x11e0ac0) returned 1
[0132.622] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0132.622] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0132.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0132.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFilePart=0x0) returned 0x24
[0132.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0132.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFilePart=0x0) returned 0x24
[0132.623] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0132.623] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini" (normalized: "c:\\users\\fd1hvy\\pictures\\desktop.ini"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x26, ftCreationTime.dwLowDateTime=0x44053085, ftCreationTime.dwHighDateTime=0x1d32722, ftLastAccessTime.dwLowDateTime=0x44053085, ftLastAccessTime.dwHighDateTime=0x1d32722, ftLastWriteTime.dwLowDateTime=0xce2f1526, ftLastWriteTime.dwHighDateTime=0x1d32743, nFileSizeHigh=0x0, nFileSizeLow=0x1f8)) returned 1
[0132.623] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0132.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0132.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini", lpFilePart=0x0) returned 0x24
[0132.623] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini" (normalized: "c:\\users\\fd1hvy\\pictures\\desktop.ini")) returned 1
[0132.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0132.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0132.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0132.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0132.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0132.626] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0132.626] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0132.626] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\desktop.ini.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.626] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0132.626] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0132.626] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0132.626] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.626] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\desktop.ini.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.626] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.626] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0132.626] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0132.627] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0132.627] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\desktop.ini.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\desktop.ini.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0132.627] GetFileType (hFile=0x3e4) returned 0x1
[0132.627] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0132.627] GetFileType (hFile=0x3e4) returned 0x1
[0132.627] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0132.628] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c892a0*, nNumberOfBytesToWrite=0x2a5, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2c892a0*, lpNumberOfBytesWritten=0xd7e700*=0x2a5, lpOverlapped=0x0) returned 1
[0132.629] CloseHandle (hObject=0x3e4) returned 1
[0132.632] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.632] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFilePart=0x0) returned 0x31
[0132.633] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0132.633] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\gehqqa3syqski7fc9oyu.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0132.633] GetFileType (hFile=0x3e4) returned 0x1
[0132.633] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0132.633] GetFileType (hFile=0x3e4) returned 0x1
[0132.643] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.645] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.646] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.646] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.647] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.762] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.763] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.763] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.768] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.771] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.772] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.772] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.773] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.775] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.775] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0132.781] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0xd5b, lpOverlapped=0x0) returned 1
[0132.781] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8a503, nNumberOfBytesToRead=0x2a5, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8a503*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0132.781] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c8b01c, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c8b01c*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0132.784] CloseHandle (hObject=0x3e4) returned 1
[0132.906] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.906] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFilePart=0x0) returned 0x31
[0132.906] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.907] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFilePart=0x0) returned 0x31
[0132.907] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.907] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.907] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.907] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFilePart=0x0) returned 0x31
[0132.907] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.907] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\gehqqa3syqski7fc9oyu.gif"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xdb09b280, ftCreationTime.dwHighDateTime=0x1d5e97c, ftLastAccessTime.dwLowDateTime=0xac2048e0, ftLastAccessTime.dwHighDateTime=0x1d5edb8, ftLastWriteTime.dwLowDateTime=0xac2048e0, ftLastWriteTime.dwHighDateTime=0x1d5edb8, nFileSizeHigh=0x0, nFileSizeLow=0xfd5b)) returned 1
[0132.908] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.908] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0132.909] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.909] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.909] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xdb09b280, ftCreationTime.dwHighDateTime=0x1d5e97c, ftLastAccessTime.dwLowDateTime=0xac2048e0, ftLastAccessTime.dwHighDateTime=0x1d5edb8, ftLastWriteTime.dwLowDateTime=0xac2048e0, ftLastWriteTime.dwHighDateTime=0x1d5edb8, nFileSizeHigh=0x0, nFileSizeLow=0xfd5b, dwReserved0=0x0, dwReserved1=0x0, cFileName="GEhqqA3sYQSkI7fC9OYU.gif", cAlternateFileName="GEHQQA~1.GIF")) returned 0x11e0d00
[0132.909] FindNextFileW (in: hFindFile=0x11e0d00, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0132.909] FindClose (in: hFindFile=0x11e0d00 | out: hFindFile=0x11e0d00) returned 1
[0132.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0132.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0132.910] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.910] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFilePart=0x0) returned 0x31
[0132.910] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.910] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFilePart=0x0) returned 0x31
[0132.910] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0132.910] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\gehqqa3syqski7fc9oyu.gif"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xdb09b280, ftCreationTime.dwHighDateTime=0x1d5e97c, ftLastAccessTime.dwLowDateTime=0xac2048e0, ftLastAccessTime.dwHighDateTime=0x1d5edb8, ftLastWriteTime.dwLowDateTime=0xac2048e0, ftLastWriteTime.dwHighDateTime=0x1d5edb8, nFileSizeHigh=0x0, nFileSizeLow=0xfd5b)) returned 1
[0132.915] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0132.916] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0132.916] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif", lpFilePart=0x0) returned 0x31
[0132.916] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\gehqqa3syqski7fc9oyu.gif")) returned 1
[0132.987] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0132.987] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0132.987] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0132.988] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0132.988] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0132.988] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0132.988] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0132.988] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0132.988] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0132.988] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\gehqqa3syqski7fc9oyu.gif.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.988] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0132.988] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0132.988] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0132.988] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0132.990] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\gehqqa3syqski7fc9oyu.gif.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0132.990] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0132.990] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0132.990] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0132.990] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0132.990] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\GEhqqA3sYQSkI7fC9OYU.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\gehqqa3syqski7fc9oyu.gif.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0132.991] GetFileType (hFile=0x3e4) returned 0x1
[0132.991] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0132.991] GetFileType (hFile=0x3e4) returned 0x1
[0132.991] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0132.992] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.993] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.994] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.994] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.995] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.995] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.996] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.996] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.997] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.997] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.998] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.998] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.999] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0132.999] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.000] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.000] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.001] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.001] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.002] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.002] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.003] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.003] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.004] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.004] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.048] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.049] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.049] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.050] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.050] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.050] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.051] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.051] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.051] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.052] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.052] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.052] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.053] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.053] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.053] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.054] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2d7a8*, nNumberOfBytesToWrite=0xf85, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2c2d7a8*, lpNumberOfBytesWritten=0xd7e700*=0xf85, lpOverlapped=0x0) returned 1
[0133.054] CloseHandle (hObject=0x3e4) returned 1
[0133.066] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.066] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFilePart=0x0) returned 0x30
[0133.066] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0133.066] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png" (normalized: "c:\\users\\fd1hvy\\pictures\\ki_dmhqlhqic_txbgmi.png"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.067] GetFileType (hFile=0x3e4) returned 0x1
[0133.067] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0133.067] GetFileType (hFile=0x3e4) returned 0x1
[0133.067] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.068] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.069] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.069] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.069] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.073] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.074] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.074] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.074] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.075] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.075] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.076] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.076] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.076] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.077] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.077] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.077] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.078] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.078] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.079] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.079] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.079] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x55, lpOverlapped=0x0) returned 1
[0133.081] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2f520, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2f520*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0133.081] CloseHandle (hObject=0x3e4) returned 1
[0133.143] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.143] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFilePart=0x0) returned 0x30
[0133.143] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.143] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFilePart=0x0) returned 0x30
[0133.144] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.144] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.144] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.144] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFilePart=0x0) returned 0x30
[0133.144] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.144] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png" (normalized: "c:\\users\\fd1hvy\\pictures\\ki_dmhqlhqic_txbgmi.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x3cd79c30, ftCreationTime.dwHighDateTime=0x1d5e3fa, ftLastAccessTime.dwLowDateTime=0xbe854ec0, ftLastAccessTime.dwHighDateTime=0x1d5e58b, ftLastWriteTime.dwLowDateTime=0xbe854ec0, ftLastWriteTime.dwHighDateTime=0x1d5e58b, nFileSizeHigh=0x0, nFileSizeLow=0x15055)) returned 1
[0133.144] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.144] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0133.144] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.144] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.145] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x3cd79c30, ftCreationTime.dwHighDateTime=0x1d5e3fa, ftLastAccessTime.dwLowDateTime=0xbe854ec0, ftLastAccessTime.dwHighDateTime=0x1d5e58b, ftLastWriteTime.dwLowDateTime=0xbe854ec0, ftLastWriteTime.dwHighDateTime=0x1d5e58b, nFileSizeHigh=0x0, nFileSizeLow=0x15055, dwReserved0=0x0, dwReserved1=0x0, cFileName="ki_dMhqLHqic_TxbGMI.png", cAlternateFileName="KI_DMH~1.PNG")) returned 0x11e0900
[0133.145] FindNextFileW (in: hFindFile=0x11e0900, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0133.146] FindClose (in: hFindFile=0x11e0900 | out: hFindFile=0x11e0900) returned 1
[0133.146] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0133.147] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0133.147] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.147] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFilePart=0x0) returned 0x30
[0133.147] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.147] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFilePart=0x0) returned 0x30
[0133.147] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0133.147] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png" (normalized: "c:\\users\\fd1hvy\\pictures\\ki_dmhqlhqic_txbgmi.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x3cd79c30, ftCreationTime.dwHighDateTime=0x1d5e3fa, ftLastAccessTime.dwLowDateTime=0xbe854ec0, ftLastAccessTime.dwHighDateTime=0x1d5e58b, ftLastWriteTime.dwLowDateTime=0xbe854ec0, ftLastWriteTime.dwHighDateTime=0x1d5e58b, nFileSizeHigh=0x0, nFileSizeLow=0x15055)) returned 1
[0133.147] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0133.147] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.147] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png", lpFilePart=0x0) returned 0x30
[0133.148] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png" (normalized: "c:\\users\\fd1hvy\\pictures\\ki_dmhqlhqic_txbgmi.png")) returned 1
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.179] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.179] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0133.179] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ki_dmhqlhqic_txbgmi.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.180] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0133.180] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.180] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.180] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.181] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ki_dmhqlhqic_txbgmi.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.181] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.181] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.181] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.181] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0133.181] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\ki_dMhqLHqic_TxbGMI.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ki_dmhqlhqic_txbgmi.png.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.182] GetFileType (hFile=0x3e4) returned 0x1
[0133.182] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0133.182] GetFileType (hFile=0x3e4) returned 0x1
[0133.182] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0133.188] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.190] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.190] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.191] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.191] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.333] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.334] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.334] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.335] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.335] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.336] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.336] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.337] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.337] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.338] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.338] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.339] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.339] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.340] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.340] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.341] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.341] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.342] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.342] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.342] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.343] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.343] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.344] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.344] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.344] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.345] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.345] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.345] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.345] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.346] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.346] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.346] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.347] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.347] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.347] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.347] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.348] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.348] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.348] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.349] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.349] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.349] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.349] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.350] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.350] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.350] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.351] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.351] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.351] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce8040*, nNumberOfBytesToWrite=0x1d, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2ce8040*, lpNumberOfBytesWritten=0xd7e700*=0x1d, lpOverlapped=0x0) returned 1
[0133.351] CloseHandle (hObject=0x3e4) returned 1
[0133.438] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.438] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFilePart=0x0) returned 0x30
[0133.438] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0133.438] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\mouszfne-kko2ra2yce.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.438] GetFileType (hFile=0x3e4) returned 0x1
[0133.438] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0133.439] GetFileType (hFile=0x3e4) returned 0x1
[0133.439] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.442] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.442] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.443] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.443] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.443] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.444] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.444] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.444] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.445] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.445] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.445] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.445] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.446] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.446] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.446] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x949, lpOverlapped=0x0) returned 1
[0133.446] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce928d, nNumberOfBytesToRead=0x2b7, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce928d*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0133.447] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce9db8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce9db8*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0133.451] CloseHandle (hObject=0x3e4) returned 1
[0133.466] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.466] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFilePart=0x0) returned 0x30
[0133.466] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.466] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFilePart=0x0) returned 0x30
[0133.466] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.466] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.466] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.467] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFilePart=0x0) returned 0x30
[0133.467] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.467] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\mouszfne-kko2ra2yce.jpg"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xe46a0e90, ftCreationTime.dwHighDateTime=0x1d5e893, ftLastAccessTime.dwLowDateTime=0xa4ace9e0, ftLastAccessTime.dwHighDateTime=0x1d5e879, ftLastWriteTime.dwLowDateTime=0xa4ace9e0, ftLastWriteTime.dwHighDateTime=0x1d5e879, nFileSizeHigh=0x0, nFileSizeLow=0xf949)) returned 1
[0133.467] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.467] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0133.467] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.467] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.467] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xe46a0e90, ftCreationTime.dwHighDateTime=0x1d5e893, ftLastAccessTime.dwLowDateTime=0xa4ace9e0, ftLastAccessTime.dwHighDateTime=0x1d5e879, ftLastWriteTime.dwLowDateTime=0xa4ace9e0, ftLastWriteTime.dwHighDateTime=0x1d5e879, nFileSizeHigh=0x0, nFileSizeLow=0xf949, dwReserved0=0x0, dwReserved1=0x0, cFileName="MousZfNe-KkO2Ra2yCe.jpg", cAlternateFileName="MOUSZF~1.JPG")) returned 0x11e05c0
[0133.468] FindNextFileW (in: hFindFile=0x11e05c0, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0133.469] FindClose (in: hFindFile=0x11e05c0 | out: hFindFile=0x11e05c0) returned 1
[0133.469] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0133.469] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0133.469] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.469] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFilePart=0x0) returned 0x30
[0133.469] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.469] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFilePart=0x0) returned 0x30
[0133.469] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0133.469] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\mouszfne-kko2ra2yce.jpg"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xe46a0e90, ftCreationTime.dwHighDateTime=0x1d5e893, ftLastAccessTime.dwLowDateTime=0xa4ace9e0, ftLastAccessTime.dwHighDateTime=0x1d5e879, ftLastWriteTime.dwLowDateTime=0xa4ace9e0, ftLastWriteTime.dwHighDateTime=0x1d5e879, nFileSizeHigh=0x0, nFileSizeLow=0xf949)) returned 1
[0133.469] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0133.470] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0133.470] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg", lpFilePart=0x0) returned 0x30
[0133.470] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\mouszfne-kko2ra2yce.jpg")) returned 1
[0133.507] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.507] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.507] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.507] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.520] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.520] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.520] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.520] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.520] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0133.520] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\mouszfne-kko2ra2yce.jpg.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.521] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0133.521] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.521] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.521] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.521] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\mouszfne-kko2ra2yce.jpg.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.521] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.521] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3f
[0133.521] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", nBufferLength=0x3f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x3e
[0133.521] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0133.521] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\MousZfNe-KkO2Ra2yCe.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\mouszfne-kko2ra2yce.jpg.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.522] GetFileType (hFile=0x3e4) returned 0x1
[0133.522] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0133.522] GetFileType (hFile=0x3e4) returned 0x1
[0133.522] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0133.522] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.524] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.525] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.525] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.526] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.526] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.527] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.527] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.528] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.528] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.529] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.529] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.530] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.530] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.530] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.531] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.531] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.532] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.583] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.583] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.584] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.584] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.585] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.585] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.586] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.586] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.587] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.587] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.587] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.587] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.588] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.588] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.588] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.588] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.589] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.589] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.589] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.589] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.590] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.590] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4e35c*, nNumberOfBytesToWrite=0x465, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2c4e35c*, lpNumberOfBytesWritten=0xd7e700*=0x465, lpOverlapped=0x0) returned 1
[0133.590] CloseHandle (hObject=0x3e4) returned 1
[0133.597] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0133.597] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFilePart=0x0) returned 0x2b
[0133.597] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0133.597] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\ond8yrc_w27yxy.gif"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.597] GetFileType (hFile=0x3e4) returned 0x1
[0133.597] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0133.597] GetFileType (hFile=0x3e4) returned 0x1
[0133.598] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.611] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.611] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.612] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.612] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.612] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.612] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.613] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.613] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.613] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.614] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0xcb, lpOverlapped=0x0) returned 1
[0133.614] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c500cc, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c500cc*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0133.614] CloseHandle (hObject=0x3e4) returned 1
[0133.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0133.623] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFilePart=0x0) returned 0x2b
[0133.624] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0133.624] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFilePart=0x0) returned 0x2b
[0133.624] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.624] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.624] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0133.624] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFilePart=0x0) returned 0x2b
[0133.624] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.624] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\ond8yrc_w27yxy.gif"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1abb6f10, ftCreationTime.dwHighDateTime=0x1d5ec14, ftLastAccessTime.dwLowDateTime=0x4a2c73f0, ftLastAccessTime.dwHighDateTime=0x1d5e4d2, ftLastWriteTime.dwLowDateTime=0x4a2c73f0, ftLastWriteTime.dwHighDateTime=0x1d5e4d2, nFileSizeHigh=0x0, nFileSizeLow=0xa0cb)) returned 1
[0133.624] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.624] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0133.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.625] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.625] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1abb6f10, ftCreationTime.dwHighDateTime=0x1d5ec14, ftLastAccessTime.dwLowDateTime=0x4a2c73f0, ftLastAccessTime.dwHighDateTime=0x1d5e4d2, ftLastWriteTime.dwLowDateTime=0x4a2c73f0, ftLastWriteTime.dwHighDateTime=0x1d5e4d2, nFileSizeHigh=0x0, nFileSizeLow=0xa0cb, dwReserved0=0x0, dwReserved1=0x0, cFileName="Ond8yRC_W27YxY.gif", cAlternateFileName="OND8YR~1.GIF")) returned 0x11e0780
[0133.625] FindNextFileW (in: hFindFile=0x11e0780, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0133.626] FindClose (in: hFindFile=0x11e0780 | out: hFindFile=0x11e0780) returned 1
[0133.627] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0133.627] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0133.627] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0133.627] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFilePart=0x0) returned 0x2b
[0133.627] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0133.627] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFilePart=0x0) returned 0x2b
[0133.627] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0133.627] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\ond8yrc_w27yxy.gif"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x1abb6f10, ftCreationTime.dwHighDateTime=0x1d5ec14, ftLastAccessTime.dwLowDateTime=0x4a2c73f0, ftLastAccessTime.dwHighDateTime=0x1d5e4d2, ftLastWriteTime.dwLowDateTime=0x4a2c73f0, ftLastWriteTime.dwHighDateTime=0x1d5e4d2, nFileSizeHigh=0x0, nFileSizeLow=0xa0cb)) returned 1
[0133.627] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0133.627] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2c
[0133.628] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", nBufferLength=0x2c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif", lpFilePart=0x0) returned 0x2b
[0133.628] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif" (normalized: "c:\\users\\fd1hvy\\pictures\\ond8yrc_w27yxy.gif")) returned 1
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0133.679] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0133.679] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0133.679] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ond8yrc_w27yxy.gif.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.680] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0133.680] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0133.680] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0133.680] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.680] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ond8yrc_w27yxy.gif.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.680] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.680] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3a
[0133.680] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", nBufferLength=0x3a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB", lpFilePart=0x0) returned 0x39
[0133.680] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0133.680] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\Ond8yRC_W27YxY.gif.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ond8yrc_w27yxy.gif.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.681] GetFileType (hFile=0x3e4) returned 0x1
[0133.681] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0133.681] GetFileType (hFile=0x3e4) returned 0x1
[0133.681] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0133.682] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.683] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.684] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.684] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.685] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.685] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.686] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.686] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.687] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.687] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.688] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.689] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.689] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.690] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.690] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.691] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.691] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.692] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.692] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.693] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.693] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.694] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.694] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.695] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.695] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.696] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d07bb0*, nNumberOfBytesToWrite=0x585, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2d07bb0*, lpNumberOfBytesWritten=0xd7e700*=0x585, lpOverlapped=0x0) returned 1
[0133.696] CloseHandle (hObject=0x3e4) returned 1
[0133.706] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0133.706] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFilePart=0x0) returned 0x24
[0133.706] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0133.706] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png" (normalized: "c:\\users\\fd1hvy\\pictures\\oxeal5z.png"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.707] GetFileType (hFile=0x3e4) returned 0x1
[0133.707] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0133.707] GetFileType (hFile=0x3e4) returned 0x1
[0133.707] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.709] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.710] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.711] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.711] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.712] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.712] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.712] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.713] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.713] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.713] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.714] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0xd54, lpOverlapped=0x0) returned 1
[0133.714] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d08df0, nNumberOfBytesToRead=0x2ac, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d08df0*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0133.714] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d09910, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d09910*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0133.714] CloseHandle (hObject=0x3e4) returned 1
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFilePart=0x0) returned 0x24
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFilePart=0x0) returned 0x24
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0133.799] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFilePart=0x0) returned 0x24
[0133.799] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.799] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png" (normalized: "c:\\users\\fd1hvy\\pictures\\oxeal5z.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x34bca180, ftCreationTime.dwHighDateTime=0x1d5e2ab, ftLastAccessTime.dwLowDateTime=0x10d21f60, ftLastAccessTime.dwHighDateTime=0x1d5efdb, ftLastWriteTime.dwLowDateTime=0x10d21f60, ftLastWriteTime.dwHighDateTime=0x1d5efdb, nFileSizeHigh=0x0, nFileSizeLow=0xbd54)) returned 1
[0133.799] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.799] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0133.800] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.800] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.800] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x34bca180, ftCreationTime.dwHighDateTime=0x1d5e2ab, ftLastAccessTime.dwLowDateTime=0x10d21f60, ftLastAccessTime.dwHighDateTime=0x1d5efdb, ftLastWriteTime.dwLowDateTime=0x10d21f60, ftLastWriteTime.dwHighDateTime=0x1d5efdb, nFileSizeHigh=0x0, nFileSizeLow=0xbd54, dwReserved0=0x0, dwReserved1=0x0, cFileName="OxeAL5Z.png", cAlternateFileName="")) returned 0x11e0c80
[0133.800] FindNextFileW (in: hFindFile=0x11e0c80, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0133.801] FindClose (in: hFindFile=0x11e0c80 | out: hFindFile=0x11e0c80) returned 1
[0133.802] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0133.802] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0133.802] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0133.802] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFilePart=0x0) returned 0x24
[0133.802] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0133.802] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFilePart=0x0) returned 0x24
[0133.802] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0133.802] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png" (normalized: "c:\\users\\fd1hvy\\pictures\\oxeal5z.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x34bca180, ftCreationTime.dwHighDateTime=0x1d5e2ab, ftLastAccessTime.dwLowDateTime=0x10d21f60, ftLastAccessTime.dwHighDateTime=0x1d5efdb, ftLastWriteTime.dwLowDateTime=0x10d21f60, ftLastWriteTime.dwHighDateTime=0x1d5efdb, nFileSizeHigh=0x0, nFileSizeLow=0xbd54)) returned 1
[0133.802] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0133.802] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x25
[0133.802] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", nBufferLength=0x25, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png", lpFilePart=0x0) returned 0x24
[0133.802] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png" (normalized: "c:\\users\\fd1hvy\\pictures\\oxeal5z.png")) returned 1
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0133.850] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0133.850] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0133.850] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\oxeal5z.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.851] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0133.851] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0133.851] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0133.851] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0133.851] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\oxeal5z.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0133.851] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0133.851] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x33
[0133.851] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", nBufferLength=0x33, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB", lpFilePart=0x0) returned 0x32
[0133.851] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0133.851] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\OxeAL5Z.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\oxeal5z.png.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.910] GetFileType (hFile=0x3e4) returned 0x1
[0133.910] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0133.910] GetFileType (hFile=0x3e4) returned 0x1
[0133.910] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0133.914] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.916] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.916] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.917] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.917] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.917] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.918] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.918] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.919] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.919] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.920] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.920] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.921] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.921] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.922] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.922] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.922] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.923] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.923] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.924] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.924] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.925] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.925] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.925] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.926] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.926] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.927] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.927] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.927] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0133.928] WriteFile (in: hFile=0x3e4, lpBuffer=0x2d72b34*, nNumberOfBytesToWrite=0xd65, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2d72b34*, lpNumberOfBytesWritten=0xd7e700*=0xd65, lpOverlapped=0x0) returned 1
[0133.928] CloseHandle (hObject=0x3e4) returned 1
[0133.941] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0133.941] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFilePart=0x0) returned 0x21
[0133.941] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0133.941] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png" (normalized: "c:\\users\\fd1hvy\\pictures\\s8nj.png"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0133.941] GetFileType (hFile=0x3e4) returned 0x1
[0133.941] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0133.941] GetFileType (hFile=0x3e4) returned 0x1
[0133.942] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.982] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.983] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.983] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.983] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.984] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.984] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.984] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.985] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.985] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.985] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.986] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.986] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0133.986] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x20b, lpOverlapped=0x0) returned 1
[0133.986] ReadFile (in: hFile=0x3e4, lpBuffer=0x2d74890, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2d74890*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0133.993] CloseHandle (hObject=0x3e4) returned 1
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFilePart=0x0) returned 0x21
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFilePart=0x0) returned 0x21
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0134.006] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFilePart=0x0) returned 0x21
[0134.006] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.006] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png" (normalized: "c:\\users\\fd1hvy\\pictures\\s8nj.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xb9dc9f50, ftCreationTime.dwHighDateTime=0x1d5e56c, ftLastAccessTime.dwLowDateTime=0x957aee90, ftLastAccessTime.dwHighDateTime=0x1d5e6ad, ftLastWriteTime.dwLowDateTime=0x957aee90, ftLastWriteTime.dwHighDateTime=0x1d5e6ad, nFileSizeHigh=0x0, nFileSizeLow=0xd20b)) returned 1
[0134.006] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.007] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0134.007] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.007] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.007] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xb9dc9f50, ftCreationTime.dwHighDateTime=0x1d5e56c, ftLastAccessTime.dwLowDateTime=0x957aee90, ftLastAccessTime.dwHighDateTime=0x1d5e6ad, ftLastWriteTime.dwLowDateTime=0x957aee90, ftLastWriteTime.dwHighDateTime=0x1d5e6ad, nFileSizeHigh=0x0, nFileSizeLow=0xd20b, dwReserved0=0x0, dwReserved1=0x0, cFileName="s8nj.png", cAlternateFileName="")) returned 0x11e0b00
[0134.007] FindNextFileW (in: hFindFile=0x11e0b00, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0134.008] FindClose (in: hFindFile=0x11e0b00 | out: hFindFile=0x11e0b00) returned 1
[0134.008] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0134.008] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0134.009] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0134.009] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFilePart=0x0) returned 0x21
[0134.009] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0134.009] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFilePart=0x0) returned 0x21
[0134.009] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0134.009] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png" (normalized: "c:\\users\\fd1hvy\\pictures\\s8nj.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xb9dc9f50, ftCreationTime.dwHighDateTime=0x1d5e56c, ftLastAccessTime.dwLowDateTime=0x957aee90, ftLastAccessTime.dwHighDateTime=0x1d5e6ad, ftLastWriteTime.dwLowDateTime=0x957aee90, ftLastWriteTime.dwHighDateTime=0x1d5e6ad, nFileSizeHigh=0x0, nFileSizeLow=0xd20b)) returned 1
[0134.009] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0134.009] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x22
[0134.009] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", nBufferLength=0x22, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png", lpFilePart=0x0) returned 0x21
[0134.009] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png" (normalized: "c:\\users\\fd1hvy\\pictures\\s8nj.png")) returned 1
[0134.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0134.054] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0134.055] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0134.055] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\s8nj.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.055] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0134.055] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0134.055] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.057] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\s8nj.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.057] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.057] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x30
[0134.057] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", nBufferLength=0x30, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB", lpFilePart=0x0) returned 0x2f
[0134.057] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0134.057] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\s8nj.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\s8nj.png.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0134.058] GetFileType (hFile=0x3e4) returned 0x1
[0134.058] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0134.058] GetFileType (hFile=0x3e4) returned 0x1
[0134.058] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0134.059] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.061] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.061] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.062] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.062] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.062] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.063] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.063] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.064] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.064] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.064] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.065] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.065] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.065] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.066] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.066] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.067] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.116] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.116] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.117] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.117] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.117] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.118] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.118] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.118] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.119] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.119] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.119] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.119] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.119] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.120] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.120] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.120] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.120] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c4a1a4*, nNumberOfBytesToWrite=0x17d, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2c4a1a4*, lpNumberOfBytesWritten=0xd7e700*=0x17d, lpOverlapped=0x0) returned 1
[0134.120] CloseHandle (hObject=0x3e4) returned 1
[0134.124] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0134.124] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFilePart=0x0) returned 0x31
[0134.124] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0134.125] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png" (normalized: "c:\\users\\fd1hvy\\pictures\\vjeaj00hwfv8ke_n_svq.png"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0134.125] GetFileType (hFile=0x3e4) returned 0x1
[0134.125] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0134.125] GetFileType (hFile=0x3e4) returned 0x1
[0134.125] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.126] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.127] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.127] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.127] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.128] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.128] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.128] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.128] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.129] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.129] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.130] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.130] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.130] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.131] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.131] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.131] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0xab2, lpOverlapped=0x0) returned 1
[0134.132] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4b55e, nNumberOfBytesToRead=0x14e, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4b55e*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0134.132] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c4bf20, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c4bf20*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0134.132] CloseHandle (hObject=0x3e4) returned 1
[0134.149] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0134.149] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFilePart=0x0) returned 0x31
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFilePart=0x0) returned 0x31
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFilePart=0x0) returned 0x31
[0134.150] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.150] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png" (normalized: "c:\\users\\fd1hvy\\pictures\\vjeaj00hwfv8ke_n_svq.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x6fb066e0, ftCreationTime.dwHighDateTime=0x1d5eb8f, ftLastAccessTime.dwLowDateTime=0x1db404b0, ftLastAccessTime.dwHighDateTime=0x1d5ec0b, ftLastWriteTime.dwLowDateTime=0x1db404b0, ftLastWriteTime.dwHighDateTime=0x1d5ec0b, nFileSizeHigh=0x0, nFileSizeLow=0x10ab2)) returned 1
[0134.150] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.150] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.150] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.151] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x6fb066e0, ftCreationTime.dwHighDateTime=0x1d5eb8f, ftLastAccessTime.dwLowDateTime=0x1db404b0, ftLastAccessTime.dwHighDateTime=0x1d5ec0b, ftLastWriteTime.dwLowDateTime=0x1db404b0, ftLastWriteTime.dwHighDateTime=0x1d5ec0b, nFileSizeHigh=0x0, nFileSizeLow=0x10ab2, dwReserved0=0x0, dwReserved1=0x0, cFileName="vjEaj00hwfV8Ke_N_Svq.png", cAlternateFileName="VJEAJ0~1.PNG")) returned 0x11e0700
[0134.151] FindNextFileW (in: hFindFile=0x11e0700, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0134.152] FindClose (in: hFindFile=0x11e0700 | out: hFindFile=0x11e0700) returned 1
[0134.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0134.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0134.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0134.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFilePart=0x0) returned 0x31
[0134.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0134.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFilePart=0x0) returned 0x31
[0134.153] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0134.153] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png" (normalized: "c:\\users\\fd1hvy\\pictures\\vjeaj00hwfv8ke_n_svq.png"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x6fb066e0, ftCreationTime.dwHighDateTime=0x1d5eb8f, ftLastAccessTime.dwLowDateTime=0x1db404b0, ftLastAccessTime.dwHighDateTime=0x1d5ec0b, ftLastWriteTime.dwLowDateTime=0x1db404b0, ftLastWriteTime.dwHighDateTime=0x1d5ec0b, nFileSizeHigh=0x0, nFileSizeLow=0x10ab2)) returned 1
[0134.153] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0134.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x32
[0134.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", nBufferLength=0x32, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png", lpFilePart=0x0) returned 0x31
[0134.153] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png" (normalized: "c:\\users\\fd1hvy\\pictures\\vjeaj00hwfv8ke_n_svq.png")) returned 1
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0134.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0134.213] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0134.213] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\vjeaj00hwfv8ke_n_svq.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.214] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0134.214] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0134.214] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0134.214] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.214] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\vjeaj00hwfv8ke_n_svq.png.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.214] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.214] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x40
[0134.214] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", nBufferLength=0x40, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB", lpFilePart=0x0) returned 0x3f
[0134.214] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0134.214] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\vjEaj00hwfV8Ke_N_Svq.png.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\vjeaj00hwfv8ke_n_svq.png.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0134.215] GetFileType (hFile=0x3e4) returned 0x1
[0134.215] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0134.215] GetFileType (hFile=0x3e4) returned 0x1
[0134.215] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0134.216] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.218] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.218] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.219] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.219] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.220] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.220] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.220] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.221] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.221] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.222] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.222] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.223] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.223] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.223] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.224] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.224] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.224] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.225] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.225] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.226] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.226] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.226] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.227] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.227] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.228] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.228] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.228] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.229] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.229] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.229] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.229] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.229] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.230] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.230] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.230] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.230] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.230] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.231] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.231] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.231] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.231] WriteFile (in: hFile=0x3e4, lpBuffer=0x2ce0454*, nNumberOfBytesToWrite=0xff1, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2ce0454*, lpNumberOfBytesWritten=0xd7e700*=0xff1, lpOverlapped=0x0) returned 1
[0134.231] CloseHandle (hObject=0x3e4) returned 1
[0134.236] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x27
[0134.236] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x27, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFilePart=0x0) returned 0x26
[0134.236] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0134.236] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\wufaijkfd.jpg"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0134.236] GetFileType (hFile=0x3e4) returned 0x1
[0134.236] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0134.236] GetFileType (hFile=0x3e4) returned 0x1
[0134.236] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.237] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.238] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.238] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.238] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.239] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.239] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.239] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.239] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.240] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.240] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.240] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.240] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.240] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.241] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.241] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.241] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.241] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.242] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.242] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.242] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x257, lpOverlapped=0x0) returned 1
[0134.242] ReadFile (in: hFile=0x3e4, lpBuffer=0x2ce21b8, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2ce21b8*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0134.242] CloseHandle (hObject=0x3e4) returned 1
[0134.298] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x27
[0134.298] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x27, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFilePart=0x0) returned 0x26
[0134.298] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x27
[0134.298] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x27, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFilePart=0x0) returned 0x26
[0134.298] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.298] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.299] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x27
[0134.299] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x27, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFilePart=0x0) returned 0x26
[0134.299] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.299] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\wufaijkfd.jpg"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x46337150, ftCreationTime.dwHighDateTime=0x1d5e5b7, ftLastAccessTime.dwLowDateTime=0x41593130, ftLastAccessTime.dwHighDateTime=0x1d5e501, ftLastWriteTime.dwLowDateTime=0x41593130, ftLastWriteTime.dwHighDateTime=0x1d5e501, nFileSizeHigh=0x0, nFileSizeLow=0x14257)) returned 1
[0134.299] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.299] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0134.299] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.299] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.299] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x46337150, ftCreationTime.dwHighDateTime=0x1d5e5b7, ftLastAccessTime.dwLowDateTime=0x41593130, ftLastAccessTime.dwHighDateTime=0x1d5e501, ftLastWriteTime.dwLowDateTime=0x41593130, ftLastWriteTime.dwHighDateTime=0x1d5e501, nFileSizeHigh=0x0, nFileSizeLow=0x14257, dwReserved0=0x0, dwReserved1=0x0, cFileName="WUFAiJkFD.jpg", cAlternateFileName="WUFAIJ~1.JPG")) returned 0x11e0980
[0134.300] FindNextFileW (in: hFindFile=0x11e0980, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0134.301] FindClose (in: hFindFile=0x11e0980 | out: hFindFile=0x11e0980) returned 1
[0134.301] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0134.301] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0134.301] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x27
[0134.301] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x27, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFilePart=0x0) returned 0x26
[0134.397] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x27
[0134.398] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x27, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFilePart=0x0) returned 0x26
[0134.398] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0134.398] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\wufaijkfd.jpg"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x46337150, ftCreationTime.dwHighDateTime=0x1d5e5b7, ftLastAccessTime.dwLowDateTime=0x41593130, ftLastAccessTime.dwHighDateTime=0x1d5e501, ftLastWriteTime.dwLowDateTime=0x41593130, ftLastWriteTime.dwHighDateTime=0x1d5e501, nFileSizeHigh=0x0, nFileSizeLow=0x14257)) returned 1
[0134.398] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0134.398] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x27
[0134.398] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", nBufferLength=0x27, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg", lpFilePart=0x0) returned 0x26
[0134.398] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg" (normalized: "c:\\users\\fd1hvy\\pictures\\wufaijkfd.jpg")) returned 1
[0134.444] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x35
[0134.444] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x35, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x34
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x35
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x35, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x34
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x35
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x35, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x34
[0134.445] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0134.445] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\wufaijkfd.jpg.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.445] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x35
[0134.445] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x35, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x34
[0134.445] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.445] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\wufaijkfd.jpg.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.446] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.446] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x35
[0134.446] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", nBufferLength=0x35, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB", lpFilePart=0x0) returned 0x34
[0134.446] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0134.446] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\WUFAiJkFD.jpg.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\wufaijkfd.jpg.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0134.446] GetFileType (hFile=0x3e4) returned 0x1
[0134.446] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0134.446] GetFileType (hFile=0x3e4) returned 0x1
[0134.446] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0134.448] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.449] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.450] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.450] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.450] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.451] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.451] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.452] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.452] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.452] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.453] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.454] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.454] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.454] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.455] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.455] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.456] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.456] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.457] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.457] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.458] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.458] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.458] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.459] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.506] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.506] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.507] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.507] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.507] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.507] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.508] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.508] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.508] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.508] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.509] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.509] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.509] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.509] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.509] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.510] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.510] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.510] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.510] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.511] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.511] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.511] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.511] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.512] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.512] WriteFile (in: hFile=0x3e4, lpBuffer=0x2c2cfbc*, nNumberOfBytesToWrite=0xbdd, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2c2cfbc*, lpNumberOfBytesWritten=0xd7e700*=0xbdd, lpOverlapped=0x0) returned 1
[0134.512] CloseHandle (hObject=0x3e4) returned 1
[0134.519] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0134.519] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFilePart=0x0) returned 0x2e
[0134.519] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e654) returned 1
[0134.519] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\ygo_eua0gp_fkyibj.bmp"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0134.519] GetFileType (hFile=0x3e4) returned 0x1
[0134.520] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e650) returned 1
[0134.520] GetFileType (hFile=0x3e4) returned 0x1
[0134.520] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.521] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.521] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.521] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.522] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.522] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.523] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.523] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.523] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.523] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.524] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.524] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.524] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.525] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.525] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x1000, lpOverlapped=0x0) returned 1
[0134.525] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x912, lpOverlapped=0x0) returned 1
[0134.525] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2e1ce, nNumberOfBytesToRead=0x2ee, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2e1ce*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0134.525] ReadFile (in: hFile=0x3e4, lpBuffer=0x2c2ed30, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e6fc, lpOverlapped=0x0 | out: lpBuffer=0x2c2ed30*, lpNumberOfBytesRead=0xd7e6fc*=0x0, lpOverlapped=0x0) returned 1
[0134.526] CloseHandle (hObject=0x3e4) returned 1
[0134.541] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0134.541] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFilePart=0x0) returned 0x2e
[0134.541] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0134.542] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFilePart=0x0) returned 0x2e
[0134.542] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.542] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.542] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0134.542] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFilePart=0x0) returned 0x2e
[0134.542] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.542] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\ygo_eua0gp_fkyibj.bmp"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x83995b90, ftCreationTime.dwHighDateTime=0x1d5ed50, ftLastAccessTime.dwLowDateTime=0xe09f8820, ftLastAccessTime.dwHighDateTime=0x1d5ed6c, ftLastWriteTime.dwLowDateTime=0xe09f8820, ftLastWriteTime.dwHighDateTime=0x1d5ed6c, nFileSizeHigh=0x0, nFileSizeLow=0xf912)) returned 1
[0134.542] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.542] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6f4) returned 1
[0134.542] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.542] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.542] FindFirstFileW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFindFileData=0xd7e41c | out: lpFindFileData=0xd7e41c*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x83995b90, ftCreationTime.dwHighDateTime=0x1d5ed50, ftLastAccessTime.dwLowDateTime=0xe09f8820, ftLastAccessTime.dwHighDateTime=0x1d5ed6c, ftLastWriteTime.dwLowDateTime=0xe09f8820, ftLastWriteTime.dwHighDateTime=0x1d5ed6c, nFileSizeHigh=0x0, nFileSizeLow=0xf912, dwReserved0=0x0, dwReserved1=0x0, cFileName="yGO_eUa0GP_FKyiBj.bmp", cAlternateFileName="YGO_EU~1.BMP")) returned 0x11e07c0
[0134.543] FindNextFileW (in: hFindFile=0x11e07c0, lpFindFileData=0xd7e428 | out: lpFindFileData=0xd7e428*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0, dwReserved0=0x0, dwReserved1=0x0, cFileName="", cAlternateFileName="")) returned 0
[0134.544] FindClose (in: hFindFile=0x11e07c0 | out: hFindFile=0x11e07c0) returned 1
[0134.544] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6b0) returned 1
[0134.544] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6bc) returned 1
[0134.544] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0134.544] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFilePart=0x0) returned 0x2e
[0134.544] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0134.544] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFilePart=0x0) returned 0x2e
[0134.544] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6d4) returned 1
[0134.545] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\ygo_eua0gp_fkyibj.bmp"), fInfoLevelId=0x0, lpFileInformation=0xd7e750 | out: lpFileInformation=0xd7e750*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x83995b90, ftCreationTime.dwHighDateTime=0x1d5ed50, ftLastAccessTime.dwLowDateTime=0xe09f8820, ftLastAccessTime.dwHighDateTime=0x1d5ed6c, ftLastWriteTime.dwLowDateTime=0xe09f8820, ftLastWriteTime.dwHighDateTime=0x1d5ed6c, nFileSizeHigh=0x0, nFileSizeLow=0xf912)) returned 1
[0134.545] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6d0) returned 1
[0134.545] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0134.545] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp", lpFilePart=0x0) returned 0x2e
[0134.545] DeleteFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp" (normalized: "c:\\users\\fd1hvy\\pictures\\ygo_eua0gp_fkyibj.bmp")) returned 1
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3d
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x3d, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3c
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3d
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x3d, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3c
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x19
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures", nBufferLength=0x19, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures", lpFilePart=0x0) returned 0x18
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3d
[0134.585] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x3d, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3c
[0134.586] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e6a4) returned 1
[0134.586] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ygo_eua0gp_fkyibj.bmp.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e720 | out: lpFileInformation=0xd7e720*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.586] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e6a0) returned 1
[0134.586] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3d
[0134.586] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x3d, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3c
[0134.586] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e698) returned 1
[0134.586] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ygo_eua0gp_fkyibj.bmp.encryptedbybb"), fInfoLevelId=0x0, lpFileInformation=0xd7e714 | out: lpFileInformation=0xd7e714*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0134.586] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e694) returned 1
[0134.586] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3d
[0134.586] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", nBufferLength=0x3d, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB", lpFilePart=0x0) returned 0x3c
[0134.586] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e648) returned 1
[0134.586] CreateFileW (lpFileName="C:\\Users\\FD1HVy\\Pictures\\yGO_eUa0GP_FKyiBj.bmp.encryptedbyBB" (normalized: "c:\\users\\fd1hvy\\pictures\\ygo_eua0gp_fkyibj.bmp.encryptedbybb"), dwDesiredAccess=0x40000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x4, dwFlagsAndAttributes=0x8100000, hTemplateFile=0x0) returned 0x3e4
[0134.587] GetFileType (hFile=0x3e4) returned 0x1
[0134.587] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e644) returned 1
[0134.587] GetFileType (hFile=0x3e4) returned 0x1
[0134.587] SetFilePointer (in: hFile=0x3e4, lDistanceToMove=0, lpDistanceToMoveHigh=0xd7e61c*=0, dwMoveMethod=0x2 | out: lpDistanceToMoveHigh=0xd7e61c*=0) returned 0x0
[0134.592] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.593] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.594] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.594] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.595] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.595] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.596] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.596] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.597] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.597] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.597] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.598] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.598] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.599] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.599] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.600] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.600] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.600] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.601] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.601] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.602] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.602] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.603] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.603] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.603] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.604] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.604] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.605] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.605] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.605] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.605] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.606] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.606] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.606] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.606] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.606] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.607] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.607] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.607] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x1000, lpNumberOfBytesWritten=0xd7e718, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e718*=0x1000, lpOverlapped=0x0) returned 1
[0134.607] WriteFile (in: hFile=0x3e4, lpBuffer=0x2cb7570*, nNumberOfBytesToWrite=0x411, lpNumberOfBytesWritten=0xd7e700, lpOverlapped=0x0 | out: lpBuffer=0x2cb7570*, lpNumberOfBytesWritten=0xd7e700*=0x411, lpOverlapped=0x0) returned 1
[0134.608] CloseHandle (hObject=0x3e4) returned 1
[0134.720] SetForegroundWindow (hWnd=0x7005c) returned 0
[0134.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e794) returned 0x0
[0134.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1c, wParam=0x1, lParam=0x0) returned 0x0
[0134.722] NtdllDefWindowProc_W (hWnd=0x300ec, Msg=0x1c, wParam=0x1, lParam=0x0) returned 0x0
[0134.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x0) returned 0x1
[0134.725] OleInitialize (pvReserved=0x0) returned 0x0
[0134.726] CoRegisterMessageFilter (in: lpMessageFilter=0x0, lplpMessageFilter=0xd7e4d4 | out: lplpMessageFilter=0xd7e4d4*=0x0) returned 0x0
[0134.727] GetFocus () returned 0x0
[0134.727] SetFocus (hWnd=0x6002e) returned 0x0
[0134.759] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0134.767] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0134.768] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0134.768] GetParent (hWnd=0x7005c) returned 0x0
[0134.768] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x7, wParam=0x0, lParam=0x0) returned 0x1
[0134.770] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0134.771] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x282, wParam=0xa, lParam=0x0) returned 0x0
[0134.771] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0134.771] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x282, wParam=0xf, lParam=0x502bf) returned 0x0
[0134.773] SetTextColor (hdc=0xf0105ee, color=0x0) returned 0x0
[0134.773] SetBkColor (hdc=0xf0105ee, color=0xffffff) returned 0xffffff
[0134.787] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0134.788] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x282, wParam=0xb, lParam=0x0) returned 0x0
[0134.789] SendMessageW (hWnd=0x6002e, Msg=0x2111, wParam=0x100002e, lParam=0x6002e) returned 0x0
[0135.120] SendMessageW (hWnd=0x6002e, Msg=0xb0, wParam=0xd7e12c, lParam=0xd7e110) returned 0x0
[0135.120] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xb0, wParam=0xd7e12c, lParam=0xd7e110) returned 0x0
[0135.120] GetKeyState (nVirtKey=2) returned 0
[0135.120] GetKeyState (nVirtKey=4) returned 0
[0135.120] GetKeyState (nVirtKey=5) returned 0
[0135.120] GetKeyState (nVirtKey=6) returned 0
[0135.120] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0135.120] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0135.120] SendMessageW (hWnd=0x6002e, Msg=0xb1, wParam=0x0, lParam=0x0) returned 0x1
[0135.120] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xb1, wParam=0x0, lParam=0x0) returned 0x1
[0135.121] InvalidateRect (hWnd=0x70036, lpRect=0x0, bErase=0) returned 1
[0135.121] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0135.122] InvalidateRect (hWnd=0x901f8, lpRect=0x0, bErase=1) returned 1
[0135.122] InvalidateRect (hWnd=0x70030, lpRect=0x0, bErase=1) returned 1
[0135.122] InvalidateRect (hWnd=0x6002e, lpRect=0x0, bErase=1) returned 1
[0135.122] InvalidateRect (hWnd=0x202d4, lpRect=0x0, bErase=1) returned 1
[0135.122] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e838 | out: lpdwProcessId=0xd7e838) returned 0xf50
[0135.122] GetCurrentThreadId () returned 0xf50
[0135.123] RegisterClipboardFormatW (lpszFormat="WindowsForms12_ThreadCallbackMessage") returned 0xc1a6
[0135.124] PostMessageW (hWnd=0x7005c, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0135.124] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0135.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0135.124] GetSystemMetrics (nIndex=42) returned 0
[0135.124] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e7a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0135.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e7a8) returned 0xd
[0135.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7ec4c) returned 0x0
[0135.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0135.268] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e994 | out: lpwndpl=0xd7e994) returned 1
[0135.268] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e940 | out: lpRect=0xd7e940) returned 1
[0135.268] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0135.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0135.268] GetSystemMetrics (nIndex=42) returned 0
[0135.268] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e7fc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0135.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e7fc) returned 0xd
[0135.268] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e848 | out: lpRect=0xd7e848) returned 1
[0135.272] SystemParametersInfoW (in: uiAction=0x42, uiParam=0xc, pvParam=0xd7e76c, fWinIni=0x0 | out: pvParam=0xd7e76c) returned 1
[0135.290] GdipGetImageFlags (image=0x65ff260, flags=0xd7e780) returned 0x0
[0135.291] GdipGetImageFlags (image=0x65ff260, flags=0xd7e780) returned 0x0
[0135.292] GdipCreateHalftonePalette () returned 0x2e0801a9
[0135.292] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0135.292] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e778) returned 0x0
[0135.293] GdipSetPageUnit (graphics=0x65ffb70, unit=0x2) returned 0x0
[0135.294] GdipCreateMatrix (matrix=0xd7e738) returned 0x0
[0135.294] GdipGetWorldTransform (graphics=0x65ffb70, matrix=0x65ffe50) returned 0x0
[0135.294] GdipIsMatrixIdentity (matrix=0x65ffe50, result=0xd7e750) returned 0x0
[0135.295] GdipDeleteMatrix (matrix=0x65ffe50) returned 0x0
[0135.295] GdipCreateRegion (region=0xd7e738) returned 0x0
[0135.295] GdipGetClip (graphics=0x65ffb70, region=0x65ffe80) returned 0x0
[0135.296] GdipIsInfiniteRegion (region=0x65ffe80, graphics=0x65ffb70, result=0xd7e744) returned 0x0
[0135.296] GdipDeleteRegion (region=0x65ffe80) returned 0x0
[0135.296] GdipSaveGraphics (graphics=0x65ffb70, state=0xd7e770) returned 0x0
[0135.569] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7e60c) returned 0x0
[0135.622] GdipFillRectangleI (graphics=0x65ffb70, brush=0x66000e0, x=0, y=0, width=801, height=453) returned 0x0
[0135.868] GdipDeleteBrush (brush=0x66000e0) returned 0x0
[0135.871] GdipDeleteGraphics (graphics=0x65ffb70) returned 0x0
[0135.871] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0135.872] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0135.872] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0135.872] GetStockObject (i=5) returned 0x900015
[0135.872] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0135.872] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0135.872] GetStockObject (i=5) returned 0x900015
[0135.872] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0135.873] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0135.873] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x1
[0135.873] SetTextColor (hdc=0x10105d6, color=0x0) returned 0x0
[0135.873] SetBkColor (hdc=0x10105d6, color=0xffffff) returned 0xffffff
[0136.067] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e35c | out: lpwndpl=0xd7e35c) returned 1
[0136.067] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e308 | out: lpRect=0xd7e308) returned 1
[0136.067] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.068] GetSystemMetrics (nIndex=42) returned 0
[0136.068] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e1c4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e1c4) returned 0xd
[0136.068] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e210 | out: lpRect=0xd7e210) returned 1
[0136.068] GdipGetImageFlags (image=0x65ff260, flags=0xd7e148) returned 0x0
[0136.068] GdipGetImageFlags (image=0x65ff260, flags=0xd7e148) returned 0x0
[0136.068] SelectPalette (hdc=0x1a0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.068] GdipCreateFromHDC (hdc=0x1a0107d0, graphics=0xd7e140) returned 0x0
[0136.068] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0136.068] GdipCreateMatrix (matrix=0xd7e100) returned 0x0
[0136.068] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x65ffdc0) returned 0x0
[0136.069] GdipIsMatrixIdentity (matrix=0x65ffdc0, result=0xd7e118) returned 0x0
[0136.069] GdipDeleteMatrix (matrix=0x65ffdc0) returned 0x0
[0136.069] GdipCreateRegion (region=0xd7e100) returned 0x0
[0136.069] GdipGetClip (graphics=0x65ffae0, region=0x6604690) returned 0x0
[0136.069] GdipIsInfiniteRegion (region=0x6604690, graphics=0x65ffae0, result=0xd7e10c) returned 0x0
[0136.069] GdipDeleteRegion (region=0x6604690) returned 0x0
[0136.069] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e138) returned 0x0
[0136.069] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dfd4) returned 0x0
[0136.079] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600050, x=0, y=0, width=801, height=453) returned 0x0
[0136.080] GdipDeleteBrush (brush=0x6600050) returned 0x0
[0136.082] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0136.082] SelectPalette (hdc=0x1a0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.082] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.082] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.082] GetSystemMetrics (nIndex=42) returned 0
[0136.082] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e164, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.082] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e164) returned 0xd
[0136.082] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b0 | out: lpRect=0xd7e1b0) returned 1
[0136.082] GdipGetImageFlags (image=0x65ff260, flags=0xd7e0e8) returned 0x0
[0136.082] GdipGetImageFlags (image=0x65ff260, flags=0xd7e0e8) returned 0x0
[0136.083] SelectPalette (hdc=0x1a0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.083] GdipCreateFromHDC (hdc=0x1a0107d0, graphics=0xd7e0e0) returned 0x0
[0136.083] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0136.084] GdipCreateMatrix (matrix=0xd7e0a0) returned 0x0
[0136.084] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x6604620) returned 0x0
[0136.084] GdipIsMatrixIdentity (matrix=0x6604620, result=0xd7e0b8) returned 0x0
[0136.084] GdipDeleteMatrix (matrix=0x6604620) returned 0x0
[0136.084] GdipCreateRegion (region=0xd7e0a0) returned 0x0
[0136.084] GdipGetClip (graphics=0x65ffae0, region=0x6604650) returned 0x0
[0136.084] GdipIsInfiniteRegion (region=0x6604650, graphics=0x65ffae0, result=0xd7e0ac) returned 0x0
[0136.084] GdipDeleteRegion (region=0x6604650) returned 0x0
[0136.084] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e0d8) returned 0x0
[0136.084] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7df74) returned 0x0
[0136.096] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600020, x=0, y=0, width=801, height=453) returned 0x0
[0136.097] GdipDeleteBrush (brush=0x6600020) returned 0x0
[0136.360] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfdae0dbd) returned 0x0
[0136.360] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.360] GetSystemMetrics (nIndex=42) returned 0
[0136.360] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e164, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e164) returned 0xd
[0136.360] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0136.360] SelectPalette (hdc=0x1a0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.362] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0136.362] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.362] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e978 | out: lpwndpl=0xd7e978) returned 1
[0136.363] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x47, wParam=0x0, lParam=0xd7ec4c) returned 0x0
[0136.363] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e928 | out: lpRect=0xd7e928) returned 1
[0136.363] GetWindowRect (in: hWnd=0x7005c, lpRect=0xd7e928 | out: lpRect=0xd7e928) returned 1
[0136.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x5, wParam=0x0, lParam=0x1c50321) returned 0x0
[0136.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x3, wParam=0x0, lParam=0xd500be) returned 0x0
[0136.365] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e958 | out: lpRect=0xd7e958) returned 1
[0136.365] GetWindowRect (in: hWnd=0x7005c, lpRect=0xd7e958 | out: lpRect=0xd7e958) returned 1
[0136.366] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7ec0c) returned 0x0
[0136.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x83, wParam=0x1, lParam=0xd7ebe4) returned 0x0
[0136.373] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.375] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e954 | out: lpwndpl=0xd7e954) returned 1
[0136.375] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e900 | out: lpRect=0xd7e900) returned 1
[0136.375] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.375] GetSystemMetrics (nIndex=42) returned 0
[0136.375] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e7bc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e7bc) returned 0xd
[0136.375] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e808 | out: lpRect=0xd7e808) returned 1
[0136.375] GdipGetImageFlags (image=0x65ff260, flags=0xd7e740) returned 0x0
[0136.375] GdipGetImageFlags (image=0x65ff260, flags=0xd7e740) returned 0x0
[0136.375] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.375] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e738) returned 0x0
[0136.376] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0136.376] GdipCreateMatrix (matrix=0xd7e6f8) returned 0x0
[0136.376] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c480) returned 0x0
[0136.376] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e710) returned 0x0
[0136.376] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0136.376] GdipCreateRegion (region=0xd7e6f8) returned 0x0
[0136.376] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0136.376] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e704) returned 0x0
[0136.376] GdipDeleteRegion (region=0x6604620) returned 0x0
[0136.376] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e730) returned 0x0
[0136.376] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7e5cc) returned 0x0
[0136.398] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600020, x=0, y=0, width=801, height=453) returned 0x0
[0136.515] GdipDeleteBrush (brush=0x6600020) returned 0x0
[0136.517] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0136.517] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.518] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.518] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0136.518] GetStockObject (i=5) returned 0x900015
[0136.518] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.519] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0136.519] GetStockObject (i=5) returned 0x900015
[0136.519] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.519] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.520] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x1
[0136.520] SetTextColor (hdc=0xc0107c5, color=0x0) returned 0x0
[0136.570] SetBkColor (hdc=0xc0107c5, color=0xffffff) returned 0xffffff
[0136.571] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e31c | out: lpwndpl=0xd7e31c) returned 1
[0136.571] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e2c8 | out: lpRect=0xd7e2c8) returned 1
[0136.571] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.571] GetSystemMetrics (nIndex=42) returned 0
[0136.571] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e184, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e184) returned 0xd
[0136.571] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1d0 | out: lpRect=0xd7e1d0) returned 1
[0136.571] GdipGetImageFlags (image=0x65ff260, flags=0xd7e108) returned 0x0
[0136.571] GdipGetImageFlags (image=0x65ff260, flags=0xd7e108) returned 0x0
[0136.571] SelectPalette (hdc=0x1b0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.571] GdipCreateFromHDC (hdc=0x1b0107d0, graphics=0xd7e100) returned 0x0
[0136.572] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0136.572] GdipCreateMatrix (matrix=0xd7e0c0) returned 0x0
[0136.572] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c4b0) returned 0x0
[0136.572] GdipIsMatrixIdentity (matrix=0x661c4b0, result=0xd7e0d8) returned 0x0
[0136.572] GdipDeleteMatrix (matrix=0x661c4b0) returned 0x0
[0136.572] GdipCreateRegion (region=0xd7e0c0) returned 0x0
[0136.572] GdipGetClip (graphics=0x65ffae0, region=0x6604690) returned 0x0
[0136.572] GdipIsInfiniteRegion (region=0x6604690, graphics=0x65ffae0, result=0xd7e0cc) returned 0x0
[0136.572] GdipDeleteRegion (region=0x6604690) returned 0x0
[0136.572] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e0f8) returned 0x0
[0136.572] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7df94) returned 0x0
[0136.586] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600020, x=0, y=0, width=801, height=453) returned 0x0
[0136.586] GdipDeleteBrush (brush=0x6600020) returned 0x0
[0136.588] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0136.588] SelectPalette (hdc=0x1b0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.588] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.588] GetSystemMetrics (nIndex=42) returned 0
[0136.588] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e124, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e124) returned 0xd
[0136.588] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e170 | out: lpRect=0xd7e170) returned 1
[0136.588] GdipGetImageFlags (image=0x65ff260, flags=0xd7e0a8) returned 0x0
[0136.589] GdipGetImageFlags (image=0x65ff260, flags=0xd7e0a8) returned 0x0
[0136.589] SelectPalette (hdc=0x1b0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.589] GdipCreateFromHDC (hdc=0x1b0107d0, graphics=0xd7e0a0) returned 0x0
[0136.589] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0136.589] GdipCreateMatrix (matrix=0xd7e060) returned 0x0
[0136.589] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c480) returned 0x0
[0136.589] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e078) returned 0x0
[0136.589] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0136.589] GdipCreateRegion (region=0xd7e060) returned 0x0
[0136.589] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0136.589] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e06c) returned 0x0
[0136.589] GdipDeleteRegion (region=0x6604620) returned 0x0
[0136.589] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e098) returned 0x0
[0136.590] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7df34) returned 0x0
[0136.704] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600020, x=0, y=0, width=801, height=453) returned 0x0
[0136.706] GdipDeleteBrush (brush=0x6600020) returned 0x0
[0136.708] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfda80dbd) returned 0x0
[0136.709] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.709] GetSystemMetrics (nIndex=42) returned 0
[0136.709] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e124, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e124) returned 0xd
[0136.709] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0136.709] SelectPalette (hdc=0x1b0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.712] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0136.712] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.713] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e938 | out: lpwndpl=0xd7e938) returned 1
[0136.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x47, wParam=0x0, lParam=0xd7ec0c) returned 0x0
[0136.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x5, wParam=0x0, lParam=0x1c50321) returned 0x0
[0136.713] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e8e8 | out: lpRect=0xd7e8e8) returned 1
[0136.713] GetWindowRect (in: hWnd=0x7005c, lpRect=0xd7e8e8 | out: lpRect=0xd7e8e8) returned 1
[0136.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0xa0091
[0136.731] IsWindowUnicode (hWnd=0x7005c) returned 1
[0136.731] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.732] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0136.733] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0136.733] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0136.733] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.733] IsWindowUnicode (hWnd=0x7005c) returned 1
[0136.733] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.733] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0136.733] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0136.734] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.734] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0136.734] IsWindowUnicode (hWnd=0x602c4) returned 1
[0136.734] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.734] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0136.735] LoadCursorW (hInstance=0x0, lpCursorName=0x7f00) returned 0x10003
[0136.736] SetCursor (hCursor=0x10003) returned 0x10007
[0136.736] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0136.736] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0136.747] _TrackMouseEvent (in: lpEventTrack=0x2ccbf0c | out: lpEventTrack=0x2ccbf0c) returned 1
[0136.747] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0136.747] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0136.750] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0136.750] GetKeyState (nVirtKey=1) returned 0
[0136.750] GetKeyState (nVirtKey=2) returned 0
[0136.750] GetKeyState (nVirtKey=4) returned 0
[0136.750] GetKeyState (nVirtKey=5) returned 0
[0136.750] GetKeyState (nVirtKey=6) returned 0
[0136.750] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.751] IsWindowUnicode (hWnd=0x7005c) returned 1
[0136.751] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.751] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0136.751] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0136.751] BeginPaint (in: hWnd=0x7005c, lpPaint=0xd7e7a8 | out: lpPaint=0xd7e7a8) returned 0xc0107c5
[0136.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.753] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e484 | out: lpwndpl=0xd7e484) returned 1
[0136.753] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e430 | out: lpRect=0xd7e430) returned 1
[0136.753] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.753] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.753] GetSystemMetrics (nIndex=42) returned 0
[0136.753] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e2ec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.753] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e2ec) returned 0xd
[0136.753] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e338 | out: lpRect=0xd7e338) returned 1
[0136.753] GdipGetImageFlags (image=0x65ff260, flags=0xd7e270) returned 0x0
[0136.753] GdipGetImageFlags (image=0x65ff260, flags=0xd7e270) returned 0x0
[0136.753] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.753] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e268) returned 0x0
[0136.754] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0136.754] GdipCreateMatrix (matrix=0xd7e228) returned 0x0
[0136.754] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c4b0) returned 0x0
[0136.754] GdipIsMatrixIdentity (matrix=0x661c4b0, result=0xd7e240) returned 0x0
[0136.754] GdipDeleteMatrix (matrix=0x661c4b0) returned 0x0
[0136.754] GdipCreateRegion (region=0xd7e228) returned 0x0
[0136.754] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0136.754] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e234) returned 0x0
[0136.754] GdipDeleteRegion (region=0x6604620) returned 0x0
[0136.754] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e260) returned 0x0
[0136.754] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7e0fc) returned 0x0
[0136.813] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600020, x=0, y=0, width=801, height=453) returned 0x0
[0136.909] GdipDeleteBrush (brush=0x6600020) returned 0x0
[0136.912] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0136.912] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.912] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.912] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.913] GetSystemMetrics (nIndex=42) returned 0
[0136.913] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e734, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e734) returned 0xd
[0136.913] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.913] EndPaint (hWnd=0x7005c, lpPaint=0xd7e7a4) returned 1
[0136.913] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.913] IsWindowUnicode (hWnd=0x70036) returned 1
[0136.913] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0136.913] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0136.913] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0136.914] BeginPaint (in: hWnd=0x70036, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0136.914] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0136.914] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x70036, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0136.914] GetStockObject (i=5) returned 0x900015
[0136.914] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.915] CreateCompatibleDC (hdc=0x60100ce) returned 0x210107f8
[0136.915] GetObjectType (h=0x60100ce) returned 0x3
[0136.915] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0xffffffff92050787
[0136.916] GetDIBits (in: hdc=0x60100ce, hbm=0x92050787, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7e270, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7e270) returned 1
[0136.916] GetDIBits (in: hdc=0x60100ce, hbm=0x92050787, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7e270, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7e270) returned 1
[0136.916] DeleteObject (ho=0x92050787) returned 1
[0136.916] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7e2c0, usage=0x0, ppvBits=0xd7e7b4, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e7b4) returned 0x480507fe
[0136.916] SelectObject (hdc=0x210107f8, h=0x480507fe) returned 0x85000f
[0136.916] GdipCreateFromHDC (hdc=0x210107f8, graphics=0xd7e798) returned 0x0
[0136.917] GdipTranslateWorldTransform (graphics=0x65ffae0, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0136.917] GdipSetClipRectI (graphics=0x65ffae0, x=0, y=0, width=222, height=42, combineMode=0x0) returned 0x0
[0136.917] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0136.917] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c480) returned 0x0
[0136.917] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e7f8) returned 0x0
[0136.917] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8258
[0136.918] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11e8258) returned 0x0
[0136.918] LocalFree (hMem=0x11e8258) returned 0x0
[0136.918] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0136.918] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0136.918] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0136.918] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e7ec) returned 0x0
[0136.919] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e818) returned 0x0
[0136.919] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfda40dbd) returned 0x0
[0136.919] GdipDeleteRegion (region=0x6604620) returned 0x0
[0136.921] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e604) returned 0x0
[0136.921] GetCurrentObject (hdc=0x210107f8, type=0x1) returned 0xb00017
[0136.921] GetCurrentObject (hdc=0x210107f8, type=0x2) returned 0x900010
[0136.921] GetCurrentObject (hdc=0x210107f8, type=0x7) returned 0x480507fe
[0136.921] GetCurrentObject (hdc=0x210107f8, type=0x6) returned 0x8a01c2
[0136.921] SaveDC (hdc=0x210107f8) returned 1
[0136.922] GetNearestColor (hdc=0x210107f8, color=0xf0f0f0) returned 0xf0f0f0
[0136.922] GetNearestColor (hdc=0x210107f8, color=0xa0a0a0) returned 0xa0a0a0
[0136.922] GetNearestColor (hdc=0x210107f8, color=0x696969) returned 0x696969
[0136.922] GetNearestColor (hdc=0x210107f8, color=0xa0a0a0) returned 0xa0a0a0
[0136.922] GetNearestColor (hdc=0x210107f8, color=0x0) returned 0x0
[0136.922] GetNearestColor (hdc=0x210107f8, color=0xffffff) returned 0xffffff
[0136.922] GetNearestColor (hdc=0x210107f8, color=0xe5e5e5) returned 0xe5e5e5
[0136.922] GetNearestColor (hdc=0x210107f8, color=0xd7d7d7) returned 0xd7d7d7
[0136.922] GetNearestColor (hdc=0x210107f8, color=0x0) returned 0x0
[0136.922] RestoreDC (hdc=0x210107f8, nSavedDC=-1) returned 1
[0136.923] GdipReleaseDC (graphics=0x65ffae0, hdc=0x210107f8) returned 0x0
[0136.927] IsAppThemed () returned 0x1
[0136.927] GetThemeAppProperties () returned 0x3
[0136.928] OpenThemeData () returned 0x30002
[0136.928] IsAppThemed () returned 0x1
[0136.928] GetThemeAppProperties () returned 0x3
[0136.928] GetThemeAppProperties () returned 0x3
[0136.929] SelectObject (hdc=0x65010512, h=0x6d0a0520) returned 0x460a052c
[0136.929] DrawTextExW (in: hdc=0x65010512, lpchText="Get me a decrypt code (check payment)", cchText=37, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2cd0db4 | out: lpchText="Get me a decrypt code (check payment)", lprc=0xd7e4c0) returned 13
[0136.930] IsAppThemed () returned 0x1
[0136.930] GetThemeAppProperties () returned 0x3
[0136.930] GetThemeAppProperties () returned 0x3
[0136.930] IsAppThemed () returned 0x1
[0136.930] GetThemeAppProperties () returned 0x3
[0136.930] GetThemeAppProperties () returned 0x3
[0136.930] GetFocus () returned 0x6002e
[0136.932] IsAppThemed () returned 0x1
[0136.932] GetThemeAppProperties () returned 0x3
[0136.932] GetThemeAppProperties () returned 0x3
[0136.932] IsAppThemed () returned 0x1
[0136.932] GetThemeAppProperties () returned 0x3
[0136.932] GetThemeAppProperties () returned 0x3
[0136.932] IsThemePartDefined () returned 0x1
[0136.933] IsAppThemed () returned 0x1
[0136.933] GetThemeAppProperties () returned 0x3
[0136.933] GetThemeAppProperties () returned 0x3
[0136.933] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0136.933] IsAppThemed () returned 0x1
[0136.933] GetThemeAppProperties () returned 0x3
[0136.933] GetThemeAppProperties () returned 0x3
[0136.933] IsAppThemed () returned 0x1
[0136.933] GetThemeAppProperties () returned 0x3
[0136.933] GetThemeAppProperties () returned 0x3
[0136.933] IsThemePartDefined () returned 0x1
[0136.933] GdipCreateRegion (region=0xd7e508) returned 0x0
[0136.934] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0136.934] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0136.934] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c4b0) returned 0x0
[0136.934] GdipIsMatrixIdentity (matrix=0x661c4b0, result=0xd7e520) returned 0x0
[0136.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e82c8
[0136.934] GdipGetMatrixElements (matrix=0x661c4b0, matrixOut=0x11e82c8) returned 0x0
[0136.934] LocalFree (hMem=0x11e82c8) returned 0x0
[0136.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8648
[0136.934] GdipGetMatrixElements (matrix=0x661c4b0, matrixOut=0x11e8648) returned 0x0
[0136.934] LocalFree (hMem=0x11e8648) returned 0x0
[0136.935] GdipDeleteMatrix (matrix=0x661c4b0) returned 0x0
[0136.935] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e548) returned 0x0
[0136.935] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e538) returned 0x0
[0136.935] GdipGetRegionHRgn (region=0x6604620, graphics=0x65ffae0, hRgn=0xd7e538) returned 0x0
[0136.939] GdipDeleteRegion (region=0x6604620) returned 0x0
[0136.939] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e550) returned 0x0
[0136.939] GetCurrentObject (hdc=0x210107f8, type=0x1) returned 0xb00017
[0136.939] GetCurrentObject (hdc=0x210107f8, type=0x2) returned 0x900010
[0136.939] GetCurrentObject (hdc=0x210107f8, type=0x7) returned 0x480507fe
[0136.940] GetCurrentObject (hdc=0x210107f8, type=0x6) returned 0x8a01c2
[0136.940] SaveDC (hdc=0x210107f8) returned 1
[0136.940] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9204077c
[0136.940] GetClipRgn (hdc=0x210107f8, hrgn=0x9204077c) returned 0
[0136.940] SelectClipRgn (hdc=0x210107f8, hrgn=0x22040808) returned 2
[0136.940] DeleteObject (ho=0x9204077c) returned 1
[0136.941] DeleteObject (ho=0x22040808) returned 1
[0136.975] OffsetViewportOrgEx (in: hdc=0x210107f8, x=0, y=0, lppt=0x2cd14a0 | out: lppt=0x2cd14a0) returned 1
[0136.978] DrawThemeParentBackground () returned 0x0
[0136.978] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0136.978] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0136.978] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.978] GetSystemMetrics (nIndex=42) returned 0
[0136.978] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0136.978] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0136.978] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0136.978] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0136.978] SelectPalette (hdc=0x210107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.978] GdipCreateFromHDC (hdc=0x210107f8, graphics=0xd7dff8) returned 0x0
[0136.979] GdipSetPageUnit (graphics=0x65ffdc0, unit=0x2) returned 0x0
[0136.979] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0136.979] GdipGetWorldTransform (graphics=0x65ffdc0, matrix=0x661c480) returned 0x0
[0136.979] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7dfd0) returned 0x0
[0136.979] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0136.979] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0136.979] GdipGetClip (graphics=0x65ffdc0, region=0x6604690) returned 0x0
[0136.979] GdipIsInfiniteRegion (region=0x6604690, graphics=0x65ffdc0, result=0xd7dfc4) returned 0x0
[0136.979] GdipDeleteRegion (region=0x6604690) returned 0x0
[0136.979] GdipSaveGraphics (graphics=0x65ffdc0, state=0xd7dff0) returned 0x0
[0136.979] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0136.993] GdipFillRectangleI (graphics=0x65ffdc0, brush=0x6600300, x=0, y=0, width=801, height=453) returned 0x0
[0136.994] GdipDeleteBrush (brush=0x6600300) returned 0x0
[0136.996] GdipDeleteGraphics (graphics=0x65ffdc0) returned 0x0
[0136.996] SelectPalette (hdc=0x210107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0136.996] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0136.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0136.996] GetSystemMetrics (nIndex=42) returned 0
[0136.996] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0136.997] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0136.997] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0136.997] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0136.997] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0136.997] SelectPalette (hdc=0x210107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0136.998] GdipCreateFromHDC (hdc=0x210107f8, graphics=0xd7df98) returned 0x0
[0136.998] GdipSetPageUnit (graphics=0x662fb20, unit=0x2) returned 0x0
[0136.998] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0136.998] GdipGetWorldTransform (graphics=0x662fb20, matrix=0x661c4b0) returned 0x0
[0136.998] GdipIsMatrixIdentity (matrix=0x661c4b0, result=0xd7df70) returned 0x0
[0136.998] GdipDeleteMatrix (matrix=0x661c4b0) returned 0x0
[0136.998] GdipCreateRegion (region=0xd7df58) returned 0x0
[0136.998] GdipGetClip (graphics=0x662fb20, region=0x6604690) returned 0x0
[0136.999] GdipIsInfiniteRegion (region=0x6604690, graphics=0x662fb20, result=0xd7df64) returned 0x0
[0136.999] GdipDeleteRegion (region=0x6604690) returned 0x0
[0136.999] GdipSaveGraphics (graphics=0x662fb20, state=0xd7df90) returned 0x0
[0136.999] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0137.009] GdipFillRectangleI (graphics=0x662fb20, brush=0x662fe00, x=0, y=0, width=801, height=453) returned 0x0
[0137.009] GdipDeleteBrush (brush=0x662fe00) returned 0x0
[0137.010] GdipRestoreGraphics (graphics=0x662fb20, state=0xfda00dbd) returned 0x0
[0137.010] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0137.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0137.011] GetSystemMetrics (nIndex=42) returned 0
[0137.011] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0137.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0137.011] GdipDeleteGraphics (graphics=0x662fb20) returned 0x0
[0137.011] SelectPalette (hdc=0x210107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.011] RestoreDC (hdc=0x210107f8, nSavedDC=-1) returned 1
[0137.011] GdipReleaseDC (graphics=0x65ffae0, hdc=0x210107f8) returned 0x0
[0137.011] IsAppThemed () returned 0x1
[0137.011] GetThemeAppProperties () returned 0x3
[0137.011] GetThemeAppProperties () returned 0x3
[0137.011] IsAppThemed () returned 0x1
[0137.012] GetThemeAppProperties () returned 0x3
[0137.012] GetThemeAppProperties () returned 0x3
[0137.012] IsThemePartDefined () returned 0x1
[0137.012] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0137.012] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0137.012] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0137.012] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c480) returned 0x0
[0137.012] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e4a4) returned 0x0
[0137.012] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e7f80
[0137.013] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11e7f80) returned 0x0
[0137.013] LocalFree (hMem=0x11e7f80) returned 0x0
[0137.013] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8108
[0137.013] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11e8108) returned 0x0
[0137.013] LocalFree (hMem=0x11e8108) returned 0x0
[0137.013] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0137.013] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e4cc) returned 0x0
[0137.013] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e4bc) returned 0x0
[0137.013] GdipGetRegionHRgn (region=0x6604620, graphics=0x65ffae0, hRgn=0xd7e4bc) returned 0x0
[0137.013] GdipDeleteRegion (region=0x6604620) returned 0x0
[0137.013] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e4d4) returned 0x0
[0137.013] GetCurrentObject (hdc=0x210107f8, type=0x1) returned 0xb00017
[0137.013] GetCurrentObject (hdc=0x210107f8, type=0x2) returned 0x900010
[0137.013] GetCurrentObject (hdc=0x210107f8, type=0x7) returned 0x480507fe
[0137.013] GetCurrentObject (hdc=0x210107f8, type=0x6) returned 0x8a01c2
[0137.013] SaveDC (hdc=0x210107f8) returned 1
[0137.013] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x23040808
[0137.013] GetClipRgn (hdc=0x210107f8, hrgn=0x23040808) returned 0
[0137.013] SelectClipRgn (hdc=0x210107f8, hrgn=0x9404077c) returned 2
[0137.014] DeleteObject (ho=0x23040808) returned 1
[0137.014] DeleteObject (ho=0x9404077c) returned 1
[0137.014] OffsetViewportOrgEx (in: hdc=0x210107f8, x=0, y=0, lppt=0x2cd7cf0 | out: lppt=0x2cd7cf0) returned 1
[0137.014] IsAppThemed () returned 0x1
[0137.014] GetThemeAppProperties () returned 0x3
[0137.014] GetThemeAppProperties () returned 0x3
[0137.014] DrawThemeBackground () returned 0x0
[0137.014] RestoreDC (hdc=0x210107f8, nSavedDC=-1) returned 1
[0137.014] GdipReleaseDC (graphics=0x65ffae0, hdc=0x210107f8) returned 0x0
[0137.014] GdipCreateRegion (region=0xd7e490) returned 0x0
[0137.014] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0137.014] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0137.015] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c4b0) returned 0x0
[0137.015] GdipIsMatrixIdentity (matrix=0x661c4b0, result=0xd7e4a8) returned 0x0
[0137.015] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e81e8
[0137.015] GdipGetMatrixElements (matrix=0x661c4b0, matrixOut=0x11e81e8) returned 0x0
[0137.015] LocalFree (hMem=0x11e81e8) returned 0x0
[0137.015] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8258
[0137.015] GdipGetMatrixElements (matrix=0x661c4b0, matrixOut=0x11e8258) returned 0x0
[0137.015] LocalFree (hMem=0x11e8258) returned 0x0
[0137.015] GdipDeleteMatrix (matrix=0x661c4b0) returned 0x0
[0137.015] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e4d0) returned 0x0
[0137.015] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e4c0) returned 0x0
[0137.015] GdipGetRegionHRgn (region=0x6604620, graphics=0x65ffae0, hRgn=0xd7e4c0) returned 0x0
[0137.015] GdipDeleteRegion (region=0x6604620) returned 0x0
[0137.015] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e4d8) returned 0x0
[0137.015] GetCurrentObject (hdc=0x210107f8, type=0x1) returned 0xb00017
[0137.015] GetCurrentObject (hdc=0x210107f8, type=0x2) returned 0x900010
[0137.015] GetCurrentObject (hdc=0x210107f8, type=0x7) returned 0x480507fe
[0137.015] GetCurrentObject (hdc=0x210107f8, type=0x6) returned 0x8a01c2
[0137.015] SaveDC (hdc=0x210107f8) returned 1
[0137.015] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9504077c
[0137.015] GetClipRgn (hdc=0x210107f8, hrgn=0x9504077c) returned 0
[0137.016] SelectClipRgn (hdc=0x210107f8, hrgn=0x24040808) returned 2
[0137.016] DeleteObject (ho=0x9504077c) returned 1
[0137.016] DeleteObject (ho=0x24040808) returned 1
[0137.016] OffsetViewportOrgEx (in: hdc=0x210107f8, x=0, y=0, lppt=0x2cd7fc4 | out: lppt=0x2cd7fc4) returned 1
[0137.016] IsAppThemed () returned 0x1
[0137.016] GetThemeAppProperties () returned 0x3
[0137.016] GetThemeAppProperties () returned 0x3
[0137.016] GetThemeBackgroundContentRect () returned 0x0
[0137.016] RestoreDC (hdc=0x210107f8, nSavedDC=-1) returned 1
[0137.016] GdipReleaseDC (graphics=0x65ffae0, hdc=0x210107f8) returned 0x0
[0137.017] IsAppThemed () returned 0x1
[0137.017] GetThemeAppProperties () returned 0x3
[0137.017] GetThemeAppProperties () returned 0x3
[0137.017] GdipGetTextRenderingHint (graphics=0x65ffae0, mode=0xd7e60c) returned 0x0
[0137.017] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e5f8) returned 0x0
[0137.017] GetCurrentObject (hdc=0x210107f8, type=0x1) returned 0xb00017
[0137.017] GetCurrentObject (hdc=0x210107f8, type=0x2) returned 0x900010
[0137.017] GetCurrentObject (hdc=0x210107f8, type=0x7) returned 0x480507fe
[0137.018] GetCurrentObject (hdc=0x210107f8, type=0x6) returned 0x8a01c2
[0137.018] SaveDC (hdc=0x210107f8) returned 1
[0137.018] GetTextAlign (hdc=0x210107f8) returned 0x0
[0137.018] GetTextColor (hdc=0x210107f8) returned 0x0
[0137.018] GetCurrentObject (hdc=0x210107f8, type=0x6) returned 0x8a01c2
[0137.018] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0137.018] SelectObject (hdc=0x210107f8, h=0x6d0a0520) returned 0x8a01c2
[0137.019] GetBkMode (hdc=0x210107f8) returned 2
[0137.019] SetBkMode (hdc=0x210107f8, mode=1) returned 2
[0137.019] DrawTextExW (in: hdc=0x210107f8, lpchText="Get me a decrypt code (check payment)", cchText=37, lprc=0xd7e428, format=0x102415, lpdtp=0x2cd8364 | out: lpchText="Get me a decrypt code (check payment)", lprc=0xd7e428) returned 13
[0137.019] DrawTextExW (in: hdc=0x210107f8, lpchText="Get me a decrypt code (check payment)", cchText=37, lprc=0xd7e58c, format=0x102015, lpdtp=0x2cd8364 | out: lpchText="Get me a decrypt code (check payment)", lprc=0xd7e58c) returned 13
[0137.059] RestoreDC (hdc=0x210107f8, nSavedDC=-1) returned 1
[0137.060] GdipReleaseDC (graphics=0x65ffae0, hdc=0x210107f8) returned 0x0
[0137.060] GetFocus () returned 0x6002e
[0137.060] IsAppThemed () returned 0x1
[0137.060] GetThemeAppProperties () returned 0x3
[0137.060] GetThemeAppProperties () returned 0x3
[0137.060] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e7d8) returned 0x0
[0137.061] BitBlt (hdc=0x60100ce, x=0, y=0, cx=222, cy=42, hdcSrc=0x210107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0137.061] GdipReleaseDC (graphics=0x65ffae0, hdc=0x210107f8) returned 0x0
[0137.061] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.061] SelectObject (hdc=0x210107f8, h=0x85000f) returned 0x480507fe
[0137.062] DeleteDC (hdc=0x210107f8) returned 1
[0137.062] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0137.062] EndPaint (hWnd=0x70036, lpPaint=0xd7e77c) returned 1
[0137.062] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.062] IsWindowUnicode (hWnd=0x602c4) returned 1
[0137.062] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.062] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.062] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.063] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0137.063] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0137.063] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0137.063] GetStockObject (i=5) returned 0x900015
[0137.063] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.063] CreateCompatibleDC (hdc=0xc0107c5) returned 0x240107f8
[0137.063] SelectObject (hdc=0x240107f8, h=0x480507fe) returned 0x85000f
[0137.063] GdipCreateFromHDC (hdc=0x240107f8, graphics=0xd7e798) returned 0x0
[0137.064] GdipTranslateWorldTransform (graphics=0x65ffae0, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0137.064] GdipSetClipRectI (graphics=0x65ffae0, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0137.064] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0137.064] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c480) returned 0x0
[0137.064] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e7f8) returned 0x0
[0137.064] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e86b8
[0137.064] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11e86b8) returned 0x0
[0137.064] LocalFree (hMem=0x11e86b8) returned 0x0
[0137.064] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0137.064] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0137.064] GdipGetClip (graphics=0x65ffae0, region=0x6604690) returned 0x0
[0137.064] GdipIsInfiniteRegion (region=0x6604690, graphics=0x65ffae0, result=0xd7e7ec) returned 0x0
[0137.064] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e818) returned 0x0
[0137.064] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfd9e0dbd) returned 0x0
[0137.064] GdipDeleteRegion (region=0x6604690) returned 0x0
[0137.072] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e5f8) returned 0x0
[0137.072] GetCurrentObject (hdc=0x240107f8, type=0x1) returned 0xb00017
[0137.072] GetCurrentObject (hdc=0x240107f8, type=0x2) returned 0x900010
[0137.072] GetCurrentObject (hdc=0x240107f8, type=0x7) returned 0x480507fe
[0137.072] GetCurrentObject (hdc=0x240107f8, type=0x6) returned 0x8a01c2
[0137.073] SaveDC (hdc=0x240107f8) returned 1
[0137.073] GetNearestColor (hdc=0x240107f8, color=0xff) returned 0xff
[0137.073] GetNearestColor (hdc=0x240107f8, color=0x55) returned 0x55
[0137.073] GetNearestColor (hdc=0x240107f8, color=0x0) returned 0x0
[0137.073] GetNearestColor (hdc=0x240107f8, color=0x55) returned 0x55
[0137.073] GetNearestColor (hdc=0x240107f8, color=0x0) returned 0x0
[0137.073] GetNearestColor (hdc=0x240107f8, color=0x8080ff) returned 0x8080ff
[0137.073] GetNearestColor (hdc=0x240107f8, color=0x7373e5) returned 0x7373e5
[0137.073] GetNearestColor (hdc=0x240107f8, color=0xe5) returned 0xe5
[0137.073] GetNearestColor (hdc=0x240107f8, color=0x0) returned 0x0
[0137.073] RestoreDC (hdc=0x240107f8, nSavedDC=-1) returned 1
[0137.073] GdipReleaseDC (graphics=0x65ffae0, hdc=0x240107f8) returned 0x0
[0137.073] IsAppThemed () returned 0x1
[0137.073] GetThemeAppProperties () returned 0x3
[0137.073] GetThemeAppProperties () returned 0x3
[0137.074] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e664, fWinIni=0x0 | out: pvParam=0xd7e664) returned 1
[0137.074] SendMessageW (hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.074] IsAppThemed () returned 0x1
[0137.074] GetThemeAppProperties () returned 0x3
[0137.074] GetThemeAppProperties () returned 0x3
[0137.074] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2cd8b54 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0137.074] IsAppThemed () returned 0x1
[0137.074] GetThemeAppProperties () returned 0x3
[0137.074] GetThemeAppProperties () returned 0x3
[0137.074] IsAppThemed () returned 0x1
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] IsAppThemed () returned 0x1
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] IsAppThemed () returned 0x1
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] IsThemePartDefined () returned 0x1
[0137.075] IsAppThemed () returned 0x1
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0137.075] IsAppThemed () returned 0x1
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] IsAppThemed () returned 0x1
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] GetThemeAppProperties () returned 0x3
[0137.075] IsThemePartDefined () returned 0x1
[0137.075] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0137.075] GdipGetClip (graphics=0x65ffae0, region=0x6604690) returned 0x0
[0137.075] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0137.075] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x661c4b0) returned 0x0
[0137.075] GdipIsMatrixIdentity (matrix=0x661c4b0, result=0xd7e514) returned 0x0
[0137.076] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8140
[0137.076] GdipGetMatrixElements (matrix=0x661c4b0, matrixOut=0x11e8140) returned 0x0
[0137.076] LocalFree (hMem=0x11e8140) returned 0x0
[0137.076] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e86b8
[0137.076] GdipGetMatrixElements (matrix=0x661c4b0, matrixOut=0x11e86b8) returned 0x0
[0137.076] LocalFree (hMem=0x11e86b8) returned 0x0
[0137.076] GdipDeleteMatrix (matrix=0x661c4b0) returned 0x0
[0137.076] GdipIsInfiniteRegion (region=0x6604690, graphics=0x65ffae0, result=0xd7e53c) returned 0x0
[0137.076] GdipIsInfiniteRegion (region=0x6604690, graphics=0x65ffae0, result=0xd7e52c) returned 0x0
[0137.076] GdipGetRegionHRgn (region=0x6604690, graphics=0x65ffae0, hRgn=0xd7e52c) returned 0x0
[0137.076] GdipDeleteRegion (region=0x6604690) returned 0x0
[0137.076] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e544) returned 0x0
[0137.076] GetCurrentObject (hdc=0x240107f8, type=0x1) returned 0xb00017
[0137.076] GetCurrentObject (hdc=0x240107f8, type=0x2) returned 0x900010
[0137.076] GetCurrentObject (hdc=0x240107f8, type=0x7) returned 0x480507fe
[0137.076] GetCurrentObject (hdc=0x240107f8, type=0x6) returned 0x8a01c2
[0137.076] SaveDC (hdc=0x240107f8) returned 1
[0137.076] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x25040808
[0137.076] GetClipRgn (hdc=0x240107f8, hrgn=0x25040808) returned 0
[0137.076] SelectClipRgn (hdc=0x240107f8, hrgn=0x9904077c) returned 2
[0137.077] DeleteObject (ho=0x25040808) returned 1
[0137.077] DeleteObject (ho=0x9904077c) returned 1
[0137.077] OffsetViewportOrgEx (in: hdc=0x240107f8, x=0, y=0, lppt=0x2cd9204 | out: lppt=0x2cd9204) returned 1
[0137.077] DrawThemeParentBackground () returned 0x0
[0137.077] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0137.077] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0137.077] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0137.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0137.077] GetSystemMetrics (nIndex=42) returned 0
[0137.077] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0137.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0137.077] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0137.077] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0137.077] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0137.077] SelectPalette (hdc=0x240107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.077] GdipCreateFromHDC (hdc=0x240107f8, graphics=0xd7dff0) returned 0x0
[0137.078] GdipSetPageUnit (graphics=0x65ffdc0, unit=0x2) returned 0x0
[0137.078] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0137.078] GdipGetWorldTransform (graphics=0x65ffdc0, matrix=0x661c480) returned 0x0
[0137.078] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7dfc8) returned 0x0
[0137.078] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0137.078] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0137.078] GdipGetClip (graphics=0x65ffdc0, region=0x66000a0) returned 0x0
[0137.078] GdipIsInfiniteRegion (region=0x66000a0, graphics=0x65ffdc0, result=0xd7dfbc) returned 0x0
[0137.078] GdipDeleteRegion (region=0x66000a0) returned 0x0
[0137.078] GdipSaveGraphics (graphics=0x65ffdc0, state=0xd7dfe8) returned 0x0
[0137.078] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0137.088] GdipFillRectangleI (graphics=0x65ffdc0, brush=0x6600300, x=0, y=0, width=801, height=453) returned 0x0
[0137.088] GdipDeleteBrush (brush=0x6600300) returned 0x0
[0137.089] GdipDeleteGraphics (graphics=0x65ffdc0) returned 0x0
[0137.089] SelectPalette (hdc=0x240107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.089] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0137.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0137.089] GetSystemMetrics (nIndex=42) returned 0
[0137.089] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0137.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0137.090] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0137.090] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0137.090] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0137.090] SelectPalette (hdc=0x240107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.090] GdipCreateFromHDC (hdc=0x240107f8, graphics=0xd7df90) returned 0x0
[0137.090] GdipSetPageUnit (graphics=0x65ffdc0, unit=0x2) returned 0x0
[0137.090] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0137.090] GdipGetWorldTransform (graphics=0x65ffdc0, matrix=0x6604700) returned 0x0
[0137.090] GdipIsMatrixIdentity (matrix=0x6604700, result=0xd7df68) returned 0x0
[0137.090] GdipDeleteMatrix (matrix=0x6604700) returned 0x0
[0137.090] GdipCreateRegion (region=0xd7df50) returned 0x0
[0137.090] GdipGetClip (graphics=0x65ffdc0, region=0x661c480) returned 0x0
[0137.090] GdipIsInfiniteRegion (region=0x661c480, graphics=0x65ffdc0, result=0xd7df5c) returned 0x0
[0137.090] GdipDeleteRegion (region=0x661c480) returned 0x0
[0137.090] GdipSaveGraphics (graphics=0x65ffdc0, state=0xd7df88) returned 0x0
[0137.090] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0137.148] GdipFillRectangleI (graphics=0x65ffdc0, brush=0x6600300, x=0, y=0, width=801, height=453) returned 0x0
[0137.148] GdipDeleteBrush (brush=0x6600300) returned 0x0
[0137.149] GdipRestoreGraphics (graphics=0x65ffdc0, state=0xfd9a0dbd) returned 0x0
[0137.149] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0137.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0137.149] GetSystemMetrics (nIndex=42) returned 0
[0137.149] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0137.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0137.149] GdipDeleteGraphics (graphics=0x65ffdc0) returned 0x0
[0137.150] SelectPalette (hdc=0x240107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.150] RestoreDC (hdc=0x240107f8, nSavedDC=-1) returned 1
[0137.150] GdipReleaseDC (graphics=0x65ffae0, hdc=0x240107f8) returned 0x0
[0137.150] IsAppThemed () returned 0x1
[0137.152] GetThemeAppProperties () returned 0x3
[0137.152] GetThemeAppProperties () returned 0x3
[0137.152] IsAppThemed () returned 0x1
[0137.152] GetThemeAppProperties () returned 0x3
[0137.152] GetThemeAppProperties () returned 0x3
[0137.152] IsThemePartDefined () returned 0x1
[0137.152] GdipCreateRegion (region=0xd7e480) returned 0x0
[0137.152] GdipGetClip (graphics=0x65ffae0, region=0x661c480) returned 0x0
[0137.152] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0137.152] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x6604690) returned 0x0
[0137.152] GdipIsMatrixIdentity (matrix=0x6604690, result=0xd7e498) returned 0x0
[0137.152] GdipGetMatrixElements (matrix=0x6604690, matrixOut=0x11e8060) returned 0x0
[0137.152] LocalFree (hMem=0x11e8060) returned 0x0
[0137.152] GdipGetMatrixElements (matrix=0x6604690, matrixOut=0x11e8060) returned 0x0
[0137.152] LocalFree (hMem=0x11e8060) returned 0x0
[0137.152] GdipDeleteMatrix (matrix=0x6604690) returned 0x0
[0137.152] GdipIsInfiniteRegion (region=0x661c480, graphics=0x65ffae0, result=0xd7e4c0) returned 0x0
[0137.152] GdipIsInfiniteRegion (region=0x661c480, graphics=0x65ffae0, result=0xd7e4b0) returned 0x0
[0137.152] GdipGetRegionHRgn (region=0x661c480, graphics=0x65ffae0, hRgn=0xd7e4b0) returned 0x0
[0137.153] GdipDeleteRegion (region=0x661c480) returned 0x0
[0137.153] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e4c8) returned 0x0
[0137.153] GetCurrentObject (hdc=0x240107f8, type=0x1) returned 0xb00017
[0137.153] GetCurrentObject (hdc=0x240107f8, type=0x2) returned 0x900010
[0137.153] GetCurrentObject (hdc=0x240107f8, type=0x7) returned 0x480507fe
[0137.153] GetCurrentObject (hdc=0x240107f8, type=0x6) returned 0x8a01c2
[0137.153] SaveDC (hdc=0x240107f8) returned 1
[0137.153] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a04077c
[0137.153] GetClipRgn (hdc=0x240107f8, hrgn=0x9a04077c) returned 0
[0137.153] SelectClipRgn (hdc=0x240107f8, hrgn=0x27040808) returned 2
[0137.153] DeleteObject (ho=0x9a04077c) returned 1
[0137.153] DeleteObject (ho=0x27040808) returned 1
[0137.153] OffsetViewportOrgEx (in: hdc=0x240107f8, x=0, y=0, lppt=0x2cdfa54 | out: lppt=0x2cdfa54) returned 1
[0137.153] IsAppThemed () returned 0x1
[0137.153] GetThemeAppProperties () returned 0x3
[0137.153] GetThemeAppProperties () returned 0x3
[0137.153] DrawThemeBackground () returned 0x0
[0137.153] RestoreDC (hdc=0x240107f8, nSavedDC=-1) returned 1
[0137.154] GdipReleaseDC (graphics=0x65ffae0, hdc=0x240107f8) returned 0x0
[0137.154] GdipCreateRegion (region=0xd7e484) returned 0x0
[0137.154] GdipGetClip (graphics=0x65ffae0, region=0x661c480) returned 0x0
[0137.154] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0137.154] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046c0) returned 0x0
[0137.154] GdipIsMatrixIdentity (matrix=0x66046c0, result=0xd7e49c) returned 0x0
[0137.154] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8418
[0137.154] GdipGetMatrixElements (matrix=0x66046c0, matrixOut=0x11e8418) returned 0x0
[0137.154] LocalFree (hMem=0x11e8418) returned 0x0
[0137.154] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8140
[0137.154] GdipGetMatrixElements (matrix=0x66046c0, matrixOut=0x11e8140) returned 0x0
[0137.154] LocalFree (hMem=0x11e8140) returned 0x0
[0137.154] GdipDeleteMatrix (matrix=0x66046c0) returned 0x0
[0137.154] GdipIsInfiniteRegion (region=0x661c480, graphics=0x65ffae0, result=0xd7e4c4) returned 0x0
[0137.154] GdipIsInfiniteRegion (region=0x661c480, graphics=0x65ffae0, result=0xd7e4b4) returned 0x0
[0137.154] GdipGetRegionHRgn (region=0x661c480, graphics=0x65ffae0, hRgn=0xd7e4b4) returned 0x0
[0137.154] GdipDeleteRegion (region=0x661c480) returned 0x0
[0137.154] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e4cc) returned 0x0
[0137.154] GetCurrentObject (hdc=0x240107f8, type=0x1) returned 0xb00017
[0137.155] GetCurrentObject (hdc=0x240107f8, type=0x2) returned 0x900010
[0137.155] GetCurrentObject (hdc=0x240107f8, type=0x7) returned 0x480507fe
[0137.155] GetCurrentObject (hdc=0x240107f8, type=0x6) returned 0x8a01c2
[0137.155] SaveDC (hdc=0x240107f8) returned 1
[0137.156] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x28040808
[0137.156] GetClipRgn (hdc=0x240107f8, hrgn=0x28040808) returned 0
[0137.156] SelectClipRgn (hdc=0x240107f8, hrgn=0x9b04077c) returned 2
[0137.156] DeleteObject (ho=0x28040808) returned 1
[0137.156] DeleteObject (ho=0x9b04077c) returned 1
[0137.156] OffsetViewportOrgEx (in: hdc=0x240107f8, x=0, y=0, lppt=0x2cdfd28 | out: lppt=0x2cdfd28) returned 1
[0137.156] IsAppThemed () returned 0x1
[0137.156] GetThemeAppProperties () returned 0x3
[0137.156] GetThemeAppProperties () returned 0x3
[0137.156] GetThemeBackgroundContentRect () returned 0x0
[0137.156] RestoreDC (hdc=0x240107f8, nSavedDC=-1) returned 1
[0137.156] GdipReleaseDC (graphics=0x65ffae0, hdc=0x240107f8) returned 0x0
[0137.159] GdipGetNearestColor (graphics=0x65ffae0, argb=0xd7e5d8) returned 0x0
[0137.159] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0137.159] GdipFillRectangleI (graphics=0x65ffae0, brush=0x65ffdc0, x=4, y=4, width=67, height=15) returned 0x0
[0137.159] GdipDeleteBrush (brush=0x65ffdc0) returned 0x0
[0137.159] IsAppThemed () returned 0x1
[0137.159] GetThemeAppProperties () returned 0x3
[0137.159] GetThemeAppProperties () returned 0x3
[0137.159] GdipGetTextRenderingHint (graphics=0x65ffae0, mode=0xd7e600) returned 0x0
[0137.159] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e5ec) returned 0x0
[0137.160] GetCurrentObject (hdc=0x240107f8, type=0x1) returned 0xb00017
[0137.160] GetCurrentObject (hdc=0x240107f8, type=0x2) returned 0x900010
[0137.160] GetCurrentObject (hdc=0x240107f8, type=0x7) returned 0x480507fe
[0137.160] GetCurrentObject (hdc=0x240107f8, type=0x6) returned 0x8a01c2
[0137.160] SaveDC (hdc=0x240107f8) returned 1
[0137.160] GetTextAlign (hdc=0x240107f8) returned 0x0
[0137.160] GetTextColor (hdc=0x240107f8) returned 0x0
[0137.160] GetCurrentObject (hdc=0x240107f8, type=0x6) returned 0x8a01c2
[0137.160] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0137.160] SelectObject (hdc=0x240107f8, h=0x6d0a0520) returned 0x8a01c2
[0137.161] GetBkMode (hdc=0x240107f8) returned 2
[0137.161] SetBkMode (hdc=0x240107f8, mode=1) returned 2
[0137.161] DrawTextExW (in: hdc=0x240107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ce00ec | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0137.161] DrawTextExW (in: hdc=0x240107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ce00ec | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0137.162] RestoreDC (hdc=0x240107f8, nSavedDC=-1) returned 1
[0137.163] GdipReleaseDC (graphics=0x65ffae0, hdc=0x240107f8) returned 0x0
[0137.163] GetFocus () returned 0x6002e
[0137.163] IsAppThemed () returned 0x1
[0137.163] GetThemeAppProperties () returned 0x3
[0137.163] GetThemeAppProperties () returned 0x3
[0137.163] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e7d8) returned 0x0
[0137.163] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x240107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0137.163] GdipReleaseDC (graphics=0x65ffae0, hdc=0x240107f8) returned 0x0
[0137.163] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.164] SelectObject (hdc=0x240107f8, h=0x85000f) returned 0x480507fe
[0137.164] DeleteDC (hdc=0x240107f8) returned 1
[0137.164] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0137.164] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0137.164] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.164] IsWindowUnicode (hWnd=0x901f8) returned 1
[0137.164] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.164] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.164] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.164] BeginPaint (in: hWnd=0x901f8, lpPaint=0xd7e78c | out: lpPaint=0xd7e78c) returned 0x60100ce
[0137.164] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0137.165] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.165] CreateCompatibleDC (hdc=0x60100ce) returned 0x270107f8
[0137.165] SelectObject (hdc=0x270107f8, h=0x480507fe) returned 0x85000f
[0137.165] GdipCreateFromHDC (hdc=0x270107f8, graphics=0xd7e7a4) returned 0x0
[0137.165] GdipTranslateWorldTransform (graphics=0x65ffae0, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0137.165] GdipSetClipRectI (graphics=0x65ffae0, x=0, y=0, width=32, height=13, combineMode=0x0) returned 0x0
[0137.165] GdipCreateMatrix (matrix=0xd7e7ec) returned 0x0
[0137.165] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046f0) returned 0x0
[0137.166] GdipIsMatrixIdentity (matrix=0x66046f0, result=0xd7e804) returned 0x0
[0137.166] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8530
[0137.166] GdipGetMatrixElements (matrix=0x66046f0, matrixOut=0x11e8530) returned 0x0
[0137.166] LocalFree (hMem=0x11e8530) returned 0x0
[0137.166] GdipDeleteMatrix (matrix=0x66046f0) returned 0x0
[0137.166] GdipCreateRegion (region=0xd7e7ec) returned 0x0
[0137.166] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0137.166] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e7f8) returned 0x0
[0137.166] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e824) returned 0x0
[0137.166] GetWindowTextLengthW (hWnd=0x901f8) returned 5
[0137.166] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x5
[0137.166] GetSystemMetrics (nIndex=42) returned 0
[0137.166] GetWindowTextW (in: hWnd=0x901f8, lpString=0xd7e734, nMaxCount=6 | out: lpString="Path:") returned 5
[0137.166] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0xd, wParam=0x6, lParam=0xd7e734) returned 0x5
[0137.166] GetClientRect (in: hWnd=0x901f8, lpRect=0xd7e7ec | out: lpRect=0xd7e7ec) returned 1
[0137.167] GdipCreateRegion (region=0xd7e640) returned 0x0
[0137.167] GdipGetClip (graphics=0x65ffae0, region=0x6600020) returned 0x0
[0137.167] GdipCreateMatrix (matrix=0xd7e640) returned 0x0
[0137.167] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046b0) returned 0x0
[0137.167] GdipIsMatrixIdentity (matrix=0x66046b0, result=0xd7e658) returned 0x0
[0137.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8648
[0137.167] GdipGetMatrixElements (matrix=0x66046b0, matrixOut=0x11e8648) returned 0x0
[0137.167] LocalFree (hMem=0x11e8648) returned 0x0
[0137.169] GdipCombineRegionRegion (region=0x6600020, region2=0x6604620, combineMode=0x1) returned 0x0
[0137.169] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e84f8
[0137.169] GdipGetMatrixElements (matrix=0x66046b0, matrixOut=0x11e84f8) returned 0x0
[0137.169] LocalFree (hMem=0x11e84f8) returned 0x0
[0137.169] GdipDeleteMatrix (matrix=0x66046b0) returned 0x0
[0137.169] GdipIsInfiniteRegion (region=0x6600020, graphics=0x65ffae0, result=0xd7e680) returned 0x0
[0137.169] GdipIsInfiniteRegion (region=0x6600020, graphics=0x65ffae0, result=0xd7e670) returned 0x0
[0137.169] GdipGetRegionHRgn (region=0x6600020, graphics=0x65ffae0, hRgn=0xd7e670) returned 0x0
[0137.169] GdipDeleteRegion (region=0x6600020) returned 0x0
[0137.169] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e688) returned 0x0
[0137.169] GetCurrentObject (hdc=0x270107f8, type=0x1) returned 0xb00017
[0137.169] GetCurrentObject (hdc=0x270107f8, type=0x2) returned 0x900010
[0137.169] GetCurrentObject (hdc=0x270107f8, type=0x7) returned 0x480507fe
[0137.169] GetCurrentObject (hdc=0x270107f8, type=0x6) returned 0x8a01c2
[0137.169] SaveDC (hdc=0x270107f8) returned 1
[0137.170] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9c04077c
[0137.170] GetClipRgn (hdc=0x270107f8, hrgn=0x9c04077c) returned 0
[0137.170] SelectClipRgn (hdc=0x270107f8, hrgn=0x2b040808) returned 2
[0137.170] DeleteObject (ho=0x9c04077c) returned 1
[0137.170] DeleteObject (ho=0x2b040808) returned 1
[0137.170] OffsetViewportOrgEx (in: hdc=0x270107f8, x=0, y=0, lppt=0x2ce05bc | out: lppt=0x2ce05bc) returned 1
[0137.170] GetNearestColor (hdc=0x270107f8, color=0xff) returned 0xff
[0137.170] CreateSolidBrush (color=0xff) returned 0x231007e1
[0137.171] FillRect (hDC=0x270107f8, lprc=0xd7e68c, hbr=0x231007e1) returned 1
[0137.171] DeleteObject (ho=0x231007e1) returned 1
[0137.171] RestoreDC (hdc=0x270107f8, nSavedDC=-1) returned 1
[0137.171] GdipReleaseDC (graphics=0x65ffae0, hdc=0x270107f8) returned 0x0
[0137.171] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfd980dbd) returned 0x0
[0137.171] GdipDeleteRegion (region=0x6604620) returned 0x0
[0137.171] GetWindowTextLengthW (hWnd=0x901f8) returned 5
[0137.171] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x5
[0137.171] GetSystemMetrics (nIndex=42) returned 0
[0137.171] GetWindowTextW (in: hWnd=0x901f8, lpString=0xd7e734, nMaxCount=6 | out: lpString="Path:") returned 5
[0137.171] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x901f8, Msg=0xd, wParam=0x6, lParam=0xd7e734) returned 0x5
[0137.171] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e6a8) returned 0x0
[0137.171] GetCurrentObject (hdc=0x270107f8, type=0x1) returned 0xb00017
[0137.171] GetCurrentObject (hdc=0x270107f8, type=0x2) returned 0x900010
[0137.171] GetCurrentObject (hdc=0x270107f8, type=0x7) returned 0x480507fe
[0137.172] GetCurrentObject (hdc=0x270107f8, type=0x6) returned 0x8a01c2
[0137.172] SaveDC (hdc=0x270107f8) returned 1
[0137.172] GetNearestColor (hdc=0x270107f8, color=0x0) returned 0x0
[0137.172] RestoreDC (hdc=0x270107f8, nSavedDC=-1) returned 1
[0137.172] GdipReleaseDC (graphics=0x65ffae0, hdc=0x270107f8) returned 0x0
[0137.172] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0137.173] AdjustWindowRectEx (in: lpRect=0xd7e5c8, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e5c8) returned 1
[0137.173] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e64c, fWinIni=0x0 | out: pvParam=0xd7e64c) returned 1
[0137.173] SendMessageW (hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.173] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.173] GdipGetTextRenderingHint (graphics=0x65ffae0, mode=0xd7e648) returned 0x0
[0137.173] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e634) returned 0x0
[0137.173] GetCurrentObject (hdc=0x270107f8, type=0x1) returned 0xb00017
[0137.173] GetCurrentObject (hdc=0x270107f8, type=0x2) returned 0x900010
[0137.173] GetCurrentObject (hdc=0x270107f8, type=0x7) returned 0x480507fe
[0137.173] GetCurrentObject (hdc=0x270107f8, type=0x6) returned 0x8a01c2
[0137.173] SaveDC (hdc=0x270107f8) returned 1
[0137.173] GetTextAlign (hdc=0x270107f8) returned 0x0
[0137.173] GetTextColor (hdc=0x270107f8) returned 0x0
[0137.174] GetCurrentObject (hdc=0x270107f8, type=0x6) returned 0x8a01c2
[0137.174] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e37c | out: pv=0xd7e37c) returned 92
[0137.174] SelectObject (hdc=0x270107f8, h=0x6d0a0520) returned 0x8a01c2
[0137.174] GetBkMode (hdc=0x270107f8) returned 2
[0137.174] SetBkMode (hdc=0x270107f8, mode=1) returned 2
[0137.174] DrawTextExW (in: hdc=0x270107f8, lpchText="Path:", cchText=5, lprc=0xd7e5c8, format=0x100000, lpdtp=0x2ce0a44 | out: lpchText="Path:", lprc=0xd7e5c8) returned 13
[0137.175] RestoreDC (hdc=0x270107f8, nSavedDC=-1) returned 1
[0137.175] GdipReleaseDC (graphics=0x65ffae0, hdc=0x270107f8) returned 0x0
[0137.175] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e7e4) returned 0x0
[0137.175] BitBlt (hdc=0x60100ce, x=0, y=0, cx=32, cy=13, hdcSrc=0x270107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0137.175] GdipReleaseDC (graphics=0x65ffae0, hdc=0x270107f8) returned 0x0
[0137.175] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.175] SelectObject (hdc=0x270107f8, h=0x85000f) returned 0x480507fe
[0137.175] DeleteDC (hdc=0x270107f8) returned 1
[0137.175] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0137.176] EndPaint (hWnd=0x901f8, lpPaint=0xd7e788) returned 1
[0137.176] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.176] IsWindowUnicode (hWnd=0x70030) returned 1
[0137.176] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.176] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.176] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.177] BeginPaint (in: hWnd=0x70030, lpPaint=0xd7e78c | out: lpPaint=0xd7e78c) returned 0xc0107c5
[0137.177] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0137.177] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.177] CreateCompatibleDC (hdc=0xc0107c5) returned 0x2a0107f8
[0137.177] DeleteObject (ho=0x480507fe) returned 1
[0137.178] GetObjectType (h=0xc0107c5) returned 0x3
[0137.178] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0xffffffff94050787
[0137.178] GetDIBits (in: hdc=0xc0107c5, hbm=0x94050787, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7e27c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7e27c) returned 1
[0137.178] GetDIBits (in: hdc=0xc0107c5, hbm=0x94050787, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7e27c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7e27c) returned 1
[0137.178] DeleteObject (ho=0x94050787) returned 1
[0137.178] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7e2cc, usage=0x0, ppvBits=0xd7e7c0, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e7c0) returned 0x490507fe
[0137.178] SelectObject (hdc=0x2a0107f8, h=0x490507fe) returned 0x85000f
[0137.178] GdipCreateFromHDC (hdc=0x2a0107f8, graphics=0xd7e7a4) returned 0x0
[0137.179] GdipTranslateWorldTransform (graphics=0x65ffae0, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0137.179] GdipSetClipRectI (graphics=0x65ffae0, x=0, y=0, width=416, height=40, combineMode=0x0) returned 0x0
[0137.179] GdipCreateMatrix (matrix=0xd7e7ec) returned 0x0
[0137.179] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046e0) returned 0x0
[0137.179] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e804) returned 0x0
[0137.179] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8178
[0137.179] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11e8178) returned 0x0
[0137.179] LocalFree (hMem=0x11e8178) returned 0x0
[0137.179] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0137.179] GdipCreateRegion (region=0xd7e7ec) returned 0x0
[0137.179] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0137.179] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e7f8) returned 0x0
[0137.179] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e824) returned 0x0
[0137.179] GetWindowTextLengthW (hWnd=0x70030) returned 72
[0137.179] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x48
[0137.180] GetSystemMetrics (nIndex=42) returned 0
[0137.180] GetWindowTextW (in: hWnd=0x70030, lpString=0xd7e6ac, nMaxCount=73 | out: lpString="If you have a special decrypt code, please select Path and\r\ndecrypt file") returned 72
[0137.180] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0xd, wParam=0x49, lParam=0xd7e6ac) returned 0x48
[0137.180] GetClientRect (in: hWnd=0x70030, lpRect=0xd7e7ec | out: lpRect=0xd7e7ec) returned 1
[0137.180] GdipCreateRegion (region=0xd7e640) returned 0x0
[0137.180] GdipGetClip (graphics=0x65ffae0, region=0x6600020) returned 0x0
[0137.180] GdipCreateMatrix (matrix=0xd7e640) returned 0x0
[0137.180] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046b0) returned 0x0
[0137.180] GdipIsMatrixIdentity (matrix=0x66046b0, result=0xd7e658) returned 0x0
[0137.180] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e85d8
[0137.180] GdipGetMatrixElements (matrix=0x66046b0, matrixOut=0x11e85d8) returned 0x0
[0137.180] LocalFree (hMem=0x11e85d8) returned 0x0
[0137.180] GdipCombineRegionRegion (region=0x6600020, region2=0x6604620, combineMode=0x1) returned 0x0
[0137.180] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e84c0
[0137.180] GdipGetMatrixElements (matrix=0x66046b0, matrixOut=0x11e84c0) returned 0x0
[0137.180] LocalFree (hMem=0x11e84c0) returned 0x0
[0137.181] GdipDeleteMatrix (matrix=0x66046b0) returned 0x0
[0137.181] GdipIsInfiniteRegion (region=0x6600020, graphics=0x65ffae0, result=0xd7e680) returned 0x0
[0137.181] GdipIsInfiniteRegion (region=0x6600020, graphics=0x65ffae0, result=0xd7e670) returned 0x0
[0137.181] GdipGetRegionHRgn (region=0x6600020, graphics=0x65ffae0, hRgn=0xd7e670) returned 0x0
[0137.181] GdipDeleteRegion (region=0x6600020) returned 0x0
[0137.181] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e688) returned 0x0
[0137.181] GetCurrentObject (hdc=0x2a0107f8, type=0x1) returned 0xb00017
[0137.181] GetCurrentObject (hdc=0x2a0107f8, type=0x2) returned 0x900010
[0137.181] GetCurrentObject (hdc=0x2a0107f8, type=0x7) returned 0x490507fe
[0137.181] GetCurrentObject (hdc=0x2a0107f8, type=0x6) returned 0x8a01c2
[0137.181] SaveDC (hdc=0x2a0107f8) returned 1
[0137.181] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2c040808
[0137.181] GetClipRgn (hdc=0x2a0107f8, hrgn=0x2c040808) returned 0
[0137.181] SelectClipRgn (hdc=0x2a0107f8, hrgn=0x9e04077c) returned 2
[0137.181] DeleteObject (ho=0x2c040808) returned 1
[0137.182] DeleteObject (ho=0x9e04077c) returned 1
[0137.182] OffsetViewportOrgEx (in: hdc=0x2a0107f8, x=0, y=0, lppt=0x2ce201c | out: lppt=0x2ce201c) returned 1
[0137.182] GetNearestColor (hdc=0x2a0107f8, color=0xff) returned 0xff
[0137.182] CreateSolidBrush (color=0xff) returned 0x241007e1
[0137.182] FillRect (hDC=0x2a0107f8, lprc=0xd7e68c, hbr=0x241007e1) returned 1
[0137.183] DeleteObject (ho=0x241007e1) returned 1
[0137.183] RestoreDC (hdc=0x2a0107f8, nSavedDC=-1) returned 1
[0137.183] GdipReleaseDC (graphics=0x65ffae0, hdc=0x2a0107f8) returned 0x0
[0137.183] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfd960dbd) returned 0x0
[0137.183] GdipDeleteRegion (region=0x6604620) returned 0x0
[0137.183] GetWindowTextLengthW (hWnd=0x70030) returned 72
[0137.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x48
[0137.184] GetSystemMetrics (nIndex=42) returned 0
[0137.184] GetWindowTextW (in: hWnd=0x70030, lpString=0xd7e6ac, nMaxCount=73 | out: lpString="If you have a special decrypt code, please select Path and\r\ndecrypt file") returned 72
[0137.184] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x70030, Msg=0xd, wParam=0x49, lParam=0xd7e6ac) returned 0x48
[0137.184] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e6a8) returned 0x0
[0137.184] GetCurrentObject (hdc=0x2a0107f8, type=0x1) returned 0xb00017
[0137.184] GetCurrentObject (hdc=0x2a0107f8, type=0x2) returned 0x900010
[0137.184] GetCurrentObject (hdc=0x2a0107f8, type=0x7) returned 0x490507fe
[0137.184] GetCurrentObject (hdc=0x2a0107f8, type=0x6) returned 0x8a01c2
[0137.184] SaveDC (hdc=0x2a0107f8) returned 1
[0137.184] GetNearestColor (hdc=0x2a0107f8, color=0x0) returned 0x0
[0137.184] RestoreDC (hdc=0x2a0107f8, nSavedDC=-1) returned 1
[0137.184] GdipReleaseDC (graphics=0x65ffae0, hdc=0x2a0107f8) returned 0x0
[0137.185] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0137.185] AdjustWindowRectEx (in: lpRect=0xd7e5c8, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e5c8) returned 1
[0137.185] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e64c, fWinIni=0x0 | out: pvParam=0xd7e64c) returned 1
[0137.185] SendMessageW (hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.185] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.185] GdipGetTextRenderingHint (graphics=0x65ffae0, mode=0xd7e648) returned 0x0
[0137.185] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e634) returned 0x0
[0137.185] GetCurrentObject (hdc=0x2a0107f8, type=0x1) returned 0xb00017
[0137.185] GetCurrentObject (hdc=0x2a0107f8, type=0x2) returned 0x900010
[0137.185] GetCurrentObject (hdc=0x2a0107f8, type=0x7) returned 0x490507fe
[0137.185] GetCurrentObject (hdc=0x2a0107f8, type=0x6) returned 0x8a01c2
[0137.186] SaveDC (hdc=0x2a0107f8) returned 1
[0137.186] GetTextAlign (hdc=0x2a0107f8) returned 0x0
[0137.186] GetTextColor (hdc=0x2a0107f8) returned 0x0
[0137.186] GetCurrentObject (hdc=0x2a0107f8, type=0x6) returned 0x8a01c2
[0137.186] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e37c | out: pv=0xd7e37c) returned 92
[0137.186] SelectObject (hdc=0x2a0107f8, h=0x730a0538) returned 0x8a01c2
[0137.186] GetBkMode (hdc=0x2a0107f8) returned 2
[0137.186] SetBkMode (hdc=0x2a0107f8, mode=1) returned 2
[0137.186] DrawTextExW (in: hdc=0x2a0107f8, lpchText="If you have a special decrypt code, please select Path and\r\ndecrypt file", cchText=72, lprc=0xd7e5c8, format=0x100000, lpdtp=0x2ce263c | out: lpchText="If you have a special decrypt code, please select Path and\r\ndecrypt file", lprc=0xd7e5c8) returned 40
[0137.264] RestoreDC (hdc=0x2a0107f8, nSavedDC=-1) returned 1
[0137.265] GdipReleaseDC (graphics=0x65ffae0, hdc=0x2a0107f8) returned 0x0
[0137.265] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e7e4) returned 0x0
[0137.265] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=416, cy=40, hdcSrc=0x2a0107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0137.265] GdipReleaseDC (graphics=0x65ffae0, hdc=0x2a0107f8) returned 0x0
[0137.265] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.265] SelectObject (hdc=0x2a0107f8, h=0x85000f) returned 0x490507fe
[0137.265] DeleteDC (hdc=0x2a0107f8) returned 1
[0137.265] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0137.265] EndPaint (hWnd=0x70030, lpPaint=0xd7e788) returned 1
[0137.266] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.266] IsWindowUnicode (hWnd=0x6002e) returned 1
[0137.266] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.266] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.266] DispatchMessageW (lpMsg=0xd7ed38) returned 0x1
[0137.266] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xf, wParam=0x0, lParam=0x0) returned 0x1
[0137.266] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x1
[0137.266] SetTextColor (hdc=0xf0105ee, color=0x0) returned 0x0
[0137.266] SetBkColor (hdc=0xf0105ee, color=0xffffff) returned 0xffffff
[0137.267] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7ddac | out: lpwndpl=0xd7ddac) returned 1
[0137.267] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0137.267] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0137.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0137.267] GetSystemMetrics (nIndex=42) returned 0
[0137.267] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dc14, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0137.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dc14) returned 0xd
[0137.268] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc60 | out: lpRect=0xd7dc60) returned 1
[0137.268] GdipGetImageFlags (image=0x65ff260, flags=0xd7db98) returned 0x0
[0137.268] GdipGetImageFlags (image=0x65ff260, flags=0xd7db98) returned 0x0
[0137.268] SelectPalette (hdc=0x1c0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.268] GdipCreateFromHDC (hdc=0x1c0107d0, graphics=0xd7db90) returned 0x0
[0137.268] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0137.268] GdipCreateMatrix (matrix=0xd7db50) returned 0x0
[0137.268] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046e0) returned 0x0
[0137.268] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7db68) returned 0x0
[0137.268] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0137.268] GdipCreateRegion (region=0xd7db50) returned 0x0
[0137.268] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0137.269] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7db5c) returned 0x0
[0137.269] GdipDeleteRegion (region=0x6604620) returned 0x0
[0137.269] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7db88) returned 0x0
[0137.269] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7da24) returned 0x0
[0137.283] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600020, x=0, y=0, width=801, height=453) returned 0x0
[0137.284] GdipDeleteBrush (brush=0x6600020) returned 0x0
[0137.286] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0137.286] SelectPalette (hdc=0x1c0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.286] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0137.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0137.286] GetSystemMetrics (nIndex=42) returned 0
[0137.286] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dbb4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0137.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dbb4) returned 0xd
[0137.286] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc00 | out: lpRect=0xd7dc00) returned 1
[0137.287] GdipGetImageFlags (image=0x65ff260, flags=0xd7db38) returned 0x0
[0137.287] GdipGetImageFlags (image=0x65ff260, flags=0xd7db38) returned 0x0
[0137.287] SelectPalette (hdc=0x1c0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.287] GdipCreateFromHDC (hdc=0x1c0107d0, graphics=0xd7db30) returned 0x0
[0137.287] GdipSetPageUnit (graphics=0x65ffae0, unit=0x2) returned 0x0
[0137.287] GdipCreateMatrix (matrix=0xd7daf0) returned 0x0
[0137.287] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x6604710) returned 0x0
[0137.287] GdipIsMatrixIdentity (matrix=0x6604710, result=0xd7db08) returned 0x0
[0137.287] GdipDeleteMatrix (matrix=0x6604710) returned 0x0
[0137.287] GdipCreateRegion (region=0xd7daf0) returned 0x0
[0137.287] GdipGetClip (graphics=0x65ffae0, region=0x662c520) returned 0x0
[0137.287] GdipIsInfiniteRegion (region=0x662c520, graphics=0x65ffae0, result=0xd7dafc) returned 0x0
[0137.288] GdipDeleteRegion (region=0x662c520) returned 0x0
[0137.288] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7db28) returned 0x0
[0137.288] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d9c4) returned 0x0
[0137.300] GdipFillRectangleI (graphics=0x65ffae0, brush=0x6600020, x=0, y=0, width=801, height=453) returned 0x0
[0137.301] GdipDeleteBrush (brush=0x6600020) returned 0x0
[0137.445] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfd920dbd) returned 0x0
[0137.445] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0137.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0137.445] GetSystemMetrics (nIndex=42) returned 0
[0137.445] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dbb4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0137.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dbb4) returned 0xd
[0137.446] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0137.446] SelectPalette (hdc=0x1c0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.447] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0137.447] SetTextColor (hdc=0x1d0107d0, color=0x0) returned 0x0
[0137.448] SetBkColor (hdc=0x1d0107d0, color=0xffffff) returned 0xffffff
[0137.450] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.450] IsWindowUnicode (hWnd=0x202d4) returned 1
[0137.450] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.450] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.450] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.450] BeginPaint (in: hWnd=0x202d4, lpPaint=0xd7e78c | out: lpPaint=0xd7e78c) returned 0x10105d6
[0137.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0137.452] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0137.452] CreateCompatibleDC (hdc=0x10105d6) returned 0x760107ed
[0137.452] GetObjectType (h=0x10105d6) returned 0x3
[0137.452] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0x4c0507e5
[0137.452] GetDIBits (in: hdc=0x10105d6, hbm=0x4c0507e5, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7e23c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7e23c) returned 1
[0137.452] GetDIBits (in: hdc=0x10105d6, hbm=0x4c0507e5, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7e23c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7e23c) returned 1
[0137.452] DeleteObject (ho=0x4c0507e5) returned 1
[0137.452] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7e28c, usage=0x0, ppvBits=0xd7e780, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e780) returned 0x330507f8
[0137.452] SelectObject (hdc=0x760107ed, h=0x330507f8) returned 0x85000f
[0137.453] GdipCreateFromHDC (hdc=0x760107ed, graphics=0xd7e764) returned 0x0
[0137.453] GdipTranslateWorldTransform (graphics=0x65ffae0, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0137.453] GdipSetClipRectI (graphics=0x65ffae0, x=0, y=0, width=657, height=231, combineMode=0x0) returned 0x0
[0137.453] GdipCreateMatrix (matrix=0xd7e7ec) returned 0x0
[0137.453] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x662c520) returned 0x0
[0137.453] GdipIsMatrixIdentity (matrix=0x662c520, result=0xd7e804) returned 0x0
[0137.453] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e80d0
[0137.453] GdipGetMatrixElements (matrix=0x662c520, matrixOut=0x11e80d0) returned 0x0
[0137.453] LocalFree (hMem=0x11e80d0) returned 0x0
[0137.453] GdipDeleteMatrix (matrix=0x662c520) returned 0x0
[0137.453] GdipCreateRegion (region=0xd7e7ec) returned 0x0
[0137.453] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0137.454] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e7f8) returned 0x0
[0137.454] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e824) returned 0x0
[0137.454] GetWindowTextLengthW (hWnd=0x202d4) returned 146
[0137.454] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x92
[0137.454] GetSystemMetrics (nIndex=42) returned 0
[0137.454] GetWindowTextW (in: hWnd=0x202d4, lpString=0xd7e618, nMaxCount=147 | out: lpString="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code") returned 146
[0137.454] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0xd, wParam=0x93, lParam=0xd7e618) returned 0x92
[0137.454] GetClientRect (in: hWnd=0x202d4, lpRect=0xd7e7ec | out: lpRect=0xd7e7ec) returned 1
[0137.454] GdipCreateRegion (region=0xd7e640) returned 0x0
[0137.454] GdipGetClip (graphics=0x65ffae0, region=0x66046b0) returned 0x0
[0137.454] GdipCreateMatrix (matrix=0xd7e640) returned 0x0
[0137.454] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x6600020) returned 0x0
[0137.454] GdipIsMatrixIdentity (matrix=0x6600020, result=0xd7e658) returned 0x0
[0137.454] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8220
[0137.454] GdipGetMatrixElements (matrix=0x6600020, matrixOut=0x11e8220) returned 0x0
[0137.454] LocalFree (hMem=0x11e8220) returned 0x0
[0137.454] GdipCombineRegionRegion (region=0x66046b0, region2=0x6604620, combineMode=0x1) returned 0x0
[0137.454] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11e8178
[0137.454] GdipGetMatrixElements (matrix=0x6600020, matrixOut=0x11e8178) returned 0x0
[0137.455] LocalFree (hMem=0x11e8178) returned 0x0
[0137.455] GdipDeleteMatrix (matrix=0x6600020) returned 0x0
[0137.455] GdipIsInfiniteRegion (region=0x66046b0, graphics=0x65ffae0, result=0xd7e680) returned 0x0
[0137.455] GdipIsInfiniteRegion (region=0x66046b0, graphics=0x65ffae0, result=0xd7e670) returned 0x0
[0137.455] GdipGetRegionHRgn (region=0x66046b0, graphics=0x65ffae0, hRgn=0xd7e670) returned 0x0
[0137.455] GdipDeleteRegion (region=0x66046b0) returned 0x0
[0137.455] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e688) returned 0x0
[0137.455] GetCurrentObject (hdc=0x760107ed, type=0x1) returned 0xb00017
[0137.455] GetCurrentObject (hdc=0x760107ed, type=0x2) returned 0x900010
[0137.455] GetCurrentObject (hdc=0x760107ed, type=0x7) returned 0x330507f8
[0137.455] GetCurrentObject (hdc=0x760107ed, type=0x6) returned 0x8a01c2
[0137.455] SaveDC (hdc=0x760107ed) returned 1
[0137.455] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa104077c
[0137.455] GetClipRgn (hdc=0x760107ed, hrgn=0xa104077c) returned 0
[0137.455] SelectClipRgn (hdc=0x760107ed, hrgn=0x31040808) returned 2
[0137.455] DeleteObject (ho=0xa104077c) returned 1
[0137.456] DeleteObject (ho=0x31040808) returned 1
[0137.456] OffsetViewportOrgEx (in: hdc=0x760107ed, x=0, y=0, lppt=0x2cea2e8 | out: lppt=0x2cea2e8) returned 1
[0137.456] GetNearestColor (hdc=0x760107ed, color=0xff) returned 0xff
[0137.456] CreateSolidBrush (color=0xff) returned 0x251007e1
[0137.456] FillRect (hDC=0x760107ed, lprc=0xd7e68c, hbr=0x251007e1) returned 1
[0137.464] DeleteObject (ho=0x251007e1) returned 1
[0137.464] RestoreDC (hdc=0x760107ed, nSavedDC=-1) returned 1
[0137.464] GdipReleaseDC (graphics=0x65ffae0, hdc=0x760107ed) returned 0x0
[0137.464] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfd900dbd) returned 0x0
[0137.464] GdipDeleteRegion (region=0x6604620) returned 0x0
[0137.464] GetWindowTextLengthW (hWnd=0x202d4) returned 146
[0137.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x92
[0137.464] GetSystemMetrics (nIndex=42) returned 0
[0137.464] GetWindowTextW (in: hWnd=0x202d4, lpString=0xd7e618, nMaxCount=147 | out: lpString="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code") returned 146
[0137.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202d4, Msg=0xd, wParam=0x93, lParam=0xd7e618) returned 0x92
[0137.464] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e6a8) returned 0x0
[0137.464] GetCurrentObject (hdc=0x760107ed, type=0x1) returned 0xb00017
[0137.464] GetCurrentObject (hdc=0x760107ed, type=0x2) returned 0x900010
[0137.464] GetCurrentObject (hdc=0x760107ed, type=0x7) returned 0x330507f8
[0137.465] GetCurrentObject (hdc=0x760107ed, type=0x6) returned 0x8a01c2
[0137.465] SaveDC (hdc=0x760107ed) returned 1
[0137.465] GetNearestColor (hdc=0x760107ed, color=0x0) returned 0x0
[0137.465] RestoreDC (hdc=0x760107ed, nSavedDC=-1) returned 1
[0137.465] GdipReleaseDC (graphics=0x65ffae0, hdc=0x760107ed) returned 0x0
[0137.465] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0137.465] AdjustWindowRectEx (in: lpRect=0xd7e5c8, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e5c8) returned 1
[0137.465] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e64c, fWinIni=0x0 | out: pvParam=0xd7e64c) returned 1
[0137.465] SendMessageW (hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0137.466] GdipGetTextRenderingHint (graphics=0x65ffae0, mode=0xd7e648) returned 0x0
[0137.466] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e634) returned 0x0
[0137.466] GetCurrentObject (hdc=0x760107ed, type=0x1) returned 0xb00017
[0137.466] GetCurrentObject (hdc=0x760107ed, type=0x2) returned 0x900010
[0137.466] GetCurrentObject (hdc=0x760107ed, type=0x7) returned 0x330507f8
[0137.466] GetCurrentObject (hdc=0x760107ed, type=0x6) returned 0x8a01c2
[0137.466] SaveDC (hdc=0x760107ed) returned 1
[0137.466] GetTextAlign (hdc=0x760107ed) returned 0x0
[0137.466] GetTextColor (hdc=0x760107ed) returned 0x0
[0137.466] GetCurrentObject (hdc=0x760107ed, type=0x6) returned 0x8a01c2
[0137.466] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e37c | out: pv=0xd7e37c) returned 92
[0137.466] SelectObject (hdc=0x760107ed, h=0x460a052c) returned 0x8a01c2
[0137.466] GetBkMode (hdc=0x760107ed) returned 2
[0137.466] SetBkMode (hdc=0x760107ed, mode=1) returned 2
[0137.466] DrawTextExW (in: hdc=0x760107ed, lpchText="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code", cchText=146, lprc=0xd7e5c8, format=0x100000, lpdtp=0x2ceaac4 | out: lpchText="Hello! I'm a BB, and Im encrypt your\r\nfiles\r\n\r\nPlease give me a BTC To address:\r\n13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94\r\n\r\nAnd I send you decrypt code", lprc=0xd7e5c8) returned 231
[0137.479] RestoreDC (hdc=0x760107ed, nSavedDC=-1) returned 1
[0137.479] GdipReleaseDC (graphics=0x65ffae0, hdc=0x760107ed) returned 0x0
[0137.479] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e7e4) returned 0x0
[0137.479] BitBlt (hdc=0x10105d6, x=0, y=0, cx=657, cy=231, hdcSrc=0x760107ed, x1=0, y1=0, rop=0xcc0020) returned 1
[0137.479] GdipReleaseDC (graphics=0x65ffae0, hdc=0x760107ed) returned 0x0
[0137.479] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0137.480] SelectObject (hdc=0x760107ed, h=0x85000f) returned 0x330507f8
[0137.480] DeleteDC (hdc=0x760107ed) returned 1
[0137.480] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0137.480] DeleteObject (ho=0x330507f8) returned 1
[0137.483] EndPaint (hWnd=0x202d4, lpPaint=0xd7e788) returned 1
[0137.483] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.483] IsWindowUnicode (hWnd=0x502c6) returned 1
[0137.483] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.483] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.483] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.483] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.484] IsWindowUnicode (hWnd=0x7005c) returned 1
[0137.484] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.484] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.484] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.485] IsWindowUnicode (hWnd=0x602c4) returned 1
[0137.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.485] IsWindowUnicode (hWnd=0x602c4) returned 1
[0137.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0026) returned 0x0
[0137.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.485] GetMessageA (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.485] DispatchMessageA (lpMsg=0xd7ed38) returned 0x7f43
[0137.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.596] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0xa0091
[0137.601] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.601] WaitMessage () returned 1
[0137.967] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.967] IsWindowUnicode (hWnd=0x7005c) returned 1
[0137.967] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.967] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.967] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.972] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.972] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.972] WaitMessage () returned 1
[0137.983] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.984] IsWindowUnicode (hWnd=0x6002e) returned 1
[0137.984] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0137.984] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0137.984] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0137.984] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.984] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0137.984] WaitMessage () returned 1
[0138.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x0) returned 0x1
[0140.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7ec0c) returned 0x0
[0140.519] IsWindowUnicode (hWnd=0x6002e) returned 1
[0140.519] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.520] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0140.520] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0140.520] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.520] IsWindowUnicode (hWnd=0x6002e) returned 1
[0140.520] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.538] GetKeyState (nVirtKey=16) returned 0
[0140.538] GetKeyState (nVirtKey=17) returned 0
[0140.538] GetKeyState (nVirtKey=18) returned -127
[0140.538] TranslateMessage (lpMsg=0xd7ed38) returned 1
[0140.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0140.542] GetKeyState (nVirtKey=16) returned 0
[0140.542] GetKeyState (nVirtKey=17) returned 0
[0140.542] GetKeyState (nVirtKey=18) returned -127
[0140.542] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x105, wParam=0x1b, lParam=0xe0010001) returned 0x0
[0140.543] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.543] IsWindowUnicode (hWnd=0x6002e) returned 1
[0140.543] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.543] GetKeyState (nVirtKey=16) returned 0
[0140.543] GetKeyState (nVirtKey=17) returned 0
[0140.543] GetKeyState (nVirtKey=18) returned 1
[0140.543] TranslateMessage (lpMsg=0xd7ed38) returned 1
[0140.543] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0140.543] GetKeyState (nVirtKey=16) returned 0
[0140.543] GetKeyState (nVirtKey=17) returned 0
[0140.543] GetKeyState (nVirtKey=18) returned 1
[0140.543] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x101, wParam=0x12, lParam=0xc0380001) returned 0x0
[0140.543] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f2) returned 0x1
[0140.544] IsWindowUnicode (hWnd=0x602c4) returned 1
[0140.544] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f2) returned 0x1
[0140.544] SetCursor (hCursor=0x10003) returned 0x10003
[0140.544] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0140.544] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0140.544] GetKeyState (nVirtKey=1) returned 0
[0140.544] GetKeyState (nVirtKey=2) returned 0
[0140.544] GetKeyState (nVirtKey=4) returned 0
[0140.544] GetKeyState (nVirtKey=5) returned 0
[0140.544] GetKeyState (nVirtKey=6) returned 0
[0140.544] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f2) returned 0x1
[0140.545] IsWindowUnicode (hWnd=0x602c4) returned 1
[0140.545] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.545] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f2) returned 0x1
[0140.546] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0140.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19c0034) returned 0x0
[0140.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0140.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0140.546] SetCursor (hCursor=0x10003) returned 0x10003
[0140.546] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0140.546] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0140.547] GetKeyState (nVirtKey=1) returned -127
[0140.547] GetKeyState (nVirtKey=2) returned 0
[0140.547] GetKeyState (nVirtKey=4) returned 0
[0140.547] GetKeyState (nVirtKey=5) returned 0
[0140.547] GetKeyState (nVirtKey=6) returned 0
[0140.547] IsWindowVisible (hWnd=0x602c4) returned 1
[0140.547] IsWindowEnabled (hWnd=0x602c4) returned 1
[0140.547] SetFocus (hWnd=0x602c4) returned 0x6002e
[0140.548] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x1
[0140.548] SendMessageW (hWnd=0x6002e, Msg=0x2111, wParam=0x200002e, lParam=0x6002e) returned 0x0
[0140.551] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0140.552] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0140.553] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0140.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0xb, lParam=0x0) returned 0x0
[0140.553] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0140.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0xf, lParam=0x502bf) returned 0x0
[0140.555] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0140.614] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0140.614] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x6002e, lParam=0x0) returned 0x0
[0140.616] GetStockObject (i=5) returned 0x900015
[0140.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0140.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ee4a8) returned 0xc
[0140.621] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0140.621] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7e30c) returned 0x0
[0140.621] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7e30c) returned 0x0
[0140.621] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0140.623] GetFocus () returned 0x602c4
[0140.623] GetFocus () returned 0x602c4
[0140.623] GetFocus () returned 0x602c4
[0140.623] GetKeyState (nVirtKey=1) returned -127
[0140.623] GetKeyState (nVirtKey=2) returned 0
[0140.623] GetKeyState (nVirtKey=4) returned 0
[0140.623] GetKeyState (nVirtKey=5) returned 0
[0140.623] GetKeyState (nVirtKey=6) returned 0
[0140.623] SetCapture (hWnd=0x602c4) returned 0x0
[0140.623] GetKeyState (nVirtKey=1) returned -127
[0140.623] GetKeyState (nVirtKey=2) returned 0
[0140.623] GetKeyState (nVirtKey=4) returned 0
[0140.623] GetKeyState (nVirtKey=5) returned 0
[0140.623] GetKeyState (nVirtKey=6) returned 0
[0140.624] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0140.624] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0140.624] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.624] IsWindowUnicode (hWnd=0x602c4) returned 1
[0140.624] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0140.624] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0140.624] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0140.625] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cead20, cPoints=0x1 | out: lpPoints=0x2cead20) returned 40304859
[0140.626] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0140.626] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0140.626] UpdateWindow (hWnd=0x602c4) returned 1
[0140.626] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0140.626] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0140.626] CreateCompatibleDC (hdc=0xf0105ee) returned 0x65010793
[0140.626] SelectObject (hdc=0x65010793, h=0x490507fe) returned 0x85000f
[0140.627] GdipCreateFromHDC (hdc=0x65010793, graphics=0xd7e430) returned 0x0
[0140.627] GdipTranslateWorldTransform (graphics=0x65ffae0, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0140.627] GdipSetClipRectI (graphics=0x65ffae0, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0140.627] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0140.627] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x662c520) returned 0x0
[0140.627] GdipIsMatrixIdentity (matrix=0x662c520, result=0xd7e490) returned 0x0
[0140.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0140.627] GdipGetMatrixElements (matrix=0x662c520, matrixOut=0x11ee8d8) returned 0x0
[0140.627] LocalFree (hMem=0x11ee8d8) returned 0x0
[0140.628] GdipDeleteMatrix (matrix=0x662c520) returned 0x0
[0140.628] GdipCreateRegion (region=0xd7e478) returned 0x0
[0140.628] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0140.628] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e484) returned 0x0
[0140.628] GdipSaveGraphics (graphics=0x65ffae0, state=0xd7e4b0) returned 0x0
[0140.628] GdipRestoreGraphics (graphics=0x65ffae0, state=0xfd8e0dbd) returned 0x0
[0140.628] GdipDeleteRegion (region=0x6604620) returned 0x0
[0140.628] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e290) returned 0x0
[0140.628] GetCurrentObject (hdc=0x65010793, type=0x1) returned 0xb00017
[0140.628] GetCurrentObject (hdc=0x65010793, type=0x2) returned 0x900010
[0140.628] GetCurrentObject (hdc=0x65010793, type=0x7) returned 0x490507fe
[0140.628] GetCurrentObject (hdc=0x65010793, type=0x6) returned 0x8a01c2
[0140.628] SaveDC (hdc=0x65010793) returned 1
[0140.629] GetNearestColor (hdc=0x65010793, color=0xff) returned 0xff
[0140.629] GetNearestColor (hdc=0x65010793, color=0x55) returned 0x55
[0140.629] GetNearestColor (hdc=0x65010793, color=0x0) returned 0x0
[0140.629] GetNearestColor (hdc=0x65010793, color=0x55) returned 0x55
[0140.629] GetNearestColor (hdc=0x65010793, color=0x0) returned 0x0
[0140.629] GetNearestColor (hdc=0x65010793, color=0x8080ff) returned 0x8080ff
[0140.629] GetNearestColor (hdc=0x65010793, color=0x7373e5) returned 0x7373e5
[0140.629] GetNearestColor (hdc=0x65010793, color=0xe5) returned 0xe5
[0140.629] GetNearestColor (hdc=0x65010793, color=0x0) returned 0x0
[0140.629] RestoreDC (hdc=0x65010793, nSavedDC=-1) returned 1
[0140.629] GdipReleaseDC (graphics=0x65ffae0, hdc=0x65010793) returned 0x0
[0140.629] IsAppThemed () returned 0x1
[0140.629] GetThemeAppProperties () returned 0x3
[0140.629] GetThemeAppProperties () returned 0x3
[0140.629] IsAppThemed () returned 0x1
[0140.630] GetThemeAppProperties () returned 0x3
[0140.630] GetThemeAppProperties () returned 0x3
[0140.630] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2ceb43c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0140.631] IsAppThemed () returned 0x1
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] IsAppThemed () returned 0x1
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] IsAppThemed () returned 0x1
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] IsAppThemed () returned 0x1
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] IsThemePartDefined () returned 0x1
[0140.631] IsAppThemed () returned 0x1
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0140.631] IsAppThemed () returned 0x1
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] IsAppThemed () returned 0x1
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] GetThemeAppProperties () returned 0x3
[0140.631] IsThemePartDefined () returned 0x1
[0140.631] GdipCreateRegion (region=0xd7e194) returned 0x0
[0140.631] GdipGetClip (graphics=0x65ffae0, region=0x6604620) returned 0x0
[0140.631] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0140.632] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046b0) returned 0x0
[0140.632] GdipIsMatrixIdentity (matrix=0x66046b0, result=0xd7e1ac) returned 0x0
[0140.632] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0140.632] GdipGetMatrixElements (matrix=0x66046b0, matrixOut=0x11eed00) returned 0x0
[0140.632] LocalFree (hMem=0x11eed00) returned 0x0
[0140.632] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee7f8
[0140.632] GdipGetMatrixElements (matrix=0x66046b0, matrixOut=0x11ee7f8) returned 0x0
[0140.632] LocalFree (hMem=0x11ee7f8) returned 0x0
[0140.632] GdipDeleteMatrix (matrix=0x66046b0) returned 0x0
[0140.632] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e1d4) returned 0x0
[0140.632] GdipIsInfiniteRegion (region=0x6604620, graphics=0x65ffae0, result=0xd7e1c4) returned 0x0
[0140.632] GdipGetRegionHRgn (region=0x6604620, graphics=0x65ffae0, hRgn=0xd7e1c4) returned 0x0
[0140.632] GdipDeleteRegion (region=0x6604620) returned 0x0
[0140.632] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e1dc) returned 0x0
[0140.632] GetCurrentObject (hdc=0x65010793, type=0x1) returned 0xb00017
[0140.632] GetCurrentObject (hdc=0x65010793, type=0x2) returned 0x900010
[0140.632] GetCurrentObject (hdc=0x65010793, type=0x7) returned 0x490507fe
[0140.632] GetCurrentObject (hdc=0x65010793, type=0x6) returned 0x8a01c2
[0140.632] SaveDC (hdc=0x65010793) returned 1
[0140.632] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x32040808
[0140.632] GetClipRgn (hdc=0x65010793, hrgn=0x32040808) returned 0
[0140.633] SelectClipRgn (hdc=0x65010793, hrgn=0xa404077c) returned 2
[0140.633] DeleteObject (ho=0x32040808) returned 1
[0140.633] DeleteObject (ho=0xa404077c) returned 1
[0140.633] OffsetViewportOrgEx (in: hdc=0x65010793, x=0, y=0, lppt=0x2cebaec | out: lppt=0x2cebaec) returned 1
[0140.633] DrawThemeParentBackground () returned 0x0
[0140.633] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0140.633] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0140.633] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0140.633] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0140.633] GetSystemMetrics (nIndex=42) returned 0
[0140.633] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0140.633] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0140.633] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0140.633] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0140.633] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0140.633] SelectPalette (hdc=0x65010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0140.634] GdipCreateFromHDC (hdc=0x65010793, graphics=0xd7dc88) returned 0x0
[0140.634] GdipSetPageUnit (graphics=0x65ffdc0, unit=0x2) returned 0x0
[0140.634] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0140.634] GdipGetWorldTransform (graphics=0x65ffdc0, matrix=0x662c520) returned 0x0
[0140.634] GdipIsMatrixIdentity (matrix=0x662c520, result=0xd7dc60) returned 0x0
[0140.634] GdipDeleteMatrix (matrix=0x662c520) returned 0x0
[0140.634] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0140.634] GdipGetClip (graphics=0x65ffdc0, region=0x6604690) returned 0x0
[0140.634] GdipIsInfiniteRegion (region=0x6604690, graphics=0x65ffdc0, result=0xd7dc54) returned 0x0
[0140.634] GdipDeleteRegion (region=0x6604690) returned 0x0
[0140.634] GdipSaveGraphics (graphics=0x65ffdc0, state=0xd7dc80) returned 0x0
[0140.635] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0140.645] GdipFillRectangleI (graphics=0x65ffdc0, brush=0x6600300, x=0, y=0, width=801, height=453) returned 0x0
[0140.646] GdipDeleteBrush (brush=0x6600300) returned 0x0
[0140.647] GdipDeleteGraphics (graphics=0x65ffdc0) returned 0x0
[0140.647] SelectPalette (hdc=0x65010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0140.648] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0140.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0140.648] GetSystemMetrics (nIndex=42) returned 0
[0140.648] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0140.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0140.648] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0140.648] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0140.648] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0140.648] SelectPalette (hdc=0x65010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0140.648] GdipCreateFromHDC (hdc=0x65010793, graphics=0xd7dc28) returned 0x0
[0140.648] GdipSetPageUnit (graphics=0x66319c8, unit=0x2) returned 0x0
[0140.648] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0140.648] GdipGetWorldTransform (graphics=0x66319c8, matrix=0x6604690) returned 0x0
[0140.649] GdipIsMatrixIdentity (matrix=0x6604690, result=0xd7dc00) returned 0x0
[0140.649] GdipDeleteMatrix (matrix=0x6604690) returned 0x0
[0140.649] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0140.649] GdipGetClip (graphics=0x66319c8, region=0x6631ca8) returned 0x0
[0140.649] GdipIsInfiniteRegion (region=0x6631ca8, graphics=0x66319c8, result=0xd7dbf4) returned 0x0
[0140.649] GdipDeleteRegion (region=0x6631ca8) returned 0x0
[0140.649] GdipSaveGraphics (graphics=0x66319c8, state=0xd7dc20) returned 0x0
[0140.649] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0140.658] GdipFillRectangleI (graphics=0x66319c8, brush=0x65ffdc0, x=0, y=0, width=801, height=453) returned 0x0
[0140.659] GdipDeleteBrush (brush=0x65ffdc0) returned 0x0
[0140.660] GdipRestoreGraphics (graphics=0x66319c8, state=0xfd8a0dbd) returned 0x0
[0140.660] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0140.661] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0140.661] GetSystemMetrics (nIndex=42) returned 0
[0140.661] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0140.661] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0140.661] GdipDeleteGraphics (graphics=0x66319c8) returned 0x0
[0140.661] SelectPalette (hdc=0x65010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0140.661] RestoreDC (hdc=0x65010793, nSavedDC=-1) returned 1
[0140.661] GdipReleaseDC (graphics=0x65ffae0, hdc=0x65010793) returned 0x0
[0140.661] IsAppThemed () returned 0x1
[0140.661] GetThemeAppProperties () returned 0x3
[0140.661] GetThemeAppProperties () returned 0x3
[0140.661] IsAppThemed () returned 0x1
[0140.661] GetThemeAppProperties () returned 0x3
[0140.661] GetThemeAppProperties () returned 0x3
[0140.661] IsThemePartDefined () returned 0x1
[0140.661] GdipCreateRegion (region=0xd7e118) returned 0x0
[0140.661] GdipGetClip (graphics=0x65ffae0, region=0x66319c8) returned 0x0
[0140.661] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0140.662] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x6604620) returned 0x0
[0140.662] GdipIsMatrixIdentity (matrix=0x6604620, result=0xd7e130) returned 0x0
[0140.662] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0140.662] GdipGetMatrixElements (matrix=0x6604620, matrixOut=0x11eec58) returned 0x0
[0140.662] LocalFree (hMem=0x11eec58) returned 0x0
[0140.662] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0140.662] GdipGetMatrixElements (matrix=0x6604620, matrixOut=0x11eecc8) returned 0x0
[0140.662] LocalFree (hMem=0x11eecc8) returned 0x0
[0140.662] GdipDeleteMatrix (matrix=0x6604620) returned 0x0
[0140.662] GdipIsInfiniteRegion (region=0x66319c8, graphics=0x65ffae0, result=0xd7e158) returned 0x0
[0140.662] GdipIsInfiniteRegion (region=0x66319c8, graphics=0x65ffae0, result=0xd7e148) returned 0x0
[0140.662] GdipGetRegionHRgn (region=0x66319c8, graphics=0x65ffae0, hRgn=0xd7e148) returned 0x0
[0140.662] GdipDeleteRegion (region=0x66319c8) returned 0x0
[0140.662] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e160) returned 0x0
[0140.662] GetCurrentObject (hdc=0x65010793, type=0x1) returned 0xb00017
[0140.662] GetCurrentObject (hdc=0x65010793, type=0x2) returned 0x900010
[0140.662] GetCurrentObject (hdc=0x65010793, type=0x7) returned 0x490507fe
[0140.662] GetCurrentObject (hdc=0x65010793, type=0x6) returned 0x8a01c2
[0140.662] SaveDC (hdc=0x65010793) returned 1
[0140.662] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa504077c
[0140.663] GetClipRgn (hdc=0x65010793, hrgn=0xa504077c) returned 0
[0140.663] SelectClipRgn (hdc=0x65010793, hrgn=0x34040808) returned 2
[0140.663] DeleteObject (ho=0xa504077c) returned 1
[0140.663] DeleteObject (ho=0x34040808) returned 1
[0140.663] OffsetViewportOrgEx (in: hdc=0x65010793, x=0, y=0, lppt=0x2cf233c | out: lppt=0x2cf233c) returned 1
[0140.663] IsAppThemed () returned 0x1
[0140.663] GetThemeAppProperties () returned 0x3
[0140.663] GetThemeAppProperties () returned 0x3
[0140.663] DrawThemeBackground () returned 0x0
[0140.663] RestoreDC (hdc=0x65010793, nSavedDC=-1) returned 1
[0140.663] GdipReleaseDC (graphics=0x65ffae0, hdc=0x65010793) returned 0x0
[0140.663] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0140.663] GdipGetClip (graphics=0x65ffae0, region=0x6604650) returned 0x0
[0140.663] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0140.663] GdipGetWorldTransform (graphics=0x65ffae0, matrix=0x66046e0) returned 0x0
[0140.663] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e134) returned 0x0
[0140.663] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eebb0
[0140.663] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eebb0) returned 0x0
[0140.664] LocalFree (hMem=0x11eebb0) returned 0x0
[0140.664] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0140.664] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0140.664] LocalFree (hMem=0x11eec58) returned 0x0
[0140.664] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0140.664] GdipIsInfiniteRegion (region=0x6604650, graphics=0x65ffae0, result=0xd7e15c) returned 0x0
[0140.664] GdipIsInfiniteRegion (region=0x6604650, graphics=0x65ffae0, result=0xd7e14c) returned 0x0
[0140.664] GdipGetRegionHRgn (region=0x6604650, graphics=0x65ffae0, hRgn=0xd7e14c) returned 0x0
[0140.664] GdipDeleteRegion (region=0x6604650) returned 0x0
[0140.664] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e164) returned 0x0
[0140.664] GetCurrentObject (hdc=0x65010793, type=0x1) returned 0xb00017
[0140.664] GetCurrentObject (hdc=0x65010793, type=0x2) returned 0x900010
[0140.664] GetCurrentObject (hdc=0x65010793, type=0x7) returned 0x490507fe
[0140.664] GetCurrentObject (hdc=0x65010793, type=0x6) returned 0x8a01c2
[0140.664] SaveDC (hdc=0x65010793) returned 1
[0140.664] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x35040808
[0140.664] GetClipRgn (hdc=0x65010793, hrgn=0x35040808) returned 0
[0140.664] SelectClipRgn (hdc=0x65010793, hrgn=0xa604077c) returned 2
[0140.665] DeleteObject (ho=0x35040808) returned 1
[0140.665] DeleteObject (ho=0xa604077c) returned 1
[0140.665] OffsetViewportOrgEx (in: hdc=0x65010793, x=0, y=0, lppt=0x2cf2610 | out: lppt=0x2cf2610) returned 1
[0140.665] IsAppThemed () returned 0x1
[0140.665] GetThemeAppProperties () returned 0x3
[0140.665] GetThemeAppProperties () returned 0x3
[0140.665] GetThemeBackgroundContentRect () returned 0x0
[0140.665] RestoreDC (hdc=0x65010793, nSavedDC=-1) returned 1
[0140.665] GdipReleaseDC (graphics=0x65ffae0, hdc=0x65010793) returned 0x0
[0140.665] GdipGetNearestColor (graphics=0x65ffae0, argb=0xd7e270) returned 0x0
[0140.665] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0140.665] GdipFillRectangleI (graphics=0x65ffae0, brush=0x66319c8, x=4, y=4, width=67, height=15) returned 0x0
[0140.665] GdipDeleteBrush (brush=0x66319c8) returned 0x0
[0140.665] IsAppThemed () returned 0x1
[0140.666] GetThemeAppProperties () returned 0x3
[0140.666] GetThemeAppProperties () returned 0x3
[0140.666] GdipGetTextRenderingHint (graphics=0x65ffae0, mode=0xd7e298) returned 0x0
[0140.666] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e284) returned 0x0
[0140.666] GetCurrentObject (hdc=0x65010793, type=0x1) returned 0xb00017
[0140.666] GetCurrentObject (hdc=0x65010793, type=0x2) returned 0x900010
[0140.666] GetCurrentObject (hdc=0x65010793, type=0x7) returned 0x490507fe
[0140.666] GetCurrentObject (hdc=0x65010793, type=0x6) returned 0x8a01c2
[0140.666] SaveDC (hdc=0x65010793) returned 1
[0140.666] GetTextAlign (hdc=0x65010793) returned 0x0
[0140.666] GetTextColor (hdc=0x65010793) returned 0x0
[0140.666] GetCurrentObject (hdc=0x65010793, type=0x6) returned 0x8a01c2
[0140.666] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0140.666] SelectObject (hdc=0x65010793, h=0x6d0a0520) returned 0x8a01c2
[0140.666] GetBkMode (hdc=0x65010793) returned 2
[0140.666] SetBkMode (hdc=0x65010793, mode=1) returned 2
[0140.666] DrawTextExW (in: hdc=0x65010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2cf29d4 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0140.667] DrawTextExW (in: hdc=0x65010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2cf29d4 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0140.667] RestoreDC (hdc=0x65010793, nSavedDC=-1) returned 1
[0140.667] GdipReleaseDC (graphics=0x65ffae0, hdc=0x65010793) returned 0x0
[0140.667] GetFocus () returned 0x602c4
[0140.667] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e350, fWinIni=0x0 | out: pvParam=0xd7e350) returned 1
[0140.667] SendMessageW (hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0140.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0140.668] IsAppThemed () returned 0x1
[0140.668] GetThemeAppProperties () returned 0x3
[0140.668] GetThemeAppProperties () returned 0x3
[0140.668] GdipGetDC (graphics=0x65ffae0, hdc=0xd7e470) returned 0x0
[0140.668] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x65010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0140.668] GdipReleaseDC (graphics=0x65ffae0, hdc=0x65010793) returned 0x0
[0140.668] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0140.668] SelectObject (hdc=0x65010793, h=0x85000f) returned 0x490507fe
[0140.668] DeleteDC (hdc=0x65010793) returned 1
[0140.668] GdipDeleteGraphics (graphics=0x65ffae0) returned 0x0
[0140.668] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0140.668] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cf2ad0, cPoints=0x1 | out: lpPoints=0x2cf2ad0) returned 40304859
[0140.673] WindowFromPoint (Point=0xf2) returned 0x602c4
[0140.673] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f2) returned 0x1
[0140.673] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0140.673] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0140.906] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0140.906] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0140.906] GetSystemMetrics (nIndex=42) returned 0
[0140.906] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0140.906] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0141.569] GetCapture () returned 0x602c4
[0141.569] ReleaseCapture () returned 1
[0141.569] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0141.640] GetUserObjectInformationA (in: hObj=0x13c, nIndex=1, pvInfo=0x2cf4ba4, nLength=0xc, lpnLengthNeeded=0xd7e97c | out: pvInfo=0x2cf4ba4, lpnLengthNeeded=0xd7e97c) returned 1
[0141.929] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.929] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0141.929] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.929] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0141.930] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.930] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0141.930] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.930] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0141.930] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.930] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0141.932] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.932] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0141.932] GetDC (hWnd=0x0) returned 0x107b9
[0141.932] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0141.932] GdipGetFontHeight (font=0x54eef48, graphics=0x66319c8, height=0xd7e6e4) returned 0x0
[0141.932] GdipDeleteGraphics (graphics=0x66319c8) returned 0x0
[0141.933] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0141.933] GetSystemMetrics (nIndex=5) returned 1
[0141.933] GetSystemMetrics (nIndex=6) returned 1
[0141.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.933] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0141.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0141.933] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0142.816] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0142.817] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0142.817] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0142.817] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0142.817] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0142.821] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0142.908] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2cfdba4 | out: lpData=0x2cfdba4) returned 1
[0142.910] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cfdfb4, puLen=0xd7e810) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdc5c, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdcb0, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdd30, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdd98, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfddd8, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfde60, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfde9c, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdef4, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdf24, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdf60, puLen=0xd7e790) returned 1
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.912] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cfdfb4, puLen=0xd7e784) returned 1
[0142.912] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0142.928] VerQueryValueW (in: pBlock=0x2cfdba4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cfdbcc, puLen=0xd7e794) returned 1
[0142.933] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x105, lpBuffer=0xd7e208, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", lpFilePart=0x0) returned 0x30
[0142.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2f
[0142.934] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\", nBufferLength=0x2f, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\", lpFilePart=0x0) returned 0x2e
[0142.939] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x44
[0142.939] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x44, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", lpFilePart=0x0) returned 0x43
[0142.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x44
[0142.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x44, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", lpFilePart=0x0) returned 0x43
[0142.940] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e63c) returned 1
[0142.940] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\config\\machine.config"), fInfoLevelId=0x0, lpFileInformation=0xd7e6b8 | out: lpFileInformation=0xd7e6b8*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x56a29ff, ftCreationTime.dwHighDateTime=0x1d112e4, ftLastAccessTime.dwLowDateTime=0x97df7583, ftLastAccessTime.dwHighDateTime=0x1d112e3, ftLastWriteTime.dwLowDateTime=0x97df7583, ftLastWriteTime.dwHighDateTime=0x1d112e3, nFileSizeHigh=0x0, nFileSizeLow=0x8c8f)) returned 1
[0142.940] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e638) returned 1
[0142.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x44
[0142.940] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", nBufferLength=0x44, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config", lpFilePart=0x0) returned 0x43
[0142.940] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e618) returned 1
[0142.940] CreateFileW (lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\Config\\machine.config" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\config\\machine.config"), dwDesiredAccess=0x80000000, dwShareMode=0x1, lpSecurityAttributes=0x0, dwCreationDisposition=0x3, dwFlagsAndAttributes=0x100000, hTemplateFile=0x0) returned 0x4a4
[0142.941] GetFileType (hFile=0x4a4) returned 0x1
[0142.941] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e614) returned 1
[0142.941] GetFileType (hFile=0x4a4) returned 0x1
[0142.945] GetFileSize (in: hFile=0x4a4, lpFileSizeHigh=0xd7e644 | out: lpFileSizeHigh=0xd7e644*=0x0) returned 0x8c8f
[0142.945] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e600, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e600*=0x1000, lpOverlapped=0x0) returned 1
[0142.948] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e5b0, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e5b0*=0x1000, lpOverlapped=0x0) returned 1
[0142.948] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e52c, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e52c*=0x1000, lpOverlapped=0x0) returned 1
[0142.948] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e52c, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e52c*=0x1000, lpOverlapped=0x0) returned 1
[0142.948] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e52c, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e52c*=0x1000, lpOverlapped=0x0) returned 1
[0142.948] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e52c, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e52c*=0x1000, lpOverlapped=0x0) returned 1
[0142.949] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e5ac, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e5ac*=0x1000, lpOverlapped=0x0) returned 1
[0142.949] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e52c, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e52c*=0x1000, lpOverlapped=0x0) returned 1
[0142.949] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e52c, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e52c*=0xc8f, lpOverlapped=0x0) returned 1
[0142.949] ReadFile (in: hFile=0x4a4, lpBuffer=0x2d009f4, nNumberOfBytesToRead=0x1000, lpNumberOfBytesRead=0xd7e5d8, lpOverlapped=0x0 | out: lpBuffer=0x2d009f4*, lpNumberOfBytesRead=0xd7e5d8*=0x0, lpOverlapped=0x0) returned 1
[0142.949] CloseHandle (hObject=0x4a4) returned 1
[0142.950] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0142.950] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", lpFilePart=0x0) returned 0x30
[0142.950] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x31
[0142.950] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", nBufferLength=0x31, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config", lpFilePart=0x0) returned 0x30
[0142.950] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e638) returned 1
[0142.950] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe.config" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe.config"), fInfoLevelId=0x0, lpFileInformation=0xd7e6b4 | out: lpFileInformation=0xd7e6b4*(dwFileAttributes=0x0, ftCreationTime.dwLowDateTime=0x0, ftCreationTime.dwHighDateTime=0x0, ftLastAccessTime.dwLowDateTime=0x0, ftLastAccessTime.dwHighDateTime=0x0, ftLastWriteTime.dwLowDateTime=0x0, ftLastWriteTime.dwHighDateTime=0x0, nFileSizeHigh=0x0, nFileSizeLow=0x0)) returned 0
[0142.950] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e634) returned 1
[0142.952] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0142.952] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0142.952] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0142.952] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0142.952] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0142.952] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0142.953] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d06cd8 | out: lpData=0x2d06cd8) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d06d74, puLen=0xd7e810) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06dec, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06e1c, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06e58, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06e88, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06ed0, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06f48, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06f8c, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06fcc, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06dca, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06f18, puLen=0xd7e790) returned 1
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d06d74, puLen=0xd7e784) returned 1
[0142.953] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0142.953] VerQueryValueW (in: pBlock=0x2d06cd8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d06d00, puLen=0xd7e794) returned 1
[0142.954] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0142.954] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0142.954] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0142.954] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0142.954] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0142.954] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0142.957] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d08df8 | out: lpData=0x2d08df8) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0920c, puLen=0xd7e810) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08eb0, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08f04, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08f60, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08fc0, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d09018, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d090a0, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d090f4, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0914c, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0917c, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d091b8, puLen=0xd7e790) returned 1
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0920c, puLen=0xd7e784) returned 1
[0142.958] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0142.958] VerQueryValueW (in: pBlock=0x2d08df8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d08e20, puLen=0xd7e794) returned 1
[0142.959] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0142.959] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0142.959] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0142.959] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0142.959] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0142.959] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0142.963] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d0b424 | out: lpData=0x2d0b424) returned 1
[0142.963] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0b824, puLen=0xd7e810) returned 1
[0142.963] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b4dc, puLen=0xd7e790) returned 1
[0142.963] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b530, puLen=0xd7e790) returned 1
[0142.963] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b570, puLen=0xd7e790) returned 1
[0142.963] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b5d8, puLen=0xd7e790) returned 1
[0142.963] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b630, puLen=0xd7e790) returned 1
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b6b8, puLen=0xd7e790) returned 1
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b70c, puLen=0xd7e790) returned 1
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b764, puLen=0xd7e790) returned 1
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b794, puLen=0xd7e790) returned 1
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b7d0, puLen=0xd7e790) returned 1
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0b824, puLen=0xd7e784) returned 1
[0142.964] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0142.964] VerQueryValueW (in: pBlock=0x2d0b424, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0b44c, puLen=0xd7e794) returned 1
[0142.965] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0142.965] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0142.965] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0142.965] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0142.965] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0142.965] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0143.059] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d0db60 | out: lpData=0x2d0db60) returned 1
[0143.060] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0df28, puLen=0xd7e810) returned 1
[0143.060] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0dc18, puLen=0xd7e790) returned 1
[0143.060] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0dc6c, puLen=0xd7e790) returned 1
[0143.060] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0dcac, puLen=0xd7e790) returned 1
[0143.060] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0dd14, puLen=0xd7e790) returned 1
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0dd50, puLen=0xd7e790) returned 1
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ddd8, puLen=0xd7e790) returned 1
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0de10, puLen=0xd7e790) returned 1
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0de68, puLen=0xd7e790) returned 1
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0de98, puLen=0xd7e790) returned 1
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ded4, puLen=0xd7e790) returned 1
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0df28, puLen=0xd7e784) returned 1
[0143.061] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0143.061] VerQueryValueW (in: pBlock=0x2d0db60, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0db88, puLen=0xd7e794) returned 1
[0143.062] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0143.062] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0143.062] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0143.062] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0143.062] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0143.062] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0143.081] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d111c8 | out: lpData=0x2d111c8) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d115a8, puLen=0xd7e810) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11280, puLen=0xd7e790) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d112d4, puLen=0xd7e790) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11314, puLen=0xd7e790) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11374, puLen=0xd7e790) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d113c0, puLen=0xd7e790) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11448, puLen=0xd7e790) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11490, puLen=0xd7e790) returned 1
[0143.082] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d114e8, puLen=0xd7e790) returned 1
[0143.083] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11518, puLen=0xd7e790) returned 1
[0143.083] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.083] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11554, puLen=0xd7e790) returned 1
[0143.083] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.083] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d115a8, puLen=0xd7e784) returned 1
[0143.083] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0143.083] VerQueryValueW (in: pBlock=0x2d111c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d111f0, puLen=0xd7e794) returned 1
[0143.084] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0143.084] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0143.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0143.084] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0143.084] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0143.084] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0143.089] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d139e8 | out: lpData=0x2d139e8) returned 1
[0143.090] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d13df4, puLen=0xd7e810) returned 1
[0143.090] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13aa0, puLen=0xd7e790) returned 1
[0143.090] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13af4, puLen=0xd7e790) returned 1
[0143.090] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13b48, puLen=0xd7e790) returned 1
[0143.090] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13ba8, puLen=0xd7e790) returned 1
[0143.090] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13c00, puLen=0xd7e790) returned 1
[0143.090] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13c88, puLen=0xd7e790) returned 1
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13cdc, puLen=0xd7e790) returned 1
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13d34, puLen=0xd7e790) returned 1
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13d64, puLen=0xd7e790) returned 1
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13da0, puLen=0xd7e790) returned 1
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d13df4, puLen=0xd7e784) returned 1
[0143.091] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0143.091] VerQueryValueW (in: pBlock=0x2d139e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d13a10, puLen=0xd7e794) returned 1
[0143.092] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0143.092] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0143.092] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0143.092] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0143.092] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0143.092] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0143.096] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d1621c | out: lpData=0x2d1621c) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d165f4, puLen=0xd7e810) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d162d4, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16328, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16368, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d163d0, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16414, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1649c, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d164dc, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16534, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16564, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d165a0, puLen=0xd7e790) returned 1
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d165f4, puLen=0xd7e784) returned 1
[0143.097] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0143.097] VerQueryValueW (in: pBlock=0x2d1621c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d16244, puLen=0xd7e794) returned 1
[0143.098] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0143.098] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0143.098] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0143.098] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0143.098] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0143.099] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0143.151] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d18794 | out: lpData=0x2d18794) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d18b6c, puLen=0xd7e810) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1884c, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d188a0, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d188e0, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18948, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1898c, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18a14, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18a54, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18aac, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18adc, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18b18, puLen=0xd7e790) returned 1
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d18b6c, puLen=0xd7e784) returned 1
[0143.152] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0143.152] VerQueryValueW (in: pBlock=0x2d18794, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d187bc, puLen=0xd7e794) returned 1
[0143.153] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0143.153] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0143.153] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0143.153] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0143.153] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0143.154] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0143.161] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d1aeec | out: lpData=0x2d1aeec) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d1b31c, puLen=0xd7e810) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1afa4, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1aff8, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b068, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b0c8, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b124, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b1ac, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b204, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b25c, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b28c, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1b2c8, puLen=0xd7e790) returned 1
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d1b31c, puLen=0xd7e784) returned 1
[0143.162] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0143.162] VerQueryValueW (in: pBlock=0x2d1aeec, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d1af14, puLen=0xd7e794) returned 1
[0143.163] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0143.164] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.165] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0143.165] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.166] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.166] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=0, nHeight=0, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3013e
[0143.166] SetWindowLongW (hWnd=0x3013e, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0143.166] GetWindowLongW (hWnd=0x3013e, nIndex=-4) returned 1950089536
[0143.167] SetWindowLongW (hWnd=0x3013e, nIndex=-4, dwNewLong=19926166) returned 1950089536
[0143.167] GetWindowLongW (hWnd=0x3013e, nIndex=-4) returned 19926166
[0143.167] GetWindowLongW (hWnd=0x3013e, nIndex=-16) returned 113311744
[0143.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0143.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0143.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0143.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0143.168] GetClientRect (in: hWnd=0x3013e, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0143.168] GetWindowRect (in: hWnd=0x3013e, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0143.168] SetWindowTextW (hWnd=0x3013e, lpString="WindowsFormsParkingWindow") returned 1
[0143.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0xc, wParam=0x0, lParam=0x2d1f864) returned 0x1
[0143.169] GetParent (hWnd=0x3013e) returned 0x0
[0143.169] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.169] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3013e, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x400ea
[0143.169] SetWindowLongW (hWnd=0x400ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0143.170] GetWindowLongW (hWnd=0x400ea, nIndex=-4) returned 1868147648
[0143.171] SetWindowLongW (hWnd=0x400ea, nIndex=-4, dwNewLong=19924150) returned 1868147648
[0143.171] GetWindowLongW (hWnd=0x400ea, nIndex=-4) returned 19924150
[0143.171] GetWindowLongW (hWnd=0x400ea, nIndex=-16) returned 1174405133
[0143.171] GetWindowLongW (hWnd=0x400ea, nIndex=-12) returned 0
[0143.171] SetWindowLongW (hWnd=0x400ea, nIndex=-12, dwNewLong=262378) returned 0
[0143.171] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0143.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0143.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0143.173] GetClientRect (in: hWnd=0x400ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0143.173] GetWindowRect (in: hWnd=0x400ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0143.173] GetParent (hWnd=0x400ea) returned 0x3013e
[0143.173] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3013e, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0143.173] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0143.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0143.174] GetClientRect (in: hWnd=0x400ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0143.174] GetWindowRect (in: hWnd=0x400ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0143.174] GetParent (hWnd=0x400ea) returned 0x3013e
[0143.174] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3013e, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0143.174] SendMessageW (hWnd=0x400ea, Msg=0x2210, wParam=0xea0001, lParam=0x400ea) returned 0x0
[0143.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x2210, wParam=0xea0001, lParam=0x400ea) returned 0x0
[0143.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.174] GetParent (hWnd=0x400ea) returned 0x3013e
[0143.175] GdipCreateFromHWND (hwnd=0x400ea, graphics=0xd7e844) returned 0x0
[0143.175] GdipMeasureString (graphics=0x66319c8, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0143.206] GdipDeleteGraphics (graphics=0x66319c8) returned 0x0
[0143.206] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.206] GetSystemMetrics (nIndex=42) returned 0
[0143.206] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0143.207] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.207] GetSystemMetrics (nIndex=42) returned 0
[0143.207] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0143.207] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.208] GetCursorPos (in: lpPoint=0x2d1fe2c | out: lpPoint=0x2d1fe2c*(x=242, y=625)) returned 1
[0143.210] GetSystemMetrics (nIndex=80) returned 1
[0143.211] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0143.212] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x78010793
[0143.213] GetDeviceCaps (hdc=0x78010793, index=12) returned 32
[0143.213] GetDeviceCaps (hdc=0x78010793, index=14) returned 1
[0143.213] DeleteDC (hdc=0x78010793) returned 1
[0143.213] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0143.213] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0143.213] GetSystemMetrics (nIndex=59) returned 1460
[0143.213] GetSystemMetrics (nIndex=60) returned 920
[0143.213] GetSystemMetrics (nIndex=34) returned 136
[0143.213] GetSystemMetrics (nIndex=35) returned 39
[0143.214] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.214] GetCursorPos (in: lpPoint=0x2d2010c | out: lpPoint=0x2d2010c*(x=242, y=625)) returned 1
[0143.214] MonitorFromPoint (pt=0xf5, dwFlags=0x270) returned 0x10001
[0143.214] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0143.214] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x79010793
[0143.214] GetDeviceCaps (hdc=0x79010793, index=12) returned 32
[0143.214] GetDeviceCaps (hdc=0x79010793, index=14) returned 1
[0143.214] DeleteDC (hdc=0x79010793) returned 1
[0143.215] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0143.215] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0143.239] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.239] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0143.243] LoadIconW (hInstance=0x0, lpIconName=0x7f01) returned 0x1002d
[0143.245] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d20480 | out: piconinfo=0x2d20480) returned 1
[0143.246] GetObjectW (in: h=0x2c0507e7, c=24, pv=0x2d2049c | out: pv=0x2d2049c) returned 24
[0143.247] GdipCreateBitmapFromHBITMAP (hbm=0x2c0507e7, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0143.247] GdipGetImageWidth (image=0x66319c8, width=0xd7e750) returned 0x0
[0143.247] GdipGetImageHeight (image=0x66319c8, height=0xd7e748) returned 0x0
[0143.248] GdipGetImagePixelFormat (image=0x66319c8, format=0xd7e740) returned 0x0
[0143.248] GdipBitmapLockBits (bitmap=0x66319c8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d20570) returned 0x0
[0143.249] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0143.249] GdipBitmapLockBits (bitmap=0x663bbb0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d205a8) returned 0x0
[0143.250] RtlMoveMemory (in: Destination=0x66362d0, Source=0x663bb28, Length=0x80 | out: Destination=0x66362d0)
[0143.250] RtlMoveMemory (in: Destination=0x6636350, Source=0x663baa8, Length=0x80 | out: Destination=0x6636350)
[0143.250] RtlMoveMemory (in: Destination=0x66363d0, Source=0x663ba28, Length=0x80 | out: Destination=0x66363d0)
[0143.250] RtlMoveMemory (in: Destination=0x6636450, Source=0x663b9a8, Length=0x80 | out: Destination=0x6636450)
[0143.250] RtlMoveMemory (in: Destination=0x66364d0, Source=0x663b928, Length=0x80 | out: Destination=0x66364d0)
[0143.250] RtlMoveMemory (in: Destination=0x6636550, Source=0x663b8a8, Length=0x80 | out: Destination=0x6636550)
[0143.250] RtlMoveMemory (in: Destination=0x66365d0, Source=0x663b828, Length=0x80 | out: Destination=0x66365d0)
[0143.250] RtlMoveMemory (in: Destination=0x6636650, Source=0x663b7a8, Length=0x80 | out: Destination=0x6636650)
[0143.250] RtlMoveMemory (in: Destination=0x66366d0, Source=0x663b728, Length=0x80 | out: Destination=0x66366d0)
[0143.250] RtlMoveMemory (in: Destination=0x6636750, Source=0x663b6a8, Length=0x80 | out: Destination=0x6636750)
[0143.250] RtlMoveMemory (in: Destination=0x66367d0, Source=0x663b628, Length=0x80 | out: Destination=0x66367d0)
[0143.250] RtlMoveMemory (in: Destination=0x6636850, Source=0x663b5a8, Length=0x80 | out: Destination=0x6636850)
[0143.251] RtlMoveMemory (in: Destination=0x66368d0, Source=0x663b528, Length=0x80 | out: Destination=0x66368d0)
[0143.251] RtlMoveMemory (in: Destination=0x6636950, Source=0x663b4a8, Length=0x80 | out: Destination=0x6636950)
[0143.251] RtlMoveMemory (in: Destination=0x66369d0, Source=0x663b428, Length=0x80 | out: Destination=0x66369d0)
[0143.251] RtlMoveMemory (in: Destination=0x6636a50, Source=0x663b3a8, Length=0x80 | out: Destination=0x6636a50)
[0143.251] RtlMoveMemory (in: Destination=0x6636ad0, Source=0x663b328, Length=0x80 | out: Destination=0x6636ad0)
[0143.251] RtlMoveMemory (in: Destination=0x6636b50, Source=0x663b2a8, Length=0x80 | out: Destination=0x6636b50)
[0143.251] RtlMoveMemory (in: Destination=0x6636bd0, Source=0x663b228, Length=0x80 | out: Destination=0x6636bd0)
[0143.251] RtlMoveMemory (in: Destination=0x6636c50, Source=0x663b1a8, Length=0x80 | out: Destination=0x6636c50)
[0143.251] RtlMoveMemory (in: Destination=0x6636cd0, Source=0x663b128, Length=0x80 | out: Destination=0x6636cd0)
[0143.251] RtlMoveMemory (in: Destination=0x6636d50, Source=0x663b0a8, Length=0x80 | out: Destination=0x6636d50)
[0143.251] RtlMoveMemory (in: Destination=0x6636dd0, Source=0x663b028, Length=0x80 | out: Destination=0x6636dd0)
[0143.251] RtlMoveMemory (in: Destination=0x6636e50, Source=0x663afa8, Length=0x80 | out: Destination=0x6636e50)
[0143.251] RtlMoveMemory (in: Destination=0x6636ed0, Source=0x663af28, Length=0x80 | out: Destination=0x6636ed0)
[0143.251] RtlMoveMemory (in: Destination=0x6636f50, Source=0x663aea8, Length=0x80 | out: Destination=0x6636f50)
[0143.251] RtlMoveMemory (in: Destination=0x6636fd0, Source=0x663ae28, Length=0x80 | out: Destination=0x6636fd0)
[0143.251] RtlMoveMemory (in: Destination=0x6637050, Source=0x663ada8, Length=0x80 | out: Destination=0x6637050)
[0143.251] RtlMoveMemory (in: Destination=0x66370d0, Source=0x663ad28, Length=0x80 | out: Destination=0x66370d0)
[0143.251] RtlMoveMemory (in: Destination=0x6637150, Source=0x663aca8, Length=0x80 | out: Destination=0x6637150)
[0143.251] RtlMoveMemory (in: Destination=0x66371d0, Source=0x663ac28, Length=0x80 | out: Destination=0x66371d0)
[0143.251] RtlMoveMemory (in: Destination=0x6637250, Source=0x663aba8, Length=0x80 | out: Destination=0x6637250)
[0143.252] GdipBitmapUnlockBits (bitmap=0x66319c8, lockedBitmapData=0x2d20570) returned 0x0
[0143.252] GdipBitmapUnlockBits (bitmap=0x663bbb0, lockedBitmapData=0x2d205a8) returned 0x0
[0143.252] GdipDisposeImage (image=0x66319c8) returned 0x0
[0143.252] DeleteObject (ho=0x2c0507e7) returned 1
[0143.252] DeleteObject (ho=0x7a050793) returned 1
[0143.252] GetCurrentThreadId () returned 0xf50
[0143.252] GetCurrentThreadId () returned 0xf50
[0143.252] SetWindowPos (hWnd=0x400ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0143.252] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0143.252] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0143.253] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0143.253] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0143.253] GetClientRect (in: hWnd=0x400ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0143.253] GetWindowRect (in: hWnd=0x400ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0143.253] GetParent (hWnd=0x400ea) returned 0x3013e
[0143.253] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3013e, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0143.253] InvalidateRect (hWnd=0x400ea, lpRect=0x0, bErase=1) returned 1
[0143.253] GetWindowTextLengthW (hWnd=0x400ea) returned 0
[0143.253] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0143.253] GetSystemMetrics (nIndex=42) returned 0
[0143.253] GetWindowTextW (in: hWnd=0x400ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0143.253] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0143.253] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0143.253] GetClientRect (in: hWnd=0x400ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0143.253] GetWindowRect (in: hWnd=0x400ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0143.253] GetParent (hWnd=0x400ea) returned 0x3013e
[0143.254] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3013e, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0143.255] GetWindowTextLengthW (hWnd=0x400ea) returned 0
[0143.255] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0143.255] GetSystemMetrics (nIndex=42) returned 0
[0143.255] GetWindowTextW (in: hWnd=0x400ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0143.255] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0143.255] GetWindowTextLengthW (hWnd=0x400ea) returned 0
[0143.255] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0143.255] GetSystemMetrics (nIndex=42) returned 0
[0143.255] GetWindowTextW (in: hWnd=0x400ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0143.255] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0143.255] SetWindowTextW (hWnd=0x400ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0143.255] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xc, wParam=0x0, lParam=0x2cf79c0) returned 0x1
[0143.255] InvalidateRect (hWnd=0x400ea, lpRect=0x0, bErase=1) returned 1
[0143.255] GetCurrentThreadId () returned 0xf50
[0143.256] GetWindowThreadProcessId (in: hWnd=0x400ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0143.259] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0143.261] GdipImageForceValidation (image=0x66319c8) returned 0x0
[0143.263] GdipGetImageRawFormat (image=0x66319c8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0143.264] GdipGetImageHeight (image=0x66319c8, height=0xd7e824) returned 0x0
[0143.264] GdipGetImageWidth (image=0x66319c8, width=0xd7e824) returned 0x0
[0143.264] GdipGetImageWidth (image=0x66319c8, width=0xd7e810) returned 0x0
[0143.264] GdipGetImageHeight (image=0x66319c8, height=0xd7e810) returned 0x0
[0143.264] GdipGetImageWidth (image=0x66319c8, width=0xd7e800) returned 0x0
[0143.264] GdipGetImageHeight (image=0x66319c8, height=0xd7e800) returned 0x0
[0143.264] GdipBitmapGetPixel (bitmap=0x66319c8, x=0, y=15, color=0xd7e810) returned 0x0
[0143.265] GdipGetImageRawFormat (image=0x66319c8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0143.265] GdipGetImageWidth (image=0x66319c8, width=0xd7e740) returned 0x0
[0143.265] GdipGetImageHeight (image=0x66319c8, height=0xd7e740) returned 0x0
[0143.265] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0143.265] GdipGetImagePixelFormat (image=0x66372d8, format=0xd7e740) returned 0x0
[0143.265] GdipGetImageGraphicsContext (image=0x66372d8, graphics=0xd7e74c) returned 0x0
[0143.265] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0143.265] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0143.266] GdipSetImageAttributesColorKeys (imageattr=0x65ffc88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0143.266] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66319c8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x65ffc88, callback=0x0, callbackData=0x0) returned 0x0
[0143.266] GdipDisposeImageAttributes (imageattr=0x65ffc88) returned 0x0
[0143.266] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0143.266] GdipDisposeImage (image=0x66319c8) returned 0x0
[0143.267] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0143.268] GdipImageForceValidation (image=0x66319c8) returned 0x0
[0143.269] GdipGetImageRawFormat (image=0x66319c8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0143.269] GdipGetImageHeight (image=0x66319c8, height=0xd7e824) returned 0x0
[0143.269] GdipGetImageWidth (image=0x66319c8, width=0xd7e824) returned 0x0
[0143.269] GdipGetImageWidth (image=0x66319c8, width=0xd7e810) returned 0x0
[0143.269] GdipGetImageHeight (image=0x66319c8, height=0xd7e810) returned 0x0
[0143.269] GdipGetImageWidth (image=0x66319c8, width=0xd7e800) returned 0x0
[0143.269] GdipGetImageHeight (image=0x66319c8, height=0xd7e800) returned 0x0
[0143.269] GdipBitmapGetPixel (bitmap=0x66319c8, x=0, y=15, color=0xd7e810) returned 0x0
[0143.269] GdipGetImageRawFormat (image=0x66319c8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0143.269] GdipGetImageWidth (image=0x66319c8, width=0xd7e740) returned 0x0
[0143.269] GdipGetImageHeight (image=0x66319c8, height=0xd7e740) returned 0x0
[0143.269] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0143.269] GdipGetImagePixelFormat (image=0x663a560, format=0xd7e740) returned 0x0
[0143.270] GdipGetImageGraphicsContext (image=0x663a560, graphics=0xd7e74c) returned 0x0
[0143.270] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0143.270] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0143.270] GdipSetImageAttributesColorKeys (imageattr=0x65ffc88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0143.270] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66319c8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x65ffc88, callback=0x0, callbackData=0x0) returned 0x0
[0143.270] GdipDisposeImageAttributes (imageattr=0x65ffc88) returned 0x0
[0143.270] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0143.270] GdipDisposeImage (image=0x66319c8) returned 0x0
[0143.270] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.271] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0143.271] GetCurrentThreadId () returned 0xf50
[0143.271] GetCurrentThreadId () returned 0xf50
[0143.271] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.271] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0143.271] GetCurrentThreadId () returned 0xf50
[0143.271] GetCurrentThreadId () returned 0xf50
[0143.272] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.272] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0143.272] GetCurrentThreadId () returned 0xf50
[0143.272] GetCurrentThreadId () returned 0xf50
[0143.272] GetSystemMetrics (nIndex=5) returned 1
[0143.272] GetSystemMetrics (nIndex=6) returned 1
[0143.272] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.272] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0143.273] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.273] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0143.273] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.273] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0143.273] GetCurrentThreadId () returned 0xf50
[0143.273] GetCurrentThreadId () returned 0xf50
[0143.276] GetProcessWindowStation () returned 0x13c
[0143.277] GetCapture () returned 0x0
[0143.277] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0143.277] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.277] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0143.277] GetCursorPos (in: lpPoint=0x2d21818 | out: lpPoint=0x2d21818*(x=242, y=625)) returned 1
[0143.277] MonitorFromPoint (pt=0xf2, dwFlags=0x271) returned 0x10001
[0143.277] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0143.277] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7b010793
[0143.278] GetDeviceCaps (hdc=0x7b010793, index=12) returned 32
[0143.278] GetDeviceCaps (hdc=0x7b010793, index=14) returned 1
[0143.278] DeleteDC (hdc=0x7b010793) returned 1
[0143.278] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0143.278] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.278] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x302d8
[0143.279] SetWindowLongW (hWnd=0x302d8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0143.279] GetWindowLongW (hWnd=0x302d8, nIndex=-4) returned 1950089536
[0143.279] SetWindowLongW (hWnd=0x302d8, nIndex=-4, dwNewLong=19938566) returned 1950089536
[0143.279] GetWindowLongW (hWnd=0x302d8, nIndex=-4) returned 19938566
[0143.279] GetWindowLongW (hWnd=0x302d8, nIndex=-16) returned 113770496
[0143.280] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0143.281] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0143.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0143.282] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0143.282] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0143.282] SetWindowTextW (hWnd=0x302d8, lpString="BB ransomware") returned 1
[0143.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xc, wParam=0x0, lParam=0x2d1fd18) returned 0x1
[0143.282] GetStartupInfoW (in: lpStartupInfo=0x2d21b54 | out: lpStartupInfo=0x2d21b54*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0143.283] GetParent (hWnd=0x302d8) returned 0x0
[0143.283] SetWindowLongW (hWnd=0x302d8, nIndex=-8, dwNewLong=0) returned 0
[0143.283] SendMessageW (hWnd=0x302d8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0143.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0143.284] SendMessageW (hWnd=0x302d8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0143.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0143.284] GetSystemMenu (hWnd=0x302d8, bRevert=0) returned 0x130113
[0143.284] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0143.284] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0143.284] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0143.284] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0143.284] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0143.285] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0143.285] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0143.285] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0143.285] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0143.285] SetWindowPos (hWnd=0x302d8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0143.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0143.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x302d8) returned 0x1
[0143.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0143.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0143.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x302d8, lParam=0x0) returned 0x0
[0143.293] GetCapture () returned 0x0
[0143.293] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0143.294] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0143.296] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0143.297] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0143.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0143.298] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0143.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0143.298] GetParent (hWnd=0x302d8) returned 0x0
[0143.298] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0143.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0143.300] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0143.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0143.300] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0143.300] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0143.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.303] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.303] GetWindowLongW (hWnd=0x302d8, nIndex=-16) returned 113770496
[0143.303] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.303] GetSystemMetrics (nIndex=42) returned 0
[0143.303] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0143.303] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.303] GetSystemMetrics (nIndex=42) returned 0
[0143.303] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0143.303] GetCursorPos (in: lpPoint=0x2d21d90 | out: lpPoint=0x2d21d90*(x=242, y=625)) returned 1
[0143.304] MonitorFromPoint (pt=0xf0, dwFlags=0x273) returned 0x10001
[0143.304] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0143.304] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7301067c
[0143.304] GetDeviceCaps (hdc=0x7301067c, index=12) returned 32
[0143.304] GetDeviceCaps (hdc=0x7301067c, index=14) returned 1
[0143.304] DeleteDC (hdc=0x7301067c) returned 1
[0143.304] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0143.304] GetWindowLongW (hWnd=0x302d8, nIndex=-16) returned 113770496
[0143.304] GetWindowLongW (hWnd=0x302d8, nIndex=-20) returned 327945
[0143.304] SetWindowLongW (hWnd=0x302d8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0143.304] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0143.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0143.310] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.310] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.311] SetWindowLongW (hWnd=0x302d8, nIndex=-20, dwNewLong=327681) returned 327945
[0143.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0143.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0143.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.313] SetWindowPos (hWnd=0x302d8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0143.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0143.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0143.314] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0143.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0143.314] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0143.314] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0143.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.317] RedrawWindow (hWnd=0x302d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0143.317] GetSystemMenu (hWnd=0x302d8, bRevert=0) returned 0x130113
[0143.317] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0143.317] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0143.317] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0143.317] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0143.317] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0143.317] EnableMenuItem (hMenu=0x130113, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0143.317] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0143.317] GetWindowLongW (hWnd=0x302d8, nIndex=-8) returned 0
[0143.317] SetWindowLongW (hWnd=0x302d8, nIndex=-8, dwNewLong=458844) returned 0
[0143.321] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0143.321] GetProcessWindowStation () returned 0x13c
[0143.344] GetCurrentThreadId () returned 0xf50
[0143.349] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1303e46, lParam=0x0) returned 1
[0143.350] IsWindowVisible (hWnd=0x302d8) returned 0
[0143.350] IsWindowVisible (hWnd=0x7005c) returned 1
[0143.350] IsWindowEnabled (hWnd=0x7005c) returned 1
[0143.350] IsWindowVisible (hWnd=0x300ec) returned 0
[0143.350] IsWindowVisible (hWnd=0x502c6) returned 0
[0143.350] IsWindowVisible (hWnd=0x502be) returned 0
[0143.351] GetActiveWindow () returned 0x302d8
[0143.351] GetFocus () returned 0x302d8
[0143.351] IsWindow (hWnd=0x7005c) returned 1
[0143.352] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0143.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0143.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0143.354] GetWindowLongW (hWnd=0x302d8, nIndex=-8) returned 458844
[0143.354] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0143.354] GetCurrentThreadId () returned 0xf50
[0143.354] GetWindowLongW (hWnd=0x302d8, nIndex=-8) returned 458844
[0143.354] IsWindowEnabled (hWnd=0x7005c) returned 0
[0143.354] IsWindowEnabled (hWnd=0x302d8) returned 1
[0143.354] ShowWindow (hWnd=0x302d8, nCmdShow=5) returned 0
[0143.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.354] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0143.355] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.355] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.355] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x302d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802ca
[0143.355] SetWindowLongW (hWnd=0x802ca, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0143.355] GetWindowLongW (hWnd=0x802ca, nIndex=-4) returned 1950089536
[0143.356] SetWindowLongW (hWnd=0x802ca, nIndex=-4, dwNewLong=19938406) returned 1950089536
[0143.356] GetWindowLongW (hWnd=0x802ca, nIndex=-4) returned 19938406
[0143.356] GetWindowLongW (hWnd=0x802ca, nIndex=-16) returned 1174405120
[0143.356] GetWindowLongW (hWnd=0x802ca, nIndex=-12) returned 0
[0143.356] SetWindowLongW (hWnd=0x802ca, nIndex=-12, dwNewLong=525002) returned 0
[0143.356] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0143.356] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0143.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0143.357] GetWindow (hWnd=0x802ca, uCmd=0x3) returned 0x0
[0143.357] GetClientRect (in: hWnd=0x802ca, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0143.357] GetWindowRect (in: hWnd=0x802ca, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0143.357] GetParent (hWnd=0x802ca) returned 0x302d8
[0143.357] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0143.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0143.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0143.357] GetClientRect (in: hWnd=0x802ca, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0143.357] GetWindowRect (in: hWnd=0x802ca, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0143.357] GetParent (hWnd=0x802ca) returned 0x302d8
[0143.357] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0143.358] SendMessageW (hWnd=0x802ca, Msg=0x2210, wParam=0x2ca0001, lParam=0x802ca) returned 0x0
[0143.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x2210, wParam=0x2ca0001, lParam=0x802ca) returned 0x0
[0143.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.358] GetParent (hWnd=0x802ca) returned 0x302d8
[0143.358] GetParent (hWnd=0x400ea) returned 0x3013e
[0143.358] SetParent (hWndChild=0x400ea, hWndNewParent=0x302d8) returned 0x3013e
[0143.358] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0143.359] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0143.359] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0143.359] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0143.359] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0143.359] GetClientRect (in: hWnd=0x400ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0143.359] GetWindowRect (in: hWnd=0x400ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0143.359] GetParent (hWnd=0x400ea) returned 0x302d8
[0143.359] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0143.359] GetClientRect (in: hWnd=0x400ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0143.359] GetWindowRect (in: hWnd=0x400ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0143.359] GetParent (hWnd=0x400ea) returned 0x302d8
[0143.359] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0143.359] GetParent (hWnd=0x400ea) returned 0x302d8
[0143.360] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.360] GetWindow (hWnd=0x400ea, uCmd=0x3) returned 0x0
[0143.360] SetWindowPos (hWnd=0x400ea, hWndInsertAfter=0x802ca, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0143.360] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0143.360] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0143.361] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0143.361] GetClientRect (in: hWnd=0x400ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0143.361] GetWindowRect (in: hWnd=0x400ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0143.361] GetParent (hWnd=0x400ea) returned 0x302d8
[0143.361] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0143.361] GetParent (hWnd=0x400ea) returned 0x302d8
[0143.361] GetWindow (hWnd=0x400ea, uCmd=0x3) returned 0x802ca
[0143.361] GetWindowThreadProcessId (in: hWnd=0x400ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0143.361] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0143.361] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.361] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.362] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x302d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x202d2
[0143.362] SetWindowLongW (hWnd=0x202d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0143.362] GetWindowLongW (hWnd=0x202d2, nIndex=-4) returned 1868032000
[0143.362] SetWindowLongW (hWnd=0x202d2, nIndex=-4, dwNewLong=19938446) returned 1868032000
[0143.362] GetWindowLongW (hWnd=0x202d2, nIndex=-4) returned 19938446
[0143.362] GetWindowLongW (hWnd=0x202d2, nIndex=-16) returned 1174470667
[0143.363] GetWindowLongW (hWnd=0x202d2, nIndex=-12) returned 0
[0143.363] SetWindowLongW (hWnd=0x202d2, nIndex=-12, dwNewLong=131794) returned 0
[0143.363] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0143.363] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0143.363] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0143.364] SendMessageW (hWnd=0x202d2, Msg=0x2055, wParam=0x202d2, lParam=0x3) returned 0x2
[0143.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0143.364] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0143.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0143.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0143.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0143.365] RedrawWindow (hWnd=0x802ca, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0143.365] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0143.365] RedrawWindow (hWnd=0x400ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0143.365] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0143.365] RedrawWindow (hWnd=0x202d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0143.365] RedrawWindow (hWnd=0x302d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0143.365] GetWindow (hWnd=0x202d2, uCmd=0x3) returned 0x400ea
[0143.365] GetClientRect (in: hWnd=0x202d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0143.365] GetWindowRect (in: hWnd=0x202d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0143.365] GetParent (hWnd=0x202d2) returned 0x302d8
[0143.365] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0143.366] SetWindowTextW (hWnd=0x202d2, lpString="&Details") returned 1
[0143.366] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0xc, wParam=0x0, lParam=0x2d209b4) returned 0x1
[0143.366] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0143.366] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0143.366] GetClientRect (in: hWnd=0x202d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0143.366] GetWindowRect (in: hWnd=0x202d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0143.366] GetParent (hWnd=0x202d2) returned 0x302d8
[0143.366] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0143.366] SendMessageW (hWnd=0x202d2, Msg=0x2210, wParam=0x2d20001, lParam=0x202d2) returned 0x0
[0143.366] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x2210, wParam=0x2d20001, lParam=0x202d2) returned 0x0
[0143.367] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.367] GetParent (hWnd=0x202d2) returned 0x302d8
[0143.367] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0143.367] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.367] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.367] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x302d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x102da
[0143.368] SetWindowLongW (hWnd=0x102da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0143.368] GetWindowLongW (hWnd=0x102da, nIndex=-4) returned 1868032000
[0143.368] SetWindowLongW (hWnd=0x102da, nIndex=-4, dwNewLong=19938606) returned 1868032000
[0143.369] GetWindowLongW (hWnd=0x102da, nIndex=-4) returned 19938606
[0143.369] GetWindowLongW (hWnd=0x102da, nIndex=-16) returned 1174470667
[0143.369] GetWindowLongW (hWnd=0x102da, nIndex=-12) returned 0
[0143.369] SetWindowLongW (hWnd=0x102da, nIndex=-12, dwNewLong=66266) returned 0
[0143.369] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0143.370] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0143.370] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0143.371] SendMessageW (hWnd=0x102da, Msg=0x2055, wParam=0x102da, lParam=0x3) returned 0x2
[0143.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0143.371] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0143.371] GetWindow (hWnd=0x102da, uCmd=0x3) returned 0x202d2
[0143.371] GetClientRect (in: hWnd=0x102da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0143.371] GetWindowRect (in: hWnd=0x102da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0143.371] GetParent (hWnd=0x102da) returned 0x302d8
[0143.371] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0143.371] SetWindowTextW (hWnd=0x102da, lpString="&Continue") returned 1
[0143.371] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0xc, wParam=0x0, lParam=0x2d208c8) returned 0x1
[0143.372] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0143.372] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0143.372] GetClientRect (in: hWnd=0x102da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0143.372] GetWindowRect (in: hWnd=0x102da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0143.372] GetParent (hWnd=0x102da) returned 0x302d8
[0143.372] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0143.372] SendMessageW (hWnd=0x102da, Msg=0x2210, wParam=0x2da0001, lParam=0x102da) returned 0x0
[0143.372] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x2210, wParam=0x2da0001, lParam=0x102da) returned 0x0
[0143.372] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.372] GetParent (hWnd=0x102da) returned 0x302d8
[0143.373] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0143.373] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.373] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.373] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x302d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x102dc
[0143.374] SetWindowLongW (hWnd=0x102dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0143.374] GetWindowLongW (hWnd=0x102dc, nIndex=-4) returned 1868032000
[0143.374] SetWindowLongW (hWnd=0x102dc, nIndex=-4, dwNewLong=19938486) returned 1868032000
[0143.374] GetWindowLongW (hWnd=0x102dc, nIndex=-4) returned 19938486
[0143.374] GetWindowLongW (hWnd=0x102dc, nIndex=-16) returned 1174470667
[0143.374] GetWindowLongW (hWnd=0x102dc, nIndex=-12) returned 0
[0143.374] SetWindowLongW (hWnd=0x102dc, nIndex=-12, dwNewLong=66268) returned 0
[0143.374] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0143.375] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0143.375] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0143.376] SendMessageW (hWnd=0x102dc, Msg=0x2055, wParam=0x102dc, lParam=0x3) returned 0x2
[0143.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0143.376] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0143.376] GetWindow (hWnd=0x102dc, uCmd=0x3) returned 0x102da
[0143.376] GetClientRect (in: hWnd=0x102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0143.376] GetWindowRect (in: hWnd=0x102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0143.376] GetParent (hWnd=0x102dc) returned 0x302d8
[0143.376] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0143.376] SetWindowTextW (hWnd=0x102dc, lpString="&Quit") returned 1
[0143.376] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0xc, wParam=0x0, lParam=0x2d2091c) returned 0x1
[0143.377] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0143.377] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0143.377] GetClientRect (in: hWnd=0x102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0143.377] GetWindowRect (in: hWnd=0x102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0143.377] GetParent (hWnd=0x102dc) returned 0x302d8
[0143.377] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0143.377] SendMessageW (hWnd=0x102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x102dc) returned 0x0
[0143.377] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x102dc) returned 0x0
[0143.377] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.378] GetParent (hWnd=0x102dc) returned 0x302d8
[0143.378] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0143.378] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0143.378] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0143.378] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x302d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x102de
[0143.379] SetWindowLongW (hWnd=0x102de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0143.379] GetWindowLongW (hWnd=0x102de, nIndex=-4) returned 1868026976
[0143.379] SetWindowLongW (hWnd=0x102de, nIndex=-4, dwNewLong=19938526) returned 1868026976
[0143.379] GetWindowLongW (hWnd=0x102de, nIndex=-4) returned 19938526
[0143.379] GetWindowLongW (hWnd=0x102de, nIndex=-16) returned 1177553092
[0143.379] GetWindowLongW (hWnd=0x102de, nIndex=-12) returned 0
[0143.379] SetWindowLongW (hWnd=0x102de, nIndex=-12, dwNewLong=66270) returned 0
[0143.380] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0143.381] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0143.382] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0143.505] GetWindow (hWnd=0x102de, uCmd=0x3) returned 0x102dc
[0143.505] GetClientRect (in: hWnd=0x102de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0143.505] GetWindowRect (in: hWnd=0x102de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0143.505] GetParent (hWnd=0x102de) returned 0x302d8
[0143.505] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0143.505] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.505] GetSystemMetrics (nIndex=42) returned 0
[0143.505] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0143.506] SendMessageW (hWnd=0x102de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0143.506] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0143.511] SetWindowTextW (hWnd=0x102de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0143.511] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0xc, wParam=0x0, lParam=0x2d1d4ac) returned 0x1
[0143.528] GetSystemMetrics (nIndex=5) returned 1
[0143.528] GetSystemMetrics (nIndex=6) returned 1
[0143.528] SendMessageW (hWnd=0x102de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0143.528] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0143.529] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0143.530] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0143.530] GetClientRect (in: hWnd=0x102de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0143.530] GetWindowRect (in: hWnd=0x102de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0143.530] GetParent (hWnd=0x102de) returned 0x302d8
[0143.530] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302d8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0143.530] SendMessageW (hWnd=0x102de, Msg=0x2210, wParam=0x2de0001, lParam=0x102de) returned 0x0
[0143.530] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x2210, wParam=0x2de0001, lParam=0x102de) returned 0x0
[0143.530] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0143.531] GetParent (hWnd=0x102de) returned 0x302d8
[0143.531] GetWindowLongW (hWnd=0x302d8, nIndex=-8) returned 458844
[0143.531] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0143.531] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0143.531] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7b01067c
[0143.531] GetDeviceCaps (hdc=0x7b01067c, index=12) returned 32
[0143.531] GetDeviceCaps (hdc=0x7b01067c, index=14) returned 1
[0143.531] DeleteDC (hdc=0x7b01067c) returned 1
[0143.531] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0143.531] GetWindowThreadProcessId (in: hWnd=0x302d8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0143.531] GetCurrentThreadId () returned 0xf50
[0143.532] PostMessageW (hWnd=0x302d8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0143.532] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.532] GetSystemMetrics (nIndex=42) returned 0
[0143.532] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0143.532] GdipImageGetFrameDimensionsCount (image=0x663bbb0, count=0xd7e25c) returned 0x0
[0143.532] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7358
[0143.533] GdipImageGetFrameDimensionsList (image=0x663bbb0, dimensionIDs=0x11f7358*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0143.534] LocalFree (hMem=0x11f7358) returned 0x0
[0143.535] GdipImageGetFrameDimensionsCount (image=0x66372d8, count=0xd7e250) returned 0x0
[0143.535] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7118
[0143.535] GdipImageGetFrameDimensionsList (image=0x66372d8, dimensionIDs=0x11f7118*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0143.535] LocalFree (hMem=0x11f7118) returned 0x0
[0143.536] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0143.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0143.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0143.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.548] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0143.548] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0143.548] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.548] GetSystemMetrics (nIndex=42) returned 0
[0143.548] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0143.548] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0143.550] EnumDisplayMonitors (hdc=0x0, lprcClip=0x0, lpfnEnum=0x1303e1e, dwData=0x0) returned 1
[0143.551] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7df78 | out: lpmi=0xd7df78) returned 1
[0143.551] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8501067c
[0143.551] GetDeviceCaps (hdc=0x8501067c, index=12) returned 32
[0143.551] GetDeviceCaps (hdc=0x8501067c, index=14) returned 1
[0143.551] DeleteDC (hdc=0x8501067c) returned 1
[0143.551] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0143.551] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0143.551] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xfffffffff70507eb
[0143.551] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0143.551] SaveDC (hdc=0x107b9) returned 1
[0143.551] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0143.551] CreateSolidBrush (color=0xf0f0f0) returned 0x261007e1
[0143.551] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x261007e1) returned 1
[0143.552] DeleteObject (ho=0x261007e1) returned 1
[0143.552] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0143.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.552] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.552] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0143.553] GetStockObject (i=5) returned 0x900015
[0143.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0143.553] GetStockObject (i=5) returned 0x900015
[0143.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0143.553] GetStockObject (i=5) returned 0x900015
[0143.553] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x1
[0143.554] SetTextColor (hdc=0xc0107c5, color=0x0) returned 0x0
[0143.554] SetBkColor (hdc=0xc0107c5, color=0xffffff) returned 0xffffff
[0143.559] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7de2c | out: lpwndpl=0xd7de2c) returned 1
[0143.560] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7ddd8 | out: lpRect=0xd7ddd8) returned 1
[0143.560] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.560] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.560] GetSystemMetrics (nIndex=42) returned 0
[0143.560] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dc94, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.560] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dc94) returned 0xd
[0143.560] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dce0 | out: lpRect=0xd7dce0) returned 1
[0143.560] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc18) returned 0x0
[0143.560] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc18) returned 0x0
[0143.560] SelectPalette (hdc=0x9301067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0143.560] GdipCreateFromHDC (hdc=0x9301067c, graphics=0xd7dc10) returned 0x0
[0143.560] GdipSetPageUnit (graphics=0x6600030, unit=0x2) returned 0x0
[0143.560] GdipCreateMatrix (matrix=0xd7dbd0) returned 0x0
[0143.560] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0143.560] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dbe8) returned 0x0
[0143.560] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0143.561] GdipCreateRegion (region=0xd7dbd0) returned 0x0
[0143.561] GdipGetClip (graphics=0x6600030, region=0x6639090) returned 0x0
[0143.561] GdipIsInfiniteRegion (region=0x6639090, graphics=0x6600030, result=0xd7dbdc) returned 0x0
[0143.561] GdipDeleteRegion (region=0x6639090) returned 0x0
[0143.561] GdipSaveGraphics (graphics=0x6600030, state=0xd7dc08) returned 0x0
[0143.561] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7daa4) returned 0x0
[0143.569] GdipFillRectangleI (graphics=0x6600030, brush=0x66319c8, x=0, y=0, width=801, height=453) returned 0x0
[0143.569] GdipDeleteBrush (brush=0x66319c8) returned 0x0
[0143.571] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0143.571] SelectPalette (hdc=0x9301067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0143.606] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.606] GetSystemMetrics (nIndex=42) returned 0
[0143.606] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dc34, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dc34) returned 0xd
[0143.607] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc80 | out: lpRect=0xd7dc80) returned 1
[0143.607] GdipGetImageFlags (image=0x65ff260, flags=0xd7dbb8) returned 0x0
[0143.607] GdipGetImageFlags (image=0x65ff260, flags=0xd7dbb8) returned 0x0
[0143.607] SelectPalette (hdc=0x9301067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0143.607] GdipCreateFromHDC (hdc=0x9301067c, graphics=0xd7dbb0) returned 0x0
[0143.607] GdipSetPageUnit (graphics=0x6600030, unit=0x2) returned 0x0
[0143.607] GdipCreateMatrix (matrix=0xd7db70) returned 0x0
[0143.607] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0143.607] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7db88) returned 0x0
[0143.607] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0143.607] GdipCreateRegion (region=0xd7db70) returned 0x0
[0143.608] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0143.608] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7db7c) returned 0x0
[0143.608] GdipDeleteRegion (region=0x6637928) returned 0x0
[0143.608] GdipSaveGraphics (graphics=0x6600030, state=0xd7dba8) returned 0x0
[0143.608] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7da44) returned 0x0
[0143.617] GdipFillRectangleI (graphics=0x6600030, brush=0x6634a18, x=0, y=0, width=801, height=453) returned 0x0
[0143.617] GdipDeleteBrush (brush=0x6634a18) returned 0x0
[0143.620] GdipRestoreGraphics (graphics=0x6600030, state=0xfd820dbd) returned 0x0
[0143.620] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.620] GetSystemMetrics (nIndex=42) returned 0
[0143.620] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dc34, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dc34) returned 0xd
[0143.620] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0143.620] SelectPalette (hdc=0x9301067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0143.621] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7de2c | out: lpwndpl=0xd7de2c) returned 1
[0143.621] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7ddd8 | out: lpRect=0xd7ddd8) returned 1
[0143.621] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.621] GetSystemMetrics (nIndex=42) returned 0
[0143.621] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dc94, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dc94) returned 0xd
[0143.621] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dce0 | out: lpRect=0xd7dce0) returned 1
[0143.621] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc18) returned 0x0
[0143.621] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc18) returned 0x0
[0143.621] SelectPalette (hdc=0x1e0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0143.622] GdipCreateFromHDC (hdc=0x1e0107d0, graphics=0xd7dc10) returned 0x0
[0143.622] GdipSetPageUnit (graphics=0x6600030, unit=0x2) returned 0x0
[0143.622] GdipCreateMatrix (matrix=0xd7dbd0) returned 0x0
[0143.622] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0143.622] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dbe8) returned 0x0
[0143.622] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0143.622] GdipCreateRegion (region=0xd7dbd0) returned 0x0
[0143.622] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0143.622] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7dbdc) returned 0x0
[0143.622] GdipDeleteRegion (region=0x6637928) returned 0x0
[0143.622] GdipSaveGraphics (graphics=0x6600030, state=0xd7dc08) returned 0x0
[0143.622] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7daa4) returned 0x0
[0143.632] GdipFillRectangleI (graphics=0x6600030, brush=0x6634a18, x=0, y=0, width=801, height=453) returned 0x0
[0143.632] GdipDeleteBrush (brush=0x6634a18) returned 0x0
[0143.678] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0143.678] SelectPalette (hdc=0x1e0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0143.678] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.678] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.679] GetSystemMetrics (nIndex=42) returned 0
[0143.679] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dc34, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.679] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dc34) returned 0xd
[0143.679] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc80 | out: lpRect=0xd7dc80) returned 1
[0143.679] GdipGetImageFlags (image=0x65ff260, flags=0xd7dbb8) returned 0x0
[0143.679] GdipGetImageFlags (image=0x65ff260, flags=0xd7dbb8) returned 0x0
[0143.679] SelectPalette (hdc=0x1e0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0143.679] GdipCreateFromHDC (hdc=0x1e0107d0, graphics=0xd7dbb0) returned 0x0
[0143.680] GdipSetPageUnit (graphics=0x6600030, unit=0x2) returned 0x0
[0143.681] GdipCreateMatrix (matrix=0xd7db70) returned 0x0
[0143.681] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0143.681] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7db88) returned 0x0
[0143.681] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0143.681] GdipCreateRegion (region=0xd7db70) returned 0x0
[0143.681] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0143.681] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7db7c) returned 0x0
[0143.681] GdipDeleteRegion (region=0x6637928) returned 0x0
[0143.681] GdipSaveGraphics (graphics=0x6600030, state=0xd7dba8) returned 0x0
[0143.681] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7da44) returned 0x0
[0143.688] GdipFillRectangleI (graphics=0x6600030, brush=0x6634a18, x=0, y=0, width=801, height=453) returned 0x0
[0143.689] GdipDeleteBrush (brush=0x6634a18) returned 0x0
[0143.690] GdipRestoreGraphics (graphics=0x6600030, state=0xfd7e0dbd) returned 0x0
[0143.690] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0143.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.690] GetSystemMetrics (nIndex=42) returned 0
[0143.691] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dc34, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.691] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dc34) returned 0xd
[0143.691] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0143.691] SelectPalette (hdc=0x1e0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0143.694] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0143.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0143.694] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0143.694] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0143.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0143.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0143.696] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0143.696] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0143.700] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0143.700] InvalidateRect (hWnd=0x202d2, lpRect=0x0, bErase=0) returned 1
[0143.700] GetFocus () returned 0x302d8
[0143.700] GetFocus () returned 0x302d8
[0143.700] SetFocus (hWnd=0x202d2) returned 0x302d8
[0143.701] GetFocus () returned 0x202d2
[0143.701] IsChild (hWndParent=0x302d8, hWnd=0x202d2) returned 1
[0143.701] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x8, wParam=0x202d2, lParam=0x0) returned 0x0
[0143.702] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0143.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0143.705] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0143.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x7, wParam=0x302d8, lParam=0x0) returned 0x0
[0143.705] GetStockObject (i=5) returned 0x900015
[0143.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0143.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0143.705] GetDlgItem (hDlg=0x302d8, nIDDlgItem=131794) returned 0x202d2
[0143.705] SendMessageW (hWnd=0x202d2, Msg=0x202b, wParam=0x202d2, lParam=0xd7e0dc) returned 0x0
[0143.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x202b, wParam=0x202d2, lParam=0xd7e0dc) returned 0x0
[0143.705] InvalidateRect (hWnd=0x202d2, lpRect=0x0, bErase=0) returned 1
[0143.708] GetFocus () returned 0x202d2
[0143.708] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0143.709] IsWindowUnicode (hWnd=0x302d8) returned 1
[0143.709] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0143.709] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.709] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0143.709] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0143.711] IsWindowUnicode (hWnd=0x302d8) returned 1
[0143.711] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.711] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.711] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.711] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.712] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0143.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x201fffe) returned 0x0
[0143.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x46, wParam=0x0, lParam=0xd7e0e4) returned 0x0
[0143.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e0e4) returned 0x0
[0143.717] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.719] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7de2c | out: lpwndpl=0xd7de2c) returned 1
[0143.719] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7ddd8 | out: lpRect=0xd7ddd8) returned 1
[0143.719] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.719] GetSystemMetrics (nIndex=42) returned 0
[0143.719] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7dc94, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7dc94) returned 0xd
[0143.719] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7dce0 | out: lpRect=0xd7dce0) returned 1
[0143.719] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0143.719] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0143.719] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0xfffffffff70507eb
[0143.720] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0143.720] SaveDC (hdc=0xc0107c5) returned 1
[0143.720] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0143.720] CreateSolidBrush (color=0xf0f0f0) returned 0x271007e1
[0143.720] FillRect (hDC=0xc0107c5, lprc=0xd7db80, hbr=0x271007e1) returned 1
[0143.720] DeleteObject (ho=0x271007e1) returned 1
[0143.720] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0143.720] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.721] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.721] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.721] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0143.721] GetStockObject (i=5) returned 0x900015
[0143.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0143.722] GetStockObject (i=5) returned 0x900015
[0143.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0143.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0143.722] GetStockObject (i=5) returned 0x900015
[0143.723] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7de10 | out: lpwndpl=0xd7de10) returned 1
[0143.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x47, wParam=0x0, lParam=0xd7e0e4) returned 0x0
[0143.723] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7ddc0 | out: lpRect=0xd7ddc0) returned 1
[0143.723] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7ddc0 | out: lpRect=0xd7ddc0) returned 1
[0143.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x86, wParam=0x0, lParam=0x0) returned 0x1
[0143.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0143.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0143.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0143.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x202fffe) returned 0x0
[0143.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0143.770] IsWindowUnicode (hWnd=0x102da) returned 1
[0143.770] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.770] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.770] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.770] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.770] IsWindowUnicode (hWnd=0x602c4) returned 1
[0143.770] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.770] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.770] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0143.770] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0143.771] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0143.771] IsWindowUnicode (hWnd=0x102da) returned 1
[0143.771] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0143.771] SetCursor (hCursor=0x10003) returned 0x10003
[0143.771] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.771] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.771] _TrackMouseEvent (in: lpEventTrack=0x2d300a4 | out: lpEventTrack=0x2d300a4) returned 1
[0143.771] SendMessageW (hWnd=0x102da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0143.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0143.771] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0143.772] GetKeyState (nVirtKey=1) returned 0
[0143.772] GetKeyState (nVirtKey=2) returned 0
[0143.772] GetKeyState (nVirtKey=4) returned 0
[0143.772] GetKeyState (nVirtKey=5) returned 0
[0143.772] GetKeyState (nVirtKey=6) returned 0
[0143.772] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0143.772] IsWindowUnicode (hWnd=0x102da) returned 1
[0143.772] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0143.772] SetCursor (hCursor=0x10003) returned 0x10003
[0143.773] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.773] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.773] GetKeyState (nVirtKey=1) returned 0
[0143.773] GetKeyState (nVirtKey=2) returned 0
[0143.773] GetKeyState (nVirtKey=4) returned 0
[0143.773] GetKeyState (nVirtKey=5) returned 0
[0143.773] GetKeyState (nVirtKey=6) returned 0
[0143.773] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.774] IsWindowUnicode (hWnd=0x302d8) returned 1
[0143.774] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.774] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.774] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.774] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0143.905] IsWindowUnicode (hWnd=0x302d8) returned 1
[0143.905] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.905] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.905] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.905] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.907] IsWindowUnicode (hWnd=0x302d8) returned 1
[0143.907] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.910] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.910] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.910] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.910] IsWindowUnicode (hWnd=0x30122) returned 1
[0143.910] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.910] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.911] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.911] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.911] IsWindowUnicode (hWnd=0x30122) returned 1
[0143.911] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.911] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.911] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.927] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0143.927] IsWindowUnicode (hWnd=0x30122) returned 1
[0143.927] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.927] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.927] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.927] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.927] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0143.927] IsWindowUnicode (hWnd=0x102da) returned 1
[0143.927] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.928] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0143.928] GetDlgItem (hDlg=0x302d8, nIDDlgItem=0) returned 0x0
[0143.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x210, wParam=0x201, lParam=0x660112) returned 0x0
[0143.928] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x21, wParam=0x302d8, lParam=0x2010001) returned 0x1
[0143.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x21, wParam=0x302d8, lParam=0x2010001) returned 0x1
[0143.928] SetCursor (hCursor=0x10003) returned 0x10003
[0143.928] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.928] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.928] GetKeyState (nVirtKey=1) returned -127
[0143.928] GetKeyState (nVirtKey=2) returned 0
[0143.928] GetKeyState (nVirtKey=4) returned 0
[0143.929] GetKeyState (nVirtKey=5) returned 0
[0143.929] GetKeyState (nVirtKey=6) returned 0
[0143.929] IsWindowVisible (hWnd=0x102da) returned 1
[0143.929] IsWindowEnabled (hWnd=0x102da) returned 1
[0143.929] SetFocus (hWnd=0x102da) returned 0x202d2
[0143.929] GetFocus () returned 0x102da
[0143.929] IsChild (hWndParent=0x302d8, hWnd=0x102da) returned 1
[0143.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x8, wParam=0x102da, lParam=0x0) returned 0x0
[0143.929] GetCapture () returned 0x0
[0143.929] InvalidateRect (hWnd=0x202d2, lpRect=0x0, bErase=0) returned 1
[0143.930] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0143.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0143.934] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0143.934] InvalidateRect (hWnd=0x202d2, lpRect=0x0, bErase=0) returned 1
[0143.934] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0143.934] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x7, wParam=0x202d2, lParam=0x0) returned 0x0
[0143.934] GetStockObject (i=5) returned 0x900015
[0143.934] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0143.935] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0xd, wParam=0xa, lParam=0x11f5660) returned 0x9
[0143.935] GetDlgItem (hDlg=0x302d8, nIDDlgItem=66266) returned 0x102da
[0143.935] SendMessageW (hWnd=0x102da, Msg=0x202b, wParam=0x102da, lParam=0xd7dddc) returned 0x0
[0143.935] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x202b, wParam=0x102da, lParam=0xd7dddc) returned 0x0
[0143.935] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0143.937] GetFocus () returned 0x102da
[0143.937] GetFocus () returned 0x102da
[0143.937] GetFocus () returned 0x102da
[0143.937] GetKeyState (nVirtKey=1) returned -127
[0143.937] GetKeyState (nVirtKey=2) returned 0
[0143.937] GetKeyState (nVirtKey=4) returned 0
[0143.937] GetKeyState (nVirtKey=5) returned 0
[0143.937] GetKeyState (nVirtKey=6) returned 0
[0143.937] GetCapture () returned 0x0
[0143.937] SetCapture (hWnd=0x102da) returned 0x0
[0143.937] GetKeyState (nVirtKey=1) returned -127
[0143.937] GetKeyState (nVirtKey=2) returned 0
[0143.937] GetKeyState (nVirtKey=4) returned 0
[0143.937] GetKeyState (nVirtKey=5) returned 0
[0143.937] GetKeyState (nVirtKey=6) returned 0
[0143.937] NotifyWinEvent (event=0x800a, hwnd=0x102da, idObject=-4, idChild=0)
[0143.937] InvalidateRect (hWnd=0x102da, lpRect=0xd7e430, bErase=0) returned 1
[0143.937] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.938] IsWindowUnicode (hWnd=0x102da) returned 1
[0143.938] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0143.938] TranslateMessage (lpMsg=0xd7e808) returned 0
[0143.938] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0143.938] MapWindowPoints (in: hWndFrom=0x102da, hWndTo=0x0, lpPoints=0x2d3020c, cPoints=0x1 | out: lpPoints=0x2d3020c) returned 30999254
[0143.938] NotifyWinEvent (event=0x800a, hwnd=0x102da, idObject=-4, idChild=0)
[0143.938] InvalidateRect (hWnd=0x102da, lpRect=0xd7e3d0, bErase=0) returned 1
[0143.938] UpdateWindow (hWnd=0x102da) returned 1
[0143.938] BeginPaint (in: hWnd=0x102da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0143.938] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0143.938] CreateCompatibleDC (hdc=0x107b9) returned 0x8b0107ed
[0143.938] SelectObject (hdc=0x8b0107ed, h=0x490507fe) returned 0x85000f
[0143.938] GdipCreateFromHDC (hdc=0x8b0107ed, graphics=0xd7df00) returned 0x0
[0143.939] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0143.939] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0143.939] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0143.939] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0143.939] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7df60) returned 0x0
[0143.939] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0143.939] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee9f0) returned 0x0
[0143.939] LocalFree (hMem=0x11ee9f0) returned 0x0
[0143.939] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0143.939] GdipCreateRegion (region=0xd7df48) returned 0x0
[0143.939] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0143.939] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7df54) returned 0x0
[0143.939] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0143.939] GdipRestoreGraphics (graphics=0x6600030, state=0xfd7c0dbd) returned 0x0
[0143.940] GdipDeleteRegion (region=0x6637928) returned 0x0
[0143.940] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0143.940] GetCurrentObject (hdc=0x8b0107ed, type=0x1) returned 0xb00017
[0143.940] GetCurrentObject (hdc=0x8b0107ed, type=0x2) returned 0x900010
[0143.940] GetCurrentObject (hdc=0x8b0107ed, type=0x7) returned 0x490507fe
[0143.940] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0143.940] SaveDC (hdc=0x8b0107ed) returned 1
[0143.940] GetNearestColor (hdc=0x8b0107ed, color=0xf0f0f0) returned 0xf0f0f0
[0143.940] GetNearestColor (hdc=0x8b0107ed, color=0xa0a0a0) returned 0xa0a0a0
[0143.940] GetNearestColor (hdc=0x8b0107ed, color=0x696969) returned 0x696969
[0143.940] GetNearestColor (hdc=0x8b0107ed, color=0xa0a0a0) returned 0xa0a0a0
[0143.940] GetNearestColor (hdc=0x8b0107ed, color=0x0) returned 0x0
[0143.940] GetNearestColor (hdc=0x8b0107ed, color=0xffffff) returned 0xffffff
[0143.940] GetNearestColor (hdc=0x8b0107ed, color=0xe5e5e5) returned 0xe5e5e5
[0143.941] GetNearestColor (hdc=0x8b0107ed, color=0xd7d7d7) returned 0xd7d7d7
[0143.941] GetNearestColor (hdc=0x8b0107ed, color=0x0) returned 0x0
[0143.941] RestoreDC (hdc=0x8b0107ed, nSavedDC=-1) returned 1
[0143.941] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ed) returned 0x0
[0143.941] IsAppThemed () returned 0x1
[0143.941] GetThemeAppProperties () returned 0x3
[0143.941] GetThemeAppProperties () returned 0x3
[0143.941] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7ddcc, fWinIni=0x0 | out: pvParam=0xd7ddcc) returned 1
[0143.941] SendMessageW (hWnd=0x302d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0143.941] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0143.941] IsAppThemed () returned 0x1
[0143.941] GetThemeAppProperties () returned 0x3
[0143.941] GetThemeAppProperties () returned 0x3
[0143.941] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d30970 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0143.967] IsAppThemed () returned 0x1
[0143.967] GetThemeAppProperties () returned 0x3
[0143.967] GetThemeAppProperties () returned 0x3
[0143.967] IsAppThemed () returned 0x1
[0143.967] GetThemeAppProperties () returned 0x3
[0143.967] GetThemeAppProperties () returned 0x3
[0143.967] IsAppThemed () returned 0x1
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] IsAppThemed () returned 0x1
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] IsThemePartDefined () returned 0x1
[0143.968] IsAppThemed () returned 0x1
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0143.968] IsAppThemed () returned 0x1
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] IsAppThemed () returned 0x1
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] GetThemeAppProperties () returned 0x3
[0143.968] IsThemePartDefined () returned 0x1
[0143.968] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0143.968] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0143.968] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0143.968] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0143.969] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc7c) returned 0x0
[0143.969] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0143.969] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0143.969] LocalFree (hMem=0x11eec58) returned 0x0
[0143.969] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0143.969] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0143.969] LocalFree (hMem=0x11eec58) returned 0x0
[0143.969] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0143.969] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0143.969] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0143.969] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0143.969] GdipDeleteRegion (region=0x6637928) returned 0x0
[0143.969] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0143.969] GetCurrentObject (hdc=0x8b0107ed, type=0x1) returned 0xb00017
[0143.969] GetCurrentObject (hdc=0x8b0107ed, type=0x2) returned 0x900010
[0143.969] GetCurrentObject (hdc=0x8b0107ed, type=0x7) returned 0x490507fe
[0143.970] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0143.970] SaveDC (hdc=0x8b0107ed) returned 1
[0143.970] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa804077c
[0143.970] GetClipRgn (hdc=0x8b0107ed, hrgn=0xa804077c) returned 0
[0143.970] SelectClipRgn (hdc=0x8b0107ed, hrgn=0x3c040808) returned 2
[0143.970] DeleteObject (ho=0xa804077c) returned 1
[0143.970] DeleteObject (ho=0x3c040808) returned 1
[0143.970] OffsetViewportOrgEx (in: hdc=0x8b0107ed, x=0, y=0, lppt=0x2d31020 | out: lppt=0x2d31020) returned 1
[0143.970] DrawThemeParentBackground () returned 0x0
[0143.970] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0143.970] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0143.970] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.971] GetSystemMetrics (nIndex=42) returned 0
[0143.971] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0143.971] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0143.971] GetCurrentObject (hdc=0x8b0107ed, type=0x1) returned 0xb00017
[0143.971] GetCurrentObject (hdc=0x8b0107ed, type=0x2) returned 0x900010
[0143.971] GetCurrentObject (hdc=0x8b0107ed, type=0x7) returned 0x490507fe
[0143.971] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0143.971] SaveDC (hdc=0x8b0107ed) returned 2
[0143.971] GetNearestColor (hdc=0x8b0107ed, color=0xf0f0f0) returned 0xf0f0f0
[0143.971] CreateSolidBrush (color=0xf0f0f0) returned 0x281007e1
[0143.971] FillRect (hDC=0x8b0107ed, lprc=0xd7d6c8, hbr=0x281007e1) returned 1
[0143.971] DeleteObject (ho=0x281007e1) returned 1
[0143.972] RestoreDC (hdc=0x8b0107ed, nSavedDC=-1) returned 1
[0143.972] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.972] GetSystemMetrics (nIndex=42) returned 0
[0143.972] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0143.972] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0143.972] GetCurrentObject (hdc=0x8b0107ed, type=0x1) returned 0xb00017
[0143.972] GetCurrentObject (hdc=0x8b0107ed, type=0x2) returned 0x900010
[0143.972] GetCurrentObject (hdc=0x8b0107ed, type=0x7) returned 0x490507fe
[0143.972] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0143.972] SaveDC (hdc=0x8b0107ed) returned 2
[0143.972] GetNearestColor (hdc=0x8b0107ed, color=0xf0f0f0) returned 0xf0f0f0
[0143.972] CreateSolidBrush (color=0xf0f0f0) returned 0x291007e1
[0143.972] FillRect (hDC=0x8b0107ed, lprc=0xd7d668, hbr=0x291007e1) returned 1
[0143.973] DeleteObject (ho=0x291007e1) returned 1
[0143.973] RestoreDC (hdc=0x8b0107ed, nSavedDC=-1) returned 1
[0143.973] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0143.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0143.973] GetSystemMetrics (nIndex=42) returned 0
[0143.973] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0143.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0143.973] RestoreDC (hdc=0x8b0107ed, nSavedDC=-1) returned 1
[0143.973] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ed) returned 0x0
[0143.973] IsAppThemed () returned 0x1
[0143.973] GetThemeAppProperties () returned 0x3
[0143.973] GetThemeAppProperties () returned 0x3
[0143.973] IsAppThemed () returned 0x1
[0143.974] GetThemeAppProperties () returned 0x3
[0143.974] GetThemeAppProperties () returned 0x3
[0143.974] IsThemePartDefined () returned 0x1
[0143.974] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0143.974] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0143.974] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0143.974] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0143.974] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dc00) returned 0x0
[0143.974] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0143.974] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eec58) returned 0x0
[0143.974] LocalFree (hMem=0x11eec58) returned 0x0
[0143.974] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0143.974] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eec58) returned 0x0
[0143.974] LocalFree (hMem=0x11eec58) returned 0x0
[0143.974] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0143.974] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0143.974] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0143.974] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0143.974] GdipDeleteRegion (region=0x6637928) returned 0x0
[0143.975] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0143.975] GetCurrentObject (hdc=0x8b0107ed, type=0x1) returned 0xb00017
[0143.975] GetCurrentObject (hdc=0x8b0107ed, type=0x2) returned 0x900010
[0143.975] GetCurrentObject (hdc=0x8b0107ed, type=0x7) returned 0x490507fe
[0143.975] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0143.975] SaveDC (hdc=0x8b0107ed) returned 1
[0143.975] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d040808
[0143.975] GetClipRgn (hdc=0x8b0107ed, hrgn=0x3d040808) returned 0
[0143.975] SelectClipRgn (hdc=0x8b0107ed, hrgn=0xaa04077c) returned 2
[0143.975] DeleteObject (ho=0x3d040808) returned 1
[0143.975] DeleteObject (ho=0xaa04077c) returned 1
[0143.975] OffsetViewportOrgEx (in: hdc=0x8b0107ed, x=0, y=0, lppt=0x2d318cc | out: lppt=0x2d318cc) returned 1
[0143.975] IsAppThemed () returned 0x1
[0143.975] GetThemeAppProperties () returned 0x3
[0143.975] GetThemeAppProperties () returned 0x3
[0143.976] DrawThemeBackground () returned 0x0
[0143.976] RestoreDC (hdc=0x8b0107ed, nSavedDC=-1) returned 1
[0143.976] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ed) returned 0x0
[0143.976] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0143.976] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0143.976] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0143.976] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0143.976] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc04) returned 0x0
[0143.976] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0143.976] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0143.976] LocalFree (hMem=0x11eec58) returned 0x0
[0143.976] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0143.976] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0143.976] LocalFree (hMem=0x11eec58) returned 0x0
[0143.976] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0143.976] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0143.976] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0143.977] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0143.977] GdipDeleteRegion (region=0x6637928) returned 0x0
[0143.977] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0143.977] GetCurrentObject (hdc=0x8b0107ed, type=0x1) returned 0xb00017
[0143.977] GetCurrentObject (hdc=0x8b0107ed, type=0x2) returned 0x900010
[0143.977] GetCurrentObject (hdc=0x8b0107ed, type=0x7) returned 0x490507fe
[0143.977] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0143.977] SaveDC (hdc=0x8b0107ed) returned 1
[0143.977] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab04077c
[0143.977] GetClipRgn (hdc=0x8b0107ed, hrgn=0xab04077c) returned 0
[0143.977] SelectClipRgn (hdc=0x8b0107ed, hrgn=0x3e040808) returned 2
[0143.977] DeleteObject (ho=0xab04077c) returned 1
[0143.977] DeleteObject (ho=0x3e040808) returned 1
[0143.977] OffsetViewportOrgEx (in: hdc=0x8b0107ed, x=0, y=0, lppt=0x2d31ba0 | out: lppt=0x2d31ba0) returned 1
[0143.977] IsAppThemed () returned 0x1
[0143.978] GetThemeAppProperties () returned 0x3
[0143.978] GetThemeAppProperties () returned 0x3
[0143.978] GetThemeBackgroundContentRect () returned 0x0
[0144.021] RestoreDC (hdc=0x8b0107ed, nSavedDC=-1) returned 1
[0144.021] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ed) returned 0x0
[0144.021] IsAppThemed () returned 0x1
[0144.022] GetThemeAppProperties () returned 0x3
[0144.022] GetThemeAppProperties () returned 0x3
[0144.022] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0144.022] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0144.022] GetCurrentObject (hdc=0x8b0107ed, type=0x1) returned 0xb00017
[0144.022] GetCurrentObject (hdc=0x8b0107ed, type=0x2) returned 0x900010
[0144.022] GetCurrentObject (hdc=0x8b0107ed, type=0x7) returned 0x490507fe
[0144.022] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0144.022] SaveDC (hdc=0x8b0107ed) returned 1
[0144.022] GetTextAlign (hdc=0x8b0107ed) returned 0x0
[0144.022] GetTextColor (hdc=0x8b0107ed) returned 0x0
[0144.022] GetCurrentObject (hdc=0x8b0107ed, type=0x6) returned 0x8a01c2
[0144.022] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0144.022] SelectObject (hdc=0x8b0107ed, h=0x6d0a0520) returned 0x8a01c2
[0144.023] GetBkMode (hdc=0x8b0107ed) returned 2
[0144.023] SetBkMode (hdc=0x8b0107ed, mode=1) returned 2
[0144.023] DrawTextExW (in: hdc=0x8b0107ed, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d31f40 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0144.023] DrawTextExW (in: hdc=0x8b0107ed, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d31f40 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0144.037] RestoreDC (hdc=0x8b0107ed, nSavedDC=-1) returned 1
[0144.037] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ed) returned 0x0
[0144.037] GetFocus () returned 0x102da
[0144.037] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0144.038] SendMessageW (hWnd=0x302d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0144.038] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0144.038] IsAppThemed () returned 0x1
[0144.038] GetThemeAppProperties () returned 0x3
[0144.038] GetThemeAppProperties () returned 0x3
[0144.038] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0144.038] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x8b0107ed, x1=0, y1=0, rop=0xcc0020) returned 1
[0144.038] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ed) returned 0x0
[0144.039] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0144.039] SelectObject (hdc=0x8b0107ed, h=0x85000f) returned 0x490507fe
[0144.039] DeleteDC (hdc=0x8b0107ed) returned 1
[0144.039] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0144.039] EndPaint (hWnd=0x102da, lpPaint=0xd7dee4) returned 1
[0144.039] MapWindowPoints (in: hWndFrom=0x102da, hWndTo=0x0, lpPoints=0x2d3203c, cPoints=0x1 | out: lpPoints=0x2d3203c) returned 30999254
[0144.039] WindowFromPoint (Point=0x307) returned 0x102da
[0144.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0144.039] NotifyWinEvent (event=0x800a, hwnd=0x102da, idObject=-4, idChild=0)
[0144.040] NotifyWinEvent (event=0x800c, hwnd=0x102da, idObject=-4, idChild=0)
[0144.040] GetCapture () returned 0x102da
[0144.040] ReleaseCapture () returned 1
[0144.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0144.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0144.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0144.041] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0144.044] IsWindow (hWnd=0x7005c) returned 1
[0144.044] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0144.045] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0144.045] IsWindow (hWnd=0x302d8) returned 1
[0144.045] SetActiveWindow (hWnd=0x302d8) returned 0x302d8
[0144.045] IsWindow (hWnd=0x302d8) returned 1
[0144.045] SetFocus (hWnd=0x302d8) returned 0x102da
[0144.046] GetFocus () returned 0x302d8
[0144.046] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x8, wParam=0x302d8, lParam=0x0) returned 0x0
[0144.046] GetCapture () returned 0x0
[0144.046] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0144.047] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0144.048] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0144.051] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0144.051] GetFocus () returned 0x302d8
[0144.051] SetFocus (hWnd=0x102da) returned 0x302d8
[0144.051] GetFocus () returned 0x102da
[0144.051] IsChild (hWndParent=0x302d8, hWnd=0x102da) returned 1
[0144.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x8, wParam=0x102da, lParam=0x0) returned 0x0
[0144.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0144.053] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0144.055] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0144.055] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x7, wParam=0x302d8, lParam=0x0) returned 0x0
[0144.055] GetStockObject (i=5) returned 0x900015
[0144.060] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0144.060] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0xd, wParam=0xa, lParam=0x11f5640) returned 0x9
[0144.060] GetDlgItem (hDlg=0x302d8, nIDDlgItem=66266) returned 0x102da
[0144.060] SendMessageW (hWnd=0x102da, Msg=0x202b, wParam=0x102da, lParam=0xd7ddcc) returned 0x0
[0144.060] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x202b, wParam=0x102da, lParam=0xd7ddcc) returned 0x0
[0144.060] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0144.062] GetWindowLongW (hWnd=0x302d8, nIndex=-8) returned 458844
[0144.062] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0144.062] GetCurrentThreadId () returned 0xf50
[0144.063] IsWindow (hWnd=0x7005c) returned 1
[0144.063] IsWindow (hWnd=0x7005c) returned 1
[0144.063] IsWindowVisible (hWnd=0x7005c) returned 1
[0144.063] SetActiveWindow (hWnd=0x7005c) returned 0x302d8
[0144.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0144.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0144.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0144.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0144.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0144.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0144.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0144.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0144.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0144.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0144.068] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e5c4 | out: lpwndpl=0xd7e5c4) returned 1
[0144.068] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e570 | out: lpRect=0xd7e570) returned 1
[0144.068] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0144.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0144.068] GetSystemMetrics (nIndex=42) returned 0
[0144.068] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7e42c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0144.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7e42c) returned 0xd
[0144.068] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e478 | out: lpRect=0xd7e478) returned 1
[0144.068] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0144.068] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0144.069] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xfffffffff70507eb
[0144.069] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0144.069] SaveDC (hdc=0x107b9) returned 1
[0144.069] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0144.069] CreateSolidBrush (color=0xf0f0f0) returned 0x2a1007e1
[0144.069] FillRect (hDC=0x107b9, lprc=0xd7e318, hbr=0x2a1007e1) returned 1
[0144.069] DeleteObject (ho=0x2a1007e1) returned 1
[0144.069] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0144.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0144.070] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0144.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0144.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0144.070] GetStockObject (i=5) returned 0x900015
[0144.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0144.071] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0144.071] GetStockObject (i=5) returned 0x900015
[0144.071] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0144.071] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0144.071] GetStockObject (i=5) returned 0x900015
[0144.071] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0144.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0144.071] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0144.072] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0144.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0144.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0144.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0144.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x302d8) returned 0x1
[0144.076] GetFocus () returned 0x102da
[0144.076] SetFocus (hWnd=0x602c4) returned 0x102da
[0144.076] GetFocus () returned 0x602c4
[0144.076] IsChild (hWndParent=0x302d8, hWnd=0x602c4) returned 0
[0144.077] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0144.077] GetCapture () returned 0x0
[0144.077] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0144.078] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0144.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0144.082] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0144.082] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0144.082] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0144.082] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0144.082] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0144.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x102da, lParam=0x0) returned 0x0
[0144.083] GetStockObject (i=5) returned 0x900015
[0144.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0144.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0144.083] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0144.083] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0144.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0144.083] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0144.085] GetFocus () returned 0x602c4
[0144.085] IsChild (hWndParent=0x302d8, hWnd=0x602c4) returned 0
[0144.085] ShowWindow (hWnd=0x302d8, nCmdShow=0) returned 1
[0144.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0144.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0144.087] GetWindowPlacement (in: hWnd=0x302d8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0144.087] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0144.087] GetClientRect (in: hWnd=0x302d8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0144.087] GetWindowRect (in: hWnd=0x302d8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0144.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0144.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0144.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0144.101] GetWindowLongW (hWnd=0x302d8, nIndex=-20) returned 327945
[0144.101] DestroyWindow (hWnd=0x302d8) returned 1
[0144.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0144.112] GetWindowTextLengthW (hWnd=0x302d8) returned 13
[0144.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0144.113] GetSystemMetrics (nIndex=42) returned 0
[0144.113] GetWindowTextW (in: hWnd=0x302d8, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0144.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0144.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0144.113] GetWindowTextLengthW (hWnd=0x802ca) returned 0
[0144.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0144.113] GetSystemMetrics (nIndex=42) returned 0
[0144.113] GetWindowTextW (in: hWnd=0x802ca, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0144.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0144.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0144.113] GetWindowThreadProcessId (in: hWnd=0x3013e, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0144.115] GetWindow (hWnd=0x3013e, uCmd=0x5) returned 0x0
[0144.115] GetWindowLongW (hWnd=0x3013e, nIndex=-20) returned 65792
[0144.115] DestroyWindow (hWnd=0x3013e) returned 1
[0144.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0144.115] GetWindowTextLengthW (hWnd=0x3013e) returned 25
[0144.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0144.115] GetSystemMetrics (nIndex=42) returned 0
[0144.115] GetWindowTextW (in: hWnd=0x3013e, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0144.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0144.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0144.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.117] GetWindowTextLengthW (hWnd=0x400ea) returned 232
[0144.117] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0144.117] GetSystemMetrics (nIndex=42) returned 0
[0144.117] GetWindowTextW (in: hWnd=0x400ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0144.117] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0144.118] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0144.118] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0144.118] InvalidateRect (hWnd=0x102da, lpRect=0x0, bErase=0) returned 1
[0144.118] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0144.118] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0144.118] SendMessageW (hWnd=0x102de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0144.118] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0144.118] SendMessageW (hWnd=0x102de, Msg=0xb0, wParam=0x2cf5c38, lParam=0xd7e480) returned 0x0
[0144.118] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0xb0, wParam=0x2cf5c38, lParam=0xd7e480) returned 0x0
[0144.128] GetWindowTextLengthW (hWnd=0x102de) returned 4363
[0144.128] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0144.128] GetSystemMetrics (nIndex=42) returned 0
[0144.128] CoTaskMemAlloc (cb=0x221c) returned 0x11fe6c8
[0144.128] GetWindowTextW (in: hWnd=0x102de, lpString=0x11fe6c8, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0144.128] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0xd, wParam=0x110c, lParam=0x11fe6c8) returned 0x110b
[0144.129] CoTaskMemFree (pv=0x11fe6c8)
[0144.129] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0144.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802ca, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.131] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x400ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.132] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x202d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.136] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x102dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.137] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x102de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.138] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0144.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.141] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.141] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.141] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.141] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0144.141] IsWindowUnicode (hWnd=0x7005c) returned 1
[0144.141] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0144.142] SetCursor (hCursor=0x10003) returned 0x10003
[0144.142] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.142] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.142] _TrackMouseEvent (in: lpEventTrack=0x2d39ae4 | out: lpEventTrack=0x2d39ae4) returned 1
[0144.142] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0144.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0144.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0249) returned 0x0
[0144.142] GetKeyState (nVirtKey=1) returned 1
[0144.142] GetKeyState (nVirtKey=2) returned 0
[0144.142] GetKeyState (nVirtKey=4) returned 0
[0144.142] GetKeyState (nVirtKey=5) returned 0
[0144.142] GetKeyState (nVirtKey=6) returned 0
[0144.142] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0144.144] IsWindowUnicode (hWnd=0x7005c) returned 1
[0144.144] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.144] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.144] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.144] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0144.144] IsWindowUnicode (hWnd=0x7005c) returned 1
[0144.144] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10307) returned 0x1
[0144.145] SetCursor (hCursor=0x10003) returned 0x10003
[0144.145] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.145] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0249) returned 0x0
[0144.145] GetKeyState (nVirtKey=1) returned 1
[0144.145] GetKeyState (nVirtKey=2) returned 0
[0144.145] GetKeyState (nVirtKey=4) returned 0
[0144.145] GetKeyState (nVirtKey=5) returned 0
[0144.145] GetKeyState (nVirtKey=6) returned 0
[0144.145] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.146] IsWindowUnicode (hWnd=0x602c4) returned 1
[0144.146] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.146] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.146] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.146] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.147] IsWindowUnicode (hWnd=0x602c4) returned 1
[0144.147] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.147] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.147] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.156] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.156] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.156] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.156] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.156] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.156] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.156] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.156] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.158] IsWindowUnicode (hWnd=0x602c4) returned 1
[0144.158] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.158] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.158] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.158] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.158] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.158] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.158] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.158] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.158] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.158] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.159] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.159] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.159] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.159] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.159] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.159] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.159] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.159] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.160] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.160] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.160] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.160] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.160] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.160] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.160] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.160] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.160] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.161] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.161] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.161] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.161] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.161] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.161] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.161] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.162] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.162] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.162] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.163] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.163] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.163] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.163] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.163] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.163] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.164] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.164] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.164] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.164] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.164] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.164] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.164] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.164] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.164] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.164] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.165] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.169] IsWindowUnicode (hWnd=0x602c4) returned 1
[0144.169] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.169] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.169] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.169] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0144.169] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0144.170] CreateCompatibleDC (hdc=0x60100ce) returned 0x8c010793
[0144.170] SelectObject (hdc=0x8c010793, h=0x490507fe) returned 0x85000f
[0144.170] GdipCreateFromHDC (hdc=0x8c010793, graphics=0xd7e798) returned 0x0
[0144.170] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0144.170] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0144.170] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0144.170] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0144.170] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e7f8) returned 0x0
[0144.170] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0144.170] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eec58) returned 0x0
[0144.170] LocalFree (hMem=0x11eec58) returned 0x0
[0144.170] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0144.170] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0144.170] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0144.170] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0144.171] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0144.171] GdipRestoreGraphics (graphics=0x6600030, state=0xfd7a0dbd) returned 0x0
[0144.171] GdipDeleteRegion (region=0x6637928) returned 0x0
[0144.171] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0144.171] GetCurrentObject (hdc=0x8c010793, type=0x1) returned 0xb00017
[0144.171] GetCurrentObject (hdc=0x8c010793, type=0x2) returned 0x900010
[0144.171] GetCurrentObject (hdc=0x8c010793, type=0x7) returned 0x490507fe
[0144.171] GetCurrentObject (hdc=0x8c010793, type=0x6) returned 0x8a01c2
[0144.171] SaveDC (hdc=0x8c010793) returned 1
[0144.171] GetNearestColor (hdc=0x8c010793, color=0xff) returned 0xff
[0144.171] GetNearestColor (hdc=0x8c010793, color=0x55) returned 0x55
[0144.171] GetNearestColor (hdc=0x8c010793, color=0x0) returned 0x0
[0144.171] GetNearestColor (hdc=0x8c010793, color=0x55) returned 0x55
[0144.171] GetNearestColor (hdc=0x8c010793, color=0x0) returned 0x0
[0144.171] GetNearestColor (hdc=0x8c010793, color=0x8080ff) returned 0x8080ff
[0144.171] GetNearestColor (hdc=0x8c010793, color=0x7373e5) returned 0x7373e5
[0144.172] GetNearestColor (hdc=0x8c010793, color=0xe5) returned 0xe5
[0144.172] GetNearestColor (hdc=0x8c010793, color=0x0) returned 0x0
[0144.172] RestoreDC (hdc=0x8c010793, nSavedDC=-1) returned 1
[0144.172] GdipReleaseDC (graphics=0x6600030, hdc=0x8c010793) returned 0x0
[0144.172] IsAppThemed () returned 0x1
[0144.172] GetThemeAppProperties () returned 0x3
[0144.172] GetThemeAppProperties () returned 0x3
[0144.172] IsAppThemed () returned 0x1
[0144.172] GetThemeAppProperties () returned 0x3
[0144.172] GetThemeAppProperties () returned 0x3
[0144.172] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d3a200 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0144.172] IsAppThemed () returned 0x1
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] IsAppThemed () returned 0x1
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetFocus () returned 0x602c4
[0144.173] IsAppThemed () returned 0x1
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] IsAppThemed () returned 0x1
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] IsThemePartDefined () returned 0x1
[0144.173] IsAppThemed () returned 0x1
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0144.173] IsAppThemed () returned 0x1
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] IsAppThemed () returned 0x1
[0144.173] GetThemeAppProperties () returned 0x3
[0144.173] GetThemeAppProperties () returned 0x3
[0144.174] IsThemePartDefined () returned 0x1
[0144.174] GdipCreateRegion (region=0xd7e508) returned 0x0
[0144.174] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0144.174] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0144.174] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0144.174] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e520) returned 0x0
[0144.174] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0144.174] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0144.174] LocalFree (hMem=0x11ee9f0) returned 0x0
[0144.174] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0144.174] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0144.174] LocalFree (hMem=0x11eec58) returned 0x0
[0144.174] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0144.174] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e548) returned 0x0
[0144.174] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e538) returned 0x0
[0144.174] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0144.174] GdipDeleteRegion (region=0x6637928) returned 0x0
[0144.174] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0144.174] GetCurrentObject (hdc=0x8c010793, type=0x1) returned 0xb00017
[0144.175] GetCurrentObject (hdc=0x8c010793, type=0x2) returned 0x900010
[0144.175] GetCurrentObject (hdc=0x8c010793, type=0x7) returned 0x490507fe
[0144.175] GetCurrentObject (hdc=0x8c010793, type=0x6) returned 0x8a01c2
[0144.175] SaveDC (hdc=0x8c010793) returned 1
[0144.175] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040808
[0144.175] GetClipRgn (hdc=0x8c010793, hrgn=0x3f040808) returned 0
[0144.175] SelectClipRgn (hdc=0x8c010793, hrgn=0xaf04077c) returned 2
[0144.175] DeleteObject (ho=0x3f040808) returned 1
[0144.175] DeleteObject (ho=0xaf04077c) returned 1
[0144.175] OffsetViewportOrgEx (in: hdc=0x8c010793, x=0, y=0, lppt=0x2d3a8b0 | out: lppt=0x2d3a8b0) returned 1
[0144.175] DrawThemeParentBackground () returned 0x0
[0144.175] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0144.175] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0144.175] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0144.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0144.176] GetSystemMetrics (nIndex=42) returned 0
[0144.176] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0144.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0144.176] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0144.176] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0144.176] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0144.176] SelectPalette (hdc=0x8c010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0144.176] GdipCreateFromHDC (hdc=0x8c010793, graphics=0xd7dff8) returned 0x0
[0144.176] GdipSetPageUnit (graphics=0x6634a18, unit=0x2) returned 0x0
[0144.176] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0144.176] GdipGetWorldTransform (graphics=0x6634a18, matrix=0x65ffc88) returned 0x0
[0144.176] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dfd0) returned 0x0
[0144.176] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0144.176] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0144.177] GdipGetClip (graphics=0x6634a18, region=0x65ffae0) returned 0x0
[0144.177] GdipIsInfiniteRegion (region=0x65ffae0, graphics=0x6634a18, result=0xd7dfc4) returned 0x0
[0144.177] GdipDeleteRegion (region=0x65ffae0) returned 0x0
[0144.177] GdipSaveGraphics (graphics=0x6634a18, state=0xd7dff0) returned 0x0
[0144.177] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0144.191] GdipFillRectangleI (graphics=0x6634a18, brush=0x6634cf8, x=0, y=0, width=801, height=453) returned 0x0
[0144.192] GdipDeleteBrush (brush=0x6634cf8) returned 0x0
[0144.193] GdipDeleteGraphics (graphics=0x6634a18) returned 0x0
[0144.193] SelectPalette (hdc=0x8c010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0144.193] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0144.193] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0144.193] GetSystemMetrics (nIndex=42) returned 0
[0144.194] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0144.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0144.194] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0144.194] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0144.194] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0144.194] SelectPalette (hdc=0x8c010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0144.194] GdipCreateFromHDC (hdc=0x8c010793, graphics=0xd7df98) returned 0x0
[0144.194] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0144.194] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0144.194] GdipGetWorldTransform (graphics=0x6631910, matrix=0x66046e0) returned 0x0
[0144.194] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df70) returned 0x0
[0144.194] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0144.194] GdipCreateRegion (region=0xd7df58) returned 0x0
[0144.194] GdipGetClip (graphics=0x6631910, region=0x65ffae0) returned 0x0
[0144.194] GdipIsInfiniteRegion (region=0x65ffae0, graphics=0x6631910, result=0xd7df64) returned 0x0
[0144.195] GdipDeleteRegion (region=0x65ffae0) returned 0x0
[0144.195] GdipSaveGraphics (graphics=0x6631910, state=0xd7df90) returned 0x0
[0144.195] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0144.237] GdipFillRectangleI (graphics=0x6631910, brush=0x6631bf0, x=0, y=0, width=801, height=453) returned 0x0
[0144.237] GdipDeleteBrush (brush=0x6631bf0) returned 0x0
[0144.239] GdipRestoreGraphics (graphics=0x6631910, state=0xfd760dbd) returned 0x0
[0144.239] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0144.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0144.239] GetSystemMetrics (nIndex=42) returned 0
[0144.239] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0144.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0144.239] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0144.239] SelectPalette (hdc=0x8c010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0144.239] RestoreDC (hdc=0x8c010793, nSavedDC=-1) returned 1
[0144.240] GdipReleaseDC (graphics=0x6600030, hdc=0x8c010793) returned 0x0
[0144.240] IsAppThemed () returned 0x1
[0144.240] GetThemeAppProperties () returned 0x3
[0144.240] GetThemeAppProperties () returned 0x3
[0144.240] IsAppThemed () returned 0x1
[0144.240] GetThemeAppProperties () returned 0x3
[0144.240] GetThemeAppProperties () returned 0x3
[0144.240] IsThemePartDefined () returned 0x1
[0144.240] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0144.240] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0144.240] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0144.240] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0144.240] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e4a4) returned 0x0
[0144.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0144.240] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0144.240] LocalFree (hMem=0x11ee788) returned 0x0
[0144.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0144.240] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee9f0) returned 0x0
[0144.241] LocalFree (hMem=0x11ee9f0) returned 0x0
[0144.241] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0144.241] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0144.241] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0144.241] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0144.241] GdipDeleteRegion (region=0x6637928) returned 0x0
[0144.241] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0144.241] GetCurrentObject (hdc=0x8c010793, type=0x1) returned 0xb00017
[0144.241] GetCurrentObject (hdc=0x8c010793, type=0x2) returned 0x900010
[0144.241] GetCurrentObject (hdc=0x8c010793, type=0x7) returned 0x490507fe
[0144.241] GetCurrentObject (hdc=0x8c010793, type=0x6) returned 0x8a01c2
[0144.241] SaveDC (hdc=0x8c010793) returned 1
[0144.241] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb004077c
[0144.241] GetClipRgn (hdc=0x8c010793, hrgn=0xb004077c) returned 0
[0144.241] SelectClipRgn (hdc=0x8c010793, hrgn=0x41040808) returned 2
[0144.241] DeleteObject (ho=0xb004077c) returned 1
[0144.241] DeleteObject (ho=0x41040808) returned 1
[0144.242] OffsetViewportOrgEx (in: hdc=0x8c010793, x=0, y=0, lppt=0x2d41100 | out: lppt=0x2d41100) returned 1
[0144.242] IsAppThemed () returned 0x1
[0144.242] GetThemeAppProperties () returned 0x3
[0144.242] GetThemeAppProperties () returned 0x3
[0144.242] DrawThemeBackground () returned 0x0
[0144.242] RestoreDC (hdc=0x8c010793, nSavedDC=-1) returned 1
[0144.242] GdipReleaseDC (graphics=0x6600030, hdc=0x8c010793) returned 0x0
[0144.242] GdipCreateRegion (region=0xd7e490) returned 0x0
[0144.242] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0144.242] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0144.242] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0144.242] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e4a8) returned 0x0
[0144.242] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0144.242] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0144.242] LocalFree (hMem=0x11eecc8) returned 0x0
[0144.242] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0144.242] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea98) returned 0x0
[0144.242] LocalFree (hMem=0x11eea98) returned 0x0
[0144.242] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0144.243] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0144.243] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0144.243] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0144.243] GdipDeleteRegion (region=0x6637928) returned 0x0
[0144.243] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0144.243] GetCurrentObject (hdc=0x8c010793, type=0x1) returned 0xb00017
[0144.243] GetCurrentObject (hdc=0x8c010793, type=0x2) returned 0x900010
[0144.243] GetCurrentObject (hdc=0x8c010793, type=0x7) returned 0x490507fe
[0144.243] GetCurrentObject (hdc=0x8c010793, type=0x6) returned 0x8a01c2
[0144.243] SaveDC (hdc=0x8c010793) returned 1
[0144.243] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x42040808
[0144.243] GetClipRgn (hdc=0x8c010793, hrgn=0x42040808) returned 0
[0144.243] SelectClipRgn (hdc=0x8c010793, hrgn=0xb104077c) returned 2
[0144.243] DeleteObject (ho=0x42040808) returned 1
[0144.250] DeleteObject (ho=0xb104077c) returned 1
[0144.250] OffsetViewportOrgEx (in: hdc=0x8c010793, x=0, y=0, lppt=0x2d413d4 | out: lppt=0x2d413d4) returned 1
[0144.250] IsAppThemed () returned 0x1
[0144.250] GetThemeAppProperties () returned 0x3
[0144.250] GetThemeAppProperties () returned 0x3
[0144.250] GetThemeBackgroundContentRect () returned 0x0
[0144.250] RestoreDC (hdc=0x8c010793, nSavedDC=-1) returned 1
[0144.250] GdipReleaseDC (graphics=0x6600030, hdc=0x8c010793) returned 0x0
[0144.250] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0144.251] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0144.251] GdipFillRectangleI (graphics=0x6600030, brush=0x6632678, x=4, y=4, width=67, height=15) returned 0x0
[0144.251] GdipDeleteBrush (brush=0x6632678) returned 0x0
[0144.251] IsAppThemed () returned 0x1
[0144.251] GetThemeAppProperties () returned 0x3
[0144.251] GetThemeAppProperties () returned 0x3
[0144.251] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0144.251] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0144.251] GetCurrentObject (hdc=0x8c010793, type=0x1) returned 0xb00017
[0144.251] GetCurrentObject (hdc=0x8c010793, type=0x2) returned 0x900010
[0144.251] GetCurrentObject (hdc=0x8c010793, type=0x7) returned 0x490507fe
[0144.251] GetCurrentObject (hdc=0x8c010793, type=0x6) returned 0x8a01c2
[0144.251] SaveDC (hdc=0x8c010793) returned 1
[0144.251] GetTextAlign (hdc=0x8c010793) returned 0x0
[0144.251] GetTextColor (hdc=0x8c010793) returned 0x0
[0144.251] GetCurrentObject (hdc=0x8c010793, type=0x6) returned 0x8a01c2
[0144.252] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0144.252] SelectObject (hdc=0x8c010793, h=0x6d0a0520) returned 0x8a01c2
[0144.252] GetBkMode (hdc=0x8c010793) returned 2
[0144.252] SetBkMode (hdc=0x8c010793, mode=1) returned 2
[0144.252] DrawTextExW (in: hdc=0x8c010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d41798 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0144.252] DrawTextExW (in: hdc=0x8c010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d41798 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0144.253] RestoreDC (hdc=0x8c010793, nSavedDC=-1) returned 1
[0144.253] GdipReleaseDC (graphics=0x6600030, hdc=0x8c010793) returned 0x0
[0144.253] GetFocus () returned 0x602c4
[0144.253] IsAppThemed () returned 0x1
[0144.253] GetThemeAppProperties () returned 0x3
[0144.253] GetThemeAppProperties () returned 0x3
[0144.253] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0144.253] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x8c010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0144.253] GdipReleaseDC (graphics=0x6600030, hdc=0x8c010793) returned 0x0
[0144.253] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0144.253] SelectObject (hdc=0x8c010793, h=0x85000f) returned 0x490507fe
[0144.254] DeleteDC (hdc=0x8c010793) returned 1
[0144.254] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0144.254] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0144.254] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.254] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.254] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.254] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.254] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.255] IsWindowUnicode (hWnd=0x6002e) returned 1
[0144.255] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.255] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.255] DispatchMessageW (lpMsg=0xd7ed38) returned 0x1
[0144.255] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xf, wParam=0x0, lParam=0x0) returned 0x1
[0144.256] SetTextColor (hdc=0x8e010793, color=0x0) returned 0x0
[0144.256] SetBkColor (hdc=0x8e010793, color=0xffffff) returned 0xffffff
[0144.257] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.257] GetMessageA (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.257] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.257] DispatchMessageA (lpMsg=0xd7ed38) returned 0x7f3a
[0144.257] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.257] IsWindowUnicode (hWnd=0x7005c) returned 1
[0144.257] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.257] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.257] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x0) returned 0x1
[0144.260] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.260] IsWindowUnicode (hWnd=0x6002e) returned 1
[0144.260] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.260] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.260] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.262] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xf, wParam=0x0, lParam=0x0) returned 0x1
[0144.262] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0x85, wParam=0x48040693, lParam=0x0) returned 0x1
[0144.262] SetTextColor (hdc=0x60100ce, color=0x0) returned 0x0
[0144.262] SetBkColor (hdc=0x60100ce, color=0xffffff) returned 0xffffff
[0144.263] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.263] GetMessageA (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.263] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.263] DispatchMessageA (lpMsg=0xd7ed38) returned 0x0
[0144.263] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.264] IsWindowUnicode (hWnd=0x7005c) returned 1
[0144.264] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.264] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.264] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.264] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.264] IsWindowUnicode (hWnd=0x7005c) returned 1
[0144.264] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.264] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.264] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10c0249) returned 0x0
[0144.264] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.264] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.264] WaitMessage () returned 1
[0144.314] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.314] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.314] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.314] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.315] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.316] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.316] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.316] WaitMessage () returned 1
[0144.317] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.318] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.318] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.318] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.318] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.319] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.319] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.319] WaitMessage () returned 1
[0144.319] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.319] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.319] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.319] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.319] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.321] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.321] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.321] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.321] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.321] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.324] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.324] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.324] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.324] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.324] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.324] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.325] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.325] WaitMessage () returned 1
[0144.330] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.330] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.330] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.330] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.330] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.331] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.332] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.332] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.332] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.332] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.332] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.332] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.332] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.332] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.333] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.333] WaitMessage () returned 1
[0144.335] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.335] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.335] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.335] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.335] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.336] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.336] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.336] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.337] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.337] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.337] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.337] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.337] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.337] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.337] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.343] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.344] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.344] WaitMessage () returned 1
[0144.367] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.367] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.367] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.368] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.368] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.374] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.374] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.374] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.374] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.374] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.374] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.374] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.374] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.375] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.375] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.375] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.375] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.375] WaitMessage () returned 1
[0144.377] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0xa0091
[0144.377] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.377] WaitMessage () returned 1
[0144.384] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.384] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.384] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.384] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.384] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.386] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.386] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.386] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.386] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.386] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.386] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.386] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.386] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.386] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.386] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.386] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.387] IsWindowUnicode (hWnd=0x502c6) returned 1
[0144.387] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.387] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.387] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.387] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.387] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.388] WaitMessage () returned 1
[0144.388] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.388] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.388] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.388] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.388] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.390] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.390] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.390] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.391] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.391] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.391] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.391] IsWindowUnicode (hWnd=0x30122) returned 1
[0144.391] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0144.391] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0144.391] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0144.391] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.392] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0144.392] WaitMessage () returned 1
[0145.234] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0145.234] GetMessageA (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0145.234] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0145.234] DispatchMessageA (lpMsg=0xd7ed38) returned 0x7f38
[0145.235] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0145.235] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0145.235] WaitMessage () returned 1
[0145.310] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0145.310] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0145.311] WaitMessage () returned 1
[0145.311] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0145.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x219, wParam=0x7, lParam=0x0) returned 0x1
[0145.311] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0145.314] NtdllDefWindowProc_W (hWnd=0x300ec, Msg=0x219, wParam=0x7, lParam=0x0) returned 0x1
[0145.315] WaitMessage () returned 1
[0146.250] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.250] GetMessageA (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.250] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.250] DispatchMessageA (lpMsg=0xd7ed38) returned 0x1
[0146.250] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0146.250] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0146.250] WaitMessage () returned 1
[0146.527] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0146.528] IsWindowUnicode (hWnd=0x602c4) returned 1
[0146.528] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.528] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.528] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0146.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0146.528] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0146.528] IsWindowUnicode (hWnd=0x602c4) returned 1
[0146.528] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0146.528] SetCursor (hCursor=0x10003) returned 0x10003
[0146.529] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.529] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0146.529] _TrackMouseEvent (in: lpEventTrack=0x2ccbf0c | out: lpEventTrack=0x2ccbf0c) returned 1
[0146.529] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0146.529] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0146.529] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0146.529] GetKeyState (nVirtKey=1) returned 1
[0146.529] GetKeyState (nVirtKey=2) returned 0
[0146.529] GetKeyState (nVirtKey=4) returned 0
[0146.529] GetKeyState (nVirtKey=5) returned 0
[0146.529] GetKeyState (nVirtKey=6) returned 0
[0146.529] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.529] IsWindowUnicode (hWnd=0x602c4) returned 1
[0146.529] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.529] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.529] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0146.529] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0146.530] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0146.530] CreateCompatibleDC (hdc=0x107b9) returned 0x650107d1
[0146.530] SelectObject (hdc=0x650107d1, h=0x490507fe) returned 0x85000f
[0146.530] GdipCreateFromHDC (hdc=0x650107d1, graphics=0xd7e798) returned 0x0
[0146.530] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0146.530] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0146.530] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0146.530] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0146.530] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e7f8) returned 0x0
[0146.530] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0146.530] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee9f0) returned 0x0
[0146.531] LocalFree (hMem=0x11ee9f0) returned 0x0
[0146.531] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0146.531] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0146.531] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.531] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0146.531] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0146.531] GdipRestoreGraphics (graphics=0x6600030, state=0xfd740dbd) returned 0x0
[0146.531] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.531] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0146.531] GetCurrentObject (hdc=0x650107d1, type=0x1) returned 0xb00017
[0146.531] GetCurrentObject (hdc=0x650107d1, type=0x2) returned 0x900010
[0146.531] GetCurrentObject (hdc=0x650107d1, type=0x7) returned 0x490507fe
[0146.531] GetCurrentObject (hdc=0x650107d1, type=0x6) returned 0x8a01c2
[0146.531] SaveDC (hdc=0x650107d1) returned 1
[0146.531] GetNearestColor (hdc=0x650107d1, color=0xff) returned 0xff
[0146.531] GetNearestColor (hdc=0x650107d1, color=0x55) returned 0x55
[0146.531] GetNearestColor (hdc=0x650107d1, color=0x0) returned 0x0
[0146.532] GetNearestColor (hdc=0x650107d1, color=0x55) returned 0x55
[0146.532] GetNearestColor (hdc=0x650107d1, color=0x0) returned 0x0
[0146.532] GetNearestColor (hdc=0x650107d1, color=0x8080ff) returned 0x8080ff
[0146.532] GetNearestColor (hdc=0x650107d1, color=0x7373e5) returned 0x7373e5
[0146.532] GetNearestColor (hdc=0x650107d1, color=0xe5) returned 0xe5
[0146.532] GetNearestColor (hdc=0x650107d1, color=0x0) returned 0x0
[0146.532] RestoreDC (hdc=0x650107d1, nSavedDC=-1) returned 1
[0146.532] GdipReleaseDC (graphics=0x6600030, hdc=0x650107d1) returned 0x0
[0146.532] IsAppThemed () returned 0x1
[0146.532] GetThemeAppProperties () returned 0x3
[0146.532] GetThemeAppProperties () returned 0x3
[0146.532] IsAppThemed () returned 0x1
[0146.532] GetThemeAppProperties () returned 0x3
[0146.532] GetThemeAppProperties () returned 0x3
[0146.532] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d42198 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0146.533] IsAppThemed () returned 0x1
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] IsAppThemed () returned 0x1
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] IsAppThemed () returned 0x1
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] IsAppThemed () returned 0x1
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] GetThemeAppProperties () returned 0x3
[0146.533] IsThemePartDefined () returned 0x1
[0146.533] IsAppThemed () returned 0x1
[0146.534] GetThemeAppProperties () returned 0x3
[0146.534] GetThemeAppProperties () returned 0x3
[0146.534] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0146.534] IsAppThemed () returned 0x1
[0146.534] GetThemeAppProperties () returned 0x3
[0146.534] GetThemeAppProperties () returned 0x3
[0146.534] IsAppThemed () returned 0x1
[0146.534] GetThemeAppProperties () returned 0x3
[0146.534] GetThemeAppProperties () returned 0x3
[0146.534] IsThemePartDefined () returned 0x1
[0146.534] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0146.534] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.534] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0146.534] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0146.534] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e514) returned 0x0
[0146.534] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0146.534] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0146.534] LocalFree (hMem=0x11ee9f0) returned 0x0
[0146.534] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0146.534] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0146.535] LocalFree (hMem=0x11eec58) returned 0x0
[0146.535] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0146.535] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0146.535] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0146.535] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0146.535] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.535] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0146.535] GetCurrentObject (hdc=0x650107d1, type=0x1) returned 0xb00017
[0146.535] GetCurrentObject (hdc=0x650107d1, type=0x2) returned 0x900010
[0146.535] GetCurrentObject (hdc=0x650107d1, type=0x7) returned 0x490507fe
[0146.535] GetCurrentObject (hdc=0x650107d1, type=0x6) returned 0x8a01c2
[0146.535] SaveDC (hdc=0x650107d1) returned 1
[0146.535] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xac0407de
[0146.535] GetClipRgn (hdc=0x650107d1, hrgn=0xac0407de) returned 0
[0146.535] SelectClipRgn (hdc=0x650107d1, hrgn=0x30040807) returned 2
[0146.535] DeleteObject (ho=0xac0407de) returned 1
[0146.535] DeleteObject (ho=0x30040807) returned 1
[0146.535] OffsetViewportOrgEx (in: hdc=0x650107d1, x=0, y=0, lppt=0x2d42848 | out: lppt=0x2d42848) returned 1
[0146.536] DrawThemeParentBackground () returned 0x0
[0146.536] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0146.536] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0146.536] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.536] GetSystemMetrics (nIndex=42) returned 0
[0146.536] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0146.536] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0146.536] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0146.536] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0146.536] SelectPalette (hdc=0x650107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0146.536] GdipCreateFromHDC (hdc=0x650107d1, graphics=0xd7dff0) returned 0x0
[0146.536] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0146.537] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0146.537] GdipGetWorldTransform (graphics=0x6631910, matrix=0x65ffc88) returned 0x0
[0146.537] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dfc8) returned 0x0
[0146.537] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0146.537] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0146.537] GdipGetClip (graphics=0x6631910, region=0x65ffae0) returned 0x0
[0146.537] GdipIsInfiniteRegion (region=0x65ffae0, graphics=0x6631910, result=0xd7dfbc) returned 0x0
[0146.537] GdipDeleteRegion (region=0x65ffae0) returned 0x0
[0146.537] GdipSaveGraphics (graphics=0x6631910, state=0xd7dfe8) returned 0x0
[0146.537] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0146.550] GdipFillRectangleI (graphics=0x6631910, brush=0x6631bf0, x=0, y=0, width=801, height=453) returned 0x0
[0146.550] GdipDeleteBrush (brush=0x6631bf0) returned 0x0
[0146.552] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0146.552] SelectPalette (hdc=0x650107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0146.552] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.552] GetSystemMetrics (nIndex=42) returned 0
[0146.552] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0146.552] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0146.552] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0146.552] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0146.552] SelectPalette (hdc=0x650107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0146.552] GdipCreateFromHDC (hdc=0x650107d1, graphics=0xd7df90) returned 0x0
[0146.552] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0146.553] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0146.553] GdipGetWorldTransform (graphics=0x6631910, matrix=0x66046e0) returned 0x0
[0146.553] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df68) returned 0x0
[0146.553] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0146.553] GdipCreateRegion (region=0xd7df50) returned 0x0
[0146.553] GdipGetClip (graphics=0x6631910, region=0x65ffae0) returned 0x0
[0146.553] GdipIsInfiniteRegion (region=0x65ffae0, graphics=0x6631910, result=0xd7df5c) returned 0x0
[0146.553] GdipDeleteRegion (region=0x65ffae0) returned 0x0
[0146.553] GdipSaveGraphics (graphics=0x6631910, state=0xd7df88) returned 0x0
[0146.553] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0146.563] GdipFillRectangleI (graphics=0x6631910, brush=0x6631bf0, x=0, y=0, width=801, height=453) returned 0x0
[0146.563] GdipDeleteBrush (brush=0x6631bf0) returned 0x0
[0146.565] GdipRestoreGraphics (graphics=0x6631910, state=0xfd700dbd) returned 0x0
[0146.565] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.565] GetSystemMetrics (nIndex=42) returned 0
[0146.565] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0146.565] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0146.565] SelectPalette (hdc=0x650107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0146.566] RestoreDC (hdc=0x650107d1, nSavedDC=-1) returned 1
[0146.566] GdipReleaseDC (graphics=0x6600030, hdc=0x650107d1) returned 0x0
[0146.566] IsAppThemed () returned 0x1
[0146.566] GetThemeAppProperties () returned 0x3
[0146.566] GetThemeAppProperties () returned 0x3
[0146.566] IsAppThemed () returned 0x1
[0146.566] GetThemeAppProperties () returned 0x3
[0146.566] GetThemeAppProperties () returned 0x3
[0146.566] IsThemePartDefined () returned 0x1
[0146.566] GdipCreateRegion (region=0xd7e480) returned 0x0
[0146.566] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.566] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0146.566] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0146.566] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e498) returned 0x0
[0146.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0146.566] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee9f0) returned 0x0
[0146.566] LocalFree (hMem=0x11ee9f0) returned 0x0
[0146.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0146.566] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eec58) returned 0x0
[0146.566] LocalFree (hMem=0x11eec58) returned 0x0
[0146.567] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0146.567] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0146.567] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0146.567] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0146.567] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.567] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0146.567] GetCurrentObject (hdc=0x650107d1, type=0x1) returned 0xb00017
[0146.567] GetCurrentObject (hdc=0x650107d1, type=0x2) returned 0x900010
[0146.567] GetCurrentObject (hdc=0x650107d1, type=0x7) returned 0x490507fe
[0146.567] GetCurrentObject (hdc=0x650107d1, type=0x6) returned 0x8a01c2
[0146.567] SaveDC (hdc=0x650107d1) returned 1
[0146.567] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x31040807
[0146.567] GetClipRgn (hdc=0x650107d1, hrgn=0x31040807) returned 0
[0146.567] SelectClipRgn (hdc=0x650107d1, hrgn=0xae0407de) returned 2
[0146.567] DeleteObject (ho=0x31040807) returned 1
[0146.567] DeleteObject (ho=0xae0407de) returned 1
[0146.567] OffsetViewportOrgEx (in: hdc=0x650107d1, x=0, y=0, lppt=0x2d49098 | out: lppt=0x2d49098) returned 1
[0146.568] IsAppThemed () returned 0x1
[0146.568] GetThemeAppProperties () returned 0x3
[0146.569] GetThemeAppProperties () returned 0x3
[0146.569] DrawThemeBackground () returned 0x0
[0146.569] RestoreDC (hdc=0x650107d1, nSavedDC=-1) returned 1
[0146.569] GdipReleaseDC (graphics=0x6600030, hdc=0x650107d1) returned 0x0
[0146.569] GdipCreateRegion (region=0xd7e484) returned 0x0
[0146.569] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.569] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0146.569] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0146.569] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e49c) returned 0x0
[0146.569] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0146.569] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0146.569] LocalFree (hMem=0x11ee9f0) returned 0x0
[0146.569] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0146.569] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee868) returned 0x0
[0146.569] LocalFree (hMem=0x11ee868) returned 0x0
[0146.569] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0146.569] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0146.569] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0146.570] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0146.570] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.570] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0146.570] GetCurrentObject (hdc=0x650107d1, type=0x1) returned 0xb00017
[0146.570] GetCurrentObject (hdc=0x650107d1, type=0x2) returned 0x900010
[0146.570] GetCurrentObject (hdc=0x650107d1, type=0x7) returned 0x490507fe
[0146.570] GetCurrentObject (hdc=0x650107d1, type=0x6) returned 0x8a01c2
[0146.570] SaveDC (hdc=0x650107d1) returned 1
[0146.570] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xaf0407de
[0146.570] GetClipRgn (hdc=0x650107d1, hrgn=0xaf0407de) returned 0
[0146.570] SelectClipRgn (hdc=0x650107d1, hrgn=0x32040807) returned 2
[0146.570] DeleteObject (ho=0xaf0407de) returned 1
[0146.570] DeleteObject (ho=0x32040807) returned 1
[0146.570] OffsetViewportOrgEx (in: hdc=0x650107d1, x=0, y=0, lppt=0x2d4936c | out: lppt=0x2d4936c) returned 1
[0146.570] IsAppThemed () returned 0x1
[0146.571] GetThemeAppProperties () returned 0x3
[0146.571] GetThemeAppProperties () returned 0x3
[0146.571] GetThemeBackgroundContentRect () returned 0x0
[0146.571] RestoreDC (hdc=0x650107d1, nSavedDC=-1) returned 1
[0146.571] GdipReleaseDC (graphics=0x6600030, hdc=0x650107d1) returned 0x0
[0146.571] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0146.571] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0146.571] GdipFillRectangleI (graphics=0x6600030, brush=0x6632678, x=4, y=4, width=67, height=15) returned 0x0
[0146.571] GdipDeleteBrush (brush=0x6632678) returned 0x0
[0146.571] IsAppThemed () returned 0x1
[0146.571] GetThemeAppProperties () returned 0x3
[0146.571] GetThemeAppProperties () returned 0x3
[0146.571] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0146.571] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0146.571] GetCurrentObject (hdc=0x650107d1, type=0x1) returned 0xb00017
[0146.571] GetCurrentObject (hdc=0x650107d1, type=0x2) returned 0x900010
[0146.571] GetCurrentObject (hdc=0x650107d1, type=0x7) returned 0x490507fe
[0146.571] GetCurrentObject (hdc=0x650107d1, type=0x6) returned 0x8a01c2
[0146.571] SaveDC (hdc=0x650107d1) returned 1
[0146.572] GetTextAlign (hdc=0x650107d1) returned 0x0
[0146.572] GetTextColor (hdc=0x650107d1) returned 0x0
[0146.572] GetCurrentObject (hdc=0x650107d1, type=0x6) returned 0x8a01c2
[0146.572] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0146.572] SelectObject (hdc=0x650107d1, h=0x6d0a0520) returned 0x8a01c2
[0146.572] GetBkMode (hdc=0x650107d1) returned 2
[0146.572] SetBkMode (hdc=0x650107d1, mode=1) returned 2
[0146.572] DrawTextExW (in: hdc=0x650107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d49730 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0146.572] DrawTextExW (in: hdc=0x650107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d49730 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0146.573] RestoreDC (hdc=0x650107d1, nSavedDC=-1) returned 1
[0146.573] GdipReleaseDC (graphics=0x6600030, hdc=0x650107d1) returned 0x0
[0146.573] GetFocus () returned 0x602c4
[0146.573] IsAppThemed () returned 0x1
[0146.573] GetThemeAppProperties () returned 0x3
[0146.573] GetThemeAppProperties () returned 0x3
[0146.573] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0146.573] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x650107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0146.574] GdipReleaseDC (graphics=0x6600030, hdc=0x650107d1) returned 0x0
[0146.574] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0146.574] SelectObject (hdc=0x650107d1, h=0x85000f) returned 0x490507fe
[0146.574] DeleteDC (hdc=0x650107d1) returned 1
[0146.574] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0146.574] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0146.574] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0146.574] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0146.574] WaitMessage () returned 1
[0146.638] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.638] IsWindowUnicode (hWnd=0x602c4) returned 1
[0146.638] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.638] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.638] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0146.638] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.638] IsWindowUnicode (hWnd=0x602c4) returned 1
[0146.638] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.638] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.638] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0146.638] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0028) returned 0x0
[0146.639] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0146.639] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0146.639] WaitMessage () returned 1
[0146.770] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0146.770] IsWindowUnicode (hWnd=0x602c4) returned 1
[0146.770] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0146.770] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0146.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0045) returned 0x0
[0146.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0146.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0146.771] SetCursor (hCursor=0x10003) returned 0x10003
[0146.771] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.771] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0146.771] GetKeyState (nVirtKey=1) returned -128
[0146.771] GetKeyState (nVirtKey=2) returned 0
[0146.771] GetKeyState (nVirtKey=4) returned 0
[0146.771] GetKeyState (nVirtKey=5) returned 0
[0146.771] GetKeyState (nVirtKey=6) returned 0
[0146.771] IsWindowVisible (hWnd=0x602c4) returned 1
[0146.772] IsWindowEnabled (hWnd=0x602c4) returned 1
[0146.772] SetFocus (hWnd=0x602c4) returned 0x602c4
[0146.772] GetFocus () returned 0x602c4
[0146.772] GetFocus () returned 0x602c4
[0146.772] GetFocus () returned 0x602c4
[0146.772] GetKeyState (nVirtKey=1) returned -128
[0146.772] GetKeyState (nVirtKey=2) returned 0
[0146.772] GetKeyState (nVirtKey=4) returned 0
[0146.772] GetKeyState (nVirtKey=5) returned 0
[0146.772] GetKeyState (nVirtKey=6) returned 0
[0146.772] GetCapture () returned 0x0
[0146.772] SetCapture (hWnd=0x602c4) returned 0x0
[0146.773] GetKeyState (nVirtKey=1) returned -128
[0146.773] GetKeyState (nVirtKey=2) returned 0
[0146.773] GetKeyState (nVirtKey=4) returned 0
[0146.773] GetKeyState (nVirtKey=5) returned 0
[0146.773] GetKeyState (nVirtKey=6) returned 0
[0146.773] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0146.773] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0146.773] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.773] IsWindowUnicode (hWnd=0x602c4) returned 1
[0146.773] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0146.773] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0146.773] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0146.773] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d498b4, cPoints=0x1 | out: lpPoints=0x2d498b4) returned 40304859
[0146.773] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0146.773] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0146.773] UpdateWindow (hWnd=0x602c4) returned 1
[0146.773] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0146.774] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0146.774] CreateCompatibleDC (hdc=0x107b9) returned 0x660107d1
[0146.774] SelectObject (hdc=0x660107d1, h=0x490507fe) returned 0x85000f
[0146.774] GdipCreateFromHDC (hdc=0x660107d1, graphics=0xd7e430) returned 0x0
[0146.774] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0146.774] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0146.774] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0146.774] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0146.774] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e490) returned 0x0
[0146.774] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0146.774] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0146.774] LocalFree (hMem=0x11ee788) returned 0x0
[0146.774] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0146.774] GdipCreateRegion (region=0xd7e478) returned 0x0
[0146.775] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.775] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e484) returned 0x0
[0146.775] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0146.775] GdipRestoreGraphics (graphics=0x6600030, state=0xfd6e0dbd) returned 0x0
[0146.775] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.775] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0146.775] GetCurrentObject (hdc=0x660107d1, type=0x1) returned 0xb00017
[0146.775] GetCurrentObject (hdc=0x660107d1, type=0x2) returned 0x900010
[0146.775] GetCurrentObject (hdc=0x660107d1, type=0x7) returned 0x490507fe
[0146.775] GetCurrentObject (hdc=0x660107d1, type=0x6) returned 0x8a01c2
[0146.775] SaveDC (hdc=0x660107d1) returned 1
[0146.775] GetNearestColor (hdc=0x660107d1, color=0xff) returned 0xff
[0146.775] GetNearestColor (hdc=0x660107d1, color=0x55) returned 0x55
[0146.775] GetNearestColor (hdc=0x660107d1, color=0x0) returned 0x0
[0146.775] GetNearestColor (hdc=0x660107d1, color=0x55) returned 0x55
[0146.776] GetNearestColor (hdc=0x660107d1, color=0x0) returned 0x0
[0146.776] GetNearestColor (hdc=0x660107d1, color=0x8080ff) returned 0x8080ff
[0146.776] GetNearestColor (hdc=0x660107d1, color=0x7373e5) returned 0x7373e5
[0146.776] GetNearestColor (hdc=0x660107d1, color=0xe5) returned 0xe5
[0146.776] GetNearestColor (hdc=0x660107d1, color=0x0) returned 0x0
[0146.776] RestoreDC (hdc=0x660107d1, nSavedDC=-1) returned 1
[0146.776] GdipReleaseDC (graphics=0x6600030, hdc=0x660107d1) returned 0x0
[0146.776] IsAppThemed () returned 0x1
[0146.776] GetThemeAppProperties () returned 0x3
[0146.777] GetThemeAppProperties () returned 0x3
[0146.777] IsAppThemed () returned 0x1
[0146.777] GetThemeAppProperties () returned 0x3
[0146.777] GetThemeAppProperties () returned 0x3
[0146.777] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d49fd0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0146.777] IsAppThemed () returned 0x1
[0146.777] GetThemeAppProperties () returned 0x3
[0146.777] GetThemeAppProperties () returned 0x3
[0146.777] IsAppThemed () returned 0x1
[0146.777] GetThemeAppProperties () returned 0x3
[0146.777] GetThemeAppProperties () returned 0x3
[0146.777] IsAppThemed () returned 0x1
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] IsAppThemed () returned 0x1
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] IsThemePartDefined () returned 0x1
[0146.778] IsAppThemed () returned 0x1
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0146.778] IsAppThemed () returned 0x1
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] IsAppThemed () returned 0x1
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] GetThemeAppProperties () returned 0x3
[0146.778] IsThemePartDefined () returned 0x1
[0146.778] GdipCreateRegion (region=0xd7e194) returned 0x0
[0146.778] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.779] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0146.779] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0146.779] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e1ac) returned 0x0
[0146.779] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0146.779] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eead0) returned 0x0
[0146.779] LocalFree (hMem=0x11eead0) returned 0x0
[0146.779] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0146.779] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0146.779] LocalFree (hMem=0x11ee9f0) returned 0x0
[0146.779] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0146.779] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0146.779] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0146.779] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0146.779] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.779] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0146.780] GetCurrentObject (hdc=0x660107d1, type=0x1) returned 0xb00017
[0146.780] GetCurrentObject (hdc=0x660107d1, type=0x2) returned 0x900010
[0146.780] GetCurrentObject (hdc=0x660107d1, type=0x7) returned 0x490507fe
[0146.780] GetCurrentObject (hdc=0x660107d1, type=0x6) returned 0x8a01c2
[0146.780] SaveDC (hdc=0x660107d1) returned 1
[0146.780] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x33040807
[0146.780] GetClipRgn (hdc=0x660107d1, hrgn=0x33040807) returned 0
[0146.780] SelectClipRgn (hdc=0x660107d1, hrgn=0xb30407de) returned 2
[0146.780] DeleteObject (ho=0x33040807) returned 1
[0146.780] DeleteObject (ho=0xb30407de) returned 1
[0146.780] OffsetViewportOrgEx (in: hdc=0x660107d1, x=0, y=0, lppt=0x2d4a680 | out: lppt=0x2d4a680) returned 1
[0146.781] DrawThemeParentBackground () returned 0x0
[0146.781] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0146.781] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0146.781] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.781] GetSystemMetrics (nIndex=42) returned 0
[0146.781] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0146.783] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0146.783] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0146.783] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0146.783] SelectPalette (hdc=0x660107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0146.783] GdipCreateFromHDC (hdc=0x660107d1, graphics=0xd7dc88) returned 0x0
[0146.783] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0146.783] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0146.783] GdipGetWorldTransform (graphics=0x6631910, matrix=0x65ffc88) returned 0x0
[0146.783] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dc60) returned 0x0
[0146.783] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0146.783] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0146.784] GdipGetClip (graphics=0x6631910, region=0x65ffae0) returned 0x0
[0146.784] GdipIsInfiniteRegion (region=0x65ffae0, graphics=0x6631910, result=0xd7dc54) returned 0x0
[0146.784] GdipDeleteRegion (region=0x65ffae0) returned 0x0
[0146.784] GdipSaveGraphics (graphics=0x6631910, state=0xd7dc80) returned 0x0
[0146.784] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0146.797] GdipFillRectangleI (graphics=0x6631910, brush=0x6631bf0, x=0, y=0, width=801, height=453) returned 0x0
[0146.797] GdipDeleteBrush (brush=0x6631bf0) returned 0x0
[0146.799] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0146.799] SelectPalette (hdc=0x660107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0146.799] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.799] GetSystemMetrics (nIndex=42) returned 0
[0146.799] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0146.799] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0146.799] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0146.799] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0146.799] SelectPalette (hdc=0x660107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0146.800] GdipCreateFromHDC (hdc=0x660107d1, graphics=0xd7dc28) returned 0x0
[0146.800] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0146.800] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0146.800] GdipGetWorldTransform (graphics=0x6631910, matrix=0x66046e0) returned 0x0
[0146.800] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc00) returned 0x0
[0146.800] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0146.800] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0146.800] GdipGetClip (graphics=0x6631910, region=0x65ffae0) returned 0x0
[0146.800] GdipIsInfiniteRegion (region=0x65ffae0, graphics=0x6631910, result=0xd7dbf4) returned 0x0
[0146.800] GdipDeleteRegion (region=0x65ffae0) returned 0x0
[0146.800] GdipSaveGraphics (graphics=0x6631910, state=0xd7dc20) returned 0x0
[0146.800] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0146.814] GdipFillRectangleI (graphics=0x6631910, brush=0x6631bf0, x=0, y=0, width=801, height=453) returned 0x0
[0146.814] GdipDeleteBrush (brush=0x6631bf0) returned 0x0
[0146.815] GdipRestoreGraphics (graphics=0x6631910, state=0xfd6a0dbd) returned 0x0
[0146.815] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.815] GetSystemMetrics (nIndex=42) returned 0
[0146.815] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0146.816] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0146.816] SelectPalette (hdc=0x660107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0146.816] RestoreDC (hdc=0x660107d1, nSavedDC=-1) returned 1
[0146.816] GdipReleaseDC (graphics=0x6600030, hdc=0x660107d1) returned 0x0
[0146.816] IsAppThemed () returned 0x1
[0146.816] GetThemeAppProperties () returned 0x3
[0146.816] GetThemeAppProperties () returned 0x3
[0146.816] IsAppThemed () returned 0x1
[0146.816] GetThemeAppProperties () returned 0x3
[0146.816] GetThemeAppProperties () returned 0x3
[0146.816] IsThemePartDefined () returned 0x1
[0146.817] GdipCreateRegion (region=0xd7e118) returned 0x0
[0146.817] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.817] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0146.817] GdipGetWorldTransform (graphics=0x6600030, matrix=0x65ffc88) returned 0x0
[0146.817] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e130) returned 0x0
[0146.817] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0146.817] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eec58) returned 0x0
[0146.817] LocalFree (hMem=0x11eec58) returned 0x0
[0146.817] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0146.817] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee9f0) returned 0x0
[0146.817] LocalFree (hMem=0x11ee9f0) returned 0x0
[0146.817] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0146.817] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e158) returned 0x0
[0146.817] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e148) returned 0x0
[0146.817] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0146.817] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.817] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0146.817] GetCurrentObject (hdc=0x660107d1, type=0x1) returned 0xb00017
[0146.817] GetCurrentObject (hdc=0x660107d1, type=0x2) returned 0x900010
[0146.817] GetCurrentObject (hdc=0x660107d1, type=0x7) returned 0x490507fe
[0146.818] GetCurrentObject (hdc=0x660107d1, type=0x6) returned 0x8a01c2
[0146.818] SaveDC (hdc=0x660107d1) returned 1
[0146.818] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb40407de
[0146.818] GetClipRgn (hdc=0x660107d1, hrgn=0xb40407de) returned 0
[0146.818] SelectClipRgn (hdc=0x660107d1, hrgn=0x35040807) returned 2
[0146.818] DeleteObject (ho=0xb40407de) returned 1
[0146.818] DeleteObject (ho=0x35040807) returned 1
[0146.818] OffsetViewportOrgEx (in: hdc=0x660107d1, x=0, y=0, lppt=0x2d50ed0 | out: lppt=0x2d50ed0) returned 1
[0146.818] IsAppThemed () returned 0x1
[0146.818] GetThemeAppProperties () returned 0x3
[0146.818] GetThemeAppProperties () returned 0x3
[0146.818] DrawThemeBackground () returned 0x0
[0146.818] RestoreDC (hdc=0x660107d1, nSavedDC=-1) returned 1
[0146.819] GdipReleaseDC (graphics=0x6600030, hdc=0x660107d1) returned 0x0
[0146.819] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0146.819] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0146.819] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0146.819] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0146.819] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e134) returned 0x0
[0146.819] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0146.819] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0146.819] LocalFree (hMem=0x11ee788) returned 0x0
[0146.819] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0146.819] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0146.819] LocalFree (hMem=0x11eec58) returned 0x0
[0146.819] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0146.819] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0146.819] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0146.819] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0146.819] GdipDeleteRegion (region=0x6637928) returned 0x0
[0146.820] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0146.820] GetCurrentObject (hdc=0x660107d1, type=0x1) returned 0xb00017
[0146.820] GetCurrentObject (hdc=0x660107d1, type=0x2) returned 0x900010
[0146.820] GetCurrentObject (hdc=0x660107d1, type=0x7) returned 0x490507fe
[0146.820] GetCurrentObject (hdc=0x660107d1, type=0x6) returned 0x8a01c2
[0146.820] SaveDC (hdc=0x660107d1) returned 1
[0146.820] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x36040807
[0146.820] GetClipRgn (hdc=0x660107d1, hrgn=0x36040807) returned 0
[0146.820] SelectClipRgn (hdc=0x660107d1, hrgn=0xb50407de) returned 2
[0146.820] DeleteObject (ho=0x36040807) returned 1
[0146.820] DeleteObject (ho=0xb50407de) returned 1
[0146.821] OffsetViewportOrgEx (in: hdc=0x660107d1, x=0, y=0, lppt=0x2d511a4 | out: lppt=0x2d511a4) returned 1
[0146.821] IsAppThemed () returned 0x1
[0146.821] GetThemeAppProperties () returned 0x3
[0146.821] GetThemeAppProperties () returned 0x3
[0146.821] GetThemeBackgroundContentRect () returned 0x0
[0146.821] RestoreDC (hdc=0x660107d1, nSavedDC=-1) returned 1
[0146.821] GdipReleaseDC (graphics=0x6600030, hdc=0x660107d1) returned 0x0
[0146.821] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0146.821] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0146.821] GdipFillRectangleI (graphics=0x6600030, brush=0x6632678, x=4, y=4, width=67, height=15) returned 0x0
[0146.821] GdipDeleteBrush (brush=0x6632678) returned 0x0
[0146.821] IsAppThemed () returned 0x1
[0146.821] GetThemeAppProperties () returned 0x3
[0146.821] GetThemeAppProperties () returned 0x3
[0146.821] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0146.821] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0146.822] GetCurrentObject (hdc=0x660107d1, type=0x1) returned 0xb00017
[0146.823] GetCurrentObject (hdc=0x660107d1, type=0x2) returned 0x900010
[0146.823] GetCurrentObject (hdc=0x660107d1, type=0x7) returned 0x490507fe
[0146.823] GetCurrentObject (hdc=0x660107d1, type=0x6) returned 0x8a01c2
[0146.823] SaveDC (hdc=0x660107d1) returned 1
[0146.823] GetTextAlign (hdc=0x660107d1) returned 0x0
[0146.823] GetTextColor (hdc=0x660107d1) returned 0x0
[0146.823] GetCurrentObject (hdc=0x660107d1, type=0x6) returned 0x8a01c2
[0146.824] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0146.824] SelectObject (hdc=0x660107d1, h=0x6d0a0520) returned 0x8a01c2
[0146.824] GetBkMode (hdc=0x660107d1) returned 2
[0146.824] SetBkMode (hdc=0x660107d1, mode=1) returned 2
[0146.824] DrawTextExW (in: hdc=0x660107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d51568 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0146.824] DrawTextExW (in: hdc=0x660107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d51568 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0146.825] RestoreDC (hdc=0x660107d1, nSavedDC=-1) returned 1
[0146.825] GdipReleaseDC (graphics=0x6600030, hdc=0x660107d1) returned 0x0
[0146.825] GetFocus () returned 0x602c4
[0146.825] IsAppThemed () returned 0x1
[0146.825] GetThemeAppProperties () returned 0x3
[0146.825] GetThemeAppProperties () returned 0x3
[0146.825] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0146.825] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x660107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0146.826] GdipReleaseDC (graphics=0x6600030, hdc=0x660107d1) returned 0x0
[0146.826] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0146.826] SelectObject (hdc=0x660107d1, h=0x85000f) returned 0x490507fe
[0146.826] DeleteDC (hdc=0x660107d1) returned 1
[0146.826] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0146.826] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0146.826] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d51664, cPoints=0x1 | out: lpPoints=0x2d51664) returned 40304859
[0146.826] WindowFromPoint (Point=0x103) returned 0x602c4
[0146.826] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0146.826] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0146.826] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0146.827] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0146.827] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0146.827] GetSystemMetrics (nIndex=42) returned 0
[0146.827] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0146.827] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0146.829] GetCapture () returned 0x602c4
[0146.829] ReleaseCapture () returned 1
[0146.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0146.829] GetProcessWindowStation () returned 0x13c
[0146.830] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.830] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0146.831] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.831] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0146.831] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.831] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0146.832] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.833] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0146.833] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.833] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0146.834] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.834] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0146.834] GetDC (hWnd=0x0) returned 0x60100ce
[0146.834] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0146.834] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0146.834] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0146.834] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0146.835] GetSystemMetrics (nIndex=5) returned 1
[0146.835] GetSystemMetrics (nIndex=6) returned 1
[0146.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.835] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0146.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.835] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0146.838] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0146.838] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0146.839] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.839] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0146.839] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.839] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0146.840] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d57080 | out: lpData=0x2d57080) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d57490, puLen=0xd7e810) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d57138, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5718c, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5720c, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d57274, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d572b4, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5733c, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d57378, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d573d0, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d57400, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5743c, puLen=0xd7e790) returned 1
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.841] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d57490, puLen=0xd7e784) returned 1
[0146.842] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.842] VerQueryValueW (in: pBlock=0x2d57080, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d570a8, puLen=0xd7e794) returned 1
[0146.843] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0146.843] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0146.843] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.843] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0146.843] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.844] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0146.844] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d58ff0 | out: lpData=0x2d58ff0) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5908c, puLen=0xd7e810) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59104, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59134, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59170, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d591a0, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d591e8, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59260, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d592a4, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d592e4, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d590e2, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59230, puLen=0xd7e790) returned 1
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5908c, puLen=0xd7e784) returned 1
[0146.844] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0146.844] VerQueryValueW (in: pBlock=0x2d58ff0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d59018, puLen=0xd7e794) returned 1
[0146.845] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0146.845] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0146.845] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.845] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0146.845] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.846] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0146.846] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d5b2c8 | out: lpData=0x2d5b2c8) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5b6dc, puLen=0xd7e810) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b380, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b3d4, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b430, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b490, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b4e8, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b570, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b5c4, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b61c, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b64c, puLen=0xd7e790) returned 1
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.847] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b688, puLen=0xd7e790) returned 1
[0146.848] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.848] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5b6dc, puLen=0xd7e784) returned 1
[0146.848] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.848] VerQueryValueW (in: pBlock=0x2d5b2c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5b2f0, puLen=0xd7e794) returned 1
[0146.848] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0146.849] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0146.849] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.849] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0146.849] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.849] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0146.850] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d5d900 | out: lpData=0x2d5d900) returned 1
[0146.850] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5dd00, puLen=0xd7e810) returned 1
[0146.850] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5d9b8, puLen=0xd7e790) returned 1
[0146.850] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5da0c, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5da4c, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5dab4, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5db0c, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5db94, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5dbe8, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5dc40, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5dc70, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5dcac, puLen=0xd7e790) returned 1
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5dd00, puLen=0xd7e784) returned 1
[0146.851] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.851] VerQueryValueW (in: pBlock=0x2d5d900, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5d928, puLen=0xd7e794) returned 1
[0146.852] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0146.852] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0146.852] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.852] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0146.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.853] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0146.855] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d6003c | out: lpData=0x2d6003c) returned 1
[0146.856] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d60404, puLen=0xd7e810) returned 1
[0146.856] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d600f4, puLen=0xd7e790) returned 1
[0146.856] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60148, puLen=0xd7e790) returned 1
[0146.856] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60188, puLen=0xd7e790) returned 1
[0146.856] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d601f0, puLen=0xd7e790) returned 1
[0146.856] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6022c, puLen=0xd7e790) returned 1
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d602b4, puLen=0xd7e790) returned 1
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d602ec, puLen=0xd7e790) returned 1
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60344, puLen=0xd7e790) returned 1
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60374, puLen=0xd7e790) returned 1
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d603b0, puLen=0xd7e790) returned 1
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d60404, puLen=0xd7e784) returned 1
[0146.857] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.857] VerQueryValueW (in: pBlock=0x2d6003c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d60064, puLen=0xd7e794) returned 1
[0146.858] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0146.858] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0146.858] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.858] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0146.858] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.858] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0146.859] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d636a4 | out: lpData=0x2d636a4) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d63a84, puLen=0xd7e810) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6375c, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d637b0, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d637f0, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63850, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6389c, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63924, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6396c, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d639c4, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d639f4, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63a30, puLen=0xd7e790) returned 1
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d63a84, puLen=0xd7e784) returned 1
[0146.860] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.860] VerQueryValueW (in: pBlock=0x2d636a4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d636cc, puLen=0xd7e794) returned 1
[0146.861] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0146.861] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0146.861] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.861] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0146.861] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.861] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0146.862] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d65ec4 | out: lpData=0x2d65ec4) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d662d0, puLen=0xd7e810) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65f7c, puLen=0xd7e790) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65fd0, puLen=0xd7e790) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d66024, puLen=0xd7e790) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d66084, puLen=0xd7e790) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d660dc, puLen=0xd7e790) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d66164, puLen=0xd7e790) returned 1
[0146.863] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d661b8, puLen=0xd7e790) returned 1
[0146.864] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d66210, puLen=0xd7e790) returned 1
[0146.864] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d66240, puLen=0xd7e790) returned 1
[0146.864] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.864] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6627c, puLen=0xd7e790) returned 1
[0146.864] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.864] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d662d0, puLen=0xd7e784) returned 1
[0146.864] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.864] VerQueryValueW (in: pBlock=0x2d65ec4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d65eec, puLen=0xd7e794) returned 1
[0146.865] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0146.865] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0146.865] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.865] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0146.865] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.865] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0146.866] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d686d8 | out: lpData=0x2d686d8) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d68ab0, puLen=0xd7e810) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68790, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d687e4, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68824, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6888c, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d688d0, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68958, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68998, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d689f0, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68a20, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68a5c, puLen=0xd7e790) returned 1
[0146.867] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.868] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d68ab0, puLen=0xd7e784) returned 1
[0146.868] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.868] VerQueryValueW (in: pBlock=0x2d686d8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d68700, puLen=0xd7e794) returned 1
[0146.868] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0146.868] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0146.868] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.869] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0146.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.869] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0146.870] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d6ac30 | out: lpData=0x2d6ac30) returned 1
[0146.870] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d6b008, puLen=0xd7e810) returned 1
[0146.870] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ace8, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ad3c, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ad7c, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ade4, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ae28, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6aeb0, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6aef0, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6af48, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6af78, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6afb4, puLen=0xd7e790) returned 1
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d6b008, puLen=0xd7e784) returned 1
[0146.871] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.871] VerQueryValueW (in: pBlock=0x2d6ac30, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6ac58, puLen=0xd7e794) returned 1
[0146.874] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0146.874] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0146.874] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0146.874] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0146.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0146.874] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0146.876] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d6d368 | out: lpData=0x2d6d368) returned 1
[0146.876] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d6d798, puLen=0xd7e810) returned 1
[0146.876] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d420, puLen=0xd7e790) returned 1
[0146.876] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d474, puLen=0xd7e790) returned 1
[0146.876] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d4e4, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d544, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d5a0, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d628, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d680, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d6d8, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d708, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6d744, puLen=0xd7e790) returned 1
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d6d798, puLen=0xd7e784) returned 1
[0146.877] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0146.877] VerQueryValueW (in: pBlock=0x2d6d368, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6d390, puLen=0xd7e794) returned 1
[0146.877] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0146.878] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.878] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0146.878] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.878] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0146.878] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x402d8
[0146.879] SetWindowLongW (hWnd=0x402d8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0146.879] GetWindowLongW (hWnd=0x402d8, nIndex=-4) returned 1950089536
[0146.879] SetWindowLongW (hWnd=0x402d8, nIndex=-4, dwNewLong=19938646) returned 1950089536
[0146.880] GetWindowLongW (hWnd=0x402d8, nIndex=-4) returned 19938646
[0146.880] GetWindowLongW (hWnd=0x402d8, nIndex=-16) returned 113311744
[0146.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0146.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0146.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0146.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0146.881] GetClientRect (in: hWnd=0x402d8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0146.881] GetWindowRect (in: hWnd=0x402d8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0146.881] SetWindowTextW (hWnd=0x402d8, lpString="WindowsFormsParkingWindow") returned 1
[0146.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0xc, wParam=0x0, lParam=0x2d32864) returned 0x1
[0146.882] GetParent (hWnd=0x402d8) returned 0x0
[0146.882] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0146.882] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x402d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x202de
[0146.883] SetWindowLongW (hWnd=0x202de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0146.883] GetWindowLongW (hWnd=0x202de, nIndex=-4) returned 1868147648
[0146.883] SetWindowLongW (hWnd=0x202de, nIndex=-4, dwNewLong=19938686) returned 1868147648
[0146.883] GetWindowLongW (hWnd=0x202de, nIndex=-4) returned 19938686
[0146.884] GetWindowLongW (hWnd=0x202de, nIndex=-16) returned 1174405133
[0146.884] GetWindowLongW (hWnd=0x202de, nIndex=-12) returned 0
[0146.884] SetWindowLongW (hWnd=0x202de, nIndex=-12, dwNewLong=131806) returned 0
[0146.884] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0146.884] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0146.885] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0146.885] GetClientRect (in: hWnd=0x202de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0146.885] GetWindowRect (in: hWnd=0x202de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0146.885] GetParent (hWnd=0x202de) returned 0x402d8
[0146.885] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402d8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0146.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0146.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0146.887] GetClientRect (in: hWnd=0x202de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0146.887] GetWindowRect (in: hWnd=0x202de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0146.887] GetParent (hWnd=0x202de) returned 0x402d8
[0146.887] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402d8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0146.887] SendMessageW (hWnd=0x202de, Msg=0x2210, wParam=0x2de0001, lParam=0x202de) returned 0x0
[0146.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x2210, wParam=0x2de0001, lParam=0x202de) returned 0x0
[0146.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0146.887] GetParent (hWnd=0x202de) returned 0x402d8
[0146.888] GdipCreateFromHWND (hwnd=0x202de, graphics=0xd7e844) returned 0x0
[0146.888] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0146.889] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0146.889] GetForegroundWindow () returned 0x7005c
[0146.889] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.890] GetSystemMetrics (nIndex=42) returned 0
[0146.890] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0146.890] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0146.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.890] GetSystemMetrics (nIndex=42) returned 0
[0146.890] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0146.890] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.890] GetCursorPos (in: lpPoint=0x2d717ec | out: lpPoint=0x2d717ec*(x=259, y=628)) returned 1
[0146.890] MonitorFromPoint (pt=0x103, dwFlags=0x274) returned 0x10001
[0146.891] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0146.891] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x690107d1
[0146.891] GetDeviceCaps (hdc=0x690107d1, index=12) returned 32
[0146.891] GetDeviceCaps (hdc=0x690107d1, index=14) returned 1
[0146.891] DeleteDC (hdc=0x690107d1) returned 1
[0146.891] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0146.891] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0146.891] GetSystemMetrics (nIndex=59) returned 1460
[0146.891] GetSystemMetrics (nIndex=60) returned 920
[0146.891] GetSystemMetrics (nIndex=34) returned 136
[0146.891] GetSystemMetrics (nIndex=35) returned 39
[0146.892] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.892] GetCursorPos (in: lpPoint=0x2d71a58 | out: lpPoint=0x2d71a58*(x=259, y=628)) returned 1
[0146.892] MonitorFromPoint (pt=0x103, dwFlags=0x274) returned 0x10001
[0146.892] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0146.892] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x6a0107d1
[0146.892] GetDeviceCaps (hdc=0x6a0107d1, index=12) returned 32
[0146.892] GetDeviceCaps (hdc=0x6a0107d1, index=14) returned 1
[0146.892] DeleteDC (hdc=0x6a0107d1) returned 1
[0146.892] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0146.892] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0146.893] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.893] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0146.893] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d71cf0 | out: piconinfo=0x2d71cf0) returned 1
[0146.893] GetObjectW (in: h=0x19050781, c=24, pv=0x2d71d0c | out: pv=0x2d71d0c) returned 24
[0146.894] GdipCreateBitmapFromHBITMAP (hbm=0x19050781, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0146.894] GdipGetImageWidth (image=0x6631910, width=0xd7e750) returned 0x0
[0146.894] GdipGetImageHeight (image=0x6631910, height=0xd7e748) returned 0x0
[0146.894] GdipGetImagePixelFormat (image=0x6631910, format=0xd7e740) returned 0x0
[0146.894] GdipBitmapLockBits (bitmap=0x6631910, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d71dc4) returned 0x0
[0146.894] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0146.894] GdipBitmapLockBits (bitmap=0x663e560, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d71dfc) returned 0x0
[0146.894] RtlMoveMemory (in: Destination=0x6640ba8, Source=0x663b810, Length=0x80 | out: Destination=0x6640ba8)
[0146.894] RtlMoveMemory (in: Destination=0x6640c28, Source=0x663b790, Length=0x80 | out: Destination=0x6640c28)
[0146.895] RtlMoveMemory (in: Destination=0x6640ca8, Source=0x663b710, Length=0x80 | out: Destination=0x6640ca8)
[0146.895] RtlMoveMemory (in: Destination=0x6640d28, Source=0x663b690, Length=0x80 | out: Destination=0x6640d28)
[0146.895] RtlMoveMemory (in: Destination=0x6640da8, Source=0x663b610, Length=0x80 | out: Destination=0x6640da8)
[0146.895] RtlMoveMemory (in: Destination=0x6640e28, Source=0x663b590, Length=0x80 | out: Destination=0x6640e28)
[0146.895] RtlMoveMemory (in: Destination=0x6640ea8, Source=0x663b510, Length=0x80 | out: Destination=0x6640ea8)
[0146.895] RtlMoveMemory (in: Destination=0x6640f28, Source=0x663b490, Length=0x80 | out: Destination=0x6640f28)
[0146.895] RtlMoveMemory (in: Destination=0x6640fa8, Source=0x663b410, Length=0x80 | out: Destination=0x6640fa8)
[0146.895] RtlMoveMemory (in: Destination=0x6641028, Source=0x663b390, Length=0x80 | out: Destination=0x6641028)
[0146.895] RtlMoveMemory (in: Destination=0x66410a8, Source=0x663b310, Length=0x80 | out: Destination=0x66410a8)
[0146.895] RtlMoveMemory (in: Destination=0x6641128, Source=0x663b290, Length=0x80 | out: Destination=0x6641128)
[0146.895] RtlMoveMemory (in: Destination=0x66411a8, Source=0x663b210, Length=0x80 | out: Destination=0x66411a8)
[0146.895] RtlMoveMemory (in: Destination=0x6641228, Source=0x663b190, Length=0x80 | out: Destination=0x6641228)
[0146.895] RtlMoveMemory (in: Destination=0x66412a8, Source=0x663b110, Length=0x80 | out: Destination=0x66412a8)
[0146.895] RtlMoveMemory (in: Destination=0x6641328, Source=0x663b090, Length=0x80 | out: Destination=0x6641328)
[0146.895] RtlMoveMemory (in: Destination=0x66413a8, Source=0x663b010, Length=0x80 | out: Destination=0x66413a8)
[0146.895] RtlMoveMemory (in: Destination=0x6641428, Source=0x663af90, Length=0x80 | out: Destination=0x6641428)
[0146.895] RtlMoveMemory (in: Destination=0x66414a8, Source=0x663af10, Length=0x80 | out: Destination=0x66414a8)
[0146.895] RtlMoveMemory (in: Destination=0x6641528, Source=0x663ae90, Length=0x80 | out: Destination=0x6641528)
[0146.895] RtlMoveMemory (in: Destination=0x66415a8, Source=0x663ae10, Length=0x80 | out: Destination=0x66415a8)
[0146.895] RtlMoveMemory (in: Destination=0x6641628, Source=0x663ad90, Length=0x80 | out: Destination=0x6641628)
[0146.895] RtlMoveMemory (in: Destination=0x66416a8, Source=0x663ad10, Length=0x80 | out: Destination=0x66416a8)
[0146.896] RtlMoveMemory (in: Destination=0x6641728, Source=0x663ac90, Length=0x80 | out: Destination=0x6641728)
[0146.896] RtlMoveMemory (in: Destination=0x66417a8, Source=0x663ac10, Length=0x80 | out: Destination=0x66417a8)
[0146.896] RtlMoveMemory (in: Destination=0x6641828, Source=0x663ab90, Length=0x80 | out: Destination=0x6641828)
[0146.896] RtlMoveMemory (in: Destination=0x66418a8, Source=0x663ab10, Length=0x80 | out: Destination=0x66418a8)
[0146.896] RtlMoveMemory (in: Destination=0x6641928, Source=0x663aa90, Length=0x80 | out: Destination=0x6641928)
[0146.896] RtlMoveMemory (in: Destination=0x66419a8, Source=0x663aa10, Length=0x80 | out: Destination=0x66419a8)
[0146.896] RtlMoveMemory (in: Destination=0x6641a28, Source=0x663a990, Length=0x80 | out: Destination=0x6641a28)
[0146.896] RtlMoveMemory (in: Destination=0x6641aa8, Source=0x663a910, Length=0x80 | out: Destination=0x6641aa8)
[0146.896] RtlMoveMemory (in: Destination=0x6641b28, Source=0x663a890, Length=0x80 | out: Destination=0x6641b28)
[0146.896] GdipBitmapUnlockBits (bitmap=0x6631910, lockedBitmapData=0x2d71dc4) returned 0x0
[0146.896] GdipBitmapUnlockBits (bitmap=0x663e560, lockedBitmapData=0x2d71dfc) returned 0x0
[0146.897] GdipDisposeImage (image=0x6631910) returned 0x0
[0146.897] DeleteObject (ho=0x19050781) returned 1
[0146.897] DeleteObject (ho=0x6b0507d1) returned 1
[0146.897] GetCurrentThreadId () returned 0xf50
[0146.897] GetCurrentThreadId () returned 0xf50
[0146.897] SetWindowPos (hWnd=0x202de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0146.897] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0146.897] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0146.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0146.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0146.898] GetClientRect (in: hWnd=0x202de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0146.898] GetWindowRect (in: hWnd=0x202de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0146.898] GetParent (hWnd=0x202de) returned 0x402d8
[0146.898] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402d8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0146.898] InvalidateRect (hWnd=0x202de, lpRect=0x0, bErase=1) returned 1
[0146.898] GetWindowTextLengthW (hWnd=0x202de) returned 0
[0146.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0146.898] GetSystemMetrics (nIndex=42) returned 0
[0146.898] GetWindowTextW (in: hWnd=0x202de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0146.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0146.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0146.898] GetClientRect (in: hWnd=0x202de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0146.899] GetWindowRect (in: hWnd=0x202de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0146.899] GetParent (hWnd=0x202de) returned 0x402d8
[0146.899] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402d8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0146.899] GetWindowTextLengthW (hWnd=0x202de) returned 0
[0146.899] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0146.899] GetSystemMetrics (nIndex=42) returned 0
[0146.899] GetWindowTextW (in: hWnd=0x202de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0146.899] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0146.899] GetWindowTextLengthW (hWnd=0x202de) returned 0
[0146.899] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0146.899] GetSystemMetrics (nIndex=42) returned 0
[0146.899] GetWindowTextW (in: hWnd=0x202de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0146.899] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0146.899] SetWindowTextW (hWnd=0x202de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0146.899] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xc, wParam=0x0, lParam=0x2d52c58) returned 0x1
[0146.899] InvalidateRect (hWnd=0x202de, lpRect=0x0, bErase=1) returned 1
[0146.900] GetCurrentThreadId () returned 0xf50
[0146.900] GetWindowThreadProcessId (in: hWnd=0x202de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0146.900] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0146.901] GdipImageForceValidation (image=0x6641bb0) returned 0x0
[0146.905] GdipGetImageRawFormat (image=0x6641bb0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0146.905] GdipGetImageHeight (image=0x6641bb0, height=0xd7e824) returned 0x0
[0146.905] GdipGetImageWidth (image=0x6641bb0, width=0xd7e824) returned 0x0
[0146.905] GdipGetImageWidth (image=0x6641bb0, width=0xd7e810) returned 0x0
[0146.905] GdipGetImageHeight (image=0x6641bb0, height=0xd7e810) returned 0x0
[0146.905] GdipGetImageWidth (image=0x6641bb0, width=0xd7e800) returned 0x0
[0146.905] GdipGetImageHeight (image=0x6641bb0, height=0xd7e800) returned 0x0
[0146.905] GdipBitmapGetPixel (bitmap=0x6641bb0, x=0, y=15, color=0xd7e810) returned 0x0
[0146.905] GdipGetImageRawFormat (image=0x6641bb0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0146.905] GdipGetImageWidth (image=0x6641bb0, width=0xd7e740) returned 0x0
[0146.905] GdipGetImageHeight (image=0x6641bb0, height=0xd7e740) returned 0x0
[0146.905] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0146.915] GdipGetImagePixelFormat (image=0x6631910, format=0xd7e740) returned 0x0
[0146.915] GdipGetImageGraphicsContext (image=0x6631910, graphics=0xd7e74c) returned 0x0
[0146.915] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0146.915] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0146.915] GdipSetImageAttributesColorKeys (imageattr=0x6641fb8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0146.916] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6641bb0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6641fb8, callback=0x0, callbackData=0x0) returned 0x0
[0146.916] GdipDisposeImageAttributes (imageattr=0x6641fb8) returned 0x0
[0146.916] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0146.916] GdipDisposeImage (image=0x6641bb0) returned 0x0
[0146.917] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0146.918] GdipImageForceValidation (image=0x6641bb0) returned 0x0
[0146.920] GdipGetImageRawFormat (image=0x6641bb0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0146.920] GdipGetImageHeight (image=0x6641bb0, height=0xd7e824) returned 0x0
[0146.920] GdipGetImageWidth (image=0x6641bb0, width=0xd7e824) returned 0x0
[0146.920] GdipGetImageWidth (image=0x6641bb0, width=0xd7e810) returned 0x0
[0146.920] GdipGetImageHeight (image=0x6641bb0, height=0xd7e810) returned 0x0
[0146.920] GdipGetImageWidth (image=0x6641bb0, width=0xd7e800) returned 0x0
[0146.920] GdipGetImageHeight (image=0x6641bb0, height=0xd7e800) returned 0x0
[0146.920] GdipBitmapGetPixel (bitmap=0x6641bb0, x=0, y=15, color=0xd7e810) returned 0x0
[0146.920] GdipGetImageRawFormat (image=0x6641bb0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0146.920] GdipGetImageWidth (image=0x6641bb0, width=0xd7e740) returned 0x0
[0146.920] GdipGetImageHeight (image=0x6641bb0, height=0xd7e740) returned 0x0
[0146.920] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0146.920] GdipGetImagePixelFormat (image=0x663ac98, format=0xd7e740) returned 0x0
[0146.920] GdipGetImageGraphicsContext (image=0x663ac98, graphics=0xd7e74c) returned 0x0
[0146.920] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0146.921] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0146.921] GdipSetImageAttributesColorKeys (imageattr=0x6639120, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0146.921] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6641bb0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6639120, callback=0x0, callbackData=0x0) returned 0x0
[0146.921] GdipDisposeImageAttributes (imageattr=0x6639120) returned 0x0
[0146.921] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0146.921] GdipDisposeImage (image=0x6641bb0) returned 0x0
[0146.921] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.922] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0146.922] GetCurrentThreadId () returned 0xf50
[0146.922] GetCurrentThreadId () returned 0xf50
[0146.922] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.922] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0146.922] GetCurrentThreadId () returned 0xf50
[0146.922] GetCurrentThreadId () returned 0xf50
[0146.922] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.922] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0146.923] GetCurrentThreadId () returned 0xf50
[0146.923] GetCurrentThreadId () returned 0xf50
[0146.923] GetSystemMetrics (nIndex=5) returned 1
[0146.923] GetSystemMetrics (nIndex=6) returned 1
[0146.923] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.923] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0146.923] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.923] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0146.924] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.925] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0146.925] GetCurrentThreadId () returned 0xf50
[0146.925] GetCurrentThreadId () returned 0xf50
[0146.925] GetProcessWindowStation () returned 0x13c
[0146.925] GetCapture () returned 0x0
[0146.925] GetActiveWindow () returned 0x7005c
[0146.925] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0146.925] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.925] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0146.925] GetCursorPos (in: lpPoint=0x2d72f3c | out: lpPoint=0x2d72f3c*(x=259, y=628)) returned 1
[0146.925] MonitorFromPoint (pt=0x104, dwFlags=0x276) returned 0x10001
[0146.926] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0146.926] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x6c0107d1
[0146.926] GetDeviceCaps (hdc=0x6c0107d1, index=12) returned 32
[0146.926] GetDeviceCaps (hdc=0x6c0107d1, index=14) returned 1
[0146.926] DeleteDC (hdc=0x6c0107d1) returned 1
[0146.926] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0146.926] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0146.926] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x202dc
[0146.927] SetWindowLongW (hWnd=0x202dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0146.928] GetWindowLongW (hWnd=0x202dc, nIndex=-4) returned 1950089536
[0146.928] SetWindowLongW (hWnd=0x202dc, nIndex=-4, dwNewLong=19938926) returned 1950089536
[0146.928] GetWindowLongW (hWnd=0x202dc, nIndex=-4) returned 19938926
[0146.928] GetWindowLongW (hWnd=0x202dc, nIndex=-16) returned 113770496
[0146.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0146.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0146.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0146.930] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0146.930] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0146.931] SetWindowTextW (hWnd=0x202dc, lpString="BB ransomware") returned 1
[0146.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xc, wParam=0x0, lParam=0x2d716d8) returned 0x1
[0146.932] GetStartupInfoW (in: lpStartupInfo=0x2d73278 | out: lpStartupInfo=0x2d73278*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0146.935] GetParent (hWnd=0x202dc) returned 0x0
[0146.935] SetWindowLongW (hWnd=0x202dc, nIndex=-8, dwNewLong=0) returned 0
[0146.937] SendMessageW (hWnd=0x202dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0146.937] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0146.937] SendMessageW (hWnd=0x202dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0146.937] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0146.937] GetSystemMenu (hWnd=0x202dc, bRevert=0) returned 0xf02a1
[0146.938] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0146.938] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0146.938] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0146.938] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0146.938] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0146.938] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0146.938] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0146.938] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0146.939] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0146.939] SetWindowPos (hWnd=0x202dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0146.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0146.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x202dc) returned 0x1
[0146.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0146.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0146.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0146.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0146.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0146.947] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x202dc, lParam=0x0) returned 0x0
[0146.947] GetCapture () returned 0x0
[0146.947] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0146.948] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0146.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0146.956] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0146.956] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0146.956] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0146.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0146.957] GetParent (hWnd=0x202dc) returned 0x0
[0146.957] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0146.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0146.959] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0146.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0146.960] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0146.960] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0146.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0146.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0146.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0146.962] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.962] GetWindowLongW (hWnd=0x202dc, nIndex=-16) returned 113770496
[0146.962] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0146.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.962] GetSystemMetrics (nIndex=42) returned 0
[0146.963] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.963] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0146.963] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0146.963] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0146.963] GetSystemMetrics (nIndex=42) returned 0
[0146.963] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0146.963] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0146.963] GetCursorPos (in: lpPoint=0x2d734b4 | out: lpPoint=0x2d734b4*(x=259, y=628)) returned 1
[0146.963] MonitorFromPoint (pt=0x103, dwFlags=0x274) returned 0x10001
[0146.963] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0146.963] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9f010793
[0146.964] GetDeviceCaps (hdc=0x9f010793, index=12) returned 32
[0146.964] GetDeviceCaps (hdc=0x9f010793, index=14) returned 1
[0146.973] DeleteDC (hdc=0x9f010793) returned 1
[0146.973] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0146.973] GetWindowLongW (hWnd=0x202dc, nIndex=-16) returned 113770496
[0146.973] GetWindowLongW (hWnd=0x202dc, nIndex=-20) returned 327945
[0146.973] SetWindowLongW (hWnd=0x202dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0146.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0146.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0146.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0146.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0146.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0146.976] SetWindowLongW (hWnd=0x202dc, nIndex=-20, dwNewLong=327681) returned 327945
[0146.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0146.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0146.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0146.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0146.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0146.979] SetWindowPos (hWnd=0x202dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0146.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0146.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0146.980] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0146.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0146.980] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0146.980] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0146.981] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0146.982] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0146.982] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0146.982] RedrawWindow (hWnd=0x202dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0146.982] GetSystemMenu (hWnd=0x202dc, bRevert=0) returned 0xf02a1
[0146.982] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0146.982] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0146.982] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0146.982] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0146.982] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0146.982] EnableMenuItem (hMenu=0xf02a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0146.982] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0146.983] GetWindowLongW (hWnd=0x202dc, nIndex=-8) returned 0
[0146.983] SetWindowLongW (hWnd=0x202dc, nIndex=-8, dwNewLong=458844) returned 0
[0146.984] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0146.984] GetProcessWindowStation () returned 0x13c
[0146.984] GetCurrentThreadId () returned 0xf50
[0146.986] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1303e96, lParam=0x0) returned 1
[0146.986] IsWindowVisible (hWnd=0x202dc) returned 0
[0146.986] IsWindowVisible (hWnd=0x7005c) returned 1
[0146.986] IsWindowEnabled (hWnd=0x7005c) returned 1
[0146.986] IsWindowVisible (hWnd=0x300ec) returned 0
[0146.986] IsWindowVisible (hWnd=0x502c6) returned 0
[0146.986] IsWindowVisible (hWnd=0x502be) returned 0
[0146.986] GetActiveWindow () returned 0x202dc
[0146.987] GetFocus () returned 0x202dc
[0146.987] IsWindow (hWnd=0x7005c) returned 1
[0146.987] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0146.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0146.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0146.988] GetWindowLongW (hWnd=0x202dc, nIndex=-8) returned 458844
[0146.988] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0146.988] GetCurrentThreadId () returned 0xf50
[0146.988] GetWindowLongW (hWnd=0x202dc, nIndex=-8) returned 458844
[0146.988] IsWindowEnabled (hWnd=0x7005c) returned 0
[0146.988] IsWindowEnabled (hWnd=0x202dc) returned 1
[0146.988] ShowWindow (hWnd=0x202dc, nCmdShow=5) returned 0
[0146.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0146.988] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0146.989] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0146.989] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0146.989] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x202da
[0146.990] SetWindowLongW (hWnd=0x202da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0146.990] GetWindowLongW (hWnd=0x202da, nIndex=-4) returned 1950089536
[0146.990] SetWindowLongW (hWnd=0x202da, nIndex=-4, dwNewLong=19939006) returned 1950089536
[0146.990] GetWindowLongW (hWnd=0x202da, nIndex=-4) returned 19939006
[0146.990] GetWindowLongW (hWnd=0x202da, nIndex=-16) returned 1174405120
[0146.990] GetWindowLongW (hWnd=0x202da, nIndex=-12) returned 0
[0146.990] SetWindowLongW (hWnd=0x202da, nIndex=-12, dwNewLong=131802) returned 0
[0146.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0146.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0146.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0146.991] GetWindow (hWnd=0x202da, uCmd=0x3) returned 0x0
[0146.991] GetClientRect (in: hWnd=0x202da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0146.991] GetWindowRect (in: hWnd=0x202da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0146.991] GetParent (hWnd=0x202da) returned 0x202dc
[0146.991] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0146.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0146.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0146.992] GetClientRect (in: hWnd=0x202da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0146.992] GetWindowRect (in: hWnd=0x202da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0146.992] GetParent (hWnd=0x202da) returned 0x202dc
[0146.992] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0146.993] SendMessageW (hWnd=0x202da, Msg=0x2210, wParam=0x2da0001, lParam=0x202da) returned 0x0
[0146.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x2210, wParam=0x2da0001, lParam=0x202da) returned 0x0
[0146.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0146.993] GetParent (hWnd=0x202da) returned 0x202dc
[0146.993] GetParent (hWnd=0x202de) returned 0x402d8
[0146.993] SetParent (hWndChild=0x202de, hWndNewParent=0x202dc) returned 0x402d8
[0146.993] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0146.994] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0146.994] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0146.997] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0146.997] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0146.997] GetClientRect (in: hWnd=0x202de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0146.997] GetWindowRect (in: hWnd=0x202de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0146.997] GetParent (hWnd=0x202de) returned 0x202dc
[0146.997] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0146.997] GetClientRect (in: hWnd=0x202de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0146.997] GetWindowRect (in: hWnd=0x202de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0146.997] GetParent (hWnd=0x202de) returned 0x202dc
[0146.997] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0146.997] GetParent (hWnd=0x202de) returned 0x202dc
[0146.997] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0146.997] GetWindow (hWnd=0x202de, uCmd=0x3) returned 0x0
[0146.997] SetWindowPos (hWnd=0x202de, hWndInsertAfter=0x202da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0146.998] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0146.998] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0146.999] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0146.999] GetClientRect (in: hWnd=0x202de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0146.999] GetWindowRect (in: hWnd=0x202de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0146.999] GetParent (hWnd=0x202de) returned 0x202dc
[0146.999] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0146.999] GetParent (hWnd=0x202de) returned 0x202dc
[0146.999] GetWindow (hWnd=0x202de, uCmd=0x3) returned 0x202da
[0146.999] GetWindowThreadProcessId (in: hWnd=0x202de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0146.999] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0146.999] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0147.000] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0147.000] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x302d2
[0147.001] SetWindowLongW (hWnd=0x302d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0147.001] GetWindowLongW (hWnd=0x302d2, nIndex=-4) returned 1868032000
[0147.001] SetWindowLongW (hWnd=0x302d2, nIndex=-4, dwNewLong=19938726) returned 1868032000
[0147.001] GetWindowLongW (hWnd=0x302d2, nIndex=-4) returned 19938726
[0147.001] GetWindowLongW (hWnd=0x302d2, nIndex=-16) returned 1174470667
[0147.001] GetWindowLongW (hWnd=0x302d2, nIndex=-12) returned 0
[0147.001] SetWindowLongW (hWnd=0x302d2, nIndex=-12, dwNewLong=197330) returned 0
[0147.001] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0147.003] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0147.003] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0147.004] SendMessageW (hWnd=0x302d2, Msg=0x2055, wParam=0x302d2, lParam=0x3) returned 0x2
[0147.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0147.004] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0147.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0147.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0147.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0147.005] RedrawWindow (hWnd=0x202da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0147.005] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0147.006] RedrawWindow (hWnd=0x202de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0147.006] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0147.006] RedrawWindow (hWnd=0x302d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0147.006] RedrawWindow (hWnd=0x202dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0147.006] GetWindow (hWnd=0x302d2, uCmd=0x3) returned 0x202de
[0147.006] GetClientRect (in: hWnd=0x302d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0147.006] GetWindowRect (in: hWnd=0x302d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0147.006] GetParent (hWnd=0x302d2) returned 0x202dc
[0147.006] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0147.007] SetWindowTextW (hWnd=0x302d2, lpString="&Details") returned 1
[0147.007] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0xc, wParam=0x0, lParam=0x2d209b4) returned 0x1
[0147.007] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0147.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0147.008] GetClientRect (in: hWnd=0x302d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0147.008] GetWindowRect (in: hWnd=0x302d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0147.008] GetParent (hWnd=0x302d2) returned 0x202dc
[0147.008] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0147.008] SendMessageW (hWnd=0x302d2, Msg=0x2210, wParam=0x2d20001, lParam=0x302d2) returned 0x0
[0147.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x2210, wParam=0x2d20001, lParam=0x302d2) returned 0x0
[0147.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0147.008] GetParent (hWnd=0x302d2) returned 0x202dc
[0147.008] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0147.009] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0147.009] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0147.010] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x500ea
[0147.010] SetWindowLongW (hWnd=0x500ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0147.010] GetWindowLongW (hWnd=0x500ea, nIndex=-4) returned 1868032000
[0147.011] SetWindowLongW (hWnd=0x500ea, nIndex=-4, dwNewLong=19938766) returned 1868032000
[0147.011] GetWindowLongW (hWnd=0x500ea, nIndex=-4) returned 19938766
[0147.011] GetWindowLongW (hWnd=0x500ea, nIndex=-16) returned 1174470667
[0147.011] GetWindowLongW (hWnd=0x500ea, nIndex=-12) returned 0
[0147.011] SetWindowLongW (hWnd=0x500ea, nIndex=-12, dwNewLong=327914) returned 0
[0147.011] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0147.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0147.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0147.013] SendMessageW (hWnd=0x500ea, Msg=0x2055, wParam=0x500ea, lParam=0x3) returned 0x2
[0147.013] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0147.013] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0147.014] GetWindow (hWnd=0x500ea, uCmd=0x3) returned 0x302d2
[0147.014] GetClientRect (in: hWnd=0x500ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0147.014] GetWindowRect (in: hWnd=0x500ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0147.014] GetParent (hWnd=0x500ea) returned 0x202dc
[0147.014] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0147.014] SetWindowTextW (hWnd=0x500ea, lpString="&Continue") returned 1
[0147.014] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0xc, wParam=0x0, lParam=0x2d208c8) returned 0x1
[0147.015] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0147.015] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0147.015] GetClientRect (in: hWnd=0x500ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0147.015] GetWindowRect (in: hWnd=0x500ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0147.015] GetParent (hWnd=0x500ea) returned 0x202dc
[0147.016] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0147.016] SendMessageW (hWnd=0x500ea, Msg=0x2210, wParam=0xea0001, lParam=0x500ea) returned 0x0
[0147.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x2210, wParam=0xea0001, lParam=0x500ea) returned 0x0
[0147.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0147.017] GetParent (hWnd=0x500ea) returned 0x202dc
[0147.017] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0147.017] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0147.018] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0147.018] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902ca
[0147.018] SetWindowLongW (hWnd=0x902ca, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0147.019] GetWindowLongW (hWnd=0x902ca, nIndex=-4) returned 1868032000
[0147.019] SetWindowLongW (hWnd=0x902ca, nIndex=-4, dwNewLong=19939046) returned 1868032000
[0147.019] GetWindowLongW (hWnd=0x902ca, nIndex=-4) returned 19939046
[0147.019] GetWindowLongW (hWnd=0x902ca, nIndex=-16) returned 1174470667
[0147.019] GetWindowLongW (hWnd=0x902ca, nIndex=-12) returned 0
[0147.019] SetWindowLongW (hWnd=0x902ca, nIndex=-12, dwNewLong=590538) returned 0
[0147.019] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0147.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0147.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0147.022] SendMessageW (hWnd=0x902ca, Msg=0x2055, wParam=0x902ca, lParam=0x3) returned 0x2
[0147.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0147.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0147.022] GetWindow (hWnd=0x902ca, uCmd=0x3) returned 0x500ea
[0147.022] GetClientRect (in: hWnd=0x902ca, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0147.022] GetWindowRect (in: hWnd=0x902ca, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0147.022] GetParent (hWnd=0x902ca) returned 0x202dc
[0147.022] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0147.023] SetWindowTextW (hWnd=0x902ca, lpString="&Quit") returned 1
[0147.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0xc, wParam=0x0, lParam=0x2d2091c) returned 0x1
[0147.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0147.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0147.023] GetClientRect (in: hWnd=0x902ca, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0147.023] GetWindowRect (in: hWnd=0x902ca, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0147.023] GetParent (hWnd=0x902ca) returned 0x202dc
[0147.024] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0147.024] SendMessageW (hWnd=0x902ca, Msg=0x2210, wParam=0x2ca0001, lParam=0x902ca) returned 0x0
[0147.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x2210, wParam=0x2ca0001, lParam=0x902ca) returned 0x0
[0147.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0147.025] GetParent (hWnd=0x902ca) returned 0x202dc
[0147.025] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0147.025] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0147.025] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0147.032] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x4013e
[0147.033] SetWindowLongW (hWnd=0x4013e, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0147.033] GetWindowLongW (hWnd=0x4013e, nIndex=-4) returned 1868026976
[0147.033] SetWindowLongW (hWnd=0x4013e, nIndex=-4, dwNewLong=19938806) returned 1868026976
[0147.034] GetWindowLongW (hWnd=0x4013e, nIndex=-4) returned 19938806
[0147.034] GetWindowLongW (hWnd=0x4013e, nIndex=-16) returned 1177553092
[0147.034] GetWindowLongW (hWnd=0x4013e, nIndex=-12) returned 0
[0147.034] SetWindowLongW (hWnd=0x4013e, nIndex=-12, dwNewLong=262462) returned 0
[0147.034] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0147.037] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0147.039] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0147.063] GetWindow (hWnd=0x4013e, uCmd=0x3) returned 0x902ca
[0147.063] GetClientRect (in: hWnd=0x4013e, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0147.063] GetWindowRect (in: hWnd=0x4013e, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0147.063] GetParent (hWnd=0x4013e) returned 0x202dc
[0147.063] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0147.063] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.063] GetSystemMetrics (nIndex=42) returned 0
[0147.063] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0147.064] SendMessageW (hWnd=0x4013e, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0147.064] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0147.078] SetWindowTextW (hWnd=0x4013e, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0147.078] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0xc, wParam=0x0, lParam=0x2d6f0c0) returned 0x1
[0147.080] GetSystemMetrics (nIndex=5) returned 1
[0147.080] GetSystemMetrics (nIndex=6) returned 1
[0147.080] SendMessageW (hWnd=0x4013e, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0147.080] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0147.080] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0147.081] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0147.081] GetClientRect (in: hWnd=0x4013e, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0147.081] GetWindowRect (in: hWnd=0x4013e, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0147.081] GetParent (hWnd=0x4013e) returned 0x202dc
[0147.081] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x202dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0147.081] SendMessageW (hWnd=0x4013e, Msg=0x2210, wParam=0x13e0001, lParam=0x4013e) returned 0x0
[0147.081] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x2210, wParam=0x13e0001, lParam=0x4013e) returned 0x0
[0147.082] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0147.082] GetParent (hWnd=0x4013e) returned 0x202dc
[0147.082] GetWindowLongW (hWnd=0x202dc, nIndex=-8) returned 458844
[0147.082] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0147.082] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0147.082] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xa6010793
[0147.082] GetDeviceCaps (hdc=0xa6010793, index=12) returned 32
[0147.082] GetDeviceCaps (hdc=0xa6010793, index=14) returned 1
[0147.082] DeleteDC (hdc=0xa6010793) returned 1
[0147.082] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0147.083] GetWindowThreadProcessId (in: hWnd=0x202dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0147.083] GetCurrentThreadId () returned 0xf50
[0147.083] PostMessageW (hWnd=0x202dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0147.083] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.083] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.083] GetSystemMetrics (nIndex=42) returned 0
[0147.083] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.083] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0147.083] GdipImageGetFrameDimensionsCount (image=0x663e560, count=0xd7e25c) returned 0x0
[0147.083] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7298
[0147.083] GdipImageGetFrameDimensionsList (image=0x663e560, dimensionIDs=0x11f7298*(Data1=0x302d8, Data2=0x3278, Data3=0x11d, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0147.083] LocalFree (hMem=0x11f7298) returned 0x0
[0147.083] GdipImageGetFrameDimensionsCount (image=0x6631910, count=0xd7e250) returned 0x0
[0147.084] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7298
[0147.084] GdipImageGetFrameDimensionsList (image=0x6631910, dimensionIDs=0x11f7298*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0147.084] LocalFree (hMem=0x11f7298) returned 0x0
[0147.084] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0147.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0147.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0147.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0147.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0147.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0147.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0147.112] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0147.112] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0147.112] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.112] GetSystemMetrics (nIndex=42) returned 0
[0147.112] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0147.112] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0147.112] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0147.112] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0147.112] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0x380507d3
[0147.112] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0147.112] SaveDC (hdc=0x107b9) returned 1
[0147.113] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0147.113] CreateSolidBrush (color=0xf0f0f0) returned 0x2b1007e1
[0147.113] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x2b1007e1) returned 1
[0147.113] DeleteObject (ho=0x2b1007e1) returned 1
[0147.113] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0147.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0147.113] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0147.114] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0147.114] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0147.114] GetStockObject (i=5) returned 0x900015
[0147.114] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0147.114] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0147.114] GetStockObject (i=5) returned 0x900015
[0147.114] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0147.115] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0147.115] GetStockObject (i=5) returned 0x900015
[0147.115] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0147.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0147.115] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0147.115] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0147.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0147.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0147.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0147.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0147.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0147.118] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0147.118] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0147.118] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.118] InvalidateRect (hWnd=0x302d2, lpRect=0x0, bErase=0) returned 1
[0147.118] GetFocus () returned 0x202dc
[0147.118] GetFocus () returned 0x202dc
[0147.118] SetFocus (hWnd=0x302d2) returned 0x202dc
[0147.119] GetFocus () returned 0x302d2
[0147.119] IsChild (hWndParent=0x202dc, hWnd=0x302d2) returned 1
[0147.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x8, wParam=0x302d2, lParam=0x0) returned 0x0
[0147.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0147.121] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0147.128] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0147.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x7, wParam=0x202dc, lParam=0x0) returned 0x0
[0147.128] GetStockObject (i=5) returned 0x900015
[0147.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0147.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0147.129] GetDlgItem (hDlg=0x202dc, nIDDlgItem=197330) returned 0x302d2
[0147.129] SendMessageW (hWnd=0x302d2, Msg=0x202b, wParam=0x302d2, lParam=0xd7e0dc) returned 0x0
[0147.129] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x202b, wParam=0x302d2, lParam=0xd7e0dc) returned 0x0
[0147.129] InvalidateRect (hWnd=0x302d2, lpRect=0x0, bErase=0) returned 1
[0147.132] GetFocus () returned 0x302d2
[0147.133] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.133] IsWindowUnicode (hWnd=0x202dc) returned 1
[0147.133] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.133] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.133] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0147.133] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.133] IsWindowUnicode (hWnd=0x202dc) returned 1
[0147.133] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.133] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.133] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.133] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.134] IsWindowUnicode (hWnd=0x500ea) returned 1
[0147.134] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.134] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.134] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.134] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.134] IsWindowUnicode (hWnd=0x602c4) returned 1
[0147.134] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.134] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.134] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0147.134] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0147.134] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.135] IsWindowUnicode (hWnd=0x500ea) returned 1
[0147.135] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.135] SetCursor (hCursor=0x10003) returned 0x10003
[0147.135] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.135] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.135] _TrackMouseEvent (in: lpEventTrack=0x2d747fc | out: lpEventTrack=0x2d747fc) returned 1
[0147.135] SendMessageW (hWnd=0x500ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0147.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0147.135] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.135] GetKeyState (nVirtKey=1) returned 0
[0147.135] GetKeyState (nVirtKey=2) returned 0
[0147.135] GetKeyState (nVirtKey=4) returned 0
[0147.135] GetKeyState (nVirtKey=5) returned 0
[0147.135] GetKeyState (nVirtKey=6) returned 0
[0147.135] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.136] IsWindowUnicode (hWnd=0x202dc) returned 1
[0147.136] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.136] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.136] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.136] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.137] IsWindowUnicode (hWnd=0x202dc) returned 1
[0147.137] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.137] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.137] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.137] BeginPaint (in: hWnd=0x202dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0147.137] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.138] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.138] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.138] GetSystemMetrics (nIndex=42) returned 0
[0147.138] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.138] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0147.138] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.138] EndPaint (hWnd=0x202dc, lpPaint=0xd7e274) returned 1
[0147.138] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.138] IsWindowUnicode (hWnd=0x202da) returned 1
[0147.138] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.138] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.138] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.139] BeginPaint (in: hWnd=0x202da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0147.139] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.139] CreateCompatibleDC (hdc=0xf0105ee) returned 0x350107d0
[0147.139] DeleteObject (ho=0x490507fe) returned 1
[0147.140] GetObjectType (h=0xf0105ee) returned 0x3
[0147.140] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0xffffffff96050787
[0147.140] GetDIBits (in: hdc=0xf0105ee, hbm=0x96050787, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd88, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd88) returned 1
[0147.141] GetDIBits (in: hdc=0xf0105ee, hbm=0x96050787, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd88, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd88) returned 1
[0147.141] DeleteObject (ho=0x96050787) returned 1
[0147.141] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7ddd8, usage=0x0, ppvBits=0xd7e2cc, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e2cc) returned 0x4a0507fe
[0147.141] SelectObject (hdc=0x350107d0, h=0x4a0507fe) returned 0x85000f
[0147.141] GdipCreateFromHDC (hdc=0x350107d0, graphics=0xd7e2b0) returned 0x0
[0147.141] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0147.141] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0147.141] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0147.141] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.141] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e310) returned 0x0
[0147.141] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0147.141] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eec58) returned 0x0
[0147.142] LocalFree (hMem=0x11eec58) returned 0x0
[0147.142] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.142] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0147.142] GdipGetClip (graphics=0x6600030, region=0x66377f8) returned 0x0
[0147.142] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0147.142] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0147.142] GetWindowTextLengthW (hWnd=0x202da) returned 0
[0147.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0147.142] GetSystemMetrics (nIndex=42) returned 0
[0147.142] GetWindowTextW (in: hWnd=0x202da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0147.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0147.142] GetClientRect (in: hWnd=0x202da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0147.142] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0147.142] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0147.142] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0147.142] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.142] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e164) returned 0x0
[0147.142] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0147.142] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0147.142] LocalFree (hMem=0x11eec58) returned 0x0
[0147.142] GdipCombineRegionRegion (region=0x6637928, region2=0x66377f8, combineMode=0x1) returned 0x0
[0147.143] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0147.143] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0147.143] LocalFree (hMem=0x11eecc8) returned 0x0
[0147.143] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.143] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0147.143] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0147.143] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0147.143] GdipDeleteRegion (region=0x6637928) returned 0x0
[0147.143] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0147.143] GetCurrentObject (hdc=0x350107d0, type=0x1) returned 0xb00017
[0147.143] GetCurrentObject (hdc=0x350107d0, type=0x2) returned 0x900010
[0147.143] GetCurrentObject (hdc=0x350107d0, type=0x7) returned 0x4a0507fe
[0147.143] GetCurrentObject (hdc=0x350107d0, type=0x6) returned 0x8a01c2
[0147.143] SaveDC (hdc=0x350107d0) returned 1
[0147.143] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb60407de
[0147.143] GetClipRgn (hdc=0x350107d0, hrgn=0xb60407de) returned 0
[0147.143] SelectClipRgn (hdc=0x350107d0, hrgn=0x39040807) returned 2
[0147.143] DeleteObject (ho=0xb60407de) returned 1
[0147.144] DeleteObject (ho=0x39040807) returned 1
[0147.144] OffsetViewportOrgEx (in: hdc=0x350107d0, x=0, y=0, lppt=0x2d75ca8 | out: lppt=0x2d75ca8) returned 1
[0147.144] GetNearestColor (hdc=0x350107d0, color=0xf0f0f0) returned 0xf0f0f0
[0147.144] CreateSolidBrush (color=0xf0f0f0) returned 0x2c1007e1
[0147.144] FillRect (hDC=0x350107d0, lprc=0xd7e198, hbr=0x2c1007e1) returned 1
[0147.145] DeleteObject (ho=0x2c1007e1) returned 1
[0147.145] RestoreDC (hdc=0x350107d0, nSavedDC=-1) returned 1
[0147.146] GdipReleaseDC (graphics=0x6600030, hdc=0x350107d0) returned 0x0
[0147.146] GdipRestoreGraphics (graphics=0x6600030, state=0xfd640dbd) returned 0x0
[0147.146] GdipDeleteRegion (region=0x66377f8) returned 0x0
[0147.146] GetWindowTextLengthW (hWnd=0x202da) returned 0
[0147.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0147.146] GetSystemMetrics (nIndex=42) returned 0
[0147.146] GetWindowTextW (in: hWnd=0x202da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0147.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0147.146] GdipGetImageWidth (image=0x663e560, width=0xd7e1e0) returned 0x0
[0147.147] GdipGetImageHeight (image=0x663e560, height=0xd7e1e0) returned 0x0
[0147.147] GdipGetImageWidth (image=0x663e560, width=0xd7e1cc) returned 0x0
[0147.147] GdipGetImageHeight (image=0x663e560, height=0xd7e1cc) returned 0x0
[0147.147] GdipDrawImageRectI (graphics=0x6600030, image=0x663e560, x=16, y=16, width=32, height=32) returned 0x0
[0147.147] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0147.147] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0x350107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0147.148] GdipReleaseDC (graphics=0x6600030, hdc=0x350107d0) returned 0x0
[0147.148] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.148] SelectObject (hdc=0x350107d0, h=0x85000f) returned 0x4a0507fe
[0147.148] DeleteDC (hdc=0x350107d0) returned 1
[0147.148] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0147.148] EndPaint (hWnd=0x202da, lpPaint=0xd7e294) returned 1
[0147.148] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.149] IsWindowUnicode (hWnd=0x202de) returned 1
[0147.149] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.149] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.149] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.149] BeginPaint (in: hWnd=0x202de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0147.149] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.149] CreateCompatibleDC (hdc=0x60100ce) returned 0x370107d0
[0147.149] GetObjectType (h=0x60100ce) returned 0x3
[0147.149] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0x680505d8
[0147.149] GetDIBits (in: hdc=0x60100ce, hbm=0x680505d8, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0147.149] GetDIBits (in: hdc=0x60100ce, hbm=0x680505d8, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0147.149] DeleteObject (ho=0x680505d8) returned 1
[0147.150] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xaf050793
[0147.150] SelectObject (hdc=0x370107d0, h=0xaf050793) returned 0x85000f
[0147.150] GdipCreateFromHDC (hdc=0x370107d0, graphics=0xd7e234) returned 0x0
[0147.151] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0147.151] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0147.151] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0147.151] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.151] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e2d4) returned 0x0
[0147.151] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.151] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee788) returned 0x0
[0147.151] LocalFree (hMem=0x11ee788) returned 0x0
[0147.151] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.151] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0147.151] GdipGetClip (graphics=0x6600030, region=0x66377f8) returned 0x0
[0147.151] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0147.151] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0147.151] GetWindowTextLengthW (hWnd=0x202de) returned 232
[0147.151] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0147.151] GetSystemMetrics (nIndex=42) returned 0
[0147.151] GetWindowTextW (in: hWnd=0x202de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0147.151] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0147.152] GetClientRect (in: hWnd=0x202de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0147.152] GdipCreateRegion (region=0xd7e110) returned 0x0
[0147.152] GdipGetClip (graphics=0x6600030, region=0x6637928) returned 0x0
[0147.152] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0147.152] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.152] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e128) returned 0x0
[0147.152] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.152] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0147.152] LocalFree (hMem=0x11ee788) returned 0x0
[0147.152] GdipCombineRegionRegion (region=0x6637928, region2=0x66377f8, combineMode=0x1) returned 0x0
[0147.152] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0147.152] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee910) returned 0x0
[0147.152] LocalFree (hMem=0x11ee910) returned 0x0
[0147.152] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.152] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e150) returned 0x0
[0147.152] GdipIsInfiniteRegion (region=0x6637928, graphics=0x6600030, result=0xd7e140) returned 0x0
[0147.152] GdipGetRegionHRgn (region=0x6637928, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0147.152] GdipDeleteRegion (region=0x6637928) returned 0x0
[0147.152] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0147.152] GetCurrentObject (hdc=0x370107d0, type=0x1) returned 0xb00017
[0147.153] GetCurrentObject (hdc=0x370107d0, type=0x2) returned 0x900010
[0147.153] GetCurrentObject (hdc=0x370107d0, type=0x7) returned 0xffffffffaf050793
[0147.153] GetCurrentObject (hdc=0x370107d0, type=0x6) returned 0x8a01c2
[0147.153] SaveDC (hdc=0x370107d0) returned 1
[0147.153] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a040807
[0147.153] GetClipRgn (hdc=0x370107d0, hrgn=0x3a040807) returned 0
[0147.153] SelectClipRgn (hdc=0x370107d0, hrgn=0xb70407de) returned 2
[0147.153] DeleteObject (ho=0x3a040807) returned 1
[0147.153] DeleteObject (ho=0xb70407de) returned 1
[0147.153] OffsetViewportOrgEx (in: hdc=0x370107d0, x=0, y=0, lppt=0x2d77670 | out: lppt=0x2d77670) returned 1
[0147.153] GetNearestColor (hdc=0x370107d0, color=0xf0f0f0) returned 0xf0f0f0
[0147.153] CreateSolidBrush (color=0xf0f0f0) returned 0x2d1007e1
[0147.153] FillRect (hDC=0x370107d0, lprc=0xd7e15c, hbr=0x2d1007e1) returned 1
[0147.155] DeleteObject (ho=0x2d1007e1) returned 1
[0147.155] RestoreDC (hdc=0x370107d0, nSavedDC=-1) returned 1
[0147.155] GdipReleaseDC (graphics=0x6600030, hdc=0x370107d0) returned 0x0
[0147.155] GdipRestoreGraphics (graphics=0x6600030, state=0xfd620dbd) returned 0x0
[0147.155] GdipDeleteRegion (region=0x66377f8) returned 0x0
[0147.155] GetWindowTextLengthW (hWnd=0x202de) returned 232
[0147.155] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0147.155] GetSystemMetrics (nIndex=42) returned 0
[0147.155] GetWindowTextW (in: hWnd=0x202de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0147.155] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0147.155] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0147.155] GetCurrentObject (hdc=0x370107d0, type=0x1) returned 0xb00017
[0147.155] GetCurrentObject (hdc=0x370107d0, type=0x2) returned 0x900010
[0147.155] GetCurrentObject (hdc=0x370107d0, type=0x7) returned 0xffffffffaf050793
[0147.156] GetCurrentObject (hdc=0x370107d0, type=0x6) returned 0x8a01c2
[0147.159] SaveDC (hdc=0x370107d0) returned 1
[0147.159] GetNearestColor (hdc=0x370107d0, color=0x0) returned 0x0
[0147.159] RestoreDC (hdc=0x370107d0, nSavedDC=-1) returned 1
[0147.159] GdipReleaseDC (graphics=0x6600030, hdc=0x370107d0) returned 0x0
[0147.160] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0147.160] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0147.160] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d77e6c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0147.161] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0147.161] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0147.161] GetCurrentObject (hdc=0x370107d0, type=0x1) returned 0xb00017
[0147.161] GetCurrentObject (hdc=0x370107d0, type=0x2) returned 0x900010
[0147.161] GetCurrentObject (hdc=0x370107d0, type=0x7) returned 0xffffffffaf050793
[0147.161] GetCurrentObject (hdc=0x370107d0, type=0x6) returned 0x8a01c2
[0147.161] SaveDC (hdc=0x370107d0) returned 1
[0147.161] GetTextAlign (hdc=0x370107d0) returned 0x0
[0147.161] GetTextColor (hdc=0x370107d0) returned 0x0
[0147.161] GetCurrentObject (hdc=0x370107d0, type=0x6) returned 0x8a01c2
[0147.161] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0147.162] SelectObject (hdc=0x370107d0, h=0x6d0a0520) returned 0x8a01c2
[0147.162] GetBkMode (hdc=0x370107d0) returned 2
[0147.162] SetBkMode (hdc=0x370107d0, mode=1) returned 2
[0147.162] DrawTextExW (in: hdc=0x370107d0, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d78090 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0147.185] RestoreDC (hdc=0x370107d0, nSavedDC=-1) returned 1
[0147.185] GdipReleaseDC (graphics=0x6600030, hdc=0x370107d0) returned 0x0
[0147.185] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0147.185] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0x370107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0147.186] GdipReleaseDC (graphics=0x6600030, hdc=0x370107d0) returned 0x0
[0147.186] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.186] SelectObject (hdc=0x370107d0, h=0x85000f) returned 0xaf050793
[0147.186] DeleteDC (hdc=0x370107d0) returned 1
[0147.186] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0147.186] DeleteObject (ho=0xaf050793) returned 1
[0147.201] EndPaint (hWnd=0x202de, lpPaint=0xd7e258) returned 1
[0147.201] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0147.202] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.202] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.202] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.202] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.203] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.203] IsWindowUnicode (hWnd=0x302d2) returned 1
[0147.203] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.203] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.203] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.203] BeginPaint (in: hWnd=0x302d2, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0147.203] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.204] CreateCompatibleDC (hdc=0xc0107c5) returned 0x6b0105d8
[0147.204] SelectObject (hdc=0x6b0105d8, h=0x4a0507fe) returned 0x85000f
[0147.204] GdipCreateFromHDC (hdc=0x6b0105d8, graphics=0xd7e268) returned 0x0
[0147.204] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0147.204] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0147.204] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0147.204] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.204] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e2c8) returned 0x0
[0147.204] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0147.204] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eead0) returned 0x0
[0147.204] LocalFree (hMem=0x11eead0) returned 0x0
[0147.204] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.204] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0147.204] GdipGetClip (graphics=0x6600030, region=0x66377f8) returned 0x0
[0147.205] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0147.205] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0147.205] GdipRestoreGraphics (graphics=0x6600030, state=0xfd600dbd) returned 0x0
[0147.205] GdipDeleteRegion (region=0x66377f8) returned 0x0
[0147.205] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0147.205] GetCurrentObject (hdc=0x6b0105d8, type=0x1) returned 0xb00017
[0147.205] GetCurrentObject (hdc=0x6b0105d8, type=0x2) returned 0x900010
[0147.205] GetCurrentObject (hdc=0x6b0105d8, type=0x7) returned 0x4a0507fe
[0147.205] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.205] SaveDC (hdc=0x6b0105d8) returned 1
[0147.205] GetNearestColor (hdc=0x6b0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0147.205] GetNearestColor (hdc=0x6b0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0147.205] GetNearestColor (hdc=0x6b0105d8, color=0x696969) returned 0x696969
[0147.205] GetNearestColor (hdc=0x6b0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0147.205] GetNearestColor (hdc=0x6b0105d8, color=0x0) returned 0x0
[0147.205] GetNearestColor (hdc=0x6b0105d8, color=0xffffff) returned 0xffffff
[0147.205] GetNearestColor (hdc=0x6b0105d8, color=0xe5e5e5) returned 0xe5e5e5
[0147.206] GetNearestColor (hdc=0x6b0105d8, color=0xd7d7d7) returned 0xd7d7d7
[0147.206] GetNearestColor (hdc=0x6b0105d8, color=0x0) returned 0x0
[0147.206] RestoreDC (hdc=0x6b0105d8, nSavedDC=-1) returned 1
[0147.206] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0105d8) returned 0x0
[0147.206] IsAppThemed () returned 0x1
[0147.206] GetThemeAppProperties () returned 0x3
[0147.206] GetThemeAppProperties () returned 0x3
[0147.206] GdipGetImageWidth (image=0x6631910, width=0xd7e168) returned 0x0
[0147.206] GdipGetImageHeight (image=0x6631910, height=0xd7e168) returned 0x0
[0147.206] IsAppThemed () returned 0x1
[0147.206] GetThemeAppProperties () returned 0x3
[0147.206] GetThemeAppProperties () returned 0x3
[0147.206] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d787e0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0147.206] IsAppThemed () returned 0x1
[0147.206] GetThemeAppProperties () returned 0x3
[0147.206] GetThemeAppProperties () returned 0x3
[0147.206] IsAppThemed () returned 0x1
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] GetFocus () returned 0x302d2
[0147.207] IsAppThemed () returned 0x1
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] IsAppThemed () returned 0x1
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] IsThemePartDefined () returned 0x1
[0147.207] IsAppThemed () returned 0x1
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] GetThemeAppProperties () returned 0x3
[0147.207] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0147.207] IsAppThemed () returned 0x1
[0147.208] GetThemeAppProperties () returned 0x3
[0147.208] GetThemeAppProperties () returned 0x3
[0147.208] IsAppThemed () returned 0x1
[0147.208] GetThemeAppProperties () returned 0x3
[0147.208] GetThemeAppProperties () returned 0x3
[0147.208] IsThemePartDefined () returned 0x1
[0147.208] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0147.208] GdipGetClip (graphics=0x6600030, region=0x66377f8) returned 0x0
[0147.208] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0147.209] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.209] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0147.209] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.209] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0147.209] LocalFree (hMem=0x11ee788) returned 0x0
[0147.209] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0147.209] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0147.209] LocalFree (hMem=0x11eec58) returned 0x0
[0147.209] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.209] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0147.209] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0147.209] GdipGetRegionHRgn (region=0x66377f8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0147.209] GdipDeleteRegion (region=0x66377f8) returned 0x0
[0147.209] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0147.209] GetCurrentObject (hdc=0x6b0105d8, type=0x1) returned 0xb00017
[0147.209] GetCurrentObject (hdc=0x6b0105d8, type=0x2) returned 0x900010
[0147.210] GetCurrentObject (hdc=0x6b0105d8, type=0x7) returned 0x4a0507fe
[0147.210] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.210] SaveDC (hdc=0x6b0105d8) returned 1
[0147.210] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb80407de
[0147.210] GetClipRgn (hdc=0x6b0105d8, hrgn=0xb80407de) returned 0
[0147.210] SelectClipRgn (hdc=0x6b0105d8, hrgn=0x3e040807) returned 2
[0147.210] DeleteObject (ho=0xb80407de) returned 1
[0147.210] DeleteObject (ho=0x3e040807) returned 1
[0147.210] OffsetViewportOrgEx (in: hdc=0x6b0105d8, x=0, y=0, lppt=0x2d78e90 | out: lppt=0x2d78e90) returned 1
[0147.210] DrawThemeParentBackground () returned 0x0
[0147.210] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0147.210] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0147.210] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.211] GetSystemMetrics (nIndex=42) returned 0
[0147.211] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0147.211] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0147.211] GetCurrentObject (hdc=0x6b0105d8, type=0x1) returned 0xb00017
[0147.211] GetCurrentObject (hdc=0x6b0105d8, type=0x2) returned 0x900010
[0147.211] GetCurrentObject (hdc=0x6b0105d8, type=0x7) returned 0x4a0507fe
[0147.211] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.211] SaveDC (hdc=0x6b0105d8) returned 2
[0147.211] GetNearestColor (hdc=0x6b0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0147.211] CreateSolidBrush (color=0xf0f0f0) returned 0x2e1007e1
[0147.211] FillRect (hDC=0x6b0105d8, lprc=0xd7da38, hbr=0x2e1007e1) returned 1
[0147.211] DeleteObject (ho=0x2e1007e1) returned 1
[0147.211] RestoreDC (hdc=0x6b0105d8, nSavedDC=-1) returned 1
[0147.211] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.211] GetSystemMetrics (nIndex=42) returned 0
[0147.212] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0147.212] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0147.212] GetCurrentObject (hdc=0x6b0105d8, type=0x1) returned 0xb00017
[0147.212] GetCurrentObject (hdc=0x6b0105d8, type=0x2) returned 0x900010
[0147.212] GetCurrentObject (hdc=0x6b0105d8, type=0x7) returned 0x4a0507fe
[0147.212] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.212] SaveDC (hdc=0x6b0105d8) returned 2
[0147.212] GetNearestColor (hdc=0x6b0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0147.212] CreateSolidBrush (color=0xf0f0f0) returned 0x2f1007e1
[0147.212] FillRect (hDC=0x6b0105d8, lprc=0xd7d9d8, hbr=0x2f1007e1) returned 1
[0147.212] DeleteObject (ho=0x2f1007e1) returned 1
[0147.212] RestoreDC (hdc=0x6b0105d8, nSavedDC=-1) returned 1
[0147.212] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.212] GetSystemMetrics (nIndex=42) returned 0
[0147.212] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0147.213] RestoreDC (hdc=0x6b0105d8, nSavedDC=-1) returned 1
[0147.213] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0105d8) returned 0x0
[0147.213] IsAppThemed () returned 0x1
[0147.213] GetThemeAppProperties () returned 0x3
[0147.213] GetThemeAppProperties () returned 0x3
[0147.213] IsAppThemed () returned 0x1
[0147.213] GetThemeAppProperties () returned 0x3
[0147.213] GetThemeAppProperties () returned 0x3
[0147.213] IsThemePartDefined () returned 0x1
[0147.213] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0147.213] GdipGetClip (graphics=0x6600030, region=0x66377f8) returned 0x0
[0147.213] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0147.213] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.213] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7df74) returned 0x0
[0147.213] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eecc8) returned 0x0
[0147.213] LocalFree (hMem=0x11eecc8) returned 0x0
[0147.213] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee910) returned 0x0
[0147.214] LocalFree (hMem=0x11ee910) returned 0x0
[0147.214] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.214] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0147.214] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0147.214] GdipGetRegionHRgn (region=0x66377f8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0147.214] GdipDeleteRegion (region=0x66377f8) returned 0x0
[0147.214] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0147.214] GetCurrentObject (hdc=0x6b0105d8, type=0x1) returned 0xb00017
[0147.214] GetCurrentObject (hdc=0x6b0105d8, type=0x2) returned 0x900010
[0147.214] GetCurrentObject (hdc=0x6b0105d8, type=0x7) returned 0x4a0507fe
[0147.214] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.214] SaveDC (hdc=0x6b0105d8) returned 1
[0147.214] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040807
[0147.214] GetClipRgn (hdc=0x6b0105d8, hrgn=0x3f040807) returned 0
[0147.214] SelectClipRgn (hdc=0x6b0105d8, hrgn=0xba0407de) returned 2
[0147.214] DeleteObject (ho=0x3f040807) returned 1
[0147.214] DeleteObject (ho=0xba0407de) returned 1
[0147.214] OffsetViewportOrgEx (in: hdc=0x6b0105d8, x=0, y=0, lppt=0x2d7973c | out: lppt=0x2d7973c) returned 1
[0147.214] IsAppThemed () returned 0x1
[0147.215] GetThemeAppProperties () returned 0x3
[0147.215] GetThemeAppProperties () returned 0x3
[0147.215] DrawThemeBackground () returned 0x0
[0147.215] RestoreDC (hdc=0x6b0105d8, nSavedDC=-1) returned 1
[0147.215] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0105d8) returned 0x0
[0147.215] GdipCreateRegion (region=0xd7df60) returned 0x0
[0147.215] GdipGetClip (graphics=0x6600030, region=0x66377f8) returned 0x0
[0147.215] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0147.215] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.215] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0147.215] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.215] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0147.215] LocalFree (hMem=0x11ee788) returned 0x0
[0147.215] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.215] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0147.215] LocalFree (hMem=0x11ee788) returned 0x0
[0147.215] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.215] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0147.215] GdipIsInfiniteRegion (region=0x66377f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0147.215] GdipGetRegionHRgn (region=0x66377f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0147.215] GdipDeleteRegion (region=0x66377f8) returned 0x0
[0147.216] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0147.216] GetCurrentObject (hdc=0x6b0105d8, type=0x1) returned 0xb00017
[0147.216] GetCurrentObject (hdc=0x6b0105d8, type=0x2) returned 0x900010
[0147.216] GetCurrentObject (hdc=0x6b0105d8, type=0x7) returned 0x4a0507fe
[0147.216] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.216] SaveDC (hdc=0x6b0105d8) returned 1
[0147.216] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbb0407de
[0147.216] GetClipRgn (hdc=0x6b0105d8, hrgn=0xbb0407de) returned 0
[0147.216] SelectClipRgn (hdc=0x6b0105d8, hrgn=0x40040807) returned 2
[0147.216] DeleteObject (ho=0xbb0407de) returned 1
[0147.216] DeleteObject (ho=0x40040807) returned 1
[0147.216] OffsetViewportOrgEx (in: hdc=0x6b0105d8, x=0, y=0, lppt=0x2d79a10 | out: lppt=0x2d79a10) returned 1
[0147.216] IsAppThemed () returned 0x1
[0147.216] GetThemeAppProperties () returned 0x3
[0147.216] GetThemeAppProperties () returned 0x3
[0147.216] GetThemeBackgroundContentRect () returned 0x0
[0147.216] RestoreDC (hdc=0x6b0105d8, nSavedDC=-1) returned 1
[0147.216] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0105d8) returned 0x0
[0147.501] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0147.501] GdipGetClip (graphics=0x6600030, region=0x66377f8) returned 0x0
[0147.501] GdipCloneRegion (region=0x66377f8, cloneRegion=0xd7e150) returned 0x0
[0147.502] GdipCombineRegionRectI (region=0x6637928, rect=0xd7e138, combineMode=0x1) returned 0x0
[0147.502] GdipCombineRegionRectI (region=0x6637928, rect=0xd7e138, combineMode=0x1) returned 0x0
[0147.505] GdipSetClipRegion (graphics=0x6600030, region=0x6637928, combineMode=0x0) returned 0x0
[0147.505] GdipGetImageWidth (image=0x6631910, width=0xd7e154) returned 0x0
[0147.505] GdipGetImageHeight (image=0x6631910, height=0xd7e148) returned 0x0
[0147.506] GdipDrawImageRectI (graphics=0x6600030, image=0x6631910, x=4, y=4, width=16, height=16) returned 0x0
[0147.506] GdipSetClipRegion (graphics=0x6600030, region=0x66377f8, combineMode=0x0) returned 0x0
[0147.506] IsAppThemed () returned 0x1
[0147.506] GetThemeAppProperties () returned 0x3
[0147.506] GetThemeAppProperties () returned 0x3
[0147.506] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0147.506] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0147.506] GetCurrentObject (hdc=0x6b0105d8, type=0x1) returned 0xb00017
[0147.506] GetCurrentObject (hdc=0x6b0105d8, type=0x2) returned 0x900010
[0147.506] GetCurrentObject (hdc=0x6b0105d8, type=0x7) returned 0x4a0507fe
[0147.506] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.506] SaveDC (hdc=0x6b0105d8) returned 1
[0147.506] GetTextAlign (hdc=0x6b0105d8) returned 0x0
[0147.506] GetTextColor (hdc=0x6b0105d8) returned 0x0
[0147.506] GetCurrentObject (hdc=0x6b0105d8, type=0x6) returned 0x8a01c2
[0147.507] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0147.507] SelectObject (hdc=0x6b0105d8, h=0x6d0a0520) returned 0x8a01c2
[0147.507] GetBkMode (hdc=0x6b0105d8) returned 2
[0147.507] SetBkMode (hdc=0x6b0105d8, mode=1) returned 2
[0147.507] DrawTextExW (in: hdc=0x6b0105d8, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d79dd0 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0147.507] DrawTextExW (in: hdc=0x6b0105d8, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d79dd0 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0147.508] RestoreDC (hdc=0x6b0105d8, nSavedDC=-1) returned 1
[0147.508] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0105d8) returned 0x0
[0147.508] GetFocus () returned 0x302d2
[0147.508] IsAppThemed () returned 0x1
[0147.508] GetThemeAppProperties () returned 0x3
[0147.508] GetThemeAppProperties () returned 0x3
[0147.508] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0147.508] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x6b0105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0147.508] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0105d8) returned 0x0
[0147.508] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.508] SelectObject (hdc=0x6b0105d8, h=0x85000f) returned 0x4a0507fe
[0147.508] DeleteDC (hdc=0x6b0105d8) returned 1
[0147.508] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0147.508] EndPaint (hWnd=0x302d2, lpPaint=0xd7e24c) returned 1
[0147.509] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0147.509] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.509] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.509] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.509] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.510] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.510] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.510] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.510] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.510] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.511] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.511] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.511] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.511] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.511] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.512] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.512] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.512] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.512] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.512] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.512] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.512] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.512] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.512] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.512] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.513] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.514] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.514] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.514] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.514] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.514] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.514] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.515] IsWindowUnicode (hWnd=0x500ea) returned 1
[0147.515] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.515] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.515] GetDlgItem (hDlg=0x202dc, nIDDlgItem=0) returned 0x0
[0147.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x210, wParam=0x201, lParam=0x6b0121) returned 0x0
[0147.515] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x21, wParam=0x202dc, lParam=0x2010001) returned 0x1
[0147.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x21, wParam=0x202dc, lParam=0x2010001) returned 0x1
[0147.515] SetCursor (hCursor=0x10003) returned 0x10003
[0147.515] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.515] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.515] GetKeyState (nVirtKey=1) returned -127
[0147.516] GetKeyState (nVirtKey=2) returned 0
[0147.516] GetKeyState (nVirtKey=4) returned 0
[0147.516] GetKeyState (nVirtKey=5) returned 0
[0147.516] GetKeyState (nVirtKey=6) returned 0
[0147.516] IsWindowVisible (hWnd=0x500ea) returned 1
[0147.516] IsWindowEnabled (hWnd=0x500ea) returned 1
[0147.516] SetFocus (hWnd=0x500ea) returned 0x302d2
[0147.516] GetFocus () returned 0x500ea
[0147.516] IsChild (hWndParent=0x202dc, hWnd=0x500ea) returned 1
[0147.516] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x8, wParam=0x500ea, lParam=0x0) returned 0x0
[0147.516] GetCapture () returned 0x0
[0147.516] InvalidateRect (hWnd=0x302d2, lpRect=0x0, bErase=0) returned 1
[0147.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0147.518] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0147.520] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0147.520] InvalidateRect (hWnd=0x302d2, lpRect=0x0, bErase=0) returned 1
[0147.520] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.520] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x7, wParam=0x302d2, lParam=0x0) returned 0x0
[0147.520] GetStockObject (i=5) returned 0x900015
[0147.520] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0147.520] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0147.520] GetDlgItem (hDlg=0x202dc, nIDDlgItem=327914) returned 0x500ea
[0147.520] SendMessageW (hWnd=0x500ea, Msg=0x202b, wParam=0x500ea, lParam=0xd7dddc) returned 0x0
[0147.521] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x202b, wParam=0x500ea, lParam=0xd7dddc) returned 0x0
[0147.521] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.522] GetFocus () returned 0x500ea
[0147.522] GetFocus () returned 0x500ea
[0147.522] GetFocus () returned 0x500ea
[0147.522] GetKeyState (nVirtKey=1) returned -127
[0147.522] GetKeyState (nVirtKey=2) returned 0
[0147.522] GetKeyState (nVirtKey=4) returned 0
[0147.522] GetKeyState (nVirtKey=5) returned 0
[0147.522] GetKeyState (nVirtKey=6) returned 0
[0147.522] GetCapture () returned 0x0
[0147.522] SetCapture (hWnd=0x500ea) returned 0x0
[0147.522] GetKeyState (nVirtKey=1) returned -127
[0147.522] GetKeyState (nVirtKey=2) returned 0
[0147.522] GetKeyState (nVirtKey=4) returned 0
[0147.522] GetKeyState (nVirtKey=5) returned 0
[0147.522] GetKeyState (nVirtKey=6) returned 0
[0147.522] NotifyWinEvent (event=0x800a, hwnd=0x500ea, idObject=-4, idChild=0)
[0147.523] InvalidateRect (hWnd=0x500ea, lpRect=0xd7e430, bErase=0) returned 1
[0147.523] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.523] IsWindowUnicode (hWnd=0x500ea) returned 1
[0147.523] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.523] TranslateMessage (lpMsg=0xd7e808) returned 0
[0147.523] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0147.523] MapWindowPoints (in: hWndFrom=0x500ea, hWndTo=0x0, lpPoints=0x2d79fc0, cPoints=0x1 | out: lpPoints=0x2d79fc0) returned 30999254
[0147.524] NotifyWinEvent (event=0x800a, hwnd=0x500ea, idObject=-4, idChild=0)
[0147.524] InvalidateRect (hWnd=0x500ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0147.524] UpdateWindow (hWnd=0x500ea) returned 1
[0147.524] BeginPaint (in: hWnd=0x500ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0147.524] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.524] CreateCompatibleDC (hdc=0xf0105ee) returned 0x6d0105d8
[0147.524] SelectObject (hdc=0x6d0105d8, h=0x4a0507fe) returned 0x85000f
[0147.524] GdipCreateFromHDC (hdc=0x6d0105d8, graphics=0xd7df00) returned 0x0
[0147.524] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0147.525] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0147.525] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0147.525] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.525] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7df60) returned 0x0
[0147.525] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0147.525] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eec58) returned 0x0
[0147.525] LocalFree (hMem=0x11eec58) returned 0x0
[0147.525] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.525] GdipCreateRegion (region=0xd7df48) returned 0x0
[0147.525] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.525] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7df54) returned 0x0
[0147.525] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0147.525] GdipRestoreGraphics (graphics=0x6600030, state=0xfd5e0dbd) returned 0x0
[0147.525] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.525] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0147.525] GetCurrentObject (hdc=0x6d0105d8, type=0x1) returned 0xb00017
[0147.525] GetCurrentObject (hdc=0x6d0105d8, type=0x2) returned 0x900010
[0147.526] GetCurrentObject (hdc=0x6d0105d8, type=0x7) returned 0x4a0507fe
[0147.526] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.526] SaveDC (hdc=0x6d0105d8) returned 1
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0x696969) returned 0x696969
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0x0) returned 0x0
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0xffffff) returned 0xffffff
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0xe5e5e5) returned 0xe5e5e5
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0xd7d7d7) returned 0xd7d7d7
[0147.526] GetNearestColor (hdc=0x6d0105d8, color=0x0) returned 0x0
[0147.526] RestoreDC (hdc=0x6d0105d8, nSavedDC=-1) returned 1
[0147.526] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0105d8) returned 0x0
[0147.526] IsAppThemed () returned 0x1
[0147.527] GetThemeAppProperties () returned 0x3
[0147.527] GetThemeAppProperties () returned 0x3
[0147.527] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7ddcc, fWinIni=0x0 | out: pvParam=0xd7ddcc) returned 1
[0147.527] SendMessageW (hWnd=0x202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0147.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0147.527] IsAppThemed () returned 0x1
[0147.527] GetThemeAppProperties () returned 0x3
[0147.527] GetThemeAppProperties () returned 0x3
[0147.527] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d7a724 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0147.527] IsAppThemed () returned 0x1
[0147.527] GetThemeAppProperties () returned 0x3
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] IsAppThemed () returned 0x1
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] IsAppThemed () returned 0x1
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] IsAppThemed () returned 0x1
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] IsThemePartDefined () returned 0x1
[0147.530] IsAppThemed () returned 0x1
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0147.530] IsAppThemed () returned 0x1
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] GetThemeAppProperties () returned 0x3
[0147.530] IsAppThemed () returned 0x1
[0147.531] GetThemeAppProperties () returned 0x3
[0147.531] GetThemeAppProperties () returned 0x3
[0147.531] IsThemePartDefined () returned 0x1
[0147.531] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0147.531] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.531] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0147.531] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.531] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc7c) returned 0x0
[0147.531] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0147.531] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0147.531] LocalFree (hMem=0x11ee9f0) returned 0x0
[0147.531] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0147.531] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0147.531] LocalFree (hMem=0x11ee9f0) returned 0x0
[0147.531] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.531] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0147.531] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0147.531] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0147.531] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.531] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0147.531] GetCurrentObject (hdc=0x6d0105d8, type=0x1) returned 0xb00017
[0147.532] GetCurrentObject (hdc=0x6d0105d8, type=0x2) returned 0x900010
[0147.532] GetCurrentObject (hdc=0x6d0105d8, type=0x7) returned 0x4a0507fe
[0147.532] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.532] SaveDC (hdc=0x6d0105d8) returned 1
[0147.532] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x41040807
[0147.532] GetClipRgn (hdc=0x6d0105d8, hrgn=0x41040807) returned 0
[0147.532] SelectClipRgn (hdc=0x6d0105d8, hrgn=0xbf0407de) returned 2
[0147.533] DeleteObject (ho=0x41040807) returned 1
[0147.533] DeleteObject (ho=0xbf0407de) returned 1
[0147.533] OffsetViewportOrgEx (in: hdc=0x6d0105d8, x=0, y=0, lppt=0x2d7add4 | out: lppt=0x2d7add4) returned 1
[0147.533] DrawThemeParentBackground () returned 0x0
[0147.533] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0147.533] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0147.533] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.534] GetSystemMetrics (nIndex=42) returned 0
[0147.534] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0147.534] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0147.534] GetCurrentObject (hdc=0x6d0105d8, type=0x1) returned 0xb00017
[0147.534] GetCurrentObject (hdc=0x6d0105d8, type=0x2) returned 0x900010
[0147.534] GetCurrentObject (hdc=0x6d0105d8, type=0x7) returned 0x4a0507fe
[0147.534] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.534] SaveDC (hdc=0x6d0105d8) returned 2
[0147.534] GetNearestColor (hdc=0x6d0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0147.534] CreateSolidBrush (color=0xf0f0f0) returned 0x301007e1
[0147.534] FillRect (hDC=0x6d0105d8, lprc=0xd7d6c8, hbr=0x301007e1) returned 1
[0147.534] DeleteObject (ho=0x301007e1) returned 1
[0147.535] RestoreDC (hdc=0x6d0105d8, nSavedDC=-1) returned 1
[0147.535] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.535] GetSystemMetrics (nIndex=42) returned 0
[0147.535] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0147.535] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0147.535] GetCurrentObject (hdc=0x6d0105d8, type=0x1) returned 0xb00017
[0147.535] GetCurrentObject (hdc=0x6d0105d8, type=0x2) returned 0x900010
[0147.535] GetCurrentObject (hdc=0x6d0105d8, type=0x7) returned 0x4a0507fe
[0147.535] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.535] SaveDC (hdc=0x6d0105d8) returned 2
[0147.535] GetNearestColor (hdc=0x6d0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0147.535] CreateSolidBrush (color=0xf0f0f0) returned 0x311007e1
[0147.536] FillRect (hDC=0x6d0105d8, lprc=0xd7d668, hbr=0x311007e1) returned 1
[0147.536] DeleteObject (ho=0x311007e1) returned 1
[0147.536] RestoreDC (hdc=0x6d0105d8, nSavedDC=-1) returned 1
[0147.536] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.536] GetSystemMetrics (nIndex=42) returned 0
[0147.536] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0147.536] RestoreDC (hdc=0x6d0105d8, nSavedDC=-1) returned 1
[0147.536] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0105d8) returned 0x0
[0147.536] IsAppThemed () returned 0x1
[0147.537] GetThemeAppProperties () returned 0x3
[0147.537] GetThemeAppProperties () returned 0x3
[0147.537] IsAppThemed () returned 0x1
[0147.537] GetThemeAppProperties () returned 0x3
[0147.537] GetThemeAppProperties () returned 0x3
[0147.537] IsThemePartDefined () returned 0x1
[0147.537] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0147.537] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.537] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0147.537] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.537] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7dc00) returned 0x0
[0147.537] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.537] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee788) returned 0x0
[0147.537] LocalFree (hMem=0x11ee788) returned 0x0
[0147.537] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.537] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee788) returned 0x0
[0147.537] LocalFree (hMem=0x11ee788) returned 0x0
[0147.537] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.537] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0147.537] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0147.537] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0147.538] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.538] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0147.538] GetCurrentObject (hdc=0x6d0105d8, type=0x1) returned 0xb00017
[0147.538] GetCurrentObject (hdc=0x6d0105d8, type=0x2) returned 0x900010
[0147.538] GetCurrentObject (hdc=0x6d0105d8, type=0x7) returned 0x4a0507fe
[0147.538] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.538] SaveDC (hdc=0x6d0105d8) returned 1
[0147.538] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc00407de
[0147.538] GetClipRgn (hdc=0x6d0105d8, hrgn=0xc00407de) returned 0
[0147.538] SelectClipRgn (hdc=0x6d0105d8, hrgn=0x43040807) returned 2
[0147.538] DeleteObject (ho=0xc00407de) returned 1
[0147.538] DeleteObject (ho=0x43040807) returned 1
[0147.538] OffsetViewportOrgEx (in: hdc=0x6d0105d8, x=0, y=0, lppt=0x2d7b680 | out: lppt=0x2d7b680) returned 1
[0147.538] IsAppThemed () returned 0x1
[0147.538] GetThemeAppProperties () returned 0x3
[0147.538] GetThemeAppProperties () returned 0x3
[0147.538] DrawThemeBackground () returned 0x0
[0147.539] RestoreDC (hdc=0x6d0105d8, nSavedDC=-1) returned 1
[0147.539] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0105d8) returned 0x0
[0147.539] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0147.539] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.539] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0147.539] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.539] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc04) returned 0x0
[0147.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0147.539] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0147.539] LocalFree (hMem=0x11ee9f0) returned 0x0
[0147.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.539] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0147.539] LocalFree (hMem=0x11ee788) returned 0x0
[0147.539] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.539] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0147.539] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0147.539] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0147.539] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.539] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0147.539] GetCurrentObject (hdc=0x6d0105d8, type=0x1) returned 0xb00017
[0147.540] GetCurrentObject (hdc=0x6d0105d8, type=0x2) returned 0x900010
[0147.540] GetCurrentObject (hdc=0x6d0105d8, type=0x7) returned 0x4a0507fe
[0147.540] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.540] SaveDC (hdc=0x6d0105d8) returned 1
[0147.540] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x44040807
[0147.540] GetClipRgn (hdc=0x6d0105d8, hrgn=0x44040807) returned 0
[0147.540] SelectClipRgn (hdc=0x6d0105d8, hrgn=0xc10407de) returned 2
[0147.540] DeleteObject (ho=0x44040807) returned 1
[0147.540] DeleteObject (ho=0xc10407de) returned 1
[0147.540] OffsetViewportOrgEx (in: hdc=0x6d0105d8, x=0, y=0, lppt=0x2d7b954 | out: lppt=0x2d7b954) returned 1
[0147.540] IsAppThemed () returned 0x1
[0147.540] GetThemeAppProperties () returned 0x3
[0147.540] GetThemeAppProperties () returned 0x3
[0147.540] GetThemeBackgroundContentRect () returned 0x0
[0147.540] RestoreDC (hdc=0x6d0105d8, nSavedDC=-1) returned 1
[0147.540] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0105d8) returned 0x0
[0147.540] IsAppThemed () returned 0x1
[0147.540] GetThemeAppProperties () returned 0x3
[0147.540] GetThemeAppProperties () returned 0x3
[0147.540] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0147.541] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0147.541] GetCurrentObject (hdc=0x6d0105d8, type=0x1) returned 0xb00017
[0147.541] GetCurrentObject (hdc=0x6d0105d8, type=0x2) returned 0x900010
[0147.541] GetCurrentObject (hdc=0x6d0105d8, type=0x7) returned 0x4a0507fe
[0147.541] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.571] SaveDC (hdc=0x6d0105d8) returned 1
[0147.571] GetTextAlign (hdc=0x6d0105d8) returned 0x0
[0147.571] GetTextColor (hdc=0x6d0105d8) returned 0x0
[0147.571] GetCurrentObject (hdc=0x6d0105d8, type=0x6) returned 0x8a01c2
[0147.571] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0147.571] SelectObject (hdc=0x6d0105d8, h=0x6d0a0520) returned 0x8a01c2
[0147.571] GetBkMode (hdc=0x6d0105d8) returned 2
[0147.571] SetBkMode (hdc=0x6d0105d8, mode=1) returned 2
[0147.571] DrawTextExW (in: hdc=0x6d0105d8, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d7bcf4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0147.572] DrawTextExW (in: hdc=0x6d0105d8, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d7bcf4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0147.572] RestoreDC (hdc=0x6d0105d8, nSavedDC=-1) returned 1
[0147.572] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0105d8) returned 0x0
[0147.572] GetFocus () returned 0x500ea
[0147.572] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0147.572] SendMessageW (hWnd=0x202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0147.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0147.572] IsAppThemed () returned 0x1
[0147.572] GetThemeAppProperties () returned 0x3
[0147.573] GetThemeAppProperties () returned 0x3
[0147.573] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0147.573] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x6d0105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0147.573] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0105d8) returned 0x0
[0147.573] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.573] SelectObject (hdc=0x6d0105d8, h=0x85000f) returned 0x4a0507fe
[0147.573] DeleteDC (hdc=0x6d0105d8) returned 1
[0147.573] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0147.573] EndPaint (hWnd=0x500ea, lpPaint=0xd7dee4) returned 1
[0147.573] MapWindowPoints (in: hWndFrom=0x500ea, hWndTo=0x0, lpPoints=0x2d7bdf0, cPoints=0x1 | out: lpPoints=0x2d7bdf0) returned 30999254
[0147.574] WindowFromPoint (Point=0x316) returned 0x500ea
[0147.574] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.575] NotifyWinEvent (event=0x800a, hwnd=0x500ea, idObject=-4, idChild=0)
[0147.575] NotifyWinEvent (event=0x800c, hwnd=0x500ea, idObject=-4, idChild=0)
[0147.575] GetCapture () returned 0x500ea
[0147.575] ReleaseCapture () returned 1
[0147.575] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0147.575] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0147.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0147.576] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.577] IsWindow (hWnd=0x7005c) returned 1
[0147.577] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0147.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0147.577] IsWindow (hWnd=0x202dc) returned 1
[0147.577] SetActiveWindow (hWnd=0x202dc) returned 0x202dc
[0147.577] IsWindow (hWnd=0x202dc) returned 1
[0147.577] SetFocus (hWnd=0x202dc) returned 0x500ea
[0147.578] GetFocus () returned 0x202dc
[0147.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x8, wParam=0x202dc, lParam=0x0) returned 0x0
[0147.578] GetCapture () returned 0x0
[0147.578] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0147.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0147.585] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0147.585] GetFocus () returned 0x202dc
[0147.585] SetFocus (hWnd=0x500ea) returned 0x202dc
[0147.585] GetFocus () returned 0x500ea
[0147.585] IsChild (hWndParent=0x202dc, hWnd=0x500ea) returned 1
[0147.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x8, wParam=0x500ea, lParam=0x0) returned 0x0
[0147.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0147.588] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0147.595] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0147.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x7, wParam=0x202dc, lParam=0x0) returned 0x0
[0147.595] GetStockObject (i=5) returned 0x900015
[0147.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0147.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0147.595] GetDlgItem (hDlg=0x202dc, nIDDlgItem=327914) returned 0x500ea
[0147.595] SendMessageW (hWnd=0x500ea, Msg=0x202b, wParam=0x500ea, lParam=0xd7ddcc) returned 0x0
[0147.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x202b, wParam=0x500ea, lParam=0xd7ddcc) returned 0x0
[0147.596] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.599] GetWindowLongW (hWnd=0x202dc, nIndex=-8) returned 458844
[0147.599] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0147.599] GetCurrentThreadId () returned 0xf50
[0147.599] IsWindow (hWnd=0x7005c) returned 1
[0147.599] IsWindow (hWnd=0x7005c) returned 1
[0147.599] IsWindowVisible (hWnd=0x7005c) returned 1
[0147.599] SetActiveWindow (hWnd=0x7005c) returned 0x202dc
[0147.599] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0147.601] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0147.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0147.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0147.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0147.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0147.605] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0147.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0147.606] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0147.606] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0147.607] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0147.607] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0147.607] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0147.608] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x202dc) returned 0x1
[0147.612] GetFocus () returned 0x500ea
[0147.612] SetFocus (hWnd=0x602c4) returned 0x500ea
[0147.613] GetFocus () returned 0x602c4
[0147.613] IsChild (hWndParent=0x202dc, hWnd=0x602c4) returned 0
[0147.613] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0147.613] GetCapture () returned 0x0
[0147.613] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.614] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0147.619] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0147.629] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0147.629] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0147.629] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0147.629] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0147.630] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0147.630] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x500ea, lParam=0x0) returned 0xc
[0147.630] GetStockObject (i=5) returned 0x900015
[0147.630] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0147.630] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed788) returned 0xc
[0147.630] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0147.630] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0147.630] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0147.631] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0147.638] GetFocus () returned 0x602c4
[0147.638] IsChild (hWndParent=0x202dc, hWnd=0x602c4) returned 0
[0147.638] ShowWindow (hWnd=0x202dc, nCmdShow=0) returned 1
[0147.638] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0147.638] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0147.641] GetWindowPlacement (in: hWnd=0x202dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0147.641] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0147.641] GetClientRect (in: hWnd=0x202dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0147.641] GetWindowRect (in: hWnd=0x202dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0147.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0147.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0147.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0147.643] GetWindowLongW (hWnd=0x202dc, nIndex=-20) returned 327945
[0147.643] DestroyWindow (hWnd=0x202dc) returned 1
[0147.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0147.645] GetWindowTextLengthW (hWnd=0x202dc) returned 13
[0147.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.645] GetSystemMetrics (nIndex=42) returned 0
[0147.645] GetWindowTextW (in: hWnd=0x202dc, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0147.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0147.646] GetWindowTextLengthW (hWnd=0x202da) returned 0
[0147.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0147.646] GetSystemMetrics (nIndex=42) returned 0
[0147.646] GetWindowTextW (in: hWnd=0x202da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0147.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0147.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0147.646] GetWindowThreadProcessId (in: hWnd=0x402d8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0147.646] GetWindow (hWnd=0x402d8, uCmd=0x5) returned 0x0
[0147.646] GetWindowLongW (hWnd=0x402d8, nIndex=-20) returned 65792
[0147.646] DestroyWindow (hWnd=0x402d8) returned 1
[0147.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0147.648] GetWindowTextLengthW (hWnd=0x402d8) returned 25
[0147.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0147.648] GetSystemMetrics (nIndex=42) returned 0
[0147.648] GetWindowTextW (in: hWnd=0x402d8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0147.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0147.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0147.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.650] GetWindowTextLengthW (hWnd=0x202de) returned 232
[0147.650] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0147.650] GetSystemMetrics (nIndex=42) returned 0
[0147.650] GetWindowTextW (in: hWnd=0x202de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0147.650] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0147.650] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0147.650] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0147.650] InvalidateRect (hWnd=0x500ea, lpRect=0x0, bErase=0) returned 1
[0147.651] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0147.651] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0147.651] SendMessageW (hWnd=0x4013e, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0147.651] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0147.651] SendMessageW (hWnd=0x4013e, Msg=0xb0, wParam=0x2d525f8, lParam=0xd7e480) returned 0x0
[0147.756] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0xb0, wParam=0x2d525f8, lParam=0xd7e480) returned 0x0
[0147.756] GetWindowTextLengthW (hWnd=0x4013e) returned 4363
[0147.757] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0147.757] GetSystemMetrics (nIndex=42) returned 0
[0147.757] CoTaskMemAlloc (cb=0x221c) returned 0x1201000
[0147.758] GetWindowTextW (in: hWnd=0x4013e, lpString=0x1201000, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0147.758] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0xd, wParam=0x110c, lParam=0x1201000) returned 0x110b
[0147.758] CoTaskMemFree (pv=0x1201000)
[0147.758] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0147.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.763] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x202de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x500ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902ca, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.769] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x202dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0147.774] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.774] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.774] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.775] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.775] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.779] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.779] IsWindowUnicode (hWnd=0x7005c) returned 1
[0147.779] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.780] SetCursor (hCursor=0x10003) returned 0x10003
[0147.780] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.780] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.780] _TrackMouseEvent (in: lpEventTrack=0x2d39ae4 | out: lpEventTrack=0x2d39ae4) returned 1
[0147.780] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0147.780] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0147.780] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1110258) returned 0x0
[0147.780] GetKeyState (nVirtKey=1) returned 1
[0147.780] GetKeyState (nVirtKey=2) returned 0
[0147.780] GetKeyState (nVirtKey=4) returned 0
[0147.780] GetKeyState (nVirtKey=5) returned 0
[0147.780] GetKeyState (nVirtKey=6) returned 0
[0147.780] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.782] IsWindowUnicode (hWnd=0x7005c) returned 1
[0147.782] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.782] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.782] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.782] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.783] IsWindowUnicode (hWnd=0x7005c) returned 1
[0147.783] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0147.783] SetCursor (hCursor=0x10003) returned 0x10003
[0147.783] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.783] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1110258) returned 0x0
[0147.783] GetKeyState (nVirtKey=1) returned 1
[0147.783] GetKeyState (nVirtKey=2) returned 0
[0147.783] GetKeyState (nVirtKey=4) returned 0
[0147.783] GetKeyState (nVirtKey=5) returned 0
[0147.783] GetKeyState (nVirtKey=6) returned 0
[0147.783] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.784] IsWindowUnicode (hWnd=0x602c4) returned 1
[0147.784] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.784] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.784] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.784] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.785] IsWindowUnicode (hWnd=0x602c4) returned 1
[0147.785] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.785] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.785] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.785] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0147.785] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.785] CreateCompatibleDC (hdc=0x10105d6) returned 0xd2010793
[0147.785] SelectObject (hdc=0xd2010793, h=0x4a0507fe) returned 0x85000f
[0147.787] GdipCreateFromHDC (hdc=0xd2010793, graphics=0xd7e798) returned 0x0
[0147.789] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0147.789] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0147.789] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0147.789] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.789] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e7f8) returned 0x0
[0147.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0147.789] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0147.789] LocalFree (hMem=0x11ee9f0) returned 0x0
[0147.789] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.789] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0147.789] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.789] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0147.789] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0147.789] GdipRestoreGraphics (graphics=0x6600030, state=0xfd5c0dbd) returned 0x0
[0147.789] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.789] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0147.789] GetCurrentObject (hdc=0xd2010793, type=0x1) returned 0xb00017
[0147.789] GetCurrentObject (hdc=0xd2010793, type=0x2) returned 0x900010
[0147.790] GetCurrentObject (hdc=0xd2010793, type=0x7) returned 0x4a0507fe
[0147.790] GetCurrentObject (hdc=0xd2010793, type=0x6) returned 0x8a01c2
[0147.790] SaveDC (hdc=0xd2010793) returned 1
[0147.790] GetNearestColor (hdc=0xd2010793, color=0xff) returned 0xff
[0147.790] GetNearestColor (hdc=0xd2010793, color=0x55) returned 0x55
[0147.790] GetNearestColor (hdc=0xd2010793, color=0x0) returned 0x0
[0147.790] GetNearestColor (hdc=0xd2010793, color=0x55) returned 0x55
[0147.790] GetNearestColor (hdc=0xd2010793, color=0x0) returned 0x0
[0147.790] GetNearestColor (hdc=0xd2010793, color=0x8080ff) returned 0x8080ff
[0147.790] GetNearestColor (hdc=0xd2010793, color=0x7373e5) returned 0x7373e5
[0147.794] GetNearestColor (hdc=0xd2010793, color=0xe5) returned 0xe5
[0147.794] GetNearestColor (hdc=0xd2010793, color=0x0) returned 0x0
[0147.794] RestoreDC (hdc=0xd2010793, nSavedDC=-1) returned 1
[0147.795] GdipReleaseDC (graphics=0x6600030, hdc=0xd2010793) returned 0x0
[0147.795] IsAppThemed () returned 0x1
[0147.795] GetThemeAppProperties () returned 0x3
[0147.795] GetThemeAppProperties () returned 0x3
[0147.795] IsAppThemed () returned 0x1
[0147.795] GetThemeAppProperties () returned 0x3
[0147.795] GetThemeAppProperties () returned 0x3
[0147.795] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d83b5c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0147.795] IsAppThemed () returned 0x1
[0147.795] GetThemeAppProperties () returned 0x3
[0147.795] GetThemeAppProperties () returned 0x3
[0147.795] IsAppThemed () returned 0x1
[0147.795] GetThemeAppProperties () returned 0x3
[0147.795] GetThemeAppProperties () returned 0x3
[0147.796] GetFocus () returned 0x602c4
[0147.796] IsAppThemed () returned 0x1
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] IsAppThemed () returned 0x1
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] IsThemePartDefined () returned 0x1
[0147.796] IsAppThemed () returned 0x1
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0147.796] IsAppThemed () returned 0x1
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] IsAppThemed () returned 0x1
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] GetThemeAppProperties () returned 0x3
[0147.796] IsThemePartDefined () returned 0x1
[0147.796] GdipCreateRegion (region=0xd7e508) returned 0x0
[0147.796] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.796] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0147.797] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.797] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e520) returned 0x0
[0147.797] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0147.797] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0147.797] LocalFree (hMem=0x11eec58) returned 0x0
[0147.797] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0147.797] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0147.797] LocalFree (hMem=0x11ee9f0) returned 0x0
[0147.797] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.797] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e548) returned 0x0
[0147.797] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e538) returned 0x0
[0147.797] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0147.797] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.797] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0147.797] GetCurrentObject (hdc=0xd2010793, type=0x1) returned 0xb00017
[0147.797] GetCurrentObject (hdc=0xd2010793, type=0x2) returned 0x900010
[0147.798] GetCurrentObject (hdc=0xd2010793, type=0x7) returned 0x4a0507fe
[0147.798] GetCurrentObject (hdc=0xd2010793, type=0x6) returned 0x8a01c2
[0147.798] SaveDC (hdc=0xd2010793) returned 1
[0147.799] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc20407de
[0147.799] GetClipRgn (hdc=0xd2010793, hrgn=0xc20407de) returned 0
[0147.799] SelectClipRgn (hdc=0xd2010793, hrgn=0x48040807) returned 2
[0147.799] DeleteObject (ho=0xc20407de) returned 1
[0147.799] DeleteObject (ho=0x48040807) returned 1
[0147.799] OffsetViewportOrgEx (in: hdc=0xd2010793, x=0, y=0, lppt=0x2d8420c | out: lppt=0x2d8420c) returned 1
[0147.799] DrawThemeParentBackground () returned 0x0
[0147.799] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0147.799] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0147.799] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0147.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.799] GetSystemMetrics (nIndex=42) returned 0
[0147.799] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0147.800] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0147.800] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0147.800] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0147.800] SelectPalette (hdc=0xd2010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.801] GdipCreateFromHDC (hdc=0xd2010793, graphics=0xd7dff8) returned 0x0
[0147.801] GdipSetPageUnit (graphics=0x6641cf8, unit=0x2) returned 0x0
[0147.801] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0147.801] GdipGetWorldTransform (graphics=0x6641cf8, matrix=0x6639120) returned 0x0
[0147.801] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7dfd0) returned 0x0
[0147.801] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.801] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0147.801] GdipGetClip (graphics=0x6641cf8, region=0x663dff0) returned 0x0
[0147.801] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6641cf8, result=0xd7dfc4) returned 0x0
[0147.801] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.801] GdipSaveGraphics (graphics=0x6641cf8, state=0xd7dff0) returned 0x0
[0147.801] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0147.814] GdipFillRectangleI (graphics=0x6641cf8, brush=0x663dff0, x=0, y=0, width=801, height=453) returned 0x0
[0147.814] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0147.815] GdipDeleteGraphics (graphics=0x6641cf8) returned 0x0
[0147.815] SelectPalette (hdc=0xd2010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.815] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0147.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.815] GetSystemMetrics (nIndex=42) returned 0
[0147.815] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0147.815] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0147.815] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0147.816] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0147.816] SelectPalette (hdc=0xd2010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0147.816] GdipCreateFromHDC (hdc=0xd2010793, graphics=0xd7df98) returned 0x0
[0147.816] GdipSetPageUnit (graphics=0x6641cf8, unit=0x2) returned 0x0
[0147.816] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0147.816] GdipGetWorldTransform (graphics=0x6641cf8, matrix=0x66046e0) returned 0x0
[0147.816] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df70) returned 0x0
[0147.816] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.816] GdipCreateRegion (region=0xd7df58) returned 0x0
[0147.816] GdipGetClip (graphics=0x6641cf8, region=0x663dff0) returned 0x0
[0147.816] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6641cf8, result=0xd7df64) returned 0x0
[0147.816] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.816] GdipSaveGraphics (graphics=0x6641cf8, state=0xd7df90) returned 0x0
[0147.816] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0147.832] GdipFillRectangleI (graphics=0x6641cf8, brush=0x663dff0, x=0, y=0, width=801, height=453) returned 0x0
[0147.832] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0147.834] GdipRestoreGraphics (graphics=0x6641cf8, state=0xfd580dbd) returned 0x0
[0147.834] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0147.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0147.834] GetSystemMetrics (nIndex=42) returned 0
[0147.834] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0147.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0147.834] GdipDeleteGraphics (graphics=0x6641cf8) returned 0x0
[0147.834] SelectPalette (hdc=0xd2010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.835] RestoreDC (hdc=0xd2010793, nSavedDC=-1) returned 1
[0147.835] GdipReleaseDC (graphics=0x6600030, hdc=0xd2010793) returned 0x0
[0147.835] IsAppThemed () returned 0x1
[0147.835] GetThemeAppProperties () returned 0x3
[0147.835] GetThemeAppProperties () returned 0x3
[0147.835] IsAppThemed () returned 0x1
[0147.835] GetThemeAppProperties () returned 0x3
[0147.835] GetThemeAppProperties () returned 0x3
[0147.835] IsThemePartDefined () returned 0x1
[0147.835] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0147.835] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.835] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0147.835] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0147.835] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e4a4) returned 0x0
[0147.835] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0147.835] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eec58) returned 0x0
[0147.835] LocalFree (hMem=0x11eec58) returned 0x0
[0147.835] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0147.835] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee868) returned 0x0
[0147.835] LocalFree (hMem=0x11ee868) returned 0x0
[0147.836] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0147.836] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0147.836] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0147.836] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0147.836] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.836] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0147.836] GetCurrentObject (hdc=0xd2010793, type=0x1) returned 0xb00017
[0147.836] GetCurrentObject (hdc=0xd2010793, type=0x2) returned 0x900010
[0147.836] GetCurrentObject (hdc=0xd2010793, type=0x7) returned 0x4a0507fe
[0147.836] GetCurrentObject (hdc=0xd2010793, type=0x6) returned 0x8a01c2
[0147.836] SaveDC (hdc=0xd2010793) returned 1
[0147.836] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x49040807
[0147.836] GetClipRgn (hdc=0xd2010793, hrgn=0x49040807) returned 0
[0147.836] SelectClipRgn (hdc=0xd2010793, hrgn=0xc40407de) returned 2
[0147.836] DeleteObject (ho=0x49040807) returned 1
[0147.836] DeleteObject (ho=0xc40407de) returned 1
[0147.836] OffsetViewportOrgEx (in: hdc=0xd2010793, x=0, y=0, lppt=0x2d8aa5c | out: lppt=0x2d8aa5c) returned 1
[0147.836] IsAppThemed () returned 0x1
[0147.837] GetThemeAppProperties () returned 0x3
[0147.837] GetThemeAppProperties () returned 0x3
[0147.837] DrawThemeBackground () returned 0x0
[0147.837] RestoreDC (hdc=0xd2010793, nSavedDC=-1) returned 1
[0147.837] GdipReleaseDC (graphics=0x6600030, hdc=0xd2010793) returned 0x0
[0147.837] GdipCreateRegion (region=0xd7e490) returned 0x0
[0147.837] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0147.837] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0147.837] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0147.837] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e4a8) returned 0x0
[0147.837] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0147.837] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0147.837] LocalFree (hMem=0x11ee788) returned 0x0
[0147.838] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0147.838] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0147.838] LocalFree (hMem=0x11ee9f0) returned 0x0
[0147.838] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0147.839] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0147.839] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0147.839] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0147.839] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0147.839] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0147.839] GetCurrentObject (hdc=0xd2010793, type=0x1) returned 0xb00017
[0147.839] GetCurrentObject (hdc=0xd2010793, type=0x2) returned 0x900010
[0147.839] GetCurrentObject (hdc=0xd2010793, type=0x7) returned 0x4a0507fe
[0147.839] GetCurrentObject (hdc=0xd2010793, type=0x6) returned 0x8a01c2
[0147.839] SaveDC (hdc=0xd2010793) returned 1
[0147.839] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc50407de
[0147.839] GetClipRgn (hdc=0xd2010793, hrgn=0xc50407de) returned 0
[0147.839] SelectClipRgn (hdc=0xd2010793, hrgn=0x4a040807) returned 2
[0147.839] DeleteObject (ho=0xc50407de) returned 1
[0147.839] DeleteObject (ho=0x4a040807) returned 1
[0147.839] OffsetViewportOrgEx (in: hdc=0xd2010793, x=0, y=0, lppt=0x2d8ad30 | out: lppt=0x2d8ad30) returned 1
[0147.839] IsAppThemed () returned 0x1
[0147.840] GetThemeAppProperties () returned 0x3
[0147.840] GetThemeAppProperties () returned 0x3
[0147.840] GetThemeBackgroundContentRect () returned 0x0
[0147.840] RestoreDC (hdc=0xd2010793, nSavedDC=-1) returned 1
[0147.840] GdipReleaseDC (graphics=0x6600030, hdc=0xd2010793) returned 0x0
[0147.840] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0147.840] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0147.840] GdipFillRectangleI (graphics=0x6600030, brush=0x663dff0, x=4, y=4, width=67, height=15) returned 0x0
[0147.840] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0147.840] IsAppThemed () returned 0x1
[0147.840] GetThemeAppProperties () returned 0x3
[0147.840] GetThemeAppProperties () returned 0x3
[0147.840] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0147.840] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0147.840] GetCurrentObject (hdc=0xd2010793, type=0x1) returned 0xb00017
[0147.840] GetCurrentObject (hdc=0xd2010793, type=0x2) returned 0x900010
[0147.840] GetCurrentObject (hdc=0xd2010793, type=0x7) returned 0x4a0507fe
[0147.840] GetCurrentObject (hdc=0xd2010793, type=0x6) returned 0x8a01c2
[0147.841] SaveDC (hdc=0xd2010793) returned 1
[0147.841] GetTextAlign (hdc=0xd2010793) returned 0x0
[0147.841] GetTextColor (hdc=0xd2010793) returned 0x0
[0147.841] GetCurrentObject (hdc=0xd2010793, type=0x6) returned 0x8a01c2
[0147.841] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0147.841] SelectObject (hdc=0xd2010793, h=0x6d0a0520) returned 0x8a01c2
[0147.841] GetBkMode (hdc=0xd2010793) returned 2
[0147.841] SetBkMode (hdc=0xd2010793, mode=1) returned 2
[0147.841] DrawTextExW (in: hdc=0xd2010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d8b0f4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0147.841] DrawTextExW (in: hdc=0xd2010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d8b0f4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0147.842] RestoreDC (hdc=0xd2010793, nSavedDC=-1) returned 1
[0147.842] GdipReleaseDC (graphics=0x6600030, hdc=0xd2010793) returned 0x0
[0147.842] GetFocus () returned 0x602c4
[0147.842] IsAppThemed () returned 0x1
[0147.842] GetThemeAppProperties () returned 0x3
[0147.842] GetThemeAppProperties () returned 0x3
[0147.842] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0147.842] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xd2010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0147.842] GdipReleaseDC (graphics=0x6600030, hdc=0xd2010793) returned 0x0
[0147.842] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0147.843] SelectObject (hdc=0xd2010793, h=0x85000f) returned 0x4a0507fe
[0147.843] DeleteDC (hdc=0xd2010793) returned 1
[0147.843] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0147.843] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0147.843] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0147.843] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0147.843] WaitMessage () returned 1
[0147.887] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.887] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.888] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.888] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.888] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.892] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.892] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.892] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.892] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.892] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.893] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.893] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.893] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.893] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.893] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.893] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.893] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.893] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.894] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.894] IsWindowUnicode (hWnd=0x30122) returned 1
[0147.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.895] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.895] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.895] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.895] IsWindowUnicode (hWnd=0x7005c) returned 1
[0147.895] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.895] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.895] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.896] IsWindowUnicode (hWnd=0x7005c) returned 1
[0147.896] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.896] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.896] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1110258) returned 0x0
[0147.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0147.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0147.896] WaitMessage () returned 1
[0147.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.956] IsWindowUnicode (hWnd=0x502c6) returned 1
[0147.957] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0147.957] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0147.957] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0147.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0147.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0147.957] WaitMessage () returned 1
[0149.543] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0149.543] IsWindowUnicode (hWnd=0x602c4) returned 1
[0149.543] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.543] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0149.543] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0149.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0149.543] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0149.543] IsWindowUnicode (hWnd=0x602c4) returned 1
[0149.543] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0149.544] SetCursor (hCursor=0x10003) returned 0x10003
[0149.544] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0149.544] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0149.544] _TrackMouseEvent (in: lpEventTrack=0x2ccbf0c | out: lpEventTrack=0x2ccbf0c) returned 1
[0149.544] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0149.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0149.544] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0149.544] GetKeyState (nVirtKey=1) returned 1
[0149.544] GetKeyState (nVirtKey=2) returned 0
[0149.544] GetKeyState (nVirtKey=4) returned 0
[0149.544] GetKeyState (nVirtKey=5) returned 0
[0149.544] GetKeyState (nVirtKey=6) returned 0
[0149.544] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.544] IsWindowUnicode (hWnd=0x602c4) returned 1
[0149.544] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.545] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0149.545] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0149.545] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0149.545] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0149.545] CreateCompatibleDC (hdc=0x10105d6) returned 0x28010781
[0149.545] SelectObject (hdc=0x28010781, h=0x4a0507fe) returned 0x85000f
[0149.545] GdipCreateFromHDC (hdc=0x28010781, graphics=0xd7e798) returned 0x0
[0149.545] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0149.545] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0149.545] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0149.546] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0149.546] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e7f8) returned 0x0
[0149.546] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0149.546] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eea60) returned 0x0
[0149.546] LocalFree (hMem=0x11eea60) returned 0x0
[0149.546] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0149.546] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0149.546] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.546] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0149.546] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0149.546] GdipRestoreGraphics (graphics=0x6600030, state=0xfd560dbd) returned 0x0
[0149.546] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.546] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0149.546] GetCurrentObject (hdc=0x28010781, type=0x1) returned 0xb00017
[0149.546] GetCurrentObject (hdc=0x28010781, type=0x2) returned 0x900010
[0149.546] GetCurrentObject (hdc=0x28010781, type=0x7) returned 0x4a0507fe
[0149.546] GetCurrentObject (hdc=0x28010781, type=0x6) returned 0x8a01c2
[0149.546] SaveDC (hdc=0x28010781) returned 1
[0149.546] GetNearestColor (hdc=0x28010781, color=0xff) returned 0xff
[0149.546] GetNearestColor (hdc=0x28010781, color=0x55) returned 0x55
[0149.547] GetNearestColor (hdc=0x28010781, color=0x0) returned 0x0
[0149.547] GetNearestColor (hdc=0x28010781, color=0x55) returned 0x55
[0149.547] GetNearestColor (hdc=0x28010781, color=0x0) returned 0x0
[0149.547] GetNearestColor (hdc=0x28010781, color=0x8080ff) returned 0x8080ff
[0149.547] GetNearestColor (hdc=0x28010781, color=0x7373e5) returned 0x7373e5
[0149.547] GetNearestColor (hdc=0x28010781, color=0xe5) returned 0xe5
[0149.547] GetNearestColor (hdc=0x28010781, color=0x0) returned 0x0
[0149.547] RestoreDC (hdc=0x28010781, nSavedDC=-1) returned 1
[0149.547] GdipReleaseDC (graphics=0x6600030, hdc=0x28010781) returned 0x0
[0149.547] IsAppThemed () returned 0x1
[0149.547] GetThemeAppProperties () returned 0x3
[0149.547] GetThemeAppProperties () returned 0x3
[0149.547] IsAppThemed () returned 0x1
[0149.547] GetThemeAppProperties () returned 0x3
[0149.547] GetThemeAppProperties () returned 0x3
[0149.547] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d8b968 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0149.548] IsAppThemed () returned 0x1
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] IsAppThemed () returned 0x1
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] IsAppThemed () returned 0x1
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] IsAppThemed () returned 0x1
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] IsThemePartDefined () returned 0x1
[0149.548] IsAppThemed () returned 0x1
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0149.548] IsAppThemed () returned 0x1
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] IsAppThemed () returned 0x1
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] GetThemeAppProperties () returned 0x3
[0149.548] IsThemePartDefined () returned 0x1
[0149.548] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0149.549] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.549] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0149.549] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0149.549] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e514) returned 0x0
[0149.549] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0149.549] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0149.549] LocalFree (hMem=0x11eea28) returned 0x0
[0149.549] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0149.549] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eead0) returned 0x0
[0149.549] LocalFree (hMem=0x11eead0) returned 0x0
[0149.549] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0149.549] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0149.549] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0149.549] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0149.549] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.549] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0149.549] GetCurrentObject (hdc=0x28010781, type=0x1) returned 0xb00017
[0149.549] GetCurrentObject (hdc=0x28010781, type=0x2) returned 0x900010
[0149.549] GetCurrentObject (hdc=0x28010781, type=0x7) returned 0x4a0507fe
[0149.549] GetCurrentObject (hdc=0x28010781, type=0x6) returned 0x8a01c2
[0149.549] SaveDC (hdc=0x28010781) returned 1
[0149.549] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b040807
[0149.550] GetClipRgn (hdc=0x28010781, hrgn=0x4b040807) returned 0
[0149.550] SelectClipRgn (hdc=0x28010781, hrgn=0xc90407de) returned 2
[0149.550] DeleteObject (ho=0x4b040807) returned 1
[0149.550] DeleteObject (ho=0xc90407de) returned 1
[0149.550] OffsetViewportOrgEx (in: hdc=0x28010781, x=0, y=0, lppt=0x2d8c018 | out: lppt=0x2d8c018) returned 1
[0149.550] DrawThemeParentBackground () returned 0x0
[0149.550] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0149.550] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0149.550] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.550] GetSystemMetrics (nIndex=42) returned 0
[0149.550] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0149.550] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0149.550] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0149.550] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0149.550] SelectPalette (hdc=0x28010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0149.551] GdipCreateFromHDC (hdc=0x28010781, graphics=0xd7dff0) returned 0x0
[0149.551] GdipSetPageUnit (graphics=0x6641cf8, unit=0x2) returned 0x0
[0149.551] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0149.551] GdipGetWorldTransform (graphics=0x6641cf8, matrix=0x6639120) returned 0x0
[0149.551] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7dfc8) returned 0x0
[0149.551] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0149.551] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0149.551] GdipGetClip (graphics=0x6641cf8, region=0x663dff0) returned 0x0
[0149.551] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6641cf8, result=0xd7dfbc) returned 0x0
[0149.551] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.551] GdipSaveGraphics (graphics=0x6641cf8, state=0xd7dfe8) returned 0x0
[0149.551] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0149.560] GdipFillRectangleI (graphics=0x6641cf8, brush=0x663dff0, x=0, y=0, width=801, height=453) returned 0x0
[0149.560] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0149.561] GdipDeleteGraphics (graphics=0x6641cf8) returned 0x0
[0149.561] SelectPalette (hdc=0x28010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0149.562] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.562] GetSystemMetrics (nIndex=42) returned 0
[0149.562] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0149.562] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0149.562] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0149.562] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0149.562] SelectPalette (hdc=0x28010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0149.562] GdipCreateFromHDC (hdc=0x28010781, graphics=0xd7df90) returned 0x0
[0149.562] GdipSetPageUnit (graphics=0x6641cf8, unit=0x2) returned 0x0
[0149.562] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0149.562] GdipGetWorldTransform (graphics=0x6641cf8, matrix=0x66046e0) returned 0x0
[0149.562] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df68) returned 0x0
[0149.562] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0149.563] GdipCreateRegion (region=0xd7df50) returned 0x0
[0149.563] GdipGetClip (graphics=0x6641cf8, region=0x663dff0) returned 0x0
[0149.563] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6641cf8, result=0xd7df5c) returned 0x0
[0149.563] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.563] GdipSaveGraphics (graphics=0x6641cf8, state=0xd7df88) returned 0x0
[0149.563] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0149.571] GdipFillRectangleI (graphics=0x6641cf8, brush=0x663dff0, x=0, y=0, width=801, height=453) returned 0x0
[0149.571] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0149.572] GdipRestoreGraphics (graphics=0x6641cf8, state=0xfd520dbd) returned 0x0
[0149.572] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.572] GetSystemMetrics (nIndex=42) returned 0
[0149.572] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0149.572] GdipDeleteGraphics (graphics=0x6641cf8) returned 0x0
[0149.572] SelectPalette (hdc=0x28010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0149.572] RestoreDC (hdc=0x28010781, nSavedDC=-1) returned 1
[0149.572] GdipReleaseDC (graphics=0x6600030, hdc=0x28010781) returned 0x0
[0149.573] IsAppThemed () returned 0x1
[0149.573] GetThemeAppProperties () returned 0x3
[0149.573] GetThemeAppProperties () returned 0x3
[0149.573] IsAppThemed () returned 0x1
[0149.573] GetThemeAppProperties () returned 0x3
[0149.573] GetThemeAppProperties () returned 0x3
[0149.573] IsThemePartDefined () returned 0x1
[0149.573] GdipCreateRegion (region=0xd7e480) returned 0x0
[0149.573] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.573] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0149.573] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0149.573] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e498) returned 0x0
[0149.573] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0149.573] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee788) returned 0x0
[0149.573] LocalFree (hMem=0x11ee788) returned 0x0
[0149.573] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0149.573] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee910) returned 0x0
[0149.573] LocalFree (hMem=0x11ee910) returned 0x0
[0149.573] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0149.573] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0149.573] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0149.574] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0149.574] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.574] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0149.574] GetCurrentObject (hdc=0x28010781, type=0x1) returned 0xb00017
[0149.574] GetCurrentObject (hdc=0x28010781, type=0x2) returned 0x900010
[0149.574] GetCurrentObject (hdc=0x28010781, type=0x7) returned 0x4a0507fe
[0149.574] GetCurrentObject (hdc=0x28010781, type=0x6) returned 0x8a01c2
[0149.574] SaveDC (hdc=0x28010781) returned 1
[0149.574] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xca0407de
[0149.574] GetClipRgn (hdc=0x28010781, hrgn=0xca0407de) returned 0
[0149.574] SelectClipRgn (hdc=0x28010781, hrgn=0x4d040807) returned 2
[0149.574] DeleteObject (ho=0xca0407de) returned 1
[0149.574] DeleteObject (ho=0x4d040807) returned 1
[0149.574] OffsetViewportOrgEx (in: hdc=0x28010781, x=0, y=0, lppt=0x2d92868 | out: lppt=0x2d92868) returned 1
[0149.574] IsAppThemed () returned 0x1
[0149.574] GetThemeAppProperties () returned 0x3
[0149.574] GetThemeAppProperties () returned 0x3
[0149.574] DrawThemeBackground () returned 0x0
[0149.574] RestoreDC (hdc=0x28010781, nSavedDC=-1) returned 1
[0149.575] GdipReleaseDC (graphics=0x6600030, hdc=0x28010781) returned 0x0
[0149.575] GdipCreateRegion (region=0xd7e484) returned 0x0
[0149.575] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.575] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0149.575] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0149.575] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e49c) returned 0x0
[0149.575] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0149.575] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea98) returned 0x0
[0149.575] LocalFree (hMem=0x11eea98) returned 0x0
[0149.575] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0149.575] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee868) returned 0x0
[0149.575] LocalFree (hMem=0x11ee868) returned 0x0
[0149.575] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0149.575] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0149.575] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0149.575] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0149.575] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.575] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0149.575] GetCurrentObject (hdc=0x28010781, type=0x1) returned 0xb00017
[0149.575] GetCurrentObject (hdc=0x28010781, type=0x2) returned 0x900010
[0149.575] GetCurrentObject (hdc=0x28010781, type=0x7) returned 0x4a0507fe
[0149.576] GetCurrentObject (hdc=0x28010781, type=0x6) returned 0x8a01c2
[0149.576] SaveDC (hdc=0x28010781) returned 1
[0149.576] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4e040807
[0149.576] GetClipRgn (hdc=0x28010781, hrgn=0x4e040807) returned 0
[0149.576] SelectClipRgn (hdc=0x28010781, hrgn=0xcb0407de) returned 2
[0149.576] DeleteObject (ho=0x4e040807) returned 1
[0149.576] DeleteObject (ho=0xcb0407de) returned 1
[0149.576] OffsetViewportOrgEx (in: hdc=0x28010781, x=0, y=0, lppt=0x2d92b3c | out: lppt=0x2d92b3c) returned 1
[0149.576] IsAppThemed () returned 0x1
[0149.576] GetThemeAppProperties () returned 0x3
[0149.576] GetThemeAppProperties () returned 0x3
[0149.576] GetThemeBackgroundContentRect () returned 0x0
[0149.576] RestoreDC (hdc=0x28010781, nSavedDC=-1) returned 1
[0149.576] GdipReleaseDC (graphics=0x6600030, hdc=0x28010781) returned 0x0
[0149.576] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0149.576] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0149.576] GdipFillRectangleI (graphics=0x6600030, brush=0x663dff0, x=4, y=4, width=67, height=15) returned 0x0
[0149.576] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0149.576] IsAppThemed () returned 0x1
[0149.576] GetThemeAppProperties () returned 0x3
[0149.576] GetThemeAppProperties () returned 0x3
[0149.577] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0149.577] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0149.577] GetCurrentObject (hdc=0x28010781, type=0x1) returned 0xb00017
[0149.577] GetCurrentObject (hdc=0x28010781, type=0x2) returned 0x900010
[0149.577] GetCurrentObject (hdc=0x28010781, type=0x7) returned 0x4a0507fe
[0149.577] GetCurrentObject (hdc=0x28010781, type=0x6) returned 0x8a01c2
[0149.577] SaveDC (hdc=0x28010781) returned 1
[0149.577] GetTextAlign (hdc=0x28010781) returned 0x0
[0149.577] GetTextColor (hdc=0x28010781) returned 0x0
[0149.577] GetCurrentObject (hdc=0x28010781, type=0x6) returned 0x8a01c2
[0149.577] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0149.577] SelectObject (hdc=0x28010781, h=0x6d0a0520) returned 0x8a01c2
[0149.577] GetBkMode (hdc=0x28010781) returned 2
[0149.577] SetBkMode (hdc=0x28010781, mode=1) returned 2
[0149.577] DrawTextExW (in: hdc=0x28010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d92f00 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0149.578] DrawTextExW (in: hdc=0x28010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d92f00 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0149.578] RestoreDC (hdc=0x28010781, nSavedDC=-1) returned 1
[0149.578] GdipReleaseDC (graphics=0x6600030, hdc=0x28010781) returned 0x0
[0149.578] GetFocus () returned 0x602c4
[0149.578] IsAppThemed () returned 0x1
[0149.578] GetThemeAppProperties () returned 0x3
[0149.578] GetThemeAppProperties () returned 0x3
[0149.578] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0149.578] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x28010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0149.579] GdipReleaseDC (graphics=0x6600030, hdc=0x28010781) returned 0x0
[0149.579] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0149.579] SelectObject (hdc=0x28010781, h=0x85000f) returned 0x4a0507fe
[0149.579] DeleteDC (hdc=0x28010781) returned 1
[0149.579] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0149.579] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0149.579] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0149.579] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0149.579] WaitMessage () returned 1
[0149.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.654] IsWindowUnicode (hWnd=0x602c4) returned 1
[0149.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0149.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0149.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.654] IsWindowUnicode (hWnd=0x602c4) returned 1
[0149.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0149.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0149.654] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x90021) returned 0x0
[0149.655] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0149.655] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0149.655] WaitMessage () returned 1
[0149.766] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0149.766] IsWindowUnicode (hWnd=0x602c4) returned 1
[0149.766] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0149.767] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0149.767] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19b003e) returned 0x0
[0149.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0149.767] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0149.767] SetCursor (hCursor=0x10003) returned 0x10003
[0149.767] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0149.767] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0149.767] GetKeyState (nVirtKey=1) returned -128
[0149.767] GetKeyState (nVirtKey=2) returned 0
[0149.767] GetKeyState (nVirtKey=4) returned 0
[0149.767] GetKeyState (nVirtKey=5) returned 0
[0149.767] GetKeyState (nVirtKey=6) returned 0
[0149.767] IsWindowVisible (hWnd=0x602c4) returned 1
[0149.767] IsWindowEnabled (hWnd=0x602c4) returned 1
[0149.767] SetFocus (hWnd=0x602c4) returned 0x602c4
[0149.767] GetFocus () returned 0x602c4
[0149.767] GetFocus () returned 0x602c4
[0149.767] GetFocus () returned 0x602c4
[0149.767] GetKeyState (nVirtKey=1) returned -128
[0149.768] GetKeyState (nVirtKey=2) returned 0
[0149.768] GetKeyState (nVirtKey=4) returned 0
[0149.768] GetKeyState (nVirtKey=5) returned 0
[0149.768] GetKeyState (nVirtKey=6) returned 0
[0149.768] GetCapture () returned 0x0
[0149.768] SetCapture (hWnd=0x602c4) returned 0x0
[0149.768] GetKeyState (nVirtKey=1) returned -128
[0149.768] GetKeyState (nVirtKey=2) returned 0
[0149.768] GetKeyState (nVirtKey=4) returned 0
[0149.768] GetKeyState (nVirtKey=5) returned 0
[0149.768] GetKeyState (nVirtKey=6) returned 0
[0149.768] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0149.768] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0149.768] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.768] IsWindowUnicode (hWnd=0x602c4) returned 1
[0149.768] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0149.768] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0149.768] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0149.768] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d93084, cPoints=0x1 | out: lpPoints=0x2d93084) returned 40304859
[0149.768] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0149.768] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0149.768] UpdateWindow (hWnd=0x602c4) returned 1
[0149.768] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0149.769] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0149.769] CreateCompatibleDC (hdc=0x10105d6) returned 0x29010781
[0149.769] SelectObject (hdc=0x29010781, h=0x4a0507fe) returned 0x85000f
[0149.769] GdipCreateFromHDC (hdc=0x29010781, graphics=0xd7e430) returned 0x0
[0149.769] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0149.769] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0149.769] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0149.769] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0149.769] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e490) returned 0x0
[0149.769] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0149.769] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee868) returned 0x0
[0149.769] LocalFree (hMem=0x11ee868) returned 0x0
[0149.769] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0149.769] GdipCreateRegion (region=0xd7e478) returned 0x0
[0149.769] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.769] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e484) returned 0x0
[0149.769] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0149.770] GdipRestoreGraphics (graphics=0x6600030, state=0xfd500dbd) returned 0x0
[0149.770] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.770] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0149.770] GetCurrentObject (hdc=0x29010781, type=0x1) returned 0xb00017
[0149.770] GetCurrentObject (hdc=0x29010781, type=0x2) returned 0x900010
[0149.770] GetCurrentObject (hdc=0x29010781, type=0x7) returned 0x4a0507fe
[0149.770] GetCurrentObject (hdc=0x29010781, type=0x6) returned 0x8a01c2
[0149.770] SaveDC (hdc=0x29010781) returned 1
[0149.770] GetNearestColor (hdc=0x29010781, color=0xff) returned 0xff
[0149.770] GetNearestColor (hdc=0x29010781, color=0x55) returned 0x55
[0149.770] GetNearestColor (hdc=0x29010781, color=0x0) returned 0x0
[0149.770] GetNearestColor (hdc=0x29010781, color=0x55) returned 0x55
[0149.770] GetNearestColor (hdc=0x29010781, color=0x0) returned 0x0
[0149.770] GetNearestColor (hdc=0x29010781, color=0x8080ff) returned 0x8080ff
[0149.770] GetNearestColor (hdc=0x29010781, color=0x7373e5) returned 0x7373e5
[0149.770] GetNearestColor (hdc=0x29010781, color=0xe5) returned 0xe5
[0149.770] GetNearestColor (hdc=0x29010781, color=0x0) returned 0x0
[0149.770] RestoreDC (hdc=0x29010781, nSavedDC=-1) returned 1
[0149.771] GdipReleaseDC (graphics=0x6600030, hdc=0x29010781) returned 0x0
[0149.771] IsAppThemed () returned 0x1
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] IsAppThemed () returned 0x1
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d937a0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0149.771] IsAppThemed () returned 0x1
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] IsAppThemed () returned 0x1
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] IsAppThemed () returned 0x1
[0149.771] GetThemeAppProperties () returned 0x3
[0149.771] GetThemeAppProperties () returned 0x3
[0149.772] IsAppThemed () returned 0x1
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] IsThemePartDefined () returned 0x1
[0149.772] IsAppThemed () returned 0x1
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0149.772] IsAppThemed () returned 0x1
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] IsAppThemed () returned 0x1
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] GetThemeAppProperties () returned 0x3
[0149.772] IsThemePartDefined () returned 0x1
[0149.772] GdipCreateRegion (region=0xd7e194) returned 0x0
[0149.772] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.772] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0149.772] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0149.772] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e1ac) returned 0x0
[0149.772] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0149.772] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0149.772] LocalFree (hMem=0x11eec58) returned 0x0
[0149.772] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0149.772] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0149.772] LocalFree (hMem=0x11ee788) returned 0x0
[0149.773] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0149.773] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0149.773] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0149.773] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0149.773] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.773] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0149.773] GetCurrentObject (hdc=0x29010781, type=0x1) returned 0xb00017
[0149.773] GetCurrentObject (hdc=0x29010781, type=0x2) returned 0x900010
[0149.773] GetCurrentObject (hdc=0x29010781, type=0x7) returned 0x4a0507fe
[0149.773] GetCurrentObject (hdc=0x29010781, type=0x6) returned 0x8a01c2
[0149.773] SaveDC (hdc=0x29010781) returned 1
[0149.773] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcc0407de
[0149.773] GetClipRgn (hdc=0x29010781, hrgn=0xcc0407de) returned 0
[0149.773] SelectClipRgn (hdc=0x29010781, hrgn=0x52040807) returned 2
[0149.773] DeleteObject (ho=0xcc0407de) returned 1
[0149.773] DeleteObject (ho=0x52040807) returned 1
[0149.773] OffsetViewportOrgEx (in: hdc=0x29010781, x=0, y=0, lppt=0x2d93e50 | out: lppt=0x2d93e50) returned 1
[0149.773] DrawThemeParentBackground () returned 0x0
[0149.774] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0149.774] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0149.774] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.774] GetSystemMetrics (nIndex=42) returned 0
[0149.774] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0149.774] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0149.774] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0149.774] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0149.774] SelectPalette (hdc=0x29010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0149.774] GdipCreateFromHDC (hdc=0x29010781, graphics=0xd7dc88) returned 0x0
[0149.774] GdipSetPageUnit (graphics=0x6641cf8, unit=0x2) returned 0x0
[0149.774] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0149.774] GdipGetWorldTransform (graphics=0x6641cf8, matrix=0x6639120) returned 0x0
[0149.774] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7dc60) returned 0x0
[0149.774] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0149.774] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0149.774] GdipGetClip (graphics=0x6641cf8, region=0x663dff0) returned 0x0
[0149.774] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6641cf8, result=0xd7dc54) returned 0x0
[0149.774] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.774] GdipSaveGraphics (graphics=0x6641cf8, state=0xd7dc80) returned 0x0
[0149.775] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0149.782] GdipFillRectangleI (graphics=0x6641cf8, brush=0x663dff0, x=0, y=0, width=801, height=453) returned 0x0
[0149.783] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0149.784] GdipDeleteGraphics (graphics=0x6641cf8) returned 0x0
[0149.784] SelectPalette (hdc=0x29010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0149.784] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.784] GetSystemMetrics (nIndex=42) returned 0
[0149.784] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0149.784] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0149.784] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0149.784] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0149.784] SelectPalette (hdc=0x29010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0149.784] GdipCreateFromHDC (hdc=0x29010781, graphics=0xd7dc28) returned 0x0
[0149.785] GdipSetPageUnit (graphics=0x6641cf8, unit=0x2) returned 0x0
[0149.785] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0149.785] GdipGetWorldTransform (graphics=0x6641cf8, matrix=0x66046e0) returned 0x0
[0149.785] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc00) returned 0x0
[0149.785] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0149.785] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0149.785] GdipGetClip (graphics=0x6641cf8, region=0x663dff0) returned 0x0
[0149.785] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6641cf8, result=0xd7dbf4) returned 0x0
[0149.785] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.785] GdipSaveGraphics (graphics=0x6641cf8, state=0xd7dc20) returned 0x0
[0149.785] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0149.793] GdipFillRectangleI (graphics=0x6641cf8, brush=0x66398c8, x=0, y=0, width=801, height=453) returned 0x0
[0149.793] GdipDeleteBrush (brush=0x66398c8) returned 0x0
[0149.795] GdipRestoreGraphics (graphics=0x6641cf8, state=0xfd4c0dbd) returned 0x0
[0149.795] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.795] GetSystemMetrics (nIndex=42) returned 0
[0149.795] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0149.795] GdipDeleteGraphics (graphics=0x6641cf8) returned 0x0
[0149.795] SelectPalette (hdc=0x29010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0149.795] RestoreDC (hdc=0x29010781, nSavedDC=-1) returned 1
[0149.795] GdipReleaseDC (graphics=0x6600030, hdc=0x29010781) returned 0x0
[0149.795] IsAppThemed () returned 0x1
[0149.796] GetThemeAppProperties () returned 0x3
[0149.796] GetThemeAppProperties () returned 0x3
[0149.796] IsAppThemed () returned 0x1
[0149.796] GetThemeAppProperties () returned 0x3
[0149.796] GetThemeAppProperties () returned 0x3
[0149.796] IsThemePartDefined () returned 0x1
[0149.796] GdipCreateRegion (region=0xd7e118) returned 0x0
[0149.796] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.796] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0149.796] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6639120) returned 0x0
[0149.796] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e130) returned 0x0
[0149.796] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0149.796] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee788) returned 0x0
[0149.796] LocalFree (hMem=0x11ee788) returned 0x0
[0149.796] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0149.796] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee910) returned 0x0
[0149.796] LocalFree (hMem=0x11ee910) returned 0x0
[0149.796] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0149.796] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e158) returned 0x0
[0149.796] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e148) returned 0x0
[0149.796] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0149.796] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.796] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0149.796] GetCurrentObject (hdc=0x29010781, type=0x1) returned 0xb00017
[0149.796] GetCurrentObject (hdc=0x29010781, type=0x2) returned 0x900010
[0149.797] GetCurrentObject (hdc=0x29010781, type=0x7) returned 0x4a0507fe
[0149.797] GetCurrentObject (hdc=0x29010781, type=0x6) returned 0x8a01c2
[0149.797] SaveDC (hdc=0x29010781) returned 1
[0149.797] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x53040807
[0149.797] GetClipRgn (hdc=0x29010781, hrgn=0x53040807) returned 0
[0149.797] SelectClipRgn (hdc=0x29010781, hrgn=0xce0407de) returned 2
[0149.797] DeleteObject (ho=0x53040807) returned 1
[0149.797] DeleteObject (ho=0xce0407de) returned 1
[0149.797] OffsetViewportOrgEx (in: hdc=0x29010781, x=0, y=0, lppt=0x2d9a6a0 | out: lppt=0x2d9a6a0) returned 1
[0149.797] IsAppThemed () returned 0x1
[0149.797] GetThemeAppProperties () returned 0x3
[0149.797] GetThemeAppProperties () returned 0x3
[0149.797] DrawThemeBackground () returned 0x0
[0149.797] RestoreDC (hdc=0x29010781, nSavedDC=-1) returned 1
[0149.797] GdipReleaseDC (graphics=0x6600030, hdc=0x29010781) returned 0x0
[0149.797] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0149.797] GdipGetClip (graphics=0x6600030, region=0x663dff0) returned 0x0
[0149.797] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0149.797] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0149.797] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e134) returned 0x0
[0149.798] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0149.798] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0149.798] LocalFree (hMem=0x11ee8d8) returned 0x0
[0149.798] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0149.798] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0149.798] LocalFree (hMem=0x11ee8d8) returned 0x0
[0149.798] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0149.798] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0149.798] GdipIsInfiniteRegion (region=0x663dff0, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0149.798] GdipGetRegionHRgn (region=0x663dff0, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0149.798] GdipDeleteRegion (region=0x663dff0) returned 0x0
[0149.798] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0149.798] GetCurrentObject (hdc=0x29010781, type=0x1) returned 0xb00017
[0149.798] GetCurrentObject (hdc=0x29010781, type=0x2) returned 0x900010
[0149.798] GetCurrentObject (hdc=0x29010781, type=0x7) returned 0x4a0507fe
[0149.798] GetCurrentObject (hdc=0x29010781, type=0x6) returned 0x8a01c2
[0149.798] SaveDC (hdc=0x29010781) returned 1
[0149.798] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcf0407de
[0149.798] GetClipRgn (hdc=0x29010781, hrgn=0xcf0407de) returned 0
[0149.798] SelectClipRgn (hdc=0x29010781, hrgn=0x54040807) returned 2
[0149.798] DeleteObject (ho=0xcf0407de) returned 1
[0149.799] DeleteObject (ho=0x54040807) returned 1
[0149.799] OffsetViewportOrgEx (in: hdc=0x29010781, x=0, y=0, lppt=0x2d9a974 | out: lppt=0x2d9a974) returned 1
[0149.799] IsAppThemed () returned 0x1
[0149.799] GetThemeAppProperties () returned 0x3
[0149.799] GetThemeAppProperties () returned 0x3
[0149.799] GetThemeBackgroundContentRect () returned 0x0
[0149.799] RestoreDC (hdc=0x29010781, nSavedDC=-1) returned 1
[0149.799] GdipReleaseDC (graphics=0x6600030, hdc=0x29010781) returned 0x0
[0149.799] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0149.799] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0149.799] GdipFillRectangleI (graphics=0x6600030, brush=0x663dff0, x=4, y=4, width=67, height=15) returned 0x0
[0149.799] GdipDeleteBrush (brush=0x663dff0) returned 0x0
[0149.799] IsAppThemed () returned 0x1
[0149.799] GetThemeAppProperties () returned 0x3
[0149.799] GetThemeAppProperties () returned 0x3
[0149.799] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0149.799] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0149.799] GetCurrentObject (hdc=0x29010781, type=0x1) returned 0xb00017
[0149.799] GetCurrentObject (hdc=0x29010781, type=0x2) returned 0x900010
[0149.799] GetCurrentObject (hdc=0x29010781, type=0x7) returned 0x4a0507fe
[0149.799] GetCurrentObject (hdc=0x29010781, type=0x6) returned 0x8a01c2
[0149.799] SaveDC (hdc=0x29010781) returned 1
[0149.800] GetTextAlign (hdc=0x29010781) returned 0x0
[0149.800] GetTextColor (hdc=0x29010781) returned 0x0
[0149.800] GetCurrentObject (hdc=0x29010781, type=0x6) returned 0x8a01c2
[0149.800] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0149.800] SelectObject (hdc=0x29010781, h=0x6d0a0520) returned 0x8a01c2
[0149.800] GetBkMode (hdc=0x29010781) returned 2
[0149.800] SetBkMode (hdc=0x29010781, mode=1) returned 2
[0149.800] DrawTextExW (in: hdc=0x29010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d9ad38 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0149.800] DrawTextExW (in: hdc=0x29010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d9ad38 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0149.801] RestoreDC (hdc=0x29010781, nSavedDC=-1) returned 1
[0149.801] GdipReleaseDC (graphics=0x6600030, hdc=0x29010781) returned 0x0
[0149.801] GetFocus () returned 0x602c4
[0149.801] IsAppThemed () returned 0x1
[0149.801] GetThemeAppProperties () returned 0x3
[0149.801] GetThemeAppProperties () returned 0x3
[0149.801] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0149.801] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x29010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0149.801] GdipReleaseDC (graphics=0x6600030, hdc=0x29010781) returned 0x0
[0149.801] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0149.801] SelectObject (hdc=0x29010781, h=0x85000f) returned 0x4a0507fe
[0149.801] DeleteDC (hdc=0x29010781) returned 1
[0149.801] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0149.802] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0149.802] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d9ae34, cPoints=0x1 | out: lpPoints=0x2d9ae34) returned 40304859
[0149.802] WindowFromPoint (Point=0xfc) returned 0x602c4
[0149.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0149.802] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0149.802] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0149.802] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0149.802] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0149.802] GetSystemMetrics (nIndex=42) returned 0
[0149.802] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0149.802] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0149.804] GetCapture () returned 0x602c4
[0149.804] ReleaseCapture () returned 1
[0149.804] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0149.804] GetProcessWindowStation () returned 0x13c
[0149.804] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.805] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0149.805] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.805] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0149.805] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.805] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0149.805] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.805] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0149.806] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.806] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0149.806] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.806] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0149.806] GetDC (hWnd=0x0) returned 0x107b9
[0149.806] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0149.807] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0149.807] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0149.807] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0149.807] GetSystemMetrics (nIndex=5) returned 1
[0149.807] GetSystemMetrics (nIndex=6) returned 1
[0149.807] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.807] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0149.807] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.807] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0149.811] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0149.811] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0149.811] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.812] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0149.812] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.812] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0149.813] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2da0850 | out: lpData=0x2da0850) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da0c60, puLen=0xd7e810) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0908, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da095c, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da09dc, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0a44, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0a84, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0b0c, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0b48, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0ba0, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0bd0, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0c0c, puLen=0xd7e790) returned 1
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.814] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da0c60, puLen=0xd7e784) returned 1
[0149.814] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.815] VerQueryValueW (in: pBlock=0x2da0850, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da0878, puLen=0xd7e794) returned 1
[0149.815] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0149.815] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0149.815] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.815] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0149.816] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.816] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0149.816] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2da27c0 | out: lpData=0x2da27c0) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da285c, puLen=0xd7e810) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da28d4, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2904, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2940, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2970, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da29b8, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2a30, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2a74, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2ab4, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da28b2, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2a00, puLen=0xd7e790) returned 1
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da285c, puLen=0xd7e784) returned 1
[0149.816] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0149.816] VerQueryValueW (in: pBlock=0x2da27c0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da27e8, puLen=0xd7e794) returned 1
[0149.817] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0149.817] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0149.817] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.817] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0149.817] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.817] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0149.818] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2da4a98 | out: lpData=0x2da4a98) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da4eac, puLen=0xd7e810) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4b50, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4ba4, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4c00, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4c60, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4cb8, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4d40, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4d94, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4dec, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4e1c, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4e58, puLen=0xd7e790) returned 1
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da4eac, puLen=0xd7e784) returned 1
[0149.819] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.819] VerQueryValueW (in: pBlock=0x2da4a98, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da4ac0, puLen=0xd7e794) returned 1
[0149.820] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0149.820] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0149.820] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.820] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0149.820] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.820] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0149.821] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2da70d0 | out: lpData=0x2da70d0) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da74d0, puLen=0xd7e810) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7188, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da71dc, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da721c, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7284, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da72dc, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7364, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da73b8, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7410, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7440, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da747c, puLen=0xd7e790) returned 1
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da74d0, puLen=0xd7e784) returned 1
[0149.822] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.822] VerQueryValueW (in: pBlock=0x2da70d0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da70f8, puLen=0xd7e794) returned 1
[0149.823] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0149.823] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0149.823] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.823] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0149.823] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.823] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0149.824] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2da980c | out: lpData=0x2da980c) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da9bd4, puLen=0xd7e810) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da98c4, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da9918, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da9958, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da99c0, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da99fc, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da9a84, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da9abc, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da9b14, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da9b44, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da9b80, puLen=0xd7e790) returned 1
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da9bd4, puLen=0xd7e784) returned 1
[0149.825] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.825] VerQueryValueW (in: pBlock=0x2da980c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da9834, puLen=0xd7e794) returned 1
[0149.826] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0149.826] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0149.826] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.826] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0149.826] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.826] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0149.827] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2dace74 | out: lpData=0x2dace74) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dad254, puLen=0xd7e810) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacf2c, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacf80, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacfc0, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad020, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad06c, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad0f4, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad13c, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad194, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad1c4, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad200, puLen=0xd7e790) returned 1
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dad254, puLen=0xd7e784) returned 1
[0149.828] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.828] VerQueryValueW (in: pBlock=0x2dace74, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dace9c, puLen=0xd7e794) returned 1
[0149.829] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0149.829] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0149.829] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.829] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0149.829] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.830] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0149.830] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2daf694 | out: lpData=0x2daf694) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dafaa0, puLen=0xd7e810) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf74c, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf7a0, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf7f4, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf854, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf8ac, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf934, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf988, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf9e0, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafa10, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafa4c, puLen=0xd7e790) returned 1
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.831] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dafaa0, puLen=0xd7e784) returned 1
[0149.831] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.832] VerQueryValueW (in: pBlock=0x2daf694, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2daf6bc, puLen=0xd7e794) returned 1
[0149.832] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0149.832] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0149.832] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.832] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0149.833] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.833] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0149.833] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2db1ea8 | out: lpData=0x2db1ea8) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db2280, puLen=0xd7e810) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db1f60, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db1fb4, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db1ff4, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db205c, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db20a0, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2128, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2168, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db21c0, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db21f0, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db222c, puLen=0xd7e790) returned 1
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db2280, puLen=0xd7e784) returned 1
[0149.834] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.834] VerQueryValueW (in: pBlock=0x2db1ea8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db1ed0, puLen=0xd7e794) returned 1
[0149.835] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0149.835] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0149.835] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.835] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0149.835] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.835] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0149.836] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2db4400 | out: lpData=0x2db4400) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db47d8, puLen=0xd7e810) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db44b8, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db450c, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db454c, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db45b4, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db45f8, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db4680, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db46c0, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db4718, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db4748, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db4784, puLen=0xd7e790) returned 1
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.837] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db47d8, puLen=0xd7e784) returned 1
[0149.837] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.838] VerQueryValueW (in: pBlock=0x2db4400, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db4428, puLen=0xd7e794) returned 1
[0149.838] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0149.838] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0149.838] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0149.839] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0149.839] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0149.839] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0149.840] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2db6b38 | out: lpData=0x2db6b38) returned 1
[0149.840] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db6f68, puLen=0xd7e810) returned 1
[0149.840] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6bf0, puLen=0xd7e790) returned 1
[0149.840] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6c44, puLen=0xd7e790) returned 1
[0149.840] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6cb4, puLen=0xd7e790) returned 1
[0149.840] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6d14, puLen=0xd7e790) returned 1
[0149.840] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6d70, puLen=0xd7e790) returned 1
[0149.841] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6df8, puLen=0xd7e790) returned 1
[0149.841] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6e50, puLen=0xd7e790) returned 1
[0149.843] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6ea8, puLen=0xd7e790) returned 1
[0149.843] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6ed8, puLen=0xd7e790) returned 1
[0149.843] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.843] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db6f14, puLen=0xd7e790) returned 1
[0149.843] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0149.843] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db6f68, puLen=0xd7e784) returned 1
[0149.843] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0149.843] VerQueryValueW (in: pBlock=0x2db6b38, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db6b60, puLen=0xd7e794) returned 1
[0149.843] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0149.844] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.844] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0149.844] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.844] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.844] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x302dc
[0149.845] SetWindowLongW (hWnd=0x302dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0149.845] GetWindowLongW (hWnd=0x302dc, nIndex=-4) returned 1950089536
[0149.845] SetWindowLongW (hWnd=0x302dc, nIndex=-4, dwNewLong=19939086) returned 1950089536
[0149.845] GetWindowLongW (hWnd=0x302dc, nIndex=-4) returned 19939086
[0149.845] GetWindowLongW (hWnd=0x302dc, nIndex=-16) returned 113311744
[0149.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0149.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0149.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0149.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0149.846] GetClientRect (in: hWnd=0x302dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0149.846] GetWindowRect (in: hWnd=0x302dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0149.846] SetWindowTextW (hWnd=0x302dc, lpString="WindowsFormsParkingWindow") returned 1
[0149.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0xc, wParam=0x0, lParam=0x2d7c1e4) returned 0x1
[0149.847] GetParent (hWnd=0x302dc) returned 0x0
[0149.847] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.847] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x302dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x5013e
[0149.848] SetWindowLongW (hWnd=0x5013e, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0149.848] GetWindowLongW (hWnd=0x5013e, nIndex=-4) returned 1868147648
[0149.848] SetWindowLongW (hWnd=0x5013e, nIndex=-4, dwNewLong=19939126) returned 1868147648
[0149.848] GetWindowLongW (hWnd=0x5013e, nIndex=-4) returned 19939126
[0149.848] GetWindowLongW (hWnd=0x5013e, nIndex=-16) returned 1174405133
[0149.848] GetWindowLongW (hWnd=0x5013e, nIndex=-12) returned 0
[0149.848] SetWindowLongW (hWnd=0x5013e, nIndex=-12, dwNewLong=327998) returned 0
[0149.848] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0149.849] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0149.849] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0149.850] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0149.850] GetWindowRect (in: hWnd=0x5013e, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0149.850] GetParent (hWnd=0x5013e) returned 0x302dc
[0149.850] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0149.850] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0149.850] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0149.850] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0149.850] GetWindowRect (in: hWnd=0x5013e, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0149.850] GetParent (hWnd=0x5013e) returned 0x302dc
[0149.851] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0149.851] SendMessageW (hWnd=0x5013e, Msg=0x2210, wParam=0x13e0001, lParam=0x5013e) returned 0x0
[0149.851] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x2210, wParam=0x13e0001, lParam=0x5013e) returned 0x0
[0149.851] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.851] GetParent (hWnd=0x5013e) returned 0x302dc
[0149.851] GdipCreateFromHWND (hwnd=0x5013e, graphics=0xd7e844) returned 0x0
[0149.851] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0149.853] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0149.853] GetForegroundWindow () returned 0x7005c
[0149.853] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.853] GetSystemMetrics (nIndex=42) returned 0
[0149.853] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0149.853] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0149.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.853] GetSystemMetrics (nIndex=42) returned 0
[0149.853] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0149.854] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.854] GetCursorPos (in: lpPoint=0x2dbafbc | out: lpPoint=0x2dbafbc*(x=252, y=624)) returned 1
[0149.854] MonitorFromPoint (pt=0xfc, dwFlags=0x270) returned 0x10001
[0149.854] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0149.854] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2c010781
[0149.854] GetDeviceCaps (hdc=0x2c010781, index=12) returned 32
[0149.854] GetDeviceCaps (hdc=0x2c010781, index=14) returned 1
[0149.854] DeleteDC (hdc=0x2c010781) returned 1
[0149.854] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0149.854] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0149.854] GetSystemMetrics (nIndex=59) returned 1460
[0149.854] GetSystemMetrics (nIndex=60) returned 920
[0149.854] GetSystemMetrics (nIndex=34) returned 136
[0149.855] GetSystemMetrics (nIndex=35) returned 39
[0149.855] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.855] GetCursorPos (in: lpPoint=0x2dbb228 | out: lpPoint=0x2dbb228*(x=252, y=624)) returned 1
[0149.855] MonitorFromPoint (pt=0xfc, dwFlags=0x270) returned 0x10001
[0149.855] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0149.855] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2d010781
[0149.855] GetDeviceCaps (hdc=0x2d010781, index=12) returned 32
[0149.855] GetDeviceCaps (hdc=0x2d010781, index=14) returned 1
[0149.855] DeleteDC (hdc=0x2d010781) returned 1
[0149.855] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0149.856] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0149.856] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.856] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0149.856] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2dbb4c0 | out: piconinfo=0x2dbb4c0) returned 1
[0149.856] GetObjectW (in: h=0x440507d3, c=24, pv=0x2dbb4dc | out: pv=0x2dbb4dc) returned 24
[0149.856] GdipCreateBitmapFromHBITMAP (hbm=0x440507d3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0149.858] GdipGetImageWidth (image=0x663e1f8, width=0xd7e750) returned 0x0
[0149.858] GdipGetImageHeight (image=0x663e1f8, height=0xd7e748) returned 0x0
[0149.858] GdipGetImagePixelFormat (image=0x663e1f8, format=0xd7e740) returned 0x0
[0149.858] GdipBitmapLockBits (bitmap=0x663e1f8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2dbb594) returned 0x0
[0149.858] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0149.858] GdipBitmapLockBits (bitmap=0x6635e20, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2dbb5cc) returned 0x0
[0149.858] RtlMoveMemory (in: Destination=0x6641cf8, Source=0x6635d98, Length=0x80 | out: Destination=0x6641cf8)
[0149.858] RtlMoveMemory (in: Destination=0x6641d78, Source=0x6635d18, Length=0x80 | out: Destination=0x6641d78)
[0149.858] RtlMoveMemory (in: Destination=0x6641df8, Source=0x6635c98, Length=0x80 | out: Destination=0x6641df8)
[0149.858] RtlMoveMemory (in: Destination=0x6641e78, Source=0x6635c18, Length=0x80 | out: Destination=0x6641e78)
[0149.858] RtlMoveMemory (in: Destination=0x6641ef8, Source=0x6635b98, Length=0x80 | out: Destination=0x6641ef8)
[0149.858] RtlMoveMemory (in: Destination=0x6641f78, Source=0x6635b18, Length=0x80 | out: Destination=0x6641f78)
[0149.858] RtlMoveMemory (in: Destination=0x6641ff8, Source=0x6635a98, Length=0x80 | out: Destination=0x6641ff8)
[0149.858] RtlMoveMemory (in: Destination=0x6642078, Source=0x6635a18, Length=0x80 | out: Destination=0x6642078)
[0149.858] RtlMoveMemory (in: Destination=0x66420f8, Source=0x6635998, Length=0x80 | out: Destination=0x66420f8)
[0149.858] RtlMoveMemory (in: Destination=0x6642178, Source=0x6635918, Length=0x80 | out: Destination=0x6642178)
[0149.858] RtlMoveMemory (in: Destination=0x66421f8, Source=0x6635898, Length=0x80 | out: Destination=0x66421f8)
[0149.858] RtlMoveMemory (in: Destination=0x6642278, Source=0x6635818, Length=0x80 | out: Destination=0x6642278)
[0149.858] RtlMoveMemory (in: Destination=0x66422f8, Source=0x6635798, Length=0x80 | out: Destination=0x66422f8)
[0149.858] RtlMoveMemory (in: Destination=0x6642378, Source=0x6635718, Length=0x80 | out: Destination=0x6642378)
[0149.859] RtlMoveMemory (in: Destination=0x66423f8, Source=0x6635698, Length=0x80 | out: Destination=0x66423f8)
[0149.859] RtlMoveMemory (in: Destination=0x6642478, Source=0x6635618, Length=0x80 | out: Destination=0x6642478)
[0149.859] RtlMoveMemory (in: Destination=0x66424f8, Source=0x6635598, Length=0x80 | out: Destination=0x66424f8)
[0149.859] RtlMoveMemory (in: Destination=0x6642578, Source=0x6635518, Length=0x80 | out: Destination=0x6642578)
[0149.859] RtlMoveMemory (in: Destination=0x66425f8, Source=0x6635498, Length=0x80 | out: Destination=0x66425f8)
[0149.859] RtlMoveMemory (in: Destination=0x6642678, Source=0x6635418, Length=0x80 | out: Destination=0x6642678)
[0149.859] RtlMoveMemory (in: Destination=0x66426f8, Source=0x6635398, Length=0x80 | out: Destination=0x66426f8)
[0149.859] RtlMoveMemory (in: Destination=0x6642778, Source=0x6635318, Length=0x80 | out: Destination=0x6642778)
[0149.859] RtlMoveMemory (in: Destination=0x66427f8, Source=0x6635298, Length=0x80 | out: Destination=0x66427f8)
[0149.859] RtlMoveMemory (in: Destination=0x6642878, Source=0x6635218, Length=0x80 | out: Destination=0x6642878)
[0149.859] RtlMoveMemory (in: Destination=0x66428f8, Source=0x6635198, Length=0x80 | out: Destination=0x66428f8)
[0149.859] RtlMoveMemory (in: Destination=0x6642978, Source=0x6635118, Length=0x80 | out: Destination=0x6642978)
[0149.859] RtlMoveMemory (in: Destination=0x66429f8, Source=0x6635098, Length=0x80 | out: Destination=0x66429f8)
[0149.859] RtlMoveMemory (in: Destination=0x6642a78, Source=0x6635018, Length=0x80 | out: Destination=0x6642a78)
[0149.859] RtlMoveMemory (in: Destination=0x6642af8, Source=0x6634f98, Length=0x80 | out: Destination=0x6642af8)
[0149.859] RtlMoveMemory (in: Destination=0x6642b78, Source=0x6634f18, Length=0x80 | out: Destination=0x6642b78)
[0149.859] RtlMoveMemory (in: Destination=0x6642bf8, Source=0x6634e98, Length=0x80 | out: Destination=0x6642bf8)
[0149.859] RtlMoveMemory (in: Destination=0x6642c78, Source=0x6634e18, Length=0x80 | out: Destination=0x6642c78)
[0149.859] GdipBitmapUnlockBits (bitmap=0x663e1f8, lockedBitmapData=0x2dbb594) returned 0x0
[0149.859] GdipBitmapUnlockBits (bitmap=0x6635e20, lockedBitmapData=0x2dbb5cc) returned 0x0
[0149.859] GdipDisposeImage (image=0x663e1f8) returned 0x0
[0149.859] DeleteObject (ho=0x440507d3) returned 1
[0149.860] DeleteObject (ho=0x2e050781) returned 1
[0149.860] GetCurrentThreadId () returned 0xf50
[0149.860] GetCurrentThreadId () returned 0xf50
[0149.860] SetWindowPos (hWnd=0x5013e, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0149.860] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0149.860] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0149.860] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0149.860] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0149.860] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0149.861] GetWindowRect (in: hWnd=0x5013e, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0149.861] GetParent (hWnd=0x5013e) returned 0x302dc
[0149.861] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0149.861] InvalidateRect (hWnd=0x5013e, lpRect=0x0, bErase=1) returned 1
[0149.861] GetWindowTextLengthW (hWnd=0x5013e) returned 0
[0149.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0149.861] GetSystemMetrics (nIndex=42) returned 0
[0149.861] GetWindowTextW (in: hWnd=0x5013e, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0149.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0149.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0149.861] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0149.861] GetWindowRect (in: hWnd=0x5013e, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0149.861] GetParent (hWnd=0x5013e) returned 0x302dc
[0149.861] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x302dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0149.861] GetWindowTextLengthW (hWnd=0x5013e) returned 0
[0149.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0149.861] GetSystemMetrics (nIndex=42) returned 0
[0149.861] GetWindowTextW (in: hWnd=0x5013e, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0149.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0149.861] GetWindowTextLengthW (hWnd=0x5013e) returned 0
[0149.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0149.861] GetSystemMetrics (nIndex=42) returned 0
[0149.862] GetWindowTextW (in: hWnd=0x5013e, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0149.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0149.862] SetWindowTextW (hWnd=0x5013e, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0149.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xc, wParam=0x0, lParam=0x2d9c428) returned 0x1
[0149.862] InvalidateRect (hWnd=0x5013e, lpRect=0x0, bErase=1) returned 1
[0149.862] GetCurrentThreadId () returned 0xf50
[0149.862] GetWindowThreadProcessId (in: hWnd=0x5013e, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0149.862] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0149.863] GdipImageForceValidation (image=0x663e1f8) returned 0x0
[0149.864] GdipGetImageRawFormat (image=0x663e1f8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0149.865] GdipGetImageHeight (image=0x663e1f8, height=0xd7e824) returned 0x0
[0149.865] GdipGetImageWidth (image=0x663e1f8, width=0xd7e824) returned 0x0
[0149.865] GdipGetImageWidth (image=0x663e1f8, width=0xd7e810) returned 0x0
[0149.865] GdipGetImageHeight (image=0x663e1f8, height=0xd7e810) returned 0x0
[0149.865] GdipGetImageWidth (image=0x663e1f8, width=0xd7e800) returned 0x0
[0149.865] GdipGetImageHeight (image=0x663e1f8, height=0xd7e800) returned 0x0
[0149.865] GdipBitmapGetPixel (bitmap=0x663e1f8, x=0, y=15, color=0xd7e810) returned 0x0
[0149.865] GdipGetImageRawFormat (image=0x663e1f8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0149.865] GdipGetImageWidth (image=0x663e1f8, width=0xd7e740) returned 0x0
[0149.865] GdipGetImageHeight (image=0x663e1f8, height=0xd7e740) returned 0x0
[0149.865] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0149.865] GdipGetImagePixelFormat (image=0x6642d00, format=0xd7e740) returned 0x0
[0149.865] GdipGetImageGraphicsContext (image=0x6642d00, graphics=0xd7e74c) returned 0x0
[0149.865] GdipGraphicsClear (graphics=0x663b7d8, color=0xffffff) returned 0x0
[0149.865] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0149.865] GdipSetImageAttributesColorKeys (imageattr=0x66002f0, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0149.865] GdipDrawImageRectRectI (graphics=0x663b7d8, image=0x663e1f8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x66002f0, callback=0x0, callbackData=0x0) returned 0x0
[0149.865] GdipDisposeImageAttributes (imageattr=0x66002f0) returned 0x0
[0149.866] GdipDeleteGraphics (graphics=0x663b7d8) returned 0x0
[0149.866] GdipDisposeImage (image=0x663e1f8) returned 0x0
[0149.866] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0149.867] GdipImageForceValidation (image=0x663e1f8) returned 0x0
[0149.868] GdipGetImageRawFormat (image=0x663e1f8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0149.868] GdipGetImageHeight (image=0x663e1f8, height=0xd7e824) returned 0x0
[0149.868] GdipGetImageWidth (image=0x663e1f8, width=0xd7e824) returned 0x0
[0149.868] GdipGetImageWidth (image=0x663e1f8, width=0xd7e810) returned 0x0
[0149.868] GdipGetImageHeight (image=0x663e1f8, height=0xd7e810) returned 0x0
[0149.868] GdipGetImageWidth (image=0x663e1f8, width=0xd7e800) returned 0x0
[0149.868] GdipGetImageHeight (image=0x663e1f8, height=0xd7e800) returned 0x0
[0149.868] GdipBitmapGetPixel (bitmap=0x663e1f8, x=0, y=15, color=0xd7e810) returned 0x0
[0149.868] GdipGetImageRawFormat (image=0x663e1f8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0149.868] GdipGetImageWidth (image=0x663e1f8, width=0xd7e740) returned 0x0
[0149.868] GdipGetImageHeight (image=0x663e1f8, height=0xd7e740) returned 0x0
[0149.869] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0149.869] GdipGetImagePixelFormat (image=0x663b7d8, format=0xd7e740) returned 0x0
[0149.869] GdipGetImageGraphicsContext (image=0x663b7d8, graphics=0xd7e74c) returned 0x0
[0149.869] GdipGraphicsClear (graphics=0x6643af8, color=0xffffff) returned 0x0
[0149.869] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0149.869] GdipSetImageAttributesColorKeys (imageattr=0x65ffc88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0149.869] GdipDrawImageRectRectI (graphics=0x6643af8, image=0x663e1f8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x65ffc88, callback=0x0, callbackData=0x0) returned 0x0
[0149.870] GdipDisposeImageAttributes (imageattr=0x65ffc88) returned 0x0
[0149.870] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0149.870] GdipDisposeImage (image=0x663e1f8) returned 0x0
[0149.870] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.870] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0149.870] GetCurrentThreadId () returned 0xf50
[0149.870] GetCurrentThreadId () returned 0xf50
[0149.870] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.871] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0149.871] GetCurrentThreadId () returned 0xf50
[0149.871] GetCurrentThreadId () returned 0xf50
[0149.871] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.871] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0149.871] GetCurrentThreadId () returned 0xf50
[0149.871] GetCurrentThreadId () returned 0xf50
[0149.871] GetSystemMetrics (nIndex=5) returned 1
[0149.871] GetSystemMetrics (nIndex=6) returned 1
[0149.871] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.871] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0149.871] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.872] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0149.872] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.872] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0149.872] GetCurrentThreadId () returned 0xf50
[0149.872] GetCurrentThreadId () returned 0xf50
[0149.872] GetProcessWindowStation () returned 0x13c
[0149.873] GetCapture () returned 0x0
[0149.873] GetActiveWindow () returned 0x7005c
[0149.873] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0149.873] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.873] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0149.873] GetCursorPos (in: lpPoint=0x2dbc70c | out: lpPoint=0x2dbc70c*(x=252, y=624)) returned 1
[0149.873] MonitorFromPoint (pt=0xfc, dwFlags=0x270) returned 0x10001
[0149.873] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0149.873] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2f010781
[0149.874] GetDeviceCaps (hdc=0x2f010781, index=12) returned 32
[0149.874] GetDeviceCaps (hdc=0x2f010781, index=14) returned 1
[0149.874] DeleteDC (hdc=0x2f010781) returned 1
[0149.874] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0149.874] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.874] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02ca
[0149.874] SetWindowLongW (hWnd=0xa02ca, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0149.875] GetWindowLongW (hWnd=0xa02ca, nIndex=-4) returned 1950089536
[0149.875] SetWindowLongW (hWnd=0xa02ca, nIndex=-4, dwNewLong=19939166) returned 1950089536
[0149.875] GetWindowLongW (hWnd=0xa02ca, nIndex=-4) returned 19939166
[0149.875] GetWindowLongW (hWnd=0xa02ca, nIndex=-16) returned 113770496
[0149.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0149.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0149.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0149.877] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0149.877] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0149.877] SetWindowTextW (hWnd=0xa02ca, lpString="BB ransomware") returned 1
[0149.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xc, wParam=0x0, lParam=0x2dbaea8) returned 0x1
[0149.877] GetStartupInfoW (in: lpStartupInfo=0x2dbca48 | out: lpStartupInfo=0x2dbca48*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0149.879] GetParent (hWnd=0xa02ca) returned 0x0
[0149.879] SetWindowLongW (hWnd=0xa02ca, nIndex=-8, dwNewLong=0) returned 0
[0149.880] SendMessageW (hWnd=0xa02ca, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0149.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0149.880] SendMessageW (hWnd=0xa02ca, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0149.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0149.880] GetSystemMenu (hWnd=0xa02ca, bRevert=0) returned 0x1700df
[0149.881] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0149.881] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0149.881] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0149.881] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0149.881] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0149.881] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0149.881] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0149.881] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0149.881] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0149.881] SetWindowPos (hWnd=0xa02ca, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0149.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0149.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0xa02ca) returned 0x1
[0149.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0149.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0149.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0149.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0149.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0149.893] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0xa02ca, lParam=0x0) returned 0x0
[0149.893] GetCapture () returned 0x0
[0149.893] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0149.894] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0149.895] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0149.897] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0149.897] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0149.897] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0149.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0149.898] GetParent (hWnd=0xa02ca) returned 0x0
[0149.898] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0149.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0149.900] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0149.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0149.901] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0149.901] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0149.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0149.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0149.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0149.903] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.912] GetWindowLongW (hWnd=0xa02ca, nIndex=-16) returned 113770496
[0149.912] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0149.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.912] GetSystemMetrics (nIndex=42) returned 0
[0149.912] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0149.913] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0149.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.913] GetSystemMetrics (nIndex=42) returned 0
[0149.913] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0149.913] GetCursorPos (in: lpPoint=0x2dbcc84 | out: lpPoint=0x2dbcc84*(x=252, y=624)) returned 1
[0149.913] MonitorFromPoint (pt=0xfd, dwFlags=0x271) returned 0x10001
[0149.913] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0149.913] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb001067c
[0149.913] GetDeviceCaps (hdc=0xb001067c, index=12) returned 32
[0149.913] GetDeviceCaps (hdc=0xb001067c, index=14) returned 1
[0149.913] DeleteDC (hdc=0xb001067c) returned 1
[0149.914] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0149.914] GetWindowLongW (hWnd=0xa02ca, nIndex=-16) returned 113770496
[0149.914] GetWindowLongW (hWnd=0xa02ca, nIndex=-20) returned 327945
[0149.914] SetWindowLongW (hWnd=0xa02ca, nIndex=-16, dwNewLong=46661632) returned 113770496
[0149.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0149.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0149.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0149.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0149.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0149.916] SetWindowLongW (hWnd=0xa02ca, nIndex=-20, dwNewLong=327681) returned 327945
[0149.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0149.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0149.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0149.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0149.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0149.919] SetWindowPos (hWnd=0xa02ca, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0149.919] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0149.919] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0149.920] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0149.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0149.920] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0149.920] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0149.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0149.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0149.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0149.922] RedrawWindow (hWnd=0xa02ca, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0149.923] GetSystemMenu (hWnd=0xa02ca, bRevert=0) returned 0x1700df
[0149.923] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0149.923] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0149.923] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0149.923] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0149.923] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0149.923] EnableMenuItem (hMenu=0x1700df, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0149.923] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0149.923] GetWindowLongW (hWnd=0xa02ca, nIndex=-8) returned 0
[0149.923] SetWindowLongW (hWnd=0xa02ca, nIndex=-8, dwNewLong=458844) returned 0
[0149.924] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0149.924] GetProcessWindowStation () returned 0x13c
[0149.924] GetCurrentThreadId () returned 0xf50
[0149.925] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1303f86, lParam=0x0) returned 1
[0149.925] IsWindowVisible (hWnd=0xa02ca) returned 0
[0149.925] IsWindowVisible (hWnd=0x7005c) returned 1
[0149.925] IsWindowEnabled (hWnd=0x7005c) returned 1
[0149.925] IsWindowVisible (hWnd=0x300ec) returned 0
[0149.925] IsWindowVisible (hWnd=0x502c6) returned 0
[0149.925] IsWindowVisible (hWnd=0x502be) returned 0
[0149.925] GetActiveWindow () returned 0xa02ca
[0149.925] GetFocus () returned 0xa02ca
[0149.925] IsWindow (hWnd=0x7005c) returned 1
[0149.925] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0149.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0149.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0149.926] GetWindowLongW (hWnd=0xa02ca, nIndex=-8) returned 458844
[0149.926] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0149.926] GetCurrentThreadId () returned 0xf50
[0149.926] GetWindowLongW (hWnd=0xa02ca, nIndex=-8) returned 458844
[0149.926] IsWindowEnabled (hWnd=0x7005c) returned 0
[0149.926] IsWindowEnabled (hWnd=0xa02ca) returned 1
[0149.926] ShowWindow (hWnd=0xa02ca, nCmdShow=5) returned 0
[0149.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.927] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0149.927] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.927] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.927] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0xa02ca, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x600ea
[0149.928] SetWindowLongW (hWnd=0x600ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0149.928] GetWindowLongW (hWnd=0x600ea, nIndex=-4) returned 1950089536
[0149.928] SetWindowLongW (hWnd=0x600ea, nIndex=-4, dwNewLong=19939246) returned 1950089536
[0149.928] GetWindowLongW (hWnd=0x600ea, nIndex=-4) returned 19939246
[0149.928] GetWindowLongW (hWnd=0x600ea, nIndex=-16) returned 1174405120
[0149.928] GetWindowLongW (hWnd=0x600ea, nIndex=-12) returned 0
[0149.928] SetWindowLongW (hWnd=0x600ea, nIndex=-12, dwNewLong=393450) returned 0
[0149.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0149.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0149.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0149.929] GetWindow (hWnd=0x600ea, uCmd=0x3) returned 0x0
[0149.929] GetClientRect (in: hWnd=0x600ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0149.929] GetWindowRect (in: hWnd=0x600ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0149.929] GetParent (hWnd=0x600ea) returned 0xa02ca
[0149.929] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0149.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0149.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0149.930] GetClientRect (in: hWnd=0x600ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0149.930] GetWindowRect (in: hWnd=0x600ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0149.930] GetParent (hWnd=0x600ea) returned 0xa02ca
[0149.930] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0149.931] SendMessageW (hWnd=0x600ea, Msg=0x2210, wParam=0xea0001, lParam=0x600ea) returned 0x0
[0149.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x2210, wParam=0xea0001, lParam=0x600ea) returned 0x0
[0149.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.931] GetParent (hWnd=0x600ea) returned 0xa02ca
[0149.931] GetParent (hWnd=0x5013e) returned 0x302dc
[0149.931] SetParent (hWndChild=0x5013e, hWndNewParent=0xa02ca) returned 0x302dc
[0149.931] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0149.932] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0149.932] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0149.933] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0149.933] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0149.933] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0149.933] GetWindowRect (in: hWnd=0x5013e, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0149.933] GetParent (hWnd=0x5013e) returned 0xa02ca
[0149.933] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0149.933] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0149.933] GetWindowRect (in: hWnd=0x5013e, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0149.933] GetParent (hWnd=0x5013e) returned 0xa02ca
[0149.933] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0149.933] GetParent (hWnd=0x5013e) returned 0xa02ca
[0149.933] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.934] GetWindow (hWnd=0x5013e, uCmd=0x3) returned 0x0
[0149.934] SetWindowPos (hWnd=0x5013e, hWndInsertAfter=0x600ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0149.934] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0149.935] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0149.936] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0149.936] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0149.936] GetWindowRect (in: hWnd=0x5013e, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0149.936] GetParent (hWnd=0x5013e) returned 0xa02ca
[0149.936] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0149.936] GetParent (hWnd=0x5013e) returned 0xa02ca
[0149.936] GetWindow (hWnd=0x5013e, uCmd=0x3) returned 0x600ea
[0149.936] GetWindowThreadProcessId (in: hWnd=0x5013e, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0149.936] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0149.937] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.937] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.937] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02ca, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x402d2
[0149.938] SetWindowLongW (hWnd=0x402d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0149.938] GetWindowLongW (hWnd=0x402d2, nIndex=-4) returned 1868032000
[0149.938] SetWindowLongW (hWnd=0x402d2, nIndex=-4, dwNewLong=19938326) returned 1868032000
[0149.938] GetWindowLongW (hWnd=0x402d2, nIndex=-4) returned 19938326
[0149.938] GetWindowLongW (hWnd=0x402d2, nIndex=-16) returned 1174470667
[0149.938] GetWindowLongW (hWnd=0x402d2, nIndex=-12) returned 0
[0149.938] SetWindowLongW (hWnd=0x402d2, nIndex=-12, dwNewLong=262866) returned 0
[0149.938] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0149.939] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0149.939] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0149.940] SendMessageW (hWnd=0x402d2, Msg=0x2055, wParam=0x402d2, lParam=0x3) returned 0x2
[0149.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0149.940] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0149.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0149.941] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0149.941] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0149.941] RedrawWindow (hWnd=0x600ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0149.941] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0149.942] RedrawWindow (hWnd=0x5013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0149.942] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0149.942] RedrawWindow (hWnd=0x402d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0149.942] RedrawWindow (hWnd=0xa02ca, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0149.942] GetWindow (hWnd=0x402d2, uCmd=0x3) returned 0x5013e
[0149.942] GetClientRect (in: hWnd=0x402d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0149.942] GetWindowRect (in: hWnd=0x402d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0149.942] GetParent (hWnd=0x402d2) returned 0xa02ca
[0149.942] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0149.942] SetWindowTextW (hWnd=0x402d2, lpString="&Details") returned 1
[0149.942] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0xc, wParam=0x0, lParam=0x2d209b4) returned 0x1
[0149.943] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0149.943] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0149.943] GetClientRect (in: hWnd=0x402d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0149.943] GetWindowRect (in: hWnd=0x402d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0149.943] GetParent (hWnd=0x402d2) returned 0xa02ca
[0149.943] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0149.943] SendMessageW (hWnd=0x402d2, Msg=0x2210, wParam=0x2d20001, lParam=0x402d2) returned 0x0
[0149.943] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x2210, wParam=0x2d20001, lParam=0x402d2) returned 0x0
[0149.943] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.944] GetParent (hWnd=0x402d2) returned 0xa02ca
[0149.944] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0149.944] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.945] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.945] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02ca, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x302de
[0149.945] SetWindowLongW (hWnd=0x302de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0149.945] GetWindowLongW (hWnd=0x302de, nIndex=-4) returned 1868032000
[0149.946] SetWindowLongW (hWnd=0x302de, nIndex=-4, dwNewLong=19938366) returned 1868032000
[0149.946] GetWindowLongW (hWnd=0x302de, nIndex=-4) returned 19938366
[0149.946] GetWindowLongW (hWnd=0x302de, nIndex=-16) returned 1174470667
[0149.946] GetWindowLongW (hWnd=0x302de, nIndex=-12) returned 0
[0149.946] SetWindowLongW (hWnd=0x302de, nIndex=-12, dwNewLong=197342) returned 0
[0149.946] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0149.947] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0149.947] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0149.948] SendMessageW (hWnd=0x302de, Msg=0x2055, wParam=0x302de, lParam=0x3) returned 0x2
[0149.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0149.948] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0149.948] GetWindow (hWnd=0x302de, uCmd=0x3) returned 0x402d2
[0149.948] GetClientRect (in: hWnd=0x302de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0149.948] GetWindowRect (in: hWnd=0x302de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0149.948] GetParent (hWnd=0x302de) returned 0xa02ca
[0149.948] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0149.948] SetWindowTextW (hWnd=0x302de, lpString="&Continue") returned 1
[0149.948] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0xc, wParam=0x0, lParam=0x2d208c8) returned 0x1
[0149.949] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0149.950] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0149.950] GetClientRect (in: hWnd=0x302de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0149.950] GetWindowRect (in: hWnd=0x302de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0149.950] GetParent (hWnd=0x302de) returned 0xa02ca
[0149.950] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0149.950] SendMessageW (hWnd=0x302de, Msg=0x2210, wParam=0x2de0001, lParam=0x302de) returned 0x0
[0149.950] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x2210, wParam=0x2de0001, lParam=0x302de) returned 0x0
[0149.950] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.951] GetParent (hWnd=0x302de) returned 0xa02ca
[0149.951] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0149.951] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.952] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.952] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02ca, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x302da
[0149.952] SetWindowLongW (hWnd=0x302da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0149.952] GetWindowLongW (hWnd=0x302da, nIndex=-4) returned 1868032000
[0149.953] SetWindowLongW (hWnd=0x302da, nIndex=-4, dwNewLong=19941030) returned 1868032000
[0149.953] GetWindowLongW (hWnd=0x302da, nIndex=-4) returned 19941030
[0149.953] GetWindowLongW (hWnd=0x302da, nIndex=-16) returned 1174470667
[0149.953] GetWindowLongW (hWnd=0x302da, nIndex=-12) returned 0
[0149.953] SetWindowLongW (hWnd=0x302da, nIndex=-12, dwNewLong=197338) returned 0
[0149.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0149.955] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0149.955] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0149.956] SendMessageW (hWnd=0x302da, Msg=0x2055, wParam=0x302da, lParam=0x3) returned 0x2
[0149.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0149.956] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0149.956] GetWindow (hWnd=0x302da, uCmd=0x3) returned 0x302de
[0149.956] GetClientRect (in: hWnd=0x302da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0149.956] GetWindowRect (in: hWnd=0x302da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0149.956] GetParent (hWnd=0x302da) returned 0xa02ca
[0149.956] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0149.956] SetWindowTextW (hWnd=0x302da, lpString="&Quit") returned 1
[0149.956] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0xc, wParam=0x0, lParam=0x2d2091c) returned 0x1
[0149.957] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0149.957] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0149.957] GetClientRect (in: hWnd=0x302da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0149.957] GetWindowRect (in: hWnd=0x302da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0149.957] GetParent (hWnd=0x302da) returned 0xa02ca
[0149.957] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0149.957] SendMessageW (hWnd=0x302da, Msg=0x2210, wParam=0x2da0001, lParam=0x302da) returned 0x0
[0149.958] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x2210, wParam=0x2da0001, lParam=0x302da) returned 0x0
[0149.958] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.958] GetParent (hWnd=0x302da) returned 0xa02ca
[0149.958] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0149.958] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0149.959] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0149.959] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0xa02ca, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x502d8
[0149.959] SetWindowLongW (hWnd=0x502d8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0149.960] GetWindowLongW (hWnd=0x502d8, nIndex=-4) returned 1868026976
[0149.960] SetWindowLongW (hWnd=0x502d8, nIndex=-4, dwNewLong=19940750) returned 1868026976
[0149.960] GetWindowLongW (hWnd=0x502d8, nIndex=-4) returned 19940750
[0149.960] GetWindowLongW (hWnd=0x502d8, nIndex=-16) returned 1177553092
[0149.960] GetWindowLongW (hWnd=0x502d8, nIndex=-12) returned 0
[0149.960] SetWindowLongW (hWnd=0x502d8, nIndex=-12, dwNewLong=328408) returned 0
[0149.960] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0149.961] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0149.962] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0149.988] GetWindow (hWnd=0x502d8, uCmd=0x3) returned 0x302da
[0149.988] GetClientRect (in: hWnd=0x502d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0149.988] GetWindowRect (in: hWnd=0x502d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0149.988] GetParent (hWnd=0x502d8) returned 0xa02ca
[0149.988] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0149.988] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0149.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0149.988] GetSystemMetrics (nIndex=42) returned 0
[0149.988] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0149.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0149.988] SendMessageW (hWnd=0x502d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0149.988] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0149.994] SetWindowTextW (hWnd=0x502d8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0149.994] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0xc, wParam=0x0, lParam=0x2db8890) returned 0x1
[0149.996] GetSystemMetrics (nIndex=5) returned 1
[0149.996] GetSystemMetrics (nIndex=6) returned 1
[0149.996] SendMessageW (hWnd=0x502d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0149.996] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0149.997] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0149.998] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0149.998] GetClientRect (in: hWnd=0x502d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0149.998] GetWindowRect (in: hWnd=0x502d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0149.998] GetParent (hWnd=0x502d8) returned 0xa02ca
[0149.998] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02ca, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0149.999] SendMessageW (hWnd=0x502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x502d8) returned 0x0
[0149.999] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x502d8) returned 0x0
[0149.999] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0149.999] GetParent (hWnd=0x502d8) returned 0xa02ca
[0149.999] GetWindowLongW (hWnd=0xa02ca, nIndex=-8) returned 458844
[0149.999] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0149.999] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0149.999] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb701067c
[0150.000] GetDeviceCaps (hdc=0xb701067c, index=12) returned 32
[0150.000] GetDeviceCaps (hdc=0xb701067c, index=14) returned 1
[0150.000] DeleteDC (hdc=0xb701067c) returned 1
[0150.000] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0150.000] GetWindowThreadProcessId (in: hWnd=0xa02ca, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0150.000] GetCurrentThreadId () returned 0xf50
[0150.001] PostMessageW (hWnd=0xa02ca, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0150.001] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.001] GetSystemMetrics (nIndex=42) returned 0
[0150.001] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0150.001] GdipImageGetFrameDimensionsCount (image=0x6635e20, count=0xd7e25c) returned 0x0
[0150.001] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f74a8
[0150.001] GdipImageGetFrameDimensionsList (image=0x6635e20, dimensionIDs=0x11f74a8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0150.001] LocalFree (hMem=0x11f74a8) returned 0x0
[0150.001] GdipImageGetFrameDimensionsCount (image=0x6642d00, count=0xd7e250) returned 0x0
[0150.001] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f76a0
[0150.001] GdipImageGetFrameDimensionsList (image=0x6642d00, dimensionIDs=0x11f76a0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0150.001] LocalFree (hMem=0x11f76a0) returned 0x0
[0150.002] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0150.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0150.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0150.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0150.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0150.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0150.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0150.020] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0150.020] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0150.020] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.020] GetSystemMetrics (nIndex=42) returned 0
[0150.020] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0150.020] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0150.020] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0150.020] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0150.020] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x40507c6
[0150.021] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0150.021] SaveDC (hdc=0x10105d6) returned 1
[0150.021] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0150.021] CreateSolidBrush (color=0xf0f0f0) returned 0x321007e1
[0150.021] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x321007e1) returned 1
[0150.021] DeleteObject (ho=0x321007e1) returned 1
[0150.021] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0150.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0150.022] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0150.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0150.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0150.022] GetStockObject (i=5) returned 0x900015
[0150.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0150.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0150.023] GetStockObject (i=5) returned 0x900015
[0150.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0150.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0150.023] GetStockObject (i=5) returned 0x900015
[0150.023] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0150.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0150.024] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0150.024] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0150.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0150.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0150.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0150.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0150.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0150.026] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0150.026] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0150.026] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.026] InvalidateRect (hWnd=0x402d2, lpRect=0x0, bErase=0) returned 1
[0150.026] GetFocus () returned 0xa02ca
[0150.026] GetFocus () returned 0xa02ca
[0150.026] SetFocus (hWnd=0x402d2) returned 0xa02ca
[0150.027] GetFocus () returned 0x402d2
[0150.027] IsChild (hWndParent=0xa02ca, hWnd=0x402d2) returned 1
[0150.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x8, wParam=0x402d2, lParam=0x0) returned 0x0
[0150.029] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0150.030] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0150.032] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0150.032] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x7, wParam=0xa02ca, lParam=0x0) returned 0x0
[0150.032] GetStockObject (i=5) returned 0x900015
[0150.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0150.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0xd, wParam=0x9, lParam=0x11f55a0) returned 0x8
[0150.033] GetDlgItem (hDlg=0xa02ca, nIDDlgItem=262866) returned 0x402d2
[0150.033] SendMessageW (hWnd=0x402d2, Msg=0x202b, wParam=0x402d2, lParam=0xd7e0dc) returned 0x0
[0150.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x202b, wParam=0x402d2, lParam=0xd7e0dc) returned 0x0
[0150.033] InvalidateRect (hWnd=0x402d2, lpRect=0x0, bErase=0) returned 1
[0150.035] GetFocus () returned 0x402d2
[0150.035] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.035] IsWindowUnicode (hWnd=0xa02ca) returned 1
[0150.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0150.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.036] IsWindowUnicode (hWnd=0xa02ca) returned 1
[0150.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.037] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0150.037] IsWindowUnicode (hWnd=0xa02ca) returned 1
[0150.037] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.037] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.037] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.037] IsWindowUnicode (hWnd=0x602c4) returned 1
[0150.037] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.037] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.037] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.037] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0150.037] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0150.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.038] IsWindowUnicode (hWnd=0xa02ca) returned 1
[0150.038] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.038] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.038] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.039] BeginPaint (in: hWnd=0xa02ca, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0150.039] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.039] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.040] GetSystemMetrics (nIndex=42) returned 0
[0150.040] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0150.040] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.040] EndPaint (hWnd=0xa02ca, lpPaint=0xd7e274) returned 1
[0150.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.040] IsWindowUnicode (hWnd=0x600ea) returned 1
[0150.040] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.040] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.040] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.040] BeginPaint (in: hWnd=0x600ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0150.041] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.041] CreateCompatibleDC (hdc=0xc0107c5) returned 0x810107fb
[0150.041] SelectObject (hdc=0x810107fb, h=0x4a0507fe) returned 0x85000f
[0150.041] GdipCreateFromHDC (hdc=0x810107fb, graphics=0xd7e2b0) returned 0x0
[0150.041] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.041] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0150.041] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0150.041] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.041] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e310) returned 0x0
[0150.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.041] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0150.041] LocalFree (hMem=0x11ee788) returned 0x0
[0150.041] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.042] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0150.042] GdipGetClip (graphics=0x6643af8, region=0x6600030) returned 0x0
[0150.042] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7e304) returned 0x0
[0150.042] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e330) returned 0x0
[0150.042] GetWindowTextLengthW (hWnd=0x600ea) returned 0
[0150.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0150.042] GetSystemMetrics (nIndex=42) returned 0
[0150.042] GetWindowTextW (in: hWnd=0x600ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0150.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0150.042] GetClientRect (in: hWnd=0x600ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0150.042] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0150.042] GdipGetClip (graphics=0x6643af8, region=0x6600220) returned 0x0
[0150.042] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0150.042] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.042] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e164) returned 0x0
[0150.042] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.042] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.042] LocalFree (hMem=0x11ee788) returned 0x0
[0150.042] GdipCombineRegionRegion (region=0x6600220, region2=0x6600030, combineMode=0x1) returned 0x0
[0150.042] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.043] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0150.043] LocalFree (hMem=0x11eea28) returned 0x0
[0150.043] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.043] GdipIsInfiniteRegion (region=0x6600220, graphics=0x6643af8, result=0xd7e18c) returned 0x0
[0150.043] GdipIsInfiniteRegion (region=0x6600220, graphics=0x6643af8, result=0xd7e17c) returned 0x0
[0150.043] GdipGetRegionHRgn (region=0x6600220, graphics=0x6643af8, hRgn=0xd7e17c) returned 0x0
[0150.043] GdipDeleteRegion (region=0x6600220) returned 0x0
[0150.043] GdipGetDC (graphics=0x6643af8, hdc=0xd7e194) returned 0x0
[0150.043] GetCurrentObject (hdc=0x810107fb, type=0x1) returned 0xb00017
[0150.043] GetCurrentObject (hdc=0x810107fb, type=0x2) returned 0x900010
[0150.043] GetCurrentObject (hdc=0x810107fb, type=0x7) returned 0x4a0507fe
[0150.043] GetCurrentObject (hdc=0x810107fb, type=0x6) returned 0x8a01c2
[0150.043] SaveDC (hdc=0x810107fb) returned 1
[0150.043] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0150.043] GetClipRgn (hdc=0x810107fb, hrgn=0x55040807) returned 0
[0150.044] SelectClipRgn (hdc=0x810107fb, hrgn=0xd20407de) returned 2
[0150.044] DeleteObject (ho=0x55040807) returned 1
[0150.052] DeleteObject (ho=0xd20407de) returned 1
[0150.052] OffsetViewportOrgEx (in: hdc=0x810107fb, x=0, y=0, lppt=0x2dbe3f0 | out: lppt=0x2dbe3f0) returned 1
[0150.052] GetNearestColor (hdc=0x810107fb, color=0xf0f0f0) returned 0xf0f0f0
[0150.052] CreateSolidBrush (color=0xf0f0f0) returned 0x331007e1
[0150.052] FillRect (hDC=0x810107fb, lprc=0xd7e198, hbr=0x331007e1) returned 1
[0150.052] DeleteObject (ho=0x331007e1) returned 1
[0150.052] RestoreDC (hdc=0x810107fb, nSavedDC=-1) returned 1
[0150.052] GdipReleaseDC (graphics=0x6643af8, hdc=0x810107fb) returned 0x0
[0150.052] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd460dbd) returned 0x0
[0150.052] GdipDeleteRegion (region=0x6600030) returned 0x0
[0150.053] GetWindowTextLengthW (hWnd=0x600ea) returned 0
[0150.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0150.053] GetSystemMetrics (nIndex=42) returned 0
[0150.053] GetWindowTextW (in: hWnd=0x600ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0150.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0150.053] GdipGetImageWidth (image=0x6635e20, width=0xd7e1e0) returned 0x0
[0150.053] GdipGetImageHeight (image=0x6635e20, height=0xd7e1e0) returned 0x0
[0150.053] GdipGetImageWidth (image=0x6635e20, width=0xd7e1cc) returned 0x0
[0150.053] GdipGetImageHeight (image=0x6635e20, height=0xd7e1cc) returned 0x0
[0150.053] GdipDrawImageRectI (graphics=0x6643af8, image=0x6635e20, x=16, y=16, width=32, height=32) returned 0x0
[0150.054] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2f0) returned 0x0
[0150.054] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0x810107fb, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.054] GdipReleaseDC (graphics=0x6643af8, hdc=0x810107fb) returned 0x0
[0150.054] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.054] SelectObject (hdc=0x810107fb, h=0x85000f) returned 0x4a0507fe
[0150.054] DeleteDC (hdc=0x810107fb) returned 1
[0150.054] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.054] EndPaint (hWnd=0x600ea, lpPaint=0xd7e294) returned 1
[0150.055] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.055] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.055] IsWindowUnicode (hWnd=0x302de) returned 1
[0150.055] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.055] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.055] SetCursor (hCursor=0x10003) returned 0x10003
[0150.055] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.055] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.056] _TrackMouseEvent (in: lpEventTrack=0x2dbe4bc | out: lpEventTrack=0x2dbe4bc) returned 1
[0150.057] SendMessageW (hWnd=0x302de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0150.057] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0150.057] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.057] GetKeyState (nVirtKey=1) returned 0
[0150.057] GetKeyState (nVirtKey=2) returned 0
[0150.057] GetKeyState (nVirtKey=4) returned 0
[0150.057] GetKeyState (nVirtKey=5) returned 0
[0150.057] GetKeyState (nVirtKey=6) returned 0
[0150.057] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.057] IsWindowUnicode (hWnd=0x5013e) returned 1
[0150.057] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.057] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.057] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.058] BeginPaint (in: hWnd=0x5013e, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0150.058] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.058] CreateCompatibleDC (hdc=0x10105d6) returned 0x830107fb
[0150.058] GetObjectType (h=0x10105d6) returned 0x3
[0150.058] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffffa70507e6
[0150.058] GetDIBits (in: hdc=0x10105d6, hbm=0xa70507e6, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0150.058] GetDIBits (in: hdc=0x10105d6, hbm=0xa70507e6, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0150.058] DeleteObject (ho=0xa70507e6) returned 1
[0150.059] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x3d0507ec
[0150.059] SelectObject (hdc=0x830107fb, h=0x3d0507ec) returned 0x85000f
[0150.059] GdipCreateFromHDC (hdc=0x830107fb, graphics=0xd7e234) returned 0x0
[0150.059] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.059] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0150.063] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0150.063] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.063] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e2d4) returned 0x0
[0150.064] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.064] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0150.064] LocalFree (hMem=0x11ee788) returned 0x0
[0150.064] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.064] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0150.064] GdipGetClip (graphics=0x6643af8, region=0x6600030) returned 0x0
[0150.064] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7e2c8) returned 0x0
[0150.064] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2f4) returned 0x0
[0150.064] GetWindowTextLengthW (hWnd=0x5013e) returned 232
[0150.064] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0150.064] GetSystemMetrics (nIndex=42) returned 0
[0150.064] GetWindowTextW (in: hWnd=0x5013e, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0150.064] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0150.064] GetClientRect (in: hWnd=0x5013e, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0150.064] GdipCreateRegion (region=0xd7e110) returned 0x0
[0150.064] GdipGetClip (graphics=0x6643af8, region=0x6600220) returned 0x0
[0150.065] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0150.065] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.065] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e128) returned 0x0
[0150.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.065] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.065] LocalFree (hMem=0x11ee788) returned 0x0
[0150.065] GdipCombineRegionRegion (region=0x6600220, region2=0x6600030, combineMode=0x1) returned 0x0
[0150.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.065] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0150.065] LocalFree (hMem=0x11eea28) returned 0x0
[0150.065] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.065] GdipIsInfiniteRegion (region=0x6600220, graphics=0x6643af8, result=0xd7e150) returned 0x0
[0150.065] GdipIsInfiniteRegion (region=0x6600220, graphics=0x6643af8, result=0xd7e140) returned 0x0
[0150.065] GdipGetRegionHRgn (region=0x6600220, graphics=0x6643af8, hRgn=0xd7e140) returned 0x0
[0150.065] GdipDeleteRegion (region=0x6600220) returned 0x0
[0150.065] GdipGetDC (graphics=0x6643af8, hdc=0xd7e158) returned 0x0
[0150.065] GetCurrentObject (hdc=0x830107fb, type=0x1) returned 0xb00017
[0150.066] GetCurrentObject (hdc=0x830107fb, type=0x2) returned 0x900010
[0150.066] GetCurrentObject (hdc=0x830107fb, type=0x7) returned 0x3d0507ec
[0150.066] GetCurrentObject (hdc=0x830107fb, type=0x6) returned 0x8a01c2
[0150.066] SaveDC (hdc=0x830107fb) returned 1
[0150.066] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd30407de
[0150.066] GetClipRgn (hdc=0x830107fb, hrgn=0xd30407de) returned 0
[0150.066] SelectClipRgn (hdc=0x830107fb, hrgn=0x56040807) returned 2
[0150.066] DeleteObject (ho=0xd30407de) returned 1
[0150.066] DeleteObject (ho=0x56040807) returned 1
[0150.066] OffsetViewportOrgEx (in: hdc=0x830107fb, x=0, y=0, lppt=0x2dbfe10 | out: lppt=0x2dbfe10) returned 1
[0150.066] GetNearestColor (hdc=0x830107fb, color=0xf0f0f0) returned 0xf0f0f0
[0150.066] CreateSolidBrush (color=0xf0f0f0) returned 0x341007e1
[0150.066] FillRect (hDC=0x830107fb, lprc=0xd7e15c, hbr=0x341007e1) returned 1
[0150.068] DeleteObject (ho=0x341007e1) returned 1
[0150.068] RestoreDC (hdc=0x830107fb, nSavedDC=-1) returned 1
[0150.068] GdipReleaseDC (graphics=0x6643af8, hdc=0x830107fb) returned 0x0
[0150.068] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd440dbd) returned 0x0
[0150.068] GdipDeleteRegion (region=0x6600030) returned 0x0
[0150.068] GetWindowTextLengthW (hWnd=0x5013e) returned 232
[0150.068] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0150.068] GetSystemMetrics (nIndex=42) returned 0
[0150.068] GetWindowTextW (in: hWnd=0x5013e, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0150.068] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0150.069] GdipGetDC (graphics=0x6643af8, hdc=0xd7e178) returned 0x0
[0150.069] GetCurrentObject (hdc=0x830107fb, type=0x1) returned 0xb00017
[0150.069] GetCurrentObject (hdc=0x830107fb, type=0x2) returned 0x900010
[0150.069] GetCurrentObject (hdc=0x830107fb, type=0x7) returned 0x3d0507ec
[0150.069] GetCurrentObject (hdc=0x830107fb, type=0x6) returned 0x8a01c2
[0150.069] SaveDC (hdc=0x830107fb) returned 1
[0150.069] GetNearestColor (hdc=0x830107fb, color=0x0) returned 0x0
[0150.069] RestoreDC (hdc=0x830107fb, nSavedDC=-1) returned 1
[0150.069] GdipReleaseDC (graphics=0x6643af8, hdc=0x830107fb) returned 0x0
[0150.070] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0150.070] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0150.070] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2dc060c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0150.070] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e118) returned 0x0
[0150.070] GdipGetDC (graphics=0x6643af8, hdc=0xd7e104) returned 0x0
[0150.070] GetCurrentObject (hdc=0x830107fb, type=0x1) returned 0xb00017
[0150.070] GetCurrentObject (hdc=0x830107fb, type=0x2) returned 0x900010
[0150.070] GetCurrentObject (hdc=0x830107fb, type=0x7) returned 0x3d0507ec
[0150.070] GetCurrentObject (hdc=0x830107fb, type=0x6) returned 0x8a01c2
[0150.071] SaveDC (hdc=0x830107fb) returned 1
[0150.071] GetTextAlign (hdc=0x830107fb) returned 0x0
[0150.071] GetTextColor (hdc=0x830107fb) returned 0x0
[0150.071] GetCurrentObject (hdc=0x830107fb, type=0x6) returned 0x8a01c2
[0150.071] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0150.071] SelectObject (hdc=0x830107fb, h=0x6d0a0520) returned 0x8a01c2
[0150.071] GetBkMode (hdc=0x830107fb) returned 2
[0150.071] SetBkMode (hdc=0x830107fb, mode=1) returned 2
[0150.071] DrawTextExW (in: hdc=0x830107fb, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2dc0830 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0150.075] RestoreDC (hdc=0x830107fb, nSavedDC=-1) returned 1
[0150.075] GdipReleaseDC (graphics=0x6643af8, hdc=0x830107fb) returned 0x0
[0150.075] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2b4) returned 0x0
[0150.075] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0x830107fb, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.080] GdipReleaseDC (graphics=0x6643af8, hdc=0x830107fb) returned 0x0
[0150.080] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.080] SelectObject (hdc=0x830107fb, h=0x85000f) returned 0x3d0507ec
[0150.080] DeleteDC (hdc=0x830107fb) returned 1
[0150.081] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.081] DeleteObject (ho=0x3d0507ec) returned 1
[0150.081] EndPaint (hWnd=0x5013e, lpPaint=0xd7e258) returned 1
[0150.082] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.082] IsWindowUnicode (hWnd=0x402d2) returned 1
[0150.082] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.082] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.082] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.082] BeginPaint (in: hWnd=0x402d2, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0150.082] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.082] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa90107e6
[0150.082] SelectObject (hdc=0xa90107e6, h=0x4a0507fe) returned 0x85000f
[0150.082] GdipCreateFromHDC (hdc=0xa90107e6, graphics=0xd7e268) returned 0x0
[0150.082] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.083] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0150.083] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0150.083] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.083] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e2c8) returned 0x0
[0150.083] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0150.083] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eecc8) returned 0x0
[0150.083] LocalFree (hMem=0x11eecc8) returned 0x0
[0150.083] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.083] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0150.083] GdipGetClip (graphics=0x6643af8, region=0x6600030) returned 0x0
[0150.083] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7e2bc) returned 0x0
[0150.083] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2e8) returned 0x0
[0150.083] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd420dbd) returned 0x0
[0150.083] GdipDeleteRegion (region=0x6600030) returned 0x0
[0150.083] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0d4) returned 0x0
[0150.083] GetCurrentObject (hdc=0xa90107e6, type=0x1) returned 0xb00017
[0150.083] GetCurrentObject (hdc=0xa90107e6, type=0x2) returned 0x900010
[0150.084] GetCurrentObject (hdc=0xa90107e6, type=0x7) returned 0x4a0507fe
[0150.084] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.084] SaveDC (hdc=0xa90107e6) returned 1
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0xa0a0a0) returned 0xa0a0a0
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0x696969) returned 0x696969
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0xa0a0a0) returned 0xa0a0a0
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0x0) returned 0x0
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0xffffff) returned 0xffffff
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0xe5e5e5) returned 0xe5e5e5
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0xd7d7d7) returned 0xd7d7d7
[0150.084] GetNearestColor (hdc=0xa90107e6, color=0x0) returned 0x0
[0150.084] RestoreDC (hdc=0xa90107e6, nSavedDC=-1) returned 1
[0150.085] GdipReleaseDC (graphics=0x6643af8, hdc=0xa90107e6) returned 0x0
[0150.085] IsAppThemed () returned 0x1
[0150.085] GetThemeAppProperties () returned 0x3
[0150.085] GetThemeAppProperties () returned 0x3
[0150.085] GdipGetImageWidth (image=0x6642d00, width=0xd7e168) returned 0x0
[0150.085] GdipGetImageHeight (image=0x6642d00, height=0xd7e168) returned 0x0
[0150.085] IsAppThemed () returned 0x1
[0150.085] GetThemeAppProperties () returned 0x3
[0150.085] GetThemeAppProperties () returned 0x3
[0150.085] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2dc0f80 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0150.085] IsAppThemed () returned 0x1
[0150.085] GetThemeAppProperties () returned 0x3
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] IsAppThemed () returned 0x1
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] GetFocus () returned 0x402d2
[0150.086] IsAppThemed () returned 0x1
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] IsAppThemed () returned 0x1
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] IsThemePartDefined () returned 0x1
[0150.086] IsAppThemed () returned 0x1
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0150.086] IsAppThemed () returned 0x1
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] GetThemeAppProperties () returned 0x3
[0150.086] IsAppThemed () returned 0x1
[0150.086] GetThemeAppProperties () returned 0x3
[0150.087] GetThemeAppProperties () returned 0x3
[0150.087] IsThemePartDefined () returned 0x1
[0150.087] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0150.087] GdipGetClip (graphics=0x6643af8, region=0x6600030) returned 0x0
[0150.087] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0150.087] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.087] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0150.087] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.087] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0150.087] LocalFree (hMem=0x11eec58) returned 0x0
[0150.087] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.087] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.087] LocalFree (hMem=0x11ee788) returned 0x0
[0150.087] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.087] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7e018) returned 0x0
[0150.087] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7e008) returned 0x0
[0150.087] GdipGetRegionHRgn (region=0x6600030, graphics=0x6643af8, hRgn=0xd7e008) returned 0x0
[0150.087] GdipDeleteRegion (region=0x6600030) returned 0x0
[0150.088] GdipGetDC (graphics=0x6643af8, hdc=0xd7e020) returned 0x0
[0150.088] GetCurrentObject (hdc=0xa90107e6, type=0x1) returned 0xb00017
[0150.088] GetCurrentObject (hdc=0xa90107e6, type=0x2) returned 0x900010
[0150.088] GetCurrentObject (hdc=0xa90107e6, type=0x7) returned 0x4a0507fe
[0150.088] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.088] SaveDC (hdc=0xa90107e6) returned 1
[0150.088] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x57040807
[0150.088] GetClipRgn (hdc=0xa90107e6, hrgn=0x57040807) returned 0
[0150.088] SelectClipRgn (hdc=0xa90107e6, hrgn=0xd70407de) returned 2
[0150.088] DeleteObject (ho=0x57040807) returned 1
[0150.088] DeleteObject (ho=0xd70407de) returned 1
[0150.088] OffsetViewportOrgEx (in: hdc=0xa90107e6, x=0, y=0, lppt=0x2dc1630 | out: lppt=0x2dc1630) returned 1
[0150.088] DrawThemeParentBackground () returned 0x0
[0150.089] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0150.089] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0150.089] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.089] GetSystemMetrics (nIndex=42) returned 0
[0150.089] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0150.089] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0150.089] GetCurrentObject (hdc=0xa90107e6, type=0x1) returned 0xb00017
[0150.089] GetCurrentObject (hdc=0xa90107e6, type=0x2) returned 0x900010
[0150.089] GetCurrentObject (hdc=0xa90107e6, type=0x7) returned 0x4a0507fe
[0150.089] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.089] SaveDC (hdc=0xa90107e6) returned 2
[0150.089] GetNearestColor (hdc=0xa90107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.089] CreateSolidBrush (color=0xf0f0f0) returned 0x351007e1
[0150.089] FillRect (hDC=0xa90107e6, lprc=0xd7da38, hbr=0x351007e1) returned 1
[0150.090] DeleteObject (ho=0x351007e1) returned 1
[0150.090] RestoreDC (hdc=0xa90107e6, nSavedDC=-1) returned 1
[0150.090] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.090] GetSystemMetrics (nIndex=42) returned 0
[0150.090] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0150.090] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0150.090] GetCurrentObject (hdc=0xa90107e6, type=0x1) returned 0xb00017
[0150.090] GetCurrentObject (hdc=0xa90107e6, type=0x2) returned 0x900010
[0150.090] GetCurrentObject (hdc=0xa90107e6, type=0x7) returned 0x4a0507fe
[0150.090] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.090] SaveDC (hdc=0xa90107e6) returned 2
[0150.090] GetNearestColor (hdc=0xa90107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.104] CreateSolidBrush (color=0xf0f0f0) returned 0x361007e1
[0150.104] FillRect (hDC=0xa90107e6, lprc=0xd7d9d8, hbr=0x361007e1) returned 1
[0150.105] DeleteObject (ho=0x361007e1) returned 1
[0150.105] RestoreDC (hdc=0xa90107e6, nSavedDC=-1) returned 1
[0150.105] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.105] GetSystemMetrics (nIndex=42) returned 0
[0150.105] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0150.105] RestoreDC (hdc=0xa90107e6, nSavedDC=-1) returned 1
[0150.105] GdipReleaseDC (graphics=0x6643af8, hdc=0xa90107e6) returned 0x0
[0150.105] IsAppThemed () returned 0x1
[0150.105] GetThemeAppProperties () returned 0x3
[0150.105] GetThemeAppProperties () returned 0x3
[0150.105] IsAppThemed () returned 0x1
[0150.106] GetThemeAppProperties () returned 0x3
[0150.106] GetThemeAppProperties () returned 0x3
[0150.106] IsThemePartDefined () returned 0x1
[0150.106] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0150.106] GdipGetClip (graphics=0x6643af8, region=0x6600030) returned 0x0
[0150.106] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0150.106] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.106] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7df74) returned 0x0
[0150.106] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0150.106] LocalFree (hMem=0x11ee788) returned 0x0
[0150.106] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eea28) returned 0x0
[0150.106] LocalFree (hMem=0x11eea28) returned 0x0
[0150.106] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.106] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7df9c) returned 0x0
[0150.106] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7df8c) returned 0x0
[0150.111] GdipGetRegionHRgn (region=0x6600030, graphics=0x6643af8, hRgn=0xd7df8c) returned 0x0
[0150.112] GdipDeleteRegion (region=0x6600030) returned 0x0
[0150.112] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa4) returned 0x0
[0150.112] GetCurrentObject (hdc=0xa90107e6, type=0x1) returned 0xb00017
[0150.112] GetCurrentObject (hdc=0xa90107e6, type=0x2) returned 0x900010
[0150.112] GetCurrentObject (hdc=0xa90107e6, type=0x7) returned 0x4a0507fe
[0150.112] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.112] SaveDC (hdc=0xa90107e6) returned 1
[0150.112] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd80407de
[0150.112] GetClipRgn (hdc=0xa90107e6, hrgn=0xd80407de) returned 0
[0150.112] SelectClipRgn (hdc=0xa90107e6, hrgn=0x59040807) returned 2
[0150.112] DeleteObject (ho=0xd80407de) returned 1
[0150.112] DeleteObject (ho=0x59040807) returned 1
[0150.112] OffsetViewportOrgEx (in: hdc=0xa90107e6, x=0, y=0, lppt=0x2dc1edc | out: lppt=0x2dc1edc) returned 1
[0150.112] IsAppThemed () returned 0x1
[0150.113] GetThemeAppProperties () returned 0x3
[0150.113] GetThemeAppProperties () returned 0x3
[0150.113] DrawThemeBackground () returned 0x0
[0150.113] RestoreDC (hdc=0xa90107e6, nSavedDC=-1) returned 1
[0150.113] GdipReleaseDC (graphics=0x6643af8, hdc=0xa90107e6) returned 0x0
[0150.113] GdipCreateRegion (region=0xd7df60) returned 0x0
[0150.113] GdipGetClip (graphics=0x6643af8, region=0x6600030) returned 0x0
[0150.113] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0150.113] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.113] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0150.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.113] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.113] LocalFree (hMem=0x11ee788) returned 0x0
[0150.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.113] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0150.114] LocalFree (hMem=0x11eea28) returned 0x0
[0150.114] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.114] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7dfa0) returned 0x0
[0150.114] GdipIsInfiniteRegion (region=0x6600030, graphics=0x6643af8, result=0xd7df90) returned 0x0
[0150.114] GdipGetRegionHRgn (region=0x6600030, graphics=0x6643af8, hRgn=0xd7df90) returned 0x0
[0150.114] GdipDeleteRegion (region=0x6600030) returned 0x0
[0150.114] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa8) returned 0x0
[0150.114] GetCurrentObject (hdc=0xa90107e6, type=0x1) returned 0xb00017
[0150.114] GetCurrentObject (hdc=0xa90107e6, type=0x2) returned 0x900010
[0150.114] GetCurrentObject (hdc=0xa90107e6, type=0x7) returned 0x4a0507fe
[0150.114] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.114] SaveDC (hdc=0xa90107e6) returned 1
[0150.114] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a040807
[0150.114] GetClipRgn (hdc=0xa90107e6, hrgn=0x5a040807) returned 0
[0150.114] SelectClipRgn (hdc=0xa90107e6, hrgn=0xd90407de) returned 2
[0150.114] DeleteObject (ho=0x5a040807) returned 1
[0150.115] DeleteObject (ho=0xd90407de) returned 1
[0150.115] OffsetViewportOrgEx (in: hdc=0xa90107e6, x=0, y=0, lppt=0x2dc21b0 | out: lppt=0x2dc21b0) returned 1
[0150.115] IsAppThemed () returned 0x1
[0150.115] GetThemeAppProperties () returned 0x3
[0150.115] GetThemeAppProperties () returned 0x3
[0150.115] GetThemeBackgroundContentRect () returned 0x0
[0150.115] RestoreDC (hdc=0xa90107e6, nSavedDC=-1) returned 1
[0150.115] GdipReleaseDC (graphics=0x6643af8, hdc=0xa90107e6) returned 0x0
[0150.115] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0150.115] GdipGetClip (graphics=0x6643af8, region=0x6600030) returned 0x0
[0150.115] GdipCloneRegion (region=0x6600030, cloneRegion=0xd7e150) returned 0x0
[0150.115] GdipCombineRegionRectI (region=0x6600220, rect=0xd7e138, combineMode=0x1) returned 0x0
[0150.115] GdipCombineRegionRectI (region=0x6600220, rect=0xd7e138, combineMode=0x1) returned 0x0
[0150.115] GdipSetClipRegion (graphics=0x6643af8, region=0x6600220, combineMode=0x0) returned 0x0
[0150.115] GdipGetImageWidth (image=0x6642d00, width=0xd7e154) returned 0x0
[0150.115] GdipGetImageHeight (image=0x6642d00, height=0xd7e148) returned 0x0
[0150.115] GdipDrawImageRectI (graphics=0x6643af8, image=0x6642d00, x=4, y=4, width=16, height=16) returned 0x0
[0150.116] GdipSetClipRegion (graphics=0x6643af8, region=0x6600030, combineMode=0x0) returned 0x0
[0150.116] IsAppThemed () returned 0x1
[0150.116] GetThemeAppProperties () returned 0x3
[0150.116] GetThemeAppProperties () returned 0x3
[0150.116] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e0dc) returned 0x0
[0150.116] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0c8) returned 0x0
[0150.116] GetCurrentObject (hdc=0xa90107e6, type=0x1) returned 0xb00017
[0150.116] GetCurrentObject (hdc=0xa90107e6, type=0x2) returned 0x900010
[0150.116] GetCurrentObject (hdc=0xa90107e6, type=0x7) returned 0x4a0507fe
[0150.116] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.116] SaveDC (hdc=0xa90107e6) returned 1
[0150.116] GetTextAlign (hdc=0xa90107e6) returned 0x0
[0150.116] GetTextColor (hdc=0xa90107e6) returned 0x0
[0150.116] GetCurrentObject (hdc=0xa90107e6, type=0x6) returned 0x8a01c2
[0150.117] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0150.117] SelectObject (hdc=0xa90107e6, h=0x6d0a0520) returned 0x8a01c2
[0150.117] GetBkMode (hdc=0xa90107e6) returned 2
[0150.117] SetBkMode (hdc=0xa90107e6, mode=1) returned 2
[0150.117] DrawTextExW (in: hdc=0xa90107e6, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc2570 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0150.117] DrawTextExW (in: hdc=0xa90107e6, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc2570 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0150.118] RestoreDC (hdc=0xa90107e6, nSavedDC=-1) returned 1
[0150.118] GdipReleaseDC (graphics=0x6643af8, hdc=0xa90107e6) returned 0x0
[0150.118] GetFocus () returned 0x402d2
[0150.118] IsAppThemed () returned 0x1
[0150.118] GetThemeAppProperties () returned 0x3
[0150.118] GetThemeAppProperties () returned 0x3
[0150.118] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2a8) returned 0x0
[0150.118] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xa90107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.118] GdipReleaseDC (graphics=0x6643af8, hdc=0xa90107e6) returned 0x0
[0150.118] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.118] SelectObject (hdc=0xa90107e6, h=0x85000f) returned 0x4a0507fe
[0150.118] DeleteDC (hdc=0xa90107e6) returned 1
[0150.118] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.119] EndPaint (hWnd=0x402d2, lpPaint=0xd7e24c) returned 1
[0150.119] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.119] IsWindowUnicode (hWnd=0x302de) returned 1
[0150.119] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.119] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.119] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.119] BeginPaint (in: hWnd=0x302de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0150.119] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.119] CreateCompatibleDC (hdc=0x60100ce) returned 0xab0107e6
[0150.119] SelectObject (hdc=0xab0107e6, h=0x4a0507fe) returned 0x85000f
[0150.120] GdipCreateFromHDC (hdc=0xab0107e6, graphics=0xd7e268) returned 0x0
[0150.120] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.120] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0150.120] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0150.120] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.120] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e2c8) returned 0x0
[0150.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0150.120] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eecc8) returned 0x0
[0150.120] LocalFree (hMem=0x11eecc8) returned 0x0
[0150.120] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.120] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0150.120] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.120] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e2bc) returned 0x0
[0150.121] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2e8) returned 0x0
[0150.121] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd400dbd) returned 0x0
[0150.121] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.121] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0c8) returned 0x0
[0150.121] GetCurrentObject (hdc=0xab0107e6, type=0x1) returned 0xb00017
[0150.121] GetCurrentObject (hdc=0xab0107e6, type=0x2) returned 0x900010
[0150.121] GetCurrentObject (hdc=0xab0107e6, type=0x7) returned 0x4a0507fe
[0150.121] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.121] SaveDC (hdc=0xab0107e6) returned 1
[0150.121] GetNearestColor (hdc=0xab0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.121] GetNearestColor (hdc=0xab0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0150.121] GetNearestColor (hdc=0xab0107e6, color=0x696969) returned 0x696969
[0150.121] GetNearestColor (hdc=0xab0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0150.121] GetNearestColor (hdc=0xab0107e6, color=0x0) returned 0x0
[0150.121] GetNearestColor (hdc=0xab0107e6, color=0xffffff) returned 0xffffff
[0150.122] GetNearestColor (hdc=0xab0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0150.122] GetNearestColor (hdc=0xab0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0150.122] GetNearestColor (hdc=0xab0107e6, color=0x0) returned 0x0
[0150.124] RestoreDC (hdc=0xab0107e6, nSavedDC=-1) returned 1
[0150.124] GdipReleaseDC (graphics=0x6643af8, hdc=0xab0107e6) returned 0x0
[0150.124] IsAppThemed () returned 0x1
[0150.124] GetThemeAppProperties () returned 0x3
[0150.124] GetThemeAppProperties () returned 0x3
[0150.124] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0150.124] SendMessageW (hWnd=0xa02ca, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0150.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0150.124] IsAppThemed () returned 0x1
[0150.124] GetThemeAppProperties () returned 0x3
[0150.124] GetThemeAppProperties () returned 0x3
[0150.125] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2dc2d80 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0150.125] IsAppThemed () returned 0x1
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] IsAppThemed () returned 0x1
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] IsAppThemed () returned 0x1
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] IsAppThemed () returned 0x1
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] GetThemeAppProperties () returned 0x3
[0150.125] IsThemePartDefined () returned 0x1
[0150.125] IsAppThemed () returned 0x1
[0150.125] GetThemeAppProperties () returned 0x3
[0150.126] GetThemeAppProperties () returned 0x3
[0150.126] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0150.126] IsAppThemed () returned 0x1
[0150.126] GetThemeAppProperties () returned 0x3
[0150.126] GetThemeAppProperties () returned 0x3
[0150.126] IsAppThemed () returned 0x1
[0150.126] GetThemeAppProperties () returned 0x3
[0150.126] GetThemeAppProperties () returned 0x3
[0150.126] IsThemePartDefined () returned 0x1
[0150.126] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0150.126] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.126] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0150.126] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.126] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dfe4) returned 0x0
[0150.126] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0150.126] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea98) returned 0x0
[0150.126] LocalFree (hMem=0x11eea98) returned 0x0
[0150.126] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0150.126] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eed00) returned 0x0
[0150.126] LocalFree (hMem=0x11eed00) returned 0x0
[0150.127] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.127] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e00c) returned 0x0
[0150.127] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dffc) returned 0x0
[0150.127] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7dffc) returned 0x0
[0150.127] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.127] GdipGetDC (graphics=0x6643af8, hdc=0xd7e014) returned 0x0
[0150.127] GetCurrentObject (hdc=0xab0107e6, type=0x1) returned 0xb00017
[0150.127] GetCurrentObject (hdc=0xab0107e6, type=0x2) returned 0x900010
[0150.127] GetCurrentObject (hdc=0xab0107e6, type=0x7) returned 0x4a0507fe
[0150.127] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.127] SaveDC (hdc=0xab0107e6) returned 1
[0150.127] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xda0407de
[0150.127] GetClipRgn (hdc=0xab0107e6, hrgn=0xda0407de) returned 0
[0150.127] SelectClipRgn (hdc=0xab0107e6, hrgn=0x5e040807) returned 2
[0150.127] DeleteObject (ho=0xda0407de) returned 1
[0150.127] DeleteObject (ho=0x5e040807) returned 1
[0150.128] OffsetViewportOrgEx (in: hdc=0xab0107e6, x=0, y=0, lppt=0x2dc3430 | out: lppt=0x2dc3430) returned 1
[0150.128] DrawThemeParentBackground () returned 0x0
[0150.128] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0150.128] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0150.128] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.128] GetSystemMetrics (nIndex=42) returned 0
[0150.128] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0150.128] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0150.128] GetCurrentObject (hdc=0xab0107e6, type=0x1) returned 0xb00017
[0150.128] GetCurrentObject (hdc=0xab0107e6, type=0x2) returned 0x900010
[0150.128] GetCurrentObject (hdc=0xab0107e6, type=0x7) returned 0x4a0507fe
[0150.128] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.128] SaveDC (hdc=0xab0107e6) returned 2
[0150.129] GetNearestColor (hdc=0xab0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.129] CreateSolidBrush (color=0xf0f0f0) returned 0x371007e1
[0150.129] FillRect (hDC=0xab0107e6, lprc=0xd7da30, hbr=0x371007e1) returned 1
[0150.129] DeleteObject (ho=0x371007e1) returned 1
[0150.129] RestoreDC (hdc=0xab0107e6, nSavedDC=-1) returned 1
[0150.129] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.129] GetSystemMetrics (nIndex=42) returned 0
[0150.129] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0150.129] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0150.129] GetCurrentObject (hdc=0xab0107e6, type=0x1) returned 0xb00017
[0150.129] GetCurrentObject (hdc=0xab0107e6, type=0x2) returned 0x900010
[0150.129] GetCurrentObject (hdc=0xab0107e6, type=0x7) returned 0x4a0507fe
[0150.130] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.130] SaveDC (hdc=0xab0107e6) returned 2
[0150.130] GetNearestColor (hdc=0xab0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.130] CreateSolidBrush (color=0xf0f0f0) returned 0x381007e1
[0150.130] FillRect (hDC=0xab0107e6, lprc=0xd7d9d0, hbr=0x381007e1) returned 1
[0150.130] DeleteObject (ho=0x381007e1) returned 1
[0150.130] RestoreDC (hdc=0xab0107e6, nSavedDC=-1) returned 1
[0150.130] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.130] GetSystemMetrics (nIndex=42) returned 0
[0150.130] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0150.130] RestoreDC (hdc=0xab0107e6, nSavedDC=-1) returned 1
[0150.131] GdipReleaseDC (graphics=0x6643af8, hdc=0xab0107e6) returned 0x0
[0150.131] IsAppThemed () returned 0x1
[0150.131] GetThemeAppProperties () returned 0x3
[0150.131] GetThemeAppProperties () returned 0x3
[0150.131] IsAppThemed () returned 0x1
[0150.131] GetThemeAppProperties () returned 0x3
[0150.131] GetThemeAppProperties () returned 0x3
[0150.131] IsThemePartDefined () returned 0x1
[0150.131] GdipCreateRegion (region=0xd7df50) returned 0x0
[0150.131] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.131] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0150.131] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.131] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7df68) returned 0x0
[0150.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.131] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0150.131] LocalFree (hMem=0x11ee788) returned 0x0
[0150.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.132] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eea28) returned 0x0
[0150.132] LocalFree (hMem=0x11eea28) returned 0x0
[0150.132] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.132] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df90) returned 0x0
[0150.132] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df80) returned 0x0
[0150.132] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7df80) returned 0x0
[0150.132] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.132] GdipGetDC (graphics=0x6643af8, hdc=0xd7df98) returned 0x0
[0150.132] GetCurrentObject (hdc=0xab0107e6, type=0x1) returned 0xb00017
[0150.132] GetCurrentObject (hdc=0xab0107e6, type=0x2) returned 0x900010
[0150.132] GetCurrentObject (hdc=0xab0107e6, type=0x7) returned 0x4a0507fe
[0150.132] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.132] SaveDC (hdc=0xab0107e6) returned 1
[0150.132] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0150.132] GetClipRgn (hdc=0xab0107e6, hrgn=0x5f040807) returned 0
[0150.132] SelectClipRgn (hdc=0xab0107e6, hrgn=0xdc0407de) returned 2
[0150.133] DeleteObject (ho=0x5f040807) returned 1
[0150.133] DeleteObject (ho=0xdc0407de) returned 1
[0150.133] OffsetViewportOrgEx (in: hdc=0xab0107e6, x=0, y=0, lppt=0x2dc3cdc | out: lppt=0x2dc3cdc) returned 1
[0150.133] IsAppThemed () returned 0x1
[0150.133] GetThemeAppProperties () returned 0x3
[0150.133] GetThemeAppProperties () returned 0x3
[0150.133] DrawThemeBackground () returned 0x0
[0150.133] RestoreDC (hdc=0xab0107e6, nSavedDC=-1) returned 1
[0150.133] GdipReleaseDC (graphics=0x6643af8, hdc=0xab0107e6) returned 0x0
[0150.133] GdipCreateRegion (region=0xd7df54) returned 0x0
[0150.133] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.133] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0150.133] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.133] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df6c) returned 0x0
[0150.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.133] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.133] LocalFree (hMem=0x11ee788) returned 0x0
[0150.134] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.134] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0150.134] LocalFree (hMem=0x11eea28) returned 0x0
[0150.134] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.134] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df94) returned 0x0
[0150.134] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df84) returned 0x0
[0150.134] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7df84) returned 0x0
[0150.134] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.134] GdipGetDC (graphics=0x6643af8, hdc=0xd7df9c) returned 0x0
[0150.134] GetCurrentObject (hdc=0xab0107e6, type=0x1) returned 0xb00017
[0150.134] GetCurrentObject (hdc=0xab0107e6, type=0x2) returned 0x900010
[0150.134] GetCurrentObject (hdc=0xab0107e6, type=0x7) returned 0x4a0507fe
[0150.134] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.134] SaveDC (hdc=0xab0107e6) returned 1
[0150.134] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdd0407de
[0150.134] GetClipRgn (hdc=0xab0107e6, hrgn=0xdd0407de) returned 0
[0150.135] SelectClipRgn (hdc=0xab0107e6, hrgn=0x60040807) returned 2
[0150.135] DeleteObject (ho=0xdd0407de) returned 1
[0150.135] DeleteObject (ho=0x60040807) returned 1
[0150.135] OffsetViewportOrgEx (in: hdc=0xab0107e6, x=0, y=0, lppt=0x2dc3fb0 | out: lppt=0x2dc3fb0) returned 1
[0150.135] IsAppThemed () returned 0x1
[0150.135] GetThemeAppProperties () returned 0x3
[0150.135] GetThemeAppProperties () returned 0x3
[0150.135] GetThemeBackgroundContentRect () returned 0x0
[0150.135] RestoreDC (hdc=0xab0107e6, nSavedDC=-1) returned 1
[0150.135] GdipReleaseDC (graphics=0x6643af8, hdc=0xab0107e6) returned 0x0
[0150.135] IsAppThemed () returned 0x1
[0150.135] GetThemeAppProperties () returned 0x3
[0150.135] GetThemeAppProperties () returned 0x3
[0150.135] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e0d0) returned 0x0
[0150.135] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0bc) returned 0x0
[0150.135] GetCurrentObject (hdc=0xab0107e6, type=0x1) returned 0xb00017
[0150.135] GetCurrentObject (hdc=0xab0107e6, type=0x2) returned 0x900010
[0150.135] GetCurrentObject (hdc=0xab0107e6, type=0x7) returned 0x4a0507fe
[0150.136] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.136] SaveDC (hdc=0xab0107e6) returned 1
[0150.136] GetTextAlign (hdc=0xab0107e6) returned 0x0
[0150.136] GetTextColor (hdc=0xab0107e6) returned 0x0
[0150.136] GetCurrentObject (hdc=0xab0107e6, type=0x6) returned 0x8a01c2
[0150.136] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0150.136] SelectObject (hdc=0xab0107e6, h=0x6d0a0520) returned 0x8a01c2
[0150.136] GetBkMode (hdc=0xab0107e6) returned 2
[0150.136] SetBkMode (hdc=0xab0107e6, mode=1) returned 2
[0150.136] DrawTextExW (in: hdc=0xab0107e6, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2dc4350 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0150.137] DrawTextExW (in: hdc=0xab0107e6, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2dc4350 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0150.137] RestoreDC (hdc=0xab0107e6, nSavedDC=-1) returned 1
[0150.137] GdipReleaseDC (graphics=0x6643af8, hdc=0xab0107e6) returned 0x0
[0150.137] GetFocus () returned 0x402d2
[0150.137] IsAppThemed () returned 0x1
[0150.137] GetThemeAppProperties () returned 0x3
[0150.137] GetThemeAppProperties () returned 0x3
[0150.137] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2a8) returned 0x0
[0150.137] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xab0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.169] GdipReleaseDC (graphics=0x6643af8, hdc=0xab0107e6) returned 0x0
[0150.169] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.170] SelectObject (hdc=0xab0107e6, h=0x85000f) returned 0x4a0507fe
[0150.170] DeleteDC (hdc=0xab0107e6) returned 1
[0150.170] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.170] EndPaint (hWnd=0x302de, lpPaint=0xd7e24c) returned 1
[0150.170] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0150.171] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.171] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0150.172] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.172] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.172] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0150.173] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.173] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.173] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.174] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.174] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.175] IsWindowUnicode (hWnd=0x302da) returned 1
[0150.175] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.175] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.175] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.175] BeginPaint (in: hWnd=0x302da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0150.175] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.175] CreateCompatibleDC (hdc=0x10105d6) returned 0xad0107e6
[0150.175] SelectObject (hdc=0xad0107e6, h=0x4a0507fe) returned 0x85000f
[0150.175] GdipCreateFromHDC (hdc=0xad0107e6, graphics=0xd7e268) returned 0x0
[0150.175] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.175] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0150.176] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0150.176] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.176] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e2c8) returned 0x0
[0150.176] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0150.176] LocalFree (hMem=0x11ee788) returned 0x0
[0150.176] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.176] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0150.176] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.176] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e2bc) returned 0x0
[0150.176] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2e8) returned 0x0
[0150.176] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd3e0dbd) returned 0x0
[0150.176] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.176] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0d4) returned 0x0
[0150.176] GetCurrentObject (hdc=0xad0107e6, type=0x1) returned 0xb00017
[0150.176] GetCurrentObject (hdc=0xad0107e6, type=0x2) returned 0x900010
[0150.176] GetCurrentObject (hdc=0xad0107e6, type=0x7) returned 0x4a0507fe
[0150.176] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.177] SaveDC (hdc=0xad0107e6) returned 1
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0x696969) returned 0x696969
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0x0) returned 0x0
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0xffffff) returned 0xffffff
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0150.177] GetNearestColor (hdc=0xad0107e6, color=0x0) returned 0x0
[0150.177] RestoreDC (hdc=0xad0107e6, nSavedDC=-1) returned 1
[0150.177] GdipReleaseDC (graphics=0x6643af8, hdc=0xad0107e6) returned 0x0
[0150.177] IsAppThemed () returned 0x1
[0150.178] GetThemeAppProperties () returned 0x3
[0150.178] GetThemeAppProperties () returned 0x3
[0150.178] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0150.178] SendMessageW (hWnd=0xa02ca, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0150.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0150.178] IsAppThemed () returned 0x1
[0150.178] GetThemeAppProperties () returned 0x3
[0150.178] GetThemeAppProperties () returned 0x3
[0150.178] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2dc4b60 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0150.178] IsAppThemed () returned 0x1
[0150.178] GetThemeAppProperties () returned 0x3
[0150.178] GetThemeAppProperties () returned 0x3
[0150.178] IsAppThemed () returned 0x1
[0150.178] GetThemeAppProperties () returned 0x3
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] GetFocus () returned 0x402d2
[0150.179] IsAppThemed () returned 0x1
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] IsAppThemed () returned 0x1
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] IsThemePartDefined () returned 0x1
[0150.179] IsAppThemed () returned 0x1
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0150.179] IsAppThemed () returned 0x1
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] IsAppThemed () returned 0x1
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] GetThemeAppProperties () returned 0x3
[0150.179] IsThemePartDefined () returned 0x1
[0150.179] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0150.180] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.180] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0150.180] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.180] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0150.180] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0150.180] LocalFree (hMem=0x11ee8d8) returned 0x0
[0150.180] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0150.180] LocalFree (hMem=0x11eea28) returned 0x0
[0150.180] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.180] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e018) returned 0x0
[0150.180] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e008) returned 0x0
[0150.180] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e008) returned 0x0
[0150.180] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.180] GdipGetDC (graphics=0x6643af8, hdc=0xd7e020) returned 0x0
[0150.180] GetCurrentObject (hdc=0xad0107e6, type=0x1) returned 0xb00017
[0150.180] GetCurrentObject (hdc=0xad0107e6, type=0x2) returned 0x900010
[0150.180] GetCurrentObject (hdc=0xad0107e6, type=0x7) returned 0x4a0507fe
[0150.180] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.180] SaveDC (hdc=0xad0107e6) returned 1
[0150.180] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x61040807
[0150.180] GetClipRgn (hdc=0xad0107e6, hrgn=0x61040807) returned 0
[0150.180] SelectClipRgn (hdc=0xad0107e6, hrgn=0xe10407de) returned 2
[0150.181] DeleteObject (ho=0x61040807) returned 1
[0150.181] DeleteObject (ho=0xe10407de) returned 1
[0150.181] OffsetViewportOrgEx (in: hdc=0xad0107e6, x=0, y=0, lppt=0x2dc5210 | out: lppt=0x2dc5210) returned 1
[0150.181] DrawThemeParentBackground () returned 0x0
[0150.181] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0150.181] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0150.181] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.181] GetSystemMetrics (nIndex=42) returned 0
[0150.181] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0150.181] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0150.181] GetCurrentObject (hdc=0xad0107e6, type=0x1) returned 0xb00017
[0150.181] GetCurrentObject (hdc=0xad0107e6, type=0x2) returned 0x900010
[0150.181] GetCurrentObject (hdc=0xad0107e6, type=0x7) returned 0x4a0507fe
[0150.181] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.182] SaveDC (hdc=0xad0107e6) returned 2
[0150.182] GetNearestColor (hdc=0xad0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.182] CreateSolidBrush (color=0xf0f0f0) returned 0x391007e1
[0150.182] FillRect (hDC=0xad0107e6, lprc=0xd7da38, hbr=0x391007e1) returned 1
[0150.182] DeleteObject (ho=0x391007e1) returned 1
[0150.182] RestoreDC (hdc=0xad0107e6, nSavedDC=-1) returned 1
[0150.182] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.182] GetSystemMetrics (nIndex=42) returned 0
[0150.182] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0150.182] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0150.182] GetCurrentObject (hdc=0xad0107e6, type=0x1) returned 0xb00017
[0150.182] GetCurrentObject (hdc=0xad0107e6, type=0x2) returned 0x900010
[0150.182] GetCurrentObject (hdc=0xad0107e6, type=0x7) returned 0x4a0507fe
[0150.182] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.182] SaveDC (hdc=0xad0107e6) returned 2
[0150.183] GetNearestColor (hdc=0xad0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0150.183] CreateSolidBrush (color=0xf0f0f0) returned 0x3a1007e1
[0150.183] FillRect (hDC=0xad0107e6, lprc=0xd7d9d8, hbr=0x3a1007e1) returned 1
[0150.183] DeleteObject (ho=0x3a1007e1) returned 1
[0150.183] RestoreDC (hdc=0xad0107e6, nSavedDC=-1) returned 1
[0150.183] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.183] GetSystemMetrics (nIndex=42) returned 0
[0150.183] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0150.183] RestoreDC (hdc=0xad0107e6, nSavedDC=-1) returned 1
[0150.183] GdipReleaseDC (graphics=0x6643af8, hdc=0xad0107e6) returned 0x0
[0150.183] IsAppThemed () returned 0x1
[0150.183] GetThemeAppProperties () returned 0x3
[0150.183] GetThemeAppProperties () returned 0x3
[0150.183] IsAppThemed () returned 0x1
[0150.183] GetThemeAppProperties () returned 0x3
[0150.184] GetThemeAppProperties () returned 0x3
[0150.184] IsThemePartDefined () returned 0x1
[0150.184] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0150.184] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.184] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0150.184] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.184] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7df74) returned 0x0
[0150.184] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.184] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0150.184] LocalFree (hMem=0x11ee788) returned 0x0
[0150.184] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0150.184] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eea98) returned 0x0
[0150.184] LocalFree (hMem=0x11eea98) returned 0x0
[0150.184] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.190] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df9c) returned 0x0
[0150.190] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df8c) returned 0x0
[0150.190] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7df8c) returned 0x0
[0150.190] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.190] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa4) returned 0x0
[0150.191] GetCurrentObject (hdc=0xad0107e6, type=0x1) returned 0xb00017
[0150.191] GetCurrentObject (hdc=0xad0107e6, type=0x2) returned 0x900010
[0150.191] GetCurrentObject (hdc=0xad0107e6, type=0x7) returned 0x4a0507fe
[0150.191] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.191] SaveDC (hdc=0xad0107e6) returned 1
[0150.191] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe20407de
[0150.191] GetClipRgn (hdc=0xad0107e6, hrgn=0xe20407de) returned 0
[0150.191] SelectClipRgn (hdc=0xad0107e6, hrgn=0x63040807) returned 2
[0150.191] DeleteObject (ho=0xe20407de) returned 1
[0150.191] DeleteObject (ho=0x63040807) returned 1
[0150.191] OffsetViewportOrgEx (in: hdc=0xad0107e6, x=0, y=0, lppt=0x2dc5abc | out: lppt=0x2dc5abc) returned 1
[0150.191] IsAppThemed () returned 0x1
[0150.191] GetThemeAppProperties () returned 0x3
[0150.191] GetThemeAppProperties () returned 0x3
[0150.192] DrawThemeBackground () returned 0x0
[0150.192] RestoreDC (hdc=0xad0107e6, nSavedDC=-1) returned 1
[0150.192] GdipReleaseDC (graphics=0x6643af8, hdc=0xad0107e6) returned 0x0
[0150.192] GdipCreateRegion (region=0xd7df60) returned 0x0
[0150.192] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.192] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0150.192] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.192] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0150.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.192] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.192] LocalFree (hMem=0x11ee788) returned 0x0
[0150.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0150.192] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0150.192] LocalFree (hMem=0x11ee8d8) returned 0x0
[0150.192] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.192] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dfa0) returned 0x0
[0150.192] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df90) returned 0x0
[0150.192] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7df90) returned 0x0
[0150.193] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.193] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa8) returned 0x0
[0150.193] GetCurrentObject (hdc=0xad0107e6, type=0x1) returned 0xb00017
[0150.193] GetCurrentObject (hdc=0xad0107e6, type=0x2) returned 0x900010
[0150.193] GetCurrentObject (hdc=0xad0107e6, type=0x7) returned 0x4a0507fe
[0150.193] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.193] SaveDC (hdc=0xad0107e6) returned 1
[0150.193] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x64040807
[0150.193] GetClipRgn (hdc=0xad0107e6, hrgn=0x64040807) returned 0
[0150.193] SelectClipRgn (hdc=0xad0107e6, hrgn=0xe30407de) returned 2
[0150.193] DeleteObject (ho=0x64040807) returned 1
[0150.193] DeleteObject (ho=0xe30407de) returned 1
[0150.193] OffsetViewportOrgEx (in: hdc=0xad0107e6, x=0, y=0, lppt=0x2dc5d90 | out: lppt=0x2dc5d90) returned 1
[0150.193] IsAppThemed () returned 0x1
[0150.193] GetThemeAppProperties () returned 0x3
[0150.193] GetThemeAppProperties () returned 0x3
[0150.193] GetThemeBackgroundContentRect () returned 0x0
[0150.193] RestoreDC (hdc=0xad0107e6, nSavedDC=-1) returned 1
[0150.193] GdipReleaseDC (graphics=0x6643af8, hdc=0xad0107e6) returned 0x0
[0150.193] IsAppThemed () returned 0x1
[0150.194] GetThemeAppProperties () returned 0x3
[0150.194] GetThemeAppProperties () returned 0x3
[0150.194] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e0dc) returned 0x0
[0150.194] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0c8) returned 0x0
[0150.194] GetCurrentObject (hdc=0xad0107e6, type=0x1) returned 0xb00017
[0150.194] GetCurrentObject (hdc=0xad0107e6, type=0x2) returned 0x900010
[0150.194] GetCurrentObject (hdc=0xad0107e6, type=0x7) returned 0x4a0507fe
[0150.194] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.194] SaveDC (hdc=0xad0107e6) returned 1
[0150.194] GetTextAlign (hdc=0xad0107e6) returned 0x0
[0150.194] GetTextColor (hdc=0xad0107e6) returned 0x0
[0150.194] GetCurrentObject (hdc=0xad0107e6, type=0x6) returned 0x8a01c2
[0150.194] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0150.194] SelectObject (hdc=0xad0107e6, h=0x6d0a0520) returned 0x8a01c2
[0150.194] GetBkMode (hdc=0xad0107e6) returned 2
[0150.194] SetBkMode (hdc=0xad0107e6, mode=1) returned 2
[0150.195] DrawTextExW (in: hdc=0xad0107e6, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc6130 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0150.195] DrawTextExW (in: hdc=0xad0107e6, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc6130 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0150.195] RestoreDC (hdc=0xad0107e6, nSavedDC=-1) returned 1
[0150.195] GdipReleaseDC (graphics=0x6643af8, hdc=0xad0107e6) returned 0x0
[0150.195] GetFocus () returned 0x402d2
[0150.195] IsAppThemed () returned 0x1
[0150.195] GetThemeAppProperties () returned 0x3
[0150.196] GetThemeAppProperties () returned 0x3
[0150.196] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2a8) returned 0x0
[0150.196] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xad0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.196] GdipReleaseDC (graphics=0x6643af8, hdc=0xad0107e6) returned 0x0
[0150.196] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.196] SelectObject (hdc=0xad0107e6, h=0x85000f) returned 0x4a0507fe
[0150.196] DeleteDC (hdc=0xad0107e6) returned 1
[0150.196] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.196] EndPaint (hWnd=0x302da, lpPaint=0xd7e24c) returned 1
[0150.196] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.196] IsWindowUnicode (hWnd=0x602c4) returned 1
[0150.196] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.197] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.197] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.197] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0150.197] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.197] CreateCompatibleDC (hdc=0xf0105ee) returned 0xaf0107e6
[0150.197] SelectObject (hdc=0xaf0107e6, h=0x4a0507fe) returned 0x85000f
[0150.197] GdipCreateFromHDC (hdc=0xaf0107e6, graphics=0xd7e268) returned 0x0
[0150.197] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.197] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0150.197] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0150.197] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.197] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e2c8) returned 0x0
[0150.198] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.198] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eea28) returned 0x0
[0150.198] LocalFree (hMem=0x11eea28) returned 0x0
[0150.198] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.198] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0150.198] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.198] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e2bc) returned 0x0
[0150.198] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2e8) returned 0x0
[0150.198] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd3c0dbd) returned 0x0
[0150.198] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.198] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0d4) returned 0x0
[0150.198] GetCurrentObject (hdc=0xaf0107e6, type=0x1) returned 0xb00017
[0150.198] GetCurrentObject (hdc=0xaf0107e6, type=0x2) returned 0x900010
[0150.198] GetCurrentObject (hdc=0xaf0107e6, type=0x7) returned 0x4a0507fe
[0150.198] GetCurrentObject (hdc=0xaf0107e6, type=0x6) returned 0x8a01c2
[0150.198] SaveDC (hdc=0xaf0107e6) returned 1
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0xff) returned 0xff
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0x55) returned 0x55
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0x0) returned 0x0
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0x55) returned 0x55
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0x0) returned 0x0
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0x8080ff) returned 0x8080ff
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0x7373e5) returned 0x7373e5
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0xe5) returned 0xe5
[0150.199] GetNearestColor (hdc=0xaf0107e6, color=0x0) returned 0x0
[0150.199] RestoreDC (hdc=0xaf0107e6, nSavedDC=-1) returned 1
[0150.199] GdipReleaseDC (graphics=0x6643af8, hdc=0xaf0107e6) returned 0x0
[0150.199] IsAppThemed () returned 0x1
[0150.199] GetThemeAppProperties () returned 0x3
[0150.199] GetThemeAppProperties () returned 0x3
[0150.199] IsAppThemed () returned 0x1
[0150.200] GetThemeAppProperties () returned 0x3
[0150.200] GetThemeAppProperties () returned 0x3
[0150.200] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2dc68f8 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0150.201] IsAppThemed () returned 0x1
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] IsAppThemed () returned 0x1
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] GetFocus () returned 0x402d2
[0150.201] IsAppThemed () returned 0x1
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] IsAppThemed () returned 0x1
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] IsThemePartDefined () returned 0x1
[0150.201] IsAppThemed () returned 0x1
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] GetThemeAppProperties () returned 0x3
[0150.201] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0150.201] IsAppThemed () returned 0x1
[0150.201] GetThemeAppProperties () returned 0x3
[0150.202] GetThemeAppProperties () returned 0x3
[0150.202] IsAppThemed () returned 0x1
[0150.202] GetThemeAppProperties () returned 0x3
[0150.202] GetThemeAppProperties () returned 0x3
[0150.202] IsThemePartDefined () returned 0x1
[0150.202] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0150.202] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.202] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0150.202] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.202] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0150.202] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.202] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0150.202] LocalFree (hMem=0x11eec58) returned 0x0
[0150.202] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.202] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0150.202] LocalFree (hMem=0x11eec58) returned 0x0
[0150.202] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.202] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e018) returned 0x0
[0150.202] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e008) returned 0x0
[0150.203] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e008) returned 0x0
[0150.203] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.203] GdipGetDC (graphics=0x6643af8, hdc=0xd7e020) returned 0x0
[0150.203] GetCurrentObject (hdc=0xaf0107e6, type=0x1) returned 0xb00017
[0150.203] GetCurrentObject (hdc=0xaf0107e6, type=0x2) returned 0x900010
[0150.203] GetCurrentObject (hdc=0xaf0107e6, type=0x7) returned 0x4a0507fe
[0150.203] GetCurrentObject (hdc=0xaf0107e6, type=0x6) returned 0x8a01c2
[0150.203] SaveDC (hdc=0xaf0107e6) returned 1
[0150.203] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe40407de
[0150.203] GetClipRgn (hdc=0xaf0107e6, hrgn=0xe40407de) returned 0
[0150.203] SelectClipRgn (hdc=0xaf0107e6, hrgn=0x68040807) returned 2
[0150.203] DeleteObject (ho=0xe40407de) returned 1
[0150.203] DeleteObject (ho=0x68040807) returned 1
[0150.203] OffsetViewportOrgEx (in: hdc=0xaf0107e6, x=0, y=0, lppt=0x2dc6fa8 | out: lppt=0x2dc6fa8) returned 1
[0150.203] DrawThemeParentBackground () returned 0x0
[0150.204] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0150.204] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0150.204] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0150.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.204] GetSystemMetrics (nIndex=42) returned 0
[0150.204] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0150.204] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0150.204] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0150.204] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0150.204] SelectPalette (hdc=0xaf0107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.204] GdipCreateFromHDC (hdc=0xaf0107e6, graphics=0xd7dac8) returned 0x0
[0150.204] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0150.205] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0150.205] GdipGetWorldTransform (graphics=0x6644060, matrix=0x65ffc88) returned 0x0
[0150.205] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7daa0) returned 0x0
[0150.205] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.205] GdipCreateRegion (region=0xd7da88) returned 0x0
[0150.205] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0150.205] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7da94) returned 0x0
[0150.205] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.205] GdipSaveGraphics (graphics=0x6644060, state=0xd7dac0) returned 0x0
[0150.205] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0150.222] GdipFillRectangleI (graphics=0x6644060, brush=0x6639ee0, x=0, y=0, width=801, height=453) returned 0x0
[0150.222] GdipDeleteBrush (brush=0x6639ee0) returned 0x0
[0150.223] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0150.223] SelectPalette (hdc=0xaf0107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.224] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0150.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.224] GetSystemMetrics (nIndex=42) returned 0
[0150.224] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0150.224] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0150.224] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0150.224] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0150.224] SelectPalette (hdc=0xaf0107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.224] GdipCreateFromHDC (hdc=0xaf0107e6, graphics=0xd7da68) returned 0x0
[0150.224] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0150.224] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0150.224] GdipGetWorldTransform (graphics=0x6644060, matrix=0x66046e0) returned 0x0
[0150.225] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7da40) returned 0x0
[0150.225] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.225] GdipCreateRegion (region=0xd7da28) returned 0x0
[0150.225] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0150.225] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7da34) returned 0x0
[0150.225] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.225] GdipSaveGraphics (graphics=0x6644060, state=0xd7da60) returned 0x0
[0150.225] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0150.235] GdipFillRectangleI (graphics=0x6644060, brush=0x6639520, x=0, y=0, width=801, height=453) returned 0x0
[0150.235] GdipDeleteBrush (brush=0x6639520) returned 0x0
[0150.239] GdipRestoreGraphics (graphics=0x6644060, state=0xfd380dbd) returned 0x0
[0150.239] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0150.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.239] GetSystemMetrics (nIndex=42) returned 0
[0150.239] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0150.239] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0150.239] SelectPalette (hdc=0xaf0107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.239] RestoreDC (hdc=0xaf0107e6, nSavedDC=-1) returned 1
[0150.240] GdipReleaseDC (graphics=0x6643af8, hdc=0xaf0107e6) returned 0x0
[0150.240] IsAppThemed () returned 0x1
[0150.240] GetThemeAppProperties () returned 0x3
[0150.240] GetThemeAppProperties () returned 0x3
[0150.240] IsAppThemed () returned 0x1
[0150.240] GetThemeAppProperties () returned 0x3
[0150.240] GetThemeAppProperties () returned 0x3
[0150.240] IsThemePartDefined () returned 0x1
[0150.240] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0150.240] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.240] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0150.240] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.240] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7df74) returned 0x0
[0150.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0150.241] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eead0) returned 0x0
[0150.241] LocalFree (hMem=0x11eead0) returned 0x0
[0150.241] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0150.241] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee868) returned 0x0
[0150.241] LocalFree (hMem=0x11ee868) returned 0x0
[0150.241] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.241] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df9c) returned 0x0
[0150.241] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df8c) returned 0x0
[0150.241] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7df8c) returned 0x0
[0150.241] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.242] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa4) returned 0x0
[0150.242] GetCurrentObject (hdc=0xaf0107e6, type=0x1) returned 0xb00017
[0150.242] GetCurrentObject (hdc=0xaf0107e6, type=0x2) returned 0x900010
[0150.242] GetCurrentObject (hdc=0xaf0107e6, type=0x7) returned 0x4a0507fe
[0150.242] GetCurrentObject (hdc=0xaf0107e6, type=0x6) returned 0x8a01c2
[0150.242] SaveDC (hdc=0xaf0107e6) returned 1
[0150.242] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x69040807
[0150.242] GetClipRgn (hdc=0xaf0107e6, hrgn=0x69040807) returned 0
[0150.242] SelectClipRgn (hdc=0xaf0107e6, hrgn=0xe60407de) returned 2
[0150.242] DeleteObject (ho=0x69040807) returned 1
[0150.242] DeleteObject (ho=0xe60407de) returned 1
[0150.242] OffsetViewportOrgEx (in: hdc=0xaf0107e6, x=0, y=0, lppt=0x2dcd7f8 | out: lppt=0x2dcd7f8) returned 1
[0150.243] IsAppThemed () returned 0x1
[0150.243] GetThemeAppProperties () returned 0x3
[0150.243] GetThemeAppProperties () returned 0x3
[0150.243] DrawThemeBackground () returned 0x0
[0150.243] RestoreDC (hdc=0xaf0107e6, nSavedDC=-1) returned 1
[0150.243] GdipReleaseDC (graphics=0x6643af8, hdc=0xaf0107e6) returned 0x0
[0150.243] GdipCreateRegion (region=0xd7df60) returned 0x0
[0150.243] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.243] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0150.243] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.243] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0150.243] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.243] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0150.244] LocalFree (hMem=0x11eea28) returned 0x0
[0150.244] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.244] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.244] LocalFree (hMem=0x11ee788) returned 0x0
[0150.244] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.244] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dfa0) returned 0x0
[0150.244] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df90) returned 0x0
[0150.244] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7df90) returned 0x0
[0150.244] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.244] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa8) returned 0x0
[0150.244] GetCurrentObject (hdc=0xaf0107e6, type=0x1) returned 0xb00017
[0150.244] GetCurrentObject (hdc=0xaf0107e6, type=0x2) returned 0x900010
[0150.244] GetCurrentObject (hdc=0xaf0107e6, type=0x7) returned 0x4a0507fe
[0150.244] GetCurrentObject (hdc=0xaf0107e6, type=0x6) returned 0x8a01c2
[0150.245] SaveDC (hdc=0xaf0107e6) returned 1
[0150.245] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe70407de
[0150.245] GetClipRgn (hdc=0xaf0107e6, hrgn=0xe70407de) returned 0
[0150.245] SelectClipRgn (hdc=0xaf0107e6, hrgn=0x6a040807) returned 2
[0150.245] DeleteObject (ho=0xe70407de) returned 1
[0150.245] DeleteObject (ho=0x6a040807) returned 1
[0150.245] OffsetViewportOrgEx (in: hdc=0xaf0107e6, x=0, y=0, lppt=0x2dcdacc | out: lppt=0x2dcdacc) returned 1
[0150.245] IsAppThemed () returned 0x1
[0150.245] GetThemeAppProperties () returned 0x3
[0150.245] GetThemeAppProperties () returned 0x3
[0150.245] GetThemeBackgroundContentRect () returned 0x0
[0150.245] RestoreDC (hdc=0xaf0107e6, nSavedDC=-1) returned 1
[0150.245] GdipReleaseDC (graphics=0x6643af8, hdc=0xaf0107e6) returned 0x0
[0150.245] GdipGetNearestColor (graphics=0x6643af8, argb=0xd7e0b4) returned 0x0
[0150.246] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0150.246] GdipFillRectangleI (graphics=0x6643af8, brush=0x663e340, x=4, y=4, width=67, height=15) returned 0x0
[0150.246] GdipDeleteBrush (brush=0x663e340) returned 0x0
[0150.246] IsAppThemed () returned 0x1
[0150.246] GetThemeAppProperties () returned 0x3
[0150.246] GetThemeAppProperties () returned 0x3
[0150.246] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e0dc) returned 0x0
[0150.246] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0c8) returned 0x0
[0150.246] GetCurrentObject (hdc=0xaf0107e6, type=0x1) returned 0xb00017
[0150.246] GetCurrentObject (hdc=0xaf0107e6, type=0x2) returned 0x900010
[0150.246] GetCurrentObject (hdc=0xaf0107e6, type=0x7) returned 0x4a0507fe
[0150.246] GetCurrentObject (hdc=0xaf0107e6, type=0x6) returned 0x8a01c2
[0150.246] SaveDC (hdc=0xaf0107e6) returned 1
[0150.246] GetTextAlign (hdc=0xaf0107e6) returned 0x0
[0150.246] GetTextColor (hdc=0xaf0107e6) returned 0x0
[0150.246] GetCurrentObject (hdc=0xaf0107e6, type=0x6) returned 0x8a01c2
[0150.246] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0150.247] SelectObject (hdc=0xaf0107e6, h=0x6d0a0520) returned 0x8a01c2
[0150.247] GetBkMode (hdc=0xaf0107e6) returned 2
[0150.247] SetBkMode (hdc=0xaf0107e6, mode=1) returned 2
[0150.254] DrawTextExW (in: hdc=0xaf0107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dcde90 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0150.254] DrawTextExW (in: hdc=0xaf0107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dcde90 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0150.254] RestoreDC (hdc=0xaf0107e6, nSavedDC=-1) returned 1
[0150.255] GdipReleaseDC (graphics=0x6643af8, hdc=0xaf0107e6) returned 0x0
[0150.255] GetFocus () returned 0x402d2
[0150.255] IsAppThemed () returned 0x1
[0150.255] GetThemeAppProperties () returned 0x3
[0150.255] GetThemeAppProperties () returned 0x3
[0150.255] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2a8) returned 0x0
[0150.255] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xaf0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.255] GdipReleaseDC (graphics=0x6643af8, hdc=0xaf0107e6) returned 0x0
[0150.255] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.255] SelectObject (hdc=0xaf0107e6, h=0x85000f) returned 0x4a0507fe
[0150.255] DeleteDC (hdc=0xaf0107e6) returned 1
[0150.255] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.255] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0150.256] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.285] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.285] IsWindowUnicode (hWnd=0x302de) returned 1
[0150.286] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.287] GetDlgItem (hDlg=0xa02ca, nIDDlgItem=0) returned 0x0
[0150.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x210, wParam=0x201, lParam=0x6b0121) returned 0x0
[0150.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x21, wParam=0xa02ca, lParam=0x2010001) returned 0x1
[0150.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x21, wParam=0xa02ca, lParam=0x2010001) returned 0x1
[0150.287] SetCursor (hCursor=0x10003) returned 0x10003
[0150.287] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.287] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.287] GetKeyState (nVirtKey=1) returned -127
[0150.287] GetKeyState (nVirtKey=2) returned 0
[0150.287] GetKeyState (nVirtKey=4) returned 0
[0150.287] GetKeyState (nVirtKey=5) returned 0
[0150.287] GetKeyState (nVirtKey=6) returned 0
[0150.287] IsWindowVisible (hWnd=0x302de) returned 1
[0150.287] IsWindowEnabled (hWnd=0x302de) returned 1
[0150.287] SetFocus (hWnd=0x302de) returned 0x402d2
[0150.288] GetFocus () returned 0x302de
[0150.288] IsChild (hWndParent=0xa02ca, hWnd=0x302de) returned 1
[0150.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x8, wParam=0x302de, lParam=0x0) returned 0x0
[0150.288] GetCapture () returned 0x0
[0150.288] InvalidateRect (hWnd=0x402d2, lpRect=0x0, bErase=0) returned 1
[0150.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0150.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0150.292] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0150.292] InvalidateRect (hWnd=0x402d2, lpRect=0x0, bErase=0) returned 1
[0150.292] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x7, wParam=0x402d2, lParam=0x0) returned 0x0
[0150.292] GetStockObject (i=5) returned 0x900015
[0150.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0150.293] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0xd, wParam=0xa, lParam=0x11f57a0) returned 0x9
[0150.293] GetDlgItem (hDlg=0xa02ca, nIDDlgItem=197342) returned 0x302de
[0150.293] SendMessageW (hWnd=0x302de, Msg=0x202b, wParam=0x302de, lParam=0xd7dddc) returned 0x0
[0150.293] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x202b, wParam=0x302de, lParam=0xd7dddc) returned 0x0
[0150.293] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.299] GetFocus () returned 0x302de
[0150.299] GetFocus () returned 0x302de
[0150.299] GetFocus () returned 0x302de
[0150.299] GetKeyState (nVirtKey=1) returned -127
[0150.300] GetKeyState (nVirtKey=2) returned 0
[0150.300] GetKeyState (nVirtKey=4) returned 0
[0150.300] GetKeyState (nVirtKey=5) returned 0
[0150.300] GetKeyState (nVirtKey=6) returned 0
[0150.300] GetCapture () returned 0x0
[0150.300] SetCapture (hWnd=0x302de) returned 0x0
[0150.300] GetKeyState (nVirtKey=1) returned -127
[0150.300] GetKeyState (nVirtKey=2) returned 0
[0150.300] GetKeyState (nVirtKey=4) returned 0
[0150.300] GetKeyState (nVirtKey=5) returned 0
[0150.300] GetKeyState (nVirtKey=6) returned 0
[0150.300] NotifyWinEvent (event=0x800a, hwnd=0x302de, idObject=-4, idChild=0)
[0150.300] InvalidateRect (hWnd=0x302de, lpRect=0xd7e430, bErase=0) returned 1
[0150.300] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.300] IsWindowUnicode (hWnd=0x302de) returned 1
[0150.301] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.301] TranslateMessage (lpMsg=0xd7e808) returned 0
[0150.301] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0150.301] MapWindowPoints (in: hWndFrom=0x302de, hWndTo=0x0, lpPoints=0x2dce080, cPoints=0x1 | out: lpPoints=0x2dce080) returned 30999254
[0150.301] NotifyWinEvent (event=0x800a, hwnd=0x302de, idObject=-4, idChild=0)
[0150.301] InvalidateRect (hWnd=0x302de, lpRect=0xd7e3d0, bErase=0) returned 1
[0150.301] UpdateWindow (hWnd=0x302de) returned 1
[0150.301] BeginPaint (in: hWnd=0x302de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0150.301] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.301] CreateCompatibleDC (hdc=0x60100ce) returned 0x6001065e
[0150.301] SelectObject (hdc=0x6001065e, h=0x4a0507fe) returned 0x85000f
[0150.302] GdipCreateFromHDC (hdc=0x6001065e, graphics=0xd7df00) returned 0x0
[0150.302] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.302] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0150.302] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0150.302] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.302] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7df60) returned 0x0
[0150.302] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.302] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee788) returned 0x0
[0150.302] LocalFree (hMem=0x11ee788) returned 0x0
[0150.302] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.302] GdipCreateRegion (region=0xd7df48) returned 0x0
[0150.302] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.302] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7df54) returned 0x0
[0150.303] GdipSaveGraphics (graphics=0x6643af8, state=0xd7df80) returned 0x0
[0150.303] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd360dbd) returned 0x0
[0150.303] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.303] GdipGetDC (graphics=0x6643af8, hdc=0xd7dd60) returned 0x0
[0150.303] GetCurrentObject (hdc=0x6001065e, type=0x1) returned 0xb00017
[0150.303] GetCurrentObject (hdc=0x6001065e, type=0x2) returned 0x900010
[0150.303] GetCurrentObject (hdc=0x6001065e, type=0x7) returned 0x4a0507fe
[0150.303] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.303] SaveDC (hdc=0x6001065e) returned 1
[0150.303] GetNearestColor (hdc=0x6001065e, color=0xf0f0f0) returned 0xf0f0f0
[0150.303] GetNearestColor (hdc=0x6001065e, color=0xa0a0a0) returned 0xa0a0a0
[0150.303] GetNearestColor (hdc=0x6001065e, color=0x696969) returned 0x696969
[0150.303] GetNearestColor (hdc=0x6001065e, color=0xa0a0a0) returned 0xa0a0a0
[0150.304] GetNearestColor (hdc=0x6001065e, color=0x0) returned 0x0
[0150.304] GetNearestColor (hdc=0x6001065e, color=0xffffff) returned 0xffffff
[0150.304] GetNearestColor (hdc=0x6001065e, color=0xe5e5e5) returned 0xe5e5e5
[0150.304] GetNearestColor (hdc=0x6001065e, color=0xd7d7d7) returned 0xd7d7d7
[0150.304] GetNearestColor (hdc=0x6001065e, color=0x0) returned 0x0
[0150.304] RestoreDC (hdc=0x6001065e, nSavedDC=-1) returned 1
[0150.304] GdipReleaseDC (graphics=0x6643af8, hdc=0x6001065e) returned 0x0
[0150.304] IsAppThemed () returned 0x1
[0150.304] GetThemeAppProperties () returned 0x3
[0150.304] GetThemeAppProperties () returned 0x3
[0150.304] IsAppThemed () returned 0x1
[0150.304] GetThemeAppProperties () returned 0x3
[0150.304] GetThemeAppProperties () returned 0x3
[0150.304] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dce7d8 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0150.305] IsAppThemed () returned 0x1
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] IsAppThemed () returned 0x1
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] IsAppThemed () returned 0x1
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] IsAppThemed () returned 0x1
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] IsThemePartDefined () returned 0x1
[0150.305] IsAppThemed () returned 0x1
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0150.305] IsAppThemed () returned 0x1
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] GetThemeAppProperties () returned 0x3
[0150.305] IsAppThemed () returned 0x1
[0150.306] GetThemeAppProperties () returned 0x3
[0150.306] GetThemeAppProperties () returned 0x3
[0150.306] IsThemePartDefined () returned 0x1
[0150.306] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0150.306] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.306] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0150.306] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.306] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc7c) returned 0x0
[0150.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0150.306] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0150.306] LocalFree (hMem=0x11eecc8) returned 0x0
[0150.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.306] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0150.306] LocalFree (hMem=0x11eec58) returned 0x0
[0150.306] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.306] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dca4) returned 0x0
[0150.306] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dc94) returned 0x0
[0150.306] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7dc94) returned 0x0
[0150.306] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.306] GdipGetDC (graphics=0x6643af8, hdc=0xd7dcac) returned 0x0
[0150.306] GetCurrentObject (hdc=0x6001065e, type=0x1) returned 0xb00017
[0150.307] GetCurrentObject (hdc=0x6001065e, type=0x2) returned 0x900010
[0150.307] GetCurrentObject (hdc=0x6001065e, type=0x7) returned 0x4a0507fe
[0150.307] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.307] SaveDC (hdc=0x6001065e) returned 1
[0150.307] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b040807
[0150.307] GetClipRgn (hdc=0x6001065e, hrgn=0x6b040807) returned 0
[0150.307] SelectClipRgn (hdc=0x6001065e, hrgn=0xeb0407de) returned 2
[0150.307] DeleteObject (ho=0x6b040807) returned 1
[0150.307] DeleteObject (ho=0xeb0407de) returned 1
[0150.307] OffsetViewportOrgEx (in: hdc=0x6001065e, x=0, y=0, lppt=0x2dcee88 | out: lppt=0x2dcee88) returned 1
[0150.307] DrawThemeParentBackground () returned 0x0
[0150.307] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0150.307] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0150.307] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.308] GetSystemMetrics (nIndex=42) returned 0
[0150.308] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0150.308] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0150.308] GetCurrentObject (hdc=0x6001065e, type=0x1) returned 0xb00017
[0150.308] GetCurrentObject (hdc=0x6001065e, type=0x2) returned 0x900010
[0150.308] GetCurrentObject (hdc=0x6001065e, type=0x7) returned 0x4a0507fe
[0150.308] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.308] SaveDC (hdc=0x6001065e) returned 2
[0150.308] GetNearestColor (hdc=0x6001065e, color=0xf0f0f0) returned 0xf0f0f0
[0150.308] CreateSolidBrush (color=0xf0f0f0) returned 0x3b1007e1
[0150.308] FillRect (hDC=0x6001065e, lprc=0xd7d6c8, hbr=0x3b1007e1) returned 1
[0150.308] DeleteObject (ho=0x3b1007e1) returned 1
[0150.308] RestoreDC (hdc=0x6001065e, nSavedDC=-1) returned 1
[0150.308] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.308] GetSystemMetrics (nIndex=42) returned 0
[0150.309] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.309] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0150.309] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0150.309] GetCurrentObject (hdc=0x6001065e, type=0x1) returned 0xb00017
[0150.309] GetCurrentObject (hdc=0x6001065e, type=0x2) returned 0x900010
[0150.309] GetCurrentObject (hdc=0x6001065e, type=0x7) returned 0x4a0507fe
[0150.309] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.309] SaveDC (hdc=0x6001065e) returned 2
[0150.309] GetNearestColor (hdc=0x6001065e, color=0xf0f0f0) returned 0xf0f0f0
[0150.309] CreateSolidBrush (color=0xf0f0f0) returned 0x3c1007e1
[0150.309] FillRect (hDC=0x6001065e, lprc=0xd7d668, hbr=0x3c1007e1) returned 1
[0150.309] DeleteObject (ho=0x3c1007e1) returned 1
[0150.309] RestoreDC (hdc=0x6001065e, nSavedDC=-1) returned 1
[0150.314] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.314] GetSystemMetrics (nIndex=42) returned 0
[0150.314] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0150.314] RestoreDC (hdc=0x6001065e, nSavedDC=-1) returned 1
[0150.314] GdipReleaseDC (graphics=0x6643af8, hdc=0x6001065e) returned 0x0
[0150.314] IsAppThemed () returned 0x1
[0150.314] GetThemeAppProperties () returned 0x3
[0150.314] GetThemeAppProperties () returned 0x3
[0150.314] IsAppThemed () returned 0x1
[0150.314] GetThemeAppProperties () returned 0x3
[0150.314] GetThemeAppProperties () returned 0x3
[0150.314] IsThemePartDefined () returned 0x1
[0150.315] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0150.315] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.315] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0150.315] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.315] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dc00) returned 0x0
[0150.315] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0150.315] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eead0) returned 0x0
[0150.315] LocalFree (hMem=0x11eead0) returned 0x0
[0150.315] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0150.315] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee868) returned 0x0
[0150.315] LocalFree (hMem=0x11ee868) returned 0x0
[0150.315] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.315] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dc28) returned 0x0
[0150.315] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dc18) returned 0x0
[0150.315] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7dc18) returned 0x0
[0150.315] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.315] GdipGetDC (graphics=0x6643af8, hdc=0xd7dc30) returned 0x0
[0150.315] GetCurrentObject (hdc=0x6001065e, type=0x1) returned 0xb00017
[0150.315] GetCurrentObject (hdc=0x6001065e, type=0x2) returned 0x900010
[0150.316] GetCurrentObject (hdc=0x6001065e, type=0x7) returned 0x4a0507fe
[0150.316] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.316] SaveDC (hdc=0x6001065e) returned 1
[0150.316] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xec0407de
[0150.316] GetClipRgn (hdc=0x6001065e, hrgn=0xec0407de) returned 0
[0150.316] SelectClipRgn (hdc=0x6001065e, hrgn=0x6d040807) returned 2
[0150.316] DeleteObject (ho=0xec0407de) returned 1
[0150.316] DeleteObject (ho=0x6d040807) returned 1
[0150.316] OffsetViewportOrgEx (in: hdc=0x6001065e, x=0, y=0, lppt=0x2dcf734 | out: lppt=0x2dcf734) returned 1
[0150.316] IsAppThemed () returned 0x1
[0150.316] GetThemeAppProperties () returned 0x3
[0150.316] GetThemeAppProperties () returned 0x3
[0150.316] DrawThemeBackground () returned 0x0
[0150.316] RestoreDC (hdc=0x6001065e, nSavedDC=-1) returned 1
[0150.316] GdipReleaseDC (graphics=0x6643af8, hdc=0x6001065e) returned 0x0
[0150.316] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0150.316] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.317] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0150.317] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.317] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc04) returned 0x0
[0150.317] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.317] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0150.317] LocalFree (hMem=0x11eec58) returned 0x0
[0150.317] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0150.317] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0150.317] LocalFree (hMem=0x11ee788) returned 0x0
[0150.317] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.317] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dc2c) returned 0x0
[0150.317] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7dc1c) returned 0x0
[0150.317] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7dc1c) returned 0x0
[0150.317] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.317] GdipGetDC (graphics=0x6643af8, hdc=0xd7dc34) returned 0x0
[0150.317] GetCurrentObject (hdc=0x6001065e, type=0x1) returned 0xb00017
[0150.317] GetCurrentObject (hdc=0x6001065e, type=0x2) returned 0x900010
[0150.317] GetCurrentObject (hdc=0x6001065e, type=0x7) returned 0x4a0507fe
[0150.317] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.318] SaveDC (hdc=0x6001065e) returned 1
[0150.318] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e040807
[0150.318] GetClipRgn (hdc=0x6001065e, hrgn=0x6e040807) returned 0
[0150.318] SelectClipRgn (hdc=0x6001065e, hrgn=0xed0407de) returned 2
[0150.318] DeleteObject (ho=0x6e040807) returned 1
[0150.318] DeleteObject (ho=0xed0407de) returned 1
[0150.318] OffsetViewportOrgEx (in: hdc=0x6001065e, x=0, y=0, lppt=0x2dcfa08 | out: lppt=0x2dcfa08) returned 1
[0150.318] IsAppThemed () returned 0x1
[0150.318] GetThemeAppProperties () returned 0x3
[0150.318] GetThemeAppProperties () returned 0x3
[0150.318] GetThemeBackgroundContentRect () returned 0x0
[0150.318] RestoreDC (hdc=0x6001065e, nSavedDC=-1) returned 1
[0150.318] GdipReleaseDC (graphics=0x6643af8, hdc=0x6001065e) returned 0x0
[0150.318] IsAppThemed () returned 0x1
[0150.318] GetThemeAppProperties () returned 0x3
[0150.318] GetThemeAppProperties () returned 0x3
[0150.318] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7dd68) returned 0x0
[0150.318] GdipGetDC (graphics=0x6643af8, hdc=0xd7dd54) returned 0x0
[0150.318] GetCurrentObject (hdc=0x6001065e, type=0x1) returned 0xb00017
[0150.319] GetCurrentObject (hdc=0x6001065e, type=0x2) returned 0x900010
[0150.319] GetCurrentObject (hdc=0x6001065e, type=0x7) returned 0x4a0507fe
[0150.319] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.319] SaveDC (hdc=0x6001065e) returned 1
[0150.319] GetTextAlign (hdc=0x6001065e) returned 0x0
[0150.319] GetTextColor (hdc=0x6001065e) returned 0x0
[0150.319] GetCurrentObject (hdc=0x6001065e, type=0x6) returned 0x8a01c2
[0150.319] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0150.319] SelectObject (hdc=0x6001065e, h=0x6d0a0520) returned 0x8a01c2
[0150.319] GetBkMode (hdc=0x6001065e) returned 2
[0150.319] SetBkMode (hdc=0x6001065e, mode=1) returned 2
[0150.319] DrawTextExW (in: hdc=0x6001065e, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dcfda8 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0150.320] DrawTextExW (in: hdc=0x6001065e, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dcfda8 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0150.320] RestoreDC (hdc=0x6001065e, nSavedDC=-1) returned 1
[0150.320] GdipReleaseDC (graphics=0x6643af8, hdc=0x6001065e) returned 0x0
[0150.320] GetFocus () returned 0x302de
[0150.320] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0150.320] SendMessageW (hWnd=0xa02ca, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0150.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0150.320] IsAppThemed () returned 0x1
[0150.320] GetThemeAppProperties () returned 0x3
[0150.320] GetThemeAppProperties () returned 0x3
[0150.320] GdipGetDC (graphics=0x6643af8, hdc=0xd7df40) returned 0x0
[0150.320] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x6001065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.321] GdipReleaseDC (graphics=0x6643af8, hdc=0x6001065e) returned 0x0
[0150.321] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.321] SelectObject (hdc=0x6001065e, h=0x85000f) returned 0x4a0507fe
[0150.321] DeleteDC (hdc=0x6001065e) returned 1
[0150.321] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.321] EndPaint (hWnd=0x302de, lpPaint=0xd7dee4) returned 1
[0150.321] MapWindowPoints (in: hWndFrom=0x302de, hWndTo=0x0, lpPoints=0x2dcfea4, cPoints=0x1 | out: lpPoints=0x2dcfea4) returned 30999254
[0150.321] WindowFromPoint (Point=0x316) returned 0x302de
[0150.321] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.321] NotifyWinEvent (event=0x800a, hwnd=0x302de, idObject=-4, idChild=0)
[0150.321] NotifyWinEvent (event=0x800c, hwnd=0x302de, idObject=-4, idChild=0)
[0150.322] GetCapture () returned 0x302de
[0150.322] ReleaseCapture () returned 1
[0150.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0150.322] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0150.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.322] IsWindow (hWnd=0x7005c) returned 1
[0150.322] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0150.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0150.335] IsWindow (hWnd=0xa02ca) returned 1
[0150.335] SetActiveWindow (hWnd=0xa02ca) returned 0xa02ca
[0150.335] IsWindow (hWnd=0xa02ca) returned 1
[0150.335] SetFocus (hWnd=0xa02ca) returned 0x302de
[0150.336] GetFocus () returned 0xa02ca
[0150.336] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x8, wParam=0xa02ca, lParam=0x0) returned 0x0
[0150.336] GetCapture () returned 0x0
[0150.336] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.337] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0150.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0150.340] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0150.340] GetFocus () returned 0xa02ca
[0150.340] SetFocus (hWnd=0x302de) returned 0xa02ca
[0150.346] GetFocus () returned 0x302de
[0150.346] IsChild (hWndParent=0xa02ca, hWnd=0x302de) returned 1
[0150.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x8, wParam=0x302de, lParam=0x0) returned 0x0
[0150.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0150.349] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0150.350] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0150.350] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x7, wParam=0xa02ca, lParam=0x0) returned 0x0
[0150.350] GetStockObject (i=5) returned 0x900015
[0150.350] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0150.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0150.351] GetDlgItem (hDlg=0xa02ca, nIDDlgItem=197342) returned 0x302de
[0150.351] SendMessageW (hWnd=0x302de, Msg=0x202b, wParam=0x302de, lParam=0xd7ddcc) returned 0x0
[0150.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x202b, wParam=0x302de, lParam=0xd7ddcc) returned 0x0
[0150.351] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.353] GetWindowLongW (hWnd=0xa02ca, nIndex=-8) returned 458844
[0150.353] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0150.353] GetCurrentThreadId () returned 0xf50
[0150.353] IsWindow (hWnd=0x7005c) returned 1
[0150.353] IsWindow (hWnd=0x7005c) returned 1
[0150.353] IsWindowVisible (hWnd=0x7005c) returned 1
[0150.353] SetActiveWindow (hWnd=0x7005c) returned 0xa02ca
[0150.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0150.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0150.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0150.356] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0150.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0150.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0150.358] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0150.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0150.358] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0150.358] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0150.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0150.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0150.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0150.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0xa02ca) returned 0x1
[0150.362] GetFocus () returned 0x302de
[0150.362] SetFocus (hWnd=0x602c4) returned 0x302de
[0150.363] GetFocus () returned 0x602c4
[0150.363] IsChild (hWndParent=0xa02ca, hWnd=0x602c4) returned 0
[0150.363] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0150.363] GetCapture () returned 0x0
[0150.363] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.364] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0150.365] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0150.367] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0150.367] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0150.367] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0150.367] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0150.368] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0150.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x302de, lParam=0x0) returned 0x0
[0150.368] GetStockObject (i=5) returned 0x900015
[0150.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0150.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed878) returned 0xc
[0150.368] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0150.368] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0150.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0150.368] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0150.379] GetFocus () returned 0x602c4
[0150.380] IsChild (hWndParent=0xa02ca, hWnd=0x602c4) returned 0
[0150.380] ShowWindow (hWnd=0xa02ca, nCmdShow=0) returned 1
[0150.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0150.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0150.382] GetWindowPlacement (in: hWnd=0xa02ca, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0150.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0150.382] GetClientRect (in: hWnd=0xa02ca, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0150.382] GetWindowRect (in: hWnd=0xa02ca, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0150.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0150.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0150.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0150.383] GetWindowLongW (hWnd=0xa02ca, nIndex=-20) returned 327945
[0150.384] DestroyWindow (hWnd=0xa02ca) returned 1
[0150.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0150.384] GetWindowTextLengthW (hWnd=0xa02ca) returned 13
[0150.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.385] GetSystemMetrics (nIndex=42) returned 0
[0150.385] GetWindowTextW (in: hWnd=0xa02ca, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0150.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0150.385] GetWindowTextLengthW (hWnd=0x600ea) returned 0
[0150.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0150.385] GetSystemMetrics (nIndex=42) returned 0
[0150.385] GetWindowTextW (in: hWnd=0x600ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0150.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0150.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0150.385] GetWindowThreadProcessId (in: hWnd=0x302dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0150.385] GetWindow (hWnd=0x302dc, uCmd=0x5) returned 0x0
[0150.385] GetWindowLongW (hWnd=0x302dc, nIndex=-20) returned 65792
[0150.385] DestroyWindow (hWnd=0x302dc) returned 1
[0150.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0150.386] GetWindowTextLengthW (hWnd=0x302dc) returned 25
[0150.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0150.386] GetSystemMetrics (nIndex=42) returned 0
[0150.386] GetWindowTextW (in: hWnd=0x302dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0150.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0150.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0150.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x302dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.387] GetWindowTextLengthW (hWnd=0x5013e) returned 232
[0150.387] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0150.387] GetSystemMetrics (nIndex=42) returned 0
[0150.387] GetWindowTextW (in: hWnd=0x5013e, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0150.387] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0150.387] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0150.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0150.388] InvalidateRect (hWnd=0x302de, lpRect=0x0, bErase=0) returned 1
[0150.407] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0150.407] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0150.408] SendMessageW (hWnd=0x502d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0150.408] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0150.408] SendMessageW (hWnd=0x502d8, Msg=0xb0, wParam=0x2d9bdc8, lParam=0xd7e480) returned 0x0
[0150.408] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0xb0, wParam=0x2d9bdc8, lParam=0xd7e480) returned 0x0
[0150.408] GetWindowTextLengthW (hWnd=0x502d8) returned 4363
[0150.408] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0150.408] GetSystemMetrics (nIndex=42) returned 0
[0150.408] CoTaskMemAlloc (cb=0x221c) returned 0x1201740
[0150.408] GetWindowTextW (in: hWnd=0x502d8, lpString=0x1201740, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0150.408] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0xd, wParam=0x110c, lParam=0x1201740) returned 0x110b
[0150.408] CoTaskMemFree (pv=0x1201740)
[0150.408] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0150.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x600ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.410] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.411] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x402d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.412] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.413] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x302da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.415] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02ca, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0150.418] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.418] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.418] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.418] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.418] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.418] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.418] IsWindowUnicode (hWnd=0x7005c) returned 1
[0150.418] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.419] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.424] SetCursor (hCursor=0x10003) returned 0x10003
[0150.424] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.424] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.424] _TrackMouseEvent (in: lpEventTrack=0x2d39ae4 | out: lpEventTrack=0x2d39ae4) returned 1
[0150.424] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0150.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0150.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1110258) returned 0x0
[0150.424] GetKeyState (nVirtKey=1) returned 1
[0150.424] GetKeyState (nVirtKey=2) returned 0
[0150.424] GetKeyState (nVirtKey=4) returned 0
[0150.424] GetKeyState (nVirtKey=5) returned 0
[0150.424] GetKeyState (nVirtKey=6) returned 0
[0150.424] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.425] IsWindowUnicode (hWnd=0x7005c) returned 1
[0150.425] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.425] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.425] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.425] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.425] IsWindowUnicode (hWnd=0x7005c) returned 1
[0150.425] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60316) returned 0x1
[0150.426] SetCursor (hCursor=0x10003) returned 0x10003
[0150.426] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.426] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1110258) returned 0x0
[0150.426] GetKeyState (nVirtKey=1) returned 1
[0150.426] GetKeyState (nVirtKey=2) returned 0
[0150.426] GetKeyState (nVirtKey=4) returned 0
[0150.426] GetKeyState (nVirtKey=5) returned 0
[0150.426] GetKeyState (nVirtKey=6) returned 0
[0150.426] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.426] IsWindowUnicode (hWnd=0x602c4) returned 1
[0150.427] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.427] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.427] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.427] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.427] IsWindowUnicode (hWnd=0x602c4) returned 1
[0150.428] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.428] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.428] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.428] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0150.428] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.428] CreateCompatibleDC (hdc=0x60100ce) returned 0x870107d0
[0150.428] SelectObject (hdc=0x870107d0, h=0x4a0507fe) returned 0x85000f
[0150.428] GdipCreateFromHDC (hdc=0x870107d0, graphics=0xd7e798) returned 0x0
[0150.428] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0150.428] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0150.428] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0150.428] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.428] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e7f8) returned 0x0
[0150.429] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.429] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eec58) returned 0x0
[0150.429] LocalFree (hMem=0x11eec58) returned 0x0
[0150.429] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.429] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0150.429] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.429] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e7ec) returned 0x0
[0150.429] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e818) returned 0x0
[0150.429] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd340dbd) returned 0x0
[0150.429] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.429] GdipGetDC (graphics=0x6643af8, hdc=0xd7e604) returned 0x0
[0150.429] GetCurrentObject (hdc=0x870107d0, type=0x1) returned 0xb00017
[0150.429] GetCurrentObject (hdc=0x870107d0, type=0x2) returned 0x900010
[0150.429] GetCurrentObject (hdc=0x870107d0, type=0x7) returned 0x4a0507fe
[0150.429] GetCurrentObject (hdc=0x870107d0, type=0x6) returned 0x8a01c2
[0150.429] SaveDC (hdc=0x870107d0) returned 1
[0150.429] GetNearestColor (hdc=0x870107d0, color=0xff) returned 0xff
[0150.430] GetNearestColor (hdc=0x870107d0, color=0x55) returned 0x55
[0150.430] GetNearestColor (hdc=0x870107d0, color=0x0) returned 0x0
[0150.430] GetNearestColor (hdc=0x870107d0, color=0x55) returned 0x55
[0150.430] GetNearestColor (hdc=0x870107d0, color=0x0) returned 0x0
[0150.430] GetNearestColor (hdc=0x870107d0, color=0x8080ff) returned 0x8080ff
[0150.430] GetNearestColor (hdc=0x870107d0, color=0x7373e5) returned 0x7373e5
[0150.430] GetNearestColor (hdc=0x870107d0, color=0xe5) returned 0xe5
[0150.430] GetNearestColor (hdc=0x870107d0, color=0x0) returned 0x0
[0150.430] RestoreDC (hdc=0x870107d0, nSavedDC=-1) returned 1
[0150.430] GdipReleaseDC (graphics=0x6643af8, hdc=0x870107d0) returned 0x0
[0150.430] IsAppThemed () returned 0x1
[0150.430] GetThemeAppProperties () returned 0x3
[0150.430] GetThemeAppProperties () returned 0x3
[0150.430] IsAppThemed () returned 0x1
[0150.430] GetThemeAppProperties () returned 0x3
[0150.430] GetThemeAppProperties () returned 0x3
[0150.431] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2dd7c10 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0150.431] IsAppThemed () returned 0x1
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] IsAppThemed () returned 0x1
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] GetFocus () returned 0x602c4
[0150.431] IsAppThemed () returned 0x1
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] IsAppThemed () returned 0x1
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] GetThemeAppProperties () returned 0x3
[0150.431] IsThemePartDefined () returned 0x1
[0150.431] IsAppThemed () returned 0x1
[0150.432] GetThemeAppProperties () returned 0x3
[0150.432] GetThemeAppProperties () returned 0x3
[0150.432] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0150.432] IsAppThemed () returned 0x1
[0150.432] GetThemeAppProperties () returned 0x3
[0150.432] GetThemeAppProperties () returned 0x3
[0150.432] IsAppThemed () returned 0x1
[0150.432] GetThemeAppProperties () returned 0x3
[0150.432] GetThemeAppProperties () returned 0x3
[0150.432] IsThemePartDefined () returned 0x1
[0150.432] GdipCreateRegion (region=0xd7e508) returned 0x0
[0150.432] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.433] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0150.433] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.433] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e520) returned 0x0
[0150.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0150.433] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0150.433] LocalFree (hMem=0x11eea28) returned 0x0
[0150.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0150.433] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea60) returned 0x0
[0150.433] LocalFree (hMem=0x11eea60) returned 0x0
[0150.434] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.434] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e548) returned 0x0
[0150.434] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e538) returned 0x0
[0150.434] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e538) returned 0x0
[0150.434] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.434] GdipGetDC (graphics=0x6643af8, hdc=0xd7e550) returned 0x0
[0150.434] GetCurrentObject (hdc=0x870107d0, type=0x1) returned 0xb00017
[0150.434] GetCurrentObject (hdc=0x870107d0, type=0x2) returned 0x900010
[0150.434] GetCurrentObject (hdc=0x870107d0, type=0x7) returned 0x4a0507fe
[0150.434] GetCurrentObject (hdc=0x870107d0, type=0x6) returned 0x8a01c2
[0150.434] SaveDC (hdc=0x870107d0) returned 1
[0150.434] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xee0407de
[0150.434] GetClipRgn (hdc=0x870107d0, hrgn=0xee0407de) returned 0
[0150.435] SelectClipRgn (hdc=0x870107d0, hrgn=0x72040807) returned 2
[0150.435] DeleteObject (ho=0xee0407de) returned 1
[0150.435] DeleteObject (ho=0x72040807) returned 1
[0150.435] OffsetViewportOrgEx (in: hdc=0x870107d0, x=0, y=0, lppt=0x2dd82c0 | out: lppt=0x2dd82c0) returned 1
[0150.435] DrawThemeParentBackground () returned 0x0
[0150.435] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0150.435] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0150.435] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0150.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.435] GetSystemMetrics (nIndex=42) returned 0
[0150.435] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0150.436] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0150.436] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0150.436] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0150.436] SelectPalette (hdc=0x870107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.436] GdipCreateFromHDC (hdc=0x870107d0, graphics=0xd7dff8) returned 0x0
[0150.436] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0150.436] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0150.436] GdipGetWorldTransform (graphics=0x6644060, matrix=0x65ffc88) returned 0x0
[0150.436] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dfd0) returned 0x0
[0150.436] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.436] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0150.436] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0150.436] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7dfc4) returned 0x0
[0150.436] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.436] GdipSaveGraphics (graphics=0x6644060, state=0xd7dff0) returned 0x0
[0150.437] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0150.447] GdipFillRectangleI (graphics=0x6644060, brush=0x6639b38, x=0, y=0, width=801, height=453) returned 0x0
[0150.447] GdipDeleteBrush (brush=0x6639b38) returned 0x0
[0150.448] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0150.449] SelectPalette (hdc=0x870107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.449] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0150.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.449] GetSystemMetrics (nIndex=42) returned 0
[0150.449] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0150.449] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0150.449] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0150.449] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0150.449] SelectPalette (hdc=0x870107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0150.449] GdipCreateFromHDC (hdc=0x870107d0, graphics=0xd7df98) returned 0x0
[0150.449] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0150.449] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0150.449] GdipGetWorldTransform (graphics=0x6644060, matrix=0x66046e0) returned 0x0
[0150.449] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df70) returned 0x0
[0150.450] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.450] GdipCreateRegion (region=0xd7df58) returned 0x0
[0150.450] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0150.450] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7df64) returned 0x0
[0150.450] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.450] GdipSaveGraphics (graphics=0x6644060, state=0xd7df90) returned 0x0
[0150.450] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0150.464] GdipFillRectangleI (graphics=0x6644060, brush=0x6639658, x=0, y=0, width=801, height=453) returned 0x0
[0150.464] GdipDeleteBrush (brush=0x6639658) returned 0x0
[0150.466] GdipRestoreGraphics (graphics=0x6644060, state=0xfd300dbd) returned 0x0
[0150.466] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0150.466] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0150.466] GetSystemMetrics (nIndex=42) returned 0
[0150.467] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0150.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0150.467] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0150.467] SelectPalette (hdc=0x870107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.467] RestoreDC (hdc=0x870107d0, nSavedDC=-1) returned 1
[0150.467] GdipReleaseDC (graphics=0x6643af8, hdc=0x870107d0) returned 0x0
[0150.467] IsAppThemed () returned 0x1
[0150.467] GetThemeAppProperties () returned 0x3
[0150.467] GetThemeAppProperties () returned 0x3
[0150.467] IsAppThemed () returned 0x1
[0150.467] GetThemeAppProperties () returned 0x3
[0150.467] GetThemeAppProperties () returned 0x3
[0150.467] IsThemePartDefined () returned 0x1
[0150.467] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0150.467] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.468] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0150.468] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0150.468] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e4a4) returned 0x0
[0150.468] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0150.468] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee910) returned 0x0
[0150.468] LocalFree (hMem=0x11ee910) returned 0x0
[0150.468] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0150.468] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eea60) returned 0x0
[0150.468] LocalFree (hMem=0x11eea60) returned 0x0
[0150.468] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0150.468] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4cc) returned 0x0
[0150.468] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4bc) returned 0x0
[0150.468] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e4bc) returned 0x0
[0150.468] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.468] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4d4) returned 0x0
[0150.468] GetCurrentObject (hdc=0x870107d0, type=0x1) returned 0xb00017
[0150.468] GetCurrentObject (hdc=0x870107d0, type=0x2) returned 0x900010
[0150.468] GetCurrentObject (hdc=0x870107d0, type=0x7) returned 0x4a0507fe
[0150.469] GetCurrentObject (hdc=0x870107d0, type=0x6) returned 0x8a01c2
[0150.469] SaveDC (hdc=0x870107d0) returned 1
[0150.469] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x73040807
[0150.469] GetClipRgn (hdc=0x870107d0, hrgn=0x73040807) returned 0
[0150.469] SelectClipRgn (hdc=0x870107d0, hrgn=0xf00407de) returned 2
[0150.469] DeleteObject (ho=0x73040807) returned 1
[0150.469] DeleteObject (ho=0xf00407de) returned 1
[0150.469] OffsetViewportOrgEx (in: hdc=0x870107d0, x=0, y=0, lppt=0x2ddeb10 | out: lppt=0x2ddeb10) returned 1
[0150.469] IsAppThemed () returned 0x1
[0150.469] GetThemeAppProperties () returned 0x3
[0150.469] GetThemeAppProperties () returned 0x3
[0150.469] DrawThemeBackground () returned 0x0
[0150.469] RestoreDC (hdc=0x870107d0, nSavedDC=-1) returned 1
[0150.469] GdipReleaseDC (graphics=0x6643af8, hdc=0x870107d0) returned 0x0
[0150.469] GdipCreateRegion (region=0xd7e490) returned 0x0
[0150.469] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0150.469] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0150.470] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0150.470] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e4a8) returned 0x0
[0150.470] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.470] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0150.470] LocalFree (hMem=0x11eec58) returned 0x0
[0150.470] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0150.470] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0150.470] LocalFree (hMem=0x11eec58) returned 0x0
[0150.470] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0150.470] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4d0) returned 0x0
[0150.470] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4c0) returned 0x0
[0150.470] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e4c0) returned 0x0
[0150.470] GdipDeleteRegion (region=0x663e340) returned 0x0
[0150.470] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4d8) returned 0x0
[0150.470] GetCurrentObject (hdc=0x870107d0, type=0x1) returned 0xb00017
[0150.470] GetCurrentObject (hdc=0x870107d0, type=0x2) returned 0x900010
[0150.470] GetCurrentObject (hdc=0x870107d0, type=0x7) returned 0x4a0507fe
[0150.470] GetCurrentObject (hdc=0x870107d0, type=0x6) returned 0x8a01c2
[0150.470] SaveDC (hdc=0x870107d0) returned 1
[0150.471] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf10407de
[0150.471] GetClipRgn (hdc=0x870107d0, hrgn=0xf10407de) returned 0
[0150.471] SelectClipRgn (hdc=0x870107d0, hrgn=0x74040807) returned 2
[0150.471] DeleteObject (ho=0xf10407de) returned 1
[0150.471] DeleteObject (ho=0x74040807) returned 1
[0150.471] OffsetViewportOrgEx (in: hdc=0x870107d0, x=0, y=0, lppt=0x2ddede4 | out: lppt=0x2ddede4) returned 1
[0150.471] IsAppThemed () returned 0x1
[0150.471] GetThemeAppProperties () returned 0x3
[0150.471] GetThemeAppProperties () returned 0x3
[0150.471] GetThemeBackgroundContentRect () returned 0x0
[0150.471] RestoreDC (hdc=0x870107d0, nSavedDC=-1) returned 1
[0150.471] GdipReleaseDC (graphics=0x6643af8, hdc=0x870107d0) returned 0x0
[0150.471] GdipGetNearestColor (graphics=0x6643af8, argb=0xd7e5e4) returned 0x0
[0150.471] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0150.471] GdipFillRectangleI (graphics=0x6643af8, brush=0x663e340, x=4, y=4, width=67, height=15) returned 0x0
[0150.471] GdipDeleteBrush (brush=0x663e340) returned 0x0
[0150.471] IsAppThemed () returned 0x1
[0150.471] GetThemeAppProperties () returned 0x3
[0150.471] GetThemeAppProperties () returned 0x3
[0150.471] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e60c) returned 0x0
[0150.472] GdipGetDC (graphics=0x6643af8, hdc=0xd7e5f8) returned 0x0
[0150.472] GetCurrentObject (hdc=0x870107d0, type=0x1) returned 0xb00017
[0150.472] GetCurrentObject (hdc=0x870107d0, type=0x2) returned 0x900010
[0150.472] GetCurrentObject (hdc=0x870107d0, type=0x7) returned 0x4a0507fe
[0150.472] GetCurrentObject (hdc=0x870107d0, type=0x6) returned 0x8a01c2
[0150.472] SaveDC (hdc=0x870107d0) returned 1
[0150.472] GetTextAlign (hdc=0x870107d0) returned 0x0
[0150.472] GetTextColor (hdc=0x870107d0) returned 0x0
[0150.472] GetCurrentObject (hdc=0x870107d0, type=0x6) returned 0x8a01c2
[0150.472] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0150.472] SelectObject (hdc=0x870107d0, h=0x6d0a0520) returned 0x8a01c2
[0150.472] GetBkMode (hdc=0x870107d0) returned 2
[0150.472] SetBkMode (hdc=0x870107d0, mode=1) returned 2
[0150.472] DrawTextExW (in: hdc=0x870107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2ddf1a8 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0150.473] DrawTextExW (in: hdc=0x870107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2ddf1a8 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0150.473] RestoreDC (hdc=0x870107d0, nSavedDC=-1) returned 1
[0150.473] GdipReleaseDC (graphics=0x6643af8, hdc=0x870107d0) returned 0x0
[0150.473] GetFocus () returned 0x602c4
[0150.473] IsAppThemed () returned 0x1
[0150.473] GetThemeAppProperties () returned 0x3
[0150.473] GetThemeAppProperties () returned 0x3
[0150.473] GdipGetDC (graphics=0x6643af8, hdc=0xd7e7d8) returned 0x0
[0150.473] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x870107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0150.474] GdipReleaseDC (graphics=0x6643af8, hdc=0x870107d0) returned 0x0
[0150.474] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0150.474] SelectObject (hdc=0x870107d0, h=0x85000f) returned 0x4a0507fe
[0150.474] DeleteDC (hdc=0x870107d0) returned 1
[0150.474] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0150.474] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0150.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.475] WaitMessage () returned 1
[0150.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.496] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.496] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.496] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.496] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.501] WaitMessage () returned 1
[0150.503] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.503] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.504] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.504] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.504] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.505] WaitMessage () returned 1
[0150.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.505] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.505] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.506] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.506] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.507] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.507] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.507] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.507] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.507] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.507] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.507] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.508] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.508] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.508] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.508] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.508] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.508] WaitMessage () returned 1
[0150.508] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.509] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.509] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.509] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.509] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.510] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.511] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.511] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.511] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.511] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.511] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.511] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.511] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.511] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.512] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.512] WaitMessage () returned 1
[0150.512] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.512] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.512] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.512] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.512] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.514] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.514] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.514] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.514] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.514] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.515] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.515] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.515] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.515] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.515] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.515] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.515] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.515] WaitMessage () returned 1
[0150.516] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.516] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.516] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.516] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.516] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.517] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.518] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.518] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.518] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.518] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.518] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.518] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.518] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.518] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.518] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.518] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.519] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.519] WaitMessage () returned 1
[0150.520] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.520] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.520] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.521] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.521] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.521] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.521] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.521] WaitMessage () returned 1
[0150.577] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.577] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.577] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.577] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.577] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.579] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.579] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.579] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.579] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.579] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.580] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.580] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.580] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.580] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.580] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.580] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.580] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.580] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.580] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.581] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.581] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.581] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.581] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.581] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.581] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.581] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.582] IsWindowUnicode (hWnd=0x30122) returned 1
[0150.582] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.582] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.582] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.582] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.582] IsWindowUnicode (hWnd=0x7005c) returned 1
[0150.582] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.582] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.582] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.583] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.583] IsWindowUnicode (hWnd=0x7005c) returned 1
[0150.583] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.583] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.583] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1110258) returned 0x0
[0150.583] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.583] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.583] WaitMessage () returned 1
[0150.672] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.673] IsWindowUnicode (hWnd=0x502c6) returned 1
[0150.673] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0150.673] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0150.673] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0150.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0150.673] WaitMessage () returned 1
[0152.771] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0105) returned 0x1
[0152.773] IsWindowUnicode (hWnd=0x602c4) returned 1
[0152.773] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.773] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0152.773] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0152.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0152.773] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.773] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0105) returned 0x1
[0152.773] IsWindowUnicode (hWnd=0x602c4) returned 1
[0152.773] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0105) returned 0x1
[0152.774] SetCursor (hCursor=0x10003) returned 0x10003
[0152.774] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0152.774] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0152.774] _TrackMouseEvent (in: lpEventTrack=0x2ccbf0c | out: lpEventTrack=0x2ccbf0c) returned 1
[0152.774] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0152.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0152.774] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0152.774] GetKeyState (nVirtKey=1) returned 1
[0152.775] GetKeyState (nVirtKey=2) returned 0
[0152.775] GetKeyState (nVirtKey=4) returned 0
[0152.775] GetKeyState (nVirtKey=5) returned 0
[0152.775] GetKeyState (nVirtKey=6) returned 0
[0152.775] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.775] IsWindowUnicode (hWnd=0x602c4) returned 1
[0152.775] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.775] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0152.775] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0152.775] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0152.775] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0152.776] CreateCompatibleDC (hdc=0x60100ce) returned 0x620107d3
[0152.776] SelectObject (hdc=0x620107d3, h=0x4a0507fe) returned 0x85000f
[0152.776] GdipCreateFromHDC (hdc=0x620107d3, graphics=0xd7e798) returned 0x0
[0152.776] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0152.776] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0152.776] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0152.776] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0152.777] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e7f8) returned 0x0
[0152.777] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0152.777] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11ee910) returned 0x0
[0152.777] LocalFree (hMem=0x11ee910) returned 0x0
[0152.777] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0152.777] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0152.777] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0152.777] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e7ec) returned 0x0
[0152.777] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e818) returned 0x0
[0152.777] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd2e0dbd) returned 0x0
[0152.777] GdipDeleteRegion (region=0x663e340) returned 0x0
[0152.777] GdipGetDC (graphics=0x6643af8, hdc=0xd7e5f8) returned 0x0
[0152.777] GetCurrentObject (hdc=0x620107d3, type=0x1) returned 0xb00017
[0152.777] GetCurrentObject (hdc=0x620107d3, type=0x2) returned 0x900010
[0152.777] GetCurrentObject (hdc=0x620107d3, type=0x7) returned 0x4a0507fe
[0152.778] GetCurrentObject (hdc=0x620107d3, type=0x6) returned 0x8a01c2
[0152.778] SaveDC (hdc=0x620107d3) returned 1
[0152.778] GetNearestColor (hdc=0x620107d3, color=0xff) returned 0xff
[0152.778] GetNearestColor (hdc=0x620107d3, color=0x55) returned 0x55
[0152.778] GetNearestColor (hdc=0x620107d3, color=0x0) returned 0x0
[0152.778] GetNearestColor (hdc=0x620107d3, color=0x55) returned 0x55
[0152.778] GetNearestColor (hdc=0x620107d3, color=0x0) returned 0x0
[0152.778] GetNearestColor (hdc=0x620107d3, color=0x8080ff) returned 0x8080ff
[0152.779] GetNearestColor (hdc=0x620107d3, color=0x7373e5) returned 0x7373e5
[0152.779] GetNearestColor (hdc=0x620107d3, color=0xe5) returned 0xe5
[0152.779] GetNearestColor (hdc=0x620107d3, color=0x0) returned 0x0
[0152.779] RestoreDC (hdc=0x620107d3, nSavedDC=-1) returned 1
[0152.779] GdipReleaseDC (graphics=0x6643af8, hdc=0x620107d3) returned 0x0
[0152.779] IsAppThemed () returned 0x1
[0152.779] GetThemeAppProperties () returned 0x3
[0152.779] GetThemeAppProperties () returned 0x3
[0152.779] IsAppThemed () returned 0x1
[0152.779] GetThemeAppProperties () returned 0x3
[0152.779] GetThemeAppProperties () returned 0x3
[0152.779] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2ddfb18 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0152.780] IsAppThemed () returned 0x1
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] IsAppThemed () returned 0x1
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] IsAppThemed () returned 0x1
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] IsAppThemed () returned 0x1
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] GetThemeAppProperties () returned 0x3
[0152.780] IsThemePartDefined () returned 0x1
[0152.780] IsAppThemed () returned 0x1
[0152.781] GetThemeAppProperties () returned 0x3
[0152.781] GetThemeAppProperties () returned 0x3
[0152.781] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0152.781] IsAppThemed () returned 0x1
[0152.781] GetThemeAppProperties () returned 0x3
[0152.781] GetThemeAppProperties () returned 0x3
[0152.781] IsAppThemed () returned 0x1
[0152.781] GetThemeAppProperties () returned 0x3
[0152.781] GetThemeAppProperties () returned 0x3
[0152.781] IsThemePartDefined () returned 0x1
[0152.781] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0152.781] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0152.781] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0152.781] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0152.781] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e514) returned 0x0
[0152.781] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0152.781] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea98) returned 0x0
[0152.781] LocalFree (hMem=0x11eea98) returned 0x0
[0152.781] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0152.781] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0152.782] LocalFree (hMem=0x11eec58) returned 0x0
[0152.782] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0152.782] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e53c) returned 0x0
[0152.782] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e52c) returned 0x0
[0152.782] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e52c) returned 0x0
[0152.782] GdipDeleteRegion (region=0x663e340) returned 0x0
[0152.782] GdipGetDC (graphics=0x6643af8, hdc=0xd7e544) returned 0x0
[0152.782] GetCurrentObject (hdc=0x620107d3, type=0x1) returned 0xb00017
[0152.782] GetCurrentObject (hdc=0x620107d3, type=0x2) returned 0x900010
[0152.782] GetCurrentObject (hdc=0x620107d3, type=0x7) returned 0x4a0507fe
[0152.782] GetCurrentObject (hdc=0x620107d3, type=0x6) returned 0x8a01c2
[0152.782] SaveDC (hdc=0x620107d3) returned 1
[0152.782] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x75040807
[0152.782] GetClipRgn (hdc=0x620107d3, hrgn=0x75040807) returned 0
[0152.783] SelectClipRgn (hdc=0x620107d3, hrgn=0xf50407de) returned 2
[0152.783] DeleteObject (ho=0x75040807) returned 1
[0152.783] DeleteObject (ho=0xf50407de) returned 1
[0152.783] OffsetViewportOrgEx (in: hdc=0x620107d3, x=0, y=0, lppt=0x2de01c8 | out: lppt=0x2de01c8) returned 1
[0152.783] DrawThemeParentBackground () returned 0x0
[0152.783] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0152.783] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0152.783] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0152.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0152.783] GetSystemMetrics (nIndex=42) returned 0
[0152.783] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0152.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0152.783] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0152.784] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0152.784] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0152.784] SelectPalette (hdc=0x620107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0152.784] GdipCreateFromHDC (hdc=0x620107d3, graphics=0xd7dff0) returned 0x0
[0152.784] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0152.784] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0152.784] GdipGetWorldTransform (graphics=0x6644060, matrix=0x65ffc88) returned 0x0
[0152.785] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dfc8) returned 0x0
[0152.785] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0152.785] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0152.785] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0152.785] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7dfbc) returned 0x0
[0152.785] GdipDeleteRegion (region=0x663e340) returned 0x0
[0152.785] GdipSaveGraphics (graphics=0x6644060, state=0xd7dfe8) returned 0x0
[0152.785] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0152.798] GdipFillRectangleI (graphics=0x6644060, brush=0x6639da8, x=0, y=0, width=801, height=453) returned 0x0
[0152.798] GdipDeleteBrush (brush=0x6639da8) returned 0x0
[0152.800] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0152.800] SelectPalette (hdc=0x620107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0152.800] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0152.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0152.800] GetSystemMetrics (nIndex=42) returned 0
[0152.800] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0152.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0152.800] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0152.800] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0152.800] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0152.800] SelectPalette (hdc=0x620107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0152.800] GdipCreateFromHDC (hdc=0x620107d3, graphics=0xd7df90) returned 0x0
[0152.801] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0152.801] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0152.801] GdipGetWorldTransform (graphics=0x6644060, matrix=0x66046e0) returned 0x0
[0152.801] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df68) returned 0x0
[0152.801] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0152.801] GdipCreateRegion (region=0xd7df50) returned 0x0
[0152.801] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0152.801] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7df5c) returned 0x0
[0152.801] GdipDeleteRegion (region=0x663e340) returned 0x0
[0152.801] GdipSaveGraphics (graphics=0x6644060, state=0xd7df88) returned 0x0
[0152.801] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0152.813] GdipFillRectangleI (graphics=0x6644060, brush=0x6639790, x=0, y=0, width=801, height=453) returned 0x0
[0152.813] GdipDeleteBrush (brush=0x6639790) returned 0x0
[0152.815] GdipRestoreGraphics (graphics=0x6644060, state=0xfd2a0dbd) returned 0x0
[0152.815] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0152.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0152.815] GetSystemMetrics (nIndex=42) returned 0
[0152.815] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0152.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0152.815] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0152.815] SelectPalette (hdc=0x620107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0152.816] RestoreDC (hdc=0x620107d3, nSavedDC=-1) returned 1
[0152.816] GdipReleaseDC (graphics=0x6643af8, hdc=0x620107d3) returned 0x0
[0152.816] IsAppThemed () returned 0x1
[0152.816] GetThemeAppProperties () returned 0x3
[0152.816] GetThemeAppProperties () returned 0x3
[0152.816] IsAppThemed () returned 0x1
[0152.816] GetThemeAppProperties () returned 0x3
[0152.816] GetThemeAppProperties () returned 0x3
[0152.816] IsThemePartDefined () returned 0x1
[0152.816] GdipCreateRegion (region=0xd7e480) returned 0x0
[0152.816] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0152.816] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0152.816] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0152.816] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e498) returned 0x0
[0152.816] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0152.816] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eed00) returned 0x0
[0152.817] LocalFree (hMem=0x11eed00) returned 0x0
[0152.817] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0152.817] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eed00) returned 0x0
[0152.817] LocalFree (hMem=0x11eed00) returned 0x0
[0152.817] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0152.817] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4c0) returned 0x0
[0152.817] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4b0) returned 0x0
[0152.817] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e4b0) returned 0x0
[0152.817] GdipDeleteRegion (region=0x663e340) returned 0x0
[0152.817] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4c8) returned 0x0
[0152.817] GetCurrentObject (hdc=0x620107d3, type=0x1) returned 0xb00017
[0152.817] GetCurrentObject (hdc=0x620107d3, type=0x2) returned 0x900010
[0152.817] GetCurrentObject (hdc=0x620107d3, type=0x7) returned 0x4a0507fe
[0152.817] GetCurrentObject (hdc=0x620107d3, type=0x6) returned 0x8a01c2
[0152.817] SaveDC (hdc=0x620107d3) returned 1
[0152.818] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf60407de
[0152.818] GetClipRgn (hdc=0x620107d3, hrgn=0xf60407de) returned 0
[0152.818] SelectClipRgn (hdc=0x620107d3, hrgn=0x77040807) returned 2
[0152.818] DeleteObject (ho=0xf60407de) returned 1
[0152.818] DeleteObject (ho=0x77040807) returned 1
[0152.818] OffsetViewportOrgEx (in: hdc=0x620107d3, x=0, y=0, lppt=0x2de6a18 | out: lppt=0x2de6a18) returned 1
[0152.818] IsAppThemed () returned 0x1
[0152.818] GetThemeAppProperties () returned 0x3
[0152.818] GetThemeAppProperties () returned 0x3
[0152.818] DrawThemeBackground () returned 0x0
[0152.818] RestoreDC (hdc=0x620107d3, nSavedDC=-1) returned 1
[0152.818] GdipReleaseDC (graphics=0x6643af8, hdc=0x620107d3) returned 0x0
[0152.818] GdipCreateRegion (region=0xd7e484) returned 0x0
[0152.818] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0152.819] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0152.819] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0152.819] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e49c) returned 0x0
[0152.819] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0152.819] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0152.819] LocalFree (hMem=0x11ee788) returned 0x0
[0152.819] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0152.819] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0152.819] LocalFree (hMem=0x11ee8d8) returned 0x0
[0152.819] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0152.819] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4c4) returned 0x0
[0152.819] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e4b4) returned 0x0
[0152.819] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e4b4) returned 0x0
[0152.819] GdipDeleteRegion (region=0x663e340) returned 0x0
[0152.820] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4cc) returned 0x0
[0152.820] GetCurrentObject (hdc=0x620107d3, type=0x1) returned 0xb00017
[0152.820] GetCurrentObject (hdc=0x620107d3, type=0x2) returned 0x900010
[0152.820] GetCurrentObject (hdc=0x620107d3, type=0x7) returned 0x4a0507fe
[0152.820] GetCurrentObject (hdc=0x620107d3, type=0x6) returned 0x8a01c2
[0152.820] SaveDC (hdc=0x620107d3) returned 1
[0152.820] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x78040807
[0152.820] GetClipRgn (hdc=0x620107d3, hrgn=0x78040807) returned 0
[0152.820] SelectClipRgn (hdc=0x620107d3, hrgn=0xf70407de) returned 2
[0152.820] DeleteObject (ho=0x78040807) returned 1
[0152.820] DeleteObject (ho=0xf70407de) returned 1
[0152.820] OffsetViewportOrgEx (in: hdc=0x620107d3, x=0, y=0, lppt=0x2de6cec | out: lppt=0x2de6cec) returned 1
[0152.820] IsAppThemed () returned 0x1
[0152.820] GetThemeAppProperties () returned 0x3
[0152.821] GetThemeAppProperties () returned 0x3
[0152.821] GetThemeBackgroundContentRect () returned 0x0
[0152.821] RestoreDC (hdc=0x620107d3, nSavedDC=-1) returned 1
[0152.821] GdipReleaseDC (graphics=0x6643af8, hdc=0x620107d3) returned 0x0
[0152.821] GdipGetNearestColor (graphics=0x6643af8, argb=0xd7e5d8) returned 0x0
[0152.821] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0152.821] GdipFillRectangleI (graphics=0x6643af8, brush=0x663e340, x=4, y=4, width=67, height=15) returned 0x0
[0152.821] GdipDeleteBrush (brush=0x663e340) returned 0x0
[0152.821] IsAppThemed () returned 0x1
[0152.821] GetThemeAppProperties () returned 0x3
[0152.821] GetThemeAppProperties () returned 0x3
[0152.821] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e600) returned 0x0
[0152.821] GdipGetDC (graphics=0x6643af8, hdc=0xd7e5ec) returned 0x0
[0152.821] GetCurrentObject (hdc=0x620107d3, type=0x1) returned 0xb00017
[0152.821] GetCurrentObject (hdc=0x620107d3, type=0x2) returned 0x900010
[0152.821] GetCurrentObject (hdc=0x620107d3, type=0x7) returned 0x4a0507fe
[0152.821] GetCurrentObject (hdc=0x620107d3, type=0x6) returned 0x8a01c2
[0152.822] SaveDC (hdc=0x620107d3) returned 1
[0152.822] GetTextAlign (hdc=0x620107d3) returned 0x0
[0152.822] GetTextColor (hdc=0x620107d3) returned 0x0
[0152.822] GetCurrentObject (hdc=0x620107d3, type=0x6) returned 0x8a01c2
[0152.822] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0152.822] SelectObject (hdc=0x620107d3, h=0x6d0a0520) returned 0x8a01c2
[0152.822] GetBkMode (hdc=0x620107d3) returned 2
[0152.822] SetBkMode (hdc=0x620107d3, mode=1) returned 2
[0152.822] DrawTextExW (in: hdc=0x620107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2de70b0 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0152.823] DrawTextExW (in: hdc=0x620107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2de70b0 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0152.823] RestoreDC (hdc=0x620107d3, nSavedDC=-1) returned 1
[0152.823] GdipReleaseDC (graphics=0x6643af8, hdc=0x620107d3) returned 0x0
[0152.823] GetFocus () returned 0x602c4
[0152.823] IsAppThemed () returned 0x1
[0152.823] GetThemeAppProperties () returned 0x3
[0152.823] GetThemeAppProperties () returned 0x3
[0152.823] GdipGetDC (graphics=0x6643af8, hdc=0xd7e7d8) returned 0x0
[0152.824] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x620107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0152.824] GdipReleaseDC (graphics=0x6643af8, hdc=0x620107d3) returned 0x0
[0152.824] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0152.824] SelectObject (hdc=0x620107d3, h=0x85000f) returned 0x4a0507fe
[0152.824] DeleteDC (hdc=0x620107d3) returned 1
[0152.824] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0152.825] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0152.825] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0152.825] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0152.825] WaitMessage () returned 1
[0152.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.894] IsWindowUnicode (hWnd=0x602c4) returned 1
[0152.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0152.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0152.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.894] IsWindowUnicode (hWnd=0x602c4) returned 1
[0152.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0152.895] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0152.895] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0152.895] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x7002a) returned 0x0
[0152.895] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0152.895] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0152.895] WaitMessage () returned 1
[0153.039] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0153.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0105) returned 0x1
[0153.040] IsWindowUnicode (hWnd=0x602c4) returned 1
[0153.040] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0153.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0105) returned 0x1
[0153.040] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0153.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1990047) returned 0x0
[0153.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0153.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0153.041] SetCursor (hCursor=0x10003) returned 0x10003
[0153.041] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0153.041] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0153.041] GetKeyState (nVirtKey=1) returned -128
[0153.041] GetKeyState (nVirtKey=2) returned 0
[0153.041] GetKeyState (nVirtKey=4) returned 0
[0153.041] GetKeyState (nVirtKey=5) returned 0
[0153.041] GetKeyState (nVirtKey=6) returned 0
[0153.041] IsWindowVisible (hWnd=0x602c4) returned 1
[0153.041] IsWindowEnabled (hWnd=0x602c4) returned 1
[0153.041] SetFocus (hWnd=0x602c4) returned 0x602c4
[0153.041] GetFocus () returned 0x602c4
[0153.042] GetFocus () returned 0x602c4
[0153.042] GetFocus () returned 0x602c4
[0153.042] GetKeyState (nVirtKey=1) returned -128
[0153.042] GetKeyState (nVirtKey=2) returned 0
[0153.042] GetKeyState (nVirtKey=4) returned 0
[0153.042] GetKeyState (nVirtKey=5) returned 0
[0153.042] GetKeyState (nVirtKey=6) returned 0
[0153.042] GetCapture () returned 0x0
[0153.042] SetCapture (hWnd=0x602c4) returned 0x0
[0153.042] GetKeyState (nVirtKey=1) returned -128
[0153.042] GetKeyState (nVirtKey=2) returned 0
[0153.042] GetKeyState (nVirtKey=4) returned 0
[0153.042] GetKeyState (nVirtKey=5) returned 0
[0153.042] GetKeyState (nVirtKey=6) returned 0
[0153.042] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0153.042] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0153.043] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0153.043] IsWindowUnicode (hWnd=0x602c4) returned 1
[0153.043] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0153.043] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0153.043] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0153.043] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2de7234, cPoints=0x1 | out: lpPoints=0x2de7234) returned 40304859
[0153.043] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0153.043] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0153.043] UpdateWindow (hWnd=0x602c4) returned 1
[0153.043] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0153.044] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.044] CreateCompatibleDC (hdc=0x60100ce) returned 0x630107d3
[0153.044] SelectObject (hdc=0x630107d3, h=0x4a0507fe) returned 0x85000f
[0153.044] GdipCreateFromHDC (hdc=0x630107d3, graphics=0xd7e430) returned 0x0
[0153.044] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0153.044] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0153.044] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0153.044] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0153.044] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e490) returned 0x0
[0153.044] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0153.045] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eec58) returned 0x0
[0153.045] LocalFree (hMem=0x11eec58) returned 0x0
[0153.045] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0153.045] GdipCreateRegion (region=0xd7e478) returned 0x0
[0153.045] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0153.045] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e484) returned 0x0
[0153.045] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e4b0) returned 0x0
[0153.045] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd280dbd) returned 0x0
[0153.045] GdipDeleteRegion (region=0x663e340) returned 0x0
[0153.045] GdipGetDC (graphics=0x6643af8, hdc=0xd7e290) returned 0x0
[0153.045] GetCurrentObject (hdc=0x630107d3, type=0x1) returned 0xb00017
[0153.045] GetCurrentObject (hdc=0x630107d3, type=0x2) returned 0x900010
[0153.046] GetCurrentObject (hdc=0x630107d3, type=0x7) returned 0x4a0507fe
[0153.046] GetCurrentObject (hdc=0x630107d3, type=0x6) returned 0x8a01c2
[0153.046] SaveDC (hdc=0x630107d3) returned 1
[0153.046] GetNearestColor (hdc=0x630107d3, color=0xff) returned 0xff
[0153.046] GetNearestColor (hdc=0x630107d3, color=0x55) returned 0x55
[0153.046] GetNearestColor (hdc=0x630107d3, color=0x0) returned 0x0
[0153.046] GetNearestColor (hdc=0x630107d3, color=0x55) returned 0x55
[0153.046] GetNearestColor (hdc=0x630107d3, color=0x0) returned 0x0
[0153.046] GetNearestColor (hdc=0x630107d3, color=0x8080ff) returned 0x8080ff
[0153.046] GetNearestColor (hdc=0x630107d3, color=0x7373e5) returned 0x7373e5
[0153.046] GetNearestColor (hdc=0x630107d3, color=0xe5) returned 0xe5
[0153.047] GetNearestColor (hdc=0x630107d3, color=0x0) returned 0x0
[0153.047] RestoreDC (hdc=0x630107d3, nSavedDC=-1) returned 1
[0153.047] GdipReleaseDC (graphics=0x6643af8, hdc=0x630107d3) returned 0x0
[0153.047] IsAppThemed () returned 0x1
[0153.047] GetThemeAppProperties () returned 0x3
[0153.047] GetThemeAppProperties () returned 0x3
[0153.047] IsAppThemed () returned 0x1
[0153.047] GetThemeAppProperties () returned 0x3
[0153.050] GetThemeAppProperties () returned 0x3
[0153.050] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2de7950 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0153.051] IsAppThemed () returned 0x1
[0153.051] GetThemeAppProperties () returned 0x3
[0153.051] GetThemeAppProperties () returned 0x3
[0153.051] IsAppThemed () returned 0x1
[0153.051] GetThemeAppProperties () returned 0x3
[0153.051] GetThemeAppProperties () returned 0x3
[0153.051] IsAppThemed () returned 0x1
[0153.051] GetThemeAppProperties () returned 0x3
[0153.051] GetThemeAppProperties () returned 0x3
[0153.051] IsAppThemed () returned 0x1
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] IsThemePartDefined () returned 0x1
[0153.052] IsAppThemed () returned 0x1
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0153.052] IsAppThemed () returned 0x1
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] IsAppThemed () returned 0x1
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] GetThemeAppProperties () returned 0x3
[0153.052] IsThemePartDefined () returned 0x1
[0153.052] GdipCreateRegion (region=0xd7e194) returned 0x0
[0153.052] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0153.053] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0153.053] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.053] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e1ac) returned 0x0
[0153.053] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0153.053] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0153.053] LocalFree (hMem=0x11eec58) returned 0x0
[0153.053] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0153.053] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0153.053] LocalFree (hMem=0x11eecc8) returned 0x0
[0153.053] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.053] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e1d4) returned 0x0
[0153.053] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e1c4) returned 0x0
[0153.054] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e1c4) returned 0x0
[0153.054] GdipDeleteRegion (region=0x663e340) returned 0x0
[0153.054] GdipGetDC (graphics=0x6643af8, hdc=0xd7e1dc) returned 0x0
[0153.054] GetCurrentObject (hdc=0x630107d3, type=0x1) returned 0xb00017
[0153.054] GetCurrentObject (hdc=0x630107d3, type=0x2) returned 0x900010
[0153.054] GetCurrentObject (hdc=0x630107d3, type=0x7) returned 0x4a0507fe
[0153.054] GetCurrentObject (hdc=0x630107d3, type=0x6) returned 0x8a01c2
[0153.054] SaveDC (hdc=0x630107d3) returned 1
[0153.054] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf80407de
[0153.054] GetClipRgn (hdc=0x630107d3, hrgn=0xf80407de) returned 0
[0153.054] SelectClipRgn (hdc=0x630107d3, hrgn=0x7c040807) returned 2
[0153.055] DeleteObject (ho=0xf80407de) returned 1
[0153.055] DeleteObject (ho=0x7c040807) returned 1
[0153.055] OffsetViewportOrgEx (in: hdc=0x630107d3, x=0, y=0, lppt=0x2de8000 | out: lppt=0x2de8000) returned 1
[0153.055] DrawThemeParentBackground () returned 0x0
[0153.055] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0153.055] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0153.055] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0153.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.055] GetSystemMetrics (nIndex=42) returned 0
[0153.057] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0153.057] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0153.057] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0153.057] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0153.057] SelectPalette (hdc=0x630107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.058] GdipCreateFromHDC (hdc=0x630107d3, graphics=0xd7dc88) returned 0x0
[0153.058] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0153.059] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0153.059] GdipGetWorldTransform (graphics=0x6644060, matrix=0x65ffc88) returned 0x0
[0153.059] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7dc60) returned 0x0
[0153.059] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0153.059] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0153.059] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0153.059] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7dc54) returned 0x0
[0153.059] GdipDeleteRegion (region=0x663e340) returned 0x0
[0153.059] GdipSaveGraphics (graphics=0x6644060, state=0xd7dc80) returned 0x0
[0153.059] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0153.070] GdipFillRectangleI (graphics=0x6644060, brush=0x6639178, x=0, y=0, width=801, height=453) returned 0x0
[0153.070] GdipDeleteBrush (brush=0x6639178) returned 0x0
[0153.073] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0153.073] SelectPalette (hdc=0x630107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.073] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0153.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.073] GetSystemMetrics (nIndex=42) returned 0
[0153.073] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0153.073] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0153.073] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0153.073] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0153.073] SelectPalette (hdc=0x630107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.074] GdipCreateFromHDC (hdc=0x630107d3, graphics=0xd7dc28) returned 0x0
[0153.074] GdipSetPageUnit (graphics=0x6644060, unit=0x2) returned 0x0
[0153.074] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0153.074] GdipGetWorldTransform (graphics=0x6644060, matrix=0x66046e0) returned 0x0
[0153.074] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc00) returned 0x0
[0153.074] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.074] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0153.074] GdipGetClip (graphics=0x6644060, region=0x663e340) returned 0x0
[0153.074] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6644060, result=0xd7dbf4) returned 0x0
[0153.074] GdipDeleteRegion (region=0x663e340) returned 0x0
[0153.074] GdipSaveGraphics (graphics=0x6644060, state=0xd7dc20) returned 0x0
[0153.075] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0153.097] GdipFillRectangleI (graphics=0x6644060, brush=0x6639da8, x=0, y=0, width=801, height=453) returned 0x0
[0153.098] GdipDeleteBrush (brush=0x6639da8) returned 0x0
[0153.100] GdipRestoreGraphics (graphics=0x6644060, state=0xfd240dbd) returned 0x0
[0153.100] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0153.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.100] GetSystemMetrics (nIndex=42) returned 0
[0153.100] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0153.100] GdipDeleteGraphics (graphics=0x6644060) returned 0x0
[0153.100] SelectPalette (hdc=0x630107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.100] RestoreDC (hdc=0x630107d3, nSavedDC=-1) returned 1
[0153.101] GdipReleaseDC (graphics=0x6643af8, hdc=0x630107d3) returned 0x0
[0153.101] IsAppThemed () returned 0x1
[0153.101] GetThemeAppProperties () returned 0x3
[0153.101] GetThemeAppProperties () returned 0x3
[0153.101] IsAppThemed () returned 0x1
[0153.101] GetThemeAppProperties () returned 0x3
[0153.101] GetThemeAppProperties () returned 0x3
[0153.101] IsThemePartDefined () returned 0x1
[0153.101] GdipCreateRegion (region=0xd7e118) returned 0x0
[0153.101] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0153.101] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0153.101] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x65ffc88) returned 0x0
[0153.102] GdipIsMatrixIdentity (matrix=0x65ffc88, result=0xd7e130) returned 0x0
[0153.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0153.102] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eead0) returned 0x0
[0153.102] LocalFree (hMem=0x11eead0) returned 0x0
[0153.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0153.102] GdipGetMatrixElements (matrix=0x65ffc88, matrixOut=0x11eea60) returned 0x0
[0153.102] LocalFree (hMem=0x11eea60) returned 0x0
[0153.102] GdipDeleteMatrix (matrix=0x65ffc88) returned 0x0
[0153.102] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e158) returned 0x0
[0153.102] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e148) returned 0x0
[0153.102] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e148) returned 0x0
[0153.102] GdipDeleteRegion (region=0x663e340) returned 0x0
[0153.102] GdipGetDC (graphics=0x6643af8, hdc=0xd7e160) returned 0x0
[0153.103] GetCurrentObject (hdc=0x630107d3, type=0x1) returned 0xb00017
[0153.103] GetCurrentObject (hdc=0x630107d3, type=0x2) returned 0x900010
[0153.103] GetCurrentObject (hdc=0x630107d3, type=0x7) returned 0x4a0507fe
[0153.103] GetCurrentObject (hdc=0x630107d3, type=0x6) returned 0x8a01c2
[0153.103] SaveDC (hdc=0x630107d3) returned 1
[0153.103] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7d040807
[0153.103] GetClipRgn (hdc=0x630107d3, hrgn=0x7d040807) returned 0
[0153.103] SelectClipRgn (hdc=0x630107d3, hrgn=0xfa0407de) returned 2
[0153.103] DeleteObject (ho=0x7d040807) returned 1
[0153.103] DeleteObject (ho=0xfa0407de) returned 1
[0153.103] OffsetViewportOrgEx (in: hdc=0x630107d3, x=0, y=0, lppt=0x2dee850 | out: lppt=0x2dee850) returned 1
[0153.104] IsAppThemed () returned 0x1
[0153.104] GetThemeAppProperties () returned 0x3
[0153.104] GetThemeAppProperties () returned 0x3
[0153.104] DrawThemeBackground () returned 0x0
[0153.104] RestoreDC (hdc=0x630107d3, nSavedDC=-1) returned 1
[0153.104] GdipReleaseDC (graphics=0x6643af8, hdc=0x630107d3) returned 0x0
[0153.104] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0153.104] GdipGetClip (graphics=0x6643af8, region=0x663e340) returned 0x0
[0153.104] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0153.104] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.104] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e134) returned 0x0
[0153.104] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0153.104] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0153.105] LocalFree (hMem=0x11ee8d8) returned 0x0
[0153.105] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0153.105] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea60) returned 0x0
[0153.105] LocalFree (hMem=0x11eea60) returned 0x0
[0153.105] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.105] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e15c) returned 0x0
[0153.105] GdipIsInfiniteRegion (region=0x663e340, graphics=0x6643af8, result=0xd7e14c) returned 0x0
[0153.105] GdipGetRegionHRgn (region=0x663e340, graphics=0x6643af8, hRgn=0xd7e14c) returned 0x0
[0153.105] GdipDeleteRegion (region=0x663e340) returned 0x0
[0153.105] GdipGetDC (graphics=0x6643af8, hdc=0xd7e164) returned 0x0
[0153.105] GetCurrentObject (hdc=0x630107d3, type=0x1) returned 0xb00017
[0153.105] GetCurrentObject (hdc=0x630107d3, type=0x2) returned 0x900010
[0153.105] GetCurrentObject (hdc=0x630107d3, type=0x7) returned 0x4a0507fe
[0153.106] GetCurrentObject (hdc=0x630107d3, type=0x6) returned 0x8a01c2
[0153.106] SaveDC (hdc=0x630107d3) returned 1
[0153.106] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfb0407de
[0153.106] GetClipRgn (hdc=0x630107d3, hrgn=0xfb0407de) returned 0
[0153.106] SelectClipRgn (hdc=0x630107d3, hrgn=0x7e040807) returned 2
[0153.106] DeleteObject (ho=0xfb0407de) returned 1
[0153.106] DeleteObject (ho=0x7e040807) returned 1
[0153.106] OffsetViewportOrgEx (in: hdc=0x630107d3, x=0, y=0, lppt=0x2deeb24 | out: lppt=0x2deeb24) returned 1
[0153.106] IsAppThemed () returned 0x1
[0153.106] GetThemeAppProperties () returned 0x3
[0153.107] GetThemeAppProperties () returned 0x3
[0153.107] GetThemeBackgroundContentRect () returned 0x0
[0153.107] RestoreDC (hdc=0x630107d3, nSavedDC=-1) returned 1
[0153.107] GdipReleaseDC (graphics=0x6643af8, hdc=0x630107d3) returned 0x0
[0153.107] GdipGetNearestColor (graphics=0x6643af8, argb=0xd7e270) returned 0x0
[0153.107] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0153.107] GdipFillRectangleI (graphics=0x6643af8, brush=0x663e340, x=4, y=4, width=67, height=15) returned 0x0
[0153.107] GdipDeleteBrush (brush=0x663e340) returned 0x0
[0153.107] IsAppThemed () returned 0x1
[0153.107] GetThemeAppProperties () returned 0x3
[0153.107] GetThemeAppProperties () returned 0x3
[0153.107] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e298) returned 0x0
[0153.107] GdipGetDC (graphics=0x6643af8, hdc=0xd7e284) returned 0x0
[0153.108] GetCurrentObject (hdc=0x630107d3, type=0x1) returned 0xb00017
[0153.108] GetCurrentObject (hdc=0x630107d3, type=0x2) returned 0x900010
[0153.108] GetCurrentObject (hdc=0x630107d3, type=0x7) returned 0x4a0507fe
[0153.108] GetCurrentObject (hdc=0x630107d3, type=0x6) returned 0x8a01c2
[0153.108] SaveDC (hdc=0x630107d3) returned 1
[0153.108] GetTextAlign (hdc=0x630107d3) returned 0x0
[0153.108] GetTextColor (hdc=0x630107d3) returned 0x0
[0153.108] GetCurrentObject (hdc=0x630107d3, type=0x6) returned 0x8a01c2
[0153.108] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0153.108] SelectObject (hdc=0x630107d3, h=0x6d0a0520) returned 0x8a01c2
[0153.109] GetBkMode (hdc=0x630107d3) returned 2
[0153.109] SetBkMode (hdc=0x630107d3, mode=1) returned 2
[0153.109] DrawTextExW (in: hdc=0x630107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2deeee8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0153.109] DrawTextExW (in: hdc=0x630107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2deeee8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0153.110] RestoreDC (hdc=0x630107d3, nSavedDC=-1) returned 1
[0153.110] GdipReleaseDC (graphics=0x6643af8, hdc=0x630107d3) returned 0x0
[0153.110] GetFocus () returned 0x602c4
[0153.110] IsAppThemed () returned 0x1
[0153.110] GetThemeAppProperties () returned 0x3
[0153.110] GetThemeAppProperties () returned 0x3
[0153.110] GdipGetDC (graphics=0x6643af8, hdc=0xd7e470) returned 0x0
[0153.110] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x630107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0153.111] GdipReleaseDC (graphics=0x6643af8, hdc=0x630107d3) returned 0x0
[0153.111] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.111] SelectObject (hdc=0x630107d3, h=0x85000f) returned 0x4a0507fe
[0153.111] DeleteDC (hdc=0x630107d3) returned 1
[0153.111] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.111] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0153.111] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2deefe4, cPoints=0x1 | out: lpPoints=0x2deefe4) returned 40304859
[0153.111] WindowFromPoint (Point=0x105) returned 0x602c4
[0153.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0105) returned 0x1
[0153.112] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0153.112] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0153.112] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0153.112] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0153.112] GetSystemMetrics (nIndex=42) returned 0
[0153.112] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0153.112] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0153.115] GetCapture () returned 0x602c4
[0153.115] ReleaseCapture () returned 1
[0153.116] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0153.116] GetProcessWindowStation () returned 0x13c
[0153.116] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.117] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0153.118] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.118] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0153.118] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.118] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0153.118] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.119] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0153.119] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.119] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0153.119] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.119] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0153.119] GetDC (hWnd=0x0) returned 0xc0107c5
[0153.120] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0153.120] GdipGetFontHeight (font=0x54eef48, graphics=0x6643af8, height=0xd7e6e4) returned 0x0
[0153.120] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.120] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0153.120] GetSystemMetrics (nIndex=5) returned 1
[0153.120] GetSystemMetrics (nIndex=6) returned 1
[0153.121] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.121] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0153.121] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.121] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0153.125] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0153.125] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0153.125] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.126] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0153.126] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.126] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0153.127] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2df4a00 | out: lpData=0x2df4a00) returned 1
[0153.128] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df4e10, puLen=0xd7e810) returned 1
[0153.128] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4ab8, puLen=0xd7e790) returned 1
[0153.128] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4b0c, puLen=0xd7e790) returned 1
[0153.128] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4b8c, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4bf4, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4c34, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4cbc, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4cf8, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4d50, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4d80, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4dbc, puLen=0xd7e790) returned 1
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df4e10, puLen=0xd7e784) returned 1
[0153.129] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.129] VerQueryValueW (in: pBlock=0x2df4a00, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df4a28, puLen=0xd7e794) returned 1
[0153.130] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0153.130] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0153.130] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.130] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0153.130] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.130] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0153.131] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2df6970 | out: lpData=0x2df6970) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df6a0c, puLen=0xd7e810) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6a84, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6ab4, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6af0, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6b20, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6b68, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6be0, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6c24, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6c64, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6a62, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6bb0, puLen=0xd7e790) returned 1
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df6a0c, puLen=0xd7e784) returned 1
[0153.131] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0153.131] VerQueryValueW (in: pBlock=0x2df6970, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df6998, puLen=0xd7e794) returned 1
[0153.132] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0153.133] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0153.133] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.133] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0153.133] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.133] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0153.134] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2df8c48 | out: lpData=0x2df8c48) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df905c, puLen=0xd7e810) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8d00, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8d54, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8db0, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8e10, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8e68, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8ef0, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8f44, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8f9c, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8fcc, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9008, puLen=0xd7e790) returned 1
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.135] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df905c, puLen=0xd7e784) returned 1
[0153.141] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.142] VerQueryValueW (in: pBlock=0x2df8c48, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df8c70, puLen=0xd7e794) returned 1
[0153.143] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0153.143] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0153.143] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.143] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0153.143] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.143] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0153.150] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dfb280 | out: lpData=0x2dfb280) returned 1
[0153.151] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfb680, puLen=0xd7e810) returned 1
[0153.151] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb338, puLen=0xd7e790) returned 1
[0153.151] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb38c, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb3cc, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb434, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb48c, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb514, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb568, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb5c0, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb5f0, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb62c, puLen=0xd7e790) returned 1
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfb680, puLen=0xd7e784) returned 1
[0153.152] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.152] VerQueryValueW (in: pBlock=0x2dfb280, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfb2a8, puLen=0xd7e794) returned 1
[0153.155] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0153.155] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0153.155] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.155] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0153.155] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.155] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0153.156] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2dfd9bc | out: lpData=0x2dfd9bc) returned 1
[0153.157] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfdd84, puLen=0xd7e810) returned 1
[0153.157] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfda74, puLen=0xd7e790) returned 1
[0153.157] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdac8, puLen=0xd7e790) returned 1
[0153.157] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdb08, puLen=0xd7e790) returned 1
[0153.157] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdb70, puLen=0xd7e790) returned 1
[0153.157] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdbac, puLen=0xd7e790) returned 1
[0153.157] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdc34, puLen=0xd7e790) returned 1
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdc6c, puLen=0xd7e790) returned 1
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdcc4, puLen=0xd7e790) returned 1
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdcf4, puLen=0xd7e790) returned 1
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdd30, puLen=0xd7e790) returned 1
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfdd84, puLen=0xd7e784) returned 1
[0153.158] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.158] VerQueryValueW (in: pBlock=0x2dfd9bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfd9e4, puLen=0xd7e794) returned 1
[0153.159] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0153.159] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0153.159] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.159] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0153.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.159] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0153.160] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e01024 | out: lpData=0x2e01024) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e01404, puLen=0xd7e810) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e010dc, puLen=0xd7e790) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01130, puLen=0xd7e790) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01170, puLen=0xd7e790) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e011d0, puLen=0xd7e790) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0121c, puLen=0xd7e790) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e012a4, puLen=0xd7e790) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e012ec, puLen=0xd7e790) returned 1
[0153.161] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01344, puLen=0xd7e790) returned 1
[0153.162] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01374, puLen=0xd7e790) returned 1
[0153.162] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.162] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e013b0, puLen=0xd7e790) returned 1
[0153.162] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.162] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e01404, puLen=0xd7e784) returned 1
[0153.162] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.162] VerQueryValueW (in: pBlock=0x2e01024, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e0104c, puLen=0xd7e794) returned 1
[0153.163] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0153.163] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0153.163] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.163] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0153.163] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.163] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0153.164] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e03844 | out: lpData=0x2e03844) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e03c50, puLen=0xd7e810) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e038fc, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03950, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e039a4, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03a04, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03a5c, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03ae4, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03b38, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03b90, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03bc0, puLen=0xd7e790) returned 1
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.165] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03bfc, puLen=0xd7e790) returned 1
[0153.166] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.166] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e03c50, puLen=0xd7e784) returned 1
[0153.166] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.166] VerQueryValueW (in: pBlock=0x2e03844, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e0386c, puLen=0xd7e794) returned 1
[0153.167] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0153.167] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0153.167] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.170] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0153.170] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.170] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0153.171] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e06058 | out: lpData=0x2e06058) returned 1
[0153.172] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e06430, puLen=0xd7e810) returned 1
[0153.172] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06110, puLen=0xd7e790) returned 1
[0153.172] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06164, puLen=0xd7e790) returned 1
[0153.172] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e061a4, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0620c, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06250, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e062d8, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06318, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06370, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e063a0, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e063dc, puLen=0xd7e790) returned 1
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e06430, puLen=0xd7e784) returned 1
[0153.173] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.173] VerQueryValueW (in: pBlock=0x2e06058, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e06080, puLen=0xd7e794) returned 1
[0153.174] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0153.174] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0153.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.174] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0153.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.174] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0153.176] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e085b0 | out: lpData=0x2e085b0) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e08988, puLen=0xd7e810) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e08668, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e086bc, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e086fc, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e08764, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e087a8, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e08830, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e08870, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e088c8, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e088f8, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e08934, puLen=0xd7e790) returned 1
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e08988, puLen=0xd7e784) returned 1
[0153.177] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.177] VerQueryValueW (in: pBlock=0x2e085b0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e085d8, puLen=0xd7e794) returned 1
[0153.178] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0153.178] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0153.178] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0153.178] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0153.179] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0153.179] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0153.180] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e0ace8 | out: lpData=0x2e0ace8) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e0b118, puLen=0xd7e810) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0ada0, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0adf4, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0ae64, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0aec4, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0af20, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0afa8, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0b000, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0b058, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0b088, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0b0c4, puLen=0xd7e790) returned 1
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e0b118, puLen=0xd7e784) returned 1
[0153.181] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0153.181] VerQueryValueW (in: pBlock=0x2e0ace8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e0ad10, puLen=0xd7e794) returned 1
[0153.182] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0153.182] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.182] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0153.183] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.183] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.183] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02ca
[0153.201] SetWindowLongW (hWnd=0xb02ca, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0153.201] GetWindowLongW (hWnd=0xb02ca, nIndex=-4) returned 1950089536
[0153.201] SetWindowLongW (hWnd=0xb02ca, nIndex=-4, dwNewLong=19940910) returned 1950089536
[0153.201] GetWindowLongW (hWnd=0xb02ca, nIndex=-4) returned 19940910
[0153.201] GetWindowLongW (hWnd=0xb02ca, nIndex=-16) returned 113311744
[0153.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0153.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0153.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0153.203] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0153.203] GetClientRect (in: hWnd=0xb02ca, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0153.203] GetWindowRect (in: hWnd=0xb02ca, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0153.203] SetWindowTextW (hWnd=0xb02ca, lpString="WindowsFormsParkingWindow") returned 1
[0153.203] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0xc, wParam=0x0, lParam=0x2dd0298) returned 0x1
[0153.204] GetParent (hWnd=0xb02ca) returned 0x0
[0153.204] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.204] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xb02ca, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x602d8
[0153.205] SetWindowLongW (hWnd=0x602d8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0153.205] GetWindowLongW (hWnd=0x602d8, nIndex=-4) returned 1868147648
[0153.205] SetWindowLongW (hWnd=0x602d8, nIndex=-4, dwNewLong=19941550) returned 1868147648
[0153.205] GetWindowLongW (hWnd=0x602d8, nIndex=-4) returned 19941550
[0153.205] GetWindowLongW (hWnd=0x602d8, nIndex=-16) returned 1174405133
[0153.205] GetWindowLongW (hWnd=0x602d8, nIndex=-12) returned 0
[0153.205] SetWindowLongW (hWnd=0x602d8, nIndex=-12, dwNewLong=393944) returned 0
[0153.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0153.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0153.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0153.208] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0153.208] GetWindowRect (in: hWnd=0x602d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0153.208] GetParent (hWnd=0x602d8) returned 0xb02ca
[0153.208] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02ca, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0153.208] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0153.208] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0153.208] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0153.209] GetWindowRect (in: hWnd=0x602d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0153.209] GetParent (hWnd=0x602d8) returned 0xb02ca
[0153.209] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02ca, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0153.209] SendMessageW (hWnd=0x602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x602d8) returned 0x0
[0153.209] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x602d8) returned 0x0
[0153.209] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.209] GetParent (hWnd=0x602d8) returned 0xb02ca
[0153.209] GdipCreateFromHWND (hwnd=0x602d8, graphics=0xd7e844) returned 0x0
[0153.210] GdipMeasureString (graphics=0x6643af8, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0153.211] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.211] GetForegroundWindow () returned 0x7005c
[0153.211] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0153.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.211] GetSystemMetrics (nIndex=42) returned 0
[0153.211] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0153.212] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0153.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.212] GetSystemMetrics (nIndex=42) returned 0
[0153.212] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0153.212] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.212] GetCursorPos (in: lpPoint=0x2e0f16c | out: lpPoint=0x2e0f16c*(x=261, y=622)) returned 1
[0153.213] MonitorFromPoint (pt=0x105, dwFlags=0x26e) returned 0x10001
[0153.213] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0153.213] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x660107d3
[0153.213] GetDeviceCaps (hdc=0x660107d3, index=12) returned 32
[0153.213] GetDeviceCaps (hdc=0x660107d3, index=14) returned 1
[0153.213] DeleteDC (hdc=0x660107d3) returned 1
[0153.213] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0153.213] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0153.213] GetSystemMetrics (nIndex=59) returned 1460
[0153.213] GetSystemMetrics (nIndex=60) returned 920
[0153.214] GetSystemMetrics (nIndex=34) returned 136
[0153.214] GetSystemMetrics (nIndex=35) returned 39
[0153.214] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.214] GetCursorPos (in: lpPoint=0x2e0f3d8 | out: lpPoint=0x2e0f3d8*(x=261, y=622)) returned 1
[0153.214] MonitorFromPoint (pt=0x107, dwFlags=0x26d) returned 0x10001
[0153.214] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0153.214] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x670107d3
[0153.214] GetDeviceCaps (hdc=0x670107d3, index=12) returned 32
[0153.214] GetDeviceCaps (hdc=0x670107d3, index=14) returned 1
[0153.215] DeleteDC (hdc=0x670107d3) returned 1
[0153.215] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0153.215] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0153.215] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.215] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0153.215] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e0f670 | out: piconinfo=0x2e0f670) returned 1
[0153.217] GetObjectW (in: h=0x200507c6, c=24, pv=0x2e0f68c | out: pv=0x2e0f68c) returned 24
[0153.217] GdipCreateBitmapFromHBITMAP (hbm=0x200507c6, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0153.217] GdipGetImageWidth (image=0x66433b8, width=0xd7e750) returned 0x0
[0153.218] GdipGetImageHeight (image=0x66433b8, height=0xd7e748) returned 0x0
[0153.218] GdipGetImagePixelFormat (image=0x66433b8, format=0xd7e740) returned 0x0
[0153.218] GdipBitmapLockBits (bitmap=0x66433b8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e0f744) returned 0x0
[0153.218] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0153.218] GdipBitmapLockBits (bitmap=0x6647360, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e0f77c) returned 0x0
[0153.218] RtlMoveMemory (in: Destination=0x6645068, Source=0x6644fe0, Length=0x80 | out: Destination=0x6645068)
[0153.218] RtlMoveMemory (in: Destination=0x66450e8, Source=0x6644f60, Length=0x80 | out: Destination=0x66450e8)
[0153.218] RtlMoveMemory (in: Destination=0x6645168, Source=0x6644ee0, Length=0x80 | out: Destination=0x6645168)
[0153.218] RtlMoveMemory (in: Destination=0x66451e8, Source=0x6644e60, Length=0x80 | out: Destination=0x66451e8)
[0153.218] RtlMoveMemory (in: Destination=0x6645268, Source=0x6644de0, Length=0x80 | out: Destination=0x6645268)
[0153.218] RtlMoveMemory (in: Destination=0x66452e8, Source=0x6644d60, Length=0x80 | out: Destination=0x66452e8)
[0153.218] RtlMoveMemory (in: Destination=0x6645368, Source=0x6644ce0, Length=0x80 | out: Destination=0x6645368)
[0153.218] RtlMoveMemory (in: Destination=0x66453e8, Source=0x6644c60, Length=0x80 | out: Destination=0x66453e8)
[0153.218] RtlMoveMemory (in: Destination=0x6645468, Source=0x6644be0, Length=0x80 | out: Destination=0x6645468)
[0153.218] RtlMoveMemory (in: Destination=0x66454e8, Source=0x6644b60, Length=0x80 | out: Destination=0x66454e8)
[0153.218] RtlMoveMemory (in: Destination=0x6645568, Source=0x6644ae0, Length=0x80 | out: Destination=0x6645568)
[0153.218] RtlMoveMemory (in: Destination=0x66455e8, Source=0x6644a60, Length=0x80 | out: Destination=0x66455e8)
[0153.219] RtlMoveMemory (in: Destination=0x6645668, Source=0x66449e0, Length=0x80 | out: Destination=0x6645668)
[0153.219] RtlMoveMemory (in: Destination=0x66456e8, Source=0x6644960, Length=0x80 | out: Destination=0x66456e8)
[0153.219] RtlMoveMemory (in: Destination=0x6645768, Source=0x66448e0, Length=0x80 | out: Destination=0x6645768)
[0153.219] RtlMoveMemory (in: Destination=0x66457e8, Source=0x6644860, Length=0x80 | out: Destination=0x66457e8)
[0153.219] RtlMoveMemory (in: Destination=0x6645868, Source=0x66447e0, Length=0x80 | out: Destination=0x6645868)
[0153.219] RtlMoveMemory (in: Destination=0x66458e8, Source=0x6644760, Length=0x80 | out: Destination=0x66458e8)
[0153.219] RtlMoveMemory (in: Destination=0x6645968, Source=0x66446e0, Length=0x80 | out: Destination=0x6645968)
[0153.219] RtlMoveMemory (in: Destination=0x66459e8, Source=0x6644660, Length=0x80 | out: Destination=0x66459e8)
[0153.219] RtlMoveMemory (in: Destination=0x6645a68, Source=0x66445e0, Length=0x80 | out: Destination=0x6645a68)
[0153.219] RtlMoveMemory (in: Destination=0x6645ae8, Source=0x6644560, Length=0x80 | out: Destination=0x6645ae8)
[0153.219] RtlMoveMemory (in: Destination=0x6645b68, Source=0x66444e0, Length=0x80 | out: Destination=0x6645b68)
[0153.219] RtlMoveMemory (in: Destination=0x6645be8, Source=0x6644460, Length=0x80 | out: Destination=0x6645be8)
[0153.219] RtlMoveMemory (in: Destination=0x6645c68, Source=0x66443e0, Length=0x80 | out: Destination=0x6645c68)
[0153.219] RtlMoveMemory (in: Destination=0x6645ce8, Source=0x6644360, Length=0x80 | out: Destination=0x6645ce8)
[0153.219] RtlMoveMemory (in: Destination=0x6645d68, Source=0x66442e0, Length=0x80 | out: Destination=0x6645d68)
[0153.219] RtlMoveMemory (in: Destination=0x6645de8, Source=0x6644260, Length=0x80 | out: Destination=0x6645de8)
[0153.219] RtlMoveMemory (in: Destination=0x6645e68, Source=0x66441e0, Length=0x80 | out: Destination=0x6645e68)
[0153.219] RtlMoveMemory (in: Destination=0x6645ee8, Source=0x6644160, Length=0x80 | out: Destination=0x6645ee8)
[0153.219] RtlMoveMemory (in: Destination=0x6645f68, Source=0x66440e0, Length=0x80 | out: Destination=0x6645f68)
[0153.220] RtlMoveMemory (in: Destination=0x6645fe8, Source=0x6644060, Length=0x80 | out: Destination=0x6645fe8)
[0153.220] GdipBitmapUnlockBits (bitmap=0x66433b8, lockedBitmapData=0x2e0f744) returned 0x0
[0153.220] GdipBitmapUnlockBits (bitmap=0x6647360, lockedBitmapData=0x2e0f77c) returned 0x0
[0153.220] GdipDisposeImage (image=0x66433b8) returned 0x0
[0153.220] DeleteObject (ho=0x200507c6) returned 1
[0153.220] DeleteObject (ho=0x680507d3) returned 1
[0153.220] GetCurrentThreadId () returned 0xf50
[0153.220] GetCurrentThreadId () returned 0xf50
[0153.220] SetWindowPos (hWnd=0x602d8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0153.220] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0153.220] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0153.221] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0153.221] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0153.221] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0153.221] GetWindowRect (in: hWnd=0x602d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0153.221] GetParent (hWnd=0x602d8) returned 0xb02ca
[0153.221] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02ca, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0153.221] InvalidateRect (hWnd=0x602d8, lpRect=0x0, bErase=1) returned 1
[0153.221] GetWindowTextLengthW (hWnd=0x602d8) returned 0
[0153.221] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0153.221] GetSystemMetrics (nIndex=42) returned 0
[0153.221] GetWindowTextW (in: hWnd=0x602d8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0153.221] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0153.221] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0153.221] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0153.221] GetWindowRect (in: hWnd=0x602d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0153.222] GetParent (hWnd=0x602d8) returned 0xb02ca
[0153.222] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02ca, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0153.222] GetWindowTextLengthW (hWnd=0x602d8) returned 0
[0153.222] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0153.222] GetSystemMetrics (nIndex=42) returned 0
[0153.222] GetWindowTextW (in: hWnd=0x602d8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0153.222] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0153.222] GetWindowTextLengthW (hWnd=0x602d8) returned 0
[0153.222] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0153.222] GetSystemMetrics (nIndex=42) returned 0
[0153.222] GetWindowTextW (in: hWnd=0x602d8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0153.222] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0153.222] SetWindowTextW (hWnd=0x602d8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0153.222] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xc, wParam=0x0, lParam=0x2df05d8) returned 0x1
[0153.222] InvalidateRect (hWnd=0x602d8, lpRect=0x0, bErase=1) returned 1
[0153.222] GetCurrentThreadId () returned 0xf50
[0153.223] GetWindowThreadProcessId (in: hWnd=0x602d8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0153.223] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0153.224] GdipImageForceValidation (image=0x66433b8) returned 0x0
[0153.226] GdipGetImageRawFormat (image=0x66433b8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0153.226] GdipGetImageHeight (image=0x66433b8, height=0xd7e824) returned 0x0
[0153.226] GdipGetImageWidth (image=0x66433b8, width=0xd7e824) returned 0x0
[0153.226] GdipGetImageWidth (image=0x66433b8, width=0xd7e810) returned 0x0
[0153.226] GdipGetImageHeight (image=0x66433b8, height=0xd7e810) returned 0x0
[0153.226] GdipGetImageWidth (image=0x66433b8, width=0xd7e800) returned 0x0
[0153.226] GdipGetImageHeight (image=0x66433b8, height=0xd7e800) returned 0x0
[0153.226] GdipBitmapGetPixel (bitmap=0x66433b8, x=0, y=15, color=0xd7e810) returned 0x0
[0153.226] GdipGetImageRawFormat (image=0x66433b8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0153.226] GdipGetImageWidth (image=0x66433b8, width=0xd7e740) returned 0x0
[0153.226] GdipGetImageHeight (image=0x66433b8, height=0xd7e740) returned 0x0
[0153.226] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0153.226] GdipGetImagePixelFormat (image=0x6647690, format=0xd7e740) returned 0x0
[0153.226] GdipGetImageGraphicsContext (image=0x6647690, graphics=0xd7e74c) returned 0x0
[0153.226] GdipGraphicsClear (graphics=0x6643af8, color=0xffffff) returned 0x0
[0153.226] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0153.227] GdipSetImageAttributesColorKeys (imageattr=0x6639120, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0153.227] GdipDrawImageRectRectI (graphics=0x6643af8, image=0x66433b8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6639120, callback=0x0, callbackData=0x0) returned 0x0
[0153.227] GdipDisposeImageAttributes (imageattr=0x6639120) returned 0x0
[0153.227] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.227] GdipDisposeImage (image=0x66433b8) returned 0x0
[0153.227] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0153.228] GdipImageForceValidation (image=0x66433b8) returned 0x0
[0153.230] GdipGetImageRawFormat (image=0x66433b8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0153.230] GdipGetImageHeight (image=0x66433b8, height=0xd7e824) returned 0x0
[0153.230] GdipGetImageWidth (image=0x66433b8, width=0xd7e824) returned 0x0
[0153.231] GdipGetImageWidth (image=0x66433b8, width=0xd7e810) returned 0x0
[0153.231] GdipGetImageHeight (image=0x66433b8, height=0xd7e810) returned 0x0
[0153.231] GdipGetImageWidth (image=0x66433b8, width=0xd7e800) returned 0x0
[0153.231] GdipGetImageHeight (image=0x66433b8, height=0xd7e800) returned 0x0
[0153.231] GdipBitmapGetPixel (bitmap=0x66433b8, x=0, y=15, color=0xd7e810) returned 0x0
[0153.231] GdipGetImageRawFormat (image=0x66433b8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0153.231] GdipGetImageWidth (image=0x66433b8, width=0xd7e740) returned 0x0
[0153.231] GdipGetImageHeight (image=0x66433b8, height=0xd7e740) returned 0x0
[0153.231] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0153.231] GdipGetImagePixelFormat (image=0x66462f8, format=0xd7e740) returned 0x0
[0153.231] GdipGetImageGraphicsContext (image=0x66462f8, graphics=0xd7e74c) returned 0x0
[0153.231] GdipGraphicsClear (graphics=0x6643af8, color=0xffffff) returned 0x0
[0153.231] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0153.231] GdipSetImageAttributesColorKeys (imageattr=0x6639120, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0153.232] GdipDrawImageRectRectI (graphics=0x6643af8, image=0x66433b8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6639120, callback=0x0, callbackData=0x0) returned 0x0
[0153.232] GdipDisposeImageAttributes (imageattr=0x6639120) returned 0x0
[0153.232] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.232] GdipDisposeImage (image=0x66433b8) returned 0x0
[0153.232] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.233] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0153.233] GetCurrentThreadId () returned 0xf50
[0153.233] GetCurrentThreadId () returned 0xf50
[0153.233] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.233] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0153.233] GetCurrentThreadId () returned 0xf50
[0153.233] GetCurrentThreadId () returned 0xf50
[0153.233] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.233] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0153.234] GetCurrentThreadId () returned 0xf50
[0153.234] GetCurrentThreadId () returned 0xf50
[0153.234] GetSystemMetrics (nIndex=5) returned 1
[0153.234] GetSystemMetrics (nIndex=6) returned 1
[0153.234] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.234] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0153.234] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.234] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0153.235] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.235] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0153.235] GetCurrentThreadId () returned 0xf50
[0153.235] GetCurrentThreadId () returned 0xf50
[0153.235] GetProcessWindowStation () returned 0x13c
[0153.235] GetCapture () returned 0x0
[0153.235] GetActiveWindow () returned 0x7005c
[0153.235] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0153.235] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.236] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0153.236] GetCursorPos (in: lpPoint=0x2e108bc | out: lpPoint=0x2e108bc*(x=261, y=622)) returned 1
[0153.236] MonitorFromPoint (pt=0x105, dwFlags=0x26e) returned 0x10001
[0153.236] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0153.236] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x690107d3
[0153.236] GetDeviceCaps (hdc=0x690107d3, index=12) returned 32
[0153.236] GetDeviceCaps (hdc=0x690107d3, index=14) returned 1
[0153.236] DeleteDC (hdc=0x690107d3) returned 1
[0153.236] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0153.237] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.237] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x402da
[0153.237] SetWindowLongW (hWnd=0x402da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0153.237] GetWindowLongW (hWnd=0x402da, nIndex=-4) returned 1950089536
[0153.238] SetWindowLongW (hWnd=0x402da, nIndex=-4, dwNewLong=19941070) returned 1950089536
[0153.238] GetWindowLongW (hWnd=0x402da, nIndex=-4) returned 19941070
[0153.238] GetWindowLongW (hWnd=0x402da, nIndex=-16) returned 113770496
[0153.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0153.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0153.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0153.240] GetClientRect (in: hWnd=0x402da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0153.240] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0153.240] SetWindowTextW (hWnd=0x402da, lpString="BB ransomware") returned 1
[0153.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xc, wParam=0x0, lParam=0x2e0f058) returned 0x1
[0153.241] GetStartupInfoW (in: lpStartupInfo=0x2e10bf8 | out: lpStartupInfo=0x2e10bf8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0153.245] GetParent (hWnd=0x402da) returned 0x0
[0153.245] SetWindowLongW (hWnd=0x402da, nIndex=-8, dwNewLong=0) returned 0
[0153.246] SendMessageW (hWnd=0x402da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0153.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0153.247] SendMessageW (hWnd=0x402da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0153.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0153.247] GetSystemMenu (hWnd=0x402da, bRevert=0) returned 0xe0297
[0153.247] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0153.248] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0153.248] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0153.248] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0153.248] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0153.248] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0153.248] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0153.248] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0153.248] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0153.248] SetWindowPos (hWnd=0x402da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0153.248] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0153.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x402da) returned 0x1
[0153.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0153.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0153.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0153.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0153.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0153.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x402da, lParam=0x0) returned 0x0
[0153.316] GetCapture () returned 0x0
[0153.316] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0153.317] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0153.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0153.343] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0153.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0153.343] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0153.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0153.344] GetParent (hWnd=0x402da) returned 0x0
[0153.344] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0153.344] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0153.351] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0153.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0153.351] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0153.351] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0153.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0153.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0153.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0153.359] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.360] GetWindowLongW (hWnd=0x402da, nIndex=-16) returned 113770496
[0153.360] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.360] GetSystemMetrics (nIndex=42) returned 0
[0153.360] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0153.360] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.360] GetSystemMetrics (nIndex=42) returned 0
[0153.360] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0153.360] GetCursorPos (in: lpPoint=0x2e10e34 | out: lpPoint=0x2e10e34*(x=261, y=622)) returned 1
[0153.360] MonitorFromPoint (pt=0x105, dwFlags=0x26e) returned 0x10001
[0153.360] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0153.361] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xa40107eb
[0153.361] GetDeviceCaps (hdc=0xa40107eb, index=12) returned 32
[0153.361] GetDeviceCaps (hdc=0xa40107eb, index=14) returned 1
[0153.361] DeleteDC (hdc=0xa40107eb) returned 1
[0153.361] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0153.361] GetWindowLongW (hWnd=0x402da, nIndex=-16) returned 113770496
[0153.361] GetWindowLongW (hWnd=0x402da, nIndex=-20) returned 327945
[0153.361] SetWindowLongW (hWnd=0x402da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0153.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0153.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0153.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0153.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0153.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0153.370] SetWindowLongW (hWnd=0x402da, nIndex=-20, dwNewLong=327681) returned 327945
[0153.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0153.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0153.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0153.372] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0153.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0153.395] SetWindowPos (hWnd=0x402da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0153.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0153.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0153.396] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0153.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0153.396] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0153.396] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0153.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0153.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0153.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0153.399] RedrawWindow (hWnd=0x402da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0153.399] GetSystemMenu (hWnd=0x402da, bRevert=0) returned 0xe0297
[0153.400] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0153.400] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0153.400] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0153.400] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0153.400] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0153.400] EnableMenuItem (hMenu=0xe0297, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0153.400] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0153.400] GetWindowLongW (hWnd=0x402da, nIndex=-8) returned 0
[0153.400] SetWindowLongW (hWnd=0x402da, nIndex=-8, dwNewLong=458844) returned 0
[0153.403] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0153.403] GetProcessWindowStation () returned 0x13c
[0153.403] GetCurrentThreadId () returned 0xf50
[0153.404] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304606, lParam=0x0) returned 1
[0153.404] IsWindowVisible (hWnd=0x402da) returned 0
[0153.404] IsWindowVisible (hWnd=0x7005c) returned 1
[0153.404] IsWindowEnabled (hWnd=0x7005c) returned 1
[0153.404] IsWindowVisible (hWnd=0x300ec) returned 0
[0153.404] IsWindowVisible (hWnd=0x502c6) returned 0
[0153.404] IsWindowVisible (hWnd=0x502be) returned 0
[0153.404] GetActiveWindow () returned 0x402da
[0153.404] GetFocus () returned 0x402da
[0153.404] IsWindow (hWnd=0x7005c) returned 1
[0153.404] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0153.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0153.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0153.407] GetWindowLongW (hWnd=0x402da, nIndex=-8) returned 458844
[0153.407] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0153.407] GetCurrentThreadId () returned 0xf50
[0153.408] GetWindowLongW (hWnd=0x402da, nIndex=-8) returned 458844
[0153.408] IsWindowEnabled (hWnd=0x7005c) returned 0
[0153.408] IsWindowEnabled (hWnd=0x402da) returned 1
[0153.408] ShowWindow (hWnd=0x402da, nCmdShow=5) returned 0
[0153.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.408] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0153.409] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.411] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.411] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x402de
[0153.425] SetWindowLongW (hWnd=0x402de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0153.425] GetWindowLongW (hWnd=0x402de, nIndex=-4) returned 1950089536
[0153.425] SetWindowLongW (hWnd=0x402de, nIndex=-4, dwNewLong=19941630) returned 1950089536
[0153.425] GetWindowLongW (hWnd=0x402de, nIndex=-4) returned 19941630
[0153.425] GetWindowLongW (hWnd=0x402de, nIndex=-16) returned 1174405120
[0153.425] GetWindowLongW (hWnd=0x402de, nIndex=-12) returned 0
[0153.426] SetWindowLongW (hWnd=0x402de, nIndex=-12, dwNewLong=262878) returned 0
[0153.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0153.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0153.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0153.427] GetWindow (hWnd=0x402de, uCmd=0x3) returned 0x0
[0153.427] GetClientRect (in: hWnd=0x402de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0153.427] GetWindowRect (in: hWnd=0x402de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0153.427] GetParent (hWnd=0x402de) returned 0x402da
[0153.427] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0153.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0153.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0153.428] GetClientRect (in: hWnd=0x402de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0153.428] GetWindowRect (in: hWnd=0x402de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0153.428] GetParent (hWnd=0x402de) returned 0x402da
[0153.428] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0153.428] SendMessageW (hWnd=0x402de, Msg=0x2210, wParam=0x2de0001, lParam=0x402de) returned 0x0
[0153.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x2210, wParam=0x2de0001, lParam=0x402de) returned 0x0
[0153.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.428] GetParent (hWnd=0x402de) returned 0x402da
[0153.429] GetParent (hWnd=0x602d8) returned 0xb02ca
[0153.429] SetParent (hWndChild=0x602d8, hWndNewParent=0x402da) returned 0xb02ca
[0153.429] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0153.429] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0153.430] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0153.430] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0153.430] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0153.430] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0153.430] GetWindowRect (in: hWnd=0x602d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0153.430] GetParent (hWnd=0x602d8) returned 0x402da
[0153.430] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0153.430] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0153.430] GetWindowRect (in: hWnd=0x602d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0153.430] GetParent (hWnd=0x602d8) returned 0x402da
[0153.430] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0153.432] GetParent (hWnd=0x602d8) returned 0x402da
[0153.432] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.432] GetWindow (hWnd=0x602d8, uCmd=0x3) returned 0x0
[0153.432] SetWindowPos (hWnd=0x602d8, hWndInsertAfter=0x402de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0153.432] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0153.433] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0153.433] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0153.433] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0153.433] GetWindowRect (in: hWnd=0x602d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0153.433] GetParent (hWnd=0x602d8) returned 0x402da
[0153.433] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0153.433] GetParent (hWnd=0x602d8) returned 0x402da
[0153.433] GetWindow (hWnd=0x602d8, uCmd=0x3) returned 0x402de
[0153.433] GetWindowThreadProcessId (in: hWnd=0x602d8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0153.433] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0153.435] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.436] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.436] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x502d2
[0153.436] SetWindowLongW (hWnd=0x502d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0153.436] GetWindowLongW (hWnd=0x502d2, nIndex=-4) returned 1868032000
[0153.437] SetWindowLongW (hWnd=0x502d2, nIndex=-4, dwNewLong=19940950) returned 1868032000
[0153.437] GetWindowLongW (hWnd=0x502d2, nIndex=-4) returned 19940950
[0153.437] GetWindowLongW (hWnd=0x502d2, nIndex=-16) returned 1174470667
[0153.437] GetWindowLongW (hWnd=0x502d2, nIndex=-12) returned 0
[0153.437] SetWindowLongW (hWnd=0x502d2, nIndex=-12, dwNewLong=328402) returned 0
[0153.437] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0153.438] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0153.438] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0153.439] SendMessageW (hWnd=0x502d2, Msg=0x2055, wParam=0x502d2, lParam=0x3) returned 0x2
[0153.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0153.439] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0153.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0153.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0153.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0153.440] RedrawWindow (hWnd=0x402de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0153.440] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0153.440] RedrawWindow (hWnd=0x602d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0153.440] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0153.440] RedrawWindow (hWnd=0x502d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0153.440] RedrawWindow (hWnd=0x402da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0153.441] GetWindow (hWnd=0x502d2, uCmd=0x3) returned 0x602d8
[0153.441] GetClientRect (in: hWnd=0x502d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0153.441] GetWindowRect (in: hWnd=0x502d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0153.441] GetParent (hWnd=0x502d2) returned 0x402da
[0153.455] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0153.456] SetWindowTextW (hWnd=0x502d2, lpString="&Details") returned 1
[0153.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0xc, wParam=0x0, lParam=0x2d209b4) returned 0x1
[0153.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0153.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0153.457] GetClientRect (in: hWnd=0x502d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0153.457] GetWindowRect (in: hWnd=0x502d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0153.457] GetParent (hWnd=0x502d2) returned 0x402da
[0153.457] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0153.457] SendMessageW (hWnd=0x502d2, Msg=0x2210, wParam=0x2d20001, lParam=0x502d2) returned 0x0
[0153.468] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x2210, wParam=0x2d20001, lParam=0x502d2) returned 0x0
[0153.468] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.469] GetParent (hWnd=0x502d2) returned 0x402da
[0153.469] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0153.469] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.470] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.470] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x6013e
[0153.470] SetWindowLongW (hWnd=0x6013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0153.471] GetWindowLongW (hWnd=0x6013e, nIndex=-4) returned 1868032000
[0153.471] SetWindowLongW (hWnd=0x6013e, nIndex=-4, dwNewLong=19940990) returned 1868032000
[0153.471] GetWindowLongW (hWnd=0x6013e, nIndex=-4) returned 19940990
[0153.471] GetWindowLongW (hWnd=0x6013e, nIndex=-16) returned 1174470667
[0153.471] GetWindowLongW (hWnd=0x6013e, nIndex=-12) returned 0
[0153.471] SetWindowLongW (hWnd=0x6013e, nIndex=-12, dwNewLong=393534) returned 0
[0153.471] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0153.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0153.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0153.477] SendMessageW (hWnd=0x6013e, Msg=0x2055, wParam=0x6013e, lParam=0x3) returned 0x2
[0153.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0153.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0153.477] GetWindow (hWnd=0x6013e, uCmd=0x3) returned 0x502d2
[0153.477] GetClientRect (in: hWnd=0x6013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0153.478] GetWindowRect (in: hWnd=0x6013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0153.478] GetParent (hWnd=0x6013e) returned 0x402da
[0153.478] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0153.478] SetWindowTextW (hWnd=0x6013e, lpString="&Continue") returned 1
[0153.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0xc, wParam=0x0, lParam=0x2d208c8) returned 0x1
[0153.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0153.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0153.479] GetClientRect (in: hWnd=0x6013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0153.479] GetWindowRect (in: hWnd=0x6013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0153.479] GetParent (hWnd=0x6013e) returned 0x402da
[0153.479] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0153.479] SendMessageW (hWnd=0x6013e, Msg=0x2210, wParam=0x13e0001, lParam=0x6013e) returned 0x0
[0153.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x2210, wParam=0x13e0001, lParam=0x6013e) returned 0x0
[0153.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.479] GetParent (hWnd=0x6013e) returned 0x402da
[0153.479] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0153.480] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.480] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.480] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x700ea
[0153.481] SetWindowLongW (hWnd=0x700ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0153.481] GetWindowLongW (hWnd=0x700ea, nIndex=-4) returned 1868032000
[0153.482] SetWindowLongW (hWnd=0x700ea, nIndex=-4, dwNewLong=19941590) returned 1868032000
[0153.482] GetWindowLongW (hWnd=0x700ea, nIndex=-4) returned 19941590
[0153.482] GetWindowLongW (hWnd=0x700ea, nIndex=-16) returned 1174470667
[0153.482] GetWindowLongW (hWnd=0x700ea, nIndex=-12) returned 0
[0153.482] SetWindowLongW (hWnd=0x700ea, nIndex=-12, dwNewLong=458986) returned 0
[0153.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0153.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0153.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0153.484] SendMessageW (hWnd=0x700ea, Msg=0x2055, wParam=0x700ea, lParam=0x3) returned 0x2
[0153.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0153.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0153.485] GetWindow (hWnd=0x700ea, uCmd=0x3) returned 0x6013e
[0153.485] GetClientRect (in: hWnd=0x700ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0153.485] GetWindowRect (in: hWnd=0x700ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0153.485] GetParent (hWnd=0x700ea) returned 0x402da
[0153.485] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0153.485] SetWindowTextW (hWnd=0x700ea, lpString="&Quit") returned 1
[0153.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0xc, wParam=0x0, lParam=0x2d2091c) returned 0x1
[0153.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0153.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0153.486] GetClientRect (in: hWnd=0x700ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0153.486] GetWindowRect (in: hWnd=0x700ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0153.486] GetParent (hWnd=0x700ea) returned 0x402da
[0153.486] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0153.486] SendMessageW (hWnd=0x700ea, Msg=0x2210, wParam=0xea0001, lParam=0x700ea) returned 0x0
[0153.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x2210, wParam=0xea0001, lParam=0x700ea) returned 0x0
[0153.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.487] GetParent (hWnd=0x700ea) returned 0x402da
[0153.487] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0153.487] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.487] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0153.488] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x402dc
[0153.488] SetWindowLongW (hWnd=0x402dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0153.545] GetWindowLongW (hWnd=0x402dc, nIndex=-4) returned 1868026976
[0153.545] SetWindowLongW (hWnd=0x402dc, nIndex=-4, dwNewLong=19940790) returned 1868026976
[0153.545] GetWindowLongW (hWnd=0x402dc, nIndex=-4) returned 19940790
[0153.545] GetWindowLongW (hWnd=0x402dc, nIndex=-16) returned 1177553092
[0153.545] GetWindowLongW (hWnd=0x402dc, nIndex=-12) returned 0
[0153.545] SetWindowLongW (hWnd=0x402dc, nIndex=-12, dwNewLong=262876) returned 0
[0153.545] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0153.547] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0153.548] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0153.584] GetWindow (hWnd=0x402dc, uCmd=0x3) returned 0x700ea
[0153.584] GetClientRect (in: hWnd=0x402dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0153.584] GetWindowRect (in: hWnd=0x402dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0153.584] GetParent (hWnd=0x402dc) returned 0x402da
[0153.584] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0153.584] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.584] GetSystemMetrics (nIndex=42) returned 0
[0153.584] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0153.584] SendMessageW (hWnd=0x402dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0153.584] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0153.600] SetWindowTextW (hWnd=0x402dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0153.600] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0xc, wParam=0x0, lParam=0x2e0ca40) returned 0x1
[0153.602] GetSystemMetrics (nIndex=5) returned 1
[0153.602] GetSystemMetrics (nIndex=6) returned 1
[0153.602] SendMessageW (hWnd=0x402dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0153.602] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0153.603] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0153.618] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0153.618] GetClientRect (in: hWnd=0x402dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0153.618] GetWindowRect (in: hWnd=0x402dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0153.618] GetParent (hWnd=0x402dc) returned 0x402da
[0153.618] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x402da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0153.618] SendMessageW (hWnd=0x402dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x402dc) returned 0x0
[0153.618] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x402dc) returned 0x0
[0153.618] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0153.619] GetParent (hWnd=0x402dc) returned 0x402da
[0153.619] GetWindowLongW (hWnd=0x402da, nIndex=-8) returned 458844
[0153.619] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0153.619] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0153.619] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xab0107eb
[0153.619] GetDeviceCaps (hdc=0xab0107eb, index=12) returned 32
[0153.619] GetDeviceCaps (hdc=0xab0107eb, index=14) returned 1
[0153.619] DeleteDC (hdc=0xab0107eb) returned 1
[0153.620] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0153.620] GetWindowThreadProcessId (in: hWnd=0x402da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0153.620] GetCurrentThreadId () returned 0xf50
[0153.620] PostMessageW (hWnd=0x402da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0153.620] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.620] GetSystemMetrics (nIndex=42) returned 0
[0153.620] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0153.620] GdipImageGetFrameDimensionsCount (image=0x6647360, count=0xd7e25c) returned 0x0
[0153.620] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f76a0
[0153.620] GdipImageGetFrameDimensionsList (image=0x6647360, dimensionIDs=0x11f76a0*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0153.620] LocalFree (hMem=0x11f76a0) returned 0x0
[0153.620] GdipImageGetFrameDimensionsCount (image=0x6647690, count=0xd7e250) returned 0x0
[0153.620] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7430
[0153.621] GdipImageGetFrameDimensionsList (image=0x6647690, dimensionIDs=0x11f7430*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0153.621] LocalFree (hMem=0x11f7430) returned 0x0
[0153.621] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0153.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0153.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0153.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0153.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0153.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0153.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0153.668] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0153.669] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0153.669] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.669] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.690] GetSystemMetrics (nIndex=42) returned 0
[0153.690] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.691] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0153.691] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0153.691] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0153.691] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0153.691] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0x370507d7
[0153.691] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0153.691] SaveDC (hdc=0x60100ce) returned 1
[0153.691] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0153.691] CreateSolidBrush (color=0xf0f0f0) returned 0x3d1007e1
[0153.691] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0x3d1007e1) returned 1
[0153.691] DeleteObject (ho=0x3d1007e1) returned 1
[0153.691] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0153.692] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0153.692] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0153.692] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0153.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0153.693] GetStockObject (i=5) returned 0x900015
[0153.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0153.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0153.693] GetStockObject (i=5) returned 0x900015
[0153.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0153.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0153.693] GetStockObject (i=5) returned 0x900015
[0153.694] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0153.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0153.694] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0153.694] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0153.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0153.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0153.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0153.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0153.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0153.696] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0153.696] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0153.696] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0153.696] InvalidateRect (hWnd=0x502d2, lpRect=0x0, bErase=0) returned 1
[0153.697] GetFocus () returned 0x402da
[0153.697] GetFocus () returned 0x402da
[0153.697] SetFocus (hWnd=0x502d2) returned 0x402da
[0153.697] GetFocus () returned 0x502d2
[0153.698] IsChild (hWndParent=0x402da, hWnd=0x502d2) returned 1
[0153.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x8, wParam=0x502d2, lParam=0x0) returned 0x0
[0153.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0153.700] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0153.702] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0153.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x7, wParam=0x402da, lParam=0x0) returned 0x0
[0153.703] GetStockObject (i=5) returned 0x900015
[0153.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0153.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0153.703] GetDlgItem (hDlg=0x402da, nIDDlgItem=328402) returned 0x502d2
[0153.703] SendMessageW (hWnd=0x502d2, Msg=0x202b, wParam=0x502d2, lParam=0xd7e0dc) returned 0x0
[0153.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x202b, wParam=0x502d2, lParam=0xd7e0dc) returned 0x0
[0153.703] InvalidateRect (hWnd=0x502d2, lpRect=0x0, bErase=0) returned 1
[0153.705] GetFocus () returned 0x502d2
[0153.706] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.706] IsWindowUnicode (hWnd=0x402da) returned 1
[0153.706] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.706] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.706] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.706] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0153.706] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.706] IsWindowUnicode (hWnd=0x402da) returned 1
[0153.706] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.706] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.706] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.706] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0153.707] IsWindowUnicode (hWnd=0x402da) returned 1
[0153.707] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.707] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.707] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.707] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.707] IsWindowUnicode (hWnd=0x602c4) returned 1
[0153.707] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.707] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.707] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.708] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0153.708] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0153.708] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.709] IsWindowUnicode (hWnd=0x402da) returned 1
[0153.709] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.709] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.709] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.709] BeginPaint (in: hWnd=0x402da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0153.709] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.709] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.709] GetSystemMetrics (nIndex=42) returned 0
[0153.712] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.712] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0153.712] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.712] EndPaint (hWnd=0x402da, lpPaint=0xd7e274) returned 1
[0153.712] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.712] IsWindowUnicode (hWnd=0x402de) returned 1
[0153.712] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.713] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.713] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.713] BeginPaint (in: hWnd=0x402de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0153.713] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.713] CreateCompatibleDC (hdc=0xf0105ee) returned 0x940107e8
[0153.713] SelectObject (hdc=0x940107e8, h=0x4a0507fe) returned 0x85000f
[0153.713] GdipCreateFromHDC (hdc=0x940107e8, graphics=0xd7e2b0) returned 0x0
[0153.713] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0153.713] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0153.713] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0153.713] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0153.714] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e310) returned 0x0
[0153.714] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0153.714] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eea28) returned 0x0
[0153.714] LocalFree (hMem=0x11eea28) returned 0x0
[0153.714] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0153.714] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0153.714] GdipGetClip (graphics=0x6643af8, region=0x66443e8) returned 0x0
[0153.714] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6643af8, result=0xd7e304) returned 0x0
[0153.714] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e330) returned 0x0
[0153.714] GetWindowTextLengthW (hWnd=0x402de) returned 0
[0153.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0153.714] GetSystemMetrics (nIndex=42) returned 0
[0153.714] GetWindowTextW (in: hWnd=0x402de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0153.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0153.714] GetClientRect (in: hWnd=0x402de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0153.714] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0153.714] GdipGetClip (graphics=0x6643af8, region=0x6644ce8) returned 0x0
[0153.714] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0153.715] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.715] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e164) returned 0x0
[0153.715] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0153.715] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0153.715] LocalFree (hMem=0x11ee788) returned 0x0
[0153.715] GdipCombineRegionRegion (region=0x6644ce8, region2=0x66443e8, combineMode=0x1) returned 0x0
[0153.715] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0153.715] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eead0) returned 0x0
[0153.715] LocalFree (hMem=0x11eead0) returned 0x0
[0153.715] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.715] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6643af8, result=0xd7e18c) returned 0x0
[0153.715] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6643af8, result=0xd7e17c) returned 0x0
[0153.715] GdipGetRegionHRgn (region=0x6644ce8, graphics=0x6643af8, hRgn=0xd7e17c) returned 0x0
[0153.715] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0153.715] GdipGetDC (graphics=0x6643af8, hdc=0xd7e194) returned 0x0
[0153.715] GetCurrentObject (hdc=0x940107e8, type=0x1) returned 0xb00017
[0153.715] GetCurrentObject (hdc=0x940107e8, type=0x2) returned 0x900010
[0153.715] GetCurrentObject (hdc=0x940107e8, type=0x7) returned 0x4a0507fe
[0153.716] GetCurrentObject (hdc=0x940107e8, type=0x6) returned 0x8a01c2
[0153.716] SaveDC (hdc=0x940107e8) returned 1
[0153.716] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7f040807
[0153.716] GetClipRgn (hdc=0x940107e8, hrgn=0x7f040807) returned 0
[0153.716] SelectClipRgn (hdc=0x940107e8, hrgn=0xfe0407de) returned 2
[0153.716] DeleteObject (ho=0x7f040807) returned 1
[0153.716] DeleteObject (ho=0xfe0407de) returned 1
[0153.716] OffsetViewportOrgEx (in: hdc=0x940107e8, x=0, y=0, lppt=0x2e125a0 | out: lppt=0x2e125a0) returned 1
[0153.716] GetNearestColor (hdc=0x940107e8, color=0xf0f0f0) returned 0xf0f0f0
[0153.716] CreateSolidBrush (color=0xf0f0f0) returned 0x3e1007e1
[0153.716] FillRect (hDC=0x940107e8, lprc=0xd7e198, hbr=0x3e1007e1) returned 1
[0153.731] DeleteObject (ho=0x3e1007e1) returned 1
[0153.731] RestoreDC (hdc=0x940107e8, nSavedDC=-1) returned 1
[0153.731] GdipReleaseDC (graphics=0x6643af8, hdc=0x940107e8) returned 0x0
[0153.731] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd1e0dbd) returned 0x0
[0153.731] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0153.731] GetWindowTextLengthW (hWnd=0x402de) returned 0
[0153.732] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0153.732] GetSystemMetrics (nIndex=42) returned 0
[0153.732] GetWindowTextW (in: hWnd=0x402de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0153.732] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0153.732] GdipGetImageWidth (image=0x6647360, width=0xd7e1e0) returned 0x0
[0153.732] GdipGetImageHeight (image=0x6647360, height=0xd7e1e0) returned 0x0
[0153.732] GdipGetImageWidth (image=0x6647360, width=0xd7e1cc) returned 0x0
[0153.732] GdipGetImageHeight (image=0x6647360, height=0xd7e1cc) returned 0x0
[0153.732] GdipDrawImageRectI (graphics=0x6643af8, image=0x6647360, x=16, y=16, width=32, height=32) returned 0x0
[0153.732] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2f0) returned 0x0
[0153.732] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0x940107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0153.732] GdipReleaseDC (graphics=0x6643af8, hdc=0x940107e8) returned 0x0
[0153.732] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.732] SelectObject (hdc=0x940107e8, h=0x85000f) returned 0x4a0507fe
[0153.733] DeleteDC (hdc=0x940107e8) returned 1
[0153.733] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.733] EndPaint (hWnd=0x402de, lpPaint=0xd7e294) returned 1
[0153.733] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.733] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0153.733] IsWindowUnicode (hWnd=0x6013e) returned 1
[0153.733] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.733] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0153.733] SetCursor (hCursor=0x10003) returned 0x10003
[0153.734] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.734] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.734] _TrackMouseEvent (in: lpEventTrack=0x2e1266c | out: lpEventTrack=0x2e1266c) returned 1
[0153.734] SendMessageW (hWnd=0x6013e, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0153.734] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0153.734] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0153.734] GetKeyState (nVirtKey=1) returned 0
[0153.734] GetKeyState (nVirtKey=2) returned 0
[0153.734] GetKeyState (nVirtKey=4) returned 0
[0153.734] GetKeyState (nVirtKey=5) returned 0
[0153.734] GetKeyState (nVirtKey=6) returned 0
[0153.734] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.735] IsWindowUnicode (hWnd=0x602d8) returned 1
[0153.735] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.735] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.735] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.735] BeginPaint (in: hWnd=0x602d8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0153.735] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.735] CreateCompatibleDC (hdc=0x60100ce) returned 0x960107e8
[0153.735] GetObjectType (h=0x60100ce) returned 0x3
[0153.735] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0xffffffff970507da
[0153.735] GetDIBits (in: hdc=0x60100ce, hbm=0x970507da, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0153.735] GetDIBits (in: hdc=0x60100ce, hbm=0x970507da, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0153.735] DeleteObject (ho=0x970507da) returned 1
[0153.736] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x920506b6
[0153.736] SelectObject (hdc=0x960107e8, h=0x920506b6) returned 0x85000f
[0153.736] GdipCreateFromHDC (hdc=0x960107e8, graphics=0xd7e234) returned 0x0
[0153.736] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0153.736] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0153.736] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0153.736] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0153.736] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e2d4) returned 0x0
[0153.736] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0153.736] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0153.736] LocalFree (hMem=0x11ee9f0) returned 0x0
[0153.737] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0153.737] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0153.737] GdipGetClip (graphics=0x6643af8, region=0x6644628) returned 0x0
[0153.737] GdipIsInfiniteRegion (region=0x6644628, graphics=0x6643af8, result=0xd7e2c8) returned 0x0
[0153.737] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2f4) returned 0x0
[0153.737] GetWindowTextLengthW (hWnd=0x602d8) returned 232
[0153.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0153.737] GetSystemMetrics (nIndex=42) returned 0
[0153.737] GetWindowTextW (in: hWnd=0x602d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0153.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0153.737] GetClientRect (in: hWnd=0x602d8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0153.737] GdipCreateRegion (region=0xd7e110) returned 0x0
[0153.737] GdipGetClip (graphics=0x6643af8, region=0x6644e98) returned 0x0
[0153.737] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0153.737] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.737] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e128) returned 0x0
[0153.737] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0153.737] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0153.737] LocalFree (hMem=0x11ee9f0) returned 0x0
[0153.737] GdipCombineRegionRegion (region=0x6644e98, region2=0x6644628, combineMode=0x1) returned 0x0
[0153.737] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0153.737] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea60) returned 0x0
[0153.738] LocalFree (hMem=0x11eea60) returned 0x0
[0153.738] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.738] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6643af8, result=0xd7e150) returned 0x0
[0153.738] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6643af8, result=0xd7e140) returned 0x0
[0153.738] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6643af8, hRgn=0xd7e140) returned 0x0
[0153.738] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0153.738] GdipGetDC (graphics=0x6643af8, hdc=0xd7e158) returned 0x0
[0153.738] GetCurrentObject (hdc=0x960107e8, type=0x1) returned 0xb00017
[0153.738] GetCurrentObject (hdc=0x960107e8, type=0x2) returned 0x900010
[0153.738] GetCurrentObject (hdc=0x960107e8, type=0x7) returned 0xffffffff920506b6
[0153.738] GetCurrentObject (hdc=0x960107e8, type=0x6) returned 0x8a01c2
[0153.738] SaveDC (hdc=0x960107e8) returned 1
[0153.738] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff0407de
[0153.738] GetClipRgn (hdc=0x960107e8, hrgn=0xff0407de) returned 0
[0153.738] SelectClipRgn (hdc=0x960107e8, hrgn=0x80040807) returned 2
[0153.739] DeleteObject (ho=0xff0407de) returned 1
[0153.739] DeleteObject (ho=0x80040807) returned 1
[0153.739] OffsetViewportOrgEx (in: hdc=0x960107e8, x=0, y=0, lppt=0x2e13fc0 | out: lppt=0x2e13fc0) returned 1
[0153.739] GetNearestColor (hdc=0x960107e8, color=0xf0f0f0) returned 0xf0f0f0
[0153.739] CreateSolidBrush (color=0xf0f0f0) returned 0x3f1007e1
[0153.739] FillRect (hDC=0x960107e8, lprc=0xd7e15c, hbr=0x3f1007e1) returned 1
[0153.740] DeleteObject (ho=0x3f1007e1) returned 1
[0153.740] RestoreDC (hdc=0x960107e8, nSavedDC=-1) returned 1
[0153.740] GdipReleaseDC (graphics=0x6643af8, hdc=0x960107e8) returned 0x0
[0153.741] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd1c0dbd) returned 0x0
[0153.741] GdipDeleteRegion (region=0x6644628) returned 0x0
[0153.741] GetWindowTextLengthW (hWnd=0x602d8) returned 232
[0153.741] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0153.741] GetSystemMetrics (nIndex=42) returned 0
[0153.741] GetWindowTextW (in: hWnd=0x602d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0153.741] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0153.741] GdipGetDC (graphics=0x6643af8, hdc=0xd7e178) returned 0x0
[0153.741] GetCurrentObject (hdc=0x960107e8, type=0x1) returned 0xb00017
[0153.741] GetCurrentObject (hdc=0x960107e8, type=0x2) returned 0x900010
[0153.741] GetCurrentObject (hdc=0x960107e8, type=0x7) returned 0xffffffff920506b6
[0153.741] GetCurrentObject (hdc=0x960107e8, type=0x6) returned 0x8a01c2
[0153.741] SaveDC (hdc=0x960107e8) returned 1
[0153.741] GetNearestColor (hdc=0x960107e8, color=0x0) returned 0x0
[0153.741] RestoreDC (hdc=0x960107e8, nSavedDC=-1) returned 1
[0153.742] GdipReleaseDC (graphics=0x6643af8, hdc=0x960107e8) returned 0x0
[0153.742] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0153.742] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0153.742] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e147bc | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0153.743] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e118) returned 0x0
[0153.743] GdipGetDC (graphics=0x6643af8, hdc=0xd7e104) returned 0x0
[0153.743] GetCurrentObject (hdc=0x960107e8, type=0x1) returned 0xb00017
[0153.743] GetCurrentObject (hdc=0x960107e8, type=0x2) returned 0x900010
[0153.743] GetCurrentObject (hdc=0x960107e8, type=0x7) returned 0xffffffff920506b6
[0153.743] GetCurrentObject (hdc=0x960107e8, type=0x6) returned 0x8a01c2
[0153.743] SaveDC (hdc=0x960107e8) returned 1
[0153.743] GetTextAlign (hdc=0x960107e8) returned 0x0
[0153.743] GetTextColor (hdc=0x960107e8) returned 0x0
[0153.743] GetCurrentObject (hdc=0x960107e8, type=0x6) returned 0x8a01c2
[0153.744] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0153.744] SelectObject (hdc=0x960107e8, h=0x6d0a0520) returned 0x8a01c2
[0153.744] GetBkMode (hdc=0x960107e8) returned 2
[0153.744] SetBkMode (hdc=0x960107e8, mode=1) returned 2
[0153.744] DrawTextExW (in: hdc=0x960107e8, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e149e0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0153.756] RestoreDC (hdc=0x960107e8, nSavedDC=-1) returned 1
[0153.756] GdipReleaseDC (graphics=0x6643af8, hdc=0x960107e8) returned 0x0
[0153.756] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2b4) returned 0x0
[0153.756] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0x960107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0153.757] GdipReleaseDC (graphics=0x6643af8, hdc=0x960107e8) returned 0x0
[0153.757] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.757] SelectObject (hdc=0x960107e8, h=0x85000f) returned 0x920506b6
[0153.757] DeleteDC (hdc=0x960107e8) returned 1
[0153.757] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.757] DeleteObject (ho=0x920506b6) returned 1
[0153.758] EndPaint (hWnd=0x602d8, lpPaint=0xd7e258) returned 1
[0153.758] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.758] IsWindowUnicode (hWnd=0x502d2) returned 1
[0153.758] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.758] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.758] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.758] BeginPaint (in: hWnd=0x502d2, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0153.759] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.759] CreateCompatibleDC (hdc=0x107b9) returned 0x990107da
[0153.759] SelectObject (hdc=0x990107da, h=0x4a0507fe) returned 0x85000f
[0153.759] GdipCreateFromHDC (hdc=0x990107da, graphics=0xd7e268) returned 0x0
[0153.759] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0153.759] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0153.759] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0153.759] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0153.759] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e2c8) returned 0x0
[0153.759] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0153.759] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eea98) returned 0x0
[0153.760] LocalFree (hMem=0x11eea98) returned 0x0
[0153.760] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0153.760] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0153.760] GdipGetClip (graphics=0x6643af8, region=0x6644748) returned 0x0
[0153.760] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6643af8, result=0xd7e2bc) returned 0x0
[0153.760] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2e8) returned 0x0
[0153.760] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd1a0dbd) returned 0x0
[0153.760] GdipDeleteRegion (region=0x6644748) returned 0x0
[0153.760] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0d4) returned 0x0
[0153.760] GetCurrentObject (hdc=0x990107da, type=0x1) returned 0xb00017
[0153.760] GetCurrentObject (hdc=0x990107da, type=0x2) returned 0x900010
[0153.760] GetCurrentObject (hdc=0x990107da, type=0x7) returned 0x4a0507fe
[0153.760] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.760] SaveDC (hdc=0x990107da) returned 1
[0153.760] GetNearestColor (hdc=0x990107da, color=0xf0f0f0) returned 0xf0f0f0
[0153.761] GetNearestColor (hdc=0x990107da, color=0xa0a0a0) returned 0xa0a0a0
[0153.761] GetNearestColor (hdc=0x990107da, color=0x696969) returned 0x696969
[0153.761] GetNearestColor (hdc=0x990107da, color=0xa0a0a0) returned 0xa0a0a0
[0153.761] GetNearestColor (hdc=0x990107da, color=0x0) returned 0x0
[0153.761] GetNearestColor (hdc=0x990107da, color=0xffffff) returned 0xffffff
[0153.761] GetNearestColor (hdc=0x990107da, color=0xe5e5e5) returned 0xe5e5e5
[0153.761] GetNearestColor (hdc=0x990107da, color=0xd7d7d7) returned 0xd7d7d7
[0153.761] GetNearestColor (hdc=0x990107da, color=0x0) returned 0x0
[0153.761] RestoreDC (hdc=0x990107da, nSavedDC=-1) returned 1
[0153.761] GdipReleaseDC (graphics=0x6643af8, hdc=0x990107da) returned 0x0
[0153.761] IsAppThemed () returned 0x1
[0153.761] GetThemeAppProperties () returned 0x3
[0153.762] GetThemeAppProperties () returned 0x3
[0153.762] GdipGetImageWidth (image=0x6647690, width=0xd7e168) returned 0x0
[0153.762] GdipGetImageHeight (image=0x6647690, height=0xd7e168) returned 0x0
[0153.762] IsAppThemed () returned 0x1
[0153.762] GetThemeAppProperties () returned 0x3
[0153.762] GetThemeAppProperties () returned 0x3
[0153.763] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e15130 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0153.763] IsAppThemed () returned 0x1
[0153.763] GetThemeAppProperties () returned 0x3
[0153.763] GetThemeAppProperties () returned 0x3
[0153.763] IsAppThemed () returned 0x1
[0153.763] GetThemeAppProperties () returned 0x3
[0153.763] GetThemeAppProperties () returned 0x3
[0153.763] GetFocus () returned 0x502d2
[0153.763] IsAppThemed () returned 0x1
[0153.763] GetThemeAppProperties () returned 0x3
[0153.763] GetThemeAppProperties () returned 0x3
[0153.763] IsAppThemed () returned 0x1
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] IsThemePartDefined () returned 0x1
[0153.764] IsAppThemed () returned 0x1
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0153.764] IsAppThemed () returned 0x1
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] IsAppThemed () returned 0x1
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] GetThemeAppProperties () returned 0x3
[0153.764] IsThemePartDefined () returned 0x1
[0153.764] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0153.765] GdipGetClip (graphics=0x6643af8, region=0x6644a18) returned 0x0
[0153.765] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0153.765] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.765] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0153.765] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0153.765] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0153.765] LocalFree (hMem=0x11ee9f0) returned 0x0
[0153.765] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0153.765] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea60) returned 0x0
[0153.765] LocalFree (hMem=0x11eea60) returned 0x0
[0153.765] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.765] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6643af8, result=0xd7e018) returned 0x0
[0153.766] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6643af8, result=0xd7e008) returned 0x0
[0153.766] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6643af8, hRgn=0xd7e008) returned 0x0
[0153.766] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0153.766] GdipGetDC (graphics=0x6643af8, hdc=0xd7e020) returned 0x0
[0153.837] GetCurrentObject (hdc=0x990107da, type=0x1) returned 0xb00017
[0153.837] GetCurrentObject (hdc=0x990107da, type=0x2) returned 0x900010
[0153.837] GetCurrentObject (hdc=0x990107da, type=0x7) returned 0x4a0507fe
[0153.837] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.837] SaveDC (hdc=0x990107da) returned 1
[0153.837] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x81040807
[0153.837] GetClipRgn (hdc=0x990107da, hrgn=0x81040807) returned 0
[0153.838] SelectClipRgn (hdc=0x990107da, hrgn=0x30407de) returned 2
[0153.838] DeleteObject (ho=0x81040807) returned 1
[0153.838] DeleteObject (ho=0x30407de) returned 1
[0153.838] OffsetViewportOrgEx (in: hdc=0x990107da, x=0, y=0, lppt=0x2e157e0 | out: lppt=0x2e157e0) returned 1
[0153.838] DrawThemeParentBackground () returned 0x0
[0153.838] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0153.838] GetClientRect (in: hWnd=0x402da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0153.838] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.838] GetSystemMetrics (nIndex=42) returned 0
[0153.838] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0153.839] GetClientRect (in: hWnd=0x402da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0153.839] GetCurrentObject (hdc=0x990107da, type=0x1) returned 0xb00017
[0153.839] GetCurrentObject (hdc=0x990107da, type=0x2) returned 0x900010
[0153.839] GetCurrentObject (hdc=0x990107da, type=0x7) returned 0x4a0507fe
[0153.839] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.839] SaveDC (hdc=0x990107da) returned 2
[0153.839] GetNearestColor (hdc=0x990107da, color=0xf0f0f0) returned 0xf0f0f0
[0153.839] CreateSolidBrush (color=0xf0f0f0) returned 0x401007e1
[0153.839] FillRect (hDC=0x990107da, lprc=0xd7da38, hbr=0x401007e1) returned 1
[0153.839] DeleteObject (ho=0x401007e1) returned 1
[0153.839] RestoreDC (hdc=0x990107da, nSavedDC=-1) returned 1
[0153.839] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.839] GetSystemMetrics (nIndex=42) returned 0
[0153.840] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0153.840] GetClientRect (in: hWnd=0x402da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0153.840] GetCurrentObject (hdc=0x990107da, type=0x1) returned 0xb00017
[0153.840] GetCurrentObject (hdc=0x990107da, type=0x2) returned 0x900010
[0153.840] GetCurrentObject (hdc=0x990107da, type=0x7) returned 0x4a0507fe
[0153.840] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.840] SaveDC (hdc=0x990107da) returned 2
[0153.840] GetNearestColor (hdc=0x990107da, color=0xf0f0f0) returned 0xf0f0f0
[0153.840] CreateSolidBrush (color=0xf0f0f0) returned 0x411007e1
[0153.840] FillRect (hDC=0x990107da, lprc=0xd7d9d8, hbr=0x411007e1) returned 1
[0153.840] DeleteObject (ho=0x411007e1) returned 1
[0153.840] RestoreDC (hdc=0x990107da, nSavedDC=-1) returned 1
[0153.840] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.840] GetSystemMetrics (nIndex=42) returned 0
[0153.841] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0153.841] RestoreDC (hdc=0x990107da, nSavedDC=-1) returned 1
[0153.841] GdipReleaseDC (graphics=0x6643af8, hdc=0x990107da) returned 0x0
[0153.841] IsAppThemed () returned 0x1
[0153.841] GetThemeAppProperties () returned 0x3
[0153.841] GetThemeAppProperties () returned 0x3
[0153.841] IsAppThemed () returned 0x1
[0153.841] GetThemeAppProperties () returned 0x3
[0153.841] GetThemeAppProperties () returned 0x3
[0153.841] IsThemePartDefined () returned 0x1
[0153.841] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0153.842] GdipGetClip (graphics=0x6643af8, region=0x6644a18) returned 0x0
[0153.842] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0153.842] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0153.842] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7df74) returned 0x0
[0153.842] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee788) returned 0x0
[0153.842] LocalFree (hMem=0x11ee788) returned 0x0
[0153.842] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee788) returned 0x0
[0153.842] LocalFree (hMem=0x11ee788) returned 0x0
[0153.842] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0153.842] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6643af8, result=0xd7df9c) returned 0x0
[0153.842] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6643af8, result=0xd7df8c) returned 0x0
[0153.842] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6643af8, hRgn=0xd7df8c) returned 0x0
[0153.842] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0153.842] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa4) returned 0x0
[0153.842] GetCurrentObject (hdc=0x990107da, type=0x1) returned 0xb00017
[0153.842] GetCurrentObject (hdc=0x990107da, type=0x2) returned 0x900010
[0153.842] GetCurrentObject (hdc=0x990107da, type=0x7) returned 0x4a0507fe
[0153.843] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.843] SaveDC (hdc=0x990107da) returned 1
[0153.843] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x40407de
[0153.843] GetClipRgn (hdc=0x990107da, hrgn=0x40407de) returned 0
[0153.843] SelectClipRgn (hdc=0x990107da, hrgn=0x83040807) returned 2
[0153.843] DeleteObject (ho=0x40407de) returned 1
[0153.843] DeleteObject (ho=0x83040807) returned 1
[0153.843] OffsetViewportOrgEx (in: hdc=0x990107da, x=0, y=0, lppt=0x2e1608c | out: lppt=0x2e1608c) returned 1
[0153.843] IsAppThemed () returned 0x1
[0153.843] GetThemeAppProperties () returned 0x3
[0153.843] GetThemeAppProperties () returned 0x3
[0153.843] DrawThemeBackground () returned 0x0
[0153.843] RestoreDC (hdc=0x990107da, nSavedDC=-1) returned 1
[0153.844] GdipReleaseDC (graphics=0x6643af8, hdc=0x990107da) returned 0x0
[0153.844] GdipCreateRegion (region=0xd7df60) returned 0x0
[0153.844] GdipGetClip (graphics=0x6643af8, region=0x6644748) returned 0x0
[0153.844] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0153.844] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.844] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0153.844] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0153.844] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0153.844] LocalFree (hMem=0x11ee788) returned 0x0
[0153.844] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0153.844] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0153.844] LocalFree (hMem=0x11ee8d8) returned 0x0
[0153.844] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.844] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6643af8, result=0xd7dfa0) returned 0x0
[0153.844] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6643af8, result=0xd7df90) returned 0x0
[0153.844] GdipGetRegionHRgn (region=0x6644748, graphics=0x6643af8, hRgn=0xd7df90) returned 0x0
[0153.844] GdipDeleteRegion (region=0x6644748) returned 0x0
[0153.845] GdipGetDC (graphics=0x6643af8, hdc=0xd7dfa8) returned 0x0
[0153.845] GetCurrentObject (hdc=0x990107da, type=0x1) returned 0xb00017
[0153.845] GetCurrentObject (hdc=0x990107da, type=0x2) returned 0x900010
[0153.845] GetCurrentObject (hdc=0x990107da, type=0x7) returned 0x4a0507fe
[0153.845] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.845] SaveDC (hdc=0x990107da) returned 1
[0153.845] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x84040807
[0153.845] GetClipRgn (hdc=0x990107da, hrgn=0x84040807) returned 0
[0153.845] SelectClipRgn (hdc=0x990107da, hrgn=0x50407de) returned 2
[0153.845] DeleteObject (ho=0x84040807) returned 1
[0153.846] DeleteObject (ho=0x50407de) returned 1
[0153.846] OffsetViewportOrgEx (in: hdc=0x990107da, x=0, y=0, lppt=0x2e16360 | out: lppt=0x2e16360) returned 1
[0153.846] IsAppThemed () returned 0x1
[0153.846] GetThemeAppProperties () returned 0x3
[0153.846] GetThemeAppProperties () returned 0x3
[0153.846] GetThemeBackgroundContentRect () returned 0x0
[0153.846] RestoreDC (hdc=0x990107da, nSavedDC=-1) returned 1
[0153.850] GdipReleaseDC (graphics=0x6643af8, hdc=0x990107da) returned 0x0
[0153.850] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0153.850] GdipGetClip (graphics=0x6643af8, region=0x66447d8) returned 0x0
[0153.850] GdipCloneRegion (region=0x66447d8, cloneRegion=0xd7e150) returned 0x0
[0153.850] GdipCombineRegionRectI (region=0x66446b8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0153.850] GdipCombineRegionRectI (region=0x66446b8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0153.850] GdipSetClipRegion (graphics=0x6643af8, region=0x66446b8, combineMode=0x0) returned 0x0
[0153.850] GdipGetImageWidth (image=0x6647690, width=0xd7e154) returned 0x0
[0153.851] GdipGetImageHeight (image=0x6647690, height=0xd7e148) returned 0x0
[0153.851] GdipDrawImageRectI (graphics=0x6643af8, image=0x6647690, x=4, y=4, width=16, height=16) returned 0x0
[0153.851] GdipSetClipRegion (graphics=0x6643af8, region=0x66447d8, combineMode=0x0) returned 0x0
[0153.851] IsAppThemed () returned 0x1
[0153.851] GetThemeAppProperties () returned 0x3
[0153.851] GetThemeAppProperties () returned 0x3
[0153.851] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e0dc) returned 0x0
[0153.851] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0c8) returned 0x0
[0153.851] GetCurrentObject (hdc=0x990107da, type=0x1) returned 0xb00017
[0153.851] GetCurrentObject (hdc=0x990107da, type=0x2) returned 0x900010
[0153.851] GetCurrentObject (hdc=0x990107da, type=0x7) returned 0x4a0507fe
[0153.851] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.851] SaveDC (hdc=0x990107da) returned 1
[0153.851] GetTextAlign (hdc=0x990107da) returned 0x0
[0153.852] GetTextColor (hdc=0x990107da) returned 0x0
[0153.852] GetCurrentObject (hdc=0x990107da, type=0x6) returned 0x8a01c2
[0153.852] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0153.852] SelectObject (hdc=0x990107da, h=0x6d0a0520) returned 0x8a01c2
[0153.852] GetBkMode (hdc=0x990107da) returned 2
[0153.852] SetBkMode (hdc=0x990107da, mode=1) returned 2
[0153.852] DrawTextExW (in: hdc=0x990107da, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e16720 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0153.852] DrawTextExW (in: hdc=0x990107da, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e16720 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0153.853] RestoreDC (hdc=0x990107da, nSavedDC=-1) returned 1
[0153.853] GdipReleaseDC (graphics=0x6643af8, hdc=0x990107da) returned 0x0
[0153.853] GetFocus () returned 0x502d2
[0153.853] IsAppThemed () returned 0x1
[0153.853] GetThemeAppProperties () returned 0x3
[0153.853] GetThemeAppProperties () returned 0x3
[0153.853] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2a8) returned 0x0
[0153.853] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x990107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0153.853] GdipReleaseDC (graphics=0x6643af8, hdc=0x990107da) returned 0x0
[0153.854] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.854] SelectObject (hdc=0x990107da, h=0x85000f) returned 0x4a0507fe
[0153.854] DeleteDC (hdc=0x990107da) returned 1
[0153.854] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.854] EndPaint (hWnd=0x502d2, lpPaint=0xd7e24c) returned 1
[0153.854] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0153.855] IsWindowUnicode (hWnd=0x30122) returned 1
[0153.855] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0153.864] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.864] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.865] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0153.866] IsWindowUnicode (hWnd=0x30122) returned 1
[0153.866] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.866] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.866] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.866] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.867] IsWindowUnicode (hWnd=0x6013e) returned 1
[0153.867] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.867] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.867] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.867] BeginPaint (in: hWnd=0x6013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0153.867] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0153.868] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa40107fb
[0153.868] SelectObject (hdc=0xa40107fb, h=0x4a0507fe) returned 0x85000f
[0153.868] GdipCreateFromHDC (hdc=0xa40107fb, graphics=0xd7e268) returned 0x0
[0153.868] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0153.868] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0153.868] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0153.868] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0153.868] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e2c8) returned 0x0
[0153.868] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0153.868] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eea60) returned 0x0
[0153.868] LocalFree (hMem=0x11eea60) returned 0x0
[0153.869] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0153.869] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0153.869] GdipGetClip (graphics=0x6643af8, region=0x6644508) returned 0x0
[0153.869] GdipIsInfiniteRegion (region=0x6644508, graphics=0x6643af8, result=0xd7e2bc) returned 0x0
[0153.869] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e2e8) returned 0x0
[0153.869] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd180dbd) returned 0x0
[0153.869] GdipDeleteRegion (region=0x6644508) returned 0x0
[0153.869] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0c8) returned 0x0
[0153.869] GetCurrentObject (hdc=0xa40107fb, type=0x1) returned 0xb00017
[0153.869] GetCurrentObject (hdc=0xa40107fb, type=0x2) returned 0x900010
[0153.869] GetCurrentObject (hdc=0xa40107fb, type=0x7) returned 0x4a0507fe
[0153.869] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.869] SaveDC (hdc=0xa40107fb) returned 1
[0153.869] GetNearestColor (hdc=0xa40107fb, color=0xf0f0f0) returned 0xf0f0f0
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0xa0a0a0) returned 0xa0a0a0
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0x696969) returned 0x696969
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0xa0a0a0) returned 0xa0a0a0
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0x0) returned 0x0
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0xffffff) returned 0xffffff
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0xe5e5e5) returned 0xe5e5e5
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0xd7d7d7) returned 0xd7d7d7
[0153.870] GetNearestColor (hdc=0xa40107fb, color=0x0) returned 0x0
[0153.870] RestoreDC (hdc=0xa40107fb, nSavedDC=-1) returned 1
[0153.870] GdipReleaseDC (graphics=0x6643af8, hdc=0xa40107fb) returned 0x0
[0153.870] IsAppThemed () returned 0x1
[0153.870] GetThemeAppProperties () returned 0x3
[0153.870] GetThemeAppProperties () returned 0x3
[0153.871] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0153.871] SendMessageW (hWnd=0x402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0153.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0153.871] IsAppThemed () returned 0x1
[0153.871] GetThemeAppProperties () returned 0x3
[0153.871] GetThemeAppProperties () returned 0x3
[0153.871] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e16f30 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0153.871] IsAppThemed () returned 0x1
[0153.871] GetThemeAppProperties () returned 0x3
[0153.872] GetThemeAppProperties () returned 0x3
[0153.872] IsAppThemed () returned 0x1
[0153.872] GetThemeAppProperties () returned 0x3
[0153.872] GetThemeAppProperties () returned 0x3
[0153.894] IsAppThemed () returned 0x1
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] IsAppThemed () returned 0x1
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] IsThemePartDefined () returned 0x1
[0153.894] IsAppThemed () returned 0x1
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0153.894] IsAppThemed () returned 0x1
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] GetThemeAppProperties () returned 0x3
[0153.894] IsAppThemed () returned 0x1
[0153.895] GetThemeAppProperties () returned 0x3
[0153.895] GetThemeAppProperties () returned 0x3
[0153.895] IsThemePartDefined () returned 0x1
[0153.895] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0153.895] GdipGetClip (graphics=0x6643af8, region=0x6644238) returned 0x0
[0153.895] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0153.895] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.895] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dfe4) returned 0x0
[0153.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0153.895] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee910) returned 0x0
[0153.895] LocalFree (hMem=0x11ee910) returned 0x0
[0153.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0153.895] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0153.895] LocalFree (hMem=0x11ee8d8) returned 0x0
[0153.895] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.896] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6643af8, result=0xd7e00c) returned 0x0
[0153.896] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6643af8, result=0xd7dffc) returned 0x0
[0153.896] GdipGetRegionHRgn (region=0x6644238, graphics=0x6643af8, hRgn=0xd7dffc) returned 0x0
[0153.896] GdipDeleteRegion (region=0x6644238) returned 0x0
[0153.896] GdipGetDC (graphics=0x6643af8, hdc=0xd7e014) returned 0x0
[0153.896] GetCurrentObject (hdc=0xa40107fb, type=0x1) returned 0xb00017
[0153.896] GetCurrentObject (hdc=0xa40107fb, type=0x2) returned 0x900010
[0153.896] GetCurrentObject (hdc=0xa40107fb, type=0x7) returned 0x4a0507fe
[0153.896] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.896] SaveDC (hdc=0xa40107fb) returned 1
[0153.896] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x60407de
[0153.896] GetClipRgn (hdc=0xa40107fb, hrgn=0x60407de) returned 0
[0153.896] SelectClipRgn (hdc=0xa40107fb, hrgn=0x88040807) returned 2
[0153.897] DeleteObject (ho=0x60407de) returned 1
[0153.897] DeleteObject (ho=0x88040807) returned 1
[0153.897] OffsetViewportOrgEx (in: hdc=0xa40107fb, x=0, y=0, lppt=0x2e175e0 | out: lppt=0x2e175e0) returned 1
[0153.897] DrawThemeParentBackground () returned 0x0
[0153.897] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0153.897] GetClientRect (in: hWnd=0x402da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0153.897] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.897] GetSystemMetrics (nIndex=42) returned 0
[0153.897] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0153.897] GetClientRect (in: hWnd=0x402da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0153.897] GetCurrentObject (hdc=0xa40107fb, type=0x1) returned 0xb00017
[0153.898] GetCurrentObject (hdc=0xa40107fb, type=0x2) returned 0x900010
[0153.898] GetCurrentObject (hdc=0xa40107fb, type=0x7) returned 0x4a0507fe
[0153.898] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.898] SaveDC (hdc=0xa40107fb) returned 2
[0153.898] GetNearestColor (hdc=0xa40107fb, color=0xf0f0f0) returned 0xf0f0f0
[0153.898] CreateSolidBrush (color=0xf0f0f0) returned 0x421007e1
[0153.898] FillRect (hDC=0xa40107fb, lprc=0xd7da30, hbr=0x421007e1) returned 1
[0153.898] DeleteObject (ho=0x421007e1) returned 1
[0153.898] RestoreDC (hdc=0xa40107fb, nSavedDC=-1) returned 1
[0153.898] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.898] GetSystemMetrics (nIndex=42) returned 0
[0153.898] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0153.899] GetClientRect (in: hWnd=0x402da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0153.899] GetCurrentObject (hdc=0xa40107fb, type=0x1) returned 0xb00017
[0153.899] GetCurrentObject (hdc=0xa40107fb, type=0x2) returned 0x900010
[0153.899] GetCurrentObject (hdc=0xa40107fb, type=0x7) returned 0x4a0507fe
[0153.899] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.899] SaveDC (hdc=0xa40107fb) returned 2
[0153.899] GetNearestColor (hdc=0xa40107fb, color=0xf0f0f0) returned 0xf0f0f0
[0153.899] CreateSolidBrush (color=0xf0f0f0) returned 0x431007e1
[0153.899] FillRect (hDC=0xa40107fb, lprc=0xd7d9d0, hbr=0x431007e1) returned 1
[0153.899] DeleteObject (ho=0x431007e1) returned 1
[0153.899] RestoreDC (hdc=0xa40107fb, nSavedDC=-1) returned 1
[0153.899] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0153.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0153.899] GetSystemMetrics (nIndex=42) returned 0
[0153.900] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0153.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0153.900] RestoreDC (hdc=0xa40107fb, nSavedDC=-1) returned 1
[0153.900] GdipReleaseDC (graphics=0x6643af8, hdc=0xa40107fb) returned 0x0
[0153.900] IsAppThemed () returned 0x1
[0153.900] GetThemeAppProperties () returned 0x3
[0153.900] GetThemeAppProperties () returned 0x3
[0153.900] IsAppThemed () returned 0x1
[0153.900] GetThemeAppProperties () returned 0x3
[0153.900] GetThemeAppProperties () returned 0x3
[0153.900] IsThemePartDefined () returned 0x1
[0153.900] GdipCreateRegion (region=0xd7df50) returned 0x0
[0153.900] GdipGetClip (graphics=0x6643af8, region=0x6644748) returned 0x0
[0153.900] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0153.901] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0153.901] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7df68) returned 0x0
[0153.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0153.901] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0153.901] LocalFree (hMem=0x11ee9f0) returned 0x0
[0153.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0153.901] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eec58) returned 0x0
[0153.901] LocalFree (hMem=0x11eec58) returned 0x0
[0153.901] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0153.901] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6643af8, result=0xd7df90) returned 0x0
[0153.901] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6643af8, result=0xd7df80) returned 0x0
[0153.901] GdipGetRegionHRgn (region=0x6644748, graphics=0x6643af8, hRgn=0xd7df80) returned 0x0
[0153.901] GdipDeleteRegion (region=0x6644748) returned 0x0
[0153.901] GdipGetDC (graphics=0x6643af8, hdc=0xd7df98) returned 0x0
[0153.901] GetCurrentObject (hdc=0xa40107fb, type=0x1) returned 0xb00017
[0153.902] GetCurrentObject (hdc=0xa40107fb, type=0x2) returned 0x900010
[0153.902] GetCurrentObject (hdc=0xa40107fb, type=0x7) returned 0x4a0507fe
[0153.902] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.902] SaveDC (hdc=0xa40107fb) returned 1
[0153.902] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x89040807
[0153.902] GetClipRgn (hdc=0xa40107fb, hrgn=0x89040807) returned 0
[0153.902] SelectClipRgn (hdc=0xa40107fb, hrgn=0x80407de) returned 2
[0153.902] DeleteObject (ho=0x89040807) returned 1
[0153.902] DeleteObject (ho=0x80407de) returned 1
[0153.902] OffsetViewportOrgEx (in: hdc=0xa40107fb, x=0, y=0, lppt=0x2e17e8c | out: lppt=0x2e17e8c) returned 1
[0153.902] IsAppThemed () returned 0x1
[0153.902] GetThemeAppProperties () returned 0x3
[0153.902] GetThemeAppProperties () returned 0x3
[0153.902] DrawThemeBackground () returned 0x0
[0153.903] RestoreDC (hdc=0xa40107fb, nSavedDC=-1) returned 1
[0153.903] GdipReleaseDC (graphics=0x6643af8, hdc=0xa40107fb) returned 0x0
[0153.992] GdipCreateRegion (region=0xd7df54) returned 0x0
[0153.992] GdipGetClip (graphics=0x6643af8, region=0x6644e98) returned 0x0
[0153.992] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0153.992] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0153.992] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df6c) returned 0x0
[0153.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0153.992] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0153.992] LocalFree (hMem=0x11ee788) returned 0x0
[0153.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0153.992] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0153.992] LocalFree (hMem=0x11eecc8) returned 0x0
[0153.993] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0153.993] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6643af8, result=0xd7df94) returned 0x0
[0153.993] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6643af8, result=0xd7df84) returned 0x0
[0153.993] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6643af8, hRgn=0xd7df84) returned 0x0
[0153.993] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0153.993] GdipGetDC (graphics=0x6643af8, hdc=0xd7df9c) returned 0x0
[0153.993] GetCurrentObject (hdc=0xa40107fb, type=0x1) returned 0xb00017
[0153.993] GetCurrentObject (hdc=0xa40107fb, type=0x2) returned 0x900010
[0153.993] GetCurrentObject (hdc=0xa40107fb, type=0x7) returned 0x4a0507fe
[0153.993] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.993] SaveDC (hdc=0xa40107fb) returned 1
[0153.993] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90407de
[0153.993] GetClipRgn (hdc=0xa40107fb, hrgn=0x90407de) returned 0
[0153.993] SelectClipRgn (hdc=0xa40107fb, hrgn=0x8a040807) returned 2
[0153.994] DeleteObject (ho=0x90407de) returned 1
[0153.994] DeleteObject (ho=0x8a040807) returned 1
[0153.994] OffsetViewportOrgEx (in: hdc=0xa40107fb, x=0, y=0, lppt=0x2e18160 | out: lppt=0x2e18160) returned 1
[0153.994] IsAppThemed () returned 0x1
[0153.994] GetThemeAppProperties () returned 0x3
[0153.994] GetThemeAppProperties () returned 0x3
[0153.994] GetThemeBackgroundContentRect () returned 0x0
[0153.994] RestoreDC (hdc=0xa40107fb, nSavedDC=-1) returned 1
[0153.994] GdipReleaseDC (graphics=0x6643af8, hdc=0xa40107fb) returned 0x0
[0153.994] IsAppThemed () returned 0x1
[0153.994] GetThemeAppProperties () returned 0x3
[0153.994] GetThemeAppProperties () returned 0x3
[0153.994] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e0d0) returned 0x0
[0153.994] GdipGetDC (graphics=0x6643af8, hdc=0xd7e0bc) returned 0x0
[0153.994] GetCurrentObject (hdc=0xa40107fb, type=0x1) returned 0xb00017
[0153.994] GetCurrentObject (hdc=0xa40107fb, type=0x2) returned 0x900010
[0153.995] GetCurrentObject (hdc=0xa40107fb, type=0x7) returned 0x4a0507fe
[0153.995] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.995] SaveDC (hdc=0xa40107fb) returned 1
[0153.995] GetTextAlign (hdc=0xa40107fb) returned 0x0
[0153.995] GetTextColor (hdc=0xa40107fb) returned 0x0
[0153.995] GetCurrentObject (hdc=0xa40107fb, type=0x6) returned 0x8a01c2
[0153.995] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0153.995] SelectObject (hdc=0xa40107fb, h=0x6d0a0520) returned 0x8a01c2
[0153.995] GetBkMode (hdc=0xa40107fb) returned 2
[0153.995] SetBkMode (hdc=0xa40107fb, mode=1) returned 2
[0153.995] DrawTextExW (in: hdc=0xa40107fb, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e18500 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0153.996] DrawTextExW (in: hdc=0xa40107fb, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e18500 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0153.996] RestoreDC (hdc=0xa40107fb, nSavedDC=-1) returned 1
[0153.996] GdipReleaseDC (graphics=0x6643af8, hdc=0xa40107fb) returned 0x0
[0153.996] GetFocus () returned 0x502d2
[0153.997] IsAppThemed () returned 0x1
[0153.997] GetThemeAppProperties () returned 0x3
[0153.997] GetThemeAppProperties () returned 0x3
[0153.997] GdipGetDC (graphics=0x6643af8, hdc=0xd7e2a8) returned 0x0
[0153.997] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xa40107fb, x1=0, y1=0, rop=0xcc0020) returned 1
[0153.997] GdipReleaseDC (graphics=0x6643af8, hdc=0xa40107fb) returned 0x0
[0153.997] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0153.997] SelectObject (hdc=0xa40107fb, h=0x85000f) returned 0x4a0507fe
[0153.997] DeleteDC (hdc=0xa40107fb) returned 1
[0153.997] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0153.997] EndPaint (hWnd=0x6013e, lpPaint=0xd7e24c) returned 1
[0153.998] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.998] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0153.998] IsWindowUnicode (hWnd=0x6013e) returned 1
[0153.998] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0153.998] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0153.998] GetDlgItem (hDlg=0x402da, nIDDlgItem=0) returned 0x0
[0153.999] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x210, wParam=0x201, lParam=0x6b0124) returned 0x0
[0153.999] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x21, wParam=0x402da, lParam=0x2010001) returned 0x1
[0153.999] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x21, wParam=0x402da, lParam=0x2010001) returned 0x1
[0153.999] SetCursor (hCursor=0x10003) returned 0x10003
[0153.999] TranslateMessage (lpMsg=0xd7e808) returned 0
[0153.999] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0153.999] GetKeyState (nVirtKey=1) returned -127
[0153.999] GetKeyState (nVirtKey=2) returned 0
[0153.999] GetKeyState (nVirtKey=4) returned 0
[0153.999] GetKeyState (nVirtKey=5) returned 0
[0154.000] GetKeyState (nVirtKey=6) returned 0
[0154.000] IsWindowVisible (hWnd=0x6013e) returned 1
[0154.000] IsWindowEnabled (hWnd=0x6013e) returned 1
[0154.000] SetFocus (hWnd=0x6013e) returned 0x502d2
[0154.001] GetFocus () returned 0x6013e
[0154.001] IsChild (hWndParent=0x402da, hWnd=0x6013e) returned 1
[0154.001] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x8, wParam=0x6013e, lParam=0x0) returned 0x0
[0154.001] GetCapture () returned 0x0
[0154.001] InvalidateRect (hWnd=0x502d2, lpRect=0x0, bErase=0) returned 1
[0154.002] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0154.004] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0154.012] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0154.012] InvalidateRect (hWnd=0x502d2, lpRect=0x0, bErase=0) returned 1
[0154.012] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0154.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x7, wParam=0x502d2, lParam=0x0) returned 0x0
[0154.012] GetStockObject (i=5) returned 0x900015
[0154.013] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0154.013] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0154.013] GetDlgItem (hDlg=0x402da, nIDDlgItem=393534) returned 0x6013e
[0154.013] SendMessageW (hWnd=0x6013e, Msg=0x202b, wParam=0x6013e, lParam=0xd7dddc) returned 0x0
[0154.013] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x202b, wParam=0x6013e, lParam=0xd7dddc) returned 0x0
[0154.013] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0154.016] GetFocus () returned 0x6013e
[0154.016] GetFocus () returned 0x6013e
[0154.016] GetFocus () returned 0x6013e
[0154.016] GetKeyState (nVirtKey=1) returned -127
[0154.016] GetKeyState (nVirtKey=2) returned 0
[0154.016] GetKeyState (nVirtKey=4) returned 0
[0154.016] GetKeyState (nVirtKey=5) returned 0
[0154.016] GetKeyState (nVirtKey=6) returned 0
[0154.016] GetCapture () returned 0x0
[0154.016] SetCapture (hWnd=0x6013e) returned 0x0
[0154.017] GetKeyState (nVirtKey=1) returned -127
[0154.017] GetKeyState (nVirtKey=2) returned 0
[0154.017] GetKeyState (nVirtKey=4) returned 0
[0154.017] GetKeyState (nVirtKey=5) returned 0
[0154.017] GetKeyState (nVirtKey=6) returned 0
[0154.017] NotifyWinEvent (event=0x800a, hwnd=0x6013e, idObject=-4, idChild=0)
[0154.017] InvalidateRect (hWnd=0x6013e, lpRect=0xd7e430, bErase=0) returned 1
[0154.017] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0154.018] IsWindowUnicode (hWnd=0x6013e) returned 1
[0154.018] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0154.018] TranslateMessage (lpMsg=0xd7e808) returned 0
[0154.018] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0154.018] MapWindowPoints (in: hWndFrom=0x6013e, hWndTo=0x0, lpPoints=0x2e186f0, cPoints=0x1 | out: lpPoints=0x2e186f0) returned 30999254
[0154.018] NotifyWinEvent (event=0x800a, hwnd=0x6013e, idObject=-4, idChild=0)
[0154.018] InvalidateRect (hWnd=0x6013e, lpRect=0xd7e3d0, bErase=0) returned 1
[0154.018] UpdateWindow (hWnd=0x6013e) returned 1
[0154.019] BeginPaint (in: hWnd=0x6013e, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0154.019] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0154.019] CreateCompatibleDC (hdc=0xf0105ee) returned 0x980107bb
[0154.019] SelectObject (hdc=0x980107bb, h=0x4a0507fe) returned 0x85000f
[0154.019] GdipCreateFromHDC (hdc=0x980107bb, graphics=0xd7df00) returned 0x0
[0154.019] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0154.019] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0154.019] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0154.019] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0154.020] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7df60) returned 0x0
[0154.020] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.020] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0154.020] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.020] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0154.020] GdipCreateRegion (region=0xd7df48) returned 0x0
[0154.020] GdipGetClip (graphics=0x6643af8, region=0x6644478) returned 0x0
[0154.020] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6643af8, result=0xd7df54) returned 0x0
[0154.020] GdipSaveGraphics (graphics=0x6643af8, state=0xd7df80) returned 0x0
[0154.020] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd160dbd) returned 0x0
[0154.020] GdipDeleteRegion (region=0x6644478) returned 0x0
[0154.020] GdipGetDC (graphics=0x6643af8, hdc=0xd7dd60) returned 0x0
[0154.021] GetCurrentObject (hdc=0x980107bb, type=0x1) returned 0xb00017
[0154.021] GetCurrentObject (hdc=0x980107bb, type=0x2) returned 0x900010
[0154.021] GetCurrentObject (hdc=0x980107bb, type=0x7) returned 0x4a0507fe
[0154.021] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.021] SaveDC (hdc=0x980107bb) returned 1
[0154.021] GetNearestColor (hdc=0x980107bb, color=0xf0f0f0) returned 0xf0f0f0
[0154.021] GetNearestColor (hdc=0x980107bb, color=0xa0a0a0) returned 0xa0a0a0
[0154.021] GetNearestColor (hdc=0x980107bb, color=0x696969) returned 0x696969
[0154.021] GetNearestColor (hdc=0x980107bb, color=0xa0a0a0) returned 0xa0a0a0
[0154.021] GetNearestColor (hdc=0x980107bb, color=0x0) returned 0x0
[0154.021] GetNearestColor (hdc=0x980107bb, color=0xffffff) returned 0xffffff
[0154.022] GetNearestColor (hdc=0x980107bb, color=0xe5e5e5) returned 0xe5e5e5
[0154.022] GetNearestColor (hdc=0x980107bb, color=0xd7d7d7) returned 0xd7d7d7
[0154.022] GetNearestColor (hdc=0x980107bb, color=0x0) returned 0x0
[0154.022] RestoreDC (hdc=0x980107bb, nSavedDC=-1) returned 1
[0154.022] GdipReleaseDC (graphics=0x6643af8, hdc=0x980107bb) returned 0x0
[0154.022] IsAppThemed () returned 0x1
[0154.022] GetThemeAppProperties () returned 0x3
[0154.022] GetThemeAppProperties () returned 0x3
[0154.022] IsAppThemed () returned 0x1
[0154.022] GetThemeAppProperties () returned 0x3
[0154.022] GetThemeAppProperties () returned 0x3
[0154.023] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e18e48 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0154.023] IsAppThemed () returned 0x1
[0154.023] GetThemeAppProperties () returned 0x3
[0154.023] GetThemeAppProperties () returned 0x3
[0154.023] IsAppThemed () returned 0x1
[0154.023] GetThemeAppProperties () returned 0x3
[0154.023] GetThemeAppProperties () returned 0x3
[0154.024] IsAppThemed () returned 0x1
[0154.136] GetThemeAppProperties () returned 0x3
[0154.136] GetThemeAppProperties () returned 0x3
[0154.136] IsAppThemed () returned 0x1
[0154.136] GetThemeAppProperties () returned 0x3
[0154.136] GetThemeAppProperties () returned 0x3
[0154.136] IsThemePartDefined () returned 0x1
[0154.136] IsAppThemed () returned 0x1
[0154.136] GetThemeAppProperties () returned 0x3
[0154.136] GetThemeAppProperties () returned 0x3
[0154.136] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0154.136] IsAppThemed () returned 0x1
[0154.136] GetThemeAppProperties () returned 0x3
[0154.137] GetThemeAppProperties () returned 0x3
[0154.137] IsAppThemed () returned 0x1
[0154.137] GetThemeAppProperties () returned 0x3
[0154.137] GetThemeAppProperties () returned 0x3
[0154.137] IsThemePartDefined () returned 0x1
[0154.137] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0154.137] GdipGetClip (graphics=0x6643af8, region=0x66443e8) returned 0x0
[0154.137] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0154.137] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0154.137] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc7c) returned 0x0
[0154.137] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0154.138] LocalFree (hMem=0x11ee8d8) returned 0x0
[0154.138] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0154.138] LocalFree (hMem=0x11ee8d8) returned 0x0
[0154.138] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0154.138] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6643af8, result=0xd7dca4) returned 0x0
[0154.138] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6643af8, result=0xd7dc94) returned 0x0
[0154.138] GdipGetRegionHRgn (region=0x66443e8, graphics=0x6643af8, hRgn=0xd7dc94) returned 0x0
[0154.138] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0154.138] GdipGetDC (graphics=0x6643af8, hdc=0xd7dcac) returned 0x0
[0154.138] GetCurrentObject (hdc=0x980107bb, type=0x1) returned 0xb00017
[0154.138] GetCurrentObject (hdc=0x980107bb, type=0x2) returned 0x900010
[0154.138] GetCurrentObject (hdc=0x980107bb, type=0x7) returned 0x4a0507fe
[0154.138] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.139] SaveDC (hdc=0x980107bb) returned 1
[0154.139] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b040807
[0154.139] GetClipRgn (hdc=0x980107bb, hrgn=0x8b040807) returned 0
[0154.139] SelectClipRgn (hdc=0x980107bb, hrgn=0xd0407de) returned 2
[0154.139] DeleteObject (ho=0x8b040807) returned 1
[0154.139] DeleteObject (ho=0xd0407de) returned 1
[0154.139] OffsetViewportOrgEx (in: hdc=0x980107bb, x=0, y=0, lppt=0x2e194f8 | out: lppt=0x2e194f8) returned 1
[0154.139] DrawThemeParentBackground () returned 0x0
[0154.139] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0154.139] GetClientRect (in: hWnd=0x402da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0154.140] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0154.140] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0154.140] GetSystemMetrics (nIndex=42) returned 0
[0154.140] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0154.140] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0154.140] GetClientRect (in: hWnd=0x402da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0154.140] GetCurrentObject (hdc=0x980107bb, type=0x1) returned 0xb00017
[0154.140] GetCurrentObject (hdc=0x980107bb, type=0x2) returned 0x900010
[0154.140] GetCurrentObject (hdc=0x980107bb, type=0x7) returned 0x4a0507fe
[0154.140] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.140] SaveDC (hdc=0x980107bb) returned 2
[0154.140] GetNearestColor (hdc=0x980107bb, color=0xf0f0f0) returned 0xf0f0f0
[0154.140] CreateSolidBrush (color=0xf0f0f0) returned 0x441007e1
[0154.141] FillRect (hDC=0x980107bb, lprc=0xd7d6c8, hbr=0x441007e1) returned 1
[0154.141] DeleteObject (ho=0x441007e1) returned 1
[0154.141] RestoreDC (hdc=0x980107bb, nSavedDC=-1) returned 1
[0154.142] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0154.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0154.142] GetSystemMetrics (nIndex=42) returned 0
[0154.142] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0154.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0154.142] GetClientRect (in: hWnd=0x402da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0154.142] GetCurrentObject (hdc=0x980107bb, type=0x1) returned 0xb00017
[0154.142] GetCurrentObject (hdc=0x980107bb, type=0x2) returned 0x900010
[0154.142] GetCurrentObject (hdc=0x980107bb, type=0x7) returned 0x4a0507fe
[0154.142] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.142] SaveDC (hdc=0x980107bb) returned 2
[0154.142] GetNearestColor (hdc=0x980107bb, color=0xf0f0f0) returned 0xf0f0f0
[0154.142] CreateSolidBrush (color=0xf0f0f0) returned 0x451007e1
[0154.142] FillRect (hDC=0x980107bb, lprc=0xd7d668, hbr=0x451007e1) returned 1
[0154.143] DeleteObject (ho=0x451007e1) returned 1
[0154.143] RestoreDC (hdc=0x980107bb, nSavedDC=-1) returned 1
[0154.143] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0154.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0154.143] GetSystemMetrics (nIndex=42) returned 0
[0154.143] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0154.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0154.143] RestoreDC (hdc=0x980107bb, nSavedDC=-1) returned 1
[0154.143] GdipReleaseDC (graphics=0x6643af8, hdc=0x980107bb) returned 0x0
[0154.143] IsAppThemed () returned 0x1
[0154.143] GetThemeAppProperties () returned 0x3
[0154.143] GetThemeAppProperties () returned 0x3
[0154.143] IsAppThemed () returned 0x1
[0154.143] GetThemeAppProperties () returned 0x3
[0154.144] GetThemeAppProperties () returned 0x3
[0154.144] IsThemePartDefined () returned 0x1
[0154.144] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0154.144] GdipGetClip (graphics=0x6643af8, region=0x6644aa8) returned 0x0
[0154.144] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0154.144] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0154.144] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7dc00) returned 0x0
[0154.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0154.144] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee8d8) returned 0x0
[0154.144] LocalFree (hMem=0x11ee8d8) returned 0x0
[0154.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.144] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0154.145] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.145] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0154.145] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6643af8, result=0xd7dc28) returned 0x0
[0154.145] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6643af8, result=0xd7dc18) returned 0x0
[0154.145] GdipGetRegionHRgn (region=0x6644aa8, graphics=0x6643af8, hRgn=0xd7dc18) returned 0x0
[0154.145] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0154.145] GdipGetDC (graphics=0x6643af8, hdc=0xd7dc30) returned 0x0
[0154.145] GetCurrentObject (hdc=0x980107bb, type=0x1) returned 0xb00017
[0154.146] GetCurrentObject (hdc=0x980107bb, type=0x2) returned 0x900010
[0154.146] GetCurrentObject (hdc=0x980107bb, type=0x7) returned 0x4a0507fe
[0154.146] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.146] SaveDC (hdc=0x980107bb) returned 1
[0154.146] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe0407de
[0154.146] GetClipRgn (hdc=0x980107bb, hrgn=0xe0407de) returned 0
[0154.146] SelectClipRgn (hdc=0x980107bb, hrgn=0x8d040807) returned 2
[0154.146] DeleteObject (ho=0xe0407de) returned 1
[0154.146] DeleteObject (ho=0x8d040807) returned 1
[0154.146] OffsetViewportOrgEx (in: hdc=0x980107bb, x=0, y=0, lppt=0x2e19da4 | out: lppt=0x2e19da4) returned 1
[0154.258] IsAppThemed () returned 0x1
[0154.258] GetThemeAppProperties () returned 0x3
[0154.258] GetThemeAppProperties () returned 0x3
[0154.258] DrawThemeBackground () returned 0x0
[0154.258] RestoreDC (hdc=0x980107bb, nSavedDC=-1) returned 1
[0154.258] GdipReleaseDC (graphics=0x6643af8, hdc=0x980107bb) returned 0x0
[0154.259] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0154.259] GdipGetClip (graphics=0x6643af8, region=0x6644868) returned 0x0
[0154.259] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0154.259] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0154.259] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc04) returned 0x0
[0154.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.259] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0154.259] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0154.259] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0154.259] LocalFree (hMem=0x11eec58) returned 0x0
[0154.259] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0154.260] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6643af8, result=0xd7dc2c) returned 0x0
[0154.260] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6643af8, result=0xd7dc1c) returned 0x0
[0154.260] GdipGetRegionHRgn (region=0x6644868, graphics=0x6643af8, hRgn=0xd7dc1c) returned 0x0
[0154.260] GdipDeleteRegion (region=0x6644868) returned 0x0
[0154.260] GdipGetDC (graphics=0x6643af8, hdc=0xd7dc34) returned 0x0
[0154.260] GetCurrentObject (hdc=0x980107bb, type=0x1) returned 0xb00017
[0154.260] GetCurrentObject (hdc=0x980107bb, type=0x2) returned 0x900010
[0154.260] GetCurrentObject (hdc=0x980107bb, type=0x7) returned 0x4a0507fe
[0154.260] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.260] SaveDC (hdc=0x980107bb) returned 1
[0154.261] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8e040807
[0154.261] GetClipRgn (hdc=0x980107bb, hrgn=0x8e040807) returned 0
[0154.261] SelectClipRgn (hdc=0x980107bb, hrgn=0xf0407de) returned 2
[0154.261] DeleteObject (ho=0x8e040807) returned 1
[0154.261] DeleteObject (ho=0xf0407de) returned 1
[0154.261] OffsetViewportOrgEx (in: hdc=0x980107bb, x=0, y=0, lppt=0x2e1a078 | out: lppt=0x2e1a078) returned 1
[0154.261] IsAppThemed () returned 0x1
[0154.261] GetThemeAppProperties () returned 0x3
[0154.261] GetThemeAppProperties () returned 0x3
[0154.261] GetThemeBackgroundContentRect () returned 0x0
[0154.261] RestoreDC (hdc=0x980107bb, nSavedDC=-1) returned 1
[0154.261] GdipReleaseDC (graphics=0x6643af8, hdc=0x980107bb) returned 0x0
[0154.261] IsAppThemed () returned 0x1
[0154.261] GetThemeAppProperties () returned 0x3
[0154.261] GetThemeAppProperties () returned 0x3
[0154.262] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7dd68) returned 0x0
[0154.262] GdipGetDC (graphics=0x6643af8, hdc=0xd7dd54) returned 0x0
[0154.262] GetCurrentObject (hdc=0x980107bb, type=0x1) returned 0xb00017
[0154.262] GetCurrentObject (hdc=0x980107bb, type=0x2) returned 0x900010
[0154.262] GetCurrentObject (hdc=0x980107bb, type=0x7) returned 0x4a0507fe
[0154.262] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.262] SaveDC (hdc=0x980107bb) returned 1
[0154.262] GetTextAlign (hdc=0x980107bb) returned 0x0
[0154.262] GetTextColor (hdc=0x980107bb) returned 0x0
[0154.262] GetCurrentObject (hdc=0x980107bb, type=0x6) returned 0x8a01c2
[0154.262] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0154.263] SelectObject (hdc=0x980107bb, h=0x6d0a0520) returned 0x8a01c2
[0154.263] GetBkMode (hdc=0x980107bb) returned 2
[0154.263] SetBkMode (hdc=0x980107bb, mode=1) returned 2
[0154.263] DrawTextExW (in: hdc=0x980107bb, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e1a418 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0154.264] DrawTextExW (in: hdc=0x980107bb, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e1a418 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0154.264] RestoreDC (hdc=0x980107bb, nSavedDC=-1) returned 1
[0154.264] GdipReleaseDC (graphics=0x6643af8, hdc=0x980107bb) returned 0x0
[0154.265] GetFocus () returned 0x6013e
[0154.265] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0154.265] SendMessageW (hWnd=0x402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0154.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0154.265] IsAppThemed () returned 0x1
[0154.265] GetThemeAppProperties () returned 0x3
[0154.265] GetThemeAppProperties () returned 0x3
[0154.265] GdipGetDC (graphics=0x6643af8, hdc=0xd7df40) returned 0x0
[0154.265] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x980107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0154.265] GdipReleaseDC (graphics=0x6643af8, hdc=0x980107bb) returned 0x0
[0154.265] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0154.265] SelectObject (hdc=0x980107bb, h=0x85000f) returned 0x4a0507fe
[0154.265] DeleteDC (hdc=0x980107bb) returned 1
[0154.266] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0154.266] EndPaint (hWnd=0x6013e, lpPaint=0xd7dee4) returned 1
[0154.266] MapWindowPoints (in: hWndFrom=0x6013e, hWndTo=0x0, lpPoints=0x2e1a514, cPoints=0x1 | out: lpPoints=0x2e1a514) returned 30999254
[0154.266] WindowFromPoint (Point=0x319) returned 0x6013e
[0154.266] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0154.266] NotifyWinEvent (event=0x800a, hwnd=0x6013e, idObject=-4, idChild=0)
[0154.266] NotifyWinEvent (event=0x800c, hwnd=0x6013e, idObject=-4, idChild=0)
[0154.266] GetCapture () returned 0x6013e
[0154.271] ReleaseCapture () returned 1
[0154.271] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0154.271] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0154.272] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0154.272] IsWindow (hWnd=0x7005c) returned 1
[0154.272] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0154.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0154.273] IsWindow (hWnd=0x402da) returned 1
[0154.273] SetActiveWindow (hWnd=0x402da) returned 0x402da
[0154.273] IsWindow (hWnd=0x402da) returned 1
[0154.273] SetFocus (hWnd=0x402da) returned 0x6013e
[0154.274] GetFocus () returned 0x402da
[0154.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x8, wParam=0x402da, lParam=0x0) returned 0x0
[0154.274] GetCapture () returned 0x0
[0154.274] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0154.275] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0154.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0154.292] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0154.293] GetFocus () returned 0x402da
[0154.312] SetFocus (hWnd=0x6013e) returned 0x402da
[0154.313] GetFocus () returned 0x6013e
[0154.313] IsChild (hWndParent=0x402da, hWnd=0x6013e) returned 1
[0154.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x8, wParam=0x6013e, lParam=0x0) returned 0x0
[0154.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0154.315] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0154.318] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0154.318] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x7, wParam=0x402da, lParam=0x0) returned 0x0
[0154.318] GetStockObject (i=5) returned 0x900015
[0154.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0154.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0154.319] GetDlgItem (hDlg=0x402da, nIDDlgItem=393534) returned 0x6013e
[0154.319] SendMessageW (hWnd=0x6013e, Msg=0x202b, wParam=0x6013e, lParam=0xd7ddcc) returned 0x0
[0154.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x202b, wParam=0x6013e, lParam=0xd7ddcc) returned 0x0
[0154.319] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0154.322] GetWindowLongW (hWnd=0x402da, nIndex=-8) returned 458844
[0154.322] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0154.322] GetCurrentThreadId () returned 0xf50
[0154.322] IsWindow (hWnd=0x7005c) returned 1
[0154.322] IsWindow (hWnd=0x7005c) returned 1
[0154.322] IsWindowVisible (hWnd=0x7005c) returned 1
[0154.322] SetActiveWindow (hWnd=0x7005c) returned 0x402da
[0154.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0154.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0154.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0154.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0154.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0154.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0154.332] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0154.333] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0154.333] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0154.333] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0154.333] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0154.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0154.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0154.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x402da) returned 0x1
[0154.354] GetFocus () returned 0x6013e
[0154.354] SetFocus (hWnd=0x602c4) returned 0x6013e
[0154.355] GetFocus () returned 0x602c4
[0154.355] IsChild (hWndParent=0x402da, hWnd=0x602c4) returned 0
[0154.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0154.355] GetCapture () returned 0x0
[0154.355] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0154.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0154.357] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0154.359] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0154.359] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0154.360] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0154.360] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0154.361] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0154.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x6013e, lParam=0x0) returned 0x0
[0154.361] GetStockObject (i=5) returned 0x900015
[0154.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0154.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed800) returned 0xc
[0154.362] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0154.362] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0154.362] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0154.362] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0154.368] GetFocus () returned 0x602c4
[0154.368] IsChild (hWndParent=0x402da, hWnd=0x602c4) returned 0
[0154.368] ShowWindow (hWnd=0x402da, nCmdShow=0) returned 1
[0154.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0154.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0154.371] GetWindowPlacement (in: hWnd=0x402da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0154.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0154.371] GetClientRect (in: hWnd=0x402da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0154.371] GetWindowRect (in: hWnd=0x402da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0154.372] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0154.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0154.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0154.404] GetWindowLongW (hWnd=0x402da, nIndex=-20) returned 327945
[0154.404] DestroyWindow (hWnd=0x402da) returned 1
[0154.404] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0154.405] GetWindowTextLengthW (hWnd=0x402da) returned 13
[0154.405] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0154.405] GetSystemMetrics (nIndex=42) returned 0
[0154.406] GetWindowTextW (in: hWnd=0x402da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0154.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0154.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0154.406] GetWindowTextLengthW (hWnd=0x402de) returned 0
[0154.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0154.406] GetSystemMetrics (nIndex=42) returned 0
[0154.406] GetWindowTextW (in: hWnd=0x402de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0154.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0154.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0154.406] GetWindowThreadProcessId (in: hWnd=0xb02ca, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0154.406] GetWindow (hWnd=0xb02ca, uCmd=0x5) returned 0x0
[0154.406] GetWindowLongW (hWnd=0xb02ca, nIndex=-20) returned 65792
[0154.406] DestroyWindow (hWnd=0xb02ca) returned 1
[0154.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0154.407] GetWindowTextLengthW (hWnd=0xb02ca) returned 25
[0154.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0154.407] GetSystemMetrics (nIndex=42) returned 0
[0154.407] GetWindowTextW (in: hWnd=0xb02ca, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0154.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0154.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0154.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02ca, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.409] GetWindowTextLengthW (hWnd=0x602d8) returned 232
[0154.409] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0154.409] GetSystemMetrics (nIndex=42) returned 0
[0154.409] GetWindowTextW (in: hWnd=0x602d8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0154.409] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0154.409] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0154.409] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0154.409] InvalidateRect (hWnd=0x6013e, lpRect=0x0, bErase=0) returned 1
[0154.409] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0154.409] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0154.410] SendMessageW (hWnd=0x402dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0154.410] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0154.410] SendMessageW (hWnd=0x402dc, Msg=0xb0, wParam=0x2deff78, lParam=0xd7e480) returned 0x0
[0154.410] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0xb0, wParam=0x2deff78, lParam=0xd7e480) returned 0x0
[0154.410] GetWindowTextLengthW (hWnd=0x402dc) returned 4363
[0154.410] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0154.410] GetSystemMetrics (nIndex=42) returned 0
[0154.410] CoTaskMemAlloc (cb=0x221c) returned 0x1203e48
[0154.410] GetWindowTextW (in: hWnd=0x402dc, lpString=0x1203e48, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0154.410] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0xd, wParam=0x110c, lParam=0x1203e48) returned 0x110b
[0154.411] CoTaskMemFree (pv=0x1203e48)
[0154.411] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0154.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.413] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x502d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.416] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.417] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x700ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.424] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x402dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x402da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0154.428] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.428] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.428] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.428] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.428] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.428] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0154.429] IsWindowUnicode (hWnd=0x7005c) returned 1
[0154.429] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0154.429] SetCursor (hCursor=0x10003) returned 0x10003
[0154.429] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.429] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.429] _TrackMouseEvent (in: lpEventTrack=0x2d39ae4 | out: lpEventTrack=0x2d39ae4) returned 1
[0154.429] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0154.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0154.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x111025b) returned 0x0
[0154.430] GetKeyState (nVirtKey=1) returned 1
[0154.430] GetKeyState (nVirtKey=2) returned 0
[0154.430] GetKeyState (nVirtKey=4) returned 0
[0154.430] GetKeyState (nVirtKey=5) returned 0
[0154.430] GetKeyState (nVirtKey=6) returned 0
[0154.430] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0154.430] IsWindowUnicode (hWnd=0x7005c) returned 1
[0154.430] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.431] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.431] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.431] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0154.431] IsWindowUnicode (hWnd=0x7005c) returned 1
[0154.431] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e60319) returned 0x1
[0154.431] SetCursor (hCursor=0x10003) returned 0x10003
[0154.432] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.432] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x111025b) returned 0x0
[0154.432] GetKeyState (nVirtKey=1) returned 1
[0154.432] GetKeyState (nVirtKey=2) returned 0
[0154.432] GetKeyState (nVirtKey=4) returned 0
[0154.432] GetKeyState (nVirtKey=5) returned 0
[0154.432] GetKeyState (nVirtKey=6) returned 0
[0154.432] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.432] IsWindowUnicode (hWnd=0x602c4) returned 1
[0154.432] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.432] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.432] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.433] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.433] IsWindowUnicode (hWnd=0x602c4) returned 1
[0154.433] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.434] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.434] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.434] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0154.434] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0154.434] CreateCompatibleDC (hdc=0xf0105ee) returned 0x7a0107d3
[0154.434] SelectObject (hdc=0x7a0107d3, h=0x4a0507fe) returned 0x85000f
[0154.434] GdipCreateFromHDC (hdc=0x7a0107d3, graphics=0xd7e798) returned 0x0
[0154.441] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0154.441] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0154.441] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0154.441] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0154.441] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e7f8) returned 0x0
[0154.441] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.441] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0154.441] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.441] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0154.441] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0154.441] GdipGetClip (graphics=0x6643af8, region=0x6644598) returned 0x0
[0154.441] GdipIsInfiniteRegion (region=0x6644598, graphics=0x6643af8, result=0xd7e7ec) returned 0x0
[0154.441] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e818) returned 0x0
[0154.441] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd140dbd) returned 0x0
[0154.442] GdipDeleteRegion (region=0x6644598) returned 0x0
[0154.442] GdipGetDC (graphics=0x6643af8, hdc=0xd7e604) returned 0x0
[0154.442] GetCurrentObject (hdc=0x7a0107d3, type=0x1) returned 0xb00017
[0154.442] GetCurrentObject (hdc=0x7a0107d3, type=0x2) returned 0x900010
[0154.442] GetCurrentObject (hdc=0x7a0107d3, type=0x7) returned 0x4a0507fe
[0154.442] GetCurrentObject (hdc=0x7a0107d3, type=0x6) returned 0x8a01c2
[0154.442] SaveDC (hdc=0x7a0107d3) returned 1
[0154.442] GetNearestColor (hdc=0x7a0107d3, color=0xff) returned 0xff
[0154.442] GetNearestColor (hdc=0x7a0107d3, color=0x55) returned 0x55
[0154.442] GetNearestColor (hdc=0x7a0107d3, color=0x0) returned 0x0
[0154.442] GetNearestColor (hdc=0x7a0107d3, color=0x55) returned 0x55
[0154.442] GetNearestColor (hdc=0x7a0107d3, color=0x0) returned 0x0
[0154.442] GetNearestColor (hdc=0x7a0107d3, color=0x8080ff) returned 0x8080ff
[0154.443] GetNearestColor (hdc=0x7a0107d3, color=0x7373e5) returned 0x7373e5
[0154.443] GetNearestColor (hdc=0x7a0107d3, color=0xe5) returned 0xe5
[0154.443] GetNearestColor (hdc=0x7a0107d3, color=0x0) returned 0x0
[0154.443] RestoreDC (hdc=0x7a0107d3, nSavedDC=-1) returned 1
[0154.443] GdipReleaseDC (graphics=0x6643af8, hdc=0x7a0107d3) returned 0x0
[0154.443] IsAppThemed () returned 0x1
[0154.443] GetThemeAppProperties () returned 0x3
[0154.443] GetThemeAppProperties () returned 0x3
[0154.443] IsAppThemed () returned 0x1
[0154.443] GetThemeAppProperties () returned 0x3
[0154.443] GetThemeAppProperties () returned 0x3
[0154.443] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e22280 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0154.444] IsAppThemed () returned 0x1
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] IsAppThemed () returned 0x1
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] GetFocus () returned 0x602c4
[0154.444] IsAppThemed () returned 0x1
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] IsAppThemed () returned 0x1
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] GetThemeAppProperties () returned 0x3
[0154.444] IsThemePartDefined () returned 0x1
[0154.444] IsAppThemed () returned 0x1
[0154.444] GetThemeAppProperties () returned 0x3
[0154.445] GetThemeAppProperties () returned 0x3
[0154.445] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0154.445] IsAppThemed () returned 0x1
[0154.445] GetThemeAppProperties () returned 0x3
[0154.445] GetThemeAppProperties () returned 0x3
[0154.445] IsAppThemed () returned 0x1
[0154.445] GetThemeAppProperties () returned 0x3
[0154.445] GetThemeAppProperties () returned 0x3
[0154.445] IsThemePartDefined () returned 0x1
[0154.445] GdipCreateRegion (region=0xd7e508) returned 0x0
[0154.445] GdipGetClip (graphics=0x6643af8, region=0x6644e98) returned 0x0
[0154.445] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0154.445] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0154.445] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e520) returned 0x0
[0154.445] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0154.445] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eead0) returned 0x0
[0154.445] LocalFree (hMem=0x11eead0) returned 0x0
[0154.445] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0154.445] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0154.446] LocalFree (hMem=0x11ee788) returned 0x0
[0154.446] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0154.446] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6643af8, result=0xd7e548) returned 0x0
[0154.446] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6643af8, result=0xd7e538) returned 0x0
[0154.446] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6643af8, hRgn=0xd7e538) returned 0x0
[0154.446] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0154.446] GdipGetDC (graphics=0x6643af8, hdc=0xd7e550) returned 0x0
[0154.446] GetCurrentObject (hdc=0x7a0107d3, type=0x1) returned 0xb00017
[0154.446] GetCurrentObject (hdc=0x7a0107d3, type=0x2) returned 0x900010
[0154.446] GetCurrentObject (hdc=0x7a0107d3, type=0x7) returned 0x4a0507fe
[0154.446] GetCurrentObject (hdc=0x7a0107d3, type=0x6) returned 0x8a01c2
[0154.446] SaveDC (hdc=0x7a0107d3) returned 1
[0154.446] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x100407de
[0154.446] GetClipRgn (hdc=0x7a0107d3, hrgn=0x100407de) returned 0
[0154.446] SelectClipRgn (hdc=0x7a0107d3, hrgn=0x92040807) returned 2
[0154.447] DeleteObject (ho=0x100407de) returned 1
[0154.447] DeleteObject (ho=0x92040807) returned 1
[0154.447] OffsetViewportOrgEx (in: hdc=0x7a0107d3, x=0, y=0, lppt=0x2e22930 | out: lppt=0x2e22930) returned 1
[0154.447] DrawThemeParentBackground () returned 0x0
[0154.447] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0154.447] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0154.447] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0154.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0154.447] GetSystemMetrics (nIndex=42) returned 0
[0154.447] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0154.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0154.447] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0154.447] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0154.448] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0154.448] SelectPalette (hdc=0x7a0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0154.448] GdipCreateFromHDC (hdc=0x7a0107d3, graphics=0xd7dff8) returned 0x0
[0154.448] GdipSetPageUnit (graphics=0x6646cb8, unit=0x2) returned 0x0
[0154.448] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0154.448] GdipGetWorldTransform (graphics=0x6646cb8, matrix=0x6639120) returned 0x0
[0154.448] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7dfd0) returned 0x0
[0154.448] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0154.448] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0154.448] GdipGetClip (graphics=0x6646cb8, region=0x6644c58) returned 0x0
[0154.448] GdipIsInfiniteRegion (region=0x6644c58, graphics=0x6646cb8, result=0xd7dfc4) returned 0x0
[0154.448] GdipDeleteRegion (region=0x6644c58) returned 0x0
[0154.448] GdipSaveGraphics (graphics=0x6646cb8, state=0xd7dff0) returned 0x0
[0154.449] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0154.518] GdipFillRectangleI (graphics=0x6646cb8, brush=0x6639da8, x=0, y=0, width=801, height=453) returned 0x0
[0154.518] GdipDeleteBrush (brush=0x6639da8) returned 0x0
[0154.520] GdipDeleteGraphics (graphics=0x6646cb8) returned 0x0
[0154.520] SelectPalette (hdc=0x7a0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0154.520] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0154.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0154.521] GetSystemMetrics (nIndex=42) returned 0
[0154.521] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0154.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0154.521] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0154.521] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0154.521] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0154.521] SelectPalette (hdc=0x7a0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0154.521] GdipCreateFromHDC (hdc=0x7a0107d3, graphics=0xd7df98) returned 0x0
[0154.521] GdipSetPageUnit (graphics=0x6646cb8, unit=0x2) returned 0x0
[0154.521] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0154.521] GdipGetWorldTransform (graphics=0x6646cb8, matrix=0x66046e0) returned 0x0
[0154.521] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df70) returned 0x0
[0154.521] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0154.521] GdipCreateRegion (region=0xd7df58) returned 0x0
[0154.522] GdipGetClip (graphics=0x6646cb8, region=0x6644fb8) returned 0x0
[0154.522] GdipIsInfiniteRegion (region=0x6644fb8, graphics=0x6646cb8, result=0xd7df64) returned 0x0
[0154.522] GdipDeleteRegion (region=0x6644fb8) returned 0x0
[0154.522] GdipSaveGraphics (graphics=0x6646cb8, state=0xd7df90) returned 0x0
[0154.522] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0154.537] GdipFillRectangleI (graphics=0x6646cb8, brush=0x6639178, x=0, y=0, width=801, height=453) returned 0x0
[0154.537] GdipDeleteBrush (brush=0x6639178) returned 0x0
[0154.539] GdipRestoreGraphics (graphics=0x6646cb8, state=0xfd100dbd) returned 0x0
[0154.539] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0154.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0154.539] GetSystemMetrics (nIndex=42) returned 0
[0154.539] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0154.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0154.539] GdipDeleteGraphics (graphics=0x6646cb8) returned 0x0
[0154.539] SelectPalette (hdc=0x7a0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0154.540] RestoreDC (hdc=0x7a0107d3, nSavedDC=-1) returned 1
[0154.540] GdipReleaseDC (graphics=0x6643af8, hdc=0x7a0107d3) returned 0x0
[0154.540] IsAppThemed () returned 0x1
[0154.540] GetThemeAppProperties () returned 0x3
[0154.540] GetThemeAppProperties () returned 0x3
[0154.540] IsAppThemed () returned 0x1
[0154.540] GetThemeAppProperties () returned 0x3
[0154.540] GetThemeAppProperties () returned 0x3
[0154.540] IsThemePartDefined () returned 0x1
[0154.540] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0154.540] GdipGetClip (graphics=0x6643af8, region=0x6644598) returned 0x0
[0154.540] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0154.540] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0154.540] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e4a4) returned 0x0
[0154.540] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.540] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0154.541] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.541] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.541] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11ee9f0) returned 0x0
[0154.541] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.541] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0154.541] GdipIsInfiniteRegion (region=0x6644598, graphics=0x6643af8, result=0xd7e4cc) returned 0x0
[0154.541] GdipIsInfiniteRegion (region=0x6644598, graphics=0x6643af8, result=0xd7e4bc) returned 0x0
[0154.541] GdipGetRegionHRgn (region=0x6644598, graphics=0x6643af8, hRgn=0xd7e4bc) returned 0x0
[0154.541] GdipDeleteRegion (region=0x6644598) returned 0x0
[0154.541] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4d4) returned 0x0
[0154.541] GetCurrentObject (hdc=0x7a0107d3, type=0x1) returned 0xb00017
[0154.541] GetCurrentObject (hdc=0x7a0107d3, type=0x2) returned 0x900010
[0154.541] GetCurrentObject (hdc=0x7a0107d3, type=0x7) returned 0x4a0507fe
[0154.541] GetCurrentObject (hdc=0x7a0107d3, type=0x6) returned 0x8a01c2
[0154.541] SaveDC (hdc=0x7a0107d3) returned 1
[0154.541] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x93040807
[0154.542] GetClipRgn (hdc=0x7a0107d3, hrgn=0x93040807) returned 0
[0154.542] SelectClipRgn (hdc=0x7a0107d3, hrgn=0x120407de) returned 2
[0154.542] DeleteObject (ho=0x93040807) returned 1
[0154.542] DeleteObject (ho=0x120407de) returned 1
[0154.542] OffsetViewportOrgEx (in: hdc=0x7a0107d3, x=0, y=0, lppt=0x2e29180 | out: lppt=0x2e29180) returned 1
[0154.542] IsAppThemed () returned 0x1
[0154.542] GetThemeAppProperties () returned 0x3
[0154.542] GetThemeAppProperties () returned 0x3
[0154.542] DrawThemeBackground () returned 0x0
[0154.542] RestoreDC (hdc=0x7a0107d3, nSavedDC=-1) returned 1
[0154.542] GdipReleaseDC (graphics=0x6643af8, hdc=0x7a0107d3) returned 0x0
[0154.542] GdipCreateRegion (region=0xd7e490) returned 0x0
[0154.542] GdipGetClip (graphics=0x6643af8, region=0x6644b38) returned 0x0
[0154.542] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0154.542] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0154.543] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e4a8) returned 0x0
[0154.543] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.543] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0154.543] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.543] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0154.543] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0154.543] LocalFree (hMem=0x11ee9f0) returned 0x0
[0154.543] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0154.543] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x6643af8, result=0xd7e4d0) returned 0x0
[0154.543] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x6643af8, result=0xd7e4c0) returned 0x0
[0154.543] GdipGetRegionHRgn (region=0x6644b38, graphics=0x6643af8, hRgn=0xd7e4c0) returned 0x0
[0154.543] GdipDeleteRegion (region=0x6644b38) returned 0x0
[0154.543] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4d8) returned 0x0
[0154.543] GetCurrentObject (hdc=0x7a0107d3, type=0x1) returned 0xb00017
[0154.543] GetCurrentObject (hdc=0x7a0107d3, type=0x2) returned 0x900010
[0154.543] GetCurrentObject (hdc=0x7a0107d3, type=0x7) returned 0x4a0507fe
[0154.543] GetCurrentObject (hdc=0x7a0107d3, type=0x6) returned 0x8a01c2
[0154.544] SaveDC (hdc=0x7a0107d3) returned 1
[0154.544] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x130407de
[0154.544] GetClipRgn (hdc=0x7a0107d3, hrgn=0x130407de) returned 0
[0154.544] SelectClipRgn (hdc=0x7a0107d3, hrgn=0x94040807) returned 2
[0154.544] DeleteObject (ho=0x130407de) returned 1
[0154.544] DeleteObject (ho=0x94040807) returned 1
[0154.544] OffsetViewportOrgEx (in: hdc=0x7a0107d3, x=0, y=0, lppt=0x2e29454 | out: lppt=0x2e29454) returned 1
[0154.544] IsAppThemed () returned 0x1
[0154.544] GetThemeAppProperties () returned 0x3
[0154.544] GetThemeAppProperties () returned 0x3
[0154.544] GetThemeBackgroundContentRect () returned 0x0
[0154.544] RestoreDC (hdc=0x7a0107d3, nSavedDC=-1) returned 1
[0154.544] GdipReleaseDC (graphics=0x6643af8, hdc=0x7a0107d3) returned 0x0
[0154.544] GdipGetNearestColor (graphics=0x6643af8, argb=0xd7e5e4) returned 0x0
[0154.544] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0154.544] GdipFillRectangleI (graphics=0x6643af8, brush=0x6643500, x=4, y=4, width=67, height=15) returned 0x0
[0154.545] GdipDeleteBrush (brush=0x6643500) returned 0x0
[0154.545] IsAppThemed () returned 0x1
[0154.545] GetThemeAppProperties () returned 0x3
[0154.545] GetThemeAppProperties () returned 0x3
[0154.545] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e60c) returned 0x0
[0154.545] GdipGetDC (graphics=0x6643af8, hdc=0xd7e5f8) returned 0x0
[0154.545] GetCurrentObject (hdc=0x7a0107d3, type=0x1) returned 0xb00017
[0154.545] GetCurrentObject (hdc=0x7a0107d3, type=0x2) returned 0x900010
[0154.545] GetCurrentObject (hdc=0x7a0107d3, type=0x7) returned 0x4a0507fe
[0154.545] GetCurrentObject (hdc=0x7a0107d3, type=0x6) returned 0x8a01c2
[0154.545] SaveDC (hdc=0x7a0107d3) returned 1
[0154.545] GetTextAlign (hdc=0x7a0107d3) returned 0x0
[0154.545] GetTextColor (hdc=0x7a0107d3) returned 0x0
[0154.545] GetCurrentObject (hdc=0x7a0107d3, type=0x6) returned 0x8a01c2
[0154.545] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0154.546] SelectObject (hdc=0x7a0107d3, h=0x6d0a0520) returned 0x8a01c2
[0154.546] GetBkMode (hdc=0x7a0107d3) returned 2
[0154.546] SetBkMode (hdc=0x7a0107d3, mode=1) returned 2
[0154.546] DrawTextExW (in: hdc=0x7a0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e29818 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0154.546] DrawTextExW (in: hdc=0x7a0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e29818 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0154.547] RestoreDC (hdc=0x7a0107d3, nSavedDC=-1) returned 1
[0154.547] GdipReleaseDC (graphics=0x6643af8, hdc=0x7a0107d3) returned 0x0
[0154.547] GetFocus () returned 0x602c4
[0154.547] IsAppThemed () returned 0x1
[0154.547] GetThemeAppProperties () returned 0x3
[0154.547] GetThemeAppProperties () returned 0x3
[0154.547] GdipGetDC (graphics=0x6643af8, hdc=0xd7e7d8) returned 0x0
[0154.547] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x7a0107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0154.547] GdipReleaseDC (graphics=0x6643af8, hdc=0x7a0107d3) returned 0x0
[0154.547] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0154.547] SelectObject (hdc=0x7a0107d3, h=0x85000f) returned 0x4a0507fe
[0154.547] DeleteDC (hdc=0x7a0107d3) returned 1
[0154.547] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0154.548] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0154.548] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.548] IsWindowUnicode (hWnd=0x7005c) returned 1
[0154.548] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.548] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.548] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.548] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.548] IsWindowUnicode (hWnd=0x7005c) returned 1
[0154.548] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.548] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.548] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x111025b) returned 0x0
[0154.548] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.549] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.549] WaitMessage () returned 1
[0154.598] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.598] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.598] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.598] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.598] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.599] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.599] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.599] WaitMessage () returned 1
[0154.600] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.600] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.600] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.600] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.600] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.601] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.601] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.601] WaitMessage () returned 1
[0154.602] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.602] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.602] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.602] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.602] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.604] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.604] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.604] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.604] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.604] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.604] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.605] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.605] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.605] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.605] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.605] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.605] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.605] WaitMessage () returned 1
[0154.606] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.606] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.606] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.606] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.606] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.613] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.614] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.614] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.614] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.614] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.614] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.614] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.614] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.614] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.614] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.614] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.615] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.615] WaitMessage () returned 1
[0154.617] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.617] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.617] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.617] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.617] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.619] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.619] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.619] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.619] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.619] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.619] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.619] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.619] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.619] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.620] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.620] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.620] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.620] WaitMessage () returned 1
[0154.620] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.621] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.621] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.621] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.621] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.623] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.623] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.623] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.623] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.624] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.624] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.624] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.624] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.624] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.626] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.626] WaitMessage () returned 1
[0154.627] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.628] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.628] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.628] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.628] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.629] WaitMessage () returned 1
[0154.630] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.630] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.630] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.630] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.630] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.631] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.631] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.631] WaitMessage () returned 1
[0154.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.632] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.633] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.633] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.633] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.634] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.634] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.634] WaitMessage () returned 1
[0154.634] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.634] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.634] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.634] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.634] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.636] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.636] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.636] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.636] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.636] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.636] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.636] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.636] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.637] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.637] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.637] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.637] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.637] WaitMessage () returned 1
[0154.644] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.644] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.644] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.644] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.644] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.646] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.646] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.646] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.646] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.646] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.646] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.646] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.646] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.647] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.647] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.647] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.647] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.647] WaitMessage () returned 1
[0154.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.648] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.648] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.648] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.648] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.649] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.649] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.650] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.650] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.650] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.650] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.650] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.650] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.650] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.651] WaitMessage () returned 1
[0154.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.651] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.651] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.651] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.651] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.653] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.656] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.656] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.656] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.656] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.656] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.656] IsWindowUnicode (hWnd=0x30122) returned 1
[0154.656] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.656] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.657] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.657] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.657] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.657] WaitMessage () returned 1
[0154.700] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.701] IsWindowUnicode (hWnd=0x502c6) returned 1
[0154.701] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0154.701] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0154.701] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0154.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0154.701] WaitMessage () returned 1
[0155.875] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0155.875] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fe) returned 0x1
[0155.875] IsWindowUnicode (hWnd=0x602c4) returned 1
[0155.875] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0155.875] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0155.875] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0155.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0155.875] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0155.875] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fe) returned 0x1
[0155.875] IsWindowUnicode (hWnd=0x602c4) returned 1
[0155.875] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0155.875] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fe) returned 0x1
[0155.876] SetCursor (hCursor=0x10003) returned 0x10003
[0155.876] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0155.876] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0155.876] _TrackMouseEvent (in: lpEventTrack=0x2ccbf0c | out: lpEventTrack=0x2ccbf0c) returned 1
[0155.876] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0155.876] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0155.877] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0155.877] GetKeyState (nVirtKey=1) returned 1
[0155.877] GetKeyState (nVirtKey=2) returned 0
[0155.877] GetKeyState (nVirtKey=4) returned 0
[0155.877] GetKeyState (nVirtKey=5) returned 0
[0155.877] GetKeyState (nVirtKey=6) returned 0
[0155.877] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0155.877] IsWindowUnicode (hWnd=0x602c4) returned 1
[0155.877] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0155.877] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0155.877] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0155.877] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0155.877] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0155.877] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa80107f4
[0155.877] SelectObject (hdc=0xa80107f4, h=0x4a0507fe) returned 0x85000f
[0155.878] GdipCreateFromHDC (hdc=0xa80107f4, graphics=0xd7e798) returned 0x0
[0155.878] GdipTranslateWorldTransform (graphics=0x6643af8, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0155.878] GdipSetClipRectI (graphics=0x6643af8, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0155.878] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0155.878] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x6639120) returned 0x0
[0155.878] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7e7f8) returned 0x0
[0155.878] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0155.878] GdipGetMatrixElements (matrix=0x6639120, matrixOut=0x11eec58) returned 0x0
[0155.878] LocalFree (hMem=0x11eec58) returned 0x0
[0155.878] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0155.878] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0155.878] GdipGetClip (graphics=0x6643af8, region=0x6644e98) returned 0x0
[0155.878] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6643af8, result=0xd7e7ec) returned 0x0
[0155.878] GdipSaveGraphics (graphics=0x6643af8, state=0xd7e818) returned 0x0
[0155.878] GdipRestoreGraphics (graphics=0x6643af8, state=0xfd0e0dbd) returned 0x0
[0155.878] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0155.879] GdipGetDC (graphics=0x6643af8, hdc=0xd7e5f8) returned 0x0
[0155.879] GetCurrentObject (hdc=0xa80107f4, type=0x1) returned 0xb00017
[0155.879] GetCurrentObject (hdc=0xa80107f4, type=0x2) returned 0x900010
[0155.879] GetCurrentObject (hdc=0xa80107f4, type=0x7) returned 0x4a0507fe
[0155.879] GetCurrentObject (hdc=0xa80107f4, type=0x6) returned 0x8a01c2
[0155.879] SaveDC (hdc=0xa80107f4) returned 1
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0xff) returned 0xff
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0x55) returned 0x55
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0x0) returned 0x0
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0x55) returned 0x55
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0x0) returned 0x0
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0x8080ff) returned 0x8080ff
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0x7373e5) returned 0x7373e5
[0155.879] GetNearestColor (hdc=0xa80107f4, color=0xe5) returned 0xe5
[0155.880] GetNearestColor (hdc=0xa80107f4, color=0x0) returned 0x0
[0155.880] RestoreDC (hdc=0xa80107f4, nSavedDC=-1) returned 1
[0155.880] GdipReleaseDC (graphics=0x6643af8, hdc=0xa80107f4) returned 0x0
[0155.880] IsAppThemed () returned 0x1
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] IsAppThemed () returned 0x1
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e2a23c | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0155.880] IsAppThemed () returned 0x1
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] IsAppThemed () returned 0x1
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] GetThemeAppProperties () returned 0x3
[0155.880] IsAppThemed () returned 0x1
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] IsAppThemed () returned 0x1
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] IsThemePartDefined () returned 0x1
[0155.881] IsAppThemed () returned 0x1
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0155.881] IsAppThemed () returned 0x1
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] IsAppThemed () returned 0x1
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] GetThemeAppProperties () returned 0x3
[0155.881] IsThemePartDefined () returned 0x1
[0155.881] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0155.881] GdipGetClip (graphics=0x6643af8, region=0x6644ce8) returned 0x0
[0155.881] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0155.881] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0155.881] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e514) returned 0x0
[0155.881] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0155.881] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0155.882] LocalFree (hMem=0x11ee8d8) returned 0x0
[0155.882] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0155.882] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0155.882] LocalFree (hMem=0x11eec58) returned 0x0
[0155.882] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0155.882] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6643af8, result=0xd7e53c) returned 0x0
[0155.882] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6643af8, result=0xd7e52c) returned 0x0
[0155.882] GdipGetRegionHRgn (region=0x6644ce8, graphics=0x6643af8, hRgn=0xd7e52c) returned 0x0
[0155.882] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0155.882] GdipGetDC (graphics=0x6643af8, hdc=0xd7e544) returned 0x0
[0155.882] GetCurrentObject (hdc=0xa80107f4, type=0x1) returned 0xb00017
[0155.882] GetCurrentObject (hdc=0xa80107f4, type=0x2) returned 0x900010
[0155.882] GetCurrentObject (hdc=0xa80107f4, type=0x7) returned 0x4a0507fe
[0155.882] GetCurrentObject (hdc=0xa80107f4, type=0x6) returned 0x8a01c2
[0155.882] SaveDC (hdc=0xa80107f4) returned 1
[0155.882] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x95040807
[0155.882] GetClipRgn (hdc=0xa80107f4, hrgn=0x95040807) returned 0
[0155.882] SelectClipRgn (hdc=0xa80107f4, hrgn=0x170407de) returned 2
[0155.882] DeleteObject (ho=0x95040807) returned 1
[0155.882] DeleteObject (ho=0x170407de) returned 1
[0155.883] OffsetViewportOrgEx (in: hdc=0xa80107f4, x=0, y=0, lppt=0x2e2a8ec | out: lppt=0x2e2a8ec) returned 1
[0155.883] DrawThemeParentBackground () returned 0x0
[0155.883] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0155.883] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0155.883] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0155.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0155.883] GetSystemMetrics (nIndex=42) returned 0
[0155.883] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0155.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0155.883] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0155.883] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0155.883] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0155.883] SelectPalette (hdc=0xa80107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0155.883] GdipCreateFromHDC (hdc=0xa80107f4, graphics=0xd7dff0) returned 0x0
[0155.884] GdipSetPageUnit (graphics=0x6646cb8, unit=0x2) returned 0x0
[0155.884] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0155.884] GdipGetWorldTransform (graphics=0x6646cb8, matrix=0x6639120) returned 0x0
[0155.884] GdipIsMatrixIdentity (matrix=0x6639120, result=0xd7dfc8) returned 0x0
[0155.884] GdipDeleteMatrix (matrix=0x6639120) returned 0x0
[0155.884] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0155.884] GdipGetClip (graphics=0x6646cb8, region=0x66441a8) returned 0x0
[0155.884] GdipIsInfiniteRegion (region=0x66441a8, graphics=0x6646cb8, result=0xd7dfbc) returned 0x0
[0155.884] GdipDeleteRegion (region=0x66441a8) returned 0x0
[0155.884] GdipSaveGraphics (graphics=0x6646cb8, state=0xd7dfe8) returned 0x0
[0155.884] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0156.663] GdipFillRectangleI (graphics=0x6646cb8, brush=0x6639c70, x=0, y=0, width=801, height=453) returned 0x0
[0156.663] GdipDeleteBrush (brush=0x6639c70) returned 0x0
[0156.664] GdipDeleteGraphics (graphics=0x6646cb8) returned 0x0
[0156.664] SelectPalette (hdc=0xa80107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.664] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0156.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0156.665] GetSystemMetrics (nIndex=42) returned 0
[0156.665] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0156.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0156.665] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0156.665] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0156.665] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0156.665] SelectPalette (hdc=0xa80107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0156.665] GdipCreateFromHDC (hdc=0xa80107f4, graphics=0xd7df90) returned 0x0
[0156.665] GdipSetPageUnit (graphics=0x6646cb8, unit=0x2) returned 0x0
[0156.665] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0156.665] GdipGetWorldTransform (graphics=0x6646cb8, matrix=0x66046e0) returned 0x0
[0156.665] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df68) returned 0x0
[0156.665] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0156.665] GdipCreateRegion (region=0xd7df50) returned 0x0
[0156.665] GdipGetClip (graphics=0x6646cb8, region=0x6644508) returned 0x0
[0156.665] GdipIsInfiniteRegion (region=0x6644508, graphics=0x6646cb8, result=0xd7df5c) returned 0x0
[0156.665] GdipDeleteRegion (region=0x6644508) returned 0x0
[0156.665] GdipSaveGraphics (graphics=0x6646cb8, state=0xd7df88) returned 0x0
[0156.665] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0156.703] GdipFillRectangleI (graphics=0x6646cb8, brush=0x6639c70, x=0, y=0, width=801, height=453) returned 0x0
[0156.703] GdipDeleteBrush (brush=0x6639c70) returned 0x0
[0156.704] GdipRestoreGraphics (graphics=0x6646cb8, state=0xfd0a0dbd) returned 0x0
[0156.704] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0156.704] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0156.704] GetSystemMetrics (nIndex=42) returned 0
[0156.704] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0156.704] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0156.704] GdipDeleteGraphics (graphics=0x6646cb8) returned 0x0
[0156.704] SelectPalette (hdc=0xa80107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.705] RestoreDC (hdc=0xa80107f4, nSavedDC=-1) returned 1
[0156.705] GdipReleaseDC (graphics=0x6643af8, hdc=0xa80107f4) returned 0x0
[0156.705] IsAppThemed () returned 0x1
[0156.705] GetThemeAppProperties () returned 0x3
[0156.705] GetThemeAppProperties () returned 0x3
[0156.705] IsAppThemed () returned 0x1
[0156.705] GetThemeAppProperties () returned 0x3
[0156.705] GetThemeAppProperties () returned 0x3
[0156.705] IsThemePartDefined () returned 0x1
[0156.705] GdipCreateRegion (region=0xd7e480) returned 0x0
[0156.705] GdipGetClip (graphics=0x6643af8, region=0x66442c8) returned 0x0
[0156.705] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0156.705] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x661c480) returned 0x0
[0156.705] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e498) returned 0x0
[0156.705] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0156.705] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee788) returned 0x0
[0156.705] LocalFree (hMem=0x11ee788) returned 0x0
[0156.705] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0156.705] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0156.705] LocalFree (hMem=0x11ee9f0) returned 0x0
[0156.705] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0156.705] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6643af8, result=0xd7e4c0) returned 0x0
[0156.706] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6643af8, result=0xd7e4b0) returned 0x0
[0156.706] GdipGetRegionHRgn (region=0x66442c8, graphics=0x6643af8, hRgn=0xd7e4b0) returned 0x0
[0156.706] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0156.706] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4c8) returned 0x0
[0156.706] GetCurrentObject (hdc=0xa80107f4, type=0x1) returned 0xb00017
[0156.706] GetCurrentObject (hdc=0xa80107f4, type=0x2) returned 0x900010
[0156.706] GetCurrentObject (hdc=0xa80107f4, type=0x7) returned 0x4a0507fe
[0156.706] GetCurrentObject (hdc=0xa80107f4, type=0x6) returned 0x8a01c2
[0156.706] SaveDC (hdc=0xa80107f4) returned 1
[0156.706] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x180407de
[0156.706] GetClipRgn (hdc=0xa80107f4, hrgn=0x180407de) returned 0
[0156.706] SelectClipRgn (hdc=0xa80107f4, hrgn=0x97040807) returned 2
[0156.706] DeleteObject (ho=0x180407de) returned 1
[0156.706] DeleteObject (ho=0x97040807) returned 1
[0156.706] OffsetViewportOrgEx (in: hdc=0xa80107f4, x=0, y=0, lppt=0x2c52094 | out: lppt=0x2c52094) returned 1
[0156.706] IsAppThemed () returned 0x1
[0156.706] GetThemeAppProperties () returned 0x3
[0156.706] GetThemeAppProperties () returned 0x3
[0156.706] DrawThemeBackground () returned 0x0
[0156.706] RestoreDC (hdc=0xa80107f4, nSavedDC=-1) returned 1
[0156.706] GdipReleaseDC (graphics=0x6643af8, hdc=0xa80107f4) returned 0x0
[0156.706] GdipCreateRegion (region=0xd7e484) returned 0x0
[0156.707] GdipGetClip (graphics=0x6643af8, region=0x6644a18) returned 0x0
[0156.707] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0156.707] GdipGetWorldTransform (graphics=0x6643af8, matrix=0x66046e0) returned 0x0
[0156.707] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e49c) returned 0x0
[0156.707] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0156.707] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0156.707] LocalFree (hMem=0x11ee9f0) returned 0x0
[0156.707] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0156.707] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee868) returned 0x0
[0156.707] LocalFree (hMem=0x11ee868) returned 0x0
[0156.707] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0156.707] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6643af8, result=0xd7e4c4) returned 0x0
[0156.707] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6643af8, result=0xd7e4b4) returned 0x0
[0156.707] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6643af8, hRgn=0xd7e4b4) returned 0x0
[0156.707] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0156.707] GdipGetDC (graphics=0x6643af8, hdc=0xd7e4cc) returned 0x0
[0156.707] GetCurrentObject (hdc=0xa80107f4, type=0x1) returned 0xb00017
[0156.707] GetCurrentObject (hdc=0xa80107f4, type=0x2) returned 0x900010
[0156.707] GetCurrentObject (hdc=0xa80107f4, type=0x7) returned 0x4a0507fe
[0156.707] GetCurrentObject (hdc=0xa80107f4, type=0x6) returned 0x8a01c2
[0156.707] SaveDC (hdc=0xa80107f4) returned 1
[0156.707] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x98040807
[0156.707] GetClipRgn (hdc=0xa80107f4, hrgn=0x98040807) returned 0
[0156.708] SelectClipRgn (hdc=0xa80107f4, hrgn=0x190407de) returned 2
[0156.708] DeleteObject (ho=0x98040807) returned 1
[0156.708] DeleteObject (ho=0x190407de) returned 1
[0156.708] OffsetViewportOrgEx (in: hdc=0xa80107f4, x=0, y=0, lppt=0x2c52368 | out: lppt=0x2c52368) returned 1
[0156.708] IsAppThemed () returned 0x1
[0156.708] GetThemeAppProperties () returned 0x3
[0156.708] GetThemeAppProperties () returned 0x3
[0156.708] GetThemeBackgroundContentRect () returned 0x0
[0156.708] RestoreDC (hdc=0xa80107f4, nSavedDC=-1) returned 1
[0156.708] GdipReleaseDC (graphics=0x6643af8, hdc=0xa80107f4) returned 0x0
[0156.708] GdipGetNearestColor (graphics=0x6643af8, argb=0xd7e5d8) returned 0x0
[0156.708] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0156.708] GdipFillRectangleI (graphics=0x6643af8, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0156.708] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0156.708] IsAppThemed () returned 0x1
[0156.708] GetThemeAppProperties () returned 0x3
[0156.708] GetThemeAppProperties () returned 0x3
[0156.708] GdipGetTextRenderingHint (graphics=0x6643af8, mode=0xd7e600) returned 0x0
[0156.708] GdipGetDC (graphics=0x6643af8, hdc=0xd7e5ec) returned 0x0
[0156.708] GetCurrentObject (hdc=0xa80107f4, type=0x1) returned 0xb00017
[0156.708] GetCurrentObject (hdc=0xa80107f4, type=0x2) returned 0x900010
[0156.708] GetCurrentObject (hdc=0xa80107f4, type=0x7) returned 0x4a0507fe
[0156.708] GetCurrentObject (hdc=0xa80107f4, type=0x6) returned 0x8a01c2
[0156.709] SaveDC (hdc=0xa80107f4) returned 1
[0156.709] GetTextAlign (hdc=0xa80107f4) returned 0x0
[0156.709] GetTextColor (hdc=0xa80107f4) returned 0x0
[0156.709] GetCurrentObject (hdc=0xa80107f4, type=0x6) returned 0x8a01c2
[0156.709] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0156.709] SelectObject (hdc=0xa80107f4, h=0x6d0a0520) returned 0x8a01c2
[0156.709] GetBkMode (hdc=0xa80107f4) returned 2
[0156.709] SetBkMode (hdc=0xa80107f4, mode=1) returned 2
[0156.709] DrawTextExW (in: hdc=0xa80107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2c5272c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0156.709] DrawTextExW (in: hdc=0xa80107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2c5272c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0156.710] RestoreDC (hdc=0xa80107f4, nSavedDC=-1) returned 1
[0156.710] GdipReleaseDC (graphics=0x6643af8, hdc=0xa80107f4) returned 0x0
[0156.710] GetFocus () returned 0x602c4
[0156.710] IsAppThemed () returned 0x1
[0156.710] GetThemeAppProperties () returned 0x3
[0156.710] GetThemeAppProperties () returned 0x3
[0156.710] GdipGetDC (graphics=0x6643af8, hdc=0xd7e7d8) returned 0x0
[0156.710] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xa80107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0156.710] GdipReleaseDC (graphics=0x6643af8, hdc=0xa80107f4) returned 0x0
[0156.710] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.710] SelectObject (hdc=0xa80107f4, h=0x85000f) returned 0x4a0507fe
[0156.710] DeleteDC (hdc=0xa80107f4) returned 1
[0156.711] GdipDeleteGraphics (graphics=0x6643af8) returned 0x0
[0156.711] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0156.711] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0156.711] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fe) returned 0x1
[0156.711] IsWindowUnicode (hWnd=0x602c4) returned 1
[0156.711] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0156.711] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fe) returned 0x1
[0156.711] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0156.711] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0040) returned 0x0
[0156.711] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0156.711] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0156.711] SetCursor (hCursor=0x10003) returned 0x10003
[0156.712] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0156.712] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0156.712] GetKeyState (nVirtKey=1) returned -128
[0156.712] GetKeyState (nVirtKey=2) returned 0
[0156.712] GetKeyState (nVirtKey=4) returned 0
[0156.712] GetKeyState (nVirtKey=5) returned 0
[0156.712] GetKeyState (nVirtKey=6) returned 0
[0156.712] IsWindowVisible (hWnd=0x602c4) returned 1
[0156.712] IsWindowEnabled (hWnd=0x602c4) returned 1
[0156.712] SetFocus (hWnd=0x602c4) returned 0x602c4
[0156.712] GetFocus () returned 0x602c4
[0156.712] GetFocus () returned 0x602c4
[0156.712] GetFocus () returned 0x602c4
[0156.712] GetKeyState (nVirtKey=1) returned -128
[0156.712] GetKeyState (nVirtKey=2) returned 0
[0156.712] GetKeyState (nVirtKey=4) returned 0
[0156.712] GetKeyState (nVirtKey=5) returned 0
[0156.712] GetKeyState (nVirtKey=6) returned 0
[0156.712] GetCapture () returned 0x0
[0156.712] SetCapture (hWnd=0x602c4) returned 0x0
[0156.712] GetKeyState (nVirtKey=1) returned -128
[0156.712] GetKeyState (nVirtKey=2) returned 0
[0156.712] GetKeyState (nVirtKey=4) returned 0
[0156.712] GetKeyState (nVirtKey=5) returned 0
[0156.712] GetKeyState (nVirtKey=6) returned 0
[0156.713] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0156.713] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0156.713] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0156.713] IsWindowUnicode (hWnd=0x602c4) returned 1
[0156.713] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0156.713] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0156.713] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0156.713] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2c52868, cPoints=0x1 | out: lpPoints=0x2c52868) returned 40304859
[0156.713] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0156.713] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0156.713] UpdateWindow (hWnd=0x602c4) returned 1
[0156.713] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0156.713] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0156.713] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa90107f4
[0156.713] SelectObject (hdc=0xa90107f4, h=0x4a0507fe) returned 0x85000f
[0156.713] GdipCreateFromHDC (hdc=0xa90107f4, graphics=0xd7e430) returned 0x0
[0156.714] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0156.714] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0156.714] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0156.714] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0156.714] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e490) returned 0x0
[0156.714] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0156.714] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee788) returned 0x0
[0156.714] LocalFree (hMem=0x11ee788) returned 0x0
[0156.714] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0156.714] GdipCreateRegion (region=0xd7e478) returned 0x0
[0156.714] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0156.714] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0156.714] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0156.714] GdipRestoreGraphics (graphics=0x6600030, state=0xfd080dbd) returned 0x0
[0156.714] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0156.714] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0156.714] GetCurrentObject (hdc=0xa90107f4, type=0x1) returned 0xb00017
[0156.714] GetCurrentObject (hdc=0xa90107f4, type=0x2) returned 0x900010
[0156.714] GetCurrentObject (hdc=0xa90107f4, type=0x7) returned 0x4a0507fe
[0156.714] GetCurrentObject (hdc=0xa90107f4, type=0x6) returned 0x8a01c2
[0156.715] SaveDC (hdc=0xa90107f4) returned 1
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0xff) returned 0xff
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0x55) returned 0x55
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0x0) returned 0x0
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0x55) returned 0x55
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0x0) returned 0x0
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0x8080ff) returned 0x8080ff
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0x7373e5) returned 0x7373e5
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0xe5) returned 0xe5
[0156.715] GetNearestColor (hdc=0xa90107f4, color=0x0) returned 0x0
[0156.715] RestoreDC (hdc=0xa90107f4, nSavedDC=-1) returned 1
[0156.715] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107f4) returned 0x0
[0156.715] IsAppThemed () returned 0x1
[0156.715] GetThemeAppProperties () returned 0x3
[0156.715] GetThemeAppProperties () returned 0x3
[0156.715] IsAppThemed () returned 0x1
[0156.715] GetThemeAppProperties () returned 0x3
[0156.715] GetThemeAppProperties () returned 0x3
[0156.716] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2c52f84 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0156.716] IsAppThemed () returned 0x1
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] IsAppThemed () returned 0x1
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] IsAppThemed () returned 0x1
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] IsAppThemed () returned 0x1
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] IsThemePartDefined () returned 0x1
[0156.716] IsAppThemed () returned 0x1
[0156.716] GetThemeAppProperties () returned 0x3
[0156.716] GetThemeAppProperties () returned 0x3
[0156.717] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0156.717] IsAppThemed () returned 0x1
[0156.717] GetThemeAppProperties () returned 0x3
[0156.717] GetThemeAppProperties () returned 0x3
[0156.717] IsAppThemed () returned 0x1
[0156.717] GetThemeAppProperties () returned 0x3
[0156.717] GetThemeAppProperties () returned 0x3
[0156.717] IsThemePartDefined () returned 0x1
[0156.717] GdipCreateRegion (region=0xd7e194) returned 0x0
[0156.717] GdipGetClip (graphics=0x6600030, region=0x66448f8) returned 0x0
[0156.717] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0156.717] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0156.717] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e1ac) returned 0x0
[0156.717] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0156.717] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0156.717] LocalFree (hMem=0x11eec58) returned 0x0
[0156.717] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0156.717] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0156.717] LocalFree (hMem=0x11ee788) returned 0x0
[0156.717] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0156.717] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0156.718] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0156.718] GdipGetRegionHRgn (region=0x66448f8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0156.718] GdipDeleteRegion (region=0x66448f8) returned 0x0
[0156.718] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0156.718] GetCurrentObject (hdc=0xa90107f4, type=0x1) returned 0xb00017
[0156.718] GetCurrentObject (hdc=0xa90107f4, type=0x2) returned 0x900010
[0156.718] GetCurrentObject (hdc=0xa90107f4, type=0x7) returned 0x4a0507fe
[0156.718] GetCurrentObject (hdc=0xa90107f4, type=0x6) returned 0x8a01c2
[0156.718] SaveDC (hdc=0xa90107f4) returned 1
[0156.718] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a0407de
[0156.718] GetClipRgn (hdc=0xa90107f4, hrgn=0x1a0407de) returned 0
[0156.718] SelectClipRgn (hdc=0xa90107f4, hrgn=0x9c040807) returned 2
[0156.718] DeleteObject (ho=0x1a0407de) returned 1
[0156.718] DeleteObject (ho=0x9c040807) returned 1
[0156.718] OffsetViewportOrgEx (in: hdc=0xa90107f4, x=0, y=0, lppt=0x2c53634 | out: lppt=0x2c53634) returned 1
[0156.718] DrawThemeParentBackground () returned 0x0
[0156.718] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0156.719] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0156.719] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0156.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0156.719] GetSystemMetrics (nIndex=42) returned 0
[0156.719] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0156.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0156.719] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0156.719] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0156.719] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0156.719] SelectPalette (hdc=0xa90107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0156.719] GdipCreateFromHDC (hdc=0xa90107f4, graphics=0xd7dc88) returned 0x0
[0156.719] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0156.719] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0156.719] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x661c480) returned 0x0
[0156.719] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7dc60) returned 0x0
[0156.719] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0156.719] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0156.719] GdipGetClip (graphics=0x6635e20, region=0x6644d78) returned 0x0
[0156.719] GdipIsInfiniteRegion (region=0x6644d78, graphics=0x6635e20, result=0xd7dc54) returned 0x0
[0156.719] GdipDeleteRegion (region=0x6644d78) returned 0x0
[0156.720] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc80) returned 0x0
[0156.720] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0156.728] GdipFillRectangleI (graphics=0x6635e20, brush=0x6639a00, x=0, y=0, width=801, height=453) returned 0x0
[0156.728] GdipDeleteBrush (brush=0x6639a00) returned 0x0
[0156.729] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0156.729] SelectPalette (hdc=0xa90107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.729] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0156.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0156.729] GetSystemMetrics (nIndex=42) returned 0
[0156.729] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0156.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0156.730] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0156.730] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0156.730] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0156.730] SelectPalette (hdc=0xa90107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0156.730] GdipCreateFromHDC (hdc=0xa90107f4, graphics=0xd7dc28) returned 0x0
[0156.730] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0156.730] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0156.730] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x66046e0) returned 0x0
[0156.730] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc00) returned 0x0
[0156.730] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0156.730] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0156.730] GdipGetClip (graphics=0x6635e20, region=0x6644c58) returned 0x0
[0156.730] GdipIsInfiniteRegion (region=0x6644c58, graphics=0x6635e20, result=0xd7dbf4) returned 0x0
[0156.730] GdipDeleteRegion (region=0x6644c58) returned 0x0
[0156.730] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc20) returned 0x0
[0156.730] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0156.738] GdipFillRectangleI (graphics=0x6635e20, brush=0x6639da8, x=0, y=0, width=801, height=453) returned 0x0
[0156.738] GdipDeleteBrush (brush=0x6639da8) returned 0x0
[0156.740] GdipRestoreGraphics (graphics=0x6635e20, state=0xfd040dbd) returned 0x0
[0156.740] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0156.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0156.740] GetSystemMetrics (nIndex=42) returned 0
[0156.740] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0156.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0156.740] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0156.740] SelectPalette (hdc=0xa90107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.740] RestoreDC (hdc=0xa90107f4, nSavedDC=-1) returned 1
[0156.740] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107f4) returned 0x0
[0156.740] IsAppThemed () returned 0x1
[0156.740] GetThemeAppProperties () returned 0x3
[0156.740] GetThemeAppProperties () returned 0x3
[0156.740] IsAppThemed () returned 0x1
[0156.741] GetThemeAppProperties () returned 0x3
[0156.741] GetThemeAppProperties () returned 0x3
[0156.741] IsThemePartDefined () returned 0x1
[0156.741] GdipCreateRegion (region=0xd7e118) returned 0x0
[0156.741] GdipGetClip (graphics=0x6600030, region=0x6644748) returned 0x0
[0156.741] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0156.741] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0156.741] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e130) returned 0x0
[0156.741] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0156.741] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee868) returned 0x0
[0156.741] LocalFree (hMem=0x11ee868) returned 0x0
[0156.741] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0156.741] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eec58) returned 0x0
[0156.741] LocalFree (hMem=0x11eec58) returned 0x0
[0156.741] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0156.741] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6600030, result=0xd7e158) returned 0x0
[0156.741] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6600030, result=0xd7e148) returned 0x0
[0156.741] GdipGetRegionHRgn (region=0x6644748, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0156.741] GdipDeleteRegion (region=0x6644748) returned 0x0
[0156.741] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0156.741] GetCurrentObject (hdc=0xa90107f4, type=0x1) returned 0xb00017
[0156.742] GetCurrentObject (hdc=0xa90107f4, type=0x2) returned 0x900010
[0156.742] GetCurrentObject (hdc=0xa90107f4, type=0x7) returned 0x4a0507fe
[0156.742] GetCurrentObject (hdc=0xa90107f4, type=0x6) returned 0x8a01c2
[0156.742] SaveDC (hdc=0xa90107f4) returned 1
[0156.742] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9d040807
[0156.742] GetClipRgn (hdc=0xa90107f4, hrgn=0x9d040807) returned 0
[0156.742] SelectClipRgn (hdc=0xa90107f4, hrgn=0x1c0407de) returned 2
[0156.742] DeleteObject (ho=0x9d040807) returned 1
[0156.742] DeleteObject (ho=0x1c0407de) returned 1
[0156.742] OffsetViewportOrgEx (in: hdc=0xa90107f4, x=0, y=0, lppt=0x2c59e84 | out: lppt=0x2c59e84) returned 1
[0156.742] IsAppThemed () returned 0x1
[0156.742] GetThemeAppProperties () returned 0x3
[0156.742] GetThemeAppProperties () returned 0x3
[0156.742] DrawThemeBackground () returned 0x0
[0156.742] RestoreDC (hdc=0xa90107f4, nSavedDC=-1) returned 1
[0156.742] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107f4) returned 0x0
[0156.742] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0156.742] GdipGetClip (graphics=0x6600030, region=0x6644748) returned 0x0
[0156.742] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0156.743] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0156.743] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e134) returned 0x0
[0156.743] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0156.743] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0156.743] LocalFree (hMem=0x11ee8d8) returned 0x0
[0156.743] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0156.743] LocalFree (hMem=0x11eecc8) returned 0x0
[0156.743] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0156.743] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0156.743] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0156.743] GdipGetRegionHRgn (region=0x6644748, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0156.743] GdipDeleteRegion (region=0x6644748) returned 0x0
[0156.743] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0156.743] GetCurrentObject (hdc=0xa90107f4, type=0x1) returned 0xb00017
[0156.743] GetCurrentObject (hdc=0xa90107f4, type=0x2) returned 0x900010
[0156.743] GetCurrentObject (hdc=0xa90107f4, type=0x7) returned 0x4a0507fe
[0156.743] GetCurrentObject (hdc=0xa90107f4, type=0x6) returned 0x8a01c2
[0156.743] SaveDC (hdc=0xa90107f4) returned 1
[0156.743] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1d0407de
[0156.743] GetClipRgn (hdc=0xa90107f4, hrgn=0x1d0407de) returned 0
[0156.743] SelectClipRgn (hdc=0xa90107f4, hrgn=0x9e040807) returned 2
[0156.743] DeleteObject (ho=0x1d0407de) returned 1
[0156.743] DeleteObject (ho=0x9e040807) returned 1
[0156.744] OffsetViewportOrgEx (in: hdc=0xa90107f4, x=0, y=0, lppt=0x2c5a158 | out: lppt=0x2c5a158) returned 1
[0156.744] IsAppThemed () returned 0x1
[0156.744] GetThemeAppProperties () returned 0x3
[0156.744] GetThemeAppProperties () returned 0x3
[0156.744] GetThemeBackgroundContentRect () returned 0x0
[0156.744] RestoreDC (hdc=0xa90107f4, nSavedDC=-1) returned 1
[0156.744] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107f4) returned 0x0
[0156.744] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0156.744] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0156.744] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffb50, x=4, y=4, width=67, height=15) returned 0x0
[0156.744] GdipDeleteBrush (brush=0x65ffb50) returned 0x0
[0156.744] IsAppThemed () returned 0x1
[0156.744] GetThemeAppProperties () returned 0x3
[0156.744] GetThemeAppProperties () returned 0x3
[0156.744] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0156.744] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0156.744] GetCurrentObject (hdc=0xa90107f4, type=0x1) returned 0xb00017
[0156.744] GetCurrentObject (hdc=0xa90107f4, type=0x2) returned 0x900010
[0156.744] GetCurrentObject (hdc=0xa90107f4, type=0x7) returned 0x4a0507fe
[0156.744] GetCurrentObject (hdc=0xa90107f4, type=0x6) returned 0x8a01c2
[0156.744] SaveDC (hdc=0xa90107f4) returned 1
[0156.744] GetTextAlign (hdc=0xa90107f4) returned 0x0
[0156.744] GetTextColor (hdc=0xa90107f4) returned 0x0
[0156.744] GetCurrentObject (hdc=0xa90107f4, type=0x6) returned 0x8a01c2
[0156.745] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0156.745] SelectObject (hdc=0xa90107f4, h=0x6d0a0520) returned 0x8a01c2
[0156.745] GetBkMode (hdc=0xa90107f4) returned 2
[0156.745] SetBkMode (hdc=0xa90107f4, mode=1) returned 2
[0156.745] DrawTextExW (in: hdc=0xa90107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2c5a51c | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0156.745] DrawTextExW (in: hdc=0xa90107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2c5a51c | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0156.745] RestoreDC (hdc=0xa90107f4, nSavedDC=-1) returned 1
[0156.745] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107f4) returned 0x0
[0156.746] GetFocus () returned 0x602c4
[0156.746] IsAppThemed () returned 0x1
[0156.746] GetThemeAppProperties () returned 0x3
[0156.746] GetThemeAppProperties () returned 0x3
[0156.746] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0156.746] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xa90107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0156.746] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107f4) returned 0x0
[0156.746] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.746] SelectObject (hdc=0xa90107f4, h=0x85000f) returned 0x4a0507fe
[0156.746] DeleteDC (hdc=0xa90107f4) returned 1
[0156.746] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0156.746] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0156.746] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2c5a618, cPoints=0x1 | out: lpPoints=0x2c5a618) returned 40304859
[0156.746] WindowFromPoint (Point=0xfe) returned 0x602c4
[0156.747] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fe) returned 0x1
[0156.747] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0156.747] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0156.747] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0156.747] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0156.747] GetSystemMetrics (nIndex=42) returned 0
[0156.747] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0156.747] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0156.749] GetCapture () returned 0x602c4
[0156.749] ReleaseCapture () returned 1
[0156.749] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0156.749] GetProcessWindowStation () returned 0x13c
[0156.749] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.749] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0156.750] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.750] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0156.750] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.750] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0156.750] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.750] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0156.750] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.751] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0156.751] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.751] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0156.751] GetDC (hWnd=0x0) returned 0x10105d6
[0156.751] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0156.751] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0156.751] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0156.751] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0156.751] GetSystemMetrics (nIndex=5) returned 1
[0156.752] GetSystemMetrics (nIndex=6) returned 1
[0156.752] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.752] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0156.752] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.752] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0156.758] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0156.759] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0156.759] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.759] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0156.759] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.759] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0156.760] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2c616e8 | out: lpData=0x2c616e8) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c61af8, puLen=0xd7e810) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c617a0, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c617f4, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c61874, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c618dc, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6191c, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c619a4, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c619e0, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c61a38, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c61a68, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c61aa4, puLen=0xd7e790) returned 1
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c61af8, puLen=0xd7e784) returned 1
[0156.761] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.761] VerQueryValueW (in: pBlock=0x2c616e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c61710, puLen=0xd7e794) returned 1
[0156.762] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0156.762] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0156.762] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.762] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0156.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.762] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0156.762] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2c63658 | out: lpData=0x2c63658) returned 1
[0156.764] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c636f4, puLen=0xd7e810) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6376c, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6379c, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c637d8, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c63808, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c63850, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c638c8, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6390c, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6394c, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6374a, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c63898, puLen=0xd7e790) returned 1
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c636f4, puLen=0xd7e784) returned 1
[0156.765] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0156.765] VerQueryValueW (in: pBlock=0x2c63658, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c63680, puLen=0xd7e794) returned 1
[0156.766] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0156.766] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0156.766] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.766] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0156.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.766] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0156.767] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2c65930 | out: lpData=0x2c65930) returned 1
[0156.767] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c65d44, puLen=0xd7e810) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c659e8, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65a3c, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65a98, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65af8, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65b50, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65bd8, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65c2c, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65c84, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65cb4, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c65cf0, puLen=0xd7e790) returned 1
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c65d44, puLen=0xd7e784) returned 1
[0156.768] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.768] VerQueryValueW (in: pBlock=0x2c65930, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c65958, puLen=0xd7e794) returned 1
[0156.769] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0156.769] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0156.769] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.769] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0156.769] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.769] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0156.770] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2c67f68 | out: lpData=0x2c67f68) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c68368, puLen=0xd7e810) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c68020, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c68074, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c680b4, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6811c, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c68174, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c681fc, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c68250, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c682a8, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c682d8, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c68314, puLen=0xd7e790) returned 1
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c68368, puLen=0xd7e784) returned 1
[0156.771] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.771] VerQueryValueW (in: pBlock=0x2c67f68, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c67f90, puLen=0xd7e794) returned 1
[0156.772] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0156.772] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0156.772] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.772] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0156.772] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.772] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0156.773] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2c6a6a4 | out: lpData=0x2c6a6a4) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c6aa6c, puLen=0xd7e810) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a75c, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a7b0, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a7f0, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a858, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a894, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a91c, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a954, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a9ac, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6a9dc, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6aa18, puLen=0xd7e790) returned 1
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c6aa6c, puLen=0xd7e784) returned 1
[0156.774] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.774] VerQueryValueW (in: pBlock=0x2c6a6a4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c6a6cc, puLen=0xd7e794) returned 1
[0156.775] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0156.775] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0156.775] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.775] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0156.775] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.775] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0156.776] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2c6dd0c | out: lpData=0x2c6dd0c) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c6e0ec, puLen=0xd7e810) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6ddc4, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6de18, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6de58, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6deb8, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6df04, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6df8c, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6dfd4, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6e02c, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6e05c, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c6e098, puLen=0xd7e790) returned 1
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.777] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c6e0ec, puLen=0xd7e784) returned 1
[0156.777] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.778] VerQueryValueW (in: pBlock=0x2c6dd0c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c6dd34, puLen=0xd7e794) returned 1
[0156.781] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0156.781] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0156.781] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.781] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0156.781] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.781] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0156.782] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2c7052c | out: lpData=0x2c7052c) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c70938, puLen=0xd7e810) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c705e4, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c70638, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c7068c, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c706ec, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c70744, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c707cc, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c70820, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c70878, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c708a8, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c708e4, puLen=0xd7e790) returned 1
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c70938, puLen=0xd7e784) returned 1
[0156.783] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.783] VerQueryValueW (in: pBlock=0x2c7052c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c70554, puLen=0xd7e794) returned 1
[0156.784] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0156.784] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0156.784] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.784] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0156.784] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.785] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0156.785] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2c72d40 | out: lpData=0x2c72d40) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c73118, puLen=0xd7e810) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c72df8, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c72e4c, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c72e8c, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c72ef4, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c72f38, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c72fc0, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c73000, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c73058, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c73088, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c730c4, puLen=0xd7e790) returned 1
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c73118, puLen=0xd7e784) returned 1
[0156.786] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.786] VerQueryValueW (in: pBlock=0x2c72d40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c72d68, puLen=0xd7e794) returned 1
[0156.787] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0156.787] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0156.787] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.787] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0156.787] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.787] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0156.788] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2c75298 | out: lpData=0x2c75298) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c75670, puLen=0xd7e810) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c75350, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c753a4, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c753e4, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c7544c, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c75490, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c75518, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c75558, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c755b0, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c755e0, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c7561c, puLen=0xd7e790) returned 1
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.789] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c75670, puLen=0xd7e784) returned 1
[0156.790] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.790] VerQueryValueW (in: pBlock=0x2c75298, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c752c0, puLen=0xd7e794) returned 1
[0156.790] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0156.790] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0156.790] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0156.790] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0156.791] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0156.791] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0156.791] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2c779d0 | out: lpData=0x2c779d0) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c77e00, puLen=0xd7e810) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77a88, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77adc, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77b4c, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77bac, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77c08, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77c90, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77ce8, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77d40, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77d70, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c77dac, puLen=0xd7e790) returned 1
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c77e00, puLen=0xd7e784) returned 1
[0156.792] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0156.792] VerQueryValueW (in: pBlock=0x2c779d0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c779f8, puLen=0xd7e794) returned 1
[0156.793] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0156.793] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.793] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0156.793] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.794] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.794] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3005a
[0156.794] SetWindowLongW (hWnd=0x3005a, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0156.794] GetWindowLongW (hWnd=0x3005a, nIndex=-4) returned 1950089536
[0156.795] SetWindowLongW (hWnd=0x3005a, nIndex=-4, dwNewLong=19941110) returned 1950089536
[0156.795] GetWindowLongW (hWnd=0x3005a, nIndex=-4) returned 19941110
[0156.795] GetWindowLongW (hWnd=0x3005a, nIndex=-16) returned 113311744
[0156.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0156.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0156.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0156.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0156.796] GetClientRect (in: hWnd=0x3005a, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0156.796] GetWindowRect (in: hWnd=0x3005a, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0156.796] SetWindowTextW (hWnd=0x3005a, lpString="WindowsFormsParkingWindow") returned 1
[0156.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0xc, wParam=0x0, lParam=0x2c4ade0) returned 0x1
[0156.797] GetParent (hWnd=0x3005a) returned 0x0
[0156.797] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.797] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3005a, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x502da
[0156.797] SetWindowLongW (hWnd=0x502da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0156.797] GetWindowLongW (hWnd=0x502da, nIndex=-4) returned 1868147648
[0156.798] SetWindowLongW (hWnd=0x502da, nIndex=-4, dwNewLong=19941510) returned 1868147648
[0156.798] GetWindowLongW (hWnd=0x502da, nIndex=-4) returned 19941510
[0156.798] GetWindowLongW (hWnd=0x502da, nIndex=-16) returned 1174405133
[0156.798] GetWindowLongW (hWnd=0x502da, nIndex=-12) returned 0
[0156.798] SetWindowLongW (hWnd=0x502da, nIndex=-12, dwNewLong=328410) returned 0
[0156.798] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0156.798] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0156.799] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0156.799] GetClientRect (in: hWnd=0x502da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0156.799] GetWindowRect (in: hWnd=0x502da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0156.799] GetParent (hWnd=0x502da) returned 0x3005a
[0156.799] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3005a, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0156.800] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0156.800] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0156.800] GetClientRect (in: hWnd=0x502da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0156.800] GetWindowRect (in: hWnd=0x502da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0156.800] GetParent (hWnd=0x502da) returned 0x3005a
[0156.800] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3005a, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0156.800] SendMessageW (hWnd=0x502da, Msg=0x2210, wParam=0x2da0001, lParam=0x502da) returned 0x0
[0156.800] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x2210, wParam=0x2da0001, lParam=0x502da) returned 0x0
[0156.800] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.800] GetParent (hWnd=0x502da) returned 0x3005a
[0156.800] GdipCreateFromHWND (hwnd=0x502da, graphics=0xd7e844) returned 0x0
[0156.801] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0156.801] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0156.801] GetForegroundWindow () returned 0x602c4
[0156.802] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.802] GetCursorPos (in: lpPoint=0x2c7bd1c | out: lpPoint=0x2c7bd1c*(x=254, y=628)) returned 1
[0156.802] MonitorFromPoint (pt=0xfe, dwFlags=0x274) returned 0x10001
[0156.802] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0156.802] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xac0107f4
[0156.802] GetDeviceCaps (hdc=0xac0107f4, index=12) returned 32
[0156.802] GetDeviceCaps (hdc=0xac0107f4, index=14) returned 1
[0156.802] DeleteDC (hdc=0xac0107f4) returned 1
[0156.803] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0156.803] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0156.803] GetSystemMetrics (nIndex=59) returned 1460
[0156.803] GetSystemMetrics (nIndex=60) returned 920
[0156.803] GetSystemMetrics (nIndex=34) returned 136
[0156.803] GetSystemMetrics (nIndex=35) returned 39
[0156.803] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.803] GetCursorPos (in: lpPoint=0x2c7bf88 | out: lpPoint=0x2c7bf88*(x=254, y=628)) returned 1
[0156.803] MonitorFromPoint (pt=0xfe, dwFlags=0x276) returned 0x10001
[0156.803] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0156.803] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xad0107f4
[0156.803] GetDeviceCaps (hdc=0xad0107f4, index=12) returned 32
[0156.803] GetDeviceCaps (hdc=0xad0107f4, index=14) returned 1
[0156.803] DeleteDC (hdc=0xad0107f4) returned 1
[0156.804] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0156.804] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0156.804] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.804] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0156.804] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2c7c220 | out: piconinfo=0x2c7c220) returned 1
[0156.804] GetObjectW (in: h=0x2f0507c6, c=24, pv=0x2c7c23c | out: pv=0x2c7c23c) returned 24
[0156.804] GdipCreateBitmapFromHBITMAP (hbm=0x2f0507c6, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0156.805] GdipGetImageWidth (image=0x6640608, width=0xd7e750) returned 0x0
[0156.805] GdipGetImageHeight (image=0x6640608, height=0xd7e748) returned 0x0
[0156.805] GdipGetImagePixelFormat (image=0x6640608, format=0xd7e740) returned 0x0
[0156.805] GdipBitmapLockBits (bitmap=0x6640608, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2c7c2f4) returned 0x0
[0156.805] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0156.805] GdipBitmapLockBits (bitmap=0x663fc30, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2c7c32c) returned 0x0
[0156.805] RtlMoveMemory (in: Destination=0x6648dd0, Source=0x663b4e0, Length=0x80 | out: Destination=0x6648dd0)
[0156.805] RtlMoveMemory (in: Destination=0x6648e50, Source=0x663b460, Length=0x80 | out: Destination=0x6648e50)
[0156.805] RtlMoveMemory (in: Destination=0x6648ed0, Source=0x663b3e0, Length=0x80 | out: Destination=0x6648ed0)
[0156.805] RtlMoveMemory (in: Destination=0x6648f50, Source=0x663b360, Length=0x80 | out: Destination=0x6648f50)
[0156.805] RtlMoveMemory (in: Destination=0x6648fd0, Source=0x663b2e0, Length=0x80 | out: Destination=0x6648fd0)
[0156.805] RtlMoveMemory (in: Destination=0x6649050, Source=0x663b260, Length=0x80 | out: Destination=0x6649050)
[0156.805] RtlMoveMemory (in: Destination=0x66490d0, Source=0x663b1e0, Length=0x80 | out: Destination=0x66490d0)
[0156.805] RtlMoveMemory (in: Destination=0x6649150, Source=0x663b160, Length=0x80 | out: Destination=0x6649150)
[0156.805] RtlMoveMemory (in: Destination=0x66491d0, Source=0x663b0e0, Length=0x80 | out: Destination=0x66491d0)
[0156.805] RtlMoveMemory (in: Destination=0x6649250, Source=0x663b060, Length=0x80 | out: Destination=0x6649250)
[0156.805] RtlMoveMemory (in: Destination=0x66492d0, Source=0x663afe0, Length=0x80 | out: Destination=0x66492d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649350, Source=0x663af60, Length=0x80 | out: Destination=0x6649350)
[0156.806] RtlMoveMemory (in: Destination=0x66493d0, Source=0x663aee0, Length=0x80 | out: Destination=0x66493d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649450, Source=0x663ae60, Length=0x80 | out: Destination=0x6649450)
[0156.806] RtlMoveMemory (in: Destination=0x66494d0, Source=0x663ade0, Length=0x80 | out: Destination=0x66494d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649550, Source=0x663ad60, Length=0x80 | out: Destination=0x6649550)
[0156.806] RtlMoveMemory (in: Destination=0x66495d0, Source=0x663ace0, Length=0x80 | out: Destination=0x66495d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649650, Source=0x663ac60, Length=0x80 | out: Destination=0x6649650)
[0156.806] RtlMoveMemory (in: Destination=0x66496d0, Source=0x663abe0, Length=0x80 | out: Destination=0x66496d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649750, Source=0x663ab60, Length=0x80 | out: Destination=0x6649750)
[0156.806] RtlMoveMemory (in: Destination=0x66497d0, Source=0x663aae0, Length=0x80 | out: Destination=0x66497d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649850, Source=0x663aa60, Length=0x80 | out: Destination=0x6649850)
[0156.806] RtlMoveMemory (in: Destination=0x66498d0, Source=0x663a9e0, Length=0x80 | out: Destination=0x66498d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649950, Source=0x663a960, Length=0x80 | out: Destination=0x6649950)
[0156.806] RtlMoveMemory (in: Destination=0x66499d0, Source=0x663a8e0, Length=0x80 | out: Destination=0x66499d0)
[0156.806] RtlMoveMemory (in: Destination=0x6649a50, Source=0x663a860, Length=0x80 | out: Destination=0x6649a50)
[0156.806] RtlMoveMemory (in: Destination=0x6649ad0, Source=0x663a7e0, Length=0x80 | out: Destination=0x6649ad0)
[0156.806] RtlMoveMemory (in: Destination=0x6649b50, Source=0x663a760, Length=0x80 | out: Destination=0x6649b50)
[0156.806] RtlMoveMemory (in: Destination=0x6649bd0, Source=0x663a6e0, Length=0x80 | out: Destination=0x6649bd0)
[0156.806] RtlMoveMemory (in: Destination=0x6649c50, Source=0x663a660, Length=0x80 | out: Destination=0x6649c50)
[0156.806] RtlMoveMemory (in: Destination=0x6649cd0, Source=0x663a5e0, Length=0x80 | out: Destination=0x6649cd0)
[0156.806] RtlMoveMemory (in: Destination=0x6649d50, Source=0x663a560, Length=0x80 | out: Destination=0x6649d50)
[0156.806] GdipBitmapUnlockBits (bitmap=0x6640608, lockedBitmapData=0x2c7c2f4) returned 0x0
[0156.806] GdipBitmapUnlockBits (bitmap=0x663fc30, lockedBitmapData=0x2c7c32c) returned 0x0
[0156.807] GdipDisposeImage (image=0x6640608) returned 0x0
[0156.807] DeleteObject (ho=0x2f0507c6) returned 1
[0156.807] DeleteObject (ho=0xae0507f4) returned 1
[0156.807] GetCurrentThreadId () returned 0xf50
[0156.807] GetCurrentThreadId () returned 0xf50
[0156.807] SetWindowPos (hWnd=0x502da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0156.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0156.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0156.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0156.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0156.807] GetClientRect (in: hWnd=0x502da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0156.807] GetWindowRect (in: hWnd=0x502da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0156.807] GetParent (hWnd=0x502da) returned 0x3005a
[0156.807] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3005a, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0156.807] InvalidateRect (hWnd=0x502da, lpRect=0x0, bErase=1) returned 1
[0156.808] GetWindowTextLengthW (hWnd=0x502da) returned 0
[0156.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0156.808] GetSystemMetrics (nIndex=42) returned 0
[0156.808] GetWindowTextW (in: hWnd=0x502da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0156.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0156.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0156.808] GetClientRect (in: hWnd=0x502da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0156.808] GetWindowRect (in: hWnd=0x502da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0156.808] GetParent (hWnd=0x502da) returned 0x3005a
[0156.808] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3005a, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0156.808] GetWindowTextLengthW (hWnd=0x502da) returned 0
[0156.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0156.808] GetSystemMetrics (nIndex=42) returned 0
[0156.808] GetWindowTextW (in: hWnd=0x502da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0156.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0156.808] GetWindowTextLengthW (hWnd=0x502da) returned 0
[0156.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0156.808] GetSystemMetrics (nIndex=42) returned 0
[0156.808] GetWindowTextW (in: hWnd=0x502da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0156.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0156.809] SetWindowTextW (hWnd=0x502da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0156.809] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xc, wParam=0x0, lParam=0x2c5bc0c) returned 0x1
[0156.809] InvalidateRect (hWnd=0x502da, lpRect=0x0, bErase=1) returned 1
[0156.810] GetCurrentThreadId () returned 0xf50
[0156.810] GetWindowThreadProcessId (in: hWnd=0x502da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0156.811] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0156.811] GdipImageForceValidation (image=0x663f258) returned 0x0
[0156.813] GdipGetImageRawFormat (image=0x663f258, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0156.813] GdipGetImageHeight (image=0x663f258, height=0xd7e824) returned 0x0
[0156.813] GdipGetImageWidth (image=0x663f258, width=0xd7e824) returned 0x0
[0156.813] GdipGetImageWidth (image=0x663f258, width=0xd7e810) returned 0x0
[0156.813] GdipGetImageHeight (image=0x663f258, height=0xd7e810) returned 0x0
[0156.813] GdipGetImageWidth (image=0x663f258, width=0xd7e800) returned 0x0
[0156.813] GdipGetImageHeight (image=0x663f258, height=0xd7e800) returned 0x0
[0156.813] GdipBitmapGetPixel (bitmap=0x663f258, x=0, y=15, color=0xd7e810) returned 0x0
[0156.813] GdipGetImageRawFormat (image=0x663f258, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0156.813] GdipGetImageWidth (image=0x663f258, width=0xd7e740) returned 0x0
[0156.813] GdipGetImageHeight (image=0x663f258, height=0xd7e740) returned 0x0
[0156.813] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0156.813] GdipGetImagePixelFormat (image=0x66402c0, format=0xd7e740) returned 0x0
[0156.813] GdipGetImageGraphicsContext (image=0x66402c0, graphics=0xd7e74c) returned 0x0
[0156.813] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0156.813] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0156.813] GdipSetImageAttributesColorKeys (imageattr=0x661c480, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0156.814] GdipDrawImageRectRectI (graphics=0x6600030, image=0x663f258, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x661c480, callback=0x0, callbackData=0x0) returned 0x0
[0156.814] GdipDisposeImageAttributes (imageattr=0x661c480) returned 0x0
[0156.814] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0156.814] GdipDisposeImage (image=0x663f258) returned 0x0
[0156.814] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0156.815] GdipImageForceValidation (image=0x663ef10) returned 0x0
[0156.816] GdipGetImageRawFormat (image=0x663ef10, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0156.817] GdipGetImageHeight (image=0x663ef10, height=0xd7e824) returned 0x0
[0156.817] GdipGetImageWidth (image=0x663ef10, width=0xd7e824) returned 0x0
[0156.817] GdipGetImageWidth (image=0x663ef10, width=0xd7e810) returned 0x0
[0156.817] GdipGetImageHeight (image=0x663ef10, height=0xd7e810) returned 0x0
[0156.817] GdipGetImageWidth (image=0x663ef10, width=0xd7e800) returned 0x0
[0156.817] GdipGetImageHeight (image=0x663ef10, height=0xd7e800) returned 0x0
[0156.817] GdipBitmapGetPixel (bitmap=0x663ef10, x=0, y=15, color=0xd7e810) returned 0x0
[0156.817] GdipGetImageRawFormat (image=0x663ef10, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0156.817] GdipGetImageWidth (image=0x663ef10, width=0xd7e740) returned 0x0
[0156.817] GdipGetImageHeight (image=0x663ef10, height=0xd7e740) returned 0x0
[0156.817] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0156.817] GdipGetImagePixelFormat (image=0x663f5a0, format=0xd7e740) returned 0x0
[0156.817] GdipGetImageGraphicsContext (image=0x663f5a0, graphics=0xd7e74c) returned 0x0
[0156.817] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0156.817] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0156.817] GdipSetImageAttributesColorKeys (imageattr=0x663eb70, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0156.817] GdipDrawImageRectRectI (graphics=0x6600030, image=0x663ef10, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x663eb70, callback=0x0, callbackData=0x0) returned 0x0
[0156.817] GdipDisposeImageAttributes (imageattr=0x663eb70) returned 0x0
[0156.817] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0156.818] GdipDisposeImage (image=0x663ef10) returned 0x0
[0156.818] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.818] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0156.818] GetCurrentThreadId () returned 0xf50
[0156.818] GetCurrentThreadId () returned 0xf50
[0156.818] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.818] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0156.818] GetCurrentThreadId () returned 0xf50
[0156.818] GetCurrentThreadId () returned 0xf50
[0156.819] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.819] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0156.819] GetCurrentThreadId () returned 0xf50
[0156.819] GetCurrentThreadId () returned 0xf50
[0156.819] GetSystemMetrics (nIndex=5) returned 1
[0156.819] GetSystemMetrics (nIndex=6) returned 1
[0156.819] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.819] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0156.819] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.819] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0156.819] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.820] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0156.820] GetCurrentThreadId () returned 0xf50
[0156.820] GetCurrentThreadId () returned 0xf50
[0156.820] GetProcessWindowStation () returned 0x13c
[0156.820] GetCapture () returned 0x0
[0156.820] GetActiveWindow () returned 0x7005c
[0156.820] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0156.820] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.820] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0156.820] GetCursorPos (in: lpPoint=0x2c7d4f8 | out: lpPoint=0x2c7d4f8*(x=254, y=628)) returned 1
[0156.820] MonitorFromPoint (pt=0xfe, dwFlags=0x274) returned 0x10001
[0156.820] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0156.820] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xaf0107f4
[0156.821] GetDeviceCaps (hdc=0xaf0107f4, index=12) returned 32
[0156.821] GetDeviceCaps (hdc=0xaf0107f4, index=14) returned 1
[0156.821] DeleteDC (hdc=0xaf0107f4) returned 1
[0156.821] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0156.821] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.821] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x502dc
[0156.821] SetWindowLongW (hWnd=0x502dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0156.822] GetWindowLongW (hWnd=0x502dc, nIndex=-4) returned 1950089536
[0156.822] SetWindowLongW (hWnd=0x502dc, nIndex=-4, dwNewLong=19940710) returned 1950089536
[0156.823] GetWindowLongW (hWnd=0x502dc, nIndex=-4) returned 19940710
[0156.823] GetWindowLongW (hWnd=0x502dc, nIndex=-16) returned 113770496
[0156.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0156.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0156.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0156.825] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0156.825] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0156.825] SetWindowTextW (hWnd=0x502dc, lpString="Microsoft .NET Framework") returned 1
[0156.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xc, wParam=0x0, lParam=0x2c7bbf0) returned 0x1
[0156.826] GetStartupInfoW (in: lpStartupInfo=0x2c7d834 | out: lpStartupInfo=0x2c7d834*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0156.827] GetParent (hWnd=0x502dc) returned 0x0
[0156.827] SetWindowLongW (hWnd=0x502dc, nIndex=-8, dwNewLong=0) returned 0
[0156.827] SendMessageW (hWnd=0x502dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0156.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0156.828] SendMessageW (hWnd=0x502dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0156.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0156.828] GetSystemMenu (hWnd=0x502dc, bRevert=0) returned 0x18020f
[0156.828] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0156.828] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0156.828] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0156.828] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0156.828] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0156.828] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0156.828] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0156.828] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0156.829] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0156.829] SetWindowPos (hWnd=0x502dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0156.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0156.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x502dc) returned 0x1
[0156.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0156.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0156.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0156.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0156.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0156.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x502dc, lParam=0x0) returned 0x0
[0156.834] GetCapture () returned 0x0
[0156.834] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0156.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0156.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0156.837] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0156.837] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0156.837] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0156.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0156.838] GetParent (hWnd=0x502dc) returned 0x0
[0156.838] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0156.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0156.840] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0156.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0156.840] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0156.840] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0156.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0156.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0156.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0156.845] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.845] GetWindowLongW (hWnd=0x502dc, nIndex=-16) returned 113770496
[0156.845] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0156.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0156.845] GetSystemMetrics (nIndex=42) returned 0
[0156.845] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0156.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0156.845] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0156.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0156.845] GetSystemMetrics (nIndex=42) returned 0
[0156.845] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0156.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0156.845] GetCursorPos (in: lpPoint=0x2c7db00 | out: lpPoint=0x2c7db00*(x=254, y=628)) returned 1
[0156.845] MonitorFromPoint (pt=0xfe, dwFlags=0x274) returned 0x10001
[0156.845] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0156.845] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x540107d7
[0156.845] GetDeviceCaps (hdc=0x540107d7, index=12) returned 32
[0156.846] GetDeviceCaps (hdc=0x540107d7, index=14) returned 1
[0156.846] DeleteDC (hdc=0x540107d7) returned 1
[0156.846] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0156.846] GetWindowLongW (hWnd=0x502dc, nIndex=-16) returned 113770496
[0156.846] GetWindowLongW (hWnd=0x502dc, nIndex=-20) returned 327945
[0156.846] SetWindowLongW (hWnd=0x502dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0156.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0156.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0156.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0156.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0156.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0156.848] SetWindowLongW (hWnd=0x502dc, nIndex=-20, dwNewLong=327681) returned 327945
[0156.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0156.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0156.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0156.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0156.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0156.849] SetWindowPos (hWnd=0x502dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0156.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0156.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0156.850] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0156.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0156.850] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0156.850] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0156.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0156.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0156.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0156.852] RedrawWindow (hWnd=0x502dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0156.852] GetSystemMenu (hWnd=0x502dc, bRevert=0) returned 0x18020f
[0156.852] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0156.852] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0156.852] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0156.852] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0156.852] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0156.852] EnableMenuItem (hMenu=0x18020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0156.852] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0156.852] GetWindowLongW (hWnd=0x502dc, nIndex=-8) returned 0
[0156.852] SetWindowLongW (hWnd=0x502dc, nIndex=-8, dwNewLong=458844) returned 0
[0156.853] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0156.853] GetProcessWindowStation () returned 0x13c
[0156.853] GetCurrentThreadId () returned 0xf50
[0156.853] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130471e, lParam=0x0) returned 1
[0156.853] IsWindowVisible (hWnd=0x502dc) returned 0
[0156.853] IsWindowVisible (hWnd=0x7005c) returned 1
[0156.853] IsWindowEnabled (hWnd=0x7005c) returned 1
[0156.853] IsWindowVisible (hWnd=0x300ec) returned 0
[0156.853] IsWindowVisible (hWnd=0x502c6) returned 0
[0156.853] IsWindowVisible (hWnd=0x502be) returned 0
[0156.854] GetActiveWindow () returned 0x502dc
[0156.854] GetFocus () returned 0x502dc
[0156.854] IsWindow (hWnd=0x7005c) returned 1
[0156.854] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0156.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0156.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0156.854] GetWindowLongW (hWnd=0x502dc, nIndex=-8) returned 458844
[0156.854] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0156.854] GetCurrentThreadId () returned 0xf50
[0156.854] GetWindowLongW (hWnd=0x502dc, nIndex=-8) returned 458844
[0156.854] IsWindowEnabled (hWnd=0x7005c) returned 0
[0156.854] IsWindowEnabled (hWnd=0x502dc) returned 1
[0156.855] ShowWindow (hWnd=0x502dc, nCmdShow=5) returned 0
[0156.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.855] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0156.855] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.856] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.856] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x502dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x800ea
[0156.856] SetWindowLongW (hWnd=0x800ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0156.856] GetWindowLongW (hWnd=0x800ea, nIndex=-4) returned 1950089536
[0156.857] SetWindowLongW (hWnd=0x800ea, nIndex=-4, dwNewLong=19941190) returned 1950089536
[0156.857] GetWindowLongW (hWnd=0x800ea, nIndex=-4) returned 19941190
[0156.857] GetWindowLongW (hWnd=0x800ea, nIndex=-16) returned 1174405120
[0156.857] GetWindowLongW (hWnd=0x800ea, nIndex=-12) returned 0
[0156.857] SetWindowLongW (hWnd=0x800ea, nIndex=-12, dwNewLong=524522) returned 0
[0156.857] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0156.857] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0156.857] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0156.857] GetWindow (hWnd=0x800ea, uCmd=0x3) returned 0x0
[0156.857] GetClientRect (in: hWnd=0x800ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0156.857] GetWindowRect (in: hWnd=0x800ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0156.858] GetParent (hWnd=0x800ea) returned 0x502dc
[0156.858] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0156.859] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0156.859] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0156.859] GetClientRect (in: hWnd=0x800ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0156.859] GetWindowRect (in: hWnd=0x800ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0156.859] GetParent (hWnd=0x800ea) returned 0x502dc
[0156.860] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0156.860] SendMessageW (hWnd=0x800ea, Msg=0x2210, wParam=0xea0001, lParam=0x800ea) returned 0x0
[0156.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x2210, wParam=0xea0001, lParam=0x800ea) returned 0x0
[0156.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.860] GetParent (hWnd=0x800ea) returned 0x502dc
[0156.860] GetParent (hWnd=0x502da) returned 0x3005a
[0156.860] SetParent (hWndChild=0x502da, hWndNewParent=0x502dc) returned 0x3005a
[0156.860] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0156.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0156.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0156.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0156.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0156.861] GetClientRect (in: hWnd=0x502da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0156.861] GetWindowRect (in: hWnd=0x502da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0156.861] GetParent (hWnd=0x502da) returned 0x502dc
[0156.861] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0156.861] GetClientRect (in: hWnd=0x502da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0156.861] GetWindowRect (in: hWnd=0x502da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0156.861] GetParent (hWnd=0x502da) returned 0x502dc
[0156.861] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0156.861] GetParent (hWnd=0x502da) returned 0x502dc
[0156.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.862] GetWindow (hWnd=0x502da, uCmd=0x3) returned 0x0
[0156.862] SetWindowPos (hWnd=0x502da, hWndInsertAfter=0x800ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0156.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0156.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0156.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0156.862] GetClientRect (in: hWnd=0x502da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0156.862] GetWindowRect (in: hWnd=0x502da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0156.862] GetParent (hWnd=0x502da) returned 0x502dc
[0156.862] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0156.862] GetParent (hWnd=0x502da) returned 0x502dc
[0156.862] GetWindow (hWnd=0x502da, uCmd=0x3) returned 0x800ea
[0156.862] GetWindowThreadProcessId (in: hWnd=0x502da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0156.863] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0156.863] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.863] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.863] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x502dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x7013e
[0156.863] SetWindowLongW (hWnd=0x7013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0156.864] GetWindowLongW (hWnd=0x7013e, nIndex=-4) returned 1868032000
[0156.864] SetWindowLongW (hWnd=0x7013e, nIndex=-4, dwNewLong=19941230) returned 1868032000
[0156.864] GetWindowLongW (hWnd=0x7013e, nIndex=-4) returned 19941230
[0156.864] GetWindowLongW (hWnd=0x7013e, nIndex=-16) returned 1174470667
[0156.864] GetWindowLongW (hWnd=0x7013e, nIndex=-12) returned 0
[0156.864] SetWindowLongW (hWnd=0x7013e, nIndex=-12, dwNewLong=459070) returned 0
[0156.864] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0156.865] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0156.865] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0156.865] SendMessageW (hWnd=0x7013e, Msg=0x2055, wParam=0x7013e, lParam=0x3) returned 0x2
[0156.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0156.866] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0156.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0156.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0156.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0156.866] RedrawWindow (hWnd=0x800ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0156.866] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0156.866] RedrawWindow (hWnd=0x502da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0156.866] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0156.866] RedrawWindow (hWnd=0x7013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0156.866] RedrawWindow (hWnd=0x502dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0156.866] GetWindow (hWnd=0x7013e, uCmd=0x3) returned 0x502da
[0156.866] GetClientRect (in: hWnd=0x7013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0156.867] GetWindowRect (in: hWnd=0x7013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0156.867] GetParent (hWnd=0x7013e) returned 0x502dc
[0156.867] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0156.867] SetWindowTextW (hWnd=0x7013e, lpString="&Details") returned 1
[0156.867] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0156.867] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0156.867] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0156.867] GetClientRect (in: hWnd=0x7013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0156.867] GetWindowRect (in: hWnd=0x7013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0156.867] GetParent (hWnd=0x7013e) returned 0x502dc
[0156.867] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0156.868] SendMessageW (hWnd=0x7013e, Msg=0x2210, wParam=0x13e0001, lParam=0x7013e) returned 0x0
[0156.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x2210, wParam=0x13e0001, lParam=0x7013e) returned 0x0
[0156.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.868] GetParent (hWnd=0x7013e) returned 0x502dc
[0156.868] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0156.868] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.868] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.869] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x502dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x602d2
[0156.869] SetWindowLongW (hWnd=0x602d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0156.869] GetWindowLongW (hWnd=0x602d2, nIndex=-4) returned 1868032000
[0156.869] SetWindowLongW (hWnd=0x602d2, nIndex=-4, dwNewLong=19941270) returned 1868032000
[0156.869] GetWindowLongW (hWnd=0x602d2, nIndex=-4) returned 19941270
[0156.869] GetWindowLongW (hWnd=0x602d2, nIndex=-16) returned 1174470667
[0156.869] GetWindowLongW (hWnd=0x602d2, nIndex=-12) returned 0
[0156.869] SetWindowLongW (hWnd=0x602d2, nIndex=-12, dwNewLong=393938) returned 0
[0156.869] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0156.870] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0156.870] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0156.871] SendMessageW (hWnd=0x602d2, Msg=0x2055, wParam=0x602d2, lParam=0x3) returned 0x2
[0156.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0156.871] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0156.871] GetWindow (hWnd=0x602d2, uCmd=0x3) returned 0x7013e
[0156.871] GetClientRect (in: hWnd=0x602d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0156.871] GetWindowRect (in: hWnd=0x602d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0156.871] GetParent (hWnd=0x602d2) returned 0x502dc
[0156.871] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0156.871] SetWindowTextW (hWnd=0x602d2, lpString="&Continue") returned 1
[0156.871] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0156.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0156.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0156.899] GetClientRect (in: hWnd=0x602d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0156.899] GetWindowRect (in: hWnd=0x602d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0156.900] GetParent (hWnd=0x602d2) returned 0x502dc
[0156.900] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0156.900] SendMessageW (hWnd=0x602d2, Msg=0x2210, wParam=0x2d20001, lParam=0x602d2) returned 0x0
[0156.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x2210, wParam=0x2d20001, lParam=0x602d2) returned 0x0
[0156.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.900] GetParent (hWnd=0x602d2) returned 0x502dc
[0156.900] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0156.901] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.902] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.902] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x502dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x702d8
[0156.902] SetWindowLongW (hWnd=0x702d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0156.902] GetWindowLongW (hWnd=0x702d8, nIndex=-4) returned 1868032000
[0156.903] SetWindowLongW (hWnd=0x702d8, nIndex=-4, dwNewLong=19941310) returned 1868032000
[0156.903] GetWindowLongW (hWnd=0x702d8, nIndex=-4) returned 19941310
[0156.903] GetWindowLongW (hWnd=0x702d8, nIndex=-16) returned 1174470667
[0156.903] GetWindowLongW (hWnd=0x702d8, nIndex=-12) returned 0
[0156.903] SetWindowLongW (hWnd=0x702d8, nIndex=-12, dwNewLong=459480) returned 0
[0156.903] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0156.904] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0156.904] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0156.905] SendMessageW (hWnd=0x702d8, Msg=0x2055, wParam=0x702d8, lParam=0x3) returned 0x2
[0156.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0156.905] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0156.906] GetWindow (hWnd=0x702d8, uCmd=0x3) returned 0x602d2
[0156.906] GetClientRect (in: hWnd=0x702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0156.906] GetWindowRect (in: hWnd=0x702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0156.906] GetParent (hWnd=0x702d8) returned 0x502dc
[0156.906] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0156.906] SetWindowTextW (hWnd=0x702d8, lpString="&Quit") returned 1
[0156.906] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0156.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0156.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0156.907] GetClientRect (in: hWnd=0x702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0156.907] GetWindowRect (in: hWnd=0x702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0156.907] GetParent (hWnd=0x702d8) returned 0x502dc
[0156.907] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0156.907] SendMessageW (hWnd=0x702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x702d8) returned 0x0
[0156.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x702d8) returned 0x0
[0156.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.907] GetParent (hWnd=0x702d8) returned 0x502dc
[0156.908] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0156.908] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0156.908] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0156.909] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x502dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x502de
[0156.909] SetWindowLongW (hWnd=0x502de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0156.909] GetWindowLongW (hWnd=0x502de, nIndex=-4) returned 1868026976
[0156.909] SetWindowLongW (hWnd=0x502de, nIndex=-4, dwNewLong=19940550) returned 1868026976
[0156.910] GetWindowLongW (hWnd=0x502de, nIndex=-4) returned 19940550
[0156.910] GetWindowLongW (hWnd=0x502de, nIndex=-16) returned 1177553092
[0156.910] GetWindowLongW (hWnd=0x502de, nIndex=-12) returned 0
[0156.910] SetWindowLongW (hWnd=0x502de, nIndex=-12, dwNewLong=328414) returned 0
[0156.910] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0156.911] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0156.912] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0156.938] GetWindow (hWnd=0x502de, uCmd=0x3) returned 0x702d8
[0156.938] GetClientRect (in: hWnd=0x502de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0156.938] GetWindowRect (in: hWnd=0x502de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0156.938] GetParent (hWnd=0x502de) returned 0x502dc
[0156.938] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0156.939] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0156.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0156.939] GetSystemMetrics (nIndex=42) returned 0
[0156.939] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0156.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0156.939] SendMessageW (hWnd=0x502de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0156.939] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0156.945] SetWindowTextW (hWnd=0x502de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0156.945] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0xc, wParam=0x0, lParam=0x2c79728) returned 0x1
[0156.947] GetSystemMetrics (nIndex=5) returned 1
[0156.947] GetSystemMetrics (nIndex=6) returned 1
[0156.947] SendMessageW (hWnd=0x502de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0156.947] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0156.948] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0156.949] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0156.949] GetClientRect (in: hWnd=0x502de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0156.949] GetWindowRect (in: hWnd=0x502de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0156.949] GetParent (hWnd=0x502de) returned 0x502dc
[0156.949] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x502dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0156.949] SendMessageW (hWnd=0x502de, Msg=0x2210, wParam=0x2de0001, lParam=0x502de) returned 0x0
[0156.949] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x2210, wParam=0x2de0001, lParam=0x502de) returned 0x0
[0156.949] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0156.949] GetParent (hWnd=0x502de) returned 0x502dc
[0156.949] GetWindowLongW (hWnd=0x502dc, nIndex=-8) returned 458844
[0156.950] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0156.950] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0156.950] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x5b0107d7
[0156.950] GetDeviceCaps (hdc=0x5b0107d7, index=12) returned 32
[0156.951] GetDeviceCaps (hdc=0x5b0107d7, index=14) returned 1
[0156.951] DeleteDC (hdc=0x5b0107d7) returned 1
[0156.951] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0156.951] GetWindowThreadProcessId (in: hWnd=0x502dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0156.951] GetCurrentThreadId () returned 0xf50
[0156.951] PostMessageW (hWnd=0x502dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0156.951] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0156.951] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0156.951] GetSystemMetrics (nIndex=42) returned 0
[0156.951] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0156.951] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0156.951] GdipImageGetFrameDimensionsCount (image=0x663fc30, count=0xd7e25c) returned 0x0
[0156.952] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7568
[0156.952] GdipImageGetFrameDimensionsList (image=0x663fc30, dimensionIDs=0x11f7568*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0156.952] LocalFree (hMem=0x11f7568) returned 0x0
[0156.952] GdipImageGetFrameDimensionsCount (image=0x66402c0, count=0xd7e250) returned 0x0
[0156.952] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7478
[0156.952] GdipImageGetFrameDimensionsList (image=0x66402c0, dimensionIDs=0x11f7478*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0156.952] LocalFree (hMem=0x11f7478) returned 0x0
[0156.952] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0156.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0156.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0156.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0156.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0156.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0156.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0156.973] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0156.973] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0156.973] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0156.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0156.973] GetSystemMetrics (nIndex=42) returned 0
[0156.973] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0156.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0156.973] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0156.973] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0156.973] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0156.973] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0xffffffffac0507d3
[0156.974] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0156.974] SaveDC (hdc=0xf0105ee) returned 1
[0156.974] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0156.974] CreateSolidBrush (color=0xf0f0f0) returned 0x461007e1
[0156.974] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0x461007e1) returned 1
[0156.974] DeleteObject (ho=0x461007e1) returned 1
[0156.974] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0156.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0156.975] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0156.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0156.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0156.975] GetStockObject (i=5) returned 0x900015
[0156.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0156.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0156.976] GetStockObject (i=5) returned 0x900015
[0156.977] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0156.978] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0156.978] GetStockObject (i=5) returned 0x900015
[0156.978] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0156.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0156.978] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0156.978] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0156.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0156.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0156.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0156.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0156.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0156.980] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0156.980] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0156.980] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0156.980] InvalidateRect (hWnd=0x7013e, lpRect=0x0, bErase=0) returned 1
[0156.980] GetFocus () returned 0x502dc
[0156.980] GetFocus () returned 0x502dc
[0156.980] SetFocus (hWnd=0x7013e) returned 0x502dc
[0156.981] GetFocus () returned 0x7013e
[0156.982] IsChild (hWndParent=0x502dc, hWnd=0x7013e) returned 1
[0156.982] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x8, wParam=0x7013e, lParam=0x0) returned 0x0
[0156.982] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0156.983] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0156.985] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0156.985] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x7, wParam=0x502dc, lParam=0x0) returned 0x0
[0156.985] GetStockObject (i=5) returned 0x900015
[0156.985] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0156.985] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0156.985] GetDlgItem (hDlg=0x502dc, nIDDlgItem=459070) returned 0x7013e
[0156.985] SendMessageW (hWnd=0x7013e, Msg=0x202b, wParam=0x7013e, lParam=0xd7e0dc) returned 0x0
[0156.985] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x202b, wParam=0x7013e, lParam=0xd7e0dc) returned 0x0
[0156.985] InvalidateRect (hWnd=0x7013e, lpRect=0x0, bErase=0) returned 1
[0156.987] GetFocus () returned 0x7013e
[0156.987] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.988] IsWindowUnicode (hWnd=0x502dc) returned 1
[0156.988] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.988] TranslateMessage (lpMsg=0xd7e808) returned 0
[0156.988] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0156.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0156.988] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.988] IsWindowUnicode (hWnd=0x502dc) returned 1
[0156.988] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.988] TranslateMessage (lpMsg=0xd7e808) returned 0
[0156.988] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0156.988] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0156.989] IsWindowUnicode (hWnd=0x502dc) returned 1
[0156.989] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.989] TranslateMessage (lpMsg=0xd7e808) returned 0
[0156.989] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0156.989] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.989] IsWindowUnicode (hWnd=0x602c4) returned 1
[0156.989] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.989] TranslateMessage (lpMsg=0xd7e808) returned 0
[0156.989] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0156.989] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0156.989] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0156.989] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.990] IsWindowUnicode (hWnd=0x502dc) returned 1
[0156.990] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.990] TranslateMessage (lpMsg=0xd7e808) returned 0
[0156.990] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0156.990] BeginPaint (in: hWnd=0x502dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0156.990] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0156.990] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0156.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0156.990] GetSystemMetrics (nIndex=42) returned 0
[0156.990] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0156.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0156.991] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.991] EndPaint (hWnd=0x502dc, lpPaint=0xd7e274) returned 1
[0156.991] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.991] IsWindowUnicode (hWnd=0x800ea) returned 1
[0156.991] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.991] TranslateMessage (lpMsg=0xd7e808) returned 0
[0156.991] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0156.991] BeginPaint (in: hWnd=0x800ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0156.991] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0156.991] CreateCompatibleDC (hdc=0x107b9) returned 0xf50107f3
[0156.991] SelectObject (hdc=0xf50107f3, h=0x4a0507fe) returned 0x85000f
[0156.991] GdipCreateFromHDC (hdc=0xf50107f3, graphics=0xd7e2b0) returned 0x0
[0156.992] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0156.992] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0156.992] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0156.992] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0156.992] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e310) returned 0x0
[0156.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0156.992] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee910) returned 0x0
[0156.992] LocalFree (hMem=0x11ee910) returned 0x0
[0156.992] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0156.992] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0156.992] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0156.992] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e304) returned 0x0
[0156.993] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0156.993] GetWindowTextLengthW (hWnd=0x800ea) returned 0
[0156.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0156.993] GetSystemMetrics (nIndex=42) returned 0
[0156.993] GetWindowTextW (in: hWnd=0x800ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0156.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0156.993] GetClientRect (in: hWnd=0x800ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0156.993] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0156.993] GdipGetClip (graphics=0x6600030, region=0x6644aa8) returned 0x0
[0156.993] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0156.993] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0156.993] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e164) returned 0x0
[0156.993] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0156.993] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee910) returned 0x0
[0156.993] LocalFree (hMem=0x11ee910) returned 0x0
[0156.993] GdipCombineRegionRegion (region=0x6644aa8, region2=0x6644358, combineMode=0x1) returned 0x0
[0156.993] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0156.993] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0156.993] LocalFree (hMem=0x11ee9f0) returned 0x0
[0156.993] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0156.993] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0156.993] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0156.994] GdipGetRegionHRgn (region=0x6644aa8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0156.994] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0156.994] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0156.994] GetCurrentObject (hdc=0xf50107f3, type=0x1) returned 0xb00017
[0156.994] GetCurrentObject (hdc=0xf50107f3, type=0x2) returned 0x900010
[0156.994] GetCurrentObject (hdc=0xf50107f3, type=0x7) returned 0x4a0507fe
[0156.994] GetCurrentObject (hdc=0xf50107f3, type=0x6) returned 0x8a01c2
[0156.994] SaveDC (hdc=0xf50107f3) returned 1
[0156.994] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f040807
[0156.994] GetClipRgn (hdc=0xf50107f3, hrgn=0x9f040807) returned 0
[0156.994] SelectClipRgn (hdc=0xf50107f3, hrgn=0x200407de) returned 2
[0156.994] DeleteObject (ho=0x9f040807) returned 1
[0156.994] DeleteObject (ho=0x200407de) returned 1
[0156.994] OffsetViewportOrgEx (in: hdc=0xf50107f3, x=0, y=0, lppt=0x2c7f38c | out: lppt=0x2c7f38c) returned 1
[0156.994] GetNearestColor (hdc=0xf50107f3, color=0xf0f0f0) returned 0xf0f0f0
[0156.994] CreateSolidBrush (color=0xf0f0f0) returned 0x471007e1
[0156.994] FillRect (hDC=0xf50107f3, lprc=0xd7e198, hbr=0x471007e1) returned 1
[0156.995] DeleteObject (ho=0x471007e1) returned 1
[0156.995] RestoreDC (hdc=0xf50107f3, nSavedDC=-1) returned 1
[0156.995] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107f3) returned 0x0
[0156.995] GdipRestoreGraphics (graphics=0x6600030, state=0xfcfe0dbd) returned 0x0
[0156.995] GdipDeleteRegion (region=0x6644358) returned 0x0
[0156.995] GetWindowTextLengthW (hWnd=0x800ea) returned 0
[0156.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0156.995] GetSystemMetrics (nIndex=42) returned 0
[0156.995] GetWindowTextW (in: hWnd=0x800ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0156.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0156.995] GdipGetImageWidth (image=0x663fc30, width=0xd7e1e0) returned 0x0
[0156.995] GdipGetImageHeight (image=0x663fc30, height=0xd7e1e0) returned 0x0
[0156.995] GdipGetImageWidth (image=0x663fc30, width=0xd7e1cc) returned 0x0
[0156.995] GdipGetImageHeight (image=0x663fc30, height=0xd7e1cc) returned 0x0
[0156.995] GdipDrawImageRectI (graphics=0x6600030, image=0x663fc30, x=16, y=16, width=32, height=32) returned 0x0
[0156.996] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0156.996] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0xf50107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0156.996] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107f3) returned 0x0
[0156.996] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0156.996] SelectObject (hdc=0xf50107f3, h=0x85000f) returned 0x4a0507fe
[0156.996] DeleteDC (hdc=0xf50107f3) returned 1
[0156.996] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0156.996] EndPaint (hWnd=0x800ea, lpPaint=0xd7e294) returned 1
[0156.996] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.996] IsWindowUnicode (hWnd=0x502da) returned 1
[0156.996] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0156.996] TranslateMessage (lpMsg=0xd7e808) returned 0
[0156.997] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0156.997] BeginPaint (in: hWnd=0x502da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0156.997] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.002] CreateCompatibleDC (hdc=0x10105d6) returned 0xa50107f1
[0157.002] GetObjectType (h=0x10105d6) returned 0x3
[0157.002] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0x650507d7
[0157.002] GetDIBits (in: hdc=0x10105d6, hbm=0x650507d7, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0157.002] GetDIBits (in: hdc=0x10105d6, hbm=0x650507d7, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0157.002] DeleteObject (ho=0x650507d7) returned 1
[0157.002] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xf90507f3
[0157.002] SelectObject (hdc=0xa50107f1, h=0xf90507f3) returned 0x85000f
[0157.002] GdipCreateFromHDC (hdc=0xa50107f1, graphics=0xd7e234) returned 0x0
[0157.003] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0157.003] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0157.003] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0157.003] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.003] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e2d4) returned 0x0
[0157.003] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0157.003] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eea98) returned 0x0
[0157.003] LocalFree (hMem=0x11eea98) returned 0x0
[0157.003] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.003] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0157.003] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0157.003] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0157.003] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0157.004] GetWindowTextLengthW (hWnd=0x502da) returned 232
[0157.004] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0157.004] GetSystemMetrics (nIndex=42) returned 0
[0157.004] GetWindowTextW (in: hWnd=0x502da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0157.004] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0157.004] GetClientRect (in: hWnd=0x502da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0157.004] GdipCreateRegion (region=0xd7e110) returned 0x0
[0157.004] GdipGetClip (graphics=0x6600030, region=0x6644aa8) returned 0x0
[0157.004] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0157.004] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.004] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e128) returned 0x0
[0157.004] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0157.004] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0157.004] LocalFree (hMem=0x11eecc8) returned 0x0
[0157.004] GdipCombineRegionRegion (region=0x6644aa8, region2=0x66446b8, combineMode=0x1) returned 0x0
[0157.004] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0157.004] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0157.005] LocalFree (hMem=0x11eec58) returned 0x0
[0157.005] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.005] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0157.005] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0157.005] GdipGetRegionHRgn (region=0x6644aa8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0157.005] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0157.005] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0157.005] GetCurrentObject (hdc=0xa50107f1, type=0x1) returned 0xb00017
[0157.005] GetCurrentObject (hdc=0xa50107f1, type=0x2) returned 0x900010
[0157.005] GetCurrentObject (hdc=0xa50107f1, type=0x7) returned 0xfffffffff90507f3
[0157.005] GetCurrentObject (hdc=0xa50107f1, type=0x6) returned 0x8a01c2
[0157.005] SaveDC (hdc=0xa50107f1) returned 1
[0157.005] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x210407de
[0157.005] GetClipRgn (hdc=0xa50107f1, hrgn=0x210407de) returned 0
[0157.005] SelectClipRgn (hdc=0xa50107f1, hrgn=0xa0040807) returned 2
[0157.006] DeleteObject (ho=0x210407de) returned 1
[0157.006] DeleteObject (ho=0xa0040807) returned 1
[0157.006] OffsetViewportOrgEx (in: hdc=0xa50107f1, x=0, y=0, lppt=0x2c80d54 | out: lppt=0x2c80d54) returned 1
[0157.006] GetNearestColor (hdc=0xa50107f1, color=0xf0f0f0) returned 0xf0f0f0
[0157.006] CreateSolidBrush (color=0xf0f0f0) returned 0x481007e1
[0157.006] FillRect (hDC=0xa50107f1, lprc=0xd7e15c, hbr=0x481007e1) returned 1
[0157.008] DeleteObject (ho=0x481007e1) returned 1
[0157.008] RestoreDC (hdc=0xa50107f1, nSavedDC=-1) returned 1
[0157.008] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f1) returned 0x0
[0157.008] GdipRestoreGraphics (graphics=0x6600030, state=0xfcfc0dbd) returned 0x0
[0157.008] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0157.008] GetWindowTextLengthW (hWnd=0x502da) returned 232
[0157.008] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0157.008] GetSystemMetrics (nIndex=42) returned 0
[0157.008] GetWindowTextW (in: hWnd=0x502da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0157.008] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0157.008] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0157.008] GetCurrentObject (hdc=0xa50107f1, type=0x1) returned 0xb00017
[0157.009] GetCurrentObject (hdc=0xa50107f1, type=0x2) returned 0x900010
[0157.009] GetCurrentObject (hdc=0xa50107f1, type=0x7) returned 0xfffffffff90507f3
[0157.009] GetCurrentObject (hdc=0xa50107f1, type=0x6) returned 0x8a01c2
[0157.009] SaveDC (hdc=0xa50107f1) returned 1
[0157.009] GetNearestColor (hdc=0xa50107f1, color=0x0) returned 0x0
[0157.009] RestoreDC (hdc=0xa50107f1, nSavedDC=-1) returned 1
[0157.009] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f1) returned 0x0
[0157.010] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0157.010] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0157.010] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2c81550 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0157.010] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0157.010] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0157.011] GetCurrentObject (hdc=0xa50107f1, type=0x1) returned 0xb00017
[0157.011] GetCurrentObject (hdc=0xa50107f1, type=0x2) returned 0x900010
[0157.011] GetCurrentObject (hdc=0xa50107f1, type=0x7) returned 0xfffffffff90507f3
[0157.011] GetCurrentObject (hdc=0xa50107f1, type=0x6) returned 0x8a01c2
[0157.011] SaveDC (hdc=0xa50107f1) returned 1
[0157.011] GetTextAlign (hdc=0xa50107f1) returned 0x0
[0157.011] GetTextColor (hdc=0xa50107f1) returned 0x0
[0157.011] GetCurrentObject (hdc=0xa50107f1, type=0x6) returned 0x8a01c2
[0157.011] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0157.011] SelectObject (hdc=0xa50107f1, h=0x6d0a0520) returned 0x8a01c2
[0157.011] GetBkMode (hdc=0xa50107f1) returned 2
[0157.011] SetBkMode (hdc=0xa50107f1, mode=1) returned 2
[0157.012] DrawTextExW (in: hdc=0xa50107f1, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2c81774 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0157.023] RestoreDC (hdc=0xa50107f1, nSavedDC=-1) returned 1
[0157.023] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f1) returned 0x0
[0157.024] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0157.024] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xa50107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0157.024] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f1) returned 0x0
[0157.024] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.024] SelectObject (hdc=0xa50107f1, h=0x85000f) returned 0xf90507f3
[0157.024] DeleteDC (hdc=0xa50107f1) returned 1
[0157.024] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0157.024] DeleteObject (ho=0xf90507f3) returned 1
[0157.025] EndPaint (hWnd=0x502da, lpPaint=0xd7e258) returned 1
[0157.025] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.025] IsWindowUnicode (hWnd=0x602d2) returned 1
[0157.025] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.025] SetCursor (hCursor=0x10003) returned 0x10003
[0157.025] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.025] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.026] _TrackMouseEvent (in: lpEventTrack=0x2c817b0 | out: lpEventTrack=0x2c817b0) returned 1
[0157.026] SendMessageW (hWnd=0x602d2, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0157.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0157.026] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0157.026] GetKeyState (nVirtKey=1) returned 0
[0157.026] GetKeyState (nVirtKey=2) returned 0
[0157.026] GetKeyState (nVirtKey=4) returned 0
[0157.026] GetKeyState (nVirtKey=5) returned 0
[0157.026] GetKeyState (nVirtKey=6) returned 0
[0157.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.026] IsWindowUnicode (hWnd=0x7013e) returned 1
[0157.026] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.026] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.026] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.026] BeginPaint (in: hWnd=0x7013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0157.026] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.027] CreateCompatibleDC (hdc=0xc0107c5) returned 0x670107d7
[0157.027] SelectObject (hdc=0x670107d7, h=0x4a0507fe) returned 0x85000f
[0157.027] GdipCreateFromHDC (hdc=0x670107d7, graphics=0xd7e268) returned 0x0
[0157.027] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0157.027] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0157.027] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0157.027] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.027] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e2c8) returned 0x0
[0157.027] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0157.027] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eea60) returned 0x0
[0157.027] LocalFree (hMem=0x11eea60) returned 0x0
[0157.027] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.027] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0157.027] GdipGetClip (graphics=0x6600030, region=0x6644ce8) returned 0x0
[0157.027] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0157.027] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0157.028] GdipRestoreGraphics (graphics=0x6600030, state=0xfcfa0dbd) returned 0x0
[0157.028] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0157.028] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0157.028] GetCurrentObject (hdc=0x670107d7, type=0x1) returned 0xb00017
[0157.028] GetCurrentObject (hdc=0x670107d7, type=0x2) returned 0x900010
[0157.028] GetCurrentObject (hdc=0x670107d7, type=0x7) returned 0x4a0507fe
[0157.028] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.028] SaveDC (hdc=0x670107d7) returned 1
[0157.028] GetNearestColor (hdc=0x670107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.029] GetNearestColor (hdc=0x670107d7, color=0xa0a0a0) returned 0xa0a0a0
[0157.029] GetNearestColor (hdc=0x670107d7, color=0x696969) returned 0x696969
[0157.029] GetNearestColor (hdc=0x670107d7, color=0xa0a0a0) returned 0xa0a0a0
[0157.029] GetNearestColor (hdc=0x670107d7, color=0x0) returned 0x0
[0157.029] GetNearestColor (hdc=0x670107d7, color=0xffffff) returned 0xffffff
[0157.029] GetNearestColor (hdc=0x670107d7, color=0xe5e5e5) returned 0xe5e5e5
[0157.029] GetNearestColor (hdc=0x670107d7, color=0xd7d7d7) returned 0xd7d7d7
[0157.029] GetNearestColor (hdc=0x670107d7, color=0x0) returned 0x0
[0157.029] RestoreDC (hdc=0x670107d7, nSavedDC=-1) returned 1
[0157.029] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d7) returned 0x0
[0157.029] IsAppThemed () returned 0x1
[0157.029] GetThemeAppProperties () returned 0x3
[0157.029] GetThemeAppProperties () returned 0x3
[0157.029] GdipGetImageWidth (image=0x66402c0, width=0xd7e168) returned 0x0
[0157.029] GdipGetImageHeight (image=0x66402c0, height=0xd7e168) returned 0x0
[0157.029] IsAppThemed () returned 0x1
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2c81f1c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0157.030] IsAppThemed () returned 0x1
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] IsAppThemed () returned 0x1
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] GetFocus () returned 0x7013e
[0157.030] IsAppThemed () returned 0x1
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] IsAppThemed () returned 0x1
[0157.030] GetThemeAppProperties () returned 0x3
[0157.030] GetThemeAppProperties () returned 0x3
[0157.031] IsThemePartDefined () returned 0x1
[0157.031] IsAppThemed () returned 0x1
[0157.031] GetThemeAppProperties () returned 0x3
[0157.031] GetThemeAppProperties () returned 0x3
[0157.031] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0157.031] IsAppThemed () returned 0x1
[0157.031] GetThemeAppProperties () returned 0x3
[0157.031] GetThemeAppProperties () returned 0x3
[0157.031] IsAppThemed () returned 0x1
[0157.031] GetThemeAppProperties () returned 0x3
[0157.031] GetThemeAppProperties () returned 0x3
[0157.031] IsThemePartDefined () returned 0x1
[0157.031] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0157.031] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0157.031] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0157.031] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.031] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0157.031] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.031] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0157.031] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.031] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0157.031] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0157.031] LocalFree (hMem=0x11eec58) returned 0x0
[0157.032] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.032] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e018) returned 0x0
[0157.032] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e008) returned 0x0
[0157.032] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0157.032] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0157.032] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0157.032] GetCurrentObject (hdc=0x670107d7, type=0x1) returned 0xb00017
[0157.032] GetCurrentObject (hdc=0x670107d7, type=0x2) returned 0x900010
[0157.032] GetCurrentObject (hdc=0x670107d7, type=0x7) returned 0x4a0507fe
[0157.032] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.032] SaveDC (hdc=0x670107d7) returned 1
[0157.032] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa1040807
[0157.032] GetClipRgn (hdc=0x670107d7, hrgn=0xa1040807) returned 0
[0157.032] SelectClipRgn (hdc=0x670107d7, hrgn=0x250407de) returned 2
[0157.032] DeleteObject (ho=0xa1040807) returned 1
[0157.032] DeleteObject (ho=0x250407de) returned 1
[0157.032] OffsetViewportOrgEx (in: hdc=0x670107d7, x=0, y=0, lppt=0x2c825cc | out: lppt=0x2c825cc) returned 1
[0157.032] DrawThemeParentBackground () returned 0x0
[0157.033] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0157.033] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0157.033] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.033] GetSystemMetrics (nIndex=42) returned 0
[0157.033] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0157.033] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0157.033] GetCurrentObject (hdc=0x670107d7, type=0x1) returned 0xb00017
[0157.033] GetCurrentObject (hdc=0x670107d7, type=0x2) returned 0x900010
[0157.033] GetCurrentObject (hdc=0x670107d7, type=0x7) returned 0x4a0507fe
[0157.033] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.033] SaveDC (hdc=0x670107d7) returned 2
[0157.033] GetNearestColor (hdc=0x670107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.033] CreateSolidBrush (color=0xf0f0f0) returned 0x491007e1
[0157.034] FillRect (hDC=0x670107d7, lprc=0xd7da38, hbr=0x491007e1) returned 1
[0157.034] DeleteObject (ho=0x491007e1) returned 1
[0157.034] RestoreDC (hdc=0x670107d7, nSavedDC=-1) returned 1
[0157.034] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.034] GetSystemMetrics (nIndex=42) returned 0
[0157.034] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0157.034] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0157.034] GetCurrentObject (hdc=0x670107d7, type=0x1) returned 0xb00017
[0157.034] GetCurrentObject (hdc=0x670107d7, type=0x2) returned 0x900010
[0157.034] GetCurrentObject (hdc=0x670107d7, type=0x7) returned 0x4a0507fe
[0157.034] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.034] SaveDC (hdc=0x670107d7) returned 2
[0157.034] GetNearestColor (hdc=0x670107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.034] CreateSolidBrush (color=0xf0f0f0) returned 0x4a1007e1
[0157.034] FillRect (hDC=0x670107d7, lprc=0xd7d9d8, hbr=0x4a1007e1) returned 1
[0157.034] DeleteObject (ho=0x4a1007e1) returned 1
[0157.034] RestoreDC (hdc=0x670107d7, nSavedDC=-1) returned 1
[0157.035] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.035] GetSystemMetrics (nIndex=42) returned 0
[0157.035] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0157.035] RestoreDC (hdc=0x670107d7, nSavedDC=-1) returned 1
[0157.035] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d7) returned 0x0
[0157.035] IsAppThemed () returned 0x1
[0157.035] GetThemeAppProperties () returned 0x3
[0157.035] GetThemeAppProperties () returned 0x3
[0157.035] IsAppThemed () returned 0x1
[0157.035] GetThemeAppProperties () returned 0x3
[0157.035] GetThemeAppProperties () returned 0x3
[0157.035] IsThemePartDefined () returned 0x1
[0157.035] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0157.035] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0157.035] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0157.035] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.035] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7df74) returned 0x0
[0157.036] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eed00) returned 0x0
[0157.036] LocalFree (hMem=0x11eed00) returned 0x0
[0157.036] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee788) returned 0x0
[0157.036] LocalFree (hMem=0x11ee788) returned 0x0
[0157.036] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.036] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0157.036] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0157.036] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0157.036] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0157.036] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0157.036] GetCurrentObject (hdc=0x670107d7, type=0x1) returned 0xb00017
[0157.036] GetCurrentObject (hdc=0x670107d7, type=0x2) returned 0x900010
[0157.036] GetCurrentObject (hdc=0x670107d7, type=0x7) returned 0x4a0507fe
[0157.036] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.036] SaveDC (hdc=0x670107d7) returned 1
[0157.036] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x260407de
[0157.036] GetClipRgn (hdc=0x670107d7, hrgn=0x260407de) returned 0
[0157.036] SelectClipRgn (hdc=0x670107d7, hrgn=0xa3040807) returned 2
[0157.036] DeleteObject (ho=0x260407de) returned 1
[0157.036] DeleteObject (ho=0xa3040807) returned 1
[0157.037] OffsetViewportOrgEx (in: hdc=0x670107d7, x=0, y=0, lppt=0x2c82f50 | out: lppt=0x2c82f50) returned 1
[0157.037] IsAppThemed () returned 0x1
[0157.037] GetThemeAppProperties () returned 0x3
[0157.037] GetThemeAppProperties () returned 0x3
[0157.037] DrawThemeBackground () returned 0x0
[0157.037] RestoreDC (hdc=0x670107d7, nSavedDC=-1) returned 1
[0157.037] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d7) returned 0x0
[0157.037] GdipCreateRegion (region=0xd7df60) returned 0x0
[0157.037] GdipGetClip (graphics=0x6600030, region=0x66448f8) returned 0x0
[0157.037] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0157.037] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.037] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0157.037] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0157.037] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0157.037] LocalFree (hMem=0x11eecc8) returned 0x0
[0157.037] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0157.037] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0157.037] LocalFree (hMem=0x11ee788) returned 0x0
[0157.037] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.037] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0157.038] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0157.038] GdipGetRegionHRgn (region=0x66448f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0157.038] GdipDeleteRegion (region=0x66448f8) returned 0x0
[0157.038] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0157.038] GetCurrentObject (hdc=0x670107d7, type=0x1) returned 0xb00017
[0157.038] GetCurrentObject (hdc=0x670107d7, type=0x2) returned 0x900010
[0157.038] GetCurrentObject (hdc=0x670107d7, type=0x7) returned 0x4a0507fe
[0157.038] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.038] SaveDC (hdc=0x670107d7) returned 1
[0157.038] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa4040807
[0157.038] GetClipRgn (hdc=0x670107d7, hrgn=0xa4040807) returned 0
[0157.038] SelectClipRgn (hdc=0x670107d7, hrgn=0x270407de) returned 2
[0157.038] DeleteObject (ho=0xa4040807) returned 1
[0157.038] DeleteObject (ho=0x270407de) returned 1
[0157.038] OffsetViewportOrgEx (in: hdc=0x670107d7, x=0, y=0, lppt=0x2c83224 | out: lppt=0x2c83224) returned 1
[0157.038] IsAppThemed () returned 0x1
[0157.038] GetThemeAppProperties () returned 0x3
[0157.038] GetThemeAppProperties () returned 0x3
[0157.038] GetThemeBackgroundContentRect () returned 0x0
[0157.038] RestoreDC (hdc=0x670107d7, nSavedDC=-1) returned 1
[0157.039] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d7) returned 0x0
[0157.039] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0157.039] GdipGetClip (graphics=0x6600030, region=0x6644d78) returned 0x0
[0157.039] GdipCloneRegion (region=0x6644d78, cloneRegion=0xd7e150) returned 0x0
[0157.039] GdipCombineRegionRectI (region=0x6644e08, rect=0xd7e138, combineMode=0x1) returned 0x0
[0157.039] GdipCombineRegionRectI (region=0x6644e08, rect=0xd7e138, combineMode=0x1) returned 0x0
[0157.039] GdipSetClipRegion (graphics=0x6600030, region=0x6644e08, combineMode=0x0) returned 0x0
[0157.039] GdipGetImageWidth (image=0x66402c0, width=0xd7e154) returned 0x0
[0157.039] GdipGetImageHeight (image=0x66402c0, height=0xd7e148) returned 0x0
[0157.039] GdipDrawImageRectI (graphics=0x6600030, image=0x66402c0, x=4, y=4, width=16, height=16) returned 0x0
[0157.039] GdipSetClipRegion (graphics=0x6600030, region=0x6644d78, combineMode=0x0) returned 0x0
[0157.039] IsAppThemed () returned 0x1
[0157.039] GetThemeAppProperties () returned 0x3
[0157.039] GetThemeAppProperties () returned 0x3
[0157.039] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0157.039] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0157.039] GetCurrentObject (hdc=0x670107d7, type=0x1) returned 0xb00017
[0157.039] GetCurrentObject (hdc=0x670107d7, type=0x2) returned 0x900010
[0157.039] GetCurrentObject (hdc=0x670107d7, type=0x7) returned 0x4a0507fe
[0157.040] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.040] SaveDC (hdc=0x670107d7) returned 1
[0157.040] GetTextAlign (hdc=0x670107d7) returned 0x0
[0157.040] GetTextColor (hdc=0x670107d7) returned 0x0
[0157.040] GetCurrentObject (hdc=0x670107d7, type=0x6) returned 0x8a01c2
[0157.040] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0157.040] SelectObject (hdc=0x670107d7, h=0x6d0a0520) returned 0x8a01c2
[0157.040] GetBkMode (hdc=0x670107d7) returned 2
[0157.040] SetBkMode (hdc=0x670107d7, mode=1) returned 2
[0157.040] DrawTextExW (in: hdc=0x670107d7, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2c835e4 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0157.040] DrawTextExW (in: hdc=0x670107d7, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c835e4 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0157.041] RestoreDC (hdc=0x670107d7, nSavedDC=-1) returned 1
[0157.041] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d7) returned 0x0
[0157.041] GetFocus () returned 0x7013e
[0157.041] IsAppThemed () returned 0x1
[0157.041] GetThemeAppProperties () returned 0x3
[0157.041] GetThemeAppProperties () returned 0x3
[0157.041] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0157.041] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x670107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0157.041] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d7) returned 0x0
[0157.041] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.041] SelectObject (hdc=0x670107d7, h=0x85000f) returned 0x4a0507fe
[0157.041] DeleteDC (hdc=0x670107d7) returned 1
[0157.041] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0157.042] EndPaint (hWnd=0x7013e, lpPaint=0xd7e24c) returned 1
[0157.042] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.042] IsWindowUnicode (hWnd=0x602d2) returned 1
[0157.042] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.042] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.042] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.042] BeginPaint (in: hWnd=0x602d2, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0157.042] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.042] CreateCompatibleDC (hdc=0x60100ce) returned 0x690107d7
[0157.042] SelectObject (hdc=0x690107d7, h=0x4a0507fe) returned 0x85000f
[0157.042] GdipCreateFromHDC (hdc=0x690107d7, graphics=0xd7e268) returned 0x0
[0157.043] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0157.043] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0157.043] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0157.043] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.043] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e2c8) returned 0x0
[0157.043] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0157.043] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee868) returned 0x0
[0157.043] LocalFree (hMem=0x11ee868) returned 0x0
[0157.043] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.043] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0157.043] GdipGetClip (graphics=0x6600030, region=0x6644748) returned 0x0
[0157.043] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0157.043] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0157.043] GdipRestoreGraphics (graphics=0x6600030, state=0xfcf80dbd) returned 0x0
[0157.043] GdipDeleteRegion (region=0x6644748) returned 0x0
[0157.043] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0157.043] GetCurrentObject (hdc=0x690107d7, type=0x1) returned 0xb00017
[0157.043] GetCurrentObject (hdc=0x690107d7, type=0x2) returned 0x900010
[0157.043] GetCurrentObject (hdc=0x690107d7, type=0x7) returned 0x4a0507fe
[0157.043] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.044] SaveDC (hdc=0x690107d7) returned 1
[0157.044] GetNearestColor (hdc=0x690107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.056] GetNearestColor (hdc=0x690107d7, color=0xa0a0a0) returned 0xa0a0a0
[0157.056] GetNearestColor (hdc=0x690107d7, color=0x696969) returned 0x696969
[0157.056] GetNearestColor (hdc=0x690107d7, color=0xa0a0a0) returned 0xa0a0a0
[0157.056] GetNearestColor (hdc=0x690107d7, color=0x0) returned 0x0
[0157.056] GetNearestColor (hdc=0x690107d7, color=0xffffff) returned 0xffffff
[0157.056] GetNearestColor (hdc=0x690107d7, color=0xe5e5e5) returned 0xe5e5e5
[0157.056] GetNearestColor (hdc=0x690107d7, color=0xd7d7d7) returned 0xd7d7d7
[0157.056] GetNearestColor (hdc=0x690107d7, color=0x0) returned 0x0
[0157.057] RestoreDC (hdc=0x690107d7, nSavedDC=-1) returned 1
[0157.057] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d7) returned 0x0
[0157.057] IsAppThemed () returned 0x1
[0157.057] GetThemeAppProperties () returned 0x3
[0157.057] GetThemeAppProperties () returned 0x3
[0157.057] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0157.057] SendMessageW (hWnd=0x502dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0157.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0157.057] IsAppThemed () returned 0x1
[0157.057] GetThemeAppProperties () returned 0x3
[0157.057] GetThemeAppProperties () returned 0x3
[0157.057] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2c83df4 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0157.058] IsAppThemed () returned 0x1
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] IsAppThemed () returned 0x1
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] IsAppThemed () returned 0x1
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] IsAppThemed () returned 0x1
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] GetThemeAppProperties () returned 0x3
[0157.058] IsThemePartDefined () returned 0x1
[0157.058] IsAppThemed () returned 0x1
[0157.059] GetThemeAppProperties () returned 0x3
[0157.059] GetThemeAppProperties () returned 0x3
[0157.059] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0157.059] IsAppThemed () returned 0x1
[0157.059] GetThemeAppProperties () returned 0x3
[0157.059] GetThemeAppProperties () returned 0x3
[0157.059] IsAppThemed () returned 0x1
[0157.059] GetThemeAppProperties () returned 0x3
[0157.059] GetThemeAppProperties () returned 0x3
[0157.059] IsThemePartDefined () returned 0x1
[0157.059] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0157.059] GdipGetClip (graphics=0x6600030, region=0x6644088) returned 0x0
[0157.059] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0157.059] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.059] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dfe4) returned 0x0
[0157.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0157.065] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee868) returned 0x0
[0157.065] LocalFree (hMem=0x11ee868) returned 0x0
[0157.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0157.065] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee910) returned 0x0
[0157.065] LocalFree (hMem=0x11ee910) returned 0x0
[0157.065] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.065] GdipIsInfiniteRegion (region=0x6644088, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0157.066] GdipIsInfiniteRegion (region=0x6644088, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0157.066] GdipGetRegionHRgn (region=0x6644088, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0157.066] GdipDeleteRegion (region=0x6644088) returned 0x0
[0157.066] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0157.066] GetCurrentObject (hdc=0x690107d7, type=0x1) returned 0xb00017
[0157.066] GetCurrentObject (hdc=0x690107d7, type=0x2) returned 0x900010
[0157.066] GetCurrentObject (hdc=0x690107d7, type=0x7) returned 0x4a0507fe
[0157.066] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.066] SaveDC (hdc=0x690107d7) returned 1
[0157.066] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x280407de
[0157.066] GetClipRgn (hdc=0x690107d7, hrgn=0x280407de) returned 0
[0157.066] SelectClipRgn (hdc=0x690107d7, hrgn=0xa8040807) returned 2
[0157.066] DeleteObject (ho=0x280407de) returned 1
[0157.066] DeleteObject (ho=0xa8040807) returned 1
[0157.066] OffsetViewportOrgEx (in: hdc=0x690107d7, x=0, y=0, lppt=0x2c844a4 | out: lppt=0x2c844a4) returned 1
[0157.066] DrawThemeParentBackground () returned 0x0
[0157.067] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0157.067] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0157.067] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.067] GetSystemMetrics (nIndex=42) returned 0
[0157.067] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0157.067] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0157.067] GetCurrentObject (hdc=0x690107d7, type=0x1) returned 0xb00017
[0157.067] GetCurrentObject (hdc=0x690107d7, type=0x2) returned 0x900010
[0157.067] GetCurrentObject (hdc=0x690107d7, type=0x7) returned 0x4a0507fe
[0157.067] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.067] SaveDC (hdc=0x690107d7) returned 2
[0157.067] GetNearestColor (hdc=0x690107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.067] CreateSolidBrush (color=0xf0f0f0) returned 0x4b1007e1
[0157.067] FillRect (hDC=0x690107d7, lprc=0xd7da30, hbr=0x4b1007e1) returned 1
[0157.068] DeleteObject (ho=0x4b1007e1) returned 1
[0157.068] RestoreDC (hdc=0x690107d7, nSavedDC=-1) returned 1
[0157.068] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.068] GetSystemMetrics (nIndex=42) returned 0
[0157.068] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0157.068] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0157.068] GetCurrentObject (hdc=0x690107d7, type=0x1) returned 0xb00017
[0157.068] GetCurrentObject (hdc=0x690107d7, type=0x2) returned 0x900010
[0157.068] GetCurrentObject (hdc=0x690107d7, type=0x7) returned 0x4a0507fe
[0157.068] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.068] SaveDC (hdc=0x690107d7) returned 2
[0157.068] GetNearestColor (hdc=0x690107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.068] CreateSolidBrush (color=0xf0f0f0) returned 0x4c1007e1
[0157.068] FillRect (hDC=0x690107d7, lprc=0xd7d9d0, hbr=0x4c1007e1) returned 1
[0157.068] DeleteObject (ho=0x4c1007e1) returned 1
[0157.069] RestoreDC (hdc=0x690107d7, nSavedDC=-1) returned 1
[0157.069] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.069] GetSystemMetrics (nIndex=42) returned 0
[0157.069] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0157.069] RestoreDC (hdc=0x690107d7, nSavedDC=-1) returned 1
[0157.069] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d7) returned 0x0
[0157.069] IsAppThemed () returned 0x1
[0157.069] GetThemeAppProperties () returned 0x3
[0157.069] GetThemeAppProperties () returned 0x3
[0157.069] IsAppThemed () returned 0x1
[0157.069] GetThemeAppProperties () returned 0x3
[0157.069] GetThemeAppProperties () returned 0x3
[0157.069] IsThemePartDefined () returned 0x1
[0157.069] GdipCreateRegion (region=0xd7df50) returned 0x0
[0157.069] GdipGetClip (graphics=0x6600030, region=0x66441a8) returned 0x0
[0157.070] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0157.070] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.070] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7df68) returned 0x0
[0157.070] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.070] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0157.070] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.070] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0157.070] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eea98) returned 0x0
[0157.070] LocalFree (hMem=0x11eea98) returned 0x0
[0157.070] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.070] GdipIsInfiniteRegion (region=0x66441a8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0157.070] GdipIsInfiniteRegion (region=0x66441a8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0157.070] GdipGetRegionHRgn (region=0x66441a8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0157.070] GdipDeleteRegion (region=0x66441a8) returned 0x0
[0157.070] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0157.070] GetCurrentObject (hdc=0x690107d7, type=0x1) returned 0xb00017
[0157.070] GetCurrentObject (hdc=0x690107d7, type=0x2) returned 0x900010
[0157.070] GetCurrentObject (hdc=0x690107d7, type=0x7) returned 0x4a0507fe
[0157.070] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.070] SaveDC (hdc=0x690107d7) returned 1
[0157.071] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa9040807
[0157.071] GetClipRgn (hdc=0x690107d7, hrgn=0xa9040807) returned 0
[0157.071] SelectClipRgn (hdc=0x690107d7, hrgn=0x2a0407de) returned 2
[0157.071] DeleteObject (ho=0xa9040807) returned 1
[0157.071] DeleteObject (ho=0x2a0407de) returned 1
[0157.071] OffsetViewportOrgEx (in: hdc=0x690107d7, x=0, y=0, lppt=0x2c84e28 | out: lppt=0x2c84e28) returned 1
[0157.071] IsAppThemed () returned 0x1
[0157.071] GetThemeAppProperties () returned 0x3
[0157.071] GetThemeAppProperties () returned 0x3
[0157.071] DrawThemeBackground () returned 0x0
[0157.071] RestoreDC (hdc=0x690107d7, nSavedDC=-1) returned 1
[0157.071] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d7) returned 0x0
[0157.071] GdipCreateRegion (region=0xd7df54) returned 0x0
[0157.071] GdipGetClip (graphics=0x6600030, region=0x6644598) returned 0x0
[0157.071] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0157.071] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.071] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df6c) returned 0x0
[0157.072] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0157.072] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0157.072] LocalFree (hMem=0x11eecc8) returned 0x0
[0157.072] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0157.072] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eecc8) returned 0x0
[0157.072] LocalFree (hMem=0x11eecc8) returned 0x0
[0157.072] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.072] GdipIsInfiniteRegion (region=0x6644598, graphics=0x6600030, result=0xd7df94) returned 0x0
[0157.072] GdipIsInfiniteRegion (region=0x6644598, graphics=0x6600030, result=0xd7df84) returned 0x0
[0157.072] GdipGetRegionHRgn (region=0x6644598, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0157.072] GdipDeleteRegion (region=0x6644598) returned 0x0
[0157.072] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0157.072] GetCurrentObject (hdc=0x690107d7, type=0x1) returned 0xb00017
[0157.072] GetCurrentObject (hdc=0x690107d7, type=0x2) returned 0x900010
[0157.072] GetCurrentObject (hdc=0x690107d7, type=0x7) returned 0x4a0507fe
[0157.072] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.072] SaveDC (hdc=0x690107d7) returned 1
[0157.072] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b0407de
[0157.072] GetClipRgn (hdc=0x690107d7, hrgn=0x2b0407de) returned 0
[0157.072] SelectClipRgn (hdc=0x690107d7, hrgn=0xaa040807) returned 2
[0157.073] DeleteObject (ho=0x2b0407de) returned 1
[0157.073] DeleteObject (ho=0xaa040807) returned 1
[0157.073] OffsetViewportOrgEx (in: hdc=0x690107d7, x=0, y=0, lppt=0x2c850fc | out: lppt=0x2c850fc) returned 1
[0157.073] IsAppThemed () returned 0x1
[0157.073] GetThemeAppProperties () returned 0x3
[0157.073] GetThemeAppProperties () returned 0x3
[0157.073] GetThemeBackgroundContentRect () returned 0x0
[0157.073] RestoreDC (hdc=0x690107d7, nSavedDC=-1) returned 1
[0157.073] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d7) returned 0x0
[0157.073] IsAppThemed () returned 0x1
[0157.073] GetThemeAppProperties () returned 0x3
[0157.073] GetThemeAppProperties () returned 0x3
[0157.073] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0157.073] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0157.073] GetCurrentObject (hdc=0x690107d7, type=0x1) returned 0xb00017
[0157.073] GetCurrentObject (hdc=0x690107d7, type=0x2) returned 0x900010
[0157.073] GetCurrentObject (hdc=0x690107d7, type=0x7) returned 0x4a0507fe
[0157.073] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.073] SaveDC (hdc=0x690107d7) returned 1
[0157.073] GetTextAlign (hdc=0x690107d7) returned 0x0
[0157.073] GetTextColor (hdc=0x690107d7) returned 0x0
[0157.074] GetCurrentObject (hdc=0x690107d7, type=0x6) returned 0x8a01c2
[0157.074] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0157.074] SelectObject (hdc=0x690107d7, h=0x6d0a0520) returned 0x8a01c2
[0157.074] GetBkMode (hdc=0x690107d7) returned 2
[0157.074] SetBkMode (hdc=0x690107d7, mode=1) returned 2
[0157.074] DrawTextExW (in: hdc=0x690107d7, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2c8549c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0157.074] DrawTextExW (in: hdc=0x690107d7, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2c8549c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0157.074] RestoreDC (hdc=0x690107d7, nSavedDC=-1) returned 1
[0157.075] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d7) returned 0x0
[0157.075] GetFocus () returned 0x7013e
[0157.075] IsAppThemed () returned 0x1
[0157.075] GetThemeAppProperties () returned 0x3
[0157.075] GetThemeAppProperties () returned 0x3
[0157.075] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0157.075] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x690107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0157.113] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d7) returned 0x0
[0157.113] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.113] SelectObject (hdc=0x690107d7, h=0x85000f) returned 0x4a0507fe
[0157.113] DeleteDC (hdc=0x690107d7) returned 1
[0157.113] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0157.113] EndPaint (hWnd=0x602d2, lpPaint=0xd7e24c) returned 1
[0157.113] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0157.114] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.114] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0157.114] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.115] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.115] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0157.116] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.116] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.116] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.116] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.116] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.117] IsWindowUnicode (hWnd=0x702d8) returned 1
[0157.117] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.117] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.117] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.117] BeginPaint (in: hWnd=0x702d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0157.117] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.117] CreateCompatibleDC (hdc=0x10105d6) returned 0x6b0107d7
[0157.117] SelectObject (hdc=0x6b0107d7, h=0x4a0507fe) returned 0x85000f
[0157.117] GdipCreateFromHDC (hdc=0x6b0107d7, graphics=0xd7e268) returned 0x0
[0157.118] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0157.118] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0157.118] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0157.118] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.118] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e2c8) returned 0x0
[0157.118] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eec58) returned 0x0
[0157.118] LocalFree (hMem=0x11eec58) returned 0x0
[0157.118] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.118] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0157.118] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0157.118] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0157.118] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0157.118] GdipRestoreGraphics (graphics=0x6600030, state=0xfcf60dbd) returned 0x0
[0157.118] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0157.118] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0157.118] GetCurrentObject (hdc=0x6b0107d7, type=0x1) returned 0xb00017
[0157.118] GetCurrentObject (hdc=0x6b0107d7, type=0x2) returned 0x900010
[0157.118] GetCurrentObject (hdc=0x6b0107d7, type=0x7) returned 0x4a0507fe
[0157.118] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.119] SaveDC (hdc=0x6b0107d7) returned 1
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0xa0a0a0) returned 0xa0a0a0
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0x696969) returned 0x696969
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0xa0a0a0) returned 0xa0a0a0
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0x0) returned 0x0
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0xffffff) returned 0xffffff
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0xe5e5e5) returned 0xe5e5e5
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0xd7d7d7) returned 0xd7d7d7
[0157.119] GetNearestColor (hdc=0x6b0107d7, color=0x0) returned 0x0
[0157.119] RestoreDC (hdc=0x6b0107d7, nSavedDC=-1) returned 1
[0157.119] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d7) returned 0x0
[0157.119] IsAppThemed () returned 0x1
[0157.119] GetThemeAppProperties () returned 0x3
[0157.119] GetThemeAppProperties () returned 0x3
[0157.119] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0157.119] SendMessageW (hWnd=0x502dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0157.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0157.120] IsAppThemed () returned 0x1
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2c85cac | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0157.120] IsAppThemed () returned 0x1
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] IsAppThemed () returned 0x1
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] GetFocus () returned 0x7013e
[0157.120] IsAppThemed () returned 0x1
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] GetThemeAppProperties () returned 0x3
[0157.120] IsAppThemed () returned 0x1
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] IsThemePartDefined () returned 0x1
[0157.121] IsAppThemed () returned 0x1
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0157.121] IsAppThemed () returned 0x1
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] IsAppThemed () returned 0x1
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] GetThemeAppProperties () returned 0x3
[0157.121] IsThemePartDefined () returned 0x1
[0157.121] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0157.121] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0157.121] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0157.121] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.121] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0157.121] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee910) returned 0x0
[0157.121] LocalFree (hMem=0x11ee910) returned 0x0
[0157.121] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0157.121] LocalFree (hMem=0x11eec58) returned 0x0
[0157.122] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.122] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e018) returned 0x0
[0157.122] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e008) returned 0x0
[0157.122] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0157.122] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0157.122] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0157.122] GetCurrentObject (hdc=0x6b0107d7, type=0x1) returned 0xb00017
[0157.122] GetCurrentObject (hdc=0x6b0107d7, type=0x2) returned 0x900010
[0157.122] GetCurrentObject (hdc=0x6b0107d7, type=0x7) returned 0x4a0507fe
[0157.122] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.122] SaveDC (hdc=0x6b0107d7) returned 1
[0157.122] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab040807
[0157.122] GetClipRgn (hdc=0x6b0107d7, hrgn=0xab040807) returned 0
[0157.122] SelectClipRgn (hdc=0x6b0107d7, hrgn=0x2f0407de) returned 2
[0157.123] DeleteObject (ho=0xab040807) returned 1
[0157.123] DeleteObject (ho=0x2f0407de) returned 1
[0157.123] OffsetViewportOrgEx (in: hdc=0x6b0107d7, x=0, y=0, lppt=0x2c8635c | out: lppt=0x2c8635c) returned 1
[0157.123] DrawThemeParentBackground () returned 0x0
[0157.123] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0157.123] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0157.123] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.123] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.123] GetSystemMetrics (nIndex=42) returned 0
[0157.123] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.123] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0157.123] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0157.123] GetCurrentObject (hdc=0x6b0107d7, type=0x1) returned 0xb00017
[0157.123] GetCurrentObject (hdc=0x6b0107d7, type=0x2) returned 0x900010
[0157.123] GetCurrentObject (hdc=0x6b0107d7, type=0x7) returned 0x4a0507fe
[0157.123] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.123] SaveDC (hdc=0x6b0107d7) returned 2
[0157.124] GetNearestColor (hdc=0x6b0107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.124] CreateSolidBrush (color=0xf0f0f0) returned 0x4d1007e1
[0157.124] FillRect (hDC=0x6b0107d7, lprc=0xd7da38, hbr=0x4d1007e1) returned 1
[0157.124] DeleteObject (ho=0x4d1007e1) returned 1
[0157.124] RestoreDC (hdc=0x6b0107d7, nSavedDC=-1) returned 1
[0157.124] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.124] GetSystemMetrics (nIndex=42) returned 0
[0157.124] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0157.124] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0157.124] GetCurrentObject (hdc=0x6b0107d7, type=0x1) returned 0xb00017
[0157.124] GetCurrentObject (hdc=0x6b0107d7, type=0x2) returned 0x900010
[0157.124] GetCurrentObject (hdc=0x6b0107d7, type=0x7) returned 0x4a0507fe
[0157.124] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.124] SaveDC (hdc=0x6b0107d7) returned 2
[0157.124] GetNearestColor (hdc=0x6b0107d7, color=0xf0f0f0) returned 0xf0f0f0
[0157.124] CreateSolidBrush (color=0xf0f0f0) returned 0x4e1007e1
[0157.125] FillRect (hDC=0x6b0107d7, lprc=0xd7d9d8, hbr=0x4e1007e1) returned 1
[0157.125] DeleteObject (ho=0x4e1007e1) returned 1
[0157.125] RestoreDC (hdc=0x6b0107d7, nSavedDC=-1) returned 1
[0157.125] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.125] GetSystemMetrics (nIndex=42) returned 0
[0157.125] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0157.125] RestoreDC (hdc=0x6b0107d7, nSavedDC=-1) returned 1
[0157.125] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d7) returned 0x0
[0157.125] IsAppThemed () returned 0x1
[0157.125] GetThemeAppProperties () returned 0x3
[0157.125] GetThemeAppProperties () returned 0x3
[0157.125] IsAppThemed () returned 0x1
[0157.125] GetThemeAppProperties () returned 0x3
[0157.125] GetThemeAppProperties () returned 0x3
[0157.125] IsThemePartDefined () returned 0x1
[0157.126] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0157.126] GdipGetClip (graphics=0x6600030, region=0x6644ce8) returned 0x0
[0157.126] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0157.126] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.126] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7df74) returned 0x0
[0157.126] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0157.126] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee788) returned 0x0
[0157.126] LocalFree (hMem=0x11ee788) returned 0x0
[0157.126] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0157.126] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eead0) returned 0x0
[0157.126] LocalFree (hMem=0x11eead0) returned 0x0
[0157.126] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.126] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0157.126] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0157.126] GdipGetRegionHRgn (region=0x6644ce8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0157.126] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0157.126] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0157.126] GetCurrentObject (hdc=0x6b0107d7, type=0x1) returned 0xb00017
[0157.126] GetCurrentObject (hdc=0x6b0107d7, type=0x2) returned 0x900010
[0157.126] GetCurrentObject (hdc=0x6b0107d7, type=0x7) returned 0x4a0507fe
[0157.127] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.127] SaveDC (hdc=0x6b0107d7) returned 1
[0157.127] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x300407de
[0157.127] GetClipRgn (hdc=0x6b0107d7, hrgn=0x300407de) returned 0
[0157.127] SelectClipRgn (hdc=0x6b0107d7, hrgn=0xad040807) returned 2
[0157.127] DeleteObject (ho=0x300407de) returned 1
[0157.127] DeleteObject (ho=0xad040807) returned 1
[0157.127] OffsetViewportOrgEx (in: hdc=0x6b0107d7, x=0, y=0, lppt=0x2c86ce0 | out: lppt=0x2c86ce0) returned 1
[0157.127] IsAppThemed () returned 0x1
[0157.127] GetThemeAppProperties () returned 0x3
[0157.127] GetThemeAppProperties () returned 0x3
[0157.127] DrawThemeBackground () returned 0x0
[0157.127] RestoreDC (hdc=0x6b0107d7, nSavedDC=-1) returned 1
[0157.128] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d7) returned 0x0
[0157.128] GdipCreateRegion (region=0xd7df60) returned 0x0
[0157.128] GdipGetClip (graphics=0x6600030, region=0x6644bc8) returned 0x0
[0157.128] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0157.128] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.128] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0157.128] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0157.128] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0157.128] LocalFree (hMem=0x11ee788) returned 0x0
[0157.128] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.128] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0157.128] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.128] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.128] GdipIsInfiniteRegion (region=0x6644bc8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0157.128] GdipIsInfiniteRegion (region=0x6644bc8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0157.128] GdipGetRegionHRgn (region=0x6644bc8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0157.128] GdipDeleteRegion (region=0x6644bc8) returned 0x0
[0157.129] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0157.129] GetCurrentObject (hdc=0x6b0107d7, type=0x1) returned 0xb00017
[0157.129] GetCurrentObject (hdc=0x6b0107d7, type=0x2) returned 0x900010
[0157.129] GetCurrentObject (hdc=0x6b0107d7, type=0x7) returned 0x4a0507fe
[0157.129] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.129] SaveDC (hdc=0x6b0107d7) returned 1
[0157.129] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xae040807
[0157.129] GetClipRgn (hdc=0x6b0107d7, hrgn=0xae040807) returned 0
[0157.129] SelectClipRgn (hdc=0x6b0107d7, hrgn=0x310407de) returned 2
[0157.129] DeleteObject (ho=0xae040807) returned 1
[0157.129] DeleteObject (ho=0x310407de) returned 1
[0157.129] OffsetViewportOrgEx (in: hdc=0x6b0107d7, x=0, y=0, lppt=0x2c86fb4 | out: lppt=0x2c86fb4) returned 1
[0157.129] IsAppThemed () returned 0x1
[0157.129] GetThemeAppProperties () returned 0x3
[0157.129] GetThemeAppProperties () returned 0x3
[0157.129] GetThemeBackgroundContentRect () returned 0x0
[0157.130] RestoreDC (hdc=0x6b0107d7, nSavedDC=-1) returned 1
[0157.130] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d7) returned 0x0
[0157.130] IsAppThemed () returned 0x1
[0157.130] GetThemeAppProperties () returned 0x3
[0157.130] GetThemeAppProperties () returned 0x3
[0157.130] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0157.130] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0157.130] GetCurrentObject (hdc=0x6b0107d7, type=0x1) returned 0xb00017
[0157.130] GetCurrentObject (hdc=0x6b0107d7, type=0x2) returned 0x900010
[0157.130] GetCurrentObject (hdc=0x6b0107d7, type=0x7) returned 0x4a0507fe
[0157.130] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.130] SaveDC (hdc=0x6b0107d7) returned 1
[0157.130] GetTextAlign (hdc=0x6b0107d7) returned 0x0
[0157.130] GetTextColor (hdc=0x6b0107d7) returned 0x0
[0157.130] GetCurrentObject (hdc=0x6b0107d7, type=0x6) returned 0x8a01c2
[0157.131] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0157.131] SelectObject (hdc=0x6b0107d7, h=0x6d0a0520) returned 0x8a01c2
[0157.131] GetBkMode (hdc=0x6b0107d7) returned 2
[0157.131] SetBkMode (hdc=0x6b0107d7, mode=1) returned 2
[0157.131] DrawTextExW (in: hdc=0x6b0107d7, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2c87354 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0157.131] DrawTextExW (in: hdc=0x6b0107d7, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c87354 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0157.132] RestoreDC (hdc=0x6b0107d7, nSavedDC=-1) returned 1
[0157.132] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d7) returned 0x0
[0157.132] GetFocus () returned 0x7013e
[0157.132] IsAppThemed () returned 0x1
[0157.132] GetThemeAppProperties () returned 0x3
[0157.132] GetThemeAppProperties () returned 0x3
[0157.132] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0157.132] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x6b0107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0157.132] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d7) returned 0x0
[0157.132] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.132] SelectObject (hdc=0x6b0107d7, h=0x85000f) returned 0x4a0507fe
[0157.133] DeleteDC (hdc=0x6b0107d7) returned 1
[0157.133] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0157.133] EndPaint (hWnd=0x702d8, lpPaint=0xd7e24c) returned 1
[0157.133] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.133] IsWindowUnicode (hWnd=0x602c4) returned 1
[0157.133] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.133] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.133] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.133] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0157.134] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.134] CreateCompatibleDC (hdc=0xc0107c5) returned 0x6d0107d7
[0157.134] SelectObject (hdc=0x6d0107d7, h=0x4a0507fe) returned 0x85000f
[0157.134] GdipCreateFromHDC (hdc=0x6d0107d7, graphics=0xd7e268) returned 0x0
[0157.134] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0157.134] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0157.134] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0157.134] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.134] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e2c8) returned 0x0
[0157.134] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.134] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0157.134] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.135] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.135] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0157.135] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0157.135] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0157.135] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0157.135] GdipRestoreGraphics (graphics=0x6600030, state=0xfcf40dbd) returned 0x0
[0157.135] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0157.135] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0157.135] GetCurrentObject (hdc=0x6d0107d7, type=0x1) returned 0xb00017
[0157.135] GetCurrentObject (hdc=0x6d0107d7, type=0x2) returned 0x900010
[0157.135] GetCurrentObject (hdc=0x6d0107d7, type=0x7) returned 0x4a0507fe
[0157.135] GetCurrentObject (hdc=0x6d0107d7, type=0x6) returned 0x8a01c2
[0157.135] SaveDC (hdc=0x6d0107d7) returned 1
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0xff) returned 0xff
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0x55) returned 0x55
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0x0) returned 0x0
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0x55) returned 0x55
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0x0) returned 0x0
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0x8080ff) returned 0x8080ff
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0x7373e5) returned 0x7373e5
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0xe5) returned 0xe5
[0157.136] GetNearestColor (hdc=0x6d0107d7, color=0x0) returned 0x0
[0157.136] RestoreDC (hdc=0x6d0107d7, nSavedDC=-1) returned 1
[0157.136] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0107d7) returned 0x0
[0157.136] IsAppThemed () returned 0x1
[0157.137] GetThemeAppProperties () returned 0x3
[0157.137] GetThemeAppProperties () returned 0x3
[0157.137] IsAppThemed () returned 0x1
[0157.137] GetThemeAppProperties () returned 0x3
[0157.137] GetThemeAppProperties () returned 0x3
[0157.137] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2c87b1c | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0157.137] IsAppThemed () returned 0x1
[0157.137] GetThemeAppProperties () returned 0x3
[0157.137] GetThemeAppProperties () returned 0x3
[0157.137] IsAppThemed () returned 0x1
[0157.143] GetThemeAppProperties () returned 0x3
[0157.143] GetThemeAppProperties () returned 0x3
[0157.143] GetFocus () returned 0x7013e
[0157.143] IsAppThemed () returned 0x1
[0157.143] GetThemeAppProperties () returned 0x3
[0157.143] GetThemeAppProperties () returned 0x3
[0157.143] IsAppThemed () returned 0x1
[0157.143] GetThemeAppProperties () returned 0x3
[0157.143] GetThemeAppProperties () returned 0x3
[0157.143] IsThemePartDefined () returned 0x1
[0157.143] IsAppThemed () returned 0x1
[0157.144] GetThemeAppProperties () returned 0x3
[0157.144] GetThemeAppProperties () returned 0x3
[0157.144] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0157.144] IsAppThemed () returned 0x1
[0157.144] GetThemeAppProperties () returned 0x3
[0157.144] GetThemeAppProperties () returned 0x3
[0157.144] IsAppThemed () returned 0x1
[0157.144] GetThemeAppProperties () returned 0x3
[0157.144] GetThemeAppProperties () returned 0x3
[0157.144] IsThemePartDefined () returned 0x1
[0157.144] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0157.144] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0157.144] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0157.144] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.144] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dff0) returned 0x0
[0157.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0157.144] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0157.144] LocalFree (hMem=0x11ee788) returned 0x0
[0157.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0157.144] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0157.145] LocalFree (hMem=0x11ee788) returned 0x0
[0157.145] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.145] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0157.145] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0157.145] GdipGetRegionHRgn (region=0x66447d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0157.145] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0157.145] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0157.145] GetCurrentObject (hdc=0x6d0107d7, type=0x1) returned 0xb00017
[0157.145] GetCurrentObject (hdc=0x6d0107d7, type=0x2) returned 0x900010
[0157.145] GetCurrentObject (hdc=0x6d0107d7, type=0x7) returned 0x4a0507fe
[0157.145] GetCurrentObject (hdc=0x6d0107d7, type=0x6) returned 0x8a01c2
[0157.145] SaveDC (hdc=0x6d0107d7) returned 1
[0157.145] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x320407de
[0157.145] GetClipRgn (hdc=0x6d0107d7, hrgn=0x320407de) returned 0
[0157.145] SelectClipRgn (hdc=0x6d0107d7, hrgn=0xb2040807) returned 2
[0157.145] DeleteObject (ho=0x320407de) returned 1
[0157.145] DeleteObject (ho=0xb2040807) returned 1
[0157.146] OffsetViewportOrgEx (in: hdc=0x6d0107d7, x=0, y=0, lppt=0x2c881cc | out: lppt=0x2c881cc) returned 1
[0157.146] DrawThemeParentBackground () returned 0x0
[0157.146] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0157.146] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0157.146] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0157.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0157.146] GetSystemMetrics (nIndex=42) returned 0
[0157.146] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0157.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0157.146] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0157.146] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0157.146] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0157.146] SelectPalette (hdc=0x6d0107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.147] GdipCreateFromHDC (hdc=0x6d0107d7, graphics=0xd7dac8) returned 0x0
[0157.147] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0157.147] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0157.147] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x661c480) returned 0x0
[0157.147] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7daa0) returned 0x0
[0157.147] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.147] GdipCreateRegion (region=0xd7da88) returned 0x0
[0157.147] GdipGetClip (graphics=0x66372d8, region=0x6644868) returned 0x0
[0157.147] GdipIsInfiniteRegion (region=0x6644868, graphics=0x66372d8, result=0xd7da94) returned 0x0
[0157.147] GdipDeleteRegion (region=0x6644868) returned 0x0
[0157.147] GdipSaveGraphics (graphics=0x66372d8, state=0xd7dac0) returned 0x0
[0157.147] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0157.157] GdipFillRectangleI (graphics=0x66372d8, brush=0x6639a00, x=0, y=0, width=801, height=453) returned 0x0
[0157.157] GdipDeleteBrush (brush=0x6639a00) returned 0x0
[0157.158] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0157.158] SelectPalette (hdc=0x6d0107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.158] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0157.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0157.159] GetSystemMetrics (nIndex=42) returned 0
[0157.159] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0157.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0157.159] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0157.159] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0157.159] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0157.159] SelectPalette (hdc=0x6d0107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.159] GdipCreateFromHDC (hdc=0x6d0107d7, graphics=0xd7da68) returned 0x0
[0157.159] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0157.159] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0157.159] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x66046e0) returned 0x0
[0157.159] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7da40) returned 0x0
[0157.159] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.159] GdipCreateRegion (region=0xd7da28) returned 0x0
[0157.159] GdipGetClip (graphics=0x66372d8, region=0x6644238) returned 0x0
[0157.159] GdipIsInfiniteRegion (region=0x6644238, graphics=0x66372d8, result=0xd7da34) returned 0x0
[0157.159] GdipDeleteRegion (region=0x6644238) returned 0x0
[0157.160] GdipSaveGraphics (graphics=0x66372d8, state=0xd7da60) returned 0x0
[0157.160] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0157.168] GdipFillRectangleI (graphics=0x66372d8, brush=0x6639178, x=0, y=0, width=801, height=453) returned 0x0
[0157.169] GdipDeleteBrush (brush=0x6639178) returned 0x0
[0157.174] GdipRestoreGraphics (graphics=0x66372d8, state=0xfcf00dbd) returned 0x0
[0157.174] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0157.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0157.174] GetSystemMetrics (nIndex=42) returned 0
[0157.174] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0157.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0157.174] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0157.174] SelectPalette (hdc=0x6d0107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.174] RestoreDC (hdc=0x6d0107d7, nSavedDC=-1) returned 1
[0157.174] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0107d7) returned 0x0
[0157.175] IsAppThemed () returned 0x1
[0157.175] GetThemeAppProperties () returned 0x3
[0157.175] GetThemeAppProperties () returned 0x3
[0157.175] IsAppThemed () returned 0x1
[0157.175] GetThemeAppProperties () returned 0x3
[0157.175] GetThemeAppProperties () returned 0x3
[0157.175] IsThemePartDefined () returned 0x1
[0157.175] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0157.175] GdipGetClip (graphics=0x6600030, region=0x6644988) returned 0x0
[0157.175] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0157.175] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.175] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7df74) returned 0x0
[0157.175] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0157.175] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eec58) returned 0x0
[0157.175] LocalFree (hMem=0x11eec58) returned 0x0
[0157.175] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.175] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0157.175] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.175] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.175] GdipIsInfiniteRegion (region=0x6644988, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0157.175] GdipIsInfiniteRegion (region=0x6644988, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0157.175] GdipGetRegionHRgn (region=0x6644988, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0157.176] GdipDeleteRegion (region=0x6644988) returned 0x0
[0157.176] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0157.176] GetCurrentObject (hdc=0x6d0107d7, type=0x1) returned 0xb00017
[0157.176] GetCurrentObject (hdc=0x6d0107d7, type=0x2) returned 0x900010
[0157.176] GetCurrentObject (hdc=0x6d0107d7, type=0x7) returned 0x4a0507fe
[0157.176] GetCurrentObject (hdc=0x6d0107d7, type=0x6) returned 0x8a01c2
[0157.176] SaveDC (hdc=0x6d0107d7) returned 1
[0157.176] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb3040807
[0157.176] GetClipRgn (hdc=0x6d0107d7, hrgn=0xb3040807) returned 0
[0157.176] SelectClipRgn (hdc=0x6d0107d7, hrgn=0x340407de) returned 2
[0157.176] DeleteObject (ho=0xb3040807) returned 1
[0157.176] DeleteObject (ho=0x340407de) returned 1
[0157.176] OffsetViewportOrgEx (in: hdc=0x6d0107d7, x=0, y=0, lppt=0x2c8ea1c | out: lppt=0x2c8ea1c) returned 1
[0157.176] IsAppThemed () returned 0x1
[0157.177] GetThemeAppProperties () returned 0x3
[0157.177] GetThemeAppProperties () returned 0x3
[0157.177] DrawThemeBackground () returned 0x0
[0157.177] RestoreDC (hdc=0x6d0107d7, nSavedDC=-1) returned 1
[0157.177] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0107d7) returned 0x0
[0157.177] GdipCreateRegion (region=0xd7df60) returned 0x0
[0157.177] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0157.177] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0157.177] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.177] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df78) returned 0x0
[0157.177] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0157.178] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.178] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0157.178] LocalFree (hMem=0x11eec58) returned 0x0
[0157.178] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.178] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0157.178] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0157.178] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0157.178] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0157.178] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0157.178] GetCurrentObject (hdc=0x6d0107d7, type=0x1) returned 0xb00017
[0157.178] GetCurrentObject (hdc=0x6d0107d7, type=0x2) returned 0x900010
[0157.178] GetCurrentObject (hdc=0x6d0107d7, type=0x7) returned 0x4a0507fe
[0157.178] GetCurrentObject (hdc=0x6d0107d7, type=0x6) returned 0x8a01c2
[0157.178] SaveDC (hdc=0x6d0107d7) returned 1
[0157.178] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x350407de
[0157.178] GetClipRgn (hdc=0x6d0107d7, hrgn=0x350407de) returned 0
[0157.178] SelectClipRgn (hdc=0x6d0107d7, hrgn=0xb4040807) returned 2
[0157.178] DeleteObject (ho=0x350407de) returned 1
[0157.178] DeleteObject (ho=0xb4040807) returned 1
[0157.178] OffsetViewportOrgEx (in: hdc=0x6d0107d7, x=0, y=0, lppt=0x2c8ecf0 | out: lppt=0x2c8ecf0) returned 1
[0157.178] IsAppThemed () returned 0x1
[0157.178] GetThemeAppProperties () returned 0x3
[0157.179] GetThemeAppProperties () returned 0x3
[0157.179] GetThemeBackgroundContentRect () returned 0x0
[0157.179] RestoreDC (hdc=0x6d0107d7, nSavedDC=-1) returned 1
[0157.179] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0107d7) returned 0x0
[0157.179] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0157.179] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0157.179] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0157.179] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0157.179] IsAppThemed () returned 0x1
[0157.179] GetThemeAppProperties () returned 0x3
[0157.179] GetThemeAppProperties () returned 0x3
[0157.179] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0157.179] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0157.179] GetCurrentObject (hdc=0x6d0107d7, type=0x1) returned 0xb00017
[0157.179] GetCurrentObject (hdc=0x6d0107d7, type=0x2) returned 0x900010
[0157.179] GetCurrentObject (hdc=0x6d0107d7, type=0x7) returned 0x4a0507fe
[0157.179] GetCurrentObject (hdc=0x6d0107d7, type=0x6) returned 0x8a01c2
[0157.179] SaveDC (hdc=0x6d0107d7) returned 1
[0157.179] GetTextAlign (hdc=0x6d0107d7) returned 0x0
[0157.179] GetTextColor (hdc=0x6d0107d7) returned 0x0
[0157.179] GetCurrentObject (hdc=0x6d0107d7, type=0x6) returned 0x8a01c2
[0157.180] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0157.180] SelectObject (hdc=0x6d0107d7, h=0x6d0a0520) returned 0x8a01c2
[0157.180] GetBkMode (hdc=0x6d0107d7) returned 2
[0157.180] SetBkMode (hdc=0x6d0107d7, mode=1) returned 2
[0157.181] DrawTextExW (in: hdc=0x6d0107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2c8f0b4 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0157.181] DrawTextExW (in: hdc=0x6d0107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c8f0b4 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0157.181] RestoreDC (hdc=0x6d0107d7, nSavedDC=-1) returned 1
[0157.181] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0107d7) returned 0x0
[0157.181] GetFocus () returned 0x7013e
[0157.181] IsAppThemed () returned 0x1
[0157.181] GetThemeAppProperties () returned 0x3
[0157.181] GetThemeAppProperties () returned 0x3
[0157.181] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0157.181] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x6d0107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0157.182] GdipReleaseDC (graphics=0x6600030, hdc=0x6d0107d7) returned 0x0
[0157.182] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.182] SelectObject (hdc=0x6d0107d7, h=0x85000f) returned 0x4a0507fe
[0157.182] DeleteDC (hdc=0x6d0107d7) returned 1
[0157.182] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0157.182] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0157.182] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.182] IsWindowUnicode (hWnd=0x602d2) returned 1
[0157.182] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.182] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.182] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.183] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.183] IsWindowUnicode (hWnd=0x602d2) returned 1
[0157.183] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.183] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.183] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.183] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x2a1, wParam=0x0, lParam=0xb002b) returned 0x0
[0157.183] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0157.183] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0157.183] WaitMessage () returned 1
[0157.302] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.303] IsWindowUnicode (hWnd=0x602d2) returned 1
[0157.303] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.303] GetDlgItem (hDlg=0x502dc, nIDDlgItem=0) returned 0x0
[0157.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x210, wParam=0x201, lParam=0x69010c) returned 0x0
[0157.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x21, wParam=0x502dc, lParam=0x2010001) returned 0x1
[0157.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x21, wParam=0x502dc, lParam=0x2010001) returned 0x1
[0157.303] SetCursor (hCursor=0x10003) returned 0x10003
[0157.303] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.304] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.304] GetKeyState (nVirtKey=1) returned -127
[0157.304] GetKeyState (nVirtKey=2) returned 0
[0157.304] GetKeyState (nVirtKey=4) returned 0
[0157.304] GetKeyState (nVirtKey=5) returned 0
[0157.304] GetKeyState (nVirtKey=6) returned 0
[0157.304] IsWindowVisible (hWnd=0x602d2) returned 1
[0157.304] IsWindowEnabled (hWnd=0x602d2) returned 1
[0157.304] SetFocus (hWnd=0x602d2) returned 0x7013e
[0157.304] GetFocus () returned 0x602d2
[0157.304] IsChild (hWndParent=0x502dc, hWnd=0x602d2) returned 1
[0157.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x8, wParam=0x602d2, lParam=0x0) returned 0x0
[0157.304] GetCapture () returned 0x0
[0157.304] InvalidateRect (hWnd=0x7013e, lpRect=0x0, bErase=0) returned 1
[0157.305] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0157.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0157.309] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0157.313] InvalidateRect (hWnd=0x7013e, lpRect=0x0, bErase=0) returned 1
[0157.313] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0157.313] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x7, wParam=0x7013e, lParam=0x0) returned 0x0
[0157.314] GetStockObject (i=5) returned 0x900015
[0157.314] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0157.314] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0157.314] GetDlgItem (hDlg=0x502dc, nIDDlgItem=393938) returned 0x602d2
[0157.314] SendMessageW (hWnd=0x602d2, Msg=0x202b, wParam=0x602d2, lParam=0xd7dddc) returned 0x0
[0157.314] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x202b, wParam=0x602d2, lParam=0xd7dddc) returned 0x0
[0157.314] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0157.315] GetFocus () returned 0x602d2
[0157.315] GetFocus () returned 0x602d2
[0157.315] GetFocus () returned 0x602d2
[0157.316] GetKeyState (nVirtKey=1) returned -127
[0157.316] GetKeyState (nVirtKey=2) returned 0
[0157.316] GetKeyState (nVirtKey=4) returned 0
[0157.316] GetKeyState (nVirtKey=5) returned 0
[0157.316] GetKeyState (nVirtKey=6) returned 0
[0157.316] GetCapture () returned 0x0
[0157.316] SetCapture (hWnd=0x602d2) returned 0x0
[0157.316] GetKeyState (nVirtKey=1) returned -127
[0157.316] GetKeyState (nVirtKey=2) returned 0
[0157.316] GetKeyState (nVirtKey=4) returned 0
[0157.316] GetKeyState (nVirtKey=5) returned 0
[0157.316] GetKeyState (nVirtKey=6) returned 0
[0157.316] NotifyWinEvent (event=0x800a, hwnd=0x602d2, idObject=-4, idChild=0)
[0157.316] InvalidateRect (hWnd=0x602d2, lpRect=0xd7e430, bErase=0) returned 1
[0157.316] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.316] IsWindowUnicode (hWnd=0x602d2) returned 1
[0157.316] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.316] TranslateMessage (lpMsg=0xd7e808) returned 0
[0157.316] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0157.316] MapWindowPoints (in: hWndFrom=0x602d2, hWndTo=0x0, lpPoints=0x2c8f2c8, cPoints=0x1 | out: lpPoints=0x2c8f2c8) returned 30999254
[0157.316] NotifyWinEvent (event=0x800a, hwnd=0x602d2, idObject=-4, idChild=0)
[0157.316] InvalidateRect (hWnd=0x602d2, lpRect=0xd7e3d0, bErase=0) returned 1
[0157.317] UpdateWindow (hWnd=0x602d2) returned 1
[0157.317] BeginPaint (in: hWnd=0x602d2, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0157.317] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.317] CreateCompatibleDC (hdc=0x60100ce) returned 0xa20105d8
[0157.317] SelectObject (hdc=0xa20105d8, h=0x4a0507fe) returned 0x85000f
[0157.317] GdipCreateFromHDC (hdc=0xa20105d8, graphics=0xd7df00) returned 0x0
[0157.317] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0157.317] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0157.317] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0157.317] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.317] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7df60) returned 0x0
[0157.318] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0157.318] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eecc8) returned 0x0
[0157.318] LocalFree (hMem=0x11eecc8) returned 0x0
[0157.318] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.318] GdipCreateRegion (region=0xd7df48) returned 0x0
[0157.318] GdipGetClip (graphics=0x6600030, region=0x6644868) returned 0x0
[0157.318] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7df54) returned 0x0
[0157.318] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0157.318] GdipRestoreGraphics (graphics=0x6600030, state=0xfcee0dbd) returned 0x0
[0157.318] GdipDeleteRegion (region=0x6644868) returned 0x0
[0157.318] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0157.318] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0157.318] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0157.318] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0157.318] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.318] SaveDC (hdc=0xa20105d8) returned 1
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0xf0f0f0) returned 0xf0f0f0
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0xa0a0a0) returned 0xa0a0a0
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0x696969) returned 0x696969
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0xa0a0a0) returned 0xa0a0a0
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0x0) returned 0x0
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0xffffff) returned 0xffffff
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0xe5e5e5) returned 0xe5e5e5
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0xd7d7d7) returned 0xd7d7d7
[0157.319] GetNearestColor (hdc=0xa20105d8, color=0x0) returned 0x0
[0157.319] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0157.319] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0157.319] IsAppThemed () returned 0x1
[0157.320] GetThemeAppProperties () returned 0x3
[0157.320] GetThemeAppProperties () returned 0x3
[0157.320] IsAppThemed () returned 0x1
[0157.320] GetThemeAppProperties () returned 0x3
[0157.320] GetThemeAppProperties () returned 0x3
[0157.320] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2c8fa20 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0157.320] IsAppThemed () returned 0x1
[0157.320] GetThemeAppProperties () returned 0x3
[0157.320] GetThemeAppProperties () returned 0x3
[0157.320] IsAppThemed () returned 0x1
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] IsAppThemed () returned 0x1
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] IsAppThemed () returned 0x1
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] IsThemePartDefined () returned 0x1
[0157.321] IsAppThemed () returned 0x1
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] GetThemeAppProperties () returned 0x3
[0157.321] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0157.322] IsAppThemed () returned 0x1
[0157.322] GetThemeAppProperties () returned 0x3
[0157.322] GetThemeAppProperties () returned 0x3
[0157.322] IsAppThemed () returned 0x1
[0157.322] GetThemeAppProperties () returned 0x3
[0157.322] GetThemeAppProperties () returned 0x3
[0157.322] IsThemePartDefined () returned 0x1
[0157.322] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0157.322] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0157.322] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0157.322] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.322] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc7c) returned 0x0
[0157.322] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0157.322] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0157.323] LocalFree (hMem=0x11ee788) returned 0x0
[0157.323] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.323] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0157.323] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.323] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.323] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0157.323] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0157.323] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0157.323] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0157.323] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0157.323] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0157.323] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0157.324] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0157.324] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.324] SaveDC (hdc=0xa20105d8) returned 1
[0157.324] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb5040807
[0157.324] GetClipRgn (hdc=0xa20105d8, hrgn=0xb5040807) returned 0
[0157.324] SelectClipRgn (hdc=0xa20105d8, hrgn=0x390407de) returned 2
[0157.324] DeleteObject (ho=0xb5040807) returned 1
[0157.324] DeleteObject (ho=0x390407de) returned 1
[0157.324] OffsetViewportOrgEx (in: hdc=0xa20105d8, x=0, y=0, lppt=0x2c900d0 | out: lppt=0x2c900d0) returned 1
[0157.324] DrawThemeParentBackground () returned 0x0
[0157.325] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0157.325] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0157.325] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.325] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.325] GetSystemMetrics (nIndex=42) returned 0
[0157.325] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0157.391] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0157.392] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0157.392] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0157.392] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0157.392] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.392] SaveDC (hdc=0xa20105d8) returned 2
[0157.392] GetNearestColor (hdc=0xa20105d8, color=0xf0f0f0) returned 0xf0f0f0
[0157.392] CreateSolidBrush (color=0xf0f0f0) returned 0x4f1007e1
[0157.392] FillRect (hDC=0xa20105d8, lprc=0xd7d6c8, hbr=0x4f1007e1) returned 1
[0157.392] DeleteObject (ho=0x4f1007e1) returned 1
[0157.392] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0157.393] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.393] GetSystemMetrics (nIndex=42) returned 0
[0157.393] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0157.393] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0157.393] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0157.393] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0157.393] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0157.393] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.393] SaveDC (hdc=0xa20105d8) returned 2
[0157.393] GetNearestColor (hdc=0xa20105d8, color=0xf0f0f0) returned 0xf0f0f0
[0157.394] CreateSolidBrush (color=0xf0f0f0) returned 0x501007e1
[0157.394] FillRect (hDC=0xa20105d8, lprc=0xd7d668, hbr=0x501007e1) returned 1
[0157.394] DeleteObject (ho=0x501007e1) returned 1
[0157.394] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0157.394] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.394] GetSystemMetrics (nIndex=42) returned 0
[0157.394] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0157.394] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0157.395] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0157.395] IsAppThemed () returned 0x1
[0157.395] GetThemeAppProperties () returned 0x3
[0157.395] GetThemeAppProperties () returned 0x3
[0157.395] IsAppThemed () returned 0x1
[0157.395] GetThemeAppProperties () returned 0x3
[0157.395] GetThemeAppProperties () returned 0x3
[0157.395] IsThemePartDefined () returned 0x1
[0157.395] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0157.395] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0157.395] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0157.395] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.396] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7dc00) returned 0x0
[0157.396] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.396] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0157.396] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.396] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0157.396] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee788) returned 0x0
[0157.396] LocalFree (hMem=0x11ee788) returned 0x0
[0157.396] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.396] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0157.396] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0157.396] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0157.396] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0157.396] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0157.396] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0157.396] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0157.397] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0157.397] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.397] SaveDC (hdc=0xa20105d8) returned 1
[0157.397] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a0407de
[0157.397] GetClipRgn (hdc=0xa20105d8, hrgn=0x3a0407de) returned 0
[0157.397] SelectClipRgn (hdc=0xa20105d8, hrgn=0xb7040807) returned 2
[0157.397] DeleteObject (ho=0x3a0407de) returned 1
[0157.397] DeleteObject (ho=0xb7040807) returned 1
[0157.397] OffsetViewportOrgEx (in: hdc=0xa20105d8, x=0, y=0, lppt=0x2c90a54 | out: lppt=0x2c90a54) returned 1
[0157.397] IsAppThemed () returned 0x1
[0157.397] GetThemeAppProperties () returned 0x3
[0157.397] GetThemeAppProperties () returned 0x3
[0157.397] DrawThemeBackground () returned 0x0
[0157.397] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0157.398] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0157.398] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0157.398] GdipGetClip (graphics=0x6600030, region=0x6644f28) returned 0x0
[0157.398] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0157.398] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.398] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc04) returned 0x0
[0157.398] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0157.398] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee910) returned 0x0
[0157.398] LocalFree (hMem=0x11ee910) returned 0x0
[0157.398] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.398] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0157.398] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.398] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.398] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0157.398] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0157.398] GdipGetRegionHRgn (region=0x6644f28, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0157.398] GdipDeleteRegion (region=0x6644f28) returned 0x0
[0157.399] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0157.399] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0157.399] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0157.399] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0157.399] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.399] SaveDC (hdc=0xa20105d8) returned 1
[0157.399] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb8040807
[0157.399] GetClipRgn (hdc=0xa20105d8, hrgn=0xb8040807) returned 0
[0157.399] SelectClipRgn (hdc=0xa20105d8, hrgn=0x3b0407de) returned 2
[0157.399] DeleteObject (ho=0xb8040807) returned 1
[0157.399] DeleteObject (ho=0x3b0407de) returned 1
[0157.399] OffsetViewportOrgEx (in: hdc=0xa20105d8, x=0, y=0, lppt=0x2c90d28 | out: lppt=0x2c90d28) returned 1
[0157.399] IsAppThemed () returned 0x1
[0157.399] GetThemeAppProperties () returned 0x3
[0157.399] GetThemeAppProperties () returned 0x3
[0157.400] GetThemeBackgroundContentRect () returned 0x0
[0157.400] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0157.400] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0157.400] IsAppThemed () returned 0x1
[0157.400] GetThemeAppProperties () returned 0x3
[0157.400] GetThemeAppProperties () returned 0x3
[0157.400] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0157.400] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0157.400] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0157.400] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0157.400] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0157.400] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.400] SaveDC (hdc=0xa20105d8) returned 1
[0157.400] GetTextAlign (hdc=0xa20105d8) returned 0x0
[0157.401] GetTextColor (hdc=0xa20105d8) returned 0x0
[0157.401] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0157.401] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0157.401] SelectObject (hdc=0xa20105d8, h=0x6d0a0520) returned 0x8a01c2
[0157.401] GetBkMode (hdc=0xa20105d8) returned 2
[0157.401] SetBkMode (hdc=0xa20105d8, mode=1) returned 2
[0157.401] DrawTextExW (in: hdc=0xa20105d8, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2c910c8 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0157.401] DrawTextExW (in: hdc=0xa20105d8, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2c910c8 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0157.402] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0157.402] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0157.402] GetFocus () returned 0x602d2
[0157.402] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0157.402] SendMessageW (hWnd=0x502dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0157.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0157.402] IsAppThemed () returned 0x1
[0157.402] GetThemeAppProperties () returned 0x3
[0157.402] GetThemeAppProperties () returned 0x3
[0157.403] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0157.403] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xa20105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0157.403] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0157.403] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.403] SelectObject (hdc=0xa20105d8, h=0x85000f) returned 0x4a0507fe
[0157.404] DeleteDC (hdc=0xa20105d8) returned 1
[0157.404] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0157.404] EndPaint (hWnd=0x602d2, lpPaint=0xd7dee4) returned 1
[0157.404] MapWindowPoints (in: hWndFrom=0x602d2, hWndTo=0x0, lpPoints=0x2c911c4, cPoints=0x1 | out: lpPoints=0x2c911c4) returned 30999254
[0157.404] WindowFromPoint (Point=0x301) returned 0x602d2
[0157.404] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.405] NotifyWinEvent (event=0x800a, hwnd=0x602d2, idObject=-4, idChild=0)
[0157.405] NotifyWinEvent (event=0x800c, hwnd=0x602d2, idObject=-4, idChild=0)
[0157.405] GetCapture () returned 0x602d2
[0157.405] ReleaseCapture () returned 1
[0157.405] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0157.405] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0157.406] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.406] IsWindow (hWnd=0x7005c) returned 1
[0157.406] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0157.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0157.407] IsWindow (hWnd=0x502dc) returned 1
[0157.407] SetActiveWindow (hWnd=0x502dc) returned 0x502dc
[0157.407] IsWindow (hWnd=0x502dc) returned 1
[0157.407] SetFocus (hWnd=0x502dc) returned 0x602d2
[0157.407] GetFocus () returned 0x502dc
[0157.407] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x8, wParam=0x502dc, lParam=0x0) returned 0x0
[0157.407] GetCapture () returned 0x0
[0157.407] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0157.409] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0157.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0157.412] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0157.412] GetFocus () returned 0x502dc
[0157.412] SetFocus (hWnd=0x602d2) returned 0x502dc
[0157.412] GetFocus () returned 0x602d2
[0157.412] IsChild (hWndParent=0x502dc, hWnd=0x602d2) returned 1
[0157.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x8, wParam=0x602d2, lParam=0x0) returned 0x0
[0157.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0157.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0157.416] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0157.416] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x7, wParam=0x502dc, lParam=0x0) returned 0x0
[0157.416] GetStockObject (i=5) returned 0x900015
[0157.416] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0157.417] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0157.417] GetDlgItem (hDlg=0x502dc, nIDDlgItem=393938) returned 0x602d2
[0157.417] SendMessageW (hWnd=0x602d2, Msg=0x202b, wParam=0x602d2, lParam=0xd7ddcc) returned 0x0
[0157.417] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x202b, wParam=0x602d2, lParam=0xd7ddcc) returned 0x0
[0157.417] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0157.422] GetWindowLongW (hWnd=0x502dc, nIndex=-8) returned 458844
[0157.422] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0157.422] GetCurrentThreadId () returned 0xf50
[0157.422] IsWindow (hWnd=0x7005c) returned 1
[0157.422] IsWindow (hWnd=0x7005c) returned 1
[0157.422] IsWindowVisible (hWnd=0x7005c) returned 1
[0157.422] SetActiveWindow (hWnd=0x7005c) returned 0x502dc
[0157.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0157.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0157.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0157.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0157.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0157.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0157.427] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0157.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0157.427] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0157.427] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0157.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0157.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0157.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0157.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x502dc) returned 0x1
[0157.432] GetFocus () returned 0x602d2
[0157.432] SetFocus (hWnd=0x602c4) returned 0x602d2
[0157.432] GetFocus () returned 0x602c4
[0157.432] IsChild (hWndParent=0x502dc, hWnd=0x602c4) returned 0
[0157.432] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0157.432] GetCapture () returned 0x0
[0157.432] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0157.433] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0157.434] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0157.445] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0157.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0157.445] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0157.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0157.445] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0157.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x602d2, lParam=0x0) returned 0x0
[0157.446] GetStockObject (i=5) returned 0x900015
[0157.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0157.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed990) returned 0xc
[0157.446] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0157.446] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0157.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0157.446] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0157.447] GetFocus () returned 0x602c4
[0157.448] IsChild (hWndParent=0x502dc, hWnd=0x602c4) returned 0
[0157.448] ShowWindow (hWnd=0x502dc, nCmdShow=0) returned 1
[0157.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0157.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0157.449] GetWindowPlacement (in: hWnd=0x502dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0157.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0157.449] GetClientRect (in: hWnd=0x502dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0157.449] GetWindowRect (in: hWnd=0x502dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0157.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0157.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0157.451] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0157.451] GetWindowLongW (hWnd=0x502dc, nIndex=-20) returned 327945
[0157.451] DestroyWindow (hWnd=0x502dc) returned 1
[0157.451] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0157.452] GetWindowTextLengthW (hWnd=0x502dc) returned 24
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0157.452] GetSystemMetrics (nIndex=42) returned 0
[0157.452] GetWindowTextW (in: hWnd=0x502dc, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0157.452] GetWindowTextLengthW (hWnd=0x800ea) returned 0
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0157.452] GetSystemMetrics (nIndex=42) returned 0
[0157.452] GetWindowTextW (in: hWnd=0x800ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0157.452] GetWindowThreadProcessId (in: hWnd=0x3005a, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0157.452] GetWindow (hWnd=0x3005a, uCmd=0x5) returned 0x0
[0157.452] GetWindowLongW (hWnd=0x3005a, nIndex=-20) returned 65792
[0157.452] DestroyWindow (hWnd=0x3005a) returned 1
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0157.452] GetWindowTextLengthW (hWnd=0x3005a) returned 25
[0157.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0157.453] GetSystemMetrics (nIndex=42) returned 0
[0157.453] GetWindowTextW (in: hWnd=0x3005a, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0157.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0157.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0157.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.495] GetWindowTextLengthW (hWnd=0x502da) returned 232
[0157.495] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0157.495] GetSystemMetrics (nIndex=42) returned 0
[0157.495] GetWindowTextW (in: hWnd=0x502da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0157.495] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0157.495] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0157.497] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0157.497] InvalidateRect (hWnd=0x602d2, lpRect=0x0, bErase=0) returned 1
[0157.497] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0157.498] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0157.498] SendMessageW (hWnd=0x502de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0157.498] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0157.498] SendMessageW (hWnd=0x502de, Msg=0xb0, wParam=0x2c5b5ac, lParam=0xd7e480) returned 0x0
[0157.498] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0xb0, wParam=0x2c5b5ac, lParam=0xd7e480) returned 0x0
[0157.498] GetWindowTextLengthW (hWnd=0x502de) returned 4363
[0157.498] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0157.498] GetSystemMetrics (nIndex=42) returned 0
[0157.498] CoTaskMemAlloc (cb=0x221c) returned 0x11fdd28
[0157.498] GetWindowTextW (in: hWnd=0x502de, lpString=0x11fdd28, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0157.498] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0xd, wParam=0x110c, lParam=0x11fdd28) returned 0x110b
[0157.498] CoTaskMemFree (pv=0x11fdd28)
[0157.498] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0157.499] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x800ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.500] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x502da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.502] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x7013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.504] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.505] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.506] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x502de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x502dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0157.510] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.510] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.510] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.510] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.510] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.511] IsWindowUnicode (hWnd=0x7005c) returned 1
[0157.511] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.511] SetCursor (hCursor=0x10003) returned 0x10003
[0157.513] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.513] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.513] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0157.513] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0157.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0157.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0243) returned 0x0
[0157.513] GetKeyState (nVirtKey=1) returned 1
[0157.513] GetKeyState (nVirtKey=2) returned 0
[0157.513] GetKeyState (nVirtKey=4) returned 0
[0157.513] GetKeyState (nVirtKey=5) returned 0
[0157.513] GetKeyState (nVirtKey=6) returned 0
[0157.513] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.514] IsWindowUnicode (hWnd=0x7005c) returned 1
[0157.514] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.514] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.514] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.514] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.514] IsWindowUnicode (hWnd=0x7005c) returned 1
[0157.514] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40301) returned 0x1
[0157.515] SetCursor (hCursor=0x10003) returned 0x10003
[0157.515] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.515] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0243) returned 0x0
[0157.515] GetKeyState (nVirtKey=1) returned 1
[0157.515] GetKeyState (nVirtKey=2) returned 0
[0157.515] GetKeyState (nVirtKey=4) returned 0
[0157.515] GetKeyState (nVirtKey=5) returned 0
[0157.515] GetKeyState (nVirtKey=6) returned 0
[0157.515] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.515] IsWindowUnicode (hWnd=0x602c4) returned 1
[0157.515] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.515] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.515] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.516] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.516] IsWindowUnicode (hWnd=0x602c4) returned 1
[0157.516] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.516] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.516] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.516] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0157.517] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.517] CreateCompatibleDC (hdc=0x10105d6) returned 0x720107d7
[0157.517] SelectObject (hdc=0x720107d7, h=0x4a0507fe) returned 0x85000f
[0157.517] GdipCreateFromHDC (hdc=0x720107d7, graphics=0xd7e798) returned 0x0
[0157.517] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0157.517] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0157.517] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0157.517] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.517] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e7f8) returned 0x0
[0157.517] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.517] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0157.517] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.517] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.517] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0157.517] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0157.517] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0157.518] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0157.518] GdipRestoreGraphics (graphics=0x6600030, state=0xfcec0dbd) returned 0x0
[0157.518] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0157.518] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0157.518] GetCurrentObject (hdc=0x720107d7, type=0x1) returned 0xb00017
[0157.518] GetCurrentObject (hdc=0x720107d7, type=0x2) returned 0x900010
[0157.518] GetCurrentObject (hdc=0x720107d7, type=0x7) returned 0x4a0507fe
[0157.518] GetCurrentObject (hdc=0x720107d7, type=0x6) returned 0x8a01c2
[0157.518] SaveDC (hdc=0x720107d7) returned 1
[0157.518] GetNearestColor (hdc=0x720107d7, color=0xff) returned 0xff
[0157.518] GetNearestColor (hdc=0x720107d7, color=0x55) returned 0x55
[0157.518] GetNearestColor (hdc=0x720107d7, color=0x0) returned 0x0
[0157.518] GetNearestColor (hdc=0x720107d7, color=0x55) returned 0x55
[0157.518] GetNearestColor (hdc=0x720107d7, color=0x0) returned 0x0
[0157.518] GetNearestColor (hdc=0x720107d7, color=0x8080ff) returned 0x8080ff
[0157.518] GetNearestColor (hdc=0x720107d7, color=0x7373e5) returned 0x7373e5
[0157.518] GetNearestColor (hdc=0x720107d7, color=0xe5) returned 0xe5
[0157.519] GetNearestColor (hdc=0x720107d7, color=0x0) returned 0x0
[0157.519] RestoreDC (hdc=0x720107d7, nSavedDC=-1) returned 1
[0157.523] GdipReleaseDC (graphics=0x6600030, hdc=0x720107d7) returned 0x0
[0157.523] IsAppThemed () returned 0x1
[0157.523] GetThemeAppProperties () returned 0x3
[0157.524] GetThemeAppProperties () returned 0x3
[0157.524] IsAppThemed () returned 0x1
[0157.524] GetThemeAppProperties () returned 0x3
[0157.524] GetThemeAppProperties () returned 0x3
[0157.524] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2c98fb0 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0157.524] IsAppThemed () returned 0x1
[0157.524] GetThemeAppProperties () returned 0x3
[0157.524] GetThemeAppProperties () returned 0x3
[0157.524] IsAppThemed () returned 0x1
[0157.524] GetThemeAppProperties () returned 0x3
[0157.524] GetThemeAppProperties () returned 0x3
[0157.524] GetFocus () returned 0x602c4
[0157.524] IsAppThemed () returned 0x1
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] IsAppThemed () returned 0x1
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] IsThemePartDefined () returned 0x1
[0157.525] IsAppThemed () returned 0x1
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0157.525] IsAppThemed () returned 0x1
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] IsAppThemed () returned 0x1
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] GetThemeAppProperties () returned 0x3
[0157.525] IsThemePartDefined () returned 0x1
[0157.525] GdipCreateRegion (region=0xd7e508) returned 0x0
[0157.525] GdipGetClip (graphics=0x6600030, region=0x6644748) returned 0x0
[0157.525] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0157.525] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.525] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e520) returned 0x0
[0157.526] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0157.526] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee868) returned 0x0
[0157.526] LocalFree (hMem=0x11ee868) returned 0x0
[0157.526] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0157.526] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eed00) returned 0x0
[0157.526] LocalFree (hMem=0x11eed00) returned 0x0
[0157.526] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.526] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6600030, result=0xd7e548) returned 0x0
[0157.526] GdipIsInfiniteRegion (region=0x6644748, graphics=0x6600030, result=0xd7e538) returned 0x0
[0157.526] GdipGetRegionHRgn (region=0x6644748, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0157.526] GdipDeleteRegion (region=0x6644748) returned 0x0
[0157.526] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0157.526] GetCurrentObject (hdc=0x720107d7, type=0x1) returned 0xb00017
[0157.526] GetCurrentObject (hdc=0x720107d7, type=0x2) returned 0x900010
[0157.526] GetCurrentObject (hdc=0x720107d7, type=0x7) returned 0x4a0507fe
[0157.526] GetCurrentObject (hdc=0x720107d7, type=0x6) returned 0x8a01c2
[0157.527] SaveDC (hdc=0x720107d7) returned 1
[0157.527] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3c0407de
[0157.527] GetClipRgn (hdc=0x720107d7, hrgn=0x3c0407de) returned 0
[0157.527] SelectClipRgn (hdc=0x720107d7, hrgn=0xbc040807) returned 2
[0157.527] DeleteObject (ho=0x3c0407de) returned 1
[0157.527] DeleteObject (ho=0xbc040807) returned 1
[0157.527] OffsetViewportOrgEx (in: hdc=0x720107d7, x=0, y=0, lppt=0x2c99660 | out: lppt=0x2c99660) returned 1
[0157.527] DrawThemeParentBackground () returned 0x0
[0157.527] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0157.527] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0157.527] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0157.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0157.527] GetSystemMetrics (nIndex=42) returned 0
[0157.527] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0157.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0157.528] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0157.528] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0157.528] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0157.528] SelectPalette (hdc=0x720107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.528] GdipCreateFromHDC (hdc=0x720107d7, graphics=0xd7dff8) returned 0x0
[0157.528] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0157.528] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0157.528] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x661c480) returned 0x0
[0157.528] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7dfd0) returned 0x0
[0157.528] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.528] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0157.528] GdipGetClip (graphics=0x66372d8, region=0x6644e98) returned 0x0
[0157.529] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x66372d8, result=0xd7dfc4) returned 0x0
[0157.529] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0157.529] GdipSaveGraphics (graphics=0x66372d8, state=0xd7dff0) returned 0x0
[0157.529] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0157.540] GdipFillRectangleI (graphics=0x66372d8, brush=0x6639790, x=0, y=0, width=801, height=453) returned 0x0
[0157.540] GdipDeleteBrush (brush=0x6639790) returned 0x0
[0157.542] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0157.542] SelectPalette (hdc=0x720107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.542] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0157.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0157.542] GetSystemMetrics (nIndex=42) returned 0
[0157.542] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0157.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0157.542] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0157.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0157.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0157.543] SelectPalette (hdc=0x720107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0157.543] GdipCreateFromHDC (hdc=0x720107d7, graphics=0xd7df98) returned 0x0
[0157.543] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0157.543] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0157.543] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x66046e0) returned 0x0
[0157.543] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df70) returned 0x0
[0157.543] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.543] GdipCreateRegion (region=0xd7df58) returned 0x0
[0157.543] GdipGetClip (graphics=0x66372d8, region=0x6644ce8) returned 0x0
[0157.543] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x66372d8, result=0xd7df64) returned 0x0
[0157.543] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0157.543] GdipSaveGraphics (graphics=0x66372d8, state=0xd7df90) returned 0x0
[0157.543] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0157.559] GdipFillRectangleI (graphics=0x66372d8, brush=0x663a018, x=0, y=0, width=801, height=453) returned 0x0
[0157.565] GdipDeleteBrush (brush=0x663a018) returned 0x0
[0157.567] GdipRestoreGraphics (graphics=0x66372d8, state=0xfce80dbd) returned 0x0
[0157.567] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0157.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0157.567] GetSystemMetrics (nIndex=42) returned 0
[0157.567] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0157.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0157.567] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0157.567] SelectPalette (hdc=0x720107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.568] RestoreDC (hdc=0x720107d7, nSavedDC=-1) returned 1
[0157.568] GdipReleaseDC (graphics=0x6600030, hdc=0x720107d7) returned 0x0
[0157.568] IsAppThemed () returned 0x1
[0157.568] GetThemeAppProperties () returned 0x3
[0157.568] GetThemeAppProperties () returned 0x3
[0157.568] IsAppThemed () returned 0x1
[0157.568] GetThemeAppProperties () returned 0x3
[0157.568] GetThemeAppProperties () returned 0x3
[0157.568] IsThemePartDefined () returned 0x1
[0157.568] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0157.568] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0157.568] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0157.568] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0157.569] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e4a4) returned 0x0
[0157.569] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.569] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0157.569] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.569] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0157.569] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0157.569] LocalFree (hMem=0x11ee9f0) returned 0x0
[0157.569] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0157.569] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0157.569] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0157.569] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0157.569] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0157.569] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0157.570] GetCurrentObject (hdc=0x720107d7, type=0x1) returned 0xb00017
[0157.570] GetCurrentObject (hdc=0x720107d7, type=0x2) returned 0x900010
[0157.570] GetCurrentObject (hdc=0x720107d7, type=0x7) returned 0x4a0507fe
[0157.570] GetCurrentObject (hdc=0x720107d7, type=0x6) returned 0x8a01c2
[0157.570] SaveDC (hdc=0x720107d7) returned 1
[0157.570] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbd040807
[0157.570] GetClipRgn (hdc=0x720107d7, hrgn=0xbd040807) returned 0
[0157.570] SelectClipRgn (hdc=0x720107d7, hrgn=0x3e0407de) returned 2
[0157.570] DeleteObject (ho=0xbd040807) returned 1
[0157.570] DeleteObject (ho=0x3e0407de) returned 1
[0157.570] OffsetViewportOrgEx (in: hdc=0x720107d7, x=0, y=0, lppt=0x2c9feb0 | out: lppt=0x2c9feb0) returned 1
[0157.570] IsAppThemed () returned 0x1
[0157.571] GetThemeAppProperties () returned 0x3
[0157.571] GetThemeAppProperties () returned 0x3
[0157.571] DrawThemeBackground () returned 0x0
[0157.571] RestoreDC (hdc=0x720107d7, nSavedDC=-1) returned 1
[0157.571] GdipReleaseDC (graphics=0x6600030, hdc=0x720107d7) returned 0x0
[0157.571] GdipCreateRegion (region=0xd7e490) returned 0x0
[0157.571] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0157.571] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0157.571] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0157.571] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e4a8) returned 0x0
[0157.571] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0157.572] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0157.572] LocalFree (hMem=0x11eec58) returned 0x0
[0157.572] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0157.572] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eea28) returned 0x0
[0157.572] LocalFree (hMem=0x11eea28) returned 0x0
[0157.572] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0157.572] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0157.572] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0157.572] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0157.572] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0157.572] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0157.572] GetCurrentObject (hdc=0x720107d7, type=0x1) returned 0xb00017
[0157.573] GetCurrentObject (hdc=0x720107d7, type=0x2) returned 0x900010
[0157.573] GetCurrentObject (hdc=0x720107d7, type=0x7) returned 0x4a0507fe
[0157.573] GetCurrentObject (hdc=0x720107d7, type=0x6) returned 0x8a01c2
[0157.573] SaveDC (hdc=0x720107d7) returned 1
[0157.573] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f0407de
[0157.573] GetClipRgn (hdc=0x720107d7, hrgn=0x3f0407de) returned 0
[0157.573] SelectClipRgn (hdc=0x720107d7, hrgn=0xbe040807) returned 2
[0157.573] DeleteObject (ho=0x3f0407de) returned 1
[0157.573] DeleteObject (ho=0xbe040807) returned 1
[0157.573] OffsetViewportOrgEx (in: hdc=0x720107d7, x=0, y=0, lppt=0x2ca0184 | out: lppt=0x2ca0184) returned 1
[0157.573] IsAppThemed () returned 0x1
[0157.574] GetThemeAppProperties () returned 0x3
[0157.574] GetThemeAppProperties () returned 0x3
[0157.574] GetThemeBackgroundContentRect () returned 0x0
[0157.574] RestoreDC (hdc=0x720107d7, nSavedDC=-1) returned 1
[0157.574] GdipReleaseDC (graphics=0x6600030, hdc=0x720107d7) returned 0x0
[0157.574] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0157.574] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0157.574] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0157.574] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0157.574] IsAppThemed () returned 0x1
[0157.574] GetThemeAppProperties () returned 0x3
[0157.575] GetThemeAppProperties () returned 0x3
[0157.575] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0157.575] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0157.575] GetCurrentObject (hdc=0x720107d7, type=0x1) returned 0xb00017
[0157.575] GetCurrentObject (hdc=0x720107d7, type=0x2) returned 0x900010
[0157.576] GetCurrentObject (hdc=0x720107d7, type=0x7) returned 0x4a0507fe
[0157.576] GetCurrentObject (hdc=0x720107d7, type=0x6) returned 0x8a01c2
[0157.576] SaveDC (hdc=0x720107d7) returned 1
[0157.576] GetTextAlign (hdc=0x720107d7) returned 0x0
[0157.576] GetTextColor (hdc=0x720107d7) returned 0x0
[0157.576] GetCurrentObject (hdc=0x720107d7, type=0x6) returned 0x8a01c2
[0157.576] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0157.576] SelectObject (hdc=0x720107d7, h=0x6d0a0520) returned 0x8a01c2
[0157.576] GetBkMode (hdc=0x720107d7) returned 2
[0157.576] SetBkMode (hdc=0x720107d7, mode=1) returned 2
[0157.576] DrawTextExW (in: hdc=0x720107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2ca0548 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0157.577] DrawTextExW (in: hdc=0x720107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2ca0548 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0157.577] RestoreDC (hdc=0x720107d7, nSavedDC=-1) returned 1
[0157.577] GdipReleaseDC (graphics=0x6600030, hdc=0x720107d7) returned 0x0
[0157.577] GetFocus () returned 0x602c4
[0157.577] IsAppThemed () returned 0x1
[0157.577] GetThemeAppProperties () returned 0x3
[0157.577] GetThemeAppProperties () returned 0x3
[0157.578] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0157.578] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x720107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0157.578] GdipReleaseDC (graphics=0x6600030, hdc=0x720107d7) returned 0x0
[0157.578] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0157.578] SelectObject (hdc=0x720107d7, h=0x85000f) returned 0x4a0507fe
[0157.578] DeleteDC (hdc=0x720107d7) returned 1
[0157.578] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0157.578] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0157.578] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.578] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.578] WaitMessage () returned 1
[0157.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.608] IsWindowUnicode (hWnd=0x7005c) returned 1
[0157.608] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.608] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.608] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.608] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.608] IsWindowUnicode (hWnd=0x7005c) returned 1
[0157.608] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.608] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.608] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.608] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0243) returned 0x0
[0157.608] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.608] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.608] WaitMessage () returned 1
[0157.628] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.628] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.628] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.628] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.628] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.629] WaitMessage () returned 1
[0157.630] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.630] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.630] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.630] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.630] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.632] WaitMessage () returned 1
[0157.633] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.633] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.633] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.633] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.633] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.635] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.635] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.635] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.635] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.636] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.636] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.636] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.636] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.636] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.636] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.636] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.637] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.637] WaitMessage () returned 1
[0157.637] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.637] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.637] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.637] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.637] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.643] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.644] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.644] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.644] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.644] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.644] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.644] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.644] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.644] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.644] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.645] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.645] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.645] WaitMessage () returned 1
[0157.647] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.647] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.647] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.648] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.648] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.649] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.649] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.650] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.650] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.650] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.650] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.650] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.650] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.650] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.651] WaitMessage () returned 1
[0157.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.651] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.652] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.652] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.652] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.654] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.655] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.655] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.655] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.655] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.655] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.656] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.656] WaitMessage () returned 1
[0157.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.658] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.659] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.659] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.659] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.660] WaitMessage () returned 1
[0157.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.661] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.661] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.661] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.661] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.662] WaitMessage () returned 1
[0157.664] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.664] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.664] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.664] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.664] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.665] WaitMessage () returned 1
[0157.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.665] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.666] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.666] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.666] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.667] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.667] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.668] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.668] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.668] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.668] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.668] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.668] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.699] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.699] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.699] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.699] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.700] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.700] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.700] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.700] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.700] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.705] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.705] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.705] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.705] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.705] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.706] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.706] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.706] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.706] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.706] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.706] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.706] IsWindowUnicode (hWnd=0x30122) returned 1
[0157.707] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.707] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.707] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.707] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.707] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.708] WaitMessage () returned 1
[0157.749] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.749] IsWindowUnicode (hWnd=0x502c6) returned 1
[0157.750] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0157.750] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0157.750] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0157.750] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.750] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0157.750] WaitMessage () returned 1
[0158.985] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0158.985] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f1) returned 0x1
[0158.985] IsWindowUnicode (hWnd=0x602c4) returned 1
[0158.985] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0158.985] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0158.985] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0158.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0158.985] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0158.985] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f1) returned 0x1
[0158.985] IsWindowUnicode (hWnd=0x602c4) returned 1
[0158.985] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0158.986] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f1) returned 0x1
[0158.986] SetCursor (hCursor=0x10003) returned 0x10003
[0158.986] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0158.986] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0158.986] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0158.986] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0158.986] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0158.986] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0158.986] GetKeyState (nVirtKey=1) returned 1
[0158.986] GetKeyState (nVirtKey=2) returned 0
[0158.986] GetKeyState (nVirtKey=4) returned 0
[0158.986] GetKeyState (nVirtKey=5) returned 0
[0158.986] GetKeyState (nVirtKey=6) returned 0
[0158.986] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0158.987] IsWindowUnicode (hWnd=0x602c4) returned 1
[0158.987] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0158.987] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0158.987] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0158.987] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0158.987] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0158.987] CreateCompatibleDC (hdc=0x10105d6) returned 0xff0107bb
[0158.987] SelectObject (hdc=0xff0107bb, h=0x4a0507fe) returned 0x85000f
[0158.987] GdipCreateFromHDC (hdc=0xff0107bb, graphics=0xd7e798) returned 0x0
[0158.988] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0158.988] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0158.988] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0158.988] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0158.988] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e7f8) returned 0x0
[0158.988] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0158.988] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee788) returned 0x0
[0158.988] LocalFree (hMem=0x11ee788) returned 0x0
[0158.988] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0158.988] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0158.988] GdipGetClip (graphics=0x6600030, region=0x66442c8) returned 0x0
[0158.988] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0158.988] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0158.988] GdipRestoreGraphics (graphics=0x6600030, state=0xfce60dbd) returned 0x0
[0158.988] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0158.988] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0158.989] GetCurrentObject (hdc=0xff0107bb, type=0x1) returned 0xb00017
[0158.989] GetCurrentObject (hdc=0xff0107bb, type=0x2) returned 0x900010
[0158.989] GetCurrentObject (hdc=0xff0107bb, type=0x7) returned 0x4a0507fe
[0158.989] GetCurrentObject (hdc=0xff0107bb, type=0x6) returned 0x8a01c2
[0158.989] SaveDC (hdc=0xff0107bb) returned 1
[0158.989] GetNearestColor (hdc=0xff0107bb, color=0xff) returned 0xff
[0158.989] GetNearestColor (hdc=0xff0107bb, color=0x55) returned 0x55
[0158.989] GetNearestColor (hdc=0xff0107bb, color=0x0) returned 0x0
[0158.989] GetNearestColor (hdc=0xff0107bb, color=0x55) returned 0x55
[0158.989] GetNearestColor (hdc=0xff0107bb, color=0x0) returned 0x0
[0158.989] GetNearestColor (hdc=0xff0107bb, color=0x8080ff) returned 0x8080ff
[0158.989] GetNearestColor (hdc=0xff0107bb, color=0x7373e5) returned 0x7373e5
[0158.990] GetNearestColor (hdc=0xff0107bb, color=0xe5) returned 0xe5
[0158.990] GetNearestColor (hdc=0xff0107bb, color=0x0) returned 0x0
[0158.990] RestoreDC (hdc=0xff0107bb, nSavedDC=-1) returned 1
[0158.990] GdipReleaseDC (graphics=0x6600030, hdc=0xff0107bb) returned 0x0
[0158.990] IsAppThemed () returned 0x1
[0158.990] GetThemeAppProperties () returned 0x3
[0158.990] GetThemeAppProperties () returned 0x3
[0158.990] IsAppThemed () returned 0x1
[0158.990] GetThemeAppProperties () returned 0x3
[0158.990] GetThemeAppProperties () returned 0x3
[0158.990] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2ca0f48 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0158.991] IsAppThemed () returned 0x1
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] IsAppThemed () returned 0x1
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] IsAppThemed () returned 0x1
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] IsAppThemed () returned 0x1
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] IsThemePartDefined () returned 0x1
[0158.991] IsAppThemed () returned 0x1
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] GetThemeAppProperties () returned 0x3
[0158.991] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0158.991] IsAppThemed () returned 0x1
[0158.991] GetThemeAppProperties () returned 0x3
[0158.992] GetThemeAppProperties () returned 0x3
[0158.992] IsAppThemed () returned 0x1
[0158.992] GetThemeAppProperties () returned 0x3
[0158.992] GetThemeAppProperties () returned 0x3
[0158.992] IsThemePartDefined () returned 0x1
[0158.992] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0158.992] GdipGetClip (graphics=0x6600030, region=0x6644478) returned 0x0
[0158.992] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0158.992] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0158.992] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e514) returned 0x0
[0158.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0158.992] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0158.992] LocalFree (hMem=0x11ee788) returned 0x0
[0158.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0158.992] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0158.992] LocalFree (hMem=0x11eec58) returned 0x0
[0158.992] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0158.992] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0158.993] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0158.993] GdipGetRegionHRgn (region=0x6644478, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0158.993] GdipDeleteRegion (region=0x6644478) returned 0x0
[0158.993] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0158.993] GetCurrentObject (hdc=0xff0107bb, type=0x1) returned 0xb00017
[0158.993] GetCurrentObject (hdc=0xff0107bb, type=0x2) returned 0x900010
[0158.993] GetCurrentObject (hdc=0xff0107bb, type=0x7) returned 0x4a0507fe
[0158.993] GetCurrentObject (hdc=0xff0107bb, type=0x6) returned 0x8a01c2
[0158.993] SaveDC (hdc=0xff0107bb) returned 1
[0158.993] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbf040807
[0158.993] GetClipRgn (hdc=0xff0107bb, hrgn=0xbf040807) returned 0
[0158.993] SelectClipRgn (hdc=0xff0107bb, hrgn=0x430407de) returned 2
[0158.993] DeleteObject (ho=0xbf040807) returned 1
[0158.993] DeleteObject (ho=0x430407de) returned 1
[0158.994] OffsetViewportOrgEx (in: hdc=0xff0107bb, x=0, y=0, lppt=0x2ca15f8 | out: lppt=0x2ca15f8) returned 1
[0158.994] DrawThemeParentBackground () returned 0x0
[0158.994] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0158.994] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0158.994] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0158.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0158.994] GetSystemMetrics (nIndex=42) returned 0
[0158.994] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0158.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0158.994] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0158.994] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0158.994] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0158.994] SelectPalette (hdc=0xff0107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0158.995] GdipCreateFromHDC (hdc=0xff0107bb, graphics=0xd7dff0) returned 0x0
[0158.995] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0158.995] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0158.995] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x661c480) returned 0x0
[0158.995] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7dfc8) returned 0x0
[0158.995] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0158.995] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0158.995] GdipGetClip (graphics=0x66372d8, region=0x6644598) returned 0x0
[0158.995] GdipIsInfiniteRegion (region=0x6644598, graphics=0x66372d8, result=0xd7dfbc) returned 0x0
[0158.995] GdipDeleteRegion (region=0x6644598) returned 0x0
[0158.995] GdipSaveGraphics (graphics=0x66372d8, state=0xd7dfe8) returned 0x0
[0158.995] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0159.008] GdipFillRectangleI (graphics=0x66372d8, brush=0x66398c8, x=0, y=0, width=801, height=453) returned 0x0
[0159.008] GdipDeleteBrush (brush=0x66398c8) returned 0x0
[0159.009] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0159.009] SelectPalette (hdc=0xff0107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.010] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0159.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.010] GetSystemMetrics (nIndex=42) returned 0
[0159.010] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0159.010] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0159.010] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0159.010] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0159.010] SelectPalette (hdc=0xff0107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.010] GdipCreateFromHDC (hdc=0xff0107bb, graphics=0xd7df90) returned 0x0
[0159.010] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0159.010] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0159.010] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x66046e0) returned 0x0
[0159.010] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7df68) returned 0x0
[0159.010] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0159.010] GdipCreateRegion (region=0xd7df50) returned 0x0
[0159.011] GdipGetClip (graphics=0x66372d8, region=0x6644b38) returned 0x0
[0159.011] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x66372d8, result=0xd7df5c) returned 0x0
[0159.011] GdipDeleteRegion (region=0x6644b38) returned 0x0
[0159.011] GdipSaveGraphics (graphics=0x66372d8, state=0xd7df88) returned 0x0
[0159.011] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0159.022] GdipFillRectangleI (graphics=0x66372d8, brush=0x6639a00, x=0, y=0, width=801, height=453) returned 0x0
[0159.022] GdipDeleteBrush (brush=0x6639a00) returned 0x0
[0159.024] GdipRestoreGraphics (graphics=0x66372d8, state=0xfce20dbd) returned 0x0
[0159.024] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0159.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.024] GetSystemMetrics (nIndex=42) returned 0
[0159.024] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0159.024] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0159.024] SelectPalette (hdc=0xff0107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.024] RestoreDC (hdc=0xff0107bb, nSavedDC=-1) returned 1
[0159.025] GdipReleaseDC (graphics=0x6600030, hdc=0xff0107bb) returned 0x0
[0159.025] IsAppThemed () returned 0x1
[0159.025] GetThemeAppProperties () returned 0x3
[0159.025] GetThemeAppProperties () returned 0x3
[0159.025] IsAppThemed () returned 0x1
[0159.025] GetThemeAppProperties () returned 0x3
[0159.025] GetThemeAppProperties () returned 0x3
[0159.025] IsThemePartDefined () returned 0x1
[0159.025] GdipCreateRegion (region=0xd7e480) returned 0x0
[0159.025] GdipGetClip (graphics=0x6600030, region=0x6644868) returned 0x0
[0159.025] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0159.025] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0159.025] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e498) returned 0x0
[0159.025] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.025] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee9f0) returned 0x0
[0159.025] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.026] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.026] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eec58) returned 0x0
[0159.026] LocalFree (hMem=0x11eec58) returned 0x0
[0159.026] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0159.026] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0159.026] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0159.026] GdipGetRegionHRgn (region=0x6644868, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0159.026] GdipDeleteRegion (region=0x6644868) returned 0x0
[0159.026] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0159.026] GetCurrentObject (hdc=0xff0107bb, type=0x1) returned 0xb00017
[0159.026] GetCurrentObject (hdc=0xff0107bb, type=0x2) returned 0x900010
[0159.026] GetCurrentObject (hdc=0xff0107bb, type=0x7) returned 0x4a0507fe
[0159.026] GetCurrentObject (hdc=0xff0107bb, type=0x6) returned 0x8a01c2
[0159.026] SaveDC (hdc=0xff0107bb) returned 1
[0159.026] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x440407de
[0159.027] GetClipRgn (hdc=0xff0107bb, hrgn=0x440407de) returned 0
[0159.027] SelectClipRgn (hdc=0xff0107bb, hrgn=0xc1040807) returned 2
[0159.027] DeleteObject (ho=0x440407de) returned 1
[0159.027] DeleteObject (ho=0xc1040807) returned 1
[0159.027] OffsetViewportOrgEx (in: hdc=0xff0107bb, x=0, y=0, lppt=0x2ca7e48 | out: lppt=0x2ca7e48) returned 1
[0159.027] IsAppThemed () returned 0x1
[0159.027] GetThemeAppProperties () returned 0x3
[0159.027] GetThemeAppProperties () returned 0x3
[0159.027] DrawThemeBackground () returned 0x0
[0159.027] RestoreDC (hdc=0xff0107bb, nSavedDC=-1) returned 1
[0159.027] GdipReleaseDC (graphics=0x6600030, hdc=0xff0107bb) returned 0x0
[0159.027] GdipCreateRegion (region=0xd7e484) returned 0x0
[0159.027] GdipGetClip (graphics=0x6600030, region=0x6644ce8) returned 0x0
[0159.027] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0159.027] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0159.028] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e49c) returned 0x0
[0159.028] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.028] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0159.028] LocalFree (hMem=0x11eec58) returned 0x0
[0159.028] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0159.028] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee8d8) returned 0x0
[0159.028] LocalFree (hMem=0x11ee8d8) returned 0x0
[0159.028] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0159.028] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0159.028] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0159.028] GdipGetRegionHRgn (region=0x6644ce8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0159.028] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0159.028] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0159.028] GetCurrentObject (hdc=0xff0107bb, type=0x1) returned 0xb00017
[0159.028] GetCurrentObject (hdc=0xff0107bb, type=0x2) returned 0x900010
[0159.028] GetCurrentObject (hdc=0xff0107bb, type=0x7) returned 0x4a0507fe
[0159.029] GetCurrentObject (hdc=0xff0107bb, type=0x6) returned 0x8a01c2
[0159.029] SaveDC (hdc=0xff0107bb) returned 1
[0159.029] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc2040807
[0159.029] GetClipRgn (hdc=0xff0107bb, hrgn=0xc2040807) returned 0
[0159.029] SelectClipRgn (hdc=0xff0107bb, hrgn=0x450407de) returned 2
[0159.029] DeleteObject (ho=0xc2040807) returned 1
[0159.029] DeleteObject (ho=0x450407de) returned 1
[0159.029] OffsetViewportOrgEx (in: hdc=0xff0107bb, x=0, y=0, lppt=0x2ca811c | out: lppt=0x2ca811c) returned 1
[0159.029] IsAppThemed () returned 0x1
[0159.029] GetThemeAppProperties () returned 0x3
[0159.030] GetThemeAppProperties () returned 0x3
[0159.030] GetThemeBackgroundContentRect () returned 0x0
[0159.030] RestoreDC (hdc=0xff0107bb, nSavedDC=-1) returned 1
[0159.030] GdipReleaseDC (graphics=0x6600030, hdc=0xff0107bb) returned 0x0
[0159.030] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0159.030] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0159.030] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0159.030] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0159.030] IsAppThemed () returned 0x1
[0159.030] GetThemeAppProperties () returned 0x3
[0159.030] GetThemeAppProperties () returned 0x3
[0159.030] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0159.030] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0159.030] GetCurrentObject (hdc=0xff0107bb, type=0x1) returned 0xb00017
[0159.030] GetCurrentObject (hdc=0xff0107bb, type=0x2) returned 0x900010
[0159.031] GetCurrentObject (hdc=0xff0107bb, type=0x7) returned 0x4a0507fe
[0159.031] GetCurrentObject (hdc=0xff0107bb, type=0x6) returned 0x8a01c2
[0159.031] SaveDC (hdc=0xff0107bb) returned 1
[0159.031] GetTextAlign (hdc=0xff0107bb) returned 0x0
[0159.031] GetTextColor (hdc=0xff0107bb) returned 0x0
[0159.031] GetCurrentObject (hdc=0xff0107bb, type=0x6) returned 0x8a01c2
[0159.031] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0159.031] SelectObject (hdc=0xff0107bb, h=0x6d0a0520) returned 0x8a01c2
[0159.031] GetBkMode (hdc=0xff0107bb) returned 2
[0159.031] SetBkMode (hdc=0xff0107bb, mode=1) returned 2
[0159.031] DrawTextExW (in: hdc=0xff0107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ca84e0 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0159.032] DrawTextExW (in: hdc=0xff0107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ca84e0 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0159.032] RestoreDC (hdc=0xff0107bb, nSavedDC=-1) returned 1
[0159.032] GdipReleaseDC (graphics=0x6600030, hdc=0xff0107bb) returned 0x0
[0159.033] GetFocus () returned 0x602c4
[0159.033] IsAppThemed () returned 0x1
[0159.033] GetThemeAppProperties () returned 0x3
[0159.033] GetThemeAppProperties () returned 0x3
[0159.033] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0159.033] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xff0107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.033] GdipReleaseDC (graphics=0x6600030, hdc=0xff0107bb) returned 0x0
[0159.033] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.033] SelectObject (hdc=0xff0107bb, h=0x85000f) returned 0x4a0507fe
[0159.034] DeleteDC (hdc=0xff0107bb) returned 1
[0159.034] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.034] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0159.034] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0159.034] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0159.034] WaitMessage () returned 1
[0159.091] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.091] IsWindowUnicode (hWnd=0x602c4) returned 1
[0159.091] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.091] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0159.091] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0159.091] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.091] IsWindowUnicode (hWnd=0x602c4) returned 1
[0159.091] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.091] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0159.091] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0159.091] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0016) returned 0x0
[0159.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0159.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0159.092] WaitMessage () returned 1
[0159.258] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f1) returned 0x1
[0159.258] IsWindowUnicode (hWnd=0x602c4) returned 1
[0159.258] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f1) returned 0x1
[0159.258] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0159.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0033) returned 0x0
[0159.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0159.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0159.259] SetCursor (hCursor=0x10003) returned 0x10003
[0159.259] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0159.259] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0159.259] GetKeyState (nVirtKey=1) returned -128
[0159.259] GetKeyState (nVirtKey=2) returned 0
[0159.259] GetKeyState (nVirtKey=4) returned 0
[0159.259] GetKeyState (nVirtKey=5) returned 0
[0159.259] GetKeyState (nVirtKey=6) returned 0
[0159.259] IsWindowVisible (hWnd=0x602c4) returned 1
[0159.259] IsWindowEnabled (hWnd=0x602c4) returned 1
[0159.259] SetFocus (hWnd=0x602c4) returned 0x602c4
[0159.259] GetFocus () returned 0x602c4
[0159.259] GetFocus () returned 0x602c4
[0159.259] GetFocus () returned 0x602c4
[0159.259] GetKeyState (nVirtKey=1) returned -128
[0159.259] GetKeyState (nVirtKey=2) returned 0
[0159.259] GetKeyState (nVirtKey=4) returned 0
[0159.259] GetKeyState (nVirtKey=5) returned 0
[0159.259] GetKeyState (nVirtKey=6) returned 0
[0159.259] GetCapture () returned 0x0
[0159.259] SetCapture (hWnd=0x602c4) returned 0x0
[0159.260] GetKeyState (nVirtKey=1) returned -128
[0159.260] GetKeyState (nVirtKey=2) returned 0
[0159.260] GetKeyState (nVirtKey=4) returned 0
[0159.260] GetKeyState (nVirtKey=5) returned 0
[0159.260] GetKeyState (nVirtKey=6) returned 0
[0159.260] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0159.260] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0159.260] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.260] IsWindowUnicode (hWnd=0x602c4) returned 1
[0159.260] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0159.260] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0159.260] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0159.260] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ca8664, cPoints=0x1 | out: lpPoints=0x2ca8664) returned 40304859
[0159.260] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0159.260] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0159.260] UpdateWindow (hWnd=0x602c4) returned 1
[0159.260] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0159.261] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.261] CreateCompatibleDC (hdc=0x10105d6) returned 0x107bb
[0159.261] SelectObject (hdc=0x107bb, h=0x4a0507fe) returned 0x85000f
[0159.261] GdipCreateFromHDC (hdc=0x107bb, graphics=0xd7e430) returned 0x0
[0159.261] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0159.261] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0159.261] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0159.261] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0159.261] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e490) returned 0x0
[0159.261] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0159.262] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eea60) returned 0x0
[0159.262] LocalFree (hMem=0x11eea60) returned 0x0
[0159.262] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0159.262] GdipCreateRegion (region=0xd7e478) returned 0x0
[0159.262] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0159.262] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0159.262] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0159.262] GdipRestoreGraphics (graphics=0x6600030, state=0xfce00dbd) returned 0x0
[0159.262] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0159.262] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0159.262] GetCurrentObject (hdc=0x107bb, type=0x1) returned 0xb00017
[0159.262] GetCurrentObject (hdc=0x107bb, type=0x2) returned 0x900010
[0159.262] GetCurrentObject (hdc=0x107bb, type=0x7) returned 0x4a0507fe
[0159.263] GetCurrentObject (hdc=0x107bb, type=0x6) returned 0x8a01c2
[0159.263] SaveDC (hdc=0x107bb) returned 1
[0159.263] GetNearestColor (hdc=0x107bb, color=0xff) returned 0xff
[0159.263] GetNearestColor (hdc=0x107bb, color=0x55) returned 0x55
[0159.263] GetNearestColor (hdc=0x107bb, color=0x0) returned 0x0
[0159.263] GetNearestColor (hdc=0x107bb, color=0x55) returned 0x55
[0159.263] GetNearestColor (hdc=0x107bb, color=0x0) returned 0x0
[0159.263] GetNearestColor (hdc=0x107bb, color=0x8080ff) returned 0x8080ff
[0159.263] GetNearestColor (hdc=0x107bb, color=0x7373e5) returned 0x7373e5
[0159.263] GetNearestColor (hdc=0x107bb, color=0xe5) returned 0xe5
[0159.263] GetNearestColor (hdc=0x107bb, color=0x0) returned 0x0
[0159.264] RestoreDC (hdc=0x107bb, nSavedDC=-1) returned 1
[0159.264] GdipReleaseDC (graphics=0x6600030, hdc=0x107bb) returned 0x0
[0159.264] IsAppThemed () returned 0x1
[0159.264] GetThemeAppProperties () returned 0x3
[0159.264] GetThemeAppProperties () returned 0x3
[0159.264] IsAppThemed () returned 0x1
[0159.264] GetThemeAppProperties () returned 0x3
[0159.264] GetThemeAppProperties () returned 0x3
[0159.264] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2ca8d80 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0159.264] IsAppThemed () returned 0x1
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] IsAppThemed () returned 0x1
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] IsAppThemed () returned 0x1
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] IsAppThemed () returned 0x1
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] IsThemePartDefined () returned 0x1
[0159.265] IsAppThemed () returned 0x1
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0159.265] IsAppThemed () returned 0x1
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] GetThemeAppProperties () returned 0x3
[0159.265] IsAppThemed () returned 0x1
[0159.266] GetThemeAppProperties () returned 0x3
[0159.266] GetThemeAppProperties () returned 0x3
[0159.266] IsThemePartDefined () returned 0x1
[0159.266] GdipCreateRegion (region=0xd7e194) returned 0x0
[0159.266] GdipGetClip (graphics=0x6600030, region=0x6644ce8) returned 0x0
[0159.266] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0159.266] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0159.266] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e1ac) returned 0x0
[0159.266] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.266] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11eec58) returned 0x0
[0159.266] LocalFree (hMem=0x11eec58) returned 0x0
[0159.266] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.266] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0159.266] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.266] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0159.266] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0159.267] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0159.267] GdipGetRegionHRgn (region=0x6644ce8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0159.267] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0159.267] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0159.267] GetCurrentObject (hdc=0x107bb, type=0x1) returned 0xb00017
[0159.267] GetCurrentObject (hdc=0x107bb, type=0x2) returned 0x900010
[0159.267] GetCurrentObject (hdc=0x107bb, type=0x7) returned 0x4a0507fe
[0159.267] GetCurrentObject (hdc=0x107bb, type=0x6) returned 0x8a01c2
[0159.267] SaveDC (hdc=0x107bb) returned 1
[0159.267] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x460407de
[0159.267] GetClipRgn (hdc=0x107bb, hrgn=0x460407de) returned 0
[0159.267] SelectClipRgn (hdc=0x107bb, hrgn=0xc6040807) returned 2
[0159.267] DeleteObject (ho=0x460407de) returned 1
[0159.268] DeleteObject (ho=0xc6040807) returned 1
[0159.268] OffsetViewportOrgEx (in: hdc=0x107bb, x=0, y=0, lppt=0x2ca9430 | out: lppt=0x2ca9430) returned 1
[0159.268] DrawThemeParentBackground () returned 0x0
[0159.268] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0159.268] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0159.268] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0159.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.268] GetSystemMetrics (nIndex=42) returned 0
[0159.268] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0159.268] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0159.268] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0159.268] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0159.268] SelectPalette (hdc=0x107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.269] GdipCreateFromHDC (hdc=0x107bb, graphics=0xd7dc88) returned 0x0
[0159.269] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0159.269] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0159.269] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x661c480) returned 0x0
[0159.269] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7dc60) returned 0x0
[0159.269] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0159.269] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0159.269] GdipGetClip (graphics=0x66372d8, region=0x6644988) returned 0x0
[0159.269] GdipIsInfiniteRegion (region=0x6644988, graphics=0x66372d8, result=0xd7dc54) returned 0x0
[0159.269] GdipDeleteRegion (region=0x6644988) returned 0x0
[0159.269] GdipSaveGraphics (graphics=0x66372d8, state=0xd7dc80) returned 0x0
[0159.269] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0159.282] GdipFillRectangleI (graphics=0x66372d8, brush=0x6639790, x=0, y=0, width=801, height=453) returned 0x0
[0159.282] GdipDeleteBrush (brush=0x6639790) returned 0x0
[0159.283] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0159.283] SelectPalette (hdc=0x107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.284] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0159.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.284] GetSystemMetrics (nIndex=42) returned 0
[0159.284] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0159.284] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0159.284] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0159.284] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0159.284] SelectPalette (hdc=0x107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.284] GdipCreateFromHDC (hdc=0x107bb, graphics=0xd7dc28) returned 0x0
[0159.284] GdipSetPageUnit (graphics=0x66372d8, unit=0x2) returned 0x0
[0159.284] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0159.284] GdipGetWorldTransform (graphics=0x66372d8, matrix=0x66046e0) returned 0x0
[0159.284] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7dc00) returned 0x0
[0159.284] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0159.285] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0159.285] GdipGetClip (graphics=0x66372d8, region=0x66441a8) returned 0x0
[0159.285] GdipIsInfiniteRegion (region=0x66441a8, graphics=0x66372d8, result=0xd7dbf4) returned 0x0
[0159.285] GdipDeleteRegion (region=0x66441a8) returned 0x0
[0159.285] GdipSaveGraphics (graphics=0x66372d8, state=0xd7dc20) returned 0x0
[0159.285] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0159.295] GdipFillRectangleI (graphics=0x66372d8, brush=0x6639790, x=0, y=0, width=801, height=453) returned 0x0
[0159.295] GdipDeleteBrush (brush=0x6639790) returned 0x0
[0159.297] GdipRestoreGraphics (graphics=0x66372d8, state=0xfcdc0dbd) returned 0x0
[0159.297] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0159.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.297] GetSystemMetrics (nIndex=42) returned 0
[0159.297] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0159.297] GdipDeleteGraphics (graphics=0x66372d8) returned 0x0
[0159.297] SelectPalette (hdc=0x107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.297] RestoreDC (hdc=0x107bb, nSavedDC=-1) returned 1
[0159.298] GdipReleaseDC (graphics=0x6600030, hdc=0x107bb) returned 0x0
[0159.298] IsAppThemed () returned 0x1
[0159.298] GetThemeAppProperties () returned 0x3
[0159.298] GetThemeAppProperties () returned 0x3
[0159.298] IsAppThemed () returned 0x1
[0159.298] GetThemeAppProperties () returned 0x3
[0159.298] GetThemeAppProperties () returned 0x3
[0159.298] IsThemePartDefined () returned 0x1
[0159.298] GdipCreateRegion (region=0xd7e118) returned 0x0
[0159.298] GdipGetClip (graphics=0x6600030, region=0x66448f8) returned 0x0
[0159.298] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0159.298] GdipGetWorldTransform (graphics=0x6600030, matrix=0x661c480) returned 0x0
[0159.298] GdipIsMatrixIdentity (matrix=0x661c480, result=0xd7e130) returned 0x0
[0159.298] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.298] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11eec58) returned 0x0
[0159.299] LocalFree (hMem=0x11eec58) returned 0x0
[0159.299] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.299] GdipGetMatrixElements (matrix=0x661c480, matrixOut=0x11ee788) returned 0x0
[0159.299] LocalFree (hMem=0x11ee788) returned 0x0
[0159.299] GdipDeleteMatrix (matrix=0x661c480) returned 0x0
[0159.299] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0159.299] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0159.299] GdipGetRegionHRgn (region=0x66448f8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0159.299] GdipDeleteRegion (region=0x66448f8) returned 0x0
[0159.299] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0159.299] GetCurrentObject (hdc=0x107bb, type=0x1) returned 0xb00017
[0159.299] GetCurrentObject (hdc=0x107bb, type=0x2) returned 0x900010
[0159.299] GetCurrentObject (hdc=0x107bb, type=0x7) returned 0x4a0507fe
[0159.299] GetCurrentObject (hdc=0x107bb, type=0x6) returned 0x8a01c2
[0159.299] SaveDC (hdc=0x107bb) returned 1
[0159.300] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc7040807
[0159.300] GetClipRgn (hdc=0x107bb, hrgn=0xc7040807) returned 0
[0159.300] SelectClipRgn (hdc=0x107bb, hrgn=0x480407de) returned 2
[0159.300] DeleteObject (ho=0xc7040807) returned 1
[0159.300] DeleteObject (ho=0x480407de) returned 1
[0159.300] OffsetViewportOrgEx (in: hdc=0x107bb, x=0, y=0, lppt=0x2cafc80 | out: lppt=0x2cafc80) returned 1
[0159.300] IsAppThemed () returned 0x1
[0159.300] GetThemeAppProperties () returned 0x3
[0159.300] GetThemeAppProperties () returned 0x3
[0159.300] DrawThemeBackground () returned 0x0
[0159.300] RestoreDC (hdc=0x107bb, nSavedDC=-1) returned 1
[0159.300] GdipReleaseDC (graphics=0x6600030, hdc=0x107bb) returned 0x0
[0159.300] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0159.301] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0159.301] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0159.301] GdipGetWorldTransform (graphics=0x6600030, matrix=0x66046e0) returned 0x0
[0159.301] GdipIsMatrixIdentity (matrix=0x66046e0, result=0xd7e134) returned 0x0
[0159.301] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.301] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee9f0) returned 0x0
[0159.301] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.301] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.301] GdipGetMatrixElements (matrix=0x66046e0, matrixOut=0x11ee788) returned 0x0
[0159.301] LocalFree (hMem=0x11ee788) returned 0x0
[0159.301] GdipDeleteMatrix (matrix=0x66046e0) returned 0x0
[0159.301] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0159.301] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0159.301] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0159.301] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0159.301] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0159.302] GetCurrentObject (hdc=0x107bb, type=0x1) returned 0xb00017
[0159.302] GetCurrentObject (hdc=0x107bb, type=0x2) returned 0x900010
[0159.302] GetCurrentObject (hdc=0x107bb, type=0x7) returned 0x4a0507fe
[0159.302] GetCurrentObject (hdc=0x107bb, type=0x6) returned 0x8a01c2
[0159.302] SaveDC (hdc=0x107bb) returned 1
[0159.302] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x490407de
[0159.302] GetClipRgn (hdc=0x107bb, hrgn=0x490407de) returned 0
[0159.302] SelectClipRgn (hdc=0x107bb, hrgn=0xc8040807) returned 2
[0159.302] DeleteObject (ho=0x490407de) returned 1
[0159.302] DeleteObject (ho=0xc8040807) returned 1
[0159.302] OffsetViewportOrgEx (in: hdc=0x107bb, x=0, y=0, lppt=0x2caff54 | out: lppt=0x2caff54) returned 1
[0159.302] IsAppThemed () returned 0x1
[0159.302] GetThemeAppProperties () returned 0x3
[0159.302] GetThemeAppProperties () returned 0x3
[0159.302] GetThemeBackgroundContentRect () returned 0x0
[0159.302] RestoreDC (hdc=0x107bb, nSavedDC=-1) returned 1
[0159.302] GdipReleaseDC (graphics=0x6600030, hdc=0x107bb) returned 0x0
[0159.303] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0159.303] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0159.303] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0159.303] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0159.303] IsAppThemed () returned 0x1
[0159.303] GetThemeAppProperties () returned 0x3
[0159.303] GetThemeAppProperties () returned 0x3
[0159.303] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0159.303] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0159.303] GetCurrentObject (hdc=0x107bb, type=0x1) returned 0xb00017
[0159.303] GetCurrentObject (hdc=0x107bb, type=0x2) returned 0x900010
[0159.303] GetCurrentObject (hdc=0x107bb, type=0x7) returned 0x4a0507fe
[0159.303] GetCurrentObject (hdc=0x107bb, type=0x6) returned 0x8a01c2
[0159.303] SaveDC (hdc=0x107bb) returned 1
[0159.303] GetTextAlign (hdc=0x107bb) returned 0x0
[0159.303] GetTextColor (hdc=0x107bb) returned 0x0
[0159.303] GetCurrentObject (hdc=0x107bb, type=0x6) returned 0x8a01c2
[0159.304] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0159.304] SelectObject (hdc=0x107bb, h=0x6d0a0520) returned 0x8a01c2
[0159.304] GetBkMode (hdc=0x107bb) returned 2
[0159.304] SetBkMode (hdc=0x107bb, mode=1) returned 2
[0159.304] DrawTextExW (in: hdc=0x107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2cb0318 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0159.304] DrawTextExW (in: hdc=0x107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2cb0318 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0159.305] RestoreDC (hdc=0x107bb, nSavedDC=-1) returned 1
[0159.305] GdipReleaseDC (graphics=0x6600030, hdc=0x107bb) returned 0x0
[0159.305] GetFocus () returned 0x602c4
[0159.305] IsAppThemed () returned 0x1
[0159.305] GetThemeAppProperties () returned 0x3
[0159.305] GetThemeAppProperties () returned 0x3
[0159.305] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0159.305] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.306] GdipReleaseDC (graphics=0x6600030, hdc=0x107bb) returned 0x0
[0159.306] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.306] SelectObject (hdc=0x107bb, h=0x85000f) returned 0x4a0507fe
[0159.306] DeleteDC (hdc=0x107bb) returned 1
[0159.306] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.306] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0159.306] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cb0414, cPoints=0x1 | out: lpPoints=0x2cb0414) returned 40304859
[0159.306] WindowFromPoint (Point=0xf1) returned 0x602c4
[0159.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f1) returned 0x1
[0159.307] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0159.307] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0159.307] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0159.307] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0159.307] GetSystemMetrics (nIndex=42) returned 0
[0159.307] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0159.307] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0159.316] GetCapture () returned 0x602c4
[0159.316] ReleaseCapture () returned 1
[0159.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0159.316] GetProcessWindowStation () returned 0x13c
[0159.317] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.317] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0159.318] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.318] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0159.318] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.318] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0159.318] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.319] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0159.319] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.319] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0159.319] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.319] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0159.319] GetDC (hWnd=0x0) returned 0x107b9
[0159.320] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0159.320] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0159.320] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.320] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0159.320] GetSystemMetrics (nIndex=5) returned 1
[0159.321] GetSystemMetrics (nIndex=6) returned 1
[0159.321] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.321] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0159.321] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.321] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0159.325] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0159.325] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0159.325] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.325] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0159.325] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.325] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0159.326] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2cb5e30 | out: lpData=0x2cb5e30) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cb6240, puLen=0xd7e810) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb5ee8, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb5f3c, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb5fbc, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb6024, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb6064, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb60ec, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb6128, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb6180, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb61b0, puLen=0xd7e790) returned 1
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.327] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb61ec, puLen=0xd7e790) returned 1
[0159.328] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.328] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cb6240, puLen=0xd7e784) returned 1
[0159.328] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.328] VerQueryValueW (in: pBlock=0x2cb5e30, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cb5e58, puLen=0xd7e794) returned 1
[0159.328] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0159.328] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0159.328] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.329] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0159.329] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.329] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0159.329] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2cb7da0 | out: lpData=0x2cb7da0) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cb7e3c, puLen=0xd7e810) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7eb4, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7ee4, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7f20, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7f50, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7f98, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb8010, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb8054, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb8094, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7e92, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7fe0, puLen=0xd7e790) returned 1
[0159.329] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.330] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.330] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cb7e3c, puLen=0xd7e784) returned 1
[0159.330] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0159.330] VerQueryValueW (in: pBlock=0x2cb7da0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cb7dc8, puLen=0xd7e794) returned 1
[0159.330] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0159.331] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0159.331] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.331] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0159.331] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.331] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0159.332] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2cba078 | out: lpData=0x2cba078) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cba48c, puLen=0xd7e810) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba130, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba184, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba1e0, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba240, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba298, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba320, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba374, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba3cc, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba3fc, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba438, puLen=0xd7e790) returned 1
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cba48c, puLen=0xd7e784) returned 1
[0159.333] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.333] VerQueryValueW (in: pBlock=0x2cba078, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cba0a0, puLen=0xd7e794) returned 1
[0159.335] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0159.335] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0159.335] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.335] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0159.335] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.335] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0159.336] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2cbc6b0 | out: lpData=0x2cbc6b0) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cbcab0, puLen=0xd7e810) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc768, puLen=0xd7e790) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc7bc, puLen=0xd7e790) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc7fc, puLen=0xd7e790) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc864, puLen=0xd7e790) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc8bc, puLen=0xd7e790) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc944, puLen=0xd7e790) returned 1
[0159.337] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc998, puLen=0xd7e790) returned 1
[0159.338] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbc9f0, puLen=0xd7e790) returned 1
[0159.338] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbca20, puLen=0xd7e790) returned 1
[0159.338] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.338] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbca5c, puLen=0xd7e790) returned 1
[0159.338] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.338] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cbcab0, puLen=0xd7e784) returned 1
[0159.338] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.338] VerQueryValueW (in: pBlock=0x2cbc6b0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cbc6d8, puLen=0xd7e794) returned 1
[0159.339] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0159.339] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0159.339] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.339] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0159.339] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.339] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0159.340] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2cbedec | out: lpData=0x2cbedec) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cbf1b4, puLen=0xd7e810) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbeea4, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbeef8, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbef38, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbefa0, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbefdc, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbf064, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbf09c, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbf0f4, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbf124, puLen=0xd7e790) returned 1
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.344] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cbf160, puLen=0xd7e790) returned 1
[0159.345] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.345] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cbf1b4, puLen=0xd7e784) returned 1
[0159.345] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.345] VerQueryValueW (in: pBlock=0x2cbedec, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cbee14, puLen=0xd7e794) returned 1
[0159.346] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0159.346] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0159.346] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.346] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0159.346] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.346] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0159.347] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2cc2454 | out: lpData=0x2cc2454) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc2834, puLen=0xd7e810) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc250c, puLen=0xd7e790) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2560, puLen=0xd7e790) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc25a0, puLen=0xd7e790) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2600, puLen=0xd7e790) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc264c, puLen=0xd7e790) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc26d4, puLen=0xd7e790) returned 1
[0159.348] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc271c, puLen=0xd7e790) returned 1
[0159.349] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2774, puLen=0xd7e790) returned 1
[0159.349] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc27a4, puLen=0xd7e790) returned 1
[0159.349] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.349] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc27e0, puLen=0xd7e790) returned 1
[0159.349] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.349] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc2834, puLen=0xd7e784) returned 1
[0159.349] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.349] VerQueryValueW (in: pBlock=0x2cc2454, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc247c, puLen=0xd7e794) returned 1
[0159.350] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0159.350] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0159.350] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.350] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0159.350] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.350] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0159.351] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2cc4c74 | out: lpData=0x2cc4c74) returned 1
[0159.352] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc5080, puLen=0xd7e810) returned 1
[0159.352] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4d2c, puLen=0xd7e790) returned 1
[0159.352] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4d80, puLen=0xd7e790) returned 1
[0159.352] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4dd4, puLen=0xd7e790) returned 1
[0159.352] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4e34, puLen=0xd7e790) returned 1
[0159.352] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4e8c, puLen=0xd7e790) returned 1
[0159.352] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4f14, puLen=0xd7e790) returned 1
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4f68, puLen=0xd7e790) returned 1
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4fc0, puLen=0xd7e790) returned 1
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4ff0, puLen=0xd7e790) returned 1
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc502c, puLen=0xd7e790) returned 1
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc5080, puLen=0xd7e784) returned 1
[0159.353] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.353] VerQueryValueW (in: pBlock=0x2cc4c74, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc4c9c, puLen=0xd7e794) returned 1
[0159.354] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0159.354] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0159.354] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.354] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0159.354] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.354] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0159.355] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cc7488 | out: lpData=0x2cc7488) returned 1
[0159.356] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc7860, puLen=0xd7e810) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc7540, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc7594, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc75d4, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc763c, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc7680, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc7708, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc7748, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc77a0, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc77d0, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc780c, puLen=0xd7e790) returned 1
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.358] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc7860, puLen=0xd7e784) returned 1
[0159.358] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.359] VerQueryValueW (in: pBlock=0x2cc7488, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc74b0, puLen=0xd7e794) returned 1
[0159.360] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0159.360] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0159.360] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.360] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0159.360] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.360] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0159.361] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cc99e0 | out: lpData=0x2cc99e0) returned 1
[0159.362] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc9db8, puLen=0xd7e810) returned 1
[0159.362] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9a98, puLen=0xd7e790) returned 1
[0159.362] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9aec, puLen=0xd7e790) returned 1
[0159.362] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9b2c, puLen=0xd7e790) returned 1
[0159.362] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9b94, puLen=0xd7e790) returned 1
[0159.362] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9bd8, puLen=0xd7e790) returned 1
[0159.362] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9c60, puLen=0xd7e790) returned 1
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9ca0, puLen=0xd7e790) returned 1
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9cf8, puLen=0xd7e790) returned 1
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9d28, puLen=0xd7e790) returned 1
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc9d64, puLen=0xd7e790) returned 1
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc9db8, puLen=0xd7e784) returned 1
[0159.363] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.363] VerQueryValueW (in: pBlock=0x2cc99e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc9a08, puLen=0xd7e794) returned 1
[0159.364] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0159.364] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0159.364] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0159.364] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0159.364] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0159.364] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0159.365] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2ccc118 | out: lpData=0x2ccc118) returned 1
[0159.366] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ccc548, puLen=0xd7e810) returned 1
[0159.366] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc1d0, puLen=0xd7e790) returned 1
[0159.366] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc224, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc294, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc2f4, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc350, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc3d8, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc430, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc488, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc4b8, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccc4f4, puLen=0xd7e790) returned 1
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ccc548, puLen=0xd7e784) returned 1
[0159.367] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0159.367] VerQueryValueW (in: pBlock=0x2ccc118, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ccc140, puLen=0xd7e794) returned 1
[0159.368] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0159.368] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.368] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0159.368] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.369] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.369] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x602dc
[0159.369] SetWindowLongW (hWnd=0x602dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0159.370] GetWindowLongW (hWnd=0x602dc, nIndex=-4) returned 1950089536
[0159.370] SetWindowLongW (hWnd=0x602dc, nIndex=-4, dwNewLong=19940430) returned 1950089536
[0159.370] GetWindowLongW (hWnd=0x602dc, nIndex=-4) returned 19940430
[0159.370] GetWindowLongW (hWnd=0x602dc, nIndex=-16) returned 113311744
[0159.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0159.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0159.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0159.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0159.372] GetClientRect (in: hWnd=0x602dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0159.372] GetWindowRect (in: hWnd=0x602dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0159.372] SetWindowTextW (hWnd=0x602dc, lpString="WindowsFormsParkingWindow") returned 1
[0159.372] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0xc, wParam=0x0, lParam=0x2c91638) returned 0x1
[0159.373] GetParent (hWnd=0x602dc) returned 0x0
[0159.373] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.373] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x602dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x602de
[0159.373] SetWindowLongW (hWnd=0x602de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0159.373] GetWindowLongW (hWnd=0x602de, nIndex=-4) returned 1868147648
[0159.374] SetWindowLongW (hWnd=0x602de, nIndex=-4, dwNewLong=19940830) returned 1868147648
[0159.374] GetWindowLongW (hWnd=0x602de, nIndex=-4) returned 19940830
[0159.374] GetWindowLongW (hWnd=0x602de, nIndex=-16) returned 1174405133
[0159.374] GetWindowLongW (hWnd=0x602de, nIndex=-12) returned 0
[0159.374] SetWindowLongW (hWnd=0x602de, nIndex=-12, dwNewLong=393950) returned 0
[0159.374] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0159.375] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0159.375] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0159.376] GetClientRect (in: hWnd=0x602de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0159.376] GetWindowRect (in: hWnd=0x602de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0159.376] GetParent (hWnd=0x602de) returned 0x602dc
[0159.376] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0159.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0159.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0159.377] GetClientRect (in: hWnd=0x602de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0159.377] GetWindowRect (in: hWnd=0x602de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0159.377] GetParent (hWnd=0x602de) returned 0x602dc
[0159.377] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0159.377] SendMessageW (hWnd=0x602de, Msg=0x2210, wParam=0x2de0001, lParam=0x602de) returned 0x0
[0159.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x2210, wParam=0x2de0001, lParam=0x602de) returned 0x0
[0159.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.378] GetParent (hWnd=0x602de) returned 0x602dc
[0159.378] GdipCreateFromHWND (hwnd=0x602de, graphics=0xd7e844) returned 0x0
[0159.378] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0159.379] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.379] GetForegroundWindow () returned 0x7005c
[0159.379] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0159.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.379] GetSystemMetrics (nIndex=42) returned 0
[0159.379] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0159.380] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0159.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.380] GetSystemMetrics (nIndex=42) returned 0
[0159.380] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0159.380] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.380] GetCursorPos (in: lpPoint=0x2cd059c | out: lpPoint=0x2cd059c*(x=241, y=628)) returned 1
[0159.381] MonitorFromPoint (pt=0xf1, dwFlags=0x274) returned 0x10001
[0159.381] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0159.381] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x30107bb
[0159.381] GetDeviceCaps (hdc=0x30107bb, index=12) returned 32
[0159.381] GetDeviceCaps (hdc=0x30107bb, index=14) returned 1
[0159.381] DeleteDC (hdc=0x30107bb) returned 1
[0159.381] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0159.381] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0159.381] GetSystemMetrics (nIndex=59) returned 1460
[0159.381] GetSystemMetrics (nIndex=60) returned 920
[0159.382] GetSystemMetrics (nIndex=34) returned 136
[0159.382] GetSystemMetrics (nIndex=35) returned 39
[0159.382] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.382] GetCursorPos (in: lpPoint=0x2cd0808 | out: lpPoint=0x2cd0808*(x=241, y=628)) returned 1
[0159.382] MonitorFromPoint (pt=0xf2, dwFlags=0x273) returned 0x10001
[0159.382] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0159.382] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x40107bb
[0159.382] GetDeviceCaps (hdc=0x40107bb, index=12) returned 32
[0159.383] GetDeviceCaps (hdc=0x40107bb, index=14) returned 1
[0159.383] DeleteDC (hdc=0x40107bb) returned 1
[0159.383] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0159.383] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0159.383] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.383] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0159.384] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2cd0aa0 | out: piconinfo=0x2cd0aa0) returned 1
[0159.384] GetObjectW (in: h=0x440507c6, c=24, pv=0x2cd0abc | out: pv=0x2cd0abc) returned 24
[0159.384] GdipCreateBitmapFromHBITMAP (hbm=0x440507c6, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0159.384] GdipGetImageWidth (image=0x663ff78, width=0xd7e750) returned 0x0
[0159.385] GdipGetImageHeight (image=0x663ff78, height=0xd7e748) returned 0x0
[0159.385] GdipGetImagePixelFormat (image=0x663ff78, format=0xd7e740) returned 0x0
[0159.385] GdipBitmapLockBits (bitmap=0x663ff78, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2cd0b74) returned 0x0
[0159.385] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0159.385] GdipBitmapLockBits (bitmap=0x6640608, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2cd0bac) returned 0x0
[0159.385] RtlMoveMemory (in: Destination=0x664ade0, Source=0x664ad58, Length=0x80 | out: Destination=0x664ade0)
[0159.385] RtlMoveMemory (in: Destination=0x664ae60, Source=0x664acd8, Length=0x80 | out: Destination=0x664ae60)
[0159.385] RtlMoveMemory (in: Destination=0x664aee0, Source=0x664ac58, Length=0x80 | out: Destination=0x664aee0)
[0159.385] RtlMoveMemory (in: Destination=0x664af60, Source=0x664abd8, Length=0x80 | out: Destination=0x664af60)
[0159.385] RtlMoveMemory (in: Destination=0x664afe0, Source=0x664ab58, Length=0x80 | out: Destination=0x664afe0)
[0159.385] RtlMoveMemory (in: Destination=0x664b060, Source=0x664aad8, Length=0x80 | out: Destination=0x664b060)
[0159.385] RtlMoveMemory (in: Destination=0x664b0e0, Source=0x664aa58, Length=0x80 | out: Destination=0x664b0e0)
[0159.385] RtlMoveMemory (in: Destination=0x664b160, Source=0x664a9d8, Length=0x80 | out: Destination=0x664b160)
[0159.385] RtlMoveMemory (in: Destination=0x664b1e0, Source=0x664a958, Length=0x80 | out: Destination=0x664b1e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b260, Source=0x664a8d8, Length=0x80 | out: Destination=0x664b260)
[0159.386] RtlMoveMemory (in: Destination=0x664b2e0, Source=0x664a858, Length=0x80 | out: Destination=0x664b2e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b360, Source=0x664a7d8, Length=0x80 | out: Destination=0x664b360)
[0159.386] RtlMoveMemory (in: Destination=0x664b3e0, Source=0x664a758, Length=0x80 | out: Destination=0x664b3e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b460, Source=0x664a6d8, Length=0x80 | out: Destination=0x664b460)
[0159.386] RtlMoveMemory (in: Destination=0x664b4e0, Source=0x664a658, Length=0x80 | out: Destination=0x664b4e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b560, Source=0x664a5d8, Length=0x80 | out: Destination=0x664b560)
[0159.386] RtlMoveMemory (in: Destination=0x664b5e0, Source=0x664a558, Length=0x80 | out: Destination=0x664b5e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b660, Source=0x664a4d8, Length=0x80 | out: Destination=0x664b660)
[0159.386] RtlMoveMemory (in: Destination=0x664b6e0, Source=0x664a458, Length=0x80 | out: Destination=0x664b6e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b760, Source=0x664a3d8, Length=0x80 | out: Destination=0x664b760)
[0159.386] RtlMoveMemory (in: Destination=0x664b7e0, Source=0x664a358, Length=0x80 | out: Destination=0x664b7e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b860, Source=0x664a2d8, Length=0x80 | out: Destination=0x664b860)
[0159.386] RtlMoveMemory (in: Destination=0x664b8e0, Source=0x664a258, Length=0x80 | out: Destination=0x664b8e0)
[0159.386] RtlMoveMemory (in: Destination=0x664b960, Source=0x664a1d8, Length=0x80 | out: Destination=0x664b960)
[0159.386] RtlMoveMemory (in: Destination=0x664b9e0, Source=0x664a158, Length=0x80 | out: Destination=0x664b9e0)
[0159.386] RtlMoveMemory (in: Destination=0x664ba60, Source=0x664a0d8, Length=0x80 | out: Destination=0x664ba60)
[0159.387] RtlMoveMemory (in: Destination=0x664bae0, Source=0x664a058, Length=0x80 | out: Destination=0x664bae0)
[0159.387] RtlMoveMemory (in: Destination=0x664bb60, Source=0x6649fd8, Length=0x80 | out: Destination=0x664bb60)
[0159.387] RtlMoveMemory (in: Destination=0x664bbe0, Source=0x6649f58, Length=0x80 | out: Destination=0x664bbe0)
[0159.387] RtlMoveMemory (in: Destination=0x664bc60, Source=0x6649ed8, Length=0x80 | out: Destination=0x664bc60)
[0159.387] RtlMoveMemory (in: Destination=0x664bce0, Source=0x6649e58, Length=0x80 | out: Destination=0x664bce0)
[0159.387] RtlMoveMemory (in: Destination=0x664bd60, Source=0x6649dd8, Length=0x80 | out: Destination=0x664bd60)
[0159.387] GdipBitmapUnlockBits (bitmap=0x663ff78, lockedBitmapData=0x2cd0b74) returned 0x0
[0159.387] GdipBitmapUnlockBits (bitmap=0x6640608, lockedBitmapData=0x2cd0bac) returned 0x0
[0159.387] GdipDisposeImage (image=0x663ff78) returned 0x0
[0159.387] DeleteObject (ho=0x440507c6) returned 1
[0159.387] DeleteObject (ho=0x50507bb) returned 1
[0159.387] GetCurrentThreadId () returned 0xf50
[0159.387] GetCurrentThreadId () returned 0xf50
[0159.388] SetWindowPos (hWnd=0x602de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0159.388] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0159.388] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0159.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0159.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0159.389] GetClientRect (in: hWnd=0x602de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0159.389] GetWindowRect (in: hWnd=0x602de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0159.389] GetParent (hWnd=0x602de) returned 0x602dc
[0159.389] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0159.389] InvalidateRect (hWnd=0x602de, lpRect=0x0, bErase=1) returned 1
[0159.389] GetWindowTextLengthW (hWnd=0x602de) returned 0
[0159.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0159.389] GetSystemMetrics (nIndex=42) returned 0
[0159.389] GetWindowTextW (in: hWnd=0x602de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0159.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0159.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0159.389] GetClientRect (in: hWnd=0x602de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0159.389] GetWindowRect (in: hWnd=0x602de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0159.389] GetParent (hWnd=0x602de) returned 0x602dc
[0159.389] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0159.390] GetWindowTextLengthW (hWnd=0x602de) returned 0
[0159.390] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0159.390] GetSystemMetrics (nIndex=42) returned 0
[0159.390] GetWindowTextW (in: hWnd=0x602de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0159.390] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0159.390] GetWindowTextLengthW (hWnd=0x602de) returned 0
[0159.390] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0159.390] GetSystemMetrics (nIndex=42) returned 0
[0159.390] GetWindowTextW (in: hWnd=0x602de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0159.390] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0159.390] SetWindowTextW (hWnd=0x602de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0159.390] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xc, wParam=0x0, lParam=0x2cb1a08) returned 0x1
[0159.390] InvalidateRect (hWnd=0x602de, lpRect=0x0, bErase=1) returned 1
[0159.390] GetCurrentThreadId () returned 0xf50
[0159.391] GetWindowThreadProcessId (in: hWnd=0x602de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0159.391] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0159.392] GdipImageForceValidation (image=0x663ebc8) returned 0x0
[0159.394] GdipGetImageRawFormat (image=0x663ebc8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0159.394] GdipGetImageHeight (image=0x663ebc8, height=0xd7e824) returned 0x0
[0159.394] GdipGetImageWidth (image=0x663ebc8, width=0xd7e824) returned 0x0
[0159.394] GdipGetImageWidth (image=0x663ebc8, width=0xd7e810) returned 0x0
[0159.394] GdipGetImageHeight (image=0x663ebc8, height=0xd7e810) returned 0x0
[0159.394] GdipGetImageWidth (image=0x663ebc8, width=0xd7e800) returned 0x0
[0159.394] GdipGetImageHeight (image=0x663ebc8, height=0xd7e800) returned 0x0
[0159.395] GdipBitmapGetPixel (bitmap=0x663ebc8, x=0, y=15, color=0xd7e810) returned 0x0
[0159.395] GdipGetImageRawFormat (image=0x663ebc8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0159.395] GdipGetImageWidth (image=0x663ebc8, width=0xd7e740) returned 0x0
[0159.395] GdipGetImageHeight (image=0x663ebc8, height=0xd7e740) returned 0x0
[0159.395] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0159.395] GdipGetImagePixelFormat (image=0x663ff78, format=0xd7e740) returned 0x0
[0159.395] GdipGetImageGraphicsContext (image=0x663ff78, graphics=0xd7e74c) returned 0x0
[0159.395] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0159.395] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0159.395] GdipSetImageAttributesColorKeys (imageattr=0x661c480, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0159.395] GdipDrawImageRectRectI (graphics=0x6600030, image=0x663ebc8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x661c480, callback=0x0, callbackData=0x0) returned 0x0
[0159.396] GdipDisposeImageAttributes (imageattr=0x661c480) returned 0x0
[0159.396] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.396] GdipDisposeImage (image=0x663ebc8) returned 0x0
[0159.396] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0159.397] GdipImageForceValidation (image=0x663ebc8) returned 0x0
[0159.399] GdipGetImageRawFormat (image=0x663ebc8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0159.399] GdipGetImageHeight (image=0x663ebc8, height=0xd7e824) returned 0x0
[0159.399] GdipGetImageWidth (image=0x663ebc8, width=0xd7e824) returned 0x0
[0159.399] GdipGetImageWidth (image=0x663ebc8, width=0xd7e810) returned 0x0
[0159.399] GdipGetImageHeight (image=0x663ebc8, height=0xd7e810) returned 0x0
[0159.399] GdipGetImageWidth (image=0x663ebc8, width=0xd7e800) returned 0x0
[0159.399] GdipGetImageHeight (image=0x663ebc8, height=0xd7e800) returned 0x0
[0159.399] GdipBitmapGetPixel (bitmap=0x663ebc8, x=0, y=15, color=0xd7e810) returned 0x0
[0159.399] GdipGetImageRawFormat (image=0x663ebc8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0159.399] GdipGetImageWidth (image=0x663ebc8, width=0xd7e740) returned 0x0
[0159.399] GdipGetImageHeight (image=0x663ebc8, height=0xd7e740) returned 0x0
[0159.400] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0159.400] GdipGetImagePixelFormat (image=0x663ef10, format=0xd7e740) returned 0x0
[0159.400] GdipGetImageGraphicsContext (image=0x663ef10, graphics=0xd7e74c) returned 0x0
[0159.400] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0159.400] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0159.400] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0159.400] GdipDrawImageRectRectI (graphics=0x6600030, image=0x663ebc8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0159.400] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0159.400] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.400] GdipDisposeImage (image=0x663ebc8) returned 0x0
[0159.401] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.401] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0159.401] GetCurrentThreadId () returned 0xf50
[0159.401] GetCurrentThreadId () returned 0xf50
[0159.402] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.402] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0159.402] GetCurrentThreadId () returned 0xf50
[0159.402] GetCurrentThreadId () returned 0xf50
[0159.402] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.402] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0159.402] GetCurrentThreadId () returned 0xf50
[0159.402] GetCurrentThreadId () returned 0xf50
[0159.402] GetSystemMetrics (nIndex=5) returned 1
[0159.402] GetSystemMetrics (nIndex=6) returned 1
[0159.403] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.403] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0159.403] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.403] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0159.404] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.404] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0159.404] GetCurrentThreadId () returned 0xf50
[0159.404] GetCurrentThreadId () returned 0xf50
[0159.404] GetProcessWindowStation () returned 0x13c
[0159.404] GetCapture () returned 0x0
[0159.404] GetActiveWindow () returned 0x7005c
[0159.404] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0159.405] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.405] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0159.405] GetCursorPos (in: lpPoint=0x2cd1cec | out: lpPoint=0x2cd1cec*(x=241, y=628)) returned 1
[0159.405] MonitorFromPoint (pt=0xf1, dwFlags=0x274) returned 0x10001
[0159.405] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0159.405] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x60107bb
[0159.405] GetDeviceCaps (hdc=0x60107bb, index=12) returned 32
[0159.405] GetDeviceCaps (hdc=0x60107bb, index=14) returned 1
[0159.405] DeleteDC (hdc=0x60107bb) returned 1
[0159.406] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0159.406] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.406] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802d8
[0159.406] SetWindowLongW (hWnd=0x802d8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0159.406] GetWindowLongW (hWnd=0x802d8, nIndex=-4) returned 1950089536
[0159.407] SetWindowLongW (hWnd=0x802d8, nIndex=-4, dwNewLong=19940470) returned 1950089536
[0159.407] GetWindowLongW (hWnd=0x802d8, nIndex=-4) returned 19940470
[0159.407] GetWindowLongW (hWnd=0x802d8, nIndex=-16) returned 113770496
[0159.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0159.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0159.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0159.409] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0159.409] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0159.409] SetWindowTextW (hWnd=0x802d8, lpString="BB ransomware") returned 1
[0159.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xc, wParam=0x0, lParam=0x2cd0488) returned 0x1
[0159.410] GetStartupInfoW (in: lpStartupInfo=0x2cd2028 | out: lpStartupInfo=0x2cd2028*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0159.413] GetParent (hWnd=0x802d8) returned 0x0
[0159.413] SetWindowLongW (hWnd=0x802d8, nIndex=-8, dwNewLong=0) returned 0
[0159.415] SendMessageW (hWnd=0x802d8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0159.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0159.415] SendMessageW (hWnd=0x802d8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0159.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0159.415] GetSystemMenu (hWnd=0x802d8, bRevert=0) returned 0x1b0297
[0159.416] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0159.416] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0159.416] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0159.416] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0159.416] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0159.416] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0159.416] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0159.416] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0159.416] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0159.416] SetWindowPos (hWnd=0x802d8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0159.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0159.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x802d8) returned 0x1
[0159.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0159.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0159.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.428] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x802d8, lParam=0x0) returned 0x0
[0159.428] GetCapture () returned 0x0
[0159.428] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0159.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0159.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0159.433] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.433] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0159.433] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0159.434] GetParent (hWnd=0x802d8) returned 0x0
[0159.434] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.434] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0159.445] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0159.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0159.446] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0159.446] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0159.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.448] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.449] GetWindowLongW (hWnd=0x802d8, nIndex=-16) returned 113770496
[0159.449] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.449] GetSystemMetrics (nIndex=42) returned 0
[0159.449] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0159.449] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.449] GetSystemMetrics (nIndex=42) returned 0
[0159.449] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0159.449] GetCursorPos (in: lpPoint=0x2cd2264 | out: lpPoint=0x2cd2264*(x=241, y=628)) returned 1
[0159.449] MonitorFromPoint (pt=0xee, dwFlags=0x276) returned 0x10001
[0159.449] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0159.450] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xd20107d3
[0159.450] GetDeviceCaps (hdc=0xd20107d3, index=12) returned 32
[0159.450] GetDeviceCaps (hdc=0xd20107d3, index=14) returned 1
[0159.450] DeleteDC (hdc=0xd20107d3) returned 1
[0159.450] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0159.450] GetWindowLongW (hWnd=0x802d8, nIndex=-16) returned 113770496
[0159.450] GetWindowLongW (hWnd=0x802d8, nIndex=-20) returned 327945
[0159.451] SetWindowLongW (hWnd=0x802d8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0159.451] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0159.451] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0159.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.453] SetWindowLongW (hWnd=0x802d8, nIndex=-20, dwNewLong=327681) returned 327945
[0159.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0159.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0159.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.456] SetWindowPos (hWnd=0x802d8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0159.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0159.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0159.456] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0159.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0159.457] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0159.457] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0159.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.459] RedrawWindow (hWnd=0x802d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0159.459] GetSystemMenu (hWnd=0x802d8, bRevert=0) returned 0x1b0297
[0159.459] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0159.460] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0159.460] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0159.460] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0159.460] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0159.460] EnableMenuItem (hMenu=0x1b0297, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0159.460] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0159.460] GetWindowLongW (hWnd=0x802d8, nIndex=-8) returned 0
[0159.460] SetWindowLongW (hWnd=0x802d8, nIndex=-8, dwNewLong=458844) returned 0
[0159.461] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0159.461] GetProcessWindowStation () returned 0x13c
[0159.461] GetCurrentThreadId () returned 0xf50
[0159.462] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13047e6, lParam=0x0) returned 1
[0159.462] IsWindowVisible (hWnd=0x802d8) returned 0
[0159.462] IsWindowVisible (hWnd=0x7005c) returned 1
[0159.462] IsWindowEnabled (hWnd=0x7005c) returned 1
[0159.462] IsWindowVisible (hWnd=0x300ec) returned 0
[0159.462] IsWindowVisible (hWnd=0x502c6) returned 0
[0159.462] IsWindowVisible (hWnd=0x502be) returned 0
[0159.462] GetActiveWindow () returned 0x802d8
[0159.462] GetFocus () returned 0x802d8
[0159.462] IsWindow (hWnd=0x7005c) returned 1
[0159.462] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0159.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0159.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0159.463] GetWindowLongW (hWnd=0x802d8, nIndex=-8) returned 458844
[0159.463] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0159.463] GetCurrentThreadId () returned 0xf50
[0159.463] GetWindowLongW (hWnd=0x802d8, nIndex=-8) returned 458844
[0159.463] IsWindowEnabled (hWnd=0x7005c) returned 0
[0159.463] IsWindowEnabled (hWnd=0x802d8) returned 1
[0159.464] ShowWindow (hWnd=0x802d8, nCmdShow=5) returned 0
[0159.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.464] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0159.464] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.465] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.465] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x802d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x702d2
[0159.465] SetWindowLongW (hWnd=0x702d2, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0159.465] GetWindowLongW (hWnd=0x702d2, nIndex=-4) returned 1950089536
[0159.466] SetWindowLongW (hWnd=0x702d2, nIndex=-4, dwNewLong=19940390) returned 1950089536
[0159.466] GetWindowLongW (hWnd=0x702d2, nIndex=-4) returned 19940390
[0159.466] GetWindowLongW (hWnd=0x702d2, nIndex=-16) returned 1174405120
[0159.466] GetWindowLongW (hWnd=0x702d2, nIndex=-12) returned 0
[0159.466] SetWindowLongW (hWnd=0x702d2, nIndex=-12, dwNewLong=459474) returned 0
[0159.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0159.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0159.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0159.467] GetWindow (hWnd=0x702d2, uCmd=0x3) returned 0x0
[0159.467] GetClientRect (in: hWnd=0x702d2, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0159.467] GetWindowRect (in: hWnd=0x702d2, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0159.468] GetParent (hWnd=0x702d2) returned 0x802d8
[0159.468] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0159.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0159.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0159.468] GetClientRect (in: hWnd=0x702d2, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0159.469] GetWindowRect (in: hWnd=0x702d2, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0159.469] GetParent (hWnd=0x702d2) returned 0x802d8
[0159.469] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0159.469] SendMessageW (hWnd=0x702d2, Msg=0x2210, wParam=0x2d20001, lParam=0x702d2) returned 0x0
[0159.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x2210, wParam=0x2d20001, lParam=0x702d2) returned 0x0
[0159.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.469] GetParent (hWnd=0x702d2) returned 0x802d8
[0159.469] GetParent (hWnd=0x602de) returned 0x602dc
[0159.469] SetParent (hWndChild=0x602de, hWndNewParent=0x802d8) returned 0x602dc
[0159.469] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0159.470] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0159.470] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0159.471] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0159.471] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0159.471] GetClientRect (in: hWnd=0x602de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0159.471] GetWindowRect (in: hWnd=0x602de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0159.471] GetParent (hWnd=0x602de) returned 0x802d8
[0159.471] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0159.471] GetClientRect (in: hWnd=0x602de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0159.471] GetWindowRect (in: hWnd=0x602de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0159.471] GetParent (hWnd=0x602de) returned 0x802d8
[0159.471] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0159.471] GetParent (hWnd=0x602de) returned 0x802d8
[0159.471] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.471] GetWindow (hWnd=0x602de, uCmd=0x3) returned 0x0
[0159.471] SetWindowPos (hWnd=0x602de, hWndInsertAfter=0x702d2, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0159.472] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0159.472] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0159.472] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0159.472] GetClientRect (in: hWnd=0x602de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0159.472] GetWindowRect (in: hWnd=0x602de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0159.472] GetParent (hWnd=0x602de) returned 0x802d8
[0159.472] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0159.473] GetParent (hWnd=0x602de) returned 0x802d8
[0159.473] GetWindow (hWnd=0x602de, uCmd=0x3) returned 0x702d2
[0159.473] GetWindowThreadProcessId (in: hWnd=0x602de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0159.473] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0159.473] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.474] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.474] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x802d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x8013e
[0159.474] SetWindowLongW (hWnd=0x8013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0159.474] GetWindowLongW (hWnd=0x8013e, nIndex=-4) returned 1868032000
[0159.475] SetWindowLongW (hWnd=0x8013e, nIndex=-4, dwNewLong=19940510) returned 1868032000
[0159.475] GetWindowLongW (hWnd=0x8013e, nIndex=-4) returned 19940510
[0159.475] GetWindowLongW (hWnd=0x8013e, nIndex=-16) returned 1174470667
[0159.475] GetWindowLongW (hWnd=0x8013e, nIndex=-12) returned 0
[0159.475] SetWindowLongW (hWnd=0x8013e, nIndex=-12, dwNewLong=524606) returned 0
[0159.475] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0159.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0159.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0159.477] SendMessageW (hWnd=0x8013e, Msg=0x2055, wParam=0x8013e, lParam=0x3) returned 0x2
[0159.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0159.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0159.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0159.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0159.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0159.478] RedrawWindow (hWnd=0x702d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0159.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0159.478] RedrawWindow (hWnd=0x602de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0159.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0159.478] RedrawWindow (hWnd=0x8013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0159.478] RedrawWindow (hWnd=0x802d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0159.478] GetWindow (hWnd=0x8013e, uCmd=0x3) returned 0x602de
[0159.478] GetClientRect (in: hWnd=0x8013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0159.479] GetWindowRect (in: hWnd=0x8013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0159.479] GetParent (hWnd=0x8013e) returned 0x802d8
[0159.479] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0159.479] SetWindowTextW (hWnd=0x8013e, lpString="&Details") returned 1
[0159.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0159.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0159.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0159.480] GetClientRect (in: hWnd=0x8013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0159.480] GetWindowRect (in: hWnd=0x8013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0159.480] GetParent (hWnd=0x8013e) returned 0x802d8
[0159.480] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0159.480] SendMessageW (hWnd=0x8013e, Msg=0x2210, wParam=0x13e0001, lParam=0x8013e) returned 0x0
[0159.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x2210, wParam=0x13e0001, lParam=0x8013e) returned 0x0
[0159.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.480] GetParent (hWnd=0x8013e) returned 0x802d8
[0159.480] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0159.481] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.481] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.482] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x802d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x602da
[0159.482] SetWindowLongW (hWnd=0x602da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0159.482] GetWindowLongW (hWnd=0x602da, nIndex=-4) returned 1868032000
[0159.483] SetWindowLongW (hWnd=0x602da, nIndex=-4, dwNewLong=19941390) returned 1868032000
[0159.483] GetWindowLongW (hWnd=0x602da, nIndex=-4) returned 19941390
[0159.483] GetWindowLongW (hWnd=0x602da, nIndex=-16) returned 1174470667
[0159.483] GetWindowLongW (hWnd=0x602da, nIndex=-12) returned 0
[0159.483] SetWindowLongW (hWnd=0x602da, nIndex=-12, dwNewLong=393946) returned 0
[0159.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0159.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0159.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0159.485] SendMessageW (hWnd=0x602da, Msg=0x2055, wParam=0x602da, lParam=0x3) returned 0x2
[0159.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0159.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0159.485] GetWindow (hWnd=0x602da, uCmd=0x3) returned 0x8013e
[0159.485] GetClientRect (in: hWnd=0x602da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0159.486] GetWindowRect (in: hWnd=0x602da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0159.486] GetParent (hWnd=0x602da) returned 0x802d8
[0159.486] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0159.486] SetWindowTextW (hWnd=0x602da, lpString="&Continue") returned 1
[0159.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0159.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0159.487] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0159.487] GetClientRect (in: hWnd=0x602da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0159.487] GetWindowRect (in: hWnd=0x602da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0159.487] GetParent (hWnd=0x602da) returned 0x802d8
[0159.487] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0159.487] SendMessageW (hWnd=0x602da, Msg=0x2210, wParam=0x2da0001, lParam=0x602da) returned 0x0
[0159.487] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x2210, wParam=0x2da0001, lParam=0x602da) returned 0x0
[0159.487] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.487] GetParent (hWnd=0x602da) returned 0x802d8
[0159.487] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0159.488] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.488] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.488] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x802d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x900ea
[0159.488] SetWindowLongW (hWnd=0x900ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0159.489] GetWindowLongW (hWnd=0x900ea, nIndex=-4) returned 1868032000
[0159.489] SetWindowLongW (hWnd=0x900ea, nIndex=-4, dwNewLong=19940590) returned 1868032000
[0159.489] GetWindowLongW (hWnd=0x900ea, nIndex=-4) returned 19940590
[0159.489] GetWindowLongW (hWnd=0x900ea, nIndex=-16) returned 1174470667
[0159.489] GetWindowLongW (hWnd=0x900ea, nIndex=-12) returned 0
[0159.489] SetWindowLongW (hWnd=0x900ea, nIndex=-12, dwNewLong=590058) returned 0
[0159.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0159.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0159.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0159.491] SendMessageW (hWnd=0x900ea, Msg=0x2055, wParam=0x900ea, lParam=0x3) returned 0x2
[0159.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0159.491] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0159.491] GetWindow (hWnd=0x900ea, uCmd=0x3) returned 0x602da
[0159.491] GetClientRect (in: hWnd=0x900ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0159.491] GetWindowRect (in: hWnd=0x900ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0159.491] GetParent (hWnd=0x900ea) returned 0x802d8
[0159.492] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0159.492] SetWindowTextW (hWnd=0x900ea, lpString="&Quit") returned 1
[0159.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0159.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0159.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0159.493] GetClientRect (in: hWnd=0x900ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0159.493] GetWindowRect (in: hWnd=0x900ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0159.493] GetParent (hWnd=0x900ea) returned 0x802d8
[0159.493] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0159.493] SendMessageW (hWnd=0x900ea, Msg=0x2210, wParam=0xea0001, lParam=0x900ea) returned 0x0
[0159.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x2210, wParam=0xea0001, lParam=0x900ea) returned 0x0
[0159.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.493] GetParent (hWnd=0x900ea) returned 0x802d8
[0159.494] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0159.494] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.494] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0159.495] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x802d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x4005a
[0159.495] SetWindowLongW (hWnd=0x4005a, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0159.495] GetWindowLongW (hWnd=0x4005a, nIndex=-4) returned 1868026976
[0159.495] SetWindowLongW (hWnd=0x4005a, nIndex=-4, dwNewLong=19940630) returned 1868026976
[0159.496] GetWindowLongW (hWnd=0x4005a, nIndex=-4) returned 19940630
[0159.496] GetWindowLongW (hWnd=0x4005a, nIndex=-16) returned 1177553092
[0159.496] GetWindowLongW (hWnd=0x4005a, nIndex=-12) returned 0
[0159.496] SetWindowLongW (hWnd=0x4005a, nIndex=-12, dwNewLong=262234) returned 0
[0159.496] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0159.497] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0159.499] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0159.518] GetWindow (hWnd=0x4005a, uCmd=0x3) returned 0x900ea
[0159.518] GetClientRect (in: hWnd=0x4005a, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0159.518] GetWindowRect (in: hWnd=0x4005a, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0159.518] GetParent (hWnd=0x4005a) returned 0x802d8
[0159.518] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0159.518] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.518] GetSystemMetrics (nIndex=42) returned 0
[0159.518] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0159.518] SendMessageW (hWnd=0x4005a, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0159.518] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0159.524] SetWindowTextW (hWnd=0x4005a, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0159.524] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0xc, wParam=0x0, lParam=0x2ccde70) returned 0x1
[0159.526] GetSystemMetrics (nIndex=5) returned 1
[0159.527] GetSystemMetrics (nIndex=6) returned 1
[0159.527] SendMessageW (hWnd=0x4005a, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0159.527] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0159.527] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0159.529] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0159.529] GetClientRect (in: hWnd=0x4005a, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0159.529] GetWindowRect (in: hWnd=0x4005a, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0159.529] GetParent (hWnd=0x4005a) returned 0x802d8
[0159.529] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x802d8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0159.529] SendMessageW (hWnd=0x4005a, Msg=0x2210, wParam=0x5a0001, lParam=0x4005a) returned 0x0
[0159.529] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x2210, wParam=0x5a0001, lParam=0x4005a) returned 0x0
[0159.529] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0159.529] GetParent (hWnd=0x4005a) returned 0x802d8
[0159.529] GetWindowLongW (hWnd=0x802d8, nIndex=-8) returned 458844
[0159.529] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0159.530] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0159.530] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xd90107d3
[0159.530] GetDeviceCaps (hdc=0xd90107d3, index=12) returned 32
[0159.530] GetDeviceCaps (hdc=0xd90107d3, index=14) returned 1
[0159.530] DeleteDC (hdc=0xd90107d3) returned 1
[0159.530] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0159.530] GetWindowThreadProcessId (in: hWnd=0x802d8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0159.530] GetCurrentThreadId () returned 0xf50
[0159.530] PostMessageW (hWnd=0x802d8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0159.530] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.530] GetSystemMetrics (nIndex=42) returned 0
[0159.530] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0159.531] GdipImageGetFrameDimensionsCount (image=0x6640608, count=0xd7e25c) returned 0x0
[0159.531] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7418
[0159.531] GdipImageGetFrameDimensionsList (image=0x6640608, dimensionIDs=0x11f7418*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0159.531] LocalFree (hMem=0x11f7418) returned 0x0
[0159.531] GdipImageGetFrameDimensionsCount (image=0x663ff78, count=0xd7e250) returned 0x0
[0159.531] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f75b0
[0159.531] GdipImageGetFrameDimensionsList (image=0x663ff78, dimensionIDs=0x11f75b0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0159.531] LocalFree (hMem=0x11f75b0) returned 0x0
[0159.531] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0159.531] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0159.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0159.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0159.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.585] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0159.585] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0159.586] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.586] GetSystemMetrics (nIndex=42) returned 0
[0159.586] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0159.586] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0159.586] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0159.586] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0159.586] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0x2b0507e7
[0159.586] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0159.586] SaveDC (hdc=0x60100ce) returned 1
[0159.586] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0159.586] CreateSolidBrush (color=0xf0f0f0) returned 0x511007e1
[0159.586] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0x511007e1) returned 1
[0159.587] DeleteObject (ho=0x511007e1) returned 1
[0159.587] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0159.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0159.587] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0159.588] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0159.588] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0159.588] GetStockObject (i=5) returned 0x900015
[0159.588] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0159.588] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0159.588] GetStockObject (i=5) returned 0x900015
[0159.589] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0159.589] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0159.589] GetStockObject (i=5) returned 0x900015
[0159.589] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0159.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0159.589] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0159.589] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0159.658] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.658] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0159.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0159.659] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0159.659] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0159.660] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.660] InvalidateRect (hWnd=0x8013e, lpRect=0x0, bErase=0) returned 1
[0159.660] GetFocus () returned 0x802d8
[0159.660] GetFocus () returned 0x802d8
[0159.660] SetFocus (hWnd=0x8013e) returned 0x802d8
[0159.660] GetFocus () returned 0x8013e
[0159.660] IsChild (hWndParent=0x802d8, hWnd=0x8013e) returned 1
[0159.661] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x8, wParam=0x8013e, lParam=0x0) returned 0x0
[0159.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0159.663] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0159.665] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.665] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x7, wParam=0x802d8, lParam=0x0) returned 0x0
[0159.665] GetStockObject (i=5) returned 0x900015
[0159.665] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0159.665] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0xd, wParam=0x9, lParam=0x11f55a0) returned 0x8
[0159.665] GetDlgItem (hDlg=0x802d8, nIDDlgItem=524606) returned 0x8013e
[0159.665] SendMessageW (hWnd=0x8013e, Msg=0x202b, wParam=0x8013e, lParam=0xd7e0dc) returned 0x0
[0159.666] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x202b, wParam=0x8013e, lParam=0xd7e0dc) returned 0x0
[0159.666] InvalidateRect (hWnd=0x8013e, lpRect=0x0, bErase=0) returned 1
[0159.667] GetFocus () returned 0x8013e
[0159.667] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.668] IsWindowUnicode (hWnd=0x802d8) returned 1
[0159.668] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.668] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.668] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0159.668] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.668] IsWindowUnicode (hWnd=0x802d8) returned 1
[0159.668] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.668] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.668] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.668] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.683] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0159.683] IsWindowUnicode (hWnd=0x602da) returned 1
[0159.683] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.683] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.683] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.683] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.683] IsWindowUnicode (hWnd=0x602c4) returned 1
[0159.683] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.684] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.684] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.684] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0159.684] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0159.684] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.684] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0159.684] IsWindowUnicode (hWnd=0x602da) returned 1
[0159.684] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.684] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0159.684] SetCursor (hCursor=0x10003) returned 0x10003
[0159.685] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.685] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.685] _TrackMouseEvent (in: lpEventTrack=0x2cd35ac | out: lpEventTrack=0x2cd35ac) returned 1
[0159.685] SendMessageW (hWnd=0x602da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0159.685] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0159.685] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.685] GetKeyState (nVirtKey=1) returned 0
[0159.685] GetKeyState (nVirtKey=2) returned 0
[0159.685] GetKeyState (nVirtKey=4) returned 0
[0159.685] GetKeyState (nVirtKey=5) returned 0
[0159.685] GetKeyState (nVirtKey=6) returned 0
[0159.685] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.686] IsWindowUnicode (hWnd=0x802d8) returned 1
[0159.686] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.686] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.686] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.686] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.687] IsWindowUnicode (hWnd=0x802d8) returned 1
[0159.687] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.687] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.687] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.687] BeginPaint (in: hWnd=0x802d8, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0159.687] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.687] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.687] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.688] GetSystemMetrics (nIndex=42) returned 0
[0159.688] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.688] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0159.688] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.688] EndPaint (hWnd=0x802d8, lpPaint=0xd7e274) returned 1
[0159.688] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.688] IsWindowUnicode (hWnd=0x702d2) returned 1
[0159.688] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.688] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.688] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.689] BeginPaint (in: hWnd=0x702d2, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0159.689] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.689] CreateCompatibleDC (hdc=0x107b9) returned 0x900107f3
[0159.689] SelectObject (hdc=0x900107f3, h=0x4a0507fe) returned 0x85000f
[0159.689] GdipCreateFromHDC (hdc=0x900107f3, graphics=0xd7e2b0) returned 0x0
[0159.689] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0159.689] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0159.689] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0159.689] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0159.689] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e310) returned 0x0
[0159.689] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.689] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0159.690] LocalFree (hMem=0x11ee788) returned 0x0
[0159.690] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0159.690] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0159.690] GdipGetClip (graphics=0x6600030, region=0x6644478) returned 0x0
[0159.690] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e304) returned 0x0
[0159.690] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0159.690] GetWindowTextLengthW (hWnd=0x702d2) returned 0
[0159.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0159.690] GetSystemMetrics (nIndex=42) returned 0
[0159.690] GetWindowTextW (in: hWnd=0x702d2, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0159.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0159.690] GetClientRect (in: hWnd=0x702d2, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0159.690] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0159.690] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0159.690] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0159.690] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0159.690] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e164) returned 0x0
[0159.690] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.691] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0159.691] LocalFree (hMem=0x11ee788) returned 0x0
[0159.691] GdipCombineRegionRegion (region=0x66447d8, region2=0x6644478, combineMode=0x1) returned 0x0
[0159.691] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.691] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0159.691] LocalFree (hMem=0x11ee788) returned 0x0
[0159.691] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0159.691] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0159.691] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0159.691] GdipGetRegionHRgn (region=0x66447d8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0159.691] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0159.691] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0159.691] GetCurrentObject (hdc=0x900107f3, type=0x1) returned 0xb00017
[0159.691] GetCurrentObject (hdc=0x900107f3, type=0x2) returned 0x900010
[0159.691] GetCurrentObject (hdc=0x900107f3, type=0x7) returned 0x4a0507fe
[0159.691] GetCurrentObject (hdc=0x900107f3, type=0x6) returned 0x8a01c2
[0159.692] SaveDC (hdc=0x900107f3) returned 1
[0159.692] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc9040807
[0159.692] GetClipRgn (hdc=0x900107f3, hrgn=0xc9040807) returned 0
[0159.692] SelectClipRgn (hdc=0x900107f3, hrgn=0x4c0407de) returned 2
[0159.692] DeleteObject (ho=0xc9040807) returned 1
[0159.692] DeleteObject (ho=0x4c0407de) returned 1
[0159.692] OffsetViewportOrgEx (in: hdc=0x900107f3, x=0, y=0, lppt=0x2cd3a28 | out: lppt=0x2cd3a28) returned 1
[0159.692] GetNearestColor (hdc=0x900107f3, color=0xf0f0f0) returned 0xf0f0f0
[0159.692] CreateSolidBrush (color=0xf0f0f0) returned 0x521007e1
[0159.692] FillRect (hDC=0x900107f3, lprc=0xd7e198, hbr=0x521007e1) returned 1
[0159.692] DeleteObject (ho=0x521007e1) returned 1
[0159.692] RestoreDC (hdc=0x900107f3, nSavedDC=-1) returned 1
[0159.692] GdipReleaseDC (graphics=0x6600030, hdc=0x900107f3) returned 0x0
[0159.692] GdipRestoreGraphics (graphics=0x6600030, state=0xfcd60dbd) returned 0x0
[0159.693] GdipDeleteRegion (region=0x6644478) returned 0x0
[0159.693] GetWindowTextLengthW (hWnd=0x702d2) returned 0
[0159.693] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0159.693] GetSystemMetrics (nIndex=42) returned 0
[0159.693] GetWindowTextW (in: hWnd=0x702d2, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0159.693] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0159.693] GdipGetImageWidth (image=0x6640608, width=0xd7e1e0) returned 0x0
[0159.693] GdipGetImageHeight (image=0x6640608, height=0xd7e1e0) returned 0x0
[0159.693] GdipGetImageWidth (image=0x6640608, width=0xd7e1cc) returned 0x0
[0159.693] GdipGetImageHeight (image=0x6640608, height=0xd7e1cc) returned 0x0
[0159.693] GdipDrawImageRectI (graphics=0x6600030, image=0x6640608, x=16, y=16, width=32, height=32) returned 0x0
[0159.693] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0159.693] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0x900107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.693] GdipReleaseDC (graphics=0x6600030, hdc=0x900107f3) returned 0x0
[0159.693] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.694] SelectObject (hdc=0x900107f3, h=0x85000f) returned 0x4a0507fe
[0159.694] DeleteDC (hdc=0x900107f3) returned 1
[0159.694] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.694] EndPaint (hWnd=0x702d2, lpPaint=0xd7e294) returned 1
[0159.694] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.694] IsWindowUnicode (hWnd=0x602de) returned 1
[0159.694] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.694] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.694] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.694] BeginPaint (in: hWnd=0x602de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0159.694] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.695] CreateCompatibleDC (hdc=0x10105d6) returned 0x920107f3
[0159.695] GetObjectType (h=0x10105d6) returned 0x3
[0159.695] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffffe00507e6
[0159.695] GetDIBits (in: hdc=0x10105d6, hbm=0xe00507e6, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0159.695] GetDIBits (in: hdc=0x10105d6, hbm=0xe00507e6, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0159.695] DeleteObject (ho=0xe00507e6) returned 1
[0159.695] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x305067c
[0159.695] SelectObject (hdc=0x920107f3, h=0x305067c) returned 0x85000f
[0159.695] GdipCreateFromHDC (hdc=0x920107f3, graphics=0xd7e234) returned 0x0
[0159.696] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0159.696] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0159.696] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0159.696] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0159.696] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2d4) returned 0x0
[0159.696] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0159.696] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eead0) returned 0x0
[0159.696] LocalFree (hMem=0x11eead0) returned 0x0
[0159.696] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0159.696] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0159.696] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0159.696] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0159.697] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0159.697] GetWindowTextLengthW (hWnd=0x602de) returned 232
[0159.697] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0159.697] GetSystemMetrics (nIndex=42) returned 0
[0159.697] GetWindowTextW (in: hWnd=0x602de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0159.697] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0159.697] GetClientRect (in: hWnd=0x602de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0159.697] GdipCreateRegion (region=0xd7e110) returned 0x0
[0159.697] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0159.697] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0159.697] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0159.697] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e128) returned 0x0
[0159.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.697] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0159.697] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.697] GdipCombineRegionRegion (region=0x66446b8, region2=0x66447d8, combineMode=0x1) returned 0x0
[0159.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.697] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0159.698] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.698] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0159.698] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0159.698] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0159.698] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0159.698] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0159.698] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0159.698] GetCurrentObject (hdc=0x920107f3, type=0x1) returned 0xb00017
[0159.698] GetCurrentObject (hdc=0x920107f3, type=0x2) returned 0x900010
[0159.698] GetCurrentObject (hdc=0x920107f3, type=0x7) returned 0x305067c
[0159.698] GetCurrentObject (hdc=0x920107f3, type=0x6) returned 0x8a01c2
[0159.698] SaveDC (hdc=0x920107f3) returned 1
[0159.698] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4d0407de
[0159.698] GetClipRgn (hdc=0x920107f3, hrgn=0x4d0407de) returned 0
[0159.698] SelectClipRgn (hdc=0x920107f3, hrgn=0xca040807) returned 2
[0159.698] DeleteObject (ho=0x4d0407de) returned 1
[0159.699] DeleteObject (ho=0xca040807) returned 1
[0159.699] OffsetViewportOrgEx (in: hdc=0x920107f3, x=0, y=0, lppt=0x2cd53f0 | out: lppt=0x2cd53f0) returned 1
[0159.699] GetNearestColor (hdc=0x920107f3, color=0xf0f0f0) returned 0xf0f0f0
[0159.699] CreateSolidBrush (color=0xf0f0f0) returned 0x531007e1
[0159.699] FillRect (hDC=0x920107f3, lprc=0xd7e15c, hbr=0x531007e1) returned 1
[0159.714] DeleteObject (ho=0x531007e1) returned 1
[0159.714] RestoreDC (hdc=0x920107f3, nSavedDC=-1) returned 1
[0159.714] GdipReleaseDC (graphics=0x6600030, hdc=0x920107f3) returned 0x0
[0159.714] GdipRestoreGraphics (graphics=0x6600030, state=0xfcd40dbd) returned 0x0
[0159.714] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0159.714] GetWindowTextLengthW (hWnd=0x602de) returned 232
[0159.714] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0159.714] GetSystemMetrics (nIndex=42) returned 0
[0159.714] GetWindowTextW (in: hWnd=0x602de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0159.714] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0159.715] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0159.715] GetCurrentObject (hdc=0x920107f3, type=0x1) returned 0xb00017
[0159.715] GetCurrentObject (hdc=0x920107f3, type=0x2) returned 0x900010
[0159.715] GetCurrentObject (hdc=0x920107f3, type=0x7) returned 0x305067c
[0159.715] GetCurrentObject (hdc=0x920107f3, type=0x6) returned 0x8a01c2
[0159.715] SaveDC (hdc=0x920107f3) returned 1
[0159.715] GetNearestColor (hdc=0x920107f3, color=0x0) returned 0x0
[0159.715] RestoreDC (hdc=0x920107f3, nSavedDC=-1) returned 1
[0159.715] GdipReleaseDC (graphics=0x6600030, hdc=0x920107f3) returned 0x0
[0159.716] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0159.716] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0159.716] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2cd5bec | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0159.717] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0159.717] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0159.717] GetCurrentObject (hdc=0x920107f3, type=0x1) returned 0xb00017
[0159.717] GetCurrentObject (hdc=0x920107f3, type=0x2) returned 0x900010
[0159.717] GetCurrentObject (hdc=0x920107f3, type=0x7) returned 0x305067c
[0159.717] GetCurrentObject (hdc=0x920107f3, type=0x6) returned 0x8a01c2
[0159.717] SaveDC (hdc=0x920107f3) returned 1
[0159.717] GetTextAlign (hdc=0x920107f3) returned 0x0
[0159.717] GetTextColor (hdc=0x920107f3) returned 0x0
[0159.717] GetCurrentObject (hdc=0x920107f3, type=0x6) returned 0x8a01c2
[0159.717] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0159.717] SelectObject (hdc=0x920107f3, h=0x6d0a0520) returned 0x8a01c2
[0159.718] GetBkMode (hdc=0x920107f3) returned 2
[0159.718] SetBkMode (hdc=0x920107f3, mode=1) returned 2
[0159.718] DrawTextExW (in: hdc=0x920107f3, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2cd5e10 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0159.721] RestoreDC (hdc=0x920107f3, nSavedDC=-1) returned 1
[0159.721] GdipReleaseDC (graphics=0x6600030, hdc=0x920107f3) returned 0x0
[0159.721] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0159.721] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0x920107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.722] GdipReleaseDC (graphics=0x6600030, hdc=0x920107f3) returned 0x0
[0159.722] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.722] SelectObject (hdc=0x920107f3, h=0x85000f) returned 0x305067c
[0159.722] DeleteDC (hdc=0x920107f3) returned 1
[0159.722] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.722] DeleteObject (ho=0x305067c) returned 1
[0159.723] EndPaint (hWnd=0x602de, lpPaint=0xd7e258) returned 1
[0159.723] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.723] IsWindowUnicode (hWnd=0x8013e) returned 1
[0159.723] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.723] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.723] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.723] BeginPaint (in: hWnd=0x8013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0159.723] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.724] CreateCompatibleDC (hdc=0xf0105ee) returned 0xe20107e6
[0159.724] SelectObject (hdc=0xe20107e6, h=0x4a0507fe) returned 0x85000f
[0159.724] GdipCreateFromHDC (hdc=0xe20107e6, graphics=0xd7e268) returned 0x0
[0159.724] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0159.724] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0159.724] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0159.724] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0159.724] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0159.724] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.724] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0159.724] LocalFree (hMem=0x11eec58) returned 0x0
[0159.724] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0159.724] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0159.725] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0159.725] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0159.725] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0159.725] GdipRestoreGraphics (graphics=0x6600030, state=0xfcd20dbd) returned 0x0
[0159.725] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0159.725] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0159.725] GetCurrentObject (hdc=0xe20107e6, type=0x1) returned 0xb00017
[0159.725] GetCurrentObject (hdc=0xe20107e6, type=0x2) returned 0x900010
[0159.725] GetCurrentObject (hdc=0xe20107e6, type=0x7) returned 0x4a0507fe
[0159.725] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.725] SaveDC (hdc=0xe20107e6) returned 1
[0159.725] GetNearestColor (hdc=0xe20107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.725] GetNearestColor (hdc=0xe20107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.725] GetNearestColor (hdc=0xe20107e6, color=0x696969) returned 0x696969
[0159.725] GetNearestColor (hdc=0xe20107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.726] GetNearestColor (hdc=0xe20107e6, color=0x0) returned 0x0
[0159.726] GetNearestColor (hdc=0xe20107e6, color=0xffffff) returned 0xffffff
[0159.726] GetNearestColor (hdc=0xe20107e6, color=0xe5e5e5) returned 0xe5e5e5
[0159.726] GetNearestColor (hdc=0xe20107e6, color=0xd7d7d7) returned 0xd7d7d7
[0159.726] GetNearestColor (hdc=0xe20107e6, color=0x0) returned 0x0
[0159.726] RestoreDC (hdc=0xe20107e6, nSavedDC=-1) returned 1
[0159.726] GdipReleaseDC (graphics=0x6600030, hdc=0xe20107e6) returned 0x0
[0159.726] IsAppThemed () returned 0x1
[0159.726] GetThemeAppProperties () returned 0x3
[0159.726] GetThemeAppProperties () returned 0x3
[0159.726] GdipGetImageWidth (image=0x663ff78, width=0xd7e168) returned 0x0
[0159.726] GdipGetImageHeight (image=0x663ff78, height=0xd7e168) returned 0x0
[0159.726] IsAppThemed () returned 0x1
[0159.726] GetThemeAppProperties () returned 0x3
[0159.726] GetThemeAppProperties () returned 0x3
[0159.727] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2cd6560 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0159.727] IsAppThemed () returned 0x1
[0159.727] GetThemeAppProperties () returned 0x3
[0159.727] GetThemeAppProperties () returned 0x3
[0159.727] IsAppThemed () returned 0x1
[0159.727] GetThemeAppProperties () returned 0x3
[0159.727] GetThemeAppProperties () returned 0x3
[0159.727] GetFocus () returned 0x8013e
[0159.727] IsAppThemed () returned 0x1
[0159.727] GetThemeAppProperties () returned 0x3
[0159.727] GetThemeAppProperties () returned 0x3
[0159.727] IsAppThemed () returned 0x1
[0159.727] GetThemeAppProperties () returned 0x3
[0159.728] GetThemeAppProperties () returned 0x3
[0159.728] IsThemePartDefined () returned 0x1
[0159.728] IsAppThemed () returned 0x1
[0159.728] GetThemeAppProperties () returned 0x3
[0159.728] GetThemeAppProperties () returned 0x3
[0159.728] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0159.728] IsAppThemed () returned 0x1
[0159.728] GetThemeAppProperties () returned 0x3
[0159.728] GetThemeAppProperties () returned 0x3
[0159.728] IsAppThemed () returned 0x1
[0159.728] GetThemeAppProperties () returned 0x3
[0159.728] GetThemeAppProperties () returned 0x3
[0159.728] IsThemePartDefined () returned 0x1
[0159.728] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0159.728] GdipGetClip (graphics=0x6600030, region=0x6644118) returned 0x0
[0159.728] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0159.728] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0159.728] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0159.728] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0159.728] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0159.729] LocalFree (hMem=0x11ee8d8) returned 0x0
[0159.729] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0159.729] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0159.729] LocalFree (hMem=0x11ee8d8) returned 0x0
[0159.729] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0159.729] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7e018) returned 0x0
[0159.729] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7e008) returned 0x0
[0159.729] GdipGetRegionHRgn (region=0x6644118, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0159.729] GdipDeleteRegion (region=0x6644118) returned 0x0
[0159.729] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0159.729] GetCurrentObject (hdc=0xe20107e6, type=0x1) returned 0xb00017
[0159.729] GetCurrentObject (hdc=0xe20107e6, type=0x2) returned 0x900010
[0159.729] GetCurrentObject (hdc=0xe20107e6, type=0x7) returned 0x4a0507fe
[0159.729] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.729] SaveDC (hdc=0xe20107e6) returned 1
[0159.729] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcb040807
[0159.730] GetClipRgn (hdc=0xe20107e6, hrgn=0xcb040807) returned 0
[0159.730] SelectClipRgn (hdc=0xe20107e6, hrgn=0x510407de) returned 2
[0159.730] DeleteObject (ho=0xcb040807) returned 1
[0159.730] DeleteObject (ho=0x510407de) returned 1
[0159.730] OffsetViewportOrgEx (in: hdc=0xe20107e6, x=0, y=0, lppt=0x2cd6c10 | out: lppt=0x2cd6c10) returned 1
[0159.730] DrawThemeParentBackground () returned 0x0
[0159.731] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0159.731] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0159.731] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.731] GetSystemMetrics (nIndex=42) returned 0
[0159.731] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0159.731] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0159.731] GetCurrentObject (hdc=0xe20107e6, type=0x1) returned 0xb00017
[0159.731] GetCurrentObject (hdc=0xe20107e6, type=0x2) returned 0x900010
[0159.731] GetCurrentObject (hdc=0xe20107e6, type=0x7) returned 0x4a0507fe
[0159.731] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.737] SaveDC (hdc=0xe20107e6) returned 2
[0159.737] GetNearestColor (hdc=0xe20107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.737] CreateSolidBrush (color=0xf0f0f0) returned 0x541007e1
[0159.738] FillRect (hDC=0xe20107e6, lprc=0xd7da38, hbr=0x541007e1) returned 1
[0159.738] DeleteObject (ho=0x541007e1) returned 1
[0159.738] RestoreDC (hdc=0xe20107e6, nSavedDC=-1) returned 1
[0159.738] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.738] GetSystemMetrics (nIndex=42) returned 0
[0159.738] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0159.738] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0159.738] GetCurrentObject (hdc=0xe20107e6, type=0x1) returned 0xb00017
[0159.738] GetCurrentObject (hdc=0xe20107e6, type=0x2) returned 0x900010
[0159.738] GetCurrentObject (hdc=0xe20107e6, type=0x7) returned 0x4a0507fe
[0159.738] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.738] SaveDC (hdc=0xe20107e6) returned 2
[0159.739] GetNearestColor (hdc=0xe20107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.739] CreateSolidBrush (color=0xf0f0f0) returned 0x551007e1
[0159.739] FillRect (hDC=0xe20107e6, lprc=0xd7d9d8, hbr=0x551007e1) returned 1
[0159.739] DeleteObject (ho=0x551007e1) returned 1
[0159.739] RestoreDC (hdc=0xe20107e6, nSavedDC=-1) returned 1
[0159.739] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.739] GetSystemMetrics (nIndex=42) returned 0
[0159.739] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0159.739] RestoreDC (hdc=0xe20107e6, nSavedDC=-1) returned 1
[0159.739] GdipReleaseDC (graphics=0x6600030, hdc=0xe20107e6) returned 0x0
[0159.739] IsAppThemed () returned 0x1
[0159.740] GetThemeAppProperties () returned 0x3
[0159.740] GetThemeAppProperties () returned 0x3
[0159.740] IsAppThemed () returned 0x1
[0159.740] GetThemeAppProperties () returned 0x3
[0159.740] GetThemeAppProperties () returned 0x3
[0159.740] IsThemePartDefined () returned 0x1
[0159.740] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0159.740] GdipGetClip (graphics=0x6600030, region=0x6644988) returned 0x0
[0159.740] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0159.740] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0159.740] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0159.740] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0159.740] LocalFree (hMem=0x11eec58) returned 0x0
[0159.740] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0159.740] LocalFree (hMem=0x11ee8d8) returned 0x0
[0159.740] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0159.740] GdipIsInfiniteRegion (region=0x6644988, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0159.740] GdipIsInfiniteRegion (region=0x6644988, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0159.740] GdipGetRegionHRgn (region=0x6644988, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0159.741] GdipDeleteRegion (region=0x6644988) returned 0x0
[0159.741] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0159.741] GetCurrentObject (hdc=0xe20107e6, type=0x1) returned 0xb00017
[0159.741] GetCurrentObject (hdc=0xe20107e6, type=0x2) returned 0x900010
[0159.741] GetCurrentObject (hdc=0xe20107e6, type=0x7) returned 0x4a0507fe
[0159.741] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.741] SaveDC (hdc=0xe20107e6) returned 1
[0159.741] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x520407de
[0159.741] GetClipRgn (hdc=0xe20107e6, hrgn=0x520407de) returned 0
[0159.741] SelectClipRgn (hdc=0xe20107e6, hrgn=0xcd040807) returned 2
[0159.741] DeleteObject (ho=0x520407de) returned 1
[0159.741] DeleteObject (ho=0xcd040807) returned 1
[0159.741] OffsetViewportOrgEx (in: hdc=0xe20107e6, x=0, y=0, lppt=0x2cd74bc | out: lppt=0x2cd74bc) returned 1
[0159.741] IsAppThemed () returned 0x1
[0159.741] GetThemeAppProperties () returned 0x3
[0159.741] GetThemeAppProperties () returned 0x3
[0159.741] DrawThemeBackground () returned 0x0
[0159.742] RestoreDC (hdc=0xe20107e6, nSavedDC=-1) returned 1
[0159.742] GdipReleaseDC (graphics=0x6600030, hdc=0xe20107e6) returned 0x0
[0159.742] GdipCreateRegion (region=0xd7df60) returned 0x0
[0159.742] GdipGetClip (graphics=0x6600030, region=0x66448f8) returned 0x0
[0159.742] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0159.742] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0159.742] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df78) returned 0x0
[0159.742] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.742] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0159.742] LocalFree (hMem=0x11ee788) returned 0x0
[0159.742] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.742] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0159.742] LocalFree (hMem=0x11eec58) returned 0x0
[0159.742] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0159.742] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0159.742] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0159.743] GdipGetRegionHRgn (region=0x66448f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0159.743] GdipDeleteRegion (region=0x66448f8) returned 0x0
[0159.743] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0159.743] GetCurrentObject (hdc=0xe20107e6, type=0x1) returned 0xb00017
[0159.743] GetCurrentObject (hdc=0xe20107e6, type=0x2) returned 0x900010
[0159.743] GetCurrentObject (hdc=0xe20107e6, type=0x7) returned 0x4a0507fe
[0159.743] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.743] SaveDC (hdc=0xe20107e6) returned 1
[0159.743] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xce040807
[0159.743] GetClipRgn (hdc=0xe20107e6, hrgn=0xce040807) returned 0
[0159.743] SelectClipRgn (hdc=0xe20107e6, hrgn=0x530407de) returned 2
[0159.743] DeleteObject (ho=0xce040807) returned 1
[0159.743] DeleteObject (ho=0x530407de) returned 1
[0159.743] OffsetViewportOrgEx (in: hdc=0xe20107e6, x=0, y=0, lppt=0x2cd7790 | out: lppt=0x2cd7790) returned 1
[0159.743] IsAppThemed () returned 0x1
[0159.744] GetThemeAppProperties () returned 0x3
[0159.744] GetThemeAppProperties () returned 0x3
[0159.744] GetThemeBackgroundContentRect () returned 0x0
[0159.744] RestoreDC (hdc=0xe20107e6, nSavedDC=-1) returned 1
[0159.744] GdipReleaseDC (graphics=0x6600030, hdc=0xe20107e6) returned 0x0
[0159.744] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0159.744] GdipGetClip (graphics=0x6600030, region=0x6644bc8) returned 0x0
[0159.744] GdipCloneRegion (region=0x6644bc8, cloneRegion=0xd7e150) returned 0x0
[0159.744] GdipCombineRegionRectI (region=0x6644988, rect=0xd7e138, combineMode=0x1) returned 0x0
[0159.744] GdipCombineRegionRectI (region=0x6644988, rect=0xd7e138, combineMode=0x1) returned 0x0
[0159.744] GdipSetClipRegion (graphics=0x6600030, region=0x6644988, combineMode=0x0) returned 0x0
[0159.744] GdipGetImageWidth (image=0x663ff78, width=0xd7e154) returned 0x0
[0159.744] GdipGetImageHeight (image=0x663ff78, height=0xd7e148) returned 0x0
[0159.744] GdipDrawImageRectI (graphics=0x6600030, image=0x663ff78, x=4, y=4, width=16, height=16) returned 0x0
[0159.744] GdipSetClipRegion (graphics=0x6600030, region=0x6644bc8, combineMode=0x0) returned 0x0
[0159.744] IsAppThemed () returned 0x1
[0159.744] GetThemeAppProperties () returned 0x3
[0159.744] GetThemeAppProperties () returned 0x3
[0159.745] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0159.745] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0159.745] GetCurrentObject (hdc=0xe20107e6, type=0x1) returned 0xb00017
[0159.745] GetCurrentObject (hdc=0xe20107e6, type=0x2) returned 0x900010
[0159.745] GetCurrentObject (hdc=0xe20107e6, type=0x7) returned 0x4a0507fe
[0159.745] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.745] SaveDC (hdc=0xe20107e6) returned 1
[0159.745] GetTextAlign (hdc=0xe20107e6) returned 0x0
[0159.745] GetTextColor (hdc=0xe20107e6) returned 0x0
[0159.745] GetCurrentObject (hdc=0xe20107e6, type=0x6) returned 0x8a01c2
[0159.745] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0159.745] SelectObject (hdc=0xe20107e6, h=0x6d0a0520) returned 0x8a01c2
[0159.745] GetBkMode (hdc=0xe20107e6) returned 2
[0159.745] SetBkMode (hdc=0xe20107e6, mode=1) returned 2
[0159.746] DrawTextExW (in: hdc=0xe20107e6, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2cd7b50 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0159.746] DrawTextExW (in: hdc=0xe20107e6, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cd7b50 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0159.746] RestoreDC (hdc=0xe20107e6, nSavedDC=-1) returned 1
[0159.746] GdipReleaseDC (graphics=0x6600030, hdc=0xe20107e6) returned 0x0
[0159.746] GetFocus () returned 0x8013e
[0159.746] IsAppThemed () returned 0x1
[0159.747] GetThemeAppProperties () returned 0x3
[0159.747] GetThemeAppProperties () returned 0x3
[0159.747] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0159.747] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xe20107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.747] GdipReleaseDC (graphics=0x6600030, hdc=0xe20107e6) returned 0x0
[0159.751] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.763] SelectObject (hdc=0xe20107e6, h=0x85000f) returned 0x4a0507fe
[0159.763] DeleteDC (hdc=0xe20107e6) returned 1
[0159.763] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.763] EndPaint (hWnd=0x8013e, lpPaint=0xd7e24c) returned 1
[0159.764] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.764] IsWindowUnicode (hWnd=0x602da) returned 1
[0159.764] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.764] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.764] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.766] BeginPaint (in: hWnd=0x602da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0159.766] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.766] CreateCompatibleDC (hdc=0x60100ce) returned 0xe40107e6
[0159.766] SelectObject (hdc=0xe40107e6, h=0x4a0507fe) returned 0x85000f
[0159.766] GdipCreateFromHDC (hdc=0xe40107e6, graphics=0xd7e268) returned 0x0
[0159.766] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0159.766] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0159.766] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0159.767] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0159.767] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0159.767] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0159.767] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eead0) returned 0x0
[0159.767] LocalFree (hMem=0x11eead0) returned 0x0
[0159.767] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0159.767] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0159.767] GdipGetClip (graphics=0x6600030, region=0x66443e8) returned 0x0
[0159.767] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0159.767] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0159.767] GdipRestoreGraphics (graphics=0x6600030, state=0xfcd00dbd) returned 0x0
[0159.767] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0159.767] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0159.767] GetCurrentObject (hdc=0xe40107e6, type=0x1) returned 0xb00017
[0159.768] GetCurrentObject (hdc=0xe40107e6, type=0x2) returned 0x900010
[0159.768] GetCurrentObject (hdc=0xe40107e6, type=0x7) returned 0x4a0507fe
[0159.768] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.768] SaveDC (hdc=0xe40107e6) returned 1
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0x696969) returned 0x696969
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0x0) returned 0x0
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0xffffff) returned 0xffffff
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0xe5e5e5) returned 0xe5e5e5
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0xd7d7d7) returned 0xd7d7d7
[0159.768] GetNearestColor (hdc=0xe40107e6, color=0x0) returned 0x0
[0159.769] RestoreDC (hdc=0xe40107e6, nSavedDC=-1) returned 1
[0159.769] GdipReleaseDC (graphics=0x6600030, hdc=0xe40107e6) returned 0x0
[0159.769] IsAppThemed () returned 0x1
[0159.769] GetThemeAppProperties () returned 0x3
[0159.769] GetThemeAppProperties () returned 0x3
[0159.769] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0159.769] SendMessageW (hWnd=0x802d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0159.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0159.769] IsAppThemed () returned 0x1
[0159.769] GetThemeAppProperties () returned 0x3
[0159.769] GetThemeAppProperties () returned 0x3
[0159.769] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2cd8360 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0159.770] IsAppThemed () returned 0x1
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] IsAppThemed () returned 0x1
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] IsAppThemed () returned 0x1
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] IsAppThemed () returned 0x1
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] GetThemeAppProperties () returned 0x3
[0159.770] IsThemePartDefined () returned 0x1
[0159.770] IsAppThemed () returned 0x1
[0159.770] GetThemeAppProperties () returned 0x3
[0159.771] GetThemeAppProperties () returned 0x3
[0159.771] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0159.771] IsAppThemed () returned 0x1
[0159.771] GetThemeAppProperties () returned 0x3
[0159.771] GetThemeAppProperties () returned 0x3
[0159.771] IsAppThemed () returned 0x1
[0159.771] GetThemeAppProperties () returned 0x3
[0159.771] GetThemeAppProperties () returned 0x3
[0159.771] IsThemePartDefined () returned 0x1
[0159.771] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0159.771] GdipGetClip (graphics=0x6600030, region=0x6644b38) returned 0x0
[0159.771] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0159.771] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0159.771] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dfe4) returned 0x0
[0159.771] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.771] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0159.771] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.771] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0159.771] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0159.771] LocalFree (hMem=0x11ee8d8) returned 0x0
[0159.772] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0159.772] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0159.772] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0159.772] GdipGetRegionHRgn (region=0x6644b38, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0159.772] GdipDeleteRegion (region=0x6644b38) returned 0x0
[0159.772] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0159.772] GetCurrentObject (hdc=0xe40107e6, type=0x1) returned 0xb00017
[0159.772] GetCurrentObject (hdc=0xe40107e6, type=0x2) returned 0x900010
[0159.772] GetCurrentObject (hdc=0xe40107e6, type=0x7) returned 0x4a0507fe
[0159.772] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.772] SaveDC (hdc=0xe40107e6) returned 1
[0159.772] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x540407de
[0159.772] GetClipRgn (hdc=0xe40107e6, hrgn=0x540407de) returned 0
[0159.772] SelectClipRgn (hdc=0xe40107e6, hrgn=0xd2040807) returned 2
[0159.772] DeleteObject (ho=0x540407de) returned 1
[0159.773] DeleteObject (ho=0xd2040807) returned 1
[0159.773] OffsetViewportOrgEx (in: hdc=0xe40107e6, x=0, y=0, lppt=0x2cd8a10 | out: lppt=0x2cd8a10) returned 1
[0159.773] DrawThemeParentBackground () returned 0x0
[0159.773] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0159.773] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0159.773] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.773] GetSystemMetrics (nIndex=42) returned 0
[0159.773] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0159.773] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0159.773] GetCurrentObject (hdc=0xe40107e6, type=0x1) returned 0xb00017
[0159.773] GetCurrentObject (hdc=0xe40107e6, type=0x2) returned 0x900010
[0159.773] GetCurrentObject (hdc=0xe40107e6, type=0x7) returned 0x4a0507fe
[0159.773] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.774] SaveDC (hdc=0xe40107e6) returned 2
[0159.774] GetNearestColor (hdc=0xe40107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.774] CreateSolidBrush (color=0xf0f0f0) returned 0x561007e1
[0159.774] FillRect (hDC=0xe40107e6, lprc=0xd7da30, hbr=0x561007e1) returned 1
[0159.774] DeleteObject (ho=0x561007e1) returned 1
[0159.774] RestoreDC (hdc=0xe40107e6, nSavedDC=-1) returned 1
[0159.774] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.774] GetSystemMetrics (nIndex=42) returned 0
[0159.774] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0159.774] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0159.774] GetCurrentObject (hdc=0xe40107e6, type=0x1) returned 0xb00017
[0159.774] GetCurrentObject (hdc=0xe40107e6, type=0x2) returned 0x900010
[0159.774] GetCurrentObject (hdc=0xe40107e6, type=0x7) returned 0x4a0507fe
[0159.775] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.775] SaveDC (hdc=0xe40107e6) returned 2
[0159.775] GetNearestColor (hdc=0xe40107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.775] CreateSolidBrush (color=0xf0f0f0) returned 0x571007e1
[0159.775] FillRect (hDC=0xe40107e6, lprc=0xd7d9d0, hbr=0x571007e1) returned 1
[0159.775] DeleteObject (ho=0x571007e1) returned 1
[0159.775] RestoreDC (hdc=0xe40107e6, nSavedDC=-1) returned 1
[0159.775] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.775] GetSystemMetrics (nIndex=42) returned 0
[0159.775] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0159.775] RestoreDC (hdc=0xe40107e6, nSavedDC=-1) returned 1
[0159.776] GdipReleaseDC (graphics=0x6600030, hdc=0xe40107e6) returned 0x0
[0159.776] IsAppThemed () returned 0x1
[0159.776] GetThemeAppProperties () returned 0x3
[0159.776] GetThemeAppProperties () returned 0x3
[0159.776] IsAppThemed () returned 0x1
[0159.776] GetThemeAppProperties () returned 0x3
[0159.776] GetThemeAppProperties () returned 0x3
[0159.776] IsThemePartDefined () returned 0x1
[0159.776] GdipCreateRegion (region=0xd7df50) returned 0x0
[0159.776] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0159.776] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0159.776] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0159.776] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0159.776] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.776] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0159.776] LocalFree (hMem=0x11eec58) returned 0x0
[0159.776] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.776] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0159.777] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.777] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0159.777] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0159.777] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0159.777] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0159.777] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0159.777] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0159.777] GetCurrentObject (hdc=0xe40107e6, type=0x1) returned 0xb00017
[0159.777] GetCurrentObject (hdc=0xe40107e6, type=0x2) returned 0x900010
[0159.777] GetCurrentObject (hdc=0xe40107e6, type=0x7) returned 0x4a0507fe
[0159.777] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.777] SaveDC (hdc=0xe40107e6) returned 1
[0159.777] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd3040807
[0159.777] GetClipRgn (hdc=0xe40107e6, hrgn=0xd3040807) returned 0
[0159.777] SelectClipRgn (hdc=0xe40107e6, hrgn=0x560407de) returned 2
[0159.777] DeleteObject (ho=0xd3040807) returned 1
[0159.778] DeleteObject (ho=0x560407de) returned 1
[0159.778] OffsetViewportOrgEx (in: hdc=0xe40107e6, x=0, y=0, lppt=0x2cd92bc | out: lppt=0x2cd92bc) returned 1
[0159.778] IsAppThemed () returned 0x1
[0159.778] GetThemeAppProperties () returned 0x3
[0159.778] GetThemeAppProperties () returned 0x3
[0159.778] DrawThemeBackground () returned 0x0
[0159.778] RestoreDC (hdc=0xe40107e6, nSavedDC=-1) returned 1
[0159.778] GdipReleaseDC (graphics=0x6600030, hdc=0xe40107e6) returned 0x0
[0159.811] GdipCreateRegion (region=0xd7df54) returned 0x0
[0159.812] GdipGetClip (graphics=0x6600030, region=0x6644aa8) returned 0x0
[0159.812] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0159.812] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0159.812] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df6c) returned 0x0
[0159.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0159.812] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0159.812] LocalFree (hMem=0x11eecc8) returned 0x0
[0159.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.812] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0159.812] LocalFree (hMem=0x11ee788) returned 0x0
[0159.812] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0159.812] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0159.812] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0159.812] GdipGetRegionHRgn (region=0x6644aa8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0159.813] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0159.813] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0159.813] GetCurrentObject (hdc=0xe40107e6, type=0x1) returned 0xb00017
[0159.813] GetCurrentObject (hdc=0xe40107e6, type=0x2) returned 0x900010
[0159.813] GetCurrentObject (hdc=0xe40107e6, type=0x7) returned 0x4a0507fe
[0159.813] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.813] SaveDC (hdc=0xe40107e6) returned 1
[0159.813] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x570407de
[0159.813] GetClipRgn (hdc=0xe40107e6, hrgn=0x570407de) returned 0
[0159.813] SelectClipRgn (hdc=0xe40107e6, hrgn=0xd4040807) returned 2
[0159.813] DeleteObject (ho=0x570407de) returned 1
[0159.813] DeleteObject (ho=0xd4040807) returned 1
[0159.813] OffsetViewportOrgEx (in: hdc=0xe40107e6, x=0, y=0, lppt=0x2cd9590 | out: lppt=0x2cd9590) returned 1
[0159.813] IsAppThemed () returned 0x1
[0159.814] GetThemeAppProperties () returned 0x3
[0159.814] GetThemeAppProperties () returned 0x3
[0159.814] GetThemeBackgroundContentRect () returned 0x0
[0159.814] RestoreDC (hdc=0xe40107e6, nSavedDC=-1) returned 1
[0159.814] GdipReleaseDC (graphics=0x6600030, hdc=0xe40107e6) returned 0x0
[0159.814] IsAppThemed () returned 0x1
[0159.814] GetThemeAppProperties () returned 0x3
[0159.814] GetThemeAppProperties () returned 0x3
[0159.814] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0159.814] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0159.814] GetCurrentObject (hdc=0xe40107e6, type=0x1) returned 0xb00017
[0159.814] GetCurrentObject (hdc=0xe40107e6, type=0x2) returned 0x900010
[0159.814] GetCurrentObject (hdc=0xe40107e6, type=0x7) returned 0x4a0507fe
[0159.814] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.814] SaveDC (hdc=0xe40107e6) returned 1
[0159.814] GetTextAlign (hdc=0xe40107e6) returned 0x0
[0159.814] GetTextColor (hdc=0xe40107e6) returned 0x0
[0159.815] GetCurrentObject (hdc=0xe40107e6, type=0x6) returned 0x8a01c2
[0159.815] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0159.815] SelectObject (hdc=0xe40107e6, h=0x6d0a0520) returned 0x8a01c2
[0159.815] GetBkMode (hdc=0xe40107e6) returned 2
[0159.815] SetBkMode (hdc=0xe40107e6, mode=1) returned 2
[0159.815] DrawTextExW (in: hdc=0xe40107e6, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2cd9930 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0159.815] DrawTextExW (in: hdc=0xe40107e6, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2cd9930 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0159.816] RestoreDC (hdc=0xe40107e6, nSavedDC=-1) returned 1
[0159.816] GdipReleaseDC (graphics=0x6600030, hdc=0xe40107e6) returned 0x0
[0159.816] GetFocus () returned 0x8013e
[0159.816] IsAppThemed () returned 0x1
[0159.816] GetThemeAppProperties () returned 0x3
[0159.816] GetThemeAppProperties () returned 0x3
[0159.816] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0159.816] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xe40107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.816] GdipReleaseDC (graphics=0x6600030, hdc=0xe40107e6) returned 0x0
[0159.816] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.817] SelectObject (hdc=0xe40107e6, h=0x85000f) returned 0x4a0507fe
[0159.817] DeleteDC (hdc=0xe40107e6) returned 1
[0159.817] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.817] EndPaint (hWnd=0x602da, lpPaint=0xd7e24c) returned 1
[0159.817] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0159.818] IsWindowUnicode (hWnd=0x30122) returned 1
[0159.818] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0159.819] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.819] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.820] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0159.821] IsWindowUnicode (hWnd=0x30122) returned 1
[0159.822] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.822] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.822] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.823] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.824] IsWindowUnicode (hWnd=0x900ea) returned 1
[0159.824] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.824] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.824] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.824] BeginPaint (in: hWnd=0x900ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0159.824] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.824] CreateCompatibleDC (hdc=0x107b9) returned 0xe60107e6
[0159.824] SelectObject (hdc=0xe60107e6, h=0x4a0507fe) returned 0x85000f
[0159.824] GdipCreateFromHDC (hdc=0xe60107e6, graphics=0xd7e268) returned 0x0
[0159.824] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0159.824] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0159.825] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0159.825] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0159.825] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2c8) returned 0x0
[0159.825] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.825] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0159.825] LocalFree (hMem=0x11eec58) returned 0x0
[0159.831] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0159.831] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0159.831] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0159.831] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0159.831] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0159.831] GdipRestoreGraphics (graphics=0x6600030, state=0xfcce0dbd) returned 0x0
[0159.831] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0159.831] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0159.831] GetCurrentObject (hdc=0xe60107e6, type=0x1) returned 0xb00017
[0159.831] GetCurrentObject (hdc=0xe60107e6, type=0x2) returned 0x900010
[0159.831] GetCurrentObject (hdc=0xe60107e6, type=0x7) returned 0x4a0507fe
[0159.832] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.832] SaveDC (hdc=0xe60107e6) returned 1
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0x696969) returned 0x696969
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0x0) returned 0x0
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0xffffff) returned 0xffffff
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0xe5e5e5) returned 0xe5e5e5
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0xd7d7d7) returned 0xd7d7d7
[0159.832] GetNearestColor (hdc=0xe60107e6, color=0x0) returned 0x0
[0159.832] RestoreDC (hdc=0xe60107e6, nSavedDC=-1) returned 1
[0159.832] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107e6) returned 0x0
[0159.832] IsAppThemed () returned 0x1
[0159.833] GetThemeAppProperties () returned 0x3
[0159.833] GetThemeAppProperties () returned 0x3
[0159.833] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0159.833] SendMessageW (hWnd=0x802d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0159.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0159.833] IsAppThemed () returned 0x1
[0159.833] GetThemeAppProperties () returned 0x3
[0159.833] GetThemeAppProperties () returned 0x3
[0159.833] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2cda140 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0159.833] IsAppThemed () returned 0x1
[0159.833] GetThemeAppProperties () returned 0x3
[0159.833] GetThemeAppProperties () returned 0x3
[0159.833] IsAppThemed () returned 0x1
[0159.833] GetThemeAppProperties () returned 0x3
[0159.833] GetThemeAppProperties () returned 0x3
[0159.834] GetFocus () returned 0x8013e
[0159.834] IsAppThemed () returned 0x1
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] IsAppThemed () returned 0x1
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] IsThemePartDefined () returned 0x1
[0159.834] IsAppThemed () returned 0x1
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0159.834] IsAppThemed () returned 0x1
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] IsAppThemed () returned 0x1
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] GetThemeAppProperties () returned 0x3
[0159.834] IsThemePartDefined () returned 0x1
[0159.834] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0159.834] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0159.835] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0159.835] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0159.835] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0159.835] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0159.835] LocalFree (hMem=0x11ee788) returned 0x0
[0159.835] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0159.835] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.835] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0159.835] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e018) returned 0x0
[0159.835] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e008) returned 0x0
[0159.835] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0159.835] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0159.835] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0159.835] GetCurrentObject (hdc=0xe60107e6, type=0x1) returned 0xb00017
[0159.835] GetCurrentObject (hdc=0xe60107e6, type=0x2) returned 0x900010
[0159.835] GetCurrentObject (hdc=0xe60107e6, type=0x7) returned 0x4a0507fe
[0159.835] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.836] SaveDC (hdc=0xe60107e6) returned 1
[0159.836] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd5040807
[0159.836] GetClipRgn (hdc=0xe60107e6, hrgn=0xd5040807) returned 0
[0159.836] SelectClipRgn (hdc=0xe60107e6, hrgn=0x5b0407de) returned 2
[0159.836] DeleteObject (ho=0xd5040807) returned 1
[0159.836] DeleteObject (ho=0x5b0407de) returned 1
[0159.836] OffsetViewportOrgEx (in: hdc=0xe60107e6, x=0, y=0, lppt=0x2cda7f0 | out: lppt=0x2cda7f0) returned 1
[0159.836] DrawThemeParentBackground () returned 0x0
[0159.836] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0159.836] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0159.836] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.836] GetSystemMetrics (nIndex=42) returned 0
[0159.836] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0159.837] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0159.837] GetCurrentObject (hdc=0xe60107e6, type=0x1) returned 0xb00017
[0159.837] GetCurrentObject (hdc=0xe60107e6, type=0x2) returned 0x900010
[0159.837] GetCurrentObject (hdc=0xe60107e6, type=0x7) returned 0x4a0507fe
[0159.837] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.837] SaveDC (hdc=0xe60107e6) returned 2
[0159.837] GetNearestColor (hdc=0xe60107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.837] CreateSolidBrush (color=0xf0f0f0) returned 0x581007e1
[0159.837] FillRect (hDC=0xe60107e6, lprc=0xd7da38, hbr=0x581007e1) returned 1
[0159.837] DeleteObject (ho=0x581007e1) returned 1
[0159.837] RestoreDC (hdc=0xe60107e6, nSavedDC=-1) returned 1
[0159.837] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.838] GetSystemMetrics (nIndex=42) returned 0
[0159.838] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0159.838] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0159.838] GetCurrentObject (hdc=0xe60107e6, type=0x1) returned 0xb00017
[0159.838] GetCurrentObject (hdc=0xe60107e6, type=0x2) returned 0x900010
[0159.838] GetCurrentObject (hdc=0xe60107e6, type=0x7) returned 0x4a0507fe
[0159.838] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.838] SaveDC (hdc=0xe60107e6) returned 2
[0159.838] GetNearestColor (hdc=0xe60107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.838] CreateSolidBrush (color=0xf0f0f0) returned 0x591007e1
[0159.838] FillRect (hDC=0xe60107e6, lprc=0xd7d9d8, hbr=0x591007e1) returned 1
[0159.838] DeleteObject (ho=0x591007e1) returned 1
[0159.838] RestoreDC (hdc=0xe60107e6, nSavedDC=-1) returned 1
[0159.838] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.838] GetSystemMetrics (nIndex=42) returned 0
[0159.839] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0159.839] RestoreDC (hdc=0xe60107e6, nSavedDC=-1) returned 1
[0159.839] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107e6) returned 0x0
[0159.839] IsAppThemed () returned 0x1
[0159.840] GetThemeAppProperties () returned 0x3
[0159.840] GetThemeAppProperties () returned 0x3
[0159.840] IsAppThemed () returned 0x1
[0159.840] GetThemeAppProperties () returned 0x3
[0159.840] GetThemeAppProperties () returned 0x3
[0159.840] IsThemePartDefined () returned 0x1
[0159.840] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0159.840] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0159.840] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0159.840] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0159.840] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0159.840] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0159.840] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0159.840] LocalFree (hMem=0x11ee8d8) returned 0x0
[0159.840] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.840] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0159.840] LocalFree (hMem=0x11eec58) returned 0x0
[0159.847] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0159.847] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0159.848] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0159.848] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0159.848] GdipDeleteRegion (region=0x6644358) returned 0x0
[0159.848] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0159.848] GetCurrentObject (hdc=0xe60107e6, type=0x1) returned 0xb00017
[0159.848] GetCurrentObject (hdc=0xe60107e6, type=0x2) returned 0x900010
[0159.848] GetCurrentObject (hdc=0xe60107e6, type=0x7) returned 0x4a0507fe
[0159.848] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.848] SaveDC (hdc=0xe60107e6) returned 1
[0159.848] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5c0407de
[0159.848] GetClipRgn (hdc=0xe60107e6, hrgn=0x5c0407de) returned 0
[0159.848] SelectClipRgn (hdc=0xe60107e6, hrgn=0xd7040807) returned 2
[0159.848] DeleteObject (ho=0x5c0407de) returned 1
[0159.848] DeleteObject (ho=0xd7040807) returned 1
[0159.848] OffsetViewportOrgEx (in: hdc=0xe60107e6, x=0, y=0, lppt=0x2cdb09c | out: lppt=0x2cdb09c) returned 1
[0159.848] IsAppThemed () returned 0x1
[0159.849] GetThemeAppProperties () returned 0x3
[0159.849] GetThemeAppProperties () returned 0x3
[0159.849] DrawThemeBackground () returned 0x0
[0159.849] RestoreDC (hdc=0xe60107e6, nSavedDC=-1) returned 1
[0159.849] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107e6) returned 0x0
[0159.849] GdipCreateRegion (region=0xd7df60) returned 0x0
[0159.849] GdipGetClip (graphics=0x6600030, region=0x6644aa8) returned 0x0
[0159.849] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0159.849] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0159.849] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df78) returned 0x0
[0159.849] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.849] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0159.849] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.849] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0159.849] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0159.849] LocalFree (hMem=0x11ee9f0) returned 0x0
[0159.849] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0159.849] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0159.849] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0159.849] GdipGetRegionHRgn (region=0x6644aa8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0159.849] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0159.850] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0159.850] GetCurrentObject (hdc=0xe60107e6, type=0x1) returned 0xb00017
[0159.850] GetCurrentObject (hdc=0xe60107e6, type=0x2) returned 0x900010
[0159.850] GetCurrentObject (hdc=0xe60107e6, type=0x7) returned 0x4a0507fe
[0159.850] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.850] SaveDC (hdc=0xe60107e6) returned 1
[0159.850] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd8040807
[0159.850] GetClipRgn (hdc=0xe60107e6, hrgn=0xd8040807) returned 0
[0159.850] SelectClipRgn (hdc=0xe60107e6, hrgn=0x5d0407de) returned 2
[0159.850] DeleteObject (ho=0xd8040807) returned 1
[0159.850] DeleteObject (ho=0x5d0407de) returned 1
[0159.850] OffsetViewportOrgEx (in: hdc=0xe60107e6, x=0, y=0, lppt=0x2cdb370 | out: lppt=0x2cdb370) returned 1
[0159.850] IsAppThemed () returned 0x1
[0159.886] GetThemeAppProperties () returned 0x3
[0159.886] GetThemeAppProperties () returned 0x3
[0159.886] GetThemeBackgroundContentRect () returned 0x0
[0159.886] RestoreDC (hdc=0xe60107e6, nSavedDC=-1) returned 1
[0159.886] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107e6) returned 0x0
[0159.886] IsAppThemed () returned 0x1
[0159.886] GetThemeAppProperties () returned 0x3
[0159.886] GetThemeAppProperties () returned 0x3
[0159.886] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0159.887] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0159.887] GetCurrentObject (hdc=0xe60107e6, type=0x1) returned 0xb00017
[0159.887] GetCurrentObject (hdc=0xe60107e6, type=0x2) returned 0x900010
[0159.887] GetCurrentObject (hdc=0xe60107e6, type=0x7) returned 0x4a0507fe
[0159.887] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.887] SaveDC (hdc=0xe60107e6) returned 1
[0159.887] GetTextAlign (hdc=0xe60107e6) returned 0x0
[0159.887] GetTextColor (hdc=0xe60107e6) returned 0x0
[0159.887] GetCurrentObject (hdc=0xe60107e6, type=0x6) returned 0x8a01c2
[0159.887] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0159.887] SelectObject (hdc=0xe60107e6, h=0x6d0a0520) returned 0x8a01c2
[0159.887] GetBkMode (hdc=0xe60107e6) returned 2
[0159.887] SetBkMode (hdc=0xe60107e6, mode=1) returned 2
[0159.888] DrawTextExW (in: hdc=0xe60107e6, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2cdb710 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0159.888] DrawTextExW (in: hdc=0xe60107e6, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cdb710 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0159.888] RestoreDC (hdc=0xe60107e6, nSavedDC=-1) returned 1
[0159.888] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107e6) returned 0x0
[0159.888] GetFocus () returned 0x8013e
[0159.888] IsAppThemed () returned 0x1
[0159.888] GetThemeAppProperties () returned 0x3
[0159.888] GetThemeAppProperties () returned 0x3
[0159.888] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0159.888] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xe60107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.889] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107e6) returned 0x0
[0159.889] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.889] SelectObject (hdc=0xe60107e6, h=0x85000f) returned 0x4a0507fe
[0159.889] DeleteDC (hdc=0xe60107e6) returned 1
[0159.889] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.889] EndPaint (hWnd=0x900ea, lpPaint=0xd7e24c) returned 1
[0159.889] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.889] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0159.889] IsWindowUnicode (hWnd=0x602da) returned 1
[0159.889] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.889] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0159.890] GetDlgItem (hDlg=0x802d8, nIDDlgItem=0) returned 0x0
[0159.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x210, wParam=0x201, lParam=0x6a0110) returned 0x0
[0159.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x21, wParam=0x802d8, lParam=0x2010001) returned 0x1
[0159.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x21, wParam=0x802d8, lParam=0x2010001) returned 0x1
[0159.890] SetCursor (hCursor=0x10003) returned 0x10003
[0159.890] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.890] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.890] GetKeyState (nVirtKey=1) returned -127
[0159.890] GetKeyState (nVirtKey=2) returned 0
[0159.890] GetKeyState (nVirtKey=4) returned 0
[0159.890] GetKeyState (nVirtKey=5) returned 0
[0159.890] GetKeyState (nVirtKey=6) returned 0
[0159.890] IsWindowVisible (hWnd=0x602da) returned 1
[0159.890] IsWindowEnabled (hWnd=0x602da) returned 1
[0159.890] SetFocus (hWnd=0x602da) returned 0x8013e
[0159.892] GetFocus () returned 0x602da
[0159.892] IsChild (hWndParent=0x802d8, hWnd=0x602da) returned 1
[0159.892] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x8, wParam=0x602da, lParam=0x0) returned 0x0
[0159.892] GetCapture () returned 0x0
[0159.892] InvalidateRect (hWnd=0x8013e, lpRect=0x0, bErase=0) returned 1
[0159.893] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0159.894] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0159.896] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.896] InvalidateRect (hWnd=0x8013e, lpRect=0x0, bErase=0) returned 1
[0159.896] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.896] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x7, wParam=0x8013e, lParam=0x0) returned 0x0
[0159.896] GetStockObject (i=5) returned 0x900015
[0159.896] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0159.896] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0159.896] GetDlgItem (hDlg=0x802d8, nIDDlgItem=393946) returned 0x602da
[0159.896] SendMessageW (hWnd=0x602da, Msg=0x202b, wParam=0x602da, lParam=0xd7dddc) returned 0x0
[0159.896] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x202b, wParam=0x602da, lParam=0xd7dddc) returned 0x0
[0159.896] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.898] GetFocus () returned 0x602da
[0159.899] GetFocus () returned 0x602da
[0159.899] GetFocus () returned 0x602da
[0159.899] GetKeyState (nVirtKey=1) returned -127
[0159.899] GetKeyState (nVirtKey=2) returned 0
[0159.899] GetKeyState (nVirtKey=4) returned 0
[0159.899] GetKeyState (nVirtKey=5) returned 0
[0159.899] GetKeyState (nVirtKey=6) returned 0
[0159.899] GetCapture () returned 0x0
[0159.899] SetCapture (hWnd=0x602da) returned 0x0
[0159.899] GetKeyState (nVirtKey=1) returned -127
[0159.899] GetKeyState (nVirtKey=2) returned 0
[0159.899] GetKeyState (nVirtKey=4) returned 0
[0159.899] GetKeyState (nVirtKey=5) returned 0
[0159.899] GetKeyState (nVirtKey=6) returned 0
[0159.899] NotifyWinEvent (event=0x800a, hwnd=0x602da, idObject=-4, idChild=0)
[0159.899] InvalidateRect (hWnd=0x602da, lpRect=0xd7e430, bErase=0) returned 1
[0159.899] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.899] IsWindowUnicode (hWnd=0x602da) returned 1
[0159.899] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.899] TranslateMessage (lpMsg=0xd7e808) returned 0
[0159.900] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0159.900] MapWindowPoints (in: hWndFrom=0x602da, hWndTo=0x0, lpPoints=0x2cdb900, cPoints=0x1 | out: lpPoints=0x2cdb900) returned 30999254
[0159.900] NotifyWinEvent (event=0x800a, hwnd=0x602da, idObject=-4, idChild=0)
[0159.900] InvalidateRect (hWnd=0x602da, lpRect=0xd7e3d0, bErase=0) returned 1
[0159.900] UpdateWindow (hWnd=0x602da) returned 1
[0159.900] BeginPaint (in: hWnd=0x602da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0159.900] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0159.900] CreateCompatibleDC (hdc=0x60100ce) returned 0xe70107e6
[0159.900] SelectObject (hdc=0xe70107e6, h=0x4a0507fe) returned 0x85000f
[0159.900] GdipCreateFromHDC (hdc=0xe70107e6, graphics=0xd7df00) returned 0x0
[0159.900] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0159.900] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0159.900] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0159.900] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0159.900] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df60) returned 0x0
[0159.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.901] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0159.901] LocalFree (hMem=0x11ee788) returned 0x0
[0159.901] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0159.901] GdipCreateRegion (region=0xd7df48) returned 0x0
[0159.901] GdipGetClip (graphics=0x6600030, region=0x6644c58) returned 0x0
[0159.901] GdipIsInfiniteRegion (region=0x6644c58, graphics=0x6600030, result=0xd7df54) returned 0x0
[0159.901] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0159.901] GdipRestoreGraphics (graphics=0x6600030, state=0xfccc0dbd) returned 0x0
[0159.901] GdipDeleteRegion (region=0x6644c58) returned 0x0
[0159.901] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0159.901] GetCurrentObject (hdc=0xe70107e6, type=0x1) returned 0xb00017
[0159.901] GetCurrentObject (hdc=0xe70107e6, type=0x2) returned 0x900010
[0159.901] GetCurrentObject (hdc=0xe70107e6, type=0x7) returned 0x4a0507fe
[0159.901] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.901] SaveDC (hdc=0xe70107e6) returned 1
[0159.901] GetNearestColor (hdc=0xe70107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.901] GetNearestColor (hdc=0xe70107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.902] GetNearestColor (hdc=0xe70107e6, color=0x696969) returned 0x696969
[0159.902] GetNearestColor (hdc=0xe70107e6, color=0xa0a0a0) returned 0xa0a0a0
[0159.902] GetNearestColor (hdc=0xe70107e6, color=0x0) returned 0x0
[0159.902] GetNearestColor (hdc=0xe70107e6, color=0xffffff) returned 0xffffff
[0159.902] GetNearestColor (hdc=0xe70107e6, color=0xe5e5e5) returned 0xe5e5e5
[0159.902] GetNearestColor (hdc=0xe70107e6, color=0xd7d7d7) returned 0xd7d7d7
[0159.902] GetNearestColor (hdc=0xe70107e6, color=0x0) returned 0x0
[0159.902] RestoreDC (hdc=0xe70107e6, nSavedDC=-1) returned 1
[0159.902] GdipReleaseDC (graphics=0x6600030, hdc=0xe70107e6) returned 0x0
[0159.902] IsAppThemed () returned 0x1
[0159.902] GetThemeAppProperties () returned 0x3
[0159.902] GetThemeAppProperties () returned 0x3
[0159.902] IsAppThemed () returned 0x1
[0159.902] GetThemeAppProperties () returned 0x3
[0159.902] GetThemeAppProperties () returned 0x3
[0159.902] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2cdc058 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0159.903] IsAppThemed () returned 0x1
[0159.903] GetThemeAppProperties () returned 0x3
[0159.903] GetThemeAppProperties () returned 0x3
[0159.903] IsAppThemed () returned 0x1
[0159.903] GetThemeAppProperties () returned 0x3
[0159.903] GetThemeAppProperties () returned 0x3
[0159.903] IsAppThemed () returned 0x1
[0159.903] GetThemeAppProperties () returned 0x3
[0159.903] GetThemeAppProperties () returned 0x3
[0159.910] IsAppThemed () returned 0x1
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] IsThemePartDefined () returned 0x1
[0159.910] IsAppThemed () returned 0x1
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0159.910] IsAppThemed () returned 0x1
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] IsAppThemed () returned 0x1
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] GetThemeAppProperties () returned 0x3
[0159.910] IsThemePartDefined () returned 0x1
[0159.910] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0159.910] GdipGetClip (graphics=0x6600030, region=0x6644118) returned 0x0
[0159.910] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0159.910] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0159.910] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc7c) returned 0x0
[0159.911] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.911] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0159.911] LocalFree (hMem=0x11eec58) returned 0x0
[0159.911] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.911] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0159.911] LocalFree (hMem=0x11ee788) returned 0x0
[0159.911] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0159.911] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0159.911] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0159.911] GdipGetRegionHRgn (region=0x6644118, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0159.911] GdipDeleteRegion (region=0x6644118) returned 0x0
[0159.911] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0159.911] GetCurrentObject (hdc=0xe70107e6, type=0x1) returned 0xb00017
[0159.911] GetCurrentObject (hdc=0xe70107e6, type=0x2) returned 0x900010
[0159.911] GetCurrentObject (hdc=0xe70107e6, type=0x7) returned 0x4a0507fe
[0159.912] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.912] SaveDC (hdc=0xe70107e6) returned 1
[0159.912] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5e0407de
[0159.912] GetClipRgn (hdc=0xe70107e6, hrgn=0x5e0407de) returned 0
[0159.912] SelectClipRgn (hdc=0xe70107e6, hrgn=0xdc040807) returned 2
[0159.912] DeleteObject (ho=0x5e0407de) returned 1
[0159.912] DeleteObject (ho=0xdc040807) returned 1
[0159.912] OffsetViewportOrgEx (in: hdc=0xe70107e6, x=0, y=0, lppt=0x2cdc708 | out: lppt=0x2cdc708) returned 1
[0159.912] DrawThemeParentBackground () returned 0x0
[0159.912] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0159.912] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0159.912] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.912] GetSystemMetrics (nIndex=42) returned 0
[0159.912] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0159.913] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0159.913] GetCurrentObject (hdc=0xe70107e6, type=0x1) returned 0xb00017
[0159.913] GetCurrentObject (hdc=0xe70107e6, type=0x2) returned 0x900010
[0159.913] GetCurrentObject (hdc=0xe70107e6, type=0x7) returned 0x4a0507fe
[0159.913] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.913] SaveDC (hdc=0xe70107e6) returned 2
[0159.913] GetNearestColor (hdc=0xe70107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.913] CreateSolidBrush (color=0xf0f0f0) returned 0x5a1007e1
[0159.913] FillRect (hDC=0xe70107e6, lprc=0xd7d6c8, hbr=0x5a1007e1) returned 1
[0159.913] DeleteObject (ho=0x5a1007e1) returned 1
[0159.913] RestoreDC (hdc=0xe70107e6, nSavedDC=-1) returned 1
[0159.913] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.914] GetSystemMetrics (nIndex=42) returned 0
[0159.914] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0159.914] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0159.914] GetCurrentObject (hdc=0xe70107e6, type=0x1) returned 0xb00017
[0159.914] GetCurrentObject (hdc=0xe70107e6, type=0x2) returned 0x900010
[0159.914] GetCurrentObject (hdc=0xe70107e6, type=0x7) returned 0x4a0507fe
[0159.914] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.914] SaveDC (hdc=0xe70107e6) returned 2
[0159.914] GetNearestColor (hdc=0xe70107e6, color=0xf0f0f0) returned 0xf0f0f0
[0159.914] CreateSolidBrush (color=0xf0f0f0) returned 0x5b1007e1
[0159.914] FillRect (hDC=0xe70107e6, lprc=0xd7d668, hbr=0x5b1007e1) returned 1
[0159.914] DeleteObject (ho=0x5b1007e1) returned 1
[0159.914] RestoreDC (hdc=0xe70107e6, nSavedDC=-1) returned 1
[0159.914] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.914] GetSystemMetrics (nIndex=42) returned 0
[0159.914] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0159.915] RestoreDC (hdc=0xe70107e6, nSavedDC=-1) returned 1
[0159.915] GdipReleaseDC (graphics=0x6600030, hdc=0xe70107e6) returned 0x0
[0159.915] IsAppThemed () returned 0x1
[0159.915] GetThemeAppProperties () returned 0x3
[0159.915] GetThemeAppProperties () returned 0x3
[0159.915] IsAppThemed () returned 0x1
[0159.915] GetThemeAppProperties () returned 0x3
[0159.915] GetThemeAppProperties () returned 0x3
[0159.915] IsThemePartDefined () returned 0x1
[0159.915] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0159.915] GdipGetClip (graphics=0x6600030, region=0x66442c8) returned 0x0
[0159.915] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0159.915] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0159.915] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc00) returned 0x0
[0159.915] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.915] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0159.915] LocalFree (hMem=0x11ee788) returned 0x0
[0159.915] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0159.915] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0159.916] LocalFree (hMem=0x11ee8d8) returned 0x0
[0159.916] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0159.916] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0159.916] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0159.916] GdipGetRegionHRgn (region=0x66442c8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0159.916] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0159.916] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0159.916] GetCurrentObject (hdc=0xe70107e6, type=0x1) returned 0xb00017
[0159.916] GetCurrentObject (hdc=0xe70107e6, type=0x2) returned 0x900010
[0159.916] GetCurrentObject (hdc=0xe70107e6, type=0x7) returned 0x4a0507fe
[0159.916] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.916] SaveDC (hdc=0xe70107e6) returned 1
[0159.916] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdd040807
[0159.916] GetClipRgn (hdc=0xe70107e6, hrgn=0xdd040807) returned 0
[0159.916] SelectClipRgn (hdc=0xe70107e6, hrgn=0x600407de) returned 2
[0159.916] DeleteObject (ho=0xdd040807) returned 1
[0159.916] DeleteObject (ho=0x600407de) returned 1
[0159.916] OffsetViewportOrgEx (in: hdc=0xe70107e6, x=0, y=0, lppt=0x2cdcfb4 | out: lppt=0x2cdcfb4) returned 1
[0159.916] IsAppThemed () returned 0x1
[0159.917] GetThemeAppProperties () returned 0x3
[0159.917] GetThemeAppProperties () returned 0x3
[0159.917] DrawThemeBackground () returned 0x0
[0159.917] RestoreDC (hdc=0xe70107e6, nSavedDC=-1) returned 1
[0159.917] GdipReleaseDC (graphics=0x6600030, hdc=0xe70107e6) returned 0x0
[0159.917] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0159.917] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0159.917] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0159.917] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0159.917] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc04) returned 0x0
[0159.917] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0159.917] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0159.917] LocalFree (hMem=0x11eec58) returned 0x0
[0159.917] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0159.917] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0159.917] LocalFree (hMem=0x11ee788) returned 0x0
[0159.917] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0159.917] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0159.918] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0159.918] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0159.918] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0159.918] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0159.918] GetCurrentObject (hdc=0xe70107e6, type=0x1) returned 0xb00017
[0159.918] GetCurrentObject (hdc=0xe70107e6, type=0x2) returned 0x900010
[0159.918] GetCurrentObject (hdc=0xe70107e6, type=0x7) returned 0x4a0507fe
[0159.918] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.918] SaveDC (hdc=0xe70107e6) returned 1
[0159.918] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x610407de
[0159.918] GetClipRgn (hdc=0xe70107e6, hrgn=0x610407de) returned 0
[0159.918] SelectClipRgn (hdc=0xe70107e6, hrgn=0xde040807) returned 2
[0159.918] DeleteObject (ho=0x610407de) returned 1
[0159.919] DeleteObject (ho=0xde040807) returned 1
[0159.919] OffsetViewportOrgEx (in: hdc=0xe70107e6, x=0, y=0, lppt=0x2cdd288 | out: lppt=0x2cdd288) returned 1
[0159.925] IsAppThemed () returned 0x1
[0159.925] GetThemeAppProperties () returned 0x3
[0159.925] GetThemeAppProperties () returned 0x3
[0159.925] GetThemeBackgroundContentRect () returned 0x0
[0159.925] RestoreDC (hdc=0xe70107e6, nSavedDC=-1) returned 1
[0159.925] GdipReleaseDC (graphics=0x6600030, hdc=0xe70107e6) returned 0x0
[0159.925] IsAppThemed () returned 0x1
[0159.925] GetThemeAppProperties () returned 0x3
[0159.925] GetThemeAppProperties () returned 0x3
[0159.925] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0159.926] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0159.926] GetCurrentObject (hdc=0xe70107e6, type=0x1) returned 0xb00017
[0159.926] GetCurrentObject (hdc=0xe70107e6, type=0x2) returned 0x900010
[0159.926] GetCurrentObject (hdc=0xe70107e6, type=0x7) returned 0x4a0507fe
[0159.926] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.926] SaveDC (hdc=0xe70107e6) returned 1
[0159.926] GetTextAlign (hdc=0xe70107e6) returned 0x0
[0159.926] GetTextColor (hdc=0xe70107e6) returned 0x0
[0159.926] GetCurrentObject (hdc=0xe70107e6, type=0x6) returned 0x8a01c2
[0159.926] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0159.926] SelectObject (hdc=0xe70107e6, h=0x6d0a0520) returned 0x8a01c2
[0159.926] GetBkMode (hdc=0xe70107e6) returned 2
[0159.926] SetBkMode (hdc=0xe70107e6, mode=1) returned 2
[0159.926] DrawTextExW (in: hdc=0xe70107e6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2cdd628 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0159.927] DrawTextExW (in: hdc=0xe70107e6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2cdd628 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0159.927] RestoreDC (hdc=0xe70107e6, nSavedDC=-1) returned 1
[0159.927] GdipReleaseDC (graphics=0x6600030, hdc=0xe70107e6) returned 0x0
[0159.927] GetFocus () returned 0x602da
[0159.927] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0159.927] SendMessageW (hWnd=0x802d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0159.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0159.927] IsAppThemed () returned 0x1
[0159.927] GetThemeAppProperties () returned 0x3
[0159.927] GetThemeAppProperties () returned 0x3
[0159.927] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0159.928] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xe70107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0159.928] GdipReleaseDC (graphics=0x6600030, hdc=0xe70107e6) returned 0x0
[0159.928] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0159.928] SelectObject (hdc=0xe70107e6, h=0x85000f) returned 0x4a0507fe
[0159.928] DeleteDC (hdc=0xe70107e6) returned 1
[0159.928] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0159.928] EndPaint (hWnd=0x602da, lpPaint=0xd7dee4) returned 1
[0159.928] MapWindowPoints (in: hWndFrom=0x602da, hWndTo=0x0, lpPoints=0x2cdd724, cPoints=0x1 | out: lpPoints=0x2cdd724) returned 30999254
[0159.928] WindowFromPoint (Point=0x305) returned 0x602da
[0159.928] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0159.928] NotifyWinEvent (event=0x800a, hwnd=0x602da, idObject=-4, idChild=0)
[0159.928] NotifyWinEvent (event=0x800c, hwnd=0x602da, idObject=-4, idChild=0)
[0159.928] GetCapture () returned 0x602da
[0159.928] ReleaseCapture () returned 1
[0159.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0159.929] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0159.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0159.929] IsWindow (hWnd=0x7005c) returned 1
[0159.929] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0159.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0159.930] IsWindow (hWnd=0x802d8) returned 1
[0159.930] SetActiveWindow (hWnd=0x802d8) returned 0x802d8
[0159.930] IsWindow (hWnd=0x802d8) returned 1
[0159.930] SetFocus (hWnd=0x802d8) returned 0x602da
[0159.931] GetFocus () returned 0x802d8
[0159.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x8, wParam=0x802d8, lParam=0x0) returned 0x0
[0159.931] GetCapture () returned 0x0
[0159.931] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0159.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0159.935] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.935] GetFocus () returned 0x802d8
[0159.935] SetFocus (hWnd=0x602da) returned 0x802d8
[0159.936] GetFocus () returned 0x602da
[0159.936] IsChild (hWndParent=0x802d8, hWnd=0x602da) returned 1
[0159.936] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x8, wParam=0x602da, lParam=0x0) returned 0x0
[0159.937] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0159.938] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0159.940] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.940] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x7, wParam=0x802d8, lParam=0x0) returned 0x0
[0159.940] GetStockObject (i=5) returned 0x900015
[0159.940] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0159.941] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0159.941] GetDlgItem (hDlg=0x802d8, nIDDlgItem=393946) returned 0x602da
[0159.941] SendMessageW (hWnd=0x602da, Msg=0x202b, wParam=0x602da, lParam=0xd7ddcc) returned 0x0
[0159.941] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x202b, wParam=0x602da, lParam=0xd7ddcc) returned 0x0
[0159.941] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.944] GetWindowLongW (hWnd=0x802d8, nIndex=-8) returned 458844
[0159.944] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0159.944] GetCurrentThreadId () returned 0xf50
[0159.944] IsWindow (hWnd=0x7005c) returned 1
[0159.944] IsWindow (hWnd=0x7005c) returned 1
[0159.944] IsWindowVisible (hWnd=0x7005c) returned 1
[0159.944] SetActiveWindow (hWnd=0x7005c) returned 0x802d8
[0159.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0159.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0159.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0159.949] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0159.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0159.949] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0159.949] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0159.950] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.950] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x802d8) returned 0x1
[0159.961] GetFocus () returned 0x602da
[0159.961] SetFocus (hWnd=0x602c4) returned 0x602da
[0159.962] GetFocus () returned 0x602c4
[0159.962] IsChild (hWndParent=0x802d8, hWnd=0x602c4) returned 0
[0159.962] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0159.962] GetCapture () returned 0x0
[0159.962] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.963] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0159.964] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0159.973] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0159.974] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0159.975] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0159.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x602da, lParam=0x0) returned 0x0
[0159.975] GetStockObject (i=5) returned 0x900015
[0159.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0159.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed878) returned 0xc
[0159.975] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0159.975] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0159.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0159.975] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0159.981] GetFocus () returned 0x602c4
[0159.981] IsChild (hWndParent=0x802d8, hWnd=0x602c4) returned 0
[0159.981] ShowWindow (hWnd=0x802d8, nCmdShow=0) returned 1
[0159.981] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0159.981] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0159.984] GetWindowPlacement (in: hWnd=0x802d8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0159.984] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0159.984] GetClientRect (in: hWnd=0x802d8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0159.984] GetWindowRect (in: hWnd=0x802d8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0159.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0159.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0159.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0159.986] GetWindowLongW (hWnd=0x802d8, nIndex=-20) returned 327945
[0159.986] DestroyWindow (hWnd=0x802d8) returned 1
[0159.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0159.987] GetWindowTextLengthW (hWnd=0x802d8) returned 13
[0159.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0159.987] GetSystemMetrics (nIndex=42) returned 0
[0159.987] GetWindowTextW (in: hWnd=0x802d8, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0159.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0159.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0159.987] GetWindowTextLengthW (hWnd=0x702d2) returned 0
[0159.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0159.987] GetSystemMetrics (nIndex=42) returned 0
[0159.987] GetWindowTextW (in: hWnd=0x702d2, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0159.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0159.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0159.988] GetWindowThreadProcessId (in: hWnd=0x602dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0159.988] GetWindow (hWnd=0x602dc, uCmd=0x5) returned 0x0
[0159.988] GetWindowLongW (hWnd=0x602dc, nIndex=-20) returned 65792
[0159.988] DestroyWindow (hWnd=0x602dc) returned 1
[0159.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0159.988] GetWindowTextLengthW (hWnd=0x602dc) returned 25
[0159.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0159.988] GetSystemMetrics (nIndex=42) returned 0
[0159.988] GetWindowTextW (in: hWnd=0x602dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0159.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0159.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0159.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0159.990] GetWindowTextLengthW (hWnd=0x602de) returned 232
[0159.990] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0159.990] GetSystemMetrics (nIndex=42) returned 0
[0159.990] GetWindowTextW (in: hWnd=0x602de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0159.990] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0159.990] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0159.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0159.990] InvalidateRect (hWnd=0x602da, lpRect=0x0, bErase=0) returned 1
[0159.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0159.991] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0159.991] SendMessageW (hWnd=0x4005a, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0159.991] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0159.991] SendMessageW (hWnd=0x4005a, Msg=0xb0, wParam=0x2cb13a8, lParam=0xd7e480) returned 0x0
[0159.991] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0xb0, wParam=0x2cb13a8, lParam=0xd7e480) returned 0x0
[0159.991] GetWindowTextLengthW (hWnd=0x4005a) returned 4363
[0159.991] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0159.991] GetSystemMetrics (nIndex=42) returned 0
[0159.991] CoTaskMemAlloc (cb=0x221c) returned 0x11fdd28
[0159.991] GetWindowTextW (in: hWnd=0x4005a, lpString=0x11fdd28, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0159.991] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0xd, wParam=0x110c, lParam=0x11fdd28) returned 0x110b
[0159.992] CoTaskMemFree (pv=0x11fdd28)
[0159.992] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0159.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0159.993] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x602de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0159.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0159.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0160.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x900ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0160.023] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x4005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0160.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0160.027] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.027] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.027] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.027] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.027] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.027] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0160.028] IsWindowUnicode (hWnd=0x7005c) returned 1
[0160.028] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0160.028] SetCursor (hCursor=0x10003) returned 0x10003
[0160.032] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.032] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.032] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0160.032] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0160.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0160.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100247) returned 0x0
[0160.032] GetKeyState (nVirtKey=1) returned 1
[0160.032] GetKeyState (nVirtKey=2) returned 0
[0160.032] GetKeyState (nVirtKey=4) returned 0
[0160.032] GetKeyState (nVirtKey=5) returned 0
[0160.033] GetKeyState (nVirtKey=6) returned 0
[0160.033] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0160.033] IsWindowUnicode (hWnd=0x7005c) returned 1
[0160.033] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.033] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.033] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.034] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0160.034] IsWindowUnicode (hWnd=0x7005c) returned 1
[0160.034] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50305) returned 0x1
[0160.034] SetCursor (hCursor=0x10003) returned 0x10003
[0160.034] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.034] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100247) returned 0x0
[0160.035] GetKeyState (nVirtKey=1) returned 1
[0160.035] GetKeyState (nVirtKey=2) returned 0
[0160.035] GetKeyState (nVirtKey=4) returned 0
[0160.035] GetKeyState (nVirtKey=5) returned 0
[0160.035] GetKeyState (nVirtKey=6) returned 0
[0160.035] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.035] IsWindowUnicode (hWnd=0x602c4) returned 1
[0160.035] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.035] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.035] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.035] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.036] IsWindowUnicode (hWnd=0x602c4) returned 1
[0160.036] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.037] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.037] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.037] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0160.037] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0160.037] CreateCompatibleDC (hdc=0xc0107c5) returned 0xe00107f1
[0160.037] SelectObject (hdc=0xe00107f1, h=0x4a0507fe) returned 0x85000f
[0160.037] GdipCreateFromHDC (hdc=0xe00107f1, graphics=0xd7e798) returned 0x0
[0160.037] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0160.037] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0160.037] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0160.038] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0160.038] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e7f8) returned 0x0
[0160.038] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0160.038] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0160.038] LocalFree (hMem=0x11ee9f0) returned 0x0
[0160.038] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0160.038] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0160.038] GdipGetClip (graphics=0x6600030, region=0x6644868) returned 0x0
[0160.038] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0160.038] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0160.038] GdipRestoreGraphics (graphics=0x6600030, state=0xfcca0dbd) returned 0x0
[0160.038] GdipDeleteRegion (region=0x6644868) returned 0x0
[0160.038] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0160.038] GetCurrentObject (hdc=0xe00107f1, type=0x1) returned 0xb00017
[0160.038] GetCurrentObject (hdc=0xe00107f1, type=0x2) returned 0x900010
[0160.038] GetCurrentObject (hdc=0xe00107f1, type=0x7) returned 0x4a0507fe
[0160.038] GetCurrentObject (hdc=0xe00107f1, type=0x6) returned 0x8a01c2
[0160.039] SaveDC (hdc=0xe00107f1) returned 1
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0xff) returned 0xff
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0x55) returned 0x55
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0x0) returned 0x0
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0x55) returned 0x55
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0x0) returned 0x0
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0x8080ff) returned 0x8080ff
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0x7373e5) returned 0x7373e5
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0xe5) returned 0xe5
[0160.039] GetNearestColor (hdc=0xe00107f1, color=0x0) returned 0x0
[0160.039] RestoreDC (hdc=0xe00107f1, nSavedDC=-1) returned 1
[0160.039] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107f1) returned 0x0
[0160.040] IsAppThemed () returned 0x1
[0160.040] GetThemeAppProperties () returned 0x3
[0160.040] GetThemeAppProperties () returned 0x3
[0160.040] IsAppThemed () returned 0x1
[0160.040] GetThemeAppProperties () returned 0x3
[0160.040] GetThemeAppProperties () returned 0x3
[0160.040] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2ce5490 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0160.040] IsAppThemed () returned 0x1
[0160.040] GetThemeAppProperties () returned 0x3
[0160.040] GetThemeAppProperties () returned 0x3
[0160.040] IsAppThemed () returned 0x1
[0160.040] GetThemeAppProperties () returned 0x3
[0160.040] GetThemeAppProperties () returned 0x3
[0160.041] GetFocus () returned 0x602c4
[0160.041] IsAppThemed () returned 0x1
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] IsAppThemed () returned 0x1
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] IsThemePartDefined () returned 0x1
[0160.041] IsAppThemed () returned 0x1
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0160.041] IsAppThemed () returned 0x1
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] IsAppThemed () returned 0x1
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] GetThemeAppProperties () returned 0x3
[0160.041] IsThemePartDefined () returned 0x1
[0160.041] GdipCreateRegion (region=0xd7e508) returned 0x0
[0160.041] GdipGetClip (graphics=0x6600030, region=0x6644868) returned 0x0
[0160.042] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0160.042] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0160.042] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e520) returned 0x0
[0160.042] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0160.042] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0160.042] LocalFree (hMem=0x11eec58) returned 0x0
[0160.042] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0160.042] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0160.042] LocalFree (hMem=0x11ee9f0) returned 0x0
[0160.042] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0160.042] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e548) returned 0x0
[0160.042] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e538) returned 0x0
[0160.042] GdipGetRegionHRgn (region=0x6644868, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0160.042] GdipDeleteRegion (region=0x6644868) returned 0x0
[0160.042] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0160.042] GetCurrentObject (hdc=0xe00107f1, type=0x1) returned 0xb00017
[0160.042] GetCurrentObject (hdc=0xe00107f1, type=0x2) returned 0x900010
[0160.043] GetCurrentObject (hdc=0xe00107f1, type=0x7) returned 0x4a0507fe
[0160.043] GetCurrentObject (hdc=0xe00107f1, type=0x6) returned 0x8a01c2
[0160.043] SaveDC (hdc=0xe00107f1) returned 1
[0160.043] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdf040807
[0160.043] GetClipRgn (hdc=0xe00107f1, hrgn=0xdf040807) returned 0
[0160.043] SelectClipRgn (hdc=0xe00107f1, hrgn=0x650407de) returned 2
[0160.043] DeleteObject (ho=0xdf040807) returned 1
[0160.043] DeleteObject (ho=0x650407de) returned 1
[0160.043] OffsetViewportOrgEx (in: hdc=0xe00107f1, x=0, y=0, lppt=0x2ce5b40 | out: lppt=0x2ce5b40) returned 1
[0160.043] DrawThemeParentBackground () returned 0x0
[0160.043] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0160.043] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0160.044] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0160.044] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0160.044] GetSystemMetrics (nIndex=42) returned 0
[0160.050] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0160.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0160.050] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0160.050] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0160.050] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0160.050] SelectPalette (hdc=0xe00107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0160.050] GdipCreateFromHDC (hdc=0xe00107f1, graphics=0xd7dff8) returned 0x0
[0160.050] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0160.050] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0160.050] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c38) returned 0x0
[0160.050] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dfd0) returned 0x0
[0160.051] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0160.051] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0160.051] GdipGetClip (graphics=0x6638e08, region=0x66447d8) returned 0x0
[0160.051] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6638e08, result=0xd7dfc4) returned 0x0
[0160.051] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0160.051] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dff0) returned 0x0
[0160.051] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0160.136] GdipFillRectangleI (graphics=0x6638e08, brush=0x66392b0, x=0, y=0, width=801, height=453) returned 0x0
[0160.136] GdipDeleteBrush (brush=0x66392b0) returned 0x0
[0160.142] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0160.142] SelectPalette (hdc=0xe00107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0160.142] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0160.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0160.142] GetSystemMetrics (nIndex=42) returned 0
[0160.142] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0160.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0160.142] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0160.142] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0160.142] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0160.142] SelectPalette (hdc=0xe00107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0160.142] GdipCreateFromHDC (hdc=0xe00107f1, graphics=0xd7df98) returned 0x0
[0160.143] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0160.143] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0160.143] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638ba8) returned 0x0
[0160.143] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df70) returned 0x0
[0160.143] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0160.143] GdipCreateRegion (region=0xd7df58) returned 0x0
[0160.143] GdipGetClip (graphics=0x6638e08, region=0x66448f8) returned 0x0
[0160.143] GdipIsInfiniteRegion (region=0x66448f8, graphics=0x6638e08, result=0xd7df64) returned 0x0
[0160.143] GdipDeleteRegion (region=0x66448f8) returned 0x0
[0160.143] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df90) returned 0x0
[0160.143] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0160.154] GdipFillRectangleI (graphics=0x6638e08, brush=0x6639658, x=0, y=0, width=801, height=453) returned 0x0
[0160.155] GdipDeleteBrush (brush=0x6639658) returned 0x0
[0160.156] GdipRestoreGraphics (graphics=0x6638e08, state=0xfcc60dbd) returned 0x0
[0160.156] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0160.156] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0160.156] GetSystemMetrics (nIndex=42) returned 0
[0160.156] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0160.156] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0160.157] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0160.157] SelectPalette (hdc=0xe00107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0160.157] RestoreDC (hdc=0xe00107f1, nSavedDC=-1) returned 1
[0160.157] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107f1) returned 0x0
[0160.157] IsAppThemed () returned 0x1
[0160.157] GetThemeAppProperties () returned 0x3
[0160.157] GetThemeAppProperties () returned 0x3
[0160.157] IsAppThemed () returned 0x1
[0160.157] GetThemeAppProperties () returned 0x3
[0160.157] GetThemeAppProperties () returned 0x3
[0160.157] IsThemePartDefined () returned 0x1
[0160.157] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0160.157] GdipGetClip (graphics=0x6600030, region=0x6644118) returned 0x0
[0160.158] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0160.158] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0160.158] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a4) returned 0x0
[0160.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0160.158] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0160.158] LocalFree (hMem=0x11ee9f0) returned 0x0
[0160.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0160.158] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0160.158] LocalFree (hMem=0x11ee788) returned 0x0
[0160.158] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0160.158] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0160.158] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0160.158] GdipGetRegionHRgn (region=0x6644118, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0160.158] GdipDeleteRegion (region=0x6644118) returned 0x0
[0160.158] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0160.158] GetCurrentObject (hdc=0xe00107f1, type=0x1) returned 0xb00017
[0160.158] GetCurrentObject (hdc=0xe00107f1, type=0x2) returned 0x900010
[0160.159] GetCurrentObject (hdc=0xe00107f1, type=0x7) returned 0x4a0507fe
[0160.159] GetCurrentObject (hdc=0xe00107f1, type=0x6) returned 0x8a01c2
[0160.159] SaveDC (hdc=0xe00107f1) returned 1
[0160.159] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x660407de
[0160.159] GetClipRgn (hdc=0xe00107f1, hrgn=0x660407de) returned 0
[0160.159] SelectClipRgn (hdc=0xe00107f1, hrgn=0xe1040807) returned 2
[0160.159] DeleteObject (ho=0x660407de) returned 1
[0160.159] DeleteObject (ho=0xe1040807) returned 1
[0160.159] OffsetViewportOrgEx (in: hdc=0xe00107f1, x=0, y=0, lppt=0x2cec390 | out: lppt=0x2cec390) returned 1
[0160.159] IsAppThemed () returned 0x1
[0160.159] GetThemeAppProperties () returned 0x3
[0160.159] GetThemeAppProperties () returned 0x3
[0160.159] DrawThemeBackground () returned 0x0
[0160.159] RestoreDC (hdc=0xe00107f1, nSavedDC=-1) returned 1
[0160.159] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107f1) returned 0x0
[0160.160] GdipCreateRegion (region=0xd7e490) returned 0x0
[0160.160] GdipGetClip (graphics=0x6600030, region=0x6644868) returned 0x0
[0160.160] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0160.160] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0160.160] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a8) returned 0x0
[0160.160] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0160.160] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0160.160] LocalFree (hMem=0x11ee788) returned 0x0
[0160.160] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0160.160] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea98) returned 0x0
[0160.160] LocalFree (hMem=0x11eea98) returned 0x0
[0160.160] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0160.160] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0160.160] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0160.160] GdipGetRegionHRgn (region=0x6644868, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0160.160] GdipDeleteRegion (region=0x6644868) returned 0x0
[0160.160] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0160.161] GetCurrentObject (hdc=0xe00107f1, type=0x1) returned 0xb00017
[0160.161] GetCurrentObject (hdc=0xe00107f1, type=0x2) returned 0x900010
[0160.161] GetCurrentObject (hdc=0xe00107f1, type=0x7) returned 0x4a0507fe
[0160.161] GetCurrentObject (hdc=0xe00107f1, type=0x6) returned 0x8a01c2
[0160.161] SaveDC (hdc=0xe00107f1) returned 1
[0160.161] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe2040807
[0160.161] GetClipRgn (hdc=0xe00107f1, hrgn=0xe2040807) returned 0
[0160.161] SelectClipRgn (hdc=0xe00107f1, hrgn=0x670407de) returned 2
[0160.161] DeleteObject (ho=0xe2040807) returned 1
[0160.161] DeleteObject (ho=0x670407de) returned 1
[0160.161] OffsetViewportOrgEx (in: hdc=0xe00107f1, x=0, y=0, lppt=0x2cec664 | out: lppt=0x2cec664) returned 1
[0160.161] IsAppThemed () returned 0x1
[0160.161] GetThemeAppProperties () returned 0x3
[0160.161] GetThemeAppProperties () returned 0x3
[0160.161] GetThemeBackgroundContentRect () returned 0x0
[0160.161] RestoreDC (hdc=0xe00107f1, nSavedDC=-1) returned 1
[0160.162] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107f1) returned 0x0
[0160.162] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0160.162] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0160.162] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0160.162] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0160.162] IsAppThemed () returned 0x1
[0160.162] GetThemeAppProperties () returned 0x3
[0160.162] GetThemeAppProperties () returned 0x3
[0160.162] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0160.162] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0160.162] GetCurrentObject (hdc=0xe00107f1, type=0x1) returned 0xb00017
[0160.162] GetCurrentObject (hdc=0xe00107f1, type=0x2) returned 0x900010
[0160.162] GetCurrentObject (hdc=0xe00107f1, type=0x7) returned 0x4a0507fe
[0160.162] GetCurrentObject (hdc=0xe00107f1, type=0x6) returned 0x8a01c2
[0160.162] SaveDC (hdc=0xe00107f1) returned 1
[0160.162] GetTextAlign (hdc=0xe00107f1) returned 0x0
[0160.162] GetTextColor (hdc=0xe00107f1) returned 0x0
[0160.163] GetCurrentObject (hdc=0xe00107f1, type=0x6) returned 0x8a01c2
[0160.163] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0160.163] SelectObject (hdc=0xe00107f1, h=0x6d0a0520) returned 0x8a01c2
[0160.163] GetBkMode (hdc=0xe00107f1) returned 2
[0160.163] SetBkMode (hdc=0xe00107f1, mode=1) returned 2
[0160.163] DrawTextExW (in: hdc=0xe00107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2ceca28 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0160.163] DrawTextExW (in: hdc=0xe00107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2ceca28 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0160.164] RestoreDC (hdc=0xe00107f1, nSavedDC=-1) returned 1
[0160.164] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107f1) returned 0x0
[0160.164] GetFocus () returned 0x602c4
[0160.164] IsAppThemed () returned 0x1
[0160.164] GetThemeAppProperties () returned 0x3
[0160.164] GetThemeAppProperties () returned 0x3
[0160.164] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0160.164] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xe00107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0160.164] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107f1) returned 0x0
[0160.164] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0160.165] SelectObject (hdc=0xe00107f1, h=0x85000f) returned 0x4a0507fe
[0160.165] DeleteDC (hdc=0xe00107f1) returned 1
[0160.165] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0160.165] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0160.165] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.165] IsWindowUnicode (hWnd=0x7005c) returned 1
[0160.165] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.165] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.165] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.166] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.166] IsWindowUnicode (hWnd=0x7005c) returned 1
[0160.166] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.166] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.166] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1100247) returned 0x0
[0160.166] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.166] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.166] WaitMessage () returned 1
[0160.227] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.227] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.227] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.227] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.227] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.228] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.228] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.228] WaitMessage () returned 1
[0160.229] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.229] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.229] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.229] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.229] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.230] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.230] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.230] WaitMessage () returned 1
[0160.231] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.231] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.231] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.231] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.231] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.238] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.239] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.239] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.239] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.239] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.239] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.239] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.239] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.239] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.239] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.240] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.240] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.240] WaitMessage () returned 1
[0160.242] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.242] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.242] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.242] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.242] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.244] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.244] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.244] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.244] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.244] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.244] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.245] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.245] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.245] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.245] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.245] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.245] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.245] WaitMessage () returned 1
[0160.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.246] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.246] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.246] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.246] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.248] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.248] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.248] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.248] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.248] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.248] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.248] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.248] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.248] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.249] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.249] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.249] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.249] WaitMessage () returned 1
[0160.250] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.250] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.250] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.250] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.250] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.252] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.252] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.252] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.252] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.252] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.253] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.253] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.253] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.253] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.253] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.253] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.254] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.254] WaitMessage () returned 1
[0160.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.256] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.256] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.256] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.256] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.257] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.257] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.257] WaitMessage () returned 1
[0160.258] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.258] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.258] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.258] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.258] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.260] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.260] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.260] WaitMessage () returned 1
[0160.261] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.261] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.261] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.261] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.261] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.262] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.262] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.262] WaitMessage () returned 1
[0160.269] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.269] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.269] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.269] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.269] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.271] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.271] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.271] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.271] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.271] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.272] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.272] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.272] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.272] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.272] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.272] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.272] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.273] WaitMessage () returned 1
[0160.273] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.273] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.273] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.273] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.273] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.274] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.275] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.275] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.275] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.275] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.275] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.275] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.275] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.275] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.275] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.275] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.276] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.276] WaitMessage () returned 1
[0160.276] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.276] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.276] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.276] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.276] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.278] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.281] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.281] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.281] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.281] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.282] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.282] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.282] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.282] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.282] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.282] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.282] IsWindowUnicode (hWnd=0x502c6) returned 1
[0160.282] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.283] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.283] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.283] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.283] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.283] WaitMessage () returned 1
[0160.287] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.287] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.287] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.287] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.287] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.288] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.289] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.289] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.289] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.289] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.289] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.289] IsWindowUnicode (hWnd=0x30122) returned 1
[0160.289] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0160.289] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0160.289] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0160.289] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.290] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0160.290] WaitMessage () returned 1
[0162.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.063] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e00f3) returned 0x1
[0162.063] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.063] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.063] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.063] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0162.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.063] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e00f3) returned 0x1
[0162.064] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.064] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.064] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e00f3) returned 0x1
[0162.064] SetCursor (hCursor=0x10003) returned 0x10003
[0162.064] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.064] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.064] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0162.064] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0162.064] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0162.064] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0162.064] GetKeyState (nVirtKey=1) returned 1
[0162.064] GetKeyState (nVirtKey=2) returned 0
[0162.064] GetKeyState (nVirtKey=4) returned 0
[0162.064] GetKeyState (nVirtKey=5) returned 0
[0162.065] GetKeyState (nVirtKey=6) returned 0
[0162.065] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.065] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.065] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.065] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.065] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.065] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0162.065] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.065] CreateCompatibleDC (hdc=0xc0107c5) returned 0x94010781
[0162.065] SelectObject (hdc=0x94010781, h=0x4a0507fe) returned 0x85000f
[0162.065] GdipCreateFromHDC (hdc=0x94010781, graphics=0xd7e798) returned 0x0
[0162.066] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.066] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0162.066] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0162.066] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0162.066] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e7f8) returned 0x0
[0162.066] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.066] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0162.066] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.066] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0162.066] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0162.066] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0162.066] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0162.066] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0162.066] GdipRestoreGraphics (graphics=0x6600030, state=0xfcc40dbd) returned 0x0
[0162.066] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0162.066] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0162.066] GetCurrentObject (hdc=0x94010781, type=0x1) returned 0xb00017
[0162.066] GetCurrentObject (hdc=0x94010781, type=0x2) returned 0x900010
[0162.066] GetCurrentObject (hdc=0x94010781, type=0x7) returned 0x4a0507fe
[0162.067] GetCurrentObject (hdc=0x94010781, type=0x6) returned 0x8a01c2
[0162.067] SaveDC (hdc=0x94010781) returned 1
[0162.067] GetNearestColor (hdc=0x94010781, color=0xff) returned 0xff
[0162.067] GetNearestColor (hdc=0x94010781, color=0x55) returned 0x55
[0162.067] GetNearestColor (hdc=0x94010781, color=0x0) returned 0x0
[0162.067] GetNearestColor (hdc=0x94010781, color=0x55) returned 0x55
[0162.067] GetNearestColor (hdc=0x94010781, color=0x0) returned 0x0
[0162.067] GetNearestColor (hdc=0x94010781, color=0x8080ff) returned 0x8080ff
[0162.067] GetNearestColor (hdc=0x94010781, color=0x7373e5) returned 0x7373e5
[0162.067] GetNearestColor (hdc=0x94010781, color=0xe5) returned 0xe5
[0162.067] GetNearestColor (hdc=0x94010781, color=0x0) returned 0x0
[0162.067] RestoreDC (hdc=0x94010781, nSavedDC=-1) returned 1
[0162.067] GdipReleaseDC (graphics=0x6600030, hdc=0x94010781) returned 0x0
[0162.067] IsAppThemed () returned 0x1
[0162.067] GetThemeAppProperties () returned 0x3
[0162.067] GetThemeAppProperties () returned 0x3
[0162.067] IsAppThemed () returned 0x1
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2ced428 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0162.068] IsAppThemed () returned 0x1
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] IsAppThemed () returned 0x1
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] IsAppThemed () returned 0x1
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] IsAppThemed () returned 0x1
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] IsThemePartDefined () returned 0x1
[0162.068] IsAppThemed () returned 0x1
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] GetThemeAppProperties () returned 0x3
[0162.068] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0162.068] IsAppThemed () returned 0x1
[0162.069] GetThemeAppProperties () returned 0x3
[0162.069] GetThemeAppProperties () returned 0x3
[0162.069] IsAppThemed () returned 0x1
[0162.069] GetThemeAppProperties () returned 0x3
[0162.069] GetThemeAppProperties () returned 0x3
[0162.069] IsThemePartDefined () returned 0x1
[0162.069] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0162.069] GdipGetClip (graphics=0x6600030, region=0x6644118) returned 0x0
[0162.069] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0162.069] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0162.069] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e514) returned 0x0
[0162.069] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.069] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0162.069] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.069] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.069] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0162.069] LocalFree (hMem=0x11ee788) returned 0x0
[0162.069] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0162.069] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0162.069] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0162.069] GdipGetRegionHRgn (region=0x6644118, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0162.069] GdipDeleteRegion (region=0x6644118) returned 0x0
[0162.069] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0162.069] GetCurrentObject (hdc=0x94010781, type=0x1) returned 0xb00017
[0162.069] GetCurrentObject (hdc=0x94010781, type=0x2) returned 0x900010
[0162.070] GetCurrentObject (hdc=0x94010781, type=0x7) returned 0x4a0507fe
[0162.070] GetCurrentObject (hdc=0x94010781, type=0x6) returned 0x8a01c2
[0162.070] SaveDC (hdc=0x94010781) returned 1
[0162.070] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x680407de
[0162.070] GetClipRgn (hdc=0x94010781, hrgn=0x680407de) returned 0
[0162.070] SelectClipRgn (hdc=0x94010781, hrgn=0xe6040807) returned 2
[0162.070] DeleteObject (ho=0x680407de) returned 1
[0162.070] DeleteObject (ho=0xe6040807) returned 1
[0162.070] OffsetViewportOrgEx (in: hdc=0x94010781, x=0, y=0, lppt=0x2cedad8 | out: lppt=0x2cedad8) returned 1
[0162.070] DrawThemeParentBackground () returned 0x0
[0162.070] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0162.070] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0162.070] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.070] GetSystemMetrics (nIndex=42) returned 0
[0162.070] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0162.070] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0162.070] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0162.071] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0162.071] SelectPalette (hdc=0x94010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.071] GdipCreateFromHDC (hdc=0x94010781, graphics=0xd7dff0) returned 0x0
[0162.071] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0162.071] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0162.071] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638d58) returned 0x0
[0162.071] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfc8) returned 0x0
[0162.071] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0162.071] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0162.071] GdipGetClip (graphics=0x6638e08, region=0x66446b8) returned 0x0
[0162.071] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6638e08, result=0xd7dfbc) returned 0x0
[0162.071] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0162.071] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dfe8) returned 0x0
[0162.071] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0162.080] GdipFillRectangleI (graphics=0x6638e08, brush=0x6639790, x=0, y=0, width=801, height=453) returned 0x0
[0162.080] GdipDeleteBrush (brush=0x6639790) returned 0x0
[0162.081] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0162.081] SelectPalette (hdc=0x94010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.081] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.081] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.081] GetSystemMetrics (nIndex=42) returned 0
[0162.081] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.081] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0162.081] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0162.081] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0162.082] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0162.082] SelectPalette (hdc=0x94010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.082] GdipCreateFromHDC (hdc=0x94010781, graphics=0xd7df90) returned 0x0
[0162.082] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0162.082] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0162.082] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638a28) returned 0x0
[0162.082] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0162.082] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0162.082] GdipCreateRegion (region=0xd7df50) returned 0x0
[0162.082] GdipGetClip (graphics=0x6638e08, region=0x66447d8) returned 0x0
[0162.082] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6638e08, result=0xd7df5c) returned 0x0
[0162.082] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0162.082] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df88) returned 0x0
[0162.082] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0162.090] GdipFillRectangleI (graphics=0x6638e08, brush=0x6639ee0, x=0, y=0, width=801, height=453) returned 0x0
[0162.090] GdipDeleteBrush (brush=0x6639ee0) returned 0x0
[0162.092] GdipRestoreGraphics (graphics=0x6638e08, state=0xfcc00dbd) returned 0x0
[0162.092] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.092] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.092] GetSystemMetrics (nIndex=42) returned 0
[0162.092] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.092] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0162.092] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0162.092] SelectPalette (hdc=0x94010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.092] RestoreDC (hdc=0x94010781, nSavedDC=-1) returned 1
[0162.092] GdipReleaseDC (graphics=0x6600030, hdc=0x94010781) returned 0x0
[0162.092] IsAppThemed () returned 0x1
[0162.092] GetThemeAppProperties () returned 0x3
[0162.092] GetThemeAppProperties () returned 0x3
[0162.092] IsAppThemed () returned 0x1
[0162.092] GetThemeAppProperties () returned 0x3
[0162.093] GetThemeAppProperties () returned 0x3
[0162.093] IsThemePartDefined () returned 0x1
[0162.093] GdipCreateRegion (region=0xd7e480) returned 0x0
[0162.093] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0162.093] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0162.093] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0162.093] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e498) returned 0x0
[0162.093] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.093] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0162.093] LocalFree (hMem=0x11eec58) returned 0x0
[0162.093] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0162.093] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0162.093] LocalFree (hMem=0x11ee868) returned 0x0
[0162.093] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0162.093] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0162.093] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0162.093] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0162.093] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0162.093] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0162.093] GetCurrentObject (hdc=0x94010781, type=0x1) returned 0xb00017
[0162.093] GetCurrentObject (hdc=0x94010781, type=0x2) returned 0x900010
[0162.093] GetCurrentObject (hdc=0x94010781, type=0x7) returned 0x4a0507fe
[0162.093] GetCurrentObject (hdc=0x94010781, type=0x6) returned 0x8a01c2
[0162.094] SaveDC (hdc=0x94010781) returned 1
[0162.094] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe7040807
[0162.094] GetClipRgn (hdc=0x94010781, hrgn=0xe7040807) returned 0
[0162.094] SelectClipRgn (hdc=0x94010781, hrgn=0x6a0407de) returned 2
[0162.094] DeleteObject (ho=0xe7040807) returned 1
[0162.094] DeleteObject (ho=0x6a0407de) returned 1
[0162.094] OffsetViewportOrgEx (in: hdc=0x94010781, x=0, y=0, lppt=0x2cf4328 | out: lppt=0x2cf4328) returned 1
[0162.094] IsAppThemed () returned 0x1
[0162.094] GetThemeAppProperties () returned 0x3
[0162.094] GetThemeAppProperties () returned 0x3
[0162.094] DrawThemeBackground () returned 0x0
[0162.094] RestoreDC (hdc=0x94010781, nSavedDC=-1) returned 1
[0162.094] GdipReleaseDC (graphics=0x6600030, hdc=0x94010781) returned 0x0
[0162.094] GdipCreateRegion (region=0xd7e484) returned 0x0
[0162.094] GdipGetClip (graphics=0x6600030, region=0x6644c58) returned 0x0
[0162.094] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0162.094] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0162.094] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e49c) returned 0x0
[0162.094] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.095] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0162.095] LocalFree (hMem=0x11ee788) returned 0x0
[0162.095] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0162.095] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee8d8) returned 0x0
[0162.095] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.095] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0162.095] GdipIsInfiniteRegion (region=0x6644c58, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0162.095] GdipIsInfiniteRegion (region=0x6644c58, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0162.095] GdipGetRegionHRgn (region=0x6644c58, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0162.095] GdipDeleteRegion (region=0x6644c58) returned 0x0
[0162.095] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0162.095] GetCurrentObject (hdc=0x94010781, type=0x1) returned 0xb00017
[0162.095] GetCurrentObject (hdc=0x94010781, type=0x2) returned 0x900010
[0162.095] GetCurrentObject (hdc=0x94010781, type=0x7) returned 0x4a0507fe
[0162.095] GetCurrentObject (hdc=0x94010781, type=0x6) returned 0x8a01c2
[0162.095] SaveDC (hdc=0x94010781) returned 1
[0162.095] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b0407de
[0162.095] GetClipRgn (hdc=0x94010781, hrgn=0x6b0407de) returned 0
[0162.095] SelectClipRgn (hdc=0x94010781, hrgn=0xe8040807) returned 2
[0162.095] DeleteObject (ho=0x6b0407de) returned 1
[0162.095] DeleteObject (ho=0xe8040807) returned 1
[0162.096] OffsetViewportOrgEx (in: hdc=0x94010781, x=0, y=0, lppt=0x2cf45fc | out: lppt=0x2cf45fc) returned 1
[0162.096] IsAppThemed () returned 0x1
[0162.096] GetThemeAppProperties () returned 0x3
[0162.096] GetThemeAppProperties () returned 0x3
[0162.096] GetThemeBackgroundContentRect () returned 0x0
[0162.096] RestoreDC (hdc=0x94010781, nSavedDC=-1) returned 1
[0162.096] GdipReleaseDC (graphics=0x6600030, hdc=0x94010781) returned 0x0
[0162.096] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0162.096] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0162.096] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0162.096] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0162.096] IsAppThemed () returned 0x1
[0162.096] GetThemeAppProperties () returned 0x3
[0162.096] GetThemeAppProperties () returned 0x3
[0162.096] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0162.096] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0162.096] GetCurrentObject (hdc=0x94010781, type=0x1) returned 0xb00017
[0162.096] GetCurrentObject (hdc=0x94010781, type=0x2) returned 0x900010
[0162.096] GetCurrentObject (hdc=0x94010781, type=0x7) returned 0x4a0507fe
[0162.096] GetCurrentObject (hdc=0x94010781, type=0x6) returned 0x8a01c2
[0162.096] SaveDC (hdc=0x94010781) returned 1
[0162.097] GetTextAlign (hdc=0x94010781) returned 0x0
[0162.097] GetTextColor (hdc=0x94010781) returned 0x0
[0162.097] GetCurrentObject (hdc=0x94010781, type=0x6) returned 0x8a01c2
[0162.097] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0162.097] SelectObject (hdc=0x94010781, h=0x6d0a0520) returned 0x8a01c2
[0162.097] GetBkMode (hdc=0x94010781) returned 2
[0162.097] SetBkMode (hdc=0x94010781, mode=1) returned 2
[0162.097] DrawTextExW (in: hdc=0x94010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2cf49c0 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0162.097] DrawTextExW (in: hdc=0x94010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2cf49c0 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0162.098] RestoreDC (hdc=0x94010781, nSavedDC=-1) returned 1
[0162.098] GdipReleaseDC (graphics=0x6600030, hdc=0x94010781) returned 0x0
[0162.098] GetFocus () returned 0x602c4
[0162.098] IsAppThemed () returned 0x1
[0162.098] GetThemeAppProperties () returned 0x3
[0162.098] GetThemeAppProperties () returned 0x3
[0162.098] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0162.098] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x94010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0162.098] GdipReleaseDC (graphics=0x6600030, hdc=0x94010781) returned 0x0
[0162.098] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.098] SelectObject (hdc=0x94010781, h=0x85000f) returned 0x4a0507fe
[0162.099] DeleteDC (hdc=0x94010781) returned 1
[0162.099] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.099] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0162.099] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0162.099] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0162.099] WaitMessage () returned 1
[0162.169] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.169] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.169] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.169] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.169] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.169] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.169] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.169] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.169] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.169] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x70018) returned 0x0
[0162.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0162.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0162.170] WaitMessage () returned 1
[0162.298] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e00f3) returned 0x1
[0162.299] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.299] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e00f3) returned 0x1
[0162.299] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0162.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1990035) returned 0x0
[0162.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0162.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0162.299] SetCursor (hCursor=0x10003) returned 0x10003
[0162.300] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.300] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.300] GetKeyState (nVirtKey=1) returned -128
[0162.300] GetKeyState (nVirtKey=2) returned 0
[0162.300] GetKeyState (nVirtKey=4) returned 0
[0162.300] GetKeyState (nVirtKey=5) returned 0
[0162.300] GetKeyState (nVirtKey=6) returned 0
[0162.300] IsWindowVisible (hWnd=0x602c4) returned 1
[0162.300] IsWindowEnabled (hWnd=0x602c4) returned 1
[0162.300] SetFocus (hWnd=0x602c4) returned 0x602c4
[0162.300] GetFocus () returned 0x602c4
[0162.300] GetFocus () returned 0x602c4
[0162.300] GetFocus () returned 0x602c4
[0162.300] GetKeyState (nVirtKey=1) returned -128
[0162.300] GetKeyState (nVirtKey=2) returned 0
[0162.300] GetKeyState (nVirtKey=4) returned 0
[0162.300] GetKeyState (nVirtKey=5) returned 0
[0162.300] GetKeyState (nVirtKey=6) returned 0
[0162.300] GetCapture () returned 0x0
[0162.300] SetCapture (hWnd=0x602c4) returned 0x0
[0162.300] GetKeyState (nVirtKey=1) returned -128
[0162.300] GetKeyState (nVirtKey=2) returned 0
[0162.300] GetKeyState (nVirtKey=4) returned 0
[0162.301] GetKeyState (nVirtKey=5) returned 0
[0162.301] GetKeyState (nVirtKey=6) returned 0
[0162.301] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0162.301] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0162.301] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.301] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.301] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.301] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.301] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.301] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cf4b44, cPoints=0x1 | out: lpPoints=0x2cf4b44) returned 40304859
[0162.301] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0162.301] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0162.301] UpdateWindow (hWnd=0x602c4) returned 1
[0162.301] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0162.301] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.301] CreateCompatibleDC (hdc=0xc0107c5) returned 0x95010781
[0162.301] SelectObject (hdc=0x95010781, h=0x4a0507fe) returned 0x85000f
[0162.302] GdipCreateFromHDC (hdc=0x95010781, graphics=0xd7e430) returned 0x0
[0162.302] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.302] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0162.302] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0162.302] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0162.302] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e490) returned 0x0
[0162.302] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.302] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0162.302] LocalFree (hMem=0x11ee788) returned 0x0
[0162.302] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0162.302] GdipCreateRegion (region=0xd7e478) returned 0x0
[0162.302] GdipGetClip (graphics=0x6600030, region=0x6644118) returned 0x0
[0162.303] GdipIsInfiniteRegion (region=0x6644118, graphics=0x6600030, result=0xd7e484) returned 0x0
[0162.303] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0162.303] GdipRestoreGraphics (graphics=0x6600030, state=0xfcbe0dbd) returned 0x0
[0162.303] GdipDeleteRegion (region=0x6644118) returned 0x0
[0162.303] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0162.303] GetCurrentObject (hdc=0x95010781, type=0x1) returned 0xb00017
[0162.303] GetCurrentObject (hdc=0x95010781, type=0x2) returned 0x900010
[0162.303] GetCurrentObject (hdc=0x95010781, type=0x7) returned 0x4a0507fe
[0162.303] GetCurrentObject (hdc=0x95010781, type=0x6) returned 0x8a01c2
[0162.303] SaveDC (hdc=0x95010781) returned 1
[0162.303] GetNearestColor (hdc=0x95010781, color=0xff) returned 0xff
[0162.303] GetNearestColor (hdc=0x95010781, color=0x55) returned 0x55
[0162.303] GetNearestColor (hdc=0x95010781, color=0x0) returned 0x0
[0162.304] GetNearestColor (hdc=0x95010781, color=0x55) returned 0x55
[0162.304] GetNearestColor (hdc=0x95010781, color=0x0) returned 0x0
[0162.304] GetNearestColor (hdc=0x95010781, color=0x8080ff) returned 0x8080ff
[0162.304] GetNearestColor (hdc=0x95010781, color=0x7373e5) returned 0x7373e5
[0162.304] GetNearestColor (hdc=0x95010781, color=0xe5) returned 0xe5
[0162.304] GetNearestColor (hdc=0x95010781, color=0x0) returned 0x0
[0162.304] RestoreDC (hdc=0x95010781, nSavedDC=-1) returned 1
[0162.304] GdipReleaseDC (graphics=0x6600030, hdc=0x95010781) returned 0x0
[0162.304] IsAppThemed () returned 0x1
[0162.304] GetThemeAppProperties () returned 0x3
[0162.304] GetThemeAppProperties () returned 0x3
[0162.304] IsAppThemed () returned 0x1
[0162.304] GetThemeAppProperties () returned 0x3
[0162.304] GetThemeAppProperties () returned 0x3
[0162.304] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2cf5260 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0162.305] IsAppThemed () returned 0x1
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] IsAppThemed () returned 0x1
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] IsAppThemed () returned 0x1
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] IsAppThemed () returned 0x1
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] IsThemePartDefined () returned 0x1
[0162.305] IsAppThemed () returned 0x1
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0162.305] IsAppThemed () returned 0x1
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] GetThemeAppProperties () returned 0x3
[0162.305] IsAppThemed () returned 0x1
[0162.306] GetThemeAppProperties () returned 0x3
[0162.306] GetThemeAppProperties () returned 0x3
[0162.306] IsThemePartDefined () returned 0x1
[0162.306] GdipCreateRegion (region=0xd7e194) returned 0x0
[0162.306] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0162.306] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0162.306] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0162.306] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e1ac) returned 0x0
[0162.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.306] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0162.306] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.306] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0162.306] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.306] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0162.306] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0162.306] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0162.306] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0162.306] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0162.306] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0162.306] GetCurrentObject (hdc=0x95010781, type=0x1) returned 0xb00017
[0162.306] GetCurrentObject (hdc=0x95010781, type=0x2) returned 0x900010
[0162.306] GetCurrentObject (hdc=0x95010781, type=0x7) returned 0x4a0507fe
[0162.307] GetCurrentObject (hdc=0x95010781, type=0x6) returned 0x8a01c2
[0162.307] SaveDC (hdc=0x95010781) returned 1
[0162.307] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe9040807
[0162.307] GetClipRgn (hdc=0x95010781, hrgn=0xe9040807) returned 0
[0162.307] SelectClipRgn (hdc=0x95010781, hrgn=0x6f0407de) returned 2
[0162.307] DeleteObject (ho=0xe9040807) returned 1
[0162.307] DeleteObject (ho=0x6f0407de) returned 1
[0162.307] OffsetViewportOrgEx (in: hdc=0x95010781, x=0, y=0, lppt=0x2cf5910 | out: lppt=0x2cf5910) returned 1
[0162.307] DrawThemeParentBackground () returned 0x0
[0162.307] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0162.307] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0162.307] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.307] GetSystemMetrics (nIndex=42) returned 0
[0162.307] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0162.308] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0162.308] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0162.308] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0162.308] SelectPalette (hdc=0x95010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.308] GdipCreateFromHDC (hdc=0x95010781, graphics=0xd7dc88) returned 0x0
[0162.308] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0162.308] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0162.308] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c98) returned 0x0
[0162.308] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc60) returned 0x0
[0162.308] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0162.308] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0162.308] GdipGetClip (graphics=0x6638e08, region=0x66447d8) returned 0x0
[0162.308] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6638e08, result=0xd7dc54) returned 0x0
[0162.308] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0162.308] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc80) returned 0x0
[0162.308] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0162.317] GdipFillRectangleI (graphics=0x6638e08, brush=0x6639658, x=0, y=0, width=801, height=453) returned 0x0
[0162.317] GdipDeleteBrush (brush=0x6639658) returned 0x0
[0162.318] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0162.319] SelectPalette (hdc=0x95010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.319] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.319] GetSystemMetrics (nIndex=42) returned 0
[0162.319] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0162.319] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0162.319] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0162.319] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0162.319] SelectPalette (hdc=0x95010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.319] GdipCreateFromHDC (hdc=0x95010781, graphics=0xd7dc28) returned 0x0
[0162.319] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0162.319] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0162.319] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638cf8) returned 0x0
[0162.319] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0162.320] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0162.320] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0162.320] GdipGetClip (graphics=0x6638e08, region=0x66446b8) returned 0x0
[0162.320] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6638e08, result=0xd7dbf4) returned 0x0
[0162.320] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0162.320] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc20) returned 0x0
[0162.320] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0162.328] GdipFillRectangleI (graphics=0x6638e08, brush=0x66398c8, x=0, y=0, width=801, height=453) returned 0x0
[0162.329] GdipDeleteBrush (brush=0x66398c8) returned 0x0
[0162.330] GdipRestoreGraphics (graphics=0x6638e08, state=0xfcba0dbd) returned 0x0
[0162.330] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.330] GetSystemMetrics (nIndex=42) returned 0
[0162.330] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0162.330] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0162.330] SelectPalette (hdc=0x95010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.330] RestoreDC (hdc=0x95010781, nSavedDC=-1) returned 1
[0162.330] GdipReleaseDC (graphics=0x6600030, hdc=0x95010781) returned 0x0
[0162.330] IsAppThemed () returned 0x1
[0162.331] GetThemeAppProperties () returned 0x3
[0162.331] GetThemeAppProperties () returned 0x3
[0162.331] IsAppThemed () returned 0x1
[0162.331] GetThemeAppProperties () returned 0x3
[0162.331] GetThemeAppProperties () returned 0x3
[0162.331] IsThemePartDefined () returned 0x1
[0162.331] GdipCreateRegion (region=0xd7e118) returned 0x0
[0162.331] GdipGetClip (graphics=0x6600030, region=0x6644e98) returned 0x0
[0162.331] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0162.331] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0162.331] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e130) returned 0x0
[0162.331] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.331] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0162.331] LocalFree (hMem=0x11eec58) returned 0x0
[0162.331] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.331] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0162.331] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.331] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0162.331] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e158) returned 0x0
[0162.331] GdipIsInfiniteRegion (region=0x6644e98, graphics=0x6600030, result=0xd7e148) returned 0x0
[0162.331] GdipGetRegionHRgn (region=0x6644e98, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0162.331] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0162.331] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0162.332] GetCurrentObject (hdc=0x95010781, type=0x1) returned 0xb00017
[0162.332] GetCurrentObject (hdc=0x95010781, type=0x2) returned 0x900010
[0162.332] GetCurrentObject (hdc=0x95010781, type=0x7) returned 0x4a0507fe
[0162.332] GetCurrentObject (hdc=0x95010781, type=0x6) returned 0x8a01c2
[0162.332] SaveDC (hdc=0x95010781) returned 1
[0162.332] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x700407de
[0162.332] GetClipRgn (hdc=0x95010781, hrgn=0x700407de) returned 0
[0162.332] SelectClipRgn (hdc=0x95010781, hrgn=0xeb040807) returned 2
[0162.332] DeleteObject (ho=0x700407de) returned 1
[0162.332] DeleteObject (ho=0xeb040807) returned 1
[0162.332] OffsetViewportOrgEx (in: hdc=0x95010781, x=0, y=0, lppt=0x2cfc160 | out: lppt=0x2cfc160) returned 1
[0162.332] IsAppThemed () returned 0x1
[0162.332] GetThemeAppProperties () returned 0x3
[0162.332] GetThemeAppProperties () returned 0x3
[0162.332] DrawThemeBackground () returned 0x0
[0162.332] RestoreDC (hdc=0x95010781, nSavedDC=-1) returned 1
[0162.332] GdipReleaseDC (graphics=0x6600030, hdc=0x95010781) returned 0x0
[0162.332] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0162.333] GdipGetClip (graphics=0x6600030, region=0x6644aa8) returned 0x0
[0162.333] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0162.333] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0162.333] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e134) returned 0x0
[0162.333] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0162.333] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0162.333] LocalFree (hMem=0x11eecc8) returned 0x0
[0162.333] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.333] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0162.333] LocalFree (hMem=0x11ee788) returned 0x0
[0162.333] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0162.333] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0162.333] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0162.333] GdipGetRegionHRgn (region=0x6644aa8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0162.333] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0162.333] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0162.333] GetCurrentObject (hdc=0x95010781, type=0x1) returned 0xb00017
[0162.333] GetCurrentObject (hdc=0x95010781, type=0x2) returned 0x900010
[0162.333] GetCurrentObject (hdc=0x95010781, type=0x7) returned 0x4a0507fe
[0162.333] GetCurrentObject (hdc=0x95010781, type=0x6) returned 0x8a01c2
[0162.333] SaveDC (hdc=0x95010781) returned 1
[0162.333] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xec040807
[0162.333] GetClipRgn (hdc=0x95010781, hrgn=0xec040807) returned 0
[0162.334] SelectClipRgn (hdc=0x95010781, hrgn=0x710407de) returned 2
[0162.334] DeleteObject (ho=0xec040807) returned 1
[0162.334] DeleteObject (ho=0x710407de) returned 1
[0162.334] OffsetViewportOrgEx (in: hdc=0x95010781, x=0, y=0, lppt=0x2cfc434 | out: lppt=0x2cfc434) returned 1
[0162.334] IsAppThemed () returned 0x1
[0162.334] GetThemeAppProperties () returned 0x3
[0162.334] GetThemeAppProperties () returned 0x3
[0162.334] GetThemeBackgroundContentRect () returned 0x0
[0162.334] RestoreDC (hdc=0x95010781, nSavedDC=-1) returned 1
[0162.334] GdipReleaseDC (graphics=0x6600030, hdc=0x95010781) returned 0x0
[0162.334] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0162.334] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0162.334] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0162.334] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0162.334] IsAppThemed () returned 0x1
[0162.334] GetThemeAppProperties () returned 0x3
[0162.334] GetThemeAppProperties () returned 0x3
[0162.334] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0162.334] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0162.334] GetCurrentObject (hdc=0x95010781, type=0x1) returned 0xb00017
[0162.334] GetCurrentObject (hdc=0x95010781, type=0x2) returned 0x900010
[0162.334] GetCurrentObject (hdc=0x95010781, type=0x7) returned 0x4a0507fe
[0162.335] GetCurrentObject (hdc=0x95010781, type=0x6) returned 0x8a01c2
[0162.335] SaveDC (hdc=0x95010781) returned 1
[0162.335] GetTextAlign (hdc=0x95010781) returned 0x0
[0162.335] GetTextColor (hdc=0x95010781) returned 0x0
[0162.335] GetCurrentObject (hdc=0x95010781, type=0x6) returned 0x8a01c2
[0162.335] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0162.335] SelectObject (hdc=0x95010781, h=0x6d0a0520) returned 0x8a01c2
[0162.335] GetBkMode (hdc=0x95010781) returned 2
[0162.335] SetBkMode (hdc=0x95010781, mode=1) returned 2
[0162.335] DrawTextExW (in: hdc=0x95010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2cfc7f8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0162.335] DrawTextExW (in: hdc=0x95010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2cfc7f8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0162.336] RestoreDC (hdc=0x95010781, nSavedDC=-1) returned 1
[0162.336] GdipReleaseDC (graphics=0x6600030, hdc=0x95010781) returned 0x0
[0162.336] GetFocus () returned 0x602c4
[0162.336] IsAppThemed () returned 0x1
[0162.336] GetThemeAppProperties () returned 0x3
[0162.336] GetThemeAppProperties () returned 0x3
[0162.336] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0162.336] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x95010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0162.336] GdipReleaseDC (graphics=0x6600030, hdc=0x95010781) returned 0x0
[0162.336] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.336] SelectObject (hdc=0x95010781, h=0x85000f) returned 0x4a0507fe
[0162.337] DeleteDC (hdc=0x95010781) returned 1
[0162.337] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.337] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0162.337] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cfc8f4, cPoints=0x1 | out: lpPoints=0x2cfc8f4) returned 40304859
[0162.337] WindowFromPoint (Point=0xf3) returned 0x602c4
[0162.337] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e00f3) returned 0x1
[0162.337] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0162.337] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0162.337] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0162.337] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0162.337] GetSystemMetrics (nIndex=42) returned 0
[0162.337] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0162.337] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0162.339] GetCapture () returned 0x602c4
[0162.340] ReleaseCapture () returned 1
[0162.340] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0162.340] GetProcessWindowStation () returned 0x13c
[0162.340] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.341] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0162.341] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.342] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0162.342] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.342] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0162.342] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.342] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0162.342] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.342] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0162.342] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.343] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0162.343] GetDC (hWnd=0x0) returned 0x60100ce
[0162.343] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0162.343] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0162.343] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.343] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0162.343] GetSystemMetrics (nIndex=5) returned 1
[0162.343] GetSystemMetrics (nIndex=6) returned 1
[0162.343] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.344] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0162.344] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.344] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0162.348] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0162.348] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0162.348] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.348] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0162.348] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.348] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0162.349] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d02310 | out: lpData=0x2d02310) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d02720, puLen=0xd7e810) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d023c8, puLen=0xd7e790) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0241c, puLen=0xd7e790) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0249c, puLen=0xd7e790) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02504, puLen=0xd7e790) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02544, puLen=0xd7e790) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d025cc, puLen=0xd7e790) returned 1
[0162.350] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02608, puLen=0xd7e790) returned 1
[0162.351] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02660, puLen=0xd7e790) returned 1
[0162.351] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02690, puLen=0xd7e790) returned 1
[0162.351] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.351] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d026cc, puLen=0xd7e790) returned 1
[0162.351] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.351] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d02720, puLen=0xd7e784) returned 1
[0162.351] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.351] VerQueryValueW (in: pBlock=0x2d02310, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d02338, puLen=0xd7e794) returned 1
[0162.352] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0162.352] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0162.352] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.352] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0162.352] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.352] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0162.352] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d04280 | out: lpData=0x2d04280) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0431c, puLen=0xd7e810) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04394, puLen=0xd7e790) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d043c4, puLen=0xd7e790) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04400, puLen=0xd7e790) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04430, puLen=0xd7e790) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04478, puLen=0xd7e790) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d044f0, puLen=0xd7e790) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04534, puLen=0xd7e790) returned 1
[0162.352] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04574, puLen=0xd7e790) returned 1
[0162.353] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04372, puLen=0xd7e790) returned 1
[0162.353] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d044c0, puLen=0xd7e790) returned 1
[0162.353] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.353] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.353] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0431c, puLen=0xd7e784) returned 1
[0162.353] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0162.353] VerQueryValueW (in: pBlock=0x2d04280, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d042a8, puLen=0xd7e794) returned 1
[0162.353] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0162.353] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0162.354] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.354] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0162.354] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.354] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0162.355] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d06558 | out: lpData=0x2d06558) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0696c, puLen=0xd7e810) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06610, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06664, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d066c0, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06720, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06778, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06800, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06854, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d068ac, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d068dc, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06918, puLen=0xd7e790) returned 1
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.356] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0696c, puLen=0xd7e784) returned 1
[0162.356] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.359] VerQueryValueW (in: pBlock=0x2d06558, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d06580, puLen=0xd7e794) returned 1
[0162.359] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0162.360] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0162.360] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.360] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0162.360] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.360] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0162.361] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d08b90 | out: lpData=0x2d08b90) returned 1
[0162.361] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d08f90, puLen=0xd7e810) returned 1
[0162.361] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08c48, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08c9c, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08cdc, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08d44, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08d9c, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08e24, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08e78, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08ed0, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08f00, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08f3c, puLen=0xd7e790) returned 1
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d08f90, puLen=0xd7e784) returned 1
[0162.362] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.362] VerQueryValueW (in: pBlock=0x2d08b90, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d08bb8, puLen=0xd7e794) returned 1
[0162.363] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0162.363] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0162.363] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.363] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0162.363] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.363] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0162.364] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d0b2cc | out: lpData=0x2d0b2cc) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0b694, puLen=0xd7e810) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b384, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b3d8, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b418, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b480, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b4bc, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b544, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b57c, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b5d4, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b604, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b640, puLen=0xd7e790) returned 1
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0b694, puLen=0xd7e784) returned 1
[0162.365] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.365] VerQueryValueW (in: pBlock=0x2d0b2cc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0b2f4, puLen=0xd7e794) returned 1
[0162.366] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0162.366] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0162.366] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.366] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0162.366] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.366] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0162.367] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d0e934 | out: lpData=0x2d0e934) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0ed14, puLen=0xd7e810) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0e9ec, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ea40, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ea80, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0eae0, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0eb2c, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ebb4, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ebfc, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ec54, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ec84, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ecc0, puLen=0xd7e790) returned 1
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0ed14, puLen=0xd7e784) returned 1
[0162.368] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.368] VerQueryValueW (in: pBlock=0x2d0e934, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0e95c, puLen=0xd7e794) returned 1
[0162.369] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0162.369] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0162.369] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.369] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0162.369] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.369] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0162.370] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d11154 | out: lpData=0x2d11154) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d11560, puLen=0xd7e810) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1120c, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11260, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d112b4, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11314, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1136c, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d113f4, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d11448, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d114a0, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d114d0, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1150c, puLen=0xd7e790) returned 1
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d11560, puLen=0xd7e784) returned 1
[0162.371] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.371] VerQueryValueW (in: pBlock=0x2d11154, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d1117c, puLen=0xd7e794) returned 1
[0162.372] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0162.372] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0162.372] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.372] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0162.373] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.373] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0162.373] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d13968 | out: lpData=0x2d13968) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d13d40, puLen=0xd7e810) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13a20, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13a74, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13ab4, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13b1c, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13b60, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13be8, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13c28, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13c80, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13cb0, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d13cec, puLen=0xd7e790) returned 1
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d13d40, puLen=0xd7e784) returned 1
[0162.374] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.374] VerQueryValueW (in: pBlock=0x2d13968, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d13990, puLen=0xd7e794) returned 1
[0162.375] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0162.375] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0162.375] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.375] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0162.375] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.375] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0162.376] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d15ec0 | out: lpData=0x2d15ec0) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d16298, puLen=0xd7e810) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d15f78, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d15fcc, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1600c, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16074, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d160b8, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16140, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16180, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d161d8, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16208, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16244, puLen=0xd7e790) returned 1
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.377] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d16298, puLen=0xd7e784) returned 1
[0162.377] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.378] VerQueryValueW (in: pBlock=0x2d15ec0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d15ee8, puLen=0xd7e794) returned 1
[0162.378] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0162.378] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0162.378] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0162.378] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0162.378] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0162.378] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0162.379] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d185f8 | out: lpData=0x2d185f8) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d18a28, puLen=0xd7e810) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d186b0, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18704, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18774, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d187d4, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18830, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d188b8, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18910, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18968, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18998, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d189d4, puLen=0xd7e790) returned 1
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d18a28, puLen=0xd7e784) returned 1
[0162.380] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0162.380] VerQueryValueW (in: pBlock=0x2d185f8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d18620, puLen=0xd7e794) returned 1
[0162.381] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0162.381] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.381] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0162.381] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.382] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.382] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902d8
[0162.382] SetWindowLongW (hWnd=0x902d8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0162.382] GetWindowLongW (hWnd=0x902d8, nIndex=-4) returned 1950089536
[0162.383] SetWindowLongW (hWnd=0x902d8, nIndex=-4, dwNewLong=19941430) returned 1950089536
[0162.383] GetWindowLongW (hWnd=0x902d8, nIndex=-4) returned 19941430
[0162.383] GetWindowLongW (hWnd=0x902d8, nIndex=-16) returned 113311744
[0162.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0162.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0162.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0162.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0162.384] GetClientRect (in: hWnd=0x902d8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0162.384] GetWindowRect (in: hWnd=0x902d8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0162.384] SetWindowTextW (hWnd=0x902d8, lpString="WindowsFormsParkingWindow") returned 1
[0162.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0xc, wParam=0x0, lParam=0x2cddb18) returned 0x1
[0162.385] GetParent (hWnd=0x902d8) returned 0x0
[0162.385] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.385] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x902d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x5005a
[0162.385] SetWindowLongW (hWnd=0x5005a, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0162.385] GetWindowLongW (hWnd=0x5005a, nIndex=-4) returned 1868147648
[0162.386] SetWindowLongW (hWnd=0x5005a, nIndex=-4, dwNewLong=19941470) returned 1868147648
[0162.386] GetWindowLongW (hWnd=0x5005a, nIndex=-4) returned 19941470
[0162.386] GetWindowLongW (hWnd=0x5005a, nIndex=-16) returned 1174405133
[0162.386] GetWindowLongW (hWnd=0x5005a, nIndex=-12) returned 0
[0162.386] SetWindowLongW (hWnd=0x5005a, nIndex=-12, dwNewLong=327770) returned 0
[0162.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0162.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0162.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0162.387] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0162.387] GetWindowRect (in: hWnd=0x5005a, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0162.387] GetParent (hWnd=0x5005a) returned 0x902d8
[0162.387] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0162.388] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0162.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0162.389] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0162.389] GetWindowRect (in: hWnd=0x5005a, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0162.389] GetParent (hWnd=0x5005a) returned 0x902d8
[0162.389] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0162.389] SendMessageW (hWnd=0x5005a, Msg=0x2210, wParam=0x5a0001, lParam=0x5005a) returned 0x0
[0162.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x2210, wParam=0x5a0001, lParam=0x5005a) returned 0x0
[0162.389] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.389] GetParent (hWnd=0x5005a) returned 0x902d8
[0162.389] GdipCreateFromHWND (hwnd=0x5005a, graphics=0xd7e844) returned 0x0
[0162.389] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0162.390] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.390] GetForegroundWindow () returned 0x7005c
[0162.390] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.391] GetSystemMetrics (nIndex=42) returned 0
[0162.391] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0162.391] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.391] GetSystemMetrics (nIndex=42) returned 0
[0162.391] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0162.391] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.391] GetCursorPos (in: lpPoint=0x2d1ca7c | out: lpPoint=0x2d1ca7c*(x=243, y=622)) returned 1
[0162.391] MonitorFromPoint (pt=0xf3, dwFlags=0x26e) returned 0x10001
[0162.391] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0162.391] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x98010781
[0162.392] GetDeviceCaps (hdc=0x98010781, index=12) returned 32
[0162.392] GetDeviceCaps (hdc=0x98010781, index=14) returned 1
[0162.392] DeleteDC (hdc=0x98010781) returned 1
[0162.392] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0162.392] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0162.392] GetSystemMetrics (nIndex=59) returned 1460
[0162.392] GetSystemMetrics (nIndex=60) returned 920
[0162.392] GetSystemMetrics (nIndex=34) returned 136
[0162.392] GetSystemMetrics (nIndex=35) returned 39
[0162.392] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.392] GetCursorPos (in: lpPoint=0x2d1cce8 | out: lpPoint=0x2d1cce8*(x=243, y=622)) returned 1
[0162.392] MonitorFromPoint (pt=0xf3, dwFlags=0x26e) returned 0x10001
[0162.392] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0162.393] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x99010781
[0162.393] GetDeviceCaps (hdc=0x99010781, index=12) returned 32
[0162.393] GetDeviceCaps (hdc=0x99010781, index=14) returned 1
[0162.393] DeleteDC (hdc=0x99010781) returned 1
[0162.393] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0162.393] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0162.393] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.393] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0162.393] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d1cf80 | out: piconinfo=0x2d1cf80) returned 1
[0162.394] GetObjectW (in: h=0x640507d0, c=24, pv=0x2d1cf9c | out: pv=0x2d1cf9c) returned 24
[0162.394] GdipCreateBitmapFromHBITMAP (hbm=0x640507d0, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0162.394] GdipGetImageWidth (image=0x663f8e8, width=0xd7e750) returned 0x0
[0162.394] GdipGetImageHeight (image=0x663f8e8, height=0xd7e748) returned 0x0
[0162.394] GdipGetImagePixelFormat (image=0x663f8e8, format=0xd7e740) returned 0x0
[0162.394] GdipBitmapLockBits (bitmap=0x663f8e8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d1d054) returned 0x0
[0162.394] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0162.394] GdipBitmapLockBits (bitmap=0x663ebc8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d1d08c) returned 0x0
[0162.394] RtlMoveMemory (in: Destination=0x6642bb0, Source=0x664ad58, Length=0x80 | out: Destination=0x6642bb0)
[0162.394] RtlMoveMemory (in: Destination=0x6642c30, Source=0x664acd8, Length=0x80 | out: Destination=0x6642c30)
[0162.394] RtlMoveMemory (in: Destination=0x6642cb0, Source=0x664ac58, Length=0x80 | out: Destination=0x6642cb0)
[0162.395] RtlMoveMemory (in: Destination=0x6642d30, Source=0x664abd8, Length=0x80 | out: Destination=0x6642d30)
[0162.395] RtlMoveMemory (in: Destination=0x6642db0, Source=0x664ab58, Length=0x80 | out: Destination=0x6642db0)
[0162.395] RtlMoveMemory (in: Destination=0x6642e30, Source=0x664aad8, Length=0x80 | out: Destination=0x6642e30)
[0162.395] RtlMoveMemory (in: Destination=0x6642eb0, Source=0x664aa58, Length=0x80 | out: Destination=0x6642eb0)
[0162.395] RtlMoveMemory (in: Destination=0x6642f30, Source=0x664a9d8, Length=0x80 | out: Destination=0x6642f30)
[0162.395] RtlMoveMemory (in: Destination=0x6642fb0, Source=0x664a958, Length=0x80 | out: Destination=0x6642fb0)
[0162.395] RtlMoveMemory (in: Destination=0x6643030, Source=0x664a8d8, Length=0x80 | out: Destination=0x6643030)
[0162.395] RtlMoveMemory (in: Destination=0x66430b0, Source=0x664a858, Length=0x80 | out: Destination=0x66430b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643130, Source=0x664a7d8, Length=0x80 | out: Destination=0x6643130)
[0162.395] RtlMoveMemory (in: Destination=0x66431b0, Source=0x664a758, Length=0x80 | out: Destination=0x66431b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643230, Source=0x664a6d8, Length=0x80 | out: Destination=0x6643230)
[0162.395] RtlMoveMemory (in: Destination=0x66432b0, Source=0x664a658, Length=0x80 | out: Destination=0x66432b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643330, Source=0x664a5d8, Length=0x80 | out: Destination=0x6643330)
[0162.395] RtlMoveMemory (in: Destination=0x66433b0, Source=0x664a558, Length=0x80 | out: Destination=0x66433b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643430, Source=0x664a4d8, Length=0x80 | out: Destination=0x6643430)
[0162.395] RtlMoveMemory (in: Destination=0x66434b0, Source=0x664a458, Length=0x80 | out: Destination=0x66434b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643530, Source=0x664a3d8, Length=0x80 | out: Destination=0x6643530)
[0162.395] RtlMoveMemory (in: Destination=0x66435b0, Source=0x664a358, Length=0x80 | out: Destination=0x66435b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643630, Source=0x664a2d8, Length=0x80 | out: Destination=0x6643630)
[0162.395] RtlMoveMemory (in: Destination=0x66436b0, Source=0x664a258, Length=0x80 | out: Destination=0x66436b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643730, Source=0x664a1d8, Length=0x80 | out: Destination=0x6643730)
[0162.395] RtlMoveMemory (in: Destination=0x66437b0, Source=0x664a158, Length=0x80 | out: Destination=0x66437b0)
[0162.395] RtlMoveMemory (in: Destination=0x6643830, Source=0x664a0d8, Length=0x80 | out: Destination=0x6643830)
[0162.395] RtlMoveMemory (in: Destination=0x66438b0, Source=0x664a058, Length=0x80 | out: Destination=0x66438b0)
[0162.396] RtlMoveMemory (in: Destination=0x6643930, Source=0x6649fd8, Length=0x80 | out: Destination=0x6643930)
[0162.396] RtlMoveMemory (in: Destination=0x66439b0, Source=0x6649f58, Length=0x80 | out: Destination=0x66439b0)
[0162.396] RtlMoveMemory (in: Destination=0x6643a30, Source=0x6649ed8, Length=0x80 | out: Destination=0x6643a30)
[0162.396] RtlMoveMemory (in: Destination=0x6643ab0, Source=0x6649e58, Length=0x80 | out: Destination=0x6643ab0)
[0162.396] RtlMoveMemory (in: Destination=0x6643b30, Source=0x6649dd8, Length=0x80 | out: Destination=0x6643b30)
[0162.396] GdipBitmapUnlockBits (bitmap=0x663f8e8, lockedBitmapData=0x2d1d054) returned 0x0
[0162.396] GdipBitmapUnlockBits (bitmap=0x663ebc8, lockedBitmapData=0x2d1d08c) returned 0x0
[0162.396] GdipDisposeImage (image=0x663f8e8) returned 0x0
[0162.396] DeleteObject (ho=0x640507d0) returned 1
[0162.396] DeleteObject (ho=0x9a050781) returned 1
[0162.396] GetCurrentThreadId () returned 0xf50
[0162.396] GetCurrentThreadId () returned 0xf50
[0162.396] SetWindowPos (hWnd=0x5005a, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0162.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0162.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0162.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0162.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0162.397] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0162.397] GetWindowRect (in: hWnd=0x5005a, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0162.397] GetParent (hWnd=0x5005a) returned 0x902d8
[0162.397] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0162.397] InvalidateRect (hWnd=0x5005a, lpRect=0x0, bErase=1) returned 1
[0162.397] GetWindowTextLengthW (hWnd=0x5005a) returned 0
[0162.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0162.397] GetSystemMetrics (nIndex=42) returned 0
[0162.397] GetWindowTextW (in: hWnd=0x5005a, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0162.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0162.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0162.397] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0162.397] GetWindowRect (in: hWnd=0x5005a, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0162.397] GetParent (hWnd=0x5005a) returned 0x902d8
[0162.397] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0162.397] GetWindowTextLengthW (hWnd=0x5005a) returned 0
[0162.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0162.397] GetSystemMetrics (nIndex=42) returned 0
[0162.397] GetWindowTextW (in: hWnd=0x5005a, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0162.398] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0162.398] GetWindowTextLengthW (hWnd=0x5005a) returned 0
[0162.398] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0162.398] GetSystemMetrics (nIndex=42) returned 0
[0162.398] GetWindowTextW (in: hWnd=0x5005a, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0162.398] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0162.398] SetWindowTextW (hWnd=0x5005a, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0162.398] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xc, wParam=0x0, lParam=0x2cfdee8) returned 0x1
[0162.398] InvalidateRect (hWnd=0x5005a, lpRect=0x0, bErase=1) returned 1
[0162.398] GetCurrentThreadId () returned 0xf50
[0162.398] GetWindowThreadProcessId (in: hWnd=0x5005a, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0162.398] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0162.399] GdipImageForceValidation (image=0x663f8e8) returned 0x0
[0162.400] GdipGetImageRawFormat (image=0x663f8e8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0162.400] GdipGetImageHeight (image=0x663f8e8, height=0xd7e824) returned 0x0
[0162.400] GdipGetImageWidth (image=0x663f8e8, width=0xd7e824) returned 0x0
[0162.401] GdipGetImageWidth (image=0x663f8e8, width=0xd7e810) returned 0x0
[0162.401] GdipGetImageHeight (image=0x663f8e8, height=0xd7e810) returned 0x0
[0162.401] GdipGetImageWidth (image=0x663f8e8, width=0xd7e800) returned 0x0
[0162.401] GdipGetImageHeight (image=0x663f8e8, height=0xd7e800) returned 0x0
[0162.401] GdipBitmapGetPixel (bitmap=0x663f8e8, x=0, y=15, color=0xd7e810) returned 0x0
[0162.401] GdipGetImageRawFormat (image=0x663f8e8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0162.401] GdipGetImageWidth (image=0x663f8e8, width=0xd7e740) returned 0x0
[0162.401] GdipGetImageHeight (image=0x663f8e8, height=0xd7e740) returned 0x0
[0162.401] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0162.401] GdipGetImagePixelFormat (image=0x663f258, format=0xd7e740) returned 0x0
[0162.401] GdipGetImageGraphicsContext (image=0x663f258, graphics=0xd7e74c) returned 0x0
[0162.401] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0162.401] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0162.401] GdipSetImageAttributesColorKeys (imageattr=0x6638c98, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0162.401] GdipDrawImageRectRectI (graphics=0x6600030, image=0x663f8e8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c98, callback=0x0, callbackData=0x0) returned 0x0
[0162.401] GdipDisposeImageAttributes (imageattr=0x6638c98) returned 0x0
[0162.401] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.401] GdipDisposeImage (image=0x663f8e8) returned 0x0
[0162.402] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0162.403] GdipImageForceValidation (image=0x663f8e8) returned 0x0
[0162.404] GdipGetImageRawFormat (image=0x663f8e8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0162.404] GdipGetImageHeight (image=0x663f8e8, height=0xd7e824) returned 0x0
[0162.404] GdipGetImageWidth (image=0x663f8e8, width=0xd7e824) returned 0x0
[0162.404] GdipGetImageWidth (image=0x663f8e8, width=0xd7e810) returned 0x0
[0162.404] GdipGetImageHeight (image=0x663f8e8, height=0xd7e810) returned 0x0
[0162.404] GdipGetImageWidth (image=0x663f8e8, width=0xd7e800) returned 0x0
[0162.404] GdipGetImageHeight (image=0x663f8e8, height=0xd7e800) returned 0x0
[0162.404] GdipBitmapGetPixel (bitmap=0x663f8e8, x=0, y=15, color=0xd7e810) returned 0x0
[0162.404] GdipGetImageRawFormat (image=0x663f8e8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0162.404] GdipGetImageWidth (image=0x663f8e8, width=0xd7e740) returned 0x0
[0162.404] GdipGetImageHeight (image=0x663f8e8, height=0xd7e740) returned 0x0
[0162.404] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0162.404] GdipGetImagePixelFormat (image=0x6601360, format=0xd7e740) returned 0x0
[0162.404] GdipGetImageGraphicsContext (image=0x6601360, graphics=0xd7e74c) returned 0x0
[0162.405] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0162.405] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0162.405] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0162.405] GdipDrawImageRectRectI (graphics=0x6600030, image=0x663f8e8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0162.405] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0162.405] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.405] GdipDisposeImage (image=0x663f8e8) returned 0x0
[0162.405] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.405] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0162.405] GetCurrentThreadId () returned 0xf50
[0162.405] GetCurrentThreadId () returned 0xf50
[0162.406] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.406] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0162.406] GetCurrentThreadId () returned 0xf50
[0162.406] GetCurrentThreadId () returned 0xf50
[0162.406] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.406] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0162.406] GetCurrentThreadId () returned 0xf50
[0162.406] GetCurrentThreadId () returned 0xf50
[0162.406] GetSystemMetrics (nIndex=5) returned 1
[0162.406] GetSystemMetrics (nIndex=6) returned 1
[0162.406] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.406] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0162.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.407] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0162.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.407] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0162.407] GetCurrentThreadId () returned 0xf50
[0162.407] GetCurrentThreadId () returned 0xf50
[0162.407] GetProcessWindowStation () returned 0x13c
[0162.407] GetCapture () returned 0x0
[0162.407] GetActiveWindow () returned 0x7005c
[0162.407] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0162.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.407] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0162.408] GetCursorPos (in: lpPoint=0x2d1e1cc | out: lpPoint=0x2d1e1cc*(x=243, y=622)) returned 1
[0162.408] MonitorFromPoint (pt=0xf2, dwFlags=0x271) returned 0x10001
[0162.408] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0162.408] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9b010781
[0162.408] GetDeviceCaps (hdc=0x9b010781, index=12) returned 32
[0162.408] GetDeviceCaps (hdc=0x9b010781, index=14) returned 1
[0162.408] DeleteDC (hdc=0x9b010781) returned 1
[0162.408] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0162.408] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.408] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa00ea
[0162.409] SetWindowLongW (hWnd=0xa00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0162.409] GetWindowLongW (hWnd=0xa00ea, nIndex=-4) returned 1950089536
[0162.409] SetWindowLongW (hWnd=0xa00ea, nIndex=-4, dwNewLong=19940670) returned 1950089536
[0162.409] GetWindowLongW (hWnd=0xa00ea, nIndex=-4) returned 19940670
[0162.409] GetWindowLongW (hWnd=0xa00ea, nIndex=-16) returned 113770496
[0162.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0162.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0162.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0162.411] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0162.411] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0162.411] SetWindowTextW (hWnd=0xa00ea, lpString="BB ransomware") returned 1
[0162.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xc, wParam=0x0, lParam=0x2d1c968) returned 0x1
[0162.413] GetStartupInfoW (in: lpStartupInfo=0x2d1e508 | out: lpStartupInfo=0x2d1e508*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0162.416] GetParent (hWnd=0xa00ea) returned 0x0
[0162.416] SetWindowLongW (hWnd=0xa00ea, nIndex=-8, dwNewLong=0) returned 0
[0162.417] SendMessageW (hWnd=0xa00ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0162.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0162.417] SendMessageW (hWnd=0xa00ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0162.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0162.417] GetSystemMenu (hWnd=0xa00ea, bRevert=0) returned 0x1e008f
[0162.418] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0162.418] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0162.418] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0162.418] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0162.418] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0162.418] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0162.418] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0162.418] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0162.418] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0162.418] SetWindowPos (hWnd=0xa00ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0162.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0162.419] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0xa00ea) returned 0x1
[0162.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0162.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0162.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.425] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0xa00ea, lParam=0x0) returned 0x0
[0162.426] GetCapture () returned 0x0
[0162.426] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0162.427] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0162.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0162.429] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0162.429] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0162.430] GetParent (hWnd=0xa00ea) returned 0x0
[0162.430] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0162.432] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0162.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0162.432] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0162.432] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0162.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.434] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.434] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.444] GetWindowLongW (hWnd=0xa00ea, nIndex=-16) returned 113770496
[0162.444] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.444] GetSystemMetrics (nIndex=42) returned 0
[0162.444] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0162.444] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.444] GetSystemMetrics (nIndex=42) returned 0
[0162.444] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0162.445] GetCursorPos (in: lpPoint=0x2d1e744 | out: lpPoint=0x2d1e744*(x=243, y=622)) returned 1
[0162.445] MonitorFromPoint (pt=0xf3, dwFlags=0x26e) returned 0x10001
[0162.445] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0162.445] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xbd01065e
[0162.445] GetDeviceCaps (hdc=0xbd01065e, index=12) returned 32
[0162.445] GetDeviceCaps (hdc=0xbd01065e, index=14) returned 1
[0162.445] DeleteDC (hdc=0xbd01065e) returned 1
[0162.445] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0162.445] GetWindowLongW (hWnd=0xa00ea, nIndex=-16) returned 113770496
[0162.445] GetWindowLongW (hWnd=0xa00ea, nIndex=-20) returned 327945
[0162.445] SetWindowLongW (hWnd=0xa00ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0162.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0162.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0162.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.447] SetWindowLongW (hWnd=0xa00ea, nIndex=-20, dwNewLong=327681) returned 327945
[0162.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0162.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0162.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.449] SetWindowPos (hWnd=0xa00ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0162.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0162.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0162.450] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0162.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0162.450] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0162.450] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0162.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.459] RedrawWindow (hWnd=0xa00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0162.459] GetSystemMenu (hWnd=0xa00ea, bRevert=0) returned 0x1e008f
[0162.459] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0162.459] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0162.459] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0162.459] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0162.459] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0162.459] EnableMenuItem (hMenu=0x1e008f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0162.459] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0162.459] GetWindowLongW (hWnd=0xa00ea, nIndex=-8) returned 0
[0162.459] SetWindowLongW (hWnd=0xa00ea, nIndex=-8, dwNewLong=458844) returned 0
[0162.460] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0162.460] GetProcessWindowStation () returned 0x13c
[0162.460] GetCurrentThreadId () returned 0xf50
[0162.461] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304606, lParam=0x0) returned 1
[0162.461] IsWindowVisible (hWnd=0xa00ea) returned 0
[0162.461] IsWindowVisible (hWnd=0x7005c) returned 1
[0162.461] IsWindowEnabled (hWnd=0x7005c) returned 1
[0162.461] IsWindowVisible (hWnd=0x300ec) returned 0
[0162.461] IsWindowVisible (hWnd=0x502c6) returned 0
[0162.461] IsWindowVisible (hWnd=0x502be) returned 0
[0162.461] GetActiveWindow () returned 0xa00ea
[0162.461] GetFocus () returned 0xa00ea
[0162.461] IsWindow (hWnd=0x7005c) returned 1
[0162.461] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0162.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0162.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0162.462] GetWindowLongW (hWnd=0xa00ea, nIndex=-8) returned 458844
[0162.462] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0162.462] GetCurrentThreadId () returned 0xf50
[0162.462] GetWindowLongW (hWnd=0xa00ea, nIndex=-8) returned 458844
[0162.462] IsWindowEnabled (hWnd=0x7005c) returned 0
[0162.462] IsWindowEnabled (hWnd=0xa00ea) returned 1
[0162.462] ShowWindow (hWnd=0xa00ea, nCmdShow=5) returned 0
[0162.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.462] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0162.463] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.463] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.463] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0xa00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x702da
[0162.463] SetWindowLongW (hWnd=0x702da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0162.463] GetWindowLongW (hWnd=0x702da, nIndex=-4) returned 1950089536
[0162.464] SetWindowLongW (hWnd=0x702da, nIndex=-4, dwNewLong=19942150) returned 1950089536
[0162.464] GetWindowLongW (hWnd=0x702da, nIndex=-4) returned 19942150
[0162.464] GetWindowLongW (hWnd=0x702da, nIndex=-16) returned 1174405120
[0162.464] GetWindowLongW (hWnd=0x702da, nIndex=-12) returned 0
[0162.464] SetWindowLongW (hWnd=0x702da, nIndex=-12, dwNewLong=459482) returned 0
[0162.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0162.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0162.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0162.464] GetWindow (hWnd=0x702da, uCmd=0x3) returned 0x0
[0162.464] GetClientRect (in: hWnd=0x702da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0162.464] GetWindowRect (in: hWnd=0x702da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0162.464] GetParent (hWnd=0x702da) returned 0xa00ea
[0162.464] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0162.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0162.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0162.465] GetClientRect (in: hWnd=0x702da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0162.465] GetWindowRect (in: hWnd=0x702da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0162.465] GetParent (hWnd=0x702da) returned 0xa00ea
[0162.465] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0162.465] SendMessageW (hWnd=0x702da, Msg=0x2210, wParam=0x2da0001, lParam=0x702da) returned 0x0
[0162.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x2210, wParam=0x2da0001, lParam=0x702da) returned 0x0
[0162.466] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.466] GetParent (hWnd=0x702da) returned 0xa00ea
[0162.466] GetParent (hWnd=0x5005a) returned 0x902d8
[0162.466] SetParent (hWndChild=0x5005a, hWndNewParent=0xa00ea) returned 0x902d8
[0162.466] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0162.467] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0162.467] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0162.467] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0162.467] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0162.467] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0162.467] GetWindowRect (in: hWnd=0x5005a, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0162.467] GetParent (hWnd=0x5005a) returned 0xa00ea
[0162.467] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0162.467] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0162.467] GetWindowRect (in: hWnd=0x5005a, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0162.467] GetParent (hWnd=0x5005a) returned 0xa00ea
[0162.467] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0162.467] GetParent (hWnd=0x5005a) returned 0xa00ea
[0162.467] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.467] GetWindow (hWnd=0x5005a, uCmd=0x3) returned 0x0
[0162.467] SetWindowPos (hWnd=0x5005a, hWndInsertAfter=0x702da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0162.468] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0162.468] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0162.468] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0162.468] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0162.468] GetWindowRect (in: hWnd=0x5005a, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0162.468] GetParent (hWnd=0x5005a) returned 0xa00ea
[0162.468] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0162.468] GetParent (hWnd=0x5005a) returned 0xa00ea
[0162.468] GetWindow (hWnd=0x5005a, uCmd=0x3) returned 0x702da
[0162.468] GetWindowThreadProcessId (in: hWnd=0x5005a, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0162.468] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0162.469] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.469] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.469] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0xa00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x9013e
[0162.469] SetWindowLongW (hWnd=0x9013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0162.470] GetWindowLongW (hWnd=0x9013e, nIndex=-4) returned 1868032000
[0162.470] SetWindowLongW (hWnd=0x9013e, nIndex=-4, dwNewLong=19941790) returned 1868032000
[0162.470] GetWindowLongW (hWnd=0x9013e, nIndex=-4) returned 19941790
[0162.470] GetWindowLongW (hWnd=0x9013e, nIndex=-16) returned 1174470667
[0162.470] GetWindowLongW (hWnd=0x9013e, nIndex=-12) returned 0
[0162.470] SetWindowLongW (hWnd=0x9013e, nIndex=-12, dwNewLong=590142) returned 0
[0162.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0162.471] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0162.471] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0162.471] SendMessageW (hWnd=0x9013e, Msg=0x2055, wParam=0x9013e, lParam=0x3) returned 0x2
[0162.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0162.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0162.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0162.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0162.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0162.472] RedrawWindow (hWnd=0x702da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0162.472] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0162.472] RedrawWindow (hWnd=0x5005a, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0162.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0162.472] RedrawWindow (hWnd=0x9013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0162.472] RedrawWindow (hWnd=0xa00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0162.472] GetWindow (hWnd=0x9013e, uCmd=0x3) returned 0x5005a
[0162.472] GetClientRect (in: hWnd=0x9013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0162.472] GetWindowRect (in: hWnd=0x9013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0162.472] GetParent (hWnd=0x9013e) returned 0xa00ea
[0162.473] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0162.473] SetWindowTextW (hWnd=0x9013e, lpString="&Details") returned 1
[0162.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0162.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0162.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0162.473] GetClientRect (in: hWnd=0x9013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0162.473] GetWindowRect (in: hWnd=0x9013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0162.473] GetParent (hWnd=0x9013e) returned 0xa00ea
[0162.473] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0162.473] SendMessageW (hWnd=0x9013e, Msg=0x2210, wParam=0x13e0001, lParam=0x9013e) returned 0x0
[0162.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x2210, wParam=0x13e0001, lParam=0x9013e) returned 0x0
[0162.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.474] GetParent (hWnd=0x9013e) returned 0xa00ea
[0162.474] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0162.474] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.474] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.474] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0xa00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x702de
[0162.475] SetWindowLongW (hWnd=0x702de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0162.475] GetWindowLongW (hWnd=0x702de, nIndex=-4) returned 1868032000
[0162.475] SetWindowLongW (hWnd=0x702de, nIndex=-4, dwNewLong=19941750) returned 1868032000
[0162.475] GetWindowLongW (hWnd=0x702de, nIndex=-4) returned 19941750
[0162.475] GetWindowLongW (hWnd=0x702de, nIndex=-16) returned 1174470667
[0162.475] GetWindowLongW (hWnd=0x702de, nIndex=-12) returned 0
[0162.475] SetWindowLongW (hWnd=0x702de, nIndex=-12, dwNewLong=459486) returned 0
[0162.475] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0162.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0162.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0162.477] SendMessageW (hWnd=0x702de, Msg=0x2055, wParam=0x702de, lParam=0x3) returned 0x2
[0162.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0162.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0162.477] GetWindow (hWnd=0x702de, uCmd=0x3) returned 0x9013e
[0162.477] GetClientRect (in: hWnd=0x702de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0162.477] GetWindowRect (in: hWnd=0x702de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0162.477] GetParent (hWnd=0x702de) returned 0xa00ea
[0162.477] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0162.478] SetWindowTextW (hWnd=0x702de, lpString="&Continue") returned 1
[0162.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0162.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0162.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0162.478] GetClientRect (in: hWnd=0x702de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0162.478] GetWindowRect (in: hWnd=0x702de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0162.478] GetParent (hWnd=0x702de) returned 0xa00ea
[0162.478] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0162.478] SendMessageW (hWnd=0x702de, Msg=0x2210, wParam=0x2de0001, lParam=0x702de) returned 0x0
[0162.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x2210, wParam=0x2de0001, lParam=0x702de) returned 0x0
[0162.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.479] GetParent (hWnd=0x702de) returned 0xa00ea
[0162.479] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0162.479] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.479] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.479] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0xa00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802d2
[0162.480] SetWindowLongW (hWnd=0x802d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0162.480] GetWindowLongW (hWnd=0x802d2, nIndex=-4) returned 1868032000
[0162.480] SetWindowLongW (hWnd=0x802d2, nIndex=-4, dwNewLong=19942190) returned 1868032000
[0162.480] GetWindowLongW (hWnd=0x802d2, nIndex=-4) returned 19942190
[0162.480] GetWindowLongW (hWnd=0x802d2, nIndex=-16) returned 1174470667
[0162.480] GetWindowLongW (hWnd=0x802d2, nIndex=-12) returned 0
[0162.480] SetWindowLongW (hWnd=0x802d2, nIndex=-12, dwNewLong=525010) returned 0
[0162.481] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0162.481] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0162.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0162.483] SendMessageW (hWnd=0x802d2, Msg=0x2055, wParam=0x802d2, lParam=0x3) returned 0x2
[0162.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0162.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0162.483] GetWindow (hWnd=0x802d2, uCmd=0x3) returned 0x702de
[0162.483] GetClientRect (in: hWnd=0x802d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0162.483] GetWindowRect (in: hWnd=0x802d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0162.483] GetParent (hWnd=0x802d2) returned 0xa00ea
[0162.483] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0162.483] SetWindowTextW (hWnd=0x802d2, lpString="&Quit") returned 1
[0162.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0162.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0162.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0162.484] GetClientRect (in: hWnd=0x802d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0162.484] GetWindowRect (in: hWnd=0x802d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0162.484] GetParent (hWnd=0x802d2) returned 0xa00ea
[0162.484] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0162.484] SendMessageW (hWnd=0x802d2, Msg=0x2210, wParam=0x2d20001, lParam=0x802d2) returned 0x0
[0162.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x2210, wParam=0x2d20001, lParam=0x802d2) returned 0x0
[0162.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.484] GetParent (hWnd=0x802d2) returned 0xa00ea
[0162.484] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0162.484] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.485] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0162.485] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0xa00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x702dc
[0162.485] SetWindowLongW (hWnd=0x702dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0162.485] GetWindowLongW (hWnd=0x702dc, nIndex=-4) returned 1868026976
[0162.486] SetWindowLongW (hWnd=0x702dc, nIndex=-4, dwNewLong=19942030) returned 1868026976
[0162.486] GetWindowLongW (hWnd=0x702dc, nIndex=-4) returned 19942030
[0162.486] GetWindowLongW (hWnd=0x702dc, nIndex=-16) returned 1177553092
[0162.486] GetWindowLongW (hWnd=0x702dc, nIndex=-12) returned 0
[0162.486] SetWindowLongW (hWnd=0x702dc, nIndex=-12, dwNewLong=459484) returned 0
[0162.486] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0162.487] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0162.487] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0162.502] GetWindow (hWnd=0x702dc, uCmd=0x3) returned 0x802d2
[0162.502] GetClientRect (in: hWnd=0x702dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0162.502] GetWindowRect (in: hWnd=0x702dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0162.502] GetParent (hWnd=0x702dc) returned 0xa00ea
[0162.502] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0162.502] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.502] GetSystemMetrics (nIndex=42) returned 0
[0162.502] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0162.503] SendMessageW (hWnd=0x702dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0162.503] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0162.507] SetWindowTextW (hWnd=0x702dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0162.507] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0xc, wParam=0x0, lParam=0x2d1a350) returned 0x1
[0162.508] GetSystemMetrics (nIndex=5) returned 1
[0162.508] GetSystemMetrics (nIndex=6) returned 1
[0162.508] SendMessageW (hWnd=0x702dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0162.508] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0162.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0162.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0162.510] GetClientRect (in: hWnd=0x702dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0162.510] GetWindowRect (in: hWnd=0x702dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0162.510] GetParent (hWnd=0x702dc) returned 0xa00ea
[0162.510] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa00ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0162.510] SendMessageW (hWnd=0x702dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x702dc) returned 0x0
[0162.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x702dc) returned 0x0
[0162.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0162.510] GetParent (hWnd=0x702dc) returned 0xa00ea
[0162.510] GetWindowLongW (hWnd=0xa00ea, nIndex=-8) returned 458844
[0162.510] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0162.510] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0162.510] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc401065e
[0162.510] GetDeviceCaps (hdc=0xc401065e, index=12) returned 32
[0162.510] GetDeviceCaps (hdc=0xc401065e, index=14) returned 1
[0162.511] DeleteDC (hdc=0xc401065e) returned 1
[0162.511] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0162.511] GetWindowThreadProcessId (in: hWnd=0xa00ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0162.511] GetCurrentThreadId () returned 0xf50
[0162.511] PostMessageW (hWnd=0xa00ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0162.511] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.511] GetSystemMetrics (nIndex=42) returned 0
[0162.511] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0162.511] GdipImageGetFrameDimensionsCount (image=0x663ebc8, count=0xd7e25c) returned 0x0
[0162.511] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7808
[0162.511] GdipImageGetFrameDimensionsList (image=0x663ebc8, dimensionIDs=0x11f7808*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0162.511] LocalFree (hMem=0x11f7808) returned 0x0
[0162.511] GdipImageGetFrameDimensionsCount (image=0x663f258, count=0xd7e250) returned 0x0
[0162.511] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7808
[0162.511] GdipImageGetFrameDimensionsList (image=0x663f258, dimensionIDs=0x11f7808*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0162.512] LocalFree (hMem=0x11f7808) returned 0x0
[0162.512] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0162.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0162.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0162.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0162.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.534] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0162.534] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0162.534] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.534] GetSystemMetrics (nIndex=42) returned 0
[0162.534] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0162.534] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0162.534] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0162.534] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0162.534] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0x580507fc
[0162.534] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0162.534] SaveDC (hdc=0xc0107c5) returned 1
[0162.534] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0162.535] CreateSolidBrush (color=0xf0f0f0) returned 0x5c1007e1
[0162.535] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0x5c1007e1) returned 1
[0162.535] DeleteObject (ho=0x5c1007e1) returned 1
[0162.535] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0162.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0162.535] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0162.535] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0162.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0162.536] GetStockObject (i=5) returned 0x900015
[0162.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0162.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0162.536] GetStockObject (i=5) returned 0x900015
[0162.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0162.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0162.536] GetStockObject (i=5) returned 0x900015
[0162.536] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0162.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0162.537] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0162.537] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0162.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0162.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0162.538] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0162.539] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0162.539] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.539] InvalidateRect (hWnd=0x9013e, lpRect=0x0, bErase=0) returned 1
[0162.539] GetFocus () returned 0xa00ea
[0162.539] GetFocus () returned 0xa00ea
[0162.539] SetFocus (hWnd=0x9013e) returned 0xa00ea
[0162.540] GetFocus () returned 0x9013e
[0162.540] IsChild (hWndParent=0xa00ea, hWnd=0x9013e) returned 1
[0162.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x8, wParam=0x9013e, lParam=0x0) returned 0x0
[0162.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0162.542] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0162.543] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x7, wParam=0xa00ea, lParam=0x0) returned 0x0
[0162.543] GetStockObject (i=5) returned 0x900015
[0162.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0162.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0162.545] GetDlgItem (hDlg=0xa00ea, nIDDlgItem=590142) returned 0x9013e
[0162.545] SendMessageW (hWnd=0x9013e, Msg=0x202b, wParam=0x9013e, lParam=0xd7e0dc) returned 0x0
[0162.545] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x202b, wParam=0x9013e, lParam=0xd7e0dc) returned 0x0
[0162.545] InvalidateRect (hWnd=0x9013e, lpRect=0x0, bErase=0) returned 1
[0162.547] GetFocus () returned 0x9013e
[0162.547] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.547] IsWindowUnicode (hWnd=0xa00ea) returned 1
[0162.547] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.548] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.548] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0162.548] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.548] IsWindowUnicode (hWnd=0xa00ea) returned 1
[0162.548] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.548] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.548] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.548] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0162.548] IsWindowUnicode (hWnd=0xa00ea) returned 1
[0162.548] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.549] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.549] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.549] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.549] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.549] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.549] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.549] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.549] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0162.549] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0162.549] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.550] IsWindowUnicode (hWnd=0xa00ea) returned 1
[0162.550] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.550] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.550] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.550] BeginPaint (in: hWnd=0xa00ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0162.550] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.550] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.550] GetSystemMetrics (nIndex=42) returned 0
[0162.550] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0162.550] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.551] EndPaint (hWnd=0xa00ea, lpPaint=0xd7e274) returned 1
[0162.551] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.551] IsWindowUnicode (hWnd=0x702da) returned 1
[0162.551] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.551] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.551] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.551] BeginPaint (in: hWnd=0x702da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0162.551] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.552] CreateCompatibleDC (hdc=0xf0105ee) returned 0x610107d8
[0162.552] SelectObject (hdc=0x610107d8, h=0x4a0507fe) returned 0x85000f
[0162.552] GdipCreateFromHDC (hdc=0x610107d8, graphics=0xd7e2b0) returned 0x0
[0162.552] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.552] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0162.552] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0162.552] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0162.552] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e310) returned 0x0
[0162.552] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.552] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0162.552] LocalFree (hMem=0x11ee788) returned 0x0
[0162.552] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0162.552] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0162.552] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0162.552] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e304) returned 0x0
[0162.552] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0162.552] GetWindowTextLengthW (hWnd=0x702da) returned 0
[0162.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0162.552] GetSystemMetrics (nIndex=42) returned 0
[0162.553] GetWindowTextW (in: hWnd=0x702da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0162.553] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0162.553] GetClientRect (in: hWnd=0x702da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0162.553] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0162.553] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0162.553] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0162.553] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0162.553] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e164) returned 0x0
[0162.553] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.553] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0162.553] LocalFree (hMem=0x11ee788) returned 0x0
[0162.553] GdipCombineRegionRegion (region=0x66446b8, region2=0x6644238, combineMode=0x1) returned 0x0
[0162.553] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0162.553] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0162.553] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.553] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0162.553] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0162.553] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0162.553] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0162.553] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0162.553] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0162.553] GetCurrentObject (hdc=0x610107d8, type=0x1) returned 0xb00017
[0162.553] GetCurrentObject (hdc=0x610107d8, type=0x2) returned 0x900010
[0162.554] GetCurrentObject (hdc=0x610107d8, type=0x7) returned 0x4a0507fe
[0162.554] GetCurrentObject (hdc=0x610107d8, type=0x6) returned 0x8a01c2
[0162.554] SaveDC (hdc=0x610107d8) returned 1
[0162.554] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x720407de
[0162.554] GetClipRgn (hdc=0x610107d8, hrgn=0x720407de) returned 0
[0162.554] SelectClipRgn (hdc=0x610107d8, hrgn=0xef040807) returned 2
[0162.554] DeleteObject (ho=0x720407de) returned 1
[0162.554] DeleteObject (ho=0xef040807) returned 1
[0162.554] OffsetViewportOrgEx (in: hdc=0x610107d8, x=0, y=0, lppt=0x2d1feb0 | out: lppt=0x2d1feb0) returned 1
[0162.554] GetNearestColor (hdc=0x610107d8, color=0xf0f0f0) returned 0xf0f0f0
[0162.554] CreateSolidBrush (color=0xf0f0f0) returned 0x5d1007e1
[0162.554] FillRect (hDC=0x610107d8, lprc=0xd7e198, hbr=0x5d1007e1) returned 1
[0162.554] DeleteObject (ho=0x5d1007e1) returned 1
[0162.554] RestoreDC (hdc=0x610107d8, nSavedDC=-1) returned 1
[0162.554] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d8) returned 0x0
[0162.554] GdipRestoreGraphics (graphics=0x6600030, state=0xfcb40dbd) returned 0x0
[0162.554] GdipDeleteRegion (region=0x6644238) returned 0x0
[0162.554] GetWindowTextLengthW (hWnd=0x702da) returned 0
[0162.554] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0162.555] GetSystemMetrics (nIndex=42) returned 0
[0162.555] GetWindowTextW (in: hWnd=0x702da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0162.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0162.555] GdipGetImageWidth (image=0x663ebc8, width=0xd7e1e0) returned 0x0
[0162.555] GdipGetImageHeight (image=0x663ebc8, height=0xd7e1e0) returned 0x0
[0162.555] GdipGetImageWidth (image=0x663ebc8, width=0xd7e1cc) returned 0x0
[0162.555] GdipGetImageHeight (image=0x663ebc8, height=0xd7e1cc) returned 0x0
[0162.555] GdipDrawImageRectI (graphics=0x6600030, image=0x663ebc8, x=16, y=16, width=32, height=32) returned 0x0
[0162.555] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0162.555] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0x610107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0162.555] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d8) returned 0x0
[0162.555] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.555] SelectObject (hdc=0x610107d8, h=0x85000f) returned 0x4a0507fe
[0162.555] DeleteDC (hdc=0x610107d8) returned 1
[0162.555] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.555] EndPaint (hWnd=0x702da, lpPaint=0xd7e294) returned 1
[0162.556] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.556] IsWindowUnicode (hWnd=0x5005a) returned 1
[0162.556] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.556] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.556] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.556] BeginPaint (in: hWnd=0x5005a, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0162.556] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.556] CreateCompatibleDC (hdc=0x60100ce) returned 0x630107d8
[0162.556] GetObjectType (h=0x60100ce) returned 0x3
[0162.556] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0x640507c6
[0162.556] GetDIBits (in: hdc=0x60100ce, hbm=0x640507c6, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0162.556] GetDIBits (in: hdc=0x60100ce, hbm=0x640507c6, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0162.556] DeleteObject (ho=0x640507c6) returned 1
[0162.556] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xcd05065e
[0162.557] SelectObject (hdc=0x630107d8, h=0xcd05065e) returned 0x85000f
[0162.557] GdipCreateFromHDC (hdc=0x630107d8, graphics=0xd7e234) returned 0x0
[0162.557] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.557] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0162.557] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0162.557] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0162.557] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2d4) returned 0x0
[0162.557] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0162.557] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0162.557] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.557] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0162.558] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0162.558] GdipGetClip (graphics=0x6600030, region=0x6644868) returned 0x0
[0162.558] GdipIsInfiniteRegion (region=0x6644868, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0162.558] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0162.558] GetWindowTextLengthW (hWnd=0x5005a) returned 232
[0162.558] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0162.558] GetSystemMetrics (nIndex=42) returned 0
[0162.558] GetWindowTextW (in: hWnd=0x5005a, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0162.558] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0162.558] GetClientRect (in: hWnd=0x5005a, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0162.558] GdipCreateRegion (region=0xd7e110) returned 0x0
[0162.558] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0162.558] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0162.558] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0162.558] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e128) returned 0x0
[0162.558] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0162.558] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0162.558] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.558] GdipCombineRegionRegion (region=0x6644a18, region2=0x6644868, combineMode=0x1) returned 0x0
[0162.559] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0162.559] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0162.559] LocalFree (hMem=0x11eed00) returned 0x0
[0162.559] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0162.559] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e150) returned 0x0
[0162.559] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e140) returned 0x0
[0162.559] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0162.559] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0162.559] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0162.559] GetCurrentObject (hdc=0x630107d8, type=0x1) returned 0xb00017
[0162.559] GetCurrentObject (hdc=0x630107d8, type=0x2) returned 0x900010
[0162.559] GetCurrentObject (hdc=0x630107d8, type=0x7) returned 0xffffffffcd05065e
[0162.559] GetCurrentObject (hdc=0x630107d8, type=0x6) returned 0x8a01c2
[0162.559] SaveDC (hdc=0x630107d8) returned 1
[0162.562] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf0040807
[0162.562] GetClipRgn (hdc=0x630107d8, hrgn=0xf0040807) returned 0
[0162.562] SelectClipRgn (hdc=0x630107d8, hrgn=0x730407de) returned 2
[0162.562] DeleteObject (ho=0xf0040807) returned 1
[0162.562] DeleteObject (ho=0x730407de) returned 1
[0162.562] OffsetViewportOrgEx (in: hdc=0x630107d8, x=0, y=0, lppt=0x2d21878 | out: lppt=0x2d21878) returned 1
[0162.562] GetNearestColor (hdc=0x630107d8, color=0xf0f0f0) returned 0xf0f0f0
[0162.562] CreateSolidBrush (color=0xf0f0f0) returned 0x5e1007e1
[0162.562] FillRect (hDC=0x630107d8, lprc=0xd7e15c, hbr=0x5e1007e1) returned 1
[0162.564] DeleteObject (ho=0x5e1007e1) returned 1
[0162.564] RestoreDC (hdc=0x630107d8, nSavedDC=-1) returned 1
[0162.564] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d8) returned 0x0
[0162.564] GdipRestoreGraphics (graphics=0x6600030, state=0xfcb20dbd) returned 0x0
[0162.564] GdipDeleteRegion (region=0x6644868) returned 0x0
[0162.564] GetWindowTextLengthW (hWnd=0x5005a) returned 232
[0162.564] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0162.564] GetSystemMetrics (nIndex=42) returned 0
[0162.564] GetWindowTextW (in: hWnd=0x5005a, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0162.564] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0162.564] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0162.564] GetCurrentObject (hdc=0x630107d8, type=0x1) returned 0xb00017
[0162.564] GetCurrentObject (hdc=0x630107d8, type=0x2) returned 0x900010
[0162.564] GetCurrentObject (hdc=0x630107d8, type=0x7) returned 0xffffffffcd05065e
[0162.564] GetCurrentObject (hdc=0x630107d8, type=0x6) returned 0x8a01c2
[0162.564] SaveDC (hdc=0x630107d8) returned 1
[0162.565] GetNearestColor (hdc=0x630107d8, color=0x0) returned 0x0
[0162.565] RestoreDC (hdc=0x630107d8, nSavedDC=-1) returned 1
[0162.565] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d8) returned 0x0
[0162.565] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0162.565] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0162.565] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d22074 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0162.566] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0162.566] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0162.566] GetCurrentObject (hdc=0x630107d8, type=0x1) returned 0xb00017
[0162.566] GetCurrentObject (hdc=0x630107d8, type=0x2) returned 0x900010
[0162.566] GetCurrentObject (hdc=0x630107d8, type=0x7) returned 0xffffffffcd05065e
[0162.566] GetCurrentObject (hdc=0x630107d8, type=0x6) returned 0x8a01c2
[0162.566] SaveDC (hdc=0x630107d8) returned 1
[0162.566] GetTextAlign (hdc=0x630107d8) returned 0x0
[0162.566] GetTextColor (hdc=0x630107d8) returned 0x0
[0162.566] GetCurrentObject (hdc=0x630107d8, type=0x6) returned 0x8a01c2
[0162.566] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0162.566] SelectObject (hdc=0x630107d8, h=0x6d0a0520) returned 0x8a01c2
[0162.566] GetBkMode (hdc=0x630107d8) returned 2
[0162.566] SetBkMode (hdc=0x630107d8, mode=1) returned 2
[0162.566] DrawTextExW (in: hdc=0x630107d8, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d22298 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0162.569] RestoreDC (hdc=0x630107d8, nSavedDC=-1) returned 1
[0162.569] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d8) returned 0x0
[0162.569] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0162.569] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0x630107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0162.569] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d8) returned 0x0
[0162.569] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.571] SelectObject (hdc=0x630107d8, h=0x85000f) returned 0xcd05065e
[0162.571] DeleteDC (hdc=0x630107d8) returned 1
[0162.571] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.571] DeleteObject (ho=0xcd05065e) returned 1
[0162.572] EndPaint (hWnd=0x5005a, lpPaint=0xd7e258) returned 1
[0162.572] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.572] IsWindowUnicode (hWnd=0x702de) returned 1
[0162.572] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.572] SetCursor (hCursor=0x10003) returned 0x10003
[0162.572] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.572] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.572] _TrackMouseEvent (in: lpEventTrack=0x2d222d4 | out: lpEventTrack=0x2d222d4) returned 1
[0162.572] SendMessageW (hWnd=0x702de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0162.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0162.572] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.573] GetKeyState (nVirtKey=1) returned 0
[0162.573] GetKeyState (nVirtKey=2) returned 0
[0162.573] GetKeyState (nVirtKey=4) returned 0
[0162.573] GetKeyState (nVirtKey=5) returned 0
[0162.573] GetKeyState (nVirtKey=6) returned 0
[0162.573] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.573] IsWindowUnicode (hWnd=0x9013e) returned 1
[0162.573] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.573] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.573] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.573] BeginPaint (in: hWnd=0x9013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0162.573] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.573] CreateCompatibleDC (hdc=0x10105d6) returned 0x660107c6
[0162.573] SelectObject (hdc=0x660107c6, h=0x4a0507fe) returned 0x85000f
[0162.573] GdipCreateFromHDC (hdc=0x660107c6, graphics=0xd7e268) returned 0x0
[0162.573] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.573] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0162.573] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0162.574] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0162.574] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2c8) returned 0x0
[0162.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0162.574] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eead0) returned 0x0
[0162.574] LocalFree (hMem=0x11eead0) returned 0x0
[0162.574] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0162.574] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0162.574] GdipGetClip (graphics=0x6600030, region=0x66443e8) returned 0x0
[0162.574] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0162.574] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0162.574] GdipRestoreGraphics (graphics=0x6600030, state=0xfcb00dbd) returned 0x0
[0162.574] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0162.574] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0162.574] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0162.574] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0162.574] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0x4a0507fe
[0162.574] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.574] SaveDC (hdc=0x660107c6) returned 1
[0162.574] GetNearestColor (hdc=0x660107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.574] GetNearestColor (hdc=0x660107c6, color=0xa0a0a0) returned 0xa0a0a0
[0162.574] GetNearestColor (hdc=0x660107c6, color=0x696969) returned 0x696969
[0162.575] GetNearestColor (hdc=0x660107c6, color=0xa0a0a0) returned 0xa0a0a0
[0162.575] GetNearestColor (hdc=0x660107c6, color=0x0) returned 0x0
[0162.575] GetNearestColor (hdc=0x660107c6, color=0xffffff) returned 0xffffff
[0162.575] GetNearestColor (hdc=0x660107c6, color=0xe5e5e5) returned 0xe5e5e5
[0162.575] GetNearestColor (hdc=0x660107c6, color=0xd7d7d7) returned 0xd7d7d7
[0162.575] GetNearestColor (hdc=0x660107c6, color=0x0) returned 0x0
[0162.575] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0162.586] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0162.586] IsAppThemed () returned 0x1
[0162.586] GetThemeAppProperties () returned 0x3
[0162.586] GetThemeAppProperties () returned 0x3
[0162.586] GdipGetImageWidth (image=0x663f258, width=0xd7e168) returned 0x0
[0162.586] GdipGetImageHeight (image=0x663f258, height=0xd7e168) returned 0x0
[0162.586] IsAppThemed () returned 0x1
[0162.586] GetThemeAppProperties () returned 0x3
[0162.586] GetThemeAppProperties () returned 0x3
[0162.586] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d22a40 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0162.586] IsAppThemed () returned 0x1
[0162.586] GetThemeAppProperties () returned 0x3
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] IsAppThemed () returned 0x1
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] GetFocus () returned 0x9013e
[0162.587] IsAppThemed () returned 0x1
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] IsAppThemed () returned 0x1
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] IsThemePartDefined () returned 0x1
[0162.587] IsAppThemed () returned 0x1
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0162.587] IsAppThemed () returned 0x1
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] IsAppThemed () returned 0x1
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] GetThemeAppProperties () returned 0x3
[0162.587] IsThemePartDefined () returned 0x1
[0162.587] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0162.587] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0162.588] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0162.588] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0162.588] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0162.588] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0162.588] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0162.588] LocalFree (hMem=0x11eed00) returned 0x0
[0162.588] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.588] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0162.588] LocalFree (hMem=0x11eec58) returned 0x0
[0162.588] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0162.588] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e018) returned 0x0
[0162.588] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e008) returned 0x0
[0162.588] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0162.588] GdipDeleteRegion (region=0x6644238) returned 0x0
[0162.588] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0162.588] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0162.588] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0162.588] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0x4a0507fe
[0162.588] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.588] SaveDC (hdc=0x660107c6) returned 1
[0162.588] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x740407de
[0162.589] GetClipRgn (hdc=0x660107c6, hrgn=0x740407de) returned 0
[0162.589] SelectClipRgn (hdc=0x660107c6, hrgn=0xf4040807) returned 2
[0162.589] DeleteObject (ho=0x740407de) returned 1
[0162.589] DeleteObject (ho=0xf4040807) returned 1
[0162.589] OffsetViewportOrgEx (in: hdc=0x660107c6, x=0, y=0, lppt=0x2d230f0 | out: lppt=0x2d230f0) returned 1
[0162.589] DrawThemeParentBackground () returned 0x0
[0162.589] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0162.589] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0162.589] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.589] GetSystemMetrics (nIndex=42) returned 0
[0162.589] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0162.589] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0162.589] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0162.589] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0162.589] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0x4a0507fe
[0162.589] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.589] SaveDC (hdc=0x660107c6) returned 2
[0162.590] GetNearestColor (hdc=0x660107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.590] CreateSolidBrush (color=0xf0f0f0) returned 0x5f1007e1
[0162.590] FillRect (hDC=0x660107c6, lprc=0xd7da38, hbr=0x5f1007e1) returned 1
[0162.590] DeleteObject (ho=0x5f1007e1) returned 1
[0162.590] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0162.590] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.590] GetSystemMetrics (nIndex=42) returned 0
[0162.590] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0162.590] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0162.590] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0162.590] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0162.590] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0x4a0507fe
[0162.590] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.590] SaveDC (hdc=0x660107c6) returned 2
[0162.590] GetNearestColor (hdc=0x660107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.590] CreateSolidBrush (color=0xf0f0f0) returned 0x601007e1
[0162.590] FillRect (hDC=0x660107c6, lprc=0xd7d9d8, hbr=0x601007e1) returned 1
[0162.590] DeleteObject (ho=0x601007e1) returned 1
[0162.590] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0162.590] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.591] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.591] GetSystemMetrics (nIndex=42) returned 0
[0162.591] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.591] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0162.591] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0162.591] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0162.591] IsAppThemed () returned 0x1
[0162.591] GetThemeAppProperties () returned 0x3
[0162.591] GetThemeAppProperties () returned 0x3
[0162.591] IsAppThemed () returned 0x1
[0162.591] GetThemeAppProperties () returned 0x3
[0162.592] GetThemeAppProperties () returned 0x3
[0162.592] IsThemePartDefined () returned 0x1
[0162.592] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0162.592] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0162.592] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0162.592] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0162.592] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0162.592] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0162.592] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.592] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea60) returned 0x0
[0162.592] LocalFree (hMem=0x11eea60) returned 0x0
[0162.592] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0162.592] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0162.592] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0162.592] GdipGetRegionHRgn (region=0x66447d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0162.592] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0162.592] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0162.592] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0162.592] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0162.592] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0x4a0507fe
[0162.592] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.592] SaveDC (hdc=0x660107c6) returned 1
[0162.592] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf5040807
[0162.592] GetClipRgn (hdc=0x660107c6, hrgn=0xf5040807) returned 0
[0162.593] SelectClipRgn (hdc=0x660107c6, hrgn=0x760407de) returned 2
[0162.593] DeleteObject (ho=0xf5040807) returned 1
[0162.593] DeleteObject (ho=0x760407de) returned 1
[0162.593] OffsetViewportOrgEx (in: hdc=0x660107c6, x=0, y=0, lppt=0x2d2399c | out: lppt=0x2d2399c) returned 1
[0162.593] IsAppThemed () returned 0x1
[0162.593] GetThemeAppProperties () returned 0x3
[0162.593] GetThemeAppProperties () returned 0x3
[0162.593] DrawThemeBackground () returned 0x0
[0162.593] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0162.593] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0162.593] GdipCreateRegion (region=0xd7df60) returned 0x0
[0162.593] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0162.593] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0162.593] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0162.593] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0162.593] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.593] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0162.593] LocalFree (hMem=0x11eec58) returned 0x0
[0162.593] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.593] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0162.593] LocalFree (hMem=0x11eec58) returned 0x0
[0162.593] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0162.594] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0162.594] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df90) returned 0x0
[0162.594] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0162.594] GdipDeleteRegion (region=0x6644238) returned 0x0
[0162.594] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0162.594] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0162.594] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0162.594] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0x4a0507fe
[0162.594] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.594] SaveDC (hdc=0x660107c6) returned 1
[0162.594] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x770407de
[0162.594] GetClipRgn (hdc=0x660107c6, hrgn=0x770407de) returned 0
[0162.594] SelectClipRgn (hdc=0x660107c6, hrgn=0xf6040807) returned 2
[0162.594] DeleteObject (ho=0x770407de) returned 1
[0162.594] DeleteObject (ho=0xf6040807) returned 1
[0162.594] OffsetViewportOrgEx (in: hdc=0x660107c6, x=0, y=0, lppt=0x2d23c70 | out: lppt=0x2d23c70) returned 1
[0162.594] IsAppThemed () returned 0x1
[0162.594] GetThemeAppProperties () returned 0x3
[0162.594] GetThemeAppProperties () returned 0x3
[0162.594] GetThemeBackgroundContentRect () returned 0x0
[0162.594] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0162.594] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0162.595] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0162.595] GdipGetClip (graphics=0x6600030, region=0x6644868) returned 0x0
[0162.595] GdipCloneRegion (region=0x6644868, cloneRegion=0xd7e150) returned 0x0
[0162.595] GdipCombineRegionRectI (region=0x6644e98, rect=0xd7e138, combineMode=0x1) returned 0x0
[0162.595] GdipCombineRegionRectI (region=0x6644e98, rect=0xd7e138, combineMode=0x1) returned 0x0
[0162.595] GdipSetClipRegion (graphics=0x6600030, region=0x6644e98, combineMode=0x0) returned 0x0
[0162.595] GdipGetImageWidth (image=0x663f258, width=0xd7e154) returned 0x0
[0162.595] GdipGetImageHeight (image=0x663f258, height=0xd7e148) returned 0x0
[0162.595] GdipDrawImageRectI (graphics=0x6600030, image=0x663f258, x=4, y=4, width=16, height=16) returned 0x0
[0162.595] GdipSetClipRegion (graphics=0x6600030, region=0x6644868, combineMode=0x0) returned 0x0
[0162.595] IsAppThemed () returned 0x1
[0162.595] GetThemeAppProperties () returned 0x3
[0162.595] GetThemeAppProperties () returned 0x3
[0162.595] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0162.595] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0162.595] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0162.595] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0162.595] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0x4a0507fe
[0162.595] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.595] SaveDC (hdc=0x660107c6) returned 1
[0162.595] GetTextAlign (hdc=0x660107c6) returned 0x0
[0162.595] GetTextColor (hdc=0x660107c6) returned 0x0
[0162.596] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0162.596] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0162.596] SelectObject (hdc=0x660107c6, h=0x6d0a0520) returned 0x8a01c2
[0162.596] GetBkMode (hdc=0x660107c6) returned 2
[0162.596] SetBkMode (hdc=0x660107c6, mode=1) returned 2
[0162.596] DrawTextExW (in: hdc=0x660107c6, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d24030 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0162.596] DrawTextExW (in: hdc=0x660107c6, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d24030 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0162.596] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0162.596] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0162.596] GetFocus () returned 0x9013e
[0162.597] IsAppThemed () returned 0x1
[0162.597] GetThemeAppProperties () returned 0x3
[0162.597] GetThemeAppProperties () returned 0x3
[0162.597] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0162.597] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x660107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0162.597] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0162.597] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.597] SelectObject (hdc=0x660107c6, h=0x85000f) returned 0x4a0507fe
[0162.597] DeleteDC (hdc=0x660107c6) returned 1
[0162.597] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.597] EndPaint (hWnd=0x9013e, lpPaint=0xd7e24c) returned 1
[0162.597] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.597] IsWindowUnicode (hWnd=0x702de) returned 1
[0162.597] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.597] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.597] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.598] BeginPaint (in: hWnd=0x702de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0162.598] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.598] CreateCompatibleDC (hdc=0x107b9) returned 0x680107c6
[0162.598] SelectObject (hdc=0x680107c6, h=0x4a0507fe) returned 0x85000f
[0162.598] GdipCreateFromHDC (hdc=0x680107c6, graphics=0xd7e268) returned 0x0
[0162.598] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.598] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0162.598] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0162.598] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0162.598] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0162.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0162.598] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0162.598] LocalFree (hMem=0x11eecc8) returned 0x0
[0162.598] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0162.598] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0162.598] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0162.598] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0162.598] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0162.599] GdipRestoreGraphics (graphics=0x6600030, state=0xfcae0dbd) returned 0x0
[0162.599] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0162.599] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0162.599] GetCurrentObject (hdc=0x680107c6, type=0x1) returned 0xb00017
[0162.599] GetCurrentObject (hdc=0x680107c6, type=0x2) returned 0x900010
[0162.599] GetCurrentObject (hdc=0x680107c6, type=0x7) returned 0x4a0507fe
[0162.599] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.599] SaveDC (hdc=0x680107c6) returned 1
[0162.599] GetNearestColor (hdc=0x680107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.599] GetNearestColor (hdc=0x680107c6, color=0xa0a0a0) returned 0xa0a0a0
[0162.599] GetNearestColor (hdc=0x680107c6, color=0x696969) returned 0x696969
[0162.599] GetNearestColor (hdc=0x680107c6, color=0xa0a0a0) returned 0xa0a0a0
[0162.599] GetNearestColor (hdc=0x680107c6, color=0x0) returned 0x0
[0162.599] GetNearestColor (hdc=0x680107c6, color=0xffffff) returned 0xffffff
[0162.599] GetNearestColor (hdc=0x680107c6, color=0xe5e5e5) returned 0xe5e5e5
[0162.599] GetNearestColor (hdc=0x680107c6, color=0xd7d7d7) returned 0xd7d7d7
[0162.599] GetNearestColor (hdc=0x680107c6, color=0x0) returned 0x0
[0162.599] RestoreDC (hdc=0x680107c6, nSavedDC=-1) returned 1
[0162.600] GdipReleaseDC (graphics=0x6600030, hdc=0x680107c6) returned 0x0
[0162.600] IsAppThemed () returned 0x1
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0162.600] SendMessageW (hWnd=0xa00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0162.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0162.600] IsAppThemed () returned 0x1
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d24840 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0162.600] IsAppThemed () returned 0x1
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] IsAppThemed () returned 0x1
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] IsAppThemed () returned 0x1
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] GetThemeAppProperties () returned 0x3
[0162.600] IsAppThemed () returned 0x1
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] IsThemePartDefined () returned 0x1
[0162.601] IsAppThemed () returned 0x1
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0162.601] IsAppThemed () returned 0x1
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] IsAppThemed () returned 0x1
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] GetThemeAppProperties () returned 0x3
[0162.601] IsThemePartDefined () returned 0x1
[0162.601] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0162.601] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0162.601] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0162.601] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0162.601] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfe4) returned 0x0
[0162.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0162.601] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0162.601] LocalFree (hMem=0x11eea28) returned 0x0
[0162.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.601] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0162.601] LocalFree (hMem=0x11eec58) returned 0x0
[0162.601] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0162.602] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0162.602] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0162.602] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0162.602] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0162.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0162.602] GetCurrentObject (hdc=0x680107c6, type=0x1) returned 0xb00017
[0162.602] GetCurrentObject (hdc=0x680107c6, type=0x2) returned 0x900010
[0162.602] GetCurrentObject (hdc=0x680107c6, type=0x7) returned 0x4a0507fe
[0162.602] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.602] SaveDC (hdc=0x680107c6) returned 1
[0162.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf7040807
[0162.602] GetClipRgn (hdc=0x680107c6, hrgn=0xf7040807) returned 0
[0162.602] SelectClipRgn (hdc=0x680107c6, hrgn=0x7b0407de) returned 2
[0162.602] DeleteObject (ho=0xf7040807) returned 1
[0162.602] DeleteObject (ho=0x7b0407de) returned 1
[0162.602] OffsetViewportOrgEx (in: hdc=0x680107c6, x=0, y=0, lppt=0x2d24ef0 | out: lppt=0x2d24ef0) returned 1
[0162.602] DrawThemeParentBackground () returned 0x0
[0162.602] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0162.603] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0162.603] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.603] GetSystemMetrics (nIndex=42) returned 0
[0162.603] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0162.603] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0162.603] GetCurrentObject (hdc=0x680107c6, type=0x1) returned 0xb00017
[0162.603] GetCurrentObject (hdc=0x680107c6, type=0x2) returned 0x900010
[0162.603] GetCurrentObject (hdc=0x680107c6, type=0x7) returned 0x4a0507fe
[0162.603] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.603] SaveDC (hdc=0x680107c6) returned 2
[0162.603] GetNearestColor (hdc=0x680107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.603] CreateSolidBrush (color=0xf0f0f0) returned 0x611007e1
[0162.603] FillRect (hDC=0x680107c6, lprc=0xd7da30, hbr=0x611007e1) returned 1
[0162.603] DeleteObject (ho=0x611007e1) returned 1
[0162.603] RestoreDC (hdc=0x680107c6, nSavedDC=-1) returned 1
[0162.603] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.603] GetSystemMetrics (nIndex=42) returned 0
[0162.603] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0162.604] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0162.604] GetCurrentObject (hdc=0x680107c6, type=0x1) returned 0xb00017
[0162.604] GetCurrentObject (hdc=0x680107c6, type=0x2) returned 0x900010
[0162.604] GetCurrentObject (hdc=0x680107c6, type=0x7) returned 0x4a0507fe
[0162.604] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.604] SaveDC (hdc=0x680107c6) returned 2
[0162.604] GetNearestColor (hdc=0x680107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.604] CreateSolidBrush (color=0xf0f0f0) returned 0x621007e1
[0162.604] FillRect (hDC=0x680107c6, lprc=0xd7d9d0, hbr=0x621007e1) returned 1
[0162.604] DeleteObject (ho=0x621007e1) returned 1
[0162.604] RestoreDC (hdc=0x680107c6, nSavedDC=-1) returned 1
[0162.604] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.604] GetSystemMetrics (nIndex=42) returned 0
[0162.604] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0162.604] RestoreDC (hdc=0x680107c6, nSavedDC=-1) returned 1
[0162.604] GdipReleaseDC (graphics=0x6600030, hdc=0x680107c6) returned 0x0
[0162.605] IsAppThemed () returned 0x1
[0162.605] GetThemeAppProperties () returned 0x3
[0162.605] GetThemeAppProperties () returned 0x3
[0162.605] IsAppThemed () returned 0x1
[0162.605] GetThemeAppProperties () returned 0x3
[0162.605] GetThemeAppProperties () returned 0x3
[0162.605] IsThemePartDefined () returned 0x1
[0162.605] GdipCreateRegion (region=0xd7df50) returned 0x0
[0162.605] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0162.605] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0162.605] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0162.605] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df68) returned 0x0
[0162.605] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0162.605] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea98) returned 0x0
[0162.605] LocalFree (hMem=0x11eea98) returned 0x0
[0162.605] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.605] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0162.605] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.605] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0162.605] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df90) returned 0x0
[0162.606] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df80) returned 0x0
[0162.606] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0162.606] GdipDeleteRegion (region=0x6644358) returned 0x0
[0162.606] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0162.606] GetCurrentObject (hdc=0x680107c6, type=0x1) returned 0xb00017
[0162.606] GetCurrentObject (hdc=0x680107c6, type=0x2) returned 0x900010
[0162.606] GetCurrentObject (hdc=0x680107c6, type=0x7) returned 0x4a0507fe
[0162.606] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.606] SaveDC (hdc=0x680107c6) returned 1
[0162.606] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c0407de
[0162.606] GetClipRgn (hdc=0x680107c6, hrgn=0x7c0407de) returned 0
[0162.809] SelectClipRgn (hdc=0x680107c6, hrgn=0xf9040807) returned 2
[0162.809] DeleteObject (ho=0x7c0407de) returned 1
[0162.809] DeleteObject (ho=0xf9040807) returned 1
[0162.809] OffsetViewportOrgEx (in: hdc=0x680107c6, x=0, y=0, lppt=0x2d2579c | out: lppt=0x2d2579c) returned 1
[0162.809] IsAppThemed () returned 0x1
[0162.809] GetThemeAppProperties () returned 0x3
[0162.809] GetThemeAppProperties () returned 0x3
[0162.809] DrawThemeBackground () returned 0x0
[0162.809] RestoreDC (hdc=0x680107c6, nSavedDC=-1) returned 1
[0162.809] GdipReleaseDC (graphics=0x6600030, hdc=0x680107c6) returned 0x0
[0162.809] GdipCreateRegion (region=0xd7df54) returned 0x0
[0162.809] GdipGetClip (graphics=0x6600030, region=0x66443e8) returned 0x0
[0162.810] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0162.810] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0162.810] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df6c) returned 0x0
[0162.810] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0162.810] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eecc8) returned 0x0
[0162.810] LocalFree (hMem=0x11eecc8) returned 0x0
[0162.810] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0162.810] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea60) returned 0x0
[0162.810] LocalFree (hMem=0x11eea60) returned 0x0
[0162.810] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0162.810] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0162.810] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0162.810] GdipGetRegionHRgn (region=0x66443e8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0162.810] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0162.810] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0162.810] GetCurrentObject (hdc=0x680107c6, type=0x1) returned 0xb00017
[0162.810] GetCurrentObject (hdc=0x680107c6, type=0x2) returned 0x900010
[0162.810] GetCurrentObject (hdc=0x680107c6, type=0x7) returned 0x4a0507fe
[0162.811] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.811] SaveDC (hdc=0x680107c6) returned 1
[0162.811] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa040807
[0162.811] GetClipRgn (hdc=0x680107c6, hrgn=0xfa040807) returned 0
[0162.811] SelectClipRgn (hdc=0x680107c6, hrgn=0x7d0407de) returned 2
[0162.811] DeleteObject (ho=0xfa040807) returned 1
[0162.811] DeleteObject (ho=0x7d0407de) returned 1
[0162.811] OffsetViewportOrgEx (in: hdc=0x680107c6, x=0, y=0, lppt=0x2d25a70 | out: lppt=0x2d25a70) returned 1
[0162.811] IsAppThemed () returned 0x1
[0162.815] GetThemeAppProperties () returned 0x3
[0162.815] GetThemeAppProperties () returned 0x3
[0162.815] GetThemeBackgroundContentRect () returned 0x0
[0162.815] RestoreDC (hdc=0x680107c6, nSavedDC=-1) returned 1
[0162.815] GdipReleaseDC (graphics=0x6600030, hdc=0x680107c6) returned 0x0
[0162.815] IsAppThemed () returned 0x1
[0162.815] GetThemeAppProperties () returned 0x3
[0162.815] GetThemeAppProperties () returned 0x3
[0162.815] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0162.815] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0162.815] GetCurrentObject (hdc=0x680107c6, type=0x1) returned 0xb00017
[0162.815] GetCurrentObject (hdc=0x680107c6, type=0x2) returned 0x900010
[0162.816] GetCurrentObject (hdc=0x680107c6, type=0x7) returned 0x4a0507fe
[0162.816] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.816] SaveDC (hdc=0x680107c6) returned 1
[0162.816] GetTextAlign (hdc=0x680107c6) returned 0x0
[0162.816] GetTextColor (hdc=0x680107c6) returned 0x0
[0162.816] GetCurrentObject (hdc=0x680107c6, type=0x6) returned 0x8a01c2
[0162.816] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0162.816] SelectObject (hdc=0x680107c6, h=0x6d0a0520) returned 0x8a01c2
[0162.816] GetBkMode (hdc=0x680107c6) returned 2
[0162.816] SetBkMode (hdc=0x680107c6, mode=1) returned 2
[0162.816] DrawTextExW (in: hdc=0x680107c6, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d25e10 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0162.816] DrawTextExW (in: hdc=0x680107c6, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d25e10 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0162.817] RestoreDC (hdc=0x680107c6, nSavedDC=-1) returned 1
[0162.817] GdipReleaseDC (graphics=0x6600030, hdc=0x680107c6) returned 0x0
[0162.817] GetFocus () returned 0x9013e
[0162.817] IsAppThemed () returned 0x1
[0162.817] GetThemeAppProperties () returned 0x3
[0162.817] GetThemeAppProperties () returned 0x3
[0162.817] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0162.817] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x680107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0162.817] GdipReleaseDC (graphics=0x6600030, hdc=0x680107c6) returned 0x0
[0162.817] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.817] SelectObject (hdc=0x680107c6, h=0x85000f) returned 0x4a0507fe
[0162.818] DeleteDC (hdc=0x680107c6) returned 1
[0162.818] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.818] EndPaint (hWnd=0x702de, lpPaint=0xd7e24c) returned 1
[0162.818] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0162.819] IsWindowUnicode (hWnd=0x30122) returned 1
[0162.819] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0162.819] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.819] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.821] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0162.822] IsWindowUnicode (hWnd=0x30122) returned 1
[0162.822] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.822] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.822] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.822] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.823] IsWindowUnicode (hWnd=0x702de) returned 1
[0162.823] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.823] GetDlgItem (hDlg=0xa00ea, nIDDlgItem=0) returned 0x0
[0162.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x210, wParam=0x201, lParam=0x670119) returned 0x0
[0162.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x21, wParam=0xa00ea, lParam=0x2010001) returned 0x1
[0162.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x21, wParam=0xa00ea, lParam=0x2010001) returned 0x1
[0162.823] SetCursor (hCursor=0x10003) returned 0x10003
[0162.823] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.823] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.823] GetKeyState (nVirtKey=1) returned -127
[0162.824] GetKeyState (nVirtKey=2) returned 0
[0162.824] GetKeyState (nVirtKey=4) returned 0
[0162.824] GetKeyState (nVirtKey=5) returned 0
[0162.824] GetKeyState (nVirtKey=6) returned 0
[0162.824] IsWindowVisible (hWnd=0x702de) returned 1
[0162.824] IsWindowEnabled (hWnd=0x702de) returned 1
[0162.824] SetFocus (hWnd=0x702de) returned 0x9013e
[0162.824] GetFocus () returned 0x702de
[0162.824] IsChild (hWndParent=0xa00ea, hWnd=0x702de) returned 1
[0162.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x8, wParam=0x702de, lParam=0x0) returned 0x0
[0162.824] GetCapture () returned 0x0
[0162.824] InvalidateRect (hWnd=0x9013e, lpRect=0x0, bErase=0) returned 1
[0162.825] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0162.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0162.830] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.831] InvalidateRect (hWnd=0x9013e, lpRect=0x0, bErase=0) returned 1
[0162.831] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x7, wParam=0x9013e, lParam=0x0) returned 0x0
[0162.831] GetStockObject (i=5) returned 0x900015
[0162.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0162.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0xd, wParam=0xa, lParam=0x11f5780) returned 0x9
[0162.831] GetDlgItem (hDlg=0xa00ea, nIDDlgItem=459486) returned 0x702de
[0162.831] SendMessageW (hWnd=0x702de, Msg=0x202b, wParam=0x702de, lParam=0xd7dddc) returned 0x0
[0162.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x202b, wParam=0x702de, lParam=0xd7dddc) returned 0x0
[0162.831] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.833] GetFocus () returned 0x702de
[0162.833] GetFocus () returned 0x702de
[0162.833] GetFocus () returned 0x702de
[0162.833] GetKeyState (nVirtKey=1) returned -127
[0162.833] GetKeyState (nVirtKey=2) returned 0
[0162.833] GetKeyState (nVirtKey=4) returned 0
[0162.833] GetKeyState (nVirtKey=5) returned 0
[0162.833] GetKeyState (nVirtKey=6) returned 0
[0162.833] GetCapture () returned 0x0
[0162.833] SetCapture (hWnd=0x702de) returned 0x0
[0162.833] GetKeyState (nVirtKey=1) returned -127
[0162.833] GetKeyState (nVirtKey=2) returned 0
[0162.833] GetKeyState (nVirtKey=4) returned 0
[0162.833] GetKeyState (nVirtKey=5) returned 0
[0162.833] GetKeyState (nVirtKey=6) returned 0
[0162.833] NotifyWinEvent (event=0x800a, hwnd=0x702de, idObject=-4, idChild=0)
[0162.833] InvalidateRect (hWnd=0x702de, lpRect=0xd7e430, bErase=0) returned 1
[0162.833] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.833] IsWindowUnicode (hWnd=0x702de) returned 1
[0162.833] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.833] TranslateMessage (lpMsg=0xd7e808) returned 0
[0162.834] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0162.834] MapWindowPoints (in: hWndFrom=0x702de, hWndTo=0x0, lpPoints=0x2d26000, cPoints=0x1 | out: lpPoints=0x2d26000) returned 30999254
[0162.834] NotifyWinEvent (event=0x800a, hwnd=0x702de, idObject=-4, idChild=0)
[0162.834] InvalidateRect (hWnd=0x702de, lpRect=0xd7e3d0, bErase=0) returned 1
[0162.834] UpdateWindow (hWnd=0x702de) returned 1
[0162.834] BeginPaint (in: hWnd=0x702de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0162.834] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.834] CreateCompatibleDC (hdc=0x107b9) returned 0x6a0107c6
[0162.834] SelectObject (hdc=0x6a0107c6, h=0x4a0507fe) returned 0x85000f
[0162.834] GdipCreateFromHDC (hdc=0x6a0107c6, graphics=0xd7df00) returned 0x0
[0162.834] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.834] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0162.834] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0162.834] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0162.834] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df60) returned 0x0
[0162.834] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.835] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0162.835] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.835] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0162.835] GdipCreateRegion (region=0xd7df48) returned 0x0
[0162.835] GdipGetClip (graphics=0x6600030, region=0x6644aa8) returned 0x0
[0162.835] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0162.835] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0162.835] GdipRestoreGraphics (graphics=0x6600030, state=0xfcac0dbd) returned 0x0
[0162.835] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0162.835] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0162.835] GetCurrentObject (hdc=0x6a0107c6, type=0x1) returned 0xb00017
[0162.835] GetCurrentObject (hdc=0x6a0107c6, type=0x2) returned 0x900010
[0162.835] GetCurrentObject (hdc=0x6a0107c6, type=0x7) returned 0x4a0507fe
[0162.835] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.835] SaveDC (hdc=0x6a0107c6) returned 1
[0162.835] GetNearestColor (hdc=0x6a0107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.835] GetNearestColor (hdc=0x6a0107c6, color=0xa0a0a0) returned 0xa0a0a0
[0162.835] GetNearestColor (hdc=0x6a0107c6, color=0x696969) returned 0x696969
[0162.835] GetNearestColor (hdc=0x6a0107c6, color=0xa0a0a0) returned 0xa0a0a0
[0162.835] GetNearestColor (hdc=0x6a0107c6, color=0x0) returned 0x0
[0162.836] GetNearestColor (hdc=0x6a0107c6, color=0xffffff) returned 0xffffff
[0162.836] GetNearestColor (hdc=0x6a0107c6, color=0xe5e5e5) returned 0xe5e5e5
[0162.836] GetNearestColor (hdc=0x6a0107c6, color=0xd7d7d7) returned 0xd7d7d7
[0162.836] GetNearestColor (hdc=0x6a0107c6, color=0x0) returned 0x0
[0162.836] RestoreDC (hdc=0x6a0107c6, nSavedDC=-1) returned 1
[0162.836] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107c6) returned 0x0
[0162.836] IsAppThemed () returned 0x1
[0162.836] GetThemeAppProperties () returned 0x3
[0162.836] GetThemeAppProperties () returned 0x3
[0162.836] IsAppThemed () returned 0x1
[0162.836] GetThemeAppProperties () returned 0x3
[0162.836] GetThemeAppProperties () returned 0x3
[0162.836] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d26758 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0162.837] IsAppThemed () returned 0x1
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] IsAppThemed () returned 0x1
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] IsAppThemed () returned 0x1
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] IsAppThemed () returned 0x1
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] IsThemePartDefined () returned 0x1
[0162.837] IsAppThemed () returned 0x1
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0162.837] IsAppThemed () returned 0x1
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] IsAppThemed () returned 0x1
[0162.837] GetThemeAppProperties () returned 0x3
[0162.837] GetThemeAppProperties () returned 0x3
[0162.838] IsThemePartDefined () returned 0x1
[0162.838] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0162.838] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0162.838] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0162.838] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0162.838] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc7c) returned 0x0
[0162.838] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0162.838] LocalFree (hMem=0x11ee788) returned 0x0
[0162.838] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eead0) returned 0x0
[0162.838] LocalFree (hMem=0x11eead0) returned 0x0
[0162.838] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0162.838] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0162.838] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0162.838] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0162.838] GdipDeleteRegion (region=0x6644238) returned 0x0
[0162.838] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0162.838] GetCurrentObject (hdc=0x6a0107c6, type=0x1) returned 0xb00017
[0162.838] GetCurrentObject (hdc=0x6a0107c6, type=0x2) returned 0x900010
[0162.838] GetCurrentObject (hdc=0x6a0107c6, type=0x7) returned 0x4a0507fe
[0162.838] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.838] SaveDC (hdc=0x6a0107c6) returned 1
[0162.839] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7e0407de
[0162.839] GetClipRgn (hdc=0x6a0107c6, hrgn=0x7e0407de) returned 0
[0162.839] SelectClipRgn (hdc=0x6a0107c6, hrgn=0xfe040807) returned 2
[0162.839] DeleteObject (ho=0x7e0407de) returned 1
[0162.839] DeleteObject (ho=0xfe040807) returned 1
[0162.839] OffsetViewportOrgEx (in: hdc=0x6a0107c6, x=0, y=0, lppt=0x2d26e08 | out: lppt=0x2d26e08) returned 1
[0162.839] DrawThemeParentBackground () returned 0x0
[0162.839] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0162.839] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0162.839] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.839] GetSystemMetrics (nIndex=42) returned 0
[0162.839] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0162.839] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0162.839] GetCurrentObject (hdc=0x6a0107c6, type=0x1) returned 0xb00017
[0162.839] GetCurrentObject (hdc=0x6a0107c6, type=0x2) returned 0x900010
[0162.839] GetCurrentObject (hdc=0x6a0107c6, type=0x7) returned 0x4a0507fe
[0162.839] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.840] SaveDC (hdc=0x6a0107c6) returned 2
[0162.840] GetNearestColor (hdc=0x6a0107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.840] CreateSolidBrush (color=0xf0f0f0) returned 0x631007e1
[0162.840] FillRect (hDC=0x6a0107c6, lprc=0xd7d6c8, hbr=0x631007e1) returned 1
[0162.840] DeleteObject (ho=0x631007e1) returned 1
[0162.840] RestoreDC (hdc=0x6a0107c6, nSavedDC=-1) returned 1
[0162.840] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.840] GetSystemMetrics (nIndex=42) returned 0
[0162.840] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0162.840] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0162.840] GetCurrentObject (hdc=0x6a0107c6, type=0x1) returned 0xb00017
[0162.840] GetCurrentObject (hdc=0x6a0107c6, type=0x2) returned 0x900010
[0162.840] GetCurrentObject (hdc=0x6a0107c6, type=0x7) returned 0x4a0507fe
[0162.840] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.840] SaveDC (hdc=0x6a0107c6) returned 2
[0162.840] GetNearestColor (hdc=0x6a0107c6, color=0xf0f0f0) returned 0xf0f0f0
[0162.840] CreateSolidBrush (color=0xf0f0f0) returned 0x641007e1
[0162.841] FillRect (hDC=0x6a0107c6, lprc=0xd7d668, hbr=0x641007e1) returned 1
[0162.841] DeleteObject (ho=0x641007e1) returned 1
[0162.841] RestoreDC (hdc=0x6a0107c6, nSavedDC=-1) returned 1
[0162.841] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.841] GetSystemMetrics (nIndex=42) returned 0
[0162.841] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0162.841] RestoreDC (hdc=0x6a0107c6, nSavedDC=-1) returned 1
[0162.841] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107c6) returned 0x0
[0162.842] IsAppThemed () returned 0x1
[0162.842] GetThemeAppProperties () returned 0x3
[0162.842] GetThemeAppProperties () returned 0x3
[0162.842] IsAppThemed () returned 0x1
[0162.842] GetThemeAppProperties () returned 0x3
[0162.842] GetThemeAppProperties () returned 0x3
[0162.842] IsThemePartDefined () returned 0x1
[0162.842] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0162.842] GdipGetClip (graphics=0x6600030, region=0x6644c58) returned 0x0
[0162.842] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0162.842] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0162.842] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc00) returned 0x0
[0162.842] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0162.842] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea28) returned 0x0
[0162.842] LocalFree (hMem=0x11eea28) returned 0x0
[0162.842] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0162.842] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee910) returned 0x0
[0162.842] LocalFree (hMem=0x11ee910) returned 0x0
[0162.842] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0162.842] GdipIsInfiniteRegion (region=0x6644c58, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0162.842] GdipIsInfiniteRegion (region=0x6644c58, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0162.842] GdipGetRegionHRgn (region=0x6644c58, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0162.843] GdipDeleteRegion (region=0x6644c58) returned 0x0
[0162.843] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0162.843] GetCurrentObject (hdc=0x6a0107c6, type=0x1) returned 0xb00017
[0162.843] GetCurrentObject (hdc=0x6a0107c6, type=0x2) returned 0x900010
[0162.843] GetCurrentObject (hdc=0x6a0107c6, type=0x7) returned 0x4a0507fe
[0162.843] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.843] SaveDC (hdc=0x6a0107c6) returned 1
[0162.843] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff040807
[0162.843] GetClipRgn (hdc=0x6a0107c6, hrgn=0xff040807) returned 0
[0162.843] SelectClipRgn (hdc=0x6a0107c6, hrgn=0x800407de) returned 2
[0162.843] DeleteObject (ho=0xff040807) returned 1
[0162.843] DeleteObject (ho=0x800407de) returned 1
[0162.843] OffsetViewportOrgEx (in: hdc=0x6a0107c6, x=0, y=0, lppt=0x2d276b4 | out: lppt=0x2d276b4) returned 1
[0162.843] IsAppThemed () returned 0x1
[0162.843] GetThemeAppProperties () returned 0x3
[0162.843] GetThemeAppProperties () returned 0x3
[0162.843] DrawThemeBackground () returned 0x0
[0162.843] RestoreDC (hdc=0x6a0107c6, nSavedDC=-1) returned 1
[0162.844] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107c6) returned 0x0
[0162.844] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0162.844] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0162.844] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0162.844] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0162.844] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc04) returned 0x0
[0162.844] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0162.844] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0162.844] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.844] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.844] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0162.844] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.844] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0162.844] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0162.844] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0162.844] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0162.844] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0162.844] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0162.844] GetCurrentObject (hdc=0x6a0107c6, type=0x1) returned 0xb00017
[0162.844] GetCurrentObject (hdc=0x6a0107c6, type=0x2) returned 0x900010
[0162.844] GetCurrentObject (hdc=0x6a0107c6, type=0x7) returned 0x4a0507fe
[0162.844] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.845] SaveDC (hdc=0x6a0107c6) returned 1
[0162.845] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x810407de
[0162.845] GetClipRgn (hdc=0x6a0107c6, hrgn=0x810407de) returned 0
[0162.845] SelectClipRgn (hdc=0x6a0107c6, hrgn=0x40807) returned 2
[0162.845] DeleteObject (ho=0x810407de) returned 1
[0162.845] DeleteObject (ho=0x40807) returned 1
[0162.845] OffsetViewportOrgEx (in: hdc=0x6a0107c6, x=0, y=0, lppt=0x2d27988 | out: lppt=0x2d27988) returned 1
[0162.845] IsAppThemed () returned 0x1
[0162.845] GetThemeAppProperties () returned 0x3
[0162.845] GetThemeAppProperties () returned 0x3
[0162.845] GetThemeBackgroundContentRect () returned 0x0
[0162.845] RestoreDC (hdc=0x6a0107c6, nSavedDC=-1) returned 1
[0162.845] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107c6) returned 0x0
[0162.845] IsAppThemed () returned 0x1
[0162.845] GetThemeAppProperties () returned 0x3
[0162.845] GetThemeAppProperties () returned 0x3
[0162.845] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0162.845] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0162.845] GetCurrentObject (hdc=0x6a0107c6, type=0x1) returned 0xb00017
[0162.845] GetCurrentObject (hdc=0x6a0107c6, type=0x2) returned 0x900010
[0162.845] GetCurrentObject (hdc=0x6a0107c6, type=0x7) returned 0x4a0507fe
[0162.846] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.846] SaveDC (hdc=0x6a0107c6) returned 1
[0162.846] GetTextAlign (hdc=0x6a0107c6) returned 0x0
[0162.846] GetTextColor (hdc=0x6a0107c6) returned 0x0
[0162.846] GetCurrentObject (hdc=0x6a0107c6, type=0x6) returned 0x8a01c2
[0162.846] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0162.846] SelectObject (hdc=0x6a0107c6, h=0x6d0a0520) returned 0x8a01c2
[0162.846] GetBkMode (hdc=0x6a0107c6) returned 2
[0162.846] SetBkMode (hdc=0x6a0107c6, mode=1) returned 2
[0162.846] DrawTextExW (in: hdc=0x6a0107c6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d27d28 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0162.846] DrawTextExW (in: hdc=0x6a0107c6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d27d28 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0162.847] RestoreDC (hdc=0x6a0107c6, nSavedDC=-1) returned 1
[0162.847] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107c6) returned 0x0
[0162.847] GetFocus () returned 0x702de
[0162.847] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0162.847] SendMessageW (hWnd=0xa00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0162.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0162.847] IsAppThemed () returned 0x1
[0162.847] GetThemeAppProperties () returned 0x3
[0162.847] GetThemeAppProperties () returned 0x3
[0162.847] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0162.847] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x6a0107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0162.847] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107c6) returned 0x0
[0162.847] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.847] SelectObject (hdc=0x6a0107c6, h=0x85000f) returned 0x4a0507fe
[0162.847] DeleteDC (hdc=0x6a0107c6) returned 1
[0162.848] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0162.848] EndPaint (hWnd=0x702de, lpPaint=0xd7dee4) returned 1
[0162.848] MapWindowPoints (in: hWndFrom=0x702de, hWndTo=0x0, lpPoints=0x2d27e24, cPoints=0x1 | out: lpPoints=0x2d27e24) returned 30999254
[0162.848] WindowFromPoint (Point=0x30e) returned 0x702de
[0162.848] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.848] NotifyWinEvent (event=0x800a, hwnd=0x702de, idObject=-4, idChild=0)
[0162.848] NotifyWinEvent (event=0x800c, hwnd=0x702de, idObject=-4, idChild=0)
[0162.848] GetCapture () returned 0x702de
[0162.848] ReleaseCapture () returned 1
[0162.848] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0162.848] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0162.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.849] IsWindow (hWnd=0x7005c) returned 1
[0162.849] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0162.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0162.850] IsWindow (hWnd=0xa00ea) returned 1
[0162.850] SetActiveWindow (hWnd=0xa00ea) returned 0xa00ea
[0162.850] IsWindow (hWnd=0xa00ea) returned 1
[0162.850] SetFocus (hWnd=0xa00ea) returned 0x702de
[0162.850] GetFocus () returned 0xa00ea
[0162.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x8, wParam=0xa00ea, lParam=0x0) returned 0x0
[0162.850] GetCapture () returned 0x0
[0162.850] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0162.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0162.853] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.853] GetFocus () returned 0xa00ea
[0162.854] SetFocus (hWnd=0x702de) returned 0xa00ea
[0162.854] GetFocus () returned 0x702de
[0162.854] IsChild (hWndParent=0xa00ea, hWnd=0x702de) returned 1
[0162.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x8, wParam=0x702de, lParam=0x0) returned 0x0
[0162.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0162.856] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0162.859] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x7, wParam=0xa00ea, lParam=0x0) returned 0x0
[0162.860] GetStockObject (i=5) returned 0x900015
[0162.860] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0162.860] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0162.860] GetDlgItem (hDlg=0xa00ea, nIDDlgItem=459486) returned 0x702de
[0162.860] SendMessageW (hWnd=0x702de, Msg=0x202b, wParam=0x702de, lParam=0xd7ddcc) returned 0x0
[0162.860] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x202b, wParam=0x702de, lParam=0xd7ddcc) returned 0x0
[0162.860] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.861] GetWindowLongW (hWnd=0xa00ea, nIndex=-8) returned 458844
[0162.861] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0162.862] GetCurrentThreadId () returned 0xf50
[0162.862] IsWindow (hWnd=0x7005c) returned 1
[0162.862] IsWindow (hWnd=0x7005c) returned 1
[0162.862] IsWindowVisible (hWnd=0x7005c) returned 1
[0162.862] SetActiveWindow (hWnd=0x7005c) returned 0xa00ea
[0162.862] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0162.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0162.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0162.865] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0162.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0162.866] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0162.866] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0162.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0xa00ea) returned 0x1
[0162.869] GetFocus () returned 0x702de
[0162.869] SetFocus (hWnd=0x602c4) returned 0x702de
[0162.870] GetFocus () returned 0x602c4
[0162.870] IsChild (hWndParent=0xa00ea, hWnd=0x602c4) returned 0
[0162.870] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0162.870] GetCapture () returned 0x0
[0162.870] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.871] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0162.876] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0162.877] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.877] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0162.877] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0162.878] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0162.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x702de, lParam=0x0) returned 0x0
[0162.878] GetStockObject (i=5) returned 0x900015
[0162.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0162.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda80) returned 0xc
[0162.878] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0162.878] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0162.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0162.879] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0162.880] GetFocus () returned 0x602c4
[0162.880] IsChild (hWndParent=0xa00ea, hWnd=0x602c4) returned 0
[0162.880] ShowWindow (hWnd=0xa00ea, nCmdShow=0) returned 1
[0162.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0162.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0162.882] GetWindowPlacement (in: hWnd=0xa00ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0162.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0162.882] GetClientRect (in: hWnd=0xa00ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0162.883] GetWindowRect (in: hWnd=0xa00ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0162.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0162.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0162.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0162.884] GetWindowLongW (hWnd=0xa00ea, nIndex=-20) returned 327945
[0162.884] DestroyWindow (hWnd=0xa00ea) returned 1
[0162.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0162.885] GetWindowTextLengthW (hWnd=0xa00ea) returned 13
[0162.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.885] GetSystemMetrics (nIndex=42) returned 0
[0162.885] GetWindowTextW (in: hWnd=0xa00ea, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0162.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0162.885] GetWindowTextLengthW (hWnd=0x702da) returned 0
[0162.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0162.885] GetSystemMetrics (nIndex=42) returned 0
[0162.885] GetWindowTextW (in: hWnd=0x702da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0162.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0162.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0162.885] GetWindowThreadProcessId (in: hWnd=0x902d8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0162.885] GetWindow (hWnd=0x902d8, uCmd=0x5) returned 0x0
[0162.885] GetWindowLongW (hWnd=0x902d8, nIndex=-20) returned 65792
[0162.886] DestroyWindow (hWnd=0x902d8) returned 1
[0162.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0162.886] GetWindowTextLengthW (hWnd=0x902d8) returned 25
[0162.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0162.886] GetSystemMetrics (nIndex=42) returned 0
[0162.886] GetWindowTextW (in: hWnd=0x902d8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0162.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0162.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0162.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.887] GetWindowTextLengthW (hWnd=0x5005a) returned 232
[0162.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0162.887] GetSystemMetrics (nIndex=42) returned 0
[0162.887] GetWindowTextW (in: hWnd=0x5005a, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0162.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0162.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0162.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0162.900] InvalidateRect (hWnd=0x702de, lpRect=0x0, bErase=0) returned 1
[0162.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0162.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0162.901] SendMessageW (hWnd=0x702dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0162.901] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0162.901] SendMessageW (hWnd=0x702dc, Msg=0xb0, wParam=0x2cfd888, lParam=0xd7e480) returned 0x0
[0162.901] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0xb0, wParam=0x2cfd888, lParam=0xd7e480) returned 0x0
[0162.901] GetWindowTextLengthW (hWnd=0x702dc) returned 4363
[0162.901] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0162.901] GetSystemMetrics (nIndex=42) returned 0
[0162.901] CoTaskMemAlloc (cb=0x221c) returned 0x1203e48
[0162.901] GetWindowTextW (in: hWnd=0x702dc, lpString=0x1203e48, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0162.901] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0xd, wParam=0x110c, lParam=0x1203e48) returned 0x110b
[0162.901] CoTaskMemFree (pv=0x1203e48)
[0162.901] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0162.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x702da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.903] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x5005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.905] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x9013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.906] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x702de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.908] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0162.910] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.910] IsWindowUnicode (hWnd=0x30122) returned 1
[0162.910] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.910] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.910] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.911] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.911] IsWindowUnicode (hWnd=0x7005c) returned 1
[0162.911] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.911] SetCursor (hCursor=0x10003) returned 0x10003
[0162.911] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.911] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.911] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0162.911] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0162.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0162.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10d0250) returned 0x0
[0162.911] GetKeyState (nVirtKey=1) returned 1
[0162.912] GetKeyState (nVirtKey=2) returned 0
[0162.912] GetKeyState (nVirtKey=4) returned 0
[0162.912] GetKeyState (nVirtKey=5) returned 0
[0162.912] GetKeyState (nVirtKey=6) returned 0
[0162.912] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.913] IsWindowUnicode (hWnd=0x7005c) returned 1
[0162.913] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.913] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.913] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.913] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.913] IsWindowUnicode (hWnd=0x7005c) returned 1
[0162.913] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2030e) returned 0x1
[0162.914] SetCursor (hCursor=0x10003) returned 0x10003
[0162.914] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.914] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10d0250) returned 0x0
[0162.914] GetKeyState (nVirtKey=1) returned 1
[0162.914] GetKeyState (nVirtKey=2) returned 0
[0162.914] GetKeyState (nVirtKey=4) returned 0
[0162.914] GetKeyState (nVirtKey=5) returned 0
[0162.914] GetKeyState (nVirtKey=6) returned 0
[0162.914] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.915] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.915] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.915] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.915] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.915] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.917] IsWindowUnicode (hWnd=0x602c4) returned 1
[0162.917] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0162.917] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0162.917] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0162.917] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0162.917] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.917] CreateCompatibleDC (hdc=0x107b9) returned 0xa8010781
[0162.917] SelectObject (hdc=0xa8010781, h=0x4a0507fe) returned 0x85000f
[0162.917] GdipCreateFromHDC (hdc=0xa8010781, graphics=0xd7e798) returned 0x0
[0162.918] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0162.918] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0162.918] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0162.918] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0162.918] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e7f8) returned 0x0
[0162.918] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.918] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0162.918] LocalFree (hMem=0x11ee788) returned 0x0
[0162.918] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0162.918] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0162.918] GdipGetClip (graphics=0x6600030, region=0x6644478) returned 0x0
[0162.918] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0162.918] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0162.918] GdipRestoreGraphics (graphics=0x6600030, state=0xfcaa0dbd) returned 0x0
[0162.918] GdipDeleteRegion (region=0x6644478) returned 0x0
[0162.918] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0162.919] GetCurrentObject (hdc=0xa8010781, type=0x1) returned 0xb00017
[0162.919] GetCurrentObject (hdc=0xa8010781, type=0x2) returned 0x900010
[0162.919] GetCurrentObject (hdc=0xa8010781, type=0x7) returned 0x4a0507fe
[0162.922] GetCurrentObject (hdc=0xa8010781, type=0x6) returned 0x8a01c2
[0162.922] SaveDC (hdc=0xa8010781) returned 1
[0162.922] GetNearestColor (hdc=0xa8010781, color=0xff) returned 0xff
[0162.922] GetNearestColor (hdc=0xa8010781, color=0x55) returned 0x55
[0162.922] GetNearestColor (hdc=0xa8010781, color=0x0) returned 0x0
[0162.923] GetNearestColor (hdc=0xa8010781, color=0x55) returned 0x55
[0162.923] GetNearestColor (hdc=0xa8010781, color=0x0) returned 0x0
[0162.923] GetNearestColor (hdc=0xa8010781, color=0x8080ff) returned 0x8080ff
[0162.923] GetNearestColor (hdc=0xa8010781, color=0x7373e5) returned 0x7373e5
[0162.923] GetNearestColor (hdc=0xa8010781, color=0xe5) returned 0xe5
[0162.923] GetNearestColor (hdc=0xa8010781, color=0x0) returned 0x0
[0162.923] RestoreDC (hdc=0xa8010781, nSavedDC=-1) returned 1
[0162.923] GdipReleaseDC (graphics=0x6600030, hdc=0xa8010781) returned 0x0
[0162.923] IsAppThemed () returned 0x1
[0162.923] GetThemeAppProperties () returned 0x3
[0162.923] GetThemeAppProperties () returned 0x3
[0162.923] IsAppThemed () returned 0x1
[0162.923] GetThemeAppProperties () returned 0x3
[0162.923] GetThemeAppProperties () returned 0x3
[0162.923] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d2fb90 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0162.924] IsAppThemed () returned 0x1
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] IsAppThemed () returned 0x1
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] GetFocus () returned 0x602c4
[0162.924] IsAppThemed () returned 0x1
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] IsAppThemed () returned 0x1
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] GetThemeAppProperties () returned 0x3
[0162.924] IsThemePartDefined () returned 0x1
[0162.924] IsAppThemed () returned 0x1
[0162.925] GetThemeAppProperties () returned 0x3
[0162.925] GetThemeAppProperties () returned 0x3
[0162.925] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0162.925] IsAppThemed () returned 0x1
[0162.925] GetThemeAppProperties () returned 0x3
[0162.925] GetThemeAppProperties () returned 0x3
[0162.925] IsAppThemed () returned 0x1
[0162.925] GetThemeAppProperties () returned 0x3
[0162.925] GetThemeAppProperties () returned 0x3
[0162.925] IsThemePartDefined () returned 0x1
[0162.925] GdipCreateRegion (region=0xd7e508) returned 0x0
[0162.925] GdipGetClip (graphics=0x6600030, region=0x6644478) returned 0x0
[0162.925] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0162.925] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0162.925] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e520) returned 0x0
[0162.925] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0162.925] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0162.925] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.925] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0162.926] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0162.926] LocalFree (hMem=0x11ee788) returned 0x0
[0162.926] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0162.926] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e548) returned 0x0
[0162.926] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e538) returned 0x0
[0162.926] GdipGetRegionHRgn (region=0x6644478, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0162.926] GdipDeleteRegion (region=0x6644478) returned 0x0
[0162.926] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0162.926] GetCurrentObject (hdc=0xa8010781, type=0x1) returned 0xb00017
[0162.926] GetCurrentObject (hdc=0xa8010781, type=0x2) returned 0x900010
[0162.926] GetCurrentObject (hdc=0xa8010781, type=0x7) returned 0x4a0507fe
[0162.926] GetCurrentObject (hdc=0xa8010781, type=0x6) returned 0x8a01c2
[0162.926] SaveDC (hdc=0xa8010781) returned 1
[0162.926] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1040807
[0162.926] GetClipRgn (hdc=0xa8010781, hrgn=0x1040807) returned 0
[0162.926] SelectClipRgn (hdc=0xa8010781, hrgn=0x850407de) returned 2
[0162.927] DeleteObject (ho=0x1040807) returned 1
[0162.927] DeleteObject (ho=0x850407de) returned 1
[0162.927] OffsetViewportOrgEx (in: hdc=0xa8010781, x=0, y=0, lppt=0x2d30240 | out: lppt=0x2d30240) returned 1
[0162.927] DrawThemeParentBackground () returned 0x0
[0162.927] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0162.927] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0162.927] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.927] GetSystemMetrics (nIndex=42) returned 0
[0162.927] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0162.927] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0162.927] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0162.927] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0162.927] SelectPalette (hdc=0xa8010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.928] GdipCreateFromHDC (hdc=0xa8010781, graphics=0xd7dff8) returned 0x0
[0162.928] GdipSetPageUnit (graphics=0x663dbf8, unit=0x2) returned 0x0
[0162.928] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0162.928] GdipGetWorldTransform (graphics=0x663dbf8, matrix=0x6638c68) returned 0x0
[0162.928] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfd0) returned 0x0
[0162.928] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0162.928] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0162.928] GdipGetClip (graphics=0x663dbf8, region=0x66447d8) returned 0x0
[0162.928] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x663dbf8, result=0xd7dfc4) returned 0x0
[0162.928] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0162.928] GdipSaveGraphics (graphics=0x663dbf8, state=0xd7dff0) returned 0x0
[0162.928] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0162.942] GdipFillRectangleI (graphics=0x663dbf8, brush=0x6639a00, x=0, y=0, width=801, height=453) returned 0x0
[0162.942] GdipDeleteBrush (brush=0x6639a00) returned 0x0
[0162.944] GdipDeleteGraphics (graphics=0x663dbf8) returned 0x0
[0162.944] SelectPalette (hdc=0xa8010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.945] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.945] GetSystemMetrics (nIndex=42) returned 0
[0162.945] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0162.945] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0162.945] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0162.945] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0162.945] SelectPalette (hdc=0xa8010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0162.945] GdipCreateFromHDC (hdc=0xa8010781, graphics=0xd7df98) returned 0x0
[0162.945] GdipSetPageUnit (graphics=0x663dbf8, unit=0x2) returned 0x0
[0162.945] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0162.945] GdipGetWorldTransform (graphics=0x663dbf8, matrix=0x6638b18) returned 0x0
[0162.945] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df70) returned 0x0
[0162.946] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0162.946] GdipCreateRegion (region=0xd7df58) returned 0x0
[0162.946] GdipGetClip (graphics=0x663dbf8, region=0x6644f28) returned 0x0
[0162.946] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x663dbf8, result=0xd7df64) returned 0x0
[0162.946] GdipDeleteRegion (region=0x6644f28) returned 0x0
[0162.946] GdipSaveGraphics (graphics=0x663dbf8, state=0xd7df90) returned 0x0
[0162.946] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0162.992] GdipFillRectangleI (graphics=0x663dbf8, brush=0x6639c70, x=0, y=0, width=801, height=453) returned 0x0
[0162.992] GdipDeleteBrush (brush=0x6639c70) returned 0x0
[0162.993] GdipRestoreGraphics (graphics=0x663dbf8, state=0xfca60dbd) returned 0x0
[0162.993] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0162.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0162.994] GetSystemMetrics (nIndex=42) returned 0
[0162.994] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0162.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0162.994] GdipDeleteGraphics (graphics=0x663dbf8) returned 0x0
[0162.994] SelectPalette (hdc=0xa8010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0162.994] RestoreDC (hdc=0xa8010781, nSavedDC=-1) returned 1
[0162.994] GdipReleaseDC (graphics=0x6600030, hdc=0xa8010781) returned 0x0
[0162.994] IsAppThemed () returned 0x1
[0162.994] GetThemeAppProperties () returned 0x3
[0162.994] GetThemeAppProperties () returned 0x3
[0162.994] IsAppThemed () returned 0x1
[0162.994] GetThemeAppProperties () returned 0x3
[0162.994] GetThemeAppProperties () returned 0x3
[0162.994] IsThemePartDefined () returned 0x1
[0162.994] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0162.995] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0162.995] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0162.995] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0162.995] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e4a4) returned 0x0
[0162.995] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0162.995] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0162.995] LocalFree (hMem=0x11ee8d8) returned 0x0
[0162.995] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.995] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0162.995] LocalFree (hMem=0x11eec58) returned 0x0
[0162.995] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0162.995] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0162.995] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0162.995] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0162.995] GdipDeleteRegion (region=0x6644358) returned 0x0
[0162.995] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0162.996] GetCurrentObject (hdc=0xa8010781, type=0x1) returned 0xb00017
[0162.996] GetCurrentObject (hdc=0xa8010781, type=0x2) returned 0x900010
[0162.996] GetCurrentObject (hdc=0xa8010781, type=0x7) returned 0x4a0507fe
[0162.996] GetCurrentObject (hdc=0xa8010781, type=0x6) returned 0x8a01c2
[0162.996] SaveDC (hdc=0xa8010781) returned 1
[0162.996] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x860407de
[0162.996] GetClipRgn (hdc=0xa8010781, hrgn=0x860407de) returned 0
[0162.996] SelectClipRgn (hdc=0xa8010781, hrgn=0x3040807) returned 2
[0162.996] DeleteObject (ho=0x860407de) returned 1
[0162.996] DeleteObject (ho=0x3040807) returned 1
[0162.996] OffsetViewportOrgEx (in: hdc=0xa8010781, x=0, y=0, lppt=0x2d36a90 | out: lppt=0x2d36a90) returned 1
[0162.996] IsAppThemed () returned 0x1
[0162.997] GetThemeAppProperties () returned 0x3
[0162.997] GetThemeAppProperties () returned 0x3
[0162.997] DrawThemeBackground () returned 0x0
[0162.997] RestoreDC (hdc=0xa8010781, nSavedDC=-1) returned 1
[0162.997] GdipReleaseDC (graphics=0x6600030, hdc=0xa8010781) returned 0x0
[0162.997] GdipCreateRegion (region=0xd7e490) returned 0x0
[0162.997] GdipGetClip (graphics=0x6600030, region=0x66443e8) returned 0x0
[0162.997] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0162.997] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0162.997] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a8) returned 0x0
[0162.997] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0162.997] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0162.997] LocalFree (hMem=0x11eec58) returned 0x0
[0162.997] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0162.998] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0162.998] LocalFree (hMem=0x11ee9f0) returned 0x0
[0162.998] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0162.998] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0162.998] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0162.998] GdipGetRegionHRgn (region=0x66443e8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0162.998] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0162.998] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0162.998] GetCurrentObject (hdc=0xa8010781, type=0x1) returned 0xb00017
[0162.998] GetCurrentObject (hdc=0xa8010781, type=0x2) returned 0x900010
[0162.998] GetCurrentObject (hdc=0xa8010781, type=0x7) returned 0x4a0507fe
[0162.998] GetCurrentObject (hdc=0xa8010781, type=0x6) returned 0x8a01c2
[0162.998] SaveDC (hdc=0xa8010781) returned 1
[0162.998] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4040807
[0162.998] GetClipRgn (hdc=0xa8010781, hrgn=0x4040807) returned 0
[0162.998] SelectClipRgn (hdc=0xa8010781, hrgn=0x870407de) returned 2
[0162.998] DeleteObject (ho=0x4040807) returned 1
[0162.998] DeleteObject (ho=0x870407de) returned 1
[0162.998] OffsetViewportOrgEx (in: hdc=0xa8010781, x=0, y=0, lppt=0x2d36d64 | out: lppt=0x2d36d64) returned 1
[0162.998] IsAppThemed () returned 0x1
[0162.999] GetThemeAppProperties () returned 0x3
[0162.999] GetThemeAppProperties () returned 0x3
[0162.999] GetThemeBackgroundContentRect () returned 0x0
[0162.999] RestoreDC (hdc=0xa8010781, nSavedDC=-1) returned 1
[0162.999] GdipReleaseDC (graphics=0x6600030, hdc=0xa8010781) returned 0x0
[0162.999] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0162.999] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0162.999] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0162.999] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0162.999] IsAppThemed () returned 0x1
[0162.999] GetThemeAppProperties () returned 0x3
[0162.999] GetThemeAppProperties () returned 0x3
[0162.999] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0162.999] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0162.999] GetCurrentObject (hdc=0xa8010781, type=0x1) returned 0xb00017
[0162.999] GetCurrentObject (hdc=0xa8010781, type=0x2) returned 0x900010
[0162.999] GetCurrentObject (hdc=0xa8010781, type=0x7) returned 0x4a0507fe
[0162.999] GetCurrentObject (hdc=0xa8010781, type=0x6) returned 0x8a01c2
[0162.999] SaveDC (hdc=0xa8010781) returned 1
[0162.999] GetTextAlign (hdc=0xa8010781) returned 0x0
[0163.000] GetTextColor (hdc=0xa8010781) returned 0x0
[0163.000] GetCurrentObject (hdc=0xa8010781, type=0x6) returned 0x8a01c2
[0163.000] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0163.000] SelectObject (hdc=0xa8010781, h=0x6d0a0520) returned 0x8a01c2
[0163.000] GetBkMode (hdc=0xa8010781) returned 2
[0163.000] SetBkMode (hdc=0xa8010781, mode=1) returned 2
[0163.000] DrawTextExW (in: hdc=0xa8010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d37128 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0163.000] DrawTextExW (in: hdc=0xa8010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d37128 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0163.001] RestoreDC (hdc=0xa8010781, nSavedDC=-1) returned 1
[0163.001] GdipReleaseDC (graphics=0x6600030, hdc=0xa8010781) returned 0x0
[0163.001] GetFocus () returned 0x602c4
[0163.001] IsAppThemed () returned 0x1
[0163.001] GetThemeAppProperties () returned 0x3
[0163.001] GetThemeAppProperties () returned 0x3
[0163.001] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0163.001] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xa8010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0163.001] GdipReleaseDC (graphics=0x6600030, hdc=0xa8010781) returned 0x0
[0163.001] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0163.001] SelectObject (hdc=0xa8010781, h=0x85000f) returned 0x4a0507fe
[0163.001] DeleteDC (hdc=0xa8010781) returned 1
[0163.001] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0163.001] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0163.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.002] WaitMessage () returned 1
[0163.018] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.018] IsWindowUnicode (hWnd=0x7005c) returned 1
[0163.018] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.018] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.018] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.018] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.018] IsWindowUnicode (hWnd=0x7005c) returned 1
[0163.018] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.018] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.018] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10d0250) returned 0x0
[0163.018] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.018] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.018] WaitMessage () returned 1
[0163.036] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.036] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.036] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.037] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.037] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.037] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.037] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.037] WaitMessage () returned 1
[0163.038] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.038] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.038] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.038] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.038] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.039] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.039] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.039] WaitMessage () returned 1
[0163.040] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.040] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.040] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.040] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.040] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.041] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.041] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.041] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.041] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.041] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.041] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.041] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.042] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.042] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.042] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.042] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.042] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.042] WaitMessage () returned 1
[0163.042] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.042] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.043] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.043] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.043] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.051] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.051] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.051] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.051] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.051] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.051] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.051] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.051] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.052] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.052] WaitMessage () returned 1
[0163.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.054] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.054] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.055] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.055] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.055] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.056] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.056] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.056] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.056] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.056] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.056] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.056] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.056] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.057] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.057] WaitMessage () returned 1
[0163.058] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.058] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.058] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.058] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.058] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.063] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.063] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.063] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.063] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.063] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.063] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.063] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.063] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.064] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.064] WaitMessage () returned 1
[0163.067] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.067] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.067] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.067] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.067] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.068] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.068] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.068] WaitMessage () returned 1
[0163.069] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.069] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.069] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.069] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.069] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.071] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.071] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.071] WaitMessage () returned 1
[0163.072] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.072] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.072] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.072] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.072] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.073] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.073] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.073] WaitMessage () returned 1
[0163.074] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.074] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.074] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.074] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.074] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.079] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.079] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.079] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.079] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.079] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.079] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.079] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.079] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.080] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.080] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.080] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.080] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.080] WaitMessage () returned 1
[0163.083] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.083] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.083] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.083] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.083] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.084] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.085] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.085] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.085] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.085] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.085] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.085] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.085] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.085] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.085] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.085] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.086] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.086] WaitMessage () returned 1
[0163.086] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.086] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.086] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.086] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.086] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.088] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.088] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.088] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.088] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.088] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.088] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.088] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.089] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.089] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.089] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.089] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.089] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.089] WaitMessage () returned 1
[0163.090] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.090] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.090] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.090] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.090] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.094] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.094] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.094] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.095] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.095] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.095] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.095] IsWindowUnicode (hWnd=0x30122) returned 1
[0163.095] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.095] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.095] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.095] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.096] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.096] WaitMessage () returned 1
[0163.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.220] IsWindowUnicode (hWnd=0x502c6) returned 1
[0163.220] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0163.220] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0163.220] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0163.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0163.220] WaitMessage () returned 1
[0165.143] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.143] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010d) returned 0x1
[0165.143] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.144] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.144] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0165.144] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0165.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0165.144] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010d) returned 0x1
[0165.144] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.144] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010d) returned 0x1
[0165.144] SetCursor (hCursor=0x10003) returned 0x10003
[0165.144] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0165.144] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0165.144] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0165.145] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0165.145] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0165.145] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0165.145] GetKeyState (nVirtKey=1) returned 1
[0165.145] GetKeyState (nVirtKey=2) returned 0
[0165.145] GetKeyState (nVirtKey=4) returned 0
[0165.145] GetKeyState (nVirtKey=5) returned 0
[0165.145] GetKeyState (nVirtKey=6) returned 0
[0165.145] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.145] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.145] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.145] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0165.145] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0165.145] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0165.146] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.146] CreateCompatibleDC (hdc=0x107b9) returned 0x7e0107d0
[0165.146] SelectObject (hdc=0x7e0107d0, h=0x4a0507fe) returned 0x85000f
[0165.146] GdipCreateFromHDC (hdc=0x7e0107d0, graphics=0xd7e798) returned 0x0
[0165.147] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.147] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0165.147] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0165.147] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0165.147] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e7f8) returned 0x0
[0165.147] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.147] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0165.147] LocalFree (hMem=0x11ee788) returned 0x0
[0165.147] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0165.147] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0165.147] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.147] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0165.147] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0165.147] GdipRestoreGraphics (graphics=0x6600030, state=0xfca40dbd) returned 0x0
[0165.147] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.147] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0165.147] GetCurrentObject (hdc=0x7e0107d0, type=0x1) returned 0xb00017
[0165.147] GetCurrentObject (hdc=0x7e0107d0, type=0x2) returned 0x900010
[0165.148] GetCurrentObject (hdc=0x7e0107d0, type=0x7) returned 0x4a0507fe
[0165.148] GetCurrentObject (hdc=0x7e0107d0, type=0x6) returned 0x8a01c2
[0165.148] SaveDC (hdc=0x7e0107d0) returned 1
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0xff) returned 0xff
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0x55) returned 0x55
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0x0) returned 0x0
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0x55) returned 0x55
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0x0) returned 0x0
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0x8080ff) returned 0x8080ff
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0x7373e5) returned 0x7373e5
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0xe5) returned 0xe5
[0165.148] GetNearestColor (hdc=0x7e0107d0, color=0x0) returned 0x0
[0165.148] RestoreDC (hdc=0x7e0107d0, nSavedDC=-1) returned 1
[0165.148] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107d0) returned 0x0
[0165.148] IsAppThemed () returned 0x1
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] IsAppThemed () returned 0x1
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d37b70 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0165.149] IsAppThemed () returned 0x1
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] IsAppThemed () returned 0x1
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] IsAppThemed () returned 0x1
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] GetThemeAppProperties () returned 0x3
[0165.149] IsAppThemed () returned 0x1
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] IsThemePartDefined () returned 0x1
[0165.150] IsAppThemed () returned 0x1
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0165.150] IsAppThemed () returned 0x1
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] IsAppThemed () returned 0x1
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] GetThemeAppProperties () returned 0x3
[0165.150] IsThemePartDefined () returned 0x1
[0165.150] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0165.150] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0165.150] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0165.150] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0165.150] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e514) returned 0x0
[0165.150] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0165.150] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0165.150] LocalFree (hMem=0x11eecc8) returned 0x0
[0165.150] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.150] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0165.150] LocalFree (hMem=0x11ee788) returned 0x0
[0165.150] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0165.150] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0165.151] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0165.151] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0165.151] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0165.151] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0165.151] GetCurrentObject (hdc=0x7e0107d0, type=0x1) returned 0xb00017
[0165.151] GetCurrentObject (hdc=0x7e0107d0, type=0x2) returned 0x900010
[0165.151] GetCurrentObject (hdc=0x7e0107d0, type=0x7) returned 0x4a0507fe
[0165.151] GetCurrentObject (hdc=0x7e0107d0, type=0x6) returned 0x8a01c2
[0165.151] SaveDC (hdc=0x7e0107d0) returned 1
[0165.151] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x880407de
[0165.151] GetClipRgn (hdc=0x7e0107d0, hrgn=0x880407de) returned 0
[0165.151] SelectClipRgn (hdc=0x7e0107d0, hrgn=0x8040807) returned 2
[0165.151] DeleteObject (ho=0x880407de) returned 1
[0165.151] DeleteObject (ho=0x8040807) returned 1
[0165.151] OffsetViewportOrgEx (in: hdc=0x7e0107d0, x=0, y=0, lppt=0x2d38220 | out: lppt=0x2d38220) returned 1
[0165.151] DrawThemeParentBackground () returned 0x0
[0165.151] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0165.152] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0165.152] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.152] GetSystemMetrics (nIndex=42) returned 0
[0165.152] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0165.152] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0165.152] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0165.152] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0165.152] SelectPalette (hdc=0x7e0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.152] GdipCreateFromHDC (hdc=0x7e0107d0, graphics=0xd7dff0) returned 0x0
[0165.152] GdipSetPageUnit (graphics=0x663dbf8, unit=0x2) returned 0x0
[0165.152] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0165.152] GdipGetWorldTransform (graphics=0x663dbf8, matrix=0x6638c68) returned 0x0
[0165.152] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfc8) returned 0x0
[0165.152] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0165.152] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0165.153] GdipGetClip (graphics=0x663dbf8, region=0x6644aa8) returned 0x0
[0165.153] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x663dbf8, result=0xd7dfbc) returned 0x0
[0165.153] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0165.153] GdipSaveGraphics (graphics=0x663dbf8, state=0xd7dfe8) returned 0x0
[0165.153] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0165.159] GdipFillRectangleI (graphics=0x663dbf8, brush=0x66393e8, x=0, y=0, width=801, height=453) returned 0x0
[0165.159] GdipDeleteBrush (brush=0x66393e8) returned 0x0
[0165.159] GdipDeleteGraphics (graphics=0x663dbf8) returned 0x0
[0165.159] SelectPalette (hdc=0x7e0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.159] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.159] GetSystemMetrics (nIndex=42) returned 0
[0165.159] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0165.159] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0165.160] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0165.160] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0165.160] SelectPalette (hdc=0x7e0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.160] GdipCreateFromHDC (hdc=0x7e0107d0, graphics=0xd7df90) returned 0x0
[0165.160] GdipSetPageUnit (graphics=0x663dbf8, unit=0x2) returned 0x0
[0165.160] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0165.160] GdipGetWorldTransform (graphics=0x663dbf8, matrix=0x6638cc8) returned 0x0
[0165.160] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df68) returned 0x0
[0165.160] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0165.160] GdipCreateRegion (region=0xd7df50) returned 0x0
[0165.160] GdipGetClip (graphics=0x663dbf8, region=0x6644ce8) returned 0x0
[0165.160] GdipIsInfiniteRegion (region=0x6644ce8, graphics=0x663dbf8, result=0xd7df5c) returned 0x0
[0165.160] GdipDeleteRegion (region=0x6644ce8) returned 0x0
[0165.160] GdipSaveGraphics (graphics=0x663dbf8, state=0xd7df88) returned 0x0
[0165.160] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0165.166] GdipFillRectangleI (graphics=0x663dbf8, brush=0x6639a00, x=0, y=0, width=801, height=453) returned 0x0
[0165.166] GdipDeleteBrush (brush=0x6639a00) returned 0x0
[0165.166] GdipRestoreGraphics (graphics=0x663dbf8, state=0xfca00dbd) returned 0x0
[0165.166] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.166] GetSystemMetrics (nIndex=42) returned 0
[0165.166] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0165.166] GdipDeleteGraphics (graphics=0x663dbf8) returned 0x0
[0165.166] SelectPalette (hdc=0x7e0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.167] RestoreDC (hdc=0x7e0107d0, nSavedDC=-1) returned 1
[0165.167] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107d0) returned 0x0
[0165.167] IsAppThemed () returned 0x1
[0165.167] GetThemeAppProperties () returned 0x3
[0165.167] GetThemeAppProperties () returned 0x3
[0165.167] IsAppThemed () returned 0x1
[0165.167] GetThemeAppProperties () returned 0x3
[0165.167] GetThemeAppProperties () returned 0x3
[0165.167] IsThemePartDefined () returned 0x1
[0165.167] GdipCreateRegion (region=0xd7e480) returned 0x0
[0165.167] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0165.167] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0165.167] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0165.167] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0165.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.167] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0165.167] LocalFree (hMem=0x11eec58) returned 0x0
[0165.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0165.167] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0165.168] LocalFree (hMem=0x11eecc8) returned 0x0
[0165.168] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0165.168] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0165.168] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0165.168] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0165.168] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0165.168] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0165.168] GetCurrentObject (hdc=0x7e0107d0, type=0x1) returned 0xb00017
[0165.168] GetCurrentObject (hdc=0x7e0107d0, type=0x2) returned 0x900010
[0165.168] GetCurrentObject (hdc=0x7e0107d0, type=0x7) returned 0x4a0507fe
[0165.168] GetCurrentObject (hdc=0x7e0107d0, type=0x6) returned 0x8a01c2
[0165.168] SaveDC (hdc=0x7e0107d0) returned 1
[0165.168] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9040807
[0165.168] GetClipRgn (hdc=0x7e0107d0, hrgn=0x9040807) returned 0
[0165.168] SelectClipRgn (hdc=0x7e0107d0, hrgn=0x8a0407de) returned 2
[0165.168] DeleteObject (ho=0x9040807) returned 1
[0165.168] DeleteObject (ho=0x8a0407de) returned 1
[0165.168] OffsetViewportOrgEx (in: hdc=0x7e0107d0, x=0, y=0, lppt=0x2d3ea70 | out: lppt=0x2d3ea70) returned 1
[0165.168] IsAppThemed () returned 0x1
[0165.168] GetThemeAppProperties () returned 0x3
[0165.168] GetThemeAppProperties () returned 0x3
[0165.168] DrawThemeBackground () returned 0x0
[0165.169] RestoreDC (hdc=0x7e0107d0, nSavedDC=-1) returned 1
[0165.169] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107d0) returned 0x0
[0165.169] GdipCreateRegion (region=0xd7e484) returned 0x0
[0165.170] GdipGetClip (graphics=0x6600030, region=0x6644aa8) returned 0x0
[0165.170] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0165.170] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0165.170] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e49c) returned 0x0
[0165.170] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0165.170] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eed00) returned 0x0
[0165.170] LocalFree (hMem=0x11eed00) returned 0x0
[0165.170] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0165.170] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0165.170] LocalFree (hMem=0x11ee8d8) returned 0x0
[0165.170] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0165.170] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0165.170] GdipIsInfiniteRegion (region=0x6644aa8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0165.170] GdipGetRegionHRgn (region=0x6644aa8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0165.170] GdipDeleteRegion (region=0x6644aa8) returned 0x0
[0165.170] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0165.170] GetCurrentObject (hdc=0x7e0107d0, type=0x1) returned 0xb00017
[0165.170] GetCurrentObject (hdc=0x7e0107d0, type=0x2) returned 0x900010
[0165.170] GetCurrentObject (hdc=0x7e0107d0, type=0x7) returned 0x4a0507fe
[0165.170] GetCurrentObject (hdc=0x7e0107d0, type=0x6) returned 0x8a01c2
[0165.170] SaveDC (hdc=0x7e0107d0) returned 1
[0165.170] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b0407de
[0165.171] GetClipRgn (hdc=0x7e0107d0, hrgn=0x8b0407de) returned 0
[0165.171] SelectClipRgn (hdc=0x7e0107d0, hrgn=0xa040807) returned 2
[0165.171] DeleteObject (ho=0x8b0407de) returned 1
[0165.171] DeleteObject (ho=0xa040807) returned 1
[0165.171] OffsetViewportOrgEx (in: hdc=0x7e0107d0, x=0, y=0, lppt=0x2d3ed44 | out: lppt=0x2d3ed44) returned 1
[0165.171] IsAppThemed () returned 0x1
[0165.171] GetThemeAppProperties () returned 0x3
[0165.171] GetThemeAppProperties () returned 0x3
[0165.171] GetThemeBackgroundContentRect () returned 0x0
[0165.171] RestoreDC (hdc=0x7e0107d0, nSavedDC=-1) returned 1
[0165.171] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107d0) returned 0x0
[0165.171] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0165.171] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0165.171] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0165.171] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0165.171] IsAppThemed () returned 0x1
[0165.171] GetThemeAppProperties () returned 0x3
[0165.171] GetThemeAppProperties () returned 0x3
[0165.171] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0165.171] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0165.171] GetCurrentObject (hdc=0x7e0107d0, type=0x1) returned 0xb00017
[0165.171] GetCurrentObject (hdc=0x7e0107d0, type=0x2) returned 0x900010
[0165.172] GetCurrentObject (hdc=0x7e0107d0, type=0x7) returned 0x4a0507fe
[0165.172] GetCurrentObject (hdc=0x7e0107d0, type=0x6) returned 0x8a01c2
[0165.172] SaveDC (hdc=0x7e0107d0) returned 1
[0165.172] GetTextAlign (hdc=0x7e0107d0) returned 0x0
[0165.172] GetTextColor (hdc=0x7e0107d0) returned 0x0
[0165.172] GetCurrentObject (hdc=0x7e0107d0, type=0x6) returned 0x8a01c2
[0165.172] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0165.172] SelectObject (hdc=0x7e0107d0, h=0x6d0a0520) returned 0x8a01c2
[0165.172] GetBkMode (hdc=0x7e0107d0) returned 2
[0165.172] SetBkMode (hdc=0x7e0107d0, mode=1) returned 2
[0165.172] DrawTextExW (in: hdc=0x7e0107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d3f108 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0165.172] DrawTextExW (in: hdc=0x7e0107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d3f108 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0165.173] RestoreDC (hdc=0x7e0107d0, nSavedDC=-1) returned 1
[0165.173] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107d0) returned 0x0
[0165.173] GetFocus () returned 0x602c4
[0165.173] IsAppThemed () returned 0x1
[0165.173] GetThemeAppProperties () returned 0x3
[0165.173] GetThemeAppProperties () returned 0x3
[0165.173] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0165.173] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x7e0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.174] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107d0) returned 0x0
[0165.174] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.174] SelectObject (hdc=0x7e0107d0, h=0x85000f) returned 0x4a0507fe
[0165.174] DeleteDC (hdc=0x7e0107d0) returned 1
[0165.174] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.174] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0165.174] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0165.174] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0165.174] WaitMessage () returned 1
[0165.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.255] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.255] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.255] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0165.255] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0165.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.255] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.255] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.255] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0165.255] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0165.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0032) returned 0x0
[0165.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0165.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0165.256] WaitMessage () returned 1
[0165.373] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.373] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010d) returned 0x1
[0165.374] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.374] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.374] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010d) returned 0x1
[0165.374] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0165.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f004f) returned 0x0
[0165.374] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0165.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0165.374] SetCursor (hCursor=0x10003) returned 0x10003
[0165.374] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0165.374] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0165.374] GetKeyState (nVirtKey=1) returned -128
[0165.374] GetKeyState (nVirtKey=2) returned 0
[0165.374] GetKeyState (nVirtKey=4) returned 0
[0165.374] GetKeyState (nVirtKey=5) returned 0
[0165.374] GetKeyState (nVirtKey=6) returned 0
[0165.374] IsWindowVisible (hWnd=0x602c4) returned 1
[0165.374] IsWindowEnabled (hWnd=0x602c4) returned 1
[0165.374] SetFocus (hWnd=0x602c4) returned 0x602c4
[0165.375] GetFocus () returned 0x602c4
[0165.375] GetFocus () returned 0x602c4
[0165.375] GetFocus () returned 0x602c4
[0165.375] GetKeyState (nVirtKey=1) returned -128
[0165.375] GetKeyState (nVirtKey=2) returned 0
[0165.375] GetKeyState (nVirtKey=4) returned 0
[0165.375] GetKeyState (nVirtKey=5) returned 0
[0165.375] GetKeyState (nVirtKey=6) returned 0
[0165.375] GetCapture () returned 0x0
[0165.375] SetCapture (hWnd=0x602c4) returned 0x0
[0165.375] GetKeyState (nVirtKey=1) returned -128
[0165.375] GetKeyState (nVirtKey=2) returned 0
[0165.375] GetKeyState (nVirtKey=4) returned 0
[0165.375] GetKeyState (nVirtKey=5) returned 0
[0165.375] GetKeyState (nVirtKey=6) returned 0
[0165.375] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0165.375] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0165.375] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.376] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.376] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0165.376] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0165.376] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0165.376] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d3f28c, cPoints=0x1 | out: lpPoints=0x2d3f28c) returned 40304859
[0165.376] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0165.376] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0165.376] UpdateWindow (hWnd=0x602c4) returned 1
[0165.376] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0165.376] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.376] CreateCompatibleDC (hdc=0x107b9) returned 0x7f0107d0
[0165.376] SelectObject (hdc=0x7f0107d0, h=0x4a0507fe) returned 0x85000f
[0165.376] GdipCreateFromHDC (hdc=0x7f0107d0, graphics=0xd7e430) returned 0x0
[0165.377] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.377] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0165.377] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0165.377] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0165.377] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e490) returned 0x0
[0165.377] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0165.377] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea60) returned 0x0
[0165.377] LocalFree (hMem=0x11eea60) returned 0x0
[0165.377] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0165.377] GdipCreateRegion (region=0xd7e478) returned 0x0
[0165.377] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0165.377] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0165.377] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0165.377] GdipRestoreGraphics (graphics=0x6600030, state=0xfc9e0dbd) returned 0x0
[0165.377] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0165.377] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0165.377] GetCurrentObject (hdc=0x7f0107d0, type=0x1) returned 0xb00017
[0165.377] GetCurrentObject (hdc=0x7f0107d0, type=0x2) returned 0x900010
[0165.378] GetCurrentObject (hdc=0x7f0107d0, type=0x7) returned 0x4a0507fe
[0165.378] GetCurrentObject (hdc=0x7f0107d0, type=0x6) returned 0x8a01c2
[0165.378] SaveDC (hdc=0x7f0107d0) returned 1
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0xff) returned 0xff
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0x55) returned 0x55
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0x0) returned 0x0
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0x55) returned 0x55
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0x0) returned 0x0
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0x8080ff) returned 0x8080ff
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0x7373e5) returned 0x7373e5
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0xe5) returned 0xe5
[0165.378] GetNearestColor (hdc=0x7f0107d0, color=0x0) returned 0x0
[0165.378] RestoreDC (hdc=0x7f0107d0, nSavedDC=-1) returned 1
[0165.378] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d0) returned 0x0
[0165.378] IsAppThemed () returned 0x1
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] IsAppThemed () returned 0x1
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d3f9a8 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0165.379] IsAppThemed () returned 0x1
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] IsAppThemed () returned 0x1
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] IsAppThemed () returned 0x1
[0165.379] GetThemeAppProperties () returned 0x3
[0165.379] GetThemeAppProperties () returned 0x3
[0165.380] IsAppThemed () returned 0x1
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] IsThemePartDefined () returned 0x1
[0165.380] IsAppThemed () returned 0x1
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0165.380] IsAppThemed () returned 0x1
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] IsAppThemed () returned 0x1
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] GetThemeAppProperties () returned 0x3
[0165.380] IsThemePartDefined () returned 0x1
[0165.380] GdipCreateRegion (region=0xd7e194) returned 0x0
[0165.380] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0165.380] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0165.380] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0165.380] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e1ac) returned 0x0
[0165.380] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0165.380] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0165.380] LocalFree (hMem=0x11ee8d8) returned 0x0
[0165.380] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0165.380] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0165.381] LocalFree (hMem=0x11ee868) returned 0x0
[0165.381] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0165.381] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0165.381] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0165.381] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0165.381] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0165.381] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0165.381] GetCurrentObject (hdc=0x7f0107d0, type=0x1) returned 0xb00017
[0165.381] GetCurrentObject (hdc=0x7f0107d0, type=0x2) returned 0x900010
[0165.381] GetCurrentObject (hdc=0x7f0107d0, type=0x7) returned 0x4a0507fe
[0165.381] GetCurrentObject (hdc=0x7f0107d0, type=0x6) returned 0x8a01c2
[0165.381] SaveDC (hdc=0x7f0107d0) returned 1
[0165.381] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb040807
[0165.381] GetClipRgn (hdc=0x7f0107d0, hrgn=0xb040807) returned 0
[0165.381] SelectClipRgn (hdc=0x7f0107d0, hrgn=0x8f0407de) returned 2
[0165.381] DeleteObject (ho=0xb040807) returned 1
[0165.381] DeleteObject (ho=0x8f0407de) returned 1
[0165.381] OffsetViewportOrgEx (in: hdc=0x7f0107d0, x=0, y=0, lppt=0x2d40058 | out: lppt=0x2d40058) returned 1
[0165.382] DrawThemeParentBackground () returned 0x0
[0165.382] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0165.382] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0165.382] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.382] GetSystemMetrics (nIndex=42) returned 0
[0165.382] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0165.382] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0165.382] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0165.382] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0165.382] SelectPalette (hdc=0x7f0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.382] GdipCreateFromHDC (hdc=0x7f0107d0, graphics=0xd7dc88) returned 0x0
[0165.383] GdipSetPageUnit (graphics=0x663dbf8, unit=0x2) returned 0x0
[0165.383] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0165.383] GdipGetWorldTransform (graphics=0x663dbf8, matrix=0x6638ab8) returned 0x0
[0165.383] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc60) returned 0x0
[0165.383] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0165.383] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0165.383] GdipGetClip (graphics=0x663dbf8, region=0x6644238) returned 0x0
[0165.383] GdipIsInfiniteRegion (region=0x6644238, graphics=0x663dbf8, result=0xd7dc54) returned 0x0
[0165.383] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.383] GdipSaveGraphics (graphics=0x663dbf8, state=0xd7dc80) returned 0x0
[0165.383] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0165.390] GdipFillRectangleI (graphics=0x663dbf8, brush=0x663a018, x=0, y=0, width=801, height=453) returned 0x0
[0165.390] GdipDeleteBrush (brush=0x663a018) returned 0x0
[0165.390] GdipDeleteGraphics (graphics=0x663dbf8) returned 0x0
[0165.390] SelectPalette (hdc=0x7f0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.391] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.391] GetSystemMetrics (nIndex=42) returned 0
[0165.391] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0165.391] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0165.391] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0165.391] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0165.391] SelectPalette (hdc=0x7f0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.391] GdipCreateFromHDC (hdc=0x7f0107d0, graphics=0xd7dc28) returned 0x0
[0165.391] GdipSetPageUnit (graphics=0x663dbf8, unit=0x2) returned 0x0
[0165.391] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0165.391] GdipGetWorldTransform (graphics=0x663dbf8, matrix=0x6638d58) returned 0x0
[0165.391] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0165.391] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0165.392] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0165.392] GdipGetClip (graphics=0x663dbf8, region=0x6644f28) returned 0x0
[0165.392] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x663dbf8, result=0xd7dbf4) returned 0x0
[0165.392] GdipDeleteRegion (region=0x6644f28) returned 0x0
[0165.392] GdipSaveGraphics (graphics=0x663dbf8, state=0xd7dc20) returned 0x0
[0165.392] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0165.399] GdipFillRectangleI (graphics=0x663dbf8, brush=0x6639c70, x=0, y=0, width=801, height=453) returned 0x0
[0165.399] GdipDeleteBrush (brush=0x6639c70) returned 0x0
[0165.400] GdipRestoreGraphics (graphics=0x663dbf8, state=0xfc9a0dbd) returned 0x0
[0165.400] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.400] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.400] GetSystemMetrics (nIndex=42) returned 0
[0165.401] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0165.401] GdipDeleteGraphics (graphics=0x663dbf8) returned 0x0
[0165.401] SelectPalette (hdc=0x7f0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.401] RestoreDC (hdc=0x7f0107d0, nSavedDC=-1) returned 1
[0165.401] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d0) returned 0x0
[0165.401] IsAppThemed () returned 0x1
[0165.401] GetThemeAppProperties () returned 0x3
[0165.401] GetThemeAppProperties () returned 0x3
[0165.401] IsAppThemed () returned 0x1
[0165.401] GetThemeAppProperties () returned 0x3
[0165.401] GetThemeAppProperties () returned 0x3
[0165.401] IsThemePartDefined () returned 0x1
[0165.401] GdipCreateRegion (region=0xd7e118) returned 0x0
[0165.401] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.401] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0165.401] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0165.401] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e130) returned 0x0
[0165.401] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.402] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0165.402] LocalFree (hMem=0x11eec58) returned 0x0
[0165.402] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.402] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0165.402] LocalFree (hMem=0x11eec58) returned 0x0
[0165.402] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0165.402] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e158) returned 0x0
[0165.402] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e148) returned 0x0
[0165.402] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0165.402] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.402] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0165.402] GetCurrentObject (hdc=0x7f0107d0, type=0x1) returned 0xb00017
[0165.402] GetCurrentObject (hdc=0x7f0107d0, type=0x2) returned 0x900010
[0165.402] GetCurrentObject (hdc=0x7f0107d0, type=0x7) returned 0x4a0507fe
[0165.402] GetCurrentObject (hdc=0x7f0107d0, type=0x6) returned 0x8a01c2
[0165.402] SaveDC (hdc=0x7f0107d0) returned 1
[0165.402] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x900407de
[0165.402] GetClipRgn (hdc=0x7f0107d0, hrgn=0x900407de) returned 0
[0165.402] SelectClipRgn (hdc=0x7f0107d0, hrgn=0xd040807) returned 2
[0165.402] DeleteObject (ho=0x900407de) returned 1
[0165.402] DeleteObject (ho=0xd040807) returned 1
[0165.403] OffsetViewportOrgEx (in: hdc=0x7f0107d0, x=0, y=0, lppt=0x2d468a8 | out: lppt=0x2d468a8) returned 1
[0165.403] IsAppThemed () returned 0x1
[0165.403] GetThemeAppProperties () returned 0x3
[0165.403] GetThemeAppProperties () returned 0x3
[0165.403] DrawThemeBackground () returned 0x0
[0165.403] RestoreDC (hdc=0x7f0107d0, nSavedDC=-1) returned 1
[0165.403] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d0) returned 0x0
[0165.403] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0165.403] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0165.403] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0165.403] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0165.403] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e134) returned 0x0
[0165.403] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0165.403] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eead0) returned 0x0
[0165.403] LocalFree (hMem=0x11eead0) returned 0x0
[0165.403] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0165.403] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0165.404] LocalFree (hMem=0x11eecc8) returned 0x0
[0165.404] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0165.404] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0165.404] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0165.404] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0165.404] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0165.404] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0165.404] GetCurrentObject (hdc=0x7f0107d0, type=0x1) returned 0xb00017
[0165.404] GetCurrentObject (hdc=0x7f0107d0, type=0x2) returned 0x900010
[0165.404] GetCurrentObject (hdc=0x7f0107d0, type=0x7) returned 0x4a0507fe
[0165.404] GetCurrentObject (hdc=0x7f0107d0, type=0x6) returned 0x8a01c2
[0165.404] SaveDC (hdc=0x7f0107d0) returned 1
[0165.404] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe040807
[0165.404] GetClipRgn (hdc=0x7f0107d0, hrgn=0xe040807) returned 0
[0165.404] SelectClipRgn (hdc=0x7f0107d0, hrgn=0x910407de) returned 2
[0165.404] DeleteObject (ho=0xe040807) returned 1
[0165.404] DeleteObject (ho=0x910407de) returned 1
[0165.404] OffsetViewportOrgEx (in: hdc=0x7f0107d0, x=0, y=0, lppt=0x2d46b7c | out: lppt=0x2d46b7c) returned 1
[0165.404] IsAppThemed () returned 0x1
[0165.404] GetThemeAppProperties () returned 0x3
[0165.404] GetThemeAppProperties () returned 0x3
[0165.405] GetThemeBackgroundContentRect () returned 0x0
[0165.405] RestoreDC (hdc=0x7f0107d0, nSavedDC=-1) returned 1
[0165.405] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d0) returned 0x0
[0165.405] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0165.405] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0165.405] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0165.405] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0165.405] IsAppThemed () returned 0x1
[0165.405] GetThemeAppProperties () returned 0x3
[0165.405] GetThemeAppProperties () returned 0x3
[0165.405] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0165.405] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0165.405] GetCurrentObject (hdc=0x7f0107d0, type=0x1) returned 0xb00017
[0165.405] GetCurrentObject (hdc=0x7f0107d0, type=0x2) returned 0x900010
[0165.405] GetCurrentObject (hdc=0x7f0107d0, type=0x7) returned 0x4a0507fe
[0165.405] GetCurrentObject (hdc=0x7f0107d0, type=0x6) returned 0x8a01c2
[0165.405] SaveDC (hdc=0x7f0107d0) returned 1
[0165.405] GetTextAlign (hdc=0x7f0107d0) returned 0x0
[0165.405] GetTextColor (hdc=0x7f0107d0) returned 0x0
[0165.405] GetCurrentObject (hdc=0x7f0107d0, type=0x6) returned 0x8a01c2
[0165.405] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0165.406] SelectObject (hdc=0x7f0107d0, h=0x6d0a0520) returned 0x8a01c2
[0165.406] GetBkMode (hdc=0x7f0107d0) returned 2
[0165.406] SetBkMode (hdc=0x7f0107d0, mode=1) returned 2
[0165.406] DrawTextExW (in: hdc=0x7f0107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d46f40 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0165.406] DrawTextExW (in: hdc=0x7f0107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d46f40 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0165.406] RestoreDC (hdc=0x7f0107d0, nSavedDC=-1) returned 1
[0165.406] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d0) returned 0x0
[0165.406] GetFocus () returned 0x602c4
[0165.406] IsAppThemed () returned 0x1
[0165.407] GetThemeAppProperties () returned 0x3
[0165.407] GetThemeAppProperties () returned 0x3
[0165.407] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0165.407] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x7f0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.407] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d0) returned 0x0
[0165.407] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.407] SelectObject (hdc=0x7f0107d0, h=0x85000f) returned 0x4a0507fe
[0165.407] DeleteDC (hdc=0x7f0107d0) returned 1
[0165.407] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.407] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0165.407] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d4703c, cPoints=0x1 | out: lpPoints=0x2d4703c) returned 40304859
[0165.407] WindowFromPoint (Point=0x10d) returned 0x602c4
[0165.408] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010d) returned 0x1
[0165.408] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0165.408] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0165.408] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0165.408] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0165.408] GetSystemMetrics (nIndex=42) returned 0
[0165.408] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0165.408] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0165.410] GetCapture () returned 0x602c4
[0165.410] ReleaseCapture () returned 1
[0165.410] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0165.410] GetProcessWindowStation () returned 0x13c
[0165.410] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.411] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0165.411] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.411] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0165.411] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.411] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0165.412] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.412] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0165.412] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.412] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0165.412] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.412] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0165.412] GetDC (hWnd=0x0) returned 0xf0105ee
[0165.412] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0165.413] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0165.413] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.413] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0165.413] GetSystemMetrics (nIndex=5) returned 1
[0165.413] GetSystemMetrics (nIndex=6) returned 1
[0165.413] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.413] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0165.413] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.413] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0165.416] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0165.416] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0165.416] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.416] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0165.417] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.417] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0165.418] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d4ca58 | out: lpData=0x2d4ca58) returned 1
[0165.418] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4ce68, puLen=0xd7e810) returned 1
[0165.418] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cb10, puLen=0xd7e790) returned 1
[0165.418] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cb64, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cbe4, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cc4c, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cc8c, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cd14, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cd50, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cda8, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4cdd8, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ce14, puLen=0xd7e790) returned 1
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.419] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4ce68, puLen=0xd7e784) returned 1
[0165.419] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.420] VerQueryValueW (in: pBlock=0x2d4ca58, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d4ca80, puLen=0xd7e794) returned 1
[0165.420] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0165.420] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0165.420] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.420] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0165.420] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.421] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0165.421] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d4e9c8 | out: lpData=0x2d4e9c8) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4ea64, puLen=0xd7e810) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4eadc, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4eb0c, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4eb48, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4eb78, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ebc0, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ec38, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ec7c, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ecbc, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4eaba, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ec08, puLen=0xd7e790) returned 1
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4ea64, puLen=0xd7e784) returned 1
[0165.421] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0165.421] VerQueryValueW (in: pBlock=0x2d4e9c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d4e9f0, puLen=0xd7e794) returned 1
[0165.422] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0165.422] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0165.422] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.422] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0165.422] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.422] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0165.423] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d50ca0 | out: lpData=0x2d50ca0) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d510b4, puLen=0xd7e810) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50d58, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50dac, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50e08, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50e68, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50ec0, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50f48, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50f9c, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d50ff4, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51024, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51060, puLen=0xd7e790) returned 1
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d510b4, puLen=0xd7e784) returned 1
[0165.424] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.424] VerQueryValueW (in: pBlock=0x2d50ca0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d50cc8, puLen=0xd7e794) returned 1
[0165.425] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0165.425] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0165.425] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.425] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0165.425] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.425] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0165.426] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d532d8 | out: lpData=0x2d532d8) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d536d8, puLen=0xd7e810) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53390, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d533e4, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53424, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5348c, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d534e4, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5356c, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d535c0, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53618, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53648, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53684, puLen=0xd7e790) returned 1
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d536d8, puLen=0xd7e784) returned 1
[0165.427] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.427] VerQueryValueW (in: pBlock=0x2d532d8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d53300, puLen=0xd7e794) returned 1
[0165.428] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0165.428] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0165.428] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.428] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0165.428] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.428] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0165.429] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d55a14 | out: lpData=0x2d55a14) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d55ddc, puLen=0xd7e810) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55acc, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55b20, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55b60, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55bc8, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55c04, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55c8c, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55cc4, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55d1c, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55d4c, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d55d88, puLen=0xd7e790) returned 1
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d55ddc, puLen=0xd7e784) returned 1
[0165.430] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.430] VerQueryValueW (in: pBlock=0x2d55a14, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d55a3c, puLen=0xd7e794) returned 1
[0165.431] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0165.431] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0165.431] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.431] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0165.431] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.431] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0165.432] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d5907c | out: lpData=0x2d5907c) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5945c, puLen=0xd7e810) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59134, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59188, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d591c8, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59228, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59274, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d592fc, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59344, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5939c, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d593cc, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d59408, puLen=0xd7e790) returned 1
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5945c, puLen=0xd7e784) returned 1
[0165.433] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.433] VerQueryValueW (in: pBlock=0x2d5907c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d590a4, puLen=0xd7e794) returned 1
[0165.434] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0165.434] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0165.434] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.434] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0165.434] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.434] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0165.435] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d5b89c | out: lpData=0x2d5b89c) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5bca8, puLen=0xd7e810) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b954, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b9a8, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b9fc, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5ba5c, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bab4, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bb3c, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bb90, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bbe8, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bc18, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bc54, puLen=0xd7e790) returned 1
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5bca8, puLen=0xd7e784) returned 1
[0165.436] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.436] VerQueryValueW (in: pBlock=0x2d5b89c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5b8c4, puLen=0xd7e794) returned 1
[0165.437] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0165.437] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0165.437] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.437] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0165.437] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.437] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0165.438] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d5e0b0 | out: lpData=0x2d5e0b0) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5e488, puLen=0xd7e810) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e168, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e1bc, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e1fc, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e264, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e2a8, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e330, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e370, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e3c8, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e3f8, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e434, puLen=0xd7e790) returned 1
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5e488, puLen=0xd7e784) returned 1
[0165.439] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.439] VerQueryValueW (in: pBlock=0x2d5e0b0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5e0d8, puLen=0xd7e794) returned 1
[0165.440] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0165.440] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0165.440] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.440] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0165.440] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.440] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0165.441] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d60608 | out: lpData=0x2d60608) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d609e0, puLen=0xd7e810) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d606c0, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60714, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60754, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d607bc, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60800, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60888, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d608c8, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60920, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60950, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6098c, puLen=0xd7e790) returned 1
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d609e0, puLen=0xd7e784) returned 1
[0165.442] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.442] VerQueryValueW (in: pBlock=0x2d60608, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d60630, puLen=0xd7e794) returned 1
[0165.443] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0165.443] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0165.443] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0165.443] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0165.443] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0165.443] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0165.444] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d62d40 | out: lpData=0x2d62d40) returned 1
[0165.444] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d63170, puLen=0xd7e810) returned 1
[0165.444] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d62df8, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d62e4c, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d62ebc, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d62f1c, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d62f78, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63000, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63058, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d630b0, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d630e0, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6311c, puLen=0xd7e790) returned 1
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d63170, puLen=0xd7e784) returned 1
[0165.445] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0165.445] VerQueryValueW (in: pBlock=0x2d62d40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d62d68, puLen=0xd7e794) returned 1
[0165.445] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0165.446] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.446] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0165.446] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.446] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.446] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb00ea
[0165.447] SetWindowLongW (hWnd=0xb00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0165.447] GetWindowLongW (hWnd=0xb00ea, nIndex=-4) returned 1950089536
[0165.448] SetWindowLongW (hWnd=0xb00ea, nIndex=-4, dwNewLong=19942230) returned 1950089536
[0165.448] GetWindowLongW (hWnd=0xb00ea, nIndex=-4) returned 19942230
[0165.448] GetWindowLongW (hWnd=0xb00ea, nIndex=-16) returned 113311744
[0165.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0165.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0165.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0165.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0165.449] GetClientRect (in: hWnd=0xb00ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0165.449] GetWindowRect (in: hWnd=0xb00ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0165.449] SetWindowTextW (hWnd=0xb00ea, lpString="WindowsFormsParkingWindow") returned 1
[0165.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0xc, wParam=0x0, lParam=0x2d28218) returned 0x1
[0165.450] GetParent (hWnd=0xb00ea) returned 0x0
[0165.450] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.452] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xb00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802dc
[0165.452] SetWindowLongW (hWnd=0x802dc, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0165.453] GetWindowLongW (hWnd=0x802dc, nIndex=-4) returned 1868147648
[0165.453] SetWindowLongW (hWnd=0x802dc, nIndex=-4, dwNewLong=19942270) returned 1868147648
[0165.453] GetWindowLongW (hWnd=0x802dc, nIndex=-4) returned 19942270
[0165.453] GetWindowLongW (hWnd=0x802dc, nIndex=-16) returned 1174405133
[0165.453] GetWindowLongW (hWnd=0x802dc, nIndex=-12) returned 0
[0165.453] SetWindowLongW (hWnd=0x802dc, nIndex=-12, dwNewLong=525020) returned 0
[0165.453] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0165.454] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0165.454] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0165.454] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0165.454] GetWindowRect (in: hWnd=0x802dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0165.454] GetParent (hWnd=0x802dc) returned 0xb00ea
[0165.454] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb00ea, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0165.455] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0165.455] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0165.455] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0165.455] GetWindowRect (in: hWnd=0x802dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0165.455] GetParent (hWnd=0x802dc) returned 0xb00ea
[0165.455] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb00ea, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0165.455] SendMessageW (hWnd=0x802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x802dc) returned 0x0
[0165.455] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x802dc) returned 0x0
[0165.455] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.455] GetParent (hWnd=0x802dc) returned 0xb00ea
[0165.456] GdipCreateFromHWND (hwnd=0x802dc, graphics=0xd7e844) returned 0x0
[0165.456] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0165.456] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.456] GetForegroundWindow () returned 0x7005c
[0165.456] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.457] GetSystemMetrics (nIndex=42) returned 0
[0165.457] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0165.457] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0165.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.457] GetSystemMetrics (nIndex=42) returned 0
[0165.457] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0165.457] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.457] GetCursorPos (in: lpPoint=0x2d671c4 | out: lpPoint=0x2d671c4*(x=269, y=628)) returned 1
[0165.457] MonitorFromPoint (pt=0x10d, dwFlags=0x274) returned 0x10001
[0165.457] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0165.458] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x820107d0
[0165.458] GetDeviceCaps (hdc=0x820107d0, index=12) returned 32
[0165.458] GetDeviceCaps (hdc=0x820107d0, index=14) returned 1
[0165.458] DeleteDC (hdc=0x820107d0) returned 1
[0165.458] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0165.458] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0165.458] GetSystemMetrics (nIndex=59) returned 1460
[0165.458] GetSystemMetrics (nIndex=60) returned 920
[0165.458] GetSystemMetrics (nIndex=34) returned 136
[0165.458] GetSystemMetrics (nIndex=35) returned 39
[0165.458] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.458] GetCursorPos (in: lpPoint=0x2d67430 | out: lpPoint=0x2d67430*(x=269, y=628)) returned 1
[0165.459] MonitorFromPoint (pt=0x10d, dwFlags=0x274) returned 0x10001
[0165.459] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0165.459] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x830107d0
[0165.459] GetDeviceCaps (hdc=0x830107d0, index=12) returned 32
[0165.459] GetDeviceCaps (hdc=0x830107d0, index=14) returned 1
[0165.459] DeleteDC (hdc=0x830107d0) returned 1
[0165.459] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0165.459] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0165.459] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.459] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0165.460] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d676c8 | out: piconinfo=0x2d676c8) returned 1
[0165.460] GetObjectW (in: h=0x710507fc, c=24, pv=0x2d676e4 | out: pv=0x2d676e4) returned 24
[0165.460] GdipCreateBitmapFromHBITMAP (hbm=0x710507fc, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0165.460] GdipGetImageWidth (image=0x6602da0, width=0xd7e750) returned 0x0
[0165.460] GdipGetImageHeight (image=0x6602da0, height=0xd7e748) returned 0x0
[0165.460] GdipGetImagePixelFormat (image=0x6602da0, format=0xd7e740) returned 0x0
[0165.460] GdipBitmapLockBits (bitmap=0x6602da0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d6779c) returned 0x0
[0165.460] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0165.461] GdipBitmapLockBits (bitmap=0x6601d38, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d677d4) returned 0x0
[0165.461] RtlMoveMemory (in: Destination=0x663ce88, Source=0x663c540, Length=0x80 | out: Destination=0x663ce88)
[0165.461] RtlMoveMemory (in: Destination=0x663cf08, Source=0x663c4c0, Length=0x80 | out: Destination=0x663cf08)
[0165.461] RtlMoveMemory (in: Destination=0x663cf88, Source=0x663c440, Length=0x80 | out: Destination=0x663cf88)
[0165.461] RtlMoveMemory (in: Destination=0x663d008, Source=0x663c3c0, Length=0x80 | out: Destination=0x663d008)
[0165.461] RtlMoveMemory (in: Destination=0x663d088, Source=0x663c340, Length=0x80 | out: Destination=0x663d088)
[0165.461] RtlMoveMemory (in: Destination=0x663d108, Source=0x663c2c0, Length=0x80 | out: Destination=0x663d108)
[0165.461] RtlMoveMemory (in: Destination=0x663d188, Source=0x663c240, Length=0x80 | out: Destination=0x663d188)
[0165.461] RtlMoveMemory (in: Destination=0x663d208, Source=0x663c1c0, Length=0x80 | out: Destination=0x663d208)
[0165.461] RtlMoveMemory (in: Destination=0x663d288, Source=0x663c140, Length=0x80 | out: Destination=0x663d288)
[0165.461] RtlMoveMemory (in: Destination=0x663d308, Source=0x663c0c0, Length=0x80 | out: Destination=0x663d308)
[0165.461] RtlMoveMemory (in: Destination=0x663d388, Source=0x663c040, Length=0x80 | out: Destination=0x663d388)
[0165.461] RtlMoveMemory (in: Destination=0x663d408, Source=0x663bfc0, Length=0x80 | out: Destination=0x663d408)
[0165.461] RtlMoveMemory (in: Destination=0x663d488, Source=0x663bf40, Length=0x80 | out: Destination=0x663d488)
[0165.461] RtlMoveMemory (in: Destination=0x663d508, Source=0x663bec0, Length=0x80 | out: Destination=0x663d508)
[0165.461] RtlMoveMemory (in: Destination=0x663d588, Source=0x663be40, Length=0x80 | out: Destination=0x663d588)
[0165.461] RtlMoveMemory (in: Destination=0x663d608, Source=0x663bdc0, Length=0x80 | out: Destination=0x663d608)
[0165.461] RtlMoveMemory (in: Destination=0x663d688, Source=0x663bd40, Length=0x80 | out: Destination=0x663d688)
[0165.461] RtlMoveMemory (in: Destination=0x663d708, Source=0x663bcc0, Length=0x80 | out: Destination=0x663d708)
[0165.461] RtlMoveMemory (in: Destination=0x663d788, Source=0x663bc40, Length=0x80 | out: Destination=0x663d788)
[0165.461] RtlMoveMemory (in: Destination=0x663d808, Source=0x663bbc0, Length=0x80 | out: Destination=0x663d808)
[0165.461] RtlMoveMemory (in: Destination=0x663d888, Source=0x663bb40, Length=0x80 | out: Destination=0x663d888)
[0165.461] RtlMoveMemory (in: Destination=0x663d908, Source=0x663bac0, Length=0x80 | out: Destination=0x663d908)
[0165.462] RtlMoveMemory (in: Destination=0x663d988, Source=0x663ba40, Length=0x80 | out: Destination=0x663d988)
[0165.462] RtlMoveMemory (in: Destination=0x663da08, Source=0x663b9c0, Length=0x80 | out: Destination=0x663da08)
[0165.462] RtlMoveMemory (in: Destination=0x663da88, Source=0x663b940, Length=0x80 | out: Destination=0x663da88)
[0165.462] RtlMoveMemory (in: Destination=0x663db08, Source=0x663b8c0, Length=0x80 | out: Destination=0x663db08)
[0165.462] RtlMoveMemory (in: Destination=0x663db88, Source=0x663b840, Length=0x80 | out: Destination=0x663db88)
[0165.462] RtlMoveMemory (in: Destination=0x663dc08, Source=0x663b7c0, Length=0x80 | out: Destination=0x663dc08)
[0165.462] RtlMoveMemory (in: Destination=0x663dc88, Source=0x663b740, Length=0x80 | out: Destination=0x663dc88)
[0165.462] RtlMoveMemory (in: Destination=0x663dd08, Source=0x663b6c0, Length=0x80 | out: Destination=0x663dd08)
[0165.462] RtlMoveMemory (in: Destination=0x663dd88, Source=0x663b640, Length=0x80 | out: Destination=0x663dd88)
[0165.462] RtlMoveMemory (in: Destination=0x663de08, Source=0x663b5c0, Length=0x80 | out: Destination=0x663de08)
[0165.462] GdipBitmapUnlockBits (bitmap=0x6602da0, lockedBitmapData=0x2d6779c) returned 0x0
[0165.462] GdipBitmapUnlockBits (bitmap=0x6601d38, lockedBitmapData=0x2d677d4) returned 0x0
[0165.462] GdipDisposeImage (image=0x6602da0) returned 0x0
[0165.462] DeleteObject (ho=0x710507fc) returned 1
[0165.462] DeleteObject (ho=0x840507d0) returned 1
[0165.462] GetCurrentThreadId () returned 0xf50
[0165.462] GetCurrentThreadId () returned 0xf50
[0165.462] SetWindowPos (hWnd=0x802dc, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0165.463] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0165.463] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0165.463] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0165.463] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0165.463] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0165.463] GetWindowRect (in: hWnd=0x802dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0165.463] GetParent (hWnd=0x802dc) returned 0xb00ea
[0165.463] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb00ea, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0165.463] InvalidateRect (hWnd=0x802dc, lpRect=0x0, bErase=1) returned 1
[0165.463] GetWindowTextLengthW (hWnd=0x802dc) returned 0
[0165.463] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0165.464] GetSystemMetrics (nIndex=42) returned 0
[0165.464] GetWindowTextW (in: hWnd=0x802dc, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0165.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0165.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0165.464] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0165.464] GetWindowRect (in: hWnd=0x802dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0165.464] GetParent (hWnd=0x802dc) returned 0xb00ea
[0165.464] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb00ea, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0165.464] GetWindowTextLengthW (hWnd=0x802dc) returned 0
[0165.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0165.464] GetSystemMetrics (nIndex=42) returned 0
[0165.464] GetWindowTextW (in: hWnd=0x802dc, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0165.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0165.464] GetWindowTextLengthW (hWnd=0x802dc) returned 0
[0165.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0165.464] GetSystemMetrics (nIndex=42) returned 0
[0165.464] GetWindowTextW (in: hWnd=0x802dc, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0165.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0165.464] SetWindowTextW (hWnd=0x802dc, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0165.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xc, wParam=0x0, lParam=0x2d48630) returned 0x1
[0165.465] InvalidateRect (hWnd=0x802dc, lpRect=0x0, bErase=1) returned 1
[0165.465] GetCurrentThreadId () returned 0xf50
[0165.465] GetWindowThreadProcessId (in: hWnd=0x802dc, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0165.465] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0165.466] GdipImageForceValidation (image=0x6602080) returned 0x0
[0165.467] GdipGetImageRawFormat (image=0x6602080, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0165.467] GdipGetImageHeight (image=0x6602080, height=0xd7e824) returned 0x0
[0165.467] GdipGetImageWidth (image=0x6602080, width=0xd7e824) returned 0x0
[0165.467] GdipGetImageWidth (image=0x6602080, width=0xd7e810) returned 0x0
[0165.467] GdipGetImageHeight (image=0x6602080, height=0xd7e810) returned 0x0
[0165.467] GdipGetImageWidth (image=0x6602080, width=0xd7e800) returned 0x0
[0165.467] GdipGetImageHeight (image=0x6602080, height=0xd7e800) returned 0x0
[0165.467] GdipBitmapGetPixel (bitmap=0x6602080, x=0, y=15, color=0xd7e810) returned 0x0
[0165.468] GdipGetImageRawFormat (image=0x6602080, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0165.468] GdipGetImageWidth (image=0x6602080, width=0xd7e740) returned 0x0
[0165.468] GdipGetImageHeight (image=0x6602080, height=0xd7e740) returned 0x0
[0165.468] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0165.468] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0165.468] GdipGetImageGraphicsContext (image=0x66023c8, graphics=0xd7e74c) returned 0x0
[0165.468] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0165.468] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0165.468] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0165.468] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602080, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0165.468] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0165.468] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.468] GdipDisposeImage (image=0x6602080) returned 0x0
[0165.469] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0165.469] GdipImageForceValidation (image=0x6602080) returned 0x0
[0165.471] GdipGetImageRawFormat (image=0x6602080, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0165.471] GdipGetImageHeight (image=0x6602080, height=0xd7e824) returned 0x0
[0165.471] GdipGetImageWidth (image=0x6602080, width=0xd7e824) returned 0x0
[0165.471] GdipGetImageWidth (image=0x6602080, width=0xd7e810) returned 0x0
[0165.471] GdipGetImageHeight (image=0x6602080, height=0xd7e810) returned 0x0
[0165.471] GdipGetImageWidth (image=0x6602080, width=0xd7e800) returned 0x0
[0165.471] GdipGetImageHeight (image=0x6602080, height=0xd7e800) returned 0x0
[0165.471] GdipBitmapGetPixel (bitmap=0x6602080, x=0, y=15, color=0xd7e810) returned 0x0
[0165.471] GdipGetImageRawFormat (image=0x6602080, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0165.471] GdipGetImageWidth (image=0x6602080, width=0xd7e740) returned 0x0
[0165.471] GdipGetImageHeight (image=0x6602080, height=0xd7e740) returned 0x0
[0165.471] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0165.471] GdipGetImagePixelFormat (image=0x6603778, format=0xd7e740) returned 0x0
[0165.471] GdipGetImageGraphicsContext (image=0x6603778, graphics=0xd7e74c) returned 0x0
[0165.471] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0165.471] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0165.471] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0165.471] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602080, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0165.472] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0165.472] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.472] GdipDisposeImage (image=0x6602080) returned 0x0
[0165.472] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.472] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0165.472] GetCurrentThreadId () returned 0xf50
[0165.472] GetCurrentThreadId () returned 0xf50
[0165.472] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.473] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0165.473] GetCurrentThreadId () returned 0xf50
[0165.473] GetCurrentThreadId () returned 0xf50
[0165.473] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.473] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0165.473] GetCurrentThreadId () returned 0xf50
[0165.473] GetCurrentThreadId () returned 0xf50
[0165.473] GetSystemMetrics (nIndex=5) returned 1
[0165.473] GetSystemMetrics (nIndex=6) returned 1
[0165.473] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.473] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0165.473] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.474] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0165.474] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.474] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0165.474] GetCurrentThreadId () returned 0xf50
[0165.474] GetCurrentThreadId () returned 0xf50
[0165.474] GetProcessWindowStation () returned 0x13c
[0165.474] GetCapture () returned 0x0
[0165.474] GetActiveWindow () returned 0x7005c
[0165.474] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0165.474] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.474] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0165.474] GetCursorPos (in: lpPoint=0x2d68914 | out: lpPoint=0x2d68914*(x=269, y=628)) returned 1
[0165.475] MonitorFromPoint (pt=0x10d, dwFlags=0x274) returned 0x10001
[0165.475] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0165.475] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x850107d0
[0165.475] GetDeviceCaps (hdc=0x850107d0, index=12) returned 32
[0165.475] GetDeviceCaps (hdc=0x850107d0, index=14) returned 1
[0165.475] DeleteDC (hdc=0x850107d0) returned 1
[0165.475] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0165.475] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.475] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902d2
[0165.476] SetWindowLongW (hWnd=0x902d2, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0165.476] GetWindowLongW (hWnd=0x902d2, nIndex=-4) returned 1950089536
[0165.476] SetWindowLongW (hWnd=0x902d2, nIndex=-4, dwNewLong=19941910) returned 1950089536
[0165.476] GetWindowLongW (hWnd=0x902d2, nIndex=-4) returned 19941910
[0165.476] GetWindowLongW (hWnd=0x902d2, nIndex=-16) returned 113770496
[0165.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0165.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0165.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0165.478] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0165.478] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0165.478] SetWindowTextW (hWnd=0x902d2, lpString="BB ransomware") returned 1
[0165.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xc, wParam=0x0, lParam=0x2d670b0) returned 0x1
[0165.479] GetStartupInfoW (in: lpStartupInfo=0x2d68c50 | out: lpStartupInfo=0x2d68c50*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0165.480] GetParent (hWnd=0x902d2) returned 0x0
[0165.480] SetWindowLongW (hWnd=0x902d2, nIndex=-8, dwNewLong=0) returned 0
[0165.481] SendMessageW (hWnd=0x902d2, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0165.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0165.481] SendMessageW (hWnd=0x902d2, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0165.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0165.481] GetSystemMenu (hWnd=0x902d2, bRevert=0) returned 0x2300df
[0165.483] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0165.483] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0165.483] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0165.483] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0165.483] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0165.483] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0165.483] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0165.483] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0165.483] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0165.483] SetWindowPos (hWnd=0x902d2, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0165.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0165.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x902d2) returned 0x1
[0165.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0165.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0165.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x902d2, lParam=0x0) returned 0x0
[0165.490] GetCapture () returned 0x0
[0165.490] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0165.491] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0165.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0165.493] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0165.494] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0165.494] GetParent (hWnd=0x902d2) returned 0x0
[0165.494] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0165.496] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0165.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0165.496] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0165.496] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0165.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.514] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.514] GetWindowLongW (hWnd=0x902d2, nIndex=-16) returned 113770496
[0165.514] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.514] GetSystemMetrics (nIndex=42) returned 0
[0165.514] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0165.515] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.515] GetSystemMetrics (nIndex=42) returned 0
[0165.515] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0165.515] GetCursorPos (in: lpPoint=0x2d68e8c | out: lpPoint=0x2d68e8c*(x=269, y=628)) returned 1
[0165.515] MonitorFromPoint (pt=0x10a, dwFlags=0x274) returned 0x10001
[0165.515] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0165.515] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x67010793
[0165.515] GetDeviceCaps (hdc=0x67010793, index=12) returned 32
[0165.515] GetDeviceCaps (hdc=0x67010793, index=14) returned 1
[0165.515] DeleteDC (hdc=0x67010793) returned 1
[0165.515] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0165.515] GetWindowLongW (hWnd=0x902d2, nIndex=-16) returned 113770496
[0165.516] GetWindowLongW (hWnd=0x902d2, nIndex=-20) returned 327945
[0165.516] SetWindowLongW (hWnd=0x902d2, nIndex=-16, dwNewLong=46661632) returned 113770496
[0165.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0165.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0165.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.517] SetWindowLongW (hWnd=0x902d2, nIndex=-20, dwNewLong=327681) returned 327945
[0165.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0165.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0165.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.519] SetWindowPos (hWnd=0x902d2, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0165.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0165.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0165.520] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0165.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0165.520] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0165.520] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0165.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.521] RedrawWindow (hWnd=0x902d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0165.522] GetSystemMenu (hWnd=0x902d2, bRevert=0) returned 0x2300df
[0165.522] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0165.522] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0165.522] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0165.522] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0165.522] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0165.522] EnableMenuItem (hMenu=0x2300df, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0165.522] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0165.522] GetWindowLongW (hWnd=0x902d2, nIndex=-8) returned 0
[0165.522] SetWindowLongW (hWnd=0x902d2, nIndex=-8, dwNewLong=458844) returned 0
[0165.523] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0165.523] GetProcessWindowStation () returned 0x13c
[0165.523] GetCurrentThreadId () returned 0xf50
[0165.523] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304ba6, lParam=0x0) returned 1
[0165.523] IsWindowVisible (hWnd=0x902d2) returned 0
[0165.524] IsWindowVisible (hWnd=0x7005c) returned 1
[0165.524] IsWindowEnabled (hWnd=0x7005c) returned 1
[0165.524] IsWindowVisible (hWnd=0x300ec) returned 0
[0165.524] IsWindowVisible (hWnd=0x502c6) returned 0
[0165.524] IsWindowVisible (hWnd=0x502be) returned 0
[0165.524] GetActiveWindow () returned 0x902d2
[0165.524] GetFocus () returned 0x902d2
[0165.524] IsWindow (hWnd=0x7005c) returned 1
[0165.524] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0165.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0165.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0165.525] GetWindowLongW (hWnd=0x902d2, nIndex=-8) returned 458844
[0165.525] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0165.525] GetCurrentThreadId () returned 0xf50
[0165.525] GetWindowLongW (hWnd=0x902d2, nIndex=-8) returned 458844
[0165.525] IsWindowEnabled (hWnd=0x7005c) returned 0
[0165.525] IsWindowEnabled (hWnd=0x902d2) returned 1
[0165.525] ShowWindow (hWnd=0x902d2, nCmdShow=5) returned 0
[0165.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.525] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0165.525] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.525] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.525] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x902d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802de
[0165.526] SetWindowLongW (hWnd=0x802de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0165.526] GetWindowLongW (hWnd=0x802de, nIndex=-4) returned 1950089536
[0165.526] SetWindowLongW (hWnd=0x802de, nIndex=-4, dwNewLong=19941710) returned 1950089536
[0165.526] GetWindowLongW (hWnd=0x802de, nIndex=-4) returned 19941710
[0165.526] GetWindowLongW (hWnd=0x802de, nIndex=-16) returned 1174405120
[0165.526] GetWindowLongW (hWnd=0x802de, nIndex=-12) returned 0
[0165.526] SetWindowLongW (hWnd=0x802de, nIndex=-12, dwNewLong=525022) returned 0
[0165.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0165.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0165.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0165.527] GetWindow (hWnd=0x802de, uCmd=0x3) returned 0x0
[0165.527] GetClientRect (in: hWnd=0x802de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0165.527] GetWindowRect (in: hWnd=0x802de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0165.527] GetParent (hWnd=0x802de) returned 0x902d2
[0165.527] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0165.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0165.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0165.535] GetClientRect (in: hWnd=0x802de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0165.535] GetWindowRect (in: hWnd=0x802de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0165.535] GetParent (hWnd=0x802de) returned 0x902d2
[0165.535] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0165.535] SendMessageW (hWnd=0x802de, Msg=0x2210, wParam=0x2de0001, lParam=0x802de) returned 0x0
[0165.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x2210, wParam=0x2de0001, lParam=0x802de) returned 0x0
[0165.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.536] GetParent (hWnd=0x802de) returned 0x902d2
[0165.536] GetParent (hWnd=0x802dc) returned 0xb00ea
[0165.536] SetParent (hWndChild=0x802dc, hWndNewParent=0x902d2) returned 0xb00ea
[0165.536] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0165.536] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0165.537] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0165.537] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0165.537] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0165.537] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0165.537] GetWindowRect (in: hWnd=0x802dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0165.537] GetParent (hWnd=0x802dc) returned 0x902d2
[0165.537] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0165.537] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0165.537] GetWindowRect (in: hWnd=0x802dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0165.537] GetParent (hWnd=0x802dc) returned 0x902d2
[0165.537] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0165.537] GetParent (hWnd=0x802dc) returned 0x902d2
[0165.537] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.537] GetWindow (hWnd=0x802dc, uCmd=0x3) returned 0x0
[0165.537] SetWindowPos (hWnd=0x802dc, hWndInsertAfter=0x802de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0165.537] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0165.538] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0165.538] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0165.538] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0165.538] GetWindowRect (in: hWnd=0x802dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0165.538] GetParent (hWnd=0x802dc) returned 0x902d2
[0165.538] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0165.538] GetParent (hWnd=0x802dc) returned 0x902d2
[0165.538] GetWindow (hWnd=0x802dc, uCmd=0x3) returned 0x802de
[0165.539] GetWindowThreadProcessId (in: hWnd=0x802dc, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0165.539] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0165.539] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.540] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.540] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x902d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa013e
[0165.540] SetWindowLongW (hWnd=0xa013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0165.540] GetWindowLongW (hWnd=0xa013e, nIndex=-4) returned 1868032000
[0165.541] SetWindowLongW (hWnd=0xa013e, nIndex=-4, dwNewLong=19942350) returned 1868032000
[0165.541] GetWindowLongW (hWnd=0xa013e, nIndex=-4) returned 19942350
[0165.541] GetWindowLongW (hWnd=0xa013e, nIndex=-16) returned 1174470667
[0165.541] GetWindowLongW (hWnd=0xa013e, nIndex=-12) returned 0
[0165.541] SetWindowLongW (hWnd=0xa013e, nIndex=-12, dwNewLong=655678) returned 0
[0165.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0165.542] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0165.542] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0165.543] SendMessageW (hWnd=0xa013e, Msg=0x2055, wParam=0xa013e, lParam=0x3) returned 0x2
[0165.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0165.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0165.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0165.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0165.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0165.544] RedrawWindow (hWnd=0x802de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0165.545] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0165.545] RedrawWindow (hWnd=0x802dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0165.545] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0165.545] RedrawWindow (hWnd=0xa013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0165.545] RedrawWindow (hWnd=0x902d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0165.545] GetWindow (hWnd=0xa013e, uCmd=0x3) returned 0x802dc
[0165.546] GetClientRect (in: hWnd=0xa013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0165.546] GetWindowRect (in: hWnd=0xa013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0165.546] GetParent (hWnd=0xa013e) returned 0x902d2
[0165.546] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0165.546] SetWindowTextW (hWnd=0xa013e, lpString="&Details") returned 1
[0165.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0165.547] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0165.547] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0165.547] GetClientRect (in: hWnd=0xa013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0165.547] GetWindowRect (in: hWnd=0xa013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0165.547] GetParent (hWnd=0xa013e) returned 0x902d2
[0165.547] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0165.548] SendMessageW (hWnd=0xa013e, Msg=0x2210, wParam=0x13e0001, lParam=0xa013e) returned 0x0
[0165.548] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x2210, wParam=0x13e0001, lParam=0xa013e) returned 0x0
[0165.548] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.548] GetParent (hWnd=0xa013e) returned 0x902d2
[0165.548] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0165.549] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.549] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.549] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x902d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x6005a
[0165.550] SetWindowLongW (hWnd=0x6005a, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0165.550] GetWindowLongW (hWnd=0x6005a, nIndex=-4) returned 1868032000
[0165.550] SetWindowLongW (hWnd=0x6005a, nIndex=-4, dwNewLong=19941670) returned 1868032000
[0165.550] GetWindowLongW (hWnd=0x6005a, nIndex=-4) returned 19941670
[0165.550] GetWindowLongW (hWnd=0x6005a, nIndex=-16) returned 1174470667
[0165.550] GetWindowLongW (hWnd=0x6005a, nIndex=-12) returned 0
[0165.550] SetWindowLongW (hWnd=0x6005a, nIndex=-12, dwNewLong=393306) returned 0
[0165.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0165.551] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0165.551] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0165.552] SendMessageW (hWnd=0x6005a, Msg=0x2055, wParam=0x6005a, lParam=0x3) returned 0x2
[0165.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0165.552] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0165.552] GetWindow (hWnd=0x6005a, uCmd=0x3) returned 0xa013e
[0165.553] GetClientRect (in: hWnd=0x6005a, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0165.553] GetWindowRect (in: hWnd=0x6005a, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0165.553] GetParent (hWnd=0x6005a) returned 0x902d2
[0165.553] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0165.553] SetWindowTextW (hWnd=0x6005a, lpString="&Continue") returned 1
[0165.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0165.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0165.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0165.554] GetClientRect (in: hWnd=0x6005a, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0165.554] GetWindowRect (in: hWnd=0x6005a, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0165.554] GetParent (hWnd=0x6005a) returned 0x902d2
[0165.554] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0165.554] SendMessageW (hWnd=0x6005a, Msg=0x2210, wParam=0x5a0001, lParam=0x6005a) returned 0x0
[0165.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x2210, wParam=0x5a0001, lParam=0x6005a) returned 0x0
[0165.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.554] GetParent (hWnd=0x6005a) returned 0x902d2
[0165.554] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0165.555] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.555] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.555] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x902d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802da
[0165.556] SetWindowLongW (hWnd=0x802da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0165.556] GetWindowLongW (hWnd=0x802da, nIndex=-4) returned 1868032000
[0165.556] SetWindowLongW (hWnd=0x802da, nIndex=-4, dwNewLong=19941870) returned 1868032000
[0165.557] GetWindowLongW (hWnd=0x802da, nIndex=-4) returned 19941870
[0165.557] GetWindowLongW (hWnd=0x802da, nIndex=-16) returned 1174470667
[0165.557] GetWindowLongW (hWnd=0x802da, nIndex=-12) returned 0
[0165.557] SetWindowLongW (hWnd=0x802da, nIndex=-12, dwNewLong=525018) returned 0
[0165.557] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0165.558] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0165.558] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0165.559] SendMessageW (hWnd=0x802da, Msg=0x2055, wParam=0x802da, lParam=0x3) returned 0x2
[0165.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0165.559] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0165.559] GetWindow (hWnd=0x802da, uCmd=0x3) returned 0x6005a
[0165.559] GetClientRect (in: hWnd=0x802da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0165.559] GetWindowRect (in: hWnd=0x802da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0165.559] GetParent (hWnd=0x802da) returned 0x902d2
[0165.559] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0165.560] SetWindowTextW (hWnd=0x802da, lpString="&Quit") returned 1
[0165.560] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0165.560] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0165.560] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0165.560] GetClientRect (in: hWnd=0x802da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0165.561] GetWindowRect (in: hWnd=0x802da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0165.561] GetParent (hWnd=0x802da) returned 0x902d2
[0165.561] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0165.561] SendMessageW (hWnd=0x802da, Msg=0x2210, wParam=0x2da0001, lParam=0x802da) returned 0x0
[0165.561] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x2210, wParam=0x2da0001, lParam=0x802da) returned 0x0
[0165.561] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.561] GetParent (hWnd=0x802da) returned 0x902d2
[0165.561] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0165.562] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.562] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0165.562] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x902d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02d8
[0165.563] SetWindowLongW (hWnd=0xa02d8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0165.563] GetWindowLongW (hWnd=0xa02d8, nIndex=-4) returned 1868026976
[0165.563] SetWindowLongW (hWnd=0xa02d8, nIndex=-4, dwNewLong=19942070) returned 1868026976
[0165.563] GetWindowLongW (hWnd=0xa02d8, nIndex=-4) returned 19942070
[0165.563] GetWindowLongW (hWnd=0xa02d8, nIndex=-16) returned 1177553092
[0165.563] GetWindowLongW (hWnd=0xa02d8, nIndex=-12) returned 0
[0165.563] SetWindowLongW (hWnd=0xa02d8, nIndex=-12, dwNewLong=656088) returned 0
[0165.564] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0165.565] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0165.566] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0165.586] GetWindow (hWnd=0xa02d8, uCmd=0x3) returned 0x802da
[0165.586] GetClientRect (in: hWnd=0xa02d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0165.586] GetWindowRect (in: hWnd=0xa02d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0165.586] GetParent (hWnd=0xa02d8) returned 0x902d2
[0165.586] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0165.586] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.586] GetSystemMetrics (nIndex=42) returned 0
[0165.586] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0165.586] SendMessageW (hWnd=0xa02d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0165.586] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0165.594] SetWindowTextW (hWnd=0xa02d8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0165.594] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0xc, wParam=0x0, lParam=0x2d64a98) returned 0x1
[0165.620] GetSystemMetrics (nIndex=5) returned 1
[0165.620] GetSystemMetrics (nIndex=6) returned 1
[0165.620] SendMessageW (hWnd=0xa02d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0165.620] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0165.621] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0165.621] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0165.621] GetClientRect (in: hWnd=0xa02d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0165.621] GetWindowRect (in: hWnd=0xa02d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0165.622] GetParent (hWnd=0xa02d8) returned 0x902d2
[0165.622] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902d2, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0165.622] SendMessageW (hWnd=0xa02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xa02d8) returned 0x0
[0165.622] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xa02d8) returned 0x0
[0165.622] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0165.623] GetParent (hWnd=0xa02d8) returned 0x902d2
[0165.623] GetWindowLongW (hWnd=0x902d2, nIndex=-8) returned 458844
[0165.623] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0165.623] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0165.623] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x6e010793
[0165.623] GetDeviceCaps (hdc=0x6e010793, index=12) returned 32
[0165.623] GetDeviceCaps (hdc=0x6e010793, index=14) returned 1
[0165.623] DeleteDC (hdc=0x6e010793) returned 1
[0165.623] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0165.623] GetWindowThreadProcessId (in: hWnd=0x902d2, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0165.623] GetCurrentThreadId () returned 0xf50
[0165.624] PostMessageW (hWnd=0x902d2, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0165.624] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.624] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.624] GetSystemMetrics (nIndex=42) returned 0
[0165.624] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.624] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0165.624] GdipImageGetFrameDimensionsCount (image=0x6601d38, count=0xd7e25c) returned 0x0
[0165.624] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7970
[0165.624] GdipImageGetFrameDimensionsList (image=0x6601d38, dimensionIDs=0x11f7970*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0165.624] LocalFree (hMem=0x11f7970) returned 0x0
[0165.624] GdipImageGetFrameDimensionsCount (image=0x66023c8, count=0xd7e250) returned 0x0
[0165.624] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f77c0
[0165.624] GdipImageGetFrameDimensionsList (image=0x66023c8, dimensionIDs=0x11f77c0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0165.624] LocalFree (hMem=0x11f77c0) returned 0x0
[0165.625] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0165.625] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0165.625] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0165.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0165.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.710] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0165.710] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0165.710] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.710] GetSystemMetrics (nIndex=42) returned 0
[0165.710] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0165.710] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0165.710] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0165.710] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0165.710] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xffffffffdb0507e5
[0165.710] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0165.710] SaveDC (hdc=0x107b9) returned 1
[0165.711] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0165.711] CreateSolidBrush (color=0xf0f0f0) returned 0x651007e1
[0165.711] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x651007e1) returned 1
[0165.711] DeleteObject (ho=0x651007e1) returned 1
[0165.711] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0165.711] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0165.712] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0165.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0165.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0165.712] GetStockObject (i=5) returned 0x900015
[0165.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0165.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0165.713] GetStockObject (i=5) returned 0x900015
[0165.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0165.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0165.713] GetStockObject (i=5) returned 0x900015
[0165.713] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0165.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0165.713] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0165.713] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0165.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.716] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0165.716] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0165.717] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0165.717] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0165.717] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.717] InvalidateRect (hWnd=0xa013e, lpRect=0x0, bErase=0) returned 1
[0165.717] GetFocus () returned 0x902d2
[0165.717] GetFocus () returned 0x902d2
[0165.717] SetFocus (hWnd=0xa013e) returned 0x902d2
[0165.718] GetFocus () returned 0xa013e
[0165.718] IsChild (hWndParent=0x902d2, hWnd=0xa013e) returned 1
[0165.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x8, wParam=0xa013e, lParam=0x0) returned 0x0
[0165.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0165.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0165.722] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x7, wParam=0x902d2, lParam=0x0) returned 0x0
[0165.722] GetStockObject (i=5) returned 0x900015
[0165.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0165.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0165.722] GetDlgItem (hDlg=0x902d2, nIDDlgItem=655678) returned 0xa013e
[0165.722] SendMessageW (hWnd=0xa013e, Msg=0x202b, wParam=0xa013e, lParam=0xd7e0dc) returned 0x0
[0165.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x202b, wParam=0xa013e, lParam=0xd7e0dc) returned 0x0
[0165.722] InvalidateRect (hWnd=0xa013e, lpRect=0x0, bErase=0) returned 1
[0165.724] GetFocus () returned 0xa013e
[0165.724] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.724] IsWindowUnicode (hWnd=0x902d2) returned 1
[0165.724] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.724] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.724] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0165.725] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.725] IsWindowUnicode (hWnd=0x902d2) returned 1
[0165.725] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.725] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.725] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.725] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.725] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0165.726] IsWindowUnicode (hWnd=0x6005a) returned 1
[0165.726] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.726] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.726] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.726] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.726] IsWindowUnicode (hWnd=0x602c4) returned 1
[0165.726] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.726] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.726] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0165.726] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0165.726] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0165.726] IsWindowUnicode (hWnd=0x6005a) returned 1
[0165.726] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0165.726] SetCursor (hCursor=0x10003) returned 0x10003
[0165.727] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.727] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.727] _TrackMouseEvent (in: lpEventTrack=0x2d6a1d4 | out: lpEventTrack=0x2d6a1d4) returned 1
[0165.727] SendMessageW (hWnd=0x6005a, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0165.727] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0165.727] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.727] GetKeyState (nVirtKey=1) returned 0
[0165.727] GetKeyState (nVirtKey=2) returned 0
[0165.727] GetKeyState (nVirtKey=4) returned 0
[0165.727] GetKeyState (nVirtKey=5) returned 0
[0165.727] GetKeyState (nVirtKey=6) returned 0
[0165.727] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.727] IsWindowUnicode (hWnd=0x902d2) returned 1
[0165.727] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.727] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.727] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.728] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.728] IsWindowUnicode (hWnd=0x902d2) returned 1
[0165.728] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.728] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.728] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.728] BeginPaint (in: hWnd=0x902d2, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0165.729] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.729] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.729] GetSystemMetrics (nIndex=42) returned 0
[0165.729] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0165.729] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.729] EndPaint (hWnd=0x902d2, lpPaint=0xd7e274) returned 1
[0165.729] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.729] IsWindowUnicode (hWnd=0x802de) returned 1
[0165.729] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.729] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.729] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.729] BeginPaint (in: hWnd=0x802de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0165.729] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.730] CreateCompatibleDC (hdc=0x10105d6) returned 0xf7010781
[0165.730] SelectObject (hdc=0xf7010781, h=0x4a0507fe) returned 0x85000f
[0165.730] GdipCreateFromHDC (hdc=0xf7010781, graphics=0xd7e2b0) returned 0x0
[0165.730] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.730] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0165.730] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0165.730] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0165.730] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e310) returned 0x0
[0165.730] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0165.730] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0165.730] LocalFree (hMem=0x11ee8d8) returned 0x0
[0165.730] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0165.730] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0165.730] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.730] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e304) returned 0x0
[0165.730] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0165.730] GetWindowTextLengthW (hWnd=0x802de) returned 0
[0165.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0165.731] GetSystemMetrics (nIndex=42) returned 0
[0165.731] GetWindowTextW (in: hWnd=0x802de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0165.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0165.731] GetClientRect (in: hWnd=0x802de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0165.731] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0165.731] GdipGetClip (graphics=0x6600030, region=0x6644f28) returned 0x0
[0165.731] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0165.731] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0165.731] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e164) returned 0x0
[0165.731] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.731] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0165.731] LocalFree (hMem=0x11eec58) returned 0x0
[0165.731] GdipCombineRegionRegion (region=0x6644f28, region2=0x6644238, combineMode=0x1) returned 0x0
[0165.731] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.731] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0165.734] LocalFree (hMem=0x11eec58) returned 0x0
[0165.734] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0165.734] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0165.734] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0165.734] GdipGetRegionHRgn (region=0x6644f28, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0165.734] GdipDeleteRegion (region=0x6644f28) returned 0x0
[0165.734] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0165.734] GetCurrentObject (hdc=0xf7010781, type=0x1) returned 0xb00017
[0165.734] GetCurrentObject (hdc=0xf7010781, type=0x2) returned 0x900010
[0165.734] GetCurrentObject (hdc=0xf7010781, type=0x7) returned 0x4a0507fe
[0165.734] GetCurrentObject (hdc=0xf7010781, type=0x6) returned 0x8a01c2
[0165.734] SaveDC (hdc=0xf7010781) returned 1
[0165.734] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x920407de
[0165.734] GetClipRgn (hdc=0xf7010781, hrgn=0x920407de) returned 0
[0165.734] SelectClipRgn (hdc=0xf7010781, hrgn=0x11040807) returned 2
[0165.734] DeleteObject (ho=0x920407de) returned 1
[0165.734] DeleteObject (ho=0x11040807) returned 1
[0165.735] OffsetViewportOrgEx (in: hdc=0xf7010781, x=0, y=0, lppt=0x2d6a650 | out: lppt=0x2d6a650) returned 1
[0165.735] GetNearestColor (hdc=0xf7010781, color=0xf0f0f0) returned 0xf0f0f0
[0165.735] CreateSolidBrush (color=0xf0f0f0) returned 0x661007e1
[0165.735] FillRect (hDC=0xf7010781, lprc=0xd7e198, hbr=0x661007e1) returned 1
[0165.735] DeleteObject (ho=0x661007e1) returned 1
[0165.735] RestoreDC (hdc=0xf7010781, nSavedDC=-1) returned 1
[0165.735] GdipReleaseDC (graphics=0x6600030, hdc=0xf7010781) returned 0x0
[0165.735] GdipRestoreGraphics (graphics=0x6600030, state=0xfc940dbd) returned 0x0
[0165.735] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.735] GetWindowTextLengthW (hWnd=0x802de) returned 0
[0165.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0165.735] GetSystemMetrics (nIndex=42) returned 0
[0165.735] GetWindowTextW (in: hWnd=0x802de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0165.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0165.735] GdipGetImageWidth (image=0x6601d38, width=0xd7e1e0) returned 0x0
[0165.735] GdipGetImageHeight (image=0x6601d38, height=0xd7e1e0) returned 0x0
[0165.735] GdipGetImageWidth (image=0x6601d38, width=0xd7e1cc) returned 0x0
[0165.735] GdipGetImageHeight (image=0x6601d38, height=0xd7e1cc) returned 0x0
[0165.735] GdipDrawImageRectI (graphics=0x6600030, image=0x6601d38, x=16, y=16, width=32, height=32) returned 0x0
[0165.736] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0165.736] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0xf7010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.736] GdipReleaseDC (graphics=0x6600030, hdc=0xf7010781) returned 0x0
[0165.736] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.736] SelectObject (hdc=0xf7010781, h=0x85000f) returned 0x4a0507fe
[0165.736] DeleteDC (hdc=0xf7010781) returned 1
[0165.736] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.736] EndPaint (hWnd=0x802de, lpPaint=0xd7e294) returned 1
[0165.736] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.736] IsWindowUnicode (hWnd=0x802dc) returned 1
[0165.736] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.736] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.736] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.736] BeginPaint (in: hWnd=0x802dc, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0165.737] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.737] CreateCompatibleDC (hdc=0x107b9) returned 0xf9010781
[0165.737] GetObjectType (h=0x107b9) returned 0x3
[0165.737] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0x7a050793
[0165.737] GetDIBits (in: hdc=0x107b9, hbm=0x7a050793, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0165.737] GetDIBits (in: hdc=0x107b9, hbm=0x7a050793, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0165.737] DeleteObject (ho=0x7a050793) returned 1
[0165.737] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xf0050671
[0165.737] SelectObject (hdc=0xf9010781, h=0xf0050671) returned 0x85000f
[0165.737] GdipCreateFromHDC (hdc=0xf9010781, graphics=0xd7e234) returned 0x0
[0165.738] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.738] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0165.738] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0165.738] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0165.738] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0165.738] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0165.738] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0165.738] LocalFree (hMem=0x11ee9f0) returned 0x0
[0165.738] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0165.738] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0165.738] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0165.738] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0165.738] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0165.738] GetWindowTextLengthW (hWnd=0x802dc) returned 232
[0165.738] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0165.738] GetSystemMetrics (nIndex=42) returned 0
[0165.738] GetWindowTextW (in: hWnd=0x802dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0165.738] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0165.738] GetClientRect (in: hWnd=0x802dc, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0165.738] GdipCreateRegion (region=0xd7e110) returned 0x0
[0165.738] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.738] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0165.739] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0165.739] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e128) returned 0x0
[0165.739] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0165.739] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0165.739] LocalFree (hMem=0x11ee8d8) returned 0x0
[0165.739] GdipCombineRegionRegion (region=0x6644238, region2=0x6644358, combineMode=0x1) returned 0x0
[0165.739] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.739] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0165.739] LocalFree (hMem=0x11eec58) returned 0x0
[0165.739] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0165.739] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e150) returned 0x0
[0165.739] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e140) returned 0x0
[0165.739] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0165.739] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.739] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0165.739] GetCurrentObject (hdc=0xf9010781, type=0x1) returned 0xb00017
[0165.739] GetCurrentObject (hdc=0xf9010781, type=0x2) returned 0x900010
[0165.739] GetCurrentObject (hdc=0xf9010781, type=0x7) returned 0xfffffffff0050671
[0165.739] GetCurrentObject (hdc=0xf9010781, type=0x6) returned 0x8a01c2
[0165.739] SaveDC (hdc=0xf9010781) returned 1
[0165.739] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x12040807
[0165.740] GetClipRgn (hdc=0xf9010781, hrgn=0x12040807) returned 0
[0165.740] SelectClipRgn (hdc=0xf9010781, hrgn=0x930407de) returned 2
[0165.740] DeleteObject (ho=0x12040807) returned 1
[0165.740] DeleteObject (ho=0x930407de) returned 1
[0165.740] OffsetViewportOrgEx (in: hdc=0xf9010781, x=0, y=0, lppt=0x2d6c018 | out: lppt=0x2d6c018) returned 1
[0165.740] GetNearestColor (hdc=0xf9010781, color=0xf0f0f0) returned 0xf0f0f0
[0165.740] CreateSolidBrush (color=0xf0f0f0) returned 0x671007e1
[0165.740] FillRect (hDC=0xf9010781, lprc=0xd7e15c, hbr=0x671007e1) returned 1
[0165.741] DeleteObject (ho=0x671007e1) returned 1
[0165.741] RestoreDC (hdc=0xf9010781, nSavedDC=-1) returned 1
[0165.741] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010781) returned 0x0
[0165.741] GdipRestoreGraphics (graphics=0x6600030, state=0xfc920dbd) returned 0x0
[0165.741] GdipDeleteRegion (region=0x6644358) returned 0x0
[0165.741] GetWindowTextLengthW (hWnd=0x802dc) returned 232
[0165.741] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0165.741] GetSystemMetrics (nIndex=42) returned 0
[0165.741] GetWindowTextW (in: hWnd=0x802dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0165.741] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0165.741] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0165.741] GetCurrentObject (hdc=0xf9010781, type=0x1) returned 0xb00017
[0165.741] GetCurrentObject (hdc=0xf9010781, type=0x2) returned 0x900010
[0165.741] GetCurrentObject (hdc=0xf9010781, type=0x7) returned 0xfffffffff0050671
[0165.741] GetCurrentObject (hdc=0xf9010781, type=0x6) returned 0x8a01c2
[0165.741] SaveDC (hdc=0xf9010781) returned 1
[0165.741] GetNearestColor (hdc=0xf9010781, color=0x0) returned 0x0
[0165.742] RestoreDC (hdc=0xf9010781, nSavedDC=-1) returned 1
[0165.742] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010781) returned 0x0
[0165.742] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0165.742] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0165.742] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d6c814 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0165.743] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0165.743] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0165.743] GetCurrentObject (hdc=0xf9010781, type=0x1) returned 0xb00017
[0165.743] GetCurrentObject (hdc=0xf9010781, type=0x2) returned 0x900010
[0165.743] GetCurrentObject (hdc=0xf9010781, type=0x7) returned 0xfffffffff0050671
[0165.743] GetCurrentObject (hdc=0xf9010781, type=0x6) returned 0x8a01c2
[0165.743] SaveDC (hdc=0xf9010781) returned 1
[0165.743] GetTextAlign (hdc=0xf9010781) returned 0x0
[0165.743] GetTextColor (hdc=0xf9010781) returned 0x0
[0165.743] GetCurrentObject (hdc=0xf9010781, type=0x6) returned 0x8a01c2
[0165.743] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0165.743] SelectObject (hdc=0xf9010781, h=0x6d0a0520) returned 0x8a01c2
[0165.743] GetBkMode (hdc=0xf9010781) returned 2
[0165.743] SetBkMode (hdc=0xf9010781, mode=1) returned 2
[0165.744] DrawTextExW (in: hdc=0xf9010781, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d6ca38 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0165.747] RestoreDC (hdc=0xf9010781, nSavedDC=-1) returned 1
[0165.747] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010781) returned 0x0
[0165.747] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0165.747] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0xf9010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.747] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010781) returned 0x0
[0165.747] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.747] SelectObject (hdc=0xf9010781, h=0x85000f) returned 0xf0050671
[0165.748] DeleteDC (hdc=0xf9010781) returned 1
[0165.748] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.748] DeleteObject (ho=0xf0050671) returned 1
[0165.748] EndPaint (hWnd=0x802dc, lpPaint=0xd7e258) returned 1
[0165.748] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.748] IsWindowUnicode (hWnd=0xa013e) returned 1
[0165.748] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.748] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.749] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.749] BeginPaint (in: hWnd=0xa013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0165.749] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.749] CreateCompatibleDC (hdc=0x60100ce) returned 0x7c010793
[0165.749] SelectObject (hdc=0x7c010793, h=0x4a0507fe) returned 0x85000f
[0165.749] GdipCreateFromHDC (hdc=0x7c010793, graphics=0xd7e268) returned 0x0
[0165.749] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.749] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0165.749] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0165.749] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0165.749] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0165.749] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.749] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0165.749] LocalFree (hMem=0x11ee788) returned 0x0
[0165.750] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0165.750] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0165.750] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.750] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0165.750] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0165.750] GdipRestoreGraphics (graphics=0x6600030, state=0xfc900dbd) returned 0x0
[0165.750] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.750] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0165.750] GetCurrentObject (hdc=0x7c010793, type=0x1) returned 0xb00017
[0165.750] GetCurrentObject (hdc=0x7c010793, type=0x2) returned 0x900010
[0165.750] GetCurrentObject (hdc=0x7c010793, type=0x7) returned 0x4a0507fe
[0165.750] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.750] SaveDC (hdc=0x7c010793) returned 1
[0165.750] GetNearestColor (hdc=0x7c010793, color=0xf0f0f0) returned 0xf0f0f0
[0165.750] GetNearestColor (hdc=0x7c010793, color=0xa0a0a0) returned 0xa0a0a0
[0165.750] GetNearestColor (hdc=0x7c010793, color=0x696969) returned 0x696969
[0165.750] GetNearestColor (hdc=0x7c010793, color=0xa0a0a0) returned 0xa0a0a0
[0165.750] GetNearestColor (hdc=0x7c010793, color=0x0) returned 0x0
[0165.750] GetNearestColor (hdc=0x7c010793, color=0xffffff) returned 0xffffff
[0165.751] GetNearestColor (hdc=0x7c010793, color=0xe5e5e5) returned 0xe5e5e5
[0165.751] GetNearestColor (hdc=0x7c010793, color=0xd7d7d7) returned 0xd7d7d7
[0165.751] GetNearestColor (hdc=0x7c010793, color=0x0) returned 0x0
[0165.751] RestoreDC (hdc=0x7c010793, nSavedDC=-1) returned 1
[0165.751] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010793) returned 0x0
[0165.751] IsAppThemed () returned 0x1
[0165.751] GetThemeAppProperties () returned 0x3
[0165.751] GetThemeAppProperties () returned 0x3
[0165.751] GdipGetImageWidth (image=0x66023c8, width=0xd7e168) returned 0x0
[0165.751] GdipGetImageHeight (image=0x66023c8, height=0xd7e168) returned 0x0
[0165.751] IsAppThemed () returned 0x1
[0165.751] GetThemeAppProperties () returned 0x3
[0165.751] GetThemeAppProperties () returned 0x3
[0165.751] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d6d188 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0165.752] IsAppThemed () returned 0x1
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] IsAppThemed () returned 0x1
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetFocus () returned 0xa013e
[0165.752] IsAppThemed () returned 0x1
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] IsAppThemed () returned 0x1
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] IsThemePartDefined () returned 0x1
[0165.752] IsAppThemed () returned 0x1
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0165.752] IsAppThemed () returned 0x1
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] IsAppThemed () returned 0x1
[0165.752] GetThemeAppProperties () returned 0x3
[0165.752] GetThemeAppProperties () returned 0x3
[0165.753] IsThemePartDefined () returned 0x1
[0165.753] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0165.753] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0165.753] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0165.753] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0165.753] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dff0) returned 0x0
[0165.753] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0165.753] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0165.753] LocalFree (hMem=0x11ee9f0) returned 0x0
[0165.753] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.753] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0165.753] LocalFree (hMem=0x11ee788) returned 0x0
[0165.753] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0165.753] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0165.753] GdipIsInfiniteRegion (region=0x66446b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0165.753] GdipGetRegionHRgn (region=0x66446b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0165.753] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0165.753] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0165.753] GetCurrentObject (hdc=0x7c010793, type=0x1) returned 0xb00017
[0165.753] GetCurrentObject (hdc=0x7c010793, type=0x2) returned 0x900010
[0165.754] GetCurrentObject (hdc=0x7c010793, type=0x7) returned 0x4a0507fe
[0165.754] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.754] SaveDC (hdc=0x7c010793) returned 1
[0165.754] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x940407de
[0165.754] GetClipRgn (hdc=0x7c010793, hrgn=0x940407de) returned 0
[0165.754] SelectClipRgn (hdc=0x7c010793, hrgn=0x16040807) returned 2
[0165.754] DeleteObject (ho=0x940407de) returned 1
[0165.754] DeleteObject (ho=0x16040807) returned 1
[0165.754] OffsetViewportOrgEx (in: hdc=0x7c010793, x=0, y=0, lppt=0x2d6d838 | out: lppt=0x2d6d838) returned 1
[0165.754] DrawThemeParentBackground () returned 0x0
[0165.754] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0165.754] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0165.754] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.755] GetSystemMetrics (nIndex=42) returned 0
[0165.755] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.755] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0165.755] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0165.755] GetCurrentObject (hdc=0x7c010793, type=0x1) returned 0xb00017
[0165.755] GetCurrentObject (hdc=0x7c010793, type=0x2) returned 0x900010
[0165.755] GetCurrentObject (hdc=0x7c010793, type=0x7) returned 0x4a0507fe
[0165.755] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.755] SaveDC (hdc=0x7c010793) returned 2
[0165.755] GetNearestColor (hdc=0x7c010793, color=0xf0f0f0) returned 0xf0f0f0
[0165.755] CreateSolidBrush (color=0xf0f0f0) returned 0x681007e1
[0165.755] FillRect (hDC=0x7c010793, lprc=0xd7da38, hbr=0x681007e1) returned 1
[0165.755] DeleteObject (ho=0x681007e1) returned 1
[0165.755] RestoreDC (hdc=0x7c010793, nSavedDC=-1) returned 1
[0165.755] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.755] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.755] GetSystemMetrics (nIndex=42) returned 0
[0165.755] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.755] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0165.756] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0165.756] GetCurrentObject (hdc=0x7c010793, type=0x1) returned 0xb00017
[0165.756] GetCurrentObject (hdc=0x7c010793, type=0x2) returned 0x900010
[0165.756] GetCurrentObject (hdc=0x7c010793, type=0x7) returned 0x4a0507fe
[0165.756] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.756] SaveDC (hdc=0x7c010793) returned 2
[0165.756] GetNearestColor (hdc=0x7c010793, color=0xf0f0f0) returned 0xf0f0f0
[0165.756] CreateSolidBrush (color=0xf0f0f0) returned 0x691007e1
[0165.756] FillRect (hDC=0x7c010793, lprc=0xd7d9d8, hbr=0x691007e1) returned 1
[0165.756] DeleteObject (ho=0x691007e1) returned 1
[0165.756] RestoreDC (hdc=0x7c010793, nSavedDC=-1) returned 1
[0165.756] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.756] GetSystemMetrics (nIndex=42) returned 0
[0165.756] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0165.756] RestoreDC (hdc=0x7c010793, nSavedDC=-1) returned 1
[0165.756] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010793) returned 0x0
[0165.756] IsAppThemed () returned 0x1
[0165.757] GetThemeAppProperties () returned 0x3
[0165.757] GetThemeAppProperties () returned 0x3
[0165.757] IsAppThemed () returned 0x1
[0165.757] GetThemeAppProperties () returned 0x3
[0165.757] GetThemeAppProperties () returned 0x3
[0165.757] IsThemePartDefined () returned 0x1
[0165.757] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0165.757] GdipGetClip (graphics=0x6600030, region=0x6644f28) returned 0x0
[0165.757] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0165.757] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0165.757] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df74) returned 0x0
[0165.757] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0165.757] LocalFree (hMem=0x11ee788) returned 0x0
[0165.757] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea60) returned 0x0
[0165.757] LocalFree (hMem=0x11eea60) returned 0x0
[0165.757] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0165.757] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0165.757] GdipIsInfiniteRegion (region=0x6644f28, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0165.757] GdipGetRegionHRgn (region=0x6644f28, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0165.757] GdipDeleteRegion (region=0x6644f28) returned 0x0
[0165.757] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0165.757] GetCurrentObject (hdc=0x7c010793, type=0x1) returned 0xb00017
[0165.757] GetCurrentObject (hdc=0x7c010793, type=0x2) returned 0x900010
[0165.757] GetCurrentObject (hdc=0x7c010793, type=0x7) returned 0x4a0507fe
[0165.757] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.758] SaveDC (hdc=0x7c010793) returned 1
[0165.758] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x17040807
[0165.758] GetClipRgn (hdc=0x7c010793, hrgn=0x17040807) returned 0
[0165.758] SelectClipRgn (hdc=0x7c010793, hrgn=0x960407de) returned 2
[0165.758] DeleteObject (ho=0x17040807) returned 1
[0165.758] DeleteObject (ho=0x960407de) returned 1
[0165.758] OffsetViewportOrgEx (in: hdc=0x7c010793, x=0, y=0, lppt=0x2d6e0e4 | out: lppt=0x2d6e0e4) returned 1
[0165.758] IsAppThemed () returned 0x1
[0165.758] GetThemeAppProperties () returned 0x3
[0165.758] GetThemeAppProperties () returned 0x3
[0165.758] DrawThemeBackground () returned 0x0
[0165.758] RestoreDC (hdc=0x7c010793, nSavedDC=-1) returned 1
[0165.758] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010793) returned 0x0
[0165.758] GdipCreateRegion (region=0xd7df60) returned 0x0
[0165.758] GdipGetClip (graphics=0x6600030, region=0x66442c8) returned 0x0
[0165.758] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0165.758] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0165.758] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df78) returned 0x0
[0165.758] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.758] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0165.759] LocalFree (hMem=0x11ee788) returned 0x0
[0165.759] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.759] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0165.759] LocalFree (hMem=0x11eec58) returned 0x0
[0165.759] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0165.759] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0165.759] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0165.759] GdipGetRegionHRgn (region=0x66442c8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0165.759] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0165.759] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0165.759] GetCurrentObject (hdc=0x7c010793, type=0x1) returned 0xb00017
[0165.759] GetCurrentObject (hdc=0x7c010793, type=0x2) returned 0x900010
[0165.759] GetCurrentObject (hdc=0x7c010793, type=0x7) returned 0x4a0507fe
[0165.759] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.759] SaveDC (hdc=0x7c010793) returned 1
[0165.759] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x970407de
[0165.759] GetClipRgn (hdc=0x7c010793, hrgn=0x970407de) returned 0
[0165.759] SelectClipRgn (hdc=0x7c010793, hrgn=0x18040807) returned 2
[0165.759] DeleteObject (ho=0x970407de) returned 1
[0165.759] DeleteObject (ho=0x18040807) returned 1
[0165.759] OffsetViewportOrgEx (in: hdc=0x7c010793, x=0, y=0, lppt=0x2d6e3b8 | out: lppt=0x2d6e3b8) returned 1
[0165.760] IsAppThemed () returned 0x1
[0165.760] GetThemeAppProperties () returned 0x3
[0165.760] GetThemeAppProperties () returned 0x3
[0165.760] GetThemeBackgroundContentRect () returned 0x0
[0165.760] RestoreDC (hdc=0x7c010793, nSavedDC=-1) returned 1
[0165.760] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010793) returned 0x0
[0165.760] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0165.760] GdipGetClip (graphics=0x6600030, region=0x66446b8) returned 0x0
[0165.760] GdipCloneRegion (region=0x66446b8, cloneRegion=0xd7e150) returned 0x0
[0165.760] GdipCombineRegionRectI (region=0x6644f28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0165.760] GdipCombineRegionRectI (region=0x6644f28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0165.760] GdipSetClipRegion (graphics=0x6600030, region=0x6644f28, combineMode=0x0) returned 0x0
[0165.760] GdipGetImageWidth (image=0x66023c8, width=0xd7e154) returned 0x0
[0165.760] GdipGetImageHeight (image=0x66023c8, height=0xd7e148) returned 0x0
[0165.760] GdipDrawImageRectI (graphics=0x6600030, image=0x66023c8, x=4, y=4, width=16, height=16) returned 0x0
[0165.760] GdipSetClipRegion (graphics=0x6600030, region=0x66446b8, combineMode=0x0) returned 0x0
[0165.760] IsAppThemed () returned 0x1
[0165.760] GetThemeAppProperties () returned 0x3
[0165.760] GetThemeAppProperties () returned 0x3
[0165.760] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0165.760] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0165.760] GetCurrentObject (hdc=0x7c010793, type=0x1) returned 0xb00017
[0165.761] GetCurrentObject (hdc=0x7c010793, type=0x2) returned 0x900010
[0165.761] GetCurrentObject (hdc=0x7c010793, type=0x7) returned 0x4a0507fe
[0165.761] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.761] SaveDC (hdc=0x7c010793) returned 1
[0165.761] GetTextAlign (hdc=0x7c010793) returned 0x0
[0165.761] GetTextColor (hdc=0x7c010793) returned 0x0
[0165.761] GetCurrentObject (hdc=0x7c010793, type=0x6) returned 0x8a01c2
[0165.761] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0165.761] SelectObject (hdc=0x7c010793, h=0x6d0a0520) returned 0x8a01c2
[0165.761] GetBkMode (hdc=0x7c010793) returned 2
[0165.761] SetBkMode (hdc=0x7c010793, mode=1) returned 2
[0165.761] DrawTextExW (in: hdc=0x7c010793, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d6e778 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0165.761] DrawTextExW (in: hdc=0x7c010793, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d6e778 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0165.762] RestoreDC (hdc=0x7c010793, nSavedDC=-1) returned 1
[0165.762] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010793) returned 0x0
[0165.762] GetFocus () returned 0xa013e
[0165.762] IsAppThemed () returned 0x1
[0165.762] GetThemeAppProperties () returned 0x3
[0165.762] GetThemeAppProperties () returned 0x3
[0165.762] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0165.762] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x7c010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.762] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010793) returned 0x0
[0165.762] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.762] SelectObject (hdc=0x7c010793, h=0x85000f) returned 0x4a0507fe
[0165.762] DeleteDC (hdc=0x7c010793) returned 1
[0165.762] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.773] EndPaint (hWnd=0xa013e, lpPaint=0xd7e24c) returned 1
[0165.773] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.773] IsWindowUnicode (hWnd=0x6005a) returned 1
[0165.773] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.773] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.773] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.773] BeginPaint (in: hWnd=0x6005a, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0165.773] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.774] CreateCompatibleDC (hdc=0xc0107c5) returned 0xf8010671
[0165.774] SelectObject (hdc=0xf8010671, h=0x4a0507fe) returned 0x85000f
[0165.774] GdipCreateFromHDC (hdc=0xf8010671, graphics=0xd7e268) returned 0x0
[0165.774] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.774] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0165.774] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0165.774] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0165.774] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0165.774] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.774] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0165.774] LocalFree (hMem=0x11ee788) returned 0x0
[0165.774] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0165.774] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0165.774] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0165.774] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0165.774] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0165.774] GdipRestoreGraphics (graphics=0x6600030, state=0xfc8e0dbd) returned 0x0
[0165.774] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0165.775] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0165.775] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0165.775] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0165.775] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0165.775] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.775] SaveDC (hdc=0xf8010671) returned 1
[0165.775] GetNearestColor (hdc=0xf8010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.775] GetNearestColor (hdc=0xf8010671, color=0xa0a0a0) returned 0xa0a0a0
[0165.775] GetNearestColor (hdc=0xf8010671, color=0x696969) returned 0x696969
[0165.775] GetNearestColor (hdc=0xf8010671, color=0xa0a0a0) returned 0xa0a0a0
[0165.775] GetNearestColor (hdc=0xf8010671, color=0x0) returned 0x0
[0165.775] GetNearestColor (hdc=0xf8010671, color=0xffffff) returned 0xffffff
[0165.775] GetNearestColor (hdc=0xf8010671, color=0xe5e5e5) returned 0xe5e5e5
[0165.775] GetNearestColor (hdc=0xf8010671, color=0xd7d7d7) returned 0xd7d7d7
[0165.775] GetNearestColor (hdc=0xf8010671, color=0x0) returned 0x0
[0165.775] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0165.775] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0165.776] IsAppThemed () returned 0x1
[0165.776] GetThemeAppProperties () returned 0x3
[0165.776] GetThemeAppProperties () returned 0x3
[0165.776] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0165.776] SendMessageW (hWnd=0x902d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0165.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0165.776] IsAppThemed () returned 0x1
[0165.776] GetThemeAppProperties () returned 0x3
[0165.776] GetThemeAppProperties () returned 0x3
[0165.776] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d6ef88 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0165.776] IsAppThemed () returned 0x1
[0165.776] GetThemeAppProperties () returned 0x3
[0165.776] GetThemeAppProperties () returned 0x3
[0165.776] IsAppThemed () returned 0x1
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] IsAppThemed () returned 0x1
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] IsAppThemed () returned 0x1
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] IsThemePartDefined () returned 0x1
[0165.777] IsAppThemed () returned 0x1
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0165.777] IsAppThemed () returned 0x1
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] IsAppThemed () returned 0x1
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] GetThemeAppProperties () returned 0x3
[0165.777] IsThemePartDefined () returned 0x1
[0165.777] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0165.777] GdipGetClip (graphics=0x6600030, region=0x6644478) returned 0x0
[0165.778] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0165.778] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0165.778] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfe4) returned 0x0
[0165.778] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0165.778] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0165.778] LocalFree (hMem=0x11ee8d8) returned 0x0
[0165.778] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.778] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0165.778] LocalFree (hMem=0x11eec58) returned 0x0
[0165.778] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0165.778] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0165.782] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0165.782] GdipGetRegionHRgn (region=0x6644478, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0165.782] GdipDeleteRegion (region=0x6644478) returned 0x0
[0165.782] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0165.782] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0165.782] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0165.782] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0165.783] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.783] SaveDC (hdc=0xf8010671) returned 1
[0165.783] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x19040807
[0165.783] GetClipRgn (hdc=0xf8010671, hrgn=0x19040807) returned 0
[0165.783] SelectClipRgn (hdc=0xf8010671, hrgn=0x9b0407de) returned 2
[0165.783] DeleteObject (ho=0x19040807) returned 1
[0165.783] DeleteObject (ho=0x9b0407de) returned 1
[0165.783] OffsetViewportOrgEx (in: hdc=0xf8010671, x=0, y=0, lppt=0x2d6f638 | out: lppt=0x2d6f638) returned 1
[0165.783] DrawThemeParentBackground () returned 0x0
[0165.783] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0165.783] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0165.783] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.783] GetSystemMetrics (nIndex=42) returned 0
[0165.783] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0165.784] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0165.784] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0165.784] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0165.784] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0165.784] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.784] SaveDC (hdc=0xf8010671) returned 2
[0165.784] GetNearestColor (hdc=0xf8010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.784] CreateSolidBrush (color=0xf0f0f0) returned 0x6a1007e1
[0165.784] FillRect (hDC=0xf8010671, lprc=0xd7da30, hbr=0x6a1007e1) returned 1
[0165.784] DeleteObject (ho=0x6a1007e1) returned 1
[0165.784] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0165.784] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.784] GetSystemMetrics (nIndex=42) returned 0
[0165.784] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0165.784] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0165.784] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0165.784] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0165.785] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0165.785] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.785] SaveDC (hdc=0xf8010671) returned 2
[0165.785] GetNearestColor (hdc=0xf8010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.785] CreateSolidBrush (color=0xf0f0f0) returned 0x6b1007e1
[0165.785] FillRect (hDC=0xf8010671, lprc=0xd7d9d0, hbr=0x6b1007e1) returned 1
[0165.785] DeleteObject (ho=0x6b1007e1) returned 1
[0165.785] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0165.785] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.785] GetSystemMetrics (nIndex=42) returned 0
[0165.785] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0165.785] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0165.785] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0165.785] IsAppThemed () returned 0x1
[0165.786] GetThemeAppProperties () returned 0x3
[0165.786] GetThemeAppProperties () returned 0x3
[0165.786] IsAppThemed () returned 0x1
[0165.786] GetThemeAppProperties () returned 0x3
[0165.786] GetThemeAppProperties () returned 0x3
[0165.786] IsThemePartDefined () returned 0x1
[0165.786] GdipCreateRegion (region=0xd7df50) returned 0x0
[0165.786] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.786] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0165.786] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0165.786] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df68) returned 0x0
[0165.786] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0165.786] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0165.786] LocalFree (hMem=0x11ee9f0) returned 0x0
[0165.786] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0165.786] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0165.786] LocalFree (hMem=0x11ee9f0) returned 0x0
[0165.786] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0165.787] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df90) returned 0x0
[0165.787] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df80) returned 0x0
[0165.787] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0165.787] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.787] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0165.787] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0165.787] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0165.787] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0165.787] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.787] SaveDC (hdc=0xf8010671) returned 1
[0165.787] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9c0407de
[0165.787] GetClipRgn (hdc=0xf8010671, hrgn=0x9c0407de) returned 0
[0165.787] SelectClipRgn (hdc=0xf8010671, hrgn=0x1b040807) returned 2
[0165.787] DeleteObject (ho=0x9c0407de) returned 1
[0165.787] DeleteObject (ho=0x1b040807) returned 1
[0165.787] OffsetViewportOrgEx (in: hdc=0xf8010671, x=0, y=0, lppt=0x2d6fee4 | out: lppt=0x2d6fee4) returned 1
[0165.787] IsAppThemed () returned 0x1
[0165.787] GetThemeAppProperties () returned 0x3
[0165.787] GetThemeAppProperties () returned 0x3
[0165.788] DrawThemeBackground () returned 0x0
[0165.788] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0165.788] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0165.788] GdipCreateRegion (region=0xd7df54) returned 0x0
[0165.788] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.788] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0165.788] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0165.788] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df6c) returned 0x0
[0165.788] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0165.788] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0165.788] LocalFree (hMem=0x11ee8d8) returned 0x0
[0165.788] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.788] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0165.788] LocalFree (hMem=0x11eec58) returned 0x0
[0165.788] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0165.788] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df94) returned 0x0
[0165.788] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df84) returned 0x0
[0165.788] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0165.788] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.788] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0165.788] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0165.788] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0165.789] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0165.789] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.789] SaveDC (hdc=0xf8010671) returned 1
[0165.789] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1c040807
[0165.789] GetClipRgn (hdc=0xf8010671, hrgn=0x1c040807) returned 0
[0165.789] SelectClipRgn (hdc=0xf8010671, hrgn=0x9d0407de) returned 2
[0165.789] DeleteObject (ho=0x1c040807) returned 1
[0165.789] DeleteObject (ho=0x9d0407de) returned 1
[0165.789] OffsetViewportOrgEx (in: hdc=0xf8010671, x=0, y=0, lppt=0x2d701b8 | out: lppt=0x2d701b8) returned 1
[0165.789] IsAppThemed () returned 0x1
[0165.789] GetThemeAppProperties () returned 0x3
[0165.789] GetThemeAppProperties () returned 0x3
[0165.789] GetThemeBackgroundContentRect () returned 0x0
[0165.789] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0165.789] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0165.789] IsAppThemed () returned 0x1
[0165.789] GetThemeAppProperties () returned 0x3
[0165.789] GetThemeAppProperties () returned 0x3
[0165.789] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0165.789] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0165.790] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0165.790] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0165.790] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0165.790] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.790] SaveDC (hdc=0xf8010671) returned 1
[0165.790] GetTextAlign (hdc=0xf8010671) returned 0x0
[0165.790] GetTextColor (hdc=0xf8010671) returned 0x0
[0165.790] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0165.790] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0165.790] SelectObject (hdc=0xf8010671, h=0x6d0a0520) returned 0x8a01c2
[0165.790] GetBkMode (hdc=0xf8010671) returned 2
[0165.790] SetBkMode (hdc=0xf8010671, mode=1) returned 2
[0165.790] DrawTextExW (in: hdc=0xf8010671, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d70558 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0165.791] DrawTextExW (in: hdc=0xf8010671, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d70558 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0165.791] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0165.791] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0165.791] GetFocus () returned 0xa013e
[0165.791] IsAppThemed () returned 0x1
[0165.791] GetThemeAppProperties () returned 0x3
[0165.791] GetThemeAppProperties () returned 0x3
[0165.791] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0165.791] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xf8010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.791] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0165.791] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.791] SelectObject (hdc=0xf8010671, h=0x85000f) returned 0x4a0507fe
[0165.791] DeleteDC (hdc=0xf8010671) returned 1
[0165.792] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.792] EndPaint (hWnd=0x6005a, lpPaint=0xd7e24c) returned 1
[0165.792] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.792] IsWindowUnicode (hWnd=0x802da) returned 1
[0165.792] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.792] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.792] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.792] BeginPaint (in: hWnd=0x802da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0165.792] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.792] CreateCompatibleDC (hdc=0x10105d6) returned 0xfa010671
[0165.792] SelectObject (hdc=0xfa010671, h=0x4a0507fe) returned 0x85000f
[0165.792] GdipCreateFromHDC (hdc=0xfa010671, graphics=0xd7e268) returned 0x0
[0165.793] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.793] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0165.793] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0165.793] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0165.793] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0165.793] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0165.793] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0165.793] LocalFree (hMem=0x11ee8d8) returned 0x0
[0165.793] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0165.793] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0165.793] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.793] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0165.793] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0165.793] GdipRestoreGraphics (graphics=0x6600030, state=0xfc8c0dbd) returned 0x0
[0165.793] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.793] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0165.793] GetCurrentObject (hdc=0xfa010671, type=0x1) returned 0xb00017
[0165.793] GetCurrentObject (hdc=0xfa010671, type=0x2) returned 0x900010
[0165.793] GetCurrentObject (hdc=0xfa010671, type=0x7) returned 0x4a0507fe
[0165.793] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.793] SaveDC (hdc=0xfa010671) returned 1
[0165.794] GetNearestColor (hdc=0xfa010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.794] GetNearestColor (hdc=0xfa010671, color=0xa0a0a0) returned 0xa0a0a0
[0165.883] GetNearestColor (hdc=0xfa010671, color=0x696969) returned 0x696969
[0165.883] GetNearestColor (hdc=0xfa010671, color=0xa0a0a0) returned 0xa0a0a0
[0165.883] GetNearestColor (hdc=0xfa010671, color=0x0) returned 0x0
[0165.883] GetNearestColor (hdc=0xfa010671, color=0xffffff) returned 0xffffff
[0165.883] GetNearestColor (hdc=0xfa010671, color=0xe5e5e5) returned 0xe5e5e5
[0165.883] GetNearestColor (hdc=0xfa010671, color=0xd7d7d7) returned 0xd7d7d7
[0165.883] GetNearestColor (hdc=0xfa010671, color=0x0) returned 0x0
[0165.883] RestoreDC (hdc=0xfa010671, nSavedDC=-1) returned 1
[0165.883] GdipReleaseDC (graphics=0x6600030, hdc=0xfa010671) returned 0x0
[0165.884] IsAppThemed () returned 0x1
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0165.884] SendMessageW (hWnd=0x902d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0165.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0165.884] IsAppThemed () returned 0x1
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d70d68 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0165.884] IsAppThemed () returned 0x1
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] IsAppThemed () returned 0x1
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] GetThemeAppProperties () returned 0x3
[0165.884] GetFocus () returned 0xa013e
[0165.885] IsAppThemed () returned 0x1
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] IsAppThemed () returned 0x1
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] IsThemePartDefined () returned 0x1
[0165.885] IsAppThemed () returned 0x1
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0165.885] IsAppThemed () returned 0x1
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] IsAppThemed () returned 0x1
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] GetThemeAppProperties () returned 0x3
[0165.885] IsThemePartDefined () returned 0x1
[0165.885] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0165.885] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.885] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0165.885] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0165.885] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0165.885] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0165.886] LocalFree (hMem=0x11ee9f0) returned 0x0
[0165.886] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0165.886] LocalFree (hMem=0x11ee9f0) returned 0x0
[0165.886] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0165.886] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e018) returned 0x0
[0165.886] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e008) returned 0x0
[0165.886] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0165.886] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.886] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0165.886] GetCurrentObject (hdc=0xfa010671, type=0x1) returned 0xb00017
[0165.886] GetCurrentObject (hdc=0xfa010671, type=0x2) returned 0x900010
[0165.886] GetCurrentObject (hdc=0xfa010671, type=0x7) returned 0x4a0507fe
[0165.886] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.886] SaveDC (hdc=0xfa010671) returned 1
[0165.886] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9e0407de
[0165.886] GetClipRgn (hdc=0xfa010671, hrgn=0x9e0407de) returned 0
[0165.886] SelectClipRgn (hdc=0xfa010671, hrgn=0x20040807) returned 2
[0165.886] DeleteObject (ho=0x9e0407de) returned 1
[0165.886] DeleteObject (ho=0x20040807) returned 1
[0165.886] OffsetViewportOrgEx (in: hdc=0xfa010671, x=0, y=0, lppt=0x2d71418 | out: lppt=0x2d71418) returned 1
[0165.887] DrawThemeParentBackground () returned 0x0
[0165.887] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0165.887] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0165.887] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.887] GetSystemMetrics (nIndex=42) returned 0
[0165.887] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0165.887] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0165.887] GetCurrentObject (hdc=0xfa010671, type=0x1) returned 0xb00017
[0165.887] GetCurrentObject (hdc=0xfa010671, type=0x2) returned 0x900010
[0165.887] GetCurrentObject (hdc=0xfa010671, type=0x7) returned 0x4a0507fe
[0165.887] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.887] SaveDC (hdc=0xfa010671) returned 2
[0165.887] GetNearestColor (hdc=0xfa010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.887] CreateSolidBrush (color=0xf0f0f0) returned 0x6c1007e1
[0165.887] FillRect (hDC=0xfa010671, lprc=0xd7da38, hbr=0x6c1007e1) returned 1
[0165.888] DeleteObject (ho=0x6c1007e1) returned 1
[0165.888] RestoreDC (hdc=0xfa010671, nSavedDC=-1) returned 1
[0165.888] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.888] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.888] GetSystemMetrics (nIndex=42) returned 0
[0165.888] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.888] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0165.888] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0165.888] GetCurrentObject (hdc=0xfa010671, type=0x1) returned 0xb00017
[0165.888] GetCurrentObject (hdc=0xfa010671, type=0x2) returned 0x900010
[0165.888] GetCurrentObject (hdc=0xfa010671, type=0x7) returned 0x4a0507fe
[0165.888] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.888] SaveDC (hdc=0xfa010671) returned 2
[0165.888] GetNearestColor (hdc=0xfa010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.888] CreateSolidBrush (color=0xf0f0f0) returned 0x6d1007e1
[0165.888] FillRect (hDC=0xfa010671, lprc=0xd7d9d8, hbr=0x6d1007e1) returned 1
[0165.888] DeleteObject (ho=0x6d1007e1) returned 1
[0165.889] RestoreDC (hdc=0xfa010671, nSavedDC=-1) returned 1
[0165.889] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.889] GetSystemMetrics (nIndex=42) returned 0
[0165.889] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0165.889] RestoreDC (hdc=0xfa010671, nSavedDC=-1) returned 1
[0165.889] GdipReleaseDC (graphics=0x6600030, hdc=0xfa010671) returned 0x0
[0165.889] IsAppThemed () returned 0x1
[0165.889] GetThemeAppProperties () returned 0x3
[0165.889] GetThemeAppProperties () returned 0x3
[0165.889] IsAppThemed () returned 0x1
[0165.889] GetThemeAppProperties () returned 0x3
[0165.889] GetThemeAppProperties () returned 0x3
[0165.889] IsThemePartDefined () returned 0x1
[0165.889] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0165.889] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0165.889] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0165.889] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0165.890] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0165.890] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0165.890] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea60) returned 0x0
[0165.890] LocalFree (hMem=0x11eea60) returned 0x0
[0165.890] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.890] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0165.890] LocalFree (hMem=0x11eec58) returned 0x0
[0165.890] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0165.890] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0165.890] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0165.890] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0165.890] GdipDeleteRegion (region=0x6644238) returned 0x0
[0165.890] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0165.890] GetCurrentObject (hdc=0xfa010671, type=0x1) returned 0xb00017
[0165.890] GetCurrentObject (hdc=0xfa010671, type=0x2) returned 0x900010
[0165.890] GetCurrentObject (hdc=0xfa010671, type=0x7) returned 0x4a0507fe
[0165.890] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.890] SaveDC (hdc=0xfa010671) returned 1
[0165.890] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x21040807
[0165.890] GetClipRgn (hdc=0xfa010671, hrgn=0x21040807) returned 0
[0165.890] SelectClipRgn (hdc=0xfa010671, hrgn=0xa00407de) returned 2
[0165.891] DeleteObject (ho=0x21040807) returned 1
[0165.891] DeleteObject (ho=0xa00407de) returned 1
[0165.891] OffsetViewportOrgEx (in: hdc=0xfa010671, x=0, y=0, lppt=0x2d71cc4 | out: lppt=0x2d71cc4) returned 1
[0165.891] IsAppThemed () returned 0x1
[0165.893] GetThemeAppProperties () returned 0x3
[0165.894] GetThemeAppProperties () returned 0x3
[0165.894] DrawThemeBackground () returned 0x0
[0165.894] RestoreDC (hdc=0xfa010671, nSavedDC=-1) returned 1
[0165.894] GdipReleaseDC (graphics=0x6600030, hdc=0xfa010671) returned 0x0
[0165.894] GdipCreateRegion (region=0xd7df60) returned 0x0
[0165.894] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0165.894] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0165.894] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0165.894] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df78) returned 0x0
[0165.894] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.894] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0165.894] LocalFree (hMem=0x11eec58) returned 0x0
[0165.894] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0165.894] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0165.894] LocalFree (hMem=0x11eed00) returned 0x0
[0165.894] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0165.894] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0165.894] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7df90) returned 0x0
[0165.894] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0165.894] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0165.894] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0165.895] GetCurrentObject (hdc=0xfa010671, type=0x1) returned 0xb00017
[0165.895] GetCurrentObject (hdc=0xfa010671, type=0x2) returned 0x900010
[0165.895] GetCurrentObject (hdc=0xfa010671, type=0x7) returned 0x4a0507fe
[0165.895] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.895] SaveDC (hdc=0xfa010671) returned 1
[0165.895] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa10407de
[0165.895] GetClipRgn (hdc=0xfa010671, hrgn=0xa10407de) returned 0
[0165.895] SelectClipRgn (hdc=0xfa010671, hrgn=0x22040807) returned 2
[0165.895] DeleteObject (ho=0xa10407de) returned 1
[0165.895] DeleteObject (ho=0x22040807) returned 1
[0165.895] OffsetViewportOrgEx (in: hdc=0xfa010671, x=0, y=0, lppt=0x2d71f98 | out: lppt=0x2d71f98) returned 1
[0165.895] IsAppThemed () returned 0x1
[0165.895] GetThemeAppProperties () returned 0x3
[0165.895] GetThemeAppProperties () returned 0x3
[0165.895] GetThemeBackgroundContentRect () returned 0x0
[0165.895] RestoreDC (hdc=0xfa010671, nSavedDC=-1) returned 1
[0165.895] GdipReleaseDC (graphics=0x6600030, hdc=0xfa010671) returned 0x0
[0165.895] IsAppThemed () returned 0x1
[0165.895] GetThemeAppProperties () returned 0x3
[0165.896] GetThemeAppProperties () returned 0x3
[0165.896] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0165.896] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0165.896] GetCurrentObject (hdc=0xfa010671, type=0x1) returned 0xb00017
[0165.896] GetCurrentObject (hdc=0xfa010671, type=0x2) returned 0x900010
[0165.896] GetCurrentObject (hdc=0xfa010671, type=0x7) returned 0x4a0507fe
[0165.896] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.896] SaveDC (hdc=0xfa010671) returned 1
[0165.896] GetTextAlign (hdc=0xfa010671) returned 0x0
[0165.896] GetTextColor (hdc=0xfa010671) returned 0x0
[0165.896] GetCurrentObject (hdc=0xfa010671, type=0x6) returned 0x8a01c2
[0165.896] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0165.896] SelectObject (hdc=0xfa010671, h=0x6d0a0520) returned 0x8a01c2
[0165.896] GetBkMode (hdc=0xfa010671) returned 2
[0165.896] SetBkMode (hdc=0xfa010671, mode=1) returned 2
[0165.896] DrawTextExW (in: hdc=0xfa010671, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d72338 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0165.897] DrawTextExW (in: hdc=0xfa010671, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d72338 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0165.897] RestoreDC (hdc=0xfa010671, nSavedDC=-1) returned 1
[0165.897] GdipReleaseDC (graphics=0x6600030, hdc=0xfa010671) returned 0x0
[0165.897] GetFocus () returned 0xa013e
[0165.897] IsAppThemed () returned 0x1
[0165.897] GetThemeAppProperties () returned 0x3
[0165.897] GetThemeAppProperties () returned 0x3
[0165.897] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0165.897] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xfa010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.897] GdipReleaseDC (graphics=0x6600030, hdc=0xfa010671) returned 0x0
[0165.897] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.897] SelectObject (hdc=0xfa010671, h=0x85000f) returned 0x4a0507fe
[0165.898] DeleteDC (hdc=0xfa010671) returned 1
[0165.898] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.898] EndPaint (hWnd=0x802da, lpPaint=0xd7e24c) returned 1
[0165.898] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.898] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0165.898] IsWindowUnicode (hWnd=0x6005a) returned 1
[0165.898] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.898] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0165.899] GetDlgItem (hDlg=0x902d2, nIDDlgItem=0) returned 0x0
[0165.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x210, wParam=0x201, lParam=0x6800fe) returned 0x0
[0165.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x21, wParam=0x902d2, lParam=0x2010001) returned 0x1
[0165.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x21, wParam=0x902d2, lParam=0x2010001) returned 0x1
[0165.899] SetCursor (hCursor=0x10003) returned 0x10003
[0165.899] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.899] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.899] GetKeyState (nVirtKey=1) returned -127
[0165.899] GetKeyState (nVirtKey=2) returned 0
[0165.899] GetKeyState (nVirtKey=4) returned 0
[0165.899] GetKeyState (nVirtKey=5) returned 0
[0165.899] GetKeyState (nVirtKey=6) returned 0
[0165.899] IsWindowVisible (hWnd=0x6005a) returned 1
[0165.899] IsWindowEnabled (hWnd=0x6005a) returned 1
[0165.899] SetFocus (hWnd=0x6005a) returned 0xa013e
[0165.900] GetFocus () returned 0x6005a
[0165.900] IsChild (hWndParent=0x902d2, hWnd=0x6005a) returned 1
[0165.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x8, wParam=0x6005a, lParam=0x0) returned 0x0
[0165.900] GetCapture () returned 0x0
[0165.900] InvalidateRect (hWnd=0xa013e, lpRect=0x0, bErase=0) returned 1
[0165.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0165.902] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0165.909] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.909] InvalidateRect (hWnd=0xa013e, lpRect=0x0, bErase=0) returned 1
[0165.909] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.909] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x7, wParam=0xa013e, lParam=0x0) returned 0x0
[0165.909] GetStockObject (i=5) returned 0x900015
[0165.910] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0165.910] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0165.910] GetDlgItem (hDlg=0x902d2, nIDDlgItem=393306) returned 0x6005a
[0165.910] SendMessageW (hWnd=0x6005a, Msg=0x202b, wParam=0x6005a, lParam=0xd7dddc) returned 0x0
[0165.910] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x202b, wParam=0x6005a, lParam=0xd7dddc) returned 0x0
[0165.910] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.912] GetFocus () returned 0x6005a
[0165.912] GetFocus () returned 0x6005a
[0165.912] GetFocus () returned 0x6005a
[0165.912] GetKeyState (nVirtKey=1) returned -127
[0165.912] GetKeyState (nVirtKey=2) returned 0
[0165.912] GetKeyState (nVirtKey=4) returned 0
[0165.912] GetKeyState (nVirtKey=5) returned 0
[0165.912] GetKeyState (nVirtKey=6) returned 0
[0165.912] GetCapture () returned 0x0
[0165.912] SetCapture (hWnd=0x6005a) returned 0x0
[0165.912] GetKeyState (nVirtKey=1) returned -127
[0165.912] GetKeyState (nVirtKey=2) returned 0
[0165.912] GetKeyState (nVirtKey=4) returned 0
[0165.912] GetKeyState (nVirtKey=5) returned 0
[0165.912] GetKeyState (nVirtKey=6) returned 0
[0165.912] NotifyWinEvent (event=0x800a, hwnd=0x6005a, idObject=-4, idChild=0)
[0165.912] InvalidateRect (hWnd=0x6005a, lpRect=0xd7e430, bErase=0) returned 1
[0165.912] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.913] IsWindowUnicode (hWnd=0x6005a) returned 1
[0165.913] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.913] TranslateMessage (lpMsg=0xd7e808) returned 0
[0165.913] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0165.913] MapWindowPoints (in: hWndFrom=0x6005a, hWndTo=0x0, lpPoints=0x2d72528, cPoints=0x1 | out: lpPoints=0x2d72528) returned 30999254
[0165.913] NotifyWinEvent (event=0x800a, hwnd=0x6005a, idObject=-4, idChild=0)
[0165.913] InvalidateRect (hWnd=0x6005a, lpRect=0xd7e3d0, bErase=0) returned 1
[0165.913] UpdateWindow (hWnd=0x6005a) returned 1
[0165.913] BeginPaint (in: hWnd=0x6005a, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0165.913] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0165.913] CreateCompatibleDC (hdc=0xc0107c5) returned 0xfb010671
[0165.913] SelectObject (hdc=0xfb010671, h=0x4a0507fe) returned 0x85000f
[0165.913] GdipCreateFromHDC (hdc=0xfb010671, graphics=0xd7df00) returned 0x0
[0165.913] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0165.914] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0165.914] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0165.914] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0165.914] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df60) returned 0x0
[0165.914] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.914] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0165.914] LocalFree (hMem=0x11eec58) returned 0x0
[0165.914] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0165.914] GdipCreateRegion (region=0xd7df48) returned 0x0
[0165.914] GdipGetClip (graphics=0x6600030, region=0x6644b38) returned 0x0
[0165.914] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x6600030, result=0xd7df54) returned 0x0
[0165.914] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0165.914] GdipRestoreGraphics (graphics=0x6600030, state=0xfc8a0dbd) returned 0x0
[0165.914] GdipDeleteRegion (region=0x6644b38) returned 0x0
[0165.914] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0165.914] GetCurrentObject (hdc=0xfb010671, type=0x1) returned 0xb00017
[0165.914] GetCurrentObject (hdc=0xfb010671, type=0x2) returned 0x900010
[0165.914] GetCurrentObject (hdc=0xfb010671, type=0x7) returned 0x4a0507fe
[0165.914] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.914] SaveDC (hdc=0xfb010671) returned 1
[0165.915] GetNearestColor (hdc=0xfb010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.915] GetNearestColor (hdc=0xfb010671, color=0xa0a0a0) returned 0xa0a0a0
[0165.915] GetNearestColor (hdc=0xfb010671, color=0x696969) returned 0x696969
[0165.915] GetNearestColor (hdc=0xfb010671, color=0xa0a0a0) returned 0xa0a0a0
[0165.915] GetNearestColor (hdc=0xfb010671, color=0x0) returned 0x0
[0165.915] GetNearestColor (hdc=0xfb010671, color=0xffffff) returned 0xffffff
[0165.915] GetNearestColor (hdc=0xfb010671, color=0xe5e5e5) returned 0xe5e5e5
[0165.915] GetNearestColor (hdc=0xfb010671, color=0xd7d7d7) returned 0xd7d7d7
[0165.915] GetNearestColor (hdc=0xfb010671, color=0x0) returned 0x0
[0165.915] RestoreDC (hdc=0xfb010671, nSavedDC=-1) returned 1
[0165.915] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010671) returned 0x0
[0165.915] IsAppThemed () returned 0x1
[0165.915] GetThemeAppProperties () returned 0x3
[0165.915] GetThemeAppProperties () returned 0x3
[0165.915] IsAppThemed () returned 0x1
[0165.915] GetThemeAppProperties () returned 0x3
[0165.915] GetThemeAppProperties () returned 0x3
[0165.915] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d72c80 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0165.916] IsAppThemed () returned 0x1
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] IsAppThemed () returned 0x1
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] IsAppThemed () returned 0x1
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] IsAppThemed () returned 0x1
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] IsThemePartDefined () returned 0x1
[0165.916] IsAppThemed () returned 0x1
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0165.916] IsAppThemed () returned 0x1
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] GetThemeAppProperties () returned 0x3
[0165.916] IsAppThemed () returned 0x1
[0165.917] GetThemeAppProperties () returned 0x3
[0165.917] GetThemeAppProperties () returned 0x3
[0165.917] IsThemePartDefined () returned 0x1
[0165.917] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0165.917] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0165.917] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0165.917] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0165.917] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc7c) returned 0x0
[0165.917] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.917] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0165.917] LocalFree (hMem=0x11eec58) returned 0x0
[0165.917] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0165.917] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0165.917] LocalFree (hMem=0x11eec58) returned 0x0
[0165.917] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0165.917] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0165.917] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0165.917] GdipGetRegionHRgn (region=0x66447d8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0165.917] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0165.917] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0165.917] GetCurrentObject (hdc=0xfb010671, type=0x1) returned 0xb00017
[0165.917] GetCurrentObject (hdc=0xfb010671, type=0x2) returned 0x900010
[0165.917] GetCurrentObject (hdc=0xfb010671, type=0x7) returned 0x4a0507fe
[0165.918] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.918] SaveDC (hdc=0xfb010671) returned 1
[0165.918] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x23040807
[0165.918] GetClipRgn (hdc=0xfb010671, hrgn=0x23040807) returned 0
[0165.918] SelectClipRgn (hdc=0xfb010671, hrgn=0xa50407de) returned 2
[0165.918] DeleteObject (ho=0x23040807) returned 1
[0165.918] DeleteObject (ho=0xa50407de) returned 1
[0165.918] OffsetViewportOrgEx (in: hdc=0xfb010671, x=0, y=0, lppt=0x2d73330 | out: lppt=0x2d73330) returned 1
[0165.918] DrawThemeParentBackground () returned 0x0
[0165.918] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0165.918] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0165.918] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.918] GetSystemMetrics (nIndex=42) returned 0
[0165.918] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0165.918] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0165.918] GetCurrentObject (hdc=0xfb010671, type=0x1) returned 0xb00017
[0165.918] GetCurrentObject (hdc=0xfb010671, type=0x2) returned 0x900010
[0165.919] GetCurrentObject (hdc=0xfb010671, type=0x7) returned 0x4a0507fe
[0165.919] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.919] SaveDC (hdc=0xfb010671) returned 2
[0165.919] GetNearestColor (hdc=0xfb010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.919] CreateSolidBrush (color=0xf0f0f0) returned 0x6e1007e1
[0165.919] FillRect (hDC=0xfb010671, lprc=0xd7d6c8, hbr=0x6e1007e1) returned 1
[0165.919] DeleteObject (ho=0x6e1007e1) returned 1
[0165.919] RestoreDC (hdc=0xfb010671, nSavedDC=-1) returned 1
[0165.919] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.919] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.919] GetSystemMetrics (nIndex=42) returned 0
[0165.919] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.919] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0165.919] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0165.919] GetCurrentObject (hdc=0xfb010671, type=0x1) returned 0xb00017
[0165.920] GetCurrentObject (hdc=0xfb010671, type=0x2) returned 0x900010
[0165.920] GetCurrentObject (hdc=0xfb010671, type=0x7) returned 0x4a0507fe
[0165.920] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.920] SaveDC (hdc=0xfb010671) returned 2
[0165.920] GetNearestColor (hdc=0xfb010671, color=0xf0f0f0) returned 0xf0f0f0
[0165.920] CreateSolidBrush (color=0xf0f0f0) returned 0x6f1007e1
[0165.920] FillRect (hDC=0xfb010671, lprc=0xd7d668, hbr=0x6f1007e1) returned 1
[0165.920] DeleteObject (ho=0x6f1007e1) returned 1
[0165.920] RestoreDC (hdc=0xfb010671, nSavedDC=-1) returned 1
[0165.920] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.920] GetSystemMetrics (nIndex=42) returned 0
[0165.920] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0165.920] RestoreDC (hdc=0xfb010671, nSavedDC=-1) returned 1
[0165.921] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010671) returned 0x0
[0165.921] IsAppThemed () returned 0x1
[0165.921] GetThemeAppProperties () returned 0x3
[0165.921] GetThemeAppProperties () returned 0x3
[0165.921] IsAppThemed () returned 0x1
[0165.921] GetThemeAppProperties () returned 0x3
[0165.921] GetThemeAppProperties () returned 0x3
[0165.921] IsThemePartDefined () returned 0x1
[0165.921] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0165.921] GdipGetClip (graphics=0x6600030, region=0x66443e8) returned 0x0
[0165.921] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0165.921] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0165.921] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0165.921] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.921] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0165.921] LocalFree (hMem=0x11ee788) returned 0x0
[0165.921] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0165.921] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0165.921] LocalFree (hMem=0x11ee788) returned 0x0
[0165.921] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0165.921] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0165.921] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0165.921] GdipGetRegionHRgn (region=0x66443e8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0165.922] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0165.922] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0165.922] GetCurrentObject (hdc=0xfb010671, type=0x1) returned 0xb00017
[0165.922] GetCurrentObject (hdc=0xfb010671, type=0x2) returned 0x900010
[0165.922] GetCurrentObject (hdc=0xfb010671, type=0x7) returned 0x4a0507fe
[0165.922] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.922] SaveDC (hdc=0xfb010671) returned 1
[0165.922] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa60407de
[0165.922] GetClipRgn (hdc=0xfb010671, hrgn=0xa60407de) returned 0
[0165.922] SelectClipRgn (hdc=0xfb010671, hrgn=0x25040807) returned 2
[0165.922] DeleteObject (ho=0xa60407de) returned 1
[0165.922] DeleteObject (ho=0x25040807) returned 1
[0165.922] OffsetViewportOrgEx (in: hdc=0xfb010671, x=0, y=0, lppt=0x2d73bdc | out: lppt=0x2d73bdc) returned 1
[0165.922] IsAppThemed () returned 0x1
[0165.922] GetThemeAppProperties () returned 0x3
[0165.922] GetThemeAppProperties () returned 0x3
[0165.922] DrawThemeBackground () returned 0x0
[0165.922] RestoreDC (hdc=0xfb010671, nSavedDC=-1) returned 1
[0165.922] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010671) returned 0x0
[0165.922] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0165.922] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0165.923] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0165.923] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0165.923] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dc04) returned 0x0
[0165.923] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0165.923] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0165.923] LocalFree (hMem=0x11eea60) returned 0x0
[0165.923] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0165.923] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0165.923] LocalFree (hMem=0x11ee9f0) returned 0x0
[0165.923] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0165.923] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0165.923] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0165.923] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0165.923] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0165.923] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0165.923] GetCurrentObject (hdc=0xfb010671, type=0x1) returned 0xb00017
[0165.923] GetCurrentObject (hdc=0xfb010671, type=0x2) returned 0x900010
[0165.923] GetCurrentObject (hdc=0xfb010671, type=0x7) returned 0x4a0507fe
[0165.923] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.923] SaveDC (hdc=0xfb010671) returned 1
[0165.923] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x26040807
[0165.924] GetClipRgn (hdc=0xfb010671, hrgn=0x26040807) returned 0
[0165.924] SelectClipRgn (hdc=0xfb010671, hrgn=0xa70407de) returned 2
[0165.924] DeleteObject (ho=0x26040807) returned 1
[0165.924] DeleteObject (ho=0xa70407de) returned 1
[0165.924] OffsetViewportOrgEx (in: hdc=0xfb010671, x=0, y=0, lppt=0x2d73eb0 | out: lppt=0x2d73eb0) returned 1
[0165.924] IsAppThemed () returned 0x1
[0165.924] GetThemeAppProperties () returned 0x3
[0165.924] GetThemeAppProperties () returned 0x3
[0165.924] GetThemeBackgroundContentRect () returned 0x0
[0165.924] RestoreDC (hdc=0xfb010671, nSavedDC=-1) returned 1
[0165.924] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010671) returned 0x0
[0165.924] IsAppThemed () returned 0x1
[0165.924] GetThemeAppProperties () returned 0x3
[0165.924] GetThemeAppProperties () returned 0x3
[0165.924] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0165.924] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0165.924] GetCurrentObject (hdc=0xfb010671, type=0x1) returned 0xb00017
[0165.924] GetCurrentObject (hdc=0xfb010671, type=0x2) returned 0x900010
[0165.924] GetCurrentObject (hdc=0xfb010671, type=0x7) returned 0x4a0507fe
[0165.924] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.924] SaveDC (hdc=0xfb010671) returned 1
[0165.925] GetTextAlign (hdc=0xfb010671) returned 0x0
[0165.925] GetTextColor (hdc=0xfb010671) returned 0x0
[0165.925] GetCurrentObject (hdc=0xfb010671, type=0x6) returned 0x8a01c2
[0165.925] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0165.925] SelectObject (hdc=0xfb010671, h=0x6d0a0520) returned 0x8a01c2
[0165.925] GetBkMode (hdc=0xfb010671) returned 2
[0165.925] SetBkMode (hdc=0xfb010671, mode=1) returned 2
[0165.925] DrawTextExW (in: hdc=0xfb010671, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d74250 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0165.925] DrawTextExW (in: hdc=0xfb010671, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d74250 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0165.925] RestoreDC (hdc=0xfb010671, nSavedDC=-1) returned 1
[0165.925] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010671) returned 0x0
[0165.925] GetFocus () returned 0x6005a
[0165.926] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0165.926] SendMessageW (hWnd=0x902d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0165.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0165.926] IsAppThemed () returned 0x1
[0165.926] GetThemeAppProperties () returned 0x3
[0165.926] GetThemeAppProperties () returned 0x3
[0165.926] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0165.926] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xfb010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0165.926] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010671) returned 0x0
[0165.926] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0165.926] SelectObject (hdc=0xfb010671, h=0x85000f) returned 0x4a0507fe
[0165.926] DeleteDC (hdc=0xfb010671) returned 1
[0165.926] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0165.926] EndPaint (hWnd=0x6005a, lpPaint=0xd7dee4) returned 1
[0165.926] MapWindowPoints (in: hWndFrom=0x6005a, hWndTo=0x0, lpPoints=0x2d7434c, cPoints=0x1 | out: lpPoints=0x2d7434c) returned 30999254
[0165.926] WindowFromPoint (Point=0x2f3) returned 0x6005a
[0165.927] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0165.927] NotifyWinEvent (event=0x800a, hwnd=0x6005a, idObject=-4, idChild=0)
[0165.927] NotifyWinEvent (event=0x800c, hwnd=0x6005a, idObject=-4, idChild=0)
[0165.927] GetCapture () returned 0x6005a
[0165.927] ReleaseCapture () returned 1
[0165.927] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0165.927] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0165.927] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0165.927] IsWindow (hWnd=0x7005c) returned 1
[0165.928] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0165.951] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0165.951] IsWindow (hWnd=0x902d2) returned 1
[0165.951] SetActiveWindow (hWnd=0x902d2) returned 0x902d2
[0165.952] IsWindow (hWnd=0x902d2) returned 1
[0165.952] SetFocus (hWnd=0x902d2) returned 0x6005a
[0165.952] GetFocus () returned 0x902d2
[0165.952] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x8, wParam=0x902d2, lParam=0x0) returned 0x0
[0165.952] GetCapture () returned 0x0
[0165.952] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0165.954] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0165.956] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.956] GetFocus () returned 0x902d2
[0165.956] SetFocus (hWnd=0x6005a) returned 0x902d2
[0165.956] GetFocus () returned 0x6005a
[0165.956] IsChild (hWndParent=0x902d2, hWnd=0x6005a) returned 1
[0165.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x8, wParam=0x6005a, lParam=0x0) returned 0x0
[0165.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0165.958] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0165.960] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.960] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x7, wParam=0x902d2, lParam=0x0) returned 0x0
[0165.960] GetStockObject (i=5) returned 0x900015
[0165.960] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0165.960] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0165.960] GetDlgItem (hDlg=0x902d2, nIDDlgItem=393306) returned 0x6005a
[0165.960] SendMessageW (hWnd=0x6005a, Msg=0x202b, wParam=0x6005a, lParam=0xd7ddcc) returned 0x0
[0165.960] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x202b, wParam=0x6005a, lParam=0xd7ddcc) returned 0x0
[0165.960] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.963] GetWindowLongW (hWnd=0x902d2, nIndex=-8) returned 458844
[0165.963] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0165.963] GetCurrentThreadId () returned 0xf50
[0165.963] IsWindow (hWnd=0x7005c) returned 1
[0165.963] IsWindow (hWnd=0x7005c) returned 1
[0165.963] IsWindowVisible (hWnd=0x7005c) returned 1
[0165.963] SetActiveWindow (hWnd=0x7005c) returned 0x902d2
[0165.963] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0165.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0165.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0165.973] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0165.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0165.973] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0165.973] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0165.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x902d2) returned 0x1
[0165.976] GetFocus () returned 0x6005a
[0165.977] SetFocus (hWnd=0x602c4) returned 0x6005a
[0165.977] GetFocus () returned 0x602c4
[0165.977] IsChild (hWndParent=0x902d2, hWnd=0x602c4) returned 0
[0165.977] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0165.977] GetCapture () returned 0x0
[0165.977] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.978] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0165.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0165.980] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.981] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0165.981] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.981] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0165.982] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0165.982] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x6005a, lParam=0x0) returned 0x0
[0165.982] GetStockObject (i=5) returned 0x900015
[0165.982] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0165.982] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed760) returned 0xc
[0165.982] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0165.982] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0165.982] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0165.982] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0165.986] GetFocus () returned 0x602c4
[0165.987] IsChild (hWndParent=0x902d2, hWnd=0x602c4) returned 0
[0165.987] ShowWindow (hWnd=0x902d2, nCmdShow=0) returned 1
[0165.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0165.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0165.989] GetWindowPlacement (in: hWnd=0x902d2, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0165.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0165.989] GetClientRect (in: hWnd=0x902d2, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0165.989] GetWindowRect (in: hWnd=0x902d2, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0165.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0165.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0165.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0165.990] GetWindowLongW (hWnd=0x902d2, nIndex=-20) returned 327945
[0165.990] DestroyWindow (hWnd=0x902d2) returned 1
[0165.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0165.991] GetWindowTextLengthW (hWnd=0x902d2) returned 13
[0165.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0165.991] GetSystemMetrics (nIndex=42) returned 0
[0165.991] GetWindowTextW (in: hWnd=0x902d2, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0165.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0165.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0165.992] GetWindowTextLengthW (hWnd=0x802de) returned 0
[0165.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0165.992] GetSystemMetrics (nIndex=42) returned 0
[0165.992] GetWindowTextW (in: hWnd=0x802de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0165.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0165.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0165.992] GetWindowThreadProcessId (in: hWnd=0xb00ea, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0165.992] GetWindow (hWnd=0xb00ea, uCmd=0x5) returned 0x0
[0165.992] GetWindowLongW (hWnd=0xb00ea, nIndex=-20) returned 65792
[0165.992] DestroyWindow (hWnd=0xb00ea) returned 1
[0165.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0165.992] GetWindowTextLengthW (hWnd=0xb00ea) returned 25
[0165.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0165.993] GetSystemMetrics (nIndex=42) returned 0
[0165.993] GetWindowTextW (in: hWnd=0xb00ea, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0165.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0165.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0165.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0165.994] GetWindowTextLengthW (hWnd=0x802dc) returned 232
[0165.994] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0165.994] GetSystemMetrics (nIndex=42) returned 0
[0165.994] GetWindowTextW (in: hWnd=0x802dc, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0165.994] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0165.994] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0165.994] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0165.994] InvalidateRect (hWnd=0x6005a, lpRect=0x0, bErase=0) returned 1
[0165.994] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0165.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0165.995] SendMessageW (hWnd=0xa02d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0165.995] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0165.995] SendMessageW (hWnd=0xa02d8, Msg=0xb0, wParam=0x2d47fd0, lParam=0xd7e480) returned 0x0
[0165.995] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0xb0, wParam=0x2d47fd0, lParam=0xd7e480) returned 0x0
[0165.995] GetWindowTextLengthW (hWnd=0xa02d8) returned 4363
[0165.995] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0165.995] GetSystemMetrics (nIndex=42) returned 0
[0165.995] CoTaskMemAlloc (cb=0x221c) returned 0x1203e48
[0165.995] GetWindowTextW (in: hWnd=0xa02d8, lpString=0x1203e48, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0165.995] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0xd, wParam=0x110c, lParam=0x1203e48) returned 0x110b
[0165.995] CoTaskMemFree (pv=0x1203e48)
[0165.995] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0165.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x802de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0166.016] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0166.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xa013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0166.019] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x6005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0166.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0166.021] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0166.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0166.026] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.026] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.026] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.026] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.026] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.026] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.026] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.026] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.026] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.026] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.026] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0166.027] IsWindowUnicode (hWnd=0x7005c) returned 1
[0166.027] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0166.027] SetCursor (hCursor=0x10003) returned 0x10003
[0166.027] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.027] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.027] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0166.028] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0166.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0166.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0235) returned 0x0
[0166.028] GetKeyState (nVirtKey=1) returned 1
[0166.028] GetKeyState (nVirtKey=2) returned 0
[0166.028] GetKeyState (nVirtKey=4) returned 0
[0166.028] GetKeyState (nVirtKey=5) returned 0
[0166.028] GetKeyState (nVirtKey=6) returned 0
[0166.028] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0166.050] IsWindowUnicode (hWnd=0x7005c) returned 1
[0166.050] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.050] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.050] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.050] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0166.051] IsWindowUnicode (hWnd=0x7005c) returned 1
[0166.051] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f3) returned 0x1
[0166.051] SetCursor (hCursor=0x10003) returned 0x10003
[0166.051] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.051] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0235) returned 0x0
[0166.051] GetKeyState (nVirtKey=1) returned 1
[0166.051] GetKeyState (nVirtKey=2) returned 0
[0166.051] GetKeyState (nVirtKey=4) returned 0
[0166.051] GetKeyState (nVirtKey=5) returned 0
[0166.052] GetKeyState (nVirtKey=6) returned 0
[0166.052] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.052] IsWindowUnicode (hWnd=0x602c4) returned 1
[0166.052] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.052] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.052] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.052] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.054] IsWindowUnicode (hWnd=0x602c4) returned 1
[0166.054] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.054] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0166.054] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0166.054] CreateCompatibleDC (hdc=0x60100ce) returned 0x3101067c
[0166.054] SelectObject (hdc=0x3101067c, h=0x4a0507fe) returned 0x85000f
[0166.054] GdipCreateFromHDC (hdc=0x3101067c, graphics=0xd7e798) returned 0x0
[0166.054] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0166.055] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0166.055] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0166.055] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0166.055] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e7f8) returned 0x0
[0166.055] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0166.055] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0166.055] LocalFree (hMem=0x11ee9f0) returned 0x0
[0166.055] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0166.055] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0166.055] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0166.055] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0166.055] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0166.055] GdipRestoreGraphics (graphics=0x6600030, state=0xfc880dbd) returned 0x0
[0166.055] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0166.055] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0166.055] GetCurrentObject (hdc=0x3101067c, type=0x1) returned 0xb00017
[0166.055] GetCurrentObject (hdc=0x3101067c, type=0x2) returned 0x900010
[0166.056] GetCurrentObject (hdc=0x3101067c, type=0x7) returned 0x4a0507fe
[0166.056] GetCurrentObject (hdc=0x3101067c, type=0x6) returned 0x8a01c2
[0166.057] SaveDC (hdc=0x3101067c) returned 1
[0166.057] GetNearestColor (hdc=0x3101067c, color=0xff) returned 0xff
[0166.057] GetNearestColor (hdc=0x3101067c, color=0x55) returned 0x55
[0166.057] GetNearestColor (hdc=0x3101067c, color=0x0) returned 0x0
[0166.057] GetNearestColor (hdc=0x3101067c, color=0x55) returned 0x55
[0166.057] GetNearestColor (hdc=0x3101067c, color=0x0) returned 0x0
[0166.057] GetNearestColor (hdc=0x3101067c, color=0x8080ff) returned 0x8080ff
[0166.057] GetNearestColor (hdc=0x3101067c, color=0x7373e5) returned 0x7373e5
[0166.057] GetNearestColor (hdc=0x3101067c, color=0xe5) returned 0xe5
[0166.057] GetNearestColor (hdc=0x3101067c, color=0x0) returned 0x0
[0166.057] RestoreDC (hdc=0x3101067c, nSavedDC=-1) returned 1
[0166.058] GdipReleaseDC (graphics=0x6600030, hdc=0x3101067c) returned 0x0
[0166.058] IsAppThemed () returned 0x1
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] IsAppThemed () returned 0x1
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d7c0b8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0166.058] IsAppThemed () returned 0x1
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] IsAppThemed () returned 0x1
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] GetThemeAppProperties () returned 0x3
[0166.058] GetFocus () returned 0x602c4
[0166.059] IsAppThemed () returned 0x1
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] IsAppThemed () returned 0x1
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] IsThemePartDefined () returned 0x1
[0166.059] IsAppThemed () returned 0x1
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0166.059] IsAppThemed () returned 0x1
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] IsAppThemed () returned 0x1
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] GetThemeAppProperties () returned 0x3
[0166.059] IsThemePartDefined () returned 0x1
[0166.059] GdipCreateRegion (region=0xd7e508) returned 0x0
[0166.059] GdipGetClip (graphics=0x6600030, region=0x66442c8) returned 0x0
[0166.059] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0166.065] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0166.065] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e520) returned 0x0
[0166.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0166.065] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee8d8) returned 0x0
[0166.065] LocalFree (hMem=0x11ee8d8) returned 0x0
[0166.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0166.065] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0166.065] LocalFree (hMem=0x11eed00) returned 0x0
[0166.065] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0166.065] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0166.065] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0166.065] GdipGetRegionHRgn (region=0x66442c8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0166.065] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0166.065] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0166.065] GetCurrentObject (hdc=0x3101067c, type=0x1) returned 0xb00017
[0166.065] GetCurrentObject (hdc=0x3101067c, type=0x2) returned 0x900010
[0166.065] GetCurrentObject (hdc=0x3101067c, type=0x7) returned 0x4a0507fe
[0166.065] GetCurrentObject (hdc=0x3101067c, type=0x6) returned 0x8a01c2
[0166.065] SaveDC (hdc=0x3101067c) returned 1
[0166.066] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa80407de
[0166.066] GetClipRgn (hdc=0x3101067c, hrgn=0xa80407de) returned 0
[0166.066] SelectClipRgn (hdc=0x3101067c, hrgn=0x2a040807) returned 2
[0166.066] DeleteObject (ho=0xa80407de) returned 1
[0166.066] DeleteObject (ho=0x2a040807) returned 1
[0166.066] OffsetViewportOrgEx (in: hdc=0x3101067c, x=0, y=0, lppt=0x2d7c768 | out: lppt=0x2d7c768) returned 1
[0166.066] DrawThemeParentBackground () returned 0x0
[0166.066] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0166.066] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0166.066] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0166.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0166.066] GetSystemMetrics (nIndex=42) returned 0
[0166.066] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0166.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0166.066] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0166.066] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0166.066] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0166.066] SelectPalette (hdc=0x3101067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0166.067] GdipCreateFromHDC (hdc=0x3101067c, graphics=0xd7dff8) returned 0x0
[0166.067] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0166.067] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0166.067] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638d88) returned 0x0
[0166.067] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfd0) returned 0x0
[0166.067] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0166.067] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0166.067] GdipGetClip (graphics=0x663bc50, region=0x6644238) returned 0x0
[0166.067] GdipIsInfiniteRegion (region=0x6644238, graphics=0x663bc50, result=0xd7dfc4) returned 0x0
[0166.067] GdipDeleteRegion (region=0x6644238) returned 0x0
[0166.067] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dff0) returned 0x0
[0166.067] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0166.072] GdipFillRectangleI (graphics=0x663bc50, brush=0x663a018, x=0, y=0, width=801, height=453) returned 0x0
[0166.072] GdipDeleteBrush (brush=0x663a018) returned 0x0
[0166.072] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0166.072] SelectPalette (hdc=0x3101067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0166.072] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0166.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0166.073] GetSystemMetrics (nIndex=42) returned 0
[0166.073] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0166.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0166.073] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0166.073] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0166.073] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0166.073] SelectPalette (hdc=0x3101067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0166.073] GdipCreateFromHDC (hdc=0x3101067c, graphics=0xd7df98) returned 0x0
[0166.073] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0166.073] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0166.073] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638ab8) returned 0x0
[0166.073] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df70) returned 0x0
[0166.073] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0166.073] GdipCreateRegion (region=0xd7df58) returned 0x0
[0166.073] GdipGetClip (graphics=0x663bc50, region=0x6644238) returned 0x0
[0166.073] GdipIsInfiniteRegion (region=0x6644238, graphics=0x663bc50, result=0xd7df64) returned 0x0
[0166.073] GdipDeleteRegion (region=0x6644238) returned 0x0
[0166.073] GdipSaveGraphics (graphics=0x663bc50, state=0xd7df90) returned 0x0
[0166.073] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0166.079] GdipFillRectangleI (graphics=0x663bc50, brush=0x6639c70, x=0, y=0, width=801, height=453) returned 0x0
[0166.079] GdipDeleteBrush (brush=0x6639c70) returned 0x0
[0166.079] GdipRestoreGraphics (graphics=0x663bc50, state=0xfc840dbd) returned 0x0
[0166.079] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0166.079] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0166.079] GetSystemMetrics (nIndex=42) returned 0
[0166.079] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0166.080] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0166.080] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0166.080] SelectPalette (hdc=0x3101067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0166.080] RestoreDC (hdc=0x3101067c, nSavedDC=-1) returned 1
[0166.080] GdipReleaseDC (graphics=0x6600030, hdc=0x3101067c) returned 0x0
[0166.080] IsAppThemed () returned 0x1
[0166.080] GetThemeAppProperties () returned 0x3
[0166.080] GetThemeAppProperties () returned 0x3
[0166.080] IsAppThemed () returned 0x1
[0166.080] GetThemeAppProperties () returned 0x3
[0166.080] GetThemeAppProperties () returned 0x3
[0166.080] IsThemePartDefined () returned 0x1
[0166.080] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0166.080] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0166.080] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0166.080] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0166.080] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e4a4) returned 0x0
[0166.080] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0166.080] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0166.081] LocalFree (hMem=0x11ee788) returned 0x0
[0166.081] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0166.081] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0166.081] LocalFree (hMem=0x11eecc8) returned 0x0
[0166.081] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0166.081] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0166.081] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0166.081] GdipGetRegionHRgn (region=0x66447d8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0166.081] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0166.081] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0166.081] GetCurrentObject (hdc=0x3101067c, type=0x1) returned 0xb00017
[0166.081] GetCurrentObject (hdc=0x3101067c, type=0x2) returned 0x900010
[0166.081] GetCurrentObject (hdc=0x3101067c, type=0x7) returned 0x4a0507fe
[0166.081] GetCurrentObject (hdc=0x3101067c, type=0x6) returned 0x8a01c2
[0166.081] SaveDC (hdc=0x3101067c) returned 1
[0166.081] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b040807
[0166.081] GetClipRgn (hdc=0x3101067c, hrgn=0x2b040807) returned 0
[0166.081] SelectClipRgn (hdc=0x3101067c, hrgn=0xaa0407de) returned 2
[0166.081] DeleteObject (ho=0x2b040807) returned 1
[0166.081] DeleteObject (ho=0xaa0407de) returned 1
[0166.081] OffsetViewportOrgEx (in: hdc=0x3101067c, x=0, y=0, lppt=0x2d82fb8 | out: lppt=0x2d82fb8) returned 1
[0166.081] IsAppThemed () returned 0x1
[0166.082] GetThemeAppProperties () returned 0x3
[0166.082] GetThemeAppProperties () returned 0x3
[0166.082] DrawThemeBackground () returned 0x0
[0166.082] RestoreDC (hdc=0x3101067c, nSavedDC=-1) returned 1
[0166.082] GdipReleaseDC (graphics=0x6600030, hdc=0x3101067c) returned 0x0
[0166.082] GdipCreateRegion (region=0xd7e490) returned 0x0
[0166.082] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0166.082] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0166.082] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0166.082] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a8) returned 0x0
[0166.082] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0166.082] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0166.082] LocalFree (hMem=0x11ee8d8) returned 0x0
[0166.082] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0166.082] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0166.082] LocalFree (hMem=0x11eecc8) returned 0x0
[0166.082] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0166.082] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0166.082] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0166.082] GdipGetRegionHRgn (region=0x6644a18, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0166.082] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0166.082] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0166.082] GetCurrentObject (hdc=0x3101067c, type=0x1) returned 0xb00017
[0166.083] GetCurrentObject (hdc=0x3101067c, type=0x2) returned 0x900010
[0166.083] GetCurrentObject (hdc=0x3101067c, type=0x7) returned 0x4a0507fe
[0166.083] GetCurrentObject (hdc=0x3101067c, type=0x6) returned 0x8a01c2
[0166.083] SaveDC (hdc=0x3101067c) returned 1
[0166.083] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab0407de
[0166.083] GetClipRgn (hdc=0x3101067c, hrgn=0xab0407de) returned 0
[0166.083] SelectClipRgn (hdc=0x3101067c, hrgn=0x2c040807) returned 2
[0166.083] DeleteObject (ho=0xab0407de) returned 1
[0166.083] DeleteObject (ho=0x2c040807) returned 1
[0166.083] OffsetViewportOrgEx (in: hdc=0x3101067c, x=0, y=0, lppt=0x2d8328c | out: lppt=0x2d8328c) returned 1
[0166.083] IsAppThemed () returned 0x1
[0166.083] GetThemeAppProperties () returned 0x3
[0166.083] GetThemeAppProperties () returned 0x3
[0166.083] GetThemeBackgroundContentRect () returned 0x0
[0166.083] RestoreDC (hdc=0x3101067c, nSavedDC=-1) returned 1
[0166.083] GdipReleaseDC (graphics=0x6600030, hdc=0x3101067c) returned 0x0
[0166.083] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0166.083] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0166.083] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0166.083] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0166.083] IsAppThemed () returned 0x1
[0166.083] GetThemeAppProperties () returned 0x3
[0166.084] GetThemeAppProperties () returned 0x3
[0166.084] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0166.084] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0166.084] GetCurrentObject (hdc=0x3101067c, type=0x1) returned 0xb00017
[0166.084] GetCurrentObject (hdc=0x3101067c, type=0x2) returned 0x900010
[0166.084] GetCurrentObject (hdc=0x3101067c, type=0x7) returned 0x4a0507fe
[0166.084] GetCurrentObject (hdc=0x3101067c, type=0x6) returned 0x8a01c2
[0166.084] SaveDC (hdc=0x3101067c) returned 1
[0166.084] GetTextAlign (hdc=0x3101067c) returned 0x0
[0166.084] GetTextColor (hdc=0x3101067c) returned 0x0
[0166.084] GetCurrentObject (hdc=0x3101067c, type=0x6) returned 0x8a01c2
[0166.084] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0166.084] SelectObject (hdc=0x3101067c, h=0x6d0a0520) returned 0x8a01c2
[0166.084] GetBkMode (hdc=0x3101067c) returned 2
[0166.084] SetBkMode (hdc=0x3101067c, mode=1) returned 2
[0166.084] DrawTextExW (in: hdc=0x3101067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d83650 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0166.085] DrawTextExW (in: hdc=0x3101067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d83650 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0166.085] RestoreDC (hdc=0x3101067c, nSavedDC=-1) returned 1
[0166.085] GdipReleaseDC (graphics=0x6600030, hdc=0x3101067c) returned 0x0
[0166.085] GetFocus () returned 0x602c4
[0166.085] IsAppThemed () returned 0x1
[0166.085] GetThemeAppProperties () returned 0x3
[0166.085] GetThemeAppProperties () returned 0x3
[0166.085] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0166.085] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x3101067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0166.085] GdipReleaseDC (graphics=0x6600030, hdc=0x3101067c) returned 0x0
[0166.085] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0166.085] SelectObject (hdc=0x3101067c, h=0x85000f) returned 0x4a0507fe
[0166.085] DeleteDC (hdc=0x3101067c) returned 1
[0166.086] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0166.086] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0166.086] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.086] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.086] WaitMessage () returned 1
[0166.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.126] IsWindowUnicode (hWnd=0x7005c) returned 1
[0166.126] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.126] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.126] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.126] IsWindowUnicode (hWnd=0x7005c) returned 1
[0166.127] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.127] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.127] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10e0235) returned 0x0
[0166.127] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.127] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.127] WaitMessage () returned 1
[0166.191] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.191] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.191] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.191] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.191] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.193] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.193] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.193] WaitMessage () returned 1
[0166.194] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.194] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.194] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.194] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.194] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.195] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.195] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.195] WaitMessage () returned 1
[0166.196] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.196] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.196] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.196] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.196] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.197] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.198] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.198] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.198] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.198] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.198] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.198] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.198] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.198] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.198] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.198] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.199] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.199] WaitMessage () returned 1
[0166.199] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.199] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.199] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.200] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.200] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.202] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.202] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.202] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.202] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.202] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.202] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.202] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.202] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.202] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.202] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.203] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.203] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.203] WaitMessage () returned 1
[0166.205] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.205] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.205] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.205] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.205] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.207] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.207] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.207] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.207] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.207] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.208] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.208] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.208] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.208] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.208] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.208] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.208] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.208] WaitMessage () returned 1
[0166.209] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.209] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.209] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.209] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.209] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.210] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.211] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.211] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.211] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.211] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.211] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.211] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.211] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.211] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.211] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.211] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.212] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.212] WaitMessage () returned 1
[0166.214] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.214] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.214] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.214] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.214] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.215] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.215] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.215] WaitMessage () returned 1
[0166.221] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.221] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.221] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.221] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.221] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.222] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.222] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.222] WaitMessage () returned 1
[0166.224] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.224] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.224] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.224] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.224] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.225] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.225] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.225] WaitMessage () returned 1
[0166.225] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.225] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.225] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.226] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.226] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.227] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.227] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.227] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.227] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.227] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.228] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.228] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.228] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.228] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.228] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.228] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.229] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.229] WaitMessage () returned 1
[0166.235] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.235] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.235] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.235] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.235] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.237] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.237] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.237] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.237] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.237] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.237] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.237] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.237] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.238] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.238] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.238] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.238] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.238] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.238] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.238] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.239] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.239] IsWindowUnicode (hWnd=0x30122) returned 1
[0166.239] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.239] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.239] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.239] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.240] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.240] WaitMessage () returned 1
[0166.287] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.287] IsWindowUnicode (hWnd=0x502c6) returned 1
[0166.287] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0166.287] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0166.287] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0166.287] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.287] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0166.287] WaitMessage () returned 1
[0168.221] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.221] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740100) returned 0x1
[0168.221] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.221] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.222] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0168.222] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0168.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0168.222] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.222] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740100) returned 0x1
[0168.222] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.222] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.222] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740100) returned 0x1
[0168.223] SetCursor (hCursor=0x10003) returned 0x10003
[0168.223] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0168.223] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0168.223] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0168.223] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0168.223] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0168.223] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0168.223] GetKeyState (nVirtKey=1) returned 1
[0168.223] GetKeyState (nVirtKey=2) returned 0
[0168.223] GetKeyState (nVirtKey=4) returned 0
[0168.224] GetKeyState (nVirtKey=5) returned 0
[0168.224] GetKeyState (nVirtKey=6) returned 0
[0168.224] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.224] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.224] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.224] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0168.224] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0168.224] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0168.224] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.225] CreateCompatibleDC (hdc=0x60100ce) returned 0xdc0107c6
[0168.225] SelectObject (hdc=0xdc0107c6, h=0x4a0507fe) returned 0x85000f
[0168.225] GdipCreateFromHDC (hdc=0xdc0107c6, graphics=0xd7e798) returned 0x0
[0168.225] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0168.225] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0168.225] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0168.225] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0168.226] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0168.226] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.226] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0168.226] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.226] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0168.226] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0168.226] GdipGetClip (graphics=0x6600030, region=0x6644a18) returned 0x0
[0168.226] GdipIsInfiniteRegion (region=0x6644a18, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0168.226] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0168.226] GdipRestoreGraphics (graphics=0x6600030, state=0xfc820dbd) returned 0x0
[0168.226] GdipDeleteRegion (region=0x6644a18) returned 0x0
[0168.227] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0168.227] GetCurrentObject (hdc=0xdc0107c6, type=0x1) returned 0xb00017
[0168.227] GetCurrentObject (hdc=0xdc0107c6, type=0x2) returned 0x900010
[0168.227] GetCurrentObject (hdc=0xdc0107c6, type=0x7) returned 0x4a0507fe
[0168.227] GetCurrentObject (hdc=0xdc0107c6, type=0x6) returned 0x8a01c2
[0168.227] SaveDC (hdc=0xdc0107c6) returned 1
[0168.227] GetNearestColor (hdc=0xdc0107c6, color=0xff) returned 0xff
[0168.227] GetNearestColor (hdc=0xdc0107c6, color=0x55) returned 0x55
[0168.228] GetNearestColor (hdc=0xdc0107c6, color=0x0) returned 0x0
[0168.228] GetNearestColor (hdc=0xdc0107c6, color=0x55) returned 0x55
[0168.228] GetNearestColor (hdc=0xdc0107c6, color=0x0) returned 0x0
[0168.228] GetNearestColor (hdc=0xdc0107c6, color=0x8080ff) returned 0x8080ff
[0168.228] GetNearestColor (hdc=0xdc0107c6, color=0x7373e5) returned 0x7373e5
[0168.228] GetNearestColor (hdc=0xdc0107c6, color=0xe5) returned 0xe5
[0168.228] GetNearestColor (hdc=0xdc0107c6, color=0x0) returned 0x0
[0168.228] RestoreDC (hdc=0xdc0107c6, nSavedDC=-1) returned 1
[0168.228] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107c6) returned 0x0
[0168.228] IsAppThemed () returned 0x1
[0168.229] GetThemeAppProperties () returned 0x3
[0168.229] GetThemeAppProperties () returned 0x3
[0168.229] IsAppThemed () returned 0x1
[0168.229] GetThemeAppProperties () returned 0x3
[0168.229] GetThemeAppProperties () returned 0x3
[0168.229] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d84050 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0168.230] IsAppThemed () returned 0x1
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] IsAppThemed () returned 0x1
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] IsAppThemed () returned 0x1
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] IsAppThemed () returned 0x1
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] GetThemeAppProperties () returned 0x3
[0168.230] IsThemePartDefined () returned 0x1
[0168.230] IsAppThemed () returned 0x1
[0168.231] GetThemeAppProperties () returned 0x3
[0168.231] GetThemeAppProperties () returned 0x3
[0168.231] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0168.231] IsAppThemed () returned 0x1
[0168.231] GetThemeAppProperties () returned 0x3
[0168.231] GetThemeAppProperties () returned 0x3
[0168.231] IsAppThemed () returned 0x1
[0168.231] GetThemeAppProperties () returned 0x3
[0168.231] GetThemeAppProperties () returned 0x3
[0168.231] IsThemePartDefined () returned 0x1
[0168.231] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0168.231] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.231] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0168.231] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0168.231] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e514) returned 0x0
[0168.231] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.231] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0168.231] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.232] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0168.232] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0168.232] LocalFree (hMem=0x11ee788) returned 0x0
[0168.232] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0168.232] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0168.232] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0168.232] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0168.232] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.232] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0168.232] GetCurrentObject (hdc=0xdc0107c6, type=0x1) returned 0xb00017
[0168.232] GetCurrentObject (hdc=0xdc0107c6, type=0x2) returned 0x900010
[0168.232] GetCurrentObject (hdc=0xdc0107c6, type=0x7) returned 0x4a0507fe
[0168.232] GetCurrentObject (hdc=0xdc0107c6, type=0x6) returned 0x8a01c2
[0168.232] SaveDC (hdc=0xdc0107c6) returned 1
[0168.232] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2d040807
[0168.232] GetClipRgn (hdc=0xdc0107c6, hrgn=0x2d040807) returned 0
[0168.233] SelectClipRgn (hdc=0xdc0107c6, hrgn=0xaf0407de) returned 2
[0168.233] DeleteObject (ho=0x2d040807) returned 1
[0168.233] DeleteObject (ho=0xaf0407de) returned 1
[0168.233] OffsetViewportOrgEx (in: hdc=0xdc0107c6, x=0, y=0, lppt=0x2d84700 | out: lppt=0x2d84700) returned 1
[0168.233] DrawThemeParentBackground () returned 0x0
[0168.233] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0168.233] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0168.233] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.233] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.233] GetSystemMetrics (nIndex=42) returned 0
[0168.233] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.233] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0168.234] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0168.234] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0168.234] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0168.234] SelectPalette (hdc=0xdc0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.234] GdipCreateFromHDC (hdc=0xdc0107c6, graphics=0xd7dff0) returned 0x0
[0168.234] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0168.234] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0168.234] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638ba8) returned 0x0
[0168.234] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dfc8) returned 0x0
[0168.234] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0168.234] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0168.234] GdipGetClip (graphics=0x663bc50, region=0x6644238) returned 0x0
[0168.234] GdipIsInfiniteRegion (region=0x6644238, graphics=0x663bc50, result=0xd7dfbc) returned 0x0
[0168.234] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.235] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dfe8) returned 0x0
[0168.235] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0168.246] GdipFillRectangleI (graphics=0x663bc50, brush=0x663a018, x=0, y=0, width=801, height=453) returned 0x0
[0168.246] GdipDeleteBrush (brush=0x663a018) returned 0x0
[0168.248] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0168.248] SelectPalette (hdc=0xdc0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.249] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.249] GetSystemMetrics (nIndex=42) returned 0
[0168.249] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0168.249] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0168.249] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0168.249] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0168.249] SelectPalette (hdc=0xdc0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.249] GdipCreateFromHDC (hdc=0xdc0107c6, graphics=0xd7df90) returned 0x0
[0168.249] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0168.249] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0168.250] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638ab8) returned 0x0
[0168.250] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df68) returned 0x0
[0168.250] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0168.250] GdipCreateRegion (region=0xd7df50) returned 0x0
[0168.250] GdipGetClip (graphics=0x663bc50, region=0x6644238) returned 0x0
[0168.250] GdipIsInfiniteRegion (region=0x6644238, graphics=0x663bc50, result=0xd7df5c) returned 0x0
[0168.250] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.250] GdipSaveGraphics (graphics=0x663bc50, state=0xd7df88) returned 0x0
[0168.250] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0168.260] GdipFillRectangleI (graphics=0x663bc50, brush=0x6639a00, x=0, y=0, width=801, height=453) returned 0x0
[0168.260] GdipDeleteBrush (brush=0x6639a00) returned 0x0
[0168.262] GdipRestoreGraphics (graphics=0x663bc50, state=0xfc7e0dbd) returned 0x0
[0168.262] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.262] GetSystemMetrics (nIndex=42) returned 0
[0168.262] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0168.262] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0168.262] SelectPalette (hdc=0xdc0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.262] RestoreDC (hdc=0xdc0107c6, nSavedDC=-1) returned 1
[0168.263] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107c6) returned 0x0
[0168.263] IsAppThemed () returned 0x1
[0168.263] GetThemeAppProperties () returned 0x3
[0168.263] GetThemeAppProperties () returned 0x3
[0168.263] IsAppThemed () returned 0x1
[0168.263] GetThemeAppProperties () returned 0x3
[0168.263] GetThemeAppProperties () returned 0x3
[0168.263] IsThemePartDefined () returned 0x1
[0168.263] GdipCreateRegion (region=0xd7e480) returned 0x0
[0168.263] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0168.263] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0168.263] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0168.263] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e498) returned 0x0
[0168.263] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0168.263] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee910) returned 0x0
[0168.263] LocalFree (hMem=0x11ee910) returned 0x0
[0168.263] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0168.263] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0168.264] LocalFree (hMem=0x11eec58) returned 0x0
[0168.264] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0168.264] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0168.264] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0168.264] GdipGetRegionHRgn (region=0x66447d8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0168.264] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0168.264] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0168.264] GetCurrentObject (hdc=0xdc0107c6, type=0x1) returned 0xb00017
[0168.264] GetCurrentObject (hdc=0xdc0107c6, type=0x2) returned 0x900010
[0168.264] GetCurrentObject (hdc=0xdc0107c6, type=0x7) returned 0x4a0507fe
[0168.264] GetCurrentObject (hdc=0xdc0107c6, type=0x6) returned 0x8a01c2
[0168.264] SaveDC (hdc=0xdc0107c6) returned 1
[0168.264] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb00407de
[0168.264] GetClipRgn (hdc=0xdc0107c6, hrgn=0xb00407de) returned 0
[0168.264] SelectClipRgn (hdc=0xdc0107c6, hrgn=0x2f040807) returned 2
[0168.265] DeleteObject (ho=0xb00407de) returned 1
[0168.265] DeleteObject (ho=0x2f040807) returned 1
[0168.265] OffsetViewportOrgEx (in: hdc=0xdc0107c6, x=0, y=0, lppt=0x2d8af50 | out: lppt=0x2d8af50) returned 1
[0168.265] IsAppThemed () returned 0x1
[0168.265] GetThemeAppProperties () returned 0x3
[0168.265] GetThemeAppProperties () returned 0x3
[0168.265] DrawThemeBackground () returned 0x0
[0168.265] RestoreDC (hdc=0xdc0107c6, nSavedDC=-1) returned 1
[0168.265] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107c6) returned 0x0
[0168.265] GdipCreateRegion (region=0xd7e484) returned 0x0
[0168.265] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0168.265] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0168.265] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0168.265] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e49c) returned 0x0
[0168.265] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0168.265] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0168.266] LocalFree (hMem=0x11ee868) returned 0x0
[0168.266] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.266] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0168.266] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.266] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0168.266] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0168.266] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0168.266] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0168.266] GdipDeleteRegion (region=0x6644358) returned 0x0
[0168.266] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0168.266] GetCurrentObject (hdc=0xdc0107c6, type=0x1) returned 0xb00017
[0168.266] GetCurrentObject (hdc=0xdc0107c6, type=0x2) returned 0x900010
[0168.266] GetCurrentObject (hdc=0xdc0107c6, type=0x7) returned 0x4a0507fe
[0168.266] GetCurrentObject (hdc=0xdc0107c6, type=0x6) returned 0x8a01c2
[0168.266] SaveDC (hdc=0xdc0107c6) returned 1
[0168.266] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x30040807
[0168.266] GetClipRgn (hdc=0xdc0107c6, hrgn=0x30040807) returned 0
[0168.267] SelectClipRgn (hdc=0xdc0107c6, hrgn=0xb10407de) returned 2
[0168.267] DeleteObject (ho=0x30040807) returned 1
[0168.267] DeleteObject (ho=0xb10407de) returned 1
[0168.267] OffsetViewportOrgEx (in: hdc=0xdc0107c6, x=0, y=0, lppt=0x2d8b224 | out: lppt=0x2d8b224) returned 1
[0168.267] IsAppThemed () returned 0x1
[0168.267] GetThemeAppProperties () returned 0x3
[0168.267] GetThemeAppProperties () returned 0x3
[0168.267] GetThemeBackgroundContentRect () returned 0x0
[0168.267] RestoreDC (hdc=0xdc0107c6, nSavedDC=-1) returned 1
[0168.267] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107c6) returned 0x0
[0168.267] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0168.267] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0168.267] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0168.267] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0168.267] IsAppThemed () returned 0x1
[0168.268] GetThemeAppProperties () returned 0x3
[0168.268] GetThemeAppProperties () returned 0x3
[0168.268] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0168.268] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0168.268] GetCurrentObject (hdc=0xdc0107c6, type=0x1) returned 0xb00017
[0168.268] GetCurrentObject (hdc=0xdc0107c6, type=0x2) returned 0x900010
[0168.268] GetCurrentObject (hdc=0xdc0107c6, type=0x7) returned 0x4a0507fe
[0168.268] GetCurrentObject (hdc=0xdc0107c6, type=0x6) returned 0x8a01c2
[0168.268] SaveDC (hdc=0xdc0107c6) returned 1
[0168.268] GetTextAlign (hdc=0xdc0107c6) returned 0x0
[0168.268] GetTextColor (hdc=0xdc0107c6) returned 0x0
[0168.268] GetCurrentObject (hdc=0xdc0107c6, type=0x6) returned 0x8a01c2
[0168.268] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0168.268] SelectObject (hdc=0xdc0107c6, h=0x6d0a0520) returned 0x8a01c2
[0168.268] GetBkMode (hdc=0xdc0107c6) returned 2
[0168.269] SetBkMode (hdc=0xdc0107c6, mode=1) returned 2
[0168.269] DrawTextExW (in: hdc=0xdc0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d8b5e8 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0168.269] DrawTextExW (in: hdc=0xdc0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d8b5e8 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0168.269] RestoreDC (hdc=0xdc0107c6, nSavedDC=-1) returned 1
[0168.270] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107c6) returned 0x0
[0168.270] GetFocus () returned 0x602c4
[0168.270] IsAppThemed () returned 0x1
[0168.270] GetThemeAppProperties () returned 0x3
[0168.270] GetThemeAppProperties () returned 0x3
[0168.270] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0168.270] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xdc0107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0168.270] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107c6) returned 0x0
[0168.270] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.271] SelectObject (hdc=0xdc0107c6, h=0x85000f) returned 0x4a0507fe
[0168.271] DeleteDC (hdc=0xdc0107c6) returned 1
[0168.271] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.271] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0168.271] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0168.271] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0168.271] WaitMessage () returned 1
[0168.325] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.326] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.326] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.326] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0168.326] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0168.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.326] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.326] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.326] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0168.326] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0168.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0025) returned 0x0
[0168.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0168.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0168.326] WaitMessage () returned 1
[0168.469] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.469] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740100) returned 0x1
[0168.469] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.470] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740100) returned 0x1
[0168.470] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0168.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0042) returned 0x0
[0168.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0168.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0168.470] SetCursor (hCursor=0x10003) returned 0x10003
[0168.470] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0168.470] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0168.471] GetKeyState (nVirtKey=1) returned -128
[0168.471] GetKeyState (nVirtKey=2) returned 0
[0168.471] GetKeyState (nVirtKey=4) returned 0
[0168.471] GetKeyState (nVirtKey=5) returned 0
[0168.471] GetKeyState (nVirtKey=6) returned 0
[0168.471] IsWindowVisible (hWnd=0x602c4) returned 1
[0168.471] IsWindowEnabled (hWnd=0x602c4) returned 1
[0168.471] SetFocus (hWnd=0x602c4) returned 0x602c4
[0168.471] GetFocus () returned 0x602c4
[0168.471] GetFocus () returned 0x602c4
[0168.471] GetFocus () returned 0x602c4
[0168.471] GetKeyState (nVirtKey=1) returned -128
[0168.471] GetKeyState (nVirtKey=2) returned 0
[0168.471] GetKeyState (nVirtKey=4) returned 0
[0168.471] GetKeyState (nVirtKey=5) returned 0
[0168.471] GetKeyState (nVirtKey=6) returned 0
[0168.471] GetCapture () returned 0x0
[0168.471] SetCapture (hWnd=0x602c4) returned 0x0
[0168.471] GetKeyState (nVirtKey=1) returned -128
[0168.471] GetKeyState (nVirtKey=2) returned 0
[0168.471] GetKeyState (nVirtKey=4) returned 0
[0168.471] GetKeyState (nVirtKey=5) returned 0
[0168.472] GetKeyState (nVirtKey=6) returned 0
[0168.472] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0168.472] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0168.472] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.472] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.472] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0168.472] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0168.472] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0168.472] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d8b76c, cPoints=0x1 | out: lpPoints=0x2d8b76c) returned 40304859
[0168.472] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0168.472] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0168.472] UpdateWindow (hWnd=0x602c4) returned 1
[0168.472] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0168.472] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.473] CreateCompatibleDC (hdc=0x60100ce) returned 0xdd0107c6
[0168.473] SelectObject (hdc=0xdd0107c6, h=0x4a0507fe) returned 0x85000f
[0168.473] GdipCreateFromHDC (hdc=0xdd0107c6, graphics=0xd7e430) returned 0x0
[0168.473] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0168.473] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0168.473] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0168.473] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0168.473] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e490) returned 0x0
[0168.473] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0168.473] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0168.473] LocalFree (hMem=0x11eec58) returned 0x0
[0168.474] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0168.474] GdipCreateRegion (region=0xd7e478) returned 0x0
[0168.474] GdipGetClip (graphics=0x6600030, region=0x66447d8) returned 0x0
[0168.474] GdipIsInfiniteRegion (region=0x66447d8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0168.474] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0168.474] GdipRestoreGraphics (graphics=0x6600030, state=0xfc7c0dbd) returned 0x0
[0168.474] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0168.474] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0168.474] GetCurrentObject (hdc=0xdd0107c6, type=0x1) returned 0xb00017
[0168.474] GetCurrentObject (hdc=0xdd0107c6, type=0x2) returned 0x900010
[0168.474] GetCurrentObject (hdc=0xdd0107c6, type=0x7) returned 0x4a0507fe
[0168.474] GetCurrentObject (hdc=0xdd0107c6, type=0x6) returned 0x8a01c2
[0168.474] SaveDC (hdc=0xdd0107c6) returned 1
[0168.474] GetNearestColor (hdc=0xdd0107c6, color=0xff) returned 0xff
[0168.474] GetNearestColor (hdc=0xdd0107c6, color=0x55) returned 0x55
[0168.475] GetNearestColor (hdc=0xdd0107c6, color=0x0) returned 0x0
[0168.475] GetNearestColor (hdc=0xdd0107c6, color=0x55) returned 0x55
[0168.475] GetNearestColor (hdc=0xdd0107c6, color=0x0) returned 0x0
[0168.475] GetNearestColor (hdc=0xdd0107c6, color=0x8080ff) returned 0x8080ff
[0168.475] GetNearestColor (hdc=0xdd0107c6, color=0x7373e5) returned 0x7373e5
[0168.475] GetNearestColor (hdc=0xdd0107c6, color=0xe5) returned 0xe5
[0168.475] GetNearestColor (hdc=0xdd0107c6, color=0x0) returned 0x0
[0168.475] RestoreDC (hdc=0xdd0107c6, nSavedDC=-1) returned 1
[0168.475] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107c6) returned 0x0
[0168.475] IsAppThemed () returned 0x1
[0168.475] GetThemeAppProperties () returned 0x3
[0168.475] GetThemeAppProperties () returned 0x3
[0168.475] IsAppThemed () returned 0x1
[0168.476] GetThemeAppProperties () returned 0x3
[0168.476] GetThemeAppProperties () returned 0x3
[0168.476] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d8be88 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0168.476] IsAppThemed () returned 0x1
[0168.476] GetThemeAppProperties () returned 0x3
[0168.476] GetThemeAppProperties () returned 0x3
[0168.476] IsAppThemed () returned 0x1
[0168.476] GetThemeAppProperties () returned 0x3
[0168.477] GetThemeAppProperties () returned 0x3
[0168.477] IsAppThemed () returned 0x1
[0168.477] GetThemeAppProperties () returned 0x3
[0168.477] GetThemeAppProperties () returned 0x3
[0168.477] IsAppThemed () returned 0x1
[0168.477] GetThemeAppProperties () returned 0x3
[0168.477] GetThemeAppProperties () returned 0x3
[0168.477] IsThemePartDefined () returned 0x1
[0168.477] IsAppThemed () returned 0x1
[0168.477] GetThemeAppProperties () returned 0x3
[0168.477] GetThemeAppProperties () returned 0x3
[0168.477] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0168.477] IsAppThemed () returned 0x1
[0168.478] GetThemeAppProperties () returned 0x3
[0168.478] GetThemeAppProperties () returned 0x3
[0168.478] IsAppThemed () returned 0x1
[0168.478] GetThemeAppProperties () returned 0x3
[0168.478] GetThemeAppProperties () returned 0x3
[0168.478] IsThemePartDefined () returned 0x1
[0168.478] GdipCreateRegion (region=0xd7e194) returned 0x0
[0168.478] GdipGetClip (graphics=0x6600030, region=0x6644b38) returned 0x0
[0168.478] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0168.478] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0168.478] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e1ac) returned 0x0
[0168.478] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.478] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0168.478] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.478] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.478] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0168.478] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.478] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0168.478] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0168.479] GdipIsInfiniteRegion (region=0x6644b38, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0168.479] GdipGetRegionHRgn (region=0x6644b38, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0168.479] GdipDeleteRegion (region=0x6644b38) returned 0x0
[0168.479] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0168.479] GetCurrentObject (hdc=0xdd0107c6, type=0x1) returned 0xb00017
[0168.479] GetCurrentObject (hdc=0xdd0107c6, type=0x2) returned 0x900010
[0168.479] GetCurrentObject (hdc=0xdd0107c6, type=0x7) returned 0x4a0507fe
[0168.479] GetCurrentObject (hdc=0xdd0107c6, type=0x6) returned 0x8a01c2
[0168.480] SaveDC (hdc=0xdd0107c6) returned 1
[0168.480] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb20407de
[0168.480] GetClipRgn (hdc=0xdd0107c6, hrgn=0xb20407de) returned 0
[0168.480] SelectClipRgn (hdc=0xdd0107c6, hrgn=0x34040807) returned 2
[0168.480] DeleteObject (ho=0xb20407de) returned 1
[0168.480] DeleteObject (ho=0x34040807) returned 1
[0168.480] OffsetViewportOrgEx (in: hdc=0xdd0107c6, x=0, y=0, lppt=0x2d8c538 | out: lppt=0x2d8c538) returned 1
[0168.480] DrawThemeParentBackground () returned 0x0
[0168.480] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0168.481] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0168.481] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.481] GetSystemMetrics (nIndex=42) returned 0
[0168.481] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0168.481] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0168.481] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0168.481] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0168.481] SelectPalette (hdc=0xdd0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.481] GdipCreateFromHDC (hdc=0xdd0107c6, graphics=0xd7dc88) returned 0x0
[0168.482] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0168.482] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0168.482] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638a88) returned 0x0
[0168.482] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc60) returned 0x0
[0168.482] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0168.482] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0168.482] GdipGetClip (graphics=0x663bc50, region=0x6644238) returned 0x0
[0168.482] GdipIsInfiniteRegion (region=0x6644238, graphics=0x663bc50, result=0xd7dc54) returned 0x0
[0168.482] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.482] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dc80) returned 0x0
[0168.482] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0168.492] GdipFillRectangleI (graphics=0x663bc50, brush=0x6639658, x=0, y=0, width=801, height=453) returned 0x0
[0168.492] GdipDeleteBrush (brush=0x6639658) returned 0x0
[0168.494] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0168.494] SelectPalette (hdc=0xdd0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.494] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.494] GetSystemMetrics (nIndex=42) returned 0
[0168.494] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0168.494] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0168.494] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0168.494] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0168.495] SelectPalette (hdc=0xdd0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.495] GdipCreateFromHDC (hdc=0xdd0107c6, graphics=0xd7dc28) returned 0x0
[0168.495] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0168.495] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0168.495] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638c98) returned 0x0
[0168.495] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc00) returned 0x0
[0168.495] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0168.495] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0168.495] GdipGetClip (graphics=0x663bc50, region=0x6644238) returned 0x0
[0168.495] GdipIsInfiniteRegion (region=0x6644238, graphics=0x663bc50, result=0xd7dbf4) returned 0x0
[0168.495] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.495] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dc20) returned 0x0
[0168.495] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0168.505] GdipFillRectangleI (graphics=0x663bc50, brush=0x6636568, x=0, y=0, width=801, height=453) returned 0x0
[0168.505] GdipDeleteBrush (brush=0x6636568) returned 0x0
[0168.507] GdipRestoreGraphics (graphics=0x663bc50, state=0xfc780dbd) returned 0x0
[0168.507] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.507] GetSystemMetrics (nIndex=42) returned 0
[0168.507] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0168.507] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0168.507] SelectPalette (hdc=0xdd0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.508] RestoreDC (hdc=0xdd0107c6, nSavedDC=-1) returned 1
[0168.508] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107c6) returned 0x0
[0168.508] IsAppThemed () returned 0x1
[0168.508] GetThemeAppProperties () returned 0x3
[0168.508] GetThemeAppProperties () returned 0x3
[0168.508] IsAppThemed () returned 0x1
[0168.508] GetThemeAppProperties () returned 0x3
[0168.508] GetThemeAppProperties () returned 0x3
[0168.508] IsThemePartDefined () returned 0x1
[0168.508] GdipCreateRegion (region=0xd7e118) returned 0x0
[0168.508] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.508] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0168.508] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0168.508] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e130) returned 0x0
[0168.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.509] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0168.509] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.509] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0168.509] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.509] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0168.509] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e158) returned 0x0
[0168.509] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e148) returned 0x0
[0168.509] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0168.509] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.509] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0168.509] GetCurrentObject (hdc=0xdd0107c6, type=0x1) returned 0xb00017
[0168.509] GetCurrentObject (hdc=0xdd0107c6, type=0x2) returned 0x900010
[0168.509] GetCurrentObject (hdc=0xdd0107c6, type=0x7) returned 0x4a0507fe
[0168.509] GetCurrentObject (hdc=0xdd0107c6, type=0x6) returned 0x8a01c2
[0168.509] SaveDC (hdc=0xdd0107c6) returned 1
[0168.510] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x35040807
[0168.510] GetClipRgn (hdc=0xdd0107c6, hrgn=0x35040807) returned 0
[0168.510] SelectClipRgn (hdc=0xdd0107c6, hrgn=0xb40407de) returned 2
[0168.510] DeleteObject (ho=0x35040807) returned 1
[0168.510] DeleteObject (ho=0xb40407de) returned 1
[0168.510] OffsetViewportOrgEx (in: hdc=0xdd0107c6, x=0, y=0, lppt=0x2d92d88 | out: lppt=0x2d92d88) returned 1
[0168.510] IsAppThemed () returned 0x1
[0168.510] GetThemeAppProperties () returned 0x3
[0168.510] GetThemeAppProperties () returned 0x3
[0168.510] DrawThemeBackground () returned 0x0
[0168.510] RestoreDC (hdc=0xdd0107c6, nSavedDC=-1) returned 1
[0168.510] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107c6) returned 0x0
[0168.510] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0168.510] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.510] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0168.511] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0168.511] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e134) returned 0x0
[0168.511] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0168.511] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0168.511] LocalFree (hMem=0x11ee868) returned 0x0
[0168.511] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0168.511] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0168.511] LocalFree (hMem=0x11eec58) returned 0x0
[0168.511] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0168.511] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0168.511] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0168.511] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0168.511] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.511] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0168.511] GetCurrentObject (hdc=0xdd0107c6, type=0x1) returned 0xb00017
[0168.511] GetCurrentObject (hdc=0xdd0107c6, type=0x2) returned 0x900010
[0168.511] GetCurrentObject (hdc=0xdd0107c6, type=0x7) returned 0x4a0507fe
[0168.511] GetCurrentObject (hdc=0xdd0107c6, type=0x6) returned 0x8a01c2
[0168.512] SaveDC (hdc=0xdd0107c6) returned 1
[0168.512] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb50407de
[0168.512] GetClipRgn (hdc=0xdd0107c6, hrgn=0xb50407de) returned 0
[0168.512] SelectClipRgn (hdc=0xdd0107c6, hrgn=0x36040807) returned 2
[0168.512] DeleteObject (ho=0xb50407de) returned 1
[0168.512] DeleteObject (ho=0x36040807) returned 1
[0168.512] OffsetViewportOrgEx (in: hdc=0xdd0107c6, x=0, y=0, lppt=0x2d9305c | out: lppt=0x2d9305c) returned 1
[0168.512] IsAppThemed () returned 0x1
[0168.512] GetThemeAppProperties () returned 0x3
[0168.512] GetThemeAppProperties () returned 0x3
[0168.512] GetThemeBackgroundContentRect () returned 0x0
[0168.512] RestoreDC (hdc=0xdd0107c6, nSavedDC=-1) returned 1
[0168.512] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107c6) returned 0x0
[0168.512] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0168.514] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0168.514] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0168.514] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0168.514] IsAppThemed () returned 0x1
[0168.514] GetThemeAppProperties () returned 0x3
[0168.514] GetThemeAppProperties () returned 0x3
[0168.514] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0168.514] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0168.514] GetCurrentObject (hdc=0xdd0107c6, type=0x1) returned 0xb00017
[0168.514] GetCurrentObject (hdc=0xdd0107c6, type=0x2) returned 0x900010
[0168.514] GetCurrentObject (hdc=0xdd0107c6, type=0x7) returned 0x4a0507fe
[0168.514] GetCurrentObject (hdc=0xdd0107c6, type=0x6) returned 0x8a01c2
[0168.514] SaveDC (hdc=0xdd0107c6) returned 1
[0168.514] GetTextAlign (hdc=0xdd0107c6) returned 0x0
[0168.515] GetTextColor (hdc=0xdd0107c6) returned 0x0
[0168.515] GetCurrentObject (hdc=0xdd0107c6, type=0x6) returned 0x8a01c2
[0168.515] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0168.515] SelectObject (hdc=0xdd0107c6, h=0x6d0a0520) returned 0x8a01c2
[0168.515] GetBkMode (hdc=0xdd0107c6) returned 2
[0168.515] SetBkMode (hdc=0xdd0107c6, mode=1) returned 2
[0168.515] DrawTextExW (in: hdc=0xdd0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d93420 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0168.515] DrawTextExW (in: hdc=0xdd0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d93420 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0168.516] RestoreDC (hdc=0xdd0107c6, nSavedDC=-1) returned 1
[0168.516] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107c6) returned 0x0
[0168.516] GetFocus () returned 0x602c4
[0168.516] IsAppThemed () returned 0x1
[0168.516] GetThemeAppProperties () returned 0x3
[0168.516] GetThemeAppProperties () returned 0x3
[0168.516] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0168.516] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xdd0107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0168.517] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107c6) returned 0x0
[0168.517] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.517] SelectObject (hdc=0xdd0107c6, h=0x85000f) returned 0x4a0507fe
[0168.517] DeleteDC (hdc=0xdd0107c6) returned 1
[0168.517] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.517] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0168.517] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d9351c, cPoints=0x1 | out: lpPoints=0x2d9351c) returned 40304859
[0168.517] WindowFromPoint (Point=0x100) returned 0x602c4
[0168.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740100) returned 0x1
[0168.518] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0168.518] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0168.518] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0168.518] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0168.518] GetSystemMetrics (nIndex=42) returned 0
[0168.518] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0168.518] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0168.521] GetCapture () returned 0x602c4
[0168.521] ReleaseCapture () returned 1
[0168.521] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0168.521] GetProcessWindowStation () returned 0x13c
[0168.522] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.522] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0168.523] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.523] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0168.523] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.523] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0168.523] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.523] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0168.524] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.524] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0168.524] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.524] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0168.524] GetDC (hWnd=0x0) returned 0x107b9
[0168.524] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0168.525] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0168.525] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.525] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0168.525] GetSystemMetrics (nIndex=5) returned 1
[0168.525] GetSystemMetrics (nIndex=6) returned 1
[0168.525] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.525] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0168.526] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.526] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0168.531] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0168.531] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0168.531] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.531] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0168.531] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.531] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0168.533] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d98f38 | out: lpData=0x2d98f38) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d99348, puLen=0xd7e810) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d98ff0, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d99044, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d990c4, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9912c, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9916c, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d991f4, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d99230, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d99288, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d992b8, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d992f4, puLen=0xd7e790) returned 1
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d99348, puLen=0xd7e784) returned 1
[0168.534] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.534] VerQueryValueW (in: pBlock=0x2d98f38, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d98f60, puLen=0xd7e794) returned 1
[0168.535] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0168.535] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0168.535] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.535] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0168.535] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.536] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0168.536] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d9aea8 | out: lpData=0x2d9aea8) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9af44, puLen=0xd7e810) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9afbc, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9afec, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b028, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b058, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b0a0, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b118, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b15c, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b19c, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9af9a, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b0e8, puLen=0xd7e790) returned 1
[0168.536] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.537] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.537] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9af44, puLen=0xd7e784) returned 1
[0168.537] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0168.537] VerQueryValueW (in: pBlock=0x2d9aea8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9aed0, puLen=0xd7e794) returned 1
[0168.538] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0168.538] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0168.538] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.538] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0168.538] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.538] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0168.539] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d9d180 | out: lpData=0x2d9d180) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9d594, puLen=0xd7e810) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d238, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d28c, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d2e8, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d348, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d3a0, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d428, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d47c, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d4d4, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d504, puLen=0xd7e790) returned 1
[0168.540] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.541] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d540, puLen=0xd7e790) returned 1
[0168.541] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.541] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9d594, puLen=0xd7e784) returned 1
[0168.541] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.541] VerQueryValueW (in: pBlock=0x2d9d180, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9d1a8, puLen=0xd7e794) returned 1
[0168.542] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0168.542] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0168.542] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.542] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0168.542] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.542] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0168.543] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d9f7b8 | out: lpData=0x2d9f7b8) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9fbb8, puLen=0xd7e810) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9f870, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9f8c4, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9f904, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9f96c, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9f9c4, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9fa4c, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9faa0, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9faf8, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9fb28, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9fb64, puLen=0xd7e790) returned 1
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9fbb8, puLen=0xd7e784) returned 1
[0168.547] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.547] VerQueryValueW (in: pBlock=0x2d9f7b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9f7e0, puLen=0xd7e794) returned 1
[0168.548] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0168.549] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0168.549] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.549] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0168.549] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.549] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0168.550] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2da1ef4 | out: lpData=0x2da1ef4) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da22bc, puLen=0xd7e810) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da1fac, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2000, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2040, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da20a8, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da20e4, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da216c, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da21a4, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da21fc, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da222c, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2268, puLen=0xd7e790) returned 1
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.551] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da22bc, puLen=0xd7e784) returned 1
[0168.552] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.552] VerQueryValueW (in: pBlock=0x2da1ef4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da1f1c, puLen=0xd7e794) returned 1
[0168.553] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0168.553] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0168.553] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.553] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0168.553] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.553] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0168.554] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2da555c | out: lpData=0x2da555c) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da593c, puLen=0xd7e810) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5614, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5668, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da56a8, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5708, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5754, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da57dc, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5824, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da587c, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da58ac, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da58e8, puLen=0xd7e790) returned 1
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da593c, puLen=0xd7e784) returned 1
[0168.555] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.555] VerQueryValueW (in: pBlock=0x2da555c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da5584, puLen=0xd7e794) returned 1
[0168.556] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0168.556] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0168.556] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.557] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0168.557] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.557] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0168.558] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2da7d7c | out: lpData=0x2da7d7c) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da8188, puLen=0xd7e810) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7e34, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7e88, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7edc, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7f3c, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7f94, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da801c, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8070, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da80c8, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da80f8, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8134, puLen=0xd7e790) returned 1
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.559] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da8188, puLen=0xd7e784) returned 1
[0168.561] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.561] VerQueryValueW (in: pBlock=0x2da7d7c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da7da4, puLen=0xd7e794) returned 1
[0168.562] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0168.562] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0168.562] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.562] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0168.562] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.562] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0168.563] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2daa590 | out: lpData=0x2daa590) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2daa968, puLen=0xd7e810) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa648, puLen=0xd7e790) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa69c, puLen=0xd7e790) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa6dc, puLen=0xd7e790) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa744, puLen=0xd7e790) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa788, puLen=0xd7e790) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa810, puLen=0xd7e790) returned 1
[0168.564] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa850, puLen=0xd7e790) returned 1
[0168.565] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa8a8, puLen=0xd7e790) returned 1
[0168.565] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa8d8, puLen=0xd7e790) returned 1
[0168.565] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.565] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa914, puLen=0xd7e790) returned 1
[0168.565] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.565] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2daa968, puLen=0xd7e784) returned 1
[0168.565] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.565] VerQueryValueW (in: pBlock=0x2daa590, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2daa5b8, puLen=0xd7e794) returned 1
[0168.566] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0168.566] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0168.566] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.566] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0168.566] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.566] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0168.567] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dacae8 | out: lpData=0x2dacae8) returned 1
[0168.568] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dacec0, puLen=0xd7e810) returned 1
[0168.568] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacba0, puLen=0xd7e790) returned 1
[0168.568] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacbf4, puLen=0xd7e790) returned 1
[0168.568] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacc34, puLen=0xd7e790) returned 1
[0168.568] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacc9c, puLen=0xd7e790) returned 1
[0168.568] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacce0, puLen=0xd7e790) returned 1
[0168.568] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacd68, puLen=0xd7e790) returned 1
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacda8, puLen=0xd7e790) returned 1
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dace00, puLen=0xd7e790) returned 1
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dace30, puLen=0xd7e790) returned 1
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dace6c, puLen=0xd7e790) returned 1
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dacec0, puLen=0xd7e784) returned 1
[0168.569] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.569] VerQueryValueW (in: pBlock=0x2dacae8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dacb10, puLen=0xd7e794) returned 1
[0168.570] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0168.570] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0168.570] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0168.570] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0168.570] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0168.570] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0168.571] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2daf220 | out: lpData=0x2daf220) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2daf650, puLen=0xd7e810) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf2d8, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf32c, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf39c, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf3fc, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf458, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf4e0, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf538, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf590, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf5c0, puLen=0xd7e790) returned 1
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.572] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf5fc, puLen=0xd7e790) returned 1
[0168.573] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0168.573] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2daf650, puLen=0xd7e784) returned 1
[0168.573] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0168.573] VerQueryValueW (in: pBlock=0x2daf220, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2daf248, puLen=0xd7e794) returned 1
[0168.573] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0168.573] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.574] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0168.574] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.574] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.574] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02d2
[0168.575] SetWindowLongW (hWnd=0xa02d2, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0168.575] GetWindowLongW (hWnd=0xa02d2, nIndex=-4) returned 1950089536
[0168.576] SetWindowLongW (hWnd=0xa02d2, nIndex=-4, dwNewLong=19941950) returned 1950089536
[0168.576] GetWindowLongW (hWnd=0xa02d2, nIndex=-4) returned 19941950
[0168.576] GetWindowLongW (hWnd=0xa02d2, nIndex=-16) returned 113311744
[0168.576] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0168.576] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0168.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0168.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0168.577] GetClientRect (in: hWnd=0xa02d2, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0168.577] GetWindowRect (in: hWnd=0xa02d2, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0168.577] SetWindowTextW (hWnd=0xa02d2, lpString="WindowsFormsParkingWindow") returned 1
[0168.578] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0xc, wParam=0x0, lParam=0x2d74740) returned 0x1
[0168.578] GetParent (hWnd=0xa02d2) returned 0x0
[0168.579] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.579] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xa02d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02d8
[0168.579] SetWindowLongW (hWnd=0xb02d8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0168.579] GetWindowLongW (hWnd=0xb02d8, nIndex=-4) returned 1868147648
[0168.579] SetWindowLongW (hWnd=0xb02d8, nIndex=-4, dwNewLong=19942110) returned 1868147648
[0168.580] GetWindowLongW (hWnd=0xb02d8, nIndex=-4) returned 19942110
[0168.580] GetWindowLongW (hWnd=0xb02d8, nIndex=-16) returned 1174405133
[0168.580] GetWindowLongW (hWnd=0xb02d8, nIndex=-12) returned 0
[0168.580] SetWindowLongW (hWnd=0xb02d8, nIndex=-12, dwNewLong=721624) returned 0
[0168.580] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0168.580] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0168.581] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0168.581] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0168.581] GetWindowRect (in: hWnd=0xb02d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0168.581] GetParent (hWnd=0xb02d8) returned 0xa02d2
[0168.581] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d2, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0168.582] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0168.582] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0168.582] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0168.582] GetWindowRect (in: hWnd=0xb02d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0168.582] GetParent (hWnd=0xb02d8) returned 0xa02d2
[0168.582] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d2, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0168.582] SendMessageW (hWnd=0xb02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xb02d8) returned 0x0
[0168.582] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xb02d8) returned 0x0
[0168.583] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.583] GetParent (hWnd=0xb02d8) returned 0xa02d2
[0168.583] GdipCreateFromHWND (hwnd=0xb02d8, graphics=0xd7e844) returned 0x0
[0168.583] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0168.585] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.585] GetForegroundWindow () returned 0x7005c
[0168.585] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.585] GetSystemMetrics (nIndex=42) returned 0
[0168.585] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0168.585] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0168.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.586] GetSystemMetrics (nIndex=42) returned 0
[0168.586] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0168.586] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.586] GetCursorPos (in: lpPoint=0x2db36a4 | out: lpPoint=0x2db36a4*(x=256, y=628)) returned 1
[0168.586] MonitorFromPoint (pt=0x100, dwFlags=0x274) returned 0x10001
[0168.586] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0168.587] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf60107d1
[0168.587] GetDeviceCaps (hdc=0xf60107d1, index=12) returned 32
[0168.587] GetDeviceCaps (hdc=0xf60107d1, index=14) returned 1
[0168.587] DeleteDC (hdc=0xf60107d1) returned 1
[0168.587] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0168.587] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0168.587] GetSystemMetrics (nIndex=59) returned 1460
[0168.587] GetSystemMetrics (nIndex=60) returned 920
[0168.587] GetSystemMetrics (nIndex=34) returned 136
[0168.587] GetSystemMetrics (nIndex=35) returned 39
[0168.588] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.588] GetCursorPos (in: lpPoint=0x2db3910 | out: lpPoint=0x2db3910*(x=256, y=628)) returned 1
[0168.588] MonitorFromPoint (pt=0xfd, dwFlags=0x273) returned 0x10001
[0168.588] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0168.588] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf70107d1
[0168.588] GetDeviceCaps (hdc=0xf70107d1, index=12) returned 32
[0168.588] GetDeviceCaps (hdc=0xf70107d1, index=14) returned 1
[0168.588] DeleteDC (hdc=0xf70107d1) returned 1
[0168.588] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0168.589] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0168.589] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.589] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0168.589] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2db3ba8 | out: piconinfo=0x2db3ba8) returned 1
[0168.589] GetObjectW (in: h=0x6f0507e9, c=24, pv=0x2db3bc4 | out: pv=0x2db3bc4) returned 24
[0168.590] GdipCreateBitmapFromHBITMAP (hbm=0x6f0507e9, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0168.590] GdipGetImageWidth (image=0x66019f0, width=0xd7e750) returned 0x0
[0168.590] GdipGetImageHeight (image=0x66019f0, height=0xd7e748) returned 0x0
[0168.590] GdipGetImagePixelFormat (image=0x66019f0, format=0xd7e740) returned 0x0
[0168.590] GdipBitmapLockBits (bitmap=0x66019f0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2db3c7c) returned 0x0
[0168.590] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0168.591] GdipBitmapLockBits (bitmap=0x6600640, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2db3cb4) returned 0x0
[0168.591] RtlMoveMemory (in: Destination=0x664c6d8, Source=0x663a010, Length=0x80 | out: Destination=0x664c6d8)
[0168.591] RtlMoveMemory (in: Destination=0x664c758, Source=0x6639f90, Length=0x80 | out: Destination=0x664c758)
[0168.591] RtlMoveMemory (in: Destination=0x664c7d8, Source=0x6639f10, Length=0x80 | out: Destination=0x664c7d8)
[0168.591] RtlMoveMemory (in: Destination=0x664c858, Source=0x6639e90, Length=0x80 | out: Destination=0x664c858)
[0168.591] RtlMoveMemory (in: Destination=0x664c8d8, Source=0x6639e10, Length=0x80 | out: Destination=0x664c8d8)
[0168.592] RtlMoveMemory (in: Destination=0x664c958, Source=0x6639d90, Length=0x80 | out: Destination=0x664c958)
[0168.592] RtlMoveMemory (in: Destination=0x664c9d8, Source=0x6639d10, Length=0x80 | out: Destination=0x664c9d8)
[0168.592] RtlMoveMemory (in: Destination=0x664ca58, Source=0x6639c90, Length=0x80 | out: Destination=0x664ca58)
[0168.592] RtlMoveMemory (in: Destination=0x664cad8, Source=0x6639c10, Length=0x80 | out: Destination=0x664cad8)
[0168.592] RtlMoveMemory (in: Destination=0x664cb58, Source=0x6639b90, Length=0x80 | out: Destination=0x664cb58)
[0168.592] RtlMoveMemory (in: Destination=0x664cbd8, Source=0x6639b10, Length=0x80 | out: Destination=0x664cbd8)
[0168.592] RtlMoveMemory (in: Destination=0x664cc58, Source=0x6639a90, Length=0x80 | out: Destination=0x664cc58)
[0168.592] RtlMoveMemory (in: Destination=0x664ccd8, Source=0x6639a10, Length=0x80 | out: Destination=0x664ccd8)
[0168.592] RtlMoveMemory (in: Destination=0x664cd58, Source=0x6639990, Length=0x80 | out: Destination=0x664cd58)
[0168.592] RtlMoveMemory (in: Destination=0x664cdd8, Source=0x6639910, Length=0x80 | out: Destination=0x664cdd8)
[0168.592] RtlMoveMemory (in: Destination=0x664ce58, Source=0x6639890, Length=0x80 | out: Destination=0x664ce58)
[0168.592] RtlMoveMemory (in: Destination=0x664ced8, Source=0x6639810, Length=0x80 | out: Destination=0x664ced8)
[0168.592] RtlMoveMemory (in: Destination=0x664cf58, Source=0x6639790, Length=0x80 | out: Destination=0x664cf58)
[0168.592] RtlMoveMemory (in: Destination=0x664cfd8, Source=0x6639710, Length=0x80 | out: Destination=0x664cfd8)
[0168.592] RtlMoveMemory (in: Destination=0x664d058, Source=0x6639690, Length=0x80 | out: Destination=0x664d058)
[0168.592] RtlMoveMemory (in: Destination=0x664d0d8, Source=0x6639610, Length=0x80 | out: Destination=0x664d0d8)
[0168.592] RtlMoveMemory (in: Destination=0x664d158, Source=0x6639590, Length=0x80 | out: Destination=0x664d158)
[0168.592] RtlMoveMemory (in: Destination=0x664d1d8, Source=0x6639510, Length=0x80 | out: Destination=0x664d1d8)
[0168.592] RtlMoveMemory (in: Destination=0x664d258, Source=0x6639490, Length=0x80 | out: Destination=0x664d258)
[0168.593] RtlMoveMemory (in: Destination=0x664d2d8, Source=0x6639410, Length=0x80 | out: Destination=0x664d2d8)
[0168.593] RtlMoveMemory (in: Destination=0x664d358, Source=0x6639390, Length=0x80 | out: Destination=0x664d358)
[0168.593] RtlMoveMemory (in: Destination=0x664d3d8, Source=0x6639310, Length=0x80 | out: Destination=0x664d3d8)
[0168.593] RtlMoveMemory (in: Destination=0x664d458, Source=0x6639290, Length=0x80 | out: Destination=0x664d458)
[0168.593] RtlMoveMemory (in: Destination=0x664d4d8, Source=0x6639210, Length=0x80 | out: Destination=0x664d4d8)
[0168.593] RtlMoveMemory (in: Destination=0x664d558, Source=0x6639190, Length=0x80 | out: Destination=0x664d558)
[0168.593] RtlMoveMemory (in: Destination=0x664d5d8, Source=0x6639110, Length=0x80 | out: Destination=0x664d5d8)
[0168.593] RtlMoveMemory (in: Destination=0x664d658, Source=0x6639090, Length=0x80 | out: Destination=0x664d658)
[0168.593] GdipBitmapUnlockBits (bitmap=0x66019f0, lockedBitmapData=0x2db3c7c) returned 0x0
[0168.593] GdipBitmapUnlockBits (bitmap=0x6600640, lockedBitmapData=0x2db3cb4) returned 0x0
[0168.593] GdipDisposeImage (image=0x66019f0) returned 0x0
[0168.593] DeleteObject (ho=0x6f0507e9) returned 1
[0168.593] DeleteObject (ho=0xf80507d1) returned 1
[0168.593] GetCurrentThreadId () returned 0xf50
[0168.593] GetCurrentThreadId () returned 0xf50
[0168.593] SetWindowPos (hWnd=0xb02d8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0168.594] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0168.594] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0168.594] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0168.594] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0168.594] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0168.594] GetWindowRect (in: hWnd=0xb02d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0168.594] GetParent (hWnd=0xb02d8) returned 0xa02d2
[0168.594] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d2, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0168.594] InvalidateRect (hWnd=0xb02d8, lpRect=0x0, bErase=1) returned 1
[0168.594] GetWindowTextLengthW (hWnd=0xb02d8) returned 0
[0168.595] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0168.595] GetSystemMetrics (nIndex=42) returned 0
[0168.595] GetWindowTextW (in: hWnd=0xb02d8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0168.595] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0168.595] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0168.595] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0168.595] GetWindowRect (in: hWnd=0xb02d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0168.595] GetParent (hWnd=0xb02d8) returned 0xa02d2
[0168.595] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d2, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0168.595] GetWindowTextLengthW (hWnd=0xb02d8) returned 0
[0168.595] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0168.595] GetSystemMetrics (nIndex=42) returned 0
[0168.595] GetWindowTextW (in: hWnd=0xb02d8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0168.595] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0168.596] GetWindowTextLengthW (hWnd=0xb02d8) returned 0
[0168.596] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0168.596] GetSystemMetrics (nIndex=42) returned 0
[0168.596] GetWindowTextW (in: hWnd=0xb02d8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0168.596] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0168.596] SetWindowTextW (hWnd=0xb02d8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0168.596] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xc, wParam=0x0, lParam=0x2d94b10) returned 0x1
[0168.596] InvalidateRect (hWnd=0xb02d8, lpRect=0x0, bErase=1) returned 1
[0168.596] GetCurrentThreadId () returned 0xf50
[0168.596] GetWindowThreadProcessId (in: hWnd=0xb02d8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0168.597] GdipCreateBitmapFromStream (stream=0x509ff10, bitmap=0xd7e840) returned 0x0
[0168.598] GdipImageForceValidation (image=0x66030e8) returned 0x0
[0168.600] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0168.600] GdipGetImageHeight (image=0x66030e8, height=0xd7e824) returned 0x0
[0168.600] GdipGetImageWidth (image=0x66030e8, width=0xd7e824) returned 0x0
[0168.600] GdipGetImageWidth (image=0x66030e8, width=0xd7e810) returned 0x0
[0168.600] GdipGetImageHeight (image=0x66030e8, height=0xd7e810) returned 0x0
[0168.600] GdipGetImageWidth (image=0x66030e8, width=0xd7e800) returned 0x0
[0168.600] GdipGetImageHeight (image=0x66030e8, height=0xd7e800) returned 0x0
[0168.600] GdipBitmapGetPixel (bitmap=0x66030e8, x=0, y=15, color=0xd7e810) returned 0x0
[0168.600] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0168.600] GdipGetImageWidth (image=0x66030e8, width=0xd7e740) returned 0x0
[0168.600] GdipGetImageHeight (image=0x66030e8, height=0xd7e740) returned 0x0
[0168.600] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0168.600] GdipGetImagePixelFormat (image=0x6604150, format=0xd7e740) returned 0x0
[0168.600] GdipGetImageGraphicsContext (image=0x6604150, graphics=0xd7e74c) returned 0x0
[0168.601] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0168.601] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0168.601] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0168.601] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66030e8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0168.601] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0168.601] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.601] GdipDisposeImage (image=0x66030e8) returned 0x0
[0168.602] GdipCreateBitmapFromStream (stream=0x509fef0, bitmap=0xd7e840) returned 0x0
[0168.603] GdipImageForceValidation (image=0x66016a8) returned 0x0
[0168.604] GdipGetImageRawFormat (image=0x66016a8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0168.604] GdipGetImageHeight (image=0x66016a8, height=0xd7e824) returned 0x0
[0168.604] GdipGetImageWidth (image=0x66016a8, width=0xd7e824) returned 0x0
[0168.604] GdipGetImageWidth (image=0x66016a8, width=0xd7e810) returned 0x0
[0168.604] GdipGetImageHeight (image=0x66016a8, height=0xd7e810) returned 0x0
[0168.604] GdipGetImageWidth (image=0x66016a8, width=0xd7e800) returned 0x0
[0168.604] GdipGetImageHeight (image=0x66016a8, height=0xd7e800) returned 0x0
[0168.605] GdipBitmapGetPixel (bitmap=0x66016a8, x=0, y=15, color=0xd7e810) returned 0x0
[0168.605] GdipGetImageRawFormat (image=0x66016a8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0168.605] GdipGetImageWidth (image=0x66016a8, width=0xd7e740) returned 0x0
[0168.605] GdipGetImageHeight (image=0x66016a8, height=0xd7e740) returned 0x0
[0168.605] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0168.605] GdipGetImagePixelFormat (image=0x6600988, format=0xd7e740) returned 0x0
[0168.605] GdipGetImageGraphicsContext (image=0x6600988, graphics=0xd7e74c) returned 0x0
[0168.605] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0168.605] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0168.605] GdipSetImageAttributesColorKeys (imageattr=0x6638c68, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0168.605] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66016a8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c68, callback=0x0, callbackData=0x0) returned 0x0
[0168.605] GdipDisposeImageAttributes (imageattr=0x6638c68) returned 0x0
[0168.605] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.606] GdipDisposeImage (image=0x66016a8) returned 0x0
[0168.606] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.607] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0168.607] GetCurrentThreadId () returned 0xf50
[0168.607] GetCurrentThreadId () returned 0xf50
[0168.607] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.607] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0168.607] GetCurrentThreadId () returned 0xf50
[0168.607] GetCurrentThreadId () returned 0xf50
[0168.607] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.608] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0168.608] GetCurrentThreadId () returned 0xf50
[0168.608] GetCurrentThreadId () returned 0xf50
[0168.608] GetSystemMetrics (nIndex=5) returned 1
[0168.608] GetSystemMetrics (nIndex=6) returned 1
[0168.608] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.608] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0168.608] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.608] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0168.609] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.609] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0168.609] GetCurrentThreadId () returned 0xf50
[0168.609] GetCurrentThreadId () returned 0xf50
[0168.609] GetProcessWindowStation () returned 0x13c
[0168.609] GetCapture () returned 0x0
[0168.609] GetActiveWindow () returned 0x7005c
[0168.609] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0168.610] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.610] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0168.610] GetCursorPos (in: lpPoint=0x2db4df4 | out: lpPoint=0x2db4df4*(x=256, y=628)) returned 1
[0168.610] MonitorFromPoint (pt=0x100, dwFlags=0x274) returned 0x10001
[0168.610] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0168.610] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf90107d1
[0168.610] GetDeviceCaps (hdc=0xf90107d1, index=12) returned 32
[0168.610] GetDeviceCaps (hdc=0xf90107d1, index=14) returned 1
[0168.610] DeleteDC (hdc=0xf90107d1) returned 1
[0168.610] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0168.611] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.611] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902da
[0168.611] SetWindowLongW (hWnd=0x902da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0168.611] GetWindowLongW (hWnd=0x902da, nIndex=-4) returned 1950089536
[0168.612] SetWindowLongW (hWnd=0x902da, nIndex=-4, dwNewLong=19941830) returned 1950089536
[0168.612] GetWindowLongW (hWnd=0x902da, nIndex=-4) returned 19941830
[0168.612] GetWindowLongW (hWnd=0x902da, nIndex=-16) returned 113770496
[0168.612] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0168.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0168.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0168.614] GetClientRect (in: hWnd=0x902da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0168.614] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0168.614] SetWindowTextW (hWnd=0x902da, lpString="BB ransomware") returned 1
[0168.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xc, wParam=0x0, lParam=0x2db3590) returned 0x1
[0168.615] GetStartupInfoW (in: lpStartupInfo=0x2db5130 | out: lpStartupInfo=0x2db5130*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0168.617] GetParent (hWnd=0x902da) returned 0x0
[0168.617] SetWindowLongW (hWnd=0x902da, nIndex=-8, dwNewLong=0) returned 0
[0168.617] SendMessageW (hWnd=0x902da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0168.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0168.618] SendMessageW (hWnd=0x902da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0168.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0168.618] GetSystemMenu (hWnd=0x902da, bRevert=0) returned 0x41013b
[0168.618] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0168.619] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0168.619] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0168.619] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0168.619] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0168.619] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0168.619] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0168.619] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0168.619] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0168.619] SetWindowPos (hWnd=0x902da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0168.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0168.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x902da) returned 0x1
[0168.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0168.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0168.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0168.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0168.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0168.632] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x902da, lParam=0x0) returned 0x0
[0168.632] GetCapture () returned 0x0
[0168.632] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0168.633] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0168.634] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0168.636] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0168.636] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0168.636] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0168.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0168.637] GetParent (hWnd=0x902da) returned 0x0
[0168.637] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0168.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0168.648] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0168.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0168.648] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0168.648] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0168.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0168.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0168.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0168.651] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.651] GetWindowLongW (hWnd=0x902da, nIndex=-16) returned 113770496
[0168.652] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.652] GetSystemMetrics (nIndex=42) returned 0
[0168.652] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0168.652] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.652] GetSystemMetrics (nIndex=42) returned 0
[0168.652] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0168.652] GetCursorPos (in: lpPoint=0x2db536c | out: lpPoint=0x2db536c*(x=256, y=628)) returned 1
[0168.652] MonitorFromPoint (pt=0x100, dwFlags=0x274) returned 0x10001
[0168.652] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0168.652] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf60107a2
[0168.653] GetDeviceCaps (hdc=0xf60107a2, index=12) returned 32
[0168.653] GetDeviceCaps (hdc=0xf60107a2, index=14) returned 1
[0168.653] DeleteDC (hdc=0xf60107a2) returned 1
[0168.653] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0168.653] GetWindowLongW (hWnd=0x902da, nIndex=-16) returned 113770496
[0168.653] GetWindowLongW (hWnd=0x902da, nIndex=-20) returned 327945
[0168.653] SetWindowLongW (hWnd=0x902da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0168.653] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0168.654] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0168.655] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0168.655] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0168.655] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0168.656] SetWindowLongW (hWnd=0x902da, nIndex=-20, dwNewLong=327681) returned 327945
[0168.656] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0168.656] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0168.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0168.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0168.658] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0168.658] SetWindowPos (hWnd=0x902da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0168.658] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0168.658] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0168.659] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0168.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0168.659] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0168.659] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0168.660] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0168.660] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0168.660] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0168.661] RedrawWindow (hWnd=0x902da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0168.661] GetSystemMenu (hWnd=0x902da, bRevert=0) returned 0x41013b
[0168.661] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0168.661] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0168.661] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0168.661] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0168.661] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0168.661] EnableMenuItem (hMenu=0x41013b, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0168.661] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0168.661] GetWindowLongW (hWnd=0x902da, nIndex=-8) returned 0
[0168.661] SetWindowLongW (hWnd=0x902da, nIndex=-8, dwNewLong=458844) returned 0
[0168.663] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0168.663] GetProcessWindowStation () returned 0x13c
[0168.663] GetCurrentThreadId () returned 0xf50
[0168.663] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304a66, lParam=0x0) returned 1
[0168.663] IsWindowVisible (hWnd=0x902da) returned 0
[0168.663] IsWindowVisible (hWnd=0x7005c) returned 1
[0168.663] IsWindowEnabled (hWnd=0x7005c) returned 1
[0168.663] IsWindowVisible (hWnd=0x300ec) returned 0
[0168.663] IsWindowVisible (hWnd=0x502c6) returned 0
[0168.663] IsWindowVisible (hWnd=0x502be) returned 0
[0168.663] GetActiveWindow () returned 0x902da
[0168.664] GetFocus () returned 0x902da
[0168.664] IsWindow (hWnd=0x7005c) returned 1
[0168.664] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0168.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0168.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0168.665] GetWindowLongW (hWnd=0x902da, nIndex=-8) returned 458844
[0168.665] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0168.665] GetCurrentThreadId () returned 0xf50
[0168.665] GetWindowLongW (hWnd=0x902da, nIndex=-8) returned 458844
[0168.665] IsWindowEnabled (hWnd=0x7005c) returned 0
[0168.665] IsWindowEnabled (hWnd=0x902da) returned 1
[0168.665] ShowWindow (hWnd=0x902da, nCmdShow=5) returned 0
[0168.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.665] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0168.666] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.666] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.666] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x7005a
[0168.667] SetWindowLongW (hWnd=0x7005a, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0168.667] GetWindowLongW (hWnd=0x7005a, nIndex=-4) returned 1950089536
[0168.667] SetWindowLongW (hWnd=0x7005a, nIndex=-4, dwNewLong=19938886) returned 1950089536
[0168.667] GetWindowLongW (hWnd=0x7005a, nIndex=-4) returned 19938886
[0168.667] GetWindowLongW (hWnd=0x7005a, nIndex=-16) returned 1174405120
[0168.667] GetWindowLongW (hWnd=0x7005a, nIndex=-12) returned 0
[0168.667] SetWindowLongW (hWnd=0x7005a, nIndex=-12, dwNewLong=458842) returned 0
[0168.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0168.687] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0168.687] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0168.687] GetWindow (hWnd=0x7005a, uCmd=0x3) returned 0x0
[0168.687] GetClientRect (in: hWnd=0x7005a, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0168.687] GetWindowRect (in: hWnd=0x7005a, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0168.687] GetParent (hWnd=0x7005a) returned 0x902da
[0168.687] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0168.688] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0168.688] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0168.688] GetClientRect (in: hWnd=0x7005a, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0168.688] GetWindowRect (in: hWnd=0x7005a, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0168.688] GetParent (hWnd=0x7005a) returned 0x902da
[0168.688] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0168.688] SendMessageW (hWnd=0x7005a, Msg=0x2210, wParam=0x5a0001, lParam=0x7005a) returned 0x0
[0168.688] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x2210, wParam=0x5a0001, lParam=0x7005a) returned 0x0
[0168.689] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.689] GetParent (hWnd=0x7005a) returned 0x902da
[0168.689] GetParent (hWnd=0xb02d8) returned 0xa02d2
[0168.689] SetParent (hWndChild=0xb02d8, hWndNewParent=0x902da) returned 0xa02d2
[0168.689] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0168.690] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0168.690] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0168.690] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0168.690] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0168.690] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0168.690] GetWindowRect (in: hWnd=0xb02d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0168.690] GetParent (hWnd=0xb02d8) returned 0x902da
[0168.690] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0168.690] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0168.690] GetWindowRect (in: hWnd=0xb02d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0168.691] GetParent (hWnd=0xb02d8) returned 0x902da
[0168.691] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0168.691] GetParent (hWnd=0xb02d8) returned 0x902da
[0168.691] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.691] GetWindow (hWnd=0xb02d8, uCmd=0x3) returned 0x0
[0168.691] SetWindowPos (hWnd=0xb02d8, hWndInsertAfter=0x7005a, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0168.691] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0168.692] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0168.692] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0168.692] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0168.692] GetWindowRect (in: hWnd=0xb02d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0168.692] GetParent (hWnd=0xb02d8) returned 0x902da
[0168.692] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0168.692] GetParent (hWnd=0xb02d8) returned 0x902da
[0168.692] GetWindow (hWnd=0xb02d8, uCmd=0x3) returned 0x7005a
[0168.692] GetWindowThreadProcessId (in: hWnd=0xb02d8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0168.692] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0168.693] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.693] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.693] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb013e
[0168.694] SetWindowLongW (hWnd=0xb013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0168.694] GetWindowLongW (hWnd=0xb013e, nIndex=-4) returned 1868032000
[0168.694] SetWindowLongW (hWnd=0xb013e, nIndex=-4, dwNewLong=19939206) returned 1868032000
[0168.694] GetWindowLongW (hWnd=0xb013e, nIndex=-4) returned 19939206
[0168.694] GetWindowLongW (hWnd=0xb013e, nIndex=-16) returned 1174470667
[0168.694] GetWindowLongW (hWnd=0xb013e, nIndex=-12) returned 0
[0168.694] SetWindowLongW (hWnd=0xb013e, nIndex=-12, dwNewLong=721214) returned 0
[0168.694] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0168.695] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0168.695] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0168.696] SendMessageW (hWnd=0xb013e, Msg=0x2055, wParam=0xb013e, lParam=0x3) returned 0x2
[0168.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0168.696] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0168.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0168.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0168.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0168.697] RedrawWindow (hWnd=0x7005a, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0168.697] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0168.697] RedrawWindow (hWnd=0xb02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0168.697] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0168.697] RedrawWindow (hWnd=0xb013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0168.697] RedrawWindow (hWnd=0x902da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0168.697] GetWindow (hWnd=0xb013e, uCmd=0x3) returned 0xb02d8
[0168.698] GetClientRect (in: hWnd=0xb013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0168.698] GetWindowRect (in: hWnd=0xb013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0168.698] GetParent (hWnd=0xb013e) returned 0x902da
[0168.698] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0168.698] SetWindowTextW (hWnd=0xb013e, lpString="&Details") returned 1
[0168.698] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0168.698] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0168.699] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0168.699] GetClientRect (in: hWnd=0xb013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0168.699] GetWindowRect (in: hWnd=0xb013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0168.699] GetParent (hWnd=0xb013e) returned 0x902da
[0168.699] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0168.699] SendMessageW (hWnd=0xb013e, Msg=0x2210, wParam=0x13e0001, lParam=0xb013e) returned 0x0
[0168.699] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x2210, wParam=0x13e0001, lParam=0xb013e) returned 0x0
[0168.699] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.699] GetParent (hWnd=0xb013e) returned 0x902da
[0168.699] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0168.700] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.700] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.700] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902dc
[0168.701] SetWindowLongW (hWnd=0x902dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0168.701] GetWindowLongW (hWnd=0x902dc, nIndex=-4) returned 1868032000
[0168.701] SetWindowLongW (hWnd=0x902dc, nIndex=-4, dwNewLong=19938646) returned 1868032000
[0168.702] GetWindowLongW (hWnd=0x902dc, nIndex=-4) returned 19938646
[0168.702] GetWindowLongW (hWnd=0x902dc, nIndex=-16) returned 1174470667
[0168.702] GetWindowLongW (hWnd=0x902dc, nIndex=-12) returned 0
[0168.702] SetWindowLongW (hWnd=0x902dc, nIndex=-12, dwNewLong=590556) returned 0
[0168.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0168.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0168.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0168.708] SendMessageW (hWnd=0x902dc, Msg=0x2055, wParam=0x902dc, lParam=0x3) returned 0x2
[0168.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0168.708] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0168.708] GetWindow (hWnd=0x902dc, uCmd=0x3) returned 0xb013e
[0168.708] GetClientRect (in: hWnd=0x902dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0168.708] GetWindowRect (in: hWnd=0x902dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0168.708] GetParent (hWnd=0x902dc) returned 0x902da
[0168.708] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0168.708] SetWindowTextW (hWnd=0x902dc, lpString="&Continue") returned 1
[0168.708] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0168.709] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0168.709] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0168.709] GetClientRect (in: hWnd=0x902dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0168.709] GetWindowRect (in: hWnd=0x902dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0168.709] GetParent (hWnd=0x902dc) returned 0x902da
[0168.709] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0168.709] SendMessageW (hWnd=0x902dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x902dc) returned 0x0
[0168.709] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x902dc) returned 0x0
[0168.709] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.709] GetParent (hWnd=0x902dc) returned 0x902da
[0168.709] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0168.710] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.710] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.710] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902de
[0168.711] SetWindowLongW (hWnd=0x902de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0168.711] GetWindowLongW (hWnd=0x902de, nIndex=-4) returned 1868032000
[0168.712] SetWindowLongW (hWnd=0x902de, nIndex=-4, dwNewLong=19938846) returned 1868032000
[0168.712] GetWindowLongW (hWnd=0x902de, nIndex=-4) returned 19938846
[0168.712] GetWindowLongW (hWnd=0x902de, nIndex=-16) returned 1174470667
[0168.712] GetWindowLongW (hWnd=0x902de, nIndex=-12) returned 0
[0168.712] SetWindowLongW (hWnd=0x902de, nIndex=-12, dwNewLong=590558) returned 0
[0168.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0168.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0168.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0168.714] SendMessageW (hWnd=0x902de, Msg=0x2055, wParam=0x902de, lParam=0x3) returned 0x2
[0168.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0168.714] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0168.714] GetWindow (hWnd=0x902de, uCmd=0x3) returned 0x902dc
[0168.714] GetClientRect (in: hWnd=0x902de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0168.714] GetWindowRect (in: hWnd=0x902de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0168.715] GetParent (hWnd=0x902de) returned 0x902da
[0168.715] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0168.715] SetWindowTextW (hWnd=0x902de, lpString="&Quit") returned 1
[0168.715] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0168.715] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0168.716] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0168.716] GetClientRect (in: hWnd=0x902de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0168.716] GetWindowRect (in: hWnd=0x902de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0168.716] GetParent (hWnd=0x902de) returned 0x902da
[0168.716] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0168.716] SendMessageW (hWnd=0x902de, Msg=0x2210, wParam=0x2de0001, lParam=0x902de) returned 0x0
[0168.716] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x2210, wParam=0x2de0001, lParam=0x902de) returned 0x0
[0168.716] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.717] GetParent (hWnd=0x902de) returned 0x902da
[0168.717] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0168.717] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.718] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0168.718] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc00ea
[0168.718] SetWindowLongW (hWnd=0xc00ea, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0168.718] GetWindowLongW (hWnd=0xc00ea, nIndex=-4) returned 1868026976
[0168.719] SetWindowLongW (hWnd=0xc00ea, nIndex=-4, dwNewLong=19938966) returned 1868026976
[0168.720] GetWindowLongW (hWnd=0xc00ea, nIndex=-4) returned 19938966
[0168.720] GetWindowLongW (hWnd=0xc00ea, nIndex=-16) returned 1177553092
[0168.720] GetWindowLongW (hWnd=0xc00ea, nIndex=-12) returned 0
[0168.720] SetWindowLongW (hWnd=0xc00ea, nIndex=-12, dwNewLong=786666) returned 0
[0168.720] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0168.722] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0168.723] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0168.765] GetWindow (hWnd=0xc00ea, uCmd=0x3) returned 0x902de
[0168.766] GetClientRect (in: hWnd=0xc00ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0168.766] GetWindowRect (in: hWnd=0xc00ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0168.766] GetParent (hWnd=0xc00ea) returned 0x902da
[0168.766] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0168.766] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.766] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.766] GetSystemMetrics (nIndex=42) returned 0
[0168.766] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.766] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0168.766] SendMessageW (hWnd=0xc00ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0168.766] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0168.772] SetWindowTextW (hWnd=0xc00ea, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0168.772] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0xc, wParam=0x0, lParam=0x2db0f78) returned 0x1
[0168.774] GetSystemMetrics (nIndex=5) returned 1
[0168.774] GetSystemMetrics (nIndex=6) returned 1
[0168.774] SendMessageW (hWnd=0xc00ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0168.774] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0168.775] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0168.776] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0168.776] GetClientRect (in: hWnd=0xc00ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0168.776] GetWindowRect (in: hWnd=0xc00ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0168.776] GetParent (hWnd=0xc00ea) returned 0x902da
[0168.776] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x902da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0168.776] SendMessageW (hWnd=0xc00ea, Msg=0x2210, wParam=0xea0001, lParam=0xc00ea) returned 0x0
[0168.776] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x2210, wParam=0xea0001, lParam=0xc00ea) returned 0x0
[0168.776] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0168.776] GetParent (hWnd=0xc00ea) returned 0x902da
[0168.776] GetWindowLongW (hWnd=0x902da, nIndex=-8) returned 458844
[0168.776] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0168.777] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0168.777] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfd0107a2
[0168.777] GetDeviceCaps (hdc=0xfd0107a2, index=12) returned 32
[0168.777] GetDeviceCaps (hdc=0xfd0107a2, index=14) returned 1
[0168.777] DeleteDC (hdc=0xfd0107a2) returned 1
[0168.777] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0168.777] GetWindowThreadProcessId (in: hWnd=0x902da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0168.777] GetCurrentThreadId () returned 0xf50
[0168.777] PostMessageW (hWnd=0x902da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0168.777] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.778] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.778] GetSystemMetrics (nIndex=42) returned 0
[0168.778] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.778] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0168.778] GdipImageGetFrameDimensionsCount (image=0x6600640, count=0xd7e25c) returned 0x0
[0168.778] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7910
[0168.778] GdipImageGetFrameDimensionsList (image=0x6600640, dimensionIDs=0x11f7910*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0168.778] LocalFree (hMem=0x11f7910) returned 0x0
[0168.778] GdipImageGetFrameDimensionsCount (image=0x6604150, count=0xd7e250) returned 0x0
[0168.778] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f77c0
[0168.778] GdipImageGetFrameDimensionsList (image=0x6604150, dimensionIDs=0x11f77c0*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0168.779] LocalFree (hMem=0x11f77c0) returned 0x0
[0168.779] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0168.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0168.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0168.797] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0168.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0168.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0168.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0168.799] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0168.800] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0168.800] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.800] GetSystemMetrics (nIndex=42) returned 0
[0168.800] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0168.800] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0168.800] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0168.800] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0168.800] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0xffffffff82050803
[0168.800] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0168.800] SaveDC (hdc=0x60100ce) returned 1
[0168.800] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0168.800] CreateSolidBrush (color=0xf0f0f0) returned 0x701007e1
[0168.800] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0x701007e1) returned 1
[0168.800] DeleteObject (ho=0x701007e1) returned 1
[0168.801] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0168.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0168.801] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0168.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0168.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0168.802] GetStockObject (i=5) returned 0x900015
[0168.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0168.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0168.802] GetStockObject (i=5) returned 0x900015
[0168.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0168.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0168.803] GetStockObject (i=5) returned 0x900015
[0168.803] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0168.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0168.803] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0168.803] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0168.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0168.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0168.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0168.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0168.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0168.805] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0168.805] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0168.805] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0168.805] InvalidateRect (hWnd=0xb013e, lpRect=0x0, bErase=0) returned 1
[0168.806] GetFocus () returned 0x902da
[0168.806] GetFocus () returned 0x902da
[0168.806] SetFocus (hWnd=0xb013e) returned 0x902da
[0168.807] GetFocus () returned 0xb013e
[0168.807] IsChild (hWndParent=0x902da, hWnd=0xb013e) returned 1
[0168.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x8, wParam=0xb013e, lParam=0x0) returned 0x0
[0168.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0168.810] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0168.812] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0168.812] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x7, wParam=0x902da, lParam=0x0) returned 0x0
[0168.812] GetStockObject (i=5) returned 0x900015
[0168.812] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0168.812] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0168.812] GetDlgItem (hDlg=0x902da, nIDDlgItem=721214) returned 0xb013e
[0168.812] SendMessageW (hWnd=0xb013e, Msg=0x202b, wParam=0xb013e, lParam=0xd7e0dc) returned 0x0
[0168.812] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x202b, wParam=0xb013e, lParam=0xd7e0dc) returned 0x0
[0168.812] InvalidateRect (hWnd=0xb013e, lpRect=0x0, bErase=0) returned 1
[0168.815] GetFocus () returned 0xb013e
[0168.815] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.815] IsWindowUnicode (hWnd=0x902da) returned 1
[0168.815] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.815] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.815] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0168.815] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.815] IsWindowUnicode (hWnd=0x902da) returned 1
[0168.815] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.815] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.815] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.816] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0168.816] IsWindowUnicode (hWnd=0x902da) returned 1
[0168.816] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.816] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.816] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.817] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.817] IsWindowUnicode (hWnd=0x602c4) returned 1
[0168.817] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.817] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.817] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.817] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0168.817] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0168.817] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.818] IsWindowUnicode (hWnd=0x902da) returned 1
[0168.818] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.818] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.818] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.818] BeginPaint (in: hWnd=0x902da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0168.818] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.818] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.818] GetSystemMetrics (nIndex=42) returned 0
[0168.818] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0168.819] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.819] EndPaint (hWnd=0x902da, lpPaint=0xd7e274) returned 1
[0168.820] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.820] IsWindowUnicode (hWnd=0x7005a) returned 1
[0168.820] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.820] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.820] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.820] BeginPaint (in: hWnd=0x7005a, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0168.820] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.820] CreateCompatibleDC (hdc=0x10105d6) returned 0xa20107e7
[0168.820] SelectObject (hdc=0xa20107e7, h=0x4a0507fe) returned 0x85000f
[0168.820] GdipCreateFromHDC (hdc=0xa20107e7, graphics=0xd7e2b0) returned 0x0
[0168.820] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0168.821] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0168.821] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0168.821] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0168.821] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e310) returned 0x0
[0168.821] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0168.821] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0168.821] LocalFree (hMem=0x11ee910) returned 0x0
[0168.821] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0168.821] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0168.821] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.821] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e304) returned 0x0
[0168.821] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0168.821] GetWindowTextLengthW (hWnd=0x7005a) returned 0
[0168.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0168.821] GetSystemMetrics (nIndex=42) returned 0
[0168.821] GetWindowTextW (in: hWnd=0x7005a, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0168.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0168.822] GetClientRect (in: hWnd=0x7005a, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0168.822] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0168.822] GdipGetClip (graphics=0x6600030, region=0x66442c8) returned 0x0
[0168.822] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0168.822] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0168.822] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e164) returned 0x0
[0168.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0168.822] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0168.822] LocalFree (hMem=0x11ee788) returned 0x0
[0168.822] GdipCombineRegionRegion (region=0x66442c8, region2=0x6644238, combineMode=0x1) returned 0x0
[0168.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0168.822] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0168.822] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.822] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0168.822] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0168.822] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0168.822] GdipGetRegionHRgn (region=0x66442c8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0168.822] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0168.823] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0168.823] GetCurrentObject (hdc=0xa20107e7, type=0x1) returned 0xb00017
[0168.823] GetCurrentObject (hdc=0xa20107e7, type=0x2) returned 0x900010
[0168.823] GetCurrentObject (hdc=0xa20107e7, type=0x7) returned 0x4a0507fe
[0168.823] GetCurrentObject (hdc=0xa20107e7, type=0x6) returned 0x8a01c2
[0168.823] SaveDC (hdc=0xa20107e7) returned 1
[0168.823] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x37040807
[0168.823] GetClipRgn (hdc=0xa20107e7, hrgn=0x37040807) returned 0
[0168.823] SelectClipRgn (hdc=0xa20107e7, hrgn=0xb80407de) returned 2
[0168.823] DeleteObject (ho=0x37040807) returned 1
[0168.823] DeleteObject (ho=0xb80407de) returned 1
[0168.823] OffsetViewportOrgEx (in: hdc=0xa20107e7, x=0, y=0, lppt=0x2db6ad8 | out: lppt=0x2db6ad8) returned 1
[0168.823] GetNearestColor (hdc=0xa20107e7, color=0xf0f0f0) returned 0xf0f0f0
[0168.823] CreateSolidBrush (color=0xf0f0f0) returned 0x711007e1
[0168.823] FillRect (hDC=0xa20107e7, lprc=0xd7e198, hbr=0x711007e1) returned 1
[0168.824] DeleteObject (ho=0x711007e1) returned 1
[0168.824] RestoreDC (hdc=0xa20107e7, nSavedDC=-1) returned 1
[0168.824] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107e7) returned 0x0
[0168.824] GdipRestoreGraphics (graphics=0x6600030, state=0xfc720dbd) returned 0x0
[0168.824] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.824] GetWindowTextLengthW (hWnd=0x7005a) returned 0
[0168.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0168.824] GetSystemMetrics (nIndex=42) returned 0
[0168.824] GetWindowTextW (in: hWnd=0x7005a, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0168.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0168.824] GdipGetImageWidth (image=0x6600640, width=0xd7e1e0) returned 0x0
[0168.824] GdipGetImageHeight (image=0x6600640, height=0xd7e1e0) returned 0x0
[0168.824] GdipGetImageWidth (image=0x6600640, width=0xd7e1cc) returned 0x0
[0168.824] GdipGetImageHeight (image=0x6600640, height=0xd7e1cc) returned 0x0
[0168.824] GdipDrawImageRectI (graphics=0x6600030, image=0x6600640, x=16, y=16, width=32, height=32) returned 0x0
[0168.824] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0168.825] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0xa20107e7, x1=0, y1=0, rop=0xcc0020) returned 1
[0168.825] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107e7) returned 0x0
[0168.825] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.825] SelectObject (hdc=0xa20107e7, h=0x85000f) returned 0x4a0507fe
[0168.835] DeleteDC (hdc=0xa20107e7) returned 1
[0168.835] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.835] EndPaint (hWnd=0x7005a, lpPaint=0xd7e294) returned 1
[0168.835] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0168.836] IsWindowUnicode (hWnd=0x902dc) returned 1
[0168.836] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0168.836] SetCursor (hCursor=0x10003) returned 0x10003
[0168.836] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.836] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.836] _TrackMouseEvent (in: lpEventTrack=0x2db6ba4 | out: lpEventTrack=0x2db6ba4) returned 1
[0168.836] SendMessageW (hWnd=0x902dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0168.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0168.836] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0168.837] GetKeyState (nVirtKey=1) returned 0
[0168.837] GetKeyState (nVirtKey=2) returned 0
[0168.837] GetKeyState (nVirtKey=4) returned 0
[0168.837] GetKeyState (nVirtKey=5) returned 0
[0168.837] GetKeyState (nVirtKey=6) returned 0
[0168.837] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.837] IsWindowUnicode (hWnd=0xb02d8) returned 1
[0168.837] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.837] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.837] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.837] BeginPaint (in: hWnd=0xb02d8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0168.837] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.837] CreateCompatibleDC (hdc=0x60100ce) returned 0xa40107e7
[0168.837] GetObjectType (h=0x60100ce) returned 0x3
[0168.837] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0x80507a2
[0168.838] GetDIBits (in: hdc=0x60100ce, hbm=0x80507a2, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0168.838] GetDIBits (in: hdc=0x60100ce, hbm=0x80507a2, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0168.838] DeleteObject (ho=0x80507a2) returned 1
[0168.838] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xf20507e8
[0168.838] SelectObject (hdc=0xa40107e7, h=0xf20507e8) returned 0x85000f
[0168.838] GdipCreateFromHDC (hdc=0xa40107e7, graphics=0xd7e234) returned 0x0
[0168.838] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0168.839] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0168.839] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0168.839] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0168.839] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2d4) returned 0x0
[0168.839] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0168.839] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0168.839] LocalFree (hMem=0x11ee868) returned 0x0
[0168.839] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0168.839] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0168.839] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.839] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0168.839] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0168.839] GetWindowTextLengthW (hWnd=0xb02d8) returned 232
[0168.839] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0168.839] GetSystemMetrics (nIndex=42) returned 0
[0168.839] GetWindowTextW (in: hWnd=0xb02d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0168.839] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0168.840] GetClientRect (in: hWnd=0xb02d8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0168.840] GdipCreateRegion (region=0xd7e110) returned 0x0
[0168.840] GdipGetClip (graphics=0x6600030, region=0x6644478) returned 0x0
[0168.840] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0168.840] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0168.840] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e128) returned 0x0
[0168.840] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0168.840] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0168.840] LocalFree (hMem=0x11ee868) returned 0x0
[0168.840] GdipCombineRegionRegion (region=0x6644478, region2=0x6644238, combineMode=0x1) returned 0x0
[0168.840] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0168.840] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0168.840] LocalFree (hMem=0x11eec58) returned 0x0
[0168.840] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0168.840] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e150) returned 0x0
[0168.840] GdipIsInfiniteRegion (region=0x6644478, graphics=0x6600030, result=0xd7e140) returned 0x0
[0168.840] GdipGetRegionHRgn (region=0x6644478, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0168.841] GdipDeleteRegion (region=0x6644478) returned 0x0
[0168.841] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0168.841] GetCurrentObject (hdc=0xa40107e7, type=0x1) returned 0xb00017
[0168.841] GetCurrentObject (hdc=0xa40107e7, type=0x2) returned 0x900010
[0168.841] GetCurrentObject (hdc=0xa40107e7, type=0x7) returned 0xfffffffff20507e8
[0168.841] GetCurrentObject (hdc=0xa40107e7, type=0x6) returned 0x8a01c2
[0168.841] SaveDC (hdc=0xa40107e7) returned 1
[0168.842] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb90407de
[0168.842] GetClipRgn (hdc=0xa40107e7, hrgn=0xb90407de) returned 0
[0168.842] SelectClipRgn (hdc=0xa40107e7, hrgn=0x38040807) returned 2
[0168.842] DeleteObject (ho=0xb90407de) returned 1
[0168.842] DeleteObject (ho=0x38040807) returned 1
[0168.842] OffsetViewportOrgEx (in: hdc=0xa40107e7, x=0, y=0, lppt=0x2db84f8 | out: lppt=0x2db84f8) returned 1
[0168.842] GetNearestColor (hdc=0xa40107e7, color=0xf0f0f0) returned 0xf0f0f0
[0168.842] CreateSolidBrush (color=0xf0f0f0) returned 0x721007e1
[0168.842] FillRect (hDC=0xa40107e7, lprc=0xd7e15c, hbr=0x721007e1) returned 1
[0168.844] DeleteObject (ho=0x721007e1) returned 1
[0168.844] RestoreDC (hdc=0xa40107e7, nSavedDC=-1) returned 1
[0168.844] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107e7) returned 0x0
[0168.844] GdipRestoreGraphics (graphics=0x6600030, state=0xfc700dbd) returned 0x0
[0168.844] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.844] GetWindowTextLengthW (hWnd=0xb02d8) returned 232
[0168.844] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0168.844] GetSystemMetrics (nIndex=42) returned 0
[0168.844] GetWindowTextW (in: hWnd=0xb02d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0168.844] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0168.844] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0168.844] GetCurrentObject (hdc=0xa40107e7, type=0x1) returned 0xb00017
[0168.844] GetCurrentObject (hdc=0xa40107e7, type=0x2) returned 0x900010
[0168.844] GetCurrentObject (hdc=0xa40107e7, type=0x7) returned 0xfffffffff20507e8
[0168.844] GetCurrentObject (hdc=0xa40107e7, type=0x6) returned 0x8a01c2
[0168.844] SaveDC (hdc=0xa40107e7) returned 1
[0168.845] GetNearestColor (hdc=0xa40107e7, color=0x0) returned 0x0
[0168.845] RestoreDC (hdc=0xa40107e7, nSavedDC=-1) returned 1
[0168.845] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107e7) returned 0x0
[0168.845] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0168.845] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0168.846] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2db8cf4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0168.846] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0168.846] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0168.846] GetCurrentObject (hdc=0xa40107e7, type=0x1) returned 0xb00017
[0168.846] GetCurrentObject (hdc=0xa40107e7, type=0x2) returned 0x900010
[0168.846] GetCurrentObject (hdc=0xa40107e7, type=0x7) returned 0xfffffffff20507e8
[0168.846] GetCurrentObject (hdc=0xa40107e7, type=0x6) returned 0x8a01c2
[0168.846] SaveDC (hdc=0xa40107e7) returned 1
[0168.846] GetTextAlign (hdc=0xa40107e7) returned 0x0
[0168.846] GetTextColor (hdc=0xa40107e7) returned 0x0
[0168.846] GetCurrentObject (hdc=0xa40107e7, type=0x6) returned 0x8a01c2
[0168.847] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0168.847] SelectObject (hdc=0xa40107e7, h=0x6d0a0520) returned 0x8a01c2
[0168.847] GetBkMode (hdc=0xa40107e7) returned 2
[0168.847] SetBkMode (hdc=0xa40107e7, mode=1) returned 2
[0168.847] DrawTextExW (in: hdc=0xa40107e7, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2db8f18 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0168.850] RestoreDC (hdc=0xa40107e7, nSavedDC=-1) returned 1
[0168.850] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107e7) returned 0x0
[0168.851] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0168.851] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0xa40107e7, x1=0, y1=0, rop=0xcc0020) returned 1
[0168.851] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107e7) returned 0x0
[0168.851] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.851] SelectObject (hdc=0xa40107e7, h=0x85000f) returned 0xf20507e8
[0168.851] DeleteDC (hdc=0xa40107e7) returned 1
[0168.851] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.851] DeleteObject (ho=0xf20507e8) returned 1
[0168.852] EndPaint (hWnd=0xb02d8, lpPaint=0xd7e258) returned 1
[0168.852] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.852] IsWindowUnicode (hWnd=0xb013e) returned 1
[0168.852] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.852] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.852] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.852] BeginPaint (in: hWnd=0xb013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0168.853] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.853] CreateCompatibleDC (hdc=0xc0107c5) returned 0xa0107a2
[0168.853] SelectObject (hdc=0xa0107a2, h=0x4a0507fe) returned 0x85000f
[0168.853] GdipCreateFromHDC (hdc=0xa0107a2, graphics=0xd7e268) returned 0x0
[0168.853] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0168.853] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0168.853] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0168.853] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0168.853] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0168.853] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0168.853] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee910) returned 0x0
[0168.853] LocalFree (hMem=0x11ee910) returned 0x0
[0168.854] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0168.854] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0168.854] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.854] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0168.854] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0168.854] GdipRestoreGraphics (graphics=0x6600030, state=0xfc6e0dbd) returned 0x0
[0168.854] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.854] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0168.854] GetCurrentObject (hdc=0xa0107a2, type=0x1) returned 0xb00017
[0168.854] GetCurrentObject (hdc=0xa0107a2, type=0x2) returned 0x900010
[0168.854] GetCurrentObject (hdc=0xa0107a2, type=0x7) returned 0x4a0507fe
[0168.854] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.854] SaveDC (hdc=0xa0107a2) returned 1
[0168.854] GetNearestColor (hdc=0xa0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.854] GetNearestColor (hdc=0xa0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0168.854] GetNearestColor (hdc=0xa0107a2, color=0x696969) returned 0x696969
[0168.855] GetNearestColor (hdc=0xa0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0168.855] GetNearestColor (hdc=0xa0107a2, color=0x0) returned 0x0
[0168.855] GetNearestColor (hdc=0xa0107a2, color=0xffffff) returned 0xffffff
[0168.855] GetNearestColor (hdc=0xa0107a2, color=0xe5e5e5) returned 0xe5e5e5
[0168.855] GetNearestColor (hdc=0xa0107a2, color=0xd7d7d7) returned 0xd7d7d7
[0168.855] GetNearestColor (hdc=0xa0107a2, color=0x0) returned 0x0
[0168.855] RestoreDC (hdc=0xa0107a2, nSavedDC=-1) returned 1
[0168.855] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107a2) returned 0x0
[0168.855] IsAppThemed () returned 0x1
[0168.855] GetThemeAppProperties () returned 0x3
[0168.855] GetThemeAppProperties () returned 0x3
[0168.855] GdipGetImageWidth (image=0x6604150, width=0xd7e168) returned 0x0
[0168.855] GdipGetImageHeight (image=0x6604150, height=0xd7e168) returned 0x0
[0168.855] IsAppThemed () returned 0x1
[0168.856] GetThemeAppProperties () returned 0x3
[0168.856] GetThemeAppProperties () returned 0x3
[0168.856] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2db9668 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0168.856] IsAppThemed () returned 0x1
[0168.856] GetThemeAppProperties () returned 0x3
[0168.856] GetThemeAppProperties () returned 0x3
[0168.856] IsAppThemed () returned 0x1
[0168.856] GetThemeAppProperties () returned 0x3
[0168.856] GetThemeAppProperties () returned 0x3
[0168.861] GetFocus () returned 0xb013e
[0168.861] IsAppThemed () returned 0x1
[0168.861] GetThemeAppProperties () returned 0x3
[0168.861] GetThemeAppProperties () returned 0x3
[0168.861] IsAppThemed () returned 0x1
[0168.861] GetThemeAppProperties () returned 0x3
[0168.861] GetThemeAppProperties () returned 0x3
[0168.861] IsThemePartDefined () returned 0x1
[0168.861] IsAppThemed () returned 0x1
[0168.862] GetThemeAppProperties () returned 0x3
[0168.862] GetThemeAppProperties () returned 0x3
[0168.862] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0168.862] IsAppThemed () returned 0x1
[0168.862] GetThemeAppProperties () returned 0x3
[0168.862] GetThemeAppProperties () returned 0x3
[0168.862] IsAppThemed () returned 0x1
[0168.862] GetThemeAppProperties () returned 0x3
[0168.862] GetThemeAppProperties () returned 0x3
[0168.862] IsThemePartDefined () returned 0x1
[0168.862] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0168.862] GdipGetClip (graphics=0x6600030, region=0x66442c8) returned 0x0
[0168.862] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0168.862] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0168.862] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0168.862] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0168.862] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0168.862] LocalFree (hMem=0x11eec58) returned 0x0
[0168.862] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0168.862] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0168.863] LocalFree (hMem=0x11ee788) returned 0x0
[0168.863] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0168.863] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0168.863] GdipIsInfiniteRegion (region=0x66442c8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0168.863] GdipGetRegionHRgn (region=0x66442c8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0168.863] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0168.863] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0168.863] GetCurrentObject (hdc=0xa0107a2, type=0x1) returned 0xb00017
[0168.863] GetCurrentObject (hdc=0xa0107a2, type=0x2) returned 0x900010
[0168.863] GetCurrentObject (hdc=0xa0107a2, type=0x7) returned 0x4a0507fe
[0168.863] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.863] SaveDC (hdc=0xa0107a2) returned 1
[0168.863] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x39040807
[0168.863] GetClipRgn (hdc=0xa0107a2, hrgn=0x39040807) returned 0
[0168.863] SelectClipRgn (hdc=0xa0107a2, hrgn=0xbd0407de) returned 2
[0168.863] DeleteObject (ho=0x39040807) returned 1
[0168.864] DeleteObject (ho=0xbd0407de) returned 1
[0168.864] OffsetViewportOrgEx (in: hdc=0xa0107a2, x=0, y=0, lppt=0x2db9d18 | out: lppt=0x2db9d18) returned 1
[0168.864] DrawThemeParentBackground () returned 0x0
[0168.864] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0168.864] GetClientRect (in: hWnd=0x902da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0168.864] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.864] GetSystemMetrics (nIndex=42) returned 0
[0168.864] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0168.864] GetClientRect (in: hWnd=0x902da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0168.864] GetCurrentObject (hdc=0xa0107a2, type=0x1) returned 0xb00017
[0168.864] GetCurrentObject (hdc=0xa0107a2, type=0x2) returned 0x900010
[0168.864] GetCurrentObject (hdc=0xa0107a2, type=0x7) returned 0x4a0507fe
[0168.864] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.865] SaveDC (hdc=0xa0107a2) returned 2
[0168.865] GetNearestColor (hdc=0xa0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.865] CreateSolidBrush (color=0xf0f0f0) returned 0x731007e1
[0168.865] FillRect (hDC=0xa0107a2, lprc=0xd7da38, hbr=0x731007e1) returned 1
[0168.865] DeleteObject (ho=0x731007e1) returned 1
[0168.865] RestoreDC (hdc=0xa0107a2, nSavedDC=-1) returned 1
[0168.865] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.865] GetSystemMetrics (nIndex=42) returned 0
[0168.865] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0168.865] GetClientRect (in: hWnd=0x902da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0168.865] GetCurrentObject (hdc=0xa0107a2, type=0x1) returned 0xb00017
[0168.865] GetCurrentObject (hdc=0xa0107a2, type=0x2) returned 0x900010
[0168.865] GetCurrentObject (hdc=0xa0107a2, type=0x7) returned 0x4a0507fe
[0168.865] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.866] SaveDC (hdc=0xa0107a2) returned 2
[0168.866] GetNearestColor (hdc=0xa0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.866] CreateSolidBrush (color=0xf0f0f0) returned 0x741007e1
[0168.866] FillRect (hDC=0xa0107a2, lprc=0xd7d9d8, hbr=0x741007e1) returned 1
[0168.866] DeleteObject (ho=0x741007e1) returned 1
[0168.866] RestoreDC (hdc=0xa0107a2, nSavedDC=-1) returned 1
[0168.866] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.866] GetSystemMetrics (nIndex=42) returned 0
[0168.866] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0168.866] RestoreDC (hdc=0xa0107a2, nSavedDC=-1) returned 1
[0168.866] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107a2) returned 0x0
[0168.866] IsAppThemed () returned 0x1
[0168.867] GetThemeAppProperties () returned 0x3
[0168.867] GetThemeAppProperties () returned 0x3
[0168.867] IsAppThemed () returned 0x1
[0168.867] GetThemeAppProperties () returned 0x3
[0168.867] GetThemeAppProperties () returned 0x3
[0168.867] IsThemePartDefined () returned 0x1
[0168.867] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0168.867] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.867] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0168.867] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0168.867] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0168.867] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0168.867] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.867] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0168.867] LocalFree (hMem=0x11ee788) returned 0x0
[0168.867] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0168.867] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0168.867] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0168.868] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0168.868] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.868] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0168.868] GetCurrentObject (hdc=0xa0107a2, type=0x1) returned 0xb00017
[0168.868] GetCurrentObject (hdc=0xa0107a2, type=0x2) returned 0x900010
[0168.868] GetCurrentObject (hdc=0xa0107a2, type=0x7) returned 0x4a0507fe
[0168.868] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.868] SaveDC (hdc=0xa0107a2) returned 1
[0168.868] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbe0407de
[0168.868] GetClipRgn (hdc=0xa0107a2, hrgn=0xbe0407de) returned 0
[0168.868] SelectClipRgn (hdc=0xa0107a2, hrgn=0x3b040807) returned 2
[0168.868] DeleteObject (ho=0xbe0407de) returned 1
[0168.868] DeleteObject (ho=0x3b040807) returned 1
[0168.868] OffsetViewportOrgEx (in: hdc=0xa0107a2, x=0, y=0, lppt=0x2dba5c4 | out: lppt=0x2dba5c4) returned 1
[0168.868] IsAppThemed () returned 0x1
[0168.868] GetThemeAppProperties () returned 0x3
[0168.869] GetThemeAppProperties () returned 0x3
[0168.869] DrawThemeBackground () returned 0x0
[0168.869] RestoreDC (hdc=0xa0107a2, nSavedDC=-1) returned 1
[0168.869] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107a2) returned 0x0
[0168.869] GdipCreateRegion (region=0xd7df60) returned 0x0
[0168.869] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.869] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0168.869] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0168.869] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0168.869] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0168.869] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0168.869] LocalFree (hMem=0x11ee788) returned 0x0
[0168.869] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0168.869] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0168.869] LocalFree (hMem=0x11eec58) returned 0x0
[0168.869] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0168.869] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0168.869] GdipIsInfiniteRegion (region=0x6644238, graphics=0x6600030, result=0xd7df90) returned 0x0
[0168.870] GdipGetRegionHRgn (region=0x6644238, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0168.870] GdipDeleteRegion (region=0x6644238) returned 0x0
[0168.870] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0168.870] GetCurrentObject (hdc=0xa0107a2, type=0x1) returned 0xb00017
[0168.870] GetCurrentObject (hdc=0xa0107a2, type=0x2) returned 0x900010
[0168.870] GetCurrentObject (hdc=0xa0107a2, type=0x7) returned 0x4a0507fe
[0168.870] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.870] SaveDC (hdc=0xa0107a2) returned 1
[0168.870] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3c040807
[0168.870] GetClipRgn (hdc=0xa0107a2, hrgn=0x3c040807) returned 0
[0168.870] SelectClipRgn (hdc=0xa0107a2, hrgn=0xbf0407de) returned 2
[0168.870] DeleteObject (ho=0x3c040807) returned 1
[0168.870] DeleteObject (ho=0xbf0407de) returned 1
[0168.870] OffsetViewportOrgEx (in: hdc=0xa0107a2, x=0, y=0, lppt=0x2dba898 | out: lppt=0x2dba898) returned 1
[0168.870] IsAppThemed () returned 0x1
[0168.871] GetThemeAppProperties () returned 0x3
[0168.871] GetThemeAppProperties () returned 0x3
[0168.871] GetThemeBackgroundContentRect () returned 0x0
[0168.871] RestoreDC (hdc=0xa0107a2, nSavedDC=-1) returned 1
[0168.871] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107a2) returned 0x0
[0168.871] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0168.871] GdipGetClip (graphics=0x6600030, region=0x6644238) returned 0x0
[0168.871] GdipCloneRegion (region=0x6644238, cloneRegion=0xd7e150) returned 0x0
[0168.871] GdipCombineRegionRectI (region=0x66442c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0168.871] GdipCombineRegionRectI (region=0x66442c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0168.871] GdipSetClipRegion (graphics=0x6600030, region=0x66442c8, combineMode=0x0) returned 0x0
[0168.871] GdipGetImageWidth (image=0x6604150, width=0xd7e154) returned 0x0
[0168.871] GdipGetImageHeight (image=0x6604150, height=0xd7e148) returned 0x0
[0168.871] GdipDrawImageRectI (graphics=0x6600030, image=0x6604150, x=4, y=4, width=16, height=16) returned 0x0
[0168.871] GdipSetClipRegion (graphics=0x6600030, region=0x6644238, combineMode=0x0) returned 0x0
[0168.871] IsAppThemed () returned 0x1
[0168.871] GetThemeAppProperties () returned 0x3
[0168.872] GetThemeAppProperties () returned 0x3
[0168.872] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0168.872] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0168.872] GetCurrentObject (hdc=0xa0107a2, type=0x1) returned 0xb00017
[0168.872] GetCurrentObject (hdc=0xa0107a2, type=0x2) returned 0x900010
[0168.872] GetCurrentObject (hdc=0xa0107a2, type=0x7) returned 0x4a0507fe
[0168.872] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.872] SaveDC (hdc=0xa0107a2) returned 1
[0168.873] GetTextAlign (hdc=0xa0107a2) returned 0x0
[0168.873] GetTextColor (hdc=0xa0107a2) returned 0x0
[0168.873] GetCurrentObject (hdc=0xa0107a2, type=0x6) returned 0x8a01c2
[0168.873] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0168.873] SelectObject (hdc=0xa0107a2, h=0x6d0a0520) returned 0x8a01c2
[0168.873] GetBkMode (hdc=0xa0107a2) returned 2
[0168.873] SetBkMode (hdc=0xa0107a2, mode=1) returned 2
[0168.873] DrawTextExW (in: hdc=0xa0107a2, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2dbac58 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0168.873] DrawTextExW (in: hdc=0xa0107a2, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dbac58 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0168.874] RestoreDC (hdc=0xa0107a2, nSavedDC=-1) returned 1
[0168.874] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107a2) returned 0x0
[0168.874] GetFocus () returned 0xb013e
[0168.874] IsAppThemed () returned 0x1
[0168.874] GetThemeAppProperties () returned 0x3
[0168.874] GetThemeAppProperties () returned 0x3
[0168.874] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0168.874] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xa0107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0168.874] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107a2) returned 0x0
[0168.874] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.874] SelectObject (hdc=0xa0107a2, h=0x85000f) returned 0x4a0507fe
[0168.875] DeleteDC (hdc=0xa0107a2) returned 1
[0168.875] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.875] EndPaint (hWnd=0xb013e, lpPaint=0xd7e24c) returned 1
[0168.875] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.875] IsWindowUnicode (hWnd=0x902dc) returned 1
[0168.875] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.875] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.875] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.875] BeginPaint (in: hWnd=0x902dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0168.875] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.876] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc0107a2
[0168.876] SelectObject (hdc=0xc0107a2, h=0x4a0507fe) returned 0x85000f
[0168.876] GdipCreateFromHDC (hdc=0xc0107a2, graphics=0xd7e268) returned 0x0
[0168.876] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0168.876] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0168.876] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0168.876] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0168.876] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0168.876] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0168.876] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0168.876] LocalFree (hMem=0x11ee788) returned 0x0
[0168.876] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0168.876] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0168.876] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0168.877] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0168.877] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0168.877] GdipRestoreGraphics (graphics=0x6600030, state=0xfc6c0dbd) returned 0x0
[0168.877] GdipDeleteRegion (region=0x6644358) returned 0x0
[0168.877] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0168.877] GetCurrentObject (hdc=0xc0107a2, type=0x1) returned 0xb00017
[0168.877] GetCurrentObject (hdc=0xc0107a2, type=0x2) returned 0x900010
[0168.877] GetCurrentObject (hdc=0xc0107a2, type=0x7) returned 0x4a0507fe
[0168.877] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.877] SaveDC (hdc=0xc0107a2) returned 1
[0168.877] GetNearestColor (hdc=0xc0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.877] GetNearestColor (hdc=0xc0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0168.877] GetNearestColor (hdc=0xc0107a2, color=0x696969) returned 0x696969
[0168.877] GetNearestColor (hdc=0xc0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0168.878] GetNearestColor (hdc=0xc0107a2, color=0x0) returned 0x0
[0168.878] GetNearestColor (hdc=0xc0107a2, color=0xffffff) returned 0xffffff
[0168.878] GetNearestColor (hdc=0xc0107a2, color=0xe5e5e5) returned 0xe5e5e5
[0168.878] GetNearestColor (hdc=0xc0107a2, color=0xd7d7d7) returned 0xd7d7d7
[0168.878] GetNearestColor (hdc=0xc0107a2, color=0x0) returned 0x0
[0168.878] RestoreDC (hdc=0xc0107a2, nSavedDC=-1) returned 1
[0168.878] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107a2) returned 0x0
[0168.878] IsAppThemed () returned 0x1
[0168.878] GetThemeAppProperties () returned 0x3
[0168.878] GetThemeAppProperties () returned 0x3
[0168.878] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0168.878] SendMessageW (hWnd=0x902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0168.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0168.878] IsAppThemed () returned 0x1
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2dbb468 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0168.879] IsAppThemed () returned 0x1
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] IsAppThemed () returned 0x1
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] IsAppThemed () returned 0x1
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] IsAppThemed () returned 0x1
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] GetThemeAppProperties () returned 0x3
[0168.879] IsThemePartDefined () returned 0x1
[0168.879] IsAppThemed () returned 0x1
[0168.880] GetThemeAppProperties () returned 0x3
[0168.880] GetThemeAppProperties () returned 0x3
[0168.880] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0168.880] IsAppThemed () returned 0x1
[0168.880] GetThemeAppProperties () returned 0x3
[0168.880] GetThemeAppProperties () returned 0x3
[0168.880] IsAppThemed () returned 0x1
[0168.880] GetThemeAppProperties () returned 0x3
[0168.880] GetThemeAppProperties () returned 0x3
[0168.880] IsThemePartDefined () returned 0x1
[0168.880] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0168.880] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0168.880] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0168.880] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0168.880] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfe4) returned 0x0
[0168.880] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0168.880] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0168.880] LocalFree (hMem=0x11ee868) returned 0x0
[0168.880] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0168.880] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0168.881] LocalFree (hMem=0x11eecc8) returned 0x0
[0168.881] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0168.881] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0168.881] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0168.881] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0168.881] GdipDeleteRegion (region=0x6644358) returned 0x0
[0168.881] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0168.881] GetCurrentObject (hdc=0xc0107a2, type=0x1) returned 0xb00017
[0168.881] GetCurrentObject (hdc=0xc0107a2, type=0x2) returned 0x900010
[0168.881] GetCurrentObject (hdc=0xc0107a2, type=0x7) returned 0x4a0507fe
[0168.881] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.881] SaveDC (hdc=0xc0107a2) returned 1
[0168.881] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc00407de
[0168.881] GetClipRgn (hdc=0xc0107a2, hrgn=0xc00407de) returned 0
[0168.881] SelectClipRgn (hdc=0xc0107a2, hrgn=0x40040807) returned 2
[0168.882] DeleteObject (ho=0xc00407de) returned 1
[0168.882] DeleteObject (ho=0x40040807) returned 1
[0168.882] OffsetViewportOrgEx (in: hdc=0xc0107a2, x=0, y=0, lppt=0x2dbbb18 | out: lppt=0x2dbbb18) returned 1
[0168.882] DrawThemeParentBackground () returned 0x0
[0168.882] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0168.882] GetClientRect (in: hWnd=0x902da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0168.882] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.882] GetSystemMetrics (nIndex=42) returned 0
[0168.882] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0168.882] GetClientRect (in: hWnd=0x902da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0168.882] GetCurrentObject (hdc=0xc0107a2, type=0x1) returned 0xb00017
[0168.882] GetCurrentObject (hdc=0xc0107a2, type=0x2) returned 0x900010
[0168.882] GetCurrentObject (hdc=0xc0107a2, type=0x7) returned 0x4a0507fe
[0168.882] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.883] SaveDC (hdc=0xc0107a2) returned 2
[0168.883] GetNearestColor (hdc=0xc0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.883] CreateSolidBrush (color=0xf0f0f0) returned 0x751007e1
[0168.883] FillRect (hDC=0xc0107a2, lprc=0xd7da30, hbr=0x751007e1) returned 1
[0168.883] DeleteObject (ho=0x751007e1) returned 1
[0168.883] RestoreDC (hdc=0xc0107a2, nSavedDC=-1) returned 1
[0168.883] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.883] GetSystemMetrics (nIndex=42) returned 0
[0168.883] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0168.883] GetClientRect (in: hWnd=0x902da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0168.883] GetCurrentObject (hdc=0xc0107a2, type=0x1) returned 0xb00017
[0168.883] GetCurrentObject (hdc=0xc0107a2, type=0x2) returned 0x900010
[0168.884] GetCurrentObject (hdc=0xc0107a2, type=0x7) returned 0x4a0507fe
[0168.884] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.884] SaveDC (hdc=0xc0107a2) returned 2
[0168.884] GetNearestColor (hdc=0xc0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.884] CreateSolidBrush (color=0xf0f0f0) returned 0x761007e1
[0168.884] FillRect (hDC=0xc0107a2, lprc=0xd7d9d0, hbr=0x761007e1) returned 1
[0168.884] DeleteObject (ho=0x761007e1) returned 1
[0168.884] RestoreDC (hdc=0xc0107a2, nSavedDC=-1) returned 1
[0168.884] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.884] GetSystemMetrics (nIndex=42) returned 0
[0168.884] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0168.885] RestoreDC (hdc=0xc0107a2, nSavedDC=-1) returned 1
[0168.885] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107a2) returned 0x0
[0168.885] IsAppThemed () returned 0x1
[0168.885] GetThemeAppProperties () returned 0x3
[0168.885] GetThemeAppProperties () returned 0x3
[0168.885] IsAppThemed () returned 0x1
[0168.885] GetThemeAppProperties () returned 0x3
[0168.885] GetThemeAppProperties () returned 0x3
[0168.885] IsThemePartDefined () returned 0x1
[0168.885] GdipCreateRegion (region=0xd7df50) returned 0x0
[0168.885] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0168.885] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0168.885] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0168.885] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0168.885] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0168.885] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0168.885] LocalFree (hMem=0x11ee868) returned 0x0
[0168.885] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0168.886] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0168.886] LocalFree (hMem=0x11ee788) returned 0x0
[0168.886] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0168.886] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df90) returned 0x0
[0168.886] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df80) returned 0x0
[0168.886] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0168.886] GdipDeleteRegion (region=0x6644358) returned 0x0
[0168.886] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0168.886] GetCurrentObject (hdc=0xc0107a2, type=0x1) returned 0xb00017
[0168.886] GetCurrentObject (hdc=0xc0107a2, type=0x2) returned 0x900010
[0168.886] GetCurrentObject (hdc=0xc0107a2, type=0x7) returned 0x4a0507fe
[0168.886] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.886] SaveDC (hdc=0xc0107a2) returned 1
[0168.886] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x41040807
[0168.886] GetClipRgn (hdc=0xc0107a2, hrgn=0x41040807) returned 0
[0168.886] SelectClipRgn (hdc=0xc0107a2, hrgn=0xc20407de) returned 2
[0168.887] DeleteObject (ho=0x41040807) returned 1
[0168.887] DeleteObject (ho=0xc20407de) returned 1
[0168.887] OffsetViewportOrgEx (in: hdc=0xc0107a2, x=0, y=0, lppt=0x2dbc3c4 | out: lppt=0x2dbc3c4) returned 1
[0168.887] IsAppThemed () returned 0x1
[0168.887] GetThemeAppProperties () returned 0x3
[0168.887] GetThemeAppProperties () returned 0x3
[0168.887] DrawThemeBackground () returned 0x0
[0168.887] RestoreDC (hdc=0xc0107a2, nSavedDC=-1) returned 1
[0168.887] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107a2) returned 0x0
[0168.887] GdipCreateRegion (region=0xd7df54) returned 0x0
[0168.887] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0168.887] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0168.887] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0168.887] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df6c) returned 0x0
[0168.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0168.887] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0168.969] LocalFree (hMem=0x11ee788) returned 0x0
[0168.969] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0168.969] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0168.969] LocalFree (hMem=0x11eec58) returned 0x0
[0168.969] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0168.969] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df94) returned 0x0
[0168.969] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df84) returned 0x0
[0168.969] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0168.969] GdipDeleteRegion (region=0x6644358) returned 0x0
[0168.969] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0168.969] GetCurrentObject (hdc=0xc0107a2, type=0x1) returned 0xb00017
[0168.969] GetCurrentObject (hdc=0xc0107a2, type=0x2) returned 0x900010
[0168.969] GetCurrentObject (hdc=0xc0107a2, type=0x7) returned 0x4a0507fe
[0168.969] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.969] SaveDC (hdc=0xc0107a2) returned 1
[0168.970] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc30407de
[0168.970] GetClipRgn (hdc=0xc0107a2, hrgn=0xc30407de) returned 0
[0168.970] SelectClipRgn (hdc=0xc0107a2, hrgn=0x42040807) returned 2
[0168.970] DeleteObject (ho=0xc30407de) returned 1
[0168.970] DeleteObject (ho=0x42040807) returned 1
[0168.970] OffsetViewportOrgEx (in: hdc=0xc0107a2, x=0, y=0, lppt=0x2dbc698 | out: lppt=0x2dbc698) returned 1
[0168.970] IsAppThemed () returned 0x1
[0168.970] GetThemeAppProperties () returned 0x3
[0168.970] GetThemeAppProperties () returned 0x3
[0168.970] GetThemeBackgroundContentRect () returned 0x0
[0168.970] RestoreDC (hdc=0xc0107a2, nSavedDC=-1) returned 1
[0168.970] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107a2) returned 0x0
[0168.970] IsAppThemed () returned 0x1
[0168.970] GetThemeAppProperties () returned 0x3
[0168.970] GetThemeAppProperties () returned 0x3
[0168.970] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0168.970] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0168.971] GetCurrentObject (hdc=0xc0107a2, type=0x1) returned 0xb00017
[0168.971] GetCurrentObject (hdc=0xc0107a2, type=0x2) returned 0x900010
[0168.971] GetCurrentObject (hdc=0xc0107a2, type=0x7) returned 0x4a0507fe
[0168.971] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.971] SaveDC (hdc=0xc0107a2) returned 1
[0168.971] GetTextAlign (hdc=0xc0107a2) returned 0x0
[0168.971] GetTextColor (hdc=0xc0107a2) returned 0x0
[0168.971] GetCurrentObject (hdc=0xc0107a2, type=0x6) returned 0x8a01c2
[0168.971] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0168.971] SelectObject (hdc=0xc0107a2, h=0x6d0a0520) returned 0x8a01c2
[0168.971] GetBkMode (hdc=0xc0107a2) returned 2
[0168.971] SetBkMode (hdc=0xc0107a2, mode=1) returned 2
[0168.971] DrawTextExW (in: hdc=0xc0107a2, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2dbca38 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0168.972] DrawTextExW (in: hdc=0xc0107a2, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2dbca38 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0168.972] RestoreDC (hdc=0xc0107a2, nSavedDC=-1) returned 1
[0168.972] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107a2) returned 0x0
[0168.972] GetFocus () returned 0xb013e
[0168.972] IsAppThemed () returned 0x1
[0168.972] GetThemeAppProperties () returned 0x3
[0168.972] GetThemeAppProperties () returned 0x3
[0168.972] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0168.973] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xc0107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0168.973] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107a2) returned 0x0
[0168.973] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0168.973] SelectObject (hdc=0xc0107a2, h=0x85000f) returned 0x4a0507fe
[0168.973] DeleteDC (hdc=0xc0107a2) returned 1
[0168.973] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0168.973] EndPaint (hWnd=0x902dc, lpPaint=0xd7e24c) returned 1
[0168.973] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.973] IsWindowUnicode (hWnd=0x902de) returned 1
[0168.973] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0168.973] TranslateMessage (lpMsg=0xd7e808) returned 0
[0168.974] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0168.974] BeginPaint (in: hWnd=0x902de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0168.974] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0168.974] CreateCompatibleDC (hdc=0x10105d6) returned 0xe0107a2
[0168.974] SelectObject (hdc=0xe0107a2, h=0x4a0507fe) returned 0x85000f
[0168.974] GdipCreateFromHDC (hdc=0xe0107a2, graphics=0xd7e268) returned 0x0
[0168.974] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0168.974] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0168.974] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0168.974] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0168.974] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0168.975] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0168.975] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.975] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0168.975] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0168.975] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0168.975] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0168.975] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0168.975] GdipRestoreGraphics (graphics=0x6600030, state=0xfc6a0dbd) returned 0x0
[0168.975] GdipDeleteRegion (region=0x6644358) returned 0x0
[0168.975] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0168.975] GetCurrentObject (hdc=0xe0107a2, type=0x1) returned 0xb00017
[0168.975] GetCurrentObject (hdc=0xe0107a2, type=0x2) returned 0x900010
[0168.975] GetCurrentObject (hdc=0xe0107a2, type=0x7) returned 0x4a0507fe
[0168.975] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0168.975] SaveDC (hdc=0xe0107a2) returned 1
[0168.975] GetNearestColor (hdc=0xe0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.975] GetNearestColor (hdc=0xe0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0168.976] GetNearestColor (hdc=0xe0107a2, color=0x696969) returned 0x696969
[0168.976] GetNearestColor (hdc=0xe0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0168.976] GetNearestColor (hdc=0xe0107a2, color=0x0) returned 0x0
[0168.976] GetNearestColor (hdc=0xe0107a2, color=0xffffff) returned 0xffffff
[0168.976] GetNearestColor (hdc=0xe0107a2, color=0xe5e5e5) returned 0xe5e5e5
[0168.976] GetNearestColor (hdc=0xe0107a2, color=0xd7d7d7) returned 0xd7d7d7
[0168.976] GetNearestColor (hdc=0xe0107a2, color=0x0) returned 0x0
[0168.976] RestoreDC (hdc=0xe0107a2, nSavedDC=-1) returned 1
[0168.976] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107a2) returned 0x0
[0168.976] IsAppThemed () returned 0x1
[0168.977] GetThemeAppProperties () returned 0x3
[0168.977] GetThemeAppProperties () returned 0x3
[0168.977] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0168.977] SendMessageW (hWnd=0x902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0168.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0168.977] IsAppThemed () returned 0x1
[0168.977] GetThemeAppProperties () returned 0x3
[0168.977] GetThemeAppProperties () returned 0x3
[0168.977] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2dbd248 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0168.977] IsAppThemed () returned 0x1
[0168.977] GetThemeAppProperties () returned 0x3
[0168.977] GetThemeAppProperties () returned 0x3
[0168.977] IsAppThemed () returned 0x1
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] GetFocus () returned 0xb013e
[0168.978] IsAppThemed () returned 0x1
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] IsAppThemed () returned 0x1
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] IsThemePartDefined () returned 0x1
[0168.978] IsAppThemed () returned 0x1
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0168.978] IsAppThemed () returned 0x1
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] IsAppThemed () returned 0x1
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] GetThemeAppProperties () returned 0x3
[0168.978] IsThemePartDefined () returned 0x1
[0168.978] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0168.978] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0168.979] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0168.979] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0168.979] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0168.979] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0168.979] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.979] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0168.979] LocalFree (hMem=0x11ee9f0) returned 0x0
[0168.979] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0168.979] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e018) returned 0x0
[0168.979] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e008) returned 0x0
[0168.979] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0168.979] GdipDeleteRegion (region=0x6644358) returned 0x0
[0168.979] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0168.979] GetCurrentObject (hdc=0xe0107a2, type=0x1) returned 0xb00017
[0168.979] GetCurrentObject (hdc=0xe0107a2, type=0x2) returned 0x900010
[0168.979] GetCurrentObject (hdc=0xe0107a2, type=0x7) returned 0x4a0507fe
[0168.979] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0168.979] SaveDC (hdc=0xe0107a2) returned 1
[0168.980] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x43040807
[0168.980] GetClipRgn (hdc=0xe0107a2, hrgn=0x43040807) returned 0
[0168.980] SelectClipRgn (hdc=0xe0107a2, hrgn=0xc70407de) returned 2
[0168.980] DeleteObject (ho=0x43040807) returned 1
[0168.980] DeleteObject (ho=0xc70407de) returned 1
[0168.980] OffsetViewportOrgEx (in: hdc=0xe0107a2, x=0, y=0, lppt=0x2dbd8f8 | out: lppt=0x2dbd8f8) returned 1
[0168.980] DrawThemeParentBackground () returned 0x0
[0168.980] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0168.980] GetClientRect (in: hWnd=0x902da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0168.980] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0168.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0168.980] GetSystemMetrics (nIndex=42) returned 0
[0168.980] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0168.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0168.980] GetClientRect (in: hWnd=0x902da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0168.981] GetCurrentObject (hdc=0xe0107a2, type=0x1) returned 0xb00017
[0168.981] GetCurrentObject (hdc=0xe0107a2, type=0x2) returned 0x900010
[0168.981] GetCurrentObject (hdc=0xe0107a2, type=0x7) returned 0x4a0507fe
[0168.981] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0168.981] SaveDC (hdc=0xe0107a2) returned 2
[0168.981] GetNearestColor (hdc=0xe0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0168.981] CreateSolidBrush (color=0xf0f0f0) returned 0x771007e1
[0168.981] FillRect (hDC=0xe0107a2, lprc=0xd7da38, hbr=0x771007e1) returned 1
[0168.981] DeleteObject (ho=0x771007e1) returned 1
[0168.981] RestoreDC (hdc=0xe0107a2, nSavedDC=-1) returned 1
[0169.017] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0169.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.017] GetSystemMetrics (nIndex=42) returned 0
[0169.017] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0169.017] GetClientRect (in: hWnd=0x902da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0169.017] GetCurrentObject (hdc=0xe0107a2, type=0x1) returned 0xb00017
[0169.017] GetCurrentObject (hdc=0xe0107a2, type=0x2) returned 0x900010
[0169.017] GetCurrentObject (hdc=0xe0107a2, type=0x7) returned 0x4a0507fe
[0169.017] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0169.017] SaveDC (hdc=0xe0107a2) returned 2
[0169.017] GetNearestColor (hdc=0xe0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0169.018] CreateSolidBrush (color=0xf0f0f0) returned 0x781007e1
[0169.018] FillRect (hDC=0xe0107a2, lprc=0xd7d9d8, hbr=0x781007e1) returned 1
[0169.018] DeleteObject (ho=0x781007e1) returned 1
[0169.018] RestoreDC (hdc=0xe0107a2, nSavedDC=-1) returned 1
[0169.018] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0169.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.018] GetSystemMetrics (nIndex=42) returned 0
[0169.018] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0169.018] RestoreDC (hdc=0xe0107a2, nSavedDC=-1) returned 1
[0169.018] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107a2) returned 0x0
[0169.018] IsAppThemed () returned 0x1
[0169.019] GetThemeAppProperties () returned 0x3
[0169.019] GetThemeAppProperties () returned 0x3
[0169.019] IsAppThemed () returned 0x1
[0169.019] GetThemeAppProperties () returned 0x3
[0169.019] GetThemeAppProperties () returned 0x3
[0169.019] IsThemePartDefined () returned 0x1
[0169.019] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0169.019] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.019] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0169.019] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0169.019] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0169.019] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0169.019] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eead0) returned 0x0
[0169.019] LocalFree (hMem=0x11eead0) returned 0x0
[0169.019] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0169.019] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0169.019] LocalFree (hMem=0x11ee788) returned 0x0
[0169.020] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0169.020] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0169.020] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0169.020] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0169.020] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.020] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0169.020] GetCurrentObject (hdc=0xe0107a2, type=0x1) returned 0xb00017
[0169.020] GetCurrentObject (hdc=0xe0107a2, type=0x2) returned 0x900010
[0169.020] GetCurrentObject (hdc=0xe0107a2, type=0x7) returned 0x4a0507fe
[0169.020] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0169.020] SaveDC (hdc=0xe0107a2) returned 1
[0169.020] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc80407de
[0169.020] GetClipRgn (hdc=0xe0107a2, hrgn=0xc80407de) returned 0
[0169.020] SelectClipRgn (hdc=0xe0107a2, hrgn=0x45040807) returned 2
[0169.020] DeleteObject (ho=0xc80407de) returned 1
[0169.020] DeleteObject (ho=0x45040807) returned 1
[0169.021] OffsetViewportOrgEx (in: hdc=0xe0107a2, x=0, y=0, lppt=0x2dbe1a4 | out: lppt=0x2dbe1a4) returned 1
[0169.021] IsAppThemed () returned 0x1
[0169.021] GetThemeAppProperties () returned 0x3
[0169.021] GetThemeAppProperties () returned 0x3
[0169.021] DrawThemeBackground () returned 0x0
[0169.021] RestoreDC (hdc=0xe0107a2, nSavedDC=-1) returned 1
[0169.021] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107a2) returned 0x0
[0169.021] GdipCreateRegion (region=0xd7df60) returned 0x0
[0169.021] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.021] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0169.021] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0169.021] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0169.021] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0169.021] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0169.021] LocalFree (hMem=0x11eead0) returned 0x0
[0169.021] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0169.021] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0169.022] LocalFree (hMem=0x11eec58) returned 0x0
[0169.022] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0169.022] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0169.022] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df90) returned 0x0
[0169.022] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0169.022] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.022] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0169.022] GetCurrentObject (hdc=0xe0107a2, type=0x1) returned 0xb00017
[0169.022] GetCurrentObject (hdc=0xe0107a2, type=0x2) returned 0x900010
[0169.022] GetCurrentObject (hdc=0xe0107a2, type=0x7) returned 0x4a0507fe
[0169.022] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0169.022] SaveDC (hdc=0xe0107a2) returned 1
[0169.022] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x46040807
[0169.022] GetClipRgn (hdc=0xe0107a2, hrgn=0x46040807) returned 0
[0169.022] SelectClipRgn (hdc=0xe0107a2, hrgn=0xc90407de) returned 2
[0169.022] DeleteObject (ho=0x46040807) returned 1
[0169.022] DeleteObject (ho=0xc90407de) returned 1
[0169.023] OffsetViewportOrgEx (in: hdc=0xe0107a2, x=0, y=0, lppt=0x2dbe478 | out: lppt=0x2dbe478) returned 1
[0169.023] IsAppThemed () returned 0x1
[0169.023] GetThemeAppProperties () returned 0x3
[0169.023] GetThemeAppProperties () returned 0x3
[0169.023] GetThemeBackgroundContentRect () returned 0x0
[0169.023] RestoreDC (hdc=0xe0107a2, nSavedDC=-1) returned 1
[0169.023] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107a2) returned 0x0
[0169.023] IsAppThemed () returned 0x1
[0169.023] GetThemeAppProperties () returned 0x3
[0169.023] GetThemeAppProperties () returned 0x3
[0169.023] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0169.023] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0169.023] GetCurrentObject (hdc=0xe0107a2, type=0x1) returned 0xb00017
[0169.023] GetCurrentObject (hdc=0xe0107a2, type=0x2) returned 0x900010
[0169.023] GetCurrentObject (hdc=0xe0107a2, type=0x7) returned 0x4a0507fe
[0169.023] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0169.023] SaveDC (hdc=0xe0107a2) returned 1
[0169.024] GetTextAlign (hdc=0xe0107a2) returned 0x0
[0169.024] GetTextColor (hdc=0xe0107a2) returned 0x0
[0169.024] GetCurrentObject (hdc=0xe0107a2, type=0x6) returned 0x8a01c2
[0169.024] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0169.024] SelectObject (hdc=0xe0107a2, h=0x6d0a0520) returned 0x8a01c2
[0169.024] GetBkMode (hdc=0xe0107a2) returned 2
[0169.024] SetBkMode (hdc=0xe0107a2, mode=1) returned 2
[0169.024] DrawTextExW (in: hdc=0xe0107a2, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2dbe818 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0169.024] DrawTextExW (in: hdc=0xe0107a2, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dbe818 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0169.025] RestoreDC (hdc=0xe0107a2, nSavedDC=-1) returned 1
[0169.025] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107a2) returned 0x0
[0169.025] GetFocus () returned 0xb013e
[0169.025] IsAppThemed () returned 0x1
[0169.025] GetThemeAppProperties () returned 0x3
[0169.025] GetThemeAppProperties () returned 0x3
[0169.025] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0169.025] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xe0107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0169.025] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107a2) returned 0x0
[0169.025] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.025] SelectObject (hdc=0xe0107a2, h=0x85000f) returned 0x4a0507fe
[0169.025] DeleteDC (hdc=0xe0107a2) returned 1
[0169.026] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0169.026] EndPaint (hWnd=0x902de, lpPaint=0xd7e24c) returned 1
[0169.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0169.027] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.027] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0169.027] TranslateMessage (lpMsg=0xd7e808) returned 0
[0169.027] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0169.034] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0169.035] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.035] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.035] TranslateMessage (lpMsg=0xd7e808) returned 0
[0169.035] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0169.035] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.036] IsWindowUnicode (hWnd=0x602c4) returned 1
[0169.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0169.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0169.036] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0169.037] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0169.037] CreateCompatibleDC (hdc=0xc0107c5) returned 0xf70107c6
[0169.037] SelectObject (hdc=0xf70107c6, h=0x4a0507fe) returned 0x85000f
[0169.037] GdipCreateFromHDC (hdc=0xf70107c6, graphics=0xd7e268) returned 0x0
[0169.037] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0169.037] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0169.037] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0169.037] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0169.037] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0169.037] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0169.037] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0169.037] LocalFree (hMem=0x11ee910) returned 0x0
[0169.038] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0169.038] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0169.038] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.038] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0169.038] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0169.038] GdipRestoreGraphics (graphics=0x6600030, state=0xfc680dbd) returned 0x0
[0169.038] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.038] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0169.038] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0169.038] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0169.038] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0169.038] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0169.038] SaveDC (hdc=0xf70107c6) returned 1
[0169.038] GetNearestColor (hdc=0xf70107c6, color=0xff) returned 0xff
[0169.038] GetNearestColor (hdc=0xf70107c6, color=0x55) returned 0x55
[0169.038] GetNearestColor (hdc=0xf70107c6, color=0x0) returned 0x0
[0169.039] GetNearestColor (hdc=0xf70107c6, color=0x55) returned 0x55
[0169.039] GetNearestColor (hdc=0xf70107c6, color=0x0) returned 0x0
[0169.039] GetNearestColor (hdc=0xf70107c6, color=0x8080ff) returned 0x8080ff
[0169.039] GetNearestColor (hdc=0xf70107c6, color=0x7373e5) returned 0x7373e5
[0169.039] GetNearestColor (hdc=0xf70107c6, color=0xe5) returned 0xe5
[0169.039] GetNearestColor (hdc=0xf70107c6, color=0x0) returned 0x0
[0169.039] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0169.039] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0169.039] IsAppThemed () returned 0x1
[0169.039] GetThemeAppProperties () returned 0x3
[0169.039] GetThemeAppProperties () returned 0x3
[0169.039] IsAppThemed () returned 0x1
[0169.039] GetThemeAppProperties () returned 0x3
[0169.039] GetThemeAppProperties () returned 0x3
[0169.040] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2dbefe0 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0169.040] IsAppThemed () returned 0x1
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] IsAppThemed () returned 0x1
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] GetFocus () returned 0xb013e
[0169.040] IsAppThemed () returned 0x1
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] IsAppThemed () returned 0x1
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] GetThemeAppProperties () returned 0x3
[0169.040] IsThemePartDefined () returned 0x1
[0169.041] IsAppThemed () returned 0x1
[0169.041] GetThemeAppProperties () returned 0x3
[0169.041] GetThemeAppProperties () returned 0x3
[0169.041] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0169.041] IsAppThemed () returned 0x1
[0169.041] GetThemeAppProperties () returned 0x3
[0169.041] GetThemeAppProperties () returned 0x3
[0169.041] IsAppThemed () returned 0x1
[0169.041] GetThemeAppProperties () returned 0x3
[0169.041] GetThemeAppProperties () returned 0x3
[0169.041] IsThemePartDefined () returned 0x1
[0169.041] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0169.041] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.041] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0169.041] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0169.041] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dff0) returned 0x0
[0169.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0169.041] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0169.041] LocalFree (hMem=0x11ee9f0) returned 0x0
[0169.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0169.041] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0169.042] LocalFree (hMem=0x11eea28) returned 0x0
[0169.042] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0169.042] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e018) returned 0x0
[0169.042] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e008) returned 0x0
[0169.042] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0169.042] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.042] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0169.042] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0169.042] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0169.042] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0169.042] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0169.042] SaveDC (hdc=0xf70107c6) returned 1
[0169.042] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xca0407de
[0169.042] GetClipRgn (hdc=0xf70107c6, hrgn=0xca0407de) returned 0
[0169.042] SelectClipRgn (hdc=0xf70107c6, hrgn=0x4a040807) returned 2
[0169.042] DeleteObject (ho=0xca0407de) returned 1
[0169.043] DeleteObject (ho=0x4a040807) returned 1
[0169.043] OffsetViewportOrgEx (in: hdc=0xf70107c6, x=0, y=0, lppt=0x2dbf690 | out: lppt=0x2dbf690) returned 1
[0169.043] DrawThemeParentBackground () returned 0x0
[0169.043] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0169.043] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0169.043] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0169.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.043] GetSystemMetrics (nIndex=42) returned 0
[0169.043] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0169.043] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0169.043] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0169.043] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0169.044] SelectPalette (hdc=0xf70107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0169.049] GdipCreateFromHDC (hdc=0xf70107c6, graphics=0xd7dac8) returned 0x0
[0169.049] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0169.049] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0169.049] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638ba8) returned 0x0
[0169.049] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7daa0) returned 0x0
[0169.050] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0169.050] GdipCreateRegion (region=0xd7da88) returned 0x0
[0169.050] GdipGetClip (graphics=0x663bc50, region=0x6644358) returned 0x0
[0169.050] GdipIsInfiniteRegion (region=0x6644358, graphics=0x663bc50, result=0xd7da94) returned 0x0
[0169.050] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.050] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dac0) returned 0x0
[0169.050] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0169.098] GdipFillRectangleI (graphics=0x663bc50, brush=0x6637060, x=0, y=0, width=801, height=453) returned 0x0
[0169.098] GdipDeleteBrush (brush=0x6637060) returned 0x0
[0169.100] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0169.100] SelectPalette (hdc=0xf70107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.100] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0169.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.100] GetSystemMetrics (nIndex=42) returned 0
[0169.100] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0169.100] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0169.100] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0169.100] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0169.100] SelectPalette (hdc=0xf70107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0169.101] GdipCreateFromHDC (hdc=0xf70107c6, graphics=0xd7da68) returned 0x0
[0169.101] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0169.101] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0169.101] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638cc8) returned 0x0
[0169.101] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7da40) returned 0x0
[0169.101] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0169.101] GdipCreateRegion (region=0xd7da28) returned 0x0
[0169.101] GdipGetClip (graphics=0x663bc50, region=0x6644358) returned 0x0
[0169.101] GdipIsInfiniteRegion (region=0x6644358, graphics=0x663bc50, result=0xd7da34) returned 0x0
[0169.101] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.101] GdipSaveGraphics (graphics=0x663bc50, state=0xd7da60) returned 0x0
[0169.101] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0169.117] GdipFillRectangleI (graphics=0x663bc50, brush=0x6637060, x=0, y=0, width=801, height=453) returned 0x0
[0169.117] GdipDeleteBrush (brush=0x6637060) returned 0x0
[0169.119] GdipRestoreGraphics (graphics=0x663bc50, state=0xfc640dbd) returned 0x0
[0169.119] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0169.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.119] GetSystemMetrics (nIndex=42) returned 0
[0169.119] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0169.119] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0169.119] SelectPalette (hdc=0xf70107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.119] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0169.119] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0169.120] IsAppThemed () returned 0x1
[0169.120] GetThemeAppProperties () returned 0x3
[0169.120] GetThemeAppProperties () returned 0x3
[0169.120] IsAppThemed () returned 0x1
[0169.120] GetThemeAppProperties () returned 0x3
[0169.120] GetThemeAppProperties () returned 0x3
[0169.120] IsThemePartDefined () returned 0x1
[0169.120] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0169.120] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.120] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0169.120] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0169.120] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df74) returned 0x0
[0169.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0169.120] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0169.120] LocalFree (hMem=0x11ee788) returned 0x0
[0169.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0169.120] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0169.120] LocalFree (hMem=0x11ee9f0) returned 0x0
[0169.121] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0169.121] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0169.121] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0169.121] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0169.121] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.121] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0169.121] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0169.121] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0169.121] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0169.121] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0169.121] SaveDC (hdc=0xf70107c6) returned 1
[0169.121] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b040807
[0169.121] GetClipRgn (hdc=0xf70107c6, hrgn=0x4b040807) returned 0
[0169.121] SelectClipRgn (hdc=0xf70107c6, hrgn=0xcc0407de) returned 2
[0169.121] DeleteObject (ho=0x4b040807) returned 1
[0169.122] DeleteObject (ho=0xcc0407de) returned 1
[0169.122] OffsetViewportOrgEx (in: hdc=0xf70107c6, x=0, y=0, lppt=0x2dc5ee0 | out: lppt=0x2dc5ee0) returned 1
[0169.122] IsAppThemed () returned 0x1
[0169.122] GetThemeAppProperties () returned 0x3
[0169.122] GetThemeAppProperties () returned 0x3
[0169.122] DrawThemeBackground () returned 0x0
[0169.122] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0169.122] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0169.123] GdipCreateRegion (region=0xd7df60) returned 0x0
[0169.123] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.123] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0169.123] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0169.123] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0169.123] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0169.123] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0169.123] LocalFree (hMem=0x11ee9f0) returned 0x0
[0169.123] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0169.123] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0169.123] LocalFree (hMem=0x11ee788) returned 0x0
[0169.123] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0169.123] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0169.123] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df90) returned 0x0
[0169.123] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0169.123] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.123] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0169.123] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0169.124] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0169.124] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0169.124] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0169.124] SaveDC (hdc=0xf70107c6) returned 1
[0169.124] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcd0407de
[0169.124] GetClipRgn (hdc=0xf70107c6, hrgn=0xcd0407de) returned 0
[0169.124] SelectClipRgn (hdc=0xf70107c6, hrgn=0x4c040807) returned 2
[0169.124] DeleteObject (ho=0xcd0407de) returned 1
[0169.124] DeleteObject (ho=0x4c040807) returned 1
[0169.124] OffsetViewportOrgEx (in: hdc=0xf70107c6, x=0, y=0, lppt=0x2dc61b4 | out: lppt=0x2dc61b4) returned 1
[0169.124] IsAppThemed () returned 0x1
[0169.124] GetThemeAppProperties () returned 0x3
[0169.124] GetThemeAppProperties () returned 0x3
[0169.124] GetThemeBackgroundContentRect () returned 0x0
[0169.124] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0169.124] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0169.124] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0169.124] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0169.124] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0169.125] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0169.125] IsAppThemed () returned 0x1
[0169.125] GetThemeAppProperties () returned 0x3
[0169.125] GetThemeAppProperties () returned 0x3
[0169.125] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0169.125] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0169.125] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0169.125] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0169.125] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0169.125] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0169.125] SaveDC (hdc=0xf70107c6) returned 1
[0169.125] GetTextAlign (hdc=0xf70107c6) returned 0x0
[0169.125] GetTextColor (hdc=0xf70107c6) returned 0x0
[0169.125] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0169.125] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0169.125] SelectObject (hdc=0xf70107c6, h=0x6d0a0520) returned 0x8a01c2
[0169.126] GetBkMode (hdc=0xf70107c6) returned 2
[0169.126] SetBkMode (hdc=0xf70107c6, mode=1) returned 2
[0169.126] DrawTextExW (in: hdc=0xf70107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc6578 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0169.126] DrawTextExW (in: hdc=0xf70107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc6578 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0169.126] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0169.127] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0169.127] GetFocus () returned 0xb013e
[0169.127] IsAppThemed () returned 0x1
[0169.127] GetThemeAppProperties () returned 0x3
[0169.127] GetThemeAppProperties () returned 0x3
[0169.127] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0169.127] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xf70107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0169.127] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0169.127] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.127] SelectObject (hdc=0xf70107c6, h=0x85000f) returned 0x4a0507fe
[0169.127] DeleteDC (hdc=0xf70107c6) returned 1
[0169.127] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0169.127] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0169.128] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.128] IsWindowUnicode (hWnd=0x902dc) returned 1
[0169.128] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.128] GetDlgItem (hDlg=0x902da, nIDDlgItem=0) returned 0x0
[0169.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x210, wParam=0x201, lParam=0x62011d) returned 0x0
[0169.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x21, wParam=0x902da, lParam=0x2010001) returned 0x1
[0169.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x21, wParam=0x902da, lParam=0x2010001) returned 0x1
[0169.129] SetCursor (hCursor=0x10003) returned 0x10003
[0169.129] TranslateMessage (lpMsg=0xd7e808) returned 0
[0169.129] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0169.129] GetKeyState (nVirtKey=1) returned -127
[0169.129] GetKeyState (nVirtKey=2) returned 0
[0169.129] GetKeyState (nVirtKey=4) returned 0
[0169.129] GetKeyState (nVirtKey=5) returned 0
[0169.129] GetKeyState (nVirtKey=6) returned 0
[0169.129] IsWindowVisible (hWnd=0x902dc) returned 1
[0169.129] IsWindowEnabled (hWnd=0x902dc) returned 1
[0169.129] SetFocus (hWnd=0x902dc) returned 0xb013e
[0169.129] GetFocus () returned 0x902dc
[0169.130] IsChild (hWndParent=0x902da, hWnd=0x902dc) returned 1
[0169.130] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x8, wParam=0x902dc, lParam=0x0) returned 0x0
[0169.130] GetCapture () returned 0x0
[0169.130] InvalidateRect (hWnd=0xb013e, lpRect=0x0, bErase=0) returned 1
[0169.131] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0169.132] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0169.134] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0169.134] InvalidateRect (hWnd=0xb013e, lpRect=0x0, bErase=0) returned 1
[0169.134] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0169.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x7, wParam=0xb013e, lParam=0x0) returned 0x0
[0169.134] GetStockObject (i=5) returned 0x900015
[0169.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0169.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0xd, wParam=0xa, lParam=0x11f5780) returned 0x9
[0169.135] GetDlgItem (hDlg=0x902da, nIDDlgItem=590556) returned 0x902dc
[0169.135] SendMessageW (hWnd=0x902dc, Msg=0x202b, wParam=0x902dc, lParam=0xd7dddc) returned 0x0
[0169.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x202b, wParam=0x902dc, lParam=0xd7dddc) returned 0x0
[0169.135] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0169.136] GetFocus () returned 0x902dc
[0169.137] GetFocus () returned 0x902dc
[0169.137] GetFocus () returned 0x902dc
[0169.137] GetKeyState (nVirtKey=1) returned -127
[0169.137] GetKeyState (nVirtKey=2) returned 0
[0169.137] GetKeyState (nVirtKey=4) returned 0
[0169.137] GetKeyState (nVirtKey=5) returned 0
[0169.137] GetKeyState (nVirtKey=6) returned 0
[0169.137] GetCapture () returned 0x0
[0169.137] SetCapture (hWnd=0x902dc) returned 0x0
[0169.137] GetKeyState (nVirtKey=1) returned -127
[0169.137] GetKeyState (nVirtKey=2) returned 0
[0169.137] GetKeyState (nVirtKey=4) returned 0
[0169.137] GetKeyState (nVirtKey=5) returned 0
[0169.137] GetKeyState (nVirtKey=6) returned 0
[0169.137] NotifyWinEvent (event=0x800a, hwnd=0x902dc, idObject=-4, idChild=0)
[0169.137] InvalidateRect (hWnd=0x902dc, lpRect=0xd7e430, bErase=0) returned 1
[0169.137] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.141] IsWindowUnicode (hWnd=0x902dc) returned 1
[0169.141] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.141] TranslateMessage (lpMsg=0xd7e808) returned 0
[0169.141] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0169.141] MapWindowPoints (in: hWndFrom=0x902dc, hWndTo=0x0, lpPoints=0x2dc6768, cPoints=0x1 | out: lpPoints=0x2dc6768) returned 30999254
[0169.141] NotifyWinEvent (event=0x800a, hwnd=0x902dc, idObject=-4, idChild=0)
[0169.141] InvalidateRect (hWnd=0x902dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0169.141] UpdateWindow (hWnd=0x902dc) returned 1
[0169.141] BeginPaint (in: hWnd=0x902dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0169.141] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0169.141] CreateCompatibleDC (hdc=0xf0105ee) returned 0xf90107c6
[0169.141] SelectObject (hdc=0xf90107c6, h=0x4a0507fe) returned 0x85000f
[0169.142] GdipCreateFromHDC (hdc=0xf90107c6, graphics=0xd7df00) returned 0x0
[0169.142] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0169.142] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0169.142] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0169.142] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0169.142] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df60) returned 0x0
[0169.142] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0169.142] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0169.142] LocalFree (hMem=0x11eec58) returned 0x0
[0169.142] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0169.142] GdipCreateRegion (region=0xd7df48) returned 0x0
[0169.142] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.142] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7df54) returned 0x0
[0169.142] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0169.142] GdipRestoreGraphics (graphics=0x6600030, state=0xfc620dbd) returned 0x0
[0169.143] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.143] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0169.143] GetCurrentObject (hdc=0xf90107c6, type=0x1) returned 0xb00017
[0169.143] GetCurrentObject (hdc=0xf90107c6, type=0x2) returned 0x900010
[0169.143] GetCurrentObject (hdc=0xf90107c6, type=0x7) returned 0x4a0507fe
[0169.143] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.143] SaveDC (hdc=0xf90107c6) returned 1
[0169.143] GetNearestColor (hdc=0xf90107c6, color=0xf0f0f0) returned 0xf0f0f0
[0169.143] GetNearestColor (hdc=0xf90107c6, color=0xa0a0a0) returned 0xa0a0a0
[0169.143] GetNearestColor (hdc=0xf90107c6, color=0x696969) returned 0x696969
[0169.143] GetNearestColor (hdc=0xf90107c6, color=0xa0a0a0) returned 0xa0a0a0
[0169.143] GetNearestColor (hdc=0xf90107c6, color=0x0) returned 0x0
[0169.143] GetNearestColor (hdc=0xf90107c6, color=0xffffff) returned 0xffffff
[0169.143] GetNearestColor (hdc=0xf90107c6, color=0xe5e5e5) returned 0xe5e5e5
[0169.144] GetNearestColor (hdc=0xf90107c6, color=0xd7d7d7) returned 0xd7d7d7
[0169.144] GetNearestColor (hdc=0xf90107c6, color=0x0) returned 0x0
[0169.144] RestoreDC (hdc=0xf90107c6, nSavedDC=-1) returned 1
[0169.144] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107c6) returned 0x0
[0169.144] IsAppThemed () returned 0x1
[0169.144] GetThemeAppProperties () returned 0x3
[0169.144] GetThemeAppProperties () returned 0x3
[0169.144] IsAppThemed () returned 0x1
[0169.144] GetThemeAppProperties () returned 0x3
[0169.144] GetThemeAppProperties () returned 0x3
[0169.144] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dc6ec0 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0169.144] IsAppThemed () returned 0x1
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] IsAppThemed () returned 0x1
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] IsAppThemed () returned 0x1
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] IsAppThemed () returned 0x1
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] IsThemePartDefined () returned 0x1
[0169.145] IsAppThemed () returned 0x1
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0169.145] IsAppThemed () returned 0x1
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] GetThemeAppProperties () returned 0x3
[0169.145] IsAppThemed () returned 0x1
[0169.145] GetThemeAppProperties () returned 0x3
[0169.146] GetThemeAppProperties () returned 0x3
[0169.146] IsThemePartDefined () returned 0x1
[0169.146] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0169.146] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.146] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0169.146] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0169.146] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc7c) returned 0x0
[0169.146] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0169.146] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0169.146] LocalFree (hMem=0x11eec58) returned 0x0
[0169.146] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0169.146] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee910) returned 0x0
[0169.146] LocalFree (hMem=0x11ee910) returned 0x0
[0169.146] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0169.146] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0169.146] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0169.146] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0169.146] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.147] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0169.147] GetCurrentObject (hdc=0xf90107c6, type=0x1) returned 0xb00017
[0169.147] GetCurrentObject (hdc=0xf90107c6, type=0x2) returned 0x900010
[0169.147] GetCurrentObject (hdc=0xf90107c6, type=0x7) returned 0x4a0507fe
[0169.147] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.147] SaveDC (hdc=0xf90107c6) returned 1
[0169.147] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4d040807
[0169.147] GetClipRgn (hdc=0xf90107c6, hrgn=0x4d040807) returned 0
[0169.147] SelectClipRgn (hdc=0xf90107c6, hrgn=0xd10407de) returned 2
[0169.147] DeleteObject (ho=0x4d040807) returned 1
[0169.147] DeleteObject (ho=0xd10407de) returned 1
[0169.147] OffsetViewportOrgEx (in: hdc=0xf90107c6, x=0, y=0, lppt=0x2dc7570 | out: lppt=0x2dc7570) returned 1
[0169.147] DrawThemeParentBackground () returned 0x0
[0169.148] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0169.148] GetClientRect (in: hWnd=0x902da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0169.148] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0169.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.148] GetSystemMetrics (nIndex=42) returned 0
[0169.148] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0169.148] GetClientRect (in: hWnd=0x902da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0169.148] GetCurrentObject (hdc=0xf90107c6, type=0x1) returned 0xb00017
[0169.148] GetCurrentObject (hdc=0xf90107c6, type=0x2) returned 0x900010
[0169.148] GetCurrentObject (hdc=0xf90107c6, type=0x7) returned 0x4a0507fe
[0169.148] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.148] SaveDC (hdc=0xf90107c6) returned 2
[0169.148] GetNearestColor (hdc=0xf90107c6, color=0xf0f0f0) returned 0xf0f0f0
[0169.148] CreateSolidBrush (color=0xf0f0f0) returned 0x791007e1
[0169.148] FillRect (hDC=0xf90107c6, lprc=0xd7d6c8, hbr=0x791007e1) returned 1
[0169.148] DeleteObject (ho=0x791007e1) returned 1
[0169.149] RestoreDC (hdc=0xf90107c6, nSavedDC=-1) returned 1
[0169.149] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0169.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.149] GetSystemMetrics (nIndex=42) returned 0
[0169.149] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0169.149] GetClientRect (in: hWnd=0x902da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0169.149] GetCurrentObject (hdc=0xf90107c6, type=0x1) returned 0xb00017
[0169.149] GetCurrentObject (hdc=0xf90107c6, type=0x2) returned 0x900010
[0169.149] GetCurrentObject (hdc=0xf90107c6, type=0x7) returned 0x4a0507fe
[0169.149] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.149] SaveDC (hdc=0xf90107c6) returned 2
[0169.149] GetNearestColor (hdc=0xf90107c6, color=0xf0f0f0) returned 0xf0f0f0
[0169.149] CreateSolidBrush (color=0xf0f0f0) returned 0x7a1007e1
[0169.149] FillRect (hDC=0xf90107c6, lprc=0xd7d668, hbr=0x7a1007e1) returned 1
[0169.150] DeleteObject (ho=0x7a1007e1) returned 1
[0169.150] RestoreDC (hdc=0xf90107c6, nSavedDC=-1) returned 1
[0169.150] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0169.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.150] GetSystemMetrics (nIndex=42) returned 0
[0169.150] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0169.150] RestoreDC (hdc=0xf90107c6, nSavedDC=-1) returned 1
[0169.150] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107c6) returned 0x0
[0169.150] IsAppThemed () returned 0x1
[0169.150] GetThemeAppProperties () returned 0x3
[0169.150] GetThemeAppProperties () returned 0x3
[0169.150] IsAppThemed () returned 0x1
[0169.150] GetThemeAppProperties () returned 0x3
[0169.150] GetThemeAppProperties () returned 0x3
[0169.151] IsThemePartDefined () returned 0x1
[0169.151] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0169.151] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.151] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0169.151] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0169.151] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc00) returned 0x0
[0169.151] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0169.151] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0169.151] LocalFree (hMem=0x11ee868) returned 0x0
[0169.151] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0169.151] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0169.151] LocalFree (hMem=0x11ee788) returned 0x0
[0169.151] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0169.151] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0169.151] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0169.151] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0169.151] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.151] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0169.152] GetCurrentObject (hdc=0xf90107c6, type=0x1) returned 0xb00017
[0169.152] GetCurrentObject (hdc=0xf90107c6, type=0x2) returned 0x900010
[0169.152] GetCurrentObject (hdc=0xf90107c6, type=0x7) returned 0x4a0507fe
[0169.152] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.152] SaveDC (hdc=0xf90107c6) returned 1
[0169.152] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd20407de
[0169.152] GetClipRgn (hdc=0xf90107c6, hrgn=0xd20407de) returned 0
[0169.152] SelectClipRgn (hdc=0xf90107c6, hrgn=0x4f040807) returned 2
[0169.152] DeleteObject (ho=0xd20407de) returned 1
[0169.152] DeleteObject (ho=0x4f040807) returned 1
[0169.152] OffsetViewportOrgEx (in: hdc=0xf90107c6, x=0, y=0, lppt=0x2dc7e1c | out: lppt=0x2dc7e1c) returned 1
[0169.152] IsAppThemed () returned 0x1
[0169.152] GetThemeAppProperties () returned 0x3
[0169.152] GetThemeAppProperties () returned 0x3
[0169.152] DrawThemeBackground () returned 0x0
[0169.152] RestoreDC (hdc=0xf90107c6, nSavedDC=-1) returned 1
[0169.153] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107c6) returned 0x0
[0169.153] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0169.153] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.153] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0169.153] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0169.153] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc04) returned 0x0
[0169.153] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0169.153] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee910) returned 0x0
[0169.154] LocalFree (hMem=0x11ee910) returned 0x0
[0169.154] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0169.154] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0169.155] LocalFree (hMem=0x11ee788) returned 0x0
[0169.155] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0169.155] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0169.155] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0169.155] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0169.155] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.155] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0169.155] GetCurrentObject (hdc=0xf90107c6, type=0x1) returned 0xb00017
[0169.155] GetCurrentObject (hdc=0xf90107c6, type=0x2) returned 0x900010
[0169.155] GetCurrentObject (hdc=0xf90107c6, type=0x7) returned 0x4a0507fe
[0169.155] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.155] SaveDC (hdc=0xf90107c6) returned 1
[0169.155] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x50040807
[0169.155] GetClipRgn (hdc=0xf90107c6, hrgn=0x50040807) returned 0
[0169.155] SelectClipRgn (hdc=0xf90107c6, hrgn=0xd30407de) returned 2
[0169.155] DeleteObject (ho=0x50040807) returned 1
[0169.156] DeleteObject (ho=0xd30407de) returned 1
[0169.156] OffsetViewportOrgEx (in: hdc=0xf90107c6, x=0, y=0, lppt=0x2dc80f0 | out: lppt=0x2dc80f0) returned 1
[0169.156] IsAppThemed () returned 0x1
[0169.156] GetThemeAppProperties () returned 0x3
[0169.156] GetThemeAppProperties () returned 0x3
[0169.156] GetThemeBackgroundContentRect () returned 0x0
[0169.156] RestoreDC (hdc=0xf90107c6, nSavedDC=-1) returned 1
[0169.156] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107c6) returned 0x0
[0169.156] IsAppThemed () returned 0x1
[0169.156] GetThemeAppProperties () returned 0x3
[0169.156] GetThemeAppProperties () returned 0x3
[0169.156] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0169.156] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0169.156] GetCurrentObject (hdc=0xf90107c6, type=0x1) returned 0xb00017
[0169.156] GetCurrentObject (hdc=0xf90107c6, type=0x2) returned 0x900010
[0169.156] GetCurrentObject (hdc=0xf90107c6, type=0x7) returned 0x4a0507fe
[0169.156] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.157] SaveDC (hdc=0xf90107c6) returned 1
[0169.157] GetTextAlign (hdc=0xf90107c6) returned 0x0
[0169.157] GetTextColor (hdc=0xf90107c6) returned 0x0
[0169.157] GetCurrentObject (hdc=0xf90107c6, type=0x6) returned 0x8a01c2
[0169.157] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0169.157] SelectObject (hdc=0xf90107c6, h=0x6d0a0520) returned 0x8a01c2
[0169.157] GetBkMode (hdc=0xf90107c6) returned 2
[0169.157] SetBkMode (hdc=0xf90107c6, mode=1) returned 2
[0169.157] DrawTextExW (in: hdc=0xf90107c6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dc8490 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0169.158] DrawTextExW (in: hdc=0xf90107c6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dc8490 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0169.158] RestoreDC (hdc=0xf90107c6, nSavedDC=-1) returned 1
[0169.158] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107c6) returned 0x0
[0169.158] GetFocus () returned 0x902dc
[0169.158] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0169.158] SendMessageW (hWnd=0x902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0169.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0169.158] IsAppThemed () returned 0x1
[0169.158] GetThemeAppProperties () returned 0x3
[0169.158] GetThemeAppProperties () returned 0x3
[0169.158] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0169.158] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xf90107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0169.159] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107c6) returned 0x0
[0169.159] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.159] SelectObject (hdc=0xf90107c6, h=0x85000f) returned 0x4a0507fe
[0169.159] DeleteDC (hdc=0xf90107c6) returned 1
[0169.159] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0169.159] EndPaint (hWnd=0x902dc, lpPaint=0xd7dee4) returned 1
[0169.159] MapWindowPoints (in: hWndFrom=0x902dc, hWndTo=0x0, lpPoints=0x2dc858c, cPoints=0x1 | out: lpPoints=0x2dc858c) returned 30999254
[0169.159] WindowFromPoint (Point=0x312) returned 0x902dc
[0169.160] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.161] NotifyWinEvent (event=0x800a, hwnd=0x902dc, idObject=-4, idChild=0)
[0169.161] NotifyWinEvent (event=0x800c, hwnd=0x902dc, idObject=-4, idChild=0)
[0169.161] GetCapture () returned 0x902dc
[0169.161] ReleaseCapture () returned 1
[0169.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0169.161] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0169.162] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.162] IsWindow (hWnd=0x7005c) returned 1
[0169.162] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0169.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0169.163] IsWindow (hWnd=0x902da) returned 1
[0169.163] SetActiveWindow (hWnd=0x902da) returned 0x902da
[0169.163] IsWindow (hWnd=0x902da) returned 1
[0169.163] SetFocus (hWnd=0x902da) returned 0x902dc
[0169.163] GetFocus () returned 0x902da
[0169.163] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x8, wParam=0x902da, lParam=0x0) returned 0x0
[0169.163] GetCapture () returned 0x0
[0169.163] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0169.164] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0169.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0169.167] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0169.167] GetFocus () returned 0x902da
[0169.168] SetFocus (hWnd=0x902dc) returned 0x902da
[0169.168] GetFocus () returned 0x902dc
[0169.168] IsChild (hWndParent=0x902da, hWnd=0x902dc) returned 1
[0169.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x8, wParam=0x902dc, lParam=0x0) returned 0x0
[0169.169] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0169.171] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0169.172] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0169.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x7, wParam=0x902da, lParam=0x0) returned 0x0
[0169.172] GetStockObject (i=5) returned 0x900015
[0169.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0169.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0169.173] GetDlgItem (hDlg=0x902da, nIDDlgItem=590556) returned 0x902dc
[0169.173] SendMessageW (hWnd=0x902dc, Msg=0x202b, wParam=0x902dc, lParam=0xd7ddcc) returned 0x0
[0169.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x202b, wParam=0x902dc, lParam=0xd7ddcc) returned 0x0
[0169.173] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0169.175] GetWindowLongW (hWnd=0x902da, nIndex=-8) returned 458844
[0169.175] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0169.175] GetCurrentThreadId () returned 0xf50
[0169.175] IsWindow (hWnd=0x7005c) returned 1
[0169.175] IsWindow (hWnd=0x7005c) returned 1
[0169.175] IsWindowVisible (hWnd=0x7005c) returned 1
[0169.175] SetActiveWindow (hWnd=0x7005c) returned 0x902da
[0169.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0169.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0169.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0169.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0169.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0169.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0169.179] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0169.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0169.179] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0169.179] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0169.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0169.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0169.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0169.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x902da) returned 0x1
[0169.184] GetFocus () returned 0x902dc
[0169.184] SetFocus (hWnd=0x602c4) returned 0x902dc
[0169.189] GetFocus () returned 0x602c4
[0169.189] IsChild (hWndParent=0x902da, hWnd=0x602c4) returned 0
[0169.189] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0169.189] GetCapture () returned 0x0
[0169.189] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0169.190] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0169.191] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0169.193] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0169.193] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0169.193] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0169.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0169.194] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0169.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x902dc, lParam=0x0) returned 0x0
[0169.194] GetStockObject (i=5) returned 0x900015
[0169.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0169.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed990) returned 0xc
[0169.195] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0169.195] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0169.195] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0169.195] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0169.196] GetFocus () returned 0x602c4
[0169.196] IsChild (hWndParent=0x902da, hWnd=0x602c4) returned 0
[0169.196] ShowWindow (hWnd=0x902da, nCmdShow=0) returned 1
[0169.197] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0169.197] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0169.199] GetWindowPlacement (in: hWnd=0x902da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0169.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0169.199] GetClientRect (in: hWnd=0x902da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0169.199] GetWindowRect (in: hWnd=0x902da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0169.200] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0169.200] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0169.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0169.216] GetWindowLongW (hWnd=0x902da, nIndex=-20) returned 327945
[0169.216] DestroyWindow (hWnd=0x902da) returned 1
[0169.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0169.217] GetWindowTextLengthW (hWnd=0x902da) returned 13
[0169.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.217] GetSystemMetrics (nIndex=42) returned 0
[0169.217] GetWindowTextW (in: hWnd=0x902da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0169.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0169.217] GetWindowTextLengthW (hWnd=0x7005a) returned 0
[0169.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0169.218] GetSystemMetrics (nIndex=42) returned 0
[0169.218] GetWindowTextW (in: hWnd=0x7005a, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0169.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0169.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0169.218] GetWindowThreadProcessId (in: hWnd=0xa02d2, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0169.218] GetWindow (hWnd=0xa02d2, uCmd=0x5) returned 0x0
[0169.218] GetWindowLongW (hWnd=0xa02d2, nIndex=-20) returned 65792
[0169.218] DestroyWindow (hWnd=0xa02d2) returned 1
[0169.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0169.218] GetWindowTextLengthW (hWnd=0xa02d2) returned 25
[0169.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0169.218] GetSystemMetrics (nIndex=42) returned 0
[0169.218] GetWindowTextW (in: hWnd=0xa02d2, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0169.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0169.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0169.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.220] GetWindowTextLengthW (hWnd=0xb02d8) returned 232
[0169.220] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0169.220] GetSystemMetrics (nIndex=42) returned 0
[0169.220] GetWindowTextW (in: hWnd=0xb02d8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0169.220] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0169.220] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0169.221] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0169.221] InvalidateRect (hWnd=0x902dc, lpRect=0x0, bErase=0) returned 1
[0169.221] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0169.221] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0169.221] SendMessageW (hWnd=0xc00ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0169.221] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0169.221] SendMessageW (hWnd=0xc00ea, Msg=0xb0, wParam=0x2d944b0, lParam=0xd7e480) returned 0x0
[0169.221] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0xb0, wParam=0x2d944b0, lParam=0xd7e480) returned 0x0
[0169.221] GetWindowTextLengthW (hWnd=0xc00ea) returned 4363
[0169.221] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0169.221] GetSystemMetrics (nIndex=42) returned 0
[0169.221] CoTaskMemAlloc (cb=0x221c) returned 0x1202890
[0169.221] GetWindowTextW (in: hWnd=0xc00ea, lpString=0x1202890, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0169.222] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0xd, wParam=0x110c, lParam=0x1202890) returned 0x110b
[0169.222] CoTaskMemFree (pv=0x1202890)
[0169.222] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0169.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.223] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.225] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.226] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.227] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.228] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0169.233] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.233] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.233] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.233] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.233] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.234] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.234] IsWindowUnicode (hWnd=0x7005c) returned 1
[0169.234] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.234] SetCursor (hCursor=0x10003) returned 0x10003
[0169.234] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.234] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.235] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0169.235] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0169.235] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0169.235] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080254) returned 0x0
[0169.235] GetKeyState (nVirtKey=1) returned 1
[0169.235] GetKeyState (nVirtKey=2) returned 0
[0169.235] GetKeyState (nVirtKey=4) returned 0
[0169.235] GetKeyState (nVirtKey=5) returned 0
[0169.235] GetKeyState (nVirtKey=6) returned 0
[0169.235] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.235] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.236] IsWindowUnicode (hWnd=0x7005c) returned 1
[0169.236] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.236] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.236] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.236] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.236] IsWindowUnicode (hWnd=0x7005c) returned 1
[0169.236] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0312) returned 0x1
[0169.237] SetCursor (hCursor=0x10003) returned 0x10003
[0169.237] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.237] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080254) returned 0x0
[0169.237] GetKeyState (nVirtKey=1) returned 1
[0169.237] GetKeyState (nVirtKey=2) returned 0
[0169.237] GetKeyState (nVirtKey=4) returned 0
[0169.237] GetKeyState (nVirtKey=5) returned 0
[0169.237] GetKeyState (nVirtKey=6) returned 0
[0169.237] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.237] IsWindowUnicode (hWnd=0x602c4) returned 1
[0169.237] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.237] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.237] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.238] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.238] IsWindowUnicode (hWnd=0x602c4) returned 1
[0169.238] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.239] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.239] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.239] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0169.239] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0169.239] CreateCompatibleDC (hdc=0xf0105ee) returned 0x60107d1
[0169.239] SelectObject (hdc=0x60107d1, h=0x4a0507fe) returned 0x85000f
[0169.239] GdipCreateFromHDC (hdc=0x60107d1, graphics=0xd7e798) returned 0x0
[0169.239] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0169.239] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0169.239] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0169.239] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0169.239] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e7f8) returned 0x0
[0169.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0169.240] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0169.240] LocalFree (hMem=0x11ee9f0) returned 0x0
[0169.240] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0169.240] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0169.240] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.240] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0169.240] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0169.240] GdipRestoreGraphics (graphics=0x6600030, state=0xfc600dbd) returned 0x0
[0169.240] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.240] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0169.240] GetCurrentObject (hdc=0x60107d1, type=0x1) returned 0xb00017
[0169.240] GetCurrentObject (hdc=0x60107d1, type=0x2) returned 0x900010
[0169.240] GetCurrentObject (hdc=0x60107d1, type=0x7) returned 0x4a0507fe
[0169.240] GetCurrentObject (hdc=0x60107d1, type=0x6) returned 0x8a01c2
[0169.240] SaveDC (hdc=0x60107d1) returned 1
[0169.241] GetNearestColor (hdc=0x60107d1, color=0xff) returned 0xff
[0169.241] GetNearestColor (hdc=0x60107d1, color=0x55) returned 0x55
[0169.241] GetNearestColor (hdc=0x60107d1, color=0x0) returned 0x0
[0169.241] GetNearestColor (hdc=0x60107d1, color=0x55) returned 0x55
[0169.241] GetNearestColor (hdc=0x60107d1, color=0x0) returned 0x0
[0169.241] GetNearestColor (hdc=0x60107d1, color=0x8080ff) returned 0x8080ff
[0169.241] GetNearestColor (hdc=0x60107d1, color=0x7373e5) returned 0x7373e5
[0169.241] GetNearestColor (hdc=0x60107d1, color=0xe5) returned 0xe5
[0169.241] GetNearestColor (hdc=0x60107d1, color=0x0) returned 0x0
[0169.241] RestoreDC (hdc=0x60107d1, nSavedDC=-1) returned 1
[0169.241] GdipReleaseDC (graphics=0x6600030, hdc=0x60107d1) returned 0x0
[0169.241] IsAppThemed () returned 0x1
[0169.241] GetThemeAppProperties () returned 0x3
[0169.241] GetThemeAppProperties () returned 0x3
[0169.241] IsAppThemed () returned 0x1
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2dd02f8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0169.242] IsAppThemed () returned 0x1
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] IsAppThemed () returned 0x1
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] GetFocus () returned 0x602c4
[0169.242] IsAppThemed () returned 0x1
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] GetThemeAppProperties () returned 0x3
[0169.242] IsAppThemed () returned 0x1
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] IsThemePartDefined () returned 0x1
[0169.243] IsAppThemed () returned 0x1
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0169.243] IsAppThemed () returned 0x1
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] IsAppThemed () returned 0x1
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] GetThemeAppProperties () returned 0x3
[0169.243] IsThemePartDefined () returned 0x1
[0169.243] GdipCreateRegion (region=0xd7e508) returned 0x0
[0169.243] GdipGetClip (graphics=0x6600030, region=0x66443e8) returned 0x0
[0169.244] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0169.244] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0169.244] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e520) returned 0x0
[0169.244] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0169.244] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eed00) returned 0x0
[0169.244] LocalFree (hMem=0x11eed00) returned 0x0
[0169.244] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0169.245] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0169.245] LocalFree (hMem=0x11ee788) returned 0x0
[0169.245] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0169.245] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0169.245] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0169.245] GdipGetRegionHRgn (region=0x66443e8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0169.245] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0169.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0169.245] GetCurrentObject (hdc=0x60107d1, type=0x1) returned 0xb00017
[0169.245] GetCurrentObject (hdc=0x60107d1, type=0x2) returned 0x900010
[0169.245] GetCurrentObject (hdc=0x60107d1, type=0x7) returned 0x4a0507fe
[0169.245] GetCurrentObject (hdc=0x60107d1, type=0x6) returned 0x8a01c2
[0169.245] SaveDC (hdc=0x60107d1) returned 1
[0169.245] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd40407de
[0169.245] GetClipRgn (hdc=0x60107d1, hrgn=0xd40407de) returned 0
[0169.245] SelectClipRgn (hdc=0x60107d1, hrgn=0x54040807) returned 2
[0169.246] DeleteObject (ho=0xd40407de) returned 1
[0169.246] DeleteObject (ho=0x54040807) returned 1
[0169.246] OffsetViewportOrgEx (in: hdc=0x60107d1, x=0, y=0, lppt=0x2dd09a8 | out: lppt=0x2dd09a8) returned 1
[0169.246] DrawThemeParentBackground () returned 0x0
[0169.246] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0169.246] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0169.246] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0169.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.246] GetSystemMetrics (nIndex=42) returned 0
[0169.246] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0169.246] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0169.246] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0169.246] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0169.246] SelectPalette (hdc=0x60107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0169.247] GdipCreateFromHDC (hdc=0x60107d1, graphics=0xd7dff8) returned 0x0
[0169.250] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0169.250] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0169.250] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638c68) returned 0x0
[0169.250] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfd0) returned 0x0
[0169.250] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0169.250] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0169.250] GdipGetClip (graphics=0x663bc50, region=0x66443e8) returned 0x0
[0169.250] GdipIsInfiniteRegion (region=0x66443e8, graphics=0x663bc50, result=0xd7dfc4) returned 0x0
[0169.250] GdipDeleteRegion (region=0x66443e8) returned 0x0
[0169.250] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dff0) returned 0x0
[0169.251] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0169.261] GdipFillRectangleI (graphics=0x663bc50, brush=0x66362f8, x=0, y=0, width=801, height=453) returned 0x0
[0169.261] GdipDeleteBrush (brush=0x66362f8) returned 0x0
[0169.303] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0169.303] SelectPalette (hdc=0x60107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.303] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0169.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.303] GetSystemMetrics (nIndex=42) returned 0
[0169.303] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0169.303] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0169.303] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0169.303] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0169.303] SelectPalette (hdc=0x60107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0169.303] GdipCreateFromHDC (hdc=0x60107d1, graphics=0xd7df98) returned 0x0
[0169.304] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0169.304] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0169.304] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638db8) returned 0x0
[0169.304] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df70) returned 0x0
[0169.304] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0169.304] GdipCreateRegion (region=0xd7df58) returned 0x0
[0169.304] GdipGetClip (graphics=0x663bc50, region=0x6644358) returned 0x0
[0169.304] GdipIsInfiniteRegion (region=0x6644358, graphics=0x663bc50, result=0xd7df64) returned 0x0
[0169.304] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.304] GdipSaveGraphics (graphics=0x663bc50, state=0xd7df90) returned 0x0
[0169.304] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0169.318] GdipFillRectangleI (graphics=0x663bc50, brush=0x6636df0, x=0, y=0, width=801, height=453) returned 0x0
[0169.318] GdipDeleteBrush (brush=0x6636df0) returned 0x0
[0169.320] GdipRestoreGraphics (graphics=0x663bc50, state=0xfc5c0dbd) returned 0x0
[0169.320] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0169.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0169.320] GetSystemMetrics (nIndex=42) returned 0
[0169.320] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0169.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0169.321] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0169.321] SelectPalette (hdc=0x60107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.321] RestoreDC (hdc=0x60107d1, nSavedDC=-1) returned 1
[0169.321] GdipReleaseDC (graphics=0x6600030, hdc=0x60107d1) returned 0x0
[0169.321] IsAppThemed () returned 0x1
[0169.321] GetThemeAppProperties () returned 0x3
[0169.321] GetThemeAppProperties () returned 0x3
[0169.321] IsAppThemed () returned 0x1
[0169.321] GetThemeAppProperties () returned 0x3
[0169.321] GetThemeAppProperties () returned 0x3
[0169.321] IsThemePartDefined () returned 0x1
[0169.321] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0169.321] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.322] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0169.322] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0169.322] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e4a4) returned 0x0
[0169.322] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0169.322] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0169.322] LocalFree (hMem=0x11ee788) returned 0x0
[0169.322] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0169.322] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0169.322] LocalFree (hMem=0x11eec58) returned 0x0
[0169.322] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0169.322] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0169.322] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0169.322] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0169.322] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.322] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0169.322] GetCurrentObject (hdc=0x60107d1, type=0x1) returned 0xb00017
[0169.322] GetCurrentObject (hdc=0x60107d1, type=0x2) returned 0x900010
[0169.323] GetCurrentObject (hdc=0x60107d1, type=0x7) returned 0x4a0507fe
[0169.323] GetCurrentObject (hdc=0x60107d1, type=0x6) returned 0x8a01c2
[0169.323] SaveDC (hdc=0x60107d1) returned 1
[0169.323] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0169.323] GetClipRgn (hdc=0x60107d1, hrgn=0x55040807) returned 0
[0169.323] SelectClipRgn (hdc=0x60107d1, hrgn=0xd60407de) returned 2
[0169.323] DeleteObject (ho=0x55040807) returned 1
[0169.323] DeleteObject (ho=0xd60407de) returned 1
[0169.323] OffsetViewportOrgEx (in: hdc=0x60107d1, x=0, y=0, lppt=0x2dd71f8 | out: lppt=0x2dd71f8) returned 1
[0169.323] IsAppThemed () returned 0x1
[0169.323] GetThemeAppProperties () returned 0x3
[0169.323] GetThemeAppProperties () returned 0x3
[0169.323] DrawThemeBackground () returned 0x0
[0169.323] RestoreDC (hdc=0x60107d1, nSavedDC=-1) returned 1
[0169.324] GdipReleaseDC (graphics=0x6600030, hdc=0x60107d1) returned 0x0
[0169.324] GdipCreateRegion (region=0xd7e490) returned 0x0
[0169.324] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0169.324] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0169.324] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0169.324] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e4a8) returned 0x0
[0169.324] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0169.324] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0169.324] LocalFree (hMem=0x11ee9f0) returned 0x0
[0169.324] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0169.324] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea98) returned 0x0
[0169.324] LocalFree (hMem=0x11eea98) returned 0x0
[0169.324] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0169.324] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0169.324] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0169.324] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0169.324] GdipDeleteRegion (region=0x6644358) returned 0x0
[0169.325] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0169.325] GetCurrentObject (hdc=0x60107d1, type=0x1) returned 0xb00017
[0169.325] GetCurrentObject (hdc=0x60107d1, type=0x2) returned 0x900010
[0169.325] GetCurrentObject (hdc=0x60107d1, type=0x7) returned 0x4a0507fe
[0169.325] GetCurrentObject (hdc=0x60107d1, type=0x6) returned 0x8a01c2
[0169.325] SaveDC (hdc=0x60107d1) returned 1
[0169.327] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd70407de
[0169.327] GetClipRgn (hdc=0x60107d1, hrgn=0xd70407de) returned 0
[0169.327] SelectClipRgn (hdc=0x60107d1, hrgn=0x56040807) returned 2
[0169.327] DeleteObject (ho=0xd70407de) returned 1
[0169.327] DeleteObject (ho=0x56040807) returned 1
[0169.327] OffsetViewportOrgEx (in: hdc=0x60107d1, x=0, y=0, lppt=0x2dd74cc | out: lppt=0x2dd74cc) returned 1
[0169.328] IsAppThemed () returned 0x1
[0169.328] GetThemeAppProperties () returned 0x3
[0169.328] GetThemeAppProperties () returned 0x3
[0169.328] GetThemeBackgroundContentRect () returned 0x0
[0169.328] RestoreDC (hdc=0x60107d1, nSavedDC=-1) returned 1
[0169.328] GdipReleaseDC (graphics=0x6600030, hdc=0x60107d1) returned 0x0
[0169.328] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0169.328] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0169.328] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0169.328] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0169.328] IsAppThemed () returned 0x1
[0169.328] GetThemeAppProperties () returned 0x3
[0169.328] GetThemeAppProperties () returned 0x3
[0169.328] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0169.328] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0169.328] GetCurrentObject (hdc=0x60107d1, type=0x1) returned 0xb00017
[0169.328] GetCurrentObject (hdc=0x60107d1, type=0x2) returned 0x900010
[0169.328] GetCurrentObject (hdc=0x60107d1, type=0x7) returned 0x4a0507fe
[0169.329] GetCurrentObject (hdc=0x60107d1, type=0x6) returned 0x8a01c2
[0169.329] SaveDC (hdc=0x60107d1) returned 1
[0169.329] GetTextAlign (hdc=0x60107d1) returned 0x0
[0169.329] GetTextColor (hdc=0x60107d1) returned 0x0
[0169.329] GetCurrentObject (hdc=0x60107d1, type=0x6) returned 0x8a01c2
[0169.329] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0169.329] SelectObject (hdc=0x60107d1, h=0x6d0a0520) returned 0x8a01c2
[0169.329] GetBkMode (hdc=0x60107d1) returned 2
[0169.329] SetBkMode (hdc=0x60107d1, mode=1) returned 2
[0169.329] DrawTextExW (in: hdc=0x60107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2dd7890 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0169.330] DrawTextExW (in: hdc=0x60107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2dd7890 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0169.330] RestoreDC (hdc=0x60107d1, nSavedDC=-1) returned 1
[0169.330] GdipReleaseDC (graphics=0x6600030, hdc=0x60107d1) returned 0x0
[0169.330] GetFocus () returned 0x602c4
[0169.330] IsAppThemed () returned 0x1
[0169.330] GetThemeAppProperties () returned 0x3
[0169.330] GetThemeAppProperties () returned 0x3
[0169.330] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0169.331] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x60107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0169.331] GdipReleaseDC (graphics=0x6600030, hdc=0x60107d1) returned 0x0
[0169.331] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0169.331] SelectObject (hdc=0x60107d1, h=0x85000f) returned 0x4a0507fe
[0169.331] DeleteDC (hdc=0x60107d1) returned 1
[0169.331] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0169.331] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0169.331] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.331] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.331] WaitMessage () returned 1
[0169.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.345] IsWindowUnicode (hWnd=0x7005c) returned 1
[0169.345] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.345] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.345] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.345] IsWindowUnicode (hWnd=0x7005c) returned 1
[0169.345] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.345] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.345] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.345] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1080254) returned 0x0
[0169.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.345] WaitMessage () returned 1
[0169.441] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.441] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.441] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.441] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.441] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.442] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.442] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.442] WaitMessage () returned 1
[0169.443] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.443] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.443] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.443] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.443] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.444] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.444] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.444] WaitMessage () returned 1
[0169.445] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.445] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.445] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.445] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.445] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.447] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.447] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.447] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.447] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.447] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.447] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.448] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.448] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.448] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.448] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.448] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.448] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.448] WaitMessage () returned 1
[0169.449] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.449] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.449] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.449] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.449] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.456] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.457] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.457] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.457] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.457] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.457] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.457] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.457] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.457] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.457] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.457] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.458] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.458] WaitMessage () returned 1
[0169.460] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.460] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.460] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.460] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.460] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.461] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.462] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.462] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.462] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.462] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.462] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.462] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.462] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.462] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.464] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.464] WaitMessage () returned 1
[0169.464] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.464] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.464] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.464] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.464] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.466] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.466] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.466] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.467] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.467] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.467] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.467] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.467] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.467] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.467] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.467] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.468] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.468] WaitMessage () returned 1
[0169.469] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.469] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.470] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.470] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.470] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.471] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.471] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.471] WaitMessage () returned 1
[0169.472] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.472] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.472] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.472] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.472] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.473] WaitMessage () returned 1
[0169.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.474] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.474] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.474] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.474] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.475] WaitMessage () returned 1
[0169.476] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.476] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.476] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.476] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.476] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.478] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.478] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.478] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.478] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.479] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.479] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.479] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.479] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.479] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.479] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.480] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.480] WaitMessage () returned 1
[0169.480] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.480] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.480] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.480] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.480] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.485] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.485] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.486] WaitMessage () returned 1
[0169.490] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.490] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.490] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.490] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.490] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.491] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.492] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.492] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.492] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.492] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.492] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.492] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.492] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.492] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.493] WaitMessage () returned 1
[0169.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.493] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.494] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.494] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.495] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.495] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.495] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.495] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.495] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.496] IsWindowUnicode (hWnd=0x30122) returned 1
[0169.496] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.496] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.496] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.496] WaitMessage () returned 1
[0169.499] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.499] IsWindowUnicode (hWnd=0x502c6) returned 1
[0169.499] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0169.499] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0169.499] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0169.500] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.500] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0169.500] WaitMessage () returned 1
[0171.301] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.301] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750110) returned 0x1
[0171.301] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.302] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.302] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0171.302] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0171.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0171.302] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750110) returned 0x1
[0171.302] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.302] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750110) returned 0x1
[0171.302] SetCursor (hCursor=0x10003) returned 0x10003
[0171.303] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0171.303] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0171.303] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0171.303] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0171.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0171.303] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0171.303] GetKeyState (nVirtKey=1) returned 1
[0171.303] GetKeyState (nVirtKey=2) returned 0
[0171.303] GetKeyState (nVirtKey=4) returned 0
[0171.303] GetKeyState (nVirtKey=5) returned 0
[0171.303] GetKeyState (nVirtKey=6) returned 0
[0171.303] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.304] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.304] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.304] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0171.304] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0171.304] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0171.304] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.304] CreateCompatibleDC (hdc=0xf0105ee) returned 0x380107f1
[0171.304] SelectObject (hdc=0x380107f1, h=0x4a0507fe) returned 0x85000f
[0171.305] GdipCreateFromHDC (hdc=0x380107f1, graphics=0xd7e798) returned 0x0
[0171.305] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0171.305] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0171.305] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0171.305] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0171.305] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e7f8) returned 0x0
[0171.305] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0171.306] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0171.306] LocalFree (hMem=0x11ee788) returned 0x0
[0171.306] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0171.306] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0171.306] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.306] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0171.306] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0171.306] GdipRestoreGraphics (graphics=0x6600030, state=0xfc5a0dbd) returned 0x0
[0171.306] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.306] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0171.306] GetCurrentObject (hdc=0x380107f1, type=0x1) returned 0xb00017
[0171.306] GetCurrentObject (hdc=0x380107f1, type=0x2) returned 0x900010
[0171.306] GetCurrentObject (hdc=0x380107f1, type=0x7) returned 0x4a0507fe
[0171.306] GetCurrentObject (hdc=0x380107f1, type=0x6) returned 0x8a01c2
[0171.307] SaveDC (hdc=0x380107f1) returned 1
[0171.307] GetNearestColor (hdc=0x380107f1, color=0xff) returned 0xff
[0171.307] GetNearestColor (hdc=0x380107f1, color=0x55) returned 0x55
[0171.307] GetNearestColor (hdc=0x380107f1, color=0x0) returned 0x0
[0171.307] GetNearestColor (hdc=0x380107f1, color=0x55) returned 0x55
[0171.307] GetNearestColor (hdc=0x380107f1, color=0x0) returned 0x0
[0171.307] GetNearestColor (hdc=0x380107f1, color=0x8080ff) returned 0x8080ff
[0171.307] GetNearestColor (hdc=0x380107f1, color=0x7373e5) returned 0x7373e5
[0171.307] GetNearestColor (hdc=0x380107f1, color=0xe5) returned 0xe5
[0171.307] GetNearestColor (hdc=0x380107f1, color=0x0) returned 0x0
[0171.308] RestoreDC (hdc=0x380107f1, nSavedDC=-1) returned 1
[0171.308] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f1) returned 0x0
[0171.308] IsAppThemed () returned 0x1
[0171.308] GetThemeAppProperties () returned 0x3
[0171.308] GetThemeAppProperties () returned 0x3
[0171.308] IsAppThemed () returned 0x1
[0171.308] GetThemeAppProperties () returned 0x3
[0171.308] GetThemeAppProperties () returned 0x3
[0171.308] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2dd82d8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0171.309] IsAppThemed () returned 0x1
[0171.309] GetThemeAppProperties () returned 0x3
[0171.309] GetThemeAppProperties () returned 0x3
[0171.309] IsAppThemed () returned 0x1
[0171.309] GetThemeAppProperties () returned 0x3
[0171.309] GetThemeAppProperties () returned 0x3
[0171.309] IsAppThemed () returned 0x1
[0171.309] GetThemeAppProperties () returned 0x3
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] IsAppThemed () returned 0x1
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] IsThemePartDefined () returned 0x1
[0171.310] IsAppThemed () returned 0x1
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0171.310] IsAppThemed () returned 0x1
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] IsAppThemed () returned 0x1
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] GetThemeAppProperties () returned 0x3
[0171.310] IsThemePartDefined () returned 0x1
[0171.310] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0171.310] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.311] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0171.311] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0171.311] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e514) returned 0x0
[0171.311] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0171.311] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0171.311] LocalFree (hMem=0x11ee788) returned 0x0
[0171.311] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.311] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0171.311] LocalFree (hMem=0x11ee868) returned 0x0
[0171.311] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0171.311] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0171.311] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0171.311] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0171.312] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.312] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0171.312] GetCurrentObject (hdc=0x380107f1, type=0x1) returned 0xb00017
[0171.312] GetCurrentObject (hdc=0x380107f1, type=0x2) returned 0x900010
[0171.312] GetCurrentObject (hdc=0x380107f1, type=0x7) returned 0x4a0507fe
[0171.312] GetCurrentObject (hdc=0x380107f1, type=0x6) returned 0x8a01c2
[0171.312] SaveDC (hdc=0x380107f1) returned 1
[0171.312] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x57040807
[0171.312] GetClipRgn (hdc=0x380107f1, hrgn=0x57040807) returned 0
[0171.312] SelectClipRgn (hdc=0x380107f1, hrgn=0xdb0407de) returned 2
[0171.312] DeleteObject (ho=0x57040807) returned 1
[0171.312] DeleteObject (ho=0xdb0407de) returned 1
[0171.312] OffsetViewportOrgEx (in: hdc=0x380107f1, x=0, y=0, lppt=0x2dd8988 | out: lppt=0x2dd8988) returned 1
[0171.312] DrawThemeParentBackground () returned 0x0
[0171.313] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0171.313] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0171.313] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0171.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0171.313] GetSystemMetrics (nIndex=42) returned 0
[0171.313] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0171.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0171.313] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0171.313] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0171.313] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0171.313] SelectPalette (hdc=0x380107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.314] GdipCreateFromHDC (hdc=0x380107f1, graphics=0xd7dff0) returned 0x0
[0171.314] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0171.314] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0171.314] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638c08) returned 0x0
[0171.314] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfc8) returned 0x0
[0171.314] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0171.314] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0171.314] GdipGetClip (graphics=0x663bc50, region=0x6644358) returned 0x0
[0171.314] GdipIsInfiniteRegion (region=0x6644358, graphics=0x663bc50, result=0xd7dfbc) returned 0x0
[0171.314] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.314] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dfe8) returned 0x0
[0171.315] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0171.323] GdipFillRectangleI (graphics=0x663bc50, brush=0x6636df0, x=0, y=0, width=801, height=453) returned 0x0
[0171.323] GdipDeleteBrush (brush=0x6636df0) returned 0x0
[0171.324] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0171.324] SelectPalette (hdc=0x380107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.324] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0171.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0171.324] GetSystemMetrics (nIndex=42) returned 0
[0171.324] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0171.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0171.324] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0171.324] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0171.324] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0171.325] SelectPalette (hdc=0x380107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.325] GdipCreateFromHDC (hdc=0x380107f1, graphics=0xd7df90) returned 0x0
[0171.325] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0171.325] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0171.325] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638b48) returned 0x0
[0171.325] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df68) returned 0x0
[0171.325] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0171.325] GdipCreateRegion (region=0xd7df50) returned 0x0
[0171.325] GdipGetClip (graphics=0x663bc50, region=0x6644358) returned 0x0
[0171.325] GdipIsInfiniteRegion (region=0x6644358, graphics=0x663bc50, result=0xd7df5c) returned 0x0
[0171.325] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.325] GdipSaveGraphics (graphics=0x663bc50, state=0xd7df88) returned 0x0
[0171.325] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0171.333] GdipFillRectangleI (graphics=0x663bc50, brush=0x6637060, x=0, y=0, width=801, height=453) returned 0x0
[0171.333] GdipDeleteBrush (brush=0x6637060) returned 0x0
[0171.333] GdipRestoreGraphics (graphics=0x663bc50, state=0xfc560dbd) returned 0x0
[0171.334] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0171.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0171.334] GetSystemMetrics (nIndex=42) returned 0
[0171.334] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0171.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0171.334] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0171.334] SelectPalette (hdc=0x380107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.334] RestoreDC (hdc=0x380107f1, nSavedDC=-1) returned 1
[0171.334] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f1) returned 0x0
[0171.334] IsAppThemed () returned 0x1
[0171.334] GetThemeAppProperties () returned 0x3
[0171.335] GetThemeAppProperties () returned 0x3
[0171.335] IsAppThemed () returned 0x1
[0171.335] GetThemeAppProperties () returned 0x3
[0171.335] GetThemeAppProperties () returned 0x3
[0171.335] IsThemePartDefined () returned 0x1
[0171.335] GdipCreateRegion (region=0xd7e480) returned 0x0
[0171.335] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.335] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0171.335] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0171.335] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e498) returned 0x0
[0171.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.335] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0171.335] LocalFree (hMem=0x11ee868) returned 0x0
[0171.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0171.335] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0171.335] LocalFree (hMem=0x11ee788) returned 0x0
[0171.335] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0171.335] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0171.335] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0171.336] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0171.336] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.336] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0171.336] GetCurrentObject (hdc=0x380107f1, type=0x1) returned 0xb00017
[0171.336] GetCurrentObject (hdc=0x380107f1, type=0x2) returned 0x900010
[0171.336] GetCurrentObject (hdc=0x380107f1, type=0x7) returned 0x4a0507fe
[0171.336] GetCurrentObject (hdc=0x380107f1, type=0x6) returned 0x8a01c2
[0171.336] SaveDC (hdc=0x380107f1) returned 1
[0171.336] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdc0407de
[0171.336] GetClipRgn (hdc=0x380107f1, hrgn=0xdc0407de) returned 0
[0171.336] SelectClipRgn (hdc=0x380107f1, hrgn=0x59040807) returned 2
[0171.336] DeleteObject (ho=0xdc0407de) returned 1
[0171.336] DeleteObject (ho=0x59040807) returned 1
[0171.336] OffsetViewportOrgEx (in: hdc=0x380107f1, x=0, y=0, lppt=0x2ddf1d8 | out: lppt=0x2ddf1d8) returned 1
[0171.336] IsAppThemed () returned 0x1
[0171.337] GetThemeAppProperties () returned 0x3
[0171.337] GetThemeAppProperties () returned 0x3
[0171.337] DrawThemeBackground () returned 0x0
[0171.337] RestoreDC (hdc=0x380107f1, nSavedDC=-1) returned 1
[0171.337] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f1) returned 0x0
[0171.337] GdipCreateRegion (region=0xd7e484) returned 0x0
[0171.337] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.337] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0171.337] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0171.337] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e49c) returned 0x0
[0171.337] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0171.337] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0171.337] LocalFree (hMem=0x11ee788) returned 0x0
[0171.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0171.338] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0171.338] LocalFree (hMem=0x11eec58) returned 0x0
[0171.338] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0171.338] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0171.338] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0171.338] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0171.338] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.338] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0171.338] GetCurrentObject (hdc=0x380107f1, type=0x1) returned 0xb00017
[0171.338] GetCurrentObject (hdc=0x380107f1, type=0x2) returned 0x900010
[0171.338] GetCurrentObject (hdc=0x380107f1, type=0x7) returned 0x4a0507fe
[0171.338] GetCurrentObject (hdc=0x380107f1, type=0x6) returned 0x8a01c2
[0171.338] SaveDC (hdc=0x380107f1) returned 1
[0171.338] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a040807
[0171.338] GetClipRgn (hdc=0x380107f1, hrgn=0x5a040807) returned 0
[0171.339] SelectClipRgn (hdc=0x380107f1, hrgn=0xdd0407de) returned 2
[0171.339] DeleteObject (ho=0x5a040807) returned 1
[0171.339] DeleteObject (ho=0xdd0407de) returned 1
[0171.339] OffsetViewportOrgEx (in: hdc=0x380107f1, x=0, y=0, lppt=0x2ddf4ac | out: lppt=0x2ddf4ac) returned 1
[0171.339] IsAppThemed () returned 0x1
[0171.339] GetThemeAppProperties () returned 0x3
[0171.339] GetThemeAppProperties () returned 0x3
[0171.339] GetThemeBackgroundContentRect () returned 0x0
[0171.339] RestoreDC (hdc=0x380107f1, nSavedDC=-1) returned 1
[0171.339] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f1) returned 0x0
[0171.339] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0171.339] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0171.339] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0171.339] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0171.339] IsAppThemed () returned 0x1
[0171.340] GetThemeAppProperties () returned 0x3
[0171.340] GetThemeAppProperties () returned 0x3
[0171.340] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0171.340] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0171.340] GetCurrentObject (hdc=0x380107f1, type=0x1) returned 0xb00017
[0171.340] GetCurrentObject (hdc=0x380107f1, type=0x2) returned 0x900010
[0171.340] GetCurrentObject (hdc=0x380107f1, type=0x7) returned 0x4a0507fe
[0171.340] GetCurrentObject (hdc=0x380107f1, type=0x6) returned 0x8a01c2
[0171.340] SaveDC (hdc=0x380107f1) returned 1
[0171.340] GetTextAlign (hdc=0x380107f1) returned 0x0
[0171.340] GetTextColor (hdc=0x380107f1) returned 0x0
[0171.340] GetCurrentObject (hdc=0x380107f1, type=0x6) returned 0x8a01c2
[0171.340] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0171.340] SelectObject (hdc=0x380107f1, h=0x6d0a0520) returned 0x8a01c2
[0171.343] GetBkMode (hdc=0x380107f1) returned 2
[0171.343] SetBkMode (hdc=0x380107f1, mode=1) returned 2
[0171.343] DrawTextExW (in: hdc=0x380107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ddf870 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0171.343] DrawTextExW (in: hdc=0x380107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ddf870 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0171.344] RestoreDC (hdc=0x380107f1, nSavedDC=-1) returned 1
[0171.344] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f1) returned 0x0
[0171.344] GetFocus () returned 0x602c4
[0171.344] IsAppThemed () returned 0x1
[0171.344] GetThemeAppProperties () returned 0x3
[0171.344] GetThemeAppProperties () returned 0x3
[0171.344] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0171.344] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x380107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0171.345] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f1) returned 0x0
[0171.345] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.345] SelectObject (hdc=0x380107f1, h=0x85000f) returned 0x4a0507fe
[0171.345] DeleteDC (hdc=0x380107f1) returned 1
[0171.346] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.346] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0171.346] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0171.346] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0171.346] WaitMessage () returned 1
[0171.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.404] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.404] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.404] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0171.404] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0171.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.404] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.404] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.404] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0171.404] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0171.404] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xe0035) returned 0x0
[0171.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0171.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0171.404] WaitMessage () returned 1
[0171.554] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750110) returned 0x1
[0171.555] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.555] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.555] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750110) returned 0x1
[0171.555] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0171.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1a00052) returned 0x0
[0171.555] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0171.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0171.555] SetCursor (hCursor=0x10003) returned 0x10003
[0171.555] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0171.555] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0171.555] GetKeyState (nVirtKey=1) returned -128
[0171.556] GetKeyState (nVirtKey=2) returned 0
[0171.556] GetKeyState (nVirtKey=4) returned 0
[0171.556] GetKeyState (nVirtKey=5) returned 0
[0171.556] GetKeyState (nVirtKey=6) returned 0
[0171.556] IsWindowVisible (hWnd=0x602c4) returned 1
[0171.556] IsWindowEnabled (hWnd=0x602c4) returned 1
[0171.556] SetFocus (hWnd=0x602c4) returned 0x602c4
[0171.556] GetFocus () returned 0x602c4
[0171.556] GetFocus () returned 0x602c4
[0171.556] GetFocus () returned 0x602c4
[0171.556] GetKeyState (nVirtKey=1) returned -128
[0171.556] GetKeyState (nVirtKey=2) returned 0
[0171.556] GetKeyState (nVirtKey=4) returned 0
[0171.556] GetKeyState (nVirtKey=5) returned 0
[0171.556] GetKeyState (nVirtKey=6) returned 0
[0171.556] GetCapture () returned 0x0
[0171.556] SetCapture (hWnd=0x602c4) returned 0x0
[0171.556] GetKeyState (nVirtKey=1) returned -128
[0171.556] GetKeyState (nVirtKey=2) returned 0
[0171.556] GetKeyState (nVirtKey=4) returned 0
[0171.556] GetKeyState (nVirtKey=5) returned 0
[0171.556] GetKeyState (nVirtKey=6) returned 0
[0171.556] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0171.556] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0171.556] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.557] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.557] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0171.557] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0171.557] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0171.557] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ddf9f4, cPoints=0x1 | out: lpPoints=0x2ddf9f4) returned 40304859
[0171.557] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0171.557] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0171.557] UpdateWindow (hWnd=0x602c4) returned 1
[0171.557] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0171.557] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.557] CreateCompatibleDC (hdc=0xf0105ee) returned 0x390107f1
[0171.557] SelectObject (hdc=0x390107f1, h=0x4a0507fe) returned 0x85000f
[0171.557] GdipCreateFromHDC (hdc=0x390107f1, graphics=0xd7e430) returned 0x0
[0171.557] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0171.557] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0171.558] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0171.558] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0171.558] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e490) returned 0x0
[0171.558] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0171.558] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0171.558] LocalFree (hMem=0x11ee9f0) returned 0x0
[0171.558] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0171.558] GdipCreateRegion (region=0xd7e478) returned 0x0
[0171.558] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.558] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e484) returned 0x0
[0171.558] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0171.558] GdipRestoreGraphics (graphics=0x6600030, state=0xfc540dbd) returned 0x0
[0171.558] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.558] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0171.558] GetCurrentObject (hdc=0x390107f1, type=0x1) returned 0xb00017
[0171.558] GetCurrentObject (hdc=0x390107f1, type=0x2) returned 0x900010
[0171.558] GetCurrentObject (hdc=0x390107f1, type=0x7) returned 0x4a0507fe
[0171.558] GetCurrentObject (hdc=0x390107f1, type=0x6) returned 0x8a01c2
[0171.558] SaveDC (hdc=0x390107f1) returned 1
[0171.558] GetNearestColor (hdc=0x390107f1, color=0xff) returned 0xff
[0171.559] GetNearestColor (hdc=0x390107f1, color=0x55) returned 0x55
[0171.559] GetNearestColor (hdc=0x390107f1, color=0x0) returned 0x0
[0171.559] GetNearestColor (hdc=0x390107f1, color=0x55) returned 0x55
[0171.559] GetNearestColor (hdc=0x390107f1, color=0x0) returned 0x0
[0171.559] GetNearestColor (hdc=0x390107f1, color=0x8080ff) returned 0x8080ff
[0171.559] GetNearestColor (hdc=0x390107f1, color=0x7373e5) returned 0x7373e5
[0171.559] GetNearestColor (hdc=0x390107f1, color=0xe5) returned 0xe5
[0171.559] GetNearestColor (hdc=0x390107f1, color=0x0) returned 0x0
[0171.559] RestoreDC (hdc=0x390107f1, nSavedDC=-1) returned 1
[0171.559] GdipReleaseDC (graphics=0x6600030, hdc=0x390107f1) returned 0x0
[0171.559] IsAppThemed () returned 0x1
[0171.559] GetThemeAppProperties () returned 0x3
[0171.559] GetThemeAppProperties () returned 0x3
[0171.559] IsAppThemed () returned 0x1
[0171.559] GetThemeAppProperties () returned 0x3
[0171.559] GetThemeAppProperties () returned 0x3
[0171.560] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2de0110 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0171.560] IsAppThemed () returned 0x1
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] IsAppThemed () returned 0x1
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] IsAppThemed () returned 0x1
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] IsAppThemed () returned 0x1
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] IsThemePartDefined () returned 0x1
[0171.560] IsAppThemed () returned 0x1
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0171.560] IsAppThemed () returned 0x1
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] GetThemeAppProperties () returned 0x3
[0171.560] IsAppThemed () returned 0x1
[0171.561] GetThemeAppProperties () returned 0x3
[0171.561] GetThemeAppProperties () returned 0x3
[0171.561] IsThemePartDefined () returned 0x1
[0171.561] GdipCreateRegion (region=0xd7e194) returned 0x0
[0171.561] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.561] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0171.561] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0171.561] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e1ac) returned 0x0
[0171.561] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0171.561] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0171.561] LocalFree (hMem=0x11ee9f0) returned 0x0
[0171.561] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0171.561] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0171.561] LocalFree (hMem=0x11ee788) returned 0x0
[0171.561] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0171.561] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0171.561] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0171.561] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0171.561] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.561] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0171.561] GetCurrentObject (hdc=0x390107f1, type=0x1) returned 0xb00017
[0171.561] GetCurrentObject (hdc=0x390107f1, type=0x2) returned 0x900010
[0171.562] GetCurrentObject (hdc=0x390107f1, type=0x7) returned 0x4a0507fe
[0171.562] GetCurrentObject (hdc=0x390107f1, type=0x6) returned 0x8a01c2
[0171.562] SaveDC (hdc=0x390107f1) returned 1
[0171.562] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xde0407de
[0171.562] GetClipRgn (hdc=0x390107f1, hrgn=0xde0407de) returned 0
[0171.562] SelectClipRgn (hdc=0x390107f1, hrgn=0x5e040807) returned 2
[0171.562] DeleteObject (ho=0xde0407de) returned 1
[0171.562] DeleteObject (ho=0x5e040807) returned 1
[0171.562] OffsetViewportOrgEx (in: hdc=0x390107f1, x=0, y=0, lppt=0x2de07c0 | out: lppt=0x2de07c0) returned 1
[0171.562] DrawThemeParentBackground () returned 0x0
[0171.562] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0171.562] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0171.562] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0171.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0171.562] GetSystemMetrics (nIndex=42) returned 0
[0171.562] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0171.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0171.562] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0171.563] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0171.563] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0171.563] SelectPalette (hdc=0x390107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.563] GdipCreateFromHDC (hdc=0x390107f1, graphics=0xd7dc88) returned 0x0
[0171.563] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0171.563] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0171.563] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638ba8) returned 0x0
[0171.563] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc60) returned 0x0
[0171.563] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0171.563] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0171.563] GdipGetClip (graphics=0x663bc50, region=0x6644358) returned 0x0
[0171.563] GdipIsInfiniteRegion (region=0x6644358, graphics=0x663bc50, result=0xd7dc54) returned 0x0
[0171.563] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.563] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dc80) returned 0x0
[0171.563] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0171.569] GdipFillRectangleI (graphics=0x663bc50, brush=0x6637060, x=0, y=0, width=801, height=453) returned 0x0
[0171.570] GdipDeleteBrush (brush=0x6637060) returned 0x0
[0171.570] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0171.570] SelectPalette (hdc=0x390107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.570] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0171.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0171.570] GetSystemMetrics (nIndex=42) returned 0
[0171.570] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0171.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0171.570] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0171.570] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0171.570] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0171.571] SelectPalette (hdc=0x390107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.571] GdipCreateFromHDC (hdc=0x390107f1, graphics=0xd7dc28) returned 0x0
[0171.571] GdipSetPageUnit (graphics=0x663bc50, unit=0x2) returned 0x0
[0171.571] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0171.571] GdipGetWorldTransform (graphics=0x663bc50, matrix=0x6638cc8) returned 0x0
[0171.571] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc00) returned 0x0
[0171.571] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0171.571] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0171.571] GdipGetClip (graphics=0x663bc50, region=0x6644358) returned 0x0
[0171.571] GdipIsInfiniteRegion (region=0x6644358, graphics=0x663bc50, result=0xd7dbf4) returned 0x0
[0171.571] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.571] GdipSaveGraphics (graphics=0x663bc50, state=0xd7dc20) returned 0x0
[0171.571] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0171.578] GdipFillRectangleI (graphics=0x663bc50, brush=0x6636910, x=0, y=0, width=801, height=453) returned 0x0
[0171.578] GdipDeleteBrush (brush=0x6636910) returned 0x0
[0171.579] GdipRestoreGraphics (graphics=0x663bc50, state=0xfc500dbd) returned 0x0
[0171.579] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0171.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0171.579] GetSystemMetrics (nIndex=42) returned 0
[0171.579] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0171.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0171.579] GdipDeleteGraphics (graphics=0x663bc50) returned 0x0
[0171.579] SelectPalette (hdc=0x390107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.579] RestoreDC (hdc=0x390107f1, nSavedDC=-1) returned 1
[0171.580] GdipReleaseDC (graphics=0x6600030, hdc=0x390107f1) returned 0x0
[0171.580] IsAppThemed () returned 0x1
[0171.580] GetThemeAppProperties () returned 0x3
[0171.580] GetThemeAppProperties () returned 0x3
[0171.580] IsAppThemed () returned 0x1
[0171.580] GetThemeAppProperties () returned 0x3
[0171.580] GetThemeAppProperties () returned 0x3
[0171.580] IsThemePartDefined () returned 0x1
[0171.580] GdipCreateRegion (region=0xd7e118) returned 0x0
[0171.580] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.580] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0171.580] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0171.580] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e130) returned 0x0
[0171.580] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0171.580] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0171.581] LocalFree (hMem=0x11ee788) returned 0x0
[0171.581] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0171.581] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0171.581] LocalFree (hMem=0x11ee788) returned 0x0
[0171.581] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0171.581] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e158) returned 0x0
[0171.581] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e148) returned 0x0
[0171.581] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0171.581] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.581] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0171.581] GetCurrentObject (hdc=0x390107f1, type=0x1) returned 0xb00017
[0171.581] GetCurrentObject (hdc=0x390107f1, type=0x2) returned 0x900010
[0171.581] GetCurrentObject (hdc=0x390107f1, type=0x7) returned 0x4a0507fe
[0171.581] GetCurrentObject (hdc=0x390107f1, type=0x6) returned 0x8a01c2
[0171.581] SaveDC (hdc=0x390107f1) returned 1
[0171.581] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0171.582] GetClipRgn (hdc=0x390107f1, hrgn=0x5f040807) returned 0
[0171.582] SelectClipRgn (hdc=0x390107f1, hrgn=0xe00407de) returned 2
[0171.582] DeleteObject (ho=0x5f040807) returned 1
[0171.582] DeleteObject (ho=0xe00407de) returned 1
[0171.582] OffsetViewportOrgEx (in: hdc=0x390107f1, x=0, y=0, lppt=0x2de7010 | out: lppt=0x2de7010) returned 1
[0171.582] IsAppThemed () returned 0x1
[0171.582] GetThemeAppProperties () returned 0x3
[0171.582] GetThemeAppProperties () returned 0x3
[0171.582] DrawThemeBackground () returned 0x0
[0171.582] RestoreDC (hdc=0x390107f1, nSavedDC=-1) returned 1
[0171.582] GdipReleaseDC (graphics=0x6600030, hdc=0x390107f1) returned 0x0
[0171.582] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0171.582] GdipGetClip (graphics=0x6600030, region=0x6644358) returned 0x0
[0171.582] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0171.582] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0171.583] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e134) returned 0x0
[0171.583] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0171.583] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0171.583] LocalFree (hMem=0x11ee910) returned 0x0
[0171.583] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0171.583] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0171.583] LocalFree (hMem=0x11eea28) returned 0x0
[0171.583] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0171.583] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0171.583] GdipIsInfiniteRegion (region=0x6644358, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0171.583] GdipGetRegionHRgn (region=0x6644358, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0171.583] GdipDeleteRegion (region=0x6644358) returned 0x0
[0171.583] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0171.583] GetCurrentObject (hdc=0x390107f1, type=0x1) returned 0xb00017
[0171.583] GetCurrentObject (hdc=0x390107f1, type=0x2) returned 0x900010
[0171.583] GetCurrentObject (hdc=0x390107f1, type=0x7) returned 0x4a0507fe
[0171.583] GetCurrentObject (hdc=0x390107f1, type=0x6) returned 0x8a01c2
[0171.584] SaveDC (hdc=0x390107f1) returned 1
[0171.584] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe10407de
[0171.584] GetClipRgn (hdc=0x390107f1, hrgn=0xe10407de) returned 0
[0171.584] SelectClipRgn (hdc=0x390107f1, hrgn=0x60040807) returned 2
[0171.584] DeleteObject (ho=0xe10407de) returned 1
[0171.584] DeleteObject (ho=0x60040807) returned 1
[0171.584] OffsetViewportOrgEx (in: hdc=0x390107f1, x=0, y=0, lppt=0x2de72e4 | out: lppt=0x2de72e4) returned 1
[0171.584] IsAppThemed () returned 0x1
[0171.584] GetThemeAppProperties () returned 0x3
[0171.584] GetThemeAppProperties () returned 0x3
[0171.584] GetThemeBackgroundContentRect () returned 0x0
[0171.584] RestoreDC (hdc=0x390107f1, nSavedDC=-1) returned 1
[0171.584] GdipReleaseDC (graphics=0x6600030, hdc=0x390107f1) returned 0x0
[0171.584] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0171.584] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0171.585] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0171.585] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0171.585] IsAppThemed () returned 0x1
[0171.585] GetThemeAppProperties () returned 0x3
[0171.585] GetThemeAppProperties () returned 0x3
[0171.585] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0171.585] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0171.585] GetCurrentObject (hdc=0x390107f1, type=0x1) returned 0xb00017
[0171.585] GetCurrentObject (hdc=0x390107f1, type=0x2) returned 0x900010
[0171.585] GetCurrentObject (hdc=0x390107f1, type=0x7) returned 0x4a0507fe
[0171.585] GetCurrentObject (hdc=0x390107f1, type=0x6) returned 0x8a01c2
[0171.585] SaveDC (hdc=0x390107f1) returned 1
[0171.585] GetTextAlign (hdc=0x390107f1) returned 0x0
[0171.585] GetTextColor (hdc=0x390107f1) returned 0x0
[0171.585] GetCurrentObject (hdc=0x390107f1, type=0x6) returned 0x8a01c2
[0171.586] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0171.586] SelectObject (hdc=0x390107f1, h=0x6d0a0520) returned 0x8a01c2
[0171.586] GetBkMode (hdc=0x390107f1) returned 2
[0171.586] SetBkMode (hdc=0x390107f1, mode=1) returned 2
[0171.586] DrawTextExW (in: hdc=0x390107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2de76a8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0171.586] DrawTextExW (in: hdc=0x390107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2de76a8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0171.587] RestoreDC (hdc=0x390107f1, nSavedDC=-1) returned 1
[0171.587] GdipReleaseDC (graphics=0x6600030, hdc=0x390107f1) returned 0x0
[0171.587] GetFocus () returned 0x602c4
[0171.587] IsAppThemed () returned 0x1
[0171.587] GetThemeAppProperties () returned 0x3
[0171.587] GetThemeAppProperties () returned 0x3
[0171.587] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0171.587] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x390107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0171.588] GdipReleaseDC (graphics=0x6600030, hdc=0x390107f1) returned 0x0
[0171.588] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.588] SelectObject (hdc=0x390107f1, h=0x85000f) returned 0x4a0507fe
[0171.588] DeleteDC (hdc=0x390107f1) returned 1
[0171.588] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.588] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0171.588] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2de77a4, cPoints=0x1 | out: lpPoints=0x2de77a4) returned 40304859
[0171.588] WindowFromPoint (Point=0x110) returned 0x602c4
[0171.589] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750110) returned 0x1
[0171.589] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0171.589] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0171.589] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0171.589] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0171.589] GetSystemMetrics (nIndex=42) returned 0
[0171.589] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0171.589] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0171.592] GetCapture () returned 0x602c4
[0171.592] ReleaseCapture () returned 1
[0171.593] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0171.593] GetProcessWindowStation () returned 0x13c
[0171.593] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.594] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0171.594] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.594] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0171.595] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.595] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0171.595] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.595] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0171.596] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.596] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0171.596] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.596] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0171.596] GetDC (hWnd=0x0) returned 0x60100ce
[0171.596] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0171.597] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0171.597] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.597] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0171.597] GetSystemMetrics (nIndex=5) returned 1
[0171.597] GetSystemMetrics (nIndex=6) returned 1
[0171.598] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.598] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0171.598] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.598] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0171.602] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0171.602] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0171.602] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.602] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0171.603] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.603] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0171.604] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2ded1c0 | out: lpData=0x2ded1c0) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ded5d0, puLen=0xd7e810) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded278, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded2cc, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded34c, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded3b4, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded3f4, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded47c, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded4b8, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded510, puLen=0xd7e790) returned 1
[0171.605] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded540, puLen=0xd7e790) returned 1
[0171.606] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.606] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded57c, puLen=0xd7e790) returned 1
[0171.606] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.606] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ded5d0, puLen=0xd7e784) returned 1
[0171.606] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.606] VerQueryValueW (in: pBlock=0x2ded1c0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ded1e8, puLen=0xd7e794) returned 1
[0171.607] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0171.607] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0171.607] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.607] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0171.607] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.607] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0171.607] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2def130 | out: lpData=0x2def130) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2def1cc, puLen=0xd7e810) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def244, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def274, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def2b0, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def2e0, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def328, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def3a0, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def3e4, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def424, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def222, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def370, puLen=0xd7e790) returned 1
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2def1cc, puLen=0xd7e784) returned 1
[0171.608] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0171.608] VerQueryValueW (in: pBlock=0x2def130, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2def158, puLen=0xd7e794) returned 1
[0171.609] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0171.609] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0171.609] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.609] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0171.610] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.610] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0171.611] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2df1408 | out: lpData=0x2df1408) returned 1
[0171.611] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df181c, puLen=0xd7e810) returned 1
[0171.611] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df14c0, puLen=0xd7e790) returned 1
[0171.611] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1514, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1570, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df15d0, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1628, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df16b0, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1704, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df175c, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df178c, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df17c8, puLen=0xd7e790) returned 1
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df181c, puLen=0xd7e784) returned 1
[0171.612] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.612] VerQueryValueW (in: pBlock=0x2df1408, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df1430, puLen=0xd7e794) returned 1
[0171.613] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0171.613] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0171.613] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.613] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0171.613] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.613] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0171.614] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2df3a40 | out: lpData=0x2df3a40) returned 1
[0171.615] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df3e40, puLen=0xd7e810) returned 1
[0171.615] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3af8, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3b4c, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3b8c, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3bf4, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3c4c, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3cd4, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3d28, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3d80, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3db0, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3dec, puLen=0xd7e790) returned 1
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df3e40, puLen=0xd7e784) returned 1
[0171.616] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.616] VerQueryValueW (in: pBlock=0x2df3a40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df3a68, puLen=0xd7e794) returned 1
[0171.617] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0171.617] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0171.617] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.617] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0171.617] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.617] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0171.619] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2df617c | out: lpData=0x2df617c) returned 1
[0171.620] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df6544, puLen=0xd7e810) returned 1
[0171.620] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6234, puLen=0xd7e790) returned 1
[0171.620] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6288, puLen=0xd7e790) returned 1
[0171.620] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df62c8, puLen=0xd7e790) returned 1
[0171.620] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6330, puLen=0xd7e790) returned 1
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df636c, puLen=0xd7e790) returned 1
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df63f4, puLen=0xd7e790) returned 1
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df642c, puLen=0xd7e790) returned 1
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6484, puLen=0xd7e790) returned 1
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df64b4, puLen=0xd7e790) returned 1
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df64f0, puLen=0xd7e790) returned 1
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df6544, puLen=0xd7e784) returned 1
[0171.621] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.621] VerQueryValueW (in: pBlock=0x2df617c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df61a4, puLen=0xd7e794) returned 1
[0171.624] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0171.624] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0171.624] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.624] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0171.625] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.625] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0171.625] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2df97e4 | out: lpData=0x2df97e4) returned 1
[0171.626] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df9bc4, puLen=0xd7e810) returned 1
[0171.626] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df989c, puLen=0xd7e790) returned 1
[0171.626] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df98f0, puLen=0xd7e790) returned 1
[0171.626] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9930, puLen=0xd7e790) returned 1
[0171.626] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9990, puLen=0xd7e790) returned 1
[0171.626] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df99dc, puLen=0xd7e790) returned 1
[0171.626] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9a64, puLen=0xd7e790) returned 1
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9aac, puLen=0xd7e790) returned 1
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9b04, puLen=0xd7e790) returned 1
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9b34, puLen=0xd7e790) returned 1
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9b70, puLen=0xd7e790) returned 1
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df9bc4, puLen=0xd7e784) returned 1
[0171.627] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.627] VerQueryValueW (in: pBlock=0x2df97e4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df980c, puLen=0xd7e794) returned 1
[0171.628] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0171.628] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0171.628] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.628] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0171.628] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.628] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0171.629] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2dfc004 | out: lpData=0x2dfc004) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfc410, puLen=0xd7e810) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc0bc, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc110, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc164, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc1c4, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc21c, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc2a4, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc2f8, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc350, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc380, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc3bc, puLen=0xd7e790) returned 1
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfc410, puLen=0xd7e784) returned 1
[0171.630] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.630] VerQueryValueW (in: pBlock=0x2dfc004, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfc02c, puLen=0xd7e794) returned 1
[0171.631] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0171.631] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0171.632] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.632] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0171.632] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.632] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0171.633] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dfe818 | out: lpData=0x2dfe818) returned 1
[0171.633] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfebf0, puLen=0xd7e810) returned 1
[0171.633] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe8d0, puLen=0xd7e790) returned 1
[0171.633] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe924, puLen=0xd7e790) returned 1
[0171.633] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe964, puLen=0xd7e790) returned 1
[0171.633] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe9cc, puLen=0xd7e790) returned 1
[0171.633] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfea10, puLen=0xd7e790) returned 1
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfea98, puLen=0xd7e790) returned 1
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfead8, puLen=0xd7e790) returned 1
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeb30, puLen=0xd7e790) returned 1
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeb60, puLen=0xd7e790) returned 1
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeb9c, puLen=0xd7e790) returned 1
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfebf0, puLen=0xd7e784) returned 1
[0171.634] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.634] VerQueryValueW (in: pBlock=0x2dfe818, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfe840, puLen=0xd7e794) returned 1
[0171.635] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0171.635] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0171.635] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.635] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0171.635] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.635] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0171.636] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e00d70 | out: lpData=0x2e00d70) returned 1
[0171.637] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e01148, puLen=0xd7e810) returned 1
[0171.637] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00e28, puLen=0xd7e790) returned 1
[0171.637] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00e7c, puLen=0xd7e790) returned 1
[0171.637] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00ebc, puLen=0xd7e790) returned 1
[0171.637] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00f24, puLen=0xd7e790) returned 1
[0171.637] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00f68, puLen=0xd7e790) returned 1
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00ff0, puLen=0xd7e790) returned 1
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01030, puLen=0xd7e790) returned 1
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01088, puLen=0xd7e790) returned 1
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e010b8, puLen=0xd7e790) returned 1
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e010f4, puLen=0xd7e790) returned 1
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e01148, puLen=0xd7e784) returned 1
[0171.638] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.638] VerQueryValueW (in: pBlock=0x2e00d70, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e00d98, puLen=0xd7e794) returned 1
[0171.639] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0171.639] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0171.639] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0171.639] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0171.639] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0171.639] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0171.640] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e034a8 | out: lpData=0x2e034a8) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e038d8, puLen=0xd7e810) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03560, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e035b4, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03624, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03684, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e036e0, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03768, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e037c0, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03818, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03848, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03884, puLen=0xd7e790) returned 1
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0171.641] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e038d8, puLen=0xd7e784) returned 1
[0171.642] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0171.642] VerQueryValueW (in: pBlock=0x2e034a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e034d0, puLen=0xd7e794) returned 1
[0171.642] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0171.643] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.643] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0171.643] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.643] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.643] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02da
[0171.644] SetWindowLongW (hWnd=0xa02da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0171.644] GetWindowLongW (hWnd=0xa02da, nIndex=-4) returned 1950089536
[0171.645] SetWindowLongW (hWnd=0xa02da, nIndex=-4, dwNewLong=19939086) returned 1950089536
[0171.645] GetWindowLongW (hWnd=0xa02da, nIndex=-4) returned 19939086
[0171.645] GetWindowLongW (hWnd=0xa02da, nIndex=-16) returned 113311744
[0171.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0171.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0171.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0171.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0171.646] GetClientRect (in: hWnd=0xa02da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0171.646] GetWindowRect (in: hWnd=0xa02da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0171.646] SetWindowTextW (hWnd=0xa02da, lpString="WindowsFormsParkingWindow") returned 1
[0171.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0xc, wParam=0x0, lParam=0x2dc8980) returned 0x1
[0171.647] GetParent (hWnd=0xa02da) returned 0x0
[0171.647] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.647] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xa02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd00ea
[0171.648] SetWindowLongW (hWnd=0xd00ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0171.648] GetWindowLongW (hWnd=0xd00ea, nIndex=-4) returned 1868147648
[0171.649] SetWindowLongW (hWnd=0xd00ea, nIndex=-4, dwNewLong=19943526) returned 1868147648
[0171.649] GetWindowLongW (hWnd=0xd00ea, nIndex=-4) returned 19943526
[0171.649] GetWindowLongW (hWnd=0xd00ea, nIndex=-16) returned 1174405133
[0171.649] GetWindowLongW (hWnd=0xd00ea, nIndex=-12) returned 0
[0171.649] SetWindowLongW (hWnd=0xd00ea, nIndex=-12, dwNewLong=852202) returned 0
[0171.649] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0171.650] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0171.650] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0171.651] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0171.651] GetWindowRect (in: hWnd=0xd00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0171.651] GetParent (hWnd=0xd00ea) returned 0xa02da
[0171.651] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0171.652] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0171.652] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0171.652] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0171.652] GetWindowRect (in: hWnd=0xd00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0171.652] GetParent (hWnd=0xd00ea) returned 0xa02da
[0171.652] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0171.652] SendMessageW (hWnd=0xd00ea, Msg=0x2210, wParam=0xea0001, lParam=0xd00ea) returned 0x0
[0171.652] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x2210, wParam=0xea0001, lParam=0xd00ea) returned 0x0
[0171.652] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.652] GetParent (hWnd=0xd00ea) returned 0xa02da
[0171.652] GdipCreateFromHWND (hwnd=0xd00ea, graphics=0xd7e844) returned 0x0
[0171.653] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0171.655] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.655] GetForegroundWindow () returned 0x602c4
[0171.655] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.655] GetCursorPos (in: lpPoint=0x2e077b4 | out: lpPoint=0x2e077b4*(x=272, y=629)) returned 1
[0171.655] MonitorFromPoint (pt=0x110, dwFlags=0x275) returned 0x10001
[0171.655] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0171.656] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3c0107f1
[0171.656] GetDeviceCaps (hdc=0x3c0107f1, index=12) returned 32
[0171.656] GetDeviceCaps (hdc=0x3c0107f1, index=14) returned 1
[0171.656] DeleteDC (hdc=0x3c0107f1) returned 1
[0171.656] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0171.656] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0171.656] GetSystemMetrics (nIndex=59) returned 1460
[0171.656] GetSystemMetrics (nIndex=60) returned 920
[0171.656] GetSystemMetrics (nIndex=34) returned 136
[0171.656] GetSystemMetrics (nIndex=35) returned 39
[0171.656] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.656] GetCursorPos (in: lpPoint=0x2e07a20 | out: lpPoint=0x2e07a20*(x=272, y=629)) returned 1
[0171.657] MonitorFromPoint (pt=0x110, dwFlags=0x278) returned 0x10001
[0171.657] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0171.657] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3d0107f1
[0171.657] GetDeviceCaps (hdc=0x3d0107f1, index=12) returned 32
[0171.657] GetDeviceCaps (hdc=0x3d0107f1, index=14) returned 1
[0171.657] DeleteDC (hdc=0x3d0107f1) returned 1
[0171.657] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0171.657] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0171.657] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.657] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0171.657] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e07cb8 | out: piconinfo=0x2e07cb8) returned 1
[0171.658] GetObjectW (in: h=0x8f0507e9, c=24, pv=0x2e07cd4 | out: pv=0x2e07cd4) returned 24
[0171.658] GdipCreateBitmapFromHBITMAP (hbm=0x8f0507e9, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0171.658] GdipGetImageWidth (image=0x6602080, width=0xd7e750) returned 0x0
[0171.658] GdipGetImageHeight (image=0x6602080, height=0xd7e748) returned 0x0
[0171.658] GdipGetImagePixelFormat (image=0x6602080, format=0xd7e740) returned 0x0
[0171.658] GdipBitmapLockBits (bitmap=0x6602080, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e07d8c) returned 0x0
[0171.658] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0171.658] GdipBitmapLockBits (bitmap=0x6602da0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e07dc4) returned 0x0
[0171.659] RtlMoveMemory (in: Destination=0x663bc50, Source=0x663a010, Length=0x80 | out: Destination=0x663bc50)
[0171.659] RtlMoveMemory (in: Destination=0x663bcd0, Source=0x6639f90, Length=0x80 | out: Destination=0x663bcd0)
[0171.659] RtlMoveMemory (in: Destination=0x663bd50, Source=0x6639f10, Length=0x80 | out: Destination=0x663bd50)
[0171.659] RtlMoveMemory (in: Destination=0x663bdd0, Source=0x6639e90, Length=0x80 | out: Destination=0x663bdd0)
[0171.659] RtlMoveMemory (in: Destination=0x663be50, Source=0x6639e10, Length=0x80 | out: Destination=0x663be50)
[0171.659] RtlMoveMemory (in: Destination=0x663bed0, Source=0x6639d90, Length=0x80 | out: Destination=0x663bed0)
[0171.659] RtlMoveMemory (in: Destination=0x663bf50, Source=0x6639d10, Length=0x80 | out: Destination=0x663bf50)
[0171.659] RtlMoveMemory (in: Destination=0x663bfd0, Source=0x6639c90, Length=0x80 | out: Destination=0x663bfd0)
[0171.659] RtlMoveMemory (in: Destination=0x663c050, Source=0x6639c10, Length=0x80 | out: Destination=0x663c050)
[0171.659] RtlMoveMemory (in: Destination=0x663c0d0, Source=0x6639b90, Length=0x80 | out: Destination=0x663c0d0)
[0171.659] RtlMoveMemory (in: Destination=0x663c150, Source=0x6639b10, Length=0x80 | out: Destination=0x663c150)
[0171.659] RtlMoveMemory (in: Destination=0x663c1d0, Source=0x6639a90, Length=0x80 | out: Destination=0x663c1d0)
[0171.659] RtlMoveMemory (in: Destination=0x663c250, Source=0x6639a10, Length=0x80 | out: Destination=0x663c250)
[0171.659] RtlMoveMemory (in: Destination=0x663c2d0, Source=0x6639990, Length=0x80 | out: Destination=0x663c2d0)
[0171.659] RtlMoveMemory (in: Destination=0x663c350, Source=0x6639910, Length=0x80 | out: Destination=0x663c350)
[0171.659] RtlMoveMemory (in: Destination=0x663c3d0, Source=0x6639890, Length=0x80 | out: Destination=0x663c3d0)
[0171.659] RtlMoveMemory (in: Destination=0x663c450, Source=0x6639810, Length=0x80 | out: Destination=0x663c450)
[0171.659] RtlMoveMemory (in: Destination=0x663c4d0, Source=0x6639790, Length=0x80 | out: Destination=0x663c4d0)
[0171.659] RtlMoveMemory (in: Destination=0x663c550, Source=0x6639710, Length=0x80 | out: Destination=0x663c550)
[0171.659] RtlMoveMemory (in: Destination=0x663c5d0, Source=0x6639690, Length=0x80 | out: Destination=0x663c5d0)
[0171.659] RtlMoveMemory (in: Destination=0x663c650, Source=0x6639610, Length=0x80 | out: Destination=0x663c650)
[0171.659] RtlMoveMemory (in: Destination=0x663c6d0, Source=0x6639590, Length=0x80 | out: Destination=0x663c6d0)
[0171.659] RtlMoveMemory (in: Destination=0x663c750, Source=0x6639510, Length=0x80 | out: Destination=0x663c750)
[0171.659] RtlMoveMemory (in: Destination=0x663c7d0, Source=0x6639490, Length=0x80 | out: Destination=0x663c7d0)
[0171.660] RtlMoveMemory (in: Destination=0x663c850, Source=0x6639410, Length=0x80 | out: Destination=0x663c850)
[0171.660] RtlMoveMemory (in: Destination=0x663c8d0, Source=0x6639390, Length=0x80 | out: Destination=0x663c8d0)
[0171.660] RtlMoveMemory (in: Destination=0x663c950, Source=0x6639310, Length=0x80 | out: Destination=0x663c950)
[0171.660] RtlMoveMemory (in: Destination=0x663c9d0, Source=0x6639290, Length=0x80 | out: Destination=0x663c9d0)
[0171.660] RtlMoveMemory (in: Destination=0x663ca50, Source=0x6639210, Length=0x80 | out: Destination=0x663ca50)
[0171.660] RtlMoveMemory (in: Destination=0x663cad0, Source=0x6639190, Length=0x80 | out: Destination=0x663cad0)
[0171.660] RtlMoveMemory (in: Destination=0x663cb50, Source=0x6639110, Length=0x80 | out: Destination=0x663cb50)
[0171.660] RtlMoveMemory (in: Destination=0x663cbd0, Source=0x6639090, Length=0x80 | out: Destination=0x663cbd0)
[0171.660] GdipBitmapUnlockBits (bitmap=0x6602080, lockedBitmapData=0x2e07d8c) returned 0x0
[0171.660] GdipBitmapUnlockBits (bitmap=0x6602da0, lockedBitmapData=0x2e07dc4) returned 0x0
[0171.660] GdipDisposeImage (image=0x6602080) returned 0x0
[0171.660] DeleteObject (ho=0x8f0507e9) returned 1
[0171.660] DeleteObject (ho=0x3e0507f1) returned 1
[0171.660] GetCurrentThreadId () returned 0xf50
[0171.660] GetCurrentThreadId () returned 0xf50
[0171.660] SetWindowPos (hWnd=0xd00ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0171.661] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0171.661] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0171.661] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0171.661] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0171.661] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0171.661] GetWindowRect (in: hWnd=0xd00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0171.661] GetParent (hWnd=0xd00ea) returned 0xa02da
[0171.661] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0171.661] InvalidateRect (hWnd=0xd00ea, lpRect=0x0, bErase=1) returned 1
[0171.661] GetWindowTextLengthW (hWnd=0xd00ea) returned 0
[0171.661] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0171.661] GetSystemMetrics (nIndex=42) returned 0
[0171.661] GetWindowTextW (in: hWnd=0xd00ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0171.661] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0171.662] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0171.662] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0171.662] GetWindowRect (in: hWnd=0xd00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0171.662] GetParent (hWnd=0xd00ea) returned 0xa02da
[0171.662] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0171.662] GetWindowTextLengthW (hWnd=0xd00ea) returned 0
[0171.662] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0171.662] GetSystemMetrics (nIndex=42) returned 0
[0171.662] GetWindowTextW (in: hWnd=0xd00ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0171.662] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0171.662] GetWindowTextLengthW (hWnd=0xd00ea) returned 0
[0171.662] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0171.662] GetSystemMetrics (nIndex=42) returned 0
[0171.662] GetWindowTextW (in: hWnd=0xd00ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0171.662] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0171.662] SetWindowTextW (hWnd=0xd00ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0171.662] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xc, wParam=0x0, lParam=0x2de8d98) returned 0x1
[0171.662] InvalidateRect (hWnd=0xd00ea, lpRect=0x0, bErase=1) returned 1
[0171.662] GetCurrentThreadId () returned 0xf50
[0171.663] GetWindowThreadProcessId (in: hWnd=0xd00ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0171.663] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0171.664] GdipImageForceValidation (image=0x6600cd0) returned 0x0
[0171.665] GdipGetImageRawFormat (image=0x6600cd0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0171.665] GdipGetImageHeight (image=0x6600cd0, height=0xd7e824) returned 0x0
[0171.665] GdipGetImageWidth (image=0x6600cd0, width=0xd7e824) returned 0x0
[0171.665] GdipGetImageWidth (image=0x6600cd0, width=0xd7e810) returned 0x0
[0171.665] GdipGetImageHeight (image=0x6600cd0, height=0xd7e810) returned 0x0
[0171.665] GdipGetImageWidth (image=0x6600cd0, width=0xd7e800) returned 0x0
[0171.665] GdipGetImageHeight (image=0x6600cd0, height=0xd7e800) returned 0x0
[0171.665] GdipBitmapGetPixel (bitmap=0x6600cd0, x=0, y=15, color=0xd7e810) returned 0x0
[0171.665] GdipGetImageRawFormat (image=0x6600cd0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0171.665] GdipGetImageWidth (image=0x6600cd0, width=0xd7e740) returned 0x0
[0171.666] GdipGetImageHeight (image=0x6600cd0, height=0xd7e740) returned 0x0
[0171.666] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0171.666] GdipGetImagePixelFormat (image=0x6601018, format=0xd7e740) returned 0x0
[0171.666] GdipGetImageGraphicsContext (image=0x6601018, graphics=0xd7e74c) returned 0x0
[0171.666] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0171.666] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0171.666] GdipSetImageAttributesColorKeys (imageattr=0x6638ba8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0171.666] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600cd0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ba8, callback=0x0, callbackData=0x0) returned 0x0
[0171.666] GdipDisposeImageAttributes (imageattr=0x6638ba8) returned 0x0
[0171.666] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.666] GdipDisposeImage (image=0x6600cd0) returned 0x0
[0171.667] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0171.667] GdipImageForceValidation (image=0x6600cd0) returned 0x0
[0171.669] GdipGetImageRawFormat (image=0x6600cd0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0171.669] GdipGetImageHeight (image=0x6600cd0, height=0xd7e824) returned 0x0
[0171.669] GdipGetImageWidth (image=0x6600cd0, width=0xd7e824) returned 0x0
[0171.669] GdipGetImageWidth (image=0x6600cd0, width=0xd7e810) returned 0x0
[0171.694] GdipGetImageHeight (image=0x6600cd0, height=0xd7e810) returned 0x0
[0171.694] GdipGetImageWidth (image=0x6600cd0, width=0xd7e800) returned 0x0
[0171.694] GdipGetImageHeight (image=0x6600cd0, height=0xd7e800) returned 0x0
[0171.694] GdipBitmapGetPixel (bitmap=0x6600cd0, x=0, y=15, color=0xd7e810) returned 0x0
[0171.694] GdipGetImageRawFormat (image=0x6600cd0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0171.694] GdipGetImageWidth (image=0x6600cd0, width=0xd7e740) returned 0x0
[0171.694] GdipGetImageHeight (image=0x6600cd0, height=0xd7e740) returned 0x0
[0171.694] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0171.695] GdipGetImagePixelFormat (image=0x66016a8, format=0xd7e740) returned 0x0
[0171.695] GdipGetImageGraphicsContext (image=0x66016a8, graphics=0xd7e74c) returned 0x0
[0171.695] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0171.695] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0171.695] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0171.695] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600cd0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0171.695] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0171.695] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.695] GdipDisposeImage (image=0x6600cd0) returned 0x0
[0171.696] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.696] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0171.696] GetCurrentThreadId () returned 0xf50
[0171.696] GetCurrentThreadId () returned 0xf50
[0171.697] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.697] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0171.697] GetCurrentThreadId () returned 0xf50
[0171.697] GetCurrentThreadId () returned 0xf50
[0171.697] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.697] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0171.697] GetCurrentThreadId () returned 0xf50
[0171.697] GetCurrentThreadId () returned 0xf50
[0171.697] GetSystemMetrics (nIndex=5) returned 1
[0171.697] GetSystemMetrics (nIndex=6) returned 1
[0171.697] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.698] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0171.698] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.698] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0171.698] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.698] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0171.698] GetCurrentThreadId () returned 0xf50
[0171.698] GetCurrentThreadId () returned 0xf50
[0171.699] GetProcessWindowStation () returned 0x13c
[0171.699] GetCapture () returned 0x0
[0171.699] GetActiveWindow () returned 0x7005c
[0171.699] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0171.699] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.699] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0171.699] GetCursorPos (in: lpPoint=0x2e08f04 | out: lpPoint=0x2e08f04*(x=272, y=629)) returned 1
[0171.699] MonitorFromPoint (pt=0x110, dwFlags=0x275) returned 0x10001
[0171.699] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0171.699] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3f0107f1
[0171.700] GetDeviceCaps (hdc=0x3f0107f1, index=12) returned 32
[0171.700] GetDeviceCaps (hdc=0x3f0107f1, index=14) returned 1
[0171.700] DeleteDC (hdc=0x3f0107f1) returned 1
[0171.700] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0171.701] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.701] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02de
[0171.701] SetWindowLongW (hWnd=0xa02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0171.701] GetWindowLongW (hWnd=0xa02de, nIndex=-4) returned 1950089536
[0171.702] SetWindowLongW (hWnd=0xa02de, nIndex=-4, dwNewLong=19943006) returned 1950089536
[0171.702] GetWindowLongW (hWnd=0xa02de, nIndex=-4) returned 19943006
[0171.702] GetWindowLongW (hWnd=0xa02de, nIndex=-16) returned 113770496
[0171.702] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0171.703] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0171.704] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0171.704] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0171.704] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0171.704] SetWindowTextW (hWnd=0xa02de, lpString="Microsoft .NET Framework") returned 1
[0171.704] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xc, wParam=0x0, lParam=0x2c7bbf0) returned 0x1
[0171.705] GetStartupInfoW (in: lpStartupInfo=0x2e09240 | out: lpStartupInfo=0x2e09240*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0171.707] GetParent (hWnd=0xa02de) returned 0x0
[0171.707] SetWindowLongW (hWnd=0xa02de, nIndex=-8, dwNewLong=0) returned 0
[0171.708] SendMessageW (hWnd=0xa02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0171.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0171.708] SendMessageW (hWnd=0xa02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0171.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0171.708] GetSystemMenu (hWnd=0xa02de, bRevert=0) returned 0x380297
[0171.709] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0171.709] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0171.709] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0171.709] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0171.709] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0171.709] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0171.710] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0171.710] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0171.710] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0171.710] SetWindowPos (hWnd=0xa02de, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0171.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0171.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0xa02de) returned 0x1
[0171.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0171.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0171.717] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0171.717] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0171.717] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0171.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0xa02de, lParam=0x0) returned 0x0
[0171.720] GetCapture () returned 0x0
[0171.720] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0171.721] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0171.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0171.724] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0171.724] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0171.725] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0171.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0171.725] GetParent (hWnd=0xa02de) returned 0x0
[0171.725] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0171.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0171.728] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0171.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0171.728] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0171.728] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0171.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0171.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0171.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0171.730] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.731] GetWindowLongW (hWnd=0xa02de, nIndex=-16) returned 113770496
[0171.731] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.731] GetSystemMetrics (nIndex=42) returned 0
[0171.731] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0171.731] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.731] GetSystemMetrics (nIndex=42) returned 0
[0171.731] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0171.737] GetCursorPos (in: lpPoint=0x2e0950c | out: lpPoint=0x2e0950c*(x=272, y=629)) returned 1
[0171.737] MonitorFromPoint (pt=0x110, dwFlags=0x275) returned 0x10001
[0171.737] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0171.737] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xaf010803
[0171.737] GetDeviceCaps (hdc=0xaf010803, index=12) returned 32
[0171.737] GetDeviceCaps (hdc=0xaf010803, index=14) returned 1
[0171.737] DeleteDC (hdc=0xaf010803) returned 1
[0171.737] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0171.738] GetWindowLongW (hWnd=0xa02de, nIndex=-16) returned 113770496
[0171.738] GetWindowLongW (hWnd=0xa02de, nIndex=-20) returned 327945
[0171.738] SetWindowLongW (hWnd=0xa02de, nIndex=-16, dwNewLong=46661632) returned 113770496
[0171.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0171.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0171.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0171.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0171.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0171.739] SetWindowLongW (hWnd=0xa02de, nIndex=-20, dwNewLong=327681) returned 327945
[0171.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0171.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0171.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0171.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0171.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0171.741] SetWindowPos (hWnd=0xa02de, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0171.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0171.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0171.742] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0171.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0171.742] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0171.742] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0171.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0171.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0171.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0171.743] RedrawWindow (hWnd=0xa02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0171.744] GetSystemMenu (hWnd=0xa02de, bRevert=0) returned 0x380297
[0171.744] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0171.744] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0171.744] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0171.744] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0171.744] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0171.744] EnableMenuItem (hMenu=0x380297, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0171.744] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0171.744] GetWindowLongW (hWnd=0xa02de, nIndex=-8) returned 0
[0171.744] SetWindowLongW (hWnd=0xa02de, nIndex=-8, dwNewLong=458844) returned 0
[0171.745] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0171.745] GetProcessWindowStation () returned 0x13c
[0171.745] GetCurrentThreadId () returned 0xf50
[0171.745] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304fc6, lParam=0x0) returned 1
[0171.745] IsWindowVisible (hWnd=0xa02de) returned 0
[0171.745] IsWindowVisible (hWnd=0x7005c) returned 1
[0171.745] IsWindowEnabled (hWnd=0x7005c) returned 1
[0171.745] IsWindowVisible (hWnd=0x300ec) returned 0
[0171.745] IsWindowVisible (hWnd=0x502c6) returned 0
[0171.745] IsWindowVisible (hWnd=0x502be) returned 0
[0171.745] GetActiveWindow () returned 0xa02de
[0171.746] GetFocus () returned 0xa02de
[0171.746] IsWindow (hWnd=0x7005c) returned 1
[0171.746] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0171.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0171.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0171.746] GetWindowLongW (hWnd=0xa02de, nIndex=-8) returned 458844
[0171.746] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0171.746] GetCurrentThreadId () returned 0xf50
[0171.746] GetWindowLongW (hWnd=0xa02de, nIndex=-8) returned 458844
[0171.746] IsWindowEnabled (hWnd=0x7005c) returned 0
[0171.746] IsWindowEnabled (hWnd=0xa02de) returned 1
[0171.746] ShowWindow (hWnd=0xa02de, nCmdShow=5) returned 0
[0171.747] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.747] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0171.747] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.755] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.755] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0xa02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02dc
[0171.755] SetWindowLongW (hWnd=0xa02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0171.755] GetWindowLongW (hWnd=0xa02dc, nIndex=-4) returned 1950089536
[0171.756] SetWindowLongW (hWnd=0xa02dc, nIndex=-4, dwNewLong=19942606) returned 1950089536
[0171.756] GetWindowLongW (hWnd=0xa02dc, nIndex=-4) returned 19942606
[0171.756] GetWindowLongW (hWnd=0xa02dc, nIndex=-16) returned 1174405120
[0171.756] GetWindowLongW (hWnd=0xa02dc, nIndex=-12) returned 0
[0171.756] SetWindowLongW (hWnd=0xa02dc, nIndex=-12, dwNewLong=656092) returned 0
[0171.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0171.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0171.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0171.756] GetWindow (hWnd=0xa02dc, uCmd=0x3) returned 0x0
[0171.756] GetClientRect (in: hWnd=0xa02dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0171.756] GetWindowRect (in: hWnd=0xa02dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0171.756] GetParent (hWnd=0xa02dc) returned 0xa02de
[0171.756] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0171.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0171.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0171.757] GetClientRect (in: hWnd=0xa02dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0171.757] GetWindowRect (in: hWnd=0xa02dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0171.757] GetParent (hWnd=0xa02dc) returned 0xa02de
[0171.757] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0171.757] SendMessageW (hWnd=0xa02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xa02dc) returned 0x0
[0171.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xa02dc) returned 0x0
[0171.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.758] GetParent (hWnd=0xa02dc) returned 0xa02de
[0171.758] GetParent (hWnd=0xd00ea) returned 0xa02da
[0171.758] SetParent (hWndChild=0xd00ea, hWndNewParent=0xa02de) returned 0xa02da
[0171.758] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0171.758] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0171.758] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0171.759] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0171.759] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0171.759] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0171.759] GetWindowRect (in: hWnd=0xd00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0171.759] GetParent (hWnd=0xd00ea) returned 0xa02de
[0171.759] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0171.759] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0171.759] GetWindowRect (in: hWnd=0xd00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0171.759] GetParent (hWnd=0xd00ea) returned 0xa02de
[0171.759] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0171.759] GetParent (hWnd=0xd00ea) returned 0xa02de
[0171.759] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.759] GetWindow (hWnd=0xd00ea, uCmd=0x3) returned 0x0
[0171.759] SetWindowPos (hWnd=0xd00ea, hWndInsertAfter=0xa02dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0171.759] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0171.760] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0171.760] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0171.760] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0171.760] GetWindowRect (in: hWnd=0xd00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0171.760] GetParent (hWnd=0xd00ea) returned 0xa02de
[0171.760] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0171.760] GetParent (hWnd=0xd00ea) returned 0xa02de
[0171.760] GetWindow (hWnd=0xd00ea, uCmd=0x3) returned 0xa02dc
[0171.760] GetWindowThreadProcessId (in: hWnd=0xd00ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0171.760] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0171.760] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.761] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.761] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc013e
[0171.761] SetWindowLongW (hWnd=0xc013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0171.761] GetWindowLongW (hWnd=0xc013e, nIndex=-4) returned 1868032000
[0171.762] SetWindowLongW (hWnd=0xc013e, nIndex=-4, dwNewLong=19942886) returned 1868032000
[0171.762] GetWindowLongW (hWnd=0xc013e, nIndex=-4) returned 19942886
[0171.762] GetWindowLongW (hWnd=0xc013e, nIndex=-16) returned 1174470667
[0171.762] GetWindowLongW (hWnd=0xc013e, nIndex=-12) returned 0
[0171.762] SetWindowLongW (hWnd=0xc013e, nIndex=-12, dwNewLong=786750) returned 0
[0171.762] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0171.762] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0171.763] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0171.764] SendMessageW (hWnd=0xc013e, Msg=0x2055, wParam=0xc013e, lParam=0x3) returned 0x2
[0171.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0171.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0171.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0171.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0171.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0171.764] RedrawWindow (hWnd=0xa02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0171.764] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0171.764] RedrawWindow (hWnd=0xd00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0171.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0171.764] RedrawWindow (hWnd=0xc013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0171.764] RedrawWindow (hWnd=0xa02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0171.765] GetWindow (hWnd=0xc013e, uCmd=0x3) returned 0xd00ea
[0171.765] GetClientRect (in: hWnd=0xc013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0171.765] GetWindowRect (in: hWnd=0xc013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0171.765] GetParent (hWnd=0xc013e) returned 0xa02de
[0171.765] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0171.765] SetWindowTextW (hWnd=0xc013e, lpString="&Details") returned 1
[0171.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0171.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0171.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0171.765] GetClientRect (in: hWnd=0xc013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0171.765] GetWindowRect (in: hWnd=0xc013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0171.765] GetParent (hWnd=0xc013e) returned 0xa02de
[0171.765] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0171.766] SendMessageW (hWnd=0xc013e, Msg=0x2210, wParam=0x13e0001, lParam=0xc013e) returned 0x0
[0171.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x2210, wParam=0x13e0001, lParam=0xc013e) returned 0x0
[0171.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.766] GetParent (hWnd=0xc013e) returned 0xa02de
[0171.766] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0171.766] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.766] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.767] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc02d8
[0171.767] SetWindowLongW (hWnd=0xc02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0171.767] GetWindowLongW (hWnd=0xc02d8, nIndex=-4) returned 1868032000
[0171.767] SetWindowLongW (hWnd=0xc02d8, nIndex=-4, dwNewLong=19942726) returned 1868032000
[0171.767] GetWindowLongW (hWnd=0xc02d8, nIndex=-4) returned 19942726
[0171.767] GetWindowLongW (hWnd=0xc02d8, nIndex=-16) returned 1174470667
[0171.767] GetWindowLongW (hWnd=0xc02d8, nIndex=-12) returned 0
[0171.767] SetWindowLongW (hWnd=0xc02d8, nIndex=-12, dwNewLong=787160) returned 0
[0171.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0171.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0171.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0171.769] SendMessageW (hWnd=0xc02d8, Msg=0x2055, wParam=0xc02d8, lParam=0x3) returned 0x2
[0171.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0171.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0171.770] GetWindow (hWnd=0xc02d8, uCmd=0x3) returned 0xc013e
[0171.770] GetClientRect (in: hWnd=0xc02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0171.770] GetWindowRect (in: hWnd=0xc02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0171.770] GetParent (hWnd=0xc02d8) returned 0xa02de
[0171.770] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0171.770] SetWindowTextW (hWnd=0xc02d8, lpString="&Continue") returned 1
[0171.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0171.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0171.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0171.770] GetClientRect (in: hWnd=0xc02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0171.770] GetWindowRect (in: hWnd=0xc02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0171.770] GetParent (hWnd=0xc02d8) returned 0xa02de
[0171.770] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0171.771] SendMessageW (hWnd=0xc02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xc02d8) returned 0x0
[0171.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xc02d8) returned 0x0
[0171.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.771] GetParent (hWnd=0xc02d8) returned 0xa02de
[0171.771] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0171.771] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.772] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.772] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x8005a
[0171.772] SetWindowLongW (hWnd=0x8005a, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0171.772] GetWindowLongW (hWnd=0x8005a, nIndex=-4) returned 1868032000
[0171.772] SetWindowLongW (hWnd=0x8005a, nIndex=-4, dwNewLong=19942846) returned 1868032000
[0171.772] GetWindowLongW (hWnd=0x8005a, nIndex=-4) returned 19942846
[0171.772] GetWindowLongW (hWnd=0x8005a, nIndex=-16) returned 1174470667
[0171.772] GetWindowLongW (hWnd=0x8005a, nIndex=-12) returned 0
[0171.772] SetWindowLongW (hWnd=0x8005a, nIndex=-12, dwNewLong=524378) returned 0
[0171.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0171.773] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0171.773] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0171.774] SendMessageW (hWnd=0x8005a, Msg=0x2055, wParam=0x8005a, lParam=0x3) returned 0x2
[0171.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0171.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0171.774] GetWindow (hWnd=0x8005a, uCmd=0x3) returned 0xc02d8
[0171.774] GetClientRect (in: hWnd=0x8005a, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0171.774] GetWindowRect (in: hWnd=0x8005a, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0171.774] GetParent (hWnd=0x8005a) returned 0xa02de
[0171.774] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0171.774] SetWindowTextW (hWnd=0x8005a, lpString="&Quit") returned 1
[0171.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0171.775] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0171.775] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0171.775] GetClientRect (in: hWnd=0x8005a, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0171.775] GetWindowRect (in: hWnd=0x8005a, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0171.775] GetParent (hWnd=0x8005a) returned 0xa02de
[0171.775] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0171.775] SendMessageW (hWnd=0x8005a, Msg=0x2210, wParam=0x5a0001, lParam=0x8005a) returned 0x0
[0171.775] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x2210, wParam=0x5a0001, lParam=0x8005a) returned 0x0
[0171.775] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.775] GetParent (hWnd=0x8005a) returned 0xa02de
[0171.775] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0171.776] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.776] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0171.776] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0xa02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02d2
[0171.776] SetWindowLongW (hWnd=0xb02d2, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0171.776] GetWindowLongW (hWnd=0xb02d2, nIndex=-4) returned 1868026976
[0171.777] SetWindowLongW (hWnd=0xb02d2, nIndex=-4, dwNewLong=19942566) returned 1868026976
[0171.777] GetWindowLongW (hWnd=0xb02d2, nIndex=-4) returned 19942566
[0171.777] GetWindowLongW (hWnd=0xb02d2, nIndex=-16) returned 1177553092
[0171.777] GetWindowLongW (hWnd=0xb02d2, nIndex=-12) returned 0
[0171.777] SetWindowLongW (hWnd=0xb02d2, nIndex=-12, dwNewLong=721618) returned 0
[0171.777] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0171.778] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0171.779] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0171.795] GetWindow (hWnd=0xb02d2, uCmd=0x3) returned 0x8005a
[0171.795] GetClientRect (in: hWnd=0xb02d2, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0171.795] GetWindowRect (in: hWnd=0xb02d2, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0171.795] GetParent (hWnd=0xb02d2) returned 0xa02de
[0171.795] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0171.795] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.795] GetSystemMetrics (nIndex=42) returned 0
[0171.795] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0171.795] SendMessageW (hWnd=0xb02d2, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0171.795] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0171.800] SetWindowTextW (hWnd=0xb02d2, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0171.800] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0xc, wParam=0x0, lParam=0x2e05200) returned 0x1
[0171.801] GetSystemMetrics (nIndex=5) returned 1
[0171.801] GetSystemMetrics (nIndex=6) returned 1
[0171.801] SendMessageW (hWnd=0xb02d2, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0171.801] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0171.802] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0171.803] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0171.803] GetClientRect (in: hWnd=0xb02d2, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0171.803] GetWindowRect (in: hWnd=0xb02d2, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0171.803] GetParent (hWnd=0xb02d2) returned 0xa02de
[0171.803] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02de, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0171.803] SendMessageW (hWnd=0xb02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xb02d2) returned 0x0
[0171.803] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xb02d2) returned 0x0
[0171.803] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0171.803] GetParent (hWnd=0xb02d2) returned 0xa02de
[0171.803] GetWindowLongW (hWnd=0xa02de, nIndex=-8) returned 458844
[0171.803] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0171.804] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0171.804] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb6010803
[0171.804] GetDeviceCaps (hdc=0xb6010803, index=12) returned 32
[0171.804] GetDeviceCaps (hdc=0xb6010803, index=14) returned 1
[0171.804] DeleteDC (hdc=0xb6010803) returned 1
[0171.804] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0171.804] GetWindowThreadProcessId (in: hWnd=0xa02de, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0171.804] GetCurrentThreadId () returned 0xf50
[0171.804] PostMessageW (hWnd=0xa02de, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0171.804] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.804] GetSystemMetrics (nIndex=42) returned 0
[0171.804] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0171.805] GdipImageGetFrameDimensionsCount (image=0x6602da0, count=0xd7e25c) returned 0x0
[0171.805] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7b98
[0171.805] GdipImageGetFrameDimensionsList (image=0x6602da0, dimensionIDs=0x11f7b98*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0171.805] LocalFree (hMem=0x11f7b98) returned 0x0
[0171.805] GdipImageGetFrameDimensionsCount (image=0x6601018, count=0xd7e250) returned 0x0
[0171.805] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7b80
[0171.805] GdipImageGetFrameDimensionsList (image=0x6601018, dimensionIDs=0x11f7b80*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0171.805] LocalFree (hMem=0x11f7b80) returned 0x0
[0171.805] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0171.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0171.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0171.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0171.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0171.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0171.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0171.824] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0171.824] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0171.824] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.824] GetSystemMetrics (nIndex=42) returned 0
[0171.824] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0171.824] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0171.824] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0171.824] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0171.824] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0xffffffff8a0507ae
[0171.825] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0171.825] SaveDC (hdc=0xf0105ee) returned 1
[0171.825] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0171.825] CreateSolidBrush (color=0xf0f0f0) returned 0x7b1007e1
[0171.825] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0x7b1007e1) returned 1
[0171.825] DeleteObject (ho=0x7b1007e1) returned 1
[0171.827] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0171.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0171.828] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0171.828] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0171.828] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0171.828] GetStockObject (i=5) returned 0x900015
[0171.828] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0171.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0171.829] GetStockObject (i=5) returned 0x900015
[0171.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0171.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0171.829] GetStockObject (i=5) returned 0x900015
[0171.829] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0171.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0171.829] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0171.829] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0171.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0171.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0171.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0171.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0171.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0171.831] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0171.831] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0171.832] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0171.832] InvalidateRect (hWnd=0xc013e, lpRect=0x0, bErase=0) returned 1
[0171.832] GetFocus () returned 0xa02de
[0171.832] GetFocus () returned 0xa02de
[0171.832] SetFocus (hWnd=0xc013e) returned 0xa02de
[0171.832] GetFocus () returned 0xc013e
[0171.833] IsChild (hWndParent=0xa02de, hWnd=0xc013e) returned 1
[0171.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x8, wParam=0xc013e, lParam=0x0) returned 0x0
[0171.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0171.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0171.836] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0171.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x7, wParam=0xa02de, lParam=0x0) returned 0x0
[0171.836] GetStockObject (i=5) returned 0x900015
[0171.837] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0171.837] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0171.837] GetDlgItem (hDlg=0xa02de, nIDDlgItem=786750) returned 0xc013e
[0171.837] SendMessageW (hWnd=0xc013e, Msg=0x202b, wParam=0xc013e, lParam=0xd7e0dc) returned 0x0
[0171.837] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x202b, wParam=0xc013e, lParam=0xd7e0dc) returned 0x0
[0171.837] InvalidateRect (hWnd=0xc013e, lpRect=0x0, bErase=0) returned 1
[0171.839] GetFocus () returned 0xc013e
[0171.839] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.839] IsWindowUnicode (hWnd=0xa02de) returned 1
[0171.839] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.839] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.840] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0171.840] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.840] IsWindowUnicode (hWnd=0xa02de) returned 1
[0171.840] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.840] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.840] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.840] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.840] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0171.840] IsWindowUnicode (hWnd=0xc02d8) returned 1
[0171.845] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.845] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.845] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.846] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.846] IsWindowUnicode (hWnd=0x602c4) returned 1
[0171.846] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.846] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.846] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0171.846] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0171.846] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0171.846] IsWindowUnicode (hWnd=0xc02d8) returned 1
[0171.846] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0171.846] SetCursor (hCursor=0x10003) returned 0x10003
[0171.846] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.846] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.846] _TrackMouseEvent (in: lpEventTrack=0x2e0a92c | out: lpEventTrack=0x2e0a92c) returned 1
[0171.847] SendMessageW (hWnd=0xc02d8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0171.847] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0171.847] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0171.847] GetKeyState (nVirtKey=1) returned 0
[0171.847] GetKeyState (nVirtKey=2) returned 0
[0171.847] GetKeyState (nVirtKey=4) returned 0
[0171.847] GetKeyState (nVirtKey=5) returned 0
[0171.847] GetKeyState (nVirtKey=6) returned 0
[0171.847] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.847] IsWindowUnicode (hWnd=0xa02de) returned 1
[0171.847] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.847] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.847] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.848] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.848] IsWindowUnicode (hWnd=0xa02de) returned 1
[0171.848] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.848] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.848] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.848] BeginPaint (in: hWnd=0xa02de, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0171.849] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.849] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.849] GetSystemMetrics (nIndex=42) returned 0
[0171.849] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0171.849] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.849] EndPaint (hWnd=0xa02de, lpPaint=0xd7e274) returned 1
[0171.849] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.849] IsWindowUnicode (hWnd=0xa02dc) returned 1
[0171.849] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.849] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.849] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.849] BeginPaint (in: hWnd=0xa02dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0171.850] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.850] CreateCompatibleDC (hdc=0x60100ce) returned 0x8f010801
[0171.850] SelectObject (hdc=0x8f010801, h=0x4a0507fe) returned 0x85000f
[0171.850] GdipCreateFromHDC (hdc=0x8f010801, graphics=0xd7e2b0) returned 0x0
[0171.850] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0171.850] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0171.850] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0171.850] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0171.850] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e310) returned 0x0
[0171.850] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0171.850] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0171.850] LocalFree (hMem=0x11eecc8) returned 0x0
[0171.850] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0171.850] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0171.850] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0171.851] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e304) returned 0x0
[0171.851] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0171.851] GetWindowTextLengthW (hWnd=0xa02dc) returned 0
[0171.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0171.851] GetSystemMetrics (nIndex=42) returned 0
[0171.851] GetWindowTextW (in: hWnd=0xa02dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0171.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0171.851] GetClientRect (in: hWnd=0xa02dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0171.851] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0171.851] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0171.851] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0171.851] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0171.851] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e164) returned 0x0
[0171.851] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0171.851] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0171.851] LocalFree (hMem=0x11eec58) returned 0x0
[0171.851] GdipCombineRegionRegion (region=0x6646c28, region2=0x6646448, combineMode=0x1) returned 0x0
[0171.851] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.851] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0171.851] LocalFree (hMem=0x11ee868) returned 0x0
[0171.851] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0171.851] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0171.852] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0171.852] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0171.852] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0171.852] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0171.852] GetCurrentObject (hdc=0x8f010801, type=0x1) returned 0xb00017
[0171.852] GetCurrentObject (hdc=0x8f010801, type=0x2) returned 0x900010
[0171.852] GetCurrentObject (hdc=0x8f010801, type=0x7) returned 0x4a0507fe
[0171.852] GetCurrentObject (hdc=0x8f010801, type=0x6) returned 0x8a01c2
[0171.852] SaveDC (hdc=0x8f010801) returned 1
[0171.852] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x61040807
[0171.852] GetClipRgn (hdc=0x8f010801, hrgn=0x61040807) returned 0
[0171.852] SelectClipRgn (hdc=0x8f010801, hrgn=0xe40407de) returned 2
[0171.852] DeleteObject (ho=0x61040807) returned 1
[0171.852] DeleteObject (ho=0xe40407de) returned 1
[0171.852] OffsetViewportOrgEx (in: hdc=0x8f010801, x=0, y=0, lppt=0x2e0adf0 | out: lppt=0x2e0adf0) returned 1
[0171.852] GetNearestColor (hdc=0x8f010801, color=0xf0f0f0) returned 0xf0f0f0
[0171.852] CreateSolidBrush (color=0xf0f0f0) returned 0x7c1007e1
[0171.852] FillRect (hDC=0x8f010801, lprc=0xd7e198, hbr=0x7c1007e1) returned 1
[0171.853] DeleteObject (ho=0x7c1007e1) returned 1
[0171.853] RestoreDC (hdc=0x8f010801, nSavedDC=-1) returned 1
[0171.853] GdipReleaseDC (graphics=0x6600030, hdc=0x8f010801) returned 0x0
[0171.853] GdipRestoreGraphics (graphics=0x6600030, state=0xfc4a0dbd) returned 0x0
[0171.853] GdipDeleteRegion (region=0x6646448) returned 0x0
[0171.853] GetWindowTextLengthW (hWnd=0xa02dc) returned 0
[0171.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0171.853] GetSystemMetrics (nIndex=42) returned 0
[0171.853] GetWindowTextW (in: hWnd=0xa02dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0171.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0171.853] GdipGetImageWidth (image=0x6602da0, width=0xd7e1e0) returned 0x0
[0171.853] GdipGetImageHeight (image=0x6602da0, height=0xd7e1e0) returned 0x0
[0171.853] GdipGetImageWidth (image=0x6602da0, width=0xd7e1cc) returned 0x0
[0171.853] GdipGetImageHeight (image=0x6602da0, height=0xd7e1cc) returned 0x0
[0171.853] GdipDrawImageRectI (graphics=0x6600030, image=0x6602da0, x=16, y=16, width=32, height=32) returned 0x0
[0171.853] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0171.853] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x8f010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0171.853] GdipReleaseDC (graphics=0x6600030, hdc=0x8f010801) returned 0x0
[0171.853] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.854] SelectObject (hdc=0x8f010801, h=0x85000f) returned 0x4a0507fe
[0171.854] DeleteDC (hdc=0x8f010801) returned 1
[0171.854] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.854] EndPaint (hWnd=0xa02dc, lpPaint=0xd7e294) returned 1
[0171.854] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.854] IsWindowUnicode (hWnd=0xd00ea) returned 1
[0171.854] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.854] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.854] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.854] BeginPaint (in: hWnd=0xd00ea, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0171.854] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.854] CreateCompatibleDC (hdc=0xf0105ee) returned 0x91010801
[0171.854] GetObjectType (h=0xf0105ee) returned 0x3
[0171.855] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0xffffffffc2050803
[0171.855] GetDIBits (in: hdc=0xf0105ee, hbm=0xc2050803, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0171.855] GetDIBits (in: hdc=0xf0105ee, hbm=0xc2050803, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0171.855] DeleteObject (ho=0xc2050803) returned 1
[0171.855] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x680507eb
[0171.855] SelectObject (hdc=0x91010801, h=0x680507eb) returned 0x85000f
[0171.855] GdipCreateFromHDC (hdc=0x91010801, graphics=0xd7e234) returned 0x0
[0171.855] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0171.855] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0171.855] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0171.856] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0171.856] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0171.856] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.856] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0171.856] LocalFree (hMem=0x11ee868) returned 0x0
[0171.856] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0171.856] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0171.856] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0171.856] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0171.856] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0171.856] GetWindowTextLengthW (hWnd=0xd00ea) returned 232
[0171.856] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0171.861] GetSystemMetrics (nIndex=42) returned 0
[0171.861] GetWindowTextW (in: hWnd=0xd00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0171.861] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0171.861] GetClientRect (in: hWnd=0xd00ea, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0171.861] GdipCreateRegion (region=0xd7e110) returned 0x0
[0171.861] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0171.861] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0171.861] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0171.861] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e128) returned 0x0
[0171.861] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.861] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0171.861] LocalFree (hMem=0x11ee868) returned 0x0
[0171.861] GdipCombineRegionRegion (region=0x6646718, region2=0x66465f8, combineMode=0x1) returned 0x0
[0171.862] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0171.862] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0171.862] LocalFree (hMem=0x11ee8d8) returned 0x0
[0171.862] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0171.862] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e150) returned 0x0
[0171.862] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e140) returned 0x0
[0171.862] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0171.862] GdipDeleteRegion (region=0x6646718) returned 0x0
[0171.862] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0171.862] GetCurrentObject (hdc=0x91010801, type=0x1) returned 0xb00017
[0171.862] GetCurrentObject (hdc=0x91010801, type=0x2) returned 0x900010
[0171.862] GetCurrentObject (hdc=0x91010801, type=0x7) returned 0x680507eb
[0171.862] GetCurrentObject (hdc=0x91010801, type=0x6) returned 0x8a01c2
[0171.862] SaveDC (hdc=0x91010801) returned 1
[0171.862] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe50407de
[0171.862] GetClipRgn (hdc=0x91010801, hrgn=0xe50407de) returned 0
[0171.862] SelectClipRgn (hdc=0x91010801, hrgn=0x62040807) returned 2
[0171.862] DeleteObject (ho=0xe50407de) returned 1
[0171.862] DeleteObject (ho=0x62040807) returned 1
[0171.863] OffsetViewportOrgEx (in: hdc=0x91010801, x=0, y=0, lppt=0x2e0c7b8 | out: lppt=0x2e0c7b8) returned 1
[0171.863] GetNearestColor (hdc=0x91010801, color=0xf0f0f0) returned 0xf0f0f0
[0171.863] CreateSolidBrush (color=0xf0f0f0) returned 0x7d1007e1
[0171.863] FillRect (hDC=0x91010801, lprc=0xd7e15c, hbr=0x7d1007e1) returned 1
[0171.864] DeleteObject (ho=0x7d1007e1) returned 1
[0171.864] RestoreDC (hdc=0x91010801, nSavedDC=-1) returned 1
[0171.864] GdipReleaseDC (graphics=0x6600030, hdc=0x91010801) returned 0x0
[0171.864] GdipRestoreGraphics (graphics=0x6600030, state=0xfc480dbd) returned 0x0
[0171.864] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0171.864] GetWindowTextLengthW (hWnd=0xd00ea) returned 232
[0171.865] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0171.865] GetSystemMetrics (nIndex=42) returned 0
[0171.865] GetWindowTextW (in: hWnd=0xd00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0171.865] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0171.865] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0171.865] GetCurrentObject (hdc=0x91010801, type=0x1) returned 0xb00017
[0171.865] GetCurrentObject (hdc=0x91010801, type=0x2) returned 0x900010
[0171.865] GetCurrentObject (hdc=0x91010801, type=0x7) returned 0x680507eb
[0171.865] GetCurrentObject (hdc=0x91010801, type=0x6) returned 0x8a01c2
[0171.865] SaveDC (hdc=0x91010801) returned 1
[0171.865] GetNearestColor (hdc=0x91010801, color=0x0) returned 0x0
[0171.865] RestoreDC (hdc=0x91010801, nSavedDC=-1) returned 1
[0171.865] GdipReleaseDC (graphics=0x6600030, hdc=0x91010801) returned 0x0
[0171.866] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0171.866] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0171.866] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e0cfb4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0171.867] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0171.867] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0171.867] GetCurrentObject (hdc=0x91010801, type=0x1) returned 0xb00017
[0171.867] GetCurrentObject (hdc=0x91010801, type=0x2) returned 0x900010
[0171.867] GetCurrentObject (hdc=0x91010801, type=0x7) returned 0x680507eb
[0171.867] GetCurrentObject (hdc=0x91010801, type=0x6) returned 0x8a01c2
[0171.867] SaveDC (hdc=0x91010801) returned 1
[0171.867] GetTextAlign (hdc=0x91010801) returned 0x0
[0171.867] GetTextColor (hdc=0x91010801) returned 0x0
[0171.867] GetCurrentObject (hdc=0x91010801, type=0x6) returned 0x8a01c2
[0171.867] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0171.867] SelectObject (hdc=0x91010801, h=0x6d0a0520) returned 0x8a01c2
[0171.867] GetBkMode (hdc=0x91010801) returned 2
[0171.867] SetBkMode (hdc=0x91010801, mode=1) returned 2
[0171.868] DrawTextExW (in: hdc=0x91010801, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e0d1d8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0171.871] RestoreDC (hdc=0x91010801, nSavedDC=-1) returned 1
[0171.871] GdipReleaseDC (graphics=0x6600030, hdc=0x91010801) returned 0x0
[0171.871] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0171.871] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0x91010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0171.871] GdipReleaseDC (graphics=0x6600030, hdc=0x91010801) returned 0x0
[0171.871] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.871] SelectObject (hdc=0x91010801, h=0x85000f) returned 0x680507eb
[0171.872] DeleteDC (hdc=0x91010801) returned 1
[0171.872] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.872] DeleteObject (ho=0x680507eb) returned 1
[0171.908] EndPaint (hWnd=0xd00ea, lpPaint=0xd7e258) returned 1
[0171.908] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0171.909] IsWindowUnicode (hWnd=0x30122) returned 1
[0171.909] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0171.909] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.909] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.910] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.910] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0171.911] IsWindowUnicode (hWnd=0x30122) returned 1
[0171.911] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.911] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.911] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.911] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.911] IsWindowUnicode (hWnd=0xc013e) returned 1
[0171.911] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.912] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.912] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.912] BeginPaint (in: hWnd=0xc013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0171.912] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.912] CreateCompatibleDC (hdc=0xc0107c5) returned 0xc5010803
[0171.912] SelectObject (hdc=0xc5010803, h=0x4a0507fe) returned 0x85000f
[0171.912] GdipCreateFromHDC (hdc=0xc5010803, graphics=0xd7e268) returned 0x0
[0171.912] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0171.912] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0171.912] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0171.912] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0171.912] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0171.912] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.912] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0171.913] LocalFree (hMem=0x11ee868) returned 0x0
[0171.913] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0171.913] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0171.913] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0171.913] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0171.913] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0171.913] GdipRestoreGraphics (graphics=0x6600030, state=0xfc460dbd) returned 0x0
[0171.913] GdipDeleteRegion (region=0x6646298) returned 0x0
[0171.913] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0171.913] GetCurrentObject (hdc=0xc5010803, type=0x1) returned 0xb00017
[0171.913] GetCurrentObject (hdc=0xc5010803, type=0x2) returned 0x900010
[0171.913] GetCurrentObject (hdc=0xc5010803, type=0x7) returned 0x4a0507fe
[0171.913] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.913] SaveDC (hdc=0xc5010803) returned 1
[0171.913] GetNearestColor (hdc=0xc5010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.913] GetNearestColor (hdc=0xc5010803, color=0xa0a0a0) returned 0xa0a0a0
[0171.913] GetNearestColor (hdc=0xc5010803, color=0x696969) returned 0x696969
[0171.913] GetNearestColor (hdc=0xc5010803, color=0xa0a0a0) returned 0xa0a0a0
[0171.913] GetNearestColor (hdc=0xc5010803, color=0x0) returned 0x0
[0171.913] GetNearestColor (hdc=0xc5010803, color=0xffffff) returned 0xffffff
[0171.914] GetNearestColor (hdc=0xc5010803, color=0xe5e5e5) returned 0xe5e5e5
[0171.914] GetNearestColor (hdc=0xc5010803, color=0xd7d7d7) returned 0xd7d7d7
[0171.914] GetNearestColor (hdc=0xc5010803, color=0x0) returned 0x0
[0171.914] RestoreDC (hdc=0xc5010803, nSavedDC=-1) returned 1
[0171.914] GdipReleaseDC (graphics=0x6600030, hdc=0xc5010803) returned 0x0
[0171.914] IsAppThemed () returned 0x1
[0171.914] GetThemeAppProperties () returned 0x3
[0171.914] GetThemeAppProperties () returned 0x3
[0171.914] GdipGetImageWidth (image=0x6601018, width=0xd7e168) returned 0x0
[0171.914] GdipGetImageHeight (image=0x6601018, height=0xd7e168) returned 0x0
[0171.914] IsAppThemed () returned 0x1
[0171.914] GetThemeAppProperties () returned 0x3
[0171.914] GetThemeAppProperties () returned 0x3
[0171.914] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e0d928 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0171.914] IsAppThemed () returned 0x1
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] IsAppThemed () returned 0x1
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] GetFocus () returned 0xc013e
[0171.915] IsAppThemed () returned 0x1
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] IsAppThemed () returned 0x1
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] IsThemePartDefined () returned 0x1
[0171.915] IsAppThemed () returned 0x1
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] GetThemeAppProperties () returned 0x3
[0171.915] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0171.915] IsAppThemed () returned 0x1
[0171.916] GetThemeAppProperties () returned 0x3
[0171.916] GetThemeAppProperties () returned 0x3
[0171.916] IsAppThemed () returned 0x1
[0171.916] GetThemeAppProperties () returned 0x3
[0171.916] GetThemeAppProperties () returned 0x3
[0171.916] IsThemePartDefined () returned 0x1
[0171.916] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0171.916] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0171.916] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0171.916] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0171.916] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0171.916] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0171.916] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0171.916] LocalFree (hMem=0x11ee9f0) returned 0x0
[0171.916] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0171.916] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0171.916] LocalFree (hMem=0x11eecc8) returned 0x0
[0171.916] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0171.916] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0171.916] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0171.916] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0171.916] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0171.916] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0171.917] GetCurrentObject (hdc=0xc5010803, type=0x1) returned 0xb00017
[0171.917] GetCurrentObject (hdc=0xc5010803, type=0x2) returned 0x900010
[0171.917] GetCurrentObject (hdc=0xc5010803, type=0x7) returned 0x4a0507fe
[0171.917] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.917] SaveDC (hdc=0xc5010803) returned 1
[0171.917] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x63040807
[0171.917] GetClipRgn (hdc=0xc5010803, hrgn=0x63040807) returned 0
[0171.917] SelectClipRgn (hdc=0xc5010803, hrgn=0xe90407de) returned 2
[0171.917] DeleteObject (ho=0x63040807) returned 1
[0171.917] DeleteObject (ho=0xe90407de) returned 1
[0171.917] OffsetViewportOrgEx (in: hdc=0xc5010803, x=0, y=0, lppt=0x2e0dfd8 | out: lppt=0x2e0dfd8) returned 1
[0171.917] DrawThemeParentBackground () returned 0x0
[0171.917] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0171.917] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0171.917] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.917] GetSystemMetrics (nIndex=42) returned 0
[0171.917] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0171.918] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x1) returned 0xb00017
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x2) returned 0x900010
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x7) returned 0x4a0507fe
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.918] SaveDC (hdc=0xc5010803) returned 2
[0171.918] GetNearestColor (hdc=0xc5010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.918] CreateSolidBrush (color=0xf0f0f0) returned 0x7e1007e1
[0171.918] FillRect (hDC=0xc5010803, lprc=0xd7da38, hbr=0x7e1007e1) returned 1
[0171.918] DeleteObject (ho=0x7e1007e1) returned 1
[0171.918] RestoreDC (hdc=0xc5010803, nSavedDC=-1) returned 1
[0171.918] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.918] GetSystemMetrics (nIndex=42) returned 0
[0171.918] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0171.918] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x1) returned 0xb00017
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x2) returned 0x900010
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x7) returned 0x4a0507fe
[0171.918] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.919] SaveDC (hdc=0xc5010803) returned 2
[0171.919] GetNearestColor (hdc=0xc5010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.924] CreateSolidBrush (color=0xf0f0f0) returned 0x7f1007e1
[0171.925] FillRect (hDC=0xc5010803, lprc=0xd7d9d8, hbr=0x7f1007e1) returned 1
[0171.925] DeleteObject (ho=0x7f1007e1) returned 1
[0171.925] RestoreDC (hdc=0xc5010803, nSavedDC=-1) returned 1
[0171.925] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.925] GetSystemMetrics (nIndex=42) returned 0
[0171.925] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0171.925] RestoreDC (hdc=0xc5010803, nSavedDC=-1) returned 1
[0171.925] GdipReleaseDC (graphics=0x6600030, hdc=0xc5010803) returned 0x0
[0171.925] IsAppThemed () returned 0x1
[0171.926] GetThemeAppProperties () returned 0x3
[0171.926] GetThemeAppProperties () returned 0x3
[0171.926] IsAppThemed () returned 0x1
[0171.926] GetThemeAppProperties () returned 0x3
[0171.926] GetThemeAppProperties () returned 0x3
[0171.926] IsThemePartDefined () returned 0x1
[0171.926] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0171.926] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0171.926] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0171.926] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0171.926] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0171.926] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0171.926] LocalFree (hMem=0x11ee9f0) returned 0x0
[0171.926] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0171.926] LocalFree (hMem=0x11ee9f0) returned 0x0
[0171.926] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0171.926] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0171.927] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0171.927] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0171.927] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0171.927] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0171.927] GetCurrentObject (hdc=0xc5010803, type=0x1) returned 0xb00017
[0171.927] GetCurrentObject (hdc=0xc5010803, type=0x2) returned 0x900010
[0171.927] GetCurrentObject (hdc=0xc5010803, type=0x7) returned 0x4a0507fe
[0171.927] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.927] SaveDC (hdc=0xc5010803) returned 1
[0171.927] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xea0407de
[0171.927] GetClipRgn (hdc=0xc5010803, hrgn=0xea0407de) returned 0
[0171.927] SelectClipRgn (hdc=0xc5010803, hrgn=0x65040807) returned 2
[0171.927] DeleteObject (ho=0xea0407de) returned 1
[0171.927] DeleteObject (ho=0x65040807) returned 1
[0171.928] OffsetViewportOrgEx (in: hdc=0xc5010803, x=0, y=0, lppt=0x2e0e95c | out: lppt=0x2e0e95c) returned 1
[0171.928] IsAppThemed () returned 0x1
[0171.928] GetThemeAppProperties () returned 0x3
[0171.928] GetThemeAppProperties () returned 0x3
[0171.928] DrawThemeBackground () returned 0x0
[0171.928] RestoreDC (hdc=0xc5010803, nSavedDC=-1) returned 1
[0171.928] GdipReleaseDC (graphics=0x6600030, hdc=0xc5010803) returned 0x0
[0171.928] GdipCreateRegion (region=0xd7df60) returned 0x0
[0171.928] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0171.928] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0171.928] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0171.928] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0171.928] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0171.928] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0171.928] LocalFree (hMem=0x11ee9f0) returned 0x0
[0171.928] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0171.928] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0171.929] LocalFree (hMem=0x11ee8d8) returned 0x0
[0171.929] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0171.929] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0171.929] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0171.929] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0171.929] GdipDeleteRegion (region=0x6646298) returned 0x0
[0171.929] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0171.929] GetCurrentObject (hdc=0xc5010803, type=0x1) returned 0xb00017
[0171.929] GetCurrentObject (hdc=0xc5010803, type=0x2) returned 0x900010
[0171.929] GetCurrentObject (hdc=0xc5010803, type=0x7) returned 0x4a0507fe
[0171.929] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.929] SaveDC (hdc=0xc5010803) returned 1
[0171.929] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x66040807
[0171.929] GetClipRgn (hdc=0xc5010803, hrgn=0x66040807) returned 0
[0171.929] SelectClipRgn (hdc=0xc5010803, hrgn=0xeb0407de) returned 2
[0171.929] DeleteObject (ho=0x66040807) returned 1
[0171.930] DeleteObject (ho=0xeb0407de) returned 1
[0171.930] OffsetViewportOrgEx (in: hdc=0xc5010803, x=0, y=0, lppt=0x2e0ec30 | out: lppt=0x2e0ec30) returned 1
[0171.930] IsAppThemed () returned 0x1
[0171.930] GetThemeAppProperties () returned 0x3
[0171.930] GetThemeAppProperties () returned 0x3
[0171.930] GetThemeBackgroundContentRect () returned 0x0
[0171.930] RestoreDC (hdc=0xc5010803, nSavedDC=-1) returned 1
[0171.930] GdipReleaseDC (graphics=0x6600030, hdc=0xc5010803) returned 0x0
[0171.930] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0171.930] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0171.930] GdipCloneRegion (region=0x66467a8, cloneRegion=0xd7e150) returned 0x0
[0171.930] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0171.930] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0171.930] GdipSetClipRegion (graphics=0x6600030, region=0x6646958, combineMode=0x0) returned 0x0
[0171.930] GdipGetImageWidth (image=0x6601018, width=0xd7e154) returned 0x0
[0171.930] GdipGetImageHeight (image=0x6601018, height=0xd7e148) returned 0x0
[0171.930] GdipDrawImageRectI (graphics=0x6600030, image=0x6601018, x=4, y=4, width=16, height=16) returned 0x0
[0171.930] GdipSetClipRegion (graphics=0x6600030, region=0x66467a8, combineMode=0x0) returned 0x0
[0171.931] IsAppThemed () returned 0x1
[0171.931] GetThemeAppProperties () returned 0x3
[0171.931] GetThemeAppProperties () returned 0x3
[0171.931] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0171.931] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0171.931] GetCurrentObject (hdc=0xc5010803, type=0x1) returned 0xb00017
[0171.931] GetCurrentObject (hdc=0xc5010803, type=0x2) returned 0x900010
[0171.931] GetCurrentObject (hdc=0xc5010803, type=0x7) returned 0x4a0507fe
[0171.931] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.931] SaveDC (hdc=0xc5010803) returned 1
[0171.931] GetTextAlign (hdc=0xc5010803) returned 0x0
[0171.931] GetTextColor (hdc=0xc5010803) returned 0x0
[0171.931] GetCurrentObject (hdc=0xc5010803, type=0x6) returned 0x8a01c2
[0171.931] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0171.931] SelectObject (hdc=0xc5010803, h=0x6d0a0520) returned 0x8a01c2
[0171.931] GetBkMode (hdc=0xc5010803) returned 2
[0171.932] SetBkMode (hdc=0xc5010803, mode=1) returned 2
[0171.932] DrawTextExW (in: hdc=0xc5010803, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e0eff0 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0171.932] DrawTextExW (in: hdc=0xc5010803, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e0eff0 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0171.932] RestoreDC (hdc=0xc5010803, nSavedDC=-1) returned 1
[0171.932] GdipReleaseDC (graphics=0x6600030, hdc=0xc5010803) returned 0x0
[0171.932] GetFocus () returned 0xc013e
[0171.932] IsAppThemed () returned 0x1
[0171.933] GetThemeAppProperties () returned 0x3
[0171.933] GetThemeAppProperties () returned 0x3
[0171.933] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0171.933] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xc5010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0171.933] GdipReleaseDC (graphics=0x6600030, hdc=0xc5010803) returned 0x0
[0171.933] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.933] SelectObject (hdc=0xc5010803, h=0x85000f) returned 0x4a0507fe
[0171.933] DeleteDC (hdc=0xc5010803) returned 1
[0171.933] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.933] EndPaint (hWnd=0xc013e, lpPaint=0xd7e24c) returned 1
[0171.933] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.934] IsWindowUnicode (hWnd=0xc02d8) returned 1
[0171.934] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.934] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.934] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.934] BeginPaint (in: hWnd=0xc02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0171.934] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.934] CreateCompatibleDC (hdc=0x60100ce) returned 0xc7010803
[0171.934] SelectObject (hdc=0xc7010803, h=0x4a0507fe) returned 0x85000f
[0171.934] GdipCreateFromHDC (hdc=0xc7010803, graphics=0xd7e268) returned 0x0
[0171.940] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0171.940] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0171.941] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0171.941] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0171.941] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2c8) returned 0x0
[0171.941] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0171.941] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0171.941] LocalFree (hMem=0x11eec58) returned 0x0
[0171.941] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0171.941] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0171.941] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0171.941] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0171.941] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0171.941] GdipRestoreGraphics (graphics=0x6600030, state=0xfc440dbd) returned 0x0
[0171.941] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0171.941] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0171.941] GetCurrentObject (hdc=0xc7010803, type=0x1) returned 0xb00017
[0171.941] GetCurrentObject (hdc=0xc7010803, type=0x2) returned 0x900010
[0171.942] GetCurrentObject (hdc=0xc7010803, type=0x7) returned 0x4a0507fe
[0171.942] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.942] SaveDC (hdc=0xc7010803) returned 1
[0171.942] GetNearestColor (hdc=0xc7010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.942] GetNearestColor (hdc=0xc7010803, color=0xa0a0a0) returned 0xa0a0a0
[0171.942] GetNearestColor (hdc=0xc7010803, color=0x696969) returned 0x696969
[0171.942] GetNearestColor (hdc=0xc7010803, color=0xa0a0a0) returned 0xa0a0a0
[0171.942] GetNearestColor (hdc=0xc7010803, color=0x0) returned 0x0
[0171.942] GetNearestColor (hdc=0xc7010803, color=0xffffff) returned 0xffffff
[0171.942] GetNearestColor (hdc=0xc7010803, color=0xe5e5e5) returned 0xe5e5e5
[0171.942] GetNearestColor (hdc=0xc7010803, color=0xd7d7d7) returned 0xd7d7d7
[0171.942] GetNearestColor (hdc=0xc7010803, color=0x0) returned 0x0
[0171.942] RestoreDC (hdc=0xc7010803, nSavedDC=-1) returned 1
[0171.942] GdipReleaseDC (graphics=0x6600030, hdc=0xc7010803) returned 0x0
[0171.943] IsAppThemed () returned 0x1
[0171.943] GetThemeAppProperties () returned 0x3
[0171.943] GetThemeAppProperties () returned 0x3
[0171.943] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0171.943] SendMessageW (hWnd=0xa02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0171.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0171.943] IsAppThemed () returned 0x1
[0171.943] GetThemeAppProperties () returned 0x3
[0171.943] GetThemeAppProperties () returned 0x3
[0171.943] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e0f800 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0171.943] IsAppThemed () returned 0x1
[0171.943] GetThemeAppProperties () returned 0x3
[0171.943] GetThemeAppProperties () returned 0x3
[0171.943] IsAppThemed () returned 0x1
[0171.943] GetThemeAppProperties () returned 0x3
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] IsAppThemed () returned 0x1
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] IsAppThemed () returned 0x1
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] IsThemePartDefined () returned 0x1
[0171.944] IsAppThemed () returned 0x1
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0171.944] IsAppThemed () returned 0x1
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] IsAppThemed () returned 0x1
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] GetThemeAppProperties () returned 0x3
[0171.944] IsThemePartDefined () returned 0x1
[0171.944] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0171.944] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0171.944] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0171.945] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0171.945] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfe4) returned 0x0
[0171.945] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0171.945] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eed00) returned 0x0
[0171.945] LocalFree (hMem=0x11eed00) returned 0x0
[0171.945] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0171.945] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0171.945] LocalFree (hMem=0x11ee8d8) returned 0x0
[0171.945] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0171.945] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0171.945] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0171.945] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0171.945] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0171.945] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0171.945] GetCurrentObject (hdc=0xc7010803, type=0x1) returned 0xb00017
[0171.945] GetCurrentObject (hdc=0xc7010803, type=0x2) returned 0x900010
[0171.945] GetCurrentObject (hdc=0xc7010803, type=0x7) returned 0x4a0507fe
[0171.946] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.946] SaveDC (hdc=0xc7010803) returned 1
[0171.946] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xec0407de
[0171.946] GetClipRgn (hdc=0xc7010803, hrgn=0xec0407de) returned 0
[0171.946] SelectClipRgn (hdc=0xc7010803, hrgn=0x6a040807) returned 2
[0171.946] DeleteObject (ho=0xec0407de) returned 1
[0171.946] DeleteObject (ho=0x6a040807) returned 1
[0171.946] OffsetViewportOrgEx (in: hdc=0xc7010803, x=0, y=0, lppt=0x2e0feb0 | out: lppt=0x2e0feb0) returned 1
[0171.946] DrawThemeParentBackground () returned 0x0
[0171.946] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0171.946] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0171.946] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.947] GetSystemMetrics (nIndex=42) returned 0
[0171.947] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0171.947] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0171.947] GetCurrentObject (hdc=0xc7010803, type=0x1) returned 0xb00017
[0171.947] GetCurrentObject (hdc=0xc7010803, type=0x2) returned 0x900010
[0171.947] GetCurrentObject (hdc=0xc7010803, type=0x7) returned 0x4a0507fe
[0171.947] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.947] SaveDC (hdc=0xc7010803) returned 2
[0171.947] GetNearestColor (hdc=0xc7010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.947] CreateSolidBrush (color=0xf0f0f0) returned 0x801007e1
[0171.947] FillRect (hDC=0xc7010803, lprc=0xd7da30, hbr=0x801007e1) returned 1
[0171.947] DeleteObject (ho=0x801007e1) returned 1
[0171.947] RestoreDC (hdc=0xc7010803, nSavedDC=-1) returned 1
[0171.948] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.948] GetSystemMetrics (nIndex=42) returned 0
[0171.948] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0171.948] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0171.948] GetCurrentObject (hdc=0xc7010803, type=0x1) returned 0xb00017
[0171.948] GetCurrentObject (hdc=0xc7010803, type=0x2) returned 0x900010
[0171.948] GetCurrentObject (hdc=0xc7010803, type=0x7) returned 0x4a0507fe
[0171.948] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.948] SaveDC (hdc=0xc7010803) returned 2
[0171.948] GetNearestColor (hdc=0xc7010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.948] CreateSolidBrush (color=0xf0f0f0) returned 0x811007e1
[0171.948] FillRect (hDC=0xc7010803, lprc=0xd7d9d0, hbr=0x811007e1) returned 1
[0171.948] DeleteObject (ho=0x811007e1) returned 1
[0171.948] RestoreDC (hdc=0xc7010803, nSavedDC=-1) returned 1
[0171.948] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.949] GetSystemMetrics (nIndex=42) returned 0
[0171.949] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0171.949] RestoreDC (hdc=0xc7010803, nSavedDC=-1) returned 1
[0171.949] GdipReleaseDC (graphics=0x6600030, hdc=0xc7010803) returned 0x0
[0171.949] IsAppThemed () returned 0x1
[0171.949] GetThemeAppProperties () returned 0x3
[0171.949] GetThemeAppProperties () returned 0x3
[0171.949] IsAppThemed () returned 0x1
[0171.949] GetThemeAppProperties () returned 0x3
[0171.949] GetThemeAppProperties () returned 0x3
[0171.949] IsThemePartDefined () returned 0x1
[0171.949] GdipCreateRegion (region=0xd7df50) returned 0x0
[0171.949] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0171.949] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0171.949] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0171.950] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0171.950] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0171.950] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea60) returned 0x0
[0171.950] LocalFree (hMem=0x11eea60) returned 0x0
[0171.950] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.950] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0171.950] LocalFree (hMem=0x11ee868) returned 0x0
[0171.951] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0171.951] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0171.951] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0171.951] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0171.951] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0171.951] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0171.951] GetCurrentObject (hdc=0xc7010803, type=0x1) returned 0xb00017
[0171.951] GetCurrentObject (hdc=0xc7010803, type=0x2) returned 0x900010
[0171.951] GetCurrentObject (hdc=0xc7010803, type=0x7) returned 0x4a0507fe
[0171.951] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.951] SaveDC (hdc=0xc7010803) returned 1
[0171.951] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b040807
[0171.951] GetClipRgn (hdc=0xc7010803, hrgn=0x6b040807) returned 0
[0171.951] SelectClipRgn (hdc=0xc7010803, hrgn=0xee0407de) returned 2
[0171.951] DeleteObject (ho=0x6b040807) returned 1
[0171.951] DeleteObject (ho=0xee0407de) returned 1
[0171.951] OffsetViewportOrgEx (in: hdc=0xc7010803, x=0, y=0, lppt=0x2e10834 | out: lppt=0x2e10834) returned 1
[0171.952] IsAppThemed () returned 0x1
[0171.952] GetThemeAppProperties () returned 0x3
[0171.952] GetThemeAppProperties () returned 0x3
[0171.952] DrawThemeBackground () returned 0x0
[0171.952] RestoreDC (hdc=0xc7010803, nSavedDC=-1) returned 1
[0171.952] GdipReleaseDC (graphics=0x6600030, hdc=0xc7010803) returned 0x0
[0171.952] GdipCreateRegion (region=0xd7df54) returned 0x0
[0171.952] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0171.952] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0171.952] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0171.952] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df6c) returned 0x0
[0171.952] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0171.952] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0171.952] LocalFree (hMem=0x11ee8d8) returned 0x0
[0171.953] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0171.953] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0171.953] LocalFree (hMem=0x11ee868) returned 0x0
[0171.953] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0171.953] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0171.953] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0171.953] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0171.953] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0171.953] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0171.953] GetCurrentObject (hdc=0xc7010803, type=0x1) returned 0xb00017
[0171.953] GetCurrentObject (hdc=0xc7010803, type=0x2) returned 0x900010
[0171.953] GetCurrentObject (hdc=0xc7010803, type=0x7) returned 0x4a0507fe
[0171.953] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.953] SaveDC (hdc=0xc7010803) returned 1
[0171.953] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xef0407de
[0171.953] GetClipRgn (hdc=0xc7010803, hrgn=0xef0407de) returned 0
[0171.953] SelectClipRgn (hdc=0xc7010803, hrgn=0x6c040807) returned 2
[0171.954] DeleteObject (ho=0xef0407de) returned 1
[0171.954] DeleteObject (ho=0x6c040807) returned 1
[0171.954] OffsetViewportOrgEx (in: hdc=0xc7010803, x=0, y=0, lppt=0x2e10b08 | out: lppt=0x2e10b08) returned 1
[0171.954] IsAppThemed () returned 0x1
[0171.954] GetThemeAppProperties () returned 0x3
[0171.954] GetThemeAppProperties () returned 0x3
[0171.954] GetThemeBackgroundContentRect () returned 0x0
[0171.954] RestoreDC (hdc=0xc7010803, nSavedDC=-1) returned 1
[0171.954] GdipReleaseDC (graphics=0x6600030, hdc=0xc7010803) returned 0x0
[0171.954] IsAppThemed () returned 0x1
[0171.954] GetThemeAppProperties () returned 0x3
[0171.954] GetThemeAppProperties () returned 0x3
[0171.954] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0171.954] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0171.954] GetCurrentObject (hdc=0xc7010803, type=0x1) returned 0xb00017
[0171.954] GetCurrentObject (hdc=0xc7010803, type=0x2) returned 0x900010
[0171.954] GetCurrentObject (hdc=0xc7010803, type=0x7) returned 0x4a0507fe
[0171.955] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.955] SaveDC (hdc=0xc7010803) returned 1
[0171.955] GetTextAlign (hdc=0xc7010803) returned 0x0
[0171.955] GetTextColor (hdc=0xc7010803) returned 0x0
[0171.955] GetCurrentObject (hdc=0xc7010803, type=0x6) returned 0x8a01c2
[0171.955] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0171.955] SelectObject (hdc=0xc7010803, h=0x6d0a0520) returned 0x8a01c2
[0171.955] GetBkMode (hdc=0xc7010803) returned 2
[0171.955] SetBkMode (hdc=0xc7010803, mode=1) returned 2
[0171.955] DrawTextExW (in: hdc=0xc7010803, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e10ea8 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0171.956] DrawTextExW (in: hdc=0xc7010803, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e10ea8 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0171.956] RestoreDC (hdc=0xc7010803, nSavedDC=-1) returned 1
[0171.956] GdipReleaseDC (graphics=0x6600030, hdc=0xc7010803) returned 0x0
[0171.956] GetFocus () returned 0xc013e
[0171.956] IsAppThemed () returned 0x1
[0171.956] GetThemeAppProperties () returned 0x3
[0171.956] GetThemeAppProperties () returned 0x3
[0171.956] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0171.956] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xc7010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0171.956] GdipReleaseDC (graphics=0x6600030, hdc=0xc7010803) returned 0x0
[0171.957] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0171.957] SelectObject (hdc=0xc7010803, h=0x85000f) returned 0x4a0507fe
[0171.957] DeleteDC (hdc=0xc7010803) returned 1
[0171.957] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0171.957] EndPaint (hWnd=0xc02d8, lpPaint=0xd7e24c) returned 1
[0171.957] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.957] IsWindowUnicode (hWnd=0x8005a) returned 1
[0171.957] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0171.957] TranslateMessage (lpMsg=0xd7e808) returned 0
[0171.957] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0171.958] BeginPaint (in: hWnd=0x8005a, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0171.958] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0171.958] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc9010803
[0171.958] SelectObject (hdc=0xc9010803, h=0x4a0507fe) returned 0x85000f
[0171.958] GdipCreateFromHDC (hdc=0xc9010803, graphics=0xd7e268) returned 0x0
[0171.958] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0171.958] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0171.958] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0171.958] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0171.958] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0171.958] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0171.959] LocalFree (hMem=0x11ee868) returned 0x0
[0171.959] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0171.959] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0171.959] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0171.959] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0171.959] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0171.959] GdipRestoreGraphics (graphics=0x6600030, state=0xfc420dbd) returned 0x0
[0171.959] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0171.959] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0171.959] GetCurrentObject (hdc=0xc9010803, type=0x1) returned 0xb00017
[0171.959] GetCurrentObject (hdc=0xc9010803, type=0x2) returned 0x900010
[0171.959] GetCurrentObject (hdc=0xc9010803, type=0x7) returned 0x4a0507fe
[0171.959] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0171.959] SaveDC (hdc=0xc9010803) returned 1
[0171.959] GetNearestColor (hdc=0xc9010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.959] GetNearestColor (hdc=0xc9010803, color=0xa0a0a0) returned 0xa0a0a0
[0171.959] GetNearestColor (hdc=0xc9010803, color=0x696969) returned 0x696969
[0171.960] GetNearestColor (hdc=0xc9010803, color=0xa0a0a0) returned 0xa0a0a0
[0171.960] GetNearestColor (hdc=0xc9010803, color=0x0) returned 0x0
[0171.960] GetNearestColor (hdc=0xc9010803, color=0xffffff) returned 0xffffff
[0171.960] GetNearestColor (hdc=0xc9010803, color=0xe5e5e5) returned 0xe5e5e5
[0171.960] GetNearestColor (hdc=0xc9010803, color=0xd7d7d7) returned 0xd7d7d7
[0171.960] GetNearestColor (hdc=0xc9010803, color=0x0) returned 0x0
[0171.960] RestoreDC (hdc=0xc9010803, nSavedDC=-1) returned 1
[0171.960] GdipReleaseDC (graphics=0x6600030, hdc=0xc9010803) returned 0x0
[0171.960] IsAppThemed () returned 0x1
[0171.960] GetThemeAppProperties () returned 0x3
[0171.960] GetThemeAppProperties () returned 0x3
[0171.960] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0171.960] SendMessageW (hWnd=0xa02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0171.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0171.960] IsAppThemed () returned 0x1
[0171.961] GetThemeAppProperties () returned 0x3
[0171.961] GetThemeAppProperties () returned 0x3
[0171.961] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e116b8 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0171.961] IsAppThemed () returned 0x1
[0171.961] GetThemeAppProperties () returned 0x3
[0171.961] GetThemeAppProperties () returned 0x3
[0171.961] IsAppThemed () returned 0x1
[0171.961] GetThemeAppProperties () returned 0x3
[0171.961] GetThemeAppProperties () returned 0x3
[0171.961] GetFocus () returned 0xc013e
[0171.961] IsAppThemed () returned 0x1
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] IsAppThemed () returned 0x1
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] IsThemePartDefined () returned 0x1
[0171.962] IsAppThemed () returned 0x1
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0171.962] IsAppThemed () returned 0x1
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] GetThemeAppProperties () returned 0x3
[0171.962] IsAppThemed () returned 0x1
[0171.963] GetThemeAppProperties () returned 0x3
[0171.963] GetThemeAppProperties () returned 0x3
[0171.963] IsThemePartDefined () returned 0x1
[0171.963] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0171.963] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0171.963] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0171.963] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0171.963] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0171.963] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0171.963] LocalFree (hMem=0x11ee8d8) returned 0x0
[0171.963] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0171.963] LocalFree (hMem=0x11ee9f0) returned 0x0
[0171.963] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0171.963] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e018) returned 0x0
[0171.963] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e008) returned 0x0
[0171.963] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0171.963] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0171.963] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0171.963] GetCurrentObject (hdc=0xc9010803, type=0x1) returned 0xb00017
[0171.963] GetCurrentObject (hdc=0xc9010803, type=0x2) returned 0x900010
[0171.963] GetCurrentObject (hdc=0xc9010803, type=0x7) returned 0x4a0507fe
[0171.964] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0171.964] SaveDC (hdc=0xc9010803) returned 1
[0171.964] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6d040807
[0171.964] GetClipRgn (hdc=0xc9010803, hrgn=0x6d040807) returned 0
[0171.964] SelectClipRgn (hdc=0xc9010803, hrgn=0xf30407de) returned 2
[0171.964] DeleteObject (ho=0x6d040807) returned 1
[0171.964] DeleteObject (ho=0xf30407de) returned 1
[0171.964] OffsetViewportOrgEx (in: hdc=0xc9010803, x=0, y=0, lppt=0x2e11d68 | out: lppt=0x2e11d68) returned 1
[0171.964] DrawThemeParentBackground () returned 0x0
[0171.964] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0171.964] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0171.964] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.964] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.965] GetSystemMetrics (nIndex=42) returned 0
[0171.965] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0171.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0171.965] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0171.965] GetCurrentObject (hdc=0xc9010803, type=0x1) returned 0xb00017
[0171.965] GetCurrentObject (hdc=0xc9010803, type=0x2) returned 0x900010
[0171.965] GetCurrentObject (hdc=0xc9010803, type=0x7) returned 0x4a0507fe
[0171.965] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0171.965] SaveDC (hdc=0xc9010803) returned 2
[0171.965] GetNearestColor (hdc=0xc9010803, color=0xf0f0f0) returned 0xf0f0f0
[0171.965] CreateSolidBrush (color=0xf0f0f0) returned 0x821007e1
[0171.965] FillRect (hDC=0xc9010803, lprc=0xd7da38, hbr=0x821007e1) returned 1
[0171.965] DeleteObject (ho=0x821007e1) returned 1
[0171.965] RestoreDC (hdc=0xc9010803, nSavedDC=-1) returned 1
[0171.965] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0171.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0171.965] GetSystemMetrics (nIndex=42) returned 0
[0171.966] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0172.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0172.064] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0172.064] GetCurrentObject (hdc=0xc9010803, type=0x1) returned 0xb00017
[0172.064] GetCurrentObject (hdc=0xc9010803, type=0x2) returned 0x900010
[0172.064] GetCurrentObject (hdc=0xc9010803, type=0x7) returned 0x4a0507fe
[0172.064] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0172.064] SaveDC (hdc=0xc9010803) returned 2
[0172.064] GetNearestColor (hdc=0xc9010803, color=0xf0f0f0) returned 0xf0f0f0
[0172.064] CreateSolidBrush (color=0xf0f0f0) returned 0x831007e1
[0172.064] FillRect (hDC=0xc9010803, lprc=0xd7d9d8, hbr=0x831007e1) returned 1
[0172.064] DeleteObject (ho=0x831007e1) returned 1
[0172.064] RestoreDC (hdc=0xc9010803, nSavedDC=-1) returned 1
[0172.064] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0172.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0172.064] GetSystemMetrics (nIndex=42) returned 0
[0172.064] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0172.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0172.065] RestoreDC (hdc=0xc9010803, nSavedDC=-1) returned 1
[0172.065] GdipReleaseDC (graphics=0x6600030, hdc=0xc9010803) returned 0x0
[0172.065] IsAppThemed () returned 0x1
[0172.065] GetThemeAppProperties () returned 0x3
[0172.065] GetThemeAppProperties () returned 0x3
[0172.065] IsAppThemed () returned 0x1
[0172.065] GetThemeAppProperties () returned 0x3
[0172.065] GetThemeAppProperties () returned 0x3
[0172.065] IsThemePartDefined () returned 0x1
[0172.065] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0172.065] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0172.065] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0172.065] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0172.065] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df74) returned 0x0
[0172.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.065] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0172.065] LocalFree (hMem=0x11eec58) returned 0x0
[0172.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.065] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0172.065] LocalFree (hMem=0x11eec58) returned 0x0
[0172.065] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0172.065] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0172.065] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0172.066] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0172.066] GdipDeleteRegion (region=0x6646298) returned 0x0
[0172.066] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0172.066] GetCurrentObject (hdc=0xc9010803, type=0x1) returned 0xb00017
[0172.066] GetCurrentObject (hdc=0xc9010803, type=0x2) returned 0x900010
[0172.066] GetCurrentObject (hdc=0xc9010803, type=0x7) returned 0x4a0507fe
[0172.066] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0172.066] SaveDC (hdc=0xc9010803) returned 1
[0172.066] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf40407de
[0172.066] GetClipRgn (hdc=0xc9010803, hrgn=0xf40407de) returned 0
[0172.066] SelectClipRgn (hdc=0xc9010803, hrgn=0x6f040807) returned 2
[0172.066] DeleteObject (ho=0xf40407de) returned 1
[0172.066] DeleteObject (ho=0x6f040807) returned 1
[0172.066] OffsetViewportOrgEx (in: hdc=0xc9010803, x=0, y=0, lppt=0x2e126ec | out: lppt=0x2e126ec) returned 1
[0172.066] IsAppThemed () returned 0x1
[0172.066] GetThemeAppProperties () returned 0x3
[0172.066] GetThemeAppProperties () returned 0x3
[0172.066] DrawThemeBackground () returned 0x0
[0172.066] RestoreDC (hdc=0xc9010803, nSavedDC=-1) returned 1
[0172.066] GdipReleaseDC (graphics=0x6600030, hdc=0xc9010803) returned 0x0
[0172.066] GdipCreateRegion (region=0xd7df60) returned 0x0
[0172.067] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0172.067] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0172.067] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0172.067] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df78) returned 0x0
[0172.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0172.067] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0172.067] LocalFree (hMem=0x11ee868) returned 0x0
[0172.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0172.067] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0172.067] LocalFree (hMem=0x11ee8d8) returned 0x0
[0172.067] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0172.067] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0172.067] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0172.067] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0172.067] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0172.067] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0172.067] GetCurrentObject (hdc=0xc9010803, type=0x1) returned 0xb00017
[0172.067] GetCurrentObject (hdc=0xc9010803, type=0x2) returned 0x900010
[0172.067] GetCurrentObject (hdc=0xc9010803, type=0x7) returned 0x4a0507fe
[0172.067] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0172.068] SaveDC (hdc=0xc9010803) returned 1
[0172.068] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x70040807
[0172.068] GetClipRgn (hdc=0xc9010803, hrgn=0x70040807) returned 0
[0172.068] SelectClipRgn (hdc=0xc9010803, hrgn=0xf50407de) returned 2
[0172.068] DeleteObject (ho=0x70040807) returned 1
[0172.068] DeleteObject (ho=0xf50407de) returned 1
[0172.068] OffsetViewportOrgEx (in: hdc=0xc9010803, x=0, y=0, lppt=0x2e129c0 | out: lppt=0x2e129c0) returned 1
[0172.068] IsAppThemed () returned 0x1
[0172.068] GetThemeAppProperties () returned 0x3
[0172.068] GetThemeAppProperties () returned 0x3
[0172.068] GetThemeBackgroundContentRect () returned 0x0
[0172.068] RestoreDC (hdc=0xc9010803, nSavedDC=-1) returned 1
[0172.068] GdipReleaseDC (graphics=0x6600030, hdc=0xc9010803) returned 0x0
[0172.068] IsAppThemed () returned 0x1
[0172.068] GetThemeAppProperties () returned 0x3
[0172.068] GetThemeAppProperties () returned 0x3
[0172.068] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0172.068] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0172.068] GetCurrentObject (hdc=0xc9010803, type=0x1) returned 0xb00017
[0172.068] GetCurrentObject (hdc=0xc9010803, type=0x2) returned 0x900010
[0172.068] GetCurrentObject (hdc=0xc9010803, type=0x7) returned 0x4a0507fe
[0172.069] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0172.069] SaveDC (hdc=0xc9010803) returned 1
[0172.069] GetTextAlign (hdc=0xc9010803) returned 0x0
[0172.069] GetTextColor (hdc=0xc9010803) returned 0x0
[0172.069] GetCurrentObject (hdc=0xc9010803, type=0x6) returned 0x8a01c2
[0172.069] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0172.069] SelectObject (hdc=0xc9010803, h=0x6d0a0520) returned 0x8a01c2
[0172.069] GetBkMode (hdc=0xc9010803) returned 2
[0172.069] SetBkMode (hdc=0xc9010803, mode=1) returned 2
[0172.069] DrawTextExW (in: hdc=0xc9010803, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e12d60 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0172.069] DrawTextExW (in: hdc=0xc9010803, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e12d60 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0172.070] RestoreDC (hdc=0xc9010803, nSavedDC=-1) returned 1
[0172.070] GdipReleaseDC (graphics=0x6600030, hdc=0xc9010803) returned 0x0
[0172.070] GetFocus () returned 0xc013e
[0172.070] IsAppThemed () returned 0x1
[0172.070] GetThemeAppProperties () returned 0x3
[0172.070] GetThemeAppProperties () returned 0x3
[0172.070] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0172.070] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xc9010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0172.070] GdipReleaseDC (graphics=0x6600030, hdc=0xc9010803) returned 0x0
[0172.070] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.070] SelectObject (hdc=0xc9010803, h=0x85000f) returned 0x4a0507fe
[0172.070] DeleteDC (hdc=0xc9010803) returned 1
[0172.070] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0172.070] EndPaint (hWnd=0x8005a, lpPaint=0xd7e24c) returned 1
[0172.071] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0172.071] IsWindowUnicode (hWnd=0x602c4) returned 1
[0172.071] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0172.071] TranslateMessage (lpMsg=0xd7e808) returned 0
[0172.071] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0172.071] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0172.071] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0172.071] CreateCompatibleDC (hdc=0x10105d6) returned 0xcb010803
[0172.071] SelectObject (hdc=0xcb010803, h=0x4a0507fe) returned 0x85000f
[0172.071] GdipCreateFromHDC (hdc=0xcb010803, graphics=0xd7e268) returned 0x0
[0172.071] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0172.071] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0172.072] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0172.072] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0172.072] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0172.072] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0172.072] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eed00) returned 0x0
[0172.072] LocalFree (hMem=0x11eed00) returned 0x0
[0172.072] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0172.072] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0172.072] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0172.072] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0172.072] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0172.072] GdipRestoreGraphics (graphics=0x6600030, state=0xfc400dbd) returned 0x0
[0172.072] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0172.072] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0172.072] GetCurrentObject (hdc=0xcb010803, type=0x1) returned 0xb00017
[0172.072] GetCurrentObject (hdc=0xcb010803, type=0x2) returned 0x900010
[0172.072] GetCurrentObject (hdc=0xcb010803, type=0x7) returned 0x4a0507fe
[0172.072] GetCurrentObject (hdc=0xcb010803, type=0x6) returned 0x8a01c2
[0172.072] SaveDC (hdc=0xcb010803) returned 1
[0172.073] GetNearestColor (hdc=0xcb010803, color=0xff) returned 0xff
[0172.073] GetNearestColor (hdc=0xcb010803, color=0x55) returned 0x55
[0172.073] GetNearestColor (hdc=0xcb010803, color=0x0) returned 0x0
[0172.073] GetNearestColor (hdc=0xcb010803, color=0x55) returned 0x55
[0172.073] GetNearestColor (hdc=0xcb010803, color=0x0) returned 0x0
[0172.073] GetNearestColor (hdc=0xcb010803, color=0x8080ff) returned 0x8080ff
[0172.073] GetNearestColor (hdc=0xcb010803, color=0x7373e5) returned 0x7373e5
[0172.073] GetNearestColor (hdc=0xcb010803, color=0xe5) returned 0xe5
[0172.073] GetNearestColor (hdc=0xcb010803, color=0x0) returned 0x0
[0172.073] RestoreDC (hdc=0xcb010803, nSavedDC=-1) returned 1
[0172.073] GdipReleaseDC (graphics=0x6600030, hdc=0xcb010803) returned 0x0
[0172.073] IsAppThemed () returned 0x1
[0172.073] GetThemeAppProperties () returned 0x3
[0172.073] GetThemeAppProperties () returned 0x3
[0172.073] IsAppThemed () returned 0x1
[0172.073] GetThemeAppProperties () returned 0x3
[0172.073] GetThemeAppProperties () returned 0x3
[0172.073] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e13528 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0172.074] IsAppThemed () returned 0x1
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] IsAppThemed () returned 0x1
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetFocus () returned 0xc013e
[0172.074] IsAppThemed () returned 0x1
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] IsAppThemed () returned 0x1
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] IsThemePartDefined () returned 0x1
[0172.074] IsAppThemed () returned 0x1
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0172.074] IsAppThemed () returned 0x1
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] IsAppThemed () returned 0x1
[0172.074] GetThemeAppProperties () returned 0x3
[0172.074] GetThemeAppProperties () returned 0x3
[0172.075] IsThemePartDefined () returned 0x1
[0172.075] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0172.075] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0172.075] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0172.075] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0172.075] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dff0) returned 0x0
[0172.075] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0172.075] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eead0) returned 0x0
[0172.075] LocalFree (hMem=0x11eead0) returned 0x0
[0172.075] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0172.083] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0172.083] LocalFree (hMem=0x11ee868) returned 0x0
[0172.083] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0172.083] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0172.083] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0172.083] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0172.083] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0172.083] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0172.083] GetCurrentObject (hdc=0xcb010803, type=0x1) returned 0xb00017
[0172.083] GetCurrentObject (hdc=0xcb010803, type=0x2) returned 0x900010
[0172.083] GetCurrentObject (hdc=0xcb010803, type=0x7) returned 0x4a0507fe
[0172.083] GetCurrentObject (hdc=0xcb010803, type=0x6) returned 0x8a01c2
[0172.083] SaveDC (hdc=0xcb010803) returned 1
[0172.083] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf60407de
[0172.083] GetClipRgn (hdc=0xcb010803, hrgn=0xf60407de) returned 0
[0172.084] SelectClipRgn (hdc=0xcb010803, hrgn=0x74040807) returned 2
[0172.084] DeleteObject (ho=0xf60407de) returned 1
[0172.084] DeleteObject (ho=0x74040807) returned 1
[0172.084] OffsetViewportOrgEx (in: hdc=0xcb010803, x=0, y=0, lppt=0x2e13bd8 | out: lppt=0x2e13bd8) returned 1
[0172.084] DrawThemeParentBackground () returned 0x0
[0172.084] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0172.084] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0172.084] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0172.084] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0172.084] GetSystemMetrics (nIndex=42) returned 0
[0172.084] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0172.084] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0172.084] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0172.084] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0172.084] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0172.084] SelectPalette (hdc=0xcb010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0172.084] GdipCreateFromHDC (hdc=0xcb010803, graphics=0xd7dac8) returned 0x0
[0172.085] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0172.085] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0172.085] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638c38) returned 0x0
[0172.085] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7daa0) returned 0x0
[0172.085] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0172.085] GdipCreateRegion (region=0xd7da88) returned 0x0
[0172.085] GdipGetClip (graphics=0x664e508, region=0x6646b08) returned 0x0
[0172.085] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x664e508, result=0xd7da94) returned 0x0
[0172.085] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0172.085] GdipSaveGraphics (graphics=0x664e508, state=0xd7dac0) returned 0x0
[0172.085] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0172.093] GdipFillRectangleI (graphics=0x664e508, brush=0x66362f8, x=0, y=0, width=801, height=453) returned 0x0
[0172.094] GdipDeleteBrush (brush=0x66362f8) returned 0x0
[0172.095] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0172.095] SelectPalette (hdc=0xcb010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.095] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0172.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0172.095] GetSystemMetrics (nIndex=42) returned 0
[0172.095] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0172.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0172.095] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0172.095] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0172.096] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0172.096] SelectPalette (hdc=0xcb010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0172.096] GdipCreateFromHDC (hdc=0xcb010803, graphics=0xd7da68) returned 0x0
[0172.096] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0172.096] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0172.096] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638b18) returned 0x0
[0172.096] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7da40) returned 0x0
[0172.096] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0172.096] GdipCreateRegion (region=0xd7da28) returned 0x0
[0172.096] GdipGetClip (graphics=0x664e508, region=0x6646b08) returned 0x0
[0172.096] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x664e508, result=0xd7da34) returned 0x0
[0172.096] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0172.096] GdipSaveGraphics (graphics=0x664e508, state=0xd7da60) returned 0x0
[0172.096] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0172.104] GdipFillRectangleI (graphics=0x664e508, brush=0x66367d8, x=0, y=0, width=801, height=453) returned 0x0
[0172.104] GdipDeleteBrush (brush=0x66367d8) returned 0x0
[0172.105] GdipRestoreGraphics (graphics=0x664e508, state=0xfc3c0dbd) returned 0x0
[0172.105] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0172.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0172.105] GetSystemMetrics (nIndex=42) returned 0
[0172.105] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0172.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0172.105] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0172.105] SelectPalette (hdc=0xcb010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.105] RestoreDC (hdc=0xcb010803, nSavedDC=-1) returned 1
[0172.106] GdipReleaseDC (graphics=0x6600030, hdc=0xcb010803) returned 0x0
[0172.106] IsAppThemed () returned 0x1
[0172.106] GetThemeAppProperties () returned 0x3
[0172.106] GetThemeAppProperties () returned 0x3
[0172.106] IsAppThemed () returned 0x1
[0172.106] GetThemeAppProperties () returned 0x3
[0172.106] GetThemeAppProperties () returned 0x3
[0172.106] IsThemePartDefined () returned 0x1
[0172.106] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0172.106] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0172.106] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0172.106] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0172.106] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0172.106] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0172.106] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0172.112] LocalFree (hMem=0x11ee9f0) returned 0x0
[0172.112] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0172.112] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0172.112] LocalFree (hMem=0x11eecc8) returned 0x0
[0172.112] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0172.112] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0172.112] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0172.112] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0172.112] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0172.112] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0172.112] GetCurrentObject (hdc=0xcb010803, type=0x1) returned 0xb00017
[0172.112] GetCurrentObject (hdc=0xcb010803, type=0x2) returned 0x900010
[0172.112] GetCurrentObject (hdc=0xcb010803, type=0x7) returned 0x4a0507fe
[0172.112] GetCurrentObject (hdc=0xcb010803, type=0x6) returned 0x8a01c2
[0172.112] SaveDC (hdc=0xcb010803) returned 1
[0172.112] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x75040807
[0172.112] GetClipRgn (hdc=0xcb010803, hrgn=0x75040807) returned 0
[0172.112] SelectClipRgn (hdc=0xcb010803, hrgn=0xf80407de) returned 2
[0172.112] DeleteObject (ho=0x75040807) returned 1
[0172.113] DeleteObject (ho=0xf80407de) returned 1
[0172.113] OffsetViewportOrgEx (in: hdc=0xcb010803, x=0, y=0, lppt=0x2e1a428 | out: lppt=0x2e1a428) returned 1
[0172.113] IsAppThemed () returned 0x1
[0172.113] GetThemeAppProperties () returned 0x3
[0172.113] GetThemeAppProperties () returned 0x3
[0172.113] DrawThemeBackground () returned 0x0
[0172.113] RestoreDC (hdc=0xcb010803, nSavedDC=-1) returned 1
[0172.113] GdipReleaseDC (graphics=0x6600030, hdc=0xcb010803) returned 0x0
[0172.113] GdipCreateRegion (region=0xd7df60) returned 0x0
[0172.113] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0172.113] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0172.113] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0172.113] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0172.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0172.113] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0172.113] LocalFree (hMem=0x11eed00) returned 0x0
[0172.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0172.113] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea28) returned 0x0
[0172.113] LocalFree (hMem=0x11eea28) returned 0x0
[0172.113] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0172.113] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0172.113] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0172.114] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0172.114] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0172.114] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0172.114] GetCurrentObject (hdc=0xcb010803, type=0x1) returned 0xb00017
[0172.114] GetCurrentObject (hdc=0xcb010803, type=0x2) returned 0x900010
[0172.114] GetCurrentObject (hdc=0xcb010803, type=0x7) returned 0x4a0507fe
[0172.114] GetCurrentObject (hdc=0xcb010803, type=0x6) returned 0x8a01c2
[0172.114] SaveDC (hdc=0xcb010803) returned 1
[0172.114] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf90407de
[0172.114] GetClipRgn (hdc=0xcb010803, hrgn=0xf90407de) returned 0
[0172.114] SelectClipRgn (hdc=0xcb010803, hrgn=0x76040807) returned 2
[0172.114] DeleteObject (ho=0xf90407de) returned 1
[0172.114] DeleteObject (ho=0x76040807) returned 1
[0172.114] OffsetViewportOrgEx (in: hdc=0xcb010803, x=0, y=0, lppt=0x2e1a6fc | out: lppt=0x2e1a6fc) returned 1
[0172.114] IsAppThemed () returned 0x1
[0172.114] GetThemeAppProperties () returned 0x3
[0172.114] GetThemeAppProperties () returned 0x3
[0172.114] GetThemeBackgroundContentRect () returned 0x0
[0172.114] RestoreDC (hdc=0xcb010803, nSavedDC=-1) returned 1
[0172.114] GdipReleaseDC (graphics=0x6600030, hdc=0xcb010803) returned 0x0
[0172.114] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0172.114] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0172.114] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0172.115] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0172.115] IsAppThemed () returned 0x1
[0172.115] GetThemeAppProperties () returned 0x3
[0172.115] GetThemeAppProperties () returned 0x3
[0172.115] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0172.115] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0172.115] GetCurrentObject (hdc=0xcb010803, type=0x1) returned 0xb00017
[0172.115] GetCurrentObject (hdc=0xcb010803, type=0x2) returned 0x900010
[0172.115] GetCurrentObject (hdc=0xcb010803, type=0x7) returned 0x4a0507fe
[0172.115] GetCurrentObject (hdc=0xcb010803, type=0x6) returned 0x8a01c2
[0172.115] SaveDC (hdc=0xcb010803) returned 1
[0172.115] GetTextAlign (hdc=0xcb010803) returned 0x0
[0172.115] GetTextColor (hdc=0xcb010803) returned 0x0
[0172.115] GetCurrentObject (hdc=0xcb010803, type=0x6) returned 0x8a01c2
[0172.115] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0172.115] SelectObject (hdc=0xcb010803, h=0x6d0a0520) returned 0x8a01c2
[0172.115] GetBkMode (hdc=0xcb010803) returned 2
[0172.115] SetBkMode (hdc=0xcb010803, mode=1) returned 2
[0172.116] DrawTextExW (in: hdc=0xcb010803, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e1aac0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0172.116] DrawTextExW (in: hdc=0xcb010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e1aac0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0172.116] RestoreDC (hdc=0xcb010803, nSavedDC=-1) returned 1
[0172.116] GdipReleaseDC (graphics=0x6600030, hdc=0xcb010803) returned 0x0
[0172.116] GetFocus () returned 0xc013e
[0172.116] IsAppThemed () returned 0x1
[0172.116] GetThemeAppProperties () returned 0x3
[0172.116] GetThemeAppProperties () returned 0x3
[0172.116] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0172.116] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xcb010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0172.117] GdipReleaseDC (graphics=0x6600030, hdc=0xcb010803) returned 0x0
[0172.117] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.117] SelectObject (hdc=0xcb010803, h=0x85000f) returned 0x4a0507fe
[0172.117] DeleteDC (hdc=0xcb010803) returned 1
[0172.117] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0172.117] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0172.117] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0172.117] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.117] IsWindowUnicode (hWnd=0xc02d8) returned 1
[0172.117] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0172.118] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.118] GetDlgItem (hDlg=0xa02de, nIDDlgItem=0) returned 0x0
[0172.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x210, wParam=0x201, lParam=0x69011e) returned 0x0
[0172.118] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x21, wParam=0xa02de, lParam=0x2010001) returned 0x1
[0172.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x21, wParam=0xa02de, lParam=0x2010001) returned 0x1
[0172.118] SetCursor (hCursor=0x10003) returned 0x10003
[0172.118] TranslateMessage (lpMsg=0xd7e808) returned 0
[0172.118] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0172.118] GetKeyState (nVirtKey=1) returned -127
[0172.118] GetKeyState (nVirtKey=2) returned 0
[0172.118] GetKeyState (nVirtKey=4) returned 0
[0172.118] GetKeyState (nVirtKey=5) returned 0
[0172.118] GetKeyState (nVirtKey=6) returned 0
[0172.118] IsWindowVisible (hWnd=0xc02d8) returned 1
[0172.118] IsWindowEnabled (hWnd=0xc02d8) returned 1
[0172.118] SetFocus (hWnd=0xc02d8) returned 0xc013e
[0172.119] GetFocus () returned 0xc02d8
[0172.119] IsChild (hWndParent=0xa02de, hWnd=0xc02d8) returned 1
[0172.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x8, wParam=0xc02d8, lParam=0x0) returned 0x0
[0172.119] GetCapture () returned 0x0
[0172.119] InvalidateRect (hWnd=0xc013e, lpRect=0x0, bErase=0) returned 1
[0172.120] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0172.121] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0172.123] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0172.123] InvalidateRect (hWnd=0xc013e, lpRect=0x0, bErase=0) returned 1
[0172.123] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0172.123] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x7, wParam=0xc013e, lParam=0x0) returned 0x0
[0172.124] GetStockObject (i=5) returned 0x900015
[0172.124] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0172.124] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0172.124] GetDlgItem (hDlg=0xa02de, nIDDlgItem=787160) returned 0xc02d8
[0172.124] SendMessageW (hWnd=0xc02d8, Msg=0x202b, wParam=0xc02d8, lParam=0xd7dddc) returned 0x0
[0172.124] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x202b, wParam=0xc02d8, lParam=0xd7dddc) returned 0x0
[0172.124] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0172.126] GetFocus () returned 0xc02d8
[0172.126] GetFocus () returned 0xc02d8
[0172.126] GetFocus () returned 0xc02d8
[0172.126] GetKeyState (nVirtKey=1) returned -127
[0172.126] GetKeyState (nVirtKey=2) returned 0
[0172.126] GetKeyState (nVirtKey=4) returned 0
[0172.126] GetKeyState (nVirtKey=5) returned 0
[0172.126] GetKeyState (nVirtKey=6) returned 0
[0172.126] GetCapture () returned 0x0
[0172.126] SetCapture (hWnd=0xc02d8) returned 0x0
[0172.126] GetKeyState (nVirtKey=1) returned -127
[0172.126] GetKeyState (nVirtKey=2) returned 0
[0172.126] GetKeyState (nVirtKey=4) returned 0
[0172.126] GetKeyState (nVirtKey=5) returned 0
[0172.126] GetKeyState (nVirtKey=6) returned 0
[0172.126] NotifyWinEvent (event=0x800a, hwnd=0xc02d8, idObject=-4, idChild=0)
[0172.126] InvalidateRect (hWnd=0xc02d8, lpRect=0xd7e430, bErase=0) returned 1
[0172.126] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0172.126] IsWindowUnicode (hWnd=0xc02d8) returned 1
[0172.126] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0172.127] TranslateMessage (lpMsg=0xd7e808) returned 0
[0172.127] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0172.127] MapWindowPoints (in: hWndFrom=0xc02d8, hWndTo=0x0, lpPoints=0x2e1acb0, cPoints=0x1 | out: lpPoints=0x2e1acb0) returned 30999254
[0172.127] NotifyWinEvent (event=0x800a, hwnd=0xc02d8, idObject=-4, idChild=0)
[0172.127] InvalidateRect (hWnd=0xc02d8, lpRect=0xd7e3d0, bErase=0) returned 1
[0172.127] UpdateWindow (hWnd=0xc02d8) returned 1
[0172.127] BeginPaint (in: hWnd=0xc02d8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0172.127] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0172.127] CreateCompatibleDC (hdc=0x60100ce) returned 0xcc010803
[0172.127] SelectObject (hdc=0xcc010803, h=0x4a0507fe) returned 0x85000f
[0172.127] GdipCreateFromHDC (hdc=0xcc010803, graphics=0xd7df00) returned 0x0
[0172.128] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0172.128] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0172.128] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0172.128] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0172.128] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df60) returned 0x0
[0172.128] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.128] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0172.128] LocalFree (hMem=0x11eec58) returned 0x0
[0172.128] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0172.128] GdipCreateRegion (region=0xd7df48) returned 0x0
[0172.128] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0172.128] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0172.128] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0172.128] GdipRestoreGraphics (graphics=0x6600030, state=0xfc3a0dbd) returned 0x0
[0172.128] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0172.128] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0172.128] GetCurrentObject (hdc=0xcc010803, type=0x1) returned 0xb00017
[0172.128] GetCurrentObject (hdc=0xcc010803, type=0x2) returned 0x900010
[0172.129] GetCurrentObject (hdc=0xcc010803, type=0x7) returned 0x4a0507fe
[0172.129] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.129] SaveDC (hdc=0xcc010803) returned 1
[0172.129] GetNearestColor (hdc=0xcc010803, color=0xf0f0f0) returned 0xf0f0f0
[0172.129] GetNearestColor (hdc=0xcc010803, color=0xa0a0a0) returned 0xa0a0a0
[0172.129] GetNearestColor (hdc=0xcc010803, color=0x696969) returned 0x696969
[0172.129] GetNearestColor (hdc=0xcc010803, color=0xa0a0a0) returned 0xa0a0a0
[0172.129] GetNearestColor (hdc=0xcc010803, color=0x0) returned 0x0
[0172.129] GetNearestColor (hdc=0xcc010803, color=0xffffff) returned 0xffffff
[0172.129] GetNearestColor (hdc=0xcc010803, color=0xe5e5e5) returned 0xe5e5e5
[0172.129] GetNearestColor (hdc=0xcc010803, color=0xd7d7d7) returned 0xd7d7d7
[0172.129] GetNearestColor (hdc=0xcc010803, color=0x0) returned 0x0
[0172.129] RestoreDC (hdc=0xcc010803, nSavedDC=-1) returned 1
[0172.129] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010803) returned 0x0
[0172.129] IsAppThemed () returned 0x1
[0172.129] GetThemeAppProperties () returned 0x3
[0172.129] GetThemeAppProperties () returned 0x3
[0172.129] IsAppThemed () returned 0x1
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e1b408 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0172.130] IsAppThemed () returned 0x1
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] IsAppThemed () returned 0x1
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] IsAppThemed () returned 0x1
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] IsAppThemed () returned 0x1
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] IsThemePartDefined () returned 0x1
[0172.130] IsAppThemed () returned 0x1
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] GetThemeAppProperties () returned 0x3
[0172.130] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0172.130] IsAppThemed () returned 0x1
[0172.131] GetThemeAppProperties () returned 0x3
[0172.131] GetThemeAppProperties () returned 0x3
[0172.131] IsAppThemed () returned 0x1
[0172.131] GetThemeAppProperties () returned 0x3
[0172.131] GetThemeAppProperties () returned 0x3
[0172.131] IsThemePartDefined () returned 0x1
[0172.131] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0172.131] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0172.131] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0172.131] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0172.131] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc7c) returned 0x0
[0172.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0172.131] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0172.131] LocalFree (hMem=0x11ee9f0) returned 0x0
[0172.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0172.131] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0172.131] LocalFree (hMem=0x11ee868) returned 0x0
[0172.131] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0172.131] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0172.131] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0172.131] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0172.131] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0172.131] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0172.131] GetCurrentObject (hdc=0xcc010803, type=0x1) returned 0xb00017
[0172.132] GetCurrentObject (hdc=0xcc010803, type=0x2) returned 0x900010
[0172.132] GetCurrentObject (hdc=0xcc010803, type=0x7) returned 0x4a0507fe
[0172.132] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.132] SaveDC (hdc=0xcc010803) returned 1
[0172.132] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x77040807
[0172.132] GetClipRgn (hdc=0xcc010803, hrgn=0x77040807) returned 0
[0172.132] SelectClipRgn (hdc=0xcc010803, hrgn=0xfd0407de) returned 2
[0172.132] DeleteObject (ho=0x77040807) returned 1
[0172.132] DeleteObject (ho=0xfd0407de) returned 1
[0172.132] OffsetViewportOrgEx (in: hdc=0xcc010803, x=0, y=0, lppt=0x2e1bab8 | out: lppt=0x2e1bab8) returned 1
[0172.132] DrawThemeParentBackground () returned 0x0
[0172.132] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0172.132] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0172.132] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0172.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0172.132] GetSystemMetrics (nIndex=42) returned 0
[0172.132] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0172.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0172.133] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x1) returned 0xb00017
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x2) returned 0x900010
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x7) returned 0x4a0507fe
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.133] SaveDC (hdc=0xcc010803) returned 2
[0172.133] GetNearestColor (hdc=0xcc010803, color=0xf0f0f0) returned 0xf0f0f0
[0172.133] CreateSolidBrush (color=0xf0f0f0) returned 0x841007e1
[0172.133] FillRect (hDC=0xcc010803, lprc=0xd7d6c8, hbr=0x841007e1) returned 1
[0172.133] DeleteObject (ho=0x841007e1) returned 1
[0172.133] RestoreDC (hdc=0xcc010803, nSavedDC=-1) returned 1
[0172.133] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0172.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0172.133] GetSystemMetrics (nIndex=42) returned 0
[0172.133] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0172.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0172.133] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x1) returned 0xb00017
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x2) returned 0x900010
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x7) returned 0x4a0507fe
[0172.133] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.134] SaveDC (hdc=0xcc010803) returned 2
[0172.134] GetNearestColor (hdc=0xcc010803, color=0xf0f0f0) returned 0xf0f0f0
[0172.134] CreateSolidBrush (color=0xf0f0f0) returned 0x851007e1
[0172.134] FillRect (hDC=0xcc010803, lprc=0xd7d668, hbr=0x851007e1) returned 1
[0172.134] DeleteObject (ho=0x851007e1) returned 1
[0172.134] RestoreDC (hdc=0xcc010803, nSavedDC=-1) returned 1
[0172.134] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0172.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0172.134] GetSystemMetrics (nIndex=42) returned 0
[0172.134] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0172.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0172.134] RestoreDC (hdc=0xcc010803, nSavedDC=-1) returned 1
[0172.134] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010803) returned 0x0
[0172.134] IsAppThemed () returned 0x1
[0172.134] GetThemeAppProperties () returned 0x3
[0172.134] GetThemeAppProperties () returned 0x3
[0172.134] IsAppThemed () returned 0x1
[0172.135] GetThemeAppProperties () returned 0x3
[0172.135] GetThemeAppProperties () returned 0x3
[0172.135] IsThemePartDefined () returned 0x1
[0172.135] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0172.135] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0172.135] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0172.135] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0172.135] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0172.135] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0172.135] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0172.135] LocalFree (hMem=0x11ee868) returned 0x0
[0172.135] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.135] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0172.135] LocalFree (hMem=0x11eec58) returned 0x0
[0172.135] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0172.135] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0172.135] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0172.135] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0172.135] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0172.135] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0172.135] GetCurrentObject (hdc=0xcc010803, type=0x1) returned 0xb00017
[0172.135] GetCurrentObject (hdc=0xcc010803, type=0x2) returned 0x900010
[0172.135] GetCurrentObject (hdc=0xcc010803, type=0x7) returned 0x4a0507fe
[0172.136] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.136] SaveDC (hdc=0xcc010803) returned 1
[0172.136] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfe0407de
[0172.136] GetClipRgn (hdc=0xcc010803, hrgn=0xfe0407de) returned 0
[0172.136] SelectClipRgn (hdc=0xcc010803, hrgn=0x79040807) returned 2
[0172.136] DeleteObject (ho=0xfe0407de) returned 1
[0172.136] DeleteObject (ho=0x79040807) returned 1
[0172.136] OffsetViewportOrgEx (in: hdc=0xcc010803, x=0, y=0, lppt=0x2e1c43c | out: lppt=0x2e1c43c) returned 1
[0172.136] IsAppThemed () returned 0x1
[0172.136] GetThemeAppProperties () returned 0x3
[0172.136] GetThemeAppProperties () returned 0x3
[0172.136] DrawThemeBackground () returned 0x0
[0172.136] RestoreDC (hdc=0xcc010803, nSavedDC=-1) returned 1
[0172.136] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010803) returned 0x0
[0172.136] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0172.136] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0172.136] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0172.136] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0172.136] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc04) returned 0x0
[0172.136] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.136] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0172.136] LocalFree (hMem=0x11eec58) returned 0x0
[0172.137] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0172.137] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0172.137] LocalFree (hMem=0x11eecc8) returned 0x0
[0172.137] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0172.137] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0172.137] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0172.137] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0172.137] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0172.137] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0172.137] GetCurrentObject (hdc=0xcc010803, type=0x1) returned 0xb00017
[0172.137] GetCurrentObject (hdc=0xcc010803, type=0x2) returned 0x900010
[0172.137] GetCurrentObject (hdc=0xcc010803, type=0x7) returned 0x4a0507fe
[0172.137] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.137] SaveDC (hdc=0xcc010803) returned 1
[0172.137] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7a040807
[0172.137] GetClipRgn (hdc=0xcc010803, hrgn=0x7a040807) returned 0
[0172.137] SelectClipRgn (hdc=0xcc010803, hrgn=0xff0407de) returned 2
[0172.137] DeleteObject (ho=0x7a040807) returned 1
[0172.142] DeleteObject (ho=0xff0407de) returned 1
[0172.142] OffsetViewportOrgEx (in: hdc=0xcc010803, x=0, y=0, lppt=0x2e1c710 | out: lppt=0x2e1c710) returned 1
[0172.143] IsAppThemed () returned 0x1
[0172.143] GetThemeAppProperties () returned 0x3
[0172.143] GetThemeAppProperties () returned 0x3
[0172.143] GetThemeBackgroundContentRect () returned 0x0
[0172.143] RestoreDC (hdc=0xcc010803, nSavedDC=-1) returned 1
[0172.143] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010803) returned 0x0
[0172.143] IsAppThemed () returned 0x1
[0172.143] GetThemeAppProperties () returned 0x3
[0172.143] GetThemeAppProperties () returned 0x3
[0172.143] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0172.143] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0172.143] GetCurrentObject (hdc=0xcc010803, type=0x1) returned 0xb00017
[0172.143] GetCurrentObject (hdc=0xcc010803, type=0x2) returned 0x900010
[0172.143] GetCurrentObject (hdc=0xcc010803, type=0x7) returned 0x4a0507fe
[0172.143] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.143] SaveDC (hdc=0xcc010803) returned 1
[0172.143] GetTextAlign (hdc=0xcc010803) returned 0x0
[0172.143] GetTextColor (hdc=0xcc010803) returned 0x0
[0172.144] GetCurrentObject (hdc=0xcc010803, type=0x6) returned 0x8a01c2
[0172.144] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0172.144] SelectObject (hdc=0xcc010803, h=0x6d0a0520) returned 0x8a01c2
[0172.144] GetBkMode (hdc=0xcc010803) returned 2
[0172.144] SetBkMode (hdc=0xcc010803, mode=1) returned 2
[0172.144] DrawTextExW (in: hdc=0xcc010803, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e1cab0 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0172.144] DrawTextExW (in: hdc=0xcc010803, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e1cab0 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0172.144] RestoreDC (hdc=0xcc010803, nSavedDC=-1) returned 1
[0172.144] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010803) returned 0x0
[0172.144] GetFocus () returned 0xc02d8
[0172.145] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0172.145] SendMessageW (hWnd=0xa02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0172.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0172.145] IsAppThemed () returned 0x1
[0172.145] GetThemeAppProperties () returned 0x3
[0172.145] GetThemeAppProperties () returned 0x3
[0172.145] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0172.145] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xcc010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0172.145] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010803) returned 0x0
[0172.145] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.145] SelectObject (hdc=0xcc010803, h=0x85000f) returned 0x4a0507fe
[0172.145] DeleteDC (hdc=0xcc010803) returned 1
[0172.145] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0172.145] EndPaint (hWnd=0xc02d8, lpPaint=0xd7dee4) returned 1
[0172.145] MapWindowPoints (in: hWndFrom=0xc02d8, hWndTo=0x0, lpPoints=0x2e1cbac, cPoints=0x1 | out: lpPoints=0x2e1cbac) returned 30999254
[0172.146] WindowFromPoint (Point=0x313) returned 0xc02d8
[0172.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.146] NotifyWinEvent (event=0x800a, hwnd=0xc02d8, idObject=-4, idChild=0)
[0172.146] NotifyWinEvent (event=0x800c, hwnd=0xc02d8, idObject=-4, idChild=0)
[0172.146] GetCapture () returned 0xc02d8
[0172.146] ReleaseCapture () returned 1
[0172.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0172.146] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0172.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.147] IsWindow (hWnd=0x7005c) returned 1
[0172.147] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0172.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0172.171] IsWindow (hWnd=0xa02de) returned 1
[0172.171] SetActiveWindow (hWnd=0xa02de) returned 0xa02de
[0172.172] IsWindow (hWnd=0xa02de) returned 1
[0172.172] SetFocus (hWnd=0xa02de) returned 0xc02d8
[0172.172] GetFocus () returned 0xa02de
[0172.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x8, wParam=0xa02de, lParam=0x0) returned 0x0
[0172.172] GetCapture () returned 0x0
[0172.172] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0172.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0172.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0172.176] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0172.176] GetFocus () returned 0xa02de
[0172.176] SetFocus (hWnd=0xc02d8) returned 0xa02de
[0172.176] GetFocus () returned 0xc02d8
[0172.176] IsChild (hWndParent=0xa02de, hWnd=0xc02d8) returned 1
[0172.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x8, wParam=0xc02d8, lParam=0x0) returned 0x0
[0172.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0172.178] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0172.180] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0172.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x7, wParam=0xa02de, lParam=0x0) returned 0x0
[0172.180] GetStockObject (i=5) returned 0x900015
[0172.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0172.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0172.180] GetDlgItem (hDlg=0xa02de, nIDDlgItem=787160) returned 0xc02d8
[0172.180] SendMessageW (hWnd=0xc02d8, Msg=0x202b, wParam=0xc02d8, lParam=0xd7ddcc) returned 0x0
[0172.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x202b, wParam=0xc02d8, lParam=0xd7ddcc) returned 0x0
[0172.180] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0172.182] GetWindowLongW (hWnd=0xa02de, nIndex=-8) returned 458844
[0172.182] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0172.182] GetCurrentThreadId () returned 0xf50
[0172.182] IsWindow (hWnd=0x7005c) returned 1
[0172.182] IsWindow (hWnd=0x7005c) returned 1
[0172.182] IsWindowVisible (hWnd=0x7005c) returned 1
[0172.182] SetActiveWindow (hWnd=0x7005c) returned 0xa02de
[0172.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0172.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0172.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0172.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0172.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0172.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0172.188] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0172.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0172.188] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0172.188] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0172.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0172.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0172.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0172.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0xa02de) returned 0x1
[0172.191] GetFocus () returned 0xc02d8
[0172.191] SetFocus (hWnd=0x602c4) returned 0xc02d8
[0172.192] GetFocus () returned 0x602c4
[0172.192] IsChild (hWndParent=0xa02de, hWnd=0x602c4) returned 0
[0172.192] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0172.192] GetCapture () returned 0x0
[0172.192] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0172.193] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0172.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0172.195] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0172.195] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0172.196] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0172.196] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0172.196] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0172.196] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xc02d8, lParam=0x0) returned 0x0
[0172.196] GetStockObject (i=5) returned 0x900015
[0172.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0172.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0172.197] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0172.197] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0172.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0172.197] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0172.207] GetFocus () returned 0x602c4
[0172.207] IsChild (hWndParent=0xa02de, hWnd=0x602c4) returned 0
[0172.207] ShowWindow (hWnd=0xa02de, nCmdShow=0) returned 1
[0172.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0172.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0172.209] GetWindowPlacement (in: hWnd=0xa02de, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0172.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0172.209] GetClientRect (in: hWnd=0xa02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0172.209] GetWindowRect (in: hWnd=0xa02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0172.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0172.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0172.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0172.210] GetWindowLongW (hWnd=0xa02de, nIndex=-20) returned 327945
[0172.210] DestroyWindow (hWnd=0xa02de) returned 1
[0172.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0172.211] GetWindowTextLengthW (hWnd=0xa02de) returned 24
[0172.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0172.211] GetSystemMetrics (nIndex=42) returned 0
[0172.211] GetWindowTextW (in: hWnd=0xa02de, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0172.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0172.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0172.212] GetWindowTextLengthW (hWnd=0xa02dc) returned 0
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0172.212] GetSystemMetrics (nIndex=42) returned 0
[0172.212] GetWindowTextW (in: hWnd=0xa02dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0172.212] GetWindowThreadProcessId (in: hWnd=0xa02da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0172.212] GetWindow (hWnd=0xa02da, uCmd=0x5) returned 0x0
[0172.212] GetWindowLongW (hWnd=0xa02da, nIndex=-20) returned 65792
[0172.212] DestroyWindow (hWnd=0xa02da) returned 1
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0172.212] GetWindowTextLengthW (hWnd=0xa02da) returned 25
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0172.212] GetSystemMetrics (nIndex=42) returned 0
[0172.212] GetWindowTextW (in: hWnd=0xa02da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0172.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.213] GetWindowTextLengthW (hWnd=0xd00ea) returned 232
[0172.213] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0172.213] GetSystemMetrics (nIndex=42) returned 0
[0172.213] GetWindowTextW (in: hWnd=0xd00ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0172.214] InvalidateRect (hWnd=0xc02d8, lpRect=0x0, bErase=0) returned 1
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0172.214] SendMessageW (hWnd=0xb02d2, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0172.214] SendMessageW (hWnd=0xb02d2, Msg=0xb0, wParam=0x2de8738, lParam=0xd7e480) returned 0x0
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0xb0, wParam=0x2de8738, lParam=0xd7e480) returned 0x0
[0172.214] GetWindowTextLengthW (hWnd=0xb02d2) returned 4363
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0172.214] GetSystemMetrics (nIndex=42) returned 0
[0172.214] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0172.214] GetWindowTextW (in: hWnd=0xb02d2, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0172.214] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0172.215] CoTaskMemFree (pv=0x11fff70)
[0172.215] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0172.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.218] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.219] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x8005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.221] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0172.225] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.225] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.225] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.225] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.225] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.225] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.225] IsWindowUnicode (hWnd=0x7005c) returned 1
[0172.225] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.226] SetCursor (hCursor=0x10003) returned 0x10003
[0172.226] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.226] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.226] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0172.226] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0172.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0172.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0255) returned 0x0
[0172.226] GetKeyState (nVirtKey=1) returned 1
[0172.226] GetKeyState (nVirtKey=2) returned 0
[0172.226] GetKeyState (nVirtKey=4) returned 0
[0172.226] GetKeyState (nVirtKey=5) returned 0
[0172.226] GetKeyState (nVirtKey=6) returned 0
[0172.226] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.227] IsWindowUnicode (hWnd=0x7005c) returned 1
[0172.227] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.227] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.227] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.227] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.227] IsWindowUnicode (hWnd=0x7005c) returned 1
[0172.227] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0172.228] SetCursor (hCursor=0x10003) returned 0x10003
[0172.228] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.228] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.228] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0255) returned 0x0
[0172.228] GetKeyState (nVirtKey=1) returned 1
[0172.228] GetKeyState (nVirtKey=2) returned 0
[0172.228] GetKeyState (nVirtKey=4) returned 0
[0172.228] GetKeyState (nVirtKey=5) returned 0
[0172.228] GetKeyState (nVirtKey=6) returned 0
[0172.228] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.228] IsWindowUnicode (hWnd=0x602c4) returned 1
[0172.228] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.228] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.228] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.229] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.229] IsWindowUnicode (hWnd=0x602c4) returned 1
[0172.229] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.229] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.229] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.229] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0172.229] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0172.230] CreateCompatibleDC (hdc=0x60100ce) returned 0x4c0107f1
[0172.230] SelectObject (hdc=0x4c0107f1, h=0x4a0507fe) returned 0x85000f
[0172.230] GdipCreateFromHDC (hdc=0x4c0107f1, graphics=0xd7e798) returned 0x0
[0172.230] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0172.230] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0172.230] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0172.230] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0172.230] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e7f8) returned 0x0
[0172.230] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.230] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0172.230] LocalFree (hMem=0x11eec58) returned 0x0
[0172.230] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0172.230] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0172.230] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0172.230] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0172.230] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0172.230] GdipRestoreGraphics (graphics=0x6600030, state=0xfc380dbd) returned 0x0
[0172.230] GdipDeleteRegion (region=0x6646688) returned 0x0
[0172.231] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0172.231] GetCurrentObject (hdc=0x4c0107f1, type=0x1) returned 0xb00017
[0172.231] GetCurrentObject (hdc=0x4c0107f1, type=0x2) returned 0x900010
[0172.231] GetCurrentObject (hdc=0x4c0107f1, type=0x7) returned 0x4a0507fe
[0172.231] GetCurrentObject (hdc=0x4c0107f1, type=0x6) returned 0x8a01c2
[0172.231] SaveDC (hdc=0x4c0107f1) returned 1
[0172.231] GetNearestColor (hdc=0x4c0107f1, color=0xff) returned 0xff
[0172.231] GetNearestColor (hdc=0x4c0107f1, color=0x55) returned 0x55
[0172.231] GetNearestColor (hdc=0x4c0107f1, color=0x0) returned 0x0
[0172.231] GetNearestColor (hdc=0x4c0107f1, color=0x55) returned 0x55
[0172.231] GetNearestColor (hdc=0x4c0107f1, color=0x0) returned 0x0
[0172.249] GetNearestColor (hdc=0x4c0107f1, color=0x8080ff) returned 0x8080ff
[0172.249] GetNearestColor (hdc=0x4c0107f1, color=0x7373e5) returned 0x7373e5
[0172.249] GetNearestColor (hdc=0x4c0107f1, color=0xe5) returned 0xe5
[0172.249] GetNearestColor (hdc=0x4c0107f1, color=0x0) returned 0x0
[0172.249] RestoreDC (hdc=0x4c0107f1, nSavedDC=-1) returned 1
[0172.249] GdipReleaseDC (graphics=0x6600030, hdc=0x4c0107f1) returned 0x0
[0172.249] IsAppThemed () returned 0x1
[0172.249] GetThemeAppProperties () returned 0x3
[0172.249] GetThemeAppProperties () returned 0x3
[0172.249] IsAppThemed () returned 0x1
[0172.249] GetThemeAppProperties () returned 0x3
[0172.249] GetThemeAppProperties () returned 0x3
[0172.249] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e24960 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0172.249] IsAppThemed () returned 0x1
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] IsAppThemed () returned 0x1
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetFocus () returned 0x602c4
[0172.250] IsAppThemed () returned 0x1
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] IsAppThemed () returned 0x1
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] IsThemePartDefined () returned 0x1
[0172.250] IsAppThemed () returned 0x1
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0172.250] IsAppThemed () returned 0x1
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] IsAppThemed () returned 0x1
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] GetThemeAppProperties () returned 0x3
[0172.250] IsThemePartDefined () returned 0x1
[0172.250] GdipCreateRegion (region=0xd7e508) returned 0x0
[0172.250] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0172.250] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0172.250] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0172.251] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e520) returned 0x0
[0172.251] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0172.251] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0172.251] LocalFree (hMem=0x11ee868) returned 0x0
[0172.251] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0172.251] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0172.251] LocalFree (hMem=0x11ee9f0) returned 0x0
[0172.251] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0172.251] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e548) returned 0x0
[0172.251] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e538) returned 0x0
[0172.251] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0172.251] GdipDeleteRegion (region=0x6646718) returned 0x0
[0172.251] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0172.251] GetCurrentObject (hdc=0x4c0107f1, type=0x1) returned 0xb00017
[0172.251] GetCurrentObject (hdc=0x4c0107f1, type=0x2) returned 0x900010
[0172.251] GetCurrentObject (hdc=0x4c0107f1, type=0x7) returned 0x4a0507fe
[0172.251] GetCurrentObject (hdc=0x4c0107f1, type=0x6) returned 0x8a01c2
[0172.251] SaveDC (hdc=0x4c0107f1) returned 1
[0172.251] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x407de
[0172.252] GetClipRgn (hdc=0x4c0107f1, hrgn=0x407de) returned 0
[0172.252] SelectClipRgn (hdc=0x4c0107f1, hrgn=0x7e040807) returned 2
[0172.252] DeleteObject (ho=0x407de) returned 1
[0172.252] DeleteObject (ho=0x7e040807) returned 1
[0172.252] OffsetViewportOrgEx (in: hdc=0x4c0107f1, x=0, y=0, lppt=0x2e25010 | out: lppt=0x2e25010) returned 1
[0172.252] DrawThemeParentBackground () returned 0x0
[0172.252] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0172.252] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0172.252] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0172.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0172.252] GetSystemMetrics (nIndex=42) returned 0
[0172.252] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0172.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0172.252] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0172.252] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0172.252] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0172.252] SelectPalette (hdc=0x4c0107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0172.252] GdipCreateFromHDC (hdc=0x4c0107f1, graphics=0xd7dff8) returned 0x0
[0172.253] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0172.253] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0172.253] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638a88) returned 0x0
[0172.253] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfd0) returned 0x0
[0172.253] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0172.253] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0172.253] GdipGetClip (graphics=0x664e508, region=0x6646b08) returned 0x0
[0172.253] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x664e508, result=0xd7dfc4) returned 0x0
[0172.253] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0172.253] GdipSaveGraphics (graphics=0x664e508, state=0xd7dff0) returned 0x0
[0172.253] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0172.261] GdipFillRectangleI (graphics=0x664e508, brush=0x6636df0, x=0, y=0, width=801, height=453) returned 0x0
[0172.261] GdipDeleteBrush (brush=0x6636df0) returned 0x0
[0172.267] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0172.268] SelectPalette (hdc=0x4c0107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.268] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0172.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0172.268] GetSystemMetrics (nIndex=42) returned 0
[0172.268] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0172.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0172.268] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0172.268] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0172.268] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0172.268] SelectPalette (hdc=0x4c0107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0172.268] GdipCreateFromHDC (hdc=0x4c0107f1, graphics=0xd7df98) returned 0x0
[0172.268] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0172.268] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0172.268] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638d88) returned 0x0
[0172.268] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df70) returned 0x0
[0172.268] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0172.268] GdipCreateRegion (region=0xd7df58) returned 0x0
[0172.269] GdipGetClip (graphics=0x664e508, region=0x66464d8) returned 0x0
[0172.269] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x664e508, result=0xd7df64) returned 0x0
[0172.269] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0172.269] GdipSaveGraphics (graphics=0x664e508, state=0xd7df90) returned 0x0
[0172.269] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0172.275] GdipFillRectangleI (graphics=0x664e508, brush=0x6636a48, x=0, y=0, width=801, height=453) returned 0x0
[0172.275] GdipDeleteBrush (brush=0x6636a48) returned 0x0
[0172.277] GdipRestoreGraphics (graphics=0x664e508, state=0xfc340dbd) returned 0x0
[0172.277] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0172.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0172.277] GetSystemMetrics (nIndex=42) returned 0
[0172.277] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0172.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0172.277] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0172.277] SelectPalette (hdc=0x4c0107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.277] RestoreDC (hdc=0x4c0107f1, nSavedDC=-1) returned 1
[0172.277] GdipReleaseDC (graphics=0x6600030, hdc=0x4c0107f1) returned 0x0
[0172.277] IsAppThemed () returned 0x1
[0172.277] GetThemeAppProperties () returned 0x3
[0172.277] GetThemeAppProperties () returned 0x3
[0172.277] IsAppThemed () returned 0x1
[0172.278] GetThemeAppProperties () returned 0x3
[0172.278] GetThemeAppProperties () returned 0x3
[0172.278] IsThemePartDefined () returned 0x1
[0172.278] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0172.278] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0172.278] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0172.278] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0172.278] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a4) returned 0x0
[0172.278] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0172.278] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0172.278] LocalFree (hMem=0x11ee9f0) returned 0x0
[0172.278] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.278] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0172.278] LocalFree (hMem=0x11eec58) returned 0x0
[0172.279] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0172.279] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0172.279] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0172.279] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0172.279] GdipDeleteRegion (region=0x6646718) returned 0x0
[0172.279] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0172.279] GetCurrentObject (hdc=0x4c0107f1, type=0x1) returned 0xb00017
[0172.279] GetCurrentObject (hdc=0x4c0107f1, type=0x2) returned 0x900010
[0172.279] GetCurrentObject (hdc=0x4c0107f1, type=0x7) returned 0x4a0507fe
[0172.279] GetCurrentObject (hdc=0x4c0107f1, type=0x6) returned 0x8a01c2
[0172.279] SaveDC (hdc=0x4c0107f1) returned 1
[0172.279] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7f040807
[0172.279] GetClipRgn (hdc=0x4c0107f1, hrgn=0x7f040807) returned 0
[0172.279] SelectClipRgn (hdc=0x4c0107f1, hrgn=0x20407de) returned 2
[0172.279] DeleteObject (ho=0x7f040807) returned 1
[0172.279] DeleteObject (ho=0x20407de) returned 1
[0172.279] OffsetViewportOrgEx (in: hdc=0x4c0107f1, x=0, y=0, lppt=0x2e2bd3c | out: lppt=0x2e2bd3c) returned 1
[0172.280] IsAppThemed () returned 0x1
[0172.280] GetThemeAppProperties () returned 0x3
[0172.280] GetThemeAppProperties () returned 0x3
[0172.280] DrawThemeBackground () returned 0x0
[0172.280] RestoreDC (hdc=0x4c0107f1, nSavedDC=-1) returned 1
[0172.280] GdipReleaseDC (graphics=0x6600030, hdc=0x4c0107f1) returned 0x0
[0172.280] GdipCreateRegion (region=0xd7e490) returned 0x0
[0172.280] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0172.280] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0172.280] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0172.280] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e4a8) returned 0x0
[0172.280] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0172.280] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0172.281] LocalFree (hMem=0x11eec58) returned 0x0
[0172.281] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0172.281] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0172.281] LocalFree (hMem=0x11eea28) returned 0x0
[0172.281] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0172.281] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0172.281] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0172.281] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0172.281] GdipDeleteRegion (region=0x6646838) returned 0x0
[0172.281] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0172.281] GetCurrentObject (hdc=0x4c0107f1, type=0x1) returned 0xb00017
[0172.281] GetCurrentObject (hdc=0x4c0107f1, type=0x2) returned 0x900010
[0172.281] GetCurrentObject (hdc=0x4c0107f1, type=0x7) returned 0x4a0507fe
[0172.281] GetCurrentObject (hdc=0x4c0107f1, type=0x6) returned 0x8a01c2
[0172.281] SaveDC (hdc=0x4c0107f1) returned 1
[0172.281] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x30407de
[0172.281] GetClipRgn (hdc=0x4c0107f1, hrgn=0x30407de) returned 0
[0172.281] SelectClipRgn (hdc=0x4c0107f1, hrgn=0x80040807) returned 2
[0172.281] DeleteObject (ho=0x30407de) returned 1
[0172.281] DeleteObject (ho=0x80040807) returned 1
[0172.281] OffsetViewportOrgEx (in: hdc=0x4c0107f1, x=0, y=0, lppt=0x2e2c010 | out: lppt=0x2e2c010) returned 1
[0172.282] IsAppThemed () returned 0x1
[0172.282] GetThemeAppProperties () returned 0x3
[0172.282] GetThemeAppProperties () returned 0x3
[0172.282] GetThemeBackgroundContentRect () returned 0x0
[0172.282] RestoreDC (hdc=0x4c0107f1, nSavedDC=-1) returned 1
[0172.282] GdipReleaseDC (graphics=0x6600030, hdc=0x4c0107f1) returned 0x0
[0172.282] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0172.282] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0172.282] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0172.282] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0172.282] IsAppThemed () returned 0x1
[0172.282] GetThemeAppProperties () returned 0x3
[0172.282] GetThemeAppProperties () returned 0x3
[0172.282] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0172.282] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0172.282] GetCurrentObject (hdc=0x4c0107f1, type=0x1) returned 0xb00017
[0172.282] GetCurrentObject (hdc=0x4c0107f1, type=0x2) returned 0x900010
[0172.282] GetCurrentObject (hdc=0x4c0107f1, type=0x7) returned 0x4a0507fe
[0172.282] GetCurrentObject (hdc=0x4c0107f1, type=0x6) returned 0x8a01c2
[0172.282] SaveDC (hdc=0x4c0107f1) returned 1
[0172.282] GetTextAlign (hdc=0x4c0107f1) returned 0x0
[0172.282] GetTextColor (hdc=0x4c0107f1) returned 0x0
[0172.283] GetCurrentObject (hdc=0x4c0107f1, type=0x6) returned 0x8a01c2
[0172.283] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0172.283] SelectObject (hdc=0x4c0107f1, h=0x6d0a0520) returned 0x8a01c2
[0172.283] GetBkMode (hdc=0x4c0107f1) returned 2
[0172.283] SetBkMode (hdc=0x4c0107f1, mode=1) returned 2
[0172.283] DrawTextExW (in: hdc=0x4c0107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e2c3d4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0172.283] DrawTextExW (in: hdc=0x4c0107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e2c3d4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0172.283] RestoreDC (hdc=0x4c0107f1, nSavedDC=-1) returned 1
[0172.284] GdipReleaseDC (graphics=0x6600030, hdc=0x4c0107f1) returned 0x0
[0172.284] GetFocus () returned 0x602c4
[0172.284] IsAppThemed () returned 0x1
[0172.284] GetThemeAppProperties () returned 0x3
[0172.284] GetThemeAppProperties () returned 0x3
[0172.284] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0172.284] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x4c0107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0172.284] GdipReleaseDC (graphics=0x6600030, hdc=0x4c0107f1) returned 0x0
[0172.284] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0172.284] SelectObject (hdc=0x4c0107f1, h=0x85000f) returned 0x4a0507fe
[0172.284] DeleteDC (hdc=0x4c0107f1) returned 1
[0172.284] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0172.284] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0172.284] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.284] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.284] WaitMessage () returned 1
[0172.325] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.326] IsWindowUnicode (hWnd=0x7005c) returned 1
[0172.326] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.326] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.326] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.326] IsWindowUnicode (hWnd=0x7005c) returned 1
[0172.326] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.326] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.326] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0255) returned 0x0
[0172.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.326] WaitMessage () returned 1
[0172.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.332] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.333] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.333] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.333] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.333] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.333] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.333] WaitMessage () returned 1
[0172.334] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.334] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.334] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.334] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.334] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.335] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.335] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.335] WaitMessage () returned 1
[0172.336] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.336] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.336] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.336] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.336] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.337] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.338] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.338] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.338] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.338] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.338] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.338] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.338] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.338] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.338] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.338] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.339] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.339] WaitMessage () returned 1
[0172.339] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.339] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.339] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.339] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.339] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.340] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.344] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.344] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.344] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.344] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.344] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.344] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.344] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.344] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.344] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.344] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.345] WaitMessage () returned 1
[0172.346] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.346] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.346] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.347] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.347] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.348] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.348] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.348] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.348] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.348] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.348] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.348] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.348] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.348] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.348] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.348] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.349] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.349] WaitMessage () returned 1
[0172.349] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.349] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.349] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.349] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.349] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.350] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.351] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.351] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.351] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.351] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.351] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.351] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.351] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.351] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.351] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.351] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.352] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.352] WaitMessage () returned 1
[0172.353] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.353] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.353] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.353] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.353] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.354] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.354] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.354] WaitMessage () returned 1
[0172.355] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.355] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.355] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.355] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.355] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.361] WaitMessage () returned 1
[0172.364] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.364] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.364] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.364] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.364] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.365] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.365] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.365] WaitMessage () returned 1
[0172.365] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.365] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.365] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.366] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.366] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.367] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.367] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.367] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.367] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.367] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.367] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.368] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.368] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.368] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.368] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.368] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.368] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.368] WaitMessage () returned 1
[0172.376] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.376] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.376] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.376] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.377] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.378] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.378] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.378] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.378] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.378] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.378] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.378] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.378] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.379] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.379] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.379] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.379] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.379] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.379] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.379] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.379] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.379] IsWindowUnicode (hWnd=0x30122) returned 1
[0172.380] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.380] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.380] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.380] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.381] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.381] WaitMessage () returned 1
[0172.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.502] IsWindowUnicode (hWnd=0x502c6) returned 1
[0172.502] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0172.502] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0172.502] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0172.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0172.503] WaitMessage () returned 1
[0174.360] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.360] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f8) returned 0x1
[0174.360] IsWindowUnicode (hWnd=0x602c4) returned 1
[0174.360] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.360] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0174.360] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0174.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0174.360] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.360] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f8) returned 0x1
[0174.361] IsWindowUnicode (hWnd=0x602c4) returned 1
[0174.361] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f8) returned 0x1
[0174.361] SetCursor (hCursor=0x10003) returned 0x10003
[0174.361] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0174.361] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0174.361] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0174.361] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0174.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0174.361] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0174.361] GetKeyState (nVirtKey=1) returned 1
[0174.361] GetKeyState (nVirtKey=2) returned 0
[0174.361] GetKeyState (nVirtKey=4) returned 0
[0174.361] GetKeyState (nVirtKey=5) returned 0
[0174.361] GetKeyState (nVirtKey=6) returned 0
[0174.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.361] IsWindowUnicode (hWnd=0x602c4) returned 1
[0174.361] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.362] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0174.362] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0174.362] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0174.362] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0174.362] CreateCompatibleDC (hdc=0x60100ce) returned 0xa50107e9
[0174.362] SelectObject (hdc=0xa50107e9, h=0x4a0507fe) returned 0x85000f
[0174.362] GdipCreateFromHDC (hdc=0xa50107e9, graphics=0xd7e798) returned 0x0
[0174.362] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0174.362] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0174.362] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0174.362] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0174.362] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e7f8) returned 0x0
[0174.362] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0174.362] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0174.363] LocalFree (hMem=0x11eec58) returned 0x0
[0174.363] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0174.363] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0174.363] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0174.363] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0174.363] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0174.363] GdipRestoreGraphics (graphics=0x6600030, state=0xfc320dbd) returned 0x0
[0174.363] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0174.363] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0174.363] GetCurrentObject (hdc=0xa50107e9, type=0x1) returned 0xb00017
[0174.363] GetCurrentObject (hdc=0xa50107e9, type=0x2) returned 0x900010
[0174.363] GetCurrentObject (hdc=0xa50107e9, type=0x7) returned 0x4a0507fe
[0174.363] GetCurrentObject (hdc=0xa50107e9, type=0x6) returned 0x8a01c2
[0174.363] SaveDC (hdc=0xa50107e9) returned 1
[0174.363] GetNearestColor (hdc=0xa50107e9, color=0xff) returned 0xff
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0x55) returned 0x55
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0x0) returned 0x0
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0x55) returned 0x55
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0x0) returned 0x0
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0x8080ff) returned 0x8080ff
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0x7373e5) returned 0x7373e5
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0xe5) returned 0xe5
[0174.364] GetNearestColor (hdc=0xa50107e9, color=0x0) returned 0x0
[0174.364] RestoreDC (hdc=0xa50107e9, nSavedDC=-1) returned 1
[0174.364] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107e9) returned 0x0
[0174.364] IsAppThemed () returned 0x1
[0174.364] GetThemeAppProperties () returned 0x3
[0174.364] GetThemeAppProperties () returned 0x3
[0174.364] IsAppThemed () returned 0x1
[0174.364] GetThemeAppProperties () returned 0x3
[0174.364] GetThemeAppProperties () returned 0x3
[0174.364] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e2cdd4 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0174.365] IsAppThemed () returned 0x1
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] IsAppThemed () returned 0x1
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] IsAppThemed () returned 0x1
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] IsAppThemed () returned 0x1
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] IsThemePartDefined () returned 0x1
[0174.365] IsAppThemed () returned 0x1
[0174.365] GetThemeAppProperties () returned 0x3
[0174.365] GetThemeAppProperties () returned 0x3
[0174.366] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0174.366] IsAppThemed () returned 0x1
[0174.366] GetThemeAppProperties () returned 0x3
[0174.366] GetThemeAppProperties () returned 0x3
[0174.366] IsAppThemed () returned 0x1
[0174.366] GetThemeAppProperties () returned 0x3
[0174.366] GetThemeAppProperties () returned 0x3
[0174.366] IsThemePartDefined () returned 0x1
[0174.366] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0174.366] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0174.366] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0174.366] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0174.366] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e514) returned 0x0
[0174.366] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0174.366] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0174.366] LocalFree (hMem=0x11ee9f0) returned 0x0
[0174.366] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0174.366] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0174.366] LocalFree (hMem=0x11ee788) returned 0x0
[0174.366] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0174.366] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0174.366] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0174.366] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0174.366] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0174.367] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0174.367] GetCurrentObject (hdc=0xa50107e9, type=0x1) returned 0xb00017
[0174.367] GetCurrentObject (hdc=0xa50107e9, type=0x2) returned 0x900010
[0174.367] GetCurrentObject (hdc=0xa50107e9, type=0x7) returned 0x4a0507fe
[0174.367] GetCurrentObject (hdc=0xa50107e9, type=0x6) returned 0x8a01c2
[0174.367] SaveDC (hdc=0xa50107e9) returned 1
[0174.367] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x81040807
[0174.367] GetClipRgn (hdc=0xa50107e9, hrgn=0x81040807) returned 0
[0174.367] SelectClipRgn (hdc=0xa50107e9, hrgn=0x70407de) returned 2
[0174.367] DeleteObject (ho=0x81040807) returned 1
[0174.367] DeleteObject (ho=0x70407de) returned 1
[0174.367] OffsetViewportOrgEx (in: hdc=0xa50107e9, x=0, y=0, lppt=0x2e2d484 | out: lppt=0x2e2d484) returned 1
[0174.367] DrawThemeParentBackground () returned 0x0
[0174.367] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0174.367] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0174.367] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0174.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0174.368] GetSystemMetrics (nIndex=42) returned 0
[0174.368] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0174.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0174.368] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0174.368] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0174.368] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0174.368] SelectPalette (hdc=0xa50107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0174.368] GdipCreateFromHDC (hdc=0xa50107e9, graphics=0xd7dff0) returned 0x0
[0174.368] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0174.368] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0174.368] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638b18) returned 0x0
[0174.368] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfc8) returned 0x0
[0174.368] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0174.368] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0174.368] GdipGetClip (graphics=0x664e508, region=0x6646718) returned 0x0
[0174.368] GdipIsInfiniteRegion (region=0x6646718, graphics=0x664e508, result=0xd7dfbc) returned 0x0
[0174.369] GdipDeleteRegion (region=0x6646718) returned 0x0
[0174.369] GdipSaveGraphics (graphics=0x664e508, state=0xd7dfe8) returned 0x0
[0174.369] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0174.377] GdipFillRectangleI (graphics=0x664e508, brush=0x6637198, x=0, y=0, width=801, height=453) returned 0x0
[0174.377] GdipDeleteBrush (brush=0x6637198) returned 0x0
[0174.378] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0174.378] SelectPalette (hdc=0xa50107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0174.378] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0174.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0174.378] GetSystemMetrics (nIndex=42) returned 0
[0174.378] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0174.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0174.378] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0174.378] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0174.379] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0174.379] SelectPalette (hdc=0xa50107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0174.379] GdipCreateFromHDC (hdc=0xa50107e9, graphics=0xd7df90) returned 0x0
[0174.379] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0174.379] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0174.379] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638c98) returned 0x0
[0174.379] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df68) returned 0x0
[0174.379] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0174.379] GdipCreateRegion (region=0xd7df50) returned 0x0
[0174.379] GdipGetClip (graphics=0x664e508, region=0x6646838) returned 0x0
[0174.379] GdipIsInfiniteRegion (region=0x6646838, graphics=0x664e508, result=0xd7df5c) returned 0x0
[0174.379] GdipDeleteRegion (region=0x6646838) returned 0x0
[0174.379] GdipSaveGraphics (graphics=0x664e508, state=0xd7df88) returned 0x0
[0174.379] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0174.389] GdipFillRectangleI (graphics=0x664e508, brush=0x66367d8, x=0, y=0, width=801, height=453) returned 0x0
[0174.390] GdipDeleteBrush (brush=0x66367d8) returned 0x0
[0174.391] GdipRestoreGraphics (graphics=0x664e508, state=0xfc2e0dbd) returned 0x0
[0174.391] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0174.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0174.391] GetSystemMetrics (nIndex=42) returned 0
[0174.391] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0174.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0174.392] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0174.392] SelectPalette (hdc=0xa50107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0174.392] RestoreDC (hdc=0xa50107e9, nSavedDC=-1) returned 1
[0174.392] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107e9) returned 0x0
[0174.392] IsAppThemed () returned 0x1
[0174.392] GetThemeAppProperties () returned 0x3
[0174.392] GetThemeAppProperties () returned 0x3
[0174.392] IsAppThemed () returned 0x1
[0174.392] GetThemeAppProperties () returned 0x3
[0174.392] GetThemeAppProperties () returned 0x3
[0174.392] IsThemePartDefined () returned 0x1
[0174.392] GdipCreateRegion (region=0xd7e480) returned 0x0
[0174.392] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0174.392] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0174.392] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0174.392] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e498) returned 0x0
[0174.392] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0174.392] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0174.393] LocalFree (hMem=0x11ee788) returned 0x0
[0174.393] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0174.393] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea60) returned 0x0
[0174.393] LocalFree (hMem=0x11eea60) returned 0x0
[0174.393] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0174.393] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0174.393] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0174.393] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0174.393] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0174.393] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0174.393] GetCurrentObject (hdc=0xa50107e9, type=0x1) returned 0xb00017
[0174.393] GetCurrentObject (hdc=0xa50107e9, type=0x2) returned 0x900010
[0174.393] GetCurrentObject (hdc=0xa50107e9, type=0x7) returned 0x4a0507fe
[0174.393] GetCurrentObject (hdc=0xa50107e9, type=0x6) returned 0x8a01c2
[0174.393] SaveDC (hdc=0xa50107e9) returned 1
[0174.393] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x80407de
[0174.393] GetClipRgn (hdc=0xa50107e9, hrgn=0x80407de) returned 0
[0174.393] SelectClipRgn (hdc=0xa50107e9, hrgn=0x83040807) returned 2
[0174.393] DeleteObject (ho=0x80407de) returned 1
[0174.393] DeleteObject (ho=0x83040807) returned 1
[0174.393] OffsetViewportOrgEx (in: hdc=0xa50107e9, x=0, y=0, lppt=0x2e33cd4 | out: lppt=0x2e33cd4) returned 1
[0174.393] IsAppThemed () returned 0x1
[0174.394] GetThemeAppProperties () returned 0x3
[0174.394] GetThemeAppProperties () returned 0x3
[0174.394] DrawThemeBackground () returned 0x0
[0174.394] RestoreDC (hdc=0xa50107e9, nSavedDC=-1) returned 1
[0174.394] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107e9) returned 0x0
[0174.394] GdipCreateRegion (region=0xd7e484) returned 0x0
[0174.394] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0174.394] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0174.394] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0174.394] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e49c) returned 0x0
[0174.394] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0174.394] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0174.394] LocalFree (hMem=0x11eec58) returned 0x0
[0174.394] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0174.394] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0174.394] LocalFree (hMem=0x11ee8d8) returned 0x0
[0174.394] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0174.394] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0174.394] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0174.394] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0174.394] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0174.394] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0174.395] GetCurrentObject (hdc=0xa50107e9, type=0x1) returned 0xb00017
[0174.395] GetCurrentObject (hdc=0xa50107e9, type=0x2) returned 0x900010
[0174.395] GetCurrentObject (hdc=0xa50107e9, type=0x7) returned 0x4a0507fe
[0174.395] GetCurrentObject (hdc=0xa50107e9, type=0x6) returned 0x8a01c2
[0174.395] SaveDC (hdc=0xa50107e9) returned 1
[0174.395] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x84040807
[0174.395] GetClipRgn (hdc=0xa50107e9, hrgn=0x84040807) returned 0
[0174.395] SelectClipRgn (hdc=0xa50107e9, hrgn=0x90407de) returned 2
[0174.395] DeleteObject (ho=0x84040807) returned 1
[0174.395] DeleteObject (ho=0x90407de) returned 1
[0174.395] OffsetViewportOrgEx (in: hdc=0xa50107e9, x=0, y=0, lppt=0x2e33fa8 | out: lppt=0x2e33fa8) returned 1
[0174.395] IsAppThemed () returned 0x1
[0174.395] GetThemeAppProperties () returned 0x3
[0174.395] GetThemeAppProperties () returned 0x3
[0174.395] GetThemeBackgroundContentRect () returned 0x0
[0174.395] RestoreDC (hdc=0xa50107e9, nSavedDC=-1) returned 1
[0174.395] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107e9) returned 0x0
[0174.395] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0174.395] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0174.395] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0174.395] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0174.396] IsAppThemed () returned 0x1
[0174.396] GetThemeAppProperties () returned 0x3
[0174.396] GetThemeAppProperties () returned 0x3
[0174.396] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0174.396] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0174.396] GetCurrentObject (hdc=0xa50107e9, type=0x1) returned 0xb00017
[0174.396] GetCurrentObject (hdc=0xa50107e9, type=0x2) returned 0x900010
[0174.396] GetCurrentObject (hdc=0xa50107e9, type=0x7) returned 0x4a0507fe
[0174.396] GetCurrentObject (hdc=0xa50107e9, type=0x6) returned 0x8a01c2
[0174.396] SaveDC (hdc=0xa50107e9) returned 1
[0174.396] GetTextAlign (hdc=0xa50107e9) returned 0x0
[0174.396] GetTextColor (hdc=0xa50107e9) returned 0x0
[0174.396] GetCurrentObject (hdc=0xa50107e9, type=0x6) returned 0x8a01c2
[0174.396] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0174.396] SelectObject (hdc=0xa50107e9, h=0x6d0a0520) returned 0x8a01c2
[0174.396] GetBkMode (hdc=0xa50107e9) returned 2
[0174.397] SetBkMode (hdc=0xa50107e9, mode=1) returned 2
[0174.397] DrawTextExW (in: hdc=0xa50107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e3436c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0174.397] DrawTextExW (in: hdc=0xa50107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e3436c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0174.397] RestoreDC (hdc=0xa50107e9, nSavedDC=-1) returned 1
[0174.397] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107e9) returned 0x0
[0174.398] GetFocus () returned 0x602c4
[0174.398] IsAppThemed () returned 0x1
[0174.398] GetThemeAppProperties () returned 0x3
[0174.398] GetThemeAppProperties () returned 0x3
[0174.398] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0174.398] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xa50107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0174.398] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107e9) returned 0x0
[0174.398] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0174.398] SelectObject (hdc=0xa50107e9, h=0x85000f) returned 0x4a0507fe
[0174.398] DeleteDC (hdc=0xa50107e9) returned 1
[0174.399] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0174.399] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0174.399] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0174.399] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0174.399] WaitMessage () returned 1
[0174.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.482] IsWindowUnicode (hWnd=0x602c4) returned 1
[0174.482] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.482] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0174.482] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0174.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.482] IsWindowUnicode (hWnd=0x602c4) returned 1
[0174.482] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.482] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0174.482] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0174.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xe001d) returned 0x0
[0174.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0174.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0174.482] WaitMessage () returned 1
[0174.616] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f8) returned 0x1
[0174.617] IsWindowUnicode (hWnd=0x602c4) returned 1
[0174.617] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f8) returned 0x1
[0174.617] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0174.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1a0003a) returned 0x0
[0174.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0174.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0174.617] SetCursor (hCursor=0x10003) returned 0x10003
[0174.617] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0174.618] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0174.618] GetKeyState (nVirtKey=1) returned -128
[0174.618] GetKeyState (nVirtKey=2) returned 0
[0174.618] GetKeyState (nVirtKey=4) returned 0
[0174.618] GetKeyState (nVirtKey=5) returned 0
[0174.618] GetKeyState (nVirtKey=6) returned 0
[0174.618] IsWindowVisible (hWnd=0x602c4) returned 1
[0174.618] IsWindowEnabled (hWnd=0x602c4) returned 1
[0174.618] SetFocus (hWnd=0x602c4) returned 0x602c4
[0174.618] GetFocus () returned 0x602c4
[0174.618] GetFocus () returned 0x602c4
[0174.618] GetFocus () returned 0x602c4
[0174.618] GetKeyState (nVirtKey=1) returned -128
[0174.618] GetKeyState (nVirtKey=2) returned 0
[0174.618] GetKeyState (nVirtKey=4) returned 0
[0174.618] GetKeyState (nVirtKey=5) returned 0
[0174.618] GetKeyState (nVirtKey=6) returned 0
[0174.618] GetCapture () returned 0x0
[0174.618] SetCapture (hWnd=0x602c4) returned 0x0
[0174.618] GetKeyState (nVirtKey=1) returned -128
[0174.618] GetKeyState (nVirtKey=2) returned 0
[0174.618] GetKeyState (nVirtKey=4) returned 0
[0174.618] GetKeyState (nVirtKey=5) returned 0
[0174.618] GetKeyState (nVirtKey=6) returned 0
[0174.618] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0174.618] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0174.618] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.619] IsWindowUnicode (hWnd=0x602c4) returned 1
[0174.619] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0174.619] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0174.619] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0174.619] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e344f0, cPoints=0x1 | out: lpPoints=0x2e344f0) returned 40304859
[0174.619] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0174.619] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0174.619] UpdateWindow (hWnd=0x602c4) returned 1
[0174.619] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0174.619] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0174.619] CreateCompatibleDC (hdc=0x60100ce) returned 0xa60107e9
[0174.619] SelectObject (hdc=0xa60107e9, h=0x4a0507fe) returned 0x85000f
[0174.619] GdipCreateFromHDC (hdc=0xa60107e9, graphics=0xd7e430) returned 0x0
[0174.619] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0174.620] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0174.620] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0174.620] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0174.620] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e490) returned 0x0
[0174.620] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0174.620] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0174.620] LocalFree (hMem=0x11ee788) returned 0x0
[0174.620] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0174.620] GdipCreateRegion (region=0xd7e478) returned 0x0
[0174.620] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0174.620] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e484) returned 0x0
[0174.620] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0174.620] GdipRestoreGraphics (graphics=0x6600030, state=0xfc2c0dbd) returned 0x0
[0174.620] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0174.620] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0174.620] GetCurrentObject (hdc=0xa60107e9, type=0x1) returned 0xb00017
[0174.620] GetCurrentObject (hdc=0xa60107e9, type=0x2) returned 0x900010
[0174.620] GetCurrentObject (hdc=0xa60107e9, type=0x7) returned 0x4a0507fe
[0174.620] GetCurrentObject (hdc=0xa60107e9, type=0x6) returned 0x8a01c2
[0174.620] SaveDC (hdc=0xa60107e9) returned 1
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0xff) returned 0xff
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0x55) returned 0x55
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0x0) returned 0x0
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0x55) returned 0x55
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0x0) returned 0x0
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0x8080ff) returned 0x8080ff
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0x7373e5) returned 0x7373e5
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0xe5) returned 0xe5
[0174.621] GetNearestColor (hdc=0xa60107e9, color=0x0) returned 0x0
[0174.621] RestoreDC (hdc=0xa60107e9, nSavedDC=-1) returned 1
[0174.621] GdipReleaseDC (graphics=0x6600030, hdc=0xa60107e9) returned 0x0
[0174.621] IsAppThemed () returned 0x1
[0174.621] GetThemeAppProperties () returned 0x3
[0174.621] GetThemeAppProperties () returned 0x3
[0174.621] IsAppThemed () returned 0x1
[0174.621] GetThemeAppProperties () returned 0x3
[0174.621] GetThemeAppProperties () returned 0x3
[0174.621] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e34c0c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0174.622] IsAppThemed () returned 0x1
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] IsAppThemed () returned 0x1
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] IsAppThemed () returned 0x1
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] IsAppThemed () returned 0x1
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] IsThemePartDefined () returned 0x1
[0174.622] IsAppThemed () returned 0x1
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] GetThemeAppProperties () returned 0x3
[0174.622] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0174.622] IsAppThemed () returned 0x1
[0174.623] GetThemeAppProperties () returned 0x3
[0174.623] GetThemeAppProperties () returned 0x3
[0174.623] IsAppThemed () returned 0x1
[0174.623] GetThemeAppProperties () returned 0x3
[0174.623] GetThemeAppProperties () returned 0x3
[0174.623] IsThemePartDefined () returned 0x1
[0174.623] GdipCreateRegion (region=0xd7e194) returned 0x0
[0174.624] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0174.624] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0174.624] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0174.624] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e1ac) returned 0x0
[0174.624] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0174.624] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0174.624] LocalFree (hMem=0x11ee8d8) returned 0x0
[0174.624] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0174.624] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0174.624] LocalFree (hMem=0x11ee9f0) returned 0x0
[0174.624] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0174.624] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0174.624] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0174.624] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0174.624] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0174.624] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0174.624] GetCurrentObject (hdc=0xa60107e9, type=0x1) returned 0xb00017
[0174.624] GetCurrentObject (hdc=0xa60107e9, type=0x2) returned 0x900010
[0174.624] GetCurrentObject (hdc=0xa60107e9, type=0x7) returned 0x4a0507fe
[0174.624] GetCurrentObject (hdc=0xa60107e9, type=0x6) returned 0x8a01c2
[0174.625] SaveDC (hdc=0xa60107e9) returned 1
[0174.625] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa0407de
[0174.625] GetClipRgn (hdc=0xa60107e9, hrgn=0xa0407de) returned 0
[0174.625] SelectClipRgn (hdc=0xa60107e9, hrgn=0x88040807) returned 2
[0174.625] DeleteObject (ho=0xa0407de) returned 1
[0174.625] DeleteObject (ho=0x88040807) returned 1
[0174.625] OffsetViewportOrgEx (in: hdc=0xa60107e9, x=0, y=0, lppt=0x2e352bc | out: lppt=0x2e352bc) returned 1
[0174.625] DrawThemeParentBackground () returned 0x0
[0174.625] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0174.625] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0174.625] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0174.625] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0174.625] GetSystemMetrics (nIndex=42) returned 0
[0174.625] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0174.625] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0174.625] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0174.625] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0174.626] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0174.626] SelectPalette (hdc=0xa60107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0174.626] GdipCreateFromHDC (hdc=0xa60107e9, graphics=0xd7dc88) returned 0x0
[0174.626] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0174.626] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0174.626] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638a28) returned 0x0
[0174.626] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc60) returned 0x0
[0174.626] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0174.626] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0174.626] GdipGetClip (graphics=0x664e508, region=0x6646688) returned 0x0
[0174.626] GdipIsInfiniteRegion (region=0x6646688, graphics=0x664e508, result=0xd7dc54) returned 0x0
[0174.626] GdipDeleteRegion (region=0x6646688) returned 0x0
[0174.626] GdipSaveGraphics (graphics=0x664e508, state=0xd7dc80) returned 0x0
[0174.626] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0174.634] GdipFillRectangleI (graphics=0x664e508, brush=0x6636cb8, x=0, y=0, width=801, height=453) returned 0x0
[0174.634] GdipDeleteBrush (brush=0x6636cb8) returned 0x0
[0174.636] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0174.636] SelectPalette (hdc=0xa60107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0174.636] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0174.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0174.636] GetSystemMetrics (nIndex=42) returned 0
[0174.636] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0174.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0174.636] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0174.636] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0174.636] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0174.636] SelectPalette (hdc=0xa60107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0174.636] GdipCreateFromHDC (hdc=0xa60107e9, graphics=0xd7dc28) returned 0x0
[0174.637] GdipSetPageUnit (graphics=0x664e508, unit=0x2) returned 0x0
[0174.637] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0174.637] GdipGetWorldTransform (graphics=0x664e508, matrix=0x6638c68) returned 0x0
[0174.637] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc00) returned 0x0
[0174.637] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0174.637] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0174.637] GdipGetClip (graphics=0x664e508, region=0x6646b08) returned 0x0
[0174.637] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x664e508, result=0xd7dbf4) returned 0x0
[0174.637] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0174.637] GdipSaveGraphics (graphics=0x664e508, state=0xd7dc20) returned 0x0
[0174.637] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0174.645] GdipFillRectangleI (graphics=0x664e508, brush=0x66362f8, x=0, y=0, width=801, height=453) returned 0x0
[0174.645] GdipDeleteBrush (brush=0x66362f8) returned 0x0
[0174.647] GdipRestoreGraphics (graphics=0x664e508, state=0xfc280dbd) returned 0x0
[0174.647] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0174.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0174.647] GetSystemMetrics (nIndex=42) returned 0
[0174.647] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0174.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0174.647] GdipDeleteGraphics (graphics=0x664e508) returned 0x0
[0174.647] SelectPalette (hdc=0xa60107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0174.648] RestoreDC (hdc=0xa60107e9, nSavedDC=-1) returned 1
[0174.648] GdipReleaseDC (graphics=0x6600030, hdc=0xa60107e9) returned 0x0
[0174.648] IsAppThemed () returned 0x1
[0174.648] GetThemeAppProperties () returned 0x3
[0174.648] GetThemeAppProperties () returned 0x3
[0174.648] IsAppThemed () returned 0x1
[0174.648] GetThemeAppProperties () returned 0x3
[0174.648] GetThemeAppProperties () returned 0x3
[0174.648] IsThemePartDefined () returned 0x1
[0174.648] GdipCreateRegion (region=0xd7e118) returned 0x0
[0174.648] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0174.648] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0174.648] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0174.648] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e130) returned 0x0
[0174.648] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0174.648] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0174.648] LocalFree (hMem=0x11ee788) returned 0x0
[0174.648] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0174.648] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0174.648] LocalFree (hMem=0x11eecc8) returned 0x0
[0174.648] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0174.648] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0174.649] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0174.649] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0174.649] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0174.649] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0174.649] GetCurrentObject (hdc=0xa60107e9, type=0x1) returned 0xb00017
[0174.649] GetCurrentObject (hdc=0xa60107e9, type=0x2) returned 0x900010
[0174.649] GetCurrentObject (hdc=0xa60107e9, type=0x7) returned 0x4a0507fe
[0174.649] GetCurrentObject (hdc=0xa60107e9, type=0x6) returned 0x8a01c2
[0174.649] SaveDC (hdc=0xa60107e9) returned 1
[0174.649] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x89040807
[0174.649] GetClipRgn (hdc=0xa60107e9, hrgn=0x89040807) returned 0
[0174.649] SelectClipRgn (hdc=0xa60107e9, hrgn=0xc0407de) returned 2
[0174.649] DeleteObject (ho=0x89040807) returned 1
[0174.649] DeleteObject (ho=0xc0407de) returned 1
[0174.649] OffsetViewportOrgEx (in: hdc=0xa60107e9, x=0, y=0, lppt=0x2e3bb0c | out: lppt=0x2e3bb0c) returned 1
[0174.649] IsAppThemed () returned 0x1
[0174.649] GetThemeAppProperties () returned 0x3
[0174.649] GetThemeAppProperties () returned 0x3
[0174.649] DrawThemeBackground () returned 0x0
[0174.649] RestoreDC (hdc=0xa60107e9, nSavedDC=-1) returned 1
[0174.650] GdipReleaseDC (graphics=0x6600030, hdc=0xa60107e9) returned 0x0
[0174.650] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0174.650] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0174.650] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0174.650] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0174.650] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e134) returned 0x0
[0174.650] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0174.650] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0174.650] LocalFree (hMem=0x11ee788) returned 0x0
[0174.650] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0174.650] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0174.650] LocalFree (hMem=0x11ee9f0) returned 0x0
[0174.650] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0174.650] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0174.650] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0174.650] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0174.650] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0174.650] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0174.650] GetCurrentObject (hdc=0xa60107e9, type=0x1) returned 0xb00017
[0174.650] GetCurrentObject (hdc=0xa60107e9, type=0x2) returned 0x900010
[0174.651] GetCurrentObject (hdc=0xa60107e9, type=0x7) returned 0x4a0507fe
[0174.651] GetCurrentObject (hdc=0xa60107e9, type=0x6) returned 0x8a01c2
[0174.651] SaveDC (hdc=0xa60107e9) returned 1
[0174.651] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd0407de
[0174.651] GetClipRgn (hdc=0xa60107e9, hrgn=0xd0407de) returned 0
[0174.651] SelectClipRgn (hdc=0xa60107e9, hrgn=0x8a040807) returned 2
[0174.651] DeleteObject (ho=0xd0407de) returned 1
[0174.651] DeleteObject (ho=0x8a040807) returned 1
[0174.651] OffsetViewportOrgEx (in: hdc=0xa60107e9, x=0, y=0, lppt=0x2e3bde0 | out: lppt=0x2e3bde0) returned 1
[0174.651] IsAppThemed () returned 0x1
[0174.651] GetThemeAppProperties () returned 0x3
[0174.651] GetThemeAppProperties () returned 0x3
[0174.651] GetThemeBackgroundContentRect () returned 0x0
[0174.651] RestoreDC (hdc=0xa60107e9, nSavedDC=-1) returned 1
[0174.651] GdipReleaseDC (graphics=0x6600030, hdc=0xa60107e9) returned 0x0
[0174.651] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0174.652] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0174.652] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0174.652] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0174.652] IsAppThemed () returned 0x1
[0174.652] GetThemeAppProperties () returned 0x3
[0174.652] GetThemeAppProperties () returned 0x3
[0174.652] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0174.652] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0174.652] GetCurrentObject (hdc=0xa60107e9, type=0x1) returned 0xb00017
[0174.652] GetCurrentObject (hdc=0xa60107e9, type=0x2) returned 0x900010
[0174.652] GetCurrentObject (hdc=0xa60107e9, type=0x7) returned 0x4a0507fe
[0174.652] GetCurrentObject (hdc=0xa60107e9, type=0x6) returned 0x8a01c2
[0174.652] SaveDC (hdc=0xa60107e9) returned 1
[0174.652] GetTextAlign (hdc=0xa60107e9) returned 0x0
[0174.652] GetTextColor (hdc=0xa60107e9) returned 0x0
[0174.653] GetCurrentObject (hdc=0xa60107e9, type=0x6) returned 0x8a01c2
[0174.653] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0174.653] SelectObject (hdc=0xa60107e9, h=0x6d0a0520) returned 0x8a01c2
[0174.653] GetBkMode (hdc=0xa60107e9) returned 2
[0174.653] SetBkMode (hdc=0xa60107e9, mode=1) returned 2
[0174.653] DrawTextExW (in: hdc=0xa60107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e3c1a4 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0174.653] DrawTextExW (in: hdc=0xa60107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e3c1a4 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0174.654] RestoreDC (hdc=0xa60107e9, nSavedDC=-1) returned 1
[0174.654] GdipReleaseDC (graphics=0x6600030, hdc=0xa60107e9) returned 0x0
[0174.654] GetFocus () returned 0x602c4
[0174.654] IsAppThemed () returned 0x1
[0174.654] GetThemeAppProperties () returned 0x3
[0174.654] GetThemeAppProperties () returned 0x3
[0174.654] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0174.654] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xa60107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0174.654] GdipReleaseDC (graphics=0x6600030, hdc=0xa60107e9) returned 0x0
[0174.654] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0174.654] SelectObject (hdc=0xa60107e9, h=0x85000f) returned 0x4a0507fe
[0174.655] DeleteDC (hdc=0xa60107e9) returned 1
[0174.655] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0174.655] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0174.655] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e3c2a0, cPoints=0x1 | out: lpPoints=0x2e3c2a0) returned 40304859
[0174.655] WindowFromPoint (Point=0xf8) returned 0x602c4
[0174.655] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f8) returned 0x1
[0174.655] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0174.655] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0174.655] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0174.655] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0174.655] GetSystemMetrics (nIndex=42) returned 0
[0174.655] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0174.655] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0174.657] GetCapture () returned 0x602c4
[0174.657] ReleaseCapture () returned 1
[0174.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0174.657] GetProcessWindowStation () returned 0x13c
[0174.658] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.658] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0174.658] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.658] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0174.658] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.658] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0174.659] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.659] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0174.659] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.659] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0174.659] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.659] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0174.659] GetDC (hWnd=0x0) returned 0xc0107c5
[0174.660] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0174.660] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0174.660] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0174.660] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0174.660] GetSystemMetrics (nIndex=5) returned 1
[0174.660] GetSystemMetrics (nIndex=6) returned 1
[0174.660] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.660] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0174.661] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0174.661] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0174.664] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0174.664] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0174.664] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0174.664] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0174.665] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0174.665] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0174.666] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e41cbc | out: lpData=0x2e41cbc) returned 1
[0174.666] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e420cc, puLen=0xd7e810) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41d74, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41dc8, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41e48, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41eb0, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41ef0, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41f78, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41fb4, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4200c, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4203c, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e42078, puLen=0xd7e790) returned 1
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e420cc, puLen=0xd7e784) returned 1
[0174.667] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0174.667] VerQueryValueW (in: pBlock=0x2e41cbc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e41ce4, puLen=0xd7e794) returned 1
[0174.668] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0174.668] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0174.668] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0174.668] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0174.668] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0174.668] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0174.668] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e43c2c | out: lpData=0x2e43c2c) returned 1
[0174.668] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e43cc8, puLen=0xd7e810) returned 1
[0174.669] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43d40, puLen=0xd7e790) returned 1
[0174.669] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43d70, puLen=0xd7e790) returned 1
[0174.669] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43dac, puLen=0xd7e790) returned 1
[0174.669] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43ddc, puLen=0xd7e790) returned 1
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43e24, puLen=0xd7e790) returned 1
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43e9c, puLen=0xd7e790) returned 1
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43ee0, puLen=0xd7e790) returned 1
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43f20, puLen=0xd7e790) returned 1
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43d1e, puLen=0xd7e790) returned 1
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43e6c, puLen=0xd7e790) returned 1
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e43cc8, puLen=0xd7e784) returned 1
[0174.680] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0174.680] VerQueryValueW (in: pBlock=0x2e43c2c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e43c54, puLen=0xd7e794) returned 1
[0174.681] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0174.681] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0174.682] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0174.682] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0174.682] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0174.682] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0174.683] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e45f04 | out: lpData=0x2e45f04) returned 1
[0174.683] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e46318, puLen=0xd7e810) returned 1
[0174.683] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e45fbc, puLen=0xd7e790) returned 1
[0174.683] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e46010, puLen=0xd7e790) returned 1
[0174.683] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4606c, puLen=0xd7e790) returned 1
[0174.683] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e460cc, puLen=0xd7e790) returned 1
[0174.683] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e46124, puLen=0xd7e790) returned 1
[0174.683] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e461ac, puLen=0xd7e790) returned 1
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e46200, puLen=0xd7e790) returned 1
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e46258, puLen=0xd7e790) returned 1
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e46288, puLen=0xd7e790) returned 1
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e462c4, puLen=0xd7e790) returned 1
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e46318, puLen=0xd7e784) returned 1
[0174.684] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0174.684] VerQueryValueW (in: pBlock=0x2e45f04, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e45f2c, puLen=0xd7e794) returned 1
[0174.687] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0174.687] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0174.687] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0174.687] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0174.687] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0174.687] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0174.688] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e4853c | out: lpData=0x2e4853c) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4893c, puLen=0xd7e810) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e485f4, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e48648, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e48688, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e486f0, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e48748, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e487d0, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e48824, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4887c, puLen=0xd7e790) returned 1
[0174.689] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e488ac, puLen=0xd7e790) returned 1
[0174.690] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.690] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e488e8, puLen=0xd7e790) returned 1
[0174.690] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.690] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4893c, puLen=0xd7e784) returned 1
[0174.690] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0174.690] VerQueryValueW (in: pBlock=0x2e4853c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e48564, puLen=0xd7e794) returned 1
[0174.690] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0174.690] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0174.691] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0174.691] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0174.691] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0174.691] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0174.692] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e4ac78 | out: lpData=0x2e4ac78) returned 1
[0174.692] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4b040, puLen=0xd7e810) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4ad30, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4ad84, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4adc4, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4ae2c, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4ae68, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4aef0, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4af28, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4af80, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4afb0, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4afec, puLen=0xd7e790) returned 1
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4b040, puLen=0xd7e784) returned 1
[0174.693] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0174.693] VerQueryValueW (in: pBlock=0x2e4ac78, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4aca0, puLen=0xd7e794) returned 1
[0174.694] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0174.694] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0174.694] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0174.694] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0174.694] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0174.694] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0174.695] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e4e2e0 | out: lpData=0x2e4e2e0) returned 1
[0174.696] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4e6c0, puLen=0xd7e810) returned 1
[0174.696] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e398, puLen=0xd7e790) returned 1
[0174.696] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e3ec, puLen=0xd7e790) returned 1
[0174.696] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e42c, puLen=0xd7e790) returned 1
[0174.696] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e48c, puLen=0xd7e790) returned 1
[0176.140] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e4d8, puLen=0xd7e790) returned 1
[0176.140] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e560, puLen=0xd7e790) returned 1
[0176.140] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e5a8, puLen=0xd7e790) returned 1
[0176.140] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e600, puLen=0xd7e790) returned 1
[0176.140] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e630, puLen=0xd7e790) returned 1
[0176.141] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.141] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e66c, puLen=0xd7e790) returned 1
[0176.141] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.141] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4e6c0, puLen=0xd7e784) returned 1
[0176.141] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0176.141] VerQueryValueW (in: pBlock=0x2e4e2e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4e308, puLen=0xd7e794) returned 1
[0176.142] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0176.142] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0176.142] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0176.142] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0176.142] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0176.142] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0176.143] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2c826d4 | out: lpData=0x2c826d4) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c82ae0, puLen=0xd7e810) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c8278c, puLen=0xd7e790) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c827e0, puLen=0xd7e790) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c82834, puLen=0xd7e790) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c82894, puLen=0xd7e790) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c828ec, puLen=0xd7e790) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c82974, puLen=0xd7e790) returned 1
[0176.144] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c829c8, puLen=0xd7e790) returned 1
[0176.145] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c82a20, puLen=0xd7e790) returned 1
[0176.145] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c82a50, puLen=0xd7e790) returned 1
[0176.145] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.145] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c82a8c, puLen=0xd7e790) returned 1
[0176.145] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.145] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c82ae0, puLen=0xd7e784) returned 1
[0176.145] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0176.145] VerQueryValueW (in: pBlock=0x2c826d4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c826fc, puLen=0xd7e794) returned 1
[0176.146] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0176.146] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0176.146] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0176.146] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0176.147] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0176.147] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0176.148] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2c84ee8 | out: lpData=0x2c84ee8) returned 1
[0176.149] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c852c0, puLen=0xd7e810) returned 1
[0176.149] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c84fa0, puLen=0xd7e790) returned 1
[0176.149] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c84ff4, puLen=0xd7e790) returned 1
[0176.149] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c85034, puLen=0xd7e790) returned 1
[0176.149] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c8509c, puLen=0xd7e790) returned 1
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c850e0, puLen=0xd7e790) returned 1
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c85168, puLen=0xd7e790) returned 1
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c851a8, puLen=0xd7e790) returned 1
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c85200, puLen=0xd7e790) returned 1
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c85230, puLen=0xd7e790) returned 1
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c8526c, puLen=0xd7e790) returned 1
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c852c0, puLen=0xd7e784) returned 1
[0176.150] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0176.150] VerQueryValueW (in: pBlock=0x2c84ee8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c84f10, puLen=0xd7e794) returned 1
[0176.151] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0176.151] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0176.151] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0176.152] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0176.152] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0176.152] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0176.153] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2c87440 | out: lpData=0x2c87440) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c87818, puLen=0xd7e810) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c874f8, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c8754c, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c8758c, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c875f4, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c87638, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c876c0, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c87700, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c87758, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c87788, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c877c4, puLen=0xd7e790) returned 1
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c87818, puLen=0xd7e784) returned 1
[0176.154] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0176.154] VerQueryValueW (in: pBlock=0x2c87440, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c87468, puLen=0xd7e794) returned 1
[0176.155] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0176.155] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0176.155] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0176.155] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0176.155] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0176.156] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0176.156] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2c89b78 | out: lpData=0x2c89b78) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c89fa8, puLen=0xd7e810) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89c30, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89c84, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89cf4, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89d54, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89db0, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89e38, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89e90, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89ee8, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89f18, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c89f54, puLen=0xd7e790) returned 1
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c89fa8, puLen=0xd7e784) returned 1
[0176.157] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0176.157] VerQueryValueW (in: pBlock=0x2c89b78, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c89ba0, puLen=0xd7e794) returned 1
[0176.158] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0176.158] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.158] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0176.158] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.159] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.159] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02de
[0176.159] SetWindowLongW (hWnd=0xb02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0176.159] GetWindowLongW (hWnd=0xb02de, nIndex=-4) returned 1950089536
[0176.160] SetWindowLongW (hWnd=0xb02de, nIndex=-4, dwNewLong=19943286) returned 1950089536
[0176.160] GetWindowLongW (hWnd=0xb02de, nIndex=-4) returned 19943286
[0176.160] GetWindowLongW (hWnd=0xb02de, nIndex=-16) returned 113311744
[0176.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0176.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0176.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0176.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0176.161] GetClientRect (in: hWnd=0xb02de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0176.161] GetWindowRect (in: hWnd=0xb02de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0176.161] SetWindowTextW (hWnd=0xb02de, lpString="WindowsFormsParkingWindow") returned 1
[0176.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0xc, wParam=0x0, lParam=0x2c79e4c) returned 0x1
[0176.162] GetParent (hWnd=0xb02de) returned 0x0
[0176.162] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.162] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xb02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc02d2
[0176.162] SetWindowLongW (hWnd=0xc02d2, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0176.162] GetWindowLongW (hWnd=0xc02d2, nIndex=-4) returned 1868147648
[0176.163] SetWindowLongW (hWnd=0xc02d2, nIndex=-4, dwNewLong=19942926) returned 1868147648
[0176.163] GetWindowLongW (hWnd=0xc02d2, nIndex=-4) returned 19942926
[0176.163] GetWindowLongW (hWnd=0xc02d2, nIndex=-16) returned 1174405133
[0176.163] GetWindowLongW (hWnd=0xc02d2, nIndex=-12) returned 0
[0176.163] SetWindowLongW (hWnd=0xc02d2, nIndex=-12, dwNewLong=787154) returned 0
[0176.163] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0176.163] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0176.164] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0176.164] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0176.164] GetWindowRect (in: hWnd=0xc02d2, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0176.164] GetParent (hWnd=0xc02d2) returned 0xb02de
[0176.164] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02de, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0176.165] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0176.165] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0176.165] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0176.165] GetWindowRect (in: hWnd=0xc02d2, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0176.165] GetParent (hWnd=0xc02d2) returned 0xb02de
[0176.165] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02de, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0176.165] SendMessageW (hWnd=0xc02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xc02d2) returned 0x0
[0176.165] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xc02d2) returned 0x0
[0176.165] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.165] GetParent (hWnd=0xc02d2) returned 0xb02de
[0176.166] GdipCreateFromHWND (hwnd=0xc02d2, graphics=0xd7e844) returned 0x0
[0176.166] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0176.167] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.167] GetForegroundWindow () returned 0x7005c
[0176.167] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.168] GetSystemMetrics (nIndex=42) returned 0
[0176.168] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0176.168] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.168] GetSystemMetrics (nIndex=42) returned 0
[0176.168] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0176.168] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.168] GetCursorPos (in: lpPoint=0x2c8dffc | out: lpPoint=0x2c8dffc*(x=248, y=629)) returned 1
[0176.168] MonitorFromPoint (pt=0xf8, dwFlags=0x275) returned 0x10001
[0176.169] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0176.169] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x630107d2
[0176.169] GetDeviceCaps (hdc=0x630107d2, index=12) returned 32
[0176.169] GetDeviceCaps (hdc=0x630107d2, index=14) returned 1
[0176.169] DeleteDC (hdc=0x630107d2) returned 1
[0176.169] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0176.169] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0176.169] GetSystemMetrics (nIndex=59) returned 1460
[0176.169] GetSystemMetrics (nIndex=60) returned 920
[0176.169] GetSystemMetrics (nIndex=34) returned 136
[0176.169] GetSystemMetrics (nIndex=35) returned 39
[0176.169] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.170] GetCursorPos (in: lpPoint=0x2c8e268 | out: lpPoint=0x2c8e268*(x=248, y=629)) returned 1
[0176.170] MonitorFromPoint (pt=0xf5, dwFlags=0x276) returned 0x10001
[0176.170] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0176.170] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x640107d2
[0176.170] GetDeviceCaps (hdc=0x640107d2, index=12) returned 32
[0176.170] GetDeviceCaps (hdc=0x640107d2, index=14) returned 1
[0176.170] DeleteDC (hdc=0x640107d2) returned 1
[0176.170] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0176.170] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0176.170] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.170] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0176.171] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2c8e500 | out: piconinfo=0x2c8e500) returned 1
[0176.171] GetObjectW (in: h=0x2905067c, c=24, pv=0x2c8e51c | out: pv=0x2c8e51c) returned 24
[0176.171] GdipCreateBitmapFromHBITMAP (hbm=0x2905067c, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0176.171] GdipGetImageWidth (image=0x6600cd0, width=0xd7e750) returned 0x0
[0176.171] GdipGetImageHeight (image=0x6600cd0, height=0xd7e748) returned 0x0
[0176.171] GdipGetImagePixelFormat (image=0x6600cd0, format=0xd7e740) returned 0x0
[0176.171] GdipBitmapLockBits (bitmap=0x6600cd0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2c8e5d4) returned 0x0
[0176.171] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0176.171] GdipBitmapLockBits (bitmap=0x6603e08, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2c8e60c) returned 0x0
[0176.172] RtlMoveMemory (in: Destination=0x6658c68, Source=0x664e660, Length=0x80 | out: Destination=0x6658c68)
[0176.172] RtlMoveMemory (in: Destination=0x6658ce8, Source=0x664e5e0, Length=0x80 | out: Destination=0x6658ce8)
[0176.172] RtlMoveMemory (in: Destination=0x6658d68, Source=0x664e560, Length=0x80 | out: Destination=0x6658d68)
[0176.172] RtlMoveMemory (in: Destination=0x6658de8, Source=0x664e4e0, Length=0x80 | out: Destination=0x6658de8)
[0176.172] RtlMoveMemory (in: Destination=0x6658e68, Source=0x664e460, Length=0x80 | out: Destination=0x6658e68)
[0176.172] RtlMoveMemory (in: Destination=0x6658ee8, Source=0x664e3e0, Length=0x80 | out: Destination=0x6658ee8)
[0176.172] RtlMoveMemory (in: Destination=0x6658f68, Source=0x664e360, Length=0x80 | out: Destination=0x6658f68)
[0176.172] RtlMoveMemory (in: Destination=0x6658fe8, Source=0x664e2e0, Length=0x80 | out: Destination=0x6658fe8)
[0176.172] RtlMoveMemory (in: Destination=0x6659068, Source=0x664e260, Length=0x80 | out: Destination=0x6659068)
[0176.172] RtlMoveMemory (in: Destination=0x66590e8, Source=0x664e1e0, Length=0x80 | out: Destination=0x66590e8)
[0176.172] RtlMoveMemory (in: Destination=0x6659168, Source=0x664e160, Length=0x80 | out: Destination=0x6659168)
[0176.172] RtlMoveMemory (in: Destination=0x66591e8, Source=0x664e0e0, Length=0x80 | out: Destination=0x66591e8)
[0176.172] RtlMoveMemory (in: Destination=0x6659268, Source=0x664e060, Length=0x80 | out: Destination=0x6659268)
[0176.172] RtlMoveMemory (in: Destination=0x66592e8, Source=0x664dfe0, Length=0x80 | out: Destination=0x66592e8)
[0176.172] RtlMoveMemory (in: Destination=0x6659368, Source=0x664df60, Length=0x80 | out: Destination=0x6659368)
[0176.172] RtlMoveMemory (in: Destination=0x66593e8, Source=0x664dee0, Length=0x80 | out: Destination=0x66593e8)
[0176.172] RtlMoveMemory (in: Destination=0x6659468, Source=0x664de60, Length=0x80 | out: Destination=0x6659468)
[0176.172] RtlMoveMemory (in: Destination=0x66594e8, Source=0x664dde0, Length=0x80 | out: Destination=0x66594e8)
[0176.172] RtlMoveMemory (in: Destination=0x6659568, Source=0x664dd60, Length=0x80 | out: Destination=0x6659568)
[0176.172] RtlMoveMemory (in: Destination=0x66595e8, Source=0x664dce0, Length=0x80 | out: Destination=0x66595e8)
[0176.172] RtlMoveMemory (in: Destination=0x6659668, Source=0x664dc60, Length=0x80 | out: Destination=0x6659668)
[0176.172] RtlMoveMemory (in: Destination=0x66596e8, Source=0x664dbe0, Length=0x80 | out: Destination=0x66596e8)
[0176.172] RtlMoveMemory (in: Destination=0x6659768, Source=0x664db60, Length=0x80 | out: Destination=0x6659768)
[0176.172] RtlMoveMemory (in: Destination=0x66597e8, Source=0x664dae0, Length=0x80 | out: Destination=0x66597e8)
[0176.173] RtlMoveMemory (in: Destination=0x6659868, Source=0x664da60, Length=0x80 | out: Destination=0x6659868)
[0176.173] RtlMoveMemory (in: Destination=0x66598e8, Source=0x664d9e0, Length=0x80 | out: Destination=0x66598e8)
[0176.173] RtlMoveMemory (in: Destination=0x6659968, Source=0x664d960, Length=0x80 | out: Destination=0x6659968)
[0176.173] RtlMoveMemory (in: Destination=0x66599e8, Source=0x664d8e0, Length=0x80 | out: Destination=0x66599e8)
[0176.173] RtlMoveMemory (in: Destination=0x6659a68, Source=0x664d860, Length=0x80 | out: Destination=0x6659a68)
[0176.173] RtlMoveMemory (in: Destination=0x6659ae8, Source=0x664d7e0, Length=0x80 | out: Destination=0x6659ae8)
[0176.173] RtlMoveMemory (in: Destination=0x6659b68, Source=0x664d760, Length=0x80 | out: Destination=0x6659b68)
[0176.173] RtlMoveMemory (in: Destination=0x6659be8, Source=0x664d6e0, Length=0x80 | out: Destination=0x6659be8)
[0176.173] GdipBitmapUnlockBits (bitmap=0x6600cd0, lockedBitmapData=0x2c8e5d4) returned 0x0
[0176.173] GdipBitmapUnlockBits (bitmap=0x6603e08, lockedBitmapData=0x2c8e60c) returned 0x0
[0176.173] GdipDisposeImage (image=0x6600cd0) returned 0x0
[0176.173] DeleteObject (ho=0x2905067c) returned 1
[0176.173] DeleteObject (ho=0x650507d2) returned 1
[0176.173] GetCurrentThreadId () returned 0xf50
[0176.173] GetCurrentThreadId () returned 0xf50
[0176.173] SetWindowPos (hWnd=0xc02d2, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0176.173] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0176.173] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0176.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0176.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0176.174] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0176.174] GetWindowRect (in: hWnd=0xc02d2, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0176.174] GetParent (hWnd=0xc02d2) returned 0xb02de
[0176.174] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02de, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0176.174] InvalidateRect (hWnd=0xc02d2, lpRect=0x0, bErase=1) returned 1
[0176.174] GetWindowTextLengthW (hWnd=0xc02d2) returned 0
[0176.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0176.174] GetSystemMetrics (nIndex=42) returned 0
[0176.174] GetWindowTextW (in: hWnd=0xc02d2, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0176.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0176.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0176.174] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0176.174] GetWindowRect (in: hWnd=0xc02d2, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0176.174] GetParent (hWnd=0xc02d2) returned 0xb02de
[0176.174] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02de, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0176.175] GetWindowTextLengthW (hWnd=0xc02d2) returned 0
[0176.175] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0176.175] GetSystemMetrics (nIndex=42) returned 0
[0176.175] GetWindowTextW (in: hWnd=0xc02d2, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0176.175] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0176.175] GetWindowTextLengthW (hWnd=0xc02d2) returned 0
[0176.175] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0176.175] GetSystemMetrics (nIndex=42) returned 0
[0176.175] GetWindowTextW (in: hWnd=0xc02d2, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0176.175] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0176.175] SetWindowTextW (hWnd=0xc02d2, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0176.175] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xc, wParam=0x0, lParam=0x2c7dcc4) returned 0x1
[0176.175] InvalidateRect (hWnd=0xc02d2, lpRect=0x0, bErase=1) returned 1
[0176.175] GetCurrentThreadId () returned 0xf50
[0176.175] GetWindowThreadProcessId (in: hWnd=0xc02d2, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0176.176] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0176.176] GdipImageForceValidation (image=0x66019f0) returned 0x0
[0176.178] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0176.178] GdipGetImageHeight (image=0x66019f0, height=0xd7e824) returned 0x0
[0176.178] GdipGetImageWidth (image=0x66019f0, width=0xd7e824) returned 0x0
[0176.178] GdipGetImageWidth (image=0x66019f0, width=0xd7e810) returned 0x0
[0176.178] GdipGetImageHeight (image=0x66019f0, height=0xd7e810) returned 0x0
[0176.178] GdipGetImageWidth (image=0x66019f0, width=0xd7e800) returned 0x0
[0176.178] GdipGetImageHeight (image=0x66019f0, height=0xd7e800) returned 0x0
[0176.178] GdipBitmapGetPixel (bitmap=0x66019f0, x=0, y=15, color=0xd7e810) returned 0x0
[0176.178] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0176.178] GdipGetImageWidth (image=0x66019f0, width=0xd7e740) returned 0x0
[0176.178] GdipGetImageHeight (image=0x66019f0, height=0xd7e740) returned 0x0
[0176.178] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0176.178] GdipGetImagePixelFormat (image=0x6600cd0, format=0xd7e740) returned 0x0
[0176.178] GdipGetImageGraphicsContext (image=0x6600cd0, graphics=0xd7e74c) returned 0x0
[0176.178] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0176.178] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0176.178] GdipSetImageAttributesColorKeys (imageattr=0x6638cc8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0176.178] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66019f0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cc8, callback=0x0, callbackData=0x0) returned 0x0
[0176.179] GdipDisposeImageAttributes (imageattr=0x6638cc8) returned 0x0
[0176.179] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.179] GdipDisposeImage (image=0x66019f0) returned 0x0
[0176.179] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0176.180] GdipImageForceValidation (image=0x66019f0) returned 0x0
[0176.181] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0176.181] GdipGetImageHeight (image=0x66019f0, height=0xd7e824) returned 0x0
[0176.181] GdipGetImageWidth (image=0x66019f0, width=0xd7e824) returned 0x0
[0176.181] GdipGetImageWidth (image=0x66019f0, width=0xd7e810) returned 0x0
[0176.181] GdipGetImageHeight (image=0x66019f0, height=0xd7e810) returned 0x0
[0176.181] GdipGetImageWidth (image=0x66019f0, width=0xd7e800) returned 0x0
[0176.181] GdipGetImageHeight (image=0x66019f0, height=0xd7e800) returned 0x0
[0176.181] GdipBitmapGetPixel (bitmap=0x66019f0, x=0, y=15, color=0xd7e810) returned 0x0
[0176.181] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0176.181] GdipGetImageWidth (image=0x66019f0, width=0xd7e740) returned 0x0
[0176.181] GdipGetImageHeight (image=0x66019f0, height=0xd7e740) returned 0x0
[0176.181] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0176.181] GdipGetImagePixelFormat (image=0x6602080, format=0xd7e740) returned 0x0
[0176.182] GdipGetImageGraphicsContext (image=0x6602080, graphics=0xd7e74c) returned 0x0
[0176.182] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0176.182] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0176.182] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0176.182] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66019f0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0176.182] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0176.182] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.182] GdipDisposeImage (image=0x66019f0) returned 0x0
[0176.182] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.182] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0176.183] GetCurrentThreadId () returned 0xf50
[0176.183] GetCurrentThreadId () returned 0xf50
[0176.183] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.183] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0176.183] GetCurrentThreadId () returned 0xf50
[0176.183] GetCurrentThreadId () returned 0xf50
[0176.183] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.183] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0176.183] GetCurrentThreadId () returned 0xf50
[0176.183] GetCurrentThreadId () returned 0xf50
[0176.183] GetSystemMetrics (nIndex=5) returned 1
[0176.183] GetSystemMetrics (nIndex=6) returned 1
[0176.183] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.184] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0176.184] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.184] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0176.184] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.184] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0176.184] GetCurrentThreadId () returned 0xf50
[0176.184] GetCurrentThreadId () returned 0xf50
[0176.184] GetProcessWindowStation () returned 0x13c
[0176.186] GetCapture () returned 0x0
[0176.186] GetActiveWindow () returned 0x7005c
[0176.186] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0176.186] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.187] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0176.187] GetCursorPos (in: lpPoint=0x2c8f7d8 | out: lpPoint=0x2c8f7d8*(x=248, y=629)) returned 1
[0176.187] MonitorFromPoint (pt=0xf8, dwFlags=0x275) returned 0x10001
[0176.187] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0176.187] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x660107d2
[0176.187] GetDeviceCaps (hdc=0x660107d2, index=12) returned 32
[0176.187] GetDeviceCaps (hdc=0x660107d2, index=14) returned 1
[0176.187] DeleteDC (hdc=0x660107d2) returned 1
[0176.187] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0176.187] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.187] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x9005a
[0176.188] SetWindowLongW (hWnd=0x9005a, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0176.188] GetWindowLongW (hWnd=0x9005a, nIndex=-4) returned 1950089536
[0176.188] SetWindowLongW (hWnd=0x9005a, nIndex=-4, dwNewLong=19942766) returned 1950089536
[0176.188] GetWindowLongW (hWnd=0x9005a, nIndex=-4) returned 19942766
[0176.188] GetWindowLongW (hWnd=0x9005a, nIndex=-16) returned 113770496
[0176.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0176.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0176.190] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0176.190] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0176.190] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0176.190] SetWindowTextW (hWnd=0x9005a, lpString="BB ransomware") returned 1
[0176.190] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xc, wParam=0x0, lParam=0x2c8dee8) returned 0x1
[0176.190] GetStartupInfoW (in: lpStartupInfo=0x2c8fb14 | out: lpStartupInfo=0x2c8fb14*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0176.191] GetParent (hWnd=0x9005a) returned 0x0
[0176.191] SetWindowLongW (hWnd=0x9005a, nIndex=-8, dwNewLong=0) returned 0
[0176.191] SendMessageW (hWnd=0x9005a, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0176.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0176.191] SendMessageW (hWnd=0x9005a, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0176.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0176.191] GetSystemMenu (hWnd=0x9005a, bRevert=0) returned 0x46013b
[0176.192] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0176.192] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0176.192] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0176.192] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0176.192] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0176.192] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0176.192] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0176.192] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0176.192] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0176.192] SetWindowPos (hWnd=0x9005a, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0176.192] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0176.193] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x9005a) returned 0x1
[0176.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0176.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0176.196] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.196] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.196] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x9005a, lParam=0x0) returned 0x0
[0176.198] GetCapture () returned 0x0
[0176.198] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0176.198] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0176.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0176.201] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.201] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0176.201] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.201] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0176.202] GetParent (hWnd=0x9005a) returned 0x0
[0176.202] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0176.203] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0176.203] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0176.203] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0176.203] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0176.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.205] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.205] GetWindowLongW (hWnd=0x9005a, nIndex=-16) returned 113770496
[0176.205] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.205] GetSystemMetrics (nIndex=42) returned 0
[0176.205] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0176.205] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.206] GetSystemMetrics (nIndex=42) returned 0
[0176.206] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0176.206] GetCursorPos (in: lpPoint=0x2c8fd50 | out: lpPoint=0x2c8fd50*(x=248, y=629)) returned 1
[0176.206] MonitorFromPoint (pt=0xf6, dwFlags=0x277) returned 0x10001
[0176.206] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0176.206] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1a0107e6
[0176.206] GetDeviceCaps (hdc=0x1a0107e6, index=12) returned 32
[0176.206] GetDeviceCaps (hdc=0x1a0107e6, index=14) returned 1
[0176.206] DeleteDC (hdc=0x1a0107e6) returned 1
[0176.206] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0176.206] GetWindowLongW (hWnd=0x9005a, nIndex=-16) returned 113770496
[0176.206] GetWindowLongW (hWnd=0x9005a, nIndex=-20) returned 327945
[0176.206] SetWindowLongW (hWnd=0x9005a, nIndex=-16, dwNewLong=46661632) returned 113770496
[0176.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0176.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0176.208] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.208] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.208] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.208] SetWindowLongW (hWnd=0x9005a, nIndex=-20, dwNewLong=327681) returned 327945
[0176.208] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0176.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0176.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.211] SetWindowPos (hWnd=0x9005a, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0176.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0176.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0176.211] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0176.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0176.211] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0176.212] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0176.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.214] RedrawWindow (hWnd=0x9005a, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0176.214] GetSystemMenu (hWnd=0x9005a, bRevert=0) returned 0x46013b
[0176.214] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0176.214] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0176.214] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0176.214] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0176.214] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0176.214] EnableMenuItem (hMenu=0x46013b, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0176.214] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0176.214] GetWindowLongW (hWnd=0x9005a, nIndex=-8) returned 0
[0176.214] SetWindowLongW (hWnd=0x9005a, nIndex=-8, dwNewLong=458844) returned 0
[0176.214] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0176.215] GetProcessWindowStation () returned 0x13c
[0176.215] GetCurrentThreadId () returned 0xf50
[0176.215] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305106, lParam=0x0) returned 1
[0176.215] IsWindowVisible (hWnd=0x9005a) returned 0
[0176.215] IsWindowVisible (hWnd=0x7005c) returned 1
[0176.215] IsWindowEnabled (hWnd=0x7005c) returned 1
[0176.215] IsWindowVisible (hWnd=0x300ec) returned 0
[0176.215] IsWindowVisible (hWnd=0x502c6) returned 0
[0176.215] IsWindowVisible (hWnd=0x502be) returned 0
[0176.215] GetActiveWindow () returned 0x9005a
[0176.215] GetFocus () returned 0x9005a
[0176.220] IsWindow (hWnd=0x7005c) returned 1
[0176.220] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0176.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0176.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0176.221] GetWindowLongW (hWnd=0x9005a, nIndex=-8) returned 458844
[0176.221] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0176.221] GetCurrentThreadId () returned 0xf50
[0176.221] GetWindowLongW (hWnd=0x9005a, nIndex=-8) returned 458844
[0176.221] IsWindowEnabled (hWnd=0x7005c) returned 0
[0176.221] IsWindowEnabled (hWnd=0x9005a) returned 1
[0176.221] ShowWindow (hWnd=0x9005a, nCmdShow=5) returned 0
[0176.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.221] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0176.222] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.222] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.222] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x9005a, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd02d8
[0176.223] SetWindowLongW (hWnd=0xd02d8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0176.223] GetWindowLongW (hWnd=0xd02d8, nIndex=-4) returned 1950089536
[0176.223] SetWindowLongW (hWnd=0xd02d8, nIndex=-4, dwNewLong=19942646) returned 1950089536
[0176.223] GetWindowLongW (hWnd=0xd02d8, nIndex=-4) returned 19942646
[0176.223] GetWindowLongW (hWnd=0xd02d8, nIndex=-16) returned 1174405120
[0176.223] GetWindowLongW (hWnd=0xd02d8, nIndex=-12) returned 0
[0176.224] SetWindowLongW (hWnd=0xd02d8, nIndex=-12, dwNewLong=852696) returned 0
[0176.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0176.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0176.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0176.224] GetWindow (hWnd=0xd02d8, uCmd=0x3) returned 0x0
[0176.224] GetClientRect (in: hWnd=0xd02d8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0176.225] GetWindowRect (in: hWnd=0xd02d8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0176.225] GetParent (hWnd=0xd02d8) returned 0x9005a
[0176.225] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0176.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0176.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0176.225] GetClientRect (in: hWnd=0xd02d8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0176.225] GetWindowRect (in: hWnd=0xd02d8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0176.226] GetParent (hWnd=0xd02d8) returned 0x9005a
[0176.226] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0176.226] SendMessageW (hWnd=0xd02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xd02d8) returned 0x0
[0176.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xd02d8) returned 0x0
[0176.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.226] GetParent (hWnd=0xd02d8) returned 0x9005a
[0176.226] GetParent (hWnd=0xc02d2) returned 0xb02de
[0176.226] SetParent (hWndChild=0xc02d2, hWndNewParent=0x9005a) returned 0xb02de
[0176.226] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0176.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0176.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0176.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0176.228] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0176.228] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0176.228] GetWindowRect (in: hWnd=0xc02d2, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0176.228] GetParent (hWnd=0xc02d2) returned 0x9005a
[0176.228] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0176.228] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0176.228] GetWindowRect (in: hWnd=0xc02d2, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0176.228] GetParent (hWnd=0xc02d2) returned 0x9005a
[0176.228] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0176.228] GetParent (hWnd=0xc02d2) returned 0x9005a
[0176.228] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.228] GetWindow (hWnd=0xc02d2, uCmd=0x3) returned 0x0
[0176.228] SetWindowPos (hWnd=0xc02d2, hWndInsertAfter=0xd02d8, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0176.228] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0176.229] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0176.229] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0176.229] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0176.229] GetWindowRect (in: hWnd=0xc02d2, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0176.229] GetParent (hWnd=0xc02d2) returned 0x9005a
[0176.229] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0176.229] GetParent (hWnd=0xc02d2) returned 0x9005a
[0176.229] GetWindow (hWnd=0xc02d2, uCmd=0x3) returned 0xd02d8
[0176.230] GetWindowThreadProcessId (in: hWnd=0xc02d2, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0176.230] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0176.230] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.230] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.231] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x9005a, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd013e
[0176.231] SetWindowLongW (hWnd=0xd013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0176.231] GetWindowLongW (hWnd=0xd013e, nIndex=-4) returned 1868032000
[0176.232] SetWindowLongW (hWnd=0xd013e, nIndex=-4, dwNewLong=19942966) returned 1868032000
[0176.232] GetWindowLongW (hWnd=0xd013e, nIndex=-4) returned 19942966
[0176.232] GetWindowLongW (hWnd=0xd013e, nIndex=-16) returned 1174470667
[0176.232] GetWindowLongW (hWnd=0xd013e, nIndex=-12) returned 0
[0176.232] SetWindowLongW (hWnd=0xd013e, nIndex=-12, dwNewLong=852286) returned 0
[0176.232] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0176.233] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0176.233] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0176.234] SendMessageW (hWnd=0xd013e, Msg=0x2055, wParam=0xd013e, lParam=0x3) returned 0x2
[0176.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0176.234] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0176.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0176.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0176.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0176.234] RedrawWindow (hWnd=0xd02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0176.235] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0176.235] RedrawWindow (hWnd=0xc02d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0176.235] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0176.235] RedrawWindow (hWnd=0xd013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0176.235] RedrawWindow (hWnd=0x9005a, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0176.235] GetWindow (hWnd=0xd013e, uCmd=0x3) returned 0xc02d2
[0176.235] GetClientRect (in: hWnd=0xd013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0176.235] GetWindowRect (in: hWnd=0xd013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0176.235] GetParent (hWnd=0xd013e) returned 0x9005a
[0176.235] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0176.236] SetWindowTextW (hWnd=0xd013e, lpString="&Details") returned 1
[0176.236] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0176.236] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0176.236] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0176.236] GetClientRect (in: hWnd=0xd013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0176.236] GetWindowRect (in: hWnd=0xd013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0176.236] GetParent (hWnd=0xd013e) returned 0x9005a
[0176.237] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0176.237] SendMessageW (hWnd=0xd013e, Msg=0x2210, wParam=0x13e0001, lParam=0xd013e) returned 0x0
[0176.237] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x2210, wParam=0x13e0001, lParam=0xd013e) returned 0x0
[0176.237] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.237] GetParent (hWnd=0xd013e) returned 0x9005a
[0176.237] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0176.238] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.238] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.238] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x9005a, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe00ea
[0176.239] SetWindowLongW (hWnd=0xe00ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0176.239] GetWindowLongW (hWnd=0xe00ea, nIndex=-4) returned 1868032000
[0176.239] SetWindowLongW (hWnd=0xe00ea, nIndex=-4, dwNewLong=19942446) returned 1868032000
[0176.239] GetWindowLongW (hWnd=0xe00ea, nIndex=-4) returned 19942446
[0176.239] GetWindowLongW (hWnd=0xe00ea, nIndex=-16) returned 1174470667
[0176.239] GetWindowLongW (hWnd=0xe00ea, nIndex=-12) returned 0
[0176.239] SetWindowLongW (hWnd=0xe00ea, nIndex=-12, dwNewLong=917738) returned 0
[0176.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0176.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0176.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0176.244] SendMessageW (hWnd=0xe00ea, Msg=0x2055, wParam=0xe00ea, lParam=0x3) returned 0x2
[0176.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0176.244] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0176.244] GetWindow (hWnd=0xe00ea, uCmd=0x3) returned 0xd013e
[0176.244] GetClientRect (in: hWnd=0xe00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0176.244] GetWindowRect (in: hWnd=0xe00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0176.244] GetParent (hWnd=0xe00ea) returned 0x9005a
[0176.244] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0176.245] SetWindowTextW (hWnd=0xe00ea, lpString="&Continue") returned 1
[0176.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0176.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0176.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0176.245] GetClientRect (in: hWnd=0xe00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0176.245] GetWindowRect (in: hWnd=0xe00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0176.245] GetParent (hWnd=0xe00ea) returned 0x9005a
[0176.245] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0176.246] SendMessageW (hWnd=0xe00ea, Msg=0x2210, wParam=0xea0001, lParam=0xe00ea) returned 0x0
[0176.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x2210, wParam=0xea0001, lParam=0xe00ea) returned 0x0
[0176.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.246] GetParent (hWnd=0xe00ea) returned 0x9005a
[0176.246] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0176.247] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.247] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.256] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x9005a, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02dc
[0176.257] SetWindowLongW (hWnd=0xb02dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0176.257] GetWindowLongW (hWnd=0xb02dc, nIndex=-4) returned 1868032000
[0176.257] SetWindowLongW (hWnd=0xb02dc, nIndex=-4, dwNewLong=19942486) returned 1868032000
[0176.257] GetWindowLongW (hWnd=0xb02dc, nIndex=-4) returned 19942486
[0176.257] GetWindowLongW (hWnd=0xb02dc, nIndex=-16) returned 1174470667
[0176.257] GetWindowLongW (hWnd=0xb02dc, nIndex=-12) returned 0
[0176.257] SetWindowLongW (hWnd=0xb02dc, nIndex=-12, dwNewLong=721628) returned 0
[0176.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0176.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0176.259] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0176.260] SendMessageW (hWnd=0xb02dc, Msg=0x2055, wParam=0xb02dc, lParam=0x3) returned 0x2
[0176.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0176.260] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0176.260] GetWindow (hWnd=0xb02dc, uCmd=0x3) returned 0xe00ea
[0176.260] GetClientRect (in: hWnd=0xb02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0176.260] GetWindowRect (in: hWnd=0xb02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0176.260] GetParent (hWnd=0xb02dc) returned 0x9005a
[0176.260] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0176.260] SetWindowTextW (hWnd=0xb02dc, lpString="&Quit") returned 1
[0176.260] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0176.261] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0176.261] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0176.261] GetClientRect (in: hWnd=0xb02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0176.261] GetWindowRect (in: hWnd=0xb02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0176.261] GetParent (hWnd=0xb02dc) returned 0x9005a
[0176.261] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0176.261] SendMessageW (hWnd=0xb02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xb02dc) returned 0x0
[0176.261] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xb02dc) returned 0x0
[0176.261] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.262] GetParent (hWnd=0xb02dc) returned 0x9005a
[0176.262] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0176.262] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.263] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0176.263] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x9005a, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02da
[0176.264] SetWindowLongW (hWnd=0xb02da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0176.264] GetWindowLongW (hWnd=0xb02da, nIndex=-4) returned 1868026976
[0176.264] SetWindowLongW (hWnd=0xb02da, nIndex=-4, dwNewLong=19943046) returned 1868026976
[0176.264] GetWindowLongW (hWnd=0xb02da, nIndex=-4) returned 19943046
[0176.264] GetWindowLongW (hWnd=0xb02da, nIndex=-16) returned 1177553092
[0176.265] GetWindowLongW (hWnd=0xb02da, nIndex=-12) returned 0
[0176.265] SetWindowLongW (hWnd=0xb02da, nIndex=-12, dwNewLong=721626) returned 0
[0176.265] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0176.266] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0176.267] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0176.316] GetWindow (hWnd=0xb02da, uCmd=0x3) returned 0xb02dc
[0176.316] GetClientRect (in: hWnd=0xb02da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0176.316] GetWindowRect (in: hWnd=0xb02da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0176.316] GetParent (hWnd=0xb02da) returned 0x9005a
[0176.316] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0176.316] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.316] GetSystemMetrics (nIndex=42) returned 0
[0176.316] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0176.316] SendMessageW (hWnd=0xb02da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0176.316] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0176.322] SetWindowTextW (hWnd=0xb02da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0176.322] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0xc, wParam=0x0, lParam=0x2c8b8d0) returned 0x1
[0176.325] GetSystemMetrics (nIndex=5) returned 1
[0176.325] GetSystemMetrics (nIndex=6) returned 1
[0176.325] SendMessageW (hWnd=0xb02da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0176.326] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0176.327] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0176.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0176.328] GetClientRect (in: hWnd=0xb02da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0176.328] GetWindowRect (in: hWnd=0xb02da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0176.328] GetParent (hWnd=0xb02da) returned 0x9005a
[0176.328] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x9005a, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0176.328] SendMessageW (hWnd=0xb02da, Msg=0x2210, wParam=0x2da0001, lParam=0xb02da) returned 0x0
[0176.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x2210, wParam=0x2da0001, lParam=0xb02da) returned 0x0
[0176.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0176.328] GetParent (hWnd=0xb02da) returned 0x9005a
[0176.328] GetWindowLongW (hWnd=0x9005a, nIndex=-8) returned 458844
[0176.328] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0176.328] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0176.329] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x210107e6
[0176.329] GetDeviceCaps (hdc=0x210107e6, index=12) returned 32
[0176.329] GetDeviceCaps (hdc=0x210107e6, index=14) returned 1
[0176.329] DeleteDC (hdc=0x210107e6) returned 1
[0176.329] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0176.329] GetWindowThreadProcessId (in: hWnd=0x9005a, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0176.329] GetCurrentThreadId () returned 0xf50
[0176.329] PostMessageW (hWnd=0x9005a, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0176.329] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.329] GetSystemMetrics (nIndex=42) returned 0
[0176.329] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0176.330] GdipImageGetFrameDimensionsCount (image=0x6603e08, count=0xd7e25c) returned 0x0
[0176.330] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7c10
[0176.330] GdipImageGetFrameDimensionsList (image=0x6603e08, dimensionIDs=0x11f7c10*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0176.330] LocalFree (hMem=0x11f7c10) returned 0x0
[0176.330] GdipImageGetFrameDimensionsCount (image=0x6600cd0, count=0xd7e250) returned 0x0
[0176.330] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7af0
[0176.330] GdipImageGetFrameDimensionsList (image=0x6600cd0, dimensionIDs=0x11f7af0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0176.330] LocalFree (hMem=0x11f7af0) returned 0x0
[0176.330] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0176.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0176.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0176.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0176.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.348] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0176.348] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0176.349] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.349] GetSystemMetrics (nIndex=42) returned 0
[0176.349] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0176.349] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0176.349] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0176.349] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0176.349] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0x130507e5
[0176.349] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0176.349] SaveDC (hdc=0x60100ce) returned 1
[0176.349] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0176.349] CreateSolidBrush (color=0xf0f0f0) returned 0x861007e1
[0176.349] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0x861007e1) returned 1
[0176.350] DeleteObject (ho=0x861007e1) returned 1
[0176.350] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0176.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0176.350] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0176.350] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0176.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0176.351] GetStockObject (i=5) returned 0x900015
[0176.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0176.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0176.351] GetStockObject (i=5) returned 0x900015
[0176.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0176.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0176.352] GetStockObject (i=5) returned 0x900015
[0176.352] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0176.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0176.352] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0176.352] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0176.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0176.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0176.354] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0176.355] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0176.355] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.363] InvalidateRect (hWnd=0xd013e, lpRect=0x0, bErase=0) returned 1
[0176.363] GetFocus () returned 0x9005a
[0176.363] GetFocus () returned 0x9005a
[0176.363] SetFocus (hWnd=0xd013e) returned 0x9005a
[0176.364] GetFocus () returned 0xd013e
[0176.364] IsChild (hWndParent=0x9005a, hWnd=0xd013e) returned 1
[0176.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x8, wParam=0xd013e, lParam=0x0) returned 0x0
[0176.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0176.366] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0176.368] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x7, wParam=0x9005a, lParam=0x0) returned 0x0
[0176.368] GetStockObject (i=5) returned 0x900015
[0176.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0176.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0176.368] GetDlgItem (hDlg=0x9005a, nIDDlgItem=852286) returned 0xd013e
[0176.368] SendMessageW (hWnd=0xd013e, Msg=0x202b, wParam=0xd013e, lParam=0xd7e0dc) returned 0x0
[0176.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x202b, wParam=0xd013e, lParam=0xd7e0dc) returned 0x0
[0176.368] InvalidateRect (hWnd=0xd013e, lpRect=0x0, bErase=0) returned 1
[0176.370] GetFocus () returned 0xd013e
[0176.370] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.370] IsWindowUnicode (hWnd=0x9005a) returned 1
[0176.370] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.371] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.371] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0176.371] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.371] IsWindowUnicode (hWnd=0x9005a) returned 1
[0176.371] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.371] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.371] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.371] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0176.372] IsWindowUnicode (hWnd=0x9005a) returned 1
[0176.372] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.372] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.373] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.373] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.373] IsWindowUnicode (hWnd=0x602c4) returned 1
[0176.373] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.373] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.373] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.373] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0176.373] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0176.373] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.374] IsWindowUnicode (hWnd=0x9005a) returned 1
[0176.374] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.374] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.374] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.374] BeginPaint (in: hWnd=0x9005a, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0176.374] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.374] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.375] GetSystemMetrics (nIndex=42) returned 0
[0176.375] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0176.375] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.375] EndPaint (hWnd=0x9005a, lpPaint=0xd7e274) returned 1
[0176.375] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.375] IsWindowUnicode (hWnd=0xd02d8) returned 1
[0176.375] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.375] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.375] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.375] BeginPaint (in: hWnd=0xd02d8, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0176.375] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.376] CreateCompatibleDC (hdc=0xc0107c5) returned 0xb00107e9
[0176.376] SelectObject (hdc=0xb00107e9, h=0x4a0507fe) returned 0x85000f
[0176.376] GdipCreateFromHDC (hdc=0xb00107e9, graphics=0xd7e2b0) returned 0x0
[0176.376] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.376] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0176.376] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0176.376] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0176.376] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e310) returned 0x0
[0176.376] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.376] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0176.376] LocalFree (hMem=0x11ee788) returned 0x0
[0176.376] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0176.376] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0176.376] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0176.376] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0176.376] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0176.376] GetWindowTextLengthW (hWnd=0xd02d8) returned 0
[0176.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0176.377] GetSystemMetrics (nIndex=42) returned 0
[0176.377] GetWindowTextW (in: hWnd=0xd02d8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0176.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0176.377] GetClientRect (in: hWnd=0xd02d8, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0176.377] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0176.377] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0176.377] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0176.377] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0176.377] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e164) returned 0x0
[0176.377] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0176.377] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0176.377] LocalFree (hMem=0x11ee868) returned 0x0
[0176.377] GdipCombineRegionRegion (region=0x6646b08, region2=0x66463b8, combineMode=0x1) returned 0x0
[0176.377] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0176.377] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0176.377] LocalFree (hMem=0x11ee8d8) returned 0x0
[0176.377] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0176.377] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0176.377] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0176.377] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0176.377] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0176.377] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0176.377] GetCurrentObject (hdc=0xb00107e9, type=0x1) returned 0xb00017
[0176.377] GetCurrentObject (hdc=0xb00107e9, type=0x2) returned 0x900010
[0176.378] GetCurrentObject (hdc=0xb00107e9, type=0x7) returned 0x4a0507fe
[0176.378] GetCurrentObject (hdc=0xb00107e9, type=0x6) returned 0x8a01c2
[0176.378] SaveDC (hdc=0xb00107e9) returned 1
[0176.378] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b040807
[0176.378] GetClipRgn (hdc=0xb00107e9, hrgn=0x8b040807) returned 0
[0176.378] SelectClipRgn (hdc=0xb00107e9, hrgn=0x100407de) returned 2
[0176.378] DeleteObject (ho=0x8b040807) returned 1
[0176.378] DeleteObject (ho=0x100407de) returned 1
[0176.378] OffsetViewportOrgEx (in: hdc=0xb00107e9, x=0, y=0, lppt=0x2c914bc | out: lppt=0x2c914bc) returned 1
[0176.378] GetNearestColor (hdc=0xb00107e9, color=0xf0f0f0) returned 0xf0f0f0
[0176.378] CreateSolidBrush (color=0xf0f0f0) returned 0x871007e1
[0176.378] FillRect (hDC=0xb00107e9, lprc=0xd7e198, hbr=0x871007e1) returned 1
[0176.378] DeleteObject (ho=0x871007e1) returned 1
[0176.378] RestoreDC (hdc=0xb00107e9, nSavedDC=-1) returned 1
[0176.378] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107e9) returned 0x0
[0176.378] GdipRestoreGraphics (graphics=0x6600030, state=0xfc220dbd) returned 0x0
[0176.378] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0176.378] GetWindowTextLengthW (hWnd=0xd02d8) returned 0
[0176.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0176.379] GetSystemMetrics (nIndex=42) returned 0
[0176.379] GetWindowTextW (in: hWnd=0xd02d8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0176.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0176.379] GdipGetImageWidth (image=0x6603e08, width=0xd7e1e0) returned 0x0
[0176.379] GdipGetImageHeight (image=0x6603e08, height=0xd7e1e0) returned 0x0
[0176.379] GdipGetImageWidth (image=0x6603e08, width=0xd7e1cc) returned 0x0
[0176.379] GdipGetImageHeight (image=0x6603e08, height=0xd7e1cc) returned 0x0
[0176.379] GdipDrawImageRectI (graphics=0x6600030, image=0x6603e08, x=16, y=16, width=32, height=32) returned 0x0
[0176.379] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0176.379] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0xb00107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.379] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107e9) returned 0x0
[0176.379] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.379] SelectObject (hdc=0xb00107e9, h=0x85000f) returned 0x4a0507fe
[0176.379] DeleteDC (hdc=0xb00107e9) returned 1
[0176.379] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.379] EndPaint (hWnd=0xd02d8, lpPaint=0xd7e294) returned 1
[0176.380] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.380] IsWindowUnicode (hWnd=0xc02d2) returned 1
[0176.380] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.380] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.380] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.380] BeginPaint (in: hWnd=0xc02d2, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0176.380] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.380] CreateCompatibleDC (hdc=0x60100ce) returned 0xb20107e9
[0176.380] GetObjectType (h=0x60100ce) returned 0x3
[0176.380] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0x2d0507e6
[0176.380] GetDIBits (in: hdc=0x60100ce, hbm=0x2d0507e6, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0176.380] GetDIBits (in: hdc=0x60100ce, hbm=0x2d0507e6, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0176.380] DeleteObject (ho=0x2d0507e6) returned 1
[0176.380] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xfd0507fc
[0176.381] SelectObject (hdc=0xb20107e9, h=0xfd0507fc) returned 0x85000f
[0176.381] GdipCreateFromHDC (hdc=0xb20107e9, graphics=0xd7e234) returned 0x0
[0176.381] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.381] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0176.381] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0176.381] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0176.381] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2d4) returned 0x0
[0176.381] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.381] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0176.381] LocalFree (hMem=0x11ee788) returned 0x0
[0176.381] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0176.381] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0176.381] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0176.381] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0176.381] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0176.381] GetWindowTextLengthW (hWnd=0xc02d2) returned 232
[0176.381] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0176.382] GetSystemMetrics (nIndex=42) returned 0
[0176.382] GetWindowTextW (in: hWnd=0xc02d2, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0176.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0176.382] GetClientRect (in: hWnd=0xc02d2, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0176.382] GdipCreateRegion (region=0xd7e110) returned 0x0
[0176.382] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0176.382] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0176.382] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0176.382] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e128) returned 0x0
[0176.382] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.382] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0176.382] LocalFree (hMem=0x11ee788) returned 0x0
[0176.382] GdipCombineRegionRegion (region=0x6646568, region2=0x66469e8, combineMode=0x1) returned 0x0
[0176.382] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.382] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0176.382] LocalFree (hMem=0x11ee788) returned 0x0
[0176.382] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0176.382] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e150) returned 0x0
[0176.382] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e140) returned 0x0
[0176.383] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0176.383] GdipDeleteRegion (region=0x6646568) returned 0x0
[0176.383] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0176.383] GetCurrentObject (hdc=0xb20107e9, type=0x1) returned 0xb00017
[0176.383] GetCurrentObject (hdc=0xb20107e9, type=0x2) returned 0x900010
[0176.383] GetCurrentObject (hdc=0xb20107e9, type=0x7) returned 0xfffffffffd0507fc
[0176.383] GetCurrentObject (hdc=0xb20107e9, type=0x6) returned 0x8a01c2
[0176.383] SaveDC (hdc=0xb20107e9) returned 1
[0176.383] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x110407de
[0176.383] GetClipRgn (hdc=0xb20107e9, hrgn=0x110407de) returned 0
[0176.383] SelectClipRgn (hdc=0xb20107e9, hrgn=0x8c040807) returned 2
[0176.383] DeleteObject (ho=0x110407de) returned 1
[0176.383] DeleteObject (ho=0x8c040807) returned 1
[0176.383] OffsetViewportOrgEx (in: hdc=0xb20107e9, x=0, y=0, lppt=0x2c92e84 | out: lppt=0x2c92e84) returned 1
[0176.384] GetNearestColor (hdc=0xb20107e9, color=0xf0f0f0) returned 0xf0f0f0
[0176.384] CreateSolidBrush (color=0xf0f0f0) returned 0x881007e1
[0176.384] FillRect (hDC=0xb20107e9, lprc=0xd7e15c, hbr=0x881007e1) returned 1
[0176.385] DeleteObject (ho=0x881007e1) returned 1
[0176.385] RestoreDC (hdc=0xb20107e9, nSavedDC=-1) returned 1
[0176.386] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107e9) returned 0x0
[0176.386] GdipRestoreGraphics (graphics=0x6600030, state=0xfc200dbd) returned 0x0
[0176.386] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0176.386] GetWindowTextLengthW (hWnd=0xc02d2) returned 232
[0176.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0176.386] GetSystemMetrics (nIndex=42) returned 0
[0176.386] GetWindowTextW (in: hWnd=0xc02d2, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0176.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0176.386] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0176.386] GetCurrentObject (hdc=0xb20107e9, type=0x1) returned 0xb00017
[0176.386] GetCurrentObject (hdc=0xb20107e9, type=0x2) returned 0x900010
[0176.386] GetCurrentObject (hdc=0xb20107e9, type=0x7) returned 0xfffffffffd0507fc
[0176.386] GetCurrentObject (hdc=0xb20107e9, type=0x6) returned 0x8a01c2
[0176.386] SaveDC (hdc=0xb20107e9) returned 1
[0176.386] GetNearestColor (hdc=0xb20107e9, color=0x0) returned 0x0
[0176.387] RestoreDC (hdc=0xb20107e9, nSavedDC=-1) returned 1
[0176.387] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107e9) returned 0x0
[0176.387] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0176.387] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0176.387] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2c93680 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0176.394] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0176.394] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0176.394] GetCurrentObject (hdc=0xb20107e9, type=0x1) returned 0xb00017
[0176.394] GetCurrentObject (hdc=0xb20107e9, type=0x2) returned 0x900010
[0176.394] GetCurrentObject (hdc=0xb20107e9, type=0x7) returned 0xfffffffffd0507fc
[0176.394] GetCurrentObject (hdc=0xb20107e9, type=0x6) returned 0x8a01c2
[0176.394] SaveDC (hdc=0xb20107e9) returned 1
[0176.394] GetTextAlign (hdc=0xb20107e9) returned 0x0
[0176.394] GetTextColor (hdc=0xb20107e9) returned 0x0
[0176.394] GetCurrentObject (hdc=0xb20107e9, type=0x6) returned 0x8a01c2
[0176.394] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0176.395] SelectObject (hdc=0xb20107e9, h=0x6d0a0520) returned 0x8a01c2
[0176.395] GetBkMode (hdc=0xb20107e9) returned 2
[0176.395] SetBkMode (hdc=0xb20107e9, mode=1) returned 2
[0176.395] DrawTextExW (in: hdc=0xb20107e9, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2c938a4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0176.398] RestoreDC (hdc=0xb20107e9, nSavedDC=-1) returned 1
[0176.398] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107e9) returned 0x0
[0176.398] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0176.398] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0xb20107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.398] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107e9) returned 0x0
[0176.398] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.398] SelectObject (hdc=0xb20107e9, h=0x85000f) returned 0xfd0507fc
[0176.398] DeleteDC (hdc=0xb20107e9) returned 1
[0176.398] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.398] DeleteObject (ho=0xfd0507fc) returned 1
[0176.399] EndPaint (hWnd=0xc02d2, lpPaint=0xd7e258) returned 1
[0176.399] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.400] IsWindowUnicode (hWnd=0xd013e) returned 1
[0176.400] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.400] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.400] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.400] BeginPaint (in: hWnd=0xd013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0176.400] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.400] CreateCompatibleDC (hdc=0xf0105ee) returned 0x2f0107e6
[0176.400] SelectObject (hdc=0x2f0107e6, h=0x4a0507fe) returned 0x85000f
[0176.400] GdipCreateFromHDC (hdc=0x2f0107e6, graphics=0xd7e268) returned 0x0
[0176.400] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.400] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0176.400] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0176.401] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0176.401] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0176.401] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0176.401] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee910) returned 0x0
[0176.401] LocalFree (hMem=0x11ee910) returned 0x0
[0176.401] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0176.401] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0176.401] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0176.401] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0176.401] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0176.401] GdipRestoreGraphics (graphics=0x6600030, state=0xfc1e0dbd) returned 0x0
[0176.401] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0176.401] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0176.401] GetCurrentObject (hdc=0x2f0107e6, type=0x1) returned 0xb00017
[0176.401] GetCurrentObject (hdc=0x2f0107e6, type=0x2) returned 0x900010
[0176.401] GetCurrentObject (hdc=0x2f0107e6, type=0x7) returned 0x4a0507fe
[0176.401] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.401] SaveDC (hdc=0x2f0107e6) returned 1
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0x696969) returned 0x696969
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0x0) returned 0x0
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0xffffff) returned 0xffffff
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0176.402] GetNearestColor (hdc=0x2f0107e6, color=0x0) returned 0x0
[0176.402] RestoreDC (hdc=0x2f0107e6, nSavedDC=-1) returned 1
[0176.402] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e6) returned 0x0
[0176.402] IsAppThemed () returned 0x1
[0176.402] GetThemeAppProperties () returned 0x3
[0176.402] GetThemeAppProperties () returned 0x3
[0176.402] GdipGetImageWidth (image=0x6600cd0, width=0xd7e168) returned 0x0
[0176.403] GdipGetImageHeight (image=0x6600cd0, height=0xd7e168) returned 0x0
[0176.403] IsAppThemed () returned 0x1
[0176.403] GetThemeAppProperties () returned 0x3
[0176.403] GetThemeAppProperties () returned 0x3
[0176.403] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2c93ff4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0176.404] IsAppThemed () returned 0x1
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] IsAppThemed () returned 0x1
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] GetFocus () returned 0xd013e
[0176.404] IsAppThemed () returned 0x1
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] IsAppThemed () returned 0x1
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] IsThemePartDefined () returned 0x1
[0176.404] IsAppThemed () returned 0x1
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] GetThemeAppProperties () returned 0x3
[0176.404] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0176.404] IsAppThemed () returned 0x1
[0176.405] GetThemeAppProperties () returned 0x3
[0176.405] GetThemeAppProperties () returned 0x3
[0176.405] IsAppThemed () returned 0x1
[0176.405] GetThemeAppProperties () returned 0x3
[0176.405] GetThemeAppProperties () returned 0x3
[0176.405] IsThemePartDefined () returned 0x1
[0176.405] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0176.405] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0176.405] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0176.405] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0176.405] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dff0) returned 0x0
[0176.405] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.405] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0176.405] LocalFree (hMem=0x11eec58) returned 0x0
[0176.405] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0176.405] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0176.405] LocalFree (hMem=0x11ee8d8) returned 0x0
[0176.405] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0176.405] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e018) returned 0x0
[0176.406] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e008) returned 0x0
[0176.406] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0176.406] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0176.406] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0176.406] GetCurrentObject (hdc=0x2f0107e6, type=0x1) returned 0xb00017
[0176.406] GetCurrentObject (hdc=0x2f0107e6, type=0x2) returned 0x900010
[0176.406] GetCurrentObject (hdc=0x2f0107e6, type=0x7) returned 0x4a0507fe
[0176.406] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.406] SaveDC (hdc=0x2f0107e6) returned 1
[0176.406] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8d040807
[0176.406] GetClipRgn (hdc=0x2f0107e6, hrgn=0x8d040807) returned 0
[0176.406] SelectClipRgn (hdc=0x2f0107e6, hrgn=0x150407de) returned 2
[0176.406] DeleteObject (ho=0x8d040807) returned 1
[0176.406] DeleteObject (ho=0x150407de) returned 1
[0176.406] OffsetViewportOrgEx (in: hdc=0x2f0107e6, x=0, y=0, lppt=0x2c946a4 | out: lppt=0x2c946a4) returned 1
[0176.406] DrawThemeParentBackground () returned 0x0
[0176.407] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0176.407] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0176.407] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.407] GetSystemMetrics (nIndex=42) returned 0
[0176.407] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0176.407] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0176.407] GetCurrentObject (hdc=0x2f0107e6, type=0x1) returned 0xb00017
[0176.407] GetCurrentObject (hdc=0x2f0107e6, type=0x2) returned 0x900010
[0176.407] GetCurrentObject (hdc=0x2f0107e6, type=0x7) returned 0x4a0507fe
[0176.407] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.407] SaveDC (hdc=0x2f0107e6) returned 2
[0176.407] GetNearestColor (hdc=0x2f0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.407] CreateSolidBrush (color=0xf0f0f0) returned 0x891007e1
[0176.408] FillRect (hDC=0x2f0107e6, lprc=0xd7da38, hbr=0x891007e1) returned 1
[0176.408] DeleteObject (ho=0x891007e1) returned 1
[0176.408] RestoreDC (hdc=0x2f0107e6, nSavedDC=-1) returned 1
[0176.408] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.408] GetSystemMetrics (nIndex=42) returned 0
[0176.408] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.408] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0176.408] GetCurrentObject (hdc=0x2f0107e6, type=0x1) returned 0xb00017
[0176.408] GetCurrentObject (hdc=0x2f0107e6, type=0x2) returned 0x900010
[0176.408] GetCurrentObject (hdc=0x2f0107e6, type=0x7) returned 0x4a0507fe
[0176.408] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.408] SaveDC (hdc=0x2f0107e6) returned 2
[0176.408] GetNearestColor (hdc=0x2f0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.408] CreateSolidBrush (color=0xf0f0f0) returned 0x8a1007e1
[0176.408] FillRect (hDC=0x2f0107e6, lprc=0xd7d9d8, hbr=0x8a1007e1) returned 1
[0176.408] DeleteObject (ho=0x8a1007e1) returned 1
[0176.408] RestoreDC (hdc=0x2f0107e6, nSavedDC=-1) returned 1
[0176.408] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.409] GetSystemMetrics (nIndex=42) returned 0
[0176.409] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.409] RestoreDC (hdc=0x2f0107e6, nSavedDC=-1) returned 1
[0176.409] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e6) returned 0x0
[0176.409] IsAppThemed () returned 0x1
[0176.409] GetThemeAppProperties () returned 0x3
[0176.409] GetThemeAppProperties () returned 0x3
[0176.409] IsAppThemed () returned 0x1
[0176.409] GetThemeAppProperties () returned 0x3
[0176.409] GetThemeAppProperties () returned 0x3
[0176.409] IsThemePartDefined () returned 0x1
[0176.409] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0176.409] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0176.409] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0176.409] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0176.409] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df74) returned 0x0
[0176.409] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea98) returned 0x0
[0176.409] LocalFree (hMem=0x11eea98) returned 0x0
[0176.409] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0176.410] LocalFree (hMem=0x11eed00) returned 0x0
[0176.410] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0176.410] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0176.410] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0176.410] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0176.410] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0176.410] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0176.410] GetCurrentObject (hdc=0x2f0107e6, type=0x1) returned 0xb00017
[0176.410] GetCurrentObject (hdc=0x2f0107e6, type=0x2) returned 0x900010
[0176.410] GetCurrentObject (hdc=0x2f0107e6, type=0x7) returned 0x4a0507fe
[0176.410] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.410] SaveDC (hdc=0x2f0107e6) returned 1
[0176.410] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x160407de
[0176.410] GetClipRgn (hdc=0x2f0107e6, hrgn=0x160407de) returned 0
[0176.410] SelectClipRgn (hdc=0x2f0107e6, hrgn=0x8f040807) returned 2
[0176.410] DeleteObject (ho=0x160407de) returned 1
[0176.410] DeleteObject (ho=0x8f040807) returned 1
[0176.410] OffsetViewportOrgEx (in: hdc=0x2f0107e6, x=0, y=0, lppt=0x2c94f50 | out: lppt=0x2c94f50) returned 1
[0176.410] IsAppThemed () returned 0x1
[0176.410] GetThemeAppProperties () returned 0x3
[0176.410] GetThemeAppProperties () returned 0x3
[0176.410] DrawThemeBackground () returned 0x0
[0176.411] RestoreDC (hdc=0x2f0107e6, nSavedDC=-1) returned 1
[0176.411] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e6) returned 0x0
[0176.411] GdipCreateRegion (region=0xd7df60) returned 0x0
[0176.411] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0176.411] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0176.411] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0176.411] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0176.411] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0176.411] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0176.411] LocalFree (hMem=0x11ee868) returned 0x0
[0176.411] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.411] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0176.411] LocalFree (hMem=0x11eec58) returned 0x0
[0176.411] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0176.411] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0176.411] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0176.411] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0176.411] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0176.411] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0176.411] GetCurrentObject (hdc=0x2f0107e6, type=0x1) returned 0xb00017
[0176.411] GetCurrentObject (hdc=0x2f0107e6, type=0x2) returned 0x900010
[0176.411] GetCurrentObject (hdc=0x2f0107e6, type=0x7) returned 0x4a0507fe
[0176.412] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.412] SaveDC (hdc=0x2f0107e6) returned 1
[0176.412] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90040807
[0176.412] GetClipRgn (hdc=0x2f0107e6, hrgn=0x90040807) returned 0
[0176.412] SelectClipRgn (hdc=0x2f0107e6, hrgn=0x170407de) returned 2
[0176.412] DeleteObject (ho=0x90040807) returned 1
[0176.412] DeleteObject (ho=0x170407de) returned 1
[0176.412] OffsetViewportOrgEx (in: hdc=0x2f0107e6, x=0, y=0, lppt=0x2c95224 | out: lppt=0x2c95224) returned 1
[0176.412] IsAppThemed () returned 0x1
[0176.412] GetThemeAppProperties () returned 0x3
[0176.412] GetThemeAppProperties () returned 0x3
[0176.412] GetThemeBackgroundContentRect () returned 0x0
[0176.412] RestoreDC (hdc=0x2f0107e6, nSavedDC=-1) returned 1
[0176.412] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e6) returned 0x0
[0176.412] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0176.412] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0176.412] GdipCloneRegion (region=0x66468c8, cloneRegion=0xd7e150) returned 0x0
[0176.412] GdipCombineRegionRectI (region=0x6646568, rect=0xd7e138, combineMode=0x1) returned 0x0
[0176.412] GdipCombineRegionRectI (region=0x6646568, rect=0xd7e138, combineMode=0x1) returned 0x0
[0176.412] GdipSetClipRegion (graphics=0x6600030, region=0x6646568, combineMode=0x0) returned 0x0
[0176.412] GdipGetImageWidth (image=0x6600cd0, width=0xd7e154) returned 0x0
[0176.412] GdipGetImageHeight (image=0x6600cd0, height=0xd7e148) returned 0x0
[0176.413] GdipDrawImageRectI (graphics=0x6600030, image=0x6600cd0, x=4, y=4, width=16, height=16) returned 0x0
[0176.413] GdipSetClipRegion (graphics=0x6600030, region=0x66468c8, combineMode=0x0) returned 0x0
[0176.413] IsAppThemed () returned 0x1
[0176.413] GetThemeAppProperties () returned 0x3
[0176.413] GetThemeAppProperties () returned 0x3
[0176.413] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0176.413] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0176.413] GetCurrentObject (hdc=0x2f0107e6, type=0x1) returned 0xb00017
[0176.413] GetCurrentObject (hdc=0x2f0107e6, type=0x2) returned 0x900010
[0176.413] GetCurrentObject (hdc=0x2f0107e6, type=0x7) returned 0x4a0507fe
[0176.413] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.413] SaveDC (hdc=0x2f0107e6) returned 1
[0176.413] GetTextAlign (hdc=0x2f0107e6) returned 0x0
[0176.413] GetTextColor (hdc=0x2f0107e6) returned 0x0
[0176.413] GetCurrentObject (hdc=0x2f0107e6, type=0x6) returned 0x8a01c2
[0176.413] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0176.413] SelectObject (hdc=0x2f0107e6, h=0x6d0a0520) returned 0x8a01c2
[0176.413] GetBkMode (hdc=0x2f0107e6) returned 2
[0176.413] SetBkMode (hdc=0x2f0107e6, mode=1) returned 2
[0176.414] DrawTextExW (in: hdc=0x2f0107e6, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2c955e4 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0176.414] DrawTextExW (in: hdc=0x2f0107e6, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c955e4 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0176.414] RestoreDC (hdc=0x2f0107e6, nSavedDC=-1) returned 1
[0176.414] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e6) returned 0x0
[0176.414] GetFocus () returned 0xd013e
[0176.414] IsAppThemed () returned 0x1
[0176.414] GetThemeAppProperties () returned 0x3
[0176.414] GetThemeAppProperties () returned 0x3
[0176.414] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0176.414] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x2f0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.414] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e6) returned 0x0
[0176.414] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.415] SelectObject (hdc=0x2f0107e6, h=0x85000f) returned 0x4a0507fe
[0176.415] DeleteDC (hdc=0x2f0107e6) returned 1
[0176.415] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.415] EndPaint (hWnd=0xd013e, lpPaint=0xd7e24c) returned 1
[0176.415] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.415] IsWindowUnicode (hWnd=0xe00ea) returned 1
[0176.415] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.415] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.415] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.415] BeginPaint (in: hWnd=0xe00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0176.415] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.415] CreateCompatibleDC (hdc=0x10105d6) returned 0x310107e6
[0176.415] SelectObject (hdc=0x310107e6, h=0x4a0507fe) returned 0x85000f
[0176.416] GdipCreateFromHDC (hdc=0x310107e6, graphics=0xd7e268) returned 0x0
[0176.416] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.416] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0176.416] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0176.416] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0176.416] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0176.416] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.416] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0176.416] LocalFree (hMem=0x11ee788) returned 0x0
[0176.416] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0176.416] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0176.416] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0176.416] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0176.416] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0176.416] GdipRestoreGraphics (graphics=0x6600030, state=0xfc1c0dbd) returned 0x0
[0176.416] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0176.416] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0176.416] GetCurrentObject (hdc=0x310107e6, type=0x1) returned 0xb00017
[0176.416] GetCurrentObject (hdc=0x310107e6, type=0x2) returned 0x900010
[0176.416] GetCurrentObject (hdc=0x310107e6, type=0x7) returned 0x4a0507fe
[0176.417] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.417] SaveDC (hdc=0x310107e6) returned 1
[0176.417] GetNearestColor (hdc=0x310107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.417] GetNearestColor (hdc=0x310107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.417] GetNearestColor (hdc=0x310107e6, color=0x696969) returned 0x696969
[0176.417] GetNearestColor (hdc=0x310107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.417] GetNearestColor (hdc=0x310107e6, color=0x0) returned 0x0
[0176.417] GetNearestColor (hdc=0x310107e6, color=0xffffff) returned 0xffffff
[0176.417] GetNearestColor (hdc=0x310107e6, color=0xe5e5e5) returned 0xe5e5e5
[0176.417] GetNearestColor (hdc=0x310107e6, color=0xd7d7d7) returned 0xd7d7d7
[0176.417] GetNearestColor (hdc=0x310107e6, color=0x0) returned 0x0
[0176.417] RestoreDC (hdc=0x310107e6, nSavedDC=-1) returned 1
[0176.417] GdipReleaseDC (graphics=0x6600030, hdc=0x310107e6) returned 0x0
[0176.417] IsAppThemed () returned 0x1
[0176.425] GetThemeAppProperties () returned 0x3
[0176.425] GetThemeAppProperties () returned 0x3
[0176.425] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0176.425] SendMessageW (hWnd=0x9005a, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0176.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0176.425] IsAppThemed () returned 0x1
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2c95df4 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0176.426] IsAppThemed () returned 0x1
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] IsAppThemed () returned 0x1
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] GetFocus () returned 0xd013e
[0176.426] IsAppThemed () returned 0x1
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] IsAppThemed () returned 0x1
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] IsThemePartDefined () returned 0x1
[0176.426] IsAppThemed () returned 0x1
[0176.426] GetThemeAppProperties () returned 0x3
[0176.426] GetThemeAppProperties () returned 0x3
[0176.427] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0176.427] IsAppThemed () returned 0x1
[0176.427] GetThemeAppProperties () returned 0x3
[0176.427] GetThemeAppProperties () returned 0x3
[0176.427] IsAppThemed () returned 0x1
[0176.427] GetThemeAppProperties () returned 0x3
[0176.427] GetThemeAppProperties () returned 0x3
[0176.427] IsThemePartDefined () returned 0x1
[0176.427] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0176.427] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0176.427] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0176.427] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0176.427] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0176.427] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.427] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0176.427] LocalFree (hMem=0x11ee788) returned 0x0
[0176.427] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0176.427] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0176.427] LocalFree (hMem=0x11ee9f0) returned 0x0
[0176.427] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0176.427] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0176.427] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0176.427] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0176.428] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0176.428] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0176.428] GetCurrentObject (hdc=0x310107e6, type=0x1) returned 0xb00017
[0176.428] GetCurrentObject (hdc=0x310107e6, type=0x2) returned 0x900010
[0176.428] GetCurrentObject (hdc=0x310107e6, type=0x7) returned 0x4a0507fe
[0176.428] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.428] SaveDC (hdc=0x310107e6) returned 1
[0176.428] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x180407de
[0176.428] GetClipRgn (hdc=0x310107e6, hrgn=0x180407de) returned 0
[0176.428] SelectClipRgn (hdc=0x310107e6, hrgn=0x94040807) returned 2
[0176.428] DeleteObject (ho=0x180407de) returned 1
[0176.428] DeleteObject (ho=0x94040807) returned 1
[0176.428] OffsetViewportOrgEx (in: hdc=0x310107e6, x=0, y=0, lppt=0x2c964a4 | out: lppt=0x2c964a4) returned 1
[0176.428] DrawThemeParentBackground () returned 0x0
[0176.428] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0176.428] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0176.429] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.429] GetSystemMetrics (nIndex=42) returned 0
[0176.429] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0176.429] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0176.429] GetCurrentObject (hdc=0x310107e6, type=0x1) returned 0xb00017
[0176.429] GetCurrentObject (hdc=0x310107e6, type=0x2) returned 0x900010
[0176.429] GetCurrentObject (hdc=0x310107e6, type=0x7) returned 0x4a0507fe
[0176.429] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.429] SaveDC (hdc=0x310107e6) returned 2
[0176.429] GetNearestColor (hdc=0x310107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.429] CreateSolidBrush (color=0xf0f0f0) returned 0x8b1007e1
[0176.429] FillRect (hDC=0x310107e6, lprc=0xd7da38, hbr=0x8b1007e1) returned 1
[0176.429] DeleteObject (ho=0x8b1007e1) returned 1
[0176.429] RestoreDC (hdc=0x310107e6, nSavedDC=-1) returned 1
[0176.429] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.429] GetSystemMetrics (nIndex=42) returned 0
[0176.429] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.430] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0176.430] GetCurrentObject (hdc=0x310107e6, type=0x1) returned 0xb00017
[0176.430] GetCurrentObject (hdc=0x310107e6, type=0x2) returned 0x900010
[0176.430] GetCurrentObject (hdc=0x310107e6, type=0x7) returned 0x4a0507fe
[0176.430] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.430] SaveDC (hdc=0x310107e6) returned 2
[0176.430] GetNearestColor (hdc=0x310107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.430] CreateSolidBrush (color=0xf0f0f0) returned 0x8c1007e1
[0176.430] FillRect (hDC=0x310107e6, lprc=0xd7d9d8, hbr=0x8c1007e1) returned 1
[0176.430] DeleteObject (ho=0x8c1007e1) returned 1
[0176.430] RestoreDC (hdc=0x310107e6, nSavedDC=-1) returned 1
[0176.430] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.430] GetSystemMetrics (nIndex=42) returned 0
[0176.430] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.430] RestoreDC (hdc=0x310107e6, nSavedDC=-1) returned 1
[0176.431] GdipReleaseDC (graphics=0x6600030, hdc=0x310107e6) returned 0x0
[0176.431] IsAppThemed () returned 0x1
[0176.431] GetThemeAppProperties () returned 0x3
[0176.431] GetThemeAppProperties () returned 0x3
[0176.431] IsAppThemed () returned 0x1
[0176.431] GetThemeAppProperties () returned 0x3
[0176.431] GetThemeAppProperties () returned 0x3
[0176.431] IsThemePartDefined () returned 0x1
[0176.431] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0176.431] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0176.431] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0176.431] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0176.431] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0176.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0176.431] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0176.431] LocalFree (hMem=0x11eea60) returned 0x0
[0176.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0176.431] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0176.431] LocalFree (hMem=0x11ee9f0) returned 0x0
[0176.431] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0176.431] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0176.431] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0176.432] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0176.432] GdipDeleteRegion (region=0x6646958) returned 0x0
[0176.432] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0176.432] GetCurrentObject (hdc=0x310107e6, type=0x1) returned 0xb00017
[0176.432] GetCurrentObject (hdc=0x310107e6, type=0x2) returned 0x900010
[0176.432] GetCurrentObject (hdc=0x310107e6, type=0x7) returned 0x4a0507fe
[0176.432] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.432] SaveDC (hdc=0x310107e6) returned 1
[0176.432] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x95040807
[0176.432] GetClipRgn (hdc=0x310107e6, hrgn=0x95040807) returned 0
[0176.432] SelectClipRgn (hdc=0x310107e6, hrgn=0x1a0407de) returned 2
[0176.432] DeleteObject (ho=0x95040807) returned 1
[0176.432] DeleteObject (ho=0x1a0407de) returned 1
[0176.432] OffsetViewportOrgEx (in: hdc=0x310107e6, x=0, y=0, lppt=0x2c96d50 | out: lppt=0x2c96d50) returned 1
[0176.432] IsAppThemed () returned 0x1
[0176.432] GetThemeAppProperties () returned 0x3
[0176.432] GetThemeAppProperties () returned 0x3
[0176.432] DrawThemeBackground () returned 0x0
[0176.433] RestoreDC (hdc=0x310107e6, nSavedDC=-1) returned 1
[0176.433] GdipReleaseDC (graphics=0x6600030, hdc=0x310107e6) returned 0x0
[0176.433] GdipCreateRegion (region=0xd7df60) returned 0x0
[0176.433] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0176.433] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0176.433] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0176.433] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df78) returned 0x0
[0176.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0176.433] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea98) returned 0x0
[0176.433] LocalFree (hMem=0x11eea98) returned 0x0
[0176.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.433] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0176.433] LocalFree (hMem=0x11ee788) returned 0x0
[0176.433] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0176.433] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0176.433] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0176.433] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0176.433] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0176.433] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0176.433] GetCurrentObject (hdc=0x310107e6, type=0x1) returned 0xb00017
[0176.433] GetCurrentObject (hdc=0x310107e6, type=0x2) returned 0x900010
[0176.433] GetCurrentObject (hdc=0x310107e6, type=0x7) returned 0x4a0507fe
[0176.434] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.434] SaveDC (hdc=0x310107e6) returned 1
[0176.434] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1b0407de
[0176.434] GetClipRgn (hdc=0x310107e6, hrgn=0x1b0407de) returned 0
[0176.434] SelectClipRgn (hdc=0x310107e6, hrgn=0x96040807) returned 2
[0176.434] DeleteObject (ho=0x1b0407de) returned 1
[0176.434] DeleteObject (ho=0x96040807) returned 1
[0176.434] OffsetViewportOrgEx (in: hdc=0x310107e6, x=0, y=0, lppt=0x2c97024 | out: lppt=0x2c97024) returned 1
[0176.434] IsAppThemed () returned 0x1
[0176.434] GetThemeAppProperties () returned 0x3
[0176.434] GetThemeAppProperties () returned 0x3
[0176.434] GetThemeBackgroundContentRect () returned 0x0
[0176.434] RestoreDC (hdc=0x310107e6, nSavedDC=-1) returned 1
[0176.434] GdipReleaseDC (graphics=0x6600030, hdc=0x310107e6) returned 0x0
[0176.434] IsAppThemed () returned 0x1
[0176.434] GetThemeAppProperties () returned 0x3
[0176.434] GetThemeAppProperties () returned 0x3
[0176.434] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0176.434] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0176.435] GetCurrentObject (hdc=0x310107e6, type=0x1) returned 0xb00017
[0176.435] GetCurrentObject (hdc=0x310107e6, type=0x2) returned 0x900010
[0176.435] GetCurrentObject (hdc=0x310107e6, type=0x7) returned 0x4a0507fe
[0176.435] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.435] SaveDC (hdc=0x310107e6) returned 1
[0176.435] GetTextAlign (hdc=0x310107e6) returned 0x0
[0176.435] GetTextColor (hdc=0x310107e6) returned 0x0
[0176.435] GetCurrentObject (hdc=0x310107e6, type=0x6) returned 0x8a01c2
[0176.435] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0176.435] SelectObject (hdc=0x310107e6, h=0x6d0a0520) returned 0x8a01c2
[0176.435] GetBkMode (hdc=0x310107e6) returned 2
[0176.435] SetBkMode (hdc=0x310107e6, mode=1) returned 2
[0176.435] DrawTextExW (in: hdc=0x310107e6, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2c973c4 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0176.436] DrawTextExW (in: hdc=0x310107e6, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c973c4 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0176.436] RestoreDC (hdc=0x310107e6, nSavedDC=-1) returned 1
[0176.436] GdipReleaseDC (graphics=0x6600030, hdc=0x310107e6) returned 0x0
[0176.436] GetFocus () returned 0xd013e
[0176.436] IsAppThemed () returned 0x1
[0176.436] GetThemeAppProperties () returned 0x3
[0176.436] GetThemeAppProperties () returned 0x3
[0176.436] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0176.436] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x310107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.436] GdipReleaseDC (graphics=0x6600030, hdc=0x310107e6) returned 0x0
[0176.436] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.436] SelectObject (hdc=0x310107e6, h=0x85000f) returned 0x4a0507fe
[0176.436] DeleteDC (hdc=0x310107e6) returned 1
[0176.437] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.437] EndPaint (hWnd=0xe00ea, lpPaint=0xd7e24c) returned 1
[0176.437] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.437] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.437] IsWindowUnicode (hWnd=0xe00ea) returned 1
[0176.437] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.437] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.437] SetCursor (hCursor=0x10003) returned 0x10003
[0176.437] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.437] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.437] _TrackMouseEvent (in: lpEventTrack=0x2c974c0 | out: lpEventTrack=0x2c974c0) returned 1
[0176.438] SendMessageW (hWnd=0xe00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0176.438] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0176.438] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.438] GetKeyState (nVirtKey=1) returned 0
[0176.438] GetKeyState (nVirtKey=2) returned 0
[0176.438] GetKeyState (nVirtKey=4) returned 0
[0176.438] GetKeyState (nVirtKey=5) returned 0
[0176.438] GetKeyState (nVirtKey=6) returned 0
[0176.438] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.438] IsWindowUnicode (hWnd=0xe00ea) returned 1
[0176.438] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.439] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.439] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.439] BeginPaint (in: hWnd=0xe00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0176.439] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.439] CreateCompatibleDC (hdc=0x10105d6) returned 0x320107e6
[0176.439] SelectObject (hdc=0x320107e6, h=0x4a0507fe) returned 0x85000f
[0176.439] GdipCreateFromHDC (hdc=0x320107e6, graphics=0xd7e268) returned 0x0
[0176.439] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.439] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0176.439] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0176.439] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0176.439] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0176.439] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0176.440] LocalFree (hMem=0x11ee868) returned 0x0
[0176.440] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0176.440] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0176.440] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0176.440] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0176.440] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0176.440] GdipRestoreGraphics (graphics=0x6600030, state=0xfc1a0dbd) returned 0x0
[0176.440] GdipDeleteRegion (region=0x6646958) returned 0x0
[0176.440] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0176.440] GetCurrentObject (hdc=0x320107e6, type=0x1) returned 0xb00017
[0176.440] GetCurrentObject (hdc=0x320107e6, type=0x2) returned 0x900010
[0176.440] GetCurrentObject (hdc=0x320107e6, type=0x7) returned 0x4a0507fe
[0176.440] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.440] SaveDC (hdc=0x320107e6) returned 1
[0176.440] GetNearestColor (hdc=0x320107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.440] GetNearestColor (hdc=0x320107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.440] GetNearestColor (hdc=0x320107e6, color=0x696969) returned 0x696969
[0176.440] GetNearestColor (hdc=0x320107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.440] GetNearestColor (hdc=0x320107e6, color=0x0) returned 0x0
[0176.440] GetNearestColor (hdc=0x320107e6, color=0xffffff) returned 0xffffff
[0176.440] GetNearestColor (hdc=0x320107e6, color=0xe5e5e5) returned 0xe5e5e5
[0176.440] GetNearestColor (hdc=0x320107e6, color=0xd7d7d7) returned 0xd7d7d7
[0176.441] GetNearestColor (hdc=0x320107e6, color=0x0) returned 0x0
[0176.441] RestoreDC (hdc=0x320107e6, nSavedDC=-1) returned 1
[0176.441] GdipReleaseDC (graphics=0x6600030, hdc=0x320107e6) returned 0x0
[0176.441] IsAppThemed () returned 0x1
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] IsAppThemed () returned 0x1
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2c97c20 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0176.441] IsAppThemed () returned 0x1
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] IsAppThemed () returned 0x1
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] GetThemeAppProperties () returned 0x3
[0176.441] IsAppThemed () returned 0x1
[0176.441] GetThemeAppProperties () returned 0x3
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] IsAppThemed () returned 0x1
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] IsThemePartDefined () returned 0x1
[0176.442] IsAppThemed () returned 0x1
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0176.442] IsAppThemed () returned 0x1
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] IsAppThemed () returned 0x1
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] GetThemeAppProperties () returned 0x3
[0176.442] IsThemePartDefined () returned 0x1
[0176.442] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0176.442] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0176.442] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0176.442] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0176.442] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfe4) returned 0x0
[0176.442] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0176.442] LocalFree (hMem=0x11ee788) returned 0x0
[0176.442] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0176.442] LocalFree (hMem=0x11ee868) returned 0x0
[0176.442] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0176.442] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0176.442] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0176.443] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0176.443] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0176.443] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0176.443] GetCurrentObject (hdc=0x320107e6, type=0x1) returned 0xb00017
[0176.443] GetCurrentObject (hdc=0x320107e6, type=0x2) returned 0x900010
[0176.443] GetCurrentObject (hdc=0x320107e6, type=0x7) returned 0x4a0507fe
[0176.443] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.443] SaveDC (hdc=0x320107e6) returned 1
[0176.443] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x97040807
[0176.443] GetClipRgn (hdc=0x320107e6, hrgn=0x97040807) returned 0
[0176.443] SelectClipRgn (hdc=0x320107e6, hrgn=0x1f0407de) returned 2
[0176.443] DeleteObject (ho=0x97040807) returned 1
[0176.443] DeleteObject (ho=0x1f0407de) returned 1
[0176.443] OffsetViewportOrgEx (in: hdc=0x320107e6, x=0, y=0, lppt=0x2c982d0 | out: lppt=0x2c982d0) returned 1
[0176.443] DrawThemeParentBackground () returned 0x0
[0176.443] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0176.443] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0176.443] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.443] GetSystemMetrics (nIndex=42) returned 0
[0176.444] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0176.444] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0176.444] GetCurrentObject (hdc=0x320107e6, type=0x1) returned 0xb00017
[0176.444] GetCurrentObject (hdc=0x320107e6, type=0x2) returned 0x900010
[0176.444] GetCurrentObject (hdc=0x320107e6, type=0x7) returned 0x4a0507fe
[0176.444] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.444] SaveDC (hdc=0x320107e6) returned 2
[0176.444] GetNearestColor (hdc=0x320107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.444] CreateSolidBrush (color=0xf0f0f0) returned 0x8d1007e1
[0176.444] FillRect (hDC=0x320107e6, lprc=0xd7da30, hbr=0x8d1007e1) returned 1
[0176.444] DeleteObject (ho=0x8d1007e1) returned 1
[0176.444] RestoreDC (hdc=0x320107e6, nSavedDC=-1) returned 1
[0176.444] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.444] GetSystemMetrics (nIndex=42) returned 0
[0176.444] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0176.444] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0176.444] GetCurrentObject (hdc=0x320107e6, type=0x1) returned 0xb00017
[0176.444] GetCurrentObject (hdc=0x320107e6, type=0x2) returned 0x900010
[0176.445] GetCurrentObject (hdc=0x320107e6, type=0x7) returned 0x4a0507fe
[0176.445] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.445] SaveDC (hdc=0x320107e6) returned 2
[0176.445] GetNearestColor (hdc=0x320107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.445] CreateSolidBrush (color=0xf0f0f0) returned 0x8e1007e1
[0176.445] FillRect (hDC=0x320107e6, lprc=0xd7d9d0, hbr=0x8e1007e1) returned 1
[0176.445] DeleteObject (ho=0x8e1007e1) returned 1
[0176.445] RestoreDC (hdc=0x320107e6, nSavedDC=-1) returned 1
[0176.445] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.445] GetSystemMetrics (nIndex=42) returned 0
[0176.445] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0176.445] RestoreDC (hdc=0x320107e6, nSavedDC=-1) returned 1
[0176.445] GdipReleaseDC (graphics=0x6600030, hdc=0x320107e6) returned 0x0
[0176.445] IsAppThemed () returned 0x1
[0176.445] GetThemeAppProperties () returned 0x3
[0176.445] GetThemeAppProperties () returned 0x3
[0176.445] IsAppThemed () returned 0x1
[0176.446] GetThemeAppProperties () returned 0x3
[0176.446] GetThemeAppProperties () returned 0x3
[0176.446] IsThemePartDefined () returned 0x1
[0176.446] GdipCreateRegion (region=0xd7df50) returned 0x0
[0176.446] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0176.446] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0176.446] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0176.446] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0176.446] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.446] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0176.446] LocalFree (hMem=0x11eec58) returned 0x0
[0176.446] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.446] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0176.446] LocalFree (hMem=0x11ee788) returned 0x0
[0176.446] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0176.446] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0176.446] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0176.446] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0176.446] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0176.446] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0176.446] GetCurrentObject (hdc=0x320107e6, type=0x1) returned 0xb00017
[0176.446] GetCurrentObject (hdc=0x320107e6, type=0x2) returned 0x900010
[0176.446] GetCurrentObject (hdc=0x320107e6, type=0x7) returned 0x4a0507fe
[0176.447] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.447] SaveDC (hdc=0x320107e6) returned 1
[0176.447] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x200407de
[0176.447] GetClipRgn (hdc=0x320107e6, hrgn=0x200407de) returned 0
[0176.447] SelectClipRgn (hdc=0x320107e6, hrgn=0x99040807) returned 2
[0176.447] DeleteObject (ho=0x200407de) returned 1
[0176.447] DeleteObject (ho=0x99040807) returned 1
[0176.447] OffsetViewportOrgEx (in: hdc=0x320107e6, x=0, y=0, lppt=0x2c98b7c | out: lppt=0x2c98b7c) returned 1
[0176.447] IsAppThemed () returned 0x1
[0176.447] GetThemeAppProperties () returned 0x3
[0176.447] GetThemeAppProperties () returned 0x3
[0176.447] DrawThemeBackground () returned 0x0
[0176.447] RestoreDC (hdc=0x320107e6, nSavedDC=-1) returned 1
[0176.447] GdipReleaseDC (graphics=0x6600030, hdc=0x320107e6) returned 0x0
[0176.447] GdipCreateRegion (region=0xd7df54) returned 0x0
[0176.447] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0176.447] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0176.448] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0176.448] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df6c) returned 0x0
[0176.448] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0176.448] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0176.448] LocalFree (hMem=0x11eecc8) returned 0x0
[0176.448] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0176.448] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0176.448] LocalFree (hMem=0x11ee868) returned 0x0
[0176.448] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0176.448] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df94) returned 0x0
[0176.448] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df84) returned 0x0
[0176.448] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0176.448] GdipDeleteRegion (region=0x6646298) returned 0x0
[0176.448] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0176.448] GetCurrentObject (hdc=0x320107e6, type=0x1) returned 0xb00017
[0176.448] GetCurrentObject (hdc=0x320107e6, type=0x2) returned 0x900010
[0176.448] GetCurrentObject (hdc=0x320107e6, type=0x7) returned 0x4a0507fe
[0176.448] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.448] SaveDC (hdc=0x320107e6) returned 1
[0176.448] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a040807
[0176.448] GetClipRgn (hdc=0x320107e6, hrgn=0x9a040807) returned 0
[0176.448] SelectClipRgn (hdc=0x320107e6, hrgn=0x210407de) returned 2
[0176.449] DeleteObject (ho=0x9a040807) returned 1
[0176.449] DeleteObject (ho=0x210407de) returned 1
[0176.449] OffsetViewportOrgEx (in: hdc=0x320107e6, x=0, y=0, lppt=0x2c98e50 | out: lppt=0x2c98e50) returned 1
[0176.449] IsAppThemed () returned 0x1
[0176.449] GetThemeAppProperties () returned 0x3
[0176.449] GetThemeAppProperties () returned 0x3
[0176.449] GetThemeBackgroundContentRect () returned 0x0
[0176.449] RestoreDC (hdc=0x320107e6, nSavedDC=-1) returned 1
[0176.449] GdipReleaseDC (graphics=0x6600030, hdc=0x320107e6) returned 0x0
[0176.449] IsAppThemed () returned 0x1
[0176.449] GetThemeAppProperties () returned 0x3
[0176.449] GetThemeAppProperties () returned 0x3
[0176.449] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0176.449] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0176.449] GetCurrentObject (hdc=0x320107e6, type=0x1) returned 0xb00017
[0176.449] GetCurrentObject (hdc=0x320107e6, type=0x2) returned 0x900010
[0176.449] GetCurrentObject (hdc=0x320107e6, type=0x7) returned 0x4a0507fe
[0176.449] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.449] SaveDC (hdc=0x320107e6) returned 1
[0176.449] GetTextAlign (hdc=0x320107e6) returned 0x0
[0176.449] GetTextColor (hdc=0x320107e6) returned 0x0
[0176.449] GetCurrentObject (hdc=0x320107e6, type=0x6) returned 0x8a01c2
[0176.450] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0176.450] SelectObject (hdc=0x320107e6, h=0x6d0a0520) returned 0x8a01c2
[0176.450] GetBkMode (hdc=0x320107e6) returned 2
[0176.450] SetBkMode (hdc=0x320107e6, mode=1) returned 2
[0176.450] DrawTextExW (in: hdc=0x320107e6, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2c991f0 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0176.460] DrawTextExW (in: hdc=0x320107e6, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2c991f0 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0176.461] RestoreDC (hdc=0x320107e6, nSavedDC=-1) returned 1
[0176.461] GdipReleaseDC (graphics=0x6600030, hdc=0x320107e6) returned 0x0
[0176.461] GetFocus () returned 0xd013e
[0176.461] IsAppThemed () returned 0x1
[0176.461] GetThemeAppProperties () returned 0x3
[0176.461] GetThemeAppProperties () returned 0x3
[0176.461] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0176.461] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x320107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.461] GdipReleaseDC (graphics=0x6600030, hdc=0x320107e6) returned 0x0
[0176.461] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.461] SelectObject (hdc=0x320107e6, h=0x85000f) returned 0x4a0507fe
[0176.461] DeleteDC (hdc=0x320107e6) returned 1
[0176.461] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.462] EndPaint (hWnd=0xe00ea, lpPaint=0xd7e24c) returned 1
[0176.462] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.462] IsWindowUnicode (hWnd=0xb02dc) returned 1
[0176.462] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.462] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.462] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.462] BeginPaint (in: hWnd=0xb02dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0176.462] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.462] CreateCompatibleDC (hdc=0xc0107c5) returned 0x340107e6
[0176.462] SelectObject (hdc=0x340107e6, h=0x4a0507fe) returned 0x85000f
[0176.462] GdipCreateFromHDC (hdc=0x340107e6, graphics=0xd7e268) returned 0x0
[0176.462] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.462] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0176.462] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0176.463] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0176.463] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0176.463] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.463] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0176.463] LocalFree (hMem=0x11eec58) returned 0x0
[0176.463] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0176.463] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0176.463] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0176.463] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0176.463] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0176.463] GdipRestoreGraphics (graphics=0x6600030, state=0xfc180dbd) returned 0x0
[0176.463] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0176.463] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0176.463] GetCurrentObject (hdc=0x340107e6, type=0x1) returned 0xb00017
[0176.463] GetCurrentObject (hdc=0x340107e6, type=0x2) returned 0x900010
[0176.463] GetCurrentObject (hdc=0x340107e6, type=0x7) returned 0x4a0507fe
[0176.463] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.463] SaveDC (hdc=0x340107e6) returned 1
[0176.463] GetNearestColor (hdc=0x340107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.463] GetNearestColor (hdc=0x340107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.464] GetNearestColor (hdc=0x340107e6, color=0x696969) returned 0x696969
[0176.464] GetNearestColor (hdc=0x340107e6, color=0xa0a0a0) returned 0xa0a0a0
[0176.464] GetNearestColor (hdc=0x340107e6, color=0x0) returned 0x0
[0176.464] GetNearestColor (hdc=0x340107e6, color=0xffffff) returned 0xffffff
[0176.464] GetNearestColor (hdc=0x340107e6, color=0xe5e5e5) returned 0xe5e5e5
[0176.464] GetNearestColor (hdc=0x340107e6, color=0xd7d7d7) returned 0xd7d7d7
[0176.464] GetNearestColor (hdc=0x340107e6, color=0x0) returned 0x0
[0176.464] RestoreDC (hdc=0x340107e6, nSavedDC=-1) returned 1
[0176.464] GdipReleaseDC (graphics=0x6600030, hdc=0x340107e6) returned 0x0
[0176.464] IsAppThemed () returned 0x1
[0176.464] GetThemeAppProperties () returned 0x3
[0176.464] GetThemeAppProperties () returned 0x3
[0176.464] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0176.464] SendMessageW (hWnd=0x9005a, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0176.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0176.464] IsAppThemed () returned 0x1
[0176.464] GetThemeAppProperties () returned 0x3
[0176.464] GetThemeAppProperties () returned 0x3
[0176.464] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2c99a00 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0176.465] IsAppThemed () returned 0x1
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] IsAppThemed () returned 0x1
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] GetFocus () returned 0xd013e
[0176.465] IsAppThemed () returned 0x1
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] IsAppThemed () returned 0x1
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] IsThemePartDefined () returned 0x1
[0176.465] IsAppThemed () returned 0x1
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0176.465] IsAppThemed () returned 0x1
[0176.465] GetThemeAppProperties () returned 0x3
[0176.465] GetThemeAppProperties () returned 0x3
[0176.500] IsAppThemed () returned 0x1
[0176.501] GetThemeAppProperties () returned 0x3
[0176.501] GetThemeAppProperties () returned 0x3
[0176.501] IsThemePartDefined () returned 0x1
[0176.501] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0176.501] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0176.501] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0176.501] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0176.501] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0176.501] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.501] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0176.501] LocalFree (hMem=0x11ee788) returned 0x0
[0176.501] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0176.501] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0176.501] LocalFree (hMem=0x11ee868) returned 0x0
[0176.501] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0176.501] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0176.501] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0176.501] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0176.501] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0176.501] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0176.502] GetCurrentObject (hdc=0x340107e6, type=0x1) returned 0xb00017
[0176.502] GetCurrentObject (hdc=0x340107e6, type=0x2) returned 0x900010
[0176.502] GetCurrentObject (hdc=0x340107e6, type=0x7) returned 0x4a0507fe
[0176.502] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.502] SaveDC (hdc=0x340107e6) returned 1
[0176.502] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x220407de
[0176.502] GetClipRgn (hdc=0x340107e6, hrgn=0x220407de) returned 0
[0176.502] SelectClipRgn (hdc=0x340107e6, hrgn=0x9e040807) returned 2
[0176.502] DeleteObject (ho=0x220407de) returned 1
[0176.502] DeleteObject (ho=0x9e040807) returned 1
[0176.502] OffsetViewportOrgEx (in: hdc=0x340107e6, x=0, y=0, lppt=0x2c9a0b0 | out: lppt=0x2c9a0b0) returned 1
[0176.502] DrawThemeParentBackground () returned 0x0
[0176.502] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0176.503] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0176.503] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.503] GetSystemMetrics (nIndex=42) returned 0
[0176.503] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0176.503] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0176.503] GetCurrentObject (hdc=0x340107e6, type=0x1) returned 0xb00017
[0176.503] GetCurrentObject (hdc=0x340107e6, type=0x2) returned 0x900010
[0176.503] GetCurrentObject (hdc=0x340107e6, type=0x7) returned 0x4a0507fe
[0176.503] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.503] SaveDC (hdc=0x340107e6) returned 2
[0176.503] GetNearestColor (hdc=0x340107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.503] CreateSolidBrush (color=0xf0f0f0) returned 0x8f1007e1
[0176.503] FillRect (hDC=0x340107e6, lprc=0xd7da38, hbr=0x8f1007e1) returned 1
[0176.503] DeleteObject (ho=0x8f1007e1) returned 1
[0176.503] RestoreDC (hdc=0x340107e6, nSavedDC=-1) returned 1
[0176.503] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.504] GetSystemMetrics (nIndex=42) returned 0
[0176.504] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.504] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0176.504] GetCurrentObject (hdc=0x340107e6, type=0x1) returned 0xb00017
[0176.504] GetCurrentObject (hdc=0x340107e6, type=0x2) returned 0x900010
[0176.504] GetCurrentObject (hdc=0x340107e6, type=0x7) returned 0x4a0507fe
[0176.504] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.504] SaveDC (hdc=0x340107e6) returned 2
[0176.504] GetNearestColor (hdc=0x340107e6, color=0xf0f0f0) returned 0xf0f0f0
[0176.504] CreateSolidBrush (color=0xf0f0f0) returned 0x901007e1
[0176.504] FillRect (hDC=0x340107e6, lprc=0xd7d9d8, hbr=0x901007e1) returned 1
[0176.504] DeleteObject (ho=0x901007e1) returned 1
[0176.504] RestoreDC (hdc=0x340107e6, nSavedDC=-1) returned 1
[0176.504] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.504] GetSystemMetrics (nIndex=42) returned 0
[0176.504] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.505] RestoreDC (hdc=0x340107e6, nSavedDC=-1) returned 1
[0176.505] GdipReleaseDC (graphics=0x6600030, hdc=0x340107e6) returned 0x0
[0176.505] IsAppThemed () returned 0x1
[0176.505] GetThemeAppProperties () returned 0x3
[0176.505] GetThemeAppProperties () returned 0x3
[0176.505] IsAppThemed () returned 0x1
[0176.505] GetThemeAppProperties () returned 0x3
[0176.505] GetThemeAppProperties () returned 0x3
[0176.505] IsThemePartDefined () returned 0x1
[0176.505] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0176.505] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0176.505] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0176.505] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0176.505] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df74) returned 0x0
[0176.505] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.505] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0176.505] LocalFree (hMem=0x11ee788) returned 0x0
[0176.505] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0176.505] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0176.505] LocalFree (hMem=0x11ee8d8) returned 0x0
[0176.505] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0176.505] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0176.505] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0176.506] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0176.506] GdipDeleteRegion (region=0x6646718) returned 0x0
[0176.506] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0176.506] GetCurrentObject (hdc=0x340107e6, type=0x1) returned 0xb00017
[0176.506] GetCurrentObject (hdc=0x340107e6, type=0x2) returned 0x900010
[0176.506] GetCurrentObject (hdc=0x340107e6, type=0x7) returned 0x4a0507fe
[0176.506] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.506] SaveDC (hdc=0x340107e6) returned 1
[0176.506] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f040807
[0176.506] GetClipRgn (hdc=0x340107e6, hrgn=0x9f040807) returned 0
[0176.506] SelectClipRgn (hdc=0x340107e6, hrgn=0x240407de) returned 2
[0176.506] DeleteObject (ho=0x9f040807) returned 1
[0176.506] DeleteObject (ho=0x240407de) returned 1
[0176.506] OffsetViewportOrgEx (in: hdc=0x340107e6, x=0, y=0, lppt=0x2c9a95c | out: lppt=0x2c9a95c) returned 1
[0176.506] IsAppThemed () returned 0x1
[0176.506] GetThemeAppProperties () returned 0x3
[0176.506] GetThemeAppProperties () returned 0x3
[0176.506] DrawThemeBackground () returned 0x0
[0176.506] RestoreDC (hdc=0x340107e6, nSavedDC=-1) returned 1
[0176.506] GdipReleaseDC (graphics=0x6600030, hdc=0x340107e6) returned 0x0
[0176.507] GdipCreateRegion (region=0xd7df60) returned 0x0
[0176.507] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0176.507] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0176.507] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0176.507] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df78) returned 0x0
[0176.507] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0176.507] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0176.507] LocalFree (hMem=0x11ee9f0) returned 0x0
[0176.507] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.507] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0176.507] LocalFree (hMem=0x11ee788) returned 0x0
[0176.507] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0176.507] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0176.507] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0176.507] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0176.507] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0176.507] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0176.507] GetCurrentObject (hdc=0x340107e6, type=0x1) returned 0xb00017
[0176.507] GetCurrentObject (hdc=0x340107e6, type=0x2) returned 0x900010
[0176.507] GetCurrentObject (hdc=0x340107e6, type=0x7) returned 0x4a0507fe
[0176.507] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.507] SaveDC (hdc=0x340107e6) returned 1
[0176.508] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x250407de
[0176.508] GetClipRgn (hdc=0x340107e6, hrgn=0x250407de) returned 0
[0176.508] SelectClipRgn (hdc=0x340107e6, hrgn=0xa0040807) returned 2
[0176.508] DeleteObject (ho=0x250407de) returned 1
[0176.508] DeleteObject (ho=0xa0040807) returned 1
[0176.508] OffsetViewportOrgEx (in: hdc=0x340107e6, x=0, y=0, lppt=0x2c9ac30 | out: lppt=0x2c9ac30) returned 1
[0176.508] IsAppThemed () returned 0x1
[0176.508] GetThemeAppProperties () returned 0x3
[0176.508] GetThemeAppProperties () returned 0x3
[0176.508] GetThemeBackgroundContentRect () returned 0x0
[0176.508] RestoreDC (hdc=0x340107e6, nSavedDC=-1) returned 1
[0176.508] GdipReleaseDC (graphics=0x6600030, hdc=0x340107e6) returned 0x0
[0176.508] IsAppThemed () returned 0x1
[0176.508] GetThemeAppProperties () returned 0x3
[0176.508] GetThemeAppProperties () returned 0x3
[0176.508] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0176.508] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0176.508] GetCurrentObject (hdc=0x340107e6, type=0x1) returned 0xb00017
[0176.508] GetCurrentObject (hdc=0x340107e6, type=0x2) returned 0x900010
[0176.508] GetCurrentObject (hdc=0x340107e6, type=0x7) returned 0x4a0507fe
[0176.508] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.508] SaveDC (hdc=0x340107e6) returned 1
[0176.509] GetTextAlign (hdc=0x340107e6) returned 0x0
[0176.509] GetTextColor (hdc=0x340107e6) returned 0x0
[0176.509] GetCurrentObject (hdc=0x340107e6, type=0x6) returned 0x8a01c2
[0176.509] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0176.509] SelectObject (hdc=0x340107e6, h=0x6d0a0520) returned 0x8a01c2
[0176.509] GetBkMode (hdc=0x340107e6) returned 2
[0176.509] SetBkMode (hdc=0x340107e6, mode=1) returned 2
[0176.509] DrawTextExW (in: hdc=0x340107e6, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2c9afd0 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0176.509] DrawTextExW (in: hdc=0x340107e6, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c9afd0 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0176.509] RestoreDC (hdc=0x340107e6, nSavedDC=-1) returned 1
[0176.509] GdipReleaseDC (graphics=0x6600030, hdc=0x340107e6) returned 0x0
[0176.510] GetFocus () returned 0xd013e
[0176.510] IsAppThemed () returned 0x1
[0176.510] GetThemeAppProperties () returned 0x3
[0176.510] GetThemeAppProperties () returned 0x3
[0176.510] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0176.510] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x340107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.510] GdipReleaseDC (graphics=0x6600030, hdc=0x340107e6) returned 0x0
[0176.510] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.510] SelectObject (hdc=0x340107e6, h=0x85000f) returned 0x4a0507fe
[0176.510] DeleteDC (hdc=0x340107e6) returned 1
[0176.510] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.510] EndPaint (hWnd=0xb02dc, lpPaint=0xd7e24c) returned 1
[0176.510] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0176.511] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.511] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0176.511] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.512] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.512] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0176.513] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.513] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.513] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.513] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.513] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.514] IsWindowUnicode (hWnd=0x602c4) returned 1
[0176.514] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.514] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.514] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.514] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0176.514] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.514] CreateCompatibleDC (hdc=0xf0105ee) returned 0x360107e6
[0176.514] SelectObject (hdc=0x360107e6, h=0x4a0507fe) returned 0x85000f
[0176.514] GdipCreateFromHDC (hdc=0x360107e6, graphics=0xd7e268) returned 0x0
[0176.515] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.515] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0176.515] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0176.515] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0176.515] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0176.515] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0176.515] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0176.515] LocalFree (hMem=0x11eecc8) returned 0x0
[0176.515] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0176.515] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0176.515] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0176.515] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0176.515] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0176.515] GdipRestoreGraphics (graphics=0x6600030, state=0xfc160dbd) returned 0x0
[0176.515] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0176.515] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0176.515] GetCurrentObject (hdc=0x360107e6, type=0x1) returned 0xb00017
[0176.515] GetCurrentObject (hdc=0x360107e6, type=0x2) returned 0x900010
[0176.515] GetCurrentObject (hdc=0x360107e6, type=0x7) returned 0x4a0507fe
[0176.516] GetCurrentObject (hdc=0x360107e6, type=0x6) returned 0x8a01c2
[0176.516] SaveDC (hdc=0x360107e6) returned 1
[0176.516] GetNearestColor (hdc=0x360107e6, color=0xff) returned 0xff
[0176.516] GetNearestColor (hdc=0x360107e6, color=0x55) returned 0x55
[0176.516] GetNearestColor (hdc=0x360107e6, color=0x0) returned 0x0
[0176.516] GetNearestColor (hdc=0x360107e6, color=0x55) returned 0x55
[0176.516] GetNearestColor (hdc=0x360107e6, color=0x0) returned 0x0
[0176.516] GetNearestColor (hdc=0x360107e6, color=0x8080ff) returned 0x8080ff
[0176.516] GetNearestColor (hdc=0x360107e6, color=0x7373e5) returned 0x7373e5
[0176.516] GetNearestColor (hdc=0x360107e6, color=0xe5) returned 0xe5
[0176.516] GetNearestColor (hdc=0x360107e6, color=0x0) returned 0x0
[0176.516] RestoreDC (hdc=0x360107e6, nSavedDC=-1) returned 1
[0176.516] GdipReleaseDC (graphics=0x6600030, hdc=0x360107e6) returned 0x0
[0176.516] IsAppThemed () returned 0x1
[0176.516] GetThemeAppProperties () returned 0x3
[0176.516] GetThemeAppProperties () returned 0x3
[0176.516] IsAppThemed () returned 0x1
[0176.516] GetThemeAppProperties () returned 0x3
[0176.516] GetThemeAppProperties () returned 0x3
[0176.517] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2c9b798 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0176.517] IsAppThemed () returned 0x1
[0176.517] GetThemeAppProperties () returned 0x3
[0176.517] GetThemeAppProperties () returned 0x3
[0176.517] IsAppThemed () returned 0x1
[0176.517] GetThemeAppProperties () returned 0x3
[0176.517] GetThemeAppProperties () returned 0x3
[0176.517] GetFocus () returned 0xd013e
[0176.517] IsAppThemed () returned 0x1
[0176.517] GetThemeAppProperties () returned 0x3
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] IsAppThemed () returned 0x1
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] IsThemePartDefined () returned 0x1
[0176.518] IsAppThemed () returned 0x1
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0176.518] IsAppThemed () returned 0x1
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] IsAppThemed () returned 0x1
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] GetThemeAppProperties () returned 0x3
[0176.518] IsThemePartDefined () returned 0x1
[0176.518] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0176.518] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0176.518] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0176.518] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0176.518] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0176.518] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0176.518] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0176.518] LocalFree (hMem=0x11eecc8) returned 0x0
[0176.518] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.518] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0176.518] LocalFree (hMem=0x11eec58) returned 0x0
[0176.519] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0176.519] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e018) returned 0x0
[0176.519] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e008) returned 0x0
[0176.519] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0176.519] GdipDeleteRegion (region=0x6646718) returned 0x0
[0176.519] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0176.519] GetCurrentObject (hdc=0x360107e6, type=0x1) returned 0xb00017
[0176.519] GetCurrentObject (hdc=0x360107e6, type=0x2) returned 0x900010
[0176.519] GetCurrentObject (hdc=0x360107e6, type=0x7) returned 0x4a0507fe
[0176.519] GetCurrentObject (hdc=0x360107e6, type=0x6) returned 0x8a01c2
[0176.519] SaveDC (hdc=0x360107e6) returned 1
[0176.519] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa1040807
[0176.519] GetClipRgn (hdc=0x360107e6, hrgn=0xa1040807) returned 0
[0176.519] SelectClipRgn (hdc=0x360107e6, hrgn=0x290407de) returned 2
[0176.519] DeleteObject (ho=0xa1040807) returned 1
[0176.519] DeleteObject (ho=0x290407de) returned 1
[0176.519] OffsetViewportOrgEx (in: hdc=0x360107e6, x=0, y=0, lppt=0x2c9be48 | out: lppt=0x2c9be48) returned 1
[0176.519] DrawThemeParentBackground () returned 0x0
[0176.519] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0176.520] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0176.520] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.520] GetSystemMetrics (nIndex=42) returned 0
[0176.520] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0176.520] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0176.520] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0176.520] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0176.520] SelectPalette (hdc=0x360107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.520] GdipCreateFromHDC (hdc=0x360107e6, graphics=0xd7dac8) returned 0x0
[0176.520] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0176.520] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0176.520] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c98) returned 0x0
[0176.520] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7daa0) returned 0x0
[0176.520] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0176.520] GdipCreateRegion (region=0xd7da88) returned 0x0
[0176.520] GdipGetClip (graphics=0x6638e08, region=0x6646838) returned 0x0
[0176.520] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6638e08, result=0xd7da94) returned 0x0
[0176.520] GdipDeleteRegion (region=0x6646838) returned 0x0
[0176.521] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dac0) returned 0x0
[0176.521] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0176.533] GdipFillRectangleI (graphics=0x6638e08, brush=0x66367d8, x=0, y=0, width=801, height=453) returned 0x0
[0176.533] GdipDeleteBrush (brush=0x66367d8) returned 0x0
[0176.535] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0176.535] SelectPalette (hdc=0x360107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.535] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.535] GetSystemMetrics (nIndex=42) returned 0
[0176.535] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.535] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0176.535] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0176.535] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0176.535] SelectPalette (hdc=0x360107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.535] GdipCreateFromHDC (hdc=0x360107e6, graphics=0xd7da68) returned 0x0
[0176.536] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0176.536] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0176.536] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638b18) returned 0x0
[0176.536] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7da40) returned 0x0
[0176.536] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0176.536] GdipCreateRegion (region=0xd7da28) returned 0x0
[0176.536] GdipGetClip (graphics=0x6638e08, region=0x6646dd8) returned 0x0
[0176.536] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6638e08, result=0xd7da34) returned 0x0
[0176.536] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0176.536] GdipSaveGraphics (graphics=0x6638e08, state=0xd7da60) returned 0x0
[0176.536] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0176.550] GdipFillRectangleI (graphics=0x6638e08, brush=0x66362f8, x=0, y=0, width=801, height=453) returned 0x0
[0176.550] GdipDeleteBrush (brush=0x66362f8) returned 0x0
[0176.552] GdipRestoreGraphics (graphics=0x6638e08, state=0xfc120dbd) returned 0x0
[0176.552] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.552] GetSystemMetrics (nIndex=42) returned 0
[0176.552] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0176.552] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0176.552] SelectPalette (hdc=0x360107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.553] RestoreDC (hdc=0x360107e6, nSavedDC=-1) returned 1
[0176.553] GdipReleaseDC (graphics=0x6600030, hdc=0x360107e6) returned 0x0
[0176.553] IsAppThemed () returned 0x1
[0176.553] GetThemeAppProperties () returned 0x3
[0176.553] GetThemeAppProperties () returned 0x3
[0176.553] IsAppThemed () returned 0x1
[0176.553] GetThemeAppProperties () returned 0x3
[0176.553] GetThemeAppProperties () returned 0x3
[0176.553] IsThemePartDefined () returned 0x1
[0176.553] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0176.553] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0176.553] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0176.553] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0176.553] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0176.553] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0176.554] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0176.554] LocalFree (hMem=0x11ee9f0) returned 0x0
[0176.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.554] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0176.554] LocalFree (hMem=0x11eec58) returned 0x0
[0176.554] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0176.554] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0176.554] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0176.554] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0176.554] GdipDeleteRegion (region=0x6646838) returned 0x0
[0176.554] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0176.554] GetCurrentObject (hdc=0x360107e6, type=0x1) returned 0xb00017
[0176.554] GetCurrentObject (hdc=0x360107e6, type=0x2) returned 0x900010
[0176.554] GetCurrentObject (hdc=0x360107e6, type=0x7) returned 0x4a0507fe
[0176.554] GetCurrentObject (hdc=0x360107e6, type=0x6) returned 0x8a01c2
[0176.554] SaveDC (hdc=0x360107e6) returned 1
[0176.554] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2a0407de
[0176.554] GetClipRgn (hdc=0x360107e6, hrgn=0x2a0407de) returned 0
[0176.555] SelectClipRgn (hdc=0x360107e6, hrgn=0xa3040807) returned 2
[0176.555] DeleteObject (ho=0x2a0407de) returned 1
[0176.555] DeleteObject (ho=0xa3040807) returned 1
[0176.555] OffsetViewportOrgEx (in: hdc=0x360107e6, x=0, y=0, lppt=0x2ca2698 | out: lppt=0x2ca2698) returned 1
[0176.555] IsAppThemed () returned 0x1
[0176.555] GetThemeAppProperties () returned 0x3
[0176.555] GetThemeAppProperties () returned 0x3
[0176.555] DrawThemeBackground () returned 0x0
[0176.555] RestoreDC (hdc=0x360107e6, nSavedDC=-1) returned 1
[0176.555] GdipReleaseDC (graphics=0x6600030, hdc=0x360107e6) returned 0x0
[0176.555] GdipCreateRegion (region=0xd7df60) returned 0x0
[0176.555] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0176.555] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0176.555] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0176.555] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0176.555] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0176.555] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0176.556] LocalFree (hMem=0x11ee868) returned 0x0
[0176.556] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0176.556] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0176.556] LocalFree (hMem=0x11ee868) returned 0x0
[0176.556] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0176.556] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0176.556] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df90) returned 0x0
[0176.556] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0176.556] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0176.556] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0176.556] GetCurrentObject (hdc=0x360107e6, type=0x1) returned 0xb00017
[0176.556] GetCurrentObject (hdc=0x360107e6, type=0x2) returned 0x900010
[0176.556] GetCurrentObject (hdc=0x360107e6, type=0x7) returned 0x4a0507fe
[0176.556] GetCurrentObject (hdc=0x360107e6, type=0x6) returned 0x8a01c2
[0176.556] SaveDC (hdc=0x360107e6) returned 1
[0176.556] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa4040807
[0176.556] GetClipRgn (hdc=0x360107e6, hrgn=0xa4040807) returned 0
[0176.557] SelectClipRgn (hdc=0x360107e6, hrgn=0x2b0407de) returned 2
[0176.557] DeleteObject (ho=0xa4040807) returned 1
[0176.557] DeleteObject (ho=0x2b0407de) returned 1
[0176.557] OffsetViewportOrgEx (in: hdc=0x360107e6, x=0, y=0, lppt=0x2ca296c | out: lppt=0x2ca296c) returned 1
[0176.557] IsAppThemed () returned 0x1
[0176.557] GetThemeAppProperties () returned 0x3
[0176.557] GetThemeAppProperties () returned 0x3
[0176.557] GetThemeBackgroundContentRect () returned 0x0
[0176.557] RestoreDC (hdc=0x360107e6, nSavedDC=-1) returned 1
[0176.557] GdipReleaseDC (graphics=0x6600030, hdc=0x360107e6) returned 0x0
[0176.557] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0176.557] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0176.557] GdipFillRectangleI (graphics=0x6600030, brush=0x6656ac0, x=4, y=4, width=67, height=15) returned 0x0
[0176.557] GdipDeleteBrush (brush=0x6656ac0) returned 0x0
[0176.557] IsAppThemed () returned 0x1
[0176.558] GetThemeAppProperties () returned 0x3
[0176.558] GetThemeAppProperties () returned 0x3
[0176.558] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0176.558] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0176.558] GetCurrentObject (hdc=0x360107e6, type=0x1) returned 0xb00017
[0176.558] GetCurrentObject (hdc=0x360107e6, type=0x2) returned 0x900010
[0176.558] GetCurrentObject (hdc=0x360107e6, type=0x7) returned 0x4a0507fe
[0176.558] GetCurrentObject (hdc=0x360107e6, type=0x6) returned 0x8a01c2
[0176.558] SaveDC (hdc=0x360107e6) returned 1
[0176.558] GetTextAlign (hdc=0x360107e6) returned 0x0
[0176.558] GetTextColor (hdc=0x360107e6) returned 0x0
[0176.558] GetCurrentObject (hdc=0x360107e6, type=0x6) returned 0x8a01c2
[0176.558] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0176.558] SelectObject (hdc=0x360107e6, h=0x6d0a0520) returned 0x8a01c2
[0176.559] GetBkMode (hdc=0x360107e6) returned 2
[0176.559] SetBkMode (hdc=0x360107e6, mode=1) returned 2
[0176.559] DrawTextExW (in: hdc=0x360107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2ca2d30 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0176.559] DrawTextExW (in: hdc=0x360107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ca2d30 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0176.560] RestoreDC (hdc=0x360107e6, nSavedDC=-1) returned 1
[0176.560] GdipReleaseDC (graphics=0x6600030, hdc=0x360107e6) returned 0x0
[0176.564] GetFocus () returned 0xd013e
[0176.564] IsAppThemed () returned 0x1
[0176.564] GetThemeAppProperties () returned 0x3
[0176.564] GetThemeAppProperties () returned 0x3
[0176.564] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0176.564] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x360107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.565] GdipReleaseDC (graphics=0x6600030, hdc=0x360107e6) returned 0x0
[0176.565] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.565] SelectObject (hdc=0x360107e6, h=0x85000f) returned 0x4a0507fe
[0176.565] DeleteDC (hdc=0x360107e6) returned 1
[0176.565] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.565] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0176.565] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.565] IsWindowUnicode (hWnd=0xe00ea) returned 1
[0176.565] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.565] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.566] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.566] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.566] IsWindowUnicode (hWnd=0xe00ea) returned 1
[0176.566] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.566] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.566] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x2a1, wParam=0x0, lParam=0xd0049) returned 0x0
[0176.566] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.566] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.566] WaitMessage () returned 1
[0176.585] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.585] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.585] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.585] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.585] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.586] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.586] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.586] WaitMessage () returned 1
[0176.588] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.588] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.588] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.588] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.588] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.589] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.589] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.589] WaitMessage () returned 1
[0176.596] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.596] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.596] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.596] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.596] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.598] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.598] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.598] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.598] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.599] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.599] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.599] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.599] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.599] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.599] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.599] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.600] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.601] WaitMessage () returned 1
[0176.601] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.601] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.601] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.601] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.601] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.603] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.603] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.603] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.603] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.604] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.604] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.604] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.604] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.604] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.604] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.604] WaitMessage () returned 1
[0176.604] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.605] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.605] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.605] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.605] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.606] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.606] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.606] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.607] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.607] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.607] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.607] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.607] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.607] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.607] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.607] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.607] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.607] WaitMessage () returned 1
[0176.609] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.609] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.609] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.609] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.609] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.611] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.611] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.611] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.611] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.611] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.611] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.611] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.611] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.611] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.611] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.611] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.612] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0176.612] WaitMessage () returned 1
[0176.665] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.665] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.665] IsWindowUnicode (hWnd=0xe00ea) returned 1
[0176.665] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.665] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.666] GetDlgItem (hDlg=0x9005a, nIDDlgItem=0) returned 0x0
[0176.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x210, wParam=0x201, lParam=0x6b012a) returned 0x0
[0176.666] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x21, wParam=0x9005a, lParam=0x2010001) returned 0x1
[0176.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x21, wParam=0x9005a, lParam=0x2010001) returned 0x1
[0176.666] SetCursor (hCursor=0x10003) returned 0x10003
[0176.666] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.666] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.666] GetKeyState (nVirtKey=1) returned -127
[0176.666] GetKeyState (nVirtKey=2) returned 0
[0176.666] GetKeyState (nVirtKey=4) returned 0
[0176.666] GetKeyState (nVirtKey=5) returned 0
[0176.666] GetKeyState (nVirtKey=6) returned 0
[0176.666] IsWindowVisible (hWnd=0xe00ea) returned 1
[0176.666] IsWindowEnabled (hWnd=0xe00ea) returned 1
[0176.666] SetFocus (hWnd=0xe00ea) returned 0xd013e
[0176.667] GetFocus () returned 0xe00ea
[0176.667] IsChild (hWndParent=0x9005a, hWnd=0xe00ea) returned 1
[0176.667] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x8, wParam=0xe00ea, lParam=0x0) returned 0x0
[0176.667] GetCapture () returned 0x0
[0176.667] InvalidateRect (hWnd=0xd013e, lpRect=0x0, bErase=0) returned 1
[0176.668] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0176.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0176.679] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.679] InvalidateRect (hWnd=0xd013e, lpRect=0x0, bErase=0) returned 1
[0176.680] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x7, wParam=0xd013e, lParam=0x0) returned 0x0
[0176.680] GetStockObject (i=5) returned 0x900015
[0176.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0176.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0176.680] GetDlgItem (hDlg=0x9005a, nIDDlgItem=917738) returned 0xe00ea
[0176.680] SendMessageW (hWnd=0xe00ea, Msg=0x202b, wParam=0xe00ea, lParam=0xd7dddc) returned 0x0
[0176.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x202b, wParam=0xe00ea, lParam=0xd7dddc) returned 0x0
[0176.680] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.681] GetFocus () returned 0xe00ea
[0176.681] GetFocus () returned 0xe00ea
[0176.681] GetFocus () returned 0xe00ea
[0176.681] GetKeyState (nVirtKey=1) returned -127
[0176.681] GetKeyState (nVirtKey=2) returned 0
[0176.682] GetKeyState (nVirtKey=4) returned 0
[0176.682] GetKeyState (nVirtKey=5) returned 0
[0176.682] GetKeyState (nVirtKey=6) returned 0
[0176.682] GetCapture () returned 0x0
[0176.682] SetCapture (hWnd=0xe00ea) returned 0x0
[0176.682] GetKeyState (nVirtKey=1) returned -127
[0176.682] GetKeyState (nVirtKey=2) returned 0
[0176.682] GetKeyState (nVirtKey=4) returned 0
[0176.682] GetKeyState (nVirtKey=5) returned 0
[0176.682] GetKeyState (nVirtKey=6) returned 0
[0176.682] NotifyWinEvent (event=0x800a, hwnd=0xe00ea, idObject=-4, idChild=0)
[0176.682] InvalidateRect (hWnd=0xe00ea, lpRect=0xd7e430, bErase=0) returned 1
[0176.682] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.682] IsWindowUnicode (hWnd=0xe00ea) returned 1
[0176.682] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.682] TranslateMessage (lpMsg=0xd7e808) returned 0
[0176.682] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0176.682] MapWindowPoints (in: hWndFrom=0xe00ea, hWndTo=0x0, lpPoints=0x2ca301c, cPoints=0x1 | out: lpPoints=0x2ca301c) returned 30999254
[0176.682] NotifyWinEvent (event=0x800a, hwnd=0xe00ea, idObject=-4, idChild=0)
[0176.682] InvalidateRect (hWnd=0xe00ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0176.682] UpdateWindow (hWnd=0xe00ea) returned 1
[0176.682] BeginPaint (in: hWnd=0xe00ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0176.683] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.683] CreateCompatibleDC (hdc=0x10105d6) returned 0x940107da
[0176.683] SelectObject (hdc=0x940107da, h=0x4a0507fe) returned 0x85000f
[0176.683] GdipCreateFromHDC (hdc=0x940107da, graphics=0xd7df00) returned 0x0
[0176.683] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.683] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0176.683] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0176.683] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0176.683] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df60) returned 0x0
[0176.683] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0176.683] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea60) returned 0x0
[0176.683] LocalFree (hMem=0x11eea60) returned 0x0
[0176.683] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0176.683] GdipCreateRegion (region=0xd7df48) returned 0x0
[0176.683] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0176.683] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0176.683] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0176.684] GdipRestoreGraphics (graphics=0x6600030, state=0xfc100dbd) returned 0x0
[0176.684] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0176.684] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0176.684] GetCurrentObject (hdc=0x940107da, type=0x1) returned 0xb00017
[0176.684] GetCurrentObject (hdc=0x940107da, type=0x2) returned 0x900010
[0176.684] GetCurrentObject (hdc=0x940107da, type=0x7) returned 0x4a0507fe
[0176.684] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.684] SaveDC (hdc=0x940107da) returned 1
[0176.684] GetNearestColor (hdc=0x940107da, color=0xf0f0f0) returned 0xf0f0f0
[0176.684] GetNearestColor (hdc=0x940107da, color=0xa0a0a0) returned 0xa0a0a0
[0176.684] GetNearestColor (hdc=0x940107da, color=0x696969) returned 0x696969
[0176.684] GetNearestColor (hdc=0x940107da, color=0xa0a0a0) returned 0xa0a0a0
[0176.684] GetNearestColor (hdc=0x940107da, color=0x0) returned 0x0
[0176.684] GetNearestColor (hdc=0x940107da, color=0xffffff) returned 0xffffff
[0176.690] GetNearestColor (hdc=0x940107da, color=0xe5e5e5) returned 0xe5e5e5
[0176.690] GetNearestColor (hdc=0x940107da, color=0xd7d7d7) returned 0xd7d7d7
[0176.690] GetNearestColor (hdc=0x940107da, color=0x0) returned 0x0
[0176.690] RestoreDC (hdc=0x940107da, nSavedDC=-1) returned 1
[0176.690] GdipReleaseDC (graphics=0x6600030, hdc=0x940107da) returned 0x0
[0176.690] IsAppThemed () returned 0x1
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] IsAppThemed () returned 0x1
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2ca3774 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0176.691] IsAppThemed () returned 0x1
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] IsAppThemed () returned 0x1
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] IsAppThemed () returned 0x1
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] IsAppThemed () returned 0x1
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] GetThemeAppProperties () returned 0x3
[0176.691] IsThemePartDefined () returned 0x1
[0176.691] IsAppThemed () returned 0x1
[0176.692] GetThemeAppProperties () returned 0x3
[0176.692] GetThemeAppProperties () returned 0x3
[0176.692] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0176.692] IsAppThemed () returned 0x1
[0176.692] GetThemeAppProperties () returned 0x3
[0176.692] GetThemeAppProperties () returned 0x3
[0176.692] IsAppThemed () returned 0x1
[0176.692] GetThemeAppProperties () returned 0x3
[0176.692] GetThemeAppProperties () returned 0x3
[0176.692] IsThemePartDefined () returned 0x1
[0176.692] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0176.692] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0176.692] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0176.692] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0176.692] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc7c) returned 0x0
[0176.692] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.692] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0176.692] LocalFree (hMem=0x11ee788) returned 0x0
[0176.692] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0176.692] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0176.692] LocalFree (hMem=0x11ee9f0) returned 0x0
[0176.692] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0176.692] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0176.692] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0176.692] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0176.693] GdipDeleteRegion (region=0x6646448) returned 0x0
[0176.693] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0176.693] GetCurrentObject (hdc=0x940107da, type=0x1) returned 0xb00017
[0176.693] GetCurrentObject (hdc=0x940107da, type=0x2) returned 0x900010
[0176.693] GetCurrentObject (hdc=0x940107da, type=0x7) returned 0x4a0507fe
[0176.693] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.693] SaveDC (hdc=0x940107da) returned 1
[0176.693] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2c0407de
[0176.693] GetClipRgn (hdc=0x940107da, hrgn=0x2c0407de) returned 0
[0176.693] SelectClipRgn (hdc=0x940107da, hrgn=0xa8040807) returned 2
[0176.693] DeleteObject (ho=0x2c0407de) returned 1
[0176.693] DeleteObject (ho=0xa8040807) returned 1
[0176.693] OffsetViewportOrgEx (in: hdc=0x940107da, x=0, y=0, lppt=0x2ca3e24 | out: lppt=0x2ca3e24) returned 1
[0176.693] DrawThemeParentBackground () returned 0x0
[0176.693] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0176.693] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0176.693] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.693] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.694] GetSystemMetrics (nIndex=42) returned 0
[0176.694] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0176.694] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0176.694] GetCurrentObject (hdc=0x940107da, type=0x1) returned 0xb00017
[0176.694] GetCurrentObject (hdc=0x940107da, type=0x2) returned 0x900010
[0176.694] GetCurrentObject (hdc=0x940107da, type=0x7) returned 0x4a0507fe
[0176.694] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.694] SaveDC (hdc=0x940107da) returned 2
[0176.694] GetNearestColor (hdc=0x940107da, color=0xf0f0f0) returned 0xf0f0f0
[0176.694] CreateSolidBrush (color=0xf0f0f0) returned 0x911007e1
[0176.694] FillRect (hDC=0x940107da, lprc=0xd7d6c8, hbr=0x911007e1) returned 1
[0176.694] DeleteObject (ho=0x911007e1) returned 1
[0176.694] RestoreDC (hdc=0x940107da, nSavedDC=-1) returned 1
[0176.694] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.694] GetSystemMetrics (nIndex=42) returned 0
[0176.694] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0176.694] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0176.694] GetCurrentObject (hdc=0x940107da, type=0x1) returned 0xb00017
[0176.694] GetCurrentObject (hdc=0x940107da, type=0x2) returned 0x900010
[0176.694] GetCurrentObject (hdc=0x940107da, type=0x7) returned 0x4a0507fe
[0176.695] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.695] SaveDC (hdc=0x940107da) returned 2
[0176.695] GetNearestColor (hdc=0x940107da, color=0xf0f0f0) returned 0xf0f0f0
[0176.695] CreateSolidBrush (color=0xf0f0f0) returned 0x921007e1
[0176.695] FillRect (hDC=0x940107da, lprc=0xd7d668, hbr=0x921007e1) returned 1
[0176.695] DeleteObject (ho=0x921007e1) returned 1
[0176.695] RestoreDC (hdc=0x940107da, nSavedDC=-1) returned 1
[0176.695] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.695] GetSystemMetrics (nIndex=42) returned 0
[0176.695] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0176.695] RestoreDC (hdc=0x940107da, nSavedDC=-1) returned 1
[0176.695] GdipReleaseDC (graphics=0x6600030, hdc=0x940107da) returned 0x0
[0176.695] IsAppThemed () returned 0x1
[0176.695] GetThemeAppProperties () returned 0x3
[0176.695] GetThemeAppProperties () returned 0x3
[0176.695] IsAppThemed () returned 0x1
[0176.695] GetThemeAppProperties () returned 0x3
[0176.695] GetThemeAppProperties () returned 0x3
[0176.696] IsThemePartDefined () returned 0x1
[0176.696] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0176.696] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0176.696] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0176.696] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0176.696] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc00) returned 0x0
[0176.696] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0176.696] LocalFree (hMem=0x11ee868) returned 0x0
[0176.696] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0176.696] LocalFree (hMem=0x11ee788) returned 0x0
[0176.696] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0176.696] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0176.696] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0176.696] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0176.696] GdipDeleteRegion (region=0x6646718) returned 0x0
[0176.696] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0176.696] GetCurrentObject (hdc=0x940107da, type=0x1) returned 0xb00017
[0176.696] GetCurrentObject (hdc=0x940107da, type=0x2) returned 0x900010
[0176.696] GetCurrentObject (hdc=0x940107da, type=0x7) returned 0x4a0507fe
[0176.696] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.696] SaveDC (hdc=0x940107da) returned 1
[0176.696] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa9040807
[0176.697] GetClipRgn (hdc=0x940107da, hrgn=0xa9040807) returned 0
[0176.697] SelectClipRgn (hdc=0x940107da, hrgn=0x2e0407de) returned 2
[0176.697] DeleteObject (ho=0xa9040807) returned 1
[0176.697] DeleteObject (ho=0x2e0407de) returned 1
[0176.697] OffsetViewportOrgEx (in: hdc=0x940107da, x=0, y=0, lppt=0x2ca46d0 | out: lppt=0x2ca46d0) returned 1
[0176.697] IsAppThemed () returned 0x1
[0176.697] GetThemeAppProperties () returned 0x3
[0176.697] GetThemeAppProperties () returned 0x3
[0176.697] DrawThemeBackground () returned 0x0
[0176.697] RestoreDC (hdc=0x940107da, nSavedDC=-1) returned 1
[0176.697] GdipReleaseDC (graphics=0x6600030, hdc=0x940107da) returned 0x0
[0176.697] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0176.697] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0176.697] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0176.697] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0176.697] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc04) returned 0x0
[0176.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.697] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0176.697] LocalFree (hMem=0x11ee788) returned 0x0
[0176.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.697] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0176.697] LocalFree (hMem=0x11eec58) returned 0x0
[0176.698] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0176.698] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0176.698] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0176.698] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0176.698] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0176.698] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0176.698] GetCurrentObject (hdc=0x940107da, type=0x1) returned 0xb00017
[0176.698] GetCurrentObject (hdc=0x940107da, type=0x2) returned 0x900010
[0176.698] GetCurrentObject (hdc=0x940107da, type=0x7) returned 0x4a0507fe
[0176.698] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.698] SaveDC (hdc=0x940107da) returned 1
[0176.698] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2f0407de
[0176.698] GetClipRgn (hdc=0x940107da, hrgn=0x2f0407de) returned 0
[0176.698] SelectClipRgn (hdc=0x940107da, hrgn=0xaa040807) returned 2
[0176.698] DeleteObject (ho=0x2f0407de) returned 1
[0176.698] DeleteObject (ho=0xaa040807) returned 1
[0176.698] OffsetViewportOrgEx (in: hdc=0x940107da, x=0, y=0, lppt=0x2ca49a4 | out: lppt=0x2ca49a4) returned 1
[0176.698] IsAppThemed () returned 0x1
[0176.698] GetThemeAppProperties () returned 0x3
[0176.698] GetThemeAppProperties () returned 0x3
[0176.698] GetThemeBackgroundContentRect () returned 0x0
[0176.698] RestoreDC (hdc=0x940107da, nSavedDC=-1) returned 1
[0176.699] GdipReleaseDC (graphics=0x6600030, hdc=0x940107da) returned 0x0
[0176.699] IsAppThemed () returned 0x1
[0176.699] GetThemeAppProperties () returned 0x3
[0176.699] GetThemeAppProperties () returned 0x3
[0176.699] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0176.699] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0176.699] GetCurrentObject (hdc=0x940107da, type=0x1) returned 0xb00017
[0176.699] GetCurrentObject (hdc=0x940107da, type=0x2) returned 0x900010
[0176.699] GetCurrentObject (hdc=0x940107da, type=0x7) returned 0x4a0507fe
[0176.699] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.699] SaveDC (hdc=0x940107da) returned 1
[0176.699] GetTextAlign (hdc=0x940107da) returned 0x0
[0176.699] GetTextColor (hdc=0x940107da) returned 0x0
[0176.699] GetCurrentObject (hdc=0x940107da, type=0x6) returned 0x8a01c2
[0176.699] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0176.699] SelectObject (hdc=0x940107da, h=0x6d0a0520) returned 0x8a01c2
[0176.699] GetBkMode (hdc=0x940107da) returned 2
[0176.699] SetBkMode (hdc=0x940107da, mode=1) returned 2
[0176.699] DrawTextExW (in: hdc=0x940107da, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2ca4d44 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0176.700] DrawTextExW (in: hdc=0x940107da, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2ca4d44 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0176.700] RestoreDC (hdc=0x940107da, nSavedDC=-1) returned 1
[0176.700] GdipReleaseDC (graphics=0x6600030, hdc=0x940107da) returned 0x0
[0176.700] GetFocus () returned 0xe00ea
[0176.700] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0176.700] SendMessageW (hWnd=0x9005a, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0176.700] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0176.701] IsAppThemed () returned 0x1
[0176.701] GetThemeAppProperties () returned 0x3
[0176.701] GetThemeAppProperties () returned 0x3
[0176.701] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0176.701] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x940107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.701] GdipReleaseDC (graphics=0x6600030, hdc=0x940107da) returned 0x0
[0176.701] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.701] SelectObject (hdc=0x940107da, h=0x85000f) returned 0x4a0507fe
[0176.701] DeleteDC (hdc=0x940107da) returned 1
[0176.701] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.701] EndPaint (hWnd=0xe00ea, lpPaint=0xd7dee4) returned 1
[0176.701] MapWindowPoints (in: hWndFrom=0xe00ea, hWndTo=0x0, lpPoints=0x2ca4e40, cPoints=0x1 | out: lpPoints=0x2ca4e40) returned 30999254
[0176.701] WindowFromPoint (Point=0x31f) returned 0xe00ea
[0176.701] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.702] NotifyWinEvent (event=0x800a, hwnd=0xe00ea, idObject=-4, idChild=0)
[0176.702] NotifyWinEvent (event=0x800c, hwnd=0xe00ea, idObject=-4, idChild=0)
[0176.702] GetCapture () returned 0xe00ea
[0176.702] ReleaseCapture () returned 1
[0176.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0176.702] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0176.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.702] IsWindow (hWnd=0x7005c) returned 1
[0176.702] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0176.705] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0176.705] IsWindow (hWnd=0x9005a) returned 1
[0176.705] SetActiveWindow (hWnd=0x9005a) returned 0x9005a
[0176.705] IsWindow (hWnd=0x9005a) returned 1
[0176.705] SetFocus (hWnd=0x9005a) returned 0xe00ea
[0176.706] GetFocus () returned 0x9005a
[0176.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x8, wParam=0x9005a, lParam=0x0) returned 0x0
[0176.707] GetCapture () returned 0x0
[0176.707] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0176.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0176.710] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.710] GetFocus () returned 0x9005a
[0176.710] SetFocus (hWnd=0xe00ea) returned 0x9005a
[0176.711] GetFocus () returned 0xe00ea
[0176.711] IsChild (hWndParent=0x9005a, hWnd=0xe00ea) returned 1
[0176.711] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x8, wParam=0xe00ea, lParam=0x0) returned 0x0
[0176.712] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0176.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0176.714] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.714] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x7, wParam=0x9005a, lParam=0x0) returned 0x0
[0176.714] GetStockObject (i=5) returned 0x900015
[0176.715] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0176.715] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0176.715] GetDlgItem (hDlg=0x9005a, nIDDlgItem=917738) returned 0xe00ea
[0176.715] SendMessageW (hWnd=0xe00ea, Msg=0x202b, wParam=0xe00ea, lParam=0xd7ddcc) returned 0x0
[0176.715] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x202b, wParam=0xe00ea, lParam=0xd7ddcc) returned 0x0
[0176.715] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.719] GetWindowLongW (hWnd=0x9005a, nIndex=-8) returned 458844
[0176.719] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0176.719] GetCurrentThreadId () returned 0xf50
[0176.719] IsWindow (hWnd=0x7005c) returned 1
[0176.719] IsWindow (hWnd=0x7005c) returned 1
[0176.719] IsWindowVisible (hWnd=0x7005c) returned 1
[0176.719] SetActiveWindow (hWnd=0x7005c) returned 0x9005a
[0176.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0176.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0176.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0176.722] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0176.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0176.723] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0176.723] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0176.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x9005a) returned 0x1
[0176.726] GetFocus () returned 0xe00ea
[0176.726] SetFocus (hWnd=0x602c4) returned 0xe00ea
[0176.727] GetFocus () returned 0x602c4
[0176.727] IsChild (hWndParent=0x9005a, hWnd=0x602c4) returned 0
[0176.727] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0176.727] GetCapture () returned 0x0
[0176.727] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.729] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0176.730] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0176.731] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.733] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0176.733] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.733] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0176.734] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0176.734] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xe00ea, lParam=0x0) returned 0x0
[0176.734] GetStockObject (i=5) returned 0x900015
[0176.734] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0176.734] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0176.734] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0176.734] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0176.734] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0176.734] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0176.738] GetFocus () returned 0x602c4
[0176.738] IsChild (hWndParent=0x9005a, hWnd=0x602c4) returned 0
[0176.738] ShowWindow (hWnd=0x9005a, nCmdShow=0) returned 1
[0176.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0176.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0176.740] GetWindowPlacement (in: hWnd=0x9005a, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0176.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0176.740] GetClientRect (in: hWnd=0x9005a, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0176.740] GetWindowRect (in: hWnd=0x9005a, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0176.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0176.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0176.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0176.741] GetWindowLongW (hWnd=0x9005a, nIndex=-20) returned 327945
[0176.741] DestroyWindow (hWnd=0x9005a) returned 1
[0176.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0176.742] GetWindowTextLengthW (hWnd=0x9005a) returned 13
[0176.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.743] GetSystemMetrics (nIndex=42) returned 0
[0176.743] GetWindowTextW (in: hWnd=0x9005a, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0176.743] GetWindowTextLengthW (hWnd=0xd02d8) returned 0
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0176.743] GetSystemMetrics (nIndex=42) returned 0
[0176.743] GetWindowTextW (in: hWnd=0xd02d8, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0176.743] GetWindowThreadProcessId (in: hWnd=0xb02de, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0176.743] GetWindow (hWnd=0xb02de, uCmd=0x5) returned 0x0
[0176.743] GetWindowLongW (hWnd=0xb02de, nIndex=-20) returned 65792
[0176.743] DestroyWindow (hWnd=0xb02de) returned 1
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0176.743] GetWindowTextLengthW (hWnd=0xb02de) returned 25
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0176.743] GetSystemMetrics (nIndex=42) returned 0
[0176.743] GetWindowTextW (in: hWnd=0xb02de, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0176.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0176.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0176.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.745] GetWindowTextLengthW (hWnd=0xc02d2) returned 232
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0176.745] GetSystemMetrics (nIndex=42) returned 0
[0176.745] GetWindowTextW (in: hWnd=0xc02d2, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0176.745] InvalidateRect (hWnd=0xe00ea, lpRect=0x0, bErase=0) returned 1
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0176.745] SendMessageW (hWnd=0xb02da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0176.745] SendMessageW (hWnd=0xb02da, Msg=0xb0, wParam=0x2c7da80, lParam=0xd7e480) returned 0x0
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0xb0, wParam=0x2c7da80, lParam=0xd7e480) returned 0x0
[0176.745] GetWindowTextLengthW (hWnd=0xb02da) returned 4363
[0176.745] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0176.745] GetSystemMetrics (nIndex=42) returned 0
[0176.745] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0176.745] GetWindowTextW (in: hWnd=0xb02da, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0176.746] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0176.746] CoTaskMemFree (pv=0x11fff70)
[0176.746] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0176.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.758] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.759] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.760] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xb02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.762] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x9005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0176.778] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.778] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.778] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.778] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.778] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.778] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.781] IsWindowUnicode (hWnd=0x7005c) returned 1
[0176.781] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.782] SetCursor (hCursor=0x10003) returned 0x10003
[0176.782] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.782] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.782] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0176.782] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0176.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0176.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1110261) returned 0x0
[0176.782] GetKeyState (nVirtKey=1) returned 1
[0176.782] GetKeyState (nVirtKey=2) returned 0
[0176.782] GetKeyState (nVirtKey=4) returned 0
[0176.782] GetKeyState (nVirtKey=5) returned 0
[0176.782] GetKeyState (nVirtKey=6) returned 0
[0176.782] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.783] IsWindowUnicode (hWnd=0x7005c) returned 1
[0176.783] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.783] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.783] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.783] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.783] IsWindowUnicode (hWnd=0x7005c) returned 1
[0176.783] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e6031f) returned 0x1
[0176.783] SetCursor (hCursor=0x10003) returned 0x10003
[0176.783] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.784] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1110261) returned 0x0
[0176.784] GetKeyState (nVirtKey=1) returned 1
[0176.784] GetKeyState (nVirtKey=2) returned 0
[0176.784] GetKeyState (nVirtKey=4) returned 0
[0176.784] GetKeyState (nVirtKey=5) returned 0
[0176.784] GetKeyState (nVirtKey=6) returned 0
[0176.784] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.784] IsWindowUnicode (hWnd=0x602c4) returned 1
[0176.784] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.784] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.784] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.784] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.785] IsWindowUnicode (hWnd=0x602c4) returned 1
[0176.785] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.785] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.785] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.785] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0176.785] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.785] CreateCompatibleDC (hdc=0x107b9) returned 0x64010671
[0176.785] SelectObject (hdc=0x64010671, h=0x4a0507fe) returned 0x85000f
[0176.785] GdipCreateFromHDC (hdc=0x64010671, graphics=0xd7e798) returned 0x0
[0176.786] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0176.786] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0176.786] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0176.786] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0176.786] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e7f8) returned 0x0
[0176.786] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0176.786] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0176.786] LocalFree (hMem=0x11ee9f0) returned 0x0
[0176.786] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0176.786] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0176.786] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0176.786] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0176.786] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0176.786] GdipRestoreGraphics (graphics=0x6600030, state=0xfc0e0dbd) returned 0x0
[0176.786] GdipDeleteRegion (region=0x6646718) returned 0x0
[0176.786] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0176.786] GetCurrentObject (hdc=0x64010671, type=0x1) returned 0xb00017
[0176.786] GetCurrentObject (hdc=0x64010671, type=0x2) returned 0x900010
[0176.786] GetCurrentObject (hdc=0x64010671, type=0x7) returned 0x4a0507fe
[0176.786] GetCurrentObject (hdc=0x64010671, type=0x6) returned 0x8a01c2
[0176.787] SaveDC (hdc=0x64010671) returned 1
[0176.787] GetNearestColor (hdc=0x64010671, color=0xff) returned 0xff
[0176.787] GetNearestColor (hdc=0x64010671, color=0x55) returned 0x55
[0176.787] GetNearestColor (hdc=0x64010671, color=0x0) returned 0x0
[0176.787] GetNearestColor (hdc=0x64010671, color=0x55) returned 0x55
[0176.787] GetNearestColor (hdc=0x64010671, color=0x0) returned 0x0
[0176.787] GetNearestColor (hdc=0x64010671, color=0x8080ff) returned 0x8080ff
[0176.787] GetNearestColor (hdc=0x64010671, color=0x7373e5) returned 0x7373e5
[0176.787] GetNearestColor (hdc=0x64010671, color=0xe5) returned 0xe5
[0176.787] GetNearestColor (hdc=0x64010671, color=0x0) returned 0x0
[0176.787] RestoreDC (hdc=0x64010671, nSavedDC=-1) returned 1
[0176.787] GdipReleaseDC (graphics=0x6600030, hdc=0x64010671) returned 0x0
[0176.787] IsAppThemed () returned 0x1
[0176.787] GetThemeAppProperties () returned 0x3
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] IsAppThemed () returned 0x1
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2cacbe4 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0176.788] IsAppThemed () returned 0x1
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] IsAppThemed () returned 0x1
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] GetFocus () returned 0x602c4
[0176.788] IsAppThemed () returned 0x1
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] IsAppThemed () returned 0x1
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] GetThemeAppProperties () returned 0x3
[0176.788] IsThemePartDefined () returned 0x1
[0176.788] IsAppThemed () returned 0x1
[0176.789] GetThemeAppProperties () returned 0x3
[0176.789] GetThemeAppProperties () returned 0x3
[0176.789] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0176.789] IsAppThemed () returned 0x1
[0176.789] GetThemeAppProperties () returned 0x3
[0176.789] GetThemeAppProperties () returned 0x3
[0176.789] IsAppThemed () returned 0x1
[0176.789] GetThemeAppProperties () returned 0x3
[0176.789] GetThemeAppProperties () returned 0x3
[0176.789] IsThemePartDefined () returned 0x1
[0176.789] GdipCreateRegion (region=0xd7e508) returned 0x0
[0176.789] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0176.789] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0176.789] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0176.789] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e520) returned 0x0
[0176.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.789] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0176.789] LocalFree (hMem=0x11eec58) returned 0x0
[0176.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0176.789] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0176.789] LocalFree (hMem=0x11ee788) returned 0x0
[0176.789] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0176.789] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0176.789] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0176.789] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0176.789] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0176.790] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0176.790] GetCurrentObject (hdc=0x64010671, type=0x1) returned 0xb00017
[0176.790] GetCurrentObject (hdc=0x64010671, type=0x2) returned 0x900010
[0176.790] GetCurrentObject (hdc=0x64010671, type=0x7) returned 0x4a0507fe
[0176.790] GetCurrentObject (hdc=0x64010671, type=0x6) returned 0x8a01c2
[0176.790] SaveDC (hdc=0x64010671) returned 1
[0176.790] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab040807
[0176.790] GetClipRgn (hdc=0x64010671, hrgn=0xab040807) returned 0
[0176.790] SelectClipRgn (hdc=0x64010671, hrgn=0x330407de) returned 2
[0176.790] DeleteObject (ho=0xab040807) returned 1
[0176.790] DeleteObject (ho=0x330407de) returned 1
[0176.790] OffsetViewportOrgEx (in: hdc=0x64010671, x=0, y=0, lppt=0x2cad294 | out: lppt=0x2cad294) returned 1
[0176.790] DrawThemeParentBackground () returned 0x0
[0176.790] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0176.790] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0176.790] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.790] GetSystemMetrics (nIndex=42) returned 0
[0176.790] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0176.791] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0176.791] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0176.791] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0176.791] SelectPalette (hdc=0x64010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.791] GdipCreateFromHDC (hdc=0x64010671, graphics=0xd7dff8) returned 0x0
[0176.791] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0176.791] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0176.791] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638db8) returned 0x0
[0176.791] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dfd0) returned 0x0
[0176.791] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0176.791] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0176.791] GdipGetClip (graphics=0x6638e08, region=0x6646448) returned 0x0
[0176.791] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6638e08, result=0xd7dfc4) returned 0x0
[0176.791] GdipDeleteRegion (region=0x6646448) returned 0x0
[0176.791] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dff0) returned 0x0
[0176.791] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0176.805] GdipFillRectangleI (graphics=0x6638e08, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0176.805] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0176.806] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0176.806] SelectPalette (hdc=0x64010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.806] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.806] GetSystemMetrics (nIndex=42) returned 0
[0176.806] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0176.807] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0176.807] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0176.807] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0176.807] SelectPalette (hdc=0x64010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0176.807] GdipCreateFromHDC (hdc=0x64010671, graphics=0xd7df98) returned 0x0
[0176.807] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0176.807] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0176.807] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638b18) returned 0x0
[0176.807] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df70) returned 0x0
[0176.807] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0176.807] GdipCreateRegion (region=0xd7df58) returned 0x0
[0176.807] GdipGetClip (graphics=0x6638e08, region=0x66467a8) returned 0x0
[0176.807] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6638e08, result=0xd7df64) returned 0x0
[0176.807] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0176.807] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df90) returned 0x0
[0176.807] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0176.820] GdipFillRectangleI (graphics=0x6638e08, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0176.820] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0176.821] GdipRestoreGraphics (graphics=0x6638e08, state=0xfc0a0dbd) returned 0x0
[0176.821] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0176.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0176.821] GetSystemMetrics (nIndex=42) returned 0
[0176.821] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0176.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0176.821] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0176.822] SelectPalette (hdc=0x64010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.822] RestoreDC (hdc=0x64010671, nSavedDC=-1) returned 1
[0176.822] GdipReleaseDC (graphics=0x6600030, hdc=0x64010671) returned 0x0
[0176.822] IsAppThemed () returned 0x1
[0176.822] GetThemeAppProperties () returned 0x3
[0176.822] GetThemeAppProperties () returned 0x3
[0176.822] IsAppThemed () returned 0x1
[0176.822] GetThemeAppProperties () returned 0x3
[0176.822] GetThemeAppProperties () returned 0x3
[0176.822] IsThemePartDefined () returned 0x1
[0176.822] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0176.822] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0176.822] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0176.822] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0176.822] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a4) returned 0x0
[0176.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.822] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0176.822] LocalFree (hMem=0x11eec58) returned 0x0
[0176.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0176.822] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0176.823] LocalFree (hMem=0x11ee9f0) returned 0x0
[0176.823] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0176.823] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0176.823] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0176.823] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0176.823] GdipDeleteRegion (region=0x6646298) returned 0x0
[0176.823] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0176.823] GetCurrentObject (hdc=0x64010671, type=0x1) returned 0xb00017
[0176.823] GetCurrentObject (hdc=0x64010671, type=0x2) returned 0x900010
[0176.823] GetCurrentObject (hdc=0x64010671, type=0x7) returned 0x4a0507fe
[0176.823] GetCurrentObject (hdc=0x64010671, type=0x6) returned 0x8a01c2
[0176.823] SaveDC (hdc=0x64010671) returned 1
[0176.823] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x340407de
[0176.823] GetClipRgn (hdc=0x64010671, hrgn=0x340407de) returned 0
[0176.823] SelectClipRgn (hdc=0x64010671, hrgn=0xad040807) returned 2
[0176.823] DeleteObject (ho=0x340407de) returned 1
[0176.823] DeleteObject (ho=0xad040807) returned 1
[0176.823] OffsetViewportOrgEx (in: hdc=0x64010671, x=0, y=0, lppt=0x2cb3ae4 | out: lppt=0x2cb3ae4) returned 1
[0176.823] IsAppThemed () returned 0x1
[0176.823] GetThemeAppProperties () returned 0x3
[0176.824] GetThemeAppProperties () returned 0x3
[0176.824] DrawThemeBackground () returned 0x0
[0176.824] RestoreDC (hdc=0x64010671, nSavedDC=-1) returned 1
[0176.824] GdipReleaseDC (graphics=0x6600030, hdc=0x64010671) returned 0x0
[0176.824] GdipCreateRegion (region=0xd7e490) returned 0x0
[0176.824] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0176.824] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0176.824] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0176.824] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e4a8) returned 0x0
[0176.824] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0176.824] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0176.824] LocalFree (hMem=0x11eec58) returned 0x0
[0176.824] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0176.824] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0176.824] LocalFree (hMem=0x11eea60) returned 0x0
[0176.824] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0176.824] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0176.824] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0176.824] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0176.824] GdipDeleteRegion (region=0x6646298) returned 0x0
[0176.824] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0176.824] GetCurrentObject (hdc=0x64010671, type=0x1) returned 0xb00017
[0176.824] GetCurrentObject (hdc=0x64010671, type=0x2) returned 0x900010
[0176.824] GetCurrentObject (hdc=0x64010671, type=0x7) returned 0x4a0507fe
[0176.825] GetCurrentObject (hdc=0x64010671, type=0x6) returned 0x8a01c2
[0176.825] SaveDC (hdc=0x64010671) returned 1
[0176.825] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xae040807
[0176.825] GetClipRgn (hdc=0x64010671, hrgn=0xae040807) returned 0
[0176.825] SelectClipRgn (hdc=0x64010671, hrgn=0x350407de) returned 2
[0176.825] DeleteObject (ho=0xae040807) returned 1
[0176.825] DeleteObject (ho=0x350407de) returned 1
[0176.831] OffsetViewportOrgEx (in: hdc=0x64010671, x=0, y=0, lppt=0x2cb3db8 | out: lppt=0x2cb3db8) returned 1
[0176.831] IsAppThemed () returned 0x1
[0176.831] GetThemeAppProperties () returned 0x3
[0176.831] GetThemeAppProperties () returned 0x3
[0176.831] GetThemeBackgroundContentRect () returned 0x0
[0176.831] RestoreDC (hdc=0x64010671, nSavedDC=-1) returned 1
[0176.831] GdipReleaseDC (graphics=0x6600030, hdc=0x64010671) returned 0x0
[0176.831] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0176.831] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0176.831] GdipFillRectangleI (graphics=0x6600030, brush=0x6656ac0, x=4, y=4, width=67, height=15) returned 0x0
[0176.831] GdipDeleteBrush (brush=0x6656ac0) returned 0x0
[0176.831] IsAppThemed () returned 0x1
[0176.831] GetThemeAppProperties () returned 0x3
[0176.831] GetThemeAppProperties () returned 0x3
[0176.831] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0176.831] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0176.831] GetCurrentObject (hdc=0x64010671, type=0x1) returned 0xb00017
[0176.831] GetCurrentObject (hdc=0x64010671, type=0x2) returned 0x900010
[0176.831] GetCurrentObject (hdc=0x64010671, type=0x7) returned 0x4a0507fe
[0176.832] GetCurrentObject (hdc=0x64010671, type=0x6) returned 0x8a01c2
[0176.832] SaveDC (hdc=0x64010671) returned 1
[0176.832] GetTextAlign (hdc=0x64010671) returned 0x0
[0176.832] GetTextColor (hdc=0x64010671) returned 0x0
[0176.832] GetCurrentObject (hdc=0x64010671, type=0x6) returned 0x8a01c2
[0176.832] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0176.832] SelectObject (hdc=0x64010671, h=0x6d0a0520) returned 0x8a01c2
[0176.832] GetBkMode (hdc=0x64010671) returned 2
[0176.832] SetBkMode (hdc=0x64010671, mode=1) returned 2
[0176.832] DrawTextExW (in: hdc=0x64010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2cb417c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0176.832] DrawTextExW (in: hdc=0x64010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2cb417c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0176.833] RestoreDC (hdc=0x64010671, nSavedDC=-1) returned 1
[0176.833] GdipReleaseDC (graphics=0x6600030, hdc=0x64010671) returned 0x0
[0176.833] GetFocus () returned 0x602c4
[0176.833] IsAppThemed () returned 0x1
[0176.833] GetThemeAppProperties () returned 0x3
[0176.833] GetThemeAppProperties () returned 0x3
[0176.833] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0176.833] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x64010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0176.833] GdipReleaseDC (graphics=0x6600030, hdc=0x64010671) returned 0x0
[0176.833] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0176.833] SelectObject (hdc=0x64010671, h=0x85000f) returned 0x4a0507fe
[0176.833] DeleteDC (hdc=0x64010671) returned 1
[0176.833] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0176.833] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0176.834] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.834] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.834] WaitMessage () returned 1
[0176.835] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.835] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.835] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.835] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.835] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.836] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.836] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.836] WaitMessage () returned 1
[0176.871] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.871] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.872] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.872] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.872] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.876] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.876] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.876] WaitMessage () returned 1
[0176.880] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.880] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.880] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.880] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.880] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.881] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.881] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.881] WaitMessage () returned 1
[0176.881] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.881] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.881] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.881] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.882] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.883] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.883] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.883] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.883] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.883] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.883] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.883] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.883] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.884] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.884] WaitMessage () returned 1
[0176.884] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.884] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.884] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.884] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.884] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.886] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.886] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.886] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.886] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.886] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.886] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.886] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.886] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.887] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.887] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.887] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.887] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.887] WaitMessage () returned 1
[0176.887] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.887] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.888] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.888] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.888] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.889] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.889] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.889] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.889] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.889] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.889] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.889] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.889] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.889] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.889] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.890] IsWindowUnicode (hWnd=0x7005c) returned 1
[0176.890] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.890] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.890] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.890] IsWindowUnicode (hWnd=0x7005c) returned 1
[0176.890] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.890] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.890] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1110261) returned 0x0
[0176.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.891] WaitMessage () returned 1
[0176.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.891] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.891] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.891] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.891] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.893] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.893] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.893] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.893] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.894] IsWindowUnicode (hWnd=0x30122) returned 1
[0176.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0176.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0176.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0176.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0176.894] WaitMessage () returned 1
[0177.028] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.028] IsWindowUnicode (hWnd=0x502c6) returned 1
[0177.029] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.029] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.029] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.029] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0177.029] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0177.029] WaitMessage () returned 1
[0177.381] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0101) returned 0x1
[0177.381] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.381] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.381] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.381] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0177.381] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0101) returned 0x1
[0177.381] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.381] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0101) returned 0x1
[0177.382] SetCursor (hCursor=0x10003) returned 0x10003
[0177.382] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.382] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.382] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0177.382] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0177.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0177.382] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0177.382] GetKeyState (nVirtKey=1) returned 1
[0177.382] GetKeyState (nVirtKey=2) returned 0
[0177.382] GetKeyState (nVirtKey=4) returned 0
[0177.382] GetKeyState (nVirtKey=5) returned 0
[0177.382] GetKeyState (nVirtKey=6) returned 0
[0177.382] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.382] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.382] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.383] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.383] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.383] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0177.383] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.383] CreateCompatibleDC (hdc=0x107b9) returned 0x250107e5
[0177.383] SelectObject (hdc=0x250107e5, h=0x4a0507fe) returned 0x85000f
[0177.383] GdipCreateFromHDC (hdc=0x250107e5, graphics=0xd7e798) returned 0x0
[0177.383] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0177.383] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0177.383] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0177.383] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0177.383] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e7f8) returned 0x0
[0177.383] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0177.384] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0177.384] LocalFree (hMem=0x11ee8d8) returned 0x0
[0177.384] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0177.384] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0177.384] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0177.384] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0177.384] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0177.384] GdipRestoreGraphics (graphics=0x6600030, state=0xfc080dbd) returned 0x0
[0177.384] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0177.384] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0177.384] GetCurrentObject (hdc=0x250107e5, type=0x1) returned 0xb00017
[0177.384] GetCurrentObject (hdc=0x250107e5, type=0x2) returned 0x900010
[0177.384] GetCurrentObject (hdc=0x250107e5, type=0x7) returned 0x4a0507fe
[0177.384] GetCurrentObject (hdc=0x250107e5, type=0x6) returned 0x8a01c2
[0177.384] SaveDC (hdc=0x250107e5) returned 1
[0177.384] GetNearestColor (hdc=0x250107e5, color=0xff) returned 0xff
[0177.384] GetNearestColor (hdc=0x250107e5, color=0x55) returned 0x55
[0177.385] GetNearestColor (hdc=0x250107e5, color=0x0) returned 0x0
[0177.385] GetNearestColor (hdc=0x250107e5, color=0x55) returned 0x55
[0177.385] GetNearestColor (hdc=0x250107e5, color=0x0) returned 0x0
[0177.385] GetNearestColor (hdc=0x250107e5, color=0x8080ff) returned 0x8080ff
[0177.385] GetNearestColor (hdc=0x250107e5, color=0x7373e5) returned 0x7373e5
[0177.385] GetNearestColor (hdc=0x250107e5, color=0xe5) returned 0xe5
[0177.385] GetNearestColor (hdc=0x250107e5, color=0x0) returned 0x0
[0177.385] RestoreDC (hdc=0x250107e5, nSavedDC=-1) returned 1
[0177.385] GdipReleaseDC (graphics=0x6600030, hdc=0x250107e5) returned 0x0
[0177.385] IsAppThemed () returned 0x1
[0177.385] GetThemeAppProperties () returned 0x3
[0177.385] GetThemeAppProperties () returned 0x3
[0177.385] IsAppThemed () returned 0x1
[0177.385] GetThemeAppProperties () returned 0x3
[0177.385] GetThemeAppProperties () returned 0x3
[0177.385] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2cb4ac8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0177.386] IsAppThemed () returned 0x1
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] IsAppThemed () returned 0x1
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] IsAppThemed () returned 0x1
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] IsAppThemed () returned 0x1
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] IsThemePartDefined () returned 0x1
[0177.386] IsAppThemed () returned 0x1
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0177.386] IsAppThemed () returned 0x1
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] IsAppThemed () returned 0x1
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] GetThemeAppProperties () returned 0x3
[0177.386] IsThemePartDefined () returned 0x1
[0177.387] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0177.387] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0177.387] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0177.387] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0177.387] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e514) returned 0x0
[0177.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0177.387] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eed00) returned 0x0
[0177.387] LocalFree (hMem=0x11eed00) returned 0x0
[0177.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0177.387] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0177.387] LocalFree (hMem=0x11ee868) returned 0x0
[0177.387] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0177.387] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0177.387] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0177.387] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0177.387] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0177.387] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0177.387] GetCurrentObject (hdc=0x250107e5, type=0x1) returned 0xb00017
[0177.387] GetCurrentObject (hdc=0x250107e5, type=0x2) returned 0x900010
[0177.387] GetCurrentObject (hdc=0x250107e5, type=0x7) returned 0x4a0507fe
[0177.404] GetCurrentObject (hdc=0x250107e5, type=0x6) returned 0x8a01c2
[0177.404] SaveDC (hdc=0x250107e5) returned 1
[0177.404] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x360407de
[0177.404] GetClipRgn (hdc=0x250107e5, hrgn=0x360407de) returned 0
[0177.404] SelectClipRgn (hdc=0x250107e5, hrgn=0xb2040807) returned 2
[0177.404] DeleteObject (ho=0x360407de) returned 1
[0177.404] DeleteObject (ho=0xb2040807) returned 1
[0177.404] OffsetViewportOrgEx (in: hdc=0x250107e5, x=0, y=0, lppt=0x2cb5178 | out: lppt=0x2cb5178) returned 1
[0177.404] DrawThemeParentBackground () returned 0x0
[0177.404] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0177.404] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0177.404] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.404] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.404] GetSystemMetrics (nIndex=42) returned 0
[0177.404] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.404] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0177.405] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0177.405] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0177.405] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0177.405] SelectPalette (hdc=0x250107e5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.405] GdipCreateFromHDC (hdc=0x250107e5, graphics=0xd7dff0) returned 0x0
[0177.405] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0177.405] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0177.405] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638ba8) returned 0x0
[0177.405] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dfc8) returned 0x0
[0177.405] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0177.405] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0177.405] GdipGetClip (graphics=0x6638e08, region=0x66463b8) returned 0x0
[0177.405] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6638e08, result=0xd7dfbc) returned 0x0
[0177.405] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0177.405] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dfe8) returned 0x0
[0177.405] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0177.414] GdipFillRectangleI (graphics=0x6638e08, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0177.414] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0177.415] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0177.415] SelectPalette (hdc=0x250107e5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.415] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.415] GetSystemMetrics (nIndex=42) returned 0
[0177.415] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0177.415] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0177.415] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0177.416] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0177.416] SelectPalette (hdc=0x250107e5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.416] GdipCreateFromHDC (hdc=0x250107e5, graphics=0xd7df90) returned 0x0
[0177.416] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0177.416] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0177.416] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c38) returned 0x0
[0177.416] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df68) returned 0x0
[0177.416] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0177.416] GdipCreateRegion (region=0xd7df50) returned 0x0
[0177.416] GdipGetClip (graphics=0x6638e08, region=0x66469e8) returned 0x0
[0177.416] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6638e08, result=0xd7df5c) returned 0x0
[0177.416] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0177.416] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df88) returned 0x0
[0177.416] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0177.427] GdipFillRectangleI (graphics=0x6638e08, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0177.427] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0177.429] GdipRestoreGraphics (graphics=0x6638e08, state=0xfc040dbd) returned 0x0
[0177.429] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.429] GetSystemMetrics (nIndex=42) returned 0
[0177.429] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0177.429] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0177.429] SelectPalette (hdc=0x250107e5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.429] RestoreDC (hdc=0x250107e5, nSavedDC=-1) returned 1
[0177.429] GdipReleaseDC (graphics=0x6600030, hdc=0x250107e5) returned 0x0
[0177.429] IsAppThemed () returned 0x1
[0177.429] GetThemeAppProperties () returned 0x3
[0177.429] GetThemeAppProperties () returned 0x3
[0177.429] IsAppThemed () returned 0x1
[0177.429] GetThemeAppProperties () returned 0x3
[0177.429] GetThemeAppProperties () returned 0x3
[0177.429] IsThemePartDefined () returned 0x1
[0177.430] GdipCreateRegion (region=0xd7e480) returned 0x0
[0177.430] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0177.430] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0177.430] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0177.430] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e498) returned 0x0
[0177.430] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0177.430] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0177.430] LocalFree (hMem=0x11ee9f0) returned 0x0
[0177.430] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0177.430] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eecc8) returned 0x0
[0177.430] LocalFree (hMem=0x11eecc8) returned 0x0
[0177.430] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0177.430] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0177.430] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0177.430] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0177.430] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0177.430] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0177.430] GetCurrentObject (hdc=0x250107e5, type=0x1) returned 0xb00017
[0177.430] GetCurrentObject (hdc=0x250107e5, type=0x2) returned 0x900010
[0177.430] GetCurrentObject (hdc=0x250107e5, type=0x7) returned 0x4a0507fe
[0177.430] GetCurrentObject (hdc=0x250107e5, type=0x6) returned 0x8a01c2
[0177.430] SaveDC (hdc=0x250107e5) returned 1
[0177.431] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb3040807
[0177.431] GetClipRgn (hdc=0x250107e5, hrgn=0xb3040807) returned 0
[0177.431] SelectClipRgn (hdc=0x250107e5, hrgn=0x380407de) returned 2
[0177.431] DeleteObject (ho=0xb3040807) returned 1
[0177.431] DeleteObject (ho=0x380407de) returned 1
[0177.431] OffsetViewportOrgEx (in: hdc=0x250107e5, x=0, y=0, lppt=0x2cbb9c8 | out: lppt=0x2cbb9c8) returned 1
[0177.431] IsAppThemed () returned 0x1
[0177.431] GetThemeAppProperties () returned 0x3
[0177.431] GetThemeAppProperties () returned 0x3
[0177.431] DrawThemeBackground () returned 0x0
[0177.431] RestoreDC (hdc=0x250107e5, nSavedDC=-1) returned 1
[0177.431] GdipReleaseDC (graphics=0x6600030, hdc=0x250107e5) returned 0x0
[0177.431] GdipCreateRegion (region=0xd7e484) returned 0x0
[0177.431] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0177.431] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0177.431] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0177.431] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e49c) returned 0x0
[0177.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0177.431] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0177.431] LocalFree (hMem=0x11eec58) returned 0x0
[0177.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0177.432] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0177.432] LocalFree (hMem=0x11eec58) returned 0x0
[0177.432] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0177.432] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0177.432] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0177.432] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0177.432] GdipDeleteRegion (region=0x6646448) returned 0x0
[0177.432] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0177.432] GetCurrentObject (hdc=0x250107e5, type=0x1) returned 0xb00017
[0177.432] GetCurrentObject (hdc=0x250107e5, type=0x2) returned 0x900010
[0177.432] GetCurrentObject (hdc=0x250107e5, type=0x7) returned 0x4a0507fe
[0177.432] GetCurrentObject (hdc=0x250107e5, type=0x6) returned 0x8a01c2
[0177.432] SaveDC (hdc=0x250107e5) returned 1
[0177.432] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x390407de
[0177.432] GetClipRgn (hdc=0x250107e5, hrgn=0x390407de) returned 0
[0177.432] SelectClipRgn (hdc=0x250107e5, hrgn=0xb4040807) returned 2
[0177.432] DeleteObject (ho=0x390407de) returned 1
[0177.432] DeleteObject (ho=0xb4040807) returned 1
[0177.432] OffsetViewportOrgEx (in: hdc=0x250107e5, x=0, y=0, lppt=0x2cbbc9c | out: lppt=0x2cbbc9c) returned 1
[0177.432] IsAppThemed () returned 0x1
[0177.432] GetThemeAppProperties () returned 0x3
[0177.433] GetThemeAppProperties () returned 0x3
[0177.433] GetThemeBackgroundContentRect () returned 0x0
[0177.433] RestoreDC (hdc=0x250107e5, nSavedDC=-1) returned 1
[0177.433] GdipReleaseDC (graphics=0x6600030, hdc=0x250107e5) returned 0x0
[0177.433] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0177.433] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0177.433] GdipFillRectangleI (graphics=0x6600030, brush=0x6656ac0, x=4, y=4, width=67, height=15) returned 0x0
[0177.433] GdipDeleteBrush (brush=0x6656ac0) returned 0x0
[0177.433] IsAppThemed () returned 0x1
[0177.433] GetThemeAppProperties () returned 0x3
[0177.433] GetThemeAppProperties () returned 0x3
[0177.433] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0177.433] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0177.433] GetCurrentObject (hdc=0x250107e5, type=0x1) returned 0xb00017
[0177.433] GetCurrentObject (hdc=0x250107e5, type=0x2) returned 0x900010
[0177.433] GetCurrentObject (hdc=0x250107e5, type=0x7) returned 0x4a0507fe
[0177.433] GetCurrentObject (hdc=0x250107e5, type=0x6) returned 0x8a01c2
[0177.433] SaveDC (hdc=0x250107e5) returned 1
[0177.433] GetTextAlign (hdc=0x250107e5) returned 0x0
[0177.433] GetTextColor (hdc=0x250107e5) returned 0x0
[0177.433] GetCurrentObject (hdc=0x250107e5, type=0x6) returned 0x8a01c2
[0177.433] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0177.434] SelectObject (hdc=0x250107e5, h=0x6d0a0520) returned 0x8a01c2
[0177.434] GetBkMode (hdc=0x250107e5) returned 2
[0177.434] SetBkMode (hdc=0x250107e5, mode=1) returned 2
[0177.434] DrawTextExW (in: hdc=0x250107e5, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2cbc060 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0177.434] DrawTextExW (in: hdc=0x250107e5, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2cbc060 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0177.438] RestoreDC (hdc=0x250107e5, nSavedDC=-1) returned 1
[0177.438] GdipReleaseDC (graphics=0x6600030, hdc=0x250107e5) returned 0x0
[0177.438] GetFocus () returned 0x602c4
[0177.438] IsAppThemed () returned 0x1
[0177.438] GetThemeAppProperties () returned 0x3
[0177.438] GetThemeAppProperties () returned 0x3
[0177.438] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0177.438] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x250107e5, x1=0, y1=0, rop=0xcc0020) returned 1
[0177.439] GdipReleaseDC (graphics=0x6600030, hdc=0x250107e5) returned 0x0
[0177.439] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.439] SelectObject (hdc=0x250107e5, h=0x85000f) returned 0x4a0507fe
[0177.439] DeleteDC (hdc=0x250107e5) returned 1
[0177.439] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.439] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0177.439] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0177.439] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0177.439] WaitMessage () returned 1
[0177.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.484] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.484] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.484] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.484] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.484] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.484] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.484] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.484] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x70026) returned 0x0
[0177.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0177.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0177.484] WaitMessage () returned 1
[0177.610] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.610] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0101) returned 0x1
[0177.611] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.611] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0101) returned 0x1
[0177.611] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0177.611] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1990043) returned 0x0
[0177.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0177.611] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0177.611] SetCursor (hCursor=0x10003) returned 0x10003
[0177.611] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.611] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.611] GetKeyState (nVirtKey=1) returned -128
[0177.611] GetKeyState (nVirtKey=2) returned 0
[0177.611] GetKeyState (nVirtKey=4) returned 0
[0177.611] GetKeyState (nVirtKey=5) returned 0
[0177.611] GetKeyState (nVirtKey=6) returned 0
[0177.611] IsWindowVisible (hWnd=0x602c4) returned 1
[0177.612] IsWindowEnabled (hWnd=0x602c4) returned 1
[0177.612] SetFocus (hWnd=0x602c4) returned 0x602c4
[0177.612] GetFocus () returned 0x602c4
[0177.612] GetFocus () returned 0x602c4
[0177.612] GetFocus () returned 0x602c4
[0177.612] GetKeyState (nVirtKey=1) returned -128
[0177.612] GetKeyState (nVirtKey=2) returned 0
[0177.612] GetKeyState (nVirtKey=4) returned 0
[0177.612] GetKeyState (nVirtKey=5) returned 0
[0177.612] GetKeyState (nVirtKey=6) returned 0
[0177.612] GetCapture () returned 0x0
[0177.612] SetCapture (hWnd=0x602c4) returned 0x0
[0177.612] GetKeyState (nVirtKey=1) returned -128
[0177.612] GetKeyState (nVirtKey=2) returned 0
[0177.612] GetKeyState (nVirtKey=4) returned 0
[0177.612] GetKeyState (nVirtKey=5) returned 0
[0177.612] GetKeyState (nVirtKey=6) returned 0
[0177.612] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0177.612] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0177.612] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.612] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.612] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0177.613] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0177.613] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0177.613] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cbc1e4, cPoints=0x1 | out: lpPoints=0x2cbc1e4) returned 40304859
[0177.613] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0177.613] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0177.613] UpdateWindow (hWnd=0x602c4) returned 1
[0177.613] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0177.613] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.613] CreateCompatibleDC (hdc=0x107b9) returned 0x2c0107e5
[0177.613] SelectObject (hdc=0x2c0107e5, h=0x4a0507fe) returned 0x85000f
[0177.613] GdipCreateFromHDC (hdc=0x2c0107e5, graphics=0xd7e430) returned 0x0
[0177.613] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0177.614] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0177.614] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0177.614] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0177.614] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e490) returned 0x0
[0177.614] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0177.614] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0177.614] LocalFree (hMem=0x11ee788) returned 0x0
[0177.614] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0177.614] GdipCreateRegion (region=0xd7e478) returned 0x0
[0177.614] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0177.614] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0177.614] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0177.614] GdipRestoreGraphics (graphics=0x6600030, state=0xfc020dbd) returned 0x0
[0177.614] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0177.614] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0177.614] GetCurrentObject (hdc=0x2c0107e5, type=0x1) returned 0xb00017
[0177.614] GetCurrentObject (hdc=0x2c0107e5, type=0x2) returned 0x900010
[0177.614] GetCurrentObject (hdc=0x2c0107e5, type=0x7) returned 0x4a0507fe
[0177.614] GetCurrentObject (hdc=0x2c0107e5, type=0x6) returned 0x8a01c2
[0177.614] SaveDC (hdc=0x2c0107e5) returned 1
[0177.614] GetNearestColor (hdc=0x2c0107e5, color=0xff) returned 0xff
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0x55) returned 0x55
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0x0) returned 0x0
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0x55) returned 0x55
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0x0) returned 0x0
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0x8080ff) returned 0x8080ff
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0x7373e5) returned 0x7373e5
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0xe5) returned 0xe5
[0177.615] GetNearestColor (hdc=0x2c0107e5, color=0x0) returned 0x0
[0177.615] RestoreDC (hdc=0x2c0107e5, nSavedDC=-1) returned 1
[0177.615] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107e5) returned 0x0
[0177.615] IsAppThemed () returned 0x1
[0177.615] GetThemeAppProperties () returned 0x3
[0177.615] GetThemeAppProperties () returned 0x3
[0177.615] IsAppThemed () returned 0x1
[0177.615] GetThemeAppProperties () returned 0x3
[0177.615] GetThemeAppProperties () returned 0x3
[0177.616] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2cbc900 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0177.616] IsAppThemed () returned 0x1
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] IsAppThemed () returned 0x1
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] IsAppThemed () returned 0x1
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] IsAppThemed () returned 0x1
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] GetThemeAppProperties () returned 0x3
[0177.616] IsThemePartDefined () returned 0x1
[0177.616] IsAppThemed () returned 0x1
[0177.617] GetThemeAppProperties () returned 0x3
[0177.617] GetThemeAppProperties () returned 0x3
[0177.617] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0177.617] IsAppThemed () returned 0x1
[0177.617] GetThemeAppProperties () returned 0x3
[0177.617] GetThemeAppProperties () returned 0x3
[0177.617] IsAppThemed () returned 0x1
[0177.617] GetThemeAppProperties () returned 0x3
[0177.617] GetThemeAppProperties () returned 0x3
[0177.617] IsThemePartDefined () returned 0x1
[0177.617] GdipCreateRegion (region=0xd7e194) returned 0x0
[0177.617] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0177.617] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0177.617] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0177.617] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e1ac) returned 0x0
[0177.617] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0177.617] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0177.617] LocalFree (hMem=0x11ee788) returned 0x0
[0177.617] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0177.617] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0177.617] LocalFree (hMem=0x11ee8d8) returned 0x0
[0177.617] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0177.617] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0177.618] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0177.618] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0177.618] GdipDeleteRegion (region=0x6646718) returned 0x0
[0177.618] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0177.618] GetCurrentObject (hdc=0x2c0107e5, type=0x1) returned 0xb00017
[0177.618] GetCurrentObject (hdc=0x2c0107e5, type=0x2) returned 0x900010
[0177.618] GetCurrentObject (hdc=0x2c0107e5, type=0x7) returned 0x4a0507fe
[0177.618] GetCurrentObject (hdc=0x2c0107e5, type=0x6) returned 0x8a01c2
[0177.618] SaveDC (hdc=0x2c0107e5) returned 1
[0177.618] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb5040807
[0177.618] GetClipRgn (hdc=0x2c0107e5, hrgn=0xb5040807) returned 0
[0177.618] SelectClipRgn (hdc=0x2c0107e5, hrgn=0x3d0407de) returned 2
[0177.618] DeleteObject (ho=0xb5040807) returned 1
[0177.618] DeleteObject (ho=0x3d0407de) returned 1
[0177.618] OffsetViewportOrgEx (in: hdc=0x2c0107e5, x=0, y=0, lppt=0x2cbcfb0 | out: lppt=0x2cbcfb0) returned 1
[0177.618] DrawThemeParentBackground () returned 0x0
[0177.618] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0177.619] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0177.619] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.619] GetSystemMetrics (nIndex=42) returned 0
[0177.619] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0177.619] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0177.619] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0177.619] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0177.619] SelectPalette (hdc=0x2c0107e5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.619] GdipCreateFromHDC (hdc=0x2c0107e5, graphics=0xd7dc88) returned 0x0
[0177.619] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0177.619] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0177.619] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638cf8) returned 0x0
[0177.619] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc60) returned 0x0
[0177.619] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0177.619] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0177.619] GdipGetClip (graphics=0x6638e08, region=0x66464d8) returned 0x0
[0177.620] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6638e08, result=0xd7dc54) returned 0x0
[0177.620] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0177.620] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc80) returned 0x0
[0177.620] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0177.628] GdipFillRectangleI (graphics=0x6638e08, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0177.628] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0177.630] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0177.630] SelectPalette (hdc=0x2c0107e5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.630] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.630] GetSystemMetrics (nIndex=42) returned 0
[0177.630] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0177.630] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0177.630] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0177.630] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0177.630] SelectPalette (hdc=0x2c0107e5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.630] GdipCreateFromHDC (hdc=0x2c0107e5, graphics=0xd7dc28) returned 0x0
[0177.631] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0177.631] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0177.631] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638a28) returned 0x0
[0177.631] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0177.631] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0177.631] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0177.631] GdipGetClip (graphics=0x6638e08, region=0x6646b08) returned 0x0
[0177.631] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6638e08, result=0xd7dbf4) returned 0x0
[0177.631] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0177.631] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc20) returned 0x0
[0177.631] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0177.641] GdipFillRectangleI (graphics=0x6638e08, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0177.641] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0177.642] GdipRestoreGraphics (graphics=0x6638e08, state=0xfbfe0dbd) returned 0x0
[0177.642] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.643] GetSystemMetrics (nIndex=42) returned 0
[0177.643] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0177.643] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0177.643] SelectPalette (hdc=0x2c0107e5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.643] RestoreDC (hdc=0x2c0107e5, nSavedDC=-1) returned 1
[0177.643] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107e5) returned 0x0
[0177.643] IsAppThemed () returned 0x1
[0177.643] GetThemeAppProperties () returned 0x3
[0177.643] GetThemeAppProperties () returned 0x3
[0177.643] IsAppThemed () returned 0x1
[0177.644] GetThemeAppProperties () returned 0x3
[0177.644] GetThemeAppProperties () returned 0x3
[0177.644] IsThemePartDefined () returned 0x1
[0177.644] GdipCreateRegion (region=0xd7e118) returned 0x0
[0177.644] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0177.644] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0177.644] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0177.644] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e130) returned 0x0
[0177.644] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0177.644] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eead0) returned 0x0
[0177.644] LocalFree (hMem=0x11eead0) returned 0x0
[0177.644] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0177.644] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0177.644] LocalFree (hMem=0x11eec58) returned 0x0
[0177.644] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0177.644] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e158) returned 0x0
[0177.644] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e148) returned 0x0
[0177.644] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0177.644] GdipDeleteRegion (region=0x6646958) returned 0x0
[0177.645] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0177.645] GetCurrentObject (hdc=0x2c0107e5, type=0x1) returned 0xb00017
[0177.645] GetCurrentObject (hdc=0x2c0107e5, type=0x2) returned 0x900010
[0177.645] GetCurrentObject (hdc=0x2c0107e5, type=0x7) returned 0x4a0507fe
[0177.645] GetCurrentObject (hdc=0x2c0107e5, type=0x6) returned 0x8a01c2
[0177.645] SaveDC (hdc=0x2c0107e5) returned 1
[0177.645] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3e0407de
[0177.645] GetClipRgn (hdc=0x2c0107e5, hrgn=0x3e0407de) returned 0
[0177.645] SelectClipRgn (hdc=0x2c0107e5, hrgn=0xb7040807) returned 2
[0177.645] DeleteObject (ho=0x3e0407de) returned 1
[0177.645] DeleteObject (ho=0xb7040807) returned 1
[0177.645] OffsetViewportOrgEx (in: hdc=0x2c0107e5, x=0, y=0, lppt=0x2cc3800 | out: lppt=0x2cc3800) returned 1
[0177.645] IsAppThemed () returned 0x1
[0177.645] GetThemeAppProperties () returned 0x3
[0177.645] GetThemeAppProperties () returned 0x3
[0177.645] DrawThemeBackground () returned 0x0
[0177.646] RestoreDC (hdc=0x2c0107e5, nSavedDC=-1) returned 1
[0177.646] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107e5) returned 0x0
[0177.646] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0177.646] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0177.646] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0177.646] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0177.646] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e134) returned 0x0
[0177.646] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0177.646] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0177.646] LocalFree (hMem=0x11eec58) returned 0x0
[0177.646] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0177.646] LocalFree (hMem=0x11ee8d8) returned 0x0
[0177.646] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0177.646] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0177.646] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0177.646] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0177.646] GdipDeleteRegion (region=0x6646958) returned 0x0
[0177.646] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0177.646] GetCurrentObject (hdc=0x2c0107e5, type=0x1) returned 0xb00017
[0177.646] GetCurrentObject (hdc=0x2c0107e5, type=0x2) returned 0x900010
[0177.647] GetCurrentObject (hdc=0x2c0107e5, type=0x7) returned 0x4a0507fe
[0177.647] GetCurrentObject (hdc=0x2c0107e5, type=0x6) returned 0x8a01c2
[0177.647] SaveDC (hdc=0x2c0107e5) returned 1
[0177.647] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb8040807
[0177.647] GetClipRgn (hdc=0x2c0107e5, hrgn=0xb8040807) returned 0
[0177.647] SelectClipRgn (hdc=0x2c0107e5, hrgn=0x3f0407de) returned 2
[0177.647] DeleteObject (ho=0xb8040807) returned 1
[0177.647] DeleteObject (ho=0x3f0407de) returned 1
[0177.647] OffsetViewportOrgEx (in: hdc=0x2c0107e5, x=0, y=0, lppt=0x2cc3ad4 | out: lppt=0x2cc3ad4) returned 1
[0177.647] IsAppThemed () returned 0x1
[0177.647] GetThemeAppProperties () returned 0x3
[0177.647] GetThemeAppProperties () returned 0x3
[0177.647] GetThemeBackgroundContentRect () returned 0x0
[0177.647] RestoreDC (hdc=0x2c0107e5, nSavedDC=-1) returned 1
[0177.647] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107e5) returned 0x0
[0177.647] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0177.647] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0177.647] GdipFillRectangleI (graphics=0x6600030, brush=0x6656ac0, x=4, y=4, width=67, height=15) returned 0x0
[0177.647] GdipDeleteBrush (brush=0x6656ac0) returned 0x0
[0177.647] IsAppThemed () returned 0x1
[0177.648] GetThemeAppProperties () returned 0x3
[0177.648] GetThemeAppProperties () returned 0x3
[0177.648] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0177.648] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0177.648] GetCurrentObject (hdc=0x2c0107e5, type=0x1) returned 0xb00017
[0177.648] GetCurrentObject (hdc=0x2c0107e5, type=0x2) returned 0x900010
[0177.648] GetCurrentObject (hdc=0x2c0107e5, type=0x7) returned 0x4a0507fe
[0177.648] GetCurrentObject (hdc=0x2c0107e5, type=0x6) returned 0x8a01c2
[0177.648] SaveDC (hdc=0x2c0107e5) returned 1
[0177.648] GetTextAlign (hdc=0x2c0107e5) returned 0x0
[0177.648] GetTextColor (hdc=0x2c0107e5) returned 0x0
[0177.648] GetCurrentObject (hdc=0x2c0107e5, type=0x6) returned 0x8a01c2
[0177.648] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0177.648] SelectObject (hdc=0x2c0107e5, h=0x6d0a0520) returned 0x8a01c2
[0177.648] GetBkMode (hdc=0x2c0107e5) returned 2
[0177.648] SetBkMode (hdc=0x2c0107e5, mode=1) returned 2
[0177.649] DrawTextExW (in: hdc=0x2c0107e5, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2cc3e98 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0177.649] DrawTextExW (in: hdc=0x2c0107e5, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2cc3e98 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0177.649] RestoreDC (hdc=0x2c0107e5, nSavedDC=-1) returned 1
[0177.649] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107e5) returned 0x0
[0177.649] GetFocus () returned 0x602c4
[0177.649] IsAppThemed () returned 0x1
[0177.649] GetThemeAppProperties () returned 0x3
[0177.649] GetThemeAppProperties () returned 0x3
[0177.649] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0177.650] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x2c0107e5, x1=0, y1=0, rop=0xcc0020) returned 1
[0177.650] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107e5) returned 0x0
[0177.650] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.650] SelectObject (hdc=0x2c0107e5, h=0x85000f) returned 0x4a0507fe
[0177.650] DeleteDC (hdc=0x2c0107e5) returned 1
[0177.650] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.650] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0177.650] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cc3f94, cPoints=0x1 | out: lpPoints=0x2cc3f94) returned 40304859
[0177.650] WindowFromPoint (Point=0x101) returned 0x602c4
[0177.651] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0101) returned 0x1
[0177.651] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0177.651] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0177.651] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0177.651] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0177.651] GetSystemMetrics (nIndex=42) returned 0
[0177.651] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0177.651] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0177.652] GetCapture () returned 0x602c4
[0177.653] ReleaseCapture () returned 1
[0177.653] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0177.653] GetProcessWindowStation () returned 0x13c
[0177.653] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.654] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0177.655] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.655] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0177.655] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.655] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0177.655] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.655] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0177.655] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.656] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0177.656] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.656] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0177.656] GetDC (hWnd=0x0) returned 0x60100ce
[0177.656] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0177.656] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0177.656] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.656] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0177.657] GetSystemMetrics (nIndex=5) returned 1
[0177.657] GetSystemMetrics (nIndex=6) returned 1
[0177.657] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.657] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0177.657] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.657] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0177.664] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0177.664] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0177.664] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.665] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0177.665] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.665] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0177.666] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2ccb064 | out: lpData=0x2ccb064) returned 1
[0177.666] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ccb474, puLen=0xd7e810) returned 1
[0177.666] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb11c, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb170, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb1f0, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb258, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb298, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb320, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb35c, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb3b4, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb3e4, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb420, puLen=0xd7e790) returned 1
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ccb474, puLen=0xd7e784) returned 1
[0177.667] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.667] VerQueryValueW (in: pBlock=0x2ccb064, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ccb08c, puLen=0xd7e794) returned 1
[0177.668] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0177.668] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0177.668] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.668] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0177.668] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.668] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0177.668] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2cccfd4 | out: lpData=0x2cccfd4) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ccd070, puLen=0xd7e810) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd0e8, puLen=0xd7e790) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd118, puLen=0xd7e790) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd154, puLen=0xd7e790) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd184, puLen=0xd7e790) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd1cc, puLen=0xd7e790) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd244, puLen=0xd7e790) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd288, puLen=0xd7e790) returned 1
[0177.668] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd2c8, puLen=0xd7e790) returned 1
[0177.669] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd0c6, puLen=0xd7e790) returned 1
[0177.669] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccd214, puLen=0xd7e790) returned 1
[0177.669] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.692] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.692] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ccd070, puLen=0xd7e784) returned 1
[0177.692] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0177.692] VerQueryValueW (in: pBlock=0x2cccfd4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cccffc, puLen=0xd7e794) returned 1
[0177.693] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0177.693] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0177.693] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.693] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0177.693] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.693] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0177.694] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2ccf2ac | out: lpData=0x2ccf2ac) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ccf6c0, puLen=0xd7e810) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf364, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf3b8, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf414, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf474, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf4cc, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf554, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf5a8, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf600, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf630, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccf66c, puLen=0xd7e790) returned 1
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ccf6c0, puLen=0xd7e784) returned 1
[0177.695] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.695] VerQueryValueW (in: pBlock=0x2ccf2ac, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ccf2d4, puLen=0xd7e794) returned 1
[0177.696] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0177.696] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0177.696] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.696] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0177.696] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.696] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0177.697] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2cd18e4 | out: lpData=0x2cd18e4) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cd1ce4, puLen=0xd7e810) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd199c, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd19f0, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1a30, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1a98, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1af0, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1b78, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1bcc, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1c24, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1c54, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1c90, puLen=0xd7e790) returned 1
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cd1ce4, puLen=0xd7e784) returned 1
[0177.698] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.698] VerQueryValueW (in: pBlock=0x2cd18e4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd190c, puLen=0xd7e794) returned 1
[0177.699] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0177.699] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0177.699] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.699] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0177.699] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.699] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0177.702] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2cd4020 | out: lpData=0x2cd4020) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cd43e8, puLen=0xd7e810) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd40d8, puLen=0xd7e790) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd412c, puLen=0xd7e790) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd416c, puLen=0xd7e790) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd41d4, puLen=0xd7e790) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd4210, puLen=0xd7e790) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd4298, puLen=0xd7e790) returned 1
[0177.703] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd42d0, puLen=0xd7e790) returned 1
[0177.704] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd4328, puLen=0xd7e790) returned 1
[0177.704] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd4358, puLen=0xd7e790) returned 1
[0177.704] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.704] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd4394, puLen=0xd7e790) returned 1
[0177.704] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.704] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cd43e8, puLen=0xd7e784) returned 1
[0177.704] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.704] VerQueryValueW (in: pBlock=0x2cd4020, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd4048, puLen=0xd7e794) returned 1
[0177.705] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0177.705] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0177.705] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.705] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0177.705] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.705] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0177.706] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2cd7688 | out: lpData=0x2cd7688) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cd7a68, puLen=0xd7e810) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd7740, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd7794, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd77d4, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd7834, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd7880, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd7908, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd7950, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd79a8, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd79d8, puLen=0xd7e790) returned 1
[0177.707] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.708] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd7a14, puLen=0xd7e790) returned 1
[0177.708] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.708] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cd7a68, puLen=0xd7e784) returned 1
[0177.708] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.708] VerQueryValueW (in: pBlock=0x2cd7688, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd76b0, puLen=0xd7e794) returned 1
[0177.709] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0177.709] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0177.709] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.709] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0177.709] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.709] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0177.710] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2cd9ea8 | out: lpData=0x2cd9ea8) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cda2b4, puLen=0xd7e810) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd9f60, puLen=0xd7e790) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd9fb4, puLen=0xd7e790) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda008, puLen=0xd7e790) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda068, puLen=0xd7e790) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda0c0, puLen=0xd7e790) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda148, puLen=0xd7e790) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda19c, puLen=0xd7e790) returned 1
[0177.711] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda1f4, puLen=0xd7e790) returned 1
[0177.712] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda224, puLen=0xd7e790) returned 1
[0177.712] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.712] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cda260, puLen=0xd7e790) returned 1
[0177.712] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.712] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cda2b4, puLen=0xd7e784) returned 1
[0177.712] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.712] VerQueryValueW (in: pBlock=0x2cd9ea8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd9ed0, puLen=0xd7e794) returned 1
[0177.713] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0177.713] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0177.713] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.713] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0177.713] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.713] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0177.714] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cdc6bc | out: lpData=0x2cdc6bc) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cdca94, puLen=0xd7e810) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc774, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc7c8, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc808, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc870, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc8b4, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc93c, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc97c, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdc9d4, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdca04, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdca40, puLen=0xd7e790) returned 1
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.715] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cdca94, puLen=0xd7e784) returned 1
[0177.715] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.717] VerQueryValueW (in: pBlock=0x2cdc6bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cdc6e4, puLen=0xd7e794) returned 1
[0177.718] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0177.718] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0177.718] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.718] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0177.718] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.718] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0177.719] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cdec14 | out: lpData=0x2cdec14) returned 1
[0177.720] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cdefec, puLen=0xd7e810) returned 1
[0177.720] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdeccc, puLen=0xd7e790) returned 1
[0177.720] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cded20, puLen=0xd7e790) returned 1
[0177.720] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cded60, puLen=0xd7e790) returned 1
[0177.720] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdedc8, puLen=0xd7e790) returned 1
[0177.720] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdee0c, puLen=0xd7e790) returned 1
[0177.720] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdee94, puLen=0xd7e790) returned 1
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdeed4, puLen=0xd7e790) returned 1
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdef2c, puLen=0xd7e790) returned 1
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdef5c, puLen=0xd7e790) returned 1
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cdef98, puLen=0xd7e790) returned 1
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cdefec, puLen=0xd7e784) returned 1
[0177.721] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.721] VerQueryValueW (in: pBlock=0x2cdec14, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cdec3c, puLen=0xd7e794) returned 1
[0177.722] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0177.722] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0177.722] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0177.722] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0177.722] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0177.722] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0177.723] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2ce134c | out: lpData=0x2ce134c) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ce177c, puLen=0xd7e810) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce1404, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce1458, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce14c8, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce1528, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce1584, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce160c, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce1664, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce16bc, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce16ec, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce1728, puLen=0xd7e790) returned 1
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ce177c, puLen=0xd7e784) returned 1
[0177.724] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0177.724] VerQueryValueW (in: pBlock=0x2ce134c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ce1374, puLen=0xd7e794) returned 1
[0177.725] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0177.725] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.725] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0177.726] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.726] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.726] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa005a
[0177.727] SetWindowLongW (hWnd=0xa005a, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0177.727] GetWindowLongW (hWnd=0xa005a, nIndex=-4) returned 1950089536
[0177.727] SetWindowLongW (hWnd=0xa005a, nIndex=-4, dwNewLong=19942686) returned 1950089536
[0177.727] GetWindowLongW (hWnd=0xa005a, nIndex=-4) returned 19942686
[0177.727] GetWindowLongW (hWnd=0xa005a, nIndex=-16) returned 113311744
[0177.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0177.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0177.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0177.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0177.729] GetClientRect (in: hWnd=0xa005a, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0177.729] GetWindowRect (in: hWnd=0xa005a, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0177.729] SetWindowTextW (hWnd=0xa005a, lpString="WindowsFormsParkingWindow") returned 1
[0177.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0xc, wParam=0x0, lParam=0x2ca526c) returned 0x1
[0177.730] GetParent (hWnd=0xa005a) returned 0x0
[0177.730] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.730] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xa005a, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc02da
[0177.730] SetWindowLongW (hWnd=0xc02da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0177.730] GetWindowLongW (hWnd=0xc02da, nIndex=-4) returned 1868147648
[0177.731] SetWindowLongW (hWnd=0xc02da, nIndex=-4, dwNewLong=19942526) returned 1868147648
[0177.731] GetWindowLongW (hWnd=0xc02da, nIndex=-4) returned 19942526
[0177.731] GetWindowLongW (hWnd=0xc02da, nIndex=-16) returned 1174405133
[0177.731] GetWindowLongW (hWnd=0xc02da, nIndex=-12) returned 0
[0177.731] SetWindowLongW (hWnd=0xc02da, nIndex=-12, dwNewLong=787162) returned 0
[0177.731] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0177.732] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0177.732] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0177.733] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0177.733] GetWindowRect (in: hWnd=0xc02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0177.733] GetParent (hWnd=0xc02da) returned 0xa005a
[0177.733] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa005a, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0177.734] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0177.734] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0177.734] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0177.734] GetWindowRect (in: hWnd=0xc02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0177.734] GetParent (hWnd=0xc02da) returned 0xa005a
[0177.734] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa005a, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0177.734] SendMessageW (hWnd=0xc02da, Msg=0x2210, wParam=0x2da0001, lParam=0xc02da) returned 0x0
[0177.734] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x2210, wParam=0x2da0001, lParam=0xc02da) returned 0x0
[0177.734] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.734] GetParent (hWnd=0xc02da) returned 0xa005a
[0177.734] GdipCreateFromHWND (hwnd=0xc02da, graphics=0xd7e844) returned 0x0
[0177.735] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0177.735] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.735] GetForegroundWindow () returned 0x7005c
[0177.735] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.736] GetSystemMetrics (nIndex=42) returned 0
[0177.736] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0177.736] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0177.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.736] GetSystemMetrics (nIndex=42) returned 0
[0177.736] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0177.736] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.737] GetCursorPos (in: lpPoint=0x2ce57d0 | out: lpPoint=0x2ce57d0*(x=257, y=622)) returned 1
[0177.737] MonitorFromPoint (pt=0x101, dwFlags=0x26e) returned 0x10001
[0177.737] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0177.737] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2f0107e5
[0177.737] GetDeviceCaps (hdc=0x2f0107e5, index=12) returned 32
[0177.737] GetDeviceCaps (hdc=0x2f0107e5, index=14) returned 1
[0177.737] DeleteDC (hdc=0x2f0107e5) returned 1
[0177.737] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0177.737] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0177.737] GetSystemMetrics (nIndex=59) returned 1460
[0177.737] GetSystemMetrics (nIndex=60) returned 920
[0177.737] GetSystemMetrics (nIndex=34) returned 136
[0177.737] GetSystemMetrics (nIndex=35) returned 39
[0177.738] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.738] GetCursorPos (in: lpPoint=0x2ce5a3c | out: lpPoint=0x2ce5a3c*(x=257, y=622)) returned 1
[0177.738] MonitorFromPoint (pt=0x101, dwFlags=0x26e) returned 0x10001
[0177.738] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0177.738] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x300107e5
[0177.738] GetDeviceCaps (hdc=0x300107e5, index=12) returned 32
[0177.738] GetDeviceCaps (hdc=0x300107e5, index=14) returned 1
[0177.738] DeleteDC (hdc=0x300107e5) returned 1
[0177.739] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0177.739] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0177.739] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.739] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0177.739] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2ce5cd4 | out: piconinfo=0x2ce5cd4) returned 1
[0177.739] GetObjectW (in: h=0xbd050671, c=24, pv=0x2ce5cf0 | out: pv=0x2ce5cf0) returned 24
[0177.740] GdipCreateBitmapFromHBITMAP (hbm=0xbd050671, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0177.741] GdipGetImageWidth (image=0x6603ac0, width=0xd7e750) returned 0x0
[0177.741] GdipGetImageHeight (image=0x6603ac0, height=0xd7e748) returned 0x0
[0177.741] GdipGetImagePixelFormat (image=0x6603ac0, format=0xd7e740) returned 0x0
[0177.741] GdipBitmapLockBits (bitmap=0x6603ac0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2ce5da8) returned 0x0
[0177.742] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0177.742] GdipBitmapLockBits (bitmap=0x6600640, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2ce5de0) returned 0x0
[0177.742] RtlMoveMemory (in: Destination=0x665ff50, Source=0x665eec0, Length=0x80 | out: Destination=0x665ff50)
[0177.742] RtlMoveMemory (in: Destination=0x665ffd0, Source=0x665ee40, Length=0x80 | out: Destination=0x665ffd0)
[0177.742] RtlMoveMemory (in: Destination=0x6660050, Source=0x665edc0, Length=0x80 | out: Destination=0x6660050)
[0177.742] RtlMoveMemory (in: Destination=0x66600d0, Source=0x665ed40, Length=0x80 | out: Destination=0x66600d0)
[0177.742] RtlMoveMemory (in: Destination=0x6660150, Source=0x665ecc0, Length=0x80 | out: Destination=0x6660150)
[0177.742] RtlMoveMemory (in: Destination=0x66601d0, Source=0x665ec40, Length=0x80 | out: Destination=0x66601d0)
[0177.742] RtlMoveMemory (in: Destination=0x6660250, Source=0x665ebc0, Length=0x80 | out: Destination=0x6660250)
[0177.742] RtlMoveMemory (in: Destination=0x66602d0, Source=0x665eb40, Length=0x80 | out: Destination=0x66602d0)
[0177.742] RtlMoveMemory (in: Destination=0x6660350, Source=0x665eac0, Length=0x80 | out: Destination=0x6660350)
[0177.742] RtlMoveMemory (in: Destination=0x66603d0, Source=0x665ea40, Length=0x80 | out: Destination=0x66603d0)
[0177.742] RtlMoveMemory (in: Destination=0x6660450, Source=0x665e9c0, Length=0x80 | out: Destination=0x6660450)
[0177.742] RtlMoveMemory (in: Destination=0x66604d0, Source=0x665e940, Length=0x80 | out: Destination=0x66604d0)
[0177.742] RtlMoveMemory (in: Destination=0x6660550, Source=0x665e8c0, Length=0x80 | out: Destination=0x6660550)
[0177.742] RtlMoveMemory (in: Destination=0x66605d0, Source=0x665e840, Length=0x80 | out: Destination=0x66605d0)
[0177.743] RtlMoveMemory (in: Destination=0x6660650, Source=0x665e7c0, Length=0x80 | out: Destination=0x6660650)
[0177.743] RtlMoveMemory (in: Destination=0x66606d0, Source=0x665e740, Length=0x80 | out: Destination=0x66606d0)
[0177.743] RtlMoveMemory (in: Destination=0x6660750, Source=0x665e6c0, Length=0x80 | out: Destination=0x6660750)
[0177.743] RtlMoveMemory (in: Destination=0x66607d0, Source=0x665e640, Length=0x80 | out: Destination=0x66607d0)
[0177.743] RtlMoveMemory (in: Destination=0x6660850, Source=0x665e5c0, Length=0x80 | out: Destination=0x6660850)
[0177.743] RtlMoveMemory (in: Destination=0x66608d0, Source=0x665e540, Length=0x80 | out: Destination=0x66608d0)
[0177.743] RtlMoveMemory (in: Destination=0x6660950, Source=0x665e4c0, Length=0x80 | out: Destination=0x6660950)
[0177.743] RtlMoveMemory (in: Destination=0x66609d0, Source=0x665e440, Length=0x80 | out: Destination=0x66609d0)
[0177.743] RtlMoveMemory (in: Destination=0x6660a50, Source=0x665e3c0, Length=0x80 | out: Destination=0x6660a50)
[0177.743] RtlMoveMemory (in: Destination=0x6660ad0, Source=0x665e340, Length=0x80 | out: Destination=0x6660ad0)
[0177.743] RtlMoveMemory (in: Destination=0x6660b50, Source=0x665e2c0, Length=0x80 | out: Destination=0x6660b50)
[0177.743] RtlMoveMemory (in: Destination=0x6660bd0, Source=0x665e240, Length=0x80 | out: Destination=0x6660bd0)
[0177.743] RtlMoveMemory (in: Destination=0x6660c50, Source=0x665e1c0, Length=0x80 | out: Destination=0x6660c50)
[0177.743] RtlMoveMemory (in: Destination=0x6660cd0, Source=0x665e140, Length=0x80 | out: Destination=0x6660cd0)
[0177.743] RtlMoveMemory (in: Destination=0x6660d50, Source=0x665e0c0, Length=0x80 | out: Destination=0x6660d50)
[0177.743] RtlMoveMemory (in: Destination=0x6660dd0, Source=0x665e040, Length=0x80 | out: Destination=0x6660dd0)
[0177.743] RtlMoveMemory (in: Destination=0x6660e50, Source=0x665dfc0, Length=0x80 | out: Destination=0x6660e50)
[0177.743] RtlMoveMemory (in: Destination=0x6660ed0, Source=0x665df40, Length=0x80 | out: Destination=0x6660ed0)
[0177.744] GdipBitmapUnlockBits (bitmap=0x6603ac0, lockedBitmapData=0x2ce5da8) returned 0x0
[0177.744] GdipBitmapUnlockBits (bitmap=0x6600640, lockedBitmapData=0x2ce5de0) returned 0x0
[0177.744] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0177.744] DeleteObject (ho=0xbd050671) returned 1
[0177.744] DeleteObject (ho=0x310507e5) returned 1
[0177.744] GetCurrentThreadId () returned 0xf50
[0177.744] GetCurrentThreadId () returned 0xf50
[0177.744] SetWindowPos (hWnd=0xc02da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0177.744] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0177.744] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0177.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0177.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0177.745] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0177.745] GetWindowRect (in: hWnd=0xc02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0177.745] GetParent (hWnd=0xc02da) returned 0xa005a
[0177.745] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa005a, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0177.745] InvalidateRect (hWnd=0xc02da, lpRect=0x0, bErase=1) returned 1
[0177.745] GetWindowTextLengthW (hWnd=0xc02da) returned 0
[0177.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0177.745] GetSystemMetrics (nIndex=42) returned 0
[0177.745] GetWindowTextW (in: hWnd=0xc02da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0177.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0177.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0177.745] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0177.745] GetWindowRect (in: hWnd=0xc02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0177.745] GetParent (hWnd=0xc02da) returned 0xa005a
[0177.745] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa005a, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0177.746] GetWindowTextLengthW (hWnd=0xc02da) returned 0
[0177.746] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0177.746] GetSystemMetrics (nIndex=42) returned 0
[0177.746] GetWindowTextW (in: hWnd=0xc02da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0177.746] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0177.746] GetWindowTextLengthW (hWnd=0xc02da) returned 0
[0177.746] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0177.746] GetSystemMetrics (nIndex=42) returned 0
[0177.746] GetWindowTextW (in: hWnd=0xc02da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0177.746] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0177.746] SetWindowTextW (hWnd=0xc02da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0177.746] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xc, wParam=0x0, lParam=0x2cc5588) returned 0x1
[0177.746] InvalidateRect (hWnd=0xc02da, lpRect=0x0, bErase=1) returned 1
[0177.746] GetCurrentThreadId () returned 0xf50
[0177.746] GetWindowThreadProcessId (in: hWnd=0xc02da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0177.747] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0177.748] GdipImageForceValidation (image=0x6600988) returned 0x0
[0177.750] GdipGetImageRawFormat (image=0x6600988, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0177.750] GdipGetImageHeight (image=0x6600988, height=0xd7e824) returned 0x0
[0177.750] GdipGetImageWidth (image=0x6600988, width=0xd7e824) returned 0x0
[0177.750] GdipGetImageWidth (image=0x6600988, width=0xd7e810) returned 0x0
[0177.750] GdipGetImageHeight (image=0x6600988, height=0xd7e810) returned 0x0
[0177.750] GdipGetImageWidth (image=0x6600988, width=0xd7e800) returned 0x0
[0177.750] GdipGetImageHeight (image=0x6600988, height=0xd7e800) returned 0x0
[0177.750] GdipBitmapGetPixel (bitmap=0x6600988, x=0, y=15, color=0xd7e810) returned 0x0
[0177.750] GdipGetImageRawFormat (image=0x6600988, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0177.750] GdipGetImageWidth (image=0x6600988, width=0xd7e740) returned 0x0
[0177.750] GdipGetImageHeight (image=0x6600988, height=0xd7e740) returned 0x0
[0177.750] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0177.750] GdipGetImagePixelFormat (image=0x6601018, format=0xd7e740) returned 0x0
[0177.750] GdipGetImageGraphicsContext (image=0x6601018, graphics=0xd7e74c) returned 0x0
[0177.751] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0177.751] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0177.751] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0177.751] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600988, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0177.751] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0177.751] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.751] GdipDisposeImage (image=0x6600988) returned 0x0
[0177.752] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0177.753] GdipImageForceValidation (image=0x6602a58) returned 0x0
[0177.754] GdipGetImageRawFormat (image=0x6602a58, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0177.754] GdipGetImageHeight (image=0x6602a58, height=0xd7e824) returned 0x0
[0177.754] GdipGetImageWidth (image=0x6602a58, width=0xd7e824) returned 0x0
[0177.754] GdipGetImageWidth (image=0x6602a58, width=0xd7e810) returned 0x0
[0177.754] GdipGetImageHeight (image=0x6602a58, height=0xd7e810) returned 0x0
[0177.754] GdipGetImageWidth (image=0x6602a58, width=0xd7e800) returned 0x0
[0177.754] GdipGetImageHeight (image=0x6602a58, height=0xd7e800) returned 0x0
[0177.754] GdipBitmapGetPixel (bitmap=0x6602a58, x=0, y=15, color=0xd7e810) returned 0x0
[0177.754] GdipGetImageRawFormat (image=0x6602a58, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0177.754] GdipGetImageWidth (image=0x6602a58, width=0xd7e740) returned 0x0
[0177.754] GdipGetImageHeight (image=0x6602a58, height=0xd7e740) returned 0x0
[0177.755] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0177.755] GdipGetImagePixelFormat (image=0x6604150, format=0xd7e740) returned 0x0
[0177.755] GdipGetImageGraphicsContext (image=0x6604150, graphics=0xd7e74c) returned 0x0
[0177.755] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0177.755] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0177.755] GdipSetImageAttributesColorKeys (imageattr=0x6638c68, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0177.755] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602a58, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c68, callback=0x0, callbackData=0x0) returned 0x0
[0177.755] GdipDisposeImageAttributes (imageattr=0x6638c68) returned 0x0
[0177.755] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.755] GdipDisposeImage (image=0x6602a58) returned 0x0
[0177.756] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.756] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0177.756] GetCurrentThreadId () returned 0xf50
[0177.756] GetCurrentThreadId () returned 0xf50
[0177.756] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.756] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0177.757] GetCurrentThreadId () returned 0xf50
[0177.757] GetCurrentThreadId () returned 0xf50
[0177.757] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.757] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0177.757] GetCurrentThreadId () returned 0xf50
[0177.757] GetCurrentThreadId () returned 0xf50
[0177.757] GetSystemMetrics (nIndex=5) returned 1
[0177.757] GetSystemMetrics (nIndex=6) returned 1
[0177.757] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.757] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0177.758] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.758] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0177.758] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.758] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0177.758] GetCurrentThreadId () returned 0xf50
[0177.758] GetCurrentThreadId () returned 0xf50
[0177.758] GetProcessWindowStation () returned 0x13c
[0177.758] GetCapture () returned 0x0
[0177.758] GetActiveWindow () returned 0x7005c
[0177.759] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0177.759] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.759] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0177.759] GetCursorPos (in: lpPoint=0x2ce6f20 | out: lpPoint=0x2ce6f20*(x=257, y=622)) returned 1
[0177.759] MonitorFromPoint (pt=0xfe, dwFlags=0x26b) returned 0x10001
[0177.759] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0177.759] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x320107e5
[0177.759] GetDeviceCaps (hdc=0x320107e5, index=12) returned 32
[0177.760] GetDeviceCaps (hdc=0x320107e5, index=14) returned 1
[0177.760] DeleteDC (hdc=0x320107e5) returned 1
[0177.760] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0177.760] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.760] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc02dc
[0177.761] SetWindowLongW (hWnd=0xc02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0177.761] GetWindowLongW (hWnd=0xc02dc, nIndex=-4) returned 1950089536
[0177.761] SetWindowLongW (hWnd=0xc02dc, nIndex=-4, dwNewLong=19942806) returned 1950089536
[0177.761] GetWindowLongW (hWnd=0xc02dc, nIndex=-4) returned 19942806
[0177.761] GetWindowLongW (hWnd=0xc02dc, nIndex=-16) returned 113770496
[0177.761] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0177.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0177.763] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0177.763] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0177.763] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0177.764] SetWindowTextW (hWnd=0xc02dc, lpString="BB ransomware") returned 1
[0177.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xc, wParam=0x0, lParam=0x2ce56bc) returned 0x1
[0177.765] GetStartupInfoW (in: lpStartupInfo=0x2ce725c | out: lpStartupInfo=0x2ce725c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0177.766] GetParent (hWnd=0xc02dc) returned 0x0
[0177.766] SetWindowLongW (hWnd=0xc02dc, nIndex=-8, dwNewLong=0) returned 0
[0177.767] SendMessageW (hWnd=0xc02dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0177.767] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0177.767] SendMessageW (hWnd=0xc02dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0177.767] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0177.767] GetSystemMenu (hWnd=0xc02dc, bRevert=0) returned 0x4000df
[0177.768] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0177.768] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0177.768] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0177.768] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0177.768] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0177.768] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0177.768] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0177.768] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0177.768] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0177.768] SetWindowPos (hWnd=0xc02dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0177.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0177.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0xc02dc) returned 0x1
[0177.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0177.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0177.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0177.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0177.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0177.775] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0xc02dc, lParam=0x0) returned 0x0
[0177.775] GetCapture () returned 0x0
[0177.775] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0177.776] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0177.778] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0177.783] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0177.783] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0177.784] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0177.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0177.784] GetParent (hWnd=0xc02dc) returned 0x0
[0177.784] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0177.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0177.788] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0177.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0177.788] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0177.788] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0177.789] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0177.789] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0177.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0177.791] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.791] GetWindowLongW (hWnd=0xc02dc, nIndex=-16) returned 113770496
[0177.792] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.792] GetSystemMetrics (nIndex=42) returned 0
[0177.792] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0177.792] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.792] GetSystemMetrics (nIndex=42) returned 0
[0177.792] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0177.792] GetCursorPos (in: lpPoint=0x2ce7498 | out: lpPoint=0x2ce7498*(x=257, y=622)) returned 1
[0177.792] MonitorFromPoint (pt=0x101, dwFlags=0x26e) returned 0x10001
[0177.792] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0177.792] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xe0107d7
[0177.793] GetDeviceCaps (hdc=0xe0107d7, index=12) returned 32
[0177.793] GetDeviceCaps (hdc=0xe0107d7, index=14) returned 1
[0177.793] DeleteDC (hdc=0xe0107d7) returned 1
[0177.793] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0177.793] GetWindowLongW (hWnd=0xc02dc, nIndex=-16) returned 113770496
[0177.793] GetWindowLongW (hWnd=0xc02dc, nIndex=-20) returned 327945
[0177.793] SetWindowLongW (hWnd=0xc02dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0177.794] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0177.794] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0177.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0177.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0177.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0177.796] SetWindowLongW (hWnd=0xc02dc, nIndex=-20, dwNewLong=327681) returned 327945
[0177.797] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0177.797] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0177.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0177.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0177.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0177.799] SetWindowPos (hWnd=0xc02dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0177.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0177.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0177.799] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0177.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0177.800] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0177.800] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0177.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0177.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0177.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0177.802] RedrawWindow (hWnd=0xc02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0177.802] GetSystemMenu (hWnd=0xc02dc, bRevert=0) returned 0x4000df
[0177.802] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0177.802] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0177.802] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0177.802] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0177.802] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0177.802] EnableMenuItem (hMenu=0x4000df, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0177.802] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0177.802] GetWindowLongW (hWnd=0xc02dc, nIndex=-8) returned 0
[0177.802] SetWindowLongW (hWnd=0xc02dc, nIndex=-8, dwNewLong=458844) returned 0
[0177.803] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0177.803] GetProcessWindowStation () returned 0x13c
[0177.803] GetCurrentThreadId () returned 0xf50
[0177.804] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304eae, lParam=0x0) returned 1
[0177.804] IsWindowVisible (hWnd=0xc02dc) returned 0
[0177.804] IsWindowVisible (hWnd=0x7005c) returned 1
[0177.804] IsWindowEnabled (hWnd=0x7005c) returned 1
[0177.804] IsWindowVisible (hWnd=0x300ec) returned 0
[0177.804] IsWindowVisible (hWnd=0x502c6) returned 0
[0177.804] IsWindowVisible (hWnd=0x502be) returned 0
[0177.804] GetActiveWindow () returned 0xc02dc
[0177.804] GetFocus () returned 0xc02dc
[0177.804] IsWindow (hWnd=0x7005c) returned 1
[0177.804] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0177.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0177.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0177.805] GetWindowLongW (hWnd=0xc02dc, nIndex=-8) returned 458844
[0177.805] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0177.805] GetCurrentThreadId () returned 0xf50
[0177.805] GetWindowLongW (hWnd=0xc02dc, nIndex=-8) returned 458844
[0177.805] IsWindowEnabled (hWnd=0x7005c) returned 0
[0177.805] IsWindowEnabled (hWnd=0xc02dc) returned 1
[0177.805] ShowWindow (hWnd=0xc02dc, nCmdShow=5) returned 0
[0177.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.805] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0177.806] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.806] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.806] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0xc02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf00ea
[0177.807] SetWindowLongW (hWnd=0xf00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0177.807] GetWindowLongW (hWnd=0xf00ea, nIndex=-4) returned 1950089536
[0177.807] SetWindowLongW (hWnd=0xf00ea, nIndex=-4, dwNewLong=19943486) returned 1950089536
[0177.807] GetWindowLongW (hWnd=0xf00ea, nIndex=-4) returned 19943486
[0177.807] GetWindowLongW (hWnd=0xf00ea, nIndex=-16) returned 1174405120
[0177.807] GetWindowLongW (hWnd=0xf00ea, nIndex=-12) returned 0
[0177.807] SetWindowLongW (hWnd=0xf00ea, nIndex=-12, dwNewLong=983274) returned 0
[0177.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0177.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0177.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0177.808] GetWindow (hWnd=0xf00ea, uCmd=0x3) returned 0x0
[0177.808] GetClientRect (in: hWnd=0xf00ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0177.808] GetWindowRect (in: hWnd=0xf00ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0177.808] GetParent (hWnd=0xf00ea) returned 0xc02dc
[0177.808] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0177.809] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0177.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0177.818] GetClientRect (in: hWnd=0xf00ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0177.818] GetWindowRect (in: hWnd=0xf00ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0177.818] GetParent (hWnd=0xf00ea) returned 0xc02dc
[0177.818] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0177.818] SendMessageW (hWnd=0xf00ea, Msg=0x2210, wParam=0xea0001, lParam=0xf00ea) returned 0x0
[0177.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x2210, wParam=0xea0001, lParam=0xf00ea) returned 0x0
[0177.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.819] GetParent (hWnd=0xf00ea) returned 0xc02dc
[0177.819] GetParent (hWnd=0xc02da) returned 0xa005a
[0177.819] SetParent (hWndChild=0xc02da, hWndNewParent=0xc02dc) returned 0xa005a
[0177.819] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0177.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0177.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0177.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0177.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0177.820] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0177.820] GetWindowRect (in: hWnd=0xc02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0177.820] GetParent (hWnd=0xc02da) returned 0xc02dc
[0177.820] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0177.821] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0177.821] GetWindowRect (in: hWnd=0xc02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0177.821] GetParent (hWnd=0xc02da) returned 0xc02dc
[0177.821] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0177.821] GetParent (hWnd=0xc02da) returned 0xc02dc
[0177.821] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.821] GetWindow (hWnd=0xc02da, uCmd=0x3) returned 0x0
[0177.821] SetWindowPos (hWnd=0xc02da, hWndInsertAfter=0xf00ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0177.821] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0177.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0177.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0177.822] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0177.822] GetWindowRect (in: hWnd=0xc02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0177.822] GetParent (hWnd=0xc02da) returned 0xc02dc
[0177.822] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0177.822] GetParent (hWnd=0xc02da) returned 0xc02dc
[0177.822] GetWindow (hWnd=0xc02da, uCmd=0x3) returned 0xf00ea
[0177.822] GetWindowThreadProcessId (in: hWnd=0xc02da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0177.822] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0177.823] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.823] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.823] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0xc02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe013e
[0177.824] SetWindowLongW (hWnd=0xe013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0177.824] GetWindowLongW (hWnd=0xe013e, nIndex=-4) returned 1868032000
[0177.824] SetWindowLongW (hWnd=0xe013e, nIndex=-4, dwNewLong=19943126) returned 1868032000
[0177.824] GetWindowLongW (hWnd=0xe013e, nIndex=-4) returned 19943126
[0177.824] GetWindowLongW (hWnd=0xe013e, nIndex=-16) returned 1174470667
[0177.824] GetWindowLongW (hWnd=0xe013e, nIndex=-12) returned 0
[0177.824] SetWindowLongW (hWnd=0xe013e, nIndex=-12, dwNewLong=917822) returned 0
[0177.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0177.825] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0177.825] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0177.827] SendMessageW (hWnd=0xe013e, Msg=0x2055, wParam=0xe013e, lParam=0x3) returned 0x2
[0177.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0177.827] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0177.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0177.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0177.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0177.827] RedrawWindow (hWnd=0xf00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0177.827] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0177.827] RedrawWindow (hWnd=0xc02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0177.828] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0177.828] RedrawWindow (hWnd=0xe013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0177.828] RedrawWindow (hWnd=0xc02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0177.828] GetWindow (hWnd=0xe013e, uCmd=0x3) returned 0xc02da
[0177.828] GetClientRect (in: hWnd=0xe013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0177.828] GetWindowRect (in: hWnd=0xe013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0177.828] GetParent (hWnd=0xe013e) returned 0xc02dc
[0177.828] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0177.828] SetWindowTextW (hWnd=0xe013e, lpString="&Details") returned 1
[0177.828] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0177.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0177.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0177.829] GetClientRect (in: hWnd=0xe013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0177.829] GetWindowRect (in: hWnd=0xe013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0177.829] GetParent (hWnd=0xe013e) returned 0xc02dc
[0177.829] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0177.829] SendMessageW (hWnd=0xe013e, Msg=0x2210, wParam=0x13e0001, lParam=0xe013e) returned 0x0
[0177.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x2210, wParam=0x13e0001, lParam=0xe013e) returned 0x0
[0177.830] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.830] GetParent (hWnd=0xe013e) returned 0xc02dc
[0177.830] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0177.830] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.831] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.831] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0xc02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd02d2
[0177.831] SetWindowLongW (hWnd=0xd02d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0177.831] GetWindowLongW (hWnd=0xd02d2, nIndex=-4) returned 1868032000
[0177.832] SetWindowLongW (hWnd=0xd02d2, nIndex=-4, dwNewLong=19943166) returned 1868032000
[0177.832] GetWindowLongW (hWnd=0xd02d2, nIndex=-4) returned 19943166
[0177.832] GetWindowLongW (hWnd=0xd02d2, nIndex=-16) returned 1174470667
[0177.832] GetWindowLongW (hWnd=0xd02d2, nIndex=-12) returned 0
[0177.832] SetWindowLongW (hWnd=0xd02d2, nIndex=-12, dwNewLong=852690) returned 0
[0177.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0177.833] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0177.833] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0177.834] SendMessageW (hWnd=0xd02d2, Msg=0x2055, wParam=0xd02d2, lParam=0x3) returned 0x2
[0177.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0177.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0177.834] GetWindow (hWnd=0xd02d2, uCmd=0x3) returned 0xe013e
[0177.834] GetClientRect (in: hWnd=0xd02d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0177.834] GetWindowRect (in: hWnd=0xd02d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0177.834] GetParent (hWnd=0xd02d2) returned 0xc02dc
[0177.834] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0177.834] SetWindowTextW (hWnd=0xd02d2, lpString="&Continue") returned 1
[0177.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0177.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0177.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0177.835] GetClientRect (in: hWnd=0xd02d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0177.835] GetWindowRect (in: hWnd=0xd02d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0177.835] GetParent (hWnd=0xd02d2) returned 0xc02dc
[0177.835] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0177.835] SendMessageW (hWnd=0xd02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xd02d2) returned 0x0
[0177.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xd02d2) returned 0x0
[0177.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.836] GetParent (hWnd=0xd02d2) returned 0xc02dc
[0177.836] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0177.836] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.836] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.837] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0xc02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02d8
[0177.837] SetWindowLongW (hWnd=0xe02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0177.837] GetWindowLongW (hWnd=0xe02d8, nIndex=-4) returned 1868032000
[0177.837] SetWindowLongW (hWnd=0xe02d8, nIndex=-4, dwNewLong=19943206) returned 1868032000
[0177.837] GetWindowLongW (hWnd=0xe02d8, nIndex=-4) returned 19943206
[0177.838] GetWindowLongW (hWnd=0xe02d8, nIndex=-16) returned 1174470667
[0177.838] GetWindowLongW (hWnd=0xe02d8, nIndex=-12) returned 0
[0177.838] SetWindowLongW (hWnd=0xe02d8, nIndex=-12, dwNewLong=918232) returned 0
[0177.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0177.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0177.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0177.839] SendMessageW (hWnd=0xe02d8, Msg=0x2055, wParam=0xe02d8, lParam=0x3) returned 0x2
[0177.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0177.840] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0177.840] GetWindow (hWnd=0xe02d8, uCmd=0x3) returned 0xd02d2
[0177.840] GetClientRect (in: hWnd=0xe02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0177.840] GetWindowRect (in: hWnd=0xe02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0177.840] GetParent (hWnd=0xe02d8) returned 0xc02dc
[0177.840] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0177.840] SetWindowTextW (hWnd=0xe02d8, lpString="&Quit") returned 1
[0177.840] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0177.841] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0177.841] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0177.841] GetClientRect (in: hWnd=0xe02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0177.841] GetWindowRect (in: hWnd=0xe02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0177.842] GetParent (hWnd=0xe02d8) returned 0xc02dc
[0177.842] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0177.842] SendMessageW (hWnd=0xe02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xe02d8) returned 0x0
[0177.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x2210, wParam=0x2d80001, lParam=0xe02d8) returned 0x0
[0177.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.842] GetParent (hWnd=0xe02d8) returned 0xc02dc
[0177.842] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0177.843] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.843] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0177.843] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0xc02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc02de
[0177.843] SetWindowLongW (hWnd=0xc02de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0177.844] GetWindowLongW (hWnd=0xc02de, nIndex=-4) returned 1868026976
[0177.844] SetWindowLongW (hWnd=0xc02de, nIndex=-4, dwNewLong=19943246) returned 1868026976
[0177.844] GetWindowLongW (hWnd=0xc02de, nIndex=-4) returned 19943246
[0177.844] GetWindowLongW (hWnd=0xc02de, nIndex=-16) returned 1177553092
[0177.844] GetWindowLongW (hWnd=0xc02de, nIndex=-12) returned 0
[0177.844] SetWindowLongW (hWnd=0xc02de, nIndex=-12, dwNewLong=787166) returned 0
[0177.845] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0177.846] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0177.847] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0177.891] GetWindow (hWnd=0xc02de, uCmd=0x3) returned 0xe02d8
[0177.891] GetClientRect (in: hWnd=0xc02de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0177.891] GetWindowRect (in: hWnd=0xc02de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0177.891] GetParent (hWnd=0xc02de) returned 0xc02dc
[0177.891] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0177.891] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.891] GetSystemMetrics (nIndex=42) returned 0
[0177.891] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0177.892] SendMessageW (hWnd=0xc02de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0177.892] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0177.897] SetWindowTextW (hWnd=0xc02de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0177.897] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0xc, wParam=0x0, lParam=0x2ce30a4) returned 0x1
[0177.900] GetSystemMetrics (nIndex=5) returned 1
[0177.900] GetSystemMetrics (nIndex=6) returned 1
[0177.900] SendMessageW (hWnd=0xc02de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0177.900] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0177.900] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0177.901] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0177.901] GetClientRect (in: hWnd=0xc02de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0177.901] GetWindowRect (in: hWnd=0xc02de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0177.901] GetParent (hWnd=0xc02de) returned 0xc02dc
[0177.901] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xc02dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0177.901] SendMessageW (hWnd=0xc02de, Msg=0x2210, wParam=0x2de0001, lParam=0xc02de) returned 0x0
[0177.901] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x2210, wParam=0x2de0001, lParam=0xc02de) returned 0x0
[0177.902] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0177.902] GetParent (hWnd=0xc02de) returned 0xc02dc
[0177.902] GetWindowLongW (hWnd=0xc02dc, nIndex=-8) returned 458844
[0177.902] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0177.902] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0177.902] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x150107d7
[0177.902] GetDeviceCaps (hdc=0x150107d7, index=12) returned 32
[0177.902] GetDeviceCaps (hdc=0x150107d7, index=14) returned 1
[0177.902] DeleteDC (hdc=0x150107d7) returned 1
[0177.903] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0177.903] GetWindowThreadProcessId (in: hWnd=0xc02dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0177.903] GetCurrentThreadId () returned 0xf50
[0177.903] PostMessageW (hWnd=0xc02dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0177.903] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.903] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.903] GetSystemMetrics (nIndex=42) returned 0
[0177.903] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.903] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0177.904] GdipImageGetFrameDimensionsCount (image=0x6600640, count=0xd7e25c) returned 0x0
[0177.904] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7a18
[0177.904] GdipImageGetFrameDimensionsList (image=0x6600640, dimensionIDs=0x11f7a18*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0177.904] LocalFree (hMem=0x11f7a18) returned 0x0
[0177.904] GdipImageGetFrameDimensionsCount (image=0x6601018, count=0xd7e250) returned 0x0
[0177.904] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7c10
[0177.904] GdipImageGetFrameDimensionsList (image=0x6601018, dimensionIDs=0x11f7c10*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0177.904] LocalFree (hMem=0x11f7c10) returned 0x0
[0177.904] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0177.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0177.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0177.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0177.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0177.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0177.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0177.919] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0177.919] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0177.919] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.919] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.920] GetSystemMetrics (nIndex=42) returned 0
[0177.920] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0177.920] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0177.920] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0177.920] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0177.920] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0x5305067c
[0177.920] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0177.920] SaveDC (hdc=0x107b9) returned 1
[0177.920] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0177.920] CreateSolidBrush (color=0xf0f0f0) returned 0x931007e1
[0177.920] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x931007e1) returned 1
[0177.920] DeleteObject (ho=0x931007e1) returned 1
[0177.920] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0177.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0177.921] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0177.921] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0177.921] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0177.922] GetStockObject (i=5) returned 0x900015
[0177.922] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0177.922] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0177.922] GetStockObject (i=5) returned 0x900015
[0177.922] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0177.922] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0177.922] GetStockObject (i=5) returned 0x900015
[0177.923] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0177.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0177.923] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0177.923] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0177.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0177.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0177.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0177.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0177.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0177.925] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0177.925] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0177.925] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0177.925] InvalidateRect (hWnd=0xe013e, lpRect=0x0, bErase=0) returned 1
[0177.925] GetFocus () returned 0xc02dc
[0177.926] GetFocus () returned 0xc02dc
[0177.926] SetFocus (hWnd=0xe013e) returned 0xc02dc
[0177.926] GetFocus () returned 0xe013e
[0177.927] IsChild (hWndParent=0xc02dc, hWnd=0xe013e) returned 1
[0177.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x8, wParam=0xe013e, lParam=0x0) returned 0x0
[0177.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0177.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0177.931] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0177.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x7, wParam=0xc02dc, lParam=0x0) returned 0x0
[0177.931] GetStockObject (i=5) returned 0x900015
[0177.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0177.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0177.931] GetDlgItem (hDlg=0xc02dc, nIDDlgItem=917822) returned 0xe013e
[0177.931] SendMessageW (hWnd=0xe013e, Msg=0x202b, wParam=0xe013e, lParam=0xd7e0dc) returned 0x0
[0177.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x202b, wParam=0xe013e, lParam=0xd7e0dc) returned 0x0
[0177.932] InvalidateRect (hWnd=0xe013e, lpRect=0x0, bErase=0) returned 1
[0177.934] GetFocus () returned 0xe013e
[0177.934] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.939] IsWindowUnicode (hWnd=0xc02dc) returned 1
[0177.939] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.939] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.939] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0177.940] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.940] IsWindowUnicode (hWnd=0xc02dc) returned 1
[0177.940] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.940] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.940] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.940] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0177.941] IsWindowUnicode (hWnd=0xc02dc) returned 1
[0177.941] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.941] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.941] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.941] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.941] IsWindowUnicode (hWnd=0x602c4) returned 1
[0177.941] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.941] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.941] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.941] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0177.941] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0177.941] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.942] IsWindowUnicode (hWnd=0xc02dc) returned 1
[0177.942] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.942] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.942] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.942] BeginPaint (in: hWnd=0xc02dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0177.942] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.943] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.943] GetSystemMetrics (nIndex=42) returned 0
[0177.943] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0177.943] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.943] EndPaint (hWnd=0xc02dc, lpPaint=0xd7e274) returned 1
[0177.943] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.943] IsWindowUnicode (hWnd=0xf00ea) returned 1
[0177.943] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.943] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.943] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.943] BeginPaint (in: hWnd=0xf00ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0177.944] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.944] CreateCompatibleDC (hdc=0x60100ce) returned 0x2a010793
[0177.944] SelectObject (hdc=0x2a010793, h=0x4a0507fe) returned 0x85000f
[0177.944] GdipCreateFromHDC (hdc=0x2a010793, graphics=0xd7e2b0) returned 0x0
[0177.944] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0177.944] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0177.944] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0177.944] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0177.944] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e310) returned 0x0
[0177.944] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0177.944] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0177.944] LocalFree (hMem=0x11ee9f0) returned 0x0
[0177.945] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0177.945] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0177.945] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0177.945] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e304) returned 0x0
[0177.945] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0177.945] GetWindowTextLengthW (hWnd=0xf00ea) returned 0
[0177.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0177.945] GetSystemMetrics (nIndex=42) returned 0
[0177.945] GetWindowTextW (in: hWnd=0xf00ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0177.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0177.945] GetClientRect (in: hWnd=0xf00ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0177.945] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0177.945] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0177.945] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0177.945] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0177.945] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e164) returned 0x0
[0177.945] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0177.945] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0177.945] LocalFree (hMem=0x11ee8d8) returned 0x0
[0177.946] GdipCombineRegionRegion (region=0x6646dd8, region2=0x6646298, combineMode=0x1) returned 0x0
[0177.946] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0177.946] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0177.946] LocalFree (hMem=0x11eec58) returned 0x0
[0177.946] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0177.946] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0177.946] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0177.946] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0177.946] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0177.946] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0177.946] GetCurrentObject (hdc=0x2a010793, type=0x1) returned 0xb00017
[0177.946] GetCurrentObject (hdc=0x2a010793, type=0x2) returned 0x900010
[0177.946] GetCurrentObject (hdc=0x2a010793, type=0x7) returned 0x4a0507fe
[0177.946] GetCurrentObject (hdc=0x2a010793, type=0x6) returned 0x8a01c2
[0177.946] SaveDC (hdc=0x2a010793) returned 1
[0177.946] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x400407de
[0177.946] GetClipRgn (hdc=0x2a010793, hrgn=0x400407de) returned 0
[0177.947] SelectClipRgn (hdc=0x2a010793, hrgn=0xbb040807) returned 2
[0177.947] DeleteObject (ho=0x400407de) returned 1
[0177.947] DeleteObject (ho=0xbb040807) returned 1
[0177.947] OffsetViewportOrgEx (in: hdc=0x2a010793, x=0, y=0, lppt=0x2ce8c04 | out: lppt=0x2ce8c04) returned 1
[0177.947] GetNearestColor (hdc=0x2a010793, color=0xf0f0f0) returned 0xf0f0f0
[0177.947] CreateSolidBrush (color=0xf0f0f0) returned 0x941007e1
[0177.947] FillRect (hDC=0x2a010793, lprc=0xd7e198, hbr=0x941007e1) returned 1
[0177.947] DeleteObject (ho=0x941007e1) returned 1
[0177.947] RestoreDC (hdc=0x2a010793, nSavedDC=-1) returned 1
[0177.947] GdipReleaseDC (graphics=0x6600030, hdc=0x2a010793) returned 0x0
[0177.947] GdipRestoreGraphics (graphics=0x6600030, state=0xfbf80dbd) returned 0x0
[0177.947] GdipDeleteRegion (region=0x6646298) returned 0x0
[0177.947] GetWindowTextLengthW (hWnd=0xf00ea) returned 0
[0177.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0177.947] GetSystemMetrics (nIndex=42) returned 0
[0177.947] GetWindowTextW (in: hWnd=0xf00ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0177.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0177.948] GdipGetImageWidth (image=0x6600640, width=0xd7e1e0) returned 0x0
[0177.948] GdipGetImageHeight (image=0x6600640, height=0xd7e1e0) returned 0x0
[0177.948] GdipGetImageWidth (image=0x6600640, width=0xd7e1cc) returned 0x0
[0177.948] GdipGetImageHeight (image=0x6600640, height=0xd7e1cc) returned 0x0
[0177.948] GdipDrawImageRectI (graphics=0x6600030, image=0x6600640, x=16, y=16, width=32, height=32) returned 0x0
[0177.948] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0177.948] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x2a010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0177.948] GdipReleaseDC (graphics=0x6600030, hdc=0x2a010793) returned 0x0
[0177.948] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.948] SelectObject (hdc=0x2a010793, h=0x85000f) returned 0x4a0507fe
[0177.948] DeleteDC (hdc=0x2a010793) returned 1
[0177.948] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.948] EndPaint (hWnd=0xf00ea, lpPaint=0xd7e294) returned 1
[0177.949] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.949] IsWindowUnicode (hWnd=0xc02da) returned 1
[0177.949] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.949] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.949] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.949] BeginPaint (in: hWnd=0xc02da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0177.949] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.949] CreateCompatibleDC (hdc=0x107b9) returned 0x2c010793
[0177.949] GetObjectType (h=0x107b9) returned 0x3
[0177.949] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0x210507d7
[0177.950] GetDIBits (in: hdc=0x107b9, hbm=0x210507d7, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0177.950] GetDIBits (in: hdc=0x107b9, hbm=0x210507d7, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0177.950] DeleteObject (ho=0x210507d7) returned 1
[0177.950] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xde0507d2
[0177.950] SelectObject (hdc=0x2c010793, h=0xde0507d2) returned 0x85000f
[0177.950] GdipCreateFromHDC (hdc=0x2c010793, graphics=0xd7e234) returned 0x0
[0177.956] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0177.956] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0177.956] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0177.956] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0177.956] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2d4) returned 0x0
[0177.956] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0177.956] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0177.956] LocalFree (hMem=0x11ee8d8) returned 0x0
[0177.956] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0177.956] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0177.956] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0177.956] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0177.956] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0177.956] GetWindowTextLengthW (hWnd=0xc02da) returned 232
[0177.956] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0177.956] GetSystemMetrics (nIndex=42) returned 0
[0177.957] GetWindowTextW (in: hWnd=0xc02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0177.957] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0177.957] GetClientRect (in: hWnd=0xc02da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0177.957] GdipCreateRegion (region=0xd7e110) returned 0x0
[0177.957] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0177.957] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0177.957] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0177.957] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e128) returned 0x0
[0177.957] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0177.957] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0177.957] LocalFree (hMem=0x11ee788) returned 0x0
[0177.957] GdipCombineRegionRegion (region=0x66469e8, region2=0x6646718, combineMode=0x1) returned 0x0
[0177.957] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0177.957] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0177.957] LocalFree (hMem=0x11ee8d8) returned 0x0
[0177.957] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0177.957] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0177.957] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0177.957] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0177.958] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0177.958] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0177.958] GetCurrentObject (hdc=0x2c010793, type=0x1) returned 0xb00017
[0177.958] GetCurrentObject (hdc=0x2c010793, type=0x2) returned 0x900010
[0177.958] GetCurrentObject (hdc=0x2c010793, type=0x7) returned 0xffffffffde0507d2
[0177.958] GetCurrentObject (hdc=0x2c010793, type=0x6) returned 0x8a01c2
[0177.958] SaveDC (hdc=0x2c010793) returned 1
[0177.958] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbc040807
[0177.958] GetClipRgn (hdc=0x2c010793, hrgn=0xbc040807) returned 0
[0177.958] SelectClipRgn (hdc=0x2c010793, hrgn=0x410407de) returned 2
[0177.958] DeleteObject (ho=0xbc040807) returned 1
[0177.958] DeleteObject (ho=0x410407de) returned 1
[0177.958] OffsetViewportOrgEx (in: hdc=0x2c010793, x=0, y=0, lppt=0x2cea5cc | out: lppt=0x2cea5cc) returned 1
[0177.958] GetNearestColor (hdc=0x2c010793, color=0xf0f0f0) returned 0xf0f0f0
[0177.958] CreateSolidBrush (color=0xf0f0f0) returned 0x951007e1
[0177.959] FillRect (hDC=0x2c010793, lprc=0xd7e15c, hbr=0x951007e1) returned 1
[0177.960] DeleteObject (ho=0x951007e1) returned 1
[0177.960] RestoreDC (hdc=0x2c010793, nSavedDC=-1) returned 1
[0177.960] GdipReleaseDC (graphics=0x6600030, hdc=0x2c010793) returned 0x0
[0177.960] GdipRestoreGraphics (graphics=0x6600030, state=0xfbf60dbd) returned 0x0
[0177.960] GdipDeleteRegion (region=0x6646718) returned 0x0
[0177.960] GetWindowTextLengthW (hWnd=0xc02da) returned 232
[0177.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0177.960] GetSystemMetrics (nIndex=42) returned 0
[0177.960] GetWindowTextW (in: hWnd=0xc02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0177.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0177.961] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0177.961] GetCurrentObject (hdc=0x2c010793, type=0x1) returned 0xb00017
[0177.961] GetCurrentObject (hdc=0x2c010793, type=0x2) returned 0x900010
[0177.961] GetCurrentObject (hdc=0x2c010793, type=0x7) returned 0xffffffffde0507d2
[0177.961] GetCurrentObject (hdc=0x2c010793, type=0x6) returned 0x8a01c2
[0177.961] SaveDC (hdc=0x2c010793) returned 1
[0177.961] GetNearestColor (hdc=0x2c010793, color=0x0) returned 0x0
[0177.961] RestoreDC (hdc=0x2c010793, nSavedDC=-1) returned 1
[0177.961] GdipReleaseDC (graphics=0x6600030, hdc=0x2c010793) returned 0x0
[0177.962] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0177.962] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0177.962] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2ceadc8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0177.962] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0177.962] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0177.962] GetCurrentObject (hdc=0x2c010793, type=0x1) returned 0xb00017
[0177.962] GetCurrentObject (hdc=0x2c010793, type=0x2) returned 0x900010
[0177.962] GetCurrentObject (hdc=0x2c010793, type=0x7) returned 0xffffffffde0507d2
[0177.963] GetCurrentObject (hdc=0x2c010793, type=0x6) returned 0x8a01c2
[0177.963] SaveDC (hdc=0x2c010793) returned 1
[0177.963] GetTextAlign (hdc=0x2c010793) returned 0x0
[0177.963] GetTextColor (hdc=0x2c010793) returned 0x0
[0177.963] GetCurrentObject (hdc=0x2c010793, type=0x6) returned 0x8a01c2
[0177.963] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0177.963] SelectObject (hdc=0x2c010793, h=0x6d0a0520) returned 0x8a01c2
[0177.963] GetBkMode (hdc=0x2c010793) returned 2
[0177.963] SetBkMode (hdc=0x2c010793, mode=1) returned 2
[0177.963] DrawTextExW (in: hdc=0x2c010793, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2ceafec | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0177.967] RestoreDC (hdc=0x2c010793, nSavedDC=-1) returned 1
[0177.967] GdipReleaseDC (graphics=0x6600030, hdc=0x2c010793) returned 0x0
[0177.967] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0177.967] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x2c010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0177.967] GdipReleaseDC (graphics=0x6600030, hdc=0x2c010793) returned 0x0
[0177.968] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.968] SelectObject (hdc=0x2c010793, h=0x85000f) returned 0xde0507d2
[0177.968] DeleteDC (hdc=0x2c010793) returned 1
[0177.968] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.968] DeleteObject (ho=0xde0507d2) returned 1
[0177.969] EndPaint (hWnd=0xc02da, lpPaint=0xd7e258) returned 1
[0177.969] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.969] IsWindowUnicode (hWnd=0xe013e) returned 1
[0177.969] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.969] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.969] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.969] BeginPaint (in: hWnd=0xe013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0177.969] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.969] CreateCompatibleDC (hdc=0x10105d6) returned 0x230107d7
[0177.969] SelectObject (hdc=0x230107d7, h=0x4a0507fe) returned 0x85000f
[0177.969] GdipCreateFromHDC (hdc=0x230107d7, graphics=0xd7e268) returned 0x0
[0177.970] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0177.970] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0177.970] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0177.970] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0177.970] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0177.970] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0177.970] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0177.970] LocalFree (hMem=0x11ee9f0) returned 0x0
[0177.970] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0177.970] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0177.970] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0177.970] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0177.970] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0177.970] GdipRestoreGraphics (graphics=0x6600030, state=0xfbf40dbd) returned 0x0
[0177.970] GdipDeleteRegion (region=0x6646718) returned 0x0
[0177.971] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0177.971] GetCurrentObject (hdc=0x230107d7, type=0x1) returned 0xb00017
[0177.971] GetCurrentObject (hdc=0x230107d7, type=0x2) returned 0x900010
[0177.971] GetCurrentObject (hdc=0x230107d7, type=0x7) returned 0x4a0507fe
[0177.971] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.971] SaveDC (hdc=0x230107d7) returned 1
[0177.971] GetNearestColor (hdc=0x230107d7, color=0xf0f0f0) returned 0xf0f0f0
[0177.971] GetNearestColor (hdc=0x230107d7, color=0xa0a0a0) returned 0xa0a0a0
[0177.971] GetNearestColor (hdc=0x230107d7, color=0x696969) returned 0x696969
[0177.971] GetNearestColor (hdc=0x230107d7, color=0xa0a0a0) returned 0xa0a0a0
[0177.971] GetNearestColor (hdc=0x230107d7, color=0x0) returned 0x0
[0177.971] GetNearestColor (hdc=0x230107d7, color=0xffffff) returned 0xffffff
[0177.971] GetNearestColor (hdc=0x230107d7, color=0xe5e5e5) returned 0xe5e5e5
[0177.971] GetNearestColor (hdc=0x230107d7, color=0xd7d7d7) returned 0xd7d7d7
[0177.972] GetNearestColor (hdc=0x230107d7, color=0x0) returned 0x0
[0177.972] RestoreDC (hdc=0x230107d7, nSavedDC=-1) returned 1
[0177.972] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d7) returned 0x0
[0177.972] IsAppThemed () returned 0x1
[0177.972] GetThemeAppProperties () returned 0x3
[0177.972] GetThemeAppProperties () returned 0x3
[0177.972] GdipGetImageWidth (image=0x6601018, width=0xd7e168) returned 0x0
[0177.972] GdipGetImageHeight (image=0x6601018, height=0xd7e168) returned 0x0
[0177.972] IsAppThemed () returned 0x1
[0177.972] GetThemeAppProperties () returned 0x3
[0177.972] GetThemeAppProperties () returned 0x3
[0177.972] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2ceb73c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0177.972] IsAppThemed () returned 0x1
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] IsAppThemed () returned 0x1
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] GetFocus () returned 0xe013e
[0177.973] IsAppThemed () returned 0x1
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] IsAppThemed () returned 0x1
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] IsThemePartDefined () returned 0x1
[0177.973] IsAppThemed () returned 0x1
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] GetThemeAppProperties () returned 0x3
[0177.973] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0177.973] IsAppThemed () returned 0x1
[0177.974] GetThemeAppProperties () returned 0x3
[0177.974] GetThemeAppProperties () returned 0x3
[0177.974] IsAppThemed () returned 0x1
[0177.974] GetThemeAppProperties () returned 0x3
[0177.974] GetThemeAppProperties () returned 0x3
[0177.974] IsThemePartDefined () returned 0x1
[0177.974] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0177.975] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0177.975] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0177.975] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0177.975] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dff0) returned 0x0
[0177.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0177.975] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eead0) returned 0x0
[0177.975] LocalFree (hMem=0x11eead0) returned 0x0
[0177.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0177.975] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0177.975] LocalFree (hMem=0x11ee788) returned 0x0
[0177.975] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0177.975] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e018) returned 0x0
[0177.975] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e008) returned 0x0
[0177.975] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0177.975] GdipDeleteRegion (region=0x6646688) returned 0x0
[0177.975] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0177.975] GetCurrentObject (hdc=0x230107d7, type=0x1) returned 0xb00017
[0177.976] GetCurrentObject (hdc=0x230107d7, type=0x2) returned 0x900010
[0177.976] GetCurrentObject (hdc=0x230107d7, type=0x7) returned 0x4a0507fe
[0177.976] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.976] SaveDC (hdc=0x230107d7) returned 1
[0177.976] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x420407de
[0177.976] GetClipRgn (hdc=0x230107d7, hrgn=0x420407de) returned 0
[0177.976] SelectClipRgn (hdc=0x230107d7, hrgn=0xc0040807) returned 2
[0177.976] DeleteObject (ho=0x420407de) returned 1
[0177.976] DeleteObject (ho=0xc0040807) returned 1
[0177.976] OffsetViewportOrgEx (in: hdc=0x230107d7, x=0, y=0, lppt=0x2cebdec | out: lppt=0x2cebdec) returned 1
[0177.976] DrawThemeParentBackground () returned 0x0
[0177.976] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0177.976] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0177.976] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.977] GetSystemMetrics (nIndex=42) returned 0
[0177.977] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0177.977] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0177.977] GetCurrentObject (hdc=0x230107d7, type=0x1) returned 0xb00017
[0177.977] GetCurrentObject (hdc=0x230107d7, type=0x2) returned 0x900010
[0177.977] GetCurrentObject (hdc=0x230107d7, type=0x7) returned 0x4a0507fe
[0177.977] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.977] SaveDC (hdc=0x230107d7) returned 2
[0177.977] GetNearestColor (hdc=0x230107d7, color=0xf0f0f0) returned 0xf0f0f0
[0177.977] CreateSolidBrush (color=0xf0f0f0) returned 0x961007e1
[0177.977] FillRect (hDC=0x230107d7, lprc=0xd7da38, hbr=0x961007e1) returned 1
[0177.977] DeleteObject (ho=0x961007e1) returned 1
[0177.977] RestoreDC (hdc=0x230107d7, nSavedDC=-1) returned 1
[0177.977] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.978] GetSystemMetrics (nIndex=42) returned 0
[0177.978] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0177.978] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0177.978] GetCurrentObject (hdc=0x230107d7, type=0x1) returned 0xb00017
[0177.978] GetCurrentObject (hdc=0x230107d7, type=0x2) returned 0x900010
[0177.978] GetCurrentObject (hdc=0x230107d7, type=0x7) returned 0x4a0507fe
[0177.978] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.978] SaveDC (hdc=0x230107d7) returned 2
[0177.978] GetNearestColor (hdc=0x230107d7, color=0xf0f0f0) returned 0xf0f0f0
[0177.978] CreateSolidBrush (color=0xf0f0f0) returned 0x971007e1
[0177.978] FillRect (hDC=0x230107d7, lprc=0xd7d9d8, hbr=0x971007e1) returned 1
[0177.978] DeleteObject (ho=0x971007e1) returned 1
[0177.978] RestoreDC (hdc=0x230107d7, nSavedDC=-1) returned 1
[0177.978] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0177.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0177.978] GetSystemMetrics (nIndex=42) returned 0
[0177.978] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0177.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0177.979] RestoreDC (hdc=0x230107d7, nSavedDC=-1) returned 1
[0177.979] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d7) returned 0x0
[0177.979] IsAppThemed () returned 0x1
[0177.979] GetThemeAppProperties () returned 0x3
[0177.979] GetThemeAppProperties () returned 0x3
[0177.979] IsAppThemed () returned 0x1
[0177.979] GetThemeAppProperties () returned 0x3
[0177.979] GetThemeAppProperties () returned 0x3
[0177.979] IsThemePartDefined () returned 0x1
[0177.979] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0177.979] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0177.979] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0177.979] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0177.979] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0177.979] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0177.980] LocalFree (hMem=0x11ee8d8) returned 0x0
[0177.980] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0177.980] LocalFree (hMem=0x11ee9f0) returned 0x0
[0177.980] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0177.980] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0177.980] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0177.980] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0177.980] GdipDeleteRegion (region=0x6646688) returned 0x0
[0177.980] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0177.980] GetCurrentObject (hdc=0x230107d7, type=0x1) returned 0xb00017
[0177.980] GetCurrentObject (hdc=0x230107d7, type=0x2) returned 0x900010
[0177.980] GetCurrentObject (hdc=0x230107d7, type=0x7) returned 0x4a0507fe
[0177.980] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.980] SaveDC (hdc=0x230107d7) returned 1
[0177.980] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc1040807
[0177.980] GetClipRgn (hdc=0x230107d7, hrgn=0xc1040807) returned 0
[0177.980] SelectClipRgn (hdc=0x230107d7, hrgn=0x440407de) returned 2
[0177.980] DeleteObject (ho=0xc1040807) returned 1
[0177.981] DeleteObject (ho=0x440407de) returned 1
[0177.981] OffsetViewportOrgEx (in: hdc=0x230107d7, x=0, y=0, lppt=0x2cec698 | out: lppt=0x2cec698) returned 1
[0177.981] IsAppThemed () returned 0x1
[0177.981] GetThemeAppProperties () returned 0x3
[0177.981] GetThemeAppProperties () returned 0x3
[0177.981] DrawThemeBackground () returned 0x0
[0177.981] RestoreDC (hdc=0x230107d7, nSavedDC=-1) returned 1
[0177.981] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d7) returned 0x0
[0177.981] GdipCreateRegion (region=0xd7df60) returned 0x0
[0177.981] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0177.981] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0177.987] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0177.987] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0177.987] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0177.987] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0177.987] LocalFree (hMem=0x11eec58) returned 0x0
[0177.987] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0177.987] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea98) returned 0x0
[0177.987] LocalFree (hMem=0x11eea98) returned 0x0
[0177.987] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0177.987] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0177.987] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0177.987] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0177.988] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0177.988] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0177.988] GetCurrentObject (hdc=0x230107d7, type=0x1) returned 0xb00017
[0177.988] GetCurrentObject (hdc=0x230107d7, type=0x2) returned 0x900010
[0177.988] GetCurrentObject (hdc=0x230107d7, type=0x7) returned 0x4a0507fe
[0177.988] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.988] SaveDC (hdc=0x230107d7) returned 1
[0177.988] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x450407de
[0177.988] GetClipRgn (hdc=0x230107d7, hrgn=0x450407de) returned 0
[0177.988] SelectClipRgn (hdc=0x230107d7, hrgn=0xc2040807) returned 2
[0177.988] DeleteObject (ho=0x450407de) returned 1
[0177.988] DeleteObject (ho=0xc2040807) returned 1
[0177.988] OffsetViewportOrgEx (in: hdc=0x230107d7, x=0, y=0, lppt=0x2cec96c | out: lppt=0x2cec96c) returned 1
[0177.988] IsAppThemed () returned 0x1
[0177.988] GetThemeAppProperties () returned 0x3
[0177.989] GetThemeAppProperties () returned 0x3
[0177.989] GetThemeBackgroundContentRect () returned 0x0
[0177.989] RestoreDC (hdc=0x230107d7, nSavedDC=-1) returned 1
[0177.989] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d7) returned 0x0
[0177.989] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0177.989] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0177.989] GdipCloneRegion (region=0x6646b08, cloneRegion=0xd7e150) returned 0x0
[0177.989] GdipCombineRegionRectI (region=0x6646688, rect=0xd7e138, combineMode=0x1) returned 0x0
[0177.989] GdipCombineRegionRectI (region=0x6646688, rect=0xd7e138, combineMode=0x1) returned 0x0
[0177.989] GdipSetClipRegion (graphics=0x6600030, region=0x6646688, combineMode=0x0) returned 0x0
[0177.989] GdipGetImageWidth (image=0x6601018, width=0xd7e154) returned 0x0
[0177.989] GdipGetImageHeight (image=0x6601018, height=0xd7e148) returned 0x0
[0177.989] GdipDrawImageRectI (graphics=0x6600030, image=0x6601018, x=4, y=4, width=16, height=16) returned 0x0
[0177.989] GdipSetClipRegion (graphics=0x6600030, region=0x6646b08, combineMode=0x0) returned 0x0
[0177.989] IsAppThemed () returned 0x1
[0177.989] GetThemeAppProperties () returned 0x3
[0177.989] GetThemeAppProperties () returned 0x3
[0177.989] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0177.990] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0177.990] GetCurrentObject (hdc=0x230107d7, type=0x1) returned 0xb00017
[0177.990] GetCurrentObject (hdc=0x230107d7, type=0x2) returned 0x900010
[0177.990] GetCurrentObject (hdc=0x230107d7, type=0x7) returned 0x4a0507fe
[0177.990] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.990] SaveDC (hdc=0x230107d7) returned 1
[0177.990] GetTextAlign (hdc=0x230107d7) returned 0x0
[0177.990] GetTextColor (hdc=0x230107d7) returned 0x0
[0177.990] GetCurrentObject (hdc=0x230107d7, type=0x6) returned 0x8a01c2
[0177.990] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0177.990] SelectObject (hdc=0x230107d7, h=0x6d0a0520) returned 0x8a01c2
[0177.990] GetBkMode (hdc=0x230107d7) returned 2
[0177.990] SetBkMode (hdc=0x230107d7, mode=1) returned 2
[0177.991] DrawTextExW (in: hdc=0x230107d7, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2cecd2c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0177.991] DrawTextExW (in: hdc=0x230107d7, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cecd2c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0177.991] RestoreDC (hdc=0x230107d7, nSavedDC=-1) returned 1
[0177.991] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d7) returned 0x0
[0177.991] GetFocus () returned 0xe013e
[0177.991] IsAppThemed () returned 0x1
[0177.991] GetThemeAppProperties () returned 0x3
[0177.991] GetThemeAppProperties () returned 0x3
[0177.991] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0177.992] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x230107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0177.992] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d7) returned 0x0
[0177.992] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0177.992] SelectObject (hdc=0x230107d7, h=0x85000f) returned 0x4a0507fe
[0177.992] DeleteDC (hdc=0x230107d7) returned 1
[0177.992] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0177.992] EndPaint (hWnd=0xe013e, lpPaint=0xd7e24c) returned 1
[0177.993] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.993] IsWindowUnicode (hWnd=0xd02d2) returned 1
[0177.993] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0177.993] TranslateMessage (lpMsg=0xd7e808) returned 0
[0177.993] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0177.993] BeginPaint (in: hWnd=0xd02d2, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0177.993] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0177.994] CreateCompatibleDC (hdc=0xf0105ee) returned 0x250107d7
[0177.994] SelectObject (hdc=0x250107d7, h=0x4a0507fe) returned 0x85000f
[0177.994] GdipCreateFromHDC (hdc=0x250107d7, graphics=0xd7e268) returned 0x0
[0177.994] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0177.994] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0177.994] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0177.994] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0177.994] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0177.994] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0177.994] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0177.994] LocalFree (hMem=0x11ee9f0) returned 0x0
[0177.994] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0177.994] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0177.994] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0177.995] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0177.995] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0177.995] GdipRestoreGraphics (graphics=0x6600030, state=0xfbf20dbd) returned 0x0
[0177.995] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0177.995] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0177.995] GetCurrentObject (hdc=0x250107d7, type=0x1) returned 0xb00017
[0177.995] GetCurrentObject (hdc=0x250107d7, type=0x2) returned 0x900010
[0177.995] GetCurrentObject (hdc=0x250107d7, type=0x7) returned 0x4a0507fe
[0177.995] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0177.995] SaveDC (hdc=0x250107d7) returned 1
[0177.995] GetNearestColor (hdc=0x250107d7, color=0xf0f0f0) returned 0xf0f0f0
[0177.995] GetNearestColor (hdc=0x250107d7, color=0xa0a0a0) returned 0xa0a0a0
[0177.995] GetNearestColor (hdc=0x250107d7, color=0x696969) returned 0x696969
[0177.995] GetNearestColor (hdc=0x250107d7, color=0xa0a0a0) returned 0xa0a0a0
[0177.995] GetNearestColor (hdc=0x250107d7, color=0x0) returned 0x0
[0177.996] GetNearestColor (hdc=0x250107d7, color=0xffffff) returned 0xffffff
[0177.996] GetNearestColor (hdc=0x250107d7, color=0xe5e5e5) returned 0xe5e5e5
[0177.996] GetNearestColor (hdc=0x250107d7, color=0xd7d7d7) returned 0xd7d7d7
[0177.996] GetNearestColor (hdc=0x250107d7, color=0x0) returned 0x0
[0177.996] RestoreDC (hdc=0x250107d7, nSavedDC=-1) returned 1
[0177.996] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d7) returned 0x0
[0177.996] IsAppThemed () returned 0x1
[0177.996] GetThemeAppProperties () returned 0x3
[0177.996] GetThemeAppProperties () returned 0x3
[0177.996] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0177.996] SendMessageW (hWnd=0xc02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0177.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0177.996] IsAppThemed () returned 0x1
[0177.996] GetThemeAppProperties () returned 0x3
[0177.996] GetThemeAppProperties () returned 0x3
[0177.996] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2ced53c | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0177.997] IsAppThemed () returned 0x1
[0177.997] GetThemeAppProperties () returned 0x3
[0177.997] GetThemeAppProperties () returned 0x3
[0177.997] IsAppThemed () returned 0x1
[0177.998] GetThemeAppProperties () returned 0x3
[0177.998] GetThemeAppProperties () returned 0x3
[0177.998] GetFocus () returned 0xe013e
[0177.998] IsAppThemed () returned 0x1
[0178.000] GetThemeAppProperties () returned 0x3
[0178.000] GetThemeAppProperties () returned 0x3
[0178.000] IsAppThemed () returned 0x1
[0178.000] GetThemeAppProperties () returned 0x3
[0178.000] GetThemeAppProperties () returned 0x3
[0178.000] IsThemePartDefined () returned 0x1
[0178.000] IsAppThemed () returned 0x1
[0178.000] GetThemeAppProperties () returned 0x3
[0178.000] GetThemeAppProperties () returned 0x3
[0178.000] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0178.000] IsAppThemed () returned 0x1
[0178.000] GetThemeAppProperties () returned 0x3
[0178.000] GetThemeAppProperties () returned 0x3
[0178.001] IsAppThemed () returned 0x1
[0178.001] GetThemeAppProperties () returned 0x3
[0178.001] GetThemeAppProperties () returned 0x3
[0178.001] IsThemePartDefined () returned 0x1
[0178.001] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0178.001] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0178.001] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0178.001] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0178.001] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0178.001] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0178.001] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eead0) returned 0x0
[0178.001] LocalFree (hMem=0x11eead0) returned 0x0
[0178.001] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0178.001] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0178.001] LocalFree (hMem=0x11ee788) returned 0x0
[0178.001] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0178.001] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0178.001] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0178.002] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0178.002] GdipDeleteRegion (region=0x6646298) returned 0x0
[0178.002] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0178.002] GetCurrentObject (hdc=0x250107d7, type=0x1) returned 0xb00017
[0178.002] GetCurrentObject (hdc=0x250107d7, type=0x2) returned 0x900010
[0178.002] GetCurrentObject (hdc=0x250107d7, type=0x7) returned 0x4a0507fe
[0178.002] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0178.002] SaveDC (hdc=0x250107d7) returned 1
[0178.002] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc3040807
[0178.002] GetClipRgn (hdc=0x250107d7, hrgn=0xc3040807) returned 0
[0178.002] SelectClipRgn (hdc=0x250107d7, hrgn=0x490407de) returned 2
[0178.002] DeleteObject (ho=0xc3040807) returned 1
[0178.002] DeleteObject (ho=0x490407de) returned 1
[0178.002] OffsetViewportOrgEx (in: hdc=0x250107d7, x=0, y=0, lppt=0x2cedbec | out: lppt=0x2cedbec) returned 1
[0178.002] DrawThemeParentBackground () returned 0x0
[0178.003] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0178.003] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0178.003] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.003] GetSystemMetrics (nIndex=42) returned 0
[0178.003] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0178.003] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0178.003] GetCurrentObject (hdc=0x250107d7, type=0x1) returned 0xb00017
[0178.003] GetCurrentObject (hdc=0x250107d7, type=0x2) returned 0x900010
[0178.003] GetCurrentObject (hdc=0x250107d7, type=0x7) returned 0x4a0507fe
[0178.003] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0178.003] SaveDC (hdc=0x250107d7) returned 2
[0178.003] GetNearestColor (hdc=0x250107d7, color=0xf0f0f0) returned 0xf0f0f0
[0178.003] CreateSolidBrush (color=0xf0f0f0) returned 0x981007e1
[0178.003] FillRect (hDC=0x250107d7, lprc=0xd7da38, hbr=0x981007e1) returned 1
[0178.004] DeleteObject (ho=0x981007e1) returned 1
[0178.004] RestoreDC (hdc=0x250107d7, nSavedDC=-1) returned 1
[0178.004] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.004] GetSystemMetrics (nIndex=42) returned 0
[0178.004] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0178.004] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0178.004] GetCurrentObject (hdc=0x250107d7, type=0x1) returned 0xb00017
[0178.004] GetCurrentObject (hdc=0x250107d7, type=0x2) returned 0x900010
[0178.004] GetCurrentObject (hdc=0x250107d7, type=0x7) returned 0x4a0507fe
[0178.004] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0178.004] SaveDC (hdc=0x250107d7) returned 2
[0178.004] GetNearestColor (hdc=0x250107d7, color=0xf0f0f0) returned 0xf0f0f0
[0178.004] CreateSolidBrush (color=0xf0f0f0) returned 0x991007e1
[0178.004] FillRect (hDC=0x250107d7, lprc=0xd7d9d8, hbr=0x991007e1) returned 1
[0178.005] DeleteObject (ho=0x991007e1) returned 1
[0178.005] RestoreDC (hdc=0x250107d7, nSavedDC=-1) returned 1
[0178.005] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.005] GetSystemMetrics (nIndex=42) returned 0
[0178.005] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0178.005] RestoreDC (hdc=0x250107d7, nSavedDC=-1) returned 1
[0178.005] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d7) returned 0x0
[0178.005] IsAppThemed () returned 0x1
[0178.005] GetThemeAppProperties () returned 0x3
[0178.005] GetThemeAppProperties () returned 0x3
[0178.005] IsAppThemed () returned 0x1
[0178.005] GetThemeAppProperties () returned 0x3
[0178.005] GetThemeAppProperties () returned 0x3
[0178.006] IsThemePartDefined () returned 0x1
[0178.006] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0178.006] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0178.006] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0178.006] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0178.006] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0178.006] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0178.006] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0178.006] LocalFree (hMem=0x11ee8d8) returned 0x0
[0178.006] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0178.006] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eed00) returned 0x0
[0178.006] LocalFree (hMem=0x11eed00) returned 0x0
[0178.006] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0178.006] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0178.006] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0178.006] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0178.006] GdipDeleteRegion (region=0x6646718) returned 0x0
[0178.006] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0178.007] GetCurrentObject (hdc=0x250107d7, type=0x1) returned 0xb00017
[0178.007] GetCurrentObject (hdc=0x250107d7, type=0x2) returned 0x900010
[0178.007] GetCurrentObject (hdc=0x250107d7, type=0x7) returned 0x4a0507fe
[0178.007] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0178.007] SaveDC (hdc=0x250107d7) returned 1
[0178.007] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4a0407de
[0178.007] GetClipRgn (hdc=0x250107d7, hrgn=0x4a0407de) returned 0
[0178.007] SelectClipRgn (hdc=0x250107d7, hrgn=0xc5040807) returned 2
[0178.007] DeleteObject (ho=0x4a0407de) returned 1
[0178.007] DeleteObject (ho=0xc5040807) returned 1
[0178.007] OffsetViewportOrgEx (in: hdc=0x250107d7, x=0, y=0, lppt=0x2cee498 | out: lppt=0x2cee498) returned 1
[0178.007] IsAppThemed () returned 0x1
[0178.007] GetThemeAppProperties () returned 0x3
[0178.007] GetThemeAppProperties () returned 0x3
[0178.007] DrawThemeBackground () returned 0x0
[0178.007] RestoreDC (hdc=0x250107d7, nSavedDC=-1) returned 1
[0178.008] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d7) returned 0x0
[0178.008] GdipCreateRegion (region=0xd7df60) returned 0x0
[0178.008] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0178.008] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0178.008] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0178.008] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0178.008] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0178.008] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee910) returned 0x0
[0178.008] LocalFree (hMem=0x11ee910) returned 0x0
[0178.008] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0178.008] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0178.008] LocalFree (hMem=0x11eead0) returned 0x0
[0178.008] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0178.008] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0178.008] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0178.008] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0178.008] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0178.008] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0178.009] GetCurrentObject (hdc=0x250107d7, type=0x1) returned 0xb00017
[0178.009] GetCurrentObject (hdc=0x250107d7, type=0x2) returned 0x900010
[0178.009] GetCurrentObject (hdc=0x250107d7, type=0x7) returned 0x4a0507fe
[0178.009] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0178.009] SaveDC (hdc=0x250107d7) returned 1
[0178.009] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc6040807
[0178.009] GetClipRgn (hdc=0x250107d7, hrgn=0xc6040807) returned 0
[0178.009] SelectClipRgn (hdc=0x250107d7, hrgn=0x4b0407de) returned 2
[0178.009] DeleteObject (ho=0xc6040807) returned 1
[0178.009] DeleteObject (ho=0x4b0407de) returned 1
[0178.009] OffsetViewportOrgEx (in: hdc=0x250107d7, x=0, y=0, lppt=0x2cee76c | out: lppt=0x2cee76c) returned 1
[0178.009] IsAppThemed () returned 0x1
[0178.009] GetThemeAppProperties () returned 0x3
[0178.009] GetThemeAppProperties () returned 0x3
[0178.009] GetThemeBackgroundContentRect () returned 0x0
[0178.009] RestoreDC (hdc=0x250107d7, nSavedDC=-1) returned 1
[0178.010] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d7) returned 0x0
[0178.010] IsAppThemed () returned 0x1
[0178.010] GetThemeAppProperties () returned 0x3
[0178.010] GetThemeAppProperties () returned 0x3
[0178.010] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0178.010] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0178.010] GetCurrentObject (hdc=0x250107d7, type=0x1) returned 0xb00017
[0178.010] GetCurrentObject (hdc=0x250107d7, type=0x2) returned 0x900010
[0178.010] GetCurrentObject (hdc=0x250107d7, type=0x7) returned 0x4a0507fe
[0178.010] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0178.010] SaveDC (hdc=0x250107d7) returned 1
[0178.010] GetTextAlign (hdc=0x250107d7) returned 0x0
[0178.010] GetTextColor (hdc=0x250107d7) returned 0x0
[0178.010] GetCurrentObject (hdc=0x250107d7, type=0x6) returned 0x8a01c2
[0178.010] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0178.011] SelectObject (hdc=0x250107d7, h=0x6d0a0520) returned 0x8a01c2
[0178.011] GetBkMode (hdc=0x250107d7) returned 2
[0178.011] SetBkMode (hdc=0x250107d7, mode=1) returned 2
[0178.011] DrawTextExW (in: hdc=0x250107d7, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2ceeb0c | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0178.011] DrawTextExW (in: hdc=0x250107d7, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ceeb0c | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0178.011] RestoreDC (hdc=0x250107d7, nSavedDC=-1) returned 1
[0178.011] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d7) returned 0x0
[0178.012] GetFocus () returned 0xe013e
[0178.012] IsAppThemed () returned 0x1
[0178.012] GetThemeAppProperties () returned 0x3
[0178.012] GetThemeAppProperties () returned 0x3
[0178.012] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0178.012] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x250107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0178.012] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d7) returned 0x0
[0178.012] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.012] SelectObject (hdc=0x250107d7, h=0x85000f) returned 0x4a0507fe
[0178.012] DeleteDC (hdc=0x250107d7) returned 1
[0178.012] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0178.012] EndPaint (hWnd=0xd02d2, lpPaint=0xd7e24c) returned 1
[0178.025] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.026] IsWindowUnicode (hWnd=0xd02d2) returned 1
[0178.026] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.026] SetCursor (hCursor=0x10003) returned 0x10003
[0178.026] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.026] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.026] _TrackMouseEvent (in: lpEventTrack=0x2ceec08 | out: lpEventTrack=0x2ceec08) returned 1
[0178.026] SendMessageW (hWnd=0xd02d2, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0178.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0178.026] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0178.026] GetKeyState (nVirtKey=1) returned 0
[0178.026] GetKeyState (nVirtKey=2) returned 0
[0178.026] GetKeyState (nVirtKey=4) returned 0
[0178.027] GetKeyState (nVirtKey=5) returned 0
[0178.027] GetKeyState (nVirtKey=6) returned 0
[0178.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.027] IsWindowUnicode (hWnd=0xd02d2) returned 1
[0178.027] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.027] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.027] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.027] BeginPaint (in: hWnd=0xd02d2, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0178.027] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.027] CreateCompatibleDC (hdc=0xf0105ee) returned 0x38010793
[0178.027] SelectObject (hdc=0x38010793, h=0x4a0507fe) returned 0x85000f
[0178.027] GdipCreateFromHDC (hdc=0x38010793, graphics=0xd7e268) returned 0x0
[0178.028] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0178.028] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0178.028] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0178.028] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0178.028] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0178.028] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0178.028] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0178.033] LocalFree (hMem=0x11ee8d8) returned 0x0
[0178.033] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0178.033] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0178.033] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0178.033] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0178.033] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0178.033] GdipRestoreGraphics (graphics=0x6600030, state=0xfbf00dbd) returned 0x0
[0178.033] GdipDeleteRegion (region=0x6646298) returned 0x0
[0178.033] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0178.033] GetCurrentObject (hdc=0x38010793, type=0x1) returned 0xb00017
[0178.033] GetCurrentObject (hdc=0x38010793, type=0x2) returned 0x900010
[0178.033] GetCurrentObject (hdc=0x38010793, type=0x7) returned 0x4a0507fe
[0178.033] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.033] SaveDC (hdc=0x38010793) returned 1
[0178.034] GetNearestColor (hdc=0x38010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.034] GetNearestColor (hdc=0x38010793, color=0xa0a0a0) returned 0xa0a0a0
[0178.034] GetNearestColor (hdc=0x38010793, color=0x696969) returned 0x696969
[0178.034] GetNearestColor (hdc=0x38010793, color=0xa0a0a0) returned 0xa0a0a0
[0178.034] GetNearestColor (hdc=0x38010793, color=0x0) returned 0x0
[0178.034] GetNearestColor (hdc=0x38010793, color=0xffffff) returned 0xffffff
[0178.034] GetNearestColor (hdc=0x38010793, color=0xe5e5e5) returned 0xe5e5e5
[0178.034] GetNearestColor (hdc=0x38010793, color=0xd7d7d7) returned 0xd7d7d7
[0178.034] GetNearestColor (hdc=0x38010793, color=0x0) returned 0x0
[0178.034] RestoreDC (hdc=0x38010793, nSavedDC=-1) returned 1
[0178.034] GdipReleaseDC (graphics=0x6600030, hdc=0x38010793) returned 0x0
[0178.034] IsAppThemed () returned 0x1
[0178.034] GetThemeAppProperties () returned 0x3
[0178.034] GetThemeAppProperties () returned 0x3
[0178.034] IsAppThemed () returned 0x1
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2cef368 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0178.035] IsAppThemed () returned 0x1
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] IsAppThemed () returned 0x1
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] IsAppThemed () returned 0x1
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] IsAppThemed () returned 0x1
[0178.035] GetThemeAppProperties () returned 0x3
[0178.035] GetThemeAppProperties () returned 0x3
[0178.036] IsThemePartDefined () returned 0x1
[0178.036] IsAppThemed () returned 0x1
[0178.036] GetThemeAppProperties () returned 0x3
[0178.036] GetThemeAppProperties () returned 0x3
[0178.036] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0178.036] IsAppThemed () returned 0x1
[0178.036] GetThemeAppProperties () returned 0x3
[0178.036] GetThemeAppProperties () returned 0x3
[0178.036] IsAppThemed () returned 0x1
[0178.036] GetThemeAppProperties () returned 0x3
[0178.036] GetThemeAppProperties () returned 0x3
[0178.036] IsThemePartDefined () returned 0x1
[0178.036] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0178.036] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0178.036] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0178.037] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0178.037] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dfe4) returned 0x0
[0178.037] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0178.037] LocalFree (hMem=0x11eecc8) returned 0x0
[0178.037] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0178.037] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.037] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0178.037] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0178.037] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0178.037] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0178.037] GdipDeleteRegion (region=0x6646448) returned 0x0
[0178.037] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0178.037] GetCurrentObject (hdc=0x38010793, type=0x1) returned 0xb00017
[0178.037] GetCurrentObject (hdc=0x38010793, type=0x2) returned 0x900010
[0178.037] GetCurrentObject (hdc=0x38010793, type=0x7) returned 0x4a0507fe
[0178.037] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.037] SaveDC (hdc=0x38010793) returned 1
[0178.037] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4c0407de
[0178.038] GetClipRgn (hdc=0x38010793, hrgn=0x4c0407de) returned 0
[0178.038] SelectClipRgn (hdc=0x38010793, hrgn=0xca040807) returned 2
[0178.038] DeleteObject (ho=0x4c0407de) returned 1
[0178.038] DeleteObject (ho=0xca040807) returned 1
[0178.038] OffsetViewportOrgEx (in: hdc=0x38010793, x=0, y=0, lppt=0x2cefa18 | out: lppt=0x2cefa18) returned 1
[0178.038] DrawThemeParentBackground () returned 0x0
[0178.038] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0178.038] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0178.038] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.038] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.038] GetSystemMetrics (nIndex=42) returned 0
[0178.038] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.038] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0178.038] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0178.038] GetCurrentObject (hdc=0x38010793, type=0x1) returned 0xb00017
[0178.038] GetCurrentObject (hdc=0x38010793, type=0x2) returned 0x900010
[0178.038] GetCurrentObject (hdc=0x38010793, type=0x7) returned 0x4a0507fe
[0178.039] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.039] SaveDC (hdc=0x38010793) returned 2
[0178.039] GetNearestColor (hdc=0x38010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.039] CreateSolidBrush (color=0xf0f0f0) returned 0x9a1007e1
[0178.039] FillRect (hDC=0x38010793, lprc=0xd7da30, hbr=0x9a1007e1) returned 1
[0178.039] DeleteObject (ho=0x9a1007e1) returned 1
[0178.039] RestoreDC (hdc=0x38010793, nSavedDC=-1) returned 1
[0178.039] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.039] GetSystemMetrics (nIndex=42) returned 0
[0178.039] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0178.039] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0178.039] GetCurrentObject (hdc=0x38010793, type=0x1) returned 0xb00017
[0178.039] GetCurrentObject (hdc=0x38010793, type=0x2) returned 0x900010
[0178.040] GetCurrentObject (hdc=0x38010793, type=0x7) returned 0x4a0507fe
[0178.040] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.040] SaveDC (hdc=0x38010793) returned 2
[0178.040] GetNearestColor (hdc=0x38010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.040] CreateSolidBrush (color=0xf0f0f0) returned 0x9b1007e1
[0178.040] FillRect (hDC=0x38010793, lprc=0xd7d9d0, hbr=0x9b1007e1) returned 1
[0178.040] DeleteObject (ho=0x9b1007e1) returned 1
[0178.040] RestoreDC (hdc=0x38010793, nSavedDC=-1) returned 1
[0178.040] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.040] GetSystemMetrics (nIndex=42) returned 0
[0178.040] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0178.041] RestoreDC (hdc=0x38010793, nSavedDC=-1) returned 1
[0178.041] GdipReleaseDC (graphics=0x6600030, hdc=0x38010793) returned 0x0
[0178.041] IsAppThemed () returned 0x1
[0178.041] GetThemeAppProperties () returned 0x3
[0178.041] GetThemeAppProperties () returned 0x3
[0178.041] IsAppThemed () returned 0x1
[0178.041] GetThemeAppProperties () returned 0x3
[0178.041] GetThemeAppProperties () returned 0x3
[0178.041] IsThemePartDefined () returned 0x1
[0178.041] GdipCreateRegion (region=0xd7df50) returned 0x0
[0178.041] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0178.041] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0178.041] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0178.041] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0178.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0178.041] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0178.041] LocalFree (hMem=0x11eec58) returned 0x0
[0178.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0178.041] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0178.042] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.042] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0178.042] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0178.042] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df80) returned 0x0
[0178.042] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0178.042] GdipDeleteRegion (region=0x6646298) returned 0x0
[0178.042] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0178.042] GetCurrentObject (hdc=0x38010793, type=0x1) returned 0xb00017
[0178.042] GetCurrentObject (hdc=0x38010793, type=0x2) returned 0x900010
[0178.042] GetCurrentObject (hdc=0x38010793, type=0x7) returned 0x4a0507fe
[0178.042] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.042] SaveDC (hdc=0x38010793) returned 1
[0178.042] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcb040807
[0178.042] GetClipRgn (hdc=0x38010793, hrgn=0xcb040807) returned 0
[0178.042] SelectClipRgn (hdc=0x38010793, hrgn=0x4e0407de) returned 2
[0178.043] DeleteObject (ho=0xcb040807) returned 1
[0178.043] DeleteObject (ho=0x4e0407de) returned 1
[0178.043] OffsetViewportOrgEx (in: hdc=0x38010793, x=0, y=0, lppt=0x2cf02c4 | out: lppt=0x2cf02c4) returned 1
[0178.043] IsAppThemed () returned 0x1
[0178.043] GetThemeAppProperties () returned 0x3
[0178.043] GetThemeAppProperties () returned 0x3
[0178.043] DrawThemeBackground () returned 0x0
[0178.043] RestoreDC (hdc=0x38010793, nSavedDC=-1) returned 1
[0178.043] GdipReleaseDC (graphics=0x6600030, hdc=0x38010793) returned 0x0
[0178.043] GdipCreateRegion (region=0xd7df54) returned 0x0
[0178.043] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0178.043] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0178.043] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0178.043] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df6c) returned 0x0
[0178.043] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0178.043] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0178.044] LocalFree (hMem=0x11eec58) returned 0x0
[0178.044] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0178.044] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0178.044] LocalFree (hMem=0x11eea60) returned 0x0
[0178.044] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0178.044] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df94) returned 0x0
[0178.044] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df84) returned 0x0
[0178.044] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0178.044] GdipDeleteRegion (region=0x6646298) returned 0x0
[0178.044] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0178.044] GetCurrentObject (hdc=0x38010793, type=0x1) returned 0xb00017
[0178.044] GetCurrentObject (hdc=0x38010793, type=0x2) returned 0x900010
[0178.044] GetCurrentObject (hdc=0x38010793, type=0x7) returned 0x4a0507fe
[0178.044] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.044] SaveDC (hdc=0x38010793) returned 1
[0178.045] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4f0407de
[0178.045] GetClipRgn (hdc=0x38010793, hrgn=0x4f0407de) returned 0
[0178.045] SelectClipRgn (hdc=0x38010793, hrgn=0xcc040807) returned 2
[0178.045] DeleteObject (ho=0x4f0407de) returned 1
[0178.045] DeleteObject (ho=0xcc040807) returned 1
[0178.045] OffsetViewportOrgEx (in: hdc=0x38010793, x=0, y=0, lppt=0x2cf0598 | out: lppt=0x2cf0598) returned 1
[0178.045] IsAppThemed () returned 0x1
[0178.045] GetThemeAppProperties () returned 0x3
[0178.045] GetThemeAppProperties () returned 0x3
[0178.045] GetThemeBackgroundContentRect () returned 0x0
[0178.045] RestoreDC (hdc=0x38010793, nSavedDC=-1) returned 1
[0178.045] GdipReleaseDC (graphics=0x6600030, hdc=0x38010793) returned 0x0
[0178.045] IsAppThemed () returned 0x1
[0178.045] GetThemeAppProperties () returned 0x3
[0178.045] GetThemeAppProperties () returned 0x3
[0178.045] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0178.045] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0178.045] GetCurrentObject (hdc=0x38010793, type=0x1) returned 0xb00017
[0178.046] GetCurrentObject (hdc=0x38010793, type=0x2) returned 0x900010
[0178.046] GetCurrentObject (hdc=0x38010793, type=0x7) returned 0x4a0507fe
[0178.046] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.046] SaveDC (hdc=0x38010793) returned 1
[0178.046] GetTextAlign (hdc=0x38010793) returned 0x0
[0178.046] GetTextColor (hdc=0x38010793) returned 0x0
[0178.046] GetCurrentObject (hdc=0x38010793, type=0x6) returned 0x8a01c2
[0178.046] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0178.046] SelectObject (hdc=0x38010793, h=0x6d0a0520) returned 0x8a01c2
[0178.046] GetBkMode (hdc=0x38010793) returned 2
[0178.046] SetBkMode (hdc=0x38010793, mode=1) returned 2
[0178.046] DrawTextExW (in: hdc=0x38010793, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2cf0938 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0178.047] DrawTextExW (in: hdc=0x38010793, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2cf0938 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0178.047] RestoreDC (hdc=0x38010793, nSavedDC=-1) returned 1
[0178.047] GdipReleaseDC (graphics=0x6600030, hdc=0x38010793) returned 0x0
[0178.047] GetFocus () returned 0xe013e
[0178.047] IsAppThemed () returned 0x1
[0178.047] GetThemeAppProperties () returned 0x3
[0178.047] GetThemeAppProperties () returned 0x3
[0178.047] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0178.047] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x38010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0178.048] GdipReleaseDC (graphics=0x6600030, hdc=0x38010793) returned 0x0
[0178.048] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.048] SelectObject (hdc=0x38010793, h=0x85000f) returned 0x4a0507fe
[0178.048] DeleteDC (hdc=0x38010793) returned 1
[0178.048] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0178.048] EndPaint (hWnd=0xd02d2, lpPaint=0xd7e24c) returned 1
[0178.048] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.048] IsWindowUnicode (hWnd=0xe02d8) returned 1
[0178.048] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.048] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.048] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.049] BeginPaint (in: hWnd=0xe02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0178.049] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.049] CreateCompatibleDC (hdc=0x60100ce) returned 0x3a010793
[0178.049] SelectObject (hdc=0x3a010793, h=0x4a0507fe) returned 0x85000f
[0178.049] GdipCreateFromHDC (hdc=0x3a010793, graphics=0xd7e268) returned 0x0
[0178.049] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0178.049] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0178.049] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0178.049] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0178.050] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0178.050] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0178.050] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0178.050] LocalFree (hMem=0x11ee8d8) returned 0x0
[0178.050] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0178.050] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0178.050] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0178.050] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0178.050] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0178.050] GdipRestoreGraphics (graphics=0x6600030, state=0xfbee0dbd) returned 0x0
[0178.050] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0178.050] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0178.050] GetCurrentObject (hdc=0x3a010793, type=0x1) returned 0xb00017
[0178.050] GetCurrentObject (hdc=0x3a010793, type=0x2) returned 0x900010
[0178.050] GetCurrentObject (hdc=0x3a010793, type=0x7) returned 0x4a0507fe
[0178.050] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.050] SaveDC (hdc=0x3a010793) returned 1
[0178.051] GetNearestColor (hdc=0x3a010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.051] GetNearestColor (hdc=0x3a010793, color=0xa0a0a0) returned 0xa0a0a0
[0178.051] GetNearestColor (hdc=0x3a010793, color=0x696969) returned 0x696969
[0178.051] GetNearestColor (hdc=0x3a010793, color=0xa0a0a0) returned 0xa0a0a0
[0178.051] GetNearestColor (hdc=0x3a010793, color=0x0) returned 0x0
[0178.051] GetNearestColor (hdc=0x3a010793, color=0xffffff) returned 0xffffff
[0178.051] GetNearestColor (hdc=0x3a010793, color=0xe5e5e5) returned 0xe5e5e5
[0178.051] GetNearestColor (hdc=0x3a010793, color=0xd7d7d7) returned 0xd7d7d7
[0178.051] GetNearestColor (hdc=0x3a010793, color=0x0) returned 0x0
[0178.051] RestoreDC (hdc=0x3a010793, nSavedDC=-1) returned 1
[0178.051] GdipReleaseDC (graphics=0x6600030, hdc=0x3a010793) returned 0x0
[0178.051] IsAppThemed () returned 0x1
[0178.052] GetThemeAppProperties () returned 0x3
[0178.052] GetThemeAppProperties () returned 0x3
[0178.052] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0178.052] SendMessageW (hWnd=0xc02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0178.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0178.052] IsAppThemed () returned 0x1
[0178.052] GetThemeAppProperties () returned 0x3
[0178.052] GetThemeAppProperties () returned 0x3
[0178.052] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2cf1148 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0178.052] IsAppThemed () returned 0x1
[0178.052] GetThemeAppProperties () returned 0x3
[0178.052] GetThemeAppProperties () returned 0x3
[0178.052] IsAppThemed () returned 0x1
[0178.052] GetThemeAppProperties () returned 0x3
[0178.052] GetThemeAppProperties () returned 0x3
[0178.053] GetFocus () returned 0xe013e
[0178.053] IsAppThemed () returned 0x1
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] IsAppThemed () returned 0x1
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] IsThemePartDefined () returned 0x1
[0178.053] IsAppThemed () returned 0x1
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0178.053] IsAppThemed () returned 0x1
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] IsAppThemed () returned 0x1
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] GetThemeAppProperties () returned 0x3
[0178.053] IsThemePartDefined () returned 0x1
[0178.053] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0178.053] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0178.054] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0178.054] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0178.054] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dff0) returned 0x0
[0178.054] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0178.054] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee8d8) returned 0x0
[0178.054] LocalFree (hMem=0x11ee8d8) returned 0x0
[0178.054] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0178.054] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0178.054] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.054] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0178.054] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0178.054] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0178.054] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0178.054] GdipDeleteRegion (region=0x6646298) returned 0x0
[0178.054] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0178.054] GetCurrentObject (hdc=0x3a010793, type=0x1) returned 0xb00017
[0178.054] GetCurrentObject (hdc=0x3a010793, type=0x2) returned 0x900010
[0178.055] GetCurrentObject (hdc=0x3a010793, type=0x7) returned 0x4a0507fe
[0178.055] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.055] SaveDC (hdc=0x3a010793) returned 1
[0178.055] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcd040807
[0178.055] GetClipRgn (hdc=0x3a010793, hrgn=0xcd040807) returned 0
[0178.055] SelectClipRgn (hdc=0x3a010793, hrgn=0x530407de) returned 2
[0178.055] DeleteObject (ho=0xcd040807) returned 1
[0178.055] DeleteObject (ho=0x530407de) returned 1
[0178.055] OffsetViewportOrgEx (in: hdc=0x3a010793, x=0, y=0, lppt=0x2cf17f8 | out: lppt=0x2cf17f8) returned 1
[0178.055] DrawThemeParentBackground () returned 0x0
[0178.055] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0178.056] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0178.056] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.056] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.057] GetSystemMetrics (nIndex=42) returned 0
[0178.057] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0178.057] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0178.057] GetCurrentObject (hdc=0x3a010793, type=0x1) returned 0xb00017
[0178.057] GetCurrentObject (hdc=0x3a010793, type=0x2) returned 0x900010
[0178.057] GetCurrentObject (hdc=0x3a010793, type=0x7) returned 0x4a0507fe
[0178.057] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.057] SaveDC (hdc=0x3a010793) returned 2
[0178.057] GetNearestColor (hdc=0x3a010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.057] CreateSolidBrush (color=0xf0f0f0) returned 0x9c1007e1
[0178.057] FillRect (hDC=0x3a010793, lprc=0xd7da38, hbr=0x9c1007e1) returned 1
[0178.057] DeleteObject (ho=0x9c1007e1) returned 1
[0178.057] RestoreDC (hdc=0x3a010793, nSavedDC=-1) returned 1
[0178.058] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.058] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.058] GetSystemMetrics (nIndex=42) returned 0
[0178.058] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.058] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0178.058] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0178.058] GetCurrentObject (hdc=0x3a010793, type=0x1) returned 0xb00017
[0178.058] GetCurrentObject (hdc=0x3a010793, type=0x2) returned 0x900010
[0178.058] GetCurrentObject (hdc=0x3a010793, type=0x7) returned 0x4a0507fe
[0178.058] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.058] SaveDC (hdc=0x3a010793) returned 2
[0178.058] GetNearestColor (hdc=0x3a010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.058] CreateSolidBrush (color=0xf0f0f0) returned 0x9d1007e1
[0178.058] FillRect (hDC=0x3a010793, lprc=0xd7d9d8, hbr=0x9d1007e1) returned 1
[0178.058] DeleteObject (ho=0x9d1007e1) returned 1
[0178.058] RestoreDC (hdc=0x3a010793, nSavedDC=-1) returned 1
[0178.058] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.059] GetSystemMetrics (nIndex=42) returned 0
[0178.059] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0178.059] RestoreDC (hdc=0x3a010793, nSavedDC=-1) returned 1
[0178.059] GdipReleaseDC (graphics=0x6600030, hdc=0x3a010793) returned 0x0
[0178.059] IsAppThemed () returned 0x1
[0178.059] GetThemeAppProperties () returned 0x3
[0178.059] GetThemeAppProperties () returned 0x3
[0178.059] IsAppThemed () returned 0x1
[0178.097] GetThemeAppProperties () returned 0x3
[0178.097] GetThemeAppProperties () returned 0x3
[0178.097] IsThemePartDefined () returned 0x1
[0178.097] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0178.097] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0178.097] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0178.097] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0178.097] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0178.097] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0178.098] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0178.098] LocalFree (hMem=0x11ee8d8) returned 0x0
[0178.098] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0178.098] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0178.098] LocalFree (hMem=0x11ee788) returned 0x0
[0178.098] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0178.098] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0178.098] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0178.098] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0178.098] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0178.098] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0178.098] GetCurrentObject (hdc=0x3a010793, type=0x1) returned 0xb00017
[0178.098] GetCurrentObject (hdc=0x3a010793, type=0x2) returned 0x900010
[0178.098] GetCurrentObject (hdc=0x3a010793, type=0x7) returned 0x4a0507fe
[0178.098] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.098] SaveDC (hdc=0x3a010793) returned 1
[0178.099] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x540407de
[0178.099] GetClipRgn (hdc=0x3a010793, hrgn=0x540407de) returned 0
[0178.099] SelectClipRgn (hdc=0x3a010793, hrgn=0xcf040807) returned 2
[0178.099] DeleteObject (ho=0x540407de) returned 1
[0178.099] DeleteObject (ho=0xcf040807) returned 1
[0178.099] OffsetViewportOrgEx (in: hdc=0x3a010793, x=0, y=0, lppt=0x2cf20a4 | out: lppt=0x2cf20a4) returned 1
[0178.099] IsAppThemed () returned 0x1
[0178.099] GetThemeAppProperties () returned 0x3
[0178.099] GetThemeAppProperties () returned 0x3
[0178.099] DrawThemeBackground () returned 0x0
[0178.099] RestoreDC (hdc=0x3a010793, nSavedDC=-1) returned 1
[0178.099] GdipReleaseDC (graphics=0x6600030, hdc=0x3a010793) returned 0x0
[0178.099] GdipCreateRegion (region=0xd7df60) returned 0x0
[0178.099] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0178.099] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0178.100] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0178.100] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0178.100] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0178.100] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee910) returned 0x0
[0178.100] LocalFree (hMem=0x11ee910) returned 0x0
[0178.100] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0178.100] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0178.100] LocalFree (hMem=0x11eead0) returned 0x0
[0178.100] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0178.100] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0178.100] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0178.100] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0178.100] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0178.100] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0178.100] GetCurrentObject (hdc=0x3a010793, type=0x1) returned 0xb00017
[0178.100] GetCurrentObject (hdc=0x3a010793, type=0x2) returned 0x900010
[0178.100] GetCurrentObject (hdc=0x3a010793, type=0x7) returned 0x4a0507fe
[0178.101] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.101] SaveDC (hdc=0x3a010793) returned 1
[0178.101] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd0040807
[0178.101] GetClipRgn (hdc=0x3a010793, hrgn=0xd0040807) returned 0
[0178.101] SelectClipRgn (hdc=0x3a010793, hrgn=0x550407de) returned 2
[0178.101] DeleteObject (ho=0xd0040807) returned 1
[0178.101] DeleteObject (ho=0x550407de) returned 1
[0178.101] OffsetViewportOrgEx (in: hdc=0x3a010793, x=0, y=0, lppt=0x2cf2378 | out: lppt=0x2cf2378) returned 1
[0178.101] IsAppThemed () returned 0x1
[0178.101] GetThemeAppProperties () returned 0x3
[0178.101] GetThemeAppProperties () returned 0x3
[0178.101] GetThemeBackgroundContentRect () returned 0x0
[0178.101] RestoreDC (hdc=0x3a010793, nSavedDC=-1) returned 1
[0178.101] GdipReleaseDC (graphics=0x6600030, hdc=0x3a010793) returned 0x0
[0178.101] IsAppThemed () returned 0x1
[0178.101] GetThemeAppProperties () returned 0x3
[0178.101] GetThemeAppProperties () returned 0x3
[0178.102] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0178.102] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0178.102] GetCurrentObject (hdc=0x3a010793, type=0x1) returned 0xb00017
[0178.102] GetCurrentObject (hdc=0x3a010793, type=0x2) returned 0x900010
[0178.102] GetCurrentObject (hdc=0x3a010793, type=0x7) returned 0x4a0507fe
[0178.102] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.102] SaveDC (hdc=0x3a010793) returned 1
[0178.102] GetTextAlign (hdc=0x3a010793) returned 0x0
[0178.102] GetTextColor (hdc=0x3a010793) returned 0x0
[0178.102] GetCurrentObject (hdc=0x3a010793, type=0x6) returned 0x8a01c2
[0178.102] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0178.102] SelectObject (hdc=0x3a010793, h=0x6d0a0520) returned 0x8a01c2
[0178.102] GetBkMode (hdc=0x3a010793) returned 2
[0178.102] SetBkMode (hdc=0x3a010793, mode=1) returned 2
[0178.103] DrawTextExW (in: hdc=0x3a010793, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2cf2718 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0178.103] DrawTextExW (in: hdc=0x3a010793, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cf2718 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0178.103] RestoreDC (hdc=0x3a010793, nSavedDC=-1) returned 1
[0178.103] GdipReleaseDC (graphics=0x6600030, hdc=0x3a010793) returned 0x0
[0178.103] GetFocus () returned 0xe013e
[0178.103] IsAppThemed () returned 0x1
[0178.103] GetThemeAppProperties () returned 0x3
[0178.103] GetThemeAppProperties () returned 0x3
[0178.103] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0178.104] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x3a010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0178.104] GdipReleaseDC (graphics=0x6600030, hdc=0x3a010793) returned 0x0
[0178.104] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.104] SelectObject (hdc=0x3a010793, h=0x85000f) returned 0x4a0507fe
[0178.104] DeleteDC (hdc=0x3a010793) returned 1
[0178.104] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0178.104] EndPaint (hWnd=0xe02d8, lpPaint=0xd7e24c) returned 1
[0178.104] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0178.105] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.106] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.106] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0178.107] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.107] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.107] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.108] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0178.108] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.109] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.109] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.109] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.109] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.110] IsWindowUnicode (hWnd=0x602c4) returned 1
[0178.110] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.110] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.110] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.110] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0178.110] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.110] CreateCompatibleDC (hdc=0x10105d6) returned 0x3c010793
[0178.110] SelectObject (hdc=0x3c010793, h=0x4a0507fe) returned 0x85000f
[0178.110] GdipCreateFromHDC (hdc=0x3c010793, graphics=0xd7e268) returned 0x0
[0178.110] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0178.110] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0178.111] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0178.111] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0178.111] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0178.111] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0178.111] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0178.111] LocalFree (hMem=0x11eec58) returned 0x0
[0178.111] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0178.111] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0178.111] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0178.111] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0178.111] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0178.111] GdipRestoreGraphics (graphics=0x6600030, state=0xfbec0dbd) returned 0x0
[0178.111] GdipDeleteRegion (region=0x6646718) returned 0x0
[0178.111] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0178.111] GetCurrentObject (hdc=0x3c010793, type=0x1) returned 0xb00017
[0178.111] GetCurrentObject (hdc=0x3c010793, type=0x2) returned 0x900010
[0178.111] GetCurrentObject (hdc=0x3c010793, type=0x7) returned 0x4a0507fe
[0178.112] GetCurrentObject (hdc=0x3c010793, type=0x6) returned 0x8a01c2
[0178.112] SaveDC (hdc=0x3c010793) returned 1
[0178.112] GetNearestColor (hdc=0x3c010793, color=0xff) returned 0xff
[0178.112] GetNearestColor (hdc=0x3c010793, color=0x55) returned 0x55
[0178.112] GetNearestColor (hdc=0x3c010793, color=0x0) returned 0x0
[0178.112] GetNearestColor (hdc=0x3c010793, color=0x55) returned 0x55
[0178.112] GetNearestColor (hdc=0x3c010793, color=0x0) returned 0x0
[0178.112] GetNearestColor (hdc=0x3c010793, color=0x8080ff) returned 0x8080ff
[0178.112] GetNearestColor (hdc=0x3c010793, color=0x7373e5) returned 0x7373e5
[0178.112] GetNearestColor (hdc=0x3c010793, color=0xe5) returned 0xe5
[0178.112] GetNearestColor (hdc=0x3c010793, color=0x0) returned 0x0
[0178.112] RestoreDC (hdc=0x3c010793, nSavedDC=-1) returned 1
[0178.112] GdipReleaseDC (graphics=0x6600030, hdc=0x3c010793) returned 0x0
[0178.112] IsAppThemed () returned 0x1
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] IsAppThemed () returned 0x1
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2cf2ee0 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0178.113] IsAppThemed () returned 0x1
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] IsAppThemed () returned 0x1
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] GetThemeAppProperties () returned 0x3
[0178.113] GetFocus () returned 0xe013e
[0178.113] IsAppThemed () returned 0x1
[0178.113] GetThemeAppProperties () returned 0x3
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] IsAppThemed () returned 0x1
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] IsThemePartDefined () returned 0x1
[0178.114] IsAppThemed () returned 0x1
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0178.114] IsAppThemed () returned 0x1
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] IsAppThemed () returned 0x1
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] GetThemeAppProperties () returned 0x3
[0178.114] IsThemePartDefined () returned 0x1
[0178.114] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0178.114] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0178.114] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0178.114] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0178.114] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0178.114] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0178.115] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea98) returned 0x0
[0178.115] LocalFree (hMem=0x11eea98) returned 0x0
[0178.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0178.115] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0178.115] LocalFree (hMem=0x11eed00) returned 0x0
[0178.115] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0178.115] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e018) returned 0x0
[0178.115] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e008) returned 0x0
[0178.115] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0178.115] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0178.115] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0178.115] GetCurrentObject (hdc=0x3c010793, type=0x1) returned 0xb00017
[0178.115] GetCurrentObject (hdc=0x3c010793, type=0x2) returned 0x900010
[0178.115] GetCurrentObject (hdc=0x3c010793, type=0x7) returned 0x4a0507fe
[0178.115] GetCurrentObject (hdc=0x3c010793, type=0x6) returned 0x8a01c2
[0178.115] SaveDC (hdc=0x3c010793) returned 1
[0178.116] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x560407de
[0178.116] GetClipRgn (hdc=0x3c010793, hrgn=0x560407de) returned 0
[0178.116] SelectClipRgn (hdc=0x3c010793, hrgn=0xd4040807) returned 2
[0178.116] DeleteObject (ho=0x560407de) returned 1
[0178.116] DeleteObject (ho=0xd4040807) returned 1
[0178.116] OffsetViewportOrgEx (in: hdc=0x3c010793, x=0, y=0, lppt=0x2cf3590 | out: lppt=0x2cf3590) returned 1
[0178.116] DrawThemeParentBackground () returned 0x0
[0178.116] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0178.116] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0178.116] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0178.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.116] GetSystemMetrics (nIndex=42) returned 0
[0178.116] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0178.117] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0178.117] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0178.117] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0178.117] SelectPalette (hdc=0x3c010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.117] GdipCreateFromHDC (hdc=0x3c010793, graphics=0xd7dac8) returned 0x0
[0178.118] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0178.118] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0178.118] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638a88) returned 0x0
[0178.118] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7daa0) returned 0x0
[0178.118] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0178.118] GdipCreateRegion (region=0xd7da88) returned 0x0
[0178.118] GdipGetClip (graphics=0x66472f8, region=0x6646958) returned 0x0
[0178.118] GdipIsInfiniteRegion (region=0x6646958, graphics=0x66472f8, result=0xd7da94) returned 0x0
[0178.118] GdipDeleteRegion (region=0x6646958) returned 0x0
[0178.118] GdipSaveGraphics (graphics=0x66472f8, state=0xd7dac0) returned 0x0
[0178.118] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0178.214] GdipFillRectangleI (graphics=0x66472f8, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0178.214] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0178.216] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0178.216] SelectPalette (hdc=0x3c010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.216] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0178.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.216] GetSystemMetrics (nIndex=42) returned 0
[0178.216] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0178.216] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0178.216] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0178.216] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0178.216] SelectPalette (hdc=0x3c010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.216] GdipCreateFromHDC (hdc=0x3c010793, graphics=0xd7da68) returned 0x0
[0178.217] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0178.217] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0178.217] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638b18) returned 0x0
[0178.217] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7da40) returned 0x0
[0178.217] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0178.217] GdipCreateRegion (region=0xd7da28) returned 0x0
[0178.217] GdipGetClip (graphics=0x66472f8, region=0x66469e8) returned 0x0
[0178.217] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x66472f8, result=0xd7da34) returned 0x0
[0178.217] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0178.217] GdipSaveGraphics (graphics=0x66472f8, state=0xd7da60) returned 0x0
[0178.217] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0178.228] GdipFillRectangleI (graphics=0x66472f8, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0178.229] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0178.230] GdipRestoreGraphics (graphics=0x66472f8, state=0xfbe80dbd) returned 0x0
[0178.230] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0178.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.230] GetSystemMetrics (nIndex=42) returned 0
[0178.230] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0178.230] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0178.230] SelectPalette (hdc=0x3c010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.231] RestoreDC (hdc=0x3c010793, nSavedDC=-1) returned 1
[0178.231] GdipReleaseDC (graphics=0x6600030, hdc=0x3c010793) returned 0x0
[0178.231] IsAppThemed () returned 0x1
[0178.231] GetThemeAppProperties () returned 0x3
[0178.231] GetThemeAppProperties () returned 0x3
[0178.231] IsAppThemed () returned 0x1
[0178.231] GetThemeAppProperties () returned 0x3
[0178.231] GetThemeAppProperties () returned 0x3
[0178.231] IsThemePartDefined () returned 0x1
[0178.231] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0178.231] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0178.231] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0178.231] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0178.231] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0178.236] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0178.236] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0178.236] LocalFree (hMem=0x11ee788) returned 0x0
[0178.236] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0178.236] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0178.236] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.236] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0178.236] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0178.237] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0178.237] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0178.237] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0178.237] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0178.237] GetCurrentObject (hdc=0x3c010793, type=0x1) returned 0xb00017
[0178.237] GetCurrentObject (hdc=0x3c010793, type=0x2) returned 0x900010
[0178.237] GetCurrentObject (hdc=0x3c010793, type=0x7) returned 0x4a0507fe
[0178.237] GetCurrentObject (hdc=0x3c010793, type=0x6) returned 0x8a01c2
[0178.237] SaveDC (hdc=0x3c010793) returned 1
[0178.237] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd5040807
[0178.237] GetClipRgn (hdc=0x3c010793, hrgn=0xd5040807) returned 0
[0178.237] SelectClipRgn (hdc=0x3c010793, hrgn=0x580407de) returned 2
[0178.237] DeleteObject (ho=0xd5040807) returned 1
[0178.237] DeleteObject (ho=0x580407de) returned 1
[0178.237] OffsetViewportOrgEx (in: hdc=0x3c010793, x=0, y=0, lppt=0x2cf9de0 | out: lppt=0x2cf9de0) returned 1
[0178.237] IsAppThemed () returned 0x1
[0178.237] GetThemeAppProperties () returned 0x3
[0178.237] GetThemeAppProperties () returned 0x3
[0178.237] DrawThemeBackground () returned 0x0
[0178.237] RestoreDC (hdc=0x3c010793, nSavedDC=-1) returned 1
[0178.238] GdipReleaseDC (graphics=0x6600030, hdc=0x3c010793) returned 0x0
[0178.238] GdipCreateRegion (region=0xd7df60) returned 0x0
[0178.238] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0178.238] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0178.238] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0178.238] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0178.238] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0178.238] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0178.238] LocalFree (hMem=0x11eec58) returned 0x0
[0178.238] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0178.238] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0178.238] LocalFree (hMem=0x11eec58) returned 0x0
[0178.238] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0178.238] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0178.238] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0178.238] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0178.238] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0178.238] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0178.238] GetCurrentObject (hdc=0x3c010793, type=0x1) returned 0xb00017
[0178.238] GetCurrentObject (hdc=0x3c010793, type=0x2) returned 0x900010
[0178.238] GetCurrentObject (hdc=0x3c010793, type=0x7) returned 0x4a0507fe
[0178.238] GetCurrentObject (hdc=0x3c010793, type=0x6) returned 0x8a01c2
[0178.239] SaveDC (hdc=0x3c010793) returned 1
[0178.239] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x590407de
[0178.239] GetClipRgn (hdc=0x3c010793, hrgn=0x590407de) returned 0
[0178.239] SelectClipRgn (hdc=0x3c010793, hrgn=0xd6040807) returned 2
[0178.239] DeleteObject (ho=0x590407de) returned 1
[0178.239] DeleteObject (ho=0xd6040807) returned 1
[0178.239] OffsetViewportOrgEx (in: hdc=0x3c010793, x=0, y=0, lppt=0x2cfa0b4 | out: lppt=0x2cfa0b4) returned 1
[0178.239] IsAppThemed () returned 0x1
[0178.239] GetThemeAppProperties () returned 0x3
[0178.239] GetThemeAppProperties () returned 0x3
[0178.239] GetThemeBackgroundContentRect () returned 0x0
[0178.239] RestoreDC (hdc=0x3c010793, nSavedDC=-1) returned 1
[0178.239] GdipReleaseDC (graphics=0x6600030, hdc=0x3c010793) returned 0x0
[0178.239] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0178.239] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0178.239] GdipFillRectangleI (graphics=0x6600030, brush=0x66472f8, x=4, y=4, width=67, height=15) returned 0x0
[0178.239] GdipDeleteBrush (brush=0x66472f8) returned 0x0
[0178.239] IsAppThemed () returned 0x1
[0178.239] GetThemeAppProperties () returned 0x3
[0178.239] GetThemeAppProperties () returned 0x3
[0178.239] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0178.240] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0178.240] GetCurrentObject (hdc=0x3c010793, type=0x1) returned 0xb00017
[0178.240] GetCurrentObject (hdc=0x3c010793, type=0x2) returned 0x900010
[0178.240] GetCurrentObject (hdc=0x3c010793, type=0x7) returned 0x4a0507fe
[0178.240] GetCurrentObject (hdc=0x3c010793, type=0x6) returned 0x8a01c2
[0178.240] SaveDC (hdc=0x3c010793) returned 1
[0178.240] GetTextAlign (hdc=0x3c010793) returned 0x0
[0178.240] GetTextColor (hdc=0x3c010793) returned 0x0
[0178.240] GetCurrentObject (hdc=0x3c010793, type=0x6) returned 0x8a01c2
[0178.240] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0178.240] SelectObject (hdc=0x3c010793, h=0x6d0a0520) returned 0x8a01c2
[0178.240] GetBkMode (hdc=0x3c010793) returned 2
[0178.240] SetBkMode (hdc=0x3c010793, mode=1) returned 2
[0178.240] DrawTextExW (in: hdc=0x3c010793, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2cfa478 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0178.241] DrawTextExW (in: hdc=0x3c010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cfa478 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0178.241] RestoreDC (hdc=0x3c010793, nSavedDC=-1) returned 1
[0178.241] GdipReleaseDC (graphics=0x6600030, hdc=0x3c010793) returned 0x0
[0178.241] GetFocus () returned 0xe013e
[0178.241] IsAppThemed () returned 0x1
[0178.241] GetThemeAppProperties () returned 0x3
[0178.241] GetThemeAppProperties () returned 0x3
[0178.241] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0178.241] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x3c010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0178.241] GdipReleaseDC (graphics=0x6600030, hdc=0x3c010793) returned 0x0
[0178.241] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.241] SelectObject (hdc=0x3c010793, h=0x85000f) returned 0x4a0507fe
[0178.242] DeleteDC (hdc=0x3c010793) returned 1
[0178.242] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0178.242] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0178.242] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.242] IsWindowUnicode (hWnd=0xd02d2) returned 1
[0178.242] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.242] GetDlgItem (hDlg=0xc02dc, nIDDlgItem=0) returned 0x0
[0178.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x210, wParam=0x201, lParam=0x690109) returned 0x0
[0178.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x21, wParam=0xc02dc, lParam=0x2010001) returned 0x1
[0178.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x21, wParam=0xc02dc, lParam=0x2010001) returned 0x1
[0178.243] SetCursor (hCursor=0x10003) returned 0x10003
[0178.243] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.243] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.243] GetKeyState (nVirtKey=1) returned -127
[0178.243] GetKeyState (nVirtKey=2) returned 0
[0178.243] GetKeyState (nVirtKey=4) returned 0
[0178.243] GetKeyState (nVirtKey=5) returned 0
[0178.243] GetKeyState (nVirtKey=6) returned 0
[0178.243] IsWindowVisible (hWnd=0xd02d2) returned 1
[0178.243] IsWindowEnabled (hWnd=0xd02d2) returned 1
[0178.243] SetFocus (hWnd=0xd02d2) returned 0xe013e
[0178.244] GetFocus () returned 0xd02d2
[0178.244] IsChild (hWndParent=0xc02dc, hWnd=0xd02d2) returned 1
[0178.244] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x8, wParam=0xd02d2, lParam=0x0) returned 0x0
[0178.244] GetCapture () returned 0x0
[0178.244] InvalidateRect (hWnd=0xe013e, lpRect=0x0, bErase=0) returned 1
[0178.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0178.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0178.248] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0178.248] InvalidateRect (hWnd=0xe013e, lpRect=0x0, bErase=0) returned 1
[0178.248] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0178.248] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x7, wParam=0xe013e, lParam=0x0) returned 0x0
[0178.248] GetStockObject (i=5) returned 0x900015
[0178.248] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0178.248] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0178.248] GetDlgItem (hDlg=0xc02dc, nIDDlgItem=852690) returned 0xd02d2
[0178.248] SendMessageW (hWnd=0xd02d2, Msg=0x202b, wParam=0xd02d2, lParam=0xd7dddc) returned 0x0
[0178.248] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x202b, wParam=0xd02d2, lParam=0xd7dddc) returned 0x0
[0178.248] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0178.250] GetFocus () returned 0xd02d2
[0178.250] GetFocus () returned 0xd02d2
[0178.250] GetFocus () returned 0xd02d2
[0178.250] GetKeyState (nVirtKey=1) returned -127
[0178.251] GetKeyState (nVirtKey=2) returned 0
[0178.251] GetKeyState (nVirtKey=4) returned 0
[0178.251] GetKeyState (nVirtKey=5) returned 0
[0178.251] GetKeyState (nVirtKey=6) returned 0
[0178.251] GetCapture () returned 0x0
[0178.251] SetCapture (hWnd=0xd02d2) returned 0x0
[0178.251] GetKeyState (nVirtKey=1) returned -127
[0178.251] GetKeyState (nVirtKey=2) returned 0
[0178.251] GetKeyState (nVirtKey=4) returned 0
[0178.251] GetKeyState (nVirtKey=5) returned 0
[0178.251] GetKeyState (nVirtKey=6) returned 0
[0178.251] NotifyWinEvent (event=0x800a, hwnd=0xd02d2, idObject=-4, idChild=0)
[0178.251] InvalidateRect (hWnd=0xd02d2, lpRect=0xd7e430, bErase=0) returned 1
[0178.251] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.251] IsWindowUnicode (hWnd=0xd02d2) returned 1
[0178.251] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.251] TranslateMessage (lpMsg=0xd7e808) returned 0
[0178.251] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0178.251] MapWindowPoints (in: hWndFrom=0xd02d2, hWndTo=0x0, lpPoints=0x2cfa668, cPoints=0x1 | out: lpPoints=0x2cfa668) returned 30999254
[0178.251] NotifyWinEvent (event=0x800a, hwnd=0xd02d2, idObject=-4, idChild=0)
[0178.251] InvalidateRect (hWnd=0xd02d2, lpRect=0xd7e3d0, bErase=0) returned 1
[0178.251] UpdateWindow (hWnd=0xd02d2) returned 1
[0178.251] BeginPaint (in: hWnd=0xd02d2, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0178.252] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.252] CreateCompatibleDC (hdc=0xf0105ee) returned 0x3d010793
[0178.252] SelectObject (hdc=0x3d010793, h=0x4a0507fe) returned 0x85000f
[0178.252] GdipCreateFromHDC (hdc=0x3d010793, graphics=0xd7df00) returned 0x0
[0178.252] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0178.252] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0178.252] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0178.252] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0178.252] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df60) returned 0x0
[0178.252] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0178.252] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0178.252] LocalFree (hMem=0x11eecc8) returned 0x0
[0178.252] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0178.252] GdipCreateRegion (region=0xd7df48) returned 0x0
[0178.252] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0178.252] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0178.253] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0178.253] GdipRestoreGraphics (graphics=0x6600030, state=0xfbe60dbd) returned 0x0
[0178.253] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0178.253] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0178.253] GetCurrentObject (hdc=0x3d010793, type=0x1) returned 0xb00017
[0178.253] GetCurrentObject (hdc=0x3d010793, type=0x2) returned 0x900010
[0178.253] GetCurrentObject (hdc=0x3d010793, type=0x7) returned 0x4a0507fe
[0178.253] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.253] SaveDC (hdc=0x3d010793) returned 1
[0178.253] GetNearestColor (hdc=0x3d010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.253] GetNearestColor (hdc=0x3d010793, color=0xa0a0a0) returned 0xa0a0a0
[0178.253] GetNearestColor (hdc=0x3d010793, color=0x696969) returned 0x696969
[0178.253] GetNearestColor (hdc=0x3d010793, color=0xa0a0a0) returned 0xa0a0a0
[0178.253] GetNearestColor (hdc=0x3d010793, color=0x0) returned 0x0
[0178.253] GetNearestColor (hdc=0x3d010793, color=0xffffff) returned 0xffffff
[0178.253] GetNearestColor (hdc=0x3d010793, color=0xe5e5e5) returned 0xe5e5e5
[0178.253] GetNearestColor (hdc=0x3d010793, color=0xd7d7d7) returned 0xd7d7d7
[0178.253] GetNearestColor (hdc=0x3d010793, color=0x0) returned 0x0
[0178.253] RestoreDC (hdc=0x3d010793, nSavedDC=-1) returned 1
[0178.254] GdipReleaseDC (graphics=0x6600030, hdc=0x3d010793) returned 0x0
[0178.254] IsAppThemed () returned 0x1
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] IsAppThemed () returned 0x1
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2cfadc0 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0178.254] IsAppThemed () returned 0x1
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] IsAppThemed () returned 0x1
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] IsAppThemed () returned 0x1
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] IsAppThemed () returned 0x1
[0178.254] GetThemeAppProperties () returned 0x3
[0178.254] GetThemeAppProperties () returned 0x3
[0178.255] IsThemePartDefined () returned 0x1
[0178.255] IsAppThemed () returned 0x1
[0178.255] GetThemeAppProperties () returned 0x3
[0178.255] GetThemeAppProperties () returned 0x3
[0178.255] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0178.255] IsAppThemed () returned 0x1
[0178.255] GetThemeAppProperties () returned 0x3
[0178.255] GetThemeAppProperties () returned 0x3
[0178.255] IsAppThemed () returned 0x1
[0178.255] GetThemeAppProperties () returned 0x3
[0178.255] GetThemeAppProperties () returned 0x3
[0178.255] IsThemePartDefined () returned 0x1
[0178.255] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0178.255] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0178.255] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0178.255] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0178.255] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc7c) returned 0x0
[0178.255] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0178.255] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0178.255] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.255] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0178.255] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0178.255] LocalFree (hMem=0x11ee788) returned 0x0
[0178.255] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0178.255] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0178.256] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0178.256] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0178.256] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0178.256] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0178.256] GetCurrentObject (hdc=0x3d010793, type=0x1) returned 0xb00017
[0178.256] GetCurrentObject (hdc=0x3d010793, type=0x2) returned 0x900010
[0178.256] GetCurrentObject (hdc=0x3d010793, type=0x7) returned 0x4a0507fe
[0178.256] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.256] SaveDC (hdc=0x3d010793) returned 1
[0178.256] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd7040807
[0178.256] GetClipRgn (hdc=0x3d010793, hrgn=0xd7040807) returned 0
[0178.256] SelectClipRgn (hdc=0x3d010793, hrgn=0x5d0407de) returned 2
[0178.256] DeleteObject (ho=0xd7040807) returned 1
[0178.256] DeleteObject (ho=0x5d0407de) returned 1
[0178.256] OffsetViewportOrgEx (in: hdc=0x3d010793, x=0, y=0, lppt=0x2cfb470 | out: lppt=0x2cfb470) returned 1
[0178.256] DrawThemeParentBackground () returned 0x0
[0178.257] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0178.257] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0178.257] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.257] GetSystemMetrics (nIndex=42) returned 0
[0178.257] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0178.257] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0178.257] GetCurrentObject (hdc=0x3d010793, type=0x1) returned 0xb00017
[0178.257] GetCurrentObject (hdc=0x3d010793, type=0x2) returned 0x900010
[0178.257] GetCurrentObject (hdc=0x3d010793, type=0x7) returned 0x4a0507fe
[0178.257] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.257] SaveDC (hdc=0x3d010793) returned 2
[0178.257] GetNearestColor (hdc=0x3d010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.257] CreateSolidBrush (color=0xf0f0f0) returned 0x9e1007e1
[0178.257] FillRect (hDC=0x3d010793, lprc=0xd7d6c8, hbr=0x9e1007e1) returned 1
[0178.257] DeleteObject (ho=0x9e1007e1) returned 1
[0178.257] RestoreDC (hdc=0x3d010793, nSavedDC=-1) returned 1
[0178.258] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.258] GetSystemMetrics (nIndex=42) returned 0
[0178.258] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0178.258] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0178.258] GetCurrentObject (hdc=0x3d010793, type=0x1) returned 0xb00017
[0178.258] GetCurrentObject (hdc=0x3d010793, type=0x2) returned 0x900010
[0178.258] GetCurrentObject (hdc=0x3d010793, type=0x7) returned 0x4a0507fe
[0178.258] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.258] SaveDC (hdc=0x3d010793) returned 2
[0178.258] GetNearestColor (hdc=0x3d010793, color=0xf0f0f0) returned 0xf0f0f0
[0178.258] CreateSolidBrush (color=0xf0f0f0) returned 0x9f1007e1
[0178.258] FillRect (hDC=0x3d010793, lprc=0xd7d668, hbr=0x9f1007e1) returned 1
[0178.258] DeleteObject (ho=0x9f1007e1) returned 1
[0178.258] RestoreDC (hdc=0x3d010793, nSavedDC=-1) returned 1
[0178.258] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.258] GetSystemMetrics (nIndex=42) returned 0
[0178.258] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0178.259] RestoreDC (hdc=0x3d010793, nSavedDC=-1) returned 1
[0178.259] GdipReleaseDC (graphics=0x6600030, hdc=0x3d010793) returned 0x0
[0178.259] IsAppThemed () returned 0x1
[0178.259] GetThemeAppProperties () returned 0x3
[0178.259] GetThemeAppProperties () returned 0x3
[0178.259] IsAppThemed () returned 0x1
[0178.259] GetThemeAppProperties () returned 0x3
[0178.259] GetThemeAppProperties () returned 0x3
[0178.259] IsThemePartDefined () returned 0x1
[0178.259] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0178.259] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0178.259] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0178.259] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0178.259] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0178.259] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0178.259] LocalFree (hMem=0x11eecc8) returned 0x0
[0178.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0178.259] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0178.260] LocalFree (hMem=0x11eec58) returned 0x0
[0178.260] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0178.260] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0178.260] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0178.260] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0178.260] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0178.260] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0178.260] GetCurrentObject (hdc=0x3d010793, type=0x1) returned 0xb00017
[0178.260] GetCurrentObject (hdc=0x3d010793, type=0x2) returned 0x900010
[0178.260] GetCurrentObject (hdc=0x3d010793, type=0x7) returned 0x4a0507fe
[0178.260] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.260] SaveDC (hdc=0x3d010793) returned 1
[0178.260] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5e0407de
[0178.260] GetClipRgn (hdc=0x3d010793, hrgn=0x5e0407de) returned 0
[0178.260] SelectClipRgn (hdc=0x3d010793, hrgn=0xd9040807) returned 2
[0178.260] DeleteObject (ho=0x5e0407de) returned 1
[0178.260] DeleteObject (ho=0xd9040807) returned 1
[0178.260] OffsetViewportOrgEx (in: hdc=0x3d010793, x=0, y=0, lppt=0x2cfbd1c | out: lppt=0x2cfbd1c) returned 1
[0178.260] IsAppThemed () returned 0x1
[0178.261] GetThemeAppProperties () returned 0x3
[0178.261] GetThemeAppProperties () returned 0x3
[0178.261] DrawThemeBackground () returned 0x0
[0178.261] RestoreDC (hdc=0x3d010793, nSavedDC=-1) returned 1
[0178.261] GdipReleaseDC (graphics=0x6600030, hdc=0x3d010793) returned 0x0
[0178.261] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0178.261] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0178.261] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0178.261] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0178.261] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc04) returned 0x0
[0178.261] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0178.261] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea98) returned 0x0
[0178.261] LocalFree (hMem=0x11eea98) returned 0x0
[0178.261] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0178.261] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea28) returned 0x0
[0178.261] LocalFree (hMem=0x11eea28) returned 0x0
[0178.261] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0178.261] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0178.261] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0178.261] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0178.261] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0178.262] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0178.262] GetCurrentObject (hdc=0x3d010793, type=0x1) returned 0xb00017
[0178.262] GetCurrentObject (hdc=0x3d010793, type=0x2) returned 0x900010
[0178.262] GetCurrentObject (hdc=0x3d010793, type=0x7) returned 0x4a0507fe
[0178.262] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.262] SaveDC (hdc=0x3d010793) returned 1
[0178.262] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xda040807
[0178.262] GetClipRgn (hdc=0x3d010793, hrgn=0xda040807) returned 0
[0178.262] SelectClipRgn (hdc=0x3d010793, hrgn=0x5f0407de) returned 2
[0178.262] DeleteObject (ho=0xda040807) returned 1
[0178.262] DeleteObject (ho=0x5f0407de) returned 1
[0178.262] OffsetViewportOrgEx (in: hdc=0x3d010793, x=0, y=0, lppt=0x2cfbff0 | out: lppt=0x2cfbff0) returned 1
[0178.262] IsAppThemed () returned 0x1
[0178.262] GetThemeAppProperties () returned 0x3
[0178.262] GetThemeAppProperties () returned 0x3
[0178.262] GetThemeBackgroundContentRect () returned 0x0
[0178.262] RestoreDC (hdc=0x3d010793, nSavedDC=-1) returned 1
[0178.267] GdipReleaseDC (graphics=0x6600030, hdc=0x3d010793) returned 0x0
[0178.267] IsAppThemed () returned 0x1
[0178.267] GetThemeAppProperties () returned 0x3
[0178.267] GetThemeAppProperties () returned 0x3
[0178.267] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0178.267] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0178.267] GetCurrentObject (hdc=0x3d010793, type=0x1) returned 0xb00017
[0178.267] GetCurrentObject (hdc=0x3d010793, type=0x2) returned 0x900010
[0178.267] GetCurrentObject (hdc=0x3d010793, type=0x7) returned 0x4a0507fe
[0178.267] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.267] SaveDC (hdc=0x3d010793) returned 1
[0178.267] GetTextAlign (hdc=0x3d010793) returned 0x0
[0178.267] GetTextColor (hdc=0x3d010793) returned 0x0
[0178.267] GetCurrentObject (hdc=0x3d010793, type=0x6) returned 0x8a01c2
[0178.267] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0178.267] SelectObject (hdc=0x3d010793, h=0x6d0a0520) returned 0x8a01c2
[0178.268] GetBkMode (hdc=0x3d010793) returned 2
[0178.268] SetBkMode (hdc=0x3d010793, mode=1) returned 2
[0178.268] DrawTextExW (in: hdc=0x3d010793, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2cfc390 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0178.268] DrawTextExW (in: hdc=0x3d010793, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2cfc390 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0178.268] RestoreDC (hdc=0x3d010793, nSavedDC=-1) returned 1
[0178.268] GdipReleaseDC (graphics=0x6600030, hdc=0x3d010793) returned 0x0
[0178.268] GetFocus () returned 0xd02d2
[0178.268] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0178.268] SendMessageW (hWnd=0xc02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0178.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0178.268] IsAppThemed () returned 0x1
[0178.269] GetThemeAppProperties () returned 0x3
[0178.269] GetThemeAppProperties () returned 0x3
[0178.269] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0178.269] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x3d010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0178.269] GdipReleaseDC (graphics=0x6600030, hdc=0x3d010793) returned 0x0
[0178.269] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.269] SelectObject (hdc=0x3d010793, h=0x85000f) returned 0x4a0507fe
[0178.269] DeleteDC (hdc=0x3d010793) returned 1
[0178.269] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0178.269] EndPaint (hWnd=0xd02d2, lpPaint=0xd7dee4) returned 1
[0178.269] MapWindowPoints (in: hWndFrom=0xd02d2, hWndTo=0x0, lpPoints=0x2cfc48c, cPoints=0x1 | out: lpPoints=0x2cfc48c) returned 30999254
[0178.269] WindowFromPoint (Point=0x2fe) returned 0xd02d2
[0178.269] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.269] NotifyWinEvent (event=0x800a, hwnd=0xd02d2, idObject=-4, idChild=0)
[0178.269] NotifyWinEvent (event=0x800c, hwnd=0xd02d2, idObject=-4, idChild=0)
[0178.269] GetCapture () returned 0xd02d2
[0178.269] ReleaseCapture () returned 1
[0178.270] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0178.270] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0178.270] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.270] IsWindow (hWnd=0x7005c) returned 1
[0178.270] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0178.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0178.271] IsWindow (hWnd=0xc02dc) returned 1
[0178.271] SetActiveWindow (hWnd=0xc02dc) returned 0xc02dc
[0178.271] IsWindow (hWnd=0xc02dc) returned 1
[0178.271] SetFocus (hWnd=0xc02dc) returned 0xd02d2
[0178.271] GetFocus () returned 0xc02dc
[0178.272] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x8, wParam=0xc02dc, lParam=0x0) returned 0x0
[0178.272] GetCapture () returned 0x0
[0178.272] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0178.272] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0178.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0178.275] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0178.275] GetFocus () returned 0xc02dc
[0178.275] SetFocus (hWnd=0xd02d2) returned 0xc02dc
[0178.275] GetFocus () returned 0xd02d2
[0178.275] IsChild (hWndParent=0xc02dc, hWnd=0xd02d2) returned 1
[0178.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x8, wParam=0xd02d2, lParam=0x0) returned 0x0
[0178.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0178.277] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0178.283] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0178.283] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x7, wParam=0xc02dc, lParam=0x0) returned 0x0
[0178.283] GetStockObject (i=5) returned 0x900015
[0178.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0178.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0178.284] GetDlgItem (hDlg=0xc02dc, nIDDlgItem=852690) returned 0xd02d2
[0178.284] SendMessageW (hWnd=0xd02d2, Msg=0x202b, wParam=0xd02d2, lParam=0xd7ddcc) returned 0x0
[0178.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x202b, wParam=0xd02d2, lParam=0xd7ddcc) returned 0x0
[0178.284] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0178.286] GetWindowLongW (hWnd=0xc02dc, nIndex=-8) returned 458844
[0178.286] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0178.286] GetCurrentThreadId () returned 0xf50
[0178.286] IsWindow (hWnd=0x7005c) returned 1
[0178.286] IsWindow (hWnd=0x7005c) returned 1
[0178.286] IsWindowVisible (hWnd=0x7005c) returned 1
[0178.286] SetActiveWindow (hWnd=0x7005c) returned 0xc02dc
[0178.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0178.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0178.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0178.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0178.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0178.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0178.291] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0178.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0178.291] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0178.291] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0178.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0178.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0178.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0178.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0xc02dc) returned 0x1
[0178.302] GetFocus () returned 0xd02d2
[0178.302] SetFocus (hWnd=0x602c4) returned 0xd02d2
[0178.303] GetFocus () returned 0x602c4
[0178.303] IsChild (hWndParent=0xc02dc, hWnd=0x602c4) returned 0
[0178.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0178.303] GetCapture () returned 0x0
[0178.303] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0178.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0178.305] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0178.306] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0178.306] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0178.306] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0178.306] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0178.307] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0178.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xd02d2, lParam=0x0) returned 0x0
[0178.307] GetStockObject (i=5) returned 0x900015
[0178.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0178.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0178.307] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0178.307] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0178.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0178.307] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0178.312] GetFocus () returned 0x602c4
[0178.312] IsChild (hWndParent=0xc02dc, hWnd=0x602c4) returned 0
[0178.312] ShowWindow (hWnd=0xc02dc, nCmdShow=0) returned 1
[0178.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0178.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0178.314] GetWindowPlacement (in: hWnd=0xc02dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0178.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0178.314] GetClientRect (in: hWnd=0xc02dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0178.314] GetWindowRect (in: hWnd=0xc02dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0178.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0178.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0178.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0178.315] GetWindowLongW (hWnd=0xc02dc, nIndex=-20) returned 327945
[0178.315] DestroyWindow (hWnd=0xc02dc) returned 1
[0178.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0178.316] GetWindowTextLengthW (hWnd=0xc02dc) returned 13
[0178.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.316] GetSystemMetrics (nIndex=42) returned 0
[0178.316] GetWindowTextW (in: hWnd=0xc02dc, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0178.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0178.316] GetWindowTextLengthW (hWnd=0xf00ea) returned 0
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0178.317] GetSystemMetrics (nIndex=42) returned 0
[0178.317] GetWindowTextW (in: hWnd=0xf00ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0178.317] GetWindowThreadProcessId (in: hWnd=0xa005a, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0178.317] GetWindow (hWnd=0xa005a, uCmd=0x5) returned 0x0
[0178.317] GetWindowLongW (hWnd=0xa005a, nIndex=-20) returned 65792
[0178.317] DestroyWindow (hWnd=0xa005a) returned 1
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0178.317] GetWindowTextLengthW (hWnd=0xa005a) returned 25
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0178.317] GetSystemMetrics (nIndex=42) returned 0
[0178.317] GetWindowTextW (in: hWnd=0xa005a, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0178.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.318] GetWindowTextLengthW (hWnd=0xc02da) returned 232
[0178.318] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0178.318] GetSystemMetrics (nIndex=42) returned 0
[0178.318] GetWindowTextW (in: hWnd=0xc02da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0178.318] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0178.319] InvalidateRect (hWnd=0xd02d2, lpRect=0x0, bErase=0) returned 1
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0178.319] SendMessageW (hWnd=0xc02de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0178.319] SendMessageW (hWnd=0xc02de, Msg=0xb0, wParam=0x2cc4f28, lParam=0xd7e480) returned 0x0
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0xb0, wParam=0x2cc4f28, lParam=0xd7e480) returned 0x0
[0178.319] GetWindowTextLengthW (hWnd=0xc02de) returned 4363
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0178.319] GetSystemMetrics (nIndex=42) returned 0
[0178.319] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0178.319] GetWindowTextW (in: hWnd=0xc02de, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0178.319] CoTaskMemFree (pv=0x11fff70)
[0178.319] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0178.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.321] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.345] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xc02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0178.348] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.348] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.348] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.348] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.348] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.349] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.349] IsWindowUnicode (hWnd=0x7005c) returned 1
[0178.349] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.349] SetCursor (hCursor=0x10003) returned 0x10003
[0178.349] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.349] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.349] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0178.349] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0178.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0178.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0240) returned 0x0
[0178.350] GetKeyState (nVirtKey=1) returned 1
[0178.350] GetKeyState (nVirtKey=2) returned 0
[0178.350] GetKeyState (nVirtKey=4) returned 0
[0178.350] GetKeyState (nVirtKey=5) returned 0
[0178.350] GetKeyState (nVirtKey=6) returned 0
[0178.350] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.350] IsWindowUnicode (hWnd=0x7005c) returned 1
[0178.350] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.350] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.350] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.350] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.351] IsWindowUnicode (hWnd=0x7005c) returned 1
[0178.351] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0178.351] SetCursor (hCursor=0x10003) returned 0x10003
[0178.351] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.351] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0240) returned 0x0
[0178.351] GetKeyState (nVirtKey=1) returned 1
[0178.351] GetKeyState (nVirtKey=2) returned 0
[0178.351] GetKeyState (nVirtKey=4) returned 0
[0178.351] GetKeyState (nVirtKey=5) returned 0
[0178.351] GetKeyState (nVirtKey=6) returned 0
[0178.351] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.352] IsWindowUnicode (hWnd=0x602c4) returned 1
[0178.352] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.352] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.352] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.352] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.353] IsWindowUnicode (hWnd=0x602c4) returned 1
[0178.353] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.353] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.353] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.353] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0178.353] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.353] CreateCompatibleDC (hdc=0xc0107c5) returned 0x4b010793
[0178.353] SelectObject (hdc=0x4b010793, h=0x4a0507fe) returned 0x85000f
[0178.353] GdipCreateFromHDC (hdc=0x4b010793, graphics=0xd7e798) returned 0x0
[0178.353] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0178.353] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0178.353] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0178.353] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0178.354] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e7f8) returned 0x0
[0178.354] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0178.354] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0178.354] LocalFree (hMem=0x11ee8d8) returned 0x0
[0178.354] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0178.354] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0178.354] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0178.354] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0178.354] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0178.354] GdipRestoreGraphics (graphics=0x6600030, state=0xfbe40dbd) returned 0x0
[0178.354] GdipDeleteRegion (region=0x6646958) returned 0x0
[0178.354] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0178.354] GetCurrentObject (hdc=0x4b010793, type=0x1) returned 0xb00017
[0178.354] GetCurrentObject (hdc=0x4b010793, type=0x2) returned 0x900010
[0178.354] GetCurrentObject (hdc=0x4b010793, type=0x7) returned 0x4a0507fe
[0178.354] GetCurrentObject (hdc=0x4b010793, type=0x6) returned 0x8a01c2
[0178.354] SaveDC (hdc=0x4b010793) returned 1
[0178.354] GetNearestColor (hdc=0x4b010793, color=0xff) returned 0xff
[0178.354] GetNearestColor (hdc=0x4b010793, color=0x55) returned 0x55
[0178.355] GetNearestColor (hdc=0x4b010793, color=0x0) returned 0x0
[0178.355] GetNearestColor (hdc=0x4b010793, color=0x55) returned 0x55
[0178.355] GetNearestColor (hdc=0x4b010793, color=0x0) returned 0x0
[0178.355] GetNearestColor (hdc=0x4b010793, color=0x8080ff) returned 0x8080ff
[0178.355] GetNearestColor (hdc=0x4b010793, color=0x7373e5) returned 0x7373e5
[0178.355] GetNearestColor (hdc=0x4b010793, color=0xe5) returned 0xe5
[0178.355] GetNearestColor (hdc=0x4b010793, color=0x0) returned 0x0
[0178.355] RestoreDC (hdc=0x4b010793, nSavedDC=-1) returned 1
[0178.355] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010793) returned 0x0
[0178.355] IsAppThemed () returned 0x1
[0178.355] GetThemeAppProperties () returned 0x3
[0178.355] GetThemeAppProperties () returned 0x3
[0178.355] IsAppThemed () returned 0x1
[0178.355] GetThemeAppProperties () returned 0x3
[0178.355] GetThemeAppProperties () returned 0x3
[0178.355] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d041f8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0178.356] IsAppThemed () returned 0x1
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] IsAppThemed () returned 0x1
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] GetFocus () returned 0x602c4
[0178.356] IsAppThemed () returned 0x1
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] IsAppThemed () returned 0x1
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] GetThemeAppProperties () returned 0x3
[0178.356] IsThemePartDefined () returned 0x1
[0178.356] IsAppThemed () returned 0x1
[0178.357] GetThemeAppProperties () returned 0x3
[0178.357] GetThemeAppProperties () returned 0x3
[0178.357] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0178.357] IsAppThemed () returned 0x1
[0178.357] GetThemeAppProperties () returned 0x3
[0178.357] GetThemeAppProperties () returned 0x3
[0178.357] IsAppThemed () returned 0x1
[0178.357] GetThemeAppProperties () returned 0x3
[0178.357] GetThemeAppProperties () returned 0x3
[0178.357] IsThemePartDefined () returned 0x1
[0178.357] GdipCreateRegion (region=0xd7e508) returned 0x0
[0178.357] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0178.357] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0178.357] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0178.357] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e520) returned 0x0
[0178.357] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0178.357] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0178.357] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.357] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0178.357] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0178.357] LocalFree (hMem=0x11ee8d8) returned 0x0
[0178.357] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0178.357] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e548) returned 0x0
[0178.358] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e538) returned 0x0
[0178.358] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0178.358] GdipDeleteRegion (region=0x6646718) returned 0x0
[0178.358] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0178.358] GetCurrentObject (hdc=0x4b010793, type=0x1) returned 0xb00017
[0178.358] GetCurrentObject (hdc=0x4b010793, type=0x2) returned 0x900010
[0178.358] GetCurrentObject (hdc=0x4b010793, type=0x7) returned 0x4a0507fe
[0178.358] GetCurrentObject (hdc=0x4b010793, type=0x6) returned 0x8a01c2
[0178.358] SaveDC (hdc=0x4b010793) returned 1
[0178.358] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x600407de
[0178.358] GetClipRgn (hdc=0x4b010793, hrgn=0x600407de) returned 0
[0178.358] SelectClipRgn (hdc=0x4b010793, hrgn=0xde040807) returned 2
[0178.358] DeleteObject (ho=0x600407de) returned 1
[0178.358] DeleteObject (ho=0xde040807) returned 1
[0178.358] OffsetViewportOrgEx (in: hdc=0x4b010793, x=0, y=0, lppt=0x2d048a8 | out: lppt=0x2d048a8) returned 1
[0178.358] DrawThemeParentBackground () returned 0x0
[0178.358] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0178.358] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0178.359] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0178.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.359] GetSystemMetrics (nIndex=42) returned 0
[0178.359] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0178.359] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0178.359] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0178.359] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0178.359] SelectPalette (hdc=0x4b010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.359] GdipCreateFromHDC (hdc=0x4b010793, graphics=0xd7dff8) returned 0x0
[0178.359] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0178.359] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0178.359] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638bd8) returned 0x0
[0178.359] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dfd0) returned 0x0
[0178.359] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0178.359] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0178.359] GdipGetClip (graphics=0x66472f8, region=0x6646c28) returned 0x0
[0178.359] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x66472f8, result=0xd7dfc4) returned 0x0
[0178.359] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0178.360] GdipSaveGraphics (graphics=0x66472f8, state=0xd7dff0) returned 0x0
[0178.360] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0178.368] GdipFillRectangleI (graphics=0x66472f8, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0178.368] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0178.370] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0178.370] SelectPalette (hdc=0x4b010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.370] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0178.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.370] GetSystemMetrics (nIndex=42) returned 0
[0178.370] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0178.370] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0178.370] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0178.370] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0178.370] SelectPalette (hdc=0x4b010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0178.370] GdipCreateFromHDC (hdc=0x4b010793, graphics=0xd7df98) returned 0x0
[0178.370] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0178.370] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0178.371] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638a88) returned 0x0
[0178.371] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df70) returned 0x0
[0178.371] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0178.371] GdipCreateRegion (region=0xd7df58) returned 0x0
[0178.371] GdipGetClip (graphics=0x66472f8, region=0x6646a78) returned 0x0
[0178.371] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x66472f8, result=0xd7df64) returned 0x0
[0178.371] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0178.371] GdipSaveGraphics (graphics=0x66472f8, state=0xd7df90) returned 0x0
[0178.371] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0178.411] GdipFillRectangleI (graphics=0x66472f8, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0178.411] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0178.413] GdipRestoreGraphics (graphics=0x66472f8, state=0xfbe00dbd) returned 0x0
[0178.413] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0178.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0178.413] GetSystemMetrics (nIndex=42) returned 0
[0178.413] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0178.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0178.413] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0178.413] SelectPalette (hdc=0x4b010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.413] RestoreDC (hdc=0x4b010793, nSavedDC=-1) returned 1
[0178.413] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010793) returned 0x0
[0178.413] IsAppThemed () returned 0x1
[0178.414] GetThemeAppProperties () returned 0x3
[0178.414] GetThemeAppProperties () returned 0x3
[0178.414] IsAppThemed () returned 0x1
[0178.414] GetThemeAppProperties () returned 0x3
[0178.414] GetThemeAppProperties () returned 0x3
[0178.414] IsThemePartDefined () returned 0x1
[0178.414] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0178.414] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0178.414] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0178.414] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0178.414] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e4a4) returned 0x0
[0178.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0178.414] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0178.414] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0178.414] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0178.414] LocalFree (hMem=0x11ee9f0) returned 0x0
[0178.414] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0178.414] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0178.414] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0178.415] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0178.415] GdipDeleteRegion (region=0x6646958) returned 0x0
[0178.415] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0178.415] GetCurrentObject (hdc=0x4b010793, type=0x1) returned 0xb00017
[0178.415] GetCurrentObject (hdc=0x4b010793, type=0x2) returned 0x900010
[0178.415] GetCurrentObject (hdc=0x4b010793, type=0x7) returned 0x4a0507fe
[0178.415] GetCurrentObject (hdc=0x4b010793, type=0x6) returned 0x8a01c2
[0178.415] SaveDC (hdc=0x4b010793) returned 1
[0178.415] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdf040807
[0178.415] GetClipRgn (hdc=0x4b010793, hrgn=0xdf040807) returned 0
[0178.415] SelectClipRgn (hdc=0x4b010793, hrgn=0x620407de) returned 2
[0178.415] DeleteObject (ho=0xdf040807) returned 1
[0178.415] DeleteObject (ho=0x620407de) returned 1
[0178.415] OffsetViewportOrgEx (in: hdc=0x4b010793, x=0, y=0, lppt=0x2d0b0f8 | out: lppt=0x2d0b0f8) returned 1
[0178.415] IsAppThemed () returned 0x1
[0178.415] GetThemeAppProperties () returned 0x3
[0178.415] GetThemeAppProperties () returned 0x3
[0178.416] DrawThemeBackground () returned 0x0
[0178.416] RestoreDC (hdc=0x4b010793, nSavedDC=-1) returned 1
[0178.416] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010793) returned 0x0
[0178.416] GdipCreateRegion (region=0xd7e490) returned 0x0
[0178.416] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0178.416] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0178.416] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0178.416] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a8) returned 0x0
[0178.416] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0178.416] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eead0) returned 0x0
[0178.416] LocalFree (hMem=0x11eead0) returned 0x0
[0178.416] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0178.416] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0178.416] LocalFree (hMem=0x11ee788) returned 0x0
[0178.416] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0178.416] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0178.416] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0178.417] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0178.417] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0178.417] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0178.417] GetCurrentObject (hdc=0x4b010793, type=0x1) returned 0xb00017
[0178.417] GetCurrentObject (hdc=0x4b010793, type=0x2) returned 0x900010
[0178.417] GetCurrentObject (hdc=0x4b010793, type=0x7) returned 0x4a0507fe
[0178.417] GetCurrentObject (hdc=0x4b010793, type=0x6) returned 0x8a01c2
[0178.417] SaveDC (hdc=0x4b010793) returned 1
[0178.417] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x630407de
[0178.417] GetClipRgn (hdc=0x4b010793, hrgn=0x630407de) returned 0
[0178.417] SelectClipRgn (hdc=0x4b010793, hrgn=0xe0040807) returned 2
[0178.417] DeleteObject (ho=0x630407de) returned 1
[0178.417] DeleteObject (ho=0xe0040807) returned 1
[0178.417] OffsetViewportOrgEx (in: hdc=0x4b010793, x=0, y=0, lppt=0x2d0b3cc | out: lppt=0x2d0b3cc) returned 1
[0178.417] IsAppThemed () returned 0x1
[0178.417] GetThemeAppProperties () returned 0x3
[0178.417] GetThemeAppProperties () returned 0x3
[0178.418] GetThemeBackgroundContentRect () returned 0x0
[0178.418] RestoreDC (hdc=0x4b010793, nSavedDC=-1) returned 1
[0178.418] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010793) returned 0x0
[0178.418] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0178.418] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0178.418] GdipFillRectangleI (graphics=0x6600030, brush=0x66472f8, x=4, y=4, width=67, height=15) returned 0x0
[0178.418] GdipDeleteBrush (brush=0x66472f8) returned 0x0
[0178.418] IsAppThemed () returned 0x1
[0178.418] GetThemeAppProperties () returned 0x3
[0178.418] GetThemeAppProperties () returned 0x3
[0178.418] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0178.418] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0178.418] GetCurrentObject (hdc=0x4b010793, type=0x1) returned 0xb00017
[0178.418] GetCurrentObject (hdc=0x4b010793, type=0x2) returned 0x900010
[0178.418] GetCurrentObject (hdc=0x4b010793, type=0x7) returned 0x4a0507fe
[0178.418] GetCurrentObject (hdc=0x4b010793, type=0x6) returned 0x8a01c2
[0178.418] SaveDC (hdc=0x4b010793) returned 1
[0178.418] GetTextAlign (hdc=0x4b010793) returned 0x0
[0178.419] GetTextColor (hdc=0x4b010793) returned 0x0
[0178.419] GetCurrentObject (hdc=0x4b010793, type=0x6) returned 0x8a01c2
[0178.424] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0178.424] SelectObject (hdc=0x4b010793, h=0x6d0a0520) returned 0x8a01c2
[0178.424] GetBkMode (hdc=0x4b010793) returned 2
[0178.424] SetBkMode (hdc=0x4b010793, mode=1) returned 2
[0178.424] DrawTextExW (in: hdc=0x4b010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d0b790 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0178.424] DrawTextExW (in: hdc=0x4b010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d0b790 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0178.425] RestoreDC (hdc=0x4b010793, nSavedDC=-1) returned 1
[0178.425] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010793) returned 0x0
[0178.425] GetFocus () returned 0x602c4
[0178.425] IsAppThemed () returned 0x1
[0178.425] GetThemeAppProperties () returned 0x3
[0178.425] GetThemeAppProperties () returned 0x3
[0178.425] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0178.425] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x4b010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0178.425] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010793) returned 0x0
[0178.425] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0178.426] SelectObject (hdc=0x4b010793, h=0x85000f) returned 0x4a0507fe
[0178.426] DeleteDC (hdc=0x4b010793) returned 1
[0178.426] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0178.426] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0178.426] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.426] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.426] WaitMessage () returned 1
[0178.454] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.454] IsWindowUnicode (hWnd=0x7005c) returned 1
[0178.454] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.454] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.455] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.455] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.455] IsWindowUnicode (hWnd=0x7005c) returned 1
[0178.455] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.455] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.455] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0240) returned 0x0
[0178.455] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.455] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.455] WaitMessage () returned 1
[0178.467] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.467] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.467] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.467] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.467] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.468] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.468] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.468] WaitMessage () returned 1
[0178.469] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.469] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.469] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.469] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.469] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.470] WaitMessage () returned 1
[0178.471] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.471] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.471] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.471] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.471] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.472] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.473] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.473] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.473] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.473] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.473] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.473] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.473] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.473] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.474] WaitMessage () returned 1
[0178.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.474] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.474] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.475] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.475] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.476] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.476] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.476] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.476] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.476] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.476] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.477] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.477] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.477] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.477] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.477] WaitMessage () returned 1
[0178.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.478] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.478] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.478] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.478] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.479] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.480] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.480] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.480] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.480] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.480] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.480] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.480] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.480] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.480] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.480] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.481] WaitMessage () returned 1
[0178.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.485] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.487] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.487] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.487] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.487] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.487] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.488] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.488] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.488] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.488] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.488] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.488] WaitMessage () returned 1
[0178.491] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.491] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.491] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.491] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.491] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.492] WaitMessage () returned 1
[0178.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.493] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.493] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.493] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.494] WaitMessage () returned 1
[0178.495] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.495] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.495] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.495] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.495] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.496] WaitMessage () returned 1
[0178.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.496] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.496] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.496] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.496] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.498] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.498] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.498] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.498] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.498] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.498] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.499] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.499] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.499] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.499] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.499] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.499] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.499] WaitMessage () returned 1
[0178.500] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.500] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.500] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.500] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.500] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.502] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.502] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.502] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.502] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.502] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.502] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.502] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.502] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.503] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.503] WaitMessage () returned 1
[0178.504] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.504] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.504] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.504] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.504] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.506] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.506] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.506] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.506] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.506] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.506] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.506] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.506] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.506] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.506] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.507] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.507] WaitMessage () returned 1
[0178.507] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.507] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.507] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.508] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.508] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.509] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.509] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.509] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.509] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.509] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.510] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.510] IsWindowUnicode (hWnd=0x30122) returned 1
[0178.510] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.510] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.510] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.510] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.511] WaitMessage () returned 1
[0178.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.607] IsWindowUnicode (hWnd=0x502c6) returned 1
[0178.607] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0178.607] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0178.607] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0178.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0178.607] WaitMessage () returned 1
[0180.425] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.425] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f3) returned 0x1
[0180.426] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.426] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.426] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0180.426] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0180.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0180.430] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.430] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f3) returned 0x1
[0180.430] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.430] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.431] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f3) returned 0x1
[0180.431] SetCursor (hCursor=0x10003) returned 0x10003
[0180.431] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0180.431] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0180.431] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0180.431] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0180.431] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0180.431] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0180.431] GetKeyState (nVirtKey=1) returned 1
[0180.431] GetKeyState (nVirtKey=2) returned 0
[0180.431] GetKeyState (nVirtKey=4) returned 0
[0180.431] GetKeyState (nVirtKey=5) returned 0
[0180.431] GetKeyState (nVirtKey=6) returned 0
[0180.431] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.432] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.432] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.432] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0180.432] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0180.432] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0180.432] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.432] CreateCompatibleDC (hdc=0xc0107c5) returned 0x610107d1
[0180.432] SelectObject (hdc=0x610107d1, h=0x4a0507fe) returned 0x85000f
[0180.432] GdipCreateFromHDC (hdc=0x610107d1, graphics=0xd7e798) returned 0x0
[0180.432] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0180.432] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0180.433] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0180.433] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0180.433] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e7f8) returned 0x0
[0180.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0180.433] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0180.433] LocalFree (hMem=0x11ee910) returned 0x0
[0180.433] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0180.433] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0180.433] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0180.433] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0180.433] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0180.433] GdipRestoreGraphics (graphics=0x6600030, state=0xfbde0dbd) returned 0x0
[0180.433] GdipDeleteRegion (region=0x6646958) returned 0x0
[0180.433] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0180.433] GetCurrentObject (hdc=0x610107d1, type=0x1) returned 0xb00017
[0180.433] GetCurrentObject (hdc=0x610107d1, type=0x2) returned 0x900010
[0180.434] GetCurrentObject (hdc=0x610107d1, type=0x7) returned 0x4a0507fe
[0180.434] GetCurrentObject (hdc=0x610107d1, type=0x6) returned 0x8a01c2
[0180.434] SaveDC (hdc=0x610107d1) returned 1
[0180.434] GetNearestColor (hdc=0x610107d1, color=0xff) returned 0xff
[0180.434] GetNearestColor (hdc=0x610107d1, color=0x55) returned 0x55
[0180.434] GetNearestColor (hdc=0x610107d1, color=0x0) returned 0x0
[0180.434] GetNearestColor (hdc=0x610107d1, color=0x55) returned 0x55
[0180.434] GetNearestColor (hdc=0x610107d1, color=0x0) returned 0x0
[0180.434] GetNearestColor (hdc=0x610107d1, color=0x8080ff) returned 0x8080ff
[0180.434] GetNearestColor (hdc=0x610107d1, color=0x7373e5) returned 0x7373e5
[0180.435] GetNearestColor (hdc=0x610107d1, color=0xe5) returned 0xe5
[0180.435] GetNearestColor (hdc=0x610107d1, color=0x0) returned 0x0
[0180.435] RestoreDC (hdc=0x610107d1, nSavedDC=-1) returned 1
[0180.435] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d1) returned 0x0
[0180.435] IsAppThemed () returned 0x1
[0180.435] GetThemeAppProperties () returned 0x3
[0180.435] GetThemeAppProperties () returned 0x3
[0180.435] IsAppThemed () returned 0x1
[0180.435] GetThemeAppProperties () returned 0x3
[0180.435] GetThemeAppProperties () returned 0x3
[0180.435] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d0c1d8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0180.436] IsAppThemed () returned 0x1
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] IsAppThemed () returned 0x1
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] IsAppThemed () returned 0x1
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] IsAppThemed () returned 0x1
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] IsThemePartDefined () returned 0x1
[0180.436] IsAppThemed () returned 0x1
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] GetThemeAppProperties () returned 0x3
[0180.436] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0180.436] IsAppThemed () returned 0x1
[0180.437] GetThemeAppProperties () returned 0x3
[0180.437] GetThemeAppProperties () returned 0x3
[0180.437] IsAppThemed () returned 0x1
[0180.437] GetThemeAppProperties () returned 0x3
[0180.437] GetThemeAppProperties () returned 0x3
[0180.437] IsThemePartDefined () returned 0x1
[0180.437] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0180.437] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0180.437] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0180.437] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0180.437] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e514) returned 0x0
[0180.437] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0180.437] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0180.437] LocalFree (hMem=0x11ee9f0) returned 0x0
[0180.437] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0180.437] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0180.437] LocalFree (hMem=0x11ee788) returned 0x0
[0180.438] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0180.438] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0180.438] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0180.438] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0180.438] GdipDeleteRegion (region=0x6646958) returned 0x0
[0180.438] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0180.438] GetCurrentObject (hdc=0x610107d1, type=0x1) returned 0xb00017
[0180.438] GetCurrentObject (hdc=0x610107d1, type=0x2) returned 0x900010
[0180.438] GetCurrentObject (hdc=0x610107d1, type=0x7) returned 0x4a0507fe
[0180.438] GetCurrentObject (hdc=0x610107d1, type=0x6) returned 0x8a01c2
[0180.438] SaveDC (hdc=0x610107d1) returned 1
[0180.438] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe1040807
[0180.438] GetClipRgn (hdc=0x610107d1, hrgn=0xe1040807) returned 0
[0180.438] SelectClipRgn (hdc=0x610107d1, hrgn=0x670407de) returned 2
[0180.438] DeleteObject (ho=0xe1040807) returned 1
[0180.439] DeleteObject (ho=0x670407de) returned 1
[0180.439] OffsetViewportOrgEx (in: hdc=0x610107d1, x=0, y=0, lppt=0x2d0c888 | out: lppt=0x2d0c888) returned 1
[0180.439] DrawThemeParentBackground () returned 0x0
[0180.439] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0180.439] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0180.439] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.440] GetSystemMetrics (nIndex=42) returned 0
[0180.440] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0180.440] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0180.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0180.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0180.440] SelectPalette (hdc=0x610107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.440] GdipCreateFromHDC (hdc=0x610107d1, graphics=0xd7dff0) returned 0x0
[0180.440] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0180.440] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0180.440] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638ae8) returned 0x0
[0180.440] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfc8) returned 0x0
[0180.440] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0180.441] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0180.441] GdipGetClip (graphics=0x66472f8, region=0x6646958) returned 0x0
[0180.441] GdipIsInfiniteRegion (region=0x6646958, graphics=0x66472f8, result=0xd7dfbc) returned 0x0
[0180.441] GdipDeleteRegion (region=0x6646958) returned 0x0
[0180.441] GdipSaveGraphics (graphics=0x66472f8, state=0xd7dfe8) returned 0x0
[0180.441] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0180.451] GdipFillRectangleI (graphics=0x66472f8, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0180.451] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0180.453] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0180.453] SelectPalette (hdc=0x610107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.453] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.453] GetSystemMetrics (nIndex=42) returned 0
[0180.453] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0180.453] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0180.453] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0180.454] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0180.454] SelectPalette (hdc=0x610107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.454] GdipCreateFromHDC (hdc=0x610107d1, graphics=0xd7df90) returned 0x0
[0180.454] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0180.454] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0180.454] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638b18) returned 0x0
[0180.454] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df68) returned 0x0
[0180.454] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0180.454] GdipCreateRegion (region=0xd7df50) returned 0x0
[0180.454] GdipGetClip (graphics=0x66472f8, region=0x6646958) returned 0x0
[0180.454] GdipIsInfiniteRegion (region=0x6646958, graphics=0x66472f8, result=0xd7df5c) returned 0x0
[0180.454] GdipDeleteRegion (region=0x6646958) returned 0x0
[0180.454] GdipSaveGraphics (graphics=0x66472f8, state=0xd7df88) returned 0x0
[0180.455] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0180.465] GdipFillRectangleI (graphics=0x66472f8, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0180.465] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0180.466] GdipRestoreGraphics (graphics=0x66472f8, state=0xfbda0dbd) returned 0x0
[0180.467] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.467] GetSystemMetrics (nIndex=42) returned 0
[0180.467] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0180.467] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0180.467] SelectPalette (hdc=0x610107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.467] RestoreDC (hdc=0x610107d1, nSavedDC=-1) returned 1
[0180.467] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d1) returned 0x0
[0180.467] IsAppThemed () returned 0x1
[0180.467] GetThemeAppProperties () returned 0x3
[0180.468] GetThemeAppProperties () returned 0x3
[0180.468] IsAppThemed () returned 0x1
[0180.468] GetThemeAppProperties () returned 0x3
[0180.468] GetThemeAppProperties () returned 0x3
[0180.468] IsThemePartDefined () returned 0x1
[0180.468] GdipCreateRegion (region=0xd7e480) returned 0x0
[0180.468] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0180.468] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0180.468] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0180.468] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e498) returned 0x0
[0180.468] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0180.468] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0180.468] LocalFree (hMem=0x11eec58) returned 0x0
[0180.468] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0180.468] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0180.468] LocalFree (hMem=0x11ee9f0) returned 0x0
[0180.469] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0180.469] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0180.469] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0180.469] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0180.469] GdipDeleteRegion (region=0x6646298) returned 0x0
[0180.469] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0180.469] GetCurrentObject (hdc=0x610107d1, type=0x1) returned 0xb00017
[0180.469] GetCurrentObject (hdc=0x610107d1, type=0x2) returned 0x900010
[0180.469] GetCurrentObject (hdc=0x610107d1, type=0x7) returned 0x4a0507fe
[0180.469] GetCurrentObject (hdc=0x610107d1, type=0x6) returned 0x8a01c2
[0180.469] SaveDC (hdc=0x610107d1) returned 1
[0180.469] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x680407de
[0180.469] GetClipRgn (hdc=0x610107d1, hrgn=0x680407de) returned 0
[0180.470] SelectClipRgn (hdc=0x610107d1, hrgn=0xe3040807) returned 2
[0180.470] DeleteObject (ho=0x680407de) returned 1
[0180.470] DeleteObject (ho=0xe3040807) returned 1
[0180.470] OffsetViewportOrgEx (in: hdc=0x610107d1, x=0, y=0, lppt=0x2d130d8 | out: lppt=0x2d130d8) returned 1
[0180.470] IsAppThemed () returned 0x1
[0180.470] GetThemeAppProperties () returned 0x3
[0180.470] GetThemeAppProperties () returned 0x3
[0180.470] DrawThemeBackground () returned 0x0
[0180.470] RestoreDC (hdc=0x610107d1, nSavedDC=-1) returned 1
[0180.470] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d1) returned 0x0
[0180.470] GdipCreateRegion (region=0xd7e484) returned 0x0
[0180.470] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0180.470] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0180.470] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0180.471] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e49c) returned 0x0
[0180.471] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0180.471] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0180.471] LocalFree (hMem=0x11eec58) returned 0x0
[0180.471] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0180.471] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0180.471] LocalFree (hMem=0x11eea60) returned 0x0
[0180.471] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0180.471] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0180.471] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0180.471] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0180.471] GdipDeleteRegion (region=0x6646298) returned 0x0
[0180.471] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0180.471] GetCurrentObject (hdc=0x610107d1, type=0x1) returned 0xb00017
[0180.471] GetCurrentObject (hdc=0x610107d1, type=0x2) returned 0x900010
[0180.472] GetCurrentObject (hdc=0x610107d1, type=0x7) returned 0x4a0507fe
[0180.472] GetCurrentObject (hdc=0x610107d1, type=0x6) returned 0x8a01c2
[0180.472] SaveDC (hdc=0x610107d1) returned 1
[0180.472] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe4040807
[0180.472] GetClipRgn (hdc=0x610107d1, hrgn=0xe4040807) returned 0
[0180.472] SelectClipRgn (hdc=0x610107d1, hrgn=0x690407de) returned 2
[0180.472] DeleteObject (ho=0xe4040807) returned 1
[0180.472] DeleteObject (ho=0x690407de) returned 1
[0180.472] OffsetViewportOrgEx (in: hdc=0x610107d1, x=0, y=0, lppt=0x2d133ac | out: lppt=0x2d133ac) returned 1
[0180.472] IsAppThemed () returned 0x1
[0180.472] GetThemeAppProperties () returned 0x3
[0180.472] GetThemeAppProperties () returned 0x3
[0180.472] GetThemeBackgroundContentRect () returned 0x0
[0180.472] RestoreDC (hdc=0x610107d1, nSavedDC=-1) returned 1
[0180.473] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d1) returned 0x0
[0180.473] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0180.473] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0180.473] GdipFillRectangleI (graphics=0x6600030, brush=0x66472f8, x=4, y=4, width=67, height=15) returned 0x0
[0180.473] GdipDeleteBrush (brush=0x66472f8) returned 0x0
[0180.473] IsAppThemed () returned 0x1
[0180.473] GetThemeAppProperties () returned 0x3
[0180.473] GetThemeAppProperties () returned 0x3
[0180.473] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0180.473] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0180.473] GetCurrentObject (hdc=0x610107d1, type=0x1) returned 0xb00017
[0180.473] GetCurrentObject (hdc=0x610107d1, type=0x2) returned 0x900010
[0180.473] GetCurrentObject (hdc=0x610107d1, type=0x7) returned 0x4a0507fe
[0180.473] GetCurrentObject (hdc=0x610107d1, type=0x6) returned 0x8a01c2
[0180.473] SaveDC (hdc=0x610107d1) returned 1
[0180.474] GetTextAlign (hdc=0x610107d1) returned 0x0
[0180.474] GetTextColor (hdc=0x610107d1) returned 0x0
[0180.474] GetCurrentObject (hdc=0x610107d1, type=0x6) returned 0x8a01c2
[0180.474] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0180.474] SelectObject (hdc=0x610107d1, h=0x6d0a0520) returned 0x8a01c2
[0180.474] GetBkMode (hdc=0x610107d1) returned 2
[0180.474] SetBkMode (hdc=0x610107d1, mode=1) returned 2
[0180.474] DrawTextExW (in: hdc=0x610107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d13770 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0180.475] DrawTextExW (in: hdc=0x610107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d13770 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0180.475] RestoreDC (hdc=0x610107d1, nSavedDC=-1) returned 1
[0180.475] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d1) returned 0x0
[0180.475] GetFocus () returned 0x602c4
[0180.475] IsAppThemed () returned 0x1
[0180.475] GetThemeAppProperties () returned 0x3
[0180.475] GetThemeAppProperties () returned 0x3
[0180.475] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0180.475] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x610107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0180.486] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d1) returned 0x0
[0180.487] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.487] SelectObject (hdc=0x610107d1, h=0x85000f) returned 0x4a0507fe
[0180.487] DeleteDC (hdc=0x610107d1) returned 1
[0180.487] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.487] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0180.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0180.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0180.487] WaitMessage () returned 1
[0180.528] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.529] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.529] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.529] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0180.529] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0180.529] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.529] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.529] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.529] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0180.529] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0180.529] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x50018) returned 0x0
[0180.529] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0180.529] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0180.529] WaitMessage () returned 1
[0180.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.648] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f3) returned 0x1
[0180.648] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.648] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.648] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f3) returned 0x1
[0180.648] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0180.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1970035) returned 0x0
[0180.649] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0180.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0180.649] SetCursor (hCursor=0x10003) returned 0x10003
[0180.649] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0180.649] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0180.649] GetKeyState (nVirtKey=1) returned -128
[0180.650] GetKeyState (nVirtKey=2) returned 0
[0180.650] GetKeyState (nVirtKey=4) returned 0
[0180.650] GetKeyState (nVirtKey=5) returned 0
[0180.650] GetKeyState (nVirtKey=6) returned 0
[0180.650] IsWindowVisible (hWnd=0x602c4) returned 1
[0180.650] IsWindowEnabled (hWnd=0x602c4) returned 1
[0180.650] SetFocus (hWnd=0x602c4) returned 0x602c4
[0180.650] GetFocus () returned 0x602c4
[0180.650] GetFocus () returned 0x602c4
[0180.650] GetFocus () returned 0x602c4
[0180.650] GetKeyState (nVirtKey=1) returned -128
[0180.650] GetKeyState (nVirtKey=2) returned 0
[0180.650] GetKeyState (nVirtKey=4) returned 0
[0180.650] GetKeyState (nVirtKey=5) returned 0
[0180.651] GetKeyState (nVirtKey=6) returned 0
[0180.651] GetCapture () returned 0x0
[0180.651] SetCapture (hWnd=0x602c4) returned 0x0
[0180.651] GetKeyState (nVirtKey=1) returned -128
[0180.651] GetKeyState (nVirtKey=2) returned 0
[0180.651] GetKeyState (nVirtKey=4) returned 0
[0180.651] GetKeyState (nVirtKey=5) returned 0
[0180.651] GetKeyState (nVirtKey=6) returned 0
[0180.651] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0180.651] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0180.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.651] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.651] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0180.652] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0180.652] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0180.652] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d138f4, cPoints=0x1 | out: lpPoints=0x2d138f4) returned 40304859
[0180.652] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0180.652] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0180.652] UpdateWindow (hWnd=0x602c4) returned 1
[0180.652] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0180.652] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.652] CreateCompatibleDC (hdc=0xc0107c5) returned 0x620107d1
[0180.653] SelectObject (hdc=0x620107d1, h=0x4a0507fe) returned 0x85000f
[0180.653] GdipCreateFromHDC (hdc=0x620107d1, graphics=0xd7e430) returned 0x0
[0180.653] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0180.653] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0180.653] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0180.653] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0180.653] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e490) returned 0x0
[0180.653] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0180.653] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0180.653] LocalFree (hMem=0x11ee788) returned 0x0
[0180.653] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0180.654] GdipCreateRegion (region=0xd7e478) returned 0x0
[0180.654] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0180.654] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e484) returned 0x0
[0180.654] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0180.654] GdipRestoreGraphics (graphics=0x6600030, state=0xfbd80dbd) returned 0x0
[0180.654] GdipDeleteRegion (region=0x6646298) returned 0x0
[0180.654] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0180.654] GetCurrentObject (hdc=0x620107d1, type=0x1) returned 0xb00017
[0180.654] GetCurrentObject (hdc=0x620107d1, type=0x2) returned 0x900010
[0180.654] GetCurrentObject (hdc=0x620107d1, type=0x7) returned 0x4a0507fe
[0180.654] GetCurrentObject (hdc=0x620107d1, type=0x6) returned 0x8a01c2
[0180.654] SaveDC (hdc=0x620107d1) returned 1
[0180.654] GetNearestColor (hdc=0x620107d1, color=0xff) returned 0xff
[0180.654] GetNearestColor (hdc=0x620107d1, color=0x55) returned 0x55
[0180.655] GetNearestColor (hdc=0x620107d1, color=0x0) returned 0x0
[0180.655] GetNearestColor (hdc=0x620107d1, color=0x55) returned 0x55
[0180.655] GetNearestColor (hdc=0x620107d1, color=0x0) returned 0x0
[0180.655] GetNearestColor (hdc=0x620107d1, color=0x8080ff) returned 0x8080ff
[0180.655] GetNearestColor (hdc=0x620107d1, color=0x7373e5) returned 0x7373e5
[0180.655] GetNearestColor (hdc=0x620107d1, color=0xe5) returned 0xe5
[0180.655] GetNearestColor (hdc=0x620107d1, color=0x0) returned 0x0
[0180.655] RestoreDC (hdc=0x620107d1, nSavedDC=-1) returned 1
[0180.655] GdipReleaseDC (graphics=0x6600030, hdc=0x620107d1) returned 0x0
[0180.655] IsAppThemed () returned 0x1
[0180.655] GetThemeAppProperties () returned 0x3
[0180.655] GetThemeAppProperties () returned 0x3
[0180.656] IsAppThemed () returned 0x1
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d14010 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0180.656] IsAppThemed () returned 0x1
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] IsAppThemed () returned 0x1
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] IsAppThemed () returned 0x1
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] GetThemeAppProperties () returned 0x3
[0180.656] IsAppThemed () returned 0x1
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] IsThemePartDefined () returned 0x1
[0180.657] IsAppThemed () returned 0x1
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0180.657] IsAppThemed () returned 0x1
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] IsAppThemed () returned 0x1
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] GetThemeAppProperties () returned 0x3
[0180.657] IsThemePartDefined () returned 0x1
[0180.657] GdipCreateRegion (region=0xd7e194) returned 0x0
[0180.657] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0180.657] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0180.657] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0180.657] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e1ac) returned 0x0
[0180.657] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0180.657] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0180.658] LocalFree (hMem=0x11ee9f0) returned 0x0
[0180.658] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0180.658] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0180.658] LocalFree (hMem=0x11ee788) returned 0x0
[0180.658] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0180.658] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0180.658] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0180.658] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0180.658] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0180.658] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0180.658] GetCurrentObject (hdc=0x620107d1, type=0x1) returned 0xb00017
[0180.658] GetCurrentObject (hdc=0x620107d1, type=0x2) returned 0x900010
[0180.658] GetCurrentObject (hdc=0x620107d1, type=0x7) returned 0x4a0507fe
[0180.658] GetCurrentObject (hdc=0x620107d1, type=0x6) returned 0x8a01c2
[0180.658] SaveDC (hdc=0x620107d1) returned 1
[0180.659] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6a0407de
[0180.659] GetClipRgn (hdc=0x620107d1, hrgn=0x6a0407de) returned 0
[0180.659] SelectClipRgn (hdc=0x620107d1, hrgn=0xe8040807) returned 2
[0180.659] DeleteObject (ho=0x6a0407de) returned 1
[0180.659] DeleteObject (ho=0xe8040807) returned 1
[0180.659] OffsetViewportOrgEx (in: hdc=0x620107d1, x=0, y=0, lppt=0x2d146c0 | out: lppt=0x2d146c0) returned 1
[0180.659] DrawThemeParentBackground () returned 0x0
[0180.659] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0180.659] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0180.659] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.659] GetSystemMetrics (nIndex=42) returned 0
[0180.659] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0180.660] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0180.660] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0180.660] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0180.660] SelectPalette (hdc=0x620107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.660] GdipCreateFromHDC (hdc=0x620107d1, graphics=0xd7dc88) returned 0x0
[0180.660] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0180.660] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0180.660] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638a28) returned 0x0
[0180.660] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc60) returned 0x0
[0180.660] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0180.660] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0180.660] GdipGetClip (graphics=0x66472f8, region=0x6646718) returned 0x0
[0180.660] GdipIsInfiniteRegion (region=0x6646718, graphics=0x66472f8, result=0xd7dc54) returned 0x0
[0180.660] GdipDeleteRegion (region=0x6646718) returned 0x0
[0180.660] GdipSaveGraphics (graphics=0x66472f8, state=0xd7dc80) returned 0x0
[0180.660] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0180.682] GdipFillRectangleI (graphics=0x66472f8, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0180.682] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0180.684] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0180.684] SelectPalette (hdc=0x620107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.684] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.684] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.684] GetSystemMetrics (nIndex=42) returned 0
[0180.684] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.684] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0180.684] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0180.684] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0180.684] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0180.684] SelectPalette (hdc=0x620107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.685] GdipCreateFromHDC (hdc=0x620107d1, graphics=0xd7dc28) returned 0x0
[0180.685] GdipSetPageUnit (graphics=0x66472f8, unit=0x2) returned 0x0
[0180.685] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0180.685] GdipGetWorldTransform (graphics=0x66472f8, matrix=0x6638bd8) returned 0x0
[0180.685] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc00) returned 0x0
[0180.685] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0180.685] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0180.685] GdipGetClip (graphics=0x66472f8, region=0x66464d8) returned 0x0
[0180.685] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x66472f8, result=0xd7dbf4) returned 0x0
[0180.685] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0180.685] GdipSaveGraphics (graphics=0x66472f8, state=0xd7dc20) returned 0x0
[0180.685] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0180.694] GdipFillRectangleI (graphics=0x66472f8, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0180.694] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0180.695] GdipRestoreGraphics (graphics=0x66472f8, state=0xfbd40dbd) returned 0x0
[0180.695] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.695] GetSystemMetrics (nIndex=42) returned 0
[0180.695] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0180.695] GdipDeleteGraphics (graphics=0x66472f8) returned 0x0
[0180.696] SelectPalette (hdc=0x620107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.696] RestoreDC (hdc=0x620107d1, nSavedDC=-1) returned 1
[0180.696] GdipReleaseDC (graphics=0x6600030, hdc=0x620107d1) returned 0x0
[0180.696] IsAppThemed () returned 0x1
[0180.696] GetThemeAppProperties () returned 0x3
[0180.696] GetThemeAppProperties () returned 0x3
[0180.696] IsAppThemed () returned 0x1
[0180.696] GetThemeAppProperties () returned 0x3
[0180.696] GetThemeAppProperties () returned 0x3
[0180.696] IsThemePartDefined () returned 0x1
[0180.696] GdipCreateRegion (region=0xd7e118) returned 0x0
[0180.696] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0180.696] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0180.696] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0180.696] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e130) returned 0x0
[0180.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0180.697] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0180.697] LocalFree (hMem=0x11eec58) returned 0x0
[0180.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0180.697] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0180.697] LocalFree (hMem=0x11eea60) returned 0x0
[0180.697] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0180.697] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e158) returned 0x0
[0180.697] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e148) returned 0x0
[0180.697] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0180.697] GdipDeleteRegion (region=0x6646718) returned 0x0
[0180.697] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0180.697] GetCurrentObject (hdc=0x620107d1, type=0x1) returned 0xb00017
[0180.697] GetCurrentObject (hdc=0x620107d1, type=0x2) returned 0x900010
[0180.697] GetCurrentObject (hdc=0x620107d1, type=0x7) returned 0x4a0507fe
[0180.697] GetCurrentObject (hdc=0x620107d1, type=0x6) returned 0x8a01c2
[0180.697] SaveDC (hdc=0x620107d1) returned 1
[0180.697] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe9040807
[0180.697] GetClipRgn (hdc=0x620107d1, hrgn=0xe9040807) returned 0
[0180.698] SelectClipRgn (hdc=0x620107d1, hrgn=0x6c0407de) returned 2
[0180.698] DeleteObject (ho=0xe9040807) returned 1
[0180.698] DeleteObject (ho=0x6c0407de) returned 1
[0180.698] OffsetViewportOrgEx (in: hdc=0x620107d1, x=0, y=0, lppt=0x2d1af10 | out: lppt=0x2d1af10) returned 1
[0180.698] IsAppThemed () returned 0x1
[0180.698] GetThemeAppProperties () returned 0x3
[0180.698] GetThemeAppProperties () returned 0x3
[0180.698] DrawThemeBackground () returned 0x0
[0180.698] RestoreDC (hdc=0x620107d1, nSavedDC=-1) returned 1
[0180.698] GdipReleaseDC (graphics=0x6600030, hdc=0x620107d1) returned 0x0
[0180.698] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0180.698] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0180.698] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0180.698] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0180.698] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e134) returned 0x0
[0180.698] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0180.698] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0180.698] LocalFree (hMem=0x11eec58) returned 0x0
[0180.698] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0180.698] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0180.699] LocalFree (hMem=0x11ee868) returned 0x0
[0180.699] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0180.699] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0180.699] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0180.699] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0180.699] GdipDeleteRegion (region=0x6646718) returned 0x0
[0180.699] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0180.699] GetCurrentObject (hdc=0x620107d1, type=0x1) returned 0xb00017
[0180.699] GetCurrentObject (hdc=0x620107d1, type=0x2) returned 0x900010
[0180.699] GetCurrentObject (hdc=0x620107d1, type=0x7) returned 0x4a0507fe
[0180.699] GetCurrentObject (hdc=0x620107d1, type=0x6) returned 0x8a01c2
[0180.699] SaveDC (hdc=0x620107d1) returned 1
[0180.699] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6d0407de
[0180.699] GetClipRgn (hdc=0x620107d1, hrgn=0x6d0407de) returned 0
[0180.699] SelectClipRgn (hdc=0x620107d1, hrgn=0xea040807) returned 2
[0180.699] DeleteObject (ho=0x6d0407de) returned 1
[0180.699] DeleteObject (ho=0xea040807) returned 1
[0180.700] OffsetViewportOrgEx (in: hdc=0x620107d1, x=0, y=0, lppt=0x2d1b1e4 | out: lppt=0x2d1b1e4) returned 1
[0180.700] IsAppThemed () returned 0x1
[0180.700] GetThemeAppProperties () returned 0x3
[0180.700] GetThemeAppProperties () returned 0x3
[0180.700] GetThemeBackgroundContentRect () returned 0x0
[0180.700] RestoreDC (hdc=0x620107d1, nSavedDC=-1) returned 1
[0180.700] GdipReleaseDC (graphics=0x6600030, hdc=0x620107d1) returned 0x0
[0180.700] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0180.700] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0180.700] GdipFillRectangleI (graphics=0x6600030, brush=0x66472f8, x=4, y=4, width=67, height=15) returned 0x0
[0180.700] GdipDeleteBrush (brush=0x66472f8) returned 0x0
[0180.700] IsAppThemed () returned 0x1
[0180.700] GetThemeAppProperties () returned 0x3
[0180.700] GetThemeAppProperties () returned 0x3
[0180.700] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0180.700] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0180.701] GetCurrentObject (hdc=0x620107d1, type=0x1) returned 0xb00017
[0180.701] GetCurrentObject (hdc=0x620107d1, type=0x2) returned 0x900010
[0180.701] GetCurrentObject (hdc=0x620107d1, type=0x7) returned 0x4a0507fe
[0180.701] GetCurrentObject (hdc=0x620107d1, type=0x6) returned 0x8a01c2
[0180.701] SaveDC (hdc=0x620107d1) returned 1
[0180.701] GetTextAlign (hdc=0x620107d1) returned 0x0
[0180.701] GetTextColor (hdc=0x620107d1) returned 0x0
[0180.701] GetCurrentObject (hdc=0x620107d1, type=0x6) returned 0x8a01c2
[0180.701] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0180.701] SelectObject (hdc=0x620107d1, h=0x6d0a0520) returned 0x8a01c2
[0180.701] GetBkMode (hdc=0x620107d1) returned 2
[0180.701] SetBkMode (hdc=0x620107d1, mode=1) returned 2
[0180.701] DrawTextExW (in: hdc=0x620107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d1b5a8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0180.702] DrawTextExW (in: hdc=0x620107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d1b5a8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0180.702] RestoreDC (hdc=0x620107d1, nSavedDC=-1) returned 1
[0180.702] GdipReleaseDC (graphics=0x6600030, hdc=0x620107d1) returned 0x0
[0180.702] GetFocus () returned 0x602c4
[0180.702] IsAppThemed () returned 0x1
[0180.702] GetThemeAppProperties () returned 0x3
[0180.702] GetThemeAppProperties () returned 0x3
[0180.702] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0180.702] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x620107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0180.703] GdipReleaseDC (graphics=0x6600030, hdc=0x620107d1) returned 0x0
[0180.703] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.703] SelectObject (hdc=0x620107d1, h=0x85000f) returned 0x4a0507fe
[0180.703] DeleteDC (hdc=0x620107d1) returned 1
[0180.703] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.703] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0180.703] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d1b6a4, cPoints=0x1 | out: lpPoints=0x2d1b6a4) returned 40304859
[0180.703] WindowFromPoint (Point=0xf3) returned 0x602c4
[0180.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f3) returned 0x1
[0180.703] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0180.703] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0180.703] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0180.703] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0180.703] GetSystemMetrics (nIndex=42) returned 0
[0180.703] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0180.704] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0180.705] GetCapture () returned 0x602c4
[0180.705] ReleaseCapture () returned 1
[0180.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0180.706] GetProcessWindowStation () returned 0x13c
[0180.707] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.707] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0180.707] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.707] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0180.707] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.707] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0180.708] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.708] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0180.708] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.708] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0180.708] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.708] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0180.708] GetDC (hWnd=0x0) returned 0x107b9
[0180.708] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0180.709] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0180.709] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.709] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0180.709] GetSystemMetrics (nIndex=5) returned 1
[0180.709] GetSystemMetrics (nIndex=6) returned 1
[0180.709] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.709] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0180.710] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.710] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0180.713] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0180.713] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0180.713] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.713] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0180.713] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.713] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0180.714] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d210c0 | out: lpData=0x2d210c0) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d214d0, puLen=0xd7e810) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d21178, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d211cc, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2124c, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d212b4, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d212f4, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2137c, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d213b8, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d21410, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d21440, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2147c, puLen=0xd7e790) returned 1
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.715] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d214d0, puLen=0xd7e784) returned 1
[0180.716] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.716] VerQueryValueW (in: pBlock=0x2d210c0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d210e8, puLen=0xd7e794) returned 1
[0180.717] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0180.717] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0180.717] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.717] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0180.717] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.717] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0180.718] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d23030 | out: lpData=0x2d23030) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d230cc, puLen=0xd7e810) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d23144, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d23174, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d231b0, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d231e0, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d23228, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d232a0, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d232e4, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d23324, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d23122, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d23270, puLen=0xd7e790) returned 1
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d230cc, puLen=0xd7e784) returned 1
[0180.718] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0180.718] VerQueryValueW (in: pBlock=0x2d23030, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d23058, puLen=0xd7e794) returned 1
[0180.719] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0180.719] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0180.719] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.719] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0180.719] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.719] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0180.720] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d25308 | out: lpData=0x2d25308) returned 1
[0180.721] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2571c, puLen=0xd7e810) returned 1
[0180.721] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d253c0, puLen=0xd7e790) returned 1
[0180.721] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25414, puLen=0xd7e790) returned 1
[0180.721] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25470, puLen=0xd7e790) returned 1
[0180.721] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d254d0, puLen=0xd7e790) returned 1
[0180.721] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25528, puLen=0xd7e790) returned 1
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d255b0, puLen=0xd7e790) returned 1
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25604, puLen=0xd7e790) returned 1
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2565c, puLen=0xd7e790) returned 1
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2568c, puLen=0xd7e790) returned 1
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d256c8, puLen=0xd7e790) returned 1
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2571c, puLen=0xd7e784) returned 1
[0180.722] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.722] VerQueryValueW (in: pBlock=0x2d25308, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d25330, puLen=0xd7e794) returned 1
[0180.723] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0180.723] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0180.723] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.723] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0180.723] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.723] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0180.724] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d27940 | out: lpData=0x2d27940) returned 1
[0180.725] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d27d40, puLen=0xd7e810) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d279f8, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27a4c, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27a8c, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27af4, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27b4c, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27bd4, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27c28, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27c80, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27cb0, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27cec, puLen=0xd7e790) returned 1
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d27d40, puLen=0xd7e784) returned 1
[0180.726] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.726] VerQueryValueW (in: pBlock=0x2d27940, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d27968, puLen=0xd7e794) returned 1
[0180.727] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0180.727] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0180.727] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.727] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0180.727] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.727] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0180.728] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d2a07c | out: lpData=0x2d2a07c) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2a444, puLen=0xd7e810) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a134, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a188, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a1c8, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a230, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a26c, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a2f4, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a32c, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a384, puLen=0xd7e790) returned 1
[0180.729] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a3b4, puLen=0xd7e790) returned 1
[0180.730] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.730] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a3f0, puLen=0xd7e790) returned 1
[0180.730] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.730] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2a444, puLen=0xd7e784) returned 1
[0180.730] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.730] VerQueryValueW (in: pBlock=0x2d2a07c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2a0a4, puLen=0xd7e794) returned 1
[0180.731] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0180.731] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0180.731] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.731] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0180.731] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.731] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0180.732] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d2d6e4 | out: lpData=0x2d2d6e4) returned 1
[0180.732] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2dac4, puLen=0xd7e810) returned 1
[0180.732] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2d79c, puLen=0xd7e790) returned 1
[0180.732] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2d7f0, puLen=0xd7e790) returned 1
[0180.732] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2d830, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2d890, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2d8dc, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2d964, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2d9ac, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2da04, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2da34, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2da70, puLen=0xd7e790) returned 1
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2dac4, puLen=0xd7e784) returned 1
[0180.733] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.733] VerQueryValueW (in: pBlock=0x2d2d6e4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2d70c, puLen=0xd7e794) returned 1
[0180.734] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0180.734] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0180.734] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.734] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0180.734] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.734] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0180.735] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d2ff04 | out: lpData=0x2d2ff04) returned 1
[0180.735] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d30310, puLen=0xd7e810) returned 1
[0180.735] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2ffbc, puLen=0xd7e790) returned 1
[0180.735] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30010, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30064, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d300c4, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3011c, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d301a4, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d301f8, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30250, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30280, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d302bc, puLen=0xd7e790) returned 1
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d30310, puLen=0xd7e784) returned 1
[0180.736] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.736] VerQueryValueW (in: pBlock=0x2d2ff04, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2ff2c, puLen=0xd7e794) returned 1
[0180.737] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0180.737] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0180.737] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.737] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0180.737] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.737] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0180.738] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d32718 | out: lpData=0x2d32718) returned 1
[0180.738] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d32af0, puLen=0xd7e810) returned 1
[0180.738] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d327d0, puLen=0xd7e790) returned 1
[0180.738] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d32824, puLen=0xd7e790) returned 1
[0180.738] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d32864, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d328cc, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d32910, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d32998, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d329d8, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d32a30, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d32a60, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d32a9c, puLen=0xd7e790) returned 1
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d32af0, puLen=0xd7e784) returned 1
[0180.739] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.739] VerQueryValueW (in: pBlock=0x2d32718, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d32740, puLen=0xd7e794) returned 1
[0180.740] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0180.740] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0180.740] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.740] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0180.740] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.740] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0180.741] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d34c70 | out: lpData=0x2d34c70) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d35048, puLen=0xd7e810) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34d28, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34d7c, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34dbc, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34e24, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34e68, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34ef0, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34f30, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34f88, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34fb8, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d34ff4, puLen=0xd7e790) returned 1
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d35048, puLen=0xd7e784) returned 1
[0180.742] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.742] VerQueryValueW (in: pBlock=0x2d34c70, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d34c98, puLen=0xd7e794) returned 1
[0180.743] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0180.743] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0180.743] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0180.743] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0180.743] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0180.743] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0180.744] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d373a8 | out: lpData=0x2d373a8) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d377d8, puLen=0xd7e810) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d37460, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d374b4, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d37524, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d37584, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d375e0, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d37668, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d376c0, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d37718, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d37748, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d37784, puLen=0xd7e790) returned 1
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d377d8, puLen=0xd7e784) returned 1
[0180.745] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0180.745] VerQueryValueW (in: pBlock=0x2d373a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d373d0, puLen=0xd7e794) returned 1
[0180.746] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0180.746] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.746] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0180.746] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.747] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.747] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd02dc
[0180.750] SetWindowLongW (hWnd=0xd02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0180.750] GetWindowLongW (hWnd=0xd02dc, nIndex=-4) returned 1950089536
[0180.750] SetWindowLongW (hWnd=0xd02dc, nIndex=-4, dwNewLong=19943326) returned 1950089536
[0180.750] GetWindowLongW (hWnd=0xd02dc, nIndex=-4) returned 19943326
[0180.750] GetWindowLongW (hWnd=0xd02dc, nIndex=-16) returned 113311744
[0180.750] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0180.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0180.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0180.752] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0180.752] GetClientRect (in: hWnd=0xd02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0180.752] GetWindowRect (in: hWnd=0xd02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0180.752] SetWindowTextW (hWnd=0xd02dc, lpString="WindowsFormsParkingWindow") returned 1
[0180.752] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0xc, wParam=0x0, lParam=0x2cfc880) returned 0x1
[0180.752] GetParent (hWnd=0xd02dc) returned 0x0
[0180.753] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.753] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xd02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd02de
[0180.753] SetWindowLongW (hWnd=0xd02de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0180.753] GetWindowLongW (hWnd=0xd02de, nIndex=-4) returned 1868147648
[0180.754] SetWindowLongW (hWnd=0xd02de, nIndex=-4, dwNewLong=19943566) returned 1868147648
[0180.754] GetWindowLongW (hWnd=0xd02de, nIndex=-4) returned 19943566
[0180.754] GetWindowLongW (hWnd=0xd02de, nIndex=-16) returned 1174405133
[0180.754] GetWindowLongW (hWnd=0xd02de, nIndex=-12) returned 0
[0180.754] SetWindowLongW (hWnd=0xd02de, nIndex=-12, dwNewLong=852702) returned 0
[0180.754] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0180.755] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0180.755] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0180.756] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0180.756] GetWindowRect (in: hWnd=0xd02de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0180.756] GetParent (hWnd=0xd02de) returned 0xd02dc
[0180.756] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xd02dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0180.756] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0180.756] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0180.756] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0180.757] GetWindowRect (in: hWnd=0xd02de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0180.757] GetParent (hWnd=0xd02de) returned 0xd02dc
[0180.757] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xd02dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0180.757] SendMessageW (hWnd=0xd02de, Msg=0x2210, wParam=0x2de0001, lParam=0xd02de) returned 0x0
[0180.757] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x2210, wParam=0x2de0001, lParam=0xd02de) returned 0x0
[0180.757] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.757] GetParent (hWnd=0xd02de) returned 0xd02dc
[0180.757] GdipCreateFromHWND (hwnd=0xd02de, graphics=0xd7e844) returned 0x0
[0180.757] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0180.758] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.758] GetForegroundWindow () returned 0x7005c
[0180.758] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.758] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.758] GetSystemMetrics (nIndex=42) returned 0
[0180.758] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0180.759] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0180.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.759] GetSystemMetrics (nIndex=42) returned 0
[0180.759] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0180.759] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.759] GetCursorPos (in: lpPoint=0x2d3b82c | out: lpPoint=0x2d3b82c*(x=243, y=620)) returned 1
[0180.760] MonitorFromPoint (pt=0xf3, dwFlags=0x26c) returned 0x10001
[0180.760] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0180.760] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x650107d1
[0180.760] GetDeviceCaps (hdc=0x650107d1, index=12) returned 32
[0180.760] GetDeviceCaps (hdc=0x650107d1, index=14) returned 1
[0180.760] DeleteDC (hdc=0x650107d1) returned 1
[0180.760] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0180.760] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0180.760] GetSystemMetrics (nIndex=59) returned 1460
[0180.760] GetSystemMetrics (nIndex=60) returned 920
[0180.760] GetSystemMetrics (nIndex=34) returned 136
[0180.760] GetSystemMetrics (nIndex=35) returned 39
[0180.761] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.761] GetCursorPos (in: lpPoint=0x2d3ba98 | out: lpPoint=0x2d3ba98*(x=243, y=620)) returned 1
[0180.761] MonitorFromPoint (pt=0xf3, dwFlags=0x26c) returned 0x10001
[0180.761] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0180.761] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x660107d1
[0180.761] GetDeviceCaps (hdc=0x660107d1, index=12) returned 32
[0180.761] GetDeviceCaps (hdc=0x660107d1, index=14) returned 1
[0180.761] DeleteDC (hdc=0x660107d1) returned 1
[0180.761] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0180.761] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0180.761] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.762] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0180.762] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d3bd30 | out: piconinfo=0x2d3bd30) returned 1
[0180.762] GetObjectW (in: h=0xff0507f1, c=24, pv=0x2d3bd4c | out: pv=0x2d3bd4c) returned 24
[0180.762] GdipCreateBitmapFromHBITMAP (hbm=0xff0507f1, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0180.762] GdipGetImageWidth (image=0x6602a58, width=0xd7e750) returned 0x0
[0180.762] GdipGetImageHeight (image=0x6602a58, height=0xd7e748) returned 0x0
[0180.762] GdipGetImagePixelFormat (image=0x6602a58, format=0xd7e740) returned 0x0
[0180.762] GdipBitmapLockBits (bitmap=0x6602a58, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d3be04) returned 0x0
[0180.762] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0180.764] GdipBitmapLockBits (bitmap=0x6602da0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d3be3c) returned 0x0
[0180.764] RtlMoveMemory (in: Destination=0x6659f20, Source=0x6661ed8, Length=0x80 | out: Destination=0x6659f20)
[0180.764] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x6661e58, Length=0x80 | out: Destination=0x6659fa0)
[0180.764] RtlMoveMemory (in: Destination=0x665a020, Source=0x6661dd8, Length=0x80 | out: Destination=0x665a020)
[0180.764] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x6661d58, Length=0x80 | out: Destination=0x665a0a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a120, Source=0x6661cd8, Length=0x80 | out: Destination=0x665a120)
[0180.764] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x6661c58, Length=0x80 | out: Destination=0x665a1a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a220, Source=0x6661bd8, Length=0x80 | out: Destination=0x665a220)
[0180.764] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x6661b58, Length=0x80 | out: Destination=0x665a2a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a320, Source=0x6661ad8, Length=0x80 | out: Destination=0x665a320)
[0180.764] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x6661a58, Length=0x80 | out: Destination=0x665a3a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a420, Source=0x66619d8, Length=0x80 | out: Destination=0x665a420)
[0180.764] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x6661958, Length=0x80 | out: Destination=0x665a4a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a520, Source=0x66618d8, Length=0x80 | out: Destination=0x665a520)
[0180.764] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x6661858, Length=0x80 | out: Destination=0x665a5a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a620, Source=0x66617d8, Length=0x80 | out: Destination=0x665a620)
[0180.764] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x6661758, Length=0x80 | out: Destination=0x665a6a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a720, Source=0x66616d8, Length=0x80 | out: Destination=0x665a720)
[0180.764] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x6661658, Length=0x80 | out: Destination=0x665a7a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a820, Source=0x66615d8, Length=0x80 | out: Destination=0x665a820)
[0180.764] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x6661558, Length=0x80 | out: Destination=0x665a8a0)
[0180.764] RtlMoveMemory (in: Destination=0x665a920, Source=0x66614d8, Length=0x80 | out: Destination=0x665a920)
[0180.764] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x6661458, Length=0x80 | out: Destination=0x665a9a0)
[0180.765] RtlMoveMemory (in: Destination=0x665aa20, Source=0x66613d8, Length=0x80 | out: Destination=0x665aa20)
[0180.765] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x6661358, Length=0x80 | out: Destination=0x665aaa0)
[0180.765] RtlMoveMemory (in: Destination=0x665ab20, Source=0x66612d8, Length=0x80 | out: Destination=0x665ab20)
[0180.765] RtlMoveMemory (in: Destination=0x665aba0, Source=0x6661258, Length=0x80 | out: Destination=0x665aba0)
[0180.765] RtlMoveMemory (in: Destination=0x665ac20, Source=0x66611d8, Length=0x80 | out: Destination=0x665ac20)
[0180.765] RtlMoveMemory (in: Destination=0x665aca0, Source=0x6661158, Length=0x80 | out: Destination=0x665aca0)
[0180.765] RtlMoveMemory (in: Destination=0x665ad20, Source=0x66610d8, Length=0x80 | out: Destination=0x665ad20)
[0180.765] RtlMoveMemory (in: Destination=0x665ada0, Source=0x6661058, Length=0x80 | out: Destination=0x665ada0)
[0180.765] RtlMoveMemory (in: Destination=0x665ae20, Source=0x6660fd8, Length=0x80 | out: Destination=0x665ae20)
[0180.765] RtlMoveMemory (in: Destination=0x665aea0, Source=0x6660f58, Length=0x80 | out: Destination=0x665aea0)
[0180.765] GdipBitmapUnlockBits (bitmap=0x6602a58, lockedBitmapData=0x2d3be04) returned 0x0
[0180.765] GdipBitmapUnlockBits (bitmap=0x6602da0, lockedBitmapData=0x2d3be3c) returned 0x0
[0180.765] GdipDisposeImage (image=0x6602a58) returned 0x0
[0180.765] DeleteObject (ho=0xff0507f1) returned 1
[0180.765] DeleteObject (ho=0x670507d1) returned 1
[0180.765] GetCurrentThreadId () returned 0xf50
[0180.765] GetCurrentThreadId () returned 0xf50
[0180.765] SetWindowPos (hWnd=0xd02de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0180.766] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0180.766] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0180.766] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0180.766] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0180.766] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0180.766] GetWindowRect (in: hWnd=0xd02de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0180.766] GetParent (hWnd=0xd02de) returned 0xd02dc
[0180.766] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xd02dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0180.766] InvalidateRect (hWnd=0xd02de, lpRect=0x0, bErase=1) returned 1
[0180.766] GetWindowTextLengthW (hWnd=0xd02de) returned 0
[0180.766] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0180.766] GetSystemMetrics (nIndex=42) returned 0
[0180.766] GetWindowTextW (in: hWnd=0xd02de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0180.766] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0180.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0180.767] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0180.767] GetWindowRect (in: hWnd=0xd02de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0180.767] GetParent (hWnd=0xd02de) returned 0xd02dc
[0180.767] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xd02dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0180.767] GetWindowTextLengthW (hWnd=0xd02de) returned 0
[0180.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0180.767] GetSystemMetrics (nIndex=42) returned 0
[0180.767] GetWindowTextW (in: hWnd=0xd02de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0180.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0180.767] GetWindowTextLengthW (hWnd=0xd02de) returned 0
[0180.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0180.767] GetSystemMetrics (nIndex=42) returned 0
[0180.767] GetWindowTextW (in: hWnd=0xd02de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0180.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0180.767] SetWindowTextW (hWnd=0xd02de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0180.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xc, wParam=0x0, lParam=0x2d1cc98) returned 0x1
[0180.767] InvalidateRect (hWnd=0xd02de, lpRect=0x0, bErase=1) returned 1
[0180.767] GetCurrentThreadId () returned 0xf50
[0180.767] GetWindowThreadProcessId (in: hWnd=0xd02de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0180.768] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0180.769] GdipImageForceValidation (image=0x66030e8) returned 0x0
[0180.770] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0180.770] GdipGetImageHeight (image=0x66030e8, height=0xd7e824) returned 0x0
[0180.770] GdipGetImageWidth (image=0x66030e8, width=0xd7e824) returned 0x0
[0180.770] GdipGetImageWidth (image=0x66030e8, width=0xd7e810) returned 0x0
[0180.770] GdipGetImageHeight (image=0x66030e8, height=0xd7e810) returned 0x0
[0180.770] GdipGetImageWidth (image=0x66030e8, width=0xd7e800) returned 0x0
[0180.770] GdipGetImageHeight (image=0x66030e8, height=0xd7e800) returned 0x0
[0180.770] GdipBitmapGetPixel (bitmap=0x66030e8, x=0, y=15, color=0xd7e810) returned 0x0
[0180.770] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0180.770] GdipGetImageWidth (image=0x66030e8, width=0xd7e740) returned 0x0
[0180.770] GdipGetImageHeight (image=0x66030e8, height=0xd7e740) returned 0x0
[0180.770] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0180.770] GdipGetImagePixelFormat (image=0x6603430, format=0xd7e740) returned 0x0
[0180.770] GdipGetImageGraphicsContext (image=0x6603430, graphics=0xd7e74c) returned 0x0
[0180.770] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0180.771] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0180.771] GdipSetImageAttributesColorKeys (imageattr=0x6638b78, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0180.771] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66030e8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b78, callback=0x0, callbackData=0x0) returned 0x0
[0180.771] GdipDisposeImageAttributes (imageattr=0x6638b78) returned 0x0
[0180.771] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.771] GdipDisposeImage (image=0x66030e8) returned 0x0
[0180.771] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0180.772] GdipImageForceValidation (image=0x6601360) returned 0x0
[0180.773] GdipGetImageRawFormat (image=0x6601360, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0180.773] GdipGetImageHeight (image=0x6601360, height=0xd7e824) returned 0x0
[0180.773] GdipGetImageWidth (image=0x6601360, width=0xd7e824) returned 0x0
[0180.773] GdipGetImageWidth (image=0x6601360, width=0xd7e810) returned 0x0
[0180.773] GdipGetImageHeight (image=0x6601360, height=0xd7e810) returned 0x0
[0180.773] GdipGetImageWidth (image=0x6601360, width=0xd7e800) returned 0x0
[0180.773] GdipGetImageHeight (image=0x6601360, height=0xd7e800) returned 0x0
[0180.773] GdipBitmapGetPixel (bitmap=0x6601360, x=0, y=15, color=0xd7e810) returned 0x0
[0180.773] GdipGetImageRawFormat (image=0x6601360, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0180.774] GdipGetImageWidth (image=0x6601360, width=0xd7e740) returned 0x0
[0180.774] GdipGetImageHeight (image=0x6601360, height=0xd7e740) returned 0x0
[0180.774] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0180.774] GdipGetImagePixelFormat (image=0x66016a8, format=0xd7e740) returned 0x0
[0180.774] GdipGetImageGraphicsContext (image=0x66016a8, graphics=0xd7e74c) returned 0x0
[0180.774] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0180.774] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0180.774] GdipSetImageAttributesColorKeys (imageattr=0x6638cf8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0180.774] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601360, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cf8, callback=0x0, callbackData=0x0) returned 0x0
[0180.774] GdipDisposeImageAttributes (imageattr=0x6638cf8) returned 0x0
[0180.774] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.774] GdipDisposeImage (image=0x6601360) returned 0x0
[0180.775] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.775] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0180.775] GetCurrentThreadId () returned 0xf50
[0180.775] GetCurrentThreadId () returned 0xf50
[0180.775] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.775] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0180.775] GetCurrentThreadId () returned 0xf50
[0180.775] GetCurrentThreadId () returned 0xf50
[0180.775] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.775] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0180.775] GetCurrentThreadId () returned 0xf50
[0180.776] GetCurrentThreadId () returned 0xf50
[0180.776] GetSystemMetrics (nIndex=5) returned 1
[0180.776] GetSystemMetrics (nIndex=6) returned 1
[0180.776] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.776] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0180.776] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.776] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0180.776] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.776] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0180.776] GetCurrentThreadId () returned 0xf50
[0180.776] GetCurrentThreadId () returned 0xf50
[0180.777] GetProcessWindowStation () returned 0x13c
[0180.777] GetCapture () returned 0x0
[0180.777] GetActiveWindow () returned 0x7005c
[0180.777] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0180.777] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.777] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0180.777] GetCursorPos (in: lpPoint=0x2d3cf7c | out: lpPoint=0x2d3cf7c*(x=243, y=620)) returned 1
[0180.777] MonitorFromPoint (pt=0xf3, dwFlags=0x26c) returned 0x10001
[0180.777] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0180.777] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x680107d1
[0180.777] GetDeviceCaps (hdc=0x680107d1, index=12) returned 32
[0180.777] GetDeviceCaps (hdc=0x680107d1, index=14) returned 1
[0180.777] DeleteDC (hdc=0x680107d1) returned 1
[0180.778] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0180.778] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.778] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02d8
[0180.779] SetWindowLongW (hWnd=0xf02d8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0180.779] GetWindowLongW (hWnd=0xf02d8, nIndex=-4) returned 1950089536
[0180.779] SetWindowLongW (hWnd=0xf02d8, nIndex=-4, dwNewLong=19943366) returned 1950089536
[0180.779] GetWindowLongW (hWnd=0xf02d8, nIndex=-4) returned 19943366
[0180.779] GetWindowLongW (hWnd=0xf02d8, nIndex=-16) returned 113770496
[0180.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0180.780] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0180.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0180.781] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0180.781] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0180.781] SetWindowTextW (hWnd=0xf02d8, lpString="BB ransomware") returned 1
[0180.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xc, wParam=0x0, lParam=0x2d3b718) returned 0x1
[0180.782] GetStartupInfoW (in: lpStartupInfo=0x2d3d2b8 | out: lpStartupInfo=0x2d3d2b8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0180.783] GetParent (hWnd=0xf02d8) returned 0x0
[0180.783] SetWindowLongW (hWnd=0xf02d8, nIndex=-8, dwNewLong=0) returned 0
[0180.785] SendMessageW (hWnd=0xf02d8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0180.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0180.785] SendMessageW (hWnd=0xf02d8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0180.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0180.785] GetSystemMenu (hWnd=0xf02d8, bRevert=0) returned 0x2602a1
[0180.786] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0180.786] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0180.786] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0180.786] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0180.786] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0180.786] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0180.786] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0180.786] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0180.786] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0180.786] SetWindowPos (hWnd=0xf02d8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0180.786] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0180.787] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0xf02d8) returned 0x1
[0180.789] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0180.789] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0180.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0180.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0180.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0180.793] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0xf02d8, lParam=0x0) returned 0x0
[0180.793] GetCapture () returned 0x0
[0180.793] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0180.794] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0180.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0180.799] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0180.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0180.799] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0180.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0180.800] GetParent (hWnd=0xf02d8) returned 0x0
[0180.800] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0180.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0180.802] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0180.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0180.802] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0180.802] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0180.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0180.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0180.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0180.804] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.805] GetWindowLongW (hWnd=0xf02d8, nIndex=-16) returned 113770496
[0180.805] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.805] GetSystemMetrics (nIndex=42) returned 0
[0180.805] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0180.805] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.805] GetSystemMetrics (nIndex=42) returned 0
[0180.805] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0180.805] GetCursorPos (in: lpPoint=0x2d3d4f4 | out: lpPoint=0x2d3d4f4*(x=243, y=620)) returned 1
[0180.805] MonitorFromPoint (pt=0xf0, dwFlags=0x26d) returned 0x10001
[0180.805] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0180.805] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8101065e
[0180.805] GetDeviceCaps (hdc=0x8101065e, index=12) returned 32
[0180.805] GetDeviceCaps (hdc=0x8101065e, index=14) returned 1
[0180.805] DeleteDC (hdc=0x8101065e) returned 1
[0180.806] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0180.806] GetWindowLongW (hWnd=0xf02d8, nIndex=-16) returned 113770496
[0180.806] GetWindowLongW (hWnd=0xf02d8, nIndex=-20) returned 327945
[0180.806] SetWindowLongW (hWnd=0xf02d8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0180.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0180.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0180.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0180.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0180.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0180.808] SetWindowLongW (hWnd=0xf02d8, nIndex=-20, dwNewLong=327681) returned 327945
[0180.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0180.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0180.809] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0180.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0180.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0180.810] SetWindowPos (hWnd=0xf02d8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0180.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0180.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0180.811] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0180.811] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0180.811] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0180.811] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0180.812] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0180.812] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0180.812] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0180.812] RedrawWindow (hWnd=0xf02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0180.812] GetSystemMenu (hWnd=0xf02d8, bRevert=0) returned 0x2602a1
[0180.812] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0180.813] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0180.813] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0180.813] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0180.813] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0180.813] EnableMenuItem (hMenu=0x2602a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0180.813] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0180.813] GetWindowLongW (hWnd=0xf02d8, nIndex=-8) returned 0
[0180.813] SetWindowLongW (hWnd=0xf02d8, nIndex=-8, dwNewLong=458844) returned 0
[0180.814] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0180.814] GetProcessWindowStation () returned 0x13c
[0180.814] GetCurrentThreadId () returned 0xf50
[0180.814] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304fee, lParam=0x0) returned 1
[0180.814] IsWindowVisible (hWnd=0xf02d8) returned 0
[0180.814] IsWindowVisible (hWnd=0x7005c) returned 1
[0180.814] IsWindowEnabled (hWnd=0x7005c) returned 1
[0180.814] IsWindowVisible (hWnd=0x300ec) returned 0
[0180.814] IsWindowVisible (hWnd=0x502c6) returned 0
[0180.814] IsWindowVisible (hWnd=0x502be) returned 0
[0180.814] GetActiveWindow () returned 0xf02d8
[0180.815] GetFocus () returned 0xf02d8
[0180.815] IsWindow (hWnd=0x7005c) returned 1
[0180.815] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0180.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0180.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0180.815] GetWindowLongW (hWnd=0xf02d8, nIndex=-8) returned 458844
[0180.815] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0180.815] GetCurrentThreadId () returned 0xf50
[0180.815] GetWindowLongW (hWnd=0xf02d8, nIndex=-8) returned 458844
[0180.815] IsWindowEnabled (hWnd=0x7005c) returned 0
[0180.815] IsWindowEnabled (hWnd=0xf02d8) returned 1
[0180.815] ShowWindow (hWnd=0xf02d8, nCmdShow=5) returned 0
[0180.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.816] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0180.816] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.816] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.816] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0xf02d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02d2
[0180.817] SetWindowLongW (hWnd=0xe02d2, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0180.817] GetWindowLongW (hWnd=0xe02d2, nIndex=-4) returned 1950089536
[0180.817] SetWindowLongW (hWnd=0xe02d2, nIndex=-4, dwNewLong=19943606) returned 1950089536
[0180.817] GetWindowLongW (hWnd=0xe02d2, nIndex=-4) returned 19943606
[0180.817] GetWindowLongW (hWnd=0xe02d2, nIndex=-16) returned 1174405120
[0180.817] GetWindowLongW (hWnd=0xe02d2, nIndex=-12) returned 0
[0180.817] SetWindowLongW (hWnd=0xe02d2, nIndex=-12, dwNewLong=918226) returned 0
[0180.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0180.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0180.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0180.818] GetWindow (hWnd=0xe02d2, uCmd=0x3) returned 0x0
[0180.818] GetClientRect (in: hWnd=0xe02d2, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0180.818] GetWindowRect (in: hWnd=0xe02d2, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0180.818] GetParent (hWnd=0xe02d2) returned 0xf02d8
[0180.818] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0180.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0180.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0180.819] GetClientRect (in: hWnd=0xe02d2, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0180.819] GetWindowRect (in: hWnd=0xe02d2, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0180.819] GetParent (hWnd=0xe02d2) returned 0xf02d8
[0180.819] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0180.819] SendMessageW (hWnd=0xe02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xe02d2) returned 0x0
[0180.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xe02d2) returned 0x0
[0180.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.819] GetParent (hWnd=0xe02d2) returned 0xf02d8
[0180.819] GetParent (hWnd=0xd02de) returned 0xd02dc
[0180.819] SetParent (hWndChild=0xd02de, hWndNewParent=0xf02d8) returned 0xd02dc
[0180.819] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0180.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0180.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0180.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0180.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0180.820] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0180.820] GetWindowRect (in: hWnd=0xd02de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0180.820] GetParent (hWnd=0xd02de) returned 0xf02d8
[0180.820] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0180.820] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0180.820] GetWindowRect (in: hWnd=0xd02de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0180.820] GetParent (hWnd=0xd02de) returned 0xf02d8
[0180.820] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0180.820] GetParent (hWnd=0xd02de) returned 0xf02d8
[0180.820] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.821] GetWindow (hWnd=0xd02de, uCmd=0x3) returned 0x0
[0180.821] SetWindowPos (hWnd=0xd02de, hWndInsertAfter=0xe02d2, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0180.821] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0180.821] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0180.821] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0180.821] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0180.821] GetWindowRect (in: hWnd=0xd02de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0180.821] GetParent (hWnd=0xd02de) returned 0xf02d8
[0180.821] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0180.821] GetParent (hWnd=0xd02de) returned 0xf02d8
[0180.821] GetWindow (hWnd=0xd02de, uCmd=0x3) returned 0xe02d2
[0180.821] GetWindowThreadProcessId (in: hWnd=0xd02de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0180.821] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0180.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.822] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.822] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0xf02d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf013e
[0180.822] SetWindowLongW (hWnd=0xf013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0180.823] GetWindowLongW (hWnd=0xf013e, nIndex=-4) returned 1868032000
[0180.823] SetWindowLongW (hWnd=0xf013e, nIndex=-4, dwNewLong=19943446) returned 1868032000
[0180.823] GetWindowLongW (hWnd=0xf013e, nIndex=-4) returned 19943446
[0180.823] GetWindowLongW (hWnd=0xf013e, nIndex=-16) returned 1174470667
[0180.823] GetWindowLongW (hWnd=0xf013e, nIndex=-12) returned 0
[0180.823] SetWindowLongW (hWnd=0xf013e, nIndex=-12, dwNewLong=983358) returned 0
[0180.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0180.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0180.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0180.824] SendMessageW (hWnd=0xf013e, Msg=0x2055, wParam=0xf013e, lParam=0x3) returned 0x2
[0180.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0180.825] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0180.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0180.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0180.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0180.825] RedrawWindow (hWnd=0xe02d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0180.832] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0180.832] RedrawWindow (hWnd=0xd02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0180.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0180.832] RedrawWindow (hWnd=0xf013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0180.832] RedrawWindow (hWnd=0xf02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0180.832] GetWindow (hWnd=0xf013e, uCmd=0x3) returned 0xd02de
[0180.833] GetClientRect (in: hWnd=0xf013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0180.833] GetWindowRect (in: hWnd=0xf013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0180.833] GetParent (hWnd=0xf013e) returned 0xf02d8
[0180.833] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0180.833] SetWindowTextW (hWnd=0xf013e, lpString="&Details") returned 1
[0180.833] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0180.833] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0180.833] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0180.833] GetClientRect (in: hWnd=0xf013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0180.833] GetWindowRect (in: hWnd=0xf013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0180.833] GetParent (hWnd=0xf013e) returned 0xf02d8
[0180.834] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0180.834] SendMessageW (hWnd=0xf013e, Msg=0x2210, wParam=0x13e0001, lParam=0xf013e) returned 0x0
[0180.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x2210, wParam=0x13e0001, lParam=0xf013e) returned 0x0
[0180.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.834] GetParent (hWnd=0xf013e) returned 0xf02d8
[0180.834] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0180.834] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.835] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.835] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0xf02d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd02da
[0180.835] SetWindowLongW (hWnd=0xd02da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0180.835] GetWindowLongW (hWnd=0xd02da, nIndex=-4) returned 1868032000
[0180.836] SetWindowLongW (hWnd=0xd02da, nIndex=-4, dwNewLong=19943646) returned 1868032000
[0180.836] GetWindowLongW (hWnd=0xd02da, nIndex=-4) returned 19943646
[0180.836] GetWindowLongW (hWnd=0xd02da, nIndex=-16) returned 1174470667
[0180.836] GetWindowLongW (hWnd=0xd02da, nIndex=-12) returned 0
[0180.836] SetWindowLongW (hWnd=0xd02da, nIndex=-12, dwNewLong=852698) returned 0
[0180.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0180.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0180.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0180.837] SendMessageW (hWnd=0xd02da, Msg=0x2055, wParam=0xd02da, lParam=0x3) returned 0x2
[0180.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0180.837] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0180.837] GetWindow (hWnd=0xd02da, uCmd=0x3) returned 0xf013e
[0180.837] GetClientRect (in: hWnd=0xd02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0180.837] GetWindowRect (in: hWnd=0xd02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0180.838] GetParent (hWnd=0xd02da) returned 0xf02d8
[0180.838] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0180.838] SetWindowTextW (hWnd=0xd02da, lpString="&Continue") returned 1
[0180.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0180.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0180.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0180.838] GetClientRect (in: hWnd=0xd02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0180.838] GetWindowRect (in: hWnd=0xd02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0180.838] GetParent (hWnd=0xd02da) returned 0xf02d8
[0180.838] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0180.838] SendMessageW (hWnd=0xd02da, Msg=0x2210, wParam=0x2da0001, lParam=0xd02da) returned 0x0
[0180.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x2210, wParam=0x2da0001, lParam=0xd02da) returned 0x0
[0180.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.839] GetParent (hWnd=0xd02da) returned 0xf02d8
[0180.839] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0180.839] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.840] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.840] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0xf02d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1000ea
[0180.840] SetWindowLongW (hWnd=0x1000ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0180.840] GetWindowLongW (hWnd=0x1000ea, nIndex=-4) returned 1868032000
[0180.840] SetWindowLongW (hWnd=0x1000ea, nIndex=-4, dwNewLong=19943966) returned 1868032000
[0180.840] GetWindowLongW (hWnd=0x1000ea, nIndex=-4) returned 19943966
[0180.840] GetWindowLongW (hWnd=0x1000ea, nIndex=-16) returned 1174470667
[0180.840] GetWindowLongW (hWnd=0x1000ea, nIndex=-12) returned 0
[0180.840] SetWindowLongW (hWnd=0x1000ea, nIndex=-12, dwNewLong=1048810) returned 0
[0180.841] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0180.841] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0180.841] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0180.842] SendMessageW (hWnd=0x1000ea, Msg=0x2055, wParam=0x1000ea, lParam=0x3) returned 0x2
[0180.842] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0180.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0180.842] GetWindow (hWnd=0x1000ea, uCmd=0x3) returned 0xd02da
[0180.842] GetClientRect (in: hWnd=0x1000ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0180.842] GetWindowRect (in: hWnd=0x1000ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0180.842] GetParent (hWnd=0x1000ea) returned 0xf02d8
[0180.843] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0180.843] SetWindowTextW (hWnd=0x1000ea, lpString="&Quit") returned 1
[0180.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0180.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0180.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0180.843] GetClientRect (in: hWnd=0x1000ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0180.843] GetWindowRect (in: hWnd=0x1000ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0180.843] GetParent (hWnd=0x1000ea) returned 0xf02d8
[0180.843] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0180.843] SendMessageW (hWnd=0x1000ea, Msg=0x2210, wParam=0xea0001, lParam=0x1000ea) returned 0x0
[0180.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x2210, wParam=0xea0001, lParam=0x1000ea) returned 0x0
[0180.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.844] GetParent (hWnd=0x1000ea) returned 0xf02d8
[0180.844] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0180.844] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.844] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0180.845] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0xf02d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb005a
[0180.845] SetWindowLongW (hWnd=0xb005a, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0180.845] GetWindowLongW (hWnd=0xb005a, nIndex=-4) returned 1868026976
[0180.845] SetWindowLongW (hWnd=0xb005a, nIndex=-4, dwNewLong=19943766) returned 1868026976
[0180.846] GetWindowLongW (hWnd=0xb005a, nIndex=-4) returned 19943766
[0180.846] GetWindowLongW (hWnd=0xb005a, nIndex=-16) returned 1177553092
[0180.846] GetWindowLongW (hWnd=0xb005a, nIndex=-12) returned 0
[0180.846] SetWindowLongW (hWnd=0xb005a, nIndex=-12, dwNewLong=720986) returned 0
[0180.846] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0180.847] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0180.848] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0180.863] GetWindow (hWnd=0xb005a, uCmd=0x3) returned 0x1000ea
[0180.863] GetClientRect (in: hWnd=0xb005a, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0180.863] GetWindowRect (in: hWnd=0xb005a, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0180.863] GetParent (hWnd=0xb005a) returned 0xf02d8
[0180.863] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0180.863] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.864] GetSystemMetrics (nIndex=42) returned 0
[0180.864] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0180.864] SendMessageW (hWnd=0xb005a, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0180.864] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0180.868] SetWindowTextW (hWnd=0xb005a, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0180.868] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0xc, wParam=0x0, lParam=0x2d39100) returned 0x1
[0180.869] GetSystemMetrics (nIndex=5) returned 1
[0180.870] GetSystemMetrics (nIndex=6) returned 1
[0180.870] SendMessageW (hWnd=0xb005a, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0180.870] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0180.870] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0180.871] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0180.871] GetClientRect (in: hWnd=0xb005a, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0180.871] GetWindowRect (in: hWnd=0xb005a, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0180.871] GetParent (hWnd=0xb005a) returned 0xf02d8
[0180.871] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02d8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0180.871] SendMessageW (hWnd=0xb005a, Msg=0x2210, wParam=0x5a0001, lParam=0xb005a) returned 0x0
[0180.871] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x2210, wParam=0x5a0001, lParam=0xb005a) returned 0x0
[0180.871] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0180.871] GetParent (hWnd=0xb005a) returned 0xf02d8
[0180.871] GetWindowLongW (hWnd=0xf02d8, nIndex=-8) returned 458844
[0180.871] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0180.872] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0180.872] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8801065e
[0180.872] GetDeviceCaps (hdc=0x8801065e, index=12) returned 32
[0180.872] GetDeviceCaps (hdc=0x8801065e, index=14) returned 1
[0180.872] DeleteDC (hdc=0x8801065e) returned 1
[0180.872] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0180.872] GetWindowThreadProcessId (in: hWnd=0xf02d8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0180.872] GetCurrentThreadId () returned 0xf50
[0180.873] PostMessageW (hWnd=0xf02d8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0180.873] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.873] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.873] GetSystemMetrics (nIndex=42) returned 0
[0180.873] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.873] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0180.873] GdipImageGetFrameDimensionsCount (image=0x6602da0, count=0xd7e25c) returned 0x0
[0180.873] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7c10
[0180.873] GdipImageGetFrameDimensionsList (image=0x6602da0, dimensionIDs=0x11f7c10*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0180.873] LocalFree (hMem=0x11f7c10) returned 0x0
[0180.873] GdipImageGetFrameDimensionsCount (image=0x6603430, count=0xd7e250) returned 0x0
[0180.873] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7aa8
[0180.873] GdipImageGetFrameDimensionsList (image=0x6603430, dimensionIDs=0x11f7aa8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0180.873] LocalFree (hMem=0x11f7aa8) returned 0x0
[0180.873] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0180.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0180.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0180.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0180.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0180.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0180.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0180.888] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0180.888] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0180.888] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.888] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.888] GetSystemMetrics (nIndex=42) returned 0
[0180.888] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.888] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0180.888] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0180.888] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0180.888] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0180.888] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0xffffffff8a0507e8
[0180.888] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0180.888] SaveDC (hdc=0xc0107c5) returned 1
[0180.889] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0180.889] CreateSolidBrush (color=0xf0f0f0) returned 0xa01007e1
[0180.889] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0xa01007e1) returned 1
[0180.889] DeleteObject (ho=0xa01007e1) returned 1
[0180.889] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0180.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0180.889] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0180.889] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0180.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0180.890] GetStockObject (i=5) returned 0x900015
[0180.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0180.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0180.890] GetStockObject (i=5) returned 0x900015
[0180.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0180.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0180.890] GetStockObject (i=5) returned 0x900015
[0180.891] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0180.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0180.891] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0180.891] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0180.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0180.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0180.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0180.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0180.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0180.893] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0180.893] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0180.893] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0180.893] InvalidateRect (hWnd=0xf013e, lpRect=0x0, bErase=0) returned 1
[0180.893] GetFocus () returned 0xf02d8
[0180.893] GetFocus () returned 0xf02d8
[0180.893] SetFocus (hWnd=0xf013e) returned 0xf02d8
[0180.893] GetFocus () returned 0xf013e
[0180.894] IsChild (hWndParent=0xf02d8, hWnd=0xf013e) returned 1
[0180.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x8, wParam=0xf013e, lParam=0x0) returned 0x0
[0180.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0180.895] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0180.897] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0180.897] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x7, wParam=0xf02d8, lParam=0x0) returned 0x0
[0180.897] GetStockObject (i=5) returned 0x900015
[0180.897] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0180.897] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0180.897] GetDlgItem (hDlg=0xf02d8, nIDDlgItem=983358) returned 0xf013e
[0180.897] SendMessageW (hWnd=0xf013e, Msg=0x202b, wParam=0xf013e, lParam=0xd7e0dc) returned 0x0
[0180.897] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x202b, wParam=0xf013e, lParam=0xd7e0dc) returned 0x0
[0180.897] InvalidateRect (hWnd=0xf013e, lpRect=0x0, bErase=0) returned 1
[0180.899] GetFocus () returned 0xf013e
[0180.899] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.899] IsWindowUnicode (hWnd=0xf02d8) returned 1
[0180.899] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.899] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.899] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0180.899] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.900] IsWindowUnicode (hWnd=0xf02d8) returned 1
[0180.900] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.900] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.900] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.900] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0180.901] IsWindowUnicode (hWnd=0xf02d8) returned 1
[0180.901] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.901] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.901] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.901] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.901] IsWindowUnicode (hWnd=0x602c4) returned 1
[0180.901] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.901] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.901] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0180.901] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0180.901] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.902] IsWindowUnicode (hWnd=0xf02d8) returned 1
[0180.902] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.902] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.902] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.902] BeginPaint (in: hWnd=0xf02d8, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0180.902] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.902] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.902] GetSystemMetrics (nIndex=42) returned 0
[0180.902] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0180.902] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.902] EndPaint (hWnd=0xf02d8, lpPaint=0xd7e274) returned 1
[0180.903] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.903] IsWindowUnicode (hWnd=0xe02d2) returned 1
[0180.903] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.903] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.903] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.903] BeginPaint (in: hWnd=0xe02d2, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0180.903] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.903] CreateCompatibleDC (hdc=0x60100ce) returned 0x130107da
[0180.908] SelectObject (hdc=0x130107da, h=0x4a0507fe) returned 0x85000f
[0180.908] GdipCreateFromHDC (hdc=0x130107da, graphics=0xd7e2b0) returned 0x0
[0180.908] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0180.908] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0180.908] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0180.908] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0180.908] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e310) returned 0x0
[0180.908] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0180.908] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0180.908] LocalFree (hMem=0x11ee788) returned 0x0
[0180.908] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0180.908] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0180.908] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0180.908] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e304) returned 0x0
[0180.908] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0180.909] GetWindowTextLengthW (hWnd=0xe02d2) returned 0
[0180.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0180.909] GetSystemMetrics (nIndex=42) returned 0
[0180.909] GetWindowTextW (in: hWnd=0xe02d2, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0180.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0180.909] GetClientRect (in: hWnd=0xe02d2, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0180.909] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0180.909] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0180.909] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0180.909] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0180.909] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e164) returned 0x0
[0180.909] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0180.909] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea98) returned 0x0
[0180.909] LocalFree (hMem=0x11eea98) returned 0x0
[0180.909] GdipCombineRegionRegion (region=0x6646c28, region2=0x6646958, combineMode=0x1) returned 0x0
[0180.909] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0180.909] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0180.909] LocalFree (hMem=0x11ee9f0) returned 0x0
[0180.909] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0180.909] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0180.909] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0180.909] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0180.909] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0180.909] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0180.910] GetCurrentObject (hdc=0x130107da, type=0x1) returned 0xb00017
[0180.910] GetCurrentObject (hdc=0x130107da, type=0x2) returned 0x900010
[0180.910] GetCurrentObject (hdc=0x130107da, type=0x7) returned 0x4a0507fe
[0180.910] GetCurrentObject (hdc=0x130107da, type=0x6) returned 0x8a01c2
[0180.910] SaveDC (hdc=0x130107da) returned 1
[0180.910] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xeb040807
[0180.910] GetClipRgn (hdc=0x130107da, hrgn=0xeb040807) returned 0
[0180.910] SelectClipRgn (hdc=0x130107da, hrgn=0x700407de) returned 2
[0180.910] DeleteObject (ho=0xeb040807) returned 1
[0180.910] DeleteObject (ho=0x700407de) returned 1
[0180.910] OffsetViewportOrgEx (in: hdc=0x130107da, x=0, y=0, lppt=0x2d3ec60 | out: lppt=0x2d3ec60) returned 1
[0180.910] GetNearestColor (hdc=0x130107da, color=0xf0f0f0) returned 0xf0f0f0
[0180.910] CreateSolidBrush (color=0xf0f0f0) returned 0xa11007e1
[0180.910] FillRect (hDC=0x130107da, lprc=0xd7e198, hbr=0xa11007e1) returned 1
[0180.910] DeleteObject (ho=0xa11007e1) returned 1
[0180.910] RestoreDC (hdc=0x130107da, nSavedDC=-1) returned 1
[0180.910] GdipReleaseDC (graphics=0x6600030, hdc=0x130107da) returned 0x0
[0180.910] GdipRestoreGraphics (graphics=0x6600030, state=0xfbce0dbd) returned 0x0
[0180.910] GdipDeleteRegion (region=0x6646958) returned 0x0
[0180.910] GetWindowTextLengthW (hWnd=0xe02d2) returned 0
[0180.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0180.911] GetSystemMetrics (nIndex=42) returned 0
[0180.911] GetWindowTextW (in: hWnd=0xe02d2, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0180.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0180.911] GdipGetImageWidth (image=0x6602da0, width=0xd7e1e0) returned 0x0
[0180.911] GdipGetImageHeight (image=0x6602da0, height=0xd7e1e0) returned 0x0
[0180.911] GdipGetImageWidth (image=0x6602da0, width=0xd7e1cc) returned 0x0
[0180.911] GdipGetImageHeight (image=0x6602da0, height=0xd7e1cc) returned 0x0
[0180.911] GdipDrawImageRectI (graphics=0x6600030, image=0x6602da0, x=16, y=16, width=32, height=32) returned 0x0
[0180.911] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0180.911] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x130107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0180.911] GdipReleaseDC (graphics=0x6600030, hdc=0x130107da) returned 0x0
[0180.911] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.911] SelectObject (hdc=0x130107da, h=0x85000f) returned 0x4a0507fe
[0180.911] DeleteDC (hdc=0x130107da) returned 1
[0180.911] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.911] EndPaint (hWnd=0xe02d2, lpPaint=0xd7e294) returned 1
[0180.912] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.912] IsWindowUnicode (hWnd=0xd02de) returned 1
[0180.912] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.912] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.912] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.912] BeginPaint (in: hWnd=0xd02de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0180.912] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.912] CreateCompatibleDC (hdc=0xc0107c5) returned 0x150107da
[0180.912] GetObjectType (h=0xc0107c5) returned 0x3
[0180.912] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0xffffffff9305065e
[0180.912] GetDIBits (in: hdc=0xc0107c5, hbm=0x9305065e, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0180.912] GetDIBits (in: hdc=0xc0107c5, hbm=0x9305065e, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0180.912] DeleteObject (ho=0x9305065e) returned 1
[0180.913] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x90507ae
[0180.913] SelectObject (hdc=0x150107da, h=0x90507ae) returned 0x85000f
[0180.913] GdipCreateFromHDC (hdc=0x150107da, graphics=0xd7e234) returned 0x0
[0180.913] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0180.913] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0180.913] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0180.913] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0180.913] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0180.913] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0180.913] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0180.913] LocalFree (hMem=0x11ee868) returned 0x0
[0180.913] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0180.913] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0180.913] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0180.913] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0180.913] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0180.914] GetWindowTextLengthW (hWnd=0xd02de) returned 232
[0180.914] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0180.914] GetSystemMetrics (nIndex=42) returned 0
[0180.914] GetWindowTextW (in: hWnd=0xd02de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0180.914] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0180.914] GetClientRect (in: hWnd=0xd02de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0180.914] GdipCreateRegion (region=0xd7e110) returned 0x0
[0180.914] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0180.914] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0180.914] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0180.914] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e128) returned 0x0
[0180.914] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0180.914] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea60) returned 0x0
[0180.914] LocalFree (hMem=0x11eea60) returned 0x0
[0180.914] GdipCombineRegionRegion (region=0x6646c28, region2=0x6646958, combineMode=0x1) returned 0x0
[0180.914] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0180.914] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0180.914] LocalFree (hMem=0x11ee788) returned 0x0
[0180.914] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0180.914] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e150) returned 0x0
[0180.914] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e140) returned 0x0
[0180.914] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0180.914] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0180.914] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0180.915] GetCurrentObject (hdc=0x150107da, type=0x1) returned 0xb00017
[0180.915] GetCurrentObject (hdc=0x150107da, type=0x2) returned 0x900010
[0180.915] GetCurrentObject (hdc=0x150107da, type=0x7) returned 0x90507ae
[0180.915] GetCurrentObject (hdc=0x150107da, type=0x6) returned 0x8a01c2
[0180.915] SaveDC (hdc=0x150107da) returned 1
[0180.915] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x710407de
[0180.915] GetClipRgn (hdc=0x150107da, hrgn=0x710407de) returned 0
[0180.915] SelectClipRgn (hdc=0x150107da, hrgn=0xec040807) returned 2
[0180.915] DeleteObject (ho=0x710407de) returned 1
[0180.915] DeleteObject (ho=0xec040807) returned 1
[0180.915] OffsetViewportOrgEx (in: hdc=0x150107da, x=0, y=0, lppt=0x2d40628 | out: lppt=0x2d40628) returned 1
[0180.915] GetNearestColor (hdc=0x150107da, color=0xf0f0f0) returned 0xf0f0f0
[0180.915] CreateSolidBrush (color=0xf0f0f0) returned 0xa21007e1
[0180.915] FillRect (hDC=0x150107da, lprc=0xd7e15c, hbr=0xa21007e1) returned 1
[0180.917] DeleteObject (ho=0xa21007e1) returned 1
[0180.917] RestoreDC (hdc=0x150107da, nSavedDC=-1) returned 1
[0180.917] GdipReleaseDC (graphics=0x6600030, hdc=0x150107da) returned 0x0
[0180.917] GdipRestoreGraphics (graphics=0x6600030, state=0xfbcc0dbd) returned 0x0
[0180.917] GdipDeleteRegion (region=0x6646958) returned 0x0
[0180.917] GetWindowTextLengthW (hWnd=0xd02de) returned 232
[0180.917] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0180.917] GetSystemMetrics (nIndex=42) returned 0
[0180.917] GetWindowTextW (in: hWnd=0xd02de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0180.917] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0180.917] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0180.917] GetCurrentObject (hdc=0x150107da, type=0x1) returned 0xb00017
[0180.917] GetCurrentObject (hdc=0x150107da, type=0x2) returned 0x900010
[0180.917] GetCurrentObject (hdc=0x150107da, type=0x7) returned 0x90507ae
[0180.917] GetCurrentObject (hdc=0x150107da, type=0x6) returned 0x8a01c2
[0180.917] SaveDC (hdc=0x150107da) returned 1
[0180.917] GetNearestColor (hdc=0x150107da, color=0x0) returned 0x0
[0180.918] RestoreDC (hdc=0x150107da, nSavedDC=-1) returned 1
[0180.918] GdipReleaseDC (graphics=0x6600030, hdc=0x150107da) returned 0x0
[0180.918] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0180.918] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0180.918] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d40e24 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0180.918] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0180.918] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0180.919] GetCurrentObject (hdc=0x150107da, type=0x1) returned 0xb00017
[0180.919] GetCurrentObject (hdc=0x150107da, type=0x2) returned 0x900010
[0180.919] GetCurrentObject (hdc=0x150107da, type=0x7) returned 0x90507ae
[0180.924] GetCurrentObject (hdc=0x150107da, type=0x6) returned 0x8a01c2
[0180.925] SaveDC (hdc=0x150107da) returned 1
[0180.925] GetTextAlign (hdc=0x150107da) returned 0x0
[0180.925] GetTextColor (hdc=0x150107da) returned 0x0
[0180.925] GetCurrentObject (hdc=0x150107da, type=0x6) returned 0x8a01c2
[0180.925] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0180.925] SelectObject (hdc=0x150107da, h=0x6d0a0520) returned 0x8a01c2
[0180.925] GetBkMode (hdc=0x150107da) returned 2
[0180.925] SetBkMode (hdc=0x150107da, mode=1) returned 2
[0180.925] DrawTextExW (in: hdc=0x150107da, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d41048 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0180.928] RestoreDC (hdc=0x150107da, nSavedDC=-1) returned 1
[0180.928] GdipReleaseDC (graphics=0x6600030, hdc=0x150107da) returned 0x0
[0180.928] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0180.928] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0x150107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0180.928] GdipReleaseDC (graphics=0x6600030, hdc=0x150107da) returned 0x0
[0180.928] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.928] SelectObject (hdc=0x150107da, h=0x85000f) returned 0x90507ae
[0180.928] DeleteDC (hdc=0x150107da) returned 1
[0180.928] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.928] DeleteObject (ho=0x90507ae) returned 1
[0180.929] EndPaint (hWnd=0xd02de, lpPaint=0xd7e258) returned 1
[0180.929] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0180.929] IsWindowUnicode (hWnd=0xd02da) returned 1
[0180.929] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0180.929] SetCursor (hCursor=0x10003) returned 0x10003
[0180.930] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.930] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.930] _TrackMouseEvent (in: lpEventTrack=0x2d41084 | out: lpEventTrack=0x2d41084) returned 1
[0180.930] SendMessageW (hWnd=0xd02da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0180.930] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0180.930] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0180.930] GetKeyState (nVirtKey=1) returned 0
[0180.930] GetKeyState (nVirtKey=2) returned 0
[0180.930] GetKeyState (nVirtKey=4) returned 0
[0180.930] GetKeyState (nVirtKey=5) returned 0
[0180.930] GetKeyState (nVirtKey=6) returned 0
[0180.930] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.930] IsWindowUnicode (hWnd=0xf013e) returned 1
[0180.930] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.930] TranslateMessage (lpMsg=0xd7e808) returned 0
[0180.930] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0180.930] BeginPaint (in: hWnd=0xf013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0180.930] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0180.930] CreateCompatibleDC (hdc=0xf0105ee) returned 0x9501065e
[0180.931] SelectObject (hdc=0x9501065e, h=0x4a0507fe) returned 0x85000f
[0180.931] GdipCreateFromHDC (hdc=0x9501065e, graphics=0xd7e268) returned 0x0
[0180.931] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0180.931] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0180.931] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0180.931] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0180.931] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0180.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0180.931] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0180.931] LocalFree (hMem=0x11eecc8) returned 0x0
[0180.931] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0180.931] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0180.931] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0180.931] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0180.931] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0180.931] GdipRestoreGraphics (graphics=0x6600030, state=0xfbca0dbd) returned 0x0
[0180.931] GdipDeleteRegion (region=0x6646718) returned 0x0
[0180.931] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0180.931] GetCurrentObject (hdc=0x9501065e, type=0x1) returned 0xb00017
[0180.932] GetCurrentObject (hdc=0x9501065e, type=0x2) returned 0x900010
[0180.932] GetCurrentObject (hdc=0x9501065e, type=0x7) returned 0x4a0507fe
[0180.932] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.932] SaveDC (hdc=0x9501065e) returned 1
[0180.932] GetNearestColor (hdc=0x9501065e, color=0xf0f0f0) returned 0xf0f0f0
[0180.932] GetNearestColor (hdc=0x9501065e, color=0xa0a0a0) returned 0xa0a0a0
[0180.932] GetNearestColor (hdc=0x9501065e, color=0x696969) returned 0x696969
[0180.932] GetNearestColor (hdc=0x9501065e, color=0xa0a0a0) returned 0xa0a0a0
[0180.932] GetNearestColor (hdc=0x9501065e, color=0x0) returned 0x0
[0180.932] GetNearestColor (hdc=0x9501065e, color=0xffffff) returned 0xffffff
[0180.932] GetNearestColor (hdc=0x9501065e, color=0xe5e5e5) returned 0xe5e5e5
[0180.932] GetNearestColor (hdc=0x9501065e, color=0xd7d7d7) returned 0xd7d7d7
[0180.932] GetNearestColor (hdc=0x9501065e, color=0x0) returned 0x0
[0180.932] RestoreDC (hdc=0x9501065e, nSavedDC=-1) returned 1
[0180.932] GdipReleaseDC (graphics=0x6600030, hdc=0x9501065e) returned 0x0
[0180.932] IsAppThemed () returned 0x1
[0180.932] GetThemeAppProperties () returned 0x3
[0180.932] GetThemeAppProperties () returned 0x3
[0180.933] GdipGetImageWidth (image=0x6603430, width=0xd7e168) returned 0x0
[0180.933] GdipGetImageHeight (image=0x6603430, height=0xd7e168) returned 0x0
[0180.933] IsAppThemed () returned 0x1
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d417f0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0180.933] IsAppThemed () returned 0x1
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] IsAppThemed () returned 0x1
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] GetFocus () returned 0xf013e
[0180.933] IsAppThemed () returned 0x1
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] IsAppThemed () returned 0x1
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] GetThemeAppProperties () returned 0x3
[0180.933] IsThemePartDefined () returned 0x1
[0180.933] IsAppThemed () returned 0x1
[0180.933] GetThemeAppProperties () returned 0x3
[0180.934] GetThemeAppProperties () returned 0x3
[0180.934] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0180.934] IsAppThemed () returned 0x1
[0180.934] GetThemeAppProperties () returned 0x3
[0180.934] GetThemeAppProperties () returned 0x3
[0180.934] IsAppThemed () returned 0x1
[0180.934] GetThemeAppProperties () returned 0x3
[0180.934] GetThemeAppProperties () returned 0x3
[0180.934] IsThemePartDefined () returned 0x1
[0180.934] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0180.934] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0180.934] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0180.934] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0180.934] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dff0) returned 0x0
[0180.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0180.934] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea60) returned 0x0
[0180.934] LocalFree (hMem=0x11eea60) returned 0x0
[0180.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0180.979] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eead0) returned 0x0
[0180.979] LocalFree (hMem=0x11eead0) returned 0x0
[0180.979] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0180.979] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e018) returned 0x0
[0180.979] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e008) returned 0x0
[0180.979] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0180.979] GdipDeleteRegion (region=0x6646718) returned 0x0
[0180.979] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0180.980] GetCurrentObject (hdc=0x9501065e, type=0x1) returned 0xb00017
[0180.980] GetCurrentObject (hdc=0x9501065e, type=0x2) returned 0x900010
[0180.980] GetCurrentObject (hdc=0x9501065e, type=0x7) returned 0x4a0507fe
[0180.980] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.980] SaveDC (hdc=0x9501065e) returned 1
[0180.980] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xed040807
[0180.980] GetClipRgn (hdc=0x9501065e, hrgn=0xed040807) returned 0
[0180.980] SelectClipRgn (hdc=0x9501065e, hrgn=0x750407de) returned 2
[0180.980] DeleteObject (ho=0xed040807) returned 1
[0180.980] DeleteObject (ho=0x750407de) returned 1
[0180.980] OffsetViewportOrgEx (in: hdc=0x9501065e, x=0, y=0, lppt=0x2d41ea0 | out: lppt=0x2d41ea0) returned 1
[0180.980] DrawThemeParentBackground () returned 0x0
[0180.981] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0180.981] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0180.981] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.981] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.981] GetSystemMetrics (nIndex=42) returned 0
[0180.981] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.981] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0180.981] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0180.981] GetCurrentObject (hdc=0x9501065e, type=0x1) returned 0xb00017
[0180.981] GetCurrentObject (hdc=0x9501065e, type=0x2) returned 0x900010
[0180.985] GetCurrentObject (hdc=0x9501065e, type=0x7) returned 0x4a0507fe
[0180.986] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.986] SaveDC (hdc=0x9501065e) returned 2
[0180.986] GetNearestColor (hdc=0x9501065e, color=0xf0f0f0) returned 0xf0f0f0
[0180.986] CreateSolidBrush (color=0xf0f0f0) returned 0xa31007e1
[0180.986] FillRect (hDC=0x9501065e, lprc=0xd7da38, hbr=0xa31007e1) returned 1
[0180.986] DeleteObject (ho=0xa31007e1) returned 1
[0180.986] RestoreDC (hdc=0x9501065e, nSavedDC=-1) returned 1
[0180.986] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.986] GetSystemMetrics (nIndex=42) returned 0
[0180.986] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0180.986] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0180.986] GetCurrentObject (hdc=0x9501065e, type=0x1) returned 0xb00017
[0180.986] GetCurrentObject (hdc=0x9501065e, type=0x2) returned 0x900010
[0180.987] GetCurrentObject (hdc=0x9501065e, type=0x7) returned 0x4a0507fe
[0180.987] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.987] SaveDC (hdc=0x9501065e) returned 2
[0180.987] GetNearestColor (hdc=0x9501065e, color=0xf0f0f0) returned 0xf0f0f0
[0180.987] CreateSolidBrush (color=0xf0f0f0) returned 0xa41007e1
[0180.987] FillRect (hDC=0x9501065e, lprc=0xd7d9d8, hbr=0xa41007e1) returned 1
[0180.987] DeleteObject (ho=0xa41007e1) returned 1
[0180.987] RestoreDC (hdc=0x9501065e, nSavedDC=-1) returned 1
[0180.987] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0180.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0180.987] GetSystemMetrics (nIndex=42) returned 0
[0180.987] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0180.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0180.988] RestoreDC (hdc=0x9501065e, nSavedDC=-1) returned 1
[0180.988] GdipReleaseDC (graphics=0x6600030, hdc=0x9501065e) returned 0x0
[0180.988] IsAppThemed () returned 0x1
[0180.988] GetThemeAppProperties () returned 0x3
[0180.988] GetThemeAppProperties () returned 0x3
[0180.988] IsAppThemed () returned 0x1
[0180.988] GetThemeAppProperties () returned 0x3
[0180.988] GetThemeAppProperties () returned 0x3
[0180.988] IsThemePartDefined () returned 0x1
[0180.988] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0180.988] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0180.988] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0180.988] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0180.988] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0180.988] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0180.988] LocalFree (hMem=0x11ee788) returned 0x0
[0180.988] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0180.989] LocalFree (hMem=0x11ee9f0) returned 0x0
[0180.989] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0180.989] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0180.989] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0180.989] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0180.989] GdipDeleteRegion (region=0x6646448) returned 0x0
[0180.989] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0180.989] GetCurrentObject (hdc=0x9501065e, type=0x1) returned 0xb00017
[0180.989] GetCurrentObject (hdc=0x9501065e, type=0x2) returned 0x900010
[0180.989] GetCurrentObject (hdc=0x9501065e, type=0x7) returned 0x4a0507fe
[0180.989] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.989] SaveDC (hdc=0x9501065e) returned 1
[0180.989] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x760407de
[0180.989] GetClipRgn (hdc=0x9501065e, hrgn=0x760407de) returned 0
[0180.989] SelectClipRgn (hdc=0x9501065e, hrgn=0xef040807) returned 2
[0180.989] DeleteObject (ho=0x760407de) returned 1
[0180.989] DeleteObject (ho=0xef040807) returned 1
[0180.990] OffsetViewportOrgEx (in: hdc=0x9501065e, x=0, y=0, lppt=0x2d4274c | out: lppt=0x2d4274c) returned 1
[0180.990] IsAppThemed () returned 0x1
[0180.990] GetThemeAppProperties () returned 0x3
[0180.990] GetThemeAppProperties () returned 0x3
[0180.990] DrawThemeBackground () returned 0x0
[0180.990] RestoreDC (hdc=0x9501065e, nSavedDC=-1) returned 1
[0180.990] GdipReleaseDC (graphics=0x6600030, hdc=0x9501065e) returned 0x0
[0180.990] GdipCreateRegion (region=0xd7df60) returned 0x0
[0180.990] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0180.990] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0180.990] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0180.990] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df78) returned 0x0
[0180.990] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0180.990] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee910) returned 0x0
[0180.990] LocalFree (hMem=0x11ee910) returned 0x0
[0180.990] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0180.991] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eed00) returned 0x0
[0180.991] LocalFree (hMem=0x11eed00) returned 0x0
[0180.991] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0180.991] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0180.991] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0180.991] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0180.991] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0180.991] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0180.991] GetCurrentObject (hdc=0x9501065e, type=0x1) returned 0xb00017
[0180.991] GetCurrentObject (hdc=0x9501065e, type=0x2) returned 0x900010
[0180.991] GetCurrentObject (hdc=0x9501065e, type=0x7) returned 0x4a0507fe
[0180.991] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.991] SaveDC (hdc=0x9501065e) returned 1
[0180.991] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf0040807
[0180.991] GetClipRgn (hdc=0x9501065e, hrgn=0xf0040807) returned 0
[0180.991] SelectClipRgn (hdc=0x9501065e, hrgn=0x770407de) returned 2
[0180.992] DeleteObject (ho=0xf0040807) returned 1
[0180.992] DeleteObject (ho=0x770407de) returned 1
[0180.992] OffsetViewportOrgEx (in: hdc=0x9501065e, x=0, y=0, lppt=0x2d42a20 | out: lppt=0x2d42a20) returned 1
[0180.992] IsAppThemed () returned 0x1
[0180.992] GetThemeAppProperties () returned 0x3
[0180.992] GetThemeAppProperties () returned 0x3
[0180.992] GetThemeBackgroundContentRect () returned 0x0
[0180.992] RestoreDC (hdc=0x9501065e, nSavedDC=-1) returned 1
[0180.992] GdipReleaseDC (graphics=0x6600030, hdc=0x9501065e) returned 0x0
[0180.992] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0180.992] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0180.992] GdipCloneRegion (region=0x6646958, cloneRegion=0xd7e150) returned 0x0
[0180.992] GdipCombineRegionRectI (region=0x6646a78, rect=0xd7e138, combineMode=0x1) returned 0x0
[0180.992] GdipCombineRegionRectI (region=0x6646a78, rect=0xd7e138, combineMode=0x1) returned 0x0
[0180.992] GdipSetClipRegion (graphics=0x6600030, region=0x6646a78, combineMode=0x0) returned 0x0
[0180.992] GdipGetImageWidth (image=0x6603430, width=0xd7e154) returned 0x0
[0180.992] GdipGetImageHeight (image=0x6603430, height=0xd7e148) returned 0x0
[0180.993] GdipDrawImageRectI (graphics=0x6600030, image=0x6603430, x=4, y=4, width=16, height=16) returned 0x0
[0180.993] GdipSetClipRegion (graphics=0x6600030, region=0x6646958, combineMode=0x0) returned 0x0
[0180.993] IsAppThemed () returned 0x1
[0180.993] GetThemeAppProperties () returned 0x3
[0180.993] GetThemeAppProperties () returned 0x3
[0180.993] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0180.993] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0180.993] GetCurrentObject (hdc=0x9501065e, type=0x1) returned 0xb00017
[0180.993] GetCurrentObject (hdc=0x9501065e, type=0x2) returned 0x900010
[0180.993] GetCurrentObject (hdc=0x9501065e, type=0x7) returned 0x4a0507fe
[0180.993] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.993] SaveDC (hdc=0x9501065e) returned 1
[0180.993] GetTextAlign (hdc=0x9501065e) returned 0x0
[0180.993] GetTextColor (hdc=0x9501065e) returned 0x0
[0180.993] GetCurrentObject (hdc=0x9501065e, type=0x6) returned 0x8a01c2
[0180.994] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0180.994] SelectObject (hdc=0x9501065e, h=0x6d0a0520) returned 0x8a01c2
[0180.994] GetBkMode (hdc=0x9501065e) returned 2
[0180.994] SetBkMode (hdc=0x9501065e, mode=1) returned 2
[0180.994] DrawTextExW (in: hdc=0x9501065e, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d42de0 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0180.994] DrawTextExW (in: hdc=0x9501065e, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d42de0 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0180.995] RestoreDC (hdc=0x9501065e, nSavedDC=-1) returned 1
[0180.995] GdipReleaseDC (graphics=0x6600030, hdc=0x9501065e) returned 0x0
[0180.995] GetFocus () returned 0xf013e
[0180.995] IsAppThemed () returned 0x1
[0180.995] GetThemeAppProperties () returned 0x3
[0180.995] GetThemeAppProperties () returned 0x3
[0180.995] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0180.995] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x9501065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0180.995] GdipReleaseDC (graphics=0x6600030, hdc=0x9501065e) returned 0x0
[0180.995] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0180.995] SelectObject (hdc=0x9501065e, h=0x85000f) returned 0x4a0507fe
[0180.996] DeleteDC (hdc=0x9501065e) returned 1
[0180.996] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0180.996] EndPaint (hWnd=0xf013e, lpPaint=0xd7e24c) returned 1
[0180.996] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0180.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0181.003] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.003] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0181.004] TranslateMessage (lpMsg=0xd7e808) returned 0
[0181.004] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0181.005] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0181.006] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.006] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.006] TranslateMessage (lpMsg=0xd7e808) returned 0
[0181.007] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0181.007] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.007] IsWindowUnicode (hWnd=0xd02da) returned 1
[0181.008] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.008] TranslateMessage (lpMsg=0xd7e808) returned 0
[0181.008] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0181.008] BeginPaint (in: hWnd=0xd02da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0181.008] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.008] CreateCompatibleDC (hdc=0x60100ce) returned 0x8d0107eb
[0181.008] SelectObject (hdc=0x8d0107eb, h=0x4a0507fe) returned 0x85000f
[0181.008] GdipCreateFromHDC (hdc=0x8d0107eb, graphics=0xd7e268) returned 0x0
[0181.008] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0181.008] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0181.009] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0181.009] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0181.009] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0181.009] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.009] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0181.009] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.009] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0181.009] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0181.009] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0181.009] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0181.009] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0181.009] GdipRestoreGraphics (graphics=0x6600030, state=0xfbc80dbd) returned 0x0
[0181.009] GdipDeleteRegion (region=0x6646718) returned 0x0
[0181.009] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0181.009] GetCurrentObject (hdc=0x8d0107eb, type=0x1) returned 0xb00017
[0181.009] GetCurrentObject (hdc=0x8d0107eb, type=0x2) returned 0x900010
[0181.009] GetCurrentObject (hdc=0x8d0107eb, type=0x7) returned 0x4a0507fe
[0181.010] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.010] SaveDC (hdc=0x8d0107eb) returned 1
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0xa0a0a0) returned 0xa0a0a0
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0x696969) returned 0x696969
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0xa0a0a0) returned 0xa0a0a0
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0x0) returned 0x0
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0xffffff) returned 0xffffff
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0xe5e5e5) returned 0xe5e5e5
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0xd7d7d7) returned 0xd7d7d7
[0181.010] GetNearestColor (hdc=0x8d0107eb, color=0x0) returned 0x0
[0181.010] RestoreDC (hdc=0x8d0107eb, nSavedDC=-1) returned 1
[0181.011] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107eb) returned 0x0
[0181.011] IsAppThemed () returned 0x1
[0181.011] GetThemeAppProperties () returned 0x3
[0181.011] GetThemeAppProperties () returned 0x3
[0181.011] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0181.011] SendMessageW (hWnd=0xf02d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0181.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0181.011] IsAppThemed () returned 0x1
[0181.011] GetThemeAppProperties () returned 0x3
[0181.011] GetThemeAppProperties () returned 0x3
[0181.011] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d435f0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0181.011] IsAppThemed () returned 0x1
[0181.011] GetThemeAppProperties () returned 0x3
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] IsAppThemed () returned 0x1
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] IsAppThemed () returned 0x1
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] IsAppThemed () returned 0x1
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] IsThemePartDefined () returned 0x1
[0181.012] IsAppThemed () returned 0x1
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0181.012] IsAppThemed () returned 0x1
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] GetThemeAppProperties () returned 0x3
[0181.012] IsAppThemed () returned 0x1
[0181.019] GetThemeAppProperties () returned 0x3
[0181.019] GetThemeAppProperties () returned 0x3
[0181.019] IsThemePartDefined () returned 0x1
[0181.019] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0181.019] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0181.019] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0181.019] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0181.019] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfe4) returned 0x0
[0181.019] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.019] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0181.019] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.020] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0181.020] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0181.020] LocalFree (hMem=0x11ee9f0) returned 0x0
[0181.020] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0181.020] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0181.020] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0181.020] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0181.020] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0181.020] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0181.020] GetCurrentObject (hdc=0x8d0107eb, type=0x1) returned 0xb00017
[0181.020] GetCurrentObject (hdc=0x8d0107eb, type=0x2) returned 0x900010
[0181.020] GetCurrentObject (hdc=0x8d0107eb, type=0x7) returned 0x4a0507fe
[0181.020] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.020] SaveDC (hdc=0x8d0107eb) returned 1
[0181.020] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x780407de
[0181.020] GetClipRgn (hdc=0x8d0107eb, hrgn=0x780407de) returned 0
[0181.021] SelectClipRgn (hdc=0x8d0107eb, hrgn=0xf4040807) returned 2
[0181.021] DeleteObject (ho=0x780407de) returned 1
[0181.021] DeleteObject (ho=0xf4040807) returned 1
[0181.021] OffsetViewportOrgEx (in: hdc=0x8d0107eb, x=0, y=0, lppt=0x2d43ca0 | out: lppt=0x2d43ca0) returned 1
[0181.021] DrawThemeParentBackground () returned 0x0
[0181.021] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0181.021] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0181.021] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.021] GetSystemMetrics (nIndex=42) returned 0
[0181.021] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0181.021] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0181.021] GetCurrentObject (hdc=0x8d0107eb, type=0x1) returned 0xb00017
[0181.022] GetCurrentObject (hdc=0x8d0107eb, type=0x2) returned 0x900010
[0181.022] GetCurrentObject (hdc=0x8d0107eb, type=0x7) returned 0x4a0507fe
[0181.022] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.022] SaveDC (hdc=0x8d0107eb) returned 2
[0181.022] GetNearestColor (hdc=0x8d0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0181.022] CreateSolidBrush (color=0xf0f0f0) returned 0xa51007e1
[0181.022] FillRect (hDC=0x8d0107eb, lprc=0xd7da30, hbr=0xa51007e1) returned 1
[0181.022] DeleteObject (ho=0xa51007e1) returned 1
[0181.022] RestoreDC (hdc=0x8d0107eb, nSavedDC=-1) returned 1
[0181.022] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.022] GetSystemMetrics (nIndex=42) returned 0
[0181.022] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0181.023] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0181.023] GetCurrentObject (hdc=0x8d0107eb, type=0x1) returned 0xb00017
[0181.023] GetCurrentObject (hdc=0x8d0107eb, type=0x2) returned 0x900010
[0181.023] GetCurrentObject (hdc=0x8d0107eb, type=0x7) returned 0x4a0507fe
[0181.023] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.023] SaveDC (hdc=0x8d0107eb) returned 2
[0181.023] GetNearestColor (hdc=0x8d0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0181.023] CreateSolidBrush (color=0xf0f0f0) returned 0xa61007e1
[0181.023] FillRect (hDC=0x8d0107eb, lprc=0xd7d9d0, hbr=0xa61007e1) returned 1
[0181.023] DeleteObject (ho=0xa61007e1) returned 1
[0181.023] RestoreDC (hdc=0x8d0107eb, nSavedDC=-1) returned 1
[0181.023] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.023] GetSystemMetrics (nIndex=42) returned 0
[0181.023] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0181.024] RestoreDC (hdc=0x8d0107eb, nSavedDC=-1) returned 1
[0181.024] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107eb) returned 0x0
[0181.024] IsAppThemed () returned 0x1
[0181.024] GetThemeAppProperties () returned 0x3
[0181.024] GetThemeAppProperties () returned 0x3
[0181.024] IsAppThemed () returned 0x1
[0181.024] GetThemeAppProperties () returned 0x3
[0181.024] GetThemeAppProperties () returned 0x3
[0181.024] IsThemePartDefined () returned 0x1
[0181.024] GdipCreateRegion (region=0xd7df50) returned 0x0
[0181.024] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0181.024] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0181.024] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0181.024] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df68) returned 0x0
[0181.024] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0181.024] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0181.025] LocalFree (hMem=0x11ee9f0) returned 0x0
[0181.025] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0181.025] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0181.025] LocalFree (hMem=0x11eead0) returned 0x0
[0181.025] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0181.025] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df90) returned 0x0
[0181.025] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df80) returned 0x0
[0181.025] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0181.025] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0181.025] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0181.025] GetCurrentObject (hdc=0x8d0107eb, type=0x1) returned 0xb00017
[0181.025] GetCurrentObject (hdc=0x8d0107eb, type=0x2) returned 0x900010
[0181.025] GetCurrentObject (hdc=0x8d0107eb, type=0x7) returned 0x4a0507fe
[0181.025] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.025] SaveDC (hdc=0x8d0107eb) returned 1
[0181.025] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf5040807
[0181.025] GetClipRgn (hdc=0x8d0107eb, hrgn=0xf5040807) returned 0
[0181.026] SelectClipRgn (hdc=0x8d0107eb, hrgn=0x7a0407de) returned 2
[0181.026] DeleteObject (ho=0xf5040807) returned 1
[0181.026] DeleteObject (ho=0x7a0407de) returned 1
[0181.026] OffsetViewportOrgEx (in: hdc=0x8d0107eb, x=0, y=0, lppt=0x2d4454c | out: lppt=0x2d4454c) returned 1
[0181.026] IsAppThemed () returned 0x1
[0181.026] GetThemeAppProperties () returned 0x3
[0181.026] GetThemeAppProperties () returned 0x3
[0181.026] DrawThemeBackground () returned 0x0
[0181.026] RestoreDC (hdc=0x8d0107eb, nSavedDC=-1) returned 1
[0181.026] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107eb) returned 0x0
[0181.026] GdipCreateRegion (region=0xd7df54) returned 0x0
[0181.026] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0181.026] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0181.026] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0181.026] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df6c) returned 0x0
[0181.026] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0181.026] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0181.027] LocalFree (hMem=0x11ee788) returned 0x0
[0181.027] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0181.027] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eead0) returned 0x0
[0181.027] LocalFree (hMem=0x11eead0) returned 0x0
[0181.027] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0181.027] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0181.027] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0181.027] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0181.027] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.027] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0181.027] GetCurrentObject (hdc=0x8d0107eb, type=0x1) returned 0xb00017
[0181.027] GetCurrentObject (hdc=0x8d0107eb, type=0x2) returned 0x900010
[0181.027] GetCurrentObject (hdc=0x8d0107eb, type=0x7) returned 0x4a0507fe
[0181.027] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.027] SaveDC (hdc=0x8d0107eb) returned 1
[0181.027] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7b0407de
[0181.028] GetClipRgn (hdc=0x8d0107eb, hrgn=0x7b0407de) returned 0
[0181.028] SelectClipRgn (hdc=0x8d0107eb, hrgn=0xf6040807) returned 2
[0181.028] DeleteObject (ho=0x7b0407de) returned 1
[0181.028] DeleteObject (ho=0xf6040807) returned 1
[0181.028] OffsetViewportOrgEx (in: hdc=0x8d0107eb, x=0, y=0, lppt=0x2d44820 | out: lppt=0x2d44820) returned 1
[0181.028] IsAppThemed () returned 0x1
[0181.028] GetThemeAppProperties () returned 0x3
[0181.028] GetThemeAppProperties () returned 0x3
[0181.028] GetThemeBackgroundContentRect () returned 0x0
[0181.029] RestoreDC (hdc=0x8d0107eb, nSavedDC=-1) returned 1
[0181.029] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107eb) returned 0x0
[0181.029] IsAppThemed () returned 0x1
[0181.029] GetThemeAppProperties () returned 0x3
[0181.029] GetThemeAppProperties () returned 0x3
[0181.029] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0181.029] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0181.029] GetCurrentObject (hdc=0x8d0107eb, type=0x1) returned 0xb00017
[0181.029] GetCurrentObject (hdc=0x8d0107eb, type=0x2) returned 0x900010
[0181.029] GetCurrentObject (hdc=0x8d0107eb, type=0x7) returned 0x4a0507fe
[0181.029] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.029] SaveDC (hdc=0x8d0107eb) returned 1
[0181.029] GetTextAlign (hdc=0x8d0107eb) returned 0x0
[0181.029] GetTextColor (hdc=0x8d0107eb) returned 0x0
[0181.029] GetCurrentObject (hdc=0x8d0107eb, type=0x6) returned 0x8a01c2
[0181.030] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0181.030] SelectObject (hdc=0x8d0107eb, h=0x6d0a0520) returned 0x8a01c2
[0181.030] GetBkMode (hdc=0x8d0107eb) returned 2
[0181.030] SetBkMode (hdc=0x8d0107eb, mode=1) returned 2
[0181.030] DrawTextExW (in: hdc=0x8d0107eb, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d44bc0 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0181.030] DrawTextExW (in: hdc=0x8d0107eb, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d44bc0 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0181.031] RestoreDC (hdc=0x8d0107eb, nSavedDC=-1) returned 1
[0181.031] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107eb) returned 0x0
[0181.031] GetFocus () returned 0xf013e
[0181.031] IsAppThemed () returned 0x1
[0181.031] GetThemeAppProperties () returned 0x3
[0181.031] GetThemeAppProperties () returned 0x3
[0181.031] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0181.031] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x8d0107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0181.031] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107eb) returned 0x0
[0181.031] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.031] SelectObject (hdc=0x8d0107eb, h=0x85000f) returned 0x4a0507fe
[0181.031] DeleteDC (hdc=0x8d0107eb) returned 1
[0181.031] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0181.032] EndPaint (hWnd=0xd02da, lpPaint=0xd7e24c) returned 1
[0181.032] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.032] IsWindowUnicode (hWnd=0x1000ea) returned 1
[0181.032] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.032] TranslateMessage (lpMsg=0xd7e808) returned 0
[0181.032] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0181.032] BeginPaint (in: hWnd=0x1000ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0181.032] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.032] CreateCompatibleDC (hdc=0xc0107c5) returned 0x8f0107eb
[0181.032] SelectObject (hdc=0x8f0107eb, h=0x4a0507fe) returned 0x85000f
[0181.033] GdipCreateFromHDC (hdc=0x8f0107eb, graphics=0xd7e268) returned 0x0
[0181.033] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0181.033] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0181.033] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0181.033] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0181.033] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0181.033] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.033] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0181.033] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.033] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0181.033] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0181.033] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0181.033] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0181.033] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0181.034] GdipRestoreGraphics (graphics=0x6600030, state=0xfbc60dbd) returned 0x0
[0181.034] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.034] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0181.034] GetCurrentObject (hdc=0x8f0107eb, type=0x1) returned 0xb00017
[0181.034] GetCurrentObject (hdc=0x8f0107eb, type=0x2) returned 0x900010
[0181.034] GetCurrentObject (hdc=0x8f0107eb, type=0x7) returned 0x4a0507fe
[0181.034] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.034] SaveDC (hdc=0x8f0107eb) returned 1
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0xa0a0a0) returned 0xa0a0a0
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0x696969) returned 0x696969
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0xa0a0a0) returned 0xa0a0a0
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0x0) returned 0x0
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0xffffff) returned 0xffffff
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0xe5e5e5) returned 0xe5e5e5
[0181.034] GetNearestColor (hdc=0x8f0107eb, color=0xd7d7d7) returned 0xd7d7d7
[0181.035] GetNearestColor (hdc=0x8f0107eb, color=0x0) returned 0x0
[0181.035] RestoreDC (hdc=0x8f0107eb, nSavedDC=-1) returned 1
[0181.035] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107eb) returned 0x0
[0181.035] IsAppThemed () returned 0x1
[0181.035] GetThemeAppProperties () returned 0x3
[0181.035] GetThemeAppProperties () returned 0x3
[0181.035] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0181.035] SendMessageW (hWnd=0xf02d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0181.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0181.035] IsAppThemed () returned 0x1
[0181.035] GetThemeAppProperties () returned 0x3
[0181.035] GetThemeAppProperties () returned 0x3
[0181.035] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d453d0 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0181.036] IsAppThemed () returned 0x1
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] IsAppThemed () returned 0x1
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] GetFocus () returned 0xf013e
[0181.036] IsAppThemed () returned 0x1
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] IsAppThemed () returned 0x1
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] IsThemePartDefined () returned 0x1
[0181.036] IsAppThemed () returned 0x1
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] GetThemeAppProperties () returned 0x3
[0181.036] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0181.036] IsAppThemed () returned 0x1
[0181.037] GetThemeAppProperties () returned 0x3
[0181.037] GetThemeAppProperties () returned 0x3
[0181.037] IsAppThemed () returned 0x1
[0181.037] GetThemeAppProperties () returned 0x3
[0181.037] GetThemeAppProperties () returned 0x3
[0181.037] IsThemePartDefined () returned 0x1
[0181.037] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0181.037] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0181.037] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0181.037] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0181.037] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0181.037] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0181.037] LocalFree (hMem=0x11ee788) returned 0x0
[0181.037] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eead0) returned 0x0
[0181.037] LocalFree (hMem=0x11eead0) returned 0x0
[0181.037] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0181.037] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e018) returned 0x0
[0181.037] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e008) returned 0x0
[0181.037] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0181.037] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0181.038] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0181.038] GetCurrentObject (hdc=0x8f0107eb, type=0x1) returned 0xb00017
[0181.038] GetCurrentObject (hdc=0x8f0107eb, type=0x2) returned 0x900010
[0181.038] GetCurrentObject (hdc=0x8f0107eb, type=0x7) returned 0x4a0507fe
[0181.038] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.038] SaveDC (hdc=0x8f0107eb) returned 1
[0181.038] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf7040807
[0181.038] GetClipRgn (hdc=0x8f0107eb, hrgn=0xf7040807) returned 0
[0181.038] SelectClipRgn (hdc=0x8f0107eb, hrgn=0x7f0407de) returned 2
[0181.038] DeleteObject (ho=0xf7040807) returned 1
[0181.038] DeleteObject (ho=0x7f0407de) returned 1
[0181.038] OffsetViewportOrgEx (in: hdc=0x8f0107eb, x=0, y=0, lppt=0x2d45a80 | out: lppt=0x2d45a80) returned 1
[0181.038] DrawThemeParentBackground () returned 0x0
[0181.038] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0181.039] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0181.039] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.039] GetSystemMetrics (nIndex=42) returned 0
[0181.039] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0181.039] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0181.039] GetCurrentObject (hdc=0x8f0107eb, type=0x1) returned 0xb00017
[0181.039] GetCurrentObject (hdc=0x8f0107eb, type=0x2) returned 0x900010
[0181.039] GetCurrentObject (hdc=0x8f0107eb, type=0x7) returned 0x4a0507fe
[0181.039] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.039] SaveDC (hdc=0x8f0107eb) returned 2
[0181.039] GetNearestColor (hdc=0x8f0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0181.039] CreateSolidBrush (color=0xf0f0f0) returned 0xa71007e1
[0181.039] FillRect (hDC=0x8f0107eb, lprc=0xd7da38, hbr=0xa71007e1) returned 1
[0181.039] DeleteObject (ho=0xa71007e1) returned 1
[0181.040] RestoreDC (hdc=0x8f0107eb, nSavedDC=-1) returned 1
[0181.040] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.040] GetSystemMetrics (nIndex=42) returned 0
[0181.040] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0181.040] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0181.040] GetCurrentObject (hdc=0x8f0107eb, type=0x1) returned 0xb00017
[0181.040] GetCurrentObject (hdc=0x8f0107eb, type=0x2) returned 0x900010
[0181.040] GetCurrentObject (hdc=0x8f0107eb, type=0x7) returned 0x4a0507fe
[0181.040] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.040] SaveDC (hdc=0x8f0107eb) returned 2
[0181.040] GetNearestColor (hdc=0x8f0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0181.040] CreateSolidBrush (color=0xf0f0f0) returned 0xa81007e1
[0181.040] FillRect (hDC=0x8f0107eb, lprc=0xd7d9d8, hbr=0xa81007e1) returned 1
[0181.041] DeleteObject (ho=0xa81007e1) returned 1
[0181.041] RestoreDC (hdc=0x8f0107eb, nSavedDC=-1) returned 1
[0181.041] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.041] GetSystemMetrics (nIndex=42) returned 0
[0181.041] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0181.041] RestoreDC (hdc=0x8f0107eb, nSavedDC=-1) returned 1
[0181.041] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107eb) returned 0x0
[0181.041] IsAppThemed () returned 0x1
[0181.041] GetThemeAppProperties () returned 0x3
[0181.041] GetThemeAppProperties () returned 0x3
[0181.041] IsAppThemed () returned 0x1
[0181.042] GetThemeAppProperties () returned 0x3
[0181.042] GetThemeAppProperties () returned 0x3
[0181.042] IsThemePartDefined () returned 0x1
[0181.042] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0181.042] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0181.042] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0181.042] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0181.042] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df74) returned 0x0
[0181.042] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0181.042] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0181.042] LocalFree (hMem=0x11ee868) returned 0x0
[0181.042] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0181.042] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0181.042] LocalFree (hMem=0x11ee9f0) returned 0x0
[0181.042] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0181.042] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0181.042] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0181.042] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0181.042] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0181.043] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0181.043] GetCurrentObject (hdc=0x8f0107eb, type=0x1) returned 0xb00017
[0181.043] GetCurrentObject (hdc=0x8f0107eb, type=0x2) returned 0x900010
[0181.043] GetCurrentObject (hdc=0x8f0107eb, type=0x7) returned 0x4a0507fe
[0181.043] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.043] SaveDC (hdc=0x8f0107eb) returned 1
[0181.043] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x800407de
[0181.043] GetClipRgn (hdc=0x8f0107eb, hrgn=0x800407de) returned 0
[0181.043] SelectClipRgn (hdc=0x8f0107eb, hrgn=0xf9040807) returned 2
[0181.043] DeleteObject (ho=0x800407de) returned 1
[0181.043] DeleteObject (ho=0xf9040807) returned 1
[0181.043] OffsetViewportOrgEx (in: hdc=0x8f0107eb, x=0, y=0, lppt=0x2d4632c | out: lppt=0x2d4632c) returned 1
[0181.043] IsAppThemed () returned 0x1
[0181.043] GetThemeAppProperties () returned 0x3
[0181.043] GetThemeAppProperties () returned 0x3
[0181.044] DrawThemeBackground () returned 0x0
[0181.044] RestoreDC (hdc=0x8f0107eb, nSavedDC=-1) returned 1
[0181.050] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107eb) returned 0x0
[0181.050] GdipCreateRegion (region=0xd7df60) returned 0x0
[0181.050] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0181.050] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0181.050] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0181.050] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df78) returned 0x0
[0181.050] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0181.050] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0181.050] LocalFree (hMem=0x11ee788) returned 0x0
[0181.051] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0181.051] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0181.051] LocalFree (hMem=0x11ee868) returned 0x0
[0181.051] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0181.051] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0181.051] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0181.051] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0181.051] GdipDeleteRegion (region=0x6646298) returned 0x0
[0181.051] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0181.051] GetCurrentObject (hdc=0x8f0107eb, type=0x1) returned 0xb00017
[0181.051] GetCurrentObject (hdc=0x8f0107eb, type=0x2) returned 0x900010
[0181.051] GetCurrentObject (hdc=0x8f0107eb, type=0x7) returned 0x4a0507fe
[0181.051] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.051] SaveDC (hdc=0x8f0107eb) returned 1
[0181.051] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa040807
[0181.051] GetClipRgn (hdc=0x8f0107eb, hrgn=0xfa040807) returned 0
[0181.052] SelectClipRgn (hdc=0x8f0107eb, hrgn=0x810407de) returned 2
[0181.052] DeleteObject (ho=0xfa040807) returned 1
[0181.052] DeleteObject (ho=0x810407de) returned 1
[0181.052] OffsetViewportOrgEx (in: hdc=0x8f0107eb, x=0, y=0, lppt=0x2d46600 | out: lppt=0x2d46600) returned 1
[0181.052] IsAppThemed () returned 0x1
[0181.052] GetThemeAppProperties () returned 0x3
[0181.052] GetThemeAppProperties () returned 0x3
[0181.052] GetThemeBackgroundContentRect () returned 0x0
[0181.052] RestoreDC (hdc=0x8f0107eb, nSavedDC=-1) returned 1
[0181.052] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107eb) returned 0x0
[0181.052] IsAppThemed () returned 0x1
[0181.052] GetThemeAppProperties () returned 0x3
[0181.052] GetThemeAppProperties () returned 0x3
[0181.052] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0181.052] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0181.052] GetCurrentObject (hdc=0x8f0107eb, type=0x1) returned 0xb00017
[0181.052] GetCurrentObject (hdc=0x8f0107eb, type=0x2) returned 0x900010
[0181.053] GetCurrentObject (hdc=0x8f0107eb, type=0x7) returned 0x4a0507fe
[0181.053] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.053] SaveDC (hdc=0x8f0107eb) returned 1
[0181.053] GetTextAlign (hdc=0x8f0107eb) returned 0x0
[0181.053] GetTextColor (hdc=0x8f0107eb) returned 0x0
[0181.053] GetCurrentObject (hdc=0x8f0107eb, type=0x6) returned 0x8a01c2
[0181.053] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0181.053] SelectObject (hdc=0x8f0107eb, h=0x6d0a0520) returned 0x8a01c2
[0181.053] GetBkMode (hdc=0x8f0107eb) returned 2
[0181.053] SetBkMode (hdc=0x8f0107eb, mode=1) returned 2
[0181.053] DrawTextExW (in: hdc=0x8f0107eb, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d469a0 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0181.054] DrawTextExW (in: hdc=0x8f0107eb, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d469a0 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0181.054] RestoreDC (hdc=0x8f0107eb, nSavedDC=-1) returned 1
[0181.054] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107eb) returned 0x0
[0181.054] GetFocus () returned 0xf013e
[0181.054] IsAppThemed () returned 0x1
[0181.054] GetThemeAppProperties () returned 0x3
[0181.054] GetThemeAppProperties () returned 0x3
[0181.054] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0181.054] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x8f0107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0181.055] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107eb) returned 0x0
[0181.055] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.055] SelectObject (hdc=0x8f0107eb, h=0x85000f) returned 0x4a0507fe
[0181.055] DeleteDC (hdc=0x8f0107eb) returned 1
[0181.055] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0181.055] EndPaint (hWnd=0x1000ea, lpPaint=0xd7e24c) returned 1
[0181.059] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.059] IsWindowUnicode (hWnd=0x602c4) returned 1
[0181.059] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.059] TranslateMessage (lpMsg=0xd7e808) returned 0
[0181.059] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0181.067] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0181.067] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.067] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa401065e
[0181.067] SelectObject (hdc=0xa401065e, h=0x4a0507fe) returned 0x85000f
[0181.067] GdipCreateFromHDC (hdc=0xa401065e, graphics=0xd7e268) returned 0x0
[0181.068] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0181.068] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0181.068] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0181.068] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0181.068] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0181.068] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.068] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0181.068] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.068] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0181.068] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0181.068] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0181.068] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0181.068] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0181.068] GdipRestoreGraphics (graphics=0x6600030, state=0xfbc40dbd) returned 0x0
[0181.068] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0181.069] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0181.069] GetCurrentObject (hdc=0xa401065e, type=0x1) returned 0xb00017
[0181.069] GetCurrentObject (hdc=0xa401065e, type=0x2) returned 0x900010
[0181.069] GetCurrentObject (hdc=0xa401065e, type=0x7) returned 0x4a0507fe
[0181.069] GetCurrentObject (hdc=0xa401065e, type=0x6) returned 0x8a01c2
[0181.069] SaveDC (hdc=0xa401065e) returned 1
[0181.069] GetNearestColor (hdc=0xa401065e, color=0xff) returned 0xff
[0181.069] GetNearestColor (hdc=0xa401065e, color=0x55) returned 0x55
[0181.069] GetNearestColor (hdc=0xa401065e, color=0x0) returned 0x0
[0181.069] GetNearestColor (hdc=0xa401065e, color=0x55) returned 0x55
[0181.069] GetNearestColor (hdc=0xa401065e, color=0x0) returned 0x0
[0181.069] GetNearestColor (hdc=0xa401065e, color=0x8080ff) returned 0x8080ff
[0181.069] GetNearestColor (hdc=0xa401065e, color=0x7373e5) returned 0x7373e5
[0181.069] GetNearestColor (hdc=0xa401065e, color=0xe5) returned 0xe5
[0181.070] GetNearestColor (hdc=0xa401065e, color=0x0) returned 0x0
[0181.070] RestoreDC (hdc=0xa401065e, nSavedDC=-1) returned 1
[0181.070] GdipReleaseDC (graphics=0x6600030, hdc=0xa401065e) returned 0x0
[0181.070] IsAppThemed () returned 0x1
[0181.070] GetThemeAppProperties () returned 0x3
[0181.070] GetThemeAppProperties () returned 0x3
[0181.070] IsAppThemed () returned 0x1
[0181.070] GetThemeAppProperties () returned 0x3
[0181.070] GetThemeAppProperties () returned 0x3
[0181.070] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d47168 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0181.071] IsAppThemed () returned 0x1
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] IsAppThemed () returned 0x1
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] GetFocus () returned 0xf013e
[0181.071] IsAppThemed () returned 0x1
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] IsAppThemed () returned 0x1
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] IsThemePartDefined () returned 0x1
[0181.071] IsAppThemed () returned 0x1
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] GetThemeAppProperties () returned 0x3
[0181.071] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0181.071] IsAppThemed () returned 0x1
[0181.071] GetThemeAppProperties () returned 0x3
[0181.072] GetThemeAppProperties () returned 0x3
[0181.072] IsAppThemed () returned 0x1
[0181.072] GetThemeAppProperties () returned 0x3
[0181.072] GetThemeAppProperties () returned 0x3
[0181.072] IsThemePartDefined () returned 0x1
[0181.072] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0181.072] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0181.072] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0181.072] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0181.072] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0181.072] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.072] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0181.072] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.072] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.072] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0181.072] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.072] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0181.072] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0181.073] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0181.073] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0181.073] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0181.073] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0181.073] GetCurrentObject (hdc=0xa401065e, type=0x1) returned 0xb00017
[0181.073] GetCurrentObject (hdc=0xa401065e, type=0x2) returned 0x900010
[0181.073] GetCurrentObject (hdc=0xa401065e, type=0x7) returned 0x4a0507fe
[0181.073] GetCurrentObject (hdc=0xa401065e, type=0x6) returned 0x8a01c2
[0181.073] SaveDC (hdc=0xa401065e) returned 1
[0181.073] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x820407de
[0181.073] GetClipRgn (hdc=0xa401065e, hrgn=0x820407de) returned 0
[0181.073] SelectClipRgn (hdc=0xa401065e, hrgn=0xfe040807) returned 2
[0181.073] DeleteObject (ho=0x820407de) returned 1
[0181.073] DeleteObject (ho=0xfe040807) returned 1
[0181.073] OffsetViewportOrgEx (in: hdc=0xa401065e, x=0, y=0, lppt=0x2d47818 | out: lppt=0x2d47818) returned 1
[0181.074] DrawThemeParentBackground () returned 0x0
[0181.074] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0181.074] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0181.074] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0181.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.074] GetSystemMetrics (nIndex=42) returned 0
[0181.074] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0181.074] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0181.074] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0181.074] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0181.074] SelectPalette (hdc=0xa401065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.074] GdipCreateFromHDC (hdc=0xa401065e, graphics=0xd7dac8) returned 0x0
[0181.075] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0181.075] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0181.075] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638db8) returned 0x0
[0181.075] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7daa0) returned 0x0
[0181.075] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0181.080] GdipCreateRegion (region=0xd7da88) returned 0x0
[0181.080] GdipGetClip (graphics=0x6669f00, region=0x6646448) returned 0x0
[0181.080] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6669f00, result=0xd7da94) returned 0x0
[0181.080] GdipDeleteRegion (region=0x6646448) returned 0x0
[0181.080] GdipSaveGraphics (graphics=0x6669f00, state=0xd7dac0) returned 0x0
[0181.080] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0181.097] GdipFillRectangleI (graphics=0x6669f00, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0181.097] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0181.099] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0181.099] SelectPalette (hdc=0xa401065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.099] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0181.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.099] GetSystemMetrics (nIndex=42) returned 0
[0181.099] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0181.099] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0181.099] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0181.099] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0181.099] SelectPalette (hdc=0xa401065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.100] GdipCreateFromHDC (hdc=0xa401065e, graphics=0xd7da68) returned 0x0
[0181.100] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0181.100] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0181.100] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638ba8) returned 0x0
[0181.100] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7da40) returned 0x0
[0181.100] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0181.100] GdipCreateRegion (region=0xd7da28) returned 0x0
[0181.100] GdipGetClip (graphics=0x6669f00, region=0x6646c28) returned 0x0
[0181.100] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6669f00, result=0xd7da34) returned 0x0
[0181.100] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0181.100] GdipSaveGraphics (graphics=0x6669f00, state=0xd7da60) returned 0x0
[0181.100] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0181.112] GdipFillRectangleI (graphics=0x6669f00, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0181.112] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0181.114] GdipRestoreGraphics (graphics=0x6669f00, state=0xfbc00dbd) returned 0x0
[0181.114] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0181.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.114] GetSystemMetrics (nIndex=42) returned 0
[0181.114] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0181.114] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0181.114] SelectPalette (hdc=0xa401065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.114] RestoreDC (hdc=0xa401065e, nSavedDC=-1) returned 1
[0181.115] GdipReleaseDC (graphics=0x6600030, hdc=0xa401065e) returned 0x0
[0181.115] IsAppThemed () returned 0x1
[0181.115] GetThemeAppProperties () returned 0x3
[0181.115] GetThemeAppProperties () returned 0x3
[0181.115] IsAppThemed () returned 0x1
[0181.115] GetThemeAppProperties () returned 0x3
[0181.115] GetThemeAppProperties () returned 0x3
[0181.115] IsThemePartDefined () returned 0x1
[0181.115] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0181.115] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0181.115] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0181.115] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0181.115] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0181.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0181.115] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0181.115] LocalFree (hMem=0x11ee788) returned 0x0
[0181.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0181.115] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0181.116] LocalFree (hMem=0x11ee910) returned 0x0
[0181.116] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0181.116] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0181.116] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0181.116] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0181.116] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.116] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0181.116] GetCurrentObject (hdc=0xa401065e, type=0x1) returned 0xb00017
[0181.116] GetCurrentObject (hdc=0xa401065e, type=0x2) returned 0x900010
[0181.116] GetCurrentObject (hdc=0xa401065e, type=0x7) returned 0x4a0507fe
[0181.116] GetCurrentObject (hdc=0xa401065e, type=0x6) returned 0x8a01c2
[0181.116] SaveDC (hdc=0xa401065e) returned 1
[0181.116] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff040807
[0181.116] GetClipRgn (hdc=0xa401065e, hrgn=0xff040807) returned 0
[0181.116] SelectClipRgn (hdc=0xa401065e, hrgn=0x840407de) returned 2
[0181.117] DeleteObject (ho=0xff040807) returned 1
[0181.117] DeleteObject (ho=0x840407de) returned 1
[0181.117] OffsetViewportOrgEx (in: hdc=0xa401065e, x=0, y=0, lppt=0x2d4e068 | out: lppt=0x2d4e068) returned 1
[0181.117] IsAppThemed () returned 0x1
[0181.169] GetThemeAppProperties () returned 0x3
[0181.169] GetThemeAppProperties () returned 0x3
[0181.169] DrawThemeBackground () returned 0x0
[0181.170] RestoreDC (hdc=0xa401065e, nSavedDC=-1) returned 1
[0181.170] GdipReleaseDC (graphics=0x6600030, hdc=0xa401065e) returned 0x0
[0181.170] GdipCreateRegion (region=0xd7df60) returned 0x0
[0181.170] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0181.170] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0181.170] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0181.170] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0181.170] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0181.170] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea98) returned 0x0
[0181.170] LocalFree (hMem=0x11eea98) returned 0x0
[0181.170] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0181.170] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0181.170] LocalFree (hMem=0x11ee910) returned 0x0
[0181.170] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0181.171] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0181.171] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0181.171] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0181.171] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.171] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0181.171] GetCurrentObject (hdc=0xa401065e, type=0x1) returned 0xb00017
[0181.171] GetCurrentObject (hdc=0xa401065e, type=0x2) returned 0x900010
[0181.171] GetCurrentObject (hdc=0xa401065e, type=0x7) returned 0x4a0507fe
[0181.171] GetCurrentObject (hdc=0xa401065e, type=0x6) returned 0x8a01c2
[0181.171] SaveDC (hdc=0xa401065e) returned 1
[0181.171] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x850407de
[0181.171] GetClipRgn (hdc=0xa401065e, hrgn=0x850407de) returned 0
[0181.171] SelectClipRgn (hdc=0xa401065e, hrgn=0x40807) returned 2
[0181.171] DeleteObject (ho=0x850407de) returned 1
[0181.171] DeleteObject (ho=0x40807) returned 1
[0181.171] OffsetViewportOrgEx (in: hdc=0xa401065e, x=0, y=0, lppt=0x2d4e33c | out: lppt=0x2d4e33c) returned 1
[0181.171] IsAppThemed () returned 0x1
[0181.172] GetThemeAppProperties () returned 0x3
[0181.172] GetThemeAppProperties () returned 0x3
[0181.172] GetThemeBackgroundContentRect () returned 0x0
[0181.172] RestoreDC (hdc=0xa401065e, nSavedDC=-1) returned 1
[0181.172] GdipReleaseDC (graphics=0x6600030, hdc=0xa401065e) returned 0x0
[0181.172] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0181.172] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0181.172] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0181.172] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0181.172] IsAppThemed () returned 0x1
[0181.172] GetThemeAppProperties () returned 0x3
[0181.172] GetThemeAppProperties () returned 0x3
[0181.172] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0181.172] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0181.172] GetCurrentObject (hdc=0xa401065e, type=0x1) returned 0xb00017
[0181.172] GetCurrentObject (hdc=0xa401065e, type=0x2) returned 0x900010
[0181.172] GetCurrentObject (hdc=0xa401065e, type=0x7) returned 0x4a0507fe
[0181.172] GetCurrentObject (hdc=0xa401065e, type=0x6) returned 0x8a01c2
[0181.173] SaveDC (hdc=0xa401065e) returned 1
[0181.173] GetTextAlign (hdc=0xa401065e) returned 0x0
[0181.173] GetTextColor (hdc=0xa401065e) returned 0x0
[0181.173] GetCurrentObject (hdc=0xa401065e, type=0x6) returned 0x8a01c2
[0181.173] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0181.173] SelectObject (hdc=0xa401065e, h=0x6d0a0520) returned 0x8a01c2
[0181.173] GetBkMode (hdc=0xa401065e) returned 2
[0181.173] SetBkMode (hdc=0xa401065e, mode=1) returned 2
[0181.173] DrawTextExW (in: hdc=0xa401065e, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d4e700 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0181.173] DrawTextExW (in: hdc=0xa401065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d4e700 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0181.174] RestoreDC (hdc=0xa401065e, nSavedDC=-1) returned 1
[0181.174] GdipReleaseDC (graphics=0x6600030, hdc=0xa401065e) returned 0x0
[0181.174] GetFocus () returned 0xf013e
[0181.174] IsAppThemed () returned 0x1
[0181.174] GetThemeAppProperties () returned 0x3
[0181.174] GetThemeAppProperties () returned 0x3
[0181.174] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0181.174] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xa401065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0181.174] GdipReleaseDC (graphics=0x6600030, hdc=0xa401065e) returned 0x0
[0181.175] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.175] SelectObject (hdc=0xa401065e, h=0x85000f) returned 0x4a0507fe
[0181.175] DeleteDC (hdc=0xa401065e) returned 1
[0181.175] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0181.175] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0181.175] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.175] IsWindowUnicode (hWnd=0xd02da) returned 1
[0181.175] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.176] GetDlgItem (hDlg=0xf02d8, nIDDlgItem=0) returned 0x0
[0181.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x210, wParam=0x201, lParam=0x6600fa) returned 0x0
[0181.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x21, wParam=0xf02d8, lParam=0x2010001) returned 0x1
[0181.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x21, wParam=0xf02d8, lParam=0x2010001) returned 0x1
[0181.176] SetCursor (hCursor=0x10003) returned 0x10003
[0181.176] TranslateMessage (lpMsg=0xd7e808) returned 0
[0181.176] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0181.176] GetKeyState (nVirtKey=1) returned -127
[0181.176] GetKeyState (nVirtKey=2) returned 0
[0181.176] GetKeyState (nVirtKey=4) returned 0
[0181.176] GetKeyState (nVirtKey=5) returned 0
[0181.176] GetKeyState (nVirtKey=6) returned 0
[0181.177] IsWindowVisible (hWnd=0xd02da) returned 1
[0181.177] IsWindowEnabled (hWnd=0xd02da) returned 1
[0181.177] SetFocus (hWnd=0xd02da) returned 0xf013e
[0181.177] GetFocus () returned 0xd02da
[0181.178] IsChild (hWndParent=0xf02d8, hWnd=0xd02da) returned 1
[0181.178] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x8, wParam=0xd02da, lParam=0x0) returned 0x0
[0181.178] GetCapture () returned 0x0
[0181.178] InvalidateRect (hWnd=0xf013e, lpRect=0x0, bErase=0) returned 1
[0181.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0181.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0181.182] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0181.182] InvalidateRect (hWnd=0xf013e, lpRect=0x0, bErase=0) returned 1
[0181.182] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0181.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x7, wParam=0xf013e, lParam=0x0) returned 0x0
[0181.182] GetStockObject (i=5) returned 0x900015
[0181.183] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0181.183] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0181.183] GetDlgItem (hDlg=0xf02d8, nIDDlgItem=852698) returned 0xd02da
[0181.183] SendMessageW (hWnd=0xd02da, Msg=0x202b, wParam=0xd02da, lParam=0xd7dddc) returned 0x0
[0181.183] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x202b, wParam=0xd02da, lParam=0xd7dddc) returned 0x0
[0181.183] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0181.192] GetFocus () returned 0xd02da
[0181.192] GetFocus () returned 0xd02da
[0181.192] GetFocus () returned 0xd02da
[0181.192] GetKeyState (nVirtKey=1) returned -127
[0181.192] GetKeyState (nVirtKey=2) returned 0
[0181.193] GetKeyState (nVirtKey=4) returned 0
[0181.193] GetKeyState (nVirtKey=5) returned 0
[0181.193] GetKeyState (nVirtKey=6) returned 0
[0181.193] GetCapture () returned 0x0
[0181.193] SetCapture (hWnd=0xd02da) returned 0x0
[0181.193] GetKeyState (nVirtKey=1) returned -127
[0181.193] GetKeyState (nVirtKey=2) returned 0
[0181.193] GetKeyState (nVirtKey=4) returned 0
[0181.193] GetKeyState (nVirtKey=5) returned 0
[0181.193] GetKeyState (nVirtKey=6) returned 0
[0181.193] NotifyWinEvent (event=0x800a, hwnd=0xd02da, idObject=-4, idChild=0)
[0181.193] InvalidateRect (hWnd=0xd02da, lpRect=0xd7e430, bErase=0) returned 1
[0181.193] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.193] IsWindowUnicode (hWnd=0xd02da) returned 1
[0181.193] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.193] TranslateMessage (lpMsg=0xd7e808) returned 0
[0181.193] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0181.193] MapWindowPoints (in: hWndFrom=0xd02da, hWndTo=0x0, lpPoints=0x2d4e8f0, cPoints=0x1 | out: lpPoints=0x2d4e8f0) returned 30999254
[0181.194] NotifyWinEvent (event=0x800a, hwnd=0xd02da, idObject=-4, idChild=0)
[0181.194] InvalidateRect (hWnd=0xd02da, lpRect=0xd7e3d0, bErase=0) returned 1
[0181.194] UpdateWindow (hWnd=0xd02da) returned 1
[0181.194] BeginPaint (in: hWnd=0xd02da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0181.194] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.194] CreateCompatibleDC (hdc=0x60100ce) returned 0xdc010801
[0181.194] SelectObject (hdc=0xdc010801, h=0x4a0507fe) returned 0x85000f
[0181.194] GdipCreateFromHDC (hdc=0xdc010801, graphics=0xd7df00) returned 0x0
[0181.194] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0181.194] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0181.195] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0181.195] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0181.195] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df60) returned 0x0
[0181.195] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0181.195] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0181.195] LocalFree (hMem=0x11ee788) returned 0x0
[0181.195] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0181.195] GdipCreateRegion (region=0xd7df48) returned 0x0
[0181.195] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0181.195] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df54) returned 0x0
[0181.195] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0181.195] GdipRestoreGraphics (graphics=0x6600030, state=0xfbbe0dbd) returned 0x0
[0181.195] GdipDeleteRegion (region=0x6646298) returned 0x0
[0181.195] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0181.195] GetCurrentObject (hdc=0xdc010801, type=0x1) returned 0xb00017
[0181.195] GetCurrentObject (hdc=0xdc010801, type=0x2) returned 0x900010
[0181.195] GetCurrentObject (hdc=0xdc010801, type=0x7) returned 0x4a0507fe
[0181.196] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.196] SaveDC (hdc=0xdc010801) returned 1
[0181.196] GetNearestColor (hdc=0xdc010801, color=0xf0f0f0) returned 0xf0f0f0
[0181.196] GetNearestColor (hdc=0xdc010801, color=0xa0a0a0) returned 0xa0a0a0
[0181.196] GetNearestColor (hdc=0xdc010801, color=0x696969) returned 0x696969
[0181.196] GetNearestColor (hdc=0xdc010801, color=0xa0a0a0) returned 0xa0a0a0
[0181.196] GetNearestColor (hdc=0xdc010801, color=0x0) returned 0x0
[0181.196] GetNearestColor (hdc=0xdc010801, color=0xffffff) returned 0xffffff
[0181.196] GetNearestColor (hdc=0xdc010801, color=0xe5e5e5) returned 0xe5e5e5
[0181.196] GetNearestColor (hdc=0xdc010801, color=0xd7d7d7) returned 0xd7d7d7
[0181.196] GetNearestColor (hdc=0xdc010801, color=0x0) returned 0x0
[0181.196] RestoreDC (hdc=0xdc010801, nSavedDC=-1) returned 1
[0181.197] GdipReleaseDC (graphics=0x6600030, hdc=0xdc010801) returned 0x0
[0181.197] IsAppThemed () returned 0x1
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] IsAppThemed () returned 0x1
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d4f048 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0181.197] IsAppThemed () returned 0x1
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] IsAppThemed () returned 0x1
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] GetThemeAppProperties () returned 0x3
[0181.197] IsAppThemed () returned 0x1
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] IsAppThemed () returned 0x1
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] IsThemePartDefined () returned 0x1
[0181.198] IsAppThemed () returned 0x1
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0181.198] IsAppThemed () returned 0x1
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] IsAppThemed () returned 0x1
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] GetThemeAppProperties () returned 0x3
[0181.198] IsThemePartDefined () returned 0x1
[0181.198] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0181.198] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0181.198] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0181.198] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0181.199] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc7c) returned 0x0
[0181.199] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.199] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0181.199] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.199] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0181.199] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0181.199] LocalFree (hMem=0x11ee788) returned 0x0
[0181.199] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0181.199] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0181.199] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0181.199] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0181.199] GdipDeleteRegion (region=0x6646718) returned 0x0
[0181.199] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0181.199] GetCurrentObject (hdc=0xdc010801, type=0x1) returned 0xb00017
[0181.199] GetCurrentObject (hdc=0xdc010801, type=0x2) returned 0x900010
[0181.199] GetCurrentObject (hdc=0xdc010801, type=0x7) returned 0x4a0507fe
[0181.200] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.200] SaveDC (hdc=0xdc010801) returned 1
[0181.200] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1040807
[0181.200] GetClipRgn (hdc=0xdc010801, hrgn=0x1040807) returned 0
[0181.200] SelectClipRgn (hdc=0xdc010801, hrgn=0x890407de) returned 2
[0181.204] DeleteObject (ho=0x1040807) returned 1
[0181.204] DeleteObject (ho=0x890407de) returned 1
[0181.204] OffsetViewportOrgEx (in: hdc=0xdc010801, x=0, y=0, lppt=0x2d4f6f8 | out: lppt=0x2d4f6f8) returned 1
[0181.204] DrawThemeParentBackground () returned 0x0
[0181.204] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0181.204] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0181.204] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.204] GetSystemMetrics (nIndex=42) returned 0
[0181.204] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0181.205] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0181.205] GetCurrentObject (hdc=0xdc010801, type=0x1) returned 0xb00017
[0181.205] GetCurrentObject (hdc=0xdc010801, type=0x2) returned 0x900010
[0181.205] GetCurrentObject (hdc=0xdc010801, type=0x7) returned 0x4a0507fe
[0181.205] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.205] SaveDC (hdc=0xdc010801) returned 2
[0181.205] GetNearestColor (hdc=0xdc010801, color=0xf0f0f0) returned 0xf0f0f0
[0181.205] CreateSolidBrush (color=0xf0f0f0) returned 0xa91007e1
[0181.205] FillRect (hDC=0xdc010801, lprc=0xd7d6c8, hbr=0xa91007e1) returned 1
[0181.205] DeleteObject (ho=0xa91007e1) returned 1
[0181.205] RestoreDC (hdc=0xdc010801, nSavedDC=-1) returned 1
[0181.205] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.205] GetSystemMetrics (nIndex=42) returned 0
[0181.206] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0181.206] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0181.206] GetCurrentObject (hdc=0xdc010801, type=0x1) returned 0xb00017
[0181.206] GetCurrentObject (hdc=0xdc010801, type=0x2) returned 0x900010
[0181.206] GetCurrentObject (hdc=0xdc010801, type=0x7) returned 0x4a0507fe
[0181.206] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.206] SaveDC (hdc=0xdc010801) returned 2
[0181.206] GetNearestColor (hdc=0xdc010801, color=0xf0f0f0) returned 0xf0f0f0
[0181.206] CreateSolidBrush (color=0xf0f0f0) returned 0xaa1007e1
[0181.206] FillRect (hDC=0xdc010801, lprc=0xd7d668, hbr=0xaa1007e1) returned 1
[0181.206] DeleteObject (ho=0xaa1007e1) returned 1
[0181.206] RestoreDC (hdc=0xdc010801, nSavedDC=-1) returned 1
[0181.206] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.206] GetSystemMetrics (nIndex=42) returned 0
[0181.207] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0181.207] RestoreDC (hdc=0xdc010801, nSavedDC=-1) returned 1
[0181.207] GdipReleaseDC (graphics=0x6600030, hdc=0xdc010801) returned 0x0
[0181.207] IsAppThemed () returned 0x1
[0181.207] GetThemeAppProperties () returned 0x3
[0181.207] GetThemeAppProperties () returned 0x3
[0181.207] IsAppThemed () returned 0x1
[0181.207] GetThemeAppProperties () returned 0x3
[0181.207] GetThemeAppProperties () returned 0x3
[0181.207] IsThemePartDefined () returned 0x1
[0181.207] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0181.207] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0181.207] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0181.207] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0181.208] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0181.208] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0181.208] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0181.208] LocalFree (hMem=0x11ee788) returned 0x0
[0181.208] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0181.208] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eed00) returned 0x0
[0181.208] LocalFree (hMem=0x11eed00) returned 0x0
[0181.208] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0181.208] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0181.208] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0181.208] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0181.208] GdipDeleteRegion (region=0x6646718) returned 0x0
[0181.208] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0181.208] GetCurrentObject (hdc=0xdc010801, type=0x1) returned 0xb00017
[0181.208] GetCurrentObject (hdc=0xdc010801, type=0x2) returned 0x900010
[0181.208] GetCurrentObject (hdc=0xdc010801, type=0x7) returned 0x4a0507fe
[0181.208] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.209] SaveDC (hdc=0xdc010801) returned 1
[0181.209] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8a0407de
[0181.209] GetClipRgn (hdc=0xdc010801, hrgn=0x8a0407de) returned 0
[0181.209] SelectClipRgn (hdc=0xdc010801, hrgn=0x3040807) returned 2
[0181.209] DeleteObject (ho=0x8a0407de) returned 1
[0181.209] DeleteObject (ho=0x3040807) returned 1
[0181.209] OffsetViewportOrgEx (in: hdc=0xdc010801, x=0, y=0, lppt=0x2d4ffa4 | out: lppt=0x2d4ffa4) returned 1
[0181.209] IsAppThemed () returned 0x1
[0181.209] GetThemeAppProperties () returned 0x3
[0181.209] GetThemeAppProperties () returned 0x3
[0181.209] DrawThemeBackground () returned 0x0
[0181.209] RestoreDC (hdc=0xdc010801, nSavedDC=-1) returned 1
[0181.209] GdipReleaseDC (graphics=0x6600030, hdc=0xdc010801) returned 0x0
[0181.209] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0181.210] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0181.210] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0181.210] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0181.210] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc04) returned 0x0
[0181.210] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0181.210] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0181.210] LocalFree (hMem=0x11eecc8) returned 0x0
[0181.210] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0181.210] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0181.210] LocalFree (hMem=0x11ee9f0) returned 0x0
[0181.210] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0181.210] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0181.210] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0181.210] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0181.210] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.210] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0181.210] GetCurrentObject (hdc=0xdc010801, type=0x1) returned 0xb00017
[0181.211] GetCurrentObject (hdc=0xdc010801, type=0x2) returned 0x900010
[0181.211] GetCurrentObject (hdc=0xdc010801, type=0x7) returned 0x4a0507fe
[0181.211] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.211] SaveDC (hdc=0xdc010801) returned 1
[0181.211] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4040807
[0181.211] GetClipRgn (hdc=0xdc010801, hrgn=0x4040807) returned 0
[0181.211] SelectClipRgn (hdc=0xdc010801, hrgn=0x8b0407de) returned 2
[0181.211] DeleteObject (ho=0x4040807) returned 1
[0181.211] DeleteObject (ho=0x8b0407de) returned 1
[0181.211] OffsetViewportOrgEx (in: hdc=0xdc010801, x=0, y=0, lppt=0x2d50278 | out: lppt=0x2d50278) returned 1
[0181.211] IsAppThemed () returned 0x1
[0181.211] GetThemeAppProperties () returned 0x3
[0181.211] GetThemeAppProperties () returned 0x3
[0181.211] GetThemeBackgroundContentRect () returned 0x0
[0181.211] RestoreDC (hdc=0xdc010801, nSavedDC=-1) returned 1
[0181.212] GdipReleaseDC (graphics=0x6600030, hdc=0xdc010801) returned 0x0
[0181.212] IsAppThemed () returned 0x1
[0181.212] GetThemeAppProperties () returned 0x3
[0181.212] GetThemeAppProperties () returned 0x3
[0181.212] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0181.212] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0181.212] GetCurrentObject (hdc=0xdc010801, type=0x1) returned 0xb00017
[0181.212] GetCurrentObject (hdc=0xdc010801, type=0x2) returned 0x900010
[0181.212] GetCurrentObject (hdc=0xdc010801, type=0x7) returned 0x4a0507fe
[0181.212] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.212] SaveDC (hdc=0xdc010801) returned 1
[0181.212] GetTextAlign (hdc=0xdc010801) returned 0x0
[0181.212] GetTextColor (hdc=0xdc010801) returned 0x0
[0181.212] GetCurrentObject (hdc=0xdc010801, type=0x6) returned 0x8a01c2
[0181.212] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0181.213] SelectObject (hdc=0xdc010801, h=0x6d0a0520) returned 0x8a01c2
[0181.213] GetBkMode (hdc=0xdc010801) returned 2
[0181.213] SetBkMode (hdc=0xdc010801, mode=1) returned 2
[0181.213] DrawTextExW (in: hdc=0xdc010801, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d50618 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0181.213] DrawTextExW (in: hdc=0xdc010801, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d50618 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0181.213] RestoreDC (hdc=0xdc010801, nSavedDC=-1) returned 1
[0181.214] GdipReleaseDC (graphics=0x6600030, hdc=0xdc010801) returned 0x0
[0181.214] GetFocus () returned 0xd02da
[0181.214] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0181.214] SendMessageW (hWnd=0xf02d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0181.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0181.214] IsAppThemed () returned 0x1
[0181.214] GetThemeAppProperties () returned 0x3
[0181.214] GetThemeAppProperties () returned 0x3
[0181.214] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0181.214] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xdc010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0181.214] GdipReleaseDC (graphics=0x6600030, hdc=0xdc010801) returned 0x0
[0181.214] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.214] SelectObject (hdc=0xdc010801, h=0x85000f) returned 0x4a0507fe
[0181.215] DeleteDC (hdc=0xdc010801) returned 1
[0181.215] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0181.215] EndPaint (hWnd=0xd02da, lpPaint=0xd7dee4) returned 1
[0181.219] MapWindowPoints (in: hWndFrom=0xd02da, hWndTo=0x0, lpPoints=0x2d50714, cPoints=0x1 | out: lpPoints=0x2d50714) returned 30999254
[0181.219] WindowFromPoint (Point=0x2ef) returned 0xd02da
[0181.219] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.220] NotifyWinEvent (event=0x800a, hwnd=0xd02da, idObject=-4, idChild=0)
[0181.220] NotifyWinEvent (event=0x800c, hwnd=0xd02da, idObject=-4, idChild=0)
[0181.220] GetCapture () returned 0xd02da
[0181.220] ReleaseCapture () returned 1
[0181.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0181.220] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0181.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.221] IsWindow (hWnd=0x7005c) returned 1
[0181.221] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0181.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0181.221] IsWindow (hWnd=0xf02d8) returned 1
[0181.221] SetActiveWindow (hWnd=0xf02d8) returned 0xf02d8
[0181.221] IsWindow (hWnd=0xf02d8) returned 1
[0181.222] SetFocus (hWnd=0xf02d8) returned 0xd02da
[0181.222] GetFocus () returned 0xf02d8
[0181.222] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x8, wParam=0xf02d8, lParam=0x0) returned 0x0
[0181.222] GetCapture () returned 0x0
[0181.222] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0181.223] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0181.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0181.226] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0181.226] GetFocus () returned 0xf02d8
[0181.227] SetFocus (hWnd=0xd02da) returned 0xf02d8
[0181.227] GetFocus () returned 0xd02da
[0181.227] IsChild (hWndParent=0xf02d8, hWnd=0xd02da) returned 1
[0181.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x8, wParam=0xd02da, lParam=0x0) returned 0x0
[0181.228] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0181.229] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0181.231] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0181.231] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x7, wParam=0xf02d8, lParam=0x0) returned 0x0
[0181.232] GetStockObject (i=5) returned 0x900015
[0181.232] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0181.232] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0181.232] GetDlgItem (hDlg=0xf02d8, nIDDlgItem=852698) returned 0xd02da
[0181.232] SendMessageW (hWnd=0xd02da, Msg=0x202b, wParam=0xd02da, lParam=0xd7ddcc) returned 0x0
[0181.232] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x202b, wParam=0xd02da, lParam=0xd7ddcc) returned 0x0
[0181.232] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0181.234] GetWindowLongW (hWnd=0xf02d8, nIndex=-8) returned 458844
[0181.234] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0181.234] GetCurrentThreadId () returned 0xf50
[0181.234] IsWindow (hWnd=0x7005c) returned 1
[0181.234] IsWindow (hWnd=0x7005c) returned 1
[0181.234] IsWindowVisible (hWnd=0x7005c) returned 1
[0181.234] SetActiveWindow (hWnd=0x7005c) returned 0xf02d8
[0181.234] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0181.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0181.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0181.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0181.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0181.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0181.239] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0181.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0181.239] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0181.239] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0181.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0181.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0181.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0181.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0xf02d8) returned 0x1
[0181.244] GetFocus () returned 0xd02da
[0181.244] SetFocus (hWnd=0x602c4) returned 0xd02da
[0181.244] GetFocus () returned 0x602c4
[0181.244] IsChild (hWndParent=0xf02d8, hWnd=0x602c4) returned 0
[0181.244] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0181.244] GetCapture () returned 0x0
[0181.244] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0181.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0181.247] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0181.301] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0181.301] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0181.301] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0181.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0181.302] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0181.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xd02da, lParam=0x0) returned 0x0
[0181.302] GetStockObject (i=5) returned 0x900015
[0181.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0181.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed6e8) returned 0xc
[0181.303] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0181.303] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0181.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0181.303] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0181.305] GetFocus () returned 0x602c4
[0181.305] IsChild (hWndParent=0xf02d8, hWnd=0x602c4) returned 0
[0181.305] ShowWindow (hWnd=0xf02d8, nCmdShow=0) returned 1
[0181.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0181.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0181.307] GetWindowPlacement (in: hWnd=0xf02d8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0181.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0181.307] GetClientRect (in: hWnd=0xf02d8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0181.307] GetWindowRect (in: hWnd=0xf02d8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0181.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0181.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0181.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0181.309] GetWindowLongW (hWnd=0xf02d8, nIndex=-20) returned 327945
[0181.309] DestroyWindow (hWnd=0xf02d8) returned 1
[0181.309] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0181.320] GetWindowTextLengthW (hWnd=0xf02d8) returned 13
[0181.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.320] GetSystemMetrics (nIndex=42) returned 0
[0181.320] GetWindowTextW (in: hWnd=0xf02d8, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0181.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0181.320] GetWindowTextLengthW (hWnd=0xe02d2) returned 0
[0181.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0181.321] GetSystemMetrics (nIndex=42) returned 0
[0181.321] GetWindowTextW (in: hWnd=0xe02d2, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0181.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0181.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0181.321] GetWindowThreadProcessId (in: hWnd=0xd02dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0181.321] GetWindow (hWnd=0xd02dc, uCmd=0x5) returned 0x0
[0181.321] GetWindowLongW (hWnd=0xd02dc, nIndex=-20) returned 65792
[0181.321] DestroyWindow (hWnd=0xd02dc) returned 1
[0181.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0181.321] GetWindowTextLengthW (hWnd=0xd02dc) returned 25
[0181.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0181.321] GetSystemMetrics (nIndex=42) returned 0
[0181.321] GetWindowTextW (in: hWnd=0xd02dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0181.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0181.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0181.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.323] GetWindowTextLengthW (hWnd=0xd02de) returned 232
[0181.323] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0181.323] GetSystemMetrics (nIndex=42) returned 0
[0181.323] GetWindowTextW (in: hWnd=0xd02de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0181.323] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0181.323] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0181.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0181.324] InvalidateRect (hWnd=0xd02da, lpRect=0x0, bErase=0) returned 1
[0181.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0181.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0181.324] SendMessageW (hWnd=0xb005a, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0181.324] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0181.324] SendMessageW (hWnd=0xb005a, Msg=0xb0, wParam=0x2d1c638, lParam=0xd7e480) returned 0x0
[0181.324] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0xb0, wParam=0x2d1c638, lParam=0xd7e480) returned 0x0
[0181.324] GetWindowTextLengthW (hWnd=0xb005a) returned 4363
[0181.324] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0181.324] GetSystemMetrics (nIndex=42) returned 0
[0181.324] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0181.324] GetWindowTextW (in: hWnd=0xb005a, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0181.324] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0181.324] CoTaskMemFree (pv=0x11fff70)
[0181.325] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0181.327] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.328] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.331] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1000ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.334] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xb005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.336] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0181.337] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.337] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.338] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.338] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.338] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.338] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.338] IsWindowUnicode (hWnd=0x7005c) returned 1
[0181.338] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.339] SetCursor (hCursor=0x10003) returned 0x10003
[0181.339] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.339] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.339] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0181.339] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0181.339] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0181.339] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0231) returned 0x0
[0181.339] GetKeyState (nVirtKey=1) returned 1
[0181.339] GetKeyState (nVirtKey=2) returned 0
[0181.339] GetKeyState (nVirtKey=4) returned 0
[0181.339] GetKeyState (nVirtKey=5) returned 0
[0181.339] GetKeyState (nVirtKey=6) returned 0
[0181.339] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.340] IsWindowUnicode (hWnd=0x7005c) returned 1
[0181.340] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.340] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.340] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.340] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.341] IsWindowUnicode (hWnd=0x7005c) returned 1
[0181.341] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0181.342] SetCursor (hCursor=0x10003) returned 0x10003
[0181.342] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.342] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.342] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0231) returned 0x0
[0181.342] GetKeyState (nVirtKey=1) returned 1
[0181.342] GetKeyState (nVirtKey=2) returned 0
[0181.342] GetKeyState (nVirtKey=4) returned 0
[0181.342] GetKeyState (nVirtKey=5) returned 0
[0181.342] GetKeyState (nVirtKey=6) returned 0
[0181.342] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.343] IsWindowUnicode (hWnd=0x602c4) returned 1
[0181.343] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.343] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.343] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.343] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.344] IsWindowUnicode (hWnd=0x602c4) returned 1
[0181.344] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.344] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.344] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.344] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0181.344] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.344] CreateCompatibleDC (hdc=0x60100ce) returned 0x750107d1
[0181.344] SelectObject (hdc=0x750107d1, h=0x4a0507fe) returned 0x85000f
[0181.344] GdipCreateFromHDC (hdc=0x750107d1, graphics=0xd7e798) returned 0x0
[0181.345] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0181.345] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0181.345] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0181.345] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0181.345] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e7f8) returned 0x0
[0181.345] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0181.345] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0181.345] LocalFree (hMem=0x11ee868) returned 0x0
[0181.345] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0181.345] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0181.345] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0181.345] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0181.345] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0181.345] GdipRestoreGraphics (graphics=0x6600030, state=0xfbbc0dbd) returned 0x0
[0181.345] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0181.346] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0181.346] GetCurrentObject (hdc=0x750107d1, type=0x1) returned 0xb00017
[0181.346] GetCurrentObject (hdc=0x750107d1, type=0x2) returned 0x900010
[0181.346] GetCurrentObject (hdc=0x750107d1, type=0x7) returned 0x4a0507fe
[0181.346] GetCurrentObject (hdc=0x750107d1, type=0x6) returned 0x8a01c2
[0181.346] SaveDC (hdc=0x750107d1) returned 1
[0181.346] GetNearestColor (hdc=0x750107d1, color=0xff) returned 0xff
[0181.346] GetNearestColor (hdc=0x750107d1, color=0x55) returned 0x55
[0181.346] GetNearestColor (hdc=0x750107d1, color=0x0) returned 0x0
[0181.346] GetNearestColor (hdc=0x750107d1, color=0x55) returned 0x55
[0181.346] GetNearestColor (hdc=0x750107d1, color=0x0) returned 0x0
[0181.346] GetNearestColor (hdc=0x750107d1, color=0x8080ff) returned 0x8080ff
[0181.346] GetNearestColor (hdc=0x750107d1, color=0x7373e5) returned 0x7373e5
[0181.346] GetNearestColor (hdc=0x750107d1, color=0xe5) returned 0xe5
[0181.347] GetNearestColor (hdc=0x750107d1, color=0x0) returned 0x0
[0181.347] RestoreDC (hdc=0x750107d1, nSavedDC=-1) returned 1
[0181.347] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d1) returned 0x0
[0181.347] IsAppThemed () returned 0x1
[0181.347] GetThemeAppProperties () returned 0x3
[0181.347] GetThemeAppProperties () returned 0x3
[0181.347] IsAppThemed () returned 0x1
[0181.347] GetThemeAppProperties () returned 0x3
[0181.347] GetThemeAppProperties () returned 0x3
[0181.347] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d58480 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0181.347] IsAppThemed () returned 0x1
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] IsAppThemed () returned 0x1
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] GetFocus () returned 0x602c4
[0181.348] IsAppThemed () returned 0x1
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] IsAppThemed () returned 0x1
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] IsThemePartDefined () returned 0x1
[0181.348] IsAppThemed () returned 0x1
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0181.348] IsAppThemed () returned 0x1
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] GetThemeAppProperties () returned 0x3
[0181.348] IsAppThemed () returned 0x1
[0181.349] GetThemeAppProperties () returned 0x3
[0181.349] GetThemeAppProperties () returned 0x3
[0181.349] IsThemePartDefined () returned 0x1
[0181.349] GdipCreateRegion (region=0xd7e508) returned 0x0
[0181.349] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0181.349] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0181.349] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0181.349] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e520) returned 0x0
[0181.349] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0181.349] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0181.349] LocalFree (hMem=0x11ee9f0) returned 0x0
[0181.349] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0181.349] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0181.349] LocalFree (hMem=0x11ee788) returned 0x0
[0181.349] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0181.349] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0181.349] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0181.349] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0181.350] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.350] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0181.350] GetCurrentObject (hdc=0x750107d1, type=0x1) returned 0xb00017
[0181.350] GetCurrentObject (hdc=0x750107d1, type=0x2) returned 0x900010
[0181.350] GetCurrentObject (hdc=0x750107d1, type=0x7) returned 0x4a0507fe
[0181.350] GetCurrentObject (hdc=0x750107d1, type=0x6) returned 0x8a01c2
[0181.350] SaveDC (hdc=0x750107d1) returned 1
[0181.350] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8c0407de
[0181.350] GetClipRgn (hdc=0x750107d1, hrgn=0x8c0407de) returned 0
[0181.350] SelectClipRgn (hdc=0x750107d1, hrgn=0x8040807) returned 2
[0181.350] DeleteObject (ho=0x8c0407de) returned 1
[0181.350] DeleteObject (ho=0x8040807) returned 1
[0181.350] OffsetViewportOrgEx (in: hdc=0x750107d1, x=0, y=0, lppt=0x2d58b30 | out: lppt=0x2d58b30) returned 1
[0181.350] DrawThemeParentBackground () returned 0x0
[0181.351] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0181.351] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0181.351] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0181.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.351] GetSystemMetrics (nIndex=42) returned 0
[0181.351] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0181.351] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0181.351] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0181.351] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0181.351] SelectPalette (hdc=0x750107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.351] GdipCreateFromHDC (hdc=0x750107d1, graphics=0xd7dff8) returned 0x0
[0181.352] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0181.352] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0181.352] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638db8) returned 0x0
[0181.352] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dfd0) returned 0x0
[0181.352] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0181.352] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0181.352] GdipGetClip (graphics=0x6669f00, region=0x6646718) returned 0x0
[0181.352] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6669f00, result=0xd7dfc4) returned 0x0
[0181.352] GdipDeleteRegion (region=0x6646718) returned 0x0
[0181.352] GdipSaveGraphics (graphics=0x6669f00, state=0xd7dff0) returned 0x0
[0181.352] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0181.398] GdipFillRectangleI (graphics=0x6669f00, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0181.398] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0181.400] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0181.400] SelectPalette (hdc=0x750107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.400] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0181.400] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.400] GetSystemMetrics (nIndex=42) returned 0
[0181.400] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.400] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0181.400] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0181.400] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0181.400] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0181.400] SelectPalette (hdc=0x750107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0181.400] GdipCreateFromHDC (hdc=0x750107d1, graphics=0xd7df98) returned 0x0
[0181.401] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0181.401] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0181.401] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638c08) returned 0x0
[0181.401] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df70) returned 0x0
[0181.401] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0181.401] GdipCreateRegion (region=0xd7df58) returned 0x0
[0181.401] GdipGetClip (graphics=0x6669f00, region=0x6646ef8) returned 0x0
[0181.401] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6669f00, result=0xd7df64) returned 0x0
[0181.401] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.401] GdipSaveGraphics (graphics=0x6669f00, state=0xd7df90) returned 0x0
[0181.401] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0181.418] GdipFillRectangleI (graphics=0x6669f00, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0181.418] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0181.421] GdipRestoreGraphics (graphics=0x6669f00, state=0xfbb80dbd) returned 0x0
[0181.421] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0181.421] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0181.421] GetSystemMetrics (nIndex=42) returned 0
[0181.421] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0181.421] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0181.421] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0181.421] SelectPalette (hdc=0x750107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.422] RestoreDC (hdc=0x750107d1, nSavedDC=-1) returned 1
[0181.422] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d1) returned 0x0
[0181.422] IsAppThemed () returned 0x1
[0181.422] GetThemeAppProperties () returned 0x3
[0181.422] GetThemeAppProperties () returned 0x3
[0181.422] IsAppThemed () returned 0x1
[0181.422] GetThemeAppProperties () returned 0x3
[0181.422] GetThemeAppProperties () returned 0x3
[0181.422] IsThemePartDefined () returned 0x1
[0181.422] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0181.422] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0181.422] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0181.422] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0181.422] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e4a4) returned 0x0
[0181.423] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0181.423] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea60) returned 0x0
[0181.423] LocalFree (hMem=0x11eea60) returned 0x0
[0181.423] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0181.423] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0181.423] LocalFree (hMem=0x11ee868) returned 0x0
[0181.423] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0181.423] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0181.423] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0181.423] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0181.423] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0181.423] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0181.423] GetCurrentObject (hdc=0x750107d1, type=0x1) returned 0xb00017
[0181.423] GetCurrentObject (hdc=0x750107d1, type=0x2) returned 0x900010
[0181.423] GetCurrentObject (hdc=0x750107d1, type=0x7) returned 0x4a0507fe
[0181.423] GetCurrentObject (hdc=0x750107d1, type=0x6) returned 0x8a01c2
[0181.424] SaveDC (hdc=0x750107d1) returned 1
[0181.424] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9040807
[0181.424] GetClipRgn (hdc=0x750107d1, hrgn=0x9040807) returned 0
[0181.424] SelectClipRgn (hdc=0x750107d1, hrgn=0x8e0407de) returned 2
[0181.424] DeleteObject (ho=0x9040807) returned 1
[0181.424] DeleteObject (ho=0x8e0407de) returned 1
[0181.424] OffsetViewportOrgEx (in: hdc=0x750107d1, x=0, y=0, lppt=0x2d5f380 | out: lppt=0x2d5f380) returned 1
[0181.424] IsAppThemed () returned 0x1
[0181.424] GetThemeAppProperties () returned 0x3
[0181.424] GetThemeAppProperties () returned 0x3
[0181.424] DrawThemeBackground () returned 0x0
[0181.424] RestoreDC (hdc=0x750107d1, nSavedDC=-1) returned 1
[0181.424] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d1) returned 0x0
[0181.424] GdipCreateRegion (region=0xd7e490) returned 0x0
[0181.425] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0181.425] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0181.425] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0181.425] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a8) returned 0x0
[0181.425] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0181.425] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea60) returned 0x0
[0181.425] LocalFree (hMem=0x11eea60) returned 0x0
[0181.425] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0181.425] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0181.425] LocalFree (hMem=0x11ee868) returned 0x0
[0181.425] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0181.425] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0181.425] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0181.425] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0181.425] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0181.425] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0181.425] GetCurrentObject (hdc=0x750107d1, type=0x1) returned 0xb00017
[0181.426] GetCurrentObject (hdc=0x750107d1, type=0x2) returned 0x900010
[0181.426] GetCurrentObject (hdc=0x750107d1, type=0x7) returned 0x4a0507fe
[0181.426] GetCurrentObject (hdc=0x750107d1, type=0x6) returned 0x8a01c2
[0181.426] SaveDC (hdc=0x750107d1) returned 1
[0181.426] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8f0407de
[0181.426] GetClipRgn (hdc=0x750107d1, hrgn=0x8f0407de) returned 0
[0181.426] SelectClipRgn (hdc=0x750107d1, hrgn=0xa040807) returned 2
[0181.426] DeleteObject (ho=0x8f0407de) returned 1
[0181.426] DeleteObject (ho=0xa040807) returned 1
[0181.426] OffsetViewportOrgEx (in: hdc=0x750107d1, x=0, y=0, lppt=0x2d5f654 | out: lppt=0x2d5f654) returned 1
[0181.426] IsAppThemed () returned 0x1
[0181.426] GetThemeAppProperties () returned 0x3
[0181.426] GetThemeAppProperties () returned 0x3
[0181.426] GetThemeBackgroundContentRect () returned 0x0
[0181.426] RestoreDC (hdc=0x750107d1, nSavedDC=-1) returned 1
[0181.426] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d1) returned 0x0
[0181.427] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0181.427] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0181.427] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0181.427] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0181.427] IsAppThemed () returned 0x1
[0181.427] GetThemeAppProperties () returned 0x3
[0181.427] GetThemeAppProperties () returned 0x3
[0181.427] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0181.427] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0181.427] GetCurrentObject (hdc=0x750107d1, type=0x1) returned 0xb00017
[0181.427] GetCurrentObject (hdc=0x750107d1, type=0x2) returned 0x900010
[0181.427] GetCurrentObject (hdc=0x750107d1, type=0x7) returned 0x4a0507fe
[0181.427] GetCurrentObject (hdc=0x750107d1, type=0x6) returned 0x8a01c2
[0181.427] SaveDC (hdc=0x750107d1) returned 1
[0181.427] GetTextAlign (hdc=0x750107d1) returned 0x0
[0181.427] GetTextColor (hdc=0x750107d1) returned 0x0
[0181.428] GetCurrentObject (hdc=0x750107d1, type=0x6) returned 0x8a01c2
[0181.428] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0181.428] SelectObject (hdc=0x750107d1, h=0x6d0a0520) returned 0x8a01c2
[0181.428] GetBkMode (hdc=0x750107d1) returned 2
[0181.428] SetBkMode (hdc=0x750107d1, mode=1) returned 2
[0181.428] DrawTextExW (in: hdc=0x750107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d5fa18 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0181.428] DrawTextExW (in: hdc=0x750107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d5fa18 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0181.429] RestoreDC (hdc=0x750107d1, nSavedDC=-1) returned 1
[0181.429] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d1) returned 0x0
[0181.429] GetFocus () returned 0x602c4
[0181.429] IsAppThemed () returned 0x1
[0181.429] GetThemeAppProperties () returned 0x3
[0181.429] GetThemeAppProperties () returned 0x3
[0181.429] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0181.429] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x750107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0181.429] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d1) returned 0x0
[0181.429] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0181.430] SelectObject (hdc=0x750107d1, h=0x85000f) returned 0x4a0507fe
[0181.430] DeleteDC (hdc=0x750107d1) returned 1
[0181.430] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0181.430] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0181.430] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.430] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.430] WaitMessage () returned 1
[0181.440] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.440] IsWindowUnicode (hWnd=0x7005c) returned 1
[0181.440] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.440] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.440] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.440] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.440] IsWindowUnicode (hWnd=0x7005c) returned 1
[0181.440] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.441] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.441] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10c0231) returned 0x0
[0181.441] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.441] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.441] WaitMessage () returned 1
[0181.491] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.491] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.491] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.491] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.491] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.492] WaitMessage () returned 1
[0181.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.493] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.493] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.493] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.494] WaitMessage () returned 1
[0181.495] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.495] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.495] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.495] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.495] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.497] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.497] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.497] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.498] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.498] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.498] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.498] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.498] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.498] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.498] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.498] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.499] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.499] WaitMessage () returned 1
[0181.499] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.499] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.499] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.499] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.500] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.501] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.501] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.501] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.501] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.502] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.502] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.502] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.502] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.503] WaitMessage () returned 1
[0181.503] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.503] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.503] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.503] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.503] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.504] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.505] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.505] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.505] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.505] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.505] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.505] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.505] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.505] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.506] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.506] WaitMessage () returned 1
[0181.506] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.506] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.506] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.506] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.507] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.509] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.509] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.509] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.510] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.510] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.510] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.510] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.510] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.510] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.510] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.510] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.511] WaitMessage () returned 1
[0181.512] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.512] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.512] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.516] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.516] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.517] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.517] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.517] WaitMessage () returned 1
[0181.520] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.521] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.521] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.521] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.521] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.522] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.522] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.522] WaitMessage () returned 1
[0181.523] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.523] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.523] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.523] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.523] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.524] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.524] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.524] WaitMessage () returned 1
[0181.525] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.525] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.525] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.525] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.525] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.526] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.526] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.526] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.527] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.527] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.527] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.527] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.527] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.527] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.527] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.527] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.528] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.528] WaitMessage () returned 1
[0181.528] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.528] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.528] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.528] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.528] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.530] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.530] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.530] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.530] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.530] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.530] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.530] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.531] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.531] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.531] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.531] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.531] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.531] WaitMessage () returned 1
[0181.532] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.532] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.532] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.532] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.532] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.534] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.535] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.535] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.535] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.535] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.535] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.535] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.535] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.535] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.535] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.535] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.536] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.536] WaitMessage () returned 1
[0181.536] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.536] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.537] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.537] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.537] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.538] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.538] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.539] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.539] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.539] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.539] IsWindowUnicode (hWnd=0x30122) returned 1
[0181.539] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.539] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.539] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.540] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.540] WaitMessage () returned 1
[0181.609] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.609] IsWindowUnicode (hWnd=0x502c6) returned 1
[0181.609] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0181.609] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0181.609] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0181.610] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.610] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0181.610] WaitMessage () returned 1
[0183.455] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f4) returned 0x1
[0183.455] IsWindowUnicode (hWnd=0x602c4) returned 1
[0183.455] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.455] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0183.455] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0183.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0183.455] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f4) returned 0x1
[0183.456] IsWindowUnicode (hWnd=0x602c4) returned 1
[0183.456] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f4) returned 0x1
[0183.456] SetCursor (hCursor=0x10003) returned 0x10003
[0183.456] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0183.456] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0183.456] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0183.456] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0183.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0183.456] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0183.456] GetKeyState (nVirtKey=1) returned 1
[0183.456] GetKeyState (nVirtKey=2) returned 0
[0183.456] GetKeyState (nVirtKey=4) returned 0
[0183.457] GetKeyState (nVirtKey=5) returned 0
[0183.457] GetKeyState (nVirtKey=6) returned 0
[0183.457] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.457] IsWindowUnicode (hWnd=0x602c4) returned 1
[0183.457] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.457] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0183.457] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0183.457] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0183.457] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0183.457] CreateCompatibleDC (hdc=0x60100ce) returned 0xf3010781
[0183.457] SelectObject (hdc=0xf3010781, h=0x4a0507fe) returned 0x85000f
[0183.457] GdipCreateFromHDC (hdc=0xf3010781, graphics=0xd7e798) returned 0x0
[0183.458] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0183.458] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0183.458] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0183.458] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0183.458] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e7f8) returned 0x0
[0183.458] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0183.458] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0183.458] LocalFree (hMem=0x11ee9f0) returned 0x0
[0183.458] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0183.458] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0183.458] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0183.458] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0183.458] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0183.458] GdipRestoreGraphics (graphics=0x6600030, state=0xfbb60dbd) returned 0x0
[0183.458] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0183.459] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0183.459] GetCurrentObject (hdc=0xf3010781, type=0x1) returned 0xb00017
[0183.459] GetCurrentObject (hdc=0xf3010781, type=0x2) returned 0x900010
[0183.459] GetCurrentObject (hdc=0xf3010781, type=0x7) returned 0x4a0507fe
[0183.459] GetCurrentObject (hdc=0xf3010781, type=0x6) returned 0x8a01c2
[0183.459] SaveDC (hdc=0xf3010781) returned 1
[0183.459] GetNearestColor (hdc=0xf3010781, color=0xff) returned 0xff
[0183.459] GetNearestColor (hdc=0xf3010781, color=0x55) returned 0x55
[0183.459] GetNearestColor (hdc=0xf3010781, color=0x0) returned 0x0
[0183.459] GetNearestColor (hdc=0xf3010781, color=0x55) returned 0x55
[0183.459] GetNearestColor (hdc=0xf3010781, color=0x0) returned 0x0
[0183.459] GetNearestColor (hdc=0xf3010781, color=0x8080ff) returned 0x8080ff
[0183.459] GetNearestColor (hdc=0xf3010781, color=0x7373e5) returned 0x7373e5
[0183.459] GetNearestColor (hdc=0xf3010781, color=0xe5) returned 0xe5
[0183.460] GetNearestColor (hdc=0xf3010781, color=0x0) returned 0x0
[0183.460] RestoreDC (hdc=0xf3010781, nSavedDC=-1) returned 1
[0183.460] GdipReleaseDC (graphics=0x6600030, hdc=0xf3010781) returned 0x0
[0183.460] IsAppThemed () returned 0x1
[0183.460] GetThemeAppProperties () returned 0x3
[0183.460] GetThemeAppProperties () returned 0x3
[0183.460] IsAppThemed () returned 0x1
[0183.460] GetThemeAppProperties () returned 0x3
[0183.460] GetThemeAppProperties () returned 0x3
[0183.460] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d60460 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0183.460] IsAppThemed () returned 0x1
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] IsAppThemed () returned 0x1
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] IsAppThemed () returned 0x1
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] IsAppThemed () returned 0x1
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] IsThemePartDefined () returned 0x1
[0183.461] IsAppThemed () returned 0x1
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0183.461] IsAppThemed () returned 0x1
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] GetThemeAppProperties () returned 0x3
[0183.461] IsAppThemed () returned 0x1
[0183.461] GetThemeAppProperties () returned 0x3
[0183.462] GetThemeAppProperties () returned 0x3
[0183.462] IsThemePartDefined () returned 0x1
[0183.462] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0183.462] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0183.462] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0183.462] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0183.462] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e514) returned 0x0
[0183.462] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0183.462] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0183.462] LocalFree (hMem=0x11ee8d8) returned 0x0
[0183.462] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0183.462] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea60) returned 0x0
[0183.462] LocalFree (hMem=0x11eea60) returned 0x0
[0183.462] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0183.462] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0183.462] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0183.462] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0183.462] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0183.463] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0183.463] GetCurrentObject (hdc=0xf3010781, type=0x1) returned 0xb00017
[0183.463] GetCurrentObject (hdc=0xf3010781, type=0x2) returned 0x900010
[0183.463] GetCurrentObject (hdc=0xf3010781, type=0x7) returned 0x4a0507fe
[0183.463] GetCurrentObject (hdc=0xf3010781, type=0x6) returned 0x8a01c2
[0183.463] SaveDC (hdc=0xf3010781) returned 1
[0183.463] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb040807
[0183.463] GetClipRgn (hdc=0xf3010781, hrgn=0xb040807) returned 0
[0183.463] SelectClipRgn (hdc=0xf3010781, hrgn=0x930407de) returned 2
[0183.463] DeleteObject (ho=0xb040807) returned 1
[0183.463] DeleteObject (ho=0x930407de) returned 1
[0183.463] OffsetViewportOrgEx (in: hdc=0xf3010781, x=0, y=0, lppt=0x2d60b10 | out: lppt=0x2d60b10) returned 1
[0183.463] DrawThemeParentBackground () returned 0x0
[0183.464] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0183.464] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0183.464] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.464] GetSystemMetrics (nIndex=42) returned 0
[0183.464] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0183.464] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0183.464] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0183.464] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0183.464] SelectPalette (hdc=0xf3010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0183.464] GdipCreateFromHDC (hdc=0xf3010781, graphics=0xd7dff0) returned 0x0
[0183.464] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0183.464] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0183.465] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638d88) returned 0x0
[0183.465] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfc8) returned 0x0
[0183.465] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0183.465] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0183.465] GdipGetClip (graphics=0x6669f00, region=0x6646ef8) returned 0x0
[0183.465] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6669f00, result=0xd7dfbc) returned 0x0
[0183.465] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0183.465] GdipSaveGraphics (graphics=0x6669f00, state=0xd7dfe8) returned 0x0
[0183.465] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0183.475] GdipFillRectangleI (graphics=0x6669f00, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0183.475] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0183.477] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0183.477] SelectPalette (hdc=0xf3010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0183.477] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.477] GetSystemMetrics (nIndex=42) returned 0
[0183.477] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0183.477] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0183.477] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0183.477] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0183.477] SelectPalette (hdc=0xf3010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0183.478] GdipCreateFromHDC (hdc=0xf3010781, graphics=0xd7df90) returned 0x0
[0183.478] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0183.478] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0183.478] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638cf8) returned 0x0
[0183.478] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df68) returned 0x0
[0183.478] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0183.478] GdipCreateRegion (region=0xd7df50) returned 0x0
[0183.478] GdipGetClip (graphics=0x6669f00, region=0x6646ef8) returned 0x0
[0183.478] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6669f00, result=0xd7df5c) returned 0x0
[0183.478] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0183.478] GdipSaveGraphics (graphics=0x6669f00, state=0xd7df88) returned 0x0
[0183.478] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0183.488] GdipFillRectangleI (graphics=0x6669f00, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0183.488] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0183.489] GdipRestoreGraphics (graphics=0x6669f00, state=0xfbb20dbd) returned 0x0
[0183.489] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.489] GetSystemMetrics (nIndex=42) returned 0
[0183.490] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0183.490] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0183.490] SelectPalette (hdc=0xf3010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0183.490] RestoreDC (hdc=0xf3010781, nSavedDC=-1) returned 1
[0183.490] GdipReleaseDC (graphics=0x6600030, hdc=0xf3010781) returned 0x0
[0183.490] IsAppThemed () returned 0x1
[0183.490] GetThemeAppProperties () returned 0x3
[0183.490] GetThemeAppProperties () returned 0x3
[0183.490] IsAppThemed () returned 0x1
[0183.490] GetThemeAppProperties () returned 0x3
[0183.490] GetThemeAppProperties () returned 0x3
[0183.490] IsThemePartDefined () returned 0x1
[0183.490] GdipCreateRegion (region=0xd7e480) returned 0x0
[0183.490] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0183.490] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0183.490] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0183.491] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0183.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0183.491] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eead0) returned 0x0
[0183.491] LocalFree (hMem=0x11eead0) returned 0x0
[0183.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0183.491] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0183.491] LocalFree (hMem=0x11ee788) returned 0x0
[0183.491] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0183.491] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0183.491] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0183.491] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0183.491] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0183.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0183.491] GetCurrentObject (hdc=0xf3010781, type=0x1) returned 0xb00017
[0183.491] GetCurrentObject (hdc=0xf3010781, type=0x2) returned 0x900010
[0183.491] GetCurrentObject (hdc=0xf3010781, type=0x7) returned 0x4a0507fe
[0183.491] GetCurrentObject (hdc=0xf3010781, type=0x6) returned 0x8a01c2
[0183.492] SaveDC (hdc=0xf3010781) returned 1
[0183.492] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x940407de
[0183.492] GetClipRgn (hdc=0xf3010781, hrgn=0x940407de) returned 0
[0183.492] SelectClipRgn (hdc=0xf3010781, hrgn=0xd040807) returned 2
[0183.492] DeleteObject (ho=0x940407de) returned 1
[0183.492] DeleteObject (ho=0xd040807) returned 1
[0183.492] OffsetViewportOrgEx (in: hdc=0xf3010781, x=0, y=0, lppt=0x2d67360 | out: lppt=0x2d67360) returned 1
[0183.492] IsAppThemed () returned 0x1
[0183.492] GetThemeAppProperties () returned 0x3
[0183.492] GetThemeAppProperties () returned 0x3
[0183.492] DrawThemeBackground () returned 0x0
[0183.492] RestoreDC (hdc=0xf3010781, nSavedDC=-1) returned 1
[0183.492] GdipReleaseDC (graphics=0x6600030, hdc=0xf3010781) returned 0x0
[0183.492] GdipCreateRegion (region=0xd7e484) returned 0x0
[0183.492] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0183.493] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0183.493] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0183.493] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e49c) returned 0x0
[0183.493] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0183.493] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0183.493] LocalFree (hMem=0x11eead0) returned 0x0
[0183.493] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0183.493] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0183.493] LocalFree (hMem=0x11eec58) returned 0x0
[0183.493] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0183.493] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0183.493] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0183.493] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0183.493] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0183.493] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0183.493] GetCurrentObject (hdc=0xf3010781, type=0x1) returned 0xb00017
[0183.493] GetCurrentObject (hdc=0xf3010781, type=0x2) returned 0x900010
[0183.493] GetCurrentObject (hdc=0xf3010781, type=0x7) returned 0x4a0507fe
[0183.494] GetCurrentObject (hdc=0xf3010781, type=0x6) returned 0x8a01c2
[0183.494] SaveDC (hdc=0xf3010781) returned 1
[0183.494] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe040807
[0183.494] GetClipRgn (hdc=0xf3010781, hrgn=0xe040807) returned 0
[0183.494] SelectClipRgn (hdc=0xf3010781, hrgn=0x950407de) returned 2
[0183.494] DeleteObject (ho=0xe040807) returned 1
[0183.494] DeleteObject (ho=0x950407de) returned 1
[0183.494] OffsetViewportOrgEx (in: hdc=0xf3010781, x=0, y=0, lppt=0x2d67634 | out: lppt=0x2d67634) returned 1
[0183.494] IsAppThemed () returned 0x1
[0183.494] GetThemeAppProperties () returned 0x3
[0183.494] GetThemeAppProperties () returned 0x3
[0183.494] GetThemeBackgroundContentRect () returned 0x0
[0183.494] RestoreDC (hdc=0xf3010781, nSavedDC=-1) returned 1
[0183.494] GdipReleaseDC (graphics=0x6600030, hdc=0xf3010781) returned 0x0
[0183.494] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0183.495] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0183.495] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0183.495] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0183.495] IsAppThemed () returned 0x1
[0183.495] GetThemeAppProperties () returned 0x3
[0183.495] GetThemeAppProperties () returned 0x3
[0183.495] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0183.495] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0183.495] GetCurrentObject (hdc=0xf3010781, type=0x1) returned 0xb00017
[0183.495] GetCurrentObject (hdc=0xf3010781, type=0x2) returned 0x900010
[0183.495] GetCurrentObject (hdc=0xf3010781, type=0x7) returned 0x4a0507fe
[0183.495] GetCurrentObject (hdc=0xf3010781, type=0x6) returned 0x8a01c2
[0183.495] SaveDC (hdc=0xf3010781) returned 1
[0183.495] GetTextAlign (hdc=0xf3010781) returned 0x0
[0183.495] GetTextColor (hdc=0xf3010781) returned 0x0
[0183.495] GetCurrentObject (hdc=0xf3010781, type=0x6) returned 0x8a01c2
[0183.496] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0183.496] SelectObject (hdc=0xf3010781, h=0x6d0a0520) returned 0x8a01c2
[0183.496] GetBkMode (hdc=0xf3010781) returned 2
[0183.496] SetBkMode (hdc=0xf3010781, mode=1) returned 2
[0183.496] DrawTextExW (in: hdc=0xf3010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d679f8 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0183.496] DrawTextExW (in: hdc=0xf3010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d679f8 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0183.497] RestoreDC (hdc=0xf3010781, nSavedDC=-1) returned 1
[0183.497] GdipReleaseDC (graphics=0x6600030, hdc=0xf3010781) returned 0x0
[0183.497] GetFocus () returned 0x602c4
[0183.497] IsAppThemed () returned 0x1
[0183.497] GetThemeAppProperties () returned 0x3
[0183.497] GetThemeAppProperties () returned 0x3
[0183.497] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0183.497] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xf3010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0183.498] GdipReleaseDC (graphics=0x6600030, hdc=0xf3010781) returned 0x0
[0183.498] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0183.498] SelectObject (hdc=0xf3010781, h=0x85000f) returned 0x4a0507fe
[0183.498] DeleteDC (hdc=0xf3010781) returned 1
[0183.498] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0183.498] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0183.498] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0183.498] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0183.498] WaitMessage () returned 1
[0183.562] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.562] IsWindowUnicode (hWnd=0x602c4) returned 1
[0183.562] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.562] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0183.562] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0183.562] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.562] IsWindowUnicode (hWnd=0x602c4) returned 1
[0183.562] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.562] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0183.563] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0183.563] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x40019) returned 0x0
[0183.563] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0183.563] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0183.563] WaitMessage () returned 1
[0183.706] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f4) returned 0x1
[0183.707] IsWindowUnicode (hWnd=0x602c4) returned 1
[0183.707] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f4) returned 0x1
[0183.707] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0183.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1960036) returned 0x0
[0183.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0183.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0183.707] SetCursor (hCursor=0x10003) returned 0x10003
[0183.708] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0183.708] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0183.708] GetKeyState (nVirtKey=1) returned -128
[0183.708] GetKeyState (nVirtKey=2) returned 0
[0183.708] GetKeyState (nVirtKey=4) returned 0
[0183.708] GetKeyState (nVirtKey=5) returned 0
[0183.708] GetKeyState (nVirtKey=6) returned 0
[0183.708] IsWindowVisible (hWnd=0x602c4) returned 1
[0183.708] IsWindowEnabled (hWnd=0x602c4) returned 1
[0183.708] SetFocus (hWnd=0x602c4) returned 0x602c4
[0183.708] GetFocus () returned 0x602c4
[0183.708] GetFocus () returned 0x602c4
[0183.708] GetFocus () returned 0x602c4
[0183.708] GetKeyState (nVirtKey=1) returned -128
[0183.708] GetKeyState (nVirtKey=2) returned 0
[0183.708] GetKeyState (nVirtKey=4) returned 0
[0183.708] GetKeyState (nVirtKey=5) returned 0
[0183.708] GetKeyState (nVirtKey=6) returned 0
[0183.708] GetCapture () returned 0x0
[0183.709] SetCapture (hWnd=0x602c4) returned 0x0
[0183.709] GetKeyState (nVirtKey=1) returned -128
[0183.709] GetKeyState (nVirtKey=2) returned 0
[0183.709] GetKeyState (nVirtKey=4) returned 0
[0183.709] GetKeyState (nVirtKey=5) returned 0
[0183.709] GetKeyState (nVirtKey=6) returned 0
[0183.709] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0183.709] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0183.709] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.709] IsWindowUnicode (hWnd=0x602c4) returned 1
[0183.709] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0183.709] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0183.709] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0183.709] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d67b7c, cPoints=0x1 | out: lpPoints=0x2d67b7c) returned 40304859
[0183.709] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0183.709] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0183.709] UpdateWindow (hWnd=0x602c4) returned 1
[0183.710] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0183.710] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0183.710] CreateCompatibleDC (hdc=0x60100ce) returned 0xf4010781
[0183.710] SelectObject (hdc=0xf4010781, h=0x4a0507fe) returned 0x85000f
[0183.710] GdipCreateFromHDC (hdc=0xf4010781, graphics=0xd7e430) returned 0x0
[0183.710] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0183.710] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0183.710] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0183.710] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0183.710] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e490) returned 0x0
[0183.710] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0183.710] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea28) returned 0x0
[0183.711] LocalFree (hMem=0x11eea28) returned 0x0
[0183.711] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0183.711] GdipCreateRegion (region=0xd7e478) returned 0x0
[0183.711] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0183.711] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e484) returned 0x0
[0183.711] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0183.711] GdipRestoreGraphics (graphics=0x6600030, state=0xfbb00dbd) returned 0x0
[0183.711] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0183.711] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0183.711] GetCurrentObject (hdc=0xf4010781, type=0x1) returned 0xb00017
[0183.711] GetCurrentObject (hdc=0xf4010781, type=0x2) returned 0x900010
[0183.711] GetCurrentObject (hdc=0xf4010781, type=0x7) returned 0x4a0507fe
[0183.711] GetCurrentObject (hdc=0xf4010781, type=0x6) returned 0x8a01c2
[0183.711] SaveDC (hdc=0xf4010781) returned 1
[0183.711] GetNearestColor (hdc=0xf4010781, color=0xff) returned 0xff
[0183.712] GetNearestColor (hdc=0xf4010781, color=0x55) returned 0x55
[0183.712] GetNearestColor (hdc=0xf4010781, color=0x0) returned 0x0
[0183.712] GetNearestColor (hdc=0xf4010781, color=0x55) returned 0x55
[0183.712] GetNearestColor (hdc=0xf4010781, color=0x0) returned 0x0
[0183.712] GetNearestColor (hdc=0xf4010781, color=0x8080ff) returned 0x8080ff
[0183.712] GetNearestColor (hdc=0xf4010781, color=0x7373e5) returned 0x7373e5
[0183.712] GetNearestColor (hdc=0xf4010781, color=0xe5) returned 0xe5
[0183.712] GetNearestColor (hdc=0xf4010781, color=0x0) returned 0x0
[0183.712] RestoreDC (hdc=0xf4010781, nSavedDC=-1) returned 1
[0183.712] GdipReleaseDC (graphics=0x6600030, hdc=0xf4010781) returned 0x0
[0183.712] IsAppThemed () returned 0x1
[0183.712] GetThemeAppProperties () returned 0x3
[0183.712] GetThemeAppProperties () returned 0x3
[0183.712] IsAppThemed () returned 0x1
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d68298 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0183.713] IsAppThemed () returned 0x1
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] IsAppThemed () returned 0x1
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] IsAppThemed () returned 0x1
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] GetThemeAppProperties () returned 0x3
[0183.713] IsAppThemed () returned 0x1
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] IsThemePartDefined () returned 0x1
[0183.714] IsAppThemed () returned 0x1
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0183.714] IsAppThemed () returned 0x1
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] IsAppThemed () returned 0x1
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] GetThemeAppProperties () returned 0x3
[0183.714] IsThemePartDefined () returned 0x1
[0183.714] GdipCreateRegion (region=0xd7e194) returned 0x0
[0183.714] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0183.714] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0183.714] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0183.714] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e1ac) returned 0x0
[0183.714] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0183.714] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0183.715] LocalFree (hMem=0x11ee868) returned 0x0
[0183.715] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0183.715] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0183.715] LocalFree (hMem=0x11eec58) returned 0x0
[0183.715] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0183.715] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0183.715] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0183.715] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0183.715] GdipDeleteRegion (region=0x6646298) returned 0x0
[0183.715] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0183.715] GetCurrentObject (hdc=0xf4010781, type=0x1) returned 0xb00017
[0183.715] GetCurrentObject (hdc=0xf4010781, type=0x2) returned 0x900010
[0183.715] GetCurrentObject (hdc=0xf4010781, type=0x7) returned 0x4a0507fe
[0183.715] GetCurrentObject (hdc=0xf4010781, type=0x6) returned 0x8a01c2
[0183.715] SaveDC (hdc=0xf4010781) returned 1
[0183.715] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x960407de
[0183.716] GetClipRgn (hdc=0xf4010781, hrgn=0x960407de) returned 0
[0183.716] SelectClipRgn (hdc=0xf4010781, hrgn=0x12040807) returned 2
[0183.716] DeleteObject (ho=0x960407de) returned 1
[0183.716] DeleteObject (ho=0x12040807) returned 1
[0183.716] OffsetViewportOrgEx (in: hdc=0xf4010781, x=0, y=0, lppt=0x2d68948 | out: lppt=0x2d68948) returned 1
[0183.716] DrawThemeParentBackground () returned 0x0
[0183.716] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0183.716] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0183.716] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.716] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.716] GetSystemMetrics (nIndex=42) returned 0
[0183.716] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.716] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0183.717] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0183.717] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0183.717] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0183.717] SelectPalette (hdc=0xf4010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0183.717] GdipCreateFromHDC (hdc=0xf4010781, graphics=0xd7dc88) returned 0x0
[0183.717] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0183.717] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0183.717] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638ab8) returned 0x0
[0183.717] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc60) returned 0x0
[0183.717] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0183.717] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0183.717] GdipGetClip (graphics=0x6669f00, region=0x6646b98) returned 0x0
[0183.717] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6669f00, result=0xd7dc54) returned 0x0
[0183.717] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0183.717] GdipSaveGraphics (graphics=0x6669f00, state=0xd7dc80) returned 0x0
[0183.717] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0183.728] GdipFillRectangleI (graphics=0x6669f00, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0183.728] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0183.730] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0183.730] SelectPalette (hdc=0xf4010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0183.730] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.730] GetSystemMetrics (nIndex=42) returned 0
[0183.730] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0183.730] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0183.730] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0183.730] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0183.730] SelectPalette (hdc=0xf4010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0183.730] GdipCreateFromHDC (hdc=0xf4010781, graphics=0xd7dc28) returned 0x0
[0183.731] GdipSetPageUnit (graphics=0x6669f00, unit=0x2) returned 0x0
[0183.731] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0183.731] GdipGetWorldTransform (graphics=0x6669f00, matrix=0x6638c98) returned 0x0
[0183.731] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc00) returned 0x0
[0183.731] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0183.731] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0183.731] GdipGetClip (graphics=0x6669f00, region=0x6646b98) returned 0x0
[0183.731] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6669f00, result=0xd7dbf4) returned 0x0
[0183.731] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0183.731] GdipSaveGraphics (graphics=0x6669f00, state=0xd7dc20) returned 0x0
[0183.731] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0183.741] GdipFillRectangleI (graphics=0x6669f00, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0183.741] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0183.743] GdipRestoreGraphics (graphics=0x6669f00, state=0xfbac0dbd) returned 0x0
[0183.743] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.743] GetSystemMetrics (nIndex=42) returned 0
[0183.743] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0183.743] GdipDeleteGraphics (graphics=0x6669f00) returned 0x0
[0183.743] SelectPalette (hdc=0xf4010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0183.744] RestoreDC (hdc=0xf4010781, nSavedDC=-1) returned 1
[0183.744] GdipReleaseDC (graphics=0x6600030, hdc=0xf4010781) returned 0x0
[0183.744] IsAppThemed () returned 0x1
[0183.744] GetThemeAppProperties () returned 0x3
[0183.744] GetThemeAppProperties () returned 0x3
[0183.744] IsAppThemed () returned 0x1
[0183.744] GetThemeAppProperties () returned 0x3
[0183.744] GetThemeAppProperties () returned 0x3
[0183.744] IsThemePartDefined () returned 0x1
[0183.744] GdipCreateRegion (region=0xd7e118) returned 0x0
[0183.744] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0183.744] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0183.744] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0183.744] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e130) returned 0x0
[0183.744] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0183.744] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea98) returned 0x0
[0183.744] LocalFree (hMem=0x11eea98) returned 0x0
[0183.745] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0183.745] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0183.745] LocalFree (hMem=0x11ee868) returned 0x0
[0183.745] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0183.745] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e158) returned 0x0
[0183.745] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e148) returned 0x0
[0183.745] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0183.745] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0183.745] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0183.745] GetCurrentObject (hdc=0xf4010781, type=0x1) returned 0xb00017
[0183.745] GetCurrentObject (hdc=0xf4010781, type=0x2) returned 0x900010
[0183.745] GetCurrentObject (hdc=0xf4010781, type=0x7) returned 0x4a0507fe
[0183.745] GetCurrentObject (hdc=0xf4010781, type=0x6) returned 0x8a01c2
[0183.745] SaveDC (hdc=0xf4010781) returned 1
[0183.745] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x13040807
[0183.745] GetClipRgn (hdc=0xf4010781, hrgn=0x13040807) returned 0
[0183.745] SelectClipRgn (hdc=0xf4010781, hrgn=0x980407de) returned 2
[0183.746] DeleteObject (ho=0x13040807) returned 1
[0183.746] DeleteObject (ho=0x980407de) returned 1
[0183.746] OffsetViewportOrgEx (in: hdc=0xf4010781, x=0, y=0, lppt=0x2d6f198 | out: lppt=0x2d6f198) returned 1
[0183.746] IsAppThemed () returned 0x1
[0183.746] GetThemeAppProperties () returned 0x3
[0183.746] GetThemeAppProperties () returned 0x3
[0183.746] DrawThemeBackground () returned 0x0
[0183.746] RestoreDC (hdc=0xf4010781, nSavedDC=-1) returned 1
[0183.746] GdipReleaseDC (graphics=0x6600030, hdc=0xf4010781) returned 0x0
[0183.746] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0183.746] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0183.746] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0183.746] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0183.746] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e134) returned 0x0
[0183.746] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0183.746] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0183.747] LocalFree (hMem=0x11eec58) returned 0x0
[0183.747] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0183.747] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0183.747] LocalFree (hMem=0x11eead0) returned 0x0
[0183.747] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0183.747] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0183.747] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0183.747] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0183.747] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0183.747] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0183.747] GetCurrentObject (hdc=0xf4010781, type=0x1) returned 0xb00017
[0183.747] GetCurrentObject (hdc=0xf4010781, type=0x2) returned 0x900010
[0183.747] GetCurrentObject (hdc=0xf4010781, type=0x7) returned 0x4a0507fe
[0183.748] GetCurrentObject (hdc=0xf4010781, type=0x6) returned 0x8a01c2
[0183.748] SaveDC (hdc=0xf4010781) returned 1
[0183.748] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x990407de
[0183.748] GetClipRgn (hdc=0xf4010781, hrgn=0x990407de) returned 0
[0183.748] SelectClipRgn (hdc=0xf4010781, hrgn=0x14040807) returned 2
[0183.748] DeleteObject (ho=0x990407de) returned 1
[0183.748] DeleteObject (ho=0x14040807) returned 1
[0183.748] OffsetViewportOrgEx (in: hdc=0xf4010781, x=0, y=0, lppt=0x2d6f46c | out: lppt=0x2d6f46c) returned 1
[0183.748] IsAppThemed () returned 0x1
[0183.748] GetThemeAppProperties () returned 0x3
[0183.748] GetThemeAppProperties () returned 0x3
[0183.748] GetThemeBackgroundContentRect () returned 0x0
[0183.748] RestoreDC (hdc=0xf4010781, nSavedDC=-1) returned 1
[0183.748] GdipReleaseDC (graphics=0x6600030, hdc=0xf4010781) returned 0x0
[0183.748] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0183.748] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0183.749] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0183.749] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0183.749] IsAppThemed () returned 0x1
[0183.749] GetThemeAppProperties () returned 0x3
[0183.749] GetThemeAppProperties () returned 0x3
[0183.749] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0183.749] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0183.749] GetCurrentObject (hdc=0xf4010781, type=0x1) returned 0xb00017
[0183.749] GetCurrentObject (hdc=0xf4010781, type=0x2) returned 0x900010
[0183.749] GetCurrentObject (hdc=0xf4010781, type=0x7) returned 0x4a0507fe
[0183.749] GetCurrentObject (hdc=0xf4010781, type=0x6) returned 0x8a01c2
[0183.749] SaveDC (hdc=0xf4010781) returned 1
[0183.749] GetTextAlign (hdc=0xf4010781) returned 0x0
[0183.749] GetTextColor (hdc=0xf4010781) returned 0x0
[0183.749] GetCurrentObject (hdc=0xf4010781, type=0x6) returned 0x8a01c2
[0183.749] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0183.750] SelectObject (hdc=0xf4010781, h=0x6d0a0520) returned 0x8a01c2
[0183.750] GetBkMode (hdc=0xf4010781) returned 2
[0183.750] SetBkMode (hdc=0xf4010781, mode=1) returned 2
[0183.750] DrawTextExW (in: hdc=0xf4010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d6f830 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0183.750] DrawTextExW (in: hdc=0xf4010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d6f830 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0183.751] RestoreDC (hdc=0xf4010781, nSavedDC=-1) returned 1
[0183.751] GdipReleaseDC (graphics=0x6600030, hdc=0xf4010781) returned 0x0
[0183.751] GetFocus () returned 0x602c4
[0183.751] IsAppThemed () returned 0x1
[0183.751] GetThemeAppProperties () returned 0x3
[0183.751] GetThemeAppProperties () returned 0x3
[0183.751] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0183.751] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xf4010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0183.751] GdipReleaseDC (graphics=0x6600030, hdc=0xf4010781) returned 0x0
[0183.751] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0183.752] SelectObject (hdc=0xf4010781, h=0x85000f) returned 0x4a0507fe
[0183.752] DeleteDC (hdc=0xf4010781) returned 1
[0183.752] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0183.752] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0183.752] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d6f92c, cPoints=0x1 | out: lpPoints=0x2d6f92c) returned 40304859
[0183.752] WindowFromPoint (Point=0xf4) returned 0x602c4
[0183.752] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f4) returned 0x1
[0183.752] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0183.752] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0183.752] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0183.752] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0183.752] GetSystemMetrics (nIndex=42) returned 0
[0183.753] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0183.753] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0183.755] GetCapture () returned 0x602c4
[0183.755] ReleaseCapture () returned 1
[0183.755] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0183.755] GetProcessWindowStation () returned 0x13c
[0183.756] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.756] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0183.756] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.756] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0183.757] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.757] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0183.757] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.757] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0183.757] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.757] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0183.758] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.758] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0183.758] GetDC (hWnd=0x0) returned 0x10105d6
[0183.758] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0183.758] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0183.759] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0183.759] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0183.759] GetSystemMetrics (nIndex=5) returned 1
[0183.759] GetSystemMetrics (nIndex=6) returned 1
[0183.759] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.759] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0183.759] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.760] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0183.763] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0183.763] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0183.763] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.763] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0183.764] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.764] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0183.765] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d75348 | out: lpData=0x2d75348) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d75758, puLen=0xd7e810) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d75400, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d75454, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d754d4, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7553c, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7557c, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d75604, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d75640, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d75698, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d756c8, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d75704, puLen=0xd7e790) returned 1
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d75758, puLen=0xd7e784) returned 1
[0183.766] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.766] VerQueryValueW (in: pBlock=0x2d75348, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d75370, puLen=0xd7e794) returned 1
[0183.767] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0183.767] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0183.767] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.767] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0183.768] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.768] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0183.768] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d772b8 | out: lpData=0x2d772b8) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d77354, puLen=0xd7e810) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d773cc, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d773fc, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d77438, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d77468, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d774b0, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d77528, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7756c, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d775ac, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d773aa, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d774f8, puLen=0xd7e790) returned 1
[0183.768] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.769] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.769] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d77354, puLen=0xd7e784) returned 1
[0183.769] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0183.769] VerQueryValueW (in: pBlock=0x2d772b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d772e0, puLen=0xd7e794) returned 1
[0183.770] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0183.770] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0183.770] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.770] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0183.770] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.770] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0183.771] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d79590 | out: lpData=0x2d79590) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d799a4, puLen=0xd7e810) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79648, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7969c, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d796f8, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79758, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d797b0, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79838, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7988c, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d798e4, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79914, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79950, puLen=0xd7e790) returned 1
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d799a4, puLen=0xd7e784) returned 1
[0183.772] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.772] VerQueryValueW (in: pBlock=0x2d79590, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d795b8, puLen=0xd7e794) returned 1
[0183.773] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0183.773] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0183.773] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.773] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0183.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.774] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0183.775] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d7bbc8 | out: lpData=0x2d7bbc8) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d7bfc8, puLen=0xd7e810) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bc80, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bcd4, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bd14, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bd7c, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bdd4, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7be5c, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7beb0, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bf08, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bf38, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bf74, puLen=0xd7e790) returned 1
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d7bfc8, puLen=0xd7e784) returned 1
[0183.776] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.776] VerQueryValueW (in: pBlock=0x2d7bbc8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d7bbf0, puLen=0xd7e794) returned 1
[0183.777] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0183.777] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0183.777] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.778] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0183.778] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.778] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0183.780] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d7e304 | out: lpData=0x2d7e304) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d7e6cc, puLen=0xd7e810) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e3bc, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e410, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e450, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e4b8, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e4f4, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e57c, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e5b4, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e60c, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e63c, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e678, puLen=0xd7e790) returned 1
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d7e6cc, puLen=0xd7e784) returned 1
[0183.781] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.781] VerQueryValueW (in: pBlock=0x2d7e304, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d7e32c, puLen=0xd7e794) returned 1
[0183.782] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0183.782] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0183.782] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.782] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0183.782] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.783] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0183.783] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d8196c | out: lpData=0x2d8196c) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d81d4c, puLen=0xd7e810) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81a24, puLen=0xd7e790) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81a78, puLen=0xd7e790) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81ab8, puLen=0xd7e790) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81b18, puLen=0xd7e790) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81b64, puLen=0xd7e790) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81bec, puLen=0xd7e790) returned 1
[0183.784] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81c34, puLen=0xd7e790) returned 1
[0183.785] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81c8c, puLen=0xd7e790) returned 1
[0183.785] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81cbc, puLen=0xd7e790) returned 1
[0183.785] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.785] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d81cf8, puLen=0xd7e790) returned 1
[0183.785] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.785] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d81d4c, puLen=0xd7e784) returned 1
[0183.785] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.785] VerQueryValueW (in: pBlock=0x2d8196c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d81994, puLen=0xd7e794) returned 1
[0183.786] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0183.786] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0183.786] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.786] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0183.786] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.786] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0183.787] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d8418c | out: lpData=0x2d8418c) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d84598, puLen=0xd7e810) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84244, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84298, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d842ec, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8434c, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d843a4, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8442c, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84480, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d844d8, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84508, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84544, puLen=0xd7e790) returned 1
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d84598, puLen=0xd7e784) returned 1
[0183.788] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.788] VerQueryValueW (in: pBlock=0x2d8418c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d841b4, puLen=0xd7e794) returned 1
[0183.789] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0183.789] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0183.789] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.790] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0183.790] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.790] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0183.791] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d869a0 | out: lpData=0x2d869a0) returned 1
[0183.791] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d86d78, puLen=0xd7e810) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86a58, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86aac, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86aec, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86b54, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86b98, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86c20, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86c60, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86cb8, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86ce8, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86d24, puLen=0xd7e790) returned 1
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d86d78, puLen=0xd7e784) returned 1
[0183.792] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.792] VerQueryValueW (in: pBlock=0x2d869a0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d869c8, puLen=0xd7e794) returned 1
[0183.793] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0183.793] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0183.793] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.793] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0183.793] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.793] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0183.795] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d88ef8 | out: lpData=0x2d88ef8) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d892d0, puLen=0xd7e810) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d88fb0, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d89004, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d89044, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d890ac, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d890f0, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d89178, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d891b8, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d89210, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d89240, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8927c, puLen=0xd7e790) returned 1
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d892d0, puLen=0xd7e784) returned 1
[0183.796] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.796] VerQueryValueW (in: pBlock=0x2d88ef8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d88f20, puLen=0xd7e794) returned 1
[0183.797] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0183.797] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0183.797] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0183.797] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0183.798] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0183.798] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0183.798] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d8b630 | out: lpData=0x2d8b630) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d8ba60, puLen=0xd7e810) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b6e8, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b73c, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b7ac, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b80c, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b868, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b8f0, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b948, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b9a0, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b9d0, puLen=0xd7e790) returned 1
[0183.799] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.800] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8ba0c, puLen=0xd7e790) returned 1
[0183.800] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0183.800] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d8ba60, puLen=0xd7e784) returned 1
[0183.800] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0183.800] VerQueryValueW (in: pBlock=0x2d8b630, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8b658, puLen=0xd7e794) returned 1
[0183.800] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0183.800] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.801] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0183.801] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.801] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.801] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002d8
[0183.802] SetWindowLongW (hWnd=0x1002d8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0183.802] GetWindowLongW (hWnd=0x1002d8, nIndex=-4) returned 1950089536
[0183.802] SetWindowLongW (hWnd=0x1002d8, nIndex=-4, dwNewLong=19943806) returned 1950089536
[0183.802] GetWindowLongW (hWnd=0x1002d8, nIndex=-4) returned 19943806
[0183.802] GetWindowLongW (hWnd=0x1002d8, nIndex=-16) returned 113311744
[0183.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0183.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0183.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0183.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0183.804] GetClientRect (in: hWnd=0x1002d8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0183.804] GetWindowRect (in: hWnd=0x1002d8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0183.804] SetWindowTextW (hWnd=0x1002d8, lpString="WindowsFormsParkingWindow") returned 1
[0183.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0xc, wParam=0x0, lParam=0x2d50b08) returned 0x1
[0183.805] GetParent (hWnd=0x1002d8) returned 0x0
[0183.805] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.805] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1002d8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc005a
[0183.805] SetWindowLongW (hWnd=0xc005a, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0183.806] GetWindowLongW (hWnd=0xc005a, nIndex=-4) returned 1868147648
[0183.806] SetWindowLongW (hWnd=0xc005a, nIndex=-4, dwNewLong=19943726) returned 1868147648
[0183.806] GetWindowLongW (hWnd=0xc005a, nIndex=-4) returned 19943726
[0183.806] GetWindowLongW (hWnd=0xc005a, nIndex=-16) returned 1174405133
[0183.806] GetWindowLongW (hWnd=0xc005a, nIndex=-12) returned 0
[0183.806] SetWindowLongW (hWnd=0xc005a, nIndex=-12, dwNewLong=786522) returned 0
[0183.806] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0183.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0183.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0183.808] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0183.808] GetWindowRect (in: hWnd=0xc005a, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0183.808] GetParent (hWnd=0xc005a) returned 0x1002d8
[0183.808] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0183.808] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0183.809] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0183.809] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0183.809] GetWindowRect (in: hWnd=0xc005a, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0183.809] GetParent (hWnd=0xc005a) returned 0x1002d8
[0183.809] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0183.809] SendMessageW (hWnd=0xc005a, Msg=0x2210, wParam=0x5a0001, lParam=0xc005a) returned 0x0
[0183.809] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x2210, wParam=0x5a0001, lParam=0xc005a) returned 0x0
[0183.809] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.811] GetParent (hWnd=0xc005a) returned 0x1002d8
[0183.811] GdipCreateFromHWND (hwnd=0xc005a, graphics=0xd7e844) returned 0x0
[0183.812] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0183.813] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0183.813] GetForegroundWindow () returned 0x7005c
[0183.813] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.813] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.813] GetSystemMetrics (nIndex=42) returned 0
[0183.813] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.813] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0183.814] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0183.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.814] GetSystemMetrics (nIndex=42) returned 0
[0183.814] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0183.814] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.814] GetCursorPos (in: lpPoint=0x2d8fab4 | out: lpPoint=0x2d8fab4*(x=244, y=619)) returned 1
[0183.814] MonitorFromPoint (pt=0xf4, dwFlags=0x26b) returned 0x10001
[0183.815] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0183.815] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf7010781
[0183.815] GetDeviceCaps (hdc=0xf7010781, index=12) returned 32
[0183.815] GetDeviceCaps (hdc=0xf7010781, index=14) returned 1
[0183.815] DeleteDC (hdc=0xf7010781) returned 1
[0183.815] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0183.815] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0183.815] GetSystemMetrics (nIndex=59) returned 1460
[0183.815] GetSystemMetrics (nIndex=60) returned 920
[0183.815] GetSystemMetrics (nIndex=34) returned 136
[0183.815] GetSystemMetrics (nIndex=35) returned 39
[0183.816] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.816] GetCursorPos (in: lpPoint=0x2d8fd20 | out: lpPoint=0x2d8fd20*(x=244, y=619)) returned 1
[0183.816] MonitorFromPoint (pt=0xf6, dwFlags=0x26d) returned 0x10001
[0183.816] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0183.816] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf8010781
[0183.816] GetDeviceCaps (hdc=0xf8010781, index=12) returned 32
[0183.816] GetDeviceCaps (hdc=0xf8010781, index=14) returned 1
[0183.816] DeleteDC (hdc=0xf8010781) returned 1
[0183.817] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0183.817] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0183.817] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.817] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0183.817] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d8ffb8 | out: piconinfo=0x2d8ffb8) returned 1
[0183.817] GetObjectW (in: h=0x160507f1, c=24, pv=0x2d8ffd4 | out: pv=0x2d8ffd4) returned 24
[0183.818] GdipCreateBitmapFromHBITMAP (hbm=0x160507f1, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0183.818] GdipGetImageWidth (image=0x6602a58, width=0xd7e750) returned 0x0
[0183.818] GdipGetImageHeight (image=0x6602a58, height=0xd7e748) returned 0x0
[0183.818] GdipGetImagePixelFormat (image=0x6602a58, format=0xd7e740) returned 0x0
[0183.818] GdipBitmapLockBits (bitmap=0x6602a58, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d9008c) returned 0x0
[0183.818] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0183.818] GdipBitmapLockBits (bitmap=0x66019f0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d900c4) returned 0x0
[0183.818] RtlMoveMemory (in: Destination=0x6661f60, Source=0x665eec0, Length=0x80 | out: Destination=0x6661f60)
[0183.819] RtlMoveMemory (in: Destination=0x6661fe0, Source=0x665ee40, Length=0x80 | out: Destination=0x6661fe0)
[0183.819] RtlMoveMemory (in: Destination=0x6662060, Source=0x665edc0, Length=0x80 | out: Destination=0x6662060)
[0183.819] RtlMoveMemory (in: Destination=0x66620e0, Source=0x665ed40, Length=0x80 | out: Destination=0x66620e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662160, Source=0x665ecc0, Length=0x80 | out: Destination=0x6662160)
[0183.819] RtlMoveMemory (in: Destination=0x66621e0, Source=0x665ec40, Length=0x80 | out: Destination=0x66621e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662260, Source=0x665ebc0, Length=0x80 | out: Destination=0x6662260)
[0183.819] RtlMoveMemory (in: Destination=0x66622e0, Source=0x665eb40, Length=0x80 | out: Destination=0x66622e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662360, Source=0x665eac0, Length=0x80 | out: Destination=0x6662360)
[0183.819] RtlMoveMemory (in: Destination=0x66623e0, Source=0x665ea40, Length=0x80 | out: Destination=0x66623e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662460, Source=0x665e9c0, Length=0x80 | out: Destination=0x6662460)
[0183.819] RtlMoveMemory (in: Destination=0x66624e0, Source=0x665e940, Length=0x80 | out: Destination=0x66624e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662560, Source=0x665e8c0, Length=0x80 | out: Destination=0x6662560)
[0183.819] RtlMoveMemory (in: Destination=0x66625e0, Source=0x665e840, Length=0x80 | out: Destination=0x66625e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662660, Source=0x665e7c0, Length=0x80 | out: Destination=0x6662660)
[0183.819] RtlMoveMemory (in: Destination=0x66626e0, Source=0x665e740, Length=0x80 | out: Destination=0x66626e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662760, Source=0x665e6c0, Length=0x80 | out: Destination=0x6662760)
[0183.819] RtlMoveMemory (in: Destination=0x66627e0, Source=0x665e640, Length=0x80 | out: Destination=0x66627e0)
[0183.819] RtlMoveMemory (in: Destination=0x6662860, Source=0x665e5c0, Length=0x80 | out: Destination=0x6662860)
[0183.820] RtlMoveMemory (in: Destination=0x66628e0, Source=0x665e540, Length=0x80 | out: Destination=0x66628e0)
[0183.820] RtlMoveMemory (in: Destination=0x6662960, Source=0x665e4c0, Length=0x80 | out: Destination=0x6662960)
[0183.820] RtlMoveMemory (in: Destination=0x66629e0, Source=0x665e440, Length=0x80 | out: Destination=0x66629e0)
[0183.820] RtlMoveMemory (in: Destination=0x6662a60, Source=0x665e3c0, Length=0x80 | out: Destination=0x6662a60)
[0183.820] RtlMoveMemory (in: Destination=0x6662ae0, Source=0x665e340, Length=0x80 | out: Destination=0x6662ae0)
[0183.820] RtlMoveMemory (in: Destination=0x6662b60, Source=0x665e2c0, Length=0x80 | out: Destination=0x6662b60)
[0183.820] RtlMoveMemory (in: Destination=0x6662be0, Source=0x665e240, Length=0x80 | out: Destination=0x6662be0)
[0183.820] RtlMoveMemory (in: Destination=0x6662c60, Source=0x665e1c0, Length=0x80 | out: Destination=0x6662c60)
[0183.820] RtlMoveMemory (in: Destination=0x6662ce0, Source=0x665e140, Length=0x80 | out: Destination=0x6662ce0)
[0183.820] RtlMoveMemory (in: Destination=0x6662d60, Source=0x665e0c0, Length=0x80 | out: Destination=0x6662d60)
[0183.820] RtlMoveMemory (in: Destination=0x6662de0, Source=0x665e040, Length=0x80 | out: Destination=0x6662de0)
[0183.820] RtlMoveMemory (in: Destination=0x6662e60, Source=0x665dfc0, Length=0x80 | out: Destination=0x6662e60)
[0183.820] RtlMoveMemory (in: Destination=0x6662ee0, Source=0x665df40, Length=0x80 | out: Destination=0x6662ee0)
[0183.820] GdipBitmapUnlockBits (bitmap=0x6602a58, lockedBitmapData=0x2d9008c) returned 0x0
[0183.820] GdipBitmapUnlockBits (bitmap=0x66019f0, lockedBitmapData=0x2d900c4) returned 0x0
[0183.820] GdipDisposeImage (image=0x6602a58) returned 0x0
[0183.821] DeleteObject (ho=0x160507f1) returned 1
[0183.821] DeleteObject (ho=0xf9050781) returned 1
[0183.821] GetCurrentThreadId () returned 0xf50
[0183.821] GetCurrentThreadId () returned 0xf50
[0183.821] SetWindowPos (hWnd=0xc005a, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0183.821] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0183.821] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0183.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0183.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0183.822] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0183.822] GetWindowRect (in: hWnd=0xc005a, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0183.822] GetParent (hWnd=0xc005a) returned 0x1002d8
[0183.822] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0183.822] InvalidateRect (hWnd=0xc005a, lpRect=0x0, bErase=1) returned 1
[0183.822] GetWindowTextLengthW (hWnd=0xc005a) returned 0
[0183.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0183.822] GetSystemMetrics (nIndex=42) returned 0
[0183.822] GetWindowTextW (in: hWnd=0xc005a, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0183.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0183.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0183.822] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0183.822] GetWindowRect (in: hWnd=0xc005a, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0183.822] GetParent (hWnd=0xc005a) returned 0x1002d8
[0183.822] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0183.823] GetWindowTextLengthW (hWnd=0xc005a) returned 0
[0183.823] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0183.823] GetSystemMetrics (nIndex=42) returned 0
[0183.823] GetWindowTextW (in: hWnd=0xc005a, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0183.823] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0183.823] GetWindowTextLengthW (hWnd=0xc005a) returned 0
[0183.823] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0183.823] GetSystemMetrics (nIndex=42) returned 0
[0183.823] GetWindowTextW (in: hWnd=0xc005a, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0183.823] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0183.823] SetWindowTextW (hWnd=0xc005a, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0183.823] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xc, wParam=0x0, lParam=0x2d70f20) returned 0x1
[0183.823] InvalidateRect (hWnd=0xc005a, lpRect=0x0, bErase=1) returned 1
[0183.823] GetCurrentThreadId () returned 0xf50
[0183.823] GetWindowThreadProcessId (in: hWnd=0xc005a, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0183.824] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0183.825] GdipImageForceValidation (image=0x6600988) returned 0x0
[0183.827] GdipGetImageRawFormat (image=0x6600988, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0183.827] GdipGetImageHeight (image=0x6600988, height=0xd7e824) returned 0x0
[0183.827] GdipGetImageWidth (image=0x6600988, width=0xd7e824) returned 0x0
[0183.827] GdipGetImageWidth (image=0x6600988, width=0xd7e810) returned 0x0
[0183.827] GdipGetImageHeight (image=0x6600988, height=0xd7e810) returned 0x0
[0183.827] GdipGetImageWidth (image=0x6600988, width=0xd7e800) returned 0x0
[0183.827] GdipGetImageHeight (image=0x6600988, height=0xd7e800) returned 0x0
[0183.827] GdipBitmapGetPixel (bitmap=0x6600988, x=0, y=15, color=0xd7e810) returned 0x0
[0183.827] GdipGetImageRawFormat (image=0x6600988, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0183.827] GdipGetImageWidth (image=0x6600988, width=0xd7e740) returned 0x0
[0183.827] GdipGetImageHeight (image=0x6600988, height=0xd7e740) returned 0x0
[0183.828] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0183.828] GdipGetImagePixelFormat (image=0x6601d38, format=0xd7e740) returned 0x0
[0183.828] GdipGetImageGraphicsContext (image=0x6601d38, graphics=0xd7e74c) returned 0x0
[0183.828] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0183.828] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0183.828] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0183.828] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600988, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0183.828] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0183.828] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0183.828] GdipDisposeImage (image=0x6600988) returned 0x0
[0183.829] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0183.830] GdipImageForceValidation (image=0x66023c8) returned 0x0
[0183.831] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0183.831] GdipGetImageHeight (image=0x66023c8, height=0xd7e824) returned 0x0
[0183.831] GdipGetImageWidth (image=0x66023c8, width=0xd7e824) returned 0x0
[0183.832] GdipGetImageWidth (image=0x66023c8, width=0xd7e810) returned 0x0
[0183.832] GdipGetImageHeight (image=0x66023c8, height=0xd7e810) returned 0x0
[0183.832] GdipGetImageWidth (image=0x66023c8, width=0xd7e800) returned 0x0
[0183.832] GdipGetImageHeight (image=0x66023c8, height=0xd7e800) returned 0x0
[0183.832] GdipBitmapGetPixel (bitmap=0x66023c8, x=0, y=15, color=0xd7e810) returned 0x0
[0183.832] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0183.832] GdipGetImageWidth (image=0x66023c8, width=0xd7e740) returned 0x0
[0183.832] GdipGetImageHeight (image=0x66023c8, height=0xd7e740) returned 0x0
[0183.832] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0183.832] GdipGetImagePixelFormat (image=0x6600988, format=0xd7e740) returned 0x0
[0183.832] GdipGetImageGraphicsContext (image=0x6600988, graphics=0xd7e74c) returned 0x0
[0183.832] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0183.832] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0183.832] GdipSetImageAttributesColorKeys (imageattr=0x6638cc8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0183.832] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66023c8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cc8, callback=0x0, callbackData=0x0) returned 0x0
[0183.833] GdipDisposeImageAttributes (imageattr=0x6638cc8) returned 0x0
[0183.833] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0183.833] GdipDisposeImage (image=0x66023c8) returned 0x0
[0183.833] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.833] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0183.834] GetCurrentThreadId () returned 0xf50
[0183.834] GetCurrentThreadId () returned 0xf50
[0183.834] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.834] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0183.834] GetCurrentThreadId () returned 0xf50
[0183.834] GetCurrentThreadId () returned 0xf50
[0183.834] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.834] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0183.834] GetCurrentThreadId () returned 0xf50
[0183.834] GetCurrentThreadId () returned 0xf50
[0183.834] GetSystemMetrics (nIndex=5) returned 1
[0183.835] GetSystemMetrics (nIndex=6) returned 1
[0183.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.835] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0183.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.835] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0183.836] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.836] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0183.836] GetCurrentThreadId () returned 0xf50
[0183.836] GetCurrentThreadId () returned 0xf50
[0183.836] GetProcessWindowStation () returned 0x13c
[0183.836] GetCapture () returned 0x0
[0183.836] GetActiveWindow () returned 0x7005c
[0183.836] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0183.836] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.836] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0183.836] GetCursorPos (in: lpPoint=0x2d91204 | out: lpPoint=0x2d91204*(x=244, y=619)) returned 1
[0183.837] MonitorFromPoint (pt=0xf4, dwFlags=0x26b) returned 0x10001
[0183.837] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0183.837] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfa010781
[0183.837] GetDeviceCaps (hdc=0xfa010781, index=12) returned 32
[0183.837] GetDeviceCaps (hdc=0xfa010781, index=14) returned 1
[0183.837] DeleteDC (hdc=0xfa010781) returned 1
[0183.837] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0183.838] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.838] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1100ea
[0183.838] SetWindowLongW (hWnd=0x1100ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0183.838] GetWindowLongW (hWnd=0x1100ea, nIndex=-4) returned 1950089536
[0183.839] SetWindowLongW (hWnd=0x1100ea, nIndex=-4, dwNewLong=19943846) returned 1950089536
[0183.839] GetWindowLongW (hWnd=0x1100ea, nIndex=-4) returned 19943846
[0183.839] GetWindowLongW (hWnd=0x1100ea, nIndex=-16) returned 113770496
[0183.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0183.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0183.842] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0183.842] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0183.842] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0183.842] SetWindowTextW (hWnd=0x1100ea, lpString="BB ransomware") returned 1
[0183.842] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xc, wParam=0x0, lParam=0x2d8f9a0) returned 0x1
[0183.843] GetStartupInfoW (in: lpStartupInfo=0x2d91540 | out: lpStartupInfo=0x2d91540*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0183.844] GetParent (hWnd=0x1100ea) returned 0x0
[0183.845] SetWindowLongW (hWnd=0x1100ea, nIndex=-8, dwNewLong=0) returned 0
[0183.845] SendMessageW (hWnd=0x1100ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0183.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0183.846] SendMessageW (hWnd=0x1100ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0183.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0183.846] GetSystemMenu (hWnd=0x1100ea, bRevert=0) returned 0x41020f
[0183.846] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0183.846] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0183.847] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0183.847] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0183.847] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0183.847] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0183.847] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0183.847] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0183.847] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0183.847] SetWindowPos (hWnd=0x1100ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0183.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0183.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1100ea) returned 0x1
[0183.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0183.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0183.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0183.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0183.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0183.855] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1100ea, lParam=0x0) returned 0x0
[0183.855] GetCapture () returned 0x0
[0183.855] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0183.856] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0183.858] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0183.859] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0183.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0183.860] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0183.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0183.861] GetParent (hWnd=0x1100ea) returned 0x0
[0183.861] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0183.861] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0183.863] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0183.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0183.863] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0183.863] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0183.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0183.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0183.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0183.866] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.866] GetWindowLongW (hWnd=0x1100ea, nIndex=-16) returned 113770496
[0183.866] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0183.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.866] GetSystemMetrics (nIndex=42) returned 0
[0183.866] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0183.866] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0183.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.867] GetSystemMetrics (nIndex=42) returned 0
[0183.867] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0183.867] GetCursorPos (in: lpPoint=0x2d9177c | out: lpPoint=0x2d9177c*(x=244, y=619)) returned 1
[0183.867] MonitorFromPoint (pt=0xf4, dwFlags=0x26b) returned 0x10001
[0183.867] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0183.867] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xaf0107e8
[0183.867] GetDeviceCaps (hdc=0xaf0107e8, index=12) returned 32
[0183.867] GetDeviceCaps (hdc=0xaf0107e8, index=14) returned 1
[0183.867] DeleteDC (hdc=0xaf0107e8) returned 1
[0183.867] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0183.868] GetWindowLongW (hWnd=0x1100ea, nIndex=-16) returned 113770496
[0183.868] GetWindowLongW (hWnd=0x1100ea, nIndex=-20) returned 327945
[0183.868] SetWindowLongW (hWnd=0x1100ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0183.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0183.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0183.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0183.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0183.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0183.870] SetWindowLongW (hWnd=0x1100ea, nIndex=-20, dwNewLong=327681) returned 327945
[0183.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0183.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0183.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0183.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0183.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0183.877] SetWindowPos (hWnd=0x1100ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0183.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0183.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0183.878] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0183.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0183.878] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0183.878] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0183.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0183.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0183.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0183.880] RedrawWindow (hWnd=0x1100ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0183.880] GetSystemMenu (hWnd=0x1100ea, bRevert=0) returned 0x41020f
[0183.880] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0183.880] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0183.880] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0183.880] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0183.880] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0183.880] EnableMenuItem (hMenu=0x41020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0183.880] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0183.880] GetWindowLongW (hWnd=0x1100ea, nIndex=-8) returned 0
[0183.880] SetWindowLongW (hWnd=0x1100ea, nIndex=-8, dwNewLong=458844) returned 0
[0183.881] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0183.881] GetProcessWindowStation () returned 0x13c
[0183.882] GetCurrentThreadId () returned 0xf50
[0183.882] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13051f6, lParam=0x0) returned 1
[0183.882] IsWindowVisible (hWnd=0x1100ea) returned 0
[0183.882] IsWindowVisible (hWnd=0x7005c) returned 1
[0183.882] IsWindowEnabled (hWnd=0x7005c) returned 1
[0183.882] IsWindowVisible (hWnd=0x300ec) returned 0
[0183.882] IsWindowVisible (hWnd=0x502c6) returned 0
[0183.882] IsWindowVisible (hWnd=0x502be) returned 0
[0183.882] GetActiveWindow () returned 0x1100ea
[0183.882] GetFocus () returned 0x1100ea
[0183.882] IsWindow (hWnd=0x7005c) returned 1
[0183.883] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0183.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0183.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0183.883] GetWindowLongW (hWnd=0x1100ea, nIndex=-8) returned 458844
[0183.883] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0183.883] GetCurrentThreadId () returned 0xf50
[0183.883] GetWindowLongW (hWnd=0x1100ea, nIndex=-8) returned 458844
[0183.883] IsWindowEnabled (hWnd=0x7005c) returned 0
[0183.883] IsWindowEnabled (hWnd=0x1100ea) returned 1
[0183.884] ShowWindow (hWnd=0x1100ea, nCmdShow=5) returned 0
[0183.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.884] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0183.884] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.885] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.885] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1100ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02da
[0183.885] SetWindowLongW (hWnd=0xe02da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0183.885] GetWindowLongW (hWnd=0xe02da, nIndex=-4) returned 1950089536
[0183.885] SetWindowLongW (hWnd=0xe02da, nIndex=-4, dwNewLong=19944086) returned 1950089536
[0183.886] GetWindowLongW (hWnd=0xe02da, nIndex=-4) returned 19944086
[0183.886] GetWindowLongW (hWnd=0xe02da, nIndex=-16) returned 1174405120
[0183.886] GetWindowLongW (hWnd=0xe02da, nIndex=-12) returned 0
[0183.886] SetWindowLongW (hWnd=0xe02da, nIndex=-12, dwNewLong=918234) returned 0
[0183.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0183.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0183.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0183.887] GetWindow (hWnd=0xe02da, uCmd=0x3) returned 0x0
[0183.887] GetClientRect (in: hWnd=0xe02da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0183.887] GetWindowRect (in: hWnd=0xe02da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0183.887] GetParent (hWnd=0xe02da) returned 0x1100ea
[0183.887] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0183.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0183.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0183.896] GetClientRect (in: hWnd=0xe02da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0183.896] GetWindowRect (in: hWnd=0xe02da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0183.896] GetParent (hWnd=0xe02da) returned 0x1100ea
[0183.896] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0183.896] SendMessageW (hWnd=0xe02da, Msg=0x2210, wParam=0x2da0001, lParam=0xe02da) returned 0x0
[0183.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x2210, wParam=0x2da0001, lParam=0xe02da) returned 0x0
[0183.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.897] GetParent (hWnd=0xe02da) returned 0x1100ea
[0183.897] GetParent (hWnd=0xc005a) returned 0x1002d8
[0183.897] SetParent (hWndChild=0xc005a, hWndNewParent=0x1100ea) returned 0x1002d8
[0183.897] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0183.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0183.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0183.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0183.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0183.898] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0183.898] GetWindowRect (in: hWnd=0xc005a, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0183.898] GetParent (hWnd=0xc005a) returned 0x1100ea
[0183.898] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0183.898] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0183.898] GetWindowRect (in: hWnd=0xc005a, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0183.898] GetParent (hWnd=0xc005a) returned 0x1100ea
[0183.898] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0183.898] GetParent (hWnd=0xc005a) returned 0x1100ea
[0183.899] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.899] GetWindow (hWnd=0xc005a, uCmd=0x3) returned 0x0
[0183.899] SetWindowPos (hWnd=0xc005a, hWndInsertAfter=0xe02da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0183.899] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0183.900] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0183.900] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0183.900] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0183.900] GetWindowRect (in: hWnd=0xc005a, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0183.900] GetParent (hWnd=0xc005a) returned 0x1100ea
[0183.900] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0183.900] GetParent (hWnd=0xc005a) returned 0x1100ea
[0183.900] GetWindow (hWnd=0xc005a, uCmd=0x3) returned 0xe02da
[0183.900] GetWindowThreadProcessId (in: hWnd=0xc005a, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0183.900] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0183.900] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.901] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.901] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1100ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x10013e
[0183.901] SetWindowLongW (hWnd=0x10013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0183.902] GetWindowLongW (hWnd=0x10013e, nIndex=-4) returned 1868032000
[0183.902] SetWindowLongW (hWnd=0x10013e, nIndex=-4, dwNewLong=19944166) returned 1868032000
[0183.902] GetWindowLongW (hWnd=0x10013e, nIndex=-4) returned 19944166
[0183.902] GetWindowLongW (hWnd=0x10013e, nIndex=-16) returned 1174470667
[0183.902] GetWindowLongW (hWnd=0x10013e, nIndex=-12) returned 0
[0183.902] SetWindowLongW (hWnd=0x10013e, nIndex=-12, dwNewLong=1048894) returned 0
[0183.902] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0183.903] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0183.904] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0183.905] SendMessageW (hWnd=0x10013e, Msg=0x2055, wParam=0x10013e, lParam=0x3) returned 0x2
[0183.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0183.905] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0183.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0183.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0183.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0183.905] RedrawWindow (hWnd=0xe02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0183.905] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0183.906] RedrawWindow (hWnd=0xc005a, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0183.906] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0183.906] RedrawWindow (hWnd=0x10013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0183.906] RedrawWindow (hWnd=0x1100ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0183.906] GetWindow (hWnd=0x10013e, uCmd=0x3) returned 0xc005a
[0183.906] GetClientRect (in: hWnd=0x10013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0183.906] GetWindowRect (in: hWnd=0x10013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0183.906] GetParent (hWnd=0x10013e) returned 0x1100ea
[0183.906] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0183.906] SetWindowTextW (hWnd=0x10013e, lpString="&Details") returned 1
[0183.906] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0183.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0183.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0183.907] GetClientRect (in: hWnd=0x10013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0183.907] GetWindowRect (in: hWnd=0x10013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0183.907] GetParent (hWnd=0x10013e) returned 0x1100ea
[0183.907] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0183.907] SendMessageW (hWnd=0x10013e, Msg=0x2210, wParam=0x13e0001, lParam=0x10013e) returned 0x0
[0183.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x2210, wParam=0x13e0001, lParam=0x10013e) returned 0x0
[0183.908] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.908] GetParent (hWnd=0x10013e) returned 0x1100ea
[0183.908] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0183.908] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.909] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.909] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1100ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02de
[0183.909] SetWindowLongW (hWnd=0xe02de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0183.909] GetWindowLongW (hWnd=0xe02de, nIndex=-4) returned 1868032000
[0183.910] SetWindowLongW (hWnd=0xe02de, nIndex=-4, dwNewLong=19944006) returned 1868032000
[0183.910] GetWindowLongW (hWnd=0xe02de, nIndex=-4) returned 19944006
[0183.910] GetWindowLongW (hWnd=0xe02de, nIndex=-16) returned 1174470667
[0183.910] GetWindowLongW (hWnd=0xe02de, nIndex=-12) returned 0
[0183.910] SetWindowLongW (hWnd=0xe02de, nIndex=-12, dwNewLong=918238) returned 0
[0183.910] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0183.911] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0183.911] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0183.912] SendMessageW (hWnd=0xe02de, Msg=0x2055, wParam=0xe02de, lParam=0x3) returned 0x2
[0183.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0183.912] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0183.912] GetWindow (hWnd=0xe02de, uCmd=0x3) returned 0x10013e
[0183.912] GetClientRect (in: hWnd=0xe02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0183.912] GetWindowRect (in: hWnd=0xe02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0183.912] GetParent (hWnd=0xe02de) returned 0x1100ea
[0183.912] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0183.912] SetWindowTextW (hWnd=0xe02de, lpString="&Continue") returned 1
[0183.912] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0183.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0183.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0183.913] GetClientRect (in: hWnd=0xe02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0183.913] GetWindowRect (in: hWnd=0xe02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0183.913] GetParent (hWnd=0xe02de) returned 0x1100ea
[0183.913] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0183.913] SendMessageW (hWnd=0xe02de, Msg=0x2210, wParam=0x2de0001, lParam=0xe02de) returned 0x0
[0183.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x2210, wParam=0x2de0001, lParam=0xe02de) returned 0x0
[0183.914] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.914] GetParent (hWnd=0xe02de) returned 0x1100ea
[0183.914] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0183.914] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.915] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.915] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1100ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02d2
[0183.915] SetWindowLongW (hWnd=0xf02d2, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0183.915] GetWindowLongW (hWnd=0xf02d2, nIndex=-4) returned 1868032000
[0183.916] SetWindowLongW (hWnd=0xf02d2, nIndex=-4, dwNewLong=19943886) returned 1868032000
[0183.916] GetWindowLongW (hWnd=0xf02d2, nIndex=-4) returned 19943886
[0183.916] GetWindowLongW (hWnd=0xf02d2, nIndex=-16) returned 1174470667
[0183.916] GetWindowLongW (hWnd=0xf02d2, nIndex=-12) returned 0
[0183.916] SetWindowLongW (hWnd=0xf02d2, nIndex=-12, dwNewLong=983762) returned 0
[0183.916] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0183.917] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0183.917] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0183.918] SendMessageW (hWnd=0xf02d2, Msg=0x2055, wParam=0xf02d2, lParam=0x3) returned 0x2
[0183.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0183.918] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0183.918] GetWindow (hWnd=0xf02d2, uCmd=0x3) returned 0xe02de
[0183.918] GetClientRect (in: hWnd=0xf02d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0183.918] GetWindowRect (in: hWnd=0xf02d2, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0183.918] GetParent (hWnd=0xf02d2) returned 0x1100ea
[0183.918] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0183.918] SetWindowTextW (hWnd=0xf02d2, lpString="&Quit") returned 1
[0183.918] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0183.919] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0183.919] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0183.919] GetClientRect (in: hWnd=0xf02d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0183.919] GetWindowRect (in: hWnd=0xf02d2, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0183.919] GetParent (hWnd=0xf02d2) returned 0x1100ea
[0183.920] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0183.920] SendMessageW (hWnd=0xf02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xf02d2) returned 0x0
[0183.920] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x2210, wParam=0x2d20001, lParam=0xf02d2) returned 0x0
[0183.920] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.920] GetParent (hWnd=0xf02d2) returned 0x1100ea
[0183.920] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0183.920] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0183.921] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0183.921] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1100ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02dc
[0183.921] SetWindowLongW (hWnd=0xe02dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0183.922] GetWindowLongW (hWnd=0xe02dc, nIndex=-4) returned 1868026976
[0183.922] SetWindowLongW (hWnd=0xe02dc, nIndex=-4, dwNewLong=19944126) returned 1868026976
[0183.922] GetWindowLongW (hWnd=0xe02dc, nIndex=-4) returned 19944126
[0183.922] GetWindowLongW (hWnd=0xe02dc, nIndex=-16) returned 1177553092
[0183.923] GetWindowLongW (hWnd=0xe02dc, nIndex=-12) returned 0
[0183.923] SetWindowLongW (hWnd=0xe02dc, nIndex=-12, dwNewLong=918236) returned 0
[0183.923] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0183.924] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0183.925] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0183.949] GetWindow (hWnd=0xe02dc, uCmd=0x3) returned 0xf02d2
[0183.949] GetClientRect (in: hWnd=0xe02dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0183.949] GetWindowRect (in: hWnd=0xe02dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0183.949] GetParent (hWnd=0xe02dc) returned 0x1100ea
[0183.949] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0183.949] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0183.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.949] GetSystemMetrics (nIndex=42) returned 0
[0183.949] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0183.949] SendMessageW (hWnd=0xe02dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0183.949] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0183.956] SetWindowTextW (hWnd=0xe02dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0183.956] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0xc, wParam=0x0, lParam=0x2d8d388) returned 0x1
[0183.958] GetSystemMetrics (nIndex=5) returned 1
[0183.958] GetSystemMetrics (nIndex=6) returned 1
[0183.958] SendMessageW (hWnd=0xe02dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0183.958] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0183.959] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0183.960] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0183.960] GetClientRect (in: hWnd=0xe02dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0183.960] GetWindowRect (in: hWnd=0xe02dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0183.960] GetParent (hWnd=0xe02dc) returned 0x1100ea
[0183.960] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1100ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0183.960] SendMessageW (hWnd=0xe02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xe02dc) returned 0x0
[0183.960] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xe02dc) returned 0x0
[0183.961] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0183.961] GetParent (hWnd=0xe02dc) returned 0x1100ea
[0183.961] GetWindowLongW (hWnd=0x1100ea, nIndex=-8) returned 458844
[0183.961] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0183.961] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0183.961] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb60107e8
[0183.961] GetDeviceCaps (hdc=0xb60107e8, index=12) returned 32
[0183.961] GetDeviceCaps (hdc=0xb60107e8, index=14) returned 1
[0183.961] DeleteDC (hdc=0xb60107e8) returned 1
[0183.962] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0183.962] GetWindowThreadProcessId (in: hWnd=0x1100ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0183.962] GetCurrentThreadId () returned 0xf50
[0183.962] PostMessageW (hWnd=0x1100ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0183.962] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0183.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0183.962] GetSystemMetrics (nIndex=42) returned 0
[0183.962] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0183.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0183.962] GdipImageGetFrameDimensionsCount (image=0x66019f0, count=0xd7e25c) returned 0x0
[0183.962] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7a60
[0183.962] GdipImageGetFrameDimensionsList (image=0x66019f0, dimensionIDs=0x11f7a60*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0183.962] LocalFree (hMem=0x11f7a60) returned 0x0
[0183.963] GdipImageGetFrameDimensionsCount (image=0x6601d38, count=0xd7e250) returned 0x0
[0183.963] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7aa8
[0183.963] GdipImageGetFrameDimensionsList (image=0x6601d38, dimensionIDs=0x11f7aa8*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0183.963] LocalFree (hMem=0x11f7aa8) returned 0x0
[0183.963] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0183.963] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0183.963] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0184.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0184.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0184.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0184.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0184.005] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0184.005] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0184.005] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.005] GetSystemMetrics (nIndex=42) returned 0
[0184.005] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0184.005] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0184.005] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0184.006] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0184.006] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0x905065e
[0184.006] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0184.006] SaveDC (hdc=0x60100ce) returned 1
[0184.006] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0184.006] CreateSolidBrush (color=0xf0f0f0) returned 0xab1007e1
[0184.006] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0xab1007e1) returned 1
[0184.006] DeleteObject (ho=0xab1007e1) returned 1
[0184.006] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0184.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0184.007] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0184.007] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0184.007] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0184.007] GetStockObject (i=5) returned 0x900015
[0184.007] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0184.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0184.008] GetStockObject (i=5) returned 0x900015
[0184.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0184.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0184.008] GetStockObject (i=5) returned 0x900015
[0184.008] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0184.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0184.009] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0184.009] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0184.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0184.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0184.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0184.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0184.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0184.011] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0184.011] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0184.011] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.011] InvalidateRect (hWnd=0x10013e, lpRect=0x0, bErase=0) returned 1
[0184.011] GetFocus () returned 0x1100ea
[0184.011] GetFocus () returned 0x1100ea
[0184.011] SetFocus (hWnd=0x10013e) returned 0x1100ea
[0184.013] GetFocus () returned 0x10013e
[0184.013] IsChild (hWndParent=0x1100ea, hWnd=0x10013e) returned 1
[0184.013] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x8, wParam=0x10013e, lParam=0x0) returned 0x0
[0184.014] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0184.015] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0184.017] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0184.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x7, wParam=0x1100ea, lParam=0x0) returned 0x0
[0184.017] GetStockObject (i=5) returned 0x900015
[0184.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0184.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0184.017] GetDlgItem (hDlg=0x1100ea, nIDDlgItem=1048894) returned 0x10013e
[0184.017] SendMessageW (hWnd=0x10013e, Msg=0x202b, wParam=0x10013e, lParam=0xd7e0dc) returned 0x0
[0184.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x202b, wParam=0x10013e, lParam=0xd7e0dc) returned 0x0
[0184.018] InvalidateRect (hWnd=0x10013e, lpRect=0x0, bErase=0) returned 1
[0184.020] GetFocus () returned 0x10013e
[0184.020] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.021] IsWindowUnicode (hWnd=0x1100ea) returned 1
[0184.021] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.021] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.021] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0184.021] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.021] IsWindowUnicode (hWnd=0x1100ea) returned 1
[0184.021] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.021] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.021] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.021] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0184.022] IsWindowUnicode (hWnd=0x1100ea) returned 1
[0184.022] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.022] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.022] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.023] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.023] IsWindowUnicode (hWnd=0x602c4) returned 1
[0184.023] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.023] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.023] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0184.023] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0184.023] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.032] IsWindowUnicode (hWnd=0x1100ea) returned 1
[0184.032] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.032] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.032] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.032] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.032] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.032] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.032] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.032] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.033] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.033] IsWindowUnicode (hWnd=0x1100ea) returned 1
[0184.033] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.033] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.033] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.033] BeginPaint (in: hWnd=0x1100ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0184.034] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.034] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.034] GetSystemMetrics (nIndex=42) returned 0
[0184.034] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0184.034] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.034] EndPaint (hWnd=0x1100ea, lpPaint=0xd7e274) returned 1
[0184.034] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.034] IsWindowUnicode (hWnd=0xe02da) returned 1
[0184.034] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.034] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.035] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.035] BeginPaint (in: hWnd=0xe02da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0184.035] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.035] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc00107d1
[0184.035] SelectObject (hdc=0xc00107d1, h=0x4a0507fe) returned 0x85000f
[0184.035] GdipCreateFromHDC (hdc=0xc00107d1, graphics=0xd7e2b0) returned 0x0
[0184.035] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.035] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0184.035] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0184.035] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0184.035] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e310) returned 0x0
[0184.036] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0184.036] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0184.036] LocalFree (hMem=0x11ee868) returned 0x0
[0184.036] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0184.036] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0184.036] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0184.036] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e304) returned 0x0
[0184.036] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0184.036] GetWindowTextLengthW (hWnd=0xe02da) returned 0
[0184.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0184.036] GetSystemMetrics (nIndex=42) returned 0
[0184.036] GetWindowTextW (in: hWnd=0xe02da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0184.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0184.036] GetClientRect (in: hWnd=0xe02da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0184.036] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0184.036] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0184.036] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0184.036] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0184.037] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e164) returned 0x0
[0184.037] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0184.037] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0184.037] LocalFree (hMem=0x11ee8d8) returned 0x0
[0184.037] GdipCombineRegionRegion (region=0x6646ef8, region2=0x6646718, combineMode=0x1) returned 0x0
[0184.037] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0184.037] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0184.037] LocalFree (hMem=0x11eea60) returned 0x0
[0184.037] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0184.037] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0184.037] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0184.037] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0184.037] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0184.037] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0184.037] GetCurrentObject (hdc=0xc00107d1, type=0x1) returned 0xb00017
[0184.037] GetCurrentObject (hdc=0xc00107d1, type=0x2) returned 0x900010
[0184.037] GetCurrentObject (hdc=0xc00107d1, type=0x7) returned 0x4a0507fe
[0184.038] GetCurrentObject (hdc=0xc00107d1, type=0x6) returned 0x8a01c2
[0184.038] SaveDC (hdc=0xc00107d1) returned 1
[0184.038] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x15040807
[0184.038] GetClipRgn (hdc=0xc00107d1, hrgn=0x15040807) returned 0
[0184.038] SelectClipRgn (hdc=0xc00107d1, hrgn=0x9c0407de) returned 2
[0184.038] DeleteObject (ho=0x15040807) returned 1
[0184.038] DeleteObject (ho=0x9c0407de) returned 1
[0184.038] OffsetViewportOrgEx (in: hdc=0xc00107d1, x=0, y=0, lppt=0x2d92ee8 | out: lppt=0x2d92ee8) returned 1
[0184.038] GetNearestColor (hdc=0xc00107d1, color=0xf0f0f0) returned 0xf0f0f0
[0184.038] CreateSolidBrush (color=0xf0f0f0) returned 0xac1007e1
[0184.038] FillRect (hDC=0xc00107d1, lprc=0xd7e198, hbr=0xac1007e1) returned 1
[0184.038] DeleteObject (ho=0xac1007e1) returned 1
[0184.038] RestoreDC (hdc=0xc00107d1, nSavedDC=-1) returned 1
[0184.038] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107d1) returned 0x0
[0184.039] GdipRestoreGraphics (graphics=0x6600030, state=0xfba60dbd) returned 0x0
[0184.039] GdipDeleteRegion (region=0x6646718) returned 0x0
[0184.039] GetWindowTextLengthW (hWnd=0xe02da) returned 0
[0184.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0184.039] GetSystemMetrics (nIndex=42) returned 0
[0184.039] GetWindowTextW (in: hWnd=0xe02da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0184.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0184.039] GdipGetImageWidth (image=0x66019f0, width=0xd7e1e0) returned 0x0
[0184.039] GdipGetImageHeight (image=0x66019f0, height=0xd7e1e0) returned 0x0
[0184.039] GdipGetImageWidth (image=0x66019f0, width=0xd7e1cc) returned 0x0
[0184.039] GdipGetImageHeight (image=0x66019f0, height=0xd7e1cc) returned 0x0
[0184.039] GdipDrawImageRectI (graphics=0x6600030, image=0x66019f0, x=16, y=16, width=32, height=32) returned 0x0
[0184.039] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0184.039] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0xc00107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.039] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107d1) returned 0x0
[0184.040] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.040] SelectObject (hdc=0xc00107d1, h=0x85000f) returned 0x4a0507fe
[0184.040] DeleteDC (hdc=0xc00107d1) returned 1
[0184.040] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.040] EndPaint (hWnd=0xe02da, lpPaint=0xd7e294) returned 1
[0184.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.040] IsWindowUnicode (hWnd=0xc005a) returned 1
[0184.040] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.040] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.040] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.040] BeginPaint (in: hWnd=0xc005a, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0184.041] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.041] CreateCompatibleDC (hdc=0x10105d6) returned 0xc20107d1
[0184.041] GetObjectType (h=0x10105d6) returned 0x3
[0184.041] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffff800507bb
[0184.041] GetDIBits (in: hdc=0x10105d6, hbm=0x800507bb, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0184.041] GetDIBits (in: hdc=0x10105d6, hbm=0x800507bb, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0184.041] DeleteObject (ho=0x800507bb) returned 1
[0184.041] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xbf0507e8
[0184.041] SelectObject (hdc=0xc20107d1, h=0xbf0507e8) returned 0x85000f
[0184.041] GdipCreateFromHDC (hdc=0xc20107d1, graphics=0xd7e234) returned 0x0
[0184.042] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.042] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0184.042] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0184.042] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0184.042] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2d4) returned 0x0
[0184.042] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.042] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0184.042] LocalFree (hMem=0x11eec58) returned 0x0
[0184.042] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0184.042] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0184.042] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0184.042] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0184.043] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0184.043] GetWindowTextLengthW (hWnd=0xc005a) returned 232
[0184.043] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0184.043] GetSystemMetrics (nIndex=42) returned 0
[0184.043] GetWindowTextW (in: hWnd=0xc005a, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0184.043] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0184.043] GetClientRect (in: hWnd=0xc005a, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0184.043] GdipCreateRegion (region=0xd7e110) returned 0x0
[0184.043] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.043] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0184.043] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0184.043] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e128) returned 0x0
[0184.043] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0184.043] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0184.043] LocalFree (hMem=0x11ee868) returned 0x0
[0184.043] GdipCombineRegionRegion (region=0x6646298, region2=0x6646ef8, combineMode=0x1) returned 0x0
[0184.043] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0184.043] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee910) returned 0x0
[0184.044] LocalFree (hMem=0x11ee910) returned 0x0
[0184.044] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0184.044] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e150) returned 0x0
[0184.044] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e140) returned 0x0
[0184.044] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0184.044] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.044] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0184.044] GetCurrentObject (hdc=0xc20107d1, type=0x1) returned 0xb00017
[0184.044] GetCurrentObject (hdc=0xc20107d1, type=0x2) returned 0x900010
[0184.044] GetCurrentObject (hdc=0xc20107d1, type=0x7) returned 0xffffffffbf0507e8
[0184.044] GetCurrentObject (hdc=0xc20107d1, type=0x6) returned 0x8a01c2
[0184.045] SaveDC (hdc=0xc20107d1) returned 1
[0184.045] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9d0407de
[0184.045] GetClipRgn (hdc=0xc20107d1, hrgn=0x9d0407de) returned 0
[0184.045] SelectClipRgn (hdc=0xc20107d1, hrgn=0x16040807) returned 2
[0184.045] DeleteObject (ho=0x9d0407de) returned 1
[0184.045] DeleteObject (ho=0x16040807) returned 1
[0184.045] OffsetViewportOrgEx (in: hdc=0xc20107d1, x=0, y=0, lppt=0x2d948b0 | out: lppt=0x2d948b0) returned 1
[0184.045] GetNearestColor (hdc=0xc20107d1, color=0xf0f0f0) returned 0xf0f0f0
[0184.045] CreateSolidBrush (color=0xf0f0f0) returned 0xad1007e1
[0184.045] FillRect (hDC=0xc20107d1, lprc=0xd7e15c, hbr=0xad1007e1) returned 1
[0184.047] DeleteObject (ho=0xad1007e1) returned 1
[0184.047] RestoreDC (hdc=0xc20107d1, nSavedDC=-1) returned 1
[0184.047] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107d1) returned 0x0
[0184.047] GdipRestoreGraphics (graphics=0x6600030, state=0xfba40dbd) returned 0x0
[0184.047] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0184.047] GetWindowTextLengthW (hWnd=0xc005a) returned 232
[0184.047] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0184.047] GetSystemMetrics (nIndex=42) returned 0
[0184.047] GetWindowTextW (in: hWnd=0xc005a, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0184.047] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0184.047] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0184.047] GetCurrentObject (hdc=0xc20107d1, type=0x1) returned 0xb00017
[0184.048] GetCurrentObject (hdc=0xc20107d1, type=0x2) returned 0x900010
[0184.048] GetCurrentObject (hdc=0xc20107d1, type=0x7) returned 0xffffffffbf0507e8
[0184.048] GetCurrentObject (hdc=0xc20107d1, type=0x6) returned 0x8a01c2
[0184.048] SaveDC (hdc=0xc20107d1) returned 1
[0184.048] GetNearestColor (hdc=0xc20107d1, color=0x0) returned 0x0
[0184.048] RestoreDC (hdc=0xc20107d1, nSavedDC=-1) returned 1
[0184.048] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107d1) returned 0x0
[0184.048] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0184.049] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0184.049] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d950ac | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0184.049] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0184.049] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0184.049] GetCurrentObject (hdc=0xc20107d1, type=0x1) returned 0xb00017
[0184.049] GetCurrentObject (hdc=0xc20107d1, type=0x2) returned 0x900010
[0184.049] GetCurrentObject (hdc=0xc20107d1, type=0x7) returned 0xffffffffbf0507e8
[0184.049] GetCurrentObject (hdc=0xc20107d1, type=0x6) returned 0x8a01c2
[0184.049] SaveDC (hdc=0xc20107d1) returned 1
[0184.050] GetTextAlign (hdc=0xc20107d1) returned 0x0
[0184.050] GetTextColor (hdc=0xc20107d1) returned 0x0
[0184.050] GetCurrentObject (hdc=0xc20107d1, type=0x6) returned 0x8a01c2
[0184.050] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0184.050] SelectObject (hdc=0xc20107d1, h=0x6d0a0520) returned 0x8a01c2
[0184.050] GetBkMode (hdc=0xc20107d1) returned 2
[0184.050] SetBkMode (hdc=0xc20107d1, mode=1) returned 2
[0184.050] DrawTextExW (in: hdc=0xc20107d1, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d952d0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0184.054] RestoreDC (hdc=0xc20107d1, nSavedDC=-1) returned 1
[0184.054] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107d1) returned 0x0
[0184.054] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0184.054] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xc20107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.054] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107d1) returned 0x0
[0184.054] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.054] SelectObject (hdc=0xc20107d1, h=0x85000f) returned 0xbf0507e8
[0184.054] DeleteDC (hdc=0xc20107d1) returned 1
[0184.054] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.054] DeleteObject (ho=0xbf0507e8) returned 1
[0184.055] EndPaint (hWnd=0xc005a, lpPaint=0xd7e258) returned 1
[0184.058] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.058] IsWindowUnicode (hWnd=0x10013e) returned 1
[0184.058] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.058] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.058] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.058] BeginPaint (in: hWnd=0x10013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0184.058] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.058] CreateCompatibleDC (hdc=0xc0107c5) returned 0x820107bb
[0184.058] SelectObject (hdc=0x820107bb, h=0x4a0507fe) returned 0x85000f
[0184.058] GdipCreateFromHDC (hdc=0x820107bb, graphics=0xd7e268) returned 0x0
[0184.058] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.058] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0184.058] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0184.058] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0184.058] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2c8) returned 0x0
[0184.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.059] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0184.059] LocalFree (hMem=0x11eec58) returned 0x0
[0184.059] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0184.059] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0184.059] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0184.059] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0184.059] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0184.059] GdipRestoreGraphics (graphics=0x6600030, state=0xfba20dbd) returned 0x0
[0184.059] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0184.059] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0184.059] GetCurrentObject (hdc=0x820107bb, type=0x1) returned 0xb00017
[0184.059] GetCurrentObject (hdc=0x820107bb, type=0x2) returned 0x900010
[0184.059] GetCurrentObject (hdc=0x820107bb, type=0x7) returned 0x4a0507fe
[0184.059] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.059] SaveDC (hdc=0x820107bb) returned 1
[0184.071] GetNearestColor (hdc=0x820107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.071] GetNearestColor (hdc=0x820107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.071] GetNearestColor (hdc=0x820107bb, color=0x696969) returned 0x696969
[0184.071] GetNearestColor (hdc=0x820107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.071] GetNearestColor (hdc=0x820107bb, color=0x0) returned 0x0
[0184.071] GetNearestColor (hdc=0x820107bb, color=0xffffff) returned 0xffffff
[0184.071] GetNearestColor (hdc=0x820107bb, color=0xe5e5e5) returned 0xe5e5e5
[0184.072] GetNearestColor (hdc=0x820107bb, color=0xd7d7d7) returned 0xd7d7d7
[0184.072] GetNearestColor (hdc=0x820107bb, color=0x0) returned 0x0
[0184.072] RestoreDC (hdc=0x820107bb, nSavedDC=-1) returned 1
[0184.072] GdipReleaseDC (graphics=0x6600030, hdc=0x820107bb) returned 0x0
[0184.072] IsAppThemed () returned 0x1
[0184.072] GetThemeAppProperties () returned 0x3
[0184.072] GetThemeAppProperties () returned 0x3
[0184.072] GdipGetImageWidth (image=0x6601d38, width=0xd7e168) returned 0x0
[0184.072] GdipGetImageHeight (image=0x6601d38, height=0xd7e168) returned 0x0
[0184.072] IsAppThemed () returned 0x1
[0184.072] GetThemeAppProperties () returned 0x3
[0184.072] GetThemeAppProperties () returned 0x3
[0184.072] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d95a20 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0184.073] IsAppThemed () returned 0x1
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] IsAppThemed () returned 0x1
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] GetFocus () returned 0x10013e
[0184.073] IsAppThemed () returned 0x1
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] IsAppThemed () returned 0x1
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] IsThemePartDefined () returned 0x1
[0184.073] IsAppThemed () returned 0x1
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] GetThemeAppProperties () returned 0x3
[0184.073] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0184.073] IsAppThemed () returned 0x1
[0184.074] GetThemeAppProperties () returned 0x3
[0184.074] GetThemeAppProperties () returned 0x3
[0184.074] IsAppThemed () returned 0x1
[0184.074] GetThemeAppProperties () returned 0x3
[0184.074] GetThemeAppProperties () returned 0x3
[0184.074] IsThemePartDefined () returned 0x1
[0184.074] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0184.074] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0184.074] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0184.074] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0184.074] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dff0) returned 0x0
[0184.074] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.074] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0184.074] LocalFree (hMem=0x11eec58) returned 0x0
[0184.074] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0184.074] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea60) returned 0x0
[0184.074] LocalFree (hMem=0x11eea60) returned 0x0
[0184.074] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0184.074] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0184.074] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0184.074] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0184.075] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0184.075] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0184.075] GetCurrentObject (hdc=0x820107bb, type=0x1) returned 0xb00017
[0184.075] GetCurrentObject (hdc=0x820107bb, type=0x2) returned 0x900010
[0184.075] GetCurrentObject (hdc=0x820107bb, type=0x7) returned 0x4a0507fe
[0184.075] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.075] SaveDC (hdc=0x820107bb) returned 1
[0184.075] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x17040807
[0184.075] GetClipRgn (hdc=0x820107bb, hrgn=0x17040807) returned 0
[0184.075] SelectClipRgn (hdc=0x820107bb, hrgn=0xa10407de) returned 2
[0184.075] DeleteObject (ho=0x17040807) returned 1
[0184.075] DeleteObject (ho=0xa10407de) returned 1
[0184.075] OffsetViewportOrgEx (in: hdc=0x820107bb, x=0, y=0, lppt=0x2d960d0 | out: lppt=0x2d960d0) returned 1
[0184.076] DrawThemeParentBackground () returned 0x0
[0184.076] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0184.076] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0184.076] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.076] GetSystemMetrics (nIndex=42) returned 0
[0184.076] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0184.076] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0184.076] GetCurrentObject (hdc=0x820107bb, type=0x1) returned 0xb00017
[0184.076] GetCurrentObject (hdc=0x820107bb, type=0x2) returned 0x900010
[0184.076] GetCurrentObject (hdc=0x820107bb, type=0x7) returned 0x4a0507fe
[0184.076] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.076] SaveDC (hdc=0x820107bb) returned 2
[0184.076] GetNearestColor (hdc=0x820107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.077] CreateSolidBrush (color=0xf0f0f0) returned 0xae1007e1
[0184.077] FillRect (hDC=0x820107bb, lprc=0xd7da38, hbr=0xae1007e1) returned 1
[0184.077] DeleteObject (ho=0xae1007e1) returned 1
[0184.077] RestoreDC (hdc=0x820107bb, nSavedDC=-1) returned 1
[0184.077] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.077] GetSystemMetrics (nIndex=42) returned 0
[0184.077] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0184.077] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0184.077] GetCurrentObject (hdc=0x820107bb, type=0x1) returned 0xb00017
[0184.077] GetCurrentObject (hdc=0x820107bb, type=0x2) returned 0x900010
[0184.077] GetCurrentObject (hdc=0x820107bb, type=0x7) returned 0x4a0507fe
[0184.077] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.077] SaveDC (hdc=0x820107bb) returned 2
[0184.077] GetNearestColor (hdc=0x820107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.078] CreateSolidBrush (color=0xf0f0f0) returned 0xaf1007e1
[0184.078] FillRect (hDC=0x820107bb, lprc=0xd7d9d8, hbr=0xaf1007e1) returned 1
[0184.078] DeleteObject (ho=0xaf1007e1) returned 1
[0184.078] RestoreDC (hdc=0x820107bb, nSavedDC=-1) returned 1
[0184.078] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.078] GetSystemMetrics (nIndex=42) returned 0
[0184.078] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0184.078] RestoreDC (hdc=0x820107bb, nSavedDC=-1) returned 1
[0184.078] GdipReleaseDC (graphics=0x6600030, hdc=0x820107bb) returned 0x0
[0184.078] IsAppThemed () returned 0x1
[0184.078] GetThemeAppProperties () returned 0x3
[0184.078] GetThemeAppProperties () returned 0x3
[0184.078] IsAppThemed () returned 0x1
[0184.079] GetThemeAppProperties () returned 0x3
[0184.079] GetThemeAppProperties () returned 0x3
[0184.079] IsThemePartDefined () returned 0x1
[0184.079] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0184.079] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0184.079] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0184.079] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0184.079] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0184.079] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0184.079] LocalFree (hMem=0x11ee910) returned 0x0
[0184.079] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0184.079] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0184.079] LocalFree (hMem=0x11ee868) returned 0x0
[0184.079] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0184.079] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0184.079] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0184.079] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0184.079] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0184.080] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0184.080] GetCurrentObject (hdc=0x820107bb, type=0x1) returned 0xb00017
[0184.080] GetCurrentObject (hdc=0x820107bb, type=0x2) returned 0x900010
[0184.080] GetCurrentObject (hdc=0x820107bb, type=0x7) returned 0x4a0507fe
[0184.080] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.080] SaveDC (hdc=0x820107bb) returned 1
[0184.080] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa20407de
[0184.080] GetClipRgn (hdc=0x820107bb, hrgn=0xa20407de) returned 0
[0184.080] SelectClipRgn (hdc=0x820107bb, hrgn=0x19040807) returned 2
[0184.080] DeleteObject (ho=0xa20407de) returned 1
[0184.080] DeleteObject (ho=0x19040807) returned 1
[0184.080] OffsetViewportOrgEx (in: hdc=0x820107bb, x=0, y=0, lppt=0x2d9697c | out: lppt=0x2d9697c) returned 1
[0184.080] IsAppThemed () returned 0x1
[0184.080] GetThemeAppProperties () returned 0x3
[0184.080] GetThemeAppProperties () returned 0x3
[0184.080] DrawThemeBackground () returned 0x0
[0184.081] RestoreDC (hdc=0x820107bb, nSavedDC=-1) returned 1
[0184.081] GdipReleaseDC (graphics=0x6600030, hdc=0x820107bb) returned 0x0
[0184.081] GdipCreateRegion (region=0xd7df60) returned 0x0
[0184.081] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0184.081] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0184.081] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0184.081] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0184.081] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0184.081] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0184.081] LocalFree (hMem=0x11eecc8) returned 0x0
[0184.081] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0184.081] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0184.081] LocalFree (hMem=0x11ee868) returned 0x0
[0184.081] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0184.081] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0184.081] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0184.081] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0184.081] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0184.082] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0184.082] GetCurrentObject (hdc=0x820107bb, type=0x1) returned 0xb00017
[0184.082] GetCurrentObject (hdc=0x820107bb, type=0x2) returned 0x900010
[0184.082] GetCurrentObject (hdc=0x820107bb, type=0x7) returned 0x4a0507fe
[0184.082] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.082] SaveDC (hdc=0x820107bb) returned 1
[0184.082] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a040807
[0184.082] GetClipRgn (hdc=0x820107bb, hrgn=0x1a040807) returned 0
[0184.082] SelectClipRgn (hdc=0x820107bb, hrgn=0xa30407de) returned 2
[0184.082] DeleteObject (ho=0x1a040807) returned 1
[0184.082] DeleteObject (ho=0xa30407de) returned 1
[0184.082] OffsetViewportOrgEx (in: hdc=0x820107bb, x=0, y=0, lppt=0x2d96c50 | out: lppt=0x2d96c50) returned 1
[0184.082] IsAppThemed () returned 0x1
[0184.082] GetThemeAppProperties () returned 0x3
[0184.082] GetThemeAppProperties () returned 0x3
[0184.082] GetThemeBackgroundContentRect () returned 0x0
[0184.082] RestoreDC (hdc=0x820107bb, nSavedDC=-1) returned 1
[0184.083] GdipReleaseDC (graphics=0x6600030, hdc=0x820107bb) returned 0x0
[0184.083] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0184.083] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0184.083] GdipCloneRegion (region=0x6646ef8, cloneRegion=0xd7e150) returned 0x0
[0184.083] GdipCombineRegionRectI (region=0x66464d8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0184.083] GdipCombineRegionRectI (region=0x66464d8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0184.083] GdipSetClipRegion (graphics=0x6600030, region=0x66464d8, combineMode=0x0) returned 0x0
[0184.083] GdipGetImageWidth (image=0x6601d38, width=0xd7e154) returned 0x0
[0184.083] GdipGetImageHeight (image=0x6601d38, height=0xd7e148) returned 0x0
[0184.083] GdipDrawImageRectI (graphics=0x6600030, image=0x6601d38, x=4, y=4, width=16, height=16) returned 0x0
[0184.083] GdipSetClipRegion (graphics=0x6600030, region=0x6646ef8, combineMode=0x0) returned 0x0
[0184.083] IsAppThemed () returned 0x1
[0184.083] GetThemeAppProperties () returned 0x3
[0184.083] GetThemeAppProperties () returned 0x3
[0184.083] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0184.083] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0184.084] GetCurrentObject (hdc=0x820107bb, type=0x1) returned 0xb00017
[0184.084] GetCurrentObject (hdc=0x820107bb, type=0x2) returned 0x900010
[0184.084] GetCurrentObject (hdc=0x820107bb, type=0x7) returned 0x4a0507fe
[0184.084] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.084] SaveDC (hdc=0x820107bb) returned 1
[0184.084] GetTextAlign (hdc=0x820107bb) returned 0x0
[0184.084] GetTextColor (hdc=0x820107bb) returned 0x0
[0184.084] GetCurrentObject (hdc=0x820107bb, type=0x6) returned 0x8a01c2
[0184.084] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0184.084] SelectObject (hdc=0x820107bb, h=0x6d0a0520) returned 0x8a01c2
[0184.084] GetBkMode (hdc=0x820107bb) returned 2
[0184.084] SetBkMode (hdc=0x820107bb, mode=1) returned 2
[0184.085] DrawTextExW (in: hdc=0x820107bb, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d97010 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0184.085] DrawTextExW (in: hdc=0x820107bb, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d97010 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0184.085] RestoreDC (hdc=0x820107bb, nSavedDC=-1) returned 1
[0184.085] GdipReleaseDC (graphics=0x6600030, hdc=0x820107bb) returned 0x0
[0184.085] GetFocus () returned 0x10013e
[0184.085] IsAppThemed () returned 0x1
[0184.085] GetThemeAppProperties () returned 0x3
[0184.085] GetThemeAppProperties () returned 0x3
[0184.085] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0184.086] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x820107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.086] GdipReleaseDC (graphics=0x6600030, hdc=0x820107bb) returned 0x0
[0184.086] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.086] SelectObject (hdc=0x820107bb, h=0x85000f) returned 0x4a0507fe
[0184.086] DeleteDC (hdc=0x820107bb) returned 1
[0184.086] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.086] EndPaint (hWnd=0x10013e, lpPaint=0xd7e24c) returned 1
[0184.086] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.087] IsWindowUnicode (hWnd=0xe02de) returned 1
[0184.087] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.087] SetCursor (hCursor=0x10003) returned 0x10003
[0184.087] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.087] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.087] _TrackMouseEvent (in: lpEventTrack=0x2d9710c | out: lpEventTrack=0x2d9710c) returned 1
[0184.087] SendMessageW (hWnd=0xe02de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0184.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0184.087] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.087] GetKeyState (nVirtKey=1) returned 0
[0184.088] GetKeyState (nVirtKey=2) returned 0
[0184.088] GetKeyState (nVirtKey=4) returned 0
[0184.088] GetKeyState (nVirtKey=5) returned 0
[0184.088] GetKeyState (nVirtKey=6) returned 0
[0184.088] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.088] IsWindowUnicode (hWnd=0xe02de) returned 1
[0184.088] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.088] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.088] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.088] BeginPaint (in: hWnd=0xe02de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0184.088] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.088] CreateCompatibleDC (hdc=0x60100ce) returned 0x840107bb
[0184.088] SelectObject (hdc=0x840107bb, h=0x4a0507fe) returned 0x85000f
[0184.088] GdipCreateFromHDC (hdc=0x840107bb, graphics=0xd7e268) returned 0x0
[0184.089] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.089] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0184.089] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0184.089] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0184.089] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0184.089] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.089] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0184.089] LocalFree (hMem=0x11eec58) returned 0x0
[0184.089] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0184.089] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0184.089] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.089] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0184.089] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0184.089] GdipRestoreGraphics (graphics=0x6600030, state=0xfba00dbd) returned 0x0
[0184.089] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.089] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0184.089] GetCurrentObject (hdc=0x840107bb, type=0x1) returned 0xb00017
[0184.090] GetCurrentObject (hdc=0x840107bb, type=0x2) returned 0x900010
[0184.090] GetCurrentObject (hdc=0x840107bb, type=0x7) returned 0x4a0507fe
[0184.090] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.090] SaveDC (hdc=0x840107bb) returned 1
[0184.090] GetNearestColor (hdc=0x840107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.090] GetNearestColor (hdc=0x840107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.090] GetNearestColor (hdc=0x840107bb, color=0x696969) returned 0x696969
[0184.090] GetNearestColor (hdc=0x840107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.090] GetNearestColor (hdc=0x840107bb, color=0x0) returned 0x0
[0184.090] GetNearestColor (hdc=0x840107bb, color=0xffffff) returned 0xffffff
[0184.090] GetNearestColor (hdc=0x840107bb, color=0xe5e5e5) returned 0xe5e5e5
[0184.090] GetNearestColor (hdc=0x840107bb, color=0xd7d7d7) returned 0xd7d7d7
[0184.090] GetNearestColor (hdc=0x840107bb, color=0x0) returned 0x0
[0184.095] RestoreDC (hdc=0x840107bb, nSavedDC=-1) returned 1
[0184.095] GdipReleaseDC (graphics=0x6600030, hdc=0x840107bb) returned 0x0
[0184.095] IsAppThemed () returned 0x1
[0184.095] GetThemeAppProperties () returned 0x3
[0184.095] GetThemeAppProperties () returned 0x3
[0184.095] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0184.095] SendMessageW (hWnd=0x1100ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0184.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0184.095] IsAppThemed () returned 0x1
[0184.095] GetThemeAppProperties () returned 0x3
[0184.095] GetThemeAppProperties () returned 0x3
[0184.095] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d97878 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0184.096] IsAppThemed () returned 0x1
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] IsAppThemed () returned 0x1
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] IsAppThemed () returned 0x1
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] IsAppThemed () returned 0x1
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] IsThemePartDefined () returned 0x1
[0184.096] IsAppThemed () returned 0x1
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] GetThemeAppProperties () returned 0x3
[0184.096] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0184.096] IsAppThemed () returned 0x1
[0184.097] GetThemeAppProperties () returned 0x3
[0184.097] GetThemeAppProperties () returned 0x3
[0184.097] IsAppThemed () returned 0x1
[0184.097] GetThemeAppProperties () returned 0x3
[0184.097] GetThemeAppProperties () returned 0x3
[0184.097] IsThemePartDefined () returned 0x1
[0184.097] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0184.097] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0184.097] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0184.097] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0184.097] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfe4) returned 0x0
[0184.097] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0184.097] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0184.097] LocalFree (hMem=0x11ee8d8) returned 0x0
[0184.097] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0184.097] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0184.097] LocalFree (hMem=0x11ee9f0) returned 0x0
[0184.097] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0184.097] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0184.098] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0184.098] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0184.098] GdipDeleteRegion (region=0x6646718) returned 0x0
[0184.098] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0184.098] GetCurrentObject (hdc=0x840107bb, type=0x1) returned 0xb00017
[0184.098] GetCurrentObject (hdc=0x840107bb, type=0x2) returned 0x900010
[0184.098] GetCurrentObject (hdc=0x840107bb, type=0x7) returned 0x4a0507fe
[0184.098] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.098] SaveDC (hdc=0x840107bb) returned 1
[0184.098] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa40407de
[0184.098] GetClipRgn (hdc=0x840107bb, hrgn=0xa40407de) returned 0
[0184.098] SelectClipRgn (hdc=0x840107bb, hrgn=0x1e040807) returned 2
[0184.098] DeleteObject (ho=0xa40407de) returned 1
[0184.098] DeleteObject (ho=0x1e040807) returned 1
[0184.099] OffsetViewportOrgEx (in: hdc=0x840107bb, x=0, y=0, lppt=0x2d97f28 | out: lppt=0x2d97f28) returned 1
[0184.099] DrawThemeParentBackground () returned 0x0
[0184.099] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0184.099] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0184.099] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.099] GetSystemMetrics (nIndex=42) returned 0
[0184.099] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0184.099] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0184.099] GetCurrentObject (hdc=0x840107bb, type=0x1) returned 0xb00017
[0184.099] GetCurrentObject (hdc=0x840107bb, type=0x2) returned 0x900010
[0184.099] GetCurrentObject (hdc=0x840107bb, type=0x7) returned 0x4a0507fe
[0184.100] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.100] SaveDC (hdc=0x840107bb) returned 2
[0184.100] GetNearestColor (hdc=0x840107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.100] CreateSolidBrush (color=0xf0f0f0) returned 0xb01007e1
[0184.100] FillRect (hDC=0x840107bb, lprc=0xd7da30, hbr=0xb01007e1) returned 1
[0184.100] DeleteObject (ho=0xb01007e1) returned 1
[0184.100] RestoreDC (hdc=0x840107bb, nSavedDC=-1) returned 1
[0184.100] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.100] GetSystemMetrics (nIndex=42) returned 0
[0184.100] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0184.100] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0184.100] GetCurrentObject (hdc=0x840107bb, type=0x1) returned 0xb00017
[0184.100] GetCurrentObject (hdc=0x840107bb, type=0x2) returned 0x900010
[0184.101] GetCurrentObject (hdc=0x840107bb, type=0x7) returned 0x4a0507fe
[0184.101] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.101] SaveDC (hdc=0x840107bb) returned 2
[0184.101] GetNearestColor (hdc=0x840107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.101] CreateSolidBrush (color=0xf0f0f0) returned 0xb11007e1
[0184.101] FillRect (hDC=0x840107bb, lprc=0xd7d9d0, hbr=0xb11007e1) returned 1
[0184.101] DeleteObject (ho=0xb11007e1) returned 1
[0184.101] RestoreDC (hdc=0x840107bb, nSavedDC=-1) returned 1
[0184.101] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.101] GetSystemMetrics (nIndex=42) returned 0
[0184.101] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0184.102] RestoreDC (hdc=0x840107bb, nSavedDC=-1) returned 1
[0184.102] GdipReleaseDC (graphics=0x6600030, hdc=0x840107bb) returned 0x0
[0184.102] IsAppThemed () returned 0x1
[0184.102] GetThemeAppProperties () returned 0x3
[0184.102] GetThemeAppProperties () returned 0x3
[0184.102] IsAppThemed () returned 0x1
[0184.102] GetThemeAppProperties () returned 0x3
[0184.102] GetThemeAppProperties () returned 0x3
[0184.102] IsThemePartDefined () returned 0x1
[0184.102] GdipCreateRegion (region=0xd7df50) returned 0x0
[0184.102] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.102] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0184.102] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0184.102] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df68) returned 0x0
[0184.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.102] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0184.102] LocalFree (hMem=0x11eec58) returned 0x0
[0184.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.102] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0184.103] LocalFree (hMem=0x11eec58) returned 0x0
[0184.103] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0184.103] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0184.103] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df80) returned 0x0
[0184.103] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0184.103] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.103] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0184.103] GetCurrentObject (hdc=0x840107bb, type=0x1) returned 0xb00017
[0184.103] GetCurrentObject (hdc=0x840107bb, type=0x2) returned 0x900010
[0184.103] GetCurrentObject (hdc=0x840107bb, type=0x7) returned 0x4a0507fe
[0184.103] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.103] SaveDC (hdc=0x840107bb) returned 1
[0184.103] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f040807
[0184.103] GetClipRgn (hdc=0x840107bb, hrgn=0x1f040807) returned 0
[0184.104] SelectClipRgn (hdc=0x840107bb, hrgn=0xa60407de) returned 2
[0184.104] DeleteObject (ho=0x1f040807) returned 1
[0184.104] DeleteObject (ho=0xa60407de) returned 1
[0184.104] OffsetViewportOrgEx (in: hdc=0x840107bb, x=0, y=0, lppt=0x2d987d4 | out: lppt=0x2d987d4) returned 1
[0184.104] IsAppThemed () returned 0x1
[0184.104] GetThemeAppProperties () returned 0x3
[0184.104] GetThemeAppProperties () returned 0x3
[0184.104] DrawThemeBackground () returned 0x0
[0184.104] RestoreDC (hdc=0x840107bb, nSavedDC=-1) returned 1
[0184.104] GdipReleaseDC (graphics=0x6600030, hdc=0x840107bb) returned 0x0
[0184.104] GdipCreateRegion (region=0xd7df54) returned 0x0
[0184.104] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.104] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0184.104] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0184.104] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df6c) returned 0x0
[0184.105] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0184.105] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0184.105] LocalFree (hMem=0x11ee868) returned 0x0
[0184.105] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0184.105] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0184.105] LocalFree (hMem=0x11ee9f0) returned 0x0
[0184.105] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0184.105] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df94) returned 0x0
[0184.105] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df84) returned 0x0
[0184.105] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0184.105] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.105] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0184.105] GetCurrentObject (hdc=0x840107bb, type=0x1) returned 0xb00017
[0184.105] GetCurrentObject (hdc=0x840107bb, type=0x2) returned 0x900010
[0184.105] GetCurrentObject (hdc=0x840107bb, type=0x7) returned 0x4a0507fe
[0184.105] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.105] SaveDC (hdc=0x840107bb) returned 1
[0184.106] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa70407de
[0184.106] GetClipRgn (hdc=0x840107bb, hrgn=0xa70407de) returned 0
[0184.106] SelectClipRgn (hdc=0x840107bb, hrgn=0x20040807) returned 2
[0184.106] DeleteObject (ho=0xa70407de) returned 1
[0184.106] DeleteObject (ho=0x20040807) returned 1
[0184.106] OffsetViewportOrgEx (in: hdc=0x840107bb, x=0, y=0, lppt=0x2d98aa8 | out: lppt=0x2d98aa8) returned 1
[0184.106] IsAppThemed () returned 0x1
[0184.106] GetThemeAppProperties () returned 0x3
[0184.106] GetThemeAppProperties () returned 0x3
[0184.106] GetThemeBackgroundContentRect () returned 0x0
[0184.106] RestoreDC (hdc=0x840107bb, nSavedDC=-1) returned 1
[0184.115] GdipReleaseDC (graphics=0x6600030, hdc=0x840107bb) returned 0x0
[0184.115] IsAppThemed () returned 0x1
[0184.115] GetThemeAppProperties () returned 0x3
[0184.116] GetThemeAppProperties () returned 0x3
[0184.116] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0184.116] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0184.116] GetCurrentObject (hdc=0x840107bb, type=0x1) returned 0xb00017
[0184.116] GetCurrentObject (hdc=0x840107bb, type=0x2) returned 0x900010
[0184.116] GetCurrentObject (hdc=0x840107bb, type=0x7) returned 0x4a0507fe
[0184.116] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.116] SaveDC (hdc=0x840107bb) returned 1
[0184.116] GetTextAlign (hdc=0x840107bb) returned 0x0
[0184.116] GetTextColor (hdc=0x840107bb) returned 0x0
[0184.116] GetCurrentObject (hdc=0x840107bb, type=0x6) returned 0x8a01c2
[0184.116] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0184.116] SelectObject (hdc=0x840107bb, h=0x6d0a0520) returned 0x8a01c2
[0184.116] GetBkMode (hdc=0x840107bb) returned 2
[0184.117] SetBkMode (hdc=0x840107bb, mode=1) returned 2
[0184.117] DrawTextExW (in: hdc=0x840107bb, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d98e48 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0184.117] DrawTextExW (in: hdc=0x840107bb, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d98e48 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0184.117] RestoreDC (hdc=0x840107bb, nSavedDC=-1) returned 1
[0184.117] GdipReleaseDC (graphics=0x6600030, hdc=0x840107bb) returned 0x0
[0184.117] GetFocus () returned 0x10013e
[0184.117] IsAppThemed () returned 0x1
[0184.118] GetThemeAppProperties () returned 0x3
[0184.118] GetThemeAppProperties () returned 0x3
[0184.118] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0184.118] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x840107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.118] GdipReleaseDC (graphics=0x6600030, hdc=0x840107bb) returned 0x0
[0184.118] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.118] SelectObject (hdc=0x840107bb, h=0x85000f) returned 0x4a0507fe
[0184.118] DeleteDC (hdc=0x840107bb) returned 1
[0184.118] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.118] EndPaint (hWnd=0xe02de, lpPaint=0xd7e24c) returned 1
[0184.118] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.119] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.119] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.119] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.119] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.125] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.125] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.125] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.125] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.125] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.125] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.125] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.126] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.126] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.126] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.126] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.126] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.126] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.126] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.126] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.127] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.127] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.127] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.127] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.127] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.127] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.127] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.127] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.128] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.128] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.128] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.128] IsWindowUnicode (hWnd=0xf02d2) returned 1
[0184.128] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.128] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.128] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.129] BeginPaint (in: hWnd=0xf02d2, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0184.129] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.129] CreateCompatibleDC (hdc=0x107b9) returned 0x860107bb
[0184.129] SelectObject (hdc=0x860107bb, h=0x4a0507fe) returned 0x85000f
[0184.129] GdipCreateFromHDC (hdc=0x860107bb, graphics=0xd7e268) returned 0x0
[0184.129] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.129] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0184.129] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0184.129] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0184.129] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0184.129] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0184.130] LocalFree (hMem=0x11ee788) returned 0x0
[0184.130] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0184.130] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0184.130] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.130] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0184.130] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0184.130] GdipRestoreGraphics (graphics=0x6600030, state=0xfb9e0dbd) returned 0x0
[0184.130] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.130] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0184.130] GetCurrentObject (hdc=0x860107bb, type=0x1) returned 0xb00017
[0184.130] GetCurrentObject (hdc=0x860107bb, type=0x2) returned 0x900010
[0184.130] GetCurrentObject (hdc=0x860107bb, type=0x7) returned 0x4a0507fe
[0184.130] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.130] SaveDC (hdc=0x860107bb) returned 1
[0184.130] GetNearestColor (hdc=0x860107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.130] GetNearestColor (hdc=0x860107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.130] GetNearestColor (hdc=0x860107bb, color=0x696969) returned 0x696969
[0184.131] GetNearestColor (hdc=0x860107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.131] GetNearestColor (hdc=0x860107bb, color=0x0) returned 0x0
[0184.131] GetNearestColor (hdc=0x860107bb, color=0xffffff) returned 0xffffff
[0184.131] GetNearestColor (hdc=0x860107bb, color=0xe5e5e5) returned 0xe5e5e5
[0184.131] GetNearestColor (hdc=0x860107bb, color=0xd7d7d7) returned 0xd7d7d7
[0184.131] GetNearestColor (hdc=0x860107bb, color=0x0) returned 0x0
[0184.131] RestoreDC (hdc=0x860107bb, nSavedDC=-1) returned 1
[0184.131] GdipReleaseDC (graphics=0x6600030, hdc=0x860107bb) returned 0x0
[0184.131] IsAppThemed () returned 0x1
[0184.131] GetThemeAppProperties () returned 0x3
[0184.131] GetThemeAppProperties () returned 0x3
[0184.132] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0184.132] SendMessageW (hWnd=0x1100ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0184.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0184.132] IsAppThemed () returned 0x1
[0184.132] GetThemeAppProperties () returned 0x3
[0184.132] GetThemeAppProperties () returned 0x3
[0184.132] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d99658 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0184.132] IsAppThemed () returned 0x1
[0184.132] GetThemeAppProperties () returned 0x3
[0184.132] GetThemeAppProperties () returned 0x3
[0184.132] IsAppThemed () returned 0x1
[0184.132] GetThemeAppProperties () returned 0x3
[0184.132] GetThemeAppProperties () returned 0x3
[0184.132] GetFocus () returned 0x10013e
[0184.133] IsAppThemed () returned 0x1
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] IsAppThemed () returned 0x1
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] IsThemePartDefined () returned 0x1
[0184.133] IsAppThemed () returned 0x1
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0184.133] IsAppThemed () returned 0x1
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] IsAppThemed () returned 0x1
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] GetThemeAppProperties () returned 0x3
[0184.133] IsThemePartDefined () returned 0x1
[0184.133] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0184.133] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.133] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0184.133] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0184.134] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0184.134] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0184.134] LocalFree (hMem=0x11eec58) returned 0x0
[0184.134] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0184.134] LocalFree (hMem=0x11ee8d8) returned 0x0
[0184.134] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0184.134] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0184.134] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0184.134] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0184.134] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.134] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0184.134] GetCurrentObject (hdc=0x860107bb, type=0x1) returned 0xb00017
[0184.134] GetCurrentObject (hdc=0x860107bb, type=0x2) returned 0x900010
[0184.134] GetCurrentObject (hdc=0x860107bb, type=0x7) returned 0x4a0507fe
[0184.134] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.134] SaveDC (hdc=0x860107bb) returned 1
[0184.134] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x21040807
[0184.134] GetClipRgn (hdc=0x860107bb, hrgn=0x21040807) returned 0
[0184.135] SelectClipRgn (hdc=0x860107bb, hrgn=0xab0407de) returned 2
[0184.135] DeleteObject (ho=0x21040807) returned 1
[0184.135] DeleteObject (ho=0xab0407de) returned 1
[0184.135] OffsetViewportOrgEx (in: hdc=0x860107bb, x=0, y=0, lppt=0x2d99d08 | out: lppt=0x2d99d08) returned 1
[0184.135] DrawThemeParentBackground () returned 0x0
[0184.135] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0184.135] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0184.135] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.135] GetSystemMetrics (nIndex=42) returned 0
[0184.135] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0184.135] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0184.135] GetCurrentObject (hdc=0x860107bb, type=0x1) returned 0xb00017
[0184.136] GetCurrentObject (hdc=0x860107bb, type=0x2) returned 0x900010
[0184.136] GetCurrentObject (hdc=0x860107bb, type=0x7) returned 0x4a0507fe
[0184.136] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.136] SaveDC (hdc=0x860107bb) returned 2
[0184.136] GetNearestColor (hdc=0x860107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.136] CreateSolidBrush (color=0xf0f0f0) returned 0xb21007e1
[0184.136] FillRect (hDC=0x860107bb, lprc=0xd7da38, hbr=0xb21007e1) returned 1
[0184.136] DeleteObject (ho=0xb21007e1) returned 1
[0184.136] RestoreDC (hdc=0x860107bb, nSavedDC=-1) returned 1
[0184.136] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.136] GetSystemMetrics (nIndex=42) returned 0
[0184.136] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0184.136] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0184.137] GetCurrentObject (hdc=0x860107bb, type=0x1) returned 0xb00017
[0184.137] GetCurrentObject (hdc=0x860107bb, type=0x2) returned 0x900010
[0184.137] GetCurrentObject (hdc=0x860107bb, type=0x7) returned 0x4a0507fe
[0184.137] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.137] SaveDC (hdc=0x860107bb) returned 2
[0184.137] GetNearestColor (hdc=0x860107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.137] CreateSolidBrush (color=0xf0f0f0) returned 0xb31007e1
[0184.137] FillRect (hDC=0x860107bb, lprc=0xd7d9d8, hbr=0xb31007e1) returned 1
[0184.137] DeleteObject (ho=0xb31007e1) returned 1
[0184.137] RestoreDC (hdc=0x860107bb, nSavedDC=-1) returned 1
[0184.137] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.137] GetSystemMetrics (nIndex=42) returned 0
[0184.137] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0184.142] RestoreDC (hdc=0x860107bb, nSavedDC=-1) returned 1
[0184.142] GdipReleaseDC (graphics=0x6600030, hdc=0x860107bb) returned 0x0
[0184.142] IsAppThemed () returned 0x1
[0184.142] GetThemeAppProperties () returned 0x3
[0184.142] GetThemeAppProperties () returned 0x3
[0184.142] IsAppThemed () returned 0x1
[0184.142] GetThemeAppProperties () returned 0x3
[0184.142] GetThemeAppProperties () returned 0x3
[0184.142] IsThemePartDefined () returned 0x1
[0184.142] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0184.142] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.142] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0184.142] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0184.142] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0184.142] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.142] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0184.143] LocalFree (hMem=0x11ee788) returned 0x0
[0184.143] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0184.143] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0184.143] LocalFree (hMem=0x11ee9f0) returned 0x0
[0184.143] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0184.143] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0184.143] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0184.143] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0184.143] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.143] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0184.143] GetCurrentObject (hdc=0x860107bb, type=0x1) returned 0xb00017
[0184.143] GetCurrentObject (hdc=0x860107bb, type=0x2) returned 0x900010
[0184.143] GetCurrentObject (hdc=0x860107bb, type=0x7) returned 0x4a0507fe
[0184.143] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.143] SaveDC (hdc=0x860107bb) returned 1
[0184.143] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xac0407de
[0184.144] GetClipRgn (hdc=0x860107bb, hrgn=0xac0407de) returned 0
[0184.144] SelectClipRgn (hdc=0x860107bb, hrgn=0x23040807) returned 2
[0184.144] DeleteObject (ho=0xac0407de) returned 1
[0184.144] DeleteObject (ho=0x23040807) returned 1
[0184.144] OffsetViewportOrgEx (in: hdc=0x860107bb, x=0, y=0, lppt=0x2d9a5b4 | out: lppt=0x2d9a5b4) returned 1
[0184.144] IsAppThemed () returned 0x1
[0184.144] GetThemeAppProperties () returned 0x3
[0184.144] GetThemeAppProperties () returned 0x3
[0184.144] DrawThemeBackground () returned 0x0
[0184.144] RestoreDC (hdc=0x860107bb, nSavedDC=-1) returned 1
[0184.144] GdipReleaseDC (graphics=0x6600030, hdc=0x860107bb) returned 0x0
[0184.144] GdipCreateRegion (region=0xd7df60) returned 0x0
[0184.144] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0184.144] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0184.144] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0184.144] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0184.145] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.145] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0184.145] LocalFree (hMem=0x11eec58) returned 0x0
[0184.145] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0184.145] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0184.145] LocalFree (hMem=0x11ee8d8) returned 0x0
[0184.145] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0184.145] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0184.145] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df90) returned 0x0
[0184.145] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0184.145] GdipDeleteRegion (region=0x6646718) returned 0x0
[0184.145] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0184.145] GetCurrentObject (hdc=0x860107bb, type=0x1) returned 0xb00017
[0184.145] GetCurrentObject (hdc=0x860107bb, type=0x2) returned 0x900010
[0184.146] GetCurrentObject (hdc=0x860107bb, type=0x7) returned 0x4a0507fe
[0184.146] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.146] SaveDC (hdc=0x860107bb) returned 1
[0184.146] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x24040807
[0184.146] GetClipRgn (hdc=0x860107bb, hrgn=0x24040807) returned 0
[0184.146] SelectClipRgn (hdc=0x860107bb, hrgn=0xad0407de) returned 2
[0184.146] DeleteObject (ho=0x24040807) returned 1
[0184.146] DeleteObject (ho=0xad0407de) returned 1
[0184.146] OffsetViewportOrgEx (in: hdc=0x860107bb, x=0, y=0, lppt=0x2d9a888 | out: lppt=0x2d9a888) returned 1
[0184.146] IsAppThemed () returned 0x1
[0184.146] GetThemeAppProperties () returned 0x3
[0184.146] GetThemeAppProperties () returned 0x3
[0184.146] GetThemeBackgroundContentRect () returned 0x0
[0184.147] RestoreDC (hdc=0x860107bb, nSavedDC=-1) returned 1
[0184.147] GdipReleaseDC (graphics=0x6600030, hdc=0x860107bb) returned 0x0
[0184.147] IsAppThemed () returned 0x1
[0184.147] GetThemeAppProperties () returned 0x3
[0184.147] GetThemeAppProperties () returned 0x3
[0184.147] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0184.147] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0184.147] GetCurrentObject (hdc=0x860107bb, type=0x1) returned 0xb00017
[0184.147] GetCurrentObject (hdc=0x860107bb, type=0x2) returned 0x900010
[0184.147] GetCurrentObject (hdc=0x860107bb, type=0x7) returned 0x4a0507fe
[0184.147] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.147] SaveDC (hdc=0x860107bb) returned 1
[0184.147] GetTextAlign (hdc=0x860107bb) returned 0x0
[0184.147] GetTextColor (hdc=0x860107bb) returned 0x0
[0184.147] GetCurrentObject (hdc=0x860107bb, type=0x6) returned 0x8a01c2
[0184.148] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0184.148] SelectObject (hdc=0x860107bb, h=0x6d0a0520) returned 0x8a01c2
[0184.148] GetBkMode (hdc=0x860107bb) returned 2
[0184.148] SetBkMode (hdc=0x860107bb, mode=1) returned 2
[0184.148] DrawTextExW (in: hdc=0x860107bb, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d9ac28 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0184.148] DrawTextExW (in: hdc=0x860107bb, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d9ac28 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0184.149] RestoreDC (hdc=0x860107bb, nSavedDC=-1) returned 1
[0184.149] GdipReleaseDC (graphics=0x6600030, hdc=0x860107bb) returned 0x0
[0184.149] GetFocus () returned 0x10013e
[0184.149] IsAppThemed () returned 0x1
[0184.149] GetThemeAppProperties () returned 0x3
[0184.149] GetThemeAppProperties () returned 0x3
[0184.149] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0184.149] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x860107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.149] GdipReleaseDC (graphics=0x6600030, hdc=0x860107bb) returned 0x0
[0184.149] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.149] SelectObject (hdc=0x860107bb, h=0x85000f) returned 0x4a0507fe
[0184.149] DeleteDC (hdc=0x860107bb) returned 1
[0184.149] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.150] EndPaint (hWnd=0xf02d2, lpPaint=0xd7e24c) returned 1
[0184.150] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.150] IsWindowUnicode (hWnd=0x602c4) returned 1
[0184.150] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.150] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.150] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.150] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0184.150] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.150] CreateCompatibleDC (hdc=0xf0105ee) returned 0x880107bb
[0184.151] SelectObject (hdc=0x880107bb, h=0x4a0507fe) returned 0x85000f
[0184.151] GdipCreateFromHDC (hdc=0x880107bb, graphics=0xd7e268) returned 0x0
[0184.151] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.151] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0184.151] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0184.151] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0184.151] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0184.151] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.151] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0184.151] LocalFree (hMem=0x11ee788) returned 0x0
[0184.151] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0184.151] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0184.151] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.151] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0184.152] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0184.152] GdipRestoreGraphics (graphics=0x6600030, state=0xfb9c0dbd) returned 0x0
[0184.152] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.152] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0184.152] GetCurrentObject (hdc=0x880107bb, type=0x1) returned 0xb00017
[0184.152] GetCurrentObject (hdc=0x880107bb, type=0x2) returned 0x900010
[0184.152] GetCurrentObject (hdc=0x880107bb, type=0x7) returned 0x4a0507fe
[0184.152] GetCurrentObject (hdc=0x880107bb, type=0x6) returned 0x8a01c2
[0184.152] SaveDC (hdc=0x880107bb) returned 1
[0184.152] GetNearestColor (hdc=0x880107bb, color=0xff) returned 0xff
[0184.152] GetNearestColor (hdc=0x880107bb, color=0x55) returned 0x55
[0184.152] GetNearestColor (hdc=0x880107bb, color=0x0) returned 0x0
[0184.152] GetNearestColor (hdc=0x880107bb, color=0x55) returned 0x55
[0184.152] GetNearestColor (hdc=0x880107bb, color=0x0) returned 0x0
[0184.153] GetNearestColor (hdc=0x880107bb, color=0x8080ff) returned 0x8080ff
[0184.153] GetNearestColor (hdc=0x880107bb, color=0x7373e5) returned 0x7373e5
[0184.153] GetNearestColor (hdc=0x880107bb, color=0xe5) returned 0xe5
[0184.153] GetNearestColor (hdc=0x880107bb, color=0x0) returned 0x0
[0184.153] RestoreDC (hdc=0x880107bb, nSavedDC=-1) returned 1
[0184.153] GdipReleaseDC (graphics=0x6600030, hdc=0x880107bb) returned 0x0
[0184.153] IsAppThemed () returned 0x1
[0184.153] GetThemeAppProperties () returned 0x3
[0184.153] GetThemeAppProperties () returned 0x3
[0184.153] IsAppThemed () returned 0x1
[0184.153] GetThemeAppProperties () returned 0x3
[0184.154] GetThemeAppProperties () returned 0x3
[0184.154] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d9b3f0 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0184.154] IsAppThemed () returned 0x1
[0184.154] GetThemeAppProperties () returned 0x3
[0184.154] GetThemeAppProperties () returned 0x3
[0184.154] IsAppThemed () returned 0x1
[0184.154] GetThemeAppProperties () returned 0x3
[0184.154] GetThemeAppProperties () returned 0x3
[0184.154] GetFocus () returned 0x10013e
[0184.154] IsAppThemed () returned 0x1
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] IsAppThemed () returned 0x1
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] IsThemePartDefined () returned 0x1
[0184.155] IsAppThemed () returned 0x1
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0184.155] IsAppThemed () returned 0x1
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] IsAppThemed () returned 0x1
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] GetThemeAppProperties () returned 0x3
[0184.155] IsThemePartDefined () returned 0x1
[0184.155] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0184.156] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.156] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0184.156] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0184.156] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0184.156] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0184.156] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0184.156] LocalFree (hMem=0x11eecc8) returned 0x0
[0184.156] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.156] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0184.156] LocalFree (hMem=0x11eec58) returned 0x0
[0184.156] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0184.156] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0184.156] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0184.156] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0184.156] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.156] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0184.156] GetCurrentObject (hdc=0x880107bb, type=0x1) returned 0xb00017
[0184.157] GetCurrentObject (hdc=0x880107bb, type=0x2) returned 0x900010
[0184.157] GetCurrentObject (hdc=0x880107bb, type=0x7) returned 0x4a0507fe
[0184.157] GetCurrentObject (hdc=0x880107bb, type=0x6) returned 0x8a01c2
[0184.157] SaveDC (hdc=0x880107bb) returned 1
[0184.157] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xae0407de
[0184.157] GetClipRgn (hdc=0x880107bb, hrgn=0xae0407de) returned 0
[0184.157] SelectClipRgn (hdc=0x880107bb, hrgn=0x28040807) returned 2
[0184.157] DeleteObject (ho=0xae0407de) returned 1
[0184.157] DeleteObject (ho=0x28040807) returned 1
[0184.157] OffsetViewportOrgEx (in: hdc=0x880107bb, x=0, y=0, lppt=0x2d9baa0 | out: lppt=0x2d9baa0) returned 1
[0184.157] DrawThemeParentBackground () returned 0x0
[0184.157] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0184.157] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0184.158] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0184.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.158] GetSystemMetrics (nIndex=42) returned 0
[0184.158] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0184.158] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0184.158] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0184.158] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0184.158] SelectPalette (hdc=0x880107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.158] GdipCreateFromHDC (hdc=0x880107bb, graphics=0xd7dac8) returned 0x0
[0184.158] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0184.158] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0184.158] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638ae8) returned 0x0
[0184.158] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7daa0) returned 0x0
[0184.158] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0184.159] GdipCreateRegion (region=0xd7da88) returned 0x0
[0184.159] GdipGetClip (graphics=0x6649968, region=0x6646298) returned 0x0
[0184.159] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6649968, result=0xd7da94) returned 0x0
[0184.159] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.159] GdipSaveGraphics (graphics=0x6649968, state=0xd7dac0) returned 0x0
[0184.159] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0184.175] GdipFillRectangleI (graphics=0x6649968, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0184.175] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0184.177] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0184.177] SelectPalette (hdc=0x880107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.177] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0184.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.177] GetSystemMetrics (nIndex=42) returned 0
[0184.177] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0184.177] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0184.177] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0184.177] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0184.177] SelectPalette (hdc=0x880107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.177] GdipCreateFromHDC (hdc=0x880107bb, graphics=0xd7da68) returned 0x0
[0184.178] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0184.178] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0184.178] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638a88) returned 0x0
[0184.178] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7da40) returned 0x0
[0184.178] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0184.178] GdipCreateRegion (region=0xd7da28) returned 0x0
[0184.178] GdipGetClip (graphics=0x6649968, region=0x6646718) returned 0x0
[0184.178] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6649968, result=0xd7da34) returned 0x0
[0184.178] GdipDeleteRegion (region=0x6646718) returned 0x0
[0184.178] GdipSaveGraphics (graphics=0x6649968, state=0xd7da60) returned 0x0
[0184.178] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0184.192] GdipFillRectangleI (graphics=0x6649968, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0184.192] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0184.194] GdipRestoreGraphics (graphics=0x6649968, state=0xfb980dbd) returned 0x0
[0184.194] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0184.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.194] GetSystemMetrics (nIndex=42) returned 0
[0184.194] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0184.194] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0184.194] SelectPalette (hdc=0x880107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.195] RestoreDC (hdc=0x880107bb, nSavedDC=-1) returned 1
[0184.195] GdipReleaseDC (graphics=0x6600030, hdc=0x880107bb) returned 0x0
[0184.195] IsAppThemed () returned 0x1
[0184.195] GetThemeAppProperties () returned 0x3
[0184.195] GetThemeAppProperties () returned 0x3
[0184.195] IsAppThemed () returned 0x1
[0184.195] GetThemeAppProperties () returned 0x3
[0184.195] GetThemeAppProperties () returned 0x3
[0184.195] IsThemePartDefined () returned 0x1
[0184.195] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0184.195] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.195] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0184.195] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0184.195] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0184.196] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.196] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0184.196] LocalFree (hMem=0x11eec58) returned 0x0
[0184.196] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.196] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0184.196] LocalFree (hMem=0x11eec58) returned 0x0
[0184.196] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0184.196] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0184.196] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0184.196] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0184.196] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.196] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0184.196] GetCurrentObject (hdc=0x880107bb, type=0x1) returned 0xb00017
[0184.196] GetCurrentObject (hdc=0x880107bb, type=0x2) returned 0x900010
[0184.196] GetCurrentObject (hdc=0x880107bb, type=0x7) returned 0x4a0507fe
[0184.196] GetCurrentObject (hdc=0x880107bb, type=0x6) returned 0x8a01c2
[0184.196] SaveDC (hdc=0x880107bb) returned 1
[0184.197] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x29040807
[0184.197] GetClipRgn (hdc=0x880107bb, hrgn=0x29040807) returned 0
[0184.197] SelectClipRgn (hdc=0x880107bb, hrgn=0xb00407de) returned 2
[0184.197] DeleteObject (ho=0x29040807) returned 1
[0184.197] DeleteObject (ho=0xb00407de) returned 1
[0184.197] OffsetViewportOrgEx (in: hdc=0x880107bb, x=0, y=0, lppt=0x2da22f0 | out: lppt=0x2da22f0) returned 1
[0184.197] IsAppThemed () returned 0x1
[0184.197] GetThemeAppProperties () returned 0x3
[0184.197] GetThemeAppProperties () returned 0x3
[0184.197] DrawThemeBackground () returned 0x0
[0184.197] RestoreDC (hdc=0x880107bb, nSavedDC=-1) returned 1
[0184.197] GdipReleaseDC (graphics=0x6600030, hdc=0x880107bb) returned 0x0
[0184.197] GdipCreateRegion (region=0xd7df60) returned 0x0
[0184.197] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.197] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0184.198] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0184.198] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0184.198] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.198] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0184.198] LocalFree (hMem=0x11ee788) returned 0x0
[0184.198] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0184.198] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eead0) returned 0x0
[0184.198] LocalFree (hMem=0x11eead0) returned 0x0
[0184.198] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0184.198] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0184.198] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0184.198] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0184.198] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.198] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0184.198] GetCurrentObject (hdc=0x880107bb, type=0x1) returned 0xb00017
[0184.198] GetCurrentObject (hdc=0x880107bb, type=0x2) returned 0x900010
[0184.198] GetCurrentObject (hdc=0x880107bb, type=0x7) returned 0x4a0507fe
[0184.198] GetCurrentObject (hdc=0x880107bb, type=0x6) returned 0x8a01c2
[0184.199] SaveDC (hdc=0x880107bb) returned 1
[0184.199] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb10407de
[0184.199] GetClipRgn (hdc=0x880107bb, hrgn=0xb10407de) returned 0
[0184.199] SelectClipRgn (hdc=0x880107bb, hrgn=0x2a040807) returned 2
[0184.199] DeleteObject (ho=0xb10407de) returned 1
[0184.199] DeleteObject (ho=0x2a040807) returned 1
[0184.199] OffsetViewportOrgEx (in: hdc=0x880107bb, x=0, y=0, lppt=0x2da25c4 | out: lppt=0x2da25c4) returned 1
[0184.199] IsAppThemed () returned 0x1
[0184.199] GetThemeAppProperties () returned 0x3
[0184.199] GetThemeAppProperties () returned 0x3
[0184.199] GetThemeBackgroundContentRect () returned 0x0
[0184.199] RestoreDC (hdc=0x880107bb, nSavedDC=-1) returned 1
[0184.199] GdipReleaseDC (graphics=0x6600030, hdc=0x880107bb) returned 0x0
[0184.199] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0184.199] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0184.199] GdipFillRectangleI (graphics=0x6600030, brush=0x6649968, x=4, y=4, width=67, height=15) returned 0x0
[0184.199] GdipDeleteBrush (brush=0x6649968) returned 0x0
[0184.199] IsAppThemed () returned 0x1
[0184.199] GetThemeAppProperties () returned 0x3
[0184.200] GetThemeAppProperties () returned 0x3
[0184.200] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0184.200] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0184.200] GetCurrentObject (hdc=0x880107bb, type=0x1) returned 0xb00017
[0184.200] GetCurrentObject (hdc=0x880107bb, type=0x2) returned 0x900010
[0184.200] GetCurrentObject (hdc=0x880107bb, type=0x7) returned 0x4a0507fe
[0184.200] GetCurrentObject (hdc=0x880107bb, type=0x6) returned 0x8a01c2
[0184.200] SaveDC (hdc=0x880107bb) returned 1
[0184.204] GetTextAlign (hdc=0x880107bb) returned 0x0
[0184.204] GetTextColor (hdc=0x880107bb) returned 0x0
[0184.204] GetCurrentObject (hdc=0x880107bb, type=0x6) returned 0x8a01c2
[0184.204] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0184.205] SelectObject (hdc=0x880107bb, h=0x6d0a0520) returned 0x8a01c2
[0184.205] GetBkMode (hdc=0x880107bb) returned 2
[0184.205] SetBkMode (hdc=0x880107bb, mode=1) returned 2
[0184.205] DrawTextExW (in: hdc=0x880107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2da2988 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0184.205] DrawTextExW (in: hdc=0x880107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2da2988 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0184.205] RestoreDC (hdc=0x880107bb, nSavedDC=-1) returned 1
[0184.206] GdipReleaseDC (graphics=0x6600030, hdc=0x880107bb) returned 0x0
[0184.206] GetFocus () returned 0x10013e
[0184.206] IsAppThemed () returned 0x1
[0184.206] GetThemeAppProperties () returned 0x3
[0184.206] GetThemeAppProperties () returned 0x3
[0184.206] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0184.206] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x880107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.206] GdipReleaseDC (graphics=0x6600030, hdc=0x880107bb) returned 0x0
[0184.206] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.206] SelectObject (hdc=0x880107bb, h=0x85000f) returned 0x4a0507fe
[0184.206] DeleteDC (hdc=0x880107bb) returned 1
[0184.207] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.207] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0184.207] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.207] IsWindowUnicode (hWnd=0xe02de) returned 1
[0184.207] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.207] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.207] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.207] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.207] IsWindowUnicode (hWnd=0xe02de) returned 1
[0184.207] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.207] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.207] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.207] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x2a1, wParam=0x0, lParam=0xe002e) returned 0x0
[0184.208] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0184.208] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0184.208] WaitMessage () returned 1
[0184.309] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.310] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.310] IsWindowUnicode (hWnd=0xe02de) returned 1
[0184.310] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.310] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.310] GetDlgItem (hDlg=0x1100ea, nIDDlgItem=0) returned 0x0
[0184.310] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x210, wParam=0x201, lParam=0x6c010f) returned 0x0
[0184.310] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x21, wParam=0x1100ea, lParam=0x2010001) returned 0x1
[0184.310] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x21, wParam=0x1100ea, lParam=0x2010001) returned 0x1
[0184.311] SetCursor (hCursor=0x10003) returned 0x10003
[0184.311] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.311] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.311] GetKeyState (nVirtKey=1) returned -127
[0184.311] GetKeyState (nVirtKey=2) returned 0
[0184.311] GetKeyState (nVirtKey=4) returned 0
[0184.311] GetKeyState (nVirtKey=5) returned 0
[0184.311] GetKeyState (nVirtKey=6) returned 0
[0184.311] IsWindowVisible (hWnd=0xe02de) returned 1
[0184.311] IsWindowEnabled (hWnd=0xe02de) returned 1
[0184.311] SetFocus (hWnd=0xe02de) returned 0x10013e
[0184.311] GetFocus () returned 0xe02de
[0184.312] IsChild (hWndParent=0x1100ea, hWnd=0xe02de) returned 1
[0184.312] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x8, wParam=0xe02de, lParam=0x0) returned 0x0
[0184.312] GetCapture () returned 0x0
[0184.312] InvalidateRect (hWnd=0x10013e, lpRect=0x0, bErase=0) returned 1
[0184.313] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0184.314] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0184.316] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0184.316] InvalidateRect (hWnd=0x10013e, lpRect=0x0, bErase=0) returned 1
[0184.316] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x7, wParam=0x10013e, lParam=0x0) returned 0x0
[0184.316] GetStockObject (i=5) returned 0x900015
[0184.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0184.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0184.317] GetDlgItem (hDlg=0x1100ea, nIDDlgItem=918238) returned 0xe02de
[0184.317] SendMessageW (hWnd=0xe02de, Msg=0x202b, wParam=0xe02de, lParam=0xd7dddc) returned 0x0
[0184.317] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x202b, wParam=0xe02de, lParam=0xd7dddc) returned 0x0
[0184.317] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.318] GetFocus () returned 0xe02de
[0184.318] GetFocus () returned 0xe02de
[0184.318] GetFocus () returned 0xe02de
[0184.319] GetKeyState (nVirtKey=1) returned -127
[0184.319] GetKeyState (nVirtKey=2) returned 0
[0184.319] GetKeyState (nVirtKey=4) returned 0
[0184.319] GetKeyState (nVirtKey=5) returned 0
[0184.319] GetKeyState (nVirtKey=6) returned 0
[0184.319] GetCapture () returned 0x0
[0184.319] SetCapture (hWnd=0xe02de) returned 0x0
[0184.319] GetKeyState (nVirtKey=1) returned -127
[0184.319] GetKeyState (nVirtKey=2) returned 0
[0184.319] GetKeyState (nVirtKey=4) returned 0
[0184.319] GetKeyState (nVirtKey=5) returned 0
[0184.319] GetKeyState (nVirtKey=6) returned 0
[0184.319] NotifyWinEvent (event=0x800a, hwnd=0xe02de, idObject=-4, idChild=0)
[0184.319] InvalidateRect (hWnd=0xe02de, lpRect=0xd7e430, bErase=0) returned 1
[0184.319] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.319] IsWindowUnicode (hWnd=0xe02de) returned 1
[0184.319] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.319] TranslateMessage (lpMsg=0xd7e808) returned 0
[0184.319] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0184.320] MapWindowPoints (in: hWndFrom=0xe02de, hWndTo=0x0, lpPoints=0x2da2b9c, cPoints=0x1 | out: lpPoints=0x2da2b9c) returned 30999254
[0184.320] NotifyWinEvent (event=0x800a, hwnd=0xe02de, idObject=-4, idChild=0)
[0184.320] InvalidateRect (hWnd=0xe02de, lpRect=0xd7e3d0, bErase=0) returned 1
[0184.320] UpdateWindow (hWnd=0xe02de) returned 1
[0184.320] BeginPaint (in: hWnd=0xe02de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0184.320] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.320] CreateCompatibleDC (hdc=0x60100ce) returned 0x890107bb
[0184.320] SelectObject (hdc=0x890107bb, h=0x4a0507fe) returned 0x85000f
[0184.320] GdipCreateFromHDC (hdc=0x890107bb, graphics=0xd7df00) returned 0x0
[0184.320] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.320] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0184.320] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0184.321] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0184.321] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df60) returned 0x0
[0184.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.321] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0184.321] LocalFree (hMem=0x11ee788) returned 0x0
[0184.321] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0184.321] GdipCreateRegion (region=0xd7df48) returned 0x0
[0184.321] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0184.321] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0184.321] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0184.321] GdipRestoreGraphics (graphics=0x6600030, state=0xfb960dbd) returned 0x0
[0184.321] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0184.321] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0184.321] GetCurrentObject (hdc=0x890107bb, type=0x1) returned 0xb00017
[0184.321] GetCurrentObject (hdc=0x890107bb, type=0x2) returned 0x900010
[0184.321] GetCurrentObject (hdc=0x890107bb, type=0x7) returned 0x4a0507fe
[0184.322] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.322] SaveDC (hdc=0x890107bb) returned 1
[0184.322] GetNearestColor (hdc=0x890107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.322] GetNearestColor (hdc=0x890107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.322] GetNearestColor (hdc=0x890107bb, color=0x696969) returned 0x696969
[0184.322] GetNearestColor (hdc=0x890107bb, color=0xa0a0a0) returned 0xa0a0a0
[0184.322] GetNearestColor (hdc=0x890107bb, color=0x0) returned 0x0
[0184.322] GetNearestColor (hdc=0x890107bb, color=0xffffff) returned 0xffffff
[0184.322] GetNearestColor (hdc=0x890107bb, color=0xe5e5e5) returned 0xe5e5e5
[0184.322] GetNearestColor (hdc=0x890107bb, color=0xd7d7d7) returned 0xd7d7d7
[0184.322] GetNearestColor (hdc=0x890107bb, color=0x0) returned 0x0
[0184.322] RestoreDC (hdc=0x890107bb, nSavedDC=-1) returned 1
[0184.322] GdipReleaseDC (graphics=0x6600030, hdc=0x890107bb) returned 0x0
[0184.323] IsAppThemed () returned 0x1
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] IsAppThemed () returned 0x1
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2da32f4 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0184.323] IsAppThemed () returned 0x1
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] IsAppThemed () returned 0x1
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] GetThemeAppProperties () returned 0x3
[0184.323] IsAppThemed () returned 0x1
[0184.323] GetThemeAppProperties () returned 0x3
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] IsAppThemed () returned 0x1
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] IsThemePartDefined () returned 0x1
[0184.324] IsAppThemed () returned 0x1
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0184.324] IsAppThemed () returned 0x1
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] IsAppThemed () returned 0x1
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] GetThemeAppProperties () returned 0x3
[0184.324] IsThemePartDefined () returned 0x1
[0184.324] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0184.324] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.324] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0184.324] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0184.324] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc7c) returned 0x0
[0184.324] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.325] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0184.325] LocalFree (hMem=0x11eec58) returned 0x0
[0184.325] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.325] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0184.325] LocalFree (hMem=0x11ee788) returned 0x0
[0184.325] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0184.364] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0184.364] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0184.364] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0184.364] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.364] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0184.364] GetCurrentObject (hdc=0x890107bb, type=0x1) returned 0xb00017
[0184.364] GetCurrentObject (hdc=0x890107bb, type=0x2) returned 0x900010
[0184.364] GetCurrentObject (hdc=0x890107bb, type=0x7) returned 0x4a0507fe
[0184.364] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.364] SaveDC (hdc=0x890107bb) returned 1
[0184.364] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b040807
[0184.365] GetClipRgn (hdc=0x890107bb, hrgn=0x2b040807) returned 0
[0184.365] SelectClipRgn (hdc=0x890107bb, hrgn=0xb50407de) returned 2
[0184.365] DeleteObject (ho=0x2b040807) returned 1
[0184.365] DeleteObject (ho=0xb50407de) returned 1
[0184.365] OffsetViewportOrgEx (in: hdc=0x890107bb, x=0, y=0, lppt=0x2da39a4 | out: lppt=0x2da39a4) returned 1
[0184.365] DrawThemeParentBackground () returned 0x0
[0184.365] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0184.365] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0184.365] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.365] GetSystemMetrics (nIndex=42) returned 0
[0184.365] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0184.365] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0184.365] GetCurrentObject (hdc=0x890107bb, type=0x1) returned 0xb00017
[0184.365] GetCurrentObject (hdc=0x890107bb, type=0x2) returned 0x900010
[0184.365] GetCurrentObject (hdc=0x890107bb, type=0x7) returned 0x4a0507fe
[0184.365] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.366] SaveDC (hdc=0x890107bb) returned 2
[0184.366] GetNearestColor (hdc=0x890107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.366] CreateSolidBrush (color=0xf0f0f0) returned 0xb41007e1
[0184.366] FillRect (hDC=0x890107bb, lprc=0xd7d6c8, hbr=0xb41007e1) returned 1
[0184.366] DeleteObject (ho=0xb41007e1) returned 1
[0184.366] RestoreDC (hdc=0x890107bb, nSavedDC=-1) returned 1
[0184.366] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.366] GetSystemMetrics (nIndex=42) returned 0
[0184.366] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0184.366] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0184.366] GetCurrentObject (hdc=0x890107bb, type=0x1) returned 0xb00017
[0184.366] GetCurrentObject (hdc=0x890107bb, type=0x2) returned 0x900010
[0184.366] GetCurrentObject (hdc=0x890107bb, type=0x7) returned 0x4a0507fe
[0184.366] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.366] SaveDC (hdc=0x890107bb) returned 2
[0184.366] GetNearestColor (hdc=0x890107bb, color=0xf0f0f0) returned 0xf0f0f0
[0184.366] CreateSolidBrush (color=0xf0f0f0) returned 0xb51007e1
[0184.367] FillRect (hDC=0x890107bb, lprc=0xd7d668, hbr=0xb51007e1) returned 1
[0184.367] DeleteObject (ho=0xb51007e1) returned 1
[0184.367] RestoreDC (hdc=0x890107bb, nSavedDC=-1) returned 1
[0184.367] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.367] GetSystemMetrics (nIndex=42) returned 0
[0184.367] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0184.367] RestoreDC (hdc=0x890107bb, nSavedDC=-1) returned 1
[0184.367] GdipReleaseDC (graphics=0x6600030, hdc=0x890107bb) returned 0x0
[0184.367] IsAppThemed () returned 0x1
[0184.367] GetThemeAppProperties () returned 0x3
[0184.367] GetThemeAppProperties () returned 0x3
[0184.367] IsAppThemed () returned 0x1
[0184.367] GetThemeAppProperties () returned 0x3
[0184.367] GetThemeAppProperties () returned 0x3
[0184.367] IsThemePartDefined () returned 0x1
[0184.367] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0184.368] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.368] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0184.368] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0184.368] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0184.368] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0184.368] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0184.368] LocalFree (hMem=0x11ee9f0) returned 0x0
[0184.368] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.368] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0184.368] LocalFree (hMem=0x11ee788) returned 0x0
[0184.368] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0184.368] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0184.368] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0184.368] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0184.368] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.368] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0184.368] GetCurrentObject (hdc=0x890107bb, type=0x1) returned 0xb00017
[0184.368] GetCurrentObject (hdc=0x890107bb, type=0x2) returned 0x900010
[0184.368] GetCurrentObject (hdc=0x890107bb, type=0x7) returned 0x4a0507fe
[0184.368] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.368] SaveDC (hdc=0x890107bb) returned 1
[0184.369] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb60407de
[0184.369] GetClipRgn (hdc=0x890107bb, hrgn=0xb60407de) returned 0
[0184.369] SelectClipRgn (hdc=0x890107bb, hrgn=0x2d040807) returned 2
[0184.369] DeleteObject (ho=0xb60407de) returned 1
[0184.369] DeleteObject (ho=0x2d040807) returned 1
[0184.369] OffsetViewportOrgEx (in: hdc=0x890107bb, x=0, y=0, lppt=0x2da4250 | out: lppt=0x2da4250) returned 1
[0184.369] IsAppThemed () returned 0x1
[0184.369] GetThemeAppProperties () returned 0x3
[0184.369] GetThemeAppProperties () returned 0x3
[0184.369] DrawThemeBackground () returned 0x0
[0184.369] RestoreDC (hdc=0x890107bb, nSavedDC=-1) returned 1
[0184.369] GdipReleaseDC (graphics=0x6600030, hdc=0x890107bb) returned 0x0
[0184.369] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0184.369] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0184.369] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0184.369] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0184.369] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc04) returned 0x0
[0184.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0184.369] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0184.369] LocalFree (hMem=0x11eecc8) returned 0x0
[0184.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0184.369] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0184.370] LocalFree (hMem=0x11ee9f0) returned 0x0
[0184.370] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0184.370] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0184.370] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0184.370] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0184.370] GdipDeleteRegion (region=0x6646718) returned 0x0
[0184.370] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0184.370] GetCurrentObject (hdc=0x890107bb, type=0x1) returned 0xb00017
[0184.370] GetCurrentObject (hdc=0x890107bb, type=0x2) returned 0x900010
[0184.370] GetCurrentObject (hdc=0x890107bb, type=0x7) returned 0x4a0507fe
[0184.370] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.370] SaveDC (hdc=0x890107bb) returned 1
[0184.370] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e040807
[0184.370] GetClipRgn (hdc=0x890107bb, hrgn=0x2e040807) returned 0
[0184.370] SelectClipRgn (hdc=0x890107bb, hrgn=0xb70407de) returned 2
[0184.370] DeleteObject (ho=0x2e040807) returned 1
[0184.370] DeleteObject (ho=0xb70407de) returned 1
[0184.370] OffsetViewportOrgEx (in: hdc=0x890107bb, x=0, y=0, lppt=0x2da4524 | out: lppt=0x2da4524) returned 1
[0184.370] IsAppThemed () returned 0x1
[0184.370] GetThemeAppProperties () returned 0x3
[0184.370] GetThemeAppProperties () returned 0x3
[0184.371] GetThemeBackgroundContentRect () returned 0x0
[0184.371] RestoreDC (hdc=0x890107bb, nSavedDC=-1) returned 1
[0184.371] GdipReleaseDC (graphics=0x6600030, hdc=0x890107bb) returned 0x0
[0184.371] IsAppThemed () returned 0x1
[0184.371] GetThemeAppProperties () returned 0x3
[0184.371] GetThemeAppProperties () returned 0x3
[0184.371] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0184.371] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0184.371] GetCurrentObject (hdc=0x890107bb, type=0x1) returned 0xb00017
[0184.371] GetCurrentObject (hdc=0x890107bb, type=0x2) returned 0x900010
[0184.371] GetCurrentObject (hdc=0x890107bb, type=0x7) returned 0x4a0507fe
[0184.371] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.371] SaveDC (hdc=0x890107bb) returned 1
[0184.371] GetTextAlign (hdc=0x890107bb) returned 0x0
[0184.371] GetTextColor (hdc=0x890107bb) returned 0x0
[0184.371] GetCurrentObject (hdc=0x890107bb, type=0x6) returned 0x8a01c2
[0184.371] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0184.371] SelectObject (hdc=0x890107bb, h=0x6d0a0520) returned 0x8a01c2
[0184.371] GetBkMode (hdc=0x890107bb) returned 2
[0184.372] SetBkMode (hdc=0x890107bb, mode=1) returned 2
[0184.372] DrawTextExW (in: hdc=0x890107bb, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2da48c4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0184.373] DrawTextExW (in: hdc=0x890107bb, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2da48c4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0184.373] RestoreDC (hdc=0x890107bb, nSavedDC=-1) returned 1
[0184.373] GdipReleaseDC (graphics=0x6600030, hdc=0x890107bb) returned 0x0
[0184.373] GetFocus () returned 0xe02de
[0184.373] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0184.373] SendMessageW (hWnd=0x1100ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0184.373] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0184.373] IsAppThemed () returned 0x1
[0184.373] GetThemeAppProperties () returned 0x3
[0184.373] GetThemeAppProperties () returned 0x3
[0184.374] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0184.374] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x890107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.374] GdipReleaseDC (graphics=0x6600030, hdc=0x890107bb) returned 0x0
[0184.374] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.374] SelectObject (hdc=0x890107bb, h=0x85000f) returned 0x4a0507fe
[0184.374] DeleteDC (hdc=0x890107bb) returned 1
[0184.374] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.374] EndPaint (hWnd=0xe02de, lpPaint=0xd7dee4) returned 1
[0184.374] MapWindowPoints (in: hWndFrom=0xe02de, hWndTo=0x0, lpPoints=0x2da49c0, cPoints=0x1 | out: lpPoints=0x2da49c0) returned 30999254
[0184.374] WindowFromPoint (Point=0x304) returned 0xe02de
[0184.374] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.375] NotifyWinEvent (event=0x800a, hwnd=0xe02de, idObject=-4, idChild=0)
[0184.375] NotifyWinEvent (event=0x800c, hwnd=0xe02de, idObject=-4, idChild=0)
[0184.375] GetCapture () returned 0xe02de
[0184.375] ReleaseCapture () returned 1
[0184.375] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0184.375] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0184.375] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.375] IsWindow (hWnd=0x7005c) returned 1
[0184.375] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0184.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0184.376] IsWindow (hWnd=0x1100ea) returned 1
[0184.376] SetActiveWindow (hWnd=0x1100ea) returned 0x1100ea
[0184.376] IsWindow (hWnd=0x1100ea) returned 1
[0184.376] SetFocus (hWnd=0x1100ea) returned 0xe02de
[0184.377] GetFocus () returned 0x1100ea
[0184.377] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x8, wParam=0x1100ea, lParam=0x0) returned 0x0
[0184.377] GetCapture () returned 0x0
[0184.377] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0184.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0184.381] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0184.381] GetFocus () returned 0x1100ea
[0184.381] SetFocus (hWnd=0xe02de) returned 0x1100ea
[0184.382] GetFocus () returned 0xe02de
[0184.382] IsChild (hWndParent=0x1100ea, hWnd=0xe02de) returned 1
[0184.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x8, wParam=0xe02de, lParam=0x0) returned 0x0
[0184.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0184.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0184.385] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0184.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x7, wParam=0x1100ea, lParam=0x0) returned 0x0
[0184.385] GetStockObject (i=5) returned 0x900015
[0184.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0184.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0184.385] GetDlgItem (hDlg=0x1100ea, nIDDlgItem=918238) returned 0xe02de
[0184.385] SendMessageW (hWnd=0xe02de, Msg=0x202b, wParam=0xe02de, lParam=0xd7ddcc) returned 0x0
[0184.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x202b, wParam=0xe02de, lParam=0xd7ddcc) returned 0x0
[0184.386] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.388] GetWindowLongW (hWnd=0x1100ea, nIndex=-8) returned 458844
[0184.389] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0184.389] GetCurrentThreadId () returned 0xf50
[0184.389] IsWindow (hWnd=0x7005c) returned 1
[0184.389] IsWindow (hWnd=0x7005c) returned 1
[0184.389] IsWindowVisible (hWnd=0x7005c) returned 1
[0184.389] SetActiveWindow (hWnd=0x7005c) returned 0x1100ea
[0184.389] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0184.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0184.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0184.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0184.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0184.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0184.393] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0184.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0184.393] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0184.393] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0184.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0184.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0184.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0184.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1100ea) returned 0x1
[0184.397] GetFocus () returned 0xe02de
[0184.397] SetFocus (hWnd=0x602c4) returned 0xe02de
[0184.398] GetFocus () returned 0x602c4
[0184.398] IsChild (hWndParent=0x1100ea, hWnd=0x602c4) returned 0
[0184.398] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0184.398] GetCapture () returned 0x0
[0184.398] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.399] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0184.400] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0184.401] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0184.401] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0184.401] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0184.401] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0184.402] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0184.402] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xe02de, lParam=0x0) returned 0x0
[0184.402] GetStockObject (i=5) returned 0x900015
[0184.402] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0184.402] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed760) returned 0xc
[0184.402] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0184.402] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0184.402] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0184.402] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0184.404] GetFocus () returned 0x602c4
[0184.405] IsChild (hWndParent=0x1100ea, hWnd=0x602c4) returned 0
[0184.405] ShowWindow (hWnd=0x1100ea, nCmdShow=0) returned 1
[0184.405] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0184.405] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0184.406] GetWindowPlacement (in: hWnd=0x1100ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0184.406] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0184.406] GetClientRect (in: hWnd=0x1100ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0184.406] GetWindowRect (in: hWnd=0x1100ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0184.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0184.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0184.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0184.407] GetWindowLongW (hWnd=0x1100ea, nIndex=-20) returned 327945
[0184.407] DestroyWindow (hWnd=0x1100ea) returned 1
[0184.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0184.408] GetWindowTextLengthW (hWnd=0x1100ea) returned 13
[0184.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.408] GetSystemMetrics (nIndex=42) returned 0
[0184.408] GetWindowTextW (in: hWnd=0x1100ea, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0184.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0184.408] GetWindowTextLengthW (hWnd=0xe02da) returned 0
[0184.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0184.408] GetSystemMetrics (nIndex=42) returned 0
[0184.408] GetWindowTextW (in: hWnd=0xe02da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0184.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0184.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0184.408] GetWindowThreadProcessId (in: hWnd=0x1002d8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0184.408] GetWindow (hWnd=0x1002d8, uCmd=0x5) returned 0x0
[0184.408] GetWindowLongW (hWnd=0x1002d8, nIndex=-20) returned 65792
[0184.409] DestroyWindow (hWnd=0x1002d8) returned 1
[0184.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0184.409] GetWindowTextLengthW (hWnd=0x1002d8) returned 25
[0184.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0184.409] GetSystemMetrics (nIndex=42) returned 0
[0184.409] GetWindowTextW (in: hWnd=0x1002d8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0184.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0184.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0184.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.410] GetWindowTextLengthW (hWnd=0xc005a) returned 232
[0184.410] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0184.410] GetSystemMetrics (nIndex=42) returned 0
[0184.410] GetWindowTextW (in: hWnd=0xc005a, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0184.410] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0184.410] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0184.410] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0184.410] InvalidateRect (hWnd=0xe02de, lpRect=0x0, bErase=0) returned 1
[0184.410] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0184.410] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0184.411] SendMessageW (hWnd=0xe02dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0184.411] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0184.411] SendMessageW (hWnd=0xe02dc, Msg=0xb0, wParam=0x2d708c0, lParam=0xd7e480) returned 0x0
[0184.411] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0xb0, wParam=0x2d708c0, lParam=0xd7e480) returned 0x0
[0184.411] GetWindowTextLengthW (hWnd=0xe02dc) returned 4363
[0184.411] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0184.411] GetSystemMetrics (nIndex=42) returned 0
[0184.411] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0184.411] GetWindowTextW (in: hWnd=0xe02dc, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0184.411] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0184.411] CoTaskMemFree (pv=0x11fff70)
[0184.411] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0184.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.413] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xc005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x10013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.415] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.416] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.417] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xe02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.419] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1100ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0184.429] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.429] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.429] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.430] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.430] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.430] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.430] IsWindowUnicode (hWnd=0x7005c) returned 1
[0184.430] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.430] SetCursor (hCursor=0x10003) returned 0x10003
[0184.430] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.430] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.430] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0184.430] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0184.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0184.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1120246) returned 0x0
[0184.431] GetKeyState (nVirtKey=1) returned 1
[0184.431] GetKeyState (nVirtKey=2) returned 0
[0184.431] GetKeyState (nVirtKey=4) returned 0
[0184.431] GetKeyState (nVirtKey=5) returned 0
[0184.431] GetKeyState (nVirtKey=6) returned 0
[0184.431] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.431] IsWindowUnicode (hWnd=0x7005c) returned 1
[0184.431] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.431] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.431] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.432] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.432] IsWindowUnicode (hWnd=0x7005c) returned 1
[0184.432] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70304) returned 0x1
[0184.432] SetCursor (hCursor=0x10003) returned 0x10003
[0184.432] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.432] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1120246) returned 0x0
[0184.432] GetKeyState (nVirtKey=1) returned 1
[0184.432] GetKeyState (nVirtKey=2) returned 0
[0184.432] GetKeyState (nVirtKey=4) returned 0
[0184.432] GetKeyState (nVirtKey=5) returned 0
[0184.432] GetKeyState (nVirtKey=6) returned 0
[0184.432] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.433] IsWindowUnicode (hWnd=0x602c4) returned 1
[0184.433] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.433] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.433] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.433] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.433] IsWindowUnicode (hWnd=0x602c4) returned 1
[0184.434] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.434] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.434] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.434] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0184.434] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.434] CreateCompatibleDC (hdc=0x60100ce) returned 0x7010781
[0184.434] SelectObject (hdc=0x7010781, h=0x4a0507fe) returned 0x85000f
[0184.434] GdipCreateFromHDC (hdc=0x7010781, graphics=0xd7e798) returned 0x0
[0184.434] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0184.434] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0184.434] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0184.435] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0184.435] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e7f8) returned 0x0
[0184.435] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.435] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0184.435] LocalFree (hMem=0x11ee788) returned 0x0
[0184.435] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0184.435] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0184.435] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0184.435] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0184.435] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0184.435] GdipRestoreGraphics (graphics=0x6600030, state=0xfb940dbd) returned 0x0
[0184.435] GdipDeleteRegion (region=0x6646718) returned 0x0
[0184.435] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0184.435] GetCurrentObject (hdc=0x7010781, type=0x1) returned 0xb00017
[0184.435] GetCurrentObject (hdc=0x7010781, type=0x2) returned 0x900010
[0184.435] GetCurrentObject (hdc=0x7010781, type=0x7) returned 0x4a0507fe
[0184.435] GetCurrentObject (hdc=0x7010781, type=0x6) returned 0x8a01c2
[0184.435] SaveDC (hdc=0x7010781) returned 1
[0184.435] GetNearestColor (hdc=0x7010781, color=0xff) returned 0xff
[0184.435] GetNearestColor (hdc=0x7010781, color=0x55) returned 0x55
[0184.436] GetNearestColor (hdc=0x7010781, color=0x0) returned 0x0
[0184.436] GetNearestColor (hdc=0x7010781, color=0x55) returned 0x55
[0184.436] GetNearestColor (hdc=0x7010781, color=0x0) returned 0x0
[0184.436] GetNearestColor (hdc=0x7010781, color=0x8080ff) returned 0x8080ff
[0184.436] GetNearestColor (hdc=0x7010781, color=0x7373e5) returned 0x7373e5
[0184.436] GetNearestColor (hdc=0x7010781, color=0xe5) returned 0xe5
[0184.436] GetNearestColor (hdc=0x7010781, color=0x0) returned 0x0
[0184.436] RestoreDC (hdc=0x7010781, nSavedDC=-1) returned 1
[0184.436] GdipReleaseDC (graphics=0x6600030, hdc=0x7010781) returned 0x0
[0184.436] IsAppThemed () returned 0x1
[0184.436] GetThemeAppProperties () returned 0x3
[0184.436] GetThemeAppProperties () returned 0x3
[0184.436] IsAppThemed () returned 0x1
[0184.436] GetThemeAppProperties () returned 0x3
[0184.436] GetThemeAppProperties () returned 0x3
[0184.436] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2dac72c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0184.437] IsAppThemed () returned 0x1
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] IsAppThemed () returned 0x1
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] GetFocus () returned 0x602c4
[0184.437] IsAppThemed () returned 0x1
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] IsAppThemed () returned 0x1
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] IsThemePartDefined () returned 0x1
[0184.437] IsAppThemed () returned 0x1
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] GetThemeAppProperties () returned 0x3
[0184.437] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0184.437] IsAppThemed () returned 0x1
[0184.438] GetThemeAppProperties () returned 0x3
[0184.438] GetThemeAppProperties () returned 0x3
[0184.438] IsAppThemed () returned 0x1
[0184.438] GetThemeAppProperties () returned 0x3
[0184.438] GetThemeAppProperties () returned 0x3
[0184.438] IsThemePartDefined () returned 0x1
[0184.438] GdipCreateRegion (region=0xd7e508) returned 0x0
[0184.438] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.438] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0184.438] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0184.438] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e520) returned 0x0
[0184.438] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0184.438] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0184.438] LocalFree (hMem=0x11ee788) returned 0x0
[0184.438] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0184.438] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee910) returned 0x0
[0184.438] LocalFree (hMem=0x11ee910) returned 0x0
[0184.438] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0184.438] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e548) returned 0x0
[0184.438] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e538) returned 0x0
[0184.438] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0184.438] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.438] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0184.438] GetCurrentObject (hdc=0x7010781, type=0x1) returned 0xb00017
[0184.439] GetCurrentObject (hdc=0x7010781, type=0x2) returned 0x900010
[0184.439] GetCurrentObject (hdc=0x7010781, type=0x7) returned 0x4a0507fe
[0184.439] GetCurrentObject (hdc=0x7010781, type=0x6) returned 0x8a01c2
[0184.439] SaveDC (hdc=0x7010781) returned 1
[0184.439] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb80407de
[0184.439] GetClipRgn (hdc=0x7010781, hrgn=0xb80407de) returned 0
[0184.439] SelectClipRgn (hdc=0x7010781, hrgn=0x32040807) returned 2
[0184.439] DeleteObject (ho=0xb80407de) returned 1
[0184.439] DeleteObject (ho=0x32040807) returned 1
[0184.439] OffsetViewportOrgEx (in: hdc=0x7010781, x=0, y=0, lppt=0x2dacddc | out: lppt=0x2dacddc) returned 1
[0184.439] DrawThemeParentBackground () returned 0x0
[0184.439] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0184.439] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0184.439] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0184.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.440] GetSystemMetrics (nIndex=42) returned 0
[0184.440] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0184.440] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0184.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0184.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0184.440] SelectPalette (hdc=0x7010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.440] GdipCreateFromHDC (hdc=0x7010781, graphics=0xd7dff8) returned 0x0
[0184.440] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0184.440] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0184.440] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638c08) returned 0x0
[0184.440] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfd0) returned 0x0
[0184.440] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0184.440] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0184.440] GdipGetClip (graphics=0x6649968, region=0x6646298) returned 0x0
[0184.441] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6649968, result=0xd7dfc4) returned 0x0
[0184.441] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.441] GdipSaveGraphics (graphics=0x6649968, state=0xd7dff0) returned 0x0
[0184.441] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0184.459] GdipFillRectangleI (graphics=0x6649968, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0184.459] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0184.460] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0184.460] SelectPalette (hdc=0x7010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.461] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0184.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.461] GetSystemMetrics (nIndex=42) returned 0
[0184.461] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0184.461] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0184.461] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0184.461] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0184.461] SelectPalette (hdc=0x7010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0184.461] GdipCreateFromHDC (hdc=0x7010781, graphics=0xd7df98) returned 0x0
[0184.461] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0184.461] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0184.461] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638db8) returned 0x0
[0184.461] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df70) returned 0x0
[0184.461] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0184.461] GdipCreateRegion (region=0xd7df58) returned 0x0
[0184.461] GdipGetClip (graphics=0x6649968, region=0x6646718) returned 0x0
[0184.461] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6649968, result=0xd7df64) returned 0x0
[0184.461] GdipDeleteRegion (region=0x6646718) returned 0x0
[0184.461] GdipSaveGraphics (graphics=0x6649968, state=0xd7df90) returned 0x0
[0184.462] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0184.472] GdipFillRectangleI (graphics=0x6649968, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0184.472] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0184.473] GdipRestoreGraphics (graphics=0x6649968, state=0xfb900dbd) returned 0x0
[0184.473] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0184.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0184.473] GetSystemMetrics (nIndex=42) returned 0
[0184.473] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0184.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0184.474] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0184.474] SelectPalette (hdc=0x7010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.474] RestoreDC (hdc=0x7010781, nSavedDC=-1) returned 1
[0184.474] GdipReleaseDC (graphics=0x6600030, hdc=0x7010781) returned 0x0
[0184.474] IsAppThemed () returned 0x1
[0184.474] GetThemeAppProperties () returned 0x3
[0184.474] GetThemeAppProperties () returned 0x3
[0184.474] IsAppThemed () returned 0x1
[0184.474] GetThemeAppProperties () returned 0x3
[0184.474] GetThemeAppProperties () returned 0x3
[0184.474] IsThemePartDefined () returned 0x1
[0184.474] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0184.474] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.474] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0184.474] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0184.474] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e4a4) returned 0x0
[0184.474] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0184.475] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0184.475] LocalFree (hMem=0x11eec58) returned 0x0
[0184.475] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0184.475] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0184.475] LocalFree (hMem=0x11ee9f0) returned 0x0
[0184.475] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0184.475] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0184.475] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0184.475] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0184.475] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.475] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0184.475] GetCurrentObject (hdc=0x7010781, type=0x1) returned 0xb00017
[0184.475] GetCurrentObject (hdc=0x7010781, type=0x2) returned 0x900010
[0184.475] GetCurrentObject (hdc=0x7010781, type=0x7) returned 0x4a0507fe
[0184.475] GetCurrentObject (hdc=0x7010781, type=0x6) returned 0x8a01c2
[0184.475] SaveDC (hdc=0x7010781) returned 1
[0184.475] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x33040807
[0184.475] GetClipRgn (hdc=0x7010781, hrgn=0x33040807) returned 0
[0184.475] SelectClipRgn (hdc=0x7010781, hrgn=0xba0407de) returned 2
[0184.475] DeleteObject (ho=0x33040807) returned 1
[0184.476] DeleteObject (ho=0xba0407de) returned 1
[0184.476] OffsetViewportOrgEx (in: hdc=0x7010781, x=0, y=0, lppt=0x2db362c | out: lppt=0x2db362c) returned 1
[0184.476] IsAppThemed () returned 0x1
[0184.476] GetThemeAppProperties () returned 0x3
[0184.476] GetThemeAppProperties () returned 0x3
[0184.476] DrawThemeBackground () returned 0x0
[0184.476] RestoreDC (hdc=0x7010781, nSavedDC=-1) returned 1
[0184.476] GdipReleaseDC (graphics=0x6600030, hdc=0x7010781) returned 0x0
[0184.476] GdipCreateRegion (region=0xd7e490) returned 0x0
[0184.476] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0184.476] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0184.476] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0184.476] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e4a8) returned 0x0
[0184.476] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0184.476] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0184.476] LocalFree (hMem=0x11ee868) returned 0x0
[0184.476] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0184.476] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0184.476] LocalFree (hMem=0x11eed00) returned 0x0
[0184.476] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0184.476] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0184.477] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0184.477] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0184.477] GdipDeleteRegion (region=0x6646298) returned 0x0
[0184.477] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0184.477] GetCurrentObject (hdc=0x7010781, type=0x1) returned 0xb00017
[0184.477] GetCurrentObject (hdc=0x7010781, type=0x2) returned 0x900010
[0184.477] GetCurrentObject (hdc=0x7010781, type=0x7) returned 0x4a0507fe
[0184.477] GetCurrentObject (hdc=0x7010781, type=0x6) returned 0x8a01c2
[0184.477] SaveDC (hdc=0x7010781) returned 1
[0184.477] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbb0407de
[0184.477] GetClipRgn (hdc=0x7010781, hrgn=0xbb0407de) returned 0
[0184.477] SelectClipRgn (hdc=0x7010781, hrgn=0x34040807) returned 2
[0184.477] DeleteObject (ho=0xbb0407de) returned 1
[0184.477] DeleteObject (ho=0x34040807) returned 1
[0184.477] OffsetViewportOrgEx (in: hdc=0x7010781, x=0, y=0, lppt=0x2db3900 | out: lppt=0x2db3900) returned 1
[0184.477] IsAppThemed () returned 0x1
[0184.477] GetThemeAppProperties () returned 0x3
[0184.477] GetThemeAppProperties () returned 0x3
[0184.477] GetThemeBackgroundContentRect () returned 0x0
[0184.477] RestoreDC (hdc=0x7010781, nSavedDC=-1) returned 1
[0184.477] GdipReleaseDC (graphics=0x6600030, hdc=0x7010781) returned 0x0
[0184.478] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0184.478] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0184.478] GdipFillRectangleI (graphics=0x6600030, brush=0x6649968, x=4, y=4, width=67, height=15) returned 0x0
[0184.478] GdipDeleteBrush (brush=0x6649968) returned 0x0
[0184.478] IsAppThemed () returned 0x1
[0184.478] GetThemeAppProperties () returned 0x3
[0184.478] GetThemeAppProperties () returned 0x3
[0184.478] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0184.478] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0184.478] GetCurrentObject (hdc=0x7010781, type=0x1) returned 0xb00017
[0184.478] GetCurrentObject (hdc=0x7010781, type=0x2) returned 0x900010
[0184.478] GetCurrentObject (hdc=0x7010781, type=0x7) returned 0x4a0507fe
[0184.478] GetCurrentObject (hdc=0x7010781, type=0x6) returned 0x8a01c2
[0184.478] SaveDC (hdc=0x7010781) returned 1
[0184.478] GetTextAlign (hdc=0x7010781) returned 0x0
[0184.478] GetTextColor (hdc=0x7010781) returned 0x0
[0184.478] GetCurrentObject (hdc=0x7010781, type=0x6) returned 0x8a01c2
[0184.478] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0184.478] SelectObject (hdc=0x7010781, h=0x6d0a0520) returned 0x8a01c2
[0184.479] GetBkMode (hdc=0x7010781) returned 2
[0184.479] SetBkMode (hdc=0x7010781, mode=1) returned 2
[0184.479] DrawTextExW (in: hdc=0x7010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2db3cc4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0184.479] DrawTextExW (in: hdc=0x7010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2db3cc4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0184.479] RestoreDC (hdc=0x7010781, nSavedDC=-1) returned 1
[0184.479] GdipReleaseDC (graphics=0x6600030, hdc=0x7010781) returned 0x0
[0184.479] GetFocus () returned 0x602c4
[0184.479] IsAppThemed () returned 0x1
[0184.479] GetThemeAppProperties () returned 0x3
[0184.479] GetThemeAppProperties () returned 0x3
[0184.480] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0184.480] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x7010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0184.480] GdipReleaseDC (graphics=0x6600030, hdc=0x7010781) returned 0x0
[0184.480] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0184.480] SelectObject (hdc=0x7010781, h=0x85000f) returned 0x4a0507fe
[0184.480] DeleteDC (hdc=0x7010781) returned 1
[0184.480] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0184.480] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0184.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.481] WaitMessage () returned 1
[0184.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.482] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.482] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.482] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.482] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.483] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.483] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.483] WaitMessage () returned 1
[0184.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.484] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.484] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.484] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.484] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.485] WaitMessage () returned 1
[0184.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.486] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.486] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.487] WaitMessage () returned 1
[0184.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.487] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.487] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.487] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.487] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.488] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.488] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.489] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.489] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.489] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.489] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.489] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.489] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.489] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.489] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.489] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.490] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.490] WaitMessage () returned 1
[0184.490] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.490] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.490] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.490] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.490] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.492] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.492] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.492] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.492] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.492] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.492] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.492] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.492] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.493] WaitMessage () returned 1
[0184.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.493] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.493] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.493] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.495] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.495] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.495] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.495] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.495] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.495] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.495] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.495] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.495] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.495] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.496] WaitMessage () returned 1
[0184.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.496] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.496] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.496] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.496] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.501] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.501] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.501] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.501] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.501] IsWindowUnicode (hWnd=0x30122) returned 1
[0184.501] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.501] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.501] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.502] WaitMessage () returned 1
[0184.531] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.531] IsWindowUnicode (hWnd=0x7005c) returned 1
[0184.531] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.532] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.532] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.532] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.532] IsWindowUnicode (hWnd=0x7005c) returned 1
[0184.532] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.532] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.532] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1120246) returned 0x0
[0184.532] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.532] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.532] WaitMessage () returned 1
[0184.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.701] IsWindowUnicode (hWnd=0x502c6) returned 1
[0184.701] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0184.701] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0184.701] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0184.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0184.701] WaitMessage () returned 1
[0186.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720102) returned 0x1
[0186.485] IsWindowUnicode (hWnd=0x602c4) returned 1
[0186.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0186.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0186.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0186.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720102) returned 0x1
[0186.485] IsWindowUnicode (hWnd=0x602c4) returned 1
[0186.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720102) returned 0x1
[0186.485] SetCursor (hCursor=0x10003) returned 0x10003
[0186.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0186.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0186.486] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0186.486] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0186.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0186.486] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0186.486] GetKeyState (nVirtKey=1) returned 1
[0186.486] GetKeyState (nVirtKey=2) returned 0
[0186.486] GetKeyState (nVirtKey=4) returned 0
[0186.486] GetKeyState (nVirtKey=5) returned 0
[0186.486] GetKeyState (nVirtKey=6) returned 0
[0186.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.486] IsWindowUnicode (hWnd=0x602c4) returned 1
[0186.486] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0186.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0186.486] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0186.486] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0186.487] CreateCompatibleDC (hdc=0x60100ce) returned 0x23010801
[0186.487] SelectObject (hdc=0x23010801, h=0x4a0507fe) returned 0x85000f
[0186.487] GdipCreateFromHDC (hdc=0x23010801, graphics=0xd7e798) returned 0x0
[0186.487] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0186.487] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0186.487] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0186.487] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0186.487] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e7f8) returned 0x0
[0186.487] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0186.487] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0186.487] LocalFree (hMem=0x11eec58) returned 0x0
[0186.487] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0186.487] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0186.487] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0186.487] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0186.487] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0186.487] GdipRestoreGraphics (graphics=0x6600030, state=0xfb8e0dbd) returned 0x0
[0186.487] GdipDeleteRegion (region=0x6646718) returned 0x0
[0186.488] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0186.488] GetCurrentObject (hdc=0x23010801, type=0x1) returned 0xb00017
[0186.488] GetCurrentObject (hdc=0x23010801, type=0x2) returned 0x900010
[0186.488] GetCurrentObject (hdc=0x23010801, type=0x7) returned 0x4a0507fe
[0186.488] GetCurrentObject (hdc=0x23010801, type=0x6) returned 0x8a01c2
[0186.488] SaveDC (hdc=0x23010801) returned 1
[0186.488] GetNearestColor (hdc=0x23010801, color=0xff) returned 0xff
[0186.488] GetNearestColor (hdc=0x23010801, color=0x55) returned 0x55
[0186.488] GetNearestColor (hdc=0x23010801, color=0x0) returned 0x0
[0186.488] GetNearestColor (hdc=0x23010801, color=0x55) returned 0x55
[0186.488] GetNearestColor (hdc=0x23010801, color=0x0) returned 0x0
[0186.488] GetNearestColor (hdc=0x23010801, color=0x8080ff) returned 0x8080ff
[0186.488] GetNearestColor (hdc=0x23010801, color=0x7373e5) returned 0x7373e5
[0186.488] GetNearestColor (hdc=0x23010801, color=0xe5) returned 0xe5
[0186.488] GetNearestColor (hdc=0x23010801, color=0x0) returned 0x0
[0186.488] RestoreDC (hdc=0x23010801, nSavedDC=-1) returned 1
[0186.488] GdipReleaseDC (graphics=0x6600030, hdc=0x23010801) returned 0x0
[0186.489] IsAppThemed () returned 0x1
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] IsAppThemed () returned 0x1
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2db4634 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0186.489] IsAppThemed () returned 0x1
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] IsAppThemed () returned 0x1
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] IsAppThemed () returned 0x1
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] IsAppThemed () returned 0x1
[0186.489] GetThemeAppProperties () returned 0x3
[0186.489] GetThemeAppProperties () returned 0x3
[0186.490] IsThemePartDefined () returned 0x1
[0186.490] IsAppThemed () returned 0x1
[0186.490] GetThemeAppProperties () returned 0x3
[0186.490] GetThemeAppProperties () returned 0x3
[0186.490] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0186.490] IsAppThemed () returned 0x1
[0186.490] GetThemeAppProperties () returned 0x3
[0186.490] GetThemeAppProperties () returned 0x3
[0186.490] IsAppThemed () returned 0x1
[0186.490] GetThemeAppProperties () returned 0x3
[0186.490] GetThemeAppProperties () returned 0x3
[0186.490] IsThemePartDefined () returned 0x1
[0186.490] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0186.490] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0186.490] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0186.490] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0186.490] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e514) returned 0x0
[0186.490] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0186.490] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0186.490] LocalFree (hMem=0x11ee868) returned 0x0
[0186.490] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0186.490] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0186.490] LocalFree (hMem=0x11ee868) returned 0x0
[0186.490] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0186.490] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0186.490] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0186.491] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0186.491] GdipDeleteRegion (region=0x6646718) returned 0x0
[0186.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0186.491] GetCurrentObject (hdc=0x23010801, type=0x1) returned 0xb00017
[0186.491] GetCurrentObject (hdc=0x23010801, type=0x2) returned 0x900010
[0186.491] GetCurrentObject (hdc=0x23010801, type=0x7) returned 0x4a0507fe
[0186.491] GetCurrentObject (hdc=0x23010801, type=0x6) returned 0x8a01c2
[0186.491] SaveDC (hdc=0x23010801) returned 1
[0186.491] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x35040807
[0186.491] GetClipRgn (hdc=0x23010801, hrgn=0x35040807) returned 0
[0186.491] SelectClipRgn (hdc=0x23010801, hrgn=0xbf0407de) returned 2
[0186.491] DeleteObject (ho=0x35040807) returned 1
[0186.491] DeleteObject (ho=0xbf0407de) returned 1
[0186.491] OffsetViewportOrgEx (in: hdc=0x23010801, x=0, y=0, lppt=0x2db4ce4 | out: lppt=0x2db4ce4) returned 1
[0186.491] DrawThemeParentBackground () returned 0x0
[0186.491] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0186.491] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0186.491] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0186.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0186.492] GetSystemMetrics (nIndex=42) returned 0
[0186.492] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0186.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0186.492] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0186.492] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0186.492] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0186.492] SelectPalette (hdc=0x23010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0186.492] GdipCreateFromHDC (hdc=0x23010801, graphics=0xd7dff0) returned 0x0
[0186.492] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0186.492] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0186.492] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638c68) returned 0x0
[0186.492] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfc8) returned 0x0
[0186.492] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0186.492] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0186.492] GdipGetClip (graphics=0x6649968, region=0x6646298) returned 0x0
[0186.492] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6649968, result=0xd7dfbc) returned 0x0
[0186.492] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.492] GdipSaveGraphics (graphics=0x6649968, state=0xd7dfe8) returned 0x0
[0186.493] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0186.505] GdipFillRectangleI (graphics=0x6649968, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0186.505] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0186.507] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0186.507] SelectPalette (hdc=0x23010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0186.507] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0186.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0186.507] GetSystemMetrics (nIndex=42) returned 0
[0186.507] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0186.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0186.507] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0186.507] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0186.507] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0186.508] SelectPalette (hdc=0x23010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0186.508] GdipCreateFromHDC (hdc=0x23010801, graphics=0xd7df90) returned 0x0
[0186.508] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0186.508] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0186.508] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638bd8) returned 0x0
[0186.508] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df68) returned 0x0
[0186.508] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0186.508] GdipCreateRegion (region=0xd7df50) returned 0x0
[0186.508] GdipGetClip (graphics=0x6649968, region=0x6646298) returned 0x0
[0186.508] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6649968, result=0xd7df5c) returned 0x0
[0186.508] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.508] GdipSaveGraphics (graphics=0x6649968, state=0xd7df88) returned 0x0
[0186.508] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0186.516] GdipFillRectangleI (graphics=0x6649968, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0186.516] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0186.517] GdipRestoreGraphics (graphics=0x6649968, state=0xfb8a0dbd) returned 0x0
[0186.518] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0186.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0186.518] GetSystemMetrics (nIndex=42) returned 0
[0186.518] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0186.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0186.518] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0186.518] SelectPalette (hdc=0x23010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0186.518] RestoreDC (hdc=0x23010801, nSavedDC=-1) returned 1
[0186.518] GdipReleaseDC (graphics=0x6600030, hdc=0x23010801) returned 0x0
[0186.518] IsAppThemed () returned 0x1
[0186.518] GetThemeAppProperties () returned 0x3
[0186.518] GetThemeAppProperties () returned 0x3
[0186.518] IsAppThemed () returned 0x1
[0186.518] GetThemeAppProperties () returned 0x3
[0186.518] GetThemeAppProperties () returned 0x3
[0186.518] IsThemePartDefined () returned 0x1
[0186.519] GdipCreateRegion (region=0xd7e480) returned 0x0
[0186.519] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0186.519] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0186.519] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0186.519] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e498) returned 0x0
[0186.519] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0186.519] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0186.519] LocalFree (hMem=0x11ee9f0) returned 0x0
[0186.519] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0186.519] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea98) returned 0x0
[0186.519] LocalFree (hMem=0x11eea98) returned 0x0
[0186.519] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0186.519] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0186.519] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0186.519] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0186.519] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.519] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0186.519] GetCurrentObject (hdc=0x23010801, type=0x1) returned 0xb00017
[0186.519] GetCurrentObject (hdc=0x23010801, type=0x2) returned 0x900010
[0186.519] GetCurrentObject (hdc=0x23010801, type=0x7) returned 0x4a0507fe
[0186.519] GetCurrentObject (hdc=0x23010801, type=0x6) returned 0x8a01c2
[0186.520] SaveDC (hdc=0x23010801) returned 1
[0186.520] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc00407de
[0186.520] GetClipRgn (hdc=0x23010801, hrgn=0xc00407de) returned 0
[0186.520] SelectClipRgn (hdc=0x23010801, hrgn=0x37040807) returned 2
[0186.520] DeleteObject (ho=0xc00407de) returned 1
[0186.520] DeleteObject (ho=0x37040807) returned 1
[0186.520] OffsetViewportOrgEx (in: hdc=0x23010801, x=0, y=0, lppt=0x2dbb534 | out: lppt=0x2dbb534) returned 1
[0186.520] IsAppThemed () returned 0x1
[0186.520] GetThemeAppProperties () returned 0x3
[0186.520] GetThemeAppProperties () returned 0x3
[0186.520] DrawThemeBackground () returned 0x0
[0186.520] RestoreDC (hdc=0x23010801, nSavedDC=-1) returned 1
[0186.520] GdipReleaseDC (graphics=0x6600030, hdc=0x23010801) returned 0x0
[0186.520] GdipCreateRegion (region=0xd7e484) returned 0x0
[0186.520] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0186.520] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0186.520] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0186.520] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e49c) returned 0x0
[0186.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0186.521] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0186.521] LocalFree (hMem=0x11eec58) returned 0x0
[0186.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0186.521] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0186.521] LocalFree (hMem=0x11eec58) returned 0x0
[0186.521] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0186.521] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0186.521] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0186.521] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0186.521] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.521] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0186.521] GetCurrentObject (hdc=0x23010801, type=0x1) returned 0xb00017
[0186.521] GetCurrentObject (hdc=0x23010801, type=0x2) returned 0x900010
[0186.521] GetCurrentObject (hdc=0x23010801, type=0x7) returned 0x4a0507fe
[0186.521] GetCurrentObject (hdc=0x23010801, type=0x6) returned 0x8a01c2
[0186.521] SaveDC (hdc=0x23010801) returned 1
[0186.521] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x38040807
[0186.521] GetClipRgn (hdc=0x23010801, hrgn=0x38040807) returned 0
[0186.521] SelectClipRgn (hdc=0x23010801, hrgn=0xc10407de) returned 2
[0186.521] DeleteObject (ho=0x38040807) returned 1
[0186.522] DeleteObject (ho=0xc10407de) returned 1
[0186.522] OffsetViewportOrgEx (in: hdc=0x23010801, x=0, y=0, lppt=0x2dbb808 | out: lppt=0x2dbb808) returned 1
[0186.522] IsAppThemed () returned 0x1
[0186.522] GetThemeAppProperties () returned 0x3
[0186.522] GetThemeAppProperties () returned 0x3
[0186.522] GetThemeBackgroundContentRect () returned 0x0
[0186.522] RestoreDC (hdc=0x23010801, nSavedDC=-1) returned 1
[0186.522] GdipReleaseDC (graphics=0x6600030, hdc=0x23010801) returned 0x0
[0186.522] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0186.522] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0186.522] GdipFillRectangleI (graphics=0x6600030, brush=0x6649968, x=4, y=4, width=67, height=15) returned 0x0
[0186.522] GdipDeleteBrush (brush=0x6649968) returned 0x0
[0186.522] IsAppThemed () returned 0x1
[0186.522] GetThemeAppProperties () returned 0x3
[0186.522] GetThemeAppProperties () returned 0x3
[0186.522] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0186.522] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0186.522] GetCurrentObject (hdc=0x23010801, type=0x1) returned 0xb00017
[0186.522] GetCurrentObject (hdc=0x23010801, type=0x2) returned 0x900010
[0186.522] GetCurrentObject (hdc=0x23010801, type=0x7) returned 0x4a0507fe
[0186.522] GetCurrentObject (hdc=0x23010801, type=0x6) returned 0x8a01c2
[0186.522] SaveDC (hdc=0x23010801) returned 1
[0186.523] GetTextAlign (hdc=0x23010801) returned 0x0
[0186.523] GetTextColor (hdc=0x23010801) returned 0x0
[0186.523] GetCurrentObject (hdc=0x23010801, type=0x6) returned 0x8a01c2
[0186.523] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0186.523] SelectObject (hdc=0x23010801, h=0x6d0a0520) returned 0x8a01c2
[0186.523] GetBkMode (hdc=0x23010801) returned 2
[0186.523] SetBkMode (hdc=0x23010801, mode=1) returned 2
[0186.523] DrawTextExW (in: hdc=0x23010801, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2dbbbcc | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0186.523] DrawTextExW (in: hdc=0x23010801, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2dbbbcc | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0186.524] RestoreDC (hdc=0x23010801, nSavedDC=-1) returned 1
[0186.524] GdipReleaseDC (graphics=0x6600030, hdc=0x23010801) returned 0x0
[0186.524] GetFocus () returned 0x602c4
[0186.524] IsAppThemed () returned 0x1
[0186.524] GetThemeAppProperties () returned 0x3
[0186.524] GetThemeAppProperties () returned 0x3
[0186.524] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0186.524] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x23010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0186.525] GdipReleaseDC (graphics=0x6600030, hdc=0x23010801) returned 0x0
[0186.525] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0186.525] SelectObject (hdc=0x23010801, h=0x85000f) returned 0x4a0507fe
[0186.525] DeleteDC (hdc=0x23010801) returned 1
[0186.525] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0186.525] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0186.525] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0186.525] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0186.525] WaitMessage () returned 1
[0186.592] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.592] IsWindowUnicode (hWnd=0x602c4) returned 1
[0186.592] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.592] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0186.592] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0186.592] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.593] IsWindowUnicode (hWnd=0x602c4) returned 1
[0186.593] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.593] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0186.593] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0186.593] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xb0027) returned 0x0
[0186.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0186.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0186.593] WaitMessage () returned 1
[0186.722] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720102) returned 0x1
[0186.722] IsWindowUnicode (hWnd=0x602c4) returned 1
[0186.722] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720102) returned 0x1
[0186.722] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0186.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19d0044) returned 0x0
[0186.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0186.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0186.723] SetCursor (hCursor=0x10003) returned 0x10003
[0186.723] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0186.723] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0186.723] GetKeyState (nVirtKey=1) returned -128
[0186.723] GetKeyState (nVirtKey=2) returned 0
[0186.723] GetKeyState (nVirtKey=4) returned 0
[0186.723] GetKeyState (nVirtKey=5) returned 0
[0186.723] GetKeyState (nVirtKey=6) returned 0
[0186.723] IsWindowVisible (hWnd=0x602c4) returned 1
[0186.723] IsWindowEnabled (hWnd=0x602c4) returned 1
[0186.723] SetFocus (hWnd=0x602c4) returned 0x602c4
[0186.723] GetFocus () returned 0x602c4
[0186.723] GetFocus () returned 0x602c4
[0186.723] GetFocus () returned 0x602c4
[0186.723] GetKeyState (nVirtKey=1) returned -128
[0186.723] GetKeyState (nVirtKey=2) returned 0
[0186.723] GetKeyState (nVirtKey=4) returned 0
[0186.723] GetKeyState (nVirtKey=5) returned 0
[0186.723] GetKeyState (nVirtKey=6) returned 0
[0186.723] GetCapture () returned 0x0
[0186.724] SetCapture (hWnd=0x602c4) returned 0x0
[0186.724] GetKeyState (nVirtKey=1) returned -128
[0186.724] GetKeyState (nVirtKey=2) returned 0
[0186.724] GetKeyState (nVirtKey=4) returned 0
[0186.724] GetKeyState (nVirtKey=5) returned 0
[0186.724] GetKeyState (nVirtKey=6) returned 0
[0186.724] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0186.724] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0186.724] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.724] IsWindowUnicode (hWnd=0x602c4) returned 1
[0186.724] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0186.724] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0186.724] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0186.724] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dbbd50, cPoints=0x1 | out: lpPoints=0x2dbbd50) returned 40304859
[0186.724] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0186.724] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0186.724] UpdateWindow (hWnd=0x602c4) returned 1
[0186.724] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0186.725] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0186.725] CreateCompatibleDC (hdc=0x60100ce) returned 0xb0107d8
[0186.725] SelectObject (hdc=0xb0107d8, h=0x4a0507fe) returned 0x85000f
[0186.725] GdipCreateFromHDC (hdc=0xb0107d8, graphics=0xd7e430) returned 0x0
[0186.725] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0186.725] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0186.725] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0186.725] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0186.725] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e490) returned 0x0
[0186.725] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0186.725] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0186.725] LocalFree (hMem=0x11ee9f0) returned 0x0
[0186.726] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0186.726] GdipCreateRegion (region=0xd7e478) returned 0x0
[0186.726] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0186.726] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e484) returned 0x0
[0186.726] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0186.726] GdipRestoreGraphics (graphics=0x6600030, state=0xfb880dbd) returned 0x0
[0186.726] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.726] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0186.726] GetCurrentObject (hdc=0xb0107d8, type=0x1) returned 0xb00017
[0186.726] GetCurrentObject (hdc=0xb0107d8, type=0x2) returned 0x900010
[0186.726] GetCurrentObject (hdc=0xb0107d8, type=0x7) returned 0x4a0507fe
[0186.726] GetCurrentObject (hdc=0xb0107d8, type=0x6) returned 0x8a01c2
[0186.726] SaveDC (hdc=0xb0107d8) returned 1
[0186.726] GetNearestColor (hdc=0xb0107d8, color=0xff) returned 0xff
[0186.726] GetNearestColor (hdc=0xb0107d8, color=0x55) returned 0x55
[0186.726] GetNearestColor (hdc=0xb0107d8, color=0x0) returned 0x0
[0186.726] GetNearestColor (hdc=0xb0107d8, color=0x55) returned 0x55
[0186.727] GetNearestColor (hdc=0xb0107d8, color=0x0) returned 0x0
[0186.727] GetNearestColor (hdc=0xb0107d8, color=0x8080ff) returned 0x8080ff
[0186.727] GetNearestColor (hdc=0xb0107d8, color=0x7373e5) returned 0x7373e5
[0186.727] GetNearestColor (hdc=0xb0107d8, color=0xe5) returned 0xe5
[0186.727] GetNearestColor (hdc=0xb0107d8, color=0x0) returned 0x0
[0186.727] RestoreDC (hdc=0xb0107d8, nSavedDC=-1) returned 1
[0186.727] GdipReleaseDC (graphics=0x6600030, hdc=0xb0107d8) returned 0x0
[0186.727] IsAppThemed () returned 0x1
[0186.727] GetThemeAppProperties () returned 0x3
[0186.727] GetThemeAppProperties () returned 0x3
[0186.727] IsAppThemed () returned 0x1
[0186.727] GetThemeAppProperties () returned 0x3
[0186.727] GetThemeAppProperties () returned 0x3
[0186.727] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2dbc46c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0186.728] IsAppThemed () returned 0x1
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] IsAppThemed () returned 0x1
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] IsAppThemed () returned 0x1
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] IsAppThemed () returned 0x1
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] IsThemePartDefined () returned 0x1
[0186.728] IsAppThemed () returned 0x1
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0186.728] IsAppThemed () returned 0x1
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] IsAppThemed () returned 0x1
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] GetThemeAppProperties () returned 0x3
[0186.728] IsThemePartDefined () returned 0x1
[0186.728] GdipCreateRegion (region=0xd7e194) returned 0x0
[0186.728] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0186.728] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0186.728] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0186.729] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e1ac) returned 0x0
[0186.729] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0186.729] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0186.729] LocalFree (hMem=0x11eec58) returned 0x0
[0186.729] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0186.729] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0186.729] LocalFree (hMem=0x11ee9f0) returned 0x0
[0186.729] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0186.729] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0186.729] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0186.729] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0186.729] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.729] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0186.729] GetCurrentObject (hdc=0xb0107d8, type=0x1) returned 0xb00017
[0186.729] GetCurrentObject (hdc=0xb0107d8, type=0x2) returned 0x900010
[0186.729] GetCurrentObject (hdc=0xb0107d8, type=0x7) returned 0x4a0507fe
[0186.729] GetCurrentObject (hdc=0xb0107d8, type=0x6) returned 0x8a01c2
[0186.729] SaveDC (hdc=0xb0107d8) returned 1
[0186.729] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc20407de
[0186.729] GetClipRgn (hdc=0xb0107d8, hrgn=0xc20407de) returned 0
[0186.729] SelectClipRgn (hdc=0xb0107d8, hrgn=0x3c040807) returned 2
[0186.730] DeleteObject (ho=0xc20407de) returned 1
[0186.730] DeleteObject (ho=0x3c040807) returned 1
[0186.730] OffsetViewportOrgEx (in: hdc=0xb0107d8, x=0, y=0, lppt=0x2dbcb1c | out: lppt=0x2dbcb1c) returned 1
[0186.730] DrawThemeParentBackground () returned 0x0
[0186.730] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0186.730] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0186.730] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0186.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0186.730] GetSystemMetrics (nIndex=42) returned 0
[0186.730] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0186.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0186.730] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0186.730] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0186.730] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0186.730] SelectPalette (hdc=0xb0107d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0186.730] GdipCreateFromHDC (hdc=0xb0107d8, graphics=0xd7dc88) returned 0x0
[0186.730] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0186.731] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0186.731] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638a28) returned 0x0
[0186.731] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc60) returned 0x0
[0186.731] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0186.731] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0186.731] GdipGetClip (graphics=0x6649968, region=0x66463b8) returned 0x0
[0186.731] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6649968, result=0xd7dc54) returned 0x0
[0186.731] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0186.731] GdipSaveGraphics (graphics=0x6649968, state=0xd7dc80) returned 0x0
[0186.731] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0186.740] GdipFillRectangleI (graphics=0x6649968, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0186.740] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0186.741] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0186.741] SelectPalette (hdc=0xb0107d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0186.742] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0186.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0186.742] GetSystemMetrics (nIndex=42) returned 0
[0186.742] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0186.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0186.742] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0186.742] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0186.742] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0186.742] SelectPalette (hdc=0xb0107d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0186.742] GdipCreateFromHDC (hdc=0xb0107d8, graphics=0xd7dc28) returned 0x0
[0186.742] GdipSetPageUnit (graphics=0x6649968, unit=0x2) returned 0x0
[0186.742] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0186.742] GdipGetWorldTransform (graphics=0x6649968, matrix=0x6638ba8) returned 0x0
[0186.742] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc00) returned 0x0
[0186.743] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0186.743] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0186.743] GdipGetClip (graphics=0x6649968, region=0x6646298) returned 0x0
[0186.743] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6649968, result=0xd7dbf4) returned 0x0
[0186.743] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.743] GdipSaveGraphics (graphics=0x6649968, state=0xd7dc20) returned 0x0
[0186.743] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0186.756] GdipFillRectangleI (graphics=0x6649968, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0186.756] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0186.757] GdipRestoreGraphics (graphics=0x6649968, state=0xfb840dbd) returned 0x0
[0186.757] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0186.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0186.757] GetSystemMetrics (nIndex=42) returned 0
[0186.757] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0186.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0186.757] GdipDeleteGraphics (graphics=0x6649968) returned 0x0
[0186.757] SelectPalette (hdc=0xb0107d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0186.757] RestoreDC (hdc=0xb0107d8, nSavedDC=-1) returned 1
[0186.757] GdipReleaseDC (graphics=0x6600030, hdc=0xb0107d8) returned 0x0
[0186.757] IsAppThemed () returned 0x1
[0186.758] GetThemeAppProperties () returned 0x3
[0186.758] GetThemeAppProperties () returned 0x3
[0186.758] IsAppThemed () returned 0x1
[0186.758] GetThemeAppProperties () returned 0x3
[0186.758] GetThemeAppProperties () returned 0x3
[0186.758] IsThemePartDefined () returned 0x1
[0186.758] GdipCreateRegion (region=0xd7e118) returned 0x0
[0186.758] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0186.758] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0186.758] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0186.758] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e130) returned 0x0
[0186.758] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0186.758] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea98) returned 0x0
[0186.758] LocalFree (hMem=0x11eea98) returned 0x0
[0186.758] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0186.758] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0186.758] LocalFree (hMem=0x11ee9f0) returned 0x0
[0186.758] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0186.758] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e158) returned 0x0
[0186.758] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e148) returned 0x0
[0186.758] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0186.758] GdipDeleteRegion (region=0x6646298) returned 0x0
[0186.758] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0186.759] GetCurrentObject (hdc=0xb0107d8, type=0x1) returned 0xb00017
[0186.759] GetCurrentObject (hdc=0xb0107d8, type=0x2) returned 0x900010
[0186.759] GetCurrentObject (hdc=0xb0107d8, type=0x7) returned 0x4a0507fe
[0186.759] GetCurrentObject (hdc=0xb0107d8, type=0x6) returned 0x8a01c2
[0186.759] SaveDC (hdc=0xb0107d8) returned 1
[0186.759] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d040807
[0186.759] GetClipRgn (hdc=0xb0107d8, hrgn=0x3d040807) returned 0
[0186.759] SelectClipRgn (hdc=0xb0107d8, hrgn=0xc40407de) returned 2
[0186.759] DeleteObject (ho=0x3d040807) returned 1
[0186.759] DeleteObject (ho=0xc40407de) returned 1
[0186.759] OffsetViewportOrgEx (in: hdc=0xb0107d8, x=0, y=0, lppt=0x2dc336c | out: lppt=0x2dc336c) returned 1
[0186.759] IsAppThemed () returned 0x1
[0186.759] GetThemeAppProperties () returned 0x3
[0186.759] GetThemeAppProperties () returned 0x3
[0186.759] DrawThemeBackground () returned 0x0
[0186.759] RestoreDC (hdc=0xb0107d8, nSavedDC=-1) returned 1
[0186.759] GdipReleaseDC (graphics=0x6600030, hdc=0xb0107d8) returned 0x0
[0186.759] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0186.759] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0186.759] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0186.759] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0186.760] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e134) returned 0x0
[0186.760] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0186.760] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0186.760] LocalFree (hMem=0x11eec58) returned 0x0
[0186.760] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0186.760] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0186.760] LocalFree (hMem=0x11eea28) returned 0x0
[0186.760] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0186.760] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0186.760] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0186.760] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0186.760] GdipDeleteRegion (region=0x6646718) returned 0x0
[0186.760] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0186.760] GetCurrentObject (hdc=0xb0107d8, type=0x1) returned 0xb00017
[0186.760] GetCurrentObject (hdc=0xb0107d8, type=0x2) returned 0x900010
[0186.760] GetCurrentObject (hdc=0xb0107d8, type=0x7) returned 0x4a0507fe
[0186.760] GetCurrentObject (hdc=0xb0107d8, type=0x6) returned 0x8a01c2
[0186.760] SaveDC (hdc=0xb0107d8) returned 1
[0186.760] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc50407de
[0186.760] GetClipRgn (hdc=0xb0107d8, hrgn=0xc50407de) returned 0
[0186.760] SelectClipRgn (hdc=0xb0107d8, hrgn=0x3e040807) returned 2
[0186.760] DeleteObject (ho=0xc50407de) returned 1
[0186.761] DeleteObject (ho=0x3e040807) returned 1
[0186.761] OffsetViewportOrgEx (in: hdc=0xb0107d8, x=0, y=0, lppt=0x2dc3640 | out: lppt=0x2dc3640) returned 1
[0186.761] IsAppThemed () returned 0x1
[0186.761] GetThemeAppProperties () returned 0x3
[0186.761] GetThemeAppProperties () returned 0x3
[0186.761] GetThemeBackgroundContentRect () returned 0x0
[0186.761] RestoreDC (hdc=0xb0107d8, nSavedDC=-1) returned 1
[0186.761] GdipReleaseDC (graphics=0x6600030, hdc=0xb0107d8) returned 0x0
[0186.761] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0186.761] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0186.761] GdipFillRectangleI (graphics=0x6600030, brush=0x6649968, x=4, y=4, width=67, height=15) returned 0x0
[0186.761] GdipDeleteBrush (brush=0x6649968) returned 0x0
[0186.761] IsAppThemed () returned 0x1
[0186.761] GetThemeAppProperties () returned 0x3
[0186.761] GetThemeAppProperties () returned 0x3
[0186.761] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0186.761] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0186.761] GetCurrentObject (hdc=0xb0107d8, type=0x1) returned 0xb00017
[0186.761] GetCurrentObject (hdc=0xb0107d8, type=0x2) returned 0x900010
[0186.761] GetCurrentObject (hdc=0xb0107d8, type=0x7) returned 0x4a0507fe
[0186.761] GetCurrentObject (hdc=0xb0107d8, type=0x6) returned 0x8a01c2
[0186.761] SaveDC (hdc=0xb0107d8) returned 1
[0186.761] GetTextAlign (hdc=0xb0107d8) returned 0x0
[0186.762] GetTextColor (hdc=0xb0107d8) returned 0x0
[0186.762] GetCurrentObject (hdc=0xb0107d8, type=0x6) returned 0x8a01c2
[0186.762] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0186.762] SelectObject (hdc=0xb0107d8, h=0x6d0a0520) returned 0x8a01c2
[0186.762] GetBkMode (hdc=0xb0107d8) returned 2
[0186.762] SetBkMode (hdc=0xb0107d8, mode=1) returned 2
[0186.763] DrawTextExW (in: hdc=0xb0107d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2dc3a04 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0186.764] DrawTextExW (in: hdc=0xb0107d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2dc3a04 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0186.764] RestoreDC (hdc=0xb0107d8, nSavedDC=-1) returned 1
[0186.764] GdipReleaseDC (graphics=0x6600030, hdc=0xb0107d8) returned 0x0
[0186.764] GetFocus () returned 0x602c4
[0186.764] IsAppThemed () returned 0x1
[0186.764] GetThemeAppProperties () returned 0x3
[0186.764] GetThemeAppProperties () returned 0x3
[0186.764] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0186.764] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xb0107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0186.764] GdipReleaseDC (graphics=0x6600030, hdc=0xb0107d8) returned 0x0
[0186.764] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0186.765] SelectObject (hdc=0xb0107d8, h=0x85000f) returned 0x4a0507fe
[0186.765] DeleteDC (hdc=0xb0107d8) returned 1
[0186.765] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0186.765] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0186.765] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dc3b00, cPoints=0x1 | out: lpPoints=0x2dc3b00) returned 40304859
[0186.765] WindowFromPoint (Point=0x102) returned 0x602c4
[0186.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720102) returned 0x1
[0186.765] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0186.765] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0186.765] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0186.765] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0186.765] GetSystemMetrics (nIndex=42) returned 0
[0186.765] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0186.765] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0186.767] GetCapture () returned 0x602c4
[0186.767] ReleaseCapture () returned 1
[0186.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0186.767] GetProcessWindowStation () returned 0x13c
[0186.767] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.768] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0186.768] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.768] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0186.768] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.768] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0186.768] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.768] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0186.769] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.769] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0186.769] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.769] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0186.769] GetDC (hWnd=0x0) returned 0x10105d6
[0186.769] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0186.769] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0186.769] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0186.769] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0186.770] GetSystemMetrics (nIndex=5) returned 1
[0186.770] GetSystemMetrics (nIndex=6) returned 1
[0186.771] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.771] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0186.771] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.771] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0186.774] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0186.774] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0186.774] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.774] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0186.774] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.774] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0186.775] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2dc951c | out: lpData=0x2dc951c) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dc992c, puLen=0xd7e810) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc95d4, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc9628, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc96a8, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc9710, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc9750, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc97d8, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc9814, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc986c, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc989c, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc98d8, puLen=0xd7e790) returned 1
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dc992c, puLen=0xd7e784) returned 1
[0186.776] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.776] VerQueryValueW (in: pBlock=0x2dc951c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dc9544, puLen=0xd7e794) returned 1
[0186.777] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0186.777] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0186.777] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.777] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0186.777] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.777] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0186.777] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2dcb48c | out: lpData=0x2dcb48c) returned 1
[0186.777] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dcb528, puLen=0xd7e810) returned 1
[0186.777] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb5a0, puLen=0xd7e790) returned 1
[0186.777] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb5d0, puLen=0xd7e790) returned 1
[0186.777] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb60c, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb63c, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb684, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb6fc, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb740, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb780, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb57e, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb6cc, puLen=0xd7e790) returned 1
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dcb528, puLen=0xd7e784) returned 1
[0186.778] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0186.778] VerQueryValueW (in: pBlock=0x2dcb48c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dcb4b4, puLen=0xd7e794) returned 1
[0186.779] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0186.779] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0186.779] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.779] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0186.779] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.779] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0186.780] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2dcd764 | out: lpData=0x2dcd764) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dcdb78, puLen=0xd7e810) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcd81c, puLen=0xd7e790) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcd870, puLen=0xd7e790) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcd8cc, puLen=0xd7e790) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcd92c, puLen=0xd7e790) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcd984, puLen=0xd7e790) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcda0c, puLen=0xd7e790) returned 1
[0186.781] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcda60, puLen=0xd7e790) returned 1
[0186.782] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdab8, puLen=0xd7e790) returned 1
[0186.782] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdae8, puLen=0xd7e790) returned 1
[0186.782] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.782] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdb24, puLen=0xd7e790) returned 1
[0186.782] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.782] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dcdb78, puLen=0xd7e784) returned 1
[0186.782] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.782] VerQueryValueW (in: pBlock=0x2dcd764, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dcd78c, puLen=0xd7e794) returned 1
[0186.783] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0186.783] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0186.783] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.783] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0186.783] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.783] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0186.784] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dcfd9c | out: lpData=0x2dcfd9c) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd019c, puLen=0xd7e810) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcfe54, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcfea8, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcfee8, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcff50, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcffa8, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0030, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0084, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd00dc, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd010c, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0148, puLen=0xd7e790) returned 1
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd019c, puLen=0xd7e784) returned 1
[0186.786] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.786] VerQueryValueW (in: pBlock=0x2dcfd9c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dcfdc4, puLen=0xd7e794) returned 1
[0186.787] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0186.787] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0186.787] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.788] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0186.788] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.788] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0186.789] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2dd24d8 | out: lpData=0x2dd24d8) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd28a0, puLen=0xd7e810) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2590, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd25e4, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2624, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd268c, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd26c8, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2750, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2788, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd27e0, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2810, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd284c, puLen=0xd7e790) returned 1
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.790] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd28a0, puLen=0xd7e784) returned 1
[0186.791] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.791] VerQueryValueW (in: pBlock=0x2dd24d8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd2500, puLen=0xd7e794) returned 1
[0186.792] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0186.792] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0186.792] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.792] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0186.792] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.792] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0186.793] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2dd5b40 | out: lpData=0x2dd5b40) returned 1
[0186.794] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd5f20, puLen=0xd7e810) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5bf8, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5c4c, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5c8c, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5cec, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5d38, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5dc0, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5e08, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5e60, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5e90, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5ecc, puLen=0xd7e790) returned 1
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd5f20, puLen=0xd7e784) returned 1
[0186.812] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.812] VerQueryValueW (in: pBlock=0x2dd5b40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd5b68, puLen=0xd7e794) returned 1
[0186.813] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0186.814] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0186.814] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.814] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0186.814] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.814] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0186.815] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2dd8360 | out: lpData=0x2dd8360) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd876c, puLen=0xd7e810) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8418, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd846c, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd84c0, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8520, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8578, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8600, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8654, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd86ac, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd86dc, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8718, puLen=0xd7e790) returned 1
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd876c, puLen=0xd7e784) returned 1
[0186.816] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.816] VerQueryValueW (in: pBlock=0x2dd8360, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd8388, puLen=0xd7e794) returned 1
[0186.817] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0186.818] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0186.818] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.818] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0186.818] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.818] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0186.819] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2ddab74 | out: lpData=0x2ddab74) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ddaf4c, puLen=0xd7e810) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddac2c, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddac80, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddacc0, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddad28, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddad6c, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddadf4, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddae34, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddae8c, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddaebc, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddaef8, puLen=0xd7e790) returned 1
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.820] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ddaf4c, puLen=0xd7e784) returned 1
[0186.820] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.821] VerQueryValueW (in: pBlock=0x2ddab74, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ddab9c, puLen=0xd7e794) returned 1
[0186.822] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0186.822] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0186.822] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.822] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0186.822] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.822] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0186.823] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2ddd0cc | out: lpData=0x2ddd0cc) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ddd4a4, puLen=0xd7e810) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd184, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd1d8, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd218, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd280, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd2c4, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd34c, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd38c, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd3e4, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd414, puLen=0xd7e790) returned 1
[0186.824] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.825] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd450, puLen=0xd7e790) returned 1
[0186.825] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.825] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ddd4a4, puLen=0xd7e784) returned 1
[0186.825] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.825] VerQueryValueW (in: pBlock=0x2ddd0cc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ddd0f4, puLen=0xd7e794) returned 1
[0186.831] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0186.831] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0186.831] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0186.831] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0186.831] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0186.831] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0186.832] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2ddf804 | out: lpData=0x2ddf804) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ddfc34, puLen=0xd7e810) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf8bc, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf910, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf980, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf9e0, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddfa3c, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddfac4, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddfb1c, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddfb74, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddfba4, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddfbe0, puLen=0xd7e790) returned 1
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ddfc34, puLen=0xd7e784) returned 1
[0186.833] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0186.833] VerQueryValueW (in: pBlock=0x2ddf804, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ddf82c, puLen=0xd7e794) returned 1
[0186.834] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0186.834] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.834] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0186.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.835] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.835] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1200ea
[0186.835] SetWindowLongW (hWnd=0x1200ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0186.836] GetWindowLongW (hWnd=0x1200ea, nIndex=-4) returned 1950089536
[0186.836] SetWindowLongW (hWnd=0x1200ea, nIndex=-4, dwNewLong=19944406) returned 1950089536
[0186.836] GetWindowLongW (hWnd=0x1200ea, nIndex=-4) returned 19944406
[0186.837] GetWindowLongW (hWnd=0x1200ea, nIndex=-16) returned 113311744
[0186.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0186.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0186.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0186.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0186.838] GetClientRect (in: hWnd=0x1200ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0186.838] GetWindowRect (in: hWnd=0x1200ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0186.838] SetWindowTextW (hWnd=0x1200ea, lpString="WindowsFormsParkingWindow") returned 1
[0186.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0xc, wParam=0x0, lParam=0x2da4db4) returned 0x1
[0186.839] GetParent (hWnd=0x1200ea) returned 0x0
[0186.839] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.839] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1200ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02dc
[0186.840] SetWindowLongW (hWnd=0xf02dc, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0186.840] GetWindowLongW (hWnd=0xf02dc, nIndex=-4) returned 1868147648
[0186.840] SetWindowLongW (hWnd=0xf02dc, nIndex=-4, dwNewLong=19944046) returned 1868147648
[0186.840] GetWindowLongW (hWnd=0xf02dc, nIndex=-4) returned 19944046
[0186.840] GetWindowLongW (hWnd=0xf02dc, nIndex=-16) returned 1174405133
[0186.840] GetWindowLongW (hWnd=0xf02dc, nIndex=-12) returned 0
[0186.840] SetWindowLongW (hWnd=0xf02dc, nIndex=-12, dwNewLong=983772) returned 0
[0186.840] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0186.842] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0186.842] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0186.843] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0186.843] GetWindowRect (in: hWnd=0xf02dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0186.843] GetParent (hWnd=0xf02dc) returned 0x1200ea
[0186.843] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1200ea, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0186.843] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0186.843] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0186.843] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0186.843] GetWindowRect (in: hWnd=0xf02dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0186.844] GetParent (hWnd=0xf02dc) returned 0x1200ea
[0186.844] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1200ea, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0186.844] SendMessageW (hWnd=0xf02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xf02dc) returned 0x0
[0186.844] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0xf02dc) returned 0x0
[0186.844] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0186.844] GetParent (hWnd=0xf02dc) returned 0x1200ea
[0186.844] GdipCreateFromHWND (hwnd=0xf02dc, graphics=0xd7e844) returned 0x0
[0186.845] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0186.845] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0186.845] GetForegroundWindow () returned 0x602c4
[0186.846] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.846] GetCursorPos (in: lpPoint=0x2de3b10 | out: lpPoint=0x2de3b10*(x=258, y=626)) returned 1
[0186.846] MonitorFromPoint (pt=0x102, dwFlags=0x272) returned 0x10001
[0186.846] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0186.846] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xdf0107f4
[0186.847] GetDeviceCaps (hdc=0xdf0107f4, index=12) returned 32
[0186.847] GetDeviceCaps (hdc=0xdf0107f4, index=14) returned 1
[0186.847] DeleteDC (hdc=0xdf0107f4) returned 1
[0186.847] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0186.847] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0186.847] GetSystemMetrics (nIndex=59) returned 1460
[0186.847] GetSystemMetrics (nIndex=60) returned 920
[0186.847] GetSystemMetrics (nIndex=34) returned 136
[0186.847] GetSystemMetrics (nIndex=35) returned 39
[0186.847] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.848] GetCursorPos (in: lpPoint=0x2de3d7c | out: lpPoint=0x2de3d7c*(x=258, y=626)) returned 1
[0186.848] MonitorFromPoint (pt=0x103, dwFlags=0x271) returned 0x10001
[0186.848] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0186.848] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xe00107f4
[0186.848] GetDeviceCaps (hdc=0xe00107f4, index=12) returned 32
[0186.848] GetDeviceCaps (hdc=0xe00107f4, index=14) returned 1
[0186.848] DeleteDC (hdc=0xe00107f4) returned 1
[0186.848] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0186.848] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0186.849] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.849] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0186.849] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2de4014 | out: piconinfo=0x2de4014) returned 1
[0186.849] GetObjectW (in: h=0x53050803, c=24, pv=0x2de4030 | out: pv=0x2de4030) returned 24
[0186.849] GdipCreateBitmapFromHBITMAP (hbm=0x53050803, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0186.850] GdipGetImageWidth (image=0x66023c8, width=0xd7e750) returned 0x0
[0186.850] GdipGetImageHeight (image=0x66023c8, height=0xd7e748) returned 0x0
[0186.850] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0186.850] GdipBitmapLockBits (bitmap=0x66023c8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2de40e8) returned 0x0
[0186.850] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0186.850] GdipBitmapLockBits (bitmap=0x6602a58, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2de4120) returned 0x0
[0186.850] RtlMoveMemory (in: Destination=0x665bf30, Source=0x665fec8, Length=0x80 | out: Destination=0x665bf30)
[0186.850] RtlMoveMemory (in: Destination=0x665bfb0, Source=0x665fe48, Length=0x80 | out: Destination=0x665bfb0)
[0186.850] RtlMoveMemory (in: Destination=0x665c030, Source=0x665fdc8, Length=0x80 | out: Destination=0x665c030)
[0186.850] RtlMoveMemory (in: Destination=0x665c0b0, Source=0x665fd48, Length=0x80 | out: Destination=0x665c0b0)
[0186.850] RtlMoveMemory (in: Destination=0x665c130, Source=0x665fcc8, Length=0x80 | out: Destination=0x665c130)
[0186.851] RtlMoveMemory (in: Destination=0x665c1b0, Source=0x665fc48, Length=0x80 | out: Destination=0x665c1b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c230, Source=0x665fbc8, Length=0x80 | out: Destination=0x665c230)
[0186.851] RtlMoveMemory (in: Destination=0x665c2b0, Source=0x665fb48, Length=0x80 | out: Destination=0x665c2b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c330, Source=0x665fac8, Length=0x80 | out: Destination=0x665c330)
[0186.851] RtlMoveMemory (in: Destination=0x665c3b0, Source=0x665fa48, Length=0x80 | out: Destination=0x665c3b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c430, Source=0x665f9c8, Length=0x80 | out: Destination=0x665c430)
[0186.851] RtlMoveMemory (in: Destination=0x665c4b0, Source=0x665f948, Length=0x80 | out: Destination=0x665c4b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c530, Source=0x665f8c8, Length=0x80 | out: Destination=0x665c530)
[0186.851] RtlMoveMemory (in: Destination=0x665c5b0, Source=0x665f848, Length=0x80 | out: Destination=0x665c5b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c630, Source=0x665f7c8, Length=0x80 | out: Destination=0x665c630)
[0186.851] RtlMoveMemory (in: Destination=0x665c6b0, Source=0x665f748, Length=0x80 | out: Destination=0x665c6b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c730, Source=0x665f6c8, Length=0x80 | out: Destination=0x665c730)
[0186.851] RtlMoveMemory (in: Destination=0x665c7b0, Source=0x665f648, Length=0x80 | out: Destination=0x665c7b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c830, Source=0x665f5c8, Length=0x80 | out: Destination=0x665c830)
[0186.851] RtlMoveMemory (in: Destination=0x665c8b0, Source=0x665f548, Length=0x80 | out: Destination=0x665c8b0)
[0186.851] RtlMoveMemory (in: Destination=0x665c930, Source=0x665f4c8, Length=0x80 | out: Destination=0x665c930)
[0186.851] RtlMoveMemory (in: Destination=0x665c9b0, Source=0x665f448, Length=0x80 | out: Destination=0x665c9b0)
[0186.852] RtlMoveMemory (in: Destination=0x665ca30, Source=0x665f3c8, Length=0x80 | out: Destination=0x665ca30)
[0186.852] RtlMoveMemory (in: Destination=0x665cab0, Source=0x665f348, Length=0x80 | out: Destination=0x665cab0)
[0186.852] RtlMoveMemory (in: Destination=0x665cb30, Source=0x665f2c8, Length=0x80 | out: Destination=0x665cb30)
[0186.852] RtlMoveMemory (in: Destination=0x665cbb0, Source=0x665f248, Length=0x80 | out: Destination=0x665cbb0)
[0186.852] RtlMoveMemory (in: Destination=0x665cc30, Source=0x665f1c8, Length=0x80 | out: Destination=0x665cc30)
[0186.852] RtlMoveMemory (in: Destination=0x665ccb0, Source=0x665f148, Length=0x80 | out: Destination=0x665ccb0)
[0186.852] RtlMoveMemory (in: Destination=0x665cd30, Source=0x665f0c8, Length=0x80 | out: Destination=0x665cd30)
[0186.852] RtlMoveMemory (in: Destination=0x665cdb0, Source=0x665f048, Length=0x80 | out: Destination=0x665cdb0)
[0186.852] RtlMoveMemory (in: Destination=0x665ce30, Source=0x665efc8, Length=0x80 | out: Destination=0x665ce30)
[0186.852] RtlMoveMemory (in: Destination=0x665ceb0, Source=0x665ef48, Length=0x80 | out: Destination=0x665ceb0)
[0186.852] GdipBitmapUnlockBits (bitmap=0x66023c8, lockedBitmapData=0x2de40e8) returned 0x0
[0186.852] GdipBitmapUnlockBits (bitmap=0x6602a58, lockedBitmapData=0x2de4120) returned 0x0
[0186.852] GdipDisposeImage (image=0x66023c8) returned 0x0
[0186.852] DeleteObject (ho=0x53050803) returned 1
[0186.852] DeleteObject (ho=0xe10507f4) returned 1
[0186.853] GetCurrentThreadId () returned 0xf50
[0186.853] GetCurrentThreadId () returned 0xf50
[0186.853] SetWindowPos (hWnd=0xf02dc, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0186.853] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0186.853] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0186.853] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0186.853] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0186.853] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0186.854] GetWindowRect (in: hWnd=0xf02dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0186.854] GetParent (hWnd=0xf02dc) returned 0x1200ea
[0186.854] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1200ea, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0186.854] InvalidateRect (hWnd=0xf02dc, lpRect=0x0, bErase=1) returned 1
[0186.854] GetWindowTextLengthW (hWnd=0xf02dc) returned 0
[0186.854] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0186.854] GetSystemMetrics (nIndex=42) returned 0
[0186.854] GetWindowTextW (in: hWnd=0xf02dc, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0186.854] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0186.854] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0186.854] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0186.854] GetWindowRect (in: hWnd=0xf02dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0186.854] GetParent (hWnd=0xf02dc) returned 0x1200ea
[0186.854] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1200ea, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0186.854] GetWindowTextLengthW (hWnd=0xf02dc) returned 0
[0186.854] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0186.855] GetSystemMetrics (nIndex=42) returned 0
[0186.855] GetWindowTextW (in: hWnd=0xf02dc, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0186.855] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0186.855] GetWindowTextLengthW (hWnd=0xf02dc) returned 0
[0186.855] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0186.855] GetSystemMetrics (nIndex=42) returned 0
[0186.855] GetWindowTextW (in: hWnd=0xf02dc, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0186.855] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0186.855] SetWindowTextW (hWnd=0xf02dc, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0186.855] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xc, wParam=0x0, lParam=0x2dc50f4) returned 0x1
[0186.855] InvalidateRect (hWnd=0xf02dc, lpRect=0x0, bErase=1) returned 1
[0186.855] GetCurrentThreadId () returned 0xf50
[0186.855] GetWindowThreadProcessId (in: hWnd=0xf02dc, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0186.856] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0186.863] GdipImageForceValidation (image=0x6603778) returned 0x0
[0186.864] GdipGetImageRawFormat (image=0x6603778, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0186.864] GdipGetImageHeight (image=0x6603778, height=0xd7e824) returned 0x0
[0186.864] GdipGetImageWidth (image=0x6603778, width=0xd7e824) returned 0x0
[0186.864] GdipGetImageWidth (image=0x6603778, width=0xd7e810) returned 0x0
[0186.864] GdipGetImageHeight (image=0x6603778, height=0xd7e810) returned 0x0
[0186.865] GdipGetImageWidth (image=0x6603778, width=0xd7e800) returned 0x0
[0186.865] GdipGetImageHeight (image=0x6603778, height=0xd7e800) returned 0x0
[0186.865] GdipBitmapGetPixel (bitmap=0x6603778, x=0, y=15, color=0xd7e810) returned 0x0
[0186.865] GdipGetImageRawFormat (image=0x6603778, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0186.865] GdipGetImageWidth (image=0x6603778, width=0xd7e740) returned 0x0
[0186.865] GdipGetImageHeight (image=0x6603778, height=0xd7e740) returned 0x0
[0186.865] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0186.865] GdipGetImagePixelFormat (image=0x6601360, format=0xd7e740) returned 0x0
[0186.865] GdipGetImageGraphicsContext (image=0x6601360, graphics=0xd7e74c) returned 0x0
[0186.865] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0186.865] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0186.865] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0186.865] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603778, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0186.866] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0186.866] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0186.866] GdipDisposeImage (image=0x6603778) returned 0x0
[0186.866] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0186.867] GdipImageForceValidation (image=0x66023c8) returned 0x0
[0186.869] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0186.869] GdipGetImageHeight (image=0x66023c8, height=0xd7e824) returned 0x0
[0186.869] GdipGetImageWidth (image=0x66023c8, width=0xd7e824) returned 0x0
[0186.869] GdipGetImageWidth (image=0x66023c8, width=0xd7e810) returned 0x0
[0186.869] GdipGetImageHeight (image=0x66023c8, height=0xd7e810) returned 0x0
[0186.869] GdipGetImageWidth (image=0x66023c8, width=0xd7e800) returned 0x0
[0186.869] GdipGetImageHeight (image=0x66023c8, height=0xd7e800) returned 0x0
[0186.869] GdipBitmapGetPixel (bitmap=0x66023c8, x=0, y=15, color=0xd7e810) returned 0x0
[0186.869] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0186.869] GdipGetImageWidth (image=0x66023c8, width=0xd7e740) returned 0x0
[0186.870] GdipGetImageHeight (image=0x66023c8, height=0xd7e740) returned 0x0
[0186.870] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0186.870] GdipGetImagePixelFormat (image=0x6602710, format=0xd7e740) returned 0x0
[0186.870] GdipGetImageGraphicsContext (image=0x6602710, graphics=0xd7e74c) returned 0x0
[0186.870] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0186.870] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0186.870] GdipSetImageAttributesColorKeys (imageattr=0x6638c98, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0186.870] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66023c8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c98, callback=0x0, callbackData=0x0) returned 0x0
[0186.870] GdipDisposeImageAttributes (imageattr=0x6638c98) returned 0x0
[0186.870] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0186.870] GdipDisposeImage (image=0x66023c8) returned 0x0
[0186.871] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.871] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0186.871] GetCurrentThreadId () returned 0xf50
[0186.871] GetCurrentThreadId () returned 0xf50
[0186.872] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.872] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0186.872] GetCurrentThreadId () returned 0xf50
[0186.872] GetCurrentThreadId () returned 0xf50
[0186.873] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.873] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0186.873] GetCurrentThreadId () returned 0xf50
[0186.873] GetCurrentThreadId () returned 0xf50
[0186.874] GetSystemMetrics (nIndex=5) returned 1
[0186.874] GetSystemMetrics (nIndex=6) returned 1
[0186.874] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.874] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0186.874] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.874] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0186.875] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.875] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0186.875] GetCurrentThreadId () returned 0xf50
[0186.875] GetCurrentThreadId () returned 0xf50
[0186.875] GetProcessWindowStation () returned 0x13c
[0186.875] GetCapture () returned 0x0
[0186.875] GetActiveWindow () returned 0x7005c
[0186.875] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0186.875] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.876] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0186.876] GetCursorPos (in: lpPoint=0x2de5260 | out: lpPoint=0x2de5260*(x=258, y=626)) returned 1
[0186.876] MonitorFromPoint (pt=0x102, dwFlags=0x272) returned 0x10001
[0186.876] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0186.876] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x100107d8
[0186.876] GetDeviceCaps (hdc=0x100107d8, index=12) returned 32
[0186.876] GetDeviceCaps (hdc=0x100107d8, index=14) returned 1
[0186.876] DeleteDC (hdc=0x100107d8) returned 1
[0186.876] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0186.877] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.877] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002d2
[0186.877] SetWindowLongW (hWnd=0x1002d2, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0186.877] GetWindowLongW (hWnd=0x1002d2, nIndex=-4) returned 1950089536
[0186.878] SetWindowLongW (hWnd=0x1002d2, nIndex=-4, dwNewLong=19944206) returned 1950089536
[0186.878] GetWindowLongW (hWnd=0x1002d2, nIndex=-4) returned 19944206
[0186.878] GetWindowLongW (hWnd=0x1002d2, nIndex=-16) returned 113770496
[0186.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0186.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0186.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0186.880] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0186.880] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0186.880] SetWindowTextW (hWnd=0x1002d2, lpString="Microsoft .NET Framework") returned 1
[0186.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xc, wParam=0x0, lParam=0x2c50f5c) returned 0x1
[0186.881] GetStartupInfoW (in: lpStartupInfo=0x2de559c | out: lpStartupInfo=0x2de559c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0186.883] GetParent (hWnd=0x1002d2) returned 0x0
[0186.883] SetWindowLongW (hWnd=0x1002d2, nIndex=-8, dwNewLong=0) returned 0
[0186.884] SendMessageW (hWnd=0x1002d2, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0186.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0186.884] SendMessageW (hWnd=0x1002d2, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0186.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0186.884] GetSystemMenu (hWnd=0x1002d2, bRevert=0) returned 0x4600df
[0186.885] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0186.885] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0186.885] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0186.885] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0186.885] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0186.885] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0186.885] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0186.885] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0186.885] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0186.885] SetWindowPos (hWnd=0x1002d2, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0186.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0186.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1002d2) returned 0x1
[0186.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0186.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0186.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0186.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0186.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0186.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1002d2, lParam=0x0) returned 0x0
[0186.900] GetCapture () returned 0x0
[0186.900] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0186.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0186.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0186.929] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0186.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0186.929] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0186.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0186.930] GetParent (hWnd=0x1002d2) returned 0x0
[0186.930] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0186.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0186.933] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0186.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0186.933] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0186.933] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0186.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0186.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0186.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0186.941] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.941] GetWindowLongW (hWnd=0x1002d2, nIndex=-16) returned 113770496
[0186.941] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0186.941] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0186.941] GetSystemMetrics (nIndex=42) returned 0
[0186.941] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0186.941] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0186.942] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0186.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0186.942] GetSystemMetrics (nIndex=42) returned 0
[0186.942] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0186.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0186.942] GetCursorPos (in: lpPoint=0x2de5868 | out: lpPoint=0x2de5868*(x=258, y=626)) returned 1
[0186.942] MonitorFromPoint (pt=0x102, dwFlags=0x272) returned 0x10001
[0186.942] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0186.942] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x5c010803
[0186.942] GetDeviceCaps (hdc=0x5c010803, index=12) returned 32
[0186.942] GetDeviceCaps (hdc=0x5c010803, index=14) returned 1
[0186.942] DeleteDC (hdc=0x5c010803) returned 1
[0186.943] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0186.943] GetWindowLongW (hWnd=0x1002d2, nIndex=-16) returned 113770496
[0186.943] GetWindowLongW (hWnd=0x1002d2, nIndex=-20) returned 327945
[0186.943] SetWindowLongW (hWnd=0x1002d2, nIndex=-16, dwNewLong=46661632) returned 113770496
[0186.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0186.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0186.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0186.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0186.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0186.945] SetWindowLongW (hWnd=0x1002d2, nIndex=-20, dwNewLong=327681) returned 327945
[0186.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0186.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0186.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0186.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0186.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0186.948] SetWindowPos (hWnd=0x1002d2, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0186.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0186.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0186.949] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0186.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0186.949] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0186.949] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0186.950] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0186.950] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0186.950] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0186.951] RedrawWindow (hWnd=0x1002d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0186.951] GetSystemMenu (hWnd=0x1002d2, bRevert=0) returned 0x4600df
[0186.951] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0186.951] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0186.951] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0186.951] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0186.951] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0186.951] EnableMenuItem (hMenu=0x4600df, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0186.951] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0186.951] GetWindowLongW (hWnd=0x1002d2, nIndex=-8) returned 0
[0186.952] SetWindowLongW (hWnd=0x1002d2, nIndex=-8, dwNewLong=458844) returned 0
[0186.953] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0186.954] GetProcessWindowStation () returned 0x13c
[0186.954] GetCurrentThreadId () returned 0xf50
[0186.954] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305336, lParam=0x0) returned 1
[0186.954] IsWindowVisible (hWnd=0x1002d2) returned 0
[0186.954] IsWindowVisible (hWnd=0x7005c) returned 1
[0186.954] IsWindowEnabled (hWnd=0x7005c) returned 1
[0186.954] IsWindowVisible (hWnd=0x300ec) returned 0
[0186.954] IsWindowVisible (hWnd=0x502c6) returned 0
[0186.954] IsWindowVisible (hWnd=0x502be) returned 0
[0186.954] GetActiveWindow () returned 0x1002d2
[0186.954] GetFocus () returned 0x1002d2
[0186.955] IsWindow (hWnd=0x7005c) returned 1
[0186.955] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0186.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0186.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0186.956] GetWindowLongW (hWnd=0x1002d2, nIndex=-8) returned 458844
[0186.956] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0186.956] GetCurrentThreadId () returned 0xf50
[0186.956] GetWindowLongW (hWnd=0x1002d2, nIndex=-8) returned 458844
[0186.956] IsWindowEnabled (hWnd=0x7005c) returned 0
[0186.956] IsWindowEnabled (hWnd=0x1002d2) returned 1
[0186.956] ShowWindow (hWnd=0x1002d2, nCmdShow=5) returned 0
[0186.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0186.956] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0186.956] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.957] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.957] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1002d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02de
[0186.957] SetWindowLongW (hWnd=0xf02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0186.957] GetWindowLongW (hWnd=0xf02de, nIndex=-4) returned 1950089536
[0186.958] SetWindowLongW (hWnd=0xf02de, nIndex=-4, dwNewLong=19944286) returned 1950089536
[0186.958] GetWindowLongW (hWnd=0xf02de, nIndex=-4) returned 19944286
[0186.958] GetWindowLongW (hWnd=0xf02de, nIndex=-16) returned 1174405120
[0186.958] GetWindowLongW (hWnd=0xf02de, nIndex=-12) returned 0
[0186.958] SetWindowLongW (hWnd=0xf02de, nIndex=-12, dwNewLong=983774) returned 0
[0186.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0186.959] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0186.959] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0186.959] GetWindow (hWnd=0xf02de, uCmd=0x3) returned 0x0
[0186.959] GetClientRect (in: hWnd=0xf02de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0186.959] GetWindowRect (in: hWnd=0xf02de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0186.959] GetParent (hWnd=0xf02de) returned 0x1002d2
[0186.959] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0186.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0186.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0186.960] GetClientRect (in: hWnd=0xf02de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0186.960] GetWindowRect (in: hWnd=0xf02de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0186.960] GetParent (hWnd=0xf02de) returned 0x1002d2
[0186.960] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0186.960] SendMessageW (hWnd=0xf02de, Msg=0x2210, wParam=0x2de0001, lParam=0xf02de) returned 0x0
[0186.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x2210, wParam=0x2de0001, lParam=0xf02de) returned 0x0
[0186.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0186.961] GetParent (hWnd=0xf02de) returned 0x1002d2
[0186.961] GetParent (hWnd=0xf02dc) returned 0x1200ea
[0186.961] SetParent (hWndChild=0xf02dc, hWndNewParent=0x1002d2) returned 0x1200ea
[0186.961] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0186.961] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0186.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0186.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0186.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0186.962] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0186.962] GetWindowRect (in: hWnd=0xf02dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0186.962] GetParent (hWnd=0xf02dc) returned 0x1002d2
[0186.962] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0186.962] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0186.962] GetWindowRect (in: hWnd=0xf02dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0186.962] GetParent (hWnd=0xf02dc) returned 0x1002d2
[0186.962] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0186.962] GetParent (hWnd=0xf02dc) returned 0x1002d2
[0186.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0186.963] GetWindow (hWnd=0xf02dc, uCmd=0x3) returned 0x0
[0186.963] SetWindowPos (hWnd=0xf02dc, hWndInsertAfter=0xf02de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0186.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0186.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0186.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0186.964] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0186.964] GetWindowRect (in: hWnd=0xf02dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0186.964] GetParent (hWnd=0xf02dc) returned 0x1002d2
[0186.964] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0186.964] GetParent (hWnd=0xf02dc) returned 0x1002d2
[0186.964] GetWindow (hWnd=0xf02dc, uCmd=0x3) returned 0xf02de
[0186.964] GetWindowThreadProcessId (in: hWnd=0xf02dc, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0186.964] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0186.964] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.965] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.965] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1002d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x11013e
[0186.965] SetWindowLongW (hWnd=0x11013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0186.965] GetWindowLongW (hWnd=0x11013e, nIndex=-4) returned 1868032000
[0186.970] SetWindowLongW (hWnd=0x11013e, nIndex=-4, dwNewLong=19944326) returned 1868032000
[0186.971] GetWindowLongW (hWnd=0x11013e, nIndex=-4) returned 19944326
[0186.971] GetWindowLongW (hWnd=0x11013e, nIndex=-16) returned 1174470667
[0186.971] GetWindowLongW (hWnd=0x11013e, nIndex=-12) returned 0
[0186.971] SetWindowLongW (hWnd=0x11013e, nIndex=-12, dwNewLong=1114430) returned 0
[0186.971] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0186.972] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0186.972] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0186.973] SendMessageW (hWnd=0x11013e, Msg=0x2055, wParam=0x11013e, lParam=0x3) returned 0x2
[0186.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0186.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0186.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0186.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0186.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0186.974] RedrawWindow (hWnd=0xf02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0186.974] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0186.974] RedrawWindow (hWnd=0xf02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0186.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0186.974] RedrawWindow (hWnd=0x11013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0186.975] RedrawWindow (hWnd=0x1002d2, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0186.975] GetWindow (hWnd=0x11013e, uCmd=0x3) returned 0xf02dc
[0186.975] GetClientRect (in: hWnd=0x11013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0186.975] GetWindowRect (in: hWnd=0x11013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0186.975] GetParent (hWnd=0x11013e) returned 0x1002d2
[0186.975] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0186.975] SetWindowTextW (hWnd=0x11013e, lpString="&Details") returned 1
[0186.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0186.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0186.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0186.976] GetClientRect (in: hWnd=0x11013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0186.976] GetWindowRect (in: hWnd=0x11013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0186.976] GetParent (hWnd=0x11013e) returned 0x1002d2
[0186.976] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0186.976] SendMessageW (hWnd=0x11013e, Msg=0x2210, wParam=0x13e0001, lParam=0x11013e) returned 0x0
[0186.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x2210, wParam=0x13e0001, lParam=0x11013e) returned 0x0
[0186.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0186.977] GetParent (hWnd=0x11013e) returned 0x1002d2
[0186.977] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0186.977] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.978] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.978] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1002d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd005a
[0186.978] SetWindowLongW (hWnd=0xd005a, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0186.978] GetWindowLongW (hWnd=0xd005a, nIndex=-4) returned 1868032000
[0186.979] SetWindowLongW (hWnd=0xd005a, nIndex=-4, dwNewLong=19944366) returned 1868032000
[0186.979] GetWindowLongW (hWnd=0xd005a, nIndex=-4) returned 19944366
[0186.979] GetWindowLongW (hWnd=0xd005a, nIndex=-16) returned 1174470667
[0186.979] GetWindowLongW (hWnd=0xd005a, nIndex=-12) returned 0
[0186.979] SetWindowLongW (hWnd=0xd005a, nIndex=-12, dwNewLong=852058) returned 0
[0186.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0186.980] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0186.980] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0186.981] SendMessageW (hWnd=0xd005a, Msg=0x2055, wParam=0xd005a, lParam=0x3) returned 0x2
[0186.981] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0186.981] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0186.981] GetWindow (hWnd=0xd005a, uCmd=0x3) returned 0x11013e
[0186.982] GetClientRect (in: hWnd=0xd005a, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0186.982] GetWindowRect (in: hWnd=0xd005a, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0186.982] GetParent (hWnd=0xd005a) returned 0x1002d2
[0186.982] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0186.982] SetWindowTextW (hWnd=0xd005a, lpString="&Continue") returned 1
[0186.982] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0186.983] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0186.983] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0186.983] GetClientRect (in: hWnd=0xd005a, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0186.983] GetWindowRect (in: hWnd=0xd005a, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0186.983] GetParent (hWnd=0xd005a) returned 0x1002d2
[0186.983] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0186.983] SendMessageW (hWnd=0xd005a, Msg=0x2210, wParam=0x5a0001, lParam=0xd005a) returned 0x0
[0186.983] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x2210, wParam=0x5a0001, lParam=0xd005a) returned 0x0
[0186.983] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0186.984] GetParent (hWnd=0xd005a) returned 0x1002d2
[0186.984] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0186.984] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.985] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.985] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1002d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02da
[0186.985] SetWindowLongW (hWnd=0xf02da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0186.986] GetWindowLongW (hWnd=0xf02da, nIndex=-4) returned 1868032000
[0186.986] SetWindowLongW (hWnd=0xf02da, nIndex=-4, dwNewLong=19940430) returned 1868032000
[0186.986] GetWindowLongW (hWnd=0xf02da, nIndex=-4) returned 19940430
[0186.986] GetWindowLongW (hWnd=0xf02da, nIndex=-16) returned 1174470667
[0186.986] GetWindowLongW (hWnd=0xf02da, nIndex=-12) returned 0
[0186.986] SetWindowLongW (hWnd=0xf02da, nIndex=-12, dwNewLong=983770) returned 0
[0186.986] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0186.988] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0186.988] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0186.989] SendMessageW (hWnd=0xf02da, Msg=0x2055, wParam=0xf02da, lParam=0x3) returned 0x2
[0186.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0186.989] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0186.989] GetWindow (hWnd=0xf02da, uCmd=0x3) returned 0xd005a
[0186.989] GetClientRect (in: hWnd=0xf02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0186.989] GetWindowRect (in: hWnd=0xf02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0186.989] GetParent (hWnd=0xf02da) returned 0x1002d2
[0186.989] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0186.990] SetWindowTextW (hWnd=0xf02da, lpString="&Quit") returned 1
[0186.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0186.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0186.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0186.990] GetClientRect (in: hWnd=0xf02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0186.990] GetWindowRect (in: hWnd=0xf02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0186.990] GetParent (hWnd=0xf02da) returned 0x1002d2
[0186.991] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0186.991] SendMessageW (hWnd=0xf02da, Msg=0x2210, wParam=0x2da0001, lParam=0xf02da) returned 0x0
[0186.991] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x2210, wParam=0x2da0001, lParam=0xf02da) returned 0x0
[0186.991] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0186.991] GetParent (hWnd=0xf02da) returned 0x1002d2
[0186.991] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0186.992] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0186.992] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0186.992] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1002d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102d8
[0186.992] SetWindowLongW (hWnd=0x1102d8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0186.993] GetWindowLongW (hWnd=0x1102d8, nIndex=-4) returned 1868026976
[0186.993] SetWindowLongW (hWnd=0x1102d8, nIndex=-4, dwNewLong=19941110) returned 1868026976
[0186.993] GetWindowLongW (hWnd=0x1102d8, nIndex=-4) returned 19941110
[0186.993] GetWindowLongW (hWnd=0x1102d8, nIndex=-16) returned 1177553092
[0186.993] GetWindowLongW (hWnd=0x1102d8, nIndex=-12) returned 0
[0186.993] SetWindowLongW (hWnd=0x1102d8, nIndex=-12, dwNewLong=1114840) returned 0
[0186.993] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0186.995] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0186.996] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0187.032] GetWindow (hWnd=0x1102d8, uCmd=0x3) returned 0xf02da
[0187.032] GetClientRect (in: hWnd=0x1102d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0187.032] GetWindowRect (in: hWnd=0x1102d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0187.032] GetParent (hWnd=0x1102d8) returned 0x1002d2
[0187.032] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0187.032] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.033] GetSystemMetrics (nIndex=42) returned 0
[0187.033] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0187.033] SendMessageW (hWnd=0x1102d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0187.033] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0187.075] SetWindowTextW (hWnd=0x1102d8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0187.075] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0xc, wParam=0x0, lParam=0x2de155c) returned 0x1
[0187.131] GetSystemMetrics (nIndex=5) returned 1
[0187.131] GetSystemMetrics (nIndex=6) returned 1
[0187.131] SendMessageW (hWnd=0x1102d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0187.131] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0187.132] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0187.134] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0187.134] GetClientRect (in: hWnd=0x1102d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0187.134] GetWindowRect (in: hWnd=0x1102d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0187.134] GetParent (hWnd=0x1102d8) returned 0x1002d2
[0187.134] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002d2, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0187.134] SendMessageW (hWnd=0x1102d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1102d8) returned 0x0
[0187.134] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1102d8) returned 0x0
[0187.134] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0187.135] GetParent (hWnd=0x1102d8) returned 0x1002d2
[0187.135] GetWindowLongW (hWnd=0x1002d2, nIndex=-8) returned 458844
[0187.135] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0187.135] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0187.135] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x66010803
[0187.135] GetDeviceCaps (hdc=0x66010803, index=12) returned 32
[0187.135] GetDeviceCaps (hdc=0x66010803, index=14) returned 1
[0187.135] DeleteDC (hdc=0x66010803) returned 1
[0187.135] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0187.135] GetWindowThreadProcessId (in: hWnd=0x1002d2, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0187.135] GetCurrentThreadId () returned 0xf50
[0187.136] PostMessageW (hWnd=0x1002d2, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0187.136] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.136] GetSystemMetrics (nIndex=42) returned 0
[0187.136] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0187.136] GdipImageGetFrameDimensionsCount (image=0x6602a58, count=0xd7e25c) returned 0x0
[0187.136] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7d60
[0187.136] GdipImageGetFrameDimensionsList (image=0x6602a58, dimensionIDs=0x11f7d60*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0187.136] LocalFree (hMem=0x11f7d60) returned 0x0
[0187.136] GdipImageGetFrameDimensionsCount (image=0x6601360, count=0xd7e250) returned 0x0
[0187.136] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7f88
[0187.136] GdipImageGetFrameDimensionsList (image=0x6601360, dimensionIDs=0x11f7f88*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0187.136] LocalFree (hMem=0x11f7f88) returned 0x0
[0187.137] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0187.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0187.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0187.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0187.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0187.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0187.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0187.162] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0187.162] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0187.162] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.162] GetSystemMetrics (nIndex=42) returned 0
[0187.162] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0187.162] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0187.162] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0187.162] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0187.162] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0x440507ec
[0187.163] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0187.163] SaveDC (hdc=0xc0107c5) returned 1
[0187.163] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0187.163] CreateSolidBrush (color=0xf0f0f0) returned 0xb61007e1
[0187.163] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0xb61007e1) returned 1
[0187.163] DeleteObject (ho=0xb61007e1) returned 1
[0187.163] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0187.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0187.164] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0187.164] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0187.164] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0187.164] GetStockObject (i=5) returned 0x900015
[0187.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0187.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0187.165] GetStockObject (i=5) returned 0x900015
[0187.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0187.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0187.165] GetStockObject (i=5) returned 0x900015
[0187.166] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0187.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0187.166] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0187.166] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0187.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0187.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0187.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0187.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0187.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0187.168] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0187.168] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0187.168] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.168] InvalidateRect (hWnd=0x11013e, lpRect=0x0, bErase=0) returned 1
[0187.169] GetFocus () returned 0x1002d2
[0187.169] GetFocus () returned 0x1002d2
[0187.171] SetFocus (hWnd=0x11013e) returned 0x1002d2
[0187.172] GetFocus () returned 0x11013e
[0187.172] IsChild (hWndParent=0x1002d2, hWnd=0x11013e) returned 1
[0187.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x8, wParam=0x11013e, lParam=0x0) returned 0x0
[0187.173] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0187.174] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0187.176] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0187.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x7, wParam=0x1002d2, lParam=0x0) returned 0x0
[0187.176] GetStockObject (i=5) returned 0x900015
[0187.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0187.177] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0187.177] GetDlgItem (hDlg=0x1002d2, nIDDlgItem=1114430) returned 0x11013e
[0187.177] SendMessageW (hWnd=0x11013e, Msg=0x202b, wParam=0x11013e, lParam=0xd7e0dc) returned 0x0
[0187.177] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x202b, wParam=0x11013e, lParam=0xd7e0dc) returned 0x0
[0187.177] InvalidateRect (hWnd=0x11013e, lpRect=0x0, bErase=0) returned 1
[0187.179] GetFocus () returned 0x11013e
[0187.179] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.180] IsWindowUnicode (hWnd=0x1002d2) returned 1
[0187.180] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.180] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.180] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0187.180] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.180] IsWindowUnicode (hWnd=0x1002d2) returned 1
[0187.180] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.180] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.180] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.180] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0187.181] IsWindowUnicode (hWnd=0x1002d2) returned 1
[0187.181] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.181] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.181] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.181] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.181] IsWindowUnicode (hWnd=0x602c4) returned 1
[0187.181] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.182] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.182] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0187.182] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0187.182] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.183] IsWindowUnicode (hWnd=0x1002d2) returned 1
[0187.183] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.183] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.183] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.183] BeginPaint (in: hWnd=0x1002d2, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0187.183] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.183] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.183] GetSystemMetrics (nIndex=42) returned 0
[0187.183] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0187.183] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.184] EndPaint (hWnd=0x1002d2, lpPaint=0xd7e274) returned 1
[0187.184] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.184] IsWindowUnicode (hWnd=0xf02de) returned 1
[0187.184] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.184] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.184] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.184] BeginPaint (in: hWnd=0xf02de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0187.191] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.191] CreateCompatibleDC (hdc=0x107b9) returned 0x160107c6
[0187.191] SelectObject (hdc=0x160107c6, h=0x4a0507fe) returned 0x85000f
[0187.191] GdipCreateFromHDC (hdc=0x160107c6, graphics=0xd7e2b0) returned 0x0
[0187.191] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.191] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0187.192] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0187.192] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0187.192] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e310) returned 0x0
[0187.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0187.192] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee8d8) returned 0x0
[0187.192] LocalFree (hMem=0x11ee8d8) returned 0x0
[0187.192] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0187.192] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0187.192] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0187.192] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e304) returned 0x0
[0187.192] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0187.192] GetWindowTextLengthW (hWnd=0xf02de) returned 0
[0187.192] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0187.192] GetSystemMetrics (nIndex=42) returned 0
[0187.192] GetWindowTextW (in: hWnd=0xf02de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0187.192] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0187.193] GetClientRect (in: hWnd=0xf02de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0187.193] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0187.193] GdipGetClip (graphics=0x6600030, region=0x66451b8) returned 0x0
[0187.193] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0187.193] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0187.193] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e164) returned 0x0
[0187.193] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0187.193] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0187.193] LocalFree (hMem=0x11eecc8) returned 0x0
[0187.193] GdipCombineRegionRegion (region=0x66451b8, region2=0x6646298, combineMode=0x1) returned 0x0
[0187.193] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.193] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0187.193] LocalFree (hMem=0x11ee868) returned 0x0
[0187.193] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0187.193] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0187.193] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0187.193] GdipGetRegionHRgn (region=0x66451b8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0187.194] GdipDeleteRegion (region=0x66451b8) returned 0x0
[0187.194] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0187.194] GetCurrentObject (hdc=0x160107c6, type=0x1) returned 0xb00017
[0187.194] GetCurrentObject (hdc=0x160107c6, type=0x2) returned 0x900010
[0187.194] GetCurrentObject (hdc=0x160107c6, type=0x7) returned 0x4a0507fe
[0187.194] GetCurrentObject (hdc=0x160107c6, type=0x6) returned 0x8a01c2
[0187.194] SaveDC (hdc=0x160107c6) returned 1
[0187.194] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040807
[0187.194] GetClipRgn (hdc=0x160107c6, hrgn=0x3f040807) returned 0
[0187.194] SelectClipRgn (hdc=0x160107c6, hrgn=0xc80407de) returned 2
[0187.194] DeleteObject (ho=0x3f040807) returned 1
[0187.194] DeleteObject (ho=0xc80407de) returned 1
[0187.194] OffsetViewportOrgEx (in: hdc=0x160107c6, x=0, y=0, lppt=0x2de70f4 | out: lppt=0x2de70f4) returned 1
[0187.195] GetNearestColor (hdc=0x160107c6, color=0xf0f0f0) returned 0xf0f0f0
[0187.195] CreateSolidBrush (color=0xf0f0f0) returned 0xb71007e1
[0187.195] FillRect (hDC=0x160107c6, lprc=0xd7e198, hbr=0xb71007e1) returned 1
[0187.195] DeleteObject (ho=0xb71007e1) returned 1
[0187.195] RestoreDC (hdc=0x160107c6, nSavedDC=-1) returned 1
[0187.195] GdipReleaseDC (graphics=0x6600030, hdc=0x160107c6) returned 0x0
[0187.195] GdipRestoreGraphics (graphics=0x6600030, state=0xfb7e0dbd) returned 0x0
[0187.195] GdipDeleteRegion (region=0x6646298) returned 0x0
[0187.195] GetWindowTextLengthW (hWnd=0xf02de) returned 0
[0187.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0187.195] GetSystemMetrics (nIndex=42) returned 0
[0187.195] GetWindowTextW (in: hWnd=0xf02de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0187.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0187.195] GdipGetImageWidth (image=0x6602a58, width=0xd7e1e0) returned 0x0
[0187.195] GdipGetImageHeight (image=0x6602a58, height=0xd7e1e0) returned 0x0
[0187.196] GdipGetImageWidth (image=0x6602a58, width=0xd7e1cc) returned 0x0
[0187.196] GdipGetImageHeight (image=0x6602a58, height=0xd7e1cc) returned 0x0
[0187.196] GdipDrawImageRectI (graphics=0x6600030, image=0x6602a58, x=16, y=16, width=32, height=32) returned 0x0
[0187.196] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0187.196] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0x160107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.196] GdipReleaseDC (graphics=0x6600030, hdc=0x160107c6) returned 0x0
[0187.196] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.196] SelectObject (hdc=0x160107c6, h=0x85000f) returned 0x4a0507fe
[0187.196] DeleteDC (hdc=0x160107c6) returned 1
[0187.196] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.196] EndPaint (hWnd=0xf02de, lpPaint=0xd7e294) returned 1
[0187.197] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.197] IsWindowUnicode (hWnd=0xf02dc) returned 1
[0187.197] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.197] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.197] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.197] BeginPaint (in: hWnd=0xf02dc, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0187.197] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.197] CreateCompatibleDC (hdc=0xc0107c5) returned 0x180107c6
[0187.197] GetObjectType (h=0xc0107c5) returned 0x3
[0187.197] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0x590507d0
[0187.198] GetDIBits (in: hdc=0xc0107c5, hbm=0x590507d0, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0187.198] GetDIBits (in: hdc=0xc0107c5, hbm=0x590507d0, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0187.198] DeleteObject (ho=0x590507d0) returned 1
[0187.198] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x78050803
[0187.198] SelectObject (hdc=0x180107c6, h=0x78050803) returned 0x85000f
[0187.198] GdipCreateFromHDC (hdc=0x180107c6, graphics=0xd7e234) returned 0x0
[0187.198] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.199] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0187.199] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0187.199] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0187.199] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2d4) returned 0x0
[0187.199] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0187.199] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0187.199] LocalFree (hMem=0x11ee9f0) returned 0x0
[0187.199] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0187.199] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0187.199] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0187.199] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0187.199] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0187.199] GetWindowTextLengthW (hWnd=0xf02dc) returned 232
[0187.199] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0187.199] GetSystemMetrics (nIndex=42) returned 0
[0187.199] GetWindowTextW (in: hWnd=0xf02dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0187.199] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0187.200] GetClientRect (in: hWnd=0xf02dc, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0187.200] GdipCreateRegion (region=0xd7e110) returned 0x0
[0187.200] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0187.200] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0187.200] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0187.200] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e128) returned 0x0
[0187.200] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.200] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0187.201] LocalFree (hMem=0x11ee868) returned 0x0
[0187.201] GdipCombineRegionRegion (region=0x66452d8, region2=0x6646298, combineMode=0x1) returned 0x0
[0187.201] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0187.201] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0187.201] LocalFree (hMem=0x11ee910) returned 0x0
[0187.201] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0187.201] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0187.201] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0187.201] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0187.201] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0187.201] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0187.201] GetCurrentObject (hdc=0x180107c6, type=0x1) returned 0xb00017
[0187.201] GetCurrentObject (hdc=0x180107c6, type=0x2) returned 0x900010
[0187.201] GetCurrentObject (hdc=0x180107c6, type=0x7) returned 0x78050803
[0187.201] GetCurrentObject (hdc=0x180107c6, type=0x6) returned 0x8a01c2
[0187.202] SaveDC (hdc=0x180107c6) returned 1
[0187.202] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc90407de
[0187.202] GetClipRgn (hdc=0x180107c6, hrgn=0xc90407de) returned 0
[0187.202] SelectClipRgn (hdc=0x180107c6, hrgn=0x40040807) returned 2
[0187.202] DeleteObject (ho=0xc90407de) returned 1
[0187.202] DeleteObject (ho=0x40040807) returned 1
[0187.202] OffsetViewportOrgEx (in: hdc=0x180107c6, x=0, y=0, lppt=0x2de8abc | out: lppt=0x2de8abc) returned 1
[0187.202] GetNearestColor (hdc=0x180107c6, color=0xf0f0f0) returned 0xf0f0f0
[0187.202] CreateSolidBrush (color=0xf0f0f0) returned 0xb81007e1
[0187.202] FillRect (hDC=0x180107c6, lprc=0xd7e15c, hbr=0xb81007e1) returned 1
[0187.204] DeleteObject (ho=0xb81007e1) returned 1
[0187.204] RestoreDC (hdc=0x180107c6, nSavedDC=-1) returned 1
[0187.204] GdipReleaseDC (graphics=0x6600030, hdc=0x180107c6) returned 0x0
[0187.204] GdipRestoreGraphics (graphics=0x6600030, state=0xfb7c0dbd) returned 0x0
[0187.204] GdipDeleteRegion (region=0x6646298) returned 0x0
[0187.204] GetWindowTextLengthW (hWnd=0xf02dc) returned 232
[0187.204] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0187.204] GetSystemMetrics (nIndex=42) returned 0
[0187.204] GetWindowTextW (in: hWnd=0xf02dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0187.204] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0187.205] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0187.205] GetCurrentObject (hdc=0x180107c6, type=0x1) returned 0xb00017
[0187.205] GetCurrentObject (hdc=0x180107c6, type=0x2) returned 0x900010
[0187.205] GetCurrentObject (hdc=0x180107c6, type=0x7) returned 0x78050803
[0187.205] GetCurrentObject (hdc=0x180107c6, type=0x6) returned 0x8a01c2
[0187.205] SaveDC (hdc=0x180107c6) returned 1
[0187.205] GetNearestColor (hdc=0x180107c6, color=0x0) returned 0x0
[0187.205] RestoreDC (hdc=0x180107c6, nSavedDC=-1) returned 1
[0187.205] GdipReleaseDC (graphics=0x6600030, hdc=0x180107c6) returned 0x0
[0187.206] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0187.206] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0187.206] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2de92b8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0187.206] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0187.206] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0187.206] GetCurrentObject (hdc=0x180107c6, type=0x1) returned 0xb00017
[0187.206] GetCurrentObject (hdc=0x180107c6, type=0x2) returned 0x900010
[0187.207] GetCurrentObject (hdc=0x180107c6, type=0x7) returned 0x78050803
[0187.207] GetCurrentObject (hdc=0x180107c6, type=0x6) returned 0x8a01c2
[0187.207] SaveDC (hdc=0x180107c6) returned 1
[0187.207] GetTextAlign (hdc=0x180107c6) returned 0x0
[0187.207] GetTextColor (hdc=0x180107c6) returned 0x0
[0187.207] GetCurrentObject (hdc=0x180107c6, type=0x6) returned 0x8a01c2
[0187.207] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0187.207] SelectObject (hdc=0x180107c6, h=0x6d0a0520) returned 0x8a01c2
[0187.207] GetBkMode (hdc=0x180107c6) returned 2
[0187.207] SetBkMode (hdc=0x180107c6, mode=1) returned 2
[0187.207] DrawTextExW (in: hdc=0x180107c6, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2de94dc | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0187.211] RestoreDC (hdc=0x180107c6, nSavedDC=-1) returned 1
[0187.211] GdipReleaseDC (graphics=0x6600030, hdc=0x180107c6) returned 0x0
[0187.211] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0187.211] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0x180107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.211] GdipReleaseDC (graphics=0x6600030, hdc=0x180107c6) returned 0x0
[0187.212] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.212] SelectObject (hdc=0x180107c6, h=0x85000f) returned 0x78050803
[0187.212] DeleteDC (hdc=0x180107c6) returned 1
[0187.212] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.212] DeleteObject (ho=0x78050803) returned 1
[0187.213] EndPaint (hWnd=0xf02dc, lpPaint=0xd7e258) returned 1
[0187.214] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.214] IsWindowUnicode (hWnd=0x11013e) returned 1
[0187.214] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.214] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.214] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.214] BeginPaint (in: hWnd=0x11013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0187.214] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.214] CreateCompatibleDC (hdc=0xf0105ee) returned 0x5b0107d0
[0187.214] SelectObject (hdc=0x5b0107d0, h=0x4a0507fe) returned 0x85000f
[0187.214] GdipCreateFromHDC (hdc=0x5b0107d0, graphics=0xd7e268) returned 0x0
[0187.215] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.215] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0187.215] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0187.215] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0187.215] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2c8) returned 0x0
[0187.215] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.215] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0187.215] LocalFree (hMem=0x11eec58) returned 0x0
[0187.215] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0187.215] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0187.215] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0187.215] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0187.215] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0187.215] GdipRestoreGraphics (graphics=0x6600030, state=0xfb7a0dbd) returned 0x0
[0187.215] GdipDeleteRegion (region=0x6646298) returned 0x0
[0187.215] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0187.230] GetCurrentObject (hdc=0x5b0107d0, type=0x1) returned 0xb00017
[0187.230] GetCurrentObject (hdc=0x5b0107d0, type=0x2) returned 0x900010
[0187.230] GetCurrentObject (hdc=0x5b0107d0, type=0x7) returned 0x4a0507fe
[0187.231] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.231] SaveDC (hdc=0x5b0107d0) returned 1
[0187.231] GetNearestColor (hdc=0x5b0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.231] GetNearestColor (hdc=0x5b0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.231] GetNearestColor (hdc=0x5b0107d0, color=0x696969) returned 0x696969
[0187.231] GetNearestColor (hdc=0x5b0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.231] GetNearestColor (hdc=0x5b0107d0, color=0x0) returned 0x0
[0187.232] GetNearestColor (hdc=0x5b0107d0, color=0xffffff) returned 0xffffff
[0187.232] GetNearestColor (hdc=0x5b0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0187.232] GetNearestColor (hdc=0x5b0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0187.232] GetNearestColor (hdc=0x5b0107d0, color=0x0) returned 0x0
[0187.232] RestoreDC (hdc=0x5b0107d0, nSavedDC=-1) returned 1
[0187.232] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107d0) returned 0x0
[0187.233] IsAppThemed () returned 0x1
[0187.233] GetThemeAppProperties () returned 0x3
[0187.233] GetThemeAppProperties () returned 0x3
[0187.233] GdipGetImageWidth (image=0x6601360, width=0xd7e168) returned 0x0
[0187.233] GdipGetImageHeight (image=0x6601360, height=0xd7e168) returned 0x0
[0187.233] IsAppThemed () returned 0x1
[0187.233] GetThemeAppProperties () returned 0x3
[0187.233] GetThemeAppProperties () returned 0x3
[0187.233] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2de9c2c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0187.233] IsAppThemed () returned 0x1
[0187.233] GetThemeAppProperties () returned 0x3
[0187.233] GetThemeAppProperties () returned 0x3
[0187.234] IsAppThemed () returned 0x1
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] GetFocus () returned 0x11013e
[0187.234] IsAppThemed () returned 0x1
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] IsAppThemed () returned 0x1
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] IsThemePartDefined () returned 0x1
[0187.234] IsAppThemed () returned 0x1
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0187.234] IsAppThemed () returned 0x1
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] GetThemeAppProperties () returned 0x3
[0187.234] IsAppThemed () returned 0x1
[0187.235] GetThemeAppProperties () returned 0x3
[0187.235] GetThemeAppProperties () returned 0x3
[0187.235] IsThemePartDefined () returned 0x1
[0187.235] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0187.235] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0187.235] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0187.235] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0187.235] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dff0) returned 0x0
[0187.235] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.235] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0187.235] LocalFree (hMem=0x11eec58) returned 0x0
[0187.235] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0187.235] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0187.235] LocalFree (hMem=0x11eecc8) returned 0x0
[0187.235] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0187.235] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0187.235] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0187.236] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0187.236] GdipDeleteRegion (region=0x6646298) returned 0x0
[0187.236] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0187.236] GetCurrentObject (hdc=0x5b0107d0, type=0x1) returned 0xb00017
[0187.236] GetCurrentObject (hdc=0x5b0107d0, type=0x2) returned 0x900010
[0187.236] GetCurrentObject (hdc=0x5b0107d0, type=0x7) returned 0x4a0507fe
[0187.236] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.236] SaveDC (hdc=0x5b0107d0) returned 1
[0187.236] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x41040807
[0187.236] GetClipRgn (hdc=0x5b0107d0, hrgn=0x41040807) returned 0
[0187.236] SelectClipRgn (hdc=0x5b0107d0, hrgn=0xcd0407de) returned 2
[0187.236] DeleteObject (ho=0x41040807) returned 1
[0187.236] DeleteObject (ho=0xcd0407de) returned 1
[0187.236] OffsetViewportOrgEx (in: hdc=0x5b0107d0, x=0, y=0, lppt=0x2dea2dc | out: lppt=0x2dea2dc) returned 1
[0187.237] DrawThemeParentBackground () returned 0x0
[0187.237] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0187.237] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0187.237] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.237] GetSystemMetrics (nIndex=42) returned 0
[0187.237] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0187.237] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0187.237] GetCurrentObject (hdc=0x5b0107d0, type=0x1) returned 0xb00017
[0187.237] GetCurrentObject (hdc=0x5b0107d0, type=0x2) returned 0x900010
[0187.237] GetCurrentObject (hdc=0x5b0107d0, type=0x7) returned 0x4a0507fe
[0187.237] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.237] SaveDC (hdc=0x5b0107d0) returned 2
[0187.238] GetNearestColor (hdc=0x5b0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.238] CreateSolidBrush (color=0xf0f0f0) returned 0xb91007e1
[0187.238] FillRect (hDC=0x5b0107d0, lprc=0xd7da38, hbr=0xb91007e1) returned 1
[0187.238] DeleteObject (ho=0xb91007e1) returned 1
[0187.238] RestoreDC (hdc=0x5b0107d0, nSavedDC=-1) returned 1
[0187.238] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.238] GetSystemMetrics (nIndex=42) returned 0
[0187.238] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0187.238] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0187.238] GetCurrentObject (hdc=0x5b0107d0, type=0x1) returned 0xb00017
[0187.238] GetCurrentObject (hdc=0x5b0107d0, type=0x2) returned 0x900010
[0187.238] GetCurrentObject (hdc=0x5b0107d0, type=0x7) returned 0x4a0507fe
[0187.238] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.239] SaveDC (hdc=0x5b0107d0) returned 2
[0187.239] GetNearestColor (hdc=0x5b0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.239] CreateSolidBrush (color=0xf0f0f0) returned 0xba1007e1
[0187.239] FillRect (hDC=0x5b0107d0, lprc=0xd7d9d8, hbr=0xba1007e1) returned 1
[0187.239] DeleteObject (ho=0xba1007e1) returned 1
[0187.239] RestoreDC (hdc=0x5b0107d0, nSavedDC=-1) returned 1
[0187.239] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.239] GetSystemMetrics (nIndex=42) returned 0
[0187.239] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0187.239] RestoreDC (hdc=0x5b0107d0, nSavedDC=-1) returned 1
[0187.239] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107d0) returned 0x0
[0187.239] IsAppThemed () returned 0x1
[0187.240] GetThemeAppProperties () returned 0x3
[0187.240] GetThemeAppProperties () returned 0x3
[0187.240] IsAppThemed () returned 0x1
[0187.240] GetThemeAppProperties () returned 0x3
[0187.240] GetThemeAppProperties () returned 0x3
[0187.240] IsThemePartDefined () returned 0x1
[0187.240] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0187.240] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0187.240] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0187.240] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0187.240] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df74) returned 0x0
[0187.240] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee910) returned 0x0
[0187.240] LocalFree (hMem=0x11ee910) returned 0x0
[0187.240] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0187.240] LocalFree (hMem=0x11eec58) returned 0x0
[0187.240] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0187.240] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0187.240] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0187.241] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0187.241] GdipDeleteRegion (region=0x6646298) returned 0x0
[0187.241] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0187.241] GetCurrentObject (hdc=0x5b0107d0, type=0x1) returned 0xb00017
[0187.241] GetCurrentObject (hdc=0x5b0107d0, type=0x2) returned 0x900010
[0187.241] GetCurrentObject (hdc=0x5b0107d0, type=0x7) returned 0x4a0507fe
[0187.241] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.241] SaveDC (hdc=0x5b0107d0) returned 1
[0187.241] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xce0407de
[0187.241] GetClipRgn (hdc=0x5b0107d0, hrgn=0xce0407de) returned 0
[0187.241] SelectClipRgn (hdc=0x5b0107d0, hrgn=0x43040807) returned 2
[0187.241] DeleteObject (ho=0xce0407de) returned 1
[0187.241] DeleteObject (ho=0x43040807) returned 1
[0187.241] OffsetViewportOrgEx (in: hdc=0x5b0107d0, x=0, y=0, lppt=0x2deac60 | out: lppt=0x2deac60) returned 1
[0187.241] IsAppThemed () returned 0x1
[0187.242] GetThemeAppProperties () returned 0x3
[0187.242] GetThemeAppProperties () returned 0x3
[0187.242] DrawThemeBackground () returned 0x0
[0187.242] RestoreDC (hdc=0x5b0107d0, nSavedDC=-1) returned 1
[0187.242] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107d0) returned 0x0
[0187.242] GdipCreateRegion (region=0xd7df60) returned 0x0
[0187.242] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0187.242] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0187.242] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0187.242] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0187.242] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0187.242] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0187.242] LocalFree (hMem=0x11ee8d8) returned 0x0
[0187.242] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0187.242] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eed00) returned 0x0
[0187.242] LocalFree (hMem=0x11eed00) returned 0x0
[0187.243] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0187.243] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0187.243] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0187.243] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0187.243] GdipDeleteRegion (region=0x6646298) returned 0x0
[0187.243] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0187.243] GetCurrentObject (hdc=0x5b0107d0, type=0x1) returned 0xb00017
[0187.243] GetCurrentObject (hdc=0x5b0107d0, type=0x2) returned 0x900010
[0187.243] GetCurrentObject (hdc=0x5b0107d0, type=0x7) returned 0x4a0507fe
[0187.243] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.243] SaveDC (hdc=0x5b0107d0) returned 1
[0187.243] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x44040807
[0187.243] GetClipRgn (hdc=0x5b0107d0, hrgn=0x44040807) returned 0
[0187.243] SelectClipRgn (hdc=0x5b0107d0, hrgn=0xcf0407de) returned 2
[0187.244] DeleteObject (ho=0x44040807) returned 1
[0187.244] DeleteObject (ho=0xcf0407de) returned 1
[0187.244] OffsetViewportOrgEx (in: hdc=0x5b0107d0, x=0, y=0, lppt=0x2deaf34 | out: lppt=0x2deaf34) returned 1
[0187.244] IsAppThemed () returned 0x1
[0187.244] GetThemeAppProperties () returned 0x3
[0187.244] GetThemeAppProperties () returned 0x3
[0187.244] GetThemeBackgroundContentRect () returned 0x0
[0187.244] RestoreDC (hdc=0x5b0107d0, nSavedDC=-1) returned 1
[0187.244] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107d0) returned 0x0
[0187.244] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0187.244] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0187.244] GdipCloneRegion (region=0x6646298, cloneRegion=0xd7e150) returned 0x0
[0187.244] GdipCombineRegionRectI (region=0x6645bd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0187.244] GdipCombineRegionRectI (region=0x6645bd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0187.244] GdipSetClipRegion (graphics=0x6600030, region=0x6645bd8, combineMode=0x0) returned 0x0
[0187.244] GdipGetImageWidth (image=0x6601360, width=0xd7e154) returned 0x0
[0187.245] GdipGetImageHeight (image=0x6601360, height=0xd7e148) returned 0x0
[0187.245] GdipDrawImageRectI (graphics=0x6600030, image=0x6601360, x=4, y=4, width=16, height=16) returned 0x0
[0187.245] GdipSetClipRegion (graphics=0x6600030, region=0x6646298, combineMode=0x0) returned 0x0
[0187.245] IsAppThemed () returned 0x1
[0187.245] GetThemeAppProperties () returned 0x3
[0187.245] GetThemeAppProperties () returned 0x3
[0187.245] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0187.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0187.245] GetCurrentObject (hdc=0x5b0107d0, type=0x1) returned 0xb00017
[0187.245] GetCurrentObject (hdc=0x5b0107d0, type=0x2) returned 0x900010
[0187.245] GetCurrentObject (hdc=0x5b0107d0, type=0x7) returned 0x4a0507fe
[0187.245] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.245] SaveDC (hdc=0x5b0107d0) returned 1
[0187.245] GetTextAlign (hdc=0x5b0107d0) returned 0x0
[0187.245] GetTextColor (hdc=0x5b0107d0) returned 0x0
[0187.246] GetCurrentObject (hdc=0x5b0107d0, type=0x6) returned 0x8a01c2
[0187.246] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0187.246] SelectObject (hdc=0x5b0107d0, h=0x6d0a0520) returned 0x8a01c2
[0187.246] GetBkMode (hdc=0x5b0107d0) returned 2
[0187.246] SetBkMode (hdc=0x5b0107d0, mode=1) returned 2
[0187.246] DrawTextExW (in: hdc=0x5b0107d0, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2deb2f4 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0187.246] DrawTextExW (in: hdc=0x5b0107d0, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2deb2f4 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0187.247] RestoreDC (hdc=0x5b0107d0, nSavedDC=-1) returned 1
[0187.253] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107d0) returned 0x0
[0187.253] GetFocus () returned 0x11013e
[0187.254] IsAppThemed () returned 0x1
[0187.254] GetThemeAppProperties () returned 0x3
[0187.254] GetThemeAppProperties () returned 0x3
[0187.254] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0187.254] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x5b0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.254] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107d0) returned 0x0
[0187.254] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.254] SelectObject (hdc=0x5b0107d0, h=0x85000f) returned 0x4a0507fe
[0187.254] DeleteDC (hdc=0x5b0107d0) returned 1
[0187.254] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.254] EndPaint (hWnd=0x11013e, lpPaint=0xd7e24c) returned 1
[0187.255] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.255] IsWindowUnicode (hWnd=0xd005a) returned 1
[0187.255] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.255] SetCursor (hCursor=0x10003) returned 0x10003
[0187.255] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.255] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.255] _TrackMouseEvent (in: lpEventTrack=0x2deb3f0 | out: lpEventTrack=0x2deb3f0) returned 1
[0187.255] SendMessageW (hWnd=0xd005a, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0187.256] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0187.256] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.256] GetKeyState (nVirtKey=1) returned 0
[0187.256] GetKeyState (nVirtKey=2) returned 0
[0187.256] GetKeyState (nVirtKey=4) returned 0
[0187.256] GetKeyState (nVirtKey=5) returned 0
[0187.256] GetKeyState (nVirtKey=6) returned 0
[0187.256] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.256] IsWindowUnicode (hWnd=0xd005a) returned 1
[0187.256] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.256] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.256] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.256] BeginPaint (in: hWnd=0xd005a, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0187.256] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.257] CreateCompatibleDC (hdc=0x10105d6) returned 0x5d0107d0
[0187.257] SelectObject (hdc=0x5d0107d0, h=0x4a0507fe) returned 0x85000f
[0187.257] GdipCreateFromHDC (hdc=0x5d0107d0, graphics=0xd7e268) returned 0x0
[0187.257] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.257] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0187.257] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0187.257] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0187.257] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0187.257] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.257] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0187.257] LocalFree (hMem=0x11eec58) returned 0x0
[0187.257] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0187.258] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0187.258] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0187.258] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0187.258] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0187.258] GdipRestoreGraphics (graphics=0x6600030, state=0xfb780dbd) returned 0x0
[0187.258] GdipDeleteRegion (region=0x6645908) returned 0x0
[0187.258] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0187.258] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0187.258] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0187.258] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0187.258] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.258] SaveDC (hdc=0x5d0107d0) returned 1
[0187.258] GetNearestColor (hdc=0x5d0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.258] GetNearestColor (hdc=0x5d0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.259] GetNearestColor (hdc=0x5d0107d0, color=0x696969) returned 0x696969
[0187.259] GetNearestColor (hdc=0x5d0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.259] GetNearestColor (hdc=0x5d0107d0, color=0x0) returned 0x0
[0187.259] GetNearestColor (hdc=0x5d0107d0, color=0xffffff) returned 0xffffff
[0187.259] GetNearestColor (hdc=0x5d0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0187.259] GetNearestColor (hdc=0x5d0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0187.259] GetNearestColor (hdc=0x5d0107d0, color=0x0) returned 0x0
[0187.259] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0187.259] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0187.259] IsAppThemed () returned 0x1
[0187.259] GetThemeAppProperties () returned 0x3
[0187.259] GetThemeAppProperties () returned 0x3
[0187.260] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0187.260] SendMessageW (hWnd=0x1002d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0187.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0187.260] IsAppThemed () returned 0x1
[0187.260] GetThemeAppProperties () returned 0x3
[0187.260] GetThemeAppProperties () returned 0x3
[0187.260] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2debb5c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0187.260] IsAppThemed () returned 0x1
[0187.260] GetThemeAppProperties () returned 0x3
[0187.260] GetThemeAppProperties () returned 0x3
[0187.260] IsAppThemed () returned 0x1
[0187.260] GetThemeAppProperties () returned 0x3
[0187.260] GetThemeAppProperties () returned 0x3
[0187.261] IsAppThemed () returned 0x1
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] IsAppThemed () returned 0x1
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] IsThemePartDefined () returned 0x1
[0187.261] IsAppThemed () returned 0x1
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0187.261] IsAppThemed () returned 0x1
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] IsAppThemed () returned 0x1
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] GetThemeAppProperties () returned 0x3
[0187.261] IsThemePartDefined () returned 0x1
[0187.261] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0187.261] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0187.262] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0187.262] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0187.262] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfe4) returned 0x0
[0187.262] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.262] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0187.262] LocalFree (hMem=0x11eec58) returned 0x0
[0187.262] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.262] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0187.262] LocalFree (hMem=0x11ee868) returned 0x0
[0187.262] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0187.262] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0187.262] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0187.262] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0187.262] GdipDeleteRegion (region=0x6645488) returned 0x0
[0187.262] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0187.299] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0187.299] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0187.299] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0187.299] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.299] SaveDC (hdc=0x5d0107d0) returned 1
[0187.299] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd00407de
[0187.299] GetClipRgn (hdc=0x5d0107d0, hrgn=0xd00407de) returned 0
[0187.300] SelectClipRgn (hdc=0x5d0107d0, hrgn=0x48040807) returned 2
[0187.300] DeleteObject (ho=0xd00407de) returned 1
[0187.300] DeleteObject (ho=0x48040807) returned 1
[0187.300] OffsetViewportOrgEx (in: hdc=0x5d0107d0, x=0, y=0, lppt=0x2dec20c | out: lppt=0x2dec20c) returned 1
[0187.300] DrawThemeParentBackground () returned 0x0
[0187.300] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0187.300] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0187.300] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.300] GetSystemMetrics (nIndex=42) returned 0
[0187.300] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0187.301] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0187.301] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0187.301] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0187.301] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0187.301] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.301] SaveDC (hdc=0x5d0107d0) returned 2
[0187.301] GetNearestColor (hdc=0x5d0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.301] CreateSolidBrush (color=0xf0f0f0) returned 0xbb1007e1
[0187.301] FillRect (hDC=0x5d0107d0, lprc=0xd7da30, hbr=0xbb1007e1) returned 1
[0187.301] DeleteObject (ho=0xbb1007e1) returned 1
[0187.301] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0187.301] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.302] GetSystemMetrics (nIndex=42) returned 0
[0187.302] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0187.302] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0187.302] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0187.302] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0187.302] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0187.302] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.302] SaveDC (hdc=0x5d0107d0) returned 2
[0187.302] GetNearestColor (hdc=0x5d0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.302] CreateSolidBrush (color=0xf0f0f0) returned 0xbc1007e1
[0187.302] FillRect (hDC=0x5d0107d0, lprc=0xd7d9d0, hbr=0xbc1007e1) returned 1
[0187.302] DeleteObject (ho=0xbc1007e1) returned 1
[0187.302] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0187.302] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.303] GetSystemMetrics (nIndex=42) returned 0
[0187.303] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0187.303] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0187.303] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0187.303] IsAppThemed () returned 0x1
[0187.303] GetThemeAppProperties () returned 0x3
[0187.303] GetThemeAppProperties () returned 0x3
[0187.303] IsAppThemed () returned 0x1
[0187.303] GetThemeAppProperties () returned 0x3
[0187.303] GetThemeAppProperties () returned 0x3
[0187.303] IsThemePartDefined () returned 0x1
[0187.303] GdipCreateRegion (region=0xd7df50) returned 0x0
[0187.304] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0187.304] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0187.304] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0187.304] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df68) returned 0x0
[0187.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.304] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0187.304] LocalFree (hMem=0x11eec58) returned 0x0
[0187.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.304] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0187.304] LocalFree (hMem=0x11ee868) returned 0x0
[0187.304] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0187.304] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7df90) returned 0x0
[0187.304] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7df80) returned 0x0
[0187.304] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0187.304] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0187.304] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0187.305] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0187.305] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0187.305] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0187.305] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.305] SaveDC (hdc=0x5d0107d0) returned 1
[0187.305] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x49040807
[0187.305] GetClipRgn (hdc=0x5d0107d0, hrgn=0x49040807) returned 0
[0187.305] SelectClipRgn (hdc=0x5d0107d0, hrgn=0xd20407de) returned 2
[0187.305] DeleteObject (ho=0x49040807) returned 1
[0187.305] DeleteObject (ho=0xd20407de) returned 1
[0187.305] OffsetViewportOrgEx (in: hdc=0x5d0107d0, x=0, y=0, lppt=0x2decb90 | out: lppt=0x2decb90) returned 1
[0187.305] IsAppThemed () returned 0x1
[0187.305] GetThemeAppProperties () returned 0x3
[0187.305] GetThemeAppProperties () returned 0x3
[0187.306] DrawThemeBackground () returned 0x0
[0187.306] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0187.306] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0187.306] GdipCreateRegion (region=0xd7df54) returned 0x0
[0187.306] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0187.306] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0187.306] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0187.306] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df6c) returned 0x0
[0187.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.306] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0187.306] LocalFree (hMem=0x11ee868) returned 0x0
[0187.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.306] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0187.306] LocalFree (hMem=0x11eec58) returned 0x0
[0187.306] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0187.307] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0187.307] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0187.307] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0187.307] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0187.307] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0187.307] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0187.307] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0187.307] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0187.307] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.307] SaveDC (hdc=0x5d0107d0) returned 1
[0187.307] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd30407de
[0187.307] GetClipRgn (hdc=0x5d0107d0, hrgn=0xd30407de) returned 0
[0187.307] SelectClipRgn (hdc=0x5d0107d0, hrgn=0x4a040807) returned 2
[0187.307] DeleteObject (ho=0xd30407de) returned 1
[0187.307] DeleteObject (ho=0x4a040807) returned 1
[0187.308] OffsetViewportOrgEx (in: hdc=0x5d0107d0, x=0, y=0, lppt=0x2dece64 | out: lppt=0x2dece64) returned 1
[0187.308] IsAppThemed () returned 0x1
[0187.308] GetThemeAppProperties () returned 0x3
[0187.308] GetThemeAppProperties () returned 0x3
[0187.308] GetThemeBackgroundContentRect () returned 0x0
[0187.308] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0187.308] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0187.308] IsAppThemed () returned 0x1
[0187.308] GetThemeAppProperties () returned 0x3
[0187.308] GetThemeAppProperties () returned 0x3
[0187.308] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0187.308] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0187.308] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0187.308] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0187.308] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0187.308] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.309] SaveDC (hdc=0x5d0107d0) returned 1
[0187.309] GetTextAlign (hdc=0x5d0107d0) returned 0x0
[0187.309] GetTextColor (hdc=0x5d0107d0) returned 0x0
[0187.309] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0187.309] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0187.309] SelectObject (hdc=0x5d0107d0, h=0x6d0a0520) returned 0x8a01c2
[0187.309] GetBkMode (hdc=0x5d0107d0) returned 2
[0187.309] SetBkMode (hdc=0x5d0107d0, mode=1) returned 2
[0187.310] DrawTextExW (in: hdc=0x5d0107d0, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2ded204 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0187.310] DrawTextExW (in: hdc=0x5d0107d0, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2ded204 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0187.311] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0187.311] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0187.311] GetFocus () returned 0x11013e
[0187.311] IsAppThemed () returned 0x1
[0187.311] GetThemeAppProperties () returned 0x3
[0187.311] GetThemeAppProperties () returned 0x3
[0187.311] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0187.311] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x5d0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.311] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0187.311] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.311] SelectObject (hdc=0x5d0107d0, h=0x85000f) returned 0x4a0507fe
[0187.311] DeleteDC (hdc=0x5d0107d0) returned 1
[0187.312] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.312] EndPaint (hWnd=0xd005a, lpPaint=0xd7e24c) returned 1
[0187.312] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0187.313] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.313] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0187.314] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.314] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.315] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0187.316] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.316] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.316] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.316] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.316] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.317] IsWindowUnicode (hWnd=0xf02da) returned 1
[0187.317] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.317] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.317] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.318] BeginPaint (in: hWnd=0xf02da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0187.318] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.318] CreateCompatibleDC (hdc=0xc0107c5) returned 0x5f0107d0
[0187.318] SelectObject (hdc=0x5f0107d0, h=0x4a0507fe) returned 0x85000f
[0187.318] GdipCreateFromHDC (hdc=0x5f0107d0, graphics=0xd7e268) returned 0x0
[0187.318] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.318] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0187.318] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0187.318] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0187.318] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0187.319] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0187.319] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0187.319] LocalFree (hMem=0x11ee9f0) returned 0x0
[0187.319] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0187.319] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0187.319] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0187.319] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0187.319] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0187.319] GdipRestoreGraphics (graphics=0x6600030, state=0xfb760dbd) returned 0x0
[0187.319] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0187.319] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0187.319] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0187.319] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0187.319] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x4a0507fe
[0187.319] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.319] SaveDC (hdc=0x5f0107d0) returned 1
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0x696969) returned 0x696969
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0x0) returned 0x0
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0xffffff) returned 0xffffff
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0187.320] GetNearestColor (hdc=0x5f0107d0, color=0x0) returned 0x0
[0187.320] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0187.320] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0187.320] IsAppThemed () returned 0x1
[0187.320] GetThemeAppProperties () returned 0x3
[0187.320] GetThemeAppProperties () returned 0x3
[0187.321] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0187.321] SendMessageW (hWnd=0x1002d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0187.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0187.321] IsAppThemed () returned 0x1
[0187.321] GetThemeAppProperties () returned 0x3
[0187.321] GetThemeAppProperties () returned 0x3
[0187.321] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2deda14 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0187.321] IsAppThemed () returned 0x1
[0187.321] GetThemeAppProperties () returned 0x3
[0187.321] GetThemeAppProperties () returned 0x3
[0187.321] IsAppThemed () returned 0x1
[0187.321] GetThemeAppProperties () returned 0x3
[0187.321] GetThemeAppProperties () returned 0x3
[0187.321] GetFocus () returned 0x11013e
[0187.322] IsAppThemed () returned 0x1
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] IsAppThemed () returned 0x1
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] IsThemePartDefined () returned 0x1
[0187.322] IsAppThemed () returned 0x1
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0187.322] IsAppThemed () returned 0x1
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] IsAppThemed () returned 0x1
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] GetThemeAppProperties () returned 0x3
[0187.322] IsThemePartDefined () returned 0x1
[0187.322] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0187.322] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0187.323] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0187.323] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0187.323] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0187.323] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0187.323] LocalFree (hMem=0x11eec58) returned 0x0
[0187.323] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0187.323] LocalFree (hMem=0x11eec58) returned 0x0
[0187.323] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0187.323] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0187.323] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0187.323] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0187.323] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0187.323] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0187.323] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0187.323] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0187.323] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x4a0507fe
[0187.323] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.324] SaveDC (hdc=0x5f0107d0) returned 1
[0187.324] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b040807
[0187.324] GetClipRgn (hdc=0x5f0107d0, hrgn=0x4b040807) returned 0
[0187.324] SelectClipRgn (hdc=0x5f0107d0, hrgn=0xd70407de) returned 2
[0187.324] DeleteObject (ho=0x4b040807) returned 1
[0187.324] DeleteObject (ho=0xd70407de) returned 1
[0187.324] OffsetViewportOrgEx (in: hdc=0x5f0107d0, x=0, y=0, lppt=0x2dee0c4 | out: lppt=0x2dee0c4) returned 1
[0187.324] DrawThemeParentBackground () returned 0x0
[0187.324] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0187.324] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0187.324] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.324] GetSystemMetrics (nIndex=42) returned 0
[0187.324] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.325] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0187.325] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0187.325] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0187.325] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0187.325] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x4a0507fe
[0187.325] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.387] SaveDC (hdc=0x5f0107d0) returned 2
[0187.387] GetNearestColor (hdc=0x5f0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.387] CreateSolidBrush (color=0xf0f0f0) returned 0xbd1007e1
[0187.387] FillRect (hDC=0x5f0107d0, lprc=0xd7da38, hbr=0xbd1007e1) returned 1
[0187.387] DeleteObject (ho=0xbd1007e1) returned 1
[0187.387] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0187.388] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.388] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.388] GetSystemMetrics (nIndex=42) returned 0
[0187.388] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.388] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0187.388] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0187.388] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0187.388] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0187.389] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x4a0507fe
[0187.389] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.389] SaveDC (hdc=0x5f0107d0) returned 2
[0187.389] GetNearestColor (hdc=0x5f0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.389] CreateSolidBrush (color=0xf0f0f0) returned 0xbe1007e1
[0187.389] FillRect (hDC=0x5f0107d0, lprc=0xd7d9d8, hbr=0xbe1007e1) returned 1
[0187.389] DeleteObject (ho=0xbe1007e1) returned 1
[0187.389] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0187.389] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.389] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.389] GetSystemMetrics (nIndex=42) returned 0
[0187.389] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.389] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0187.390] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0187.390] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0187.390] IsAppThemed () returned 0x1
[0187.390] GetThemeAppProperties () returned 0x3
[0187.390] GetThemeAppProperties () returned 0x3
[0187.390] IsAppThemed () returned 0x1
[0187.390] GetThemeAppProperties () returned 0x3
[0187.390] GetThemeAppProperties () returned 0x3
[0187.390] IsThemePartDefined () returned 0x1
[0187.390] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0187.390] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0187.390] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0187.390] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0187.390] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0187.390] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.391] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0187.391] LocalFree (hMem=0x11ee868) returned 0x0
[0187.391] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.391] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0187.391] LocalFree (hMem=0x11ee868) returned 0x0
[0187.391] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0187.391] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0187.391] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0187.391] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0187.391] GdipDeleteRegion (region=0x6645368) returned 0x0
[0187.391] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0187.391] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0187.391] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0187.391] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x4a0507fe
[0187.391] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.392] SaveDC (hdc=0x5f0107d0) returned 1
[0187.392] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd80407de
[0187.392] GetClipRgn (hdc=0x5f0107d0, hrgn=0xd80407de) returned 0
[0187.392] SelectClipRgn (hdc=0x5f0107d0, hrgn=0x4d040807) returned 2
[0187.392] DeleteObject (ho=0xd80407de) returned 1
[0187.392] DeleteObject (ho=0x4d040807) returned 1
[0187.392] OffsetViewportOrgEx (in: hdc=0x5f0107d0, x=0, y=0, lppt=0x2deea48 | out: lppt=0x2deea48) returned 1
[0187.392] IsAppThemed () returned 0x1
[0187.392] GetThemeAppProperties () returned 0x3
[0187.392] GetThemeAppProperties () returned 0x3
[0187.392] DrawThemeBackground () returned 0x0
[0187.392] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0187.392] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0187.392] GdipCreateRegion (region=0xd7df60) returned 0x0
[0187.393] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0187.393] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0187.393] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0187.393] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df78) returned 0x0
[0187.393] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.393] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0187.393] LocalFree (hMem=0x11ee868) returned 0x0
[0187.393] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0187.393] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0187.393] LocalFree (hMem=0x11ee8d8) returned 0x0
[0187.393] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0187.393] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0187.393] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0187.393] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0187.393] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0187.393] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0187.393] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0187.394] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0187.394] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x4a0507fe
[0187.394] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.394] SaveDC (hdc=0x5f0107d0) returned 1
[0187.394] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4e040807
[0187.394] GetClipRgn (hdc=0x5f0107d0, hrgn=0x4e040807) returned 0
[0187.394] SelectClipRgn (hdc=0x5f0107d0, hrgn=0xd90407de) returned 2
[0187.394] DeleteObject (ho=0x4e040807) returned 1
[0187.394] DeleteObject (ho=0xd90407de) returned 1
[0187.394] OffsetViewportOrgEx (in: hdc=0x5f0107d0, x=0, y=0, lppt=0x2deed1c | out: lppt=0x2deed1c) returned 1
[0187.394] IsAppThemed () returned 0x1
[0187.394] GetThemeAppProperties () returned 0x3
[0187.394] GetThemeAppProperties () returned 0x3
[0187.394] GetThemeBackgroundContentRect () returned 0x0
[0187.394] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0187.395] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0187.395] IsAppThemed () returned 0x1
[0187.395] GetThemeAppProperties () returned 0x3
[0187.395] GetThemeAppProperties () returned 0x3
[0187.395] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0187.395] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0187.395] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0187.395] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0187.395] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x4a0507fe
[0187.395] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.395] SaveDC (hdc=0x5f0107d0) returned 1
[0187.395] GetTextAlign (hdc=0x5f0107d0) returned 0x0
[0187.395] GetTextColor (hdc=0x5f0107d0) returned 0x0
[0187.395] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0187.395] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0187.396] SelectObject (hdc=0x5f0107d0, h=0x6d0a0520) returned 0x8a01c2
[0187.396] GetBkMode (hdc=0x5f0107d0) returned 2
[0187.396] SetBkMode (hdc=0x5f0107d0, mode=1) returned 2
[0187.396] DrawTextExW (in: hdc=0x5f0107d0, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2def0bc | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0187.396] DrawTextExW (in: hdc=0x5f0107d0, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2def0bc | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0187.397] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0187.397] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0187.397] GetFocus () returned 0x11013e
[0187.397] IsAppThemed () returned 0x1
[0187.397] GetThemeAppProperties () returned 0x3
[0187.397] GetThemeAppProperties () returned 0x3
[0187.397] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0187.397] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x5f0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.397] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0187.397] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.397] SelectObject (hdc=0x5f0107d0, h=0x85000f) returned 0x4a0507fe
[0187.397] DeleteDC (hdc=0x5f0107d0) returned 1
[0187.398] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.398] EndPaint (hWnd=0xf02da, lpPaint=0xd7e24c) returned 1
[0187.398] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.398] IsWindowUnicode (hWnd=0x602c4) returned 1
[0187.398] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.398] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.398] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.398] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0187.398] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.398] CreateCompatibleDC (hdc=0xf0105ee) returned 0x610107d0
[0187.399] SelectObject (hdc=0x610107d0, h=0x4a0507fe) returned 0x85000f
[0187.399] GdipCreateFromHDC (hdc=0x610107d0, graphics=0xd7e268) returned 0x0
[0187.399] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.399] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0187.399] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0187.399] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0187.399] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0187.399] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.399] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0187.399] LocalFree (hMem=0x11ee868) returned 0x0
[0187.399] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0187.399] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0187.399] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0187.400] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0187.400] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0187.400] GdipRestoreGraphics (graphics=0x6600030, state=0xfb740dbd) returned 0x0
[0187.400] GdipDeleteRegion (region=0x6645518) returned 0x0
[0187.400] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0187.400] GetCurrentObject (hdc=0x610107d0, type=0x1) returned 0xb00017
[0187.400] GetCurrentObject (hdc=0x610107d0, type=0x2) returned 0x900010
[0187.400] GetCurrentObject (hdc=0x610107d0, type=0x7) returned 0x4a0507fe
[0187.400] GetCurrentObject (hdc=0x610107d0, type=0x6) returned 0x8a01c2
[0187.400] SaveDC (hdc=0x610107d0) returned 1
[0187.400] GetNearestColor (hdc=0x610107d0, color=0xff) returned 0xff
[0187.400] GetNearestColor (hdc=0x610107d0, color=0x55) returned 0x55
[0187.400] GetNearestColor (hdc=0x610107d0, color=0x0) returned 0x0
[0187.400] GetNearestColor (hdc=0x610107d0, color=0x55) returned 0x55
[0187.401] GetNearestColor (hdc=0x610107d0, color=0x0) returned 0x0
[0187.401] GetNearestColor (hdc=0x610107d0, color=0x8080ff) returned 0x8080ff
[0187.401] GetNearestColor (hdc=0x610107d0, color=0x7373e5) returned 0x7373e5
[0187.401] GetNearestColor (hdc=0x610107d0, color=0xe5) returned 0xe5
[0187.401] GetNearestColor (hdc=0x610107d0, color=0x0) returned 0x0
[0187.401] RestoreDC (hdc=0x610107d0, nSavedDC=-1) returned 1
[0187.401] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d0) returned 0x0
[0187.401] IsAppThemed () returned 0x1
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] IsAppThemed () returned 0x1
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2def884 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0187.402] IsAppThemed () returned 0x1
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] IsAppThemed () returned 0x1
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] GetThemeAppProperties () returned 0x3
[0187.402] GetFocus () returned 0x11013e
[0187.403] IsAppThemed () returned 0x1
[0187.403] GetThemeAppProperties () returned 0x3
[0187.403] GetThemeAppProperties () returned 0x3
[0187.403] IsAppThemed () returned 0x1
[0187.403] GetThemeAppProperties () returned 0x3
[0187.403] GetThemeAppProperties () returned 0x3
[0187.403] IsThemePartDefined () returned 0x1
[0187.403] IsAppThemed () returned 0x1
[0187.410] GetThemeAppProperties () returned 0x3
[0187.410] GetThemeAppProperties () returned 0x3
[0187.410] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0187.410] IsAppThemed () returned 0x1
[0187.410] GetThemeAppProperties () returned 0x3
[0187.410] GetThemeAppProperties () returned 0x3
[0187.410] IsAppThemed () returned 0x1
[0187.411] GetThemeAppProperties () returned 0x3
[0187.411] GetThemeAppProperties () returned 0x3
[0187.411] IsThemePartDefined () returned 0x1
[0187.411] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0187.411] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0187.411] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0187.411] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0187.411] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0187.411] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.411] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0187.411] LocalFree (hMem=0x11ee868) returned 0x0
[0187.411] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.411] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0187.411] LocalFree (hMem=0x11eec58) returned 0x0
[0187.411] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0187.411] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e018) returned 0x0
[0187.411] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e008) returned 0x0
[0187.412] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0187.412] GdipDeleteRegion (region=0x6645908) returned 0x0
[0187.412] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0187.412] GetCurrentObject (hdc=0x610107d0, type=0x1) returned 0xb00017
[0187.412] GetCurrentObject (hdc=0x610107d0, type=0x2) returned 0x900010
[0187.412] GetCurrentObject (hdc=0x610107d0, type=0x7) returned 0x4a0507fe
[0187.412] GetCurrentObject (hdc=0x610107d0, type=0x6) returned 0x8a01c2
[0187.412] SaveDC (hdc=0x610107d0) returned 1
[0187.412] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xda0407de
[0187.412] GetClipRgn (hdc=0x610107d0, hrgn=0xda0407de) returned 0
[0187.412] SelectClipRgn (hdc=0x610107d0, hrgn=0x52040807) returned 2
[0187.412] DeleteObject (ho=0xda0407de) returned 1
[0187.412] DeleteObject (ho=0x52040807) returned 1
[0187.412] OffsetViewportOrgEx (in: hdc=0x610107d0, x=0, y=0, lppt=0x2deff34 | out: lppt=0x2deff34) returned 1
[0187.413] DrawThemeParentBackground () returned 0x0
[0187.413] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0187.413] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0187.413] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0187.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0187.413] GetSystemMetrics (nIndex=42) returned 0
[0187.413] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0187.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0187.413] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0187.413] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0187.413] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0187.413] SelectPalette (hdc=0x610107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.413] GdipCreateFromHDC (hdc=0x610107d0, graphics=0xd7dac8) returned 0x0
[0187.414] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0187.414] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0187.414] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638c08) returned 0x0
[0187.414] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7daa0) returned 0x0
[0187.414] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0187.414] GdipCreateRegion (region=0xd7da88) returned 0x0
[0187.414] GdipGetClip (graphics=0x6648730, region=0x6645998) returned 0x0
[0187.414] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6648730, result=0xd7da94) returned 0x0
[0187.414] GdipDeleteRegion (region=0x6645998) returned 0x0
[0187.414] GdipSaveGraphics (graphics=0x6648730, state=0xd7dac0) returned 0x0
[0187.414] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0187.426] GdipFillRectangleI (graphics=0x6648730, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0187.426] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0187.428] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0187.428] SelectPalette (hdc=0x610107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.428] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0187.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0187.428] GetSystemMetrics (nIndex=42) returned 0
[0187.428] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0187.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0187.429] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0187.429] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0187.429] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0187.429] SelectPalette (hdc=0x610107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.429] GdipCreateFromHDC (hdc=0x610107d0, graphics=0xd7da68) returned 0x0
[0187.429] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0187.429] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0187.429] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638db8) returned 0x0
[0187.429] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7da40) returned 0x0
[0187.429] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0187.429] GdipCreateRegion (region=0xd7da28) returned 0x0
[0187.429] GdipGetClip (graphics=0x6648730, region=0x66457e8) returned 0x0
[0187.430] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6648730, result=0xd7da34) returned 0x0
[0187.430] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0187.430] GdipSaveGraphics (graphics=0x6648730, state=0xd7da60) returned 0x0
[0187.430] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0187.460] GdipFillRectangleI (graphics=0x6648730, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0187.460] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0187.461] GdipRestoreGraphics (graphics=0x6648730, state=0xfb700dbd) returned 0x0
[0187.462] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0187.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0187.462] GetSystemMetrics (nIndex=42) returned 0
[0187.462] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0187.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0187.462] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0187.462] SelectPalette (hdc=0x610107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.462] RestoreDC (hdc=0x610107d0, nSavedDC=-1) returned 1
[0187.462] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d0) returned 0x0
[0187.462] IsAppThemed () returned 0x1
[0187.462] GetThemeAppProperties () returned 0x3
[0187.462] GetThemeAppProperties () returned 0x3
[0187.462] IsAppThemed () returned 0x1
[0187.462] GetThemeAppProperties () returned 0x3
[0187.463] GetThemeAppProperties () returned 0x3
[0187.463] IsThemePartDefined () returned 0x1
[0187.463] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0187.463] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0187.463] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0187.463] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0187.463] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0187.463] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0187.463] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea98) returned 0x0
[0187.463] LocalFree (hMem=0x11eea98) returned 0x0
[0187.463] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.463] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0187.463] LocalFree (hMem=0x11ee868) returned 0x0
[0187.463] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0187.463] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0187.463] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0187.463] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0187.463] GdipDeleteRegion (region=0x6645488) returned 0x0
[0187.463] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0187.463] GetCurrentObject (hdc=0x610107d0, type=0x1) returned 0xb00017
[0187.463] GetCurrentObject (hdc=0x610107d0, type=0x2) returned 0x900010
[0187.464] GetCurrentObject (hdc=0x610107d0, type=0x7) returned 0x4a0507fe
[0187.464] GetCurrentObject (hdc=0x610107d0, type=0x6) returned 0x8a01c2
[0187.464] SaveDC (hdc=0x610107d0) returned 1
[0187.464] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x53040807
[0187.464] GetClipRgn (hdc=0x610107d0, hrgn=0x53040807) returned 0
[0187.464] SelectClipRgn (hdc=0x610107d0, hrgn=0xdc0407de) returned 2
[0187.464] DeleteObject (ho=0x53040807) returned 1
[0187.464] DeleteObject (ho=0xdc0407de) returned 1
[0187.464] OffsetViewportOrgEx (in: hdc=0x610107d0, x=0, y=0, lppt=0x2df6784 | out: lppt=0x2df6784) returned 1
[0187.464] IsAppThemed () returned 0x1
[0187.464] GetThemeAppProperties () returned 0x3
[0187.464] GetThemeAppProperties () returned 0x3
[0187.464] DrawThemeBackground () returned 0x0
[0187.464] RestoreDC (hdc=0x610107d0, nSavedDC=-1) returned 1
[0187.464] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d0) returned 0x0
[0187.464] GdipCreateRegion (region=0xd7df60) returned 0x0
[0187.464] GdipGetClip (graphics=0x6600030, region=0x6645b48) returned 0x0
[0187.464] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0187.465] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0187.465] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0187.465] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.465] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0187.465] LocalFree (hMem=0x11eec58) returned 0x0
[0187.465] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.465] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0187.465] LocalFree (hMem=0x11ee868) returned 0x0
[0187.465] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0187.465] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0187.465] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7df90) returned 0x0
[0187.465] GdipGetRegionHRgn (region=0x6645b48, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0187.465] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0187.465] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0187.465] GetCurrentObject (hdc=0x610107d0, type=0x1) returned 0xb00017
[0187.465] GetCurrentObject (hdc=0x610107d0, type=0x2) returned 0x900010
[0187.465] GetCurrentObject (hdc=0x610107d0, type=0x7) returned 0x4a0507fe
[0187.465] GetCurrentObject (hdc=0x610107d0, type=0x6) returned 0x8a01c2
[0187.465] SaveDC (hdc=0x610107d0) returned 1
[0187.465] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdd0407de
[0187.471] GetClipRgn (hdc=0x610107d0, hrgn=0xdd0407de) returned 0
[0187.471] SelectClipRgn (hdc=0x610107d0, hrgn=0x54040807) returned 2
[0187.471] DeleteObject (ho=0xdd0407de) returned 1
[0187.471] DeleteObject (ho=0x54040807) returned 1
[0187.471] OffsetViewportOrgEx (in: hdc=0x610107d0, x=0, y=0, lppt=0x2df6a58 | out: lppt=0x2df6a58) returned 1
[0187.471] IsAppThemed () returned 0x1
[0187.471] GetThemeAppProperties () returned 0x3
[0187.471] GetThemeAppProperties () returned 0x3
[0187.471] GetThemeBackgroundContentRect () returned 0x0
[0187.471] RestoreDC (hdc=0x610107d0, nSavedDC=-1) returned 1
[0187.471] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d0) returned 0x0
[0187.471] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0187.471] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0187.471] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0187.471] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0187.471] IsAppThemed () returned 0x1
[0187.471] GetThemeAppProperties () returned 0x3
[0187.472] GetThemeAppProperties () returned 0x3
[0187.472] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0187.472] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0187.472] GetCurrentObject (hdc=0x610107d0, type=0x1) returned 0xb00017
[0187.472] GetCurrentObject (hdc=0x610107d0, type=0x2) returned 0x900010
[0187.472] GetCurrentObject (hdc=0x610107d0, type=0x7) returned 0x4a0507fe
[0187.472] GetCurrentObject (hdc=0x610107d0, type=0x6) returned 0x8a01c2
[0187.472] SaveDC (hdc=0x610107d0) returned 1
[0187.472] GetTextAlign (hdc=0x610107d0) returned 0x0
[0187.472] GetTextColor (hdc=0x610107d0) returned 0x0
[0187.472] GetCurrentObject (hdc=0x610107d0, type=0x6) returned 0x8a01c2
[0187.472] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0187.472] SelectObject (hdc=0x610107d0, h=0x6d0a0520) returned 0x8a01c2
[0187.472] GetBkMode (hdc=0x610107d0) returned 2
[0187.472] SetBkMode (hdc=0x610107d0, mode=1) returned 2
[0187.472] DrawTextExW (in: hdc=0x610107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2df6e1c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0187.473] DrawTextExW (in: hdc=0x610107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2df6e1c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0187.473] RestoreDC (hdc=0x610107d0, nSavedDC=-1) returned 1
[0187.473] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d0) returned 0x0
[0187.473] GetFocus () returned 0x11013e
[0187.473] IsAppThemed () returned 0x1
[0187.473] GetThemeAppProperties () returned 0x3
[0187.473] GetThemeAppProperties () returned 0x3
[0187.473] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0187.473] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x610107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.473] GdipReleaseDC (graphics=0x6600030, hdc=0x610107d0) returned 0x0
[0187.473] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.474] SelectObject (hdc=0x610107d0, h=0x85000f) returned 0x4a0507fe
[0187.474] DeleteDC (hdc=0x610107d0) returned 1
[0187.474] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.474] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0187.474] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.474] IsWindowUnicode (hWnd=0xd005a) returned 1
[0187.474] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.474] GetDlgItem (hDlg=0x1002d2, nIDDlgItem=0) returned 0x0
[0187.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x210, wParam=0x201, lParam=0x670104) returned 0x0
[0187.475] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x21, wParam=0x1002d2, lParam=0x2010001) returned 0x1
[0187.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x21, wParam=0x1002d2, lParam=0x2010001) returned 0x1
[0187.475] SetCursor (hCursor=0x10003) returned 0x10003
[0187.475] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.475] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.475] GetKeyState (nVirtKey=1) returned -127
[0187.475] GetKeyState (nVirtKey=2) returned 0
[0187.475] GetKeyState (nVirtKey=4) returned 0
[0187.475] GetKeyState (nVirtKey=5) returned 0
[0187.475] GetKeyState (nVirtKey=6) returned 0
[0187.475] IsWindowVisible (hWnd=0xd005a) returned 1
[0187.475] IsWindowEnabled (hWnd=0xd005a) returned 1
[0187.475] SetFocus (hWnd=0xd005a) returned 0x11013e
[0187.476] GetFocus () returned 0xd005a
[0187.476] IsChild (hWndParent=0x1002d2, hWnd=0xd005a) returned 1
[0187.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x8, wParam=0xd005a, lParam=0x0) returned 0x0
[0187.476] GetCapture () returned 0x0
[0187.476] InvalidateRect (hWnd=0x11013e, lpRect=0x0, bErase=0) returned 1
[0187.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0187.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0187.480] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0187.480] InvalidateRect (hWnd=0x11013e, lpRect=0x0, bErase=0) returned 1
[0187.480] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x7, wParam=0x11013e, lParam=0x0) returned 0x0
[0187.480] GetStockObject (i=5) returned 0x900015
[0187.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0187.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0187.480] GetDlgItem (hDlg=0x1002d2, nIDDlgItem=852058) returned 0xd005a
[0187.480] SendMessageW (hWnd=0xd005a, Msg=0x202b, wParam=0xd005a, lParam=0xd7dddc) returned 0x0
[0187.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x202b, wParam=0xd005a, lParam=0xd7dddc) returned 0x0
[0187.481] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.486] GetFocus () returned 0xd005a
[0187.486] GetFocus () returned 0xd005a
[0187.486] GetFocus () returned 0xd005a
[0187.486] GetKeyState (nVirtKey=1) returned -127
[0187.486] GetKeyState (nVirtKey=2) returned 0
[0187.486] GetKeyState (nVirtKey=4) returned 0
[0187.486] GetKeyState (nVirtKey=5) returned 0
[0187.486] GetKeyState (nVirtKey=6) returned 0
[0187.486] GetCapture () returned 0x0
[0187.486] SetCapture (hWnd=0xd005a) returned 0x0
[0187.486] GetKeyState (nVirtKey=1) returned -127
[0187.486] GetKeyState (nVirtKey=2) returned 0
[0187.486] GetKeyState (nVirtKey=4) returned 0
[0187.486] GetKeyState (nVirtKey=5) returned 0
[0187.486] GetKeyState (nVirtKey=6) returned 0
[0187.486] NotifyWinEvent (event=0x800a, hwnd=0xd005a, idObject=-4, idChild=0)
[0187.486] InvalidateRect (hWnd=0xd005a, lpRect=0xd7e430, bErase=0) returned 1
[0187.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.486] IsWindowUnicode (hWnd=0xd005a) returned 1
[0187.486] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.487] TranslateMessage (lpMsg=0xd7e808) returned 0
[0187.487] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0187.487] MapWindowPoints (in: hWndFrom=0xd005a, hWndTo=0x0, lpPoints=0x2df700c, cPoints=0x1 | out: lpPoints=0x2df700c) returned 30999254
[0187.487] NotifyWinEvent (event=0x800a, hwnd=0xd005a, idObject=-4, idChild=0)
[0187.487] InvalidateRect (hWnd=0xd005a, lpRect=0xd7e3d0, bErase=0) returned 1
[0187.487] UpdateWindow (hWnd=0xd005a) returned 1
[0187.487] BeginPaint (in: hWnd=0xd005a, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0187.487] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.487] CreateCompatibleDC (hdc=0x10105d6) returned 0x630107d0
[0187.487] SelectObject (hdc=0x630107d0, h=0x4a0507fe) returned 0x85000f
[0187.487] GdipCreateFromHDC (hdc=0x630107d0, graphics=0xd7df00) returned 0x0
[0187.487] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.487] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0187.488] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0187.488] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0187.488] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df60) returned 0x0
[0187.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0187.488] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0187.488] LocalFree (hMem=0x11ee9f0) returned 0x0
[0187.488] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0187.488] GdipCreateRegion (region=0xd7df48) returned 0x0
[0187.488] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0187.488] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df54) returned 0x0
[0187.488] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0187.488] GdipRestoreGraphics (graphics=0x6600030, state=0xfb6e0dbd) returned 0x0
[0187.488] GdipDeleteRegion (region=0x6645638) returned 0x0
[0187.488] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0187.488] GetCurrentObject (hdc=0x630107d0, type=0x1) returned 0xb00017
[0187.488] GetCurrentObject (hdc=0x630107d0, type=0x2) returned 0x900010
[0187.488] GetCurrentObject (hdc=0x630107d0, type=0x7) returned 0x4a0507fe
[0187.488] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.488] SaveDC (hdc=0x630107d0) returned 1
[0187.489] GetNearestColor (hdc=0x630107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.489] GetNearestColor (hdc=0x630107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.489] GetNearestColor (hdc=0x630107d0, color=0x696969) returned 0x696969
[0187.489] GetNearestColor (hdc=0x630107d0, color=0xa0a0a0) returned 0xa0a0a0
[0187.489] GetNearestColor (hdc=0x630107d0, color=0x0) returned 0x0
[0187.489] GetNearestColor (hdc=0x630107d0, color=0xffffff) returned 0xffffff
[0187.489] GetNearestColor (hdc=0x630107d0, color=0xe5e5e5) returned 0xe5e5e5
[0187.489] GetNearestColor (hdc=0x630107d0, color=0xd7d7d7) returned 0xd7d7d7
[0187.489] GetNearestColor (hdc=0x630107d0, color=0x0) returned 0x0
[0187.489] RestoreDC (hdc=0x630107d0, nSavedDC=-1) returned 1
[0187.489] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d0) returned 0x0
[0187.489] IsAppThemed () returned 0x1
[0187.489] GetThemeAppProperties () returned 0x3
[0187.489] GetThemeAppProperties () returned 0x3
[0187.489] IsAppThemed () returned 0x1
[0187.489] GetThemeAppProperties () returned 0x3
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2df7764 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0187.490] IsAppThemed () returned 0x1
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] IsAppThemed () returned 0x1
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] IsAppThemed () returned 0x1
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] IsAppThemed () returned 0x1
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] IsThemePartDefined () returned 0x1
[0187.490] IsAppThemed () returned 0x1
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] GetThemeAppProperties () returned 0x3
[0187.490] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0187.490] IsAppThemed () returned 0x1
[0187.491] GetThemeAppProperties () returned 0x3
[0187.491] GetThemeAppProperties () returned 0x3
[0187.491] IsAppThemed () returned 0x1
[0187.491] GetThemeAppProperties () returned 0x3
[0187.491] GetThemeAppProperties () returned 0x3
[0187.491] IsThemePartDefined () returned 0x1
[0187.491] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0187.491] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0187.491] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0187.491] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0187.491] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc7c) returned 0x0
[0187.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.491] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0187.491] LocalFree (hMem=0x11ee868) returned 0x0
[0187.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0187.491] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0187.491] LocalFree (hMem=0x11ee9f0) returned 0x0
[0187.491] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0187.491] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0187.491] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0187.492] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0187.492] GdipDeleteRegion (region=0x6645998) returned 0x0
[0187.492] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0187.492] GetCurrentObject (hdc=0x630107d0, type=0x1) returned 0xb00017
[0187.492] GetCurrentObject (hdc=0x630107d0, type=0x2) returned 0x900010
[0187.492] GetCurrentObject (hdc=0x630107d0, type=0x7) returned 0x4a0507fe
[0187.492] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.492] SaveDC (hdc=0x630107d0) returned 1
[0187.492] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0187.492] GetClipRgn (hdc=0x630107d0, hrgn=0x55040807) returned 0
[0187.492] SelectClipRgn (hdc=0x630107d0, hrgn=0xe10407de) returned 2
[0187.492] DeleteObject (ho=0x55040807) returned 1
[0187.492] DeleteObject (ho=0xe10407de) returned 1
[0187.492] OffsetViewportOrgEx (in: hdc=0x630107d0, x=0, y=0, lppt=0x2df7e14 | out: lppt=0x2df7e14) returned 1
[0187.492] DrawThemeParentBackground () returned 0x0
[0187.493] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0187.493] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0187.493] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.493] GetSystemMetrics (nIndex=42) returned 0
[0187.493] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0187.493] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0187.493] GetCurrentObject (hdc=0x630107d0, type=0x1) returned 0xb00017
[0187.493] GetCurrentObject (hdc=0x630107d0, type=0x2) returned 0x900010
[0187.493] GetCurrentObject (hdc=0x630107d0, type=0x7) returned 0x4a0507fe
[0187.493] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.493] SaveDC (hdc=0x630107d0) returned 2
[0187.493] GetNearestColor (hdc=0x630107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.493] CreateSolidBrush (color=0xf0f0f0) returned 0xbf1007e1
[0187.494] FillRect (hDC=0x630107d0, lprc=0xd7d6c8, hbr=0xbf1007e1) returned 1
[0187.494] DeleteObject (ho=0xbf1007e1) returned 1
[0187.494] RestoreDC (hdc=0x630107d0, nSavedDC=-1) returned 1
[0187.494] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.494] GetSystemMetrics (nIndex=42) returned 0
[0187.494] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0187.494] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0187.494] GetCurrentObject (hdc=0x630107d0, type=0x1) returned 0xb00017
[0187.494] GetCurrentObject (hdc=0x630107d0, type=0x2) returned 0x900010
[0187.494] GetCurrentObject (hdc=0x630107d0, type=0x7) returned 0x4a0507fe
[0187.494] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.494] SaveDC (hdc=0x630107d0) returned 2
[0187.495] GetNearestColor (hdc=0x630107d0, color=0xf0f0f0) returned 0xf0f0f0
[0187.495] CreateSolidBrush (color=0xf0f0f0) returned 0xc01007e1
[0187.495] FillRect (hDC=0x630107d0, lprc=0xd7d668, hbr=0xc01007e1) returned 1
[0187.495] DeleteObject (ho=0xc01007e1) returned 1
[0187.495] RestoreDC (hdc=0x630107d0, nSavedDC=-1) returned 1
[0187.495] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.495] GetSystemMetrics (nIndex=42) returned 0
[0187.495] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0187.496] RestoreDC (hdc=0x630107d0, nSavedDC=-1) returned 1
[0187.496] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d0) returned 0x0
[0187.496] IsAppThemed () returned 0x1
[0187.496] GetThemeAppProperties () returned 0x3
[0187.496] GetThemeAppProperties () returned 0x3
[0187.496] IsAppThemed () returned 0x1
[0187.496] GetThemeAppProperties () returned 0x3
[0187.496] GetThemeAppProperties () returned 0x3
[0187.496] IsThemePartDefined () returned 0x1
[0187.496] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0187.496] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0187.496] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0187.496] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0187.496] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0187.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.496] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0187.496] LocalFree (hMem=0x11eec58) returned 0x0
[0187.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0187.496] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0187.497] LocalFree (hMem=0x11ee8d8) returned 0x0
[0187.497] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0187.497] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0187.497] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0187.499] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0187.499] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0187.499] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0187.499] GetCurrentObject (hdc=0x630107d0, type=0x1) returned 0xb00017
[0187.499] GetCurrentObject (hdc=0x630107d0, type=0x2) returned 0x900010
[0187.499] GetCurrentObject (hdc=0x630107d0, type=0x7) returned 0x4a0507fe
[0187.500] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.500] SaveDC (hdc=0x630107d0) returned 1
[0187.500] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe20407de
[0187.500] GetClipRgn (hdc=0x630107d0, hrgn=0xe20407de) returned 0
[0187.500] SelectClipRgn (hdc=0x630107d0, hrgn=0x57040807) returned 2
[0187.500] DeleteObject (ho=0xe20407de) returned 1
[0187.500] DeleteObject (ho=0x57040807) returned 1
[0187.500] OffsetViewportOrgEx (in: hdc=0x630107d0, x=0, y=0, lppt=0x2df8798 | out: lppt=0x2df8798) returned 1
[0187.500] IsAppThemed () returned 0x1
[0187.500] GetThemeAppProperties () returned 0x3
[0187.500] GetThemeAppProperties () returned 0x3
[0187.500] DrawThemeBackground () returned 0x0
[0187.500] RestoreDC (hdc=0x630107d0, nSavedDC=-1) returned 1
[0187.500] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d0) returned 0x0
[0187.500] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0187.501] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0187.501] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0187.501] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0187.501] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc04) returned 0x0
[0187.501] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0187.501] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0187.501] LocalFree (hMem=0x11ee8d8) returned 0x0
[0187.501] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0187.501] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea28) returned 0x0
[0187.501] LocalFree (hMem=0x11eea28) returned 0x0
[0187.501] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0187.501] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0187.501] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0187.501] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0187.501] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0187.501] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0187.501] GetCurrentObject (hdc=0x630107d0, type=0x1) returned 0xb00017
[0187.501] GetCurrentObject (hdc=0x630107d0, type=0x2) returned 0x900010
[0187.501] GetCurrentObject (hdc=0x630107d0, type=0x7) returned 0x4a0507fe
[0187.501] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.502] SaveDC (hdc=0x630107d0) returned 1
[0187.502] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x58040807
[0187.502] GetClipRgn (hdc=0x630107d0, hrgn=0x58040807) returned 0
[0187.502] SelectClipRgn (hdc=0x630107d0, hrgn=0xe30407de) returned 2
[0187.502] DeleteObject (ho=0x58040807) returned 1
[0187.502] DeleteObject (ho=0xe30407de) returned 1
[0187.502] OffsetViewportOrgEx (in: hdc=0x630107d0, x=0, y=0, lppt=0x2df8a6c | out: lppt=0x2df8a6c) returned 1
[0187.502] IsAppThemed () returned 0x1
[0187.502] GetThemeAppProperties () returned 0x3
[0187.502] GetThemeAppProperties () returned 0x3
[0187.502] GetThemeBackgroundContentRect () returned 0x0
[0187.502] RestoreDC (hdc=0x630107d0, nSavedDC=-1) returned 1
[0187.502] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d0) returned 0x0
[0187.502] IsAppThemed () returned 0x1
[0187.502] GetThemeAppProperties () returned 0x3
[0187.502] GetThemeAppProperties () returned 0x3
[0187.502] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0187.502] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0187.503] GetCurrentObject (hdc=0x630107d0, type=0x1) returned 0xb00017
[0187.503] GetCurrentObject (hdc=0x630107d0, type=0x2) returned 0x900010
[0187.503] GetCurrentObject (hdc=0x630107d0, type=0x7) returned 0x4a0507fe
[0187.503] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.503] SaveDC (hdc=0x630107d0) returned 1
[0187.503] GetTextAlign (hdc=0x630107d0) returned 0x0
[0187.503] GetTextColor (hdc=0x630107d0) returned 0x0
[0187.503] GetCurrentObject (hdc=0x630107d0, type=0x6) returned 0x8a01c2
[0187.503] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0187.503] SelectObject (hdc=0x630107d0, h=0x6d0a0520) returned 0x8a01c2
[0187.503] GetBkMode (hdc=0x630107d0) returned 2
[0187.503] SetBkMode (hdc=0x630107d0, mode=1) returned 2
[0187.503] DrawTextExW (in: hdc=0x630107d0, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2df8e0c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0187.504] DrawTextExW (in: hdc=0x630107d0, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2df8e0c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0187.504] RestoreDC (hdc=0x630107d0, nSavedDC=-1) returned 1
[0187.504] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d0) returned 0x0
[0187.504] GetFocus () returned 0xd005a
[0187.504] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0187.504] SendMessageW (hWnd=0x1002d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0187.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0187.504] IsAppThemed () returned 0x1
[0187.504] GetThemeAppProperties () returned 0x3
[0187.504] GetThemeAppProperties () returned 0x3
[0187.504] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0187.504] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x630107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.504] GdipReleaseDC (graphics=0x6600030, hdc=0x630107d0) returned 0x0
[0187.505] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.505] SelectObject (hdc=0x630107d0, h=0x85000f) returned 0x4a0507fe
[0187.505] DeleteDC (hdc=0x630107d0) returned 1
[0187.505] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.505] EndPaint (hWnd=0xd005a, lpPaint=0xd7dee4) returned 1
[0187.505] MapWindowPoints (in: hWndFrom=0xd005a, hWndTo=0x0, lpPoints=0x2df8f08, cPoints=0x1 | out: lpPoints=0x2df8f08) returned 30999254
[0187.505] WindowFromPoint (Point=0x2f9) returned 0xd005a
[0187.505] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.505] NotifyWinEvent (event=0x800a, hwnd=0xd005a, idObject=-4, idChild=0)
[0187.505] NotifyWinEvent (event=0x800c, hwnd=0xd005a, idObject=-4, idChild=0)
[0187.505] GetCapture () returned 0xd005a
[0187.505] ReleaseCapture () returned 1
[0187.505] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0187.506] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0187.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.506] IsWindow (hWnd=0x7005c) returned 1
[0187.506] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0187.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0187.534] IsWindow (hWnd=0x1002d2) returned 1
[0187.534] SetActiveWindow (hWnd=0x1002d2) returned 0x1002d2
[0187.534] IsWindow (hWnd=0x1002d2) returned 1
[0187.534] SetFocus (hWnd=0x1002d2) returned 0xd005a
[0187.535] GetFocus () returned 0x1002d2
[0187.535] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x8, wParam=0x1002d2, lParam=0x0) returned 0x0
[0187.535] GetCapture () returned 0x0
[0187.535] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0187.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0187.539] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0187.539] GetFocus () returned 0x1002d2
[0187.539] SetFocus (hWnd=0xd005a) returned 0x1002d2
[0187.540] GetFocus () returned 0xd005a
[0187.540] IsChild (hWndParent=0x1002d2, hWnd=0xd005a) returned 1
[0187.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x8, wParam=0xd005a, lParam=0x0) returned 0x0
[0187.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0187.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0187.545] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0187.545] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x7, wParam=0x1002d2, lParam=0x0) returned 0x0
[0187.545] GetStockObject (i=5) returned 0x900015
[0187.545] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0187.545] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0187.546] GetDlgItem (hDlg=0x1002d2, nIDDlgItem=852058) returned 0xd005a
[0187.546] SendMessageW (hWnd=0xd005a, Msg=0x202b, wParam=0xd005a, lParam=0xd7ddcc) returned 0x0
[0187.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x202b, wParam=0xd005a, lParam=0xd7ddcc) returned 0x0
[0187.546] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.549] GetWindowLongW (hWnd=0x1002d2, nIndex=-8) returned 458844
[0187.549] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0187.549] GetCurrentThreadId () returned 0xf50
[0187.549] IsWindow (hWnd=0x7005c) returned 1
[0187.549] IsWindow (hWnd=0x7005c) returned 1
[0187.549] IsWindowVisible (hWnd=0x7005c) returned 1
[0187.549] SetActiveWindow (hWnd=0x7005c) returned 0x1002d2
[0187.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0187.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0187.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0187.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0187.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0187.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0187.553] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0187.554] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0187.554] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0187.554] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0187.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0187.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0187.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0187.556] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1002d2) returned 0x1
[0187.559] GetFocus () returned 0xd005a
[0187.559] SetFocus (hWnd=0x602c4) returned 0xd005a
[0187.567] GetFocus () returned 0x602c4
[0187.567] IsChild (hWndParent=0x1002d2, hWnd=0x602c4) returned 0
[0187.567] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0187.567] GetCapture () returned 0x0
[0187.567] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.568] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0187.569] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0187.571] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0187.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0187.571] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0187.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0187.572] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0187.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xd005a, lParam=0x0) returned 0x0
[0187.572] GetStockObject (i=5) returned 0x900015
[0187.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0187.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0187.572] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0187.572] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0187.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0187.573] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0187.578] GetFocus () returned 0x602c4
[0187.579] IsChild (hWndParent=0x1002d2, hWnd=0x602c4) returned 0
[0187.579] ShowWindow (hWnd=0x1002d2, nCmdShow=0) returned 1
[0187.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0187.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0187.581] GetWindowPlacement (in: hWnd=0x1002d2, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0187.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0187.581] GetClientRect (in: hWnd=0x1002d2, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0187.581] GetWindowRect (in: hWnd=0x1002d2, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0187.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0187.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0187.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0187.583] GetWindowLongW (hWnd=0x1002d2, nIndex=-20) returned 327945
[0187.583] DestroyWindow (hWnd=0x1002d2) returned 1
[0187.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0187.584] GetWindowTextLengthW (hWnd=0x1002d2) returned 24
[0187.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0187.584] GetSystemMetrics (nIndex=42) returned 0
[0187.584] GetWindowTextW (in: hWnd=0x1002d2, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0187.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0187.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0187.584] GetWindowTextLengthW (hWnd=0xf02de) returned 0
[0187.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0187.584] GetSystemMetrics (nIndex=42) returned 0
[0187.585] GetWindowTextW (in: hWnd=0xf02de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0187.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0187.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0187.585] GetWindowThreadProcessId (in: hWnd=0x1200ea, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0187.585] GetWindow (hWnd=0x1200ea, uCmd=0x5) returned 0x0
[0187.585] GetWindowLongW (hWnd=0x1200ea, nIndex=-20) returned 65792
[0187.585] DestroyWindow (hWnd=0x1200ea) returned 1
[0187.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0187.585] GetWindowTextLengthW (hWnd=0x1200ea) returned 25
[0187.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0187.585] GetSystemMetrics (nIndex=42) returned 0
[0187.585] GetWindowTextW (in: hWnd=0x1200ea, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0187.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0187.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0187.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1200ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.587] GetWindowTextLengthW (hWnd=0xf02dc) returned 232
[0187.587] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0187.587] GetSystemMetrics (nIndex=42) returned 0
[0187.587] GetWindowTextW (in: hWnd=0xf02dc, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0187.587] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0187.587] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0187.587] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0187.587] InvalidateRect (hWnd=0xd005a, lpRect=0x0, bErase=0) returned 1
[0187.587] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0187.588] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0187.588] SendMessageW (hWnd=0x1102d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0187.588] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0187.588] SendMessageW (hWnd=0x1102d8, Msg=0xb0, wParam=0x2dc4a94, lParam=0xd7e480) returned 0x0
[0187.588] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0xb0, wParam=0x2dc4a94, lParam=0xd7e480) returned 0x0
[0187.588] GetWindowTextLengthW (hWnd=0x1102d8) returned 4363
[0187.588] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0187.588] GetSystemMetrics (nIndex=42) returned 0
[0187.588] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0187.588] GetWindowTextW (in: hWnd=0x1102d8, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0187.588] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0187.588] CoTaskMemFree (pv=0x11fff70)
[0187.588] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0187.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.590] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xf02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.613] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x11013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.615] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xd005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.616] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xf02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.617] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0187.628] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.628] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.628] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.628] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.628] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.629] IsWindowUnicode (hWnd=0x7005c) returned 1
[0187.629] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.629] SetCursor (hCursor=0x10003) returned 0x10003
[0187.629] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.629] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.630] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0187.630] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0187.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0187.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10d023b) returned 0x0
[0187.630] GetKeyState (nVirtKey=1) returned 1
[0187.630] GetKeyState (nVirtKey=2) returned 0
[0187.630] GetKeyState (nVirtKey=4) returned 0
[0187.630] GetKeyState (nVirtKey=5) returned 0
[0187.630] GetKeyState (nVirtKey=6) returned 0
[0187.630] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.631] IsWindowUnicode (hWnd=0x7005c) returned 1
[0187.631] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.631] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.631] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.631] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.631] IsWindowUnicode (hWnd=0x7005c) returned 1
[0187.631] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e202f9) returned 0x1
[0187.632] SetCursor (hCursor=0x10003) returned 0x10003
[0187.632] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.632] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10d023b) returned 0x0
[0187.632] GetKeyState (nVirtKey=1) returned 1
[0187.632] GetKeyState (nVirtKey=2) returned 0
[0187.632] GetKeyState (nVirtKey=4) returned 0
[0187.632] GetKeyState (nVirtKey=5) returned 0
[0187.632] GetKeyState (nVirtKey=6) returned 0
[0187.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.632] IsWindowUnicode (hWnd=0x602c4) returned 1
[0187.632] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.633] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.633] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.633] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.634] IsWindowUnicode (hWnd=0x602c4) returned 1
[0187.634] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.634] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.634] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.634] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0187.634] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.634] CreateCompatibleDC (hdc=0x60100ce) returned 0x350107f1
[0187.634] SelectObject (hdc=0x350107f1, h=0x4a0507fe) returned 0x85000f
[0187.634] GdipCreateFromHDC (hdc=0x350107f1, graphics=0xd7e798) returned 0x0
[0187.634] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0187.634] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0187.635] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0187.635] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0187.635] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0187.635] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.635] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0187.635] LocalFree (hMem=0x11ee868) returned 0x0
[0187.635] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0187.635] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0187.635] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0187.635] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0187.635] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0187.635] GdipRestoreGraphics (graphics=0x6600030, state=0xfb6c0dbd) returned 0x0
[0187.635] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0187.635] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0187.635] GetCurrentObject (hdc=0x350107f1, type=0x1) returned 0xb00017
[0187.635] GetCurrentObject (hdc=0x350107f1, type=0x2) returned 0x900010
[0187.636] GetCurrentObject (hdc=0x350107f1, type=0x7) returned 0x4a0507fe
[0187.636] GetCurrentObject (hdc=0x350107f1, type=0x6) returned 0x8a01c2
[0187.636] SaveDC (hdc=0x350107f1) returned 1
[0187.636] GetNearestColor (hdc=0x350107f1, color=0xff) returned 0xff
[0187.636] GetNearestColor (hdc=0x350107f1, color=0x55) returned 0x55
[0187.636] GetNearestColor (hdc=0x350107f1, color=0x0) returned 0x0
[0187.636] GetNearestColor (hdc=0x350107f1, color=0x55) returned 0x55
[0187.636] GetNearestColor (hdc=0x350107f1, color=0x0) returned 0x0
[0187.636] GetNearestColor (hdc=0x350107f1, color=0x8080ff) returned 0x8080ff
[0187.636] GetNearestColor (hdc=0x350107f1, color=0x7373e5) returned 0x7373e5
[0187.636] GetNearestColor (hdc=0x350107f1, color=0xe5) returned 0xe5
[0187.636] GetNearestColor (hdc=0x350107f1, color=0x0) returned 0x0
[0187.636] RestoreDC (hdc=0x350107f1, nSavedDC=-1) returned 1
[0187.637] GdipReleaseDC (graphics=0x6600030, hdc=0x350107f1) returned 0x0
[0187.637] IsAppThemed () returned 0x1
[0187.637] GetThemeAppProperties () returned 0x3
[0187.637] GetThemeAppProperties () returned 0x3
[0187.637] IsAppThemed () returned 0x1
[0187.637] GetThemeAppProperties () returned 0x3
[0187.637] GetThemeAppProperties () returned 0x3
[0187.637] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e00cbc | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0187.637] IsAppThemed () returned 0x1
[0187.637] GetThemeAppProperties () returned 0x3
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] IsAppThemed () returned 0x1
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] GetFocus () returned 0x602c4
[0187.644] IsAppThemed () returned 0x1
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] IsAppThemed () returned 0x1
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] IsThemePartDefined () returned 0x1
[0187.644] IsAppThemed () returned 0x1
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] GetThemeAppProperties () returned 0x3
[0187.644] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0187.644] IsAppThemed () returned 0x1
[0187.645] GetThemeAppProperties () returned 0x3
[0187.645] GetThemeAppProperties () returned 0x3
[0187.645] IsAppThemed () returned 0x1
[0187.645] GetThemeAppProperties () returned 0x3
[0187.645] GetThemeAppProperties () returned 0x3
[0187.645] IsThemePartDefined () returned 0x1
[0187.645] GdipCreateRegion (region=0xd7e508) returned 0x0
[0187.645] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0187.645] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0187.645] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0187.645] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e520) returned 0x0
[0187.645] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0187.645] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0187.645] LocalFree (hMem=0x11ee8d8) returned 0x0
[0187.645] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0187.645] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eed00) returned 0x0
[0187.645] LocalFree (hMem=0x11eed00) returned 0x0
[0187.645] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0187.646] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e548) returned 0x0
[0187.646] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e538) returned 0x0
[0187.646] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0187.646] GdipDeleteRegion (region=0x6645368) returned 0x0
[0187.646] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0187.646] GetCurrentObject (hdc=0x350107f1, type=0x1) returned 0xb00017
[0187.646] GetCurrentObject (hdc=0x350107f1, type=0x2) returned 0x900010
[0187.646] GetCurrentObject (hdc=0x350107f1, type=0x7) returned 0x4a0507fe
[0187.646] GetCurrentObject (hdc=0x350107f1, type=0x6) returned 0x8a01c2
[0187.646] SaveDC (hdc=0x350107f1) returned 1
[0187.646] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe40407de
[0187.646] GetClipRgn (hdc=0x350107f1, hrgn=0xe40407de) returned 0
[0187.646] SelectClipRgn (hdc=0x350107f1, hrgn=0x5c040807) returned 2
[0187.646] DeleteObject (ho=0xe40407de) returned 1
[0187.646] DeleteObject (ho=0x5c040807) returned 1
[0187.647] OffsetViewportOrgEx (in: hdc=0x350107f1, x=0, y=0, lppt=0x2e0136c | out: lppt=0x2e0136c) returned 1
[0187.647] DrawThemeParentBackground () returned 0x0
[0187.647] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0187.647] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0187.647] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0187.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0187.647] GetSystemMetrics (nIndex=42) returned 0
[0187.647] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0187.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0187.647] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0187.647] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0187.647] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0187.647] SelectPalette (hdc=0x350107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.647] GdipCreateFromHDC (hdc=0x350107f1, graphics=0xd7dff8) returned 0x0
[0187.648] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0187.648] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0187.648] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638ab8) returned 0x0
[0187.648] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfd0) returned 0x0
[0187.648] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0187.648] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0187.648] GdipGetClip (graphics=0x6648730, region=0x6646178) returned 0x0
[0187.648] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6648730, result=0xd7dfc4) returned 0x0
[0187.648] GdipDeleteRegion (region=0x6646178) returned 0x0
[0187.648] GdipSaveGraphics (graphics=0x6648730, state=0xd7dff0) returned 0x0
[0187.648] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0187.660] GdipFillRectangleI (graphics=0x6648730, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0187.660] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0187.662] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0187.662] SelectPalette (hdc=0x350107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.662] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0187.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0187.662] GetSystemMetrics (nIndex=42) returned 0
[0187.662] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0187.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0187.662] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0187.662] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0187.662] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0187.662] SelectPalette (hdc=0x350107f1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0187.662] GdipCreateFromHDC (hdc=0x350107f1, graphics=0xd7df98) returned 0x0
[0187.663] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0187.663] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0187.663] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638d58) returned 0x0
[0187.663] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df70) returned 0x0
[0187.663] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0187.663] GdipCreateRegion (region=0xd7df58) returned 0x0
[0187.663] GdipGetClip (graphics=0x6648730, region=0x66452d8) returned 0x0
[0187.663] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6648730, result=0xd7df64) returned 0x0
[0187.663] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0187.663] GdipSaveGraphics (graphics=0x6648730, state=0xd7df90) returned 0x0
[0187.663] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0187.694] GdipFillRectangleI (graphics=0x6648730, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0187.694] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0187.696] GdipRestoreGraphics (graphics=0x6648730, state=0xfb680dbd) returned 0x0
[0187.696] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0187.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0187.696] GetSystemMetrics (nIndex=42) returned 0
[0187.696] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0187.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0187.696] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0187.696] SelectPalette (hdc=0x350107f1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.696] RestoreDC (hdc=0x350107f1, nSavedDC=-1) returned 1
[0187.697] GdipReleaseDC (graphics=0x6600030, hdc=0x350107f1) returned 0x0
[0187.697] IsAppThemed () returned 0x1
[0187.697] GetThemeAppProperties () returned 0x3
[0187.697] GetThemeAppProperties () returned 0x3
[0187.697] IsAppThemed () returned 0x1
[0187.697] GetThemeAppProperties () returned 0x3
[0187.697] GetThemeAppProperties () returned 0x3
[0187.697] IsThemePartDefined () returned 0x1
[0187.697] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0187.697] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0187.697] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0187.697] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0187.697] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e4a4) returned 0x0
[0187.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.697] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0187.697] LocalFree (hMem=0x11eec58) returned 0x0
[0187.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0187.697] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0187.698] LocalFree (hMem=0x11eead0) returned 0x0
[0187.698] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0187.698] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0187.698] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0187.698] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0187.698] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0187.698] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0187.698] GetCurrentObject (hdc=0x350107f1, type=0x1) returned 0xb00017
[0187.698] GetCurrentObject (hdc=0x350107f1, type=0x2) returned 0x900010
[0187.698] GetCurrentObject (hdc=0x350107f1, type=0x7) returned 0x4a0507fe
[0187.698] GetCurrentObject (hdc=0x350107f1, type=0x6) returned 0x8a01c2
[0187.698] SaveDC (hdc=0x350107f1) returned 1
[0187.698] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5d040807
[0187.698] GetClipRgn (hdc=0x350107f1, hrgn=0x5d040807) returned 0
[0187.698] SelectClipRgn (hdc=0x350107f1, hrgn=0xe60407de) returned 2
[0187.699] DeleteObject (ho=0x5d040807) returned 1
[0187.699] DeleteObject (ho=0xe60407de) returned 1
[0187.699] OffsetViewportOrgEx (in: hdc=0x350107f1, x=0, y=0, lppt=0x2e07bbc | out: lppt=0x2e07bbc) returned 1
[0187.699] IsAppThemed () returned 0x1
[0187.699] GetThemeAppProperties () returned 0x3
[0187.699] GetThemeAppProperties () returned 0x3
[0187.699] DrawThemeBackground () returned 0x0
[0187.699] RestoreDC (hdc=0x350107f1, nSavedDC=-1) returned 1
[0187.699] GdipReleaseDC (graphics=0x6600030, hdc=0x350107f1) returned 0x0
[0187.699] GdipCreateRegion (region=0xd7e490) returned 0x0
[0187.699] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0187.699] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0187.699] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0187.699] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a8) returned 0x0
[0187.699] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0187.699] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0187.700] LocalFree (hMem=0x11eec58) returned 0x0
[0187.700] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0187.700] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0187.700] LocalFree (hMem=0x11ee868) returned 0x0
[0187.700] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0187.700] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0187.700] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0187.706] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0187.706] GdipDeleteRegion (region=0x6645248) returned 0x0
[0187.706] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0187.706] GetCurrentObject (hdc=0x350107f1, type=0x1) returned 0xb00017
[0187.706] GetCurrentObject (hdc=0x350107f1, type=0x2) returned 0x900010
[0187.706] GetCurrentObject (hdc=0x350107f1, type=0x7) returned 0x4a0507fe
[0187.706] GetCurrentObject (hdc=0x350107f1, type=0x6) returned 0x8a01c2
[0187.706] SaveDC (hdc=0x350107f1) returned 1
[0187.706] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe70407de
[0187.706] GetClipRgn (hdc=0x350107f1, hrgn=0xe70407de) returned 0
[0187.706] SelectClipRgn (hdc=0x350107f1, hrgn=0x5e040807) returned 2
[0187.707] DeleteObject (ho=0xe70407de) returned 1
[0187.707] DeleteObject (ho=0x5e040807) returned 1
[0187.707] OffsetViewportOrgEx (in: hdc=0x350107f1, x=0, y=0, lppt=0x2e07e90 | out: lppt=0x2e07e90) returned 1
[0187.707] IsAppThemed () returned 0x1
[0187.707] GetThemeAppProperties () returned 0x3
[0187.707] GetThemeAppProperties () returned 0x3
[0187.707] GetThemeBackgroundContentRect () returned 0x0
[0187.707] RestoreDC (hdc=0x350107f1, nSavedDC=-1) returned 1
[0187.707] GdipReleaseDC (graphics=0x6600030, hdc=0x350107f1) returned 0x0
[0187.707] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0187.707] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0187.707] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0187.707] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0187.707] IsAppThemed () returned 0x1
[0187.707] GetThemeAppProperties () returned 0x3
[0187.707] GetThemeAppProperties () returned 0x3
[0187.707] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0187.708] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0187.708] GetCurrentObject (hdc=0x350107f1, type=0x1) returned 0xb00017
[0187.708] GetCurrentObject (hdc=0x350107f1, type=0x2) returned 0x900010
[0187.708] GetCurrentObject (hdc=0x350107f1, type=0x7) returned 0x4a0507fe
[0187.708] GetCurrentObject (hdc=0x350107f1, type=0x6) returned 0x8a01c2
[0187.708] SaveDC (hdc=0x350107f1) returned 1
[0187.708] GetTextAlign (hdc=0x350107f1) returned 0x0
[0187.708] GetTextColor (hdc=0x350107f1) returned 0x0
[0187.708] GetCurrentObject (hdc=0x350107f1, type=0x6) returned 0x8a01c2
[0187.708] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0187.708] SelectObject (hdc=0x350107f1, h=0x6d0a0520) returned 0x8a01c2
[0187.708] GetBkMode (hdc=0x350107f1) returned 2
[0187.708] SetBkMode (hdc=0x350107f1, mode=1) returned 2
[0187.709] DrawTextExW (in: hdc=0x350107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e08254 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0187.709] DrawTextExW (in: hdc=0x350107f1, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e08254 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0187.709] RestoreDC (hdc=0x350107f1, nSavedDC=-1) returned 1
[0187.709] GdipReleaseDC (graphics=0x6600030, hdc=0x350107f1) returned 0x0
[0187.709] GetFocus () returned 0x602c4
[0187.710] IsAppThemed () returned 0x1
[0187.710] GetThemeAppProperties () returned 0x3
[0187.710] GetThemeAppProperties () returned 0x3
[0187.710] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0187.710] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x350107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0187.710] GdipReleaseDC (graphics=0x6600030, hdc=0x350107f1) returned 0x0
[0187.710] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0187.710] SelectObject (hdc=0x350107f1, h=0x85000f) returned 0x4a0507fe
[0187.710] DeleteDC (hdc=0x350107f1) returned 1
[0187.710] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0187.710] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0187.710] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.710] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.711] WaitMessage () returned 1
[0187.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.732] IsWindowUnicode (hWnd=0x7005c) returned 1
[0187.732] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.732] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.732] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.732] IsWindowUnicode (hWnd=0x7005c) returned 1
[0187.732] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.732] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.732] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.732] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10d023b) returned 0x0
[0187.733] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.733] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.733] WaitMessage () returned 1
[0187.801] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.801] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.801] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.801] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.801] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.802] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.802] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.802] WaitMessage () returned 1
[0187.803] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.803] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.803] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.803] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.803] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.804] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.804] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.804] WaitMessage () returned 1
[0187.806] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.806] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.806] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.806] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.806] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.808] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.808] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.808] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.808] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.808] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.808] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.809] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.809] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.809] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.809] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.809] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.813] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.813] WaitMessage () returned 1
[0187.815] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.815] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.815] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.815] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.815] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.816] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.817] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.817] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.817] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.817] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.817] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.817] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.817] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.817] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.817] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.817] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.818] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.818] WaitMessage () returned 1
[0187.818] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.818] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.818] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.819] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.819] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.820] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.821] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.821] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.821] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.821] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.821] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.821] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.821] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.821] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.821] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.822] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.822] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.822] WaitMessage () returned 1
[0187.822] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.823] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.823] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.823] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.823] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.824] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.825] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.825] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.825] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.825] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.825] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.832] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.832] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.832] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.832] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.832] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.833] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.833] WaitMessage () returned 1
[0187.841] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.841] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.841] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.841] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.841] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.842] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.842] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.842] WaitMessage () returned 1
[0187.843] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.844] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.844] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.844] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.844] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.845] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.845] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.845] WaitMessage () returned 1
[0187.846] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.846] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.846] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.846] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.846] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.847] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.847] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.847] WaitMessage () returned 1
[0187.848] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.848] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.848] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.848] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.848] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.849] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.850] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.850] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.850] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.850] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.850] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.850] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.850] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.850] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.850] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.850] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.851] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.851] WaitMessage () returned 1
[0187.851] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.851] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.851] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.851] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.851] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.853] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.853] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.853] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.853] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.853] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.853] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.854] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.854] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.854] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.854] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.854] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.854] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.854] WaitMessage () returned 1
[0187.855] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.855] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.855] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.855] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.855] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.861] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.861] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.861] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.861] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.861] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.861] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.861] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.861] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.861] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.861] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.862] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.862] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.862] WaitMessage () returned 1
[0187.866] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.866] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.866] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.866] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.866] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.868] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.868] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.868] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.868] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.869] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.869] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.869] IsWindowUnicode (hWnd=0x30122) returned 1
[0187.869] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.869] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.869] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.869] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.870] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.870] WaitMessage () returned 1
[0187.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.890] IsWindowUnicode (hWnd=0x502c6) returned 1
[0187.890] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0187.890] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0187.890] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0187.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0187.891] WaitMessage () returned 1
[0189.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f2) returned 0x1
[0189.482] IsWindowUnicode (hWnd=0x602c4) returned 1
[0189.482] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.482] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0189.482] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0189.482] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0189.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f2) returned 0x1
[0189.482] IsWindowUnicode (hWnd=0x602c4) returned 1
[0189.482] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f2) returned 0x1
[0189.483] SetCursor (hCursor=0x10003) returned 0x10003
[0189.483] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0189.483] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0189.483] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0189.483] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0189.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0189.483] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0189.483] GetKeyState (nVirtKey=1) returned 1
[0189.483] GetKeyState (nVirtKey=2) returned 0
[0189.483] GetKeyState (nVirtKey=4) returned 0
[0189.483] GetKeyState (nVirtKey=5) returned 0
[0189.483] GetKeyState (nVirtKey=6) returned 0
[0189.483] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.484] IsWindowUnicode (hWnd=0x602c4) returned 1
[0189.484] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.484] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0189.484] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0189.484] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0189.484] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0189.484] CreateCompatibleDC (hdc=0x60100ce) returned 0x280107d1
[0189.484] SelectObject (hdc=0x280107d1, h=0x4a0507fe) returned 0x85000f
[0189.484] GdipCreateFromHDC (hdc=0x280107d1, graphics=0xd7e798) returned 0x0
[0189.484] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0189.484] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0189.485] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0189.485] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0189.485] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e7f8) returned 0x0
[0189.485] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0189.485] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0189.485] LocalFree (hMem=0x11ee868) returned 0x0
[0189.485] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0189.485] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0189.485] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0189.485] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0189.485] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0189.485] GdipRestoreGraphics (graphics=0x6600030, state=0xfb660dbd) returned 0x0
[0189.485] GdipDeleteRegion (region=0x6645758) returned 0x0
[0189.485] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0189.485] GetCurrentObject (hdc=0x280107d1, type=0x1) returned 0xb00017
[0189.485] GetCurrentObject (hdc=0x280107d1, type=0x2) returned 0x900010
[0189.486] GetCurrentObject (hdc=0x280107d1, type=0x7) returned 0x4a0507fe
[0189.486] GetCurrentObject (hdc=0x280107d1, type=0x6) returned 0x8a01c2
[0189.486] SaveDC (hdc=0x280107d1) returned 1
[0189.486] GetNearestColor (hdc=0x280107d1, color=0xff) returned 0xff
[0189.486] GetNearestColor (hdc=0x280107d1, color=0x55) returned 0x55
[0189.486] GetNearestColor (hdc=0x280107d1, color=0x0) returned 0x0
[0189.486] GetNearestColor (hdc=0x280107d1, color=0x55) returned 0x55
[0189.486] GetNearestColor (hdc=0x280107d1, color=0x0) returned 0x0
[0189.486] GetNearestColor (hdc=0x280107d1, color=0x8080ff) returned 0x8080ff
[0189.486] GetNearestColor (hdc=0x280107d1, color=0x7373e5) returned 0x7373e5
[0189.486] GetNearestColor (hdc=0x280107d1, color=0xe5) returned 0xe5
[0189.486] GetNearestColor (hdc=0x280107d1, color=0x0) returned 0x0
[0189.486] RestoreDC (hdc=0x280107d1, nSavedDC=-1) returned 1
[0189.487] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d1) returned 0x0
[0189.487] IsAppThemed () returned 0x1
[0189.487] GetThemeAppProperties () returned 0x3
[0189.487] GetThemeAppProperties () returned 0x3
[0189.487] IsAppThemed () returned 0x1
[0189.487] GetThemeAppProperties () returned 0x3
[0189.487] GetThemeAppProperties () returned 0x3
[0189.487] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e08c9c | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0189.487] IsAppThemed () returned 0x1
[0189.487] GetThemeAppProperties () returned 0x3
[0189.487] GetThemeAppProperties () returned 0x3
[0189.488] IsAppThemed () returned 0x1
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] IsAppThemed () returned 0x1
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] IsAppThemed () returned 0x1
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] IsThemePartDefined () returned 0x1
[0189.488] IsAppThemed () returned 0x1
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0189.488] IsAppThemed () returned 0x1
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] IsAppThemed () returned 0x1
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] GetThemeAppProperties () returned 0x3
[0189.488] IsThemePartDefined () returned 0x1
[0189.489] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0189.489] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0189.489] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0189.489] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0189.489] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e514) returned 0x0
[0189.489] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0189.489] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eed00) returned 0x0
[0189.489] LocalFree (hMem=0x11eed00) returned 0x0
[0189.489] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0189.489] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0189.489] LocalFree (hMem=0x11ee868) returned 0x0
[0189.489] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0189.489] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0189.489] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0189.489] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0189.489] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0189.489] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0189.489] GetCurrentObject (hdc=0x280107d1, type=0x1) returned 0xb00017
[0189.490] GetCurrentObject (hdc=0x280107d1, type=0x2) returned 0x900010
[0189.490] GetCurrentObject (hdc=0x280107d1, type=0x7) returned 0x4a0507fe
[0189.490] GetCurrentObject (hdc=0x280107d1, type=0x6) returned 0x8a01c2
[0189.490] SaveDC (hdc=0x280107d1) returned 1
[0189.490] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0189.490] GetClipRgn (hdc=0x280107d1, hrgn=0x5f040807) returned 0
[0189.490] SelectClipRgn (hdc=0x280107d1, hrgn=0xeb0407de) returned 2
[0189.490] DeleteObject (ho=0x5f040807) returned 1
[0189.490] DeleteObject (ho=0xeb0407de) returned 1
[0189.490] OffsetViewportOrgEx (in: hdc=0x280107d1, x=0, y=0, lppt=0x2e0934c | out: lppt=0x2e0934c) returned 1
[0189.490] DrawThemeParentBackground () returned 0x0
[0189.490] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0189.491] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0189.491] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.491] GetSystemMetrics (nIndex=42) returned 0
[0189.491] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0189.491] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0189.491] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0189.491] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0189.491] SelectPalette (hdc=0x280107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0189.491] GdipCreateFromHDC (hdc=0x280107d1, graphics=0xd7dff0) returned 0x0
[0189.491] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0189.491] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0189.491] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638c08) returned 0x0
[0189.491] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfc8) returned 0x0
[0189.492] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0189.492] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0189.492] GdipGetClip (graphics=0x6648730, region=0x6645248) returned 0x0
[0189.492] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6648730, result=0xd7dfbc) returned 0x0
[0189.492] GdipDeleteRegion (region=0x6645248) returned 0x0
[0189.492] GdipSaveGraphics (graphics=0x6648730, state=0xd7dfe8) returned 0x0
[0189.492] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0189.503] GdipFillRectangleI (graphics=0x6648730, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0189.503] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0189.504] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0189.504] SelectPalette (hdc=0x280107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0189.505] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.505] GetSystemMetrics (nIndex=42) returned 0
[0189.505] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0189.505] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0189.505] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0189.505] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0189.505] SelectPalette (hdc=0x280107d1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0189.505] GdipCreateFromHDC (hdc=0x280107d1, graphics=0xd7df90) returned 0x0
[0189.505] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0189.505] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0189.506] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638c38) returned 0x0
[0189.506] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df68) returned 0x0
[0189.506] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0189.506] GdipCreateRegion (region=0xd7df50) returned 0x0
[0189.506] GdipGetClip (graphics=0x6648730, region=0x6645b48) returned 0x0
[0189.506] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6648730, result=0xd7df5c) returned 0x0
[0189.506] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0189.506] GdipSaveGraphics (graphics=0x6648730, state=0xd7df88) returned 0x0
[0189.506] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0189.516] GdipFillRectangleI (graphics=0x6648730, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0189.516] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0189.518] GdipRestoreGraphics (graphics=0x6648730, state=0xfb620dbd) returned 0x0
[0189.518] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.519] GetSystemMetrics (nIndex=42) returned 0
[0189.519] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0189.519] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0189.519] SelectPalette (hdc=0x280107d1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0189.520] RestoreDC (hdc=0x280107d1, nSavedDC=-1) returned 1
[0189.520] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d1) returned 0x0
[0189.520] IsAppThemed () returned 0x1
[0189.520] GetThemeAppProperties () returned 0x3
[0189.520] GetThemeAppProperties () returned 0x3
[0189.520] IsAppThemed () returned 0x1
[0189.520] GetThemeAppProperties () returned 0x3
[0189.520] GetThemeAppProperties () returned 0x3
[0189.520] IsThemePartDefined () returned 0x1
[0189.520] GdipCreateRegion (region=0xd7e480) returned 0x0
[0189.520] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0189.520] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0189.520] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0189.520] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0189.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0189.520] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0189.520] LocalFree (hMem=0x11eec58) returned 0x0
[0189.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0189.521] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0189.521] LocalFree (hMem=0x11ee788) returned 0x0
[0189.521] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0189.521] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0189.521] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0189.521] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0189.521] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0189.521] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0189.521] GetCurrentObject (hdc=0x280107d1, type=0x1) returned 0xb00017
[0189.521] GetCurrentObject (hdc=0x280107d1, type=0x2) returned 0x900010
[0189.521] GetCurrentObject (hdc=0x280107d1, type=0x7) returned 0x4a0507fe
[0189.521] GetCurrentObject (hdc=0x280107d1, type=0x6) returned 0x8a01c2
[0189.521] SaveDC (hdc=0x280107d1) returned 1
[0189.521] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xec0407de
[0189.521] GetClipRgn (hdc=0x280107d1, hrgn=0xec0407de) returned 0
[0189.522] SelectClipRgn (hdc=0x280107d1, hrgn=0x61040807) returned 2
[0189.522] DeleteObject (ho=0xec0407de) returned 1
[0189.522] DeleteObject (ho=0x61040807) returned 1
[0189.522] OffsetViewportOrgEx (in: hdc=0x280107d1, x=0, y=0, lppt=0x2e0fb9c | out: lppt=0x2e0fb9c) returned 1
[0189.522] IsAppThemed () returned 0x1
[0189.522] GetThemeAppProperties () returned 0x3
[0189.522] GetThemeAppProperties () returned 0x3
[0189.522] DrawThemeBackground () returned 0x0
[0189.522] RestoreDC (hdc=0x280107d1, nSavedDC=-1) returned 1
[0189.522] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d1) returned 0x0
[0189.522] GdipCreateRegion (region=0xd7e484) returned 0x0
[0189.522] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0189.522] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0189.522] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0189.522] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e49c) returned 0x0
[0189.522] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0189.523] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0189.523] LocalFree (hMem=0x11ee788) returned 0x0
[0189.523] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0189.523] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0189.523] LocalFree (hMem=0x11eec58) returned 0x0
[0189.523] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0189.523] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0189.523] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0189.523] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0189.523] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0189.523] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0189.523] GetCurrentObject (hdc=0x280107d1, type=0x1) returned 0xb00017
[0189.523] GetCurrentObject (hdc=0x280107d1, type=0x2) returned 0x900010
[0189.523] GetCurrentObject (hdc=0x280107d1, type=0x7) returned 0x4a0507fe
[0189.523] GetCurrentObject (hdc=0x280107d1, type=0x6) returned 0x8a01c2
[0189.523] SaveDC (hdc=0x280107d1) returned 1
[0189.524] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x62040807
[0189.524] GetClipRgn (hdc=0x280107d1, hrgn=0x62040807) returned 0
[0189.524] SelectClipRgn (hdc=0x280107d1, hrgn=0xed0407de) returned 2
[0189.524] DeleteObject (ho=0x62040807) returned 1
[0189.524] DeleteObject (ho=0xed0407de) returned 1
[0189.524] OffsetViewportOrgEx (in: hdc=0x280107d1, x=0, y=0, lppt=0x2e0fe70 | out: lppt=0x2e0fe70) returned 1
[0189.524] IsAppThemed () returned 0x1
[0189.524] GetThemeAppProperties () returned 0x3
[0189.524] GetThemeAppProperties () returned 0x3
[0189.524] GetThemeBackgroundContentRect () returned 0x0
[0189.524] RestoreDC (hdc=0x280107d1, nSavedDC=-1) returned 1
[0189.524] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d1) returned 0x0
[0189.524] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0189.524] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0189.524] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0189.525] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0189.525] IsAppThemed () returned 0x1
[0189.525] GetThemeAppProperties () returned 0x3
[0189.525] GetThemeAppProperties () returned 0x3
[0189.525] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0189.525] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0189.525] GetCurrentObject (hdc=0x280107d1, type=0x1) returned 0xb00017
[0189.525] GetCurrentObject (hdc=0x280107d1, type=0x2) returned 0x900010
[0189.525] GetCurrentObject (hdc=0x280107d1, type=0x7) returned 0x4a0507fe
[0189.525] GetCurrentObject (hdc=0x280107d1, type=0x6) returned 0x8a01c2
[0189.525] SaveDC (hdc=0x280107d1) returned 1
[0189.525] GetTextAlign (hdc=0x280107d1) returned 0x0
[0189.525] GetTextColor (hdc=0x280107d1) returned 0x0
[0189.525] GetCurrentObject (hdc=0x280107d1, type=0x6) returned 0x8a01c2
[0189.525] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0189.526] SelectObject (hdc=0x280107d1, h=0x6d0a0520) returned 0x8a01c2
[0189.526] GetBkMode (hdc=0x280107d1) returned 2
[0189.526] SetBkMode (hdc=0x280107d1, mode=1) returned 2
[0189.526] DrawTextExW (in: hdc=0x280107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e10234 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0189.526] DrawTextExW (in: hdc=0x280107d1, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e10234 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0189.527] RestoreDC (hdc=0x280107d1, nSavedDC=-1) returned 1
[0189.527] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d1) returned 0x0
[0189.527] GetFocus () returned 0x602c4
[0189.527] IsAppThemed () returned 0x1
[0189.527] GetThemeAppProperties () returned 0x3
[0189.527] GetThemeAppProperties () returned 0x3
[0189.527] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0189.527] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x280107d1, x1=0, y1=0, rop=0xcc0020) returned 1
[0189.527] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d1) returned 0x0
[0189.527] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0189.528] SelectObject (hdc=0x280107d1, h=0x85000f) returned 0x4a0507fe
[0189.528] DeleteDC (hdc=0x280107d1) returned 1
[0189.528] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0189.528] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0189.529] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0189.529] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0189.529] WaitMessage () returned 1
[0189.591] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.591] IsWindowUnicode (hWnd=0x602c4) returned 1
[0189.591] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.591] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0189.591] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0189.591] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.591] IsWindowUnicode (hWnd=0x602c4) returned 1
[0189.591] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.591] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0189.591] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0189.591] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0017) returned 0x0
[0189.592] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0189.592] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0189.592] WaitMessage () returned 1
[0189.718] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.718] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f2) returned 0x1
[0189.718] IsWindowUnicode (hWnd=0x602c4) returned 1
[0189.718] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.718] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f2) returned 0x1
[0189.718] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0189.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e0034) returned 0x0
[0189.719] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0189.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0189.719] SetCursor (hCursor=0x10003) returned 0x10003
[0189.719] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0189.719] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0189.719] GetKeyState (nVirtKey=1) returned -128
[0189.719] GetKeyState (nVirtKey=2) returned 0
[0189.719] GetKeyState (nVirtKey=4) returned 0
[0189.719] GetKeyState (nVirtKey=5) returned 0
[0189.719] GetKeyState (nVirtKey=6) returned 0
[0189.719] IsWindowVisible (hWnd=0x602c4) returned 1
[0189.719] IsWindowEnabled (hWnd=0x602c4) returned 1
[0189.719] SetFocus (hWnd=0x602c4) returned 0x602c4
[0189.719] GetFocus () returned 0x602c4
[0189.719] GetFocus () returned 0x602c4
[0189.719] GetFocus () returned 0x602c4
[0189.719] GetKeyState (nVirtKey=1) returned -128
[0189.719] GetKeyState (nVirtKey=2) returned 0
[0189.719] GetKeyState (nVirtKey=4) returned 0
[0189.719] GetKeyState (nVirtKey=5) returned 0
[0189.720] GetKeyState (nVirtKey=6) returned 0
[0189.720] GetCapture () returned 0x0
[0189.720] SetCapture (hWnd=0x602c4) returned 0x0
[0189.720] GetKeyState (nVirtKey=1) returned -128
[0189.720] GetKeyState (nVirtKey=2) returned 0
[0189.720] GetKeyState (nVirtKey=4) returned 0
[0189.720] GetKeyState (nVirtKey=5) returned 0
[0189.720] GetKeyState (nVirtKey=6) returned 0
[0189.720] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0189.720] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0189.720] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.720] IsWindowUnicode (hWnd=0x602c4) returned 1
[0189.720] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0189.720] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0189.720] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0189.720] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e103b8, cPoints=0x1 | out: lpPoints=0x2e103b8) returned 40304859
[0189.720] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0189.720] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0189.720] UpdateWindow (hWnd=0x602c4) returned 1
[0189.720] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0189.721] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0189.721] CreateCompatibleDC (hdc=0x60100ce) returned 0x92010793
[0189.721] SelectObject (hdc=0x92010793, h=0x4a0507fe) returned 0x85000f
[0189.721] GdipCreateFromHDC (hdc=0x92010793, graphics=0xd7e430) returned 0x0
[0189.721] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0189.721] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0189.721] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0189.721] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0189.721] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e490) returned 0x0
[0189.721] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0189.721] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0189.721] LocalFree (hMem=0x11ee9f0) returned 0x0
[0189.721] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0189.721] GdipCreateRegion (region=0xd7e478) returned 0x0
[0189.721] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0189.721] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0189.722] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0189.722] GdipRestoreGraphics (graphics=0x6600030, state=0xfb600dbd) returned 0x0
[0189.722] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0189.722] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0189.722] GetCurrentObject (hdc=0x92010793, type=0x1) returned 0xb00017
[0189.722] GetCurrentObject (hdc=0x92010793, type=0x2) returned 0x900010
[0189.722] GetCurrentObject (hdc=0x92010793, type=0x7) returned 0x4a0507fe
[0189.722] GetCurrentObject (hdc=0x92010793, type=0x6) returned 0x8a01c2
[0189.722] SaveDC (hdc=0x92010793) returned 1
[0189.722] GetNearestColor (hdc=0x92010793, color=0xff) returned 0xff
[0189.722] GetNearestColor (hdc=0x92010793, color=0x55) returned 0x55
[0189.722] GetNearestColor (hdc=0x92010793, color=0x0) returned 0x0
[0189.722] GetNearestColor (hdc=0x92010793, color=0x55) returned 0x55
[0189.722] GetNearestColor (hdc=0x92010793, color=0x0) returned 0x0
[0189.722] GetNearestColor (hdc=0x92010793, color=0x8080ff) returned 0x8080ff
[0189.722] GetNearestColor (hdc=0x92010793, color=0x7373e5) returned 0x7373e5
[0189.722] GetNearestColor (hdc=0x92010793, color=0xe5) returned 0xe5
[0189.722] GetNearestColor (hdc=0x92010793, color=0x0) returned 0x0
[0189.723] RestoreDC (hdc=0x92010793, nSavedDC=-1) returned 1
[0189.723] GdipReleaseDC (graphics=0x6600030, hdc=0x92010793) returned 0x0
[0189.723] IsAppThemed () returned 0x1
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] IsAppThemed () returned 0x1
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e10ad4 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0189.723] IsAppThemed () returned 0x1
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] IsAppThemed () returned 0x1
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] GetThemeAppProperties () returned 0x3
[0189.723] IsAppThemed () returned 0x1
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] IsAppThemed () returned 0x1
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] IsThemePartDefined () returned 0x1
[0189.724] IsAppThemed () returned 0x1
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0189.724] IsAppThemed () returned 0x1
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] IsAppThemed () returned 0x1
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] GetThemeAppProperties () returned 0x3
[0189.724] IsThemePartDefined () returned 0x1
[0189.724] GdipCreateRegion (region=0xd7e194) returned 0x0
[0189.724] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0189.724] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0189.724] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0189.724] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e1ac) returned 0x0
[0189.724] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0189.724] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0189.724] LocalFree (hMem=0x11eec58) returned 0x0
[0189.724] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0189.724] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0189.725] LocalFree (hMem=0x11eec58) returned 0x0
[0189.725] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0189.725] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0189.725] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0189.725] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0189.725] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0189.725] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0189.725] GetCurrentObject (hdc=0x92010793, type=0x1) returned 0xb00017
[0189.725] GetCurrentObject (hdc=0x92010793, type=0x2) returned 0x900010
[0189.725] GetCurrentObject (hdc=0x92010793, type=0x7) returned 0x4a0507fe
[0189.725] GetCurrentObject (hdc=0x92010793, type=0x6) returned 0x8a01c2
[0189.725] SaveDC (hdc=0x92010793) returned 1
[0189.725] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xee0407de
[0189.725] GetClipRgn (hdc=0x92010793, hrgn=0xee0407de) returned 0
[0189.725] SelectClipRgn (hdc=0x92010793, hrgn=0x66040807) returned 2
[0189.725] DeleteObject (ho=0xee0407de) returned 1
[0189.725] DeleteObject (ho=0x66040807) returned 1
[0189.725] OffsetViewportOrgEx (in: hdc=0x92010793, x=0, y=0, lppt=0x2e11184 | out: lppt=0x2e11184) returned 1
[0189.725] DrawThemeParentBackground () returned 0x0
[0189.726] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0189.726] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0189.726] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.726] GetSystemMetrics (nIndex=42) returned 0
[0189.726] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0189.726] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0189.726] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0189.726] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0189.726] SelectPalette (hdc=0x92010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0189.726] GdipCreateFromHDC (hdc=0x92010793, graphics=0xd7dc88) returned 0x0
[0189.726] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0189.726] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0189.726] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638ab8) returned 0x0
[0189.726] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc60) returned 0x0
[0189.726] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0189.727] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0189.727] GdipGetClip (graphics=0x6648730, region=0x6645758) returned 0x0
[0189.727] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6648730, result=0xd7dc54) returned 0x0
[0189.727] GdipDeleteRegion (region=0x6645758) returned 0x0
[0189.727] GdipSaveGraphics (graphics=0x6648730, state=0xd7dc80) returned 0x0
[0189.727] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0189.739] GdipFillRectangleI (graphics=0x6648730, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0189.739] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0189.740] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0189.740] SelectPalette (hdc=0x92010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0189.740] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.740] GetSystemMetrics (nIndex=42) returned 0
[0189.740] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0189.740] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0189.740] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0189.740] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0189.740] SelectPalette (hdc=0x92010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0189.741] GdipCreateFromHDC (hdc=0x92010793, graphics=0xd7dc28) returned 0x0
[0189.741] GdipSetPageUnit (graphics=0x6648730, unit=0x2) returned 0x0
[0189.741] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0189.741] GdipGetWorldTransform (graphics=0x6648730, matrix=0x6638c08) returned 0x0
[0189.741] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0189.741] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0189.741] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0189.741] GdipGetClip (graphics=0x6648730, region=0x6645998) returned 0x0
[0189.741] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6648730, result=0xd7dbf4) returned 0x0
[0189.741] GdipDeleteRegion (region=0x6645998) returned 0x0
[0189.741] GdipSaveGraphics (graphics=0x6648730, state=0xd7dc20) returned 0x0
[0189.741] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0189.749] GdipFillRectangleI (graphics=0x6648730, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0189.749] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0189.750] GdipRestoreGraphics (graphics=0x6648730, state=0xfb5c0dbd) returned 0x0
[0189.750] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.750] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.750] GetSystemMetrics (nIndex=42) returned 0
[0189.750] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.750] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0189.750] GdipDeleteGraphics (graphics=0x6648730) returned 0x0
[0189.750] SelectPalette (hdc=0x92010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0189.750] RestoreDC (hdc=0x92010793, nSavedDC=-1) returned 1
[0189.751] GdipReleaseDC (graphics=0x6600030, hdc=0x92010793) returned 0x0
[0189.751] IsAppThemed () returned 0x1
[0189.751] GetThemeAppProperties () returned 0x3
[0189.751] GetThemeAppProperties () returned 0x3
[0189.751] IsAppThemed () returned 0x1
[0189.751] GetThemeAppProperties () returned 0x3
[0189.751] GetThemeAppProperties () returned 0x3
[0189.751] IsThemePartDefined () returned 0x1
[0189.751] GdipCreateRegion (region=0xd7e118) returned 0x0
[0189.751] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0189.751] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0189.751] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0189.751] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e130) returned 0x0
[0189.751] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0189.751] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0189.751] LocalFree (hMem=0x11ee910) returned 0x0
[0189.751] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0189.751] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0189.751] LocalFree (hMem=0x11ee788) returned 0x0
[0189.751] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0189.751] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e158) returned 0x0
[0189.751] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e148) returned 0x0
[0189.751] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0189.752] GdipDeleteRegion (region=0x6646178) returned 0x0
[0189.752] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0189.752] GetCurrentObject (hdc=0x92010793, type=0x1) returned 0xb00017
[0189.752] GetCurrentObject (hdc=0x92010793, type=0x2) returned 0x900010
[0189.752] GetCurrentObject (hdc=0x92010793, type=0x7) returned 0x4a0507fe
[0189.752] GetCurrentObject (hdc=0x92010793, type=0x6) returned 0x8a01c2
[0189.752] SaveDC (hdc=0x92010793) returned 1
[0189.752] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x67040807
[0189.752] GetClipRgn (hdc=0x92010793, hrgn=0x67040807) returned 0
[0189.752] SelectClipRgn (hdc=0x92010793, hrgn=0xf00407de) returned 2
[0189.752] DeleteObject (ho=0x67040807) returned 1
[0189.752] DeleteObject (ho=0xf00407de) returned 1
[0189.752] OffsetViewportOrgEx (in: hdc=0x92010793, x=0, y=0, lppt=0x2e179d4 | out: lppt=0x2e179d4) returned 1
[0189.752] IsAppThemed () returned 0x1
[0189.752] GetThemeAppProperties () returned 0x3
[0189.752] GetThemeAppProperties () returned 0x3
[0189.752] DrawThemeBackground () returned 0x0
[0189.752] RestoreDC (hdc=0x92010793, nSavedDC=-1) returned 1
[0189.752] GdipReleaseDC (graphics=0x6600030, hdc=0x92010793) returned 0x0
[0189.753] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0189.753] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0189.753] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0189.753] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0189.753] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e134) returned 0x0
[0189.753] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0189.753] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0189.753] LocalFree (hMem=0x11eed00) returned 0x0
[0189.753] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0189.753] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0189.753] LocalFree (hMem=0x11ee910) returned 0x0
[0189.753] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0189.753] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0189.753] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0189.753] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0189.753] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0189.753] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0189.753] GetCurrentObject (hdc=0x92010793, type=0x1) returned 0xb00017
[0189.753] GetCurrentObject (hdc=0x92010793, type=0x2) returned 0x900010
[0189.754] GetCurrentObject (hdc=0x92010793, type=0x7) returned 0x4a0507fe
[0189.754] GetCurrentObject (hdc=0x92010793, type=0x6) returned 0x8a01c2
[0189.754] SaveDC (hdc=0x92010793) returned 1
[0189.754] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf10407de
[0189.754] GetClipRgn (hdc=0x92010793, hrgn=0xf10407de) returned 0
[0189.754] SelectClipRgn (hdc=0x92010793, hrgn=0x68040807) returned 2
[0189.754] DeleteObject (ho=0xf10407de) returned 1
[0189.754] DeleteObject (ho=0x68040807) returned 1
[0189.754] OffsetViewportOrgEx (in: hdc=0x92010793, x=0, y=0, lppt=0x2e17ca8 | out: lppt=0x2e17ca8) returned 1
[0189.754] IsAppThemed () returned 0x1
[0189.754] GetThemeAppProperties () returned 0x3
[0189.754] GetThemeAppProperties () returned 0x3
[0189.754] GetThemeBackgroundContentRect () returned 0x0
[0189.754] RestoreDC (hdc=0x92010793, nSavedDC=-1) returned 1
[0189.754] GdipReleaseDC (graphics=0x6600030, hdc=0x92010793) returned 0x0
[0189.754] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0189.754] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0189.754] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0189.754] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0189.754] IsAppThemed () returned 0x1
[0189.755] GetThemeAppProperties () returned 0x3
[0189.755] GetThemeAppProperties () returned 0x3
[0189.755] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0189.755] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0189.755] GetCurrentObject (hdc=0x92010793, type=0x1) returned 0xb00017
[0189.755] GetCurrentObject (hdc=0x92010793, type=0x2) returned 0x900010
[0189.755] GetCurrentObject (hdc=0x92010793, type=0x7) returned 0x4a0507fe
[0189.755] GetCurrentObject (hdc=0x92010793, type=0x6) returned 0x8a01c2
[0189.755] SaveDC (hdc=0x92010793) returned 1
[0189.755] GetTextAlign (hdc=0x92010793) returned 0x0
[0189.755] GetTextColor (hdc=0x92010793) returned 0x0
[0189.755] GetCurrentObject (hdc=0x92010793, type=0x6) returned 0x8a01c2
[0189.755] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0189.755] SelectObject (hdc=0x92010793, h=0x6d0a0520) returned 0x8a01c2
[0189.755] GetBkMode (hdc=0x92010793) returned 2
[0189.755] SetBkMode (hdc=0x92010793, mode=1) returned 2
[0189.756] DrawTextExW (in: hdc=0x92010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e1806c | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0189.756] DrawTextExW (in: hdc=0x92010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e1806c | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0189.756] RestoreDC (hdc=0x92010793, nSavedDC=-1) returned 1
[0189.756] GdipReleaseDC (graphics=0x6600030, hdc=0x92010793) returned 0x0
[0189.756] GetFocus () returned 0x602c4
[0189.756] IsAppThemed () returned 0x1
[0189.756] GetThemeAppProperties () returned 0x3
[0189.756] GetThemeAppProperties () returned 0x3
[0189.757] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0189.757] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x92010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0189.757] GdipReleaseDC (graphics=0x6600030, hdc=0x92010793) returned 0x0
[0189.757] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0189.757] SelectObject (hdc=0x92010793, h=0x85000f) returned 0x4a0507fe
[0189.757] DeleteDC (hdc=0x92010793) returned 1
[0189.757] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0189.757] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0189.757] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e18168, cPoints=0x1 | out: lpPoints=0x2e18168) returned 40304859
[0189.757] WindowFromPoint (Point=0xf2) returned 0x602c4
[0189.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f2) returned 0x1
[0189.758] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0189.758] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0189.758] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0189.758] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0189.758] GetSystemMetrics (nIndex=42) returned 0
[0189.758] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0189.758] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0189.759] GetCapture () returned 0x602c4
[0189.759] ReleaseCapture () returned 1
[0189.760] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0189.760] GetProcessWindowStation () returned 0x13c
[0189.760] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.760] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0189.760] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.760] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0189.761] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.761] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0189.761] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.761] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0189.761] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.761] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0189.761] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.762] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0189.762] GetDC (hWnd=0x0) returned 0x107b9
[0189.762] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0189.762] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0189.762] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0189.762] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0189.762] GetSystemMetrics (nIndex=5) returned 1
[0189.762] GetSystemMetrics (nIndex=6) returned 1
[0189.762] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.763] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0189.764] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.764] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0189.766] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0189.767] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0189.767] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.767] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0189.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.767] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0189.768] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e1db84 | out: lpData=0x2e1db84) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e1df94, puLen=0xd7e810) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1dc3c, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1dc90, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1dd10, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1dd78, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1ddb8, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1de40, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1de7c, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1ded4, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1df04, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1df40, puLen=0xd7e790) returned 1
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e1df94, puLen=0xd7e784) returned 1
[0189.769] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.769] VerQueryValueW (in: pBlock=0x2e1db84, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e1dbac, puLen=0xd7e794) returned 1
[0189.770] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0189.770] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0189.770] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.770] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0189.770] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.770] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0189.770] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e1faf4 | out: lpData=0x2e1faf4) returned 1
[0189.770] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e1fb90, puLen=0xd7e810) returned 1
[0189.770] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fc08, puLen=0xd7e790) returned 1
[0189.770] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fc38, puLen=0xd7e790) returned 1
[0189.770] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fc74, puLen=0xd7e790) returned 1
[0189.770] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fca4, puLen=0xd7e790) returned 1
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fcec, puLen=0xd7e790) returned 1
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fd64, puLen=0xd7e790) returned 1
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fda8, puLen=0xd7e790) returned 1
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fde8, puLen=0xd7e790) returned 1
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fbe6, puLen=0xd7e790) returned 1
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1fd34, puLen=0xd7e790) returned 1
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e1fb90, puLen=0xd7e784) returned 1
[0189.771] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0189.771] VerQueryValueW (in: pBlock=0x2e1faf4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e1fb1c, puLen=0xd7e794) returned 1
[0189.772] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0189.772] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0189.772] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.772] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0189.772] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.772] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0189.773] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e21dcc | out: lpData=0x2e21dcc) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e221e0, puLen=0xd7e810) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21e84, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21ed8, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21f34, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21f94, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21fec, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e22074, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e220c8, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e22120, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e22150, puLen=0xd7e790) returned 1
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.773] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2218c, puLen=0xd7e790) returned 1
[0189.774] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.774] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e221e0, puLen=0xd7e784) returned 1
[0189.774] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.774] VerQueryValueW (in: pBlock=0x2e21dcc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e21df4, puLen=0xd7e794) returned 1
[0189.774] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0189.774] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0189.774] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.775] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0189.775] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.775] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0189.776] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e24404 | out: lpData=0x2e24404) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e24804, puLen=0xd7e810) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e244bc, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24510, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24550, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e245b8, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24610, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24698, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e246ec, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24744, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24774, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e247b0, puLen=0xd7e790) returned 1
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e24804, puLen=0xd7e784) returned 1
[0189.777] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.777] VerQueryValueW (in: pBlock=0x2e24404, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2442c, puLen=0xd7e794) returned 1
[0189.778] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0189.778] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0189.778] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.778] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0189.778] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.778] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0189.779] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e26b40 | out: lpData=0x2e26b40) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e26f08, puLen=0xd7e810) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26bf8, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26c4c, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26c8c, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26cf4, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26d30, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26db8, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26df0, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26e48, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26e78, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26eb4, puLen=0xd7e790) returned 1
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e26f08, puLen=0xd7e784) returned 1
[0189.780] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.780] VerQueryValueW (in: pBlock=0x2e26b40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e26b68, puLen=0xd7e794) returned 1
[0189.781] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0189.781] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0189.781] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.781] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0189.781] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.781] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0189.782] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e2a1a8 | out: lpData=0x2e2a1a8) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2a588, puLen=0xd7e810) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a260, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a2b4, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a2f4, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a354, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a3a0, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a428, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a470, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a4c8, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a4f8, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a534, puLen=0xd7e790) returned 1
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2a588, puLen=0xd7e784) returned 1
[0189.783] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.783] VerQueryValueW (in: pBlock=0x2e2a1a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2a1d0, puLen=0xd7e794) returned 1
[0189.784] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0189.784] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0189.784] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.784] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0189.784] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.784] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0189.785] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e2c9c8 | out: lpData=0x2e2c9c8) returned 1
[0189.785] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2cdd4, puLen=0xd7e810) returned 1
[0189.785] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ca80, puLen=0xd7e790) returned 1
[0189.785] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cad4, puLen=0xd7e790) returned 1
[0189.785] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cb28, puLen=0xd7e790) returned 1
[0189.785] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cb88, puLen=0xd7e790) returned 1
[0189.785] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cbe0, puLen=0xd7e790) returned 1
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cc68, puLen=0xd7e790) returned 1
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ccbc, puLen=0xd7e790) returned 1
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cd14, puLen=0xd7e790) returned 1
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cd44, puLen=0xd7e790) returned 1
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2cd80, puLen=0xd7e790) returned 1
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2cdd4, puLen=0xd7e784) returned 1
[0189.786] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.786] VerQueryValueW (in: pBlock=0x2e2c9c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2c9f0, puLen=0xd7e794) returned 1
[0189.787] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0189.787] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0189.787] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.787] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0189.787] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.787] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0189.788] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e2f1dc | out: lpData=0x2e2f1dc) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2f5b4, puLen=0xd7e810) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f294, puLen=0xd7e790) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f2e8, puLen=0xd7e790) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f328, puLen=0xd7e790) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f390, puLen=0xd7e790) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f3d4, puLen=0xd7e790) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f45c, puLen=0xd7e790) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f49c, puLen=0xd7e790) returned 1
[0189.788] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f4f4, puLen=0xd7e790) returned 1
[0189.789] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f524, puLen=0xd7e790) returned 1
[0189.789] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.789] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2f560, puLen=0xd7e790) returned 1
[0189.789] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.789] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2f5b4, puLen=0xd7e784) returned 1
[0189.789] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.789] VerQueryValueW (in: pBlock=0x2e2f1dc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2f204, puLen=0xd7e794) returned 1
[0189.790] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0189.790] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0189.790] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.790] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0189.790] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.790] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0189.791] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e31734 | out: lpData=0x2e31734) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e31b0c, puLen=0xd7e810) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e317ec, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31840, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31880, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e318e8, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3192c, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e319b4, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e319f4, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31a4c, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31a7c, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31ab8, puLen=0xd7e790) returned 1
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e31b0c, puLen=0xd7e784) returned 1
[0189.792] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.792] VerQueryValueW (in: pBlock=0x2e31734, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3175c, puLen=0xd7e794) returned 1
[0189.793] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0189.793] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0189.793] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0189.793] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0189.793] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0189.793] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0189.796] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e33e6c | out: lpData=0x2e33e6c) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3429c, puLen=0xd7e810) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33f24, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33f78, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33fe8, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34048, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e340a4, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3412c, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34184, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e341dc, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3420c, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34248, puLen=0xd7e790) returned 1
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3429c, puLen=0xd7e784) returned 1
[0189.797] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0189.797] VerQueryValueW (in: pBlock=0x2e33e6c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e33e94, puLen=0xd7e794) returned 1
[0189.798] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0189.798] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.798] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0189.798] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.798] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.798] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102d2
[0189.799] SetWindowLongW (hWnd=0x1102d2, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0189.799] GetWindowLongW (hWnd=0x1102d2, nIndex=-4) returned 1950089536
[0189.799] SetWindowLongW (hWnd=0x1102d2, nIndex=-4, dwNewLong=19941350) returned 1950089536
[0189.799] GetWindowLongW (hWnd=0x1102d2, nIndex=-4) returned 19941350
[0189.799] GetWindowLongW (hWnd=0x1102d2, nIndex=-16) returned 113311744
[0189.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0189.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0189.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0189.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0189.800] GetClientRect (in: hWnd=0x1102d2, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0189.800] GetWindowRect (in: hWnd=0x1102d2, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0189.801] SetWindowTextW (hWnd=0x1102d2, lpString="WindowsFormsParkingWindow") returned 1
[0189.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0xc, wParam=0x0, lParam=0x2df9344) returned 0x1
[0189.801] GetParent (hWnd=0x1102d2) returned 0x0
[0189.801] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.801] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1102d2, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1202d8
[0189.802] SetWindowLongW (hWnd=0x1202d8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0189.802] GetWindowLongW (hWnd=0x1202d8, nIndex=-4) returned 1868147648
[0189.802] SetWindowLongW (hWnd=0x1202d8, nIndex=-4, dwNewLong=19941430) returned 1868147648
[0189.802] GetWindowLongW (hWnd=0x1202d8, nIndex=-4) returned 19941430
[0189.802] GetWindowLongW (hWnd=0x1202d8, nIndex=-16) returned 1174405133
[0189.802] GetWindowLongW (hWnd=0x1202d8, nIndex=-12) returned 0
[0189.802] SetWindowLongW (hWnd=0x1202d8, nIndex=-12, dwNewLong=1180376) returned 0
[0189.802] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0189.803] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0189.803] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0189.803] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0189.803] GetWindowRect (in: hWnd=0x1202d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0189.803] GetParent (hWnd=0x1202d8) returned 0x1102d2
[0189.803] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d2, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0189.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0189.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0189.804] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0189.804] GetWindowRect (in: hWnd=0x1202d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0189.804] GetParent (hWnd=0x1202d8) returned 0x1102d2
[0189.804] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d2, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0189.804] SendMessageW (hWnd=0x1202d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1202d8) returned 0x0
[0189.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1202d8) returned 0x0
[0189.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.805] GetParent (hWnd=0x1202d8) returned 0x1102d2
[0189.805] GdipCreateFromHWND (hwnd=0x1202d8, graphics=0xd7e844) returned 0x0
[0189.805] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0189.805] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0189.805] GetForegroundWindow () returned 0x7005c
[0189.805] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.805] GetSystemMetrics (nIndex=42) returned 0
[0189.805] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0189.806] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0189.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.806] GetSystemMetrics (nIndex=42) returned 0
[0189.806] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0189.806] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.806] GetCursorPos (in: lpPoint=0x2e382f0 | out: lpPoint=0x2e382f0*(x=242, y=627)) returned 1
[0189.806] MonitorFromPoint (pt=0xf2, dwFlags=0x273) returned 0x10001
[0189.806] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0189.806] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x95010793
[0189.807] GetDeviceCaps (hdc=0x95010793, index=12) returned 32
[0189.807] GetDeviceCaps (hdc=0x95010793, index=14) returned 1
[0189.807] DeleteDC (hdc=0x95010793) returned 1
[0189.807] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0189.807] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0189.807] GetSystemMetrics (nIndex=59) returned 1460
[0189.807] GetSystemMetrics (nIndex=60) returned 920
[0189.807] GetSystemMetrics (nIndex=34) returned 136
[0189.807] GetSystemMetrics (nIndex=35) returned 39
[0189.807] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.807] GetCursorPos (in: lpPoint=0x2e3855c | out: lpPoint=0x2e3855c*(x=242, y=627)) returned 1
[0189.807] MonitorFromPoint (pt=0xef, dwFlags=0x272) returned 0x10001
[0189.807] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0189.807] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x96010793
[0189.808] GetDeviceCaps (hdc=0x96010793, index=12) returned 32
[0189.808] GetDeviceCaps (hdc=0x96010793, index=14) returned 1
[0189.808] DeleteDC (hdc=0x96010793) returned 1
[0189.808] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0189.808] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0189.808] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.808] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0189.808] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e387f4 | out: piconinfo=0x2e387f4) returned 1
[0189.808] GetObjectW (in: h=0x2f0507e5, c=24, pv=0x2e38810 | out: pv=0x2e38810) returned 24
[0189.809] GdipCreateBitmapFromHBITMAP (hbm=0x2f0507e5, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0189.809] GdipGetImageWidth (image=0x66023c8, width=0xd7e750) returned 0x0
[0189.809] GdipGetImageHeight (image=0x66023c8, height=0xd7e748) returned 0x0
[0189.809] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0189.809] GdipBitmapLockBits (bitmap=0x66023c8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e388c8) returned 0x0
[0189.809] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0189.809] GdipBitmapLockBits (bitmap=0x6603778, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e38900) returned 0x0
[0189.810] RtlMoveMemory (in: Destination=0x6663f70, Source=0x665bea8, Length=0x80 | out: Destination=0x6663f70)
[0189.810] RtlMoveMemory (in: Destination=0x6663ff0, Source=0x665be28, Length=0x80 | out: Destination=0x6663ff0)
[0189.810] RtlMoveMemory (in: Destination=0x6664070, Source=0x665bda8, Length=0x80 | out: Destination=0x6664070)
[0189.810] RtlMoveMemory (in: Destination=0x66640f0, Source=0x665bd28, Length=0x80 | out: Destination=0x66640f0)
[0189.810] RtlMoveMemory (in: Destination=0x6664170, Source=0x665bca8, Length=0x80 | out: Destination=0x6664170)
[0189.810] RtlMoveMemory (in: Destination=0x66641f0, Source=0x665bc28, Length=0x80 | out: Destination=0x66641f0)
[0189.810] RtlMoveMemory (in: Destination=0x6664270, Source=0x665bba8, Length=0x80 | out: Destination=0x6664270)
[0189.810] RtlMoveMemory (in: Destination=0x66642f0, Source=0x665bb28, Length=0x80 | out: Destination=0x66642f0)
[0189.810] RtlMoveMemory (in: Destination=0x6664370, Source=0x665baa8, Length=0x80 | out: Destination=0x6664370)
[0189.810] RtlMoveMemory (in: Destination=0x66643f0, Source=0x665ba28, Length=0x80 | out: Destination=0x66643f0)
[0189.810] RtlMoveMemory (in: Destination=0x6664470, Source=0x665b9a8, Length=0x80 | out: Destination=0x6664470)
[0189.810] RtlMoveMemory (in: Destination=0x66644f0, Source=0x665b928, Length=0x80 | out: Destination=0x66644f0)
[0189.810] RtlMoveMemory (in: Destination=0x6664570, Source=0x665b8a8, Length=0x80 | out: Destination=0x6664570)
[0189.810] RtlMoveMemory (in: Destination=0x66645f0, Source=0x665b828, Length=0x80 | out: Destination=0x66645f0)
[0189.811] RtlMoveMemory (in: Destination=0x6664670, Source=0x665b7a8, Length=0x80 | out: Destination=0x6664670)
[0189.811] RtlMoveMemory (in: Destination=0x66646f0, Source=0x665b728, Length=0x80 | out: Destination=0x66646f0)
[0189.811] RtlMoveMemory (in: Destination=0x6664770, Source=0x665b6a8, Length=0x80 | out: Destination=0x6664770)
[0189.811] RtlMoveMemory (in: Destination=0x66647f0, Source=0x665b628, Length=0x80 | out: Destination=0x66647f0)
[0189.811] RtlMoveMemory (in: Destination=0x6664870, Source=0x665b5a8, Length=0x80 | out: Destination=0x6664870)
[0189.811] RtlMoveMemory (in: Destination=0x66648f0, Source=0x665b528, Length=0x80 | out: Destination=0x66648f0)
[0189.811] RtlMoveMemory (in: Destination=0x6664970, Source=0x665b4a8, Length=0x80 | out: Destination=0x6664970)
[0189.811] RtlMoveMemory (in: Destination=0x66649f0, Source=0x665b428, Length=0x80 | out: Destination=0x66649f0)
[0189.811] RtlMoveMemory (in: Destination=0x6664a70, Source=0x665b3a8, Length=0x80 | out: Destination=0x6664a70)
[0189.811] RtlMoveMemory (in: Destination=0x6664af0, Source=0x665b328, Length=0x80 | out: Destination=0x6664af0)
[0189.811] RtlMoveMemory (in: Destination=0x6664b70, Source=0x665b2a8, Length=0x80 | out: Destination=0x6664b70)
[0189.811] RtlMoveMemory (in: Destination=0x6664bf0, Source=0x665b228, Length=0x80 | out: Destination=0x6664bf0)
[0189.811] RtlMoveMemory (in: Destination=0x6664c70, Source=0x665b1a8, Length=0x80 | out: Destination=0x6664c70)
[0189.811] RtlMoveMemory (in: Destination=0x6664cf0, Source=0x665b128, Length=0x80 | out: Destination=0x6664cf0)
[0189.811] RtlMoveMemory (in: Destination=0x6664d70, Source=0x665b0a8, Length=0x80 | out: Destination=0x6664d70)
[0189.811] RtlMoveMemory (in: Destination=0x6664df0, Source=0x665b028, Length=0x80 | out: Destination=0x6664df0)
[0189.811] RtlMoveMemory (in: Destination=0x6664e70, Source=0x665afa8, Length=0x80 | out: Destination=0x6664e70)
[0189.811] RtlMoveMemory (in: Destination=0x6664ef0, Source=0x665af28, Length=0x80 | out: Destination=0x6664ef0)
[0189.811] GdipBitmapUnlockBits (bitmap=0x66023c8, lockedBitmapData=0x2e388c8) returned 0x0
[0189.811] GdipBitmapUnlockBits (bitmap=0x6603778, lockedBitmapData=0x2e38900) returned 0x0
[0189.811] GdipDisposeImage (image=0x66023c8) returned 0x0
[0189.812] DeleteObject (ho=0x2f0507e5) returned 1
[0189.812] DeleteObject (ho=0x97050793) returned 1
[0189.812] GetCurrentThreadId () returned 0xf50
[0189.812] GetCurrentThreadId () returned 0xf50
[0189.812] SetWindowPos (hWnd=0x1202d8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0189.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0189.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0189.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0189.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0189.812] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0189.812] GetWindowRect (in: hWnd=0x1202d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0189.812] GetParent (hWnd=0x1202d8) returned 0x1102d2
[0189.812] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d2, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0189.812] InvalidateRect (hWnd=0x1202d8, lpRect=0x0, bErase=1) returned 1
[0189.813] GetWindowTextLengthW (hWnd=0x1202d8) returned 0
[0189.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0189.813] GetSystemMetrics (nIndex=42) returned 0
[0189.813] GetWindowTextW (in: hWnd=0x1202d8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0189.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0189.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0189.813] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0189.813] GetWindowRect (in: hWnd=0x1202d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0189.813] GetParent (hWnd=0x1202d8) returned 0x1102d2
[0189.813] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d2, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0189.813] GetWindowTextLengthW (hWnd=0x1202d8) returned 0
[0189.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0189.813] GetSystemMetrics (nIndex=42) returned 0
[0189.813] GetWindowTextW (in: hWnd=0x1202d8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0189.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0189.813] GetWindowTextLengthW (hWnd=0x1202d8) returned 0
[0189.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0189.813] GetSystemMetrics (nIndex=42) returned 0
[0189.813] GetWindowTextW (in: hWnd=0x1202d8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0189.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0189.813] SetWindowTextW (hWnd=0x1202d8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0189.814] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xc, wParam=0x0, lParam=0x2e1975c) returned 0x1
[0189.814] InvalidateRect (hWnd=0x1202d8, lpRect=0x0, bErase=1) returned 1
[0189.814] GetCurrentThreadId () returned 0xf50
[0189.814] GetWindowThreadProcessId (in: hWnd=0x1202d8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0189.814] GdipCreateBitmapFromStream (stream=0x509ff10, bitmap=0xd7e840) returned 0x0
[0189.815] GdipImageForceValidation (image=0x6603ac0) returned 0x0
[0189.816] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0189.816] GdipGetImageHeight (image=0x6603ac0, height=0xd7e824) returned 0x0
[0189.816] GdipGetImageWidth (image=0x6603ac0, width=0xd7e824) returned 0x0
[0189.816] GdipGetImageWidth (image=0x6603ac0, width=0xd7e810) returned 0x0
[0189.816] GdipGetImageHeight (image=0x6603ac0, height=0xd7e810) returned 0x0
[0189.816] GdipGetImageWidth (image=0x6603ac0, width=0xd7e800) returned 0x0
[0189.816] GdipGetImageHeight (image=0x6603ac0, height=0xd7e800) returned 0x0
[0189.816] GdipBitmapGetPixel (bitmap=0x6603ac0, x=0, y=15, color=0xd7e810) returned 0x0
[0189.817] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0189.817] GdipGetImageWidth (image=0x6603ac0, width=0xd7e740) returned 0x0
[0189.817] GdipGetImageHeight (image=0x6603ac0, height=0xd7e740) returned 0x0
[0189.817] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0189.817] GdipGetImagePixelFormat (image=0x66030e8, format=0xd7e740) returned 0x0
[0189.817] GdipGetImageGraphicsContext (image=0x66030e8, graphics=0xd7e74c) returned 0x0
[0189.817] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0189.817] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0189.817] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0189.817] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603ac0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0189.817] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0189.817] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0189.817] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0189.818] GdipCreateBitmapFromStream (stream=0x509fef0, bitmap=0xd7e840) returned 0x0
[0189.819] GdipImageForceValidation (image=0x6603ac0) returned 0x0
[0189.820] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0189.820] GdipGetImageHeight (image=0x6603ac0, height=0xd7e824) returned 0x0
[0189.820] GdipGetImageWidth (image=0x6603ac0, width=0xd7e824) returned 0x0
[0189.820] GdipGetImageWidth (image=0x6603ac0, width=0xd7e810) returned 0x0
[0189.820] GdipGetImageHeight (image=0x6603ac0, height=0xd7e810) returned 0x0
[0189.820] GdipGetImageWidth (image=0x6603ac0, width=0xd7e800) returned 0x0
[0189.820] GdipGetImageHeight (image=0x6603ac0, height=0xd7e800) returned 0x0
[0189.820] GdipBitmapGetPixel (bitmap=0x6603ac0, x=0, y=15, color=0xd7e810) returned 0x0
[0189.820] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0189.820] GdipGetImageWidth (image=0x6603ac0, width=0xd7e740) returned 0x0
[0189.820] GdipGetImageHeight (image=0x6603ac0, height=0xd7e740) returned 0x0
[0189.820] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0189.820] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0189.820] GdipGetImageGraphicsContext (image=0x66023c8, graphics=0xd7e74c) returned 0x0
[0189.820] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0189.820] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0189.820] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0189.821] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603ac0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0189.821] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0189.821] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0189.821] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0189.821] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.821] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0189.821] GetCurrentThreadId () returned 0xf50
[0189.821] GetCurrentThreadId () returned 0xf50
[0189.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.822] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0189.822] GetCurrentThreadId () returned 0xf50
[0189.822] GetCurrentThreadId () returned 0xf50
[0189.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.822] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0189.822] GetCurrentThreadId () returned 0xf50
[0189.822] GetCurrentThreadId () returned 0xf50
[0189.822] GetSystemMetrics (nIndex=5) returned 1
[0189.822] GetSystemMetrics (nIndex=6) returned 1
[0189.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.822] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0189.823] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.823] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0189.823] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.823] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0189.823] GetCurrentThreadId () returned 0xf50
[0189.823] GetCurrentThreadId () returned 0xf50
[0189.823] GetProcessWindowStation () returned 0x13c
[0189.823] GetCapture () returned 0x0
[0189.823] GetActiveWindow () returned 0x7005c
[0189.823] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0189.824] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.824] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0189.824] GetCursorPos (in: lpPoint=0x2e39a40 | out: lpPoint=0x2e39a40*(x=242, y=627)) returned 1
[0189.824] MonitorFromPoint (pt=0xf2, dwFlags=0x273) returned 0x10001
[0189.824] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0189.824] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x98010793
[0189.824] GetDeviceCaps (hdc=0x98010793, index=12) returned 32
[0189.824] GetDeviceCaps (hdc=0x98010793, index=14) returned 1
[0189.824] DeleteDC (hdc=0x98010793) returned 1
[0189.824] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0189.825] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.825] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002da
[0189.826] SetWindowLongW (hWnd=0x1002da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0189.826] GetWindowLongW (hWnd=0x1002da, nIndex=-4) returned 1950089536
[0189.827] SetWindowLongW (hWnd=0x1002da, nIndex=-4, dwNewLong=19940870) returned 1950089536
[0189.827] GetWindowLongW (hWnd=0x1002da, nIndex=-4) returned 19940870
[0189.827] GetWindowLongW (hWnd=0x1002da, nIndex=-16) returned 113770496
[0189.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0189.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0189.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0189.828] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0189.828] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0189.828] SetWindowTextW (hWnd=0x1002da, lpString="BB ransomware") returned 1
[0189.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xc, wParam=0x0, lParam=0x2e381dc) returned 0x1
[0189.829] GetStartupInfoW (in: lpStartupInfo=0x2e39d7c | out: lpStartupInfo=0x2e39d7c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0189.830] GetParent (hWnd=0x1002da) returned 0x0
[0189.830] SetWindowLongW (hWnd=0x1002da, nIndex=-8, dwNewLong=0) returned 0
[0189.831] SendMessageW (hWnd=0x1002da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0189.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0189.831] SendMessageW (hWnd=0x1002da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0189.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0189.831] GetSystemMenu (hWnd=0x1002da, bRevert=0) returned 0x51013b
[0189.832] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0189.832] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0189.832] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0189.832] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0189.832] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0189.832] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0189.832] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0189.832] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0189.832] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0189.832] SetWindowPos (hWnd=0x1002da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0189.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0189.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1002da) returned 0x1
[0189.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0189.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0189.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0189.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0189.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0189.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1002da, lParam=0x0) returned 0x0
[0189.838] GetCapture () returned 0x0
[0189.838] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0189.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0189.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0189.844] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0189.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0189.844] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0189.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0189.845] GetParent (hWnd=0x1002da) returned 0x0
[0189.845] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0189.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0189.847] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0189.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0189.847] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0189.848] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0189.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0189.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0189.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0189.850] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.850] GetWindowLongW (hWnd=0x1002da, nIndex=-16) returned 113770496
[0189.850] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0189.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.850] GetSystemMetrics (nIndex=42) returned 0
[0189.850] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0189.851] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0189.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.851] GetSystemMetrics (nIndex=42) returned 0
[0189.851] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0189.851] GetCursorPos (in: lpPoint=0x2e39fb8 | out: lpPoint=0x2e39fb8*(x=242, y=627)) returned 1
[0189.851] MonitorFromPoint (pt=0xf4, dwFlags=0x276) returned 0x10001
[0189.851] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0189.851] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x780107f8
[0189.851] GetDeviceCaps (hdc=0x780107f8, index=12) returned 32
[0189.851] GetDeviceCaps (hdc=0x780107f8, index=14) returned 1
[0189.851] DeleteDC (hdc=0x780107f8) returned 1
[0189.852] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0189.852] GetWindowLongW (hWnd=0x1002da, nIndex=-16) returned 113770496
[0189.852] GetWindowLongW (hWnd=0x1002da, nIndex=-20) returned 327945
[0189.852] SetWindowLongW (hWnd=0x1002da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0189.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0189.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0189.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0189.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0189.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0189.854] SetWindowLongW (hWnd=0x1002da, nIndex=-20, dwNewLong=327681) returned 327945
[0189.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0189.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0189.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0189.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0189.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0189.865] SetWindowPos (hWnd=0x1002da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0189.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0189.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0189.866] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0189.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0189.866] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0189.866] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0189.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0189.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0189.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0189.868] RedrawWindow (hWnd=0x1002da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0189.868] GetSystemMenu (hWnd=0x1002da, bRevert=0) returned 0x51013b
[0189.868] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0189.868] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0189.868] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0189.868] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0189.868] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0189.868] EnableMenuItem (hMenu=0x51013b, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0189.868] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0189.868] GetWindowLongW (hWnd=0x1002da, nIndex=-8) returned 0
[0189.868] SetWindowLongW (hWnd=0x1002da, nIndex=-8, dwNewLong=458844) returned 0
[0189.870] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0189.870] GetProcessWindowStation () returned 0x13c
[0189.870] GetCurrentThreadId () returned 0xf50
[0189.870] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130471e, lParam=0x0) returned 1
[0189.870] IsWindowVisible (hWnd=0x1002da) returned 0
[0189.870] IsWindowVisible (hWnd=0x7005c) returned 1
[0189.870] IsWindowEnabled (hWnd=0x7005c) returned 1
[0189.870] IsWindowVisible (hWnd=0x300ec) returned 0
[0189.870] IsWindowVisible (hWnd=0x502c6) returned 0
[0189.870] IsWindowVisible (hWnd=0x502be) returned 0
[0189.870] GetActiveWindow () returned 0x1002da
[0189.871] GetFocus () returned 0x1002da
[0189.871] IsWindow (hWnd=0x7005c) returned 1
[0189.871] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0189.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0189.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0189.872] GetWindowLongW (hWnd=0x1002da, nIndex=-8) returned 458844
[0189.872] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0189.872] GetCurrentThreadId () returned 0xf50
[0189.872] GetWindowLongW (hWnd=0x1002da, nIndex=-8) returned 458844
[0189.872] IsWindowEnabled (hWnd=0x7005c) returned 0
[0189.872] IsWindowEnabled (hWnd=0x1002da) returned 1
[0189.872] ShowWindow (hWnd=0x1002da, nCmdShow=5) returned 0
[0189.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.873] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0189.873] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.873] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.874] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe005a
[0189.874] SetWindowLongW (hWnd=0xe005a, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0189.874] GetWindowLongW (hWnd=0xe005a, nIndex=-4) returned 1950089536
[0189.874] SetWindowLongW (hWnd=0xe005a, nIndex=-4, dwNewLong=19942230) returned 1950089536
[0189.875] GetWindowLongW (hWnd=0xe005a, nIndex=-4) returned 19942230
[0189.875] GetWindowLongW (hWnd=0xe005a, nIndex=-16) returned 1174405120
[0189.875] GetWindowLongW (hWnd=0xe005a, nIndex=-12) returned 0
[0189.875] SetWindowLongW (hWnd=0xe005a, nIndex=-12, dwNewLong=917594) returned 0
[0189.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0189.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0189.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0189.876] GetWindow (hWnd=0xe005a, uCmd=0x3) returned 0x0
[0189.876] GetClientRect (in: hWnd=0xe005a, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0189.876] GetWindowRect (in: hWnd=0xe005a, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0189.876] GetParent (hWnd=0xe005a) returned 0x1002da
[0189.876] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0189.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0189.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0189.877] GetClientRect (in: hWnd=0xe005a, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0189.877] GetWindowRect (in: hWnd=0xe005a, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0189.877] GetParent (hWnd=0xe005a) returned 0x1002da
[0189.877] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0189.877] SendMessageW (hWnd=0xe005a, Msg=0x2210, wParam=0x5a0001, lParam=0xe005a) returned 0x0
[0189.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x2210, wParam=0x5a0001, lParam=0xe005a) returned 0x0
[0189.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.877] GetParent (hWnd=0xe005a) returned 0x1002da
[0189.877] GetParent (hWnd=0x1202d8) returned 0x1102d2
[0189.877] SetParent (hWndChild=0x1202d8, hWndNewParent=0x1002da) returned 0x1102d2
[0189.877] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0189.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0189.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0189.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0189.879] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0189.879] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0189.879] GetWindowRect (in: hWnd=0x1202d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0189.879] GetParent (hWnd=0x1202d8) returned 0x1002da
[0189.879] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0189.879] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0189.879] GetWindowRect (in: hWnd=0x1202d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0189.879] GetParent (hWnd=0x1202d8) returned 0x1002da
[0189.879] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0189.879] GetParent (hWnd=0x1202d8) returned 0x1002da
[0189.879] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.879] GetWindow (hWnd=0x1202d8, uCmd=0x3) returned 0x0
[0189.879] SetWindowPos (hWnd=0x1202d8, hWndInsertAfter=0xe005a, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0189.879] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0189.880] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0189.880] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0189.880] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0189.880] GetWindowRect (in: hWnd=0x1202d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0189.880] GetParent (hWnd=0x1202d8) returned 0x1002da
[0189.880] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0189.880] GetParent (hWnd=0x1202d8) returned 0x1002da
[0189.880] GetWindow (hWnd=0x1202d8, uCmd=0x3) returned 0xe005a
[0189.880] GetWindowThreadProcessId (in: hWnd=0x1202d8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0189.880] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0189.881] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.881] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.881] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x12013e
[0189.882] SetWindowLongW (hWnd=0x12013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0189.882] GetWindowLongW (hWnd=0x12013e, nIndex=-4) returned 1868032000
[0189.882] SetWindowLongW (hWnd=0x12013e, nIndex=-4, dwNewLong=19942310) returned 1868032000
[0189.882] GetWindowLongW (hWnd=0x12013e, nIndex=-4) returned 19942310
[0189.882] GetWindowLongW (hWnd=0x12013e, nIndex=-16) returned 1174470667
[0189.882] GetWindowLongW (hWnd=0x12013e, nIndex=-12) returned 0
[0189.882] SetWindowLongW (hWnd=0x12013e, nIndex=-12, dwNewLong=1179966) returned 0
[0189.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0189.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0189.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0189.884] SendMessageW (hWnd=0x12013e, Msg=0x2055, wParam=0x12013e, lParam=0x3) returned 0x2
[0189.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0189.885] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0189.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0189.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0189.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0189.885] RedrawWindow (hWnd=0xe005a, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0189.885] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0189.885] RedrawWindow (hWnd=0x1202d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0189.885] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0189.886] RedrawWindow (hWnd=0x12013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0189.886] RedrawWindow (hWnd=0x1002da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0189.886] GetWindow (hWnd=0x12013e, uCmd=0x3) returned 0x1202d8
[0189.886] GetClientRect (in: hWnd=0x12013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0189.886] GetWindowRect (in: hWnd=0x12013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0189.886] GetParent (hWnd=0x12013e) returned 0x1002da
[0189.886] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0189.886] SetWindowTextW (hWnd=0x12013e, lpString="&Details") returned 1
[0189.886] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0189.887] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0189.887] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0189.887] GetClientRect (in: hWnd=0x12013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0189.887] GetWindowRect (in: hWnd=0x12013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0189.887] GetParent (hWnd=0x12013e) returned 0x1002da
[0189.887] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0189.887] SendMessageW (hWnd=0x12013e, Msg=0x2210, wParam=0x13e0001, lParam=0x12013e) returned 0x0
[0189.887] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x2210, wParam=0x13e0001, lParam=0x12013e) returned 0x0
[0189.887] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.888] GetParent (hWnd=0x12013e) returned 0x1002da
[0189.888] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0189.889] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.889] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.889] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002dc
[0189.890] SetWindowLongW (hWnd=0x1002dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0189.890] GetWindowLongW (hWnd=0x1002dc, nIndex=-4) returned 1868032000
[0189.890] SetWindowLongW (hWnd=0x1002dc, nIndex=-4, dwNewLong=19941950) returned 1868032000
[0189.890] GetWindowLongW (hWnd=0x1002dc, nIndex=-4) returned 19941950
[0189.890] GetWindowLongW (hWnd=0x1002dc, nIndex=-16) returned 1174470667
[0189.890] GetWindowLongW (hWnd=0x1002dc, nIndex=-12) returned 0
[0189.890] SetWindowLongW (hWnd=0x1002dc, nIndex=-12, dwNewLong=1049308) returned 0
[0189.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0189.891] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0189.891] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0189.892] SendMessageW (hWnd=0x1002dc, Msg=0x2055, wParam=0x1002dc, lParam=0x3) returned 0x2
[0189.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0189.893] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0189.893] GetWindow (hWnd=0x1002dc, uCmd=0x3) returned 0x12013e
[0189.893] GetClientRect (in: hWnd=0x1002dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0189.893] GetWindowRect (in: hWnd=0x1002dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0189.893] GetParent (hWnd=0x1002dc) returned 0x1002da
[0189.893] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0189.893] SetWindowTextW (hWnd=0x1002dc, lpString="&Continue") returned 1
[0189.893] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0189.894] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0189.894] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0189.894] GetClientRect (in: hWnd=0x1002dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0189.894] GetWindowRect (in: hWnd=0x1002dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0189.894] GetParent (hWnd=0x1002dc) returned 0x1002da
[0189.894] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0189.894] SendMessageW (hWnd=0x1002dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1002dc) returned 0x0
[0189.895] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1002dc) returned 0x0
[0189.895] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.895] GetParent (hWnd=0x1002dc) returned 0x1002da
[0189.895] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0189.895] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.896] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.896] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002de
[0189.896] SetWindowLongW (hWnd=0x1002de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0189.896] GetWindowLongW (hWnd=0x1002de, nIndex=-4) returned 1868032000
[0189.897] SetWindowLongW (hWnd=0x1002de, nIndex=-4, dwNewLong=19941990) returned 1868032000
[0189.897] GetWindowLongW (hWnd=0x1002de, nIndex=-4) returned 19941990
[0189.897] GetWindowLongW (hWnd=0x1002de, nIndex=-16) returned 1174470667
[0189.897] GetWindowLongW (hWnd=0x1002de, nIndex=-12) returned 0
[0189.897] SetWindowLongW (hWnd=0x1002de, nIndex=-12, dwNewLong=1049310) returned 0
[0189.897] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0189.898] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0189.898] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0189.899] SendMessageW (hWnd=0x1002de, Msg=0x2055, wParam=0x1002de, lParam=0x3) returned 0x2
[0189.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0189.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0189.899] GetWindow (hWnd=0x1002de, uCmd=0x3) returned 0x1002dc
[0189.899] GetClientRect (in: hWnd=0x1002de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0189.899] GetWindowRect (in: hWnd=0x1002de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0189.899] GetParent (hWnd=0x1002de) returned 0x1002da
[0189.899] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0189.900] SetWindowTextW (hWnd=0x1002de, lpString="&Quit") returned 1
[0189.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0189.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0189.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0189.901] GetClientRect (in: hWnd=0x1002de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0189.901] GetWindowRect (in: hWnd=0x1002de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0189.901] GetParent (hWnd=0x1002de) returned 0x1002da
[0189.901] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0189.901] SendMessageW (hWnd=0x1002de, Msg=0x2210, wParam=0x2de0001, lParam=0x1002de) returned 0x0
[0189.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x2210, wParam=0x2de0001, lParam=0x1002de) returned 0x0
[0189.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.902] GetParent (hWnd=0x1002de) returned 0x1002da
[0189.902] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0189.902] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0189.902] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0189.903] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1300ea
[0189.903] SetWindowLongW (hWnd=0x1300ea, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0189.904] GetWindowLongW (hWnd=0x1300ea, nIndex=-4) returned 1868026976
[0189.904] SetWindowLongW (hWnd=0x1300ea, nIndex=-4, dwNewLong=19944982) returned 1868026976
[0189.904] GetWindowLongW (hWnd=0x1300ea, nIndex=-4) returned 19944982
[0189.904] GetWindowLongW (hWnd=0x1300ea, nIndex=-16) returned 1177553092
[0189.904] GetWindowLongW (hWnd=0x1300ea, nIndex=-12) returned 0
[0189.904] SetWindowLongW (hWnd=0x1300ea, nIndex=-12, dwNewLong=1245418) returned 0
[0189.904] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0189.905] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0189.906] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0189.932] GetWindow (hWnd=0x1300ea, uCmd=0x3) returned 0x1002de
[0189.932] GetClientRect (in: hWnd=0x1300ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0189.932] GetWindowRect (in: hWnd=0x1300ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0189.932] GetParent (hWnd=0x1300ea) returned 0x1002da
[0189.932] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0189.932] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0189.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.933] GetSystemMetrics (nIndex=42) returned 0
[0189.933] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0189.933] SendMessageW (hWnd=0x1300ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0189.933] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0189.939] SetWindowTextW (hWnd=0x1300ea, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0189.939] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0xc, wParam=0x0, lParam=0x2e35bc4) returned 0x1
[0189.941] GetSystemMetrics (nIndex=5) returned 1
[0189.941] GetSystemMetrics (nIndex=6) returned 1
[0189.941] SendMessageW (hWnd=0x1300ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0189.941] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0189.942] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0189.943] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0189.943] GetClientRect (in: hWnd=0x1300ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0189.943] GetWindowRect (in: hWnd=0x1300ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0189.943] GetParent (hWnd=0x1300ea) returned 0x1002da
[0189.943] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0189.943] SendMessageW (hWnd=0x1300ea, Msg=0x2210, wParam=0xea0001, lParam=0x1300ea) returned 0x0
[0189.943] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x2210, wParam=0xea0001, lParam=0x1300ea) returned 0x0
[0189.943] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0189.944] GetParent (hWnd=0x1300ea) returned 0x1002da
[0189.944] GetWindowLongW (hWnd=0x1002da, nIndex=-8) returned 458844
[0189.944] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0189.944] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0189.944] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7f0107f8
[0189.944] GetDeviceCaps (hdc=0x7f0107f8, index=12) returned 32
[0189.944] GetDeviceCaps (hdc=0x7f0107f8, index=14) returned 1
[0189.944] DeleteDC (hdc=0x7f0107f8) returned 1
[0189.944] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0189.944] GetWindowThreadProcessId (in: hWnd=0x1002da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0189.944] GetCurrentThreadId () returned 0xf50
[0189.945] PostMessageW (hWnd=0x1002da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0189.945] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0189.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0189.945] GetSystemMetrics (nIndex=42) returned 0
[0189.945] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0189.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0189.945] GdipImageGetFrameDimensionsCount (image=0x6603778, count=0xd7e25c) returned 0x0
[0189.945] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7e98
[0189.945] GdipImageGetFrameDimensionsList (image=0x6603778, dimensionIDs=0x11f7e98*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0189.945] LocalFree (hMem=0x11f7e98) returned 0x0
[0189.945] GdipImageGetFrameDimensionsCount (image=0x66030e8, count=0xd7e250) returned 0x0
[0189.945] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7fa0
[0189.945] GdipImageGetFrameDimensionsList (image=0x66030e8, dimensionIDs=0x11f7fa0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0xff, [5]=0xff, [6]=0xff, [7]=0xff)), count=0x1) returned 0x0
[0189.945] LocalFree (hMem=0x11f7fa0) returned 0x0
[0189.945] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0189.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0189.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0190.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0190.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0190.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0190.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0190.005] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0190.006] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0190.006] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.006] GetSystemMetrics (nIndex=42) returned 0
[0190.006] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0190.006] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0190.006] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0190.006] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0190.006] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x7505067c
[0190.006] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0190.006] SaveDC (hdc=0x10105d6) returned 1
[0190.006] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0190.006] CreateSolidBrush (color=0xf0f0f0) returned 0xc11007e1
[0190.006] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0xc11007e1) returned 1
[0190.007] DeleteObject (ho=0xc11007e1) returned 1
[0190.007] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0190.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0190.007] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0190.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0190.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0190.008] GetStockObject (i=5) returned 0x900015
[0190.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0190.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0190.008] GetStockObject (i=5) returned 0x900015
[0190.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0190.009] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0190.009] GetStockObject (i=5) returned 0x900015
[0190.009] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0190.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0190.009] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0190.009] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0190.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0190.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0190.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0190.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0190.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0190.012] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0190.012] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0190.012] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.012] InvalidateRect (hWnd=0x12013e, lpRect=0x0, bErase=0) returned 1
[0190.012] GetFocus () returned 0x1002da
[0190.012] GetFocus () returned 0x1002da
[0190.012] SetFocus (hWnd=0x12013e) returned 0x1002da
[0190.019] GetFocus () returned 0x12013e
[0190.019] IsChild (hWndParent=0x1002da, hWnd=0x12013e) returned 1
[0190.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x8, wParam=0x12013e, lParam=0x0) returned 0x0
[0190.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0190.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0190.023] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0190.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x7, wParam=0x1002da, lParam=0x0) returned 0x0
[0190.024] GetStockObject (i=5) returned 0x900015
[0190.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0190.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0190.024] GetDlgItem (hDlg=0x1002da, nIDDlgItem=1179966) returned 0x12013e
[0190.024] SendMessageW (hWnd=0x12013e, Msg=0x202b, wParam=0x12013e, lParam=0xd7e0dc) returned 0x0
[0190.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x202b, wParam=0x12013e, lParam=0xd7e0dc) returned 0x0
[0190.024] InvalidateRect (hWnd=0x12013e, lpRect=0x0, bErase=0) returned 1
[0190.027] GetFocus () returned 0x12013e
[0190.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0190.041] IsWindowUnicode (hWnd=0x1002da) returned 1
[0190.041] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0190.042] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.042] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0190.042] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0190.050] IsWindowUnicode (hWnd=0x1002da) returned 1
[0190.050] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.050] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.050] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.050] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.051] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.051] IsWindowUnicode (hWnd=0x1002dc) returned 1
[0190.051] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.051] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.051] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.051] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.051] IsWindowUnicode (hWnd=0x602c4) returned 1
[0190.051] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.051] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.051] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.051] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0190.051] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0190.051] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.052] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.052] IsWindowUnicode (hWnd=0x1002dc) returned 1
[0190.052] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.052] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.052] SetCursor (hCursor=0x10003) returned 0x10003
[0190.052] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.052] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.052] _TrackMouseEvent (in: lpEventTrack=0x2e3b300 | out: lpEventTrack=0x2e3b300) returned 1
[0190.052] SendMessageW (hWnd=0x1002dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0190.052] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0190.052] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.052] GetKeyState (nVirtKey=1) returned 0
[0190.053] GetKeyState (nVirtKey=2) returned 0
[0190.053] GetKeyState (nVirtKey=4) returned 0
[0190.053] GetKeyState (nVirtKey=5) returned 0
[0190.053] GetKeyState (nVirtKey=6) returned 0
[0190.053] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.053] IsWindowUnicode (hWnd=0x1002da) returned 1
[0190.053] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.053] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.053] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.053] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.066] IsWindowUnicode (hWnd=0x1002da) returned 1
[0190.066] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.066] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.066] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.067] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.067] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.067] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.067] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.067] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.067] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.068] IsWindowUnicode (hWnd=0x1002da) returned 1
[0190.068] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.068] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.068] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.068] BeginPaint (in: hWnd=0x1002da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0190.068] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.068] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.068] GetSystemMetrics (nIndex=42) returned 0
[0190.068] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0190.068] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.069] EndPaint (hWnd=0x1002da, lpPaint=0xd7e274) returned 1
[0190.069] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.069] IsWindowUnicode (hWnd=0xe005a) returned 1
[0190.069] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.069] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.069] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.069] BeginPaint (in: hWnd=0xe005a, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0190.069] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.069] CreateCompatibleDC (hdc=0x10105d6) returned 0x7e0107f3
[0190.069] SelectObject (hdc=0x7e0107f3, h=0x4a0507fe) returned 0x85000f
[0190.070] GdipCreateFromHDC (hdc=0x7e0107f3, graphics=0xd7e2b0) returned 0x0
[0190.070] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.070] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0190.070] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0190.070] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0190.070] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e310) returned 0x0
[0190.070] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0190.070] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee910) returned 0x0
[0190.070] LocalFree (hMem=0x11ee910) returned 0x0
[0190.070] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0190.070] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0190.070] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0190.070] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e304) returned 0x0
[0190.070] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0190.071] GetWindowTextLengthW (hWnd=0xe005a) returned 0
[0190.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0190.071] GetSystemMetrics (nIndex=42) returned 0
[0190.071] GetWindowTextW (in: hWnd=0xe005a, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0190.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0190.071] GetClientRect (in: hWnd=0xe005a, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0190.071] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0190.071] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0190.071] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0190.071] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0190.071] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e164) returned 0x0
[0190.071] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.071] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0190.071] LocalFree (hMem=0x11eec58) returned 0x0
[0190.071] GdipCombineRegionRegion (region=0x6645e18, region2=0x6645908, combineMode=0x1) returned 0x0
[0190.071] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0190.071] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0190.071] LocalFree (hMem=0x11ee8d8) returned 0x0
[0190.072] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0190.072] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0190.072] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0190.072] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0190.072] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0190.072] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0190.072] GetCurrentObject (hdc=0x7e0107f3, type=0x1) returned 0xb00017
[0190.072] GetCurrentObject (hdc=0x7e0107f3, type=0x2) returned 0x900010
[0190.072] GetCurrentObject (hdc=0x7e0107f3, type=0x7) returned 0x4a0507fe
[0190.072] GetCurrentObject (hdc=0x7e0107f3, type=0x6) returned 0x8a01c2
[0190.072] SaveDC (hdc=0x7e0107f3) returned 1
[0190.072] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x69040807
[0190.072] GetClipRgn (hdc=0x7e0107f3, hrgn=0x69040807) returned 0
[0190.072] SelectClipRgn (hdc=0x7e0107f3, hrgn=0xf40407de) returned 2
[0190.072] DeleteObject (ho=0x69040807) returned 1
[0190.072] DeleteObject (ho=0xf40407de) returned 1
[0190.073] OffsetViewportOrgEx (in: hdc=0x7e0107f3, x=0, y=0, lppt=0x2e3b77c | out: lppt=0x2e3b77c) returned 1
[0190.073] GetNearestColor (hdc=0x7e0107f3, color=0xf0f0f0) returned 0xf0f0f0
[0190.073] CreateSolidBrush (color=0xf0f0f0) returned 0xc21007e1
[0190.073] FillRect (hDC=0x7e0107f3, lprc=0xd7e198, hbr=0xc21007e1) returned 1
[0190.073] DeleteObject (ho=0xc21007e1) returned 1
[0190.073] RestoreDC (hdc=0x7e0107f3, nSavedDC=-1) returned 1
[0190.073] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f3) returned 0x0
[0190.073] GdipRestoreGraphics (graphics=0x6600030, state=0xfb560dbd) returned 0x0
[0190.073] GdipDeleteRegion (region=0x6645908) returned 0x0
[0190.073] GetWindowTextLengthW (hWnd=0xe005a) returned 0
[0190.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0190.073] GetSystemMetrics (nIndex=42) returned 0
[0190.073] GetWindowTextW (in: hWnd=0xe005a, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0190.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0190.073] GdipGetImageWidth (image=0x6603778, width=0xd7e1e0) returned 0x0
[0190.073] GdipGetImageHeight (image=0x6603778, height=0xd7e1e0) returned 0x0
[0190.074] GdipGetImageWidth (image=0x6603778, width=0xd7e1cc) returned 0x0
[0190.074] GdipGetImageHeight (image=0x6603778, height=0xd7e1cc) returned 0x0
[0190.074] GdipDrawImageRectI (graphics=0x6600030, image=0x6603778, x=16, y=16, width=32, height=32) returned 0x0
[0190.074] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0190.074] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x7e0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.074] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f3) returned 0x0
[0190.074] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.074] SelectObject (hdc=0x7e0107f3, h=0x85000f) returned 0x4a0507fe
[0190.074] DeleteDC (hdc=0x7e0107f3) returned 1
[0190.074] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.074] EndPaint (hWnd=0xe005a, lpPaint=0xd7e294) returned 1
[0190.075] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.075] IsWindowUnicode (hWnd=0x1202d8) returned 1
[0190.075] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.075] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.075] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.075] BeginPaint (in: hWnd=0x1202d8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0190.081] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.081] CreateCompatibleDC (hdc=0x107b9) returned 0x56010173
[0190.081] GetObjectType (h=0x107b9) returned 0x3
[0190.081] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0xffffffffbf050803
[0190.081] GetDIBits (in: hdc=0x107b9, hbm=0xbf050803, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0190.082] GetDIBits (in: hdc=0x107b9, hbm=0xbf050803, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0190.082] DeleteObject (ho=0xbf050803) returned 1
[0190.082] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x810507f3
[0190.082] SelectObject (hdc=0x56010173, h=0x810507f3) returned 0x85000f
[0190.082] GdipCreateFromHDC (hdc=0x56010173, graphics=0xd7e234) returned 0x0
[0190.082] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.082] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0190.082] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0190.082] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0190.083] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2d4) returned 0x0
[0190.083] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0190.083] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0190.083] LocalFree (hMem=0x11eed00) returned 0x0
[0190.083] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0190.083] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0190.083] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0190.083] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0190.083] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0190.083] GetWindowTextLengthW (hWnd=0x1202d8) returned 232
[0190.083] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0190.083] GetSystemMetrics (nIndex=42) returned 0
[0190.083] GetWindowTextW (in: hWnd=0x1202d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0190.083] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0190.083] GetClientRect (in: hWnd=0x1202d8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0190.083] GdipCreateRegion (region=0xd7e110) returned 0x0
[0190.083] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0190.083] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0190.084] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0190.084] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e128) returned 0x0
[0190.084] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0190.084] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea60) returned 0x0
[0190.084] LocalFree (hMem=0x11eea60) returned 0x0
[0190.084] GdipCombineRegionRegion (region=0x6645a28, region2=0x66460e8, combineMode=0x1) returned 0x0
[0190.084] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0190.084] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0190.084] LocalFree (hMem=0x11ee8d8) returned 0x0
[0190.084] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0190.084] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e150) returned 0x0
[0190.084] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e140) returned 0x0
[0190.084] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0190.084] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0190.084] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0190.084] GetCurrentObject (hdc=0x56010173, type=0x1) returned 0xb00017
[0190.084] GetCurrentObject (hdc=0x56010173, type=0x2) returned 0x900010
[0190.084] GetCurrentObject (hdc=0x56010173, type=0x7) returned 0xffffffff810507f3
[0190.085] GetCurrentObject (hdc=0x56010173, type=0x6) returned 0x8a01c2
[0190.085] SaveDC (hdc=0x56010173) returned 1
[0190.085] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf50407de
[0190.085] GetClipRgn (hdc=0x56010173, hrgn=0xf50407de) returned 0
[0190.085] SelectClipRgn (hdc=0x56010173, hrgn=0x6a040807) returned 2
[0190.085] DeleteObject (ho=0xf50407de) returned 1
[0190.085] DeleteObject (ho=0x6a040807) returned 1
[0190.085] OffsetViewportOrgEx (in: hdc=0x56010173, x=0, y=0, lppt=0x2e3d144 | out: lppt=0x2e3d144) returned 1
[0190.085] GetNearestColor (hdc=0x56010173, color=0xf0f0f0) returned 0xf0f0f0
[0190.085] CreateSolidBrush (color=0xf0f0f0) returned 0xc31007e1
[0190.085] FillRect (hDC=0x56010173, lprc=0xd7e15c, hbr=0xc31007e1) returned 1
[0190.087] DeleteObject (ho=0xc31007e1) returned 1
[0190.087] RestoreDC (hdc=0x56010173, nSavedDC=-1) returned 1
[0190.087] GdipReleaseDC (graphics=0x6600030, hdc=0x56010173) returned 0x0
[0190.087] GdipRestoreGraphics (graphics=0x6600030, state=0xfb540dbd) returned 0x0
[0190.087] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0190.087] GetWindowTextLengthW (hWnd=0x1202d8) returned 232
[0190.087] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0190.087] GetSystemMetrics (nIndex=42) returned 0
[0190.087] GetWindowTextW (in: hWnd=0x1202d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0190.087] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0190.087] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0190.087] GetCurrentObject (hdc=0x56010173, type=0x1) returned 0xb00017
[0190.087] GetCurrentObject (hdc=0x56010173, type=0x2) returned 0x900010
[0190.088] GetCurrentObject (hdc=0x56010173, type=0x7) returned 0xffffffff810507f3
[0190.088] GetCurrentObject (hdc=0x56010173, type=0x6) returned 0x8a01c2
[0190.088] SaveDC (hdc=0x56010173) returned 1
[0190.088] GetNearestColor (hdc=0x56010173, color=0x0) returned 0x0
[0190.088] RestoreDC (hdc=0x56010173, nSavedDC=-1) returned 1
[0190.088] GdipReleaseDC (graphics=0x6600030, hdc=0x56010173) returned 0x0
[0190.088] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0190.089] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0190.089] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e3d940 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0190.089] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0190.089] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0190.089] GetCurrentObject (hdc=0x56010173, type=0x1) returned 0xb00017
[0190.089] GetCurrentObject (hdc=0x56010173, type=0x2) returned 0x900010
[0190.089] GetCurrentObject (hdc=0x56010173, type=0x7) returned 0xffffffff810507f3
[0190.089] GetCurrentObject (hdc=0x56010173, type=0x6) returned 0x8a01c2
[0190.089] SaveDC (hdc=0x56010173) returned 1
[0190.090] GetTextAlign (hdc=0x56010173) returned 0x0
[0190.090] GetTextColor (hdc=0x56010173) returned 0x0
[0190.090] GetCurrentObject (hdc=0x56010173, type=0x6) returned 0x8a01c2
[0190.090] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0190.090] SelectObject (hdc=0x56010173, h=0x6d0a0520) returned 0x8a01c2
[0190.090] GetBkMode (hdc=0x56010173) returned 2
[0190.090] SetBkMode (hdc=0x56010173, mode=1) returned 2
[0190.090] DrawTextExW (in: hdc=0x56010173, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e3db64 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0190.094] RestoreDC (hdc=0x56010173, nSavedDC=-1) returned 1
[0190.094] GdipReleaseDC (graphics=0x6600030, hdc=0x56010173) returned 0x0
[0190.094] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0190.094] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x56010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.094] GdipReleaseDC (graphics=0x6600030, hdc=0x56010173) returned 0x0
[0190.094] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.095] SelectObject (hdc=0x56010173, h=0x85000f) returned 0x810507f3
[0190.095] DeleteDC (hdc=0x56010173) returned 1
[0190.095] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.095] DeleteObject (ho=0x810507f3) returned 1
[0190.096] EndPaint (hWnd=0x1202d8, lpPaint=0xd7e258) returned 1
[0190.096] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.096] IsWindowUnicode (hWnd=0x12013e) returned 1
[0190.096] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.096] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.097] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.097] BeginPaint (in: hWnd=0x12013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0190.097] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.097] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc2010803
[0190.097] SelectObject (hdc=0xc2010803, h=0x4a0507fe) returned 0x85000f
[0190.097] GdipCreateFromHDC (hdc=0xc2010803, graphics=0xd7e268) returned 0x0
[0190.097] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.097] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0190.097] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0190.097] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0190.097] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0190.097] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0190.098] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0190.098] LocalFree (hMem=0x11ee788) returned 0x0
[0190.098] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0190.098] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0190.098] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0190.098] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0190.098] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0190.098] GdipRestoreGraphics (graphics=0x6600030, state=0xfb520dbd) returned 0x0
[0190.098] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0190.098] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0190.098] GetCurrentObject (hdc=0xc2010803, type=0x1) returned 0xb00017
[0190.098] GetCurrentObject (hdc=0xc2010803, type=0x2) returned 0x900010
[0190.098] GetCurrentObject (hdc=0xc2010803, type=0x7) returned 0x4a0507fe
[0190.098] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.098] SaveDC (hdc=0xc2010803) returned 1
[0190.098] GetNearestColor (hdc=0xc2010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.099] GetNearestColor (hdc=0xc2010803, color=0xa0a0a0) returned 0xa0a0a0
[0190.099] GetNearestColor (hdc=0xc2010803, color=0x696969) returned 0x696969
[0190.099] GetNearestColor (hdc=0xc2010803, color=0xa0a0a0) returned 0xa0a0a0
[0190.099] GetNearestColor (hdc=0xc2010803, color=0x0) returned 0x0
[0190.099] GetNearestColor (hdc=0xc2010803, color=0xffffff) returned 0xffffff
[0190.099] GetNearestColor (hdc=0xc2010803, color=0xe5e5e5) returned 0xe5e5e5
[0190.099] GetNearestColor (hdc=0xc2010803, color=0xd7d7d7) returned 0xd7d7d7
[0190.099] GetNearestColor (hdc=0xc2010803, color=0x0) returned 0x0
[0190.099] RestoreDC (hdc=0xc2010803, nSavedDC=-1) returned 1
[0190.099] GdipReleaseDC (graphics=0x6600030, hdc=0xc2010803) returned 0x0
[0190.099] IsAppThemed () returned 0x1
[0190.099] GetThemeAppProperties () returned 0x3
[0190.099] GetThemeAppProperties () returned 0x3
[0190.099] GdipGetImageWidth (image=0x66030e8, width=0xd7e168) returned 0x0
[0190.100] GdipGetImageHeight (image=0x66030e8, height=0xd7e168) returned 0x0
[0190.100] IsAppThemed () returned 0x1
[0190.100] GetThemeAppProperties () returned 0x3
[0190.100] GetThemeAppProperties () returned 0x3
[0190.100] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e3e2b4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0190.100] IsAppThemed () returned 0x1
[0190.100] GetThemeAppProperties () returned 0x3
[0190.100] GetThemeAppProperties () returned 0x3
[0190.100] IsAppThemed () returned 0x1
[0190.100] GetThemeAppProperties () returned 0x3
[0190.100] GetThemeAppProperties () returned 0x3
[0190.100] GetFocus () returned 0x12013e
[0190.100] IsAppThemed () returned 0x1
[0190.100] GetThemeAppProperties () returned 0x3
[0190.100] GetThemeAppProperties () returned 0x3
[0190.101] IsAppThemed () returned 0x1
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] IsThemePartDefined () returned 0x1
[0190.101] IsAppThemed () returned 0x1
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0190.101] IsAppThemed () returned 0x1
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] IsAppThemed () returned 0x1
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] GetThemeAppProperties () returned 0x3
[0190.101] IsThemePartDefined () returned 0x1
[0190.101] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0190.101] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0190.101] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0190.101] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0190.101] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dff0) returned 0x0
[0190.101] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.101] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0190.102] LocalFree (hMem=0x11eec58) returned 0x0
[0190.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0190.102] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0190.102] LocalFree (hMem=0x11eead0) returned 0x0
[0190.102] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0190.102] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0190.102] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0190.102] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0190.102] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0190.102] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0190.102] GetCurrentObject (hdc=0xc2010803, type=0x1) returned 0xb00017
[0190.102] GetCurrentObject (hdc=0xc2010803, type=0x2) returned 0x900010
[0190.102] GetCurrentObject (hdc=0xc2010803, type=0x7) returned 0x4a0507fe
[0190.102] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.102] SaveDC (hdc=0xc2010803) returned 1
[0190.102] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b040807
[0190.103] GetClipRgn (hdc=0xc2010803, hrgn=0x6b040807) returned 0
[0190.103] SelectClipRgn (hdc=0xc2010803, hrgn=0xf90407de) returned 2
[0190.103] DeleteObject (ho=0x6b040807) returned 1
[0190.103] DeleteObject (ho=0xf90407de) returned 1
[0190.103] OffsetViewportOrgEx (in: hdc=0xc2010803, x=0, y=0, lppt=0x2e3e964 | out: lppt=0x2e3e964) returned 1
[0190.103] DrawThemeParentBackground () returned 0x0
[0190.103] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0190.103] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0190.103] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.103] GetSystemMetrics (nIndex=42) returned 0
[0190.103] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0190.103] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0190.103] GetCurrentObject (hdc=0xc2010803, type=0x1) returned 0xb00017
[0190.104] GetCurrentObject (hdc=0xc2010803, type=0x2) returned 0x900010
[0190.104] GetCurrentObject (hdc=0xc2010803, type=0x7) returned 0x4a0507fe
[0190.104] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.104] SaveDC (hdc=0xc2010803) returned 2
[0190.104] GetNearestColor (hdc=0xc2010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.104] CreateSolidBrush (color=0xf0f0f0) returned 0xc41007e1
[0190.104] FillRect (hDC=0xc2010803, lprc=0xd7da38, hbr=0xc41007e1) returned 1
[0190.104] DeleteObject (ho=0xc41007e1) returned 1
[0190.104] RestoreDC (hdc=0xc2010803, nSavedDC=-1) returned 1
[0190.104] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.104] GetSystemMetrics (nIndex=42) returned 0
[0190.104] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0190.104] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0190.104] GetCurrentObject (hdc=0xc2010803, type=0x1) returned 0xb00017
[0190.105] GetCurrentObject (hdc=0xc2010803, type=0x2) returned 0x900010
[0190.105] GetCurrentObject (hdc=0xc2010803, type=0x7) returned 0x4a0507fe
[0190.105] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.105] SaveDC (hdc=0xc2010803) returned 2
[0190.105] GetNearestColor (hdc=0xc2010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.105] CreateSolidBrush (color=0xf0f0f0) returned 0xc51007e1
[0190.105] FillRect (hDC=0xc2010803, lprc=0xd7d9d8, hbr=0xc51007e1) returned 1
[0190.105] DeleteObject (ho=0xc51007e1) returned 1
[0190.105] RestoreDC (hdc=0xc2010803, nSavedDC=-1) returned 1
[0190.105] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.105] GetSystemMetrics (nIndex=42) returned 0
[0190.105] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0190.105] RestoreDC (hdc=0xc2010803, nSavedDC=-1) returned 1
[0190.106] GdipReleaseDC (graphics=0x6600030, hdc=0xc2010803) returned 0x0
[0190.106] IsAppThemed () returned 0x1
[0190.106] GetThemeAppProperties () returned 0x3
[0190.106] GetThemeAppProperties () returned 0x3
[0190.106] IsAppThemed () returned 0x1
[0190.106] GetThemeAppProperties () returned 0x3
[0190.106] GetThemeAppProperties () returned 0x3
[0190.106] IsThemePartDefined () returned 0x1
[0190.106] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0190.106] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0190.106] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0190.106] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0190.106] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0190.113] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0190.113] LocalFree (hMem=0x11eec58) returned 0x0
[0190.113] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0190.113] LocalFree (hMem=0x11ee788) returned 0x0
[0190.113] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0190.113] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0190.113] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0190.113] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0190.113] GdipDeleteRegion (region=0x6645248) returned 0x0
[0190.113] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0190.113] GetCurrentObject (hdc=0xc2010803, type=0x1) returned 0xb00017
[0190.114] GetCurrentObject (hdc=0xc2010803, type=0x2) returned 0x900010
[0190.114] GetCurrentObject (hdc=0xc2010803, type=0x7) returned 0x4a0507fe
[0190.114] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.114] SaveDC (hdc=0xc2010803) returned 1
[0190.114] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa0407de
[0190.114] GetClipRgn (hdc=0xc2010803, hrgn=0xfa0407de) returned 0
[0190.114] SelectClipRgn (hdc=0xc2010803, hrgn=0x6d040807) returned 2
[0190.114] DeleteObject (ho=0xfa0407de) returned 1
[0190.114] DeleteObject (ho=0x6d040807) returned 1
[0190.114] OffsetViewportOrgEx (in: hdc=0xc2010803, x=0, y=0, lppt=0x2e3f210 | out: lppt=0x2e3f210) returned 1
[0190.114] IsAppThemed () returned 0x1
[0190.114] GetThemeAppProperties () returned 0x3
[0190.114] GetThemeAppProperties () returned 0x3
[0190.114] DrawThemeBackground () returned 0x0
[0190.114] RestoreDC (hdc=0xc2010803, nSavedDC=-1) returned 1
[0190.115] GdipReleaseDC (graphics=0x6600030, hdc=0xc2010803) returned 0x0
[0190.115] GdipCreateRegion (region=0xd7df60) returned 0x0
[0190.115] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0190.115] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0190.115] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0190.115] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0190.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0190.115] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0190.115] LocalFree (hMem=0x11ee868) returned 0x0
[0190.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0190.115] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eed00) returned 0x0
[0190.115] LocalFree (hMem=0x11eed00) returned 0x0
[0190.115] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0190.115] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0190.115] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df90) returned 0x0
[0190.115] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0190.115] GdipDeleteRegion (region=0x6645518) returned 0x0
[0190.116] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0190.116] GetCurrentObject (hdc=0xc2010803, type=0x1) returned 0xb00017
[0190.116] GetCurrentObject (hdc=0xc2010803, type=0x2) returned 0x900010
[0190.116] GetCurrentObject (hdc=0xc2010803, type=0x7) returned 0x4a0507fe
[0190.116] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.116] SaveDC (hdc=0xc2010803) returned 1
[0190.116] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e040807
[0190.116] GetClipRgn (hdc=0xc2010803, hrgn=0x6e040807) returned 0
[0190.116] SelectClipRgn (hdc=0xc2010803, hrgn=0xfb0407de) returned 2
[0190.116] DeleteObject (ho=0x6e040807) returned 1
[0190.116] DeleteObject (ho=0xfb0407de) returned 1
[0190.116] OffsetViewportOrgEx (in: hdc=0xc2010803, x=0, y=0, lppt=0x2e3f4e4 | out: lppt=0x2e3f4e4) returned 1
[0190.116] IsAppThemed () returned 0x1
[0190.116] GetThemeAppProperties () returned 0x3
[0190.116] GetThemeAppProperties () returned 0x3
[0190.116] GetThemeBackgroundContentRect () returned 0x0
[0190.117] RestoreDC (hdc=0xc2010803, nSavedDC=-1) returned 1
[0190.117] GdipReleaseDC (graphics=0x6600030, hdc=0xc2010803) returned 0x0
[0190.117] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0190.117] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0190.117] GdipCloneRegion (region=0x66460e8, cloneRegion=0xd7e150) returned 0x0
[0190.117] GdipCombineRegionRectI (region=0x6646178, rect=0xd7e138, combineMode=0x1) returned 0x0
[0190.117] GdipCombineRegionRectI (region=0x6646178, rect=0xd7e138, combineMode=0x1) returned 0x0
[0190.117] GdipSetClipRegion (graphics=0x6600030, region=0x6646178, combineMode=0x0) returned 0x0
[0190.117] GdipGetImageWidth (image=0x66030e8, width=0xd7e154) returned 0x0
[0190.117] GdipGetImageHeight (image=0x66030e8, height=0xd7e148) returned 0x0
[0190.117] GdipDrawImageRectI (graphics=0x6600030, image=0x66030e8, x=4, y=4, width=16, height=16) returned 0x0
[0190.117] GdipSetClipRegion (graphics=0x6600030, region=0x66460e8, combineMode=0x0) returned 0x0
[0190.117] IsAppThemed () returned 0x1
[0190.117] GetThemeAppProperties () returned 0x3
[0190.117] GetThemeAppProperties () returned 0x3
[0190.117] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0190.117] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0190.118] GetCurrentObject (hdc=0xc2010803, type=0x1) returned 0xb00017
[0190.118] GetCurrentObject (hdc=0xc2010803, type=0x2) returned 0x900010
[0190.118] GetCurrentObject (hdc=0xc2010803, type=0x7) returned 0x4a0507fe
[0190.118] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.118] SaveDC (hdc=0xc2010803) returned 1
[0190.118] GetTextAlign (hdc=0xc2010803) returned 0x0
[0190.118] GetTextColor (hdc=0xc2010803) returned 0x0
[0190.118] GetCurrentObject (hdc=0xc2010803, type=0x6) returned 0x8a01c2
[0190.118] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0190.118] SelectObject (hdc=0xc2010803, h=0x6d0a0520) returned 0x8a01c2
[0190.118] GetBkMode (hdc=0xc2010803) returned 2
[0190.118] SetBkMode (hdc=0xc2010803, mode=1) returned 2
[0190.118] DrawTextExW (in: hdc=0xc2010803, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e3f8a4 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0190.119] DrawTextExW (in: hdc=0xc2010803, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e3f8a4 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0190.119] RestoreDC (hdc=0xc2010803, nSavedDC=-1) returned 1
[0190.119] GdipReleaseDC (graphics=0x6600030, hdc=0xc2010803) returned 0x0
[0190.119] GetFocus () returned 0x12013e
[0190.119] IsAppThemed () returned 0x1
[0190.119] GetThemeAppProperties () returned 0x3
[0190.119] GetThemeAppProperties () returned 0x3
[0190.119] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0190.120] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xc2010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.120] GdipReleaseDC (graphics=0x6600030, hdc=0xc2010803) returned 0x0
[0190.120] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.120] SelectObject (hdc=0xc2010803, h=0x85000f) returned 0x4a0507fe
[0190.120] DeleteDC (hdc=0xc2010803) returned 1
[0190.120] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.120] EndPaint (hWnd=0x12013e, lpPaint=0xd7e24c) returned 1
[0190.121] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.121] IsWindowUnicode (hWnd=0x1002dc) returned 1
[0190.121] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.121] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.121] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.121] BeginPaint (in: hWnd=0x1002dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0190.121] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.121] CreateCompatibleDC (hdc=0x60100ce) returned 0xc4010803
[0190.121] SelectObject (hdc=0xc4010803, h=0x4a0507fe) returned 0x85000f
[0190.121] GdipCreateFromHDC (hdc=0xc4010803, graphics=0xd7e268) returned 0x0
[0190.122] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.122] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0190.122] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0190.122] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0190.122] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0190.122] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0190.122] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0190.122] LocalFree (hMem=0x11ee788) returned 0x0
[0190.123] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0190.123] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0190.123] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0190.123] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0190.123] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0190.123] GdipRestoreGraphics (graphics=0x6600030, state=0xfb500dbd) returned 0x0
[0190.123] GdipDeleteRegion (region=0x6645098) returned 0x0
[0190.123] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0190.123] GetCurrentObject (hdc=0xc4010803, type=0x1) returned 0xb00017
[0190.123] GetCurrentObject (hdc=0xc4010803, type=0x2) returned 0x900010
[0190.123] GetCurrentObject (hdc=0xc4010803, type=0x7) returned 0x4a0507fe
[0190.123] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.123] SaveDC (hdc=0xc4010803) returned 1
[0190.123] GetNearestColor (hdc=0xc4010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.123] GetNearestColor (hdc=0xc4010803, color=0xa0a0a0) returned 0xa0a0a0
[0190.124] GetNearestColor (hdc=0xc4010803, color=0x696969) returned 0x696969
[0190.124] GetNearestColor (hdc=0xc4010803, color=0xa0a0a0) returned 0xa0a0a0
[0190.124] GetNearestColor (hdc=0xc4010803, color=0x0) returned 0x0
[0190.124] GetNearestColor (hdc=0xc4010803, color=0xffffff) returned 0xffffff
[0190.124] GetNearestColor (hdc=0xc4010803, color=0xe5e5e5) returned 0xe5e5e5
[0190.124] GetNearestColor (hdc=0xc4010803, color=0xd7d7d7) returned 0xd7d7d7
[0190.124] GetNearestColor (hdc=0xc4010803, color=0x0) returned 0x0
[0190.124] RestoreDC (hdc=0xc4010803, nSavedDC=-1) returned 1
[0190.124] GdipReleaseDC (graphics=0x6600030, hdc=0xc4010803) returned 0x0
[0190.124] IsAppThemed () returned 0x1
[0190.124] GetThemeAppProperties () returned 0x3
[0190.124] GetThemeAppProperties () returned 0x3
[0190.124] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0190.124] SendMessageW (hWnd=0x1002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0190.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0190.125] IsAppThemed () returned 0x1
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e400b4 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0190.125] IsAppThemed () returned 0x1
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] IsAppThemed () returned 0x1
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] IsAppThemed () returned 0x1
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] GetThemeAppProperties () returned 0x3
[0190.125] IsAppThemed () returned 0x1
[0190.125] GetThemeAppProperties () returned 0x3
[0190.126] GetThemeAppProperties () returned 0x3
[0190.126] IsThemePartDefined () returned 0x1
[0190.126] IsAppThemed () returned 0x1
[0190.126] GetThemeAppProperties () returned 0x3
[0190.126] GetThemeAppProperties () returned 0x3
[0190.126] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0190.126] IsAppThemed () returned 0x1
[0190.126] GetThemeAppProperties () returned 0x3
[0190.126] GetThemeAppProperties () returned 0x3
[0190.126] IsAppThemed () returned 0x1
[0190.126] GetThemeAppProperties () returned 0x3
[0190.126] GetThemeAppProperties () returned 0x3
[0190.126] IsThemePartDefined () returned 0x1
[0190.126] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0190.126] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0190.126] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0190.126] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0190.126] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfe4) returned 0x0
[0190.126] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0190.126] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0190.126] LocalFree (hMem=0x11ee868) returned 0x0
[0190.127] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.127] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0190.127] LocalFree (hMem=0x11eec58) returned 0x0
[0190.127] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0190.127] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0190.127] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0190.127] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0190.127] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0190.127] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0190.127] GetCurrentObject (hdc=0xc4010803, type=0x1) returned 0xb00017
[0190.127] GetCurrentObject (hdc=0xc4010803, type=0x2) returned 0x900010
[0190.127] GetCurrentObject (hdc=0xc4010803, type=0x7) returned 0x4a0507fe
[0190.127] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.127] SaveDC (hdc=0xc4010803) returned 1
[0190.127] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfc0407de
[0190.127] GetClipRgn (hdc=0xc4010803, hrgn=0xfc0407de) returned 0
[0190.128] SelectClipRgn (hdc=0xc4010803, hrgn=0x72040807) returned 2
[0190.128] DeleteObject (ho=0xfc0407de) returned 1
[0190.128] DeleteObject (ho=0x72040807) returned 1
[0190.128] OffsetViewportOrgEx (in: hdc=0xc4010803, x=0, y=0, lppt=0x2e40764 | out: lppt=0x2e40764) returned 1
[0190.128] DrawThemeParentBackground () returned 0x0
[0190.128] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0190.128] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0190.128] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.128] GetSystemMetrics (nIndex=42) returned 0
[0190.128] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0190.128] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0190.128] GetCurrentObject (hdc=0xc4010803, type=0x1) returned 0xb00017
[0190.128] GetCurrentObject (hdc=0xc4010803, type=0x2) returned 0x900010
[0190.128] GetCurrentObject (hdc=0xc4010803, type=0x7) returned 0x4a0507fe
[0190.129] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.129] SaveDC (hdc=0xc4010803) returned 2
[0190.129] GetNearestColor (hdc=0xc4010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.129] CreateSolidBrush (color=0xf0f0f0) returned 0xc61007e1
[0190.129] FillRect (hDC=0xc4010803, lprc=0xd7da30, hbr=0xc61007e1) returned 1
[0190.129] DeleteObject (ho=0xc61007e1) returned 1
[0190.129] RestoreDC (hdc=0xc4010803, nSavedDC=-1) returned 1
[0190.129] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.129] GetSystemMetrics (nIndex=42) returned 0
[0190.129] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0190.129] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0190.129] GetCurrentObject (hdc=0xc4010803, type=0x1) returned 0xb00017
[0190.129] GetCurrentObject (hdc=0xc4010803, type=0x2) returned 0x900010
[0190.130] GetCurrentObject (hdc=0xc4010803, type=0x7) returned 0x4a0507fe
[0190.130] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.130] SaveDC (hdc=0xc4010803) returned 2
[0190.130] GetNearestColor (hdc=0xc4010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.130] CreateSolidBrush (color=0xf0f0f0) returned 0xc71007e1
[0190.130] FillRect (hDC=0xc4010803, lprc=0xd7d9d0, hbr=0xc71007e1) returned 1
[0190.130] DeleteObject (ho=0xc71007e1) returned 1
[0190.130] RestoreDC (hdc=0xc4010803, nSavedDC=-1) returned 1
[0190.130] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.131] GetSystemMetrics (nIndex=42) returned 0
[0190.131] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0190.131] RestoreDC (hdc=0xc4010803, nSavedDC=-1) returned 1
[0190.131] GdipReleaseDC (graphics=0x6600030, hdc=0xc4010803) returned 0x0
[0190.131] IsAppThemed () returned 0x1
[0190.131] GetThemeAppProperties () returned 0x3
[0190.131] GetThemeAppProperties () returned 0x3
[0190.131] IsAppThemed () returned 0x1
[0190.131] GetThemeAppProperties () returned 0x3
[0190.131] GetThemeAppProperties () returned 0x3
[0190.131] IsThemePartDefined () returned 0x1
[0190.132] GdipCreateRegion (region=0xd7df50) returned 0x0
[0190.132] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0190.132] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0190.132] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0190.132] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0190.132] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0190.132] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0190.132] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.132] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.132] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0190.132] LocalFree (hMem=0x11eec58) returned 0x0
[0190.132] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0190.132] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df90) returned 0x0
[0190.132] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df80) returned 0x0
[0190.132] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0190.132] GdipDeleteRegion (region=0x6645518) returned 0x0
[0190.132] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0190.132] GetCurrentObject (hdc=0xc4010803, type=0x1) returned 0xb00017
[0190.133] GetCurrentObject (hdc=0xc4010803, type=0x2) returned 0x900010
[0190.133] GetCurrentObject (hdc=0xc4010803, type=0x7) returned 0x4a0507fe
[0190.133] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.133] SaveDC (hdc=0xc4010803) returned 1
[0190.133] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x73040807
[0190.133] GetClipRgn (hdc=0xc4010803, hrgn=0x73040807) returned 0
[0190.133] SelectClipRgn (hdc=0xc4010803, hrgn=0xfe0407de) returned 2
[0190.133] DeleteObject (ho=0x73040807) returned 1
[0190.133] DeleteObject (ho=0xfe0407de) returned 1
[0190.133] OffsetViewportOrgEx (in: hdc=0xc4010803, x=0, y=0, lppt=0x2e41010 | out: lppt=0x2e41010) returned 1
[0190.133] IsAppThemed () returned 0x1
[0190.133] GetThemeAppProperties () returned 0x3
[0190.133] GetThemeAppProperties () returned 0x3
[0190.133] DrawThemeBackground () returned 0x0
[0190.133] RestoreDC (hdc=0xc4010803, nSavedDC=-1) returned 1
[0190.134] GdipReleaseDC (graphics=0x6600030, hdc=0xc4010803) returned 0x0
[0190.134] GdipCreateRegion (region=0xd7df54) returned 0x0
[0190.134] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0190.134] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0190.134] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0190.134] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df6c) returned 0x0
[0190.134] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.134] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0190.134] LocalFree (hMem=0x11eec58) returned 0x0
[0190.134] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0190.134] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0190.134] LocalFree (hMem=0x11ee868) returned 0x0
[0190.134] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0190.134] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df94) returned 0x0
[0190.134] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df84) returned 0x0
[0190.134] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0190.134] GdipDeleteRegion (region=0x6645488) returned 0x0
[0190.135] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0190.135] GetCurrentObject (hdc=0xc4010803, type=0x1) returned 0xb00017
[0190.135] GetCurrentObject (hdc=0xc4010803, type=0x2) returned 0x900010
[0190.135] GetCurrentObject (hdc=0xc4010803, type=0x7) returned 0x4a0507fe
[0190.135] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.135] SaveDC (hdc=0xc4010803) returned 1
[0190.135] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff0407de
[0190.135] GetClipRgn (hdc=0xc4010803, hrgn=0xff0407de) returned 0
[0190.135] SelectClipRgn (hdc=0xc4010803, hrgn=0x74040807) returned 2
[0190.135] DeleteObject (ho=0xff0407de) returned 1
[0190.135] DeleteObject (ho=0x74040807) returned 1
[0190.135] OffsetViewportOrgEx (in: hdc=0xc4010803, x=0, y=0, lppt=0x2e412e4 | out: lppt=0x2e412e4) returned 1
[0190.135] IsAppThemed () returned 0x1
[0190.135] GetThemeAppProperties () returned 0x3
[0190.135] GetThemeAppProperties () returned 0x3
[0190.135] GetThemeBackgroundContentRect () returned 0x0
[0190.136] RestoreDC (hdc=0xc4010803, nSavedDC=-1) returned 1
[0190.136] GdipReleaseDC (graphics=0x6600030, hdc=0xc4010803) returned 0x0
[0190.136] IsAppThemed () returned 0x1
[0190.136] GetThemeAppProperties () returned 0x3
[0190.136] GetThemeAppProperties () returned 0x3
[0190.136] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0190.136] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0190.136] GetCurrentObject (hdc=0xc4010803, type=0x1) returned 0xb00017
[0190.136] GetCurrentObject (hdc=0xc4010803, type=0x2) returned 0x900010
[0190.136] GetCurrentObject (hdc=0xc4010803, type=0x7) returned 0x4a0507fe
[0190.136] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.136] SaveDC (hdc=0xc4010803) returned 1
[0190.136] GetTextAlign (hdc=0xc4010803) returned 0x0
[0190.136] GetTextColor (hdc=0xc4010803) returned 0x0
[0190.136] GetCurrentObject (hdc=0xc4010803, type=0x6) returned 0x8a01c2
[0190.136] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0190.137] SelectObject (hdc=0xc4010803, h=0x6d0a0520) returned 0x8a01c2
[0190.137] GetBkMode (hdc=0xc4010803) returned 2
[0190.137] SetBkMode (hdc=0xc4010803, mode=1) returned 2
[0190.137] DrawTextExW (in: hdc=0xc4010803, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e41684 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0190.137] DrawTextExW (in: hdc=0xc4010803, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e41684 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0190.176] RestoreDC (hdc=0xc4010803, nSavedDC=-1) returned 1
[0190.177] GdipReleaseDC (graphics=0x6600030, hdc=0xc4010803) returned 0x0
[0190.177] GetFocus () returned 0x12013e
[0190.177] IsAppThemed () returned 0x1
[0190.177] GetThemeAppProperties () returned 0x3
[0190.177] GetThemeAppProperties () returned 0x3
[0190.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0190.177] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xc4010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.177] GdipReleaseDC (graphics=0x6600030, hdc=0xc4010803) returned 0x0
[0190.177] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.177] SelectObject (hdc=0xc4010803, h=0x85000f) returned 0x4a0507fe
[0190.178] DeleteDC (hdc=0xc4010803) returned 1
[0190.178] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.178] EndPaint (hWnd=0x1002dc, lpPaint=0xd7e24c) returned 1
[0190.178] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.178] IsWindowUnicode (hWnd=0x1002de) returned 1
[0190.178] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.178] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.178] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.178] BeginPaint (in: hWnd=0x1002de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0190.178] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.179] CreateCompatibleDC (hdc=0x10105d6) returned 0xc6010803
[0190.179] SelectObject (hdc=0xc6010803, h=0x4a0507fe) returned 0x85000f
[0190.179] GdipCreateFromHDC (hdc=0xc6010803, graphics=0xd7e268) returned 0x0
[0190.179] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.179] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0190.179] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0190.179] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0190.179] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0190.179] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0190.179] LocalFree (hMem=0x11ee868) returned 0x0
[0190.179] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0190.180] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0190.180] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0190.180] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0190.180] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0190.180] GdipRestoreGraphics (graphics=0x6600030, state=0xfb4e0dbd) returned 0x0
[0190.180] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0190.180] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0190.180] GetCurrentObject (hdc=0xc6010803, type=0x1) returned 0xb00017
[0190.180] GetCurrentObject (hdc=0xc6010803, type=0x2) returned 0x900010
[0190.180] GetCurrentObject (hdc=0xc6010803, type=0x7) returned 0x4a0507fe
[0190.180] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.180] SaveDC (hdc=0xc6010803) returned 1
[0190.180] GetNearestColor (hdc=0xc6010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.180] GetNearestColor (hdc=0xc6010803, color=0xa0a0a0) returned 0xa0a0a0
[0190.180] GetNearestColor (hdc=0xc6010803, color=0x696969) returned 0x696969
[0190.180] GetNearestColor (hdc=0xc6010803, color=0xa0a0a0) returned 0xa0a0a0
[0190.181] GetNearestColor (hdc=0xc6010803, color=0x0) returned 0x0
[0190.181] GetNearestColor (hdc=0xc6010803, color=0xffffff) returned 0xffffff
[0190.181] GetNearestColor (hdc=0xc6010803, color=0xe5e5e5) returned 0xe5e5e5
[0190.181] GetNearestColor (hdc=0xc6010803, color=0xd7d7d7) returned 0xd7d7d7
[0190.181] GetNearestColor (hdc=0xc6010803, color=0x0) returned 0x0
[0190.181] RestoreDC (hdc=0xc6010803, nSavedDC=-1) returned 1
[0190.181] GdipReleaseDC (graphics=0x6600030, hdc=0xc6010803) returned 0x0
[0190.181] IsAppThemed () returned 0x1
[0190.181] GetThemeAppProperties () returned 0x3
[0190.181] GetThemeAppProperties () returned 0x3
[0190.181] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0190.181] SendMessageW (hWnd=0x1002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0190.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0190.181] IsAppThemed () returned 0x1
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e41e94 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0190.182] IsAppThemed () returned 0x1
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] IsAppThemed () returned 0x1
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] GetFocus () returned 0x12013e
[0190.182] IsAppThemed () returned 0x1
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] GetThemeAppProperties () returned 0x3
[0190.182] IsAppThemed () returned 0x1
[0190.182] GetThemeAppProperties () returned 0x3
[0190.183] GetThemeAppProperties () returned 0x3
[0190.183] IsThemePartDefined () returned 0x1
[0190.183] IsAppThemed () returned 0x1
[0190.183] GetThemeAppProperties () returned 0x3
[0190.183] GetThemeAppProperties () returned 0x3
[0190.183] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0190.183] IsAppThemed () returned 0x1
[0190.183] GetThemeAppProperties () returned 0x3
[0190.183] GetThemeAppProperties () returned 0x3
[0190.183] IsAppThemed () returned 0x1
[0190.183] GetThemeAppProperties () returned 0x3
[0190.183] GetThemeAppProperties () returned 0x3
[0190.183] IsThemePartDefined () returned 0x1
[0190.183] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0190.183] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0190.183] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0190.183] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0190.183] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0190.183] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0190.183] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.183] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0190.184] LocalFree (hMem=0x11ee788) returned 0x0
[0190.184] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0190.184] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e018) returned 0x0
[0190.184] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e008) returned 0x0
[0190.184] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0190.184] GdipDeleteRegion (region=0x6645878) returned 0x0
[0190.184] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0190.184] GetCurrentObject (hdc=0xc6010803, type=0x1) returned 0xb00017
[0190.184] GetCurrentObject (hdc=0xc6010803, type=0x2) returned 0x900010
[0190.184] GetCurrentObject (hdc=0xc6010803, type=0x7) returned 0x4a0507fe
[0190.184] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.184] SaveDC (hdc=0xc6010803) returned 1
[0190.184] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x75040807
[0190.184] GetClipRgn (hdc=0xc6010803, hrgn=0x75040807) returned 0
[0190.185] SelectClipRgn (hdc=0xc6010803, hrgn=0x30407de) returned 2
[0190.185] DeleteObject (ho=0x75040807) returned 1
[0190.185] DeleteObject (ho=0x30407de) returned 1
[0190.185] OffsetViewportOrgEx (in: hdc=0xc6010803, x=0, y=0, lppt=0x2e42544 | out: lppt=0x2e42544) returned 1
[0190.185] DrawThemeParentBackground () returned 0x0
[0190.185] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0190.185] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0190.185] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.185] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.185] GetSystemMetrics (nIndex=42) returned 0
[0190.185] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.186] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0190.186] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0190.186] GetCurrentObject (hdc=0xc6010803, type=0x1) returned 0xb00017
[0190.186] GetCurrentObject (hdc=0xc6010803, type=0x2) returned 0x900010
[0190.186] GetCurrentObject (hdc=0xc6010803, type=0x7) returned 0x4a0507fe
[0190.186] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.186] SaveDC (hdc=0xc6010803) returned 2
[0190.186] GetNearestColor (hdc=0xc6010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.186] CreateSolidBrush (color=0xf0f0f0) returned 0xc81007e1
[0190.186] FillRect (hDC=0xc6010803, lprc=0xd7da38, hbr=0xc81007e1) returned 1
[0190.186] DeleteObject (ho=0xc81007e1) returned 1
[0190.186] RestoreDC (hdc=0xc6010803, nSavedDC=-1) returned 1
[0190.186] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.186] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.187] GetSystemMetrics (nIndex=42) returned 0
[0190.187] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0190.187] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0190.187] GetCurrentObject (hdc=0xc6010803, type=0x1) returned 0xb00017
[0190.187] GetCurrentObject (hdc=0xc6010803, type=0x2) returned 0x900010
[0190.187] GetCurrentObject (hdc=0xc6010803, type=0x7) returned 0x4a0507fe
[0190.187] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.187] SaveDC (hdc=0xc6010803) returned 2
[0190.187] GetNearestColor (hdc=0xc6010803, color=0xf0f0f0) returned 0xf0f0f0
[0190.187] CreateSolidBrush (color=0xf0f0f0) returned 0xc91007e1
[0190.187] FillRect (hDC=0xc6010803, lprc=0xd7d9d8, hbr=0xc91007e1) returned 1
[0190.187] DeleteObject (ho=0xc91007e1) returned 1
[0190.187] RestoreDC (hdc=0xc6010803, nSavedDC=-1) returned 1
[0190.187] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.188] GetSystemMetrics (nIndex=42) returned 0
[0190.188] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0190.188] RestoreDC (hdc=0xc6010803, nSavedDC=-1) returned 1
[0190.188] GdipReleaseDC (graphics=0x6600030, hdc=0xc6010803) returned 0x0
[0190.188] IsAppThemed () returned 0x1
[0190.188] GetThemeAppProperties () returned 0x3
[0190.188] GetThemeAppProperties () returned 0x3
[0190.188] IsAppThemed () returned 0x1
[0190.188] GetThemeAppProperties () returned 0x3
[0190.188] GetThemeAppProperties () returned 0x3
[0190.188] IsThemePartDefined () returned 0x1
[0190.188] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0190.188] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0190.188] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0190.188] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0190.189] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0190.189] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.189] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0190.189] LocalFree (hMem=0x11eec58) returned 0x0
[0190.189] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0190.189] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0190.189] LocalFree (hMem=0x11eed00) returned 0x0
[0190.189] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0190.189] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0190.189] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0190.189] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0190.189] GdipDeleteRegion (region=0x6645998) returned 0x0
[0190.189] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0190.189] GetCurrentObject (hdc=0xc6010803, type=0x1) returned 0xb00017
[0190.189] GetCurrentObject (hdc=0xc6010803, type=0x2) returned 0x900010
[0190.189] GetCurrentObject (hdc=0xc6010803, type=0x7) returned 0x4a0507fe
[0190.189] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.190] SaveDC (hdc=0xc6010803) returned 1
[0190.190] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x40407de
[0190.190] GetClipRgn (hdc=0xc6010803, hrgn=0x40407de) returned 0
[0190.190] SelectClipRgn (hdc=0xc6010803, hrgn=0x77040807) returned 2
[0190.190] DeleteObject (ho=0x40407de) returned 1
[0190.190] DeleteObject (ho=0x77040807) returned 1
[0190.190] OffsetViewportOrgEx (in: hdc=0xc6010803, x=0, y=0, lppt=0x2e42df0 | out: lppt=0x2e42df0) returned 1
[0190.190] IsAppThemed () returned 0x1
[0190.190] GetThemeAppProperties () returned 0x3
[0190.190] GetThemeAppProperties () returned 0x3
[0190.190] DrawThemeBackground () returned 0x0
[0190.190] RestoreDC (hdc=0xc6010803, nSavedDC=-1) returned 1
[0190.190] GdipReleaseDC (graphics=0x6600030, hdc=0xc6010803) returned 0x0
[0190.190] GdipCreateRegion (region=0xd7df60) returned 0x0
[0190.190] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0190.190] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0190.191] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0190.191] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0190.191] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.191] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0190.191] LocalFree (hMem=0x11eec58) returned 0x0
[0190.191] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0190.191] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0190.191] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.191] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0190.191] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0190.191] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df90) returned 0x0
[0190.191] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0190.191] GdipDeleteRegion (region=0x6645248) returned 0x0
[0190.191] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0190.191] GetCurrentObject (hdc=0xc6010803, type=0x1) returned 0xb00017
[0190.191] GetCurrentObject (hdc=0xc6010803, type=0x2) returned 0x900010
[0190.191] GetCurrentObject (hdc=0xc6010803, type=0x7) returned 0x4a0507fe
[0190.191] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.192] SaveDC (hdc=0xc6010803) returned 1
[0190.192] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x78040807
[0190.192] GetClipRgn (hdc=0xc6010803, hrgn=0x78040807) returned 0
[0190.192] SelectClipRgn (hdc=0xc6010803, hrgn=0x50407de) returned 2
[0190.192] DeleteObject (ho=0x78040807) returned 1
[0190.192] DeleteObject (ho=0x50407de) returned 1
[0190.192] OffsetViewportOrgEx (in: hdc=0xc6010803, x=0, y=0, lppt=0x2e430c4 | out: lppt=0x2e430c4) returned 1
[0190.192] IsAppThemed () returned 0x1
[0190.192] GetThemeAppProperties () returned 0x3
[0190.192] GetThemeAppProperties () returned 0x3
[0190.192] GetThemeBackgroundContentRect () returned 0x0
[0190.192] RestoreDC (hdc=0xc6010803, nSavedDC=-1) returned 1
[0190.192] GdipReleaseDC (graphics=0x6600030, hdc=0xc6010803) returned 0x0
[0190.192] IsAppThemed () returned 0x1
[0190.192] GetThemeAppProperties () returned 0x3
[0190.192] GetThemeAppProperties () returned 0x3
[0190.193] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0190.193] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0190.193] GetCurrentObject (hdc=0xc6010803, type=0x1) returned 0xb00017
[0190.193] GetCurrentObject (hdc=0xc6010803, type=0x2) returned 0x900010
[0190.193] GetCurrentObject (hdc=0xc6010803, type=0x7) returned 0x4a0507fe
[0190.193] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.193] SaveDC (hdc=0xc6010803) returned 1
[0190.193] GetTextAlign (hdc=0xc6010803) returned 0x0
[0190.193] GetTextColor (hdc=0xc6010803) returned 0x0
[0190.193] GetCurrentObject (hdc=0xc6010803, type=0x6) returned 0x8a01c2
[0190.193] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0190.193] SelectObject (hdc=0xc6010803, h=0x6d0a0520) returned 0x8a01c2
[0190.193] GetBkMode (hdc=0xc6010803) returned 2
[0190.193] SetBkMode (hdc=0xc6010803, mode=1) returned 2
[0190.194] DrawTextExW (in: hdc=0xc6010803, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e43464 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0190.194] DrawTextExW (in: hdc=0xc6010803, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e43464 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0190.194] RestoreDC (hdc=0xc6010803, nSavedDC=-1) returned 1
[0190.194] GdipReleaseDC (graphics=0x6600030, hdc=0xc6010803) returned 0x0
[0190.194] GetFocus () returned 0x12013e
[0190.194] IsAppThemed () returned 0x1
[0190.194] GetThemeAppProperties () returned 0x3
[0190.194] GetThemeAppProperties () returned 0x3
[0190.195] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0190.195] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xc6010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.195] GdipReleaseDC (graphics=0x6600030, hdc=0xc6010803) returned 0x0
[0190.195] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.195] SelectObject (hdc=0xc6010803, h=0x85000f) returned 0x4a0507fe
[0190.195] DeleteDC (hdc=0xc6010803) returned 1
[0190.195] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.195] EndPaint (hWnd=0x1002de, lpPaint=0xd7e24c) returned 1
[0190.195] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.195] IsWindowUnicode (hWnd=0x602c4) returned 1
[0190.195] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.196] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.196] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.196] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0190.196] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.196] CreateCompatibleDC (hdc=0x107b9) returned 0xc8010803
[0190.196] SelectObject (hdc=0xc8010803, h=0x4a0507fe) returned 0x85000f
[0190.196] GdipCreateFromHDC (hdc=0xc8010803, graphics=0xd7e268) returned 0x0
[0190.196] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.196] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0190.196] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0190.196] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0190.196] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2c8) returned 0x0
[0190.197] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0190.197] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0190.197] LocalFree (hMem=0x11ee868) returned 0x0
[0190.197] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0190.197] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0190.197] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0190.197] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0190.197] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0190.197] GdipRestoreGraphics (graphics=0x6600030, state=0xfb4c0dbd) returned 0x0
[0190.197] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0190.197] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0190.197] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0190.197] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0190.197] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0190.197] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0190.197] SaveDC (hdc=0xc8010803) returned 1
[0190.198] GetNearestColor (hdc=0xc8010803, color=0xff) returned 0xff
[0190.198] GetNearestColor (hdc=0xc8010803, color=0x55) returned 0x55
[0190.198] GetNearestColor (hdc=0xc8010803, color=0x0) returned 0x0
[0190.198] GetNearestColor (hdc=0xc8010803, color=0x55) returned 0x55
[0190.198] GetNearestColor (hdc=0xc8010803, color=0x0) returned 0x0
[0190.198] GetNearestColor (hdc=0xc8010803, color=0x8080ff) returned 0x8080ff
[0190.198] GetNearestColor (hdc=0xc8010803, color=0x7373e5) returned 0x7373e5
[0190.198] GetNearestColor (hdc=0xc8010803, color=0xe5) returned 0xe5
[0190.198] GetNearestColor (hdc=0xc8010803, color=0x0) returned 0x0
[0190.198] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0190.198] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0190.198] IsAppThemed () returned 0x1
[0190.198] GetThemeAppProperties () returned 0x3
[0190.198] GetThemeAppProperties () returned 0x3
[0190.199] IsAppThemed () returned 0x1
[0190.199] GetThemeAppProperties () returned 0x3
[0190.199] GetThemeAppProperties () returned 0x3
[0190.199] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e43c2c | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0190.199] IsAppThemed () returned 0x1
[0190.199] GetThemeAppProperties () returned 0x3
[0190.199] GetThemeAppProperties () returned 0x3
[0190.199] IsAppThemed () returned 0x1
[0190.199] GetThemeAppProperties () returned 0x3
[0190.199] GetThemeAppProperties () returned 0x3
[0190.199] GetFocus () returned 0x12013e
[0190.199] IsAppThemed () returned 0x1
[0190.199] GetThemeAppProperties () returned 0x3
[0190.199] GetThemeAppProperties () returned 0x3
[0190.200] IsAppThemed () returned 0x1
[0190.200] GetThemeAppProperties () returned 0x3
[0190.200] GetThemeAppProperties () returned 0x3
[0190.200] IsThemePartDefined () returned 0x1
[0190.200] IsAppThemed () returned 0x1
[0190.200] GetThemeAppProperties () returned 0x3
[0190.200] GetThemeAppProperties () returned 0x3
[0190.200] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0190.200] IsAppThemed () returned 0x1
[0190.207] GetThemeAppProperties () returned 0x3
[0190.207] GetThemeAppProperties () returned 0x3
[0190.207] IsAppThemed () returned 0x1
[0190.207] GetThemeAppProperties () returned 0x3
[0190.207] GetThemeAppProperties () returned 0x3
[0190.207] IsThemePartDefined () returned 0x1
[0190.207] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0190.207] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0190.207] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0190.207] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0190.207] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0190.207] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0190.207] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0190.207] LocalFree (hMem=0x11ee788) returned 0x0
[0190.207] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.207] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0190.207] LocalFree (hMem=0x11eec58) returned 0x0
[0190.207] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0190.207] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e018) returned 0x0
[0190.208] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e008) returned 0x0
[0190.208] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0190.208] GdipDeleteRegion (region=0x6645098) returned 0x0
[0190.208] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0190.208] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0190.208] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0190.208] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0190.208] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0190.208] SaveDC (hdc=0xc8010803) returned 1
[0190.208] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x60407de
[0190.208] GetClipRgn (hdc=0xc8010803, hrgn=0x60407de) returned 0
[0190.208] SelectClipRgn (hdc=0xc8010803, hrgn=0x7c040807) returned 2
[0190.208] DeleteObject (ho=0x60407de) returned 1
[0190.208] DeleteObject (ho=0x7c040807) returned 1
[0190.208] OffsetViewportOrgEx (in: hdc=0xc8010803, x=0, y=0, lppt=0x2e442dc | out: lppt=0x2e442dc) returned 1
[0190.209] DrawThemeParentBackground () returned 0x0
[0190.209] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0190.209] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0190.209] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0190.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.209] GetSystemMetrics (nIndex=42) returned 0
[0190.209] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0190.209] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0190.209] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0190.209] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0190.209] SelectPalette (hdc=0xc8010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.209] GdipCreateFromHDC (hdc=0xc8010803, graphics=0xd7dac8) returned 0x0
[0190.210] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0190.210] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0190.210] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638c98) returned 0x0
[0190.210] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7daa0) returned 0x0
[0190.210] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0190.210] GdipCreateRegion (region=0xd7da88) returned 0x0
[0190.210] GdipGetClip (graphics=0x664e330, region=0x6645cf8) returned 0x0
[0190.210] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x664e330, result=0xd7da94) returned 0x0
[0190.210] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0190.210] GdipSaveGraphics (graphics=0x664e330, state=0xd7dac0) returned 0x0
[0190.210] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0190.245] GdipFillRectangleI (graphics=0x664e330, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0190.245] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0190.254] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0190.254] SelectPalette (hdc=0xc8010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.254] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0190.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.254] GetSystemMetrics (nIndex=42) returned 0
[0190.254] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0190.254] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0190.254] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0190.254] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0190.254] SelectPalette (hdc=0xc8010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.254] GdipCreateFromHDC (hdc=0xc8010803, graphics=0xd7da68) returned 0x0
[0190.255] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0190.255] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0190.255] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638db8) returned 0x0
[0190.255] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7da40) returned 0x0
[0190.255] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0190.255] GdipCreateRegion (region=0xd7da28) returned 0x0
[0190.255] GdipGetClip (graphics=0x664e330, region=0x6645ea8) returned 0x0
[0190.255] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x664e330, result=0xd7da34) returned 0x0
[0190.255] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0190.255] GdipSaveGraphics (graphics=0x664e330, state=0xd7da60) returned 0x0
[0190.255] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0190.266] GdipFillRectangleI (graphics=0x664e330, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0190.266] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0190.267] GdipRestoreGraphics (graphics=0x664e330, state=0xfb480dbd) returned 0x0
[0190.267] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0190.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.267] GetSystemMetrics (nIndex=42) returned 0
[0190.268] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0190.268] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0190.268] SelectPalette (hdc=0xc8010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.268] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0190.268] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0190.268] IsAppThemed () returned 0x1
[0190.268] GetThemeAppProperties () returned 0x3
[0190.268] GetThemeAppProperties () returned 0x3
[0190.268] IsAppThemed () returned 0x1
[0190.268] GetThemeAppProperties () returned 0x3
[0190.268] GetThemeAppProperties () returned 0x3
[0190.268] IsThemePartDefined () returned 0x1
[0190.268] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0190.269] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0190.269] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0190.269] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0190.269] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0190.269] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0190.269] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0190.269] LocalFree (hMem=0x11ee788) returned 0x0
[0190.269] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0190.269] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0190.269] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.269] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0190.269] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0190.269] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0190.269] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0190.269] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0190.269] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0190.269] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0190.270] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0190.270] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0190.270] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0190.270] SaveDC (hdc=0xc8010803) returned 1
[0190.270] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7d040807
[0190.270] GetClipRgn (hdc=0xc8010803, hrgn=0x7d040807) returned 0
[0190.270] SelectClipRgn (hdc=0xc8010803, hrgn=0x80407de) returned 2
[0190.270] DeleteObject (ho=0x7d040807) returned 1
[0190.270] DeleteObject (ho=0x80407de) returned 1
[0190.270] OffsetViewportOrgEx (in: hdc=0xc8010803, x=0, y=0, lppt=0x2e4ab2c | out: lppt=0x2e4ab2c) returned 1
[0190.270] IsAppThemed () returned 0x1
[0190.270] GetThemeAppProperties () returned 0x3
[0190.270] GetThemeAppProperties () returned 0x3
[0190.270] DrawThemeBackground () returned 0x0
[0190.270] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0190.271] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0190.271] GdipCreateRegion (region=0xd7df60) returned 0x0
[0190.271] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0190.271] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0190.271] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0190.271] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0190.271] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.271] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0190.271] LocalFree (hMem=0x11eec58) returned 0x0
[0190.271] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.271] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0190.271] LocalFree (hMem=0x11eec58) returned 0x0
[0190.271] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0190.271] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0190.271] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0190.271] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0190.271] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0190.272] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0190.272] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0190.272] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0190.272] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0190.272] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0190.272] SaveDC (hdc=0xc8010803) returned 1
[0190.272] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90407de
[0190.272] GetClipRgn (hdc=0xc8010803, hrgn=0x90407de) returned 0
[0190.272] SelectClipRgn (hdc=0xc8010803, hrgn=0x7e040807) returned 2
[0190.272] DeleteObject (ho=0x90407de) returned 1
[0190.272] DeleteObject (ho=0x7e040807) returned 1
[0190.272] OffsetViewportOrgEx (in: hdc=0xc8010803, x=0, y=0, lppt=0x2e4ae00 | out: lppt=0x2e4ae00) returned 1
[0190.272] IsAppThemed () returned 0x1
[0190.272] GetThemeAppProperties () returned 0x3
[0190.272] GetThemeAppProperties () returned 0x3
[0190.272] GetThemeBackgroundContentRect () returned 0x0
[0190.272] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0190.273] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0190.273] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0190.273] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0190.273] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0190.273] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0190.273] IsAppThemed () returned 0x1
[0190.273] GetThemeAppProperties () returned 0x3
[0190.273] GetThemeAppProperties () returned 0x3
[0190.273] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0190.273] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0190.273] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0190.273] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0190.273] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0190.273] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0190.273] SaveDC (hdc=0xc8010803) returned 1
[0190.273] GetTextAlign (hdc=0xc8010803) returned 0x0
[0190.273] GetTextColor (hdc=0xc8010803) returned 0x0
[0190.273] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0190.273] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0190.274] SelectObject (hdc=0xc8010803, h=0x6d0a0520) returned 0x8a01c2
[0190.274] GetBkMode (hdc=0xc8010803) returned 2
[0190.274] SetBkMode (hdc=0xc8010803, mode=1) returned 2
[0190.274] DrawTextExW (in: hdc=0xc8010803, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e4b1c4 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0190.274] DrawTextExW (in: hdc=0xc8010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e4b1c4 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0190.275] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0190.275] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0190.275] GetFocus () returned 0x12013e
[0190.275] IsAppThemed () returned 0x1
[0190.275] GetThemeAppProperties () returned 0x3
[0190.275] GetThemeAppProperties () returned 0x3
[0190.275] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0190.275] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xc8010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.275] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0190.275] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.275] SelectObject (hdc=0xc8010803, h=0x85000f) returned 0x4a0507fe
[0190.275] DeleteDC (hdc=0xc8010803) returned 1
[0190.276] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.276] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0190.276] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.276] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.276] IsWindowUnicode (hWnd=0x1002dc) returned 1
[0190.276] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.276] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.276] GetDlgItem (hDlg=0x1002da, nIDDlgItem=0) returned 0x0
[0190.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x210, wParam=0x201, lParam=0x690109) returned 0x0
[0190.277] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x21, wParam=0x1002da, lParam=0x2010001) returned 0x1
[0190.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x21, wParam=0x1002da, lParam=0x2010001) returned 0x1
[0190.277] SetCursor (hCursor=0x10003) returned 0x10003
[0190.277] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.277] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.277] GetKeyState (nVirtKey=1) returned -127
[0190.277] GetKeyState (nVirtKey=2) returned 0
[0190.277] GetKeyState (nVirtKey=4) returned 0
[0190.277] GetKeyState (nVirtKey=5) returned 0
[0190.277] GetKeyState (nVirtKey=6) returned 0
[0190.277] IsWindowVisible (hWnd=0x1002dc) returned 1
[0190.277] IsWindowEnabled (hWnd=0x1002dc) returned 1
[0190.277] SetFocus (hWnd=0x1002dc) returned 0x12013e
[0190.278] GetFocus () returned 0x1002dc
[0190.278] IsChild (hWndParent=0x1002da, hWnd=0x1002dc) returned 1
[0190.278] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x8, wParam=0x1002dc, lParam=0x0) returned 0x0
[0190.278] GetCapture () returned 0x0
[0190.278] InvalidateRect (hWnd=0x12013e, lpRect=0x0, bErase=0) returned 1
[0190.285] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0190.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0190.288] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0190.288] InvalidateRect (hWnd=0x12013e, lpRect=0x0, bErase=0) returned 1
[0190.288] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x7, wParam=0x12013e, lParam=0x0) returned 0x0
[0190.289] GetStockObject (i=5) returned 0x900015
[0190.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0190.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0190.289] GetDlgItem (hDlg=0x1002da, nIDDlgItem=1049308) returned 0x1002dc
[0190.289] SendMessageW (hWnd=0x1002dc, Msg=0x202b, wParam=0x1002dc, lParam=0xd7dddc) returned 0x0
[0190.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x202b, wParam=0x1002dc, lParam=0xd7dddc) returned 0x0
[0190.289] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.291] GetFocus () returned 0x1002dc
[0190.292] GetFocus () returned 0x1002dc
[0190.292] GetFocus () returned 0x1002dc
[0190.292] GetKeyState (nVirtKey=1) returned -127
[0190.292] GetKeyState (nVirtKey=2) returned 0
[0190.292] GetKeyState (nVirtKey=4) returned 0
[0190.292] GetKeyState (nVirtKey=5) returned 0
[0190.292] GetKeyState (nVirtKey=6) returned 0
[0190.292] GetCapture () returned 0x0
[0190.292] SetCapture (hWnd=0x1002dc) returned 0x0
[0190.292] GetKeyState (nVirtKey=1) returned -127
[0190.292] GetKeyState (nVirtKey=2) returned 0
[0190.292] GetKeyState (nVirtKey=4) returned 0
[0190.292] GetKeyState (nVirtKey=5) returned 0
[0190.292] GetKeyState (nVirtKey=6) returned 0
[0190.292] NotifyWinEvent (event=0x800a, hwnd=0x1002dc, idObject=-4, idChild=0)
[0190.292] InvalidateRect (hWnd=0x1002dc, lpRect=0xd7e430, bErase=0) returned 1
[0190.292] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.292] IsWindowUnicode (hWnd=0x1002dc) returned 1
[0190.292] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.293] TranslateMessage (lpMsg=0xd7e808) returned 0
[0190.293] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0190.293] MapWindowPoints (in: hWndFrom=0x1002dc, hWndTo=0x0, lpPoints=0x2e4b3b4, cPoints=0x1 | out: lpPoints=0x2e4b3b4) returned 30999254
[0190.293] NotifyWinEvent (event=0x800a, hwnd=0x1002dc, idObject=-4, idChild=0)
[0190.293] InvalidateRect (hWnd=0x1002dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0190.293] UpdateWindow (hWnd=0x1002dc) returned 1
[0190.293] BeginPaint (in: hWnd=0x1002dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0190.293] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.293] CreateCompatibleDC (hdc=0x60100ce) returned 0xa40107da
[0190.293] SelectObject (hdc=0xa40107da, h=0x4a0507fe) returned 0x85000f
[0190.293] GdipCreateFromHDC (hdc=0xa40107da, graphics=0xd7df00) returned 0x0
[0190.294] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.294] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0190.297] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0190.297] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0190.297] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df60) returned 0x0
[0190.297] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0190.297] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eead0) returned 0x0
[0190.297] LocalFree (hMem=0x11eead0) returned 0x0
[0190.297] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0190.298] GdipCreateRegion (region=0xd7df48) returned 0x0
[0190.298] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0190.298] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df54) returned 0x0
[0190.298] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0190.298] GdipRestoreGraphics (graphics=0x6600030, state=0xfb460dbd) returned 0x0
[0190.298] GdipDeleteRegion (region=0x6645758) returned 0x0
[0190.298] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0190.298] GetCurrentObject (hdc=0xa40107da, type=0x1) returned 0xb00017
[0190.298] GetCurrentObject (hdc=0xa40107da, type=0x2) returned 0x900010
[0190.298] GetCurrentObject (hdc=0xa40107da, type=0x7) returned 0x4a0507fe
[0190.298] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.298] SaveDC (hdc=0xa40107da) returned 1
[0190.298] GetNearestColor (hdc=0xa40107da, color=0xf0f0f0) returned 0xf0f0f0
[0190.298] GetNearestColor (hdc=0xa40107da, color=0xa0a0a0) returned 0xa0a0a0
[0190.298] GetNearestColor (hdc=0xa40107da, color=0x696969) returned 0x696969
[0190.299] GetNearestColor (hdc=0xa40107da, color=0xa0a0a0) returned 0xa0a0a0
[0190.299] GetNearestColor (hdc=0xa40107da, color=0x0) returned 0x0
[0190.299] GetNearestColor (hdc=0xa40107da, color=0xffffff) returned 0xffffff
[0190.299] GetNearestColor (hdc=0xa40107da, color=0xe5e5e5) returned 0xe5e5e5
[0190.299] GetNearestColor (hdc=0xa40107da, color=0xd7d7d7) returned 0xd7d7d7
[0190.299] GetNearestColor (hdc=0xa40107da, color=0x0) returned 0x0
[0190.299] RestoreDC (hdc=0xa40107da, nSavedDC=-1) returned 1
[0190.299] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107da) returned 0x0
[0190.299] IsAppThemed () returned 0x1
[0190.299] GetThemeAppProperties () returned 0x3
[0190.299] GetThemeAppProperties () returned 0x3
[0190.299] IsAppThemed () returned 0x1
[0190.299] GetThemeAppProperties () returned 0x3
[0190.299] GetThemeAppProperties () returned 0x3
[0190.300] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e4bb0c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0190.300] IsAppThemed () returned 0x1
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] IsAppThemed () returned 0x1
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] IsAppThemed () returned 0x1
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] IsAppThemed () returned 0x1
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] GetThemeAppProperties () returned 0x3
[0190.300] IsThemePartDefined () returned 0x1
[0190.300] IsAppThemed () returned 0x1
[0190.301] GetThemeAppProperties () returned 0x3
[0190.301] GetThemeAppProperties () returned 0x3
[0190.301] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0190.301] IsAppThemed () returned 0x1
[0190.301] GetThemeAppProperties () returned 0x3
[0190.301] GetThemeAppProperties () returned 0x3
[0190.301] IsAppThemed () returned 0x1
[0190.301] GetThemeAppProperties () returned 0x3
[0190.301] GetThemeAppProperties () returned 0x3
[0190.301] IsThemePartDefined () returned 0x1
[0190.301] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0190.301] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0190.301] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0190.301] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0190.301] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc7c) returned 0x0
[0190.301] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0190.301] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eed00) returned 0x0
[0190.301] LocalFree (hMem=0x11eed00) returned 0x0
[0190.301] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.301] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0190.301] LocalFree (hMem=0x11eec58) returned 0x0
[0190.302] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0190.302] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0190.302] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0190.302] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0190.302] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0190.302] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0190.302] GetCurrentObject (hdc=0xa40107da, type=0x1) returned 0xb00017
[0190.302] GetCurrentObject (hdc=0xa40107da, type=0x2) returned 0x900010
[0190.302] GetCurrentObject (hdc=0xa40107da, type=0x7) returned 0x4a0507fe
[0190.302] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.302] SaveDC (hdc=0xa40107da) returned 1
[0190.302] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7f040807
[0190.302] GetClipRgn (hdc=0xa40107da, hrgn=0x7f040807) returned 0
[0190.302] SelectClipRgn (hdc=0xa40107da, hrgn=0xd0407de) returned 2
[0190.302] DeleteObject (ho=0x7f040807) returned 1
[0190.303] DeleteObject (ho=0xd0407de) returned 1
[0190.303] OffsetViewportOrgEx (in: hdc=0xa40107da, x=0, y=0, lppt=0x2e4c1bc | out: lppt=0x2e4c1bc) returned 1
[0190.303] DrawThemeParentBackground () returned 0x0
[0190.303] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0190.303] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0190.303] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.303] GetSystemMetrics (nIndex=42) returned 0
[0190.303] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0190.303] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0190.303] GetCurrentObject (hdc=0xa40107da, type=0x1) returned 0xb00017
[0190.303] GetCurrentObject (hdc=0xa40107da, type=0x2) returned 0x900010
[0190.303] GetCurrentObject (hdc=0xa40107da, type=0x7) returned 0x4a0507fe
[0190.303] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.304] SaveDC (hdc=0xa40107da) returned 2
[0190.304] GetNearestColor (hdc=0xa40107da, color=0xf0f0f0) returned 0xf0f0f0
[0190.304] CreateSolidBrush (color=0xf0f0f0) returned 0xca1007e1
[0190.304] FillRect (hDC=0xa40107da, lprc=0xd7d6c8, hbr=0xca1007e1) returned 1
[0190.304] DeleteObject (ho=0xca1007e1) returned 1
[0190.304] RestoreDC (hdc=0xa40107da, nSavedDC=-1) returned 1
[0190.304] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.304] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.304] GetSystemMetrics (nIndex=42) returned 0
[0190.304] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.304] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0190.304] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0190.304] GetCurrentObject (hdc=0xa40107da, type=0x1) returned 0xb00017
[0190.304] GetCurrentObject (hdc=0xa40107da, type=0x2) returned 0x900010
[0190.304] GetCurrentObject (hdc=0xa40107da, type=0x7) returned 0x4a0507fe
[0190.304] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.305] SaveDC (hdc=0xa40107da) returned 2
[0190.305] GetNearestColor (hdc=0xa40107da, color=0xf0f0f0) returned 0xf0f0f0
[0190.305] CreateSolidBrush (color=0xf0f0f0) returned 0xcb1007e1
[0190.305] FillRect (hDC=0xa40107da, lprc=0xd7d668, hbr=0xcb1007e1) returned 1
[0190.305] DeleteObject (ho=0xcb1007e1) returned 1
[0190.305] RestoreDC (hdc=0xa40107da, nSavedDC=-1) returned 1
[0190.305] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.305] GetSystemMetrics (nIndex=42) returned 0
[0190.305] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0190.305] RestoreDC (hdc=0xa40107da, nSavedDC=-1) returned 1
[0190.305] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107da) returned 0x0
[0190.306] IsAppThemed () returned 0x1
[0190.306] GetThemeAppProperties () returned 0x3
[0190.306] GetThemeAppProperties () returned 0x3
[0190.306] IsAppThemed () returned 0x1
[0190.306] GetThemeAppProperties () returned 0x3
[0190.306] GetThemeAppProperties () returned 0x3
[0190.306] IsThemePartDefined () returned 0x1
[0190.306] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0190.306] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0190.306] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0190.306] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0190.306] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc00) returned 0x0
[0190.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0190.306] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0190.306] LocalFree (hMem=0x11eec58) returned 0x0
[0190.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0190.306] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eed00) returned 0x0
[0190.306] LocalFree (hMem=0x11eed00) returned 0x0
[0190.306] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0190.307] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0190.307] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0190.307] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0190.307] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0190.307] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0190.307] GetCurrentObject (hdc=0xa40107da, type=0x1) returned 0xb00017
[0190.307] GetCurrentObject (hdc=0xa40107da, type=0x2) returned 0x900010
[0190.307] GetCurrentObject (hdc=0xa40107da, type=0x7) returned 0x4a0507fe
[0190.307] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.307] SaveDC (hdc=0xa40107da) returned 1
[0190.307] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe0407de
[0190.307] GetClipRgn (hdc=0xa40107da, hrgn=0xe0407de) returned 0
[0190.307] SelectClipRgn (hdc=0xa40107da, hrgn=0x81040807) returned 2
[0190.307] DeleteObject (ho=0xe0407de) returned 1
[0190.307] DeleteObject (ho=0x81040807) returned 1
[0190.307] OffsetViewportOrgEx (in: hdc=0xa40107da, x=0, y=0, lppt=0x2e4ca68 | out: lppt=0x2e4ca68) returned 1
[0190.308] IsAppThemed () returned 0x1
[0190.308] GetThemeAppProperties () returned 0x3
[0190.308] GetThemeAppProperties () returned 0x3
[0190.308] DrawThemeBackground () returned 0x0
[0190.308] RestoreDC (hdc=0xa40107da, nSavedDC=-1) returned 1
[0190.308] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107da) returned 0x0
[0190.308] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0190.308] GdipGetClip (graphics=0x6600030, region=0x6645b48) returned 0x0
[0190.308] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0190.308] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0190.308] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc04) returned 0x0
[0190.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0190.308] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0190.308] LocalFree (hMem=0x11ee788) returned 0x0
[0190.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0190.308] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0190.309] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.309] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0190.309] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0190.309] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0190.309] GdipGetRegionHRgn (region=0x6645b48, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0190.309] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0190.309] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0190.309] GetCurrentObject (hdc=0xa40107da, type=0x1) returned 0xb00017
[0190.309] GetCurrentObject (hdc=0xa40107da, type=0x2) returned 0x900010
[0190.309] GetCurrentObject (hdc=0xa40107da, type=0x7) returned 0x4a0507fe
[0190.309] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.309] SaveDC (hdc=0xa40107da) returned 1
[0190.315] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x82040807
[0190.315] GetClipRgn (hdc=0xa40107da, hrgn=0x82040807) returned 0
[0190.315] SelectClipRgn (hdc=0xa40107da, hrgn=0xf0407de) returned 2
[0190.315] DeleteObject (ho=0x82040807) returned 1
[0190.315] DeleteObject (ho=0xf0407de) returned 1
[0190.315] OffsetViewportOrgEx (in: hdc=0xa40107da, x=0, y=0, lppt=0x2e4cd3c | out: lppt=0x2e4cd3c) returned 1
[0190.315] IsAppThemed () returned 0x1
[0190.315] GetThemeAppProperties () returned 0x3
[0190.315] GetThemeAppProperties () returned 0x3
[0190.315] GetThemeBackgroundContentRect () returned 0x0
[0190.315] RestoreDC (hdc=0xa40107da, nSavedDC=-1) returned 1
[0190.315] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107da) returned 0x0
[0190.316] IsAppThemed () returned 0x1
[0190.316] GetThemeAppProperties () returned 0x3
[0190.316] GetThemeAppProperties () returned 0x3
[0190.316] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0190.316] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0190.316] GetCurrentObject (hdc=0xa40107da, type=0x1) returned 0xb00017
[0190.316] GetCurrentObject (hdc=0xa40107da, type=0x2) returned 0x900010
[0190.316] GetCurrentObject (hdc=0xa40107da, type=0x7) returned 0x4a0507fe
[0190.316] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.316] SaveDC (hdc=0xa40107da) returned 1
[0190.316] GetTextAlign (hdc=0xa40107da) returned 0x0
[0190.316] GetTextColor (hdc=0xa40107da) returned 0x0
[0190.316] GetCurrentObject (hdc=0xa40107da, type=0x6) returned 0x8a01c2
[0190.316] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0190.317] SelectObject (hdc=0xa40107da, h=0x6d0a0520) returned 0x8a01c2
[0190.317] GetBkMode (hdc=0xa40107da) returned 2
[0190.317] SetBkMode (hdc=0xa40107da, mode=1) returned 2
[0190.317] DrawTextExW (in: hdc=0xa40107da, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e4d0dc | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0190.317] DrawTextExW (in: hdc=0xa40107da, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e4d0dc | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0190.317] RestoreDC (hdc=0xa40107da, nSavedDC=-1) returned 1
[0190.318] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107da) returned 0x0
[0190.318] GetFocus () returned 0x1002dc
[0190.318] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0190.318] SendMessageW (hWnd=0x1002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0190.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0190.318] IsAppThemed () returned 0x1
[0190.318] GetThemeAppProperties () returned 0x3
[0190.318] GetThemeAppProperties () returned 0x3
[0190.318] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0190.318] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xa40107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.318] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107da) returned 0x0
[0190.318] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.318] SelectObject (hdc=0xa40107da, h=0x85000f) returned 0x4a0507fe
[0190.318] DeleteDC (hdc=0xa40107da) returned 1
[0190.319] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.319] EndPaint (hWnd=0x1002dc, lpPaint=0xd7dee4) returned 1
[0190.319] MapWindowPoints (in: hWndFrom=0x1002dc, hWndTo=0x0, lpPoints=0x2e4d1d8, cPoints=0x1 | out: lpPoints=0x2e4d1d8) returned 30999254
[0190.319] WindowFromPoint (Point=0x2fe) returned 0x1002dc
[0190.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.319] NotifyWinEvent (event=0x800a, hwnd=0x1002dc, idObject=-4, idChild=0)
[0190.319] NotifyWinEvent (event=0x800c, hwnd=0x1002dc, idObject=-4, idChild=0)
[0190.319] GetCapture () returned 0x1002dc
[0190.319] ReleaseCapture () returned 1
[0190.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0190.320] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0190.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.320] IsWindow (hWnd=0x7005c) returned 1
[0190.320] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0190.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0190.321] IsWindow (hWnd=0x1002da) returned 1
[0190.321] SetActiveWindow (hWnd=0x1002da) returned 0x1002da
[0190.321] IsWindow (hWnd=0x1002da) returned 1
[0190.321] SetFocus (hWnd=0x1002da) returned 0x1002dc
[0190.322] GetFocus () returned 0x1002da
[0190.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x8, wParam=0x1002da, lParam=0x0) returned 0x0
[0190.322] GetCapture () returned 0x0
[0190.322] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0190.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0190.327] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0190.327] GetFocus () returned 0x1002da
[0190.327] SetFocus (hWnd=0x1002dc) returned 0x1002da
[0190.327] GetFocus () returned 0x1002dc
[0190.328] IsChild (hWndParent=0x1002da, hWnd=0x1002dc) returned 1
[0190.328] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x8, wParam=0x1002dc, lParam=0x0) returned 0x0
[0190.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0190.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0190.332] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0190.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x7, wParam=0x1002da, lParam=0x0) returned 0x0
[0190.332] GetStockObject (i=5) returned 0x900015
[0190.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0190.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0190.332] GetDlgItem (hDlg=0x1002da, nIDDlgItem=1049308) returned 0x1002dc
[0190.332] SendMessageW (hWnd=0x1002dc, Msg=0x202b, wParam=0x1002dc, lParam=0xd7ddcc) returned 0x0
[0190.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x202b, wParam=0x1002dc, lParam=0xd7ddcc) returned 0x0
[0190.332] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.335] GetWindowLongW (hWnd=0x1002da, nIndex=-8) returned 458844
[0190.335] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0190.335] GetCurrentThreadId () returned 0xf50
[0190.335] IsWindow (hWnd=0x7005c) returned 1
[0190.335] IsWindow (hWnd=0x7005c) returned 1
[0190.335] IsWindowVisible (hWnd=0x7005c) returned 1
[0190.335] SetActiveWindow (hWnd=0x7005c) returned 0x1002da
[0190.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0190.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0190.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0190.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0190.339] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0190.339] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0190.340] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0190.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0190.340] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0190.340] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0190.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0190.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0190.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0190.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1002da) returned 0x1
[0190.350] GetFocus () returned 0x1002dc
[0190.350] SetFocus (hWnd=0x602c4) returned 0x1002dc
[0190.351] GetFocus () returned 0x602c4
[0190.351] IsChild (hWndParent=0x1002da, hWnd=0x602c4) returned 0
[0190.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0190.351] GetCapture () returned 0x0
[0190.351] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0190.353] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0190.355] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0190.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0190.355] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0190.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0190.356] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0190.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1002dc, lParam=0x0) returned 0x0
[0190.356] GetStockObject (i=5) returned 0x900015
[0190.363] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0190.363] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed878) returned 0xc
[0190.363] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0190.363] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0190.364] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0190.364] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0190.369] GetFocus () returned 0x602c4
[0190.369] IsChild (hWndParent=0x1002da, hWnd=0x602c4) returned 0
[0190.369] ShowWindow (hWnd=0x1002da, nCmdShow=0) returned 1
[0190.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0190.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0190.371] GetWindowPlacement (in: hWnd=0x1002da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0190.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0190.371] GetClientRect (in: hWnd=0x1002da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0190.371] GetWindowRect (in: hWnd=0x1002da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0190.373] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0190.373] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0190.373] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0190.373] GetWindowLongW (hWnd=0x1002da, nIndex=-20) returned 327945
[0190.374] DestroyWindow (hWnd=0x1002da) returned 1
[0190.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0190.375] GetWindowTextLengthW (hWnd=0x1002da) returned 13
[0190.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.375] GetSystemMetrics (nIndex=42) returned 0
[0190.375] GetWindowTextW (in: hWnd=0x1002da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0190.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0190.375] GetWindowTextLengthW (hWnd=0xe005a) returned 0
[0190.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0190.375] GetSystemMetrics (nIndex=42) returned 0
[0190.375] GetWindowTextW (in: hWnd=0xe005a, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0190.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0190.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0190.375] GetWindowThreadProcessId (in: hWnd=0x1102d2, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0190.375] GetWindow (hWnd=0x1102d2, uCmd=0x5) returned 0x0
[0190.375] GetWindowLongW (hWnd=0x1102d2, nIndex=-20) returned 65792
[0190.375] DestroyWindow (hWnd=0x1102d2) returned 1
[0190.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0190.376] GetWindowTextLengthW (hWnd=0x1102d2) returned 25
[0190.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0190.376] GetSystemMetrics (nIndex=42) returned 0
[0190.376] GetWindowTextW (in: hWnd=0x1102d2, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0190.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0190.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0190.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d2, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.377] GetWindowTextLengthW (hWnd=0x1202d8) returned 232
[0190.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0190.377] GetSystemMetrics (nIndex=42) returned 0
[0190.377] GetWindowTextW (in: hWnd=0x1202d8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0190.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0190.378] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0190.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0190.378] InvalidateRect (hWnd=0x1002dc, lpRect=0x0, bErase=0) returned 1
[0190.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0190.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0190.378] SendMessageW (hWnd=0x1300ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0190.378] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0190.378] SendMessageW (hWnd=0x1300ea, Msg=0xb0, wParam=0x2e190fc, lParam=0xd7e480) returned 0x0
[0190.378] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0xb0, wParam=0x2e190fc, lParam=0xd7e480) returned 0x0
[0190.378] GetWindowTextLengthW (hWnd=0x1300ea) returned 4363
[0190.378] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0190.378] GetSystemMetrics (nIndex=42) returned 0
[0190.379] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0190.379] GetWindowTextW (in: hWnd=0x1300ea, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0190.379] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0190.379] CoTaskMemFree (pv=0x11fff70)
[0190.380] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0190.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe005a, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.383] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x12013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.386] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.387] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1300ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0190.457] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.457] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.457] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.458] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.458] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.458] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.458] IsWindowUnicode (hWnd=0x7005c) returned 1
[0190.458] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.458] SetCursor (hCursor=0x10003) returned 0x10003
[0190.459] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.459] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.459] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0190.459] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0190.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0190.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0240) returned 0x0
[0190.459] GetKeyState (nVirtKey=1) returned 1
[0190.459] GetKeyState (nVirtKey=2) returned 0
[0190.459] GetKeyState (nVirtKey=4) returned 0
[0190.459] GetKeyState (nVirtKey=5) returned 0
[0190.459] GetKeyState (nVirtKey=6) returned 0
[0190.459] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.460] IsWindowUnicode (hWnd=0x7005c) returned 1
[0190.460] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.460] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.460] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.460] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.460] IsWindowUnicode (hWnd=0x7005c) returned 1
[0190.460] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e402fe) returned 0x1
[0190.461] SetCursor (hCursor=0x10003) returned 0x10003
[0190.461] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.461] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0240) returned 0x0
[0190.461] GetKeyState (nVirtKey=1) returned 1
[0190.461] GetKeyState (nVirtKey=2) returned 0
[0190.461] GetKeyState (nVirtKey=4) returned 0
[0190.461] GetKeyState (nVirtKey=5) returned 0
[0190.461] GetKeyState (nVirtKey=6) returned 0
[0190.461] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.462] IsWindowUnicode (hWnd=0x602c4) returned 1
[0190.462] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.462] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.462] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.463] IsWindowUnicode (hWnd=0x602c4) returned 1
[0190.463] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.463] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.463] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.463] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0190.463] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.463] CreateCompatibleDC (hdc=0xc0107c5) returned 0xa80107f3
[0190.463] SelectObject (hdc=0xa80107f3, h=0x4a0507fe) returned 0x85000f
[0190.463] GdipCreateFromHDC (hdc=0xa80107f3, graphics=0xd7e798) returned 0x0
[0190.464] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0190.464] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0190.464] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0190.464] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0190.464] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e7f8) returned 0x0
[0190.464] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0190.464] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0190.464] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.464] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0190.464] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0190.464] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0190.464] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0190.464] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0190.464] GdipRestoreGraphics (graphics=0x6600030, state=0xfb440dbd) returned 0x0
[0190.464] GdipDeleteRegion (region=0x6645998) returned 0x0
[0190.464] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0190.464] GetCurrentObject (hdc=0xa80107f3, type=0x1) returned 0xb00017
[0190.465] GetCurrentObject (hdc=0xa80107f3, type=0x2) returned 0x900010
[0190.465] GetCurrentObject (hdc=0xa80107f3, type=0x7) returned 0x4a0507fe
[0190.465] GetCurrentObject (hdc=0xa80107f3, type=0x6) returned 0x8a01c2
[0190.465] SaveDC (hdc=0xa80107f3) returned 1
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0xff) returned 0xff
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0x55) returned 0x55
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0x0) returned 0x0
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0x55) returned 0x55
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0x0) returned 0x0
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0x8080ff) returned 0x8080ff
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0x7373e5) returned 0x7373e5
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0xe5) returned 0xe5
[0190.465] GetNearestColor (hdc=0xa80107f3, color=0x0) returned 0x0
[0190.471] RestoreDC (hdc=0xa80107f3, nSavedDC=-1) returned 1
[0190.471] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107f3) returned 0x0
[0190.471] IsAppThemed () returned 0x1
[0190.471] GetThemeAppProperties () returned 0x3
[0190.471] GetThemeAppProperties () returned 0x3
[0190.471] IsAppThemed () returned 0x1
[0190.471] GetThemeAppProperties () returned 0x3
[0190.472] GetThemeAppProperties () returned 0x3
[0190.472] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e55cc4 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0190.472] IsAppThemed () returned 0x1
[0190.472] GetThemeAppProperties () returned 0x3
[0190.472] GetThemeAppProperties () returned 0x3
[0190.472] IsAppThemed () returned 0x1
[0190.472] GetThemeAppProperties () returned 0x3
[0190.472] GetThemeAppProperties () returned 0x3
[0190.472] GetFocus () returned 0x602c4
[0190.472] IsAppThemed () returned 0x1
[0190.472] GetThemeAppProperties () returned 0x3
[0190.472] GetThemeAppProperties () returned 0x3
[0190.472] IsAppThemed () returned 0x1
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] IsThemePartDefined () returned 0x1
[0190.473] IsAppThemed () returned 0x1
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0190.473] IsAppThemed () returned 0x1
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] IsAppThemed () returned 0x1
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] GetThemeAppProperties () returned 0x3
[0190.473] IsThemePartDefined () returned 0x1
[0190.473] GdipCreateRegion (region=0xd7e508) returned 0x0
[0190.473] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0190.473] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0190.473] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0190.473] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e520) returned 0x0
[0190.473] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0190.473] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0190.474] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.474] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0190.474] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0190.474] LocalFree (hMem=0x11ee868) returned 0x0
[0190.474] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0190.474] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0190.474] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0190.474] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0190.474] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0190.474] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0190.474] GetCurrentObject (hdc=0xa80107f3, type=0x1) returned 0xb00017
[0190.474] GetCurrentObject (hdc=0xa80107f3, type=0x2) returned 0x900010
[0190.474] GetCurrentObject (hdc=0xa80107f3, type=0x7) returned 0x4a0507fe
[0190.474] GetCurrentObject (hdc=0xa80107f3, type=0x6) returned 0x8a01c2
[0190.474] SaveDC (hdc=0xa80107f3) returned 1
[0190.474] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x100407de
[0190.475] GetClipRgn (hdc=0xa80107f3, hrgn=0x100407de) returned 0
[0190.475] SelectClipRgn (hdc=0xa80107f3, hrgn=0x86040807) returned 2
[0190.475] DeleteObject (ho=0x100407de) returned 1
[0190.475] DeleteObject (ho=0x86040807) returned 1
[0190.475] OffsetViewportOrgEx (in: hdc=0xa80107f3, x=0, y=0, lppt=0x2e56374 | out: lppt=0x2e56374) returned 1
[0190.475] DrawThemeParentBackground () returned 0x0
[0190.475] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0190.475] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0190.475] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0190.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.475] GetSystemMetrics (nIndex=42) returned 0
[0190.475] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0190.475] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0190.475] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0190.476] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0190.476] SelectPalette (hdc=0xa80107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.476] GdipCreateFromHDC (hdc=0xa80107f3, graphics=0xd7dff8) returned 0x0
[0190.476] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0190.476] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0190.476] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638bd8) returned 0x0
[0190.476] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dfd0) returned 0x0
[0190.476] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0190.476] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0190.476] GdipGetClip (graphics=0x664e330, region=0x6645d88) returned 0x0
[0190.476] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x664e330, result=0xd7dfc4) returned 0x0
[0190.476] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0190.476] GdipSaveGraphics (graphics=0x664e330, state=0xd7dff0) returned 0x0
[0190.477] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0190.488] GdipFillRectangleI (graphics=0x664e330, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0190.488] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0190.490] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0190.490] SelectPalette (hdc=0xa80107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.490] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0190.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.490] GetSystemMetrics (nIndex=42) returned 0
[0190.491] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0190.491] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0190.491] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0190.491] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0190.491] SelectPalette (hdc=0xa80107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0190.491] GdipCreateFromHDC (hdc=0xa80107f3, graphics=0xd7df98) returned 0x0
[0190.491] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0190.491] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0190.491] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638b18) returned 0x0
[0190.491] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df70) returned 0x0
[0190.491] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0190.491] GdipCreateRegion (region=0xd7df58) returned 0x0
[0190.491] GdipGetClip (graphics=0x664e330, region=0x6645cf8) returned 0x0
[0190.492] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x664e330, result=0xd7df64) returned 0x0
[0190.492] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0190.492] GdipSaveGraphics (graphics=0x664e330, state=0xd7df90) returned 0x0
[0190.492] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0190.508] GdipFillRectangleI (graphics=0x664e330, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0190.508] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0190.510] GdipRestoreGraphics (graphics=0x664e330, state=0xfb400dbd) returned 0x0
[0190.510] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0190.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0190.510] GetSystemMetrics (nIndex=42) returned 0
[0190.510] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0190.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0190.511] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0190.511] SelectPalette (hdc=0xa80107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.511] RestoreDC (hdc=0xa80107f3, nSavedDC=-1) returned 1
[0190.511] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107f3) returned 0x0
[0190.511] IsAppThemed () returned 0x1
[0190.511] GetThemeAppProperties () returned 0x3
[0190.511] GetThemeAppProperties () returned 0x3
[0190.511] IsAppThemed () returned 0x1
[0190.511] GetThemeAppProperties () returned 0x3
[0190.511] GetThemeAppProperties () returned 0x3
[0190.511] IsThemePartDefined () returned 0x1
[0190.511] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0190.511] GdipGetClip (graphics=0x6600030, region=0x6646208) returned 0x0
[0190.512] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0190.512] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0190.512] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a4) returned 0x0
[0190.512] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0190.512] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0190.512] LocalFree (hMem=0x11eed00) returned 0x0
[0190.512] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0190.512] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0190.512] LocalFree (hMem=0x11ee9f0) returned 0x0
[0190.512] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0190.512] GdipIsInfiniteRegion (region=0x6646208, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0190.512] GdipIsInfiniteRegion (region=0x6646208, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0190.512] GdipGetRegionHRgn (region=0x6646208, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0190.512] GdipDeleteRegion (region=0x6646208) returned 0x0
[0190.512] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0190.512] GetCurrentObject (hdc=0xa80107f3, type=0x1) returned 0xb00017
[0190.512] GetCurrentObject (hdc=0xa80107f3, type=0x2) returned 0x900010
[0190.513] GetCurrentObject (hdc=0xa80107f3, type=0x7) returned 0x4a0507fe
[0190.513] GetCurrentObject (hdc=0xa80107f3, type=0x6) returned 0x8a01c2
[0190.513] SaveDC (hdc=0xa80107f3) returned 1
[0190.519] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x87040807
[0190.519] GetClipRgn (hdc=0xa80107f3, hrgn=0x87040807) returned 0
[0190.519] SelectClipRgn (hdc=0xa80107f3, hrgn=0x120407de) returned 2
[0190.519] DeleteObject (ho=0x87040807) returned 1
[0190.519] DeleteObject (ho=0x120407de) returned 1
[0190.519] OffsetViewportOrgEx (in: hdc=0xa80107f3, x=0, y=0, lppt=0x2e5cbc4 | out: lppt=0x2e5cbc4) returned 1
[0190.519] IsAppThemed () returned 0x1
[0190.520] GetThemeAppProperties () returned 0x3
[0190.520] GetThemeAppProperties () returned 0x3
[0190.520] DrawThemeBackground () returned 0x0
[0190.520] RestoreDC (hdc=0xa80107f3, nSavedDC=-1) returned 1
[0190.520] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107f3) returned 0x0
[0190.520] GdipCreateRegion (region=0xd7e490) returned 0x0
[0190.520] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0190.520] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0190.520] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0190.520] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e4a8) returned 0x0
[0190.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0190.520] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0190.520] LocalFree (hMem=0x11ee788) returned 0x0
[0190.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0190.520] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0190.520] LocalFree (hMem=0x11ee788) returned 0x0
[0190.521] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0190.521] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0190.521] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0190.521] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0190.521] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0190.521] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0190.521] GetCurrentObject (hdc=0xa80107f3, type=0x1) returned 0xb00017
[0190.521] GetCurrentObject (hdc=0xa80107f3, type=0x2) returned 0x900010
[0190.521] GetCurrentObject (hdc=0xa80107f3, type=0x7) returned 0x4a0507fe
[0190.521] GetCurrentObject (hdc=0xa80107f3, type=0x6) returned 0x8a01c2
[0190.521] SaveDC (hdc=0xa80107f3) returned 1
[0190.521] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x130407de
[0190.521] GetClipRgn (hdc=0xa80107f3, hrgn=0x130407de) returned 0
[0190.521] SelectClipRgn (hdc=0xa80107f3, hrgn=0x88040807) returned 2
[0190.521] DeleteObject (ho=0x130407de) returned 1
[0190.522] DeleteObject (ho=0x88040807) returned 1
[0190.522] OffsetViewportOrgEx (in: hdc=0xa80107f3, x=0, y=0, lppt=0x2e5ce98 | out: lppt=0x2e5ce98) returned 1
[0190.522] IsAppThemed () returned 0x1
[0190.522] GetThemeAppProperties () returned 0x3
[0190.522] GetThemeAppProperties () returned 0x3
[0190.522] GetThemeBackgroundContentRect () returned 0x0
[0190.522] RestoreDC (hdc=0xa80107f3, nSavedDC=-1) returned 1
[0190.522] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107f3) returned 0x0
[0190.522] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0190.522] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0190.522] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0190.522] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0190.522] IsAppThemed () returned 0x1
[0190.522] GetThemeAppProperties () returned 0x3
[0190.522] GetThemeAppProperties () returned 0x3
[0190.522] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0190.522] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0190.522] GetCurrentObject (hdc=0xa80107f3, type=0x1) returned 0xb00017
[0190.523] GetCurrentObject (hdc=0xa80107f3, type=0x2) returned 0x900010
[0190.523] GetCurrentObject (hdc=0xa80107f3, type=0x7) returned 0x4a0507fe
[0190.523] GetCurrentObject (hdc=0xa80107f3, type=0x6) returned 0x8a01c2
[0190.523] SaveDC (hdc=0xa80107f3) returned 1
[0190.523] GetTextAlign (hdc=0xa80107f3) returned 0x0
[0190.523] GetTextColor (hdc=0xa80107f3) returned 0x0
[0190.523] GetCurrentObject (hdc=0xa80107f3, type=0x6) returned 0x8a01c2
[0190.523] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0190.523] SelectObject (hdc=0xa80107f3, h=0x6d0a0520) returned 0x8a01c2
[0190.523] GetBkMode (hdc=0xa80107f3) returned 2
[0190.523] SetBkMode (hdc=0xa80107f3, mode=1) returned 2
[0190.524] DrawTextExW (in: hdc=0xa80107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e5d25c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0190.524] DrawTextExW (in: hdc=0xa80107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e5d25c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0190.524] RestoreDC (hdc=0xa80107f3, nSavedDC=-1) returned 1
[0190.524] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107f3) returned 0x0
[0190.524] GetFocus () returned 0x602c4
[0190.525] IsAppThemed () returned 0x1
[0190.525] GetThemeAppProperties () returned 0x3
[0190.525] GetThemeAppProperties () returned 0x3
[0190.525] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0190.525] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xa80107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0190.525] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107f3) returned 0x0
[0190.525] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0190.525] SelectObject (hdc=0xa80107f3, h=0x85000f) returned 0x4a0507fe
[0190.525] DeleteDC (hdc=0xa80107f3) returned 1
[0190.525] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0190.525] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0190.526] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0190.526] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0190.526] WaitMessage () returned 1
[0190.560] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.560] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.560] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.560] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.560] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.562] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.563] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.563] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.563] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.563] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.563] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.563] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.563] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.563] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.563] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.564] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.564] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.564] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.564] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.564] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.565] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.565] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.565] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.565] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.565] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.565] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.565] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.565] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.565] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.565] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.566] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.566] IsWindowUnicode (hWnd=0x30122) returned 1
[0190.566] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.566] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.566] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.566] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.567] IsWindowUnicode (hWnd=0x7005c) returned 1
[0190.567] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.567] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.567] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.567] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.567] IsWindowUnicode (hWnd=0x7005c) returned 1
[0190.567] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.567] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.567] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0240) returned 0x0
[0190.567] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0190.567] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0190.567] WaitMessage () returned 1
[0190.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.660] IsWindowUnicode (hWnd=0x502c6) returned 1
[0190.660] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0190.660] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0190.660] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0190.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0190.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0190.661] WaitMessage () returned 1
[0192.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.501] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fa) returned 0x1
[0192.502] IsWindowUnicode (hWnd=0x602c4) returned 1
[0192.502] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.502] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0192.502] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0192.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0192.502] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.502] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fa) returned 0x1
[0192.502] IsWindowUnicode (hWnd=0x602c4) returned 1
[0192.502] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.502] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fa) returned 0x1
[0192.502] SetCursor (hCursor=0x10003) returned 0x10003
[0192.503] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0192.503] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0192.503] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0192.503] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0192.503] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0192.503] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0192.503] GetKeyState (nVirtKey=1) returned 1
[0192.503] GetKeyState (nVirtKey=2) returned 0
[0192.503] GetKeyState (nVirtKey=4) returned 0
[0192.503] GetKeyState (nVirtKey=5) returned 0
[0192.503] GetKeyState (nVirtKey=6) returned 0
[0192.503] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.503] IsWindowUnicode (hWnd=0x602c4) returned 1
[0192.503] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.503] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0192.503] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0192.503] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0192.504] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0192.504] CreateCompatibleDC (hdc=0xc0107c5) returned 0x420107f2
[0192.504] SelectObject (hdc=0x420107f2, h=0x4a0507fe) returned 0x85000f
[0192.504] GdipCreateFromHDC (hdc=0x420107f2, graphics=0xd7e798) returned 0x0
[0192.504] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0192.504] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0192.504] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0192.504] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0192.504] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e7f8) returned 0x0
[0192.504] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0192.504] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0192.505] LocalFree (hMem=0x11eecc8) returned 0x0
[0192.505] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0192.505] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0192.505] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0192.505] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0192.505] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0192.505] GdipRestoreGraphics (graphics=0x6600030, state=0xfb3e0dbd) returned 0x0
[0192.505] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0192.505] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0192.505] GetCurrentObject (hdc=0x420107f2, type=0x1) returned 0xb00017
[0192.505] GetCurrentObject (hdc=0x420107f2, type=0x2) returned 0x900010
[0192.505] GetCurrentObject (hdc=0x420107f2, type=0x7) returned 0x4a0507fe
[0192.505] GetCurrentObject (hdc=0x420107f2, type=0x6) returned 0x8a01c2
[0192.505] SaveDC (hdc=0x420107f2) returned 1
[0192.505] GetNearestColor (hdc=0x420107f2, color=0xff) returned 0xff
[0192.506] GetNearestColor (hdc=0x420107f2, color=0x55) returned 0x55
[0192.506] GetNearestColor (hdc=0x420107f2, color=0x0) returned 0x0
[0192.506] GetNearestColor (hdc=0x420107f2, color=0x55) returned 0x55
[0192.506] GetNearestColor (hdc=0x420107f2, color=0x0) returned 0x0
[0192.506] GetNearestColor (hdc=0x420107f2, color=0x8080ff) returned 0x8080ff
[0192.506] GetNearestColor (hdc=0x420107f2, color=0x7373e5) returned 0x7373e5
[0192.506] GetNearestColor (hdc=0x420107f2, color=0xe5) returned 0xe5
[0192.506] GetNearestColor (hdc=0x420107f2, color=0x0) returned 0x0
[0192.506] RestoreDC (hdc=0x420107f2, nSavedDC=-1) returned 1
[0192.506] GdipReleaseDC (graphics=0x6600030, hdc=0x420107f2) returned 0x0
[0192.506] IsAppThemed () returned 0x1
[0192.506] GetThemeAppProperties () returned 0x3
[0192.506] GetThemeAppProperties () returned 0x3
[0192.506] IsAppThemed () returned 0x1
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e5dad0 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0192.507] IsAppThemed () returned 0x1
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] IsAppThemed () returned 0x1
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] IsAppThemed () returned 0x1
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] GetThemeAppProperties () returned 0x3
[0192.507] IsAppThemed () returned 0x1
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] IsThemePartDefined () returned 0x1
[0192.508] IsAppThemed () returned 0x1
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0192.508] IsAppThemed () returned 0x1
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] IsAppThemed () returned 0x1
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] GetThemeAppProperties () returned 0x3
[0192.508] IsThemePartDefined () returned 0x1
[0192.508] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0192.508] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0192.508] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0192.508] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0192.508] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e514) returned 0x0
[0192.508] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0192.508] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee910) returned 0x0
[0192.509] LocalFree (hMem=0x11ee910) returned 0x0
[0192.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0192.509] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0192.509] LocalFree (hMem=0x11eea60) returned 0x0
[0192.509] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0192.509] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0192.509] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0192.509] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0192.509] GdipDeleteRegion (region=0x6645098) returned 0x0
[0192.509] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0192.509] GetCurrentObject (hdc=0x420107f2, type=0x1) returned 0xb00017
[0192.509] GetCurrentObject (hdc=0x420107f2, type=0x2) returned 0x900010
[0192.509] GetCurrentObject (hdc=0x420107f2, type=0x7) returned 0x4a0507fe
[0192.509] GetCurrentObject (hdc=0x420107f2, type=0x6) returned 0x8a01c2
[0192.509] SaveDC (hdc=0x420107f2) returned 1
[0192.509] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x89040807
[0192.509] GetClipRgn (hdc=0x420107f2, hrgn=0x89040807) returned 0
[0192.510] SelectClipRgn (hdc=0x420107f2, hrgn=0x170407de) returned 2
[0192.510] DeleteObject (ho=0x89040807) returned 1
[0192.510] DeleteObject (ho=0x170407de) returned 1
[0192.510] OffsetViewportOrgEx (in: hdc=0x420107f2, x=0, y=0, lppt=0x2e5e180 | out: lppt=0x2e5e180) returned 1
[0192.510] DrawThemeParentBackground () returned 0x0
[0192.510] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0192.510] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0192.510] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0192.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0192.510] GetSystemMetrics (nIndex=42) returned 0
[0192.510] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0192.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0192.510] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0192.510] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0192.511] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0192.511] SelectPalette (hdc=0x420107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0192.511] GdipCreateFromHDC (hdc=0x420107f2, graphics=0xd7dff0) returned 0x0
[0192.511] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0192.511] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0192.511] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638cf8) returned 0x0
[0192.511] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dfc8) returned 0x0
[0192.511] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0192.511] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0192.511] GdipGetClip (graphics=0x664e330, region=0x6645cf8) returned 0x0
[0192.511] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x664e330, result=0xd7dfbc) returned 0x0
[0192.512] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0192.512] GdipSaveGraphics (graphics=0x664e330, state=0xd7dfe8) returned 0x0
[0192.512] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0192.522] GdipFillRectangleI (graphics=0x664e330, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0192.522] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0192.524] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0192.524] SelectPalette (hdc=0x420107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0192.524] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0192.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0192.524] GetSystemMetrics (nIndex=42) returned 0
[0192.524] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0192.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0192.525] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0192.525] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0192.525] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0192.525] SelectPalette (hdc=0x420107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0192.525] GdipCreateFromHDC (hdc=0x420107f2, graphics=0xd7df90) returned 0x0
[0192.525] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0192.525] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0192.525] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638d28) returned 0x0
[0192.525] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0192.525] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0192.525] GdipCreateRegion (region=0xd7df50) returned 0x0
[0192.525] GdipGetClip (graphics=0x664e330, region=0x6645128) returned 0x0
[0192.525] GdipIsInfiniteRegion (region=0x6645128, graphics=0x664e330, result=0xd7df5c) returned 0x0
[0192.526] GdipDeleteRegion (region=0x6645128) returned 0x0
[0192.526] GdipSaveGraphics (graphics=0x664e330, state=0xd7df88) returned 0x0
[0192.526] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0192.535] GdipFillRectangleI (graphics=0x664e330, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0192.536] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0192.537] GdipRestoreGraphics (graphics=0x664e330, state=0xfb3a0dbd) returned 0x0
[0192.537] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0192.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0192.538] GetSystemMetrics (nIndex=42) returned 0
[0192.538] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0192.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0192.538] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0192.538] SelectPalette (hdc=0x420107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0192.538] RestoreDC (hdc=0x420107f2, nSavedDC=-1) returned 1
[0192.538] GdipReleaseDC (graphics=0x6600030, hdc=0x420107f2) returned 0x0
[0192.538] IsAppThemed () returned 0x1
[0192.538] GetThemeAppProperties () returned 0x3
[0192.538] GetThemeAppProperties () returned 0x3
[0192.539] IsAppThemed () returned 0x1
[0192.539] GetThemeAppProperties () returned 0x3
[0192.539] GetThemeAppProperties () returned 0x3
[0192.539] IsThemePartDefined () returned 0x1
[0192.539] GdipCreateRegion (region=0xd7e480) returned 0x0
[0192.539] GdipGetClip (graphics=0x6600030, region=0x6646208) returned 0x0
[0192.539] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0192.539] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0192.539] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e498) returned 0x0
[0192.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0192.539] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0192.539] LocalFree (hMem=0x11eec58) returned 0x0
[0192.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0192.539] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0192.539] LocalFree (hMem=0x11ee788) returned 0x0
[0192.540] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0192.540] GdipIsInfiniteRegion (region=0x6646208, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0192.540] GdipIsInfiniteRegion (region=0x6646208, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0192.540] GdipGetRegionHRgn (region=0x6646208, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0192.540] GdipDeleteRegion (region=0x6646208) returned 0x0
[0192.540] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0192.540] GetCurrentObject (hdc=0x420107f2, type=0x1) returned 0xb00017
[0192.540] GetCurrentObject (hdc=0x420107f2, type=0x2) returned 0x900010
[0192.540] GetCurrentObject (hdc=0x420107f2, type=0x7) returned 0x4a0507fe
[0192.540] GetCurrentObject (hdc=0x420107f2, type=0x6) returned 0x8a01c2
[0192.540] SaveDC (hdc=0x420107f2) returned 1
[0192.540] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x180407de
[0192.540] GetClipRgn (hdc=0x420107f2, hrgn=0x180407de) returned 0
[0192.540] SelectClipRgn (hdc=0x420107f2, hrgn=0x8b040807) returned 2
[0192.541] DeleteObject (ho=0x180407de) returned 1
[0192.541] DeleteObject (ho=0x8b040807) returned 1
[0192.541] OffsetViewportOrgEx (in: hdc=0x420107f2, x=0, y=0, lppt=0x2e649d0 | out: lppt=0x2e649d0) returned 1
[0192.541] IsAppThemed () returned 0x1
[0192.541] GetThemeAppProperties () returned 0x3
[0192.541] GetThemeAppProperties () returned 0x3
[0192.541] DrawThemeBackground () returned 0x0
[0192.541] RestoreDC (hdc=0x420107f2, nSavedDC=-1) returned 1
[0192.541] GdipReleaseDC (graphics=0x6600030, hdc=0x420107f2) returned 0x0
[0192.541] GdipCreateRegion (region=0xd7e484) returned 0x0
[0192.541] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0192.541] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0192.541] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0192.541] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e49c) returned 0x0
[0192.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0192.542] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0192.542] LocalFree (hMem=0x11eec58) returned 0x0
[0192.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0192.542] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0192.542] LocalFree (hMem=0x11ee868) returned 0x0
[0192.542] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0192.542] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0192.542] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0192.542] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0192.542] GdipDeleteRegion (region=0x6645098) returned 0x0
[0192.542] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0192.542] GetCurrentObject (hdc=0x420107f2, type=0x1) returned 0xb00017
[0192.542] GetCurrentObject (hdc=0x420107f2, type=0x2) returned 0x900010
[0192.542] GetCurrentObject (hdc=0x420107f2, type=0x7) returned 0x4a0507fe
[0192.542] GetCurrentObject (hdc=0x420107f2, type=0x6) returned 0x8a01c2
[0192.543] SaveDC (hdc=0x420107f2) returned 1
[0192.543] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8c040807
[0192.543] GetClipRgn (hdc=0x420107f2, hrgn=0x8c040807) returned 0
[0192.543] SelectClipRgn (hdc=0x420107f2, hrgn=0x190407de) returned 2
[0192.543] DeleteObject (ho=0x8c040807) returned 1
[0192.543] DeleteObject (ho=0x190407de) returned 1
[0192.543] OffsetViewportOrgEx (in: hdc=0x420107f2, x=0, y=0, lppt=0x2e64ca4 | out: lppt=0x2e64ca4) returned 1
[0192.543] IsAppThemed () returned 0x1
[0192.543] GetThemeAppProperties () returned 0x3
[0192.543] GetThemeAppProperties () returned 0x3
[0192.543] GetThemeBackgroundContentRect () returned 0x0
[0192.543] RestoreDC (hdc=0x420107f2, nSavedDC=-1) returned 1
[0192.543] GdipReleaseDC (graphics=0x6600030, hdc=0x420107f2) returned 0x0
[0192.544] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0192.544] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0192.544] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0192.544] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0192.544] IsAppThemed () returned 0x1
[0192.544] GetThemeAppProperties () returned 0x3
[0192.544] GetThemeAppProperties () returned 0x3
[0192.544] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0192.545] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0192.545] GetCurrentObject (hdc=0x420107f2, type=0x1) returned 0xb00017
[0192.545] GetCurrentObject (hdc=0x420107f2, type=0x2) returned 0x900010
[0192.545] GetCurrentObject (hdc=0x420107f2, type=0x7) returned 0x4a0507fe
[0192.545] GetCurrentObject (hdc=0x420107f2, type=0x6) returned 0x8a01c2
[0192.545] SaveDC (hdc=0x420107f2) returned 1
[0192.545] GetTextAlign (hdc=0x420107f2) returned 0x0
[0192.545] GetTextColor (hdc=0x420107f2) returned 0x0
[0192.546] GetCurrentObject (hdc=0x420107f2, type=0x6) returned 0x8a01c2
[0192.546] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0192.546] SelectObject (hdc=0x420107f2, h=0x6d0a0520) returned 0x8a01c2
[0192.546] GetBkMode (hdc=0x420107f2) returned 2
[0192.546] SetBkMode (hdc=0x420107f2, mode=1) returned 2
[0192.547] DrawTextExW (in: hdc=0x420107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e65068 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0192.547] DrawTextExW (in: hdc=0x420107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e65068 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0192.547] RestoreDC (hdc=0x420107f2, nSavedDC=-1) returned 1
[0192.548] GdipReleaseDC (graphics=0x6600030, hdc=0x420107f2) returned 0x0
[0192.548] GetFocus () returned 0x602c4
[0192.548] IsAppThemed () returned 0x1
[0192.548] GetThemeAppProperties () returned 0x3
[0192.548] GetThemeAppProperties () returned 0x3
[0192.548] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0192.548] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x420107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0192.548] GdipReleaseDC (graphics=0x6600030, hdc=0x420107f2) returned 0x0
[0192.548] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0192.549] SelectObject (hdc=0x420107f2, h=0x85000f) returned 0x4a0507fe
[0192.549] DeleteDC (hdc=0x420107f2) returned 1
[0192.549] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0192.549] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0192.549] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0192.549] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0192.549] WaitMessage () returned 1
[0192.608] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.608] IsWindowUnicode (hWnd=0x602c4) returned 1
[0192.608] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.608] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0192.608] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0192.608] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.608] IsWindowUnicode (hWnd=0x602c4) returned 1
[0192.609] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.609] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0192.609] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0192.609] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd001f) returned 0x0
[0192.609] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0192.609] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0192.609] WaitMessage () returned 1
[0192.741] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.741] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fa) returned 0x1
[0192.741] IsWindowUnicode (hWnd=0x602c4) returned 1
[0192.741] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.741] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fa) returned 0x1
[0192.742] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0192.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f003c) returned 0x0
[0192.742] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0192.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0192.742] SetCursor (hCursor=0x10003) returned 0x10003
[0192.742] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0192.742] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0192.742] GetKeyState (nVirtKey=1) returned -128
[0192.742] GetKeyState (nVirtKey=2) returned 0
[0192.742] GetKeyState (nVirtKey=4) returned 0
[0192.742] GetKeyState (nVirtKey=5) returned 0
[0192.742] GetKeyState (nVirtKey=6) returned 0
[0192.742] IsWindowVisible (hWnd=0x602c4) returned 1
[0192.742] IsWindowEnabled (hWnd=0x602c4) returned 1
[0192.742] SetFocus (hWnd=0x602c4) returned 0x602c4
[0192.743] GetFocus () returned 0x602c4
[0192.743] GetFocus () returned 0x602c4
[0192.743] GetFocus () returned 0x602c4
[0192.743] GetKeyState (nVirtKey=1) returned -128
[0192.743] GetKeyState (nVirtKey=2) returned 0
[0192.743] GetKeyState (nVirtKey=4) returned 0
[0192.743] GetKeyState (nVirtKey=5) returned 0
[0192.743] GetKeyState (nVirtKey=6) returned 0
[0192.743] GetCapture () returned 0x0
[0192.743] SetCapture (hWnd=0x602c4) returned 0x0
[0192.743] GetKeyState (nVirtKey=1) returned -128
[0192.743] GetKeyState (nVirtKey=2) returned 0
[0192.743] GetKeyState (nVirtKey=4) returned 0
[0192.743] GetKeyState (nVirtKey=5) returned 0
[0192.743] GetKeyState (nVirtKey=6) returned 0
[0192.743] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0192.743] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0192.743] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.744] IsWindowUnicode (hWnd=0x602c4) returned 1
[0192.744] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0192.744] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0192.744] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0192.744] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e651ec, cPoints=0x1 | out: lpPoints=0x2e651ec) returned 40304859
[0192.744] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0192.744] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0192.744] UpdateWindow (hWnd=0x602c4) returned 1
[0192.744] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0192.744] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0192.744] CreateCompatibleDC (hdc=0xc0107c5) returned 0x430107f2
[0192.744] SelectObject (hdc=0x430107f2, h=0x4a0507fe) returned 0x85000f
[0192.744] GdipCreateFromHDC (hdc=0x430107f2, graphics=0xd7e430) returned 0x0
[0192.745] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0192.745] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0192.745] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0192.745] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0192.745] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e490) returned 0x0
[0192.745] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0192.745] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea98) returned 0x0
[0192.745] LocalFree (hMem=0x11eea98) returned 0x0
[0192.745] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0192.745] GdipCreateRegion (region=0xd7e478) returned 0x0
[0192.745] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0192.745] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0192.745] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0192.745] GdipRestoreGraphics (graphics=0x6600030, state=0xfb380dbd) returned 0x0
[0192.745] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0192.746] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0192.746] GetCurrentObject (hdc=0x430107f2, type=0x1) returned 0xb00017
[0192.746] GetCurrentObject (hdc=0x430107f2, type=0x2) returned 0x900010
[0192.746] GetCurrentObject (hdc=0x430107f2, type=0x7) returned 0x4a0507fe
[0192.746] GetCurrentObject (hdc=0x430107f2, type=0x6) returned 0x8a01c2
[0192.746] SaveDC (hdc=0x430107f2) returned 1
[0192.746] GetNearestColor (hdc=0x430107f2, color=0xff) returned 0xff
[0192.746] GetNearestColor (hdc=0x430107f2, color=0x55) returned 0x55
[0192.746] GetNearestColor (hdc=0x430107f2, color=0x0) returned 0x0
[0192.746] GetNearestColor (hdc=0x430107f2, color=0x55) returned 0x55
[0192.746] GetNearestColor (hdc=0x430107f2, color=0x0) returned 0x0
[0192.746] GetNearestColor (hdc=0x430107f2, color=0x8080ff) returned 0x8080ff
[0192.746] GetNearestColor (hdc=0x430107f2, color=0x7373e5) returned 0x7373e5
[0192.746] GetNearestColor (hdc=0x430107f2, color=0xe5) returned 0xe5
[0192.747] GetNearestColor (hdc=0x430107f2, color=0x0) returned 0x0
[0192.747] RestoreDC (hdc=0x430107f2, nSavedDC=-1) returned 1
[0192.747] GdipReleaseDC (graphics=0x6600030, hdc=0x430107f2) returned 0x0
[0192.747] IsAppThemed () returned 0x1
[0192.747] GetThemeAppProperties () returned 0x3
[0192.747] GetThemeAppProperties () returned 0x3
[0192.747] IsAppThemed () returned 0x1
[0192.747] GetThemeAppProperties () returned 0x3
[0192.747] GetThemeAppProperties () returned 0x3
[0192.747] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e65908 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0192.747] IsAppThemed () returned 0x1
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] IsAppThemed () returned 0x1
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] IsAppThemed () returned 0x1
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] IsAppThemed () returned 0x1
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] IsThemePartDefined () returned 0x1
[0192.748] IsAppThemed () returned 0x1
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0192.748] IsAppThemed () returned 0x1
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] GetThemeAppProperties () returned 0x3
[0192.748] IsAppThemed () returned 0x1
[0192.749] GetThemeAppProperties () returned 0x3
[0192.749] GetThemeAppProperties () returned 0x3
[0192.749] IsThemePartDefined () returned 0x1
[0192.749] GdipCreateRegion (region=0xd7e194) returned 0x0
[0192.749] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0192.749] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0192.749] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0192.749] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e1ac) returned 0x0
[0192.749] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0192.749] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0192.749] LocalFree (hMem=0x11ee788) returned 0x0
[0192.749] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0192.749] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0192.749] LocalFree (hMem=0x11eec58) returned 0x0
[0192.749] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0192.749] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0192.749] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0192.749] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0192.749] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0192.749] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0192.749] GetCurrentObject (hdc=0x430107f2, type=0x1) returned 0xb00017
[0192.750] GetCurrentObject (hdc=0x430107f2, type=0x2) returned 0x900010
[0192.750] GetCurrentObject (hdc=0x430107f2, type=0x7) returned 0x4a0507fe
[0192.750] GetCurrentObject (hdc=0x430107f2, type=0x6) returned 0x8a01c2
[0192.750] SaveDC (hdc=0x430107f2) returned 1
[0192.750] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a0407de
[0192.750] GetClipRgn (hdc=0x430107f2, hrgn=0x1a0407de) returned 0
[0192.750] SelectClipRgn (hdc=0x430107f2, hrgn=0x90040807) returned 2
[0192.750] DeleteObject (ho=0x1a0407de) returned 1
[0192.750] DeleteObject (ho=0x90040807) returned 1
[0192.750] OffsetViewportOrgEx (in: hdc=0x430107f2, x=0, y=0, lppt=0x2e65fb8 | out: lppt=0x2e65fb8) returned 1
[0192.750] DrawThemeParentBackground () returned 0x0
[0192.750] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0192.751] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0192.751] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0192.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0192.751] GetSystemMetrics (nIndex=42) returned 0
[0192.751] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0192.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0192.751] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0192.751] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0192.751] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0192.751] SelectPalette (hdc=0x430107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0192.751] GdipCreateFromHDC (hdc=0x430107f2, graphics=0xd7dc88) returned 0x0
[0192.751] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0192.751] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0192.751] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638a58) returned 0x0
[0192.751] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc60) returned 0x0
[0192.752] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0192.752] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0192.752] GdipGetClip (graphics=0x664e330, region=0x6645128) returned 0x0
[0192.752] GdipIsInfiniteRegion (region=0x6645128, graphics=0x664e330, result=0xd7dc54) returned 0x0
[0192.752] GdipDeleteRegion (region=0x6645128) returned 0x0
[0192.752] GdipSaveGraphics (graphics=0x664e330, state=0xd7dc80) returned 0x0
[0192.752] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0192.762] GdipFillRectangleI (graphics=0x664e330, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0192.762] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0192.764] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0192.764] SelectPalette (hdc=0x430107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0192.764] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0192.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0192.764] GetSystemMetrics (nIndex=42) returned 0
[0192.764] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0192.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0192.765] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0192.765] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0192.765] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0192.765] SelectPalette (hdc=0x430107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0192.765] GdipCreateFromHDC (hdc=0x430107f2, graphics=0xd7dc28) returned 0x0
[0192.765] GdipSetPageUnit (graphics=0x664e330, unit=0x2) returned 0x0
[0192.765] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0192.765] GdipGetWorldTransform (graphics=0x664e330, matrix=0x6638d58) returned 0x0
[0192.765] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0192.765] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0192.765] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0192.765] GdipGetClip (graphics=0x664e330, region=0x66453f8) returned 0x0
[0192.766] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x664e330, result=0xd7dbf4) returned 0x0
[0192.766] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0192.766] GdipSaveGraphics (graphics=0x664e330, state=0xd7dc20) returned 0x0
[0192.766] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0192.775] GdipFillRectangleI (graphics=0x664e330, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0192.775] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0192.777] GdipRestoreGraphics (graphics=0x664e330, state=0xfb340dbd) returned 0x0
[0192.777] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0192.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0192.777] GetSystemMetrics (nIndex=42) returned 0
[0192.777] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0192.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0192.778] GdipDeleteGraphics (graphics=0x664e330) returned 0x0
[0192.778] SelectPalette (hdc=0x430107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0192.778] RestoreDC (hdc=0x430107f2, nSavedDC=-1) returned 1
[0192.778] GdipReleaseDC (graphics=0x6600030, hdc=0x430107f2) returned 0x0
[0192.778] IsAppThemed () returned 0x1
[0192.779] GetThemeAppProperties () returned 0x3
[0192.779] GetThemeAppProperties () returned 0x3
[0192.779] IsAppThemed () returned 0x1
[0192.779] GetThemeAppProperties () returned 0x3
[0192.779] GetThemeAppProperties () returned 0x3
[0192.779] IsThemePartDefined () returned 0x1
[0192.779] GdipCreateRegion (region=0xd7e118) returned 0x0
[0192.779] GdipGetClip (graphics=0x6600030, region=0x6646208) returned 0x0
[0192.779] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0192.779] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0192.779] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e130) returned 0x0
[0192.779] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0192.779] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0192.779] LocalFree (hMem=0x11ee8d8) returned 0x0
[0192.779] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0192.779] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0192.779] LocalFree (hMem=0x11eecc8) returned 0x0
[0192.779] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0192.780] GdipIsInfiniteRegion (region=0x6646208, graphics=0x6600030, result=0xd7e158) returned 0x0
[0192.780] GdipIsInfiniteRegion (region=0x6646208, graphics=0x6600030, result=0xd7e148) returned 0x0
[0192.780] GdipGetRegionHRgn (region=0x6646208, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0192.780] GdipDeleteRegion (region=0x6646208) returned 0x0
[0192.780] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0192.780] GetCurrentObject (hdc=0x430107f2, type=0x1) returned 0xb00017
[0192.780] GetCurrentObject (hdc=0x430107f2, type=0x2) returned 0x900010
[0192.780] GetCurrentObject (hdc=0x430107f2, type=0x7) returned 0x4a0507fe
[0192.780] GetCurrentObject (hdc=0x430107f2, type=0x6) returned 0x8a01c2
[0192.780] SaveDC (hdc=0x430107f2) returned 1
[0192.780] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x91040807
[0192.780] GetClipRgn (hdc=0x430107f2, hrgn=0x91040807) returned 0
[0192.780] SelectClipRgn (hdc=0x430107f2, hrgn=0x1c0407de) returned 2
[0192.780] DeleteObject (ho=0x91040807) returned 1
[0192.780] DeleteObject (ho=0x1c0407de) returned 1
[0192.780] OffsetViewportOrgEx (in: hdc=0x430107f2, x=0, y=0, lppt=0x2e6c808 | out: lppt=0x2e6c808) returned 1
[0192.781] IsAppThemed () returned 0x1
[0192.781] GetThemeAppProperties () returned 0x3
[0192.781] GetThemeAppProperties () returned 0x3
[0192.781] DrawThemeBackground () returned 0x0
[0192.781] RestoreDC (hdc=0x430107f2, nSavedDC=-1) returned 1
[0192.781] GdipReleaseDC (graphics=0x6600030, hdc=0x430107f2) returned 0x0
[0192.781] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0192.781] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0192.781] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0192.781] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0192.781] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e134) returned 0x0
[0192.781] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0192.781] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eecc8) returned 0x0
[0192.781] LocalFree (hMem=0x11eecc8) returned 0x0
[0192.781] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0192.781] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0192.782] LocalFree (hMem=0x11ee8d8) returned 0x0
[0192.782] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0192.782] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0192.782] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0192.782] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0192.782] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0192.782] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0192.782] GetCurrentObject (hdc=0x430107f2, type=0x1) returned 0xb00017
[0192.782] GetCurrentObject (hdc=0x430107f2, type=0x2) returned 0x900010
[0192.782] GetCurrentObject (hdc=0x430107f2, type=0x7) returned 0x4a0507fe
[0192.782] GetCurrentObject (hdc=0x430107f2, type=0x6) returned 0x8a01c2
[0192.782] SaveDC (hdc=0x430107f2) returned 1
[0192.782] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1d0407de
[0192.782] GetClipRgn (hdc=0x430107f2, hrgn=0x1d0407de) returned 0
[0192.782] SelectClipRgn (hdc=0x430107f2, hrgn=0x92040807) returned 2
[0192.782] DeleteObject (ho=0x1d0407de) returned 1
[0192.783] DeleteObject (ho=0x92040807) returned 1
[0192.783] OffsetViewportOrgEx (in: hdc=0x430107f2, x=0, y=0, lppt=0x2e6cadc | out: lppt=0x2e6cadc) returned 1
[0192.783] IsAppThemed () returned 0x1
[0192.783] GetThemeAppProperties () returned 0x3
[0192.783] GetThemeAppProperties () returned 0x3
[0192.783] GetThemeBackgroundContentRect () returned 0x0
[0192.783] RestoreDC (hdc=0x430107f2, nSavedDC=-1) returned 1
[0192.783] GdipReleaseDC (graphics=0x6600030, hdc=0x430107f2) returned 0x0
[0192.783] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0192.783] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0192.783] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0192.783] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0192.783] IsAppThemed () returned 0x1
[0192.783] GetThemeAppProperties () returned 0x3
[0192.783] GetThemeAppProperties () returned 0x3
[0192.783] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0192.783] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0192.783] GetCurrentObject (hdc=0x430107f2, type=0x1) returned 0xb00017
[0192.784] GetCurrentObject (hdc=0x430107f2, type=0x2) returned 0x900010
[0192.784] GetCurrentObject (hdc=0x430107f2, type=0x7) returned 0x4a0507fe
[0192.784] GetCurrentObject (hdc=0x430107f2, type=0x6) returned 0x8a01c2
[0192.784] SaveDC (hdc=0x430107f2) returned 1
[0192.784] GetTextAlign (hdc=0x430107f2) returned 0x0
[0192.784] GetTextColor (hdc=0x430107f2) returned 0x0
[0192.784] GetCurrentObject (hdc=0x430107f2, type=0x6) returned 0x8a01c2
[0192.784] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0192.784] SelectObject (hdc=0x430107f2, h=0x6d0a0520) returned 0x8a01c2
[0192.784] GetBkMode (hdc=0x430107f2) returned 2
[0192.784] SetBkMode (hdc=0x430107f2, mode=1) returned 2
[0192.784] DrawTextExW (in: hdc=0x430107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e6cea0 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0192.785] DrawTextExW (in: hdc=0x430107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e6cea0 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0192.785] RestoreDC (hdc=0x430107f2, nSavedDC=-1) returned 1
[0192.785] GdipReleaseDC (graphics=0x6600030, hdc=0x430107f2) returned 0x0
[0192.785] GetFocus () returned 0x602c4
[0192.785] IsAppThemed () returned 0x1
[0192.785] GetThemeAppProperties () returned 0x3
[0192.787] GetThemeAppProperties () returned 0x3
[0192.787] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0192.787] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x430107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0192.787] GdipReleaseDC (graphics=0x6600030, hdc=0x430107f2) returned 0x0
[0192.787] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0192.787] SelectObject (hdc=0x430107f2, h=0x85000f) returned 0x4a0507fe
[0192.787] DeleteDC (hdc=0x430107f2) returned 1
[0192.787] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0192.787] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0192.788] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e6cf9c, cPoints=0x1 | out: lpPoints=0x2e6cf9c) returned 40304859
[0192.788] WindowFromPoint (Point=0xfa) returned 0x602c4
[0192.788] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400fa) returned 0x1
[0192.788] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0192.788] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0192.788] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0192.788] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0192.788] GetSystemMetrics (nIndex=42) returned 0
[0192.788] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0192.788] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0192.790] GetCapture () returned 0x602c4
[0192.790] ReleaseCapture () returned 1
[0192.791] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0192.791] GetProcessWindowStation () returned 0x13c
[0192.792] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.792] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0192.792] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.792] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0192.793] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.793] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0192.793] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.793] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0192.793] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.793] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0192.794] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.794] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0192.795] GetDC (hWnd=0x0) returned 0xf0105ee
[0192.795] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0192.795] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0192.795] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0192.795] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0192.795] GetSystemMetrics (nIndex=5) returned 1
[0192.795] GetSystemMetrics (nIndex=6) returned 1
[0192.796] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.796] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0192.796] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0192.796] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0192.800] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0192.800] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0192.800] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0192.800] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0192.800] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0192.800] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0192.802] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e729b8 | out: lpData=0x2e729b8) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e72dc8, puLen=0xd7e810) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72a70, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72ac4, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72b44, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72bac, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72bec, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72c74, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72cb0, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72d08, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72d38, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e72d74, puLen=0xd7e790) returned 1
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e72dc8, puLen=0xd7e784) returned 1
[0192.803] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0192.803] VerQueryValueW (in: pBlock=0x2e729b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e729e0, puLen=0xd7e794) returned 1
[0192.804] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0192.804] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0192.804] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0192.804] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0192.804] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0192.805] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0192.805] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e74928 | out: lpData=0x2e74928) returned 1
[0192.805] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e749c4, puLen=0xd7e810) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74a3c, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74a6c, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74aa8, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74ad8, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74b20, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74b98, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74bdc, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74c1c, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74a1a, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e74b68, puLen=0xd7e790) returned 1
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e749c4, puLen=0xd7e784) returned 1
[0192.806] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0192.806] VerQueryValueW (in: pBlock=0x2e74928, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e74950, puLen=0xd7e794) returned 1
[0192.807] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0192.807] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0192.807] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0192.808] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0192.808] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0192.808] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0192.809] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e76c00 | out: lpData=0x2e76c00) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e77014, puLen=0xd7e810) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76cb8, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76d0c, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76d68, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76dc8, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76e20, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76ea8, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76efc, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76f54, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76f84, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76fc0, puLen=0xd7e790) returned 1
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e77014, puLen=0xd7e784) returned 1
[0192.810] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0192.810] VerQueryValueW (in: pBlock=0x2e76c00, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e76c28, puLen=0xd7e794) returned 1
[0192.811] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0192.811] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0192.812] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0192.812] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0192.812] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0192.812] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0192.813] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e79238 | out: lpData=0x2e79238) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e79638, puLen=0xd7e810) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e792f0, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79344, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79384, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e793ec, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79444, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e794cc, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79520, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79578, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e795a8, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e795e4, puLen=0xd7e790) returned 1
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.814] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e79638, puLen=0xd7e784) returned 1
[0192.815] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0192.815] VerQueryValueW (in: pBlock=0x2e79238, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e79260, puLen=0xd7e794) returned 1
[0192.816] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0192.816] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0192.816] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0192.816] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0192.816] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0192.816] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0192.817] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e7b974 | out: lpData=0x2e7b974) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7bd3c, puLen=0xd7e810) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7ba2c, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7ba80, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bac0, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bb28, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bb64, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bbec, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bc24, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bc7c, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bcac, puLen=0xd7e790) returned 1
[0192.818] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.819] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7bce8, puLen=0xd7e790) returned 1
[0192.819] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.819] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7bd3c, puLen=0xd7e784) returned 1
[0192.819] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0192.819] VerQueryValueW (in: pBlock=0x2e7b974, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7b99c, puLen=0xd7e794) returned 1
[0192.820] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0192.820] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0192.820] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0192.820] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0192.820] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0192.820] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0192.821] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e7efdc | out: lpData=0x2e7efdc) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7f3bc, puLen=0xd7e810) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f094, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f0e8, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f128, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f188, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f1d4, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f25c, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f2a4, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f2fc, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f32c, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7f368, puLen=0xd7e790) returned 1
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.822] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7f3bc, puLen=0xd7e784) returned 1
[0192.823] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0192.823] VerQueryValueW (in: pBlock=0x2e7efdc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7f004, puLen=0xd7e794) returned 1
[0192.824] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0192.824] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0192.824] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0192.824] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0192.824] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0192.824] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0192.825] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e817fc | out: lpData=0x2e817fc) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e81c08, puLen=0xd7e810) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e818b4, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e81908, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8195c, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e819bc, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e81a14, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e81a9c, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e81af0, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e81b48, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e81b78, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e81bb4, puLen=0xd7e790) returned 1
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e81c08, puLen=0xd7e784) returned 1
[0192.828] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0192.828] VerQueryValueW (in: pBlock=0x2e817fc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e81824, puLen=0xd7e794) returned 1
[0193.092] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0193.092] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0193.092] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0193.092] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0193.092] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0193.092] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0193.094] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cb5340 | out: lpData=0x2cb5340) returned 1
[0193.094] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cb5718, puLen=0xd7e810) returned 1
[0193.094] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb53f8, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb544c, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb548c, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb54f4, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb5538, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb55c0, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb5600, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb5658, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb5688, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb56c4, puLen=0xd7e790) returned 1
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cb5718, puLen=0xd7e784) returned 1
[0193.095] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0193.095] VerQueryValueW (in: pBlock=0x2cb5340, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cb5368, puLen=0xd7e794) returned 1
[0193.096] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0193.096] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0193.096] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0193.096] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0193.096] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0193.096] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0193.097] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cb7898 | out: lpData=0x2cb7898) returned 1
[0193.098] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cb7c70, puLen=0xd7e810) returned 1
[0193.098] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7950, puLen=0xd7e790) returned 1
[0193.098] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb79a4, puLen=0xd7e790) returned 1
[0193.098] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb79e4, puLen=0xd7e790) returned 1
[0193.098] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7a4c, puLen=0xd7e790) returned 1
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7a90, puLen=0xd7e790) returned 1
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7b18, puLen=0xd7e790) returned 1
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7b58, puLen=0xd7e790) returned 1
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7bb0, puLen=0xd7e790) returned 1
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7be0, puLen=0xd7e790) returned 1
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb7c1c, puLen=0xd7e790) returned 1
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cb7c70, puLen=0xd7e784) returned 1
[0193.099] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0193.099] VerQueryValueW (in: pBlock=0x2cb7898, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cb78c0, puLen=0xd7e794) returned 1
[0193.100] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0193.100] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0193.100] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0193.100] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0193.100] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0193.100] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0193.101] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2cb9fd0 | out: lpData=0x2cb9fd0) returned 1
[0193.101] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cba400, puLen=0xd7e810) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba088, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba0dc, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba14c, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba1ac, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba208, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba290, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba2e8, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba340, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba370, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cba3ac, puLen=0xd7e790) returned 1
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cba400, puLen=0xd7e784) returned 1
[0193.102] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0193.102] VerQueryValueW (in: pBlock=0x2cb9fd0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cb9ff8, puLen=0xd7e794) returned 1
[0193.103] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0193.103] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.103] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0193.103] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.104] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.104] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x602d0
[0193.105] SetWindowLongW (hWnd=0x602d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0193.106] GetWindowLongW (hWnd=0x602d0, nIndex=-4) returned 1950089536
[0193.106] SetWindowLongW (hWnd=0x602d0, nIndex=-4, dwNewLong=19945502) returned 1950089536
[0193.106] GetWindowLongW (hWnd=0x602d0, nIndex=-4) returned 19945502
[0193.106] GetWindowLongW (hWnd=0x602d0, nIndex=-16) returned 113311744
[0193.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0193.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0193.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0193.108] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0193.108] GetClientRect (in: hWnd=0x602d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0193.108] GetWindowRect (in: hWnd=0x602d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0193.108] SetWindowTextW (hWnd=0x602d0, lpString="WindowsFormsParkingWindow") returned 1
[0193.108] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0xc, wParam=0x0, lParam=0x2cad8e0) returned 0x1
[0193.108] GetParent (hWnd=0x602d0) returned 0x0
[0193.109] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.109] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x602d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x702ce
[0193.109] SetWindowLongW (hWnd=0x702ce, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0193.109] GetWindowLongW (hWnd=0x702ce, nIndex=-4) returned 1868147648
[0193.110] SetWindowLongW (hWnd=0x702ce, nIndex=-4, dwNewLong=19945302) returned 1868147648
[0193.110] GetWindowLongW (hWnd=0x702ce, nIndex=-4) returned 19945302
[0193.110] GetWindowLongW (hWnd=0x702ce, nIndex=-16) returned 1174405133
[0193.110] GetWindowLongW (hWnd=0x702ce, nIndex=-12) returned 0
[0193.110] SetWindowLongW (hWnd=0x702ce, nIndex=-12, dwNewLong=459470) returned 0
[0193.110] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0193.110] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0193.111] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0193.111] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0193.111] GetWindowRect (in: hWnd=0x702ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0193.111] GetParent (hWnd=0x702ce) returned 0x602d0
[0193.111] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602d0, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0193.112] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0193.112] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0193.112] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0193.112] GetWindowRect (in: hWnd=0x702ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0193.112] GetParent (hWnd=0x702ce) returned 0x602d0
[0193.112] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602d0, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0193.112] SendMessageW (hWnd=0x702ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x702ce) returned 0x0
[0193.112] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x702ce) returned 0x0
[0193.112] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.112] GetParent (hWnd=0x702ce) returned 0x602d0
[0193.112] GdipCreateFromHWND (hwnd=0x702ce, graphics=0xd7e844) returned 0x0
[0193.113] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0193.113] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.113] GetForegroundWindow () returned 0x7005c
[0193.113] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.113] GetSystemMetrics (nIndex=42) returned 0
[0193.113] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0193.113] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.113] GetSystemMetrics (nIndex=42) returned 0
[0193.114] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0193.114] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.114] GetCursorPos (in: lpPoint=0x2cbe454 | out: lpPoint=0x2cbe454*(x=250, y=628)) returned 1
[0193.114] MonitorFromPoint (pt=0xfa, dwFlags=0x274) returned 0x10001
[0193.114] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0193.114] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x460107f2
[0193.114] GetDeviceCaps (hdc=0x460107f2, index=12) returned 32
[0193.115] GetDeviceCaps (hdc=0x460107f2, index=14) returned 1
[0193.115] DeleteDC (hdc=0x460107f2) returned 1
[0193.115] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0193.115] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0193.115] GetSystemMetrics (nIndex=59) returned 1460
[0193.115] GetSystemMetrics (nIndex=60) returned 920
[0193.115] GetSystemMetrics (nIndex=34) returned 136
[0193.115] GetSystemMetrics (nIndex=35) returned 39
[0193.115] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.115] GetCursorPos (in: lpPoint=0x2cbe6c0 | out: lpPoint=0x2cbe6c0*(x=250, y=628)) returned 1
[0193.115] MonitorFromPoint (pt=0xfa, dwFlags=0x274) returned 0x10001
[0193.115] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0193.115] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x470107f2
[0193.116] GetDeviceCaps (hdc=0x470107f2, index=12) returned 32
[0193.116] GetDeviceCaps (hdc=0x470107f2, index=14) returned 1
[0193.116] DeleteDC (hdc=0x470107f2) returned 1
[0193.116] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0193.116] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0193.116] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.116] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0193.116] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2cbe958 | out: piconinfo=0x2cbe958) returned 1
[0193.116] GetObjectW (in: h=0x500507f9, c=24, pv=0x2cbe974 | out: pv=0x2cbe974) returned 24
[0193.117] GdipCreateBitmapFromHBITMAP (hbm=0x500507f9, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0193.117] GdipGetImageWidth (image=0x6603ac0, width=0xd7e750) returned 0x0
[0193.117] GdipGetImageHeight (image=0x6603ac0, height=0xd7e748) returned 0x0
[0193.117] GdipGetImagePixelFormat (image=0x6603ac0, format=0xd7e740) returned 0x0
[0193.117] GdipBitmapLockBits (bitmap=0x6603ac0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2cbea2c) returned 0x0
[0193.117] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0193.117] GdipBitmapLockBits (bitmap=0x664edb8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2cbea64) returned 0x0
[0193.117] RtlMoveMemory (in: Destination=0x665df40, Source=0x665deb8, Length=0x80 | out: Destination=0x665df40)
[0193.117] RtlMoveMemory (in: Destination=0x665dfc0, Source=0x665de38, Length=0x80 | out: Destination=0x665dfc0)
[0193.118] RtlMoveMemory (in: Destination=0x665e040, Source=0x665ddb8, Length=0x80 | out: Destination=0x665e040)
[0193.118] RtlMoveMemory (in: Destination=0x665e0c0, Source=0x665dd38, Length=0x80 | out: Destination=0x665e0c0)
[0193.118] RtlMoveMemory (in: Destination=0x665e140, Source=0x665dcb8, Length=0x80 | out: Destination=0x665e140)
[0193.118] RtlMoveMemory (in: Destination=0x665e1c0, Source=0x665dc38, Length=0x80 | out: Destination=0x665e1c0)
[0193.118] RtlMoveMemory (in: Destination=0x665e240, Source=0x665dbb8, Length=0x80 | out: Destination=0x665e240)
[0193.118] RtlMoveMemory (in: Destination=0x665e2c0, Source=0x665db38, Length=0x80 | out: Destination=0x665e2c0)
[0193.118] RtlMoveMemory (in: Destination=0x665e340, Source=0x665dab8, Length=0x80 | out: Destination=0x665e340)
[0193.118] RtlMoveMemory (in: Destination=0x665e3c0, Source=0x665da38, Length=0x80 | out: Destination=0x665e3c0)
[0193.118] RtlMoveMemory (in: Destination=0x665e440, Source=0x665d9b8, Length=0x80 | out: Destination=0x665e440)
[0193.118] RtlMoveMemory (in: Destination=0x665e4c0, Source=0x665d938, Length=0x80 | out: Destination=0x665e4c0)
[0193.118] RtlMoveMemory (in: Destination=0x665e540, Source=0x665d8b8, Length=0x80 | out: Destination=0x665e540)
[0193.118] RtlMoveMemory (in: Destination=0x665e5c0, Source=0x665d838, Length=0x80 | out: Destination=0x665e5c0)
[0193.118] RtlMoveMemory (in: Destination=0x665e640, Source=0x665d7b8, Length=0x80 | out: Destination=0x665e640)
[0193.119] RtlMoveMemory (in: Destination=0x665e6c0, Source=0x665d738, Length=0x80 | out: Destination=0x665e6c0)
[0193.119] RtlMoveMemory (in: Destination=0x665e740, Source=0x665d6b8, Length=0x80 | out: Destination=0x665e740)
[0193.119] RtlMoveMemory (in: Destination=0x665e7c0, Source=0x665d638, Length=0x80 | out: Destination=0x665e7c0)
[0193.119] RtlMoveMemory (in: Destination=0x665e840, Source=0x665d5b8, Length=0x80 | out: Destination=0x665e840)
[0193.119] RtlMoveMemory (in: Destination=0x665e8c0, Source=0x665d538, Length=0x80 | out: Destination=0x665e8c0)
[0193.119] RtlMoveMemory (in: Destination=0x665e940, Source=0x665d4b8, Length=0x80 | out: Destination=0x665e940)
[0193.119] RtlMoveMemory (in: Destination=0x665e9c0, Source=0x665d438, Length=0x80 | out: Destination=0x665e9c0)
[0193.119] RtlMoveMemory (in: Destination=0x665ea40, Source=0x665d3b8, Length=0x80 | out: Destination=0x665ea40)
[0193.119] RtlMoveMemory (in: Destination=0x665eac0, Source=0x665d338, Length=0x80 | out: Destination=0x665eac0)
[0193.119] RtlMoveMemory (in: Destination=0x665eb40, Source=0x665d2b8, Length=0x80 | out: Destination=0x665eb40)
[0193.119] RtlMoveMemory (in: Destination=0x665ebc0, Source=0x665d238, Length=0x80 | out: Destination=0x665ebc0)
[0193.119] RtlMoveMemory (in: Destination=0x665ec40, Source=0x665d1b8, Length=0x80 | out: Destination=0x665ec40)
[0193.119] RtlMoveMemory (in: Destination=0x665ecc0, Source=0x665d138, Length=0x80 | out: Destination=0x665ecc0)
[0193.120] RtlMoveMemory (in: Destination=0x665ed40, Source=0x665d0b8, Length=0x80 | out: Destination=0x665ed40)
[0193.120] RtlMoveMemory (in: Destination=0x665edc0, Source=0x665d038, Length=0x80 | out: Destination=0x665edc0)
[0193.120] RtlMoveMemory (in: Destination=0x665ee40, Source=0x665cfb8, Length=0x80 | out: Destination=0x665ee40)
[0193.120] RtlMoveMemory (in: Destination=0x665eec0, Source=0x665cf38, Length=0x80 | out: Destination=0x665eec0)
[0193.120] GdipBitmapUnlockBits (bitmap=0x6603ac0, lockedBitmapData=0x2cbea2c) returned 0x0
[0193.120] GdipBitmapUnlockBits (bitmap=0x664edb8, lockedBitmapData=0x2cbea64) returned 0x0
[0193.120] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0193.120] DeleteObject (ho=0x500507f9) returned 1
[0193.120] DeleteObject (ho=0x480507f2) returned 1
[0193.120] GetCurrentThreadId () returned 0xf50
[0193.120] GetCurrentThreadId () returned 0xf50
[0193.120] SetWindowPos (hWnd=0x702ce, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0193.120] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0193.120] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0193.121] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0193.121] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0193.121] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0193.121] GetWindowRect (in: hWnd=0x702ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0193.121] GetParent (hWnd=0x702ce) returned 0x602d0
[0193.121] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602d0, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0193.121] InvalidateRect (hWnd=0x702ce, lpRect=0x0, bErase=1) returned 1
[0193.121] GetWindowTextLengthW (hWnd=0x702ce) returned 0
[0193.121] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0193.121] GetSystemMetrics (nIndex=42) returned 0
[0193.121] GetWindowTextW (in: hWnd=0x702ce, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0193.121] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0193.121] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0193.121] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0193.121] GetWindowRect (in: hWnd=0x702ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0193.121] GetParent (hWnd=0x702ce) returned 0x602d0
[0193.121] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x602d0, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0193.121] GetWindowTextLengthW (hWnd=0x702ce) returned 0
[0193.121] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0193.121] GetSystemMetrics (nIndex=42) returned 0
[0193.122] GetWindowTextW (in: hWnd=0x702ce, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0193.122] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0193.122] GetWindowTextLengthW (hWnd=0x702ce) returned 0
[0193.122] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0193.122] GetSystemMetrics (nIndex=42) returned 0
[0193.122] GetWindowTextW (in: hWnd=0x702ce, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0193.122] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0193.122] SetWindowTextW (hWnd=0x702ce, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0193.122] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xc, wParam=0x0, lParam=0x2cb1758) returned 0x1
[0193.122] InvalidateRect (hWnd=0x702ce, lpRect=0x0, bErase=1) returned 1
[0193.122] GetCurrentThreadId () returned 0xf50
[0193.122] GetWindowThreadProcessId (in: hWnd=0x702ce, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0193.123] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0193.124] GdipImageForceValidation (image=0x66504b0) returned 0x0
[0193.125] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0193.125] GdipGetImageHeight (image=0x66504b0, height=0xd7e824) returned 0x0
[0193.125] GdipGetImageWidth (image=0x66504b0, width=0xd7e824) returned 0x0
[0193.125] GdipGetImageWidth (image=0x66504b0, width=0xd7e810) returned 0x0
[0193.125] GdipGetImageHeight (image=0x66504b0, height=0xd7e810) returned 0x0
[0193.125] GdipGetImageWidth (image=0x66504b0, width=0xd7e800) returned 0x0
[0193.125] GdipGetImageHeight (image=0x66504b0, height=0xd7e800) returned 0x0
[0193.125] GdipBitmapGetPixel (bitmap=0x66504b0, x=0, y=15, color=0xd7e810) returned 0x0
[0193.125] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0193.125] GdipGetImageWidth (image=0x66504b0, width=0xd7e740) returned 0x0
[0193.125] GdipGetImageHeight (image=0x66504b0, height=0xd7e740) returned 0x0
[0193.125] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0193.125] GdipGetImagePixelFormat (image=0x6652238, format=0xd7e740) returned 0x0
[0193.125] GdipGetImageGraphicsContext (image=0x6652238, graphics=0xd7e74c) returned 0x0
[0193.126] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0193.126] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0193.126] GdipSetImageAttributesColorKeys (imageattr=0x6638d28, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0193.126] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66504b0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d28, callback=0x0, callbackData=0x0) returned 0x0
[0193.126] GdipDisposeImageAttributes (imageattr=0x6638d28) returned 0x0
[0193.126] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.126] GdipDisposeImage (image=0x66504b0) returned 0x0
[0193.126] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0193.127] GdipImageForceValidation (image=0x6651860) returned 0x0
[0193.128] GdipGetImageRawFormat (image=0x6651860, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0193.129] GdipGetImageHeight (image=0x6651860, height=0xd7e824) returned 0x0
[0193.129] GdipGetImageWidth (image=0x6651860, width=0xd7e824) returned 0x0
[0193.129] GdipGetImageWidth (image=0x6651860, width=0xd7e810) returned 0x0
[0193.129] GdipGetImageHeight (image=0x6651860, height=0xd7e810) returned 0x0
[0193.129] GdipGetImageWidth (image=0x6651860, width=0xd7e800) returned 0x0
[0193.129] GdipGetImageHeight (image=0x6651860, height=0xd7e800) returned 0x0
[0193.129] GdipBitmapGetPixel (bitmap=0x6651860, x=0, y=15, color=0xd7e810) returned 0x0
[0193.129] GdipGetImageRawFormat (image=0x6651860, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0193.129] GdipGetImageWidth (image=0x6651860, width=0xd7e740) returned 0x0
[0193.129] GdipGetImageHeight (image=0x6651860, height=0xd7e740) returned 0x0
[0193.129] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0193.130] GdipGetImagePixelFormat (image=0x66507f8, format=0xd7e740) returned 0x0
[0193.130] GdipGetImageGraphicsContext (image=0x66507f8, graphics=0xd7e74c) returned 0x0
[0193.130] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0193.130] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0193.130] GdipSetImageAttributesColorKeys (imageattr=0x6638c68, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0193.130] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6651860, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c68, callback=0x0, callbackData=0x0) returned 0x0
[0193.130] GdipDisposeImageAttributes (imageattr=0x6638c68) returned 0x0
[0193.130] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.130] GdipDisposeImage (image=0x6651860) returned 0x0
[0193.131] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.131] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0193.131] GetCurrentThreadId () returned 0xf50
[0193.131] GetCurrentThreadId () returned 0xf50
[0193.131] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.131] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0193.131] GetCurrentThreadId () returned 0xf50
[0193.131] GetCurrentThreadId () returned 0xf50
[0193.131] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.132] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0193.132] GetCurrentThreadId () returned 0xf50
[0193.132] GetCurrentThreadId () returned 0xf50
[0193.132] GetSystemMetrics (nIndex=5) returned 1
[0193.132] GetSystemMetrics (nIndex=6) returned 1
[0193.132] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.132] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0193.132] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.132] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0193.132] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.132] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0193.132] GetCurrentThreadId () returned 0xf50
[0193.132] GetCurrentThreadId () returned 0xf50
[0193.133] GetProcessWindowStation () returned 0x13c
[0193.133] GetCapture () returned 0x0
[0193.133] GetActiveWindow () returned 0x7005c
[0193.133] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0193.133] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.133] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0193.133] GetCursorPos (in: lpPoint=0x2cbfc30 | out: lpPoint=0x2cbfc30*(x=250, y=628)) returned 1
[0193.133] MonitorFromPoint (pt=0xf7, dwFlags=0x275) returned 0x10001
[0193.133] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0193.133] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x490107f2
[0193.133] GetDeviceCaps (hdc=0x490107f2, index=12) returned 32
[0193.133] GetDeviceCaps (hdc=0x490107f2, index=14) returned 1
[0193.134] DeleteDC (hdc=0x490107f2) returned 1
[0193.134] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0193.134] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.134] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102da
[0193.134] SetWindowLongW (hWnd=0x1102da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0193.135] GetWindowLongW (hWnd=0x1102da, nIndex=-4) returned 1950089536
[0193.135] SetWindowLongW (hWnd=0x1102da, nIndex=-4, dwNewLong=19944822) returned 1950089536
[0193.135] GetWindowLongW (hWnd=0x1102da, nIndex=-4) returned 19944822
[0193.135] GetWindowLongW (hWnd=0x1102da, nIndex=-16) returned 113770496
[0193.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0193.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0193.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0193.158] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0193.158] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0193.158] SetWindowTextW (hWnd=0x1102da, lpString="BB ransomware") returned 1
[0193.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xc, wParam=0x0, lParam=0x2cbe340) returned 0x1
[0193.159] GetStartupInfoW (in: lpStartupInfo=0x2cbff6c | out: lpStartupInfo=0x2cbff6c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0193.160] GetParent (hWnd=0x1102da) returned 0x0
[0193.160] SetWindowLongW (hWnd=0x1102da, nIndex=-8, dwNewLong=0) returned 0
[0193.161] SendMessageW (hWnd=0x1102da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0193.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0193.161] SendMessageW (hWnd=0x1102da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0193.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0193.161] GetSystemMenu (hWnd=0x1102da, bRevert=0) returned 0x140201
[0193.162] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0193.162] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0193.162] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0193.162] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0193.162] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0193.162] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0193.162] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0193.162] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0193.162] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0193.162] SetWindowPos (hWnd=0x1102da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0193.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0193.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1102da) returned 0x1
[0193.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0193.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0193.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.168] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1102da, lParam=0x0) returned 0x0
[0193.168] GetCapture () returned 0x0
[0193.169] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0193.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0193.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0193.172] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0193.172] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0193.173] GetParent (hWnd=0x1102da) returned 0x0
[0193.173] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.173] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0193.175] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0193.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0193.175] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0193.175] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0193.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.177] GetWindowLongW (hWnd=0x1102da, nIndex=-16) returned 113770496
[0193.177] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.177] GetSystemMetrics (nIndex=42) returned 0
[0193.177] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0193.177] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.178] GetSystemMetrics (nIndex=42) returned 0
[0193.178] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0193.178] GetCursorPos (in: lpPoint=0x2cc01a8 | out: lpPoint=0x2cc01a8*(x=250, y=628)) returned 1
[0193.178] MonitorFromPoint (pt=0xfa, dwFlags=0x274) returned 0x10001
[0193.178] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0193.178] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x420107ee
[0193.178] GetDeviceCaps (hdc=0x420107ee, index=12) returned 32
[0193.178] GetDeviceCaps (hdc=0x420107ee, index=14) returned 1
[0193.178] DeleteDC (hdc=0x420107ee) returned 1
[0193.178] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0193.178] GetWindowLongW (hWnd=0x1102da, nIndex=-16) returned 113770496
[0193.178] GetWindowLongW (hWnd=0x1102da, nIndex=-20) returned 327945
[0193.178] SetWindowLongW (hWnd=0x1102da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0193.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0193.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0193.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.180] SetWindowLongW (hWnd=0x1102da, nIndex=-20, dwNewLong=327681) returned 327945
[0193.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0193.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0193.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.183] SetWindowPos (hWnd=0x1102da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0193.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0193.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0193.184] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0193.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0193.184] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0193.184] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0193.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.189] RedrawWindow (hWnd=0x1102da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0193.189] GetSystemMenu (hWnd=0x1102da, bRevert=0) returned 0x140201
[0193.189] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0193.189] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0193.189] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0193.189] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0193.189] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0193.189] EnableMenuItem (hMenu=0x140201, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0193.189] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0193.189] GetWindowLongW (hWnd=0x1102da, nIndex=-8) returned 0
[0193.189] SetWindowLongW (hWnd=0x1102da, nIndex=-8, dwNewLong=458844) returned 0
[0193.190] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0193.190] GetProcessWindowStation () returned 0x13c
[0193.191] GetCurrentThreadId () returned 0xf50
[0193.191] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13056de, lParam=0x0) returned 1
[0193.191] IsWindowVisible (hWnd=0x1102da) returned 0
[0193.191] IsWindowVisible (hWnd=0x7005c) returned 1
[0193.191] IsWindowEnabled (hWnd=0x7005c) returned 1
[0193.191] IsWindowVisible (hWnd=0x300ec) returned 0
[0193.191] IsWindowVisible (hWnd=0x502c6) returned 0
[0193.191] IsWindowVisible (hWnd=0x502be) returned 0
[0193.191] GetActiveWindow () returned 0x1102da
[0193.191] GetFocus () returned 0x1102da
[0193.191] IsWindow (hWnd=0x7005c) returned 1
[0193.191] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0193.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0193.192] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0193.192] GetWindowLongW (hWnd=0x1102da, nIndex=-8) returned 458844
[0193.192] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0193.192] GetCurrentThreadId () returned 0xf50
[0193.192] GetWindowLongW (hWnd=0x1102da, nIndex=-8) returned 458844
[0193.192] IsWindowEnabled (hWnd=0x7005c) returned 0
[0193.192] IsWindowEnabled (hWnd=0x1102da) returned 1
[0193.192] ShowWindow (hWnd=0x1102da, nCmdShow=5) returned 0
[0193.192] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.192] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0193.193] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.193] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.193] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1102da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1400ea
[0193.193] SetWindowLongW (hWnd=0x1400ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0193.193] GetWindowLongW (hWnd=0x1400ea, nIndex=-4) returned 1950089536
[0193.194] SetWindowLongW (hWnd=0x1400ea, nIndex=-4, dwNewLong=19944862) returned 1950089536
[0193.194] GetWindowLongW (hWnd=0x1400ea, nIndex=-4) returned 19944862
[0193.194] GetWindowLongW (hWnd=0x1400ea, nIndex=-16) returned 1174405120
[0193.194] GetWindowLongW (hWnd=0x1400ea, nIndex=-12) returned 0
[0193.194] SetWindowLongW (hWnd=0x1400ea, nIndex=-12, dwNewLong=1310954) returned 0
[0193.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0193.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0193.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0193.195] GetWindow (hWnd=0x1400ea, uCmd=0x3) returned 0x0
[0193.195] GetClientRect (in: hWnd=0x1400ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0193.195] GetWindowRect (in: hWnd=0x1400ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0193.195] GetParent (hWnd=0x1400ea) returned 0x1102da
[0193.195] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0193.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0193.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0193.199] GetClientRect (in: hWnd=0x1400ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0193.199] GetWindowRect (in: hWnd=0x1400ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0193.199] GetParent (hWnd=0x1400ea) returned 0x1102da
[0193.199] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0193.199] SendMessageW (hWnd=0x1400ea, Msg=0x2210, wParam=0xea0001, lParam=0x1400ea) returned 0x0
[0193.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x2210, wParam=0xea0001, lParam=0x1400ea) returned 0x0
[0193.200] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.200] GetParent (hWnd=0x1400ea) returned 0x1102da
[0193.200] GetParent (hWnd=0x702ce) returned 0x602d0
[0193.200] SetParent (hWndChild=0x702ce, hWndNewParent=0x1102da) returned 0x602d0
[0193.200] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0193.201] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0193.201] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0193.201] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0193.201] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0193.201] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0193.201] GetWindowRect (in: hWnd=0x702ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0193.201] GetParent (hWnd=0x702ce) returned 0x1102da
[0193.201] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0193.201] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0193.201] GetWindowRect (in: hWnd=0x702ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0193.201] GetParent (hWnd=0x702ce) returned 0x1102da
[0193.201] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0193.201] GetParent (hWnd=0x702ce) returned 0x1102da
[0193.201] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.202] GetWindow (hWnd=0x702ce, uCmd=0x3) returned 0x0
[0193.202] SetWindowPos (hWnd=0x702ce, hWndInsertAfter=0x1400ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0193.202] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0193.202] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0193.202] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0193.202] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0193.202] GetWindowRect (in: hWnd=0x702ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0193.202] GetParent (hWnd=0x702ce) returned 0x1102da
[0193.202] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0193.202] GetParent (hWnd=0x702ce) returned 0x1102da
[0193.203] GetWindow (hWnd=0x702ce, uCmd=0x3) returned 0x1400ea
[0193.203] GetWindowThreadProcessId (in: hWnd=0x702ce, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0193.203] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0193.203] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.203] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.203] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1102da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102de
[0193.204] SetWindowLongW (hWnd=0x1102de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0193.204] GetWindowLongW (hWnd=0x1102de, nIndex=-4) returned 1868032000
[0193.204] SetWindowLongW (hWnd=0x1102de, nIndex=-4, dwNewLong=19944902) returned 1868032000
[0193.204] GetWindowLongW (hWnd=0x1102de, nIndex=-4) returned 19944902
[0193.204] GetWindowLongW (hWnd=0x1102de, nIndex=-16) returned 1174470667
[0193.204] GetWindowLongW (hWnd=0x1102de, nIndex=-12) returned 0
[0193.204] SetWindowLongW (hWnd=0x1102de, nIndex=-12, dwNewLong=1114846) returned 0
[0193.204] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0193.205] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0193.205] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0193.206] SendMessageW (hWnd=0x1102de, Msg=0x2055, wParam=0x1102de, lParam=0x3) returned 0x2
[0193.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0193.206] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0193.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0193.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0193.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0193.207] RedrawWindow (hWnd=0x1400ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0193.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0193.207] RedrawWindow (hWnd=0x702ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0193.207] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0193.207] RedrawWindow (hWnd=0x1102de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0193.207] RedrawWindow (hWnd=0x1102da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0193.207] GetWindow (hWnd=0x1102de, uCmd=0x3) returned 0x702ce
[0193.207] GetClientRect (in: hWnd=0x1102de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0193.207] GetWindowRect (in: hWnd=0x1102de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0193.207] GetParent (hWnd=0x1102de) returned 0x1102da
[0193.207] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0193.208] SetWindowTextW (hWnd=0x1102de, lpString="&Details") returned 1
[0193.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0193.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0193.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0193.208] GetClientRect (in: hWnd=0x1102de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0193.208] GetWindowRect (in: hWnd=0x1102de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0193.208] GetParent (hWnd=0x1102de) returned 0x1102da
[0193.208] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0193.208] SendMessageW (hWnd=0x1102de, Msg=0x2210, wParam=0x2de0001, lParam=0x1102de) returned 0x0
[0193.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x2210, wParam=0x2de0001, lParam=0x1102de) returned 0x0
[0193.209] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.209] GetParent (hWnd=0x1102de) returned 0x1102da
[0193.209] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0193.209] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.209] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.209] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1102da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102dc
[0193.210] SetWindowLongW (hWnd=0x1102dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0193.211] GetWindowLongW (hWnd=0x1102dc, nIndex=-4) returned 1868032000
[0193.211] SetWindowLongW (hWnd=0x1102dc, nIndex=-4, dwNewLong=19945222) returned 1868032000
[0193.211] GetWindowLongW (hWnd=0x1102dc, nIndex=-4) returned 19945222
[0193.211] GetWindowLongW (hWnd=0x1102dc, nIndex=-16) returned 1174470667
[0193.211] GetWindowLongW (hWnd=0x1102dc, nIndex=-12) returned 0
[0193.211] SetWindowLongW (hWnd=0x1102dc, nIndex=-12, dwNewLong=1114844) returned 0
[0193.212] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0193.212] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0193.212] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0193.213] SendMessageW (hWnd=0x1102dc, Msg=0x2055, wParam=0x1102dc, lParam=0x3) returned 0x2
[0193.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0193.213] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0193.213] GetWindow (hWnd=0x1102dc, uCmd=0x3) returned 0x1102de
[0193.213] GetClientRect (in: hWnd=0x1102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0193.213] GetWindowRect (in: hWnd=0x1102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0193.213] GetParent (hWnd=0x1102dc) returned 0x1102da
[0193.213] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0193.214] SetWindowTextW (hWnd=0x1102dc, lpString="&Continue") returned 1
[0193.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0193.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0193.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0193.214] GetClientRect (in: hWnd=0x1102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0193.214] GetWindowRect (in: hWnd=0x1102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0193.214] GetParent (hWnd=0x1102dc) returned 0x1102da
[0193.214] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0193.214] SendMessageW (hWnd=0x1102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1102dc) returned 0x0
[0193.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1102dc) returned 0x0
[0193.214] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.215] GetParent (hWnd=0x1102dc) returned 0x1102da
[0193.215] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0193.215] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.215] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.215] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1102da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x13013e
[0193.223] SetWindowLongW (hWnd=0x13013e, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0193.223] GetWindowLongW (hWnd=0x13013e, nIndex=-4) returned 1868032000
[0193.223] SetWindowLongW (hWnd=0x13013e, nIndex=-4, dwNewLong=19945342) returned 1868032000
[0193.223] GetWindowLongW (hWnd=0x13013e, nIndex=-4) returned 19945342
[0193.223] GetWindowLongW (hWnd=0x13013e, nIndex=-16) returned 1174470667
[0193.223] GetWindowLongW (hWnd=0x13013e, nIndex=-12) returned 0
[0193.223] SetWindowLongW (hWnd=0x13013e, nIndex=-12, dwNewLong=1245502) returned 0
[0193.223] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0193.224] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0193.224] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0193.225] SendMessageW (hWnd=0x13013e, Msg=0x2055, wParam=0x13013e, lParam=0x3) returned 0x2
[0193.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0193.225] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0193.225] GetWindow (hWnd=0x13013e, uCmd=0x3) returned 0x1102dc
[0193.225] GetClientRect (in: hWnd=0x13013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0193.225] GetWindowRect (in: hWnd=0x13013e, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0193.225] GetParent (hWnd=0x13013e) returned 0x1102da
[0193.225] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0193.225] SetWindowTextW (hWnd=0x13013e, lpString="&Quit") returned 1
[0193.225] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0193.226] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0193.226] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0193.226] GetClientRect (in: hWnd=0x13013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0193.226] GetWindowRect (in: hWnd=0x13013e, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0193.226] GetParent (hWnd=0x13013e) returned 0x1102da
[0193.226] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0193.226] SendMessageW (hWnd=0x13013e, Msg=0x2210, wParam=0x13e0001, lParam=0x13013e) returned 0x0
[0193.226] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x2210, wParam=0x13e0001, lParam=0x13013e) returned 0x0
[0193.226] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.227] GetParent (hWnd=0x13013e) returned 0x1102da
[0193.227] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0193.227] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.227] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0193.227] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1102da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1302d8
[0193.228] SetWindowLongW (hWnd=0x1302d8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0193.228] GetWindowLongW (hWnd=0x1302d8, nIndex=-4) returned 1868026976
[0193.228] SetWindowLongW (hWnd=0x1302d8, nIndex=-4, dwNewLong=19944502) returned 1868026976
[0193.228] GetWindowLongW (hWnd=0x1302d8, nIndex=-4) returned 19944502
[0193.228] GetWindowLongW (hWnd=0x1302d8, nIndex=-16) returned 1177553092
[0193.228] GetWindowLongW (hWnd=0x1302d8, nIndex=-12) returned 0
[0193.228] SetWindowLongW (hWnd=0x1302d8, nIndex=-12, dwNewLong=1245912) returned 0
[0193.228] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0193.229] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0193.230] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0193.246] GetWindow (hWnd=0x1302d8, uCmd=0x3) returned 0x13013e
[0193.246] GetClientRect (in: hWnd=0x1302d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0193.246] GetWindowRect (in: hWnd=0x1302d8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0193.246] GetParent (hWnd=0x1302d8) returned 0x1102da
[0193.246] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0193.246] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.246] GetSystemMetrics (nIndex=42) returned 0
[0193.246] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0193.246] SendMessageW (hWnd=0x1302d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0193.247] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0193.251] SetWindowTextW (hWnd=0x1302d8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0193.251] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0xc, wParam=0x0, lParam=0x2cbbd28) returned 0x1
[0193.253] GetSystemMetrics (nIndex=5) returned 1
[0193.253] GetSystemMetrics (nIndex=6) returned 1
[0193.253] SendMessageW (hWnd=0x1302d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0193.253] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0193.253] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0193.254] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0193.254] GetClientRect (in: hWnd=0x1302d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0193.254] GetWindowRect (in: hWnd=0x1302d8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0193.254] GetParent (hWnd=0x1302d8) returned 0x1102da
[0193.254] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0193.254] SendMessageW (hWnd=0x1302d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1302d8) returned 0x0
[0193.254] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1302d8) returned 0x0
[0193.254] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0193.255] GetParent (hWnd=0x1302d8) returned 0x1102da
[0193.255] GetWindowLongW (hWnd=0x1102da, nIndex=-8) returned 458844
[0193.255] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0193.255] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0193.255] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x490107ee
[0193.255] GetDeviceCaps (hdc=0x490107ee, index=12) returned 32
[0193.255] GetDeviceCaps (hdc=0x490107ee, index=14) returned 1
[0193.255] DeleteDC (hdc=0x490107ee) returned 1
[0193.255] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0193.255] GetWindowThreadProcessId (in: hWnd=0x1102da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0193.255] GetCurrentThreadId () returned 0xf50
[0193.255] PostMessageW (hWnd=0x1102da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0193.256] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.256] GetSystemMetrics (nIndex=42) returned 0
[0193.256] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0193.256] GdipImageGetFrameDimensionsCount (image=0x664edb8, count=0xd7e25c) returned 0x0
[0193.256] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7da8
[0193.256] GdipImageGetFrameDimensionsList (image=0x664edb8, dimensionIDs=0x11f7da8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0193.256] LocalFree (hMem=0x11f7da8) returned 0x0
[0193.256] GdipImageGetFrameDimensionsCount (image=0x6652238, count=0xd7e250) returned 0x0
[0193.256] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7e98
[0193.256] GdipImageGetFrameDimensionsList (image=0x6652238, dimensionIDs=0x11f7e98*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0193.256] LocalFree (hMem=0x11f7e98) returned 0x0
[0193.256] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0193.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0193.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0193.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0193.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.272] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0193.273] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0193.273] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.273] GetSystemMetrics (nIndex=42) returned 0
[0193.273] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0193.273] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0193.273] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0193.273] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0193.273] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0xffffffffa805067c
[0193.273] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0193.273] SaveDC (hdc=0xc0107c5) returned 1
[0193.273] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0193.273] CreateSolidBrush (color=0xf0f0f0) returned 0xcc1007e1
[0193.273] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0xcc1007e1) returned 1
[0193.273] DeleteObject (ho=0xcc1007e1) returned 1
[0193.273] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0193.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0193.274] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0193.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0193.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0193.274] GetStockObject (i=5) returned 0x900015
[0193.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0193.275] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0193.275] GetStockObject (i=5) returned 0x900015
[0193.275] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0193.275] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0193.275] GetStockObject (i=5) returned 0x900015
[0193.275] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0193.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0193.275] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0193.275] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0193.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0193.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0193.277] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0193.277] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0193.277] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.278] InvalidateRect (hWnd=0x1102de, lpRect=0x0, bErase=0) returned 1
[0193.278] GetFocus () returned 0x1102da
[0193.278] GetFocus () returned 0x1102da
[0193.278] SetFocus (hWnd=0x1102de) returned 0x1102da
[0193.279] GetFocus () returned 0x1102de
[0193.279] IsChild (hWndParent=0x1102da, hWnd=0x1102de) returned 1
[0193.279] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x8, wParam=0x1102de, lParam=0x0) returned 0x0
[0193.280] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0193.281] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0193.282] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x7, wParam=0x1102da, lParam=0x0) returned 0x0
[0193.282] GetStockObject (i=5) returned 0x900015
[0193.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0193.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0193.282] GetDlgItem (hDlg=0x1102da, nIDDlgItem=1114846) returned 0x1102de
[0193.283] SendMessageW (hWnd=0x1102de, Msg=0x202b, wParam=0x1102de, lParam=0xd7e0dc) returned 0x0
[0193.283] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x202b, wParam=0x1102de, lParam=0xd7e0dc) returned 0x0
[0193.283] InvalidateRect (hWnd=0x1102de, lpRect=0x0, bErase=0) returned 1
[0193.285] GetFocus () returned 0x1102de
[0193.285] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.285] IsWindowUnicode (hWnd=0x1102da) returned 1
[0193.285] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.285] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.285] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0193.285] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.285] IsWindowUnicode (hWnd=0x1102da) returned 1
[0193.285] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.285] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.285] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.285] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0193.286] IsWindowUnicode (hWnd=0x1102da) returned 1
[0193.286] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.286] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.286] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.286] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.286] IsWindowUnicode (hWnd=0x602c4) returned 1
[0193.286] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.286] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.286] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0193.286] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0193.286] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.287] IsWindowUnicode (hWnd=0x1102da) returned 1
[0193.287] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.287] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.287] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.287] BeginPaint (in: hWnd=0x1102da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0193.287] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.287] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.288] GetSystemMetrics (nIndex=42) returned 0
[0193.288] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0193.288] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.288] EndPaint (hWnd=0x1102da, lpPaint=0xd7e274) returned 1
[0193.288] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.288] IsWindowUnicode (hWnd=0x1400ea) returned 1
[0193.288] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.288] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.288] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.288] BeginPaint (in: hWnd=0x1400ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0193.288] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.288] CreateCompatibleDC (hdc=0x107b9) returned 0x6a0107e5
[0193.289] SelectObject (hdc=0x6a0107e5, h=0x4a0507fe) returned 0x85000f
[0193.289] GdipCreateFromHDC (hdc=0x6a0107e5, graphics=0xd7e2b0) returned 0x0
[0193.289] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.289] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0193.289] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0193.289] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0193.289] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e310) returned 0x0
[0193.289] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.289] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0193.289] LocalFree (hMem=0x11ee788) returned 0x0
[0193.289] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0193.289] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0193.289] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0193.289] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e304) returned 0x0
[0193.289] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0193.289] GetWindowTextLengthW (hWnd=0x1400ea) returned 0
[0193.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0193.289] GetSystemMetrics (nIndex=42) returned 0
[0193.290] GetWindowTextW (in: hWnd=0x1400ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0193.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0193.290] GetClientRect (in: hWnd=0x1400ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0193.290] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0193.290] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0193.290] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0193.290] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0193.290] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e164) returned 0x0
[0193.290] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.290] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0193.290] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.290] GdipCombineRegionRegion (region=0x6646688, region2=0x6646718, combineMode=0x1) returned 0x0
[0193.290] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.290] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0193.290] LocalFree (hMem=0x11ee788) returned 0x0
[0193.290] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0193.290] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0193.290] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0193.290] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0193.290] GdipDeleteRegion (region=0x6646688) returned 0x0
[0193.290] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0193.291] GetCurrentObject (hdc=0x6a0107e5, type=0x1) returned 0xb00017
[0193.291] GetCurrentObject (hdc=0x6a0107e5, type=0x2) returned 0x900010
[0193.291] GetCurrentObject (hdc=0x6a0107e5, type=0x7) returned 0x4a0507fe
[0193.291] GetCurrentObject (hdc=0x6a0107e5, type=0x6) returned 0x8a01c2
[0193.291] SaveDC (hdc=0x6a0107e5) returned 1
[0193.291] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x93040807
[0193.291] GetClipRgn (hdc=0x6a0107e5, hrgn=0x93040807) returned 0
[0193.291] SelectClipRgn (hdc=0x6a0107e5, hrgn=0x200407de) returned 2
[0193.291] DeleteObject (ho=0x93040807) returned 1
[0193.291] DeleteObject (ho=0x200407de) returned 1
[0193.291] OffsetViewportOrgEx (in: hdc=0x6a0107e5, x=0, y=0, lppt=0x2cc1914 | out: lppt=0x2cc1914) returned 1
[0193.291] GetNearestColor (hdc=0x6a0107e5, color=0xf0f0f0) returned 0xf0f0f0
[0193.291] CreateSolidBrush (color=0xf0f0f0) returned 0xcd1007e1
[0193.291] FillRect (hDC=0x6a0107e5, lprc=0xd7e198, hbr=0xcd1007e1) returned 1
[0193.291] DeleteObject (ho=0xcd1007e1) returned 1
[0193.291] RestoreDC (hdc=0x6a0107e5, nSavedDC=-1) returned 1
[0193.291] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107e5) returned 0x0
[0193.292] GdipRestoreGraphics (graphics=0x6600030, state=0xfb2e0dbd) returned 0x0
[0193.292] GdipDeleteRegion (region=0x6646718) returned 0x0
[0193.292] GetWindowTextLengthW (hWnd=0x1400ea) returned 0
[0193.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0193.292] GetSystemMetrics (nIndex=42) returned 0
[0193.292] GetWindowTextW (in: hWnd=0x1400ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0193.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0193.292] GdipGetImageWidth (image=0x664edb8, width=0xd7e1e0) returned 0x0
[0193.292] GdipGetImageHeight (image=0x664edb8, height=0xd7e1e0) returned 0x0
[0193.292] GdipGetImageWidth (image=0x664edb8, width=0xd7e1cc) returned 0x0
[0193.292] GdipGetImageHeight (image=0x664edb8, height=0xd7e1cc) returned 0x0
[0193.292] GdipDrawImageRectI (graphics=0x6600030, image=0x664edb8, x=16, y=16, width=32, height=32) returned 0x0
[0193.292] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0193.292] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0x6a0107e5, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.292] GdipReleaseDC (graphics=0x6600030, hdc=0x6a0107e5) returned 0x0
[0193.292] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.292] SelectObject (hdc=0x6a0107e5, h=0x85000f) returned 0x4a0507fe
[0193.292] DeleteDC (hdc=0x6a0107e5) returned 1
[0193.293] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.293] EndPaint (hWnd=0x1400ea, lpPaint=0xd7e294) returned 1
[0193.293] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.293] IsWindowUnicode (hWnd=0x702ce) returned 1
[0193.293] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.293] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.293] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.293] BeginPaint (in: hWnd=0x702ce, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0193.293] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.293] CreateCompatibleDC (hdc=0xf0105ee) returned 0x6c0107e5
[0193.293] GetObjectType (h=0xf0105ee) returned 0x3
[0193.293] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0x5c0507d2
[0193.294] GetDIBits (in: hdc=0xf0105ee, hbm=0x5c0507d2, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0193.294] GetDIBits (in: hdc=0xf0105ee, hbm=0x5c0507d2, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0193.298] DeleteObject (ho=0x5c0507d2) returned 1
[0193.298] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x8e0507d3
[0193.298] SelectObject (hdc=0x6c0107e5, h=0x8e0507d3) returned 0x85000f
[0193.298] GdipCreateFromHDC (hdc=0x6c0107e5, graphics=0xd7e234) returned 0x0
[0193.298] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.298] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0193.298] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0193.299] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0193.299] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2d4) returned 0x0
[0193.299] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.299] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0193.299] LocalFree (hMem=0x11eec58) returned 0x0
[0193.299] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0193.299] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0193.299] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0193.299] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0193.299] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0193.299] GetWindowTextLengthW (hWnd=0x702ce) returned 232
[0193.299] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0193.299] GetSystemMetrics (nIndex=42) returned 0
[0193.299] GetWindowTextW (in: hWnd=0x702ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0193.299] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0193.299] GetClientRect (in: hWnd=0x702ce, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0193.299] GdipCreateRegion (region=0xd7e110) returned 0x0
[0193.299] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0193.299] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0193.300] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0193.300] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e128) returned 0x0
[0193.300] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0193.300] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0193.300] LocalFree (hMem=0x11ee8d8) returned 0x0
[0193.300] GdipCombineRegionRegion (region=0x6646958, region2=0x66465f8, combineMode=0x1) returned 0x0
[0193.300] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.300] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0193.300] LocalFree (hMem=0x11eec58) returned 0x0
[0193.300] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0193.300] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e150) returned 0x0
[0193.300] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e140) returned 0x0
[0193.300] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0193.300] GdipDeleteRegion (region=0x6646958) returned 0x0
[0193.300] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0193.300] GetCurrentObject (hdc=0x6c0107e5, type=0x1) returned 0xb00017
[0193.300] GetCurrentObject (hdc=0x6c0107e5, type=0x2) returned 0x900010
[0193.300] GetCurrentObject (hdc=0x6c0107e5, type=0x7) returned 0xffffffff8e0507d3
[0193.300] GetCurrentObject (hdc=0x6c0107e5, type=0x6) returned 0x8a01c2
[0193.300] SaveDC (hdc=0x6c0107e5) returned 1
[0193.301] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x210407de
[0193.301] GetClipRgn (hdc=0x6c0107e5, hrgn=0x210407de) returned 0
[0193.301] SelectClipRgn (hdc=0x6c0107e5, hrgn=0x94040807) returned 2
[0193.301] DeleteObject (ho=0x210407de) returned 1
[0193.301] DeleteObject (ho=0x94040807) returned 1
[0193.301] OffsetViewportOrgEx (in: hdc=0x6c0107e5, x=0, y=0, lppt=0x2cc32dc | out: lppt=0x2cc32dc) returned 1
[0193.301] GetNearestColor (hdc=0x6c0107e5, color=0xf0f0f0) returned 0xf0f0f0
[0193.301] CreateSolidBrush (color=0xf0f0f0) returned 0xce1007e1
[0193.301] FillRect (hDC=0x6c0107e5, lprc=0xd7e15c, hbr=0xce1007e1) returned 1
[0193.302] DeleteObject (ho=0xce1007e1) returned 1
[0193.302] RestoreDC (hdc=0x6c0107e5, nSavedDC=-1) returned 1
[0193.302] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107e5) returned 0x0
[0193.302] GdipRestoreGraphics (graphics=0x6600030, state=0xfb2c0dbd) returned 0x0
[0193.302] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0193.303] GetWindowTextLengthW (hWnd=0x702ce) returned 232
[0193.303] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0193.303] GetSystemMetrics (nIndex=42) returned 0
[0193.303] GetWindowTextW (in: hWnd=0x702ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0193.303] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0193.303] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0193.303] GetCurrentObject (hdc=0x6c0107e5, type=0x1) returned 0xb00017
[0193.303] GetCurrentObject (hdc=0x6c0107e5, type=0x2) returned 0x900010
[0193.303] GetCurrentObject (hdc=0x6c0107e5, type=0x7) returned 0xffffffff8e0507d3
[0193.303] GetCurrentObject (hdc=0x6c0107e5, type=0x6) returned 0x8a01c2
[0193.303] SaveDC (hdc=0x6c0107e5) returned 1
[0193.303] GetNearestColor (hdc=0x6c0107e5, color=0x0) returned 0x0
[0193.303] RestoreDC (hdc=0x6c0107e5, nSavedDC=-1) returned 1
[0193.303] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107e5) returned 0x0
[0193.304] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0193.304] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0193.304] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2cc3ad8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0193.304] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0193.304] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0193.304] GetCurrentObject (hdc=0x6c0107e5, type=0x1) returned 0xb00017
[0193.304] GetCurrentObject (hdc=0x6c0107e5, type=0x2) returned 0x900010
[0193.304] GetCurrentObject (hdc=0x6c0107e5, type=0x7) returned 0xffffffff8e0507d3
[0193.304] GetCurrentObject (hdc=0x6c0107e5, type=0x6) returned 0x8a01c2
[0193.304] SaveDC (hdc=0x6c0107e5) returned 1
[0193.305] GetTextAlign (hdc=0x6c0107e5) returned 0x0
[0193.305] GetTextColor (hdc=0x6c0107e5) returned 0x0
[0193.305] GetCurrentObject (hdc=0x6c0107e5, type=0x6) returned 0x8a01c2
[0193.305] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0193.305] SelectObject (hdc=0x6c0107e5, h=0x6d0a0520) returned 0x8a01c2
[0193.305] GetBkMode (hdc=0x6c0107e5) returned 2
[0193.305] SetBkMode (hdc=0x6c0107e5, mode=1) returned 2
[0193.305] DrawTextExW (in: hdc=0x6c0107e5, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2cc3cfc | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0193.308] RestoreDC (hdc=0x6c0107e5, nSavedDC=-1) returned 1
[0193.308] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107e5) returned 0x0
[0193.308] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0193.308] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0x6c0107e5, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.308] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107e5) returned 0x0
[0193.308] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.308] SelectObject (hdc=0x6c0107e5, h=0x85000f) returned 0x8e0507d3
[0193.308] DeleteDC (hdc=0x6c0107e5) returned 1
[0193.308] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.308] DeleteObject (ho=0x8e0507d3) returned 1
[0193.309] EndPaint (hWnd=0x702ce, lpPaint=0xd7e258) returned 1
[0193.352] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0193.353] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.353] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0193.353] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.353] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.354] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0193.354] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.355] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.355] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.355] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.355] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.355] IsWindowUnicode (hWnd=0x1102dc) returned 1
[0193.355] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.355] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.355] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.356] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.356] IsWindowUnicode (hWnd=0x1102dc) returned 1
[0193.356] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.356] SetCursor (hCursor=0x10003) returned 0x10003
[0193.356] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.356] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.356] _TrackMouseEvent (in: lpEventTrack=0x2cc3d38 | out: lpEventTrack=0x2cc3d38) returned 1
[0193.356] SendMessageW (hWnd=0x1102dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0193.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0193.357] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.357] GetKeyState (nVirtKey=1) returned 0
[0193.357] GetKeyState (nVirtKey=2) returned 0
[0193.357] GetKeyState (nVirtKey=4) returned 0
[0193.357] GetKeyState (nVirtKey=5) returned 0
[0193.357] GetKeyState (nVirtKey=6) returned 0
[0193.357] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.357] IsWindowUnicode (hWnd=0x1102de) returned 1
[0193.357] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.357] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.357] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.357] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.358] IsWindowUnicode (hWnd=0x1102de) returned 1
[0193.358] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.358] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.358] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.358] BeginPaint (in: hWnd=0x1102de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0193.358] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.358] CreateCompatibleDC (hdc=0x60100ce) returned 0x420107e0
[0193.358] SelectObject (hdc=0x420107e0, h=0x4a0507fe) returned 0x85000f
[0193.359] GdipCreateFromHDC (hdc=0x420107e0, graphics=0xd7e268) returned 0x0
[0193.359] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.359] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0193.359] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0193.359] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0193.359] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2c8) returned 0x0
[0193.359] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.359] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0193.359] LocalFree (hMem=0x11ee788) returned 0x0
[0193.359] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0193.359] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0193.359] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0193.359] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0193.359] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0193.359] GdipRestoreGraphics (graphics=0x6600030, state=0xfb2a0dbd) returned 0x0
[0193.359] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0193.360] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0193.360] GetCurrentObject (hdc=0x420107e0, type=0x1) returned 0xb00017
[0193.360] GetCurrentObject (hdc=0x420107e0, type=0x2) returned 0x900010
[0193.360] GetCurrentObject (hdc=0x420107e0, type=0x7) returned 0x4a0507fe
[0193.360] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.360] SaveDC (hdc=0x420107e0) returned 1
[0193.360] GetNearestColor (hdc=0x420107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.360] GetNearestColor (hdc=0x420107e0, color=0xa0a0a0) returned 0xa0a0a0
[0193.360] GetNearestColor (hdc=0x420107e0, color=0x696969) returned 0x696969
[0193.360] GetNearestColor (hdc=0x420107e0, color=0xa0a0a0) returned 0xa0a0a0
[0193.360] GetNearestColor (hdc=0x420107e0, color=0x0) returned 0x0
[0193.360] GetNearestColor (hdc=0x420107e0, color=0xffffff) returned 0xffffff
[0193.360] GetNearestColor (hdc=0x420107e0, color=0xe5e5e5) returned 0xe5e5e5
[0193.360] GetNearestColor (hdc=0x420107e0, color=0xd7d7d7) returned 0xd7d7d7
[0193.360] GetNearestColor (hdc=0x420107e0, color=0x0) returned 0x0
[0193.360] RestoreDC (hdc=0x420107e0, nSavedDC=-1) returned 1
[0193.361] GdipReleaseDC (graphics=0x6600030, hdc=0x420107e0) returned 0x0
[0193.361] IsAppThemed () returned 0x1
[0193.361] GetThemeAppProperties () returned 0x3
[0193.361] GetThemeAppProperties () returned 0x3
[0193.361] GdipGetImageWidth (image=0x6652238, width=0xd7e168) returned 0x0
[0193.361] GdipGetImageHeight (image=0x6652238, height=0xd7e168) returned 0x0
[0193.361] IsAppThemed () returned 0x1
[0193.361] GetThemeAppProperties () returned 0x3
[0193.361] GetThemeAppProperties () returned 0x3
[0193.361] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2cc44a4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0193.361] IsAppThemed () returned 0x1
[0193.361] GetThemeAppProperties () returned 0x3
[0193.361] GetThemeAppProperties () returned 0x3
[0193.361] IsAppThemed () returned 0x1
[0193.361] GetThemeAppProperties () returned 0x3
[0193.361] GetThemeAppProperties () returned 0x3
[0193.362] GetFocus () returned 0x1102de
[0193.362] IsAppThemed () returned 0x1
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] IsAppThemed () returned 0x1
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] IsThemePartDefined () returned 0x1
[0193.362] IsAppThemed () returned 0x1
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0193.362] IsAppThemed () returned 0x1
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] IsAppThemed () returned 0x1
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] GetThemeAppProperties () returned 0x3
[0193.362] IsThemePartDefined () returned 0x1
[0193.362] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0193.362] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0193.362] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0193.362] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0193.362] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0193.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0193.363] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0193.363] LocalFree (hMem=0x11ee868) returned 0x0
[0193.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.363] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0193.363] LocalFree (hMem=0x11ee788) returned 0x0
[0193.363] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0193.363] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0193.363] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0193.363] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0193.363] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0193.363] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0193.363] GetCurrentObject (hdc=0x420107e0, type=0x1) returned 0xb00017
[0193.363] GetCurrentObject (hdc=0x420107e0, type=0x2) returned 0x900010
[0193.363] GetCurrentObject (hdc=0x420107e0, type=0x7) returned 0x4a0507fe
[0193.363] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.363] SaveDC (hdc=0x420107e0) returned 1
[0193.363] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x95040807
[0193.363] GetClipRgn (hdc=0x420107e0, hrgn=0x95040807) returned 0
[0193.364] SelectClipRgn (hdc=0x420107e0, hrgn=0x250407de) returned 2
[0193.364] DeleteObject (ho=0x95040807) returned 1
[0193.364] DeleteObject (ho=0x250407de) returned 1
[0193.364] OffsetViewportOrgEx (in: hdc=0x420107e0, x=0, y=0, lppt=0x2cc4b54 | out: lppt=0x2cc4b54) returned 1
[0193.364] DrawThemeParentBackground () returned 0x0
[0193.364] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0193.364] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0193.364] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.364] GetSystemMetrics (nIndex=42) returned 0
[0193.364] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0193.364] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0193.364] GetCurrentObject (hdc=0x420107e0, type=0x1) returned 0xb00017
[0193.364] GetCurrentObject (hdc=0x420107e0, type=0x2) returned 0x900010
[0193.364] GetCurrentObject (hdc=0x420107e0, type=0x7) returned 0x4a0507fe
[0193.364] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.365] SaveDC (hdc=0x420107e0) returned 2
[0193.365] GetNearestColor (hdc=0x420107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.365] CreateSolidBrush (color=0xf0f0f0) returned 0xcf1007e1
[0193.365] FillRect (hDC=0x420107e0, lprc=0xd7da38, hbr=0xcf1007e1) returned 1
[0193.365] DeleteObject (ho=0xcf1007e1) returned 1
[0193.365] RestoreDC (hdc=0x420107e0, nSavedDC=-1) returned 1
[0193.365] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.365] GetSystemMetrics (nIndex=42) returned 0
[0193.365] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0193.365] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0193.365] GetCurrentObject (hdc=0x420107e0, type=0x1) returned 0xb00017
[0193.365] GetCurrentObject (hdc=0x420107e0, type=0x2) returned 0x900010
[0193.365] GetCurrentObject (hdc=0x420107e0, type=0x7) returned 0x4a0507fe
[0193.365] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.365] SaveDC (hdc=0x420107e0) returned 2
[0193.365] GetNearestColor (hdc=0x420107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.365] CreateSolidBrush (color=0xf0f0f0) returned 0xd01007e1
[0193.366] FillRect (hDC=0x420107e0, lprc=0xd7d9d8, hbr=0xd01007e1) returned 1
[0193.366] DeleteObject (ho=0xd01007e1) returned 1
[0193.366] RestoreDC (hdc=0x420107e0, nSavedDC=-1) returned 1
[0193.366] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.366] GetSystemMetrics (nIndex=42) returned 0
[0193.366] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0193.366] RestoreDC (hdc=0x420107e0, nSavedDC=-1) returned 1
[0193.366] GdipReleaseDC (graphics=0x6600030, hdc=0x420107e0) returned 0x0
[0193.366] IsAppThemed () returned 0x1
[0193.366] GetThemeAppProperties () returned 0x3
[0193.366] GetThemeAppProperties () returned 0x3
[0193.366] IsAppThemed () returned 0x1
[0193.366] GetThemeAppProperties () returned 0x3
[0193.366] GetThemeAppProperties () returned 0x3
[0193.366] IsThemePartDefined () returned 0x1
[0193.366] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0193.366] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0193.366] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0193.367] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0193.367] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0193.367] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0193.367] LocalFree (hMem=0x11eec58) returned 0x0
[0193.367] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eead0) returned 0x0
[0193.367] LocalFree (hMem=0x11eead0) returned 0x0
[0193.367] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0193.367] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0193.367] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0193.367] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0193.367] GdipDeleteRegion (region=0x6646718) returned 0x0
[0193.367] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0193.367] GetCurrentObject (hdc=0x420107e0, type=0x1) returned 0xb00017
[0193.367] GetCurrentObject (hdc=0x420107e0, type=0x2) returned 0x900010
[0193.367] GetCurrentObject (hdc=0x420107e0, type=0x7) returned 0x4a0507fe
[0193.367] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.367] SaveDC (hdc=0x420107e0) returned 1
[0193.367] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x260407de
[0193.367] GetClipRgn (hdc=0x420107e0, hrgn=0x260407de) returned 0
[0193.367] SelectClipRgn (hdc=0x420107e0, hrgn=0x97040807) returned 2
[0193.368] DeleteObject (ho=0x260407de) returned 1
[0193.368] DeleteObject (ho=0x97040807) returned 1
[0193.368] OffsetViewportOrgEx (in: hdc=0x420107e0, x=0, y=0, lppt=0x2cc5400 | out: lppt=0x2cc5400) returned 1
[0193.368] IsAppThemed () returned 0x1
[0193.368] GetThemeAppProperties () returned 0x3
[0193.368] GetThemeAppProperties () returned 0x3
[0193.368] DrawThemeBackground () returned 0x0
[0193.368] RestoreDC (hdc=0x420107e0, nSavedDC=-1) returned 1
[0193.368] GdipReleaseDC (graphics=0x6600030, hdc=0x420107e0) returned 0x0
[0193.368] GdipCreateRegion (region=0xd7df60) returned 0x0
[0193.368] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0193.368] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0193.368] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0193.368] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df78) returned 0x0
[0193.368] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.368] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0193.368] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.368] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.368] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0193.368] LocalFree (hMem=0x11ee788) returned 0x0
[0193.369] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0193.369] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0193.369] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0193.369] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0193.369] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0193.369] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0193.369] GetCurrentObject (hdc=0x420107e0, type=0x1) returned 0xb00017
[0193.369] GetCurrentObject (hdc=0x420107e0, type=0x2) returned 0x900010
[0193.369] GetCurrentObject (hdc=0x420107e0, type=0x7) returned 0x4a0507fe
[0193.369] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.369] SaveDC (hdc=0x420107e0) returned 1
[0193.369] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x98040807
[0193.369] GetClipRgn (hdc=0x420107e0, hrgn=0x98040807) returned 0
[0193.369] SelectClipRgn (hdc=0x420107e0, hrgn=0x270407de) returned 2
[0193.369] DeleteObject (ho=0x98040807) returned 1
[0193.369] DeleteObject (ho=0x270407de) returned 1
[0193.369] OffsetViewportOrgEx (in: hdc=0x420107e0, x=0, y=0, lppt=0x2cc56d4 | out: lppt=0x2cc56d4) returned 1
[0193.369] IsAppThemed () returned 0x1
[0193.369] GetThemeAppProperties () returned 0x3
[0193.369] GetThemeAppProperties () returned 0x3
[0193.370] GetThemeBackgroundContentRect () returned 0x0
[0193.370] RestoreDC (hdc=0x420107e0, nSavedDC=-1) returned 1
[0193.370] GdipReleaseDC (graphics=0x6600030, hdc=0x420107e0) returned 0x0
[0193.370] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0193.370] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0193.370] GdipCloneRegion (region=0x6646f88, cloneRegion=0xd7e150) returned 0x0
[0193.370] GdipCombineRegionRectI (region=0x6646448, rect=0xd7e138, combineMode=0x1) returned 0x0
[0193.370] GdipCombineRegionRectI (region=0x6646448, rect=0xd7e138, combineMode=0x1) returned 0x0
[0193.370] GdipSetClipRegion (graphics=0x6600030, region=0x6646448, combineMode=0x0) returned 0x0
[0193.370] GdipGetImageWidth (image=0x6652238, width=0xd7e154) returned 0x0
[0193.370] GdipGetImageHeight (image=0x6652238, height=0xd7e148) returned 0x0
[0193.370] GdipDrawImageRectI (graphics=0x6600030, image=0x6652238, x=4, y=4, width=16, height=16) returned 0x0
[0193.370] GdipSetClipRegion (graphics=0x6600030, region=0x6646f88, combineMode=0x0) returned 0x0
[0193.370] IsAppThemed () returned 0x1
[0193.370] GetThemeAppProperties () returned 0x3
[0193.370] GetThemeAppProperties () returned 0x3
[0193.370] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0193.370] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0193.370] GetCurrentObject (hdc=0x420107e0, type=0x1) returned 0xb00017
[0193.370] GetCurrentObject (hdc=0x420107e0, type=0x2) returned 0x900010
[0193.370] GetCurrentObject (hdc=0x420107e0, type=0x7) returned 0x4a0507fe
[0193.371] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.371] SaveDC (hdc=0x420107e0) returned 1
[0193.371] GetTextAlign (hdc=0x420107e0) returned 0x0
[0193.371] GetTextColor (hdc=0x420107e0) returned 0x0
[0193.371] GetCurrentObject (hdc=0x420107e0, type=0x6) returned 0x8a01c2
[0193.371] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0193.371] SelectObject (hdc=0x420107e0, h=0x6d0a0520) returned 0x8a01c2
[0193.371] GetBkMode (hdc=0x420107e0) returned 2
[0193.371] SetBkMode (hdc=0x420107e0, mode=1) returned 2
[0193.371] DrawTextExW (in: hdc=0x420107e0, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2cc5a94 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0193.371] DrawTextExW (in: hdc=0x420107e0, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cc5a94 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0193.372] RestoreDC (hdc=0x420107e0, nSavedDC=-1) returned 1
[0193.375] GdipReleaseDC (graphics=0x6600030, hdc=0x420107e0) returned 0x0
[0193.375] GetFocus () returned 0x1102de
[0193.375] IsAppThemed () returned 0x1
[0193.375] GetThemeAppProperties () returned 0x3
[0193.375] GetThemeAppProperties () returned 0x3
[0193.376] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0193.376] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x420107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.376] GdipReleaseDC (graphics=0x6600030, hdc=0x420107e0) returned 0x0
[0193.376] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.376] SelectObject (hdc=0x420107e0, h=0x85000f) returned 0x4a0507fe
[0193.376] DeleteDC (hdc=0x420107e0) returned 1
[0193.376] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.376] EndPaint (hWnd=0x1102de, lpPaint=0xd7e24c) returned 1
[0193.376] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.376] IsWindowUnicode (hWnd=0x1102dc) returned 1
[0193.376] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.376] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.376] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.377] BeginPaint (in: hWnd=0x1102dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0193.377] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.377] CreateCompatibleDC (hdc=0x107b9) returned 0x440107e0
[0193.377] SelectObject (hdc=0x440107e0, h=0x4a0507fe) returned 0x85000f
[0193.377] GdipCreateFromHDC (hdc=0x440107e0, graphics=0xd7e268) returned 0x0
[0193.377] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.377] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0193.377] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0193.377] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0193.377] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0193.377] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0193.377] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0193.377] LocalFree (hMem=0x11ee868) returned 0x0
[0193.377] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0193.377] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0193.378] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0193.378] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0193.378] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0193.378] GdipRestoreGraphics (graphics=0x6600030, state=0xfb280dbd) returned 0x0
[0193.378] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0193.378] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0193.378] GetCurrentObject (hdc=0x440107e0, type=0x1) returned 0xb00017
[0193.378] GetCurrentObject (hdc=0x440107e0, type=0x2) returned 0x900010
[0193.378] GetCurrentObject (hdc=0x440107e0, type=0x7) returned 0x4a0507fe
[0193.378] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.378] SaveDC (hdc=0x440107e0) returned 1
[0193.378] GetNearestColor (hdc=0x440107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.378] GetNearestColor (hdc=0x440107e0, color=0xa0a0a0) returned 0xa0a0a0
[0193.378] GetNearestColor (hdc=0x440107e0, color=0x696969) returned 0x696969
[0193.378] GetNearestColor (hdc=0x440107e0, color=0xa0a0a0) returned 0xa0a0a0
[0193.378] GetNearestColor (hdc=0x440107e0, color=0x0) returned 0x0
[0193.378] GetNearestColor (hdc=0x440107e0, color=0xffffff) returned 0xffffff
[0193.378] GetNearestColor (hdc=0x440107e0, color=0xe5e5e5) returned 0xe5e5e5
[0193.379] GetNearestColor (hdc=0x440107e0, color=0xd7d7d7) returned 0xd7d7d7
[0193.379] GetNearestColor (hdc=0x440107e0, color=0x0) returned 0x0
[0193.379] RestoreDC (hdc=0x440107e0, nSavedDC=-1) returned 1
[0193.379] GdipReleaseDC (graphics=0x6600030, hdc=0x440107e0) returned 0x0
[0193.379] IsAppThemed () returned 0x1
[0193.379] GetThemeAppProperties () returned 0x3
[0193.379] GetThemeAppProperties () returned 0x3
[0193.379] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0193.379] SendMessageW (hWnd=0x1102da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0193.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0193.379] IsAppThemed () returned 0x1
[0193.379] GetThemeAppProperties () returned 0x3
[0193.379] GetThemeAppProperties () returned 0x3
[0193.379] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2cc62a4 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0193.380] IsAppThemed () returned 0x1
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] IsAppThemed () returned 0x1
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] IsAppThemed () returned 0x1
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] IsAppThemed () returned 0x1
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] IsThemePartDefined () returned 0x1
[0193.380] IsAppThemed () returned 0x1
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0193.380] IsAppThemed () returned 0x1
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] GetThemeAppProperties () returned 0x3
[0193.380] IsAppThemed () returned 0x1
[0193.381] GetThemeAppProperties () returned 0x3
[0193.381] GetThemeAppProperties () returned 0x3
[0193.381] IsThemePartDefined () returned 0x1
[0193.381] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0193.381] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0193.381] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0193.381] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0193.381] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfe4) returned 0x0
[0193.381] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0193.381] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eed00) returned 0x0
[0193.381] LocalFree (hMem=0x11eed00) returned 0x0
[0193.381] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.381] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0193.381] LocalFree (hMem=0x11ee788) returned 0x0
[0193.381] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0193.381] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0193.381] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0193.381] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0193.381] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0193.381] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0193.381] GetCurrentObject (hdc=0x440107e0, type=0x1) returned 0xb00017
[0193.381] GetCurrentObject (hdc=0x440107e0, type=0x2) returned 0x900010
[0193.381] GetCurrentObject (hdc=0x440107e0, type=0x7) returned 0x4a0507fe
[0193.382] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.382] SaveDC (hdc=0x440107e0) returned 1
[0193.382] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x280407de
[0193.382] GetClipRgn (hdc=0x440107e0, hrgn=0x280407de) returned 0
[0193.382] SelectClipRgn (hdc=0x440107e0, hrgn=0x9c040807) returned 2
[0193.382] DeleteObject (ho=0x280407de) returned 1
[0193.382] DeleteObject (ho=0x9c040807) returned 1
[0193.382] OffsetViewportOrgEx (in: hdc=0x440107e0, x=0, y=0, lppt=0x2cc6954 | out: lppt=0x2cc6954) returned 1
[0193.382] DrawThemeParentBackground () returned 0x0
[0193.382] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0193.382] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0193.382] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.382] GetSystemMetrics (nIndex=42) returned 0
[0193.382] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0193.382] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0193.383] GetCurrentObject (hdc=0x440107e0, type=0x1) returned 0xb00017
[0193.383] GetCurrentObject (hdc=0x440107e0, type=0x2) returned 0x900010
[0193.383] GetCurrentObject (hdc=0x440107e0, type=0x7) returned 0x4a0507fe
[0193.383] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.383] SaveDC (hdc=0x440107e0) returned 2
[0193.383] GetNearestColor (hdc=0x440107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.383] CreateSolidBrush (color=0xf0f0f0) returned 0xd11007e1
[0193.383] FillRect (hDC=0x440107e0, lprc=0xd7da30, hbr=0xd11007e1) returned 1
[0193.383] DeleteObject (ho=0xd11007e1) returned 1
[0193.383] RestoreDC (hdc=0x440107e0, nSavedDC=-1) returned 1
[0193.383] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.383] GetSystemMetrics (nIndex=42) returned 0
[0193.383] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0193.383] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0193.383] GetCurrentObject (hdc=0x440107e0, type=0x1) returned 0xb00017
[0193.383] GetCurrentObject (hdc=0x440107e0, type=0x2) returned 0x900010
[0193.384] GetCurrentObject (hdc=0x440107e0, type=0x7) returned 0x4a0507fe
[0193.384] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.384] SaveDC (hdc=0x440107e0) returned 2
[0193.384] GetNearestColor (hdc=0x440107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.384] CreateSolidBrush (color=0xf0f0f0) returned 0xd21007e1
[0193.384] FillRect (hDC=0x440107e0, lprc=0xd7d9d0, hbr=0xd21007e1) returned 1
[0193.384] DeleteObject (ho=0xd21007e1) returned 1
[0193.384] RestoreDC (hdc=0x440107e0, nSavedDC=-1) returned 1
[0193.384] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.384] GetSystemMetrics (nIndex=42) returned 0
[0193.384] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0193.384] RestoreDC (hdc=0x440107e0, nSavedDC=-1) returned 1
[0193.384] GdipReleaseDC (graphics=0x6600030, hdc=0x440107e0) returned 0x0
[0193.384] IsAppThemed () returned 0x1
[0193.385] GetThemeAppProperties () returned 0x3
[0193.385] GetThemeAppProperties () returned 0x3
[0193.385] IsAppThemed () returned 0x1
[0193.385] GetThemeAppProperties () returned 0x3
[0193.385] GetThemeAppProperties () returned 0x3
[0193.385] IsThemePartDefined () returned 0x1
[0193.385] GdipCreateRegion (region=0xd7df50) returned 0x0
[0193.385] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0193.385] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0193.385] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0193.385] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df68) returned 0x0
[0193.385] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.385] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0193.385] LocalFree (hMem=0x11ee788) returned 0x0
[0193.385] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.385] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0193.385] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.385] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0193.385] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df90) returned 0x0
[0193.385] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df80) returned 0x0
[0193.385] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0193.385] GdipDeleteRegion (region=0x6646688) returned 0x0
[0193.386] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0193.386] GetCurrentObject (hdc=0x440107e0, type=0x1) returned 0xb00017
[0193.386] GetCurrentObject (hdc=0x440107e0, type=0x2) returned 0x900010
[0193.386] GetCurrentObject (hdc=0x440107e0, type=0x7) returned 0x4a0507fe
[0193.386] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.386] SaveDC (hdc=0x440107e0) returned 1
[0193.386] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9d040807
[0193.386] GetClipRgn (hdc=0x440107e0, hrgn=0x9d040807) returned 0
[0193.386] SelectClipRgn (hdc=0x440107e0, hrgn=0x2a0407de) returned 2
[0193.386] DeleteObject (ho=0x9d040807) returned 1
[0193.386] DeleteObject (ho=0x2a0407de) returned 1
[0193.386] OffsetViewportOrgEx (in: hdc=0x440107e0, x=0, y=0, lppt=0x2cc7200 | out: lppt=0x2cc7200) returned 1
[0193.386] IsAppThemed () returned 0x1
[0193.386] GetThemeAppProperties () returned 0x3
[0193.386] GetThemeAppProperties () returned 0x3
[0193.386] DrawThemeBackground () returned 0x0
[0193.386] RestoreDC (hdc=0x440107e0, nSavedDC=-1) returned 1
[0193.387] GdipReleaseDC (graphics=0x6600030, hdc=0x440107e0) returned 0x0
[0193.387] GdipCreateRegion (region=0xd7df54) returned 0x0
[0193.387] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0193.387] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0193.387] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0193.387] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df6c) returned 0x0
[0193.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.387] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0193.387] LocalFree (hMem=0x11eec58) returned 0x0
[0193.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.387] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0193.387] LocalFree (hMem=0x11eec58) returned 0x0
[0193.387] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0193.387] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0193.387] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0193.387] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0193.387] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0193.388] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0193.388] GetCurrentObject (hdc=0x440107e0, type=0x1) returned 0xb00017
[0193.388] GetCurrentObject (hdc=0x440107e0, type=0x2) returned 0x900010
[0193.388] GetCurrentObject (hdc=0x440107e0, type=0x7) returned 0x4a0507fe
[0193.388] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.388] SaveDC (hdc=0x440107e0) returned 1
[0193.388] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b0407de
[0193.388] GetClipRgn (hdc=0x440107e0, hrgn=0x2b0407de) returned 0
[0193.388] SelectClipRgn (hdc=0x440107e0, hrgn=0x9e040807) returned 2
[0193.388] DeleteObject (ho=0x2b0407de) returned 1
[0193.388] DeleteObject (ho=0x9e040807) returned 1
[0193.388] OffsetViewportOrgEx (in: hdc=0x440107e0, x=0, y=0, lppt=0x2cc74d4 | out: lppt=0x2cc74d4) returned 1
[0193.388] IsAppThemed () returned 0x1
[0193.388] GetThemeAppProperties () returned 0x3
[0193.388] GetThemeAppProperties () returned 0x3
[0193.388] GetThemeBackgroundContentRect () returned 0x0
[0193.388] RestoreDC (hdc=0x440107e0, nSavedDC=-1) returned 1
[0193.389] GdipReleaseDC (graphics=0x6600030, hdc=0x440107e0) returned 0x0
[0193.389] IsAppThemed () returned 0x1
[0193.389] GetThemeAppProperties () returned 0x3
[0193.389] GetThemeAppProperties () returned 0x3
[0193.389] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0193.389] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0193.389] GetCurrentObject (hdc=0x440107e0, type=0x1) returned 0xb00017
[0193.389] GetCurrentObject (hdc=0x440107e0, type=0x2) returned 0x900010
[0193.389] GetCurrentObject (hdc=0x440107e0, type=0x7) returned 0x4a0507fe
[0193.389] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.389] SaveDC (hdc=0x440107e0) returned 1
[0193.389] GetTextAlign (hdc=0x440107e0) returned 0x0
[0193.389] GetTextColor (hdc=0x440107e0) returned 0x0
[0193.389] GetCurrentObject (hdc=0x440107e0, type=0x6) returned 0x8a01c2
[0193.389] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0193.389] SelectObject (hdc=0x440107e0, h=0x6d0a0520) returned 0x8a01c2
[0193.389] GetBkMode (hdc=0x440107e0) returned 2
[0193.390] SetBkMode (hdc=0x440107e0, mode=1) returned 2
[0193.390] DrawTextExW (in: hdc=0x440107e0, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2cc7874 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0193.390] DrawTextExW (in: hdc=0x440107e0, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2cc7874 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0193.390] RestoreDC (hdc=0x440107e0, nSavedDC=-1) returned 1
[0193.390] GdipReleaseDC (graphics=0x6600030, hdc=0x440107e0) returned 0x0
[0193.390] GetFocus () returned 0x1102de
[0193.390] IsAppThemed () returned 0x1
[0193.390] GetThemeAppProperties () returned 0x3
[0193.390] GetThemeAppProperties () returned 0x3
[0193.390] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0193.390] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x440107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.391] GdipReleaseDC (graphics=0x6600030, hdc=0x440107e0) returned 0x0
[0193.391] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.391] SelectObject (hdc=0x440107e0, h=0x85000f) returned 0x4a0507fe
[0193.391] DeleteDC (hdc=0x440107e0) returned 1
[0193.391] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.391] EndPaint (hWnd=0x1102dc, lpPaint=0xd7e24c) returned 1
[0193.391] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.391] IsWindowUnicode (hWnd=0x13013e) returned 1
[0193.391] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.391] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.391] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.391] BeginPaint (in: hWnd=0x13013e, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0193.392] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.392] CreateCompatibleDC (hdc=0xf0105ee) returned 0x460107e0
[0193.392] SelectObject (hdc=0x460107e0, h=0x4a0507fe) returned 0x85000f
[0193.392] GdipCreateFromHDC (hdc=0x460107e0, graphics=0xd7e268) returned 0x0
[0193.392] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.392] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0193.392] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0193.392] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0193.392] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0193.392] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.392] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0193.392] LocalFree (hMem=0x11eec58) returned 0x0
[0193.392] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0193.393] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0193.393] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0193.393] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0193.393] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0193.393] GdipRestoreGraphics (graphics=0x6600030, state=0xfb260dbd) returned 0x0
[0193.393] GdipDeleteRegion (region=0x6646298) returned 0x0
[0193.393] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0193.393] GetCurrentObject (hdc=0x460107e0, type=0x1) returned 0xb00017
[0193.393] GetCurrentObject (hdc=0x460107e0, type=0x2) returned 0x900010
[0193.393] GetCurrentObject (hdc=0x460107e0, type=0x7) returned 0x4a0507fe
[0193.393] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.393] SaveDC (hdc=0x460107e0) returned 1
[0193.393] GetNearestColor (hdc=0x460107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.393] GetNearestColor (hdc=0x460107e0, color=0xa0a0a0) returned 0xa0a0a0
[0193.393] GetNearestColor (hdc=0x460107e0, color=0x696969) returned 0x696969
[0193.393] GetNearestColor (hdc=0x460107e0, color=0xa0a0a0) returned 0xa0a0a0
[0193.393] GetNearestColor (hdc=0x460107e0, color=0x0) returned 0x0
[0193.394] GetNearestColor (hdc=0x460107e0, color=0xffffff) returned 0xffffff
[0193.394] GetNearestColor (hdc=0x460107e0, color=0xe5e5e5) returned 0xe5e5e5
[0193.394] GetNearestColor (hdc=0x460107e0, color=0xd7d7d7) returned 0xd7d7d7
[0193.394] GetNearestColor (hdc=0x460107e0, color=0x0) returned 0x0
[0193.394] RestoreDC (hdc=0x460107e0, nSavedDC=-1) returned 1
[0193.394] GdipReleaseDC (graphics=0x6600030, hdc=0x460107e0) returned 0x0
[0193.394] IsAppThemed () returned 0x1
[0193.394] GetThemeAppProperties () returned 0x3
[0193.394] GetThemeAppProperties () returned 0x3
[0193.394] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0193.394] SendMessageW (hWnd=0x1102da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0193.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0193.394] IsAppThemed () returned 0x1
[0193.394] GetThemeAppProperties () returned 0x3
[0193.394] GetThemeAppProperties () returned 0x3
[0193.394] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2cc8084 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0193.395] IsAppThemed () returned 0x1
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] IsAppThemed () returned 0x1
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] GetFocus () returned 0x1102de
[0193.395] IsAppThemed () returned 0x1
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] IsAppThemed () returned 0x1
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] IsThemePartDefined () returned 0x1
[0193.395] IsAppThemed () returned 0x1
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] GetThemeAppProperties () returned 0x3
[0193.395] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0193.395] IsAppThemed () returned 0x1
[0193.395] GetThemeAppProperties () returned 0x3
[0193.396] GetThemeAppProperties () returned 0x3
[0193.396] IsAppThemed () returned 0x1
[0193.396] GetThemeAppProperties () returned 0x3
[0193.396] GetThemeAppProperties () returned 0x3
[0193.396] IsThemePartDefined () returned 0x1
[0193.396] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0193.396] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0193.396] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0193.396] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0193.396] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0193.396] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0193.396] LocalFree (hMem=0x11eec58) returned 0x0
[0193.396] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0193.396] LocalFree (hMem=0x11ee868) returned 0x0
[0193.396] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0193.396] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e018) returned 0x0
[0193.396] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e008) returned 0x0
[0193.396] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0193.396] GdipDeleteRegion (region=0x6646958) returned 0x0
[0193.396] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0193.396] GetCurrentObject (hdc=0x460107e0, type=0x1) returned 0xb00017
[0193.396] GetCurrentObject (hdc=0x460107e0, type=0x2) returned 0x900010
[0193.396] GetCurrentObject (hdc=0x460107e0, type=0x7) returned 0x4a0507fe
[0193.396] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.397] SaveDC (hdc=0x460107e0) returned 1
[0193.397] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f040807
[0193.397] GetClipRgn (hdc=0x460107e0, hrgn=0x9f040807) returned 0
[0193.397] SelectClipRgn (hdc=0x460107e0, hrgn=0x2f0407de) returned 2
[0193.397] DeleteObject (ho=0x9f040807) returned 1
[0193.397] DeleteObject (ho=0x2f0407de) returned 1
[0193.397] OffsetViewportOrgEx (in: hdc=0x460107e0, x=0, y=0, lppt=0x2cc8734 | out: lppt=0x2cc8734) returned 1
[0193.397] DrawThemeParentBackground () returned 0x0
[0193.397] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0193.397] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0193.397] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.397] GetSystemMetrics (nIndex=42) returned 0
[0193.397] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0193.397] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0193.397] GetCurrentObject (hdc=0x460107e0, type=0x1) returned 0xb00017
[0193.397] GetCurrentObject (hdc=0x460107e0, type=0x2) returned 0x900010
[0193.398] GetCurrentObject (hdc=0x460107e0, type=0x7) returned 0x4a0507fe
[0193.398] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.398] SaveDC (hdc=0x460107e0) returned 2
[0193.398] GetNearestColor (hdc=0x460107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.398] CreateSolidBrush (color=0xf0f0f0) returned 0xd31007e1
[0193.398] FillRect (hDC=0x460107e0, lprc=0xd7da38, hbr=0xd31007e1) returned 1
[0193.398] DeleteObject (ho=0xd31007e1) returned 1
[0193.398] RestoreDC (hdc=0x460107e0, nSavedDC=-1) returned 1
[0193.398] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.398] GetSystemMetrics (nIndex=42) returned 0
[0193.398] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0193.398] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0193.398] GetCurrentObject (hdc=0x460107e0, type=0x1) returned 0xb00017
[0193.398] GetCurrentObject (hdc=0x460107e0, type=0x2) returned 0x900010
[0193.398] GetCurrentObject (hdc=0x460107e0, type=0x7) returned 0x4a0507fe
[0193.398] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.399] SaveDC (hdc=0x460107e0) returned 2
[0193.399] GetNearestColor (hdc=0x460107e0, color=0xf0f0f0) returned 0xf0f0f0
[0193.399] CreateSolidBrush (color=0xf0f0f0) returned 0xd41007e1
[0193.399] FillRect (hDC=0x460107e0, lprc=0xd7d9d8, hbr=0xd41007e1) returned 1
[0193.399] DeleteObject (ho=0xd41007e1) returned 1
[0193.399] RestoreDC (hdc=0x460107e0, nSavedDC=-1) returned 1
[0193.399] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.399] GetSystemMetrics (nIndex=42) returned 0
[0193.399] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0193.399] RestoreDC (hdc=0x460107e0, nSavedDC=-1) returned 1
[0193.399] GdipReleaseDC (graphics=0x6600030, hdc=0x460107e0) returned 0x0
[0193.399] IsAppThemed () returned 0x1
[0193.399] GetThemeAppProperties () returned 0x3
[0193.399] GetThemeAppProperties () returned 0x3
[0193.399] IsAppThemed () returned 0x1
[0193.400] GetThemeAppProperties () returned 0x3
[0193.400] GetThemeAppProperties () returned 0x3
[0193.400] IsThemePartDefined () returned 0x1
[0193.400] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0193.400] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0193.400] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0193.400] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0193.400] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0193.400] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0193.400] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0193.400] LocalFree (hMem=0x11eed00) returned 0x0
[0193.400] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0193.400] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0193.400] LocalFree (hMem=0x11ee868) returned 0x0
[0193.400] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0193.400] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0193.400] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0193.400] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0193.400] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0193.400] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0193.400] GetCurrentObject (hdc=0x460107e0, type=0x1) returned 0xb00017
[0193.400] GetCurrentObject (hdc=0x460107e0, type=0x2) returned 0x900010
[0193.400] GetCurrentObject (hdc=0x460107e0, type=0x7) returned 0x4a0507fe
[0193.401] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.401] SaveDC (hdc=0x460107e0) returned 1
[0193.401] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x300407de
[0193.401] GetClipRgn (hdc=0x460107e0, hrgn=0x300407de) returned 0
[0193.401] SelectClipRgn (hdc=0x460107e0, hrgn=0xa1040807) returned 2
[0193.401] DeleteObject (ho=0x300407de) returned 1
[0193.401] DeleteObject (ho=0xa1040807) returned 1
[0193.401] OffsetViewportOrgEx (in: hdc=0x460107e0, x=0, y=0, lppt=0x2cc8fe0 | out: lppt=0x2cc8fe0) returned 1
[0193.401] IsAppThemed () returned 0x1
[0193.401] GetThemeAppProperties () returned 0x3
[0193.401] GetThemeAppProperties () returned 0x3
[0193.401] DrawThemeBackground () returned 0x0
[0193.401] RestoreDC (hdc=0x460107e0, nSavedDC=-1) returned 1
[0193.401] GdipReleaseDC (graphics=0x6600030, hdc=0x460107e0) returned 0x0
[0193.401] GdipCreateRegion (region=0xd7df60) returned 0x0
[0193.401] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0193.401] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0193.401] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0193.402] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0193.402] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.402] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0193.402] LocalFree (hMem=0x11ee788) returned 0x0
[0193.402] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.402] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0193.402] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.402] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0193.402] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0193.402] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0193.402] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0193.402] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0193.402] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0193.402] GetCurrentObject (hdc=0x460107e0, type=0x1) returned 0xb00017
[0193.402] GetCurrentObject (hdc=0x460107e0, type=0x2) returned 0x900010
[0193.402] GetCurrentObject (hdc=0x460107e0, type=0x7) returned 0x4a0507fe
[0193.402] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.402] SaveDC (hdc=0x460107e0) returned 1
[0193.402] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa2040807
[0193.402] GetClipRgn (hdc=0x460107e0, hrgn=0xa2040807) returned 0
[0193.403] SelectClipRgn (hdc=0x460107e0, hrgn=0x310407de) returned 2
[0193.403] DeleteObject (ho=0xa2040807) returned 1
[0193.403] DeleteObject (ho=0x310407de) returned 1
[0193.403] OffsetViewportOrgEx (in: hdc=0x460107e0, x=0, y=0, lppt=0x2cc92b4 | out: lppt=0x2cc92b4) returned 1
[0193.403] IsAppThemed () returned 0x1
[0193.403] GetThemeAppProperties () returned 0x3
[0193.403] GetThemeAppProperties () returned 0x3
[0193.403] GetThemeBackgroundContentRect () returned 0x0
[0193.403] RestoreDC (hdc=0x460107e0, nSavedDC=-1) returned 1
[0193.403] GdipReleaseDC (graphics=0x6600030, hdc=0x460107e0) returned 0x0
[0193.403] IsAppThemed () returned 0x1
[0193.406] GetThemeAppProperties () returned 0x3
[0193.406] GetThemeAppProperties () returned 0x3
[0193.406] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0193.406] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0193.407] GetCurrentObject (hdc=0x460107e0, type=0x1) returned 0xb00017
[0193.407] GetCurrentObject (hdc=0x460107e0, type=0x2) returned 0x900010
[0193.407] GetCurrentObject (hdc=0x460107e0, type=0x7) returned 0x4a0507fe
[0193.407] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.407] SaveDC (hdc=0x460107e0) returned 1
[0193.407] GetTextAlign (hdc=0x460107e0) returned 0x0
[0193.407] GetTextColor (hdc=0x460107e0) returned 0x0
[0193.407] GetCurrentObject (hdc=0x460107e0, type=0x6) returned 0x8a01c2
[0193.407] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0193.407] SelectObject (hdc=0x460107e0, h=0x6d0a0520) returned 0x8a01c2
[0193.407] GetBkMode (hdc=0x460107e0) returned 2
[0193.407] SetBkMode (hdc=0x460107e0, mode=1) returned 2
[0193.407] DrawTextExW (in: hdc=0x460107e0, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2cc9654 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0193.408] DrawTextExW (in: hdc=0x460107e0, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cc9654 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0193.408] RestoreDC (hdc=0x460107e0, nSavedDC=-1) returned 1
[0193.408] GdipReleaseDC (graphics=0x6600030, hdc=0x460107e0) returned 0x0
[0193.408] GetFocus () returned 0x1102de
[0193.408] IsAppThemed () returned 0x1
[0193.408] GetThemeAppProperties () returned 0x3
[0193.408] GetThemeAppProperties () returned 0x3
[0193.408] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0193.408] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x460107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.408] GdipReleaseDC (graphics=0x6600030, hdc=0x460107e0) returned 0x0
[0193.408] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.408] SelectObject (hdc=0x460107e0, h=0x85000f) returned 0x4a0507fe
[0193.409] DeleteDC (hdc=0x460107e0) returned 1
[0193.409] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.409] EndPaint (hWnd=0x13013e, lpPaint=0xd7e24c) returned 1
[0193.409] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.409] IsWindowUnicode (hWnd=0x602c4) returned 1
[0193.409] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.410] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.410] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.410] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0193.410] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.410] CreateCompatibleDC (hdc=0x10105d6) returned 0x480107e0
[0193.410] SelectObject (hdc=0x480107e0, h=0x4a0507fe) returned 0x85000f
[0193.410] GdipCreateFromHDC (hdc=0x480107e0, graphics=0xd7e268) returned 0x0
[0193.410] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.410] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0193.410] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0193.410] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0193.410] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0193.410] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.410] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0193.410] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.411] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0193.411] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0193.411] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0193.411] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0193.411] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0193.411] GdipRestoreGraphics (graphics=0x6600030, state=0xfb240dbd) returned 0x0
[0193.411] GdipDeleteRegion (region=0x6646298) returned 0x0
[0193.411] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0193.411] GetCurrentObject (hdc=0x480107e0, type=0x1) returned 0xb00017
[0193.411] GetCurrentObject (hdc=0x480107e0, type=0x2) returned 0x900010
[0193.411] GetCurrentObject (hdc=0x480107e0, type=0x7) returned 0x4a0507fe
[0193.411] GetCurrentObject (hdc=0x480107e0, type=0x6) returned 0x8a01c2
[0193.411] SaveDC (hdc=0x480107e0) returned 1
[0193.411] GetNearestColor (hdc=0x480107e0, color=0xff) returned 0xff
[0193.411] GetNearestColor (hdc=0x480107e0, color=0x55) returned 0x55
[0193.411] GetNearestColor (hdc=0x480107e0, color=0x0) returned 0x0
[0193.411] GetNearestColor (hdc=0x480107e0, color=0x55) returned 0x55
[0193.412] GetNearestColor (hdc=0x480107e0, color=0x0) returned 0x0
[0193.412] GetNearestColor (hdc=0x480107e0, color=0x8080ff) returned 0x8080ff
[0193.412] GetNearestColor (hdc=0x480107e0, color=0x7373e5) returned 0x7373e5
[0193.412] GetNearestColor (hdc=0x480107e0, color=0xe5) returned 0xe5
[0193.412] GetNearestColor (hdc=0x480107e0, color=0x0) returned 0x0
[0193.412] RestoreDC (hdc=0x480107e0, nSavedDC=-1) returned 1
[0193.412] GdipReleaseDC (graphics=0x6600030, hdc=0x480107e0) returned 0x0
[0193.412] IsAppThemed () returned 0x1
[0193.412] GetThemeAppProperties () returned 0x3
[0193.412] GetThemeAppProperties () returned 0x3
[0193.412] IsAppThemed () returned 0x1
[0193.412] GetThemeAppProperties () returned 0x3
[0193.412] GetThemeAppProperties () returned 0x3
[0193.412] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2cc9e1c | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0193.412] IsAppThemed () returned 0x1
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] IsAppThemed () returned 0x1
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetFocus () returned 0x1102de
[0193.413] IsAppThemed () returned 0x1
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] IsAppThemed () returned 0x1
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] IsThemePartDefined () returned 0x1
[0193.413] IsAppThemed () returned 0x1
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0193.413] IsAppThemed () returned 0x1
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] IsAppThemed () returned 0x1
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] GetThemeAppProperties () returned 0x3
[0193.413] IsThemePartDefined () returned 0x1
[0193.413] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0193.414] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0193.414] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0193.414] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0193.414] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dff0) returned 0x0
[0193.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0193.414] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea60) returned 0x0
[0193.414] LocalFree (hMem=0x11eea60) returned 0x0
[0193.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.414] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0193.414] LocalFree (hMem=0x11eec58) returned 0x0
[0193.414] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0193.414] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0193.414] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0193.414] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0193.414] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0193.414] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0193.414] GetCurrentObject (hdc=0x480107e0, type=0x1) returned 0xb00017
[0193.414] GetCurrentObject (hdc=0x480107e0, type=0x2) returned 0x900010
[0193.414] GetCurrentObject (hdc=0x480107e0, type=0x7) returned 0x4a0507fe
[0193.414] GetCurrentObject (hdc=0x480107e0, type=0x6) returned 0x8a01c2
[0193.414] SaveDC (hdc=0x480107e0) returned 1
[0193.415] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x320407de
[0193.415] GetClipRgn (hdc=0x480107e0, hrgn=0x320407de) returned 0
[0193.415] SelectClipRgn (hdc=0x480107e0, hrgn=0xa6040807) returned 2
[0193.415] DeleteObject (ho=0x320407de) returned 1
[0193.415] DeleteObject (ho=0xa6040807) returned 1
[0193.415] OffsetViewportOrgEx (in: hdc=0x480107e0, x=0, y=0, lppt=0x2cca4cc | out: lppt=0x2cca4cc) returned 1
[0193.415] DrawThemeParentBackground () returned 0x0
[0193.415] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0193.415] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0193.415] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.415] GetSystemMetrics (nIndex=42) returned 0
[0193.415] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0193.415] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0193.415] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0193.415] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0193.416] SelectPalette (hdc=0x480107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.416] GdipCreateFromHDC (hdc=0x480107e0, graphics=0xd7dac8) returned 0x0
[0193.416] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0193.416] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0193.416] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638c98) returned 0x0
[0193.416] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7daa0) returned 0x0
[0193.416] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0193.416] GdipCreateRegion (region=0xd7da88) returned 0x0
[0193.416] GdipGetClip (graphics=0x6635e20, region=0x66463b8) returned 0x0
[0193.416] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6635e20, result=0xd7da94) returned 0x0
[0193.416] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0193.416] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dac0) returned 0x0
[0193.416] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0193.429] GdipFillRectangleI (graphics=0x6635e20, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0193.429] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0193.430] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0193.430] SelectPalette (hdc=0x480107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.430] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.430] GetSystemMetrics (nIndex=42) returned 0
[0193.430] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0193.430] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0193.430] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0193.430] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0193.430] SelectPalette (hdc=0x480107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.431] GdipCreateFromHDC (hdc=0x480107e0, graphics=0xd7da68) returned 0x0
[0193.431] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0193.431] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0193.431] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638a28) returned 0x0
[0193.431] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7da40) returned 0x0
[0193.431] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0193.431] GdipCreateRegion (region=0xd7da28) returned 0x0
[0193.431] GdipGetClip (graphics=0x6635e20, region=0x66463b8) returned 0x0
[0193.431] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6635e20, result=0xd7da34) returned 0x0
[0193.431] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0193.431] GdipSaveGraphics (graphics=0x6635e20, state=0xd7da60) returned 0x0
[0193.431] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0193.442] GdipFillRectangleI (graphics=0x6635e20, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0193.442] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0193.444] GdipRestoreGraphics (graphics=0x6635e20, state=0xfb200dbd) returned 0x0
[0193.444] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.444] GetSystemMetrics (nIndex=42) returned 0
[0193.444] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0193.444] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0193.444] SelectPalette (hdc=0x480107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.444] RestoreDC (hdc=0x480107e0, nSavedDC=-1) returned 1
[0193.444] GdipReleaseDC (graphics=0x6600030, hdc=0x480107e0) returned 0x0
[0193.444] IsAppThemed () returned 0x1
[0193.445] GetThemeAppProperties () returned 0x3
[0193.445] GetThemeAppProperties () returned 0x3
[0193.445] IsAppThemed () returned 0x1
[0193.445] GetThemeAppProperties () returned 0x3
[0193.445] GetThemeAppProperties () returned 0x3
[0193.445] IsThemePartDefined () returned 0x1
[0193.445] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0193.445] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0193.445] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0193.445] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0193.445] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0193.445] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.445] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0193.445] LocalFree (hMem=0x11ee788) returned 0x0
[0193.445] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.445] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0193.445] LocalFree (hMem=0x11ee788) returned 0x0
[0193.445] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0193.445] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0193.445] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0193.445] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0193.445] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0193.446] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0193.446] GetCurrentObject (hdc=0x480107e0, type=0x1) returned 0xb00017
[0193.446] GetCurrentObject (hdc=0x480107e0, type=0x2) returned 0x900010
[0193.446] GetCurrentObject (hdc=0x480107e0, type=0x7) returned 0x4a0507fe
[0193.446] GetCurrentObject (hdc=0x480107e0, type=0x6) returned 0x8a01c2
[0193.446] SaveDC (hdc=0x480107e0) returned 1
[0193.446] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa7040807
[0193.446] GetClipRgn (hdc=0x480107e0, hrgn=0xa7040807) returned 0
[0193.446] SelectClipRgn (hdc=0x480107e0, hrgn=0x340407de) returned 2
[0193.446] DeleteObject (ho=0xa7040807) returned 1
[0193.446] DeleteObject (ho=0x340407de) returned 1
[0193.446] OffsetViewportOrgEx (in: hdc=0x480107e0, x=0, y=0, lppt=0x2cd0d1c | out: lppt=0x2cd0d1c) returned 1
[0193.446] IsAppThemed () returned 0x1
[0193.446] GetThemeAppProperties () returned 0x3
[0193.446] GetThemeAppProperties () returned 0x3
[0193.446] DrawThemeBackground () returned 0x0
[0193.446] RestoreDC (hdc=0x480107e0, nSavedDC=-1) returned 1
[0193.446] GdipReleaseDC (graphics=0x6600030, hdc=0x480107e0) returned 0x0
[0193.447] GdipCreateRegion (region=0xd7df60) returned 0x0
[0193.447] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0193.447] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0193.447] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0193.447] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0193.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0193.447] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0193.447] LocalFree (hMem=0x11ee868) returned 0x0
[0193.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.447] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0193.447] LocalFree (hMem=0x11eec58) returned 0x0
[0193.447] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0193.447] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0193.447] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0193.447] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0193.447] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0193.447] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0193.447] GetCurrentObject (hdc=0x480107e0, type=0x1) returned 0xb00017
[0193.447] GetCurrentObject (hdc=0x480107e0, type=0x2) returned 0x900010
[0193.447] GetCurrentObject (hdc=0x480107e0, type=0x7) returned 0x4a0507fe
[0193.447] GetCurrentObject (hdc=0x480107e0, type=0x6) returned 0x8a01c2
[0193.447] SaveDC (hdc=0x480107e0) returned 1
[0193.448] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x350407de
[0193.448] GetClipRgn (hdc=0x480107e0, hrgn=0x350407de) returned 0
[0193.448] SelectClipRgn (hdc=0x480107e0, hrgn=0xa8040807) returned 2
[0193.448] DeleteObject (ho=0x350407de) returned 1
[0193.448] DeleteObject (ho=0xa8040807) returned 1
[0193.448] OffsetViewportOrgEx (in: hdc=0x480107e0, x=0, y=0, lppt=0x2cd0ff0 | out: lppt=0x2cd0ff0) returned 1
[0193.448] IsAppThemed () returned 0x1
[0193.448] GetThemeAppProperties () returned 0x3
[0193.448] GetThemeAppProperties () returned 0x3
[0193.448] GetThemeBackgroundContentRect () returned 0x0
[0193.448] RestoreDC (hdc=0x480107e0, nSavedDC=-1) returned 1
[0193.448] GdipReleaseDC (graphics=0x6600030, hdc=0x480107e0) returned 0x0
[0193.448] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0193.448] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0193.448] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0193.448] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0193.448] IsAppThemed () returned 0x1
[0193.448] GetThemeAppProperties () returned 0x3
[0193.448] GetThemeAppProperties () returned 0x3
[0193.448] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0193.448] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0193.448] GetCurrentObject (hdc=0x480107e0, type=0x1) returned 0xb00017
[0193.449] GetCurrentObject (hdc=0x480107e0, type=0x2) returned 0x900010
[0193.449] GetCurrentObject (hdc=0x480107e0, type=0x7) returned 0x4a0507fe
[0193.449] GetCurrentObject (hdc=0x480107e0, type=0x6) returned 0x8a01c2
[0193.449] SaveDC (hdc=0x480107e0) returned 1
[0193.449] GetTextAlign (hdc=0x480107e0) returned 0x0
[0193.449] GetTextColor (hdc=0x480107e0) returned 0x0
[0193.449] GetCurrentObject (hdc=0x480107e0, type=0x6) returned 0x8a01c2
[0193.449] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0193.449] SelectObject (hdc=0x480107e0, h=0x6d0a0520) returned 0x8a01c2
[0193.449] GetBkMode (hdc=0x480107e0) returned 2
[0193.449] SetBkMode (hdc=0x480107e0, mode=1) returned 2
[0193.449] DrawTextExW (in: hdc=0x480107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2cd13b4 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0193.449] DrawTextExW (in: hdc=0x480107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cd13b4 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0193.450] RestoreDC (hdc=0x480107e0, nSavedDC=-1) returned 1
[0193.450] GdipReleaseDC (graphics=0x6600030, hdc=0x480107e0) returned 0x0
[0193.453] GetFocus () returned 0x1102de
[0193.453] IsAppThemed () returned 0x1
[0193.453] GetThemeAppProperties () returned 0x3
[0193.453] GetThemeAppProperties () returned 0x3
[0193.453] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0193.453] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x480107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.453] GdipReleaseDC (graphics=0x6600030, hdc=0x480107e0) returned 0x0
[0193.453] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.453] SelectObject (hdc=0x480107e0, h=0x85000f) returned 0x4a0507fe
[0193.454] DeleteDC (hdc=0x480107e0) returned 1
[0193.454] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.454] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0193.454] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.454] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.454] WaitMessage () returned 1
[0193.465] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.493] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.493] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.494] IsWindowUnicode (hWnd=0x1102dc) returned 1
[0193.494] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.494] IsWindowUnicode (hWnd=0x1102dc) returned 1
[0193.494] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.494] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x2a1, wParam=0x0, lParam=0x40019) returned 0x0
[0193.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.494] WaitMessage () returned 1
[0193.496] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.497] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.497] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.497] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.497] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.501] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.501] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.501] WaitMessage () returned 1
[0193.502] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.502] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.502] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.502] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.502] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.503] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.504] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.504] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.504] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.504] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.504] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.504] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.504] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.504] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.504] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.504] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.505] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.505] WaitMessage () returned 1
[0193.505] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.505] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.505] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.505] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.505] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.506] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.506] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.506] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.506] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.506] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.507] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.507] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.507] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.507] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.507] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.507] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.507] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.507] WaitMessage () returned 1
[0193.508] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.508] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.508] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.508] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.508] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.509] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.510] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.510] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.510] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.510] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.510] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.510] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.510] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.510] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.510] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.510] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.511] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.511] WaitMessage () returned 1
[0193.511] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.511] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.511] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.511] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.511] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.512] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.513] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.513] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.513] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.513] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.513] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.513] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.513] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.513] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.513] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.513] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.514] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.514] WaitMessage () returned 1
[0193.591] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.591] IsWindowUnicode (hWnd=0x502c6) returned 1
[0193.591] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.591] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.591] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.591] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.591] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0193.591] WaitMessage () returned 1
[0193.648] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.648] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.648] IsWindowUnicode (hWnd=0x1102dc) returned 1
[0193.648] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.649] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.649] GetDlgItem (hDlg=0x1102da, nIDDlgItem=0) returned 0x0
[0193.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x210, wParam=0x201, lParam=0x6200fa) returned 0x0
[0193.649] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x21, wParam=0x1102da, lParam=0x2010001) returned 0x1
[0193.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x21, wParam=0x1102da, lParam=0x2010001) returned 0x1
[0193.649] SetCursor (hCursor=0x10003) returned 0x10003
[0193.649] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.649] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.649] GetKeyState (nVirtKey=1) returned -127
[0193.649] GetKeyState (nVirtKey=2) returned 0
[0193.649] GetKeyState (nVirtKey=4) returned 0
[0193.649] GetKeyState (nVirtKey=5) returned 0
[0193.649] GetKeyState (nVirtKey=6) returned 0
[0193.649] IsWindowVisible (hWnd=0x1102dc) returned 1
[0193.649] IsWindowEnabled (hWnd=0x1102dc) returned 1
[0193.649] SetFocus (hWnd=0x1102dc) returned 0x1102de
[0193.650] GetFocus () returned 0x1102dc
[0193.650] IsChild (hWndParent=0x1102da, hWnd=0x1102dc) returned 1
[0193.650] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x8, wParam=0x1102dc, lParam=0x0) returned 0x0
[0193.650] GetCapture () returned 0x0
[0193.650] InvalidateRect (hWnd=0x1102de, lpRect=0x0, bErase=0) returned 1
[0193.651] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0193.652] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0193.656] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.656] InvalidateRect (hWnd=0x1102de, lpRect=0x0, bErase=0) returned 1
[0193.656] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.656] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x7, wParam=0x1102de, lParam=0x0) returned 0x0
[0193.656] GetStockObject (i=5) returned 0x900015
[0193.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0193.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0193.657] GetDlgItem (hDlg=0x1102da, nIDDlgItem=1114844) returned 0x1102dc
[0193.657] SendMessageW (hWnd=0x1102dc, Msg=0x202b, wParam=0x1102dc, lParam=0xd7dddc) returned 0x0
[0193.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x202b, wParam=0x1102dc, lParam=0xd7dddc) returned 0x0
[0193.657] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.659] GetFocus () returned 0x1102dc
[0193.659] GetFocus () returned 0x1102dc
[0193.659] GetFocus () returned 0x1102dc
[0193.659] GetKeyState (nVirtKey=1) returned -127
[0193.659] GetKeyState (nVirtKey=2) returned 0
[0193.659] GetKeyState (nVirtKey=4) returned 0
[0193.659] GetKeyState (nVirtKey=5) returned 0
[0193.659] GetKeyState (nVirtKey=6) returned 0
[0193.660] GetCapture () returned 0x0
[0193.660] SetCapture (hWnd=0x1102dc) returned 0x0
[0193.660] GetKeyState (nVirtKey=1) returned -127
[0193.660] GetKeyState (nVirtKey=2) returned 0
[0193.660] GetKeyState (nVirtKey=4) returned 0
[0193.660] GetKeyState (nVirtKey=5) returned 0
[0193.660] GetKeyState (nVirtKey=6) returned 0
[0193.660] NotifyWinEvent (event=0x800a, hwnd=0x1102dc, idObject=-4, idChild=0)
[0193.660] InvalidateRect (hWnd=0x1102dc, lpRect=0xd7e430, bErase=0) returned 1
[0193.660] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.660] IsWindowUnicode (hWnd=0x1102dc) returned 1
[0193.660] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.660] TranslateMessage (lpMsg=0xd7e808) returned 0
[0193.660] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0193.660] MapWindowPoints (in: hWndFrom=0x1102dc, hWndTo=0x0, lpPoints=0x2cd16c4, cPoints=0x1 | out: lpPoints=0x2cd16c4) returned 30999254
[0193.660] NotifyWinEvent (event=0x800a, hwnd=0x1102dc, idObject=-4, idChild=0)
[0193.660] InvalidateRect (hWnd=0x1102dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0193.660] UpdateWindow (hWnd=0x1102dc) returned 1
[0193.660] BeginPaint (in: hWnd=0x1102dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0193.661] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.661] CreateCompatibleDC (hdc=0x107b9) returned 0x1d0107e8
[0193.661] SelectObject (hdc=0x1d0107e8, h=0x4a0507fe) returned 0x85000f
[0193.661] GdipCreateFromHDC (hdc=0x1d0107e8, graphics=0xd7df00) returned 0x0
[0193.661] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.661] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0193.661] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0193.661] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0193.661] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df60) returned 0x0
[0193.661] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0193.661] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0193.661] LocalFree (hMem=0x11ee868) returned 0x0
[0193.661] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0193.661] GdipCreateRegion (region=0xd7df48) returned 0x0
[0193.661] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0193.662] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df54) returned 0x0
[0193.662] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0193.662] GdipRestoreGraphics (graphics=0x6600030, state=0xfb1e0dbd) returned 0x0
[0193.662] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0193.662] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0193.662] GetCurrentObject (hdc=0x1d0107e8, type=0x1) returned 0xb00017
[0193.662] GetCurrentObject (hdc=0x1d0107e8, type=0x2) returned 0x900010
[0193.662] GetCurrentObject (hdc=0x1d0107e8, type=0x7) returned 0x4a0507fe
[0193.662] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.662] SaveDC (hdc=0x1d0107e8) returned 1
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0xa0a0a0) returned 0xa0a0a0
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0x696969) returned 0x696969
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0xa0a0a0) returned 0xa0a0a0
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0x0) returned 0x0
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0xffffff) returned 0xffffff
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0xe5e5e5) returned 0xe5e5e5
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0xd7d7d7) returned 0xd7d7d7
[0193.662] GetNearestColor (hdc=0x1d0107e8, color=0x0) returned 0x0
[0193.663] RestoreDC (hdc=0x1d0107e8, nSavedDC=-1) returned 1
[0193.663] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107e8) returned 0x0
[0193.663] IsAppThemed () returned 0x1
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] IsAppThemed () returned 0x1
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2cd1e1c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0193.663] IsAppThemed () returned 0x1
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] IsAppThemed () returned 0x1
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] GetThemeAppProperties () returned 0x3
[0193.663] IsAppThemed () returned 0x1
[0193.663] GetThemeAppProperties () returned 0x3
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] IsAppThemed () returned 0x1
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] IsThemePartDefined () returned 0x1
[0193.664] IsAppThemed () returned 0x1
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0193.664] IsAppThemed () returned 0x1
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] IsAppThemed () returned 0x1
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] GetThemeAppProperties () returned 0x3
[0193.664] IsThemePartDefined () returned 0x1
[0193.664] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0193.664] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0193.664] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0193.664] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0193.664] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc7c) returned 0x0
[0193.664] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0193.664] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0193.664] LocalFree (hMem=0x11ee8d8) returned 0x0
[0193.664] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0193.664] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0193.665] LocalFree (hMem=0x11ee868) returned 0x0
[0193.665] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0193.665] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0193.665] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0193.665] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0193.665] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0193.665] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0193.665] GetCurrentObject (hdc=0x1d0107e8, type=0x1) returned 0xb00017
[0193.665] GetCurrentObject (hdc=0x1d0107e8, type=0x2) returned 0x900010
[0193.665] GetCurrentObject (hdc=0x1d0107e8, type=0x7) returned 0x4a0507fe
[0193.665] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.665] SaveDC (hdc=0x1d0107e8) returned 1
[0193.665] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa9040807
[0193.665] GetClipRgn (hdc=0x1d0107e8, hrgn=0xa9040807) returned 0
[0193.665] SelectClipRgn (hdc=0x1d0107e8, hrgn=0x390407de) returned 2
[0193.665] DeleteObject (ho=0xa9040807) returned 1
[0193.665] DeleteObject (ho=0x390407de) returned 1
[0193.665] OffsetViewportOrgEx (in: hdc=0x1d0107e8, x=0, y=0, lppt=0x2cd24cc | out: lppt=0x2cd24cc) returned 1
[0193.665] DrawThemeParentBackground () returned 0x0
[0193.666] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0193.666] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0193.666] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.666] GetSystemMetrics (nIndex=42) returned 0
[0193.666] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0193.666] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0193.666] GetCurrentObject (hdc=0x1d0107e8, type=0x1) returned 0xb00017
[0193.666] GetCurrentObject (hdc=0x1d0107e8, type=0x2) returned 0x900010
[0193.666] GetCurrentObject (hdc=0x1d0107e8, type=0x7) returned 0x4a0507fe
[0193.666] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.666] SaveDC (hdc=0x1d0107e8) returned 2
[0193.667] GetNearestColor (hdc=0x1d0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0193.667] CreateSolidBrush (color=0xf0f0f0) returned 0xd51007e1
[0193.667] FillRect (hDC=0x1d0107e8, lprc=0xd7d6c8, hbr=0xd51007e1) returned 1
[0193.667] DeleteObject (ho=0xd51007e1) returned 1
[0193.667] RestoreDC (hdc=0x1d0107e8, nSavedDC=-1) returned 1
[0193.667] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.667] GetSystemMetrics (nIndex=42) returned 0
[0193.667] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0193.667] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0193.667] GetCurrentObject (hdc=0x1d0107e8, type=0x1) returned 0xb00017
[0193.667] GetCurrentObject (hdc=0x1d0107e8, type=0x2) returned 0x900010
[0193.667] GetCurrentObject (hdc=0x1d0107e8, type=0x7) returned 0x4a0507fe
[0193.667] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.668] SaveDC (hdc=0x1d0107e8) returned 2
[0193.668] GetNearestColor (hdc=0x1d0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0193.668] CreateSolidBrush (color=0xf0f0f0) returned 0xd61007e1
[0193.668] FillRect (hDC=0x1d0107e8, lprc=0xd7d668, hbr=0xd61007e1) returned 1
[0193.668] DeleteObject (ho=0xd61007e1) returned 1
[0193.668] RestoreDC (hdc=0x1d0107e8, nSavedDC=-1) returned 1
[0193.668] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.668] GetSystemMetrics (nIndex=42) returned 0
[0193.668] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0193.668] RestoreDC (hdc=0x1d0107e8, nSavedDC=-1) returned 1
[0193.668] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107e8) returned 0x0
[0193.669] IsAppThemed () returned 0x1
[0193.669] GetThemeAppProperties () returned 0x3
[0193.691] GetThemeAppProperties () returned 0x3
[0193.691] IsAppThemed () returned 0x1
[0193.691] GetThemeAppProperties () returned 0x3
[0193.691] GetThemeAppProperties () returned 0x3
[0193.691] IsThemePartDefined () returned 0x1
[0193.691] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0193.691] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0193.691] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0193.691] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0193.691] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dc00) returned 0x0
[0193.691] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0193.692] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0193.692] LocalFree (hMem=0x11ee8d8) returned 0x0
[0193.692] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0193.692] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0193.692] LocalFree (hMem=0x11ee8d8) returned 0x0
[0193.692] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0193.692] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0193.692] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0193.692] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0193.692] GdipDeleteRegion (region=0x6646718) returned 0x0
[0193.692] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0193.692] GetCurrentObject (hdc=0x1d0107e8, type=0x1) returned 0xb00017
[0193.692] GetCurrentObject (hdc=0x1d0107e8, type=0x2) returned 0x900010
[0193.692] GetCurrentObject (hdc=0x1d0107e8, type=0x7) returned 0x4a0507fe
[0193.692] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.692] SaveDC (hdc=0x1d0107e8) returned 1
[0193.693] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a0407de
[0193.693] GetClipRgn (hdc=0x1d0107e8, hrgn=0x3a0407de) returned 0
[0193.693] SelectClipRgn (hdc=0x1d0107e8, hrgn=0xab040807) returned 2
[0193.693] DeleteObject (ho=0x3a0407de) returned 1
[0193.693] DeleteObject (ho=0xab040807) returned 1
[0193.693] OffsetViewportOrgEx (in: hdc=0x1d0107e8, x=0, y=0, lppt=0x2cd2d78 | out: lppt=0x2cd2d78) returned 1
[0193.693] IsAppThemed () returned 0x1
[0193.693] GetThemeAppProperties () returned 0x3
[0193.693] GetThemeAppProperties () returned 0x3
[0193.693] DrawThemeBackground () returned 0x0
[0193.693] RestoreDC (hdc=0x1d0107e8, nSavedDC=-1) returned 1
[0193.693] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107e8) returned 0x0
[0193.693] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0193.693] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0193.693] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0193.693] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0193.694] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc04) returned 0x0
[0193.694] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.694] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0193.694] LocalFree (hMem=0x11ee788) returned 0x0
[0193.694] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0193.694] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0193.694] LocalFree (hMem=0x11eecc8) returned 0x0
[0193.694] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0193.694] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0193.694] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0193.694] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0193.694] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0193.694] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0193.694] GetCurrentObject (hdc=0x1d0107e8, type=0x1) returned 0xb00017
[0193.694] GetCurrentObject (hdc=0x1d0107e8, type=0x2) returned 0x900010
[0193.694] GetCurrentObject (hdc=0x1d0107e8, type=0x7) returned 0x4a0507fe
[0193.694] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.695] SaveDC (hdc=0x1d0107e8) returned 1
[0193.695] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xac040807
[0193.695] GetClipRgn (hdc=0x1d0107e8, hrgn=0xac040807) returned 0
[0193.695] SelectClipRgn (hdc=0x1d0107e8, hrgn=0x3b0407de) returned 2
[0193.695] DeleteObject (ho=0xac040807) returned 1
[0193.695] DeleteObject (ho=0x3b0407de) returned 1
[0193.695] OffsetViewportOrgEx (in: hdc=0x1d0107e8, x=0, y=0, lppt=0x2cd304c | out: lppt=0x2cd304c) returned 1
[0193.695] IsAppThemed () returned 0x1
[0193.695] GetThemeAppProperties () returned 0x3
[0193.695] GetThemeAppProperties () returned 0x3
[0193.695] GetThemeBackgroundContentRect () returned 0x0
[0193.695] RestoreDC (hdc=0x1d0107e8, nSavedDC=-1) returned 1
[0193.695] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107e8) returned 0x0
[0193.695] IsAppThemed () returned 0x1
[0193.695] GetThemeAppProperties () returned 0x3
[0193.695] GetThemeAppProperties () returned 0x3
[0193.695] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0193.696] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0193.696] GetCurrentObject (hdc=0x1d0107e8, type=0x1) returned 0xb00017
[0193.696] GetCurrentObject (hdc=0x1d0107e8, type=0x2) returned 0x900010
[0193.696] GetCurrentObject (hdc=0x1d0107e8, type=0x7) returned 0x4a0507fe
[0193.696] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.696] SaveDC (hdc=0x1d0107e8) returned 1
[0193.696] GetTextAlign (hdc=0x1d0107e8) returned 0x0
[0193.696] GetTextColor (hdc=0x1d0107e8) returned 0x0
[0193.696] GetCurrentObject (hdc=0x1d0107e8, type=0x6) returned 0x8a01c2
[0193.696] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0193.696] SelectObject (hdc=0x1d0107e8, h=0x6d0a0520) returned 0x8a01c2
[0193.696] GetBkMode (hdc=0x1d0107e8) returned 2
[0193.696] SetBkMode (hdc=0x1d0107e8, mode=1) returned 2
[0193.697] DrawTextExW (in: hdc=0x1d0107e8, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2cd33ec | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0193.697] DrawTextExW (in: hdc=0x1d0107e8, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2cd33ec | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0193.697] RestoreDC (hdc=0x1d0107e8, nSavedDC=-1) returned 1
[0193.697] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107e8) returned 0x0
[0193.697] GetFocus () returned 0x1102dc
[0193.697] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0193.697] SendMessageW (hWnd=0x1102da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0193.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0193.698] IsAppThemed () returned 0x1
[0193.698] GetThemeAppProperties () returned 0x3
[0193.698] GetThemeAppProperties () returned 0x3
[0193.698] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0193.698] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x1d0107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.698] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107e8) returned 0x0
[0193.698] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.698] SelectObject (hdc=0x1d0107e8, h=0x85000f) returned 0x4a0507fe
[0193.698] DeleteDC (hdc=0x1d0107e8) returned 1
[0193.698] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.698] EndPaint (hWnd=0x1102dc, lpPaint=0xd7dee4) returned 1
[0193.699] MapWindowPoints (in: hWndFrom=0x1102dc, hWndTo=0x0, lpPoints=0x2cd34e8, cPoints=0x1 | out: lpPoints=0x2cd34e8) returned 30999254
[0193.699] WindowFromPoint (Point=0x2ef) returned 0x1102dc
[0193.699] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.699] NotifyWinEvent (event=0x800a, hwnd=0x1102dc, idObject=-4, idChild=0)
[0193.699] NotifyWinEvent (event=0x800c, hwnd=0x1102dc, idObject=-4, idChild=0)
[0193.699] GetCapture () returned 0x1102dc
[0193.699] ReleaseCapture () returned 1
[0193.699] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0193.699] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0193.700] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.700] IsWindow (hWnd=0x7005c) returned 1
[0193.700] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0193.700] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0193.701] IsWindow (hWnd=0x1102da) returned 1
[0193.701] SetActiveWindow (hWnd=0x1102da) returned 0x1102da
[0193.701] IsWindow (hWnd=0x1102da) returned 1
[0193.701] SetFocus (hWnd=0x1102da) returned 0x1102dc
[0193.701] GetFocus () returned 0x1102da
[0193.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x8, wParam=0x1102da, lParam=0x0) returned 0x0
[0193.702] GetCapture () returned 0x0
[0193.702] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0193.705] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0193.706] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.706] GetFocus () returned 0x1102da
[0193.706] SetFocus (hWnd=0x1102dc) returned 0x1102da
[0193.707] GetFocus () returned 0x1102dc
[0193.707] IsChild (hWndParent=0x1102da, hWnd=0x1102dc) returned 1
[0193.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x8, wParam=0x1102dc, lParam=0x0) returned 0x0
[0193.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0193.710] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0193.712] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x7, wParam=0x1102da, lParam=0x0) returned 0x0
[0193.712] GetStockObject (i=5) returned 0x900015
[0193.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0193.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0193.712] GetDlgItem (hDlg=0x1102da, nIDDlgItem=1114844) returned 0x1102dc
[0193.712] SendMessageW (hWnd=0x1102dc, Msg=0x202b, wParam=0x1102dc, lParam=0xd7ddcc) returned 0x0
[0193.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x202b, wParam=0x1102dc, lParam=0xd7ddcc) returned 0x0
[0193.712] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.715] GetWindowLongW (hWnd=0x1102da, nIndex=-8) returned 458844
[0193.715] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0193.715] GetCurrentThreadId () returned 0xf50
[0193.715] IsWindow (hWnd=0x7005c) returned 1
[0193.715] IsWindow (hWnd=0x7005c) returned 1
[0193.715] IsWindowVisible (hWnd=0x7005c) returned 1
[0193.715] SetActiveWindow (hWnd=0x7005c) returned 0x1102da
[0193.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0193.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0193.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0193.726] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0193.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0193.726] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0193.726] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0193.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1102da) returned 0x1
[0193.730] GetFocus () returned 0x1102dc
[0193.731] SetFocus (hWnd=0x602c4) returned 0x1102dc
[0193.741] GetFocus () returned 0x602c4
[0193.741] IsChild (hWndParent=0x1102da, hWnd=0x602c4) returned 0
[0193.741] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0193.742] GetCapture () returned 0x0
[0193.742] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0193.744] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0193.746] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.746] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0193.746] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.746] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0193.746] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0193.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1102dc, lParam=0x0) returned 0x0
[0193.761] GetStockObject (i=5) returned 0x900015
[0193.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0193.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed828) returned 0xc
[0193.761] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0193.761] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0193.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0193.761] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0193.770] GetFocus () returned 0x602c4
[0193.770] IsChild (hWndParent=0x1102da, hWnd=0x602c4) returned 0
[0193.770] ShowWindow (hWnd=0x1102da, nCmdShow=0) returned 1
[0193.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0193.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0193.772] GetWindowPlacement (in: hWnd=0x1102da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0193.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0193.772] GetClientRect (in: hWnd=0x1102da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0193.772] GetWindowRect (in: hWnd=0x1102da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0193.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0193.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0193.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0193.774] GetWindowLongW (hWnd=0x1102da, nIndex=-20) returned 327945
[0193.774] DestroyWindow (hWnd=0x1102da) returned 1
[0193.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0193.775] GetWindowTextLengthW (hWnd=0x1102da) returned 13
[0193.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.775] GetSystemMetrics (nIndex=42) returned 0
[0193.775] GetWindowTextW (in: hWnd=0x1102da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0193.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0193.775] GetWindowTextLengthW (hWnd=0x1400ea) returned 0
[0193.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0193.775] GetSystemMetrics (nIndex=42) returned 0
[0193.775] GetWindowTextW (in: hWnd=0x1400ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0193.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0193.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0193.776] GetWindowThreadProcessId (in: hWnd=0x602d0, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0193.776] GetWindow (hWnd=0x602d0, uCmd=0x5) returned 0x0
[0193.776] GetWindowLongW (hWnd=0x602d0, nIndex=-20) returned 65792
[0193.776] DestroyWindow (hWnd=0x602d0) returned 1
[0193.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0193.776] GetWindowTextLengthW (hWnd=0x602d0) returned 25
[0193.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0193.776] GetSystemMetrics (nIndex=42) returned 0
[0193.776] GetWindowTextW (in: hWnd=0x602d0, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0193.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0193.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0193.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x602d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.778] GetWindowTextLengthW (hWnd=0x702ce) returned 232
[0193.778] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0193.778] GetSystemMetrics (nIndex=42) returned 0
[0193.778] GetWindowTextW (in: hWnd=0x702ce, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0193.778] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0193.778] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0193.778] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0193.790] InvalidateRect (hWnd=0x1102dc, lpRect=0x0, bErase=0) returned 1
[0193.790] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0193.790] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0193.791] SendMessageW (hWnd=0x1302d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0193.791] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0193.791] SendMessageW (hWnd=0x1302d8, Msg=0xb0, wParam=0x2cb1514, lParam=0xd7e480) returned 0x0
[0193.791] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0xb0, wParam=0x2cb1514, lParam=0xd7e480) returned 0x0
[0193.791] GetWindowTextLengthW (hWnd=0x1302d8) returned 4363
[0193.791] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0193.791] GetSystemMetrics (nIndex=42) returned 0
[0193.791] CoTaskMemAlloc (cb=0x221c) returned 0x11fff70
[0193.791] GetWindowTextW (in: hWnd=0x1302d8, lpString=0x11fff70, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0193.791] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0xd, wParam=0x110c, lParam=0x11fff70) returned 0x110b
[0193.791] CoTaskMemFree (pv=0x11fff70)
[0193.791] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0193.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1400ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.793] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x702ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.795] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.796] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.798] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x13013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.799] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0193.803] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.803] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.803] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.803] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.803] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.803] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.804] IsWindowUnicode (hWnd=0x7005c) returned 1
[0193.804] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.804] SetCursor (hCursor=0x10003) returned 0x10003
[0193.804] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.804] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.804] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0193.804] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0193.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0193.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080231) returned 0x0
[0193.804] GetKeyState (nVirtKey=1) returned 1
[0193.805] GetKeyState (nVirtKey=2) returned 0
[0193.805] GetKeyState (nVirtKey=4) returned 0
[0193.805] GetKeyState (nVirtKey=5) returned 0
[0193.805] GetKeyState (nVirtKey=6) returned 0
[0193.805] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.805] IsWindowUnicode (hWnd=0x7005c) returned 1
[0193.805] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.805] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.805] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.806] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.806] IsWindowUnicode (hWnd=0x7005c) returned 1
[0193.806] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ef) returned 0x1
[0193.807] SetCursor (hCursor=0x10003) returned 0x10003
[0193.807] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.807] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080231) returned 0x0
[0193.807] GetKeyState (nVirtKey=1) returned 1
[0193.807] GetKeyState (nVirtKey=2) returned 0
[0193.807] GetKeyState (nVirtKey=4) returned 0
[0193.807] GetKeyState (nVirtKey=5) returned 0
[0193.807] GetKeyState (nVirtKey=6) returned 0
[0193.807] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.807] IsWindowUnicode (hWnd=0x602c4) returned 1
[0193.807] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.808] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.808] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.808] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.808] IsWindowUnicode (hWnd=0x602c4) returned 1
[0193.808] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.809] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.809] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.809] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0193.809] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.809] CreateCompatibleDC (hdc=0x107b9) returned 0x9e0107e0
[0193.809] SelectObject (hdc=0x9e0107e0, h=0x4a0507fe) returned 0x85000f
[0193.809] GdipCreateFromHDC (hdc=0x9e0107e0, graphics=0xd7e798) returned 0x0
[0193.815] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0193.815] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0193.815] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0193.816] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0193.816] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0193.816] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.816] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0193.816] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.816] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0193.816] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0193.816] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0193.816] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0193.816] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0193.816] GdipRestoreGraphics (graphics=0x6600030, state=0xfb1c0dbd) returned 0x0
[0193.816] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0193.816] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0193.816] GetCurrentObject (hdc=0x9e0107e0, type=0x1) returned 0xb00017
[0193.816] GetCurrentObject (hdc=0x9e0107e0, type=0x2) returned 0x900010
[0193.816] GetCurrentObject (hdc=0x9e0107e0, type=0x7) returned 0x4a0507fe
[0193.817] GetCurrentObject (hdc=0x9e0107e0, type=0x6) returned 0x8a01c2
[0193.817] SaveDC (hdc=0x9e0107e0) returned 1
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0xff) returned 0xff
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0x55) returned 0x55
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0x0) returned 0x0
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0x55) returned 0x55
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0x0) returned 0x0
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0x8080ff) returned 0x8080ff
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0x7373e5) returned 0x7373e5
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0xe5) returned 0xe5
[0193.817] GetNearestColor (hdc=0x9e0107e0, color=0x0) returned 0x0
[0193.817] RestoreDC (hdc=0x9e0107e0, nSavedDC=-1) returned 1
[0193.817] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107e0) returned 0x0
[0193.818] IsAppThemed () returned 0x1
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] IsAppThemed () returned 0x1
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2cdb28c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0193.818] IsAppThemed () returned 0x1
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] IsAppThemed () returned 0x1
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] GetThemeAppProperties () returned 0x3
[0193.818] GetFocus () returned 0x602c4
[0193.819] IsAppThemed () returned 0x1
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] IsAppThemed () returned 0x1
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] IsThemePartDefined () returned 0x1
[0193.819] IsAppThemed () returned 0x1
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0193.819] IsAppThemed () returned 0x1
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] IsAppThemed () returned 0x1
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] GetThemeAppProperties () returned 0x3
[0193.819] IsThemePartDefined () returned 0x1
[0193.819] GdipCreateRegion (region=0xd7e508) returned 0x0
[0193.819] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0193.819] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0193.819] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0193.820] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e520) returned 0x0
[0193.820] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0193.820] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0193.820] LocalFree (hMem=0x11eec58) returned 0x0
[0193.820] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.820] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0193.820] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.820] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0193.820] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0193.820] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0193.820] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0193.820] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0193.820] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0193.820] GetCurrentObject (hdc=0x9e0107e0, type=0x1) returned 0xb00017
[0193.820] GetCurrentObject (hdc=0x9e0107e0, type=0x2) returned 0x900010
[0193.820] GetCurrentObject (hdc=0x9e0107e0, type=0x7) returned 0x4a0507fe
[0193.820] GetCurrentObject (hdc=0x9e0107e0, type=0x6) returned 0x8a01c2
[0193.821] SaveDC (hdc=0x9e0107e0) returned 1
[0193.821] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3c0407de
[0193.821] GetClipRgn (hdc=0x9e0107e0, hrgn=0x3c0407de) returned 0
[0193.821] SelectClipRgn (hdc=0x9e0107e0, hrgn=0xb0040807) returned 2
[0193.821] DeleteObject (ho=0x3c0407de) returned 1
[0193.821] DeleteObject (ho=0xb0040807) returned 1
[0193.821] OffsetViewportOrgEx (in: hdc=0x9e0107e0, x=0, y=0, lppt=0x2cdb93c | out: lppt=0x2cdb93c) returned 1
[0193.821] DrawThemeParentBackground () returned 0x0
[0193.822] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0193.822] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0193.822] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.822] GetSystemMetrics (nIndex=42) returned 0
[0193.822] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0193.822] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0193.822] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0193.822] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0193.822] SelectPalette (hdc=0x9e0107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.822] GdipCreateFromHDC (hdc=0x9e0107e0, graphics=0xd7dff8) returned 0x0
[0193.822] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0193.822] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0193.823] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638ab8) returned 0x0
[0193.823] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfd0) returned 0x0
[0193.823] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0193.823] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0193.823] GdipGetClip (graphics=0x6635e20, region=0x6646b98) returned 0x0
[0193.823] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6635e20, result=0xd7dfc4) returned 0x0
[0193.823] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0193.823] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dff0) returned 0x0
[0193.823] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0193.840] GdipFillRectangleI (graphics=0x6635e20, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0193.840] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0193.842] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0193.842] SelectPalette (hdc=0x9e0107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.842] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.843] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.843] GetSystemMetrics (nIndex=42) returned 0
[0193.843] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.843] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0193.843] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0193.843] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0193.843] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0193.843] SelectPalette (hdc=0x9e0107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0193.843] GdipCreateFromHDC (hdc=0x9e0107e0, graphics=0xd7df98) returned 0x0
[0193.843] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0193.843] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0193.843] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638c38) returned 0x0
[0193.843] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df70) returned 0x0
[0193.843] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0193.844] GdipCreateRegion (region=0xd7df58) returned 0x0
[0193.844] GdipGetClip (graphics=0x6635e20, region=0x66468c8) returned 0x0
[0193.844] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6635e20, result=0xd7df64) returned 0x0
[0193.844] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0193.844] GdipSaveGraphics (graphics=0x6635e20, state=0xd7df90) returned 0x0
[0193.844] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0193.853] GdipFillRectangleI (graphics=0x6635e20, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0193.854] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0193.855] GdipRestoreGraphics (graphics=0x6635e20, state=0xfb180dbd) returned 0x0
[0193.855] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0193.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0193.855] GetSystemMetrics (nIndex=42) returned 0
[0193.855] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0193.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0193.856] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0193.856] SelectPalette (hdc=0x9e0107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.856] RestoreDC (hdc=0x9e0107e0, nSavedDC=-1) returned 1
[0193.856] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107e0) returned 0x0
[0193.856] IsAppThemed () returned 0x1
[0193.888] GetThemeAppProperties () returned 0x3
[0193.888] GetThemeAppProperties () returned 0x3
[0193.888] IsAppThemed () returned 0x1
[0193.888] GetThemeAppProperties () returned 0x3
[0193.888] GetThemeAppProperties () returned 0x3
[0193.888] IsThemePartDefined () returned 0x1
[0193.888] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0193.888] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0193.888] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0193.888] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0193.889] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e4a4) returned 0x0
[0193.889] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0193.889] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0193.889] LocalFree (hMem=0x11eea28) returned 0x0
[0193.889] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.889] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0193.889] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.889] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0193.889] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0193.889] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0193.889] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0193.889] GdipDeleteRegion (region=0x6646838) returned 0x0
[0193.889] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0193.889] GetCurrentObject (hdc=0x9e0107e0, type=0x1) returned 0xb00017
[0193.889] GetCurrentObject (hdc=0x9e0107e0, type=0x2) returned 0x900010
[0193.889] GetCurrentObject (hdc=0x9e0107e0, type=0x7) returned 0x4a0507fe
[0193.890] GetCurrentObject (hdc=0x9e0107e0, type=0x6) returned 0x8a01c2
[0193.890] SaveDC (hdc=0x9e0107e0) returned 1
[0193.890] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb1040807
[0193.890] GetClipRgn (hdc=0x9e0107e0, hrgn=0xb1040807) returned 0
[0193.890] SelectClipRgn (hdc=0x9e0107e0, hrgn=0x3e0407de) returned 2
[0193.890] DeleteObject (ho=0xb1040807) returned 1
[0193.890] DeleteObject (ho=0x3e0407de) returned 1
[0193.890] OffsetViewportOrgEx (in: hdc=0x9e0107e0, x=0, y=0, lppt=0x2ce218c | out: lppt=0x2ce218c) returned 1
[0193.890] IsAppThemed () returned 0x1
[0193.890] GetThemeAppProperties () returned 0x3
[0193.890] GetThemeAppProperties () returned 0x3
[0193.890] DrawThemeBackground () returned 0x0
[0193.890] RestoreDC (hdc=0x9e0107e0, nSavedDC=-1) returned 1
[0193.890] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107e0) returned 0x0
[0193.891] GdipCreateRegion (region=0xd7e490) returned 0x0
[0193.891] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0193.891] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0193.891] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0193.891] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e4a8) returned 0x0
[0193.891] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0193.891] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0193.891] LocalFree (hMem=0x11ee9f0) returned 0x0
[0193.891] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0193.891] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0193.891] LocalFree (hMem=0x11ee788) returned 0x0
[0193.891] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0193.891] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0193.891] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0193.891] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0193.891] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0193.891] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0193.891] GetCurrentObject (hdc=0x9e0107e0, type=0x1) returned 0xb00017
[0193.892] GetCurrentObject (hdc=0x9e0107e0, type=0x2) returned 0x900010
[0193.892] GetCurrentObject (hdc=0x9e0107e0, type=0x7) returned 0x4a0507fe
[0193.892] GetCurrentObject (hdc=0x9e0107e0, type=0x6) returned 0x8a01c2
[0193.892] SaveDC (hdc=0x9e0107e0) returned 1
[0193.892] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f0407de
[0193.892] GetClipRgn (hdc=0x9e0107e0, hrgn=0x3f0407de) returned 0
[0193.892] SelectClipRgn (hdc=0x9e0107e0, hrgn=0xb2040807) returned 2
[0193.892] DeleteObject (ho=0x3f0407de) returned 1
[0193.892] DeleteObject (ho=0xb2040807) returned 1
[0193.892] OffsetViewportOrgEx (in: hdc=0x9e0107e0, x=0, y=0, lppt=0x2ce2460 | out: lppt=0x2ce2460) returned 1
[0193.892] IsAppThemed () returned 0x1
[0193.892] GetThemeAppProperties () returned 0x3
[0193.892] GetThemeAppProperties () returned 0x3
[0193.892] GetThemeBackgroundContentRect () returned 0x0
[0193.892] RestoreDC (hdc=0x9e0107e0, nSavedDC=-1) returned 1
[0193.892] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107e0) returned 0x0
[0193.893] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0193.893] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0193.893] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0193.893] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0193.893] IsAppThemed () returned 0x1
[0193.893] GetThemeAppProperties () returned 0x3
[0193.893] GetThemeAppProperties () returned 0x3
[0193.893] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0193.893] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0193.893] GetCurrentObject (hdc=0x9e0107e0, type=0x1) returned 0xb00017
[0193.893] GetCurrentObject (hdc=0x9e0107e0, type=0x2) returned 0x900010
[0193.893] GetCurrentObject (hdc=0x9e0107e0, type=0x7) returned 0x4a0507fe
[0193.893] GetCurrentObject (hdc=0x9e0107e0, type=0x6) returned 0x8a01c2
[0193.893] SaveDC (hdc=0x9e0107e0) returned 1
[0193.893] GetTextAlign (hdc=0x9e0107e0) returned 0x0
[0193.893] GetTextColor (hdc=0x9e0107e0) returned 0x0
[0193.893] GetCurrentObject (hdc=0x9e0107e0, type=0x6) returned 0x8a01c2
[0193.894] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0193.894] SelectObject (hdc=0x9e0107e0, h=0x6d0a0520) returned 0x8a01c2
[0193.894] GetBkMode (hdc=0x9e0107e0) returned 2
[0193.894] SetBkMode (hdc=0x9e0107e0, mode=1) returned 2
[0193.894] DrawTextExW (in: hdc=0x9e0107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2ce2824 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0193.894] DrawTextExW (in: hdc=0x9e0107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2ce2824 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0193.895] RestoreDC (hdc=0x9e0107e0, nSavedDC=-1) returned 1
[0193.895] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107e0) returned 0x0
[0193.895] GetFocus () returned 0x602c4
[0193.895] IsAppThemed () returned 0x1
[0193.895] GetThemeAppProperties () returned 0x3
[0193.895] GetThemeAppProperties () returned 0x3
[0193.895] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0193.895] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x9e0107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0193.895] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107e0) returned 0x0
[0193.895] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0193.895] SelectObject (hdc=0x9e0107e0, h=0x85000f) returned 0x4a0507fe
[0193.895] DeleteDC (hdc=0x9e0107e0) returned 1
[0193.896] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0193.896] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0193.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.896] WaitMessage () returned 1
[0193.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.896] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.896] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.896] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.896] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.897] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.897] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.897] WaitMessage () returned 1
[0193.907] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.907] IsWindowUnicode (hWnd=0x7005c) returned 1
[0193.907] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.907] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.907] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.908] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.908] IsWindowUnicode (hWnd=0x7005c) returned 1
[0193.908] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.908] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.908] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1080231) returned 0x0
[0193.908] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.908] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.908] WaitMessage () returned 1
[0193.944] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.944] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.944] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.945] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.945] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.946] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.946] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.946] WaitMessage () returned 1
[0193.947] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.947] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.947] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.947] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.947] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.948] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.948] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.948] WaitMessage () returned 1
[0193.949] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.949] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.949] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.949] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.949] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.956] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.956] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.956] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.956] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.957] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.957] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.957] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.957] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.957] WaitMessage () returned 1
[0193.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.959] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.959] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.960] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.960] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.961] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.961] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.962] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.962] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.962] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.962] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.963] WaitMessage () returned 1
[0193.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.963] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.965] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.965] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.965] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.965] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.965] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.965] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.965] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.965] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.965] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.965] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.970] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.970] WaitMessage () returned 1
[0193.971] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.971] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.971] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.971] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.971] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.973] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.973] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.973] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0193.973] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0193.973] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0193.973] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0193.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0193.974] WaitMessage () returned 1
[0194.049] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0194.049] IsWindowUnicode (hWnd=0x502c6) returned 1
[0194.049] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0194.049] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0194.050] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0194.050] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0194.050] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0194.050] WaitMessage () returned 1
[0195.570] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.570] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0110) returned 0x1
[0195.571] IsWindowUnicode (hWnd=0x602c4) returned 1
[0195.571] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.571] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0195.571] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0195.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0195.571] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0110) returned 0x1
[0195.571] IsWindowUnicode (hWnd=0x602c4) returned 1
[0195.571] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0110) returned 0x1
[0195.571] SetCursor (hCursor=0x10003) returned 0x10003
[0195.572] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0195.572] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0195.572] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0195.572] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0195.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0195.572] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0195.572] GetKeyState (nVirtKey=1) returned 1
[0195.572] GetKeyState (nVirtKey=2) returned 0
[0195.572] GetKeyState (nVirtKey=4) returned 0
[0195.572] GetKeyState (nVirtKey=5) returned 0
[0195.572] GetKeyState (nVirtKey=6) returned 0
[0195.572] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.572] IsWindowUnicode (hWnd=0x602c4) returned 1
[0195.572] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.572] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0195.572] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0195.573] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0195.573] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0195.573] CreateCompatibleDC (hdc=0x107b9) returned 0xbc01067c
[0195.573] SelectObject (hdc=0xbc01067c, h=0x4a0507fe) returned 0x85000f
[0195.573] GdipCreateFromHDC (hdc=0xbc01067c, graphics=0xd7e798) returned 0x0
[0195.573] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0195.573] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0195.573] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0195.573] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0195.573] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0195.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0195.574] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee910) returned 0x0
[0195.574] LocalFree (hMem=0x11ee910) returned 0x0
[0195.574] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0195.574] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0195.574] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0195.574] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0195.574] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0195.574] GdipRestoreGraphics (graphics=0x6600030, state=0xfb160dbd) returned 0x0
[0195.574] GdipDeleteRegion (region=0x6646568) returned 0x0
[0195.574] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0195.574] GetCurrentObject (hdc=0xbc01067c, type=0x1) returned 0xb00017
[0195.574] GetCurrentObject (hdc=0xbc01067c, type=0x2) returned 0x900010
[0195.574] GetCurrentObject (hdc=0xbc01067c, type=0x7) returned 0x4a0507fe
[0195.574] GetCurrentObject (hdc=0xbc01067c, type=0x6) returned 0x8a01c2
[0195.574] SaveDC (hdc=0xbc01067c) returned 1
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0xff) returned 0xff
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0x55) returned 0x55
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0x0) returned 0x0
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0x55) returned 0x55
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0x0) returned 0x0
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0x8080ff) returned 0x8080ff
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0x7373e5) returned 0x7373e5
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0xe5) returned 0xe5
[0195.575] GetNearestColor (hdc=0xbc01067c, color=0x0) returned 0x0
[0195.575] RestoreDC (hdc=0xbc01067c, nSavedDC=-1) returned 1
[0195.576] GdipReleaseDC (graphics=0x6600030, hdc=0xbc01067c) returned 0x0
[0195.576] IsAppThemed () returned 0x1
[0195.576] GetThemeAppProperties () returned 0x3
[0195.576] GetThemeAppProperties () returned 0x3
[0195.576] IsAppThemed () returned 0x1
[0195.576] GetThemeAppProperties () returned 0x3
[0195.576] GetThemeAppProperties () returned 0x3
[0195.576] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2ce3194 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0195.576] IsAppThemed () returned 0x1
[0195.576] GetThemeAppProperties () returned 0x3
[0195.576] GetThemeAppProperties () returned 0x3
[0195.577] IsAppThemed () returned 0x1
[0195.577] GetThemeAppProperties () returned 0x3
[0195.577] GetThemeAppProperties () returned 0x3
[0195.577] IsAppThemed () returned 0x1
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] IsAppThemed () returned 0x1
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] IsThemePartDefined () returned 0x1
[0195.578] IsAppThemed () returned 0x1
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0195.578] IsAppThemed () returned 0x1
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] GetThemeAppProperties () returned 0x3
[0195.578] IsAppThemed () returned 0x1
[0195.579] GetThemeAppProperties () returned 0x3
[0195.579] GetThemeAppProperties () returned 0x3
[0195.579] IsThemePartDefined () returned 0x1
[0195.579] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0195.579] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0195.579] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0195.579] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0195.579] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e514) returned 0x0
[0195.579] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0195.579] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0195.579] LocalFree (hMem=0x11ee868) returned 0x0
[0195.579] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0195.579] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0195.579] LocalFree (hMem=0x11eea28) returned 0x0
[0195.579] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0195.579] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0195.579] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0195.580] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0195.580] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0195.580] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0195.580] GetCurrentObject (hdc=0xbc01067c, type=0x1) returned 0xb00017
[0195.580] GetCurrentObject (hdc=0xbc01067c, type=0x2) returned 0x900010
[0195.580] GetCurrentObject (hdc=0xbc01067c, type=0x7) returned 0x4a0507fe
[0195.580] GetCurrentObject (hdc=0xbc01067c, type=0x6) returned 0x8a01c2
[0195.580] SaveDC (hdc=0xbc01067c) returned 1
[0195.580] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb3040807
[0195.580] GetClipRgn (hdc=0xbc01067c, hrgn=0xb3040807) returned 0
[0195.580] SelectClipRgn (hdc=0xbc01067c, hrgn=0x430407de) returned 2
[0195.580] DeleteObject (ho=0xb3040807) returned 1
[0195.580] DeleteObject (ho=0x430407de) returned 1
[0195.580] OffsetViewportOrgEx (in: hdc=0xbc01067c, x=0, y=0, lppt=0x2ce3844 | out: lppt=0x2ce3844) returned 1
[0195.580] DrawThemeParentBackground () returned 0x0
[0195.581] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0195.581] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0195.581] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.581] GetSystemMetrics (nIndex=42) returned 0
[0195.581] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0195.581] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0195.581] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0195.581] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0195.581] SelectPalette (hdc=0xbc01067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0195.581] GdipCreateFromHDC (hdc=0xbc01067c, graphics=0xd7dff0) returned 0x0
[0195.582] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0195.582] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0195.582] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638ba8) returned 0x0
[0195.582] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dfc8) returned 0x0
[0195.582] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0195.582] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0195.582] GdipGetClip (graphics=0x6635e20, region=0x6646688) returned 0x0
[0195.582] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6635e20, result=0xd7dfbc) returned 0x0
[0195.582] GdipDeleteRegion (region=0x6646688) returned 0x0
[0195.582] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dfe8) returned 0x0
[0195.582] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0195.594] GdipFillRectangleI (graphics=0x6635e20, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0195.594] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0195.595] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0195.595] SelectPalette (hdc=0xbc01067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0195.596] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.596] GetSystemMetrics (nIndex=42) returned 0
[0195.596] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0195.596] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0195.596] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0195.596] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0195.596] SelectPalette (hdc=0xbc01067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0195.596] GdipCreateFromHDC (hdc=0xbc01067c, graphics=0xd7df90) returned 0x0
[0195.596] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0195.597] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0195.597] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638db8) returned 0x0
[0195.597] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df68) returned 0x0
[0195.597] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0195.597] GdipCreateRegion (region=0xd7df50) returned 0x0
[0195.597] GdipGetClip (graphics=0x6635e20, region=0x66464d8) returned 0x0
[0195.597] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6635e20, result=0xd7df5c) returned 0x0
[0195.597] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0195.597] GdipSaveGraphics (graphics=0x6635e20, state=0xd7df88) returned 0x0
[0195.597] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0195.608] GdipFillRectangleI (graphics=0x6635e20, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0195.608] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0195.609] GdipRestoreGraphics (graphics=0x6635e20, state=0xfb120dbd) returned 0x0
[0195.609] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.609] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.610] GetSystemMetrics (nIndex=42) returned 0
[0195.610] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.610] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0195.610] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0195.610] SelectPalette (hdc=0xbc01067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0195.610] RestoreDC (hdc=0xbc01067c, nSavedDC=-1) returned 1
[0195.610] GdipReleaseDC (graphics=0x6600030, hdc=0xbc01067c) returned 0x0
[0195.610] IsAppThemed () returned 0x1
[0195.610] GetThemeAppProperties () returned 0x3
[0195.610] GetThemeAppProperties () returned 0x3
[0195.610] IsAppThemed () returned 0x1
[0195.611] GetThemeAppProperties () returned 0x3
[0195.611] GetThemeAppProperties () returned 0x3
[0195.611] IsThemePartDefined () returned 0x1
[0195.611] GdipCreateRegion (region=0xd7e480) returned 0x0
[0195.611] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0195.611] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0195.611] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0195.611] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e498) returned 0x0
[0195.611] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0195.611] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea28) returned 0x0
[0195.611] LocalFree (hMem=0x11eea28) returned 0x0
[0195.611] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0195.611] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0195.611] LocalFree (hMem=0x11eec58) returned 0x0
[0195.611] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0195.611] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0195.611] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0195.612] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0195.612] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0195.612] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0195.612] GetCurrentObject (hdc=0xbc01067c, type=0x1) returned 0xb00017
[0195.612] GetCurrentObject (hdc=0xbc01067c, type=0x2) returned 0x900010
[0195.612] GetCurrentObject (hdc=0xbc01067c, type=0x7) returned 0x4a0507fe
[0195.612] GetCurrentObject (hdc=0xbc01067c, type=0x6) returned 0x8a01c2
[0195.612] SaveDC (hdc=0xbc01067c) returned 1
[0195.612] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x440407de
[0195.612] GetClipRgn (hdc=0xbc01067c, hrgn=0x440407de) returned 0
[0195.612] SelectClipRgn (hdc=0xbc01067c, hrgn=0xb5040807) returned 2
[0195.612] DeleteObject (ho=0x440407de) returned 1
[0195.612] DeleteObject (ho=0xb5040807) returned 1
[0195.612] OffsetViewportOrgEx (in: hdc=0xbc01067c, x=0, y=0, lppt=0x2cea094 | out: lppt=0x2cea094) returned 1
[0195.613] IsAppThemed () returned 0x1
[0195.613] GetThemeAppProperties () returned 0x3
[0195.613] GetThemeAppProperties () returned 0x3
[0195.613] DrawThemeBackground () returned 0x0
[0195.613] RestoreDC (hdc=0xbc01067c, nSavedDC=-1) returned 1
[0195.613] GdipReleaseDC (graphics=0x6600030, hdc=0xbc01067c) returned 0x0
[0195.613] GdipCreateRegion (region=0xd7e484) returned 0x0
[0195.613] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0195.613] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0195.613] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0195.613] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e49c) returned 0x0
[0195.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0195.613] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0195.613] LocalFree (hMem=0x11ee868) returned 0x0
[0195.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0195.613] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0195.614] LocalFree (hMem=0x11eec58) returned 0x0
[0195.614] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0195.614] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0195.614] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0195.614] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0195.614] GdipDeleteRegion (region=0x6646298) returned 0x0
[0195.614] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0195.614] GetCurrentObject (hdc=0xbc01067c, type=0x1) returned 0xb00017
[0195.614] GetCurrentObject (hdc=0xbc01067c, type=0x2) returned 0x900010
[0195.614] GetCurrentObject (hdc=0xbc01067c, type=0x7) returned 0x4a0507fe
[0195.614] GetCurrentObject (hdc=0xbc01067c, type=0x6) returned 0x8a01c2
[0195.614] SaveDC (hdc=0xbc01067c) returned 1
[0195.614] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb6040807
[0195.614] GetClipRgn (hdc=0xbc01067c, hrgn=0xb6040807) returned 0
[0195.614] SelectClipRgn (hdc=0xbc01067c, hrgn=0x450407de) returned 2
[0195.614] DeleteObject (ho=0xb6040807) returned 1
[0195.615] DeleteObject (ho=0x450407de) returned 1
[0195.615] OffsetViewportOrgEx (in: hdc=0xbc01067c, x=0, y=0, lppt=0x2cea368 | out: lppt=0x2cea368) returned 1
[0195.615] IsAppThemed () returned 0x1
[0195.615] GetThemeAppProperties () returned 0x3
[0195.615] GetThemeAppProperties () returned 0x3
[0195.615] GetThemeBackgroundContentRect () returned 0x0
[0195.615] RestoreDC (hdc=0xbc01067c, nSavedDC=-1) returned 1
[0195.615] GdipReleaseDC (graphics=0x6600030, hdc=0xbc01067c) returned 0x0
[0195.615] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0195.615] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0195.615] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0195.615] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0195.615] IsAppThemed () returned 0x1
[0195.615] GetThemeAppProperties () returned 0x3
[0195.615] GetThemeAppProperties () returned 0x3
[0195.615] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0195.616] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0195.616] GetCurrentObject (hdc=0xbc01067c, type=0x1) returned 0xb00017
[0195.616] GetCurrentObject (hdc=0xbc01067c, type=0x2) returned 0x900010
[0195.616] GetCurrentObject (hdc=0xbc01067c, type=0x7) returned 0x4a0507fe
[0195.616] GetCurrentObject (hdc=0xbc01067c, type=0x6) returned 0x8a01c2
[0195.616] SaveDC (hdc=0xbc01067c) returned 1
[0195.616] GetTextAlign (hdc=0xbc01067c) returned 0x0
[0195.616] GetTextColor (hdc=0xbc01067c) returned 0x0
[0195.616] GetCurrentObject (hdc=0xbc01067c, type=0x6) returned 0x8a01c2
[0195.616] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0195.616] SelectObject (hdc=0xbc01067c, h=0x6d0a0520) returned 0x8a01c2
[0195.616] GetBkMode (hdc=0xbc01067c) returned 2
[0195.616] SetBkMode (hdc=0xbc01067c, mode=1) returned 2
[0195.617] DrawTextExW (in: hdc=0xbc01067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2cea72c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0195.617] DrawTextExW (in: hdc=0xbc01067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2cea72c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0195.617] RestoreDC (hdc=0xbc01067c, nSavedDC=-1) returned 1
[0195.617] GdipReleaseDC (graphics=0x6600030, hdc=0xbc01067c) returned 0x0
[0195.617] GetFocus () returned 0x602c4
[0195.618] IsAppThemed () returned 0x1
[0195.618] GetThemeAppProperties () returned 0x3
[0195.618] GetThemeAppProperties () returned 0x3
[0195.618] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0195.618] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xbc01067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0195.618] GdipReleaseDC (graphics=0x6600030, hdc=0xbc01067c) returned 0x0
[0195.618] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0195.618] SelectObject (hdc=0xbc01067c, h=0x85000f) returned 0x4a0507fe
[0195.618] DeleteDC (hdc=0xbc01067c) returned 1
[0195.618] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0195.619] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0195.619] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0195.619] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0195.619] WaitMessage () returned 1
[0195.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.726] IsWindowUnicode (hWnd=0x602c4) returned 1
[0195.727] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.727] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0195.727] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0195.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.727] IsWindowUnicode (hWnd=0x602c4) returned 1
[0195.727] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.727] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0195.727] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0195.727] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x50035) returned 0x0
[0195.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0195.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0195.727] WaitMessage () returned 1
[0195.800] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.800] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0110) returned 0x1
[0195.800] IsWindowUnicode (hWnd=0x602c4) returned 1
[0195.800] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.800] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0110) returned 0x1
[0195.800] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0195.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1970052) returned 0x0
[0195.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0195.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0195.801] SetCursor (hCursor=0x10003) returned 0x10003
[0195.801] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0195.801] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0195.801] GetKeyState (nVirtKey=1) returned -128
[0195.801] GetKeyState (nVirtKey=2) returned 0
[0195.801] GetKeyState (nVirtKey=4) returned 0
[0195.801] GetKeyState (nVirtKey=5) returned 0
[0195.801] GetKeyState (nVirtKey=6) returned 0
[0195.801] IsWindowVisible (hWnd=0x602c4) returned 1
[0195.801] IsWindowEnabled (hWnd=0x602c4) returned 1
[0195.801] SetFocus (hWnd=0x602c4) returned 0x602c4
[0195.801] GetFocus () returned 0x602c4
[0195.802] GetFocus () returned 0x602c4
[0195.802] GetFocus () returned 0x602c4
[0195.802] GetKeyState (nVirtKey=1) returned -128
[0195.802] GetKeyState (nVirtKey=2) returned 0
[0195.802] GetKeyState (nVirtKey=4) returned 0
[0195.802] GetKeyState (nVirtKey=5) returned 0
[0195.802] GetKeyState (nVirtKey=6) returned 0
[0195.802] GetCapture () returned 0x0
[0195.802] SetCapture (hWnd=0x602c4) returned 0x0
[0195.802] GetKeyState (nVirtKey=1) returned -128
[0195.802] GetKeyState (nVirtKey=2) returned 0
[0195.802] GetKeyState (nVirtKey=4) returned 0
[0195.802] GetKeyState (nVirtKey=5) returned 0
[0195.802] GetKeyState (nVirtKey=6) returned 0
[0195.802] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0195.802] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0195.802] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.802] IsWindowUnicode (hWnd=0x602c4) returned 1
[0195.802] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0195.803] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0195.803] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0195.803] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cea8b0, cPoints=0x1 | out: lpPoints=0x2cea8b0) returned 40304859
[0195.803] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0195.803] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0195.803] UpdateWindow (hWnd=0x602c4) returned 1
[0195.803] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0195.803] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0195.803] CreateCompatibleDC (hdc=0x107b9) returned 0xbd01067c
[0195.803] SelectObject (hdc=0xbd01067c, h=0x4a0507fe) returned 0x85000f
[0195.803] GdipCreateFromHDC (hdc=0xbd01067c, graphics=0xd7e430) returned 0x0
[0195.804] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0195.804] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0195.804] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0195.804] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0195.804] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e490) returned 0x0
[0195.804] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0195.804] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0195.804] LocalFree (hMem=0x11ee8d8) returned 0x0
[0195.804] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0195.804] GdipCreateRegion (region=0xd7e478) returned 0x0
[0195.804] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0195.804] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0195.804] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0195.804] GdipRestoreGraphics (graphics=0x6600030, state=0xfb100dbd) returned 0x0
[0195.804] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0195.805] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0195.805] GetCurrentObject (hdc=0xbd01067c, type=0x1) returned 0xb00017
[0195.805] GetCurrentObject (hdc=0xbd01067c, type=0x2) returned 0x900010
[0195.805] GetCurrentObject (hdc=0xbd01067c, type=0x7) returned 0x4a0507fe
[0195.805] GetCurrentObject (hdc=0xbd01067c, type=0x6) returned 0x8a01c2
[0195.805] SaveDC (hdc=0xbd01067c) returned 1
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0xff) returned 0xff
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0x55) returned 0x55
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0x0) returned 0x0
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0x55) returned 0x55
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0x0) returned 0x0
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0x8080ff) returned 0x8080ff
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0x7373e5) returned 0x7373e5
[0195.805] GetNearestColor (hdc=0xbd01067c, color=0xe5) returned 0xe5
[0195.806] GetNearestColor (hdc=0xbd01067c, color=0x0) returned 0x0
[0195.806] RestoreDC (hdc=0xbd01067c, nSavedDC=-1) returned 1
[0195.806] GdipReleaseDC (graphics=0x6600030, hdc=0xbd01067c) returned 0x0
[0195.806] IsAppThemed () returned 0x1
[0195.806] GetThemeAppProperties () returned 0x3
[0195.806] GetThemeAppProperties () returned 0x3
[0195.806] IsAppThemed () returned 0x1
[0195.806] GetThemeAppProperties () returned 0x3
[0195.806] GetThemeAppProperties () returned 0x3
[0195.806] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2ceafcc | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0195.806] IsAppThemed () returned 0x1
[0195.806] GetThemeAppProperties () returned 0x3
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] IsAppThemed () returned 0x1
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] IsAppThemed () returned 0x1
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] IsAppThemed () returned 0x1
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] IsThemePartDefined () returned 0x1
[0195.807] IsAppThemed () returned 0x1
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0195.807] IsAppThemed () returned 0x1
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] IsAppThemed () returned 0x1
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] GetThemeAppProperties () returned 0x3
[0195.807] IsThemePartDefined () returned 0x1
[0195.807] GdipCreateRegion (region=0xd7e194) returned 0x0
[0195.808] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0195.808] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0195.808] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0195.808] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e1ac) returned 0x0
[0195.808] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0195.808] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0195.808] LocalFree (hMem=0x11eec58) returned 0x0
[0195.808] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0195.808] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0195.808] LocalFree (hMem=0x11ee788) returned 0x0
[0195.808] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0195.808] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0195.808] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0195.808] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0195.808] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0195.808] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0195.808] GetCurrentObject (hdc=0xbd01067c, type=0x1) returned 0xb00017
[0195.808] GetCurrentObject (hdc=0xbd01067c, type=0x2) returned 0x900010
[0195.809] GetCurrentObject (hdc=0xbd01067c, type=0x7) returned 0x4a0507fe
[0195.809] GetCurrentObject (hdc=0xbd01067c, type=0x6) returned 0x8a01c2
[0195.809] SaveDC (hdc=0xbd01067c) returned 1
[0195.809] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x460407de
[0195.809] GetClipRgn (hdc=0xbd01067c, hrgn=0x460407de) returned 0
[0195.809] SelectClipRgn (hdc=0xbd01067c, hrgn=0xba040807) returned 2
[0195.809] DeleteObject (ho=0x460407de) returned 1
[0195.809] DeleteObject (ho=0xba040807) returned 1
[0195.809] OffsetViewportOrgEx (in: hdc=0xbd01067c, x=0, y=0, lppt=0x2ceb67c | out: lppt=0x2ceb67c) returned 1
[0195.809] DrawThemeParentBackground () returned 0x0
[0195.809] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0195.810] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0195.810] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.810] GetSystemMetrics (nIndex=42) returned 0
[0195.810] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0195.810] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0195.810] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0195.810] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0195.810] SelectPalette (hdc=0xbd01067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0195.810] GdipCreateFromHDC (hdc=0xbd01067c, graphics=0xd7dc88) returned 0x0
[0195.810] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0195.810] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0195.810] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638b78) returned 0x0
[0195.810] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc60) returned 0x0
[0195.810] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0195.810] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0195.811] GdipGetClip (graphics=0x6635e20, region=0x6646dd8) returned 0x0
[0195.811] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6635e20, result=0xd7dc54) returned 0x0
[0195.811] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0195.811] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc80) returned 0x0
[0195.811] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0195.821] GdipFillRectangleI (graphics=0x6635e20, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0195.821] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0195.823] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0195.823] SelectPalette (hdc=0xbd01067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0195.823] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.823] GetSystemMetrics (nIndex=42) returned 0
[0195.823] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0195.823] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0195.823] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0195.823] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0195.823] SelectPalette (hdc=0xbd01067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0195.824] GdipCreateFromHDC (hdc=0xbd01067c, graphics=0xd7dc28) returned 0x0
[0195.824] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0195.824] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0195.824] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638db8) returned 0x0
[0195.824] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dc00) returned 0x0
[0195.824] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0195.824] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0195.824] GdipGetClip (graphics=0x6635e20, region=0x6646718) returned 0x0
[0195.824] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6635e20, result=0xd7dbf4) returned 0x0
[0195.824] GdipDeleteRegion (region=0x6646718) returned 0x0
[0195.824] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc20) returned 0x0
[0195.824] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0195.834] GdipFillRectangleI (graphics=0x6635e20, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0195.835] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0195.836] GdipRestoreGraphics (graphics=0x6635e20, state=0xfb0c0dbd) returned 0x0
[0195.836] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.836] GetSystemMetrics (nIndex=42) returned 0
[0195.836] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0195.837] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0195.837] SelectPalette (hdc=0xbd01067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0195.837] RestoreDC (hdc=0xbd01067c, nSavedDC=-1) returned 1
[0195.837] GdipReleaseDC (graphics=0x6600030, hdc=0xbd01067c) returned 0x0
[0195.837] IsAppThemed () returned 0x1
[0195.837] GetThemeAppProperties () returned 0x3
[0195.837] GetThemeAppProperties () returned 0x3
[0195.837] IsAppThemed () returned 0x1
[0195.837] GetThemeAppProperties () returned 0x3
[0195.837] GetThemeAppProperties () returned 0x3
[0195.837] IsThemePartDefined () returned 0x1
[0195.837] GdipCreateRegion (region=0xd7e118) returned 0x0
[0195.838] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0195.838] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0195.838] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0195.838] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e130) returned 0x0
[0195.838] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0195.838] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0195.838] LocalFree (hMem=0x11ee8d8) returned 0x0
[0195.838] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0195.838] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0195.838] LocalFree (hMem=0x11ee9f0) returned 0x0
[0195.838] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0195.838] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0195.838] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0195.838] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0195.838] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0195.838] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0195.838] GetCurrentObject (hdc=0xbd01067c, type=0x1) returned 0xb00017
[0195.839] GetCurrentObject (hdc=0xbd01067c, type=0x2) returned 0x900010
[0195.839] GetCurrentObject (hdc=0xbd01067c, type=0x7) returned 0x4a0507fe
[0195.839] GetCurrentObject (hdc=0xbd01067c, type=0x6) returned 0x8a01c2
[0195.839] SaveDC (hdc=0xbd01067c) returned 1
[0195.839] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbb040807
[0195.839] GetClipRgn (hdc=0xbd01067c, hrgn=0xbb040807) returned 0
[0195.839] SelectClipRgn (hdc=0xbd01067c, hrgn=0x480407de) returned 2
[0195.839] DeleteObject (ho=0xbb040807) returned 1
[0195.839] DeleteObject (ho=0x480407de) returned 1
[0195.839] OffsetViewportOrgEx (in: hdc=0xbd01067c, x=0, y=0, lppt=0x2cf1ecc | out: lppt=0x2cf1ecc) returned 1
[0195.839] IsAppThemed () returned 0x1
[0195.839] GetThemeAppProperties () returned 0x3
[0195.839] GetThemeAppProperties () returned 0x3
[0195.839] DrawThemeBackground () returned 0x0
[0195.839] RestoreDC (hdc=0xbd01067c, nSavedDC=-1) returned 1
[0195.840] GdipReleaseDC (graphics=0x6600030, hdc=0xbd01067c) returned 0x0
[0195.840] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0195.840] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0195.840] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0195.840] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0195.840] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e134) returned 0x0
[0195.840] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0195.840] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0195.840] LocalFree (hMem=0x11ee788) returned 0x0
[0195.840] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0195.840] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0195.840] LocalFree (hMem=0x11ee788) returned 0x0
[0195.840] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0195.840] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0195.840] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0195.840] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0195.840] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0195.841] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0195.841] GetCurrentObject (hdc=0xbd01067c, type=0x1) returned 0xb00017
[0195.841] GetCurrentObject (hdc=0xbd01067c, type=0x2) returned 0x900010
[0195.841] GetCurrentObject (hdc=0xbd01067c, type=0x7) returned 0x4a0507fe
[0195.841] GetCurrentObject (hdc=0xbd01067c, type=0x6) returned 0x8a01c2
[0195.841] SaveDC (hdc=0xbd01067c) returned 1
[0195.841] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x490407de
[0195.841] GetClipRgn (hdc=0xbd01067c, hrgn=0x490407de) returned 0
[0195.841] SelectClipRgn (hdc=0xbd01067c, hrgn=0xbc040807) returned 2
[0195.841] DeleteObject (ho=0x490407de) returned 1
[0195.841] DeleteObject (ho=0xbc040807) returned 1
[0195.842] OffsetViewportOrgEx (in: hdc=0xbd01067c, x=0, y=0, lppt=0x2cf21a0 | out: lppt=0x2cf21a0) returned 1
[0195.842] IsAppThemed () returned 0x1
[0195.842] GetThemeAppProperties () returned 0x3
[0195.842] GetThemeAppProperties () returned 0x3
[0195.842] GetThemeBackgroundContentRect () returned 0x0
[0195.842] RestoreDC (hdc=0xbd01067c, nSavedDC=-1) returned 1
[0195.842] GdipReleaseDC (graphics=0x6600030, hdc=0xbd01067c) returned 0x0
[0195.842] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0195.842] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0195.842] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0195.842] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0195.842] IsAppThemed () returned 0x1
[0195.842] GetThemeAppProperties () returned 0x3
[0195.842] GetThemeAppProperties () returned 0x3
[0195.842] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0195.842] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0195.842] GetCurrentObject (hdc=0xbd01067c, type=0x1) returned 0xb00017
[0195.843] GetCurrentObject (hdc=0xbd01067c, type=0x2) returned 0x900010
[0195.843] GetCurrentObject (hdc=0xbd01067c, type=0x7) returned 0x4a0507fe
[0195.843] GetCurrentObject (hdc=0xbd01067c, type=0x6) returned 0x8a01c2
[0195.843] SaveDC (hdc=0xbd01067c) returned 1
[0195.843] GetTextAlign (hdc=0xbd01067c) returned 0x0
[0195.843] GetTextColor (hdc=0xbd01067c) returned 0x0
[0195.843] GetCurrentObject (hdc=0xbd01067c, type=0x6) returned 0x8a01c2
[0195.843] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0195.843] SelectObject (hdc=0xbd01067c, h=0x6d0a0520) returned 0x8a01c2
[0195.843] GetBkMode (hdc=0xbd01067c) returned 2
[0195.843] SetBkMode (hdc=0xbd01067c, mode=1) returned 2
[0195.843] DrawTextExW (in: hdc=0xbd01067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2cf2564 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0195.844] DrawTextExW (in: hdc=0xbd01067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2cf2564 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0195.844] RestoreDC (hdc=0xbd01067c, nSavedDC=-1) returned 1
[0195.844] GdipReleaseDC (graphics=0x6600030, hdc=0xbd01067c) returned 0x0
[0195.844] GetFocus () returned 0x602c4
[0195.844] IsAppThemed () returned 0x1
[0195.845] GetThemeAppProperties () returned 0x3
[0195.845] GetThemeAppProperties () returned 0x3
[0195.845] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0195.845] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xbd01067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0195.845] GdipReleaseDC (graphics=0x6600030, hdc=0xbd01067c) returned 0x0
[0195.845] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0195.845] SelectObject (hdc=0xbd01067c, h=0x85000f) returned 0x4a0507fe
[0195.845] DeleteDC (hdc=0xbd01067c) returned 1
[0195.845] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0195.846] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0195.846] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cf2660, cPoints=0x1 | out: lpPoints=0x2cf2660) returned 40304859
[0195.846] WindowFromPoint (Point=0x110) returned 0x602c4
[0195.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0110) returned 0x1
[0195.846] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0195.846] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0195.846] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0195.846] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0195.846] GetSystemMetrics (nIndex=42) returned 0
[0195.846] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0195.846] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0195.848] GetCapture () returned 0x602c4
[0195.849] ReleaseCapture () returned 1
[0195.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0195.849] GetProcessWindowStation () returned 0x13c
[0195.849] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.850] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0195.850] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.850] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0195.850] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.851] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0195.851] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.851] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0195.851] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.851] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0195.852] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.852] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0195.852] GetDC (hWnd=0x0) returned 0xc0107c5
[0195.852] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0195.853] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0195.853] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0195.853] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0195.853] GetSystemMetrics (nIndex=5) returned 1
[0195.853] GetSystemMetrics (nIndex=6) returned 1
[0195.853] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.853] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0195.854] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.854] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0195.862] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0195.862] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0195.862] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.862] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0195.863] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.863] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0195.864] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2cf9730 | out: lpData=0x2cf9730) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf9b40, puLen=0xd7e810) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf97e8, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf983c, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf98bc, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9924, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9964, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf99ec, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9a28, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9a80, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9ab0, puLen=0xd7e790) returned 1
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.865] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9aec, puLen=0xd7e790) returned 1
[0195.866] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.866] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf9b40, puLen=0xd7e784) returned 1
[0195.866] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.866] VerQueryValueW (in: pBlock=0x2cf9730, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf9758, puLen=0xd7e794) returned 1
[0195.866] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0195.867] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0195.867] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.867] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0195.867] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.867] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0195.867] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2cfb6a0 | out: lpData=0x2cfb6a0) returned 1
[0195.867] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cfb73c, puLen=0xd7e810) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb7b4, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb7e4, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb820, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb850, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb898, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb910, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb954, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb994, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb792, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfb8e0, puLen=0xd7e790) returned 1
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cfb73c, puLen=0xd7e784) returned 1
[0195.868] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0195.868] VerQueryValueW (in: pBlock=0x2cfb6a0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cfb6c8, puLen=0xd7e794) returned 1
[0195.869] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0195.869] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0195.869] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.869] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0195.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.870] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0195.870] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2cfd978 | out: lpData=0x2cfd978) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cfdd8c, puLen=0xd7e810) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfda30, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfda84, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdae0, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdb40, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdb98, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdc20, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdc74, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdccc, puLen=0xd7e790) returned 1
[0195.871] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdcfc, puLen=0xd7e790) returned 1
[0195.872] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.872] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfdd38, puLen=0xd7e790) returned 1
[0195.872] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.872] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cfdd8c, puLen=0xd7e784) returned 1
[0195.872] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.874] VerQueryValueW (in: pBlock=0x2cfd978, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cfd9a0, puLen=0xd7e794) returned 1
[0195.875] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0195.875] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0195.876] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.876] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0195.876] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.876] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0195.877] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2cfffb0 | out: lpData=0x2cfffb0) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d003b0, puLen=0xd7e810) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d00068, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d000bc, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d000fc, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d00164, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d001bc, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d00244, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d00298, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d002f0, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d00320, puLen=0xd7e790) returned 1
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.878] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0035c, puLen=0xd7e790) returned 1
[0195.879] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.879] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d003b0, puLen=0xd7e784) returned 1
[0195.879] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.879] VerQueryValueW (in: pBlock=0x2cfffb0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cfffd8, puLen=0xd7e794) returned 1
[0195.880] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0195.880] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0195.880] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.880] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0195.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.880] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0195.881] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d026ec | out: lpData=0x2d026ec) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d02ab4, puLen=0xd7e810) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d027a4, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d027f8, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02838, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d028a0, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d028dc, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02964, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0299c, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d029f4, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02a24, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02a60, puLen=0xd7e790) returned 1
[0195.882] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.883] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d02ab4, puLen=0xd7e784) returned 1
[0195.883] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.883] VerQueryValueW (in: pBlock=0x2d026ec, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d02714, puLen=0xd7e794) returned 1
[0195.884] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0195.884] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0195.884] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.884] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0195.884] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.884] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0195.885] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d05d54 | out: lpData=0x2d05d54) returned 1
[0195.885] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d06134, puLen=0xd7e810) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d05e0c, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d05e60, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d05ea0, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d05f00, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d05f4c, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d05fd4, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0601c, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06074, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d060a4, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d060e0, puLen=0xd7e790) returned 1
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d06134, puLen=0xd7e784) returned 1
[0195.886] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.886] VerQueryValueW (in: pBlock=0x2d05d54, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d05d7c, puLen=0xd7e794) returned 1
[0195.887] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0195.887] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0195.887] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.887] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0195.887] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.888] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0195.888] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d08574 | out: lpData=0x2d08574) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d08980, puLen=0xd7e810) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0862c, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08680, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d086d4, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08734, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0878c, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08814, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d08868, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d088c0, puLen=0xd7e790) returned 1
[0195.889] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d088f0, puLen=0xd7e790) returned 1
[0195.890] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.890] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0892c, puLen=0xd7e790) returned 1
[0195.890] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.890] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d08980, puLen=0xd7e784) returned 1
[0195.890] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.890] VerQueryValueW (in: pBlock=0x2d08574, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0859c, puLen=0xd7e794) returned 1
[0195.891] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0195.891] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0195.891] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.891] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0195.891] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.891] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0195.892] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d0ad88 | out: lpData=0x2d0ad88) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0b160, puLen=0xd7e810) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ae40, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0ae94, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0aed4, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0af3c, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0af80, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b008, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b048, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b0a0, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b0d0, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0b10c, puLen=0xd7e790) returned 1
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0b160, puLen=0xd7e784) returned 1
[0195.893] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.893] VerQueryValueW (in: pBlock=0x2d0ad88, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0adb0, puLen=0xd7e794) returned 1
[0195.894] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0195.894] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0195.895] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.895] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0195.895] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.895] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0195.896] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d0d2e0 | out: lpData=0x2d0d2e0) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0d6b8, puLen=0xd7e810) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d398, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d3ec, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d42c, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d494, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d4d8, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d560, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d5a0, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d5f8, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d628, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0d664, puLen=0xd7e790) returned 1
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0d6b8, puLen=0xd7e784) returned 1
[0195.897] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.897] VerQueryValueW (in: pBlock=0x2d0d2e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0d308, puLen=0xd7e794) returned 1
[0195.898] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0195.898] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0195.898] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0195.899] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0195.899] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0195.899] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0195.899] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d0fa18 | out: lpData=0x2d0fa18) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0fe48, puLen=0xd7e810) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fad0, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fb24, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fb94, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fbf4, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fc50, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fcd8, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fd30, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fd88, puLen=0xd7e790) returned 1
[0195.900] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fdb8, puLen=0xd7e790) returned 1
[0195.901] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.901] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0fdf4, puLen=0xd7e790) returned 1
[0195.901] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0195.901] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0fe48, puLen=0xd7e784) returned 1
[0195.901] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0195.901] VerQueryValueW (in: pBlock=0x2d0fa18, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0fa40, puLen=0xd7e794) returned 1
[0195.901] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0195.902] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.902] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0195.902] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.902] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0195.902] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1202da
[0195.903] SetWindowLongW (hWnd=0x1202da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0195.904] GetWindowLongW (hWnd=0x1202da, nIndex=-4) returned 1950089536
[0195.905] SetWindowLongW (hWnd=0x1202da, nIndex=-4, dwNewLong=19944542) returned 1950089536
[0195.905] GetWindowLongW (hWnd=0x1202da, nIndex=-4) returned 19944542
[0195.905] GetWindowLongW (hWnd=0x1202da, nIndex=-16) returned 113311744
[0195.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0195.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0195.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0195.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0195.906] GetClientRect (in: hWnd=0x1202da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0195.906] GetWindowRect (in: hWnd=0x1202da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0195.906] SetWindowTextW (hWnd=0x1202da, lpString="WindowsFormsParkingWindow") returned 1
[0195.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0xc, wParam=0x0, lParam=0x2cd3914) returned 0x1
[0195.907] GetParent (hWnd=0x1202da) returned 0x0
[0195.908] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0195.908] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1202da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1402d8
[0195.908] SetWindowLongW (hWnd=0x1402d8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0195.908] GetWindowLongW (hWnd=0x1402d8, nIndex=-4) returned 1868147648
[0195.909] SetWindowLongW (hWnd=0x1402d8, nIndex=-4, dwNewLong=19945102) returned 1868147648
[0195.909] GetWindowLongW (hWnd=0x1402d8, nIndex=-4) returned 19945102
[0195.909] GetWindowLongW (hWnd=0x1402d8, nIndex=-16) returned 1174405133
[0195.909] GetWindowLongW (hWnd=0x1402d8, nIndex=-12) returned 0
[0195.909] SetWindowLongW (hWnd=0x1402d8, nIndex=-12, dwNewLong=1311448) returned 0
[0195.909] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0195.910] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0195.910] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0195.910] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0195.910] GetWindowRect (in: hWnd=0x1402d8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0195.910] GetParent (hWnd=0x1402d8) returned 0x1202da
[0195.910] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0195.911] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0195.911] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0195.911] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0195.911] GetWindowRect (in: hWnd=0x1402d8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0195.911] GetParent (hWnd=0x1402d8) returned 0x1202da
[0195.911] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0195.911] SendMessageW (hWnd=0x1402d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1402d8) returned 0x0
[0195.912] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1402d8) returned 0x0
[0195.912] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0195.912] GetParent (hWnd=0x1402d8) returned 0x1202da
[0195.912] GdipCreateFromHWND (hwnd=0x1402d8, graphics=0xd7e844) returned 0x0
[0195.912] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0195.913] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0195.913] GetForegroundWindow () returned 0x7005c
[0195.913] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.913] GetSystemMetrics (nIndex=42) returned 0
[0195.913] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0195.913] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0195.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.913] GetSystemMetrics (nIndex=42) returned 0
[0195.913] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0195.914] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.914] GetCursorPos (in: lpPoint=0x2d13e9c | out: lpPoint=0x2d13e9c*(x=272, y=620)) returned 1
[0195.914] MonitorFromPoint (pt=0x110, dwFlags=0x26c) returned 0x10001
[0195.914] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0195.915] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc001067c
[0195.915] GetDeviceCaps (hdc=0xc001067c, index=12) returned 32
[0195.915] GetDeviceCaps (hdc=0xc001067c, index=14) returned 1
[0195.915] DeleteDC (hdc=0xc001067c) returned 1
[0195.915] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0195.915] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0195.915] GetSystemMetrics (nIndex=59) returned 1460
[0195.915] GetSystemMetrics (nIndex=60) returned 920
[0195.915] GetSystemMetrics (nIndex=34) returned 136
[0195.915] GetSystemMetrics (nIndex=35) returned 39
[0195.916] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.916] GetCursorPos (in: lpPoint=0x2d14108 | out: lpPoint=0x2d14108*(x=272, y=620)) returned 1
[0195.916] MonitorFromPoint (pt=0x110, dwFlags=0x26c) returned 0x10001
[0195.916] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0195.916] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc101067c
[0195.916] GetDeviceCaps (hdc=0xc101067c, index=12) returned 32
[0195.916] GetDeviceCaps (hdc=0xc101067c, index=14) returned 1
[0195.916] DeleteDC (hdc=0xc101067c) returned 1
[0195.916] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0195.916] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0195.917] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.917] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0195.917] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d143a0 | out: piconinfo=0x2d143a0) returned 1
[0195.917] GetObjectW (in: h=0x5d0507ef, c=24, pv=0x2d143bc | out: pv=0x2d143bc) returned 24
[0195.917] GdipCreateBitmapFromHBITMAP (hbm=0x5d0507ef, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0195.918] GdipGetImageWidth (image=0x66511d0, width=0xd7e750) returned 0x0
[0195.918] GdipGetImageHeight (image=0x66511d0, height=0xd7e748) returned 0x0
[0195.918] GdipGetImagePixelFormat (image=0x66511d0, format=0xd7e740) returned 0x0
[0195.918] GdipBitmapLockBits (bitmap=0x66511d0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d14474) returned 0x0
[0195.918] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0195.918] GdipBitmapLockBits (bitmap=0x66504b0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d144ac) returned 0x0
[0195.918] RtlMoveMemory (in: Destination=0x665cf38, Source=0x665fec8, Length=0x80 | out: Destination=0x665cf38)
[0195.918] RtlMoveMemory (in: Destination=0x665cfb8, Source=0x665fe48, Length=0x80 | out: Destination=0x665cfb8)
[0195.918] RtlMoveMemory (in: Destination=0x665d038, Source=0x665fdc8, Length=0x80 | out: Destination=0x665d038)
[0195.918] RtlMoveMemory (in: Destination=0x665d0b8, Source=0x665fd48, Length=0x80 | out: Destination=0x665d0b8)
[0195.918] RtlMoveMemory (in: Destination=0x665d138, Source=0x665fcc8, Length=0x80 | out: Destination=0x665d138)
[0195.918] RtlMoveMemory (in: Destination=0x665d1b8, Source=0x665fc48, Length=0x80 | out: Destination=0x665d1b8)
[0195.918] RtlMoveMemory (in: Destination=0x665d238, Source=0x665fbc8, Length=0x80 | out: Destination=0x665d238)
[0195.919] RtlMoveMemory (in: Destination=0x665d2b8, Source=0x665fb48, Length=0x80 | out: Destination=0x665d2b8)
[0195.919] RtlMoveMemory (in: Destination=0x665d338, Source=0x665fac8, Length=0x80 | out: Destination=0x665d338)
[0195.919] RtlMoveMemory (in: Destination=0x665d3b8, Source=0x665fa48, Length=0x80 | out: Destination=0x665d3b8)
[0195.919] RtlMoveMemory (in: Destination=0x665d438, Source=0x665f9c8, Length=0x80 | out: Destination=0x665d438)
[0195.919] RtlMoveMemory (in: Destination=0x665d4b8, Source=0x665f948, Length=0x80 | out: Destination=0x665d4b8)
[0195.919] RtlMoveMemory (in: Destination=0x665d538, Source=0x665f8c8, Length=0x80 | out: Destination=0x665d538)
[0195.919] RtlMoveMemory (in: Destination=0x665d5b8, Source=0x665f848, Length=0x80 | out: Destination=0x665d5b8)
[0195.919] RtlMoveMemory (in: Destination=0x665d638, Source=0x665f7c8, Length=0x80 | out: Destination=0x665d638)
[0195.919] RtlMoveMemory (in: Destination=0x665d6b8, Source=0x665f748, Length=0x80 | out: Destination=0x665d6b8)
[0195.919] RtlMoveMemory (in: Destination=0x665d738, Source=0x665f6c8, Length=0x80 | out: Destination=0x665d738)
[0195.920] RtlMoveMemory (in: Destination=0x665d7b8, Source=0x665f648, Length=0x80 | out: Destination=0x665d7b8)
[0195.920] RtlMoveMemory (in: Destination=0x665d838, Source=0x665f5c8, Length=0x80 | out: Destination=0x665d838)
[0195.920] RtlMoveMemory (in: Destination=0x665d8b8, Source=0x665f548, Length=0x80 | out: Destination=0x665d8b8)
[0195.920] RtlMoveMemory (in: Destination=0x665d938, Source=0x665f4c8, Length=0x80 | out: Destination=0x665d938)
[0195.920] RtlMoveMemory (in: Destination=0x665d9b8, Source=0x665f448, Length=0x80 | out: Destination=0x665d9b8)
[0195.920] RtlMoveMemory (in: Destination=0x665da38, Source=0x665f3c8, Length=0x80 | out: Destination=0x665da38)
[0195.920] RtlMoveMemory (in: Destination=0x665dab8, Source=0x665f348, Length=0x80 | out: Destination=0x665dab8)
[0195.920] RtlMoveMemory (in: Destination=0x665db38, Source=0x665f2c8, Length=0x80 | out: Destination=0x665db38)
[0195.920] RtlMoveMemory (in: Destination=0x665dbb8, Source=0x665f248, Length=0x80 | out: Destination=0x665dbb8)
[0195.920] RtlMoveMemory (in: Destination=0x665dc38, Source=0x665f1c8, Length=0x80 | out: Destination=0x665dc38)
[0195.920] RtlMoveMemory (in: Destination=0x665dcb8, Source=0x665f148, Length=0x80 | out: Destination=0x665dcb8)
[0195.920] RtlMoveMemory (in: Destination=0x665dd38, Source=0x665f0c8, Length=0x80 | out: Destination=0x665dd38)
[0195.920] RtlMoveMemory (in: Destination=0x665ddb8, Source=0x665f048, Length=0x80 | out: Destination=0x665ddb8)
[0195.920] RtlMoveMemory (in: Destination=0x665de38, Source=0x665efc8, Length=0x80 | out: Destination=0x665de38)
[0195.920] RtlMoveMemory (in: Destination=0x665deb8, Source=0x665ef48, Length=0x80 | out: Destination=0x665deb8)
[0195.920] GdipBitmapUnlockBits (bitmap=0x66511d0, lockedBitmapData=0x2d14474) returned 0x0
[0195.920] GdipBitmapUnlockBits (bitmap=0x66504b0, lockedBitmapData=0x2d144ac) returned 0x0
[0195.920] GdipDisposeImage (image=0x66511d0) returned 0x0
[0195.921] DeleteObject (ho=0x5d0507ef) returned 1
[0195.921] DeleteObject (ho=0xc205067c) returned 1
[0195.921] GetCurrentThreadId () returned 0xf50
[0195.921] GetCurrentThreadId () returned 0xf50
[0195.921] SetWindowPos (hWnd=0x1402d8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0195.921] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0195.921] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0195.922] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0195.922] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0195.922] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0195.922] GetWindowRect (in: hWnd=0x1402d8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0195.922] GetParent (hWnd=0x1402d8) returned 0x1202da
[0195.922] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0195.922] InvalidateRect (hWnd=0x1402d8, lpRect=0x0, bErase=1) returned 1
[0195.922] GetWindowTextLengthW (hWnd=0x1402d8) returned 0
[0195.922] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0195.922] GetSystemMetrics (nIndex=42) returned 0
[0195.922] GetWindowTextW (in: hWnd=0x1402d8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0195.922] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0195.922] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0195.922] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0195.922] GetWindowRect (in: hWnd=0x1402d8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0195.922] GetParent (hWnd=0x1402d8) returned 0x1202da
[0195.922] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0195.923] GetWindowTextLengthW (hWnd=0x1402d8) returned 0
[0195.923] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0195.923] GetSystemMetrics (nIndex=42) returned 0
[0195.923] GetWindowTextW (in: hWnd=0x1402d8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0195.923] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0195.923] GetWindowTextLengthW (hWnd=0x1402d8) returned 0
[0195.923] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0195.923] GetSystemMetrics (nIndex=42) returned 0
[0195.923] GetWindowTextW (in: hWnd=0x1402d8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0195.923] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0195.923] SetWindowTextW (hWnd=0x1402d8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0195.923] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xc, wParam=0x0, lParam=0x2cf3c54) returned 0x1
[0195.923] InvalidateRect (hWnd=0x1402d8, lpRect=0x0, bErase=1) returned 1
[0195.923] GetCurrentThreadId () returned 0xf50
[0195.923] GetWindowThreadProcessId (in: hWnd=0x1402d8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0195.924] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0195.925] GdipImageForceValidation (image=0x6650b40) returned 0x0
[0195.927] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0195.927] GdipGetImageHeight (image=0x6650b40, height=0xd7e824) returned 0x0
[0195.927] GdipGetImageWidth (image=0x6650b40, width=0xd7e824) returned 0x0
[0195.927] GdipGetImageWidth (image=0x6650b40, width=0xd7e810) returned 0x0
[0195.927] GdipGetImageHeight (image=0x6650b40, height=0xd7e810) returned 0x0
[0195.927] GdipGetImageWidth (image=0x6650b40, width=0xd7e800) returned 0x0
[0195.927] GdipGetImageHeight (image=0x6650b40, height=0xd7e800) returned 0x0
[0195.927] GdipBitmapGetPixel (bitmap=0x6650b40, x=0, y=15, color=0xd7e810) returned 0x0
[0195.927] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0195.927] GdipGetImageWidth (image=0x6650b40, width=0xd7e740) returned 0x0
[0195.927] GdipGetImageHeight (image=0x6650b40, height=0xd7e740) returned 0x0
[0195.927] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0195.927] GdipGetImagePixelFormat (image=0x664f100, format=0xd7e740) returned 0x0
[0195.927] GdipGetImageGraphicsContext (image=0x664f100, graphics=0xd7e74c) returned 0x0
[0195.927] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0195.927] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0195.928] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0195.928] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650b40, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0195.928] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0195.928] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0195.928] GdipDisposeImage (image=0x6650b40) returned 0x0
[0195.929] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0195.930] GdipImageForceValidation (image=0x6650b40) returned 0x0
[0195.931] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0195.931] GdipGetImageHeight (image=0x6650b40, height=0xd7e824) returned 0x0
[0195.931] GdipGetImageWidth (image=0x6650b40, width=0xd7e824) returned 0x0
[0195.931] GdipGetImageWidth (image=0x6650b40, width=0xd7e810) returned 0x0
[0195.931] GdipGetImageHeight (image=0x6650b40, height=0xd7e810) returned 0x0
[0195.931] GdipGetImageWidth (image=0x6650b40, width=0xd7e800) returned 0x0
[0195.931] GdipGetImageHeight (image=0x6650b40, height=0xd7e800) returned 0x0
[0195.931] GdipBitmapGetPixel (bitmap=0x6650b40, x=0, y=15, color=0xd7e810) returned 0x0
[0195.931] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0195.931] GdipGetImageWidth (image=0x6650b40, width=0xd7e740) returned 0x0
[0195.932] GdipGetImageHeight (image=0x6650b40, height=0xd7e740) returned 0x0
[0195.932] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0195.932] GdipGetImagePixelFormat (image=0x6651ba8, format=0xd7e740) returned 0x0
[0195.932] GdipGetImageGraphicsContext (image=0x6651ba8, graphics=0xd7e74c) returned 0x0
[0195.932] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0195.932] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0195.932] GdipSetImageAttributesColorKeys (imageattr=0x6638ab8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0195.932] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650b40, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ab8, callback=0x0, callbackData=0x0) returned 0x0
[0195.932] GdipDisposeImageAttributes (imageattr=0x6638ab8) returned 0x0
[0195.932] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0195.932] GdipDisposeImage (image=0x6650b40) returned 0x0
[0195.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.933] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0195.933] GetCurrentThreadId () returned 0xf50
[0195.933] GetCurrentThreadId () returned 0xf50
[0195.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.934] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0195.934] GetCurrentThreadId () returned 0xf50
[0195.934] GetCurrentThreadId () returned 0xf50
[0195.934] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.934] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0195.934] GetCurrentThreadId () returned 0xf50
[0195.934] GetCurrentThreadId () returned 0xf50
[0195.934] GetSystemMetrics (nIndex=5) returned 1
[0195.934] GetSystemMetrics (nIndex=6) returned 1
[0195.934] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.948] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0195.948] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.949] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0195.949] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.949] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0195.949] GetCurrentThreadId () returned 0xf50
[0195.949] GetCurrentThreadId () returned 0xf50
[0195.949] GetProcessWindowStation () returned 0x13c
[0195.949] GetCapture () returned 0x0
[0195.949] GetActiveWindow () returned 0x7005c
[0195.949] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0195.950] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.950] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0195.950] GetCursorPos (in: lpPoint=0x2d155ec | out: lpPoint=0x2d155ec*(x=272, y=620)) returned 1
[0195.950] MonitorFromPoint (pt=0x110, dwFlags=0x26c) returned 0x10001
[0195.950] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0195.951] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc301067c
[0195.951] GetDeviceCaps (hdc=0xc301067c, index=12) returned 32
[0195.951] GetDeviceCaps (hdc=0xc301067c, index=14) returned 1
[0195.951] DeleteDC (hdc=0xc301067c) returned 1
[0195.951] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0195.951] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0195.951] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x14013e
[0195.952] SetWindowLongW (hWnd=0x14013e, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0195.952] GetWindowLongW (hWnd=0x14013e, nIndex=-4) returned 1950089536
[0195.952] SetWindowLongW (hWnd=0x14013e, nIndex=-4, dwNewLong=19944702) returned 1950089536
[0195.952] GetWindowLongW (hWnd=0x14013e, nIndex=-4) returned 19944702
[0195.953] GetWindowLongW (hWnd=0x14013e, nIndex=-16) returned 113770496
[0195.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0195.954] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0195.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0195.955] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0195.955] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0195.955] SetWindowTextW (hWnd=0x14013e, lpString="BB ransomware") returned 1
[0195.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xc, wParam=0x0, lParam=0x2d13d88) returned 0x1
[0195.956] GetStartupInfoW (in: lpStartupInfo=0x2d15928 | out: lpStartupInfo=0x2d15928*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0195.958] GetParent (hWnd=0x14013e) returned 0x0
[0195.958] SetWindowLongW (hWnd=0x14013e, nIndex=-8, dwNewLong=0) returned 0
[0195.960] SendMessageW (hWnd=0x14013e, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0195.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0195.960] SendMessageW (hWnd=0x14013e, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0195.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0195.960] GetSystemMenu (hWnd=0x14013e, bRevert=0) returned 0x1102b9
[0195.961] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0195.961] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0195.961] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0195.961] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0195.961] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0195.961] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0195.961] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0195.961] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0195.961] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0195.961] SetWindowPos (hWnd=0x14013e, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0195.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0195.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x14013e) returned 0x1
[0195.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0195.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0195.970] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0195.970] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0195.970] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0195.973] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x14013e, lParam=0x0) returned 0x0
[0195.973] GetCapture () returned 0x0
[0195.973] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0195.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0195.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0195.976] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0195.977] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0195.977] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0195.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0195.977] GetParent (hWnd=0x14013e) returned 0x0
[0195.977] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0195.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0195.980] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0195.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0195.980] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0195.980] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0195.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0195.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0195.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0195.991] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0195.991] GetWindowLongW (hWnd=0x14013e, nIndex=-16) returned 113770496
[0195.991] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0195.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.991] GetSystemMetrics (nIndex=42) returned 0
[0195.991] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0195.991] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0195.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0195.991] GetSystemMetrics (nIndex=42) returned 0
[0195.991] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0195.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0195.992] GetCursorPos (in: lpPoint=0x2d15b64 | out: lpPoint=0x2d15b64*(x=272, y=620)) returned 1
[0195.992] MonitorFromPoint (pt=0x10e, dwFlags=0x26b) returned 0x10001
[0195.992] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0195.992] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x840107d8
[0195.992] GetDeviceCaps (hdc=0x840107d8, index=12) returned 32
[0195.992] GetDeviceCaps (hdc=0x840107d8, index=14) returned 1
[0195.992] DeleteDC (hdc=0x840107d8) returned 1
[0195.992] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0195.992] GetWindowLongW (hWnd=0x14013e, nIndex=-16) returned 113770496
[0195.992] GetWindowLongW (hWnd=0x14013e, nIndex=-20) returned 327945
[0195.992] SetWindowLongW (hWnd=0x14013e, nIndex=-16, dwNewLong=46661632) returned 113770496
[0195.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0195.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0195.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0195.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0195.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0195.995] SetWindowLongW (hWnd=0x14013e, nIndex=-20, dwNewLong=327681) returned 327945
[0195.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0195.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0195.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0195.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0195.997] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0195.997] SetWindowPos (hWnd=0x14013e, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0195.997] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0195.997] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0195.998] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0195.998] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0195.998] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0195.998] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0195.999] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0195.999] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0196.000] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0196.000] RedrawWindow (hWnd=0x14013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0196.000] GetSystemMenu (hWnd=0x14013e, bRevert=0) returned 0x1102b9
[0196.000] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0196.000] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0196.000] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0196.000] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0196.000] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0196.000] EnableMenuItem (hMenu=0x1102b9, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0196.001] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0196.001] GetWindowLongW (hWnd=0x14013e, nIndex=-8) returned 0
[0196.001] SetWindowLongW (hWnd=0x14013e, nIndex=-8, dwNewLong=458844) returned 0
[0196.002] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0196.002] GetProcessWindowStation () returned 0x13c
[0196.002] GetCurrentThreadId () returned 0xf50
[0196.002] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13058be, lParam=0x0) returned 1
[0196.002] IsWindowVisible (hWnd=0x14013e) returned 0
[0196.002] IsWindowVisible (hWnd=0x7005c) returned 1
[0196.002] IsWindowEnabled (hWnd=0x7005c) returned 1
[0196.002] IsWindowVisible (hWnd=0x300ec) returned 0
[0196.002] IsWindowVisible (hWnd=0x502c6) returned 0
[0196.003] IsWindowVisible (hWnd=0x502be) returned 0
[0196.003] GetActiveWindow () returned 0x14013e
[0196.003] GetFocus () returned 0x14013e
[0196.003] IsWindow (hWnd=0x7005c) returned 1
[0196.003] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0196.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0196.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0196.004] GetWindowLongW (hWnd=0x14013e, nIndex=-8) returned 458844
[0196.004] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0196.004] GetCurrentThreadId () returned 0xf50
[0196.004] GetWindowLongW (hWnd=0x14013e, nIndex=-8) returned 458844
[0196.004] IsWindowEnabled (hWnd=0x7005c) returned 0
[0196.004] IsWindowEnabled (hWnd=0x14013e) returned 1
[0196.004] ShowWindow (hWnd=0x14013e, nCmdShow=5) returned 0
[0196.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0196.004] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0196.005] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0196.005] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0196.005] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x14013e, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1202dc
[0196.005] SetWindowLongW (hWnd=0x1202dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0196.006] GetWindowLongW (hWnd=0x1202dc, nIndex=-4) returned 1950089536
[0196.006] SetWindowLongW (hWnd=0x1202dc, nIndex=-4, dwNewLong=19944782) returned 1950089536
[0196.006] GetWindowLongW (hWnd=0x1202dc, nIndex=-4) returned 19944782
[0196.006] GetWindowLongW (hWnd=0x1202dc, nIndex=-16) returned 1174405120
[0196.006] GetWindowLongW (hWnd=0x1202dc, nIndex=-12) returned 0
[0196.006] SetWindowLongW (hWnd=0x1202dc, nIndex=-12, dwNewLong=1180380) returned 0
[0196.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0196.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0196.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0196.007] GetWindow (hWnd=0x1202dc, uCmd=0x3) returned 0x0
[0196.007] GetClientRect (in: hWnd=0x1202dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0196.007] GetWindowRect (in: hWnd=0x1202dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0196.007] GetParent (hWnd=0x1202dc) returned 0x14013e
[0196.007] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0196.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0196.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0196.008] GetClientRect (in: hWnd=0x1202dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0196.008] GetWindowRect (in: hWnd=0x1202dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0196.008] GetParent (hWnd=0x1202dc) returned 0x14013e
[0196.008] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0196.008] SendMessageW (hWnd=0x1202dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1202dc) returned 0x0
[0196.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1202dc) returned 0x0
[0196.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0196.009] GetParent (hWnd=0x1202dc) returned 0x14013e
[0196.009] GetParent (hWnd=0x1402d8) returned 0x1202da
[0196.009] SetParent (hWndChild=0x1402d8, hWndNewParent=0x14013e) returned 0x1202da
[0196.009] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0196.010] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0196.010] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0196.010] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0196.010] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0196.010] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0196.010] GetWindowRect (in: hWnd=0x1402d8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0196.010] GetParent (hWnd=0x1402d8) returned 0x14013e
[0196.010] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0196.010] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0196.010] GetWindowRect (in: hWnd=0x1402d8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0196.010] GetParent (hWnd=0x1402d8) returned 0x14013e
[0196.010] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0196.011] GetParent (hWnd=0x1402d8) returned 0x14013e
[0196.011] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0196.011] GetWindow (hWnd=0x1402d8, uCmd=0x3) returned 0x0
[0196.011] SetWindowPos (hWnd=0x1402d8, hWndInsertAfter=0x1202dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0196.011] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0196.012] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0196.012] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0196.012] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0196.012] GetWindowRect (in: hWnd=0x1402d8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0196.012] GetParent (hWnd=0x1402d8) returned 0x14013e
[0196.012] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0196.012] GetParent (hWnd=0x1402d8) returned 0x14013e
[0196.012] GetWindow (hWnd=0x1402d8, uCmd=0x3) returned 0x1202dc
[0196.012] GetWindowThreadProcessId (in: hWnd=0x1402d8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0196.012] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0196.013] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0196.014] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0196.014] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x14013e, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1202de
[0196.014] SetWindowLongW (hWnd=0x1202de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0196.015] GetWindowLongW (hWnd=0x1202de, nIndex=-4) returned 1868032000
[0196.015] SetWindowLongW (hWnd=0x1202de, nIndex=-4, dwNewLong=19945062) returned 1868032000
[0196.015] GetWindowLongW (hWnd=0x1202de, nIndex=-4) returned 19945062
[0196.015] GetWindowLongW (hWnd=0x1202de, nIndex=-16) returned 1174470667
[0196.015] GetWindowLongW (hWnd=0x1202de, nIndex=-12) returned 0
[0196.015] SetWindowLongW (hWnd=0x1202de, nIndex=-12, dwNewLong=1180382) returned 0
[0196.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0196.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0196.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0196.017] SendMessageW (hWnd=0x1202de, Msg=0x2055, wParam=0x1202de, lParam=0x3) returned 0x2
[0196.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0196.018] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0196.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0196.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0196.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0196.018] RedrawWindow (hWnd=0x1202dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0196.018] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0196.018] RedrawWindow (hWnd=0x1402d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0196.018] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0196.018] RedrawWindow (hWnd=0x1202de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0196.019] RedrawWindow (hWnd=0x14013e, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0196.019] GetWindow (hWnd=0x1202de, uCmd=0x3) returned 0x1402d8
[0196.019] GetClientRect (in: hWnd=0x1202de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0196.019] GetWindowRect (in: hWnd=0x1202de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0196.019] GetParent (hWnd=0x1202de) returned 0x14013e
[0196.019] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0196.019] SetWindowTextW (hWnd=0x1202de, lpString="&Details") returned 1
[0196.019] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0196.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0196.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0196.020] GetClientRect (in: hWnd=0x1202de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0196.020] GetWindowRect (in: hWnd=0x1202de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0196.020] GetParent (hWnd=0x1202de) returned 0x14013e
[0196.020] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0196.020] SendMessageW (hWnd=0x1202de, Msg=0x2210, wParam=0x2de0001, lParam=0x1202de) returned 0x0
[0196.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x2210, wParam=0x2de0001, lParam=0x1202de) returned 0x0
[0196.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0196.021] GetParent (hWnd=0x1202de) returned 0x14013e
[0196.021] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0196.021] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0196.022] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0196.022] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x14013e, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802ce
[0196.022] SetWindowLongW (hWnd=0x802ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0196.022] GetWindowLongW (hWnd=0x802ce, nIndex=-4) returned 1868032000
[0196.022] SetWindowLongW (hWnd=0x802ce, nIndex=-4, dwNewLong=19945542) returned 1868032000
[0196.023] GetWindowLongW (hWnd=0x802ce, nIndex=-4) returned 19945542
[0196.023] GetWindowLongW (hWnd=0x802ce, nIndex=-16) returned 1174470667
[0196.023] GetWindowLongW (hWnd=0x802ce, nIndex=-12) returned 0
[0196.023] SetWindowLongW (hWnd=0x802ce, nIndex=-12, dwNewLong=525006) returned 0
[0196.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0196.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0196.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0196.025] SendMessageW (hWnd=0x802ce, Msg=0x2055, wParam=0x802ce, lParam=0x3) returned 0x2
[0196.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0196.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0196.025] GetWindow (hWnd=0x802ce, uCmd=0x3) returned 0x1202de
[0196.025] GetClientRect (in: hWnd=0x802ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0196.025] GetWindowRect (in: hWnd=0x802ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0196.025] GetParent (hWnd=0x802ce) returned 0x14013e
[0196.025] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0196.025] SetWindowTextW (hWnd=0x802ce, lpString="&Continue") returned 1
[0196.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0196.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0196.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0196.026] GetClientRect (in: hWnd=0x802ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0196.026] GetWindowRect (in: hWnd=0x802ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0196.026] GetParent (hWnd=0x802ce) returned 0x14013e
[0196.026] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0196.026] SendMessageW (hWnd=0x802ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x802ce) returned 0x0
[0196.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x802ce) returned 0x0
[0196.027] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0196.027] GetParent (hWnd=0x802ce) returned 0x14013e
[0196.027] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0196.027] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0196.028] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0196.028] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x14013e, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1500ea
[0196.029] SetWindowLongW (hWnd=0x1500ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0196.029] GetWindowLongW (hWnd=0x1500ea, nIndex=-4) returned 1868032000
[0196.029] SetWindowLongW (hWnd=0x1500ea, nIndex=-4, dwNewLong=19945702) returned 1868032000
[0196.029] GetWindowLongW (hWnd=0x1500ea, nIndex=-4) returned 19945702
[0196.029] GetWindowLongW (hWnd=0x1500ea, nIndex=-16) returned 1174470667
[0196.029] GetWindowLongW (hWnd=0x1500ea, nIndex=-12) returned 0
[0196.029] SetWindowLongW (hWnd=0x1500ea, nIndex=-12, dwNewLong=1376490) returned 0
[0196.029] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0196.030] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0196.030] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0196.031] SendMessageW (hWnd=0x1500ea, Msg=0x2055, wParam=0x1500ea, lParam=0x3) returned 0x2
[0196.031] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0196.031] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0196.032] GetWindow (hWnd=0x1500ea, uCmd=0x3) returned 0x802ce
[0196.032] GetClientRect (in: hWnd=0x1500ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0196.032] GetWindowRect (in: hWnd=0x1500ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0196.032] GetParent (hWnd=0x1500ea) returned 0x14013e
[0196.032] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0196.032] SetWindowTextW (hWnd=0x1500ea, lpString="&Quit") returned 1
[0196.032] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0196.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0196.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0196.033] GetClientRect (in: hWnd=0x1500ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0196.033] GetWindowRect (in: hWnd=0x1500ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0196.033] GetParent (hWnd=0x1500ea) returned 0x14013e
[0196.033] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0196.033] SendMessageW (hWnd=0x1500ea, Msg=0x2210, wParam=0xea0001, lParam=0x1500ea) returned 0x0
[0196.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x2210, wParam=0xea0001, lParam=0x1500ea) returned 0x0
[0196.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0196.034] GetParent (hWnd=0x1500ea) returned 0x14013e
[0196.034] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0196.034] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0196.035] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0196.035] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x14013e, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x702d0
[0196.035] SetWindowLongW (hWnd=0x702d0, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0196.036] GetWindowLongW (hWnd=0x702d0, nIndex=-4) returned 1868026976
[0196.036] SetWindowLongW (hWnd=0x702d0, nIndex=-4, dwNewLong=19944742) returned 1868026976
[0196.036] GetWindowLongW (hWnd=0x702d0, nIndex=-4) returned 19944742
[0196.036] GetWindowLongW (hWnd=0x702d0, nIndex=-16) returned 1177553092
[0196.036] GetWindowLongW (hWnd=0x702d0, nIndex=-12) returned 0
[0196.036] SetWindowLongW (hWnd=0x702d0, nIndex=-12, dwNewLong=459472) returned 0
[0196.036] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0196.037] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0196.039] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0196.058] GetWindow (hWnd=0x702d0, uCmd=0x3) returned 0x1500ea
[0196.058] GetClientRect (in: hWnd=0x702d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0196.058] GetWindowRect (in: hWnd=0x702d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0196.058] GetParent (hWnd=0x702d0) returned 0x14013e
[0196.059] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0196.059] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.059] GetSystemMetrics (nIndex=42) returned 0
[0196.059] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0196.059] SendMessageW (hWnd=0x702d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0196.059] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0196.066] SetWindowTextW (hWnd=0x702d0, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0196.066] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0xc, wParam=0x0, lParam=0x2d11770) returned 0x1
[0196.069] GetSystemMetrics (nIndex=5) returned 1
[0196.069] GetSystemMetrics (nIndex=6) returned 1
[0196.069] SendMessageW (hWnd=0x702d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0196.069] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0196.070] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0196.071] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0196.071] GetClientRect (in: hWnd=0x702d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0196.071] GetWindowRect (in: hWnd=0x702d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0196.071] GetParent (hWnd=0x702d0) returned 0x14013e
[0196.071] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x14013e, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0196.071] SendMessageW (hWnd=0x702d0, Msg=0x2210, wParam=0x2d00001, lParam=0x702d0) returned 0x0
[0196.071] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x2210, wParam=0x2d00001, lParam=0x702d0) returned 0x0
[0196.071] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0196.077] GetParent (hWnd=0x702d0) returned 0x14013e
[0196.077] GetWindowLongW (hWnd=0x14013e, nIndex=-8) returned 458844
[0196.077] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0196.077] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0196.077] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8b0107d8
[0196.078] GetDeviceCaps (hdc=0x8b0107d8, index=12) returned 32
[0196.078] GetDeviceCaps (hdc=0x8b0107d8, index=14) returned 1
[0196.078] DeleteDC (hdc=0x8b0107d8) returned 1
[0196.078] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0196.078] GetWindowThreadProcessId (in: hWnd=0x14013e, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0196.078] GetCurrentThreadId () returned 0xf50
[0196.078] PostMessageW (hWnd=0x14013e, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0196.078] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.078] GetSystemMetrics (nIndex=42) returned 0
[0196.078] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.079] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0196.079] GdipImageGetFrameDimensionsCount (image=0x66504b0, count=0xd7e25c) returned 0x0
[0196.079] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7e98
[0196.079] GdipImageGetFrameDimensionsList (image=0x66504b0, dimensionIDs=0x11f7e98*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0196.079] LocalFree (hMem=0x11f7e98) returned 0x0
[0196.079] GdipImageGetFrameDimensionsCount (image=0x664f100, count=0xd7e250) returned 0x0
[0196.079] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7fa0
[0196.079] GdipImageGetFrameDimensionsList (image=0x664f100, dimensionIDs=0x11f7fa0*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0196.079] LocalFree (hMem=0x11f7fa0) returned 0x0
[0196.079] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0196.080] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0196.080] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0196.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0196.097] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0196.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0196.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0196.098] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0196.098] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0196.098] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.098] GetSystemMetrics (nIndex=42) returned 0
[0196.098] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0196.099] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0196.099] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0196.099] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0196.099] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0x660507ec
[0196.099] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0196.099] SaveDC (hdc=0x107b9) returned 1
[0196.099] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0196.099] CreateSolidBrush (color=0xf0f0f0) returned 0xd71007e1
[0196.099] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0xd71007e1) returned 1
[0196.099] DeleteObject (ho=0xd71007e1) returned 1
[0196.099] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0196.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0196.100] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0196.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0196.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0196.100] GetStockObject (i=5) returned 0x900015
[0196.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0196.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0196.101] GetStockObject (i=5) returned 0x900015
[0196.101] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0196.101] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0196.101] GetStockObject (i=5) returned 0x900015
[0196.101] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0196.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0196.101] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0196.101] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0196.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0196.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0196.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0196.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0196.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0196.103] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0196.103] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0196.103] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.103] InvalidateRect (hWnd=0x1202de, lpRect=0x0, bErase=0) returned 1
[0196.103] GetFocus () returned 0x14013e
[0196.104] GetFocus () returned 0x14013e
[0196.104] SetFocus (hWnd=0x1202de) returned 0x14013e
[0196.104] GetFocus () returned 0x1202de
[0196.104] IsChild (hWndParent=0x14013e, hWnd=0x1202de) returned 1
[0196.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x8, wParam=0x1202de, lParam=0x0) returned 0x0
[0196.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0196.111] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0196.112] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0196.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x7, wParam=0x14013e, lParam=0x0) returned 0x0
[0196.112] GetStockObject (i=5) returned 0x900015
[0196.113] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0196.113] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0196.113] GetDlgItem (hDlg=0x14013e, nIDDlgItem=1180382) returned 0x1202de
[0196.113] SendMessageW (hWnd=0x1202de, Msg=0x202b, wParam=0x1202de, lParam=0xd7e0dc) returned 0x0
[0196.113] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x202b, wParam=0x1202de, lParam=0xd7e0dc) returned 0x0
[0196.113] InvalidateRect (hWnd=0x1202de, lpRect=0x0, bErase=0) returned 1
[0196.115] GetFocus () returned 0x1202de
[0196.116] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.116] IsWindowUnicode (hWnd=0x14013e) returned 1
[0196.116] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.116] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.116] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0196.116] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.116] IsWindowUnicode (hWnd=0x14013e) returned 1
[0196.116] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.116] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.116] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.116] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0196.117] IsWindowUnicode (hWnd=0x14013e) returned 1
[0196.117] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.117] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.117] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.117] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.117] IsWindowUnicode (hWnd=0x602c4) returned 1
[0196.117] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.117] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.117] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.117] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0196.117] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0196.117] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.118] IsWindowUnicode (hWnd=0x14013e) returned 1
[0196.118] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.118] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.118] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.118] BeginPaint (in: hWnd=0x14013e, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0196.118] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.119] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.119] GetSystemMetrics (nIndex=42) returned 0
[0196.119] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0196.119] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.119] EndPaint (hWnd=0x14013e, lpPaint=0xd7e274) returned 1
[0196.119] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.119] IsWindowUnicode (hWnd=0x1202dc) returned 1
[0196.119] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.119] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.119] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.119] BeginPaint (in: hWnd=0x1202dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0196.120] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.120] CreateCompatibleDC (hdc=0xc0107c5) returned 0x7c0107f9
[0196.120] SelectObject (hdc=0x7c0107f9, h=0x4a0507fe) returned 0x85000f
[0196.120] GdipCreateFromHDC (hdc=0x7c0107f9, graphics=0xd7e2b0) returned 0x0
[0196.120] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.120] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0196.120] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0196.120] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0196.120] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e310) returned 0x0
[0196.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.120] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0196.120] LocalFree (hMem=0x11eea28) returned 0x0
[0196.120] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0196.120] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0196.120] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0196.121] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e304) returned 0x0
[0196.121] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0196.121] GetWindowTextLengthW (hWnd=0x1202dc) returned 0
[0196.121] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0196.121] GetSystemMetrics (nIndex=42) returned 0
[0196.121] GetWindowTextW (in: hWnd=0x1202dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0196.121] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0196.121] GetClientRect (in: hWnd=0x1202dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0196.121] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0196.121] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0196.121] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0196.121] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0196.121] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e164) returned 0x0
[0196.121] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.121] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0196.121] LocalFree (hMem=0x11eec58) returned 0x0
[0196.121] GdipCombineRegionRegion (region=0x6646688, region2=0x6646958, combineMode=0x1) returned 0x0
[0196.121] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.121] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea28) returned 0x0
[0196.121] LocalFree (hMem=0x11eea28) returned 0x0
[0196.122] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0196.122] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0196.122] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0196.122] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0196.122] GdipDeleteRegion (region=0x6646688) returned 0x0
[0196.126] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0196.126] GetCurrentObject (hdc=0x7c0107f9, type=0x1) returned 0xb00017
[0196.126] GetCurrentObject (hdc=0x7c0107f9, type=0x2) returned 0x900010
[0196.126] GetCurrentObject (hdc=0x7c0107f9, type=0x7) returned 0x4a0507fe
[0196.127] GetCurrentObject (hdc=0x7c0107f9, type=0x6) returned 0x8a01c2
[0196.127] SaveDC (hdc=0x7c0107f9) returned 1
[0196.127] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbd040807
[0196.127] GetClipRgn (hdc=0x7c0107f9, hrgn=0xbd040807) returned 0
[0196.127] SelectClipRgn (hdc=0x7c0107f9, hrgn=0x4c0407de) returned 2
[0196.127] DeleteObject (ho=0xbd040807) returned 1
[0196.127] DeleteObject (ho=0x4c0407de) returned 1
[0196.127] OffsetViewportOrgEx (in: hdc=0x7c0107f9, x=0, y=0, lppt=0x2d172d0 | out: lppt=0x2d172d0) returned 1
[0196.127] GetNearestColor (hdc=0x7c0107f9, color=0xf0f0f0) returned 0xf0f0f0
[0196.127] CreateSolidBrush (color=0xf0f0f0) returned 0xd81007e1
[0196.127] FillRect (hDC=0x7c0107f9, lprc=0xd7e198, hbr=0xd81007e1) returned 1
[0196.127] DeleteObject (ho=0xd81007e1) returned 1
[0196.127] RestoreDC (hdc=0x7c0107f9, nSavedDC=-1) returned 1
[0196.127] GdipReleaseDC (graphics=0x6600030, hdc=0x7c0107f9) returned 0x0
[0196.127] GdipRestoreGraphics (graphics=0x6600030, state=0xfb060dbd) returned 0x0
[0196.128] GdipDeleteRegion (region=0x6646958) returned 0x0
[0196.128] GetWindowTextLengthW (hWnd=0x1202dc) returned 0
[0196.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0196.128] GetSystemMetrics (nIndex=42) returned 0
[0196.128] GetWindowTextW (in: hWnd=0x1202dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0196.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0196.128] GdipGetImageWidth (image=0x66504b0, width=0xd7e1e0) returned 0x0
[0196.128] GdipGetImageHeight (image=0x66504b0, height=0xd7e1e0) returned 0x0
[0196.128] GdipGetImageWidth (image=0x66504b0, width=0xd7e1cc) returned 0x0
[0196.128] GdipGetImageHeight (image=0x66504b0, height=0xd7e1cc) returned 0x0
[0196.128] GdipDrawImageRectI (graphics=0x6600030, image=0x66504b0, x=16, y=16, width=32, height=32) returned 0x0
[0196.128] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0196.128] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0x7c0107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.128] GdipReleaseDC (graphics=0x6600030, hdc=0x7c0107f9) returned 0x0
[0196.128] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.128] SelectObject (hdc=0x7c0107f9, h=0x85000f) returned 0x4a0507fe
[0196.129] DeleteDC (hdc=0x7c0107f9) returned 1
[0196.129] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.129] EndPaint (hWnd=0x1202dc, lpPaint=0xd7e294) returned 1
[0196.129] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.129] IsWindowUnicode (hWnd=0x1402d8) returned 1
[0196.129] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.129] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.129] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.129] BeginPaint (in: hWnd=0x1402d8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0196.129] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.129] CreateCompatibleDC (hdc=0x107b9) returned 0x7e0107f9
[0196.129] GetObjectType (h=0x107b9) returned 0x3
[0196.130] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0xffffffff820507f4
[0196.130] GetDIBits (in: hdc=0x107b9, hbm=0x820507f4, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0196.130] GetDIBits (in: hdc=0x107b9, hbm=0x820507f4, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0196.130] DeleteObject (ho=0x820507f4) returned 1
[0196.130] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x860507ae
[0196.130] SelectObject (hdc=0x7e0107f9, h=0x860507ae) returned 0x85000f
[0196.130] GdipCreateFromHDC (hdc=0x7e0107f9, graphics=0xd7e234) returned 0x0
[0196.130] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.130] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0196.131] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0196.131] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0196.131] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2d4) returned 0x0
[0196.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0196.131] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0196.131] LocalFree (hMem=0x11ee910) returned 0x0
[0196.131] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0196.131] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0196.131] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0196.131] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0196.131] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0196.131] GetWindowTextLengthW (hWnd=0x1402d8) returned 232
[0196.131] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0196.131] GetSystemMetrics (nIndex=42) returned 0
[0196.131] GetWindowTextW (in: hWnd=0x1402d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0196.131] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0196.131] GetClientRect (in: hWnd=0x1402d8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0196.131] GdipCreateRegion (region=0xd7e110) returned 0x0
[0196.131] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0196.131] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0196.132] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0196.132] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e128) returned 0x0
[0196.132] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0196.132] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eead0) returned 0x0
[0196.132] LocalFree (hMem=0x11eead0) returned 0x0
[0196.132] GdipCombineRegionRegion (region=0x66465f8, region2=0x6646dd8, combineMode=0x1) returned 0x0
[0196.132] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.132] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea28) returned 0x0
[0196.132] LocalFree (hMem=0x11eea28) returned 0x0
[0196.132] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0196.132] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0196.132] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0196.132] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0196.132] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0196.132] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0196.132] GetCurrentObject (hdc=0x7e0107f9, type=0x1) returned 0xb00017
[0196.132] GetCurrentObject (hdc=0x7e0107f9, type=0x2) returned 0x900010
[0196.132] GetCurrentObject (hdc=0x7e0107f9, type=0x7) returned 0xffffffff860507ae
[0196.132] GetCurrentObject (hdc=0x7e0107f9, type=0x6) returned 0x8a01c2
[0196.132] SaveDC (hdc=0x7e0107f9) returned 1
[0196.133] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4d0407de
[0196.133] GetClipRgn (hdc=0x7e0107f9, hrgn=0x4d0407de) returned 0
[0196.133] SelectClipRgn (hdc=0x7e0107f9, hrgn=0xbe040807) returned 2
[0196.133] DeleteObject (ho=0x4d0407de) returned 1
[0196.133] DeleteObject (ho=0xbe040807) returned 1
[0196.133] OffsetViewportOrgEx (in: hdc=0x7e0107f9, x=0, y=0, lppt=0x2d18c98 | out: lppt=0x2d18c98) returned 1
[0196.133] GetNearestColor (hdc=0x7e0107f9, color=0xf0f0f0) returned 0xf0f0f0
[0196.133] CreateSolidBrush (color=0xf0f0f0) returned 0xd91007e1
[0196.133] FillRect (hDC=0x7e0107f9, lprc=0xd7e15c, hbr=0xd91007e1) returned 1
[0196.134] DeleteObject (ho=0xd91007e1) returned 1
[0196.134] RestoreDC (hdc=0x7e0107f9, nSavedDC=-1) returned 1
[0196.134] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f9) returned 0x0
[0196.135] GdipRestoreGraphics (graphics=0x6600030, state=0xfb040dbd) returned 0x0
[0196.135] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0196.135] GetWindowTextLengthW (hWnd=0x1402d8) returned 232
[0196.135] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0196.135] GetSystemMetrics (nIndex=42) returned 0
[0196.135] GetWindowTextW (in: hWnd=0x1402d8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0196.135] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0196.135] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0196.135] GetCurrentObject (hdc=0x7e0107f9, type=0x1) returned 0xb00017
[0196.135] GetCurrentObject (hdc=0x7e0107f9, type=0x2) returned 0x900010
[0196.135] GetCurrentObject (hdc=0x7e0107f9, type=0x7) returned 0xffffffff860507ae
[0196.135] GetCurrentObject (hdc=0x7e0107f9, type=0x6) returned 0x8a01c2
[0196.135] SaveDC (hdc=0x7e0107f9) returned 1
[0196.135] GetNearestColor (hdc=0x7e0107f9, color=0x0) returned 0x0
[0196.135] RestoreDC (hdc=0x7e0107f9, nSavedDC=-1) returned 1
[0196.135] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f9) returned 0x0
[0196.136] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0196.136] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0196.136] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d19494 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0196.136] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0196.136] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0196.136] GetCurrentObject (hdc=0x7e0107f9, type=0x1) returned 0xb00017
[0196.136] GetCurrentObject (hdc=0x7e0107f9, type=0x2) returned 0x900010
[0196.137] GetCurrentObject (hdc=0x7e0107f9, type=0x7) returned 0xffffffff860507ae
[0196.137] GetCurrentObject (hdc=0x7e0107f9, type=0x6) returned 0x8a01c2
[0196.137] SaveDC (hdc=0x7e0107f9) returned 1
[0196.137] GetTextAlign (hdc=0x7e0107f9) returned 0x0
[0196.137] GetTextColor (hdc=0x7e0107f9) returned 0x0
[0196.137] GetCurrentObject (hdc=0x7e0107f9, type=0x6) returned 0x8a01c2
[0196.137] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0196.137] SelectObject (hdc=0x7e0107f9, h=0x6d0a0520) returned 0x8a01c2
[0196.137] GetBkMode (hdc=0x7e0107f9) returned 2
[0196.137] SetBkMode (hdc=0x7e0107f9, mode=1) returned 2
[0196.137] DrawTextExW (in: hdc=0x7e0107f9, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d196b8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0196.140] RestoreDC (hdc=0x7e0107f9, nSavedDC=-1) returned 1
[0196.141] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f9) returned 0x0
[0196.141] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0196.141] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x7e0107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.141] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f9) returned 0x0
[0196.141] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.150] SelectObject (hdc=0x7e0107f9, h=0x85000f) returned 0x860507ae
[0196.151] DeleteDC (hdc=0x7e0107f9) returned 1
[0196.151] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.151] DeleteObject (ho=0x860507ae) returned 1
[0196.152] EndPaint (hWnd=0x1402d8, lpPaint=0xd7e258) returned 1
[0196.153] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.163] IsWindowUnicode (hWnd=0x1202de) returned 1
[0196.163] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.164] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.164] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.164] BeginPaint (in: hWnd=0x1202de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0196.164] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.164] CreateCompatibleDC (hdc=0xf0105ee) returned 0x880107ae
[0196.164] SelectObject (hdc=0x880107ae, h=0x4a0507fe) returned 0x85000f
[0196.164] GdipCreateFromHDC (hdc=0x880107ae, graphics=0xd7e268) returned 0x0
[0196.164] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.164] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0196.164] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0196.165] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0196.165] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2c8) returned 0x0
[0196.165] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.165] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0196.165] LocalFree (hMem=0x11eea28) returned 0x0
[0196.165] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0196.165] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0196.165] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.165] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0196.165] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0196.165] GdipRestoreGraphics (graphics=0x6600030, state=0xfb020dbd) returned 0x0
[0196.165] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.165] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0196.165] GetCurrentObject (hdc=0x880107ae, type=0x1) returned 0xb00017
[0196.165] GetCurrentObject (hdc=0x880107ae, type=0x2) returned 0x900010
[0196.165] GetCurrentObject (hdc=0x880107ae, type=0x7) returned 0x4a0507fe
[0196.165] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.166] SaveDC (hdc=0x880107ae) returned 1
[0196.166] GetNearestColor (hdc=0x880107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.166] GetNearestColor (hdc=0x880107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.166] GetNearestColor (hdc=0x880107ae, color=0x696969) returned 0x696969
[0196.166] GetNearestColor (hdc=0x880107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.166] GetNearestColor (hdc=0x880107ae, color=0x0) returned 0x0
[0196.166] GetNearestColor (hdc=0x880107ae, color=0xffffff) returned 0xffffff
[0196.166] GetNearestColor (hdc=0x880107ae, color=0xe5e5e5) returned 0xe5e5e5
[0196.166] GetNearestColor (hdc=0x880107ae, color=0xd7d7d7) returned 0xd7d7d7
[0196.166] GetNearestColor (hdc=0x880107ae, color=0x0) returned 0x0
[0196.166] RestoreDC (hdc=0x880107ae, nSavedDC=-1) returned 1
[0196.166] GdipReleaseDC (graphics=0x6600030, hdc=0x880107ae) returned 0x0
[0196.166] IsAppThemed () returned 0x1
[0196.166] GetThemeAppProperties () returned 0x3
[0196.166] GetThemeAppProperties () returned 0x3
[0196.166] GdipGetImageWidth (image=0x664f100, width=0xd7e168) returned 0x0
[0196.167] GdipGetImageHeight (image=0x664f100, height=0xd7e168) returned 0x0
[0196.167] IsAppThemed () returned 0x1
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d19e08 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0196.167] IsAppThemed () returned 0x1
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] IsAppThemed () returned 0x1
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] GetFocus () returned 0x1202de
[0196.167] IsAppThemed () returned 0x1
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] GetThemeAppProperties () returned 0x3
[0196.167] IsAppThemed () returned 0x1
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] IsThemePartDefined () returned 0x1
[0196.168] IsAppThemed () returned 0x1
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0196.168] IsAppThemed () returned 0x1
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] IsAppThemed () returned 0x1
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] GetThemeAppProperties () returned 0x3
[0196.168] IsThemePartDefined () returned 0x1
[0196.168] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0196.168] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0196.168] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0196.168] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0196.168] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0196.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.168] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0196.168] LocalFree (hMem=0x11eec58) returned 0x0
[0196.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0196.168] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eead0) returned 0x0
[0196.168] LocalFree (hMem=0x11eead0) returned 0x0
[0196.169] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0196.169] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e018) returned 0x0
[0196.169] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e008) returned 0x0
[0196.169] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0196.169] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0196.169] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0196.169] GetCurrentObject (hdc=0x880107ae, type=0x1) returned 0xb00017
[0196.169] GetCurrentObject (hdc=0x880107ae, type=0x2) returned 0x900010
[0196.169] GetCurrentObject (hdc=0x880107ae, type=0x7) returned 0x4a0507fe
[0196.170] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.170] SaveDC (hdc=0x880107ae) returned 1
[0196.170] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbf040807
[0196.170] GetClipRgn (hdc=0x880107ae, hrgn=0xbf040807) returned 0
[0196.170] SelectClipRgn (hdc=0x880107ae, hrgn=0x510407de) returned 2
[0196.170] DeleteObject (ho=0xbf040807) returned 1
[0196.170] DeleteObject (ho=0x510407de) returned 1
[0196.170] OffsetViewportOrgEx (in: hdc=0x880107ae, x=0, y=0, lppt=0x2d1a4b8 | out: lppt=0x2d1a4b8) returned 1
[0196.170] DrawThemeParentBackground () returned 0x0
[0196.170] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0196.170] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0196.170] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.170] GetSystemMetrics (nIndex=42) returned 0
[0196.170] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0196.171] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0196.171] GetCurrentObject (hdc=0x880107ae, type=0x1) returned 0xb00017
[0196.171] GetCurrentObject (hdc=0x880107ae, type=0x2) returned 0x900010
[0196.171] GetCurrentObject (hdc=0x880107ae, type=0x7) returned 0x4a0507fe
[0196.171] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.171] SaveDC (hdc=0x880107ae) returned 2
[0196.171] GetNearestColor (hdc=0x880107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.171] CreateSolidBrush (color=0xf0f0f0) returned 0xda1007e1
[0196.171] FillRect (hDC=0x880107ae, lprc=0xd7da38, hbr=0xda1007e1) returned 1
[0196.171] DeleteObject (ho=0xda1007e1) returned 1
[0196.171] RestoreDC (hdc=0x880107ae, nSavedDC=-1) returned 1
[0196.171] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.171] GetSystemMetrics (nIndex=42) returned 0
[0196.171] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.171] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0196.171] GetCurrentObject (hdc=0x880107ae, type=0x1) returned 0xb00017
[0196.171] GetCurrentObject (hdc=0x880107ae, type=0x2) returned 0x900010
[0196.172] GetCurrentObject (hdc=0x880107ae, type=0x7) returned 0x4a0507fe
[0196.172] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.172] SaveDC (hdc=0x880107ae) returned 2
[0196.172] GetNearestColor (hdc=0x880107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.172] CreateSolidBrush (color=0xf0f0f0) returned 0xdb1007e1
[0196.172] FillRect (hDC=0x880107ae, lprc=0xd7d9d8, hbr=0xdb1007e1) returned 1
[0196.172] DeleteObject (ho=0xdb1007e1) returned 1
[0196.172] RestoreDC (hdc=0x880107ae, nSavedDC=-1) returned 1
[0196.172] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.172] GetSystemMetrics (nIndex=42) returned 0
[0196.172] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.172] RestoreDC (hdc=0x880107ae, nSavedDC=-1) returned 1
[0196.172] GdipReleaseDC (graphics=0x6600030, hdc=0x880107ae) returned 0x0
[0196.172] IsAppThemed () returned 0x1
[0196.172] GetThemeAppProperties () returned 0x3
[0196.172] GetThemeAppProperties () returned 0x3
[0196.173] IsAppThemed () returned 0x1
[0196.173] GetThemeAppProperties () returned 0x3
[0196.173] GetThemeAppProperties () returned 0x3
[0196.173] IsThemePartDefined () returned 0x1
[0196.173] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0196.173] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.173] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0196.173] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0196.173] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0196.173] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0196.173] LocalFree (hMem=0x11ee788) returned 0x0
[0196.173] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee910) returned 0x0
[0196.173] LocalFree (hMem=0x11ee910) returned 0x0
[0196.173] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0196.173] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0196.173] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0196.173] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0196.173] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.173] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0196.173] GetCurrentObject (hdc=0x880107ae, type=0x1) returned 0xb00017
[0196.173] GetCurrentObject (hdc=0x880107ae, type=0x2) returned 0x900010
[0196.173] GetCurrentObject (hdc=0x880107ae, type=0x7) returned 0x4a0507fe
[0196.173] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.173] SaveDC (hdc=0x880107ae) returned 1
[0196.174] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x520407de
[0196.174] GetClipRgn (hdc=0x880107ae, hrgn=0x520407de) returned 0
[0196.174] SelectClipRgn (hdc=0x880107ae, hrgn=0xc1040807) returned 2
[0196.174] DeleteObject (ho=0x520407de) returned 1
[0196.174] DeleteObject (ho=0xc1040807) returned 1
[0196.174] OffsetViewportOrgEx (in: hdc=0x880107ae, x=0, y=0, lppt=0x2d1ad64 | out: lppt=0x2d1ad64) returned 1
[0196.174] IsAppThemed () returned 0x1
[0196.174] GetThemeAppProperties () returned 0x3
[0196.174] GetThemeAppProperties () returned 0x3
[0196.174] DrawThemeBackground () returned 0x0
[0196.174] RestoreDC (hdc=0x880107ae, nSavedDC=-1) returned 1
[0196.174] GdipReleaseDC (graphics=0x6600030, hdc=0x880107ae) returned 0x0
[0196.174] GdipCreateRegion (region=0xd7df60) returned 0x0
[0196.174] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0196.174] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0196.174] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0196.174] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0196.174] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0196.174] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0196.175] LocalFree (hMem=0x11eed00) returned 0x0
[0196.175] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0196.175] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0196.175] LocalFree (hMem=0x11ee910) returned 0x0
[0196.175] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0196.175] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0196.175] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0196.175] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0196.175] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0196.175] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0196.175] GetCurrentObject (hdc=0x880107ae, type=0x1) returned 0xb00017
[0196.175] GetCurrentObject (hdc=0x880107ae, type=0x2) returned 0x900010
[0196.175] GetCurrentObject (hdc=0x880107ae, type=0x7) returned 0x4a0507fe
[0196.175] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.175] SaveDC (hdc=0x880107ae) returned 1
[0196.175] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc2040807
[0196.175] GetClipRgn (hdc=0x880107ae, hrgn=0xc2040807) returned 0
[0196.175] SelectClipRgn (hdc=0x880107ae, hrgn=0x530407de) returned 2
[0196.175] DeleteObject (ho=0xc2040807) returned 1
[0196.175] DeleteObject (ho=0x530407de) returned 1
[0196.176] OffsetViewportOrgEx (in: hdc=0x880107ae, x=0, y=0, lppt=0x2d1b038 | out: lppt=0x2d1b038) returned 1
[0196.176] IsAppThemed () returned 0x1
[0196.176] GetThemeAppProperties () returned 0x3
[0196.176] GetThemeAppProperties () returned 0x3
[0196.176] GetThemeBackgroundContentRect () returned 0x0
[0196.176] RestoreDC (hdc=0x880107ae, nSavedDC=-1) returned 1
[0196.176] GdipReleaseDC (graphics=0x6600030, hdc=0x880107ae) returned 0x0
[0196.176] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0196.176] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0196.176] GdipCloneRegion (region=0x6646298, cloneRegion=0xd7e150) returned 0x0
[0196.176] GdipCombineRegionRectI (region=0x6646ef8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0196.176] GdipCombineRegionRectI (region=0x6646ef8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0196.176] GdipSetClipRegion (graphics=0x6600030, region=0x6646ef8, combineMode=0x0) returned 0x0
[0196.176] GdipGetImageWidth (image=0x664f100, width=0xd7e154) returned 0x0
[0196.176] GdipGetImageHeight (image=0x664f100, height=0xd7e148) returned 0x0
[0196.176] GdipDrawImageRectI (graphics=0x6600030, image=0x664f100, x=4, y=4, width=16, height=16) returned 0x0
[0196.176] GdipSetClipRegion (graphics=0x6600030, region=0x6646298, combineMode=0x0) returned 0x0
[0196.176] IsAppThemed () returned 0x1
[0196.176] GetThemeAppProperties () returned 0x3
[0196.176] GetThemeAppProperties () returned 0x3
[0196.177] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0196.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0196.177] GetCurrentObject (hdc=0x880107ae, type=0x1) returned 0xb00017
[0196.177] GetCurrentObject (hdc=0x880107ae, type=0x2) returned 0x900010
[0196.177] GetCurrentObject (hdc=0x880107ae, type=0x7) returned 0x4a0507fe
[0196.177] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.177] SaveDC (hdc=0x880107ae) returned 1
[0196.177] GetTextAlign (hdc=0x880107ae) returned 0x0
[0196.177] GetTextColor (hdc=0x880107ae) returned 0x0
[0196.177] GetCurrentObject (hdc=0x880107ae, type=0x6) returned 0x8a01c2
[0196.177] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0196.177] SelectObject (hdc=0x880107ae, h=0x6d0a0520) returned 0x8a01c2
[0196.177] GetBkMode (hdc=0x880107ae) returned 2
[0196.177] SetBkMode (hdc=0x880107ae, mode=1) returned 2
[0196.177] DrawTextExW (in: hdc=0x880107ae, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d1b3f8 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0196.178] DrawTextExW (in: hdc=0x880107ae, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d1b3f8 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0196.178] RestoreDC (hdc=0x880107ae, nSavedDC=-1) returned 1
[0196.178] GdipReleaseDC (graphics=0x6600030, hdc=0x880107ae) returned 0x0
[0196.178] GetFocus () returned 0x1202de
[0196.178] IsAppThemed () returned 0x1
[0196.178] GetThemeAppProperties () returned 0x3
[0196.178] GetThemeAppProperties () returned 0x3
[0196.178] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0196.178] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x880107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.178] GdipReleaseDC (graphics=0x6600030, hdc=0x880107ae) returned 0x0
[0196.178] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.178] SelectObject (hdc=0x880107ae, h=0x85000f) returned 0x4a0507fe
[0196.179] DeleteDC (hdc=0x880107ae) returned 1
[0196.179] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.179] EndPaint (hWnd=0x1202de, lpPaint=0xd7e24c) returned 1
[0196.179] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.179] IsWindowUnicode (hWnd=0x802ce) returned 1
[0196.179] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.180] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.180] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.180] BeginPaint (in: hWnd=0x802ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0196.180] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.180] CreateCompatibleDC (hdc=0x10105d6) returned 0x8a0107ae
[0196.180] SelectObject (hdc=0x8a0107ae, h=0x4a0507fe) returned 0x85000f
[0196.180] GdipCreateFromHDC (hdc=0x8a0107ae, graphics=0xd7e268) returned 0x0
[0196.180] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.180] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0196.180] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0196.180] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0196.180] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0196.180] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.180] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0196.180] LocalFree (hMem=0x11eec58) returned 0x0
[0196.180] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0196.181] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0196.181] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0196.181] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0196.181] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0196.181] GdipRestoreGraphics (graphics=0x6600030, state=0xfb000dbd) returned 0x0
[0196.181] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0196.181] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0196.181] GetCurrentObject (hdc=0x8a0107ae, type=0x1) returned 0xb00017
[0196.181] GetCurrentObject (hdc=0x8a0107ae, type=0x2) returned 0x900010
[0196.181] GetCurrentObject (hdc=0x8a0107ae, type=0x7) returned 0x4a0507fe
[0196.181] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.181] SaveDC (hdc=0x8a0107ae) returned 1
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0x696969) returned 0x696969
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0x0) returned 0x0
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0xffffff) returned 0xffffff
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0xe5e5e5) returned 0xe5e5e5
[0196.181] GetNearestColor (hdc=0x8a0107ae, color=0xd7d7d7) returned 0xd7d7d7
[0196.182] GetNearestColor (hdc=0x8a0107ae, color=0x0) returned 0x0
[0196.182] RestoreDC (hdc=0x8a0107ae, nSavedDC=-1) returned 1
[0196.182] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107ae) returned 0x0
[0196.182] IsAppThemed () returned 0x1
[0196.182] GetThemeAppProperties () returned 0x3
[0196.182] GetThemeAppProperties () returned 0x3
[0196.182] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0196.182] SendMessageW (hWnd=0x14013e, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0196.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0196.182] IsAppThemed () returned 0x1
[0196.182] GetThemeAppProperties () returned 0x3
[0196.182] GetThemeAppProperties () returned 0x3
[0196.182] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2d1bc08 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0196.182] IsAppThemed () returned 0x1
[0196.182] GetThemeAppProperties () returned 0x3
[0196.182] GetThemeAppProperties () returned 0x3
[0196.182] IsAppThemed () returned 0x1
[0196.183] GetThemeAppProperties () returned 0x3
[0196.183] GetThemeAppProperties () returned 0x3
[0196.183] GetFocus () returned 0x1202de
[0196.183] IsAppThemed () returned 0x1
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] IsAppThemed () returned 0x1
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] IsThemePartDefined () returned 0x1
[0196.196] IsAppThemed () returned 0x1
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0196.196] IsAppThemed () returned 0x1
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] IsAppThemed () returned 0x1
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] GetThemeAppProperties () returned 0x3
[0196.196] IsThemePartDefined () returned 0x1
[0196.196] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0196.196] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0196.196] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0196.196] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0196.196] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0196.196] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.197] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0196.197] LocalFree (hMem=0x11eea28) returned 0x0
[0196.197] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.197] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0196.197] LocalFree (hMem=0x11eea28) returned 0x0
[0196.197] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0196.197] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e018) returned 0x0
[0196.197] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e008) returned 0x0
[0196.197] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0196.197] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0196.197] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0196.197] GetCurrentObject (hdc=0x8a0107ae, type=0x1) returned 0xb00017
[0196.197] GetCurrentObject (hdc=0x8a0107ae, type=0x2) returned 0x900010
[0196.197] GetCurrentObject (hdc=0x8a0107ae, type=0x7) returned 0x4a0507fe
[0196.197] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.197] SaveDC (hdc=0x8a0107ae) returned 1
[0196.197] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x540407de
[0196.197] GetClipRgn (hdc=0x8a0107ae, hrgn=0x540407de) returned 0
[0196.197] SelectClipRgn (hdc=0x8a0107ae, hrgn=0xc6040807) returned 2
[0196.198] DeleteObject (ho=0x540407de) returned 1
[0196.198] DeleteObject (ho=0xc6040807) returned 1
[0196.198] OffsetViewportOrgEx (in: hdc=0x8a0107ae, x=0, y=0, lppt=0x2d1c2b8 | out: lppt=0x2d1c2b8) returned 1
[0196.198] DrawThemeParentBackground () returned 0x0
[0196.198] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0196.198] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0196.198] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.198] GetSystemMetrics (nIndex=42) returned 0
[0196.198] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0196.198] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0196.198] GetCurrentObject (hdc=0x8a0107ae, type=0x1) returned 0xb00017
[0196.198] GetCurrentObject (hdc=0x8a0107ae, type=0x2) returned 0x900010
[0196.198] GetCurrentObject (hdc=0x8a0107ae, type=0x7) returned 0x4a0507fe
[0196.198] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.198] SaveDC (hdc=0x8a0107ae) returned 2
[0196.198] GetNearestColor (hdc=0x8a0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.198] CreateSolidBrush (color=0xf0f0f0) returned 0xdc1007e1
[0196.199] FillRect (hDC=0x8a0107ae, lprc=0xd7da38, hbr=0xdc1007e1) returned 1
[0196.199] DeleteObject (ho=0xdc1007e1) returned 1
[0196.199] RestoreDC (hdc=0x8a0107ae, nSavedDC=-1) returned 1
[0196.199] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.199] GetSystemMetrics (nIndex=42) returned 0
[0196.199] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.199] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0196.199] GetCurrentObject (hdc=0x8a0107ae, type=0x1) returned 0xb00017
[0196.199] GetCurrentObject (hdc=0x8a0107ae, type=0x2) returned 0x900010
[0196.199] GetCurrentObject (hdc=0x8a0107ae, type=0x7) returned 0x4a0507fe
[0196.199] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.199] SaveDC (hdc=0x8a0107ae) returned 2
[0196.199] GetNearestColor (hdc=0x8a0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.199] CreateSolidBrush (color=0xf0f0f0) returned 0xdd1007e1
[0196.199] FillRect (hDC=0x8a0107ae, lprc=0xd7d9d8, hbr=0xdd1007e1) returned 1
[0196.199] DeleteObject (ho=0xdd1007e1) returned 1
[0196.199] RestoreDC (hdc=0x8a0107ae, nSavedDC=-1) returned 1
[0196.200] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.200] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.200] GetSystemMetrics (nIndex=42) returned 0
[0196.200] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.200] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.200] RestoreDC (hdc=0x8a0107ae, nSavedDC=-1) returned 1
[0196.204] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107ae) returned 0x0
[0196.204] IsAppThemed () returned 0x1
[0196.204] GetThemeAppProperties () returned 0x3
[0196.204] GetThemeAppProperties () returned 0x3
[0196.204] IsAppThemed () returned 0x1
[0196.204] GetThemeAppProperties () returned 0x3
[0196.204] GetThemeAppProperties () returned 0x3
[0196.204] IsThemePartDefined () returned 0x1
[0196.204] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0196.204] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0196.204] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0196.204] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0196.204] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0196.204] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.204] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0196.204] LocalFree (hMem=0x11eec58) returned 0x0
[0196.204] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.204] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0196.204] LocalFree (hMem=0x11eec58) returned 0x0
[0196.205] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0196.205] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0196.205] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0196.205] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0196.205] GdipDeleteRegion (region=0x6646688) returned 0x0
[0196.205] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0196.205] GetCurrentObject (hdc=0x8a0107ae, type=0x1) returned 0xb00017
[0196.205] GetCurrentObject (hdc=0x8a0107ae, type=0x2) returned 0x900010
[0196.205] GetCurrentObject (hdc=0x8a0107ae, type=0x7) returned 0x4a0507fe
[0196.205] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.205] SaveDC (hdc=0x8a0107ae) returned 1
[0196.205] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc7040807
[0196.205] GetClipRgn (hdc=0x8a0107ae, hrgn=0xc7040807) returned 0
[0196.205] SelectClipRgn (hdc=0x8a0107ae, hrgn=0x560407de) returned 2
[0196.205] DeleteObject (ho=0xc7040807) returned 1
[0196.205] DeleteObject (ho=0x560407de) returned 1
[0196.205] OffsetViewportOrgEx (in: hdc=0x8a0107ae, x=0, y=0, lppt=0x2d1cb64 | out: lppt=0x2d1cb64) returned 1
[0196.205] IsAppThemed () returned 0x1
[0196.205] GetThemeAppProperties () returned 0x3
[0196.205] GetThemeAppProperties () returned 0x3
[0196.206] DrawThemeBackground () returned 0x0
[0196.206] RestoreDC (hdc=0x8a0107ae, nSavedDC=-1) returned 1
[0196.206] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107ae) returned 0x0
[0196.206] GdipCreateRegion (region=0xd7df60) returned 0x0
[0196.206] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0196.206] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0196.206] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0196.206] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0196.206] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.206] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0196.206] LocalFree (hMem=0x11eea28) returned 0x0
[0196.206] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.206] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0196.206] LocalFree (hMem=0x11eec58) returned 0x0
[0196.206] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0196.206] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0196.206] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7df90) returned 0x0
[0196.206] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0196.206] GdipDeleteRegion (region=0x6646568) returned 0x0
[0196.206] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0196.206] GetCurrentObject (hdc=0x8a0107ae, type=0x1) returned 0xb00017
[0196.206] GetCurrentObject (hdc=0x8a0107ae, type=0x2) returned 0x900010
[0196.207] GetCurrentObject (hdc=0x8a0107ae, type=0x7) returned 0x4a0507fe
[0196.207] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.207] SaveDC (hdc=0x8a0107ae) returned 1
[0196.207] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x570407de
[0196.207] GetClipRgn (hdc=0x8a0107ae, hrgn=0x570407de) returned 0
[0196.207] SelectClipRgn (hdc=0x8a0107ae, hrgn=0xc8040807) returned 2
[0196.207] DeleteObject (ho=0x570407de) returned 1
[0196.207] DeleteObject (ho=0xc8040807) returned 1
[0196.207] OffsetViewportOrgEx (in: hdc=0x8a0107ae, x=0, y=0, lppt=0x2d1ce38 | out: lppt=0x2d1ce38) returned 1
[0196.207] IsAppThemed () returned 0x1
[0196.207] GetThemeAppProperties () returned 0x3
[0196.207] GetThemeAppProperties () returned 0x3
[0196.207] GetThemeBackgroundContentRect () returned 0x0
[0196.207] RestoreDC (hdc=0x8a0107ae, nSavedDC=-1) returned 1
[0196.207] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107ae) returned 0x0
[0196.207] IsAppThemed () returned 0x1
[0196.207] GetThemeAppProperties () returned 0x3
[0196.207] GetThemeAppProperties () returned 0x3
[0196.207] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0196.207] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0196.207] GetCurrentObject (hdc=0x8a0107ae, type=0x1) returned 0xb00017
[0196.207] GetCurrentObject (hdc=0x8a0107ae, type=0x2) returned 0x900010
[0196.208] GetCurrentObject (hdc=0x8a0107ae, type=0x7) returned 0x4a0507fe
[0196.208] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.208] SaveDC (hdc=0x8a0107ae) returned 1
[0196.208] GetTextAlign (hdc=0x8a0107ae) returned 0x0
[0196.208] GetTextColor (hdc=0x8a0107ae) returned 0x0
[0196.208] GetCurrentObject (hdc=0x8a0107ae, type=0x6) returned 0x8a01c2
[0196.208] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0196.208] SelectObject (hdc=0x8a0107ae, h=0x6d0a0520) returned 0x8a01c2
[0196.208] GetBkMode (hdc=0x8a0107ae) returned 2
[0196.208] SetBkMode (hdc=0x8a0107ae, mode=1) returned 2
[0196.208] DrawTextExW (in: hdc=0x8a0107ae, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2d1d1d8 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0196.208] DrawTextExW (in: hdc=0x8a0107ae, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d1d1d8 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0196.209] RestoreDC (hdc=0x8a0107ae, nSavedDC=-1) returned 1
[0196.209] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107ae) returned 0x0
[0196.209] GetFocus () returned 0x1202de
[0196.209] IsAppThemed () returned 0x1
[0196.209] GetThemeAppProperties () returned 0x3
[0196.209] GetThemeAppProperties () returned 0x3
[0196.209] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0196.209] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x8a0107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.209] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107ae) returned 0x0
[0196.209] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.209] SelectObject (hdc=0x8a0107ae, h=0x85000f) returned 0x4a0507fe
[0196.209] DeleteDC (hdc=0x8a0107ae) returned 1
[0196.209] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.209] EndPaint (hWnd=0x802ce, lpPaint=0xd7e24c) returned 1
[0196.210] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.210] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.210] IsWindowUnicode (hWnd=0x802ce) returned 1
[0196.210] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.210] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.210] SetCursor (hCursor=0x10003) returned 0x10003
[0196.210] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.210] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.210] _TrackMouseEvent (in: lpEventTrack=0x2d1d2d4 | out: lpEventTrack=0x2d1d2d4) returned 1
[0196.211] SendMessageW (hWnd=0x802ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0196.211] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0196.211] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.211] GetKeyState (nVirtKey=1) returned 0
[0196.211] GetKeyState (nVirtKey=2) returned 0
[0196.211] GetKeyState (nVirtKey=4) returned 0
[0196.211] GetKeyState (nVirtKey=5) returned 0
[0196.211] GetKeyState (nVirtKey=6) returned 0
[0196.211] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.211] IsWindowUnicode (hWnd=0x802ce) returned 1
[0196.211] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.211] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.211] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.211] BeginPaint (in: hWnd=0x802ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0196.211] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.211] CreateCompatibleDC (hdc=0x10105d6) returned 0x8b0107ae
[0196.211] SelectObject (hdc=0x8b0107ae, h=0x4a0507fe) returned 0x85000f
[0196.211] GdipCreateFromHDC (hdc=0x8b0107ae, graphics=0xd7e268) returned 0x0
[0196.212] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.212] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0196.212] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0196.212] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0196.212] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0196.212] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.212] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea28) returned 0x0
[0196.212] LocalFree (hMem=0x11eea28) returned 0x0
[0196.212] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0196.212] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0196.212] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0196.212] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0196.212] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0196.212] GdipRestoreGraphics (graphics=0x6600030, state=0xfafe0dbd) returned 0x0
[0196.212] GdipDeleteRegion (region=0x6646838) returned 0x0
[0196.212] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0196.212] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0196.212] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0196.212] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0196.212] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.212] SaveDC (hdc=0x8b0107ae) returned 1
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0x696969) returned 0x696969
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0x0) returned 0x0
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0xffffff) returned 0xffffff
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0xe5e5e5) returned 0xe5e5e5
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0xd7d7d7) returned 0xd7d7d7
[0196.213] GetNearestColor (hdc=0x8b0107ae, color=0x0) returned 0x0
[0196.213] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0196.213] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0196.213] IsAppThemed () returned 0x1
[0196.213] GetThemeAppProperties () returned 0x3
[0196.213] GetThemeAppProperties () returned 0x3
[0196.213] IsAppThemed () returned 0x1
[0196.213] GetThemeAppProperties () returned 0x3
[0196.213] GetThemeAppProperties () returned 0x3
[0196.213] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d1da34 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0196.214] IsAppThemed () returned 0x1
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] IsAppThemed () returned 0x1
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] IsAppThemed () returned 0x1
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] IsAppThemed () returned 0x1
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] IsThemePartDefined () returned 0x1
[0196.214] IsAppThemed () returned 0x1
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0196.214] IsAppThemed () returned 0x1
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] IsAppThemed () returned 0x1
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] GetThemeAppProperties () returned 0x3
[0196.214] IsThemePartDefined () returned 0x1
[0196.214] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0196.214] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0196.214] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0196.214] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0196.215] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfe4) returned 0x0
[0196.215] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0196.215] LocalFree (hMem=0x11ee788) returned 0x0
[0196.215] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0196.215] LocalFree (hMem=0x11ee788) returned 0x0
[0196.215] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0196.215] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0196.215] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0196.215] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0196.215] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0196.215] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0196.215] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0196.215] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0196.215] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0196.215] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.215] SaveDC (hdc=0x8b0107ae) returned 1
[0196.215] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc9040807
[0196.215] GetClipRgn (hdc=0x8b0107ae, hrgn=0xc9040807) returned 0
[0196.215] SelectClipRgn (hdc=0x8b0107ae, hrgn=0x5b0407de) returned 2
[0196.215] DeleteObject (ho=0xc9040807) returned 1
[0196.215] DeleteObject (ho=0x5b0407de) returned 1
[0196.215] OffsetViewportOrgEx (in: hdc=0x8b0107ae, x=0, y=0, lppt=0x2d1e0e4 | out: lppt=0x2d1e0e4) returned 1
[0196.215] DrawThemeParentBackground () returned 0x0
[0196.219] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0196.219] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0196.219] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.219] GetSystemMetrics (nIndex=42) returned 0
[0196.219] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0196.219] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.220] SaveDC (hdc=0x8b0107ae) returned 2
[0196.220] GetNearestColor (hdc=0x8b0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.220] CreateSolidBrush (color=0xf0f0f0) returned 0xde1007e1
[0196.220] FillRect (hDC=0x8b0107ae, lprc=0xd7da30, hbr=0xde1007e1) returned 1
[0196.220] DeleteObject (ho=0xde1007e1) returned 1
[0196.220] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0196.220] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.220] GetSystemMetrics (nIndex=42) returned 0
[0196.220] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0196.220] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0196.220] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.221] SaveDC (hdc=0x8b0107ae) returned 2
[0196.221] GetNearestColor (hdc=0x8b0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.221] CreateSolidBrush (color=0xf0f0f0) returned 0xdf1007e1
[0196.221] FillRect (hDC=0x8b0107ae, lprc=0xd7d9d0, hbr=0xdf1007e1) returned 1
[0196.221] DeleteObject (ho=0xdf1007e1) returned 1
[0196.221] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0196.221] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.221] GetSystemMetrics (nIndex=42) returned 0
[0196.221] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0196.221] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0196.221] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0196.221] IsAppThemed () returned 0x1
[0196.221] GetThemeAppProperties () returned 0x3
[0196.221] GetThemeAppProperties () returned 0x3
[0196.221] IsAppThemed () returned 0x1
[0196.221] GetThemeAppProperties () returned 0x3
[0196.221] GetThemeAppProperties () returned 0x3
[0196.221] IsThemePartDefined () returned 0x1
[0196.222] GdipCreateRegion (region=0xd7df50) returned 0x0
[0196.222] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0196.222] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0196.222] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0196.222] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df68) returned 0x0
[0196.222] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0196.222] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0196.222] LocalFree (hMem=0x11ee788) returned 0x0
[0196.222] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.222] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea28) returned 0x0
[0196.222] LocalFree (hMem=0x11eea28) returned 0x0
[0196.222] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0196.222] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7df90) returned 0x0
[0196.222] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7df80) returned 0x0
[0196.222] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0196.222] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0196.222] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0196.222] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0196.222] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0196.222] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0196.222] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.222] SaveDC (hdc=0x8b0107ae) returned 1
[0196.223] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5c0407de
[0196.223] GetClipRgn (hdc=0x8b0107ae, hrgn=0x5c0407de) returned 0
[0196.223] SelectClipRgn (hdc=0x8b0107ae, hrgn=0xcb040807) returned 2
[0196.223] DeleteObject (ho=0x5c0407de) returned 1
[0196.223] DeleteObject (ho=0xcb040807) returned 1
[0196.223] OffsetViewportOrgEx (in: hdc=0x8b0107ae, x=0, y=0, lppt=0x2d1e990 | out: lppt=0x2d1e990) returned 1
[0196.223] IsAppThemed () returned 0x1
[0196.223] GetThemeAppProperties () returned 0x3
[0196.223] GetThemeAppProperties () returned 0x3
[0196.223] DrawThemeBackground () returned 0x0
[0196.223] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0196.223] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0196.223] GdipCreateRegion (region=0xd7df54) returned 0x0
[0196.223] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0196.223] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0196.223] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0196.223] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df6c) returned 0x0
[0196.223] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0196.223] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0196.223] LocalFree (hMem=0x11eecc8) returned 0x0
[0196.223] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0196.224] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0196.224] LocalFree (hMem=0x11ee788) returned 0x0
[0196.224] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0196.224] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0196.224] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0196.224] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0196.224] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0196.224] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0196.224] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0196.224] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0196.224] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0196.224] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.224] SaveDC (hdc=0x8b0107ae) returned 1
[0196.224] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcc040807
[0196.224] GetClipRgn (hdc=0x8b0107ae, hrgn=0xcc040807) returned 0
[0196.224] SelectClipRgn (hdc=0x8b0107ae, hrgn=0x5d0407de) returned 2
[0196.224] DeleteObject (ho=0xcc040807) returned 1
[0196.224] DeleteObject (ho=0x5d0407de) returned 1
[0196.224] OffsetViewportOrgEx (in: hdc=0x8b0107ae, x=0, y=0, lppt=0x2d1ec64 | out: lppt=0x2d1ec64) returned 1
[0196.224] IsAppThemed () returned 0x1
[0196.224] GetThemeAppProperties () returned 0x3
[0196.224] GetThemeAppProperties () returned 0x3
[0196.225] GetThemeBackgroundContentRect () returned 0x0
[0196.225] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0196.225] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0196.225] IsAppThemed () returned 0x1
[0196.225] GetThemeAppProperties () returned 0x3
[0196.225] GetThemeAppProperties () returned 0x3
[0196.225] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0196.225] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0196.225] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0196.225] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0196.225] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0196.225] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.225] SaveDC (hdc=0x8b0107ae) returned 1
[0196.225] GetTextAlign (hdc=0x8b0107ae) returned 0x0
[0196.225] GetTextColor (hdc=0x8b0107ae) returned 0x0
[0196.225] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0196.225] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0196.226] SelectObject (hdc=0x8b0107ae, h=0x6d0a0520) returned 0x8a01c2
[0196.226] GetBkMode (hdc=0x8b0107ae) returned 2
[0196.226] SetBkMode (hdc=0x8b0107ae, mode=1) returned 2
[0196.226] DrawTextExW (in: hdc=0x8b0107ae, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d1f004 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0196.226] DrawTextExW (in: hdc=0x8b0107ae, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d1f004 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0196.226] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0196.226] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0196.226] GetFocus () returned 0x1202de
[0196.226] IsAppThemed () returned 0x1
[0196.226] GetThemeAppProperties () returned 0x3
[0196.226] GetThemeAppProperties () returned 0x3
[0196.226] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0196.227] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x8b0107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.227] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0196.227] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.227] SelectObject (hdc=0x8b0107ae, h=0x85000f) returned 0x4a0507fe
[0196.227] DeleteDC (hdc=0x8b0107ae) returned 1
[0196.227] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.227] EndPaint (hWnd=0x802ce, lpPaint=0xd7e24c) returned 1
[0196.227] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.227] IsWindowUnicode (hWnd=0x1500ea) returned 1
[0196.227] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.227] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.227] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.227] BeginPaint (in: hWnd=0x1500ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0196.228] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.228] CreateCompatibleDC (hdc=0xc0107c5) returned 0x8d0107ae
[0196.228] SelectObject (hdc=0x8d0107ae, h=0x4a0507fe) returned 0x85000f
[0196.228] GdipCreateFromHDC (hdc=0x8d0107ae, graphics=0xd7e268) returned 0x0
[0196.228] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.228] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0196.228] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0196.228] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0196.228] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2c8) returned 0x0
[0196.228] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.228] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0196.228] LocalFree (hMem=0x11eea28) returned 0x0
[0196.228] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0196.228] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0196.228] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0196.228] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0196.228] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0196.229] GdipRestoreGraphics (graphics=0x6600030, state=0xfafc0dbd) returned 0x0
[0196.229] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0196.229] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0196.229] GetCurrentObject (hdc=0x8d0107ae, type=0x1) returned 0xb00017
[0196.229] GetCurrentObject (hdc=0x8d0107ae, type=0x2) returned 0x900010
[0196.229] GetCurrentObject (hdc=0x8d0107ae, type=0x7) returned 0x4a0507fe
[0196.229] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.229] SaveDC (hdc=0x8d0107ae) returned 1
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0x696969) returned 0x696969
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0xa0a0a0) returned 0xa0a0a0
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0x0) returned 0x0
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0xffffff) returned 0xffffff
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0xe5e5e5) returned 0xe5e5e5
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0xd7d7d7) returned 0xd7d7d7
[0196.229] GetNearestColor (hdc=0x8d0107ae, color=0x0) returned 0x0
[0196.229] RestoreDC (hdc=0x8d0107ae, nSavedDC=-1) returned 1
[0196.230] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107ae) returned 0x0
[0196.230] IsAppThemed () returned 0x1
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0196.230] SendMessageW (hWnd=0x14013e, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0196.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0196.230] IsAppThemed () returned 0x1
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d1f814 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0196.230] IsAppThemed () returned 0x1
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] IsAppThemed () returned 0x1
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] GetThemeAppProperties () returned 0x3
[0196.230] GetFocus () returned 0x1202de
[0196.231] IsAppThemed () returned 0x1
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] IsAppThemed () returned 0x1
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] IsThemePartDefined () returned 0x1
[0196.231] IsAppThemed () returned 0x1
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0196.231] IsAppThemed () returned 0x1
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] IsAppThemed () returned 0x1
[0196.231] GetThemeAppProperties () returned 0x3
[0196.231] GetThemeAppProperties () returned 0x3
[0196.263] IsThemePartDefined () returned 0x1
[0196.263] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0196.263] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0196.263] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0196.263] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0196.263] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0196.263] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0196.263] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0196.263] LocalFree (hMem=0x11ee788) returned 0x0
[0196.263] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.263] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0196.264] LocalFree (hMem=0x11eea28) returned 0x0
[0196.264] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0196.264] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e018) returned 0x0
[0196.264] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e008) returned 0x0
[0196.264] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0196.264] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0196.264] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0196.264] GetCurrentObject (hdc=0x8d0107ae, type=0x1) returned 0xb00017
[0196.264] GetCurrentObject (hdc=0x8d0107ae, type=0x2) returned 0x900010
[0196.264] GetCurrentObject (hdc=0x8d0107ae, type=0x7) returned 0x4a0507fe
[0196.264] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.264] SaveDC (hdc=0x8d0107ae) returned 1
[0196.264] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5e0407de
[0196.264] GetClipRgn (hdc=0x8d0107ae, hrgn=0x5e0407de) returned 0
[0196.264] SelectClipRgn (hdc=0x8d0107ae, hrgn=0xd0040807) returned 2
[0196.264] DeleteObject (ho=0x5e0407de) returned 1
[0196.264] DeleteObject (ho=0xd0040807) returned 1
[0196.264] OffsetViewportOrgEx (in: hdc=0x8d0107ae, x=0, y=0, lppt=0x2d1fec4 | out: lppt=0x2d1fec4) returned 1
[0196.264] DrawThemeParentBackground () returned 0x0
[0196.265] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0196.265] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0196.265] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.265] GetSystemMetrics (nIndex=42) returned 0
[0196.265] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0196.265] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0196.265] GetCurrentObject (hdc=0x8d0107ae, type=0x1) returned 0xb00017
[0196.265] GetCurrentObject (hdc=0x8d0107ae, type=0x2) returned 0x900010
[0196.265] GetCurrentObject (hdc=0x8d0107ae, type=0x7) returned 0x4a0507fe
[0196.265] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.265] SaveDC (hdc=0x8d0107ae) returned 2
[0196.265] GetNearestColor (hdc=0x8d0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.265] CreateSolidBrush (color=0xf0f0f0) returned 0xe01007e1
[0196.265] FillRect (hDC=0x8d0107ae, lprc=0xd7da38, hbr=0xe01007e1) returned 1
[0196.266] DeleteObject (ho=0xe01007e1) returned 1
[0196.266] RestoreDC (hdc=0x8d0107ae, nSavedDC=-1) returned 1
[0196.266] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.266] GetSystemMetrics (nIndex=42) returned 0
[0196.266] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.266] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0196.266] GetCurrentObject (hdc=0x8d0107ae, type=0x1) returned 0xb00017
[0196.266] GetCurrentObject (hdc=0x8d0107ae, type=0x2) returned 0x900010
[0196.266] GetCurrentObject (hdc=0x8d0107ae, type=0x7) returned 0x4a0507fe
[0196.266] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.266] SaveDC (hdc=0x8d0107ae) returned 2
[0196.266] GetNearestColor (hdc=0x8d0107ae, color=0xf0f0f0) returned 0xf0f0f0
[0196.266] CreateSolidBrush (color=0xf0f0f0) returned 0xe11007e1
[0196.266] FillRect (hDC=0x8d0107ae, lprc=0xd7d9d8, hbr=0xe11007e1) returned 1
[0196.266] DeleteObject (ho=0xe11007e1) returned 1
[0196.266] RestoreDC (hdc=0x8d0107ae, nSavedDC=-1) returned 1
[0196.266] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.266] GetSystemMetrics (nIndex=42) returned 0
[0196.267] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.267] RestoreDC (hdc=0x8d0107ae, nSavedDC=-1) returned 1
[0196.267] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107ae) returned 0x0
[0196.267] IsAppThemed () returned 0x1
[0196.267] GetThemeAppProperties () returned 0x3
[0196.267] GetThemeAppProperties () returned 0x3
[0196.267] IsAppThemed () returned 0x1
[0196.267] GetThemeAppProperties () returned 0x3
[0196.267] GetThemeAppProperties () returned 0x3
[0196.267] IsThemePartDefined () returned 0x1
[0196.267] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0196.267] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0196.267] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0196.267] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0196.267] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0196.267] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.267] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0196.268] LocalFree (hMem=0x11eec58) returned 0x0
[0196.268] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0196.268] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0196.268] LocalFree (hMem=0x11ee8d8) returned 0x0
[0196.268] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0196.268] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0196.268] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0196.268] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0196.268] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0196.268] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0196.268] GetCurrentObject (hdc=0x8d0107ae, type=0x1) returned 0xb00017
[0196.268] GetCurrentObject (hdc=0x8d0107ae, type=0x2) returned 0x900010
[0196.268] GetCurrentObject (hdc=0x8d0107ae, type=0x7) returned 0x4a0507fe
[0196.268] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.268] SaveDC (hdc=0x8d0107ae) returned 1
[0196.268] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd1040807
[0196.268] GetClipRgn (hdc=0x8d0107ae, hrgn=0xd1040807) returned 0
[0196.268] SelectClipRgn (hdc=0x8d0107ae, hrgn=0x600407de) returned 2
[0196.268] DeleteObject (ho=0xd1040807) returned 1
[0196.268] DeleteObject (ho=0x600407de) returned 1
[0196.269] OffsetViewportOrgEx (in: hdc=0x8d0107ae, x=0, y=0, lppt=0x2d20770 | out: lppt=0x2d20770) returned 1
[0196.269] IsAppThemed () returned 0x1
[0196.269] GetThemeAppProperties () returned 0x3
[0196.269] GetThemeAppProperties () returned 0x3
[0196.269] DrawThemeBackground () returned 0x0
[0196.269] RestoreDC (hdc=0x8d0107ae, nSavedDC=-1) returned 1
[0196.269] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107ae) returned 0x0
[0196.269] GdipCreateRegion (region=0xd7df60) returned 0x0
[0196.269] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0196.269] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0196.269] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0196.269] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0196.269] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0196.269] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0196.269] LocalFree (hMem=0x11ee8d8) returned 0x0
[0196.269] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.269] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0196.269] LocalFree (hMem=0x11eec58) returned 0x0
[0196.269] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0196.269] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0196.269] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df90) returned 0x0
[0196.270] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0196.270] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0196.270] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0196.270] GetCurrentObject (hdc=0x8d0107ae, type=0x1) returned 0xb00017
[0196.270] GetCurrentObject (hdc=0x8d0107ae, type=0x2) returned 0x900010
[0196.270] GetCurrentObject (hdc=0x8d0107ae, type=0x7) returned 0x4a0507fe
[0196.270] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.270] SaveDC (hdc=0x8d0107ae) returned 1
[0196.270] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x610407de
[0196.270] GetClipRgn (hdc=0x8d0107ae, hrgn=0x610407de) returned 0
[0196.270] SelectClipRgn (hdc=0x8d0107ae, hrgn=0xd2040807) returned 2
[0196.270] DeleteObject (ho=0x610407de) returned 1
[0196.270] DeleteObject (ho=0xd2040807) returned 1
[0196.270] OffsetViewportOrgEx (in: hdc=0x8d0107ae, x=0, y=0, lppt=0x2d20a44 | out: lppt=0x2d20a44) returned 1
[0196.270] IsAppThemed () returned 0x1
[0196.270] GetThemeAppProperties () returned 0x3
[0196.270] GetThemeAppProperties () returned 0x3
[0196.270] GetThemeBackgroundContentRect () returned 0x0
[0196.270] RestoreDC (hdc=0x8d0107ae, nSavedDC=-1) returned 1
[0196.270] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107ae) returned 0x0
[0196.270] IsAppThemed () returned 0x1
[0196.271] GetThemeAppProperties () returned 0x3
[0196.271] GetThemeAppProperties () returned 0x3
[0196.271] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0196.271] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0196.271] GetCurrentObject (hdc=0x8d0107ae, type=0x1) returned 0xb00017
[0196.271] GetCurrentObject (hdc=0x8d0107ae, type=0x2) returned 0x900010
[0196.271] GetCurrentObject (hdc=0x8d0107ae, type=0x7) returned 0x4a0507fe
[0196.271] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.271] SaveDC (hdc=0x8d0107ae) returned 1
[0196.271] GetTextAlign (hdc=0x8d0107ae) returned 0x0
[0196.271] GetTextColor (hdc=0x8d0107ae) returned 0x0
[0196.271] GetCurrentObject (hdc=0x8d0107ae, type=0x6) returned 0x8a01c2
[0196.271] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0196.271] SelectObject (hdc=0x8d0107ae, h=0x6d0a0520) returned 0x8a01c2
[0196.271] GetBkMode (hdc=0x8d0107ae) returned 2
[0196.271] SetBkMode (hdc=0x8d0107ae, mode=1) returned 2
[0196.271] DrawTextExW (in: hdc=0x8d0107ae, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d20de4 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0196.272] DrawTextExW (in: hdc=0x8d0107ae, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d20de4 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0196.272] RestoreDC (hdc=0x8d0107ae, nSavedDC=-1) returned 1
[0196.272] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107ae) returned 0x0
[0196.272] GetFocus () returned 0x1202de
[0196.272] IsAppThemed () returned 0x1
[0196.272] GetThemeAppProperties () returned 0x3
[0196.272] GetThemeAppProperties () returned 0x3
[0196.272] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0196.272] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x8d0107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.272] GdipReleaseDC (graphics=0x6600030, hdc=0x8d0107ae) returned 0x0
[0196.272] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.272] SelectObject (hdc=0x8d0107ae, h=0x85000f) returned 0x4a0507fe
[0196.273] DeleteDC (hdc=0x8d0107ae) returned 1
[0196.273] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.273] EndPaint (hWnd=0x1500ea, lpPaint=0xd7e24c) returned 1
[0196.273] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0196.274] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.274] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0196.274] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.274] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.275] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0196.276] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.276] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.276] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.276] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.277] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.277] IsWindowUnicode (hWnd=0x602c4) returned 1
[0196.277] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.277] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.277] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.278] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0196.278] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.278] CreateCompatibleDC (hdc=0xf0105ee) returned 0x8f0107ae
[0196.278] SelectObject (hdc=0x8f0107ae, h=0x4a0507fe) returned 0x85000f
[0196.278] GdipCreateFromHDC (hdc=0x8f0107ae, graphics=0xd7e268) returned 0x0
[0196.278] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.283] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0196.284] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0196.284] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0196.284] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0196.284] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0196.284] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0196.284] LocalFree (hMem=0x11eea28) returned 0x0
[0196.284] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0196.284] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0196.284] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0196.284] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0196.284] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0196.284] GdipRestoreGraphics (graphics=0x6600030, state=0xfafa0dbd) returned 0x0
[0196.284] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0196.284] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0196.284] GetCurrentObject (hdc=0x8f0107ae, type=0x1) returned 0xb00017
[0196.284] GetCurrentObject (hdc=0x8f0107ae, type=0x2) returned 0x900010
[0196.284] GetCurrentObject (hdc=0x8f0107ae, type=0x7) returned 0x4a0507fe
[0196.284] GetCurrentObject (hdc=0x8f0107ae, type=0x6) returned 0x8a01c2
[0196.284] SaveDC (hdc=0x8f0107ae) returned 1
[0196.284] GetNearestColor (hdc=0x8f0107ae, color=0xff) returned 0xff
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0x55) returned 0x55
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0x0) returned 0x0
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0x55) returned 0x55
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0x0) returned 0x0
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0x8080ff) returned 0x8080ff
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0x7373e5) returned 0x7373e5
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0xe5) returned 0xe5
[0196.285] GetNearestColor (hdc=0x8f0107ae, color=0x0) returned 0x0
[0196.285] RestoreDC (hdc=0x8f0107ae, nSavedDC=-1) returned 1
[0196.285] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107ae) returned 0x0
[0196.285] IsAppThemed () returned 0x1
[0196.285] GetThemeAppProperties () returned 0x3
[0196.285] GetThemeAppProperties () returned 0x3
[0196.285] IsAppThemed () returned 0x1
[0196.285] GetThemeAppProperties () returned 0x3
[0196.285] GetThemeAppProperties () returned 0x3
[0196.285] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d215ac | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0196.286] IsAppThemed () returned 0x1
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] IsAppThemed () returned 0x1
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] GetFocus () returned 0x1202de
[0196.286] IsAppThemed () returned 0x1
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] IsAppThemed () returned 0x1
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] IsThemePartDefined () returned 0x1
[0196.286] IsAppThemed () returned 0x1
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0196.286] IsAppThemed () returned 0x1
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] GetThemeAppProperties () returned 0x3
[0196.286] IsAppThemed () returned 0x1
[0196.287] GetThemeAppProperties () returned 0x3
[0196.287] GetThemeAppProperties () returned 0x3
[0196.287] IsThemePartDefined () returned 0x1
[0196.287] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0196.287] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.287] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0196.287] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0196.287] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0196.287] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0196.287] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0196.287] LocalFree (hMem=0x11ee788) returned 0x0
[0196.287] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0196.287] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0196.287] LocalFree (hMem=0x11eead0) returned 0x0
[0196.287] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0196.287] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0196.287] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0196.287] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0196.287] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.287] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0196.287] GetCurrentObject (hdc=0x8f0107ae, type=0x1) returned 0xb00017
[0196.287] GetCurrentObject (hdc=0x8f0107ae, type=0x2) returned 0x900010
[0196.288] GetCurrentObject (hdc=0x8f0107ae, type=0x7) returned 0x4a0507fe
[0196.288] GetCurrentObject (hdc=0x8f0107ae, type=0x6) returned 0x8a01c2
[0196.288] SaveDC (hdc=0x8f0107ae) returned 1
[0196.288] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd3040807
[0196.288] GetClipRgn (hdc=0x8f0107ae, hrgn=0xd3040807) returned 0
[0196.288] SelectClipRgn (hdc=0x8f0107ae, hrgn=0x650407de) returned 2
[0196.288] DeleteObject (ho=0xd3040807) returned 1
[0196.288] DeleteObject (ho=0x650407de) returned 1
[0196.288] OffsetViewportOrgEx (in: hdc=0x8f0107ae, x=0, y=0, lppt=0x2d21c5c | out: lppt=0x2d21c5c) returned 1
[0196.288] DrawThemeParentBackground () returned 0x0
[0196.288] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0196.288] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0196.288] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0196.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.288] GetSystemMetrics (nIndex=42) returned 0
[0196.288] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0196.289] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0196.289] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0196.289] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0196.289] SelectPalette (hdc=0x8f0107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.289] GdipCreateFromHDC (hdc=0x8f0107ae, graphics=0xd7dac8) returned 0x0
[0196.289] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0196.289] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0196.289] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638ab8) returned 0x0
[0196.289] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7daa0) returned 0x0
[0196.289] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0196.289] GdipCreateRegion (region=0xd7da88) returned 0x0
[0196.289] GdipGetClip (graphics=0x664dac8, region=0x6646568) returned 0x0
[0196.289] GdipIsInfiniteRegion (region=0x6646568, graphics=0x664dac8, result=0xd7da94) returned 0x0
[0196.289] GdipDeleteRegion (region=0x6646568) returned 0x0
[0196.289] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dac0) returned 0x0
[0196.289] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0196.299] GdipFillRectangleI (graphics=0x664dac8, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0196.299] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0196.301] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0196.301] SelectPalette (hdc=0x8f0107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.301] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0196.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.301] GetSystemMetrics (nIndex=42) returned 0
[0196.301] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.301] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0196.301] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0196.301] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0196.301] SelectPalette (hdc=0x8f0107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.301] GdipCreateFromHDC (hdc=0x8f0107ae, graphics=0xd7da68) returned 0x0
[0196.301] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0196.301] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0196.302] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638c98) returned 0x0
[0196.302] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7da40) returned 0x0
[0196.302] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0196.302] GdipCreateRegion (region=0xd7da28) returned 0x0
[0196.302] GdipGetClip (graphics=0x664dac8, region=0x6646dd8) returned 0x0
[0196.302] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x664dac8, result=0xd7da34) returned 0x0
[0196.302] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0196.302] GdipSaveGraphics (graphics=0x664dac8, state=0xd7da60) returned 0x0
[0196.302] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0196.315] GdipFillRectangleI (graphics=0x664dac8, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0196.315] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0196.317] GdipRestoreGraphics (graphics=0x664dac8, state=0xfaf60dbd) returned 0x0
[0196.317] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0196.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.317] GetSystemMetrics (nIndex=42) returned 0
[0196.317] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0196.317] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0196.318] SelectPalette (hdc=0x8f0107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.318] RestoreDC (hdc=0x8f0107ae, nSavedDC=-1) returned 1
[0196.318] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107ae) returned 0x0
[0196.318] IsAppThemed () returned 0x1
[0196.318] GetThemeAppProperties () returned 0x3
[0196.318] GetThemeAppProperties () returned 0x3
[0196.318] IsAppThemed () returned 0x1
[0196.318] GetThemeAppProperties () returned 0x3
[0196.318] GetThemeAppProperties () returned 0x3
[0196.318] IsThemePartDefined () returned 0x1
[0196.318] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0196.319] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0196.319] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0196.319] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0196.319] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df74) returned 0x0
[0196.319] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.319] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0196.319] LocalFree (hMem=0x11eec58) returned 0x0
[0196.319] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0196.319] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0196.319] LocalFree (hMem=0x11ee868) returned 0x0
[0196.319] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0196.319] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0196.319] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0196.319] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0196.320] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0196.320] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0196.320] GetCurrentObject (hdc=0x8f0107ae, type=0x1) returned 0xb00017
[0196.320] GetCurrentObject (hdc=0x8f0107ae, type=0x2) returned 0x900010
[0196.320] GetCurrentObject (hdc=0x8f0107ae, type=0x7) returned 0x4a0507fe
[0196.320] GetCurrentObject (hdc=0x8f0107ae, type=0x6) returned 0x8a01c2
[0196.320] SaveDC (hdc=0x8f0107ae) returned 1
[0196.320] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x660407de
[0196.320] GetClipRgn (hdc=0x8f0107ae, hrgn=0x660407de) returned 0
[0196.320] SelectClipRgn (hdc=0x8f0107ae, hrgn=0xd5040807) returned 2
[0196.320] DeleteObject (ho=0x660407de) returned 1
[0196.320] DeleteObject (ho=0xd5040807) returned 1
[0196.321] OffsetViewportOrgEx (in: hdc=0x8f0107ae, x=0, y=0, lppt=0x2d284ac | out: lppt=0x2d284ac) returned 1
[0196.321] IsAppThemed () returned 0x1
[0196.321] GetThemeAppProperties () returned 0x3
[0196.321] GetThemeAppProperties () returned 0x3
[0196.321] DrawThemeBackground () returned 0x0
[0196.321] RestoreDC (hdc=0x8f0107ae, nSavedDC=-1) returned 1
[0196.321] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107ae) returned 0x0
[0196.321] GdipCreateRegion (region=0xd7df60) returned 0x0
[0196.321] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.321] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0196.321] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0196.321] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0196.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0196.321] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0196.321] LocalFree (hMem=0x11eed00) returned 0x0
[0196.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0196.322] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0196.322] LocalFree (hMem=0x11ee868) returned 0x0
[0196.322] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0196.322] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0196.322] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0196.322] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0196.322] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.322] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0196.322] GetCurrentObject (hdc=0x8f0107ae, type=0x1) returned 0xb00017
[0196.322] GetCurrentObject (hdc=0x8f0107ae, type=0x2) returned 0x900010
[0196.322] GetCurrentObject (hdc=0x8f0107ae, type=0x7) returned 0x4a0507fe
[0196.322] GetCurrentObject (hdc=0x8f0107ae, type=0x6) returned 0x8a01c2
[0196.322] SaveDC (hdc=0x8f0107ae) returned 1
[0196.322] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd6040807
[0196.323] GetClipRgn (hdc=0x8f0107ae, hrgn=0xd6040807) returned 0
[0196.323] SelectClipRgn (hdc=0x8f0107ae, hrgn=0x670407de) returned 2
[0196.323] DeleteObject (ho=0xd6040807) returned 1
[0196.323] DeleteObject (ho=0x670407de) returned 1
[0196.323] OffsetViewportOrgEx (in: hdc=0x8f0107ae, x=0, y=0, lppt=0x2d28780 | out: lppt=0x2d28780) returned 1
[0196.323] IsAppThemed () returned 0x1
[0196.323] GetThemeAppProperties () returned 0x3
[0196.323] GetThemeAppProperties () returned 0x3
[0196.323] GetThemeBackgroundContentRect () returned 0x0
[0196.323] RestoreDC (hdc=0x8f0107ae, nSavedDC=-1) returned 1
[0196.323] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107ae) returned 0x0
[0196.323] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0196.323] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0196.323] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0196.323] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0196.324] IsAppThemed () returned 0x1
[0196.324] GetThemeAppProperties () returned 0x3
[0196.324] GetThemeAppProperties () returned 0x3
[0196.324] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0196.324] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0196.324] GetCurrentObject (hdc=0x8f0107ae, type=0x1) returned 0xb00017
[0196.324] GetCurrentObject (hdc=0x8f0107ae, type=0x2) returned 0x900010
[0196.324] GetCurrentObject (hdc=0x8f0107ae, type=0x7) returned 0x4a0507fe
[0196.324] GetCurrentObject (hdc=0x8f0107ae, type=0x6) returned 0x8a01c2
[0196.324] SaveDC (hdc=0x8f0107ae) returned 1
[0196.324] GetTextAlign (hdc=0x8f0107ae) returned 0x0
[0196.324] GetTextColor (hdc=0x8f0107ae) returned 0x0
[0196.324] GetCurrentObject (hdc=0x8f0107ae, type=0x6) returned 0x8a01c2
[0196.324] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0196.325] SelectObject (hdc=0x8f0107ae, h=0x6d0a0520) returned 0x8a01c2
[0196.325] GetBkMode (hdc=0x8f0107ae) returned 2
[0196.325] SetBkMode (hdc=0x8f0107ae, mode=1) returned 2
[0196.325] DrawTextExW (in: hdc=0x8f0107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d28b44 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0196.330] DrawTextExW (in: hdc=0x8f0107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d28b44 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0196.331] RestoreDC (hdc=0x8f0107ae, nSavedDC=-1) returned 1
[0196.331] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107ae) returned 0x0
[0196.331] GetFocus () returned 0x1202de
[0196.331] IsAppThemed () returned 0x1
[0196.331] GetThemeAppProperties () returned 0x3
[0196.331] GetThemeAppProperties () returned 0x3
[0196.331] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0196.331] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x8f0107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.331] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107ae) returned 0x0
[0196.331] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.332] SelectObject (hdc=0x8f0107ae, h=0x85000f) returned 0x4a0507fe
[0196.332] DeleteDC (hdc=0x8f0107ae) returned 1
[0196.332] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.332] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0196.332] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.332] IsWindowUnicode (hWnd=0x802ce) returned 1
[0196.332] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.332] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.332] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.333] IsWindowUnicode (hWnd=0x802ce) returned 1
[0196.333] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.333] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.333] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x2a1, wParam=0x0, lParam=0xe001a) returned 0x0
[0196.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.333] WaitMessage () returned 1
[0196.366] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.366] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.366] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.366] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.366] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.367] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.367] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.367] WaitMessage () returned 1
[0196.368] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.368] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.368] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.368] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.368] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.369] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.369] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.369] WaitMessage () returned 1
[0196.370] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.370] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.370] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.370] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.370] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.371] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.371] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.371] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.371] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.371] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.372] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.372] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.372] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.372] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.372] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.377] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.377] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.378] WaitMessage () returned 1
[0196.381] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.381] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.381] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.381] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.381] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.382] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.382] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.382] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.382] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.382] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.383] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.383] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.383] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.383] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.383] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.383] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.383] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.383] WaitMessage () returned 1
[0196.384] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.384] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.384] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.384] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.384] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.385] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.385] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.385] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.385] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.385] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.385] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.386] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.386] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.386] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.386] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.386] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.386] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.386] WaitMessage () returned 1
[0196.386] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.387] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.387] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.401] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.401] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.403] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.403] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.403] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.403] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.403] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.404] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.404] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.404] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.404] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.404] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.404] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.405] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0196.405] WaitMessage () returned 1
[0196.414] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.414] IsWindowUnicode (hWnd=0x802ce) returned 1
[0196.414] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.415] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.415] GetDlgItem (hDlg=0x14013e, nIDDlgItem=0) returned 0x0
[0196.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x210, wParam=0x201, lParam=0x6c00fb) returned 0x0
[0196.415] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x21, wParam=0x14013e, lParam=0x2010001) returned 0x1
[0196.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x21, wParam=0x14013e, lParam=0x2010001) returned 0x1
[0196.415] SetCursor (hCursor=0x10003) returned 0x10003
[0196.415] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.415] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.415] GetKeyState (nVirtKey=1) returned -127
[0196.416] GetKeyState (nVirtKey=2) returned 0
[0196.416] GetKeyState (nVirtKey=4) returned 0
[0196.416] GetKeyState (nVirtKey=5) returned 0
[0196.416] GetKeyState (nVirtKey=6) returned 0
[0196.416] IsWindowVisible (hWnd=0x802ce) returned 1
[0196.416] IsWindowEnabled (hWnd=0x802ce) returned 1
[0196.416] SetFocus (hWnd=0x802ce) returned 0x1202de
[0196.416] GetFocus () returned 0x802ce
[0196.416] IsChild (hWndParent=0x14013e, hWnd=0x802ce) returned 1
[0196.417] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x8, wParam=0x802ce, lParam=0x0) returned 0x0
[0196.417] GetCapture () returned 0x0
[0196.417] InvalidateRect (hWnd=0x1202de, lpRect=0x0, bErase=0) returned 1
[0196.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0196.422] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0196.424] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0196.424] InvalidateRect (hWnd=0x1202de, lpRect=0x0, bErase=0) returned 1
[0196.424] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.424] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x7, wParam=0x1202de, lParam=0x0) returned 0x0
[0196.424] GetStockObject (i=5) returned 0x900015
[0196.425] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0196.425] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0xd, wParam=0xa, lParam=0x11f57a0) returned 0x9
[0196.425] GetDlgItem (hDlg=0x14013e, nIDDlgItem=525006) returned 0x802ce
[0196.425] SendMessageW (hWnd=0x802ce, Msg=0x202b, wParam=0x802ce, lParam=0xd7dddc) returned 0x0
[0196.425] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x202b, wParam=0x802ce, lParam=0xd7dddc) returned 0x0
[0196.425] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.427] GetFocus () returned 0x802ce
[0196.427] GetFocus () returned 0x802ce
[0196.427] GetFocus () returned 0x802ce
[0196.427] GetKeyState (nVirtKey=1) returned -127
[0196.427] GetKeyState (nVirtKey=2) returned 0
[0196.427] GetKeyState (nVirtKey=4) returned 0
[0196.427] GetKeyState (nVirtKey=5) returned 0
[0196.427] GetKeyState (nVirtKey=6) returned 0
[0196.427] GetCapture () returned 0x0
[0196.427] SetCapture (hWnd=0x802ce) returned 0x0
[0196.427] GetKeyState (nVirtKey=1) returned -127
[0196.427] GetKeyState (nVirtKey=2) returned 0
[0196.427] GetKeyState (nVirtKey=4) returned 0
[0196.427] GetKeyState (nVirtKey=5) returned 0
[0196.427] GetKeyState (nVirtKey=6) returned 0
[0196.428] NotifyWinEvent (event=0x800a, hwnd=0x802ce, idObject=-4, idChild=0)
[0196.428] InvalidateRect (hWnd=0x802ce, lpRect=0xd7e430, bErase=0) returned 1
[0196.428] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.428] IsWindowUnicode (hWnd=0x802ce) returned 1
[0196.428] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.428] TranslateMessage (lpMsg=0xd7e808) returned 0
[0196.428] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0196.428] MapWindowPoints (in: hWndFrom=0x802ce, hWndTo=0x0, lpPoints=0x2d28e30, cPoints=0x1 | out: lpPoints=0x2d28e30) returned 30999254
[0196.428] NotifyWinEvent (event=0x800a, hwnd=0x802ce, idObject=-4, idChild=0)
[0196.428] InvalidateRect (hWnd=0x802ce, lpRect=0xd7e3d0, bErase=0) returned 1
[0196.428] UpdateWindow (hWnd=0x802ce) returned 1
[0196.428] BeginPaint (in: hWnd=0x802ce, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0196.428] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.429] CreateCompatibleDC (hdc=0x10105d6) returned 0x2e010803
[0196.429] SelectObject (hdc=0x2e010803, h=0x4a0507fe) returned 0x85000f
[0196.429] GdipCreateFromHDC (hdc=0x2e010803, graphics=0xd7df00) returned 0x0
[0196.429] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.429] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0196.429] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0196.429] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0196.429] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df60) returned 0x0
[0196.429] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0196.429] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0196.429] LocalFree (hMem=0x11eec58) returned 0x0
[0196.429] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0196.430] GdipCreateRegion (region=0xd7df48) returned 0x0
[0196.430] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.430] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0196.430] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0196.430] GdipRestoreGraphics (graphics=0x6600030, state=0xfaf40dbd) returned 0x0
[0196.430] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.430] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0196.430] GetCurrentObject (hdc=0x2e010803, type=0x1) returned 0xb00017
[0196.430] GetCurrentObject (hdc=0x2e010803, type=0x2) returned 0x900010
[0196.430] GetCurrentObject (hdc=0x2e010803, type=0x7) returned 0x4a0507fe
[0196.430] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.430] SaveDC (hdc=0x2e010803) returned 1
[0196.430] GetNearestColor (hdc=0x2e010803, color=0xf0f0f0) returned 0xf0f0f0
[0196.430] GetNearestColor (hdc=0x2e010803, color=0xa0a0a0) returned 0xa0a0a0
[0196.431] GetNearestColor (hdc=0x2e010803, color=0x696969) returned 0x696969
[0196.431] GetNearestColor (hdc=0x2e010803, color=0xa0a0a0) returned 0xa0a0a0
[0196.431] GetNearestColor (hdc=0x2e010803, color=0x0) returned 0x0
[0196.431] GetNearestColor (hdc=0x2e010803, color=0xffffff) returned 0xffffff
[0196.431] GetNearestColor (hdc=0x2e010803, color=0xe5e5e5) returned 0xe5e5e5
[0196.431] GetNearestColor (hdc=0x2e010803, color=0xd7d7d7) returned 0xd7d7d7
[0196.431] GetNearestColor (hdc=0x2e010803, color=0x0) returned 0x0
[0196.431] RestoreDC (hdc=0x2e010803, nSavedDC=-1) returned 1
[0196.431] GdipReleaseDC (graphics=0x6600030, hdc=0x2e010803) returned 0x0
[0196.431] IsAppThemed () returned 0x1
[0196.431] GetThemeAppProperties () returned 0x3
[0196.431] GetThemeAppProperties () returned 0x3
[0196.431] IsAppThemed () returned 0x1
[0196.431] GetThemeAppProperties () returned 0x3
[0196.431] GetThemeAppProperties () returned 0x3
[0196.432] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d29588 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0196.432] IsAppThemed () returned 0x1
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] IsAppThemed () returned 0x1
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] IsAppThemed () returned 0x1
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] IsAppThemed () returned 0x1
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] GetThemeAppProperties () returned 0x3
[0196.432] IsThemePartDefined () returned 0x1
[0196.432] IsAppThemed () returned 0x1
[0196.433] GetThemeAppProperties () returned 0x3
[0196.433] GetThemeAppProperties () returned 0x3
[0196.433] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0196.433] IsAppThemed () returned 0x1
[0196.433] GetThemeAppProperties () returned 0x3
[0196.433] GetThemeAppProperties () returned 0x3
[0196.433] IsAppThemed () returned 0x1
[0196.433] GetThemeAppProperties () returned 0x3
[0196.433] GetThemeAppProperties () returned 0x3
[0196.433] IsThemePartDefined () returned 0x1
[0196.433] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0196.433] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.433] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0196.433] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0196.433] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc7c) returned 0x0
[0196.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0196.433] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0196.433] LocalFree (hMem=0x11ee9f0) returned 0x0
[0196.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0196.434] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0196.434] LocalFree (hMem=0x11ee868) returned 0x0
[0196.434] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0196.434] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0196.434] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0196.434] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0196.434] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.434] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0196.434] GetCurrentObject (hdc=0x2e010803, type=0x1) returned 0xb00017
[0196.434] GetCurrentObject (hdc=0x2e010803, type=0x2) returned 0x900010
[0196.434] GetCurrentObject (hdc=0x2e010803, type=0x7) returned 0x4a0507fe
[0196.437] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.437] SaveDC (hdc=0x2e010803) returned 1
[0196.437] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x680407de
[0196.437] GetClipRgn (hdc=0x2e010803, hrgn=0x680407de) returned 0
[0196.437] SelectClipRgn (hdc=0x2e010803, hrgn=0xda040807) returned 2
[0196.437] DeleteObject (ho=0x680407de) returned 1
[0196.437] DeleteObject (ho=0xda040807) returned 1
[0196.437] OffsetViewportOrgEx (in: hdc=0x2e010803, x=0, y=0, lppt=0x2d29c38 | out: lppt=0x2d29c38) returned 1
[0196.437] DrawThemeParentBackground () returned 0x0
[0196.437] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0196.438] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0196.438] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.438] GetSystemMetrics (nIndex=42) returned 0
[0196.438] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0196.438] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0196.438] GetCurrentObject (hdc=0x2e010803, type=0x1) returned 0xb00017
[0196.438] GetCurrentObject (hdc=0x2e010803, type=0x2) returned 0x900010
[0196.438] GetCurrentObject (hdc=0x2e010803, type=0x7) returned 0x4a0507fe
[0196.438] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.438] SaveDC (hdc=0x2e010803) returned 2
[0196.438] GetNearestColor (hdc=0x2e010803, color=0xf0f0f0) returned 0xf0f0f0
[0196.438] CreateSolidBrush (color=0xf0f0f0) returned 0xe21007e1
[0196.438] FillRect (hDC=0x2e010803, lprc=0xd7d6c8, hbr=0xe21007e1) returned 1
[0196.438] DeleteObject (ho=0xe21007e1) returned 1
[0196.438] RestoreDC (hdc=0x2e010803, nSavedDC=-1) returned 1
[0196.439] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.439] GetSystemMetrics (nIndex=42) returned 0
[0196.439] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0196.439] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0196.439] GetCurrentObject (hdc=0x2e010803, type=0x1) returned 0xb00017
[0196.439] GetCurrentObject (hdc=0x2e010803, type=0x2) returned 0x900010
[0196.439] GetCurrentObject (hdc=0x2e010803, type=0x7) returned 0x4a0507fe
[0196.439] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.439] SaveDC (hdc=0x2e010803) returned 2
[0196.439] GetNearestColor (hdc=0x2e010803, color=0xf0f0f0) returned 0xf0f0f0
[0196.439] CreateSolidBrush (color=0xf0f0f0) returned 0xe31007e1
[0196.439] FillRect (hDC=0x2e010803, lprc=0xd7d668, hbr=0xe31007e1) returned 1
[0196.439] DeleteObject (ho=0xe31007e1) returned 1
[0196.439] RestoreDC (hdc=0x2e010803, nSavedDC=-1) returned 1
[0196.440] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.440] GetSystemMetrics (nIndex=42) returned 0
[0196.440] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0196.440] RestoreDC (hdc=0x2e010803, nSavedDC=-1) returned 1
[0196.440] GdipReleaseDC (graphics=0x6600030, hdc=0x2e010803) returned 0x0
[0196.440] IsAppThemed () returned 0x1
[0196.440] GetThemeAppProperties () returned 0x3
[0196.440] GetThemeAppProperties () returned 0x3
[0196.440] IsAppThemed () returned 0x1
[0196.440] GetThemeAppProperties () returned 0x3
[0196.440] GetThemeAppProperties () returned 0x3
[0196.440] IsThemePartDefined () returned 0x1
[0196.440] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0196.440] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.441] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0196.441] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0196.441] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0196.441] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0196.441] LocalFree (hMem=0x11ee788) returned 0x0
[0196.441] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0196.441] LocalFree (hMem=0x11ee910) returned 0x0
[0196.441] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0196.441] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0196.441] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0196.441] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0196.441] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.441] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0196.441] GetCurrentObject (hdc=0x2e010803, type=0x1) returned 0xb00017
[0196.441] GetCurrentObject (hdc=0x2e010803, type=0x2) returned 0x900010
[0196.441] GetCurrentObject (hdc=0x2e010803, type=0x7) returned 0x4a0507fe
[0196.442] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.442] SaveDC (hdc=0x2e010803) returned 1
[0196.442] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdb040807
[0196.442] GetClipRgn (hdc=0x2e010803, hrgn=0xdb040807) returned 0
[0196.442] SelectClipRgn (hdc=0x2e010803, hrgn=0x6a0407de) returned 2
[0196.442] DeleteObject (ho=0xdb040807) returned 1
[0196.442] DeleteObject (ho=0x6a0407de) returned 1
[0196.442] OffsetViewportOrgEx (in: hdc=0x2e010803, x=0, y=0, lppt=0x2d2a4e4 | out: lppt=0x2d2a4e4) returned 1
[0196.442] IsAppThemed () returned 0x1
[0196.442] GetThemeAppProperties () returned 0x3
[0196.442] GetThemeAppProperties () returned 0x3
[0196.442] DrawThemeBackground () returned 0x0
[0196.442] RestoreDC (hdc=0x2e010803, nSavedDC=-1) returned 1
[0196.442] GdipReleaseDC (graphics=0x6600030, hdc=0x2e010803) returned 0x0
[0196.443] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0196.443] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0196.443] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0196.443] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0196.443] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc04) returned 0x0
[0196.443] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0196.443] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0196.443] LocalFree (hMem=0x11ee788) returned 0x0
[0196.443] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0196.443] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eead0) returned 0x0
[0196.443] LocalFree (hMem=0x11eead0) returned 0x0
[0196.443] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0196.443] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0196.443] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0196.443] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0196.444] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0196.444] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0196.444] GetCurrentObject (hdc=0x2e010803, type=0x1) returned 0xb00017
[0196.444] GetCurrentObject (hdc=0x2e010803, type=0x2) returned 0x900010
[0196.444] GetCurrentObject (hdc=0x2e010803, type=0x7) returned 0x4a0507fe
[0196.444] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.444] SaveDC (hdc=0x2e010803) returned 1
[0196.444] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b0407de
[0196.444] GetClipRgn (hdc=0x2e010803, hrgn=0x6b0407de) returned 0
[0196.444] SelectClipRgn (hdc=0x2e010803, hrgn=0xdc040807) returned 2
[0196.444] DeleteObject (ho=0x6b0407de) returned 1
[0196.444] DeleteObject (ho=0xdc040807) returned 1
[0196.444] OffsetViewportOrgEx (in: hdc=0x2e010803, x=0, y=0, lppt=0x2d2a7b8 | out: lppt=0x2d2a7b8) returned 1
[0196.444] IsAppThemed () returned 0x1
[0196.444] GetThemeAppProperties () returned 0x3
[0196.445] GetThemeAppProperties () returned 0x3
[0196.445] GetThemeBackgroundContentRect () returned 0x0
[0196.445] RestoreDC (hdc=0x2e010803, nSavedDC=-1) returned 1
[0196.445] GdipReleaseDC (graphics=0x6600030, hdc=0x2e010803) returned 0x0
[0196.445] IsAppThemed () returned 0x1
[0196.445] GetThemeAppProperties () returned 0x3
[0196.445] GetThemeAppProperties () returned 0x3
[0196.445] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0196.445] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0196.445] GetCurrentObject (hdc=0x2e010803, type=0x1) returned 0xb00017
[0196.445] GetCurrentObject (hdc=0x2e010803, type=0x2) returned 0x900010
[0196.445] GetCurrentObject (hdc=0x2e010803, type=0x7) returned 0x4a0507fe
[0196.445] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.445] SaveDC (hdc=0x2e010803) returned 1
[0196.445] GetTextAlign (hdc=0x2e010803) returned 0x0
[0196.445] GetTextColor (hdc=0x2e010803) returned 0x0
[0196.446] GetCurrentObject (hdc=0x2e010803, type=0x6) returned 0x8a01c2
[0196.446] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0196.446] SelectObject (hdc=0x2e010803, h=0x6d0a0520) returned 0x8a01c2
[0196.446] GetBkMode (hdc=0x2e010803) returned 2
[0196.446] SetBkMode (hdc=0x2e010803, mode=1) returned 2
[0196.446] DrawTextExW (in: hdc=0x2e010803, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d2ab58 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0196.446] DrawTextExW (in: hdc=0x2e010803, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d2ab58 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0196.447] RestoreDC (hdc=0x2e010803, nSavedDC=-1) returned 1
[0196.447] GdipReleaseDC (graphics=0x6600030, hdc=0x2e010803) returned 0x0
[0196.447] GetFocus () returned 0x802ce
[0196.447] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0196.447] SendMessageW (hWnd=0x14013e, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0196.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0196.447] IsAppThemed () returned 0x1
[0196.447] GetThemeAppProperties () returned 0x3
[0196.447] GetThemeAppProperties () returned 0x3
[0196.447] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0196.447] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x2e010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.447] GdipReleaseDC (graphics=0x6600030, hdc=0x2e010803) returned 0x0
[0196.448] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.448] SelectObject (hdc=0x2e010803, h=0x85000f) returned 0x4a0507fe
[0196.448] DeleteDC (hdc=0x2e010803) returned 1
[0196.448] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.448] EndPaint (hWnd=0x802ce, lpPaint=0xd7dee4) returned 1
[0196.448] MapWindowPoints (in: hWndFrom=0x802ce, hWndTo=0x0, lpPoints=0x2d2ac54, cPoints=0x1 | out: lpPoints=0x2d2ac54) returned 30999254
[0196.448] WindowFromPoint (Point=0x2f0) returned 0x802ce
[0196.448] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.448] NotifyWinEvent (event=0x800a, hwnd=0x802ce, idObject=-4, idChild=0)
[0196.448] NotifyWinEvent (event=0x800c, hwnd=0x802ce, idObject=-4, idChild=0)
[0196.448] GetCapture () returned 0x802ce
[0196.449] ReleaseCapture () returned 1
[0196.449] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0196.449] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0196.449] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.449] IsWindow (hWnd=0x7005c) returned 1
[0196.449] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0196.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0196.453] IsWindow (hWnd=0x14013e) returned 1
[0196.453] SetActiveWindow (hWnd=0x14013e) returned 0x14013e
[0196.453] IsWindow (hWnd=0x14013e) returned 1
[0196.453] SetFocus (hWnd=0x14013e) returned 0x802ce
[0196.454] GetFocus () returned 0x14013e
[0196.454] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x8, wParam=0x14013e, lParam=0x0) returned 0x0
[0196.454] GetCapture () returned 0x0
[0196.454] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0196.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0196.458] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0196.458] GetFocus () returned 0x14013e
[0196.458] SetFocus (hWnd=0x802ce) returned 0x14013e
[0196.459] GetFocus () returned 0x802ce
[0196.459] IsChild (hWndParent=0x14013e, hWnd=0x802ce) returned 1
[0196.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x8, wParam=0x802ce, lParam=0x0) returned 0x0
[0196.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0196.461] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0196.463] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0196.463] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x7, wParam=0x14013e, lParam=0x0) returned 0x0
[0196.463] GetStockObject (i=5) returned 0x900015
[0196.463] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0196.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0196.464] GetDlgItem (hDlg=0x14013e, nIDDlgItem=525006) returned 0x802ce
[0196.464] SendMessageW (hWnd=0x802ce, Msg=0x202b, wParam=0x802ce, lParam=0xd7ddcc) returned 0x0
[0196.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x202b, wParam=0x802ce, lParam=0xd7ddcc) returned 0x0
[0196.464] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.470] GetWindowLongW (hWnd=0x14013e, nIndex=-8) returned 458844
[0196.470] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0196.470] GetCurrentThreadId () returned 0xf50
[0196.470] IsWindow (hWnd=0x7005c) returned 1
[0196.470] IsWindow (hWnd=0x7005c) returned 1
[0196.470] IsWindowVisible (hWnd=0x7005c) returned 1
[0196.470] SetActiveWindow (hWnd=0x7005c) returned 0x14013e
[0196.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0196.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0196.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0196.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0196.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0196.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0196.474] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0196.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0196.474] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0196.474] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0196.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0196.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0196.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0196.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x14013e) returned 0x1
[0196.478] GetFocus () returned 0x802ce
[0196.478] SetFocus (hWnd=0x602c4) returned 0x802ce
[0196.479] GetFocus () returned 0x602c4
[0196.479] IsChild (hWndParent=0x14013e, hWnd=0x602c4) returned 0
[0196.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0196.479] GetCapture () returned 0x0
[0196.479] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0196.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0196.489] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0196.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0196.489] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0196.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0196.490] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0196.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x802ce, lParam=0x0) returned 0x0
[0196.490] GetStockObject (i=5) returned 0x900015
[0196.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0196.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed850) returned 0xc
[0196.490] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0196.490] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0196.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0196.491] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0196.495] GetFocus () returned 0x602c4
[0196.495] IsChild (hWndParent=0x14013e, hWnd=0x602c4) returned 0
[0196.495] ShowWindow (hWnd=0x14013e, nCmdShow=0) returned 1
[0196.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0196.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0196.517] GetWindowPlacement (in: hWnd=0x14013e, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0196.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0196.517] GetClientRect (in: hWnd=0x14013e, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0196.517] GetWindowRect (in: hWnd=0x14013e, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0196.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0196.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0196.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0196.518] GetWindowLongW (hWnd=0x14013e, nIndex=-20) returned 327945
[0196.518] DestroyWindow (hWnd=0x14013e) returned 1
[0196.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0196.519] GetWindowTextLengthW (hWnd=0x14013e) returned 13
[0196.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.519] GetSystemMetrics (nIndex=42) returned 0
[0196.519] GetWindowTextW (in: hWnd=0x14013e, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0196.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0196.519] GetWindowTextLengthW (hWnd=0x1202dc) returned 0
[0196.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0196.519] GetSystemMetrics (nIndex=42) returned 0
[0196.520] GetWindowTextW (in: hWnd=0x1202dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0196.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0196.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0196.520] GetWindowThreadProcessId (in: hWnd=0x1202da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0196.520] GetWindow (hWnd=0x1202da, uCmd=0x5) returned 0x0
[0196.520] GetWindowLongW (hWnd=0x1202da, nIndex=-20) returned 65792
[0196.520] DestroyWindow (hWnd=0x1202da) returned 1
[0196.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0196.520] GetWindowTextLengthW (hWnd=0x1202da) returned 25
[0196.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0196.520] GetSystemMetrics (nIndex=42) returned 0
[0196.520] GetWindowTextW (in: hWnd=0x1202da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0196.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0196.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0196.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.522] GetWindowTextLengthW (hWnd=0x1402d8) returned 232
[0196.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0196.522] GetSystemMetrics (nIndex=42) returned 0
[0196.522] GetWindowTextW (in: hWnd=0x1402d8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0196.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0196.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0196.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0196.522] InvalidateRect (hWnd=0x802ce, lpRect=0x0, bErase=0) returned 1
[0196.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0196.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0196.522] SendMessageW (hWnd=0x702d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0196.522] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0196.523] SendMessageW (hWnd=0x702d0, Msg=0xb0, wParam=0x2cf35f4, lParam=0xd7e480) returned 0x0
[0196.523] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0xb0, wParam=0x2cf35f4, lParam=0xd7e480) returned 0x0
[0196.523] GetWindowTextLengthW (hWnd=0x702d0) returned 4363
[0196.523] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0196.523] GetSystemMetrics (nIndex=42) returned 0
[0196.523] CoTaskMemAlloc (cb=0x221c) returned 0x12072c0
[0196.523] GetWindowTextW (in: hWnd=0x702d0, lpString=0x12072c0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0196.523] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0xd, wParam=0x110c, lParam=0x12072c0) returned 0x110b
[0196.523] CoTaskMemFree (pv=0x12072c0)
[0196.523] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0196.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.525] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1202de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x802ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1500ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.534] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x702d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x14013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0196.536] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.537] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.537] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.537] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.537] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.537] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.537] IsWindowUnicode (hWnd=0x7005c) returned 1
[0196.537] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.537] SetCursor (hCursor=0x10003) returned 0x10003
[0196.538] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.538] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.538] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0196.538] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0196.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0196.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1120232) returned 0x0
[0196.538] GetKeyState (nVirtKey=1) returned 1
[0196.538] GetKeyState (nVirtKey=2) returned 0
[0196.538] GetKeyState (nVirtKey=4) returned 0
[0196.538] GetKeyState (nVirtKey=5) returned 0
[0196.538] GetKeyState (nVirtKey=6) returned 0
[0196.538] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.538] IsWindowUnicode (hWnd=0x7005c) returned 1
[0196.538] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.539] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.539] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.539] IsWindowUnicode (hWnd=0x7005c) returned 1
[0196.539] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e702f0) returned 0x1
[0196.539] SetCursor (hCursor=0x10003) returned 0x10003
[0196.539] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1120232) returned 0x0
[0196.539] GetKeyState (nVirtKey=1) returned 1
[0196.539] GetKeyState (nVirtKey=2) returned 0
[0196.539] GetKeyState (nVirtKey=4) returned 0
[0196.539] GetKeyState (nVirtKey=5) returned 0
[0196.539] GetKeyState (nVirtKey=6) returned 0
[0196.539] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.540] IsWindowUnicode (hWnd=0x602c4) returned 1
[0196.540] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.540] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.540] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.540] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.541] IsWindowUnicode (hWnd=0x602c4) returned 1
[0196.541] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.541] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.541] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.541] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0196.541] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.541] CreateCompatibleDC (hdc=0x10105d6) returned 0x80107f3
[0196.541] SelectObject (hdc=0x80107f3, h=0x4a0507fe) returned 0x85000f
[0196.541] GdipCreateFromHDC (hdc=0x80107f3, graphics=0xd7e798) returned 0x0
[0196.541] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0196.541] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0196.541] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0196.542] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0196.542] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e7f8) returned 0x0
[0196.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0196.542] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0196.542] LocalFree (hMem=0x11ee868) returned 0x0
[0196.542] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0196.542] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0196.542] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0196.542] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0196.542] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0196.542] GdipRestoreGraphics (graphics=0x6600030, state=0xfaf20dbd) returned 0x0
[0196.542] GdipDeleteRegion (region=0x6646958) returned 0x0
[0196.542] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0196.542] GetCurrentObject (hdc=0x80107f3, type=0x1) returned 0xb00017
[0196.542] GetCurrentObject (hdc=0x80107f3, type=0x2) returned 0x900010
[0196.542] GetCurrentObject (hdc=0x80107f3, type=0x7) returned 0x4a0507fe
[0196.542] GetCurrentObject (hdc=0x80107f3, type=0x6) returned 0x8a01c2
[0196.542] SaveDC (hdc=0x80107f3) returned 1
[0196.542] GetNearestColor (hdc=0x80107f3, color=0xff) returned 0xff
[0196.543] GetNearestColor (hdc=0x80107f3, color=0x55) returned 0x55
[0196.543] GetNearestColor (hdc=0x80107f3, color=0x0) returned 0x0
[0196.543] GetNearestColor (hdc=0x80107f3, color=0x55) returned 0x55
[0196.543] GetNearestColor (hdc=0x80107f3, color=0x0) returned 0x0
[0196.543] GetNearestColor (hdc=0x80107f3, color=0x8080ff) returned 0x8080ff
[0196.543] GetNearestColor (hdc=0x80107f3, color=0x7373e5) returned 0x7373e5
[0196.543] GetNearestColor (hdc=0x80107f3, color=0xe5) returned 0xe5
[0196.543] GetNearestColor (hdc=0x80107f3, color=0x0) returned 0x0
[0196.543] RestoreDC (hdc=0x80107f3, nSavedDC=-1) returned 1
[0196.543] GdipReleaseDC (graphics=0x6600030, hdc=0x80107f3) returned 0x0
[0196.543] IsAppThemed () returned 0x1
[0196.543] GetThemeAppProperties () returned 0x3
[0196.543] GetThemeAppProperties () returned 0x3
[0196.543] IsAppThemed () returned 0x1
[0196.543] GetThemeAppProperties () returned 0x3
[0196.543] GetThemeAppProperties () returned 0x3
[0196.543] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d329c0 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0196.605] IsAppThemed () returned 0x1
[0196.605] GetThemeAppProperties () returned 0x3
[0196.605] GetThemeAppProperties () returned 0x3
[0196.606] IsAppThemed () returned 0x1
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] GetFocus () returned 0x602c4
[0196.606] IsAppThemed () returned 0x1
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] IsAppThemed () returned 0x1
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] IsThemePartDefined () returned 0x1
[0196.606] IsAppThemed () returned 0x1
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] GetThemeAppProperties () returned 0x3
[0196.606] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0196.606] IsAppThemed () returned 0x1
[0196.607] GetThemeAppProperties () returned 0x3
[0196.607] GetThemeAppProperties () returned 0x3
[0196.607] IsAppThemed () returned 0x1
[0196.607] GetThemeAppProperties () returned 0x3
[0196.607] GetThemeAppProperties () returned 0x3
[0196.607] IsThemePartDefined () returned 0x1
[0196.607] GdipCreateRegion (region=0xd7e508) returned 0x0
[0196.607] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0196.607] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0196.607] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0196.607] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e520) returned 0x0
[0196.607] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0196.607] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0196.607] LocalFree (hMem=0x11ee8d8) returned 0x0
[0196.607] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0196.607] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0196.608] LocalFree (hMem=0x11eecc8) returned 0x0
[0196.608] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0196.608] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0196.608] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0196.608] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0196.608] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.608] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0196.608] GetCurrentObject (hdc=0x80107f3, type=0x1) returned 0xb00017
[0196.608] GetCurrentObject (hdc=0x80107f3, type=0x2) returned 0x900010
[0196.608] GetCurrentObject (hdc=0x80107f3, type=0x7) returned 0x4a0507fe
[0196.608] GetCurrentObject (hdc=0x80107f3, type=0x6) returned 0x8a01c2
[0196.608] SaveDC (hdc=0x80107f3) returned 1
[0196.608] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdd040807
[0196.608] GetClipRgn (hdc=0x80107f3, hrgn=0xdd040807) returned 0
[0196.609] SelectClipRgn (hdc=0x80107f3, hrgn=0x6f0407de) returned 2
[0196.609] DeleteObject (ho=0xdd040807) returned 1
[0196.609] DeleteObject (ho=0x6f0407de) returned 1
[0196.609] OffsetViewportOrgEx (in: hdc=0x80107f3, x=0, y=0, lppt=0x2d33070 | out: lppt=0x2d33070) returned 1
[0196.609] DrawThemeParentBackground () returned 0x0
[0196.609] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0196.609] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0196.609] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0196.609] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.609] GetSystemMetrics (nIndex=42) returned 0
[0196.620] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0196.620] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0196.620] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0196.620] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0196.620] SelectPalette (hdc=0x80107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.620] GdipCreateFromHDC (hdc=0x80107f3, graphics=0xd7dff8) returned 0x0
[0196.621] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0196.621] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0196.621] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638d28) returned 0x0
[0196.621] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dfd0) returned 0x0
[0196.621] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0196.621] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0196.621] GdipGetClip (graphics=0x664dac8, region=0x66464d8) returned 0x0
[0196.621] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x664dac8, result=0xd7dfc4) returned 0x0
[0196.621] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0196.621] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dff0) returned 0x0
[0196.621] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0196.657] GdipFillRectangleI (graphics=0x664dac8, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0196.657] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0196.658] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0196.658] SelectPalette (hdc=0x80107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.659] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0196.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.659] GetSystemMetrics (nIndex=42) returned 0
[0196.659] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0196.659] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0196.659] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0196.659] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0196.659] SelectPalette (hdc=0x80107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0196.659] GdipCreateFromHDC (hdc=0x80107f3, graphics=0xd7df98) returned 0x0
[0196.659] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0196.660] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0196.660] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638a28) returned 0x0
[0196.660] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df70) returned 0x0
[0196.660] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0196.660] GdipCreateRegion (region=0xd7df58) returned 0x0
[0196.660] GdipGetClip (graphics=0x664dac8, region=0x6646dd8) returned 0x0
[0196.660] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x664dac8, result=0xd7df64) returned 0x0
[0196.660] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0196.660] GdipSaveGraphics (graphics=0x664dac8, state=0xd7df90) returned 0x0
[0196.660] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0196.703] GdipFillRectangleI (graphics=0x664dac8, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0196.703] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0196.704] GdipRestoreGraphics (graphics=0x664dac8, state=0xfaee0dbd) returned 0x0
[0196.705] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0196.705] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0196.705] GetSystemMetrics (nIndex=42) returned 0
[0196.705] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0196.705] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0196.705] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0196.705] SelectPalette (hdc=0x80107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.705] RestoreDC (hdc=0x80107f3, nSavedDC=-1) returned 1
[0196.705] GdipReleaseDC (graphics=0x6600030, hdc=0x80107f3) returned 0x0
[0196.706] IsAppThemed () returned 0x1
[0196.706] GetThemeAppProperties () returned 0x3
[0196.706] GetThemeAppProperties () returned 0x3
[0196.747] IsAppThemed () returned 0x1
[0196.748] GetThemeAppProperties () returned 0x3
[0196.748] GetThemeAppProperties () returned 0x3
[0196.748] IsThemePartDefined () returned 0x1
[0196.748] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0196.748] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0196.748] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0196.748] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0196.748] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e4a4) returned 0x0
[0196.748] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0196.748] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0196.748] LocalFree (hMem=0x11ee9f0) returned 0x0
[0196.749] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0196.749] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0196.749] LocalFree (hMem=0x11eecc8) returned 0x0
[0196.749] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0196.749] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0196.749] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0196.749] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0196.749] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0196.749] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0196.749] GetCurrentObject (hdc=0x80107f3, type=0x1) returned 0xb00017
[0196.749] GetCurrentObject (hdc=0x80107f3, type=0x2) returned 0x900010
[0196.749] GetCurrentObject (hdc=0x80107f3, type=0x7) returned 0x4a0507fe
[0196.750] GetCurrentObject (hdc=0x80107f3, type=0x6) returned 0x8a01c2
[0196.750] SaveDC (hdc=0x80107f3) returned 1
[0196.750] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x700407de
[0196.750] GetClipRgn (hdc=0x80107f3, hrgn=0x700407de) returned 0
[0196.750] SelectClipRgn (hdc=0x80107f3, hrgn=0xdf040807) returned 2
[0196.750] DeleteObject (ho=0x700407de) returned 1
[0196.750] DeleteObject (ho=0xdf040807) returned 1
[0196.750] OffsetViewportOrgEx (in: hdc=0x80107f3, x=0, y=0, lppt=0x2d398c0 | out: lppt=0x2d398c0) returned 1
[0196.750] IsAppThemed () returned 0x1
[0196.750] GetThemeAppProperties () returned 0x3
[0196.751] GetThemeAppProperties () returned 0x3
[0196.751] DrawThemeBackground () returned 0x0
[0196.751] RestoreDC (hdc=0x80107f3, nSavedDC=-1) returned 1
[0196.751] GdipReleaseDC (graphics=0x6600030, hdc=0x80107f3) returned 0x0
[0196.751] GdipCreateRegion (region=0xd7e490) returned 0x0
[0196.751] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0196.751] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0196.751] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0196.751] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e4a8) returned 0x0
[0196.751] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0196.751] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0196.751] LocalFree (hMem=0x11ee868) returned 0x0
[0196.751] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0196.751] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0196.752] LocalFree (hMem=0x11eecc8) returned 0x0
[0196.752] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0196.752] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0196.752] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0196.752] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0196.752] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0196.752] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0196.752] GetCurrentObject (hdc=0x80107f3, type=0x1) returned 0xb00017
[0196.752] GetCurrentObject (hdc=0x80107f3, type=0x2) returned 0x900010
[0196.752] GetCurrentObject (hdc=0x80107f3, type=0x7) returned 0x4a0507fe
[0196.752] GetCurrentObject (hdc=0x80107f3, type=0x6) returned 0x8a01c2
[0196.752] SaveDC (hdc=0x80107f3) returned 1
[0196.752] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe0040807
[0196.752] GetClipRgn (hdc=0x80107f3, hrgn=0xe0040807) returned 0
[0196.752] SelectClipRgn (hdc=0x80107f3, hrgn=0x710407de) returned 2
[0196.753] DeleteObject (ho=0xe0040807) returned 1
[0196.753] DeleteObject (ho=0x710407de) returned 1
[0196.753] OffsetViewportOrgEx (in: hdc=0x80107f3, x=0, y=0, lppt=0x2d39b94 | out: lppt=0x2d39b94) returned 1
[0196.753] IsAppThemed () returned 0x1
[0196.753] GetThemeAppProperties () returned 0x3
[0196.753] GetThemeAppProperties () returned 0x3
[0196.753] GetThemeBackgroundContentRect () returned 0x0
[0196.753] RestoreDC (hdc=0x80107f3, nSavedDC=-1) returned 1
[0196.753] GdipReleaseDC (graphics=0x6600030, hdc=0x80107f3) returned 0x0
[0196.753] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0196.753] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0196.753] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0196.753] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0196.754] IsAppThemed () returned 0x1
[0196.754] GetThemeAppProperties () returned 0x3
[0196.754] GetThemeAppProperties () returned 0x3
[0196.754] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0196.754] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0196.754] GetCurrentObject (hdc=0x80107f3, type=0x1) returned 0xb00017
[0196.754] GetCurrentObject (hdc=0x80107f3, type=0x2) returned 0x900010
[0196.754] GetCurrentObject (hdc=0x80107f3, type=0x7) returned 0x4a0507fe
[0196.754] GetCurrentObject (hdc=0x80107f3, type=0x6) returned 0x8a01c2
[0196.754] SaveDC (hdc=0x80107f3) returned 1
[0196.754] GetTextAlign (hdc=0x80107f3) returned 0x0
[0196.754] GetTextColor (hdc=0x80107f3) returned 0x0
[0196.754] GetCurrentObject (hdc=0x80107f3, type=0x6) returned 0x8a01c2
[0196.754] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0196.755] SelectObject (hdc=0x80107f3, h=0x6d0a0520) returned 0x8a01c2
[0196.755] GetBkMode (hdc=0x80107f3) returned 2
[0196.755] SetBkMode (hdc=0x80107f3, mode=1) returned 2
[0196.755] DrawTextExW (in: hdc=0x80107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d39f58 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0196.755] DrawTextExW (in: hdc=0x80107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d39f58 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0196.756] RestoreDC (hdc=0x80107f3, nSavedDC=-1) returned 1
[0196.756] GdipReleaseDC (graphics=0x6600030, hdc=0x80107f3) returned 0x0
[0196.756] GetFocus () returned 0x602c4
[0196.756] IsAppThemed () returned 0x1
[0196.756] GetThemeAppProperties () returned 0x3
[0196.756] GetThemeAppProperties () returned 0x3
[0196.756] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0196.756] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x80107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0196.756] GdipReleaseDC (graphics=0x6600030, hdc=0x80107f3) returned 0x0
[0196.757] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0196.757] SelectObject (hdc=0x80107f3, h=0x85000f) returned 0x4a0507fe
[0196.757] DeleteDC (hdc=0x80107f3) returned 1
[0196.757] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0196.757] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0196.757] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.757] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.758] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.758] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.758] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.759] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.759] IsWindowUnicode (hWnd=0x7005c) returned 1
[0196.759] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.759] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.759] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.759] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.759] IsWindowUnicode (hWnd=0x7005c) returned 1
[0196.760] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.760] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.760] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1120232) returned 0x0
[0196.760] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.760] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.760] WaitMessage () returned 1
[0196.779] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.779] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.779] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.779] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.779] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.780] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.780] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.780] WaitMessage () returned 1
[0196.782] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.782] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.782] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.782] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.782] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.783] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.783] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.783] WaitMessage () returned 1
[0196.784] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.784] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.784] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.784] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.784] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.786] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.786] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.786] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.786] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.786] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.787] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.787] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.787] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.787] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.787] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.787] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.789] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.789] WaitMessage () returned 1
[0196.789] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.790] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.790] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.790] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.790] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.791] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.792] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.792] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.792] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.792] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.792] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.792] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.792] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.792] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.792] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.792] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.793] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.793] WaitMessage () returned 1
[0196.793] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.793] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.794] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.794] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.794] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.795] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.796] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.796] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.796] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.796] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.796] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.796] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.796] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.796] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.796] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.796] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.797] WaitMessage () returned 1
[0196.798] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.798] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.798] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.798] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.798] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.803] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.803] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.803] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.803] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.804] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.804] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.804] IsWindowUnicode (hWnd=0x30122) returned 1
[0196.804] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.804] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.804] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.804] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.805] IsWindowUnicode (hWnd=0x502c6) returned 1
[0196.805] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0196.805] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0196.805] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0196.805] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.805] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0196.806] WaitMessage () returned 1
[0198.624] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.624] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0198.624] IsWindowUnicode (hWnd=0x602c4) returned 1
[0198.624] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.625] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0198.625] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0198.625] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0198.625] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.625] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0198.625] IsWindowUnicode (hWnd=0x602c4) returned 1
[0198.625] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.625] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0198.625] SetCursor (hCursor=0x10003) returned 0x10003
[0198.625] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0198.625] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0198.625] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0198.625] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0198.625] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0198.625] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0198.625] GetKeyState (nVirtKey=1) returned 1
[0198.626] GetKeyState (nVirtKey=2) returned 0
[0198.626] GetKeyState (nVirtKey=4) returned 0
[0198.626] GetKeyState (nVirtKey=5) returned 0
[0198.626] GetKeyState (nVirtKey=6) returned 0
[0198.626] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.626] IsWindowUnicode (hWnd=0x602c4) returned 1
[0198.626] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.626] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0198.626] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0198.626] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0198.626] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0198.626] CreateCompatibleDC (hdc=0x10105d6) returned 0x250107f3
[0198.626] SelectObject (hdc=0x250107f3, h=0x4a0507fe) returned 0x85000f
[0198.626] GdipCreateFromHDC (hdc=0x250107f3, graphics=0xd7e798) returned 0x0
[0198.626] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0198.626] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0198.627] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0198.627] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0198.627] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e7f8) returned 0x0
[0198.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0198.627] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0198.627] LocalFree (hMem=0x11ee788) returned 0x0
[0198.627] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0198.627] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0198.627] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0198.627] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0198.627] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0198.627] GdipRestoreGraphics (graphics=0x6600030, state=0xfaec0dbd) returned 0x0
[0198.627] GdipDeleteRegion (region=0x6646838) returned 0x0
[0198.627] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0198.627] GetCurrentObject (hdc=0x250107f3, type=0x1) returned 0xb00017
[0198.627] GetCurrentObject (hdc=0x250107f3, type=0x2) returned 0x900010
[0198.627] GetCurrentObject (hdc=0x250107f3, type=0x7) returned 0x4a0507fe
[0198.627] GetCurrentObject (hdc=0x250107f3, type=0x6) returned 0x8a01c2
[0198.628] SaveDC (hdc=0x250107f3) returned 1
[0198.628] GetNearestColor (hdc=0x250107f3, color=0xff) returned 0xff
[0198.628] GetNearestColor (hdc=0x250107f3, color=0x55) returned 0x55
[0198.628] GetNearestColor (hdc=0x250107f3, color=0x0) returned 0x0
[0198.628] GetNearestColor (hdc=0x250107f3, color=0x55) returned 0x55
[0198.628] GetNearestColor (hdc=0x250107f3, color=0x0) returned 0x0
[0198.628] GetNearestColor (hdc=0x250107f3, color=0x8080ff) returned 0x8080ff
[0198.628] GetNearestColor (hdc=0x250107f3, color=0x7373e5) returned 0x7373e5
[0198.628] GetNearestColor (hdc=0x250107f3, color=0xe5) returned 0xe5
[0198.628] GetNearestColor (hdc=0x250107f3, color=0x0) returned 0x0
[0198.628] RestoreDC (hdc=0x250107f3, nSavedDC=-1) returned 1
[0198.628] GdipReleaseDC (graphics=0x6600030, hdc=0x250107f3) returned 0x0
[0198.628] IsAppThemed () returned 0x1
[0198.628] GetThemeAppProperties () returned 0x3
[0198.628] GetThemeAppProperties () returned 0x3
[0198.628] IsAppThemed () returned 0x1
[0198.628] GetThemeAppProperties () returned 0x3
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d3a85c | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0198.629] IsAppThemed () returned 0x1
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] IsAppThemed () returned 0x1
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] IsAppThemed () returned 0x1
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] IsAppThemed () returned 0x1
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] IsThemePartDefined () returned 0x1
[0198.629] IsAppThemed () returned 0x1
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] GetThemeAppProperties () returned 0x3
[0198.629] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0198.629] IsAppThemed () returned 0x1
[0198.630] GetThemeAppProperties () returned 0x3
[0198.630] GetThemeAppProperties () returned 0x3
[0198.630] IsAppThemed () returned 0x1
[0198.630] GetThemeAppProperties () returned 0x3
[0198.630] GetThemeAppProperties () returned 0x3
[0198.630] IsThemePartDefined () returned 0x1
[0198.630] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0198.630] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0198.630] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0198.630] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0198.630] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e514) returned 0x0
[0198.630] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0198.630] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0198.630] LocalFree (hMem=0x11eed00) returned 0x0
[0198.630] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0198.630] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0198.630] LocalFree (hMem=0x11ee910) returned 0x0
[0198.630] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0198.630] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0198.630] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0198.630] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0198.630] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0198.630] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0198.631] GetCurrentObject (hdc=0x250107f3, type=0x1) returned 0xb00017
[0198.631] GetCurrentObject (hdc=0x250107f3, type=0x2) returned 0x900010
[0198.631] GetCurrentObject (hdc=0x250107f3, type=0x7) returned 0x4a0507fe
[0198.631] GetCurrentObject (hdc=0x250107f3, type=0x6) returned 0x8a01c2
[0198.631] SaveDC (hdc=0x250107f3) returned 1
[0198.631] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x720407de
[0198.631] GetClipRgn (hdc=0x250107f3, hrgn=0x720407de) returned 0
[0198.631] SelectClipRgn (hdc=0x250107f3, hrgn=0xe4040807) returned 2
[0198.631] DeleteObject (ho=0x720407de) returned 1
[0198.631] DeleteObject (ho=0xe4040807) returned 1
[0198.631] OffsetViewportOrgEx (in: hdc=0x250107f3, x=0, y=0, lppt=0x2d3af0c | out: lppt=0x2d3af0c) returned 1
[0198.631] DrawThemeParentBackground () returned 0x0
[0198.631] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0198.631] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0198.631] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.631] GetSystemMetrics (nIndex=42) returned 0
[0198.631] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0198.632] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0198.632] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0198.632] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0198.632] SelectPalette (hdc=0x250107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0198.632] GdipCreateFromHDC (hdc=0x250107f3, graphics=0xd7dff0) returned 0x0
[0198.632] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0198.632] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0198.632] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638a58) returned 0x0
[0198.632] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dfc8) returned 0x0
[0198.632] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0198.632] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0198.632] GdipGetClip (graphics=0x664dac8, region=0x66464d8) returned 0x0
[0198.632] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x664dac8, result=0xd7dfbc) returned 0x0
[0198.632] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0198.632] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dfe8) returned 0x0
[0198.632] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0198.640] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0198.640] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0198.642] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0198.642] SelectPalette (hdc=0x250107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0198.642] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.642] GetSystemMetrics (nIndex=42) returned 0
[0198.642] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0198.642] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0198.642] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0198.643] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0198.643] SelectPalette (hdc=0x250107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0198.643] GdipCreateFromHDC (hdc=0x250107f3, graphics=0xd7df90) returned 0x0
[0198.643] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0198.643] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0198.643] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638ba8) returned 0x0
[0198.643] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df68) returned 0x0
[0198.643] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0198.643] GdipCreateRegion (region=0xd7df50) returned 0x0
[0198.643] GdipGetClip (graphics=0x664dac8, region=0x6646e68) returned 0x0
[0198.643] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x664dac8, result=0xd7df5c) returned 0x0
[0198.643] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0198.643] GdipSaveGraphics (graphics=0x664dac8, state=0xd7df88) returned 0x0
[0198.643] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0198.652] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0198.652] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0198.654] GdipRestoreGraphics (graphics=0x664dac8, state=0xfae80dbd) returned 0x0
[0198.654] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.654] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.654] GetSystemMetrics (nIndex=42) returned 0
[0198.654] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.654] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0198.654] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0198.654] SelectPalette (hdc=0x250107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0198.655] RestoreDC (hdc=0x250107f3, nSavedDC=-1) returned 1
[0198.655] GdipReleaseDC (graphics=0x6600030, hdc=0x250107f3) returned 0x0
[0198.655] IsAppThemed () returned 0x1
[0198.655] GetThemeAppProperties () returned 0x3
[0198.655] GetThemeAppProperties () returned 0x3
[0198.655] IsAppThemed () returned 0x1
[0198.655] GetThemeAppProperties () returned 0x3
[0198.655] GetThemeAppProperties () returned 0x3
[0198.655] IsThemePartDefined () returned 0x1
[0198.655] GdipCreateRegion (region=0xd7e480) returned 0x0
[0198.655] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0198.655] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0198.655] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0198.655] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e498) returned 0x0
[0198.655] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0198.655] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0198.655] LocalFree (hMem=0x11ee9f0) returned 0x0
[0198.656] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0198.656] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0198.656] LocalFree (hMem=0x11ee9f0) returned 0x0
[0198.656] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0198.656] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0198.656] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0198.656] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0198.656] GdipDeleteRegion (region=0x6646568) returned 0x0
[0198.656] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0198.656] GetCurrentObject (hdc=0x250107f3, type=0x1) returned 0xb00017
[0198.656] GetCurrentObject (hdc=0x250107f3, type=0x2) returned 0x900010
[0198.656] GetCurrentObject (hdc=0x250107f3, type=0x7) returned 0x4a0507fe
[0198.656] GetCurrentObject (hdc=0x250107f3, type=0x6) returned 0x8a01c2
[0198.656] SaveDC (hdc=0x250107f3) returned 1
[0198.656] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe5040807
[0198.657] GetClipRgn (hdc=0x250107f3, hrgn=0xe5040807) returned 0
[0198.657] SelectClipRgn (hdc=0x250107f3, hrgn=0x740407de) returned 2
[0198.657] DeleteObject (ho=0xe5040807) returned 1
[0198.657] DeleteObject (ho=0x740407de) returned 1
[0198.657] OffsetViewportOrgEx (in: hdc=0x250107f3, x=0, y=0, lppt=0x2d4175c | out: lppt=0x2d4175c) returned 1
[0198.657] IsAppThemed () returned 0x1
[0198.657] GetThemeAppProperties () returned 0x3
[0198.657] GetThemeAppProperties () returned 0x3
[0198.657] DrawThemeBackground () returned 0x0
[0198.657] RestoreDC (hdc=0x250107f3, nSavedDC=-1) returned 1
[0198.657] GdipReleaseDC (graphics=0x6600030, hdc=0x250107f3) returned 0x0
[0198.657] GdipCreateRegion (region=0xd7e484) returned 0x0
[0198.657] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0198.657] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0198.658] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0198.658] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e49c) returned 0x0
[0198.658] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0198.658] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0198.658] LocalFree (hMem=0x11ee788) returned 0x0
[0198.658] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0198.658] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0198.658] LocalFree (hMem=0x11ee9f0) returned 0x0
[0198.658] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0198.658] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0198.658] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0198.658] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0198.658] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0198.658] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0198.658] GetCurrentObject (hdc=0x250107f3, type=0x1) returned 0xb00017
[0198.658] GetCurrentObject (hdc=0x250107f3, type=0x2) returned 0x900010
[0198.658] GetCurrentObject (hdc=0x250107f3, type=0x7) returned 0x4a0507fe
[0198.659] GetCurrentObject (hdc=0x250107f3, type=0x6) returned 0x8a01c2
[0198.659] SaveDC (hdc=0x250107f3) returned 1
[0198.659] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x750407de
[0198.659] GetClipRgn (hdc=0x250107f3, hrgn=0x750407de) returned 0
[0198.659] SelectClipRgn (hdc=0x250107f3, hrgn=0xe6040807) returned 2
[0198.659] DeleteObject (ho=0x750407de) returned 1
[0198.659] DeleteObject (ho=0xe6040807) returned 1
[0198.659] OffsetViewportOrgEx (in: hdc=0x250107f3, x=0, y=0, lppt=0x2d41a30 | out: lppt=0x2d41a30) returned 1
[0198.659] IsAppThemed () returned 0x1
[0198.659] GetThemeAppProperties () returned 0x3
[0198.659] GetThemeAppProperties () returned 0x3
[0198.659] GetThemeBackgroundContentRect () returned 0x0
[0198.659] RestoreDC (hdc=0x250107f3, nSavedDC=-1) returned 1
[0198.659] GdipReleaseDC (graphics=0x6600030, hdc=0x250107f3) returned 0x0
[0198.659] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0198.659] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0198.660] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0198.660] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0198.660] IsAppThemed () returned 0x1
[0198.660] GetThemeAppProperties () returned 0x3
[0198.660] GetThemeAppProperties () returned 0x3
[0198.660] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0198.660] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0198.660] GetCurrentObject (hdc=0x250107f3, type=0x1) returned 0xb00017
[0198.660] GetCurrentObject (hdc=0x250107f3, type=0x2) returned 0x900010
[0198.660] GetCurrentObject (hdc=0x250107f3, type=0x7) returned 0x4a0507fe
[0198.660] GetCurrentObject (hdc=0x250107f3, type=0x6) returned 0x8a01c2
[0198.660] SaveDC (hdc=0x250107f3) returned 1
[0198.660] GetTextAlign (hdc=0x250107f3) returned 0x0
[0198.660] GetTextColor (hdc=0x250107f3) returned 0x0
[0198.660] GetCurrentObject (hdc=0x250107f3, type=0x6) returned 0x8a01c2
[0198.660] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0198.661] SelectObject (hdc=0x250107f3, h=0x6d0a0520) returned 0x8a01c2
[0198.661] GetBkMode (hdc=0x250107f3) returned 2
[0198.661] SetBkMode (hdc=0x250107f3, mode=1) returned 2
[0198.661] DrawTextExW (in: hdc=0x250107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d41df4 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0198.661] DrawTextExW (in: hdc=0x250107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d41df4 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0198.661] RestoreDC (hdc=0x250107f3, nSavedDC=-1) returned 1
[0198.661] GdipReleaseDC (graphics=0x6600030, hdc=0x250107f3) returned 0x0
[0198.661] GetFocus () returned 0x602c4
[0198.662] IsAppThemed () returned 0x1
[0198.662] GetThemeAppProperties () returned 0x3
[0198.662] GetThemeAppProperties () returned 0x3
[0198.662] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0198.662] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x250107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0198.662] GdipReleaseDC (graphics=0x6600030, hdc=0x250107f3) returned 0x0
[0198.662] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0198.662] SelectObject (hdc=0x250107f3, h=0x85000f) returned 0x4a0507fe
[0198.662] DeleteDC (hdc=0x250107f3) returned 1
[0198.662] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0198.662] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0198.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0198.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0198.663] WaitMessage () returned 1
[0198.740] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.740] IsWindowUnicode (hWnd=0x602c4) returned 1
[0198.740] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.740] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0198.740] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0198.740] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.740] IsWindowUnicode (hWnd=0x602c4) returned 1
[0198.741] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.741] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0198.741] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0198.741] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0028) returned 0x0
[0198.741] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0198.741] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0198.741] WaitMessage () returned 1
[0198.879] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.879] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0198.879] IsWindowUnicode (hWnd=0x602c4) returned 1
[0198.879] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.879] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0198.880] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0198.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0045) returned 0x0
[0198.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0198.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0198.880] SetCursor (hCursor=0x10003) returned 0x10003
[0198.880] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0198.880] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0198.880] GetKeyState (nVirtKey=1) returned -128
[0198.880] GetKeyState (nVirtKey=2) returned 0
[0198.880] GetKeyState (nVirtKey=4) returned 0
[0198.880] GetKeyState (nVirtKey=5) returned 0
[0198.880] GetKeyState (nVirtKey=6) returned 0
[0198.880] IsWindowVisible (hWnd=0x602c4) returned 1
[0198.880] IsWindowEnabled (hWnd=0x602c4) returned 1
[0198.880] SetFocus (hWnd=0x602c4) returned 0x602c4
[0198.880] GetFocus () returned 0x602c4
[0198.881] GetFocus () returned 0x602c4
[0198.881] GetFocus () returned 0x602c4
[0198.881] GetKeyState (nVirtKey=1) returned -128
[0198.881] GetKeyState (nVirtKey=2) returned 0
[0198.881] GetKeyState (nVirtKey=4) returned 0
[0198.881] GetKeyState (nVirtKey=5) returned 0
[0198.881] GetKeyState (nVirtKey=6) returned 0
[0198.881] GetCapture () returned 0x0
[0198.881] SetCapture (hWnd=0x602c4) returned 0x0
[0198.881] GetKeyState (nVirtKey=1) returned -128
[0198.881] GetKeyState (nVirtKey=2) returned 0
[0198.881] GetKeyState (nVirtKey=4) returned 0
[0198.881] GetKeyState (nVirtKey=5) returned 0
[0198.881] GetKeyState (nVirtKey=6) returned 0
[0198.881] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0198.881] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0198.881] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.881] IsWindowUnicode (hWnd=0x602c4) returned 1
[0198.881] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0198.881] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0198.881] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0198.881] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d41f78, cPoints=0x1 | out: lpPoints=0x2d41f78) returned 40304859
[0198.882] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0198.882] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0198.882] UpdateWindow (hWnd=0x602c4) returned 1
[0198.882] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0198.882] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0198.882] CreateCompatibleDC (hdc=0x10105d6) returned 0x260107f3
[0198.882] SelectObject (hdc=0x260107f3, h=0x4a0507fe) returned 0x85000f
[0198.882] GdipCreateFromHDC (hdc=0x260107f3, graphics=0xd7e430) returned 0x0
[0198.882] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0198.882] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0198.882] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0198.882] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0198.882] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e490) returned 0x0
[0198.883] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0198.883] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0198.883] LocalFree (hMem=0x11eec58) returned 0x0
[0198.883] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0198.883] GdipCreateRegion (region=0xd7e478) returned 0x0
[0198.883] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0198.883] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e484) returned 0x0
[0198.883] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0198.883] GdipRestoreGraphics (graphics=0x6600030, state=0xfae60dbd) returned 0x0
[0198.883] GdipDeleteRegion (region=0x6646838) returned 0x0
[0198.883] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0198.883] GetCurrentObject (hdc=0x260107f3, type=0x1) returned 0xb00017
[0198.883] GetCurrentObject (hdc=0x260107f3, type=0x2) returned 0x900010
[0198.883] GetCurrentObject (hdc=0x260107f3, type=0x7) returned 0x4a0507fe
[0198.883] GetCurrentObject (hdc=0x260107f3, type=0x6) returned 0x8a01c2
[0198.883] SaveDC (hdc=0x260107f3) returned 1
[0198.883] GetNearestColor (hdc=0x260107f3, color=0xff) returned 0xff
[0198.883] GetNearestColor (hdc=0x260107f3, color=0x55) returned 0x55
[0198.884] GetNearestColor (hdc=0x260107f3, color=0x0) returned 0x0
[0198.884] GetNearestColor (hdc=0x260107f3, color=0x55) returned 0x55
[0198.884] GetNearestColor (hdc=0x260107f3, color=0x0) returned 0x0
[0198.884] GetNearestColor (hdc=0x260107f3, color=0x8080ff) returned 0x8080ff
[0198.884] GetNearestColor (hdc=0x260107f3, color=0x7373e5) returned 0x7373e5
[0198.884] GetNearestColor (hdc=0x260107f3, color=0xe5) returned 0xe5
[0198.884] GetNearestColor (hdc=0x260107f3, color=0x0) returned 0x0
[0198.884] RestoreDC (hdc=0x260107f3, nSavedDC=-1) returned 1
[0198.884] GdipReleaseDC (graphics=0x6600030, hdc=0x260107f3) returned 0x0
[0198.884] IsAppThemed () returned 0x1
[0198.884] GetThemeAppProperties () returned 0x3
[0198.884] GetThemeAppProperties () returned 0x3
[0198.884] IsAppThemed () returned 0x1
[0198.884] GetThemeAppProperties () returned 0x3
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d42694 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0198.885] IsAppThemed () returned 0x1
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] IsAppThemed () returned 0x1
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] IsAppThemed () returned 0x1
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] IsAppThemed () returned 0x1
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] GetThemeAppProperties () returned 0x3
[0198.885] IsThemePartDefined () returned 0x1
[0198.885] IsAppThemed () returned 0x1
[0198.886] GetThemeAppProperties () returned 0x3
[0198.886] GetThemeAppProperties () returned 0x3
[0198.886] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0198.886] IsAppThemed () returned 0x1
[0198.886] GetThemeAppProperties () returned 0x3
[0198.886] GetThemeAppProperties () returned 0x3
[0198.886] IsAppThemed () returned 0x1
[0198.886] GetThemeAppProperties () returned 0x3
[0198.886] GetThemeAppProperties () returned 0x3
[0198.886] IsThemePartDefined () returned 0x1
[0198.886] GdipCreateRegion (region=0xd7e194) returned 0x0
[0198.886] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0198.886] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0198.886] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0198.886] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e1ac) returned 0x0
[0198.886] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0198.886] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0198.886] LocalFree (hMem=0x11ee8d8) returned 0x0
[0198.886] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0198.886] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0198.886] LocalFree (hMem=0x11eec58) returned 0x0
[0198.886] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0198.886] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0198.887] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0198.887] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0198.887] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0198.887] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0198.887] GetCurrentObject (hdc=0x260107f3, type=0x1) returned 0xb00017
[0198.887] GetCurrentObject (hdc=0x260107f3, type=0x2) returned 0x900010
[0198.887] GetCurrentObject (hdc=0x260107f3, type=0x7) returned 0x4a0507fe
[0198.887] GetCurrentObject (hdc=0x260107f3, type=0x6) returned 0x8a01c2
[0198.887] SaveDC (hdc=0x260107f3) returned 1
[0198.887] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe7040807
[0198.887] GetClipRgn (hdc=0x260107f3, hrgn=0xe7040807) returned 0
[0198.887] SelectClipRgn (hdc=0x260107f3, hrgn=0x790407de) returned 2
[0198.887] DeleteObject (ho=0xe7040807) returned 1
[0198.887] DeleteObject (ho=0x790407de) returned 1
[0198.887] OffsetViewportOrgEx (in: hdc=0x260107f3, x=0, y=0, lppt=0x2d42d44 | out: lppt=0x2d42d44) returned 1
[0198.887] DrawThemeParentBackground () returned 0x0
[0198.888] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0198.888] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0198.888] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.888] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.888] GetSystemMetrics (nIndex=42) returned 0
[0198.888] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.888] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0198.888] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0198.888] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0198.888] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0198.888] SelectPalette (hdc=0x260107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0198.888] GdipCreateFromHDC (hdc=0x260107f3, graphics=0xd7dc88) returned 0x0
[0198.888] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0198.889] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0198.889] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638ae8) returned 0x0
[0198.889] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc60) returned 0x0
[0198.889] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0198.889] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0198.889] GdipGetClip (graphics=0x664dac8, region=0x6646688) returned 0x0
[0198.889] GdipIsInfiniteRegion (region=0x6646688, graphics=0x664dac8, result=0xd7dc54) returned 0x0
[0198.889] GdipDeleteRegion (region=0x6646688) returned 0x0
[0198.889] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dc80) returned 0x0
[0198.889] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0198.897] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0198.897] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0198.898] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0198.898] SelectPalette (hdc=0x260107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0198.899] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.899] GetSystemMetrics (nIndex=42) returned 0
[0198.899] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0198.899] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0198.899] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0198.899] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0198.899] SelectPalette (hdc=0x260107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0198.899] GdipCreateFromHDC (hdc=0x260107f3, graphics=0xd7dc28) returned 0x0
[0198.899] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0198.899] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0198.899] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638c08) returned 0x0
[0198.899] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0198.899] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0198.900] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0198.900] GdipGetClip (graphics=0x664dac8, region=0x6646958) returned 0x0
[0198.900] GdipIsInfiniteRegion (region=0x6646958, graphics=0x664dac8, result=0xd7dbf4) returned 0x0
[0198.900] GdipDeleteRegion (region=0x6646958) returned 0x0
[0198.900] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dc20) returned 0x0
[0198.900] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0198.909] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0198.909] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0198.910] GdipRestoreGraphics (graphics=0x664dac8, state=0xfae20dbd) returned 0x0
[0198.910] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.910] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.910] GetSystemMetrics (nIndex=42) returned 0
[0198.910] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.910] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0198.910] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0198.911] SelectPalette (hdc=0x260107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0198.911] RestoreDC (hdc=0x260107f3, nSavedDC=-1) returned 1
[0198.911] GdipReleaseDC (graphics=0x6600030, hdc=0x260107f3) returned 0x0
[0198.911] IsAppThemed () returned 0x1
[0198.911] GetThemeAppProperties () returned 0x3
[0198.911] GetThemeAppProperties () returned 0x3
[0198.911] IsAppThemed () returned 0x1
[0198.911] GetThemeAppProperties () returned 0x3
[0198.911] GetThemeAppProperties () returned 0x3
[0198.911] IsThemePartDefined () returned 0x1
[0198.911] GdipCreateRegion (region=0xd7e118) returned 0x0
[0198.911] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0198.911] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0198.911] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0198.911] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e130) returned 0x0
[0198.912] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0198.912] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0198.912] LocalFree (hMem=0x11ee788) returned 0x0
[0198.912] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0198.912] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0198.912] LocalFree (hMem=0x11ee8d8) returned 0x0
[0198.912] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0198.912] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0198.912] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0198.912] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0198.912] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0198.912] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0198.912] GetCurrentObject (hdc=0x260107f3, type=0x1) returned 0xb00017
[0198.912] GetCurrentObject (hdc=0x260107f3, type=0x2) returned 0x900010
[0198.912] GetCurrentObject (hdc=0x260107f3, type=0x7) returned 0x4a0507fe
[0198.912] GetCurrentObject (hdc=0x260107f3, type=0x6) returned 0x8a01c2
[0198.912] SaveDC (hdc=0x260107f3) returned 1
[0198.912] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7a0407de
[0198.912] GetClipRgn (hdc=0x260107f3, hrgn=0x7a0407de) returned 0
[0198.912] SelectClipRgn (hdc=0x260107f3, hrgn=0xe9040807) returned 2
[0198.913] DeleteObject (ho=0x7a0407de) returned 1
[0198.913] DeleteObject (ho=0xe9040807) returned 1
[0198.913] OffsetViewportOrgEx (in: hdc=0x260107f3, x=0, y=0, lppt=0x2d49594 | out: lppt=0x2d49594) returned 1
[0198.913] IsAppThemed () returned 0x1
[0198.913] GetThemeAppProperties () returned 0x3
[0198.913] GetThemeAppProperties () returned 0x3
[0198.913] DrawThemeBackground () returned 0x0
[0198.913] RestoreDC (hdc=0x260107f3, nSavedDC=-1) returned 1
[0198.913] GdipReleaseDC (graphics=0x6600030, hdc=0x260107f3) returned 0x0
[0198.913] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0198.913] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0198.913] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0198.913] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0198.913] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e134) returned 0x0
[0198.913] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0198.913] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0198.913] LocalFree (hMem=0x11eec58) returned 0x0
[0198.913] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0198.913] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0198.913] LocalFree (hMem=0x11ee788) returned 0x0
[0198.914] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0198.914] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0198.914] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0198.914] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0198.914] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0198.914] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0198.914] GetCurrentObject (hdc=0x260107f3, type=0x1) returned 0xb00017
[0198.914] GetCurrentObject (hdc=0x260107f3, type=0x2) returned 0x900010
[0198.914] GetCurrentObject (hdc=0x260107f3, type=0x7) returned 0x4a0507fe
[0198.914] GetCurrentObject (hdc=0x260107f3, type=0x6) returned 0x8a01c2
[0198.914] SaveDC (hdc=0x260107f3) returned 1
[0198.914] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xea040807
[0198.914] GetClipRgn (hdc=0x260107f3, hrgn=0xea040807) returned 0
[0198.914] SelectClipRgn (hdc=0x260107f3, hrgn=0x7b0407de) returned 2
[0198.914] DeleteObject (ho=0xea040807) returned 1
[0198.914] DeleteObject (ho=0x7b0407de) returned 1
[0198.914] OffsetViewportOrgEx (in: hdc=0x260107f3, x=0, y=0, lppt=0x2d49868 | out: lppt=0x2d49868) returned 1
[0198.915] IsAppThemed () returned 0x1
[0198.915] GetThemeAppProperties () returned 0x3
[0198.915] GetThemeAppProperties () returned 0x3
[0198.915] GetThemeBackgroundContentRect () returned 0x0
[0198.915] RestoreDC (hdc=0x260107f3, nSavedDC=-1) returned 1
[0198.915] GdipReleaseDC (graphics=0x6600030, hdc=0x260107f3) returned 0x0
[0198.915] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0198.915] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0198.915] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0198.915] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0198.915] IsAppThemed () returned 0x1
[0198.915] GetThemeAppProperties () returned 0x3
[0198.915] GetThemeAppProperties () returned 0x3
[0198.915] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0198.915] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0198.915] GetCurrentObject (hdc=0x260107f3, type=0x1) returned 0xb00017
[0198.915] GetCurrentObject (hdc=0x260107f3, type=0x2) returned 0x900010
[0198.915] GetCurrentObject (hdc=0x260107f3, type=0x7) returned 0x4a0507fe
[0198.915] GetCurrentObject (hdc=0x260107f3, type=0x6) returned 0x8a01c2
[0198.916] SaveDC (hdc=0x260107f3) returned 1
[0198.916] GetTextAlign (hdc=0x260107f3) returned 0x0
[0198.916] GetTextColor (hdc=0x260107f3) returned 0x0
[0198.916] GetCurrentObject (hdc=0x260107f3, type=0x6) returned 0x8a01c2
[0198.916] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0198.916] SelectObject (hdc=0x260107f3, h=0x6d0a0520) returned 0x8a01c2
[0198.916] GetBkMode (hdc=0x260107f3) returned 2
[0198.916] SetBkMode (hdc=0x260107f3, mode=1) returned 2
[0198.916] DrawTextExW (in: hdc=0x260107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d49c2c | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0198.916] DrawTextExW (in: hdc=0x260107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d49c2c | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0198.917] RestoreDC (hdc=0x260107f3, nSavedDC=-1) returned 1
[0198.917] GdipReleaseDC (graphics=0x6600030, hdc=0x260107f3) returned 0x0
[0198.917] GetFocus () returned 0x602c4
[0198.917] IsAppThemed () returned 0x1
[0198.917] GetThemeAppProperties () returned 0x3
[0198.917] GetThemeAppProperties () returned 0x3
[0198.917] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0198.917] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x260107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0198.918] GdipReleaseDC (graphics=0x6600030, hdc=0x260107f3) returned 0x0
[0198.918] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0198.918] SelectObject (hdc=0x260107f3, h=0x85000f) returned 0x4a0507fe
[0198.918] DeleteDC (hdc=0x260107f3) returned 1
[0198.918] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0198.918] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0198.918] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d49d28, cPoints=0x1 | out: lpPoints=0x2d49d28) returned 40304859
[0198.918] WindowFromPoint (Point=0x103) returned 0x602c4
[0198.918] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740103) returned 0x1
[0198.918] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0198.918] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0198.918] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0198.918] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0198.919] GetSystemMetrics (nIndex=42) returned 0
[0198.919] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0198.919] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0198.921] GetCapture () returned 0x602c4
[0198.921] ReleaseCapture () returned 1
[0198.921] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0198.921] GetProcessWindowStation () returned 0x13c
[0198.922] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.922] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0198.922] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.923] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0198.923] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.923] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0198.923] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.923] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0198.923] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.923] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0198.923] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.924] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0198.924] GetDC (hWnd=0x0) returned 0x107b9
[0198.924] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0198.924] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0198.924] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0198.924] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0198.924] GetSystemMetrics (nIndex=5) returned 1
[0198.924] GetSystemMetrics (nIndex=6) returned 1
[0198.925] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.925] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0198.925] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.925] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0198.928] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0198.928] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0198.928] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.928] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0198.928] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.928] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0198.930] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d4f744 | out: lpData=0x2d4f744) returned 1
[0198.930] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4fb54, puLen=0xd7e810) returned 1
[0198.930] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f7fc, puLen=0xd7e790) returned 1
[0198.930] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f850, puLen=0xd7e790) returned 1
[0198.930] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f8d0, puLen=0xd7e790) returned 1
[0198.930] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f938, puLen=0xd7e790) returned 1
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f978, puLen=0xd7e790) returned 1
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4fa00, puLen=0xd7e790) returned 1
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4fa3c, puLen=0xd7e790) returned 1
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4fa94, puLen=0xd7e790) returned 1
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4fac4, puLen=0xd7e790) returned 1
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4fb00, puLen=0xd7e790) returned 1
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4fb54, puLen=0xd7e784) returned 1
[0198.931] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.931] VerQueryValueW (in: pBlock=0x2d4f744, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d4f76c, puLen=0xd7e794) returned 1
[0198.932] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0198.932] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0198.932] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.932] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0198.932] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.932] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0198.932] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d516b4 | out: lpData=0x2d516b4) returned 1
[0198.932] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d51750, puLen=0xd7e810) returned 1
[0198.932] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d517c8, puLen=0xd7e790) returned 1
[0198.932] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d517f8, puLen=0xd7e790) returned 1
[0198.932] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51834, puLen=0xd7e790) returned 1
[0198.932] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51864, puLen=0xd7e790) returned 1
[0198.932] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d518ac, puLen=0xd7e790) returned 1
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51924, puLen=0xd7e790) returned 1
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51968, puLen=0xd7e790) returned 1
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d519a8, puLen=0xd7e790) returned 1
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d517a6, puLen=0xd7e790) returned 1
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d518f4, puLen=0xd7e790) returned 1
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d51750, puLen=0xd7e784) returned 1
[0198.933] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0198.933] VerQueryValueW (in: pBlock=0x2d516b4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d516dc, puLen=0xd7e794) returned 1
[0198.934] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0198.934] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0198.934] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.934] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0198.934] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.934] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0198.936] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d5398c | out: lpData=0x2d5398c) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d53da0, puLen=0xd7e810) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53a44, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53a98, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53af4, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53b54, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53bac, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53c34, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53c88, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53ce0, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53d10, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53d4c, puLen=0xd7e790) returned 1
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.937] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d53da0, puLen=0xd7e784) returned 1
[0198.938] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.938] VerQueryValueW (in: pBlock=0x2d5398c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d539b4, puLen=0xd7e794) returned 1
[0198.938] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0198.939] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0198.939] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.939] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0198.939] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.939] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0198.940] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d55fc4 | out: lpData=0x2d55fc4) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d563c4, puLen=0xd7e810) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5607c, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d560d0, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56110, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56178, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d561d0, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56258, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d562ac, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56304, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56334, puLen=0xd7e790) returned 1
[0198.941] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.942] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56370, puLen=0xd7e790) returned 1
[0198.942] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.942] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d563c4, puLen=0xd7e784) returned 1
[0198.942] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.942] VerQueryValueW (in: pBlock=0x2d55fc4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d55fec, puLen=0xd7e794) returned 1
[0198.943] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0198.943] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0198.943] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.943] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0198.943] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.943] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0198.944] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d58700 | out: lpData=0x2d58700) returned 1
[0198.945] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d58ac8, puLen=0xd7e810) returned 1
[0198.945] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d587b8, puLen=0xd7e790) returned 1
[0198.945] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5880c, puLen=0xd7e790) returned 1
[0198.945] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5884c, puLen=0xd7e790) returned 1
[0198.945] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d588b4, puLen=0xd7e790) returned 1
[0198.945] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d588f0, puLen=0xd7e790) returned 1
[0198.945] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58978, puLen=0xd7e790) returned 1
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d589b0, puLen=0xd7e790) returned 1
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58a08, puLen=0xd7e790) returned 1
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58a38, puLen=0xd7e790) returned 1
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58a74, puLen=0xd7e790) returned 1
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d58ac8, puLen=0xd7e784) returned 1
[0198.946] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.946] VerQueryValueW (in: pBlock=0x2d58700, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d58728, puLen=0xd7e794) returned 1
[0198.947] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0198.947] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0198.947] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.947] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0198.947] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.947] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0198.948] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d5bd68 | out: lpData=0x2d5bd68) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5c148, puLen=0xd7e810) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5be20, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5be74, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5beb4, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bf14, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bf60, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5bfe8, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5c030, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5c088, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5c0b8, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5c0f4, puLen=0xd7e790) returned 1
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5c148, puLen=0xd7e784) returned 1
[0198.949] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.949] VerQueryValueW (in: pBlock=0x2d5bd68, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5bd90, puLen=0xd7e794) returned 1
[0198.953] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0198.953] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0198.953] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.953] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0198.953] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.953] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0198.954] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d5e588 | out: lpData=0x2d5e588) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5e994, puLen=0xd7e810) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e640, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e694, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e6e8, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e748, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e7a0, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e828, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e87c, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e8d4, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e904, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e940, puLen=0xd7e790) returned 1
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5e994, puLen=0xd7e784) returned 1
[0198.955] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.955] VerQueryValueW (in: pBlock=0x2d5e588, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5e5b0, puLen=0xd7e794) returned 1
[0198.956] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0198.956] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0198.956] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.956] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0198.957] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.957] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0198.958] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d60d9c | out: lpData=0x2d60d9c) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d61174, puLen=0xd7e810) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60e54, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60ea8, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60ee8, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60f50, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d60f94, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6101c, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6105c, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d610b4, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d610e4, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d61120, puLen=0xd7e790) returned 1
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d61174, puLen=0xd7e784) returned 1
[0198.959] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.959] VerQueryValueW (in: pBlock=0x2d60d9c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d60dc4, puLen=0xd7e794) returned 1
[0198.960] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0198.960] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0198.960] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.960] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0198.961] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.961] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0198.962] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d632f4 | out: lpData=0x2d632f4) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d636cc, puLen=0xd7e810) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d633ac, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63400, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63440, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d634a8, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d634ec, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63574, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d635b4, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6360c, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6363c, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63678, puLen=0xd7e790) returned 1
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d636cc, puLen=0xd7e784) returned 1
[0198.963] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.963] VerQueryValueW (in: pBlock=0x2d632f4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6331c, puLen=0xd7e794) returned 1
[0198.964] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0198.964] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0198.964] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0198.964] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0198.965] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0198.965] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0198.965] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d65a2c | out: lpData=0x2d65a2c) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d65e5c, puLen=0xd7e810) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65ae4, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65b38, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65ba8, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65c08, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65c64, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65cec, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65d44, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65d9c, puLen=0xd7e790) returned 1
[0198.966] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65dcc, puLen=0xd7e790) returned 1
[0198.967] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.967] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65e08, puLen=0xd7e790) returned 1
[0198.967] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0198.967] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d65e5c, puLen=0xd7e784) returned 1
[0198.967] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0198.967] VerQueryValueW (in: pBlock=0x2d65a2c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d65a54, puLen=0xd7e794) returned 1
[0198.968] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0198.968] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.968] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0198.969] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.969] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0198.969] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x15013e
[0198.970] SetWindowLongW (hWnd=0x15013e, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0198.970] GetWindowLongW (hWnd=0x15013e, nIndex=-4) returned 1950089536
[0198.970] SetWindowLongW (hWnd=0x15013e, nIndex=-4, dwNewLong=19944942) returned 1950089536
[0198.970] GetWindowLongW (hWnd=0x15013e, nIndex=-4) returned 19944942
[0198.970] GetWindowLongW (hWnd=0x15013e, nIndex=-16) returned 113311744
[0198.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0198.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0198.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0198.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0198.972] GetClientRect (in: hWnd=0x15013e, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0198.972] GetWindowRect (in: hWnd=0x15013e, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0198.972] SetWindowTextW (hWnd=0x15013e, lpString="WindowsFormsParkingWindow") returned 1
[0198.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0xc, wParam=0x0, lParam=0x2d2b048) returned 0x1
[0198.973] GetParent (hWnd=0x15013e) returned 0x0
[0198.973] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0198.973] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x15013e, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x802d0
[0198.974] SetWindowLongW (hWnd=0x802d0, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0198.974] GetWindowLongW (hWnd=0x802d0, nIndex=-4) returned 1868147648
[0198.974] SetWindowLongW (hWnd=0x802d0, nIndex=-4, dwNewLong=19944582) returned 1868147648
[0198.974] GetWindowLongW (hWnd=0x802d0, nIndex=-4) returned 19944582
[0198.974] GetWindowLongW (hWnd=0x802d0, nIndex=-16) returned 1174405133
[0198.974] GetWindowLongW (hWnd=0x802d0, nIndex=-12) returned 0
[0198.974] SetWindowLongW (hWnd=0x802d0, nIndex=-12, dwNewLong=525008) returned 0
[0198.974] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0198.975] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0198.975] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0198.976] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0198.976] GetWindowRect (in: hWnd=0x802d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0198.976] GetParent (hWnd=0x802d0) returned 0x15013e
[0198.976] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x15013e, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0198.977] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0198.977] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0198.977] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0198.977] GetWindowRect (in: hWnd=0x802d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0198.977] GetParent (hWnd=0x802d0) returned 0x15013e
[0198.977] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x15013e, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0198.977] SendMessageW (hWnd=0x802d0, Msg=0x2210, wParam=0x2d00001, lParam=0x802d0) returned 0x0
[0198.977] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x2210, wParam=0x2d00001, lParam=0x802d0) returned 0x0
[0198.977] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0198.978] GetParent (hWnd=0x802d0) returned 0x15013e
[0198.978] GdipCreateFromHWND (hwnd=0x802d0, graphics=0xd7e844) returned 0x0
[0198.978] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0198.979] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0198.979] GetForegroundWindow () returned 0x7005c
[0198.979] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.979] GetSystemMetrics (nIndex=42) returned 0
[0198.979] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0198.979] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0198.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0198.979] GetSystemMetrics (nIndex=42) returned 0
[0198.979] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0198.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0198.980] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.980] GetCursorPos (in: lpPoint=0x2d69eb0 | out: lpPoint=0x2d69eb0*(x=259, y=628)) returned 1
[0198.980] MonitorFromPoint (pt=0x103, dwFlags=0x274) returned 0x10001
[0198.980] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0198.981] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x280107f3
[0198.981] GetDeviceCaps (hdc=0x280107f3, index=12) returned 32
[0198.981] GetDeviceCaps (hdc=0x280107f3, index=14) returned 1
[0198.981] DeleteDC (hdc=0x280107f3) returned 1
[0198.981] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0198.981] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0198.981] GetSystemMetrics (nIndex=59) returned 1460
[0198.981] GetSystemMetrics (nIndex=60) returned 920
[0198.981] GetSystemMetrics (nIndex=34) returned 136
[0198.981] GetSystemMetrics (nIndex=35) returned 39
[0198.982] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.982] GetCursorPos (in: lpPoint=0x2d6a11c | out: lpPoint=0x2d6a11c*(x=259, y=628)) returned 1
[0198.982] MonitorFromPoint (pt=0x102, dwFlags=0x275) returned 0x10001
[0198.982] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0198.982] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x290107f3
[0198.982] GetDeviceCaps (hdc=0x290107f3, index=12) returned 32
[0198.982] GetDeviceCaps (hdc=0x290107f3, index=14) returned 1
[0198.982] DeleteDC (hdc=0x290107f3) returned 1
[0198.983] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0198.983] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0198.983] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0198.983] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0198.984] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d6a3b4 | out: piconinfo=0x2d6a3b4) returned 1
[0198.984] GetObjectW (in: h=0xae0507ec, c=24, pv=0x2d6a3d0 | out: pv=0x2d6a3d0) returned 24
[0198.984] GdipCreateBitmapFromHBITMAP (hbm=0xae0507ec, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0198.984] GdipGetImageWidth (image=0x664fad8, width=0xd7e750) returned 0x0
[0198.985] GdipGetImageHeight (image=0x664fad8, height=0xd7e748) returned 0x0
[0198.985] GdipGetImagePixelFormat (image=0x664fad8, format=0xd7e740) returned 0x0
[0198.985] GdipBitmapLockBits (bitmap=0x664fad8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d6a488) returned 0x0
[0198.985] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0198.985] GdipBitmapLockBits (bitmap=0x6651ef0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d6a4c0) returned 0x0
[0198.985] RtlMoveMemory (in: Destination=0x665ef48, Source=0x665ceb0, Length=0x80 | out: Destination=0x665ef48)
[0198.985] RtlMoveMemory (in: Destination=0x665efc8, Source=0x665ce30, Length=0x80 | out: Destination=0x665efc8)
[0198.985] RtlMoveMemory (in: Destination=0x665f048, Source=0x665cdb0, Length=0x80 | out: Destination=0x665f048)
[0198.985] RtlMoveMemory (in: Destination=0x665f0c8, Source=0x665cd30, Length=0x80 | out: Destination=0x665f0c8)
[0198.985] RtlMoveMemory (in: Destination=0x665f148, Source=0x665ccb0, Length=0x80 | out: Destination=0x665f148)
[0198.985] RtlMoveMemory (in: Destination=0x665f1c8, Source=0x665cc30, Length=0x80 | out: Destination=0x665f1c8)
[0198.985] RtlMoveMemory (in: Destination=0x665f248, Source=0x665cbb0, Length=0x80 | out: Destination=0x665f248)
[0198.985] RtlMoveMemory (in: Destination=0x665f2c8, Source=0x665cb30, Length=0x80 | out: Destination=0x665f2c8)
[0198.985] RtlMoveMemory (in: Destination=0x665f348, Source=0x665cab0, Length=0x80 | out: Destination=0x665f348)
[0198.985] RtlMoveMemory (in: Destination=0x665f3c8, Source=0x665ca30, Length=0x80 | out: Destination=0x665f3c8)
[0198.986] RtlMoveMemory (in: Destination=0x665f448, Source=0x665c9b0, Length=0x80 | out: Destination=0x665f448)
[0198.986] RtlMoveMemory (in: Destination=0x665f4c8, Source=0x665c930, Length=0x80 | out: Destination=0x665f4c8)
[0198.986] RtlMoveMemory (in: Destination=0x665f548, Source=0x665c8b0, Length=0x80 | out: Destination=0x665f548)
[0198.986] RtlMoveMemory (in: Destination=0x665f5c8, Source=0x665c830, Length=0x80 | out: Destination=0x665f5c8)
[0198.986] RtlMoveMemory (in: Destination=0x665f648, Source=0x665c7b0, Length=0x80 | out: Destination=0x665f648)
[0198.986] RtlMoveMemory (in: Destination=0x665f6c8, Source=0x665c730, Length=0x80 | out: Destination=0x665f6c8)
[0198.986] RtlMoveMemory (in: Destination=0x665f748, Source=0x665c6b0, Length=0x80 | out: Destination=0x665f748)
[0198.986] RtlMoveMemory (in: Destination=0x665f7c8, Source=0x665c630, Length=0x80 | out: Destination=0x665f7c8)
[0198.986] RtlMoveMemory (in: Destination=0x665f848, Source=0x665c5b0, Length=0x80 | out: Destination=0x665f848)
[0198.986] RtlMoveMemory (in: Destination=0x665f8c8, Source=0x665c530, Length=0x80 | out: Destination=0x665f8c8)
[0198.986] RtlMoveMemory (in: Destination=0x665f948, Source=0x665c4b0, Length=0x80 | out: Destination=0x665f948)
[0198.986] RtlMoveMemory (in: Destination=0x665f9c8, Source=0x665c430, Length=0x80 | out: Destination=0x665f9c8)
[0198.986] RtlMoveMemory (in: Destination=0x665fa48, Source=0x665c3b0, Length=0x80 | out: Destination=0x665fa48)
[0198.986] RtlMoveMemory (in: Destination=0x665fac8, Source=0x665c330, Length=0x80 | out: Destination=0x665fac8)
[0198.986] RtlMoveMemory (in: Destination=0x665fb48, Source=0x665c2b0, Length=0x80 | out: Destination=0x665fb48)
[0198.986] RtlMoveMemory (in: Destination=0x665fbc8, Source=0x665c230, Length=0x80 | out: Destination=0x665fbc8)
[0198.986] RtlMoveMemory (in: Destination=0x665fc48, Source=0x665c1b0, Length=0x80 | out: Destination=0x665fc48)
[0198.986] RtlMoveMemory (in: Destination=0x665fcc8, Source=0x665c130, Length=0x80 | out: Destination=0x665fcc8)
[0198.986] RtlMoveMemory (in: Destination=0x665fd48, Source=0x665c0b0, Length=0x80 | out: Destination=0x665fd48)
[0198.987] RtlMoveMemory (in: Destination=0x665fdc8, Source=0x665c030, Length=0x80 | out: Destination=0x665fdc8)
[0198.987] RtlMoveMemory (in: Destination=0x665fe48, Source=0x665bfb0, Length=0x80 | out: Destination=0x665fe48)
[0198.987] RtlMoveMemory (in: Destination=0x665fec8, Source=0x665bf30, Length=0x80 | out: Destination=0x665fec8)
[0198.987] GdipBitmapUnlockBits (bitmap=0x664fad8, lockedBitmapData=0x2d6a488) returned 0x0
[0198.987] GdipBitmapUnlockBits (bitmap=0x6651ef0, lockedBitmapData=0x2d6a4c0) returned 0x0
[0198.987] GdipDisposeImage (image=0x664fad8) returned 0x0
[0198.987] DeleteObject (ho=0xae0507ec) returned 1
[0198.987] DeleteObject (ho=0x2a0507f3) returned 1
[0198.987] GetCurrentThreadId () returned 0xf50
[0198.987] GetCurrentThreadId () returned 0xf50
[0198.987] SetWindowPos (hWnd=0x802d0, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0198.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0198.988] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0198.988] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0198.988] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0198.988] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0198.988] GetWindowRect (in: hWnd=0x802d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0198.988] GetParent (hWnd=0x802d0) returned 0x15013e
[0198.988] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x15013e, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0198.988] InvalidateRect (hWnd=0x802d0, lpRect=0x0, bErase=1) returned 1
[0198.988] GetWindowTextLengthW (hWnd=0x802d0) returned 0
[0198.988] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0198.988] GetSystemMetrics (nIndex=42) returned 0
[0198.988] GetWindowTextW (in: hWnd=0x802d0, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0198.988] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0198.989] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0198.989] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0198.989] GetWindowRect (in: hWnd=0x802d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0198.989] GetParent (hWnd=0x802d0) returned 0x15013e
[0198.989] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x15013e, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0198.989] GetWindowTextLengthW (hWnd=0x802d0) returned 0
[0198.989] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0198.989] GetSystemMetrics (nIndex=42) returned 0
[0198.989] GetWindowTextW (in: hWnd=0x802d0, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0198.989] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0198.989] GetWindowTextLengthW (hWnd=0x802d0) returned 0
[0198.989] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0198.989] GetSystemMetrics (nIndex=42) returned 0
[0198.989] GetWindowTextW (in: hWnd=0x802d0, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0198.989] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0198.989] SetWindowTextW (hWnd=0x802d0, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0198.989] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xc, wParam=0x0, lParam=0x2d4b31c) returned 0x1
[0198.990] InvalidateRect (hWnd=0x802d0, lpRect=0x0, bErase=1) returned 1
[0198.990] GetCurrentThreadId () returned 0xf50
[0198.990] GetWindowThreadProcessId (in: hWnd=0x802d0, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0198.990] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0198.991] GdipImageForceValidation (image=0x664fad8) returned 0x0
[0198.993] GdipGetImageRawFormat (image=0x664fad8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0198.993] GdipGetImageHeight (image=0x664fad8, height=0xd7e824) returned 0x0
[0198.993] GdipGetImageWidth (image=0x664fad8, width=0xd7e824) returned 0x0
[0198.993] GdipGetImageWidth (image=0x664fad8, width=0xd7e810) returned 0x0
[0198.993] GdipGetImageHeight (image=0x664fad8, height=0xd7e810) returned 0x0
[0198.993] GdipGetImageWidth (image=0x664fad8, width=0xd7e800) returned 0x0
[0198.993] GdipGetImageHeight (image=0x664fad8, height=0xd7e800) returned 0x0
[0198.993] GdipBitmapGetPixel (bitmap=0x664fad8, x=0, y=15, color=0xd7e810) returned 0x0
[0198.994] GdipGetImageRawFormat (image=0x664fad8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0198.994] GdipGetImageWidth (image=0x664fad8, width=0xd7e740) returned 0x0
[0198.994] GdipGetImageHeight (image=0x664fad8, height=0xd7e740) returned 0x0
[0198.994] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0198.994] GdipGetImagePixelFormat (image=0x6650b40, format=0xd7e740) returned 0x0
[0198.994] GdipGetImageGraphicsContext (image=0x6650b40, graphics=0xd7e74c) returned 0x0
[0198.994] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0198.994] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0198.994] GdipSetImageAttributesColorKeys (imageattr=0x6638b18, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0198.994] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664fad8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b18, callback=0x0, callbackData=0x0) returned 0x0
[0198.995] GdipDisposeImageAttributes (imageattr=0x6638b18) returned 0x0
[0198.995] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0198.995] GdipDisposeImage (image=0x664fad8) returned 0x0
[0198.995] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0198.996] GdipImageForceValidation (image=0x664ea70) returned 0x0
[0198.998] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0198.998] GdipGetImageHeight (image=0x664ea70, height=0xd7e824) returned 0x0
[0198.998] GdipGetImageWidth (image=0x664ea70, width=0xd7e824) returned 0x0
[0198.998] GdipGetImageWidth (image=0x664ea70, width=0xd7e810) returned 0x0
[0198.999] GdipGetImageHeight (image=0x664ea70, height=0xd7e810) returned 0x0
[0198.999] GdipGetImageWidth (image=0x664ea70, width=0xd7e800) returned 0x0
[0198.999] GdipGetImageHeight (image=0x664ea70, height=0xd7e800) returned 0x0
[0198.999] GdipBitmapGetPixel (bitmap=0x664ea70, x=0, y=15, color=0xd7e810) returned 0x0
[0198.999] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0198.999] GdipGetImageWidth (image=0x664ea70, width=0xd7e740) returned 0x0
[0198.999] GdipGetImageHeight (image=0x664ea70, height=0xd7e740) returned 0x0
[0198.999] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0198.999] GdipGetImagePixelFormat (image=0x6651860, format=0xd7e740) returned 0x0
[0198.999] GdipGetImageGraphicsContext (image=0x6651860, graphics=0xd7e74c) returned 0x0
[0198.999] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0198.999] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0198.999] GdipSetImageAttributesColorKeys (imageattr=0x6638cc8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0198.999] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664ea70, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cc8, callback=0x0, callbackData=0x0) returned 0x0
[0199.000] GdipDisposeImageAttributes (imageattr=0x6638cc8) returned 0x0
[0199.000] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.000] GdipDisposeImage (image=0x664ea70) returned 0x0
[0199.000] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.000] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0199.000] GetCurrentThreadId () returned 0xf50
[0199.001] GetCurrentThreadId () returned 0xf50
[0199.001] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.001] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0199.001] GetCurrentThreadId () returned 0xf50
[0199.001] GetCurrentThreadId () returned 0xf50
[0199.001] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.001] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0199.002] GetCurrentThreadId () returned 0xf50
[0199.002] GetCurrentThreadId () returned 0xf50
[0199.002] GetSystemMetrics (nIndex=5) returned 1
[0199.002] GetSystemMetrics (nIndex=6) returned 1
[0199.002] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.002] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0199.002] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.003] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0199.003] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.003] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0199.003] GetCurrentThreadId () returned 0xf50
[0199.003] GetCurrentThreadId () returned 0xf50
[0199.003] GetProcessWindowStation () returned 0x13c
[0199.003] GetCapture () returned 0x0
[0199.003] GetActiveWindow () returned 0x7005c
[0199.003] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0199.004] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.004] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0199.004] GetCursorPos (in: lpPoint=0x2d6b600 | out: lpPoint=0x2d6b600*(x=259, y=628)) returned 1
[0199.004] MonitorFromPoint (pt=0x103, dwFlags=0x274) returned 0x10001
[0199.004] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0199.004] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2b0107f3
[0199.004] GetDeviceCaps (hdc=0x2b0107f3, index=12) returned 32
[0199.004] GetDeviceCaps (hdc=0x2b0107f3, index=14) returned 1
[0199.004] DeleteDC (hdc=0x2b0107f3) returned 1
[0199.005] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0199.005] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0199.005] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1600ea
[0199.006] SetWindowLongW (hWnd=0x1600ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0199.006] GetWindowLongW (hWnd=0x1600ea, nIndex=-4) returned 1950089536
[0199.006] SetWindowLongW (hWnd=0x1600ea, nIndex=-4, dwNewLong=19945142) returned 1950089536
[0199.007] GetWindowLongW (hWnd=0x1600ea, nIndex=-4) returned 19945142
[0199.007] GetWindowLongW (hWnd=0x1600ea, nIndex=-16) returned 113770496
[0199.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0199.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0199.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0199.009] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0199.009] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0199.010] SetWindowTextW (hWnd=0x1600ea, lpString="BB ransomware") returned 1
[0199.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xc, wParam=0x0, lParam=0x2d69d9c) returned 0x1
[0199.011] GetStartupInfoW (in: lpStartupInfo=0x2d6b93c | out: lpStartupInfo=0x2d6b93c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0199.014] GetParent (hWnd=0x1600ea) returned 0x0
[0199.014] SetWindowLongW (hWnd=0x1600ea, nIndex=-8, dwNewLong=0) returned 0
[0199.016] SendMessageW (hWnd=0x1600ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0199.016] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0199.016] SendMessageW (hWnd=0x1600ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0199.016] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0199.016] GetSystemMenu (hWnd=0x1600ea, bRevert=0) returned 0x270113
[0199.017] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0199.017] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0199.017] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0199.017] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0199.017] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0199.017] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0199.017] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0199.017] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0199.017] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0199.017] SetWindowPos (hWnd=0x1600ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0199.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0199.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1600ea) returned 0x1
[0199.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0199.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0199.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1600ea, lParam=0x0) returned 0x0
[0199.025] GetCapture () returned 0x0
[0199.025] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0199.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0199.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0199.034] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0199.034] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0199.035] GetParent (hWnd=0x1600ea) returned 0x0
[0199.035] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0199.038] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0199.038] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0199.038] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0199.038] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0199.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.040] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.041] GetWindowLongW (hWnd=0x1600ea, nIndex=-16) returned 113770496
[0199.041] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.041] GetSystemMetrics (nIndex=42) returned 0
[0199.041] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0199.041] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.041] GetSystemMetrics (nIndex=42) returned 0
[0199.041] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0199.041] GetCursorPos (in: lpPoint=0x2d6bb78 | out: lpPoint=0x2d6bb78*(x=259, y=628)) returned 1
[0199.041] MonitorFromPoint (pt=0x103, dwFlags=0x274) returned 0x10001
[0199.041] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0199.041] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x440107f1
[0199.042] GetDeviceCaps (hdc=0x440107f1, index=12) returned 32
[0199.042] GetDeviceCaps (hdc=0x440107f1, index=14) returned 1
[0199.042] DeleteDC (hdc=0x440107f1) returned 1
[0199.042] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0199.042] GetWindowLongW (hWnd=0x1600ea, nIndex=-16) returned 113770496
[0199.042] GetWindowLongW (hWnd=0x1600ea, nIndex=-20) returned 327945
[0199.042] SetWindowLongW (hWnd=0x1600ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0199.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0199.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0199.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.053] SetWindowLongW (hWnd=0x1600ea, nIndex=-20, dwNewLong=327681) returned 327945
[0199.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0199.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0199.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.057] SetWindowPos (hWnd=0x1600ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0199.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0199.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0199.058] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0199.058] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0199.058] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0199.058] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0199.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.060] RedrawWindow (hWnd=0x1600ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0199.060] GetSystemMenu (hWnd=0x1600ea, bRevert=0) returned 0x270113
[0199.060] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0199.061] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0199.061] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0199.061] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0199.061] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0199.061] EnableMenuItem (hMenu=0x270113, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0199.061] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0199.061] GetWindowLongW (hWnd=0x1600ea, nIndex=-8) returned 0
[0199.061] SetWindowLongW (hWnd=0x1600ea, nIndex=-8, dwNewLong=458844) returned 0
[0199.062] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0199.062] GetProcessWindowStation () returned 0x13c
[0199.062] GetCurrentThreadId () returned 0xf50
[0199.063] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130572e, lParam=0x0) returned 1
[0199.063] IsWindowVisible (hWnd=0x1600ea) returned 0
[0199.063] IsWindowVisible (hWnd=0x7005c) returned 1
[0199.063] IsWindowEnabled (hWnd=0x7005c) returned 1
[0199.063] IsWindowVisible (hWnd=0x300ec) returned 0
[0199.063] IsWindowVisible (hWnd=0x502c6) returned 0
[0199.063] IsWindowVisible (hWnd=0x502be) returned 0
[0199.063] GetActiveWindow () returned 0x1600ea
[0199.063] GetFocus () returned 0x1600ea
[0199.063] IsWindow (hWnd=0x7005c) returned 1
[0199.063] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0199.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0199.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0199.064] GetWindowLongW (hWnd=0x1600ea, nIndex=-8) returned 458844
[0199.064] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0199.064] GetCurrentThreadId () returned 0xf50
[0199.064] GetWindowLongW (hWnd=0x1600ea, nIndex=-8) returned 458844
[0199.064] IsWindowEnabled (hWnd=0x7005c) returned 0
[0199.064] IsWindowEnabled (hWnd=0x1600ea) returned 1
[0199.064] ShowWindow (hWnd=0x1600ea, nCmdShow=5) returned 0
[0199.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0199.065] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0199.065] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.066] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0199.066] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1600ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902ce
[0199.066] SetWindowLongW (hWnd=0x902ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0199.066] GetWindowLongW (hWnd=0x902ce, nIndex=-4) returned 1950089536
[0199.066] SetWindowLongW (hWnd=0x902ce, nIndex=-4, dwNewLong=19945022) returned 1950089536
[0199.067] GetWindowLongW (hWnd=0x902ce, nIndex=-4) returned 19945022
[0199.067] GetWindowLongW (hWnd=0x902ce, nIndex=-16) returned 1174405120
[0199.067] GetWindowLongW (hWnd=0x902ce, nIndex=-12) returned 0
[0199.067] SetWindowLongW (hWnd=0x902ce, nIndex=-12, dwNewLong=590542) returned 0
[0199.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0199.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0199.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0199.068] GetWindow (hWnd=0x902ce, uCmd=0x3) returned 0x0
[0199.068] GetClientRect (in: hWnd=0x902ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0199.068] GetWindowRect (in: hWnd=0x902ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0199.068] GetParent (hWnd=0x902ce) returned 0x1600ea
[0199.068] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0199.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0199.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0199.069] GetClientRect (in: hWnd=0x902ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0199.069] GetWindowRect (in: hWnd=0x902ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0199.069] GetParent (hWnd=0x902ce) returned 0x1600ea
[0199.069] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0199.069] SendMessageW (hWnd=0x902ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x902ce) returned 0x0
[0199.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x902ce) returned 0x0
[0199.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0199.069] GetParent (hWnd=0x902ce) returned 0x1600ea
[0199.069] GetParent (hWnd=0x802d0) returned 0x15013e
[0199.069] SetParent (hWndChild=0x802d0, hWndNewParent=0x1600ea) returned 0x15013e
[0199.069] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0199.070] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0199.070] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0199.071] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0199.071] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0199.071] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0199.071] GetWindowRect (in: hWnd=0x802d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0199.071] GetParent (hWnd=0x802d0) returned 0x1600ea
[0199.071] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0199.071] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0199.071] GetWindowRect (in: hWnd=0x802d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0199.071] GetParent (hWnd=0x802d0) returned 0x1600ea
[0199.071] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0199.071] GetParent (hWnd=0x802d0) returned 0x1600ea
[0199.071] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0199.071] GetWindow (hWnd=0x802d0, uCmd=0x3) returned 0x0
[0199.071] SetWindowPos (hWnd=0x802d0, hWndInsertAfter=0x902ce, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0199.071] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0199.072] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0199.072] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0199.072] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0199.072] GetWindowRect (in: hWnd=0x802d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0199.072] GetParent (hWnd=0x802d0) returned 0x1600ea
[0199.072] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0199.072] GetParent (hWnd=0x802d0) returned 0x1600ea
[0199.072] GetWindow (hWnd=0x802d0, uCmd=0x3) returned 0x902ce
[0199.073] GetWindowThreadProcessId (in: hWnd=0x802d0, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0199.073] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0199.073] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.073] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0199.073] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1600ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1302de
[0199.074] SetWindowLongW (hWnd=0x1302de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0199.074] GetWindowLongW (hWnd=0x1302de, nIndex=-4) returned 1868032000
[0199.074] SetWindowLongW (hWnd=0x1302de, nIndex=-4, dwNewLong=19945382) returned 1868032000
[0199.074] GetWindowLongW (hWnd=0x1302de, nIndex=-4) returned 19945382
[0199.074] GetWindowLongW (hWnd=0x1302de, nIndex=-16) returned 1174470667
[0199.074] GetWindowLongW (hWnd=0x1302de, nIndex=-12) returned 0
[0199.074] SetWindowLongW (hWnd=0x1302de, nIndex=-12, dwNewLong=1245918) returned 0
[0199.075] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0199.076] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0199.076] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0199.078] SendMessageW (hWnd=0x1302de, Msg=0x2055, wParam=0x1302de, lParam=0x3) returned 0x2
[0199.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0199.078] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0199.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0199.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0199.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0199.078] RedrawWindow (hWnd=0x902ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0199.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0199.079] RedrawWindow (hWnd=0x802d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0199.079] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0199.079] RedrawWindow (hWnd=0x1302de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0199.079] RedrawWindow (hWnd=0x1600ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0199.079] GetWindow (hWnd=0x1302de, uCmd=0x3) returned 0x802d0
[0199.079] GetClientRect (in: hWnd=0x1302de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0199.079] GetWindowRect (in: hWnd=0x1302de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0199.079] GetParent (hWnd=0x1302de) returned 0x1600ea
[0199.079] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0199.080] SetWindowTextW (hWnd=0x1302de, lpString="&Details") returned 1
[0199.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0199.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0199.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0199.080] GetClientRect (in: hWnd=0x1302de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0199.080] GetWindowRect (in: hWnd=0x1302de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0199.080] GetParent (hWnd=0x1302de) returned 0x1600ea
[0199.080] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0199.081] SendMessageW (hWnd=0x1302de, Msg=0x2210, wParam=0x2de0001, lParam=0x1302de) returned 0x0
[0199.081] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x2210, wParam=0x2de0001, lParam=0x1302de) returned 0x0
[0199.081] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0199.081] GetParent (hWnd=0x1302de) returned 0x1600ea
[0199.081] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0199.082] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.082] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0199.082] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1600ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1502d8
[0199.083] SetWindowLongW (hWnd=0x1502d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0199.083] GetWindowLongW (hWnd=0x1502d8, nIndex=-4) returned 1868032000
[0199.083] SetWindowLongW (hWnd=0x1502d8, nIndex=-4, dwNewLong=19945422) returned 1868032000
[0199.083] GetWindowLongW (hWnd=0x1502d8, nIndex=-4) returned 19945422
[0199.083] GetWindowLongW (hWnd=0x1502d8, nIndex=-16) returned 1174470667
[0199.083] GetWindowLongW (hWnd=0x1502d8, nIndex=-12) returned 0
[0199.083] SetWindowLongW (hWnd=0x1502d8, nIndex=-12, dwNewLong=1376984) returned 0
[0199.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0199.084] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0199.084] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0199.085] SendMessageW (hWnd=0x1502d8, Msg=0x2055, wParam=0x1502d8, lParam=0x3) returned 0x2
[0199.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0199.085] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0199.085] GetWindow (hWnd=0x1502d8, uCmd=0x3) returned 0x1302de
[0199.085] GetClientRect (in: hWnd=0x1502d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0199.085] GetWindowRect (in: hWnd=0x1502d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0199.086] GetParent (hWnd=0x1502d8) returned 0x1600ea
[0199.086] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0199.086] SetWindowTextW (hWnd=0x1502d8, lpString="&Continue") returned 1
[0199.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0199.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0199.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0199.087] GetClientRect (in: hWnd=0x1502d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0199.087] GetWindowRect (in: hWnd=0x1502d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0199.087] GetParent (hWnd=0x1502d8) returned 0x1600ea
[0199.087] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0199.087] SendMessageW (hWnd=0x1502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1502d8) returned 0x0
[0199.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1502d8) returned 0x0
[0199.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0199.087] GetParent (hWnd=0x1502d8) returned 0x1600ea
[0199.087] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0199.088] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.088] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0199.088] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1600ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1302dc
[0199.089] SetWindowLongW (hWnd=0x1302dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0199.089] GetWindowLongW (hWnd=0x1302dc, nIndex=-4) returned 1868032000
[0199.089] SetWindowLongW (hWnd=0x1302dc, nIndex=-4, dwNewLong=19945742) returned 1868032000
[0199.089] GetWindowLongW (hWnd=0x1302dc, nIndex=-4) returned 19945742
[0199.089] GetWindowLongW (hWnd=0x1302dc, nIndex=-16) returned 1174470667
[0199.089] GetWindowLongW (hWnd=0x1302dc, nIndex=-12) returned 0
[0199.089] SetWindowLongW (hWnd=0x1302dc, nIndex=-12, dwNewLong=1245916) returned 0
[0199.089] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0199.090] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0199.090] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0199.092] SendMessageW (hWnd=0x1302dc, Msg=0x2055, wParam=0x1302dc, lParam=0x3) returned 0x2
[0199.092] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0199.092] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0199.092] GetWindow (hWnd=0x1302dc, uCmd=0x3) returned 0x1502d8
[0199.092] GetClientRect (in: hWnd=0x1302dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0199.092] GetWindowRect (in: hWnd=0x1302dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0199.092] GetParent (hWnd=0x1302dc) returned 0x1600ea
[0199.092] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0199.092] SetWindowTextW (hWnd=0x1302dc, lpString="&Quit") returned 1
[0199.092] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0199.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0199.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0199.093] GetClientRect (in: hWnd=0x1302dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0199.093] GetWindowRect (in: hWnd=0x1302dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0199.093] GetParent (hWnd=0x1302dc) returned 0x1600ea
[0199.093] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0199.093] SendMessageW (hWnd=0x1302dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1302dc) returned 0x0
[0199.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1302dc) returned 0x0
[0199.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0199.094] GetParent (hWnd=0x1302dc) returned 0x1600ea
[0199.094] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0199.095] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.095] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0199.095] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1600ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1302da
[0199.095] SetWindowLongW (hWnd=0x1302da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0199.096] GetWindowLongW (hWnd=0x1302da, nIndex=-4) returned 1868026976
[0199.096] SetWindowLongW (hWnd=0x1302da, nIndex=-4, dwNewLong=19945462) returned 1868026976
[0199.096] GetWindowLongW (hWnd=0x1302da, nIndex=-4) returned 19945462
[0199.096] GetWindowLongW (hWnd=0x1302da, nIndex=-16) returned 1177553092
[0199.096] GetWindowLongW (hWnd=0x1302da, nIndex=-12) returned 0
[0199.096] SetWindowLongW (hWnd=0x1302da, nIndex=-12, dwNewLong=1245914) returned 0
[0199.096] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0199.097] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0199.098] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0199.114] GetWindow (hWnd=0x1302da, uCmd=0x3) returned 0x1302dc
[0199.114] GetClientRect (in: hWnd=0x1302da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0199.114] GetWindowRect (in: hWnd=0x1302da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0199.114] GetParent (hWnd=0x1302da) returned 0x1600ea
[0199.114] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0199.114] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.114] GetSystemMetrics (nIndex=42) returned 0
[0199.114] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0199.114] SendMessageW (hWnd=0x1302da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0199.115] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0199.119] SetWindowTextW (hWnd=0x1302da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0199.119] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0xc, wParam=0x0, lParam=0x2d67784) returned 0x1
[0199.121] GetSystemMetrics (nIndex=5) returned 1
[0199.121] GetSystemMetrics (nIndex=6) returned 1
[0199.121] SendMessageW (hWnd=0x1302da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0199.121] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0199.122] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0199.122] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0199.122] GetClientRect (in: hWnd=0x1302da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0199.123] GetWindowRect (in: hWnd=0x1302da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0199.123] GetParent (hWnd=0x1302da) returned 0x1600ea
[0199.123] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1600ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0199.123] SendMessageW (hWnd=0x1302da, Msg=0x2210, wParam=0x2da0001, lParam=0x1302da) returned 0x0
[0199.123] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x2210, wParam=0x2da0001, lParam=0x1302da) returned 0x0
[0199.123] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0199.123] GetParent (hWnd=0x1302da) returned 0x1600ea
[0199.123] GetWindowLongW (hWnd=0x1600ea, nIndex=-8) returned 458844
[0199.123] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0199.123] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0199.123] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x4b0107f1
[0199.123] GetDeviceCaps (hdc=0x4b0107f1, index=12) returned 32
[0199.123] GetDeviceCaps (hdc=0x4b0107f1, index=14) returned 1
[0199.124] DeleteDC (hdc=0x4b0107f1) returned 1
[0199.124] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0199.124] GetWindowThreadProcessId (in: hWnd=0x1600ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0199.124] GetCurrentThreadId () returned 0xf50
[0199.124] PostMessageW (hWnd=0x1600ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0199.124] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.124] GetSystemMetrics (nIndex=42) returned 0
[0199.124] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0199.124] GdipImageGetFrameDimensionsCount (image=0x6651ef0, count=0xd7e25c) returned 0x0
[0199.124] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7fb8
[0199.124] GdipImageGetFrameDimensionsList (image=0x6651ef0, dimensionIDs=0x11f7fb8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x4, [1]=0x30, [2]=0x0, [3]=0x34, [4]=0x61, [5]=0x24, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0199.124] LocalFree (hMem=0x11f7fb8) returned 0x0
[0199.124] GdipImageGetFrameDimensionsCount (image=0x6650b40, count=0xd7e250) returned 0x0
[0199.124] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f7d90
[0199.125] GdipImageGetFrameDimensionsList (image=0x6650b40, dimensionIDs=0x11f7d90*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0199.125] LocalFree (hMem=0x11f7d90) returned 0x0
[0199.125] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0199.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0199.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0199.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0199.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.142] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0199.142] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0199.142] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.142] GetSystemMetrics (nIndex=42) returned 0
[0199.142] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0199.142] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0199.142] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0199.142] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0199.142] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0xffffffff9f050803
[0199.143] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0199.143] SaveDC (hdc=0x10105d6) returned 1
[0199.143] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0199.143] CreateSolidBrush (color=0xf0f0f0) returned 0xe41007e1
[0199.143] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0xe41007e1) returned 1
[0199.143] DeleteObject (ho=0xe41007e1) returned 1
[0199.143] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0199.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0199.144] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0199.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0199.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0199.144] GetStockObject (i=5) returned 0x900015
[0199.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0199.145] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0199.145] GetStockObject (i=5) returned 0x900015
[0199.145] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0199.145] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0199.145] GetStockObject (i=5) returned 0x900015
[0199.145] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0199.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0199.146] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0199.146] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0199.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0199.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0199.148] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0199.148] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0199.148] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.148] InvalidateRect (hWnd=0x1302de, lpRect=0x0, bErase=0) returned 1
[0199.148] GetFocus () returned 0x1600ea
[0199.148] GetFocus () returned 0x1600ea
[0199.148] SetFocus (hWnd=0x1302de) returned 0x1600ea
[0199.149] GetFocus () returned 0x1302de
[0199.149] IsChild (hWndParent=0x1600ea, hWnd=0x1302de) returned 1
[0199.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x8, wParam=0x1302de, lParam=0x0) returned 0x0
[0199.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0199.154] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0199.155] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.156] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x7, wParam=0x1600ea, lParam=0x0) returned 0x0
[0199.156] GetStockObject (i=5) returned 0x900015
[0199.156] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0199.156] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0199.156] GetDlgItem (hDlg=0x1600ea, nIDDlgItem=1245918) returned 0x1302de
[0199.156] SendMessageW (hWnd=0x1302de, Msg=0x202b, wParam=0x1302de, lParam=0xd7e0dc) returned 0x0
[0199.156] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x202b, wParam=0x1302de, lParam=0xd7e0dc) returned 0x0
[0199.156] InvalidateRect (hWnd=0x1302de, lpRect=0x0, bErase=0) returned 1
[0199.159] GetFocus () returned 0x1302de
[0199.159] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.159] IsWindowUnicode (hWnd=0x1600ea) returned 1
[0199.159] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.159] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.159] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0199.159] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.159] IsWindowUnicode (hWnd=0x1600ea) returned 1
[0199.159] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.159] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.159] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.159] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0199.160] IsWindowUnicode (hWnd=0x1600ea) returned 1
[0199.160] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.160] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.160] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.160] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.160] IsWindowUnicode (hWnd=0x602c4) returned 1
[0199.160] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.161] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.161] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0199.161] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0199.161] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.162] IsWindowUnicode (hWnd=0x1600ea) returned 1
[0199.162] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.164] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.164] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.164] BeginPaint (in: hWnd=0x1600ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0199.164] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.164] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.164] GetSystemMetrics (nIndex=42) returned 0
[0199.164] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0199.164] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.164] EndPaint (hWnd=0x1600ea, lpPaint=0xd7e274) returned 1
[0199.165] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.165] IsWindowUnicode (hWnd=0x1502d8) returned 1
[0199.165] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.165] SetCursor (hCursor=0x10003) returned 0x10003
[0199.165] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.165] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.165] _TrackMouseEvent (in: lpEventTrack=0x2d6cf88 | out: lpEventTrack=0x2d6cf88) returned 1
[0199.165] SendMessageW (hWnd=0x1502d8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0199.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0199.166] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.166] GetKeyState (nVirtKey=1) returned 0
[0199.166] GetKeyState (nVirtKey=2) returned 0
[0199.166] GetKeyState (nVirtKey=4) returned 0
[0199.166] GetKeyState (nVirtKey=5) returned 0
[0199.166] GetKeyState (nVirtKey=6) returned 0
[0199.166] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.166] IsWindowUnicode (hWnd=0x902ce) returned 1
[0199.166] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.166] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.166] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.166] BeginPaint (in: hWnd=0x902ce, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0199.166] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.166] CreateCompatibleDC (hdc=0xc0107c5) returned 0xb10107a2
[0199.167] SelectObject (hdc=0xb10107a2, h=0x4a0507fe) returned 0x85000f
[0199.167] GdipCreateFromHDC (hdc=0xb10107a2, graphics=0xd7e2b0) returned 0x0
[0199.167] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.167] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0199.167] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0199.167] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0199.167] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e310) returned 0x0
[0199.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.167] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0199.167] LocalFree (hMem=0x11ee788) returned 0x0
[0199.167] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0199.167] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0199.167] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.167] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0199.168] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0199.168] GetWindowTextLengthW (hWnd=0x902ce) returned 0
[0199.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0199.168] GetSystemMetrics (nIndex=42) returned 0
[0199.168] GetWindowTextW (in: hWnd=0x902ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0199.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0199.168] GetClientRect (in: hWnd=0x902ce, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0199.168] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0199.168] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0199.168] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0199.168] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0199.168] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e164) returned 0x0
[0199.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0199.168] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0199.168] LocalFree (hMem=0x11ee9f0) returned 0x0
[0199.168] GdipCombineRegionRegion (region=0x6646688, region2=0x66464d8, combineMode=0x1) returned 0x0
[0199.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0199.168] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0199.169] LocalFree (hMem=0x11ee8d8) returned 0x0
[0199.169] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0199.174] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0199.174] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0199.174] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0199.174] GdipDeleteRegion (region=0x6646688) returned 0x0
[0199.175] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0199.175] GetCurrentObject (hdc=0xb10107a2, type=0x1) returned 0xb00017
[0199.175] GetCurrentObject (hdc=0xb10107a2, type=0x2) returned 0x900010
[0199.175] GetCurrentObject (hdc=0xb10107a2, type=0x7) returned 0x4a0507fe
[0199.175] GetCurrentObject (hdc=0xb10107a2, type=0x6) returned 0x8a01c2
[0199.175] SaveDC (hdc=0xb10107a2) returned 1
[0199.175] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c0407de
[0199.175] GetClipRgn (hdc=0xb10107a2, hrgn=0x7c0407de) returned 0
[0199.175] SelectClipRgn (hdc=0xb10107a2, hrgn=0xed040807) returned 2
[0199.175] DeleteObject (ho=0x7c0407de) returned 1
[0199.175] DeleteObject (ho=0xed040807) returned 1
[0199.175] OffsetViewportOrgEx (in: hdc=0xb10107a2, x=0, y=0, lppt=0x2d6d33c | out: lppt=0x2d6d33c) returned 1
[0199.175] GetNearestColor (hdc=0xb10107a2, color=0xf0f0f0) returned 0xf0f0f0
[0199.175] CreateSolidBrush (color=0xf0f0f0) returned 0xe51007e1
[0199.175] FillRect (hDC=0xb10107a2, lprc=0xd7e198, hbr=0xe51007e1) returned 1
[0199.176] DeleteObject (ho=0xe51007e1) returned 1
[0199.176] RestoreDC (hdc=0xb10107a2, nSavedDC=-1) returned 1
[0199.176] GdipReleaseDC (graphics=0x6600030, hdc=0xb10107a2) returned 0x0
[0199.176] GdipRestoreGraphics (graphics=0x6600030, state=0xfadc0dbd) returned 0x0
[0199.176] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.176] GetWindowTextLengthW (hWnd=0x902ce) returned 0
[0199.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0199.176] GetSystemMetrics (nIndex=42) returned 0
[0199.176] GetWindowTextW (in: hWnd=0x902ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0199.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0199.176] GdipGetImageWidth (image=0x6651ef0, width=0xd7e1e0) returned 0x0
[0199.176] GdipGetImageHeight (image=0x6651ef0, height=0xd7e1e0) returned 0x0
[0199.176] GdipGetImageWidth (image=0x6651ef0, width=0xd7e1cc) returned 0x0
[0199.176] GdipGetImageHeight (image=0x6651ef0, height=0xd7e1cc) returned 0x0
[0199.176] GdipDrawImageRectI (graphics=0x6600030, image=0x6651ef0, x=16, y=16, width=32, height=32) returned 0x0
[0199.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0199.177] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0xb10107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.177] GdipReleaseDC (graphics=0x6600030, hdc=0xb10107a2) returned 0x0
[0199.177] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.177] SelectObject (hdc=0xb10107a2, h=0x85000f) returned 0x4a0507fe
[0199.177] DeleteDC (hdc=0xb10107a2) returned 1
[0199.177] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.177] EndPaint (hWnd=0x902ce, lpPaint=0xd7e294) returned 1
[0199.177] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.178] IsWindowUnicode (hWnd=0x802d0) returned 1
[0199.178] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.178] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.178] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.178] BeginPaint (in: hWnd=0x802d0, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0199.178] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.178] CreateCompatibleDC (hdc=0x10105d6) returned 0xb30107a2
[0199.178] GetObjectType (h=0x10105d6) returned 0x3
[0199.178] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0x570507f1
[0199.178] GetDIBits (in: hdc=0x10105d6, hbm=0x570507f1, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0199.179] GetDIBits (in: hdc=0x10105d6, hbm=0x570507f1, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0199.179] DeleteObject (ho=0x570507f1) returned 1
[0199.179] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xc50507c6
[0199.179] SelectObject (hdc=0xb30107a2, h=0xc50507c6) returned 0x85000f
[0199.179] GdipCreateFromHDC (hdc=0xb30107a2, graphics=0xd7e234) returned 0x0
[0199.179] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.179] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0199.180] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0199.180] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0199.180] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2d4) returned 0x0
[0199.180] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0199.180] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0199.180] LocalFree (hMem=0x11ee8d8) returned 0x0
[0199.180] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0199.180] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0199.180] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0199.180] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0199.180] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0199.180] GetWindowTextLengthW (hWnd=0x802d0) returned 232
[0199.180] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0199.180] GetSystemMetrics (nIndex=42) returned 0
[0199.180] GetWindowTextW (in: hWnd=0x802d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0199.180] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0199.181] GetClientRect (in: hWnd=0x802d0, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0199.181] GdipCreateRegion (region=0xd7e110) returned 0x0
[0199.181] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.181] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0199.181] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0199.181] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e128) returned 0x0
[0199.181] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.181] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0199.181] LocalFree (hMem=0x11eec58) returned 0x0
[0199.181] GdipCombineRegionRegion (region=0x66464d8, region2=0x6646c28, combineMode=0x1) returned 0x0
[0199.181] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.181] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0199.181] LocalFree (hMem=0x11ee788) returned 0x0
[0199.181] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0199.181] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0199.181] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0199.181] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0199.182] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.182] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0199.182] GetCurrentObject (hdc=0xb30107a2, type=0x1) returned 0xb00017
[0199.182] GetCurrentObject (hdc=0xb30107a2, type=0x2) returned 0x900010
[0199.182] GetCurrentObject (hdc=0xb30107a2, type=0x7) returned 0xffffffffc50507c6
[0199.182] GetCurrentObject (hdc=0xb30107a2, type=0x6) returned 0x8a01c2
[0199.182] SaveDC (hdc=0xb30107a2) returned 1
[0199.182] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xee040807
[0199.182] GetClipRgn (hdc=0xb30107a2, hrgn=0xee040807) returned 0
[0199.182] SelectClipRgn (hdc=0xb30107a2, hrgn=0x7d0407de) returned 2
[0199.182] DeleteObject (ho=0xee040807) returned 1
[0199.182] DeleteObject (ho=0x7d0407de) returned 1
[0199.182] OffsetViewportOrgEx (in: hdc=0xb30107a2, x=0, y=0, lppt=0x2d6ed04 | out: lppt=0x2d6ed04) returned 1
[0199.183] GetNearestColor (hdc=0xb30107a2, color=0xf0f0f0) returned 0xf0f0f0
[0199.183] CreateSolidBrush (color=0xf0f0f0) returned 0xe61007e1
[0199.183] FillRect (hDC=0xb30107a2, lprc=0xd7e15c, hbr=0xe61007e1) returned 1
[0199.191] DeleteObject (ho=0xe61007e1) returned 1
[0199.191] RestoreDC (hdc=0xb30107a2, nSavedDC=-1) returned 1
[0199.191] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a2) returned 0x0
[0199.191] GdipRestoreGraphics (graphics=0x6600030, state=0xfada0dbd) returned 0x0
[0199.191] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0199.191] GetWindowTextLengthW (hWnd=0x802d0) returned 232
[0199.191] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0199.191] GetSystemMetrics (nIndex=42) returned 0
[0199.191] GetWindowTextW (in: hWnd=0x802d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0199.191] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0199.191] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0199.191] GetCurrentObject (hdc=0xb30107a2, type=0x1) returned 0xb00017
[0199.192] GetCurrentObject (hdc=0xb30107a2, type=0x2) returned 0x900010
[0199.192] GetCurrentObject (hdc=0xb30107a2, type=0x7) returned 0xffffffffc50507c6
[0199.192] GetCurrentObject (hdc=0xb30107a2, type=0x6) returned 0x8a01c2
[0199.192] SaveDC (hdc=0xb30107a2) returned 1
[0199.192] GetNearestColor (hdc=0xb30107a2, color=0x0) returned 0x0
[0199.192] RestoreDC (hdc=0xb30107a2, nSavedDC=-1) returned 1
[0199.192] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a2) returned 0x0
[0199.193] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0199.193] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0199.193] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d6f500 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0199.193] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0199.193] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0199.194] GetCurrentObject (hdc=0xb30107a2, type=0x1) returned 0xb00017
[0199.194] GetCurrentObject (hdc=0xb30107a2, type=0x2) returned 0x900010
[0199.194] GetCurrentObject (hdc=0xb30107a2, type=0x7) returned 0xffffffffc50507c6
[0199.194] GetCurrentObject (hdc=0xb30107a2, type=0x6) returned 0x8a01c2
[0199.194] SaveDC (hdc=0xb30107a2) returned 1
[0199.194] GetTextAlign (hdc=0xb30107a2) returned 0x0
[0199.194] GetTextColor (hdc=0xb30107a2) returned 0x0
[0199.194] GetCurrentObject (hdc=0xb30107a2, type=0x6) returned 0x8a01c2
[0199.194] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0199.194] SelectObject (hdc=0xb30107a2, h=0x6d0a0520) returned 0x8a01c2
[0199.194] GetBkMode (hdc=0xb30107a2) returned 2
[0199.194] SetBkMode (hdc=0xb30107a2, mode=1) returned 2
[0199.195] DrawTextExW (in: hdc=0xb30107a2, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d6f724 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0199.198] RestoreDC (hdc=0xb30107a2, nSavedDC=-1) returned 1
[0199.198] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a2) returned 0x0
[0199.198] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0199.199] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xb30107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.199] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a2) returned 0x0
[0199.199] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.199] SelectObject (hdc=0xb30107a2, h=0x85000f) returned 0xc50507c6
[0199.199] DeleteDC (hdc=0xb30107a2) returned 1
[0199.199] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.199] DeleteObject (ho=0xc50507c6) returned 1
[0199.238] EndPaint (hWnd=0x802d0, lpPaint=0xd7e258) returned 1
[0199.238] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0199.239] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.239] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0199.240] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.240] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.241] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0199.242] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.242] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.242] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.242] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.242] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.243] IsWindowUnicode (hWnd=0x1302de) returned 1
[0199.243] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.243] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.243] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.244] BeginPaint (in: hWnd=0x1302de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0199.244] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.244] CreateCompatibleDC (hdc=0xf0105ee) returned 0xb00107f4
[0199.244] SelectObject (hdc=0xb00107f4, h=0x4a0507fe) returned 0x85000f
[0199.244] GdipCreateFromHDC (hdc=0xb00107f4, graphics=0xd7e268) returned 0x0
[0199.244] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.244] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0199.244] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0199.244] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0199.244] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0199.245] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.245] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0199.245] LocalFree (hMem=0x11eec58) returned 0x0
[0199.245] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0199.245] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0199.245] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.245] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0199.245] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0199.245] GdipRestoreGraphics (graphics=0x6600030, state=0xfad80dbd) returned 0x0
[0199.245] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0199.245] GetCurrentObject (hdc=0xb00107f4, type=0x1) returned 0xb00017
[0199.245] GetCurrentObject (hdc=0xb00107f4, type=0x2) returned 0x900010
[0199.245] GetCurrentObject (hdc=0xb00107f4, type=0x7) returned 0x4a0507fe
[0199.246] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.246] SaveDC (hdc=0xb00107f4) returned 1
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0xa0a0a0) returned 0xa0a0a0
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0x696969) returned 0x696969
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0xa0a0a0) returned 0xa0a0a0
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0x0) returned 0x0
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0xffffff) returned 0xffffff
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0xe5e5e5) returned 0xe5e5e5
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0xd7d7d7) returned 0xd7d7d7
[0199.246] GetNearestColor (hdc=0xb00107f4, color=0x0) returned 0x0
[0199.246] RestoreDC (hdc=0xb00107f4, nSavedDC=-1) returned 1
[0199.247] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107f4) returned 0x0
[0199.247] IsAppThemed () returned 0x1
[0199.254] GetThemeAppProperties () returned 0x3
[0199.254] GetThemeAppProperties () returned 0x3
[0199.254] GdipGetImageWidth (image=0x6650b40, width=0xd7e168) returned 0x0
[0199.254] GdipGetImageHeight (image=0x6650b40, height=0xd7e168) returned 0x0
[0199.254] IsAppThemed () returned 0x1
[0199.254] GetThemeAppProperties () returned 0x3
[0199.254] GetThemeAppProperties () returned 0x3
[0199.255] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d6fe74 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0199.255] IsAppThemed () returned 0x1
[0199.255] GetThemeAppProperties () returned 0x3
[0199.255] GetThemeAppProperties () returned 0x3
[0199.255] IsAppThemed () returned 0x1
[0199.255] GetThemeAppProperties () returned 0x3
[0199.255] GetThemeAppProperties () returned 0x3
[0199.255] GetFocus () returned 0x1302de
[0199.255] IsAppThemed () returned 0x1
[0199.255] GetThemeAppProperties () returned 0x3
[0199.255] GetThemeAppProperties () returned 0x3
[0199.255] IsAppThemed () returned 0x1
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] IsThemePartDefined () returned 0x1
[0199.256] IsAppThemed () returned 0x1
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0199.256] IsAppThemed () returned 0x1
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] IsAppThemed () returned 0x1
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] GetThemeAppProperties () returned 0x3
[0199.256] IsThemePartDefined () returned 0x1
[0199.256] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0199.256] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0199.256] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0199.256] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0199.256] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dff0) returned 0x0
[0199.256] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0199.257] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eead0) returned 0x0
[0199.257] LocalFree (hMem=0x11eead0) returned 0x0
[0199.257] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0199.257] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0199.258] LocalFree (hMem=0x11ee9f0) returned 0x0
[0199.258] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0199.259] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e018) returned 0x0
[0199.259] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e008) returned 0x0
[0199.259] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0199.259] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0199.259] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0199.259] GetCurrentObject (hdc=0xb00107f4, type=0x1) returned 0xb00017
[0199.259] GetCurrentObject (hdc=0xb00107f4, type=0x2) returned 0x900010
[0199.259] GetCurrentObject (hdc=0xb00107f4, type=0x7) returned 0x4a0507fe
[0199.259] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.259] SaveDC (hdc=0xb00107f4) returned 1
[0199.259] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7e0407de
[0199.259] GetClipRgn (hdc=0xb00107f4, hrgn=0x7e0407de) returned 0
[0199.259] SelectClipRgn (hdc=0xb00107f4, hrgn=0xf2040807) returned 2
[0199.260] DeleteObject (ho=0x7e0407de) returned 1
[0199.260] DeleteObject (ho=0xf2040807) returned 1
[0199.260] OffsetViewportOrgEx (in: hdc=0xb00107f4, x=0, y=0, lppt=0x2d70524 | out: lppt=0x2d70524) returned 1
[0199.260] DrawThemeParentBackground () returned 0x0
[0199.260] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0199.260] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0199.260] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.260] GetSystemMetrics (nIndex=42) returned 0
[0199.260] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0199.260] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0199.260] GetCurrentObject (hdc=0xb00107f4, type=0x1) returned 0xb00017
[0199.261] GetCurrentObject (hdc=0xb00107f4, type=0x2) returned 0x900010
[0199.261] GetCurrentObject (hdc=0xb00107f4, type=0x7) returned 0x4a0507fe
[0199.261] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.261] SaveDC (hdc=0xb00107f4) returned 2
[0199.261] GetNearestColor (hdc=0xb00107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.261] CreateSolidBrush (color=0xf0f0f0) returned 0xe71007e1
[0199.261] FillRect (hDC=0xb00107f4, lprc=0xd7da38, hbr=0xe71007e1) returned 1
[0199.261] DeleteObject (ho=0xe71007e1) returned 1
[0199.261] RestoreDC (hdc=0xb00107f4, nSavedDC=-1) returned 1
[0199.261] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.261] GetSystemMetrics (nIndex=42) returned 0
[0199.261] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0199.262] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0199.262] GetCurrentObject (hdc=0xb00107f4, type=0x1) returned 0xb00017
[0199.262] GetCurrentObject (hdc=0xb00107f4, type=0x2) returned 0x900010
[0199.262] GetCurrentObject (hdc=0xb00107f4, type=0x7) returned 0x4a0507fe
[0199.262] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.262] SaveDC (hdc=0xb00107f4) returned 2
[0199.262] GetNearestColor (hdc=0xb00107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.262] CreateSolidBrush (color=0xf0f0f0) returned 0xe81007e1
[0199.262] FillRect (hDC=0xb00107f4, lprc=0xd7d9d8, hbr=0xe81007e1) returned 1
[0199.262] DeleteObject (ho=0xe81007e1) returned 1
[0199.262] RestoreDC (hdc=0xb00107f4, nSavedDC=-1) returned 1
[0199.262] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.262] GetSystemMetrics (nIndex=42) returned 0
[0199.262] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.263] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0199.263] RestoreDC (hdc=0xb00107f4, nSavedDC=-1) returned 1
[0199.264] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107f4) returned 0x0
[0199.264] IsAppThemed () returned 0x1
[0199.264] GetThemeAppProperties () returned 0x3
[0199.264] GetThemeAppProperties () returned 0x3
[0199.264] IsAppThemed () returned 0x1
[0199.264] GetThemeAppProperties () returned 0x3
[0199.264] GetThemeAppProperties () returned 0x3
[0199.264] IsThemePartDefined () returned 0x1
[0199.264] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0199.264] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0199.264] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0199.264] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0199.264] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0199.264] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0199.264] LocalFree (hMem=0x11ee9f0) returned 0x0
[0199.264] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0199.265] LocalFree (hMem=0x11ee9f0) returned 0x0
[0199.265] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0199.265] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0199.265] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0199.265] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0199.265] GdipDeleteRegion (region=0x6646688) returned 0x0
[0199.265] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0199.265] GetCurrentObject (hdc=0xb00107f4, type=0x1) returned 0xb00017
[0199.265] GetCurrentObject (hdc=0xb00107f4, type=0x2) returned 0x900010
[0199.265] GetCurrentObject (hdc=0xb00107f4, type=0x7) returned 0x4a0507fe
[0199.265] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.265] SaveDC (hdc=0xb00107f4) returned 1
[0199.265] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf3040807
[0199.265] GetClipRgn (hdc=0xb00107f4, hrgn=0xf3040807) returned 0
[0199.265] SelectClipRgn (hdc=0xb00107f4, hrgn=0x800407de) returned 2
[0199.265] DeleteObject (ho=0xf3040807) returned 1
[0199.265] DeleteObject (ho=0x800407de) returned 1
[0199.266] OffsetViewportOrgEx (in: hdc=0xb00107f4, x=0, y=0, lppt=0x2d70dd0 | out: lppt=0x2d70dd0) returned 1
[0199.266] IsAppThemed () returned 0x1
[0199.266] GetThemeAppProperties () returned 0x3
[0199.266] GetThemeAppProperties () returned 0x3
[0199.266] DrawThemeBackground () returned 0x0
[0199.266] RestoreDC (hdc=0xb00107f4, nSavedDC=-1) returned 1
[0199.266] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107f4) returned 0x0
[0199.266] GdipCreateRegion (region=0xd7df60) returned 0x0
[0199.266] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0199.266] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0199.266] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0199.266] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0199.266] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0199.266] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0199.267] LocalFree (hMem=0x11ee9f0) returned 0x0
[0199.267] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0199.267] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eead0) returned 0x0
[0199.267] LocalFree (hMem=0x11eead0) returned 0x0
[0199.267] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0199.267] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0199.267] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df90) returned 0x0
[0199.267] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0199.267] GdipDeleteRegion (region=0x6646688) returned 0x0
[0199.267] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0199.267] GetCurrentObject (hdc=0xb00107f4, type=0x1) returned 0xb00017
[0199.267] GetCurrentObject (hdc=0xb00107f4, type=0x2) returned 0x900010
[0199.267] GetCurrentObject (hdc=0xb00107f4, type=0x7) returned 0x4a0507fe
[0199.267] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.267] SaveDC (hdc=0xb00107f4) returned 1
[0199.267] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x810407de
[0199.268] GetClipRgn (hdc=0xb00107f4, hrgn=0x810407de) returned 0
[0199.268] SelectClipRgn (hdc=0xb00107f4, hrgn=0xf4040807) returned 2
[0199.268] DeleteObject (ho=0x810407de) returned 1
[0199.268] DeleteObject (ho=0xf4040807) returned 1
[0199.268] OffsetViewportOrgEx (in: hdc=0xb00107f4, x=0, y=0, lppt=0x2d710a4 | out: lppt=0x2d710a4) returned 1
[0199.268] IsAppThemed () returned 0x1
[0199.268] GetThemeAppProperties () returned 0x3
[0199.268] GetThemeAppProperties () returned 0x3
[0199.268] GetThemeBackgroundContentRect () returned 0x0
[0199.268] RestoreDC (hdc=0xb00107f4, nSavedDC=-1) returned 1
[0199.268] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107f4) returned 0x0
[0199.268] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0199.268] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0199.268] GdipCloneRegion (region=0x66468c8, cloneRegion=0xd7e150) returned 0x0
[0199.268] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0199.269] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0199.269] GdipSetClipRegion (graphics=0x6600030, region=0x6646958, combineMode=0x0) returned 0x0
[0199.269] GdipGetImageWidth (image=0x6650b40, width=0xd7e154) returned 0x0
[0199.269] GdipGetImageHeight (image=0x6650b40, height=0xd7e148) returned 0x0
[0199.269] GdipDrawImageRectI (graphics=0x6600030, image=0x6650b40, x=4, y=4, width=16, height=16) returned 0x0
[0199.269] GdipSetClipRegion (graphics=0x6600030, region=0x66468c8, combineMode=0x0) returned 0x0
[0199.269] IsAppThemed () returned 0x1
[0199.269] GetThemeAppProperties () returned 0x3
[0199.269] GetThemeAppProperties () returned 0x3
[0199.270] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0199.270] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0199.270] GetCurrentObject (hdc=0xb00107f4, type=0x1) returned 0xb00017
[0199.270] GetCurrentObject (hdc=0xb00107f4, type=0x2) returned 0x900010
[0199.270] GetCurrentObject (hdc=0xb00107f4, type=0x7) returned 0x4a0507fe
[0199.270] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.270] SaveDC (hdc=0xb00107f4) returned 1
[0199.270] GetTextAlign (hdc=0xb00107f4) returned 0x0
[0199.270] GetTextColor (hdc=0xb00107f4) returned 0x0
[0199.270] GetCurrentObject (hdc=0xb00107f4, type=0x6) returned 0x8a01c2
[0199.270] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0199.270] SelectObject (hdc=0xb00107f4, h=0x6d0a0520) returned 0x8a01c2
[0199.270] GetBkMode (hdc=0xb00107f4) returned 2
[0199.271] SetBkMode (hdc=0xb00107f4, mode=1) returned 2
[0199.271] DrawTextExW (in: hdc=0xb00107f4, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d71464 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0199.271] DrawTextExW (in: hdc=0xb00107f4, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d71464 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0199.271] RestoreDC (hdc=0xb00107f4, nSavedDC=-1) returned 1
[0199.272] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107f4) returned 0x0
[0199.272] GetFocus () returned 0x1302de
[0199.272] IsAppThemed () returned 0x1
[0199.272] GetThemeAppProperties () returned 0x3
[0199.272] GetThemeAppProperties () returned 0x3
[0199.272] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0199.272] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xb00107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.272] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107f4) returned 0x0
[0199.272] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.272] SelectObject (hdc=0xb00107f4, h=0x85000f) returned 0x4a0507fe
[0199.272] DeleteDC (hdc=0xb00107f4) returned 1
[0199.272] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.273] EndPaint (hWnd=0x1302de, lpPaint=0xd7e24c) returned 1
[0199.273] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.273] IsWindowUnicode (hWnd=0x1502d8) returned 1
[0199.273] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.273] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.273] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.273] BeginPaint (in: hWnd=0x1502d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0199.273] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.274] CreateCompatibleDC (hdc=0xc0107c5) returned 0xb20107f4
[0199.274] SelectObject (hdc=0xb20107f4, h=0x4a0507fe) returned 0x85000f
[0199.274] GdipCreateFromHDC (hdc=0xb20107f4, graphics=0xd7e268) returned 0x0
[0199.274] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.274] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0199.274] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0199.274] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0199.274] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2c8) returned 0x0
[0199.274] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0199.274] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0199.274] LocalFree (hMem=0x11eecc8) returned 0x0
[0199.274] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0199.274] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0199.275] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0199.275] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0199.275] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0199.275] GdipRestoreGraphics (graphics=0x6600030, state=0xfad60dbd) returned 0x0
[0199.275] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0199.275] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0199.275] GetCurrentObject (hdc=0xb20107f4, type=0x1) returned 0xb00017
[0199.275] GetCurrentObject (hdc=0xb20107f4, type=0x2) returned 0x900010
[0199.275] GetCurrentObject (hdc=0xb20107f4, type=0x7) returned 0x4a0507fe
[0199.275] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.275] SaveDC (hdc=0xb20107f4) returned 1
[0199.275] GetNearestColor (hdc=0xb20107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.275] GetNearestColor (hdc=0xb20107f4, color=0xa0a0a0) returned 0xa0a0a0
[0199.275] GetNearestColor (hdc=0xb20107f4, color=0x696969) returned 0x696969
[0199.275] GetNearestColor (hdc=0xb20107f4, color=0xa0a0a0) returned 0xa0a0a0
[0199.276] GetNearestColor (hdc=0xb20107f4, color=0x0) returned 0x0
[0199.276] GetNearestColor (hdc=0xb20107f4, color=0xffffff) returned 0xffffff
[0199.276] GetNearestColor (hdc=0xb20107f4, color=0xe5e5e5) returned 0xe5e5e5
[0199.276] GetNearestColor (hdc=0xb20107f4, color=0xd7d7d7) returned 0xd7d7d7
[0199.276] GetNearestColor (hdc=0xb20107f4, color=0x0) returned 0x0
[0199.276] RestoreDC (hdc=0xb20107f4, nSavedDC=-1) returned 1
[0199.276] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107f4) returned 0x0
[0199.276] IsAppThemed () returned 0x1
[0199.276] GetThemeAppProperties () returned 0x3
[0199.276] GetThemeAppProperties () returned 0x3
[0199.276] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0199.276] SendMessageW (hWnd=0x1600ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0199.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0199.277] IsAppThemed () returned 0x1
[0199.277] GetThemeAppProperties () returned 0x3
[0199.277] GetThemeAppProperties () returned 0x3
[0199.277] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d71c74 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0199.277] IsAppThemed () returned 0x1
[0199.277] GetThemeAppProperties () returned 0x3
[0199.277] GetThemeAppProperties () returned 0x3
[0199.277] IsAppThemed () returned 0x1
[0199.277] GetThemeAppProperties () returned 0x3
[0199.277] GetThemeAppProperties () returned 0x3
[0199.277] IsAppThemed () returned 0x1
[0199.277] GetThemeAppProperties () returned 0x3
[0199.278] GetThemeAppProperties () returned 0x3
[0199.278] IsAppThemed () returned 0x1
[0199.278] GetThemeAppProperties () returned 0x3
[0199.278] GetThemeAppProperties () returned 0x3
[0199.278] IsThemePartDefined () returned 0x1
[0199.278] IsAppThemed () returned 0x1
[0199.278] GetThemeAppProperties () returned 0x3
[0199.278] GetThemeAppProperties () returned 0x3
[0199.278] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0199.278] IsAppThemed () returned 0x1
[0199.278] GetThemeAppProperties () returned 0x3
[0199.286] GetThemeAppProperties () returned 0x3
[0199.286] IsAppThemed () returned 0x1
[0199.286] GetThemeAppProperties () returned 0x3
[0199.286] GetThemeAppProperties () returned 0x3
[0199.286] IsThemePartDefined () returned 0x1
[0199.286] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0199.286] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.286] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0199.286] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0199.286] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfe4) returned 0x0
[0199.286] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0199.286] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0199.286] LocalFree (hMem=0x11eecc8) returned 0x0
[0199.287] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0199.287] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0199.287] LocalFree (hMem=0x11ee8d8) returned 0x0
[0199.287] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0199.287] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0199.287] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0199.287] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0199.287] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.287] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0199.287] GetCurrentObject (hdc=0xb20107f4, type=0x1) returned 0xb00017
[0199.287] GetCurrentObject (hdc=0xb20107f4, type=0x2) returned 0x900010
[0199.287] GetCurrentObject (hdc=0xb20107f4, type=0x7) returned 0x4a0507fe
[0199.287] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.288] SaveDC (hdc=0xb20107f4) returned 1
[0199.288] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf5040807
[0199.288] GetClipRgn (hdc=0xb20107f4, hrgn=0xf5040807) returned 0
[0199.288] SelectClipRgn (hdc=0xb20107f4, hrgn=0x850407de) returned 2
[0199.288] DeleteObject (ho=0xf5040807) returned 1
[0199.288] DeleteObject (ho=0x850407de) returned 1
[0199.288] OffsetViewportOrgEx (in: hdc=0xb20107f4, x=0, y=0, lppt=0x2d72324 | out: lppt=0x2d72324) returned 1
[0199.288] DrawThemeParentBackground () returned 0x0
[0199.288] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0199.289] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0199.289] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.289] GetSystemMetrics (nIndex=42) returned 0
[0199.289] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0199.289] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0199.289] GetCurrentObject (hdc=0xb20107f4, type=0x1) returned 0xb00017
[0199.289] GetCurrentObject (hdc=0xb20107f4, type=0x2) returned 0x900010
[0199.289] GetCurrentObject (hdc=0xb20107f4, type=0x7) returned 0x4a0507fe
[0199.289] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.289] SaveDC (hdc=0xb20107f4) returned 2
[0199.289] GetNearestColor (hdc=0xb20107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.289] CreateSolidBrush (color=0xf0f0f0) returned 0xe91007e1
[0199.290] FillRect (hDC=0xb20107f4, lprc=0xd7da30, hbr=0xe91007e1) returned 1
[0199.290] DeleteObject (ho=0xe91007e1) returned 1
[0199.290] RestoreDC (hdc=0xb20107f4, nSavedDC=-1) returned 1
[0199.290] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.290] GetSystemMetrics (nIndex=42) returned 0
[0199.290] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0199.290] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0199.290] GetCurrentObject (hdc=0xb20107f4, type=0x1) returned 0xb00017
[0199.290] GetCurrentObject (hdc=0xb20107f4, type=0x2) returned 0x900010
[0199.290] GetCurrentObject (hdc=0xb20107f4, type=0x7) returned 0x4a0507fe
[0199.290] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.291] SaveDC (hdc=0xb20107f4) returned 2
[0199.291] GetNearestColor (hdc=0xb20107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.291] CreateSolidBrush (color=0xf0f0f0) returned 0xea1007e1
[0199.291] FillRect (hDC=0xb20107f4, lprc=0xd7d9d0, hbr=0xea1007e1) returned 1
[0199.291] DeleteObject (ho=0xea1007e1) returned 1
[0199.291] RestoreDC (hdc=0xb20107f4, nSavedDC=-1) returned 1
[0199.291] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.291] GetSystemMetrics (nIndex=42) returned 0
[0199.291] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0199.292] RestoreDC (hdc=0xb20107f4, nSavedDC=-1) returned 1
[0199.292] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107f4) returned 0x0
[0199.292] IsAppThemed () returned 0x1
[0199.292] GetThemeAppProperties () returned 0x3
[0199.292] GetThemeAppProperties () returned 0x3
[0199.292] IsAppThemed () returned 0x1
[0199.292] GetThemeAppProperties () returned 0x3
[0199.292] GetThemeAppProperties () returned 0x3
[0199.292] IsThemePartDefined () returned 0x1
[0199.292] GdipCreateRegion (region=0xd7df50) returned 0x0
[0199.292] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.292] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0199.292] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0199.292] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df68) returned 0x0
[0199.292] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0199.292] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea98) returned 0x0
[0199.293] LocalFree (hMem=0x11eea98) returned 0x0
[0199.293] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0199.293] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0199.293] LocalFree (hMem=0x11eecc8) returned 0x0
[0199.293] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0199.293] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0199.293] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df80) returned 0x0
[0199.293] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0199.293] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.293] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0199.293] GetCurrentObject (hdc=0xb20107f4, type=0x1) returned 0xb00017
[0199.293] GetCurrentObject (hdc=0xb20107f4, type=0x2) returned 0x900010
[0199.293] GetCurrentObject (hdc=0xb20107f4, type=0x7) returned 0x4a0507fe
[0199.293] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.294] SaveDC (hdc=0xb20107f4) returned 1
[0199.294] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x860407de
[0199.301] GetClipRgn (hdc=0xb20107f4, hrgn=0x860407de) returned 0
[0199.301] SelectClipRgn (hdc=0xb20107f4, hrgn=0xf7040807) returned 2
[0199.301] DeleteObject (ho=0x860407de) returned 1
[0199.301] DeleteObject (ho=0xf7040807) returned 1
[0199.302] OffsetViewportOrgEx (in: hdc=0xb20107f4, x=0, y=0, lppt=0x2d72bd0 | out: lppt=0x2d72bd0) returned 1
[0199.302] IsAppThemed () returned 0x1
[0199.302] GetThemeAppProperties () returned 0x3
[0199.302] GetThemeAppProperties () returned 0x3
[0199.302] DrawThemeBackground () returned 0x0
[0199.302] RestoreDC (hdc=0xb20107f4, nSavedDC=-1) returned 1
[0199.302] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107f4) returned 0x0
[0199.302] GdipCreateRegion (region=0xd7df54) returned 0x0
[0199.302] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.302] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0199.302] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0199.302] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df6c) returned 0x0
[0199.302] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.302] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0199.303] LocalFree (hMem=0x11ee788) returned 0x0
[0199.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.303] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0199.303] LocalFree (hMem=0x11ee788) returned 0x0
[0199.303] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0199.303] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0199.303] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0199.303] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0199.303] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.303] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0199.303] GetCurrentObject (hdc=0xb20107f4, type=0x1) returned 0xb00017
[0199.303] GetCurrentObject (hdc=0xb20107f4, type=0x2) returned 0x900010
[0199.303] GetCurrentObject (hdc=0xb20107f4, type=0x7) returned 0x4a0507fe
[0199.303] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.304] SaveDC (hdc=0xb20107f4) returned 1
[0199.304] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf8040807
[0199.304] GetClipRgn (hdc=0xb20107f4, hrgn=0xf8040807) returned 0
[0199.304] SelectClipRgn (hdc=0xb20107f4, hrgn=0x870407de) returned 2
[0199.304] DeleteObject (ho=0xf8040807) returned 1
[0199.304] DeleteObject (ho=0x870407de) returned 1
[0199.304] OffsetViewportOrgEx (in: hdc=0xb20107f4, x=0, y=0, lppt=0x2d72ea4 | out: lppt=0x2d72ea4) returned 1
[0199.304] IsAppThemed () returned 0x1
[0199.304] GetThemeAppProperties () returned 0x3
[0199.304] GetThemeAppProperties () returned 0x3
[0199.304] GetThemeBackgroundContentRect () returned 0x0
[0199.304] RestoreDC (hdc=0xb20107f4, nSavedDC=-1) returned 1
[0199.304] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107f4) returned 0x0
[0199.304] IsAppThemed () returned 0x1
[0199.305] GetThemeAppProperties () returned 0x3
[0199.305] GetThemeAppProperties () returned 0x3
[0199.305] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0199.305] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0199.305] GetCurrentObject (hdc=0xb20107f4, type=0x1) returned 0xb00017
[0199.305] GetCurrentObject (hdc=0xb20107f4, type=0x2) returned 0x900010
[0199.305] GetCurrentObject (hdc=0xb20107f4, type=0x7) returned 0x4a0507fe
[0199.305] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.305] SaveDC (hdc=0xb20107f4) returned 1
[0199.305] GetTextAlign (hdc=0xb20107f4) returned 0x0
[0199.305] GetTextColor (hdc=0xb20107f4) returned 0x0
[0199.305] GetCurrentObject (hdc=0xb20107f4, type=0x6) returned 0x8a01c2
[0199.305] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0199.305] SelectObject (hdc=0xb20107f4, h=0x6d0a0520) returned 0x8a01c2
[0199.306] GetBkMode (hdc=0xb20107f4) returned 2
[0199.306] SetBkMode (hdc=0xb20107f4, mode=1) returned 2
[0199.306] DrawTextExW (in: hdc=0xb20107f4, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d73244 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0199.306] DrawTextExW (in: hdc=0xb20107f4, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d73244 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0199.306] RestoreDC (hdc=0xb20107f4, nSavedDC=-1) returned 1
[0199.307] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107f4) returned 0x0
[0199.307] GetFocus () returned 0x1302de
[0199.307] IsAppThemed () returned 0x1
[0199.307] GetThemeAppProperties () returned 0x3
[0199.307] GetThemeAppProperties () returned 0x3
[0199.307] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0199.307] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xb20107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.307] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107f4) returned 0x0
[0199.307] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.307] SelectObject (hdc=0xb20107f4, h=0x85000f) returned 0x4a0507fe
[0199.307] DeleteDC (hdc=0xb20107f4) returned 1
[0199.307] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.308] EndPaint (hWnd=0x1502d8, lpPaint=0xd7e24c) returned 1
[0199.308] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.308] IsWindowUnicode (hWnd=0x1302dc) returned 1
[0199.308] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.308] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.308] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.308] BeginPaint (in: hWnd=0x1302dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0199.308] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.308] CreateCompatibleDC (hdc=0x10105d6) returned 0xb40107f4
[0199.309] SelectObject (hdc=0xb40107f4, h=0x4a0507fe) returned 0x85000f
[0199.309] GdipCreateFromHDC (hdc=0xb40107f4, graphics=0xd7e268) returned 0x0
[0199.309] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.309] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0199.309] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0199.309] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0199.309] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0199.309] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.309] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0199.309] LocalFree (hMem=0x11eec58) returned 0x0
[0199.317] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0199.317] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0199.317] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.317] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0199.317] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0199.317] GdipRestoreGraphics (graphics=0x6600030, state=0xfad40dbd) returned 0x0
[0199.317] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.317] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0199.317] GetCurrentObject (hdc=0xb40107f4, type=0x1) returned 0xb00017
[0199.317] GetCurrentObject (hdc=0xb40107f4, type=0x2) returned 0x900010
[0199.317] GetCurrentObject (hdc=0xb40107f4, type=0x7) returned 0x4a0507fe
[0199.317] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.317] SaveDC (hdc=0xb40107f4) returned 1
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0xa0a0a0) returned 0xa0a0a0
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0x696969) returned 0x696969
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0xa0a0a0) returned 0xa0a0a0
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0x0) returned 0x0
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0xffffff) returned 0xffffff
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0xe5e5e5) returned 0xe5e5e5
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0xd7d7d7) returned 0xd7d7d7
[0199.318] GetNearestColor (hdc=0xb40107f4, color=0x0) returned 0x0
[0199.318] RestoreDC (hdc=0xb40107f4, nSavedDC=-1) returned 1
[0199.318] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f4) returned 0x0
[0199.318] IsAppThemed () returned 0x1
[0199.318] GetThemeAppProperties () returned 0x3
[0199.318] GetThemeAppProperties () returned 0x3
[0199.319] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0199.319] SendMessageW (hWnd=0x1600ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0199.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0199.319] IsAppThemed () returned 0x1
[0199.319] GetThemeAppProperties () returned 0x3
[0199.319] GetThemeAppProperties () returned 0x3
[0199.319] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d73a54 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0199.319] IsAppThemed () returned 0x1
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] IsAppThemed () returned 0x1
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] GetFocus () returned 0x1302de
[0199.320] IsAppThemed () returned 0x1
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] IsAppThemed () returned 0x1
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] IsThemePartDefined () returned 0x1
[0199.320] IsAppThemed () returned 0x1
[0199.320] GetThemeAppProperties () returned 0x3
[0199.320] GetThemeAppProperties () returned 0x3
[0199.321] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0199.321] IsAppThemed () returned 0x1
[0199.321] GetThemeAppProperties () returned 0x3
[0199.321] GetThemeAppProperties () returned 0x3
[0199.321] IsAppThemed () returned 0x1
[0199.321] GetThemeAppProperties () returned 0x3
[0199.321] GetThemeAppProperties () returned 0x3
[0199.321] IsThemePartDefined () returned 0x1
[0199.321] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0199.321] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.321] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0199.321] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0199.321] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0199.321] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0199.321] LocalFree (hMem=0x11ee8d8) returned 0x0
[0199.321] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0199.321] LocalFree (hMem=0x11ee788) returned 0x0
[0199.322] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0199.322] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e018) returned 0x0
[0199.322] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e008) returned 0x0
[0199.322] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0199.322] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.322] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0199.322] GetCurrentObject (hdc=0xb40107f4, type=0x1) returned 0xb00017
[0199.322] GetCurrentObject (hdc=0xb40107f4, type=0x2) returned 0x900010
[0199.322] GetCurrentObject (hdc=0xb40107f4, type=0x7) returned 0x4a0507fe
[0199.322] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.322] SaveDC (hdc=0xb40107f4) returned 1
[0199.322] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x880407de
[0199.322] GetClipRgn (hdc=0xb40107f4, hrgn=0x880407de) returned 0
[0199.322] SelectClipRgn (hdc=0xb40107f4, hrgn=0xfc040807) returned 2
[0199.322] DeleteObject (ho=0x880407de) returned 1
[0199.322] DeleteObject (ho=0xfc040807) returned 1
[0199.323] OffsetViewportOrgEx (in: hdc=0xb40107f4, x=0, y=0, lppt=0x2d74104 | out: lppt=0x2d74104) returned 1
[0199.323] DrawThemeParentBackground () returned 0x0
[0199.323] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0199.323] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0199.323] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.323] GetSystemMetrics (nIndex=42) returned 0
[0199.323] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0199.323] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0199.323] GetCurrentObject (hdc=0xb40107f4, type=0x1) returned 0xb00017
[0199.323] GetCurrentObject (hdc=0xb40107f4, type=0x2) returned 0x900010
[0199.324] GetCurrentObject (hdc=0xb40107f4, type=0x7) returned 0x4a0507fe
[0199.324] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.324] SaveDC (hdc=0xb40107f4) returned 2
[0199.324] GetNearestColor (hdc=0xb40107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.324] CreateSolidBrush (color=0xf0f0f0) returned 0xeb1007e1
[0199.324] FillRect (hDC=0xb40107f4, lprc=0xd7da38, hbr=0xeb1007e1) returned 1
[0199.324] DeleteObject (ho=0xeb1007e1) returned 1
[0199.324] RestoreDC (hdc=0xb40107f4, nSavedDC=-1) returned 1
[0199.324] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.324] GetSystemMetrics (nIndex=42) returned 0
[0199.324] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0199.324] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0199.325] GetCurrentObject (hdc=0xb40107f4, type=0x1) returned 0xb00017
[0199.325] GetCurrentObject (hdc=0xb40107f4, type=0x2) returned 0x900010
[0199.325] GetCurrentObject (hdc=0xb40107f4, type=0x7) returned 0x4a0507fe
[0199.325] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.325] SaveDC (hdc=0xb40107f4) returned 2
[0199.326] GetNearestColor (hdc=0xb40107f4, color=0xf0f0f0) returned 0xf0f0f0
[0199.326] CreateSolidBrush (color=0xf0f0f0) returned 0xec1007e1
[0199.326] FillRect (hDC=0xb40107f4, lprc=0xd7d9d8, hbr=0xec1007e1) returned 1
[0199.326] DeleteObject (ho=0xec1007e1) returned 1
[0199.326] RestoreDC (hdc=0xb40107f4, nSavedDC=-1) returned 1
[0199.326] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.326] GetSystemMetrics (nIndex=42) returned 0
[0199.326] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0199.326] RestoreDC (hdc=0xb40107f4, nSavedDC=-1) returned 1
[0199.327] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f4) returned 0x0
[0199.327] IsAppThemed () returned 0x1
[0199.327] GetThemeAppProperties () returned 0x3
[0199.327] GetThemeAppProperties () returned 0x3
[0199.327] IsAppThemed () returned 0x1
[0199.327] GetThemeAppProperties () returned 0x3
[0199.327] GetThemeAppProperties () returned 0x3
[0199.327] IsThemePartDefined () returned 0x1
[0199.327] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0199.327] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.327] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0199.327] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0199.327] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0199.327] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.327] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0199.327] LocalFree (hMem=0x11eec58) returned 0x0
[0199.328] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.328] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0199.328] LocalFree (hMem=0x11ee788) returned 0x0
[0199.328] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0199.328] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0199.328] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0199.328] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0199.328] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.328] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0199.328] GetCurrentObject (hdc=0xb40107f4, type=0x1) returned 0xb00017
[0199.328] GetCurrentObject (hdc=0xb40107f4, type=0x2) returned 0x900010
[0199.328] GetCurrentObject (hdc=0xb40107f4, type=0x7) returned 0x4a0507fe
[0199.328] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.328] SaveDC (hdc=0xb40107f4) returned 1
[0199.328] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfd040807
[0199.329] GetClipRgn (hdc=0xb40107f4, hrgn=0xfd040807) returned 0
[0199.329] SelectClipRgn (hdc=0xb40107f4, hrgn=0x8a0407de) returned 2
[0199.329] DeleteObject (ho=0xfd040807) returned 1
[0199.329] DeleteObject (ho=0x8a0407de) returned 1
[0199.329] OffsetViewportOrgEx (in: hdc=0xb40107f4, x=0, y=0, lppt=0x2d749b0 | out: lppt=0x2d749b0) returned 1
[0199.329] IsAppThemed () returned 0x1
[0199.329] GetThemeAppProperties () returned 0x3
[0199.329] GetThemeAppProperties () returned 0x3
[0199.329] DrawThemeBackground () returned 0x0
[0199.329] RestoreDC (hdc=0xb40107f4, nSavedDC=-1) returned 1
[0199.329] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f4) returned 0x0
[0199.329] GdipCreateRegion (region=0xd7df60) returned 0x0
[0199.329] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.329] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0199.330] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0199.330] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0199.330] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.330] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0199.330] LocalFree (hMem=0x11ee788) returned 0x0
[0199.330] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.330] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0199.330] LocalFree (hMem=0x11eec58) returned 0x0
[0199.330] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0199.330] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0199.330] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0199.330] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0199.330] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.330] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0199.330] GetCurrentObject (hdc=0xb40107f4, type=0x1) returned 0xb00017
[0199.330] GetCurrentObject (hdc=0xb40107f4, type=0x2) returned 0x900010
[0199.330] GetCurrentObject (hdc=0xb40107f4, type=0x7) returned 0x4a0507fe
[0199.331] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.331] SaveDC (hdc=0xb40107f4) returned 1
[0199.331] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b0407de
[0199.331] GetClipRgn (hdc=0xb40107f4, hrgn=0x8b0407de) returned 0
[0199.331] SelectClipRgn (hdc=0xb40107f4, hrgn=0xfe040807) returned 2
[0199.331] DeleteObject (ho=0x8b0407de) returned 1
[0199.331] DeleteObject (ho=0xfe040807) returned 1
[0199.331] OffsetViewportOrgEx (in: hdc=0xb40107f4, x=0, y=0, lppt=0x2d74c84 | out: lppt=0x2d74c84) returned 1
[0199.331] IsAppThemed () returned 0x1
[0199.331] GetThemeAppProperties () returned 0x3
[0199.331] GetThemeAppProperties () returned 0x3
[0199.331] GetThemeBackgroundContentRect () returned 0x0
[0199.331] RestoreDC (hdc=0xb40107f4, nSavedDC=-1) returned 1
[0199.331] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f4) returned 0x0
[0199.332] IsAppThemed () returned 0x1
[0199.332] GetThemeAppProperties () returned 0x3
[0199.332] GetThemeAppProperties () returned 0x3
[0199.332] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0199.332] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0199.332] GetCurrentObject (hdc=0xb40107f4, type=0x1) returned 0xb00017
[0199.332] GetCurrentObject (hdc=0xb40107f4, type=0x2) returned 0x900010
[0199.332] GetCurrentObject (hdc=0xb40107f4, type=0x7) returned 0x4a0507fe
[0199.332] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.332] SaveDC (hdc=0xb40107f4) returned 1
[0199.332] GetTextAlign (hdc=0xb40107f4) returned 0x0
[0199.332] GetTextColor (hdc=0xb40107f4) returned 0x0
[0199.332] GetCurrentObject (hdc=0xb40107f4, type=0x6) returned 0x8a01c2
[0199.332] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0199.333] SelectObject (hdc=0xb40107f4, h=0x6d0a0520) returned 0x8a01c2
[0199.333] GetBkMode (hdc=0xb40107f4) returned 2
[0199.333] SetBkMode (hdc=0xb40107f4, mode=1) returned 2
[0199.333] DrawTextExW (in: hdc=0xb40107f4, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d75024 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0199.333] DrawTextExW (in: hdc=0xb40107f4, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d75024 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0199.333] RestoreDC (hdc=0xb40107f4, nSavedDC=-1) returned 1
[0199.334] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f4) returned 0x0
[0199.334] GetFocus () returned 0x1302de
[0199.334] IsAppThemed () returned 0x1
[0199.334] GetThemeAppProperties () returned 0x3
[0199.334] GetThemeAppProperties () returned 0x3
[0199.334] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0199.334] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xb40107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.334] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f4) returned 0x0
[0199.334] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.335] SelectObject (hdc=0xb40107f4, h=0x85000f) returned 0x4a0507fe
[0199.335] DeleteDC (hdc=0xb40107f4) returned 1
[0199.335] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.335] EndPaint (hWnd=0x1302dc, lpPaint=0xd7e24c) returned 1
[0199.335] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.336] IsWindowUnicode (hWnd=0x602c4) returned 1
[0199.336] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.336] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.336] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.336] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0199.336] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.336] CreateCompatibleDC (hdc=0x60100ce) returned 0xb60107f4
[0199.336] SelectObject (hdc=0xb60107f4, h=0x4a0507fe) returned 0x85000f
[0199.336] GdipCreateFromHDC (hdc=0xb60107f4, graphics=0xd7e268) returned 0x0
[0199.337] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.337] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0199.337] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0199.337] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0199.337] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0199.337] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.337] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0199.337] LocalFree (hMem=0x11eec58) returned 0x0
[0199.337] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0199.337] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0199.337] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.337] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0199.337] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0199.337] GdipRestoreGraphics (graphics=0x6600030, state=0xfad20dbd) returned 0x0
[0199.337] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.338] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0199.338] GetCurrentObject (hdc=0xb60107f4, type=0x1) returned 0xb00017
[0199.338] GetCurrentObject (hdc=0xb60107f4, type=0x2) returned 0x900010
[0199.338] GetCurrentObject (hdc=0xb60107f4, type=0x7) returned 0x4a0507fe
[0199.338] GetCurrentObject (hdc=0xb60107f4, type=0x6) returned 0x8a01c2
[0199.338] SaveDC (hdc=0xb60107f4) returned 1
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0xff) returned 0xff
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0x55) returned 0x55
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0x0) returned 0x0
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0x55) returned 0x55
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0x0) returned 0x0
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0x8080ff) returned 0x8080ff
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0x7373e5) returned 0x7373e5
[0199.338] GetNearestColor (hdc=0xb60107f4, color=0xe5) returned 0xe5
[0199.339] GetNearestColor (hdc=0xb60107f4, color=0x0) returned 0x0
[0199.339] RestoreDC (hdc=0xb60107f4, nSavedDC=-1) returned 1
[0199.339] GdipReleaseDC (graphics=0x6600030, hdc=0xb60107f4) returned 0x0
[0199.339] IsAppThemed () returned 0x1
[0199.339] GetThemeAppProperties () returned 0x3
[0199.339] GetThemeAppProperties () returned 0x3
[0199.339] IsAppThemed () returned 0x1
[0199.339] GetThemeAppProperties () returned 0x3
[0199.339] GetThemeAppProperties () returned 0x3
[0199.339] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d757ec | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0199.340] IsAppThemed () returned 0x1
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] IsAppThemed () returned 0x1
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] GetFocus () returned 0x1302de
[0199.340] IsAppThemed () returned 0x1
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] IsAppThemed () returned 0x1
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] IsThemePartDefined () returned 0x1
[0199.340] IsAppThemed () returned 0x1
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] GetThemeAppProperties () returned 0x3
[0199.340] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0199.340] IsAppThemed () returned 0x1
[0199.348] GetThemeAppProperties () returned 0x3
[0199.348] GetThemeAppProperties () returned 0x3
[0199.348] IsAppThemed () returned 0x1
[0199.348] GetThemeAppProperties () returned 0x3
[0199.348] GetThemeAppProperties () returned 0x3
[0199.348] IsThemePartDefined () returned 0x1
[0199.348] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0199.348] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0199.348] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0199.349] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0199.349] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0199.349] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.349] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0199.349] LocalFree (hMem=0x11eec58) returned 0x0
[0199.349] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.349] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0199.349] LocalFree (hMem=0x11ee788) returned 0x0
[0199.349] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0199.349] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e018) returned 0x0
[0199.349] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e008) returned 0x0
[0199.349] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0199.349] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0199.349] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0199.349] GetCurrentObject (hdc=0xb60107f4, type=0x1) returned 0xb00017
[0199.349] GetCurrentObject (hdc=0xb60107f4, type=0x2) returned 0x900010
[0199.349] GetCurrentObject (hdc=0xb60107f4, type=0x7) returned 0x4a0507fe
[0199.349] GetCurrentObject (hdc=0xb60107f4, type=0x6) returned 0x8a01c2
[0199.350] SaveDC (hdc=0xb60107f4) returned 1
[0199.350] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff040807
[0199.350] GetClipRgn (hdc=0xb60107f4, hrgn=0xff040807) returned 0
[0199.350] SelectClipRgn (hdc=0xb60107f4, hrgn=0x8f0407de) returned 2
[0199.350] DeleteObject (ho=0xff040807) returned 1
[0199.350] DeleteObject (ho=0x8f0407de) returned 1
[0199.350] OffsetViewportOrgEx (in: hdc=0xb60107f4, x=0, y=0, lppt=0x2d75e9c | out: lppt=0x2d75e9c) returned 1
[0199.350] DrawThemeParentBackground () returned 0x0
[0199.350] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0199.351] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0199.351] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0199.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.351] GetSystemMetrics (nIndex=42) returned 0
[0199.351] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0199.351] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0199.351] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0199.351] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0199.351] SelectPalette (hdc=0xb60107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.352] GdipCreateFromHDC (hdc=0xb60107f4, graphics=0xd7dac8) returned 0x0
[0199.352] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0199.352] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0199.352] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638a28) returned 0x0
[0199.352] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7daa0) returned 0x0
[0199.352] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0199.352] GdipCreateRegion (region=0xd7da88) returned 0x0
[0199.352] GdipGetClip (graphics=0x664ded0, region=0x6646688) returned 0x0
[0199.352] GdipIsInfiniteRegion (region=0x6646688, graphics=0x664ded0, result=0xd7da94) returned 0x0
[0199.352] GdipDeleteRegion (region=0x6646688) returned 0x0
[0199.352] GdipSaveGraphics (graphics=0x664ded0, state=0xd7dac0) returned 0x0
[0199.352] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0199.362] GdipFillRectangleI (graphics=0x664ded0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0199.362] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0199.363] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0199.363] SelectPalette (hdc=0xb60107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.425] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0199.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.425] GetSystemMetrics (nIndex=42) returned 0
[0199.425] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0199.425] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0199.425] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0199.425] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0199.425] SelectPalette (hdc=0xb60107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.425] GdipCreateFromHDC (hdc=0xb60107f4, graphics=0xd7da68) returned 0x0
[0199.425] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0199.425] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0199.425] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638ab8) returned 0x0
[0199.425] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7da40) returned 0x0
[0199.426] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0199.426] GdipCreateRegion (region=0xd7da28) returned 0x0
[0199.426] GdipGetClip (graphics=0x664ded0, region=0x6646a78) returned 0x0
[0199.426] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x664ded0, result=0xd7da34) returned 0x0
[0199.426] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0199.426] GdipSaveGraphics (graphics=0x664ded0, state=0xd7da60) returned 0x0
[0199.426] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0199.439] GdipFillRectangleI (graphics=0x664ded0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0199.439] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0199.440] GdipRestoreGraphics (graphics=0x664ded0, state=0xface0dbd) returned 0x0
[0199.440] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0199.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.441] GetSystemMetrics (nIndex=42) returned 0
[0199.441] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0199.441] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0199.441] SelectPalette (hdc=0xb60107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.441] RestoreDC (hdc=0xb60107f4, nSavedDC=-1) returned 1
[0199.441] GdipReleaseDC (graphics=0x6600030, hdc=0xb60107f4) returned 0x0
[0199.441] IsAppThemed () returned 0x1
[0199.441] GetThemeAppProperties () returned 0x3
[0199.441] GetThemeAppProperties () returned 0x3
[0199.441] IsAppThemed () returned 0x1
[0199.441] GetThemeAppProperties () returned 0x3
[0199.441] GetThemeAppProperties () returned 0x3
[0199.441] IsThemePartDefined () returned 0x1
[0199.441] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0199.441] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0199.441] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0199.441] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0199.442] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df74) returned 0x0
[0199.442] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0199.442] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0199.442] LocalFree (hMem=0x11ee8d8) returned 0x0
[0199.442] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0199.442] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea98) returned 0x0
[0199.442] LocalFree (hMem=0x11eea98) returned 0x0
[0199.442] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0199.442] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0199.442] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0199.442] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0199.442] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0199.442] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0199.442] GetCurrentObject (hdc=0xb60107f4, type=0x1) returned 0xb00017
[0199.442] GetCurrentObject (hdc=0xb60107f4, type=0x2) returned 0x900010
[0199.442] GetCurrentObject (hdc=0xb60107f4, type=0x7) returned 0x4a0507fe
[0199.442] GetCurrentObject (hdc=0xb60107f4, type=0x6) returned 0x8a01c2
[0199.442] SaveDC (hdc=0xb60107f4) returned 1
[0199.442] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x900407de
[0199.442] GetClipRgn (hdc=0xb60107f4, hrgn=0x900407de) returned 0
[0199.442] SelectClipRgn (hdc=0xb60107f4, hrgn=0x1040807) returned 2
[0199.443] DeleteObject (ho=0x900407de) returned 1
[0199.443] DeleteObject (ho=0x1040807) returned 1
[0199.443] OffsetViewportOrgEx (in: hdc=0xb60107f4, x=0, y=0, lppt=0x2d7c6ec | out: lppt=0x2d7c6ec) returned 1
[0199.443] IsAppThemed () returned 0x1
[0199.443] GetThemeAppProperties () returned 0x3
[0199.443] GetThemeAppProperties () returned 0x3
[0199.443] DrawThemeBackground () returned 0x0
[0199.443] RestoreDC (hdc=0xb60107f4, nSavedDC=-1) returned 1
[0199.443] GdipReleaseDC (graphics=0x6600030, hdc=0xb60107f4) returned 0x0
[0199.443] GdipCreateRegion (region=0xd7df60) returned 0x0
[0199.443] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0199.443] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0199.443] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0199.443] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df78) returned 0x0
[0199.443] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.443] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0199.443] LocalFree (hMem=0x11eec58) returned 0x0
[0199.443] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0199.443] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0199.443] LocalFree (hMem=0x11ee8d8) returned 0x0
[0199.444] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0199.444] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0199.444] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7df90) returned 0x0
[0199.444] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0199.444] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0199.444] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0199.444] GetCurrentObject (hdc=0xb60107f4, type=0x1) returned 0xb00017
[0199.444] GetCurrentObject (hdc=0xb60107f4, type=0x2) returned 0x900010
[0199.444] GetCurrentObject (hdc=0xb60107f4, type=0x7) returned 0x4a0507fe
[0199.444] GetCurrentObject (hdc=0xb60107f4, type=0x6) returned 0x8a01c2
[0199.444] SaveDC (hdc=0xb60107f4) returned 1
[0199.444] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2040807
[0199.444] GetClipRgn (hdc=0xb60107f4, hrgn=0x2040807) returned 0
[0199.444] SelectClipRgn (hdc=0xb60107f4, hrgn=0x910407de) returned 2
[0199.444] DeleteObject (ho=0x2040807) returned 1
[0199.444] DeleteObject (ho=0x910407de) returned 1
[0199.444] OffsetViewportOrgEx (in: hdc=0xb60107f4, x=0, y=0, lppt=0x2d7c9c0 | out: lppt=0x2d7c9c0) returned 1
[0199.444] IsAppThemed () returned 0x1
[0199.444] GetThemeAppProperties () returned 0x3
[0199.444] GetThemeAppProperties () returned 0x3
[0199.444] GetThemeBackgroundContentRect () returned 0x0
[0199.444] RestoreDC (hdc=0xb60107f4, nSavedDC=-1) returned 1
[0199.444] GdipReleaseDC (graphics=0x6600030, hdc=0xb60107f4) returned 0x0
[0199.445] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0199.445] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0199.445] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0199.445] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0199.445] IsAppThemed () returned 0x1
[0199.445] GetThemeAppProperties () returned 0x3
[0199.445] GetThemeAppProperties () returned 0x3
[0199.445] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0199.445] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0199.445] GetCurrentObject (hdc=0xb60107f4, type=0x1) returned 0xb00017
[0199.445] GetCurrentObject (hdc=0xb60107f4, type=0x2) returned 0x900010
[0199.445] GetCurrentObject (hdc=0xb60107f4, type=0x7) returned 0x4a0507fe
[0199.445] GetCurrentObject (hdc=0xb60107f4, type=0x6) returned 0x8a01c2
[0199.445] SaveDC (hdc=0xb60107f4) returned 1
[0199.445] GetTextAlign (hdc=0xb60107f4) returned 0x0
[0199.445] GetTextColor (hdc=0xb60107f4) returned 0x0
[0199.445] GetCurrentObject (hdc=0xb60107f4, type=0x6) returned 0x8a01c2
[0199.445] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0199.445] SelectObject (hdc=0xb60107f4, h=0x6d0a0520) returned 0x8a01c2
[0199.445] GetBkMode (hdc=0xb60107f4) returned 2
[0199.445] SetBkMode (hdc=0xb60107f4, mode=1) returned 2
[0199.446] DrawTextExW (in: hdc=0xb60107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d7cd84 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0199.446] DrawTextExW (in: hdc=0xb60107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d7cd84 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0199.446] RestoreDC (hdc=0xb60107f4, nSavedDC=-1) returned 1
[0199.446] GdipReleaseDC (graphics=0x6600030, hdc=0xb60107f4) returned 0x0
[0199.446] GetFocus () returned 0x1302de
[0199.446] IsAppThemed () returned 0x1
[0199.446] GetThemeAppProperties () returned 0x3
[0199.446] GetThemeAppProperties () returned 0x3
[0199.446] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0199.446] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xb60107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.447] GdipReleaseDC (graphics=0x6600030, hdc=0xb60107f4) returned 0x0
[0199.447] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.447] SelectObject (hdc=0xb60107f4, h=0x85000f) returned 0x4a0507fe
[0199.447] DeleteDC (hdc=0xb60107f4) returned 1
[0199.447] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.447] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0199.447] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.447] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.447] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.447] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.447] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.448] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.448] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.448] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.448] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.448] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.449] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.449] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.449] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.449] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.449] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.449] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.449] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.449] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.449] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.449] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.450] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.452] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.452] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.452] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.452] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.452] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.452] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.452] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.453] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.453] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.453] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.453] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.453] IsWindowUnicode (hWnd=0x1502d8) returned 1
[0199.453] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.453] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.453] GetDlgItem (hDlg=0x1600ea, nIDDlgItem=0) returned 0x0
[0199.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x210, wParam=0x201, lParam=0x62010a) returned 0x0
[0199.453] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x21, wParam=0x1600ea, lParam=0x2010001) returned 0x1
[0199.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x21, wParam=0x1600ea, lParam=0x2010001) returned 0x1
[0199.454] SetCursor (hCursor=0x10003) returned 0x10003
[0199.454] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.454] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.454] GetKeyState (nVirtKey=1) returned -127
[0199.454] GetKeyState (nVirtKey=2) returned 0
[0199.454] GetKeyState (nVirtKey=4) returned 0
[0199.454] GetKeyState (nVirtKey=5) returned 0
[0199.454] GetKeyState (nVirtKey=6) returned 0
[0199.454] IsWindowVisible (hWnd=0x1502d8) returned 1
[0199.454] IsWindowEnabled (hWnd=0x1502d8) returned 1
[0199.454] SetFocus (hWnd=0x1502d8) returned 0x1302de
[0199.455] GetFocus () returned 0x1502d8
[0199.455] IsChild (hWndParent=0x1600ea, hWnd=0x1502d8) returned 1
[0199.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x8, wParam=0x1502d8, lParam=0x0) returned 0x0
[0199.455] GetCapture () returned 0x0
[0199.455] InvalidateRect (hWnd=0x1302de, lpRect=0x0, bErase=0) returned 1
[0199.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0199.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0199.459] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.459] InvalidateRect (hWnd=0x1302de, lpRect=0x0, bErase=0) returned 1
[0199.459] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x7, wParam=0x1302de, lParam=0x0) returned 0x0
[0199.459] GetStockObject (i=5) returned 0x900015
[0199.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0199.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0199.459] GetDlgItem (hDlg=0x1600ea, nIDDlgItem=1376984) returned 0x1502d8
[0199.459] SendMessageW (hWnd=0x1502d8, Msg=0x202b, wParam=0x1502d8, lParam=0xd7dddc) returned 0x0
[0199.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x202b, wParam=0x1502d8, lParam=0xd7dddc) returned 0x0
[0199.459] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.461] GetFocus () returned 0x1502d8
[0199.461] GetFocus () returned 0x1502d8
[0199.462] GetFocus () returned 0x1502d8
[0199.462] GetKeyState (nVirtKey=1) returned -127
[0199.462] GetKeyState (nVirtKey=2) returned 0
[0199.462] GetKeyState (nVirtKey=4) returned 0
[0199.462] GetKeyState (nVirtKey=5) returned 0
[0199.462] GetKeyState (nVirtKey=6) returned 0
[0199.462] GetCapture () returned 0x0
[0199.462] SetCapture (hWnd=0x1502d8) returned 0x0
[0199.462] GetKeyState (nVirtKey=1) returned -127
[0199.462] GetKeyState (nVirtKey=2) returned 0
[0199.462] GetKeyState (nVirtKey=4) returned 0
[0199.462] GetKeyState (nVirtKey=5) returned 0
[0199.462] GetKeyState (nVirtKey=6) returned 0
[0199.462] NotifyWinEvent (event=0x800a, hwnd=0x1502d8, idObject=-4, idChild=0)
[0199.462] InvalidateRect (hWnd=0x1502d8, lpRect=0xd7e430, bErase=0) returned 1
[0199.462] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.462] IsWindowUnicode (hWnd=0x1502d8) returned 1
[0199.462] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.463] TranslateMessage (lpMsg=0xd7e808) returned 0
[0199.463] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0199.463] MapWindowPoints (in: hWndFrom=0x1502d8, hWndTo=0x0, lpPoints=0x2d7cf74, cPoints=0x1 | out: lpPoints=0x2d7cf74) returned 30999254
[0199.463] NotifyWinEvent (event=0x800a, hwnd=0x1502d8, idObject=-4, idChild=0)
[0199.463] InvalidateRect (hWnd=0x1502d8, lpRect=0xd7e3d0, bErase=0) returned 1
[0199.463] UpdateWindow (hWnd=0x1502d8) returned 1
[0199.463] BeginPaint (in: hWnd=0x1502d8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0199.463] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.463] CreateCompatibleDC (hdc=0xc0107c5) returned 0xe60107c6
[0199.463] SelectObject (hdc=0xe60107c6, h=0x4a0507fe) returned 0x85000f
[0199.463] GdipCreateFromHDC (hdc=0xe60107c6, graphics=0xd7df00) returned 0x0
[0199.463] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.464] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0199.464] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0199.464] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0199.464] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df60) returned 0x0
[0199.464] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.464] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0199.464] LocalFree (hMem=0x11ee788) returned 0x0
[0199.464] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0199.464] GdipCreateRegion (region=0xd7df48) returned 0x0
[0199.464] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.464] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df54) returned 0x0
[0199.464] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0199.464] GdipRestoreGraphics (graphics=0x6600030, state=0xfacc0dbd) returned 0x0
[0199.464] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.464] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0199.464] GetCurrentObject (hdc=0xe60107c6, type=0x1) returned 0xb00017
[0199.464] GetCurrentObject (hdc=0xe60107c6, type=0x2) returned 0x900010
[0199.465] GetCurrentObject (hdc=0xe60107c6, type=0x7) returned 0x4a0507fe
[0199.465] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.465] SaveDC (hdc=0xe60107c6) returned 1
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0xf0f0f0) returned 0xf0f0f0
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0xa0a0a0) returned 0xa0a0a0
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0x696969) returned 0x696969
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0xa0a0a0) returned 0xa0a0a0
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0x0) returned 0x0
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0xffffff) returned 0xffffff
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0xe5e5e5) returned 0xe5e5e5
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0xd7d7d7) returned 0xd7d7d7
[0199.465] GetNearestColor (hdc=0xe60107c6, color=0x0) returned 0x0
[0199.465] RestoreDC (hdc=0xe60107c6, nSavedDC=-1) returned 1
[0199.470] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107c6) returned 0x0
[0199.470] IsAppThemed () returned 0x1
[0199.470] GetThemeAppProperties () returned 0x3
[0199.470] GetThemeAppProperties () returned 0x3
[0199.470] IsAppThemed () returned 0x1
[0199.470] GetThemeAppProperties () returned 0x3
[0199.470] GetThemeAppProperties () returned 0x3
[0199.470] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d7d6cc | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0199.471] IsAppThemed () returned 0x1
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] IsAppThemed () returned 0x1
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] IsAppThemed () returned 0x1
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] IsAppThemed () returned 0x1
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] IsThemePartDefined () returned 0x1
[0199.471] IsAppThemed () returned 0x1
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0199.471] IsAppThemed () returned 0x1
[0199.471] GetThemeAppProperties () returned 0x3
[0199.471] GetThemeAppProperties () returned 0x3
[0199.472] IsAppThemed () returned 0x1
[0199.472] GetThemeAppProperties () returned 0x3
[0199.472] GetThemeAppProperties () returned 0x3
[0199.472] IsThemePartDefined () returned 0x1
[0199.472] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0199.472] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0199.472] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0199.472] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0199.472] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc7c) returned 0x0
[0199.472] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.472] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0199.472] LocalFree (hMem=0x11eec58) returned 0x0
[0199.472] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0199.472] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0199.472] LocalFree (hMem=0x11eea28) returned 0x0
[0199.472] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0199.472] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0199.472] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0199.473] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0199.473] GdipDeleteRegion (region=0x6646688) returned 0x0
[0199.473] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0199.473] GetCurrentObject (hdc=0xe60107c6, type=0x1) returned 0xb00017
[0199.473] GetCurrentObject (hdc=0xe60107c6, type=0x2) returned 0x900010
[0199.473] GetCurrentObject (hdc=0xe60107c6, type=0x7) returned 0x4a0507fe
[0199.473] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.473] SaveDC (hdc=0xe60107c6) returned 1
[0199.473] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x920407de
[0199.473] GetClipRgn (hdc=0xe60107c6, hrgn=0x920407de) returned 0
[0199.473] SelectClipRgn (hdc=0xe60107c6, hrgn=0x6040807) returned 2
[0199.473] DeleteObject (ho=0x920407de) returned 1
[0199.473] DeleteObject (ho=0x6040807) returned 1
[0199.473] OffsetViewportOrgEx (in: hdc=0xe60107c6, x=0, y=0, lppt=0x2d7dd7c | out: lppt=0x2d7dd7c) returned 1
[0199.473] DrawThemeParentBackground () returned 0x0
[0199.473] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0199.473] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0199.474] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.474] GetSystemMetrics (nIndex=42) returned 0
[0199.474] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0199.474] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0199.474] GetCurrentObject (hdc=0xe60107c6, type=0x1) returned 0xb00017
[0199.474] GetCurrentObject (hdc=0xe60107c6, type=0x2) returned 0x900010
[0199.474] GetCurrentObject (hdc=0xe60107c6, type=0x7) returned 0x4a0507fe
[0199.474] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.474] SaveDC (hdc=0xe60107c6) returned 2
[0199.474] GetNearestColor (hdc=0xe60107c6, color=0xf0f0f0) returned 0xf0f0f0
[0199.474] CreateSolidBrush (color=0xf0f0f0) returned 0xed1007e1
[0199.474] FillRect (hDC=0xe60107c6, lprc=0xd7d6c8, hbr=0xed1007e1) returned 1
[0199.474] DeleteObject (ho=0xed1007e1) returned 1
[0199.474] RestoreDC (hdc=0xe60107c6, nSavedDC=-1) returned 1
[0199.474] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.474] GetSystemMetrics (nIndex=42) returned 0
[0199.474] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0199.475] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0199.475] GetCurrentObject (hdc=0xe60107c6, type=0x1) returned 0xb00017
[0199.475] GetCurrentObject (hdc=0xe60107c6, type=0x2) returned 0x900010
[0199.475] GetCurrentObject (hdc=0xe60107c6, type=0x7) returned 0x4a0507fe
[0199.475] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.475] SaveDC (hdc=0xe60107c6) returned 2
[0199.475] GetNearestColor (hdc=0xe60107c6, color=0xf0f0f0) returned 0xf0f0f0
[0199.475] CreateSolidBrush (color=0xf0f0f0) returned 0xee1007e1
[0199.475] FillRect (hDC=0xe60107c6, lprc=0xd7d668, hbr=0xee1007e1) returned 1
[0199.475] DeleteObject (ho=0xee1007e1) returned 1
[0199.475] RestoreDC (hdc=0xe60107c6, nSavedDC=-1) returned 1
[0199.475] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.475] GetSystemMetrics (nIndex=42) returned 0
[0199.475] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0199.475] RestoreDC (hdc=0xe60107c6, nSavedDC=-1) returned 1
[0199.476] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107c6) returned 0x0
[0199.476] IsAppThemed () returned 0x1
[0199.476] GetThemeAppProperties () returned 0x3
[0199.476] GetThemeAppProperties () returned 0x3
[0199.476] IsAppThemed () returned 0x1
[0199.476] GetThemeAppProperties () returned 0x3
[0199.476] GetThemeAppProperties () returned 0x3
[0199.476] IsThemePartDefined () returned 0x1
[0199.476] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0199.476] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.476] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0199.476] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0199.476] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0199.476] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0199.476] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eead0) returned 0x0
[0199.476] LocalFree (hMem=0x11eead0) returned 0x0
[0199.476] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0199.476] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0199.476] LocalFree (hMem=0x11ee868) returned 0x0
[0199.476] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0199.476] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0199.476] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0199.476] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0199.477] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.477] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0199.477] GetCurrentObject (hdc=0xe60107c6, type=0x1) returned 0xb00017
[0199.477] GetCurrentObject (hdc=0xe60107c6, type=0x2) returned 0x900010
[0199.477] GetCurrentObject (hdc=0xe60107c6, type=0x7) returned 0x4a0507fe
[0199.477] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.477] SaveDC (hdc=0xe60107c6) returned 1
[0199.477] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7040807
[0199.477] GetClipRgn (hdc=0xe60107c6, hrgn=0x7040807) returned 0
[0199.477] SelectClipRgn (hdc=0xe60107c6, hrgn=0x940407de) returned 2
[0199.477] DeleteObject (ho=0x7040807) returned 1
[0199.477] DeleteObject (ho=0x940407de) returned 1
[0199.477] OffsetViewportOrgEx (in: hdc=0xe60107c6, x=0, y=0, lppt=0x2d7e628 | out: lppt=0x2d7e628) returned 1
[0199.477] IsAppThemed () returned 0x1
[0199.477] GetThemeAppProperties () returned 0x3
[0199.477] GetThemeAppProperties () returned 0x3
[0199.477] DrawThemeBackground () returned 0x0
[0199.477] RestoreDC (hdc=0xe60107c6, nSavedDC=-1) returned 1
[0199.477] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107c6) returned 0x0
[0199.477] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0199.478] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.478] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0199.478] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0199.478] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc04) returned 0x0
[0199.478] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0199.478] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eed00) returned 0x0
[0199.478] LocalFree (hMem=0x11eed00) returned 0x0
[0199.478] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0199.478] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0199.478] LocalFree (hMem=0x11ee8d8) returned 0x0
[0199.478] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0199.478] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0199.478] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0199.478] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0199.478] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.478] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0199.478] GetCurrentObject (hdc=0xe60107c6, type=0x1) returned 0xb00017
[0199.478] GetCurrentObject (hdc=0xe60107c6, type=0x2) returned 0x900010
[0199.478] GetCurrentObject (hdc=0xe60107c6, type=0x7) returned 0x4a0507fe
[0199.478] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.478] SaveDC (hdc=0xe60107c6) returned 1
[0199.478] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x950407de
[0199.479] GetClipRgn (hdc=0xe60107c6, hrgn=0x950407de) returned 0
[0199.479] SelectClipRgn (hdc=0xe60107c6, hrgn=0x8040807) returned 2
[0199.479] DeleteObject (ho=0x950407de) returned 1
[0199.479] DeleteObject (ho=0x8040807) returned 1
[0199.479] OffsetViewportOrgEx (in: hdc=0xe60107c6, x=0, y=0, lppt=0x2d7e8fc | out: lppt=0x2d7e8fc) returned 1
[0199.479] IsAppThemed () returned 0x1
[0199.479] GetThemeAppProperties () returned 0x3
[0199.479] GetThemeAppProperties () returned 0x3
[0199.479] GetThemeBackgroundContentRect () returned 0x0
[0199.479] RestoreDC (hdc=0xe60107c6, nSavedDC=-1) returned 1
[0199.479] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107c6) returned 0x0
[0199.479] IsAppThemed () returned 0x1
[0199.479] GetThemeAppProperties () returned 0x3
[0199.479] GetThemeAppProperties () returned 0x3
[0199.479] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0199.479] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0199.479] GetCurrentObject (hdc=0xe60107c6, type=0x1) returned 0xb00017
[0199.479] GetCurrentObject (hdc=0xe60107c6, type=0x2) returned 0x900010
[0199.479] GetCurrentObject (hdc=0xe60107c6, type=0x7) returned 0x4a0507fe
[0199.479] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.479] SaveDC (hdc=0xe60107c6) returned 1
[0199.480] GetTextAlign (hdc=0xe60107c6) returned 0x0
[0199.480] GetTextColor (hdc=0xe60107c6) returned 0x0
[0199.480] GetCurrentObject (hdc=0xe60107c6, type=0x6) returned 0x8a01c2
[0199.480] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0199.480] SelectObject (hdc=0xe60107c6, h=0x6d0a0520) returned 0x8a01c2
[0199.480] GetBkMode (hdc=0xe60107c6) returned 2
[0199.480] SetBkMode (hdc=0xe60107c6, mode=1) returned 2
[0199.480] DrawTextExW (in: hdc=0xe60107c6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d7ec9c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0199.480] DrawTextExW (in: hdc=0xe60107c6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d7ec9c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0199.480] RestoreDC (hdc=0xe60107c6, nSavedDC=-1) returned 1
[0199.481] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107c6) returned 0x0
[0199.481] GetFocus () returned 0x1502d8
[0199.481] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0199.481] SendMessageW (hWnd=0x1600ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0199.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0199.481] IsAppThemed () returned 0x1
[0199.481] GetThemeAppProperties () returned 0x3
[0199.481] GetThemeAppProperties () returned 0x3
[0199.481] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0199.481] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xe60107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.481] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107c6) returned 0x0
[0199.481] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.482] SelectObject (hdc=0xe60107c6, h=0x85000f) returned 0x4a0507fe
[0199.482] DeleteDC (hdc=0xe60107c6) returned 1
[0199.482] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.482] EndPaint (hWnd=0x1502d8, lpPaint=0xd7dee4) returned 1
[0199.482] MapWindowPoints (in: hWndFrom=0x1502d8, hWndTo=0x0, lpPoints=0x2d7ed98, cPoints=0x1 | out: lpPoints=0x2d7ed98) returned 30999254
[0199.482] WindowFromPoint (Point=0x2ff) returned 0x1502d8
[0199.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.482] NotifyWinEvent (event=0x800a, hwnd=0x1502d8, idObject=-4, idChild=0)
[0199.482] NotifyWinEvent (event=0x800c, hwnd=0x1502d8, idObject=-4, idChild=0)
[0199.482] GetCapture () returned 0x1502d8
[0199.482] ReleaseCapture () returned 1
[0199.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0199.483] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0199.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.483] IsWindow (hWnd=0x7005c) returned 1
[0199.483] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0199.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0199.484] IsWindow (hWnd=0x1600ea) returned 1
[0199.484] SetActiveWindow (hWnd=0x1600ea) returned 0x1600ea
[0199.484] IsWindow (hWnd=0x1600ea) returned 1
[0199.484] SetFocus (hWnd=0x1600ea) returned 0x1502d8
[0199.484] GetFocus () returned 0x1600ea
[0199.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x8, wParam=0x1600ea, lParam=0x0) returned 0x0
[0199.485] GetCapture () returned 0x0
[0199.485] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0199.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0199.488] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.488] GetFocus () returned 0x1600ea
[0199.488] SetFocus (hWnd=0x1502d8) returned 0x1600ea
[0199.489] GetFocus () returned 0x1502d8
[0199.489] IsChild (hWndParent=0x1600ea, hWnd=0x1502d8) returned 1
[0199.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x8, wParam=0x1502d8, lParam=0x0) returned 0x0
[0199.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0199.491] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0199.492] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x7, wParam=0x1600ea, lParam=0x0) returned 0x0
[0199.492] GetStockObject (i=5) returned 0x900015
[0199.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0199.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0199.492] GetDlgItem (hDlg=0x1600ea, nIDDlgItem=1376984) returned 0x1502d8
[0199.492] SendMessageW (hWnd=0x1502d8, Msg=0x202b, wParam=0x1502d8, lParam=0xd7ddcc) returned 0x0
[0199.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x202b, wParam=0x1502d8, lParam=0xd7ddcc) returned 0x0
[0199.492] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.494] GetWindowLongW (hWnd=0x1600ea, nIndex=-8) returned 458844
[0199.494] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0199.494] GetCurrentThreadId () returned 0xf50
[0199.494] IsWindow (hWnd=0x7005c) returned 1
[0199.494] IsWindow (hWnd=0x7005c) returned 1
[0199.494] IsWindowVisible (hWnd=0x7005c) returned 1
[0199.494] SetActiveWindow (hWnd=0x7005c) returned 0x1600ea
[0199.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0199.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.497] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.501] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0199.501] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0199.502] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0199.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0199.502] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0199.502] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0199.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1600ea) returned 0x1
[0199.507] GetFocus () returned 0x1502d8
[0199.507] SetFocus (hWnd=0x602c4) returned 0x1502d8
[0199.507] GetFocus () returned 0x602c4
[0199.507] IsChild (hWndParent=0x1600ea, hWnd=0x602c4) returned 0
[0199.507] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0199.507] GetCapture () returned 0x0
[0199.507] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.508] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0199.510] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0199.512] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0199.512] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0199.518] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0199.518] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1502d8, lParam=0x0) returned 0x0
[0199.518] GetStockObject (i=5) returned 0x900015
[0199.519] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0199.519] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda08) returned 0xc
[0199.519] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0199.519] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0199.519] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0199.519] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0199.521] GetFocus () returned 0x602c4
[0199.521] IsChild (hWndParent=0x1600ea, hWnd=0x602c4) returned 0
[0199.521] ShowWindow (hWnd=0x1600ea, nCmdShow=0) returned 1
[0199.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0199.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0199.522] GetWindowPlacement (in: hWnd=0x1600ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0199.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0199.522] GetClientRect (in: hWnd=0x1600ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0199.522] GetWindowRect (in: hWnd=0x1600ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0199.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0199.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0199.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0199.524] GetWindowLongW (hWnd=0x1600ea, nIndex=-20) returned 327945
[0199.524] DestroyWindow (hWnd=0x1600ea) returned 1
[0199.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0199.524] GetWindowTextLengthW (hWnd=0x1600ea) returned 13
[0199.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.524] GetSystemMetrics (nIndex=42) returned 0
[0199.524] GetWindowTextW (in: hWnd=0x1600ea, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0199.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0199.524] GetWindowTextLengthW (hWnd=0x902ce) returned 0
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0199.525] GetSystemMetrics (nIndex=42) returned 0
[0199.525] GetWindowTextW (in: hWnd=0x902ce, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0199.525] GetWindowThreadProcessId (in: hWnd=0x15013e, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0199.525] GetWindow (hWnd=0x15013e, uCmd=0x5) returned 0x0
[0199.525] GetWindowLongW (hWnd=0x15013e, nIndex=-20) returned 65792
[0199.525] DestroyWindow (hWnd=0x15013e) returned 1
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0199.525] GetWindowTextLengthW (hWnd=0x15013e) returned 25
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0199.525] GetSystemMetrics (nIndex=42) returned 0
[0199.525] GetWindowTextW (in: hWnd=0x15013e, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0199.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x15013e, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.526] GetWindowTextLengthW (hWnd=0x802d0) returned 232
[0199.526] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0199.526] GetSystemMetrics (nIndex=42) returned 0
[0199.526] GetWindowTextW (in: hWnd=0x802d0, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0199.526] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0199.527] InvalidateRect (hWnd=0x1502d8, lpRect=0x0, bErase=0) returned 1
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0199.527] SendMessageW (hWnd=0x1302da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0199.527] SendMessageW (hWnd=0x1302da, Msg=0xb0, wParam=0x2d4acbc, lParam=0xd7e480) returned 0x0
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0xb0, wParam=0x2d4acbc, lParam=0xd7e480) returned 0x0
[0199.527] GetWindowTextLengthW (hWnd=0x1302da) returned 4363
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0199.527] GetSystemMetrics (nIndex=42) returned 0
[0199.527] CoTaskMemAlloc (cb=0x221c) returned 0x12072c0
[0199.527] GetWindowTextW (in: hWnd=0x1302da, lpString=0x12072c0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0199.527] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0xd, wParam=0x110c, lParam=0x12072c0) returned 0x110b
[0199.528] CoTaskMemFree (pv=0x12072c0)
[0199.528] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0199.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x902ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.530] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x802d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.531] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.534] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.535] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1600ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0199.538] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.538] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.538] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.538] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.538] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.538] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.538] IsWindowUnicode (hWnd=0x7005c) returned 1
[0199.538] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.539] SetCursor (hCursor=0x10003) returned 0x10003
[0199.539] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.539] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0199.539] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0199.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0199.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080241) returned 0x0
[0199.539] GetKeyState (nVirtKey=1) returned 1
[0199.539] GetKeyState (nVirtKey=2) returned 0
[0199.539] GetKeyState (nVirtKey=4) returned 0
[0199.539] GetKeyState (nVirtKey=5) returned 0
[0199.539] GetKeyState (nVirtKey=6) returned 0
[0199.539] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.540] IsWindowUnicode (hWnd=0x7005c) returned 1
[0199.540] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.540] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.540] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.540] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.541] IsWindowUnicode (hWnd=0x7005c) returned 1
[0199.541] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd02ff) returned 0x1
[0199.541] SetCursor (hCursor=0x10003) returned 0x10003
[0199.541] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.541] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080241) returned 0x0
[0199.541] GetKeyState (nVirtKey=1) returned 1
[0199.541] GetKeyState (nVirtKey=2) returned 0
[0199.541] GetKeyState (nVirtKey=4) returned 0
[0199.542] GetKeyState (nVirtKey=5) returned 0
[0199.542] GetKeyState (nVirtKey=6) returned 0
[0199.542] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.542] IsWindowUnicode (hWnd=0x602c4) returned 1
[0199.542] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.543] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.543] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.543] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.562] IsWindowUnicode (hWnd=0x602c4) returned 1
[0199.562] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.562] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.562] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.563] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0199.563] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.563] CreateCompatibleDC (hdc=0xc0107c5) returned 0x380107f3
[0199.563] SelectObject (hdc=0x380107f3, h=0x4a0507fe) returned 0x85000f
[0199.563] GdipCreateFromHDC (hdc=0x380107f3, graphics=0xd7e798) returned 0x0
[0199.563] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0199.563] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0199.563] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0199.563] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0199.563] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e7f8) returned 0x0
[0199.563] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0199.564] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0199.564] LocalFree (hMem=0x11eed00) returned 0x0
[0199.564] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0199.564] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0199.564] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.564] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0199.564] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0199.564] GdipRestoreGraphics (graphics=0x6600030, state=0xfaca0dbd) returned 0x0
[0199.564] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.564] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0199.564] GetCurrentObject (hdc=0x380107f3, type=0x1) returned 0xb00017
[0199.564] GetCurrentObject (hdc=0x380107f3, type=0x2) returned 0x900010
[0199.564] GetCurrentObject (hdc=0x380107f3, type=0x7) returned 0x4a0507fe
[0199.564] GetCurrentObject (hdc=0x380107f3, type=0x6) returned 0x8a01c2
[0199.564] SaveDC (hdc=0x380107f3) returned 1
[0199.565] GetNearestColor (hdc=0x380107f3, color=0xff) returned 0xff
[0199.565] GetNearestColor (hdc=0x380107f3, color=0x55) returned 0x55
[0199.565] GetNearestColor (hdc=0x380107f3, color=0x0) returned 0x0
[0199.565] GetNearestColor (hdc=0x380107f3, color=0x55) returned 0x55
[0199.565] GetNearestColor (hdc=0x380107f3, color=0x0) returned 0x0
[0199.565] GetNearestColor (hdc=0x380107f3, color=0x8080ff) returned 0x8080ff
[0199.565] GetNearestColor (hdc=0x380107f3, color=0x7373e5) returned 0x7373e5
[0199.565] GetNearestColor (hdc=0x380107f3, color=0xe5) returned 0xe5
[0199.565] GetNearestColor (hdc=0x380107f3, color=0x0) returned 0x0
[0199.565] RestoreDC (hdc=0x380107f3, nSavedDC=-1) returned 1
[0199.565] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f3) returned 0x0
[0199.565] IsAppThemed () returned 0x1
[0199.565] GetThemeAppProperties () returned 0x3
[0199.565] GetThemeAppProperties () returned 0x3
[0199.566] IsAppThemed () returned 0x1
[0199.566] GetThemeAppProperties () returned 0x3
[0199.566] GetThemeAppProperties () returned 0x3
[0199.566] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d86b04 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0199.566] IsAppThemed () returned 0x1
[0199.566] GetThemeAppProperties () returned 0x3
[0199.566] GetThemeAppProperties () returned 0x3
[0199.566] IsAppThemed () returned 0x1
[0199.566] GetThemeAppProperties () returned 0x3
[0199.566] GetThemeAppProperties () returned 0x3
[0199.566] GetFocus () returned 0x602c4
[0199.566] IsAppThemed () returned 0x1
[0199.566] GetThemeAppProperties () returned 0x3
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] IsAppThemed () returned 0x1
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] IsThemePartDefined () returned 0x1
[0199.567] IsAppThemed () returned 0x1
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0199.567] IsAppThemed () returned 0x1
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] IsAppThemed () returned 0x1
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] GetThemeAppProperties () returned 0x3
[0199.567] IsThemePartDefined () returned 0x1
[0199.567] GdipCreateRegion (region=0xd7e508) returned 0x0
[0199.567] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0199.567] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0199.567] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0199.567] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e520) returned 0x0
[0199.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0199.568] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0199.568] LocalFree (hMem=0x11eec58) returned 0x0
[0199.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.568] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0199.568] LocalFree (hMem=0x11ee788) returned 0x0
[0199.568] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0199.568] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0199.568] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0199.568] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0199.568] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.568] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0199.568] GetCurrentObject (hdc=0x380107f3, type=0x1) returned 0xb00017
[0199.568] GetCurrentObject (hdc=0x380107f3, type=0x2) returned 0x900010
[0199.568] GetCurrentObject (hdc=0x380107f3, type=0x7) returned 0x4a0507fe
[0199.568] GetCurrentObject (hdc=0x380107f3, type=0x6) returned 0x8a01c2
[0199.568] SaveDC (hdc=0x380107f3) returned 1
[0199.568] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9040807
[0199.568] GetClipRgn (hdc=0x380107f3, hrgn=0x9040807) returned 0
[0199.568] SelectClipRgn (hdc=0x380107f3, hrgn=0x990407de) returned 2
[0199.569] DeleteObject (ho=0x9040807) returned 1
[0199.569] DeleteObject (ho=0x990407de) returned 1
[0199.569] OffsetViewportOrgEx (in: hdc=0x380107f3, x=0, y=0, lppt=0x2d871b4 | out: lppt=0x2d871b4) returned 1
[0199.569] DrawThemeParentBackground () returned 0x0
[0199.569] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0199.569] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0199.569] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0199.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.569] GetSystemMetrics (nIndex=42) returned 0
[0199.569] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0199.569] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0199.569] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0199.569] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0199.569] SelectPalette (hdc=0x380107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.569] GdipCreateFromHDC (hdc=0x380107f3, graphics=0xd7dff8) returned 0x0
[0199.570] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0199.570] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0199.570] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638a28) returned 0x0
[0199.570] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dfd0) returned 0x0
[0199.570] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0199.570] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0199.570] GdipGetClip (graphics=0x664ded0, region=0x6646c28) returned 0x0
[0199.570] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x664ded0, result=0xd7dfc4) returned 0x0
[0199.570] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0199.570] GdipSaveGraphics (graphics=0x664ded0, state=0xd7dff0) returned 0x0
[0199.570] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0199.610] GdipFillRectangleI (graphics=0x664ded0, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0199.610] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0199.612] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0199.612] SelectPalette (hdc=0x380107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.612] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0199.612] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.612] GetSystemMetrics (nIndex=42) returned 0
[0199.612] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.612] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0199.613] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0199.613] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0199.613] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0199.613] SelectPalette (hdc=0x380107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0199.613] GdipCreateFromHDC (hdc=0x380107f3, graphics=0xd7df98) returned 0x0
[0199.613] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0199.613] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0199.613] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638d28) returned 0x0
[0199.613] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df70) returned 0x0
[0199.613] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0199.613] GdipCreateRegion (region=0xd7df58) returned 0x0
[0199.613] GdipGetClip (graphics=0x664ded0, region=0x66464d8) returned 0x0
[0199.613] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x664ded0, result=0xd7df64) returned 0x0
[0199.614] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0199.614] GdipSaveGraphics (graphics=0x664ded0, state=0xd7df90) returned 0x0
[0199.614] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0199.630] GdipFillRectangleI (graphics=0x664ded0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0199.630] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0199.632] GdipRestoreGraphics (graphics=0x664ded0, state=0xfac60dbd) returned 0x0
[0199.632] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0199.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0199.632] GetSystemMetrics (nIndex=42) returned 0
[0199.632] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0199.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0199.632] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0199.632] SelectPalette (hdc=0x380107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.633] RestoreDC (hdc=0x380107f3, nSavedDC=-1) returned 1
[0199.633] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f3) returned 0x0
[0199.633] IsAppThemed () returned 0x1
[0199.633] GetThemeAppProperties () returned 0x3
[0199.633] GetThemeAppProperties () returned 0x3
[0199.633] IsAppThemed () returned 0x1
[0199.633] GetThemeAppProperties () returned 0x3
[0199.633] GetThemeAppProperties () returned 0x3
[0199.633] IsThemePartDefined () returned 0x1
[0199.633] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0199.633] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0199.633] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0199.633] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0199.634] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e4a4) returned 0x0
[0199.634] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0199.634] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0199.634] LocalFree (hMem=0x11ee868) returned 0x0
[0199.634] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.634] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0199.634] LocalFree (hMem=0x11ee788) returned 0x0
[0199.634] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0199.634] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0199.634] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0199.634] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0199.634] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0199.634] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0199.634] GetCurrentObject (hdc=0x380107f3, type=0x1) returned 0xb00017
[0199.634] GetCurrentObject (hdc=0x380107f3, type=0x2) returned 0x900010
[0199.634] GetCurrentObject (hdc=0x380107f3, type=0x7) returned 0x4a0507fe
[0199.634] GetCurrentObject (hdc=0x380107f3, type=0x6) returned 0x8a01c2
[0199.635] SaveDC (hdc=0x380107f3) returned 1
[0199.635] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a0407de
[0199.635] GetClipRgn (hdc=0x380107f3, hrgn=0x9a0407de) returned 0
[0199.635] SelectClipRgn (hdc=0x380107f3, hrgn=0xb040807) returned 2
[0199.635] DeleteObject (ho=0x9a0407de) returned 1
[0199.635] DeleteObject (ho=0xb040807) returned 1
[0199.635] OffsetViewportOrgEx (in: hdc=0x380107f3, x=0, y=0, lppt=0x2d8da04 | out: lppt=0x2d8da04) returned 1
[0199.635] IsAppThemed () returned 0x1
[0199.635] GetThemeAppProperties () returned 0x3
[0199.635] GetThemeAppProperties () returned 0x3
[0199.635] DrawThemeBackground () returned 0x0
[0199.635] RestoreDC (hdc=0x380107f3, nSavedDC=-1) returned 1
[0199.635] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f3) returned 0x0
[0199.635] GdipCreateRegion (region=0xd7e490) returned 0x0
[0199.635] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0199.635] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0199.636] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0199.636] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e4a8) returned 0x0
[0199.636] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0199.636] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0199.636] LocalFree (hMem=0x11ee868) returned 0x0
[0199.636] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0199.636] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0199.636] LocalFree (hMem=0x11ee788) returned 0x0
[0199.636] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0199.636] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0199.636] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0199.636] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0199.636] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0199.636] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0199.636] GetCurrentObject (hdc=0x380107f3, type=0x1) returned 0xb00017
[0199.636] GetCurrentObject (hdc=0x380107f3, type=0x2) returned 0x900010
[0199.636] GetCurrentObject (hdc=0x380107f3, type=0x7) returned 0x4a0507fe
[0199.636] GetCurrentObject (hdc=0x380107f3, type=0x6) returned 0x8a01c2
[0199.637] SaveDC (hdc=0x380107f3) returned 1
[0199.637] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc040807
[0199.637] GetClipRgn (hdc=0x380107f3, hrgn=0xc040807) returned 0
[0199.637] SelectClipRgn (hdc=0x380107f3, hrgn=0x9b0407de) returned 2
[0199.637] DeleteObject (ho=0xc040807) returned 1
[0199.637] DeleteObject (ho=0x9b0407de) returned 1
[0199.637] OffsetViewportOrgEx (in: hdc=0x380107f3, x=0, y=0, lppt=0x2d8dcd8 | out: lppt=0x2d8dcd8) returned 1
[0199.637] IsAppThemed () returned 0x1
[0199.637] GetThemeAppProperties () returned 0x3
[0199.637] GetThemeAppProperties () returned 0x3
[0199.637] GetThemeBackgroundContentRect () returned 0x0
[0199.637] RestoreDC (hdc=0x380107f3, nSavedDC=-1) returned 1
[0199.637] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f3) returned 0x0
[0199.637] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0199.637] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0199.643] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0199.643] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0199.643] IsAppThemed () returned 0x1
[0199.643] GetThemeAppProperties () returned 0x3
[0199.643] GetThemeAppProperties () returned 0x3
[0199.643] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0199.643] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0199.643] GetCurrentObject (hdc=0x380107f3, type=0x1) returned 0xb00017
[0199.643] GetCurrentObject (hdc=0x380107f3, type=0x2) returned 0x900010
[0199.644] GetCurrentObject (hdc=0x380107f3, type=0x7) returned 0x4a0507fe
[0199.644] GetCurrentObject (hdc=0x380107f3, type=0x6) returned 0x8a01c2
[0199.644] SaveDC (hdc=0x380107f3) returned 1
[0199.644] GetTextAlign (hdc=0x380107f3) returned 0x0
[0199.644] GetTextColor (hdc=0x380107f3) returned 0x0
[0199.644] GetCurrentObject (hdc=0x380107f3, type=0x6) returned 0x8a01c2
[0199.644] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0199.644] SelectObject (hdc=0x380107f3, h=0x6d0a0520) returned 0x8a01c2
[0199.644] GetBkMode (hdc=0x380107f3) returned 2
[0199.644] SetBkMode (hdc=0x380107f3, mode=1) returned 2
[0199.644] DrawTextExW (in: hdc=0x380107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d8e09c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0199.645] DrawTextExW (in: hdc=0x380107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d8e09c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0199.645] RestoreDC (hdc=0x380107f3, nSavedDC=-1) returned 1
[0199.645] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f3) returned 0x0
[0199.645] GetFocus () returned 0x602c4
[0199.645] IsAppThemed () returned 0x1
[0199.645] GetThemeAppProperties () returned 0x3
[0199.645] GetThemeAppProperties () returned 0x3
[0199.645] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0199.645] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x380107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0199.646] GdipReleaseDC (graphics=0x6600030, hdc=0x380107f3) returned 0x0
[0199.646] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0199.646] SelectObject (hdc=0x380107f3, h=0x85000f) returned 0x4a0507fe
[0199.646] DeleteDC (hdc=0x380107f3) returned 1
[0199.646] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0199.646] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0199.646] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.646] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.646] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.646] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.646] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.647] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.648] IsWindowUnicode (hWnd=0x7005c) returned 1
[0199.648] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.648] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.648] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.648] IsWindowUnicode (hWnd=0x7005c) returned 1
[0199.648] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.648] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.648] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1080241) returned 0x0
[0199.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.648] WaitMessage () returned 1
[0199.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.661] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.661] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.661] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.661] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.662] WaitMessage () returned 1
[0199.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.663] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.664] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.664] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.664] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.664] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.664] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.664] WaitMessage () returned 1
[0199.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.665] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.665] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.665] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.665] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.666] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.667] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.667] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.667] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.667] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.667] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.667] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.667] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.667] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.668] WaitMessage () returned 1
[0199.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.668] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.668] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.668] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.668] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.688] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.689] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.689] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.689] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.689] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.689] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.689] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.689] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.689] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.689] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.689] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.690] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.690] WaitMessage () returned 1
[0199.692] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.692] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.692] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.692] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.692] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.694] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.694] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.694] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.694] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.694] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.694] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.694] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.694] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.694] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.695] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.695] WaitMessage () returned 1
[0199.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.696] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.696] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.696] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.696] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.697] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.698] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.698] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.698] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.698] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.698] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.698] IsWindowUnicode (hWnd=0x30122) returned 1
[0199.698] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.698] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.698] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.698] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.699] WaitMessage () returned 1
[0199.810] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.810] IsWindowUnicode (hWnd=0x502c6) returned 1
[0199.810] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0199.810] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0199.810] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0199.810] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.810] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0199.810] WaitMessage () returned 1
[0201.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.727] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f8) returned 0x1
[0201.727] IsWindowUnicode (hWnd=0x602c4) returned 1
[0201.727] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.727] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0201.727] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0201.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0201.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f8) returned 0x1
[0201.728] IsWindowUnicode (hWnd=0x602c4) returned 1
[0201.728] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f8) returned 0x1
[0201.728] SetCursor (hCursor=0x10003) returned 0x10003
[0201.728] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0201.728] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0201.728] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0201.728] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0201.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0201.728] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0201.729] GetKeyState (nVirtKey=1) returned 1
[0201.729] GetKeyState (nVirtKey=2) returned 0
[0201.729] GetKeyState (nVirtKey=4) returned 0
[0201.729] GetKeyState (nVirtKey=5) returned 0
[0201.729] GetKeyState (nVirtKey=6) returned 0
[0201.729] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.729] IsWindowUnicode (hWnd=0x602c4) returned 1
[0201.729] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.729] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0201.729] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0201.729] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0201.729] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0201.729] CreateCompatibleDC (hdc=0xc0107c5) returned 0x830105d8
[0201.730] SelectObject (hdc=0x830105d8, h=0x4a0507fe) returned 0x85000f
[0201.730] GdipCreateFromHDC (hdc=0x830105d8, graphics=0xd7e798) returned 0x0
[0201.730] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0201.730] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0201.730] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0201.730] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0201.730] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0201.730] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0201.730] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0201.730] LocalFree (hMem=0x11eecc8) returned 0x0
[0201.730] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0201.730] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0201.730] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0201.730] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0201.731] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0201.731] GdipRestoreGraphics (graphics=0x6600030, state=0xfac40dbd) returned 0x0
[0201.731] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0201.731] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0201.731] GetCurrentObject (hdc=0x830105d8, type=0x1) returned 0xb00017
[0201.731] GetCurrentObject (hdc=0x830105d8, type=0x2) returned 0x900010
[0201.731] GetCurrentObject (hdc=0x830105d8, type=0x7) returned 0x4a0507fe
[0201.731] GetCurrentObject (hdc=0x830105d8, type=0x6) returned 0x8a01c2
[0201.731] SaveDC (hdc=0x830105d8) returned 1
[0201.731] GetNearestColor (hdc=0x830105d8, color=0xff) returned 0xff
[0201.731] GetNearestColor (hdc=0x830105d8, color=0x55) returned 0x55
[0201.731] GetNearestColor (hdc=0x830105d8, color=0x0) returned 0x0
[0201.731] GetNearestColor (hdc=0x830105d8, color=0x55) returned 0x55
[0201.732] GetNearestColor (hdc=0x830105d8, color=0x0) returned 0x0
[0201.732] GetNearestColor (hdc=0x830105d8, color=0x8080ff) returned 0x8080ff
[0201.732] GetNearestColor (hdc=0x830105d8, color=0x7373e5) returned 0x7373e5
[0201.732] GetNearestColor (hdc=0x830105d8, color=0xe5) returned 0xe5
[0201.732] GetNearestColor (hdc=0x830105d8, color=0x0) returned 0x0
[0201.732] RestoreDC (hdc=0x830105d8, nSavedDC=-1) returned 1
[0201.732] GdipReleaseDC (graphics=0x6600030, hdc=0x830105d8) returned 0x0
[0201.732] IsAppThemed () returned 0x1
[0201.732] GetThemeAppProperties () returned 0x3
[0201.732] GetThemeAppProperties () returned 0x3
[0201.732] IsAppThemed () returned 0x1
[0201.732] GetThemeAppProperties () returned 0x3
[0201.732] GetThemeAppProperties () returned 0x3
[0201.732] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d8e9c4 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0201.733] IsAppThemed () returned 0x1
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] IsAppThemed () returned 0x1
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] IsAppThemed () returned 0x1
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] IsAppThemed () returned 0x1
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] GetThemeAppProperties () returned 0x3
[0201.733] IsThemePartDefined () returned 0x1
[0201.733] IsAppThemed () returned 0x1
[0201.734] GetThemeAppProperties () returned 0x3
[0201.734] GetThemeAppProperties () returned 0x3
[0201.734] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0201.734] IsAppThemed () returned 0x1
[0201.734] GetThemeAppProperties () returned 0x3
[0201.734] GetThemeAppProperties () returned 0x3
[0201.734] IsAppThemed () returned 0x1
[0201.734] GetThemeAppProperties () returned 0x3
[0201.734] GetThemeAppProperties () returned 0x3
[0201.734] IsThemePartDefined () returned 0x1
[0201.734] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0201.734] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0201.734] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0201.734] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0201.734] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e514) returned 0x0
[0201.734] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0201.734] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0201.734] LocalFree (hMem=0x11ee788) returned 0x0
[0201.734] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0201.734] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0201.734] LocalFree (hMem=0x11eec58) returned 0x0
[0201.734] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0201.734] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0201.734] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0201.735] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0201.735] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0201.735] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0201.735] GetCurrentObject (hdc=0x830105d8, type=0x1) returned 0xb00017
[0201.735] GetCurrentObject (hdc=0x830105d8, type=0x2) returned 0x900010
[0201.735] GetCurrentObject (hdc=0x830105d8, type=0x7) returned 0x4a0507fe
[0201.735] GetCurrentObject (hdc=0x830105d8, type=0x6) returned 0x8a01c2
[0201.735] SaveDC (hdc=0x830105d8) returned 1
[0201.735] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9c0407de
[0201.735] GetClipRgn (hdc=0x830105d8, hrgn=0x9c0407de) returned 0
[0201.735] SelectClipRgn (hdc=0x830105d8, hrgn=0x10040807) returned 2
[0201.735] DeleteObject (ho=0x9c0407de) returned 1
[0201.735] DeleteObject (ho=0x10040807) returned 1
[0201.735] OffsetViewportOrgEx (in: hdc=0x830105d8, x=0, y=0, lppt=0x2d8f074 | out: lppt=0x2d8f074) returned 1
[0201.735] DrawThemeParentBackground () returned 0x0
[0201.735] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0201.736] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0201.736] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0201.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0201.736] GetSystemMetrics (nIndex=42) returned 0
[0201.736] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0201.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0201.736] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0201.736] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0201.736] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0201.736] SelectPalette (hdc=0x830105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0201.736] GdipCreateFromHDC (hdc=0x830105d8, graphics=0xd7dff0) returned 0x0
[0201.736] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0201.736] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0201.736] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638d28) returned 0x0
[0201.736] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dfc8) returned 0x0
[0201.736] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0201.737] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0201.737] GdipGetClip (graphics=0x664ded0, region=0x66464d8) returned 0x0
[0201.737] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x664ded0, result=0xd7dfbc) returned 0x0
[0201.737] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0201.737] GdipSaveGraphics (graphics=0x664ded0, state=0xd7dfe8) returned 0x0
[0201.737] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0201.745] GdipFillRectangleI (graphics=0x664ded0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0201.745] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0201.747] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0201.747] SelectPalette (hdc=0x830105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0201.747] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0201.747] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0201.747] GetSystemMetrics (nIndex=42) returned 0
[0201.748] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0201.748] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0201.748] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0201.748] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0201.748] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0201.748] SelectPalette (hdc=0x830105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0201.748] GdipCreateFromHDC (hdc=0x830105d8, graphics=0xd7df90) returned 0x0
[0201.748] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0201.748] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0201.748] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638c08) returned 0x0
[0201.748] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0201.748] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0201.748] GdipCreateRegion (region=0xd7df50) returned 0x0
[0201.748] GdipGetClip (graphics=0x664ded0, region=0x6646a78) returned 0x0
[0201.748] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x664ded0, result=0xd7df5c) returned 0x0
[0201.748] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0201.748] GdipSaveGraphics (graphics=0x664ded0, state=0xd7df88) returned 0x0
[0201.749] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0201.756] GdipFillRectangleI (graphics=0x664ded0, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0201.756] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0201.757] GdipRestoreGraphics (graphics=0x664ded0, state=0xfac00dbd) returned 0x0
[0201.757] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0201.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0201.757] GetSystemMetrics (nIndex=42) returned 0
[0201.757] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0201.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0201.758] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0201.758] SelectPalette (hdc=0x830105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0201.758] RestoreDC (hdc=0x830105d8, nSavedDC=-1) returned 1
[0201.758] GdipReleaseDC (graphics=0x6600030, hdc=0x830105d8) returned 0x0
[0201.758] IsAppThemed () returned 0x1
[0201.758] GetThemeAppProperties () returned 0x3
[0201.758] GetThemeAppProperties () returned 0x3
[0201.758] IsAppThemed () returned 0x1
[0201.758] GetThemeAppProperties () returned 0x3
[0201.758] GetThemeAppProperties () returned 0x3
[0201.758] IsThemePartDefined () returned 0x1
[0201.758] GdipCreateRegion (region=0xd7e480) returned 0x0
[0201.758] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0201.758] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0201.758] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0201.758] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e498) returned 0x0
[0201.758] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0201.759] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0201.759] LocalFree (hMem=0x11ee788) returned 0x0
[0201.759] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0201.759] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0201.759] LocalFree (hMem=0x11eec58) returned 0x0
[0201.759] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0201.759] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0201.759] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0201.759] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0201.759] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0201.759] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0201.759] GetCurrentObject (hdc=0x830105d8, type=0x1) returned 0xb00017
[0201.759] GetCurrentObject (hdc=0x830105d8, type=0x2) returned 0x900010
[0201.759] GetCurrentObject (hdc=0x830105d8, type=0x7) returned 0x4a0507fe
[0201.759] GetCurrentObject (hdc=0x830105d8, type=0x6) returned 0x8a01c2
[0201.759] SaveDC (hdc=0x830105d8) returned 1
[0201.759] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x11040807
[0201.759] GetClipRgn (hdc=0x830105d8, hrgn=0x11040807) returned 0
[0201.759] SelectClipRgn (hdc=0x830105d8, hrgn=0x9e0407de) returned 2
[0201.760] DeleteObject (ho=0x11040807) returned 1
[0201.760] DeleteObject (ho=0x9e0407de) returned 1
[0201.760] OffsetViewportOrgEx (in: hdc=0x830105d8, x=0, y=0, lppt=0x2d958c4 | out: lppt=0x2d958c4) returned 1
[0201.760] IsAppThemed () returned 0x1
[0201.760] GetThemeAppProperties () returned 0x3
[0201.760] GetThemeAppProperties () returned 0x3
[0201.760] DrawThemeBackground () returned 0x0
[0201.760] RestoreDC (hdc=0x830105d8, nSavedDC=-1) returned 1
[0201.760] GdipReleaseDC (graphics=0x6600030, hdc=0x830105d8) returned 0x0
[0201.760] GdipCreateRegion (region=0xd7e484) returned 0x0
[0201.760] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0201.760] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0201.760] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0201.760] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e49c) returned 0x0
[0201.760] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0201.760] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0201.760] LocalFree (hMem=0x11eec58) returned 0x0
[0201.760] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0201.760] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eead0) returned 0x0
[0201.760] LocalFree (hMem=0x11eead0) returned 0x0
[0201.761] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0201.761] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0201.761] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0201.761] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0201.761] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0201.761] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0201.761] GetCurrentObject (hdc=0x830105d8, type=0x1) returned 0xb00017
[0201.761] GetCurrentObject (hdc=0x830105d8, type=0x2) returned 0x900010
[0201.761] GetCurrentObject (hdc=0x830105d8, type=0x7) returned 0x4a0507fe
[0201.761] GetCurrentObject (hdc=0x830105d8, type=0x6) returned 0x8a01c2
[0201.761] SaveDC (hdc=0x830105d8) returned 1
[0201.761] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f0407de
[0201.761] GetClipRgn (hdc=0x830105d8, hrgn=0x9f0407de) returned 0
[0201.761] SelectClipRgn (hdc=0x830105d8, hrgn=0x12040807) returned 2
[0201.761] DeleteObject (ho=0x9f0407de) returned 1
[0201.761] DeleteObject (ho=0x12040807) returned 1
[0201.761] OffsetViewportOrgEx (in: hdc=0x830105d8, x=0, y=0, lppt=0x2d95b98 | out: lppt=0x2d95b98) returned 1
[0201.761] IsAppThemed () returned 0x1
[0201.761] GetThemeAppProperties () returned 0x3
[0201.762] GetThemeAppProperties () returned 0x3
[0201.762] GetThemeBackgroundContentRect () returned 0x0
[0201.762] RestoreDC (hdc=0x830105d8, nSavedDC=-1) returned 1
[0201.762] GdipReleaseDC (graphics=0x6600030, hdc=0x830105d8) returned 0x0
[0201.762] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0201.762] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0201.762] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0201.762] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0201.762] IsAppThemed () returned 0x1
[0201.762] GetThemeAppProperties () returned 0x3
[0201.762] GetThemeAppProperties () returned 0x3
[0201.762] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0201.762] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0201.762] GetCurrentObject (hdc=0x830105d8, type=0x1) returned 0xb00017
[0201.762] GetCurrentObject (hdc=0x830105d8, type=0x2) returned 0x900010
[0201.762] GetCurrentObject (hdc=0x830105d8, type=0x7) returned 0x4a0507fe
[0201.762] GetCurrentObject (hdc=0x830105d8, type=0x6) returned 0x8a01c2
[0201.762] SaveDC (hdc=0x830105d8) returned 1
[0201.763] GetTextAlign (hdc=0x830105d8) returned 0x0
[0201.763] GetTextColor (hdc=0x830105d8) returned 0x0
[0201.763] GetCurrentObject (hdc=0x830105d8, type=0x6) returned 0x8a01c2
[0201.763] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0201.763] SelectObject (hdc=0x830105d8, h=0x6d0a0520) returned 0x8a01c2
[0201.763] GetBkMode (hdc=0x830105d8) returned 2
[0201.763] SetBkMode (hdc=0x830105d8, mode=1) returned 2
[0201.763] DrawTextExW (in: hdc=0x830105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d95f5c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0201.763] DrawTextExW (in: hdc=0x830105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d95f5c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0201.764] RestoreDC (hdc=0x830105d8, nSavedDC=-1) returned 1
[0201.764] GdipReleaseDC (graphics=0x6600030, hdc=0x830105d8) returned 0x0
[0201.764] GetFocus () returned 0x602c4
[0201.764] IsAppThemed () returned 0x1
[0201.764] GetThemeAppProperties () returned 0x3
[0201.764] GetThemeAppProperties () returned 0x3
[0201.764] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0201.764] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x830105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0201.764] GdipReleaseDC (graphics=0x6600030, hdc=0x830105d8) returned 0x0
[0201.764] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0201.764] SelectObject (hdc=0x830105d8, h=0x85000f) returned 0x4a0507fe
[0201.764] DeleteDC (hdc=0x830105d8) returned 1
[0201.765] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0201.765] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0201.765] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0201.765] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0201.765] WaitMessage () returned 1
[0201.827] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.828] IsWindowUnicode (hWnd=0x602c4) returned 1
[0201.828] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.828] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0201.828] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0201.828] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.828] IsWindowUnicode (hWnd=0x602c4) returned 1
[0201.828] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.828] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0201.828] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0201.828] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xa001d) returned 0x0
[0201.828] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0201.828] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0201.828] WaitMessage () returned 1
[0201.972] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.972] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f8) returned 0x1
[0201.972] IsWindowUnicode (hWnd=0x602c4) returned 1
[0201.972] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.972] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f8) returned 0x1
[0201.972] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0201.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19c003a) returned 0x0
[0201.973] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0201.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0201.973] SetCursor (hCursor=0x10003) returned 0x10003
[0201.973] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0201.973] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0201.973] GetKeyState (nVirtKey=1) returned -128
[0201.973] GetKeyState (nVirtKey=2) returned 0
[0201.973] GetKeyState (nVirtKey=4) returned 0
[0201.973] GetKeyState (nVirtKey=5) returned 0
[0201.973] GetKeyState (nVirtKey=6) returned 0
[0201.973] IsWindowVisible (hWnd=0x602c4) returned 1
[0201.973] IsWindowEnabled (hWnd=0x602c4) returned 1
[0201.973] SetFocus (hWnd=0x602c4) returned 0x602c4
[0201.973] GetFocus () returned 0x602c4
[0201.973] GetFocus () returned 0x602c4
[0201.973] GetFocus () returned 0x602c4
[0201.973] GetKeyState (nVirtKey=1) returned -128
[0201.974] GetKeyState (nVirtKey=2) returned 0
[0201.974] GetKeyState (nVirtKey=4) returned 0
[0201.974] GetKeyState (nVirtKey=5) returned 0
[0201.974] GetKeyState (nVirtKey=6) returned 0
[0201.974] GetCapture () returned 0x0
[0201.974] SetCapture (hWnd=0x602c4) returned 0x0
[0201.974] GetKeyState (nVirtKey=1) returned -128
[0201.974] GetKeyState (nVirtKey=2) returned 0
[0201.974] GetKeyState (nVirtKey=4) returned 0
[0201.974] GetKeyState (nVirtKey=5) returned 0
[0201.974] GetKeyState (nVirtKey=6) returned 0
[0201.974] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0201.974] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0201.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.974] IsWindowUnicode (hWnd=0x602c4) returned 1
[0201.974] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0201.974] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0201.974] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0201.974] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d960e0, cPoints=0x1 | out: lpPoints=0x2d960e0) returned 40304859
[0201.974] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0201.974] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0201.974] UpdateWindow (hWnd=0x602c4) returned 1
[0201.975] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0201.975] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0201.975] CreateCompatibleDC (hdc=0xc0107c5) returned 0x840105d8
[0201.975] SelectObject (hdc=0x840105d8, h=0x4a0507fe) returned 0x85000f
[0201.975] GdipCreateFromHDC (hdc=0x840105d8, graphics=0xd7e430) returned 0x0
[0201.975] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0201.975] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0201.975] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0201.975] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0201.975] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e490) returned 0x0
[0201.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0201.975] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0201.975] LocalFree (hMem=0x11ee788) returned 0x0
[0201.976] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0201.976] GdipCreateRegion (region=0xd7e478) returned 0x0
[0201.976] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0201.976] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e484) returned 0x0
[0201.976] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0201.976] GdipRestoreGraphics (graphics=0x6600030, state=0xfabe0dbd) returned 0x0
[0201.976] GdipDeleteRegion (region=0x6646838) returned 0x0
[0201.976] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0201.976] GetCurrentObject (hdc=0x840105d8, type=0x1) returned 0xb00017
[0201.976] GetCurrentObject (hdc=0x840105d8, type=0x2) returned 0x900010
[0201.976] GetCurrentObject (hdc=0x840105d8, type=0x7) returned 0x4a0507fe
[0201.976] GetCurrentObject (hdc=0x840105d8, type=0x6) returned 0x8a01c2
[0201.976] SaveDC (hdc=0x840105d8) returned 1
[0201.976] GetNearestColor (hdc=0x840105d8, color=0xff) returned 0xff
[0201.976] GetNearestColor (hdc=0x840105d8, color=0x55) returned 0x55
[0201.976] GetNearestColor (hdc=0x840105d8, color=0x0) returned 0x0
[0201.976] GetNearestColor (hdc=0x840105d8, color=0x55) returned 0x55
[0201.977] GetNearestColor (hdc=0x840105d8, color=0x0) returned 0x0
[0201.977] GetNearestColor (hdc=0x840105d8, color=0x8080ff) returned 0x8080ff
[0201.977] GetNearestColor (hdc=0x840105d8, color=0x7373e5) returned 0x7373e5
[0201.977] GetNearestColor (hdc=0x840105d8, color=0xe5) returned 0xe5
[0201.977] GetNearestColor (hdc=0x840105d8, color=0x0) returned 0x0
[0201.977] RestoreDC (hdc=0x840105d8, nSavedDC=-1) returned 1
[0201.977] GdipReleaseDC (graphics=0x6600030, hdc=0x840105d8) returned 0x0
[0201.977] IsAppThemed () returned 0x1
[0201.977] GetThemeAppProperties () returned 0x3
[0201.977] GetThemeAppProperties () returned 0x3
[0201.977] IsAppThemed () returned 0x1
[0201.977] GetThemeAppProperties () returned 0x3
[0201.977] GetThemeAppProperties () returned 0x3
[0201.977] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d967fc | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0201.978] IsAppThemed () returned 0x1
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] IsAppThemed () returned 0x1
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] IsAppThemed () returned 0x1
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] IsAppThemed () returned 0x1
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] IsThemePartDefined () returned 0x1
[0201.978] IsAppThemed () returned 0x1
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0201.978] IsAppThemed () returned 0x1
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] IsAppThemed () returned 0x1
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] GetThemeAppProperties () returned 0x3
[0201.978] IsThemePartDefined () returned 0x1
[0201.979] GdipCreateRegion (region=0xd7e194) returned 0x0
[0201.979] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0201.979] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0201.979] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0201.979] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e1ac) returned 0x0
[0201.979] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0201.979] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0201.979] LocalFree (hMem=0x11eed00) returned 0x0
[0201.979] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0201.979] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0201.979] LocalFree (hMem=0x11ee910) returned 0x0
[0201.979] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0201.979] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0201.979] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0201.979] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0201.979] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0201.979] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0201.979] GetCurrentObject (hdc=0x840105d8, type=0x1) returned 0xb00017
[0201.979] GetCurrentObject (hdc=0x840105d8, type=0x2) returned 0x900010
[0201.979] GetCurrentObject (hdc=0x840105d8, type=0x7) returned 0x4a0507fe
[0201.980] GetCurrentObject (hdc=0x840105d8, type=0x6) returned 0x8a01c2
[0201.980] SaveDC (hdc=0x840105d8) returned 1
[0201.980] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x13040807
[0201.980] GetClipRgn (hdc=0x840105d8, hrgn=0x13040807) returned 0
[0201.980] SelectClipRgn (hdc=0x840105d8, hrgn=0xa30407de) returned 2
[0201.980] DeleteObject (ho=0x13040807) returned 1
[0201.980] DeleteObject (ho=0xa30407de) returned 1
[0201.980] OffsetViewportOrgEx (in: hdc=0x840105d8, x=0, y=0, lppt=0x2d96eac | out: lppt=0x2d96eac) returned 1
[0201.980] DrawThemeParentBackground () returned 0x0
[0201.980] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0201.980] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0201.980] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0201.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0201.980] GetSystemMetrics (nIndex=42) returned 0
[0201.980] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0201.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0201.981] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0201.981] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0201.981] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0201.981] SelectPalette (hdc=0x840105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0201.981] GdipCreateFromHDC (hdc=0x840105d8, graphics=0xd7dc88) returned 0x0
[0201.981] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0201.981] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0201.981] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638a58) returned 0x0
[0201.981] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc60) returned 0x0
[0201.981] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0201.981] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0201.981] GdipGetClip (graphics=0x664ded0, region=0x66464d8) returned 0x0
[0201.981] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x664ded0, result=0xd7dc54) returned 0x0
[0201.981] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0201.981] GdipSaveGraphics (graphics=0x664ded0, state=0xd7dc80) returned 0x0
[0201.981] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0201.989] GdipFillRectangleI (graphics=0x664ded0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0201.989] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0201.990] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0201.990] SelectPalette (hdc=0x840105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0201.991] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0201.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0201.991] GetSystemMetrics (nIndex=42) returned 0
[0201.991] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0201.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0201.991] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0201.991] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0201.991] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0201.991] SelectPalette (hdc=0x840105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0201.991] GdipCreateFromHDC (hdc=0x840105d8, graphics=0xd7dc28) returned 0x0
[0201.991] GdipSetPageUnit (graphics=0x664ded0, unit=0x2) returned 0x0
[0201.991] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0201.991] GdipGetWorldTransform (graphics=0x664ded0, matrix=0x6638b18) returned 0x0
[0201.991] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0201.991] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0201.991] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0201.991] GdipGetClip (graphics=0x664ded0, region=0x6646688) returned 0x0
[0201.992] GdipIsInfiniteRegion (region=0x6646688, graphics=0x664ded0, result=0xd7dbf4) returned 0x0
[0201.992] GdipDeleteRegion (region=0x6646688) returned 0x0
[0201.992] GdipSaveGraphics (graphics=0x664ded0, state=0xd7dc20) returned 0x0
[0201.992] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0202.000] GdipFillRectangleI (graphics=0x664ded0, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0202.000] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0202.001] GdipRestoreGraphics (graphics=0x664ded0, state=0xfaba0dbd) returned 0x0
[0202.001] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0202.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0202.001] GetSystemMetrics (nIndex=42) returned 0
[0202.001] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0202.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0202.001] GdipDeleteGraphics (graphics=0x664ded0) returned 0x0
[0202.001] SelectPalette (hdc=0x840105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.002] RestoreDC (hdc=0x840105d8, nSavedDC=-1) returned 1
[0202.002] GdipReleaseDC (graphics=0x6600030, hdc=0x840105d8) returned 0x0
[0202.002] IsAppThemed () returned 0x1
[0202.002] GetThemeAppProperties () returned 0x3
[0202.002] GetThemeAppProperties () returned 0x3
[0202.002] IsAppThemed () returned 0x1
[0202.002] GetThemeAppProperties () returned 0x3
[0202.002] GetThemeAppProperties () returned 0x3
[0202.002] IsThemePartDefined () returned 0x1
[0202.002] GdipCreateRegion (region=0xd7e118) returned 0x0
[0202.002] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0202.002] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0202.002] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0202.002] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e130) returned 0x0
[0202.002] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0202.002] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0202.002] LocalFree (hMem=0x11ee868) returned 0x0
[0202.002] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.002] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0202.002] LocalFree (hMem=0x11eec58) returned 0x0
[0202.003] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0202.003] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e158) returned 0x0
[0202.003] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e148) returned 0x0
[0202.003] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0202.003] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0202.003] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0202.003] GetCurrentObject (hdc=0x840105d8, type=0x1) returned 0xb00017
[0202.003] GetCurrentObject (hdc=0x840105d8, type=0x2) returned 0x900010
[0202.003] GetCurrentObject (hdc=0x840105d8, type=0x7) returned 0x4a0507fe
[0202.003] GetCurrentObject (hdc=0x840105d8, type=0x6) returned 0x8a01c2
[0202.003] SaveDC (hdc=0x840105d8) returned 1
[0202.003] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa40407de
[0202.003] GetClipRgn (hdc=0x840105d8, hrgn=0xa40407de) returned 0
[0202.003] SelectClipRgn (hdc=0x840105d8, hrgn=0x15040807) returned 2
[0202.003] DeleteObject (ho=0xa40407de) returned 1
[0202.003] DeleteObject (ho=0x15040807) returned 1
[0202.003] OffsetViewportOrgEx (in: hdc=0x840105d8, x=0, y=0, lppt=0x2d9d6fc | out: lppt=0x2d9d6fc) returned 1
[0202.003] IsAppThemed () returned 0x1
[0202.004] GetThemeAppProperties () returned 0x3
[0202.004] GetThemeAppProperties () returned 0x3
[0202.004] DrawThemeBackground () returned 0x0
[0202.004] RestoreDC (hdc=0x840105d8, nSavedDC=-1) returned 1
[0202.004] GdipReleaseDC (graphics=0x6600030, hdc=0x840105d8) returned 0x0
[0202.004] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0202.004] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0202.004] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0202.004] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0202.004] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e134) returned 0x0
[0202.004] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.004] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0202.004] LocalFree (hMem=0x11ee788) returned 0x0
[0202.004] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0202.004] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0202.004] LocalFree (hMem=0x11ee9f0) returned 0x0
[0202.004] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0202.004] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0202.004] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0202.005] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0202.005] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0202.005] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0202.005] GetCurrentObject (hdc=0x840105d8, type=0x1) returned 0xb00017
[0202.005] GetCurrentObject (hdc=0x840105d8, type=0x2) returned 0x900010
[0202.005] GetCurrentObject (hdc=0x840105d8, type=0x7) returned 0x4a0507fe
[0202.005] GetCurrentObject (hdc=0x840105d8, type=0x6) returned 0x8a01c2
[0202.005] SaveDC (hdc=0x840105d8) returned 1
[0202.005] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x16040807
[0202.005] GetClipRgn (hdc=0x840105d8, hrgn=0x16040807) returned 0
[0202.005] SelectClipRgn (hdc=0x840105d8, hrgn=0xa50407de) returned 2
[0202.005] DeleteObject (ho=0x16040807) returned 1
[0202.005] DeleteObject (ho=0xa50407de) returned 1
[0202.005] OffsetViewportOrgEx (in: hdc=0x840105d8, x=0, y=0, lppt=0x2d9d9d0 | out: lppt=0x2d9d9d0) returned 1
[0202.005] IsAppThemed () returned 0x1
[0202.005] GetThemeAppProperties () returned 0x3
[0202.005] GetThemeAppProperties () returned 0x3
[0202.006] GetThemeBackgroundContentRect () returned 0x0
[0202.006] RestoreDC (hdc=0x840105d8, nSavedDC=-1) returned 1
[0202.006] GdipReleaseDC (graphics=0x6600030, hdc=0x840105d8) returned 0x0
[0202.006] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0202.006] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0202.006] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0202.006] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0202.006] IsAppThemed () returned 0x1
[0202.006] GetThemeAppProperties () returned 0x3
[0202.006] GetThemeAppProperties () returned 0x3
[0202.006] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0202.006] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0202.006] GetCurrentObject (hdc=0x840105d8, type=0x1) returned 0xb00017
[0202.006] GetCurrentObject (hdc=0x840105d8, type=0x2) returned 0x900010
[0202.006] GetCurrentObject (hdc=0x840105d8, type=0x7) returned 0x4a0507fe
[0202.006] GetCurrentObject (hdc=0x840105d8, type=0x6) returned 0x8a01c2
[0202.007] SaveDC (hdc=0x840105d8) returned 1
[0202.007] GetTextAlign (hdc=0x840105d8) returned 0x0
[0202.007] GetTextColor (hdc=0x840105d8) returned 0x0
[0202.007] GetCurrentObject (hdc=0x840105d8, type=0x6) returned 0x8a01c2
[0202.007] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0202.007] SelectObject (hdc=0x840105d8, h=0x6d0a0520) returned 0x8a01c2
[0202.007] GetBkMode (hdc=0x840105d8) returned 2
[0202.007] SetBkMode (hdc=0x840105d8, mode=1) returned 2
[0202.007] DrawTextExW (in: hdc=0x840105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d9dd94 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0202.008] DrawTextExW (in: hdc=0x840105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d9dd94 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0202.008] RestoreDC (hdc=0x840105d8, nSavedDC=-1) returned 1
[0202.008] GdipReleaseDC (graphics=0x6600030, hdc=0x840105d8) returned 0x0
[0202.009] GetFocus () returned 0x602c4
[0202.009] IsAppThemed () returned 0x1
[0202.009] GetThemeAppProperties () returned 0x3
[0202.009] GetThemeAppProperties () returned 0x3
[0202.009] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0202.009] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x840105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.009] GdipReleaseDC (graphics=0x6600030, hdc=0x840105d8) returned 0x0
[0202.009] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.009] SelectObject (hdc=0x840105d8, h=0x85000f) returned 0x4a0507fe
[0202.010] DeleteDC (hdc=0x840105d8) returned 1
[0202.010] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.010] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0202.010] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d9de90, cPoints=0x1 | out: lpPoints=0x2d9de90) returned 40304859
[0202.010] WindowFromPoint (Point=0xf8) returned 0x602c4
[0202.010] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100f8) returned 0x1
[0202.010] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0202.010] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0202.010] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0202.010] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0202.010] GetSystemMetrics (nIndex=42) returned 0
[0202.010] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0202.011] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0202.013] GetCapture () returned 0x602c4
[0202.013] ReleaseCapture () returned 1
[0202.014] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0202.014] GetProcessWindowStation () returned 0x13c
[0202.014] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.014] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0202.015] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.015] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0202.015] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.015] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0202.015] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.015] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0202.015] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.015] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0202.016] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.016] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0202.016] GetDC (hWnd=0x0) returned 0xf0105ee
[0202.016] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0202.016] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0202.016] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.016] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0202.016] GetSystemMetrics (nIndex=5) returned 1
[0202.017] GetSystemMetrics (nIndex=6) returned 1
[0202.017] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.017] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0202.017] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.017] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0202.021] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0202.021] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0202.021] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.021] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0202.021] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.021] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0202.022] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2da38ac | out: lpData=0x2da38ac) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da3cbc, puLen=0xd7e810) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3964, puLen=0xd7e790) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da39b8, puLen=0xd7e790) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3a38, puLen=0xd7e790) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3aa0, puLen=0xd7e790) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3ae0, puLen=0xd7e790) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3b68, puLen=0xd7e790) returned 1
[0202.023] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3ba4, puLen=0xd7e790) returned 1
[0202.024] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3bfc, puLen=0xd7e790) returned 1
[0202.024] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3c2c, puLen=0xd7e790) returned 1
[0202.024] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.024] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3c68, puLen=0xd7e790) returned 1
[0202.024] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.024] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da3cbc, puLen=0xd7e784) returned 1
[0202.024] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.024] VerQueryValueW (in: pBlock=0x2da38ac, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da38d4, puLen=0xd7e794) returned 1
[0202.024] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0202.025] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0202.025] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.025] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0202.025] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.025] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0202.025] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2da581c | out: lpData=0x2da581c) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da58b8, puLen=0xd7e810) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5930, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5960, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da599c, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da59cc, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5a14, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5a8c, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5ad0, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5b10, puLen=0xd7e790) returned 1
[0202.025] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da590e, puLen=0xd7e790) returned 1
[0202.026] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5a5c, puLen=0xd7e790) returned 1
[0202.026] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.026] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.026] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da58b8, puLen=0xd7e784) returned 1
[0202.026] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0202.026] VerQueryValueW (in: pBlock=0x2da581c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da5844, puLen=0xd7e794) returned 1
[0202.027] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0202.027] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0202.027] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.027] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0202.027] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.027] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0202.028] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2da7af4 | out: lpData=0x2da7af4) returned 1
[0202.028] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da7f08, puLen=0xd7e810) returned 1
[0202.028] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7bac, puLen=0xd7e790) returned 1
[0202.028] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7c00, puLen=0xd7e790) returned 1
[0202.028] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7c5c, puLen=0xd7e790) returned 1
[0202.028] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7cbc, puLen=0xd7e790) returned 1
[0202.028] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7d14, puLen=0xd7e790) returned 1
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7d9c, puLen=0xd7e790) returned 1
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7df0, puLen=0xd7e790) returned 1
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7e48, puLen=0xd7e790) returned 1
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7e78, puLen=0xd7e790) returned 1
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7eb4, puLen=0xd7e790) returned 1
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da7f08, puLen=0xd7e784) returned 1
[0202.029] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.029] VerQueryValueW (in: pBlock=0x2da7af4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da7b1c, puLen=0xd7e794) returned 1
[0202.030] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0202.030] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0202.030] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.030] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0202.030] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.030] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0202.031] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2daa12c | out: lpData=0x2daa12c) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2daa52c, puLen=0xd7e810) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa1e4, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa238, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa278, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa2e0, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa338, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa3c0, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa414, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa46c, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa49c, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daa4d8, puLen=0xd7e790) returned 1
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2daa52c, puLen=0xd7e784) returned 1
[0202.032] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.032] VerQueryValueW (in: pBlock=0x2daa12c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2daa154, puLen=0xd7e794) returned 1
[0202.033] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0202.033] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0202.033] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.033] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0202.034] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.034] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0202.035] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2dac868 | out: lpData=0x2dac868) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dacc30, puLen=0xd7e810) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dac920, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dac974, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dac9b4, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daca1c, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daca58, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacae0, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacb18, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacb70, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacba0, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dacbdc, puLen=0xd7e790) returned 1
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dacc30, puLen=0xd7e784) returned 1
[0202.036] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.036] VerQueryValueW (in: pBlock=0x2dac868, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dac890, puLen=0xd7e794) returned 1
[0202.037] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0202.037] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0202.037] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.037] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0202.038] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.038] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0202.038] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2dafed0 | out: lpData=0x2dafed0) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db02b0, puLen=0xd7e810) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daff88, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daffdc, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db001c, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db007c, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db00c8, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db0150, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db0198, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db01f0, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db0220, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db025c, puLen=0xd7e790) returned 1
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.039] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db02b0, puLen=0xd7e784) returned 1
[0202.039] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.040] VerQueryValueW (in: pBlock=0x2dafed0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dafef8, puLen=0xd7e794) returned 1
[0202.040] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0202.040] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0202.040] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.041] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0202.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.041] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0202.041] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2db26f0 | out: lpData=0x2db26f0) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db2afc, puLen=0xd7e810) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db27a8, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db27fc, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2850, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db28b0, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2908, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2990, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db29e4, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2a3c, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2a6c, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2aa8, puLen=0xd7e790) returned 1
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.042] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db2afc, puLen=0xd7e784) returned 1
[0202.042] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.043] VerQueryValueW (in: pBlock=0x2db26f0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db2718, puLen=0xd7e794) returned 1
[0202.043] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0202.043] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0202.043] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.044] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0202.046] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.046] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0202.047] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2db4f04 | out: lpData=0x2db4f04) returned 1
[0202.047] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db52dc, puLen=0xd7e810) returned 1
[0202.047] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db4fbc, puLen=0xd7e790) returned 1
[0202.047] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5010, puLen=0xd7e790) returned 1
[0202.047] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5050, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db50b8, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db50fc, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5184, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db51c4, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db521c, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db524c, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5288, puLen=0xd7e790) returned 1
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db52dc, puLen=0xd7e784) returned 1
[0202.048] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.048] VerQueryValueW (in: pBlock=0x2db4f04, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db4f2c, puLen=0xd7e794) returned 1
[0202.049] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0202.049] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0202.049] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.049] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0202.049] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.049] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0202.050] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2db745c | out: lpData=0x2db745c) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db7834, puLen=0xd7e810) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db7514, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db7568, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db75a8, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db7610, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db7654, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db76dc, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db771c, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db7774, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db77a4, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db77e0, puLen=0xd7e790) returned 1
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db7834, puLen=0xd7e784) returned 1
[0202.051] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.051] VerQueryValueW (in: pBlock=0x2db745c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db7484, puLen=0xd7e794) returned 1
[0202.052] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0202.052] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0202.052] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0202.052] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0202.052] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0202.052] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0202.053] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2db9b94 | out: lpData=0x2db9b94) returned 1
[0202.053] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db9fc4, puLen=0xd7e810) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9c4c, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9ca0, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9d10, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9d70, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9dcc, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9e54, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9eac, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9f04, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9f34, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db9f70, puLen=0xd7e790) returned 1
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db9fc4, puLen=0xd7e784) returned 1
[0202.054] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0202.054] VerQueryValueW (in: pBlock=0x2db9b94, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db9bbc, puLen=0xd7e794) returned 1
[0202.054] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0202.055] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.055] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0202.055] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.055] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.056] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02c8
[0202.058] SetWindowLongW (hWnd=0xe02c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0202.058] GetWindowLongW (hWnd=0xe02c8, nIndex=-4) returned 1950089536
[0202.058] SetWindowLongW (hWnd=0xe02c8, nIndex=-4, dwNewLong=19945582) returned 1950089536
[0202.058] GetWindowLongW (hWnd=0xe02c8, nIndex=-4) returned 19945582
[0202.058] GetWindowLongW (hWnd=0xe02c8, nIndex=-16) returned 113311744
[0202.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0202.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0202.061] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0202.061] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0202.061] GetClientRect (in: hWnd=0xe02c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0202.061] GetWindowRect (in: hWnd=0xe02c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0202.061] SetWindowTextW (hWnd=0xe02c8, lpString="WindowsFormsParkingWindow") returned 1
[0202.062] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0xc, wParam=0x0, lParam=0x2d7f18c) returned 0x1
[0202.062] GetParent (hWnd=0xe02c8) returned 0x0
[0202.063] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.063] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xe02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1700ea
[0202.063] SetWindowLongW (hWnd=0x1700ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0202.063] GetWindowLongW (hWnd=0x1700ea, nIndex=-4) returned 1868147648
[0202.064] SetWindowLongW (hWnd=0x1700ea, nIndex=-4, dwNewLong=19945622) returned 1868147648
[0202.064] GetWindowLongW (hWnd=0x1700ea, nIndex=-4) returned 19945622
[0202.064] GetWindowLongW (hWnd=0x1700ea, nIndex=-16) returned 1174405133
[0202.064] GetWindowLongW (hWnd=0x1700ea, nIndex=-12) returned 0
[0202.064] SetWindowLongW (hWnd=0x1700ea, nIndex=-12, dwNewLong=1507562) returned 0
[0202.064] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0202.065] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0202.065] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0202.065] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0202.066] GetWindowRect (in: hWnd=0x1700ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0202.066] GetParent (hWnd=0x1700ea) returned 0xe02c8
[0202.066] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xe02c8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0202.066] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0202.066] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0202.066] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0202.066] GetWindowRect (in: hWnd=0x1700ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0202.066] GetParent (hWnd=0x1700ea) returned 0xe02c8
[0202.067] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xe02c8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0202.067] SendMessageW (hWnd=0x1700ea, Msg=0x2210, wParam=0xea0001, lParam=0x1700ea) returned 0x0
[0202.067] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x2210, wParam=0xea0001, lParam=0x1700ea) returned 0x0
[0202.067] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.067] GetParent (hWnd=0x1700ea) returned 0xe02c8
[0202.067] GdipCreateFromHWND (hwnd=0x1700ea, graphics=0xd7e844) returned 0x0
[0202.068] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0202.068] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.068] GetForegroundWindow () returned 0x602c4
[0202.069] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.069] GetCursorPos (in: lpPoint=0x2dbdea0 | out: lpPoint=0x2dbdea0*(x=248, y=625)) returned 1
[0202.069] MonitorFromPoint (pt=0xf8, dwFlags=0x271) returned 0x10001
[0202.069] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0202.070] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x870105d8
[0202.070] GetDeviceCaps (hdc=0x870105d8, index=12) returned 32
[0202.070] GetDeviceCaps (hdc=0x870105d8, index=14) returned 1
[0202.070] DeleteDC (hdc=0x870105d8) returned 1
[0202.070] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0202.070] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0202.070] GetSystemMetrics (nIndex=59) returned 1460
[0202.070] GetSystemMetrics (nIndex=60) returned 920
[0202.070] GetSystemMetrics (nIndex=34) returned 136
[0202.070] GetSystemMetrics (nIndex=35) returned 39
[0202.071] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.071] GetCursorPos (in: lpPoint=0x2dbe10c | out: lpPoint=0x2dbe10c*(x=248, y=625)) returned 1
[0202.071] MonitorFromPoint (pt=0xf7, dwFlags=0x272) returned 0x10001
[0202.071] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0202.071] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x880105d8
[0202.071] GetDeviceCaps (hdc=0x880105d8, index=12) returned 32
[0202.071] GetDeviceCaps (hdc=0x880105d8, index=14) returned 1
[0202.072] DeleteDC (hdc=0x880105d8) returned 1
[0202.072] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0202.072] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0202.072] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.073] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0202.073] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2dbe3a4 | out: piconinfo=0x2dbe3a4) returned 1
[0202.073] GetObjectW (in: h=0x550507f3, c=24, pv=0x2dbe3c0 | out: pv=0x2dbe3c0) returned 24
[0202.073] GdipCreateBitmapFromHBITMAP (hbm=0x550507f3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0202.074] GdipGetImageWidth (image=0x664fe20, width=0xd7e750) returned 0x0
[0202.074] GdipGetImageHeight (image=0x664fe20, height=0xd7e748) returned 0x0
[0202.074] GdipGetImagePixelFormat (image=0x664fe20, format=0xd7e740) returned 0x0
[0202.074] GdipBitmapLockBits (bitmap=0x664fe20, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2dbe478) returned 0x0
[0202.074] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0202.074] GdipBitmapLockBits (bitmap=0x664f448, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2dbe4b0) returned 0x0
[0202.074] RtlMoveMemory (in: Destination=0x665ff50, Source=0x665ceb0, Length=0x80 | out: Destination=0x665ff50)
[0202.074] RtlMoveMemory (in: Destination=0x665ffd0, Source=0x665ce30, Length=0x80 | out: Destination=0x665ffd0)
[0202.074] RtlMoveMemory (in: Destination=0x6660050, Source=0x665cdb0, Length=0x80 | out: Destination=0x6660050)
[0202.074] RtlMoveMemory (in: Destination=0x66600d0, Source=0x665cd30, Length=0x80 | out: Destination=0x66600d0)
[0202.074] RtlMoveMemory (in: Destination=0x6660150, Source=0x665ccb0, Length=0x80 | out: Destination=0x6660150)
[0202.074] RtlMoveMemory (in: Destination=0x66601d0, Source=0x665cc30, Length=0x80 | out: Destination=0x66601d0)
[0202.074] RtlMoveMemory (in: Destination=0x6660250, Source=0x665cbb0, Length=0x80 | out: Destination=0x6660250)
[0202.074] RtlMoveMemory (in: Destination=0x66602d0, Source=0x665cb30, Length=0x80 | out: Destination=0x66602d0)
[0202.075] RtlMoveMemory (in: Destination=0x6660350, Source=0x665cab0, Length=0x80 | out: Destination=0x6660350)
[0202.075] RtlMoveMemory (in: Destination=0x66603d0, Source=0x665ca30, Length=0x80 | out: Destination=0x66603d0)
[0202.075] RtlMoveMemory (in: Destination=0x6660450, Source=0x665c9b0, Length=0x80 | out: Destination=0x6660450)
[0202.075] RtlMoveMemory (in: Destination=0x66604d0, Source=0x665c930, Length=0x80 | out: Destination=0x66604d0)
[0202.075] RtlMoveMemory (in: Destination=0x6660550, Source=0x665c8b0, Length=0x80 | out: Destination=0x6660550)
[0202.075] RtlMoveMemory (in: Destination=0x66605d0, Source=0x665c830, Length=0x80 | out: Destination=0x66605d0)
[0202.075] RtlMoveMemory (in: Destination=0x6660650, Source=0x665c7b0, Length=0x80 | out: Destination=0x6660650)
[0202.075] RtlMoveMemory (in: Destination=0x66606d0, Source=0x665c730, Length=0x80 | out: Destination=0x66606d0)
[0202.075] RtlMoveMemory (in: Destination=0x6660750, Source=0x665c6b0, Length=0x80 | out: Destination=0x6660750)
[0202.075] RtlMoveMemory (in: Destination=0x66607d0, Source=0x665c630, Length=0x80 | out: Destination=0x66607d0)
[0202.076] RtlMoveMemory (in: Destination=0x6660850, Source=0x665c5b0, Length=0x80 | out: Destination=0x6660850)
[0202.076] RtlMoveMemory (in: Destination=0x66608d0, Source=0x665c530, Length=0x80 | out: Destination=0x66608d0)
[0202.076] RtlMoveMemory (in: Destination=0x6660950, Source=0x665c4b0, Length=0x80 | out: Destination=0x6660950)
[0202.076] RtlMoveMemory (in: Destination=0x66609d0, Source=0x665c430, Length=0x80 | out: Destination=0x66609d0)
[0202.076] RtlMoveMemory (in: Destination=0x6660a50, Source=0x665c3b0, Length=0x80 | out: Destination=0x6660a50)
[0202.076] RtlMoveMemory (in: Destination=0x6660ad0, Source=0x665c330, Length=0x80 | out: Destination=0x6660ad0)
[0202.076] RtlMoveMemory (in: Destination=0x6660b50, Source=0x665c2b0, Length=0x80 | out: Destination=0x6660b50)
[0202.076] RtlMoveMemory (in: Destination=0x6660bd0, Source=0x665c230, Length=0x80 | out: Destination=0x6660bd0)
[0202.076] RtlMoveMemory (in: Destination=0x6660c50, Source=0x665c1b0, Length=0x80 | out: Destination=0x6660c50)
[0202.076] RtlMoveMemory (in: Destination=0x6660cd0, Source=0x665c130, Length=0x80 | out: Destination=0x6660cd0)
[0202.076] RtlMoveMemory (in: Destination=0x6660d50, Source=0x665c0b0, Length=0x80 | out: Destination=0x6660d50)
[0202.076] RtlMoveMemory (in: Destination=0x6660dd0, Source=0x665c030, Length=0x80 | out: Destination=0x6660dd0)
[0202.076] RtlMoveMemory (in: Destination=0x6660e50, Source=0x665bfb0, Length=0x80 | out: Destination=0x6660e50)
[0202.076] RtlMoveMemory (in: Destination=0x6660ed0, Source=0x665bf30, Length=0x80 | out: Destination=0x6660ed0)
[0202.076] GdipBitmapUnlockBits (bitmap=0x664fe20, lockedBitmapData=0x2dbe478) returned 0x0
[0202.076] GdipBitmapUnlockBits (bitmap=0x664f448, lockedBitmapData=0x2dbe4b0) returned 0x0
[0202.077] GdipDisposeImage (image=0x664fe20) returned 0x0
[0202.077] DeleteObject (ho=0x550507f3) returned 1
[0202.077] DeleteObject (ho=0x890505d8) returned 1
[0202.077] GetCurrentThreadId () returned 0xf50
[0202.077] GetCurrentThreadId () returned 0xf50
[0202.077] SetWindowPos (hWnd=0x1700ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0202.077] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0202.077] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0202.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0202.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0202.078] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0202.078] GetWindowRect (in: hWnd=0x1700ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0202.078] GetParent (hWnd=0x1700ea) returned 0xe02c8
[0202.078] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xe02c8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0202.078] InvalidateRect (hWnd=0x1700ea, lpRect=0x0, bErase=1) returned 1
[0202.078] GetWindowTextLengthW (hWnd=0x1700ea) returned 0
[0202.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0202.078] GetSystemMetrics (nIndex=42) returned 0
[0202.078] GetWindowTextW (in: hWnd=0x1700ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0202.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0202.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0202.078] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0202.078] GetWindowRect (in: hWnd=0x1700ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0202.079] GetParent (hWnd=0x1700ea) returned 0xe02c8
[0202.079] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xe02c8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0202.079] GetWindowTextLengthW (hWnd=0x1700ea) returned 0
[0202.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0202.079] GetSystemMetrics (nIndex=42) returned 0
[0202.079] GetWindowTextW (in: hWnd=0x1700ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0202.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0202.079] GetWindowTextLengthW (hWnd=0x1700ea) returned 0
[0202.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0202.079] GetSystemMetrics (nIndex=42) returned 0
[0202.079] GetWindowTextW (in: hWnd=0x1700ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0202.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0202.079] SetWindowTextW (hWnd=0x1700ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0202.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xc, wParam=0x0, lParam=0x2d9f484) returned 0x1
[0202.079] InvalidateRect (hWnd=0x1700ea, lpRect=0x0, bErase=1) returned 1
[0202.080] GetCurrentThreadId () returned 0xf50
[0202.080] GetWindowThreadProcessId (in: hWnd=0x1700ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0202.080] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0202.081] GdipImageForceValidation (image=0x6650168) returned 0x0
[0202.083] GdipGetImageRawFormat (image=0x6650168, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0202.083] GdipGetImageHeight (image=0x6650168, height=0xd7e824) returned 0x0
[0202.083] GdipGetImageWidth (image=0x6650168, width=0xd7e824) returned 0x0
[0202.083] GdipGetImageWidth (image=0x6650168, width=0xd7e810) returned 0x0
[0202.083] GdipGetImageHeight (image=0x6650168, height=0xd7e810) returned 0x0
[0202.083] GdipGetImageWidth (image=0x6650168, width=0xd7e800) returned 0x0
[0202.083] GdipGetImageHeight (image=0x6650168, height=0xd7e800) returned 0x0
[0202.083] GdipBitmapGetPixel (bitmap=0x6650168, x=0, y=15, color=0xd7e810) returned 0x0
[0202.084] GdipGetImageRawFormat (image=0x6650168, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0202.084] GdipGetImageWidth (image=0x6650168, width=0xd7e740) returned 0x0
[0202.084] GdipGetImageHeight (image=0x6650168, height=0xd7e740) returned 0x0
[0202.084] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0202.084] GdipGetImagePixelFormat (image=0x6652580, format=0xd7e740) returned 0x0
[0202.084] GdipGetImageGraphicsContext (image=0x6652580, graphics=0xd7e74c) returned 0x0
[0202.084] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0202.084] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0202.084] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0202.084] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650168, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0202.084] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0202.085] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.085] GdipDisposeImage (image=0x6650168) returned 0x0
[0202.085] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0202.086] GdipImageForceValidation (image=0x664ea70) returned 0x0
[0202.088] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0202.088] GdipGetImageHeight (image=0x664ea70, height=0xd7e824) returned 0x0
[0202.088] GdipGetImageWidth (image=0x664ea70, width=0xd7e824) returned 0x0
[0202.088] GdipGetImageWidth (image=0x664ea70, width=0xd7e810) returned 0x0
[0202.088] GdipGetImageHeight (image=0x664ea70, height=0xd7e810) returned 0x0
[0202.088] GdipGetImageWidth (image=0x664ea70, width=0xd7e800) returned 0x0
[0202.088] GdipGetImageHeight (image=0x664ea70, height=0xd7e800) returned 0x0
[0202.088] GdipBitmapGetPixel (bitmap=0x664ea70, x=0, y=15, color=0xd7e810) returned 0x0
[0202.088] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0202.088] GdipGetImageWidth (image=0x664ea70, width=0xd7e740) returned 0x0
[0202.088] GdipGetImageHeight (image=0x664ea70, height=0xd7e740) returned 0x0
[0202.088] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0202.089] GdipGetImagePixelFormat (image=0x6650e88, format=0xd7e740) returned 0x0
[0202.089] GdipGetImageGraphicsContext (image=0x6650e88, graphics=0xd7e74c) returned 0x0
[0202.089] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0202.089] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0202.089] GdipSetImageAttributesColorKeys (imageattr=0x6638b48, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0202.089] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664ea70, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b48, callback=0x0, callbackData=0x0) returned 0x0
[0202.089] GdipDisposeImageAttributes (imageattr=0x6638b48) returned 0x0
[0202.089] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.089] GdipDisposeImage (image=0x664ea70) returned 0x0
[0202.090] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.090] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0202.090] GetCurrentThreadId () returned 0xf50
[0202.090] GetCurrentThreadId () returned 0xf50
[0202.090] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.090] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0202.090] GetCurrentThreadId () returned 0xf50
[0202.091] GetCurrentThreadId () returned 0xf50
[0202.091] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.091] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0202.091] GetCurrentThreadId () returned 0xf50
[0202.091] GetCurrentThreadId () returned 0xf50
[0202.091] GetSystemMetrics (nIndex=5) returned 1
[0202.091] GetSystemMetrics (nIndex=6) returned 1
[0202.092] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.092] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0202.092] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.092] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0202.093] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.093] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0202.093] GetCurrentThreadId () returned 0xf50
[0202.093] GetCurrentThreadId () returned 0xf50
[0202.093] GetProcessWindowStation () returned 0x13c
[0202.093] GetCapture () returned 0x0
[0202.093] GetActiveWindow () returned 0x7005c
[0202.093] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0202.093] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.093] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0202.094] GetCursorPos (in: lpPoint=0x2dbf5f0 | out: lpPoint=0x2dbf5f0*(x=248, y=625)) returned 1
[0202.094] MonitorFromPoint (pt=0xf8, dwFlags=0x271) returned 0x10001
[0202.094] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0202.094] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8a0105d8
[0202.094] GetDeviceCaps (hdc=0x8a0105d8, index=12) returned 32
[0202.094] GetDeviceCaps (hdc=0x8a0105d8, index=14) returned 1
[0202.094] DeleteDC (hdc=0x8a0105d8) returned 1
[0202.094] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0202.095] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.095] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1402da
[0202.095] SetWindowLongW (hWnd=0x1402da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0202.095] GetWindowLongW (hWnd=0x1402da, nIndex=-4) returned 1950089536
[0202.096] SetWindowLongW (hWnd=0x1402da, nIndex=-4, dwNewLong=19944622) returned 1950089536
[0202.096] GetWindowLongW (hWnd=0x1402da, nIndex=-4) returned 19944622
[0202.096] GetWindowLongW (hWnd=0x1402da, nIndex=-16) returned 113770496
[0202.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0202.097] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0202.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0202.098] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0202.098] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0202.098] SetWindowTextW (hWnd=0x1402da, lpString="Microsoft .NET Framework") returned 1
[0202.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xc, wParam=0x0, lParam=0x2c50f5c) returned 0x1
[0202.099] GetStartupInfoW (in: lpStartupInfo=0x2dbf92c | out: lpStartupInfo=0x2dbf92c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0202.102] GetParent (hWnd=0x1402da) returned 0x0
[0202.102] SetWindowLongW (hWnd=0x1402da, nIndex=-8, dwNewLong=0) returned 0
[0202.104] SendMessageW (hWnd=0x1402da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0202.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0202.104] SendMessageW (hWnd=0x1402da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0202.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0202.104] GetSystemMenu (hWnd=0x1402da, bRevert=0) returned 0x4502a1
[0202.105] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0202.105] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0202.105] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0202.105] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0202.105] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0202.105] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0202.105] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0202.105] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0202.105] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0202.105] SetWindowPos (hWnd=0x1402da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0202.106] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0202.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1402da) returned 0x1
[0202.109] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0202.109] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0202.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.114] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1402da, lParam=0x0) returned 0x0
[0202.114] GetCapture () returned 0x0
[0202.114] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0202.116] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0202.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0202.119] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0202.119] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0202.120] GetParent (hWnd=0x1402da) returned 0x0
[0202.120] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0202.123] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0202.123] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0202.123] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0202.123] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0202.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.126] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.127] GetWindowLongW (hWnd=0x1402da, nIndex=-16) returned 113770496
[0202.127] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.127] GetSystemMetrics (nIndex=42) returned 0
[0202.127] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0202.127] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.127] GetSystemMetrics (nIndex=42) returned 0
[0202.127] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0202.127] GetCursorPos (in: lpPoint=0x2dbfbf8 | out: lpPoint=0x2dbfbf8*(x=248, y=625)) returned 1
[0202.127] MonitorFromPoint (pt=0xf8, dwFlags=0x271) returned 0x10001
[0202.127] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0202.128] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7d0107d7
[0202.128] GetDeviceCaps (hdc=0x7d0107d7, index=12) returned 32
[0202.128] GetDeviceCaps (hdc=0x7d0107d7, index=14) returned 1
[0202.128] DeleteDC (hdc=0x7d0107d7) returned 1
[0202.128] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0202.128] GetWindowLongW (hWnd=0x1402da, nIndex=-16) returned 113770496
[0202.128] GetWindowLongW (hWnd=0x1402da, nIndex=-20) returned 327945
[0202.128] SetWindowLongW (hWnd=0x1402da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0202.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0202.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0202.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.131] SetWindowLongW (hWnd=0x1402da, nIndex=-20, dwNewLong=327681) returned 327945
[0202.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0202.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0202.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.133] SetWindowPos (hWnd=0x1402da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0202.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0202.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0202.134] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0202.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0202.134] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0202.134] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0202.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.136] RedrawWindow (hWnd=0x1402da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0202.136] GetSystemMenu (hWnd=0x1402da, bRevert=0) returned 0x4502a1
[0202.136] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0202.136] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0202.137] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0202.137] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0202.137] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0202.137] EnableMenuItem (hMenu=0x4502a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0202.137] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0202.137] GetWindowLongW (hWnd=0x1402da, nIndex=-8) returned 0
[0202.137] SetWindowLongW (hWnd=0x1402da, nIndex=-8, dwNewLong=458844) returned 0
[0202.142] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0202.142] GetProcessWindowStation () returned 0x13c
[0202.142] GetCurrentThreadId () returned 0xf50
[0202.143] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13054d6, lParam=0x0) returned 1
[0202.143] IsWindowVisible (hWnd=0x1402da) returned 0
[0202.143] IsWindowVisible (hWnd=0x7005c) returned 1
[0202.143] IsWindowEnabled (hWnd=0x7005c) returned 1
[0202.143] IsWindowVisible (hWnd=0x300ec) returned 0
[0202.143] IsWindowVisible (hWnd=0x502c6) returned 0
[0202.143] IsWindowVisible (hWnd=0x502be) returned 0
[0202.143] GetActiveWindow () returned 0x1402da
[0202.143] GetFocus () returned 0x1402da
[0202.143] IsWindow (hWnd=0x7005c) returned 1
[0202.143] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0202.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0202.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0202.145] GetWindowLongW (hWnd=0x1402da, nIndex=-8) returned 458844
[0202.145] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0202.145] GetCurrentThreadId () returned 0xf50
[0202.145] GetWindowLongW (hWnd=0x1402da, nIndex=-8) returned 458844
[0202.145] IsWindowEnabled (hWnd=0x7005c) returned 0
[0202.145] IsWindowEnabled (hWnd=0x1402da) returned 1
[0202.145] ShowWindow (hWnd=0x1402da, nCmdShow=5) returned 0
[0202.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.145] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0202.146] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.146] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.146] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1402dc
[0202.146] SetWindowLongW (hWnd=0x1402dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0202.147] GetWindowLongW (hWnd=0x1402dc, nIndex=-4) returned 1950089536
[0202.147] SetWindowLongW (hWnd=0x1402dc, nIndex=-4, dwNewLong=19946462) returned 1950089536
[0202.147] GetWindowLongW (hWnd=0x1402dc, nIndex=-4) returned 19946462
[0202.147] GetWindowLongW (hWnd=0x1402dc, nIndex=-16) returned 1174405120
[0202.147] GetWindowLongW (hWnd=0x1402dc, nIndex=-12) returned 0
[0202.147] SetWindowLongW (hWnd=0x1402dc, nIndex=-12, dwNewLong=1311452) returned 0
[0202.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0202.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0202.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0202.148] GetWindow (hWnd=0x1402dc, uCmd=0x3) returned 0x0
[0202.148] GetClientRect (in: hWnd=0x1402dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0202.148] GetWindowRect (in: hWnd=0x1402dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0202.148] GetParent (hWnd=0x1402dc) returned 0x1402da
[0202.148] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0202.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0202.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0202.149] GetClientRect (in: hWnd=0x1402dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0202.149] GetWindowRect (in: hWnd=0x1402dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0202.149] GetParent (hWnd=0x1402dc) returned 0x1402da
[0202.149] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0202.149] SendMessageW (hWnd=0x1402dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1402dc) returned 0x0
[0202.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1402dc) returned 0x0
[0202.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.150] GetParent (hWnd=0x1402dc) returned 0x1402da
[0202.150] GetParent (hWnd=0x1700ea) returned 0xe02c8
[0202.150] SetParent (hWndChild=0x1700ea, hWndNewParent=0x1402da) returned 0xe02c8
[0202.150] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0202.151] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0202.151] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0202.151] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0202.151] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0202.151] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0202.151] GetWindowRect (in: hWnd=0x1700ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0202.151] GetParent (hWnd=0x1700ea) returned 0x1402da
[0202.151] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0202.152] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0202.152] GetWindowRect (in: hWnd=0x1700ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0202.152] GetParent (hWnd=0x1700ea) returned 0x1402da
[0202.152] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0202.152] GetParent (hWnd=0x1700ea) returned 0x1402da
[0202.152] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.152] GetWindow (hWnd=0x1700ea, uCmd=0x3) returned 0x0
[0202.152] SetWindowPos (hWnd=0x1700ea, hWndInsertAfter=0x1402dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0202.152] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0202.153] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0202.153] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0202.153] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0202.153] GetWindowRect (in: hWnd=0x1700ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0202.162] GetParent (hWnd=0x1700ea) returned 0x1402da
[0202.162] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0202.162] GetParent (hWnd=0x1700ea) returned 0x1402da
[0202.162] GetWindow (hWnd=0x1700ea, uCmd=0x3) returned 0x1402dc
[0202.162] GetWindowThreadProcessId (in: hWnd=0x1700ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0202.162] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0202.163] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.163] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.163] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1602d8
[0202.164] SetWindowLongW (hWnd=0x1602d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0202.164] GetWindowLongW (hWnd=0x1602d8, nIndex=-4) returned 1868032000
[0202.164] SetWindowLongW (hWnd=0x1602d8, nIndex=-4, dwNewLong=19946142) returned 1868032000
[0202.164] GetWindowLongW (hWnd=0x1602d8, nIndex=-4) returned 19946142
[0202.165] GetWindowLongW (hWnd=0x1602d8, nIndex=-16) returned 1174470667
[0202.165] GetWindowLongW (hWnd=0x1602d8, nIndex=-12) returned 0
[0202.165] SetWindowLongW (hWnd=0x1602d8, nIndex=-12, dwNewLong=1442520) returned 0
[0202.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0202.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0202.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0202.167] SendMessageW (hWnd=0x1602d8, Msg=0x2055, wParam=0x1602d8, lParam=0x3) returned 0x2
[0202.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0202.167] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0202.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0202.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0202.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0202.167] RedrawWindow (hWnd=0x1402dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0202.167] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0202.167] RedrawWindow (hWnd=0x1700ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0202.168] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0202.168] RedrawWindow (hWnd=0x1602d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0202.168] RedrawWindow (hWnd=0x1402da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0202.168] GetWindow (hWnd=0x1602d8, uCmd=0x3) returned 0x1700ea
[0202.168] GetClientRect (in: hWnd=0x1602d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0202.168] GetWindowRect (in: hWnd=0x1602d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0202.168] GetParent (hWnd=0x1602d8) returned 0x1402da
[0202.168] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0202.168] SetWindowTextW (hWnd=0x1602d8, lpString="&Details") returned 1
[0202.168] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0202.169] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0202.169] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0202.169] GetClientRect (in: hWnd=0x1602d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0202.169] GetWindowRect (in: hWnd=0x1602d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0202.169] GetParent (hWnd=0x1602d8) returned 0x1402da
[0202.169] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0202.170] SendMessageW (hWnd=0x1602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1602d8) returned 0x0
[0202.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1602d8) returned 0x0
[0202.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.170] GetParent (hWnd=0x1602d8) returned 0x1402da
[0202.170] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0202.171] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.171] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.171] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1402de
[0202.172] SetWindowLongW (hWnd=0x1402de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0202.172] GetWindowLongW (hWnd=0x1402de, nIndex=-4) returned 1868032000
[0202.172] SetWindowLongW (hWnd=0x1402de, nIndex=-4, dwNewLong=19946302) returned 1868032000
[0202.172] GetWindowLongW (hWnd=0x1402de, nIndex=-4) returned 19946302
[0202.172] GetWindowLongW (hWnd=0x1402de, nIndex=-16) returned 1174470667
[0202.172] GetWindowLongW (hWnd=0x1402de, nIndex=-12) returned 0
[0202.172] SetWindowLongW (hWnd=0x1402de, nIndex=-12, dwNewLong=1311454) returned 0
[0202.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0202.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0202.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0202.174] SendMessageW (hWnd=0x1402de, Msg=0x2055, wParam=0x1402de, lParam=0x3) returned 0x2
[0202.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0202.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0202.175] GetWindow (hWnd=0x1402de, uCmd=0x3) returned 0x1602d8
[0202.175] GetClientRect (in: hWnd=0x1402de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0202.175] GetWindowRect (in: hWnd=0x1402de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0202.175] GetParent (hWnd=0x1402de) returned 0x1402da
[0202.175] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0202.175] SetWindowTextW (hWnd=0x1402de, lpString="&Continue") returned 1
[0202.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0202.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0202.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0202.176] GetClientRect (in: hWnd=0x1402de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0202.176] GetWindowRect (in: hWnd=0x1402de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0202.176] GetParent (hWnd=0x1402de) returned 0x1402da
[0202.176] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0202.176] SendMessageW (hWnd=0x1402de, Msg=0x2210, wParam=0x2de0001, lParam=0x1402de) returned 0x0
[0202.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x2210, wParam=0x2de0001, lParam=0x1402de) returned 0x0
[0202.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.177] GetParent (hWnd=0x1402de) returned 0x1402da
[0202.177] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0202.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.177] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.177] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x902d0
[0202.178] SetWindowLongW (hWnd=0x902d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0202.178] GetWindowLongW (hWnd=0x902d0, nIndex=-4) returned 1868032000
[0202.178] SetWindowLongW (hWnd=0x902d0, nIndex=-4, dwNewLong=19946062) returned 1868032000
[0202.178] GetWindowLongW (hWnd=0x902d0, nIndex=-4) returned 19946062
[0202.179] GetWindowLongW (hWnd=0x902d0, nIndex=-16) returned 1174470667
[0202.179] GetWindowLongW (hWnd=0x902d0, nIndex=-12) returned 0
[0202.179] SetWindowLongW (hWnd=0x902d0, nIndex=-12, dwNewLong=590544) returned 0
[0202.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0202.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0202.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0202.181] SendMessageW (hWnd=0x902d0, Msg=0x2055, wParam=0x902d0, lParam=0x3) returned 0x2
[0202.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0202.181] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0202.181] GetWindow (hWnd=0x902d0, uCmd=0x3) returned 0x1402de
[0202.181] GetClientRect (in: hWnd=0x902d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0202.181] GetWindowRect (in: hWnd=0x902d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0202.181] GetParent (hWnd=0x902d0) returned 0x1402da
[0202.181] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0202.181] SetWindowTextW (hWnd=0x902d0, lpString="&Quit") returned 1
[0202.181] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0202.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0202.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0202.182] GetClientRect (in: hWnd=0x902d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0202.182] GetWindowRect (in: hWnd=0x902d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0202.182] GetParent (hWnd=0x902d0) returned 0x1402da
[0202.182] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0202.182] SendMessageW (hWnd=0x902d0, Msg=0x2210, wParam=0x2d00001, lParam=0x902d0) returned 0x0
[0202.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x2210, wParam=0x2d00001, lParam=0x902d0) returned 0x0
[0202.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.183] GetParent (hWnd=0x902d0) returned 0x1402da
[0202.183] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0202.183] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.183] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0202.184] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1402da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02ce
[0202.184] SetWindowLongW (hWnd=0xa02ce, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0202.184] GetWindowLongW (hWnd=0xa02ce, nIndex=-4) returned 1868026976
[0202.185] SetWindowLongW (hWnd=0xa02ce, nIndex=-4, dwNewLong=19945862) returned 1868026976
[0202.185] GetWindowLongW (hWnd=0xa02ce, nIndex=-4) returned 19945862
[0202.185] GetWindowLongW (hWnd=0xa02ce, nIndex=-16) returned 1177553092
[0202.185] GetWindowLongW (hWnd=0xa02ce, nIndex=-12) returned 0
[0202.185] SetWindowLongW (hWnd=0xa02ce, nIndex=-12, dwNewLong=656078) returned 0
[0202.185] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0202.187] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0202.188] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0202.208] GetWindow (hWnd=0xa02ce, uCmd=0x3) returned 0x902d0
[0202.208] GetClientRect (in: hWnd=0xa02ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0202.208] GetWindowRect (in: hWnd=0xa02ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0202.208] GetParent (hWnd=0xa02ce) returned 0x1402da
[0202.208] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0202.209] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.209] GetSystemMetrics (nIndex=42) returned 0
[0202.209] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0202.209] SendMessageW (hWnd=0xa02ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0202.209] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0202.215] SetWindowTextW (hWnd=0xa02ce, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0202.215] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0xc, wParam=0x0, lParam=0x2dbb8ec) returned 0x1
[0202.220] GetSystemMetrics (nIndex=5) returned 1
[0202.220] GetSystemMetrics (nIndex=6) returned 1
[0202.220] SendMessageW (hWnd=0xa02ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0202.220] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0202.221] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0202.222] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0202.222] GetClientRect (in: hWnd=0xa02ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0202.222] GetWindowRect (in: hWnd=0xa02ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0202.222] GetParent (hWnd=0xa02ce) returned 0x1402da
[0202.222] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0202.222] SendMessageW (hWnd=0xa02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xa02ce) returned 0x0
[0202.222] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xa02ce) returned 0x0
[0202.222] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0202.223] GetParent (hWnd=0xa02ce) returned 0x1402da
[0202.223] GetWindowLongW (hWnd=0x1402da, nIndex=-8) returned 458844
[0202.223] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0202.223] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0202.223] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x840107d7
[0202.223] GetDeviceCaps (hdc=0x840107d7, index=12) returned 32
[0202.223] GetDeviceCaps (hdc=0x840107d7, index=14) returned 1
[0202.223] DeleteDC (hdc=0x840107d7) returned 1
[0202.224] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0202.224] GetWindowThreadProcessId (in: hWnd=0x1402da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0202.224] GetCurrentThreadId () returned 0xf50
[0202.224] PostMessageW (hWnd=0x1402da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0202.224] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.224] GetSystemMetrics (nIndex=42) returned 0
[0202.224] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0202.224] GdipImageGetFrameDimensionsCount (image=0x664f448, count=0xd7e25c) returned 0x0
[0202.224] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f8000
[0202.224] GdipImageGetFrameDimensionsList (image=0x664f448, dimensionIDs=0x11f8000*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0202.224] LocalFree (hMem=0x11f8000) returned 0x0
[0202.225] GdipImageGetFrameDimensionsCount (image=0x6652580, count=0xd7e250) returned 0x0
[0202.225] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x11f8000
[0202.225] GdipImageGetFrameDimensionsList (image=0x6652580, dimensionIDs=0x11f8000*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0202.225] LocalFree (hMem=0x11f8000) returned 0x0
[0202.225] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0202.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0202.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0202.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0202.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.250] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0202.250] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0202.250] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.250] GetSystemMetrics (nIndex=42) returned 0
[0202.250] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0202.250] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0202.250] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0202.250] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0202.250] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0xffffffffcf05067c
[0202.250] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0202.251] SaveDC (hdc=0xc0107c5) returned 1
[0202.251] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0202.251] CreateSolidBrush (color=0xf0f0f0) returned 0xef1007e1
[0202.251] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0xef1007e1) returned 1
[0202.251] DeleteObject (ho=0xef1007e1) returned 1
[0202.251] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0202.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0202.252] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0202.254] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0202.254] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0202.254] GetStockObject (i=5) returned 0x900015
[0202.254] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0202.254] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0202.254] GetStockObject (i=5) returned 0x900015
[0202.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0202.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0202.255] GetStockObject (i=5) returned 0x900015
[0202.255] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0202.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0202.255] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0202.255] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0202.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0202.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0202.258] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0202.258] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0202.258] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.258] InvalidateRect (hWnd=0x1602d8, lpRect=0x0, bErase=0) returned 1
[0202.258] GetFocus () returned 0x1402da
[0202.258] GetFocus () returned 0x1402da
[0202.258] SetFocus (hWnd=0x1602d8) returned 0x1402da
[0202.259] GetFocus () returned 0x1602d8
[0202.259] IsChild (hWndParent=0x1402da, hWnd=0x1602d8) returned 1
[0202.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x8, wParam=0x1602d8, lParam=0x0) returned 0x0
[0202.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0202.262] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0202.267] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x7, wParam=0x1402da, lParam=0x0) returned 0x0
[0202.268] GetStockObject (i=5) returned 0x900015
[0202.268] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0202.268] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0xd, wParam=0x9, lParam=0x11f55a0) returned 0x8
[0202.268] GetDlgItem (hDlg=0x1402da, nIDDlgItem=1442520) returned 0x1602d8
[0202.268] SendMessageW (hWnd=0x1602d8, Msg=0x202b, wParam=0x1602d8, lParam=0xd7e0dc) returned 0x0
[0202.268] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x202b, wParam=0x1602d8, lParam=0xd7e0dc) returned 0x0
[0202.268] InvalidateRect (hWnd=0x1602d8, lpRect=0x0, bErase=0) returned 1
[0202.270] GetFocus () returned 0x1602d8
[0202.270] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.270] IsWindowUnicode (hWnd=0x1402da) returned 1
[0202.270] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.270] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.270] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0202.270] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.270] IsWindowUnicode (hWnd=0x1402da) returned 1
[0202.270] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.271] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.271] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.271] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.271] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.271] IsWindowUnicode (hWnd=0x1402de) returned 1
[0202.272] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.272] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.272] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.272] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.272] IsWindowUnicode (hWnd=0x602c4) returned 1
[0202.272] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.272] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.272] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.272] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0202.272] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0202.272] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.272] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.272] IsWindowUnicode (hWnd=0x1402de) returned 1
[0202.273] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.273] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.273] SetCursor (hCursor=0x10003) returned 0x10003
[0202.273] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.273] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.273] _TrackMouseEvent (in: lpEventTrack=0x2dc1018 | out: lpEventTrack=0x2dc1018) returned 1
[0202.273] SendMessageW (hWnd=0x1402de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0202.273] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0202.273] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.273] GetKeyState (nVirtKey=1) returned 0
[0202.273] GetKeyState (nVirtKey=2) returned 0
[0202.273] GetKeyState (nVirtKey=4) returned 0
[0202.273] GetKeyState (nVirtKey=5) returned 0
[0202.273] GetKeyState (nVirtKey=6) returned 0
[0202.274] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.274] IsWindowUnicode (hWnd=0x1402da) returned 1
[0202.274] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.274] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.274] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.274] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.275] IsWindowUnicode (hWnd=0x1402da) returned 1
[0202.275] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.275] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.275] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.276] BeginPaint (in: hWnd=0x1402da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0202.276] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.276] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.276] GetSystemMetrics (nIndex=42) returned 0
[0202.276] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0202.276] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.276] EndPaint (hWnd=0x1402da, lpPaint=0xd7e274) returned 1
[0202.276] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.277] IsWindowUnicode (hWnd=0x1402dc) returned 1
[0202.277] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.277] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.277] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.277] BeginPaint (in: hWnd=0x1402dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0202.277] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.277] CreateCompatibleDC (hdc=0x60100ce) returned 0xcc0107ef
[0202.277] SelectObject (hdc=0xcc0107ef, h=0x4a0507fe) returned 0x85000f
[0202.277] GdipCreateFromHDC (hdc=0xcc0107ef, graphics=0xd7e2b0) returned 0x0
[0202.277] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.278] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0202.278] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0202.278] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0202.278] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e310) returned 0x0
[0202.278] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.278] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0202.278] LocalFree (hMem=0x11eec58) returned 0x0
[0202.278] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0202.282] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0202.282] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.282] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e304) returned 0x0
[0202.282] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0202.282] GetWindowTextLengthW (hWnd=0x1402dc) returned 0
[0202.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0202.282] GetSystemMetrics (nIndex=42) returned 0
[0202.282] GetWindowTextW (in: hWnd=0x1402dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0202.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0202.282] GetClientRect (in: hWnd=0x1402dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0202.282] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0202.282] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0202.282] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0202.282] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0202.282] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e164) returned 0x0
[0202.282] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0202.283] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eed00) returned 0x0
[0202.283] LocalFree (hMem=0x11eed00) returned 0x0
[0202.283] GdipCombineRegionRegion (region=0x66467a8, region2=0x6646838, combineMode=0x1) returned 0x0
[0202.283] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.283] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0202.283] LocalFree (hMem=0x11eec58) returned 0x0
[0202.283] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0202.283] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0202.283] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0202.283] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0202.283] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0202.283] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0202.283] GetCurrentObject (hdc=0xcc0107ef, type=0x1) returned 0xb00017
[0202.283] GetCurrentObject (hdc=0xcc0107ef, type=0x2) returned 0x900010
[0202.283] GetCurrentObject (hdc=0xcc0107ef, type=0x7) returned 0x4a0507fe
[0202.284] GetCurrentObject (hdc=0xcc0107ef, type=0x6) returned 0x8a01c2
[0202.284] SaveDC (hdc=0xcc0107ef) returned 1
[0202.284] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa60407de
[0202.284] GetClipRgn (hdc=0xcc0107ef, hrgn=0xa60407de) returned 0
[0202.284] SelectClipRgn (hdc=0xcc0107ef, hrgn=0x19040807) returned 2
[0202.284] DeleteObject (ho=0xa60407de) returned 1
[0202.284] DeleteObject (ho=0x19040807) returned 1
[0202.284] OffsetViewportOrgEx (in: hdc=0xcc0107ef, x=0, y=0, lppt=0x2dc14dc | out: lppt=0x2dc14dc) returned 1
[0202.284] GetNearestColor (hdc=0xcc0107ef, color=0xf0f0f0) returned 0xf0f0f0
[0202.284] CreateSolidBrush (color=0xf0f0f0) returned 0xf01007e1
[0202.284] FillRect (hDC=0xcc0107ef, lprc=0xd7e198, hbr=0xf01007e1) returned 1
[0202.285] DeleteObject (ho=0xf01007e1) returned 1
[0202.285] RestoreDC (hdc=0xcc0107ef, nSavedDC=-1) returned 1
[0202.285] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107ef) returned 0x0
[0202.285] GdipRestoreGraphics (graphics=0x6600030, state=0xfab40dbd) returned 0x0
[0202.285] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.285] GetWindowTextLengthW (hWnd=0x1402dc) returned 0
[0202.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0202.285] GetSystemMetrics (nIndex=42) returned 0
[0202.285] GetWindowTextW (in: hWnd=0x1402dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0202.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0202.285] GdipGetImageWidth (image=0x664f448, width=0xd7e1e0) returned 0x0
[0202.285] GdipGetImageHeight (image=0x664f448, height=0xd7e1e0) returned 0x0
[0202.285] GdipGetImageWidth (image=0x664f448, width=0xd7e1cc) returned 0x0
[0202.285] GdipGetImageHeight (image=0x664f448, height=0xd7e1cc) returned 0x0
[0202.285] GdipDrawImageRectI (graphics=0x6600030, image=0x664f448, x=16, y=16, width=32, height=32) returned 0x0
[0202.286] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0202.286] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0xcc0107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.286] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107ef) returned 0x0
[0202.286] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.286] SelectObject (hdc=0xcc0107ef, h=0x85000f) returned 0x4a0507fe
[0202.286] DeleteDC (hdc=0xcc0107ef) returned 1
[0202.286] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.286] EndPaint (hWnd=0x1402dc, lpPaint=0xd7e294) returned 1
[0202.286] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.287] IsWindowUnicode (hWnd=0x1700ea) returned 1
[0202.287] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.287] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.287] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.287] BeginPaint (in: hWnd=0x1700ea, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0202.287] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.287] CreateCompatibleDC (hdc=0xf0105ee) returned 0xce0107ef
[0202.287] GetObjectType (h=0xf0105ee) returned 0x3
[0202.287] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0xffffffffab05065e
[0202.287] GetDIBits (in: hdc=0xf0105ee, hbm=0xab05065e, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0202.288] GetDIBits (in: hdc=0xf0105ee, hbm=0xab05065e, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0202.288] DeleteObject (ho=0xab05065e) returned 1
[0202.288] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x8d0507d7
[0202.288] SelectObject (hdc=0xce0107ef, h=0x8d0507d7) returned 0x85000f
[0202.288] GdipCreateFromHDC (hdc=0xce0107ef, graphics=0xd7e234) returned 0x0
[0202.288] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.288] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0202.289] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0202.289] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0202.289] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2d4) returned 0x0
[0202.289] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.289] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0202.289] LocalFree (hMem=0x11eec58) returned 0x0
[0202.289] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0202.289] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0202.289] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0202.289] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0202.289] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0202.289] GetWindowTextLengthW (hWnd=0x1700ea) returned 232
[0202.289] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0202.289] GetSystemMetrics (nIndex=42) returned 0
[0202.289] GetWindowTextW (in: hWnd=0x1700ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0202.289] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0202.290] GetClientRect (in: hWnd=0x1700ea, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0202.290] GdipCreateRegion (region=0xd7e110) returned 0x0
[0202.290] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0202.290] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0202.290] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0202.290] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e128) returned 0x0
[0202.290] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0202.290] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0202.290] LocalFree (hMem=0x11eea98) returned 0x0
[0202.290] GdipCombineRegionRegion (region=0x6646a78, region2=0x66464d8, combineMode=0x1) returned 0x0
[0202.290] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0202.290] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0202.290] LocalFree (hMem=0x11eea98) returned 0x0
[0202.290] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0202.290] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e150) returned 0x0
[0202.290] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e140) returned 0x0
[0202.290] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0202.291] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0202.291] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0202.291] GetCurrentObject (hdc=0xce0107ef, type=0x1) returned 0xb00017
[0202.291] GetCurrentObject (hdc=0xce0107ef, type=0x2) returned 0x900010
[0202.291] GetCurrentObject (hdc=0xce0107ef, type=0x7) returned 0xffffffff8d0507d7
[0202.291] GetCurrentObject (hdc=0xce0107ef, type=0x6) returned 0x8a01c2
[0202.291] SaveDC (hdc=0xce0107ef) returned 1
[0202.291] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a040807
[0202.291] GetClipRgn (hdc=0xce0107ef, hrgn=0x1a040807) returned 0
[0202.291] SelectClipRgn (hdc=0xce0107ef, hrgn=0xa70407de) returned 2
[0202.291] DeleteObject (ho=0x1a040807) returned 1
[0202.291] DeleteObject (ho=0xa70407de) returned 1
[0202.291] OffsetViewportOrgEx (in: hdc=0xce0107ef, x=0, y=0, lppt=0x2dc2ea4 | out: lppt=0x2dc2ea4) returned 1
[0202.291] GetNearestColor (hdc=0xce0107ef, color=0xf0f0f0) returned 0xf0f0f0
[0202.292] CreateSolidBrush (color=0xf0f0f0) returned 0xf11007e1
[0202.292] FillRect (hDC=0xce0107ef, lprc=0xd7e15c, hbr=0xf11007e1) returned 1
[0202.293] DeleteObject (ho=0xf11007e1) returned 1
[0202.293] RestoreDC (hdc=0xce0107ef, nSavedDC=-1) returned 1
[0202.294] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107ef) returned 0x0
[0202.294] GdipRestoreGraphics (graphics=0x6600030, state=0xfab20dbd) returned 0x0
[0202.294] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0202.294] GetWindowTextLengthW (hWnd=0x1700ea) returned 232
[0202.294] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0202.294] GetSystemMetrics (nIndex=42) returned 0
[0202.294] GetWindowTextW (in: hWnd=0x1700ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0202.294] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0202.294] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0202.294] GetCurrentObject (hdc=0xce0107ef, type=0x1) returned 0xb00017
[0202.294] GetCurrentObject (hdc=0xce0107ef, type=0x2) returned 0x900010
[0202.295] GetCurrentObject (hdc=0xce0107ef, type=0x7) returned 0xffffffff8d0507d7
[0202.295] GetCurrentObject (hdc=0xce0107ef, type=0x6) returned 0x8a01c2
[0202.295] SaveDC (hdc=0xce0107ef) returned 1
[0202.295] GetNearestColor (hdc=0xce0107ef, color=0x0) returned 0x0
[0202.295] RestoreDC (hdc=0xce0107ef, nSavedDC=-1) returned 1
[0202.295] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107ef) returned 0x0
[0202.295] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0202.296] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0202.296] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2dc36a0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0202.296] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0202.296] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0202.296] GetCurrentObject (hdc=0xce0107ef, type=0x1) returned 0xb00017
[0202.296] GetCurrentObject (hdc=0xce0107ef, type=0x2) returned 0x900010
[0202.296] GetCurrentObject (hdc=0xce0107ef, type=0x7) returned 0xffffffff8d0507d7
[0202.296] GetCurrentObject (hdc=0xce0107ef, type=0x6) returned 0x8a01c2
[0202.297] SaveDC (hdc=0xce0107ef) returned 1
[0202.297] GetTextAlign (hdc=0xce0107ef) returned 0x0
[0202.297] GetTextColor (hdc=0xce0107ef) returned 0x0
[0202.297] GetCurrentObject (hdc=0xce0107ef, type=0x6) returned 0x8a01c2
[0202.297] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0202.297] SelectObject (hdc=0xce0107ef, h=0x6d0a0520) returned 0x8a01c2
[0202.297] GetBkMode (hdc=0xce0107ef) returned 2
[0202.297] SetBkMode (hdc=0xce0107ef, mode=1) returned 2
[0202.297] DrawTextExW (in: hdc=0xce0107ef, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2dc38c4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0202.301] RestoreDC (hdc=0xce0107ef, nSavedDC=-1) returned 1
[0202.302] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107ef) returned 0x0
[0202.302] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0202.302] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0xce0107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.302] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107ef) returned 0x0
[0202.302] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.302] SelectObject (hdc=0xce0107ef, h=0x85000f) returned 0x8d0507d7
[0202.302] DeleteDC (hdc=0xce0107ef) returned 1
[0202.302] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.302] DeleteObject (ho=0x8d0507d7) returned 1
[0202.303] EndPaint (hWnd=0x1700ea, lpPaint=0xd7e258) returned 1
[0202.303] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.303] IsWindowUnicode (hWnd=0x1602d8) returned 1
[0202.303] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.304] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.304] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.304] BeginPaint (in: hWnd=0x1602d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0202.304] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.304] CreateCompatibleDC (hdc=0x10105d6) returned 0xad01065e
[0202.304] SelectObject (hdc=0xad01065e, h=0x4a0507fe) returned 0x85000f
[0202.304] GdipCreateFromHDC (hdc=0xad01065e, graphics=0xd7e268) returned 0x0
[0202.304] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.304] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0202.304] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0202.305] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0202.305] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0202.305] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.305] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0202.305] LocalFree (hMem=0x11eec58) returned 0x0
[0202.305] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0202.305] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0202.305] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0202.305] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0202.305] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0202.305] GdipRestoreGraphics (graphics=0x6600030, state=0xfab00dbd) returned 0x0
[0202.305] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0202.305] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0202.305] GetCurrentObject (hdc=0xad01065e, type=0x1) returned 0xb00017
[0202.305] GetCurrentObject (hdc=0xad01065e, type=0x2) returned 0x900010
[0202.305] GetCurrentObject (hdc=0xad01065e, type=0x7) returned 0x4a0507fe
[0202.306] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.306] SaveDC (hdc=0xad01065e) returned 1
[0202.306] GetNearestColor (hdc=0xad01065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.306] GetNearestColor (hdc=0xad01065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.306] GetNearestColor (hdc=0xad01065e, color=0x696969) returned 0x696969
[0202.306] GetNearestColor (hdc=0xad01065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.306] GetNearestColor (hdc=0xad01065e, color=0x0) returned 0x0
[0202.306] GetNearestColor (hdc=0xad01065e, color=0xffffff) returned 0xffffff
[0202.306] GetNearestColor (hdc=0xad01065e, color=0xe5e5e5) returned 0xe5e5e5
[0202.306] GetNearestColor (hdc=0xad01065e, color=0xd7d7d7) returned 0xd7d7d7
[0202.306] GetNearestColor (hdc=0xad01065e, color=0x0) returned 0x0
[0202.306] RestoreDC (hdc=0xad01065e, nSavedDC=-1) returned 1
[0202.307] GdipReleaseDC (graphics=0x6600030, hdc=0xad01065e) returned 0x0
[0202.307] IsAppThemed () returned 0x1
[0202.307] GetThemeAppProperties () returned 0x3
[0202.307] GetThemeAppProperties () returned 0x3
[0202.307] GdipGetImageWidth (image=0x6652580, width=0xd7e168) returned 0x0
[0202.307] GdipGetImageHeight (image=0x6652580, height=0xd7e168) returned 0x0
[0202.307] IsAppThemed () returned 0x1
[0202.307] GetThemeAppProperties () returned 0x3
[0202.307] GetThemeAppProperties () returned 0x3
[0202.307] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2dc4014 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0202.307] IsAppThemed () returned 0x1
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] IsAppThemed () returned 0x1
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] GetFocus () returned 0x1602d8
[0202.308] IsAppThemed () returned 0x1
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] IsAppThemed () returned 0x1
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] IsThemePartDefined () returned 0x1
[0202.308] IsAppThemed () returned 0x1
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0202.308] IsAppThemed () returned 0x1
[0202.308] GetThemeAppProperties () returned 0x3
[0202.308] GetThemeAppProperties () returned 0x3
[0202.309] IsAppThemed () returned 0x1
[0202.309] GetThemeAppProperties () returned 0x3
[0202.309] GetThemeAppProperties () returned 0x3
[0202.309] IsThemePartDefined () returned 0x1
[0202.309] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0202.309] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0202.309] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0202.309] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0202.309] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0202.309] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.309] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0202.309] LocalFree (hMem=0x11eec58) returned 0x0
[0202.320] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.320] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0202.320] LocalFree (hMem=0x11eec58) returned 0x0
[0202.320] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0202.320] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0202.320] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0202.320] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0202.320] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0202.321] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0202.321] GetCurrentObject (hdc=0xad01065e, type=0x1) returned 0xb00017
[0202.321] GetCurrentObject (hdc=0xad01065e, type=0x2) returned 0x900010
[0202.321] GetCurrentObject (hdc=0xad01065e, type=0x7) returned 0x4a0507fe
[0202.321] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.321] SaveDC (hdc=0xad01065e) returned 1
[0202.321] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa80407de
[0202.321] GetClipRgn (hdc=0xad01065e, hrgn=0xa80407de) returned 0
[0202.321] SelectClipRgn (hdc=0xad01065e, hrgn=0x1e040807) returned 2
[0202.321] DeleteObject (ho=0xa80407de) returned 1
[0202.321] DeleteObject (ho=0x1e040807) returned 1
[0202.321] OffsetViewportOrgEx (in: hdc=0xad01065e, x=0, y=0, lppt=0x2dc46c4 | out: lppt=0x2dc46c4) returned 1
[0202.321] DrawThemeParentBackground () returned 0x0
[0202.322] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0202.322] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0202.322] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.322] GetSystemMetrics (nIndex=42) returned 0
[0202.322] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0202.323] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0202.323] GetCurrentObject (hdc=0xad01065e, type=0x1) returned 0xb00017
[0202.323] GetCurrentObject (hdc=0xad01065e, type=0x2) returned 0x900010
[0202.323] GetCurrentObject (hdc=0xad01065e, type=0x7) returned 0x4a0507fe
[0202.323] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.323] SaveDC (hdc=0xad01065e) returned 2
[0202.323] GetNearestColor (hdc=0xad01065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.323] CreateSolidBrush (color=0xf0f0f0) returned 0xf21007e1
[0202.323] FillRect (hDC=0xad01065e, lprc=0xd7da38, hbr=0xf21007e1) returned 1
[0202.323] DeleteObject (ho=0xf21007e1) returned 1
[0202.323] RestoreDC (hdc=0xad01065e, nSavedDC=-1) returned 1
[0202.323] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.323] GetSystemMetrics (nIndex=42) returned 0
[0202.323] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0202.324] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0202.324] GetCurrentObject (hdc=0xad01065e, type=0x1) returned 0xb00017
[0202.324] GetCurrentObject (hdc=0xad01065e, type=0x2) returned 0x900010
[0202.324] GetCurrentObject (hdc=0xad01065e, type=0x7) returned 0x4a0507fe
[0202.324] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.324] SaveDC (hdc=0xad01065e) returned 2
[0202.324] GetNearestColor (hdc=0xad01065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.324] CreateSolidBrush (color=0xf0f0f0) returned 0xf31007e1
[0202.324] FillRect (hDC=0xad01065e, lprc=0xd7d9d8, hbr=0xf31007e1) returned 1
[0202.324] DeleteObject (ho=0xf31007e1) returned 1
[0202.324] RestoreDC (hdc=0xad01065e, nSavedDC=-1) returned 1
[0202.324] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.324] GetSystemMetrics (nIndex=42) returned 0
[0202.324] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0202.325] RestoreDC (hdc=0xad01065e, nSavedDC=-1) returned 1
[0202.325] GdipReleaseDC (graphics=0x6600030, hdc=0xad01065e) returned 0x0
[0202.325] IsAppThemed () returned 0x1
[0202.325] GetThemeAppProperties () returned 0x3
[0202.325] GetThemeAppProperties () returned 0x3
[0202.325] IsAppThemed () returned 0x1
[0202.325] GetThemeAppProperties () returned 0x3
[0202.325] GetThemeAppProperties () returned 0x3
[0202.325] IsThemePartDefined () returned 0x1
[0202.326] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0202.326] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0202.326] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0202.326] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0202.326] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0202.326] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0202.326] LocalFree (hMem=0x11eecc8) returned 0x0
[0202.326] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0202.326] LocalFree (hMem=0x11ee9f0) returned 0x0
[0202.326] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0202.326] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0202.326] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0202.326] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0202.326] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0202.326] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0202.326] GetCurrentObject (hdc=0xad01065e, type=0x1) returned 0xb00017
[0202.326] GetCurrentObject (hdc=0xad01065e, type=0x2) returned 0x900010
[0202.327] GetCurrentObject (hdc=0xad01065e, type=0x7) returned 0x4a0507fe
[0202.327] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.327] SaveDC (hdc=0xad01065e) returned 1
[0202.327] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f040807
[0202.327] GetClipRgn (hdc=0xad01065e, hrgn=0x1f040807) returned 0
[0202.327] SelectClipRgn (hdc=0xad01065e, hrgn=0xaa0407de) returned 2
[0202.327] DeleteObject (ho=0x1f040807) returned 1
[0202.327] DeleteObject (ho=0xaa0407de) returned 1
[0202.327] OffsetViewportOrgEx (in: hdc=0xad01065e, x=0, y=0, lppt=0x2dc5048 | out: lppt=0x2dc5048) returned 1
[0202.327] IsAppThemed () returned 0x1
[0202.327] GetThemeAppProperties () returned 0x3
[0202.327] GetThemeAppProperties () returned 0x3
[0202.327] DrawThemeBackground () returned 0x0
[0202.328] RestoreDC (hdc=0xad01065e, nSavedDC=-1) returned 1
[0202.328] GdipReleaseDC (graphics=0x6600030, hdc=0xad01065e) returned 0x0
[0202.328] GdipCreateRegion (region=0xd7df60) returned 0x0
[0202.328] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0202.328] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0202.328] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0202.328] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0202.328] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0202.328] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0202.328] LocalFree (hMem=0x11ee868) returned 0x0
[0202.328] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0202.328] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0202.328] LocalFree (hMem=0x11ee868) returned 0x0
[0202.328] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0202.328] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0202.329] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7df90) returned 0x0
[0202.329] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0202.329] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0202.329] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0202.329] GetCurrentObject (hdc=0xad01065e, type=0x1) returned 0xb00017
[0202.329] GetCurrentObject (hdc=0xad01065e, type=0x2) returned 0x900010
[0202.329] GetCurrentObject (hdc=0xad01065e, type=0x7) returned 0x4a0507fe
[0202.329] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.329] SaveDC (hdc=0xad01065e) returned 1
[0202.329] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab0407de
[0202.329] GetClipRgn (hdc=0xad01065e, hrgn=0xab0407de) returned 0
[0202.329] SelectClipRgn (hdc=0xad01065e, hrgn=0x20040807) returned 2
[0202.329] DeleteObject (ho=0xab0407de) returned 1
[0202.329] DeleteObject (ho=0x20040807) returned 1
[0202.329] OffsetViewportOrgEx (in: hdc=0xad01065e, x=0, y=0, lppt=0x2dc531c | out: lppt=0x2dc531c) returned 1
[0202.330] IsAppThemed () returned 0x1
[0202.330] GetThemeAppProperties () returned 0x3
[0202.330] GetThemeAppProperties () returned 0x3
[0202.330] GetThemeBackgroundContentRect () returned 0x0
[0202.330] RestoreDC (hdc=0xad01065e, nSavedDC=-1) returned 1
[0202.330] GdipReleaseDC (graphics=0x6600030, hdc=0xad01065e) returned 0x0
[0202.330] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0202.330] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0202.330] GdipCloneRegion (region=0x66464d8, cloneRegion=0xd7e150) returned 0x0
[0202.330] GdipCombineRegionRectI (region=0x66467a8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0202.330] GdipCombineRegionRectI (region=0x66467a8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0202.330] GdipSetClipRegion (graphics=0x6600030, region=0x66467a8, combineMode=0x0) returned 0x0
[0202.330] GdipGetImageWidth (image=0x6652580, width=0xd7e154) returned 0x0
[0202.330] GdipGetImageHeight (image=0x6652580, height=0xd7e148) returned 0x0
[0202.330] GdipDrawImageRectI (graphics=0x6600030, image=0x6652580, x=4, y=4, width=16, height=16) returned 0x0
[0202.331] GdipSetClipRegion (graphics=0x6600030, region=0x66464d8, combineMode=0x0) returned 0x0
[0202.331] IsAppThemed () returned 0x1
[0202.331] GetThemeAppProperties () returned 0x3
[0202.331] GetThemeAppProperties () returned 0x3
[0202.331] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0202.331] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0202.331] GetCurrentObject (hdc=0xad01065e, type=0x1) returned 0xb00017
[0202.331] GetCurrentObject (hdc=0xad01065e, type=0x2) returned 0x900010
[0202.331] GetCurrentObject (hdc=0xad01065e, type=0x7) returned 0x4a0507fe
[0202.331] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.331] SaveDC (hdc=0xad01065e) returned 1
[0202.331] GetTextAlign (hdc=0xad01065e) returned 0x0
[0202.331] GetTextColor (hdc=0xad01065e) returned 0x0
[0202.331] GetCurrentObject (hdc=0xad01065e, type=0x6) returned 0x8a01c2
[0202.331] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0202.332] SelectObject (hdc=0xad01065e, h=0x6d0a0520) returned 0x8a01c2
[0202.332] GetBkMode (hdc=0xad01065e) returned 2
[0202.332] SetBkMode (hdc=0xad01065e, mode=1) returned 2
[0202.332] DrawTextExW (in: hdc=0xad01065e, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc56dc | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0202.332] DrawTextExW (in: hdc=0xad01065e, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc56dc | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0202.333] RestoreDC (hdc=0xad01065e, nSavedDC=-1) returned 1
[0202.333] GdipReleaseDC (graphics=0x6600030, hdc=0xad01065e) returned 0x0
[0202.333] GetFocus () returned 0x1602d8
[0202.333] IsAppThemed () returned 0x1
[0202.333] GetThemeAppProperties () returned 0x3
[0202.333] GetThemeAppProperties () returned 0x3
[0202.333] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0202.333] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xad01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.333] GdipReleaseDC (graphics=0x6600030, hdc=0xad01065e) returned 0x0
[0202.333] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.333] SelectObject (hdc=0xad01065e, h=0x85000f) returned 0x4a0507fe
[0202.333] DeleteDC (hdc=0xad01065e) returned 1
[0202.334] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.334] EndPaint (hWnd=0x1602d8, lpPaint=0xd7e24c) returned 1
[0202.334] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.334] IsWindowUnicode (hWnd=0x1402de) returned 1
[0202.334] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.334] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.334] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.334] BeginPaint (in: hWnd=0x1402de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0202.334] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.334] CreateCompatibleDC (hdc=0xc0107c5) returned 0xaf01065e
[0202.335] SelectObject (hdc=0xaf01065e, h=0x4a0507fe) returned 0x85000f
[0202.335] GdipCreateFromHDC (hdc=0xaf01065e, graphics=0xd7e268) returned 0x0
[0202.335] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.335] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0202.335] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0202.335] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0202.335] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0202.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.335] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0202.335] LocalFree (hMem=0x11ee788) returned 0x0
[0202.335] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0202.335] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0202.335] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.336] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0202.336] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0202.336] GdipRestoreGraphics (graphics=0x6600030, state=0xfaae0dbd) returned 0x0
[0202.336] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.336] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0202.336] GetCurrentObject (hdc=0xaf01065e, type=0x1) returned 0xb00017
[0202.336] GetCurrentObject (hdc=0xaf01065e, type=0x2) returned 0x900010
[0202.336] GetCurrentObject (hdc=0xaf01065e, type=0x7) returned 0x4a0507fe
[0202.336] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.336] SaveDC (hdc=0xaf01065e) returned 1
[0202.336] GetNearestColor (hdc=0xaf01065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.336] GetNearestColor (hdc=0xaf01065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.336] GetNearestColor (hdc=0xaf01065e, color=0x696969) returned 0x696969
[0202.336] GetNearestColor (hdc=0xaf01065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.337] GetNearestColor (hdc=0xaf01065e, color=0x0) returned 0x0
[0202.337] GetNearestColor (hdc=0xaf01065e, color=0xffffff) returned 0xffffff
[0202.337] GetNearestColor (hdc=0xaf01065e, color=0xe5e5e5) returned 0xe5e5e5
[0202.337] GetNearestColor (hdc=0xaf01065e, color=0xd7d7d7) returned 0xd7d7d7
[0202.337] GetNearestColor (hdc=0xaf01065e, color=0x0) returned 0x0
[0202.337] RestoreDC (hdc=0xaf01065e, nSavedDC=-1) returned 1
[0202.337] GdipReleaseDC (graphics=0x6600030, hdc=0xaf01065e) returned 0x0
[0202.337] IsAppThemed () returned 0x1
[0202.337] GetThemeAppProperties () returned 0x3
[0202.337] GetThemeAppProperties () returned 0x3
[0202.337] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0202.337] SendMessageW (hWnd=0x1402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0202.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0202.338] IsAppThemed () returned 0x1
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2dc5eec | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0202.338] IsAppThemed () returned 0x1
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] IsAppThemed () returned 0x1
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] IsAppThemed () returned 0x1
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] GetThemeAppProperties () returned 0x3
[0202.338] IsAppThemed () returned 0x1
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] IsThemePartDefined () returned 0x1
[0202.339] IsAppThemed () returned 0x1
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0202.339] IsAppThemed () returned 0x1
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] IsAppThemed () returned 0x1
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] GetThemeAppProperties () returned 0x3
[0202.339] IsThemePartDefined () returned 0x1
[0202.339] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0202.339] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.339] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0202.339] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0202.340] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dfe4) returned 0x0
[0202.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0202.340] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eecc8) returned 0x0
[0202.340] LocalFree (hMem=0x11eecc8) returned 0x0
[0202.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0202.340] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0202.340] LocalFree (hMem=0x11ee868) returned 0x0
[0202.340] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0202.340] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0202.340] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0202.340] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0202.340] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.340] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0202.340] GetCurrentObject (hdc=0xaf01065e, type=0x1) returned 0xb00017
[0202.340] GetCurrentObject (hdc=0xaf01065e, type=0x2) returned 0x900010
[0202.340] GetCurrentObject (hdc=0xaf01065e, type=0x7) returned 0x4a0507fe
[0202.346] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.346] SaveDC (hdc=0xaf01065e) returned 1
[0202.346] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x21040807
[0202.346] GetClipRgn (hdc=0xaf01065e, hrgn=0x21040807) returned 0
[0202.346] SelectClipRgn (hdc=0xaf01065e, hrgn=0xaf0407de) returned 2
[0202.346] DeleteObject (ho=0x21040807) returned 1
[0202.346] DeleteObject (ho=0xaf0407de) returned 1
[0202.347] OffsetViewportOrgEx (in: hdc=0xaf01065e, x=0, y=0, lppt=0x2dc659c | out: lppt=0x2dc659c) returned 1
[0202.347] DrawThemeParentBackground () returned 0x0
[0202.347] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0202.347] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0202.347] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.347] GetSystemMetrics (nIndex=42) returned 0
[0202.347] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0202.347] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0202.347] GetCurrentObject (hdc=0xaf01065e, type=0x1) returned 0xb00017
[0202.347] GetCurrentObject (hdc=0xaf01065e, type=0x2) returned 0x900010
[0202.347] GetCurrentObject (hdc=0xaf01065e, type=0x7) returned 0x4a0507fe
[0202.348] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.348] SaveDC (hdc=0xaf01065e) returned 2
[0202.348] GetNearestColor (hdc=0xaf01065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.348] CreateSolidBrush (color=0xf0f0f0) returned 0xf41007e1
[0202.348] FillRect (hDC=0xaf01065e, lprc=0xd7da30, hbr=0xf41007e1) returned 1
[0202.348] DeleteObject (ho=0xf41007e1) returned 1
[0202.348] RestoreDC (hdc=0xaf01065e, nSavedDC=-1) returned 1
[0202.348] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.348] GetSystemMetrics (nIndex=42) returned 0
[0202.348] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0202.348] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0202.348] GetCurrentObject (hdc=0xaf01065e, type=0x1) returned 0xb00017
[0202.349] GetCurrentObject (hdc=0xaf01065e, type=0x2) returned 0x900010
[0202.349] GetCurrentObject (hdc=0xaf01065e, type=0x7) returned 0x4a0507fe
[0202.349] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.349] SaveDC (hdc=0xaf01065e) returned 2
[0202.349] GetNearestColor (hdc=0xaf01065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.349] CreateSolidBrush (color=0xf0f0f0) returned 0xf51007e1
[0202.349] FillRect (hDC=0xaf01065e, lprc=0xd7d9d0, hbr=0xf51007e1) returned 1
[0202.349] DeleteObject (ho=0xf51007e1) returned 1
[0202.349] RestoreDC (hdc=0xaf01065e, nSavedDC=-1) returned 1
[0202.349] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.349] GetSystemMetrics (nIndex=42) returned 0
[0202.349] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0202.350] RestoreDC (hdc=0xaf01065e, nSavedDC=-1) returned 1
[0202.350] GdipReleaseDC (graphics=0x6600030, hdc=0xaf01065e) returned 0x0
[0202.350] IsAppThemed () returned 0x1
[0202.350] GetThemeAppProperties () returned 0x3
[0202.350] GetThemeAppProperties () returned 0x3
[0202.350] IsAppThemed () returned 0x1
[0202.350] GetThemeAppProperties () returned 0x3
[0202.350] GetThemeAppProperties () returned 0x3
[0202.350] IsThemePartDefined () returned 0x1
[0202.350] GdipCreateRegion (region=0xd7df50) returned 0x0
[0202.350] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.350] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0202.350] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0202.350] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0202.351] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.351] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0202.351] LocalFree (hMem=0x11ee788) returned 0x0
[0202.351] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.351] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0202.351] LocalFree (hMem=0x11ee788) returned 0x0
[0202.351] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0202.351] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df90) returned 0x0
[0202.351] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df80) returned 0x0
[0202.351] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0202.351] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.351] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0202.351] GetCurrentObject (hdc=0xaf01065e, type=0x1) returned 0xb00017
[0202.351] GetCurrentObject (hdc=0xaf01065e, type=0x2) returned 0x900010
[0202.351] GetCurrentObject (hdc=0xaf01065e, type=0x7) returned 0x4a0507fe
[0202.352] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.352] SaveDC (hdc=0xaf01065e) returned 1
[0202.352] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb00407de
[0202.352] GetClipRgn (hdc=0xaf01065e, hrgn=0xb00407de) returned 0
[0202.352] SelectClipRgn (hdc=0xaf01065e, hrgn=0x23040807) returned 2
[0202.352] DeleteObject (ho=0xb00407de) returned 1
[0202.352] DeleteObject (ho=0x23040807) returned 1
[0202.352] OffsetViewportOrgEx (in: hdc=0xaf01065e, x=0, y=0, lppt=0x2dc6f20 | out: lppt=0x2dc6f20) returned 1
[0202.352] IsAppThemed () returned 0x1
[0202.352] GetThemeAppProperties () returned 0x3
[0202.352] GetThemeAppProperties () returned 0x3
[0202.352] DrawThemeBackground () returned 0x0
[0202.352] RestoreDC (hdc=0xaf01065e, nSavedDC=-1) returned 1
[0202.352] GdipReleaseDC (graphics=0x6600030, hdc=0xaf01065e) returned 0x0
[0202.353] GdipCreateRegion (region=0xd7df54) returned 0x0
[0202.353] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.353] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0202.353] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0202.353] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df6c) returned 0x0
[0202.353] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0202.353] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0202.353] LocalFree (hMem=0x11ee9f0) returned 0x0
[0202.353] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0202.353] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0202.353] LocalFree (hMem=0x11ee8d8) returned 0x0
[0202.353] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0202.353] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df94) returned 0x0
[0202.353] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df84) returned 0x0
[0202.353] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0202.353] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.354] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0202.354] GetCurrentObject (hdc=0xaf01065e, type=0x1) returned 0xb00017
[0202.354] GetCurrentObject (hdc=0xaf01065e, type=0x2) returned 0x900010
[0202.354] GetCurrentObject (hdc=0xaf01065e, type=0x7) returned 0x4a0507fe
[0202.354] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.354] SaveDC (hdc=0xaf01065e) returned 1
[0202.354] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x24040807
[0202.354] GetClipRgn (hdc=0xaf01065e, hrgn=0x24040807) returned 0
[0202.354] SelectClipRgn (hdc=0xaf01065e, hrgn=0xb10407de) returned 2
[0202.354] DeleteObject (ho=0x24040807) returned 1
[0202.354] DeleteObject (ho=0xb10407de) returned 1
[0202.354] OffsetViewportOrgEx (in: hdc=0xaf01065e, x=0, y=0, lppt=0x2dc71f4 | out: lppt=0x2dc71f4) returned 1
[0202.354] IsAppThemed () returned 0x1
[0202.354] GetThemeAppProperties () returned 0x3
[0202.355] GetThemeAppProperties () returned 0x3
[0202.355] GetThemeBackgroundContentRect () returned 0x0
[0202.355] RestoreDC (hdc=0xaf01065e, nSavedDC=-1) returned 1
[0202.355] GdipReleaseDC (graphics=0x6600030, hdc=0xaf01065e) returned 0x0
[0202.355] IsAppThemed () returned 0x1
[0202.355] GetThemeAppProperties () returned 0x3
[0202.355] GetThemeAppProperties () returned 0x3
[0202.355] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0202.355] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0202.355] GetCurrentObject (hdc=0xaf01065e, type=0x1) returned 0xb00017
[0202.355] GetCurrentObject (hdc=0xaf01065e, type=0x2) returned 0x900010
[0202.355] GetCurrentObject (hdc=0xaf01065e, type=0x7) returned 0x4a0507fe
[0202.355] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.355] SaveDC (hdc=0xaf01065e) returned 1
[0202.355] GetTextAlign (hdc=0xaf01065e) returned 0x0
[0202.355] GetTextColor (hdc=0xaf01065e) returned 0x0
[0202.356] GetCurrentObject (hdc=0xaf01065e, type=0x6) returned 0x8a01c2
[0202.356] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0202.356] SelectObject (hdc=0xaf01065e, h=0x6d0a0520) returned 0x8a01c2
[0202.356] GetBkMode (hdc=0xaf01065e) returned 2
[0202.356] SetBkMode (hdc=0xaf01065e, mode=1) returned 2
[0202.356] DrawTextExW (in: hdc=0xaf01065e, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2dc7594 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0202.394] DrawTextExW (in: hdc=0xaf01065e, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2dc7594 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0202.394] RestoreDC (hdc=0xaf01065e, nSavedDC=-1) returned 1
[0202.394] GdipReleaseDC (graphics=0x6600030, hdc=0xaf01065e) returned 0x0
[0202.394] GetFocus () returned 0x1602d8
[0202.395] IsAppThemed () returned 0x1
[0202.395] GetThemeAppProperties () returned 0x3
[0202.395] GetThemeAppProperties () returned 0x3
[0202.395] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0202.395] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xaf01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.395] GdipReleaseDC (graphics=0x6600030, hdc=0xaf01065e) returned 0x0
[0202.395] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.395] SelectObject (hdc=0xaf01065e, h=0x85000f) returned 0x4a0507fe
[0202.395] DeleteDC (hdc=0xaf01065e) returned 1
[0202.395] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.395] EndPaint (hWnd=0x1402de, lpPaint=0xd7e24c) returned 1
[0202.396] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0202.396] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.396] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0202.397] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.397] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.398] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0202.399] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.399] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.399] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.399] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.399] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.400] IsWindowUnicode (hWnd=0x902d0) returned 1
[0202.400] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.400] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.400] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.401] BeginPaint (in: hWnd=0x902d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0202.401] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.401] CreateCompatibleDC (hdc=0xf0105ee) returned 0xb101065e
[0202.401] SelectObject (hdc=0xb101065e, h=0x4a0507fe) returned 0x85000f
[0202.401] GdipCreateFromHDC (hdc=0xb101065e, graphics=0xd7e268) returned 0x0
[0202.401] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.401] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0202.402] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0202.402] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0202.402] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0202.402] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.402] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0202.402] LocalFree (hMem=0x11ee788) returned 0x0
[0202.402] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0202.402] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0202.402] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0202.402] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0202.402] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0202.402] GdipRestoreGraphics (graphics=0x6600030, state=0xfaac0dbd) returned 0x0
[0202.402] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0202.402] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0202.402] GetCurrentObject (hdc=0xb101065e, type=0x1) returned 0xb00017
[0202.402] GetCurrentObject (hdc=0xb101065e, type=0x2) returned 0x900010
[0202.402] GetCurrentObject (hdc=0xb101065e, type=0x7) returned 0x4a0507fe
[0202.403] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.403] SaveDC (hdc=0xb101065e) returned 1
[0202.403] GetNearestColor (hdc=0xb101065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.403] GetNearestColor (hdc=0xb101065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.403] GetNearestColor (hdc=0xb101065e, color=0x696969) returned 0x696969
[0202.403] GetNearestColor (hdc=0xb101065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.403] GetNearestColor (hdc=0xb101065e, color=0x0) returned 0x0
[0202.403] GetNearestColor (hdc=0xb101065e, color=0xffffff) returned 0xffffff
[0202.403] GetNearestColor (hdc=0xb101065e, color=0xe5e5e5) returned 0xe5e5e5
[0202.404] GetNearestColor (hdc=0xb101065e, color=0xd7d7d7) returned 0xd7d7d7
[0202.404] GetNearestColor (hdc=0xb101065e, color=0x0) returned 0x0
[0202.404] RestoreDC (hdc=0xb101065e, nSavedDC=-1) returned 1
[0202.404] GdipReleaseDC (graphics=0x6600030, hdc=0xb101065e) returned 0x0
[0202.404] IsAppThemed () returned 0x1
[0202.404] GetThemeAppProperties () returned 0x3
[0202.404] GetThemeAppProperties () returned 0x3
[0202.404] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0202.404] SendMessageW (hWnd=0x1402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0202.404] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0202.404] IsAppThemed () returned 0x1
[0202.404] GetThemeAppProperties () returned 0x3
[0202.404] GetThemeAppProperties () returned 0x3
[0202.404] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2dc7da4 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0202.405] IsAppThemed () returned 0x1
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] IsAppThemed () returned 0x1
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] GetFocus () returned 0x1602d8
[0202.405] IsAppThemed () returned 0x1
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] IsAppThemed () returned 0x1
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] GetThemeAppProperties () returned 0x3
[0202.405] IsThemePartDefined () returned 0x1
[0202.405] IsAppThemed () returned 0x1
[0202.406] GetThemeAppProperties () returned 0x3
[0202.406] GetThemeAppProperties () returned 0x3
[0202.406] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0202.406] IsAppThemed () returned 0x1
[0202.406] GetThemeAppProperties () returned 0x3
[0202.406] GetThemeAppProperties () returned 0x3
[0202.406] IsAppThemed () returned 0x1
[0202.406] GetThemeAppProperties () returned 0x3
[0202.406] GetThemeAppProperties () returned 0x3
[0202.406] IsThemePartDefined () returned 0x1
[0202.406] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0202.406] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.406] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0202.406] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0202.406] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0202.406] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0202.406] LocalFree (hMem=0x11ee788) returned 0x0
[0202.406] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0202.407] LocalFree (hMem=0x11eec58) returned 0x0
[0202.407] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0202.407] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e018) returned 0x0
[0202.407] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e008) returned 0x0
[0202.407] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0202.407] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.407] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0202.407] GetCurrentObject (hdc=0xb101065e, type=0x1) returned 0xb00017
[0202.407] GetCurrentObject (hdc=0xb101065e, type=0x2) returned 0x900010
[0202.407] GetCurrentObject (hdc=0xb101065e, type=0x7) returned 0x4a0507fe
[0202.407] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.407] SaveDC (hdc=0xb101065e) returned 1
[0202.407] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb20407de
[0202.407] GetClipRgn (hdc=0xb101065e, hrgn=0xb20407de) returned 0
[0202.407] SelectClipRgn (hdc=0xb101065e, hrgn=0x28040807) returned 2
[0202.407] DeleteObject (ho=0xb20407de) returned 1
[0202.408] DeleteObject (ho=0x28040807) returned 1
[0202.408] OffsetViewportOrgEx (in: hdc=0xb101065e, x=0, y=0, lppt=0x2dc8454 | out: lppt=0x2dc8454) returned 1
[0202.408] DrawThemeParentBackground () returned 0x0
[0202.408] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0202.408] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0202.408] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.408] GetSystemMetrics (nIndex=42) returned 0
[0202.408] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0202.408] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0202.408] GetCurrentObject (hdc=0xb101065e, type=0x1) returned 0xb00017
[0202.408] GetCurrentObject (hdc=0xb101065e, type=0x2) returned 0x900010
[0202.408] GetCurrentObject (hdc=0xb101065e, type=0x7) returned 0x4a0507fe
[0202.408] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.409] SaveDC (hdc=0xb101065e) returned 2
[0202.409] GetNearestColor (hdc=0xb101065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.409] CreateSolidBrush (color=0xf0f0f0) returned 0xf61007e1
[0202.409] FillRect (hDC=0xb101065e, lprc=0xd7da38, hbr=0xf61007e1) returned 1
[0202.409] DeleteObject (ho=0xf61007e1) returned 1
[0202.409] RestoreDC (hdc=0xb101065e, nSavedDC=-1) returned 1
[0202.409] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.409] GetSystemMetrics (nIndex=42) returned 0
[0202.409] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0202.409] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0202.409] GetCurrentObject (hdc=0xb101065e, type=0x1) returned 0xb00017
[0202.409] GetCurrentObject (hdc=0xb101065e, type=0x2) returned 0x900010
[0202.410] GetCurrentObject (hdc=0xb101065e, type=0x7) returned 0x4a0507fe
[0202.410] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.410] SaveDC (hdc=0xb101065e) returned 2
[0202.410] GetNearestColor (hdc=0xb101065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.410] CreateSolidBrush (color=0xf0f0f0) returned 0xf71007e1
[0202.410] FillRect (hDC=0xb101065e, lprc=0xd7d9d8, hbr=0xf71007e1) returned 1
[0202.410] DeleteObject (ho=0xf71007e1) returned 1
[0202.410] RestoreDC (hdc=0xb101065e, nSavedDC=-1) returned 1
[0202.410] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.410] GetSystemMetrics (nIndex=42) returned 0
[0202.410] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0202.411] RestoreDC (hdc=0xb101065e, nSavedDC=-1) returned 1
[0202.411] GdipReleaseDC (graphics=0x6600030, hdc=0xb101065e) returned 0x0
[0202.411] IsAppThemed () returned 0x1
[0202.411] GetThemeAppProperties () returned 0x3
[0202.411] GetThemeAppProperties () returned 0x3
[0202.411] IsAppThemed () returned 0x1
[0202.411] GetThemeAppProperties () returned 0x3
[0202.411] GetThemeAppProperties () returned 0x3
[0202.411] IsThemePartDefined () returned 0x1
[0202.411] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0202.411] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.411] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0202.411] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0202.411] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0202.411] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.411] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0202.412] LocalFree (hMem=0x11eec58) returned 0x0
[0202.412] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0202.412] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eed00) returned 0x0
[0202.412] LocalFree (hMem=0x11eed00) returned 0x0
[0202.412] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0202.412] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0202.412] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0202.412] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0202.412] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.412] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0202.412] GetCurrentObject (hdc=0xb101065e, type=0x1) returned 0xb00017
[0202.412] GetCurrentObject (hdc=0xb101065e, type=0x2) returned 0x900010
[0202.412] GetCurrentObject (hdc=0xb101065e, type=0x7) returned 0x4a0507fe
[0202.412] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.412] SaveDC (hdc=0xb101065e) returned 1
[0202.412] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x29040807
[0202.413] GetClipRgn (hdc=0xb101065e, hrgn=0x29040807) returned 0
[0202.413] SelectClipRgn (hdc=0xb101065e, hrgn=0xb40407de) returned 2
[0202.413] DeleteObject (ho=0x29040807) returned 1
[0202.413] DeleteObject (ho=0xb40407de) returned 1
[0202.413] OffsetViewportOrgEx (in: hdc=0xb101065e, x=0, y=0, lppt=0x2dc8dd8 | out: lppt=0x2dc8dd8) returned 1
[0202.413] IsAppThemed () returned 0x1
[0202.413] GetThemeAppProperties () returned 0x3
[0202.413] GetThemeAppProperties () returned 0x3
[0202.413] DrawThemeBackground () returned 0x0
[0202.413] RestoreDC (hdc=0xb101065e, nSavedDC=-1) returned 1
[0202.413] GdipReleaseDC (graphics=0x6600030, hdc=0xb101065e) returned 0x0
[0202.413] GdipCreateRegion (region=0xd7df60) returned 0x0
[0202.413] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.413] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0202.413] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0202.414] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0202.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.414] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0202.414] LocalFree (hMem=0x11eec58) returned 0x0
[0202.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0202.414] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0202.414] LocalFree (hMem=0x11ee868) returned 0x0
[0202.414] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0202.414] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0202.414] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df90) returned 0x0
[0202.414] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0202.414] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.414] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0202.414] GetCurrentObject (hdc=0xb101065e, type=0x1) returned 0xb00017
[0202.414] GetCurrentObject (hdc=0xb101065e, type=0x2) returned 0x900010
[0202.414] GetCurrentObject (hdc=0xb101065e, type=0x7) returned 0x4a0507fe
[0202.415] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.415] SaveDC (hdc=0xb101065e) returned 1
[0202.415] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb50407de
[0202.415] GetClipRgn (hdc=0xb101065e, hrgn=0xb50407de) returned 0
[0202.415] SelectClipRgn (hdc=0xb101065e, hrgn=0x2a040807) returned 2
[0202.415] DeleteObject (ho=0xb50407de) returned 1
[0202.415] DeleteObject (ho=0x2a040807) returned 1
[0202.415] OffsetViewportOrgEx (in: hdc=0xb101065e, x=0, y=0, lppt=0x2dc90ac | out: lppt=0x2dc90ac) returned 1
[0202.415] IsAppThemed () returned 0x1
[0202.415] GetThemeAppProperties () returned 0x3
[0202.415] GetThemeAppProperties () returned 0x3
[0202.415] GetThemeBackgroundContentRect () returned 0x0
[0202.415] RestoreDC (hdc=0xb101065e, nSavedDC=-1) returned 1
[0202.415] GdipReleaseDC (graphics=0x6600030, hdc=0xb101065e) returned 0x0
[0202.415] IsAppThemed () returned 0x1
[0202.416] GetThemeAppProperties () returned 0x3
[0202.416] GetThemeAppProperties () returned 0x3
[0202.416] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0202.416] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0202.416] GetCurrentObject (hdc=0xb101065e, type=0x1) returned 0xb00017
[0202.416] GetCurrentObject (hdc=0xb101065e, type=0x2) returned 0x900010
[0202.416] GetCurrentObject (hdc=0xb101065e, type=0x7) returned 0x4a0507fe
[0202.416] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.416] SaveDC (hdc=0xb101065e) returned 1
[0202.416] GetTextAlign (hdc=0xb101065e) returned 0x0
[0202.416] GetTextColor (hdc=0xb101065e) returned 0x0
[0202.416] GetCurrentObject (hdc=0xb101065e, type=0x6) returned 0x8a01c2
[0202.416] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0202.416] SelectObject (hdc=0xb101065e, h=0x6d0a0520) returned 0x8a01c2
[0202.417] GetBkMode (hdc=0xb101065e) returned 2
[0202.417] SetBkMode (hdc=0xb101065e, mode=1) returned 2
[0202.417] DrawTextExW (in: hdc=0xb101065e, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc944c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0202.417] DrawTextExW (in: hdc=0xb101065e, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc944c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0202.417] RestoreDC (hdc=0xb101065e, nSavedDC=-1) returned 1
[0202.417] GdipReleaseDC (graphics=0x6600030, hdc=0xb101065e) returned 0x0
[0202.417] GetFocus () returned 0x1602d8
[0202.418] IsAppThemed () returned 0x1
[0202.418] GetThemeAppProperties () returned 0x3
[0202.418] GetThemeAppProperties () returned 0x3
[0202.418] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0202.418] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xb101065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.418] GdipReleaseDC (graphics=0x6600030, hdc=0xb101065e) returned 0x0
[0202.418] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.418] SelectObject (hdc=0xb101065e, h=0x85000f) returned 0x4a0507fe
[0202.418] DeleteDC (hdc=0xb101065e) returned 1
[0202.418] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.418] EndPaint (hWnd=0x902d0, lpPaint=0xd7e24c) returned 1
[0202.419] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.423] IsWindowUnicode (hWnd=0x602c4) returned 1
[0202.423] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.423] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.423] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.423] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0202.423] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.423] CreateCompatibleDC (hdc=0x10105d6) returned 0xb301065e
[0202.424] SelectObject (hdc=0xb301065e, h=0x4a0507fe) returned 0x85000f
[0202.424] GdipCreateFromHDC (hdc=0xb301065e, graphics=0xd7e268) returned 0x0
[0202.424] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.424] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0202.424] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0202.424] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0202.424] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0202.424] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.424] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0202.424] LocalFree (hMem=0x11eec58) returned 0x0
[0202.424] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0202.424] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0202.424] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.425] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0202.425] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0202.425] GdipRestoreGraphics (graphics=0x6600030, state=0xfaaa0dbd) returned 0x0
[0202.425] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.425] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0202.425] GetCurrentObject (hdc=0xb301065e, type=0x1) returned 0xb00017
[0202.425] GetCurrentObject (hdc=0xb301065e, type=0x2) returned 0x900010
[0202.425] GetCurrentObject (hdc=0xb301065e, type=0x7) returned 0x4a0507fe
[0202.425] GetCurrentObject (hdc=0xb301065e, type=0x6) returned 0x8a01c2
[0202.425] SaveDC (hdc=0xb301065e) returned 1
[0202.425] GetNearestColor (hdc=0xb301065e, color=0xff) returned 0xff
[0202.425] GetNearestColor (hdc=0xb301065e, color=0x55) returned 0x55
[0202.425] GetNearestColor (hdc=0xb301065e, color=0x0) returned 0x0
[0202.425] GetNearestColor (hdc=0xb301065e, color=0x55) returned 0x55
[0202.426] GetNearestColor (hdc=0xb301065e, color=0x0) returned 0x0
[0202.426] GetNearestColor (hdc=0xb301065e, color=0x8080ff) returned 0x8080ff
[0202.426] GetNearestColor (hdc=0xb301065e, color=0x7373e5) returned 0x7373e5
[0202.426] GetNearestColor (hdc=0xb301065e, color=0xe5) returned 0xe5
[0202.426] GetNearestColor (hdc=0xb301065e, color=0x0) returned 0x0
[0202.426] RestoreDC (hdc=0xb301065e, nSavedDC=-1) returned 1
[0202.426] GdipReleaseDC (graphics=0x6600030, hdc=0xb301065e) returned 0x0
[0202.426] IsAppThemed () returned 0x1
[0202.426] GetThemeAppProperties () returned 0x3
[0202.426] GetThemeAppProperties () returned 0x3
[0202.426] IsAppThemed () returned 0x1
[0202.426] GetThemeAppProperties () returned 0x3
[0202.426] GetThemeAppProperties () returned 0x3
[0202.426] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2dc9c14 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0202.427] IsAppThemed () returned 0x1
[0202.427] GetThemeAppProperties () returned 0x3
[0202.427] GetThemeAppProperties () returned 0x3
[0202.427] IsAppThemed () returned 0x1
[0202.427] GetThemeAppProperties () returned 0x3
[0202.427] GetThemeAppProperties () returned 0x3
[0202.427] GetFocus () returned 0x1602d8
[0202.427] IsAppThemed () returned 0x1
[0202.427] GetThemeAppProperties () returned 0x3
[0202.427] GetThemeAppProperties () returned 0x3
[0202.427] IsAppThemed () returned 0x1
[0202.427] GetThemeAppProperties () returned 0x3
[0202.428] GetThemeAppProperties () returned 0x3
[0202.428] IsThemePartDefined () returned 0x1
[0202.428] IsAppThemed () returned 0x1
[0202.428] GetThemeAppProperties () returned 0x3
[0202.428] GetThemeAppProperties () returned 0x3
[0202.428] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0202.428] IsAppThemed () returned 0x1
[0202.428] GetThemeAppProperties () returned 0x3
[0202.428] GetThemeAppProperties () returned 0x3
[0202.428] IsAppThemed () returned 0x1
[0202.428] GetThemeAppProperties () returned 0x3
[0202.428] GetThemeAppProperties () returned 0x3
[0202.428] IsThemePartDefined () returned 0x1
[0202.428] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0202.428] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.428] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0202.428] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0202.428] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0202.428] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.428] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0202.429] LocalFree (hMem=0x11eec58) returned 0x0
[0202.429] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0202.429] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee910) returned 0x0
[0202.429] LocalFree (hMem=0x11ee910) returned 0x0
[0202.429] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0202.429] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e018) returned 0x0
[0202.429] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e008) returned 0x0
[0202.429] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0202.429] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.429] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0202.429] GetCurrentObject (hdc=0xb301065e, type=0x1) returned 0xb00017
[0202.429] GetCurrentObject (hdc=0xb301065e, type=0x2) returned 0x900010
[0202.429] GetCurrentObject (hdc=0xb301065e, type=0x7) returned 0x4a0507fe
[0202.429] GetCurrentObject (hdc=0xb301065e, type=0x6) returned 0x8a01c2
[0202.429] SaveDC (hdc=0xb301065e) returned 1
[0202.430] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b040807
[0202.430] GetClipRgn (hdc=0xb301065e, hrgn=0x2b040807) returned 0
[0202.430] SelectClipRgn (hdc=0xb301065e, hrgn=0xb90407de) returned 2
[0202.430] DeleteObject (ho=0x2b040807) returned 1
[0202.430] DeleteObject (ho=0xb90407de) returned 1
[0202.430] OffsetViewportOrgEx (in: hdc=0xb301065e, x=0, y=0, lppt=0x2dca2c4 | out: lppt=0x2dca2c4) returned 1
[0202.430] DrawThemeParentBackground () returned 0x0
[0202.430] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0202.430] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0202.430] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0202.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0202.430] GetSystemMetrics (nIndex=42) returned 0
[0202.430] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0202.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0202.431] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0202.431] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0202.431] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0202.431] SelectPalette (hdc=0xb301065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.431] GdipCreateFromHDC (hdc=0xb301065e, graphics=0xd7dac8) returned 0x0
[0202.431] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0202.431] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0202.431] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638b48) returned 0x0
[0202.431] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7daa0) returned 0x0
[0202.431] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0202.431] GdipCreateRegion (region=0xd7da88) returned 0x0
[0202.432] GdipGetClip (graphics=0x6631fe8, region=0x6646a78) returned 0x0
[0202.432] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6631fe8, result=0xd7da94) returned 0x0
[0202.432] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0202.432] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dac0) returned 0x0
[0202.432] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0202.439] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0202.439] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0202.441] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0202.441] SelectPalette (hdc=0xb301065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.441] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0202.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0202.442] GetSystemMetrics (nIndex=42) returned 0
[0202.442] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0202.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0202.442] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0202.442] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0202.442] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0202.442] SelectPalette (hdc=0xb301065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.442] GdipCreateFromHDC (hdc=0xb301065e, graphics=0xd7da68) returned 0x0
[0202.442] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0202.442] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0202.442] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638ba8) returned 0x0
[0202.442] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7da40) returned 0x0
[0202.443] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0202.443] GdipCreateRegion (region=0xd7da28) returned 0x0
[0202.443] GdipGetClip (graphics=0x6631fe8, region=0x6646838) returned 0x0
[0202.443] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6631fe8, result=0xd7da34) returned 0x0
[0202.443] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.443] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7da60) returned 0x0
[0202.443] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0202.468] GdipFillRectangleI (graphics=0x6631fe8, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0202.468] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0202.470] GdipRestoreGraphics (graphics=0x6631fe8, state=0xfaa60dbd) returned 0x0
[0202.470] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0202.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0202.470] GetSystemMetrics (nIndex=42) returned 0
[0202.470] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0202.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0202.470] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0202.470] SelectPalette (hdc=0xb301065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.471] RestoreDC (hdc=0xb301065e, nSavedDC=-1) returned 1
[0202.471] GdipReleaseDC (graphics=0x6600030, hdc=0xb301065e) returned 0x0
[0202.471] IsAppThemed () returned 0x1
[0202.471] GetThemeAppProperties () returned 0x3
[0202.471] GetThemeAppProperties () returned 0x3
[0202.471] IsAppThemed () returned 0x1
[0202.471] GetThemeAppProperties () returned 0x3
[0202.471] GetThemeAppProperties () returned 0x3
[0202.471] IsThemePartDefined () returned 0x1
[0202.471] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0202.471] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.471] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0202.471] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0202.471] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0202.471] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0202.471] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0202.472] LocalFree (hMem=0x11eed00) returned 0x0
[0202.472] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0202.472] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0202.472] LocalFree (hMem=0x11ee910) returned 0x0
[0202.472] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0202.472] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0202.472] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0202.472] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0202.472] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.472] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0202.472] GetCurrentObject (hdc=0xb301065e, type=0x1) returned 0xb00017
[0202.472] GetCurrentObject (hdc=0xb301065e, type=0x2) returned 0x900010
[0202.472] GetCurrentObject (hdc=0xb301065e, type=0x7) returned 0x4a0507fe
[0202.472] GetCurrentObject (hdc=0xb301065e, type=0x6) returned 0x8a01c2
[0202.472] SaveDC (hdc=0xb301065e) returned 1
[0202.473] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xba0407de
[0202.473] GetClipRgn (hdc=0xb301065e, hrgn=0xba0407de) returned 0
[0202.473] SelectClipRgn (hdc=0xb301065e, hrgn=0x2d040807) returned 2
[0202.473] DeleteObject (ho=0xba0407de) returned 1
[0202.473] DeleteObject (ho=0x2d040807) returned 1
[0202.473] OffsetViewportOrgEx (in: hdc=0xb301065e, x=0, y=0, lppt=0x2dd0b14 | out: lppt=0x2dd0b14) returned 1
[0202.473] IsAppThemed () returned 0x1
[0202.473] GetThemeAppProperties () returned 0x3
[0202.473] GetThemeAppProperties () returned 0x3
[0202.473] DrawThemeBackground () returned 0x0
[0202.473] RestoreDC (hdc=0xb301065e, nSavedDC=-1) returned 1
[0202.473] GdipReleaseDC (graphics=0x6600030, hdc=0xb301065e) returned 0x0
[0202.473] GdipCreateRegion (region=0xd7df60) returned 0x0
[0202.474] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.474] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0202.474] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0202.474] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df78) returned 0x0
[0202.474] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.474] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0202.474] LocalFree (hMem=0x11eec58) returned 0x0
[0202.474] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.474] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0202.474] LocalFree (hMem=0x11eec58) returned 0x0
[0202.474] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0202.474] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0202.474] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df90) returned 0x0
[0202.474] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0202.474] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.475] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0202.475] GetCurrentObject (hdc=0xb301065e, type=0x1) returned 0xb00017
[0202.475] GetCurrentObject (hdc=0xb301065e, type=0x2) returned 0x900010
[0202.475] GetCurrentObject (hdc=0xb301065e, type=0x7) returned 0x4a0507fe
[0202.475] GetCurrentObject (hdc=0xb301065e, type=0x6) returned 0x8a01c2
[0202.475] SaveDC (hdc=0xb301065e) returned 1
[0202.475] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e040807
[0202.475] GetClipRgn (hdc=0xb301065e, hrgn=0x2e040807) returned 0
[0202.475] SelectClipRgn (hdc=0xb301065e, hrgn=0xbb0407de) returned 2
[0202.475] DeleteObject (ho=0x2e040807) returned 1
[0202.475] DeleteObject (ho=0xbb0407de) returned 1
[0202.475] OffsetViewportOrgEx (in: hdc=0xb301065e, x=0, y=0, lppt=0x2dd0de8 | out: lppt=0x2dd0de8) returned 1
[0202.475] IsAppThemed () returned 0x1
[0202.475] GetThemeAppProperties () returned 0x3
[0202.475] GetThemeAppProperties () returned 0x3
[0202.475] GetThemeBackgroundContentRect () returned 0x0
[0202.475] RestoreDC (hdc=0xb301065e, nSavedDC=-1) returned 1
[0202.476] GdipReleaseDC (graphics=0x6600030, hdc=0xb301065e) returned 0x0
[0202.476] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0202.476] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0202.476] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0202.476] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0202.476] IsAppThemed () returned 0x1
[0202.476] GetThemeAppProperties () returned 0x3
[0202.476] GetThemeAppProperties () returned 0x3
[0202.476] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0202.476] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0202.476] GetCurrentObject (hdc=0xb301065e, type=0x1) returned 0xb00017
[0202.476] GetCurrentObject (hdc=0xb301065e, type=0x2) returned 0x900010
[0202.476] GetCurrentObject (hdc=0xb301065e, type=0x7) returned 0x4a0507fe
[0202.476] GetCurrentObject (hdc=0xb301065e, type=0x6) returned 0x8a01c2
[0202.476] SaveDC (hdc=0xb301065e) returned 1
[0202.476] GetTextAlign (hdc=0xb301065e) returned 0x0
[0202.477] GetTextColor (hdc=0xb301065e) returned 0x0
[0202.477] GetCurrentObject (hdc=0xb301065e, type=0x6) returned 0x8a01c2
[0202.477] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0202.477] SelectObject (hdc=0xb301065e, h=0x6d0a0520) returned 0x8a01c2
[0202.477] GetBkMode (hdc=0xb301065e) returned 2
[0202.477] SetBkMode (hdc=0xb301065e, mode=1) returned 2
[0202.477] DrawTextExW (in: hdc=0xb301065e, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dd11ac | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0202.477] DrawTextExW (in: hdc=0xb301065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dd11ac | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0202.478] RestoreDC (hdc=0xb301065e, nSavedDC=-1) returned 1
[0202.478] GdipReleaseDC (graphics=0x6600030, hdc=0xb301065e) returned 0x0
[0202.478] GetFocus () returned 0x1602d8
[0202.478] IsAppThemed () returned 0x1
[0202.478] GetThemeAppProperties () returned 0x3
[0202.478] GetThemeAppProperties () returned 0x3
[0202.478] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0202.478] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xb301065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.479] GdipReleaseDC (graphics=0x6600030, hdc=0xb301065e) returned 0x0
[0202.479] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.479] SelectObject (hdc=0xb301065e, h=0x85000f) returned 0x4a0507fe
[0202.479] DeleteDC (hdc=0xb301065e) returned 1
[0202.479] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.479] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0202.479] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.479] IsWindowUnicode (hWnd=0x1402de) returned 1
[0202.479] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.479] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.480] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.480] IsWindowUnicode (hWnd=0x1402de) returned 1
[0202.480] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.480] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.480] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x2a1, wParam=0x0, lParam=0xc0036) returned 0x0
[0202.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0202.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0202.480] WaitMessage () returned 1
[0202.493] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.493] IsWindowUnicode (hWnd=0x1402de) returned 1
[0202.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.493] GetDlgItem (hDlg=0x1402da, nIDDlgItem=0) returned 0x0
[0202.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x210, wParam=0x201, lParam=0x6a0117) returned 0x0
[0202.494] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x21, wParam=0x1402da, lParam=0x2010001) returned 0x1
[0202.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x21, wParam=0x1402da, lParam=0x2010001) returned 0x1
[0202.494] SetCursor (hCursor=0x10003) returned 0x10003
[0202.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.494] GetKeyState (nVirtKey=1) returned -127
[0202.494] GetKeyState (nVirtKey=2) returned 0
[0202.494] GetKeyState (nVirtKey=4) returned 0
[0202.494] GetKeyState (nVirtKey=5) returned 0
[0202.494] GetKeyState (nVirtKey=6) returned 0
[0202.494] IsWindowVisible (hWnd=0x1402de) returned 1
[0202.494] IsWindowEnabled (hWnd=0x1402de) returned 1
[0202.494] SetFocus (hWnd=0x1402de) returned 0x1602d8
[0202.495] GetFocus () returned 0x1402de
[0202.495] IsChild (hWndParent=0x1402da, hWnd=0x1402de) returned 1
[0202.495] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x8, wParam=0x1402de, lParam=0x0) returned 0x0
[0202.495] GetCapture () returned 0x0
[0202.495] InvalidateRect (hWnd=0x1602d8, lpRect=0x0, bErase=0) returned 1
[0202.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0202.498] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0202.500] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.500] InvalidateRect (hWnd=0x1602d8, lpRect=0x0, bErase=0) returned 1
[0202.500] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.500] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x7, wParam=0x1602d8, lParam=0x0) returned 0x0
[0202.500] GetStockObject (i=5) returned 0x900015
[0202.500] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0202.500] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0202.500] GetDlgItem (hDlg=0x1402da, nIDDlgItem=1311454) returned 0x1402de
[0202.500] SendMessageW (hWnd=0x1402de, Msg=0x202b, wParam=0x1402de, lParam=0xd7dddc) returned 0x0
[0202.501] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x202b, wParam=0x1402de, lParam=0xd7dddc) returned 0x0
[0202.501] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.502] GetFocus () returned 0x1402de
[0202.502] GetFocus () returned 0x1402de
[0202.502] GetFocus () returned 0x1402de
[0202.503] GetKeyState (nVirtKey=1) returned -127
[0202.503] GetKeyState (nVirtKey=2) returned 0
[0202.503] GetKeyState (nVirtKey=4) returned 0
[0202.503] GetKeyState (nVirtKey=5) returned 0
[0202.503] GetKeyState (nVirtKey=6) returned 0
[0202.503] GetCapture () returned 0x0
[0202.503] SetCapture (hWnd=0x1402de) returned 0x0
[0202.503] GetKeyState (nVirtKey=1) returned -127
[0202.503] GetKeyState (nVirtKey=2) returned 0
[0202.503] GetKeyState (nVirtKey=4) returned 0
[0202.503] GetKeyState (nVirtKey=5) returned 0
[0202.503] GetKeyState (nVirtKey=6) returned 0
[0202.503] NotifyWinEvent (event=0x800a, hwnd=0x1402de, idObject=-4, idChild=0)
[0202.503] InvalidateRect (hWnd=0x1402de, lpRect=0xd7e430, bErase=0) returned 1
[0202.503] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.503] IsWindowUnicode (hWnd=0x1402de) returned 1
[0202.503] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.504] TranslateMessage (lpMsg=0xd7e808) returned 0
[0202.504] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0202.504] MapWindowPoints (in: hWndFrom=0x1402de, hWndTo=0x0, lpPoints=0x2dd13c0, cPoints=0x1 | out: lpPoints=0x2dd13c0) returned 30999254
[0202.504] NotifyWinEvent (event=0x800a, hwnd=0x1402de, idObject=-4, idChild=0)
[0202.504] InvalidateRect (hWnd=0x1402de, lpRect=0xd7e3d0, bErase=0) returned 1
[0202.504] UpdateWindow (hWnd=0x1402de) returned 1
[0202.504] BeginPaint (in: hWnd=0x1402de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0202.504] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.504] CreateCompatibleDC (hdc=0xc0107c5) returned 0xb401065e
[0202.504] SelectObject (hdc=0xb401065e, h=0x4a0507fe) returned 0x85000f
[0202.504] GdipCreateFromHDC (hdc=0xb401065e, graphics=0xd7df00) returned 0x0
[0202.505] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.505] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0202.505] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0202.505] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0202.505] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df60) returned 0x0
[0202.505] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0202.505] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0202.505] LocalFree (hMem=0x11ee9f0) returned 0x0
[0202.505] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0202.505] GdipCreateRegion (region=0xd7df48) returned 0x0
[0202.505] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0202.505] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df54) returned 0x0
[0202.505] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0202.505] GdipRestoreGraphics (graphics=0x6600030, state=0xfaa40dbd) returned 0x0
[0202.505] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0202.506] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0202.506] GetCurrentObject (hdc=0xb401065e, type=0x1) returned 0xb00017
[0202.506] GetCurrentObject (hdc=0xb401065e, type=0x2) returned 0x900010
[0202.506] GetCurrentObject (hdc=0xb401065e, type=0x7) returned 0x4a0507fe
[0202.506] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.506] SaveDC (hdc=0xb401065e) returned 1
[0202.506] GetNearestColor (hdc=0xb401065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.506] GetNearestColor (hdc=0xb401065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.506] GetNearestColor (hdc=0xb401065e, color=0x696969) returned 0x696969
[0202.506] GetNearestColor (hdc=0xb401065e, color=0xa0a0a0) returned 0xa0a0a0
[0202.506] GetNearestColor (hdc=0xb401065e, color=0x0) returned 0x0
[0202.506] GetNearestColor (hdc=0xb401065e, color=0xffffff) returned 0xffffff
[0202.507] GetNearestColor (hdc=0xb401065e, color=0xe5e5e5) returned 0xe5e5e5
[0202.507] GetNearestColor (hdc=0xb401065e, color=0xd7d7d7) returned 0xd7d7d7
[0202.507] GetNearestColor (hdc=0xb401065e, color=0x0) returned 0x0
[0202.507] RestoreDC (hdc=0xb401065e, nSavedDC=-1) returned 1
[0202.507] GdipReleaseDC (graphics=0x6600030, hdc=0xb401065e) returned 0x0
[0202.507] IsAppThemed () returned 0x1
[0202.507] GetThemeAppProperties () returned 0x3
[0202.507] GetThemeAppProperties () returned 0x3
[0202.507] IsAppThemed () returned 0x1
[0202.507] GetThemeAppProperties () returned 0x3
[0202.507] GetThemeAppProperties () returned 0x3
[0202.507] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dd1b18 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0202.508] IsAppThemed () returned 0x1
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] IsAppThemed () returned 0x1
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] IsAppThemed () returned 0x1
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] IsAppThemed () returned 0x1
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] IsThemePartDefined () returned 0x1
[0202.508] IsAppThemed () returned 0x1
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] GetThemeAppProperties () returned 0x3
[0202.508] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0202.508] IsAppThemed () returned 0x1
[0202.509] GetThemeAppProperties () returned 0x3
[0202.509] GetThemeAppProperties () returned 0x3
[0202.509] IsAppThemed () returned 0x1
[0202.509] GetThemeAppProperties () returned 0x3
[0202.509] GetThemeAppProperties () returned 0x3
[0202.509] IsThemePartDefined () returned 0x1
[0202.509] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0202.509] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.509] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0202.509] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0202.509] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc7c) returned 0x0
[0202.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0202.509] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0202.509] LocalFree (hMem=0x11ee9f0) returned 0x0
[0202.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0202.509] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0202.509] LocalFree (hMem=0x11ee868) returned 0x0
[0202.509] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0202.510] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0202.510] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0202.510] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0202.510] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.510] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0202.510] GetCurrentObject (hdc=0xb401065e, type=0x1) returned 0xb00017
[0202.510] GetCurrentObject (hdc=0xb401065e, type=0x2) returned 0x900010
[0202.510] GetCurrentObject (hdc=0xb401065e, type=0x7) returned 0x4a0507fe
[0202.510] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.510] SaveDC (hdc=0xb401065e) returned 1
[0202.510] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbc0407de
[0202.510] GetClipRgn (hdc=0xb401065e, hrgn=0xbc0407de) returned 0
[0202.510] SelectClipRgn (hdc=0xb401065e, hrgn=0x32040807) returned 2
[0202.510] DeleteObject (ho=0xbc0407de) returned 1
[0202.510] DeleteObject (ho=0x32040807) returned 1
[0202.511] OffsetViewportOrgEx (in: hdc=0xb401065e, x=0, y=0, lppt=0x2dd21c8 | out: lppt=0x2dd21c8) returned 1
[0202.511] DrawThemeParentBackground () returned 0x0
[0202.511] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0202.511] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0202.511] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.511] GetSystemMetrics (nIndex=42) returned 0
[0202.511] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0202.511] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0202.511] GetCurrentObject (hdc=0xb401065e, type=0x1) returned 0xb00017
[0202.511] GetCurrentObject (hdc=0xb401065e, type=0x2) returned 0x900010
[0202.511] GetCurrentObject (hdc=0xb401065e, type=0x7) returned 0x4a0507fe
[0202.511] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.512] SaveDC (hdc=0xb401065e) returned 2
[0202.512] GetNearestColor (hdc=0xb401065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.512] CreateSolidBrush (color=0xf0f0f0) returned 0xf81007e1
[0202.512] FillRect (hDC=0xb401065e, lprc=0xd7d6c8, hbr=0xf81007e1) returned 1
[0202.512] DeleteObject (ho=0xf81007e1) returned 1
[0202.512] RestoreDC (hdc=0xb401065e, nSavedDC=-1) returned 1
[0202.512] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.512] GetSystemMetrics (nIndex=42) returned 0
[0202.512] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0202.516] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0202.516] GetCurrentObject (hdc=0xb401065e, type=0x1) returned 0xb00017
[0202.516] GetCurrentObject (hdc=0xb401065e, type=0x2) returned 0x900010
[0202.516] GetCurrentObject (hdc=0xb401065e, type=0x7) returned 0x4a0507fe
[0202.516] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.516] SaveDC (hdc=0xb401065e) returned 2
[0202.516] GetNearestColor (hdc=0xb401065e, color=0xf0f0f0) returned 0xf0f0f0
[0202.516] CreateSolidBrush (color=0xf0f0f0) returned 0xf91007e1
[0202.516] FillRect (hDC=0xb401065e, lprc=0xd7d668, hbr=0xf91007e1) returned 1
[0202.516] DeleteObject (ho=0xf91007e1) returned 1
[0202.516] RestoreDC (hdc=0xb401065e, nSavedDC=-1) returned 1
[0202.516] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.516] GetSystemMetrics (nIndex=42) returned 0
[0202.517] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0202.517] RestoreDC (hdc=0xb401065e, nSavedDC=-1) returned 1
[0202.517] GdipReleaseDC (graphics=0x6600030, hdc=0xb401065e) returned 0x0
[0202.517] IsAppThemed () returned 0x1
[0202.517] GetThemeAppProperties () returned 0x3
[0202.517] GetThemeAppProperties () returned 0x3
[0202.517] IsAppThemed () returned 0x1
[0202.517] GetThemeAppProperties () returned 0x3
[0202.517] GetThemeAppProperties () returned 0x3
[0202.517] IsThemePartDefined () returned 0x1
[0202.517] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0202.517] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.517] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0202.517] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0202.517] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dc00) returned 0x0
[0202.517] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0202.517] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eecc8) returned 0x0
[0202.518] LocalFree (hMem=0x11eecc8) returned 0x0
[0202.518] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.518] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0202.518] LocalFree (hMem=0x11eec58) returned 0x0
[0202.518] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0202.518] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0202.518] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0202.518] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0202.518] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.518] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0202.518] GetCurrentObject (hdc=0xb401065e, type=0x1) returned 0xb00017
[0202.518] GetCurrentObject (hdc=0xb401065e, type=0x2) returned 0x900010
[0202.518] GetCurrentObject (hdc=0xb401065e, type=0x7) returned 0x4a0507fe
[0202.518] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.518] SaveDC (hdc=0xb401065e) returned 1
[0202.518] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x33040807
[0202.518] GetClipRgn (hdc=0xb401065e, hrgn=0x33040807) returned 0
[0202.518] SelectClipRgn (hdc=0xb401065e, hrgn=0xbe0407de) returned 2
[0202.518] DeleteObject (ho=0x33040807) returned 1
[0202.519] DeleteObject (ho=0xbe0407de) returned 1
[0202.519] OffsetViewportOrgEx (in: hdc=0xb401065e, x=0, y=0, lppt=0x2dd2b4c | out: lppt=0x2dd2b4c) returned 1
[0202.519] IsAppThemed () returned 0x1
[0202.519] GetThemeAppProperties () returned 0x3
[0202.519] GetThemeAppProperties () returned 0x3
[0202.519] DrawThemeBackground () returned 0x0
[0202.519] RestoreDC (hdc=0xb401065e, nSavedDC=-1) returned 1
[0202.519] GdipReleaseDC (graphics=0x6600030, hdc=0xb401065e) returned 0x0
[0202.519] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0202.519] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.519] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0202.519] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0202.519] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc04) returned 0x0
[0202.519] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.519] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0202.519] LocalFree (hMem=0x11eec58) returned 0x0
[0202.519] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0202.519] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0202.519] LocalFree (hMem=0x11eea98) returned 0x0
[0202.519] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0202.519] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0202.520] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0202.520] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0202.520] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.520] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0202.520] GetCurrentObject (hdc=0xb401065e, type=0x1) returned 0xb00017
[0202.520] GetCurrentObject (hdc=0xb401065e, type=0x2) returned 0x900010
[0202.520] GetCurrentObject (hdc=0xb401065e, type=0x7) returned 0x4a0507fe
[0202.520] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.520] SaveDC (hdc=0xb401065e) returned 1
[0202.520] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbf0407de
[0202.520] GetClipRgn (hdc=0xb401065e, hrgn=0xbf0407de) returned 0
[0202.520] SelectClipRgn (hdc=0xb401065e, hrgn=0x34040807) returned 2
[0202.520] DeleteObject (ho=0xbf0407de) returned 1
[0202.520] DeleteObject (ho=0x34040807) returned 1
[0202.520] OffsetViewportOrgEx (in: hdc=0xb401065e, x=0, y=0, lppt=0x2dd2e20 | out: lppt=0x2dd2e20) returned 1
[0202.520] IsAppThemed () returned 0x1
[0202.520] GetThemeAppProperties () returned 0x3
[0202.520] GetThemeAppProperties () returned 0x3
[0202.520] GetThemeBackgroundContentRect () returned 0x0
[0202.520] RestoreDC (hdc=0xb401065e, nSavedDC=-1) returned 1
[0202.521] GdipReleaseDC (graphics=0x6600030, hdc=0xb401065e) returned 0x0
[0202.521] IsAppThemed () returned 0x1
[0202.521] GetThemeAppProperties () returned 0x3
[0202.521] GetThemeAppProperties () returned 0x3
[0202.521] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0202.521] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0202.521] GetCurrentObject (hdc=0xb401065e, type=0x1) returned 0xb00017
[0202.521] GetCurrentObject (hdc=0xb401065e, type=0x2) returned 0x900010
[0202.521] GetCurrentObject (hdc=0xb401065e, type=0x7) returned 0x4a0507fe
[0202.521] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.521] SaveDC (hdc=0xb401065e) returned 1
[0202.521] GetTextAlign (hdc=0xb401065e) returned 0x0
[0202.521] GetTextColor (hdc=0xb401065e) returned 0x0
[0202.521] GetCurrentObject (hdc=0xb401065e, type=0x6) returned 0x8a01c2
[0202.521] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0202.521] SelectObject (hdc=0xb401065e, h=0x6d0a0520) returned 0x8a01c2
[0202.522] GetBkMode (hdc=0xb401065e) returned 2
[0202.522] SetBkMode (hdc=0xb401065e, mode=1) returned 2
[0202.522] DrawTextExW (in: hdc=0xb401065e, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dd31c0 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0202.522] DrawTextExW (in: hdc=0xb401065e, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dd31c0 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0202.522] RestoreDC (hdc=0xb401065e, nSavedDC=-1) returned 1
[0202.522] GdipReleaseDC (graphics=0x6600030, hdc=0xb401065e) returned 0x0
[0202.522] GetFocus () returned 0x1402de
[0202.522] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0202.522] SendMessageW (hWnd=0x1402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0202.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0202.523] IsAppThemed () returned 0x1
[0202.523] GetThemeAppProperties () returned 0x3
[0202.523] GetThemeAppProperties () returned 0x3
[0202.523] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0202.523] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xb401065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.523] GdipReleaseDC (graphics=0x6600030, hdc=0xb401065e) returned 0x0
[0202.523] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.523] SelectObject (hdc=0xb401065e, h=0x85000f) returned 0x4a0507fe
[0202.523] DeleteDC (hdc=0xb401065e) returned 1
[0202.523] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.523] EndPaint (hWnd=0x1402de, lpPaint=0xd7dee4) returned 1
[0202.523] MapWindowPoints (in: hWndFrom=0x1402de, hWndTo=0x0, lpPoints=0x2dd32bc, cPoints=0x1 | out: lpPoints=0x2dd32bc) returned 30999254
[0202.523] WindowFromPoint (Point=0x30c) returned 0x1402de
[0202.524] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.524] NotifyWinEvent (event=0x800a, hwnd=0x1402de, idObject=-4, idChild=0)
[0202.524] NotifyWinEvent (event=0x800c, hwnd=0x1402de, idObject=-4, idChild=0)
[0202.524] GetCapture () returned 0x1402de
[0202.524] ReleaseCapture () returned 1
[0202.524] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0202.524] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0202.525] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.525] IsWindow (hWnd=0x7005c) returned 1
[0202.525] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0202.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0202.526] IsWindow (hWnd=0x1402da) returned 1
[0202.526] SetActiveWindow (hWnd=0x1402da) returned 0x1402da
[0202.526] IsWindow (hWnd=0x1402da) returned 1
[0202.526] SetFocus (hWnd=0x1402da) returned 0x1402de
[0202.526] GetFocus () returned 0x1402da
[0202.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x8, wParam=0x1402da, lParam=0x0) returned 0x0
[0202.526] GetCapture () returned 0x0
[0202.526] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0202.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0202.535] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.536] GetFocus () returned 0x1402da
[0202.536] SetFocus (hWnd=0x1402de) returned 0x1402da
[0202.536] GetFocus () returned 0x1402de
[0202.536] IsChild (hWndParent=0x1402da, hWnd=0x1402de) returned 1
[0202.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x8, wParam=0x1402de, lParam=0x0) returned 0x0
[0202.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0202.539] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0202.540] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x7, wParam=0x1402da, lParam=0x0) returned 0x0
[0202.541] GetStockObject (i=5) returned 0x900015
[0202.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0202.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0202.541] GetDlgItem (hDlg=0x1402da, nIDDlgItem=1311454) returned 0x1402de
[0202.541] SendMessageW (hWnd=0x1402de, Msg=0x202b, wParam=0x1402de, lParam=0xd7ddcc) returned 0x0
[0202.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x202b, wParam=0x1402de, lParam=0xd7ddcc) returned 0x0
[0202.541] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.543] GetWindowLongW (hWnd=0x1402da, nIndex=-8) returned 458844
[0202.543] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0202.543] GetCurrentThreadId () returned 0xf50
[0202.543] IsWindow (hWnd=0x7005c) returned 1
[0202.543] IsWindow (hWnd=0x7005c) returned 1
[0202.543] IsWindowVisible (hWnd=0x7005c) returned 1
[0202.543] SetActiveWindow (hWnd=0x7005c) returned 0x1402da
[0202.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0202.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0202.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0202.548] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0202.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0202.548] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0202.548] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0202.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1402da) returned 0x1
[0202.554] GetFocus () returned 0x1402de
[0202.554] SetFocus (hWnd=0x602c4) returned 0x1402de
[0202.554] GetFocus () returned 0x602c4
[0202.554] IsChild (hWndParent=0x1402da, hWnd=0x602c4) returned 0
[0202.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0202.554] GetCapture () returned 0x0
[0202.554] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0202.557] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0202.559] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.559] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0202.559] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.565] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0202.565] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0202.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1402de, lParam=0x0) returned 0x0
[0202.566] GetStockObject (i=5) returned 0x900015
[0202.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0202.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed760) returned 0xc
[0202.566] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0202.566] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0202.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0202.566] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0202.568] GetFocus () returned 0x602c4
[0202.568] IsChild (hWndParent=0x1402da, hWnd=0x602c4) returned 0
[0202.568] ShowWindow (hWnd=0x1402da, nCmdShow=0) returned 1
[0202.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0202.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0202.570] GetWindowPlacement (in: hWnd=0x1402da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0202.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0202.570] GetClientRect (in: hWnd=0x1402da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0202.570] GetWindowRect (in: hWnd=0x1402da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0202.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0202.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0202.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0202.572] GetWindowLongW (hWnd=0x1402da, nIndex=-20) returned 327945
[0202.572] DestroyWindow (hWnd=0x1402da) returned 1
[0202.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0202.572] GetWindowTextLengthW (hWnd=0x1402da) returned 24
[0202.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0202.573] GetSystemMetrics (nIndex=42) returned 0
[0202.573] GetWindowTextW (in: hWnd=0x1402da, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0202.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0202.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0202.573] GetWindowTextLengthW (hWnd=0x1402dc) returned 0
[0202.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0202.573] GetSystemMetrics (nIndex=42) returned 0
[0202.573] GetWindowTextW (in: hWnd=0x1402dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0202.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0202.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0202.573] GetWindowThreadProcessId (in: hWnd=0xe02c8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0202.574] GetWindow (hWnd=0xe02c8, uCmd=0x5) returned 0x0
[0202.574] GetWindowLongW (hWnd=0xe02c8, nIndex=-20) returned 65792
[0202.574] DestroyWindow (hWnd=0xe02c8) returned 1
[0202.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0202.574] GetWindowTextLengthW (hWnd=0xe02c8) returned 25
[0202.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0202.574] GetSystemMetrics (nIndex=42) returned 0
[0202.574] GetWindowTextW (in: hWnd=0xe02c8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0202.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0202.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0202.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xe02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.576] GetWindowTextLengthW (hWnd=0x1700ea) returned 232
[0202.576] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0202.576] GetSystemMetrics (nIndex=42) returned 0
[0202.576] GetWindowTextW (in: hWnd=0x1700ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0202.576] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0202.576] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0202.576] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0202.576] InvalidateRect (hWnd=0x1402de, lpRect=0x0, bErase=0) returned 1
[0202.577] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0202.577] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0202.577] SendMessageW (hWnd=0xa02ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0202.577] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0202.577] SendMessageW (hWnd=0xa02ce, Msg=0xb0, wParam=0x2d9ee24, lParam=0xd7e480) returned 0x0
[0202.577] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0xb0, wParam=0x2d9ee24, lParam=0xd7e480) returned 0x0
[0202.577] GetWindowTextLengthW (hWnd=0xa02ce) returned 4363
[0202.577] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0202.577] GetSystemMetrics (nIndex=42) returned 0
[0202.577] CoTaskMemAlloc (cb=0x221c) returned 0x12072c0
[0202.577] GetWindowTextW (in: hWnd=0xa02ce, lpString=0x12072c0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0202.577] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0xd, wParam=0x110c, lParam=0x12072c0) returned 0x110b
[0202.578] CoTaskMemFree (pv=0x12072c0)
[0202.578] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0202.578] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.579] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1700ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.581] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.582] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1402de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.584] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x902d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.585] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xa02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0202.588] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.588] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.588] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.588] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.588] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.588] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.589] IsWindowUnicode (hWnd=0x7005c) returned 1
[0202.589] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.589] SetCursor (hCursor=0x10003) returned 0x10003
[0202.589] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.589] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.590] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0202.590] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0202.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0202.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x110024e) returned 0x0
[0202.590] GetKeyState (nVirtKey=1) returned 1
[0202.590] GetKeyState (nVirtKey=2) returned 0
[0202.590] GetKeyState (nVirtKey=4) returned 0
[0202.590] GetKeyState (nVirtKey=5) returned 0
[0202.590] GetKeyState (nVirtKey=6) returned 0
[0202.590] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.616] IsWindowUnicode (hWnd=0x7005c) returned 1
[0202.616] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.616] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.616] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.616] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.617] IsWindowUnicode (hWnd=0x7005c) returned 1
[0202.617] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5030c) returned 0x1
[0202.617] SetCursor (hCursor=0x10003) returned 0x10003
[0202.617] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.617] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x110024e) returned 0x0
[0202.617] GetKeyState (nVirtKey=1) returned 1
[0202.617] GetKeyState (nVirtKey=2) returned 0
[0202.617] GetKeyState (nVirtKey=4) returned 0
[0202.617] GetKeyState (nVirtKey=5) returned 0
[0202.618] GetKeyState (nVirtKey=6) returned 0
[0202.618] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.618] IsWindowUnicode (hWnd=0x602c4) returned 1
[0202.618] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.618] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.618] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.619] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.620] IsWindowUnicode (hWnd=0x602c4) returned 1
[0202.620] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.620] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.620] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.620] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0202.620] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.620] CreateCompatibleDC (hdc=0x60100ce) returned 0xb20107d7
[0202.620] SelectObject (hdc=0xb20107d7, h=0x4a0507fe) returned 0x85000f
[0202.620] GdipCreateFromHDC (hdc=0xb20107d7, graphics=0xd7e798) returned 0x0
[0202.621] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0202.621] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0202.621] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0202.621] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0202.621] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e7f8) returned 0x0
[0202.621] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0202.621] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee8d8) returned 0x0
[0202.621] LocalFree (hMem=0x11ee8d8) returned 0x0
[0202.621] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0202.621] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0202.621] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0202.621] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0202.621] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0202.621] GdipRestoreGraphics (graphics=0x6600030, state=0xfaa20dbd) returned 0x0
[0202.621] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0202.622] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0202.622] GetCurrentObject (hdc=0xb20107d7, type=0x1) returned 0xb00017
[0202.622] GetCurrentObject (hdc=0xb20107d7, type=0x2) returned 0x900010
[0202.622] GetCurrentObject (hdc=0xb20107d7, type=0x7) returned 0x4a0507fe
[0202.625] GetCurrentObject (hdc=0xb20107d7, type=0x6) returned 0x8a01c2
[0202.626] SaveDC (hdc=0xb20107d7) returned 1
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0xff) returned 0xff
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0x55) returned 0x55
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0x0) returned 0x0
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0x55) returned 0x55
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0x0) returned 0x0
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0x8080ff) returned 0x8080ff
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0x7373e5) returned 0x7373e5
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0xe5) returned 0xe5
[0202.626] GetNearestColor (hdc=0xb20107d7, color=0x0) returned 0x0
[0202.626] RestoreDC (hdc=0xb20107d7, nSavedDC=-1) returned 1
[0202.626] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d7) returned 0x0
[0202.627] IsAppThemed () returned 0x1
[0202.627] GetThemeAppProperties () returned 0x3
[0202.627] GetThemeAppProperties () returned 0x3
[0202.627] IsAppThemed () returned 0x1
[0202.627] GetThemeAppProperties () returned 0x3
[0202.627] GetThemeAppProperties () returned 0x3
[0202.627] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2ddb070 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0202.627] IsAppThemed () returned 0x1
[0202.627] GetThemeAppProperties () returned 0x3
[0202.627] GetThemeAppProperties () returned 0x3
[0202.627] IsAppThemed () returned 0x1
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] GetFocus () returned 0x602c4
[0202.628] IsAppThemed () returned 0x1
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] IsAppThemed () returned 0x1
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] IsThemePartDefined () returned 0x1
[0202.628] IsAppThemed () returned 0x1
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0202.628] IsAppThemed () returned 0x1
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] GetThemeAppProperties () returned 0x3
[0202.628] IsAppThemed () returned 0x1
[0202.628] GetThemeAppProperties () returned 0x3
[0202.629] GetThemeAppProperties () returned 0x3
[0202.629] IsThemePartDefined () returned 0x1
[0202.629] GdipCreateRegion (region=0xd7e508) returned 0x0
[0202.629] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.629] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0202.629] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0202.629] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e520) returned 0x0
[0202.629] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.629] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0202.629] LocalFree (hMem=0x11ee788) returned 0x0
[0202.629] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0202.629] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0202.629] LocalFree (hMem=0x11ee8d8) returned 0x0
[0202.629] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0202.629] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e548) returned 0x0
[0202.629] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e538) returned 0x0
[0202.630] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0202.630] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.630] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0202.630] GetCurrentObject (hdc=0xb20107d7, type=0x1) returned 0xb00017
[0202.630] GetCurrentObject (hdc=0xb20107d7, type=0x2) returned 0x900010
[0202.630] GetCurrentObject (hdc=0xb20107d7, type=0x7) returned 0x4a0507fe
[0202.630] GetCurrentObject (hdc=0xb20107d7, type=0x6) returned 0x8a01c2
[0202.630] SaveDC (hdc=0xb20107d7) returned 1
[0202.630] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x35040807
[0202.630] GetClipRgn (hdc=0xb20107d7, hrgn=0x35040807) returned 0
[0202.630] SelectClipRgn (hdc=0xb20107d7, hrgn=0xc30407de) returned 2
[0202.630] DeleteObject (ho=0x35040807) returned 1
[0202.630] DeleteObject (ho=0xc30407de) returned 1
[0202.630] OffsetViewportOrgEx (in: hdc=0xb20107d7, x=0, y=0, lppt=0x2ddb720 | out: lppt=0x2ddb720) returned 1
[0202.631] DrawThemeParentBackground () returned 0x0
[0202.631] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0202.631] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0202.631] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0202.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0202.631] GetSystemMetrics (nIndex=42) returned 0
[0202.631] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0202.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0202.631] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0202.631] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0202.631] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0202.631] SelectPalette (hdc=0xb20107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.632] GdipCreateFromHDC (hdc=0xb20107d7, graphics=0xd7dff8) returned 0x0
[0202.632] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0202.632] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0202.632] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638cf8) returned 0x0
[0202.632] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dfd0) returned 0x0
[0202.632] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0202.632] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0202.632] GdipGetClip (graphics=0x6631fe8, region=0x6646838) returned 0x0
[0202.632] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6631fe8, result=0xd7dfc4) returned 0x0
[0202.632] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.632] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dff0) returned 0x0
[0202.633] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0202.648] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0202.648] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0202.650] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0202.650] SelectPalette (hdc=0xb20107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.651] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0202.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0202.651] GetSystemMetrics (nIndex=42) returned 0
[0202.651] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0202.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0202.651] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0202.651] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0202.651] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0202.651] SelectPalette (hdc=0xb20107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0202.651] GdipCreateFromHDC (hdc=0xb20107d7, graphics=0xd7df98) returned 0x0
[0202.651] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0202.651] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0202.652] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638ba8) returned 0x0
[0202.652] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df70) returned 0x0
[0202.652] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0202.652] GdipCreateRegion (region=0xd7df58) returned 0x0
[0202.652] GdipGetClip (graphics=0x6631fe8, region=0x6646838) returned 0x0
[0202.652] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6631fe8, result=0xd7df64) returned 0x0
[0202.652] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.652] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7df90) returned 0x0
[0202.652] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0202.662] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0202.662] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0202.663] GdipRestoreGraphics (graphics=0x6631fe8, state=0xfa9e0dbd) returned 0x0
[0202.664] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0202.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0202.664] GetSystemMetrics (nIndex=42) returned 0
[0202.664] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0202.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0202.664] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0202.664] SelectPalette (hdc=0xb20107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.664] RestoreDC (hdc=0xb20107d7, nSavedDC=-1) returned 1
[0202.664] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d7) returned 0x0
[0202.664] IsAppThemed () returned 0x1
[0202.665] GetThemeAppProperties () returned 0x3
[0202.665] GetThemeAppProperties () returned 0x3
[0202.665] IsAppThemed () returned 0x1
[0202.665] GetThemeAppProperties () returned 0x3
[0202.665] GetThemeAppProperties () returned 0x3
[0202.665] IsThemePartDefined () returned 0x1
[0202.665] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0202.665] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.665] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0202.665] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0202.665] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e4a4) returned 0x0
[0202.665] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.665] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0202.665] LocalFree (hMem=0x11ee788) returned 0x0
[0202.665] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0202.665] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0202.665] LocalFree (hMem=0x11ee868) returned 0x0
[0202.666] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0202.666] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0202.666] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0202.666] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0202.666] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.666] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0202.666] GetCurrentObject (hdc=0xb20107d7, type=0x1) returned 0xb00017
[0202.666] GetCurrentObject (hdc=0xb20107d7, type=0x2) returned 0x900010
[0202.666] GetCurrentObject (hdc=0xb20107d7, type=0x7) returned 0x4a0507fe
[0202.666] GetCurrentObject (hdc=0xb20107d7, type=0x6) returned 0x8a01c2
[0202.666] SaveDC (hdc=0xb20107d7) returned 1
[0202.666] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc40407de
[0202.666] GetClipRgn (hdc=0xb20107d7, hrgn=0xc40407de) returned 0
[0202.666] SelectClipRgn (hdc=0xb20107d7, hrgn=0x37040807) returned 2
[0202.667] DeleteObject (ho=0xc40407de) returned 1
[0202.667] DeleteObject (ho=0x37040807) returned 1
[0202.667] OffsetViewportOrgEx (in: hdc=0xb20107d7, x=0, y=0, lppt=0x2de1f70 | out: lppt=0x2de1f70) returned 1
[0202.667] IsAppThemed () returned 0x1
[0202.667] GetThemeAppProperties () returned 0x3
[0202.667] GetThemeAppProperties () returned 0x3
[0202.667] DrawThemeBackground () returned 0x0
[0202.667] RestoreDC (hdc=0xb20107d7, nSavedDC=-1) returned 1
[0202.667] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d7) returned 0x0
[0202.667] GdipCreateRegion (region=0xd7e490) returned 0x0
[0202.667] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0202.667] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0202.667] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0202.667] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e4a8) returned 0x0
[0202.667] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0202.668] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0202.668] LocalFree (hMem=0x11eec58) returned 0x0
[0202.668] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0202.668] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0202.668] LocalFree (hMem=0x11ee788) returned 0x0
[0202.668] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0202.668] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0202.668] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0202.668] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0202.668] GdipDeleteRegion (region=0x6646838) returned 0x0
[0202.668] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0202.668] GetCurrentObject (hdc=0xb20107d7, type=0x1) returned 0xb00017
[0202.668] GetCurrentObject (hdc=0xb20107d7, type=0x2) returned 0x900010
[0202.668] GetCurrentObject (hdc=0xb20107d7, type=0x7) returned 0x4a0507fe
[0202.668] GetCurrentObject (hdc=0xb20107d7, type=0x6) returned 0x8a01c2
[0202.669] SaveDC (hdc=0xb20107d7) returned 1
[0202.669] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x38040807
[0202.691] GetClipRgn (hdc=0xb20107d7, hrgn=0x38040807) returned 0
[0202.691] SelectClipRgn (hdc=0xb20107d7, hrgn=0xc50407de) returned 2
[0202.691] DeleteObject (ho=0x38040807) returned 1
[0202.691] DeleteObject (ho=0xc50407de) returned 1
[0202.691] OffsetViewportOrgEx (in: hdc=0xb20107d7, x=0, y=0, lppt=0x2de2244 | out: lppt=0x2de2244) returned 1
[0202.691] IsAppThemed () returned 0x1
[0202.691] GetThemeAppProperties () returned 0x3
[0202.691] GetThemeAppProperties () returned 0x3
[0202.691] GetThemeBackgroundContentRect () returned 0x0
[0202.691] RestoreDC (hdc=0xb20107d7, nSavedDC=-1) returned 1
[0202.691] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d7) returned 0x0
[0202.691] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0202.692] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0202.692] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0202.692] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0202.692] IsAppThemed () returned 0x1
[0202.692] GetThemeAppProperties () returned 0x3
[0202.692] GetThemeAppProperties () returned 0x3
[0202.692] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0202.692] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0202.692] GetCurrentObject (hdc=0xb20107d7, type=0x1) returned 0xb00017
[0202.692] GetCurrentObject (hdc=0xb20107d7, type=0x2) returned 0x900010
[0202.692] GetCurrentObject (hdc=0xb20107d7, type=0x7) returned 0x4a0507fe
[0202.692] GetCurrentObject (hdc=0xb20107d7, type=0x6) returned 0x8a01c2
[0202.692] SaveDC (hdc=0xb20107d7) returned 1
[0202.692] GetTextAlign (hdc=0xb20107d7) returned 0x0
[0202.693] GetTextColor (hdc=0xb20107d7) returned 0x0
[0202.693] GetCurrentObject (hdc=0xb20107d7, type=0x6) returned 0x8a01c2
[0202.693] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0202.693] SelectObject (hdc=0xb20107d7, h=0x6d0a0520) returned 0x8a01c2
[0202.693] GetBkMode (hdc=0xb20107d7) returned 2
[0202.693] SetBkMode (hdc=0xb20107d7, mode=1) returned 2
[0202.693] DrawTextExW (in: hdc=0xb20107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2de2608 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0202.694] DrawTextExW (in: hdc=0xb20107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2de2608 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0202.694] RestoreDC (hdc=0xb20107d7, nSavedDC=-1) returned 1
[0202.694] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d7) returned 0x0
[0202.694] GetFocus () returned 0x602c4
[0202.694] IsAppThemed () returned 0x1
[0202.694] GetThemeAppProperties () returned 0x3
[0202.694] GetThemeAppProperties () returned 0x3
[0202.694] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0202.694] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xb20107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0202.695] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d7) returned 0x0
[0202.695] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0202.695] SelectObject (hdc=0xb20107d7, h=0x85000f) returned 0x4a0507fe
[0202.695] DeleteDC (hdc=0xb20107d7) returned 1
[0202.695] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0202.695] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0202.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.695] IsWindowUnicode (hWnd=0x7005c) returned 1
[0202.695] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.696] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.696] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.696] IsWindowUnicode (hWnd=0x7005c) returned 1
[0202.696] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.696] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.696] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x110024e) returned 0x0
[0202.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.696] WaitMessage () returned 1
[0202.725] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.726] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.726] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.726] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.726] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.727] WaitMessage () returned 1
[0202.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.728] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.728] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.728] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.728] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.729] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.729] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.729] WaitMessage () returned 1
[0202.730] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.730] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.730] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.730] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.730] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.736] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.737] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.737] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.737] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.737] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.737] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.737] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.737] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.737] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.737] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.737] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.738] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.738] WaitMessage () returned 1
[0202.740] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.740] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.740] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.741] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.741] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.742] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.743] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.743] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.743] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.743] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.743] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.743] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.744] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.744] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.744] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.744] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.744] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.744] WaitMessage () returned 1
[0202.745] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.745] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.745] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.745] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.745] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.746] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.747] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.747] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.747] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.747] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.747] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.748] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.748] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.748] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.748] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.748] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.748] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.748] WaitMessage () returned 1
[0202.749] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.749] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.749] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.749] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.749] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.751] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.751] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.751] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.751] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.752] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.752] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.752] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.752] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.752] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.752] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.752] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.753] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.753] WaitMessage () returned 1
[0202.755] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.755] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.755] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.755] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.755] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.756] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.756] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.756] WaitMessage () returned 1
[0202.757] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.757] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.757] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.758] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.758] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.759] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.759] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.759] WaitMessage () returned 1
[0202.760] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.760] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.760] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.760] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.760] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.761] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.761] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.761] WaitMessage () returned 1
[0202.762] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.762] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.762] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.762] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.762] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.769] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.769] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.769] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.769] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.769] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.770] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.770] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.770] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.770] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.770] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.770] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.771] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.771] WaitMessage () returned 1
[0202.773] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.773] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.773] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.773] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.773] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.774] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.775] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.775] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.775] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.775] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.775] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.775] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.775] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.775] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.775] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.775] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.776] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.776] WaitMessage () returned 1
[0202.776] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.776] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.776] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.776] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.776] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.777] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.777] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.777] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.777] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.778] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.778] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.778] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.778] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.778] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.778] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.778] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.778] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.778] WaitMessage () returned 1
[0202.779] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.779] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.779] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.779] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.779] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.780] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.781] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.781] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.781] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.781] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.781] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.781] IsWindowUnicode (hWnd=0x30122) returned 1
[0202.781] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.781] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.781] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.781] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.782] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.782] WaitMessage () returned 1
[0202.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.857] IsWindowUnicode (hWnd=0x502c6) returned 1
[0202.857] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0202.857] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0202.857] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0202.858] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.858] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0202.858] WaitMessage () returned 1
[0204.798] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.798] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0204.798] IsWindowUnicode (hWnd=0x602c4) returned 1
[0204.798] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.798] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0204.798] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0204.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0204.798] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.798] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0204.798] IsWindowUnicode (hWnd=0x602c4) returned 1
[0204.798] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0204.799] SetCursor (hCursor=0x10003) returned 0x10003
[0204.799] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0204.799] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0204.799] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0204.799] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0204.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0204.799] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0204.799] GetKeyState (nVirtKey=1) returned 1
[0204.799] GetKeyState (nVirtKey=2) returned 0
[0204.799] GetKeyState (nVirtKey=4) returned 0
[0204.799] GetKeyState (nVirtKey=5) returned 0
[0204.800] GetKeyState (nVirtKey=6) returned 0
[0204.800] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.800] IsWindowUnicode (hWnd=0x602c4) returned 1
[0204.800] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.800] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0204.800] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0204.800] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0204.800] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0204.800] CreateCompatibleDC (hdc=0x60100ce) returned 0xb30107f2
[0204.800] SelectObject (hdc=0xb30107f2, h=0x4a0507fe) returned 0x85000f
[0204.800] GdipCreateFromHDC (hdc=0xb30107f2, graphics=0xd7e798) returned 0x0
[0204.801] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0204.801] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0204.801] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0204.801] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0204.801] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e7f8) returned 0x0
[0204.801] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0204.801] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea98) returned 0x0
[0204.801] LocalFree (hMem=0x11eea98) returned 0x0
[0204.801] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0204.801] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0204.801] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0204.801] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0204.801] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0204.801] GdipRestoreGraphics (graphics=0x6600030, state=0xfa9c0dbd) returned 0x0
[0204.801] GdipDeleteRegion (region=0x6646838) returned 0x0
[0204.802] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0204.802] GetCurrentObject (hdc=0xb30107f2, type=0x1) returned 0xb00017
[0204.802] GetCurrentObject (hdc=0xb30107f2, type=0x2) returned 0x900010
[0204.802] GetCurrentObject (hdc=0xb30107f2, type=0x7) returned 0x4a0507fe
[0204.802] GetCurrentObject (hdc=0xb30107f2, type=0x6) returned 0x8a01c2
[0204.802] SaveDC (hdc=0xb30107f2) returned 1
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0xff) returned 0xff
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0x55) returned 0x55
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0x0) returned 0x0
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0x55) returned 0x55
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0x0) returned 0x0
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0x8080ff) returned 0x8080ff
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0x7373e5) returned 0x7373e5
[0204.802] GetNearestColor (hdc=0xb30107f2, color=0xe5) returned 0xe5
[0204.803] GetNearestColor (hdc=0xb30107f2, color=0x0) returned 0x0
[0204.803] RestoreDC (hdc=0xb30107f2, nSavedDC=-1) returned 1
[0204.803] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107f2) returned 0x0
[0204.803] IsAppThemed () returned 0x1
[0204.803] GetThemeAppProperties () returned 0x3
[0204.803] GetThemeAppProperties () returned 0x3
[0204.803] IsAppThemed () returned 0x1
[0204.803] GetThemeAppProperties () returned 0x3
[0204.803] GetThemeAppProperties () returned 0x3
[0204.803] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2de302c | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0204.804] IsAppThemed () returned 0x1
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] IsAppThemed () returned 0x1
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] IsAppThemed () returned 0x1
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] IsAppThemed () returned 0x1
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] IsThemePartDefined () returned 0x1
[0204.804] IsAppThemed () returned 0x1
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] GetThemeAppProperties () returned 0x3
[0204.804] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0204.804] IsAppThemed () returned 0x1
[0204.804] GetThemeAppProperties () returned 0x3
[0204.805] GetThemeAppProperties () returned 0x3
[0204.805] IsAppThemed () returned 0x1
[0204.805] GetThemeAppProperties () returned 0x3
[0204.805] GetThemeAppProperties () returned 0x3
[0204.805] IsThemePartDefined () returned 0x1
[0204.805] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0204.805] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0204.805] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0204.805] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0204.805] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e514) returned 0x0
[0204.805] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0204.805] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea98) returned 0x0
[0204.805] LocalFree (hMem=0x11eea98) returned 0x0
[0204.805] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0204.805] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0204.805] LocalFree (hMem=0x11eec58) returned 0x0
[0204.805] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0204.805] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0204.806] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0204.806] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0204.806] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0204.806] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0204.806] GetCurrentObject (hdc=0xb30107f2, type=0x1) returned 0xb00017
[0204.806] GetCurrentObject (hdc=0xb30107f2, type=0x2) returned 0x900010
[0204.806] GetCurrentObject (hdc=0xb30107f2, type=0x7) returned 0x4a0507fe
[0204.806] GetCurrentObject (hdc=0xb30107f2, type=0x6) returned 0x8a01c2
[0204.806] SaveDC (hdc=0xb30107f2) returned 1
[0204.806] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc60407de
[0204.806] GetClipRgn (hdc=0xb30107f2, hrgn=0xc60407de) returned 0
[0204.806] SelectClipRgn (hdc=0xb30107f2, hrgn=0x3c040807) returned 2
[0204.806] DeleteObject (ho=0xc60407de) returned 1
[0204.806] DeleteObject (ho=0x3c040807) returned 1
[0204.806] OffsetViewportOrgEx (in: hdc=0xb30107f2, x=0, y=0, lppt=0x2de36dc | out: lppt=0x2de36dc) returned 1
[0204.806] DrawThemeParentBackground () returned 0x0
[0204.807] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0204.807] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0204.807] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0204.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0204.807] GetSystemMetrics (nIndex=42) returned 0
[0204.807] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0204.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0204.807] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0204.807] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0204.807] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0204.807] SelectPalette (hdc=0xb30107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0204.807] GdipCreateFromHDC (hdc=0xb30107f2, graphics=0xd7dff0) returned 0x0
[0204.808] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0204.808] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0204.809] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638d88) returned 0x0
[0204.809] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfc8) returned 0x0
[0204.809] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0204.809] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0204.809] GdipGetClip (graphics=0x6631fe8, region=0x6646838) returned 0x0
[0204.809] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6631fe8, result=0xd7dfbc) returned 0x0
[0204.809] GdipDeleteRegion (region=0x6646838) returned 0x0
[0204.809] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dfe8) returned 0x0
[0204.809] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0204.817] GdipFillRectangleI (graphics=0x6631fe8, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0204.817] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0204.819] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0204.819] SelectPalette (hdc=0xb30107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0204.819] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0204.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0204.819] GetSystemMetrics (nIndex=42) returned 0
[0204.819] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0204.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0204.819] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0204.819] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0204.819] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0204.819] SelectPalette (hdc=0xb30107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0204.819] GdipCreateFromHDC (hdc=0xb30107f2, graphics=0xd7df90) returned 0x0
[0204.820] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0204.820] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0204.820] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638ab8) returned 0x0
[0204.820] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df68) returned 0x0
[0204.820] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0204.820] GdipCreateRegion (region=0xd7df50) returned 0x0
[0204.820] GdipGetClip (graphics=0x6631fe8, region=0x6646838) returned 0x0
[0204.820] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6631fe8, result=0xd7df5c) returned 0x0
[0204.820] GdipDeleteRegion (region=0x6646838) returned 0x0
[0204.820] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7df88) returned 0x0
[0204.820] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0204.856] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0204.858] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0204.860] GdipRestoreGraphics (graphics=0x6631fe8, state=0xfa980dbd) returned 0x0
[0204.860] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0204.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0204.860] GetSystemMetrics (nIndex=42) returned 0
[0204.860] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0204.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0204.860] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0204.860] SelectPalette (hdc=0xb30107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0204.861] RestoreDC (hdc=0xb30107f2, nSavedDC=-1) returned 1
[0204.861] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107f2) returned 0x0
[0204.861] IsAppThemed () returned 0x1
[0204.861] GetThemeAppProperties () returned 0x3
[0204.861] GetThemeAppProperties () returned 0x3
[0204.861] IsAppThemed () returned 0x1
[0204.861] GetThemeAppProperties () returned 0x3
[0204.861] GetThemeAppProperties () returned 0x3
[0204.861] IsThemePartDefined () returned 0x1
[0204.861] GdipCreateRegion (region=0xd7e480) returned 0x0
[0204.861] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0204.861] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0204.861] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0204.861] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e498) returned 0x0
[0204.861] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0204.861] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0204.862] LocalFree (hMem=0x11ee868) returned 0x0
[0204.862] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0204.862] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eead0) returned 0x0
[0204.862] LocalFree (hMem=0x11eead0) returned 0x0
[0204.862] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0204.862] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0204.862] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0204.862] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0204.862] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0204.862] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0204.862] GetCurrentObject (hdc=0xb30107f2, type=0x1) returned 0xb00017
[0204.862] GetCurrentObject (hdc=0xb30107f2, type=0x2) returned 0x900010
[0204.862] GetCurrentObject (hdc=0xb30107f2, type=0x7) returned 0x4a0507fe
[0204.863] GetCurrentObject (hdc=0xb30107f2, type=0x6) returned 0x8a01c2
[0204.863] SaveDC (hdc=0xb30107f2) returned 1
[0204.863] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d040807
[0204.863] GetClipRgn (hdc=0xb30107f2, hrgn=0x3d040807) returned 0
[0204.863] SelectClipRgn (hdc=0xb30107f2, hrgn=0xc80407de) returned 2
[0204.863] DeleteObject (ho=0x3d040807) returned 1
[0204.863] DeleteObject (ho=0xc80407de) returned 1
[0204.863] OffsetViewportOrgEx (in: hdc=0xb30107f2, x=0, y=0, lppt=0x2de9f2c | out: lppt=0x2de9f2c) returned 1
[0204.863] IsAppThemed () returned 0x1
[0204.863] GetThemeAppProperties () returned 0x3
[0204.863] GetThemeAppProperties () returned 0x3
[0204.863] DrawThemeBackground () returned 0x0
[0204.863] RestoreDC (hdc=0xb30107f2, nSavedDC=-1) returned 1
[0204.863] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107f2) returned 0x0
[0204.863] GdipCreateRegion (region=0xd7e484) returned 0x0
[0204.864] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0204.864] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0204.864] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0204.864] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e49c) returned 0x0
[0204.864] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0204.864] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0204.864] LocalFree (hMem=0x11eec58) returned 0x0
[0204.864] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0204.864] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0204.864] LocalFree (hMem=0x11ee788) returned 0x0
[0204.864] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0204.864] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0204.864] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0204.864] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0204.864] GdipDeleteRegion (region=0x6646838) returned 0x0
[0204.864] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0204.864] GetCurrentObject (hdc=0xb30107f2, type=0x1) returned 0xb00017
[0204.865] GetCurrentObject (hdc=0xb30107f2, type=0x2) returned 0x900010
[0204.865] GetCurrentObject (hdc=0xb30107f2, type=0x7) returned 0x4a0507fe
[0204.865] GetCurrentObject (hdc=0xb30107f2, type=0x6) returned 0x8a01c2
[0204.865] SaveDC (hdc=0xb30107f2) returned 1
[0204.865] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc90407de
[0204.865] GetClipRgn (hdc=0xb30107f2, hrgn=0xc90407de) returned 0
[0204.865] SelectClipRgn (hdc=0xb30107f2, hrgn=0x3e040807) returned 2
[0204.865] DeleteObject (ho=0xc90407de) returned 1
[0204.865] DeleteObject (ho=0x3e040807) returned 1
[0204.865] OffsetViewportOrgEx (in: hdc=0xb30107f2, x=0, y=0, lppt=0x2dea200 | out: lppt=0x2dea200) returned 1
[0204.865] IsAppThemed () returned 0x1
[0204.865] GetThemeAppProperties () returned 0x3
[0204.865] GetThemeAppProperties () returned 0x3
[0204.865] GetThemeBackgroundContentRect () returned 0x0
[0204.865] RestoreDC (hdc=0xb30107f2, nSavedDC=-1) returned 1
[0204.866] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107f2) returned 0x0
[0204.866] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0204.866] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0204.866] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0204.866] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0204.866] IsAppThemed () returned 0x1
[0204.866] GetThemeAppProperties () returned 0x3
[0204.866] GetThemeAppProperties () returned 0x3
[0204.866] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0204.866] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0204.866] GetCurrentObject (hdc=0xb30107f2, type=0x1) returned 0xb00017
[0204.866] GetCurrentObject (hdc=0xb30107f2, type=0x2) returned 0x900010
[0204.866] GetCurrentObject (hdc=0xb30107f2, type=0x7) returned 0x4a0507fe
[0204.866] GetCurrentObject (hdc=0xb30107f2, type=0x6) returned 0x8a01c2
[0204.866] SaveDC (hdc=0xb30107f2) returned 1
[0204.866] GetTextAlign (hdc=0xb30107f2) returned 0x0
[0204.866] GetTextColor (hdc=0xb30107f2) returned 0x0
[0204.866] GetCurrentObject (hdc=0xb30107f2, type=0x6) returned 0x8a01c2
[0204.867] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0204.867] SelectObject (hdc=0xb30107f2, h=0x6d0a0520) returned 0x8a01c2
[0204.867] GetBkMode (hdc=0xb30107f2) returned 2
[0204.867] SetBkMode (hdc=0xb30107f2, mode=1) returned 2
[0204.867] DrawTextExW (in: hdc=0xb30107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2dea5c4 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0204.867] DrawTextExW (in: hdc=0xb30107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2dea5c4 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0204.868] RestoreDC (hdc=0xb30107f2, nSavedDC=-1) returned 1
[0204.868] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107f2) returned 0x0
[0204.868] GetFocus () returned 0x602c4
[0204.868] IsAppThemed () returned 0x1
[0204.868] GetThemeAppProperties () returned 0x3
[0204.868] GetThemeAppProperties () returned 0x3
[0204.868] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0204.868] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xb30107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0204.869] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107f2) returned 0x0
[0204.869] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0204.869] SelectObject (hdc=0xb30107f2, h=0x85000f) returned 0x4a0507fe
[0204.869] DeleteDC (hdc=0xb30107f2) returned 1
[0204.869] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0204.869] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0204.869] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0204.869] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0204.869] WaitMessage () returned 1
[0204.903] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.904] IsWindowUnicode (hWnd=0x602c4) returned 1
[0204.904] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.904] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0204.904] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0204.904] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.904] IsWindowUnicode (hWnd=0x602c4) returned 1
[0204.904] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0204.904] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0204.904] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0204.904] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0018) returned 0x0
[0204.904] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0204.904] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0204.904] WaitMessage () returned 1
[0205.025] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0205.025] IsWindowUnicode (hWnd=0x602c4) returned 1
[0205.025] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0205.026] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0205.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e0035) returned 0x0
[0205.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0205.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0205.026] SetCursor (hCursor=0x10003) returned 0x10003
[0205.026] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.026] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.026] GetKeyState (nVirtKey=1) returned -128
[0205.026] GetKeyState (nVirtKey=2) returned 0
[0205.026] GetKeyState (nVirtKey=4) returned 0
[0205.026] GetKeyState (nVirtKey=5) returned 0
[0205.026] GetKeyState (nVirtKey=6) returned 0
[0205.026] IsWindowVisible (hWnd=0x602c4) returned 1
[0205.027] IsWindowEnabled (hWnd=0x602c4) returned 1
[0205.027] SetFocus (hWnd=0x602c4) returned 0x602c4
[0205.027] GetFocus () returned 0x602c4
[0205.027] GetFocus () returned 0x602c4
[0205.027] GetFocus () returned 0x602c4
[0205.027] GetKeyState (nVirtKey=1) returned -128
[0205.027] GetKeyState (nVirtKey=2) returned 0
[0205.027] GetKeyState (nVirtKey=4) returned 0
[0205.027] GetKeyState (nVirtKey=5) returned 0
[0205.027] GetKeyState (nVirtKey=6) returned 0
[0205.027] GetCapture () returned 0x0
[0205.027] SetCapture (hWnd=0x602c4) returned 0x0
[0205.027] GetKeyState (nVirtKey=1) returned -128
[0205.027] GetKeyState (nVirtKey=2) returned 0
[0205.027] GetKeyState (nVirtKey=4) returned 0
[0205.027] GetKeyState (nVirtKey=5) returned 0
[0205.027] GetKeyState (nVirtKey=6) returned 0
[0205.027] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0205.027] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0205.028] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.028] IsWindowUnicode (hWnd=0x602c4) returned 1
[0205.028] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.028] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.028] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.028] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dea748, cPoints=0x1 | out: lpPoints=0x2dea748) returned 40304859
[0205.028] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0205.028] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0205.028] UpdateWindow (hWnd=0x602c4) returned 1
[0205.028] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0205.028] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.028] CreateCompatibleDC (hdc=0x60100ce) returned 0xb40107f2
[0205.029] SelectObject (hdc=0xb40107f2, h=0x4a0507fe) returned 0x85000f
[0205.029] GdipCreateFromHDC (hdc=0xb40107f2, graphics=0xd7e430) returned 0x0
[0205.029] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.029] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0205.029] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0205.029] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0205.029] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e490) returned 0x0
[0205.029] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0205.029] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eed00) returned 0x0
[0205.029] LocalFree (hMem=0x11eed00) returned 0x0
[0205.029] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0205.029] GdipCreateRegion (region=0xd7e478) returned 0x0
[0205.029] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0205.029] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e484) returned 0x0
[0205.030] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0205.030] GdipRestoreGraphics (graphics=0x6600030, state=0xfa960dbd) returned 0x0
[0205.030] GdipDeleteRegion (region=0x6646838) returned 0x0
[0205.030] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0205.030] GetCurrentObject (hdc=0xb40107f2, type=0x1) returned 0xb00017
[0205.030] GetCurrentObject (hdc=0xb40107f2, type=0x2) returned 0x900010
[0205.030] GetCurrentObject (hdc=0xb40107f2, type=0x7) returned 0x4a0507fe
[0205.030] GetCurrentObject (hdc=0xb40107f2, type=0x6) returned 0x8a01c2
[0205.030] SaveDC (hdc=0xb40107f2) returned 1
[0205.030] GetNearestColor (hdc=0xb40107f2, color=0xff) returned 0xff
[0205.030] GetNearestColor (hdc=0xb40107f2, color=0x55) returned 0x55
[0205.030] GetNearestColor (hdc=0xb40107f2, color=0x0) returned 0x0
[0205.030] GetNearestColor (hdc=0xb40107f2, color=0x55) returned 0x55
[0205.030] GetNearestColor (hdc=0xb40107f2, color=0x0) returned 0x0
[0205.031] GetNearestColor (hdc=0xb40107f2, color=0x8080ff) returned 0x8080ff
[0205.031] GetNearestColor (hdc=0xb40107f2, color=0x7373e5) returned 0x7373e5
[0205.031] GetNearestColor (hdc=0xb40107f2, color=0xe5) returned 0xe5
[0205.031] GetNearestColor (hdc=0xb40107f2, color=0x0) returned 0x0
[0205.031] RestoreDC (hdc=0xb40107f2, nSavedDC=-1) returned 1
[0205.031] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f2) returned 0x0
[0205.031] IsAppThemed () returned 0x1
[0205.031] GetThemeAppProperties () returned 0x3
[0205.031] GetThemeAppProperties () returned 0x3
[0205.031] IsAppThemed () returned 0x1
[0205.031] GetThemeAppProperties () returned 0x3
[0205.031] GetThemeAppProperties () returned 0x3
[0205.031] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2deae64 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0205.032] IsAppThemed () returned 0x1
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] IsAppThemed () returned 0x1
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] IsAppThemed () returned 0x1
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] IsAppThemed () returned 0x1
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] IsThemePartDefined () returned 0x1
[0205.032] IsAppThemed () returned 0x1
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] GetThemeAppProperties () returned 0x3
[0205.032] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0205.032] IsAppThemed () returned 0x1
[0205.033] GetThemeAppProperties () returned 0x3
[0205.033] GetThemeAppProperties () returned 0x3
[0205.033] IsAppThemed () returned 0x1
[0205.033] GetThemeAppProperties () returned 0x3
[0205.033] GetThemeAppProperties () returned 0x3
[0205.033] IsThemePartDefined () returned 0x1
[0205.033] GdipCreateRegion (region=0xd7e194) returned 0x0
[0205.033] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0205.033] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0205.033] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0205.033] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e1ac) returned 0x0
[0205.033] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0205.033] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0205.033] LocalFree (hMem=0x11ee868) returned 0x0
[0205.033] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0205.033] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee910) returned 0x0
[0205.033] LocalFree (hMem=0x11ee910) returned 0x0
[0205.033] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0205.033] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0205.034] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0205.034] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0205.034] GdipDeleteRegion (region=0x6646838) returned 0x0
[0205.034] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0205.034] GetCurrentObject (hdc=0xb40107f2, type=0x1) returned 0xb00017
[0205.034] GetCurrentObject (hdc=0xb40107f2, type=0x2) returned 0x900010
[0205.034] GetCurrentObject (hdc=0xb40107f2, type=0x7) returned 0x4a0507fe
[0205.034] GetCurrentObject (hdc=0xb40107f2, type=0x6) returned 0x8a01c2
[0205.034] SaveDC (hdc=0xb40107f2) returned 1
[0205.034] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040807
[0205.034] GetClipRgn (hdc=0xb40107f2, hrgn=0x3f040807) returned 0
[0205.034] SelectClipRgn (hdc=0xb40107f2, hrgn=0xcd0407de) returned 2
[0205.034] DeleteObject (ho=0x3f040807) returned 1
[0205.034] DeleteObject (ho=0xcd0407de) returned 1
[0205.034] OffsetViewportOrgEx (in: hdc=0xb40107f2, x=0, y=0, lppt=0x2deb514 | out: lppt=0x2deb514) returned 1
[0205.035] DrawThemeParentBackground () returned 0x0
[0205.035] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0205.035] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0205.035] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.035] GetSystemMetrics (nIndex=42) returned 0
[0205.035] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0205.035] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0205.035] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0205.035] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0205.035] SelectPalette (hdc=0xb40107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.035] GdipCreateFromHDC (hdc=0xb40107f2, graphics=0xd7dc88) returned 0x0
[0205.036] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0205.036] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0205.036] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638c38) returned 0x0
[0205.036] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dc60) returned 0x0
[0205.036] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0205.036] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0205.036] GdipGetClip (graphics=0x6631fe8, region=0x6646838) returned 0x0
[0205.036] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6631fe8, result=0xd7dc54) returned 0x0
[0205.036] GdipDeleteRegion (region=0x6646838) returned 0x0
[0205.036] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dc80) returned 0x0
[0205.036] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0205.043] GdipFillRectangleI (graphics=0x6631fe8, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0205.043] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0205.045] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0205.045] SelectPalette (hdc=0xb40107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.045] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.045] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.045] GetSystemMetrics (nIndex=42) returned 0
[0205.045] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.045] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0205.045] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0205.045] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0205.045] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0205.045] SelectPalette (hdc=0xb40107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.045] GdipCreateFromHDC (hdc=0xb40107f2, graphics=0xd7dc28) returned 0x0
[0205.046] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0205.046] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0205.046] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638a58) returned 0x0
[0205.046] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc00) returned 0x0
[0205.046] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0205.046] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0205.046] GdipGetClip (graphics=0x6631fe8, region=0x6646838) returned 0x0
[0205.046] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6631fe8, result=0xd7dbf4) returned 0x0
[0205.046] GdipDeleteRegion (region=0x6646838) returned 0x0
[0205.046] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dc20) returned 0x0
[0205.046] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0205.053] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0205.053] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0205.055] GdipRestoreGraphics (graphics=0x6631fe8, state=0xfa920dbd) returned 0x0
[0205.055] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.055] GetSystemMetrics (nIndex=42) returned 0
[0205.055] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0205.055] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0205.055] SelectPalette (hdc=0xb40107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.057] RestoreDC (hdc=0xb40107f2, nSavedDC=-1) returned 1
[0205.057] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f2) returned 0x0
[0205.057] IsAppThemed () returned 0x1
[0205.057] GetThemeAppProperties () returned 0x3
[0205.057] GetThemeAppProperties () returned 0x3
[0205.057] IsAppThemed () returned 0x1
[0205.057] GetThemeAppProperties () returned 0x3
[0205.057] GetThemeAppProperties () returned 0x3
[0205.057] IsThemePartDefined () returned 0x1
[0205.057] GdipCreateRegion (region=0xd7e118) returned 0x0
[0205.057] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0205.057] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0205.057] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0205.057] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e130) returned 0x0
[0205.057] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0205.058] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eead0) returned 0x0
[0205.058] LocalFree (hMem=0x11eead0) returned 0x0
[0205.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0205.058] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea98) returned 0x0
[0205.058] LocalFree (hMem=0x11eea98) returned 0x0
[0205.058] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0205.058] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e158) returned 0x0
[0205.058] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e148) returned 0x0
[0205.058] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0205.058] GdipDeleteRegion (region=0x6646838) returned 0x0
[0205.058] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0205.058] GetCurrentObject (hdc=0xb40107f2, type=0x1) returned 0xb00017
[0205.058] GetCurrentObject (hdc=0xb40107f2, type=0x2) returned 0x900010
[0205.058] GetCurrentObject (hdc=0xb40107f2, type=0x7) returned 0x4a0507fe
[0205.058] GetCurrentObject (hdc=0xb40107f2, type=0x6) returned 0x8a01c2
[0205.058] SaveDC (hdc=0xb40107f2) returned 1
[0205.059] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xce0407de
[0205.059] GetClipRgn (hdc=0xb40107f2, hrgn=0xce0407de) returned 0
[0205.059] SelectClipRgn (hdc=0xb40107f2, hrgn=0x41040807) returned 2
[0205.059] DeleteObject (ho=0xce0407de) returned 1
[0205.059] DeleteObject (ho=0x41040807) returned 1
[0205.059] OffsetViewportOrgEx (in: hdc=0xb40107f2, x=0, y=0, lppt=0x2df1d64 | out: lppt=0x2df1d64) returned 1
[0205.059] IsAppThemed () returned 0x1
[0205.059] GetThemeAppProperties () returned 0x3
[0205.059] GetThemeAppProperties () returned 0x3
[0205.059] DrawThemeBackground () returned 0x0
[0205.059] RestoreDC (hdc=0xb40107f2, nSavedDC=-1) returned 1
[0205.060] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f2) returned 0x0
[0205.060] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0205.060] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0205.060] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0205.060] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0205.060] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e134) returned 0x0
[0205.060] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.060] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0205.060] LocalFree (hMem=0x11eec58) returned 0x0
[0205.060] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.060] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0205.060] LocalFree (hMem=0x11ee788) returned 0x0
[0205.060] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0205.060] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0205.060] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0205.060] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0205.060] GdipDeleteRegion (region=0x6646838) returned 0x0
[0205.061] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0205.061] GetCurrentObject (hdc=0xb40107f2, type=0x1) returned 0xb00017
[0205.061] GetCurrentObject (hdc=0xb40107f2, type=0x2) returned 0x900010
[0205.061] GetCurrentObject (hdc=0xb40107f2, type=0x7) returned 0x4a0507fe
[0205.061] GetCurrentObject (hdc=0xb40107f2, type=0x6) returned 0x8a01c2
[0205.061] SaveDC (hdc=0xb40107f2) returned 1
[0205.061] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x42040807
[0205.061] GetClipRgn (hdc=0xb40107f2, hrgn=0x42040807) returned 0
[0205.061] SelectClipRgn (hdc=0xb40107f2, hrgn=0xcf0407de) returned 2
[0205.061] DeleteObject (ho=0x42040807) returned 1
[0205.061] DeleteObject (ho=0xcf0407de) returned 1
[0205.061] OffsetViewportOrgEx (in: hdc=0xb40107f2, x=0, y=0, lppt=0x2df2038 | out: lppt=0x2df2038) returned 1
[0205.061] IsAppThemed () returned 0x1
[0205.061] GetThemeAppProperties () returned 0x3
[0205.061] GetThemeAppProperties () returned 0x3
[0205.061] GetThemeBackgroundContentRect () returned 0x0
[0205.062] RestoreDC (hdc=0xb40107f2, nSavedDC=-1) returned 1
[0205.062] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f2) returned 0x0
[0205.062] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0205.062] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0205.062] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0205.062] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0205.062] IsAppThemed () returned 0x1
[0205.062] GetThemeAppProperties () returned 0x3
[0205.062] GetThemeAppProperties () returned 0x3
[0205.062] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0205.062] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0205.062] GetCurrentObject (hdc=0xb40107f2, type=0x1) returned 0xb00017
[0205.062] GetCurrentObject (hdc=0xb40107f2, type=0x2) returned 0x900010
[0205.062] GetCurrentObject (hdc=0xb40107f2, type=0x7) returned 0x4a0507fe
[0205.062] GetCurrentObject (hdc=0xb40107f2, type=0x6) returned 0x8a01c2
[0205.062] SaveDC (hdc=0xb40107f2) returned 1
[0205.063] GetTextAlign (hdc=0xb40107f2) returned 0x0
[0205.063] GetTextColor (hdc=0xb40107f2) returned 0x0
[0205.063] GetCurrentObject (hdc=0xb40107f2, type=0x6) returned 0x8a01c2
[0205.063] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0205.063] SelectObject (hdc=0xb40107f2, h=0x6d0a0520) returned 0x8a01c2
[0205.063] GetBkMode (hdc=0xb40107f2) returned 2
[0205.063] SetBkMode (hdc=0xb40107f2, mode=1) returned 2
[0205.063] DrawTextExW (in: hdc=0xb40107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2df23fc | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0205.064] DrawTextExW (in: hdc=0xb40107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2df23fc | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0205.064] RestoreDC (hdc=0xb40107f2, nSavedDC=-1) returned 1
[0205.064] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f2) returned 0x0
[0205.064] GetFocus () returned 0x602c4
[0205.064] IsAppThemed () returned 0x1
[0205.064] GetThemeAppProperties () returned 0x3
[0205.064] GetThemeAppProperties () returned 0x3
[0205.064] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0205.064] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xb40107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.065] GdipReleaseDC (graphics=0x6600030, hdc=0xb40107f2) returned 0x0
[0205.065] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.065] SelectObject (hdc=0xb40107f2, h=0x85000f) returned 0x4a0507fe
[0205.065] DeleteDC (hdc=0xb40107f2) returned 1
[0205.065] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.065] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0205.065] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2df24f8, cPoints=0x1 | out: lpPoints=0x2df24f8) returned 40304859
[0205.065] WindowFromPoint (Point=0xf3) returned 0x602c4
[0205.065] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0205.066] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0205.066] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0205.066] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0205.066] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0205.066] GetSystemMetrics (nIndex=42) returned 0
[0205.066] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0205.066] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0205.073] GetCapture () returned 0x602c4
[0205.073] ReleaseCapture () returned 1
[0205.073] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0205.073] GetProcessWindowStation () returned 0x13c
[0205.073] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.073] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0205.074] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.074] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0205.074] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.074] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0205.074] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.074] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0205.074] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.075] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0205.075] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.075] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0205.075] GetDC (hWnd=0x0) returned 0x107b9
[0205.075] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0205.075] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0205.075] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.075] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0205.076] GetSystemMetrics (nIndex=5) returned 1
[0205.076] GetSystemMetrics (nIndex=6) returned 1
[0205.076] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.076] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0205.076] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.076] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0205.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0205.079] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0205.079] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.079] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0205.079] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.079] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0205.080] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2df7f14 | out: lpData=0x2df7f14) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df8324, puLen=0xd7e810) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df7fcc, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8020, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df80a0, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8108, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8148, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df81d0, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df820c, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8264, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8294, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df82d0, puLen=0xd7e790) returned 1
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df8324, puLen=0xd7e784) returned 1
[0205.081] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.081] VerQueryValueW (in: pBlock=0x2df7f14, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df7f3c, puLen=0xd7e794) returned 1
[0205.082] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0205.082] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0205.082] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.082] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0205.082] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.082] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0205.083] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2df9e84 | out: lpData=0x2df9e84) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df9f20, puLen=0xd7e810) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9f98, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9fc8, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa004, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa034, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa07c, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa0f4, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa138, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa178, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9f76, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa0c4, puLen=0xd7e790) returned 1
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df9f20, puLen=0xd7e784) returned 1
[0205.083] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0205.083] VerQueryValueW (in: pBlock=0x2df9e84, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df9eac, puLen=0xd7e794) returned 1
[0205.084] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0205.084] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0205.084] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.084] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0205.084] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.084] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0205.085] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2dfc15c | out: lpData=0x2dfc15c) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfc570, puLen=0xd7e810) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc214, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc268, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc2c4, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc324, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc37c, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc404, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc458, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc4b0, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc4e0, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc51c, puLen=0xd7e790) returned 1
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfc570, puLen=0xd7e784) returned 1
[0205.086] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.086] VerQueryValueW (in: pBlock=0x2dfc15c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfc184, puLen=0xd7e794) returned 1
[0205.087] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0205.087] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0205.087] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.087] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0205.087] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.087] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0205.088] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dfe794 | out: lpData=0x2dfe794) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfeb94, puLen=0xd7e810) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe84c, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe8a0, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe8e0, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe948, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfe9a0, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfea28, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfea7c, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfead4, puLen=0xd7e790) returned 1
[0205.089] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeb04, puLen=0xd7e790) returned 1
[0205.090] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.090] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeb40, puLen=0xd7e790) returned 1
[0205.090] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.090] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfeb94, puLen=0xd7e784) returned 1
[0205.090] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.090] VerQueryValueW (in: pBlock=0x2dfe794, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfe7bc, puLen=0xd7e794) returned 1
[0205.092] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0205.092] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0205.092] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.092] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0205.092] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.092] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0205.093] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e00ed0 | out: lpData=0x2e00ed0) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e01298, puLen=0xd7e810) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00f88, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e00fdc, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0101c, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01084, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e010c0, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01148, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01180, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e011d8, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01208, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01244, puLen=0xd7e790) returned 1
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e01298, puLen=0xd7e784) returned 1
[0205.094] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.094] VerQueryValueW (in: pBlock=0x2e00ed0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e00ef8, puLen=0xd7e794) returned 1
[0205.095] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0205.095] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0205.095] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.095] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0205.095] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.095] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0205.096] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e04538 | out: lpData=0x2e04538) returned 1
[0205.096] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e04918, puLen=0xd7e810) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e045f0, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e04644, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e04684, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e046e4, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e04730, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e047b8, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e04800, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e04858, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e04888, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e048c4, puLen=0xd7e790) returned 1
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e04918, puLen=0xd7e784) returned 1
[0205.097] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.097] VerQueryValueW (in: pBlock=0x2e04538, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e04560, puLen=0xd7e794) returned 1
[0205.098] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0205.098] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0205.098] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.098] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0205.098] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.098] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0205.099] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e06d58 | out: lpData=0x2e06d58) returned 1
[0205.099] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e07164, puLen=0xd7e810) returned 1
[0205.099] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06e10, puLen=0xd7e790) returned 1
[0205.099] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06e64, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06eb8, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06f18, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06f70, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e06ff8, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0704c, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e070a4, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e070d4, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e07110, puLen=0xd7e790) returned 1
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e07164, puLen=0xd7e784) returned 1
[0205.100] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.100] VerQueryValueW (in: pBlock=0x2e06d58, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e06d80, puLen=0xd7e794) returned 1
[0205.101] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0205.101] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0205.101] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.101] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0205.101] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.101] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0205.102] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e0956c | out: lpData=0x2e0956c) returned 1
[0205.102] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e09944, puLen=0xd7e810) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09624, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09678, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e096b8, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09720, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09764, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e097ec, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0982c, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09884, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e098b4, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e098f0, puLen=0xd7e790) returned 1
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e09944, puLen=0xd7e784) returned 1
[0205.103] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.103] VerQueryValueW (in: pBlock=0x2e0956c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e09594, puLen=0xd7e794) returned 1
[0205.104] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0205.104] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0205.104] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.104] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0205.104] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.104] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0205.105] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e0bac4 | out: lpData=0x2e0bac4) returned 1
[0205.105] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e0be9c, puLen=0xd7e810) returned 1
[0205.105] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bb7c, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bbd0, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bc10, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bc78, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bcbc, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bd44, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bd84, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0bddc, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0be0c, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0be48, puLen=0xd7e790) returned 1
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e0be9c, puLen=0xd7e784) returned 1
[0205.106] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.106] VerQueryValueW (in: pBlock=0x2e0bac4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e0baec, puLen=0xd7e794) returned 1
[0205.109] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0205.109] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0205.109] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0205.109] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0205.109] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0205.109] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0205.109] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e0e1fc | out: lpData=0x2e0e1fc) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e0e62c, puLen=0xd7e810) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e2b4, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e308, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e378, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e3d8, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e434, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e4bc, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e514, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e56c, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e59c, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e5d8, puLen=0xd7e790) returned 1
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0205.110] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e0e62c, puLen=0xd7e784) returned 1
[0205.110] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0205.111] VerQueryValueW (in: pBlock=0x2e0e1fc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e0e224, puLen=0xd7e794) returned 1
[0205.111] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0205.111] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.112] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0205.112] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.112] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.112] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1502da
[0205.112] SetWindowLongW (hWnd=0x1502da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0205.113] GetWindowLongW (hWnd=0x1502da, nIndex=-4) returned 1950089536
[0205.113] SetWindowLongW (hWnd=0x1502da, nIndex=-4, dwNewLong=19946422) returned 1950089536
[0205.113] GetWindowLongW (hWnd=0x1502da, nIndex=-4) returned 19946422
[0205.113] GetWindowLongW (hWnd=0x1502da, nIndex=-16) returned 113311744
[0205.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0205.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0205.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0205.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0205.114] GetClientRect (in: hWnd=0x1502da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0205.114] GetWindowRect (in: hWnd=0x1502da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0205.114] SetWindowTextW (hWnd=0x1502da, lpString="WindowsFormsParkingWindow") returned 1
[0205.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0xc, wParam=0x0, lParam=0x2dd36f8) returned 0x1
[0205.115] GetParent (hWnd=0x1502da) returned 0x0
[0205.115] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.115] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1502da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02ce
[0205.116] SetWindowLongW (hWnd=0xb02ce, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0205.116] GetWindowLongW (hWnd=0xb02ce, nIndex=-4) returned 1868147648
[0205.116] SetWindowLongW (hWnd=0xb02ce, nIndex=-4, dwNewLong=19945942) returned 1868147648
[0205.116] GetWindowLongW (hWnd=0xb02ce, nIndex=-4) returned 19945942
[0205.116] GetWindowLongW (hWnd=0xb02ce, nIndex=-16) returned 1174405133
[0205.116] GetWindowLongW (hWnd=0xb02ce, nIndex=-12) returned 0
[0205.116] SetWindowLongW (hWnd=0xb02ce, nIndex=-12, dwNewLong=721614) returned 0
[0205.116] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0205.117] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0205.117] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0205.117] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0205.118] GetWindowRect (in: hWnd=0xb02ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0205.118] GetParent (hWnd=0xb02ce) returned 0x1502da
[0205.118] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0205.118] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0205.118] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0205.118] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0205.118] GetWindowRect (in: hWnd=0xb02ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0205.118] GetParent (hWnd=0xb02ce) returned 0x1502da
[0205.118] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0205.119] SendMessageW (hWnd=0xb02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xb02ce) returned 0x0
[0205.119] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xb02ce) returned 0x0
[0205.119] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.119] GetParent (hWnd=0xb02ce) returned 0x1502da
[0205.119] GdipCreateFromHWND (hwnd=0xb02ce, graphics=0xd7e844) returned 0x0
[0205.119] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0205.120] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.120] GetForegroundWindow () returned 0x7005c
[0205.120] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.120] GetSystemMetrics (nIndex=42) returned 0
[0205.120] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0205.120] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.120] GetSystemMetrics (nIndex=42) returned 0
[0205.120] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0205.121] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.121] GetCursorPos (in: lpPoint=0x2e12680 | out: lpPoint=0x2e12680*(x=243, y=627)) returned 1
[0205.121] MonitorFromPoint (pt=0xf3, dwFlags=0x273) returned 0x10001
[0205.121] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0205.121] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb70107f2
[0205.121] GetDeviceCaps (hdc=0xb70107f2, index=12) returned 32
[0205.121] GetDeviceCaps (hdc=0xb70107f2, index=14) returned 1
[0205.121] DeleteDC (hdc=0xb70107f2) returned 1
[0205.122] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0205.123] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0205.123] GetSystemMetrics (nIndex=59) returned 1460
[0205.123] GetSystemMetrics (nIndex=60) returned 920
[0205.123] GetSystemMetrics (nIndex=34) returned 136
[0205.123] GetSystemMetrics (nIndex=35) returned 39
[0205.124] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.124] GetCursorPos (in: lpPoint=0x2e128ec | out: lpPoint=0x2e128ec*(x=243, y=627)) returned 1
[0205.124] MonitorFromPoint (pt=0xf0, dwFlags=0x274) returned 0x10001
[0205.124] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0205.124] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb80107f2
[0205.124] GetDeviceCaps (hdc=0xb80107f2, index=12) returned 32
[0205.124] GetDeviceCaps (hdc=0xb80107f2, index=14) returned 1
[0205.124] DeleteDC (hdc=0xb80107f2) returned 1
[0205.125] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0205.125] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0205.125] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.125] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0205.125] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e12b84 | out: piconinfo=0x2e12b84) returned 1
[0205.126] GetObjectW (in: h=0x600507e0, c=24, pv=0x2e12ba0 | out: pv=0x2e12ba0) returned 24
[0205.126] GdipCreateBitmapFromHBITMAP (hbm=0x600507e0, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0205.126] GdipGetImageWidth (image=0x66511d0, width=0xd7e750) returned 0x0
[0205.126] GdipGetImageHeight (image=0x66511d0, height=0xd7e748) returned 0x0
[0205.126] GdipGetImagePixelFormat (image=0x66511d0, format=0xd7e740) returned 0x0
[0205.126] GdipBitmapLockBits (bitmap=0x66511d0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e12c58) returned 0x0
[0205.126] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0205.126] GdipBitmapLockBits (bitmap=0x6651518, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e12c90) returned 0x0
[0205.127] RtlMoveMemory (in: Destination=0x665bf30, Source=0x6661ed8, Length=0x80 | out: Destination=0x665bf30)
[0205.127] RtlMoveMemory (in: Destination=0x665bfb0, Source=0x6661e58, Length=0x80 | out: Destination=0x665bfb0)
[0205.127] RtlMoveMemory (in: Destination=0x665c030, Source=0x6661dd8, Length=0x80 | out: Destination=0x665c030)
[0205.127] RtlMoveMemory (in: Destination=0x665c0b0, Source=0x6661d58, Length=0x80 | out: Destination=0x665c0b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c130, Source=0x6661cd8, Length=0x80 | out: Destination=0x665c130)
[0205.127] RtlMoveMemory (in: Destination=0x665c1b0, Source=0x6661c58, Length=0x80 | out: Destination=0x665c1b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c230, Source=0x6661bd8, Length=0x80 | out: Destination=0x665c230)
[0205.127] RtlMoveMemory (in: Destination=0x665c2b0, Source=0x6661b58, Length=0x80 | out: Destination=0x665c2b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c330, Source=0x6661ad8, Length=0x80 | out: Destination=0x665c330)
[0205.127] RtlMoveMemory (in: Destination=0x665c3b0, Source=0x6661a58, Length=0x80 | out: Destination=0x665c3b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c430, Source=0x66619d8, Length=0x80 | out: Destination=0x665c430)
[0205.127] RtlMoveMemory (in: Destination=0x665c4b0, Source=0x6661958, Length=0x80 | out: Destination=0x665c4b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c530, Source=0x66618d8, Length=0x80 | out: Destination=0x665c530)
[0205.127] RtlMoveMemory (in: Destination=0x665c5b0, Source=0x6661858, Length=0x80 | out: Destination=0x665c5b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c630, Source=0x66617d8, Length=0x80 | out: Destination=0x665c630)
[0205.127] RtlMoveMemory (in: Destination=0x665c6b0, Source=0x6661758, Length=0x80 | out: Destination=0x665c6b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c730, Source=0x66616d8, Length=0x80 | out: Destination=0x665c730)
[0205.127] RtlMoveMemory (in: Destination=0x665c7b0, Source=0x6661658, Length=0x80 | out: Destination=0x665c7b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c830, Source=0x66615d8, Length=0x80 | out: Destination=0x665c830)
[0205.127] RtlMoveMemory (in: Destination=0x665c8b0, Source=0x6661558, Length=0x80 | out: Destination=0x665c8b0)
[0205.127] RtlMoveMemory (in: Destination=0x665c930, Source=0x66614d8, Length=0x80 | out: Destination=0x665c930)
[0205.128] RtlMoveMemory (in: Destination=0x665c9b0, Source=0x6661458, Length=0x80 | out: Destination=0x665c9b0)
[0205.128] RtlMoveMemory (in: Destination=0x665ca30, Source=0x66613d8, Length=0x80 | out: Destination=0x665ca30)
[0205.128] RtlMoveMemory (in: Destination=0x665cab0, Source=0x6661358, Length=0x80 | out: Destination=0x665cab0)
[0205.128] RtlMoveMemory (in: Destination=0x665cb30, Source=0x66612d8, Length=0x80 | out: Destination=0x665cb30)
[0205.128] RtlMoveMemory (in: Destination=0x665cbb0, Source=0x6661258, Length=0x80 | out: Destination=0x665cbb0)
[0205.128] RtlMoveMemory (in: Destination=0x665cc30, Source=0x66611d8, Length=0x80 | out: Destination=0x665cc30)
[0205.128] RtlMoveMemory (in: Destination=0x665ccb0, Source=0x6661158, Length=0x80 | out: Destination=0x665ccb0)
[0205.128] RtlMoveMemory (in: Destination=0x665cd30, Source=0x66610d8, Length=0x80 | out: Destination=0x665cd30)
[0205.128] RtlMoveMemory (in: Destination=0x665cdb0, Source=0x6661058, Length=0x80 | out: Destination=0x665cdb0)
[0205.128] RtlMoveMemory (in: Destination=0x665ce30, Source=0x6660fd8, Length=0x80 | out: Destination=0x665ce30)
[0205.128] RtlMoveMemory (in: Destination=0x665ceb0, Source=0x6660f58, Length=0x80 | out: Destination=0x665ceb0)
[0205.128] GdipBitmapUnlockBits (bitmap=0x66511d0, lockedBitmapData=0x2e12c58) returned 0x0
[0205.128] GdipBitmapUnlockBits (bitmap=0x6651518, lockedBitmapData=0x2e12c90) returned 0x0
[0205.128] GdipDisposeImage (image=0x66511d0) returned 0x0
[0205.128] DeleteObject (ho=0x600507e0) returned 1
[0205.128] DeleteObject (ho=0xb90507f2) returned 1
[0205.129] GetCurrentThreadId () returned 0xf50
[0205.129] GetCurrentThreadId () returned 0xf50
[0205.129] SetWindowPos (hWnd=0xb02ce, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0205.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0205.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0205.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0205.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0205.129] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0205.129] GetWindowRect (in: hWnd=0xb02ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0205.129] GetParent (hWnd=0xb02ce) returned 0x1502da
[0205.129] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0205.129] InvalidateRect (hWnd=0xb02ce, lpRect=0x0, bErase=1) returned 1
[0205.129] GetWindowTextLengthW (hWnd=0xb02ce) returned 0
[0205.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0205.129] GetSystemMetrics (nIndex=42) returned 0
[0205.129] GetWindowTextW (in: hWnd=0xb02ce, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0205.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0205.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0205.130] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0205.130] GetWindowRect (in: hWnd=0xb02ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0205.130] GetParent (hWnd=0xb02ce) returned 0x1502da
[0205.130] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0205.130] GetWindowTextLengthW (hWnd=0xb02ce) returned 0
[0205.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0205.130] GetSystemMetrics (nIndex=42) returned 0
[0205.130] GetWindowTextW (in: hWnd=0xb02ce, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0205.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0205.130] GetWindowTextLengthW (hWnd=0xb02ce) returned 0
[0205.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0205.130] GetSystemMetrics (nIndex=42) returned 0
[0205.130] GetWindowTextW (in: hWnd=0xb02ce, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0205.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0205.130] SetWindowTextW (hWnd=0xb02ce, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0205.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xc, wParam=0x0, lParam=0x2df3aec) returned 0x1
[0205.130] InvalidateRect (hWnd=0xb02ce, lpRect=0x0, bErase=1) returned 1
[0205.130] GetCurrentThreadId () returned 0xf50
[0205.131] GetWindowThreadProcessId (in: hWnd=0xb02ce, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0205.131] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0205.132] GdipImageForceValidation (image=0x664f790) returned 0x0
[0205.133] GdipGetImageRawFormat (image=0x664f790, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0205.133] GdipGetImageHeight (image=0x664f790, height=0xd7e824) returned 0x0
[0205.133] GdipGetImageWidth (image=0x664f790, width=0xd7e824) returned 0x0
[0205.133] GdipGetImageWidth (image=0x664f790, width=0xd7e810) returned 0x0
[0205.133] GdipGetImageHeight (image=0x664f790, height=0xd7e810) returned 0x0
[0205.133] GdipGetImageWidth (image=0x664f790, width=0xd7e800) returned 0x0
[0205.133] GdipGetImageHeight (image=0x664f790, height=0xd7e800) returned 0x0
[0205.133] GdipBitmapGetPixel (bitmap=0x664f790, x=0, y=15, color=0xd7e810) returned 0x0
[0205.133] GdipGetImageRawFormat (image=0x664f790, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0205.133] GdipGetImageWidth (image=0x664f790, width=0xd7e740) returned 0x0
[0205.133] GdipGetImageHeight (image=0x664f790, height=0xd7e740) returned 0x0
[0205.133] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0205.134] GdipGetImagePixelFormat (image=0x664ea70, format=0xd7e740) returned 0x0
[0205.134] GdipGetImageGraphicsContext (image=0x664ea70, graphics=0xd7e74c) returned 0x0
[0205.134] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0205.134] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0205.134] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0205.134] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f790, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0205.134] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0205.134] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.134] GdipDisposeImage (image=0x664f790) returned 0x0
[0205.134] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0205.135] GdipImageForceValidation (image=0x664f790) returned 0x0
[0205.136] GdipGetImageRawFormat (image=0x664f790, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0205.136] GdipGetImageHeight (image=0x664f790, height=0xd7e824) returned 0x0
[0205.136] GdipGetImageWidth (image=0x664f790, width=0xd7e824) returned 0x0
[0205.136] GdipGetImageWidth (image=0x664f790, width=0xd7e810) returned 0x0
[0205.136] GdipGetImageHeight (image=0x664f790, height=0xd7e810) returned 0x0
[0205.137] GdipGetImageWidth (image=0x664f790, width=0xd7e800) returned 0x0
[0205.137] GdipGetImageHeight (image=0x664f790, height=0xd7e800) returned 0x0
[0205.137] GdipBitmapGetPixel (bitmap=0x664f790, x=0, y=15, color=0xd7e810) returned 0x0
[0205.137] GdipGetImageRawFormat (image=0x664f790, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0205.137] GdipGetImageWidth (image=0x664f790, width=0xd7e740) returned 0x0
[0205.137] GdipGetImageHeight (image=0x664f790, height=0xd7e740) returned 0x0
[0205.137] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0205.137] GdipGetImagePixelFormat (image=0x664fad8, format=0xd7e740) returned 0x0
[0205.137] GdipGetImageGraphicsContext (image=0x664fad8, graphics=0xd7e74c) returned 0x0
[0205.137] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0205.137] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0205.137] GdipSetImageAttributesColorKeys (imageattr=0x6638a28, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0205.137] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f790, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a28, callback=0x0, callbackData=0x0) returned 0x0
[0205.137] GdipDisposeImageAttributes (imageattr=0x6638a28) returned 0x0
[0205.137] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.137] GdipDisposeImage (image=0x664f790) returned 0x0
[0205.138] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.138] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0205.138] GetCurrentThreadId () returned 0xf50
[0205.138] GetCurrentThreadId () returned 0xf50
[0205.138] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.138] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0205.138] GetCurrentThreadId () returned 0xf50
[0205.138] GetCurrentThreadId () returned 0xf50
[0205.139] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.139] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0205.139] GetCurrentThreadId () returned 0xf50
[0205.139] GetCurrentThreadId () returned 0xf50
[0205.139] GetSystemMetrics (nIndex=5) returned 1
[0205.139] GetSystemMetrics (nIndex=6) returned 1
[0205.139] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.139] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0205.139] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.139] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0205.140] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.140] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0205.140] GetCurrentThreadId () returned 0xf50
[0205.140] GetCurrentThreadId () returned 0xf50
[0205.140] GetProcessWindowStation () returned 0x13c
[0205.140] GetCapture () returned 0x0
[0205.140] GetActiveWindow () returned 0x7005c
[0205.140] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0205.140] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.141] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0205.141] GetCursorPos (in: lpPoint=0x2e13dd0 | out: lpPoint=0x2e13dd0*(x=243, y=627)) returned 1
[0205.141] MonitorFromPoint (pt=0xf3, dwFlags=0x273) returned 0x10001
[0205.141] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0205.141] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xba0107f2
[0205.141] GetDeviceCaps (hdc=0xba0107f2, index=12) returned 32
[0205.141] GetDeviceCaps (hdc=0xba0107f2, index=14) returned 1
[0205.141] DeleteDC (hdc=0xba0107f2) returned 1
[0205.141] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0205.142] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.142] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xa02d0
[0205.142] SetWindowLongW (hWnd=0xa02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0205.142] GetWindowLongW (hWnd=0xa02d0, nIndex=-4) returned 1950089536
[0205.143] SetWindowLongW (hWnd=0xa02d0, nIndex=-4, dwNewLong=19945982) returned 1950089536
[0205.143] GetWindowLongW (hWnd=0xa02d0, nIndex=-4) returned 19945982
[0205.143] GetWindowLongW (hWnd=0xa02d0, nIndex=-16) returned 113770496
[0205.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0205.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0205.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0205.144] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0205.144] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0205.145] SetWindowTextW (hWnd=0xa02d0, lpString="BB ransomware") returned 1
[0205.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xc, wParam=0x0, lParam=0x2e1256c) returned 0x1
[0205.145] GetStartupInfoW (in: lpStartupInfo=0x2e1410c | out: lpStartupInfo=0x2e1410c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0205.146] GetParent (hWnd=0xa02d0) returned 0x0
[0205.146] SetWindowLongW (hWnd=0xa02d0, nIndex=-8, dwNewLong=0) returned 0
[0205.147] SendMessageW (hWnd=0xa02d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0205.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0205.147] SendMessageW (hWnd=0xa02d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0205.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0205.147] GetSystemMenu (hWnd=0xa02d0, bRevert=0) returned 0x6f020f
[0205.148] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0205.148] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0205.148] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0205.148] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0205.148] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0205.148] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0205.148] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0205.148] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0205.148] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0205.148] SetWindowPos (hWnd=0xa02d0, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0205.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0205.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0xa02d0) returned 0x1
[0205.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0205.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0205.153] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.156] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.156] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.158] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0xa02d0, lParam=0x0) returned 0x0
[0205.158] GetCapture () returned 0x0
[0205.158] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0205.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0205.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0205.161] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0205.161] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0205.162] GetParent (hWnd=0xa02d0) returned 0x0
[0205.162] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0205.164] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0205.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0205.164] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0205.164] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0205.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.166] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.166] GetWindowLongW (hWnd=0xa02d0, nIndex=-16) returned 113770496
[0205.166] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.166] GetSystemMetrics (nIndex=42) returned 0
[0205.166] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0205.167] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.167] GetSystemMetrics (nIndex=42) returned 0
[0205.167] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0205.167] GetCursorPos (in: lpPoint=0x2e14348 | out: lpPoint=0x2e14348*(x=243, y=627)) returned 1
[0205.167] MonitorFromPoint (pt=0xf1, dwFlags=0x275) returned 0x10001
[0205.167] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0205.167] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfc01067c
[0205.167] GetDeviceCaps (hdc=0xfc01067c, index=12) returned 32
[0205.167] GetDeviceCaps (hdc=0xfc01067c, index=14) returned 1
[0205.167] DeleteDC (hdc=0xfc01067c) returned 1
[0205.167] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0205.167] GetWindowLongW (hWnd=0xa02d0, nIndex=-16) returned 113770496
[0205.167] GetWindowLongW (hWnd=0xa02d0, nIndex=-20) returned 327945
[0205.167] SetWindowLongW (hWnd=0xa02d0, nIndex=-16, dwNewLong=46661632) returned 113770496
[0205.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0205.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0205.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.176] SetWindowLongW (hWnd=0xa02d0, nIndex=-20, dwNewLong=327681) returned 327945
[0205.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0205.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0205.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.178] SetWindowPos (hWnd=0xa02d0, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0205.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0205.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0205.179] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0205.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0205.179] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0205.179] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0205.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.181] RedrawWindow (hWnd=0xa02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0205.181] GetSystemMenu (hWnd=0xa02d0, bRevert=0) returned 0x6f020f
[0205.181] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0205.181] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0205.181] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0205.181] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0205.181] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0205.181] EnableMenuItem (hMenu=0x6f020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0205.181] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0205.181] GetWindowLongW (hWnd=0xa02d0, nIndex=-8) returned 0
[0205.181] SetWindowLongW (hWnd=0xa02d0, nIndex=-8, dwNewLong=458844) returned 0
[0205.182] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0205.182] GetProcessWindowStation () returned 0x13c
[0205.182] GetCurrentThreadId () returned 0xf50
[0205.182] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305b8e, lParam=0x0) returned 1
[0205.182] IsWindowVisible (hWnd=0xa02d0) returned 0
[0205.182] IsWindowVisible (hWnd=0x7005c) returned 1
[0205.182] IsWindowEnabled (hWnd=0x7005c) returned 1
[0205.182] IsWindowVisible (hWnd=0x300ec) returned 0
[0205.182] IsWindowVisible (hWnd=0x502c6) returned 0
[0205.182] IsWindowVisible (hWnd=0x502be) returned 0
[0205.183] GetActiveWindow () returned 0xa02d0
[0205.183] GetFocus () returned 0xa02d0
[0205.183] IsWindow (hWnd=0x7005c) returned 1
[0205.183] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0205.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0205.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0205.183] GetWindowLongW (hWnd=0xa02d0, nIndex=-8) returned 458844
[0205.184] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0205.184] GetCurrentThreadId () returned 0xf50
[0205.184] GetWindowLongW (hWnd=0xa02d0, nIndex=-8) returned 458844
[0205.184] IsWindowEnabled (hWnd=0x7005c) returned 0
[0205.184] IsWindowEnabled (hWnd=0xa02d0) returned 1
[0205.184] ShowWindow (hWnd=0xa02d0, nCmdShow=5) returned 0
[0205.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.184] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0205.184] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.184] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.186] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0xa02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1502de
[0205.186] SetWindowLongW (hWnd=0x1502de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0205.186] GetWindowLongW (hWnd=0x1502de, nIndex=-4) returned 1950089536
[0205.186] SetWindowLongW (hWnd=0x1502de, nIndex=-4, dwNewLong=19946222) returned 1950089536
[0205.186] GetWindowLongW (hWnd=0x1502de, nIndex=-4) returned 19946222
[0205.187] GetWindowLongW (hWnd=0x1502de, nIndex=-16) returned 1174405120
[0205.187] GetWindowLongW (hWnd=0x1502de, nIndex=-12) returned 0
[0205.187] SetWindowLongW (hWnd=0x1502de, nIndex=-12, dwNewLong=1376990) returned 0
[0205.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0205.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0205.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0205.187] GetWindow (hWnd=0x1502de, uCmd=0x3) returned 0x0
[0205.187] GetClientRect (in: hWnd=0x1502de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0205.187] GetWindowRect (in: hWnd=0x1502de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0205.187] GetParent (hWnd=0x1502de) returned 0xa02d0
[0205.187] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0205.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0205.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0205.188] GetClientRect (in: hWnd=0x1502de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0205.188] GetWindowRect (in: hWnd=0x1502de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0205.188] GetParent (hWnd=0x1502de) returned 0xa02d0
[0205.188] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0205.188] SendMessageW (hWnd=0x1502de, Msg=0x2210, wParam=0x2de0001, lParam=0x1502de) returned 0x0
[0205.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x2210, wParam=0x2de0001, lParam=0x1502de) returned 0x0
[0205.188] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.189] GetParent (hWnd=0x1502de) returned 0xa02d0
[0205.189] GetParent (hWnd=0xb02ce) returned 0x1502da
[0205.189] SetParent (hWndChild=0xb02ce, hWndNewParent=0xa02d0) returned 0x1502da
[0205.189] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0205.189] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0205.189] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0205.190] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0205.190] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0205.190] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0205.190] GetWindowRect (in: hWnd=0xb02ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0205.190] GetParent (hWnd=0xb02ce) returned 0xa02d0
[0205.190] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0205.190] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0205.190] GetWindowRect (in: hWnd=0xb02ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0205.190] GetParent (hWnd=0xb02ce) returned 0xa02d0
[0205.190] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0205.190] GetParent (hWnd=0xb02ce) returned 0xa02d0
[0205.190] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.190] GetWindow (hWnd=0xb02ce, uCmd=0x3) returned 0x0
[0205.190] SetWindowPos (hWnd=0xb02ce, hWndInsertAfter=0x1502de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0205.190] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0205.191] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0205.191] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0205.191] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0205.191] GetWindowRect (in: hWnd=0xb02ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0205.191] GetParent (hWnd=0xb02ce) returned 0xa02d0
[0205.191] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0205.191] GetParent (hWnd=0xb02ce) returned 0xa02d0
[0205.191] GetWindow (hWnd=0xb02ce, uCmd=0x3) returned 0x1502de
[0205.192] GetWindowThreadProcessId (in: hWnd=0xb02ce, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0205.192] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0205.192] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.193] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.193] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1702d8
[0205.193] SetWindowLongW (hWnd=0x1702d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0205.193] GetWindowLongW (hWnd=0x1702d8, nIndex=-4) returned 1868032000
[0205.193] SetWindowLongW (hWnd=0x1702d8, nIndex=-4, dwNewLong=19946022) returned 1868032000
[0205.193] GetWindowLongW (hWnd=0x1702d8, nIndex=-4) returned 19946022
[0205.193] GetWindowLongW (hWnd=0x1702d8, nIndex=-16) returned 1174470667
[0205.193] GetWindowLongW (hWnd=0x1702d8, nIndex=-12) returned 0
[0205.193] SetWindowLongW (hWnd=0x1702d8, nIndex=-12, dwNewLong=1508056) returned 0
[0205.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0205.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0205.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0205.195] SendMessageW (hWnd=0x1702d8, Msg=0x2055, wParam=0x1702d8, lParam=0x3) returned 0x2
[0205.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0205.195] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0205.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0205.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0205.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0205.195] RedrawWindow (hWnd=0x1502de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0205.196] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0205.196] RedrawWindow (hWnd=0xb02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0205.196] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0205.196] RedrawWindow (hWnd=0x1702d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0205.196] RedrawWindow (hWnd=0xa02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0205.196] GetWindow (hWnd=0x1702d8, uCmd=0x3) returned 0xb02ce
[0205.196] GetClientRect (in: hWnd=0x1702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0205.196] GetWindowRect (in: hWnd=0x1702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0205.196] GetParent (hWnd=0x1702d8) returned 0xa02d0
[0205.196] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0205.196] SetWindowTextW (hWnd=0x1702d8, lpString="&Details") returned 1
[0205.196] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0205.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0205.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0205.197] GetClientRect (in: hWnd=0x1702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0205.197] GetWindowRect (in: hWnd=0x1702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0205.197] GetParent (hWnd=0x1702d8) returned 0xa02d0
[0205.197] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0205.197] SendMessageW (hWnd=0x1702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1702d8) returned 0x0
[0205.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1702d8) returned 0x0
[0205.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.198] GetParent (hWnd=0x1702d8) returned 0xa02d0
[0205.198] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0205.198] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.198] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.198] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1800ea
[0205.199] SetWindowLongW (hWnd=0x1800ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0205.199] GetWindowLongW (hWnd=0x1800ea, nIndex=-4) returned 1868032000
[0205.199] SetWindowLongW (hWnd=0x1800ea, nIndex=-4, dwNewLong=19946262) returned 1868032000
[0205.199] GetWindowLongW (hWnd=0x1800ea, nIndex=-4) returned 19946262
[0205.199] GetWindowLongW (hWnd=0x1800ea, nIndex=-16) returned 1174470667
[0205.199] GetWindowLongW (hWnd=0x1800ea, nIndex=-12) returned 0
[0205.199] SetWindowLongW (hWnd=0x1800ea, nIndex=-12, dwNewLong=1573098) returned 0
[0205.199] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0205.200] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0205.200] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0205.201] SendMessageW (hWnd=0x1800ea, Msg=0x2055, wParam=0x1800ea, lParam=0x3) returned 0x2
[0205.201] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0205.201] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0205.201] GetWindow (hWnd=0x1800ea, uCmd=0x3) returned 0x1702d8
[0205.201] GetClientRect (in: hWnd=0x1800ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0205.201] GetWindowRect (in: hWnd=0x1800ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0205.201] GetParent (hWnd=0x1800ea) returned 0xa02d0
[0205.201] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0205.202] SetWindowTextW (hWnd=0x1800ea, lpString="&Continue") returned 1
[0205.202] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0205.202] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0205.202] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0205.202] GetClientRect (in: hWnd=0x1800ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0205.202] GetWindowRect (in: hWnd=0x1800ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0205.202] GetParent (hWnd=0x1800ea) returned 0xa02d0
[0205.202] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0205.202] SendMessageW (hWnd=0x1800ea, Msg=0x2210, wParam=0xea0001, lParam=0x1800ea) returned 0x0
[0205.202] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x2210, wParam=0xea0001, lParam=0x1800ea) returned 0x0
[0205.203] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.203] GetParent (hWnd=0x1800ea) returned 0xa02d0
[0205.203] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0205.203] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.203] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.203] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0xa02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1502dc
[0205.204] SetWindowLongW (hWnd=0x1502dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0205.204] GetWindowLongW (hWnd=0x1502dc, nIndex=-4) returned 1868032000
[0205.204] SetWindowLongW (hWnd=0x1502dc, nIndex=-4, dwNewLong=19945902) returned 1868032000
[0205.204] GetWindowLongW (hWnd=0x1502dc, nIndex=-4) returned 19945902
[0205.204] GetWindowLongW (hWnd=0x1502dc, nIndex=-16) returned 1174470667
[0205.204] GetWindowLongW (hWnd=0x1502dc, nIndex=-12) returned 0
[0205.204] SetWindowLongW (hWnd=0x1502dc, nIndex=-12, dwNewLong=1376988) returned 0
[0205.204] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0205.205] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0205.205] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0205.206] SendMessageW (hWnd=0x1502dc, Msg=0x2055, wParam=0x1502dc, lParam=0x3) returned 0x2
[0205.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0205.206] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0205.206] GetWindow (hWnd=0x1502dc, uCmd=0x3) returned 0x1800ea
[0205.206] GetClientRect (in: hWnd=0x1502dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0205.206] GetWindowRect (in: hWnd=0x1502dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0205.206] GetParent (hWnd=0x1502dc) returned 0xa02d0
[0205.206] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0205.206] SetWindowTextW (hWnd=0x1502dc, lpString="&Quit") returned 1
[0205.206] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0205.207] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0205.207] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0205.207] GetClientRect (in: hWnd=0x1502dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0205.207] GetWindowRect (in: hWnd=0x1502dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0205.207] GetParent (hWnd=0x1502dc) returned 0xa02d0
[0205.207] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0205.207] SendMessageW (hWnd=0x1502dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1502dc) returned 0x0
[0205.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1502dc) returned 0x0
[0205.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.208] GetParent (hWnd=0x1502dc) returned 0xa02d0
[0205.208] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0205.208] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.208] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0205.209] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0xa02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02c8
[0205.209] SetWindowLongW (hWnd=0xf02c8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0205.209] GetWindowLongW (hWnd=0xf02c8, nIndex=-4) returned 1868026976
[0205.209] SetWindowLongW (hWnd=0xf02c8, nIndex=-4, dwNewLong=19946342) returned 1868026976
[0205.209] GetWindowLongW (hWnd=0xf02c8, nIndex=-4) returned 19946342
[0205.209] GetWindowLongW (hWnd=0xf02c8, nIndex=-16) returned 1177553092
[0205.209] GetWindowLongW (hWnd=0xf02c8, nIndex=-12) returned 0
[0205.209] SetWindowLongW (hWnd=0xf02c8, nIndex=-12, dwNewLong=983752) returned 0
[0205.209] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0205.210] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0205.211] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0205.226] GetWindow (hWnd=0xf02c8, uCmd=0x3) returned 0x1502dc
[0205.226] GetClientRect (in: hWnd=0xf02c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0205.226] GetWindowRect (in: hWnd=0xf02c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0205.226] GetParent (hWnd=0xf02c8) returned 0xa02d0
[0205.226] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0205.226] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.226] GetSystemMetrics (nIndex=42) returned 0
[0205.226] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0205.226] SendMessageW (hWnd=0xf02c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0205.226] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0205.230] SetWindowTextW (hWnd=0xf02c8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0205.230] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0xc, wParam=0x0, lParam=0x2e0ff54) returned 0x1
[0205.232] GetSystemMetrics (nIndex=5) returned 1
[0205.232] GetSystemMetrics (nIndex=6) returned 1
[0205.232] SendMessageW (hWnd=0xf02c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0205.232] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0205.233] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0205.234] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0205.234] GetClientRect (in: hWnd=0xf02c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0205.234] GetWindowRect (in: hWnd=0xf02c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0205.234] GetParent (hWnd=0xf02c8) returned 0xa02d0
[0205.234] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xa02d0, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0205.234] SendMessageW (hWnd=0xf02c8, Msg=0x2210, wParam=0x2c80001, lParam=0xf02c8) returned 0x0
[0205.234] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x2210, wParam=0x2c80001, lParam=0xf02c8) returned 0x0
[0205.234] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0205.238] GetParent (hWnd=0xf02c8) returned 0xa02d0
[0205.238] GetWindowLongW (hWnd=0xa02d0, nIndex=-8) returned 458844
[0205.238] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0205.238] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0205.238] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x301067c
[0205.238] GetDeviceCaps (hdc=0x301067c, index=12) returned 32
[0205.238] GetDeviceCaps (hdc=0x301067c, index=14) returned 1
[0205.238] DeleteDC (hdc=0x301067c) returned 1
[0205.238] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0205.239] GetWindowThreadProcessId (in: hWnd=0xa02d0, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0205.239] GetCurrentThreadId () returned 0xf50
[0205.239] PostMessageW (hWnd=0xa02d0, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0205.239] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.239] GetSystemMetrics (nIndex=42) returned 0
[0205.239] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0205.239] GdipImageGetFrameDimensionsCount (image=0x6651518, count=0xd7e25c) returned 0x0
[0205.239] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201940
[0205.239] GdipImageGetFrameDimensionsList (image=0x6651518, dimensionIDs=0x1201940*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0205.239] LocalFree (hMem=0x1201940) returned 0x0
[0205.239] GdipImageGetFrameDimensionsCount (image=0x664ea70, count=0xd7e250) returned 0x0
[0205.239] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201910
[0205.239] GdipImageGetFrameDimensionsList (image=0x664ea70, dimensionIDs=0x1201910*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0205.239] LocalFree (hMem=0x1201910) returned 0x0
[0205.239] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0205.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0205.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0205.263] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0205.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.265] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0205.265] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0205.265] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.265] GetSystemMetrics (nIndex=42) returned 0
[0205.265] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0205.265] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0205.265] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0205.265] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0205.265] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0xffffffff860507da
[0205.265] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0205.265] SaveDC (hdc=0xc0107c5) returned 1
[0205.266] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0205.266] CreateSolidBrush (color=0xf0f0f0) returned 0xfa1007e1
[0205.266] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0xfa1007e1) returned 1
[0205.266] DeleteObject (ho=0xfa1007e1) returned 1
[0205.266] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0205.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0205.266] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0205.266] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0205.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0205.267] GetStockObject (i=5) returned 0x900015
[0205.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0205.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0205.267] GetStockObject (i=5) returned 0x900015
[0205.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0205.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0205.267] GetStockObject (i=5) returned 0x900015
[0205.267] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0205.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0205.268] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0205.268] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0205.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0205.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0205.269] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0205.269] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0205.269] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.270] InvalidateRect (hWnd=0x1702d8, lpRect=0x0, bErase=0) returned 1
[0205.270] GetFocus () returned 0xa02d0
[0205.270] GetFocus () returned 0xa02d0
[0205.270] SetFocus (hWnd=0x1702d8) returned 0xa02d0
[0205.270] GetFocus () returned 0x1702d8
[0205.270] IsChild (hWndParent=0xa02d0, hWnd=0x1702d8) returned 1
[0205.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x8, wParam=0x1702d8, lParam=0x0) returned 0x0
[0205.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0205.272] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0205.274] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x7, wParam=0xa02d0, lParam=0x0) returned 0x0
[0205.274] GetStockObject (i=5) returned 0x900015
[0205.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0205.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0205.274] GetDlgItem (hDlg=0xa02d0, nIDDlgItem=1508056) returned 0x1702d8
[0205.274] SendMessageW (hWnd=0x1702d8, Msg=0x202b, wParam=0x1702d8, lParam=0xd7e0dc) returned 0x0
[0205.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x202b, wParam=0x1702d8, lParam=0xd7e0dc) returned 0x0
[0205.274] InvalidateRect (hWnd=0x1702d8, lpRect=0x0, bErase=0) returned 1
[0205.276] GetFocus () returned 0x1702d8
[0205.276] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0205.277] IsWindowUnicode (hWnd=0xa02d0) returned 1
[0205.277] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0205.278] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.278] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.278] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0205.278] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0205.283] IsWindowUnicode (hWnd=0xa02d0) returned 1
[0205.283] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.283] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.283] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.283] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0205.284] IsWindowUnicode (hWnd=0xa02d0) returned 1
[0205.284] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.284] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.284] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.284] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.284] IsWindowUnicode (hWnd=0x602c4) returned 1
[0205.284] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.285] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.285] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.285] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0205.285] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0205.285] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.286] IsWindowUnicode (hWnd=0xa02d0) returned 1
[0205.286] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.286] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.286] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.286] BeginPaint (in: hWnd=0xa02d0, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0205.286] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.286] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.286] GetSystemMetrics (nIndex=42) returned 0
[0205.286] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0205.286] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.286] EndPaint (hWnd=0xa02d0, lpPaint=0xd7e274) returned 1
[0205.287] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.287] IsWindowUnicode (hWnd=0x1502de) returned 1
[0205.287] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.287] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.287] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.287] BeginPaint (in: hWnd=0x1502de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0205.287] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.287] CreateCompatibleDC (hdc=0x60100ce) returned 0x2e0107f9
[0205.287] SelectObject (hdc=0x2e0107f9, h=0x4a0507fe) returned 0x85000f
[0205.287] GdipCreateFromHDC (hdc=0x2e0107f9, graphics=0xd7e2b0) returned 0x0
[0205.288] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.288] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0205.288] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0205.288] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0205.288] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e310) returned 0x0
[0205.288] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.288] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0205.288] LocalFree (hMem=0x11ee788) returned 0x0
[0205.288] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0205.288] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0205.288] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0205.288] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e304) returned 0x0
[0205.288] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0205.288] GetWindowTextLengthW (hWnd=0x1502de) returned 0
[0205.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0205.288] GetSystemMetrics (nIndex=42) returned 0
[0205.288] GetWindowTextW (in: hWnd=0x1502de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0205.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0205.289] GetClientRect (in: hWnd=0x1502de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0205.289] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0205.289] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0205.289] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0205.289] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0205.289] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e164) returned 0x0
[0205.289] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.289] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0205.289] LocalFree (hMem=0x11ee788) returned 0x0
[0205.289] GdipCombineRegionRegion (region=0x6645098, region2=0x6646b08, combineMode=0x1) returned 0x0
[0205.289] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.289] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0205.289] LocalFree (hMem=0x11ee788) returned 0x0
[0205.289] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0205.289] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0205.289] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0205.289] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0205.290] GdipDeleteRegion (region=0x6645098) returned 0x0
[0205.290] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0205.290] GetCurrentObject (hdc=0x2e0107f9, type=0x1) returned 0xb00017
[0205.290] GetCurrentObject (hdc=0x2e0107f9, type=0x2) returned 0x900010
[0205.290] GetCurrentObject (hdc=0x2e0107f9, type=0x7) returned 0x4a0507fe
[0205.290] GetCurrentObject (hdc=0x2e0107f9, type=0x6) returned 0x8a01c2
[0205.290] SaveDC (hdc=0x2e0107f9) returned 1
[0205.290] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd00407de
[0205.290] GetClipRgn (hdc=0x2e0107f9, hrgn=0xd00407de) returned 0
[0205.290] SelectClipRgn (hdc=0x2e0107f9, hrgn=0x45040807) returned 2
[0205.290] DeleteObject (ho=0xd00407de) returned 1
[0205.290] DeleteObject (ho=0x45040807) returned 1
[0205.290] OffsetViewportOrgEx (in: hdc=0x2e0107f9, x=0, y=0, lppt=0x2e15ab4 | out: lppt=0x2e15ab4) returned 1
[0205.290] GetNearestColor (hdc=0x2e0107f9, color=0xf0f0f0) returned 0xf0f0f0
[0205.290] CreateSolidBrush (color=0xf0f0f0) returned 0xfb1007e1
[0205.291] FillRect (hDC=0x2e0107f9, lprc=0xd7e198, hbr=0xfb1007e1) returned 1
[0205.291] DeleteObject (ho=0xfb1007e1) returned 1
[0205.291] RestoreDC (hdc=0x2e0107f9, nSavedDC=-1) returned 1
[0205.291] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f9) returned 0x0
[0205.291] GdipRestoreGraphics (graphics=0x6600030, state=0xfa8c0dbd) returned 0x0
[0205.291] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0205.291] GetWindowTextLengthW (hWnd=0x1502de) returned 0
[0205.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0205.291] GetSystemMetrics (nIndex=42) returned 0
[0205.291] GetWindowTextW (in: hWnd=0x1502de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0205.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0205.291] GdipGetImageWidth (image=0x6651518, width=0xd7e1e0) returned 0x0
[0205.291] GdipGetImageHeight (image=0x6651518, height=0xd7e1e0) returned 0x0
[0205.291] GdipGetImageWidth (image=0x6651518, width=0xd7e1cc) returned 0x0
[0205.291] GdipGetImageHeight (image=0x6651518, height=0xd7e1cc) returned 0x0
[0205.291] GdipDrawImageRectI (graphics=0x6600030, image=0x6651518, x=16, y=16, width=32, height=32) returned 0x0
[0205.291] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0205.292] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x2e0107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.292] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f9) returned 0x0
[0205.292] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.292] SelectObject (hdc=0x2e0107f9, h=0x85000f) returned 0x4a0507fe
[0205.292] DeleteDC (hdc=0x2e0107f9) returned 1
[0205.292] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.292] EndPaint (hWnd=0x1502de, lpPaint=0xd7e294) returned 1
[0205.293] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.293] IsWindowUnicode (hWnd=0xb02ce) returned 1
[0205.293] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.293] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.293] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.293] BeginPaint (in: hWnd=0xb02ce, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0205.293] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.293] CreateCompatibleDC (hdc=0xc0107c5) returned 0x300107f9
[0205.294] GetObjectType (h=0xc0107c5) returned 0x3
[0205.294] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0x1f0507d8
[0205.300] GetDIBits (in: hdc=0xc0107c5, hbm=0x1f0507d8, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0205.300] GetDIBits (in: hdc=0xc0107c5, hbm=0x1f0507d8, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0205.300] DeleteObject (ho=0x1f0507d8) returned 1
[0205.301] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x450507a2
[0205.301] SelectObject (hdc=0x300107f9, h=0x450507a2) returned 0x85000f
[0205.301] GdipCreateFromHDC (hdc=0x300107f9, graphics=0xd7e234) returned 0x0
[0205.301] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.301] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0205.301] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0205.301] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0205.301] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2d4) returned 0x0
[0205.301] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.301] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0205.301] LocalFree (hMem=0x11eec58) returned 0x0
[0205.301] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0205.302] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0205.302] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0205.302] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0205.302] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0205.302] GetWindowTextLengthW (hWnd=0xb02ce) returned 232
[0205.302] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0205.302] GetSystemMetrics (nIndex=42) returned 0
[0205.302] GetWindowTextW (in: hWnd=0xb02ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0205.302] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0205.302] GetClientRect (in: hWnd=0xb02ce, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0205.302] GdipCreateRegion (region=0xd7e110) returned 0x0
[0205.302] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0205.302] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0205.302] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0205.302] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e128) returned 0x0
[0205.302] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0205.302] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eecc8) returned 0x0
[0205.302] LocalFree (hMem=0x11eecc8) returned 0x0
[0205.302] GdipCombineRegionRegion (region=0x6645cf8, region2=0x6646b08, combineMode=0x1) returned 0x0
[0205.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.303] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0205.303] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.303] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0205.303] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0205.303] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0205.303] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0205.303] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0205.303] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0205.303] GetCurrentObject (hdc=0x300107f9, type=0x1) returned 0xb00017
[0205.303] GetCurrentObject (hdc=0x300107f9, type=0x2) returned 0x900010
[0205.303] GetCurrentObject (hdc=0x300107f9, type=0x7) returned 0x450507a2
[0205.303] GetCurrentObject (hdc=0x300107f9, type=0x6) returned 0x8a01c2
[0205.303] SaveDC (hdc=0x300107f9) returned 1
[0205.303] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x46040807
[0205.303] GetClipRgn (hdc=0x300107f9, hrgn=0x46040807) returned 0
[0205.303] SelectClipRgn (hdc=0x300107f9, hrgn=0xd10407de) returned 2
[0205.304] DeleteObject (ho=0x46040807) returned 1
[0205.304] DeleteObject (ho=0xd10407de) returned 1
[0205.304] OffsetViewportOrgEx (in: hdc=0x300107f9, x=0, y=0, lppt=0x2e1747c | out: lppt=0x2e1747c) returned 1
[0205.304] GetNearestColor (hdc=0x300107f9, color=0xf0f0f0) returned 0xf0f0f0
[0205.304] CreateSolidBrush (color=0xf0f0f0) returned 0xfc1007e1
[0205.304] FillRect (hDC=0x300107f9, lprc=0xd7e15c, hbr=0xfc1007e1) returned 1
[0205.304] DeleteObject (ho=0xfc1007e1) returned 1
[0205.305] RestoreDC (hdc=0x300107f9, nSavedDC=-1) returned 1
[0205.305] GdipReleaseDC (graphics=0x6600030, hdc=0x300107f9) returned 0x0
[0205.305] GdipRestoreGraphics (graphics=0x6600030, state=0xfa8a0dbd) returned 0x0
[0205.305] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0205.305] GetWindowTextLengthW (hWnd=0xb02ce) returned 232
[0205.305] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0205.305] GetSystemMetrics (nIndex=42) returned 0
[0205.305] GetWindowTextW (in: hWnd=0xb02ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0205.305] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0205.305] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0205.305] GetCurrentObject (hdc=0x300107f9, type=0x1) returned 0xb00017
[0205.305] GetCurrentObject (hdc=0x300107f9, type=0x2) returned 0x900010
[0205.305] GetCurrentObject (hdc=0x300107f9, type=0x7) returned 0x450507a2
[0205.305] GetCurrentObject (hdc=0x300107f9, type=0x6) returned 0x8a01c2
[0205.305] SaveDC (hdc=0x300107f9) returned 1
[0205.305] GetNearestColor (hdc=0x300107f9, color=0x0) returned 0x0
[0205.306] RestoreDC (hdc=0x300107f9, nSavedDC=-1) returned 1
[0205.306] GdipReleaseDC (graphics=0x6600030, hdc=0x300107f9) returned 0x0
[0205.306] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0205.306] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0205.306] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e17c78 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0205.307] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0205.307] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0205.307] GetCurrentObject (hdc=0x300107f9, type=0x1) returned 0xb00017
[0205.307] GetCurrentObject (hdc=0x300107f9, type=0x2) returned 0x900010
[0205.307] GetCurrentObject (hdc=0x300107f9, type=0x7) returned 0x450507a2
[0205.307] GetCurrentObject (hdc=0x300107f9, type=0x6) returned 0x8a01c2
[0205.307] SaveDC (hdc=0x300107f9) returned 1
[0205.307] GetTextAlign (hdc=0x300107f9) returned 0x0
[0205.307] GetTextColor (hdc=0x300107f9) returned 0x0
[0205.307] GetCurrentObject (hdc=0x300107f9, type=0x6) returned 0x8a01c2
[0205.307] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0205.307] SelectObject (hdc=0x300107f9, h=0x6d0a0520) returned 0x8a01c2
[0205.308] GetBkMode (hdc=0x300107f9) returned 2
[0205.308] SetBkMode (hdc=0x300107f9, mode=1) returned 2
[0205.308] DrawTextExW (in: hdc=0x300107f9, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e17e9c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0205.311] RestoreDC (hdc=0x300107f9, nSavedDC=-1) returned 1
[0205.311] GdipReleaseDC (graphics=0x6600030, hdc=0x300107f9) returned 0x0
[0205.311] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0205.311] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0x300107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.311] GdipReleaseDC (graphics=0x6600030, hdc=0x300107f9) returned 0x0
[0205.311] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.312] SelectObject (hdc=0x300107f9, h=0x85000f) returned 0x450507a2
[0205.312] DeleteDC (hdc=0x300107f9) returned 1
[0205.312] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.312] DeleteObject (ho=0x450507a2) returned 1
[0205.312] EndPaint (hWnd=0xb02ce, lpPaint=0xd7e258) returned 1
[0205.313] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.313] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.313] IsWindowUnicode (hWnd=0x1800ea) returned 1
[0205.313] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.313] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.313] SetCursor (hCursor=0x10003) returned 0x10003
[0205.313] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.313] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.313] _TrackMouseEvent (in: lpEventTrack=0x2e17ed8 | out: lpEventTrack=0x2e17ed8) returned 1
[0205.314] SendMessageW (hWnd=0x1800ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0205.314] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0205.314] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.314] GetKeyState (nVirtKey=1) returned 0
[0205.314] GetKeyState (nVirtKey=2) returned 0
[0205.314] GetKeyState (nVirtKey=4) returned 0
[0205.314] GetKeyState (nVirtKey=5) returned 0
[0205.314] GetKeyState (nVirtKey=6) returned 0
[0205.314] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.314] IsWindowUnicode (hWnd=0x1702d8) returned 1
[0205.314] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.314] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.314] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.314] BeginPaint (in: hWnd=0x1702d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0205.314] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.315] CreateCompatibleDC (hdc=0x10105d6) returned 0x210107d8
[0205.315] SelectObject (hdc=0x210107d8, h=0x4a0507fe) returned 0x85000f
[0205.315] GdipCreateFromHDC (hdc=0x210107d8, graphics=0xd7e268) returned 0x0
[0205.315] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.315] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0205.315] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0205.315] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0205.315] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0205.315] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.315] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0205.315] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.315] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0205.315] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0205.316] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0205.316] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0205.316] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0205.316] GdipRestoreGraphics (graphics=0x6600030, state=0xfa880dbd) returned 0x0
[0205.316] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0205.316] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0205.316] GetCurrentObject (hdc=0x210107d8, type=0x1) returned 0xb00017
[0205.316] GetCurrentObject (hdc=0x210107d8, type=0x2) returned 0x900010
[0205.316] GetCurrentObject (hdc=0x210107d8, type=0x7) returned 0x4a0507fe
[0205.316] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.316] SaveDC (hdc=0x210107d8) returned 1
[0205.316] GetNearestColor (hdc=0x210107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.316] GetNearestColor (hdc=0x210107d8, color=0xa0a0a0) returned 0xa0a0a0
[0205.316] GetNearestColor (hdc=0x210107d8, color=0x696969) returned 0x696969
[0205.316] GetNearestColor (hdc=0x210107d8, color=0xa0a0a0) returned 0xa0a0a0
[0205.317] GetNearestColor (hdc=0x210107d8, color=0x0) returned 0x0
[0205.317] GetNearestColor (hdc=0x210107d8, color=0xffffff) returned 0xffffff
[0205.317] GetNearestColor (hdc=0x210107d8, color=0xe5e5e5) returned 0xe5e5e5
[0205.317] GetNearestColor (hdc=0x210107d8, color=0xd7d7d7) returned 0xd7d7d7
[0205.317] GetNearestColor (hdc=0x210107d8, color=0x0) returned 0x0
[0205.317] RestoreDC (hdc=0x210107d8, nSavedDC=-1) returned 1
[0205.317] GdipReleaseDC (graphics=0x6600030, hdc=0x210107d8) returned 0x0
[0205.317] IsAppThemed () returned 0x1
[0205.317] GetThemeAppProperties () returned 0x3
[0205.317] GetThemeAppProperties () returned 0x3
[0205.317] GdipGetImageWidth (image=0x664ea70, width=0xd7e168) returned 0x0
[0205.317] GdipGetImageHeight (image=0x664ea70, height=0xd7e168) returned 0x0
[0205.317] IsAppThemed () returned 0x1
[0205.317] GetThemeAppProperties () returned 0x3
[0205.317] GetThemeAppProperties () returned 0x3
[0205.317] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e18644 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0205.318] IsAppThemed () returned 0x1
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] IsAppThemed () returned 0x1
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] GetFocus () returned 0x1702d8
[0205.318] IsAppThemed () returned 0x1
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] IsAppThemed () returned 0x1
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] IsThemePartDefined () returned 0x1
[0205.318] IsAppThemed () returned 0x1
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] GetThemeAppProperties () returned 0x3
[0205.318] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0205.318] IsAppThemed () returned 0x1
[0205.319] GetThemeAppProperties () returned 0x3
[0205.319] GetThemeAppProperties () returned 0x3
[0205.319] IsAppThemed () returned 0x1
[0205.319] GetThemeAppProperties () returned 0x3
[0205.319] GetThemeAppProperties () returned 0x3
[0205.319] IsThemePartDefined () returned 0x1
[0205.319] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0205.319] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0205.319] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0205.319] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0205.319] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0205.319] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.319] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0205.319] LocalFree (hMem=0x11ee788) returned 0x0
[0205.319] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.319] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0205.319] LocalFree (hMem=0x11ee788) returned 0x0
[0205.319] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0205.319] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e018) returned 0x0
[0205.319] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e008) returned 0x0
[0205.319] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0205.319] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0205.319] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0205.319] GetCurrentObject (hdc=0x210107d8, type=0x1) returned 0xb00017
[0205.320] GetCurrentObject (hdc=0x210107d8, type=0x2) returned 0x900010
[0205.320] GetCurrentObject (hdc=0x210107d8, type=0x7) returned 0x4a0507fe
[0205.320] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.320] SaveDC (hdc=0x210107d8) returned 1
[0205.320] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd20407de
[0205.320] GetClipRgn (hdc=0x210107d8, hrgn=0xd20407de) returned 0
[0205.320] SelectClipRgn (hdc=0x210107d8, hrgn=0x4a040807) returned 2
[0205.320] DeleteObject (ho=0xd20407de) returned 1
[0205.320] DeleteObject (ho=0x4a040807) returned 1
[0205.320] OffsetViewportOrgEx (in: hdc=0x210107d8, x=0, y=0, lppt=0x2e18cf4 | out: lppt=0x2e18cf4) returned 1
[0205.320] DrawThemeParentBackground () returned 0x0
[0205.320] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0205.320] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0205.320] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.320] GetSystemMetrics (nIndex=42) returned 0
[0205.320] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0205.321] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0205.321] GetCurrentObject (hdc=0x210107d8, type=0x1) returned 0xb00017
[0205.321] GetCurrentObject (hdc=0x210107d8, type=0x2) returned 0x900010
[0205.321] GetCurrentObject (hdc=0x210107d8, type=0x7) returned 0x4a0507fe
[0205.321] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.321] SaveDC (hdc=0x210107d8) returned 2
[0205.321] GetNearestColor (hdc=0x210107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.321] CreateSolidBrush (color=0xf0f0f0) returned 0xfd1007e1
[0205.321] FillRect (hDC=0x210107d8, lprc=0xd7da38, hbr=0xfd1007e1) returned 1
[0205.321] DeleteObject (ho=0xfd1007e1) returned 1
[0205.321] RestoreDC (hdc=0x210107d8, nSavedDC=-1) returned 1
[0205.321] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.321] GetSystemMetrics (nIndex=42) returned 0
[0205.321] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0205.321] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0205.321] GetCurrentObject (hdc=0x210107d8, type=0x1) returned 0xb00017
[0205.321] GetCurrentObject (hdc=0x210107d8, type=0x2) returned 0x900010
[0205.321] GetCurrentObject (hdc=0x210107d8, type=0x7) returned 0x4a0507fe
[0205.322] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.322] SaveDC (hdc=0x210107d8) returned 2
[0205.322] GetNearestColor (hdc=0x210107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.322] CreateSolidBrush (color=0xf0f0f0) returned 0xfe1007e1
[0205.322] FillRect (hDC=0x210107d8, lprc=0xd7d9d8, hbr=0xfe1007e1) returned 1
[0205.322] DeleteObject (ho=0xfe1007e1) returned 1
[0205.322] RestoreDC (hdc=0x210107d8, nSavedDC=-1) returned 1
[0205.322] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.322] GetSystemMetrics (nIndex=42) returned 0
[0205.322] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0205.322] RestoreDC (hdc=0x210107d8, nSavedDC=-1) returned 1
[0205.322] GdipReleaseDC (graphics=0x6600030, hdc=0x210107d8) returned 0x0
[0205.322] IsAppThemed () returned 0x1
[0205.322] GetThemeAppProperties () returned 0x3
[0205.322] GetThemeAppProperties () returned 0x3
[0205.322] IsAppThemed () returned 0x1
[0205.322] GetThemeAppProperties () returned 0x3
[0205.322] GetThemeAppProperties () returned 0x3
[0205.322] IsThemePartDefined () returned 0x1
[0205.323] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0205.323] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0205.323] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0205.323] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0205.323] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0205.323] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0205.323] LocalFree (hMem=0x11ee788) returned 0x0
[0205.323] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0205.323] LocalFree (hMem=0x11ee788) returned 0x0
[0205.323] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0205.323] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0205.323] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0205.323] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0205.323] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0205.323] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0205.323] GetCurrentObject (hdc=0x210107d8, type=0x1) returned 0xb00017
[0205.323] GetCurrentObject (hdc=0x210107d8, type=0x2) returned 0x900010
[0205.323] GetCurrentObject (hdc=0x210107d8, type=0x7) returned 0x4a0507fe
[0205.323] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.323] SaveDC (hdc=0x210107d8) returned 1
[0205.323] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b040807
[0205.323] GetClipRgn (hdc=0x210107d8, hrgn=0x4b040807) returned 0
[0205.324] SelectClipRgn (hdc=0x210107d8, hrgn=0xd40407de) returned 2
[0205.324] DeleteObject (ho=0x4b040807) returned 1
[0205.324] DeleteObject (ho=0xd40407de) returned 1
[0205.324] OffsetViewportOrgEx (in: hdc=0x210107d8, x=0, y=0, lppt=0x2e195a0 | out: lppt=0x2e195a0) returned 1
[0205.324] IsAppThemed () returned 0x1
[0205.324] GetThemeAppProperties () returned 0x3
[0205.324] GetThemeAppProperties () returned 0x3
[0205.324] DrawThemeBackground () returned 0x0
[0205.324] RestoreDC (hdc=0x210107d8, nSavedDC=-1) returned 1
[0205.324] GdipReleaseDC (graphics=0x6600030, hdc=0x210107d8) returned 0x0
[0205.324] GdipCreateRegion (region=0xd7df60) returned 0x0
[0205.324] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0205.324] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0205.324] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0205.324] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0205.324] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.324] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0205.324] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.324] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.324] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0205.324] LocalFree (hMem=0x11eec58) returned 0x0
[0205.324] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0205.325] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0205.325] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df90) returned 0x0
[0205.325] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0205.325] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0205.325] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0205.325] GetCurrentObject (hdc=0x210107d8, type=0x1) returned 0xb00017
[0205.325] GetCurrentObject (hdc=0x210107d8, type=0x2) returned 0x900010
[0205.325] GetCurrentObject (hdc=0x210107d8, type=0x7) returned 0x4a0507fe
[0205.325] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.332] SaveDC (hdc=0x210107d8) returned 1
[0205.332] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd50407de
[0205.332] GetClipRgn (hdc=0x210107d8, hrgn=0xd50407de) returned 0
[0205.332] SelectClipRgn (hdc=0x210107d8, hrgn=0x4c040807) returned 2
[0205.332] DeleteObject (ho=0xd50407de) returned 1
[0205.332] DeleteObject (ho=0x4c040807) returned 1
[0205.332] OffsetViewportOrgEx (in: hdc=0x210107d8, x=0, y=0, lppt=0x2e19874 | out: lppt=0x2e19874) returned 1
[0205.332] IsAppThemed () returned 0x1
[0205.332] GetThemeAppProperties () returned 0x3
[0205.332] GetThemeAppProperties () returned 0x3
[0205.332] GetThemeBackgroundContentRect () returned 0x0
[0205.332] RestoreDC (hdc=0x210107d8, nSavedDC=-1) returned 1
[0205.332] GdipReleaseDC (graphics=0x6600030, hdc=0x210107d8) returned 0x0
[0205.332] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0205.332] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0205.332] GdipCloneRegion (region=0x6646b08, cloneRegion=0xd7e150) returned 0x0
[0205.333] GdipCombineRegionRectI (region=0x6645bd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0205.333] GdipCombineRegionRectI (region=0x6645bd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0205.333] GdipSetClipRegion (graphics=0x6600030, region=0x6645bd8, combineMode=0x0) returned 0x0
[0205.333] GdipGetImageWidth (image=0x664ea70, width=0xd7e154) returned 0x0
[0205.333] GdipGetImageHeight (image=0x664ea70, height=0xd7e148) returned 0x0
[0205.333] GdipDrawImageRectI (graphics=0x6600030, image=0x664ea70, x=4, y=4, width=16, height=16) returned 0x0
[0205.333] GdipSetClipRegion (graphics=0x6600030, region=0x6646b08, combineMode=0x0) returned 0x0
[0205.333] IsAppThemed () returned 0x1
[0205.333] GetThemeAppProperties () returned 0x3
[0205.333] GetThemeAppProperties () returned 0x3
[0205.333] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0205.333] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0205.333] GetCurrentObject (hdc=0x210107d8, type=0x1) returned 0xb00017
[0205.333] GetCurrentObject (hdc=0x210107d8, type=0x2) returned 0x900010
[0205.333] GetCurrentObject (hdc=0x210107d8, type=0x7) returned 0x4a0507fe
[0205.333] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.333] SaveDC (hdc=0x210107d8) returned 1
[0205.333] GetTextAlign (hdc=0x210107d8) returned 0x0
[0205.333] GetTextColor (hdc=0x210107d8) returned 0x0
[0205.333] GetCurrentObject (hdc=0x210107d8, type=0x6) returned 0x8a01c2
[0205.334] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0205.334] SelectObject (hdc=0x210107d8, h=0x6d0a0520) returned 0x8a01c2
[0205.334] GetBkMode (hdc=0x210107d8) returned 2
[0205.334] SetBkMode (hdc=0x210107d8, mode=1) returned 2
[0205.334] DrawTextExW (in: hdc=0x210107d8, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e19c34 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0205.334] DrawTextExW (in: hdc=0x210107d8, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e19c34 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0205.334] RestoreDC (hdc=0x210107d8, nSavedDC=-1) returned 1
[0205.334] GdipReleaseDC (graphics=0x6600030, hdc=0x210107d8) returned 0x0
[0205.334] GetFocus () returned 0x1702d8
[0205.334] IsAppThemed () returned 0x1
[0205.335] GetThemeAppProperties () returned 0x3
[0205.335] GetThemeAppProperties () returned 0x3
[0205.335] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0205.335] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x210107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.335] GdipReleaseDC (graphics=0x6600030, hdc=0x210107d8) returned 0x0
[0205.335] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.335] SelectObject (hdc=0x210107d8, h=0x85000f) returned 0x4a0507fe
[0205.335] DeleteDC (hdc=0x210107d8) returned 1
[0205.335] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.335] EndPaint (hWnd=0x1702d8, lpPaint=0xd7e24c) returned 1
[0205.335] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.335] IsWindowUnicode (hWnd=0x1800ea) returned 1
[0205.335] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.335] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.335] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.336] BeginPaint (in: hWnd=0x1800ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0205.336] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.336] CreateCompatibleDC (hdc=0x107b9) returned 0x230107d8
[0205.336] SelectObject (hdc=0x230107d8, h=0x4a0507fe) returned 0x85000f
[0205.336] GdipCreateFromHDC (hdc=0x230107d8, graphics=0xd7e268) returned 0x0
[0205.336] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.336] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0205.336] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0205.336] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0205.336] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0205.336] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.336] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0205.336] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.336] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0205.337] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0205.337] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0205.337] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0205.337] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0205.337] GdipRestoreGraphics (graphics=0x6600030, state=0xfa860dbd) returned 0x0
[0205.337] GdipDeleteRegion (region=0x6645518) returned 0x0
[0205.337] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0205.337] GetCurrentObject (hdc=0x230107d8, type=0x1) returned 0xb00017
[0205.337] GetCurrentObject (hdc=0x230107d8, type=0x2) returned 0x900010
[0205.337] GetCurrentObject (hdc=0x230107d8, type=0x7) returned 0x4a0507fe
[0205.337] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.337] SaveDC (hdc=0x230107d8) returned 1
[0205.337] GetNearestColor (hdc=0x230107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.337] GetNearestColor (hdc=0x230107d8, color=0xa0a0a0) returned 0xa0a0a0
[0205.337] GetNearestColor (hdc=0x230107d8, color=0x696969) returned 0x696969
[0205.337] GetNearestColor (hdc=0x230107d8, color=0xa0a0a0) returned 0xa0a0a0
[0205.337] GetNearestColor (hdc=0x230107d8, color=0x0) returned 0x0
[0205.337] GetNearestColor (hdc=0x230107d8, color=0xffffff) returned 0xffffff
[0205.337] GetNearestColor (hdc=0x230107d8, color=0xe5e5e5) returned 0xe5e5e5
[0205.338] GetNearestColor (hdc=0x230107d8, color=0xd7d7d7) returned 0xd7d7d7
[0205.338] GetNearestColor (hdc=0x230107d8, color=0x0) returned 0x0
[0205.338] RestoreDC (hdc=0x230107d8, nSavedDC=-1) returned 1
[0205.338] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d8) returned 0x0
[0205.338] IsAppThemed () returned 0x1
[0205.338] GetThemeAppProperties () returned 0x3
[0205.338] GetThemeAppProperties () returned 0x3
[0205.338] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0205.338] SendMessageW (hWnd=0xa02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0205.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0205.338] IsAppThemed () returned 0x1
[0205.338] GetThemeAppProperties () returned 0x3
[0205.338] GetThemeAppProperties () returned 0x3
[0205.338] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e1a444 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0205.338] IsAppThemed () returned 0x1
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] IsAppThemed () returned 0x1
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] IsAppThemed () returned 0x1
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] IsAppThemed () returned 0x1
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] IsThemePartDefined () returned 0x1
[0205.339] IsAppThemed () returned 0x1
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0205.339] IsAppThemed () returned 0x1
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] GetThemeAppProperties () returned 0x3
[0205.339] IsAppThemed () returned 0x1
[0205.339] GetThemeAppProperties () returned 0x3
[0205.340] GetThemeAppProperties () returned 0x3
[0205.340] IsThemePartDefined () returned 0x1
[0205.340] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0205.340] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0205.340] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0205.340] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0205.340] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dfe4) returned 0x0
[0205.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.340] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0205.340] LocalFree (hMem=0x11eec58) returned 0x0
[0205.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.340] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0205.340] LocalFree (hMem=0x11ee788) returned 0x0
[0205.340] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0205.340] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0205.340] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0205.340] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0205.340] GdipDeleteRegion (region=0x6645128) returned 0x0
[0205.340] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0205.340] GetCurrentObject (hdc=0x230107d8, type=0x1) returned 0xb00017
[0205.340] GetCurrentObject (hdc=0x230107d8, type=0x2) returned 0x900010
[0205.340] GetCurrentObject (hdc=0x230107d8, type=0x7) returned 0x4a0507fe
[0205.344] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.344] SaveDC (hdc=0x230107d8) returned 1
[0205.344] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4d040807
[0205.344] GetClipRgn (hdc=0x230107d8, hrgn=0x4d040807) returned 0
[0205.344] SelectClipRgn (hdc=0x230107d8, hrgn=0xd90407de) returned 2
[0205.344] DeleteObject (ho=0x4d040807) returned 1
[0205.344] DeleteObject (ho=0xd90407de) returned 1
[0205.344] OffsetViewportOrgEx (in: hdc=0x230107d8, x=0, y=0, lppt=0x2e1aaf4 | out: lppt=0x2e1aaf4) returned 1
[0205.345] DrawThemeParentBackground () returned 0x0
[0205.345] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0205.345] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0205.345] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.345] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.345] GetSystemMetrics (nIndex=42) returned 0
[0205.345] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.345] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0205.345] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0205.345] GetCurrentObject (hdc=0x230107d8, type=0x1) returned 0xb00017
[0205.345] GetCurrentObject (hdc=0x230107d8, type=0x2) returned 0x900010
[0205.345] GetCurrentObject (hdc=0x230107d8, type=0x7) returned 0x4a0507fe
[0205.345] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.345] SaveDC (hdc=0x230107d8) returned 2
[0205.345] GetNearestColor (hdc=0x230107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.345] CreateSolidBrush (color=0xf0f0f0) returned 0xff1007e1
[0205.345] FillRect (hDC=0x230107d8, lprc=0xd7da30, hbr=0xff1007e1) returned 1
[0205.345] DeleteObject (ho=0xff1007e1) returned 1
[0205.346] RestoreDC (hdc=0x230107d8, nSavedDC=-1) returned 1
[0205.346] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.346] GetSystemMetrics (nIndex=42) returned 0
[0205.346] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0205.346] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0205.346] GetCurrentObject (hdc=0x230107d8, type=0x1) returned 0xb00017
[0205.346] GetCurrentObject (hdc=0x230107d8, type=0x2) returned 0x900010
[0205.346] GetCurrentObject (hdc=0x230107d8, type=0x7) returned 0x4a0507fe
[0205.346] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.346] SaveDC (hdc=0x230107d8) returned 2
[0205.346] GetNearestColor (hdc=0x230107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.346] CreateSolidBrush (color=0xf0f0f0) returned 0x1007e1
[0205.346] FillRect (hDC=0x230107d8, lprc=0xd7d9d0, hbr=0x1007e1) returned 1
[0205.346] DeleteObject (ho=0x1007e1) returned 1
[0205.346] RestoreDC (hdc=0x230107d8, nSavedDC=-1) returned 1
[0205.346] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.346] GetSystemMetrics (nIndex=42) returned 0
[0205.346] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0205.347] RestoreDC (hdc=0x230107d8, nSavedDC=-1) returned 1
[0205.347] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d8) returned 0x0
[0205.347] IsAppThemed () returned 0x1
[0205.347] GetThemeAppProperties () returned 0x3
[0205.347] GetThemeAppProperties () returned 0x3
[0205.347] IsAppThemed () returned 0x1
[0205.347] GetThemeAppProperties () returned 0x3
[0205.347] GetThemeAppProperties () returned 0x3
[0205.347] IsThemePartDefined () returned 0x1
[0205.347] GdipCreateRegion (region=0xd7df50) returned 0x0
[0205.347] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0205.347] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0205.347] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0205.347] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df68) returned 0x0
[0205.347] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0205.347] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0205.347] LocalFree (hMem=0x11eea98) returned 0x0
[0205.347] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0205.347] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0205.348] LocalFree (hMem=0x11eea98) returned 0x0
[0205.348] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0205.348] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df90) returned 0x0
[0205.348] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df80) returned 0x0
[0205.348] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0205.348] GdipDeleteRegion (region=0x6645488) returned 0x0
[0205.348] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0205.348] GetCurrentObject (hdc=0x230107d8, type=0x1) returned 0xb00017
[0205.348] GetCurrentObject (hdc=0x230107d8, type=0x2) returned 0x900010
[0205.348] GetCurrentObject (hdc=0x230107d8, type=0x7) returned 0x4a0507fe
[0205.348] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.348] SaveDC (hdc=0x230107d8) returned 1
[0205.348] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xda0407de
[0205.348] GetClipRgn (hdc=0x230107d8, hrgn=0xda0407de) returned 0
[0205.348] SelectClipRgn (hdc=0x230107d8, hrgn=0x4f040807) returned 2
[0205.349] DeleteObject (ho=0xda0407de) returned 1
[0205.349] DeleteObject (ho=0x4f040807) returned 1
[0205.349] OffsetViewportOrgEx (in: hdc=0x230107d8, x=0, y=0, lppt=0x2e1b3a0 | out: lppt=0x2e1b3a0) returned 1
[0205.349] IsAppThemed () returned 0x1
[0205.349] GetThemeAppProperties () returned 0x3
[0205.349] GetThemeAppProperties () returned 0x3
[0205.349] DrawThemeBackground () returned 0x0
[0205.349] RestoreDC (hdc=0x230107d8, nSavedDC=-1) returned 1
[0205.349] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d8) returned 0x0
[0205.349] GdipCreateRegion (region=0xd7df54) returned 0x0
[0205.349] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0205.349] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0205.349] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0205.349] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df6c) returned 0x0
[0205.349] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.349] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0205.350] LocalFree (hMem=0x11ee788) returned 0x0
[0205.350] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0205.350] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0205.350] LocalFree (hMem=0x11eea98) returned 0x0
[0205.350] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0205.350] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df94) returned 0x0
[0205.350] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df84) returned 0x0
[0205.350] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0205.350] GdipDeleteRegion (region=0x6645638) returned 0x0
[0205.350] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0205.350] GetCurrentObject (hdc=0x230107d8, type=0x1) returned 0xb00017
[0205.350] GetCurrentObject (hdc=0x230107d8, type=0x2) returned 0x900010
[0205.350] GetCurrentObject (hdc=0x230107d8, type=0x7) returned 0x4a0507fe
[0205.350] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.350] SaveDC (hdc=0x230107d8) returned 1
[0205.350] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x50040807
[0205.350] GetClipRgn (hdc=0x230107d8, hrgn=0x50040807) returned 0
[0205.351] SelectClipRgn (hdc=0x230107d8, hrgn=0xdb0407de) returned 2
[0205.351] DeleteObject (ho=0x50040807) returned 1
[0205.351] DeleteObject (ho=0xdb0407de) returned 1
[0205.351] OffsetViewportOrgEx (in: hdc=0x230107d8, x=0, y=0, lppt=0x2e1b674 | out: lppt=0x2e1b674) returned 1
[0205.351] IsAppThemed () returned 0x1
[0205.351] GetThemeAppProperties () returned 0x3
[0205.351] GetThemeAppProperties () returned 0x3
[0205.351] GetThemeBackgroundContentRect () returned 0x0
[0205.351] RestoreDC (hdc=0x230107d8, nSavedDC=-1) returned 1
[0205.351] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d8) returned 0x0
[0205.351] IsAppThemed () returned 0x1
[0205.351] GetThemeAppProperties () returned 0x3
[0205.351] GetThemeAppProperties () returned 0x3
[0205.351] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0205.351] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0205.351] GetCurrentObject (hdc=0x230107d8, type=0x1) returned 0xb00017
[0205.351] GetCurrentObject (hdc=0x230107d8, type=0x2) returned 0x900010
[0205.352] GetCurrentObject (hdc=0x230107d8, type=0x7) returned 0x4a0507fe
[0205.352] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.352] SaveDC (hdc=0x230107d8) returned 1
[0205.352] GetTextAlign (hdc=0x230107d8) returned 0x0
[0205.352] GetTextColor (hdc=0x230107d8) returned 0x0
[0205.352] GetCurrentObject (hdc=0x230107d8, type=0x6) returned 0x8a01c2
[0205.352] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0205.352] SelectObject (hdc=0x230107d8, h=0x6d0a0520) returned 0x8a01c2
[0205.352] GetBkMode (hdc=0x230107d8) returned 2
[0205.352] SetBkMode (hdc=0x230107d8, mode=1) returned 2
[0205.352] DrawTextExW (in: hdc=0x230107d8, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e1ba14 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0205.353] DrawTextExW (in: hdc=0x230107d8, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e1ba14 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0205.353] RestoreDC (hdc=0x230107d8, nSavedDC=-1) returned 1
[0205.353] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d8) returned 0x0
[0205.353] GetFocus () returned 0x1702d8
[0205.353] IsAppThemed () returned 0x1
[0205.353] GetThemeAppProperties () returned 0x3
[0205.353] GetThemeAppProperties () returned 0x3
[0205.353] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0205.353] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x230107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.353] GdipReleaseDC (graphics=0x6600030, hdc=0x230107d8) returned 0x0
[0205.353] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.353] SelectObject (hdc=0x230107d8, h=0x85000f) returned 0x4a0507fe
[0205.353] DeleteDC (hdc=0x230107d8) returned 1
[0205.354] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.354] EndPaint (hWnd=0x1800ea, lpPaint=0xd7e24c) returned 1
[0205.354] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.354] IsWindowUnicode (hWnd=0x1502dc) returned 1
[0205.354] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.354] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.354] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.354] BeginPaint (in: hWnd=0x1502dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0205.354] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.354] CreateCompatibleDC (hdc=0xf0105ee) returned 0x250107d8
[0205.354] SelectObject (hdc=0x250107d8, h=0x4a0507fe) returned 0x85000f
[0205.354] GdipCreateFromHDC (hdc=0x250107d8, graphics=0xd7e268) returned 0x0
[0205.355] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.355] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0205.355] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0205.355] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0205.355] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0205.355] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.355] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0205.355] LocalFree (hMem=0x11ee788) returned 0x0
[0205.355] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0205.355] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0205.355] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0205.355] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0205.355] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0205.355] GdipRestoreGraphics (graphics=0x6600030, state=0xfa840dbd) returned 0x0
[0205.355] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0205.355] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0205.355] GetCurrentObject (hdc=0x250107d8, type=0x1) returned 0xb00017
[0205.355] GetCurrentObject (hdc=0x250107d8, type=0x2) returned 0x900010
[0205.355] GetCurrentObject (hdc=0x250107d8, type=0x7) returned 0x4a0507fe
[0205.355] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.355] SaveDC (hdc=0x250107d8) returned 1
[0205.355] GetNearestColor (hdc=0x250107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.356] GetNearestColor (hdc=0x250107d8, color=0xa0a0a0) returned 0xa0a0a0
[0205.356] GetNearestColor (hdc=0x250107d8, color=0x696969) returned 0x696969
[0205.356] GetNearestColor (hdc=0x250107d8, color=0xa0a0a0) returned 0xa0a0a0
[0205.356] GetNearestColor (hdc=0x250107d8, color=0x0) returned 0x0
[0205.356] GetNearestColor (hdc=0x250107d8, color=0xffffff) returned 0xffffff
[0205.356] GetNearestColor (hdc=0x250107d8, color=0xe5e5e5) returned 0xe5e5e5
[0205.356] GetNearestColor (hdc=0x250107d8, color=0xd7d7d7) returned 0xd7d7d7
[0205.356] GetNearestColor (hdc=0x250107d8, color=0x0) returned 0x0
[0205.356] RestoreDC (hdc=0x250107d8, nSavedDC=-1) returned 1
[0205.356] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d8) returned 0x0
[0205.356] IsAppThemed () returned 0x1
[0205.356] GetThemeAppProperties () returned 0x3
[0205.356] GetThemeAppProperties () returned 0x3
[0205.356] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0205.356] SendMessageW (hWnd=0xa02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0205.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0205.357] IsAppThemed () returned 0x1
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e1c224 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0205.357] IsAppThemed () returned 0x1
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] IsAppThemed () returned 0x1
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] GetFocus () returned 0x1702d8
[0205.357] IsAppThemed () returned 0x1
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] IsAppThemed () returned 0x1
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] GetThemeAppProperties () returned 0x3
[0205.357] IsThemePartDefined () returned 0x1
[0205.357] IsAppThemed () returned 0x1
[0205.358] GetThemeAppProperties () returned 0x3
[0205.358] GetThemeAppProperties () returned 0x3
[0205.358] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0205.358] IsAppThemed () returned 0x1
[0205.358] GetThemeAppProperties () returned 0x3
[0205.358] GetThemeAppProperties () returned 0x3
[0205.358] IsAppThemed () returned 0x1
[0205.358] GetThemeAppProperties () returned 0x3
[0205.358] GetThemeAppProperties () returned 0x3
[0205.358] IsThemePartDefined () returned 0x1
[0205.358] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0205.358] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0205.358] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0205.358] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0205.358] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0205.358] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0205.358] LocalFree (hMem=0x11eec58) returned 0x0
[0205.358] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.358] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0205.358] LocalFree (hMem=0x11ee788) returned 0x0
[0205.358] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0205.358] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e018) returned 0x0
[0205.358] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e008) returned 0x0
[0205.358] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0205.359] GdipDeleteRegion (region=0x6646058) returned 0x0
[0205.359] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0205.359] GetCurrentObject (hdc=0x250107d8, type=0x1) returned 0xb00017
[0205.359] GetCurrentObject (hdc=0x250107d8, type=0x2) returned 0x900010
[0205.359] GetCurrentObject (hdc=0x250107d8, type=0x7) returned 0x4a0507fe
[0205.359] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.359] SaveDC (hdc=0x250107d8) returned 1
[0205.359] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdc0407de
[0205.359] GetClipRgn (hdc=0x250107d8, hrgn=0xdc0407de) returned 0
[0205.359] SelectClipRgn (hdc=0x250107d8, hrgn=0x54040807) returned 2
[0205.359] DeleteObject (ho=0xdc0407de) returned 1
[0205.359] DeleteObject (ho=0x54040807) returned 1
[0205.359] OffsetViewportOrgEx (in: hdc=0x250107d8, x=0, y=0, lppt=0x2e1c8d4 | out: lppt=0x2e1c8d4) returned 1
[0205.359] DrawThemeParentBackground () returned 0x0
[0205.359] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0205.359] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0205.359] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.360] GetSystemMetrics (nIndex=42) returned 0
[0205.360] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0205.360] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0205.360] GetCurrentObject (hdc=0x250107d8, type=0x1) returned 0xb00017
[0205.360] GetCurrentObject (hdc=0x250107d8, type=0x2) returned 0x900010
[0205.360] GetCurrentObject (hdc=0x250107d8, type=0x7) returned 0x4a0507fe
[0205.360] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.360] SaveDC (hdc=0x250107d8) returned 2
[0205.360] GetNearestColor (hdc=0x250107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.360] CreateSolidBrush (color=0xf0f0f0) returned 0x11007e1
[0205.360] FillRect (hDC=0x250107d8, lprc=0xd7da38, hbr=0x11007e1) returned 1
[0205.360] DeleteObject (ho=0x11007e1) returned 1
[0205.360] RestoreDC (hdc=0x250107d8, nSavedDC=-1) returned 1
[0205.360] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.360] GetSystemMetrics (nIndex=42) returned 0
[0205.360] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0205.361] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0205.361] GetCurrentObject (hdc=0x250107d8, type=0x1) returned 0xb00017
[0205.361] GetCurrentObject (hdc=0x250107d8, type=0x2) returned 0x900010
[0205.361] GetCurrentObject (hdc=0x250107d8, type=0x7) returned 0x4a0507fe
[0205.361] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.361] SaveDC (hdc=0x250107d8) returned 2
[0205.361] GetNearestColor (hdc=0x250107d8, color=0xf0f0f0) returned 0xf0f0f0
[0205.361] CreateSolidBrush (color=0xf0f0f0) returned 0x21007e1
[0205.361] FillRect (hDC=0x250107d8, lprc=0xd7d9d8, hbr=0x21007e1) returned 1
[0205.361] DeleteObject (ho=0x21007e1) returned 1
[0205.361] RestoreDC (hdc=0x250107d8, nSavedDC=-1) returned 1
[0205.361] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.361] GetSystemMetrics (nIndex=42) returned 0
[0205.361] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0205.361] RestoreDC (hdc=0x250107d8, nSavedDC=-1) returned 1
[0205.361] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d8) returned 0x0
[0205.362] IsAppThemed () returned 0x1
[0205.362] GetThemeAppProperties () returned 0x3
[0205.362] GetThemeAppProperties () returned 0x3
[0205.362] IsAppThemed () returned 0x1
[0205.362] GetThemeAppProperties () returned 0x3
[0205.362] GetThemeAppProperties () returned 0x3
[0205.362] IsThemePartDefined () returned 0x1
[0205.362] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0205.362] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0205.362] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0205.362] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0205.362] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df74) returned 0x0
[0205.362] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.362] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0205.362] LocalFree (hMem=0x11ee788) returned 0x0
[0205.362] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.362] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0205.362] LocalFree (hMem=0x11eec58) returned 0x0
[0205.362] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0205.362] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0205.362] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0205.362] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0205.362] GdipDeleteRegion (region=0x6646058) returned 0x0
[0205.362] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0205.362] GetCurrentObject (hdc=0x250107d8, type=0x1) returned 0xb00017
[0205.363] GetCurrentObject (hdc=0x250107d8, type=0x2) returned 0x900010
[0205.363] GetCurrentObject (hdc=0x250107d8, type=0x7) returned 0x4a0507fe
[0205.363] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.363] SaveDC (hdc=0x250107d8) returned 1
[0205.363] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0205.363] GetClipRgn (hdc=0x250107d8, hrgn=0x55040807) returned 0
[0205.363] SelectClipRgn (hdc=0x250107d8, hrgn=0xde0407de) returned 2
[0205.363] DeleteObject (ho=0x55040807) returned 1
[0205.363] DeleteObject (ho=0xde0407de) returned 1
[0205.363] OffsetViewportOrgEx (in: hdc=0x250107d8, x=0, y=0, lppt=0x2e1d180 | out: lppt=0x2e1d180) returned 1
[0205.363] IsAppThemed () returned 0x1
[0205.363] GetThemeAppProperties () returned 0x3
[0205.363] GetThemeAppProperties () returned 0x3
[0205.363] DrawThemeBackground () returned 0x0
[0205.363] RestoreDC (hdc=0x250107d8, nSavedDC=-1) returned 1
[0205.363] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d8) returned 0x0
[0205.363] GdipCreateRegion (region=0xd7df60) returned 0x0
[0205.363] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0205.363] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0205.363] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0205.364] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df78) returned 0x0
[0205.364] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0205.364] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0205.364] LocalFree (hMem=0x11eecc8) returned 0x0
[0205.364] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.364] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0205.364] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.364] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0205.364] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0205.364] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df90) returned 0x0
[0205.364] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0205.364] GdipDeleteRegion (region=0x6645128) returned 0x0
[0205.364] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0205.364] GetCurrentObject (hdc=0x250107d8, type=0x1) returned 0xb00017
[0205.364] GetCurrentObject (hdc=0x250107d8, type=0x2) returned 0x900010
[0205.364] GetCurrentObject (hdc=0x250107d8, type=0x7) returned 0x4a0507fe
[0205.364] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.364] SaveDC (hdc=0x250107d8) returned 1
[0205.364] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdf0407de
[0205.364] GetClipRgn (hdc=0x250107d8, hrgn=0xdf0407de) returned 0
[0205.364] SelectClipRgn (hdc=0x250107d8, hrgn=0x56040807) returned 2
[0205.364] DeleteObject (ho=0xdf0407de) returned 1
[0205.364] DeleteObject (ho=0x56040807) returned 1
[0205.365] OffsetViewportOrgEx (in: hdc=0x250107d8, x=0, y=0, lppt=0x2e1d454 | out: lppt=0x2e1d454) returned 1
[0205.365] IsAppThemed () returned 0x1
[0205.365] GetThemeAppProperties () returned 0x3
[0205.365] GetThemeAppProperties () returned 0x3
[0205.365] GetThemeBackgroundContentRect () returned 0x0
[0205.365] RestoreDC (hdc=0x250107d8, nSavedDC=-1) returned 1
[0205.365] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d8) returned 0x0
[0205.365] IsAppThemed () returned 0x1
[0205.365] GetThemeAppProperties () returned 0x3
[0205.365] GetThemeAppProperties () returned 0x3
[0205.365] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0205.365] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0205.365] GetCurrentObject (hdc=0x250107d8, type=0x1) returned 0xb00017
[0205.365] GetCurrentObject (hdc=0x250107d8, type=0x2) returned 0x900010
[0205.365] GetCurrentObject (hdc=0x250107d8, type=0x7) returned 0x4a0507fe
[0205.365] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.365] SaveDC (hdc=0x250107d8) returned 1
[0205.365] GetTextAlign (hdc=0x250107d8) returned 0x0
[0205.365] GetTextColor (hdc=0x250107d8) returned 0x0
[0205.365] GetCurrentObject (hdc=0x250107d8, type=0x6) returned 0x8a01c2
[0205.365] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0205.366] SelectObject (hdc=0x250107d8, h=0x6d0a0520) returned 0x8a01c2
[0205.366] GetBkMode (hdc=0x250107d8) returned 2
[0205.366] SetBkMode (hdc=0x250107d8, mode=1) returned 2
[0205.366] DrawTextExW (in: hdc=0x250107d8, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e1d7f4 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0205.366] DrawTextExW (in: hdc=0x250107d8, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e1d7f4 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0205.366] RestoreDC (hdc=0x250107d8, nSavedDC=-1) returned 1
[0205.366] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d8) returned 0x0
[0205.366] GetFocus () returned 0x1702d8
[0205.366] IsAppThemed () returned 0x1
[0205.367] GetThemeAppProperties () returned 0x3
[0205.367] GetThemeAppProperties () returned 0x3
[0205.367] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0205.367] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x250107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.367] GdipReleaseDC (graphics=0x6600030, hdc=0x250107d8) returned 0x0
[0205.367] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.367] SelectObject (hdc=0x250107d8, h=0x85000f) returned 0x4a0507fe
[0205.367] DeleteDC (hdc=0x250107d8) returned 1
[0205.367] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.367] EndPaint (hWnd=0x1502dc, lpPaint=0xd7e24c) returned 1
[0205.367] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.367] IsWindowUnicode (hWnd=0x602c4) returned 1
[0205.367] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.368] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.368] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.368] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0205.368] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.368] CreateCompatibleDC (hdc=0x60100ce) returned 0x270107d8
[0205.368] SelectObject (hdc=0x270107d8, h=0x4a0507fe) returned 0x85000f
[0205.368] GdipCreateFromHDC (hdc=0x270107d8, graphics=0xd7e268) returned 0x0
[0205.368] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.368] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0205.368] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0205.368] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0205.368] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0205.368] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0205.368] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea28) returned 0x0
[0205.369] LocalFree (hMem=0x11eea28) returned 0x0
[0205.369] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0205.369] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0205.369] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0205.369] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0205.369] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0205.369] GdipRestoreGraphics (graphics=0x6600030, state=0xfa820dbd) returned 0x0
[0205.369] GdipDeleteRegion (region=0x6645368) returned 0x0
[0205.369] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0205.369] GetCurrentObject (hdc=0x270107d8, type=0x1) returned 0xb00017
[0205.369] GetCurrentObject (hdc=0x270107d8, type=0x2) returned 0x900010
[0205.369] GetCurrentObject (hdc=0x270107d8, type=0x7) returned 0x4a0507fe
[0205.369] GetCurrentObject (hdc=0x270107d8, type=0x6) returned 0x8a01c2
[0205.369] SaveDC (hdc=0x270107d8) returned 1
[0205.369] GetNearestColor (hdc=0x270107d8, color=0xff) returned 0xff
[0205.369] GetNearestColor (hdc=0x270107d8, color=0x55) returned 0x55
[0205.369] GetNearestColor (hdc=0x270107d8, color=0x0) returned 0x0
[0205.369] GetNearestColor (hdc=0x270107d8, color=0x55) returned 0x55
[0205.369] GetNearestColor (hdc=0x270107d8, color=0x0) returned 0x0
[0205.369] GetNearestColor (hdc=0x270107d8, color=0x8080ff) returned 0x8080ff
[0205.370] GetNearestColor (hdc=0x270107d8, color=0x7373e5) returned 0x7373e5
[0205.370] GetNearestColor (hdc=0x270107d8, color=0xe5) returned 0xe5
[0205.370] GetNearestColor (hdc=0x270107d8, color=0x0) returned 0x0
[0205.370] RestoreDC (hdc=0x270107d8, nSavedDC=-1) returned 1
[0205.370] GdipReleaseDC (graphics=0x6600030, hdc=0x270107d8) returned 0x0
[0205.370] IsAppThemed () returned 0x1
[0205.370] GetThemeAppProperties () returned 0x3
[0205.370] GetThemeAppProperties () returned 0x3
[0205.370] IsAppThemed () returned 0x1
[0205.370] GetThemeAppProperties () returned 0x3
[0205.370] GetThemeAppProperties () returned 0x3
[0205.370] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e1dfbc | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0205.370] IsAppThemed () returned 0x1
[0205.370] GetThemeAppProperties () returned 0x3
[0205.370] GetThemeAppProperties () returned 0x3
[0205.370] IsAppThemed () returned 0x1
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] GetFocus () returned 0x1702d8
[0205.371] IsAppThemed () returned 0x1
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] IsAppThemed () returned 0x1
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] IsThemePartDefined () returned 0x1
[0205.371] IsAppThemed () returned 0x1
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0205.371] IsAppThemed () returned 0x1
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] IsAppThemed () returned 0x1
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] GetThemeAppProperties () returned 0x3
[0205.371] IsThemePartDefined () returned 0x1
[0205.371] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0205.371] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0205.371] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0205.371] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0205.372] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0205.372] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.372] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0205.372] LocalFree (hMem=0x11eec58) returned 0x0
[0205.372] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.372] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0205.375] LocalFree (hMem=0x11eec58) returned 0x0
[0205.375] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0205.375] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0205.375] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0205.375] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0205.376] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0205.376] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0205.376] GetCurrentObject (hdc=0x270107d8, type=0x1) returned 0xb00017
[0205.376] GetCurrentObject (hdc=0x270107d8, type=0x2) returned 0x900010
[0205.376] GetCurrentObject (hdc=0x270107d8, type=0x7) returned 0x4a0507fe
[0205.376] GetCurrentObject (hdc=0x270107d8, type=0x6) returned 0x8a01c2
[0205.376] SaveDC (hdc=0x270107d8) returned 1
[0205.376] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x57040807
[0205.376] GetClipRgn (hdc=0x270107d8, hrgn=0x57040807) returned 0
[0205.376] SelectClipRgn (hdc=0x270107d8, hrgn=0xe30407de) returned 2
[0205.376] DeleteObject (ho=0x57040807) returned 1
[0205.376] DeleteObject (ho=0xe30407de) returned 1
[0205.376] OffsetViewportOrgEx (in: hdc=0x270107d8, x=0, y=0, lppt=0x2e1e66c | out: lppt=0x2e1e66c) returned 1
[0205.376] DrawThemeParentBackground () returned 0x0
[0205.376] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0205.376] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0205.376] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.377] GetSystemMetrics (nIndex=42) returned 0
[0205.377] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0205.377] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0205.377] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0205.377] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0205.377] SelectPalette (hdc=0x270107d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.377] GdipCreateFromHDC (hdc=0x270107d8, graphics=0xd7dac8) returned 0x0
[0205.377] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0205.377] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0205.377] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638d28) returned 0x0
[0205.377] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7daa0) returned 0x0
[0205.377] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0205.377] GdipCreateRegion (region=0xd7da88) returned 0x0
[0205.377] GdipGetClip (graphics=0x6632538, region=0x6645908) returned 0x0
[0205.377] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6632538, result=0xd7da94) returned 0x0
[0205.377] GdipDeleteRegion (region=0x6645908) returned 0x0
[0205.377] GdipSaveGraphics (graphics=0x6632538, state=0xd7dac0) returned 0x0
[0205.377] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0205.383] GdipFillRectangleI (graphics=0x6632538, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0205.383] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0205.384] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0205.384] SelectPalette (hdc=0x270107d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.384] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.384] GetSystemMetrics (nIndex=42) returned 0
[0205.384] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0205.384] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0205.385] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0205.385] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0205.385] SelectPalette (hdc=0x270107d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.385] GdipCreateFromHDC (hdc=0x270107d8, graphics=0xd7da68) returned 0x0
[0205.385] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0205.385] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0205.385] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638a28) returned 0x0
[0205.385] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7da40) returned 0x0
[0205.385] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0205.385] GdipCreateRegion (region=0xd7da28) returned 0x0
[0205.385] GdipGetClip (graphics=0x6632538, region=0x6645c68) returned 0x0
[0205.385] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6632538, result=0xd7da34) returned 0x0
[0205.385] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0205.385] GdipSaveGraphics (graphics=0x6632538, state=0xd7da60) returned 0x0
[0205.385] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0205.412] GdipFillRectangleI (graphics=0x6632538, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0205.412] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0205.413] GdipRestoreGraphics (graphics=0x6632538, state=0xfa7e0dbd) returned 0x0
[0205.413] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.414] GetSystemMetrics (nIndex=42) returned 0
[0205.414] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0205.414] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0205.414] SelectPalette (hdc=0x270107d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.414] RestoreDC (hdc=0x270107d8, nSavedDC=-1) returned 1
[0205.414] GdipReleaseDC (graphics=0x6600030, hdc=0x270107d8) returned 0x0
[0205.414] IsAppThemed () returned 0x1
[0205.414] GetThemeAppProperties () returned 0x3
[0205.414] GetThemeAppProperties () returned 0x3
[0205.414] IsAppThemed () returned 0x1
[0205.414] GetThemeAppProperties () returned 0x3
[0205.414] GetThemeAppProperties () returned 0x3
[0205.414] IsThemePartDefined () returned 0x1
[0205.414] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0205.414] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0205.414] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0205.414] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0205.414] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df74) returned 0x0
[0205.415] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.415] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0205.415] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.415] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.415] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0205.415] LocalFree (hMem=0x11eec58) returned 0x0
[0205.415] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0205.415] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0205.415] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0205.415] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0205.415] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0205.415] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0205.415] GetCurrentObject (hdc=0x270107d8, type=0x1) returned 0xb00017
[0205.415] GetCurrentObject (hdc=0x270107d8, type=0x2) returned 0x900010
[0205.415] GetCurrentObject (hdc=0x270107d8, type=0x7) returned 0x4a0507fe
[0205.415] GetCurrentObject (hdc=0x270107d8, type=0x6) returned 0x8a01c2
[0205.415] SaveDC (hdc=0x270107d8) returned 1
[0205.415] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe40407de
[0205.415] GetClipRgn (hdc=0x270107d8, hrgn=0xe40407de) returned 0
[0205.415] SelectClipRgn (hdc=0x270107d8, hrgn=0x59040807) returned 2
[0205.415] DeleteObject (ho=0xe40407de) returned 1
[0205.416] DeleteObject (ho=0x59040807) returned 1
[0205.416] OffsetViewportOrgEx (in: hdc=0x270107d8, x=0, y=0, lppt=0x2e24ebc | out: lppt=0x2e24ebc) returned 1
[0205.416] IsAppThemed () returned 0x1
[0205.416] GetThemeAppProperties () returned 0x3
[0205.416] GetThemeAppProperties () returned 0x3
[0205.416] DrawThemeBackground () returned 0x0
[0205.416] RestoreDC (hdc=0x270107d8, nSavedDC=-1) returned 1
[0205.416] GdipReleaseDC (graphics=0x6600030, hdc=0x270107d8) returned 0x0
[0205.416] GdipCreateRegion (region=0xd7df60) returned 0x0
[0205.416] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0205.416] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0205.416] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0205.416] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0205.416] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0205.416] LocalFree (hMem=0x11ee788) returned 0x0
[0205.417] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0205.417] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.417] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0205.417] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0205.417] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0205.417] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0205.417] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0205.417] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0205.417] GetCurrentObject (hdc=0x270107d8, type=0x1) returned 0xb00017
[0205.417] GetCurrentObject (hdc=0x270107d8, type=0x2) returned 0x900010
[0205.417] GetCurrentObject (hdc=0x270107d8, type=0x7) returned 0x4a0507fe
[0205.417] GetCurrentObject (hdc=0x270107d8, type=0x6) returned 0x8a01c2
[0205.417] SaveDC (hdc=0x270107d8) returned 1
[0205.417] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a040807
[0205.417] GetClipRgn (hdc=0x270107d8, hrgn=0x5a040807) returned 0
[0205.417] SelectClipRgn (hdc=0x270107d8, hrgn=0xe50407de) returned 2
[0205.417] DeleteObject (ho=0x5a040807) returned 1
[0205.417] DeleteObject (ho=0xe50407de) returned 1
[0205.417] OffsetViewportOrgEx (in: hdc=0x270107d8, x=0, y=0, lppt=0x2e25190 | out: lppt=0x2e25190) returned 1
[0205.417] IsAppThemed () returned 0x1
[0205.417] GetThemeAppProperties () returned 0x3
[0205.417] GetThemeAppProperties () returned 0x3
[0205.417] GetThemeBackgroundContentRect () returned 0x0
[0205.417] RestoreDC (hdc=0x270107d8, nSavedDC=-1) returned 1
[0205.417] GdipReleaseDC (graphics=0x6600030, hdc=0x270107d8) returned 0x0
[0205.417] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0205.418] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0205.418] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0205.418] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0205.418] IsAppThemed () returned 0x1
[0205.418] GetThemeAppProperties () returned 0x3
[0205.418] GetThemeAppProperties () returned 0x3
[0205.418] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0205.418] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0205.418] GetCurrentObject (hdc=0x270107d8, type=0x1) returned 0xb00017
[0205.418] GetCurrentObject (hdc=0x270107d8, type=0x2) returned 0x900010
[0205.418] GetCurrentObject (hdc=0x270107d8, type=0x7) returned 0x4a0507fe
[0205.418] GetCurrentObject (hdc=0x270107d8, type=0x6) returned 0x8a01c2
[0205.418] SaveDC (hdc=0x270107d8) returned 1
[0205.418] GetTextAlign (hdc=0x270107d8) returned 0x0
[0205.418] GetTextColor (hdc=0x270107d8) returned 0x0
[0205.418] GetCurrentObject (hdc=0x270107d8, type=0x6) returned 0x8a01c2
[0205.418] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0205.418] SelectObject (hdc=0x270107d8, h=0x6d0a0520) returned 0x8a01c2
[0205.418] GetBkMode (hdc=0x270107d8) returned 2
[0205.418] SetBkMode (hdc=0x270107d8, mode=1) returned 2
[0205.418] DrawTextExW (in: hdc=0x270107d8, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e25554 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0205.423] DrawTextExW (in: hdc=0x270107d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e25554 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0205.424] RestoreDC (hdc=0x270107d8, nSavedDC=-1) returned 1
[0205.424] GdipReleaseDC (graphics=0x6600030, hdc=0x270107d8) returned 0x0
[0205.424] GetFocus () returned 0x1702d8
[0205.424] IsAppThemed () returned 0x1
[0205.424] GetThemeAppProperties () returned 0x3
[0205.424] GetThemeAppProperties () returned 0x3
[0205.424] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0205.424] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x270107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.424] GdipReleaseDC (graphics=0x6600030, hdc=0x270107d8) returned 0x0
[0205.424] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.424] SelectObject (hdc=0x270107d8, h=0x85000f) returned 0x4a0507fe
[0205.424] DeleteDC (hdc=0x270107d8) returned 1
[0205.424] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.424] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0205.425] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.425] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.425] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.425] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.425] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.426] IsWindowUnicode (hWnd=0x1800ea) returned 1
[0205.426] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.426] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.426] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.426] IsWindowUnicode (hWnd=0x1800ea) returned 1
[0205.426] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.426] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.426] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.426] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x2a1, wParam=0x0, lParam=0xa0038) returned 0x0
[0205.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.426] WaitMessage () returned 1
[0205.427] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.427] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.427] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.427] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.427] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.428] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.428] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.428] WaitMessage () returned 1
[0205.429] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.429] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.429] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.429] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.429] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.430] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.430] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.430] WaitMessage () returned 1
[0205.430] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.430] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.430] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.430] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.430] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.431] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.432] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.432] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.432] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.432] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.432] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.432] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.432] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.432] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.432] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.432] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.433] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.433] WaitMessage () returned 1
[0205.433] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.433] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.433] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.433] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.433] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.434] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.438] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.438] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.438] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.438] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.438] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.438] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.438] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.438] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.438] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.438] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.439] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.439] WaitMessage () returned 1
[0205.441] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.441] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.441] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.441] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.441] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.442] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.443] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.443] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.443] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.443] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.443] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.443] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.443] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.443] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.443] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.443] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.443] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.444] WaitMessage () returned 1
[0205.444] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.444] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.444] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.444] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.444] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.445] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.445] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.445] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.446] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.446] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.446] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.446] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.446] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.446] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.446] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.446] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.446] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0205.446] WaitMessage () returned 1
[0205.539] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.539] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.540] IsWindowUnicode (hWnd=0x1800ea) returned 1
[0205.540] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.540] GetDlgItem (hDlg=0xa02d0, nIDDlgItem=0) returned 0x0
[0205.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x210, wParam=0x201, lParam=0x680119) returned 0x0
[0205.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x21, wParam=0xa02d0, lParam=0x2010001) returned 0x1
[0205.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x21, wParam=0xa02d0, lParam=0x2010001) returned 0x1
[0205.540] SetCursor (hCursor=0x10003) returned 0x10003
[0205.540] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.540] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.540] GetKeyState (nVirtKey=1) returned -127
[0205.541] GetKeyState (nVirtKey=2) returned 0
[0205.541] GetKeyState (nVirtKey=4) returned 0
[0205.541] GetKeyState (nVirtKey=5) returned 0
[0205.541] GetKeyState (nVirtKey=6) returned 0
[0205.541] IsWindowVisible (hWnd=0x1800ea) returned 1
[0205.541] IsWindowEnabled (hWnd=0x1800ea) returned 1
[0205.541] SetFocus (hWnd=0x1800ea) returned 0x1702d8
[0205.541] GetFocus () returned 0x1800ea
[0205.541] IsChild (hWndParent=0xa02d0, hWnd=0x1800ea) returned 1
[0205.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x8, wParam=0x1800ea, lParam=0x0) returned 0x0
[0205.541] GetCapture () returned 0x0
[0205.541] InvalidateRect (hWnd=0x1702d8, lpRect=0x0, bErase=0) returned 1
[0205.542] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0205.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0205.546] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.546] InvalidateRect (hWnd=0x1702d8, lpRect=0x0, bErase=0) returned 1
[0205.546] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x7, wParam=0x1702d8, lParam=0x0) returned 0x0
[0205.546] GetStockObject (i=5) returned 0x900015
[0205.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0205.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0205.546] GetDlgItem (hDlg=0xa02d0, nIDDlgItem=1573098) returned 0x1800ea
[0205.547] SendMessageW (hWnd=0x1800ea, Msg=0x202b, wParam=0x1800ea, lParam=0xd7dddc) returned 0x0
[0205.547] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x202b, wParam=0x1800ea, lParam=0xd7dddc) returned 0x0
[0205.547] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.548] GetFocus () returned 0x1800ea
[0205.548] GetFocus () returned 0x1800ea
[0205.548] GetFocus () returned 0x1800ea
[0205.548] GetKeyState (nVirtKey=1) returned -127
[0205.548] GetKeyState (nVirtKey=2) returned 0
[0205.548] GetKeyState (nVirtKey=4) returned 0
[0205.548] GetKeyState (nVirtKey=5) returned 0
[0205.548] GetKeyState (nVirtKey=6) returned 0
[0205.548] GetCapture () returned 0x0
[0205.548] SetCapture (hWnd=0x1800ea) returned 0x0
[0205.549] GetKeyState (nVirtKey=1) returned -127
[0205.549] GetKeyState (nVirtKey=2) returned 0
[0205.549] GetKeyState (nVirtKey=4) returned 0
[0205.549] GetKeyState (nVirtKey=5) returned 0
[0205.549] GetKeyState (nVirtKey=6) returned 0
[0205.549] NotifyWinEvent (event=0x800a, hwnd=0x1800ea, idObject=-4, idChild=0)
[0205.549] InvalidateRect (hWnd=0x1800ea, lpRect=0xd7e430, bErase=0) returned 1
[0205.549] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.549] IsWindowUnicode (hWnd=0x1800ea) returned 1
[0205.549] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.549] TranslateMessage (lpMsg=0xd7e808) returned 0
[0205.549] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0205.549] MapWindowPoints (in: hWndFrom=0x1800ea, hWndTo=0x0, lpPoints=0x2e25840, cPoints=0x1 | out: lpPoints=0x2e25840) returned 30999254
[0205.549] NotifyWinEvent (event=0x800a, hwnd=0x1800ea, idObject=-4, idChild=0)
[0205.549] InvalidateRect (hWnd=0x1800ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0205.549] UpdateWindow (hWnd=0x1800ea) returned 1
[0205.549] BeginPaint (in: hWnd=0x1800ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0205.549] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.550] CreateCompatibleDC (hdc=0x107b9) returned 0x600107a2
[0205.550] SelectObject (hdc=0x600107a2, h=0x4a0507fe) returned 0x85000f
[0205.550] GdipCreateFromHDC (hdc=0x600107a2, graphics=0xd7df00) returned 0x0
[0205.550] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.550] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0205.550] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0205.550] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0205.550] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df60) returned 0x0
[0205.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0205.550] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0205.550] LocalFree (hMem=0x11ee868) returned 0x0
[0205.550] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0205.550] GdipCreateRegion (region=0xd7df48) returned 0x0
[0205.550] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0205.550] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0205.550] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0205.551] GdipRestoreGraphics (graphics=0x6600030, state=0xfa7c0dbd) returned 0x0
[0205.551] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0205.551] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0205.551] GetCurrentObject (hdc=0x600107a2, type=0x1) returned 0xb00017
[0205.551] GetCurrentObject (hdc=0x600107a2, type=0x2) returned 0x900010
[0205.551] GetCurrentObject (hdc=0x600107a2, type=0x7) returned 0x4a0507fe
[0205.551] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.551] SaveDC (hdc=0x600107a2) returned 1
[0205.551] GetNearestColor (hdc=0x600107a2, color=0xf0f0f0) returned 0xf0f0f0
[0205.551] GetNearestColor (hdc=0x600107a2, color=0xa0a0a0) returned 0xa0a0a0
[0205.551] GetNearestColor (hdc=0x600107a2, color=0x696969) returned 0x696969
[0205.551] GetNearestColor (hdc=0x600107a2, color=0xa0a0a0) returned 0xa0a0a0
[0205.551] GetNearestColor (hdc=0x600107a2, color=0x0) returned 0x0
[0205.551] GetNearestColor (hdc=0x600107a2, color=0xffffff) returned 0xffffff
[0205.552] GetNearestColor (hdc=0x600107a2, color=0xe5e5e5) returned 0xe5e5e5
[0205.552] GetNearestColor (hdc=0x600107a2, color=0xd7d7d7) returned 0xd7d7d7
[0205.552] GetNearestColor (hdc=0x600107a2, color=0x0) returned 0x0
[0205.552] RestoreDC (hdc=0x600107a2, nSavedDC=-1) returned 1
[0205.552] GdipReleaseDC (graphics=0x6600030, hdc=0x600107a2) returned 0x0
[0205.552] IsAppThemed () returned 0x1
[0205.552] GetThemeAppProperties () returned 0x3
[0205.552] GetThemeAppProperties () returned 0x3
[0205.552] IsAppThemed () returned 0x1
[0205.552] GetThemeAppProperties () returned 0x3
[0205.552] GetThemeAppProperties () returned 0x3
[0205.552] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e25f98 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0205.552] IsAppThemed () returned 0x1
[0205.552] GetThemeAppProperties () returned 0x3
[0205.552] GetThemeAppProperties () returned 0x3
[0205.553] IsAppThemed () returned 0x1
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] IsAppThemed () returned 0x1
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] IsAppThemed () returned 0x1
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] IsThemePartDefined () returned 0x1
[0205.553] IsAppThemed () returned 0x1
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0205.553] IsAppThemed () returned 0x1
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] IsAppThemed () returned 0x1
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] GetThemeAppProperties () returned 0x3
[0205.553] IsThemePartDefined () returned 0x1
[0205.553] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0205.554] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0205.554] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0205.554] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0205.554] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc7c) returned 0x0
[0205.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.554] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0205.554] LocalFree (hMem=0x11ee788) returned 0x0
[0205.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.554] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0205.554] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.554] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0205.554] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0205.554] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0205.554] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0205.554] GdipDeleteRegion (region=0x6645248) returned 0x0
[0205.554] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0205.554] GetCurrentObject (hdc=0x600107a2, type=0x1) returned 0xb00017
[0205.554] GetCurrentObject (hdc=0x600107a2, type=0x2) returned 0x900010
[0205.555] GetCurrentObject (hdc=0x600107a2, type=0x7) returned 0x4a0507fe
[0205.555] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.555] SaveDC (hdc=0x600107a2) returned 1
[0205.555] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe60407de
[0205.555] GetClipRgn (hdc=0x600107a2, hrgn=0xe60407de) returned 0
[0205.555] SelectClipRgn (hdc=0x600107a2, hrgn=0x5e040807) returned 2
[0205.555] DeleteObject (ho=0xe60407de) returned 1
[0205.555] DeleteObject (ho=0x5e040807) returned 1
[0205.555] OffsetViewportOrgEx (in: hdc=0x600107a2, x=0, y=0, lppt=0x2e26648 | out: lppt=0x2e26648) returned 1
[0205.555] DrawThemeParentBackground () returned 0x0
[0205.555] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0205.555] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0205.555] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.556] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.556] GetSystemMetrics (nIndex=42) returned 0
[0205.556] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.556] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0205.556] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0205.556] GetCurrentObject (hdc=0x600107a2, type=0x1) returned 0xb00017
[0205.556] GetCurrentObject (hdc=0x600107a2, type=0x2) returned 0x900010
[0205.556] GetCurrentObject (hdc=0x600107a2, type=0x7) returned 0x4a0507fe
[0205.556] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.556] SaveDC (hdc=0x600107a2) returned 2
[0205.556] GetNearestColor (hdc=0x600107a2, color=0xf0f0f0) returned 0xf0f0f0
[0205.556] CreateSolidBrush (color=0xf0f0f0) returned 0x31007e1
[0205.556] FillRect (hDC=0x600107a2, lprc=0xd7d6c8, hbr=0x31007e1) returned 1
[0205.556] DeleteObject (ho=0x31007e1) returned 1
[0205.556] RestoreDC (hdc=0x600107a2, nSavedDC=-1) returned 1
[0205.557] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.557] GetSystemMetrics (nIndex=42) returned 0
[0205.557] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0205.557] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0205.557] GetCurrentObject (hdc=0x600107a2, type=0x1) returned 0xb00017
[0205.557] GetCurrentObject (hdc=0x600107a2, type=0x2) returned 0x900010
[0205.557] GetCurrentObject (hdc=0x600107a2, type=0x7) returned 0x4a0507fe
[0205.557] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.557] SaveDC (hdc=0x600107a2) returned 2
[0205.557] GetNearestColor (hdc=0x600107a2, color=0xf0f0f0) returned 0xf0f0f0
[0205.557] CreateSolidBrush (color=0xf0f0f0) returned 0x41007e1
[0205.557] FillRect (hDC=0x600107a2, lprc=0xd7d668, hbr=0x41007e1) returned 1
[0205.557] DeleteObject (ho=0x41007e1) returned 1
[0205.557] RestoreDC (hdc=0x600107a2, nSavedDC=-1) returned 1
[0205.557] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.558] GetSystemMetrics (nIndex=42) returned 0
[0205.558] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0205.558] RestoreDC (hdc=0x600107a2, nSavedDC=-1) returned 1
[0205.558] GdipReleaseDC (graphics=0x6600030, hdc=0x600107a2) returned 0x0
[0205.558] IsAppThemed () returned 0x1
[0205.558] GetThemeAppProperties () returned 0x3
[0205.558] GetThemeAppProperties () returned 0x3
[0205.558] IsAppThemed () returned 0x1
[0205.558] GetThemeAppProperties () returned 0x3
[0205.558] GetThemeAppProperties () returned 0x3
[0205.558] IsThemePartDefined () returned 0x1
[0205.558] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0205.558] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0205.558] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0205.558] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0205.559] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0205.559] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.559] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0205.559] LocalFree (hMem=0x11ee788) returned 0x0
[0205.559] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0205.559] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0205.559] LocalFree (hMem=0x11ee910) returned 0x0
[0205.559] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0205.559] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0205.559] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0205.559] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0205.559] GdipDeleteRegion (region=0x6645098) returned 0x0
[0205.559] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0205.559] GetCurrentObject (hdc=0x600107a2, type=0x1) returned 0xb00017
[0205.559] GetCurrentObject (hdc=0x600107a2, type=0x2) returned 0x900010
[0205.559] GetCurrentObject (hdc=0x600107a2, type=0x7) returned 0x4a0507fe
[0205.564] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.564] SaveDC (hdc=0x600107a2) returned 1
[0205.564] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0205.564] GetClipRgn (hdc=0x600107a2, hrgn=0x5f040807) returned 0
[0205.564] SelectClipRgn (hdc=0x600107a2, hrgn=0xe80407de) returned 2
[0205.564] DeleteObject (ho=0x5f040807) returned 1
[0205.564] DeleteObject (ho=0xe80407de) returned 1
[0205.564] OffsetViewportOrgEx (in: hdc=0x600107a2, x=0, y=0, lppt=0x2e26ef4 | out: lppt=0x2e26ef4) returned 1
[0205.564] IsAppThemed () returned 0x1
[0205.564] GetThemeAppProperties () returned 0x3
[0205.564] GetThemeAppProperties () returned 0x3
[0205.564] DrawThemeBackground () returned 0x0
[0205.564] RestoreDC (hdc=0x600107a2, nSavedDC=-1) returned 1
[0205.564] GdipReleaseDC (graphics=0x6600030, hdc=0x600107a2) returned 0x0
[0205.564] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0205.565] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0205.565] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0205.565] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0205.565] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc04) returned 0x0
[0205.565] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0205.565] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0205.565] LocalFree (hMem=0x11ee868) returned 0x0
[0205.565] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.565] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0205.565] LocalFree (hMem=0x11eec58) returned 0x0
[0205.565] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0205.565] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0205.565] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0205.565] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0205.565] GdipDeleteRegion (region=0x6645248) returned 0x0
[0205.565] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0205.565] GetCurrentObject (hdc=0x600107a2, type=0x1) returned 0xb00017
[0205.565] GetCurrentObject (hdc=0x600107a2, type=0x2) returned 0x900010
[0205.565] GetCurrentObject (hdc=0x600107a2, type=0x7) returned 0x4a0507fe
[0205.566] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.566] SaveDC (hdc=0x600107a2) returned 1
[0205.566] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe90407de
[0205.566] GetClipRgn (hdc=0x600107a2, hrgn=0xe90407de) returned 0
[0205.566] SelectClipRgn (hdc=0x600107a2, hrgn=0x60040807) returned 2
[0205.566] DeleteObject (ho=0xe90407de) returned 1
[0205.566] DeleteObject (ho=0x60040807) returned 1
[0205.566] OffsetViewportOrgEx (in: hdc=0x600107a2, x=0, y=0, lppt=0x2e271c8 | out: lppt=0x2e271c8) returned 1
[0205.566] IsAppThemed () returned 0x1
[0205.566] GetThemeAppProperties () returned 0x3
[0205.566] GetThemeAppProperties () returned 0x3
[0205.566] GetThemeBackgroundContentRect () returned 0x0
[0205.566] RestoreDC (hdc=0x600107a2, nSavedDC=-1) returned 1
[0205.566] GdipReleaseDC (graphics=0x6600030, hdc=0x600107a2) returned 0x0
[0205.566] IsAppThemed () returned 0x1
[0205.566] GetThemeAppProperties () returned 0x3
[0205.566] GetThemeAppProperties () returned 0x3
[0205.567] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0205.567] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0205.567] GetCurrentObject (hdc=0x600107a2, type=0x1) returned 0xb00017
[0205.567] GetCurrentObject (hdc=0x600107a2, type=0x2) returned 0x900010
[0205.567] GetCurrentObject (hdc=0x600107a2, type=0x7) returned 0x4a0507fe
[0205.567] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.567] SaveDC (hdc=0x600107a2) returned 1
[0205.567] GetTextAlign (hdc=0x600107a2) returned 0x0
[0205.567] GetTextColor (hdc=0x600107a2) returned 0x0
[0205.567] GetCurrentObject (hdc=0x600107a2, type=0x6) returned 0x8a01c2
[0205.567] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0205.567] SelectObject (hdc=0x600107a2, h=0x6d0a0520) returned 0x8a01c2
[0205.567] GetBkMode (hdc=0x600107a2) returned 2
[0205.567] SetBkMode (hdc=0x600107a2, mode=1) returned 2
[0205.567] DrawTextExW (in: hdc=0x600107a2, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e27568 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0205.568] DrawTextExW (in: hdc=0x600107a2, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e27568 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0205.568] RestoreDC (hdc=0x600107a2, nSavedDC=-1) returned 1
[0205.568] GdipReleaseDC (graphics=0x6600030, hdc=0x600107a2) returned 0x0
[0205.568] GetFocus () returned 0x1800ea
[0205.568] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0205.568] SendMessageW (hWnd=0xa02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0205.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0205.568] IsAppThemed () returned 0x1
[0205.568] GetThemeAppProperties () returned 0x3
[0205.568] GetThemeAppProperties () returned 0x3
[0205.568] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0205.568] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x600107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.569] GdipReleaseDC (graphics=0x6600030, hdc=0x600107a2) returned 0x0
[0205.569] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.569] SelectObject (hdc=0x600107a2, h=0x85000f) returned 0x4a0507fe
[0205.569] DeleteDC (hdc=0x600107a2) returned 1
[0205.569] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.569] EndPaint (hWnd=0x1800ea, lpPaint=0xd7dee4) returned 1
[0205.569] MapWindowPoints (in: hWndFrom=0x1800ea, hWndTo=0x0, lpPoints=0x2e27664, cPoints=0x1 | out: lpPoints=0x2e27664) returned 30999254
[0205.569] WindowFromPoint (Point=0x30e) returned 0x1800ea
[0205.569] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.569] NotifyWinEvent (event=0x800a, hwnd=0x1800ea, idObject=-4, idChild=0)
[0205.569] NotifyWinEvent (event=0x800c, hwnd=0x1800ea, idObject=-4, idChild=0)
[0205.569] GetCapture () returned 0x1800ea
[0205.569] ReleaseCapture () returned 1
[0205.570] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0205.570] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0205.570] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.570] IsWindow (hWnd=0x7005c) returned 1
[0205.570] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0205.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0205.571] IsWindow (hWnd=0xa02d0) returned 1
[0205.571] SetActiveWindow (hWnd=0xa02d0) returned 0xa02d0
[0205.571] IsWindow (hWnd=0xa02d0) returned 1
[0205.571] SetFocus (hWnd=0xa02d0) returned 0x1800ea
[0205.571] GetFocus () returned 0xa02d0
[0205.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x8, wParam=0xa02d0, lParam=0x0) returned 0x0
[0205.571] GetCapture () returned 0x0
[0205.571] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0205.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0205.576] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.576] GetFocus () returned 0xa02d0
[0205.576] SetFocus (hWnd=0x1800ea) returned 0xa02d0
[0205.577] GetFocus () returned 0x1800ea
[0205.577] IsChild (hWndParent=0xa02d0, hWnd=0x1800ea) returned 1
[0205.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x8, wParam=0x1800ea, lParam=0x0) returned 0x0
[0205.578] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0205.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0205.581] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.581] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x7, wParam=0xa02d0, lParam=0x0) returned 0x0
[0205.581] GetStockObject (i=5) returned 0x900015
[0205.582] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0205.582] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0xd, wParam=0xa, lParam=0x11f5780) returned 0x9
[0205.582] GetDlgItem (hDlg=0xa02d0, nIDDlgItem=1573098) returned 0x1800ea
[0205.582] SendMessageW (hWnd=0x1800ea, Msg=0x202b, wParam=0x1800ea, lParam=0xd7ddcc) returned 0x0
[0205.582] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x202b, wParam=0x1800ea, lParam=0xd7ddcc) returned 0x0
[0205.582] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.584] GetWindowLongW (hWnd=0xa02d0, nIndex=-8) returned 458844
[0205.584] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0205.584] GetCurrentThreadId () returned 0xf50
[0205.584] IsWindow (hWnd=0x7005c) returned 1
[0205.584] IsWindow (hWnd=0x7005c) returned 1
[0205.584] IsWindowVisible (hWnd=0x7005c) returned 1
[0205.584] SetActiveWindow (hWnd=0x7005c) returned 0xa02d0
[0205.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0205.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0205.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0205.588] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0205.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0205.588] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0205.588] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0205.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0xa02d0) returned 0x1
[0205.599] GetFocus () returned 0x1800ea
[0205.599] SetFocus (hWnd=0x602c4) returned 0x1800ea
[0205.600] GetFocus () returned 0x602c4
[0205.600] IsChild (hWndParent=0xa02d0, hWnd=0x602c4) returned 0
[0205.600] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0205.600] GetCapture () returned 0x0
[0205.600] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.601] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0205.602] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0205.604] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.604] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0205.604] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.605] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0205.605] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0205.605] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1800ea, lParam=0x0) returned 0x0
[0205.605] GetStockObject (i=5) returned 0x900015
[0205.606] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0205.606] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0205.606] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0205.606] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0205.606] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0205.606] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0205.616] GetFocus () returned 0x602c4
[0205.616] IsChild (hWndParent=0xa02d0, hWnd=0x602c4) returned 0
[0205.616] ShowWindow (hWnd=0xa02d0, nCmdShow=0) returned 1
[0205.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0205.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0205.618] GetWindowPlacement (in: hWnd=0xa02d0, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0205.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0205.618] GetClientRect (in: hWnd=0xa02d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0205.618] GetWindowRect (in: hWnd=0xa02d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0205.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0205.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0205.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0205.620] GetWindowLongW (hWnd=0xa02d0, nIndex=-20) returned 327945
[0205.620] DestroyWindow (hWnd=0xa02d0) returned 1
[0205.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0205.620] GetWindowTextLengthW (hWnd=0xa02d0) returned 13
[0205.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.620] GetSystemMetrics (nIndex=42) returned 0
[0205.620] GetWindowTextW (in: hWnd=0xa02d0, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0205.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0205.620] GetWindowTextLengthW (hWnd=0x1502de) returned 0
[0205.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0205.621] GetSystemMetrics (nIndex=42) returned 0
[0205.621] GetWindowTextW (in: hWnd=0x1502de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0205.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0205.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0205.621] GetWindowThreadProcessId (in: hWnd=0x1502da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0205.621] GetWindow (hWnd=0x1502da, uCmd=0x5) returned 0x0
[0205.621] GetWindowLongW (hWnd=0x1502da, nIndex=-20) returned 65792
[0205.621] DestroyWindow (hWnd=0x1502da) returned 1
[0205.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0205.621] GetWindowTextLengthW (hWnd=0x1502da) returned 25
[0205.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0205.621] GetSystemMetrics (nIndex=42) returned 0
[0205.621] GetWindowTextW (in: hWnd=0x1502da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0205.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0205.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0205.622] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.623] GetWindowTextLengthW (hWnd=0xb02ce) returned 232
[0205.623] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0205.623] GetSystemMetrics (nIndex=42) returned 0
[0205.623] GetWindowTextW (in: hWnd=0xb02ce, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0205.624] InvalidateRect (hWnd=0x1800ea, lpRect=0x0, bErase=0) returned 1
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0205.624] SendMessageW (hWnd=0xf02c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0205.624] SendMessageW (hWnd=0xf02c8, Msg=0xb0, wParam=0x2df348c, lParam=0xd7e480) returned 0x0
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0xb0, wParam=0x2df348c, lParam=0xd7e480) returned 0x0
[0205.624] GetWindowTextLengthW (hWnd=0xf02c8) returned 4363
[0205.624] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0205.624] GetSystemMetrics (nIndex=42) returned 0
[0205.625] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0205.625] GetWindowTextW (in: hWnd=0xf02c8, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0205.625] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0205.625] CoTaskMemFree (pv=0x1209508)
[0205.625] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0205.625] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.627] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xb02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.629] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1800ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.631] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.632] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xf02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.634] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xa02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0205.636] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.636] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.636] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.636] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.636] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.636] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.636] IsWindowUnicode (hWnd=0x7005c) returned 1
[0205.636] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.637] SetCursor (hCursor=0x10003) returned 0x10003
[0205.637] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.637] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.637] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0205.637] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0205.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0205.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0250) returned 0x0
[0205.637] GetKeyState (nVirtKey=1) returned 1
[0205.637] GetKeyState (nVirtKey=2) returned 0
[0205.637] GetKeyState (nVirtKey=4) returned 0
[0205.643] GetKeyState (nVirtKey=5) returned 0
[0205.643] GetKeyState (nVirtKey=6) returned 0
[0205.643] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.644] IsWindowUnicode (hWnd=0x7005c) returned 1
[0205.644] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.644] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.644] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.644] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.644] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.644] IsWindowUnicode (hWnd=0x7005c) returned 1
[0205.644] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.644] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030e) returned 0x1
[0205.645] SetCursor (hCursor=0x10003) returned 0x10003
[0205.645] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.645] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0250) returned 0x0
[0205.645] GetKeyState (nVirtKey=1) returned 1
[0205.645] GetKeyState (nVirtKey=2) returned 0
[0205.645] GetKeyState (nVirtKey=4) returned 0
[0205.645] GetKeyState (nVirtKey=5) returned 0
[0205.645] GetKeyState (nVirtKey=6) returned 0
[0205.645] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.646] IsWindowUnicode (hWnd=0x602c4) returned 1
[0205.646] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.646] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.646] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.646] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.647] IsWindowUnicode (hWnd=0x602c4) returned 1
[0205.647] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.647] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.647] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.647] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0205.647] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.647] CreateCompatibleDC (hdc=0x107b9) returned 0xc70107f2
[0205.647] SelectObject (hdc=0xc70107f2, h=0x4a0507fe) returned 0x85000f
[0205.647] GdipCreateFromHDC (hdc=0xc70107f2, graphics=0xd7e798) returned 0x0
[0205.648] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0205.648] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0205.648] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0205.648] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0205.648] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0205.648] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.648] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0205.648] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.648] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0205.648] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0205.648] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0205.648] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0205.648] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0205.648] GdipRestoreGraphics (graphics=0x6600030, state=0xfa7a0dbd) returned 0x0
[0205.648] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0205.649] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0205.649] GetCurrentObject (hdc=0xc70107f2, type=0x1) returned 0xb00017
[0205.649] GetCurrentObject (hdc=0xc70107f2, type=0x2) returned 0x900010
[0205.649] GetCurrentObject (hdc=0xc70107f2, type=0x7) returned 0x4a0507fe
[0205.649] GetCurrentObject (hdc=0xc70107f2, type=0x6) returned 0x8a01c2
[0205.649] SaveDC (hdc=0xc70107f2) returned 1
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0xff) returned 0xff
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0x55) returned 0x55
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0x0) returned 0x0
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0x55) returned 0x55
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0x0) returned 0x0
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0x8080ff) returned 0x8080ff
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0x7373e5) returned 0x7373e5
[0205.649] GetNearestColor (hdc=0xc70107f2, color=0xe5) returned 0xe5
[0205.650] GetNearestColor (hdc=0xc70107f2, color=0x0) returned 0x0
[0205.650] RestoreDC (hdc=0xc70107f2, nSavedDC=-1) returned 1
[0205.650] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107f2) returned 0x0
[0205.650] IsAppThemed () returned 0x1
[0205.650] GetThemeAppProperties () returned 0x3
[0205.650] GetThemeAppProperties () returned 0x3
[0205.650] IsAppThemed () returned 0x1
[0205.650] GetThemeAppProperties () returned 0x3
[0205.650] GetThemeAppProperties () returned 0x3
[0205.650] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e2f3d0 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0205.650] IsAppThemed () returned 0x1
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] IsAppThemed () returned 0x1
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] GetFocus () returned 0x602c4
[0205.651] IsAppThemed () returned 0x1
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] IsAppThemed () returned 0x1
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] IsThemePartDefined () returned 0x1
[0205.651] IsAppThemed () returned 0x1
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0205.651] IsAppThemed () returned 0x1
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] GetThemeAppProperties () returned 0x3
[0205.651] IsAppThemed () returned 0x1
[0205.652] GetThemeAppProperties () returned 0x3
[0205.652] GetThemeAppProperties () returned 0x3
[0205.652] IsThemePartDefined () returned 0x1
[0205.652] GdipCreateRegion (region=0xd7e508) returned 0x0
[0205.652] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0205.652] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0205.652] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0205.652] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e520) returned 0x0
[0205.652] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0205.652] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0205.652] LocalFree (hMem=0x11eed00) returned 0x0
[0205.652] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0205.652] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0205.652] LocalFree (hMem=0x11ee868) returned 0x0
[0205.652] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0205.652] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0205.652] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0205.652] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0205.653] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0205.653] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0205.653] GetCurrentObject (hdc=0xc70107f2, type=0x1) returned 0xb00017
[0205.653] GetCurrentObject (hdc=0xc70107f2, type=0x2) returned 0x900010
[0205.653] GetCurrentObject (hdc=0xc70107f2, type=0x7) returned 0x4a0507fe
[0205.653] GetCurrentObject (hdc=0xc70107f2, type=0x6) returned 0x8a01c2
[0205.653] SaveDC (hdc=0xc70107f2) returned 1
[0205.653] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x61040807
[0205.661] GetClipRgn (hdc=0xc70107f2, hrgn=0x61040807) returned 0
[0205.661] SelectClipRgn (hdc=0xc70107f2, hrgn=0xed0407de) returned 2
[0205.661] DeleteObject (ho=0x61040807) returned 1
[0205.661] DeleteObject (ho=0xed0407de) returned 1
[0205.661] OffsetViewportOrgEx (in: hdc=0xc70107f2, x=0, y=0, lppt=0x2e2fa80 | out: lppt=0x2e2fa80) returned 1
[0205.662] DrawThemeParentBackground () returned 0x0
[0205.662] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0205.662] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0205.662] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.662] GetSystemMetrics (nIndex=42) returned 0
[0205.662] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0205.662] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0205.662] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0205.662] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0205.662] SelectPalette (hdc=0xc70107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.662] GdipCreateFromHDC (hdc=0xc70107f2, graphics=0xd7dff8) returned 0x0
[0205.663] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0205.663] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0205.663] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638d28) returned 0x0
[0205.663] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dfd0) returned 0x0
[0205.663] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0205.663] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0205.663] GdipGetClip (graphics=0x6632538, region=0x6645098) returned 0x0
[0205.663] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6632538, result=0xd7dfc4) returned 0x0
[0205.663] GdipDeleteRegion (region=0x6645098) returned 0x0
[0205.663] GdipSaveGraphics (graphics=0x6632538, state=0xd7dff0) returned 0x0
[0205.663] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0205.696] GdipFillRectangleI (graphics=0x6632538, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0205.696] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0205.697] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0205.697] SelectPalette (hdc=0xc70107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.698] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.698] GetSystemMetrics (nIndex=42) returned 0
[0205.698] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0205.698] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0205.698] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0205.698] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0205.698] SelectPalette (hdc=0xc70107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0205.698] GdipCreateFromHDC (hdc=0xc70107f2, graphics=0xd7df98) returned 0x0
[0205.698] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0205.698] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0205.699] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638bd8) returned 0x0
[0205.699] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df70) returned 0x0
[0205.699] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0205.699] GdipCreateRegion (region=0xd7df58) returned 0x0
[0205.699] GdipGetClip (graphics=0x6632538, region=0x6645c68) returned 0x0
[0205.699] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6632538, result=0xd7df64) returned 0x0
[0205.699] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0205.699] GdipSaveGraphics (graphics=0x6632538, state=0xd7df90) returned 0x0
[0205.699] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0205.705] GdipFillRectangleI (graphics=0x6632538, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0205.706] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0205.707] GdipRestoreGraphics (graphics=0x6632538, state=0xfa760dbd) returned 0x0
[0205.707] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0205.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0205.707] GetSystemMetrics (nIndex=42) returned 0
[0205.707] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0205.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0205.708] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0205.708] SelectPalette (hdc=0xc70107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.708] RestoreDC (hdc=0xc70107f2, nSavedDC=-1) returned 1
[0205.708] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107f2) returned 0x0
[0205.708] IsAppThemed () returned 0x1
[0205.708] GetThemeAppProperties () returned 0x3
[0205.708] GetThemeAppProperties () returned 0x3
[0205.708] IsAppThemed () returned 0x1
[0205.708] GetThemeAppProperties () returned 0x3
[0205.708] GetThemeAppProperties () returned 0x3
[0205.708] IsThemePartDefined () returned 0x1
[0205.708] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0205.709] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0205.709] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0205.709] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0205.709] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a4) returned 0x0
[0205.709] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0205.709] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0205.709] LocalFree (hMem=0x11ee788) returned 0x0
[0205.709] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0205.709] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0205.709] LocalFree (hMem=0x11ee8d8) returned 0x0
[0205.709] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0205.709] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0205.709] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0205.709] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0205.709] GdipDeleteRegion (region=0x6645908) returned 0x0
[0205.709] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0205.709] GetCurrentObject (hdc=0xc70107f2, type=0x1) returned 0xb00017
[0205.709] GetCurrentObject (hdc=0xc70107f2, type=0x2) returned 0x900010
[0205.710] GetCurrentObject (hdc=0xc70107f2, type=0x7) returned 0x4a0507fe
[0205.710] GetCurrentObject (hdc=0xc70107f2, type=0x6) returned 0x8a01c2
[0205.710] SaveDC (hdc=0xc70107f2) returned 1
[0205.710] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xee0407de
[0205.710] GetClipRgn (hdc=0xc70107f2, hrgn=0xee0407de) returned 0
[0205.710] SelectClipRgn (hdc=0xc70107f2, hrgn=0x63040807) returned 2
[0205.710] DeleteObject (ho=0xee0407de) returned 1
[0205.710] DeleteObject (ho=0x63040807) returned 1
[0205.710] OffsetViewportOrgEx (in: hdc=0xc70107f2, x=0, y=0, lppt=0x2e362d0 | out: lppt=0x2e362d0) returned 1
[0205.710] IsAppThemed () returned 0x1
[0205.710] GetThemeAppProperties () returned 0x3
[0205.710] GetThemeAppProperties () returned 0x3
[0205.710] DrawThemeBackground () returned 0x0
[0205.710] RestoreDC (hdc=0xc70107f2, nSavedDC=-1) returned 1
[0205.710] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107f2) returned 0x0
[0205.711] GdipCreateRegion (region=0xd7e490) returned 0x0
[0205.711] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0205.711] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0205.711] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0205.711] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e4a8) returned 0x0
[0205.711] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0205.711] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea28) returned 0x0
[0205.711] LocalFree (hMem=0x11eea28) returned 0x0
[0205.711] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0205.711] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0205.711] LocalFree (hMem=0x11eec58) returned 0x0
[0205.711] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0205.711] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0205.711] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0205.711] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0205.711] GdipDeleteRegion (region=0x6646178) returned 0x0
[0205.711] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0205.712] GetCurrentObject (hdc=0xc70107f2, type=0x1) returned 0xb00017
[0205.712] GetCurrentObject (hdc=0xc70107f2, type=0x2) returned 0x900010
[0205.712] GetCurrentObject (hdc=0xc70107f2, type=0x7) returned 0x4a0507fe
[0205.712] GetCurrentObject (hdc=0xc70107f2, type=0x6) returned 0x8a01c2
[0205.712] SaveDC (hdc=0xc70107f2) returned 1
[0205.712] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x64040807
[0205.712] GetClipRgn (hdc=0xc70107f2, hrgn=0x64040807) returned 0
[0205.712] SelectClipRgn (hdc=0xc70107f2, hrgn=0xef0407de) returned 2
[0205.712] DeleteObject (ho=0x64040807) returned 1
[0205.712] DeleteObject (ho=0xef0407de) returned 1
[0205.712] OffsetViewportOrgEx (in: hdc=0xc70107f2, x=0, y=0, lppt=0x2e365a4 | out: lppt=0x2e365a4) returned 1
[0205.712] IsAppThemed () returned 0x1
[0205.712] GetThemeAppProperties () returned 0x3
[0205.712] GetThemeAppProperties () returned 0x3
[0205.712] GetThemeBackgroundContentRect () returned 0x0
[0205.712] RestoreDC (hdc=0xc70107f2, nSavedDC=-1) returned 1
[0205.713] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107f2) returned 0x0
[0205.713] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0205.713] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0205.713] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0205.713] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0205.713] IsAppThemed () returned 0x1
[0205.713] GetThemeAppProperties () returned 0x3
[0205.713] GetThemeAppProperties () returned 0x3
[0205.713] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0205.713] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0205.713] GetCurrentObject (hdc=0xc70107f2, type=0x1) returned 0xb00017
[0205.713] GetCurrentObject (hdc=0xc70107f2, type=0x2) returned 0x900010
[0205.713] GetCurrentObject (hdc=0xc70107f2, type=0x7) returned 0x4a0507fe
[0205.713] GetCurrentObject (hdc=0xc70107f2, type=0x6) returned 0x8a01c2
[0205.713] SaveDC (hdc=0xc70107f2) returned 1
[0205.713] GetTextAlign (hdc=0xc70107f2) returned 0x0
[0205.713] GetTextColor (hdc=0xc70107f2) returned 0x0
[0205.714] GetCurrentObject (hdc=0xc70107f2, type=0x6) returned 0x8a01c2
[0205.714] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0205.714] SelectObject (hdc=0xc70107f2, h=0x6d0a0520) returned 0x8a01c2
[0205.714] GetBkMode (hdc=0xc70107f2) returned 2
[0205.714] SetBkMode (hdc=0xc70107f2, mode=1) returned 2
[0205.714] DrawTextExW (in: hdc=0xc70107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e36968 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0205.714] DrawTextExW (in: hdc=0xc70107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e36968 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0205.715] RestoreDC (hdc=0xc70107f2, nSavedDC=-1) returned 1
[0205.715] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107f2) returned 0x0
[0205.715] GetFocus () returned 0x602c4
[0205.715] IsAppThemed () returned 0x1
[0205.715] GetThemeAppProperties () returned 0x3
[0205.715] GetThemeAppProperties () returned 0x3
[0205.715] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0205.715] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xc70107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0205.715] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107f2) returned 0x0
[0205.715] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0205.715] SelectObject (hdc=0xc70107f2, h=0x85000f) returned 0x4a0507fe
[0205.715] DeleteDC (hdc=0xc70107f2) returned 1
[0205.722] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0205.722] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0205.722] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.722] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.722] WaitMessage () returned 1
[0205.722] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.722] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.722] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.722] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.722] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.723] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.723] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.723] WaitMessage () returned 1
[0205.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.732] IsWindowUnicode (hWnd=0x7005c) returned 1
[0205.732] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.732] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.732] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.732] IsWindowUnicode (hWnd=0x7005c) returned 1
[0205.732] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.732] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.732] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.732] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10e0250) returned 0x0
[0205.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.732] WaitMessage () returned 1
[0205.740] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.741] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.741] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.741] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.741] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.742] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.742] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.742] WaitMessage () returned 1
[0205.743] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.743] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.743] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.743] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.743] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.744] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.744] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.744] WaitMessage () returned 1
[0205.745] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.745] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.745] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.745] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.745] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.752] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.752] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.752] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.752] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.752] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.753] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.753] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.753] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.753] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.753] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.753] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.754] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.754] WaitMessage () returned 1
[0205.756] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.756] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.756] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.756] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.756] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.757] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.758] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.758] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.758] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.758] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.758] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.758] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.758] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.758] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.758] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.758] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.759] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.759] WaitMessage () returned 1
[0205.759] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.759] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.759] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.759] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.759] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.761] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.761] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.761] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.761] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.761] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.761] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.761] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.761] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.762] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.762] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.762] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.762] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.762] WaitMessage () returned 1
[0205.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.763] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.763] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.763] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.763] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.765] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.766] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.766] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.766] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.766] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.766] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.766] IsWindowUnicode (hWnd=0x30122) returned 1
[0205.766] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.766] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.767] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.767] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.767] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.767] WaitMessage () returned 1
[0205.904] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.904] IsWindowUnicode (hWnd=0x502c6) returned 1
[0205.904] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0205.904] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0205.904] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0205.904] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.904] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0205.904] WaitMessage () returned 1
[0207.829] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f010c) returned 0x1
[0207.829] IsWindowUnicode (hWnd=0x602c4) returned 1
[0207.830] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.830] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0207.830] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0207.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0207.830] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.830] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f010c) returned 0x1
[0207.830] IsWindowUnicode (hWnd=0x602c4) returned 1
[0207.830] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.830] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f010c) returned 0x1
[0207.830] SetCursor (hCursor=0x10003) returned 0x10003
[0207.831] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0207.831] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0207.831] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0207.831] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0207.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0207.831] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0207.831] GetKeyState (nVirtKey=1) returned 1
[0207.831] GetKeyState (nVirtKey=2) returned 0
[0207.831] GetKeyState (nVirtKey=4) returned 0
[0207.831] GetKeyState (nVirtKey=5) returned 0
[0207.831] GetKeyState (nVirtKey=6) returned 0
[0207.831] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.831] IsWindowUnicode (hWnd=0x602c4) returned 1
[0207.831] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.831] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0207.831] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0207.832] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0207.832] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0207.832] CreateCompatibleDC (hdc=0x107b9) returned 0xe0107f8
[0207.832] SelectObject (hdc=0xe0107f8, h=0x4a0507fe) returned 0x85000f
[0207.832] GdipCreateFromHDC (hdc=0xe0107f8, graphics=0xd7e798) returned 0x0
[0207.833] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0207.833] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0207.833] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0207.833] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0207.833] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e7f8) returned 0x0
[0207.833] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0207.833] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0207.833] LocalFree (hMem=0x11ee868) returned 0x0
[0207.833] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0207.833] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0207.834] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0207.834] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0207.834] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0207.834] GdipRestoreGraphics (graphics=0x6600030, state=0xfa740dbd) returned 0x0
[0207.834] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0207.834] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0207.834] GetCurrentObject (hdc=0xe0107f8, type=0x1) returned 0xb00017
[0207.834] GetCurrentObject (hdc=0xe0107f8, type=0x2) returned 0x900010
[0207.834] GetCurrentObject (hdc=0xe0107f8, type=0x7) returned 0x4a0507fe
[0207.834] GetCurrentObject (hdc=0xe0107f8, type=0x6) returned 0x8a01c2
[0207.834] SaveDC (hdc=0xe0107f8) returned 1
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0xff) returned 0xff
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0x55) returned 0x55
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0x0) returned 0x0
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0x55) returned 0x55
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0x0) returned 0x0
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0x8080ff) returned 0x8080ff
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0x7373e5) returned 0x7373e5
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0xe5) returned 0xe5
[0207.835] GetNearestColor (hdc=0xe0107f8, color=0x0) returned 0x0
[0207.835] RestoreDC (hdc=0xe0107f8, nSavedDC=-1) returned 1
[0207.835] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107f8) returned 0x0
[0207.836] IsAppThemed () returned 0x1
[0207.836] GetThemeAppProperties () returned 0x3
[0207.836] GetThemeAppProperties () returned 0x3
[0207.836] IsAppThemed () returned 0x1
[0207.836] GetThemeAppProperties () returned 0x3
[0207.836] GetThemeAppProperties () returned 0x3
[0207.836] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e372d8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0207.837] IsAppThemed () returned 0x1
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] IsAppThemed () returned 0x1
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] IsAppThemed () returned 0x1
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] IsAppThemed () returned 0x1
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] IsThemePartDefined () returned 0x1
[0207.837] IsAppThemed () returned 0x1
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] GetThemeAppProperties () returned 0x3
[0207.837] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0207.838] IsAppThemed () returned 0x1
[0207.838] GetThemeAppProperties () returned 0x3
[0207.838] GetThemeAppProperties () returned 0x3
[0207.838] IsAppThemed () returned 0x1
[0207.838] GetThemeAppProperties () returned 0x3
[0207.838] GetThemeAppProperties () returned 0x3
[0207.838] IsThemePartDefined () returned 0x1
[0207.838] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0207.838] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0207.838] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0207.838] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0207.838] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e514) returned 0x0
[0207.838] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0207.838] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0207.838] LocalFree (hMem=0x11ee788) returned 0x0
[0207.838] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0207.838] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0207.838] LocalFree (hMem=0x11ee8d8) returned 0x0
[0207.839] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0207.839] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0207.839] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0207.839] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0207.839] GdipDeleteRegion (region=0x6645908) returned 0x0
[0207.839] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0207.839] GetCurrentObject (hdc=0xe0107f8, type=0x1) returned 0xb00017
[0207.839] GetCurrentObject (hdc=0xe0107f8, type=0x2) returned 0x900010
[0207.839] GetCurrentObject (hdc=0xe0107f8, type=0x7) returned 0x4a0507fe
[0207.839] GetCurrentObject (hdc=0xe0107f8, type=0x6) returned 0x8a01c2
[0207.839] SaveDC (hdc=0xe0107f8) returned 1
[0207.839] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf00407de
[0207.839] GetClipRgn (hdc=0xe0107f8, hrgn=0xf00407de) returned 0
[0207.839] SelectClipRgn (hdc=0xe0107f8, hrgn=0x68040807) returned 2
[0207.840] DeleteObject (ho=0xf00407de) returned 1
[0207.840] DeleteObject (ho=0x68040807) returned 1
[0207.840] OffsetViewportOrgEx (in: hdc=0xe0107f8, x=0, y=0, lppt=0x2e37988 | out: lppt=0x2e37988) returned 1
[0207.840] DrawThemeParentBackground () returned 0x0
[0207.840] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0207.840] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0207.840] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0207.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0207.840] GetSystemMetrics (nIndex=42) returned 0
[0207.840] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0207.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0207.840] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0207.841] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0207.841] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0207.841] SelectPalette (hdc=0xe0107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0207.841] GdipCreateFromHDC (hdc=0xe0107f8, graphics=0xd7dff0) returned 0x0
[0207.841] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0207.841] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0207.841] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638ba8) returned 0x0
[0207.841] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dfc8) returned 0x0
[0207.841] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0207.841] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0207.842] GdipGetClip (graphics=0x6632538, region=0x6645248) returned 0x0
[0207.842] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6632538, result=0xd7dfbc) returned 0x0
[0207.842] GdipDeleteRegion (region=0x6645248) returned 0x0
[0207.842] GdipSaveGraphics (graphics=0x6632538, state=0xd7dfe8) returned 0x0
[0207.842] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0207.849] GdipFillRectangleI (graphics=0x6632538, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0207.849] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0207.851] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0207.851] SelectPalette (hdc=0xe0107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0207.851] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0207.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0207.851] GetSystemMetrics (nIndex=42) returned 0
[0207.851] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0207.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0207.851] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0207.851] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0207.851] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0207.851] SelectPalette (hdc=0xe0107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0207.852] GdipCreateFromHDC (hdc=0xe0107f8, graphics=0xd7df90) returned 0x0
[0207.852] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0207.852] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0207.852] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638ae8) returned 0x0
[0207.852] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df68) returned 0x0
[0207.852] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0207.852] GdipCreateRegion (region=0xd7df50) returned 0x0
[0207.852] GdipGetClip (graphics=0x6632538, region=0x6645518) returned 0x0
[0207.852] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6632538, result=0xd7df5c) returned 0x0
[0207.852] GdipDeleteRegion (region=0x6645518) returned 0x0
[0207.852] GdipSaveGraphics (graphics=0x6632538, state=0xd7df88) returned 0x0
[0207.853] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0207.859] GdipFillRectangleI (graphics=0x6632538, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0207.859] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0207.861] GdipRestoreGraphics (graphics=0x6632538, state=0xfa700dbd) returned 0x0
[0207.861] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0207.861] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0207.861] GetSystemMetrics (nIndex=42) returned 0
[0207.861] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0207.861] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0207.861] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0207.861] SelectPalette (hdc=0xe0107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0207.862] RestoreDC (hdc=0xe0107f8, nSavedDC=-1) returned 1
[0207.862] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107f8) returned 0x0
[0207.862] IsAppThemed () returned 0x1
[0207.862] GetThemeAppProperties () returned 0x3
[0207.862] GetThemeAppProperties () returned 0x3
[0207.862] IsAppThemed () returned 0x1
[0207.862] GetThemeAppProperties () returned 0x3
[0207.862] GetThemeAppProperties () returned 0x3
[0207.862] IsThemePartDefined () returned 0x1
[0207.862] GdipCreateRegion (region=0xd7e480) returned 0x0
[0207.862] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0207.862] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0207.862] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0207.863] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e498) returned 0x0
[0207.863] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0207.863] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0207.863] LocalFree (hMem=0x11ee788) returned 0x0
[0207.863] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0207.863] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0207.863] LocalFree (hMem=0x11eec58) returned 0x0
[0207.863] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0207.863] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0207.863] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0207.863] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0207.863] GdipDeleteRegion (region=0x6646058) returned 0x0
[0207.863] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0207.863] GetCurrentObject (hdc=0xe0107f8, type=0x1) returned 0xb00017
[0207.863] GetCurrentObject (hdc=0xe0107f8, type=0x2) returned 0x900010
[0207.864] GetCurrentObject (hdc=0xe0107f8, type=0x7) returned 0x4a0507fe
[0207.864] GetCurrentObject (hdc=0xe0107f8, type=0x6) returned 0x8a01c2
[0207.864] SaveDC (hdc=0xe0107f8) returned 1
[0207.864] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x69040807
[0207.864] GetClipRgn (hdc=0xe0107f8, hrgn=0x69040807) returned 0
[0207.864] SelectClipRgn (hdc=0xe0107f8, hrgn=0xf20407de) returned 2
[0207.864] DeleteObject (ho=0x69040807) returned 1
[0207.864] DeleteObject (ho=0xf20407de) returned 1
[0207.864] OffsetViewportOrgEx (in: hdc=0xe0107f8, x=0, y=0, lppt=0x2e3e1d8 | out: lppt=0x2e3e1d8) returned 1
[0207.864] IsAppThemed () returned 0x1
[0207.864] GetThemeAppProperties () returned 0x3
[0207.864] GetThemeAppProperties () returned 0x3
[0207.864] DrawThemeBackground () returned 0x0
[0207.864] RestoreDC (hdc=0xe0107f8, nSavedDC=-1) returned 1
[0207.865] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107f8) returned 0x0
[0207.865] GdipCreateRegion (region=0xd7e484) returned 0x0
[0207.865] GdipGetClip (graphics=0x6600030, region=0x6645b48) returned 0x0
[0207.865] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0207.865] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0207.865] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e49c) returned 0x0
[0207.865] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0207.865] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0207.865] LocalFree (hMem=0x11ee788) returned 0x0
[0207.865] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0207.865] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0207.865] LocalFree (hMem=0x11eec58) returned 0x0
[0207.865] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0207.865] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0207.865] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0207.865] GdipGetRegionHRgn (region=0x6645b48, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0207.866] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0207.866] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0207.866] GetCurrentObject (hdc=0xe0107f8, type=0x1) returned 0xb00017
[0207.866] GetCurrentObject (hdc=0xe0107f8, type=0x2) returned 0x900010
[0207.866] GetCurrentObject (hdc=0xe0107f8, type=0x7) returned 0x4a0507fe
[0207.866] GetCurrentObject (hdc=0xe0107f8, type=0x6) returned 0x8a01c2
[0207.866] SaveDC (hdc=0xe0107f8) returned 1
[0207.866] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf30407de
[0207.866] GetClipRgn (hdc=0xe0107f8, hrgn=0xf30407de) returned 0
[0207.866] SelectClipRgn (hdc=0xe0107f8, hrgn=0x6a040807) returned 2
[0207.866] DeleteObject (ho=0xf30407de) returned 1
[0207.866] DeleteObject (ho=0x6a040807) returned 1
[0207.866] OffsetViewportOrgEx (in: hdc=0xe0107f8, x=0, y=0, lppt=0x2e3e4ac | out: lppt=0x2e3e4ac) returned 1
[0207.866] IsAppThemed () returned 0x1
[0207.867] GetThemeAppProperties () returned 0x3
[0207.867] GetThemeAppProperties () returned 0x3
[0207.867] GetThemeBackgroundContentRect () returned 0x0
[0207.867] RestoreDC (hdc=0xe0107f8, nSavedDC=-1) returned 1
[0207.867] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107f8) returned 0x0
[0207.867] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0207.867] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0207.867] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0207.867] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0207.867] IsAppThemed () returned 0x1
[0207.867] GetThemeAppProperties () returned 0x3
[0207.867] GetThemeAppProperties () returned 0x3
[0207.867] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0207.868] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0207.868] GetCurrentObject (hdc=0xe0107f8, type=0x1) returned 0xb00017
[0207.868] GetCurrentObject (hdc=0xe0107f8, type=0x2) returned 0x900010
[0207.868] GetCurrentObject (hdc=0xe0107f8, type=0x7) returned 0x4a0507fe
[0207.868] GetCurrentObject (hdc=0xe0107f8, type=0x6) returned 0x8a01c2
[0207.868] SaveDC (hdc=0xe0107f8) returned 1
[0207.868] GetTextAlign (hdc=0xe0107f8) returned 0x0
[0207.868] GetTextColor (hdc=0xe0107f8) returned 0x0
[0207.868] GetCurrentObject (hdc=0xe0107f8, type=0x6) returned 0x8a01c2
[0207.868] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0207.868] SelectObject (hdc=0xe0107f8, h=0x6d0a0520) returned 0x8a01c2
[0207.868] GetBkMode (hdc=0xe0107f8) returned 2
[0207.868] SetBkMode (hdc=0xe0107f8, mode=1) returned 2
[0207.869] DrawTextExW (in: hdc=0xe0107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e3e870 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0207.869] DrawTextExW (in: hdc=0xe0107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e3e870 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0207.869] RestoreDC (hdc=0xe0107f8, nSavedDC=-1) returned 1
[0207.870] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107f8) returned 0x0
[0207.870] GetFocus () returned 0x602c4
[0207.870] IsAppThemed () returned 0x1
[0207.870] GetThemeAppProperties () returned 0x3
[0207.870] GetThemeAppProperties () returned 0x3
[0207.870] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0207.870] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xe0107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0207.871] GdipReleaseDC (graphics=0x6600030, hdc=0xe0107f8) returned 0x0
[0207.871] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0207.871] SelectObject (hdc=0xe0107f8, h=0x85000f) returned 0x4a0507fe
[0207.871] DeleteDC (hdc=0xe0107f8) returned 1
[0207.871] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0207.871] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0207.871] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0207.871] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0207.871] WaitMessage () returned 1
[0207.936] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.936] IsWindowUnicode (hWnd=0x602c4) returned 1
[0207.936] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.936] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0207.936] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0207.936] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.936] IsWindowUnicode (hWnd=0x602c4) returned 1
[0207.936] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0207.936] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0207.936] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0207.936] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x80031) returned 0x0
[0207.936] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0207.936] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0207.936] WaitMessage () returned 1
[0208.070] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f010c) returned 0x1
[0208.070] IsWindowUnicode (hWnd=0x602c4) returned 1
[0208.070] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f010c) returned 0x1
[0208.071] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0208.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19a004e) returned 0x0
[0208.071] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0208.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0208.071] SetCursor (hCursor=0x10003) returned 0x10003
[0208.071] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.071] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.071] GetKeyState (nVirtKey=1) returned -128
[0208.071] GetKeyState (nVirtKey=2) returned 0
[0208.071] GetKeyState (nVirtKey=4) returned 0
[0208.071] GetKeyState (nVirtKey=5) returned 0
[0208.071] GetKeyState (nVirtKey=6) returned 0
[0208.071] IsWindowVisible (hWnd=0x602c4) returned 1
[0208.071] IsWindowEnabled (hWnd=0x602c4) returned 1
[0208.071] SetFocus (hWnd=0x602c4) returned 0x602c4
[0208.072] GetFocus () returned 0x602c4
[0208.072] GetFocus () returned 0x602c4
[0208.072] GetFocus () returned 0x602c4
[0208.072] GetKeyState (nVirtKey=1) returned -128
[0208.072] GetKeyState (nVirtKey=2) returned 0
[0208.072] GetKeyState (nVirtKey=4) returned 0
[0208.072] GetKeyState (nVirtKey=5) returned 0
[0208.072] GetKeyState (nVirtKey=6) returned 0
[0208.072] GetCapture () returned 0x0
[0208.072] SetCapture (hWnd=0x602c4) returned 0x0
[0208.072] GetKeyState (nVirtKey=1) returned -128
[0208.072] GetKeyState (nVirtKey=2) returned 0
[0208.072] GetKeyState (nVirtKey=4) returned 0
[0208.072] GetKeyState (nVirtKey=5) returned 0
[0208.072] GetKeyState (nVirtKey=6) returned 0
[0208.072] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0208.072] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0208.072] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.073] IsWindowUnicode (hWnd=0x602c4) returned 1
[0208.073] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.073] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.073] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.073] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e3e9f4, cPoints=0x1 | out: lpPoints=0x2e3e9f4) returned 40304859
[0208.073] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0208.073] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0208.073] UpdateWindow (hWnd=0x602c4) returned 1
[0208.073] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0208.073] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.073] CreateCompatibleDC (hdc=0x107b9) returned 0xf0107f8
[0208.073] SelectObject (hdc=0xf0107f8, h=0x4a0507fe) returned 0x85000f
[0208.074] GdipCreateFromHDC (hdc=0xf0107f8, graphics=0xd7e430) returned 0x0
[0208.074] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.074] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0208.074] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0208.074] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0208.074] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e490) returned 0x0
[0208.074] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.074] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0208.074] LocalFree (hMem=0x11ee788) returned 0x0
[0208.074] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0208.074] GdipCreateRegion (region=0xd7e478) returned 0x0
[0208.074] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0208.074] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e484) returned 0x0
[0208.075] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0208.075] GdipRestoreGraphics (graphics=0x6600030, state=0xfa6e0dbd) returned 0x0
[0208.075] GdipDeleteRegion (region=0x6645248) returned 0x0
[0208.075] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0208.075] GetCurrentObject (hdc=0xf0107f8, type=0x1) returned 0xb00017
[0208.075] GetCurrentObject (hdc=0xf0107f8, type=0x2) returned 0x900010
[0208.075] GetCurrentObject (hdc=0xf0107f8, type=0x7) returned 0x4a0507fe
[0208.075] GetCurrentObject (hdc=0xf0107f8, type=0x6) returned 0x8a01c2
[0208.075] SaveDC (hdc=0xf0107f8) returned 1
[0208.075] GetNearestColor (hdc=0xf0107f8, color=0xff) returned 0xff
[0208.075] GetNearestColor (hdc=0xf0107f8, color=0x55) returned 0x55
[0208.076] GetNearestColor (hdc=0xf0107f8, color=0x0) returned 0x0
[0208.076] GetNearestColor (hdc=0xf0107f8, color=0x55) returned 0x55
[0208.076] GetNearestColor (hdc=0xf0107f8, color=0x0) returned 0x0
[0208.076] GetNearestColor (hdc=0xf0107f8, color=0x8080ff) returned 0x8080ff
[0208.076] GetNearestColor (hdc=0xf0107f8, color=0x7373e5) returned 0x7373e5
[0208.076] GetNearestColor (hdc=0xf0107f8, color=0xe5) returned 0xe5
[0208.076] GetNearestColor (hdc=0xf0107f8, color=0x0) returned 0x0
[0208.076] RestoreDC (hdc=0xf0107f8, nSavedDC=-1) returned 1
[0208.076] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f8) returned 0x0
[0208.076] IsAppThemed () returned 0x1
[0208.076] GetThemeAppProperties () returned 0x3
[0208.076] GetThemeAppProperties () returned 0x3
[0208.077] IsAppThemed () returned 0x1
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e3f110 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0208.077] IsAppThemed () returned 0x1
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] IsAppThemed () returned 0x1
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] IsAppThemed () returned 0x1
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] GetThemeAppProperties () returned 0x3
[0208.077] IsAppThemed () returned 0x1
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] IsThemePartDefined () returned 0x1
[0208.078] IsAppThemed () returned 0x1
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0208.078] IsAppThemed () returned 0x1
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] IsAppThemed () returned 0x1
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] GetThemeAppProperties () returned 0x3
[0208.078] IsThemePartDefined () returned 0x1
[0208.078] GdipCreateRegion (region=0xd7e194) returned 0x0
[0208.078] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0208.078] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0208.078] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0208.078] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e1ac) returned 0x0
[0208.078] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.079] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0208.079] LocalFree (hMem=0x11eec58) returned 0x0
[0208.079] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0208.079] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea28) returned 0x0
[0208.079] LocalFree (hMem=0x11eea28) returned 0x0
[0208.079] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0208.079] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0208.079] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0208.079] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0208.079] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0208.079] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0208.079] GetCurrentObject (hdc=0xf0107f8, type=0x1) returned 0xb00017
[0208.079] GetCurrentObject (hdc=0xf0107f8, type=0x2) returned 0x900010
[0208.079] GetCurrentObject (hdc=0xf0107f8, type=0x7) returned 0x4a0507fe
[0208.079] GetCurrentObject (hdc=0xf0107f8, type=0x6) returned 0x8a01c2
[0208.079] SaveDC (hdc=0xf0107f8) returned 1
[0208.080] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b040807
[0208.080] GetClipRgn (hdc=0xf0107f8, hrgn=0x6b040807) returned 0
[0208.080] SelectClipRgn (hdc=0xf0107f8, hrgn=0xf70407de) returned 2
[0208.080] DeleteObject (ho=0x6b040807) returned 1
[0208.080] DeleteObject (ho=0xf70407de) returned 1
[0208.080] OffsetViewportOrgEx (in: hdc=0xf0107f8, x=0, y=0, lppt=0x2e3f7c0 | out: lppt=0x2e3f7c0) returned 1
[0208.080] DrawThemeParentBackground () returned 0x0
[0208.080] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0208.080] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0208.080] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.080] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.080] GetSystemMetrics (nIndex=42) returned 0
[0208.080] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.080] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0208.081] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0208.081] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0208.081] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0208.081] SelectPalette (hdc=0xf0107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.081] GdipCreateFromHDC (hdc=0xf0107f8, graphics=0xd7dc88) returned 0x0
[0208.081] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0208.081] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0208.081] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638ae8) returned 0x0
[0208.081] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc60) returned 0x0
[0208.081] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0208.081] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0208.081] GdipGetClip (graphics=0x6632538, region=0x66460e8) returned 0x0
[0208.081] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6632538, result=0xd7dc54) returned 0x0
[0208.081] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0208.081] GdipSaveGraphics (graphics=0x6632538, state=0xd7dc80) returned 0x0
[0208.082] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0208.088] GdipFillRectangleI (graphics=0x6632538, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0208.088] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0208.090] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0208.090] SelectPalette (hdc=0xf0107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.091] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.091] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.091] GetSystemMetrics (nIndex=42) returned 0
[0208.091] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.091] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0208.091] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0208.091] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0208.091] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0208.091] SelectPalette (hdc=0xf0107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.091] GdipCreateFromHDC (hdc=0xf0107f8, graphics=0xd7dc28) returned 0x0
[0208.092] GdipSetPageUnit (graphics=0x6632538, unit=0x2) returned 0x0
[0208.092] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0208.092] GdipGetWorldTransform (graphics=0x6632538, matrix=0x6638ab8) returned 0x0
[0208.092] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc00) returned 0x0
[0208.092] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0208.092] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0208.092] GdipGetClip (graphics=0x6632538, region=0x6645098) returned 0x0
[0208.092] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6632538, result=0xd7dbf4) returned 0x0
[0208.092] GdipDeleteRegion (region=0x6645098) returned 0x0
[0208.092] GdipSaveGraphics (graphics=0x6632538, state=0xd7dc20) returned 0x0
[0208.092] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0208.098] GdipFillRectangleI (graphics=0x6632538, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0208.098] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0208.100] GdipRestoreGraphics (graphics=0x6632538, state=0xfa6a0dbd) returned 0x0
[0208.100] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.100] GetSystemMetrics (nIndex=42) returned 0
[0208.100] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0208.100] GdipDeleteGraphics (graphics=0x6632538) returned 0x0
[0208.100] SelectPalette (hdc=0xf0107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.101] RestoreDC (hdc=0xf0107f8, nSavedDC=-1) returned 1
[0208.101] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f8) returned 0x0
[0208.101] IsAppThemed () returned 0x1
[0208.101] GetThemeAppProperties () returned 0x3
[0208.101] GetThemeAppProperties () returned 0x3
[0208.101] IsAppThemed () returned 0x1
[0208.101] GetThemeAppProperties () returned 0x3
[0208.101] GetThemeAppProperties () returned 0x3
[0208.101] IsThemePartDefined () returned 0x1
[0208.101] GdipCreateRegion (region=0xd7e118) returned 0x0
[0208.101] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0208.101] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0208.101] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0208.101] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e130) returned 0x0
[0208.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0208.102] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea98) returned 0x0
[0208.102] LocalFree (hMem=0x11eea98) returned 0x0
[0208.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.102] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0208.102] LocalFree (hMem=0x11eec58) returned 0x0
[0208.102] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0208.102] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0208.102] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0208.102] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0208.102] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0208.102] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0208.102] GetCurrentObject (hdc=0xf0107f8, type=0x1) returned 0xb00017
[0208.102] GetCurrentObject (hdc=0xf0107f8, type=0x2) returned 0x900010
[0208.102] GetCurrentObject (hdc=0xf0107f8, type=0x7) returned 0x4a0507fe
[0208.102] GetCurrentObject (hdc=0xf0107f8, type=0x6) returned 0x8a01c2
[0208.102] SaveDC (hdc=0xf0107f8) returned 1
[0208.103] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf80407de
[0208.103] GetClipRgn (hdc=0xf0107f8, hrgn=0xf80407de) returned 0
[0208.103] SelectClipRgn (hdc=0xf0107f8, hrgn=0x6d040807) returned 2
[0208.103] DeleteObject (ho=0xf80407de) returned 1
[0208.103] DeleteObject (ho=0x6d040807) returned 1
[0208.103] OffsetViewportOrgEx (in: hdc=0xf0107f8, x=0, y=0, lppt=0x2e46010 | out: lppt=0x2e46010) returned 1
[0208.103] IsAppThemed () returned 0x1
[0208.103] GetThemeAppProperties () returned 0x3
[0208.103] GetThemeAppProperties () returned 0x3
[0208.103] DrawThemeBackground () returned 0x0
[0208.103] RestoreDC (hdc=0xf0107f8, nSavedDC=-1) returned 1
[0208.103] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f8) returned 0x0
[0208.103] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0208.103] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0208.103] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0208.104] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0208.104] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e134) returned 0x0
[0208.104] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0208.104] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee910) returned 0x0
[0208.104] LocalFree (hMem=0x11ee910) returned 0x0
[0208.104] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.104] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0208.104] LocalFree (hMem=0x11ee868) returned 0x0
[0208.104] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0208.104] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0208.104] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0208.104] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0208.104] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0208.104] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0208.104] GetCurrentObject (hdc=0xf0107f8, type=0x1) returned 0xb00017
[0208.104] GetCurrentObject (hdc=0xf0107f8, type=0x2) returned 0x900010
[0208.104] GetCurrentObject (hdc=0xf0107f8, type=0x7) returned 0x4a0507fe
[0208.105] GetCurrentObject (hdc=0xf0107f8, type=0x6) returned 0x8a01c2
[0208.105] SaveDC (hdc=0xf0107f8) returned 1
[0208.105] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e040807
[0208.105] GetClipRgn (hdc=0xf0107f8, hrgn=0x6e040807) returned 0
[0208.105] SelectClipRgn (hdc=0xf0107f8, hrgn=0xf90407de) returned 2
[0208.105] DeleteObject (ho=0x6e040807) returned 1
[0208.105] DeleteObject (ho=0xf90407de) returned 1
[0208.105] OffsetViewportOrgEx (in: hdc=0xf0107f8, x=0, y=0, lppt=0x2e462e4 | out: lppt=0x2e462e4) returned 1
[0208.105] IsAppThemed () returned 0x1
[0208.105] GetThemeAppProperties () returned 0x3
[0208.105] GetThemeAppProperties () returned 0x3
[0208.105] GetThemeBackgroundContentRect () returned 0x0
[0208.105] RestoreDC (hdc=0xf0107f8, nSavedDC=-1) returned 1
[0208.105] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f8) returned 0x0
[0208.105] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0208.105] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0208.106] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0208.106] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0208.106] IsAppThemed () returned 0x1
[0208.106] GetThemeAppProperties () returned 0x3
[0208.106] GetThemeAppProperties () returned 0x3
[0208.106] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0208.106] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0208.106] GetCurrentObject (hdc=0xf0107f8, type=0x1) returned 0xb00017
[0208.106] GetCurrentObject (hdc=0xf0107f8, type=0x2) returned 0x900010
[0208.106] GetCurrentObject (hdc=0xf0107f8, type=0x7) returned 0x4a0507fe
[0208.106] GetCurrentObject (hdc=0xf0107f8, type=0x6) returned 0x8a01c2
[0208.106] SaveDC (hdc=0xf0107f8) returned 1
[0208.106] GetTextAlign (hdc=0xf0107f8) returned 0x0
[0208.106] GetTextColor (hdc=0xf0107f8) returned 0x0
[0208.106] GetCurrentObject (hdc=0xf0107f8, type=0x6) returned 0x8a01c2
[0208.107] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0208.107] SelectObject (hdc=0xf0107f8, h=0x6d0a0520) returned 0x8a01c2
[0208.107] GetBkMode (hdc=0xf0107f8) returned 2
[0208.107] SetBkMode (hdc=0xf0107f8, mode=1) returned 2
[0208.107] DrawTextExW (in: hdc=0xf0107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e466a8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0208.107] DrawTextExW (in: hdc=0xf0107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e466a8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0208.108] RestoreDC (hdc=0xf0107f8, nSavedDC=-1) returned 1
[0208.108] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f8) returned 0x0
[0208.108] GetFocus () returned 0x602c4
[0208.108] IsAppThemed () returned 0x1
[0208.108] GetThemeAppProperties () returned 0x3
[0208.108] GetThemeAppProperties () returned 0x3
[0208.108] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0208.108] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xf0107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.108] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f8) returned 0x0
[0208.109] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.109] SelectObject (hdc=0xf0107f8, h=0x85000f) returned 0x4a0507fe
[0208.109] DeleteDC (hdc=0xf0107f8) returned 1
[0208.109] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.109] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0208.109] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e467a4, cPoints=0x1 | out: lpPoints=0x2e467a4) returned 40304859
[0208.109] WindowFromPoint (Point=0x10c) returned 0x602c4
[0208.109] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f010c) returned 0x1
[0208.109] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0208.109] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0208.110] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0208.110] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0208.110] GetSystemMetrics (nIndex=42) returned 0
[0208.110] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0208.110] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0208.112] GetCapture () returned 0x602c4
[0208.112] ReleaseCapture () returned 1
[0208.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0208.112] GetProcessWindowStation () returned 0x13c
[0208.113] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.113] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0208.114] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.114] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0208.114] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.114] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0208.114] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.114] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0208.115] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.115] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0208.115] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.115] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0208.115] GetDC (hWnd=0x0) returned 0xc0107c5
[0208.115] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0208.116] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0208.116] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.116] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0208.116] GetSystemMetrics (nIndex=5) returned 1
[0208.116] GetSystemMetrics (nIndex=6) returned 1
[0208.116] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.117] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0208.117] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.117] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0208.121] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0208.121] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0208.121] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.121] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0208.121] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.121] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0208.124] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e4c1c0 | out: lpData=0x2e4c1c0) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4c5d0, puLen=0xd7e810) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c278, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c2cc, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c34c, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c3b4, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c3f4, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c47c, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c4b8, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c510, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c540, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4c57c, puLen=0xd7e790) returned 1
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4c5d0, puLen=0xd7e784) returned 1
[0208.125] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.125] VerQueryValueW (in: pBlock=0x2e4c1c0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4c1e8, puLen=0xd7e794) returned 1
[0208.126] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0208.126] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0208.126] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.127] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0208.127] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.127] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0208.127] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e4e130 | out: lpData=0x2e4e130) returned 1
[0208.127] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4e1cc, puLen=0xd7e810) returned 1
[0208.127] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e244, puLen=0xd7e790) returned 1
[0208.127] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e274, puLen=0xd7e790) returned 1
[0208.127] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e2b0, puLen=0xd7e790) returned 1
[0208.127] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e2e0, puLen=0xd7e790) returned 1
[0208.127] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e328, puLen=0xd7e790) returned 1
[0208.127] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e3a0, puLen=0xd7e790) returned 1
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e3e4, puLen=0xd7e790) returned 1
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e424, puLen=0xd7e790) returned 1
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e222, puLen=0xd7e790) returned 1
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4e370, puLen=0xd7e790) returned 1
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4e1cc, puLen=0xd7e784) returned 1
[0208.128] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0208.128] VerQueryValueW (in: pBlock=0x2e4e130, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4e158, puLen=0xd7e794) returned 1
[0208.129] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0208.129] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0208.129] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.129] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0208.129] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.129] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0208.130] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e50408 | out: lpData=0x2e50408) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e5081c, puLen=0xd7e810) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e504c0, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50514, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50570, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e505d0, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50628, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e506b0, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50704, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5075c, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5078c, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e507c8, puLen=0xd7e790) returned 1
[0208.131] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.132] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e5081c, puLen=0xd7e784) returned 1
[0208.132] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.132] VerQueryValueW (in: pBlock=0x2e50408, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e50430, puLen=0xd7e794) returned 1
[0208.133] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0208.133] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0208.133] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.133] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0208.133] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.133] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0208.134] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e52a40 | out: lpData=0x2e52a40) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e52e40, puLen=0xd7e810) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52af8, puLen=0xd7e790) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52b4c, puLen=0xd7e790) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52b8c, puLen=0xd7e790) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52bf4, puLen=0xd7e790) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52c4c, puLen=0xd7e790) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52cd4, puLen=0xd7e790) returned 1
[0208.135] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52d28, puLen=0xd7e790) returned 1
[0208.136] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52d80, puLen=0xd7e790) returned 1
[0208.136] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52db0, puLen=0xd7e790) returned 1
[0208.136] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.136] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52dec, puLen=0xd7e790) returned 1
[0208.136] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.136] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e52e40, puLen=0xd7e784) returned 1
[0208.136] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.136] VerQueryValueW (in: pBlock=0x2e52a40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e52a68, puLen=0xd7e794) returned 1
[0208.137] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0208.137] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0208.137] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.137] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0208.137] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.137] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0208.138] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e5517c | out: lpData=0x2e5517c) returned 1
[0208.139] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e55544, puLen=0xd7e810) returned 1
[0208.139] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55234, puLen=0xd7e790) returned 1
[0208.139] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55288, puLen=0xd7e790) returned 1
[0208.139] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e552c8, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55330, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5536c, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e553f4, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5542c, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55484, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e554b4, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e554f0, puLen=0xd7e790) returned 1
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e55544, puLen=0xd7e784) returned 1
[0208.140] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.140] VerQueryValueW (in: pBlock=0x2e5517c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e551a4, puLen=0xd7e794) returned 1
[0208.141] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0208.141] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0208.141] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.141] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0208.141] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.141] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0208.142] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e587e4 | out: lpData=0x2e587e4) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e58bc4, puLen=0xd7e810) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5889c, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e588f0, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58930, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58990, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e589dc, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58a64, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58aac, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58b04, puLen=0xd7e790) returned 1
[0208.143] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58b34, puLen=0xd7e790) returned 1
[0208.144] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.144] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58b70, puLen=0xd7e790) returned 1
[0208.144] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.144] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e58bc4, puLen=0xd7e784) returned 1
[0208.144] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.144] VerQueryValueW (in: pBlock=0x2e587e4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e5880c, puLen=0xd7e794) returned 1
[0208.145] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0208.145] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0208.145] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.145] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0208.145] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.145] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0208.146] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e5b004 | out: lpData=0x2e5b004) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e5b410, puLen=0xd7e810) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b0bc, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b110, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b164, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b1c4, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b21c, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b2a4, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b2f8, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b350, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b380, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b3bc, puLen=0xd7e790) returned 1
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e5b410, puLen=0xd7e784) returned 1
[0208.147] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.147] VerQueryValueW (in: pBlock=0x2e5b004, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e5b02c, puLen=0xd7e794) returned 1
[0208.148] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0208.148] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0208.149] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.149] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0208.149] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.149] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0208.150] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e5d818 | out: lpData=0x2e5d818) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e5dbf0, puLen=0xd7e810) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5d8d0, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5d924, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5d964, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5d9cc, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5da10, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5da98, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5dad8, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5db30, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5db60, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5db9c, puLen=0xd7e790) returned 1
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e5dbf0, puLen=0xd7e784) returned 1
[0208.151] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.151] VerQueryValueW (in: pBlock=0x2e5d818, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e5d840, puLen=0xd7e794) returned 1
[0208.152] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0208.152] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0208.152] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.153] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0208.153] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.153] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0208.156] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e5fd70 | out: lpData=0x2e5fd70) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e60148, puLen=0xd7e810) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5fe28, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5fe7c, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5febc, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5ff24, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5ff68, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5fff0, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e60030, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e60088, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e600b8, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e600f4, puLen=0xd7e790) returned 1
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e60148, puLen=0xd7e784) returned 1
[0208.157] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.157] VerQueryValueW (in: pBlock=0x2e5fd70, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e5fd98, puLen=0xd7e794) returned 1
[0208.158] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0208.158] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0208.158] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0208.159] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0208.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0208.159] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0208.159] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e624a8 | out: lpData=0x2e624a8) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e628d8, puLen=0xd7e810) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62560, puLen=0xd7e790) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e625b4, puLen=0xd7e790) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62624, puLen=0xd7e790) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62684, puLen=0xd7e790) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e626e0, puLen=0xd7e790) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62768, puLen=0xd7e790) returned 1
[0208.160] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e627c0, puLen=0xd7e790) returned 1
[0208.161] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62818, puLen=0xd7e790) returned 1
[0208.161] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62848, puLen=0xd7e790) returned 1
[0208.161] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.161] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62884, puLen=0xd7e790) returned 1
[0208.161] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0208.161] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e628d8, puLen=0xd7e784) returned 1
[0208.161] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0208.161] VerQueryValueW (in: pBlock=0x2e624a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e624d0, puLen=0xd7e794) returned 1
[0208.161] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0208.162] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.162] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0208.162] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.163] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.163] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xb02d0
[0208.163] SetWindowLongW (hWnd=0xb02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0208.163] GetWindowLongW (hWnd=0xb02d0, nIndex=-4) returned 1950089536
[0208.164] SetWindowLongW (hWnd=0xb02d0, nIndex=-4, dwNewLong=19945782) returned 1950089536
[0208.164] GetWindowLongW (hWnd=0xb02d0, nIndex=-4) returned 19945782
[0208.164] GetWindowLongW (hWnd=0xb02d0, nIndex=-16) returned 113311744
[0208.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0208.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0208.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0208.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0208.165] GetClientRect (in: hWnd=0xb02d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0208.165] GetWindowRect (in: hWnd=0xb02d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0208.165] SetWindowTextW (hWnd=0xb02d0, lpString="WindowsFormsParkingWindow") returned 1
[0208.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0xc, wParam=0x0, lParam=0x2e27a58) returned 0x1
[0208.166] GetParent (hWnd=0xb02d0) returned 0x0
[0208.167] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.167] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0xb02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002c8
[0208.167] SetWindowLongW (hWnd=0x1002c8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0208.167] GetWindowLongW (hWnd=0x1002c8, nIndex=-4) returned 1868147648
[0208.167] SetWindowLongW (hWnd=0x1002c8, nIndex=-4, dwNewLong=19946182) returned 1868147648
[0208.168] GetWindowLongW (hWnd=0x1002c8, nIndex=-4) returned 19946182
[0208.168] GetWindowLongW (hWnd=0x1002c8, nIndex=-16) returned 1174405133
[0208.168] GetWindowLongW (hWnd=0x1002c8, nIndex=-12) returned 0
[0208.168] SetWindowLongW (hWnd=0x1002c8, nIndex=-12, dwNewLong=1049288) returned 0
[0208.168] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0208.168] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0208.170] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0208.171] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0208.171] GetWindowRect (in: hWnd=0x1002c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0208.171] GetParent (hWnd=0x1002c8) returned 0xb02d0
[0208.171] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02d0, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0208.171] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0208.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0208.172] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0208.172] GetWindowRect (in: hWnd=0x1002c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0208.172] GetParent (hWnd=0x1002c8) returned 0xb02d0
[0208.172] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02d0, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0208.172] SendMessageW (hWnd=0x1002c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1002c8) returned 0x0
[0208.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1002c8) returned 0x0
[0208.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.172] GetParent (hWnd=0x1002c8) returned 0xb02d0
[0208.172] GdipCreateFromHWND (hwnd=0x1002c8, graphics=0xd7e844) returned 0x0
[0208.173] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0208.173] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.173] GetForegroundWindow () returned 0x7005c
[0208.174] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.174] GetSystemMetrics (nIndex=42) returned 0
[0208.174] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0208.174] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.174] GetSystemMetrics (nIndex=42) returned 0
[0208.174] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0208.175] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.175] GetCursorPos (in: lpPoint=0x2e6692c | out: lpPoint=0x2e6692c*(x=268, y=623)) returned 1
[0208.175] MonitorFromPoint (pt=0x10c, dwFlags=0x26f) returned 0x10001
[0208.175] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0208.175] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x120107f8
[0208.175] GetDeviceCaps (hdc=0x120107f8, index=12) returned 32
[0208.175] GetDeviceCaps (hdc=0x120107f8, index=14) returned 1
[0208.175] DeleteDC (hdc=0x120107f8) returned 1
[0208.175] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0208.176] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0208.176] GetSystemMetrics (nIndex=59) returned 1460
[0208.176] GetSystemMetrics (nIndex=60) returned 920
[0208.176] GetSystemMetrics (nIndex=34) returned 136
[0208.176] GetSystemMetrics (nIndex=35) returned 39
[0208.176] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.176] GetCursorPos (in: lpPoint=0x2e66b98 | out: lpPoint=0x2e66b98*(x=268, y=623)) returned 1
[0208.176] MonitorFromPoint (pt=0x10c, dwFlags=0x26f) returned 0x10001
[0208.176] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0208.177] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x130107f8
[0208.177] GetDeviceCaps (hdc=0x130107f8, index=12) returned 32
[0208.177] GetDeviceCaps (hdc=0x130107f8, index=14) returned 1
[0208.177] DeleteDC (hdc=0x130107f8) returned 1
[0208.177] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0208.177] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0208.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.178] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0208.178] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e66e30 | out: piconinfo=0x2e66e30) returned 1
[0208.178] GetObjectW (in: h=0x770507e0, c=24, pv=0x2e66e4c | out: pv=0x2e66e4c) returned 24
[0208.178] GdipCreateBitmapFromHBITMAP (hbm=0x770507e0, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0208.178] GdipGetImageWidth (image=0x664fe20, width=0xd7e750) returned 0x0
[0208.178] GdipGetImageHeight (image=0x664fe20, height=0xd7e748) returned 0x0
[0208.178] GdipGetImagePixelFormat (image=0x664fe20, format=0xd7e740) returned 0x0
[0208.178] GdipBitmapLockBits (bitmap=0x664fe20, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e66f04) returned 0x0
[0208.179] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0208.179] GdipBitmapLockBits (bitmap=0x6650168, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e66f3c) returned 0x0
[0208.179] RtlMoveMemory (in: Destination=0x6659f20, Source=0x6661ed8, Length=0x80 | out: Destination=0x6659f20)
[0208.179] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x6661e58, Length=0x80 | out: Destination=0x6659fa0)
[0208.179] RtlMoveMemory (in: Destination=0x665a020, Source=0x6661dd8, Length=0x80 | out: Destination=0x665a020)
[0208.179] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x6661d58, Length=0x80 | out: Destination=0x665a0a0)
[0208.179] RtlMoveMemory (in: Destination=0x665a120, Source=0x6661cd8, Length=0x80 | out: Destination=0x665a120)
[0208.179] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x6661c58, Length=0x80 | out: Destination=0x665a1a0)
[0208.179] RtlMoveMemory (in: Destination=0x665a220, Source=0x6661bd8, Length=0x80 | out: Destination=0x665a220)
[0208.179] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x6661b58, Length=0x80 | out: Destination=0x665a2a0)
[0208.179] RtlMoveMemory (in: Destination=0x665a320, Source=0x6661ad8, Length=0x80 | out: Destination=0x665a320)
[0208.179] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x6661a58, Length=0x80 | out: Destination=0x665a3a0)
[0208.179] RtlMoveMemory (in: Destination=0x665a420, Source=0x66619d8, Length=0x80 | out: Destination=0x665a420)
[0208.179] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x6661958, Length=0x80 | out: Destination=0x665a4a0)
[0208.179] RtlMoveMemory (in: Destination=0x665a520, Source=0x66618d8, Length=0x80 | out: Destination=0x665a520)
[0208.180] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x6661858, Length=0x80 | out: Destination=0x665a5a0)
[0208.180] RtlMoveMemory (in: Destination=0x665a620, Source=0x66617d8, Length=0x80 | out: Destination=0x665a620)
[0208.180] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x6661758, Length=0x80 | out: Destination=0x665a6a0)
[0208.180] RtlMoveMemory (in: Destination=0x665a720, Source=0x66616d8, Length=0x80 | out: Destination=0x665a720)
[0208.180] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x6661658, Length=0x80 | out: Destination=0x665a7a0)
[0208.180] RtlMoveMemory (in: Destination=0x665a820, Source=0x66615d8, Length=0x80 | out: Destination=0x665a820)
[0208.180] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x6661558, Length=0x80 | out: Destination=0x665a8a0)
[0208.180] RtlMoveMemory (in: Destination=0x665a920, Source=0x66614d8, Length=0x80 | out: Destination=0x665a920)
[0208.180] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x6661458, Length=0x80 | out: Destination=0x665a9a0)
[0208.180] RtlMoveMemory (in: Destination=0x665aa20, Source=0x66613d8, Length=0x80 | out: Destination=0x665aa20)
[0208.180] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x6661358, Length=0x80 | out: Destination=0x665aaa0)
[0208.180] RtlMoveMemory (in: Destination=0x665ab20, Source=0x66612d8, Length=0x80 | out: Destination=0x665ab20)
[0208.180] RtlMoveMemory (in: Destination=0x665aba0, Source=0x6661258, Length=0x80 | out: Destination=0x665aba0)
[0208.180] RtlMoveMemory (in: Destination=0x665ac20, Source=0x66611d8, Length=0x80 | out: Destination=0x665ac20)
[0208.180] RtlMoveMemory (in: Destination=0x665aca0, Source=0x6661158, Length=0x80 | out: Destination=0x665aca0)
[0208.180] RtlMoveMemory (in: Destination=0x665ad20, Source=0x66610d8, Length=0x80 | out: Destination=0x665ad20)
[0208.180] RtlMoveMemory (in: Destination=0x665ada0, Source=0x6661058, Length=0x80 | out: Destination=0x665ada0)
[0208.180] RtlMoveMemory (in: Destination=0x665ae20, Source=0x6660fd8, Length=0x80 | out: Destination=0x665ae20)
[0208.181] RtlMoveMemory (in: Destination=0x665aea0, Source=0x6660f58, Length=0x80 | out: Destination=0x665aea0)
[0208.181] GdipBitmapUnlockBits (bitmap=0x664fe20, lockedBitmapData=0x2e66f04) returned 0x0
[0208.181] GdipBitmapUnlockBits (bitmap=0x6650168, lockedBitmapData=0x2e66f3c) returned 0x0
[0208.181] GdipDisposeImage (image=0x664fe20) returned 0x0
[0208.181] DeleteObject (ho=0x770507e0) returned 1
[0208.181] DeleteObject (ho=0x140507f8) returned 1
[0208.181] GetCurrentThreadId () returned 0xf50
[0208.181] GetCurrentThreadId () returned 0xf50
[0208.181] SetWindowPos (hWnd=0x1002c8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0208.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0208.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0208.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0208.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0208.182] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0208.182] GetWindowRect (in: hWnd=0x1002c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0208.182] GetParent (hWnd=0x1002c8) returned 0xb02d0
[0208.182] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02d0, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0208.182] InvalidateRect (hWnd=0x1002c8, lpRect=0x0, bErase=1) returned 1
[0208.182] GetWindowTextLengthW (hWnd=0x1002c8) returned 0
[0208.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0208.182] GetSystemMetrics (nIndex=42) returned 0
[0208.182] GetWindowTextW (in: hWnd=0x1002c8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0208.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0208.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0208.183] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0208.183] GetWindowRect (in: hWnd=0x1002c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0208.183] GetParent (hWnd=0x1002c8) returned 0xb02d0
[0208.183] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xb02d0, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0208.183] GetWindowTextLengthW (hWnd=0x1002c8) returned 0
[0208.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0208.183] GetSystemMetrics (nIndex=42) returned 0
[0208.183] GetWindowTextW (in: hWnd=0x1002c8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0208.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0208.183] GetWindowTextLengthW (hWnd=0x1002c8) returned 0
[0208.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0208.183] GetSystemMetrics (nIndex=42) returned 0
[0208.183] GetWindowTextW (in: hWnd=0x1002c8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0208.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0208.183] SetWindowTextW (hWnd=0x1002c8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0208.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xc, wParam=0x0, lParam=0x2e47d98) returned 0x1
[0208.184] InvalidateRect (hWnd=0x1002c8, lpRect=0x0, bErase=1) returned 1
[0208.184] GetCurrentThreadId () returned 0xf50
[0208.184] GetWindowThreadProcessId (in: hWnd=0x1002c8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0208.184] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0208.185] GdipImageForceValidation (image=0x664f790) returned 0x0
[0208.187] GdipGetImageRawFormat (image=0x664f790, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0208.187] GdipGetImageHeight (image=0x664f790, height=0xd7e824) returned 0x0
[0208.187] GdipGetImageWidth (image=0x664f790, width=0xd7e824) returned 0x0
[0208.187] GdipGetImageWidth (image=0x664f790, width=0xd7e810) returned 0x0
[0208.187] GdipGetImageHeight (image=0x664f790, height=0xd7e810) returned 0x0
[0208.187] GdipGetImageWidth (image=0x664f790, width=0xd7e800) returned 0x0
[0208.187] GdipGetImageHeight (image=0x664f790, height=0xd7e800) returned 0x0
[0208.187] GdipBitmapGetPixel (bitmap=0x664f790, x=0, y=15, color=0xd7e810) returned 0x0
[0208.187] GdipGetImageRawFormat (image=0x664f790, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0208.187] GdipGetImageWidth (image=0x664f790, width=0xd7e740) returned 0x0
[0208.187] GdipGetImageHeight (image=0x664f790, height=0xd7e740) returned 0x0
[0208.188] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0208.188] GdipGetImagePixelFormat (image=0x664fe20, format=0xd7e740) returned 0x0
[0208.188] GdipGetImageGraphicsContext (image=0x664fe20, graphics=0xd7e74c) returned 0x0
[0208.188] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0208.188] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0208.188] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0208.188] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f790, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0208.188] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0208.188] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.188] GdipDisposeImage (image=0x664f790) returned 0x0
[0208.189] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0208.190] GdipImageForceValidation (image=0x66511d0) returned 0x0
[0208.192] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0208.192] GdipGetImageHeight (image=0x66511d0, height=0xd7e824) returned 0x0
[0208.192] GdipGetImageWidth (image=0x66511d0, width=0xd7e824) returned 0x0
[0208.192] GdipGetImageWidth (image=0x66511d0, width=0xd7e810) returned 0x0
[0208.192] GdipGetImageHeight (image=0x66511d0, height=0xd7e810) returned 0x0
[0208.192] GdipGetImageWidth (image=0x66511d0, width=0xd7e800) returned 0x0
[0208.192] GdipGetImageHeight (image=0x66511d0, height=0xd7e800) returned 0x0
[0208.192] GdipBitmapGetPixel (bitmap=0x66511d0, x=0, y=15, color=0xd7e810) returned 0x0
[0208.192] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0208.192] GdipGetImageWidth (image=0x66511d0, width=0xd7e740) returned 0x0
[0208.192] GdipGetImageHeight (image=0x66511d0, height=0xd7e740) returned 0x0
[0208.192] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0208.192] GdipGetImagePixelFormat (image=0x664f790, format=0xd7e740) returned 0x0
[0208.193] GdipGetImageGraphicsContext (image=0x664f790, graphics=0xd7e74c) returned 0x0
[0208.193] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0208.193] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0208.193] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0208.193] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66511d0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0208.193] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0208.193] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.193] GdipDisposeImage (image=0x66511d0) returned 0x0
[0208.194] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.194] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0208.194] GetCurrentThreadId () returned 0xf50
[0208.194] GetCurrentThreadId () returned 0xf50
[0208.194] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.194] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0208.194] GetCurrentThreadId () returned 0xf50
[0208.194] GetCurrentThreadId () returned 0xf50
[0208.195] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.195] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0208.195] GetCurrentThreadId () returned 0xf50
[0208.195] GetCurrentThreadId () returned 0xf50
[0208.195] GetSystemMetrics (nIndex=5) returned 1
[0208.195] GetSystemMetrics (nIndex=6) returned 1
[0208.195] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.195] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0208.196] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.196] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0208.196] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.196] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0208.196] GetCurrentThreadId () returned 0xf50
[0208.196] GetCurrentThreadId () returned 0xf50
[0208.196] GetProcessWindowStation () returned 0x13c
[0208.197] GetCapture () returned 0x0
[0208.197] GetActiveWindow () returned 0x7005c
[0208.197] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0208.197] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.197] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0208.197] GetCursorPos (in: lpPoint=0x2e6807c | out: lpPoint=0x2e6807c*(x=268, y=623)) returned 1
[0208.198] MonitorFromPoint (pt=0x10b, dwFlags=0x271) returned 0x10001
[0208.198] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0208.198] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x150107f8
[0208.198] GetDeviceCaps (hdc=0x150107f8, index=12) returned 32
[0208.198] GetDeviceCaps (hdc=0x150107f8, index=14) returned 1
[0208.198] DeleteDC (hdc=0x150107f8) returned 1
[0208.198] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0208.199] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.199] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1602dc
[0208.206] SetWindowLongW (hWnd=0x1602dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0208.206] GetWindowLongW (hWnd=0x1602dc, nIndex=-4) returned 1950089536
[0208.206] SetWindowLongW (hWnd=0x1602dc, nIndex=-4, dwNewLong=19946102) returned 1950089536
[0208.206] GetWindowLongW (hWnd=0x1602dc, nIndex=-4) returned 19946102
[0208.206] GetWindowLongW (hWnd=0x1602dc, nIndex=-16) returned 113770496
[0208.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0208.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0208.208] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0208.208] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0208.208] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0208.208] SetWindowTextW (hWnd=0x1602dc, lpString="BB ransomware") returned 1
[0208.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xc, wParam=0x0, lParam=0x2e66818) returned 0x1
[0208.210] GetStartupInfoW (in: lpStartupInfo=0x2e683b8 | out: lpStartupInfo=0x2e683b8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0208.212] GetParent (hWnd=0x1602dc) returned 0x0
[0208.212] SetWindowLongW (hWnd=0x1602dc, nIndex=-8, dwNewLong=0) returned 0
[0208.214] SendMessageW (hWnd=0x1602dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0208.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0208.214] SendMessageW (hWnd=0x1602dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0208.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0208.214] GetSystemMenu (hWnd=0x1602dc, bRevert=0) returned 0x5302a1
[0208.215] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0208.215] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0208.215] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0208.215] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0208.215] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0208.215] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0208.215] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0208.215] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0208.216] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0208.216] SetWindowPos (hWnd=0x1602dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0208.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0208.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1602dc) returned 0x1
[0208.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0208.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0208.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.224] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1602dc, lParam=0x0) returned 0x0
[0208.224] GetCapture () returned 0x0
[0208.224] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0208.225] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0208.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0208.228] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.228] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0208.229] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0208.229] GetParent (hWnd=0x1602dc) returned 0x0
[0208.229] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0208.239] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0208.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0208.239] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0208.239] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0208.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.242] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.242] GetWindowLongW (hWnd=0x1602dc, nIndex=-16) returned 113770496
[0208.242] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.242] GetSystemMetrics (nIndex=42) returned 0
[0208.242] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0208.242] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.242] GetSystemMetrics (nIndex=42) returned 0
[0208.242] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0208.242] GetCursorPos (in: lpPoint=0x2e685f4 | out: lpPoint=0x2e685f4*(x=268, y=623)) returned 1
[0208.242] MonitorFromPoint (pt=0x10c, dwFlags=0x26f) returned 0x10001
[0208.243] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0208.243] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xab0107da
[0208.243] GetDeviceCaps (hdc=0xab0107da, index=12) returned 32
[0208.243] GetDeviceCaps (hdc=0xab0107da, index=14) returned 1
[0208.243] DeleteDC (hdc=0xab0107da) returned 1
[0208.243] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0208.243] GetWindowLongW (hWnd=0x1602dc, nIndex=-16) returned 113770496
[0208.243] GetWindowLongW (hWnd=0x1602dc, nIndex=-20) returned 327945
[0208.243] SetWindowLongW (hWnd=0x1602dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0208.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0208.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0208.245] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.245] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.245] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.246] SetWindowLongW (hWnd=0x1602dc, nIndex=-20, dwNewLong=327681) returned 327945
[0208.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0208.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0208.248] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.248] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.249] SetWindowPos (hWnd=0x1602dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0208.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0208.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0208.250] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0208.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0208.250] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0208.250] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0208.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.252] RedrawWindow (hWnd=0x1602dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0208.252] GetSystemMenu (hWnd=0x1602dc, bRevert=0) returned 0x5302a1
[0208.252] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0208.253] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0208.253] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0208.253] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0208.253] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0208.253] EnableMenuItem (hMenu=0x5302a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0208.253] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0208.253] GetWindowLongW (hWnd=0x1602dc, nIndex=-8) returned 0
[0208.253] SetWindowLongW (hWnd=0x1602dc, nIndex=-8, dwNewLong=458844) returned 0
[0208.254] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0208.254] GetProcessWindowStation () returned 0x13c
[0208.254] GetCurrentThreadId () returned 0xf50
[0208.255] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130595e, lParam=0x0) returned 1
[0208.255] IsWindowVisible (hWnd=0x1602dc) returned 0
[0208.255] IsWindowVisible (hWnd=0x7005c) returned 1
[0208.255] IsWindowEnabled (hWnd=0x7005c) returned 1
[0208.255] IsWindowVisible (hWnd=0x300ec) returned 0
[0208.255] IsWindowVisible (hWnd=0x502c6) returned 0
[0208.255] IsWindowVisible (hWnd=0x502be) returned 0
[0208.255] GetActiveWindow () returned 0x1602dc
[0208.255] GetFocus () returned 0x1602dc
[0208.255] IsWindow (hWnd=0x7005c) returned 1
[0208.255] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0208.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0208.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0208.256] GetWindowLongW (hWnd=0x1602dc, nIndex=-8) returned 458844
[0208.256] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0208.256] GetCurrentThreadId () returned 0xf50
[0208.256] GetWindowLongW (hWnd=0x1602dc, nIndex=-8) returned 458844
[0208.256] IsWindowEnabled (hWnd=0x7005c) returned 0
[0208.256] IsWindowEnabled (hWnd=0x1602dc) returned 1
[0208.256] ShowWindow (hWnd=0x1602dc, nCmdShow=5) returned 0
[0208.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.257] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0208.257] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.257] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.258] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1602dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1900ea
[0208.258] SetWindowLongW (hWnd=0x1900ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0208.258] GetWindowLongW (hWnd=0x1900ea, nIndex=-4) returned 1950089536
[0208.258] SetWindowLongW (hWnd=0x1900ea, nIndex=-4, dwNewLong=19942686) returned 1950089536
[0208.259] GetWindowLongW (hWnd=0x1900ea, nIndex=-4) returned 19942686
[0208.259] GetWindowLongW (hWnd=0x1900ea, nIndex=-16) returned 1174405120
[0208.259] GetWindowLongW (hWnd=0x1900ea, nIndex=-12) returned 0
[0208.259] SetWindowLongW (hWnd=0x1900ea, nIndex=-12, dwNewLong=1638634) returned 0
[0208.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0208.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0208.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0208.272] GetWindow (hWnd=0x1900ea, uCmd=0x3) returned 0x0
[0208.272] GetClientRect (in: hWnd=0x1900ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0208.272] GetWindowRect (in: hWnd=0x1900ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0208.272] GetParent (hWnd=0x1900ea) returned 0x1602dc
[0208.272] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0208.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0208.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0208.273] GetClientRect (in: hWnd=0x1900ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0208.273] GetWindowRect (in: hWnd=0x1900ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0208.273] GetParent (hWnd=0x1900ea) returned 0x1602dc
[0208.273] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0208.273] SendMessageW (hWnd=0x1900ea, Msg=0x2210, wParam=0xea0001, lParam=0x1900ea) returned 0x0
[0208.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x2210, wParam=0xea0001, lParam=0x1900ea) returned 0x0
[0208.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.274] GetParent (hWnd=0x1900ea) returned 0x1602dc
[0208.274] GetParent (hWnd=0x1002c8) returned 0xb02d0
[0208.274] SetParent (hWndChild=0x1002c8, hWndNewParent=0x1602dc) returned 0xb02d0
[0208.274] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0208.274] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0208.275] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0208.275] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0208.275] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0208.275] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0208.275] GetWindowRect (in: hWnd=0x1002c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0208.275] GetParent (hWnd=0x1002c8) returned 0x1602dc
[0208.275] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0208.275] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0208.275] GetWindowRect (in: hWnd=0x1002c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0208.275] GetParent (hWnd=0x1002c8) returned 0x1602dc
[0208.275] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0208.275] GetParent (hWnd=0x1002c8) returned 0x1602dc
[0208.275] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.276] GetWindow (hWnd=0x1002c8, uCmd=0x3) returned 0x0
[0208.276] SetWindowPos (hWnd=0x1002c8, hWndInsertAfter=0x1900ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0208.276] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0208.276] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0208.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0208.277] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0208.277] GetWindowRect (in: hWnd=0x1002c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0208.277] GetParent (hWnd=0x1002c8) returned 0x1602dc
[0208.277] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0208.277] GetParent (hWnd=0x1002c8) returned 0x1602dc
[0208.277] GetWindow (hWnd=0x1002c8, uCmd=0x3) returned 0x1900ea
[0208.277] GetWindowThreadProcessId (in: hWnd=0x1002c8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0208.277] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0208.277] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.278] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.278] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1602dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1802d8
[0208.279] SetWindowLongW (hWnd=0x1802d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0208.279] GetWindowLongW (hWnd=0x1802d8, nIndex=-4) returned 1868032000
[0208.279] SetWindowLongW (hWnd=0x1802d8, nIndex=-4, dwNewLong=19943086) returned 1868032000
[0208.279] GetWindowLongW (hWnd=0x1802d8, nIndex=-4) returned 19943086
[0208.279] GetWindowLongW (hWnd=0x1802d8, nIndex=-16) returned 1174470667
[0208.279] GetWindowLongW (hWnd=0x1802d8, nIndex=-12) returned 0
[0208.279] SetWindowLongW (hWnd=0x1802d8, nIndex=-12, dwNewLong=1573592) returned 0
[0208.279] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0208.280] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0208.280] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0208.281] SendMessageW (hWnd=0x1802d8, Msg=0x2055, wParam=0x1802d8, lParam=0x3) returned 0x2
[0208.281] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0208.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0208.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0208.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0208.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0208.282] RedrawWindow (hWnd=0x1900ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0208.282] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0208.282] RedrawWindow (hWnd=0x1002c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0208.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0208.282] RedrawWindow (hWnd=0x1802d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0208.282] RedrawWindow (hWnd=0x1602dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0208.283] GetWindow (hWnd=0x1802d8, uCmd=0x3) returned 0x1002c8
[0208.283] GetClientRect (in: hWnd=0x1802d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0208.283] GetWindowRect (in: hWnd=0x1802d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0208.283] GetParent (hWnd=0x1802d8) returned 0x1602dc
[0208.283] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0208.283] SetWindowTextW (hWnd=0x1802d8, lpString="&Details") returned 1
[0208.283] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0208.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0208.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0208.284] GetClientRect (in: hWnd=0x1802d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0208.284] GetWindowRect (in: hWnd=0x1802d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0208.284] GetParent (hWnd=0x1802d8) returned 0x1602dc
[0208.284] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0208.284] SendMessageW (hWnd=0x1802d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1802d8) returned 0x0
[0208.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1802d8) returned 0x0
[0208.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.285] GetParent (hWnd=0x1802d8) returned 0x1602dc
[0208.285] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0208.285] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.286] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.286] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1602dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc02ce
[0208.286] SetWindowLongW (hWnd=0xc02ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0208.286] GetWindowLongW (hWnd=0xc02ce, nIndex=-4) returned 1868032000
[0208.286] SetWindowLongW (hWnd=0xc02ce, nIndex=-4, dwNewLong=19943286) returned 1868032000
[0208.287] GetWindowLongW (hWnd=0xc02ce, nIndex=-4) returned 19943286
[0208.287] GetWindowLongW (hWnd=0xc02ce, nIndex=-16) returned 1174470667
[0208.287] GetWindowLongW (hWnd=0xc02ce, nIndex=-12) returned 0
[0208.287] SetWindowLongW (hWnd=0xc02ce, nIndex=-12, dwNewLong=787150) returned 0
[0208.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0208.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0208.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0208.289] SendMessageW (hWnd=0xc02ce, Msg=0x2055, wParam=0xc02ce, lParam=0x3) returned 0x2
[0208.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0208.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0208.289] GetWindow (hWnd=0xc02ce, uCmd=0x3) returned 0x1802d8
[0208.289] GetClientRect (in: hWnd=0xc02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0208.289] GetWindowRect (in: hWnd=0xc02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0208.289] GetParent (hWnd=0xc02ce) returned 0x1602dc
[0208.289] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0208.289] SetWindowTextW (hWnd=0xc02ce, lpString="&Continue") returned 1
[0208.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0208.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0208.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0208.290] GetClientRect (in: hWnd=0xc02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0208.290] GetWindowRect (in: hWnd=0xc02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0208.290] GetParent (hWnd=0xc02ce) returned 0x1602dc
[0208.290] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0208.290] SendMessageW (hWnd=0xc02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xc02ce) returned 0x0
[0208.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xc02ce) returned 0x0
[0208.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.291] GetParent (hWnd=0xc02ce) returned 0x1602dc
[0208.291] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0208.291] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.292] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.292] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1602dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1602de
[0208.292] SetWindowLongW (hWnd=0x1602de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0208.292] GetWindowLongW (hWnd=0x1602de, nIndex=-4) returned 1868032000
[0208.293] SetWindowLongW (hWnd=0x1602de, nIndex=-4, dwNewLong=19943406) returned 1868032000
[0208.293] GetWindowLongW (hWnd=0x1602de, nIndex=-4) returned 19943406
[0208.293] GetWindowLongW (hWnd=0x1602de, nIndex=-16) returned 1174470667
[0208.293] GetWindowLongW (hWnd=0x1602de, nIndex=-12) returned 0
[0208.293] SetWindowLongW (hWnd=0x1602de, nIndex=-12, dwNewLong=1442526) returned 0
[0208.293] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0208.294] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0208.294] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0208.295] SendMessageW (hWnd=0x1602de, Msg=0x2055, wParam=0x1602de, lParam=0x3) returned 0x2
[0208.296] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0208.296] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0208.296] GetWindow (hWnd=0x1602de, uCmd=0x3) returned 0xc02ce
[0208.296] GetClientRect (in: hWnd=0x1602de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0208.296] GetWindowRect (in: hWnd=0x1602de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0208.296] GetParent (hWnd=0x1602de) returned 0x1602dc
[0208.296] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0208.296] SetWindowTextW (hWnd=0x1602de, lpString="&Quit") returned 1
[0208.296] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0208.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0208.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0208.297] GetClientRect (in: hWnd=0x1602de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0208.297] GetWindowRect (in: hWnd=0x1602de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0208.297] GetParent (hWnd=0x1602de) returned 0x1602dc
[0208.297] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0208.297] SendMessageW (hWnd=0x1602de, Msg=0x2210, wParam=0x2de0001, lParam=0x1602de) returned 0x0
[0208.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x2210, wParam=0x2de0001, lParam=0x1602de) returned 0x0
[0208.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.298] GetParent (hWnd=0x1602de) returned 0x1602dc
[0208.298] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0208.298] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.298] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0208.299] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1602dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1602da
[0208.299] SetWindowLongW (hWnd=0x1602da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0208.299] GetWindowLongW (hWnd=0x1602da, nIndex=-4) returned 1868026976
[0208.300] SetWindowLongW (hWnd=0x1602da, nIndex=-4, dwNewLong=19943326) returned 1868026976
[0208.300] GetWindowLongW (hWnd=0x1602da, nIndex=-4) returned 19943326
[0208.300] GetWindowLongW (hWnd=0x1602da, nIndex=-16) returned 1177553092
[0208.300] GetWindowLongW (hWnd=0x1602da, nIndex=-12) returned 0
[0208.300] SetWindowLongW (hWnd=0x1602da, nIndex=-12, dwNewLong=1442522) returned 0
[0208.300] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0208.301] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0208.302] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0208.321] GetWindow (hWnd=0x1602da, uCmd=0x3) returned 0x1602de
[0208.321] GetClientRect (in: hWnd=0x1602da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0208.321] GetWindowRect (in: hWnd=0x1602da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0208.321] GetParent (hWnd=0x1602da) returned 0x1602dc
[0208.321] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0208.321] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.321] GetSystemMetrics (nIndex=42) returned 0
[0208.321] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0208.321] SendMessageW (hWnd=0x1602da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0208.321] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0208.328] SetWindowTextW (hWnd=0x1602da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0208.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0xc, wParam=0x0, lParam=0x2e64200) returned 0x1
[0208.330] GetSystemMetrics (nIndex=5) returned 1
[0208.330] GetSystemMetrics (nIndex=6) returned 1
[0208.330] SendMessageW (hWnd=0x1602da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0208.330] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0208.331] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0208.332] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0208.332] GetClientRect (in: hWnd=0x1602da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0208.332] GetWindowRect (in: hWnd=0x1602da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0208.332] GetParent (hWnd=0x1602da) returned 0x1602dc
[0208.332] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0208.332] SendMessageW (hWnd=0x1602da, Msg=0x2210, wParam=0x2da0001, lParam=0x1602da) returned 0x0
[0208.332] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x2210, wParam=0x2da0001, lParam=0x1602da) returned 0x0
[0208.332] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0208.332] GetParent (hWnd=0x1602da) returned 0x1602dc
[0208.333] GetWindowLongW (hWnd=0x1602dc, nIndex=-8) returned 458844
[0208.333] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0208.333] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0208.333] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb20107da
[0208.333] GetDeviceCaps (hdc=0xb20107da, index=12) returned 32
[0208.333] GetDeviceCaps (hdc=0xb20107da, index=14) returned 1
[0208.333] DeleteDC (hdc=0xb20107da) returned 1
[0208.333] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0208.333] GetWindowThreadProcessId (in: hWnd=0x1602dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0208.333] GetCurrentThreadId () returned 0xf50
[0208.333] PostMessageW (hWnd=0x1602dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0208.334] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.334] GetSystemMetrics (nIndex=42) returned 0
[0208.334] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0208.334] GdipImageGetFrameDimensionsCount (image=0x6650168, count=0xd7e25c) returned 0x0
[0208.334] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12009c8
[0208.334] GdipImageGetFrameDimensionsList (image=0x6650168, dimensionIDs=0x12009c8*(Data1=0x6f7af180, Data2=0xf180, Data3=0x6f7a, Data4=([0]=0x80, [1]=0xf1, [2]=0x7a, [3]=0x6f, [4]=0x80, [5]=0xf1, [6]=0x7a, [7]=0x6f)), count=0x1) returned 0x0
[0208.334] LocalFree (hMem=0x12009c8) returned 0x0
[0208.334] GdipImageGetFrameDimensionsCount (image=0x664fe20, count=0xd7e250) returned 0x0
[0208.334] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200a58
[0208.334] GdipImageGetFrameDimensionsList (image=0x664fe20, dimensionIDs=0x1200a58*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x30, [1]=0xd2, [2]=0x7a, [3]=0x6f, [4]=0x90, [5]=0xe1, [6]=0x7a, [7]=0x6f)), count=0x1) returned 0x0
[0208.334] LocalFree (hMem=0x1200a58) returned 0x0
[0208.334] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0208.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0208.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0208.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0208.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.349] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0208.349] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0208.349] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.349] GetSystemMetrics (nIndex=42) returned 0
[0208.349] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0208.350] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0208.350] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0208.350] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0208.350] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xffffffff9f0507bb
[0208.350] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0208.350] SaveDC (hdc=0x107b9) returned 1
[0208.350] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0208.350] CreateSolidBrush (color=0xf0f0f0) returned 0x51007e1
[0208.350] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x51007e1) returned 1
[0208.350] DeleteObject (ho=0x51007e1) returned 1
[0208.350] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0208.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0208.351] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0208.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0208.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0208.351] GetStockObject (i=5) returned 0x900015
[0208.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0208.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0208.352] GetStockObject (i=5) returned 0x900015
[0208.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0208.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0208.352] GetStockObject (i=5) returned 0x900015
[0208.353] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0208.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0208.353] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0208.353] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0208.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0208.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0208.355] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0208.355] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0208.355] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.355] InvalidateRect (hWnd=0x1802d8, lpRect=0x0, bErase=0) returned 1
[0208.355] GetFocus () returned 0x1602dc
[0208.355] GetFocus () returned 0x1602dc
[0208.356] SetFocus (hWnd=0x1802d8) returned 0x1602dc
[0208.357] GetFocus () returned 0x1802d8
[0208.357] IsChild (hWndParent=0x1602dc, hWnd=0x1802d8) returned 1
[0208.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x8, wParam=0x1802d8, lParam=0x0) returned 0x0
[0208.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0208.359] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0208.361] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x7, wParam=0x1602dc, lParam=0x0) returned 0x0
[0208.361] GetStockObject (i=5) returned 0x900015
[0208.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0208.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0208.361] GetDlgItem (hDlg=0x1602dc, nIDDlgItem=1573592) returned 0x1802d8
[0208.361] SendMessageW (hWnd=0x1802d8, Msg=0x202b, wParam=0x1802d8, lParam=0xd7e0dc) returned 0x0
[0208.362] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x202b, wParam=0x1802d8, lParam=0xd7e0dc) returned 0x0
[0208.362] InvalidateRect (hWnd=0x1802d8, lpRect=0x0, bErase=0) returned 1
[0208.365] GetFocus () returned 0x1802d8
[0208.365] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.365] IsWindowUnicode (hWnd=0x1602dc) returned 1
[0208.365] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.365] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.365] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0208.365] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.365] IsWindowUnicode (hWnd=0x1602dc) returned 1
[0208.365] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.366] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.366] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.366] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0208.366] IsWindowUnicode (hWnd=0x1602dc) returned 1
[0208.366] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.366] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.366] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.367] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.367] IsWindowUnicode (hWnd=0x602c4) returned 1
[0208.367] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.367] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.367] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.367] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0208.367] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0208.367] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.368] IsWindowUnicode (hWnd=0x1602dc) returned 1
[0208.368] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.368] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.368] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.368] BeginPaint (in: hWnd=0x1602dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0208.368] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.369] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.369] GetSystemMetrics (nIndex=42) returned 0
[0208.369] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0208.369] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.369] EndPaint (hWnd=0x1602dc, lpPaint=0xd7e274) returned 1
[0208.369] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.369] IsWindowUnicode (hWnd=0x1900ea) returned 1
[0208.369] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.369] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.369] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.369] BeginPaint (in: hWnd=0x1900ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0208.370] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.370] CreateCompatibleDC (hdc=0x60100ce) returned 0x870107d8
[0208.370] SelectObject (hdc=0x870107d8, h=0x4a0507fe) returned 0x85000f
[0208.370] GdipCreateFromHDC (hdc=0x870107d8, graphics=0xd7e2b0) returned 0x0
[0208.370] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.370] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0208.370] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0208.370] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0208.370] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e310) returned 0x0
[0208.370] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.370] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0208.370] LocalFree (hMem=0x11eec58) returned 0x0
[0208.371] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0208.371] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0208.371] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0208.371] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e304) returned 0x0
[0208.371] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0208.371] GetWindowTextLengthW (hWnd=0x1900ea) returned 0
[0208.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0208.371] GetSystemMetrics (nIndex=42) returned 0
[0208.371] GetWindowTextW (in: hWnd=0x1900ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0208.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0208.371] GetClientRect (in: hWnd=0x1900ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0208.371] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0208.371] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0208.371] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0208.371] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0208.371] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e164) returned 0x0
[0208.371] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.371] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0208.371] LocalFree (hMem=0x11ee868) returned 0x0
[0208.372] GdipCombineRegionRegion (region=0x66456c8, region2=0x6645098, combineMode=0x1) returned 0x0
[0208.372] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0208.372] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0208.372] LocalFree (hMem=0x11ee910) returned 0x0
[0208.377] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0208.377] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0208.377] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0208.377] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0208.377] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0208.377] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0208.377] GetCurrentObject (hdc=0x870107d8, type=0x1) returned 0xb00017
[0208.377] GetCurrentObject (hdc=0x870107d8, type=0x2) returned 0x900010
[0208.377] GetCurrentObject (hdc=0x870107d8, type=0x7) returned 0x4a0507fe
[0208.377] GetCurrentObject (hdc=0x870107d8, type=0x6) returned 0x8a01c2
[0208.377] SaveDC (hdc=0x870107d8) returned 1
[0208.377] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa0407de
[0208.377] GetClipRgn (hdc=0x870107d8, hrgn=0xfa0407de) returned 0
[0208.378] SelectClipRgn (hdc=0x870107d8, hrgn=0x71040807) returned 2
[0208.378] DeleteObject (ho=0xfa0407de) returned 1
[0208.378] DeleteObject (ho=0x71040807) returned 1
[0208.378] OffsetViewportOrgEx (in: hdc=0x870107d8, x=0, y=0, lppt=0x2e69d60 | out: lppt=0x2e69d60) returned 1
[0208.378] GetNearestColor (hdc=0x870107d8, color=0xf0f0f0) returned 0xf0f0f0
[0208.378] CreateSolidBrush (color=0xf0f0f0) returned 0x61007e1
[0208.378] FillRect (hDC=0x870107d8, lprc=0xd7e198, hbr=0x61007e1) returned 1
[0208.378] DeleteObject (ho=0x61007e1) returned 1
[0208.378] RestoreDC (hdc=0x870107d8, nSavedDC=-1) returned 1
[0208.378] GdipReleaseDC (graphics=0x6600030, hdc=0x870107d8) returned 0x0
[0208.378] GdipRestoreGraphics (graphics=0x6600030, state=0xfa640dbd) returned 0x0
[0208.378] GdipDeleteRegion (region=0x6645098) returned 0x0
[0208.378] GetWindowTextLengthW (hWnd=0x1900ea) returned 0
[0208.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0208.378] GetSystemMetrics (nIndex=42) returned 0
[0208.379] GetWindowTextW (in: hWnd=0x1900ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0208.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0208.379] GdipGetImageWidth (image=0x6650168, width=0xd7e1e0) returned 0x0
[0208.379] GdipGetImageHeight (image=0x6650168, height=0xd7e1e0) returned 0x0
[0208.379] GdipGetImageWidth (image=0x6650168, width=0xd7e1cc) returned 0x0
[0208.379] GdipGetImageHeight (image=0x6650168, height=0xd7e1cc) returned 0x0
[0208.379] GdipDrawImageRectI (graphics=0x6600030, image=0x6650168, x=16, y=16, width=32, height=32) returned 0x0
[0208.379] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0208.379] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x870107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.379] GdipReleaseDC (graphics=0x6600030, hdc=0x870107d8) returned 0x0
[0208.379] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.379] SelectObject (hdc=0x870107d8, h=0x85000f) returned 0x4a0507fe
[0208.379] DeleteDC (hdc=0x870107d8) returned 1
[0208.380] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.380] EndPaint (hWnd=0x1900ea, lpPaint=0xd7e294) returned 1
[0208.380] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.380] IsWindowUnicode (hWnd=0x1002c8) returned 1
[0208.380] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.380] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.380] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.380] BeginPaint (in: hWnd=0x1002c8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0208.380] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.380] CreateCompatibleDC (hdc=0x107b9) returned 0x890107d8
[0208.380] GetObjectType (h=0x107b9) returned 0x3
[0208.381] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0xffffffffbe0507da
[0208.381] GetDIBits (in: hdc=0x107b9, hbm=0xbe0507da, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0208.381] GetDIBits (in: hdc=0x107b9, hbm=0xbe0507da, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0208.381] DeleteObject (ho=0xbe0507da) returned 1
[0208.381] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xe20507f1
[0208.381] SelectObject (hdc=0x890107d8, h=0xe20507f1) returned 0x85000f
[0208.381] GdipCreateFromHDC (hdc=0x890107d8, graphics=0xd7e234) returned 0x0
[0208.381] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.382] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0208.382] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0208.382] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0208.382] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2d4) returned 0x0
[0208.382] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.382] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0208.382] LocalFree (hMem=0x11eec58) returned 0x0
[0208.382] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0208.382] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0208.382] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0208.382] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0208.382] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0208.382] GetWindowTextLengthW (hWnd=0x1002c8) returned 232
[0208.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0208.382] GetSystemMetrics (nIndex=42) returned 0
[0208.382] GetWindowTextW (in: hWnd=0x1002c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0208.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0208.383] GetClientRect (in: hWnd=0x1002c8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0208.383] GdipCreateRegion (region=0xd7e110) returned 0x0
[0208.383] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0208.383] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0208.383] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0208.383] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e128) returned 0x0
[0208.383] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.383] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0208.383] LocalFree (hMem=0x11eec58) returned 0x0
[0208.383] GdipCombineRegionRegion (region=0x6645d88, region2=0x6645fc8, combineMode=0x1) returned 0x0
[0208.383] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0208.383] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0208.383] LocalFree (hMem=0x11ee8d8) returned 0x0
[0208.383] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0208.383] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e150) returned 0x0
[0208.383] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e140) returned 0x0
[0208.383] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0208.384] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0208.384] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0208.384] GetCurrentObject (hdc=0x890107d8, type=0x1) returned 0xb00017
[0208.384] GetCurrentObject (hdc=0x890107d8, type=0x2) returned 0x900010
[0208.384] GetCurrentObject (hdc=0x890107d8, type=0x7) returned 0xffffffffe20507f1
[0208.384] GetCurrentObject (hdc=0x890107d8, type=0x6) returned 0x8a01c2
[0208.384] SaveDC (hdc=0x890107d8) returned 1
[0208.384] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x72040807
[0208.384] GetClipRgn (hdc=0x890107d8, hrgn=0x72040807) returned 0
[0208.384] SelectClipRgn (hdc=0x890107d8, hrgn=0xfb0407de) returned 2
[0208.384] DeleteObject (ho=0x72040807) returned 1
[0208.384] DeleteObject (ho=0xfb0407de) returned 1
[0208.384] OffsetViewportOrgEx (in: hdc=0x890107d8, x=0, y=0, lppt=0x2e6b728 | out: lppt=0x2e6b728) returned 1
[0208.384] GetNearestColor (hdc=0x890107d8, color=0xf0f0f0) returned 0xf0f0f0
[0208.384] CreateSolidBrush (color=0xf0f0f0) returned 0x71007e1
[0208.384] FillRect (hDC=0x890107d8, lprc=0xd7e15c, hbr=0x71007e1) returned 1
[0208.385] DeleteObject (ho=0x71007e1) returned 1
[0208.385] RestoreDC (hdc=0x890107d8, nSavedDC=-1) returned 1
[0208.385] GdipReleaseDC (graphics=0x6600030, hdc=0x890107d8) returned 0x0
[0208.385] GdipRestoreGraphics (graphics=0x6600030, state=0xfa620dbd) returned 0x0
[0208.385] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0208.385] GetWindowTextLengthW (hWnd=0x1002c8) returned 232
[0208.385] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0208.386] GetSystemMetrics (nIndex=42) returned 0
[0208.386] GetWindowTextW (in: hWnd=0x1002c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0208.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0208.386] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0208.386] GetCurrentObject (hdc=0x890107d8, type=0x1) returned 0xb00017
[0208.386] GetCurrentObject (hdc=0x890107d8, type=0x2) returned 0x900010
[0208.386] GetCurrentObject (hdc=0x890107d8, type=0x7) returned 0xffffffffe20507f1
[0208.386] GetCurrentObject (hdc=0x890107d8, type=0x6) returned 0x8a01c2
[0208.386] SaveDC (hdc=0x890107d8) returned 1
[0208.386] GetNearestColor (hdc=0x890107d8, color=0x0) returned 0x0
[0208.386] RestoreDC (hdc=0x890107d8, nSavedDC=-1) returned 1
[0208.386] GdipReleaseDC (graphics=0x6600030, hdc=0x890107d8) returned 0x0
[0208.387] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0208.387] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0208.387] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e6bf24 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0208.428] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0208.428] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0208.428] GetCurrentObject (hdc=0x890107d8, type=0x1) returned 0xb00017
[0208.428] GetCurrentObject (hdc=0x890107d8, type=0x2) returned 0x900010
[0208.428] GetCurrentObject (hdc=0x890107d8, type=0x7) returned 0xffffffffe20507f1
[0208.429] GetCurrentObject (hdc=0x890107d8, type=0x6) returned 0x8a01c2
[0208.429] SaveDC (hdc=0x890107d8) returned 1
[0208.429] GetTextAlign (hdc=0x890107d8) returned 0x0
[0208.429] GetTextColor (hdc=0x890107d8) returned 0x0
[0208.429] GetCurrentObject (hdc=0x890107d8, type=0x6) returned 0x8a01c2
[0208.429] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0208.429] SelectObject (hdc=0x890107d8, h=0x6d0a0520) returned 0x8a01c2
[0208.429] GetBkMode (hdc=0x890107d8) returned 2
[0208.429] SetBkMode (hdc=0x890107d8, mode=1) returned 2
[0208.429] DrawTextExW (in: hdc=0x890107d8, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e6c148 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0208.432] RestoreDC (hdc=0x890107d8, nSavedDC=-1) returned 1
[0208.433] GdipReleaseDC (graphics=0x6600030, hdc=0x890107d8) returned 0x0
[0208.433] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0208.433] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x890107d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.433] GdipReleaseDC (graphics=0x6600030, hdc=0x890107d8) returned 0x0
[0208.433] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.439] SelectObject (hdc=0x890107d8, h=0x85000f) returned 0xe20507f1
[0208.439] DeleteDC (hdc=0x890107d8) returned 1
[0208.439] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.439] DeleteObject (ho=0xe20507f1) returned 1
[0208.440] EndPaint (hWnd=0x1002c8, lpPaint=0xd7e258) returned 1
[0208.440] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0208.441] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.441] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0208.441] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.441] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.442] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0208.443] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.443] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.443] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.443] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.444] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.444] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.444] IsWindowUnicode (hWnd=0xc02ce) returned 1
[0208.444] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.444] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.444] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.445] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.445] IsWindowUnicode (hWnd=0xc02ce) returned 1
[0208.445] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.445] SetCursor (hCursor=0x10003) returned 0x10003
[0208.445] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.445] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.445] _TrackMouseEvent (in: lpEventTrack=0x2e6c184 | out: lpEventTrack=0x2e6c184) returned 1
[0208.445] SendMessageW (hWnd=0xc02ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0208.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0208.445] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.446] GetKeyState (nVirtKey=1) returned 0
[0208.446] GetKeyState (nVirtKey=2) returned 0
[0208.446] GetKeyState (nVirtKey=4) returned 0
[0208.446] GetKeyState (nVirtKey=5) returned 0
[0208.446] GetKeyState (nVirtKey=6) returned 0
[0208.446] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.446] IsWindowUnicode (hWnd=0x1802d8) returned 1
[0208.446] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.446] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.446] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.447] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.447] IsWindowUnicode (hWnd=0x1802d8) returned 1
[0208.447] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.447] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.447] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.448] BeginPaint (in: hWnd=0x1802d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0208.448] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.448] CreateCompatibleDC (hdc=0x10105d6) returned 0xc10107da
[0208.448] SelectObject (hdc=0xc10107da, h=0x4a0507fe) returned 0x85000f
[0208.448] GdipCreateFromHDC (hdc=0xc10107da, graphics=0xd7e268) returned 0x0
[0208.448] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.448] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0208.448] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0208.448] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0208.448] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2c8) returned 0x0
[0208.449] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0208.449] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0208.449] LocalFree (hMem=0x11ee8d8) returned 0x0
[0208.449] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0208.449] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0208.449] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0208.449] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0208.449] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0208.449] GdipRestoreGraphics (graphics=0x6600030, state=0xfa600dbd) returned 0x0
[0208.449] GdipDeleteRegion (region=0x6646178) returned 0x0
[0208.449] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0208.449] GetCurrentObject (hdc=0xc10107da, type=0x1) returned 0xb00017
[0208.449] GetCurrentObject (hdc=0xc10107da, type=0x2) returned 0x900010
[0208.449] GetCurrentObject (hdc=0xc10107da, type=0x7) returned 0x4a0507fe
[0208.449] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.450] SaveDC (hdc=0xc10107da) returned 1
[0208.450] GetNearestColor (hdc=0xc10107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.450] GetNearestColor (hdc=0xc10107da, color=0xa0a0a0) returned 0xa0a0a0
[0208.450] GetNearestColor (hdc=0xc10107da, color=0x696969) returned 0x696969
[0208.450] GetNearestColor (hdc=0xc10107da, color=0xa0a0a0) returned 0xa0a0a0
[0208.452] GetNearestColor (hdc=0xc10107da, color=0x0) returned 0x0
[0208.453] GetNearestColor (hdc=0xc10107da, color=0xffffff) returned 0xffffff
[0208.453] GetNearestColor (hdc=0xc10107da, color=0xe5e5e5) returned 0xe5e5e5
[0208.453] GetNearestColor (hdc=0xc10107da, color=0xd7d7d7) returned 0xd7d7d7
[0208.453] GetNearestColor (hdc=0xc10107da, color=0x0) returned 0x0
[0208.453] RestoreDC (hdc=0xc10107da, nSavedDC=-1) returned 1
[0208.453] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107da) returned 0x0
[0208.453] IsAppThemed () returned 0x1
[0208.453] GetThemeAppProperties () returned 0x3
[0208.453] GetThemeAppProperties () returned 0x3
[0208.453] GdipGetImageWidth (image=0x664fe20, width=0xd7e168) returned 0x0
[0208.453] GdipGetImageHeight (image=0x664fe20, height=0xd7e168) returned 0x0
[0208.453] IsAppThemed () returned 0x1
[0208.454] GetThemeAppProperties () returned 0x3
[0208.454] GetThemeAppProperties () returned 0x3
[0208.454] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e6c8f0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0208.454] IsAppThemed () returned 0x1
[0208.454] GetThemeAppProperties () returned 0x3
[0208.454] GetThemeAppProperties () returned 0x3
[0208.454] IsAppThemed () returned 0x1
[0208.454] GetThemeAppProperties () returned 0x3
[0208.454] GetThemeAppProperties () returned 0x3
[0208.454] GetFocus () returned 0x1802d8
[0208.454] IsAppThemed () returned 0x1
[0208.454] GetThemeAppProperties () returned 0x3
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] IsAppThemed () returned 0x1
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] IsThemePartDefined () returned 0x1
[0208.455] IsAppThemed () returned 0x1
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0208.455] IsAppThemed () returned 0x1
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] IsAppThemed () returned 0x1
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] GetThemeAppProperties () returned 0x3
[0208.455] IsThemePartDefined () returned 0x1
[0208.455] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0208.455] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0208.455] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0208.456] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0208.456] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0208.456] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.456] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0208.456] LocalFree (hMem=0x11eec58) returned 0x0
[0208.456] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0208.456] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0208.456] LocalFree (hMem=0x11ee8d8) returned 0x0
[0208.456] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0208.456] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0208.456] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0208.456] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0208.456] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0208.456] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0208.456] GetCurrentObject (hdc=0xc10107da, type=0x1) returned 0xb00017
[0208.457] GetCurrentObject (hdc=0xc10107da, type=0x2) returned 0x900010
[0208.457] GetCurrentObject (hdc=0xc10107da, type=0x7) returned 0x4a0507fe
[0208.457] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.457] SaveDC (hdc=0xc10107da) returned 1
[0208.457] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfc0407de
[0208.457] GetClipRgn (hdc=0xc10107da, hrgn=0xfc0407de) returned 0
[0208.457] SelectClipRgn (hdc=0xc10107da, hrgn=0x76040807) returned 2
[0208.457] DeleteObject (ho=0xfc0407de) returned 1
[0208.457] DeleteObject (ho=0x76040807) returned 1
[0208.457] OffsetViewportOrgEx (in: hdc=0xc10107da, x=0, y=0, lppt=0x2e6cfa0 | out: lppt=0x2e6cfa0) returned 1
[0208.457] DrawThemeParentBackground () returned 0x0
[0208.458] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0208.458] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0208.458] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.458] GetSystemMetrics (nIndex=42) returned 0
[0208.458] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0208.458] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0208.458] GetCurrentObject (hdc=0xc10107da, type=0x1) returned 0xb00017
[0208.458] GetCurrentObject (hdc=0xc10107da, type=0x2) returned 0x900010
[0208.458] GetCurrentObject (hdc=0xc10107da, type=0x7) returned 0x4a0507fe
[0208.458] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.458] SaveDC (hdc=0xc10107da) returned 2
[0208.459] GetNearestColor (hdc=0xc10107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.459] CreateSolidBrush (color=0xf0f0f0) returned 0x81007e1
[0208.459] FillRect (hDC=0xc10107da, lprc=0xd7da38, hbr=0x81007e1) returned 1
[0208.459] DeleteObject (ho=0x81007e1) returned 1
[0208.459] RestoreDC (hdc=0xc10107da, nSavedDC=-1) returned 1
[0208.459] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.459] GetSystemMetrics (nIndex=42) returned 0
[0208.459] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0208.459] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0208.459] GetCurrentObject (hdc=0xc10107da, type=0x1) returned 0xb00017
[0208.459] GetCurrentObject (hdc=0xc10107da, type=0x2) returned 0x900010
[0208.459] GetCurrentObject (hdc=0xc10107da, type=0x7) returned 0x4a0507fe
[0208.459] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.459] SaveDC (hdc=0xc10107da) returned 2
[0208.460] GetNearestColor (hdc=0xc10107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.460] CreateSolidBrush (color=0xf0f0f0) returned 0x91007e1
[0208.460] FillRect (hDC=0xc10107da, lprc=0xd7d9d8, hbr=0x91007e1) returned 1
[0208.460] DeleteObject (ho=0x91007e1) returned 1
[0208.460] RestoreDC (hdc=0xc10107da, nSavedDC=-1) returned 1
[0208.460] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.460] GetSystemMetrics (nIndex=42) returned 0
[0208.460] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0208.460] RestoreDC (hdc=0xc10107da, nSavedDC=-1) returned 1
[0208.460] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107da) returned 0x0
[0208.460] IsAppThemed () returned 0x1
[0208.460] GetThemeAppProperties () returned 0x3
[0208.461] GetThemeAppProperties () returned 0x3
[0208.461] IsAppThemed () returned 0x1
[0208.461] GetThemeAppProperties () returned 0x3
[0208.461] GetThemeAppProperties () returned 0x3
[0208.461] IsThemePartDefined () returned 0x1
[0208.461] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0208.461] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0208.461] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0208.461] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0208.461] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df74) returned 0x0
[0208.461] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0208.461] LocalFree (hMem=0x11ee868) returned 0x0
[0208.461] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0208.461] LocalFree (hMem=0x11ee9f0) returned 0x0
[0208.461] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0208.461] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0208.461] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0208.461] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0208.461] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0208.462] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0208.462] GetCurrentObject (hdc=0xc10107da, type=0x1) returned 0xb00017
[0208.462] GetCurrentObject (hdc=0xc10107da, type=0x2) returned 0x900010
[0208.462] GetCurrentObject (hdc=0xc10107da, type=0x7) returned 0x4a0507fe
[0208.462] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.462] SaveDC (hdc=0xc10107da) returned 1
[0208.462] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x77040807
[0208.462] GetClipRgn (hdc=0xc10107da, hrgn=0x77040807) returned 0
[0208.462] SelectClipRgn (hdc=0xc10107da, hrgn=0xfe0407de) returned 2
[0208.462] DeleteObject (ho=0x77040807) returned 1
[0208.462] DeleteObject (ho=0xfe0407de) returned 1
[0208.462] OffsetViewportOrgEx (in: hdc=0xc10107da, x=0, y=0, lppt=0x2e6d84c | out: lppt=0x2e6d84c) returned 1
[0208.462] IsAppThemed () returned 0x1
[0208.462] GetThemeAppProperties () returned 0x3
[0208.462] GetThemeAppProperties () returned 0x3
[0208.462] DrawThemeBackground () returned 0x0
[0208.462] RestoreDC (hdc=0xc10107da, nSavedDC=-1) returned 1
[0208.463] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107da) returned 0x0
[0208.463] GdipCreateRegion (region=0xd7df60) returned 0x0
[0208.463] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0208.463] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0208.463] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0208.463] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0208.463] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.463] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0208.463] LocalFree (hMem=0x11eec58) returned 0x0
[0208.463] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.463] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0208.463] LocalFree (hMem=0x11eec58) returned 0x0
[0208.463] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0208.463] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0208.463] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7df90) returned 0x0
[0208.463] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0208.463] GdipDeleteRegion (region=0x6645098) returned 0x0
[0208.464] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0208.464] GetCurrentObject (hdc=0xc10107da, type=0x1) returned 0xb00017
[0208.464] GetCurrentObject (hdc=0xc10107da, type=0x2) returned 0x900010
[0208.464] GetCurrentObject (hdc=0xc10107da, type=0x7) returned 0x4a0507fe
[0208.464] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.464] SaveDC (hdc=0xc10107da) returned 1
[0208.464] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff0407de
[0208.464] GetClipRgn (hdc=0xc10107da, hrgn=0xff0407de) returned 0
[0208.464] SelectClipRgn (hdc=0xc10107da, hrgn=0x78040807) returned 2
[0208.464] DeleteObject (ho=0xff0407de) returned 1
[0208.464] DeleteObject (ho=0x78040807) returned 1
[0208.464] OffsetViewportOrgEx (in: hdc=0xc10107da, x=0, y=0, lppt=0x2e6db20 | out: lppt=0x2e6db20) returned 1
[0208.464] IsAppThemed () returned 0x1
[0208.464] GetThemeAppProperties () returned 0x3
[0208.464] GetThemeAppProperties () returned 0x3
[0208.464] GetThemeBackgroundContentRect () returned 0x0
[0208.464] RestoreDC (hdc=0xc10107da, nSavedDC=-1) returned 1
[0208.465] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107da) returned 0x0
[0208.465] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0208.465] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0208.465] GdipCloneRegion (region=0x66452d8, cloneRegion=0xd7e150) returned 0x0
[0208.465] GdipCombineRegionRectI (region=0x6645e18, rect=0xd7e138, combineMode=0x1) returned 0x0
[0208.465] GdipCombineRegionRectI (region=0x6645e18, rect=0xd7e138, combineMode=0x1) returned 0x0
[0208.465] GdipSetClipRegion (graphics=0x6600030, region=0x6645e18, combineMode=0x0) returned 0x0
[0208.465] GdipGetImageWidth (image=0x664fe20, width=0xd7e154) returned 0x0
[0208.465] GdipGetImageHeight (image=0x664fe20, height=0xd7e148) returned 0x0
[0208.465] GdipDrawImageRectI (graphics=0x6600030, image=0x664fe20, x=4, y=4, width=16, height=16) returned 0x0
[0208.465] GdipSetClipRegion (graphics=0x6600030, region=0x66452d8, combineMode=0x0) returned 0x0
[0208.465] IsAppThemed () returned 0x1
[0208.465] GetThemeAppProperties () returned 0x3
[0208.465] GetThemeAppProperties () returned 0x3
[0208.465] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0208.465] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0208.465] GetCurrentObject (hdc=0xc10107da, type=0x1) returned 0xb00017
[0208.472] GetCurrentObject (hdc=0xc10107da, type=0x2) returned 0x900010
[0208.472] GetCurrentObject (hdc=0xc10107da, type=0x7) returned 0x4a0507fe
[0208.472] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.473] SaveDC (hdc=0xc10107da) returned 1
[0208.473] GetTextAlign (hdc=0xc10107da) returned 0x0
[0208.473] GetTextColor (hdc=0xc10107da) returned 0x0
[0208.473] GetCurrentObject (hdc=0xc10107da, type=0x6) returned 0x8a01c2
[0208.473] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0208.473] SelectObject (hdc=0xc10107da, h=0x6d0a0520) returned 0x8a01c2
[0208.473] GetBkMode (hdc=0xc10107da) returned 2
[0208.473] SetBkMode (hdc=0xc10107da, mode=1) returned 2
[0208.473] DrawTextExW (in: hdc=0xc10107da, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e6dee0 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0208.474] DrawTextExW (in: hdc=0xc10107da, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e6dee0 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0208.474] RestoreDC (hdc=0xc10107da, nSavedDC=-1) returned 1
[0208.474] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107da) returned 0x0
[0208.474] GetFocus () returned 0x1802d8
[0208.474] IsAppThemed () returned 0x1
[0208.474] GetThemeAppProperties () returned 0x3
[0208.474] GetThemeAppProperties () returned 0x3
[0208.474] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0208.474] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xc10107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.474] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107da) returned 0x0
[0208.475] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.475] SelectObject (hdc=0xc10107da, h=0x85000f) returned 0x4a0507fe
[0208.475] DeleteDC (hdc=0xc10107da) returned 1
[0208.475] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.475] EndPaint (hWnd=0x1802d8, lpPaint=0xd7e24c) returned 1
[0208.475] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.475] IsWindowUnicode (hWnd=0xc02ce) returned 1
[0208.475] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.475] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.475] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.476] BeginPaint (in: hWnd=0xc02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0208.476] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.476] CreateCompatibleDC (hdc=0x60100ce) returned 0xc30107da
[0208.476] SelectObject (hdc=0xc30107da, h=0x4a0507fe) returned 0x85000f
[0208.476] GdipCreateFromHDC (hdc=0xc30107da, graphics=0xd7e268) returned 0x0
[0208.476] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.476] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0208.476] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0208.476] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0208.476] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0208.476] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0208.477] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0208.477] LocalFree (hMem=0x11eecc8) returned 0x0
[0208.477] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0208.477] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0208.477] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0208.477] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0208.477] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0208.477] GdipRestoreGraphics (graphics=0x6600030, state=0xfa5e0dbd) returned 0x0
[0208.477] GdipDeleteRegion (region=0x6645908) returned 0x0
[0208.477] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0208.477] GetCurrentObject (hdc=0xc30107da, type=0x1) returned 0xb00017
[0208.477] GetCurrentObject (hdc=0xc30107da, type=0x2) returned 0x900010
[0208.477] GetCurrentObject (hdc=0xc30107da, type=0x7) returned 0x4a0507fe
[0208.477] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.477] SaveDC (hdc=0xc30107da) returned 1
[0208.478] GetNearestColor (hdc=0xc30107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.478] GetNearestColor (hdc=0xc30107da, color=0xa0a0a0) returned 0xa0a0a0
[0208.478] GetNearestColor (hdc=0xc30107da, color=0x696969) returned 0x696969
[0208.478] GetNearestColor (hdc=0xc30107da, color=0xa0a0a0) returned 0xa0a0a0
[0208.478] GetNearestColor (hdc=0xc30107da, color=0x0) returned 0x0
[0208.478] GetNearestColor (hdc=0xc30107da, color=0xffffff) returned 0xffffff
[0208.478] GetNearestColor (hdc=0xc30107da, color=0xe5e5e5) returned 0xe5e5e5
[0208.478] GetNearestColor (hdc=0xc30107da, color=0xd7d7d7) returned 0xd7d7d7
[0208.478] GetNearestColor (hdc=0xc30107da, color=0x0) returned 0x0
[0208.478] RestoreDC (hdc=0xc30107da, nSavedDC=-1) returned 1
[0208.478] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107da) returned 0x0
[0208.478] IsAppThemed () returned 0x1
[0208.478] GetThemeAppProperties () returned 0x3
[0208.478] GetThemeAppProperties () returned 0x3
[0208.478] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0208.479] SendMessageW (hWnd=0x1602dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0208.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0208.479] IsAppThemed () returned 0x1
[0208.479] GetThemeAppProperties () returned 0x3
[0208.479] GetThemeAppProperties () returned 0x3
[0208.479] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e6e6f0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0208.479] IsAppThemed () returned 0x1
[0208.479] GetThemeAppProperties () returned 0x3
[0208.479] GetThemeAppProperties () returned 0x3
[0208.479] IsAppThemed () returned 0x1
[0208.479] GetThemeAppProperties () returned 0x3
[0208.479] GetThemeAppProperties () returned 0x3
[0208.479] IsAppThemed () returned 0x1
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] IsAppThemed () returned 0x1
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] IsThemePartDefined () returned 0x1
[0208.480] IsAppThemed () returned 0x1
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0208.480] IsAppThemed () returned 0x1
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] IsAppThemed () returned 0x1
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] GetThemeAppProperties () returned 0x3
[0208.480] IsThemePartDefined () returned 0x1
[0208.480] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0208.480] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0208.480] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0208.480] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0208.480] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dfe4) returned 0x0
[0208.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.481] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0208.481] LocalFree (hMem=0x11ee788) returned 0x0
[0208.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0208.481] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0208.481] LocalFree (hMem=0x11eecc8) returned 0x0
[0208.481] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0208.481] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0208.481] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0208.481] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0208.482] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0208.482] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0208.482] GetCurrentObject (hdc=0xc30107da, type=0x1) returned 0xb00017
[0208.482] GetCurrentObject (hdc=0xc30107da, type=0x2) returned 0x900010
[0208.482] GetCurrentObject (hdc=0xc30107da, type=0x7) returned 0x4a0507fe
[0208.482] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.482] SaveDC (hdc=0xc30107da) returned 1
[0208.482] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x79040807
[0208.482] GetClipRgn (hdc=0xc30107da, hrgn=0x79040807) returned 0
[0208.482] SelectClipRgn (hdc=0xc30107da, hrgn=0x30407de) returned 2
[0208.482] DeleteObject (ho=0x79040807) returned 1
[0208.482] DeleteObject (ho=0x30407de) returned 1
[0208.482] OffsetViewportOrgEx (in: hdc=0xc30107da, x=0, y=0, lppt=0x2e6eda0 | out: lppt=0x2e6eda0) returned 1
[0208.483] DrawThemeParentBackground () returned 0x0
[0208.483] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0208.483] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0208.483] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.483] GetSystemMetrics (nIndex=42) returned 0
[0208.483] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0208.483] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0208.483] GetCurrentObject (hdc=0xc30107da, type=0x1) returned 0xb00017
[0208.483] GetCurrentObject (hdc=0xc30107da, type=0x2) returned 0x900010
[0208.483] GetCurrentObject (hdc=0xc30107da, type=0x7) returned 0x4a0507fe
[0208.483] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.484] SaveDC (hdc=0xc30107da) returned 2
[0208.484] GetNearestColor (hdc=0xc30107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.484] CreateSolidBrush (color=0xf0f0f0) returned 0xa1007e1
[0208.484] FillRect (hDC=0xc30107da, lprc=0xd7da30, hbr=0xa1007e1) returned 1
[0208.484] DeleteObject (ho=0xa1007e1) returned 1
[0208.484] RestoreDC (hdc=0xc30107da, nSavedDC=-1) returned 1
[0208.484] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.484] GetSystemMetrics (nIndex=42) returned 0
[0208.484] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0208.484] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0208.484] GetCurrentObject (hdc=0xc30107da, type=0x1) returned 0xb00017
[0208.484] GetCurrentObject (hdc=0xc30107da, type=0x2) returned 0x900010
[0208.484] GetCurrentObject (hdc=0xc30107da, type=0x7) returned 0x4a0507fe
[0208.485] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.485] SaveDC (hdc=0xc30107da) returned 2
[0208.485] GetNearestColor (hdc=0xc30107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.485] CreateSolidBrush (color=0xf0f0f0) returned 0xb1007e1
[0208.485] FillRect (hDC=0xc30107da, lprc=0xd7d9d0, hbr=0xb1007e1) returned 1
[0208.485] DeleteObject (ho=0xb1007e1) returned 1
[0208.485] RestoreDC (hdc=0xc30107da, nSavedDC=-1) returned 1
[0208.485] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.485] GetSystemMetrics (nIndex=42) returned 0
[0208.485] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0208.485] RestoreDC (hdc=0xc30107da, nSavedDC=-1) returned 1
[0208.486] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107da) returned 0x0
[0208.486] IsAppThemed () returned 0x1
[0208.486] GetThemeAppProperties () returned 0x3
[0208.486] GetThemeAppProperties () returned 0x3
[0208.486] IsAppThemed () returned 0x1
[0208.486] GetThemeAppProperties () returned 0x3
[0208.486] GetThemeAppProperties () returned 0x3
[0208.486] IsThemePartDefined () returned 0x1
[0208.486] GdipCreateRegion (region=0xd7df50) returned 0x0
[0208.486] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0208.486] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0208.486] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0208.486] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df68) returned 0x0
[0208.486] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0208.486] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea60) returned 0x0
[0208.486] LocalFree (hMem=0x11eea60) returned 0x0
[0208.486] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0208.487] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0208.487] LocalFree (hMem=0x11ee9f0) returned 0x0
[0208.487] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0208.487] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df90) returned 0x0
[0208.487] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df80) returned 0x0
[0208.487] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0208.487] GdipDeleteRegion (region=0x6645368) returned 0x0
[0208.487] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0208.487] GetCurrentObject (hdc=0xc30107da, type=0x1) returned 0xb00017
[0208.487] GetCurrentObject (hdc=0xc30107da, type=0x2) returned 0x900010
[0208.487] GetCurrentObject (hdc=0xc30107da, type=0x7) returned 0x4a0507fe
[0208.487] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.487] SaveDC (hdc=0xc30107da) returned 1
[0208.487] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x40407de
[0208.487] GetClipRgn (hdc=0xc30107da, hrgn=0x40407de) returned 0
[0208.487] SelectClipRgn (hdc=0xc30107da, hrgn=0x7b040807) returned 2
[0208.488] DeleteObject (ho=0x40407de) returned 1
[0208.488] DeleteObject (ho=0x7b040807) returned 1
[0208.488] OffsetViewportOrgEx (in: hdc=0xc30107da, x=0, y=0, lppt=0x2e6f64c | out: lppt=0x2e6f64c) returned 1
[0208.488] IsAppThemed () returned 0x1
[0208.488] GetThemeAppProperties () returned 0x3
[0208.488] GetThemeAppProperties () returned 0x3
[0208.488] DrawThemeBackground () returned 0x0
[0208.488] RestoreDC (hdc=0xc30107da, nSavedDC=-1) returned 1
[0208.488] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107da) returned 0x0
[0208.488] GdipCreateRegion (region=0xd7df54) returned 0x0
[0208.488] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0208.488] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0208.488] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0208.488] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df6c) returned 0x0
[0208.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0208.488] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0208.489] LocalFree (hMem=0x11ee9f0) returned 0x0
[0208.489] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.489] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0208.489] LocalFree (hMem=0x11ee868) returned 0x0
[0208.489] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0208.489] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7df94) returned 0x0
[0208.489] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7df84) returned 0x0
[0208.489] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0208.489] GdipDeleteRegion (region=0x6645098) returned 0x0
[0208.489] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0208.489] GetCurrentObject (hdc=0xc30107da, type=0x1) returned 0xb00017
[0208.489] GetCurrentObject (hdc=0xc30107da, type=0x2) returned 0x900010
[0208.489] GetCurrentObject (hdc=0xc30107da, type=0x7) returned 0x4a0507fe
[0208.489] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.489] SaveDC (hdc=0xc30107da) returned 1
[0208.489] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c040807
[0208.489] GetClipRgn (hdc=0xc30107da, hrgn=0x7c040807) returned 0
[0208.490] SelectClipRgn (hdc=0xc30107da, hrgn=0x50407de) returned 2
[0208.490] DeleteObject (ho=0x7c040807) returned 1
[0208.490] DeleteObject (ho=0x50407de) returned 1
[0208.490] OffsetViewportOrgEx (in: hdc=0xc30107da, x=0, y=0, lppt=0x2e6f920 | out: lppt=0x2e6f920) returned 1
[0208.490] IsAppThemed () returned 0x1
[0208.490] GetThemeAppProperties () returned 0x3
[0208.490] GetThemeAppProperties () returned 0x3
[0208.490] GetThemeBackgroundContentRect () returned 0x0
[0208.490] RestoreDC (hdc=0xc30107da, nSavedDC=-1) returned 1
[0208.490] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107da) returned 0x0
[0208.490] IsAppThemed () returned 0x1
[0208.490] GetThemeAppProperties () returned 0x3
[0208.490] GetThemeAppProperties () returned 0x3
[0208.490] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0208.490] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0208.490] GetCurrentObject (hdc=0xc30107da, type=0x1) returned 0xb00017
[0208.491] GetCurrentObject (hdc=0xc30107da, type=0x2) returned 0x900010
[0208.491] GetCurrentObject (hdc=0xc30107da, type=0x7) returned 0x4a0507fe
[0208.491] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.491] SaveDC (hdc=0xc30107da) returned 1
[0208.491] GetTextAlign (hdc=0xc30107da) returned 0x0
[0208.491] GetTextColor (hdc=0xc30107da) returned 0x0
[0208.491] GetCurrentObject (hdc=0xc30107da, type=0x6) returned 0x8a01c2
[0208.491] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0208.491] SelectObject (hdc=0xc30107da, h=0x6d0a0520) returned 0x8a01c2
[0208.491] GetBkMode (hdc=0xc30107da) returned 2
[0208.491] SetBkMode (hdc=0xc30107da, mode=1) returned 2
[0208.491] DrawTextExW (in: hdc=0xc30107da, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e6fcc0 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0208.492] DrawTextExW (in: hdc=0xc30107da, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e6fcc0 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0208.492] RestoreDC (hdc=0xc30107da, nSavedDC=-1) returned 1
[0208.492] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107da) returned 0x0
[0208.492] GetFocus () returned 0x1802d8
[0208.492] IsAppThemed () returned 0x1
[0208.492] GetThemeAppProperties () returned 0x3
[0208.492] GetThemeAppProperties () returned 0x3
[0208.492] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0208.492] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xc30107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.493] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107da) returned 0x0
[0208.493] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.493] SelectObject (hdc=0xc30107da, h=0x85000f) returned 0x4a0507fe
[0208.493] DeleteDC (hdc=0xc30107da) returned 1
[0208.493] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.493] EndPaint (hWnd=0xc02ce, lpPaint=0xd7e24c) returned 1
[0208.493] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.493] IsWindowUnicode (hWnd=0x1602de) returned 1
[0208.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.493] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.494] BeginPaint (in: hWnd=0x1602de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0208.494] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.494] CreateCompatibleDC (hdc=0x107b9) returned 0xc50107da
[0208.494] SelectObject (hdc=0xc50107da, h=0x4a0507fe) returned 0x85000f
[0208.494] GdipCreateFromHDC (hdc=0xc50107da, graphics=0xd7e268) returned 0x0
[0208.494] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.494] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0208.494] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0208.494] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0208.494] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0208.494] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.495] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0208.495] LocalFree (hMem=0x11ee788) returned 0x0
[0208.495] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0208.495] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0208.495] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0208.495] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0208.495] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0208.495] GdipRestoreGraphics (graphics=0x6600030, state=0xfa5c0dbd) returned 0x0
[0208.495] GdipDeleteRegion (region=0x6646178) returned 0x0
[0208.495] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0208.495] GetCurrentObject (hdc=0xc50107da, type=0x1) returned 0xb00017
[0208.495] GetCurrentObject (hdc=0xc50107da, type=0x2) returned 0x900010
[0208.495] GetCurrentObject (hdc=0xc50107da, type=0x7) returned 0x4a0507fe
[0208.495] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.495] SaveDC (hdc=0xc50107da) returned 1
[0208.495] GetNearestColor (hdc=0xc50107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.495] GetNearestColor (hdc=0xc50107da, color=0xa0a0a0) returned 0xa0a0a0
[0208.496] GetNearestColor (hdc=0xc50107da, color=0x696969) returned 0x696969
[0208.496] GetNearestColor (hdc=0xc50107da, color=0xa0a0a0) returned 0xa0a0a0
[0208.496] GetNearestColor (hdc=0xc50107da, color=0x0) returned 0x0
[0208.496] GetNearestColor (hdc=0xc50107da, color=0xffffff) returned 0xffffff
[0208.496] GetNearestColor (hdc=0xc50107da, color=0xe5e5e5) returned 0xe5e5e5
[0208.496] GetNearestColor (hdc=0xc50107da, color=0xd7d7d7) returned 0xd7d7d7
[0208.496] GetNearestColor (hdc=0xc50107da, color=0x0) returned 0x0
[0208.496] RestoreDC (hdc=0xc50107da, nSavedDC=-1) returned 1
[0208.496] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107da) returned 0x0
[0208.496] IsAppThemed () returned 0x1
[0208.496] GetThemeAppProperties () returned 0x3
[0208.496] GetThemeAppProperties () returned 0x3
[0208.496] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0208.496] SendMessageW (hWnd=0x1602dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0208.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0208.496] IsAppThemed () returned 0x1
[0208.497] GetThemeAppProperties () returned 0x3
[0208.497] GetThemeAppProperties () returned 0x3
[0208.497] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e704d0 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0208.503] IsAppThemed () returned 0x1
[0208.503] GetThemeAppProperties () returned 0x3
[0208.503] GetThemeAppProperties () returned 0x3
[0208.504] IsAppThemed () returned 0x1
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] GetFocus () returned 0x1802d8
[0208.504] IsAppThemed () returned 0x1
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] IsAppThemed () returned 0x1
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] IsThemePartDefined () returned 0x1
[0208.504] IsAppThemed () returned 0x1
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0208.504] IsAppThemed () returned 0x1
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] GetThemeAppProperties () returned 0x3
[0208.504] IsAppThemed () returned 0x1
[0208.504] GetThemeAppProperties () returned 0x3
[0208.505] GetThemeAppProperties () returned 0x3
[0208.505] IsThemePartDefined () returned 0x1
[0208.505] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0208.505] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0208.505] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0208.505] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0208.505] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0208.505] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0208.505] LocalFree (hMem=0x11eec58) returned 0x0
[0208.505] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0208.505] LocalFree (hMem=0x11ee9f0) returned 0x0
[0208.505] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0208.505] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0208.505] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0208.505] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0208.505] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0208.505] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0208.505] GetCurrentObject (hdc=0xc50107da, type=0x1) returned 0xb00017
[0208.505] GetCurrentObject (hdc=0xc50107da, type=0x2) returned 0x900010
[0208.506] GetCurrentObject (hdc=0xc50107da, type=0x7) returned 0x4a0507fe
[0208.506] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.506] SaveDC (hdc=0xc50107da) returned 1
[0208.506] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x60407de
[0208.506] GetClipRgn (hdc=0xc50107da, hrgn=0x60407de) returned 0
[0208.506] SelectClipRgn (hdc=0xc50107da, hrgn=0x80040807) returned 2
[0208.506] DeleteObject (ho=0x60407de) returned 1
[0208.506] DeleteObject (ho=0x80040807) returned 1
[0208.506] OffsetViewportOrgEx (in: hdc=0xc50107da, x=0, y=0, lppt=0x2e70b80 | out: lppt=0x2e70b80) returned 1
[0208.506] DrawThemeParentBackground () returned 0x0
[0208.506] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0208.506] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0208.507] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.507] GetSystemMetrics (nIndex=42) returned 0
[0208.507] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0208.507] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0208.507] GetCurrentObject (hdc=0xc50107da, type=0x1) returned 0xb00017
[0208.507] GetCurrentObject (hdc=0xc50107da, type=0x2) returned 0x900010
[0208.507] GetCurrentObject (hdc=0xc50107da, type=0x7) returned 0x4a0507fe
[0208.507] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.507] SaveDC (hdc=0xc50107da) returned 2
[0208.507] GetNearestColor (hdc=0xc50107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.507] CreateSolidBrush (color=0xf0f0f0) returned 0xc1007e1
[0208.507] FillRect (hDC=0xc50107da, lprc=0xd7da38, hbr=0xc1007e1) returned 1
[0208.507] DeleteObject (ho=0xc1007e1) returned 1
[0208.507] RestoreDC (hdc=0xc50107da, nSavedDC=-1) returned 1
[0208.508] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.508] GetSystemMetrics (nIndex=42) returned 0
[0208.508] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0208.508] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0208.508] GetCurrentObject (hdc=0xc50107da, type=0x1) returned 0xb00017
[0208.508] GetCurrentObject (hdc=0xc50107da, type=0x2) returned 0x900010
[0208.508] GetCurrentObject (hdc=0xc50107da, type=0x7) returned 0x4a0507fe
[0208.508] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.508] SaveDC (hdc=0xc50107da) returned 2
[0208.508] GetNearestColor (hdc=0xc50107da, color=0xf0f0f0) returned 0xf0f0f0
[0208.508] CreateSolidBrush (color=0xf0f0f0) returned 0xd1007e1
[0208.508] FillRect (hDC=0xc50107da, lprc=0xd7d9d8, hbr=0xd1007e1) returned 1
[0208.509] DeleteObject (ho=0xd1007e1) returned 1
[0208.509] RestoreDC (hdc=0xc50107da, nSavedDC=-1) returned 1
[0208.509] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.509] GetSystemMetrics (nIndex=42) returned 0
[0208.509] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0208.509] RestoreDC (hdc=0xc50107da, nSavedDC=-1) returned 1
[0208.509] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107da) returned 0x0
[0208.509] IsAppThemed () returned 0x1
[0208.509] GetThemeAppProperties () returned 0x3
[0208.509] GetThemeAppProperties () returned 0x3
[0208.509] IsAppThemed () returned 0x1
[0208.509] GetThemeAppProperties () returned 0x3
[0208.510] GetThemeAppProperties () returned 0x3
[0208.510] IsThemePartDefined () returned 0x1
[0208.510] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0208.510] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0208.510] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0208.510] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0208.510] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0208.510] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0208.510] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0208.510] LocalFree (hMem=0x11ee9f0) returned 0x0
[0208.510] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.510] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0208.510] LocalFree (hMem=0x11ee788) returned 0x0
[0208.510] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0208.510] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0208.510] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0208.510] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0208.510] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0208.511] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0208.511] GetCurrentObject (hdc=0xc50107da, type=0x1) returned 0xb00017
[0208.511] GetCurrentObject (hdc=0xc50107da, type=0x2) returned 0x900010
[0208.511] GetCurrentObject (hdc=0xc50107da, type=0x7) returned 0x4a0507fe
[0208.511] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.511] SaveDC (hdc=0xc50107da) returned 1
[0208.511] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x81040807
[0208.511] GetClipRgn (hdc=0xc50107da, hrgn=0x81040807) returned 0
[0208.511] SelectClipRgn (hdc=0xc50107da, hrgn=0x80407de) returned 2
[0208.511] DeleteObject (ho=0x81040807) returned 1
[0208.511] DeleteObject (ho=0x80407de) returned 1
[0208.511] OffsetViewportOrgEx (in: hdc=0xc50107da, x=0, y=0, lppt=0x2e7142c | out: lppt=0x2e7142c) returned 1
[0208.511] IsAppThemed () returned 0x1
[0208.511] GetThemeAppProperties () returned 0x3
[0208.511] GetThemeAppProperties () returned 0x3
[0208.512] DrawThemeBackground () returned 0x0
[0208.512] RestoreDC (hdc=0xc50107da, nSavedDC=-1) returned 1
[0208.512] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107da) returned 0x0
[0208.512] GdipCreateRegion (region=0xd7df60) returned 0x0
[0208.512] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0208.512] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0208.512] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0208.512] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df78) returned 0x0
[0208.512] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.512] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0208.512] LocalFree (hMem=0x11ee868) returned 0x0
[0208.512] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.512] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0208.512] LocalFree (hMem=0x11ee788) returned 0x0
[0208.519] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0208.519] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0208.519] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7df90) returned 0x0
[0208.519] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0208.520] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0208.520] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0208.520] GetCurrentObject (hdc=0xc50107da, type=0x1) returned 0xb00017
[0208.520] GetCurrentObject (hdc=0xc50107da, type=0x2) returned 0x900010
[0208.520] GetCurrentObject (hdc=0xc50107da, type=0x7) returned 0x4a0507fe
[0208.520] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.520] SaveDC (hdc=0xc50107da) returned 1
[0208.520] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90407de
[0208.520] GetClipRgn (hdc=0xc50107da, hrgn=0x90407de) returned 0
[0208.520] SelectClipRgn (hdc=0xc50107da, hrgn=0x82040807) returned 2
[0208.520] DeleteObject (ho=0x90407de) returned 1
[0208.520] DeleteObject (ho=0x82040807) returned 1
[0208.520] OffsetViewportOrgEx (in: hdc=0xc50107da, x=0, y=0, lppt=0x2e71700 | out: lppt=0x2e71700) returned 1
[0208.520] IsAppThemed () returned 0x1
[0208.521] GetThemeAppProperties () returned 0x3
[0208.521] GetThemeAppProperties () returned 0x3
[0208.521] GetThemeBackgroundContentRect () returned 0x0
[0208.521] RestoreDC (hdc=0xc50107da, nSavedDC=-1) returned 1
[0208.521] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107da) returned 0x0
[0208.521] IsAppThemed () returned 0x1
[0208.521] GetThemeAppProperties () returned 0x3
[0208.521] GetThemeAppProperties () returned 0x3
[0208.521] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0208.521] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0208.521] GetCurrentObject (hdc=0xc50107da, type=0x1) returned 0xb00017
[0208.521] GetCurrentObject (hdc=0xc50107da, type=0x2) returned 0x900010
[0208.521] GetCurrentObject (hdc=0xc50107da, type=0x7) returned 0x4a0507fe
[0208.521] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.521] SaveDC (hdc=0xc50107da) returned 1
[0208.521] GetTextAlign (hdc=0xc50107da) returned 0x0
[0208.521] GetTextColor (hdc=0xc50107da) returned 0x0
[0208.522] GetCurrentObject (hdc=0xc50107da, type=0x6) returned 0x8a01c2
[0208.522] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0208.522] SelectObject (hdc=0xc50107da, h=0x6d0a0520) returned 0x8a01c2
[0208.522] GetBkMode (hdc=0xc50107da) returned 2
[0208.522] SetBkMode (hdc=0xc50107da, mode=1) returned 2
[0208.522] DrawTextExW (in: hdc=0xc50107da, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e71aa0 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0208.522] DrawTextExW (in: hdc=0xc50107da, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e71aa0 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0208.523] RestoreDC (hdc=0xc50107da, nSavedDC=-1) returned 1
[0208.523] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107da) returned 0x0
[0208.523] GetFocus () returned 0x1802d8
[0208.523] IsAppThemed () returned 0x1
[0208.523] GetThemeAppProperties () returned 0x3
[0208.523] GetThemeAppProperties () returned 0x3
[0208.523] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0208.523] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xc50107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.523] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107da) returned 0x0
[0208.523] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.523] SelectObject (hdc=0xc50107da, h=0x85000f) returned 0x4a0507fe
[0208.523] DeleteDC (hdc=0xc50107da) returned 1
[0208.524] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.524] EndPaint (hWnd=0x1602de, lpPaint=0xd7e24c) returned 1
[0208.524] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.525] IsWindowUnicode (hWnd=0x602c4) returned 1
[0208.525] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.525] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.525] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.525] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0208.525] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.525] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc70107da
[0208.525] SelectObject (hdc=0xc70107da, h=0x4a0507fe) returned 0x85000f
[0208.525] GdipCreateFromHDC (hdc=0xc70107da, graphics=0xd7e268) returned 0x0
[0208.525] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.525] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0208.525] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0208.526] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0208.526] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0208.526] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.526] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0208.526] LocalFree (hMem=0x11ee788) returned 0x0
[0208.526] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0208.526] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0208.526] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0208.526] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0208.526] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0208.526] GdipRestoreGraphics (graphics=0x6600030, state=0xfa5a0dbd) returned 0x0
[0208.526] GdipDeleteRegion (region=0x6645878) returned 0x0
[0208.526] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0208.526] GetCurrentObject (hdc=0xc70107da, type=0x1) returned 0xb00017
[0208.526] GetCurrentObject (hdc=0xc70107da, type=0x2) returned 0x900010
[0208.526] GetCurrentObject (hdc=0xc70107da, type=0x7) returned 0x4a0507fe
[0208.526] GetCurrentObject (hdc=0xc70107da, type=0x6) returned 0x8a01c2
[0208.527] SaveDC (hdc=0xc70107da) returned 1
[0208.527] GetNearestColor (hdc=0xc70107da, color=0xff) returned 0xff
[0208.527] GetNearestColor (hdc=0xc70107da, color=0x55) returned 0x55
[0208.527] GetNearestColor (hdc=0xc70107da, color=0x0) returned 0x0
[0208.527] GetNearestColor (hdc=0xc70107da, color=0x55) returned 0x55
[0208.527] GetNearestColor (hdc=0xc70107da, color=0x0) returned 0x0
[0208.527] GetNearestColor (hdc=0xc70107da, color=0x8080ff) returned 0x8080ff
[0208.527] GetNearestColor (hdc=0xc70107da, color=0x7373e5) returned 0x7373e5
[0208.527] GetNearestColor (hdc=0xc70107da, color=0xe5) returned 0xe5
[0208.527] GetNearestColor (hdc=0xc70107da, color=0x0) returned 0x0
[0208.527] RestoreDC (hdc=0xc70107da, nSavedDC=-1) returned 1
[0208.527] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107da) returned 0x0
[0208.527] IsAppThemed () returned 0x1
[0208.528] GetThemeAppProperties () returned 0x3
[0208.528] GetThemeAppProperties () returned 0x3
[0208.528] IsAppThemed () returned 0x1
[0208.528] GetThemeAppProperties () returned 0x3
[0208.528] GetThemeAppProperties () returned 0x3
[0208.528] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e72268 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0208.529] IsAppThemed () returned 0x1
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] IsAppThemed () returned 0x1
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] GetFocus () returned 0x1802d8
[0208.529] IsAppThemed () returned 0x1
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] IsAppThemed () returned 0x1
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] IsThemePartDefined () returned 0x1
[0208.529] IsAppThemed () returned 0x1
[0208.529] GetThemeAppProperties () returned 0x3
[0208.529] GetThemeAppProperties () returned 0x3
[0208.530] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0208.530] IsAppThemed () returned 0x1
[0208.530] GetThemeAppProperties () returned 0x3
[0208.530] GetThemeAppProperties () returned 0x3
[0208.530] IsAppThemed () returned 0x1
[0208.530] GetThemeAppProperties () returned 0x3
[0208.530] GetThemeAppProperties () returned 0x3
[0208.530] IsThemePartDefined () returned 0x1
[0208.530] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0208.530] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0208.530] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0208.530] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0208.530] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0208.530] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.530] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0208.530] LocalFree (hMem=0x11ee788) returned 0x0
[0208.530] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0208.530] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0208.530] LocalFree (hMem=0x11eea60) returned 0x0
[0208.530] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0208.531] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0208.531] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0208.531] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0208.531] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0208.531] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0208.531] GetCurrentObject (hdc=0xc70107da, type=0x1) returned 0xb00017
[0208.531] GetCurrentObject (hdc=0xc70107da, type=0x2) returned 0x900010
[0208.531] GetCurrentObject (hdc=0xc70107da, type=0x7) returned 0x4a0507fe
[0208.531] GetCurrentObject (hdc=0xc70107da, type=0x6) returned 0x8a01c2
[0208.531] SaveDC (hdc=0xc70107da) returned 1
[0208.531] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x83040807
[0208.531] GetClipRgn (hdc=0xc70107da, hrgn=0x83040807) returned 0
[0208.531] SelectClipRgn (hdc=0xc70107da, hrgn=0xd0407de) returned 2
[0208.531] DeleteObject (ho=0x83040807) returned 1
[0208.531] DeleteObject (ho=0xd0407de) returned 1
[0208.532] OffsetViewportOrgEx (in: hdc=0xc70107da, x=0, y=0, lppt=0x2e72918 | out: lppt=0x2e72918) returned 1
[0208.532] DrawThemeParentBackground () returned 0x0
[0208.532] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0208.532] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0208.532] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.532] GetSystemMetrics (nIndex=42) returned 0
[0208.532] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0208.532] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0208.532] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0208.532] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0208.532] SelectPalette (hdc=0xc70107da, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.533] GdipCreateFromHDC (hdc=0xc70107da, graphics=0xd7dac8) returned 0x0
[0208.533] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0208.533] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0208.533] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638d28) returned 0x0
[0208.533] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7daa0) returned 0x0
[0208.533] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0208.533] GdipCreateRegion (region=0xd7da88) returned 0x0
[0208.533] GdipGetClip (graphics=0x663e568, region=0x66456c8) returned 0x0
[0208.533] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x663e568, result=0xd7da94) returned 0x0
[0208.533] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0208.533] GdipSaveGraphics (graphics=0x663e568, state=0xd7dac0) returned 0x0
[0208.533] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0208.540] GdipFillRectangleI (graphics=0x663e568, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0208.540] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0208.542] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0208.542] SelectPalette (hdc=0xc70107da, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.542] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.542] GetSystemMetrics (nIndex=42) returned 0
[0208.542] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0208.542] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0208.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0208.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0208.542] SelectPalette (hdc=0xc70107da, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.542] GdipCreateFromHDC (hdc=0xc70107da, graphics=0xd7da68) returned 0x0
[0208.543] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0208.543] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0208.543] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a58) returned 0x0
[0208.543] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7da40) returned 0x0
[0208.543] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0208.543] GdipCreateRegion (region=0xd7da28) returned 0x0
[0208.543] GdipGetClip (graphics=0x663e568, region=0x6645b48) returned 0x0
[0208.543] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x663e568, result=0xd7da34) returned 0x0
[0208.543] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0208.543] GdipSaveGraphics (graphics=0x663e568, state=0xd7da60) returned 0x0
[0208.543] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0208.555] GdipFillRectangleI (graphics=0x663e568, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0208.556] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0208.557] GdipRestoreGraphics (graphics=0x663e568, state=0xfa560dbd) returned 0x0
[0208.557] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.557] GetSystemMetrics (nIndex=42) returned 0
[0208.557] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0208.558] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0208.558] SelectPalette (hdc=0xc70107da, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.558] RestoreDC (hdc=0xc70107da, nSavedDC=-1) returned 1
[0208.558] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107da) returned 0x0
[0208.558] IsAppThemed () returned 0x1
[0208.558] GetThemeAppProperties () returned 0x3
[0208.558] GetThemeAppProperties () returned 0x3
[0208.558] IsAppThemed () returned 0x1
[0208.558] GetThemeAppProperties () returned 0x3
[0208.558] GetThemeAppProperties () returned 0x3
[0208.558] IsThemePartDefined () returned 0x1
[0208.558] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0208.558] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0208.558] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0208.559] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0208.559] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df74) returned 0x0
[0208.559] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.559] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0208.559] LocalFree (hMem=0x11ee868) returned 0x0
[0208.559] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0208.559] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee8d8) returned 0x0
[0208.559] LocalFree (hMem=0x11ee8d8) returned 0x0
[0208.559] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0208.559] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0208.559] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0208.559] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0208.559] GdipDeleteRegion (region=0x6645638) returned 0x0
[0208.597] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0208.597] GetCurrentObject (hdc=0xc70107da, type=0x1) returned 0xb00017
[0208.597] GetCurrentObject (hdc=0xc70107da, type=0x2) returned 0x900010
[0208.597] GetCurrentObject (hdc=0xc70107da, type=0x7) returned 0x4a0507fe
[0208.597] GetCurrentObject (hdc=0xc70107da, type=0x6) returned 0x8a01c2
[0208.597] SaveDC (hdc=0xc70107da) returned 1
[0208.597] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe0407de
[0208.597] GetClipRgn (hdc=0xc70107da, hrgn=0xe0407de) returned 0
[0208.597] SelectClipRgn (hdc=0xc70107da, hrgn=0x85040807) returned 2
[0208.597] DeleteObject (ho=0xe0407de) returned 1
[0208.597] DeleteObject (ho=0x85040807) returned 1
[0208.597] OffsetViewportOrgEx (in: hdc=0xc70107da, x=0, y=0, lppt=0x2e79168 | out: lppt=0x2e79168) returned 1
[0208.597] IsAppThemed () returned 0x1
[0208.597] GetThemeAppProperties () returned 0x3
[0208.598] GetThemeAppProperties () returned 0x3
[0208.598] DrawThemeBackground () returned 0x0
[0208.598] RestoreDC (hdc=0xc70107da, nSavedDC=-1) returned 1
[0208.598] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107da) returned 0x0
[0208.598] GdipCreateRegion (region=0xd7df60) returned 0x0
[0208.598] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0208.598] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0208.598] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0208.598] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df78) returned 0x0
[0208.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0208.598] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee8d8) returned 0x0
[0208.598] LocalFree (hMem=0x11ee8d8) returned 0x0
[0208.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.598] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0208.598] LocalFree (hMem=0x11ee788) returned 0x0
[0208.598] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0208.599] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0208.599] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df90) returned 0x0
[0208.599] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0208.599] GdipDeleteRegion (region=0x6645758) returned 0x0
[0208.599] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0208.599] GetCurrentObject (hdc=0xc70107da, type=0x1) returned 0xb00017
[0208.599] GetCurrentObject (hdc=0xc70107da, type=0x2) returned 0x900010
[0208.599] GetCurrentObject (hdc=0xc70107da, type=0x7) returned 0x4a0507fe
[0208.599] GetCurrentObject (hdc=0xc70107da, type=0x6) returned 0x8a01c2
[0208.599] SaveDC (hdc=0xc70107da) returned 1
[0208.599] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x86040807
[0208.599] GetClipRgn (hdc=0xc70107da, hrgn=0x86040807) returned 0
[0208.599] SelectClipRgn (hdc=0xc70107da, hrgn=0xf0407de) returned 2
[0208.599] DeleteObject (ho=0x86040807) returned 1
[0208.599] DeleteObject (ho=0xf0407de) returned 1
[0208.599] OffsetViewportOrgEx (in: hdc=0xc70107da, x=0, y=0, lppt=0x2e7943c | out: lppt=0x2e7943c) returned 1
[0208.599] IsAppThemed () returned 0x1
[0208.599] GetThemeAppProperties () returned 0x3
[0208.600] GetThemeAppProperties () returned 0x3
[0208.600] GetThemeBackgroundContentRect () returned 0x0
[0208.600] RestoreDC (hdc=0xc70107da, nSavedDC=-1) returned 1
[0208.600] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107da) returned 0x0
[0208.600] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0208.600] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0208.600] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0208.600] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0208.600] IsAppThemed () returned 0x1
[0208.600] GetThemeAppProperties () returned 0x3
[0208.600] GetThemeAppProperties () returned 0x3
[0208.600] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0208.600] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0208.600] GetCurrentObject (hdc=0xc70107da, type=0x1) returned 0xb00017
[0208.600] GetCurrentObject (hdc=0xc70107da, type=0x2) returned 0x900010
[0208.600] GetCurrentObject (hdc=0xc70107da, type=0x7) returned 0x4a0507fe
[0208.600] GetCurrentObject (hdc=0xc70107da, type=0x6) returned 0x8a01c2
[0208.600] SaveDC (hdc=0xc70107da) returned 1
[0208.600] GetTextAlign (hdc=0xc70107da) returned 0x0
[0208.600] GetTextColor (hdc=0xc70107da) returned 0x0
[0208.601] GetCurrentObject (hdc=0xc70107da, type=0x6) returned 0x8a01c2
[0208.601] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0208.601] SelectObject (hdc=0xc70107da, h=0x6d0a0520) returned 0x8a01c2
[0208.601] GetBkMode (hdc=0xc70107da) returned 2
[0208.601] SetBkMode (hdc=0xc70107da, mode=1) returned 2
[0208.601] DrawTextExW (in: hdc=0xc70107da, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e79800 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0208.601] DrawTextExW (in: hdc=0xc70107da, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e79800 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0208.602] RestoreDC (hdc=0xc70107da, nSavedDC=-1) returned 1
[0208.602] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107da) returned 0x0
[0208.602] GetFocus () returned 0x1802d8
[0208.602] IsAppThemed () returned 0x1
[0208.602] GetThemeAppProperties () returned 0x3
[0208.602] GetThemeAppProperties () returned 0x3
[0208.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0208.602] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xc70107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.602] GdipReleaseDC (graphics=0x6600030, hdc=0xc70107da) returned 0x0
[0208.602] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.603] SelectObject (hdc=0xc70107da, h=0x85000f) returned 0x4a0507fe
[0208.603] DeleteDC (hdc=0xc70107da) returned 1
[0208.603] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.603] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0208.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.603] IsWindowUnicode (hWnd=0xc02ce) returned 1
[0208.603] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.603] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.603] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.604] IsWindowUnicode (hWnd=0xc02ce) returned 1
[0208.604] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.604] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.604] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.604] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x2a1, wParam=0x0, lParam=0xb003d) returned 0x0
[0208.604] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0208.604] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0208.604] WaitMessage () returned 1
[0208.647] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.647] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.647] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.647] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.647] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.667] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.668] IsWindowUnicode (hWnd=0x502c6) returned 1
[0208.668] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.668] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.669] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.697] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.698] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.698] IsWindowUnicode (hWnd=0xc02ce) returned 1
[0208.698] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.698] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.698] GetDlgItem (hDlg=0x1602dc, nIDDlgItem=0) returned 0x0
[0208.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x210, wParam=0x201, lParam=0x69011e) returned 0x0
[0208.698] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x21, wParam=0x1602dc, lParam=0x2010001) returned 0x1
[0208.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x21, wParam=0x1602dc, lParam=0x2010001) returned 0x1
[0208.698] SetCursor (hCursor=0x10003) returned 0x10003
[0208.699] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.699] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.699] GetKeyState (nVirtKey=1) returned -127
[0208.699] GetKeyState (nVirtKey=2) returned 0
[0208.699] GetKeyState (nVirtKey=4) returned 0
[0208.699] GetKeyState (nVirtKey=5) returned 0
[0208.699] GetKeyState (nVirtKey=6) returned 0
[0208.699] IsWindowVisible (hWnd=0xc02ce) returned 1
[0208.699] IsWindowEnabled (hWnd=0xc02ce) returned 1
[0208.699] SetFocus (hWnd=0xc02ce) returned 0x1802d8
[0208.699] GetFocus () returned 0xc02ce
[0208.699] IsChild (hWndParent=0x1602dc, hWnd=0xc02ce) returned 1
[0208.699] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x8, wParam=0xc02ce, lParam=0x0) returned 0x0
[0208.700] GetCapture () returned 0x0
[0208.700] InvalidateRect (hWnd=0x1802d8, lpRect=0x0, bErase=0) returned 1
[0208.701] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0208.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0208.704] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.704] InvalidateRect (hWnd=0x1802d8, lpRect=0x0, bErase=0) returned 1
[0208.704] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x7, wParam=0x1802d8, lParam=0x0) returned 0x0
[0208.704] GetStockObject (i=5) returned 0x900015
[0208.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0208.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0208.705] GetDlgItem (hDlg=0x1602dc, nIDDlgItem=787150) returned 0xc02ce
[0208.705] SendMessageW (hWnd=0xc02ce, Msg=0x202b, wParam=0xc02ce, lParam=0xd7dddc) returned 0x0
[0208.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x202b, wParam=0xc02ce, lParam=0xd7dddc) returned 0x0
[0208.705] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.706] GetFocus () returned 0xc02ce
[0208.706] GetFocus () returned 0xc02ce
[0208.706] GetFocus () returned 0xc02ce
[0208.707] GetKeyState (nVirtKey=1) returned -127
[0208.707] GetKeyState (nVirtKey=2) returned 0
[0208.707] GetKeyState (nVirtKey=4) returned 0
[0208.707] GetKeyState (nVirtKey=5) returned 0
[0208.707] GetKeyState (nVirtKey=6) returned 0
[0208.707] GetCapture () returned 0x0
[0208.707] SetCapture (hWnd=0xc02ce) returned 0x0
[0208.707] GetKeyState (nVirtKey=1) returned -127
[0208.707] GetKeyState (nVirtKey=2) returned 0
[0208.707] GetKeyState (nVirtKey=4) returned 0
[0208.707] GetKeyState (nVirtKey=5) returned 0
[0208.707] GetKeyState (nVirtKey=6) returned 0
[0208.707] NotifyWinEvent (event=0x800a, hwnd=0xc02ce, idObject=-4, idChild=0)
[0208.707] InvalidateRect (hWnd=0xc02ce, lpRect=0xd7e430, bErase=0) returned 1
[0208.707] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.707] IsWindowUnicode (hWnd=0xc02ce) returned 1
[0208.707] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.707] TranslateMessage (lpMsg=0xd7e808) returned 0
[0208.707] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0208.708] MapWindowPoints (in: hWndFrom=0xc02ce, hWndTo=0x0, lpPoints=0x2e79a14, cPoints=0x1 | out: lpPoints=0x2e79a14) returned 30999254
[0208.708] NotifyWinEvent (event=0x800a, hwnd=0xc02ce, idObject=-4, idChild=0)
[0208.708] InvalidateRect (hWnd=0xc02ce, lpRect=0xd7e3d0, bErase=0) returned 1
[0208.708] UpdateWindow (hWnd=0xc02ce) returned 1
[0208.708] BeginPaint (in: hWnd=0xc02ce, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0208.708] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.708] CreateCompatibleDC (hdc=0x60100ce) returned 0x6e0106b6
[0208.708] SelectObject (hdc=0x6e0106b6, h=0x4a0507fe) returned 0x85000f
[0208.708] GdipCreateFromHDC (hdc=0x6e0106b6, graphics=0xd7df00) returned 0x0
[0208.708] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.708] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0208.709] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0208.709] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0208.709] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df60) returned 0x0
[0208.709] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.709] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0208.709] LocalFree (hMem=0x11eec58) returned 0x0
[0208.709] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0208.709] GdipCreateRegion (region=0xd7df48) returned 0x0
[0208.709] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0208.709] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0208.709] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0208.709] GdipRestoreGraphics (graphics=0x6600030, state=0xfa540dbd) returned 0x0
[0208.709] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0208.709] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0208.709] GetCurrentObject (hdc=0x6e0106b6, type=0x1) returned 0xb00017
[0208.709] GetCurrentObject (hdc=0x6e0106b6, type=0x2) returned 0x900010
[0208.709] GetCurrentObject (hdc=0x6e0106b6, type=0x7) returned 0x4a0507fe
[0208.710] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.710] SaveDC (hdc=0x6e0106b6) returned 1
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0xf0f0f0) returned 0xf0f0f0
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0xa0a0a0) returned 0xa0a0a0
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0x696969) returned 0x696969
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0xa0a0a0) returned 0xa0a0a0
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0x0) returned 0x0
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0xffffff) returned 0xffffff
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0xe5e5e5) returned 0xe5e5e5
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0xd7d7d7) returned 0xd7d7d7
[0208.710] GetNearestColor (hdc=0x6e0106b6, color=0x0) returned 0x0
[0208.710] RestoreDC (hdc=0x6e0106b6, nSavedDC=-1) returned 1
[0208.710] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0106b6) returned 0x0
[0208.710] IsAppThemed () returned 0x1
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] IsAppThemed () returned 0x1
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e7a16c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0208.711] IsAppThemed () returned 0x1
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] IsAppThemed () returned 0x1
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] GetThemeAppProperties () returned 0x3
[0208.711] IsAppThemed () returned 0x1
[0208.711] GetThemeAppProperties () returned 0x3
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] IsAppThemed () returned 0x1
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] IsThemePartDefined () returned 0x1
[0208.712] IsAppThemed () returned 0x1
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0208.712] IsAppThemed () returned 0x1
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] IsAppThemed () returned 0x1
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] GetThemeAppProperties () returned 0x3
[0208.712] IsThemePartDefined () returned 0x1
[0208.712] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0208.712] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0208.712] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0208.712] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0208.712] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc7c) returned 0x0
[0208.712] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.713] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0208.713] LocalFree (hMem=0x11eec58) returned 0x0
[0208.713] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.713] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0208.713] LocalFree (hMem=0x11eec58) returned 0x0
[0208.713] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0208.713] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0208.713] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0208.713] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0208.713] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0208.713] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0208.713] GetCurrentObject (hdc=0x6e0106b6, type=0x1) returned 0xb00017
[0208.713] GetCurrentObject (hdc=0x6e0106b6, type=0x2) returned 0x900010
[0208.713] GetCurrentObject (hdc=0x6e0106b6, type=0x7) returned 0x4a0507fe
[0208.713] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.713] SaveDC (hdc=0x6e0106b6) returned 1
[0208.714] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x100407de
[0208.714] GetClipRgn (hdc=0x6e0106b6, hrgn=0x100407de) returned 0
[0208.714] SelectClipRgn (hdc=0x6e0106b6, hrgn=0x8a040807) returned 2
[0208.714] DeleteObject (ho=0x100407de) returned 1
[0208.714] DeleteObject (ho=0x8a040807) returned 1
[0208.714] OffsetViewportOrgEx (in: hdc=0x6e0106b6, x=0, y=0, lppt=0x2e7a81c | out: lppt=0x2e7a81c) returned 1
[0208.714] DrawThemeParentBackground () returned 0x0
[0208.714] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0208.714] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0208.714] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.714] GetSystemMetrics (nIndex=42) returned 0
[0208.714] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0208.714] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0208.715] GetCurrentObject (hdc=0x6e0106b6, type=0x1) returned 0xb00017
[0208.715] GetCurrentObject (hdc=0x6e0106b6, type=0x2) returned 0x900010
[0208.715] GetCurrentObject (hdc=0x6e0106b6, type=0x7) returned 0x4a0507fe
[0208.715] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.715] SaveDC (hdc=0x6e0106b6) returned 2
[0208.715] GetNearestColor (hdc=0x6e0106b6, color=0xf0f0f0) returned 0xf0f0f0
[0208.715] CreateSolidBrush (color=0xf0f0f0) returned 0xe1007e1
[0208.715] FillRect (hDC=0x6e0106b6, lprc=0xd7d6c8, hbr=0xe1007e1) returned 1
[0208.715] DeleteObject (ho=0xe1007e1) returned 1
[0208.715] RestoreDC (hdc=0x6e0106b6, nSavedDC=-1) returned 1
[0208.715] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.715] GetSystemMetrics (nIndex=42) returned 0
[0208.715] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0208.717] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0208.717] GetCurrentObject (hdc=0x6e0106b6, type=0x1) returned 0xb00017
[0208.717] GetCurrentObject (hdc=0x6e0106b6, type=0x2) returned 0x900010
[0208.717] GetCurrentObject (hdc=0x6e0106b6, type=0x7) returned 0x4a0507fe
[0208.717] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.717] SaveDC (hdc=0x6e0106b6) returned 2
[0208.717] GetNearestColor (hdc=0x6e0106b6, color=0xf0f0f0) returned 0xf0f0f0
[0208.718] CreateSolidBrush (color=0xf0f0f0) returned 0xf1007e1
[0208.718] FillRect (hDC=0x6e0106b6, lprc=0xd7d668, hbr=0xf1007e1) returned 1
[0208.718] DeleteObject (ho=0xf1007e1) returned 1
[0208.718] RestoreDC (hdc=0x6e0106b6, nSavedDC=-1) returned 1
[0208.718] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.718] GetSystemMetrics (nIndex=42) returned 0
[0208.718] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0208.718] RestoreDC (hdc=0x6e0106b6, nSavedDC=-1) returned 1
[0208.718] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0106b6) returned 0x0
[0208.718] IsAppThemed () returned 0x1
[0208.718] GetThemeAppProperties () returned 0x3
[0208.719] GetThemeAppProperties () returned 0x3
[0208.719] IsAppThemed () returned 0x1
[0208.719] GetThemeAppProperties () returned 0x3
[0208.719] GetThemeAppProperties () returned 0x3
[0208.719] IsThemePartDefined () returned 0x1
[0208.719] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0208.719] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0208.719] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0208.719] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0208.719] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0208.719] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.719] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0208.719] LocalFree (hMem=0x11ee868) returned 0x0
[0208.719] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0208.719] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea28) returned 0x0
[0208.719] LocalFree (hMem=0x11eea28) returned 0x0
[0208.719] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0208.719] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0208.719] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0208.720] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0208.720] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0208.720] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0208.720] GetCurrentObject (hdc=0x6e0106b6, type=0x1) returned 0xb00017
[0208.720] GetCurrentObject (hdc=0x6e0106b6, type=0x2) returned 0x900010
[0208.720] GetCurrentObject (hdc=0x6e0106b6, type=0x7) returned 0x4a0507fe
[0208.720] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.720] SaveDC (hdc=0x6e0106b6) returned 1
[0208.720] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b040807
[0208.720] GetClipRgn (hdc=0x6e0106b6, hrgn=0x8b040807) returned 0
[0208.720] SelectClipRgn (hdc=0x6e0106b6, hrgn=0x120407de) returned 2
[0208.720] DeleteObject (ho=0x8b040807) returned 1
[0208.720] DeleteObject (ho=0x120407de) returned 1
[0208.720] OffsetViewportOrgEx (in: hdc=0x6e0106b6, x=0, y=0, lppt=0x2e7b0c8 | out: lppt=0x2e7b0c8) returned 1
[0208.721] IsAppThemed () returned 0x1
[0208.721] GetThemeAppProperties () returned 0x3
[0208.721] GetThemeAppProperties () returned 0x3
[0208.721] DrawThemeBackground () returned 0x0
[0208.721] RestoreDC (hdc=0x6e0106b6, nSavedDC=-1) returned 1
[0208.721] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0106b6) returned 0x0
[0208.721] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0208.721] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0208.721] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0208.721] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0208.721] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc04) returned 0x0
[0208.721] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.721] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0208.721] LocalFree (hMem=0x11ee868) returned 0x0
[0208.721] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0208.721] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0208.721] LocalFree (hMem=0x11eecc8) returned 0x0
[0208.721] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0208.722] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0208.722] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0208.722] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0208.722] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0208.722] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0208.722] GetCurrentObject (hdc=0x6e0106b6, type=0x1) returned 0xb00017
[0208.722] GetCurrentObject (hdc=0x6e0106b6, type=0x2) returned 0x900010
[0208.722] GetCurrentObject (hdc=0x6e0106b6, type=0x7) returned 0x4a0507fe
[0208.722] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.722] SaveDC (hdc=0x6e0106b6) returned 1
[0208.722] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x130407de
[0208.722] GetClipRgn (hdc=0x6e0106b6, hrgn=0x130407de) returned 0
[0208.722] SelectClipRgn (hdc=0x6e0106b6, hrgn=0x8c040807) returned 2
[0208.722] DeleteObject (ho=0x130407de) returned 1
[0208.722] DeleteObject (ho=0x8c040807) returned 1
[0208.723] OffsetViewportOrgEx (in: hdc=0x6e0106b6, x=0, y=0, lppt=0x2e7b39c | out: lppt=0x2e7b39c) returned 1
[0208.723] IsAppThemed () returned 0x1
[0208.723] GetThemeAppProperties () returned 0x3
[0208.723] GetThemeAppProperties () returned 0x3
[0208.723] GetThemeBackgroundContentRect () returned 0x0
[0208.723] RestoreDC (hdc=0x6e0106b6, nSavedDC=-1) returned 1
[0208.723] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0106b6) returned 0x0
[0208.723] IsAppThemed () returned 0x1
[0208.723] GetThemeAppProperties () returned 0x3
[0208.723] GetThemeAppProperties () returned 0x3
[0208.723] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0208.723] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0208.723] GetCurrentObject (hdc=0x6e0106b6, type=0x1) returned 0xb00017
[0208.723] GetCurrentObject (hdc=0x6e0106b6, type=0x2) returned 0x900010
[0208.723] GetCurrentObject (hdc=0x6e0106b6, type=0x7) returned 0x4a0507fe
[0208.723] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.724] SaveDC (hdc=0x6e0106b6) returned 1
[0208.724] GetTextAlign (hdc=0x6e0106b6) returned 0x0
[0208.724] GetTextColor (hdc=0x6e0106b6) returned 0x0
[0208.724] GetCurrentObject (hdc=0x6e0106b6, type=0x6) returned 0x8a01c2
[0208.724] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0208.724] SelectObject (hdc=0x6e0106b6, h=0x6d0a0520) returned 0x8a01c2
[0208.724] GetBkMode (hdc=0x6e0106b6) returned 2
[0208.724] SetBkMode (hdc=0x6e0106b6, mode=1) returned 2
[0208.724] DrawTextExW (in: hdc=0x6e0106b6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e7b73c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0208.724] DrawTextExW (in: hdc=0x6e0106b6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e7b73c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0208.725] RestoreDC (hdc=0x6e0106b6, nSavedDC=-1) returned 1
[0208.725] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0106b6) returned 0x0
[0208.725] GetFocus () returned 0xc02ce
[0208.725] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0208.725] SendMessageW (hWnd=0x1602dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0208.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0208.725] IsAppThemed () returned 0x1
[0208.725] GetThemeAppProperties () returned 0x3
[0208.725] GetThemeAppProperties () returned 0x3
[0208.725] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0208.725] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x6e0106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.726] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0106b6) returned 0x0
[0208.726] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.726] SelectObject (hdc=0x6e0106b6, h=0x85000f) returned 0x4a0507fe
[0208.726] DeleteDC (hdc=0x6e0106b6) returned 1
[0208.726] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.726] EndPaint (hWnd=0xc02ce, lpPaint=0xd7dee4) returned 1
[0208.726] MapWindowPoints (in: hWndFrom=0xc02ce, hWndTo=0x0, lpPoints=0x2e7b838, cPoints=0x1 | out: lpPoints=0x2e7b838) returned 30999254
[0208.726] WindowFromPoint (Point=0x313) returned 0xc02ce
[0208.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.727] NotifyWinEvent (event=0x800a, hwnd=0xc02ce, idObject=-4, idChild=0)
[0208.727] NotifyWinEvent (event=0x800c, hwnd=0xc02ce, idObject=-4, idChild=0)
[0208.727] GetCapture () returned 0xc02ce
[0208.727] ReleaseCapture () returned 1
[0208.727] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0208.727] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0208.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.728] IsWindow (hWnd=0x7005c) returned 1
[0208.728] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0208.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0208.729] IsWindow (hWnd=0x1602dc) returned 1
[0208.729] SetActiveWindow (hWnd=0x1602dc) returned 0x1602dc
[0208.729] IsWindow (hWnd=0x1602dc) returned 1
[0208.729] SetFocus (hWnd=0x1602dc) returned 0xc02ce
[0208.729] GetFocus () returned 0x1602dc
[0208.729] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x8, wParam=0x1602dc, lParam=0x0) returned 0x0
[0208.729] GetCapture () returned 0x0
[0208.729] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.730] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0208.733] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0208.734] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.734] GetFocus () returned 0x1602dc
[0208.735] SetFocus (hWnd=0xc02ce) returned 0x1602dc
[0208.735] GetFocus () returned 0xc02ce
[0208.735] IsChild (hWndParent=0x1602dc, hWnd=0xc02ce) returned 1
[0208.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x8, wParam=0xc02ce, lParam=0x0) returned 0x0
[0208.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0208.737] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0208.740] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.740] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x7, wParam=0x1602dc, lParam=0x0) returned 0x0
[0208.740] GetStockObject (i=5) returned 0x900015
[0208.740] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0208.740] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0208.740] GetDlgItem (hDlg=0x1602dc, nIDDlgItem=787150) returned 0xc02ce
[0208.740] SendMessageW (hWnd=0xc02ce, Msg=0x202b, wParam=0xc02ce, lParam=0xd7ddcc) returned 0x0
[0208.740] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x202b, wParam=0xc02ce, lParam=0xd7ddcc) returned 0x0
[0208.740] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.742] GetWindowLongW (hWnd=0x1602dc, nIndex=-8) returned 458844
[0208.742] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0208.742] GetCurrentThreadId () returned 0xf50
[0208.742] IsWindow (hWnd=0x7005c) returned 1
[0208.742] IsWindow (hWnd=0x7005c) returned 1
[0208.742] IsWindowVisible (hWnd=0x7005c) returned 1
[0208.742] SetActiveWindow (hWnd=0x7005c) returned 0x1602dc
[0208.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0208.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0208.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0208.747] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0208.747] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0208.747] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0208.747] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0208.748] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.748] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.748] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.749] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1602dc) returned 0x1
[0208.751] GetFocus () returned 0xc02ce
[0208.752] SetFocus (hWnd=0x602c4) returned 0xc02ce
[0208.752] GetFocus () returned 0x602c4
[0208.752] IsChild (hWndParent=0x1602dc, hWnd=0x602c4) returned 0
[0208.752] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0208.752] GetCapture () returned 0x0
[0208.752] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.753] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0208.754] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0208.756] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.756] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0208.756] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0208.757] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0208.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xc02ce, lParam=0x0) returned 0x0
[0208.757] GetStockObject (i=5) returned 0x900015
[0208.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0208.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed760) returned 0xc
[0208.758] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0208.758] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0208.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0208.758] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0208.760] GetFocus () returned 0x602c4
[0208.760] IsChild (hWndParent=0x1602dc, hWnd=0x602c4) returned 0
[0208.760] ShowWindow (hWnd=0x1602dc, nCmdShow=0) returned 1
[0208.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0208.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0208.761] GetWindowPlacement (in: hWnd=0x1602dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0208.761] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0208.762] GetClientRect (in: hWnd=0x1602dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0208.762] GetWindowRect (in: hWnd=0x1602dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0208.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0208.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0208.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0208.770] GetWindowLongW (hWnd=0x1602dc, nIndex=-20) returned 327945
[0208.770] DestroyWindow (hWnd=0x1602dc) returned 1
[0208.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0208.771] GetWindowTextLengthW (hWnd=0x1602dc) returned 13
[0208.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.771] GetSystemMetrics (nIndex=42) returned 0
[0208.771] GetWindowTextW (in: hWnd=0x1602dc, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0208.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0208.771] GetWindowTextLengthW (hWnd=0x1900ea) returned 0
[0208.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0208.771] GetSystemMetrics (nIndex=42) returned 0
[0208.771] GetWindowTextW (in: hWnd=0x1900ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0208.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0208.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0208.771] GetWindowThreadProcessId (in: hWnd=0xb02d0, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0208.771] GetWindow (hWnd=0xb02d0, uCmd=0x5) returned 0x0
[0208.772] GetWindowLongW (hWnd=0xb02d0, nIndex=-20) returned 65792
[0208.772] DestroyWindow (hWnd=0xb02d0) returned 1
[0208.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0208.772] GetWindowTextLengthW (hWnd=0xb02d0) returned 25
[0208.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0208.772] GetSystemMetrics (nIndex=42) returned 0
[0208.772] GetWindowTextW (in: hWnd=0xb02d0, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0208.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0208.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0208.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xb02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.773] GetWindowTextLengthW (hWnd=0x1002c8) returned 232
[0208.773] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0208.774] GetSystemMetrics (nIndex=42) returned 0
[0208.774] GetWindowTextW (in: hWnd=0x1002c8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0208.774] InvalidateRect (hWnd=0xc02ce, lpRect=0x0, bErase=0) returned 1
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0208.774] SendMessageW (hWnd=0x1602da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0208.774] SendMessageW (hWnd=0x1602da, Msg=0xb0, wParam=0x2e47738, lParam=0xd7e480) returned 0x0
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0xb0, wParam=0x2e47738, lParam=0xd7e480) returned 0x0
[0208.774] GetWindowTextLengthW (hWnd=0x1602da) returned 4363
[0208.774] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0208.775] GetSystemMetrics (nIndex=42) returned 0
[0208.775] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0208.775] GetWindowTextW (in: hWnd=0x1602da, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0208.775] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0208.775] CoTaskMemFree (pv=0x1209508)
[0208.775] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0208.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1900ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.777] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1002c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.778] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.786] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xc02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.787] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1602de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.788] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0208.792] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.792] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.792] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.792] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.793] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.793] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.793] IsWindowUnicode (hWnd=0x7005c) returned 1
[0208.793] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.793] SetCursor (hCursor=0x10003) returned 0x10003
[0208.794] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.794] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.830] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0208.830] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0208.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0208.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0255) returned 0x0
[0208.830] GetKeyState (nVirtKey=1) returned 1
[0208.830] GetKeyState (nVirtKey=2) returned 0
[0208.831] GetKeyState (nVirtKey=4) returned 0
[0208.831] GetKeyState (nVirtKey=5) returned 0
[0208.831] GetKeyState (nVirtKey=6) returned 0
[0208.831] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.831] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.831] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.831] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.831] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.831] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.832] IsWindowUnicode (hWnd=0x7005c) returned 1
[0208.832] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.832] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.832] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.833] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.833] IsWindowUnicode (hWnd=0x7005c) returned 1
[0208.833] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40313) returned 0x1
[0208.833] SetCursor (hCursor=0x10003) returned 0x10003
[0208.833] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.833] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0255) returned 0x0
[0208.833] GetKeyState (nVirtKey=1) returned 1
[0208.834] GetKeyState (nVirtKey=2) returned 0
[0208.834] GetKeyState (nVirtKey=4) returned 0
[0208.834] GetKeyState (nVirtKey=5) returned 0
[0208.834] GetKeyState (nVirtKey=6) returned 0
[0208.834] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.834] IsWindowUnicode (hWnd=0x602c4) returned 1
[0208.834] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.834] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.834] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.834] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.837] IsWindowUnicode (hWnd=0x602c4) returned 1
[0208.837] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.837] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.837] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.837] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.837] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.837] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.837] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.837] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.838] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.838] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.838] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.838] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.838] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.838] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.838] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.838] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.838] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.838] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.839] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.839] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.839] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.839] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.839] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.839] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.840] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.840] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.840] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.840] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.840] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.847] IsWindowUnicode (hWnd=0x602c4) returned 1
[0208.847] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.847] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.847] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.847] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0208.848] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.848] CreateCompatibleDC (hdc=0x107b9) returned 0x880106b6
[0208.848] SelectObject (hdc=0x880106b6, h=0x4a0507fe) returned 0x85000f
[0208.848] GdipCreateFromHDC (hdc=0x880106b6, graphics=0xd7e798) returned 0x0
[0208.848] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0208.848] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0208.848] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0208.848] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0208.848] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e7f8) returned 0x0
[0208.848] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.848] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0208.848] LocalFree (hMem=0x11eec58) returned 0x0
[0208.849] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0208.849] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0208.849] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0208.849] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0208.849] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0208.849] GdipRestoreGraphics (graphics=0x6600030, state=0xfa520dbd) returned 0x0
[0208.849] GdipDeleteRegion (region=0x6645098) returned 0x0
[0208.849] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0208.849] GetCurrentObject (hdc=0x880106b6, type=0x1) returned 0xb00017
[0208.849] GetCurrentObject (hdc=0x880106b6, type=0x2) returned 0x900010
[0208.849] GetCurrentObject (hdc=0x880106b6, type=0x7) returned 0x4a0507fe
[0208.849] GetCurrentObject (hdc=0x880106b6, type=0x6) returned 0x8a01c2
[0208.849] SaveDC (hdc=0x880106b6) returned 1
[0208.849] GetNearestColor (hdc=0x880106b6, color=0xff) returned 0xff
[0208.849] GetNearestColor (hdc=0x880106b6, color=0x55) returned 0x55
[0208.850] GetNearestColor (hdc=0x880106b6, color=0x0) returned 0x0
[0208.850] GetNearestColor (hdc=0x880106b6, color=0x55) returned 0x55
[0208.850] GetNearestColor (hdc=0x880106b6, color=0x0) returned 0x0
[0208.850] GetNearestColor (hdc=0x880106b6, color=0x8080ff) returned 0x8080ff
[0208.850] GetNearestColor (hdc=0x880106b6, color=0x7373e5) returned 0x7373e5
[0208.850] GetNearestColor (hdc=0x880106b6, color=0xe5) returned 0xe5
[0208.850] GetNearestColor (hdc=0x880106b6, color=0x0) returned 0x0
[0208.850] RestoreDC (hdc=0x880106b6, nSavedDC=-1) returned 1
[0208.850] GdipReleaseDC (graphics=0x6600030, hdc=0x880106b6) returned 0x0
[0208.850] IsAppThemed () returned 0x1
[0208.850] GetThemeAppProperties () returned 0x3
[0208.850] GetThemeAppProperties () returned 0x3
[0208.850] IsAppThemed () returned 0x1
[0208.850] GetThemeAppProperties () returned 0x3
[0208.850] GetThemeAppProperties () returned 0x3
[0208.851] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e835a4 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0208.851] IsAppThemed () returned 0x1
[0208.851] GetThemeAppProperties () returned 0x3
[0208.851] GetThemeAppProperties () returned 0x3
[0208.851] IsAppThemed () returned 0x1
[0208.851] GetThemeAppProperties () returned 0x3
[0208.851] GetThemeAppProperties () returned 0x3
[0208.851] GetFocus () returned 0x602c4
[0208.851] IsAppThemed () returned 0x1
[0208.851] GetThemeAppProperties () returned 0x3
[0208.851] GetThemeAppProperties () returned 0x3
[0208.851] IsAppThemed () returned 0x1
[0208.851] GetThemeAppProperties () returned 0x3
[0208.852] GetThemeAppProperties () returned 0x3
[0208.852] IsThemePartDefined () returned 0x1
[0208.852] IsAppThemed () returned 0x1
[0208.852] GetThemeAppProperties () returned 0x3
[0208.852] GetThemeAppProperties () returned 0x3
[0208.852] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0208.852] IsAppThemed () returned 0x1
[0208.852] GetThemeAppProperties () returned 0x3
[0208.852] GetThemeAppProperties () returned 0x3
[0208.852] IsAppThemed () returned 0x1
[0208.852] GetThemeAppProperties () returned 0x3
[0208.852] GetThemeAppProperties () returned 0x3
[0208.852] IsThemePartDefined () returned 0x1
[0208.852] GdipCreateRegion (region=0xd7e508) returned 0x0
[0208.852] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0208.852] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0208.852] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0208.852] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e520) returned 0x0
[0208.852] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0208.852] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0208.852] LocalFree (hMem=0x11ee9f0) returned 0x0
[0208.853] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0208.853] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0208.853] LocalFree (hMem=0x11ee868) returned 0x0
[0208.853] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0208.853] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0208.853] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0208.853] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0208.853] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0208.853] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0208.853] GetCurrentObject (hdc=0x880106b6, type=0x1) returned 0xb00017
[0208.853] GetCurrentObject (hdc=0x880106b6, type=0x2) returned 0x900010
[0208.853] GetCurrentObject (hdc=0x880106b6, type=0x7) returned 0x4a0507fe
[0208.853] GetCurrentObject (hdc=0x880106b6, type=0x6) returned 0x8a01c2
[0208.853] SaveDC (hdc=0x880106b6) returned 1
[0208.853] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8d040807
[0208.853] GetClipRgn (hdc=0x880106b6, hrgn=0x8d040807) returned 0
[0208.854] SelectClipRgn (hdc=0x880106b6, hrgn=0x170407de) returned 2
[0208.854] DeleteObject (ho=0x8d040807) returned 1
[0208.854] DeleteObject (ho=0x170407de) returned 1
[0208.854] OffsetViewportOrgEx (in: hdc=0x880106b6, x=0, y=0, lppt=0x2e83c54 | out: lppt=0x2e83c54) returned 1
[0208.854] DrawThemeParentBackground () returned 0x0
[0208.854] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0208.854] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0208.854] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.854] GetSystemMetrics (nIndex=42) returned 0
[0208.854] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0208.854] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0208.854] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0208.854] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0208.855] SelectPalette (hdc=0x880106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.855] GdipCreateFromHDC (hdc=0x880106b6, graphics=0xd7dff8) returned 0x0
[0208.855] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0208.855] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0208.855] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cc8) returned 0x0
[0208.855] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dfd0) returned 0x0
[0208.855] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0208.855] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0208.855] GdipGetClip (graphics=0x663e568, region=0x6645f38) returned 0x0
[0208.855] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x663e568, result=0xd7dfc4) returned 0x0
[0208.855] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0208.855] GdipSaveGraphics (graphics=0x663e568, state=0xd7dff0) returned 0x0
[0208.855] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0208.863] GdipFillRectangleI (graphics=0x663e568, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0208.864] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0208.865] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0208.865] SelectPalette (hdc=0x880106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.865] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.865] GetSystemMetrics (nIndex=42) returned 0
[0208.866] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0208.866] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0208.866] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0208.866] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0208.866] SelectPalette (hdc=0x880106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0208.866] GdipCreateFromHDC (hdc=0x880106b6, graphics=0xd7df98) returned 0x0
[0208.866] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0208.866] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0208.866] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638ba8) returned 0x0
[0208.866] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df70) returned 0x0
[0208.866] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0208.866] GdipCreateRegion (region=0xd7df58) returned 0x0
[0208.866] GdipGetClip (graphics=0x663e568, region=0x6645ea8) returned 0x0
[0208.867] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x663e568, result=0xd7df64) returned 0x0
[0208.867] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0208.867] GdipSaveGraphics (graphics=0x663e568, state=0xd7df90) returned 0x0
[0208.867] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0208.879] GdipFillRectangleI (graphics=0x663e568, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0208.879] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0208.881] GdipRestoreGraphics (graphics=0x663e568, state=0xfa4e0dbd) returned 0x0
[0208.881] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0208.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0208.881] GetSystemMetrics (nIndex=42) returned 0
[0208.881] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0208.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0208.882] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0208.882] SelectPalette (hdc=0x880106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.882] RestoreDC (hdc=0x880106b6, nSavedDC=-1) returned 1
[0208.882] GdipReleaseDC (graphics=0x6600030, hdc=0x880106b6) returned 0x0
[0208.882] IsAppThemed () returned 0x1
[0208.882] GetThemeAppProperties () returned 0x3
[0208.882] GetThemeAppProperties () returned 0x3
[0208.882] IsAppThemed () returned 0x1
[0208.882] GetThemeAppProperties () returned 0x3
[0208.882] GetThemeAppProperties () returned 0x3
[0208.882] IsThemePartDefined () returned 0x1
[0208.882] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0208.882] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0208.883] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0208.883] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0208.883] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e4a4) returned 0x0
[0208.883] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.883] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0208.883] LocalFree (hMem=0x11ee788) returned 0x0
[0208.883] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0208.883] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0208.883] LocalFree (hMem=0x11ee9f0) returned 0x0
[0208.883] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0208.883] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0208.883] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0208.883] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0208.883] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0208.883] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0208.883] GetCurrentObject (hdc=0x880106b6, type=0x1) returned 0xb00017
[0208.883] GetCurrentObject (hdc=0x880106b6, type=0x2) returned 0x900010
[0208.884] GetCurrentObject (hdc=0x880106b6, type=0x7) returned 0x4a0507fe
[0208.884] GetCurrentObject (hdc=0x880106b6, type=0x6) returned 0x8a01c2
[0208.884] SaveDC (hdc=0x880106b6) returned 1
[0208.884] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x180407de
[0208.884] GetClipRgn (hdc=0x880106b6, hrgn=0x180407de) returned 0
[0208.884] SelectClipRgn (hdc=0x880106b6, hrgn=0x8f040807) returned 2
[0208.884] DeleteObject (ho=0x180407de) returned 1
[0208.884] DeleteObject (ho=0x8f040807) returned 1
[0208.884] OffsetViewportOrgEx (in: hdc=0x880106b6, x=0, y=0, lppt=0x2e8a4a4 | out: lppt=0x2e8a4a4) returned 1
[0208.884] IsAppThemed () returned 0x1
[0208.884] GetThemeAppProperties () returned 0x3
[0208.884] GetThemeAppProperties () returned 0x3
[0208.884] DrawThemeBackground () returned 0x0
[0208.884] RestoreDC (hdc=0x880106b6, nSavedDC=-1) returned 1
[0208.884] GdipReleaseDC (graphics=0x6600030, hdc=0x880106b6) returned 0x0
[0208.885] GdipCreateRegion (region=0xd7e490) returned 0x0
[0208.885] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0208.885] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0208.885] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0208.885] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e4a8) returned 0x0
[0208.885] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0208.885] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0208.885] LocalFree (hMem=0x11eec58) returned 0x0
[0208.885] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0208.885] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0208.885] LocalFree (hMem=0x11ee788) returned 0x0
[0208.885] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0208.885] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0208.885] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0208.885] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0208.885] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0208.885] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0208.885] GetCurrentObject (hdc=0x880106b6, type=0x1) returned 0xb00017
[0208.886] GetCurrentObject (hdc=0x880106b6, type=0x2) returned 0x900010
[0208.886] GetCurrentObject (hdc=0x880106b6, type=0x7) returned 0x4a0507fe
[0208.886] GetCurrentObject (hdc=0x880106b6, type=0x6) returned 0x8a01c2
[0208.886] SaveDC (hdc=0x880106b6) returned 1
[0208.886] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90040807
[0208.886] GetClipRgn (hdc=0x880106b6, hrgn=0x90040807) returned 0
[0208.886] SelectClipRgn (hdc=0x880106b6, hrgn=0x190407de) returned 2
[0208.886] DeleteObject (ho=0x90040807) returned 1
[0208.886] DeleteObject (ho=0x190407de) returned 1
[0208.886] OffsetViewportOrgEx (in: hdc=0x880106b6, x=0, y=0, lppt=0x2e8a778 | out: lppt=0x2e8a778) returned 1
[0208.886] IsAppThemed () returned 0x1
[0208.886] GetThemeAppProperties () returned 0x3
[0208.886] GetThemeAppProperties () returned 0x3
[0208.886] GetThemeBackgroundContentRect () returned 0x0
[0208.886] RestoreDC (hdc=0x880106b6, nSavedDC=-1) returned 1
[0208.886] GdipReleaseDC (graphics=0x6600030, hdc=0x880106b6) returned 0x0
[0208.887] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0208.887] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0208.887] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0208.887] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0208.887] IsAppThemed () returned 0x1
[0208.887] GetThemeAppProperties () returned 0x3
[0208.887] GetThemeAppProperties () returned 0x3
[0208.887] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0208.887] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0208.887] GetCurrentObject (hdc=0x880106b6, type=0x1) returned 0xb00017
[0208.887] GetCurrentObject (hdc=0x880106b6, type=0x2) returned 0x900010
[0208.887] GetCurrentObject (hdc=0x880106b6, type=0x7) returned 0x4a0507fe
[0208.887] GetCurrentObject (hdc=0x880106b6, type=0x6) returned 0x8a01c2
[0208.887] SaveDC (hdc=0x880106b6) returned 1
[0208.887] GetTextAlign (hdc=0x880106b6) returned 0x0
[0208.892] GetTextColor (hdc=0x880106b6) returned 0x0
[0208.892] GetCurrentObject (hdc=0x880106b6, type=0x6) returned 0x8a01c2
[0208.892] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0208.892] SelectObject (hdc=0x880106b6, h=0x6d0a0520) returned 0x8a01c2
[0208.892] GetBkMode (hdc=0x880106b6) returned 2
[0208.892] SetBkMode (hdc=0x880106b6, mode=1) returned 2
[0208.893] DrawTextExW (in: hdc=0x880106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e8ab3c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0208.893] DrawTextExW (in: hdc=0x880106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e8ab3c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0208.893] RestoreDC (hdc=0x880106b6, nSavedDC=-1) returned 1
[0208.893] GdipReleaseDC (graphics=0x6600030, hdc=0x880106b6) returned 0x0
[0208.893] GetFocus () returned 0x602c4
[0208.894] IsAppThemed () returned 0x1
[0208.894] GetThemeAppProperties () returned 0x3
[0208.894] GetThemeAppProperties () returned 0x3
[0208.894] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0208.894] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x880106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0208.894] GdipReleaseDC (graphics=0x6600030, hdc=0x880106b6) returned 0x0
[0208.894] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0208.894] SelectObject (hdc=0x880106b6, h=0x85000f) returned 0x4a0507fe
[0208.894] DeleteDC (hdc=0x880106b6) returned 1
[0208.894] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0208.894] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0208.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0208.895] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0208.895] WaitMessage () returned 1
[0208.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.896] IsWindowUnicode (hWnd=0x30122) returned 1
[0208.896] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.896] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.896] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.897] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0208.897] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0208.897] WaitMessage () returned 1
[0208.940] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.940] IsWindowUnicode (hWnd=0x7005c) returned 1
[0208.940] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.940] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.940] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.940] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.940] IsWindowUnicode (hWnd=0x7005c) returned 1
[0208.940] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0208.940] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0208.940] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0208.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0255) returned 0x0
[0208.940] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0208.940] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0208.940] WaitMessage () returned 1
[0209.003] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.004] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.004] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.004] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.004] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.005] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.005] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.005] WaitMessage () returned 1
[0209.006] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.006] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.006] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.006] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.006] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.008] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.008] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.008] WaitMessage () returned 1
[0209.009] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.009] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.009] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.009] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.009] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.010] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.011] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.011] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.011] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.011] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.011] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.011] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.011] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.011] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.011] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.011] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.012] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.012] WaitMessage () returned 1
[0209.012] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.012] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.012] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.048] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.048] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.050] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.050] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.050] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.050] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.050] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.050] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.050] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.051] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.051] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.051] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.051] WaitMessage () returned 1
[0209.053] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.053] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.053] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.053] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.053] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.056] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.057] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.057] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.057] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.057] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.058] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.058] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.058] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.058] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.058] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.058] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.058] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.058] WaitMessage () returned 1
[0209.059] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.059] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.059] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.059] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.059] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.062] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.062] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.062] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.062] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.062] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.062] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.062] IsWindowUnicode (hWnd=0x30122) returned 1
[0209.062] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.062] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.062] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.063] IsWindowUnicode (hWnd=0x502c6) returned 1
[0209.063] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0209.063] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0209.063] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0209.064] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.064] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0209.064] WaitMessage () returned 1
[0210.843] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0210.844] IsWindowUnicode (hWnd=0x602c4) returned 1
[0210.844] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.844] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0210.844] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0210.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0210.844] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0210.844] IsWindowUnicode (hWnd=0x602c4) returned 1
[0210.844] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0210.844] SetCursor (hCursor=0x10003) returned 0x10003
[0210.845] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0210.845] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0210.845] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0210.845] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0210.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0210.845] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0210.845] GetKeyState (nVirtKey=1) returned 1
[0210.845] GetKeyState (nVirtKey=2) returned 0
[0210.845] GetKeyState (nVirtKey=4) returned 0
[0210.845] GetKeyState (nVirtKey=5) returned 0
[0210.845] GetKeyState (nVirtKey=6) returned 0
[0210.845] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.845] IsWindowUnicode (hWnd=0x602c4) returned 1
[0210.845] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.845] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0210.845] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0210.845] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0210.846] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0210.846] CreateCompatibleDC (hdc=0x107b9) returned 0xb70107bb
[0210.846] SelectObject (hdc=0xb70107bb, h=0x4a0507fe) returned 0x85000f
[0210.846] GdipCreateFromHDC (hdc=0xb70107bb, graphics=0xd7e798) returned 0x0
[0210.846] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0210.846] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0210.846] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0210.846] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0210.846] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e7f8) returned 0x0
[0210.846] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0210.846] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea98) returned 0x0
[0210.847] LocalFree (hMem=0x11eea98) returned 0x0
[0210.847] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0210.847] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0210.847] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0210.847] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0210.847] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0210.847] GdipRestoreGraphics (graphics=0x6600030, state=0xfa4c0dbd) returned 0x0
[0210.847] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0210.847] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0210.847] GetCurrentObject (hdc=0xb70107bb, type=0x1) returned 0xb00017
[0210.847] GetCurrentObject (hdc=0xb70107bb, type=0x2) returned 0x900010
[0210.847] GetCurrentObject (hdc=0xb70107bb, type=0x7) returned 0x4a0507fe
[0210.847] GetCurrentObject (hdc=0xb70107bb, type=0x6) returned 0x8a01c2
[0210.847] SaveDC (hdc=0xb70107bb) returned 1
[0210.847] GetNearestColor (hdc=0xb70107bb, color=0xff) returned 0xff
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0x55) returned 0x55
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0x0) returned 0x0
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0x55) returned 0x55
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0x0) returned 0x0
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0x8080ff) returned 0x8080ff
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0x7373e5) returned 0x7373e5
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0xe5) returned 0xe5
[0210.848] GetNearestColor (hdc=0xb70107bb, color=0x0) returned 0x0
[0210.848] RestoreDC (hdc=0xb70107bb, nSavedDC=-1) returned 1
[0210.848] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0210.848] IsAppThemed () returned 0x1
[0210.848] GetThemeAppProperties () returned 0x3
[0210.848] GetThemeAppProperties () returned 0x3
[0210.848] IsAppThemed () returned 0x1
[0210.848] GetThemeAppProperties () returned 0x3
[0210.848] GetThemeAppProperties () returned 0x3
[0210.849] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e8b488 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0210.849] IsAppThemed () returned 0x1
[0210.849] GetThemeAppProperties () returned 0x3
[0210.849] GetThemeAppProperties () returned 0x3
[0210.849] IsAppThemed () returned 0x1
[0210.849] GetThemeAppProperties () returned 0x3
[0210.849] GetThemeAppProperties () returned 0x3
[0210.849] IsAppThemed () returned 0x1
[0210.849] GetThemeAppProperties () returned 0x3
[0210.849] GetThemeAppProperties () returned 0x3
[0210.849] IsAppThemed () returned 0x1
[0210.849] GetThemeAppProperties () returned 0x3
[0210.849] GetThemeAppProperties () returned 0x3
[0210.850] IsThemePartDefined () returned 0x1
[0210.850] IsAppThemed () returned 0x1
[0210.850] GetThemeAppProperties () returned 0x3
[0210.850] GetThemeAppProperties () returned 0x3
[0210.850] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0210.850] IsAppThemed () returned 0x1
[0210.850] GetThemeAppProperties () returned 0x3
[0210.850] GetThemeAppProperties () returned 0x3
[0210.850] IsAppThemed () returned 0x1
[0210.850] GetThemeAppProperties () returned 0x3
[0210.850] GetThemeAppProperties () returned 0x3
[0210.850] IsThemePartDefined () returned 0x1
[0210.850] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0210.850] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0210.850] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0210.850] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0210.850] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e514) returned 0x0
[0210.850] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0210.850] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0210.850] LocalFree (hMem=0x11ee9f0) returned 0x0
[0210.850] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0210.851] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea60) returned 0x0
[0210.851] LocalFree (hMem=0x11eea60) returned 0x0
[0210.851] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0210.851] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0210.851] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0210.851] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0210.851] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0210.851] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0210.851] GetCurrentObject (hdc=0xb70107bb, type=0x1) returned 0xb00017
[0210.851] GetCurrentObject (hdc=0xb70107bb, type=0x2) returned 0x900010
[0210.851] GetCurrentObject (hdc=0xb70107bb, type=0x7) returned 0x4a0507fe
[0210.851] GetCurrentObject (hdc=0xb70107bb, type=0x6) returned 0x8a01c2
[0210.851] SaveDC (hdc=0xb70107bb) returned 1
[0210.851] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a0407de
[0210.851] GetClipRgn (hdc=0xb70107bb, hrgn=0x1a0407de) returned 0
[0210.852] SelectClipRgn (hdc=0xb70107bb, hrgn=0x94040807) returned 2
[0210.852] DeleteObject (ho=0x1a0407de) returned 1
[0210.852] DeleteObject (ho=0x94040807) returned 1
[0210.852] OffsetViewportOrgEx (in: hdc=0xb70107bb, x=0, y=0, lppt=0x2e8bb38 | out: lppt=0x2e8bb38) returned 1
[0210.852] DrawThemeParentBackground () returned 0x0
[0210.852] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0210.852] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0210.852] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0210.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0210.852] GetSystemMetrics (nIndex=42) returned 0
[0210.852] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0210.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0210.852] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0210.852] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0210.852] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0210.853] SelectPalette (hdc=0xb70107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0210.853] GdipCreateFromHDC (hdc=0xb70107bb, graphics=0xd7dff0) returned 0x0
[0210.853] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0210.853] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0210.853] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638d88) returned 0x0
[0210.853] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfc8) returned 0x0
[0210.853] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0210.853] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0210.853] GdipGetClip (graphics=0x663e568, region=0x6646058) returned 0x0
[0210.853] GdipIsInfiniteRegion (region=0x6646058, graphics=0x663e568, result=0xd7dfbc) returned 0x0
[0210.853] GdipDeleteRegion (region=0x6646058) returned 0x0
[0210.853] GdipSaveGraphics (graphics=0x663e568, state=0xd7dfe8) returned 0x0
[0210.853] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0210.860] GdipFillRectangleI (graphics=0x663e568, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0210.860] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0210.861] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0210.862] SelectPalette (hdc=0xb70107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0210.862] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0210.862] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0210.862] GetSystemMetrics (nIndex=42) returned 0
[0210.862] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0210.862] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0210.862] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0210.862] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0210.862] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0210.862] SelectPalette (hdc=0xb70107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0210.862] GdipCreateFromHDC (hdc=0xb70107bb, graphics=0xd7df90) returned 0x0
[0210.862] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0210.863] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0210.863] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a88) returned 0x0
[0210.863] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df68) returned 0x0
[0210.863] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0210.863] GdipCreateRegion (region=0xd7df50) returned 0x0
[0210.863] GdipGetClip (graphics=0x663e568, region=0x6645ea8) returned 0x0
[0210.863] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x663e568, result=0xd7df5c) returned 0x0
[0210.863] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0210.863] GdipSaveGraphics (graphics=0x663e568, state=0xd7df88) returned 0x0
[0210.863] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0210.869] GdipFillRectangleI (graphics=0x663e568, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0210.869] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0210.871] GdipRestoreGraphics (graphics=0x663e568, state=0xfa480dbd) returned 0x0
[0210.871] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0210.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0210.871] GetSystemMetrics (nIndex=42) returned 0
[0210.871] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0210.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0210.871] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0210.871] SelectPalette (hdc=0xb70107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0210.871] RestoreDC (hdc=0xb70107bb, nSavedDC=-1) returned 1
[0210.871] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0210.871] IsAppThemed () returned 0x1
[0210.872] GetThemeAppProperties () returned 0x3
[0210.872] GetThemeAppProperties () returned 0x3
[0210.872] IsAppThemed () returned 0x1
[0210.872] GetThemeAppProperties () returned 0x3
[0210.872] GetThemeAppProperties () returned 0x3
[0210.872] IsThemePartDefined () returned 0x1
[0210.872] GdipCreateRegion (region=0xd7e480) returned 0x0
[0210.872] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0210.872] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0210.872] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0210.872] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e498) returned 0x0
[0210.872] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0210.872] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0210.872] LocalFree (hMem=0x11eed00) returned 0x0
[0210.872] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0210.872] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0210.872] LocalFree (hMem=0x11ee788) returned 0x0
[0210.872] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0210.873] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0210.873] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0210.873] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0210.873] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0210.873] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0210.873] GetCurrentObject (hdc=0xb70107bb, type=0x1) returned 0xb00017
[0210.873] GetCurrentObject (hdc=0xb70107bb, type=0x2) returned 0x900010
[0210.873] GetCurrentObject (hdc=0xb70107bb, type=0x7) returned 0x4a0507fe
[0210.873] GetCurrentObject (hdc=0xb70107bb, type=0x6) returned 0x8a01c2
[0210.873] SaveDC (hdc=0xb70107bb) returned 1
[0210.873] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x95040807
[0210.873] GetClipRgn (hdc=0xb70107bb, hrgn=0x95040807) returned 0
[0210.873] SelectClipRgn (hdc=0xb70107bb, hrgn=0x1c0407de) returned 2
[0210.873] DeleteObject (ho=0x95040807) returned 1
[0210.873] DeleteObject (ho=0x1c0407de) returned 1
[0210.873] OffsetViewportOrgEx (in: hdc=0xb70107bb, x=0, y=0, lppt=0x2e92388 | out: lppt=0x2e92388) returned 1
[0210.873] IsAppThemed () returned 0x1
[0210.874] GetThemeAppProperties () returned 0x3
[0210.874] GetThemeAppProperties () returned 0x3
[0210.874] DrawThemeBackground () returned 0x0
[0210.874] RestoreDC (hdc=0xb70107bb, nSavedDC=-1) returned 1
[0210.874] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0210.874] GdipCreateRegion (region=0xd7e484) returned 0x0
[0210.874] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0210.874] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0210.874] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0210.874] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e49c) returned 0x0
[0210.874] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0210.874] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0210.874] LocalFree (hMem=0x11eecc8) returned 0x0
[0210.874] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0210.874] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0210.874] LocalFree (hMem=0x11eec58) returned 0x0
[0210.874] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0210.875] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0210.875] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0210.875] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0210.875] GdipDeleteRegion (region=0x6646178) returned 0x0
[0210.875] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0210.875] GetCurrentObject (hdc=0xb70107bb, type=0x1) returned 0xb00017
[0210.875] GetCurrentObject (hdc=0xb70107bb, type=0x2) returned 0x900010
[0210.875] GetCurrentObject (hdc=0xb70107bb, type=0x7) returned 0x4a0507fe
[0210.875] GetCurrentObject (hdc=0xb70107bb, type=0x6) returned 0x8a01c2
[0210.875] SaveDC (hdc=0xb70107bb) returned 1
[0210.875] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1d0407de
[0210.875] GetClipRgn (hdc=0xb70107bb, hrgn=0x1d0407de) returned 0
[0210.875] SelectClipRgn (hdc=0xb70107bb, hrgn=0x96040807) returned 2
[0210.875] DeleteObject (ho=0x1d0407de) returned 1
[0210.875] DeleteObject (ho=0x96040807) returned 1
[0210.875] OffsetViewportOrgEx (in: hdc=0xb70107bb, x=0, y=0, lppt=0x2e9265c | out: lppt=0x2e9265c) returned 1
[0210.875] IsAppThemed () returned 0x1
[0210.876] GetThemeAppProperties () returned 0x3
[0210.876] GetThemeAppProperties () returned 0x3
[0210.876] GetThemeBackgroundContentRect () returned 0x0
[0210.876] RestoreDC (hdc=0xb70107bb, nSavedDC=-1) returned 1
[0210.876] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0210.876] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0210.876] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0210.876] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0210.876] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0210.876] IsAppThemed () returned 0x1
[0210.876] GetThemeAppProperties () returned 0x3
[0210.876] GetThemeAppProperties () returned 0x3
[0210.876] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0210.876] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0210.876] GetCurrentObject (hdc=0xb70107bb, type=0x1) returned 0xb00017
[0210.876] GetCurrentObject (hdc=0xb70107bb, type=0x2) returned 0x900010
[0210.876] GetCurrentObject (hdc=0xb70107bb, type=0x7) returned 0x4a0507fe
[0210.876] GetCurrentObject (hdc=0xb70107bb, type=0x6) returned 0x8a01c2
[0210.877] SaveDC (hdc=0xb70107bb) returned 1
[0210.877] GetTextAlign (hdc=0xb70107bb) returned 0x0
[0210.877] GetTextColor (hdc=0xb70107bb) returned 0x0
[0210.877] GetCurrentObject (hdc=0xb70107bb, type=0x6) returned 0x8a01c2
[0210.877] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0210.877] SelectObject (hdc=0xb70107bb, h=0x6d0a0520) returned 0x8a01c2
[0210.877] GetBkMode (hdc=0xb70107bb) returned 2
[0210.877] SetBkMode (hdc=0xb70107bb, mode=1) returned 2
[0210.877] DrawTextExW (in: hdc=0xb70107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e92a20 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0210.877] DrawTextExW (in: hdc=0xb70107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e92a20 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0210.878] RestoreDC (hdc=0xb70107bb, nSavedDC=-1) returned 1
[0210.878] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0210.878] GetFocus () returned 0x602c4
[0210.878] IsAppThemed () returned 0x1
[0210.878] GetThemeAppProperties () returned 0x3
[0210.878] GetThemeAppProperties () returned 0x3
[0210.878] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0210.878] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xb70107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0210.879] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0210.879] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0210.879] SelectObject (hdc=0xb70107bb, h=0x85000f) returned 0x4a0507fe
[0210.879] DeleteDC (hdc=0xb70107bb) returned 1
[0210.879] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0210.879] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0210.879] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0210.879] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0210.879] WaitMessage () returned 1
[0210.952] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.952] IsWindowUnicode (hWnd=0x602c4) returned 1
[0210.953] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.953] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0210.953] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0210.953] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.953] IsWindowUnicode (hWnd=0x602c4) returned 1
[0210.953] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0210.953] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0210.953] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0210.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xa0026) returned 0x0
[0210.953] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0210.953] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0210.953] WaitMessage () returned 1
[0211.125] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.125] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0211.125] IsWindowUnicode (hWnd=0x602c4) returned 1
[0211.125] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.125] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0211.125] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0211.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19c0043) returned 0x0
[0211.126] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0211.126] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0211.126] SetCursor (hCursor=0x10003) returned 0x10003
[0211.126] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.126] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.126] GetKeyState (nVirtKey=1) returned -128
[0211.126] GetKeyState (nVirtKey=2) returned 0
[0211.126] GetKeyState (nVirtKey=4) returned 0
[0211.126] GetKeyState (nVirtKey=5) returned 0
[0211.126] GetKeyState (nVirtKey=6) returned 0
[0211.126] IsWindowVisible (hWnd=0x602c4) returned 1
[0211.126] IsWindowEnabled (hWnd=0x602c4) returned 1
[0211.126] SetFocus (hWnd=0x602c4) returned 0x602c4
[0211.126] GetFocus () returned 0x602c4
[0211.126] GetFocus () returned 0x602c4
[0211.127] GetFocus () returned 0x602c4
[0211.127] GetKeyState (nVirtKey=1) returned -128
[0211.127] GetKeyState (nVirtKey=2) returned 0
[0211.127] GetKeyState (nVirtKey=4) returned 0
[0211.127] GetKeyState (nVirtKey=5) returned 0
[0211.127] GetKeyState (nVirtKey=6) returned 0
[0211.127] GetCapture () returned 0x0
[0211.127] SetCapture (hWnd=0x602c4) returned 0x0
[0211.127] GetKeyState (nVirtKey=1) returned -128
[0211.127] GetKeyState (nVirtKey=2) returned 0
[0211.127] GetKeyState (nVirtKey=4) returned 0
[0211.127] GetKeyState (nVirtKey=5) returned 0
[0211.127] GetKeyState (nVirtKey=6) returned 0
[0211.127] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0211.127] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0211.127] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.127] IsWindowUnicode (hWnd=0x602c4) returned 1
[0211.127] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.128] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.128] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.128] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e92ba4, cPoints=0x1 | out: lpPoints=0x2e92ba4) returned 40304859
[0211.128] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0211.128] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0211.128] UpdateWindow (hWnd=0x602c4) returned 1
[0211.128] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0211.128] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.128] CreateCompatibleDC (hdc=0x107b9) returned 0xb80107bb
[0211.128] SelectObject (hdc=0xb80107bb, h=0x4a0507fe) returned 0x85000f
[0211.128] GdipCreateFromHDC (hdc=0xb80107bb, graphics=0xd7e430) returned 0x0
[0211.129] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.129] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0211.129] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0211.129] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0211.129] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e490) returned 0x0
[0211.129] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0211.129] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0211.129] LocalFree (hMem=0x11ee788) returned 0x0
[0211.129] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0211.129] GdipCreateRegion (region=0xd7e478) returned 0x0
[0211.129] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0211.129] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0211.129] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0211.129] GdipRestoreGraphics (graphics=0x6600030, state=0xfa460dbd) returned 0x0
[0211.129] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0211.129] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0211.130] GetCurrentObject (hdc=0xb80107bb, type=0x1) returned 0xb00017
[0211.130] GetCurrentObject (hdc=0xb80107bb, type=0x2) returned 0x900010
[0211.130] GetCurrentObject (hdc=0xb80107bb, type=0x7) returned 0x4a0507fe
[0211.130] GetCurrentObject (hdc=0xb80107bb, type=0x6) returned 0x8a01c2
[0211.130] SaveDC (hdc=0xb80107bb) returned 1
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0xff) returned 0xff
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0x55) returned 0x55
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0x0) returned 0x0
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0x55) returned 0x55
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0x0) returned 0x0
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0x8080ff) returned 0x8080ff
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0x7373e5) returned 0x7373e5
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0xe5) returned 0xe5
[0211.130] GetNearestColor (hdc=0xb80107bb, color=0x0) returned 0x0
[0211.131] RestoreDC (hdc=0xb80107bb, nSavedDC=-1) returned 1
[0211.131] GdipReleaseDC (graphics=0x6600030, hdc=0xb80107bb) returned 0x0
[0211.131] IsAppThemed () returned 0x1
[0211.131] GetThemeAppProperties () returned 0x3
[0211.131] GetThemeAppProperties () returned 0x3
[0211.131] IsAppThemed () returned 0x1
[0211.131] GetThemeAppProperties () returned 0x3
[0211.131] GetThemeAppProperties () returned 0x3
[0211.131] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e932c0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0211.132] IsAppThemed () returned 0x1
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] IsAppThemed () returned 0x1
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] IsAppThemed () returned 0x1
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] IsAppThemed () returned 0x1
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] IsThemePartDefined () returned 0x1
[0211.132] IsAppThemed () returned 0x1
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] GetThemeAppProperties () returned 0x3
[0211.132] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.132] IsAppThemed () returned 0x1
[0211.133] GetThemeAppProperties () returned 0x3
[0211.133] GetThemeAppProperties () returned 0x3
[0211.133] IsAppThemed () returned 0x1
[0211.133] GetThemeAppProperties () returned 0x3
[0211.133] GetThemeAppProperties () returned 0x3
[0211.133] IsThemePartDefined () returned 0x1
[0211.133] GdipCreateRegion (region=0xd7e194) returned 0x0
[0211.133] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0211.133] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0211.133] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0211.133] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e1ac) returned 0x0
[0211.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0211.133] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea98) returned 0x0
[0211.133] LocalFree (hMem=0x11eea98) returned 0x0
[0211.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.133] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0211.133] LocalFree (hMem=0x11ee868) returned 0x0
[0211.133] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0211.133] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0211.134] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0211.134] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0211.134] GdipDeleteRegion (region=0x6645098) returned 0x0
[0211.134] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0211.134] GetCurrentObject (hdc=0xb80107bb, type=0x1) returned 0xb00017
[0211.134] GetCurrentObject (hdc=0xb80107bb, type=0x2) returned 0x900010
[0211.134] GetCurrentObject (hdc=0xb80107bb, type=0x7) returned 0x4a0507fe
[0211.134] GetCurrentObject (hdc=0xb80107bb, type=0x6) returned 0x8a01c2
[0211.134] SaveDC (hdc=0xb80107bb) returned 1
[0211.134] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x97040807
[0211.134] GetClipRgn (hdc=0xb80107bb, hrgn=0x97040807) returned 0
[0211.134] SelectClipRgn (hdc=0xb80107bb, hrgn=0x210407de) returned 2
[0211.134] DeleteObject (ho=0x97040807) returned 1
[0211.134] DeleteObject (ho=0x210407de) returned 1
[0211.134] OffsetViewportOrgEx (in: hdc=0xb80107bb, x=0, y=0, lppt=0x2e93970 | out: lppt=0x2e93970) returned 1
[0211.135] DrawThemeParentBackground () returned 0x0
[0211.135] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0211.135] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0211.135] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.135] GetSystemMetrics (nIndex=42) returned 0
[0211.135] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0211.135] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0211.135] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0211.135] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0211.135] SelectPalette (hdc=0xb80107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.135] GdipCreateFromHDC (hdc=0xb80107bb, graphics=0xd7dc88) returned 0x0
[0211.136] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0211.136] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0211.136] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638d58) returned 0x0
[0211.136] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc60) returned 0x0
[0211.136] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0211.136] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0211.136] GdipGetClip (graphics=0x663e568, region=0x6645368) returned 0x0
[0211.136] GdipIsInfiniteRegion (region=0x6645368, graphics=0x663e568, result=0xd7dc54) returned 0x0
[0211.136] GdipDeleteRegion (region=0x6645368) returned 0x0
[0211.136] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc80) returned 0x0
[0211.136] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0211.143] GdipFillRectangleI (graphics=0x663e568, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0211.143] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0211.145] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0211.145] SelectPalette (hdc=0xb80107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.145] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.145] GetSystemMetrics (nIndex=42) returned 0
[0211.145] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0211.145] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0211.145] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0211.145] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0211.146] SelectPalette (hdc=0xb80107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.146] GdipCreateFromHDC (hdc=0xb80107bb, graphics=0xd7dc28) returned 0x0
[0211.146] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0211.146] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0211.146] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cf8) returned 0x0
[0211.146] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0211.146] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0211.146] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0211.146] GdipGetClip (graphics=0x663e568, region=0x6645128) returned 0x0
[0211.146] GdipIsInfiniteRegion (region=0x6645128, graphics=0x663e568, result=0xd7dbf4) returned 0x0
[0211.146] GdipDeleteRegion (region=0x6645128) returned 0x0
[0211.146] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc20) returned 0x0
[0211.146] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0211.152] GdipFillRectangleI (graphics=0x663e568, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0211.153] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0211.154] GdipRestoreGraphics (graphics=0x663e568, state=0xfa420dbd) returned 0x0
[0211.154] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.155] GetSystemMetrics (nIndex=42) returned 0
[0211.155] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0211.155] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0211.155] SelectPalette (hdc=0xb80107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.155] RestoreDC (hdc=0xb80107bb, nSavedDC=-1) returned 1
[0211.155] GdipReleaseDC (graphics=0x6600030, hdc=0xb80107bb) returned 0x0
[0211.155] IsAppThemed () returned 0x1
[0211.155] GetThemeAppProperties () returned 0x3
[0211.155] GetThemeAppProperties () returned 0x3
[0211.155] IsAppThemed () returned 0x1
[0211.156] GetThemeAppProperties () returned 0x3
[0211.156] GetThemeAppProperties () returned 0x3
[0211.156] IsThemePartDefined () returned 0x1
[0211.156] GdipCreateRegion (region=0xd7e118) returned 0x0
[0211.156] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0211.156] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0211.156] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0211.156] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e130) returned 0x0
[0211.156] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0211.156] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea28) returned 0x0
[0211.156] LocalFree (hMem=0x11eea28) returned 0x0
[0211.156] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0211.156] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0211.156] LocalFree (hMem=0x11eecc8) returned 0x0
[0211.156] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0211.156] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0211.156] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0211.156] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0211.157] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0211.157] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0211.157] GetCurrentObject (hdc=0xb80107bb, type=0x1) returned 0xb00017
[0211.157] GetCurrentObject (hdc=0xb80107bb, type=0x2) returned 0x900010
[0211.157] GetCurrentObject (hdc=0xb80107bb, type=0x7) returned 0x4a0507fe
[0211.157] GetCurrentObject (hdc=0xb80107bb, type=0x6) returned 0x8a01c2
[0211.157] SaveDC (hdc=0xb80107bb) returned 1
[0211.157] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x220407de
[0211.157] GetClipRgn (hdc=0xb80107bb, hrgn=0x220407de) returned 0
[0211.157] SelectClipRgn (hdc=0xb80107bb, hrgn=0x99040807) returned 2
[0211.157] DeleteObject (ho=0x220407de) returned 1
[0211.157] DeleteObject (ho=0x99040807) returned 1
[0211.157] OffsetViewportOrgEx (in: hdc=0xb80107bb, x=0, y=0, lppt=0x2e9a1c0 | out: lppt=0x2e9a1c0) returned 1
[0211.157] IsAppThemed () returned 0x1
[0211.158] GetThemeAppProperties () returned 0x3
[0211.158] GetThemeAppProperties () returned 0x3
[0211.158] DrawThemeBackground () returned 0x0
[0211.158] RestoreDC (hdc=0xb80107bb, nSavedDC=-1) returned 1
[0211.158] GdipReleaseDC (graphics=0x6600030, hdc=0xb80107bb) returned 0x0
[0211.158] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0211.158] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0211.158] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0211.158] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0211.158] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e134) returned 0x0
[0211.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.158] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0211.158] LocalFree (hMem=0x11eec58) returned 0x0
[0211.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0211.158] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0211.158] LocalFree (hMem=0x11eecc8) returned 0x0
[0211.158] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0211.159] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0211.159] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0211.159] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0211.159] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0211.159] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0211.159] GetCurrentObject (hdc=0xb80107bb, type=0x1) returned 0xb00017
[0211.159] GetCurrentObject (hdc=0xb80107bb, type=0x2) returned 0x900010
[0211.159] GetCurrentObject (hdc=0xb80107bb, type=0x7) returned 0x4a0507fe
[0211.159] GetCurrentObject (hdc=0xb80107bb, type=0x6) returned 0x8a01c2
[0211.159] SaveDC (hdc=0xb80107bb) returned 1
[0211.159] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a040807
[0211.159] GetClipRgn (hdc=0xb80107bb, hrgn=0x9a040807) returned 0
[0211.159] SelectClipRgn (hdc=0xb80107bb, hrgn=0x230407de) returned 2
[0211.159] DeleteObject (ho=0x9a040807) returned 1
[0211.159] DeleteObject (ho=0x230407de) returned 1
[0211.159] OffsetViewportOrgEx (in: hdc=0xb80107bb, x=0, y=0, lppt=0x2e9a494 | out: lppt=0x2e9a494) returned 1
[0211.160] IsAppThemed () returned 0x1
[0211.160] GetThemeAppProperties () returned 0x3
[0211.160] GetThemeAppProperties () returned 0x3
[0211.160] GetThemeBackgroundContentRect () returned 0x0
[0211.160] RestoreDC (hdc=0xb80107bb, nSavedDC=-1) returned 1
[0211.160] GdipReleaseDC (graphics=0x6600030, hdc=0xb80107bb) returned 0x0
[0211.160] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0211.160] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0211.160] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0211.160] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0211.160] IsAppThemed () returned 0x1
[0211.160] GetThemeAppProperties () returned 0x3
[0211.160] GetThemeAppProperties () returned 0x3
[0211.160] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0211.160] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0211.160] GetCurrentObject (hdc=0xb80107bb, type=0x1) returned 0xb00017
[0211.160] GetCurrentObject (hdc=0xb80107bb, type=0x2) returned 0x900010
[0211.160] GetCurrentObject (hdc=0xb80107bb, type=0x7) returned 0x4a0507fe
[0211.161] GetCurrentObject (hdc=0xb80107bb, type=0x6) returned 0x8a01c2
[0211.161] SaveDC (hdc=0xb80107bb) returned 1
[0211.161] GetTextAlign (hdc=0xb80107bb) returned 0x0
[0211.161] GetTextColor (hdc=0xb80107bb) returned 0x0
[0211.161] GetCurrentObject (hdc=0xb80107bb, type=0x6) returned 0x8a01c2
[0211.161] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0211.161] SelectObject (hdc=0xb80107bb, h=0x6d0a0520) returned 0x8a01c2
[0211.161] GetBkMode (hdc=0xb80107bb) returned 2
[0211.161] SetBkMode (hdc=0xb80107bb, mode=1) returned 2
[0211.161] DrawTextExW (in: hdc=0xb80107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e9a858 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0211.162] DrawTextExW (in: hdc=0xb80107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e9a858 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0211.163] RestoreDC (hdc=0xb80107bb, nSavedDC=-1) returned 1
[0211.163] GdipReleaseDC (graphics=0x6600030, hdc=0xb80107bb) returned 0x0
[0211.163] GetFocus () returned 0x602c4
[0211.163] IsAppThemed () returned 0x1
[0211.163] GetThemeAppProperties () returned 0x3
[0211.163] GetThemeAppProperties () returned 0x3
[0211.163] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0211.163] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xb80107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.164] GdipReleaseDC (graphics=0x6600030, hdc=0xb80107bb) returned 0x0
[0211.164] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.164] SelectObject (hdc=0xb80107bb, h=0x85000f) returned 0x4a0507fe
[0211.164] DeleteDC (hdc=0xb80107bb) returned 1
[0211.164] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.164] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0211.165] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e9a954, cPoints=0x1 | out: lpPoints=0x2e9a954) returned 40304859
[0211.165] WindowFromPoint (Point=0x101) returned 0x602c4
[0211.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0211.165] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0211.165] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0211.165] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0211.165] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0211.165] GetSystemMetrics (nIndex=42) returned 0
[0211.165] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0211.165] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0211.167] GetCapture () returned 0x602c4
[0211.167] ReleaseCapture () returned 1
[0211.167] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0211.167] GetProcessWindowStation () returned 0x13c
[0211.168] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.168] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0211.169] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.169] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0211.170] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.170] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0211.170] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.170] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0211.170] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.171] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0211.171] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.171] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0211.171] GetDC (hWnd=0x0) returned 0x10105d6
[0211.171] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0211.172] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0211.172] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.172] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0211.172] GetSystemMetrics (nIndex=5) returned 1
[0211.172] GetSystemMetrics (nIndex=6) returned 1
[0211.172] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.172] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0211.173] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.173] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0211.176] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0211.176] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0211.176] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.176] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0211.177] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.177] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0211.178] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2ea0370 | out: lpData=0x2ea0370) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea0780, puLen=0xd7e810) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea0428, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea047c, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea04fc, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea0564, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea05a4, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea062c, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea0668, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea06c0, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea06f0, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea072c, puLen=0xd7e790) returned 1
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea0780, puLen=0xd7e784) returned 1
[0211.179] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.179] VerQueryValueW (in: pBlock=0x2ea0370, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea0398, puLen=0xd7e794) returned 1
[0211.180] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0211.180] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0211.180] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.180] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0211.180] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.181] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0211.181] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2ea22e0 | out: lpData=0x2ea22e0) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea237c, puLen=0xd7e810) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea23f4, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea2424, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea2460, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea2490, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea24d8, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea2550, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea2594, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea25d4, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea23d2, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea2520, puLen=0xd7e790) returned 1
[0211.181] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.182] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.182] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea237c, puLen=0xd7e784) returned 1
[0211.182] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0211.182] VerQueryValueW (in: pBlock=0x2ea22e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea2308, puLen=0xd7e794) returned 1
[0211.183] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0211.183] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0211.183] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.183] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0211.183] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.183] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0211.184] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2ea45b8 | out: lpData=0x2ea45b8) returned 1
[0211.184] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea49cc, puLen=0xd7e810) returned 1
[0211.185] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea4670, puLen=0xd7e790) returned 1
[0211.185] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea46c4, puLen=0xd7e790) returned 1
[0211.185] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea4720, puLen=0xd7e790) returned 1
[0211.185] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea4780, puLen=0xd7e790) returned 1
[0211.185] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea47d8, puLen=0xd7e790) returned 1
[0211.185] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea4860, puLen=0xd7e790) returned 1
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea48b4, puLen=0xd7e790) returned 1
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea490c, puLen=0xd7e790) returned 1
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea493c, puLen=0xd7e790) returned 1
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea4978, puLen=0xd7e790) returned 1
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea49cc, puLen=0xd7e784) returned 1
[0211.186] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.186] VerQueryValueW (in: pBlock=0x2ea45b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea45e0, puLen=0xd7e794) returned 1
[0211.187] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0211.187] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0211.187] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.187] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0211.187] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.187] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0211.188] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2ea6bf0 | out: lpData=0x2ea6bf0) returned 1
[0211.189] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea6ff0, puLen=0xd7e810) returned 1
[0211.189] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6ca8, puLen=0xd7e790) returned 1
[0211.189] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6cfc, puLen=0xd7e790) returned 1
[0211.189] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6d3c, puLen=0xd7e790) returned 1
[0211.189] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6da4, puLen=0xd7e790) returned 1
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6dfc, puLen=0xd7e790) returned 1
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6e84, puLen=0xd7e790) returned 1
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6ed8, puLen=0xd7e790) returned 1
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6f30, puLen=0xd7e790) returned 1
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6f60, puLen=0xd7e790) returned 1
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea6f9c, puLen=0xd7e790) returned 1
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea6ff0, puLen=0xd7e784) returned 1
[0211.190] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.190] VerQueryValueW (in: pBlock=0x2ea6bf0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea6c18, puLen=0xd7e794) returned 1
[0211.191] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0211.191] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0211.191] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.191] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0211.191] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.191] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0211.192] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2ea932c | out: lpData=0x2ea932c) returned 1
[0211.193] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea96f4, puLen=0xd7e810) returned 1
[0211.193] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea93e4, puLen=0xd7e790) returned 1
[0211.193] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9438, puLen=0xd7e790) returned 1
[0211.193] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9478, puLen=0xd7e790) returned 1
[0211.193] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea94e0, puLen=0xd7e790) returned 1
[0211.193] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea951c, puLen=0xd7e790) returned 1
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea95a4, puLen=0xd7e790) returned 1
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea95dc, puLen=0xd7e790) returned 1
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9634, puLen=0xd7e790) returned 1
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9664, puLen=0xd7e790) returned 1
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea96a0, puLen=0xd7e790) returned 1
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea96f4, puLen=0xd7e784) returned 1
[0211.194] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.194] VerQueryValueW (in: pBlock=0x2ea932c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea9354, puLen=0xd7e794) returned 1
[0211.195] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0211.195] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0211.195] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.195] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0211.195] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.195] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0211.196] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2eac994 | out: lpData=0x2eac994) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eacd74, puLen=0xd7e810) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaca4c, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacaa0, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacae0, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacb40, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacb8c, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacc14, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacc5c, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaccb4, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacce4, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eacd20, puLen=0xd7e790) returned 1
[0211.197] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.198] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eacd74, puLen=0xd7e784) returned 1
[0211.198] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.198] VerQueryValueW (in: pBlock=0x2eac994, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eac9bc, puLen=0xd7e794) returned 1
[0211.199] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0211.199] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0211.199] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.199] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0211.199] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.199] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0211.200] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2eaf1b4 | out: lpData=0x2eaf1b4) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eaf5c0, puLen=0xd7e810) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf26c, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf2c0, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf314, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf374, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf3cc, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf454, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf4a8, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf500, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf530, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf56c, puLen=0xd7e790) returned 1
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eaf5c0, puLen=0xd7e784) returned 1
[0211.203] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.203] VerQueryValueW (in: pBlock=0x2eaf1b4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eaf1dc, puLen=0xd7e794) returned 1
[0211.204] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0211.204] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0211.204] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.204] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0211.205] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.205] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0211.206] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2eb19c8 | out: lpData=0x2eb19c8) returned 1
[0211.206] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eb1da0, puLen=0xd7e810) returned 1
[0211.206] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1a80, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1ad4, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1b14, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1b7c, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1bc0, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1c48, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1c88, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1ce0, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1d10, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb1d4c, puLen=0xd7e790) returned 1
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eb1da0, puLen=0xd7e784) returned 1
[0211.207] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.207] VerQueryValueW (in: pBlock=0x2eb19c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eb19f0, puLen=0xd7e794) returned 1
[0211.208] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0211.208] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0211.208] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.208] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0211.208] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.208] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0211.209] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2eb3f20 | out: lpData=0x2eb3f20) returned 1
[0211.210] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eb42f8, puLen=0xd7e810) returned 1
[0211.210] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb3fd8, puLen=0xd7e790) returned 1
[0211.210] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb402c, puLen=0xd7e790) returned 1
[0211.211] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb406c, puLen=0xd7e790) returned 1
[0211.217] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb40d4, puLen=0xd7e790) returned 1
[0211.217] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4118, puLen=0xd7e790) returned 1
[0211.217] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb41a0, puLen=0xd7e790) returned 1
[0211.217] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb41e0, puLen=0xd7e790) returned 1
[0211.217] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4238, puLen=0xd7e790) returned 1
[0211.218] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4268, puLen=0xd7e790) returned 1
[0211.218] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.218] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb42a4, puLen=0xd7e790) returned 1
[0211.218] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.218] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eb42f8, puLen=0xd7e784) returned 1
[0211.218] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.218] VerQueryValueW (in: pBlock=0x2eb3f20, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eb3f48, puLen=0xd7e794) returned 1
[0211.219] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0211.219] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0211.219] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0211.219] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0211.219] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0211.219] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0211.220] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2ce908c | out: lpData=0x2ce908c) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ce94bc, puLen=0xd7e810) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce9144, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce9198, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce9208, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce9268, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce92c4, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce934c, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce93a4, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce93fc, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce942c, puLen=0xd7e790) returned 1
[0211.220] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.221] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ce9468, puLen=0xd7e790) returned 1
[0211.221] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0211.221] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ce94bc, puLen=0xd7e784) returned 1
[0211.221] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0211.221] VerQueryValueW (in: pBlock=0x2ce908c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ce90b4, puLen=0xd7e794) returned 1
[0211.221] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0211.221] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.222] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0211.222] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.222] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.222] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1702dc
[0211.241] SetWindowLongW (hWnd=0x1702dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0211.241] GetWindowLongW (hWnd=0x1702dc, nIndex=-4) returned 1950089536
[0211.242] SetWindowLongW (hWnd=0x1702dc, nIndex=-4, dwNewLong=19943686) returned 1950089536
[0211.242] GetWindowLongW (hWnd=0x1702dc, nIndex=-4) returned 19943686
[0211.242] GetWindowLongW (hWnd=0x1702dc, nIndex=-16) returned 113311744
[0211.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0211.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0211.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0211.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0211.243] GetClientRect (in: hWnd=0x1702dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0211.243] GetWindowRect (in: hWnd=0x1702dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0211.243] SetWindowTextW (hWnd=0x1702dc, lpString="WindowsFormsParkingWindow") returned 1
[0211.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0xc, wParam=0x0, lParam=0x2ce087c) returned 0x1
[0211.244] GetParent (hWnd=0x1702dc) returned 0x0
[0211.244] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.244] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1702dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1702da
[0211.244] SetWindowLongW (hWnd=0x1702da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0211.244] GetWindowLongW (hWnd=0x1702da, nIndex=-4) returned 1868147648
[0211.245] SetWindowLongW (hWnd=0x1702da, nIndex=-4, dwNewLong=19944406) returned 1868147648
[0211.245] GetWindowLongW (hWnd=0x1702da, nIndex=-4) returned 19944406
[0211.245] GetWindowLongW (hWnd=0x1702da, nIndex=-16) returned 1174405133
[0211.245] GetWindowLongW (hWnd=0x1702da, nIndex=-12) returned 0
[0211.245] SetWindowLongW (hWnd=0x1702da, nIndex=-12, dwNewLong=1508058) returned 0
[0211.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0211.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0211.246] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0211.246] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0211.246] GetWindowRect (in: hWnd=0x1702da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0211.246] GetParent (hWnd=0x1702da) returned 0x1702dc
[0211.246] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0211.247] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0211.248] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0211.248] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0211.248] GetWindowRect (in: hWnd=0x1702da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0211.248] GetParent (hWnd=0x1702da) returned 0x1702dc
[0211.248] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0211.248] SendMessageW (hWnd=0x1702da, Msg=0x2210, wParam=0x2da0001, lParam=0x1702da) returned 0x0
[0211.248] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x2210, wParam=0x2da0001, lParam=0x1702da) returned 0x0
[0211.248] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.248] GetParent (hWnd=0x1702da) returned 0x1702dc
[0211.248] GdipCreateFromHWND (hwnd=0x1702da, graphics=0xd7e844) returned 0x0
[0211.249] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0211.249] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.249] GetForegroundWindow () returned 0x7005c
[0211.249] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.249] GetSystemMetrics (nIndex=42) returned 0
[0211.249] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0211.250] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.250] GetSystemMetrics (nIndex=42) returned 0
[0211.250] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0211.250] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.250] GetCursorPos (in: lpPoint=0x2ced510 | out: lpPoint=0x2ced510*(x=257, y=625)) returned 1
[0211.250] MonitorFromPoint (pt=0x101, dwFlags=0x271) returned 0x10001
[0211.251] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0211.251] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf00107ec
[0211.251] GetDeviceCaps (hdc=0xf00107ec, index=12) returned 32
[0211.251] GetDeviceCaps (hdc=0xf00107ec, index=14) returned 1
[0211.251] DeleteDC (hdc=0xf00107ec) returned 1
[0211.251] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0211.251] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0211.251] GetSystemMetrics (nIndex=59) returned 1460
[0211.251] GetSystemMetrics (nIndex=60) returned 920
[0211.251] GetSystemMetrics (nIndex=34) returned 136
[0211.251] GetSystemMetrics (nIndex=35) returned 39
[0211.251] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.252] GetCursorPos (in: lpPoint=0x2ced77c | out: lpPoint=0x2ced77c*(x=257, y=625)) returned 1
[0211.252] MonitorFromPoint (pt=0x101, dwFlags=0x271) returned 0x10001
[0211.252] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0211.252] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf10107ec
[0211.252] GetDeviceCaps (hdc=0xf10107ec, index=12) returned 32
[0211.252] GetDeviceCaps (hdc=0xf10107ec, index=14) returned 1
[0211.252] DeleteDC (hdc=0xf10107ec) returned 1
[0211.253] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0211.253] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0211.253] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.253] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0211.253] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2ceda14 | out: piconinfo=0x2ceda14) returned 1
[0211.253] GetObjectW (in: h=0x74050803, c=24, pv=0x2ceda30 | out: pv=0x2ceda30) returned 24
[0211.254] GdipCreateBitmapFromHBITMAP (hbm=0x74050803, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0211.254] GdipGetImageWidth (image=0x664f790, width=0xd7e750) returned 0x0
[0211.254] GdipGetImageHeight (image=0x664f790, height=0xd7e748) returned 0x0
[0211.254] GdipGetImagePixelFormat (image=0x664f790, format=0xd7e740) returned 0x0
[0211.254] GdipBitmapLockBits (bitmap=0x664f790, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2cedae8) returned 0x0
[0211.254] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0211.254] GdipBitmapLockBits (bitmap=0x6651518, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2cedb20) returned 0x0
[0211.254] RtlMoveMemory (in: Destination=0x665cf38, Source=0x6660ed0, Length=0x80 | out: Destination=0x665cf38)
[0211.254] RtlMoveMemory (in: Destination=0x665cfb8, Source=0x6660e50, Length=0x80 | out: Destination=0x665cfb8)
[0211.254] RtlMoveMemory (in: Destination=0x665d038, Source=0x6660dd0, Length=0x80 | out: Destination=0x665d038)
[0211.254] RtlMoveMemory (in: Destination=0x665d0b8, Source=0x6660d50, Length=0x80 | out: Destination=0x665d0b8)
[0211.254] RtlMoveMemory (in: Destination=0x665d138, Source=0x6660cd0, Length=0x80 | out: Destination=0x665d138)
[0211.254] RtlMoveMemory (in: Destination=0x665d1b8, Source=0x6660c50, Length=0x80 | out: Destination=0x665d1b8)
[0211.254] RtlMoveMemory (in: Destination=0x665d238, Source=0x6660bd0, Length=0x80 | out: Destination=0x665d238)
[0211.255] RtlMoveMemory (in: Destination=0x665d2b8, Source=0x6660b50, Length=0x80 | out: Destination=0x665d2b8)
[0211.255] RtlMoveMemory (in: Destination=0x665d338, Source=0x6660ad0, Length=0x80 | out: Destination=0x665d338)
[0211.255] RtlMoveMemory (in: Destination=0x665d3b8, Source=0x6660a50, Length=0x80 | out: Destination=0x665d3b8)
[0211.255] RtlMoveMemory (in: Destination=0x665d438, Source=0x66609d0, Length=0x80 | out: Destination=0x665d438)
[0211.255] RtlMoveMemory (in: Destination=0x665d4b8, Source=0x6660950, Length=0x80 | out: Destination=0x665d4b8)
[0211.255] RtlMoveMemory (in: Destination=0x665d538, Source=0x66608d0, Length=0x80 | out: Destination=0x665d538)
[0211.255] RtlMoveMemory (in: Destination=0x665d5b8, Source=0x6660850, Length=0x80 | out: Destination=0x665d5b8)
[0211.255] RtlMoveMemory (in: Destination=0x665d638, Source=0x66607d0, Length=0x80 | out: Destination=0x665d638)
[0211.255] RtlMoveMemory (in: Destination=0x665d6b8, Source=0x6660750, Length=0x80 | out: Destination=0x665d6b8)
[0211.255] RtlMoveMemory (in: Destination=0x665d738, Source=0x66606d0, Length=0x80 | out: Destination=0x665d738)
[0211.255] RtlMoveMemory (in: Destination=0x665d7b8, Source=0x6660650, Length=0x80 | out: Destination=0x665d7b8)
[0211.255] RtlMoveMemory (in: Destination=0x665d838, Source=0x66605d0, Length=0x80 | out: Destination=0x665d838)
[0211.255] RtlMoveMemory (in: Destination=0x665d8b8, Source=0x6660550, Length=0x80 | out: Destination=0x665d8b8)
[0211.255] RtlMoveMemory (in: Destination=0x665d938, Source=0x66604d0, Length=0x80 | out: Destination=0x665d938)
[0211.255] RtlMoveMemory (in: Destination=0x665d9b8, Source=0x6660450, Length=0x80 | out: Destination=0x665d9b8)
[0211.255] RtlMoveMemory (in: Destination=0x665da38, Source=0x66603d0, Length=0x80 | out: Destination=0x665da38)
[0211.255] RtlMoveMemory (in: Destination=0x665dab8, Source=0x6660350, Length=0x80 | out: Destination=0x665dab8)
[0211.255] RtlMoveMemory (in: Destination=0x665db38, Source=0x66602d0, Length=0x80 | out: Destination=0x665db38)
[0211.255] RtlMoveMemory (in: Destination=0x665dbb8, Source=0x6660250, Length=0x80 | out: Destination=0x665dbb8)
[0211.255] RtlMoveMemory (in: Destination=0x665dc38, Source=0x66601d0, Length=0x80 | out: Destination=0x665dc38)
[0211.255] RtlMoveMemory (in: Destination=0x665dcb8, Source=0x6660150, Length=0x80 | out: Destination=0x665dcb8)
[0211.255] RtlMoveMemory (in: Destination=0x665dd38, Source=0x66600d0, Length=0x80 | out: Destination=0x665dd38)
[0211.255] RtlMoveMemory (in: Destination=0x665ddb8, Source=0x6660050, Length=0x80 | out: Destination=0x665ddb8)
[0211.256] RtlMoveMemory (in: Destination=0x665de38, Source=0x665ffd0, Length=0x80 | out: Destination=0x665de38)
[0211.256] RtlMoveMemory (in: Destination=0x665deb8, Source=0x665ff50, Length=0x80 | out: Destination=0x665deb8)
[0211.256] GdipBitmapUnlockBits (bitmap=0x664f790, lockedBitmapData=0x2cedae8) returned 0x0
[0211.256] GdipBitmapUnlockBits (bitmap=0x6651518, lockedBitmapData=0x2cedb20) returned 0x0
[0211.256] GdipDisposeImage (image=0x664f790) returned 0x0
[0211.256] DeleteObject (ho=0x74050803) returned 1
[0211.256] DeleteObject (ho=0xf20507ec) returned 1
[0211.256] GetCurrentThreadId () returned 0xf50
[0211.256] GetCurrentThreadId () returned 0xf50
[0211.256] SetWindowPos (hWnd=0x1702da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0211.256] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0211.256] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0211.257] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0211.257] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0211.257] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0211.257] GetWindowRect (in: hWnd=0x1702da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0211.257] GetParent (hWnd=0x1702da) returned 0x1702dc
[0211.257] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0211.257] InvalidateRect (hWnd=0x1702da, lpRect=0x0, bErase=1) returned 1
[0211.257] GetWindowTextLengthW (hWnd=0x1702da) returned 0
[0211.257] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0211.257] GetSystemMetrics (nIndex=42) returned 0
[0211.257] GetWindowTextW (in: hWnd=0x1702da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0211.257] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0211.257] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0211.257] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0211.257] GetWindowRect (in: hWnd=0x1702da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0211.257] GetParent (hWnd=0x1702da) returned 0x1702dc
[0211.257] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0211.258] GetWindowTextLengthW (hWnd=0x1702da) returned 0
[0211.258] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0211.258] GetSystemMetrics (nIndex=42) returned 0
[0211.258] GetWindowTextW (in: hWnd=0x1702da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0211.258] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0211.258] GetWindowTextLengthW (hWnd=0x1702da) returned 0
[0211.258] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0211.258] GetSystemMetrics (nIndex=42) returned 0
[0211.258] GetWindowTextW (in: hWnd=0x1702da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0211.258] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0211.258] SetWindowTextW (hWnd=0x1702da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0211.258] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xc, wParam=0x0, lParam=0x2ce46f4) returned 0x1
[0211.258] InvalidateRect (hWnd=0x1702da, lpRect=0x0, bErase=1) returned 1
[0211.258] GetCurrentThreadId () returned 0xf50
[0211.258] GetWindowThreadProcessId (in: hWnd=0x1702da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0211.259] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0211.260] GdipImageForceValidation (image=0x66504b0) returned 0x0
[0211.261] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0211.261] GdipGetImageHeight (image=0x66504b0, height=0xd7e824) returned 0x0
[0211.261] GdipGetImageWidth (image=0x66504b0, width=0xd7e824) returned 0x0
[0211.261] GdipGetImageWidth (image=0x66504b0, width=0xd7e810) returned 0x0
[0211.261] GdipGetImageHeight (image=0x66504b0, height=0xd7e810) returned 0x0
[0211.261] GdipGetImageWidth (image=0x66504b0, width=0xd7e800) returned 0x0
[0211.261] GdipGetImageHeight (image=0x66504b0, height=0xd7e800) returned 0x0
[0211.261] GdipBitmapGetPixel (bitmap=0x66504b0, x=0, y=15, color=0xd7e810) returned 0x0
[0211.261] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0211.261] GdipGetImageWidth (image=0x66504b0, width=0xd7e740) returned 0x0
[0211.261] GdipGetImageHeight (image=0x66504b0, height=0xd7e740) returned 0x0
[0211.261] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0211.262] GdipGetImagePixelFormat (image=0x664f790, format=0xd7e740) returned 0x0
[0211.262] GdipGetImageGraphicsContext (image=0x664f790, graphics=0xd7e74c) returned 0x0
[0211.262] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0211.262] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0211.262] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0211.262] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66504b0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0211.262] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0211.262] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.262] GdipDisposeImage (image=0x66504b0) returned 0x0
[0211.263] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0211.264] GdipImageForceValidation (image=0x664f100) returned 0x0
[0211.265] GdipGetImageRawFormat (image=0x664f100, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0211.265] GdipGetImageHeight (image=0x664f100, height=0xd7e824) returned 0x0
[0211.265] GdipGetImageWidth (image=0x664f100, width=0xd7e824) returned 0x0
[0211.265] GdipGetImageWidth (image=0x664f100, width=0xd7e810) returned 0x0
[0211.265] GdipGetImageHeight (image=0x664f100, height=0xd7e810) returned 0x0
[0211.265] GdipGetImageWidth (image=0x664f100, width=0xd7e800) returned 0x0
[0211.265] GdipGetImageHeight (image=0x664f100, height=0xd7e800) returned 0x0
[0211.265] GdipBitmapGetPixel (bitmap=0x664f100, x=0, y=15, color=0xd7e810) returned 0x0
[0211.265] GdipGetImageRawFormat (image=0x664f100, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0211.265] GdipGetImageWidth (image=0x664f100, width=0xd7e740) returned 0x0
[0211.266] GdipGetImageHeight (image=0x664f100, height=0xd7e740) returned 0x0
[0211.266] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0211.266] GdipGetImagePixelFormat (image=0x6651860, format=0xd7e740) returned 0x0
[0211.266] GdipGetImageGraphicsContext (image=0x6651860, graphics=0xd7e74c) returned 0x0
[0211.266] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0211.266] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0211.266] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0211.266] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f100, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0211.266] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0211.266] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.266] GdipDisposeImage (image=0x664f100) returned 0x0
[0211.267] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.267] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0211.267] GetCurrentThreadId () returned 0xf50
[0211.267] GetCurrentThreadId () returned 0xf50
[0211.267] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.267] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0211.267] GetCurrentThreadId () returned 0xf50
[0211.267] GetCurrentThreadId () returned 0xf50
[0211.267] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.267] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0211.268] GetCurrentThreadId () returned 0xf50
[0211.268] GetCurrentThreadId () returned 0xf50
[0211.268] GetSystemMetrics (nIndex=5) returned 1
[0211.268] GetSystemMetrics (nIndex=6) returned 1
[0211.268] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.268] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0211.268] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.268] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0211.268] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.268] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0211.268] GetCurrentThreadId () returned 0xf50
[0211.269] GetCurrentThreadId () returned 0xf50
[0211.269] GetProcessWindowStation () returned 0x13c
[0211.269] GetCapture () returned 0x0
[0211.269] GetActiveWindow () returned 0x7005c
[0211.269] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0211.269] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.269] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0211.269] GetCursorPos (in: lpPoint=0x2ceecec | out: lpPoint=0x2ceecec*(x=257, y=625)) returned 1
[0211.269] MonitorFromPoint (pt=0x101, dwFlags=0x271) returned 0x10001
[0211.269] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0211.269] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf30107ec
[0211.269] GetDeviceCaps (hdc=0xf30107ec, index=12) returned 32
[0211.270] GetDeviceCaps (hdc=0xf30107ec, index=14) returned 1
[0211.270] DeleteDC (hdc=0xf30107ec) returned 1
[0211.270] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0211.270] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.270] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1702de
[0211.270] SetWindowLongW (hWnd=0x1702de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0211.270] GetWindowLongW (hWnd=0x1702de, nIndex=-4) returned 1950089536
[0211.271] SetWindowLongW (hWnd=0x1702de, nIndex=-4, dwNewLong=19943806) returned 1950089536
[0211.271] GetWindowLongW (hWnd=0x1702de, nIndex=-4) returned 19943806
[0211.271] GetWindowLongW (hWnd=0x1702de, nIndex=-16) returned 113770496
[0211.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0211.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0211.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0211.272] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0211.272] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0211.273] SetWindowTextW (hWnd=0x1702de, lpString="BB ransomware") returned 1
[0211.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xc, wParam=0x0, lParam=0x2ced3fc) returned 0x1
[0211.273] GetStartupInfoW (in: lpStartupInfo=0x2cef028 | out: lpStartupInfo=0x2cef028*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0211.274] GetParent (hWnd=0x1702de) returned 0x0
[0211.274] SetWindowLongW (hWnd=0x1702de, nIndex=-8, dwNewLong=0) returned 0
[0211.275] SendMessageW (hWnd=0x1702de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0211.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0211.275] SendMessageW (hWnd=0x1702de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0211.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0211.275] GetSystemMenu (hWnd=0x1702de, bRevert=0) returned 0x72020f
[0211.276] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0211.276] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0211.276] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0211.276] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0211.276] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0211.276] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0211.276] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0211.276] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0211.276] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0211.276] SetWindowPos (hWnd=0x1702de, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0211.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0211.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1702de) returned 0x1
[0211.279] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0211.279] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0211.280] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.280] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.281] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.283] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1702de, lParam=0x0) returned 0x0
[0211.283] GetCapture () returned 0x0
[0211.283] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0211.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0211.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0211.286] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0211.287] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0211.287] GetParent (hWnd=0x1702de) returned 0x0
[0211.287] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0211.289] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0211.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0211.289] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0211.289] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0211.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.291] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.291] GetWindowLongW (hWnd=0x1702de, nIndex=-16) returned 113770496
[0211.291] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.291] GetSystemMetrics (nIndex=42) returned 0
[0211.291] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0211.291] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.292] GetSystemMetrics (nIndex=42) returned 0
[0211.292] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0211.292] GetCursorPos (in: lpPoint=0x2cef264 | out: lpPoint=0x2cef264*(x=257, y=625)) returned 1
[0211.292] MonitorFromPoint (pt=0x102, dwFlags=0x271) returned 0x10001
[0211.292] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0211.292] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x70107c6
[0211.292] GetDeviceCaps (hdc=0x70107c6, index=12) returned 32
[0211.292] GetDeviceCaps (hdc=0x70107c6, index=14) returned 1
[0211.292] DeleteDC (hdc=0x70107c6) returned 1
[0211.292] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0211.292] GetWindowLongW (hWnd=0x1702de, nIndex=-16) returned 113770496
[0211.292] GetWindowLongW (hWnd=0x1702de, nIndex=-20) returned 327945
[0211.292] SetWindowLongW (hWnd=0x1702de, nIndex=-16, dwNewLong=46661632) returned 113770496
[0211.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0211.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0211.294] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.297] SetWindowLongW (hWnd=0x1702de, nIndex=-20, dwNewLong=327681) returned 327945
[0211.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0211.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0211.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.300] SetWindowPos (hWnd=0x1702de, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0211.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0211.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0211.300] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0211.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0211.300] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0211.300] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0211.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.302] RedrawWindow (hWnd=0x1702de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0211.302] GetSystemMenu (hWnd=0x1702de, bRevert=0) returned 0x72020f
[0211.302] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0211.302] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0211.302] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0211.302] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0211.302] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0211.302] EnableMenuItem (hMenu=0x72020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0211.302] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0211.302] GetWindowLongW (hWnd=0x1702de, nIndex=-8) returned 0
[0211.302] SetWindowLongW (hWnd=0x1702de, nIndex=-8, dwNewLong=458844) returned 0
[0211.303] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0211.303] GetProcessWindowStation () returned 0x13c
[0211.303] GetCurrentThreadId () returned 0xf50
[0211.304] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305336, lParam=0x0) returned 1
[0211.304] IsWindowVisible (hWnd=0x1702de) returned 0
[0211.304] IsWindowVisible (hWnd=0x7005c) returned 1
[0211.304] IsWindowEnabled (hWnd=0x7005c) returned 1
[0211.304] IsWindowVisible (hWnd=0x300ec) returned 0
[0211.304] IsWindowVisible (hWnd=0x502c6) returned 0
[0211.304] IsWindowVisible (hWnd=0x502be) returned 0
[0211.304] GetActiveWindow () returned 0x1702de
[0211.304] GetFocus () returned 0x1702de
[0211.304] IsWindow (hWnd=0x7005c) returned 1
[0211.304] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0211.304] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0211.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0211.305] GetWindowLongW (hWnd=0x1702de, nIndex=-8) returned 458844
[0211.305] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0211.305] GetCurrentThreadId () returned 0xf50
[0211.305] GetWindowLongW (hWnd=0x1702de, nIndex=-8) returned 458844
[0211.305] IsWindowEnabled (hWnd=0x7005c) returned 0
[0211.305] IsWindowEnabled (hWnd=0x1702de) returned 1
[0211.305] ShowWindow (hWnd=0x1702de, nCmdShow=5) returned 0
[0211.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.305] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0211.305] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.306] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.306] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1702de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd02ce
[0211.306] SetWindowLongW (hWnd=0xd02ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0211.306] GetWindowLongW (hWnd=0xd02ce, nIndex=-4) returned 1950089536
[0211.306] SetWindowLongW (hWnd=0xd02ce, nIndex=-4, dwNewLong=19943926) returned 1950089536
[0211.307] GetWindowLongW (hWnd=0xd02ce, nIndex=-4) returned 19943926
[0211.307] GetWindowLongW (hWnd=0xd02ce, nIndex=-16) returned 1174405120
[0211.307] GetWindowLongW (hWnd=0xd02ce, nIndex=-12) returned 0
[0211.307] SetWindowLongW (hWnd=0xd02ce, nIndex=-12, dwNewLong=852686) returned 0
[0211.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0211.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0211.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0211.307] GetWindow (hWnd=0xd02ce, uCmd=0x3) returned 0x0
[0211.307] GetClientRect (in: hWnd=0xd02ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0211.307] GetWindowRect (in: hWnd=0xd02ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0211.307] GetParent (hWnd=0xd02ce) returned 0x1702de
[0211.307] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0211.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0211.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0211.308] GetClientRect (in: hWnd=0xd02ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0211.308] GetWindowRect (in: hWnd=0xd02ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0211.308] GetParent (hWnd=0xd02ce) returned 0x1702de
[0211.308] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0211.308] SendMessageW (hWnd=0xd02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xd02ce) returned 0x0
[0211.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xd02ce) returned 0x0
[0211.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.309] GetParent (hWnd=0xd02ce) returned 0x1702de
[0211.309] GetParent (hWnd=0x1702da) returned 0x1702dc
[0211.309] SetParent (hWndChild=0x1702da, hWndNewParent=0x1702de) returned 0x1702dc
[0211.309] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0211.309] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0211.316] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0211.316] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0211.316] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0211.316] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0211.316] GetWindowRect (in: hWnd=0x1702da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0211.316] GetParent (hWnd=0x1702da) returned 0x1702de
[0211.316] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0211.316] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0211.316] GetWindowRect (in: hWnd=0x1702da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0211.316] GetParent (hWnd=0x1702da) returned 0x1702de
[0211.316] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0211.316] GetParent (hWnd=0x1702da) returned 0x1702de
[0211.317] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.317] GetWindow (hWnd=0x1702da, uCmd=0x3) returned 0x0
[0211.317] SetWindowPos (hWnd=0x1702da, hWndInsertAfter=0xd02ce, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0211.317] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0211.317] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0211.317] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0211.317] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0211.318] GetWindowRect (in: hWnd=0x1702da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0211.318] GetParent (hWnd=0x1702da) returned 0x1702de
[0211.318] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0211.318] GetParent (hWnd=0x1702da) returned 0x1702de
[0211.318] GetWindow (hWnd=0x1702da, uCmd=0x3) returned 0xd02ce
[0211.318] GetWindowThreadProcessId (in: hWnd=0x1702da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0211.318] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0211.318] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.319] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.319] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1702de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1902d8
[0211.319] SetWindowLongW (hWnd=0x1902d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0211.319] GetWindowLongW (hWnd=0x1902d8, nIndex=-4) returned 1868032000
[0211.319] SetWindowLongW (hWnd=0x1902d8, nIndex=-4, dwNewLong=19945502) returned 1868032000
[0211.319] GetWindowLongW (hWnd=0x1902d8, nIndex=-4) returned 19945502
[0211.319] GetWindowLongW (hWnd=0x1902d8, nIndex=-16) returned 1174470667
[0211.319] GetWindowLongW (hWnd=0x1902d8, nIndex=-12) returned 0
[0211.319] SetWindowLongW (hWnd=0x1902d8, nIndex=-12, dwNewLong=1639128) returned 0
[0211.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0211.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0211.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0211.321] SendMessageW (hWnd=0x1902d8, Msg=0x2055, wParam=0x1902d8, lParam=0x3) returned 0x2
[0211.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0211.321] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0211.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0211.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0211.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0211.321] RedrawWindow (hWnd=0xd02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0211.322] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0211.322] RedrawWindow (hWnd=0x1702da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0211.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0211.322] RedrawWindow (hWnd=0x1902d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0211.322] RedrawWindow (hWnd=0x1702de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0211.322] GetWindow (hWnd=0x1902d8, uCmd=0x3) returned 0x1702da
[0211.322] GetClientRect (in: hWnd=0x1902d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0211.322] GetWindowRect (in: hWnd=0x1902d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0211.322] GetParent (hWnd=0x1902d8) returned 0x1702de
[0211.322] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0211.322] SetWindowTextW (hWnd=0x1902d8, lpString="&Details") returned 1
[0211.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0211.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0211.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0211.323] GetClientRect (in: hWnd=0x1902d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0211.323] GetWindowRect (in: hWnd=0x1902d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0211.323] GetParent (hWnd=0x1902d8) returned 0x1702de
[0211.323] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0211.323] SendMessageW (hWnd=0x1902d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1902d8) returned 0x0
[0211.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1902d8) returned 0x0
[0211.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.324] GetParent (hWnd=0x1902d8) returned 0x1702de
[0211.324] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0211.324] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.324] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.324] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1702de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102c8
[0211.325] SetWindowLongW (hWnd=0x1102c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0211.325] GetWindowLongW (hWnd=0x1102c8, nIndex=-4) returned 1868032000
[0211.325] SetWindowLongW (hWnd=0x1102c8, nIndex=-4, dwNewLong=19945182) returned 1868032000
[0211.326] GetWindowLongW (hWnd=0x1102c8, nIndex=-4) returned 19945182
[0211.326] GetWindowLongW (hWnd=0x1102c8, nIndex=-16) returned 1174470667
[0211.326] GetWindowLongW (hWnd=0x1102c8, nIndex=-12) returned 0
[0211.326] SetWindowLongW (hWnd=0x1102c8, nIndex=-12, dwNewLong=1114824) returned 0
[0211.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0211.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0211.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0211.327] SendMessageW (hWnd=0x1102c8, Msg=0x2055, wParam=0x1102c8, lParam=0x3) returned 0x2
[0211.327] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0211.327] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0211.327] GetWindow (hWnd=0x1102c8, uCmd=0x3) returned 0x1902d8
[0211.327] GetClientRect (in: hWnd=0x1102c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0211.327] GetWindowRect (in: hWnd=0x1102c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0211.327] GetParent (hWnd=0x1102c8) returned 0x1702de
[0211.328] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0211.328] SetWindowTextW (hWnd=0x1102c8, lpString="&Continue") returned 1
[0211.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0211.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0211.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0211.328] GetClientRect (in: hWnd=0x1102c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0211.328] GetWindowRect (in: hWnd=0x1102c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0211.328] GetParent (hWnd=0x1102c8) returned 0x1702de
[0211.328] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0211.328] SendMessageW (hWnd=0x1102c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1102c8) returned 0x0
[0211.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1102c8) returned 0x0
[0211.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.329] GetParent (hWnd=0x1102c8) returned 0x1702de
[0211.329] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0211.329] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.330] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.330] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1702de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a00ea
[0211.330] SetWindowLongW (hWnd=0x1a00ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0211.330] GetWindowLongW (hWnd=0x1a00ea, nIndex=-4) returned 1868032000
[0211.330] SetWindowLongW (hWnd=0x1a00ea, nIndex=-4, dwNewLong=19945262) returned 1868032000
[0211.330] GetWindowLongW (hWnd=0x1a00ea, nIndex=-4) returned 19945262
[0211.330] GetWindowLongW (hWnd=0x1a00ea, nIndex=-16) returned 1174470667
[0211.330] GetWindowLongW (hWnd=0x1a00ea, nIndex=-12) returned 0
[0211.330] SetWindowLongW (hWnd=0x1a00ea, nIndex=-12, dwNewLong=1704170) returned 0
[0211.331] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0211.331] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0211.331] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0211.332] SendMessageW (hWnd=0x1a00ea, Msg=0x2055, wParam=0x1a00ea, lParam=0x3) returned 0x2
[0211.332] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0211.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0211.332] GetWindow (hWnd=0x1a00ea, uCmd=0x3) returned 0x1102c8
[0211.332] GetClientRect (in: hWnd=0x1a00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0211.332] GetWindowRect (in: hWnd=0x1a00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0211.332] GetParent (hWnd=0x1a00ea) returned 0x1702de
[0211.332] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0211.332] SetWindowTextW (hWnd=0x1a00ea, lpString="&Quit") returned 1
[0211.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0211.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0211.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0211.333] GetClientRect (in: hWnd=0x1a00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0211.334] GetWindowRect (in: hWnd=0x1a00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0211.334] GetParent (hWnd=0x1a00ea) returned 0x1702de
[0211.334] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0211.334] SendMessageW (hWnd=0x1a00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1a00ea) returned 0x0
[0211.334] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1a00ea) returned 0x0
[0211.334] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.334] GetParent (hWnd=0x1a00ea) returned 0x1702de
[0211.334] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0211.334] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.335] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0211.335] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1702de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xc02d0
[0211.335] SetWindowLongW (hWnd=0xc02d0, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0211.335] GetWindowLongW (hWnd=0xc02d0, nIndex=-4) returned 1868026976
[0211.335] SetWindowLongW (hWnd=0xc02d0, nIndex=-4, dwNewLong=19944542) returned 1868026976
[0211.336] GetWindowLongW (hWnd=0xc02d0, nIndex=-4) returned 19944542
[0211.336] GetWindowLongW (hWnd=0xc02d0, nIndex=-16) returned 1177553092
[0211.336] GetWindowLongW (hWnd=0xc02d0, nIndex=-12) returned 0
[0211.336] SetWindowLongW (hWnd=0xc02d0, nIndex=-12, dwNewLong=787152) returned 0
[0211.336] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0211.337] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0211.337] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0211.352] GetWindow (hWnd=0xc02d0, uCmd=0x3) returned 0x1a00ea
[0211.352] GetClientRect (in: hWnd=0xc02d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0211.352] GetWindowRect (in: hWnd=0xc02d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0211.352] GetParent (hWnd=0xc02d0) returned 0x1702de
[0211.352] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0211.352] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.353] GetSystemMetrics (nIndex=42) returned 0
[0211.353] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0211.353] SendMessageW (hWnd=0xc02d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0211.353] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0211.360] SetWindowTextW (hWnd=0xc02d0, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0211.360] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0xc, wParam=0x0, lParam=0x2ceade4) returned 0x1
[0211.362] GetSystemMetrics (nIndex=5) returned 1
[0211.362] GetSystemMetrics (nIndex=6) returned 1
[0211.362] SendMessageW (hWnd=0xc02d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0211.362] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0211.362] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0211.363] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0211.363] GetClientRect (in: hWnd=0xc02d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0211.363] GetWindowRect (in: hWnd=0xc02d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0211.363] GetParent (hWnd=0xc02d0) returned 0x1702de
[0211.363] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702de, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0211.363] SendMessageW (hWnd=0xc02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xc02d0) returned 0x0
[0211.363] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xc02d0) returned 0x0
[0211.364] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0211.364] GetParent (hWnd=0xc02d0) returned 0x1702de
[0211.364] GetWindowLongW (hWnd=0x1702de, nIndex=-8) returned 458844
[0211.364] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0211.364] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0211.364] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xe0107c6
[0211.364] GetDeviceCaps (hdc=0xe0107c6, index=12) returned 32
[0211.364] GetDeviceCaps (hdc=0xe0107c6, index=14) returned 1
[0211.364] DeleteDC (hdc=0xe0107c6) returned 1
[0211.364] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0211.364] GetWindowThreadProcessId (in: hWnd=0x1702de, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0211.364] GetCurrentThreadId () returned 0xf50
[0211.365] PostMessageW (hWnd=0x1702de, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0211.365] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.365] GetSystemMetrics (nIndex=42) returned 0
[0211.365] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0211.365] GdipImageGetFrameDimensionsCount (image=0x6651518, count=0xd7e25c) returned 0x0
[0211.365] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200a40
[0211.365] GdipImageGetFrameDimensionsList (image=0x6651518, dimensionIDs=0x1200a40*(Data1=0x0, Data2=0xe444, Data3=0x550, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0211.365] LocalFree (hMem=0x1200a40) returned 0x0
[0211.365] GdipImageGetFrameDimensionsCount (image=0x664f790, count=0xd7e250) returned 0x0
[0211.365] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200c20
[0211.365] GdipImageGetFrameDimensionsList (image=0x664f790, dimensionIDs=0x1200c20*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0211.365] LocalFree (hMem=0x1200c20) returned 0x0
[0211.365] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0211.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0211.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0211.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0211.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.379] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0211.379] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0211.379] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.379] GetSystemMetrics (nIndex=42) returned 0
[0211.379] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0211.380] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0211.380] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0211.380] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0211.380] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xffffffff930505d8
[0211.380] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0211.380] SaveDC (hdc=0x107b9) returned 1
[0211.380] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0211.380] CreateSolidBrush (color=0xf0f0f0) returned 0x101007e1
[0211.380] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x101007e1) returned 1
[0211.380] DeleteObject (ho=0x101007e1) returned 1
[0211.380] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0211.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0211.381] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0211.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0211.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0211.381] GetStockObject (i=5) returned 0x900015
[0211.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0211.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0211.381] GetStockObject (i=5) returned 0x900015
[0211.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0211.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0211.382] GetStockObject (i=5) returned 0x900015
[0211.382] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0211.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0211.382] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0211.382] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0211.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0211.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0211.384] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0211.384] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0211.384] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.384] InvalidateRect (hWnd=0x1902d8, lpRect=0x0, bErase=0) returned 1
[0211.384] GetFocus () returned 0x1702de
[0211.385] GetFocus () returned 0x1702de
[0211.385] SetFocus (hWnd=0x1902d8) returned 0x1702de
[0211.385] GetFocus () returned 0x1902d8
[0211.385] IsChild (hWndParent=0x1702de, hWnd=0x1902d8) returned 1
[0211.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x8, wParam=0x1902d8, lParam=0x0) returned 0x0
[0211.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0211.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0211.389] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.389] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x7, wParam=0x1702de, lParam=0x0) returned 0x0
[0211.389] GetStockObject (i=5) returned 0x900015
[0211.389] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0211.389] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0211.389] GetDlgItem (hDlg=0x1702de, nIDDlgItem=1639128) returned 0x1902d8
[0211.389] SendMessageW (hWnd=0x1902d8, Msg=0x202b, wParam=0x1902d8, lParam=0xd7e0dc) returned 0x0
[0211.389] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x202b, wParam=0x1902d8, lParam=0xd7e0dc) returned 0x0
[0211.389] InvalidateRect (hWnd=0x1902d8, lpRect=0x0, bErase=0) returned 1
[0211.391] GetFocus () returned 0x1902d8
[0211.391] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.391] IsWindowUnicode (hWnd=0x1702de) returned 1
[0211.391] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.392] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.392] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0211.392] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.392] IsWindowUnicode (hWnd=0x1702de) returned 1
[0211.392] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.392] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.392] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.392] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0211.393] IsWindowUnicode (hWnd=0x1702de) returned 1
[0211.393] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.393] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.393] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.393] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.394] IsWindowUnicode (hWnd=0x602c4) returned 1
[0211.394] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.394] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.394] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.394] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0211.394] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0211.394] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.394] IsWindowUnicode (hWnd=0x1702de) returned 1
[0211.394] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.394] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.395] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.395] BeginPaint (in: hWnd=0x1702de, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0211.395] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.395] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.395] GetSystemMetrics (nIndex=42) returned 0
[0211.395] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0211.395] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.395] EndPaint (hWnd=0x1702de, lpPaint=0xd7e274) returned 1
[0211.395] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.396] IsWindowUnicode (hWnd=0xd02ce) returned 1
[0211.396] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.396] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.396] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.396] BeginPaint (in: hWnd=0xd02ce, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0211.396] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.396] CreateCompatibleDC (hdc=0xf0105ee) returned 0xdc0107f3
[0211.396] SelectObject (hdc=0xdc0107f3, h=0x4a0507fe) returned 0x85000f
[0211.396] GdipCreateFromHDC (hdc=0xdc0107f3, graphics=0xd7e2b0) returned 0x0
[0211.396] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.396] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0211.396] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0211.396] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0211.396] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e310) returned 0x0
[0211.396] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.396] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0211.397] LocalFree (hMem=0x11ee868) returned 0x0
[0211.397] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0211.397] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0211.397] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0211.397] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e304) returned 0x0
[0211.397] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0211.397] GetWindowTextLengthW (hWnd=0xd02ce) returned 0
[0211.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0211.397] GetSystemMetrics (nIndex=42) returned 0
[0211.397] GetWindowTextW (in: hWnd=0xd02ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0211.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0211.397] GetClientRect (in: hWnd=0xd02ce, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0211.397] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0211.397] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0211.397] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0211.397] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0211.397] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e164) returned 0x0
[0211.397] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.397] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0211.397] LocalFree (hMem=0x11eec58) returned 0x0
[0211.397] GdipCombineRegionRegion (region=0x6646a78, region2=0x6646958, combineMode=0x1) returned 0x0
[0211.398] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0211.398] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea98) returned 0x0
[0211.398] LocalFree (hMem=0x11eea98) returned 0x0
[0211.398] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0211.398] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0211.398] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0211.398] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0211.398] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0211.398] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0211.398] GetCurrentObject (hdc=0xdc0107f3, type=0x1) returned 0xb00017
[0211.398] GetCurrentObject (hdc=0xdc0107f3, type=0x2) returned 0x900010
[0211.398] GetCurrentObject (hdc=0xdc0107f3, type=0x7) returned 0x4a0507fe
[0211.398] GetCurrentObject (hdc=0xdc0107f3, type=0x6) returned 0x8a01c2
[0211.398] SaveDC (hdc=0xdc0107f3) returned 1
[0211.398] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x240407de
[0211.398] GetClipRgn (hdc=0xdc0107f3, hrgn=0x240407de) returned 0
[0211.398] SelectClipRgn (hdc=0xdc0107f3, hrgn=0x9d040807) returned 2
[0211.398] DeleteObject (ho=0x240407de) returned 1
[0211.399] DeleteObject (ho=0x9d040807) returned 1
[0211.399] OffsetViewportOrgEx (in: hdc=0xdc0107f3, x=0, y=0, lppt=0x2cf09d0 | out: lppt=0x2cf09d0) returned 1
[0211.399] GetNearestColor (hdc=0xdc0107f3, color=0xf0f0f0) returned 0xf0f0f0
[0211.399] CreateSolidBrush (color=0xf0f0f0) returned 0x111007e1
[0211.399] FillRect (hDC=0xdc0107f3, lprc=0xd7e198, hbr=0x111007e1) returned 1
[0211.399] DeleteObject (ho=0x111007e1) returned 1
[0211.399] RestoreDC (hdc=0xdc0107f3, nSavedDC=-1) returned 1
[0211.399] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107f3) returned 0x0
[0211.399] GdipRestoreGraphics (graphics=0x6600030, state=0xfa3c0dbd) returned 0x0
[0211.399] GdipDeleteRegion (region=0x6646958) returned 0x0
[0211.399] GetWindowTextLengthW (hWnd=0xd02ce) returned 0
[0211.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0211.399] GetSystemMetrics (nIndex=42) returned 0
[0211.399] GetWindowTextW (in: hWnd=0xd02ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0211.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0211.399] GdipGetImageWidth (image=0x6651518, width=0xd7e1e0) returned 0x0
[0211.399] GdipGetImageHeight (image=0x6651518, height=0xd7e1e0) returned 0x0
[0211.399] GdipGetImageWidth (image=0x6651518, width=0xd7e1cc) returned 0x0
[0211.399] GdipGetImageHeight (image=0x6651518, height=0xd7e1cc) returned 0x0
[0211.399] GdipDrawImageRectI (graphics=0x6600030, image=0x6651518, x=16, y=16, width=32, height=32) returned 0x0
[0211.400] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0211.400] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0xdc0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.400] GdipReleaseDC (graphics=0x6600030, hdc=0xdc0107f3) returned 0x0
[0211.400] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.400] SelectObject (hdc=0xdc0107f3, h=0x85000f) returned 0x4a0507fe
[0211.400] DeleteDC (hdc=0xdc0107f3) returned 1
[0211.400] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.400] EndPaint (hWnd=0xd02ce, lpPaint=0xd7e294) returned 1
[0211.400] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.400] IsWindowUnicode (hWnd=0x1702da) returned 1
[0211.400] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.400] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.400] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.400] BeginPaint (in: hWnd=0x1702da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0211.400] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.401] CreateCompatibleDC (hdc=0x10105d6) returned 0xde0107f3
[0211.401] GetObjectType (h=0x10105d6) returned 0x3
[0211.401] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffffbf0507bb
[0211.401] GetDIBits (in: hdc=0x10105d6, hbm=0xbf0507bb, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0211.401] GetDIBits (in: hdc=0x10105d6, hbm=0xbf0507bb, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0211.401] DeleteObject (ho=0xbf0507bb) returned 1
[0211.401] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x170507c6
[0211.401] SelectObject (hdc=0xde0107f3, h=0x170507c6) returned 0x85000f
[0211.401] GdipCreateFromHDC (hdc=0xde0107f3, graphics=0xd7e234) returned 0x0
[0211.402] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.402] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0211.402] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0211.402] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0211.402] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2d4) returned 0x0
[0211.402] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.402] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0211.402] LocalFree (hMem=0x11ee868) returned 0x0
[0211.402] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0211.402] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0211.402] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0211.402] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0211.402] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0211.402] GetWindowTextLengthW (hWnd=0x1702da) returned 232
[0211.402] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0211.402] GetSystemMetrics (nIndex=42) returned 0
[0211.402] GetWindowTextW (in: hWnd=0x1702da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0211.402] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0211.402] GetClientRect (in: hWnd=0x1702da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0211.402] GdipCreateRegion (region=0xd7e110) returned 0x0
[0211.403] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0211.403] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0211.403] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0211.403] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e128) returned 0x0
[0211.403] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0211.403] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eead0) returned 0x0
[0211.403] LocalFree (hMem=0x11eead0) returned 0x0
[0211.403] GdipCombineRegionRegion (region=0x6646ef8, region2=0x6646dd8, combineMode=0x1) returned 0x0
[0211.403] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.403] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0211.403] LocalFree (hMem=0x11eec58) returned 0x0
[0211.403] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0211.407] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0211.408] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0211.408] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0211.408] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0211.408] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0211.408] GetCurrentObject (hdc=0xde0107f3, type=0x1) returned 0xb00017
[0211.408] GetCurrentObject (hdc=0xde0107f3, type=0x2) returned 0x900010
[0211.408] GetCurrentObject (hdc=0xde0107f3, type=0x7) returned 0x170507c6
[0211.408] GetCurrentObject (hdc=0xde0107f3, type=0x6) returned 0x8a01c2
[0211.408] SaveDC (hdc=0xde0107f3) returned 1
[0211.408] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9e040807
[0211.408] GetClipRgn (hdc=0xde0107f3, hrgn=0x9e040807) returned 0
[0211.408] SelectClipRgn (hdc=0xde0107f3, hrgn=0x250407de) returned 2
[0211.408] DeleteObject (ho=0x9e040807) returned 1
[0211.408] DeleteObject (ho=0x250407de) returned 1
[0211.408] OffsetViewportOrgEx (in: hdc=0xde0107f3, x=0, y=0, lppt=0x2cf2398 | out: lppt=0x2cf2398) returned 1
[0211.408] GetNearestColor (hdc=0xde0107f3, color=0xf0f0f0) returned 0xf0f0f0
[0211.408] CreateSolidBrush (color=0xf0f0f0) returned 0x121007e1
[0211.408] FillRect (hDC=0xde0107f3, lprc=0xd7e15c, hbr=0x121007e1) returned 1
[0211.409] DeleteObject (ho=0x121007e1) returned 1
[0211.409] RestoreDC (hdc=0xde0107f3, nSavedDC=-1) returned 1
[0211.409] GdipReleaseDC (graphics=0x6600030, hdc=0xde0107f3) returned 0x0
[0211.409] GdipRestoreGraphics (graphics=0x6600030, state=0xfa3a0dbd) returned 0x0
[0211.409] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0211.409] GetWindowTextLengthW (hWnd=0x1702da) returned 232
[0211.409] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0211.409] GetSystemMetrics (nIndex=42) returned 0
[0211.409] GetWindowTextW (in: hWnd=0x1702da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0211.410] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0211.410] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0211.410] GetCurrentObject (hdc=0xde0107f3, type=0x1) returned 0xb00017
[0211.410] GetCurrentObject (hdc=0xde0107f3, type=0x2) returned 0x900010
[0211.410] GetCurrentObject (hdc=0xde0107f3, type=0x7) returned 0x170507c6
[0211.410] GetCurrentObject (hdc=0xde0107f3, type=0x6) returned 0x8a01c2
[0211.410] SaveDC (hdc=0xde0107f3) returned 1
[0211.410] GetNearestColor (hdc=0xde0107f3, color=0x0) returned 0x0
[0211.410] RestoreDC (hdc=0xde0107f3, nSavedDC=-1) returned 1
[0211.410] GdipReleaseDC (graphics=0x6600030, hdc=0xde0107f3) returned 0x0
[0211.411] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0211.411] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0211.411] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2cf2b94 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0211.411] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0211.411] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0211.411] GetCurrentObject (hdc=0xde0107f3, type=0x1) returned 0xb00017
[0211.411] GetCurrentObject (hdc=0xde0107f3, type=0x2) returned 0x900010
[0211.411] GetCurrentObject (hdc=0xde0107f3, type=0x7) returned 0x170507c6
[0211.411] GetCurrentObject (hdc=0xde0107f3, type=0x6) returned 0x8a01c2
[0211.412] SaveDC (hdc=0xde0107f3) returned 1
[0211.412] GetTextAlign (hdc=0xde0107f3) returned 0x0
[0211.412] GetTextColor (hdc=0xde0107f3) returned 0x0
[0211.412] GetCurrentObject (hdc=0xde0107f3, type=0x6) returned 0x8a01c2
[0211.412] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0211.412] SelectObject (hdc=0xde0107f3, h=0x6d0a0520) returned 0x8a01c2
[0211.412] GetBkMode (hdc=0xde0107f3) returned 2
[0211.412] SetBkMode (hdc=0xde0107f3, mode=1) returned 2
[0211.412] DrawTextExW (in: hdc=0xde0107f3, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2cf2db8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0211.415] RestoreDC (hdc=0xde0107f3, nSavedDC=-1) returned 1
[0211.415] GdipReleaseDC (graphics=0x6600030, hdc=0xde0107f3) returned 0x0
[0211.415] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0211.415] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xde0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.416] GdipReleaseDC (graphics=0x6600030, hdc=0xde0107f3) returned 0x0
[0211.416] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.416] SelectObject (hdc=0xde0107f3, h=0x85000f) returned 0x170507c6
[0211.416] DeleteDC (hdc=0xde0107f3) returned 1
[0211.416] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.416] DeleteObject (ho=0x170507c6) returned 1
[0211.417] EndPaint (hWnd=0x1702da, lpPaint=0xd7e258) returned 1
[0211.417] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.417] IsWindowUnicode (hWnd=0x1902d8) returned 1
[0211.417] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.417] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.417] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.417] BeginPaint (in: hWnd=0x1902d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0211.418] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.418] CreateCompatibleDC (hdc=0x60100ce) returned 0xc10107bb
[0211.418] SelectObject (hdc=0xc10107bb, h=0x4a0507fe) returned 0x85000f
[0211.418] GdipCreateFromHDC (hdc=0xc10107bb, graphics=0xd7e268) returned 0x0
[0211.418] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.418] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0211.418] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0211.418] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0211.418] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0211.418] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.418] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0211.419] LocalFree (hMem=0x11eec58) returned 0x0
[0211.419] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0211.424] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0211.424] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0211.424] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0211.424] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0211.424] GdipRestoreGraphics (graphics=0x6600030, state=0xfa380dbd) returned 0x0
[0211.424] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0211.424] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0211.424] GetCurrentObject (hdc=0xc10107bb, type=0x1) returned 0xb00017
[0211.424] GetCurrentObject (hdc=0xc10107bb, type=0x2) returned 0x900010
[0211.424] GetCurrentObject (hdc=0xc10107bb, type=0x7) returned 0x4a0507fe
[0211.424] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.424] SaveDC (hdc=0xc10107bb) returned 1
[0211.424] GetNearestColor (hdc=0xc10107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.424] GetNearestColor (hdc=0xc10107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.425] GetNearestColor (hdc=0xc10107bb, color=0x696969) returned 0x696969
[0211.425] GetNearestColor (hdc=0xc10107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.425] GetNearestColor (hdc=0xc10107bb, color=0x0) returned 0x0
[0211.425] GetNearestColor (hdc=0xc10107bb, color=0xffffff) returned 0xffffff
[0211.425] GetNearestColor (hdc=0xc10107bb, color=0xe5e5e5) returned 0xe5e5e5
[0211.425] GetNearestColor (hdc=0xc10107bb, color=0xd7d7d7) returned 0xd7d7d7
[0211.425] GetNearestColor (hdc=0xc10107bb, color=0x0) returned 0x0
[0211.425] RestoreDC (hdc=0xc10107bb, nSavedDC=-1) returned 1
[0211.425] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107bb) returned 0x0
[0211.425] IsAppThemed () returned 0x1
[0211.425] GetThemeAppProperties () returned 0x3
[0211.425] GetThemeAppProperties () returned 0x3
[0211.425] GdipGetImageWidth (image=0x664f790, width=0xd7e168) returned 0x0
[0211.425] GdipGetImageHeight (image=0x664f790, height=0xd7e168) returned 0x0
[0211.425] IsAppThemed () returned 0x1
[0211.425] GetThemeAppProperties () returned 0x3
[0211.426] GetThemeAppProperties () returned 0x3
[0211.426] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2cf3508 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0211.426] IsAppThemed () returned 0x1
[0211.426] GetThemeAppProperties () returned 0x3
[0211.426] GetThemeAppProperties () returned 0x3
[0211.426] IsAppThemed () returned 0x1
[0211.426] GetThemeAppProperties () returned 0x3
[0211.426] GetThemeAppProperties () returned 0x3
[0211.426] GetFocus () returned 0x1902d8
[0211.426] IsAppThemed () returned 0x1
[0211.426] GetThemeAppProperties () returned 0x3
[0211.426] GetThemeAppProperties () returned 0x3
[0211.426] IsAppThemed () returned 0x1
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] IsThemePartDefined () returned 0x1
[0211.427] IsAppThemed () returned 0x1
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.427] IsAppThemed () returned 0x1
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] IsAppThemed () returned 0x1
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] GetThemeAppProperties () returned 0x3
[0211.427] IsThemePartDefined () returned 0x1
[0211.427] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0211.427] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0211.427] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0211.427] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0211.427] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dff0) returned 0x0
[0211.427] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.428] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0211.428] LocalFree (hMem=0x11ee868) returned 0x0
[0211.428] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0211.428] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eecc8) returned 0x0
[0211.428] LocalFree (hMem=0x11eecc8) returned 0x0
[0211.428] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0211.428] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e018) returned 0x0
[0211.428] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e008) returned 0x0
[0211.428] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0211.428] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0211.428] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0211.428] GetCurrentObject (hdc=0xc10107bb, type=0x1) returned 0xb00017
[0211.428] GetCurrentObject (hdc=0xc10107bb, type=0x2) returned 0x900010
[0211.428] GetCurrentObject (hdc=0xc10107bb, type=0x7) returned 0x4a0507fe
[0211.428] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.428] SaveDC (hdc=0xc10107bb) returned 1
[0211.429] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x260407de
[0211.429] GetClipRgn (hdc=0xc10107bb, hrgn=0x260407de) returned 0
[0211.429] SelectClipRgn (hdc=0xc10107bb, hrgn=0xa2040807) returned 2
[0211.429] DeleteObject (ho=0x260407de) returned 1
[0211.429] DeleteObject (ho=0xa2040807) returned 1
[0211.429] OffsetViewportOrgEx (in: hdc=0xc10107bb, x=0, y=0, lppt=0x2cf3bb8 | out: lppt=0x2cf3bb8) returned 1
[0211.429] DrawThemeParentBackground () returned 0x0
[0211.429] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0211.429] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0211.429] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.429] GetSystemMetrics (nIndex=42) returned 0
[0211.429] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0211.430] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0211.430] GetCurrentObject (hdc=0xc10107bb, type=0x1) returned 0xb00017
[0211.430] GetCurrentObject (hdc=0xc10107bb, type=0x2) returned 0x900010
[0211.430] GetCurrentObject (hdc=0xc10107bb, type=0x7) returned 0x4a0507fe
[0211.430] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.430] SaveDC (hdc=0xc10107bb) returned 2
[0211.430] GetNearestColor (hdc=0xc10107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.430] CreateSolidBrush (color=0xf0f0f0) returned 0x131007e1
[0211.430] FillRect (hDC=0xc10107bb, lprc=0xd7da38, hbr=0x131007e1) returned 1
[0211.430] DeleteObject (ho=0x131007e1) returned 1
[0211.430] RestoreDC (hdc=0xc10107bb, nSavedDC=-1) returned 1
[0211.430] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.430] GetSystemMetrics (nIndex=42) returned 0
[0211.430] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.431] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0211.431] GetCurrentObject (hdc=0xc10107bb, type=0x1) returned 0xb00017
[0211.431] GetCurrentObject (hdc=0xc10107bb, type=0x2) returned 0x900010
[0211.431] GetCurrentObject (hdc=0xc10107bb, type=0x7) returned 0x4a0507fe
[0211.431] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.431] SaveDC (hdc=0xc10107bb) returned 2
[0211.431] GetNearestColor (hdc=0xc10107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.431] CreateSolidBrush (color=0xf0f0f0) returned 0x141007e1
[0211.431] FillRect (hDC=0xc10107bb, lprc=0xd7d9d8, hbr=0x141007e1) returned 1
[0211.431] DeleteObject (ho=0x141007e1) returned 1
[0211.431] RestoreDC (hdc=0xc10107bb, nSavedDC=-1) returned 1
[0211.431] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.431] GetSystemMetrics (nIndex=42) returned 0
[0211.431] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.432] RestoreDC (hdc=0xc10107bb, nSavedDC=-1) returned 1
[0211.432] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107bb) returned 0x0
[0211.432] IsAppThemed () returned 0x1
[0211.432] GetThemeAppProperties () returned 0x3
[0211.432] GetThemeAppProperties () returned 0x3
[0211.432] IsAppThemed () returned 0x1
[0211.432] GetThemeAppProperties () returned 0x3
[0211.432] GetThemeAppProperties () returned 0x3
[0211.432] IsThemePartDefined () returned 0x1
[0211.432] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0211.432] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0211.432] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0211.432] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0211.432] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0211.432] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0211.432] LocalFree (hMem=0x11ee9f0) returned 0x0
[0211.432] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0211.432] LocalFree (hMem=0x11eec58) returned 0x0
[0211.433] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0211.433] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0211.433] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0211.433] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0211.433] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0211.433] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0211.433] GetCurrentObject (hdc=0xc10107bb, type=0x1) returned 0xb00017
[0211.433] GetCurrentObject (hdc=0xc10107bb, type=0x2) returned 0x900010
[0211.433] GetCurrentObject (hdc=0xc10107bb, type=0x7) returned 0x4a0507fe
[0211.433] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.433] SaveDC (hdc=0xc10107bb) returned 1
[0211.433] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa3040807
[0211.433] GetClipRgn (hdc=0xc10107bb, hrgn=0xa3040807) returned 0
[0211.433] SelectClipRgn (hdc=0xc10107bb, hrgn=0x280407de) returned 2
[0211.433] DeleteObject (ho=0xa3040807) returned 1
[0211.433] DeleteObject (ho=0x280407de) returned 1
[0211.433] OffsetViewportOrgEx (in: hdc=0xc10107bb, x=0, y=0, lppt=0x2cf4464 | out: lppt=0x2cf4464) returned 1
[0211.433] IsAppThemed () returned 0x1
[0211.433] GetThemeAppProperties () returned 0x3
[0211.433] GetThemeAppProperties () returned 0x3
[0211.433] DrawThemeBackground () returned 0x0
[0211.434] RestoreDC (hdc=0xc10107bb, nSavedDC=-1) returned 1
[0211.434] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107bb) returned 0x0
[0211.434] GdipCreateRegion (region=0xd7df60) returned 0x0
[0211.434] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0211.434] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0211.434] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0211.434] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0211.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.434] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0211.434] LocalFree (hMem=0x11ee868) returned 0x0
[0211.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.434] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0211.434] LocalFree (hMem=0x11ee868) returned 0x0
[0211.434] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0211.434] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0211.434] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7df90) returned 0x0
[0211.435] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0211.435] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0211.435] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0211.435] GetCurrentObject (hdc=0xc10107bb, type=0x1) returned 0xb00017
[0211.435] GetCurrentObject (hdc=0xc10107bb, type=0x2) returned 0x900010
[0211.435] GetCurrentObject (hdc=0xc10107bb, type=0x7) returned 0x4a0507fe
[0211.435] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.435] SaveDC (hdc=0xc10107bb) returned 1
[0211.435] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x290407de
[0211.435] GetClipRgn (hdc=0xc10107bb, hrgn=0x290407de) returned 0
[0211.435] SelectClipRgn (hdc=0xc10107bb, hrgn=0xa4040807) returned 2
[0211.435] DeleteObject (ho=0x290407de) returned 1
[0211.436] DeleteObject (ho=0xa4040807) returned 1
[0211.436] OffsetViewportOrgEx (in: hdc=0xc10107bb, x=0, y=0, lppt=0x2cf4738 | out: lppt=0x2cf4738) returned 1
[0211.436] IsAppThemed () returned 0x1
[0211.436] GetThemeAppProperties () returned 0x3
[0211.436] GetThemeAppProperties () returned 0x3
[0211.436] GetThemeBackgroundContentRect () returned 0x0
[0211.436] RestoreDC (hdc=0xc10107bb, nSavedDC=-1) returned 1
[0211.436] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107bb) returned 0x0
[0211.436] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0211.436] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0211.436] GdipCloneRegion (region=0x6646b98, cloneRegion=0xd7e150) returned 0x0
[0211.436] GdipCombineRegionRectI (region=0x6646dd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0211.436] GdipCombineRegionRectI (region=0x6646dd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0211.436] GdipSetClipRegion (graphics=0x6600030, region=0x6646dd8, combineMode=0x0) returned 0x0
[0211.436] GdipGetImageWidth (image=0x664f790, width=0xd7e154) returned 0x0
[0211.436] GdipGetImageHeight (image=0x664f790, height=0xd7e148) returned 0x0
[0211.436] GdipDrawImageRectI (graphics=0x6600030, image=0x664f790, x=4, y=4, width=16, height=16) returned 0x0
[0211.437] GdipSetClipRegion (graphics=0x6600030, region=0x6646b98, combineMode=0x0) returned 0x0
[0211.437] IsAppThemed () returned 0x1
[0211.437] GetThemeAppProperties () returned 0x3
[0211.437] GetThemeAppProperties () returned 0x3
[0211.437] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0211.437] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0211.437] GetCurrentObject (hdc=0xc10107bb, type=0x1) returned 0xb00017
[0211.437] GetCurrentObject (hdc=0xc10107bb, type=0x2) returned 0x900010
[0211.437] GetCurrentObject (hdc=0xc10107bb, type=0x7) returned 0x4a0507fe
[0211.437] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.437] SaveDC (hdc=0xc10107bb) returned 1
[0211.437] GetTextAlign (hdc=0xc10107bb) returned 0x0
[0211.437] GetTextColor (hdc=0xc10107bb) returned 0x0
[0211.437] GetCurrentObject (hdc=0xc10107bb, type=0x6) returned 0x8a01c2
[0211.437] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0211.438] SelectObject (hdc=0xc10107bb, h=0x6d0a0520) returned 0x8a01c2
[0211.438] GetBkMode (hdc=0xc10107bb) returned 2
[0211.438] SetBkMode (hdc=0xc10107bb, mode=1) returned 2
[0211.438] DrawTextExW (in: hdc=0xc10107bb, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2cf4af8 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0211.438] DrawTextExW (in: hdc=0xc10107bb, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cf4af8 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0211.438] RestoreDC (hdc=0xc10107bb, nSavedDC=-1) returned 1
[0211.438] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107bb) returned 0x0
[0211.438] GetFocus () returned 0x1902d8
[0211.439] IsAppThemed () returned 0x1
[0211.439] GetThemeAppProperties () returned 0x3
[0211.439] GetThemeAppProperties () returned 0x3
[0211.439] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0211.439] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xc10107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.439] GdipReleaseDC (graphics=0x6600030, hdc=0xc10107bb) returned 0x0
[0211.439] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.439] SelectObject (hdc=0xc10107bb, h=0x85000f) returned 0x4a0507fe
[0211.439] DeleteDC (hdc=0xc10107bb) returned 1
[0211.439] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.439] EndPaint (hWnd=0x1902d8, lpPaint=0xd7e24c) returned 1
[0211.440] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.440] IsWindowUnicode (hWnd=0x1102c8) returned 1
[0211.440] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.440] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.440] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.440] BeginPaint (in: hWnd=0x1102c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0211.440] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.440] CreateCompatibleDC (hdc=0xc0107c5) returned 0xc30107bb
[0211.440] SelectObject (hdc=0xc30107bb, h=0x4a0507fe) returned 0x85000f
[0211.440] GdipCreateFromHDC (hdc=0xc30107bb, graphics=0xd7e268) returned 0x0
[0211.440] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.440] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0211.440] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0211.441] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0211.441] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0211.441] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.441] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0211.441] LocalFree (hMem=0x11eec58) returned 0x0
[0211.441] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0211.441] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0211.441] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0211.441] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0211.441] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0211.441] GdipRestoreGraphics (graphics=0x6600030, state=0xfa360dbd) returned 0x0
[0211.441] GdipDeleteRegion (region=0x6646298) returned 0x0
[0211.441] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0211.441] GetCurrentObject (hdc=0xc30107bb, type=0x1) returned 0xb00017
[0211.441] GetCurrentObject (hdc=0xc30107bb, type=0x2) returned 0x900010
[0211.441] GetCurrentObject (hdc=0xc30107bb, type=0x7) returned 0x4a0507fe
[0211.441] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.441] SaveDC (hdc=0xc30107bb) returned 1
[0211.441] GetNearestColor (hdc=0xc30107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0x696969) returned 0x696969
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0x0) returned 0x0
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0xffffff) returned 0xffffff
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0xe5e5e5) returned 0xe5e5e5
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0xd7d7d7) returned 0xd7d7d7
[0211.442] GetNearestColor (hdc=0xc30107bb, color=0x0) returned 0x0
[0211.442] RestoreDC (hdc=0xc30107bb, nSavedDC=-1) returned 1
[0211.442] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107bb) returned 0x0
[0211.442] IsAppThemed () returned 0x1
[0211.442] GetThemeAppProperties () returned 0x3
[0211.442] GetThemeAppProperties () returned 0x3
[0211.442] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0211.442] SendMessageW (hWnd=0x1702de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0211.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0211.442] IsAppThemed () returned 0x1
[0211.442] GetThemeAppProperties () returned 0x3
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2cf5308 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0211.443] IsAppThemed () returned 0x1
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] IsAppThemed () returned 0x1
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] GetFocus () returned 0x1902d8
[0211.443] IsAppThemed () returned 0x1
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] IsAppThemed () returned 0x1
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] GetThemeAppProperties () returned 0x3
[0211.443] IsThemePartDefined () returned 0x1
[0211.444] IsAppThemed () returned 0x1
[0211.444] GetThemeAppProperties () returned 0x3
[0211.444] GetThemeAppProperties () returned 0x3
[0211.444] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.444] IsAppThemed () returned 0x1
[0211.444] GetThemeAppProperties () returned 0x3
[0211.444] GetThemeAppProperties () returned 0x3
[0211.444] IsAppThemed () returned 0x1
[0211.444] GetThemeAppProperties () returned 0x3
[0211.444] GetThemeAppProperties () returned 0x3
[0211.444] IsThemePartDefined () returned 0x1
[0211.444] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0211.444] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0211.444] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0211.444] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0211.444] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dff0) returned 0x0
[0211.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.444] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0211.444] LocalFree (hMem=0x11ee868) returned 0x0
[0211.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0211.444] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0211.444] LocalFree (hMem=0x11ee9f0) returned 0x0
[0211.444] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0211.444] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e018) returned 0x0
[0211.444] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e008) returned 0x0
[0211.445] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0211.445] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0211.445] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0211.445] GetCurrentObject (hdc=0xc30107bb, type=0x1) returned 0xb00017
[0211.445] GetCurrentObject (hdc=0xc30107bb, type=0x2) returned 0x900010
[0211.445] GetCurrentObject (hdc=0xc30107bb, type=0x7) returned 0x4a0507fe
[0211.445] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.445] SaveDC (hdc=0xc30107bb) returned 1
[0211.445] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa5040807
[0211.445] GetClipRgn (hdc=0xc30107bb, hrgn=0xa5040807) returned 0
[0211.445] SelectClipRgn (hdc=0xc30107bb, hrgn=0x2d0407de) returned 2
[0211.445] DeleteObject (ho=0xa5040807) returned 1
[0211.445] DeleteObject (ho=0x2d0407de) returned 1
[0211.445] OffsetViewportOrgEx (in: hdc=0xc30107bb, x=0, y=0, lppt=0x2cf59b8 | out: lppt=0x2cf59b8) returned 1
[0211.445] DrawThemeParentBackground () returned 0x0
[0211.445] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0211.445] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0211.445] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.446] GetSystemMetrics (nIndex=42) returned 0
[0211.446] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0211.446] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0211.446] GetCurrentObject (hdc=0xc30107bb, type=0x1) returned 0xb00017
[0211.446] GetCurrentObject (hdc=0xc30107bb, type=0x2) returned 0x900010
[0211.446] GetCurrentObject (hdc=0xc30107bb, type=0x7) returned 0x4a0507fe
[0211.446] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.446] SaveDC (hdc=0xc30107bb) returned 2
[0211.446] GetNearestColor (hdc=0xc30107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.446] CreateSolidBrush (color=0xf0f0f0) returned 0x151007e1
[0211.446] FillRect (hDC=0xc30107bb, lprc=0xd7da38, hbr=0x151007e1) returned 1
[0211.446] DeleteObject (ho=0x151007e1) returned 1
[0211.446] RestoreDC (hdc=0xc30107bb, nSavedDC=-1) returned 1
[0211.446] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.446] GetSystemMetrics (nIndex=42) returned 0
[0211.446] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.446] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0211.446] GetCurrentObject (hdc=0xc30107bb, type=0x1) returned 0xb00017
[0211.447] GetCurrentObject (hdc=0xc30107bb, type=0x2) returned 0x900010
[0211.447] GetCurrentObject (hdc=0xc30107bb, type=0x7) returned 0x4a0507fe
[0211.447] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.447] SaveDC (hdc=0xc30107bb) returned 2
[0211.447] GetNearestColor (hdc=0xc30107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.447] CreateSolidBrush (color=0xf0f0f0) returned 0x161007e1
[0211.447] FillRect (hDC=0xc30107bb, lprc=0xd7d9d8, hbr=0x161007e1) returned 1
[0211.447] DeleteObject (ho=0x161007e1) returned 1
[0211.447] RestoreDC (hdc=0xc30107bb, nSavedDC=-1) returned 1
[0211.447] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.447] GetSystemMetrics (nIndex=42) returned 0
[0211.447] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.447] RestoreDC (hdc=0xc30107bb, nSavedDC=-1) returned 1
[0211.447] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107bb) returned 0x0
[0211.447] IsAppThemed () returned 0x1
[0211.448] GetThemeAppProperties () returned 0x3
[0211.448] GetThemeAppProperties () returned 0x3
[0211.448] IsAppThemed () returned 0x1
[0211.448] GetThemeAppProperties () returned 0x3
[0211.448] GetThemeAppProperties () returned 0x3
[0211.448] IsThemePartDefined () returned 0x1
[0211.448] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0211.448] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0211.448] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0211.448] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0211.448] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0211.448] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0211.448] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0211.448] LocalFree (hMem=0x11eecc8) returned 0x0
[0211.448] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.448] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0211.448] LocalFree (hMem=0x11eec58) returned 0x0
[0211.448] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0211.448] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0211.448] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0211.448] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0211.448] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0211.448] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0211.449] GetCurrentObject (hdc=0xc30107bb, type=0x1) returned 0xb00017
[0211.449] GetCurrentObject (hdc=0xc30107bb, type=0x2) returned 0x900010
[0211.449] GetCurrentObject (hdc=0xc30107bb, type=0x7) returned 0x4a0507fe
[0211.449] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.449] SaveDC (hdc=0xc30107bb) returned 1
[0211.449] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e0407de
[0211.449] GetClipRgn (hdc=0xc30107bb, hrgn=0x2e0407de) returned 0
[0211.449] SelectClipRgn (hdc=0xc30107bb, hrgn=0xa7040807) returned 2
[0211.449] DeleteObject (ho=0x2e0407de) returned 1
[0211.449] DeleteObject (ho=0xa7040807) returned 1
[0211.449] OffsetViewportOrgEx (in: hdc=0xc30107bb, x=0, y=0, lppt=0x2cf6264 | out: lppt=0x2cf6264) returned 1
[0211.449] IsAppThemed () returned 0x1
[0211.449] GetThemeAppProperties () returned 0x3
[0211.449] GetThemeAppProperties () returned 0x3
[0211.449] DrawThemeBackground () returned 0x0
[0211.449] RestoreDC (hdc=0xc30107bb, nSavedDC=-1) returned 1
[0211.449] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107bb) returned 0x0
[0211.449] GdipCreateRegion (region=0xd7df60) returned 0x0
[0211.449] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0211.449] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0211.450] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0211.450] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0211.450] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0211.450] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0211.450] LocalFree (hMem=0x11eed00) returned 0x0
[0211.450] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.450] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0211.450] LocalFree (hMem=0x11eec58) returned 0x0
[0211.450] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0211.450] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0211.457] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0211.457] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0211.457] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0211.457] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0211.457] GetCurrentObject (hdc=0xc30107bb, type=0x1) returned 0xb00017
[0211.457] GetCurrentObject (hdc=0xc30107bb, type=0x2) returned 0x900010
[0211.457] GetCurrentObject (hdc=0xc30107bb, type=0x7) returned 0x4a0507fe
[0211.457] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.457] SaveDC (hdc=0xc30107bb) returned 1
[0211.457] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa8040807
[0211.457] GetClipRgn (hdc=0xc30107bb, hrgn=0xa8040807) returned 0
[0211.457] SelectClipRgn (hdc=0xc30107bb, hrgn=0x2f0407de) returned 2
[0211.458] DeleteObject (ho=0xa8040807) returned 1
[0211.458] DeleteObject (ho=0x2f0407de) returned 1
[0211.458] OffsetViewportOrgEx (in: hdc=0xc30107bb, x=0, y=0, lppt=0x2cf6538 | out: lppt=0x2cf6538) returned 1
[0211.458] IsAppThemed () returned 0x1
[0211.458] GetThemeAppProperties () returned 0x3
[0211.458] GetThemeAppProperties () returned 0x3
[0211.458] GetThemeBackgroundContentRect () returned 0x0
[0211.458] RestoreDC (hdc=0xc30107bb, nSavedDC=-1) returned 1
[0211.458] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107bb) returned 0x0
[0211.458] IsAppThemed () returned 0x1
[0211.458] GetThemeAppProperties () returned 0x3
[0211.458] GetThemeAppProperties () returned 0x3
[0211.458] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0211.458] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0211.458] GetCurrentObject (hdc=0xc30107bb, type=0x1) returned 0xb00017
[0211.458] GetCurrentObject (hdc=0xc30107bb, type=0x2) returned 0x900010
[0211.458] GetCurrentObject (hdc=0xc30107bb, type=0x7) returned 0x4a0507fe
[0211.458] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.458] SaveDC (hdc=0xc30107bb) returned 1
[0211.459] GetTextAlign (hdc=0xc30107bb) returned 0x0
[0211.459] GetTextColor (hdc=0xc30107bb) returned 0x0
[0211.459] GetCurrentObject (hdc=0xc30107bb, type=0x6) returned 0x8a01c2
[0211.459] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0211.459] SelectObject (hdc=0xc30107bb, h=0x6d0a0520) returned 0x8a01c2
[0211.459] GetBkMode (hdc=0xc30107bb) returned 2
[0211.459] SetBkMode (hdc=0xc30107bb, mode=1) returned 2
[0211.459] DrawTextExW (in: hdc=0xc30107bb, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2cf68d8 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0211.459] DrawTextExW (in: hdc=0xc30107bb, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cf68d8 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0211.460] RestoreDC (hdc=0xc30107bb, nSavedDC=-1) returned 1
[0211.460] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107bb) returned 0x0
[0211.460] GetFocus () returned 0x1902d8
[0211.460] IsAppThemed () returned 0x1
[0211.460] GetThemeAppProperties () returned 0x3
[0211.460] GetThemeAppProperties () returned 0x3
[0211.460] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0211.460] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xc30107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.460] GdipReleaseDC (graphics=0x6600030, hdc=0xc30107bb) returned 0x0
[0211.460] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.460] SelectObject (hdc=0xc30107bb, h=0x85000f) returned 0x4a0507fe
[0211.460] DeleteDC (hdc=0xc30107bb) returned 1
[0211.460] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.460] EndPaint (hWnd=0x1102c8, lpPaint=0xd7e24c) returned 1
[0211.460] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.461] IsWindowUnicode (hWnd=0x1a00ea) returned 1
[0211.461] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.461] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.461] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.461] BeginPaint (in: hWnd=0x1a00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0211.461] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.461] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc50107bb
[0211.461] SelectObject (hdc=0xc50107bb, h=0x4a0507fe) returned 0x85000f
[0211.461] GdipCreateFromHDC (hdc=0xc50107bb, graphics=0xd7e268) returned 0x0
[0211.461] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.461] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0211.461] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0211.461] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0211.461] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0211.461] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.462] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0211.462] LocalFree (hMem=0x11eec58) returned 0x0
[0211.462] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0211.462] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0211.462] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0211.462] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0211.462] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0211.462] GdipRestoreGraphics (graphics=0x6600030, state=0xfa340dbd) returned 0x0
[0211.462] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0211.462] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0211.462] GetCurrentObject (hdc=0xc50107bb, type=0x1) returned 0xb00017
[0211.462] GetCurrentObject (hdc=0xc50107bb, type=0x2) returned 0x900010
[0211.462] GetCurrentObject (hdc=0xc50107bb, type=0x7) returned 0x4a0507fe
[0211.462] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.462] SaveDC (hdc=0xc50107bb) returned 1
[0211.462] GetNearestColor (hdc=0xc50107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.462] GetNearestColor (hdc=0xc50107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.462] GetNearestColor (hdc=0xc50107bb, color=0x696969) returned 0x696969
[0211.462] GetNearestColor (hdc=0xc50107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.462] GetNearestColor (hdc=0xc50107bb, color=0x0) returned 0x0
[0211.463] GetNearestColor (hdc=0xc50107bb, color=0xffffff) returned 0xffffff
[0211.463] GetNearestColor (hdc=0xc50107bb, color=0xe5e5e5) returned 0xe5e5e5
[0211.463] GetNearestColor (hdc=0xc50107bb, color=0xd7d7d7) returned 0xd7d7d7
[0211.463] GetNearestColor (hdc=0xc50107bb, color=0x0) returned 0x0
[0211.463] RestoreDC (hdc=0xc50107bb, nSavedDC=-1) returned 1
[0211.463] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107bb) returned 0x0
[0211.463] IsAppThemed () returned 0x1
[0211.463] GetThemeAppProperties () returned 0x3
[0211.463] GetThemeAppProperties () returned 0x3
[0211.463] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0211.463] SendMessageW (hWnd=0x1702de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0211.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0211.463] IsAppThemed () returned 0x1
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2cf70e8 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0211.464] IsAppThemed () returned 0x1
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] IsAppThemed () returned 0x1
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] GetFocus () returned 0x1902d8
[0211.464] IsAppThemed () returned 0x1
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] IsAppThemed () returned 0x1
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] IsThemePartDefined () returned 0x1
[0211.464] IsAppThemed () returned 0x1
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] GetThemeAppProperties () returned 0x3
[0211.464] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.464] IsAppThemed () returned 0x1
[0211.465] GetThemeAppProperties () returned 0x3
[0211.465] GetThemeAppProperties () returned 0x3
[0211.465] IsAppThemed () returned 0x1
[0211.465] GetThemeAppProperties () returned 0x3
[0211.465] GetThemeAppProperties () returned 0x3
[0211.465] IsThemePartDefined () returned 0x1
[0211.465] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0211.465] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0211.465] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0211.465] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0211.465] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0211.465] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0211.465] LocalFree (hMem=0x11ee868) returned 0x0
[0211.465] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eead0) returned 0x0
[0211.465] LocalFree (hMem=0x11eead0) returned 0x0
[0211.465] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0211.465] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0211.465] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0211.465] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0211.465] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0211.465] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0211.465] GetCurrentObject (hdc=0xc50107bb, type=0x1) returned 0xb00017
[0211.466] GetCurrentObject (hdc=0xc50107bb, type=0x2) returned 0x900010
[0211.466] GetCurrentObject (hdc=0xc50107bb, type=0x7) returned 0x4a0507fe
[0211.467] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.467] SaveDC (hdc=0xc50107bb) returned 1
[0211.467] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x300407de
[0211.467] GetClipRgn (hdc=0xc50107bb, hrgn=0x300407de) returned 0
[0211.467] SelectClipRgn (hdc=0xc50107bb, hrgn=0xac040807) returned 2
[0211.467] DeleteObject (ho=0x300407de) returned 1
[0211.467] DeleteObject (ho=0xac040807) returned 1
[0211.467] OffsetViewportOrgEx (in: hdc=0xc50107bb, x=0, y=0, lppt=0x2cf7798 | out: lppt=0x2cf7798) returned 1
[0211.467] DrawThemeParentBackground () returned 0x0
[0211.467] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0211.467] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0211.467] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.467] GetSystemMetrics (nIndex=42) returned 0
[0211.467] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0211.468] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0211.468] GetCurrentObject (hdc=0xc50107bb, type=0x1) returned 0xb00017
[0211.468] GetCurrentObject (hdc=0xc50107bb, type=0x2) returned 0x900010
[0211.468] GetCurrentObject (hdc=0xc50107bb, type=0x7) returned 0x4a0507fe
[0211.468] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.468] SaveDC (hdc=0xc50107bb) returned 2
[0211.468] GetNearestColor (hdc=0xc50107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.468] CreateSolidBrush (color=0xf0f0f0) returned 0x171007e1
[0211.468] FillRect (hDC=0xc50107bb, lprc=0xd7da38, hbr=0x171007e1) returned 1
[0211.468] DeleteObject (ho=0x171007e1) returned 1
[0211.468] RestoreDC (hdc=0xc50107bb, nSavedDC=-1) returned 1
[0211.468] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.468] GetSystemMetrics (nIndex=42) returned 0
[0211.468] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.468] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0211.468] GetCurrentObject (hdc=0xc50107bb, type=0x1) returned 0xb00017
[0211.468] GetCurrentObject (hdc=0xc50107bb, type=0x2) returned 0x900010
[0211.469] GetCurrentObject (hdc=0xc50107bb, type=0x7) returned 0x4a0507fe
[0211.469] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.469] SaveDC (hdc=0xc50107bb) returned 2
[0211.469] GetNearestColor (hdc=0xc50107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.469] CreateSolidBrush (color=0xf0f0f0) returned 0x181007e1
[0211.469] FillRect (hDC=0xc50107bb, lprc=0xd7d9d8, hbr=0x181007e1) returned 1
[0211.469] DeleteObject (ho=0x181007e1) returned 1
[0211.469] RestoreDC (hdc=0xc50107bb, nSavedDC=-1) returned 1
[0211.469] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.469] GetSystemMetrics (nIndex=42) returned 0
[0211.469] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.469] RestoreDC (hdc=0xc50107bb, nSavedDC=-1) returned 1
[0211.469] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107bb) returned 0x0
[0211.469] IsAppThemed () returned 0x1
[0211.469] GetThemeAppProperties () returned 0x3
[0211.469] GetThemeAppProperties () returned 0x3
[0211.470] IsAppThemed () returned 0x1
[0211.470] GetThemeAppProperties () returned 0x3
[0211.470] GetThemeAppProperties () returned 0x3
[0211.470] IsThemePartDefined () returned 0x1
[0211.470] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0211.470] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0211.470] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0211.470] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0211.470] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0211.470] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.470] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0211.470] LocalFree (hMem=0x11eec58) returned 0x0
[0211.470] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0211.470] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0211.470] LocalFree (hMem=0x11ee9f0) returned 0x0
[0211.470] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0211.470] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0211.470] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0211.470] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0211.470] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0211.470] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0211.470] GetCurrentObject (hdc=0xc50107bb, type=0x1) returned 0xb00017
[0211.470] GetCurrentObject (hdc=0xc50107bb, type=0x2) returned 0x900010
[0211.470] GetCurrentObject (hdc=0xc50107bb, type=0x7) returned 0x4a0507fe
[0211.471] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.471] SaveDC (hdc=0xc50107bb) returned 1
[0211.471] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xad040807
[0211.471] GetClipRgn (hdc=0xc50107bb, hrgn=0xad040807) returned 0
[0211.471] SelectClipRgn (hdc=0xc50107bb, hrgn=0x320407de) returned 2
[0211.471] DeleteObject (ho=0xad040807) returned 1
[0211.471] DeleteObject (ho=0x320407de) returned 1
[0211.471] OffsetViewportOrgEx (in: hdc=0xc50107bb, x=0, y=0, lppt=0x2cf8044 | out: lppt=0x2cf8044) returned 1
[0211.471] IsAppThemed () returned 0x1
[0211.471] GetThemeAppProperties () returned 0x3
[0211.471] GetThemeAppProperties () returned 0x3
[0211.471] DrawThemeBackground () returned 0x0
[0211.471] RestoreDC (hdc=0xc50107bb, nSavedDC=-1) returned 1
[0211.471] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107bb) returned 0x0
[0211.471] GdipCreateRegion (region=0xd7df60) returned 0x0
[0211.471] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0211.471] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0211.471] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0211.471] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0211.472] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.472] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0211.472] LocalFree (hMem=0x11eec58) returned 0x0
[0211.472] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.472] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0211.472] LocalFree (hMem=0x11ee868) returned 0x0
[0211.472] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0211.472] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0211.472] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0211.472] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0211.472] GdipDeleteRegion (region=0x6646448) returned 0x0
[0211.472] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0211.472] GetCurrentObject (hdc=0xc50107bb, type=0x1) returned 0xb00017
[0211.472] GetCurrentObject (hdc=0xc50107bb, type=0x2) returned 0x900010
[0211.472] GetCurrentObject (hdc=0xc50107bb, type=0x7) returned 0x4a0507fe
[0211.472] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.472] SaveDC (hdc=0xc50107bb) returned 1
[0211.472] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x330407de
[0211.472] GetClipRgn (hdc=0xc50107bb, hrgn=0x330407de) returned 0
[0211.472] SelectClipRgn (hdc=0xc50107bb, hrgn=0xae040807) returned 2
[0211.472] DeleteObject (ho=0x330407de) returned 1
[0211.472] DeleteObject (ho=0xae040807) returned 1
[0211.473] OffsetViewportOrgEx (in: hdc=0xc50107bb, x=0, y=0, lppt=0x2cf8318 | out: lppt=0x2cf8318) returned 1
[0211.473] IsAppThemed () returned 0x1
[0211.473] GetThemeAppProperties () returned 0x3
[0211.473] GetThemeAppProperties () returned 0x3
[0211.473] GetThemeBackgroundContentRect () returned 0x0
[0211.473] RestoreDC (hdc=0xc50107bb, nSavedDC=-1) returned 1
[0211.473] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107bb) returned 0x0
[0211.473] IsAppThemed () returned 0x1
[0211.473] GetThemeAppProperties () returned 0x3
[0211.473] GetThemeAppProperties () returned 0x3
[0211.473] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0211.473] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0211.473] GetCurrentObject (hdc=0xc50107bb, type=0x1) returned 0xb00017
[0211.473] GetCurrentObject (hdc=0xc50107bb, type=0x2) returned 0x900010
[0211.473] GetCurrentObject (hdc=0xc50107bb, type=0x7) returned 0x4a0507fe
[0211.473] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.473] SaveDC (hdc=0xc50107bb) returned 1
[0211.473] GetTextAlign (hdc=0xc50107bb) returned 0x0
[0211.473] GetTextColor (hdc=0xc50107bb) returned 0x0
[0211.473] GetCurrentObject (hdc=0xc50107bb, type=0x6) returned 0x8a01c2
[0211.474] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0211.474] SelectObject (hdc=0xc50107bb, h=0x6d0a0520) returned 0x8a01c2
[0211.474] GetBkMode (hdc=0xc50107bb) returned 2
[0211.474] SetBkMode (hdc=0xc50107bb, mode=1) returned 2
[0211.474] DrawTextExW (in: hdc=0xc50107bb, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2cf86b8 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0211.474] DrawTextExW (in: hdc=0xc50107bb, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cf86b8 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0211.474] RestoreDC (hdc=0xc50107bb, nSavedDC=-1) returned 1
[0211.474] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107bb) returned 0x0
[0211.474] GetFocus () returned 0x1902d8
[0211.476] IsAppThemed () returned 0x1
[0211.476] GetThemeAppProperties () returned 0x3
[0211.476] GetThemeAppProperties () returned 0x3
[0211.476] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0211.476] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xc50107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.477] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107bb) returned 0x0
[0211.477] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.477] SelectObject (hdc=0xc50107bb, h=0x85000f) returned 0x4a0507fe
[0211.477] DeleteDC (hdc=0xc50107bb) returned 1
[0211.477] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.477] EndPaint (hWnd=0x1a00ea, lpPaint=0xd7e24c) returned 1
[0211.477] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.477] IsWindowUnicode (hWnd=0x1102c8) returned 1
[0211.477] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.478] SetCursor (hCursor=0x10003) returned 0x10003
[0211.478] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.478] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.478] _TrackMouseEvent (in: lpEventTrack=0x2cf87b4 | out: lpEventTrack=0x2cf87b4) returned 1
[0211.478] SendMessageW (hWnd=0x1102c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0211.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0211.478] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.478] GetKeyState (nVirtKey=1) returned 0
[0211.478] GetKeyState (nVirtKey=2) returned 0
[0211.478] GetKeyState (nVirtKey=4) returned 0
[0211.478] GetKeyState (nVirtKey=5) returned 0
[0211.478] GetKeyState (nVirtKey=6) returned 0
[0211.478] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.478] IsWindowUnicode (hWnd=0x1102c8) returned 1
[0211.478] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.478] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.478] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.478] BeginPaint (in: hWnd=0x1102c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0211.479] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.479] CreateCompatibleDC (hdc=0xc0107c5) returned 0xc60107bb
[0211.479] SelectObject (hdc=0xc60107bb, h=0x4a0507fe) returned 0x85000f
[0211.479] GdipCreateFromHDC (hdc=0xc60107bb, graphics=0xd7e268) returned 0x0
[0211.479] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.479] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0211.479] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0211.479] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0211.479] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0211.479] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.479] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0211.479] LocalFree (hMem=0x11eec58) returned 0x0
[0211.479] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0211.479] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0211.479] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0211.479] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0211.479] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0211.479] GdipRestoreGraphics (graphics=0x6600030, state=0xfa320dbd) returned 0x0
[0211.480] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0211.480] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0211.480] GetCurrentObject (hdc=0xc60107bb, type=0x1) returned 0xb00017
[0211.480] GetCurrentObject (hdc=0xc60107bb, type=0x2) returned 0x900010
[0211.480] GetCurrentObject (hdc=0xc60107bb, type=0x7) returned 0x4a0507fe
[0211.480] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.480] SaveDC (hdc=0xc60107bb) returned 1
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0x696969) returned 0x696969
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0xa0a0a0) returned 0xa0a0a0
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0x0) returned 0x0
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0xffffff) returned 0xffffff
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0xe5e5e5) returned 0xe5e5e5
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0xd7d7d7) returned 0xd7d7d7
[0211.480] GetNearestColor (hdc=0xc60107bb, color=0x0) returned 0x0
[0211.480] RestoreDC (hdc=0xc60107bb, nSavedDC=-1) returned 1
[0211.480] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107bb) returned 0x0
[0211.481] IsAppThemed () returned 0x1
[0211.481] GetThemeAppProperties () returned 0x3
[0211.481] GetThemeAppProperties () returned 0x3
[0211.481] IsAppThemed () returned 0x1
[0211.481] GetThemeAppProperties () returned 0x3
[0211.481] GetThemeAppProperties () returned 0x3
[0211.481] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2cf8f14 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0211.481] IsAppThemed () returned 0x1
[0211.481] GetThemeAppProperties () returned 0x3
[0211.486] GetThemeAppProperties () returned 0x3
[0211.486] IsAppThemed () returned 0x1
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] IsAppThemed () returned 0x1
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] IsAppThemed () returned 0x1
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] IsThemePartDefined () returned 0x1
[0211.487] IsAppThemed () returned 0x1
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.487] IsAppThemed () returned 0x1
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] IsAppThemed () returned 0x1
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] GetThemeAppProperties () returned 0x3
[0211.487] IsThemePartDefined () returned 0x1
[0211.487] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0211.487] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0211.487] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0211.487] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0211.488] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfe4) returned 0x0
[0211.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.488] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0211.488] LocalFree (hMem=0x11eec58) returned 0x0
[0211.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.488] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0211.488] LocalFree (hMem=0x11eec58) returned 0x0
[0211.488] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0211.488] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0211.488] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0211.488] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0211.488] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0211.488] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0211.488] GetCurrentObject (hdc=0xc60107bb, type=0x1) returned 0xb00017
[0211.488] GetCurrentObject (hdc=0xc60107bb, type=0x2) returned 0x900010
[0211.488] GetCurrentObject (hdc=0xc60107bb, type=0x7) returned 0x4a0507fe
[0211.488] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.488] SaveDC (hdc=0xc60107bb) returned 1
[0211.488] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xaf040807
[0211.488] GetClipRgn (hdc=0xc60107bb, hrgn=0xaf040807) returned 0
[0211.488] SelectClipRgn (hdc=0xc60107bb, hrgn=0x370407de) returned 2
[0211.489] DeleteObject (ho=0xaf040807) returned 1
[0211.489] DeleteObject (ho=0x370407de) returned 1
[0211.489] OffsetViewportOrgEx (in: hdc=0xc60107bb, x=0, y=0, lppt=0x2cf95c4 | out: lppt=0x2cf95c4) returned 1
[0211.489] DrawThemeParentBackground () returned 0x0
[0211.489] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0211.489] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0211.489] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.489] GetSystemMetrics (nIndex=42) returned 0
[0211.489] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0211.489] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0211.489] GetCurrentObject (hdc=0xc60107bb, type=0x1) returned 0xb00017
[0211.489] GetCurrentObject (hdc=0xc60107bb, type=0x2) returned 0x900010
[0211.489] GetCurrentObject (hdc=0xc60107bb, type=0x7) returned 0x4a0507fe
[0211.489] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.489] SaveDC (hdc=0xc60107bb) returned 2
[0211.489] GetNearestColor (hdc=0xc60107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.490] CreateSolidBrush (color=0xf0f0f0) returned 0x191007e1
[0211.490] FillRect (hDC=0xc60107bb, lprc=0xd7da30, hbr=0x191007e1) returned 1
[0211.490] DeleteObject (ho=0x191007e1) returned 1
[0211.490] RestoreDC (hdc=0xc60107bb, nSavedDC=-1) returned 1
[0211.490] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.490] GetSystemMetrics (nIndex=42) returned 0
[0211.490] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0211.490] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0211.490] GetCurrentObject (hdc=0xc60107bb, type=0x1) returned 0xb00017
[0211.490] GetCurrentObject (hdc=0xc60107bb, type=0x2) returned 0x900010
[0211.490] GetCurrentObject (hdc=0xc60107bb, type=0x7) returned 0x4a0507fe
[0211.490] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.490] SaveDC (hdc=0xc60107bb) returned 2
[0211.490] GetNearestColor (hdc=0xc60107bb, color=0xf0f0f0) returned 0xf0f0f0
[0211.490] CreateSolidBrush (color=0xf0f0f0) returned 0x1a1007e1
[0211.490] FillRect (hDC=0xc60107bb, lprc=0xd7d9d0, hbr=0x1a1007e1) returned 1
[0211.490] DeleteObject (ho=0x1a1007e1) returned 1
[0211.490] RestoreDC (hdc=0xc60107bb, nSavedDC=-1) returned 1
[0211.491] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.491] GetSystemMetrics (nIndex=42) returned 0
[0211.491] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0211.491] RestoreDC (hdc=0xc60107bb, nSavedDC=-1) returned 1
[0211.491] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107bb) returned 0x0
[0211.491] IsAppThemed () returned 0x1
[0211.491] GetThemeAppProperties () returned 0x3
[0211.491] GetThemeAppProperties () returned 0x3
[0211.491] IsAppThemed () returned 0x1
[0211.491] GetThemeAppProperties () returned 0x3
[0211.491] GetThemeAppProperties () returned 0x3
[0211.491] IsThemePartDefined () returned 0x1
[0211.491] GdipCreateRegion (region=0xd7df50) returned 0x0
[0211.491] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0211.491] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0211.491] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0211.491] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0211.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.491] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0211.492] LocalFree (hMem=0x11ee868) returned 0x0
[0211.492] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.492] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0211.492] LocalFree (hMem=0x11eec58) returned 0x0
[0211.492] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0211.492] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0211.492] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df80) returned 0x0
[0211.492] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0211.492] GdipDeleteRegion (region=0x6646448) returned 0x0
[0211.492] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0211.492] GetCurrentObject (hdc=0xc60107bb, type=0x1) returned 0xb00017
[0211.492] GetCurrentObject (hdc=0xc60107bb, type=0x2) returned 0x900010
[0211.492] GetCurrentObject (hdc=0xc60107bb, type=0x7) returned 0x4a0507fe
[0211.492] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.492] SaveDC (hdc=0xc60107bb) returned 1
[0211.492] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x380407de
[0211.492] GetClipRgn (hdc=0xc60107bb, hrgn=0x380407de) returned 0
[0211.492] SelectClipRgn (hdc=0xc60107bb, hrgn=0xb1040807) returned 2
[0211.492] DeleteObject (ho=0x380407de) returned 1
[0211.492] DeleteObject (ho=0xb1040807) returned 1
[0211.493] OffsetViewportOrgEx (in: hdc=0xc60107bb, x=0, y=0, lppt=0x2cf9e70 | out: lppt=0x2cf9e70) returned 1
[0211.493] IsAppThemed () returned 0x1
[0211.493] GetThemeAppProperties () returned 0x3
[0211.493] GetThemeAppProperties () returned 0x3
[0211.493] DrawThemeBackground () returned 0x0
[0211.493] RestoreDC (hdc=0xc60107bb, nSavedDC=-1) returned 1
[0211.493] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107bb) returned 0x0
[0211.493] GdipCreateRegion (region=0xd7df54) returned 0x0
[0211.493] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0211.493] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0211.493] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0211.493] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df6c) returned 0x0
[0211.493] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.493] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0211.493] LocalFree (hMem=0x11ee868) returned 0x0
[0211.493] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0211.493] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0211.493] LocalFree (hMem=0x11ee8d8) returned 0x0
[0211.493] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0211.493] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df94) returned 0x0
[0211.493] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df84) returned 0x0
[0211.493] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0211.494] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0211.494] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0211.494] GetCurrentObject (hdc=0xc60107bb, type=0x1) returned 0xb00017
[0211.494] GetCurrentObject (hdc=0xc60107bb, type=0x2) returned 0x900010
[0211.494] GetCurrentObject (hdc=0xc60107bb, type=0x7) returned 0x4a0507fe
[0211.494] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.494] SaveDC (hdc=0xc60107bb) returned 1
[0211.494] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb2040807
[0211.494] GetClipRgn (hdc=0xc60107bb, hrgn=0xb2040807) returned 0
[0211.494] SelectClipRgn (hdc=0xc60107bb, hrgn=0x390407de) returned 2
[0211.494] DeleteObject (ho=0xb2040807) returned 1
[0211.494] DeleteObject (ho=0x390407de) returned 1
[0211.494] OffsetViewportOrgEx (in: hdc=0xc60107bb, x=0, y=0, lppt=0x2cfa144 | out: lppt=0x2cfa144) returned 1
[0211.494] IsAppThemed () returned 0x1
[0211.494] GetThemeAppProperties () returned 0x3
[0211.494] GetThemeAppProperties () returned 0x3
[0211.494] GetThemeBackgroundContentRect () returned 0x0
[0211.494] RestoreDC (hdc=0xc60107bb, nSavedDC=-1) returned 1
[0211.494] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107bb) returned 0x0
[0211.494] IsAppThemed () returned 0x1
[0211.495] GetThemeAppProperties () returned 0x3
[0211.495] GetThemeAppProperties () returned 0x3
[0211.495] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0211.495] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0211.495] GetCurrentObject (hdc=0xc60107bb, type=0x1) returned 0xb00017
[0211.495] GetCurrentObject (hdc=0xc60107bb, type=0x2) returned 0x900010
[0211.495] GetCurrentObject (hdc=0xc60107bb, type=0x7) returned 0x4a0507fe
[0211.495] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.495] SaveDC (hdc=0xc60107bb) returned 1
[0211.495] GetTextAlign (hdc=0xc60107bb) returned 0x0
[0211.495] GetTextColor (hdc=0xc60107bb) returned 0x0
[0211.495] GetCurrentObject (hdc=0xc60107bb, type=0x6) returned 0x8a01c2
[0211.495] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0211.495] SelectObject (hdc=0xc60107bb, h=0x6d0a0520) returned 0x8a01c2
[0211.495] GetBkMode (hdc=0xc60107bb) returned 2
[0211.495] SetBkMode (hdc=0xc60107bb, mode=1) returned 2
[0211.495] DrawTextExW (in: hdc=0xc60107bb, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2cfa4e4 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0211.496] DrawTextExW (in: hdc=0xc60107bb, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2cfa4e4 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0211.496] RestoreDC (hdc=0xc60107bb, nSavedDC=-1) returned 1
[0211.496] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107bb) returned 0x0
[0211.496] GetFocus () returned 0x1902d8
[0211.496] IsAppThemed () returned 0x1
[0211.496] GetThemeAppProperties () returned 0x3
[0211.496] GetThemeAppProperties () returned 0x3
[0211.496] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0211.496] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xc60107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.496] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107bb) returned 0x0
[0211.496] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.496] SelectObject (hdc=0xc60107bb, h=0x85000f) returned 0x4a0507fe
[0211.496] DeleteDC (hdc=0xc60107bb) returned 1
[0211.496] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.497] EndPaint (hWnd=0x1102c8, lpPaint=0xd7e24c) returned 1
[0211.497] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.497] IsWindowUnicode (hWnd=0x602c4) returned 1
[0211.497] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.497] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.497] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.497] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0211.497] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.497] CreateCompatibleDC (hdc=0x10105d6) returned 0xc80107bb
[0211.498] SelectObject (hdc=0xc80107bb, h=0x4a0507fe) returned 0x85000f
[0211.498] GdipCreateFromHDC (hdc=0xc80107bb, graphics=0xd7e268) returned 0x0
[0211.498] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.498] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0211.498] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0211.498] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0211.498] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2c8) returned 0x0
[0211.498] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.498] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0211.498] LocalFree (hMem=0x11eec58) returned 0x0
[0211.498] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0211.498] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0211.498] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0211.498] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0211.498] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0211.498] GdipRestoreGraphics (graphics=0x6600030, state=0xfa300dbd) returned 0x0
[0211.498] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0211.499] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0211.499] GetCurrentObject (hdc=0xc80107bb, type=0x1) returned 0xb00017
[0211.499] GetCurrentObject (hdc=0xc80107bb, type=0x2) returned 0x900010
[0211.499] GetCurrentObject (hdc=0xc80107bb, type=0x7) returned 0x4a0507fe
[0211.499] GetCurrentObject (hdc=0xc80107bb, type=0x6) returned 0x8a01c2
[0211.499] SaveDC (hdc=0xc80107bb) returned 1
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0xff) returned 0xff
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0x55) returned 0x55
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0x0) returned 0x0
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0x55) returned 0x55
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0x0) returned 0x0
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0x8080ff) returned 0x8080ff
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0x7373e5) returned 0x7373e5
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0xe5) returned 0xe5
[0211.499] GetNearestColor (hdc=0xc80107bb, color=0x0) returned 0x0
[0211.499] RestoreDC (hdc=0xc80107bb, nSavedDC=-1) returned 1
[0211.499] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107bb) returned 0x0
[0211.499] IsAppThemed () returned 0x1
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] IsAppThemed () returned 0x1
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2cfacac | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0211.500] IsAppThemed () returned 0x1
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] IsAppThemed () returned 0x1
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] GetFocus () returned 0x1902d8
[0211.500] IsAppThemed () returned 0x1
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] GetThemeAppProperties () returned 0x3
[0211.500] IsAppThemed () returned 0x1
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] IsThemePartDefined () returned 0x1
[0211.501] IsAppThemed () returned 0x1
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.501] IsAppThemed () returned 0x1
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] IsAppThemed () returned 0x1
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] GetThemeAppProperties () returned 0x3
[0211.501] IsThemePartDefined () returned 0x1
[0211.501] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0211.501] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0211.501] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0211.501] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0211.501] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0211.501] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0211.501] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0211.501] LocalFree (hMem=0x11eecc8) returned 0x0
[0211.501] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.501] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0211.501] LocalFree (hMem=0x11ee868) returned 0x0
[0211.501] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0211.502] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e018) returned 0x0
[0211.502] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e008) returned 0x0
[0211.502] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0211.502] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0211.502] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0211.502] GetCurrentObject (hdc=0xc80107bb, type=0x1) returned 0xb00017
[0211.502] GetCurrentObject (hdc=0xc80107bb, type=0x2) returned 0x900010
[0211.502] GetCurrentObject (hdc=0xc80107bb, type=0x7) returned 0x4a0507fe
[0211.502] GetCurrentObject (hdc=0xc80107bb, type=0x6) returned 0x8a01c2
[0211.502] SaveDC (hdc=0xc80107bb) returned 1
[0211.502] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a0407de
[0211.502] GetClipRgn (hdc=0xc80107bb, hrgn=0x3a0407de) returned 0
[0211.502] SelectClipRgn (hdc=0xc80107bb, hrgn=0xb6040807) returned 2
[0211.502] DeleteObject (ho=0x3a0407de) returned 1
[0211.502] DeleteObject (ho=0xb6040807) returned 1
[0211.502] OffsetViewportOrgEx (in: hdc=0xc80107bb, x=0, y=0, lppt=0x2cfb35c | out: lppt=0x2cfb35c) returned 1
[0211.502] DrawThemeParentBackground () returned 0x0
[0211.502] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0211.503] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0211.503] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.503] GetSystemMetrics (nIndex=42) returned 0
[0211.503] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0211.503] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0211.503] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0211.503] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0211.503] SelectPalette (hdc=0xc80107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.503] GdipCreateFromHDC (hdc=0xc80107bb, graphics=0xd7dac8) returned 0x0
[0211.503] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0211.503] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0211.503] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638b18) returned 0x0
[0211.503] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7daa0) returned 0x0
[0211.504] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0211.504] GdipCreateRegion (region=0xd7da88) returned 0x0
[0211.504] GdipGetClip (graphics=0x6647070, region=0x66468c8) returned 0x0
[0211.504] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6647070, result=0xd7da94) returned 0x0
[0211.504] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0211.504] GdipSaveGraphics (graphics=0x6647070, state=0xd7dac0) returned 0x0
[0211.504] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0211.509] GdipFillRectangleI (graphics=0x6647070, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0211.509] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0211.511] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0211.511] SelectPalette (hdc=0xc80107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.511] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.511] GetSystemMetrics (nIndex=42) returned 0
[0211.511] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.511] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0211.511] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0211.511] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0211.511] SelectPalette (hdc=0xc80107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.511] GdipCreateFromHDC (hdc=0xc80107bb, graphics=0xd7da68) returned 0x0
[0211.512] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0211.512] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0211.512] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638ab8) returned 0x0
[0211.512] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7da40) returned 0x0
[0211.512] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0211.512] GdipCreateRegion (region=0xd7da28) returned 0x0
[0211.512] GdipGetClip (graphics=0x6647070, region=0x6646e68) returned 0x0
[0211.512] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6647070, result=0xd7da34) returned 0x0
[0211.512] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0211.512] GdipSaveGraphics (graphics=0x6647070, state=0xd7da60) returned 0x0
[0211.512] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0211.556] GdipFillRectangleI (graphics=0x6647070, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0211.556] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0211.558] GdipRestoreGraphics (graphics=0x6647070, state=0xfa2c0dbd) returned 0x0
[0211.558] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.558] GetSystemMetrics (nIndex=42) returned 0
[0211.558] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0211.558] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0211.558] SelectPalette (hdc=0xc80107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.559] RestoreDC (hdc=0xc80107bb, nSavedDC=-1) returned 1
[0211.559] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107bb) returned 0x0
[0211.559] IsAppThemed () returned 0x1
[0211.559] GetThemeAppProperties () returned 0x3
[0211.559] GetThemeAppProperties () returned 0x3
[0211.559] IsAppThemed () returned 0x1
[0211.559] GetThemeAppProperties () returned 0x3
[0211.559] GetThemeAppProperties () returned 0x3
[0211.559] IsThemePartDefined () returned 0x1
[0211.559] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0211.559] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0211.559] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0211.559] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0211.565] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df74) returned 0x0
[0211.565] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.565] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0211.565] LocalFree (hMem=0x11ee868) returned 0x0
[0211.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.566] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0211.566] LocalFree (hMem=0x11ee868) returned 0x0
[0211.566] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0211.566] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0211.566] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0211.566] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0211.566] GdipDeleteRegion (region=0x6646448) returned 0x0
[0211.566] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0211.566] GetCurrentObject (hdc=0xc80107bb, type=0x1) returned 0xb00017
[0211.566] GetCurrentObject (hdc=0xc80107bb, type=0x2) returned 0x900010
[0211.566] GetCurrentObject (hdc=0xc80107bb, type=0x7) returned 0x4a0507fe
[0211.566] GetCurrentObject (hdc=0xc80107bb, type=0x6) returned 0x8a01c2
[0211.566] SaveDC (hdc=0xc80107bb) returned 1
[0211.566] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb7040807
[0211.566] GetClipRgn (hdc=0xc80107bb, hrgn=0xb7040807) returned 0
[0211.567] SelectClipRgn (hdc=0xc80107bb, hrgn=0x3c0407de) returned 2
[0211.567] DeleteObject (ho=0xb7040807) returned 1
[0211.567] DeleteObject (ho=0x3c0407de) returned 1
[0211.567] OffsetViewportOrgEx (in: hdc=0xc80107bb, x=0, y=0, lppt=0x2d01bac | out: lppt=0x2d01bac) returned 1
[0211.567] IsAppThemed () returned 0x1
[0211.567] GetThemeAppProperties () returned 0x3
[0211.567] GetThemeAppProperties () returned 0x3
[0211.567] DrawThemeBackground () returned 0x0
[0211.567] RestoreDC (hdc=0xc80107bb, nSavedDC=-1) returned 1
[0211.567] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107bb) returned 0x0
[0211.567] GdipCreateRegion (region=0xd7df60) returned 0x0
[0211.567] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0211.567] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0211.567] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0211.567] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0211.567] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.568] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0211.568] LocalFree (hMem=0x11ee868) returned 0x0
[0211.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.568] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0211.568] LocalFree (hMem=0x11eec58) returned 0x0
[0211.568] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0211.568] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0211.568] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df90) returned 0x0
[0211.568] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0211.568] GdipDeleteRegion (region=0x6646688) returned 0x0
[0211.568] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0211.568] GetCurrentObject (hdc=0xc80107bb, type=0x1) returned 0xb00017
[0211.568] GetCurrentObject (hdc=0xc80107bb, type=0x2) returned 0x900010
[0211.568] GetCurrentObject (hdc=0xc80107bb, type=0x7) returned 0x4a0507fe
[0211.568] GetCurrentObject (hdc=0xc80107bb, type=0x6) returned 0x8a01c2
[0211.568] SaveDC (hdc=0xc80107bb) returned 1
[0211.568] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d0407de
[0211.569] GetClipRgn (hdc=0xc80107bb, hrgn=0x3d0407de) returned 0
[0211.569] SelectClipRgn (hdc=0xc80107bb, hrgn=0xb8040807) returned 2
[0211.569] DeleteObject (ho=0x3d0407de) returned 1
[0211.569] DeleteObject (ho=0xb8040807) returned 1
[0211.569] OffsetViewportOrgEx (in: hdc=0xc80107bb, x=0, y=0, lppt=0x2d01e80 | out: lppt=0x2d01e80) returned 1
[0211.569] IsAppThemed () returned 0x1
[0211.569] GetThemeAppProperties () returned 0x3
[0211.569] GetThemeAppProperties () returned 0x3
[0211.569] GetThemeBackgroundContentRect () returned 0x0
[0211.569] RestoreDC (hdc=0xc80107bb, nSavedDC=-1) returned 1
[0211.569] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107bb) returned 0x0
[0211.569] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0211.569] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0211.569] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0211.569] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0211.569] IsAppThemed () returned 0x1
[0211.570] GetThemeAppProperties () returned 0x3
[0211.570] GetThemeAppProperties () returned 0x3
[0211.570] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0211.570] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0211.570] GetCurrentObject (hdc=0xc80107bb, type=0x1) returned 0xb00017
[0211.570] GetCurrentObject (hdc=0xc80107bb, type=0x2) returned 0x900010
[0211.570] GetCurrentObject (hdc=0xc80107bb, type=0x7) returned 0x4a0507fe
[0211.570] GetCurrentObject (hdc=0xc80107bb, type=0x6) returned 0x8a01c2
[0211.570] SaveDC (hdc=0xc80107bb) returned 1
[0211.570] GetTextAlign (hdc=0xc80107bb) returned 0x0
[0211.570] GetTextColor (hdc=0xc80107bb) returned 0x0
[0211.570] GetCurrentObject (hdc=0xc80107bb, type=0x6) returned 0x8a01c2
[0211.570] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0211.570] SelectObject (hdc=0xc80107bb, h=0x6d0a0520) returned 0x8a01c2
[0211.570] GetBkMode (hdc=0xc80107bb) returned 2
[0211.571] SetBkMode (hdc=0xc80107bb, mode=1) returned 2
[0211.571] DrawTextExW (in: hdc=0xc80107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d02244 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0211.571] DrawTextExW (in: hdc=0xc80107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d02244 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0211.571] RestoreDC (hdc=0xc80107bb, nSavedDC=-1) returned 1
[0211.571] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107bb) returned 0x0
[0211.571] GetFocus () returned 0x1902d8
[0211.572] IsAppThemed () returned 0x1
[0211.572] GetThemeAppProperties () returned 0x3
[0211.572] GetThemeAppProperties () returned 0x3
[0211.572] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0211.572] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xc80107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.572] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107bb) returned 0x0
[0211.572] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.572] SelectObject (hdc=0xc80107bb, h=0x85000f) returned 0x4a0507fe
[0211.572] DeleteDC (hdc=0xc80107bb) returned 1
[0211.572] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.572] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0211.573] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0211.574] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.574] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0211.575] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.575] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.582] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0211.583] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.583] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.583] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.583] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.584] IsWindowUnicode (hWnd=0x1102c8) returned 1
[0211.584] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.584] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.584] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.584] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.584] IsWindowUnicode (hWnd=0x1102c8) returned 1
[0211.584] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.584] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.584] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.584] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x2a1, wParam=0x0, lParam=0x60027) returned 0x0
[0211.584] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.584] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.584] WaitMessage () returned 1
[0211.590] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.590] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.590] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.590] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.590] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.596] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.596] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.596] WaitMessage () returned 1
[0211.598] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.598] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.598] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.598] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.599] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.599] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.600] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.600] WaitMessage () returned 1
[0211.600] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.600] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.600] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.600] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.600] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.602] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.602] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.602] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.602] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.602] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.602] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.602] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.602] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.603] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.603] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.603] WaitMessage () returned 1
[0211.604] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.604] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.604] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.604] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.604] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.606] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.606] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.606] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.606] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.606] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.607] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.607] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.607] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.607] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.607] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.607] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.607] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.608] WaitMessage () returned 1
[0211.608] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.608] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.608] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.608] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.608] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.610] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.610] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.610] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.610] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.610] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.610] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.610] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.610] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.610] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.610] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.611] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.611] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.611] WaitMessage () returned 1
[0211.611] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.612] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.612] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.612] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.612] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.613] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.613] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.614] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.614] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.614] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.614] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.614] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.614] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.614] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.614] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.614] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.615] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.615] WaitMessage () returned 1
[0211.705] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.706] IsWindowUnicode (hWnd=0x502c6) returned 1
[0211.706] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.706] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.706] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.706] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.706] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0211.706] WaitMessage () returned 1
[0211.719] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.719] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.719] IsWindowUnicode (hWnd=0x1102c8) returned 1
[0211.719] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.720] GetDlgItem (hDlg=0x1702de, nIDDlgItem=0) returned 0x0
[0211.720] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x210, wParam=0x201, lParam=0x640108) returned 0x0
[0211.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x21, wParam=0x1702de, lParam=0x2010001) returned 0x1
[0211.720] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x21, wParam=0x1702de, lParam=0x2010001) returned 0x1
[0211.720] SetCursor (hCursor=0x10003) returned 0x10003
[0211.720] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.720] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.720] GetKeyState (nVirtKey=1) returned -127
[0211.720] GetKeyState (nVirtKey=2) returned 0
[0211.720] GetKeyState (nVirtKey=4) returned 0
[0211.720] GetKeyState (nVirtKey=5) returned 0
[0211.720] GetKeyState (nVirtKey=6) returned 0
[0211.721] IsWindowVisible (hWnd=0x1102c8) returned 1
[0211.721] IsWindowEnabled (hWnd=0x1102c8) returned 1
[0211.721] SetFocus (hWnd=0x1102c8) returned 0x1902d8
[0211.721] GetFocus () returned 0x1102c8
[0211.721] IsChild (hWndParent=0x1702de, hWnd=0x1102c8) returned 1
[0211.721] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x8, wParam=0x1102c8, lParam=0x0) returned 0x0
[0211.721] GetCapture () returned 0x0
[0211.721] InvalidateRect (hWnd=0x1902d8, lpRect=0x0, bErase=0) returned 1
[0211.722] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0211.724] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0211.725] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.725] InvalidateRect (hWnd=0x1902d8, lpRect=0x0, bErase=0) returned 1
[0211.726] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x7, wParam=0x1902d8, lParam=0x0) returned 0x0
[0211.726] GetStockObject (i=5) returned 0x900015
[0211.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0211.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0211.726] GetDlgItem (hDlg=0x1702de, nIDDlgItem=1114824) returned 0x1102c8
[0211.726] SendMessageW (hWnd=0x1102c8, Msg=0x202b, wParam=0x1102c8, lParam=0xd7dddc) returned 0x0
[0211.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x202b, wParam=0x1102c8, lParam=0xd7dddc) returned 0x0
[0211.726] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.728] GetFocus () returned 0x1102c8
[0211.728] GetFocus () returned 0x1102c8
[0211.728] GetFocus () returned 0x1102c8
[0211.728] GetKeyState (nVirtKey=1) returned -127
[0211.728] GetKeyState (nVirtKey=2) returned 0
[0211.728] GetKeyState (nVirtKey=4) returned 0
[0211.728] GetKeyState (nVirtKey=5) returned 0
[0211.728] GetKeyState (nVirtKey=6) returned 0
[0211.728] GetCapture () returned 0x0
[0211.728] SetCapture (hWnd=0x1102c8) returned 0x0
[0211.728] GetKeyState (nVirtKey=1) returned -127
[0211.728] GetKeyState (nVirtKey=2) returned 0
[0211.728] GetKeyState (nVirtKey=4) returned 0
[0211.728] GetKeyState (nVirtKey=5) returned 0
[0211.728] GetKeyState (nVirtKey=6) returned 0
[0211.728] NotifyWinEvent (event=0x800a, hwnd=0x1102c8, idObject=-4, idChild=0)
[0211.728] InvalidateRect (hWnd=0x1102c8, lpRect=0xd7e430, bErase=0) returned 1
[0211.729] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.729] IsWindowUnicode (hWnd=0x1102c8) returned 1
[0211.729] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.729] TranslateMessage (lpMsg=0xd7e808) returned 0
[0211.729] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0211.729] MapWindowPoints (in: hWndFrom=0x1102c8, hWndTo=0x0, lpPoints=0x2d02554, cPoints=0x1 | out: lpPoints=0x2d02554) returned 30999254
[0211.729] NotifyWinEvent (event=0x800a, hwnd=0x1102c8, idObject=-4, idChild=0)
[0211.729] InvalidateRect (hWnd=0x1102c8, lpRect=0xd7e3d0, bErase=0) returned 1
[0211.729] UpdateWindow (hWnd=0x1102c8) returned 1
[0211.729] BeginPaint (in: hWnd=0x1102c8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0211.729] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.729] CreateCompatibleDC (hdc=0xc0107c5) returned 0xc90107eb
[0211.730] SelectObject (hdc=0xc90107eb, h=0x4a0507fe) returned 0x85000f
[0211.730] GdipCreateFromHDC (hdc=0xc90107eb, graphics=0xd7df00) returned 0x0
[0211.730] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.730] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0211.730] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0211.730] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0211.730] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df60) returned 0x0
[0211.730] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0211.730] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea28) returned 0x0
[0211.730] LocalFree (hMem=0x11eea28) returned 0x0
[0211.730] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0211.730] GdipCreateRegion (region=0xd7df48) returned 0x0
[0211.730] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0211.730] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df54) returned 0x0
[0211.731] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0211.731] GdipRestoreGraphics (graphics=0x6600030, state=0xfa2a0dbd) returned 0x0
[0211.731] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0211.731] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0211.731] GetCurrentObject (hdc=0xc90107eb, type=0x1) returned 0xb00017
[0211.731] GetCurrentObject (hdc=0xc90107eb, type=0x2) returned 0x900010
[0211.731] GetCurrentObject (hdc=0xc90107eb, type=0x7) returned 0x4a0507fe
[0211.731] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.731] SaveDC (hdc=0xc90107eb) returned 1
[0211.738] GetNearestColor (hdc=0xc90107eb, color=0xf0f0f0) returned 0xf0f0f0
[0211.738] GetNearestColor (hdc=0xc90107eb, color=0xa0a0a0) returned 0xa0a0a0
[0211.738] GetNearestColor (hdc=0xc90107eb, color=0x696969) returned 0x696969
[0211.738] GetNearestColor (hdc=0xc90107eb, color=0xa0a0a0) returned 0xa0a0a0
[0211.738] GetNearestColor (hdc=0xc90107eb, color=0x0) returned 0x0
[0211.738] GetNearestColor (hdc=0xc90107eb, color=0xffffff) returned 0xffffff
[0211.738] GetNearestColor (hdc=0xc90107eb, color=0xe5e5e5) returned 0xe5e5e5
[0211.739] GetNearestColor (hdc=0xc90107eb, color=0xd7d7d7) returned 0xd7d7d7
[0211.739] GetNearestColor (hdc=0xc90107eb, color=0x0) returned 0x0
[0211.739] RestoreDC (hdc=0xc90107eb, nSavedDC=-1) returned 1
[0211.739] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107eb) returned 0x0
[0211.739] IsAppThemed () returned 0x1
[0211.739] GetThemeAppProperties () returned 0x3
[0211.739] GetThemeAppProperties () returned 0x3
[0211.739] IsAppThemed () returned 0x1
[0211.739] GetThemeAppProperties () returned 0x3
[0211.739] GetThemeAppProperties () returned 0x3
[0211.739] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d02cac | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0211.740] IsAppThemed () returned 0x1
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] IsAppThemed () returned 0x1
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] IsAppThemed () returned 0x1
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] IsAppThemed () returned 0x1
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] IsThemePartDefined () returned 0x1
[0211.740] IsAppThemed () returned 0x1
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.740] IsAppThemed () returned 0x1
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] GetThemeAppProperties () returned 0x3
[0211.740] IsAppThemed () returned 0x1
[0211.741] GetThemeAppProperties () returned 0x3
[0211.741] GetThemeAppProperties () returned 0x3
[0211.741] IsThemePartDefined () returned 0x1
[0211.741] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0211.741] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0211.741] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0211.741] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0211.741] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc7c) returned 0x0
[0211.741] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0211.741] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee910) returned 0x0
[0211.741] LocalFree (hMem=0x11ee910) returned 0x0
[0211.741] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.741] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0211.741] LocalFree (hMem=0x11eec58) returned 0x0
[0211.741] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0211.741] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0211.741] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0211.741] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0211.742] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0211.742] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0211.742] GetCurrentObject (hdc=0xc90107eb, type=0x1) returned 0xb00017
[0211.742] GetCurrentObject (hdc=0xc90107eb, type=0x2) returned 0x900010
[0211.742] GetCurrentObject (hdc=0xc90107eb, type=0x7) returned 0x4a0507fe
[0211.742] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.742] SaveDC (hdc=0xc90107eb) returned 1
[0211.742] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb9040807
[0211.742] GetClipRgn (hdc=0xc90107eb, hrgn=0xb9040807) returned 0
[0211.742] SelectClipRgn (hdc=0xc90107eb, hrgn=0x410407de) returned 2
[0211.742] DeleteObject (ho=0xb9040807) returned 1
[0211.742] DeleteObject (ho=0x410407de) returned 1
[0211.742] OffsetViewportOrgEx (in: hdc=0xc90107eb, x=0, y=0, lppt=0x2d0335c | out: lppt=0x2d0335c) returned 1
[0211.742] DrawThemeParentBackground () returned 0x0
[0211.743] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0211.743] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0211.743] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.743] GetSystemMetrics (nIndex=42) returned 0
[0211.743] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0211.743] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0211.743] GetCurrentObject (hdc=0xc90107eb, type=0x1) returned 0xb00017
[0211.743] GetCurrentObject (hdc=0xc90107eb, type=0x2) returned 0x900010
[0211.743] GetCurrentObject (hdc=0xc90107eb, type=0x7) returned 0x4a0507fe
[0211.743] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.743] SaveDC (hdc=0xc90107eb) returned 2
[0211.743] GetNearestColor (hdc=0xc90107eb, color=0xf0f0f0) returned 0xf0f0f0
[0211.743] CreateSolidBrush (color=0xf0f0f0) returned 0x1b1007e1
[0211.743] FillRect (hDC=0xc90107eb, lprc=0xd7d6c8, hbr=0x1b1007e1) returned 1
[0211.743] DeleteObject (ho=0x1b1007e1) returned 1
[0211.744] RestoreDC (hdc=0xc90107eb, nSavedDC=-1) returned 1
[0211.744] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.744] GetSystemMetrics (nIndex=42) returned 0
[0211.744] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0211.744] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0211.744] GetCurrentObject (hdc=0xc90107eb, type=0x1) returned 0xb00017
[0211.744] GetCurrentObject (hdc=0xc90107eb, type=0x2) returned 0x900010
[0211.744] GetCurrentObject (hdc=0xc90107eb, type=0x7) returned 0x4a0507fe
[0211.744] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.744] SaveDC (hdc=0xc90107eb) returned 2
[0211.744] GetNearestColor (hdc=0xc90107eb, color=0xf0f0f0) returned 0xf0f0f0
[0211.744] CreateSolidBrush (color=0xf0f0f0) returned 0x1c1007e1
[0211.744] FillRect (hDC=0xc90107eb, lprc=0xd7d668, hbr=0x1c1007e1) returned 1
[0211.744] DeleteObject (ho=0x1c1007e1) returned 1
[0211.744] RestoreDC (hdc=0xc90107eb, nSavedDC=-1) returned 1
[0211.745] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.745] GetSystemMetrics (nIndex=42) returned 0
[0211.745] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0211.745] RestoreDC (hdc=0xc90107eb, nSavedDC=-1) returned 1
[0211.745] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107eb) returned 0x0
[0211.745] IsAppThemed () returned 0x1
[0211.745] GetThemeAppProperties () returned 0x3
[0211.745] GetThemeAppProperties () returned 0x3
[0211.745] IsAppThemed () returned 0x1
[0211.745] GetThemeAppProperties () returned 0x3
[0211.745] GetThemeAppProperties () returned 0x3
[0211.745] IsThemePartDefined () returned 0x1
[0211.745] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0211.745] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0211.745] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0211.746] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0211.746] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0211.746] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0211.746] LocalFree (hMem=0x11eec58) returned 0x0
[0211.746] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0211.746] LocalFree (hMem=0x11eec58) returned 0x0
[0211.746] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0211.746] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0211.746] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0211.746] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0211.746] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0211.746] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0211.746] GetCurrentObject (hdc=0xc90107eb, type=0x1) returned 0xb00017
[0211.746] GetCurrentObject (hdc=0xc90107eb, type=0x2) returned 0x900010
[0211.746] GetCurrentObject (hdc=0xc90107eb, type=0x7) returned 0x4a0507fe
[0211.746] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.746] SaveDC (hdc=0xc90107eb) returned 1
[0211.747] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x420407de
[0211.747] GetClipRgn (hdc=0xc90107eb, hrgn=0x420407de) returned 0
[0211.747] SelectClipRgn (hdc=0xc90107eb, hrgn=0xbb040807) returned 2
[0211.750] DeleteObject (ho=0x420407de) returned 1
[0211.750] DeleteObject (ho=0xbb040807) returned 1
[0211.750] OffsetViewportOrgEx (in: hdc=0xc90107eb, x=0, y=0, lppt=0x2d03c08 | out: lppt=0x2d03c08) returned 1
[0211.750] IsAppThemed () returned 0x1
[0211.750] GetThemeAppProperties () returned 0x3
[0211.750] GetThemeAppProperties () returned 0x3
[0211.750] DrawThemeBackground () returned 0x0
[0211.750] RestoreDC (hdc=0xc90107eb, nSavedDC=-1) returned 1
[0211.750] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107eb) returned 0x0
[0211.750] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0211.750] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0211.750] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0211.750] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0211.750] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc04) returned 0x0
[0211.750] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0211.751] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0211.751] LocalFree (hMem=0x11eec58) returned 0x0
[0211.751] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0211.751] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0211.751] LocalFree (hMem=0x11ee788) returned 0x0
[0211.751] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0211.751] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0211.751] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0211.751] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0211.751] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0211.751] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0211.751] GetCurrentObject (hdc=0xc90107eb, type=0x1) returned 0xb00017
[0211.751] GetCurrentObject (hdc=0xc90107eb, type=0x2) returned 0x900010
[0211.751] GetCurrentObject (hdc=0xc90107eb, type=0x7) returned 0x4a0507fe
[0211.751] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.751] SaveDC (hdc=0xc90107eb) returned 1
[0211.752] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbc040807
[0211.752] GetClipRgn (hdc=0xc90107eb, hrgn=0xbc040807) returned 0
[0211.752] SelectClipRgn (hdc=0xc90107eb, hrgn=0x430407de) returned 2
[0211.752] DeleteObject (ho=0xbc040807) returned 1
[0211.752] DeleteObject (ho=0x430407de) returned 1
[0211.752] OffsetViewportOrgEx (in: hdc=0xc90107eb, x=0, y=0, lppt=0x2d03edc | out: lppt=0x2d03edc) returned 1
[0211.752] IsAppThemed () returned 0x1
[0211.752] GetThemeAppProperties () returned 0x3
[0211.752] GetThemeAppProperties () returned 0x3
[0211.752] GetThemeBackgroundContentRect () returned 0x0
[0211.752] RestoreDC (hdc=0xc90107eb, nSavedDC=-1) returned 1
[0211.752] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107eb) returned 0x0
[0211.752] IsAppThemed () returned 0x1
[0211.752] GetThemeAppProperties () returned 0x3
[0211.752] GetThemeAppProperties () returned 0x3
[0211.752] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0211.752] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0211.753] GetCurrentObject (hdc=0xc90107eb, type=0x1) returned 0xb00017
[0211.753] GetCurrentObject (hdc=0xc90107eb, type=0x2) returned 0x900010
[0211.753] GetCurrentObject (hdc=0xc90107eb, type=0x7) returned 0x4a0507fe
[0211.753] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.753] SaveDC (hdc=0xc90107eb) returned 1
[0211.753] GetTextAlign (hdc=0xc90107eb) returned 0x0
[0211.753] GetTextColor (hdc=0xc90107eb) returned 0x0
[0211.753] GetCurrentObject (hdc=0xc90107eb, type=0x6) returned 0x8a01c2
[0211.753] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0211.753] SelectObject (hdc=0xc90107eb, h=0x6d0a0520) returned 0x8a01c2
[0211.753] GetBkMode (hdc=0xc90107eb) returned 2
[0211.753] SetBkMode (hdc=0xc90107eb, mode=1) returned 2
[0211.753] DrawTextExW (in: hdc=0xc90107eb, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d0427c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0211.754] DrawTextExW (in: hdc=0xc90107eb, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d0427c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0211.754] RestoreDC (hdc=0xc90107eb, nSavedDC=-1) returned 1
[0211.754] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107eb) returned 0x0
[0211.754] GetFocus () returned 0x1102c8
[0211.754] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0211.754] SendMessageW (hWnd=0x1702de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0211.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0211.754] IsAppThemed () returned 0x1
[0211.755] GetThemeAppProperties () returned 0x3
[0211.755] GetThemeAppProperties () returned 0x3
[0211.755] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0211.755] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xc90107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.755] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107eb) returned 0x0
[0211.755] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.755] SelectObject (hdc=0xc90107eb, h=0x85000f) returned 0x4a0507fe
[0211.755] DeleteDC (hdc=0xc90107eb) returned 1
[0211.755] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.755] EndPaint (hWnd=0x1102c8, lpPaint=0xd7dee4) returned 1
[0211.755] MapWindowPoints (in: hWndFrom=0x1102c8, hWndTo=0x0, lpPoints=0x2d04378, cPoints=0x1 | out: lpPoints=0x2d04378) returned 30999254
[0211.755] WindowFromPoint (Point=0x2fd) returned 0x1102c8
[0211.756] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.756] NotifyWinEvent (event=0x800a, hwnd=0x1102c8, idObject=-4, idChild=0)
[0211.756] NotifyWinEvent (event=0x800c, hwnd=0x1102c8, idObject=-4, idChild=0)
[0211.756] GetCapture () returned 0x1102c8
[0211.756] ReleaseCapture () returned 1
[0211.756] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0211.756] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0211.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.757] IsWindow (hWnd=0x7005c) returned 1
[0211.757] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0211.757] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0211.757] IsWindow (hWnd=0x1702de) returned 1
[0211.757] SetActiveWindow (hWnd=0x1702de) returned 0x1702de
[0211.758] IsWindow (hWnd=0x1702de) returned 1
[0211.758] SetFocus (hWnd=0x1702de) returned 0x1102c8
[0211.758] GetFocus () returned 0x1702de
[0211.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x8, wParam=0x1702de, lParam=0x0) returned 0x0
[0211.758] GetCapture () returned 0x0
[0211.758] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.759] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0211.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0211.762] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.762] GetFocus () returned 0x1702de
[0211.762] SetFocus (hWnd=0x1102c8) returned 0x1702de
[0211.763] GetFocus () returned 0x1102c8
[0211.763] IsChild (hWndParent=0x1702de, hWnd=0x1102c8) returned 1
[0211.763] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x8, wParam=0x1102c8, lParam=0x0) returned 0x0
[0211.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0211.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0211.767] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x7, wParam=0x1702de, lParam=0x0) returned 0x0
[0211.767] GetStockObject (i=5) returned 0x900015
[0211.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0211.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0211.767] GetDlgItem (hDlg=0x1702de, nIDDlgItem=1114824) returned 0x1102c8
[0211.767] SendMessageW (hWnd=0x1102c8, Msg=0x202b, wParam=0x1102c8, lParam=0xd7ddcc) returned 0x0
[0211.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x202b, wParam=0x1102c8, lParam=0xd7ddcc) returned 0x0
[0211.768] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.769] GetWindowLongW (hWnd=0x1702de, nIndex=-8) returned 458844
[0211.769] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0211.769] GetCurrentThreadId () returned 0xf50
[0211.769] IsWindow (hWnd=0x7005c) returned 1
[0211.769] IsWindow (hWnd=0x7005c) returned 1
[0211.769] IsWindowVisible (hWnd=0x7005c) returned 1
[0211.769] SetActiveWindow (hWnd=0x7005c) returned 0x1702de
[0211.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0211.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0211.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0211.774] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0211.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0211.774] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0211.774] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0211.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1702de) returned 0x1
[0211.778] GetFocus () returned 0x1102c8
[0211.783] SetFocus (hWnd=0x602c4) returned 0x1102c8
[0211.783] GetFocus () returned 0x602c4
[0211.783] IsChild (hWndParent=0x1702de, hWnd=0x602c4) returned 0
[0211.783] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0211.784] GetCapture () returned 0x0
[0211.784] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.785] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0211.786] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0211.787] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.788] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0211.788] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.788] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0211.788] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0211.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1102c8, lParam=0x0) returned 0x0
[0211.789] GetStockObject (i=5) returned 0x900015
[0211.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0211.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0211.789] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0211.789] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0211.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0211.789] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0211.791] GetFocus () returned 0x602c4
[0211.791] IsChild (hWndParent=0x1702de, hWnd=0x602c4) returned 0
[0211.791] ShowWindow (hWnd=0x1702de, nCmdShow=0) returned 1
[0211.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0211.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0211.792] GetWindowPlacement (in: hWnd=0x1702de, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0211.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0211.793] GetClientRect (in: hWnd=0x1702de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0211.793] GetWindowRect (in: hWnd=0x1702de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0211.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0211.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0211.794] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0211.795] GetWindowLongW (hWnd=0x1702de, nIndex=-20) returned 327945
[0211.795] DestroyWindow (hWnd=0x1702de) returned 1
[0211.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0211.795] GetWindowTextLengthW (hWnd=0x1702de) returned 13
[0211.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.795] GetSystemMetrics (nIndex=42) returned 0
[0211.795] GetWindowTextW (in: hWnd=0x1702de, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0211.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0211.795] GetWindowTextLengthW (hWnd=0xd02ce) returned 0
[0211.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0211.796] GetSystemMetrics (nIndex=42) returned 0
[0211.796] GetWindowTextW (in: hWnd=0xd02ce, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0211.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0211.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0211.796] GetWindowThreadProcessId (in: hWnd=0x1702dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0211.796] GetWindow (hWnd=0x1702dc, uCmd=0x5) returned 0x0
[0211.796] GetWindowLongW (hWnd=0x1702dc, nIndex=-20) returned 65792
[0211.796] DestroyWindow (hWnd=0x1702dc) returned 1
[0211.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0211.796] GetWindowTextLengthW (hWnd=0x1702dc) returned 25
[0211.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0211.796] GetSystemMetrics (nIndex=42) returned 0
[0211.796] GetWindowTextW (in: hWnd=0x1702dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0211.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0211.796] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0211.797] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.798] GetWindowTextLengthW (hWnd=0x1702da) returned 232
[0211.798] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0211.798] GetSystemMetrics (nIndex=42) returned 0
[0211.798] GetWindowTextW (in: hWnd=0x1702da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0211.798] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0211.798] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0211.798] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0211.798] InvalidateRect (hWnd=0x1102c8, lpRect=0x0, bErase=0) returned 1
[0211.798] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0211.798] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0211.799] SendMessageW (hWnd=0xc02d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0211.799] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0211.799] SendMessageW (hWnd=0xc02d0, Msg=0xb0, wParam=0x2ce44b0, lParam=0xd7e480) returned 0x0
[0211.799] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0xb0, wParam=0x2ce44b0, lParam=0xd7e480) returned 0x0
[0211.799] GetWindowTextLengthW (hWnd=0xc02d0) returned 4363
[0211.799] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0211.799] GetSystemMetrics (nIndex=42) returned 0
[0211.799] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0211.799] GetWindowTextW (in: hWnd=0xc02d0, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0211.799] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0211.799] CoTaskMemFree (pv=0x1209508)
[0211.799] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0211.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xd02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.801] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1902d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.803] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1102c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.805] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.806] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0xc02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0211.820] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.820] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.820] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.820] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.820] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.821] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.821] IsWindowUnicode (hWnd=0x7005c) returned 1
[0211.821] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.821] SetCursor (hCursor=0x10003) returned 0x10003
[0211.822] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.822] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.822] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0211.822] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0211.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0211.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a023f) returned 0x0
[0211.822] GetKeyState (nVirtKey=1) returned 1
[0211.822] GetKeyState (nVirtKey=2) returned 0
[0211.822] GetKeyState (nVirtKey=4) returned 0
[0211.822] GetKeyState (nVirtKey=5) returned 0
[0211.822] GetKeyState (nVirtKey=6) returned 0
[0211.822] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.823] IsWindowUnicode (hWnd=0x7005c) returned 1
[0211.823] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.823] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.823] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.823] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.823] IsWindowUnicode (hWnd=0x7005c) returned 1
[0211.823] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fd) returned 0x1
[0211.824] SetCursor (hCursor=0x10003) returned 0x10003
[0211.824] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.824] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a023f) returned 0x0
[0211.824] GetKeyState (nVirtKey=1) returned 1
[0211.824] GetKeyState (nVirtKey=2) returned 0
[0211.824] GetKeyState (nVirtKey=4) returned 0
[0211.824] GetKeyState (nVirtKey=5) returned 0
[0211.824] GetKeyState (nVirtKey=6) returned 0
[0211.824] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.824] IsWindowUnicode (hWnd=0x602c4) returned 1
[0211.824] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.824] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.825] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.825] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.837] IsWindowUnicode (hWnd=0x602c4) returned 1
[0211.837] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.837] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.837] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.837] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.837] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.837] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.837] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.838] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.838] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.838] IsWindowUnicode (hWnd=0x602c4) returned 1
[0211.838] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.838] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.838] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.839] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0211.839] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.839] CreateCompatibleDC (hdc=0xf0105ee) returned 0xcc010671
[0211.839] SelectObject (hdc=0xcc010671, h=0x4a0507fe) returned 0x85000f
[0211.839] GdipCreateFromHDC (hdc=0xcc010671, graphics=0xd7e798) returned 0x0
[0211.839] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0211.839] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0211.839] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0211.839] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0211.839] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e7f8) returned 0x0
[0211.839] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0211.840] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0211.840] LocalFree (hMem=0x11eea60) returned 0x0
[0211.840] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0211.840] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0211.840] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0211.840] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0211.840] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0211.840] GdipRestoreGraphics (graphics=0x6600030, state=0xfa280dbd) returned 0x0
[0211.840] GdipDeleteRegion (region=0x6646298) returned 0x0
[0211.840] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0211.840] GetCurrentObject (hdc=0xcc010671, type=0x1) returned 0xb00017
[0211.840] GetCurrentObject (hdc=0xcc010671, type=0x2) returned 0x900010
[0211.840] GetCurrentObject (hdc=0xcc010671, type=0x7) returned 0x4a0507fe
[0211.840] GetCurrentObject (hdc=0xcc010671, type=0x6) returned 0x8a01c2
[0211.840] SaveDC (hdc=0xcc010671) returned 1
[0211.842] GetNearestColor (hdc=0xcc010671, color=0xff) returned 0xff
[0211.843] GetNearestColor (hdc=0xcc010671, color=0x55) returned 0x55
[0211.843] GetNearestColor (hdc=0xcc010671, color=0x0) returned 0x0
[0211.843] GetNearestColor (hdc=0xcc010671, color=0x55) returned 0x55
[0211.843] GetNearestColor (hdc=0xcc010671, color=0x0) returned 0x0
[0211.843] GetNearestColor (hdc=0xcc010671, color=0x8080ff) returned 0x8080ff
[0211.843] GetNearestColor (hdc=0xcc010671, color=0x7373e5) returned 0x7373e5
[0211.843] GetNearestColor (hdc=0xcc010671, color=0xe5) returned 0xe5
[0211.843] GetNearestColor (hdc=0xcc010671, color=0x0) returned 0x0
[0211.843] RestoreDC (hdc=0xcc010671, nSavedDC=-1) returned 1
[0211.843] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010671) returned 0x0
[0211.843] IsAppThemed () returned 0x1
[0211.843] GetThemeAppProperties () returned 0x3
[0211.843] GetThemeAppProperties () returned 0x3
[0211.844] IsAppThemed () returned 0x1
[0211.844] GetThemeAppProperties () returned 0x3
[0211.844] GetThemeAppProperties () returned 0x3
[0211.844] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d0c11c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0211.844] IsAppThemed () returned 0x1
[0211.844] GetThemeAppProperties () returned 0x3
[0211.844] GetThemeAppProperties () returned 0x3
[0211.844] IsAppThemed () returned 0x1
[0211.844] GetThemeAppProperties () returned 0x3
[0211.844] GetThemeAppProperties () returned 0x3
[0211.844] GetFocus () returned 0x602c4
[0211.844] IsAppThemed () returned 0x1
[0211.844] GetThemeAppProperties () returned 0x3
[0211.844] GetThemeAppProperties () returned 0x3
[0211.845] IsAppThemed () returned 0x1
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] IsThemePartDefined () returned 0x1
[0211.845] IsAppThemed () returned 0x1
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0211.845] IsAppThemed () returned 0x1
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] IsAppThemed () returned 0x1
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] GetThemeAppProperties () returned 0x3
[0211.845] IsThemePartDefined () returned 0x1
[0211.845] GdipCreateRegion (region=0xd7e508) returned 0x0
[0211.845] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0211.845] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0211.845] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0211.845] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e520) returned 0x0
[0211.845] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0211.846] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0211.846] LocalFree (hMem=0x11ee788) returned 0x0
[0211.846] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0211.846] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0211.846] LocalFree (hMem=0x11ee788) returned 0x0
[0211.846] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0211.846] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0211.846] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0211.846] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0211.846] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0211.846] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0211.846] GetCurrentObject (hdc=0xcc010671, type=0x1) returned 0xb00017
[0211.846] GetCurrentObject (hdc=0xcc010671, type=0x2) returned 0x900010
[0211.846] GetCurrentObject (hdc=0xcc010671, type=0x7) returned 0x4a0507fe
[0211.846] GetCurrentObject (hdc=0xcc010671, type=0x6) returned 0x8a01c2
[0211.846] SaveDC (hdc=0xcc010671) returned 1
[0211.847] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x440407de
[0211.847] GetClipRgn (hdc=0xcc010671, hrgn=0x440407de) returned 0
[0211.847] SelectClipRgn (hdc=0xcc010671, hrgn=0xc0040807) returned 2
[0211.847] DeleteObject (ho=0x440407de) returned 1
[0211.847] DeleteObject (ho=0xc0040807) returned 1
[0211.847] OffsetViewportOrgEx (in: hdc=0xcc010671, x=0, y=0, lppt=0x2d0c7cc | out: lppt=0x2d0c7cc) returned 1
[0211.847] DrawThemeParentBackground () returned 0x0
[0211.847] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0211.847] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0211.847] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.847] GetSystemMetrics (nIndex=42) returned 0
[0211.847] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0211.848] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0211.848] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0211.848] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0211.848] SelectPalette (hdc=0xcc010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.848] GdipCreateFromHDC (hdc=0xcc010671, graphics=0xd7dff8) returned 0x0
[0211.848] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0211.848] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0211.848] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638b18) returned 0x0
[0211.848] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfd0) returned 0x0
[0211.848] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0211.848] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0211.848] GdipGetClip (graphics=0x6647070, region=0x6646448) returned 0x0
[0211.848] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6647070, result=0xd7dfc4) returned 0x0
[0211.849] GdipDeleteRegion (region=0x6646448) returned 0x0
[0211.849] GdipSaveGraphics (graphics=0x6647070, state=0xd7dff0) returned 0x0
[0211.849] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0211.856] GdipFillRectangleI (graphics=0x6647070, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0211.856] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0211.860] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0211.860] SelectPalette (hdc=0xcc010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.860] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.860] GetSystemMetrics (nIndex=42) returned 0
[0211.860] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0211.860] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0211.860] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0211.860] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0211.860] SelectPalette (hdc=0xcc010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0211.861] GdipCreateFromHDC (hdc=0xcc010671, graphics=0xd7df98) returned 0x0
[0211.861] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0211.861] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0211.861] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638b48) returned 0x0
[0211.861] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df70) returned 0x0
[0211.861] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0211.861] GdipCreateRegion (region=0xd7df58) returned 0x0
[0211.861] GdipGetClip (graphics=0x6647070, region=0x6646f88) returned 0x0
[0211.861] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6647070, result=0xd7df64) returned 0x0
[0211.861] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0211.861] GdipSaveGraphics (graphics=0x6647070, state=0xd7df90) returned 0x0
[0211.861] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0211.867] GdipFillRectangleI (graphics=0x6647070, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0211.867] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0211.869] GdipRestoreGraphics (graphics=0x6647070, state=0xfa240dbd) returned 0x0
[0211.869] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0211.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0211.869] GetSystemMetrics (nIndex=42) returned 0
[0211.869] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0211.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0211.869] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0211.869] SelectPalette (hdc=0xcc010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.870] RestoreDC (hdc=0xcc010671, nSavedDC=-1) returned 1
[0211.870] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010671) returned 0x0
[0211.870] IsAppThemed () returned 0x1
[0211.870] GetThemeAppProperties () returned 0x3
[0211.870] GetThemeAppProperties () returned 0x3
[0211.870] IsAppThemed () returned 0x1
[0211.870] GetThemeAppProperties () returned 0x3
[0211.870] GetThemeAppProperties () returned 0x3
[0211.870] IsThemePartDefined () returned 0x1
[0211.870] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0211.870] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0211.870] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0211.870] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0211.870] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a4) returned 0x0
[0211.870] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0211.870] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea98) returned 0x0
[0211.871] LocalFree (hMem=0x11eea98) returned 0x0
[0211.871] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0211.871] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0211.871] LocalFree (hMem=0x11ee9f0) returned 0x0
[0211.871] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0211.871] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0211.871] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0211.871] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0211.871] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0211.871] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0211.871] GetCurrentObject (hdc=0xcc010671, type=0x1) returned 0xb00017
[0211.871] GetCurrentObject (hdc=0xcc010671, type=0x2) returned 0x900010
[0211.871] GetCurrentObject (hdc=0xcc010671, type=0x7) returned 0x4a0507fe
[0211.871] GetCurrentObject (hdc=0xcc010671, type=0x6) returned 0x8a01c2
[0211.871] SaveDC (hdc=0xcc010671) returned 1
[0211.871] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc1040807
[0211.871] GetClipRgn (hdc=0xcc010671, hrgn=0xc1040807) returned 0
[0211.872] SelectClipRgn (hdc=0xcc010671, hrgn=0x460407de) returned 2
[0211.872] DeleteObject (ho=0xc1040807) returned 1
[0211.872] DeleteObject (ho=0x460407de) returned 1
[0211.872] OffsetViewportOrgEx (in: hdc=0xcc010671, x=0, y=0, lppt=0x2d1301c | out: lppt=0x2d1301c) returned 1
[0211.877] IsAppThemed () returned 0x1
[0211.877] GetThemeAppProperties () returned 0x3
[0211.877] GetThemeAppProperties () returned 0x3
[0211.877] DrawThemeBackground () returned 0x0
[0211.877] RestoreDC (hdc=0xcc010671, nSavedDC=-1) returned 1
[0211.877] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010671) returned 0x0
[0211.877] GdipCreateRegion (region=0xd7e490) returned 0x0
[0211.878] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0211.878] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0211.878] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0211.878] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e4a8) returned 0x0
[0211.878] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0211.878] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0211.878] LocalFree (hMem=0x11ee868) returned 0x0
[0211.878] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0211.878] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0211.878] LocalFree (hMem=0x11eecc8) returned 0x0
[0211.878] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0211.878] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0211.878] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0211.878] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0211.878] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0211.878] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0211.878] GetCurrentObject (hdc=0xcc010671, type=0x1) returned 0xb00017
[0211.878] GetCurrentObject (hdc=0xcc010671, type=0x2) returned 0x900010
[0211.878] GetCurrentObject (hdc=0xcc010671, type=0x7) returned 0x4a0507fe
[0211.879] GetCurrentObject (hdc=0xcc010671, type=0x6) returned 0x8a01c2
[0211.879] SaveDC (hdc=0xcc010671) returned 1
[0211.879] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x470407de
[0211.879] GetClipRgn (hdc=0xcc010671, hrgn=0x470407de) returned 0
[0211.879] SelectClipRgn (hdc=0xcc010671, hrgn=0xc2040807) returned 2
[0211.879] DeleteObject (ho=0x470407de) returned 1
[0211.879] DeleteObject (ho=0xc2040807) returned 1
[0211.879] OffsetViewportOrgEx (in: hdc=0xcc010671, x=0, y=0, lppt=0x2d132f0 | out: lppt=0x2d132f0) returned 1
[0211.879] IsAppThemed () returned 0x1
[0211.879] GetThemeAppProperties () returned 0x3
[0211.879] GetThemeAppProperties () returned 0x3
[0211.879] GetThemeBackgroundContentRect () returned 0x0
[0211.879] RestoreDC (hdc=0xcc010671, nSavedDC=-1) returned 1
[0211.879] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010671) returned 0x0
[0211.879] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0211.879] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0211.880] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0211.880] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0211.880] IsAppThemed () returned 0x1
[0211.880] GetThemeAppProperties () returned 0x3
[0211.880] GetThemeAppProperties () returned 0x3
[0211.880] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0211.880] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0211.880] GetCurrentObject (hdc=0xcc010671, type=0x1) returned 0xb00017
[0211.880] GetCurrentObject (hdc=0xcc010671, type=0x2) returned 0x900010
[0211.880] GetCurrentObject (hdc=0xcc010671, type=0x7) returned 0x4a0507fe
[0211.880] GetCurrentObject (hdc=0xcc010671, type=0x6) returned 0x8a01c2
[0211.880] SaveDC (hdc=0xcc010671) returned 1
[0211.880] GetTextAlign (hdc=0xcc010671) returned 0x0
[0211.880] GetTextColor (hdc=0xcc010671) returned 0x0
[0211.880] GetCurrentObject (hdc=0xcc010671, type=0x6) returned 0x8a01c2
[0211.880] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0211.881] SelectObject (hdc=0xcc010671, h=0x6d0a0520) returned 0x8a01c2
[0211.881] GetBkMode (hdc=0xcc010671) returned 2
[0211.881] SetBkMode (hdc=0xcc010671, mode=1) returned 2
[0211.881] DrawTextExW (in: hdc=0xcc010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d136b4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0211.881] DrawTextExW (in: hdc=0xcc010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d136b4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0211.882] RestoreDC (hdc=0xcc010671, nSavedDC=-1) returned 1
[0211.882] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010671) returned 0x0
[0211.882] GetFocus () returned 0x602c4
[0211.882] IsAppThemed () returned 0x1
[0211.882] GetThemeAppProperties () returned 0x3
[0211.882] GetThemeAppProperties () returned 0x3
[0211.882] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0211.882] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xcc010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0211.882] GdipReleaseDC (graphics=0x6600030, hdc=0xcc010671) returned 0x0
[0211.882] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0211.882] SelectObject (hdc=0xcc010671, h=0x85000f) returned 0x4a0507fe
[0211.882] DeleteDC (hdc=0xcc010671) returned 1
[0211.882] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0211.882] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0211.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.883] WaitMessage () returned 1
[0211.919] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.919] IsWindowUnicode (hWnd=0x7005c) returned 1
[0211.919] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.919] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.919] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.919] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.919] IsWindowUnicode (hWnd=0x7005c) returned 1
[0211.919] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.920] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.920] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10a023f) returned 0x0
[0211.920] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.920] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.920] WaitMessage () returned 1
[0211.941] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.941] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.941] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.941] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.941] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.942] WaitMessage () returned 1
[0211.944] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.944] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.944] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.944] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.944] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.945] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.945] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.945] WaitMessage () returned 1
[0211.945] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.946] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.946] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.946] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.946] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.947] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.947] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.947] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.947] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.947] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.948] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.948] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.948] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.948] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.948] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.948] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.949] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.949] WaitMessage () returned 1
[0211.949] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.949] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.949] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.949] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.949] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.954] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.954] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.954] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.955] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.955] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.955] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.955] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.955] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.955] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.955] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.955] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.956] WaitMessage () returned 1
[0211.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.958] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.958] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.958] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.958] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.959] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.959] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.959] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.960] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.960] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.960] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.960] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.960] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.961] WaitMessage () returned 1
[0211.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.961] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.961] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.963] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0211.963] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0211.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0211.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0211.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0211.964] WaitMessage () returned 1
[0212.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0212.092] IsWindowUnicode (hWnd=0x502c6) returned 1
[0212.092] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0212.092] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0212.092] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0212.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0212.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0212.092] WaitMessage () returned 1
[0213.921] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0213.922] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0108) returned 0x1
[0213.922] IsWindowUnicode (hWnd=0x602c4) returned 1
[0213.922] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0213.922] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0213.922] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0213.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0213.922] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0213.923] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0108) returned 0x1
[0213.923] IsWindowUnicode (hWnd=0x602c4) returned 1
[0213.923] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0213.923] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0108) returned 0x1
[0213.923] SetCursor (hCursor=0x10003) returned 0x10003
[0213.923] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0213.923] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0213.923] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0213.923] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0213.923] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0213.923] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0213.924] GetKeyState (nVirtKey=1) returned 1
[0213.924] GetKeyState (nVirtKey=2) returned 0
[0213.924] GetKeyState (nVirtKey=4) returned 0
[0213.924] GetKeyState (nVirtKey=5) returned 0
[0213.924] GetKeyState (nVirtKey=6) returned 0
[0213.924] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0213.924] IsWindowUnicode (hWnd=0x602c4) returned 1
[0213.924] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0213.924] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0213.924] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0213.924] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0213.924] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0213.924] CreateCompatibleDC (hdc=0xf0105ee) returned 0x850107d0
[0213.925] SelectObject (hdc=0x850107d0, h=0x4a0507fe) returned 0x85000f
[0213.925] GdipCreateFromHDC (hdc=0x850107d0, graphics=0xd7e798) returned 0x0
[0213.925] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0213.925] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0213.925] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0213.925] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0213.925] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e7f8) returned 0x0
[0213.925] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0213.925] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0213.925] LocalFree (hMem=0x11eec58) returned 0x0
[0213.925] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0213.926] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0213.926] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0213.926] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0213.926] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0213.926] GdipRestoreGraphics (graphics=0x6600030, state=0xfa220dbd) returned 0x0
[0213.926] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0213.926] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0213.926] GetCurrentObject (hdc=0x850107d0, type=0x1) returned 0xb00017
[0213.926] GetCurrentObject (hdc=0x850107d0, type=0x2) returned 0x900010
[0213.926] GetCurrentObject (hdc=0x850107d0, type=0x7) returned 0x4a0507fe
[0213.926] GetCurrentObject (hdc=0x850107d0, type=0x6) returned 0x8a01c2
[0213.926] SaveDC (hdc=0x850107d0) returned 1
[0213.926] GetNearestColor (hdc=0x850107d0, color=0xff) returned 0xff
[0213.926] GetNearestColor (hdc=0x850107d0, color=0x55) returned 0x55
[0213.927] GetNearestColor (hdc=0x850107d0, color=0x0) returned 0x0
[0213.927] GetNearestColor (hdc=0x850107d0, color=0x55) returned 0x55
[0213.927] GetNearestColor (hdc=0x850107d0, color=0x0) returned 0x0
[0213.927] GetNearestColor (hdc=0x850107d0, color=0x8080ff) returned 0x8080ff
[0213.927] GetNearestColor (hdc=0x850107d0, color=0x7373e5) returned 0x7373e5
[0213.927] GetNearestColor (hdc=0x850107d0, color=0xe5) returned 0xe5
[0213.927] GetNearestColor (hdc=0x850107d0, color=0x0) returned 0x0
[0213.927] RestoreDC (hdc=0x850107d0, nSavedDC=-1) returned 1
[0213.927] GdipReleaseDC (graphics=0x6600030, hdc=0x850107d0) returned 0x0
[0213.927] IsAppThemed () returned 0x1
[0213.927] GetThemeAppProperties () returned 0x3
[0213.927] GetThemeAppProperties () returned 0x3
[0213.928] IsAppThemed () returned 0x1
[0213.928] GetThemeAppProperties () returned 0x3
[0213.928] GetThemeAppProperties () returned 0x3
[0213.928] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d14000 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0213.928] IsAppThemed () returned 0x1
[0213.928] GetThemeAppProperties () returned 0x3
[0213.928] GetThemeAppProperties () returned 0x3
[0213.928] IsAppThemed () returned 0x1
[0213.928] GetThemeAppProperties () returned 0x3
[0213.928] GetThemeAppProperties () returned 0x3
[0213.928] IsAppThemed () returned 0x1
[0213.928] GetThemeAppProperties () returned 0x3
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] IsAppThemed () returned 0x1
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] IsThemePartDefined () returned 0x1
[0213.929] IsAppThemed () returned 0x1
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0213.929] IsAppThemed () returned 0x1
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] IsAppThemed () returned 0x1
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] GetThemeAppProperties () returned 0x3
[0213.929] IsThemePartDefined () returned 0x1
[0213.929] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0213.929] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0213.929] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0213.929] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0213.930] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e514) returned 0x0
[0213.930] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0213.930] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0213.930] LocalFree (hMem=0x11eec58) returned 0x0
[0213.930] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0213.930] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0213.930] LocalFree (hMem=0x11eed00) returned 0x0
[0213.930] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0213.930] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0213.930] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0213.930] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0213.930] GdipDeleteRegion (region=0x6646448) returned 0x0
[0213.930] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0213.930] GetCurrentObject (hdc=0x850107d0, type=0x1) returned 0xb00017
[0213.930] GetCurrentObject (hdc=0x850107d0, type=0x2) returned 0x900010
[0213.930] GetCurrentObject (hdc=0x850107d0, type=0x7) returned 0x4a0507fe
[0213.930] GetCurrentObject (hdc=0x850107d0, type=0x6) returned 0x8a01c2
[0213.931] SaveDC (hdc=0x850107d0) returned 1
[0213.931] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc3040807
[0213.931] GetClipRgn (hdc=0x850107d0, hrgn=0xc3040807) returned 0
[0213.931] SelectClipRgn (hdc=0x850107d0, hrgn=0x4b0407de) returned 2
[0213.931] DeleteObject (ho=0xc3040807) returned 1
[0213.931] DeleteObject (ho=0x4b0407de) returned 1
[0213.931] OffsetViewportOrgEx (in: hdc=0x850107d0, x=0, y=0, lppt=0x2d146b0 | out: lppt=0x2d146b0) returned 1
[0213.931] DrawThemeParentBackground () returned 0x0
[0213.931] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0213.931] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0213.931] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0213.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0213.932] GetSystemMetrics (nIndex=42) returned 0
[0213.932] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0213.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0213.932] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0213.932] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0213.932] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0213.932] SelectPalette (hdc=0x850107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0213.932] GdipCreateFromHDC (hdc=0x850107d0, graphics=0xd7dff0) returned 0x0
[0213.932] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0213.932] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0213.932] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638b18) returned 0x0
[0213.932] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfc8) returned 0x0
[0213.933] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0213.933] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0213.933] GdipGetClip (graphics=0x6647070, region=0x6646e68) returned 0x0
[0213.933] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6647070, result=0xd7dfbc) returned 0x0
[0213.933] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0213.933] GdipSaveGraphics (graphics=0x6647070, state=0xd7dfe8) returned 0x0
[0213.933] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0213.940] GdipFillRectangleI (graphics=0x6647070, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0213.940] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0213.942] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0213.942] SelectPalette (hdc=0x850107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0213.942] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0213.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0213.942] GetSystemMetrics (nIndex=42) returned 0
[0213.942] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0213.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0213.942] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0213.943] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0213.943] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0213.943] SelectPalette (hdc=0x850107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0213.943] GdipCreateFromHDC (hdc=0x850107d0, graphics=0xd7df90) returned 0x0
[0213.943] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0213.943] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0213.943] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638c08) returned 0x0
[0213.943] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0213.943] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0213.943] GdipCreateRegion (region=0xd7df50) returned 0x0
[0213.943] GdipGetClip (graphics=0x6647070, region=0x6646c28) returned 0x0
[0213.943] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6647070, result=0xd7df5c) returned 0x0
[0213.943] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0213.944] GdipSaveGraphics (graphics=0x6647070, state=0xd7df88) returned 0x0
[0213.944] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0213.950] GdipFillRectangleI (graphics=0x6647070, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0213.950] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0213.952] GdipRestoreGraphics (graphics=0x6647070, state=0xfa1e0dbd) returned 0x0
[0213.952] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0213.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0213.952] GetSystemMetrics (nIndex=42) returned 0
[0213.952] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0213.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0213.953] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0213.953] SelectPalette (hdc=0x850107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0213.953] RestoreDC (hdc=0x850107d0, nSavedDC=-1) returned 1
[0213.953] GdipReleaseDC (graphics=0x6600030, hdc=0x850107d0) returned 0x0
[0213.953] IsAppThemed () returned 0x1
[0213.953] GetThemeAppProperties () returned 0x3
[0213.953] GetThemeAppProperties () returned 0x3
[0213.953] IsAppThemed () returned 0x1
[0213.953] GetThemeAppProperties () returned 0x3
[0213.953] GetThemeAppProperties () returned 0x3
[0213.953] IsThemePartDefined () returned 0x1
[0213.953] GdipCreateRegion (region=0xd7e480) returned 0x0
[0213.953] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0213.954] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0213.954] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0213.954] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e498) returned 0x0
[0213.954] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0213.954] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0213.954] LocalFree (hMem=0x11ee788) returned 0x0
[0213.954] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0213.954] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0213.954] LocalFree (hMem=0x11ee788) returned 0x0
[0213.954] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0213.954] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0213.954] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0213.954] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0213.954] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0213.954] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0213.954] GetCurrentObject (hdc=0x850107d0, type=0x1) returned 0xb00017
[0213.955] GetCurrentObject (hdc=0x850107d0, type=0x2) returned 0x900010
[0213.955] GetCurrentObject (hdc=0x850107d0, type=0x7) returned 0x4a0507fe
[0213.955] GetCurrentObject (hdc=0x850107d0, type=0x6) returned 0x8a01c2
[0213.955] SaveDC (hdc=0x850107d0) returned 1
[0213.955] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4c0407de
[0213.955] GetClipRgn (hdc=0x850107d0, hrgn=0x4c0407de) returned 0
[0213.955] SelectClipRgn (hdc=0x850107d0, hrgn=0xc5040807) returned 2
[0213.955] DeleteObject (ho=0x4c0407de) returned 1
[0213.955] DeleteObject (ho=0xc5040807) returned 1
[0213.955] OffsetViewportOrgEx (in: hdc=0x850107d0, x=0, y=0, lppt=0x2d1af00 | out: lppt=0x2d1af00) returned 1
[0213.955] IsAppThemed () returned 0x1
[0213.955] GetThemeAppProperties () returned 0x3
[0213.955] GetThemeAppProperties () returned 0x3
[0213.955] DrawThemeBackground () returned 0x0
[0213.956] RestoreDC (hdc=0x850107d0, nSavedDC=-1) returned 1
[0213.956] GdipReleaseDC (graphics=0x6600030, hdc=0x850107d0) returned 0x0
[0213.956] GdipCreateRegion (region=0xd7e484) returned 0x0
[0213.956] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0213.956] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0213.956] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0213.956] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e49c) returned 0x0
[0213.956] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0213.956] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0213.956] LocalFree (hMem=0x11ee868) returned 0x0
[0213.956] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0213.956] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0213.956] LocalFree (hMem=0x11eec58) returned 0x0
[0213.956] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0213.956] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0213.956] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0213.957] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0213.957] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0213.957] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0213.957] GetCurrentObject (hdc=0x850107d0, type=0x1) returned 0xb00017
[0213.957] GetCurrentObject (hdc=0x850107d0, type=0x2) returned 0x900010
[0213.957] GetCurrentObject (hdc=0x850107d0, type=0x7) returned 0x4a0507fe
[0213.957] GetCurrentObject (hdc=0x850107d0, type=0x6) returned 0x8a01c2
[0213.957] SaveDC (hdc=0x850107d0) returned 1
[0213.957] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc6040807
[0213.957] GetClipRgn (hdc=0x850107d0, hrgn=0xc6040807) returned 0
[0213.957] SelectClipRgn (hdc=0x850107d0, hrgn=0x4d0407de) returned 2
[0213.957] DeleteObject (ho=0xc6040807) returned 1
[0213.957] DeleteObject (ho=0x4d0407de) returned 1
[0213.957] OffsetViewportOrgEx (in: hdc=0x850107d0, x=0, y=0, lppt=0x2d1b1d4 | out: lppt=0x2d1b1d4) returned 1
[0213.957] IsAppThemed () returned 0x1
[0213.958] GetThemeAppProperties () returned 0x3
[0213.958] GetThemeAppProperties () returned 0x3
[0213.958] GetThemeBackgroundContentRect () returned 0x0
[0213.958] RestoreDC (hdc=0x850107d0, nSavedDC=-1) returned 1
[0213.958] GdipReleaseDC (graphics=0x6600030, hdc=0x850107d0) returned 0x0
[0213.958] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0213.958] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0213.958] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0213.958] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0213.958] IsAppThemed () returned 0x1
[0213.958] GetThemeAppProperties () returned 0x3
[0213.958] GetThemeAppProperties () returned 0x3
[0213.958] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0213.958] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0213.958] GetCurrentObject (hdc=0x850107d0, type=0x1) returned 0xb00017
[0213.958] GetCurrentObject (hdc=0x850107d0, type=0x2) returned 0x900010
[0213.958] GetCurrentObject (hdc=0x850107d0, type=0x7) returned 0x4a0507fe
[0213.959] GetCurrentObject (hdc=0x850107d0, type=0x6) returned 0x8a01c2
[0213.959] SaveDC (hdc=0x850107d0) returned 1
[0213.959] GetTextAlign (hdc=0x850107d0) returned 0x0
[0213.959] GetTextColor (hdc=0x850107d0) returned 0x0
[0213.959] GetCurrentObject (hdc=0x850107d0, type=0x6) returned 0x8a01c2
[0213.959] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0213.959] SelectObject (hdc=0x850107d0, h=0x6d0a0520) returned 0x8a01c2
[0213.959] GetBkMode (hdc=0x850107d0) returned 2
[0213.959] SetBkMode (hdc=0x850107d0, mode=1) returned 2
[0213.959] DrawTextExW (in: hdc=0x850107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d1b598 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0213.960] DrawTextExW (in: hdc=0x850107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d1b598 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0213.960] RestoreDC (hdc=0x850107d0, nSavedDC=-1) returned 1
[0213.960] GdipReleaseDC (graphics=0x6600030, hdc=0x850107d0) returned 0x0
[0213.960] GetFocus () returned 0x602c4
[0213.960] IsAppThemed () returned 0x1
[0213.961] GetThemeAppProperties () returned 0x3
[0213.961] GetThemeAppProperties () returned 0x3
[0213.961] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0213.961] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x850107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0213.961] GdipReleaseDC (graphics=0x6600030, hdc=0x850107d0) returned 0x0
[0213.961] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0213.961] SelectObject (hdc=0x850107d0, h=0x85000f) returned 0x4a0507fe
[0213.961] DeleteDC (hdc=0x850107d0) returned 1
[0213.961] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0213.962] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0213.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0213.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0213.962] WaitMessage () returned 1
[0214.028] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.029] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.029] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.029] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.029] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.029] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.029] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.029] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.029] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.029] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.029] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x7002d) returned 0x0
[0214.029] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.029] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.029] WaitMessage () returned 1
[0214.162] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.162] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0108) returned 0x1
[0214.162] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.162] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.162] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0108) returned 0x1
[0214.162] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0214.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x199004a) returned 0x0
[0214.162] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0214.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0214.163] SetCursor (hCursor=0x10003) returned 0x10003
[0214.163] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.163] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.163] GetKeyState (nVirtKey=1) returned -128
[0214.163] GetKeyState (nVirtKey=2) returned 0
[0214.163] GetKeyState (nVirtKey=4) returned 0
[0214.163] GetKeyState (nVirtKey=5) returned 0
[0214.163] GetKeyState (nVirtKey=6) returned 0
[0214.163] IsWindowVisible (hWnd=0x602c4) returned 1
[0214.163] IsWindowEnabled (hWnd=0x602c4) returned 1
[0214.163] SetFocus (hWnd=0x602c4) returned 0x602c4
[0214.163] GetFocus () returned 0x602c4
[0214.163] GetFocus () returned 0x602c4
[0214.163] GetFocus () returned 0x602c4
[0214.163] GetKeyState (nVirtKey=1) returned -128
[0214.163] GetKeyState (nVirtKey=2) returned 0
[0214.163] GetKeyState (nVirtKey=4) returned 0
[0214.163] GetKeyState (nVirtKey=5) returned 0
[0214.163] GetKeyState (nVirtKey=6) returned 0
[0214.163] GetCapture () returned 0x0
[0214.163] SetCapture (hWnd=0x602c4) returned 0x0
[0214.163] GetKeyState (nVirtKey=1) returned -128
[0214.164] GetKeyState (nVirtKey=2) returned 0
[0214.164] GetKeyState (nVirtKey=4) returned 0
[0214.164] GetKeyState (nVirtKey=5) returned 0
[0214.164] GetKeyState (nVirtKey=6) returned 0
[0214.164] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0214.164] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0214.164] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.164] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.164] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.164] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.164] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.164] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d1b71c, cPoints=0x1 | out: lpPoints=0x2d1b71c) returned 40304859
[0214.164] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0214.164] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0214.164] UpdateWindow (hWnd=0x602c4) returned 1
[0214.164] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0214.164] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.164] CreateCompatibleDC (hdc=0xf0105ee) returned 0x860107d0
[0214.164] SelectObject (hdc=0x860107d0, h=0x4a0507fe) returned 0x85000f
[0214.165] GdipCreateFromHDC (hdc=0x860107d0, graphics=0xd7e430) returned 0x0
[0214.165] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.165] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0214.165] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0214.165] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0214.165] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e490) returned 0x0
[0214.165] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0214.165] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0214.165] LocalFree (hMem=0x11eecc8) returned 0x0
[0214.165] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0214.165] GdipCreateRegion (region=0xd7e478) returned 0x0
[0214.165] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0214.165] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0214.165] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0214.165] GdipRestoreGraphics (graphics=0x6600030, state=0xfa1c0dbd) returned 0x0
[0214.165] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0214.165] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0214.166] GetCurrentObject (hdc=0x860107d0, type=0x1) returned 0xb00017
[0214.166] GetCurrentObject (hdc=0x860107d0, type=0x2) returned 0x900010
[0214.166] GetCurrentObject (hdc=0x860107d0, type=0x7) returned 0x4a0507fe
[0214.166] GetCurrentObject (hdc=0x860107d0, type=0x6) returned 0x8a01c2
[0214.166] SaveDC (hdc=0x860107d0) returned 1
[0214.166] GetNearestColor (hdc=0x860107d0, color=0xff) returned 0xff
[0214.166] GetNearestColor (hdc=0x860107d0, color=0x55) returned 0x55
[0214.166] GetNearestColor (hdc=0x860107d0, color=0x0) returned 0x0
[0214.166] GetNearestColor (hdc=0x860107d0, color=0x55) returned 0x55
[0214.166] GetNearestColor (hdc=0x860107d0, color=0x0) returned 0x0
[0214.166] GetNearestColor (hdc=0x860107d0, color=0x8080ff) returned 0x8080ff
[0214.166] GetNearestColor (hdc=0x860107d0, color=0x7373e5) returned 0x7373e5
[0214.166] GetNearestColor (hdc=0x860107d0, color=0xe5) returned 0xe5
[0214.166] GetNearestColor (hdc=0x860107d0, color=0x0) returned 0x0
[0214.166] RestoreDC (hdc=0x860107d0, nSavedDC=-1) returned 1
[0214.166] GdipReleaseDC (graphics=0x6600030, hdc=0x860107d0) returned 0x0
[0214.166] IsAppThemed () returned 0x1
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] IsAppThemed () returned 0x1
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d1be38 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0214.167] IsAppThemed () returned 0x1
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] IsAppThemed () returned 0x1
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] IsAppThemed () returned 0x1
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] GetThemeAppProperties () returned 0x3
[0214.167] IsAppThemed () returned 0x1
[0214.167] GetThemeAppProperties () returned 0x3
[0214.168] GetThemeAppProperties () returned 0x3
[0214.168] IsThemePartDefined () returned 0x1
[0214.168] IsAppThemed () returned 0x1
[0214.168] GetThemeAppProperties () returned 0x3
[0214.168] GetThemeAppProperties () returned 0x3
[0214.168] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0214.168] IsAppThemed () returned 0x1
[0214.168] GetThemeAppProperties () returned 0x3
[0214.168] GetThemeAppProperties () returned 0x3
[0214.168] IsAppThemed () returned 0x1
[0214.168] GetThemeAppProperties () returned 0x3
[0214.168] GetThemeAppProperties () returned 0x3
[0214.168] IsThemePartDefined () returned 0x1
[0214.168] GdipCreateRegion (region=0xd7e194) returned 0x0
[0214.168] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0214.168] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0214.168] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0214.168] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e1ac) returned 0x0
[0214.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0214.168] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0214.168] LocalFree (hMem=0x11ee9f0) returned 0x0
[0214.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.168] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0214.168] LocalFree (hMem=0x11eec58) returned 0x0
[0214.168] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0214.169] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0214.169] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0214.169] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0214.169] GdipDeleteRegion (region=0x6646448) returned 0x0
[0214.169] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0214.169] GetCurrentObject (hdc=0x860107d0, type=0x1) returned 0xb00017
[0214.169] GetCurrentObject (hdc=0x860107d0, type=0x2) returned 0x900010
[0214.169] GetCurrentObject (hdc=0x860107d0, type=0x7) returned 0x4a0507fe
[0214.169] GetCurrentObject (hdc=0x860107d0, type=0x6) returned 0x8a01c2
[0214.169] SaveDC (hdc=0x860107d0) returned 1
[0214.169] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4e0407de
[0214.169] GetClipRgn (hdc=0x860107d0, hrgn=0x4e0407de) returned 0
[0214.169] SelectClipRgn (hdc=0x860107d0, hrgn=0xca040807) returned 2
[0214.169] DeleteObject (ho=0x4e0407de) returned 1
[0214.169] DeleteObject (ho=0xca040807) returned 1
[0214.170] OffsetViewportOrgEx (in: hdc=0x860107d0, x=0, y=0, lppt=0x2d1c4e8 | out: lppt=0x2d1c4e8) returned 1
[0214.170] DrawThemeParentBackground () returned 0x0
[0214.170] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0214.170] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0214.170] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.170] GetSystemMetrics (nIndex=42) returned 0
[0214.170] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0214.170] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0214.170] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0214.170] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0214.170] SelectPalette (hdc=0x860107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.170] GdipCreateFromHDC (hdc=0x860107d0, graphics=0xd7dc88) returned 0x0
[0214.170] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0214.170] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0214.170] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638cc8) returned 0x0
[0214.171] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc60) returned 0x0
[0214.171] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0214.171] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0214.171] GdipGetClip (graphics=0x6647070, region=0x6646e68) returned 0x0
[0214.171] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6647070, result=0xd7dc54) returned 0x0
[0214.171] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.171] GdipSaveGraphics (graphics=0x6647070, state=0xd7dc80) returned 0x0
[0214.171] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0214.176] GdipFillRectangleI (graphics=0x6647070, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0214.176] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0214.178] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0214.178] SelectPalette (hdc=0x860107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.178] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.178] GetSystemMetrics (nIndex=42) returned 0
[0214.178] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0214.178] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0214.179] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0214.179] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0214.179] SelectPalette (hdc=0x860107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.179] GdipCreateFromHDC (hdc=0x860107d0, graphics=0xd7dc28) returned 0x0
[0214.179] GdipSetPageUnit (graphics=0x6647070, unit=0x2) returned 0x0
[0214.179] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0214.179] GdipGetWorldTransform (graphics=0x6647070, matrix=0x6638d28) returned 0x0
[0214.179] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc00) returned 0x0
[0214.179] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0214.179] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0214.179] GdipGetClip (graphics=0x6647070, region=0x6646448) returned 0x0
[0214.179] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6647070, result=0xd7dbf4) returned 0x0
[0214.179] GdipDeleteRegion (region=0x6646448) returned 0x0
[0214.180] GdipSaveGraphics (graphics=0x6647070, state=0xd7dc20) returned 0x0
[0214.180] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0214.187] GdipFillRectangleI (graphics=0x6647070, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0214.187] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0214.189] GdipRestoreGraphics (graphics=0x6647070, state=0xfa180dbd) returned 0x0
[0214.189] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.189] GetSystemMetrics (nIndex=42) returned 0
[0214.189] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0214.189] GdipDeleteGraphics (graphics=0x6647070) returned 0x0
[0214.189] SelectPalette (hdc=0x860107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.190] RestoreDC (hdc=0x860107d0, nSavedDC=-1) returned 1
[0214.190] GdipReleaseDC (graphics=0x6600030, hdc=0x860107d0) returned 0x0
[0214.190] IsAppThemed () returned 0x1
[0214.190] GetThemeAppProperties () returned 0x3
[0214.190] GetThemeAppProperties () returned 0x3
[0214.190] IsAppThemed () returned 0x1
[0214.190] GetThemeAppProperties () returned 0x3
[0214.190] GetThemeAppProperties () returned 0x3
[0214.190] IsThemePartDefined () returned 0x1
[0214.190] GdipCreateRegion (region=0xd7e118) returned 0x0
[0214.190] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0214.190] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0214.190] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0214.190] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e130) returned 0x0
[0214.190] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.191] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0214.191] LocalFree (hMem=0x11eec58) returned 0x0
[0214.191] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.191] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0214.191] LocalFree (hMem=0x11ee788) returned 0x0
[0214.191] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0214.191] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0214.191] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0214.191] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0214.191] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0214.191] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0214.191] GetCurrentObject (hdc=0x860107d0, type=0x1) returned 0xb00017
[0214.191] GetCurrentObject (hdc=0x860107d0, type=0x2) returned 0x900010
[0214.191] GetCurrentObject (hdc=0x860107d0, type=0x7) returned 0x4a0507fe
[0214.191] GetCurrentObject (hdc=0x860107d0, type=0x6) returned 0x8a01c2
[0214.192] SaveDC (hdc=0x860107d0) returned 1
[0214.192] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcb040807
[0214.192] GetClipRgn (hdc=0x860107d0, hrgn=0xcb040807) returned 0
[0214.192] SelectClipRgn (hdc=0x860107d0, hrgn=0x500407de) returned 2
[0214.192] DeleteObject (ho=0xcb040807) returned 1
[0214.192] DeleteObject (ho=0x500407de) returned 1
[0214.192] OffsetViewportOrgEx (in: hdc=0x860107d0, x=0, y=0, lppt=0x2d22d38 | out: lppt=0x2d22d38) returned 1
[0214.192] IsAppThemed () returned 0x1
[0214.192] GetThemeAppProperties () returned 0x3
[0214.192] GetThemeAppProperties () returned 0x3
[0214.192] DrawThemeBackground () returned 0x0
[0214.192] RestoreDC (hdc=0x860107d0, nSavedDC=-1) returned 1
[0214.192] GdipReleaseDC (graphics=0x6600030, hdc=0x860107d0) returned 0x0
[0214.192] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0214.192] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.192] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0214.192] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0214.192] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e134) returned 0x0
[0214.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.192] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0214.193] LocalFree (hMem=0x11eec58) returned 0x0
[0214.193] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.193] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0214.193] LocalFree (hMem=0x11ee788) returned 0x0
[0214.193] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0214.193] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0214.193] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0214.193] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0214.193] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.193] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0214.193] GetCurrentObject (hdc=0x860107d0, type=0x1) returned 0xb00017
[0214.193] GetCurrentObject (hdc=0x860107d0, type=0x2) returned 0x900010
[0214.193] GetCurrentObject (hdc=0x860107d0, type=0x7) returned 0x4a0507fe
[0214.193] GetCurrentObject (hdc=0x860107d0, type=0x6) returned 0x8a01c2
[0214.193] SaveDC (hdc=0x860107d0) returned 1
[0214.193] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x510407de
[0214.193] GetClipRgn (hdc=0x860107d0, hrgn=0x510407de) returned 0
[0214.193] SelectClipRgn (hdc=0x860107d0, hrgn=0xcc040807) returned 2
[0214.193] DeleteObject (ho=0x510407de) returned 1
[0214.193] DeleteObject (ho=0xcc040807) returned 1
[0214.194] OffsetViewportOrgEx (in: hdc=0x860107d0, x=0, y=0, lppt=0x2d2300c | out: lppt=0x2d2300c) returned 1
[0214.194] IsAppThemed () returned 0x1
[0214.194] GetThemeAppProperties () returned 0x3
[0214.194] GetThemeAppProperties () returned 0x3
[0214.194] GetThemeBackgroundContentRect () returned 0x0
[0214.194] RestoreDC (hdc=0x860107d0, nSavedDC=-1) returned 1
[0214.194] GdipReleaseDC (graphics=0x6600030, hdc=0x860107d0) returned 0x0
[0214.194] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0214.194] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0214.194] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0214.194] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0214.194] IsAppThemed () returned 0x1
[0214.194] GetThemeAppProperties () returned 0x3
[0214.194] GetThemeAppProperties () returned 0x3
[0214.194] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0214.194] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0214.194] GetCurrentObject (hdc=0x860107d0, type=0x1) returned 0xb00017
[0214.194] GetCurrentObject (hdc=0x860107d0, type=0x2) returned 0x900010
[0214.194] GetCurrentObject (hdc=0x860107d0, type=0x7) returned 0x4a0507fe
[0214.194] GetCurrentObject (hdc=0x860107d0, type=0x6) returned 0x8a01c2
[0214.194] SaveDC (hdc=0x860107d0) returned 1
[0214.195] GetTextAlign (hdc=0x860107d0) returned 0x0
[0214.195] GetTextColor (hdc=0x860107d0) returned 0x0
[0214.195] GetCurrentObject (hdc=0x860107d0, type=0x6) returned 0x8a01c2
[0214.195] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0214.195] SelectObject (hdc=0x860107d0, h=0x6d0a0520) returned 0x8a01c2
[0214.195] GetBkMode (hdc=0x860107d0) returned 2
[0214.195] SetBkMode (hdc=0x860107d0, mode=1) returned 2
[0214.195] DrawTextExW (in: hdc=0x860107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d233d0 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0214.195] DrawTextExW (in: hdc=0x860107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d233d0 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0214.196] RestoreDC (hdc=0x860107d0, nSavedDC=-1) returned 1
[0214.196] GdipReleaseDC (graphics=0x6600030, hdc=0x860107d0) returned 0x0
[0214.196] GetFocus () returned 0x602c4
[0214.196] IsAppThemed () returned 0x1
[0214.196] GetThemeAppProperties () returned 0x3
[0214.196] GetThemeAppProperties () returned 0x3
[0214.196] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0214.196] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x860107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.196] GdipReleaseDC (graphics=0x6600030, hdc=0x860107d0) returned 0x0
[0214.196] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.196] SelectObject (hdc=0x860107d0, h=0x85000f) returned 0x4a0507fe
[0214.196] DeleteDC (hdc=0x860107d0) returned 1
[0214.197] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.197] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0214.197] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d234cc, cPoints=0x1 | out: lpPoints=0x2d234cc) returned 40304859
[0214.197] WindowFromPoint (Point=0x108) returned 0x602c4
[0214.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26e0108) returned 0x1
[0214.197] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0214.197] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0214.197] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0214.197] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0214.197] GetSystemMetrics (nIndex=42) returned 0
[0214.197] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0214.197] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0214.199] GetCapture () returned 0x602c4
[0214.199] ReleaseCapture () returned 1
[0214.199] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0214.199] GetProcessWindowStation () returned 0x13c
[0214.200] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.200] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0214.200] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.200] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0214.201] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.201] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0214.201] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.201] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0214.201] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.201] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0214.201] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.201] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0214.202] GetDC (hWnd=0x0) returned 0x60100ce
[0214.202] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0214.202] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0214.202] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.202] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0214.202] GetSystemMetrics (nIndex=5) returned 1
[0214.202] GetSystemMetrics (nIndex=6) returned 1
[0214.202] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.203] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0214.203] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.203] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0214.209] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0214.209] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0214.209] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.210] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0214.210] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.210] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0214.211] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d2a59c | out: lpData=0x2d2a59c) returned 1
[0214.211] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2a9ac, puLen=0xd7e810) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a654, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a6a8, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a728, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a790, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a7d0, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a858, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a894, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a8ec, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a91c, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a958, puLen=0xd7e790) returned 1
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2a9ac, puLen=0xd7e784) returned 1
[0214.212] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.212] VerQueryValueW (in: pBlock=0x2d2a59c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2a5c4, puLen=0xd7e794) returned 1
[0214.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0214.213] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0214.213] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.213] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0214.213] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.213] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0214.213] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d2c50c | out: lpData=0x2d2c50c) returned 1
[0214.213] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2c5a8, puLen=0xd7e810) returned 1
[0214.213] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c620, puLen=0xd7e790) returned 1
[0214.213] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c650, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c68c, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c6bc, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c704, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c77c, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c7c0, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c800, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c5fe, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c74c, puLen=0xd7e790) returned 1
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2c5a8, puLen=0xd7e784) returned 1
[0214.214] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0214.214] VerQueryValueW (in: pBlock=0x2d2c50c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2c534, puLen=0xd7e794) returned 1
[0214.215] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0214.215] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0214.215] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.215] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0214.215] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.215] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0214.239] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d2e7e4 | out: lpData=0x2d2e7e4) returned 1
[0214.239] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2ebf8, puLen=0xd7e810) returned 1
[0214.239] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2e89c, puLen=0xd7e790) returned 1
[0214.239] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2e8f0, puLen=0xd7e790) returned 1
[0214.239] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2e94c, puLen=0xd7e790) returned 1
[0214.239] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2e9ac, puLen=0xd7e790) returned 1
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2ea04, puLen=0xd7e790) returned 1
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2ea8c, puLen=0xd7e790) returned 1
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2eae0, puLen=0xd7e790) returned 1
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2eb38, puLen=0xd7e790) returned 1
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2eb68, puLen=0xd7e790) returned 1
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2eba4, puLen=0xd7e790) returned 1
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2ebf8, puLen=0xd7e784) returned 1
[0214.240] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.240] VerQueryValueW (in: pBlock=0x2d2e7e4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2e80c, puLen=0xd7e794) returned 1
[0214.241] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0214.241] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0214.241] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.241] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0214.241] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.241] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0214.242] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d30e1c | out: lpData=0x2d30e1c) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d3121c, puLen=0xd7e810) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30ed4, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30f28, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30f68, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d30fd0, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d31028, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d310b0, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d31104, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3115c, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3118c, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d311c8, puLen=0xd7e790) returned 1
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d3121c, puLen=0xd7e784) returned 1
[0214.243] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.243] VerQueryValueW (in: pBlock=0x2d30e1c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d30e44, puLen=0xd7e794) returned 1
[0214.244] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0214.244] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0214.244] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.244] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0214.245] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.245] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0214.245] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d33558 | out: lpData=0x2d33558) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d33920, puLen=0xd7e810) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d33610, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d33664, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d336a4, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3370c, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d33748, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d337d0, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d33808, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d33860, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d33890, puLen=0xd7e790) returned 1
[0214.246] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.247] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d338cc, puLen=0xd7e790) returned 1
[0214.247] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.247] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d33920, puLen=0xd7e784) returned 1
[0214.247] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.247] VerQueryValueW (in: pBlock=0x2d33558, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d33580, puLen=0xd7e794) returned 1
[0214.249] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0214.249] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0214.249] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.249] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0214.249] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.249] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0214.250] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d36bc0 | out: lpData=0x2d36bc0) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d36fa0, puLen=0xd7e810) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36c78, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36ccc, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36d0c, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36d6c, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36db8, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36e40, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36e88, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36ee0, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36f10, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d36f4c, puLen=0xd7e790) returned 1
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d36fa0, puLen=0xd7e784) returned 1
[0214.251] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.251] VerQueryValueW (in: pBlock=0x2d36bc0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d36be8, puLen=0xd7e794) returned 1
[0214.252] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0214.252] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0214.252] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.252] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0214.252] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.252] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0214.253] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d393e0 | out: lpData=0x2d393e0) returned 1
[0214.253] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d397ec, puLen=0xd7e810) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d39498, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d394ec, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d39540, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d395a0, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d395f8, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d39680, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d396d4, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3972c, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3975c, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d39798, puLen=0xd7e790) returned 1
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d397ec, puLen=0xd7e784) returned 1
[0214.254] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.254] VerQueryValueW (in: pBlock=0x2d393e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d39408, puLen=0xd7e794) returned 1
[0214.255] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0214.255] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0214.255] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.255] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0214.255] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.255] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0214.256] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d3bbf4 | out: lpData=0x2d3bbf4) returned 1
[0214.256] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d3bfcc, puLen=0xd7e810) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bcac, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bd00, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bd40, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bda8, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bdec, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3be74, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3beb4, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bf0c, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bf3c, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3bf78, puLen=0xd7e790) returned 1
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d3bfcc, puLen=0xd7e784) returned 1
[0214.257] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.257] VerQueryValueW (in: pBlock=0x2d3bbf4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d3bc1c, puLen=0xd7e794) returned 1
[0214.258] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0214.258] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0214.258] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.258] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0214.258] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.258] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0214.259] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d3e14c | out: lpData=0x2d3e14c) returned 1
[0214.260] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d3e524, puLen=0xd7e810) returned 1
[0214.260] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e204, puLen=0xd7e790) returned 1
[0214.260] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e258, puLen=0xd7e790) returned 1
[0214.260] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e298, puLen=0xd7e790) returned 1
[0214.260] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e300, puLen=0xd7e790) returned 1
[0214.260] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e344, puLen=0xd7e790) returned 1
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e3cc, puLen=0xd7e790) returned 1
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e40c, puLen=0xd7e790) returned 1
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e464, puLen=0xd7e790) returned 1
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e494, puLen=0xd7e790) returned 1
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d3e4d0, puLen=0xd7e790) returned 1
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d3e524, puLen=0xd7e784) returned 1
[0214.261] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.261] VerQueryValueW (in: pBlock=0x2d3e14c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d3e174, puLen=0xd7e794) returned 1
[0214.262] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0214.262] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0214.262] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0214.262] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0214.262] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0214.262] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0214.263] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d40884 | out: lpData=0x2d40884) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d40cb4, puLen=0xd7e810) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4093c, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40990, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40a00, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40a60, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40abc, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40b44, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40b9c, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40bf4, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40c24, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d40c60, puLen=0xd7e790) returned 1
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d40cb4, puLen=0xd7e784) returned 1
[0214.264] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0214.264] VerQueryValueW (in: pBlock=0x2d40884, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d408ac, puLen=0xd7e794) returned 1
[0214.265] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0214.265] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.265] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0214.266] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.266] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.266] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1802de
[0214.267] SetWindowLongW (hWnd=0x1802de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0214.267] GetWindowLongW (hWnd=0x1802de, nIndex=-4) returned 1950089536
[0214.267] SetWindowLongW (hWnd=0x1802de, nIndex=-4, dwNewLong=19945582) returned 1950089536
[0214.267] GetWindowLongW (hWnd=0x1802de, nIndex=-4) returned 19945582
[0214.267] GetWindowLongW (hWnd=0x1802de, nIndex=-16) returned 113311744
[0214.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0214.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0214.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0214.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0214.269] GetClientRect (in: hWnd=0x1802de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0214.269] GetWindowRect (in: hWnd=0x1802de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0214.269] SetWindowTextW (hWnd=0x1802de, lpString="WindowsFormsParkingWindow") returned 1
[0214.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0xc, wParam=0x0, lParam=0x2d047a4) returned 0x1
[0214.270] GetParent (hWnd=0x1802de) returned 0x0
[0214.270] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.270] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1802de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xd02d0
[0214.270] SetWindowLongW (hWnd=0xd02d0, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0214.271] GetWindowLongW (hWnd=0xd02d0, nIndex=-4) returned 1868147648
[0214.271] SetWindowLongW (hWnd=0xd02d0, nIndex=-4, dwNewLong=19945662) returned 1868147648
[0214.271] GetWindowLongW (hWnd=0xd02d0, nIndex=-4) returned 19945662
[0214.271] GetWindowLongW (hWnd=0xd02d0, nIndex=-16) returned 1174405133
[0214.271] GetWindowLongW (hWnd=0xd02d0, nIndex=-12) returned 0
[0214.271] SetWindowLongW (hWnd=0xd02d0, nIndex=-12, dwNewLong=852688) returned 0
[0214.271] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0214.272] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0214.272] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0214.273] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0214.273] GetWindowRect (in: hWnd=0xd02d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0214.273] GetParent (hWnd=0xd02d0) returned 0x1802de
[0214.273] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802de, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0214.274] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0214.274] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0214.274] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0214.274] GetWindowRect (in: hWnd=0xd02d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0214.274] GetParent (hWnd=0xd02d0) returned 0x1802de
[0214.274] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802de, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0214.274] SendMessageW (hWnd=0xd02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xd02d0) returned 0x0
[0214.274] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xd02d0) returned 0x0
[0214.274] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.275] GetParent (hWnd=0xd02d0) returned 0x1802de
[0214.275] GdipCreateFromHWND (hwnd=0xd02d0, graphics=0xd7e844) returned 0x0
[0214.275] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0214.276] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.276] GetForegroundWindow () returned 0x7005c
[0214.276] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.276] GetSystemMetrics (nIndex=42) returned 0
[0214.276] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0214.276] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.276] GetSystemMetrics (nIndex=42) returned 0
[0214.276] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0214.277] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.277] GetCursorPos (in: lpPoint=0x2d44d08 | out: lpPoint=0x2d44d08*(x=264, y=622)) returned 1
[0214.277] MonitorFromPoint (pt=0x108, dwFlags=0x26e) returned 0x10001
[0214.277] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0214.277] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x890107d0
[0214.277] GetDeviceCaps (hdc=0x890107d0, index=12) returned 32
[0214.278] GetDeviceCaps (hdc=0x890107d0, index=14) returned 1
[0214.278] DeleteDC (hdc=0x890107d0) returned 1
[0214.278] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0214.278] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0214.278] GetSystemMetrics (nIndex=59) returned 1460
[0214.278] GetSystemMetrics (nIndex=60) returned 920
[0214.278] GetSystemMetrics (nIndex=34) returned 136
[0214.278] GetSystemMetrics (nIndex=35) returned 39
[0214.278] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.280] GetCursorPos (in: lpPoint=0x2d44f74 | out: lpPoint=0x2d44f74*(x=264, y=622)) returned 1
[0214.280] MonitorFromPoint (pt=0x108, dwFlags=0x26c) returned 0x10001
[0214.280] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0214.280] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8a0107d0
[0214.280] GetDeviceCaps (hdc=0x8a0107d0, index=12) returned 32
[0214.280] GetDeviceCaps (hdc=0x8a0107d0, index=14) returned 1
[0214.280] DeleteDC (hdc=0x8a0107d0) returned 1
[0214.280] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0214.280] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0214.281] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.281] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0214.281] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d4520c | out: piconinfo=0x2d4520c) returned 1
[0214.281] GetObjectW (in: h=0x92050803, c=24, pv=0x2d45228 | out: pv=0x2d45228) returned 24
[0214.281] GdipCreateBitmapFromHBITMAP (hbm=0x92050803, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0214.282] GdipGetImageWidth (image=0x6650b40, width=0xd7e750) returned 0x0
[0214.282] GdipGetImageHeight (image=0x6650b40, height=0xd7e748) returned 0x0
[0214.282] GdipGetImagePixelFormat (image=0x6650b40, format=0xd7e740) returned 0x0
[0214.282] GdipBitmapLockBits (bitmap=0x6650b40, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d452e0) returned 0x0
[0214.282] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0214.282] GdipBitmapLockBits (bitmap=0x664f100, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d45318) returned 0x0
[0214.282] RtlMoveMemory (in: Destination=0x665ff50, Source=0x665fec8, Length=0x80 | out: Destination=0x665ff50)
[0214.282] RtlMoveMemory (in: Destination=0x665ffd0, Source=0x665fe48, Length=0x80 | out: Destination=0x665ffd0)
[0214.282] RtlMoveMemory (in: Destination=0x6660050, Source=0x665fdc8, Length=0x80 | out: Destination=0x6660050)
[0214.282] RtlMoveMemory (in: Destination=0x66600d0, Source=0x665fd48, Length=0x80 | out: Destination=0x66600d0)
[0214.282] RtlMoveMemory (in: Destination=0x6660150, Source=0x665fcc8, Length=0x80 | out: Destination=0x6660150)
[0214.282] RtlMoveMemory (in: Destination=0x66601d0, Source=0x665fc48, Length=0x80 | out: Destination=0x66601d0)
[0214.282] RtlMoveMemory (in: Destination=0x6660250, Source=0x665fbc8, Length=0x80 | out: Destination=0x6660250)
[0214.282] RtlMoveMemory (in: Destination=0x66602d0, Source=0x665fb48, Length=0x80 | out: Destination=0x66602d0)
[0214.282] RtlMoveMemory (in: Destination=0x6660350, Source=0x665fac8, Length=0x80 | out: Destination=0x6660350)
[0214.282] RtlMoveMemory (in: Destination=0x66603d0, Source=0x665fa48, Length=0x80 | out: Destination=0x66603d0)
[0214.283] RtlMoveMemory (in: Destination=0x6660450, Source=0x665f9c8, Length=0x80 | out: Destination=0x6660450)
[0214.283] RtlMoveMemory (in: Destination=0x66604d0, Source=0x665f948, Length=0x80 | out: Destination=0x66604d0)
[0214.283] RtlMoveMemory (in: Destination=0x6660550, Source=0x665f8c8, Length=0x80 | out: Destination=0x6660550)
[0214.283] RtlMoveMemory (in: Destination=0x66605d0, Source=0x665f848, Length=0x80 | out: Destination=0x66605d0)
[0214.283] RtlMoveMemory (in: Destination=0x6660650, Source=0x665f7c8, Length=0x80 | out: Destination=0x6660650)
[0214.283] RtlMoveMemory (in: Destination=0x66606d0, Source=0x665f748, Length=0x80 | out: Destination=0x66606d0)
[0214.283] RtlMoveMemory (in: Destination=0x6660750, Source=0x665f6c8, Length=0x80 | out: Destination=0x6660750)
[0214.283] RtlMoveMemory (in: Destination=0x66607d0, Source=0x665f648, Length=0x80 | out: Destination=0x66607d0)
[0214.283] RtlMoveMemory (in: Destination=0x6660850, Source=0x665f5c8, Length=0x80 | out: Destination=0x6660850)
[0214.283] RtlMoveMemory (in: Destination=0x66608d0, Source=0x665f548, Length=0x80 | out: Destination=0x66608d0)
[0214.283] RtlMoveMemory (in: Destination=0x6660950, Source=0x665f4c8, Length=0x80 | out: Destination=0x6660950)
[0214.283] RtlMoveMemory (in: Destination=0x66609d0, Source=0x665f448, Length=0x80 | out: Destination=0x66609d0)
[0214.283] RtlMoveMemory (in: Destination=0x6660a50, Source=0x665f3c8, Length=0x80 | out: Destination=0x6660a50)
[0214.283] RtlMoveMemory (in: Destination=0x6660ad0, Source=0x665f348, Length=0x80 | out: Destination=0x6660ad0)
[0214.283] RtlMoveMemory (in: Destination=0x6660b50, Source=0x665f2c8, Length=0x80 | out: Destination=0x6660b50)
[0214.283] RtlMoveMemory (in: Destination=0x6660bd0, Source=0x665f248, Length=0x80 | out: Destination=0x6660bd0)
[0214.283] RtlMoveMemory (in: Destination=0x6660c50, Source=0x665f1c8, Length=0x80 | out: Destination=0x6660c50)
[0214.283] RtlMoveMemory (in: Destination=0x6660cd0, Source=0x665f148, Length=0x80 | out: Destination=0x6660cd0)
[0214.284] RtlMoveMemory (in: Destination=0x6660d50, Source=0x665f0c8, Length=0x80 | out: Destination=0x6660d50)
[0214.284] RtlMoveMemory (in: Destination=0x6660dd0, Source=0x665f048, Length=0x80 | out: Destination=0x6660dd0)
[0214.284] RtlMoveMemory (in: Destination=0x6660e50, Source=0x665efc8, Length=0x80 | out: Destination=0x6660e50)
[0214.284] RtlMoveMemory (in: Destination=0x6660ed0, Source=0x665ef48, Length=0x80 | out: Destination=0x6660ed0)
[0214.284] GdipBitmapUnlockBits (bitmap=0x6650b40, lockedBitmapData=0x2d452e0) returned 0x0
[0214.284] GdipBitmapUnlockBits (bitmap=0x664f100, lockedBitmapData=0x2d45318) returned 0x0
[0214.284] GdipDisposeImage (image=0x6650b40) returned 0x0
[0214.284] DeleteObject (ho=0x92050803) returned 1
[0214.284] DeleteObject (ho=0x8b0507d0) returned 1
[0214.284] GetCurrentThreadId () returned 0xf50
[0214.284] GetCurrentThreadId () returned 0xf50
[0214.284] SetWindowPos (hWnd=0xd02d0, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0214.284] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0214.284] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0214.285] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0214.285] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0214.285] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0214.285] GetWindowRect (in: hWnd=0xd02d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0214.285] GetParent (hWnd=0xd02d0) returned 0x1802de
[0214.285] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802de, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0214.285] InvalidateRect (hWnd=0xd02d0, lpRect=0x0, bErase=1) returned 1
[0214.285] GetWindowTextLengthW (hWnd=0xd02d0) returned 0
[0214.285] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0214.285] GetSystemMetrics (nIndex=42) returned 0
[0214.285] GetWindowTextW (in: hWnd=0xd02d0, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0214.285] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0214.285] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0214.286] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0214.286] GetWindowRect (in: hWnd=0xd02d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0214.286] GetParent (hWnd=0xd02d0) returned 0x1802de
[0214.286] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802de, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0214.286] GetWindowTextLengthW (hWnd=0xd02d0) returned 0
[0214.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0214.286] GetSystemMetrics (nIndex=42) returned 0
[0214.286] GetWindowTextW (in: hWnd=0xd02d0, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0214.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0214.286] GetWindowTextLengthW (hWnd=0xd02d0) returned 0
[0214.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0214.286] GetSystemMetrics (nIndex=42) returned 0
[0214.286] GetWindowTextW (in: hWnd=0xd02d0, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0214.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0214.286] SetWindowTextW (hWnd=0xd02d0, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0214.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xc, wParam=0x0, lParam=0x2d24ac0) returned 0x1
[0214.286] InvalidateRect (hWnd=0xd02d0, lpRect=0x0, bErase=1) returned 1
[0214.287] GetCurrentThreadId () returned 0xf50
[0214.287] GetWindowThreadProcessId (in: hWnd=0xd02d0, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0214.287] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0214.288] GdipImageForceValidation (image=0x6651ba8) returned 0x0
[0214.289] GdipGetImageRawFormat (image=0x6651ba8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0214.290] GdipGetImageHeight (image=0x6651ba8, height=0xd7e824) returned 0x0
[0214.290] GdipGetImageWidth (image=0x6651ba8, width=0xd7e824) returned 0x0
[0214.290] GdipGetImageWidth (image=0x6651ba8, width=0xd7e810) returned 0x0
[0214.290] GdipGetImageHeight (image=0x6651ba8, height=0xd7e810) returned 0x0
[0214.290] GdipGetImageWidth (image=0x6651ba8, width=0xd7e800) returned 0x0
[0214.290] GdipGetImageHeight (image=0x6651ba8, height=0xd7e800) returned 0x0
[0214.290] GdipBitmapGetPixel (bitmap=0x6651ba8, x=0, y=15, color=0xd7e810) returned 0x0
[0214.290] GdipGetImageRawFormat (image=0x6651ba8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0214.290] GdipGetImageWidth (image=0x6651ba8, width=0xd7e740) returned 0x0
[0214.290] GdipGetImageHeight (image=0x6651ba8, height=0xd7e740) returned 0x0
[0214.290] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0214.290] GdipGetImagePixelFormat (image=0x664fe20, format=0xd7e740) returned 0x0
[0214.290] GdipGetImageGraphicsContext (image=0x664fe20, graphics=0xd7e74c) returned 0x0
[0214.290] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0214.290] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0214.290] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0214.291] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6651ba8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0214.291] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0214.291] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.291] GdipDisposeImage (image=0x6651ba8) returned 0x0
[0214.291] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0214.292] GdipImageForceValidation (image=0x664ea70) returned 0x0
[0214.310] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0214.310] GdipGetImageHeight (image=0x664ea70, height=0xd7e824) returned 0x0
[0214.310] GdipGetImageWidth (image=0x664ea70, width=0xd7e824) returned 0x0
[0214.310] GdipGetImageWidth (image=0x664ea70, width=0xd7e810) returned 0x0
[0214.310] GdipGetImageHeight (image=0x664ea70, height=0xd7e810) returned 0x0
[0214.310] GdipGetImageWidth (image=0x664ea70, width=0xd7e800) returned 0x0
[0214.310] GdipGetImageHeight (image=0x664ea70, height=0xd7e800) returned 0x0
[0214.310] GdipBitmapGetPixel (bitmap=0x664ea70, x=0, y=15, color=0xd7e810) returned 0x0
[0214.310] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0214.310] GdipGetImageWidth (image=0x664ea70, width=0xd7e740) returned 0x0
[0214.310] GdipGetImageHeight (image=0x664ea70, height=0xd7e740) returned 0x0
[0214.310] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0214.310] GdipGetImagePixelFormat (image=0x66511d0, format=0xd7e740) returned 0x0
[0214.310] GdipGetImageGraphicsContext (image=0x66511d0, graphics=0xd7e74c) returned 0x0
[0214.310] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0214.311] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0214.311] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0214.311] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664ea70, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0214.311] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0214.311] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.311] GdipDisposeImage (image=0x664ea70) returned 0x0
[0214.311] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.312] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0214.312] GetCurrentThreadId () returned 0xf50
[0214.312] GetCurrentThreadId () returned 0xf50
[0214.312] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.312] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0214.312] GetCurrentThreadId () returned 0xf50
[0214.312] GetCurrentThreadId () returned 0xf50
[0214.312] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.312] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0214.312] GetCurrentThreadId () returned 0xf50
[0214.312] GetCurrentThreadId () returned 0xf50
[0214.313] GetSystemMetrics (nIndex=5) returned 1
[0214.313] GetSystemMetrics (nIndex=6) returned 1
[0214.313] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.313] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0214.313] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.313] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0214.313] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.313] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0214.313] GetCurrentThreadId () returned 0xf50
[0214.313] GetCurrentThreadId () returned 0xf50
[0214.314] GetProcessWindowStation () returned 0x13c
[0214.314] GetCapture () returned 0x0
[0214.314] GetActiveWindow () returned 0x7005c
[0214.314] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0214.314] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.314] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0214.314] GetCursorPos (in: lpPoint=0x2d46458 | out: lpPoint=0x2d46458*(x=264, y=622)) returned 1
[0214.314] MonitorFromPoint (pt=0x108, dwFlags=0x26e) returned 0x10001
[0214.314] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0214.314] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8c0107d0
[0214.315] GetDeviceCaps (hdc=0x8c0107d0, index=12) returned 32
[0214.315] GetDeviceCaps (hdc=0x8c0107d0, index=14) returned 1
[0214.315] DeleteDC (hdc=0x8c0107d0) returned 1
[0214.315] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0214.315] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.315] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b00ea
[0214.316] SetWindowLongW (hWnd=0x1b00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0214.316] GetWindowLongW (hWnd=0x1b00ea, nIndex=-4) returned 1950089536
[0214.316] SetWindowLongW (hWnd=0x1b00ea, nIndex=-4, dwNewLong=19944662) returned 1950089536
[0214.316] GetWindowLongW (hWnd=0x1b00ea, nIndex=-4) returned 19944662
[0214.316] GetWindowLongW (hWnd=0x1b00ea, nIndex=-16) returned 113770496
[0214.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0214.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0214.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0214.318] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0214.318] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0214.318] SetWindowTextW (hWnd=0x1b00ea, lpString="BB ransomware") returned 1
[0214.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xc, wParam=0x0, lParam=0x2d44bf4) returned 0x1
[0214.319] GetStartupInfoW (in: lpStartupInfo=0x2d46794 | out: lpStartupInfo=0x2d46794*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0214.321] GetParent (hWnd=0x1b00ea) returned 0x0
[0214.321] SetWindowLongW (hWnd=0x1b00ea, nIndex=-8, dwNewLong=0) returned 0
[0214.322] SendMessageW (hWnd=0x1b00ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0214.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0214.323] SendMessageW (hWnd=0x1b00ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0214.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0214.323] GetSystemMenu (hWnd=0x1b00ea, bRevert=0) returned 0x370201
[0214.323] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0214.323] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0214.323] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0214.324] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0214.324] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0214.324] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0214.324] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0214.324] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0214.324] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0214.324] SetWindowPos (hWnd=0x1b00ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0214.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0214.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1b00ea) returned 0x1
[0214.332] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0214.333] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0214.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.336] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1b00ea, lParam=0x0) returned 0x0
[0214.336] GetCapture () returned 0x0
[0214.336] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0214.337] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0214.339] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0214.342] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.342] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0214.342] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.342] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0214.343] GetParent (hWnd=0x1b00ea) returned 0x0
[0214.343] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0214.345] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0214.345] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0214.345] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0214.345] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0214.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.348] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.348] GetWindowLongW (hWnd=0x1b00ea, nIndex=-16) returned 113770496
[0214.348] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.348] GetSystemMetrics (nIndex=42) returned 0
[0214.348] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0214.348] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.348] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.349] GetSystemMetrics (nIndex=42) returned 0
[0214.349] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0214.349] GetCursorPos (in: lpPoint=0x2d469d0 | out: lpPoint=0x2d469d0*(x=264, y=622)) returned 1
[0214.349] MonitorFromPoint (pt=0x108, dwFlags=0x26e) returned 0x10001
[0214.349] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0214.349] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc10105d8
[0214.349] GetDeviceCaps (hdc=0xc10105d8, index=12) returned 32
[0214.349] GetDeviceCaps (hdc=0xc10105d8, index=14) returned 1
[0214.349] DeleteDC (hdc=0xc10105d8) returned 1
[0214.349] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0214.350] GetWindowLongW (hWnd=0x1b00ea, nIndex=-16) returned 113770496
[0214.350] GetWindowLongW (hWnd=0x1b00ea, nIndex=-20) returned 327945
[0214.350] SetWindowLongW (hWnd=0x1b00ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0214.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0214.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0214.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.352] SetWindowLongW (hWnd=0x1b00ea, nIndex=-20, dwNewLong=327681) returned 327945
[0214.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0214.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0214.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.354] SetWindowPos (hWnd=0x1b00ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0214.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0214.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0214.355] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0214.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0214.355] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0214.355] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0214.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.366] RedrawWindow (hWnd=0x1b00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0214.366] GetSystemMenu (hWnd=0x1b00ea, bRevert=0) returned 0x370201
[0214.366] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0214.366] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0214.366] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0214.366] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0214.366] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0214.366] EnableMenuItem (hMenu=0x370201, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0214.366] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0214.366] GetWindowLongW (hWnd=0x1b00ea, nIndex=-8) returned 0
[0214.367] SetWindowLongW (hWnd=0x1b00ea, nIndex=-8, dwNewLong=458844) returned 0
[0214.368] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0214.368] GetProcessWindowStation () returned 0x13c
[0214.368] GetCurrentThreadId () returned 0xf50
[0214.368] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13055ee, lParam=0x0) returned 1
[0214.368] IsWindowVisible (hWnd=0x1b00ea) returned 0
[0214.368] IsWindowVisible (hWnd=0x7005c) returned 1
[0214.368] IsWindowEnabled (hWnd=0x7005c) returned 1
[0214.368] IsWindowVisible (hWnd=0x300ec) returned 0
[0214.369] IsWindowVisible (hWnd=0x502c6) returned 0
[0214.369] IsWindowVisible (hWnd=0x502be) returned 0
[0214.369] GetActiveWindow () returned 0x1b00ea
[0214.369] GetFocus () returned 0x1b00ea
[0214.369] IsWindow (hWnd=0x7005c) returned 1
[0214.369] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0214.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0214.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0214.370] GetWindowLongW (hWnd=0x1b00ea, nIndex=-8) returned 458844
[0214.370] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0214.370] GetCurrentThreadId () returned 0xf50
[0214.370] GetWindowLongW (hWnd=0x1b00ea, nIndex=-8) returned 458844
[0214.370] IsWindowEnabled (hWnd=0x7005c) returned 0
[0214.370] IsWindowEnabled (hWnd=0x1b00ea) returned 1
[0214.370] ShowWindow (hWnd=0x1b00ea, nCmdShow=5) returned 0
[0214.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.370] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0214.371] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.371] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.371] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1b00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1202c8
[0214.371] SetWindowLongW (hWnd=0x1202c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0214.372] GetWindowLongW (hWnd=0x1202c8, nIndex=-4) returned 1950089536
[0214.373] SetWindowLongW (hWnd=0x1202c8, nIndex=-4, dwNewLong=19945822) returned 1950089536
[0214.373] GetWindowLongW (hWnd=0x1202c8, nIndex=-4) returned 19945822
[0214.373] GetWindowLongW (hWnd=0x1202c8, nIndex=-16) returned 1174405120
[0214.373] GetWindowLongW (hWnd=0x1202c8, nIndex=-12) returned 0
[0214.373] SetWindowLongW (hWnd=0x1202c8, nIndex=-12, dwNewLong=1180360) returned 0
[0214.373] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0214.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0214.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0214.375] GetWindow (hWnd=0x1202c8, uCmd=0x3) returned 0x0
[0214.375] GetClientRect (in: hWnd=0x1202c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0214.375] GetWindowRect (in: hWnd=0x1202c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0214.375] GetParent (hWnd=0x1202c8) returned 0x1b00ea
[0214.375] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0214.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0214.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0214.376] GetClientRect (in: hWnd=0x1202c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0214.376] GetWindowRect (in: hWnd=0x1202c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0214.376] GetParent (hWnd=0x1202c8) returned 0x1b00ea
[0214.376] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0214.376] SendMessageW (hWnd=0x1202c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1202c8) returned 0x0
[0214.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1202c8) returned 0x0
[0214.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.376] GetParent (hWnd=0x1202c8) returned 0x1b00ea
[0214.376] GetParent (hWnd=0xd02d0) returned 0x1802de
[0214.376] SetParent (hWndChild=0xd02d0, hWndNewParent=0x1b00ea) returned 0x1802de
[0214.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0214.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0214.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0214.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0214.377] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0214.377] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0214.378] GetWindowRect (in: hWnd=0xd02d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0214.378] GetParent (hWnd=0xd02d0) returned 0x1b00ea
[0214.378] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0214.378] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0214.378] GetWindowRect (in: hWnd=0xd02d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0214.378] GetParent (hWnd=0xd02d0) returned 0x1b00ea
[0214.378] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0214.378] GetParent (hWnd=0xd02d0) returned 0x1b00ea
[0214.378] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.378] GetWindow (hWnd=0xd02d0, uCmd=0x3) returned 0x0
[0214.378] SetWindowPos (hWnd=0xd02d0, hWndInsertAfter=0x1202c8, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0214.378] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0214.379] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0214.379] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0214.379] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0214.379] GetWindowRect (in: hWnd=0xd02d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0214.379] GetParent (hWnd=0xd02d0) returned 0x1b00ea
[0214.379] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0214.379] GetParent (hWnd=0xd02d0) returned 0x1b00ea
[0214.379] GetWindow (hWnd=0xd02d0, uCmd=0x3) returned 0x1202c8
[0214.379] GetWindowThreadProcessId (in: hWnd=0xd02d0, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0214.379] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0214.379] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.380] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.380] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a02d8
[0214.380] SetWindowLongW (hWnd=0x1a02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0214.380] GetWindowLongW (hWnd=0x1a02d8, nIndex=-4) returned 1868032000
[0214.381] SetWindowLongW (hWnd=0x1a02d8, nIndex=-4, dwNewLong=19946382) returned 1868032000
[0214.381] GetWindowLongW (hWnd=0x1a02d8, nIndex=-4) returned 19946382
[0214.381] GetWindowLongW (hWnd=0x1a02d8, nIndex=-16) returned 1174470667
[0214.381] GetWindowLongW (hWnd=0x1a02d8, nIndex=-12) returned 0
[0214.381] SetWindowLongW (hWnd=0x1a02d8, nIndex=-12, dwNewLong=1704664) returned 0
[0214.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0214.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0214.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0214.383] SendMessageW (hWnd=0x1a02d8, Msg=0x2055, wParam=0x1a02d8, lParam=0x3) returned 0x2
[0214.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0214.383] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0214.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0214.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0214.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0214.383] RedrawWindow (hWnd=0x1202c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0214.383] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0214.383] RedrawWindow (hWnd=0xd02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0214.383] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0214.383] RedrawWindow (hWnd=0x1a02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0214.383] RedrawWindow (hWnd=0x1b00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0214.384] GetWindow (hWnd=0x1a02d8, uCmd=0x3) returned 0xd02d0
[0214.384] GetClientRect (in: hWnd=0x1a02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0214.384] GetWindowRect (in: hWnd=0x1a02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0214.384] GetParent (hWnd=0x1a02d8) returned 0x1b00ea
[0214.384] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0214.384] SetWindowTextW (hWnd=0x1a02d8, lpString="&Details") returned 1
[0214.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0214.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0214.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0214.385] GetClientRect (in: hWnd=0x1a02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0214.385] GetWindowRect (in: hWnd=0x1a02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0214.385] GetParent (hWnd=0x1a02d8) returned 0x1b00ea
[0214.385] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0214.385] SendMessageW (hWnd=0x1a02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1a02d8) returned 0x0
[0214.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1a02d8) returned 0x0
[0214.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.385] GetParent (hWnd=0x1a02d8) returned 0x1b00ea
[0214.385] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0214.385] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.386] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.386] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1802da
[0214.386] SetWindowLongW (hWnd=0x1802da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0214.386] GetWindowLongW (hWnd=0x1802da, nIndex=-4) returned 1868032000
[0214.387] SetWindowLongW (hWnd=0x1802da, nIndex=-4, dwNewLong=19946422) returned 1868032000
[0214.387] GetWindowLongW (hWnd=0x1802da, nIndex=-4) returned 19946422
[0214.387] GetWindowLongW (hWnd=0x1802da, nIndex=-16) returned 1174470667
[0214.387] GetWindowLongW (hWnd=0x1802da, nIndex=-12) returned 0
[0214.387] SetWindowLongW (hWnd=0x1802da, nIndex=-12, dwNewLong=1573594) returned 0
[0214.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0214.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0214.390] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0214.397] SendMessageW (hWnd=0x1802da, Msg=0x2055, wParam=0x1802da, lParam=0x3) returned 0x2
[0214.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0214.398] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0214.398] GetWindow (hWnd=0x1802da, uCmd=0x3) returned 0x1a02d8
[0214.398] GetClientRect (in: hWnd=0x1802da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0214.398] GetWindowRect (in: hWnd=0x1802da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0214.398] GetParent (hWnd=0x1802da) returned 0x1b00ea
[0214.399] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0214.400] SetWindowTextW (hWnd=0x1802da, lpString="&Continue") returned 1
[0214.400] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0214.403] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0214.403] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0214.403] GetClientRect (in: hWnd=0x1802da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0214.403] GetWindowRect (in: hWnd=0x1802da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0214.403] GetParent (hWnd=0x1802da) returned 0x1b00ea
[0214.403] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0214.403] SendMessageW (hWnd=0x1802da, Msg=0x2210, wParam=0x2da0001, lParam=0x1802da) returned 0x0
[0214.403] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x2210, wParam=0x2da0001, lParam=0x1802da) returned 0x0
[0214.404] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.404] GetParent (hWnd=0x1802da) returned 0x1b00ea
[0214.404] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0214.404] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.405] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.405] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02ce
[0214.405] SetWindowLongW (hWnd=0xe02ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0214.405] GetWindowLongW (hWnd=0xe02ce, nIndex=-4) returned 1868032000
[0214.405] SetWindowLongW (hWnd=0xe02ce, nIndex=-4, dwNewLong=19941150) returned 1868032000
[0214.405] GetWindowLongW (hWnd=0xe02ce, nIndex=-4) returned 19941150
[0214.405] GetWindowLongW (hWnd=0xe02ce, nIndex=-16) returned 1174470667
[0214.406] GetWindowLongW (hWnd=0xe02ce, nIndex=-12) returned 0
[0214.406] SetWindowLongW (hWnd=0xe02ce, nIndex=-12, dwNewLong=918222) returned 0
[0214.406] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0214.406] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0214.406] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0214.407] SendMessageW (hWnd=0xe02ce, Msg=0x2055, wParam=0xe02ce, lParam=0x3) returned 0x2
[0214.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0214.407] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0214.407] GetWindow (hWnd=0xe02ce, uCmd=0x3) returned 0x1802da
[0214.407] GetClientRect (in: hWnd=0xe02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0214.407] GetWindowRect (in: hWnd=0xe02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0214.407] GetParent (hWnd=0xe02ce) returned 0x1b00ea
[0214.407] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0214.408] SetWindowTextW (hWnd=0xe02ce, lpString="&Quit") returned 1
[0214.408] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0214.408] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0214.408] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0214.408] GetClientRect (in: hWnd=0xe02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0214.408] GetWindowRect (in: hWnd=0xe02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0214.408] GetParent (hWnd=0xe02ce) returned 0x1b00ea
[0214.408] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0214.408] SendMessageW (hWnd=0xe02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xe02ce) returned 0x0
[0214.408] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0xe02ce) returned 0x0
[0214.409] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.409] GetParent (hWnd=0xe02ce) returned 0x1b00ea
[0214.409] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0214.409] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.409] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0214.409] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1b00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1802dc
[0214.410] SetWindowLongW (hWnd=0x1802dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0214.410] GetWindowLongW (hWnd=0x1802dc, nIndex=-4) returned 1868026976
[0214.411] SetWindowLongW (hWnd=0x1802dc, nIndex=-4, dwNewLong=19947358) returned 1868026976
[0214.411] GetWindowLongW (hWnd=0x1802dc, nIndex=-4) returned 19947358
[0214.411] GetWindowLongW (hWnd=0x1802dc, nIndex=-16) returned 1177553092
[0214.412] GetWindowLongW (hWnd=0x1802dc, nIndex=-12) returned 0
[0214.412] SetWindowLongW (hWnd=0x1802dc, nIndex=-12, dwNewLong=1573596) returned 0
[0214.412] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0214.413] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0214.414] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0214.430] GetWindow (hWnd=0x1802dc, uCmd=0x3) returned 0xe02ce
[0214.430] GetClientRect (in: hWnd=0x1802dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0214.430] GetWindowRect (in: hWnd=0x1802dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0214.430] GetParent (hWnd=0x1802dc) returned 0x1b00ea
[0214.430] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0214.430] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.430] GetSystemMetrics (nIndex=42) returned 0
[0214.430] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0214.430] SendMessageW (hWnd=0x1802dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0214.430] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0214.436] SetWindowTextW (hWnd=0x1802dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0214.436] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0xc, wParam=0x0, lParam=0x2d425dc) returned 0x1
[0214.438] GetSystemMetrics (nIndex=5) returned 1
[0214.438] GetSystemMetrics (nIndex=6) returned 1
[0214.438] SendMessageW (hWnd=0x1802dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0214.438] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0214.439] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0214.439] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0214.439] GetClientRect (in: hWnd=0x1802dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0214.439] GetWindowRect (in: hWnd=0x1802dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0214.439] GetParent (hWnd=0x1802dc) returned 0x1b00ea
[0214.439] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b00ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0214.439] SendMessageW (hWnd=0x1802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1802dc) returned 0x0
[0214.440] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1802dc) returned 0x0
[0214.440] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0214.440] GetParent (hWnd=0x1802dc) returned 0x1b00ea
[0214.440] GetWindowLongW (hWnd=0x1b00ea, nIndex=-8) returned 458844
[0214.440] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0214.440] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0214.440] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc80105d8
[0214.440] GetDeviceCaps (hdc=0xc80105d8, index=12) returned 32
[0214.440] GetDeviceCaps (hdc=0xc80105d8, index=14) returned 1
[0214.440] DeleteDC (hdc=0xc80105d8) returned 1
[0214.441] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0214.441] GetWindowThreadProcessId (in: hWnd=0x1b00ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0214.441] GetCurrentThreadId () returned 0xf50
[0214.441] PostMessageW (hWnd=0x1b00ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0214.441] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.441] GetSystemMetrics (nIndex=42) returned 0
[0214.441] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0214.441] GdipImageGetFrameDimensionsCount (image=0x664f100, count=0xd7e25c) returned 0x0
[0214.441] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200a58
[0214.441] GdipImageGetFrameDimensionsList (image=0x664f100, dimensionIDs=0x1200a58*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0214.441] LocalFree (hMem=0x1200a58) returned 0x0
[0214.441] GdipImageGetFrameDimensionsCount (image=0x664fe20, count=0xd7e250) returned 0x0
[0214.441] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200c50
[0214.441] GdipImageGetFrameDimensionsList (image=0x664fe20, dimensionIDs=0x1200c50*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0214.441] LocalFree (hMem=0x1200c50) returned 0x0
[0214.441] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0214.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0214.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0214.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0214.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.456] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0214.456] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0214.456] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.456] GetSystemMetrics (nIndex=42) returned 0
[0214.456] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0214.456] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0214.456] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0214.456] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0214.456] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0x45050671
[0214.456] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0214.456] SaveDC (hdc=0xf0105ee) returned 1
[0214.456] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0214.456] CreateSolidBrush (color=0xf0f0f0) returned 0x1d1007e1
[0214.456] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0x1d1007e1) returned 1
[0214.457] DeleteObject (ho=0x1d1007e1) returned 1
[0214.457] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0214.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0214.457] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0214.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0214.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0214.458] GetStockObject (i=5) returned 0x900015
[0214.458] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0214.458] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0214.458] GetStockObject (i=5) returned 0x900015
[0214.458] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0214.458] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0214.458] GetStockObject (i=5) returned 0x900015
[0214.459] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0214.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0214.459] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0214.459] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0214.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0214.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0214.461] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0214.461] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0214.461] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.461] InvalidateRect (hWnd=0x1a02d8, lpRect=0x0, bErase=0) returned 1
[0214.461] GetFocus () returned 0x1b00ea
[0214.461] GetFocus () returned 0x1b00ea
[0214.461] SetFocus (hWnd=0x1a02d8) returned 0x1b00ea
[0214.462] GetFocus () returned 0x1a02d8
[0214.462] IsChild (hWndParent=0x1b00ea, hWnd=0x1a02d8) returned 1
[0214.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x8, wParam=0x1a02d8, lParam=0x0) returned 0x0
[0214.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0214.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0214.471] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.471] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x7, wParam=0x1b00ea, lParam=0x0) returned 0x0
[0214.471] GetStockObject (i=5) returned 0x900015
[0214.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0214.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0214.472] GetDlgItem (hDlg=0x1b00ea, nIDDlgItem=1704664) returned 0x1a02d8
[0214.472] SendMessageW (hWnd=0x1a02d8, Msg=0x202b, wParam=0x1a02d8, lParam=0xd7e0dc) returned 0x0
[0214.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x202b, wParam=0x1a02d8, lParam=0xd7e0dc) returned 0x0
[0214.472] InvalidateRect (hWnd=0x1a02d8, lpRect=0x0, bErase=0) returned 1
[0214.476] GetFocus () returned 0x1a02d8
[0214.476] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.476] IsWindowUnicode (hWnd=0x1b00ea) returned 1
[0214.476] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.476] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.476] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0214.476] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.476] IsWindowUnicode (hWnd=0x1b00ea) returned 1
[0214.476] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.476] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.476] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.477] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0214.477] IsWindowUnicode (hWnd=0x1b00ea) returned 1
[0214.477] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.477] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.477] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.477] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.477] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.478] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.478] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.478] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0214.478] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0214.478] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.478] IsWindowUnicode (hWnd=0x1b00ea) returned 1
[0214.479] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.479] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.479] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.479] BeginPaint (in: hWnd=0x1b00ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0214.479] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.479] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.479] GetSystemMetrics (nIndex=42) returned 0
[0214.479] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0214.479] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.479] EndPaint (hWnd=0x1b00ea, lpPaint=0xd7e274) returned 1
[0214.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.480] IsWindowUnicode (hWnd=0x1202c8) returned 1
[0214.480] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.480] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.480] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.480] BeginPaint (in: hWnd=0x1202c8, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0214.480] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.480] CreateCompatibleDC (hdc=0x60100ce) returned 0xf30107eb
[0214.480] SelectObject (hdc=0xf30107eb, h=0x4a0507fe) returned 0x85000f
[0214.480] GdipCreateFromHDC (hdc=0xf30107eb, graphics=0xd7e2b0) returned 0x0
[0214.481] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.481] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0214.481] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0214.481] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0214.481] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e310) returned 0x0
[0214.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.481] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0214.481] LocalFree (hMem=0x11ee788) returned 0x0
[0214.481] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0214.482] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0214.482] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0214.482] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e304) returned 0x0
[0214.482] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0214.482] GetWindowTextLengthW (hWnd=0x1202c8) returned 0
[0214.482] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0214.482] GetSystemMetrics (nIndex=42) returned 0
[0214.482] GetWindowTextW (in: hWnd=0x1202c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0214.482] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0214.482] GetClientRect (in: hWnd=0x1202c8, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0214.482] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0214.482] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0214.482] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0214.482] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0214.482] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e164) returned 0x0
[0214.482] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0214.482] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0214.482] LocalFree (hMem=0x11ee868) returned 0x0
[0214.483] GdipCombineRegionRegion (region=0x6646448, region2=0x6646688, combineMode=0x1) returned 0x0
[0214.483] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.483] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0214.483] LocalFree (hMem=0x11eec58) returned 0x0
[0214.483] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0214.483] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0214.483] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0214.483] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0214.483] GdipDeleteRegion (region=0x6646448) returned 0x0
[0214.483] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0214.483] GetCurrentObject (hdc=0xf30107eb, type=0x1) returned 0xb00017
[0214.483] GetCurrentObject (hdc=0xf30107eb, type=0x2) returned 0x900010
[0214.483] GetCurrentObject (hdc=0xf30107eb, type=0x7) returned 0x4a0507fe
[0214.483] GetCurrentObject (hdc=0xf30107eb, type=0x6) returned 0x8a01c2
[0214.483] SaveDC (hdc=0xf30107eb) returned 1
[0214.483] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcd040807
[0214.483] GetClipRgn (hdc=0xf30107eb, hrgn=0xcd040807) returned 0
[0214.483] SelectClipRgn (hdc=0xf30107eb, hrgn=0x540407de) returned 2
[0214.484] DeleteObject (ho=0xcd040807) returned 1
[0214.484] DeleteObject (ho=0x540407de) returned 1
[0214.484] OffsetViewportOrgEx (in: hdc=0xf30107eb, x=0, y=0, lppt=0x2d4813c | out: lppt=0x2d4813c) returned 1
[0214.484] GetNearestColor (hdc=0xf30107eb, color=0xf0f0f0) returned 0xf0f0f0
[0214.484] CreateSolidBrush (color=0xf0f0f0) returned 0x1e1007e1
[0214.484] FillRect (hDC=0xf30107eb, lprc=0xd7e198, hbr=0x1e1007e1) returned 1
[0214.484] DeleteObject (ho=0x1e1007e1) returned 1
[0214.484] RestoreDC (hdc=0xf30107eb, nSavedDC=-1) returned 1
[0214.484] GdipReleaseDC (graphics=0x6600030, hdc=0xf30107eb) returned 0x0
[0214.484] GdipRestoreGraphics (graphics=0x6600030, state=0xfa120dbd) returned 0x0
[0214.484] GdipDeleteRegion (region=0x6646688) returned 0x0
[0214.484] GetWindowTextLengthW (hWnd=0x1202c8) returned 0
[0214.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0214.484] GetSystemMetrics (nIndex=42) returned 0
[0214.484] GetWindowTextW (in: hWnd=0x1202c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0214.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0214.484] GdipGetImageWidth (image=0x664f100, width=0xd7e1e0) returned 0x0
[0214.484] GdipGetImageHeight (image=0x664f100, height=0xd7e1e0) returned 0x0
[0214.485] GdipGetImageWidth (image=0x664f100, width=0xd7e1cc) returned 0x0
[0214.485] GdipGetImageHeight (image=0x664f100, height=0xd7e1cc) returned 0x0
[0214.485] GdipDrawImageRectI (graphics=0x6600030, image=0x664f100, x=16, y=16, width=32, height=32) returned 0x0
[0214.485] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0214.485] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0xf30107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.485] GdipReleaseDC (graphics=0x6600030, hdc=0xf30107eb) returned 0x0
[0214.485] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.485] SelectObject (hdc=0xf30107eb, h=0x85000f) returned 0x4a0507fe
[0214.485] DeleteDC (hdc=0xf30107eb) returned 1
[0214.485] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.485] EndPaint (hWnd=0x1202c8, lpPaint=0xd7e294) returned 1
[0214.485] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.485] IsWindowUnicode (hWnd=0xd02d0) returned 1
[0214.486] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.486] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.486] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.486] BeginPaint (in: hWnd=0xd02d0, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0214.486] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.486] CreateCompatibleDC (hdc=0xf0105ee) returned 0xf50107eb
[0214.486] GetObjectType (h=0xf0105ee) returned 0x3
[0214.486] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0xffffffffd40505d8
[0214.486] GetDIBits (in: hdc=0xf0105ee, hbm=0xd40505d8, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0214.486] GetDIBits (in: hdc=0xf0105ee, hbm=0xd40505d8, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0214.486] DeleteObject (ho=0xd40505d8) returned 1
[0214.486] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x6f0507ec
[0214.487] SelectObject (hdc=0xf50107eb, h=0x6f0507ec) returned 0x85000f
[0214.487] GdipCreateFromHDC (hdc=0xf50107eb, graphics=0xd7e234) returned 0x0
[0214.487] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.487] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0214.487] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0214.487] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0214.487] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2d4) returned 0x0
[0214.487] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0214.487] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0214.487] LocalFree (hMem=0x11ee9f0) returned 0x0
[0214.487] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0214.487] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0214.487] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0214.487] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0214.487] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0214.487] GetWindowTextLengthW (hWnd=0xd02d0) returned 232
[0214.488] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0214.488] GetSystemMetrics (nIndex=42) returned 0
[0214.488] GetWindowTextW (in: hWnd=0xd02d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0214.488] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0214.488] GetClientRect (in: hWnd=0xd02d0, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0214.488] GdipCreateRegion (region=0xd7e110) returned 0x0
[0214.488] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0214.488] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0214.488] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0214.488] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e128) returned 0x0
[0214.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.488] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0214.488] LocalFree (hMem=0x11ee788) returned 0x0
[0214.488] GdipCombineRegionRegion (region=0x6646f88, region2=0x66468c8, combineMode=0x1) returned 0x0
[0214.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0214.488] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0214.488] LocalFree (hMem=0x11ee9f0) returned 0x0
[0214.488] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0214.488] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e150) returned 0x0
[0214.488] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e140) returned 0x0
[0214.488] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0214.489] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0214.489] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0214.489] GetCurrentObject (hdc=0xf50107eb, type=0x1) returned 0xb00017
[0214.489] GetCurrentObject (hdc=0xf50107eb, type=0x2) returned 0x900010
[0214.489] GetCurrentObject (hdc=0xf50107eb, type=0x7) returned 0x6f0507ec
[0214.489] GetCurrentObject (hdc=0xf50107eb, type=0x6) returned 0x8a01c2
[0214.489] SaveDC (hdc=0xf50107eb) returned 1
[0214.489] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x550407de
[0214.489] GetClipRgn (hdc=0xf50107eb, hrgn=0x550407de) returned 0
[0214.489] SelectClipRgn (hdc=0xf50107eb, hrgn=0xce040807) returned 2
[0214.489] DeleteObject (ho=0x550407de) returned 1
[0214.489] DeleteObject (ho=0xce040807) returned 1
[0214.489] OffsetViewportOrgEx (in: hdc=0xf50107eb, x=0, y=0, lppt=0x2d49b04 | out: lppt=0x2d49b04) returned 1
[0214.489] GetNearestColor (hdc=0xf50107eb, color=0xf0f0f0) returned 0xf0f0f0
[0214.489] CreateSolidBrush (color=0xf0f0f0) returned 0x1f1007e1
[0214.489] FillRect (hDC=0xf50107eb, lprc=0xd7e15c, hbr=0x1f1007e1) returned 1
[0214.490] DeleteObject (ho=0x1f1007e1) returned 1
[0214.490] RestoreDC (hdc=0xf50107eb, nSavedDC=-1) returned 1
[0214.490] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107eb) returned 0x0
[0214.490] GdipRestoreGraphics (graphics=0x6600030, state=0xfa100dbd) returned 0x0
[0214.490] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0214.490] GetWindowTextLengthW (hWnd=0xd02d0) returned 232
[0214.490] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0214.490] GetSystemMetrics (nIndex=42) returned 0
[0214.490] GetWindowTextW (in: hWnd=0xd02d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0214.490] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0214.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0214.491] GetCurrentObject (hdc=0xf50107eb, type=0x1) returned 0xb00017
[0214.491] GetCurrentObject (hdc=0xf50107eb, type=0x2) returned 0x900010
[0214.491] GetCurrentObject (hdc=0xf50107eb, type=0x7) returned 0x6f0507ec
[0214.491] GetCurrentObject (hdc=0xf50107eb, type=0x6) returned 0x8a01c2
[0214.491] SaveDC (hdc=0xf50107eb) returned 1
[0214.491] GetNearestColor (hdc=0xf50107eb, color=0x0) returned 0x0
[0214.491] RestoreDC (hdc=0xf50107eb, nSavedDC=-1) returned 1
[0214.491] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107eb) returned 0x0
[0214.491] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0214.492] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0214.492] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d4a300 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0214.492] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0214.492] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0214.492] GetCurrentObject (hdc=0xf50107eb, type=0x1) returned 0xb00017
[0214.492] GetCurrentObject (hdc=0xf50107eb, type=0x2) returned 0x900010
[0214.492] GetCurrentObject (hdc=0xf50107eb, type=0x7) returned 0x6f0507ec
[0214.492] GetCurrentObject (hdc=0xf50107eb, type=0x6) returned 0x8a01c2
[0214.492] SaveDC (hdc=0xf50107eb) returned 1
[0214.492] GetTextAlign (hdc=0xf50107eb) returned 0x0
[0214.492] GetTextColor (hdc=0xf50107eb) returned 0x0
[0214.493] GetCurrentObject (hdc=0xf50107eb, type=0x6) returned 0x8a01c2
[0214.493] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0214.493] SelectObject (hdc=0xf50107eb, h=0x6d0a0520) returned 0x8a01c2
[0214.493] GetBkMode (hdc=0xf50107eb) returned 2
[0214.493] SetBkMode (hdc=0xf50107eb, mode=1) returned 2
[0214.493] DrawTextExW (in: hdc=0xf50107eb, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d4a524 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0214.496] RestoreDC (hdc=0xf50107eb, nSavedDC=-1) returned 1
[0214.496] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107eb) returned 0x0
[0214.496] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0214.496] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0xf50107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.496] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107eb) returned 0x0
[0214.496] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.496] SelectObject (hdc=0xf50107eb, h=0x85000f) returned 0x6f0507ec
[0214.496] DeleteDC (hdc=0xf50107eb) returned 1
[0214.496] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.496] DeleteObject (ho=0x6f0507ec) returned 1
[0214.531] EndPaint (hWnd=0xd02d0, lpPaint=0xd7e258) returned 1
[0214.531] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.531] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0214.532] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.532] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0214.532] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.532] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.533] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0214.534] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.534] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.534] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.534] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.534] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.535] IsWindowUnicode (hWnd=0x1a02d8) returned 1
[0214.535] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.535] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.535] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.535] BeginPaint (in: hWnd=0x1a02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0214.535] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.535] CreateCompatibleDC (hdc=0x10105d6) returned 0xd70105d8
[0214.535] SelectObject (hdc=0xd70105d8, h=0x4a0507fe) returned 0x85000f
[0214.535] GdipCreateFromHDC (hdc=0xd70105d8, graphics=0xd7e268) returned 0x0
[0214.535] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.535] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0214.535] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0214.535] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0214.536] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2c8) returned 0x0
[0214.536] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.536] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0214.536] LocalFree (hMem=0x11ee788) returned 0x0
[0214.536] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0214.536] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0214.536] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0214.536] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0214.536] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0214.536] GdipRestoreGraphics (graphics=0x6600030, state=0xfa0e0dbd) returned 0x0
[0214.536] GdipDeleteRegion (region=0x6646688) returned 0x0
[0214.536] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0214.536] GetCurrentObject (hdc=0xd70105d8, type=0x1) returned 0xb00017
[0214.536] GetCurrentObject (hdc=0xd70105d8, type=0x2) returned 0x900010
[0214.536] GetCurrentObject (hdc=0xd70105d8, type=0x7) returned 0x4a0507fe
[0214.536] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.536] SaveDC (hdc=0xd70105d8) returned 1
[0214.536] GetNearestColor (hdc=0xd70105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0xa0a0a0) returned 0xa0a0a0
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0x696969) returned 0x696969
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0xa0a0a0) returned 0xa0a0a0
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0x0) returned 0x0
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0xffffff) returned 0xffffff
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0xe5e5e5) returned 0xe5e5e5
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0xd7d7d7) returned 0xd7d7d7
[0214.537] GetNearestColor (hdc=0xd70105d8, color=0x0) returned 0x0
[0214.537] RestoreDC (hdc=0xd70105d8, nSavedDC=-1) returned 1
[0214.537] GdipReleaseDC (graphics=0x6600030, hdc=0xd70105d8) returned 0x0
[0214.537] IsAppThemed () returned 0x1
[0214.537] GetThemeAppProperties () returned 0x3
[0214.537] GetThemeAppProperties () returned 0x3
[0214.537] GdipGetImageWidth (image=0x664fe20, width=0xd7e168) returned 0x0
[0214.537] GdipGetImageHeight (image=0x664fe20, height=0xd7e168) returned 0x0
[0214.537] IsAppThemed () returned 0x1
[0214.537] GetThemeAppProperties () returned 0x3
[0214.537] GetThemeAppProperties () returned 0x3
[0214.538] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d4ac74 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0214.538] IsAppThemed () returned 0x1
[0214.538] GetThemeAppProperties () returned 0x3
[0214.538] GetThemeAppProperties () returned 0x3
[0214.538] IsAppThemed () returned 0x1
[0214.538] GetThemeAppProperties () returned 0x3
[0214.538] GetThemeAppProperties () returned 0x3
[0214.538] GetFocus () returned 0x1a02d8
[0214.538] IsAppThemed () returned 0x1
[0214.538] GetThemeAppProperties () returned 0x3
[0214.538] GetThemeAppProperties () returned 0x3
[0214.538] IsAppThemed () returned 0x1
[0214.538] GetThemeAppProperties () returned 0x3
[0214.538] GetThemeAppProperties () returned 0x3
[0214.539] IsThemePartDefined () returned 0x1
[0214.539] IsAppThemed () returned 0x1
[0214.539] GetThemeAppProperties () returned 0x3
[0214.539] GetThemeAppProperties () returned 0x3
[0214.539] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0214.539] IsAppThemed () returned 0x1
[0214.539] GetThemeAppProperties () returned 0x3
[0214.539] GetThemeAppProperties () returned 0x3
[0214.539] IsAppThemed () returned 0x1
[0214.539] GetThemeAppProperties () returned 0x3
[0214.539] GetThemeAppProperties () returned 0x3
[0214.539] IsThemePartDefined () returned 0x1
[0214.539] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0214.539] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0214.539] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0214.539] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0214.539] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0214.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0214.539] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0214.540] LocalFree (hMem=0x11ee868) returned 0x0
[0214.540] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0214.540] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eead0) returned 0x0
[0214.540] LocalFree (hMem=0x11eead0) returned 0x0
[0214.540] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0214.540] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e018) returned 0x0
[0214.540] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e008) returned 0x0
[0214.540] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0214.540] GdipDeleteRegion (region=0x6646688) returned 0x0
[0214.540] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0214.540] GetCurrentObject (hdc=0xd70105d8, type=0x1) returned 0xb00017
[0214.540] GetCurrentObject (hdc=0xd70105d8, type=0x2) returned 0x900010
[0214.540] GetCurrentObject (hdc=0xd70105d8, type=0x7) returned 0x4a0507fe
[0214.540] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.540] SaveDC (hdc=0xd70105d8) returned 1
[0214.540] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcf040807
[0214.540] GetClipRgn (hdc=0xd70105d8, hrgn=0xcf040807) returned 0
[0214.540] SelectClipRgn (hdc=0xd70105d8, hrgn=0x590407de) returned 2
[0214.541] DeleteObject (ho=0xcf040807) returned 1
[0214.541] DeleteObject (ho=0x590407de) returned 1
[0214.541] OffsetViewportOrgEx (in: hdc=0xd70105d8, x=0, y=0, lppt=0x2d4b324 | out: lppt=0x2d4b324) returned 1
[0214.541] DrawThemeParentBackground () returned 0x0
[0214.541] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0214.541] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0214.541] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.541] GetSystemMetrics (nIndex=42) returned 0
[0214.541] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0214.541] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0214.541] GetCurrentObject (hdc=0xd70105d8, type=0x1) returned 0xb00017
[0214.541] GetCurrentObject (hdc=0xd70105d8, type=0x2) returned 0x900010
[0214.541] GetCurrentObject (hdc=0xd70105d8, type=0x7) returned 0x4a0507fe
[0214.541] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.541] SaveDC (hdc=0xd70105d8) returned 2
[0214.542] GetNearestColor (hdc=0xd70105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.542] CreateSolidBrush (color=0xf0f0f0) returned 0x201007e1
[0214.542] FillRect (hDC=0xd70105d8, lprc=0xd7da38, hbr=0x201007e1) returned 1
[0214.542] DeleteObject (ho=0x201007e1) returned 1
[0214.542] RestoreDC (hdc=0xd70105d8, nSavedDC=-1) returned 1
[0214.542] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.542] GetSystemMetrics (nIndex=42) returned 0
[0214.542] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0214.542] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0214.542] GetCurrentObject (hdc=0xd70105d8, type=0x1) returned 0xb00017
[0214.542] GetCurrentObject (hdc=0xd70105d8, type=0x2) returned 0x900010
[0214.542] GetCurrentObject (hdc=0xd70105d8, type=0x7) returned 0x4a0507fe
[0214.542] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.542] SaveDC (hdc=0xd70105d8) returned 2
[0214.542] GetNearestColor (hdc=0xd70105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.542] CreateSolidBrush (color=0xf0f0f0) returned 0x211007e1
[0214.542] FillRect (hDC=0xd70105d8, lprc=0xd7d9d8, hbr=0x211007e1) returned 1
[0214.542] DeleteObject (ho=0x211007e1) returned 1
[0214.542] RestoreDC (hdc=0xd70105d8, nSavedDC=-1) returned 1
[0214.543] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.543] GetSystemMetrics (nIndex=42) returned 0
[0214.543] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0214.543] RestoreDC (hdc=0xd70105d8, nSavedDC=-1) returned 1
[0214.543] GdipReleaseDC (graphics=0x6600030, hdc=0xd70105d8) returned 0x0
[0214.543] IsAppThemed () returned 0x1
[0214.543] GetThemeAppProperties () returned 0x3
[0214.543] GetThemeAppProperties () returned 0x3
[0214.543] IsAppThemed () returned 0x1
[0214.543] GetThemeAppProperties () returned 0x3
[0214.543] GetThemeAppProperties () returned 0x3
[0214.543] IsThemePartDefined () returned 0x1
[0214.543] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0214.543] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.543] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0214.543] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0214.543] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0214.544] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0214.544] LocalFree (hMem=0x11eec58) returned 0x0
[0214.551] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0214.551] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0214.551] LocalFree (hMem=0x11eecc8) returned 0x0
[0214.551] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0214.551] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0214.551] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0214.551] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0214.551] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.551] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0214.551] GetCurrentObject (hdc=0xd70105d8, type=0x1) returned 0xb00017
[0214.551] GetCurrentObject (hdc=0xd70105d8, type=0x2) returned 0x900010
[0214.551] GetCurrentObject (hdc=0xd70105d8, type=0x7) returned 0x4a0507fe
[0214.551] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.551] SaveDC (hdc=0xd70105d8) returned 1
[0214.552] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a0407de
[0214.552] GetClipRgn (hdc=0xd70105d8, hrgn=0x5a0407de) returned 0
[0214.552] SelectClipRgn (hdc=0xd70105d8, hrgn=0xd1040807) returned 2
[0214.552] DeleteObject (ho=0x5a0407de) returned 1
[0214.552] DeleteObject (ho=0xd1040807) returned 1
[0214.552] OffsetViewportOrgEx (in: hdc=0xd70105d8, x=0, y=0, lppt=0x2d4bbd0 | out: lppt=0x2d4bbd0) returned 1
[0214.552] IsAppThemed () returned 0x1
[0214.554] GetThemeAppProperties () returned 0x3
[0214.554] GetThemeAppProperties () returned 0x3
[0214.554] DrawThemeBackground () returned 0x0
[0214.554] RestoreDC (hdc=0xd70105d8, nSavedDC=-1) returned 1
[0214.554] GdipReleaseDC (graphics=0x6600030, hdc=0xd70105d8) returned 0x0
[0214.554] GdipCreateRegion (region=0xd7df60) returned 0x0
[0214.554] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.554] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0214.554] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0214.554] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0214.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.554] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0214.554] LocalFree (hMem=0x11eec58) returned 0x0
[0214.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0214.554] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea28) returned 0x0
[0214.554] LocalFree (hMem=0x11eea28) returned 0x0
[0214.555] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0214.555] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0214.555] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0214.555] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0214.555] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.555] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0214.555] GetCurrentObject (hdc=0xd70105d8, type=0x1) returned 0xb00017
[0214.555] GetCurrentObject (hdc=0xd70105d8, type=0x2) returned 0x900010
[0214.555] GetCurrentObject (hdc=0xd70105d8, type=0x7) returned 0x4a0507fe
[0214.555] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.555] SaveDC (hdc=0xd70105d8) returned 1
[0214.555] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd2040807
[0214.555] GetClipRgn (hdc=0xd70105d8, hrgn=0xd2040807) returned 0
[0214.555] SelectClipRgn (hdc=0xd70105d8, hrgn=0x5b0407de) returned 2
[0214.555] DeleteObject (ho=0xd2040807) returned 1
[0214.556] DeleteObject (ho=0x5b0407de) returned 1
[0214.556] OffsetViewportOrgEx (in: hdc=0xd70105d8, x=0, y=0, lppt=0x2d4bea4 | out: lppt=0x2d4bea4) returned 1
[0214.556] IsAppThemed () returned 0x1
[0214.556] GetThemeAppProperties () returned 0x3
[0214.556] GetThemeAppProperties () returned 0x3
[0214.556] GetThemeBackgroundContentRect () returned 0x0
[0214.556] RestoreDC (hdc=0xd70105d8, nSavedDC=-1) returned 1
[0214.556] GdipReleaseDC (graphics=0x6600030, hdc=0xd70105d8) returned 0x0
[0214.556] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0214.556] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0214.556] GdipCloneRegion (region=0x6646b08, cloneRegion=0xd7e150) returned 0x0
[0214.556] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0214.556] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0214.556] GdipSetClipRegion (graphics=0x6600030, region=0x6646958, combineMode=0x0) returned 0x0
[0214.556] GdipGetImageWidth (image=0x664fe20, width=0xd7e154) returned 0x0
[0214.556] GdipGetImageHeight (image=0x664fe20, height=0xd7e148) returned 0x0
[0214.557] GdipDrawImageRectI (graphics=0x6600030, image=0x664fe20, x=4, y=4, width=16, height=16) returned 0x0
[0214.557] GdipSetClipRegion (graphics=0x6600030, region=0x6646b08, combineMode=0x0) returned 0x0
[0214.557] IsAppThemed () returned 0x1
[0214.557] GetThemeAppProperties () returned 0x3
[0214.557] GetThemeAppProperties () returned 0x3
[0214.557] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0214.557] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0214.557] GetCurrentObject (hdc=0xd70105d8, type=0x1) returned 0xb00017
[0214.557] GetCurrentObject (hdc=0xd70105d8, type=0x2) returned 0x900010
[0214.557] GetCurrentObject (hdc=0xd70105d8, type=0x7) returned 0x4a0507fe
[0214.557] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.557] SaveDC (hdc=0xd70105d8) returned 1
[0214.557] GetTextAlign (hdc=0xd70105d8) returned 0x0
[0214.557] GetTextColor (hdc=0xd70105d8) returned 0x0
[0214.557] GetCurrentObject (hdc=0xd70105d8, type=0x6) returned 0x8a01c2
[0214.557] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0214.558] SelectObject (hdc=0xd70105d8, h=0x6d0a0520) returned 0x8a01c2
[0214.558] GetBkMode (hdc=0xd70105d8) returned 2
[0214.558] SetBkMode (hdc=0xd70105d8, mode=1) returned 2
[0214.558] DrawTextExW (in: hdc=0xd70105d8, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d4c264 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0214.558] DrawTextExW (in: hdc=0xd70105d8, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d4c264 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0214.559] RestoreDC (hdc=0xd70105d8, nSavedDC=-1) returned 1
[0214.559] GdipReleaseDC (graphics=0x6600030, hdc=0xd70105d8) returned 0x0
[0214.559] GetFocus () returned 0x1a02d8
[0214.559] IsAppThemed () returned 0x1
[0214.559] GetThemeAppProperties () returned 0x3
[0214.559] GetThemeAppProperties () returned 0x3
[0214.559] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0214.559] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xd70105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.559] GdipReleaseDC (graphics=0x6600030, hdc=0xd70105d8) returned 0x0
[0214.559] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.560] SelectObject (hdc=0xd70105d8, h=0x85000f) returned 0x4a0507fe
[0214.560] DeleteDC (hdc=0xd70105d8) returned 1
[0214.560] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.560] EndPaint (hWnd=0x1a02d8, lpPaint=0xd7e24c) returned 1
[0214.560] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.561] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.561] IsWindowUnicode (hWnd=0x1802da) returned 1
[0214.561] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.561] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.561] SetCursor (hCursor=0x10003) returned 0x10003
[0214.561] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.561] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.561] _TrackMouseEvent (in: lpEventTrack=0x2d4c360 | out: lpEventTrack=0x2d4c360) returned 1
[0214.561] SendMessageW (hWnd=0x1802da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0214.561] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0214.561] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.562] GetKeyState (nVirtKey=1) returned 0
[0214.562] GetKeyState (nVirtKey=2) returned 0
[0214.562] GetKeyState (nVirtKey=4) returned 0
[0214.562] GetKeyState (nVirtKey=5) returned 0
[0214.562] GetKeyState (nVirtKey=6) returned 0
[0214.562] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.562] IsWindowUnicode (hWnd=0x1802da) returned 1
[0214.562] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.562] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.562] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.562] BeginPaint (in: hWnd=0x1802da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0214.562] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.562] CreateCompatibleDC (hdc=0x60100ce) returned 0xd90105d8
[0214.562] SelectObject (hdc=0xd90105d8, h=0x4a0507fe) returned 0x85000f
[0214.563] GdipCreateFromHDC (hdc=0xd90105d8, graphics=0xd7e268) returned 0x0
[0214.563] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.563] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0214.563] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0214.563] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0214.563] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0214.563] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0214.563] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0214.563] LocalFree (hMem=0x11ee910) returned 0x0
[0214.563] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0214.563] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0214.563] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0214.563] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0214.563] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0214.564] GdipRestoreGraphics (graphics=0x6600030, state=0xfa0c0dbd) returned 0x0
[0214.564] GdipDeleteRegion (region=0x6646448) returned 0x0
[0214.564] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0214.564] GetCurrentObject (hdc=0xd90105d8, type=0x1) returned 0xb00017
[0214.564] GetCurrentObject (hdc=0xd90105d8, type=0x2) returned 0x900010
[0214.564] GetCurrentObject (hdc=0xd90105d8, type=0x7) returned 0x4a0507fe
[0214.564] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.564] SaveDC (hdc=0xd90105d8) returned 1
[0214.564] GetNearestColor (hdc=0xd90105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.564] GetNearestColor (hdc=0xd90105d8, color=0xa0a0a0) returned 0xa0a0a0
[0214.564] GetNearestColor (hdc=0xd90105d8, color=0x696969) returned 0x696969
[0214.564] GetNearestColor (hdc=0xd90105d8, color=0xa0a0a0) returned 0xa0a0a0
[0214.564] GetNearestColor (hdc=0xd90105d8, color=0x0) returned 0x0
[0214.564] GetNearestColor (hdc=0xd90105d8, color=0xffffff) returned 0xffffff
[0214.565] GetNearestColor (hdc=0xd90105d8, color=0xe5e5e5) returned 0xe5e5e5
[0214.565] GetNearestColor (hdc=0xd90105d8, color=0xd7d7d7) returned 0xd7d7d7
[0214.565] GetNearestColor (hdc=0xd90105d8, color=0x0) returned 0x0
[0214.565] RestoreDC (hdc=0xd90105d8, nSavedDC=-1) returned 1
[0214.565] GdipReleaseDC (graphics=0x6600030, hdc=0xd90105d8) returned 0x0
[0214.565] IsAppThemed () returned 0x1
[0214.565] GetThemeAppProperties () returned 0x3
[0214.565] GetThemeAppProperties () returned 0x3
[0214.565] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0214.565] SendMessageW (hWnd=0x1b00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0214.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0214.565] IsAppThemed () returned 0x1
[0214.565] GetThemeAppProperties () returned 0x3
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d4cacc | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0214.566] IsAppThemed () returned 0x1
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] IsAppThemed () returned 0x1
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] IsAppThemed () returned 0x1
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] IsAppThemed () returned 0x1
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] GetThemeAppProperties () returned 0x3
[0214.566] IsThemePartDefined () returned 0x1
[0214.567] IsAppThemed () returned 0x1
[0214.567] GetThemeAppProperties () returned 0x3
[0214.567] GetThemeAppProperties () returned 0x3
[0214.567] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0214.567] IsAppThemed () returned 0x1
[0214.567] GetThemeAppProperties () returned 0x3
[0214.567] GetThemeAppProperties () returned 0x3
[0214.567] IsAppThemed () returned 0x1
[0214.567] GetThemeAppProperties () returned 0x3
[0214.567] GetThemeAppProperties () returned 0x3
[0214.567] IsThemePartDefined () returned 0x1
[0214.567] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0214.567] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.567] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0214.567] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0214.567] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dfe4) returned 0x0
[0214.567] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0214.567] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea98) returned 0x0
[0214.567] LocalFree (hMem=0x11eea98) returned 0x0
[0214.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0214.568] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0214.568] LocalFree (hMem=0x11eead0) returned 0x0
[0214.568] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0214.568] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0214.568] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0214.568] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0214.568] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.568] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0214.568] GetCurrentObject (hdc=0xd90105d8, type=0x1) returned 0xb00017
[0214.568] GetCurrentObject (hdc=0xd90105d8, type=0x2) returned 0x900010
[0214.568] GetCurrentObject (hdc=0xd90105d8, type=0x7) returned 0x4a0507fe
[0214.568] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.568] SaveDC (hdc=0xd90105d8) returned 1
[0214.568] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5c0407de
[0214.568] GetClipRgn (hdc=0xd90105d8, hrgn=0x5c0407de) returned 0
[0214.569] SelectClipRgn (hdc=0xd90105d8, hrgn=0xd6040807) returned 2
[0214.569] DeleteObject (ho=0x5c0407de) returned 1
[0214.569] DeleteObject (ho=0xd6040807) returned 1
[0214.569] OffsetViewportOrgEx (in: hdc=0xd90105d8, x=0, y=0, lppt=0x2d4d17c | out: lppt=0x2d4d17c) returned 1
[0214.569] DrawThemeParentBackground () returned 0x0
[0214.569] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0214.569] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0214.569] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.569] GetSystemMetrics (nIndex=42) returned 0
[0214.569] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0214.569] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0214.569] GetCurrentObject (hdc=0xd90105d8, type=0x1) returned 0xb00017
[0214.569] GetCurrentObject (hdc=0xd90105d8, type=0x2) returned 0x900010
[0214.570] GetCurrentObject (hdc=0xd90105d8, type=0x7) returned 0x4a0507fe
[0214.570] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.570] SaveDC (hdc=0xd90105d8) returned 2
[0214.570] GetNearestColor (hdc=0xd90105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.570] CreateSolidBrush (color=0xf0f0f0) returned 0x221007e1
[0214.570] FillRect (hDC=0xd90105d8, lprc=0xd7da30, hbr=0x221007e1) returned 1
[0214.570] DeleteObject (ho=0x221007e1) returned 1
[0214.570] RestoreDC (hdc=0xd90105d8, nSavedDC=-1) returned 1
[0214.570] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.570] GetSystemMetrics (nIndex=42) returned 0
[0214.570] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0214.571] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0214.571] GetCurrentObject (hdc=0xd90105d8, type=0x1) returned 0xb00017
[0214.571] GetCurrentObject (hdc=0xd90105d8, type=0x2) returned 0x900010
[0214.571] GetCurrentObject (hdc=0xd90105d8, type=0x7) returned 0x4a0507fe
[0214.571] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.571] SaveDC (hdc=0xd90105d8) returned 2
[0214.571] GetNearestColor (hdc=0xd90105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.571] CreateSolidBrush (color=0xf0f0f0) returned 0x231007e1
[0214.571] FillRect (hDC=0xd90105d8, lprc=0xd7d9d0, hbr=0x231007e1) returned 1
[0214.571] DeleteObject (ho=0x231007e1) returned 1
[0214.571] RestoreDC (hdc=0xd90105d8, nSavedDC=-1) returned 1
[0214.571] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.571] GetSystemMetrics (nIndex=42) returned 0
[0214.571] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0214.572] RestoreDC (hdc=0xd90105d8, nSavedDC=-1) returned 1
[0214.572] GdipReleaseDC (graphics=0x6600030, hdc=0xd90105d8) returned 0x0
[0214.572] IsAppThemed () returned 0x1
[0214.572] GetThemeAppProperties () returned 0x3
[0214.572] GetThemeAppProperties () returned 0x3
[0214.572] IsAppThemed () returned 0x1
[0214.572] GetThemeAppProperties () returned 0x3
[0214.572] GetThemeAppProperties () returned 0x3
[0214.572] IsThemePartDefined () returned 0x1
[0214.572] GdipCreateRegion (region=0xd7df50) returned 0x0
[0214.572] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0214.572] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0214.572] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0214.572] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df68) returned 0x0
[0214.572] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0214.573] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0214.573] LocalFree (hMem=0x11ee910) returned 0x0
[0214.573] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0214.573] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0214.573] LocalFree (hMem=0x11eea60) returned 0x0
[0214.573] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0214.573] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0214.573] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df80) returned 0x0
[0214.573] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0214.573] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0214.573] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0214.573] GetCurrentObject (hdc=0xd90105d8, type=0x1) returned 0xb00017
[0214.573] GetCurrentObject (hdc=0xd90105d8, type=0x2) returned 0x900010
[0214.573] GetCurrentObject (hdc=0xd90105d8, type=0x7) returned 0x4a0507fe
[0214.573] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.573] SaveDC (hdc=0xd90105d8) returned 1
[0214.574] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd7040807
[0214.574] GetClipRgn (hdc=0xd90105d8, hrgn=0xd7040807) returned 0
[0214.574] SelectClipRgn (hdc=0xd90105d8, hrgn=0x5e0407de) returned 2
[0214.574] DeleteObject (ho=0xd7040807) returned 1
[0214.574] DeleteObject (ho=0x5e0407de) returned 1
[0214.574] OffsetViewportOrgEx (in: hdc=0xd90105d8, x=0, y=0, lppt=0x2d4da28 | out: lppt=0x2d4da28) returned 1
[0214.574] IsAppThemed () returned 0x1
[0214.574] GetThemeAppProperties () returned 0x3
[0214.574] GetThemeAppProperties () returned 0x3
[0214.574] DrawThemeBackground () returned 0x0
[0214.574] RestoreDC (hdc=0xd90105d8, nSavedDC=-1) returned 1
[0214.574] GdipReleaseDC (graphics=0x6600030, hdc=0xd90105d8) returned 0x0
[0214.574] GdipCreateRegion (region=0xd7df54) returned 0x0
[0214.574] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0214.574] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0214.575] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0214.575] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df6c) returned 0x0
[0214.575] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.575] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0214.575] LocalFree (hMem=0x11eec58) returned 0x0
[0214.575] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.575] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0214.575] LocalFree (hMem=0x11eec58) returned 0x0
[0214.575] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0214.582] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0214.582] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0214.582] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0214.582] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0214.582] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0214.582] GetCurrentObject (hdc=0xd90105d8, type=0x1) returned 0xb00017
[0214.582] GetCurrentObject (hdc=0xd90105d8, type=0x2) returned 0x900010
[0214.582] GetCurrentObject (hdc=0xd90105d8, type=0x7) returned 0x4a0507fe
[0214.582] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.582] SaveDC (hdc=0xd90105d8) returned 1
[0214.582] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f0407de
[0214.582] GetClipRgn (hdc=0xd90105d8, hrgn=0x5f0407de) returned 0
[0214.582] SelectClipRgn (hdc=0xd90105d8, hrgn=0xd8040807) returned 2
[0214.582] DeleteObject (ho=0x5f0407de) returned 1
[0214.583] DeleteObject (ho=0xd8040807) returned 1
[0214.583] OffsetViewportOrgEx (in: hdc=0xd90105d8, x=0, y=0, lppt=0x2d4dcfc | out: lppt=0x2d4dcfc) returned 1
[0214.583] IsAppThemed () returned 0x1
[0214.583] GetThemeAppProperties () returned 0x3
[0214.583] GetThemeAppProperties () returned 0x3
[0214.583] GetThemeBackgroundContentRect () returned 0x0
[0214.583] RestoreDC (hdc=0xd90105d8, nSavedDC=-1) returned 1
[0214.583] GdipReleaseDC (graphics=0x6600030, hdc=0xd90105d8) returned 0x0
[0214.583] IsAppThemed () returned 0x1
[0214.583] GetThemeAppProperties () returned 0x3
[0214.583] GetThemeAppProperties () returned 0x3
[0214.583] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0214.583] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0214.583] GetCurrentObject (hdc=0xd90105d8, type=0x1) returned 0xb00017
[0214.583] GetCurrentObject (hdc=0xd90105d8, type=0x2) returned 0x900010
[0214.584] GetCurrentObject (hdc=0xd90105d8, type=0x7) returned 0x4a0507fe
[0214.584] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.584] SaveDC (hdc=0xd90105d8) returned 1
[0214.584] GetTextAlign (hdc=0xd90105d8) returned 0x0
[0214.584] GetTextColor (hdc=0xd90105d8) returned 0x0
[0214.584] GetCurrentObject (hdc=0xd90105d8, type=0x6) returned 0x8a01c2
[0214.584] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0214.584] SelectObject (hdc=0xd90105d8, h=0x6d0a0520) returned 0x8a01c2
[0214.584] GetBkMode (hdc=0xd90105d8) returned 2
[0214.584] SetBkMode (hdc=0xd90105d8, mode=1) returned 2
[0214.584] DrawTextExW (in: hdc=0xd90105d8, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d4e09c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0214.585] DrawTextExW (in: hdc=0xd90105d8, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d4e09c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0214.585] RestoreDC (hdc=0xd90105d8, nSavedDC=-1) returned 1
[0214.585] GdipReleaseDC (graphics=0x6600030, hdc=0xd90105d8) returned 0x0
[0214.585] GetFocus () returned 0x1a02d8
[0214.585] IsAppThemed () returned 0x1
[0214.585] GetThemeAppProperties () returned 0x3
[0214.585] GetThemeAppProperties () returned 0x3
[0214.586] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0214.586] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xd90105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.586] GdipReleaseDC (graphics=0x6600030, hdc=0xd90105d8) returned 0x0
[0214.586] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.586] SelectObject (hdc=0xd90105d8, h=0x85000f) returned 0x4a0507fe
[0214.586] DeleteDC (hdc=0xd90105d8) returned 1
[0214.586] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.586] EndPaint (hWnd=0x1802da, lpPaint=0xd7e24c) returned 1
[0214.586] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.587] IsWindowUnicode (hWnd=0xe02ce) returned 1
[0214.587] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.587] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.587] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.587] BeginPaint (in: hWnd=0xe02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0214.587] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.587] CreateCompatibleDC (hdc=0xf0105ee) returned 0xdb0105d8
[0214.587] SelectObject (hdc=0xdb0105d8, h=0x4a0507fe) returned 0x85000f
[0214.587] GdipCreateFromHDC (hdc=0xdb0105d8, graphics=0xd7e268) returned 0x0
[0214.587] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.587] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0214.588] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0214.588] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0214.588] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0214.588] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0214.588] LocalFree (hMem=0x11ee868) returned 0x0
[0214.588] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0214.588] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0214.588] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.588] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0214.588] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0214.588] GdipRestoreGraphics (graphics=0x6600030, state=0xfa0a0dbd) returned 0x0
[0214.588] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.588] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0214.588] GetCurrentObject (hdc=0xdb0105d8, type=0x1) returned 0xb00017
[0214.588] GetCurrentObject (hdc=0xdb0105d8, type=0x2) returned 0x900010
[0214.588] GetCurrentObject (hdc=0xdb0105d8, type=0x7) returned 0x4a0507fe
[0214.589] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.589] SaveDC (hdc=0xdb0105d8) returned 1
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0x696969) returned 0x696969
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0x0) returned 0x0
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0xffffff) returned 0xffffff
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0xe5e5e5) returned 0xe5e5e5
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0xd7d7d7) returned 0xd7d7d7
[0214.589] GetNearestColor (hdc=0xdb0105d8, color=0x0) returned 0x0
[0214.589] RestoreDC (hdc=0xdb0105d8, nSavedDC=-1) returned 1
[0214.589] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0105d8) returned 0x0
[0214.589] IsAppThemed () returned 0x1
[0214.590] GetThemeAppProperties () returned 0x3
[0214.590] GetThemeAppProperties () returned 0x3
[0214.590] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0214.590] SendMessageW (hWnd=0x1b00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0214.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0214.590] IsAppThemed () returned 0x1
[0214.590] GetThemeAppProperties () returned 0x3
[0214.590] GetThemeAppProperties () returned 0x3
[0214.590] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d4e8ac | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0214.590] IsAppThemed () returned 0x1
[0214.590] GetThemeAppProperties () returned 0x3
[0214.590] GetThemeAppProperties () returned 0x3
[0214.590] IsAppThemed () returned 0x1
[0214.590] GetThemeAppProperties () returned 0x3
[0214.591] GetThemeAppProperties () returned 0x3
[0214.591] GetFocus () returned 0x1a02d8
[0214.591] IsAppThemed () returned 0x1
[0214.591] GetThemeAppProperties () returned 0x3
[0214.591] GetThemeAppProperties () returned 0x3
[0214.591] IsAppThemed () returned 0x1
[0214.591] GetThemeAppProperties () returned 0x3
[0214.591] GetThemeAppProperties () returned 0x3
[0214.592] IsThemePartDefined () returned 0x1
[0214.592] IsAppThemed () returned 0x1
[0214.592] GetThemeAppProperties () returned 0x3
[0214.592] GetThemeAppProperties () returned 0x3
[0214.592] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0214.592] IsAppThemed () returned 0x1
[0214.592] GetThemeAppProperties () returned 0x3
[0214.592] GetThemeAppProperties () returned 0x3
[0214.592] IsAppThemed () returned 0x1
[0214.592] GetThemeAppProperties () returned 0x3
[0214.592] GetThemeAppProperties () returned 0x3
[0214.592] IsThemePartDefined () returned 0x1
[0214.592] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0214.592] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0214.592] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0214.592] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0214.592] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0214.592] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0214.592] LocalFree (hMem=0x11ee9f0) returned 0x0
[0214.592] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0214.593] LocalFree (hMem=0x11eec58) returned 0x0
[0214.593] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0214.593] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e018) returned 0x0
[0214.593] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e008) returned 0x0
[0214.593] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0214.593] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0214.593] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0214.593] GetCurrentObject (hdc=0xdb0105d8, type=0x1) returned 0xb00017
[0214.593] GetCurrentObject (hdc=0xdb0105d8, type=0x2) returned 0x900010
[0214.593] GetCurrentObject (hdc=0xdb0105d8, type=0x7) returned 0x4a0507fe
[0214.593] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.593] SaveDC (hdc=0xdb0105d8) returned 1
[0214.593] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd9040807
[0214.593] GetClipRgn (hdc=0xdb0105d8, hrgn=0xd9040807) returned 0
[0214.593] SelectClipRgn (hdc=0xdb0105d8, hrgn=0x630407de) returned 2
[0214.593] DeleteObject (ho=0xd9040807) returned 1
[0214.593] DeleteObject (ho=0x630407de) returned 1
[0214.594] OffsetViewportOrgEx (in: hdc=0xdb0105d8, x=0, y=0, lppt=0x2d4ef5c | out: lppt=0x2d4ef5c) returned 1
[0214.594] DrawThemeParentBackground () returned 0x0
[0214.594] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0214.594] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0214.594] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.594] GetSystemMetrics (nIndex=42) returned 0
[0214.594] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0214.594] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0214.594] GetCurrentObject (hdc=0xdb0105d8, type=0x1) returned 0xb00017
[0214.594] GetCurrentObject (hdc=0xdb0105d8, type=0x2) returned 0x900010
[0214.594] GetCurrentObject (hdc=0xdb0105d8, type=0x7) returned 0x4a0507fe
[0214.594] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.594] SaveDC (hdc=0xdb0105d8) returned 2
[0214.595] GetNearestColor (hdc=0xdb0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.595] CreateSolidBrush (color=0xf0f0f0) returned 0x241007e1
[0214.595] FillRect (hDC=0xdb0105d8, lprc=0xd7da38, hbr=0x241007e1) returned 1
[0214.595] DeleteObject (ho=0x241007e1) returned 1
[0214.595] RestoreDC (hdc=0xdb0105d8, nSavedDC=-1) returned 1
[0214.595] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.595] GetSystemMetrics (nIndex=42) returned 0
[0214.595] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0214.595] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0214.595] GetCurrentObject (hdc=0xdb0105d8, type=0x1) returned 0xb00017
[0214.595] GetCurrentObject (hdc=0xdb0105d8, type=0x2) returned 0x900010
[0214.595] GetCurrentObject (hdc=0xdb0105d8, type=0x7) returned 0x4a0507fe
[0214.595] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.596] SaveDC (hdc=0xdb0105d8) returned 2
[0214.596] GetNearestColor (hdc=0xdb0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0214.596] CreateSolidBrush (color=0xf0f0f0) returned 0x251007e1
[0214.596] FillRect (hDC=0xdb0105d8, lprc=0xd7d9d8, hbr=0x251007e1) returned 1
[0214.596] DeleteObject (ho=0x251007e1) returned 1
[0214.596] RestoreDC (hdc=0xdb0105d8, nSavedDC=-1) returned 1
[0214.596] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.596] GetSystemMetrics (nIndex=42) returned 0
[0214.596] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0214.596] RestoreDC (hdc=0xdb0105d8, nSavedDC=-1) returned 1
[0214.596] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0105d8) returned 0x0
[0214.597] IsAppThemed () returned 0x1
[0214.597] GetThemeAppProperties () returned 0x3
[0214.597] GetThemeAppProperties () returned 0x3
[0214.597] IsAppThemed () returned 0x1
[0214.597] GetThemeAppProperties () returned 0x3
[0214.597] GetThemeAppProperties () returned 0x3
[0214.597] IsThemePartDefined () returned 0x1
[0214.597] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0214.597] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0214.597] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0214.597] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0214.597] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0214.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.597] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0214.597] LocalFree (hMem=0x11ee788) returned 0x0
[0214.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0214.597] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0214.597] LocalFree (hMem=0x11ee868) returned 0x0
[0214.598] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0214.598] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0214.598] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0214.598] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0214.598] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0214.598] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0214.598] GetCurrentObject (hdc=0xdb0105d8, type=0x1) returned 0xb00017
[0214.598] GetCurrentObject (hdc=0xdb0105d8, type=0x2) returned 0x900010
[0214.598] GetCurrentObject (hdc=0xdb0105d8, type=0x7) returned 0x4a0507fe
[0214.598] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.598] SaveDC (hdc=0xdb0105d8) returned 1
[0214.598] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x640407de
[0214.598] GetClipRgn (hdc=0xdb0105d8, hrgn=0x640407de) returned 0
[0214.598] SelectClipRgn (hdc=0xdb0105d8, hrgn=0xdb040807) returned 2
[0214.598] DeleteObject (ho=0x640407de) returned 1
[0214.599] DeleteObject (ho=0xdb040807) returned 1
[0214.599] OffsetViewportOrgEx (in: hdc=0xdb0105d8, x=0, y=0, lppt=0x2d4f808 | out: lppt=0x2d4f808) returned 1
[0214.599] IsAppThemed () returned 0x1
[0214.599] GetThemeAppProperties () returned 0x3
[0214.599] GetThemeAppProperties () returned 0x3
[0214.599] DrawThemeBackground () returned 0x0
[0214.599] RestoreDC (hdc=0xdb0105d8, nSavedDC=-1) returned 1
[0214.599] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0105d8) returned 0x0
[0214.599] GdipCreateRegion (region=0xd7df60) returned 0x0
[0214.599] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0214.599] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0214.599] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0214.599] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0214.599] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0214.599] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0214.600] LocalFree (hMem=0x11ee910) returned 0x0
[0214.600] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0214.600] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0214.600] LocalFree (hMem=0x11eecc8) returned 0x0
[0214.600] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0214.600] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0214.600] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0214.600] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0214.600] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0214.600] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0214.600] GetCurrentObject (hdc=0xdb0105d8, type=0x1) returned 0xb00017
[0214.600] GetCurrentObject (hdc=0xdb0105d8, type=0x2) returned 0x900010
[0214.600] GetCurrentObject (hdc=0xdb0105d8, type=0x7) returned 0x4a0507fe
[0214.600] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.600] SaveDC (hdc=0xdb0105d8) returned 1
[0214.601] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdc040807
[0214.601] GetClipRgn (hdc=0xdb0105d8, hrgn=0xdc040807) returned 0
[0214.601] SelectClipRgn (hdc=0xdb0105d8, hrgn=0x650407de) returned 2
[0214.601] DeleteObject (ho=0xdc040807) returned 1
[0214.601] DeleteObject (ho=0x650407de) returned 1
[0214.601] OffsetViewportOrgEx (in: hdc=0xdb0105d8, x=0, y=0, lppt=0x2d4fadc | out: lppt=0x2d4fadc) returned 1
[0214.601] IsAppThemed () returned 0x1
[0214.601] GetThemeAppProperties () returned 0x3
[0214.601] GetThemeAppProperties () returned 0x3
[0214.601] GetThemeBackgroundContentRect () returned 0x0
[0214.601] RestoreDC (hdc=0xdb0105d8, nSavedDC=-1) returned 1
[0214.601] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0105d8) returned 0x0
[0214.601] IsAppThemed () returned 0x1
[0214.602] GetThemeAppProperties () returned 0x3
[0214.602] GetThemeAppProperties () returned 0x3
[0214.602] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0214.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0214.602] GetCurrentObject (hdc=0xdb0105d8, type=0x1) returned 0xb00017
[0214.602] GetCurrentObject (hdc=0xdb0105d8, type=0x2) returned 0x900010
[0214.602] GetCurrentObject (hdc=0xdb0105d8, type=0x7) returned 0x4a0507fe
[0214.602] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.602] SaveDC (hdc=0xdb0105d8) returned 1
[0214.602] GetTextAlign (hdc=0xdb0105d8) returned 0x0
[0214.602] GetTextColor (hdc=0xdb0105d8) returned 0x0
[0214.602] GetCurrentObject (hdc=0xdb0105d8, type=0x6) returned 0x8a01c2
[0214.602] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0214.603] SelectObject (hdc=0xdb0105d8, h=0x6d0a0520) returned 0x8a01c2
[0214.603] GetBkMode (hdc=0xdb0105d8) returned 2
[0214.603] SetBkMode (hdc=0xdb0105d8, mode=1) returned 2
[0214.603] DrawTextExW (in: hdc=0xdb0105d8, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d4fe7c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0214.603] DrawTextExW (in: hdc=0xdb0105d8, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d4fe7c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0214.603] RestoreDC (hdc=0xdb0105d8, nSavedDC=-1) returned 1
[0214.604] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0105d8) returned 0x0
[0214.604] GetFocus () returned 0x1a02d8
[0214.604] IsAppThemed () returned 0x1
[0214.604] GetThemeAppProperties () returned 0x3
[0214.604] GetThemeAppProperties () returned 0x3
[0214.604] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0214.604] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xdb0105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.604] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0105d8) returned 0x0
[0214.604] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.604] SelectObject (hdc=0xdb0105d8, h=0x85000f) returned 0x4a0507fe
[0214.604] DeleteDC (hdc=0xdb0105d8) returned 1
[0214.604] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.604] EndPaint (hWnd=0xe02ce, lpPaint=0xd7e24c) returned 1
[0214.605] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.605] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.605] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.605] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.605] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.605] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0214.605] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.605] CreateCompatibleDC (hdc=0x107b9) returned 0xdd0105d8
[0214.605] SelectObject (hdc=0xdd0105d8, h=0x4a0507fe) returned 0x85000f
[0214.605] GdipCreateFromHDC (hdc=0xdd0105d8, graphics=0xd7e268) returned 0x0
[0214.606] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.606] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0214.606] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0214.606] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0214.606] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0214.606] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.606] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0214.606] LocalFree (hMem=0x11ee788) returned 0x0
[0214.606] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0214.613] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0214.613] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0214.613] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0214.614] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0214.614] GdipRestoreGraphics (graphics=0x6600030, state=0xfa080dbd) returned 0x0
[0214.614] GdipDeleteRegion (region=0x6646448) returned 0x0
[0214.614] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0214.614] GetCurrentObject (hdc=0xdd0105d8, type=0x1) returned 0xb00017
[0214.614] GetCurrentObject (hdc=0xdd0105d8, type=0x2) returned 0x900010
[0214.614] GetCurrentObject (hdc=0xdd0105d8, type=0x7) returned 0x4a0507fe
[0214.614] GetCurrentObject (hdc=0xdd0105d8, type=0x6) returned 0x8a01c2
[0214.614] SaveDC (hdc=0xdd0105d8) returned 1
[0214.614] GetNearestColor (hdc=0xdd0105d8, color=0xff) returned 0xff
[0214.614] GetNearestColor (hdc=0xdd0105d8, color=0x55) returned 0x55
[0214.614] GetNearestColor (hdc=0xdd0105d8, color=0x0) returned 0x0
[0214.614] GetNearestColor (hdc=0xdd0105d8, color=0x55) returned 0x55
[0214.615] GetNearestColor (hdc=0xdd0105d8, color=0x0) returned 0x0
[0214.615] GetNearestColor (hdc=0xdd0105d8, color=0x8080ff) returned 0x8080ff
[0214.615] GetNearestColor (hdc=0xdd0105d8, color=0x7373e5) returned 0x7373e5
[0214.615] GetNearestColor (hdc=0xdd0105d8, color=0xe5) returned 0xe5
[0214.615] GetNearestColor (hdc=0xdd0105d8, color=0x0) returned 0x0
[0214.615] RestoreDC (hdc=0xdd0105d8, nSavedDC=-1) returned 1
[0214.615] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0105d8) returned 0x0
[0214.615] IsAppThemed () returned 0x1
[0214.615] GetThemeAppProperties () returned 0x3
[0214.615] GetThemeAppProperties () returned 0x3
[0214.615] IsAppThemed () returned 0x1
[0214.615] GetThemeAppProperties () returned 0x3
[0214.615] GetThemeAppProperties () returned 0x3
[0214.615] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d50644 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0214.616] IsAppThemed () returned 0x1
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] IsAppThemed () returned 0x1
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] GetFocus () returned 0x1a02d8
[0214.616] IsAppThemed () returned 0x1
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] IsAppThemed () returned 0x1
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] GetThemeAppProperties () returned 0x3
[0214.616] IsThemePartDefined () returned 0x1
[0214.617] IsAppThemed () returned 0x1
[0214.617] GetThemeAppProperties () returned 0x3
[0214.617] GetThemeAppProperties () returned 0x3
[0214.617] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0214.617] IsAppThemed () returned 0x1
[0214.617] GetThemeAppProperties () returned 0x3
[0214.617] GetThemeAppProperties () returned 0x3
[0214.617] IsAppThemed () returned 0x1
[0214.617] GetThemeAppProperties () returned 0x3
[0214.617] GetThemeAppProperties () returned 0x3
[0214.617] IsThemePartDefined () returned 0x1
[0214.617] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0214.617] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0214.617] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0214.617] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0214.617] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0214.617] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0214.618] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0214.618] LocalFree (hMem=0x11ee9f0) returned 0x0
[0214.618] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.618] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0214.618] LocalFree (hMem=0x11eec58) returned 0x0
[0214.618] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0214.618] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0214.618] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0214.618] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0214.618] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0214.618] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0214.618] GetCurrentObject (hdc=0xdd0105d8, type=0x1) returned 0xb00017
[0214.618] GetCurrentObject (hdc=0xdd0105d8, type=0x2) returned 0x900010
[0214.618] GetCurrentObject (hdc=0xdd0105d8, type=0x7) returned 0x4a0507fe
[0214.618] GetCurrentObject (hdc=0xdd0105d8, type=0x6) returned 0x8a01c2
[0214.618] SaveDC (hdc=0xdd0105d8) returned 1
[0214.619] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x660407de
[0214.619] GetClipRgn (hdc=0xdd0105d8, hrgn=0x660407de) returned 0
[0214.619] SelectClipRgn (hdc=0xdd0105d8, hrgn=0xe0040807) returned 2
[0214.619] DeleteObject (ho=0x660407de) returned 1
[0214.619] DeleteObject (ho=0xe0040807) returned 1
[0214.619] OffsetViewportOrgEx (in: hdc=0xdd0105d8, x=0, y=0, lppt=0x2d50cf4 | out: lppt=0x2d50cf4) returned 1
[0214.619] DrawThemeParentBackground () returned 0x0
[0214.619] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0214.619] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0214.619] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.619] GetSystemMetrics (nIndex=42) returned 0
[0214.620] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0214.620] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0214.620] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0214.620] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0214.620] SelectPalette (hdc=0xdd0105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.620] GdipCreateFromHDC (hdc=0xdd0105d8, graphics=0xd7dac8) returned 0x0
[0214.620] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0214.620] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0214.620] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638c08) returned 0x0
[0214.620] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7daa0) returned 0x0
[0214.620] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0214.620] GdipCreateRegion (region=0xd7da88) returned 0x0
[0214.621] GdipGetClip (graphics=0x664dac8, region=0x6646448) returned 0x0
[0214.621] GdipIsInfiniteRegion (region=0x6646448, graphics=0x664dac8, result=0xd7da94) returned 0x0
[0214.621] GdipDeleteRegion (region=0x6646448) returned 0x0
[0214.621] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dac0) returned 0x0
[0214.621] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0214.634] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0214.635] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0214.636] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0214.636] SelectPalette (hdc=0xdd0105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.636] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.637] GetSystemMetrics (nIndex=42) returned 0
[0214.637] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0214.637] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0214.637] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0214.637] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0214.637] SelectPalette (hdc=0xdd0105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.637] GdipCreateFromHDC (hdc=0xdd0105d8, graphics=0xd7da68) returned 0x0
[0214.637] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0214.637] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0214.637] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638cc8) returned 0x0
[0214.638] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7da40) returned 0x0
[0214.638] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0214.638] GdipCreateRegion (region=0xd7da28) returned 0x0
[0214.638] GdipGetClip (graphics=0x664dac8, region=0x66469e8) returned 0x0
[0214.638] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x664dac8, result=0xd7da34) returned 0x0
[0214.638] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0214.638] GdipSaveGraphics (graphics=0x664dac8, state=0xd7da60) returned 0x0
[0214.638] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0214.645] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0214.645] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0214.647] GdipRestoreGraphics (graphics=0x664dac8, state=0xfa040dbd) returned 0x0
[0214.647] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.647] GetSystemMetrics (nIndex=42) returned 0
[0214.647] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0214.648] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0214.648] SelectPalette (hdc=0xdd0105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.648] RestoreDC (hdc=0xdd0105d8, nSavedDC=-1) returned 1
[0214.648] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0105d8) returned 0x0
[0214.648] IsAppThemed () returned 0x1
[0214.648] GetThemeAppProperties () returned 0x3
[0214.648] GetThemeAppProperties () returned 0x3
[0214.648] IsAppThemed () returned 0x1
[0214.648] GetThemeAppProperties () returned 0x3
[0214.648] GetThemeAppProperties () returned 0x3
[0214.648] IsThemePartDefined () returned 0x1
[0214.648] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0214.649] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0214.649] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0214.649] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0214.649] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0214.649] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0214.649] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0214.649] LocalFree (hMem=0x11eea60) returned 0x0
[0214.649] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0214.649] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0214.649] LocalFree (hMem=0x11ee868) returned 0x0
[0214.649] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0214.649] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0214.649] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0214.649] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0214.650] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0214.650] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0214.650] GetCurrentObject (hdc=0xdd0105d8, type=0x1) returned 0xb00017
[0214.650] GetCurrentObject (hdc=0xdd0105d8, type=0x2) returned 0x900010
[0214.650] GetCurrentObject (hdc=0xdd0105d8, type=0x7) returned 0x4a0507fe
[0214.650] GetCurrentObject (hdc=0xdd0105d8, type=0x6) returned 0x8a01c2
[0214.650] SaveDC (hdc=0xdd0105d8) returned 1
[0214.650] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe1040807
[0214.650] GetClipRgn (hdc=0xdd0105d8, hrgn=0xe1040807) returned 0
[0214.650] SelectClipRgn (hdc=0xdd0105d8, hrgn=0x680407de) returned 2
[0214.650] DeleteObject (ho=0xe1040807) returned 1
[0214.650] DeleteObject (ho=0x680407de) returned 1
[0214.650] OffsetViewportOrgEx (in: hdc=0xdd0105d8, x=0, y=0, lppt=0x2d57544 | out: lppt=0x2d57544) returned 1
[0214.651] IsAppThemed () returned 0x1
[0214.651] GetThemeAppProperties () returned 0x3
[0214.651] GetThemeAppProperties () returned 0x3
[0214.651] DrawThemeBackground () returned 0x0
[0214.651] RestoreDC (hdc=0xdd0105d8, nSavedDC=-1) returned 1
[0214.651] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0105d8) returned 0x0
[0214.651] GdipCreateRegion (region=0xd7df60) returned 0x0
[0214.651] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0214.651] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0214.651] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0214.651] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0214.651] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.651] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0214.651] LocalFree (hMem=0x11eec58) returned 0x0
[0214.651] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.651] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0214.652] LocalFree (hMem=0x11eec58) returned 0x0
[0214.652] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0214.652] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0214.652] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7df90) returned 0x0
[0214.652] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0214.652] GdipDeleteRegion (region=0x6646568) returned 0x0
[0214.652] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0214.652] GetCurrentObject (hdc=0xdd0105d8, type=0x1) returned 0xb00017
[0214.652] GetCurrentObject (hdc=0xdd0105d8, type=0x2) returned 0x900010
[0214.652] GetCurrentObject (hdc=0xdd0105d8, type=0x7) returned 0x4a0507fe
[0214.652] GetCurrentObject (hdc=0xdd0105d8, type=0x6) returned 0x8a01c2
[0214.652] SaveDC (hdc=0xdd0105d8) returned 1
[0214.652] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x690407de
[0214.652] GetClipRgn (hdc=0xdd0105d8, hrgn=0x690407de) returned 0
[0214.652] SelectClipRgn (hdc=0xdd0105d8, hrgn=0xe2040807) returned 2
[0214.653] DeleteObject (ho=0x690407de) returned 1
[0214.653] DeleteObject (ho=0xe2040807) returned 1
[0214.653] OffsetViewportOrgEx (in: hdc=0xdd0105d8, x=0, y=0, lppt=0x2d57818 | out: lppt=0x2d57818) returned 1
[0214.653] IsAppThemed () returned 0x1
[0214.653] GetThemeAppProperties () returned 0x3
[0214.653] GetThemeAppProperties () returned 0x3
[0214.653] GetThemeBackgroundContentRect () returned 0x0
[0214.653] RestoreDC (hdc=0xdd0105d8, nSavedDC=-1) returned 1
[0214.653] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0105d8) returned 0x0
[0214.653] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0214.660] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0214.660] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0214.660] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0214.660] IsAppThemed () returned 0x1
[0214.660] GetThemeAppProperties () returned 0x3
[0214.660] GetThemeAppProperties () returned 0x3
[0214.661] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0214.661] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0214.661] GetCurrentObject (hdc=0xdd0105d8, type=0x1) returned 0xb00017
[0214.661] GetCurrentObject (hdc=0xdd0105d8, type=0x2) returned 0x900010
[0214.661] GetCurrentObject (hdc=0xdd0105d8, type=0x7) returned 0x4a0507fe
[0214.661] GetCurrentObject (hdc=0xdd0105d8, type=0x6) returned 0x8a01c2
[0214.661] SaveDC (hdc=0xdd0105d8) returned 1
[0214.661] GetTextAlign (hdc=0xdd0105d8) returned 0x0
[0214.661] GetTextColor (hdc=0xdd0105d8) returned 0x0
[0214.661] GetCurrentObject (hdc=0xdd0105d8, type=0x6) returned 0x8a01c2
[0214.661] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0214.661] SelectObject (hdc=0xdd0105d8, h=0x6d0a0520) returned 0x8a01c2
[0214.661] GetBkMode (hdc=0xdd0105d8) returned 2
[0214.661] SetBkMode (hdc=0xdd0105d8, mode=1) returned 2
[0214.661] DrawTextExW (in: hdc=0xdd0105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d57bdc | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0214.662] DrawTextExW (in: hdc=0xdd0105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d57bdc | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0214.662] RestoreDC (hdc=0xdd0105d8, nSavedDC=-1) returned 1
[0214.662] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0105d8) returned 0x0
[0214.662] GetFocus () returned 0x1a02d8
[0214.663] IsAppThemed () returned 0x1
[0214.663] GetThemeAppProperties () returned 0x3
[0214.663] GetThemeAppProperties () returned 0x3
[0214.663] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0214.663] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xdd0105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.663] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0105d8) returned 0x0
[0214.663] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.663] SelectObject (hdc=0xdd0105d8, h=0x85000f) returned 0x4a0507fe
[0214.663] DeleteDC (hdc=0xdd0105d8) returned 1
[0214.663] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.663] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0214.664] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.664] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.664] WaitMessage () returned 1
[0214.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.695] IsWindowUnicode (hWnd=0x1802da) returned 1
[0214.695] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.695] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.695] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.696] IsWindowUnicode (hWnd=0x1802da) returned 1
[0214.696] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.696] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.696] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.696] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x2a1, wParam=0x0, lParam=0xc003c) returned 0x0
[0214.696] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.696] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.696] WaitMessage () returned 1
[0214.769] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.769] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.769] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.769] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.769] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.770] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.770] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.770] WaitMessage () returned 1
[0214.771] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.771] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.771] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.771] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.771] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.772] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.772] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.772] WaitMessage () returned 1
[0214.772] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.772] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.772] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.772] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.772] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.787] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.787] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.787] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.787] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.787] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.788] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.788] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.788] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.788] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.788] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.788] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.789] IsWindowUnicode (hWnd=0x502c6) returned 1
[0214.789] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.789] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.789] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.789] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.789] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.789] WaitMessage () returned 1
[0214.791] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.791] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.791] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.791] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.791] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.792] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.792] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.792] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.792] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.793] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.793] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.793] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.793] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.793] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.793] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.793] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.793] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0214.793] WaitMessage () returned 1
[0214.794] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.794] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.794] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.794] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.794] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.799] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.799] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.799] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.799] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.799] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.800] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.800] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.800] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.800] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.800] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.800] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.800] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.800] IsWindowUnicode (hWnd=0x1802da) returned 1
[0214.800] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.800] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.800] GetDlgItem (hDlg=0x1b00ea, nIDDlgItem=0) returned 0x0
[0214.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x210, wParam=0x201, lParam=0x6a011d) returned 0x0
[0214.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x21, wParam=0x1b00ea, lParam=0x2010001) returned 0x1
[0214.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x21, wParam=0x1b00ea, lParam=0x2010001) returned 0x1
[0214.801] SetCursor (hCursor=0x10003) returned 0x10003
[0214.801] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.801] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.801] GetKeyState (nVirtKey=1) returned -127
[0214.801] GetKeyState (nVirtKey=2) returned 0
[0214.801] GetKeyState (nVirtKey=4) returned 0
[0214.801] GetKeyState (nVirtKey=5) returned 0
[0214.801] GetKeyState (nVirtKey=6) returned 0
[0214.801] IsWindowVisible (hWnd=0x1802da) returned 1
[0214.801] IsWindowEnabled (hWnd=0x1802da) returned 1
[0214.801] SetFocus (hWnd=0x1802da) returned 0x1a02d8
[0214.801] GetFocus () returned 0x1802da
[0214.801] IsChild (hWndParent=0x1b00ea, hWnd=0x1802da) returned 1
[0214.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x8, wParam=0x1802da, lParam=0x0) returned 0x0
[0214.802] GetCapture () returned 0x0
[0214.802] InvalidateRect (hWnd=0x1a02d8, lpRect=0x0, bErase=0) returned 1
[0214.802] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0214.804] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0214.805] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.805] InvalidateRect (hWnd=0x1a02d8, lpRect=0x0, bErase=0) returned 1
[0214.805] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.805] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x7, wParam=0x1a02d8, lParam=0x0) returned 0x0
[0214.805] GetStockObject (i=5) returned 0x900015
[0214.806] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0214.806] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0214.806] GetDlgItem (hDlg=0x1b00ea, nIDDlgItem=1573594) returned 0x1802da
[0214.806] SendMessageW (hWnd=0x1802da, Msg=0x202b, wParam=0x1802da, lParam=0xd7dddc) returned 0x0
[0214.806] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x202b, wParam=0x1802da, lParam=0xd7dddc) returned 0x0
[0214.806] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.807] GetFocus () returned 0x1802da
[0214.807] GetFocus () returned 0x1802da
[0214.807] GetFocus () returned 0x1802da
[0214.808] GetKeyState (nVirtKey=1) returned -127
[0214.808] GetKeyState (nVirtKey=2) returned 0
[0214.808] GetKeyState (nVirtKey=4) returned 0
[0214.808] GetKeyState (nVirtKey=5) returned 0
[0214.808] GetKeyState (nVirtKey=6) returned 0
[0214.808] GetCapture () returned 0x0
[0214.808] SetCapture (hWnd=0x1802da) returned 0x0
[0214.808] GetKeyState (nVirtKey=1) returned -127
[0214.808] GetKeyState (nVirtKey=2) returned 0
[0214.808] GetKeyState (nVirtKey=4) returned 0
[0214.808] GetKeyState (nVirtKey=5) returned 0
[0214.808] GetKeyState (nVirtKey=6) returned 0
[0214.808] NotifyWinEvent (event=0x800a, hwnd=0x1802da, idObject=-4, idChild=0)
[0214.808] InvalidateRect (hWnd=0x1802da, lpRect=0xd7e430, bErase=0) returned 1
[0214.808] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.808] IsWindowUnicode (hWnd=0x1802da) returned 1
[0214.808] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.808] TranslateMessage (lpMsg=0xd7e808) returned 0
[0214.808] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0214.809] MapWindowPoints (in: hWndFrom=0x1802da, hWndTo=0x0, lpPoints=0x2d57ea4, cPoints=0x1 | out: lpPoints=0x2d57ea4) returned 30999254
[0214.809] NotifyWinEvent (event=0x800a, hwnd=0x1802da, idObject=-4, idChild=0)
[0214.809] InvalidateRect (hWnd=0x1802da, lpRect=0xd7e3d0, bErase=0) returned 1
[0214.809] UpdateWindow (hWnd=0x1802da) returned 1
[0214.809] BeginPaint (in: hWnd=0x1802da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0214.809] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.809] CreateCompatibleDC (hdc=0x60100ce) returned 0x7e0107f1
[0214.809] SelectObject (hdc=0x7e0107f1, h=0x4a0507fe) returned 0x85000f
[0214.809] GdipCreateFromHDC (hdc=0x7e0107f1, graphics=0xd7df00) returned 0x0
[0214.812] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.812] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0214.812] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0214.812] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0214.812] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df60) returned 0x0
[0214.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.813] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0214.813] LocalFree (hMem=0x11ee788) returned 0x0
[0214.813] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0214.813] GdipCreateRegion (region=0xd7df48) returned 0x0
[0214.813] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.813] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df54) returned 0x0
[0214.813] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0214.813] GdipRestoreGraphics (graphics=0x6600030, state=0xfa020dbd) returned 0x0
[0214.813] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.813] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0214.813] GetCurrentObject (hdc=0x7e0107f1, type=0x1) returned 0xb00017
[0214.813] GetCurrentObject (hdc=0x7e0107f1, type=0x2) returned 0x900010
[0214.813] GetCurrentObject (hdc=0x7e0107f1, type=0x7) returned 0x4a0507fe
[0214.813] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.813] SaveDC (hdc=0x7e0107f1) returned 1
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0x696969) returned 0x696969
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0x0) returned 0x0
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0xffffff) returned 0xffffff
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0xe5e5e5) returned 0xe5e5e5
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0xd7d7d7) returned 0xd7d7d7
[0214.814] GetNearestColor (hdc=0x7e0107f1, color=0x0) returned 0x0
[0214.814] RestoreDC (hdc=0x7e0107f1, nSavedDC=-1) returned 1
[0214.814] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f1) returned 0x0
[0214.814] IsAppThemed () returned 0x1
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] IsAppThemed () returned 0x1
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d585fc | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0214.815] IsAppThemed () returned 0x1
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] IsAppThemed () returned 0x1
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] IsAppThemed () returned 0x1
[0214.815] GetThemeAppProperties () returned 0x3
[0214.815] GetThemeAppProperties () returned 0x3
[0214.816] IsAppThemed () returned 0x1
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] IsThemePartDefined () returned 0x1
[0214.816] IsAppThemed () returned 0x1
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0214.816] IsAppThemed () returned 0x1
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] IsAppThemed () returned 0x1
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] GetThemeAppProperties () returned 0x3
[0214.816] IsThemePartDefined () returned 0x1
[0214.816] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0214.816] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.816] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0214.816] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0214.816] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc7c) returned 0x0
[0214.816] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.817] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0214.817] LocalFree (hMem=0x11ee788) returned 0x0
[0214.817] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.817] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0214.817] LocalFree (hMem=0x11eec58) returned 0x0
[0214.817] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0214.817] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0214.817] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0214.817] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0214.817] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.817] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0214.817] GetCurrentObject (hdc=0x7e0107f1, type=0x1) returned 0xb00017
[0214.817] GetCurrentObject (hdc=0x7e0107f1, type=0x2) returned 0x900010
[0214.817] GetCurrentObject (hdc=0x7e0107f1, type=0x7) returned 0x4a0507fe
[0214.817] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.817] SaveDC (hdc=0x7e0107f1) returned 1
[0214.818] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe3040807
[0214.818] GetClipRgn (hdc=0x7e0107f1, hrgn=0xe3040807) returned 0
[0214.818] SelectClipRgn (hdc=0x7e0107f1, hrgn=0x6d0407de) returned 2
[0214.818] DeleteObject (ho=0xe3040807) returned 1
[0214.818] DeleteObject (ho=0x6d0407de) returned 1
[0214.818] OffsetViewportOrgEx (in: hdc=0x7e0107f1, x=0, y=0, lppt=0x2d58cac | out: lppt=0x2d58cac) returned 1
[0214.818] DrawThemeParentBackground () returned 0x0
[0214.818] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0214.818] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0214.818] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.818] GetSystemMetrics (nIndex=42) returned 0
[0214.818] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0214.819] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0214.819] GetCurrentObject (hdc=0x7e0107f1, type=0x1) returned 0xb00017
[0214.819] GetCurrentObject (hdc=0x7e0107f1, type=0x2) returned 0x900010
[0214.819] GetCurrentObject (hdc=0x7e0107f1, type=0x7) returned 0x4a0507fe
[0214.819] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.819] SaveDC (hdc=0x7e0107f1) returned 2
[0214.819] GetNearestColor (hdc=0x7e0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0214.819] CreateSolidBrush (color=0xf0f0f0) returned 0x261007e1
[0214.819] FillRect (hDC=0x7e0107f1, lprc=0xd7d6c8, hbr=0x261007e1) returned 1
[0214.819] DeleteObject (ho=0x261007e1) returned 1
[0214.819] RestoreDC (hdc=0x7e0107f1, nSavedDC=-1) returned 1
[0214.819] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.819] GetSystemMetrics (nIndex=42) returned 0
[0214.819] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0214.820] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0214.820] GetCurrentObject (hdc=0x7e0107f1, type=0x1) returned 0xb00017
[0214.820] GetCurrentObject (hdc=0x7e0107f1, type=0x2) returned 0x900010
[0214.820] GetCurrentObject (hdc=0x7e0107f1, type=0x7) returned 0x4a0507fe
[0214.820] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.820] SaveDC (hdc=0x7e0107f1) returned 2
[0214.820] GetNearestColor (hdc=0x7e0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0214.820] CreateSolidBrush (color=0xf0f0f0) returned 0x271007e1
[0214.820] FillRect (hDC=0x7e0107f1, lprc=0xd7d668, hbr=0x271007e1) returned 1
[0214.820] DeleteObject (ho=0x271007e1) returned 1
[0214.820] RestoreDC (hdc=0x7e0107f1, nSavedDC=-1) returned 1
[0214.820] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.821] GetSystemMetrics (nIndex=42) returned 0
[0214.821] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0214.821] RestoreDC (hdc=0x7e0107f1, nSavedDC=-1) returned 1
[0214.821] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f1) returned 0x0
[0214.821] IsAppThemed () returned 0x1
[0214.821] GetThemeAppProperties () returned 0x3
[0214.821] GetThemeAppProperties () returned 0x3
[0214.821] IsAppThemed () returned 0x1
[0214.821] GetThemeAppProperties () returned 0x3
[0214.821] GetThemeAppProperties () returned 0x3
[0214.821] IsThemePartDefined () returned 0x1
[0214.821] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0214.821] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0214.821] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0214.821] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0214.822] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc00) returned 0x0
[0214.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0214.822] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0214.822] LocalFree (hMem=0x11ee9f0) returned 0x0
[0214.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.822] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0214.822] LocalFree (hMem=0x11ee788) returned 0x0
[0214.822] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0214.822] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0214.822] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0214.822] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0214.822] GdipDeleteRegion (region=0x6646298) returned 0x0
[0214.822] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0214.822] GetCurrentObject (hdc=0x7e0107f1, type=0x1) returned 0xb00017
[0214.822] GetCurrentObject (hdc=0x7e0107f1, type=0x2) returned 0x900010
[0214.822] GetCurrentObject (hdc=0x7e0107f1, type=0x7) returned 0x4a0507fe
[0214.822] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.823] SaveDC (hdc=0x7e0107f1) returned 1
[0214.823] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e0407de
[0214.823] GetClipRgn (hdc=0x7e0107f1, hrgn=0x6e0407de) returned 0
[0214.823] SelectClipRgn (hdc=0x7e0107f1, hrgn=0xe5040807) returned 2
[0214.823] DeleteObject (ho=0x6e0407de) returned 1
[0214.823] DeleteObject (ho=0xe5040807) returned 1
[0214.823] OffsetViewportOrgEx (in: hdc=0x7e0107f1, x=0, y=0, lppt=0x2d59558 | out: lppt=0x2d59558) returned 1
[0214.823] IsAppThemed () returned 0x1
[0214.823] GetThemeAppProperties () returned 0x3
[0214.823] GetThemeAppProperties () returned 0x3
[0214.823] DrawThemeBackground () returned 0x0
[0214.823] RestoreDC (hdc=0x7e0107f1, nSavedDC=-1) returned 1
[0214.823] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f1) returned 0x0
[0214.823] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0214.823] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0214.824] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0214.824] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0214.824] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc04) returned 0x0
[0214.824] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.824] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0214.824] LocalFree (hMem=0x11eec58) returned 0x0
[0214.824] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.824] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0214.824] LocalFree (hMem=0x11eec58) returned 0x0
[0214.824] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0214.824] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0214.824] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0214.824] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0214.824] GdipDeleteRegion (region=0x6646448) returned 0x0
[0214.824] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0214.824] GetCurrentObject (hdc=0x7e0107f1, type=0x1) returned 0xb00017
[0214.824] GetCurrentObject (hdc=0x7e0107f1, type=0x2) returned 0x900010
[0214.824] GetCurrentObject (hdc=0x7e0107f1, type=0x7) returned 0x4a0507fe
[0214.825] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.825] SaveDC (hdc=0x7e0107f1) returned 1
[0214.825] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe6040807
[0214.825] GetClipRgn (hdc=0x7e0107f1, hrgn=0xe6040807) returned 0
[0214.825] SelectClipRgn (hdc=0x7e0107f1, hrgn=0x6f0407de) returned 2
[0214.827] DeleteObject (ho=0xe6040807) returned 1
[0214.827] DeleteObject (ho=0x6f0407de) returned 1
[0214.827] OffsetViewportOrgEx (in: hdc=0x7e0107f1, x=0, y=0, lppt=0x2d5982c | out: lppt=0x2d5982c) returned 1
[0214.828] IsAppThemed () returned 0x1
[0214.828] GetThemeAppProperties () returned 0x3
[0214.828] GetThemeAppProperties () returned 0x3
[0214.828] GetThemeBackgroundContentRect () returned 0x0
[0214.828] RestoreDC (hdc=0x7e0107f1, nSavedDC=-1) returned 1
[0214.828] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f1) returned 0x0
[0214.828] IsAppThemed () returned 0x1
[0214.828] GetThemeAppProperties () returned 0x3
[0214.828] GetThemeAppProperties () returned 0x3
[0214.828] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0214.828] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0214.828] GetCurrentObject (hdc=0x7e0107f1, type=0x1) returned 0xb00017
[0214.828] GetCurrentObject (hdc=0x7e0107f1, type=0x2) returned 0x900010
[0214.828] GetCurrentObject (hdc=0x7e0107f1, type=0x7) returned 0x4a0507fe
[0214.828] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.828] SaveDC (hdc=0x7e0107f1) returned 1
[0214.828] GetTextAlign (hdc=0x7e0107f1) returned 0x0
[0214.829] GetTextColor (hdc=0x7e0107f1) returned 0x0
[0214.829] GetCurrentObject (hdc=0x7e0107f1, type=0x6) returned 0x8a01c2
[0214.829] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0214.829] SelectObject (hdc=0x7e0107f1, h=0x6d0a0520) returned 0x8a01c2
[0214.829] GetBkMode (hdc=0x7e0107f1) returned 2
[0214.829] SetBkMode (hdc=0x7e0107f1, mode=1) returned 2
[0214.829] DrawTextExW (in: hdc=0x7e0107f1, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d59bcc | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0214.829] DrawTextExW (in: hdc=0x7e0107f1, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d59bcc | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0214.830] RestoreDC (hdc=0x7e0107f1, nSavedDC=-1) returned 1
[0214.830] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f1) returned 0x0
[0214.830] GetFocus () returned 0x1802da
[0214.830] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0214.830] SendMessageW (hWnd=0x1b00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0214.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0214.830] IsAppThemed () returned 0x1
[0214.830] GetThemeAppProperties () returned 0x3
[0214.830] GetThemeAppProperties () returned 0x3
[0214.830] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0214.830] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x7e0107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.831] GdipReleaseDC (graphics=0x6600030, hdc=0x7e0107f1) returned 0x0
[0214.831] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.831] SelectObject (hdc=0x7e0107f1, h=0x85000f) returned 0x4a0507fe
[0214.831] DeleteDC (hdc=0x7e0107f1) returned 1
[0214.831] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.831] EndPaint (hWnd=0x1802da, lpPaint=0xd7dee4) returned 1
[0214.831] MapWindowPoints (in: hWndFrom=0x1802da, hWndTo=0x0, lpPoints=0x2d59cc8, cPoints=0x1 | out: lpPoints=0x2d59cc8) returned 30999254
[0214.831] WindowFromPoint (Point=0x312) returned 0x1802da
[0214.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.831] NotifyWinEvent (event=0x800a, hwnd=0x1802da, idObject=-4, idChild=0)
[0214.831] NotifyWinEvent (event=0x800c, hwnd=0x1802da, idObject=-4, idChild=0)
[0214.832] GetCapture () returned 0x1802da
[0214.832] ReleaseCapture () returned 1
[0214.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0214.832] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0214.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.833] IsWindow (hWnd=0x7005c) returned 1
[0214.833] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0214.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0214.833] IsWindow (hWnd=0x1b00ea) returned 1
[0214.833] SetActiveWindow (hWnd=0x1b00ea) returned 0x1b00ea
[0214.833] IsWindow (hWnd=0x1b00ea) returned 1
[0214.833] SetFocus (hWnd=0x1b00ea) returned 0x1802da
[0214.834] GetFocus () returned 0x1b00ea
[0214.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x8, wParam=0x1b00ea, lParam=0x0) returned 0x0
[0214.834] GetCapture () returned 0x0
[0214.834] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0214.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0214.838] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.838] GetFocus () returned 0x1b00ea
[0214.838] SetFocus (hWnd=0x1802da) returned 0x1b00ea
[0214.838] GetFocus () returned 0x1802da
[0214.839] IsChild (hWndParent=0x1b00ea, hWnd=0x1802da) returned 1
[0214.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x8, wParam=0x1802da, lParam=0x0) returned 0x0
[0214.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0214.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0214.844] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x7, wParam=0x1b00ea, lParam=0x0) returned 0x0
[0214.844] GetStockObject (i=5) returned 0x900015
[0214.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0214.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0214.845] GetDlgItem (hDlg=0x1b00ea, nIDDlgItem=1573594) returned 0x1802da
[0214.845] SendMessageW (hWnd=0x1802da, Msg=0x202b, wParam=0x1802da, lParam=0xd7ddcc) returned 0x0
[0214.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x202b, wParam=0x1802da, lParam=0xd7ddcc) returned 0x0
[0214.845] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.846] GetWindowLongW (hWnd=0x1b00ea, nIndex=-8) returned 458844
[0214.846] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0214.846] GetCurrentThreadId () returned 0xf50
[0214.846] IsWindow (hWnd=0x7005c) returned 1
[0214.846] IsWindow (hWnd=0x7005c) returned 1
[0214.846] IsWindowVisible (hWnd=0x7005c) returned 1
[0214.846] SetActiveWindow (hWnd=0x7005c) returned 0x1b00ea
[0214.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0214.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0214.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0214.851] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0214.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0214.851] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0214.851] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0214.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1b00ea) returned 0x1
[0214.856] GetFocus () returned 0x1802da
[0214.856] SetFocus (hWnd=0x602c4) returned 0x1802da
[0214.856] GetFocus () returned 0x602c4
[0214.856] IsChild (hWndParent=0x1b00ea, hWnd=0x602c4) returned 0
[0214.856] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0214.856] GetCapture () returned 0x0
[0214.856] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.857] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0214.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0214.860] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0214.861] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0214.862] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0214.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1802da, lParam=0x0) returned 0x0
[0214.862] GetStockObject (i=5) returned 0x900015
[0214.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0214.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8a0) returned 0xc
[0214.862] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0214.862] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0214.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0214.862] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0214.864] GetFocus () returned 0x602c4
[0214.864] IsChild (hWndParent=0x1b00ea, hWnd=0x602c4) returned 0
[0214.864] ShowWindow (hWnd=0x1b00ea, nCmdShow=0) returned 1
[0214.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0214.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0214.866] GetWindowPlacement (in: hWnd=0x1b00ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0214.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0214.866] GetClientRect (in: hWnd=0x1b00ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0214.867] GetWindowRect (in: hWnd=0x1b00ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0214.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0214.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0214.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0214.868] GetWindowLongW (hWnd=0x1b00ea, nIndex=-20) returned 327945
[0214.868] DestroyWindow (hWnd=0x1b00ea) returned 1
[0214.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0214.868] GetWindowTextLengthW (hWnd=0x1b00ea) returned 13
[0214.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.869] GetSystemMetrics (nIndex=42) returned 0
[0214.869] GetWindowTextW (in: hWnd=0x1b00ea, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0214.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0214.869] GetWindowTextLengthW (hWnd=0x1202c8) returned 0
[0214.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0214.869] GetSystemMetrics (nIndex=42) returned 0
[0214.869] GetWindowTextW (in: hWnd=0x1202c8, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0214.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0214.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0214.869] GetWindowThreadProcessId (in: hWnd=0x1802de, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0214.869] GetWindow (hWnd=0x1802de, uCmd=0x5) returned 0x0
[0214.869] GetWindowLongW (hWnd=0x1802de, nIndex=-20) returned 65792
[0214.869] DestroyWindow (hWnd=0x1802de) returned 1
[0214.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0214.870] GetWindowTextLengthW (hWnd=0x1802de) returned 25
[0214.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0214.870] GetSystemMetrics (nIndex=42) returned 0
[0214.870] GetWindowTextW (in: hWnd=0x1802de, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0214.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0214.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0214.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.872] GetWindowTextLengthW (hWnd=0xd02d0) returned 232
[0214.872] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0214.872] GetSystemMetrics (nIndex=42) returned 0
[0214.872] GetWindowTextW (in: hWnd=0xd02d0, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0214.872] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0214.879] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0214.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0214.880] InvalidateRect (hWnd=0x1802da, lpRect=0x0, bErase=0) returned 1
[0214.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0214.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0214.880] SendMessageW (hWnd=0x1802dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0214.880] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0214.880] SendMessageW (hWnd=0x1802dc, Msg=0xb0, wParam=0x2d24460, lParam=0xd7e480) returned 0x0
[0214.880] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0xb0, wParam=0x2d24460, lParam=0xd7e480) returned 0x0
[0214.880] GetWindowTextLengthW (hWnd=0x1802dc) returned 4363
[0214.880] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0214.880] GetSystemMetrics (nIndex=42) returned 0
[0214.880] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0214.880] GetWindowTextW (in: hWnd=0x1802dc, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0214.881] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0214.881] CoTaskMemFree (pv=0x1209508)
[0214.881] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0214.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.883] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0xd02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.884] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.885] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.886] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.898] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0214.902] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.902] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.902] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.902] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.902] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.903] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.903] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.903] IsWindowUnicode (hWnd=0x7005c) returned 1
[0214.903] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.904] SetCursor (hCursor=0x10003) returned 0x10003
[0214.904] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.904] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.904] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0214.904] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0214.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0214.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100254) returned 0x0
[0214.904] GetKeyState (nVirtKey=1) returned 1
[0214.905] GetKeyState (nVirtKey=2) returned 0
[0214.905] GetKeyState (nVirtKey=4) returned 0
[0214.905] GetKeyState (nVirtKey=5) returned 0
[0214.905] GetKeyState (nVirtKey=6) returned 0
[0214.905] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.905] IsWindowUnicode (hWnd=0x7005c) returned 1
[0214.905] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.906] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.906] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.906] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.906] IsWindowUnicode (hWnd=0x7005c) returned 1
[0214.906] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e50312) returned 0x1
[0214.906] SetCursor (hCursor=0x10003) returned 0x10003
[0214.907] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.907] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.907] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100254) returned 0x0
[0214.907] GetKeyState (nVirtKey=1) returned 1
[0214.907] GetKeyState (nVirtKey=2) returned 0
[0214.907] GetKeyState (nVirtKey=4) returned 0
[0214.907] GetKeyState (nVirtKey=5) returned 0
[0214.907] GetKeyState (nVirtKey=6) returned 0
[0214.907] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.907] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.907] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.908] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.908] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.908] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.909] IsWindowUnicode (hWnd=0x602c4) returned 1
[0214.909] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.909] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.909] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.909] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0214.909] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.909] CreateCompatibleDC (hdc=0x60100ce) returned 0x990107d0
[0214.909] SelectObject (hdc=0x990107d0, h=0x4a0507fe) returned 0x85000f
[0214.909] GdipCreateFromHDC (hdc=0x990107d0, graphics=0xd7e798) returned 0x0
[0214.910] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0214.910] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0214.910] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0214.910] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0214.910] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e7f8) returned 0x0
[0214.910] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0214.910] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0214.910] LocalFree (hMem=0x11eecc8) returned 0x0
[0214.910] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0214.910] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0214.910] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0214.910] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0214.910] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0214.910] GdipRestoreGraphics (graphics=0x6600030, state=0xfa000dbd) returned 0x0
[0214.910] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0214.910] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0214.911] GetCurrentObject (hdc=0x990107d0, type=0x1) returned 0xb00017
[0214.911] GetCurrentObject (hdc=0x990107d0, type=0x2) returned 0x900010
[0214.911] GetCurrentObject (hdc=0x990107d0, type=0x7) returned 0x4a0507fe
[0214.911] GetCurrentObject (hdc=0x990107d0, type=0x6) returned 0x8a01c2
[0214.911] SaveDC (hdc=0x990107d0) returned 1
[0214.911] GetNearestColor (hdc=0x990107d0, color=0xff) returned 0xff
[0214.911] GetNearestColor (hdc=0x990107d0, color=0x55) returned 0x55
[0214.911] GetNearestColor (hdc=0x990107d0, color=0x0) returned 0x0
[0214.911] GetNearestColor (hdc=0x990107d0, color=0x55) returned 0x55
[0214.911] GetNearestColor (hdc=0x990107d0, color=0x0) returned 0x0
[0214.911] GetNearestColor (hdc=0x990107d0, color=0x8080ff) returned 0x8080ff
[0214.911] GetNearestColor (hdc=0x990107d0, color=0x7373e5) returned 0x7373e5
[0214.912] GetNearestColor (hdc=0x990107d0, color=0xe5) returned 0xe5
[0214.912] GetNearestColor (hdc=0x990107d0, color=0x0) returned 0x0
[0214.912] RestoreDC (hdc=0x990107d0, nSavedDC=-1) returned 1
[0214.912] GdipReleaseDC (graphics=0x6600030, hdc=0x990107d0) returned 0x0
[0214.912] IsAppThemed () returned 0x1
[0214.912] GetThemeAppProperties () returned 0x3
[0214.912] GetThemeAppProperties () returned 0x3
[0214.912] IsAppThemed () returned 0x1
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d61a34 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0214.913] IsAppThemed () returned 0x1
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] IsAppThemed () returned 0x1
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] GetFocus () returned 0x602c4
[0214.913] IsAppThemed () returned 0x1
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] GetThemeAppProperties () returned 0x3
[0214.913] IsAppThemed () returned 0x1
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] IsThemePartDefined () returned 0x1
[0214.914] IsAppThemed () returned 0x1
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0214.914] IsAppThemed () returned 0x1
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] IsAppThemed () returned 0x1
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] GetThemeAppProperties () returned 0x3
[0214.914] IsThemePartDefined () returned 0x1
[0214.914] GdipCreateRegion (region=0xd7e508) returned 0x0
[0214.914] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0214.914] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0214.914] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0214.914] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e520) returned 0x0
[0214.914] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0214.915] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0214.915] LocalFree (hMem=0x11ee788) returned 0x0
[0214.915] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0214.915] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eed00) returned 0x0
[0214.915] LocalFree (hMem=0x11eed00) returned 0x0
[0214.915] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0214.915] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e548) returned 0x0
[0214.915] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e538) returned 0x0
[0214.915] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0214.915] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0214.915] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0214.915] GetCurrentObject (hdc=0x990107d0, type=0x1) returned 0xb00017
[0214.915] GetCurrentObject (hdc=0x990107d0, type=0x2) returned 0x900010
[0214.915] GetCurrentObject (hdc=0x990107d0, type=0x7) returned 0x4a0507fe
[0214.915] GetCurrentObject (hdc=0x990107d0, type=0x6) returned 0x8a01c2
[0214.915] SaveDC (hdc=0x990107d0) returned 1
[0214.916] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x700407de
[0214.916] GetClipRgn (hdc=0x990107d0, hrgn=0x700407de) returned 0
[0214.916] SelectClipRgn (hdc=0x990107d0, hrgn=0xea040807) returned 2
[0214.916] DeleteObject (ho=0x700407de) returned 1
[0214.916] DeleteObject (ho=0xea040807) returned 1
[0214.916] OffsetViewportOrgEx (in: hdc=0x990107d0, x=0, y=0, lppt=0x2d620e4 | out: lppt=0x2d620e4) returned 1
[0214.916] DrawThemeParentBackground () returned 0x0
[0214.916] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0214.916] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0214.916] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.916] GetSystemMetrics (nIndex=42) returned 0
[0214.916] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0214.917] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0214.917] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0214.917] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0214.917] SelectPalette (hdc=0x990107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.917] GdipCreateFromHDC (hdc=0x990107d0, graphics=0xd7dff8) returned 0x0
[0214.917] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0214.917] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0214.917] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638b78) returned 0x0
[0214.917] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfd0) returned 0x0
[0214.917] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0214.917] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0214.917] GdipGetClip (graphics=0x664dac8, region=0x66464d8) returned 0x0
[0214.917] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x664dac8, result=0xd7dfc4) returned 0x0
[0214.918] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0214.918] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dff0) returned 0x0
[0214.918] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0214.941] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0214.941] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0214.943] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0214.943] SelectPalette (hdc=0x990107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.943] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.943] GetSystemMetrics (nIndex=42) returned 0
[0214.943] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0214.943] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0214.943] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0214.943] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0214.943] SelectPalette (hdc=0x990107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0214.943] GdipCreateFromHDC (hdc=0x990107d0, graphics=0xd7df98) returned 0x0
[0214.944] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0214.944] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0214.944] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638cc8) returned 0x0
[0214.944] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df70) returned 0x0
[0214.944] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0214.944] GdipCreateRegion (region=0xd7df58) returned 0x0
[0214.944] GdipGetClip (graphics=0x664dac8, region=0x6646c28) returned 0x0
[0214.944] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x664dac8, result=0xd7df64) returned 0x0
[0214.944] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0214.944] GdipSaveGraphics (graphics=0x664dac8, state=0xd7df90) returned 0x0
[0214.944] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0214.956] GdipFillRectangleI (graphics=0x664dac8, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0214.956] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0214.957] GdipRestoreGraphics (graphics=0x664dac8, state=0xf9fc0dbd) returned 0x0
[0214.957] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0214.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0214.958] GetSystemMetrics (nIndex=42) returned 0
[0214.958] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0214.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0214.958] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0214.958] SelectPalette (hdc=0x990107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.958] RestoreDC (hdc=0x990107d0, nSavedDC=-1) returned 1
[0214.958] GdipReleaseDC (graphics=0x6600030, hdc=0x990107d0) returned 0x0
[0214.958] IsAppThemed () returned 0x1
[0214.958] GetThemeAppProperties () returned 0x3
[0214.958] GetThemeAppProperties () returned 0x3
[0214.958] IsAppThemed () returned 0x1
[0214.958] GetThemeAppProperties () returned 0x3
[0214.958] GetThemeAppProperties () returned 0x3
[0214.959] IsThemePartDefined () returned 0x1
[0214.959] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0214.959] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0214.959] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0214.959] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0214.959] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e4a4) returned 0x0
[0214.959] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0214.959] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0214.959] LocalFree (hMem=0x11ee868) returned 0x0
[0214.959] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0214.959] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0214.959] LocalFree (hMem=0x11eec58) returned 0x0
[0214.959] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0214.959] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0214.959] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0214.959] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0214.959] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0214.959] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0214.959] GetCurrentObject (hdc=0x990107d0, type=0x1) returned 0xb00017
[0214.960] GetCurrentObject (hdc=0x990107d0, type=0x2) returned 0x900010
[0214.960] GetCurrentObject (hdc=0x990107d0, type=0x7) returned 0x4a0507fe
[0214.960] GetCurrentObject (hdc=0x990107d0, type=0x6) returned 0x8a01c2
[0214.960] SaveDC (hdc=0x990107d0) returned 1
[0214.960] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xeb040807
[0214.960] GetClipRgn (hdc=0x990107d0, hrgn=0xeb040807) returned 0
[0214.960] SelectClipRgn (hdc=0x990107d0, hrgn=0x720407de) returned 2
[0214.960] DeleteObject (ho=0xeb040807) returned 1
[0214.960] DeleteObject (ho=0x720407de) returned 1
[0214.960] OffsetViewportOrgEx (in: hdc=0x990107d0, x=0, y=0, lppt=0x2d68934 | out: lppt=0x2d68934) returned 1
[0214.960] IsAppThemed () returned 0x1
[0214.960] GetThemeAppProperties () returned 0x3
[0214.960] GetThemeAppProperties () returned 0x3
[0214.960] DrawThemeBackground () returned 0x0
[0214.960] RestoreDC (hdc=0x990107d0, nSavedDC=-1) returned 1
[0214.960] GdipReleaseDC (graphics=0x6600030, hdc=0x990107d0) returned 0x0
[0214.960] GdipCreateRegion (region=0xd7e490) returned 0x0
[0214.960] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0214.960] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0214.961] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0214.961] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a8) returned 0x0
[0214.961] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0214.961] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0214.961] LocalFree (hMem=0x11ee868) returned 0x0
[0214.961] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0214.961] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0214.961] LocalFree (hMem=0x11eea60) returned 0x0
[0214.961] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0214.961] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0214.961] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0214.961] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0214.961] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0214.961] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0214.961] GetCurrentObject (hdc=0x990107d0, type=0x1) returned 0xb00017
[0214.961] GetCurrentObject (hdc=0x990107d0, type=0x2) returned 0x900010
[0214.961] GetCurrentObject (hdc=0x990107d0, type=0x7) returned 0x4a0507fe
[0214.961] GetCurrentObject (hdc=0x990107d0, type=0x6) returned 0x8a01c2
[0214.961] SaveDC (hdc=0x990107d0) returned 1
[0214.961] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x730407de
[0214.961] GetClipRgn (hdc=0x990107d0, hrgn=0x730407de) returned 0
[0214.962] SelectClipRgn (hdc=0x990107d0, hrgn=0xec040807) returned 2
[0214.962] DeleteObject (ho=0x730407de) returned 1
[0214.962] DeleteObject (ho=0xec040807) returned 1
[0214.962] OffsetViewportOrgEx (in: hdc=0x990107d0, x=0, y=0, lppt=0x2d68c08 | out: lppt=0x2d68c08) returned 1
[0214.962] IsAppThemed () returned 0x1
[0214.962] GetThemeAppProperties () returned 0x3
[0214.962] GetThemeAppProperties () returned 0x3
[0214.962] GetThemeBackgroundContentRect () returned 0x0
[0214.962] RestoreDC (hdc=0x990107d0, nSavedDC=-1) returned 1
[0214.962] GdipReleaseDC (graphics=0x6600030, hdc=0x990107d0) returned 0x0
[0214.962] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0214.962] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0214.962] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0214.962] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0214.962] IsAppThemed () returned 0x1
[0214.962] GetThemeAppProperties () returned 0x3
[0214.962] GetThemeAppProperties () returned 0x3
[0214.962] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0214.962] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0214.962] GetCurrentObject (hdc=0x990107d0, type=0x1) returned 0xb00017
[0214.962] GetCurrentObject (hdc=0x990107d0, type=0x2) returned 0x900010
[0214.963] GetCurrentObject (hdc=0x990107d0, type=0x7) returned 0x4a0507fe
[0214.963] GetCurrentObject (hdc=0x990107d0, type=0x6) returned 0x8a01c2
[0214.963] SaveDC (hdc=0x990107d0) returned 1
[0214.963] GetTextAlign (hdc=0x990107d0) returned 0x0
[0214.963] GetTextColor (hdc=0x990107d0) returned 0x0
[0214.963] GetCurrentObject (hdc=0x990107d0, type=0x6) returned 0x8a01c2
[0214.963] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0214.963] SelectObject (hdc=0x990107d0, h=0x6d0a0520) returned 0x8a01c2
[0214.963] GetBkMode (hdc=0x990107d0) returned 2
[0214.963] SetBkMode (hdc=0x990107d0, mode=1) returned 2
[0214.963] DrawTextExW (in: hdc=0x990107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d68fcc | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0214.963] DrawTextExW (in: hdc=0x990107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d68fcc | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0214.964] RestoreDC (hdc=0x990107d0, nSavedDC=-1) returned 1
[0214.964] GdipReleaseDC (graphics=0x6600030, hdc=0x990107d0) returned 0x0
[0214.964] GetFocus () returned 0x602c4
[0214.964] IsAppThemed () returned 0x1
[0214.964] GetThemeAppProperties () returned 0x3
[0214.964] GetThemeAppProperties () returned 0x3
[0214.964] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0214.964] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x990107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0214.964] GdipReleaseDC (graphics=0x6600030, hdc=0x990107d0) returned 0x0
[0214.964] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0214.964] SelectObject (hdc=0x990107d0, h=0x85000f) returned 0x4a0507fe
[0214.964] DeleteDC (hdc=0x990107d0) returned 1
[0214.964] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0214.965] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0214.965] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.965] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.965] WaitMessage () returned 1
[0214.965] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.965] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.965] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.965] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.965] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.972] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.973] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.973] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.973] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.973] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.973] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.973] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.974] WaitMessage () returned 1
[0214.993] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.993] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.993] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.993] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.993] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.994] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.994] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.994] WaitMessage () returned 1
[0214.995] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.995] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.995] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.995] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.995] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.996] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.996] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.996] WaitMessage () returned 1
[0214.998] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.998] IsWindowUnicode (hWnd=0x30122) returned 1
[0214.998] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0214.998] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0214.998] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0214.999] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.999] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0214.999] WaitMessage () returned 1
[0215.000] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.000] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.000] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.000] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.000] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.001] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.001] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.001] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.001] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.001] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.002] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.002] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.002] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.002] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.002] WaitMessage () returned 1
[0215.003] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.003] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.003] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.003] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.003] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.004] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.004] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.004] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.004] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.004] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.005] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.005] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.005] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.005] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.005] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.005] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.005] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.005] WaitMessage () returned 1
[0215.006] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.006] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.006] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.006] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.006] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.007] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.007] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.007] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.007] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.007] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.008] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.008] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.008] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.008] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.008] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.008] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.008] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.008] WaitMessage () returned 1
[0215.008] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.009] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.009] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.009] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.009] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.010] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.010] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.011] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.011] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.011] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.011] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.011] IsWindowUnicode (hWnd=0x30122) returned 1
[0215.011] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.011] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.011] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.011] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.012] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.012] WaitMessage () returned 1
[0215.016] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.016] IsWindowUnicode (hWnd=0x7005c) returned 1
[0215.016] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.016] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.016] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.017] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.017] IsWindowUnicode (hWnd=0x7005c) returned 1
[0215.017] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.017] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.017] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1100254) returned 0x0
[0215.017] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.017] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.017] WaitMessage () returned 1
[0215.172] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.172] IsWindowUnicode (hWnd=0x502c6) returned 1
[0215.172] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0215.172] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0215.172] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0215.172] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.172] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0215.172] WaitMessage () returned 1
[0216.952] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0216.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730102) returned 0x1
[0216.953] IsWindowUnicode (hWnd=0x602c4) returned 1
[0216.953] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0216.953] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0216.953] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0216.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0216.953] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0216.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730102) returned 0x1
[0216.953] IsWindowUnicode (hWnd=0x602c4) returned 1
[0216.953] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0216.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730102) returned 0x1
[0216.953] SetCursor (hCursor=0x10003) returned 0x10003
[0216.954] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0216.954] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0216.954] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0216.954] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0216.954] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0216.954] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0216.954] GetKeyState (nVirtKey=1) returned 1
[0216.954] GetKeyState (nVirtKey=2) returned 0
[0216.954] GetKeyState (nVirtKey=4) returned 0
[0216.954] GetKeyState (nVirtKey=5) returned 0
[0216.954] GetKeyState (nVirtKey=6) returned 0
[0216.954] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0216.954] IsWindowUnicode (hWnd=0x602c4) returned 1
[0216.954] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0216.954] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0216.954] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0216.954] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0216.955] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0216.955] CreateCompatibleDC (hdc=0x60100ce) returned 0xf70107d0
[0216.955] SelectObject (hdc=0xf70107d0, h=0x4a0507fe) returned 0x85000f
[0216.955] GdipCreateFromHDC (hdc=0xf70107d0, graphics=0xd7e798) returned 0x0
[0216.955] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0216.955] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0216.955] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0216.955] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0216.955] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e7f8) returned 0x0
[0216.955] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0216.955] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0216.955] LocalFree (hMem=0x11eec58) returned 0x0
[0216.955] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0216.955] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0216.955] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0216.956] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0216.956] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0216.956] GdipRestoreGraphics (graphics=0x6600030, state=0xf9fa0dbd) returned 0x0
[0216.956] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0216.956] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0216.956] GetCurrentObject (hdc=0xf70107d0, type=0x1) returned 0xb00017
[0216.956] GetCurrentObject (hdc=0xf70107d0, type=0x2) returned 0x900010
[0216.956] GetCurrentObject (hdc=0xf70107d0, type=0x7) returned 0x4a0507fe
[0216.956] GetCurrentObject (hdc=0xf70107d0, type=0x6) returned 0x8a01c2
[0216.956] SaveDC (hdc=0xf70107d0) returned 1
[0216.956] GetNearestColor (hdc=0xf70107d0, color=0xff) returned 0xff
[0216.956] GetNearestColor (hdc=0xf70107d0, color=0x55) returned 0x55
[0216.956] GetNearestColor (hdc=0xf70107d0, color=0x0) returned 0x0
[0216.956] GetNearestColor (hdc=0xf70107d0, color=0x55) returned 0x55
[0216.956] GetNearestColor (hdc=0xf70107d0, color=0x0) returned 0x0
[0216.956] GetNearestColor (hdc=0xf70107d0, color=0x8080ff) returned 0x8080ff
[0216.956] GetNearestColor (hdc=0xf70107d0, color=0x7373e5) returned 0x7373e5
[0216.957] GetNearestColor (hdc=0xf70107d0, color=0xe5) returned 0xe5
[0216.957] GetNearestColor (hdc=0xf70107d0, color=0x0) returned 0x0
[0216.957] RestoreDC (hdc=0xf70107d0, nSavedDC=-1) returned 1
[0216.957] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107d0) returned 0x0
[0216.957] IsAppThemed () returned 0x1
[0216.957] GetThemeAppProperties () returned 0x3
[0216.957] GetThemeAppProperties () returned 0x3
[0216.957] IsAppThemed () returned 0x1
[0216.957] GetThemeAppProperties () returned 0x3
[0216.957] GetThemeAppProperties () returned 0x3
[0216.957] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d69960 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0216.957] IsAppThemed () returned 0x1
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] IsAppThemed () returned 0x1
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] IsAppThemed () returned 0x1
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] IsAppThemed () returned 0x1
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] IsThemePartDefined () returned 0x1
[0216.958] IsAppThemed () returned 0x1
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0216.958] IsAppThemed () returned 0x1
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] IsAppThemed () returned 0x1
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] GetThemeAppProperties () returned 0x3
[0216.958] IsThemePartDefined () returned 0x1
[0216.958] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0216.958] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0216.958] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0216.958] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0216.959] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e514) returned 0x0
[0216.959] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0216.959] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0216.959] LocalFree (hMem=0x11ee8d8) returned 0x0
[0216.959] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0216.959] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0216.959] LocalFree (hMem=0x11ee868) returned 0x0
[0216.959] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0216.959] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0216.959] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0216.959] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0216.959] GdipDeleteRegion (region=0x6646298) returned 0x0
[0216.959] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0216.959] GetCurrentObject (hdc=0xf70107d0, type=0x1) returned 0xb00017
[0216.959] GetCurrentObject (hdc=0xf70107d0, type=0x2) returned 0x900010
[0216.959] GetCurrentObject (hdc=0xf70107d0, type=0x7) returned 0x4a0507fe
[0216.959] GetCurrentObject (hdc=0xf70107d0, type=0x6) returned 0x8a01c2
[0216.959] SaveDC (hdc=0xf70107d0) returned 1
[0216.959] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xed040807
[0216.959] GetClipRgn (hdc=0xf70107d0, hrgn=0xed040807) returned 0
[0216.960] SelectClipRgn (hdc=0xf70107d0, hrgn=0x770407de) returned 2
[0216.960] DeleteObject (ho=0xed040807) returned 1
[0216.960] DeleteObject (ho=0x770407de) returned 1
[0216.960] OffsetViewportOrgEx (in: hdc=0xf70107d0, x=0, y=0, lppt=0x2d6a010 | out: lppt=0x2d6a010) returned 1
[0216.960] DrawThemeParentBackground () returned 0x0
[0216.960] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0216.960] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0216.960] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0216.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0216.960] GetSystemMetrics (nIndex=42) returned 0
[0216.960] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0216.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0216.960] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0216.960] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0216.960] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0216.960] SelectPalette (hdc=0xf70107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0216.960] GdipCreateFromHDC (hdc=0xf70107d0, graphics=0xd7dff0) returned 0x0
[0216.961] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0216.961] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0216.961] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638a88) returned 0x0
[0216.961] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfc8) returned 0x0
[0216.961] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0216.961] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0216.961] GdipGetClip (graphics=0x664dac8, region=0x66469e8) returned 0x0
[0216.961] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x664dac8, result=0xd7dfbc) returned 0x0
[0216.961] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0216.961] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dfe8) returned 0x0
[0216.961] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0216.966] GdipFillRectangleI (graphics=0x664dac8, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0216.966] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0216.968] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0216.968] SelectPalette (hdc=0xf70107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0216.968] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0216.968] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0216.968] GetSystemMetrics (nIndex=42) returned 0
[0216.968] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0216.968] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0216.968] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0216.968] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0216.968] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0216.968] SelectPalette (hdc=0xf70107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0216.968] GdipCreateFromHDC (hdc=0xf70107d0, graphics=0xd7df90) returned 0x0
[0216.968] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0216.969] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0216.969] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638d58) returned 0x0
[0216.969] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df68) returned 0x0
[0216.969] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0216.969] GdipCreateRegion (region=0xd7df50) returned 0x0
[0216.969] GdipGetClip (graphics=0x664dac8, region=0x6646f88) returned 0x0
[0216.969] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x664dac8, result=0xd7df5c) returned 0x0
[0216.969] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0216.969] GdipSaveGraphics (graphics=0x664dac8, state=0xd7df88) returned 0x0
[0216.969] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0216.974] GdipFillRectangleI (graphics=0x664dac8, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0216.974] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0216.975] GdipRestoreGraphics (graphics=0x664dac8, state=0xf9f60dbd) returned 0x0
[0216.975] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0216.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0216.976] GetSystemMetrics (nIndex=42) returned 0
[0216.976] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0216.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0216.976] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0216.976] SelectPalette (hdc=0xf70107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0216.976] RestoreDC (hdc=0xf70107d0, nSavedDC=-1) returned 1
[0216.976] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107d0) returned 0x0
[0216.976] IsAppThemed () returned 0x1
[0216.976] GetThemeAppProperties () returned 0x3
[0216.976] GetThemeAppProperties () returned 0x3
[0216.976] IsAppThemed () returned 0x1
[0216.976] GetThemeAppProperties () returned 0x3
[0216.976] GetThemeAppProperties () returned 0x3
[0216.976] IsThemePartDefined () returned 0x1
[0216.976] GdipCreateRegion (region=0xd7e480) returned 0x0
[0216.976] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0216.977] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0216.977] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0216.977] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0216.977] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0216.977] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0216.977] LocalFree (hMem=0x11eec58) returned 0x0
[0216.977] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0216.977] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0216.977] LocalFree (hMem=0x11eec58) returned 0x0
[0216.977] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0216.977] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0216.977] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0216.977] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0216.977] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0216.977] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0216.977] GetCurrentObject (hdc=0xf70107d0, type=0x1) returned 0xb00017
[0216.977] GetCurrentObject (hdc=0xf70107d0, type=0x2) returned 0x900010
[0216.977] GetCurrentObject (hdc=0xf70107d0, type=0x7) returned 0x4a0507fe
[0216.977] GetCurrentObject (hdc=0xf70107d0, type=0x6) returned 0x8a01c2
[0216.977] SaveDC (hdc=0xf70107d0) returned 1
[0216.977] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x780407de
[0216.978] GetClipRgn (hdc=0xf70107d0, hrgn=0x780407de) returned 0
[0216.978] SelectClipRgn (hdc=0xf70107d0, hrgn=0xef040807) returned 2
[0216.978] DeleteObject (ho=0x780407de) returned 1
[0216.978] DeleteObject (ho=0xef040807) returned 1
[0216.978] OffsetViewportOrgEx (in: hdc=0xf70107d0, x=0, y=0, lppt=0x2d70860 | out: lppt=0x2d70860) returned 1
[0216.978] IsAppThemed () returned 0x1
[0216.978] GetThemeAppProperties () returned 0x3
[0216.978] GetThemeAppProperties () returned 0x3
[0216.978] DrawThemeBackground () returned 0x0
[0216.978] RestoreDC (hdc=0xf70107d0, nSavedDC=-1) returned 1
[0216.978] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107d0) returned 0x0
[0216.978] GdipCreateRegion (region=0xd7e484) returned 0x0
[0216.978] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0216.978] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0216.978] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0216.978] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e49c) returned 0x0
[0216.978] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0216.978] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0216.978] LocalFree (hMem=0x11ee868) returned 0x0
[0216.979] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0216.979] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0216.979] LocalFree (hMem=0x11eec58) returned 0x0
[0216.979] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0216.979] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0216.979] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0216.979] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0216.979] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0216.979] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0216.979] GetCurrentObject (hdc=0xf70107d0, type=0x1) returned 0xb00017
[0216.979] GetCurrentObject (hdc=0xf70107d0, type=0x2) returned 0x900010
[0216.979] GetCurrentObject (hdc=0xf70107d0, type=0x7) returned 0x4a0507fe
[0216.979] GetCurrentObject (hdc=0xf70107d0, type=0x6) returned 0x8a01c2
[0216.979] SaveDC (hdc=0xf70107d0) returned 1
[0216.979] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf0040807
[0216.979] GetClipRgn (hdc=0xf70107d0, hrgn=0xf0040807) returned 0
[0216.980] SelectClipRgn (hdc=0xf70107d0, hrgn=0x790407de) returned 2
[0216.980] DeleteObject (ho=0xf0040807) returned 1
[0216.980] DeleteObject (ho=0x790407de) returned 1
[0216.980] OffsetViewportOrgEx (in: hdc=0xf70107d0, x=0, y=0, lppt=0x2d70b34 | out: lppt=0x2d70b34) returned 1
[0216.980] IsAppThemed () returned 0x1
[0216.980] GetThemeAppProperties () returned 0x3
[0216.980] GetThemeAppProperties () returned 0x3
[0216.980] GetThemeBackgroundContentRect () returned 0x0
[0216.980] RestoreDC (hdc=0xf70107d0, nSavedDC=-1) returned 1
[0216.980] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107d0) returned 0x0
[0216.980] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0216.980] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0216.980] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0216.980] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0216.980] IsAppThemed () returned 0x1
[0216.980] GetThemeAppProperties () returned 0x3
[0216.980] GetThemeAppProperties () returned 0x3
[0216.980] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0216.980] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0216.981] GetCurrentObject (hdc=0xf70107d0, type=0x1) returned 0xb00017
[0216.981] GetCurrentObject (hdc=0xf70107d0, type=0x2) returned 0x900010
[0216.981] GetCurrentObject (hdc=0xf70107d0, type=0x7) returned 0x4a0507fe
[0216.981] GetCurrentObject (hdc=0xf70107d0, type=0x6) returned 0x8a01c2
[0216.981] SaveDC (hdc=0xf70107d0) returned 1
[0216.981] GetTextAlign (hdc=0xf70107d0) returned 0x0
[0216.981] GetTextColor (hdc=0xf70107d0) returned 0x0
[0216.981] GetCurrentObject (hdc=0xf70107d0, type=0x6) returned 0x8a01c2
[0216.981] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0216.981] SelectObject (hdc=0xf70107d0, h=0x6d0a0520) returned 0x8a01c2
[0216.981] GetBkMode (hdc=0xf70107d0) returned 2
[0216.981] SetBkMode (hdc=0xf70107d0, mode=1) returned 2
[0216.981] DrawTextExW (in: hdc=0xf70107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d70ef8 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0216.982] DrawTextExW (in: hdc=0xf70107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d70ef8 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0216.982] RestoreDC (hdc=0xf70107d0, nSavedDC=-1) returned 1
[0216.982] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107d0) returned 0x0
[0216.982] GetFocus () returned 0x602c4
[0216.982] IsAppThemed () returned 0x1
[0216.982] GetThemeAppProperties () returned 0x3
[0216.982] GetThemeAppProperties () returned 0x3
[0216.982] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0216.982] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xf70107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0216.983] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107d0) returned 0x0
[0216.983] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0216.983] SelectObject (hdc=0xf70107d0, h=0x85000f) returned 0x4a0507fe
[0216.983] DeleteDC (hdc=0xf70107d0) returned 1
[0216.983] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0216.983] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0216.983] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0216.983] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0216.983] WaitMessage () returned 1
[0217.061] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.061] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.061] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.061] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.061] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.061] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.061] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.061] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.061] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.061] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.061] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0027) returned 0x0
[0217.061] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0217.061] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0217.061] WaitMessage () returned 1
[0217.219] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730102) returned 0x1
[0217.220] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.220] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730102) returned 0x1
[0217.220] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0217.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e0044) returned 0x0
[0217.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0217.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0217.220] SetCursor (hCursor=0x10003) returned 0x10003
[0217.221] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.221] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.221] GetKeyState (nVirtKey=1) returned -128
[0217.221] GetKeyState (nVirtKey=2) returned 0
[0217.221] GetKeyState (nVirtKey=4) returned 0
[0217.221] GetKeyState (nVirtKey=5) returned 0
[0217.221] GetKeyState (nVirtKey=6) returned 0
[0217.221] IsWindowVisible (hWnd=0x602c4) returned 1
[0217.221] IsWindowEnabled (hWnd=0x602c4) returned 1
[0217.221] SetFocus (hWnd=0x602c4) returned 0x602c4
[0217.221] GetFocus () returned 0x602c4
[0217.221] GetFocus () returned 0x602c4
[0217.221] GetFocus () returned 0x602c4
[0217.221] GetKeyState (nVirtKey=1) returned -128
[0217.221] GetKeyState (nVirtKey=2) returned 0
[0217.221] GetKeyState (nVirtKey=4) returned 0
[0217.221] GetKeyState (nVirtKey=5) returned 0
[0217.221] GetKeyState (nVirtKey=6) returned 0
[0217.221] GetCapture () returned 0x0
[0217.221] SetCapture (hWnd=0x602c4) returned 0x0
[0217.222] GetKeyState (nVirtKey=1) returned -128
[0217.222] GetKeyState (nVirtKey=2) returned 0
[0217.222] GetKeyState (nVirtKey=4) returned 0
[0217.222] GetKeyState (nVirtKey=5) returned 0
[0217.222] GetKeyState (nVirtKey=6) returned 0
[0217.222] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0217.222] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0217.222] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.222] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.222] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.222] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.222] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.222] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d7107c, cPoints=0x1 | out: lpPoints=0x2d7107c) returned 40304859
[0217.222] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0217.222] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0217.222] UpdateWindow (hWnd=0x602c4) returned 1
[0217.222] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0217.223] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.223] CreateCompatibleDC (hdc=0x60100ce) returned 0xf80107d0
[0217.223] SelectObject (hdc=0xf80107d0, h=0x4a0507fe) returned 0x85000f
[0217.223] GdipCreateFromHDC (hdc=0xf80107d0, graphics=0xd7e430) returned 0x0
[0217.223] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.223] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0217.223] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0217.223] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0217.223] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e490) returned 0x0
[0217.223] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.223] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0217.223] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.224] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0217.224] GdipCreateRegion (region=0xd7e478) returned 0x0
[0217.224] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0217.224] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e484) returned 0x0
[0217.224] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0217.224] GdipRestoreGraphics (graphics=0x6600030, state=0xf9f40dbd) returned 0x0
[0217.224] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0217.224] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0217.224] GetCurrentObject (hdc=0xf80107d0, type=0x1) returned 0xb00017
[0217.224] GetCurrentObject (hdc=0xf80107d0, type=0x2) returned 0x900010
[0217.224] GetCurrentObject (hdc=0xf80107d0, type=0x7) returned 0x4a0507fe
[0217.224] GetCurrentObject (hdc=0xf80107d0, type=0x6) returned 0x8a01c2
[0217.224] SaveDC (hdc=0xf80107d0) returned 1
[0217.224] GetNearestColor (hdc=0xf80107d0, color=0xff) returned 0xff
[0217.224] GetNearestColor (hdc=0xf80107d0, color=0x55) returned 0x55
[0217.224] GetNearestColor (hdc=0xf80107d0, color=0x0) returned 0x0
[0217.225] GetNearestColor (hdc=0xf80107d0, color=0x55) returned 0x55
[0217.225] GetNearestColor (hdc=0xf80107d0, color=0x0) returned 0x0
[0217.225] GetNearestColor (hdc=0xf80107d0, color=0x8080ff) returned 0x8080ff
[0217.225] GetNearestColor (hdc=0xf80107d0, color=0x7373e5) returned 0x7373e5
[0217.225] GetNearestColor (hdc=0xf80107d0, color=0xe5) returned 0xe5
[0217.225] GetNearestColor (hdc=0xf80107d0, color=0x0) returned 0x0
[0217.225] RestoreDC (hdc=0xf80107d0, nSavedDC=-1) returned 1
[0217.225] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107d0) returned 0x0
[0217.225] IsAppThemed () returned 0x1
[0217.225] GetThemeAppProperties () returned 0x3
[0217.225] GetThemeAppProperties () returned 0x3
[0217.225] IsAppThemed () returned 0x1
[0217.225] GetThemeAppProperties () returned 0x3
[0217.225] GetThemeAppProperties () returned 0x3
[0217.225] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d71798 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0217.226] IsAppThemed () returned 0x1
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] IsAppThemed () returned 0x1
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] IsAppThemed () returned 0x1
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] IsAppThemed () returned 0x1
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] IsThemePartDefined () returned 0x1
[0217.226] IsAppThemed () returned 0x1
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] GetThemeAppProperties () returned 0x3
[0217.226] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0217.226] IsAppThemed () returned 0x1
[0217.227] GetThemeAppProperties () returned 0x3
[0217.227] GetThemeAppProperties () returned 0x3
[0217.227] IsAppThemed () returned 0x1
[0217.227] GetThemeAppProperties () returned 0x3
[0217.227] GetThemeAppProperties () returned 0x3
[0217.227] IsThemePartDefined () returned 0x1
[0217.227] GdipCreateRegion (region=0xd7e194) returned 0x0
[0217.227] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0217.227] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0217.227] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0217.227] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e1ac) returned 0x0
[0217.227] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0217.227] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea98) returned 0x0
[0217.227] LocalFree (hMem=0x11eea98) returned 0x0
[0217.227] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0217.227] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0217.227] LocalFree (hMem=0x11eed00) returned 0x0
[0217.227] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0217.227] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0217.227] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0217.228] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0217.228] GdipDeleteRegion (region=0x6646298) returned 0x0
[0217.228] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0217.228] GetCurrentObject (hdc=0xf80107d0, type=0x1) returned 0xb00017
[0217.228] GetCurrentObject (hdc=0xf80107d0, type=0x2) returned 0x900010
[0217.228] GetCurrentObject (hdc=0xf80107d0, type=0x7) returned 0x4a0507fe
[0217.228] GetCurrentObject (hdc=0xf80107d0, type=0x6) returned 0x8a01c2
[0217.228] SaveDC (hdc=0xf80107d0) returned 1
[0217.228] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7a0407de
[0217.228] GetClipRgn (hdc=0xf80107d0, hrgn=0x7a0407de) returned 0
[0217.228] SelectClipRgn (hdc=0xf80107d0, hrgn=0xf4040807) returned 2
[0217.228] DeleteObject (ho=0x7a0407de) returned 1
[0217.228] DeleteObject (ho=0xf4040807) returned 1
[0217.228] OffsetViewportOrgEx (in: hdc=0xf80107d0, x=0, y=0, lppt=0x2d71e48 | out: lppt=0x2d71e48) returned 1
[0217.228] DrawThemeParentBackground () returned 0x0
[0217.229] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0217.229] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0217.229] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.229] GetSystemMetrics (nIndex=42) returned 0
[0217.229] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0217.229] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0217.229] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0217.229] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0217.229] SelectPalette (hdc=0xf80107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.229] GdipCreateFromHDC (hdc=0xf80107d0, graphics=0xd7dc88) returned 0x0
[0217.229] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0217.229] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0217.229] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638b48) returned 0x0
[0217.229] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc60) returned 0x0
[0217.229] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0217.230] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0217.230] GdipGetClip (graphics=0x664dac8, region=0x6646c28) returned 0x0
[0217.230] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x664dac8, result=0xd7dc54) returned 0x0
[0217.230] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0217.230] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dc80) returned 0x0
[0217.230] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0217.237] GdipFillRectangleI (graphics=0x664dac8, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0217.237] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0217.239] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0217.239] SelectPalette (hdc=0xf80107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.239] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.239] GetSystemMetrics (nIndex=42) returned 0
[0217.239] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0217.239] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0217.239] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0217.239] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0217.239] SelectPalette (hdc=0xf80107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.240] GdipCreateFromHDC (hdc=0xf80107d0, graphics=0xd7dc28) returned 0x0
[0217.240] GdipSetPageUnit (graphics=0x664dac8, unit=0x2) returned 0x0
[0217.240] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0217.240] GdipGetWorldTransform (graphics=0x664dac8, matrix=0x6638d58) returned 0x0
[0217.240] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0217.240] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0217.240] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0217.240] GdipGetClip (graphics=0x664dac8, region=0x66468c8) returned 0x0
[0217.240] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x664dac8, result=0xd7dbf4) returned 0x0
[0217.240] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0217.240] GdipSaveGraphics (graphics=0x664dac8, state=0xd7dc20) returned 0x0
[0217.240] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0217.246] GdipFillRectangleI (graphics=0x664dac8, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0217.246] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0217.248] GdipRestoreGraphics (graphics=0x664dac8, state=0xf9f00dbd) returned 0x0
[0217.248] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.248] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.248] GetSystemMetrics (nIndex=42) returned 0
[0217.248] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.248] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0217.249] GdipDeleteGraphics (graphics=0x664dac8) returned 0x0
[0217.249] SelectPalette (hdc=0xf80107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.249] RestoreDC (hdc=0xf80107d0, nSavedDC=-1) returned 1
[0217.249] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107d0) returned 0x0
[0217.249] IsAppThemed () returned 0x1
[0217.249] GetThemeAppProperties () returned 0x3
[0217.249] GetThemeAppProperties () returned 0x3
[0217.249] IsAppThemed () returned 0x1
[0217.249] GetThemeAppProperties () returned 0x3
[0217.249] GetThemeAppProperties () returned 0x3
[0217.249] IsThemePartDefined () returned 0x1
[0217.249] GdipCreateRegion (region=0xd7e118) returned 0x0
[0217.249] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0217.249] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0217.249] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0217.250] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e130) returned 0x0
[0217.250] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0217.250] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0217.250] LocalFree (hMem=0x11eec58) returned 0x0
[0217.250] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0217.250] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0217.250] LocalFree (hMem=0x11ee868) returned 0x0
[0217.250] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0217.250] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e158) returned 0x0
[0217.250] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e148) returned 0x0
[0217.250] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0217.250] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0217.250] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0217.250] GetCurrentObject (hdc=0xf80107d0, type=0x1) returned 0xb00017
[0217.250] GetCurrentObject (hdc=0xf80107d0, type=0x2) returned 0x900010
[0217.250] GetCurrentObject (hdc=0xf80107d0, type=0x7) returned 0x4a0507fe
[0217.250] GetCurrentObject (hdc=0xf80107d0, type=0x6) returned 0x8a01c2
[0217.251] SaveDC (hdc=0xf80107d0) returned 1
[0217.251] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf5040807
[0217.251] GetClipRgn (hdc=0xf80107d0, hrgn=0xf5040807) returned 0
[0217.251] SelectClipRgn (hdc=0xf80107d0, hrgn=0x7c0407de) returned 2
[0217.251] DeleteObject (ho=0xf5040807) returned 1
[0217.251] DeleteObject (ho=0x7c0407de) returned 1
[0217.251] OffsetViewportOrgEx (in: hdc=0xf80107d0, x=0, y=0, lppt=0x2d78698 | out: lppt=0x2d78698) returned 1
[0217.251] IsAppThemed () returned 0x1
[0217.251] GetThemeAppProperties () returned 0x3
[0217.251] GetThemeAppProperties () returned 0x3
[0217.251] DrawThemeBackground () returned 0x0
[0217.252] RestoreDC (hdc=0xf80107d0, nSavedDC=-1) returned 1
[0217.252] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107d0) returned 0x0
[0217.252] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0217.252] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0217.252] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0217.252] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0217.252] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e134) returned 0x0
[0217.252] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0217.252] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0217.252] LocalFree (hMem=0x11eec58) returned 0x0
[0217.252] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0217.252] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0217.252] LocalFree (hMem=0x11eec58) returned 0x0
[0217.252] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0217.252] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0217.252] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0217.253] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0217.253] GdipDeleteRegion (region=0x6646568) returned 0x0
[0217.253] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0217.253] GetCurrentObject (hdc=0xf80107d0, type=0x1) returned 0xb00017
[0217.253] GetCurrentObject (hdc=0xf80107d0, type=0x2) returned 0x900010
[0217.253] GetCurrentObject (hdc=0xf80107d0, type=0x7) returned 0x4a0507fe
[0217.253] GetCurrentObject (hdc=0xf80107d0, type=0x6) returned 0x8a01c2
[0217.253] SaveDC (hdc=0xf80107d0) returned 1
[0217.253] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7d0407de
[0217.253] GetClipRgn (hdc=0xf80107d0, hrgn=0x7d0407de) returned 0
[0217.253] SelectClipRgn (hdc=0xf80107d0, hrgn=0xf6040807) returned 2
[0217.253] DeleteObject (ho=0x7d0407de) returned 1
[0217.253] DeleteObject (ho=0xf6040807) returned 1
[0217.253] OffsetViewportOrgEx (in: hdc=0xf80107d0, x=0, y=0, lppt=0x2d7896c | out: lppt=0x2d7896c) returned 1
[0217.253] IsAppThemed () returned 0x1
[0217.254] GetThemeAppProperties () returned 0x3
[0217.254] GetThemeAppProperties () returned 0x3
[0217.254] GetThemeBackgroundContentRect () returned 0x0
[0217.254] RestoreDC (hdc=0xf80107d0, nSavedDC=-1) returned 1
[0217.254] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107d0) returned 0x0
[0217.254] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0217.254] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0217.254] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0217.254] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0217.254] IsAppThemed () returned 0x1
[0217.254] GetThemeAppProperties () returned 0x3
[0217.254] GetThemeAppProperties () returned 0x3
[0217.254] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0217.254] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0217.254] GetCurrentObject (hdc=0xf80107d0, type=0x1) returned 0xb00017
[0217.254] GetCurrentObject (hdc=0xf80107d0, type=0x2) returned 0x900010
[0217.254] GetCurrentObject (hdc=0xf80107d0, type=0x7) returned 0x4a0507fe
[0217.255] GetCurrentObject (hdc=0xf80107d0, type=0x6) returned 0x8a01c2
[0217.255] SaveDC (hdc=0xf80107d0) returned 1
[0217.255] GetTextAlign (hdc=0xf80107d0) returned 0x0
[0217.255] GetTextColor (hdc=0xf80107d0) returned 0x0
[0217.255] GetCurrentObject (hdc=0xf80107d0, type=0x6) returned 0x8a01c2
[0217.255] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0217.255] SelectObject (hdc=0xf80107d0, h=0x6d0a0520) returned 0x8a01c2
[0217.255] GetBkMode (hdc=0xf80107d0) returned 2
[0217.255] SetBkMode (hdc=0xf80107d0, mode=1) returned 2
[0217.255] DrawTextExW (in: hdc=0xf80107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d78d30 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0217.256] DrawTextExW (in: hdc=0xf80107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d78d30 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0217.256] RestoreDC (hdc=0xf80107d0, nSavedDC=-1) returned 1
[0217.256] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107d0) returned 0x0
[0217.256] GetFocus () returned 0x602c4
[0217.256] IsAppThemed () returned 0x1
[0217.256] GetThemeAppProperties () returned 0x3
[0217.256] GetThemeAppProperties () returned 0x3
[0217.256] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0217.257] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xf80107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.257] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107d0) returned 0x0
[0217.257] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.257] SelectObject (hdc=0xf80107d0, h=0x85000f) returned 0x4a0507fe
[0217.257] DeleteDC (hdc=0xf80107d0) returned 1
[0217.257] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.257] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0217.258] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d78e2c, cPoints=0x1 | out: lpPoints=0x2d78e2c) returned 40304859
[0217.258] WindowFromPoint (Point=0x102) returned 0x602c4
[0217.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730102) returned 0x1
[0217.258] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0217.258] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0217.258] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0217.258] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0217.258] GetSystemMetrics (nIndex=42) returned 0
[0217.258] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0217.258] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0217.260] GetCapture () returned 0x602c4
[0217.260] ReleaseCapture () returned 1
[0217.260] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0217.260] GetProcessWindowStation () returned 0x13c
[0217.261] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.261] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0217.261] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.262] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0217.262] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.262] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0217.262] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.262] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0217.263] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.263] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0217.264] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.264] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0217.264] GetDC (hWnd=0x0) returned 0x10105d6
[0217.264] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0217.264] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0217.264] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.264] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0217.265] GetSystemMetrics (nIndex=5) returned 1
[0217.265] GetSystemMetrics (nIndex=6) returned 1
[0217.265] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.265] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0217.265] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.265] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0217.269] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0217.269] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0217.269] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.269] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0217.269] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.269] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0217.270] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d7e848 | out: lpData=0x2d7e848) returned 1
[0217.271] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d7ec58, puLen=0xd7e810) returned 1
[0217.271] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e900, puLen=0xd7e790) returned 1
[0217.271] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e954, puLen=0xd7e790) returned 1
[0217.271] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e9d4, puLen=0xd7e790) returned 1
[0217.271] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ea3c, puLen=0xd7e790) returned 1
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ea7c, puLen=0xd7e790) returned 1
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7eb04, puLen=0xd7e790) returned 1
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7eb40, puLen=0xd7e790) returned 1
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7eb98, puLen=0xd7e790) returned 1
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ebc8, puLen=0xd7e790) returned 1
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ec04, puLen=0xd7e790) returned 1
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d7ec58, puLen=0xd7e784) returned 1
[0217.272] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.272] VerQueryValueW (in: pBlock=0x2d7e848, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d7e870, puLen=0xd7e794) returned 1
[0217.273] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0217.273] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0217.273] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.273] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0217.273] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.273] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0217.273] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d807b8 | out: lpData=0x2d807b8) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d80854, puLen=0xd7e810) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d808cc, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d808fc, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80938, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80968, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d809b0, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80a28, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80a6c, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80aac, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d808aa, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d809f8, puLen=0xd7e790) returned 1
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d80854, puLen=0xd7e784) returned 1
[0217.274] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0217.274] VerQueryValueW (in: pBlock=0x2d807b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d807e0, puLen=0xd7e794) returned 1
[0217.275] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0217.275] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0217.276] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.276] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0217.276] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.276] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0217.277] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d82a90 | out: lpData=0x2d82a90) returned 1
[0217.277] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d82ea4, puLen=0xd7e810) returned 1
[0217.277] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82b48, puLen=0xd7e790) returned 1
[0217.277] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82b9c, puLen=0xd7e790) returned 1
[0217.277] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82bf8, puLen=0xd7e790) returned 1
[0217.277] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82c58, puLen=0xd7e790) returned 1
[0217.277] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82cb0, puLen=0xd7e790) returned 1
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82d38, puLen=0xd7e790) returned 1
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82d8c, puLen=0xd7e790) returned 1
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82de4, puLen=0xd7e790) returned 1
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82e14, puLen=0xd7e790) returned 1
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82e50, puLen=0xd7e790) returned 1
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d82ea4, puLen=0xd7e784) returned 1
[0217.278] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.278] VerQueryValueW (in: pBlock=0x2d82a90, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d82ab8, puLen=0xd7e794) returned 1
[0217.307] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0217.307] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0217.307] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.307] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0217.308] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.308] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0217.309] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d850c8 | out: lpData=0x2d850c8) returned 1
[0217.310] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d854c8, puLen=0xd7e810) returned 1
[0217.310] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d85180, puLen=0xd7e790) returned 1
[0217.310] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d851d4, puLen=0xd7e790) returned 1
[0217.310] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d85214, puLen=0xd7e790) returned 1
[0217.310] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8527c, puLen=0xd7e790) returned 1
[0217.310] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d852d4, puLen=0xd7e790) returned 1
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8535c, puLen=0xd7e790) returned 1
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d853b0, puLen=0xd7e790) returned 1
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d85408, puLen=0xd7e790) returned 1
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d85438, puLen=0xd7e790) returned 1
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d85474, puLen=0xd7e790) returned 1
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d854c8, puLen=0xd7e784) returned 1
[0217.311] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.311] VerQueryValueW (in: pBlock=0x2d850c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d850f0, puLen=0xd7e794) returned 1
[0217.312] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0217.312] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0217.312] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.312] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0217.312] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.312] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0217.313] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d87804 | out: lpData=0x2d87804) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d87bcc, puLen=0xd7e810) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d878bc, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87910, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87950, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d879b8, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d879f4, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87a7c, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87ab4, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87b0c, puLen=0xd7e790) returned 1
[0217.314] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87b3c, puLen=0xd7e790) returned 1
[0217.315] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.315] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87b78, puLen=0xd7e790) returned 1
[0217.315] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.315] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d87bcc, puLen=0xd7e784) returned 1
[0217.315] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.315] VerQueryValueW (in: pBlock=0x2d87804, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8782c, puLen=0xd7e794) returned 1
[0217.316] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0217.316] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0217.316] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.316] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0217.316] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.316] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0217.317] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d8ae6c | out: lpData=0x2d8ae6c) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d8b24c, puLen=0xd7e810) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8af24, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8af78, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8afb8, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b018, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b064, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b0ec, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b134, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b18c, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b1bc, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8b1f8, puLen=0xd7e790) returned 1
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d8b24c, puLen=0xd7e784) returned 1
[0217.318] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.318] VerQueryValueW (in: pBlock=0x2d8ae6c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8ae94, puLen=0xd7e794) returned 1
[0217.319] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0217.319] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0217.319] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.319] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0217.320] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.320] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0217.320] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d8d68c | out: lpData=0x2d8d68c) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d8da98, puLen=0xd7e810) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d744, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d798, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d7ec, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d84c, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d8a4, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d92c, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d980, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d9d8, puLen=0xd7e790) returned 1
[0217.321] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8da08, puLen=0xd7e790) returned 1
[0217.322] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.322] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8da44, puLen=0xd7e790) returned 1
[0217.322] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.322] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d8da98, puLen=0xd7e784) returned 1
[0217.322] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.322] VerQueryValueW (in: pBlock=0x2d8d68c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8d6b4, puLen=0xd7e794) returned 1
[0217.323] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0217.323] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0217.323] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.323] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0217.323] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.323] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0217.324] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d8fea0 | out: lpData=0x2d8fea0) returned 1
[0217.325] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d90278, puLen=0xd7e810) returned 1
[0217.325] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8ff58, puLen=0xd7e790) returned 1
[0217.325] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8ffac, puLen=0xd7e790) returned 1
[0217.325] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8ffec, puLen=0xd7e790) returned 1
[0217.326] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d90054, puLen=0xd7e790) returned 1
[0217.326] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d90098, puLen=0xd7e790) returned 1
[0217.326] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d90120, puLen=0xd7e790) returned 1
[0217.326] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d90160, puLen=0xd7e790) returned 1
[0217.326] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d901b8, puLen=0xd7e790) returned 1
[0217.326] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d901e8, puLen=0xd7e790) returned 1
[0217.327] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.327] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d90224, puLen=0xd7e790) returned 1
[0217.327] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.327] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d90278, puLen=0xd7e784) returned 1
[0217.327] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.327] VerQueryValueW (in: pBlock=0x2d8fea0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8fec8, puLen=0xd7e794) returned 1
[0217.328] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0217.328] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0217.328] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.328] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0217.328] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.328] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0217.329] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d923f8 | out: lpData=0x2d923f8) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d927d0, puLen=0xd7e810) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d924b0, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d92504, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d92544, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d925ac, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d925f0, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d92678, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d926b8, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d92710, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d92740, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9277c, puLen=0xd7e790) returned 1
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.330] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d927d0, puLen=0xd7e784) returned 1
[0217.330] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.331] VerQueryValueW (in: pBlock=0x2d923f8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d92420, puLen=0xd7e794) returned 1
[0217.331] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0217.332] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0217.332] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0217.332] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0217.332] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0217.332] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0217.333] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d94b30 | out: lpData=0x2d94b30) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d94f60, puLen=0xd7e810) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94be8, puLen=0xd7e790) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94c3c, puLen=0xd7e790) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94cac, puLen=0xd7e790) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94d0c, puLen=0xd7e790) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94d68, puLen=0xd7e790) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94df0, puLen=0xd7e790) returned 1
[0217.333] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94e48, puLen=0xd7e790) returned 1
[0217.334] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94ea0, puLen=0xd7e790) returned 1
[0217.334] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94ed0, puLen=0xd7e790) returned 1
[0217.334] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.334] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94f0c, puLen=0xd7e790) returned 1
[0217.334] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0217.334] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d94f60, puLen=0xd7e784) returned 1
[0217.334] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0217.334] VerQueryValueW (in: pBlock=0x2d94b30, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d94b58, puLen=0xd7e794) returned 1
[0217.334] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0217.335] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.335] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0217.335] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.335] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.335] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c00ea
[0217.336] SetWindowLongW (hWnd=0x1c00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0217.336] GetWindowLongW (hWnd=0x1c00ea, nIndex=-4) returned 1950089536
[0217.337] SetWindowLongW (hWnd=0x1c00ea, nIndex=-4, dwNewLong=19946758) returned 1950089536
[0217.337] GetWindowLongW (hWnd=0x1c00ea, nIndex=-4) returned 19946758
[0217.337] GetWindowLongW (hWnd=0x1c00ea, nIndex=-16) returned 113311744
[0217.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0217.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0217.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0217.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0217.338] GetClientRect (in: hWnd=0x1c00ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0217.338] GetWindowRect (in: hWnd=0x1c00ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0217.338] SetWindowTextW (hWnd=0x1c00ea, lpString="WindowsFormsParkingWindow") returned 1
[0217.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0xc, wParam=0x0, lParam=0x2d5a0bc) returned 0x1
[0217.339] GetParent (hWnd=0x1c00ea) returned 0x0
[0217.339] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.339] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1c00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1902dc
[0217.340] SetWindowLongW (hWnd=0x1902dc, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0217.340] GetWindowLongW (hWnd=0x1902dc, nIndex=-4) returned 1868147648
[0217.340] SetWindowLongW (hWnd=0x1902dc, nIndex=-4, dwNewLong=19947398) returned 1868147648
[0217.340] GetWindowLongW (hWnd=0x1902dc, nIndex=-4) returned 19947398
[0217.340] GetWindowLongW (hWnd=0x1902dc, nIndex=-16) returned 1174405133
[0217.340] GetWindowLongW (hWnd=0x1902dc, nIndex=-12) returned 0
[0217.340] SetWindowLongW (hWnd=0x1902dc, nIndex=-12, dwNewLong=1639132) returned 0
[0217.340] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0217.341] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0217.341] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0217.342] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0217.342] GetWindowRect (in: hWnd=0x1902dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0217.342] GetParent (hWnd=0x1902dc) returned 0x1c00ea
[0217.342] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c00ea, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0217.343] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0217.343] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0217.343] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0217.343] GetWindowRect (in: hWnd=0x1902dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0217.343] GetParent (hWnd=0x1902dc) returned 0x1c00ea
[0217.343] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c00ea, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0217.343] SendMessageW (hWnd=0x1902dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1902dc) returned 0x0
[0217.343] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1902dc) returned 0x0
[0217.343] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.343] GetParent (hWnd=0x1902dc) returned 0x1c00ea
[0217.343] GdipCreateFromHWND (hwnd=0x1902dc, graphics=0xd7e844) returned 0x0
[0217.344] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0217.344] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.344] GetForegroundWindow () returned 0x602c4
[0217.345] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.345] GetCursorPos (in: lpPoint=0x2d98e3c | out: lpPoint=0x2d98e3c*(x=258, y=627)) returned 1
[0217.345] MonitorFromPoint (pt=0x102, dwFlags=0x273) returned 0x10001
[0217.345] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0217.345] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfb0107d0
[0217.345] GetDeviceCaps (hdc=0xfb0107d0, index=12) returned 32
[0217.345] GetDeviceCaps (hdc=0xfb0107d0, index=14) returned 1
[0217.345] DeleteDC (hdc=0xfb0107d0) returned 1
[0217.346] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0217.346] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0217.346] GetSystemMetrics (nIndex=59) returned 1460
[0217.346] GetSystemMetrics (nIndex=60) returned 920
[0217.346] GetSystemMetrics (nIndex=34) returned 136
[0217.346] GetSystemMetrics (nIndex=35) returned 39
[0217.346] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.346] GetCursorPos (in: lpPoint=0x2d990a8 | out: lpPoint=0x2d990a8*(x=258, y=627)) returned 1
[0217.346] MonitorFromPoint (pt=0x104, dwFlags=0x274) returned 0x10001
[0217.346] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0217.347] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfc0107d0
[0217.347] GetDeviceCaps (hdc=0xfc0107d0, index=12) returned 32
[0217.347] GetDeviceCaps (hdc=0xfc0107d0, index=14) returned 1
[0217.347] DeleteDC (hdc=0xfc0107d0) returned 1
[0217.347] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0217.347] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0217.347] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.347] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0217.347] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d99340 | out: piconinfo=0x2d99340) returned 1
[0217.348] GetObjectW (in: h=0x220507d2, c=24, pv=0x2d9935c | out: pv=0x2d9935c) returned 24
[0217.348] GdipCreateBitmapFromHBITMAP (hbm=0x220507d2, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0217.348] GdipGetImageWidth (image=0x664ea70, width=0xd7e750) returned 0x0
[0217.348] GdipGetImageHeight (image=0x664ea70, height=0xd7e748) returned 0x0
[0217.348] GdipGetImagePixelFormat (image=0x664ea70, format=0xd7e740) returned 0x0
[0217.348] GdipBitmapLockBits (bitmap=0x664ea70, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d99414) returned 0x0
[0217.348] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0217.349] GdipBitmapLockBits (bitmap=0x6650168, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d9944c) returned 0x0
[0217.349] RtlMoveMemory (in: Destination=0x665bf30, Source=0x6661ed8, Length=0x80 | out: Destination=0x665bf30)
[0217.349] RtlMoveMemory (in: Destination=0x665bfb0, Source=0x6661e58, Length=0x80 | out: Destination=0x665bfb0)
[0217.349] RtlMoveMemory (in: Destination=0x665c030, Source=0x6661dd8, Length=0x80 | out: Destination=0x665c030)
[0217.349] RtlMoveMemory (in: Destination=0x665c0b0, Source=0x6661d58, Length=0x80 | out: Destination=0x665c0b0)
[0217.349] RtlMoveMemory (in: Destination=0x665c130, Source=0x6661cd8, Length=0x80 | out: Destination=0x665c130)
[0217.349] RtlMoveMemory (in: Destination=0x665c1b0, Source=0x6661c58, Length=0x80 | out: Destination=0x665c1b0)
[0217.349] RtlMoveMemory (in: Destination=0x665c230, Source=0x6661bd8, Length=0x80 | out: Destination=0x665c230)
[0217.349] RtlMoveMemory (in: Destination=0x665c2b0, Source=0x6661b58, Length=0x80 | out: Destination=0x665c2b0)
[0217.349] RtlMoveMemory (in: Destination=0x665c330, Source=0x6661ad8, Length=0x80 | out: Destination=0x665c330)
[0217.349] RtlMoveMemory (in: Destination=0x665c3b0, Source=0x6661a58, Length=0x80 | out: Destination=0x665c3b0)
[0217.349] RtlMoveMemory (in: Destination=0x665c430, Source=0x66619d8, Length=0x80 | out: Destination=0x665c430)
[0217.349] RtlMoveMemory (in: Destination=0x665c4b0, Source=0x6661958, Length=0x80 | out: Destination=0x665c4b0)
[0217.349] RtlMoveMemory (in: Destination=0x665c530, Source=0x66618d8, Length=0x80 | out: Destination=0x665c530)
[0217.349] RtlMoveMemory (in: Destination=0x665c5b0, Source=0x6661858, Length=0x80 | out: Destination=0x665c5b0)
[0217.349] RtlMoveMemory (in: Destination=0x665c630, Source=0x66617d8, Length=0x80 | out: Destination=0x665c630)
[0217.349] RtlMoveMemory (in: Destination=0x665c6b0, Source=0x6661758, Length=0x80 | out: Destination=0x665c6b0)
[0217.350] RtlMoveMemory (in: Destination=0x665c730, Source=0x66616d8, Length=0x80 | out: Destination=0x665c730)
[0217.350] RtlMoveMemory (in: Destination=0x665c7b0, Source=0x6661658, Length=0x80 | out: Destination=0x665c7b0)
[0217.350] RtlMoveMemory (in: Destination=0x665c830, Source=0x66615d8, Length=0x80 | out: Destination=0x665c830)
[0217.350] RtlMoveMemory (in: Destination=0x665c8b0, Source=0x6661558, Length=0x80 | out: Destination=0x665c8b0)
[0217.350] RtlMoveMemory (in: Destination=0x665c930, Source=0x66614d8, Length=0x80 | out: Destination=0x665c930)
[0217.350] RtlMoveMemory (in: Destination=0x665c9b0, Source=0x6661458, Length=0x80 | out: Destination=0x665c9b0)
[0217.350] RtlMoveMemory (in: Destination=0x665ca30, Source=0x66613d8, Length=0x80 | out: Destination=0x665ca30)
[0217.350] RtlMoveMemory (in: Destination=0x665cab0, Source=0x6661358, Length=0x80 | out: Destination=0x665cab0)
[0217.350] RtlMoveMemory (in: Destination=0x665cb30, Source=0x66612d8, Length=0x80 | out: Destination=0x665cb30)
[0217.350] RtlMoveMemory (in: Destination=0x665cbb0, Source=0x6661258, Length=0x80 | out: Destination=0x665cbb0)
[0217.350] RtlMoveMemory (in: Destination=0x665cc30, Source=0x66611d8, Length=0x80 | out: Destination=0x665cc30)
[0217.350] RtlMoveMemory (in: Destination=0x665ccb0, Source=0x6661158, Length=0x80 | out: Destination=0x665ccb0)
[0217.350] RtlMoveMemory (in: Destination=0x665cd30, Source=0x66610d8, Length=0x80 | out: Destination=0x665cd30)
[0217.350] RtlMoveMemory (in: Destination=0x665cdb0, Source=0x6661058, Length=0x80 | out: Destination=0x665cdb0)
[0217.350] RtlMoveMemory (in: Destination=0x665ce30, Source=0x6660fd8, Length=0x80 | out: Destination=0x665ce30)
[0217.350] RtlMoveMemory (in: Destination=0x665ceb0, Source=0x6660f58, Length=0x80 | out: Destination=0x665ceb0)
[0217.350] GdipBitmapUnlockBits (bitmap=0x664ea70, lockedBitmapData=0x2d99414) returned 0x0
[0217.350] GdipBitmapUnlockBits (bitmap=0x6650168, lockedBitmapData=0x2d9944c) returned 0x0
[0217.351] GdipDisposeImage (image=0x664ea70) returned 0x0
[0217.351] DeleteObject (ho=0x220507d2) returned 1
[0217.351] DeleteObject (ho=0xfd0507d0) returned 1
[0217.351] GetCurrentThreadId () returned 0xf50
[0217.351] GetCurrentThreadId () returned 0xf50
[0217.351] SetWindowPos (hWnd=0x1902dc, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0217.351] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0217.351] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0217.352] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0217.352] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0217.352] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0217.352] GetWindowRect (in: hWnd=0x1902dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0217.352] GetParent (hWnd=0x1902dc) returned 0x1c00ea
[0217.352] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c00ea, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0217.352] InvalidateRect (hWnd=0x1902dc, lpRect=0x0, bErase=1) returned 1
[0217.352] GetWindowTextLengthW (hWnd=0x1902dc) returned 0
[0217.352] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0217.352] GetSystemMetrics (nIndex=42) returned 0
[0217.352] GetWindowTextW (in: hWnd=0x1902dc, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0217.352] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0217.352] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0217.352] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0217.352] GetWindowRect (in: hWnd=0x1902dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0217.352] GetParent (hWnd=0x1902dc) returned 0x1c00ea
[0217.352] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c00ea, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0217.352] GetWindowTextLengthW (hWnd=0x1902dc) returned 0
[0217.352] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0217.353] GetSystemMetrics (nIndex=42) returned 0
[0217.353] GetWindowTextW (in: hWnd=0x1902dc, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0217.353] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0217.353] GetWindowTextLengthW (hWnd=0x1902dc) returned 0
[0217.353] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0217.353] GetSystemMetrics (nIndex=42) returned 0
[0217.353] GetWindowTextW (in: hWnd=0x1902dc, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0217.353] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0217.353] SetWindowTextW (hWnd=0x1902dc, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0217.353] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xc, wParam=0x0, lParam=0x2d7a420) returned 0x1
[0217.353] InvalidateRect (hWnd=0x1902dc, lpRect=0x0, bErase=1) returned 1
[0217.353] GetCurrentThreadId () returned 0xf50
[0217.353] GetWindowThreadProcessId (in: hWnd=0x1902dc, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0217.354] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0217.355] GdipImageForceValidation (image=0x66504b0) returned 0x0
[0217.356] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0217.357] GdipGetImageHeight (image=0x66504b0, height=0xd7e824) returned 0x0
[0217.357] GdipGetImageWidth (image=0x66504b0, width=0xd7e824) returned 0x0
[0217.357] GdipGetImageWidth (image=0x66504b0, width=0xd7e810) returned 0x0
[0217.357] GdipGetImageHeight (image=0x66504b0, height=0xd7e810) returned 0x0
[0217.357] GdipGetImageWidth (image=0x66504b0, width=0xd7e800) returned 0x0
[0217.357] GdipGetImageHeight (image=0x66504b0, height=0xd7e800) returned 0x0
[0217.357] GdipBitmapGetPixel (bitmap=0x66504b0, x=0, y=15, color=0xd7e810) returned 0x0
[0217.357] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0217.357] GdipGetImageWidth (image=0x66504b0, width=0xd7e740) returned 0x0
[0217.357] GdipGetImageHeight (image=0x66504b0, height=0xd7e740) returned 0x0
[0217.357] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0217.357] GdipGetImagePixelFormat (image=0x664fad8, format=0xd7e740) returned 0x0
[0217.357] GdipGetImageGraphicsContext (image=0x664fad8, graphics=0xd7e74c) returned 0x0
[0217.357] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0217.357] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0217.358] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0217.358] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66504b0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0217.358] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0217.358] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.358] GdipDisposeImage (image=0x66504b0) returned 0x0
[0217.358] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0217.359] GdipImageForceValidation (image=0x66504b0) returned 0x0
[0217.361] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0217.361] GdipGetImageHeight (image=0x66504b0, height=0xd7e824) returned 0x0
[0217.361] GdipGetImageWidth (image=0x66504b0, width=0xd7e824) returned 0x0
[0217.361] GdipGetImageWidth (image=0x66504b0, width=0xd7e810) returned 0x0
[0217.361] GdipGetImageHeight (image=0x66504b0, height=0xd7e810) returned 0x0
[0217.361] GdipGetImageWidth (image=0x66504b0, width=0xd7e800) returned 0x0
[0217.361] GdipGetImageHeight (image=0x66504b0, height=0xd7e800) returned 0x0
[0217.361] GdipBitmapGetPixel (bitmap=0x66504b0, x=0, y=15, color=0xd7e810) returned 0x0
[0217.361] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0217.361] GdipGetImageWidth (image=0x66504b0, width=0xd7e740) returned 0x0
[0217.361] GdipGetImageHeight (image=0x66504b0, height=0xd7e740) returned 0x0
[0217.361] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0217.362] GdipGetImagePixelFormat (image=0x6651ba8, format=0xd7e740) returned 0x0
[0217.362] GdipGetImageGraphicsContext (image=0x6651ba8, graphics=0xd7e74c) returned 0x0
[0217.362] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0217.362] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0217.362] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0217.362] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66504b0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0217.362] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0217.362] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.362] GdipDisposeImage (image=0x66504b0) returned 0x0
[0217.363] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.363] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0217.363] GetCurrentThreadId () returned 0xf50
[0217.363] GetCurrentThreadId () returned 0xf50
[0217.363] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.363] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0217.363] GetCurrentThreadId () returned 0xf50
[0217.363] GetCurrentThreadId () returned 0xf50
[0217.364] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.364] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0217.364] GetCurrentThreadId () returned 0xf50
[0217.364] GetCurrentThreadId () returned 0xf50
[0217.364] GetSystemMetrics (nIndex=5) returned 1
[0217.364] GetSystemMetrics (nIndex=6) returned 1
[0217.364] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.364] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0217.365] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.365] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0217.365] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.365] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0217.365] GetCurrentThreadId () returned 0xf50
[0217.365] GetCurrentThreadId () returned 0xf50
[0217.365] GetProcessWindowStation () returned 0x13c
[0217.365] GetCapture () returned 0x0
[0217.365] GetActiveWindow () returned 0x7005c
[0217.366] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0217.366] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.366] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0217.366] GetCursorPos (in: lpPoint=0x2d9a58c | out: lpPoint=0x2d9a58c*(x=258, y=627)) returned 1
[0217.366] MonitorFromPoint (pt=0x102, dwFlags=0x273) returned 0x10001
[0217.366] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0217.366] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfe0107d0
[0217.366] GetDeviceCaps (hdc=0xfe0107d0, index=12) returned 32
[0217.366] GetDeviceCaps (hdc=0xfe0107d0, index=14) returned 1
[0217.366] DeleteDC (hdc=0xfe0107d0) returned 1
[0217.367] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0217.367] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.367] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02ce
[0217.368] SetWindowLongW (hWnd=0xf02ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0217.368] GetWindowLongW (hWnd=0xf02ce, nIndex=-4) returned 1950089536
[0217.368] SetWindowLongW (hWnd=0xf02ce, nIndex=-4, dwNewLong=19947158) returned 1950089536
[0217.368] GetWindowLongW (hWnd=0xf02ce, nIndex=-4) returned 19947158
[0217.368] GetWindowLongW (hWnd=0xf02ce, nIndex=-16) returned 113770496
[0217.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0217.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0217.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0217.370] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0217.370] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0217.370] SetWindowTextW (hWnd=0xf02ce, lpString="Microsoft .NET Framework") returned 1
[0217.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xc, wParam=0x0, lParam=0x2c50f5c) returned 0x1
[0217.371] GetStartupInfoW (in: lpStartupInfo=0x2d9a8c8 | out: lpStartupInfo=0x2d9a8c8*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0217.373] GetParent (hWnd=0xf02ce) returned 0x0
[0217.373] SetWindowLongW (hWnd=0xf02ce, nIndex=-8, dwNewLong=0) returned 0
[0217.374] SendMessageW (hWnd=0xf02ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0217.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0217.374] SendMessageW (hWnd=0xf02ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0217.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0217.374] GetSystemMenu (hWnd=0xf02ce, bRevert=0) returned 0x400113
[0217.375] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0217.375] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0217.375] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0217.375] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0217.375] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0217.375] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0217.375] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0217.375] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0217.375] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0217.376] SetWindowPos (hWnd=0xf02ce, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0217.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0217.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0xf02ce) returned 0x1
[0217.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0217.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0217.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.383] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0xf02ce, lParam=0x0) returned 0x0
[0217.383] GetCapture () returned 0x0
[0217.383] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0217.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0217.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0217.387] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0217.387] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0217.391] GetParent (hWnd=0xf02ce) returned 0x0
[0217.391] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0217.394] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0217.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0217.394] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0217.394] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0217.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.397] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.397] GetWindowLongW (hWnd=0xf02ce, nIndex=-16) returned 113770496
[0217.397] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.397] GetSystemMetrics (nIndex=42) returned 0
[0217.397] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0217.397] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.398] GetSystemMetrics (nIndex=42) returned 0
[0217.398] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0217.398] GetCursorPos (in: lpPoint=0x2d9ab94 | out: lpPoint=0x2d9ab94*(x=258, y=627)) returned 1
[0217.398] MonitorFromPoint (pt=0x102, dwFlags=0x273) returned 0x10001
[0217.398] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0217.398] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x570107fc
[0217.398] GetDeviceCaps (hdc=0x570107fc, index=12) returned 32
[0217.398] GetDeviceCaps (hdc=0x570107fc, index=14) returned 1
[0217.398] DeleteDC (hdc=0x570107fc) returned 1
[0217.398] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0217.399] GetWindowLongW (hWnd=0xf02ce, nIndex=-16) returned 113770496
[0217.399] GetWindowLongW (hWnd=0xf02ce, nIndex=-20) returned 327945
[0217.399] SetWindowLongW (hWnd=0xf02ce, nIndex=-16, dwNewLong=46661632) returned 113770496
[0217.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0217.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0217.400] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.400] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.401] SetWindowLongW (hWnd=0xf02ce, nIndex=-20, dwNewLong=327681) returned 327945
[0217.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0217.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0217.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.403] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.403] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.412] SetWindowPos (hWnd=0xf02ce, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0217.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0217.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0217.413] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0217.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0217.413] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0217.413] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0217.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.415] RedrawWindow (hWnd=0xf02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0217.415] GetSystemMenu (hWnd=0xf02ce, bRevert=0) returned 0x400113
[0217.415] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0217.415] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0217.415] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0217.415] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0217.415] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0217.415] EnableMenuItem (hMenu=0x400113, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0217.415] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0217.415] GetWindowLongW (hWnd=0xf02ce, nIndex=-8) returned 0
[0217.416] SetWindowLongW (hWnd=0xf02ce, nIndex=-8, dwNewLong=458844) returned 0
[0217.417] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0217.417] GetProcessWindowStation () returned 0x13c
[0217.417] GetCurrentThreadId () returned 0xf50
[0217.417] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305d2e, lParam=0x0) returned 1
[0217.417] IsWindowVisible (hWnd=0xf02ce) returned 0
[0217.417] IsWindowVisible (hWnd=0x7005c) returned 1
[0217.417] IsWindowEnabled (hWnd=0x7005c) returned 1
[0217.417] IsWindowVisible (hWnd=0x300ec) returned 0
[0217.417] IsWindowVisible (hWnd=0x502c6) returned 0
[0217.417] IsWindowVisible (hWnd=0x502be) returned 0
[0217.417] GetActiveWindow () returned 0xf02ce
[0217.418] GetFocus () returned 0xf02ce
[0217.418] IsWindow (hWnd=0x7005c) returned 1
[0217.418] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0217.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0217.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0217.419] GetWindowLongW (hWnd=0xf02ce, nIndex=-8) returned 458844
[0217.419] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0217.419] GetCurrentThreadId () returned 0xf50
[0217.419] GetWindowLongW (hWnd=0xf02ce, nIndex=-8) returned 458844
[0217.419] IsWindowEnabled (hWnd=0x7005c) returned 0
[0217.419] IsWindowEnabled (hWnd=0xf02ce) returned 1
[0217.419] ShowWindow (hWnd=0xf02ce, nCmdShow=5) returned 0
[0217.419] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.419] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0217.420] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.420] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.420] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0xf02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1902da
[0217.420] SetWindowLongW (hWnd=0x1902da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0217.421] GetWindowLongW (hWnd=0x1902da, nIndex=-4) returned 1950089536
[0217.421] SetWindowLongW (hWnd=0x1902da, nIndex=-4, dwNewLong=19946838) returned 1950089536
[0217.421] GetWindowLongW (hWnd=0x1902da, nIndex=-4) returned 19946838
[0217.421] GetWindowLongW (hWnd=0x1902da, nIndex=-16) returned 1174405120
[0217.421] GetWindowLongW (hWnd=0x1902da, nIndex=-12) returned 0
[0217.421] SetWindowLongW (hWnd=0x1902da, nIndex=-12, dwNewLong=1639130) returned 0
[0217.421] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0217.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0217.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0217.422] GetWindow (hWnd=0x1902da, uCmd=0x3) returned 0x0
[0217.422] GetClientRect (in: hWnd=0x1902da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0217.422] GetWindowRect (in: hWnd=0x1902da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0217.422] GetParent (hWnd=0x1902da) returned 0xf02ce
[0217.422] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0217.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0217.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0217.423] GetClientRect (in: hWnd=0x1902da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0217.423] GetWindowRect (in: hWnd=0x1902da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0217.423] GetParent (hWnd=0x1902da) returned 0xf02ce
[0217.423] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0217.423] SendMessageW (hWnd=0x1902da, Msg=0x2210, wParam=0x2da0001, lParam=0x1902da) returned 0x0
[0217.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x2210, wParam=0x2da0001, lParam=0x1902da) returned 0x0
[0217.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.424] GetParent (hWnd=0x1902da) returned 0xf02ce
[0217.424] GetParent (hWnd=0x1902dc) returned 0x1c00ea
[0217.424] SetParent (hWndChild=0x1902dc, hWndNewParent=0xf02ce) returned 0x1c00ea
[0217.424] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0217.425] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0217.425] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0217.425] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0217.425] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0217.425] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0217.425] GetWindowRect (in: hWnd=0x1902dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0217.425] GetParent (hWnd=0x1902dc) returned 0xf02ce
[0217.425] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0217.425] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0217.425] GetWindowRect (in: hWnd=0x1902dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0217.425] GetParent (hWnd=0x1902dc) returned 0xf02ce
[0217.425] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0217.425] GetParent (hWnd=0x1902dc) returned 0xf02ce
[0217.425] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.426] GetWindow (hWnd=0x1902dc, uCmd=0x3) returned 0x0
[0217.426] SetWindowPos (hWnd=0x1902dc, hWndInsertAfter=0x1902da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0217.426] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0217.427] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0217.427] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0217.427] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0217.427] GetWindowRect (in: hWnd=0x1902dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0217.427] GetParent (hWnd=0x1902dc) returned 0xf02ce
[0217.427] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0217.427] GetParent (hWnd=0x1902dc) returned 0xf02ce
[0217.427] GetWindow (hWnd=0x1902dc, uCmd=0x3) returned 0x1902da
[0217.427] GetWindowThreadProcessId (in: hWnd=0x1902dc, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0217.427] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0217.428] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.428] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.428] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0xf02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b02d8
[0217.429] SetWindowLongW (hWnd=0x1b02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0217.429] GetWindowLongW (hWnd=0x1b02d8, nIndex=-4) returned 1868032000
[0217.429] SetWindowLongW (hWnd=0x1b02d8, nIndex=-4, dwNewLong=19947478) returned 1868032000
[0217.429] GetWindowLongW (hWnd=0x1b02d8, nIndex=-4) returned 19947478
[0217.429] GetWindowLongW (hWnd=0x1b02d8, nIndex=-16) returned 1174470667
[0217.429] GetWindowLongW (hWnd=0x1b02d8, nIndex=-12) returned 0
[0217.429] SetWindowLongW (hWnd=0x1b02d8, nIndex=-12, dwNewLong=1770200) returned 0
[0217.430] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0217.430] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0217.430] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0217.431] SendMessageW (hWnd=0x1b02d8, Msg=0x2055, wParam=0x1b02d8, lParam=0x3) returned 0x2
[0217.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0217.432] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0217.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0217.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0217.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0217.432] RedrawWindow (hWnd=0x1902da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0217.432] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0217.432] RedrawWindow (hWnd=0x1902dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0217.432] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0217.432] RedrawWindow (hWnd=0x1b02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0217.433] RedrawWindow (hWnd=0xf02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0217.433] GetWindow (hWnd=0x1b02d8, uCmd=0x3) returned 0x1902dc
[0217.433] GetClientRect (in: hWnd=0x1b02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0217.433] GetWindowRect (in: hWnd=0x1b02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0217.433] GetParent (hWnd=0x1b02d8) returned 0xf02ce
[0217.433] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0217.433] SetWindowTextW (hWnd=0x1b02d8, lpString="&Details") returned 1
[0217.433] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0217.434] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0217.434] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0217.434] GetClientRect (in: hWnd=0x1b02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0217.434] GetWindowRect (in: hWnd=0x1b02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0217.434] GetParent (hWnd=0x1b02d8) returned 0xf02ce
[0217.434] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0217.434] SendMessageW (hWnd=0x1b02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1b02d8) returned 0x0
[0217.434] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1b02d8) returned 0x0
[0217.435] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.435] GetParent (hWnd=0x1b02d8) returned 0xf02ce
[0217.435] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0217.436] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.436] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.436] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0xf02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xe02d0
[0217.437] SetWindowLongW (hWnd=0xe02d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0217.437] GetWindowLongW (hWnd=0xe02d0, nIndex=-4) returned 1868032000
[0217.437] SetWindowLongW (hWnd=0xe02d0, nIndex=-4, dwNewLong=19947118) returned 1868032000
[0217.437] GetWindowLongW (hWnd=0xe02d0, nIndex=-4) returned 19947118
[0217.437] GetWindowLongW (hWnd=0xe02d0, nIndex=-16) returned 1174470667
[0217.437] GetWindowLongW (hWnd=0xe02d0, nIndex=-12) returned 0
[0217.437] SetWindowLongW (hWnd=0xe02d0, nIndex=-12, dwNewLong=918224) returned 0
[0217.437] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0217.438] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0217.438] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0217.439] SendMessageW (hWnd=0xe02d0, Msg=0x2055, wParam=0xe02d0, lParam=0x3) returned 0x2
[0217.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0217.439] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0217.439] GetWindow (hWnd=0xe02d0, uCmd=0x3) returned 0x1b02d8
[0217.439] GetClientRect (in: hWnd=0xe02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0217.439] GetWindowRect (in: hWnd=0xe02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0217.439] GetParent (hWnd=0xe02d0) returned 0xf02ce
[0217.439] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0217.440] SetWindowTextW (hWnd=0xe02d0, lpString="&Continue") returned 1
[0217.440] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0217.440] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0217.440] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0217.440] GetClientRect (in: hWnd=0xe02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0217.440] GetWindowRect (in: hWnd=0xe02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0217.441] GetParent (hWnd=0xe02d0) returned 0xf02ce
[0217.441] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0217.441] SendMessageW (hWnd=0xe02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xe02d0) returned 0x0
[0217.441] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xe02d0) returned 0x0
[0217.441] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.441] GetParent (hWnd=0xe02d0) returned 0xf02ce
[0217.441] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0217.441] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.442] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.442] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0xf02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1302c8
[0217.442] SetWindowLongW (hWnd=0x1302c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0217.442] GetWindowLongW (hWnd=0x1302c8, nIndex=-4) returned 1868032000
[0217.443] SetWindowLongW (hWnd=0x1302c8, nIndex=-4, dwNewLong=19947078) returned 1868032000
[0217.443] GetWindowLongW (hWnd=0x1302c8, nIndex=-4) returned 19947078
[0217.443] GetWindowLongW (hWnd=0x1302c8, nIndex=-16) returned 1174470667
[0217.443] GetWindowLongW (hWnd=0x1302c8, nIndex=-12) returned 0
[0217.443] SetWindowLongW (hWnd=0x1302c8, nIndex=-12, dwNewLong=1245896) returned 0
[0217.443] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0217.444] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0217.444] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0217.445] SendMessageW (hWnd=0x1302c8, Msg=0x2055, wParam=0x1302c8, lParam=0x3) returned 0x2
[0217.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0217.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0217.445] GetWindow (hWnd=0x1302c8, uCmd=0x3) returned 0xe02d0
[0217.446] GetClientRect (in: hWnd=0x1302c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0217.446] GetWindowRect (in: hWnd=0x1302c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0217.446] GetParent (hWnd=0x1302c8) returned 0xf02ce
[0217.446] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0217.446] SetWindowTextW (hWnd=0x1302c8, lpString="&Quit") returned 1
[0217.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0217.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0217.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0217.447] GetClientRect (in: hWnd=0x1302c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0217.447] GetWindowRect (in: hWnd=0x1302c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0217.447] GetParent (hWnd=0x1302c8) returned 0xf02ce
[0217.447] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0217.447] SendMessageW (hWnd=0x1302c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1302c8) returned 0x0
[0217.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1302c8) returned 0x0
[0217.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.447] GetParent (hWnd=0x1302c8) returned 0xf02ce
[0217.447] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0217.448] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.448] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0217.448] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0xf02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1902de
[0217.448] SetWindowLongW (hWnd=0x1902de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0217.449] GetWindowLongW (hWnd=0x1902de, nIndex=-4) returned 1868026976
[0217.449] SetWindowLongW (hWnd=0x1902de, nIndex=-4, dwNewLong=19947278) returned 1868026976
[0217.449] GetWindowLongW (hWnd=0x1902de, nIndex=-4) returned 19947278
[0217.449] GetWindowLongW (hWnd=0x1902de, nIndex=-16) returned 1177553092
[0217.449] GetWindowLongW (hWnd=0x1902de, nIndex=-12) returned 0
[0217.449] SetWindowLongW (hWnd=0x1902de, nIndex=-12, dwNewLong=1639134) returned 0
[0217.449] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0217.451] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0217.452] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0217.474] GetWindow (hWnd=0x1902de, uCmd=0x3) returned 0x1302c8
[0217.474] GetClientRect (in: hWnd=0x1902de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0217.474] GetWindowRect (in: hWnd=0x1902de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0217.474] GetParent (hWnd=0x1902de) returned 0xf02ce
[0217.474] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0217.474] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.475] GetSystemMetrics (nIndex=42) returned 0
[0217.475] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0217.475] SendMessageW (hWnd=0x1902de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0217.475] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0217.480] SetWindowTextW (hWnd=0x1902de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0217.480] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0xc, wParam=0x0, lParam=0x2d96888) returned 0x1
[0217.483] GetSystemMetrics (nIndex=5) returned 1
[0217.483] GetSystemMetrics (nIndex=6) returned 1
[0217.483] SendMessageW (hWnd=0x1902de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0217.483] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0217.484] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0217.485] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0217.485] GetClientRect (in: hWnd=0x1902de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0217.485] GetWindowRect (in: hWnd=0x1902de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0217.485] GetParent (hWnd=0x1902de) returned 0xf02ce
[0217.485] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0xf02ce, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0217.485] SendMessageW (hWnd=0x1902de, Msg=0x2210, wParam=0x2de0001, lParam=0x1902de) returned 0x0
[0217.485] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x2210, wParam=0x2de0001, lParam=0x1902de) returned 0x0
[0217.485] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0217.486] GetParent (hWnd=0x1902de) returned 0xf02ce
[0217.486] GetWindowLongW (hWnd=0xf02ce, nIndex=-8) returned 458844
[0217.486] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0217.486] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0217.486] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x5e0107fc
[0217.486] GetDeviceCaps (hdc=0x5e0107fc, index=12) returned 32
[0217.486] GetDeviceCaps (hdc=0x5e0107fc, index=14) returned 1
[0217.486] DeleteDC (hdc=0x5e0107fc) returned 1
[0217.486] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0217.487] GetWindowThreadProcessId (in: hWnd=0xf02ce, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0217.487] GetCurrentThreadId () returned 0xf50
[0217.487] PostMessageW (hWnd=0xf02ce, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0217.487] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.487] GetSystemMetrics (nIndex=42) returned 0
[0217.487] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0217.487] GdipImageGetFrameDimensionsCount (image=0x6650168, count=0xd7e25c) returned 0x0
[0217.487] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200ae8
[0217.487] GdipImageGetFrameDimensionsList (image=0x6650168, dimensionIDs=0x1200ae8*(Data1=0x38002e, Data2=0x37, Data3=0x2d, Data4=([0]=0x1d, [1]=0x0, [2]=0x28, [3]=0x0, [4]=0x29, [5]=0x0, [6]=0x2b, [7]=0x0)), count=0x1) returned 0x0
[0217.487] LocalFree (hMem=0x1200ae8) returned 0x0
[0217.487] GdipImageGetFrameDimensionsCount (image=0x664fad8, count=0xd7e250) returned 0x0
[0217.487] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200c80
[0217.487] GdipImageGetFrameDimensionsList (image=0x664fad8, dimensionIDs=0x1200c80*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0217.487] LocalFree (hMem=0x1200c80) returned 0x0
[0217.488] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0217.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0217.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0217.500] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0217.501] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.501] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.502] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0217.502] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0217.502] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.502] GetSystemMetrics (nIndex=42) returned 0
[0217.502] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0217.503] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0217.503] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0217.503] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0217.503] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0xffffffff9f0507e0
[0217.503] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0217.503] SaveDC (hdc=0x60100ce) returned 1
[0217.503] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0217.503] CreateSolidBrush (color=0xf0f0f0) returned 0x281007e1
[0217.503] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0x281007e1) returned 1
[0217.503] DeleteObject (ho=0x281007e1) returned 1
[0217.503] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0217.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0217.505] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0217.505] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0217.505] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0217.505] GetStockObject (i=5) returned 0x900015
[0217.505] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0217.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0217.506] GetStockObject (i=5) returned 0x900015
[0217.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0217.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0217.506] GetStockObject (i=5) returned 0x900015
[0217.506] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0217.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0217.506] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0217.506] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0217.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0217.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0217.509] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0217.509] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0217.509] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.509] InvalidateRect (hWnd=0x1b02d8, lpRect=0x0, bErase=0) returned 1
[0217.509] GetFocus () returned 0xf02ce
[0217.509] GetFocus () returned 0xf02ce
[0217.509] SetFocus (hWnd=0x1b02d8) returned 0xf02ce
[0217.510] GetFocus () returned 0x1b02d8
[0217.510] IsChild (hWndParent=0xf02ce, hWnd=0x1b02d8) returned 1
[0217.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x8, wParam=0x1b02d8, lParam=0x0) returned 0x0
[0217.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0217.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0217.520] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.520] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x7, wParam=0xf02ce, lParam=0x0) returned 0x0
[0217.520] GetStockObject (i=5) returned 0x900015
[0217.521] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0217.521] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0217.521] GetDlgItem (hDlg=0xf02ce, nIDDlgItem=1770200) returned 0x1b02d8
[0217.521] SendMessageW (hWnd=0x1b02d8, Msg=0x202b, wParam=0x1b02d8, lParam=0xd7e0dc) returned 0x0
[0217.521] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x202b, wParam=0x1b02d8, lParam=0xd7e0dc) returned 0x0
[0217.521] InvalidateRect (hWnd=0x1b02d8, lpRect=0x0, bErase=0) returned 1
[0217.523] GetFocus () returned 0x1b02d8
[0217.524] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.524] IsWindowUnicode (hWnd=0xf02ce) returned 1
[0217.524] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.524] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.524] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0217.524] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.524] IsWindowUnicode (hWnd=0xf02ce) returned 1
[0217.524] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.524] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.524] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.524] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.525] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.525] IsWindowUnicode (hWnd=0xe02d0) returned 1
[0217.525] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.525] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.525] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.525] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.525] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.525] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.525] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.525] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0217.526] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0217.526] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.526] IsWindowUnicode (hWnd=0xe02d0) returned 1
[0217.526] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.526] SetCursor (hCursor=0x10003) returned 0x10003
[0217.526] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.526] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.526] _TrackMouseEvent (in: lpEventTrack=0x2d9bfb4 | out: lpEventTrack=0x2d9bfb4) returned 1
[0217.527] SendMessageW (hWnd=0xe02d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0217.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0217.527] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.527] GetKeyState (nVirtKey=1) returned 0
[0217.527] GetKeyState (nVirtKey=2) returned 0
[0217.527] GetKeyState (nVirtKey=4) returned 0
[0217.527] GetKeyState (nVirtKey=5) returned 0
[0217.527] GetKeyState (nVirtKey=6) returned 0
[0217.527] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.527] IsWindowUnicode (hWnd=0xf02ce) returned 1
[0217.527] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.527] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.527] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.528] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.529] IsWindowUnicode (hWnd=0xf02ce) returned 1
[0217.529] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.529] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.529] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.529] BeginPaint (in: hWnd=0xf02ce, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0217.529] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.529] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.529] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.530] GetSystemMetrics (nIndex=42) returned 0
[0217.530] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0217.530] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.530] EndPaint (hWnd=0xf02ce, lpPaint=0xd7e274) returned 1
[0217.530] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.530] IsWindowUnicode (hWnd=0x1902da) returned 1
[0217.530] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.530] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.530] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.530] BeginPaint (in: hWnd=0x1902da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0217.531] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.531] CreateCompatibleDC (hdc=0x10105d6) returned 0xa0107d0
[0217.531] SelectObject (hdc=0xa0107d0, h=0x4a0507fe) returned 0x85000f
[0217.531] GdipCreateFromHDC (hdc=0xa0107d0, graphics=0xd7e2b0) returned 0x0
[0217.531] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.531] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0217.531] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0217.531] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0217.531] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e310) returned 0x0
[0217.531] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0217.531] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0217.531] LocalFree (hMem=0x11ee9f0) returned 0x0
[0217.531] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0217.532] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0217.532] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0217.532] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e304) returned 0x0
[0217.532] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0217.532] GetWindowTextLengthW (hWnd=0x1902da) returned 0
[0217.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0217.532] GetSystemMetrics (nIndex=42) returned 0
[0217.532] GetWindowTextW (in: hWnd=0x1902da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0217.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0217.532] GetClientRect (in: hWnd=0x1902da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0217.532] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0217.532] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0217.532] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0217.532] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0217.532] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e164) returned 0x0
[0217.532] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.532] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0217.533] LocalFree (hMem=0x11ee788) returned 0x0
[0217.533] GdipCombineRegionRegion (region=0x6646e68, region2=0x6646688, combineMode=0x1) returned 0x0
[0217.533] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0217.533] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0217.533] LocalFree (hMem=0x11ee9f0) returned 0x0
[0217.533] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0217.533] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0217.533] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0217.533] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0217.533] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0217.533] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0217.533] GetCurrentObject (hdc=0xa0107d0, type=0x1) returned 0xb00017
[0217.533] GetCurrentObject (hdc=0xa0107d0, type=0x2) returned 0x900010
[0217.533] GetCurrentObject (hdc=0xa0107d0, type=0x7) returned 0x4a0507fe
[0217.533] GetCurrentObject (hdc=0xa0107d0, type=0x6) returned 0x8a01c2
[0217.533] SaveDC (hdc=0xa0107d0) returned 1
[0217.533] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf7040807
[0217.534] GetClipRgn (hdc=0xa0107d0, hrgn=0xf7040807) returned 0
[0217.534] SelectClipRgn (hdc=0xa0107d0, hrgn=0x800407de) returned 2
[0217.534] DeleteObject (ho=0xf7040807) returned 1
[0217.534] DeleteObject (ho=0x800407de) returned 1
[0217.534] OffsetViewportOrgEx (in: hdc=0xa0107d0, x=0, y=0, lppt=0x2d9c478 | out: lppt=0x2d9c478) returned 1
[0217.534] GetNearestColor (hdc=0xa0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0217.534] CreateSolidBrush (color=0xf0f0f0) returned 0x291007e1
[0217.534] FillRect (hDC=0xa0107d0, lprc=0xd7e198, hbr=0x291007e1) returned 1
[0217.534] DeleteObject (ho=0x291007e1) returned 1
[0217.534] RestoreDC (hdc=0xa0107d0, nSavedDC=-1) returned 1
[0217.534] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107d0) returned 0x0
[0217.534] GdipRestoreGraphics (graphics=0x6600030, state=0xf9ea0dbd) returned 0x0
[0217.534] GdipDeleteRegion (region=0x6646688) returned 0x0
[0217.534] GetWindowTextLengthW (hWnd=0x1902da) returned 0
[0217.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0217.535] GetSystemMetrics (nIndex=42) returned 0
[0217.535] GetWindowTextW (in: hWnd=0x1902da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0217.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0217.535] GdipGetImageWidth (image=0x6650168, width=0xd7e1e0) returned 0x0
[0217.535] GdipGetImageHeight (image=0x6650168, height=0xd7e1e0) returned 0x0
[0217.535] GdipGetImageWidth (image=0x6650168, width=0xd7e1cc) returned 0x0
[0217.535] GdipGetImageHeight (image=0x6650168, height=0xd7e1cc) returned 0x0
[0217.535] GdipDrawImageRectI (graphics=0x6600030, image=0x6650168, x=16, y=16, width=32, height=32) returned 0x0
[0217.535] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0217.535] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0xa0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.535] GdipReleaseDC (graphics=0x6600030, hdc=0xa0107d0) returned 0x0
[0217.535] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.535] SelectObject (hdc=0xa0107d0, h=0x85000f) returned 0x4a0507fe
[0217.535] DeleteDC (hdc=0xa0107d0) returned 1
[0217.536] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.536] EndPaint (hWnd=0x1902da, lpPaint=0xd7e294) returned 1
[0217.536] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.536] IsWindowUnicode (hWnd=0x1902dc) returned 1
[0217.536] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.536] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.536] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.536] BeginPaint (in: hWnd=0x1902dc, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0217.536] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.536] CreateCompatibleDC (hdc=0x60100ce) returned 0xc0107d0
[0217.536] GetObjectType (h=0x60100ce) returned 0x3
[0217.537] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0x6a0507fc
[0217.537] GetDIBits (in: hdc=0x60100ce, hbm=0x6a0507fc, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0217.537] GetDIBits (in: hdc=0x60100ce, hbm=0x6a0507fc, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0217.537] DeleteObject (ho=0x6a0507fc) returned 1
[0217.537] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x840507f2
[0217.537] SelectObject (hdc=0xc0107d0, h=0x840507f2) returned 0x85000f
[0217.537] GdipCreateFromHDC (hdc=0xc0107d0, graphics=0xd7e234) returned 0x0
[0217.537] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.538] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0217.538] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0217.538] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0217.538] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2d4) returned 0x0
[0217.538] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.538] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0217.538] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.538] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0217.538] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0217.538] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0217.538] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0217.538] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0217.538] GetWindowTextLengthW (hWnd=0x1902dc) returned 232
[0217.538] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0217.538] GetSystemMetrics (nIndex=42) returned 0
[0217.538] GetWindowTextW (in: hWnd=0x1902dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0217.538] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0217.538] GetClientRect (in: hWnd=0x1902dc, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0217.539] GdipCreateRegion (region=0xd7e110) returned 0x0
[0217.539] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.539] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0217.539] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0217.539] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e128) returned 0x0
[0217.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.539] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0217.539] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.539] GdipCombineRegionRegion (region=0x6646f88, region2=0x6646e68, combineMode=0x1) returned 0x0
[0217.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0217.539] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea98) returned 0x0
[0217.539] LocalFree (hMem=0x11eea98) returned 0x0
[0217.539] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0217.539] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e150) returned 0x0
[0217.539] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e140) returned 0x0
[0217.539] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0217.539] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.539] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0217.539] GetCurrentObject (hdc=0xc0107d0, type=0x1) returned 0xb00017
[0217.540] GetCurrentObject (hdc=0xc0107d0, type=0x2) returned 0x900010
[0217.540] GetCurrentObject (hdc=0xc0107d0, type=0x7) returned 0xffffffff840507f2
[0217.540] GetCurrentObject (hdc=0xc0107d0, type=0x6) returned 0x8a01c2
[0217.540] SaveDC (hdc=0xc0107d0) returned 1
[0217.540] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x810407de
[0217.540] GetClipRgn (hdc=0xc0107d0, hrgn=0x810407de) returned 0
[0217.540] SelectClipRgn (hdc=0xc0107d0, hrgn=0xf8040807) returned 2
[0217.540] DeleteObject (ho=0x810407de) returned 1
[0217.540] DeleteObject (ho=0xf8040807) returned 1
[0217.540] OffsetViewportOrgEx (in: hdc=0xc0107d0, x=0, y=0, lppt=0x2d9de40 | out: lppt=0x2d9de40) returned 1
[0217.540] GetNearestColor (hdc=0xc0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0217.540] CreateSolidBrush (color=0xf0f0f0) returned 0x2a1007e1
[0217.540] FillRect (hDC=0xc0107d0, lprc=0xd7e15c, hbr=0x2a1007e1) returned 1
[0217.541] DeleteObject (ho=0x2a1007e1) returned 1
[0217.541] RestoreDC (hdc=0xc0107d0, nSavedDC=-1) returned 1
[0217.541] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107d0) returned 0x0
[0217.541] GdipRestoreGraphics (graphics=0x6600030, state=0xf9e80dbd) returned 0x0
[0217.541] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0217.541] GetWindowTextLengthW (hWnd=0x1902dc) returned 232
[0217.541] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0217.541] GetSystemMetrics (nIndex=42) returned 0
[0217.541] GetWindowTextW (in: hWnd=0x1902dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0217.541] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0217.542] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0217.542] GetCurrentObject (hdc=0xc0107d0, type=0x1) returned 0xb00017
[0217.542] GetCurrentObject (hdc=0xc0107d0, type=0x2) returned 0x900010
[0217.542] GetCurrentObject (hdc=0xc0107d0, type=0x7) returned 0xffffffff840507f2
[0217.542] GetCurrentObject (hdc=0xc0107d0, type=0x6) returned 0x8a01c2
[0217.542] SaveDC (hdc=0xc0107d0) returned 1
[0217.542] GetNearestColor (hdc=0xc0107d0, color=0x0) returned 0x0
[0217.542] RestoreDC (hdc=0xc0107d0, nSavedDC=-1) returned 1
[0217.542] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107d0) returned 0x0
[0217.543] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0217.543] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0217.543] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d9e63c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0217.543] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0217.543] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0217.543] GetCurrentObject (hdc=0xc0107d0, type=0x1) returned 0xb00017
[0217.543] GetCurrentObject (hdc=0xc0107d0, type=0x2) returned 0x900010
[0217.543] GetCurrentObject (hdc=0xc0107d0, type=0x7) returned 0xffffffff840507f2
[0217.544] GetCurrentObject (hdc=0xc0107d0, type=0x6) returned 0x8a01c2
[0217.544] SaveDC (hdc=0xc0107d0) returned 1
[0217.549] GetTextAlign (hdc=0xc0107d0) returned 0x0
[0217.549] GetTextColor (hdc=0xc0107d0) returned 0x0
[0217.549] GetCurrentObject (hdc=0xc0107d0, type=0x6) returned 0x8a01c2
[0217.549] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0217.549] SelectObject (hdc=0xc0107d0, h=0x6d0a0520) returned 0x8a01c2
[0217.550] GetBkMode (hdc=0xc0107d0) returned 2
[0217.550] SetBkMode (hdc=0xc0107d0, mode=1) returned 2
[0217.550] DrawTextExW (in: hdc=0xc0107d0, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d9e860 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0217.553] RestoreDC (hdc=0xc0107d0, nSavedDC=-1) returned 1
[0217.553] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107d0) returned 0x0
[0217.553] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0217.553] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0xc0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.553] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107d0) returned 0x0
[0217.553] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.553] SelectObject (hdc=0xc0107d0, h=0x85000f) returned 0x840507f2
[0217.553] DeleteDC (hdc=0xc0107d0) returned 1
[0217.554] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.554] DeleteObject (ho=0x840507f2) returned 1
[0217.554] EndPaint (hWnd=0x1902dc, lpPaint=0xd7e258) returned 1
[0217.555] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.555] IsWindowUnicode (hWnd=0x1b02d8) returned 1
[0217.555] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.555] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.555] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.555] BeginPaint (in: hWnd=0x1b02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0217.555] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.555] CreateCompatibleDC (hdc=0xc0107c5) returned 0x6c0107fc
[0217.555] SelectObject (hdc=0x6c0107fc, h=0x4a0507fe) returned 0x85000f
[0217.555] GdipCreateFromHDC (hdc=0x6c0107fc, graphics=0xd7e268) returned 0x0
[0217.556] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.556] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0217.556] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0217.556] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0217.556] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0217.556] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0217.556] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0217.556] LocalFree (hMem=0x11ee868) returned 0x0
[0217.556] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0217.556] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0217.556] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0217.556] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0217.556] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0217.556] GdipRestoreGraphics (graphics=0x6600030, state=0xf9e60dbd) returned 0x0
[0217.556] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0217.556] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0217.556] GetCurrentObject (hdc=0x6c0107fc, type=0x1) returned 0xb00017
[0217.556] GetCurrentObject (hdc=0x6c0107fc, type=0x2) returned 0x900010
[0217.557] GetCurrentObject (hdc=0x6c0107fc, type=0x7) returned 0x4a0507fe
[0217.557] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.557] SaveDC (hdc=0x6c0107fc) returned 1
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0x696969) returned 0x696969
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0x0) returned 0x0
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0xffffff) returned 0xffffff
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0xe5e5e5) returned 0xe5e5e5
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0xd7d7d7) returned 0xd7d7d7
[0217.557] GetNearestColor (hdc=0x6c0107fc, color=0x0) returned 0x0
[0217.557] RestoreDC (hdc=0x6c0107fc, nSavedDC=-1) returned 1
[0217.558] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107fc) returned 0x0
[0217.558] IsAppThemed () returned 0x1
[0217.558] GetThemeAppProperties () returned 0x3
[0217.558] GetThemeAppProperties () returned 0x3
[0217.558] GdipGetImageWidth (image=0x664fad8, width=0xd7e168) returned 0x0
[0217.558] GdipGetImageHeight (image=0x664fad8, height=0xd7e168) returned 0x0
[0217.558] IsAppThemed () returned 0x1
[0217.558] GetThemeAppProperties () returned 0x3
[0217.558] GetThemeAppProperties () returned 0x3
[0217.558] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d9efb0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0217.558] IsAppThemed () returned 0x1
[0217.558] GetThemeAppProperties () returned 0x3
[0217.558] GetThemeAppProperties () returned 0x3
[0217.558] IsAppThemed () returned 0x1
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] GetFocus () returned 0x1b02d8
[0217.559] IsAppThemed () returned 0x1
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] IsAppThemed () returned 0x1
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] IsThemePartDefined () returned 0x1
[0217.559] IsAppThemed () returned 0x1
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] GetThemeAppProperties () returned 0x3
[0217.559] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0217.559] IsAppThemed () returned 0x1
[0217.559] GetThemeAppProperties () returned 0x3
[0217.565] GetThemeAppProperties () returned 0x3
[0217.565] IsAppThemed () returned 0x1
[0217.565] GetThemeAppProperties () returned 0x3
[0217.565] GetThemeAppProperties () returned 0x3
[0217.565] IsThemePartDefined () returned 0x1
[0217.565] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0217.566] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0217.566] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0217.566] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0217.566] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dff0) returned 0x0
[0217.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.566] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0217.566] LocalFree (hMem=0x11ee788) returned 0x0
[0217.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.566] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0217.566] LocalFree (hMem=0x11ee788) returned 0x0
[0217.566] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0217.566] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0217.566] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0217.566] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0217.566] GdipDeleteRegion (region=0x6646298) returned 0x0
[0217.566] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0217.566] GetCurrentObject (hdc=0x6c0107fc, type=0x1) returned 0xb00017
[0217.567] GetCurrentObject (hdc=0x6c0107fc, type=0x2) returned 0x900010
[0217.567] GetCurrentObject (hdc=0x6c0107fc, type=0x7) returned 0x4a0507fe
[0217.567] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.567] SaveDC (hdc=0x6c0107fc) returned 1
[0217.567] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf9040807
[0217.567] GetClipRgn (hdc=0x6c0107fc, hrgn=0xf9040807) returned 0
[0217.567] SelectClipRgn (hdc=0x6c0107fc, hrgn=0x850407de) returned 2
[0217.567] DeleteObject (ho=0xf9040807) returned 1
[0217.567] DeleteObject (ho=0x850407de) returned 1
[0217.567] OffsetViewportOrgEx (in: hdc=0x6c0107fc, x=0, y=0, lppt=0x2d9f660 | out: lppt=0x2d9f660) returned 1
[0217.567] DrawThemeParentBackground () returned 0x0
[0217.567] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0217.568] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0217.568] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.568] GetSystemMetrics (nIndex=42) returned 0
[0217.568] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0217.568] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0217.568] GetCurrentObject (hdc=0x6c0107fc, type=0x1) returned 0xb00017
[0217.568] GetCurrentObject (hdc=0x6c0107fc, type=0x2) returned 0x900010
[0217.568] GetCurrentObject (hdc=0x6c0107fc, type=0x7) returned 0x4a0507fe
[0217.568] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.568] SaveDC (hdc=0x6c0107fc) returned 2
[0217.568] GetNearestColor (hdc=0x6c0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.568] CreateSolidBrush (color=0xf0f0f0) returned 0x2b1007e1
[0217.568] FillRect (hDC=0x6c0107fc, lprc=0xd7da38, hbr=0x2b1007e1) returned 1
[0217.568] DeleteObject (ho=0x2b1007e1) returned 1
[0217.568] RestoreDC (hdc=0x6c0107fc, nSavedDC=-1) returned 1
[0217.569] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.569] GetSystemMetrics (nIndex=42) returned 0
[0217.569] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0217.569] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0217.569] GetCurrentObject (hdc=0x6c0107fc, type=0x1) returned 0xb00017
[0217.569] GetCurrentObject (hdc=0x6c0107fc, type=0x2) returned 0x900010
[0217.569] GetCurrentObject (hdc=0x6c0107fc, type=0x7) returned 0x4a0507fe
[0217.569] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.569] SaveDC (hdc=0x6c0107fc) returned 2
[0217.569] GetNearestColor (hdc=0x6c0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.569] CreateSolidBrush (color=0xf0f0f0) returned 0x2c1007e1
[0217.569] FillRect (hDC=0x6c0107fc, lprc=0xd7d9d8, hbr=0x2c1007e1) returned 1
[0217.569] DeleteObject (ho=0x2c1007e1) returned 1
[0217.569] RestoreDC (hdc=0x6c0107fc, nSavedDC=-1) returned 1
[0217.569] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.570] GetSystemMetrics (nIndex=42) returned 0
[0217.570] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0217.570] RestoreDC (hdc=0x6c0107fc, nSavedDC=-1) returned 1
[0217.570] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107fc) returned 0x0
[0217.570] IsAppThemed () returned 0x1
[0217.570] GetThemeAppProperties () returned 0x3
[0217.570] GetThemeAppProperties () returned 0x3
[0217.570] IsAppThemed () returned 0x1
[0217.570] GetThemeAppProperties () returned 0x3
[0217.570] GetThemeAppProperties () returned 0x3
[0217.570] IsThemePartDefined () returned 0x1
[0217.570] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0217.570] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0217.570] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0217.570] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0217.570] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df74) returned 0x0
[0217.571] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0217.571] LocalFree (hMem=0x11ee788) returned 0x0
[0217.571] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0217.571] LocalFree (hMem=0x11ee8d8) returned 0x0
[0217.571] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0217.571] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0217.571] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0217.571] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0217.571] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0217.571] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0217.571] GetCurrentObject (hdc=0x6c0107fc, type=0x1) returned 0xb00017
[0217.571] GetCurrentObject (hdc=0x6c0107fc, type=0x2) returned 0x900010
[0217.571] GetCurrentObject (hdc=0x6c0107fc, type=0x7) returned 0x4a0507fe
[0217.571] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.571] SaveDC (hdc=0x6c0107fc) returned 1
[0217.571] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x860407de
[0217.571] GetClipRgn (hdc=0x6c0107fc, hrgn=0x860407de) returned 0
[0217.572] SelectClipRgn (hdc=0x6c0107fc, hrgn=0xfb040807) returned 2
[0217.572] DeleteObject (ho=0x860407de) returned 1
[0217.572] DeleteObject (ho=0xfb040807) returned 1
[0217.572] OffsetViewportOrgEx (in: hdc=0x6c0107fc, x=0, y=0, lppt=0x2d9ffe4 | out: lppt=0x2d9ffe4) returned 1
[0217.572] IsAppThemed () returned 0x1
[0217.572] GetThemeAppProperties () returned 0x3
[0217.572] GetThemeAppProperties () returned 0x3
[0217.572] DrawThemeBackground () returned 0x0
[0217.572] RestoreDC (hdc=0x6c0107fc, nSavedDC=-1) returned 1
[0217.572] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107fc) returned 0x0
[0217.572] GdipCreateRegion (region=0xd7df60) returned 0x0
[0217.572] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0217.572] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0217.572] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0217.572] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0217.572] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0217.572] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0217.573] LocalFree (hMem=0x11ee8d8) returned 0x0
[0217.573] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.573] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0217.573] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.573] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0217.573] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0217.573] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0217.573] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0217.573] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0217.573] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0217.573] GetCurrentObject (hdc=0x6c0107fc, type=0x1) returned 0xb00017
[0217.573] GetCurrentObject (hdc=0x6c0107fc, type=0x2) returned 0x900010
[0217.573] GetCurrentObject (hdc=0x6c0107fc, type=0x7) returned 0x4a0507fe
[0217.573] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.573] SaveDC (hdc=0x6c0107fc) returned 1
[0217.573] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfc040807
[0217.573] GetClipRgn (hdc=0x6c0107fc, hrgn=0xfc040807) returned 0
[0217.574] SelectClipRgn (hdc=0x6c0107fc, hrgn=0x870407de) returned 2
[0217.574] DeleteObject (ho=0xfc040807) returned 1
[0217.574] DeleteObject (ho=0x870407de) returned 1
[0217.574] OffsetViewportOrgEx (in: hdc=0x6c0107fc, x=0, y=0, lppt=0x2da02b8 | out: lppt=0x2da02b8) returned 1
[0217.574] IsAppThemed () returned 0x1
[0217.574] GetThemeAppProperties () returned 0x3
[0217.574] GetThemeAppProperties () returned 0x3
[0217.574] GetThemeBackgroundContentRect () returned 0x0
[0217.574] RestoreDC (hdc=0x6c0107fc, nSavedDC=-1) returned 1
[0217.574] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107fc) returned 0x0
[0217.574] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0217.574] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0217.574] GdipCloneRegion (region=0x6646e68, cloneRegion=0xd7e150) returned 0x0
[0217.574] GdipCombineRegionRectI (region=0x66468c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0217.574] GdipCombineRegionRectI (region=0x66468c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0217.575] GdipSetClipRegion (graphics=0x6600030, region=0x66468c8, combineMode=0x0) returned 0x0
[0217.575] GdipGetImageWidth (image=0x664fad8, width=0xd7e154) returned 0x0
[0217.575] GdipGetImageHeight (image=0x664fad8, height=0xd7e148) returned 0x0
[0217.575] GdipDrawImageRectI (graphics=0x6600030, image=0x664fad8, x=4, y=4, width=16, height=16) returned 0x0
[0217.575] GdipSetClipRegion (graphics=0x6600030, region=0x6646e68, combineMode=0x0) returned 0x0
[0217.575] IsAppThemed () returned 0x1
[0217.583] GetThemeAppProperties () returned 0x3
[0217.583] GetThemeAppProperties () returned 0x3
[0217.583] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0217.583] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0217.583] GetCurrentObject (hdc=0x6c0107fc, type=0x1) returned 0xb00017
[0217.583] GetCurrentObject (hdc=0x6c0107fc, type=0x2) returned 0x900010
[0217.583] GetCurrentObject (hdc=0x6c0107fc, type=0x7) returned 0x4a0507fe
[0217.583] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.583] SaveDC (hdc=0x6c0107fc) returned 1
[0217.583] GetTextAlign (hdc=0x6c0107fc) returned 0x0
[0217.583] GetTextColor (hdc=0x6c0107fc) returned 0x0
[0217.584] GetCurrentObject (hdc=0x6c0107fc, type=0x6) returned 0x8a01c2
[0217.584] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0217.584] SelectObject (hdc=0x6c0107fc, h=0x6d0a0520) returned 0x8a01c2
[0217.584] GetBkMode (hdc=0x6c0107fc) returned 2
[0217.584] SetBkMode (hdc=0x6c0107fc, mode=1) returned 2
[0217.584] DrawTextExW (in: hdc=0x6c0107fc, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2da0678 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0217.584] DrawTextExW (in: hdc=0x6c0107fc, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2da0678 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0217.585] RestoreDC (hdc=0x6c0107fc, nSavedDC=-1) returned 1
[0217.585] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107fc) returned 0x0
[0217.585] GetFocus () returned 0x1b02d8
[0217.585] IsAppThemed () returned 0x1
[0217.585] GetThemeAppProperties () returned 0x3
[0217.585] GetThemeAppProperties () returned 0x3
[0217.585] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0217.585] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x6c0107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.585] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107fc) returned 0x0
[0217.585] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.585] SelectObject (hdc=0x6c0107fc, h=0x85000f) returned 0x4a0507fe
[0217.585] DeleteDC (hdc=0x6c0107fc) returned 1
[0217.586] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.586] EndPaint (hWnd=0x1b02d8, lpPaint=0xd7e24c) returned 1
[0217.586] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.586] IsWindowUnicode (hWnd=0xe02d0) returned 1
[0217.586] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.586] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.586] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.586] BeginPaint (in: hWnd=0xe02d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0217.586] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.586] CreateCompatibleDC (hdc=0x107b9) returned 0x6e0107fc
[0217.587] SelectObject (hdc=0x6e0107fc, h=0x4a0507fe) returned 0x85000f
[0217.587] GdipCreateFromHDC (hdc=0x6e0107fc, graphics=0xd7e268) returned 0x0
[0217.587] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.587] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0217.587] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0217.587] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0217.587] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0217.587] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.587] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0217.587] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.587] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0217.587] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0217.587] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.587] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0217.588] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0217.588] GdipRestoreGraphics (graphics=0x6600030, state=0xf9e40dbd) returned 0x0
[0217.588] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.588] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0217.588] GetCurrentObject (hdc=0x6e0107fc, type=0x1) returned 0xb00017
[0217.588] GetCurrentObject (hdc=0x6e0107fc, type=0x2) returned 0x900010
[0217.588] GetCurrentObject (hdc=0x6e0107fc, type=0x7) returned 0x4a0507fe
[0217.588] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.588] SaveDC (hdc=0x6e0107fc) returned 1
[0217.588] GetNearestColor (hdc=0x6e0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.588] GetNearestColor (hdc=0x6e0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0217.588] GetNearestColor (hdc=0x6e0107fc, color=0x696969) returned 0x696969
[0217.589] GetNearestColor (hdc=0x6e0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0217.589] GetNearestColor (hdc=0x6e0107fc, color=0x0) returned 0x0
[0217.589] GetNearestColor (hdc=0x6e0107fc, color=0xffffff) returned 0xffffff
[0217.589] GetNearestColor (hdc=0x6e0107fc, color=0xe5e5e5) returned 0xe5e5e5
[0217.589] GetNearestColor (hdc=0x6e0107fc, color=0xd7d7d7) returned 0xd7d7d7
[0217.589] GetNearestColor (hdc=0x6e0107fc, color=0x0) returned 0x0
[0217.589] RestoreDC (hdc=0x6e0107fc, nSavedDC=-1) returned 1
[0217.589] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107fc) returned 0x0
[0217.589] IsAppThemed () returned 0x1
[0217.589] GetThemeAppProperties () returned 0x3
[0217.589] GetThemeAppProperties () returned 0x3
[0217.589] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0217.589] SendMessageW (hWnd=0xf02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0217.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0217.590] IsAppThemed () returned 0x1
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2da0e88 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0217.590] IsAppThemed () returned 0x1
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] IsAppThemed () returned 0x1
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] IsAppThemed () returned 0x1
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] GetThemeAppProperties () returned 0x3
[0217.590] IsAppThemed () returned 0x1
[0217.590] GetThemeAppProperties () returned 0x3
[0217.591] GetThemeAppProperties () returned 0x3
[0217.591] IsThemePartDefined () returned 0x1
[0217.591] IsAppThemed () returned 0x1
[0217.591] GetThemeAppProperties () returned 0x3
[0217.591] GetThemeAppProperties () returned 0x3
[0217.591] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0217.591] IsAppThemed () returned 0x1
[0217.591] GetThemeAppProperties () returned 0x3
[0217.591] GetThemeAppProperties () returned 0x3
[0217.591] IsAppThemed () returned 0x1
[0217.592] GetThemeAppProperties () returned 0x3
[0217.592] GetThemeAppProperties () returned 0x3
[0217.592] IsThemePartDefined () returned 0x1
[0217.592] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0217.592] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0217.592] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0217.592] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0217.592] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfe4) returned 0x0
[0217.592] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0217.592] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eead0) returned 0x0
[0217.592] LocalFree (hMem=0x11eead0) returned 0x0
[0217.592] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.592] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0217.592] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.592] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0217.592] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0217.592] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0217.592] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0217.592] GdipDeleteRegion (region=0x6646718) returned 0x0
[0217.593] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0217.593] GetCurrentObject (hdc=0x6e0107fc, type=0x1) returned 0xb00017
[0217.593] GetCurrentObject (hdc=0x6e0107fc, type=0x2) returned 0x900010
[0217.593] GetCurrentObject (hdc=0x6e0107fc, type=0x7) returned 0x4a0507fe
[0217.593] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.593] SaveDC (hdc=0x6e0107fc) returned 1
[0217.593] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x880407de
[0217.593] GetClipRgn (hdc=0x6e0107fc, hrgn=0x880407de) returned 0
[0217.593] SelectClipRgn (hdc=0x6e0107fc, hrgn=0x40807) returned 2
[0217.593] DeleteObject (ho=0x880407de) returned 1
[0217.593] DeleteObject (ho=0x40807) returned 1
[0217.593] OffsetViewportOrgEx (in: hdc=0x6e0107fc, x=0, y=0, lppt=0x2da1538 | out: lppt=0x2da1538) returned 1
[0217.593] DrawThemeParentBackground () returned 0x0
[0217.594] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0217.594] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0217.594] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.594] GetSystemMetrics (nIndex=42) returned 0
[0217.594] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0217.594] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0217.594] GetCurrentObject (hdc=0x6e0107fc, type=0x1) returned 0xb00017
[0217.594] GetCurrentObject (hdc=0x6e0107fc, type=0x2) returned 0x900010
[0217.594] GetCurrentObject (hdc=0x6e0107fc, type=0x7) returned 0x4a0507fe
[0217.594] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.594] SaveDC (hdc=0x6e0107fc) returned 2
[0217.594] GetNearestColor (hdc=0x6e0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.594] CreateSolidBrush (color=0xf0f0f0) returned 0x2d1007e1
[0217.594] FillRect (hDC=0x6e0107fc, lprc=0xd7da30, hbr=0x2d1007e1) returned 1
[0217.595] DeleteObject (ho=0x2d1007e1) returned 1
[0217.595] RestoreDC (hdc=0x6e0107fc, nSavedDC=-1) returned 1
[0217.595] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.595] GetSystemMetrics (nIndex=42) returned 0
[0217.595] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0217.595] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0217.595] GetCurrentObject (hdc=0x6e0107fc, type=0x1) returned 0xb00017
[0217.595] GetCurrentObject (hdc=0x6e0107fc, type=0x2) returned 0x900010
[0217.595] GetCurrentObject (hdc=0x6e0107fc, type=0x7) returned 0x4a0507fe
[0217.595] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.595] SaveDC (hdc=0x6e0107fc) returned 2
[0217.595] GetNearestColor (hdc=0x6e0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.596] CreateSolidBrush (color=0xf0f0f0) returned 0x2e1007e1
[0217.596] FillRect (hDC=0x6e0107fc, lprc=0xd7d9d0, hbr=0x2e1007e1) returned 1
[0217.596] DeleteObject (ho=0x2e1007e1) returned 1
[0217.596] RestoreDC (hdc=0x6e0107fc, nSavedDC=-1) returned 1
[0217.596] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.596] GetSystemMetrics (nIndex=42) returned 0
[0217.596] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0217.596] RestoreDC (hdc=0x6e0107fc, nSavedDC=-1) returned 1
[0217.596] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107fc) returned 0x0
[0217.596] IsAppThemed () returned 0x1
[0217.597] GetThemeAppProperties () returned 0x3
[0217.597] GetThemeAppProperties () returned 0x3
[0217.597] IsAppThemed () returned 0x1
[0217.597] GetThemeAppProperties () returned 0x3
[0217.597] GetThemeAppProperties () returned 0x3
[0217.597] IsThemePartDefined () returned 0x1
[0217.597] GdipCreateRegion (region=0xd7df50) returned 0x0
[0217.597] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.597] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0217.597] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0217.597] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df68) returned 0x0
[0217.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.597] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0217.597] LocalFree (hMem=0x11ee788) returned 0x0
[0217.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0217.597] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0217.597] LocalFree (hMem=0x11ee8d8) returned 0x0
[0217.597] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0217.597] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df90) returned 0x0
[0217.598] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df80) returned 0x0
[0217.598] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0217.598] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.598] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0217.598] GetCurrentObject (hdc=0x6e0107fc, type=0x1) returned 0xb00017
[0217.598] GetCurrentObject (hdc=0x6e0107fc, type=0x2) returned 0x900010
[0217.598] GetCurrentObject (hdc=0x6e0107fc, type=0x7) returned 0x4a0507fe
[0217.598] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.598] SaveDC (hdc=0x6e0107fc) returned 1
[0217.598] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1040807
[0217.598] GetClipRgn (hdc=0x6e0107fc, hrgn=0x1040807) returned 0
[0217.598] SelectClipRgn (hdc=0x6e0107fc, hrgn=0x8a0407de) returned 2
[0217.598] DeleteObject (ho=0x1040807) returned 1
[0217.598] DeleteObject (ho=0x8a0407de) returned 1
[0217.598] OffsetViewportOrgEx (in: hdc=0x6e0107fc, x=0, y=0, lppt=0x2da1ebc | out: lppt=0x2da1ebc) returned 1
[0217.598] IsAppThemed () returned 0x1
[0217.599] GetThemeAppProperties () returned 0x3
[0217.599] GetThemeAppProperties () returned 0x3
[0217.599] DrawThemeBackground () returned 0x0
[0217.599] RestoreDC (hdc=0x6e0107fc, nSavedDC=-1) returned 1
[0217.599] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107fc) returned 0x0
[0217.599] GdipCreateRegion (region=0xd7df54) returned 0x0
[0217.599] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0217.599] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0217.599] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0217.599] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df6c) returned 0x0
[0217.599] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0217.599] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0217.599] LocalFree (hMem=0x11ee868) returned 0x0
[0217.599] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0217.599] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eead0) returned 0x0
[0217.599] LocalFree (hMem=0x11eead0) returned 0x0
[0217.600] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0217.600] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df94) returned 0x0
[0217.600] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df84) returned 0x0
[0217.600] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0217.600] GdipDeleteRegion (region=0x6646688) returned 0x0
[0217.600] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0217.600] GetCurrentObject (hdc=0x6e0107fc, type=0x1) returned 0xb00017
[0217.600] GetCurrentObject (hdc=0x6e0107fc, type=0x2) returned 0x900010
[0217.600] GetCurrentObject (hdc=0x6e0107fc, type=0x7) returned 0x4a0507fe
[0217.600] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.600] SaveDC (hdc=0x6e0107fc) returned 1
[0217.600] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b0407de
[0217.600] GetClipRgn (hdc=0x6e0107fc, hrgn=0x8b0407de) returned 0
[0217.600] SelectClipRgn (hdc=0x6e0107fc, hrgn=0x2040807) returned 2
[0217.600] DeleteObject (ho=0x8b0407de) returned 1
[0217.600] DeleteObject (ho=0x2040807) returned 1
[0217.600] OffsetViewportOrgEx (in: hdc=0x6e0107fc, x=0, y=0, lppt=0x2da2190 | out: lppt=0x2da2190) returned 1
[0217.601] IsAppThemed () returned 0x1
[0217.601] GetThemeAppProperties () returned 0x3
[0217.601] GetThemeAppProperties () returned 0x3
[0217.601] GetThemeBackgroundContentRect () returned 0x0
[0217.601] RestoreDC (hdc=0x6e0107fc, nSavedDC=-1) returned 1
[0217.601] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107fc) returned 0x0
[0217.601] IsAppThemed () returned 0x1
[0217.601] GetThemeAppProperties () returned 0x3
[0217.601] GetThemeAppProperties () returned 0x3
[0217.601] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0217.601] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0217.601] GetCurrentObject (hdc=0x6e0107fc, type=0x1) returned 0xb00017
[0217.601] GetCurrentObject (hdc=0x6e0107fc, type=0x2) returned 0x900010
[0217.601] GetCurrentObject (hdc=0x6e0107fc, type=0x7) returned 0x4a0507fe
[0217.601] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.601] SaveDC (hdc=0x6e0107fc) returned 1
[0217.601] GetTextAlign (hdc=0x6e0107fc) returned 0x0
[0217.602] GetTextColor (hdc=0x6e0107fc) returned 0x0
[0217.602] GetCurrentObject (hdc=0x6e0107fc, type=0x6) returned 0x8a01c2
[0217.602] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0217.602] SelectObject (hdc=0x6e0107fc, h=0x6d0a0520) returned 0x8a01c2
[0217.602] GetBkMode (hdc=0x6e0107fc) returned 2
[0217.602] SetBkMode (hdc=0x6e0107fc, mode=1) returned 2
[0217.602] DrawTextExW (in: hdc=0x6e0107fc, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2da2530 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0217.602] DrawTextExW (in: hdc=0x6e0107fc, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2da2530 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0217.603] RestoreDC (hdc=0x6e0107fc, nSavedDC=-1) returned 1
[0217.603] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107fc) returned 0x0
[0217.603] GetFocus () returned 0x1b02d8
[0217.603] IsAppThemed () returned 0x1
[0217.603] GetThemeAppProperties () returned 0x3
[0217.603] GetThemeAppProperties () returned 0x3
[0217.603] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0217.603] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x6e0107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.603] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107fc) returned 0x0
[0217.603] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.603] SelectObject (hdc=0x6e0107fc, h=0x85000f) returned 0x4a0507fe
[0217.603] DeleteDC (hdc=0x6e0107fc) returned 1
[0217.604] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.604] EndPaint (hWnd=0xe02d0, lpPaint=0xd7e24c) returned 1
[0217.604] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.604] IsWindowUnicode (hWnd=0x1302c8) returned 1
[0217.604] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.605] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.605] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.605] BeginPaint (in: hWnd=0x1302c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0217.605] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.605] CreateCompatibleDC (hdc=0x10105d6) returned 0x700107fc
[0217.605] SelectObject (hdc=0x700107fc, h=0x4a0507fe) returned 0x85000f
[0217.605] GdipCreateFromHDC (hdc=0x700107fc, graphics=0xd7e268) returned 0x0
[0217.605] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.605] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0217.605] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0217.605] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0217.605] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0217.606] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0217.606] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0217.606] LocalFree (hMem=0x11ee8d8) returned 0x0
[0217.606] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0217.606] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0217.606] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.606] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0217.606] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0217.606] GdipRestoreGraphics (graphics=0x6600030, state=0xf9e20dbd) returned 0x0
[0217.606] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.644] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0217.644] GetCurrentObject (hdc=0x700107fc, type=0x1) returned 0xb00017
[0217.644] GetCurrentObject (hdc=0x700107fc, type=0x2) returned 0x900010
[0217.644] GetCurrentObject (hdc=0x700107fc, type=0x7) returned 0x4a0507fe
[0217.644] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.644] SaveDC (hdc=0x700107fc) returned 1
[0217.644] GetNearestColor (hdc=0x700107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.644] GetNearestColor (hdc=0x700107fc, color=0xa0a0a0) returned 0xa0a0a0
[0217.644] GetNearestColor (hdc=0x700107fc, color=0x696969) returned 0x696969
[0217.644] GetNearestColor (hdc=0x700107fc, color=0xa0a0a0) returned 0xa0a0a0
[0217.644] GetNearestColor (hdc=0x700107fc, color=0x0) returned 0x0
[0217.645] GetNearestColor (hdc=0x700107fc, color=0xffffff) returned 0xffffff
[0217.645] GetNearestColor (hdc=0x700107fc, color=0xe5e5e5) returned 0xe5e5e5
[0217.645] GetNearestColor (hdc=0x700107fc, color=0xd7d7d7) returned 0xd7d7d7
[0217.645] GetNearestColor (hdc=0x700107fc, color=0x0) returned 0x0
[0217.645] RestoreDC (hdc=0x700107fc, nSavedDC=-1) returned 1
[0217.645] GdipReleaseDC (graphics=0x6600030, hdc=0x700107fc) returned 0x0
[0217.645] IsAppThemed () returned 0x1
[0217.645] GetThemeAppProperties () returned 0x3
[0217.645] GetThemeAppProperties () returned 0x3
[0217.645] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0217.645] SendMessageW (hWnd=0xf02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0217.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0217.645] IsAppThemed () returned 0x1
[0217.645] GetThemeAppProperties () returned 0x3
[0217.645] GetThemeAppProperties () returned 0x3
[0217.646] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2da2d40 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0217.646] IsAppThemed () returned 0x1
[0217.646] GetThemeAppProperties () returned 0x3
[0217.646] GetThemeAppProperties () returned 0x3
[0217.646] IsAppThemed () returned 0x1
[0217.646] GetThemeAppProperties () returned 0x3
[0217.646] GetThemeAppProperties () returned 0x3
[0217.646] GetFocus () returned 0x1b02d8
[0217.647] IsAppThemed () returned 0x1
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] IsAppThemed () returned 0x1
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] IsThemePartDefined () returned 0x1
[0217.647] IsAppThemed () returned 0x1
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0217.647] IsAppThemed () returned 0x1
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] IsAppThemed () returned 0x1
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] GetThemeAppProperties () returned 0x3
[0217.647] IsThemePartDefined () returned 0x1
[0217.647] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0217.648] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0217.648] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0217.648] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0217.648] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0217.648] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0217.648] LocalFree (hMem=0x11ee788) returned 0x0
[0217.648] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.648] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0217.648] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.648] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0217.648] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0217.648] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0217.648] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0217.648] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0217.648] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0217.648] GetCurrentObject (hdc=0x700107fc, type=0x1) returned 0xb00017
[0217.649] GetCurrentObject (hdc=0x700107fc, type=0x2) returned 0x900010
[0217.649] GetCurrentObject (hdc=0x700107fc, type=0x7) returned 0x4a0507fe
[0217.649] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.649] SaveDC (hdc=0x700107fc) returned 1
[0217.649] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3040807
[0217.649] GetClipRgn (hdc=0x700107fc, hrgn=0x3040807) returned 0
[0217.649] SelectClipRgn (hdc=0x700107fc, hrgn=0x8f0407de) returned 2
[0217.649] DeleteObject (ho=0x3040807) returned 1
[0217.649] DeleteObject (ho=0x8f0407de) returned 1
[0217.649] OffsetViewportOrgEx (in: hdc=0x700107fc, x=0, y=0, lppt=0x2da33f0 | out: lppt=0x2da33f0) returned 1
[0217.649] DrawThemeParentBackground () returned 0x0
[0217.649] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0217.650] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0217.650] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.650] GetSystemMetrics (nIndex=42) returned 0
[0217.650] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0217.650] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0217.650] GetCurrentObject (hdc=0x700107fc, type=0x1) returned 0xb00017
[0217.650] GetCurrentObject (hdc=0x700107fc, type=0x2) returned 0x900010
[0217.650] GetCurrentObject (hdc=0x700107fc, type=0x7) returned 0x4a0507fe
[0217.650] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.650] SaveDC (hdc=0x700107fc) returned 2
[0217.650] GetNearestColor (hdc=0x700107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.650] CreateSolidBrush (color=0xf0f0f0) returned 0x2f1007e1
[0217.650] FillRect (hDC=0x700107fc, lprc=0xd7da38, hbr=0x2f1007e1) returned 1
[0217.650] DeleteObject (ho=0x2f1007e1) returned 1
[0217.650] RestoreDC (hdc=0x700107fc, nSavedDC=-1) returned 1
[0217.651] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.651] GetSystemMetrics (nIndex=42) returned 0
[0217.651] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0217.651] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0217.651] GetCurrentObject (hdc=0x700107fc, type=0x1) returned 0xb00017
[0217.651] GetCurrentObject (hdc=0x700107fc, type=0x2) returned 0x900010
[0217.651] GetCurrentObject (hdc=0x700107fc, type=0x7) returned 0x4a0507fe
[0217.651] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.651] SaveDC (hdc=0x700107fc) returned 2
[0217.651] GetNearestColor (hdc=0x700107fc, color=0xf0f0f0) returned 0xf0f0f0
[0217.651] CreateSolidBrush (color=0xf0f0f0) returned 0x301007e1
[0217.651] FillRect (hDC=0x700107fc, lprc=0xd7d9d8, hbr=0x301007e1) returned 1
[0217.651] DeleteObject (ho=0x301007e1) returned 1
[0217.651] RestoreDC (hdc=0x700107fc, nSavedDC=-1) returned 1
[0217.652] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.652] GetSystemMetrics (nIndex=42) returned 0
[0217.652] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0217.652] RestoreDC (hdc=0x700107fc, nSavedDC=-1) returned 1
[0217.652] GdipReleaseDC (graphics=0x6600030, hdc=0x700107fc) returned 0x0
[0217.652] IsAppThemed () returned 0x1
[0217.652] GetThemeAppProperties () returned 0x3
[0217.652] GetThemeAppProperties () returned 0x3
[0217.652] IsAppThemed () returned 0x1
[0217.652] GetThemeAppProperties () returned 0x3
[0217.652] GetThemeAppProperties () returned 0x3
[0217.652] IsThemePartDefined () returned 0x1
[0217.652] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0217.652] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.653] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0217.653] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0217.653] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0217.653] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.653] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0217.653] LocalFree (hMem=0x11ee788) returned 0x0
[0217.653] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.653] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0217.659] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.659] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0217.659] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0217.659] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0217.659] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0217.659] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.659] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0217.659] GetCurrentObject (hdc=0x700107fc, type=0x1) returned 0xb00017
[0217.659] GetCurrentObject (hdc=0x700107fc, type=0x2) returned 0x900010
[0217.659] GetCurrentObject (hdc=0x700107fc, type=0x7) returned 0x4a0507fe
[0217.659] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.659] SaveDC (hdc=0x700107fc) returned 1
[0217.660] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x900407de
[0217.660] GetClipRgn (hdc=0x700107fc, hrgn=0x900407de) returned 0
[0217.660] SelectClipRgn (hdc=0x700107fc, hrgn=0x5040807) returned 2
[0217.660] DeleteObject (ho=0x900407de) returned 1
[0217.660] DeleteObject (ho=0x5040807) returned 1
[0217.660] OffsetViewportOrgEx (in: hdc=0x700107fc, x=0, y=0, lppt=0x2da3d74 | out: lppt=0x2da3d74) returned 1
[0217.660] IsAppThemed () returned 0x1
[0217.660] GetThemeAppProperties () returned 0x3
[0217.660] GetThemeAppProperties () returned 0x3
[0217.660] DrawThemeBackground () returned 0x0
[0217.660] RestoreDC (hdc=0x700107fc, nSavedDC=-1) returned 1
[0217.660] GdipReleaseDC (graphics=0x6600030, hdc=0x700107fc) returned 0x0
[0217.660] GdipCreateRegion (region=0xd7df60) returned 0x0
[0217.660] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.660] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0217.660] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0217.661] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df78) returned 0x0
[0217.661] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0217.661] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee8d8) returned 0x0
[0217.661] LocalFree (hMem=0x11ee8d8) returned 0x0
[0217.661] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.661] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0217.661] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.661] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0217.661] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0217.661] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df90) returned 0x0
[0217.661] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0217.661] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.661] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0217.661] GetCurrentObject (hdc=0x700107fc, type=0x1) returned 0xb00017
[0217.661] GetCurrentObject (hdc=0x700107fc, type=0x2) returned 0x900010
[0217.661] GetCurrentObject (hdc=0x700107fc, type=0x7) returned 0x4a0507fe
[0217.661] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.662] SaveDC (hdc=0x700107fc) returned 1
[0217.662] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6040807
[0217.662] GetClipRgn (hdc=0x700107fc, hrgn=0x6040807) returned 0
[0217.662] SelectClipRgn (hdc=0x700107fc, hrgn=0x910407de) returned 2
[0217.662] DeleteObject (ho=0x6040807) returned 1
[0217.662] DeleteObject (ho=0x910407de) returned 1
[0217.662] OffsetViewportOrgEx (in: hdc=0x700107fc, x=0, y=0, lppt=0x2da4048 | out: lppt=0x2da4048) returned 1
[0217.662] IsAppThemed () returned 0x1
[0217.662] GetThemeAppProperties () returned 0x3
[0217.662] GetThemeAppProperties () returned 0x3
[0217.662] GetThemeBackgroundContentRect () returned 0x0
[0217.662] RestoreDC (hdc=0x700107fc, nSavedDC=-1) returned 1
[0217.662] GdipReleaseDC (graphics=0x6600030, hdc=0x700107fc) returned 0x0
[0217.662] IsAppThemed () returned 0x1
[0217.662] GetThemeAppProperties () returned 0x3
[0217.662] GetThemeAppProperties () returned 0x3
[0217.662] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0217.663] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0217.663] GetCurrentObject (hdc=0x700107fc, type=0x1) returned 0xb00017
[0217.663] GetCurrentObject (hdc=0x700107fc, type=0x2) returned 0x900010
[0217.663] GetCurrentObject (hdc=0x700107fc, type=0x7) returned 0x4a0507fe
[0217.663] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.663] SaveDC (hdc=0x700107fc) returned 1
[0217.663] GetTextAlign (hdc=0x700107fc) returned 0x0
[0217.663] GetTextColor (hdc=0x700107fc) returned 0x0
[0217.663] GetCurrentObject (hdc=0x700107fc, type=0x6) returned 0x8a01c2
[0217.663] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0217.663] SelectObject (hdc=0x700107fc, h=0x6d0a0520) returned 0x8a01c2
[0217.663] GetBkMode (hdc=0x700107fc) returned 2
[0217.663] SetBkMode (hdc=0x700107fc, mode=1) returned 2
[0217.664] DrawTextExW (in: hdc=0x700107fc, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2da43e8 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0217.664] DrawTextExW (in: hdc=0x700107fc, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2da43e8 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0217.664] RestoreDC (hdc=0x700107fc, nSavedDC=-1) returned 1
[0217.664] GdipReleaseDC (graphics=0x6600030, hdc=0x700107fc) returned 0x0
[0217.664] GetFocus () returned 0x1b02d8
[0217.664] IsAppThemed () returned 0x1
[0217.664] GetThemeAppProperties () returned 0x3
[0217.664] GetThemeAppProperties () returned 0x3
[0217.665] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0217.665] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x700107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.665] GdipReleaseDC (graphics=0x6600030, hdc=0x700107fc) returned 0x0
[0217.665] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.665] SelectObject (hdc=0x700107fc, h=0x85000f) returned 0x4a0507fe
[0217.665] DeleteDC (hdc=0x700107fc) returned 1
[0217.665] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.665] EndPaint (hWnd=0x1302c8, lpPaint=0xd7e24c) returned 1
[0217.665] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0217.666] IsWindowUnicode (hWnd=0x30122) returned 1
[0217.666] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0217.667] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.667] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.668] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0217.669] IsWindowUnicode (hWnd=0x30122) returned 1
[0217.669] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.691] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.691] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.691] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.692] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.692] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.692] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.692] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.692] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0217.692] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.693] CreateCompatibleDC (hdc=0xc0107c5) returned 0x970107f8
[0217.693] SelectObject (hdc=0x970107f8, h=0x4a0507fe) returned 0x85000f
[0217.693] GdipCreateFromHDC (hdc=0x970107f8, graphics=0xd7e268) returned 0x0
[0217.693] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.693] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0217.693] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0217.693] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0217.693] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0217.693] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.693] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0217.693] LocalFree (hMem=0x11ee788) returned 0x0
[0217.693] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0217.693] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0217.694] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0217.694] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0217.694] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0217.694] GdipRestoreGraphics (graphics=0x6600030, state=0xf9e00dbd) returned 0x0
[0217.694] GdipDeleteRegion (region=0x6646688) returned 0x0
[0217.694] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0217.694] GetCurrentObject (hdc=0x970107f8, type=0x1) returned 0xb00017
[0217.694] GetCurrentObject (hdc=0x970107f8, type=0x2) returned 0x900010
[0217.694] GetCurrentObject (hdc=0x970107f8, type=0x7) returned 0x4a0507fe
[0217.694] GetCurrentObject (hdc=0x970107f8, type=0x6) returned 0x8a01c2
[0217.694] SaveDC (hdc=0x970107f8) returned 1
[0217.694] GetNearestColor (hdc=0x970107f8, color=0xff) returned 0xff
[0217.694] GetNearestColor (hdc=0x970107f8, color=0x55) returned 0x55
[0217.695] GetNearestColor (hdc=0x970107f8, color=0x0) returned 0x0
[0217.695] GetNearestColor (hdc=0x970107f8, color=0x55) returned 0x55
[0217.695] GetNearestColor (hdc=0x970107f8, color=0x0) returned 0x0
[0217.695] GetNearestColor (hdc=0x970107f8, color=0x8080ff) returned 0x8080ff
[0217.695] GetNearestColor (hdc=0x970107f8, color=0x7373e5) returned 0x7373e5
[0217.695] GetNearestColor (hdc=0x970107f8, color=0xe5) returned 0xe5
[0217.695] GetNearestColor (hdc=0x970107f8, color=0x0) returned 0x0
[0217.695] RestoreDC (hdc=0x970107f8, nSavedDC=-1) returned 1
[0217.695] GdipReleaseDC (graphics=0x6600030, hdc=0x970107f8) returned 0x0
[0217.695] IsAppThemed () returned 0x1
[0217.695] GetThemeAppProperties () returned 0x3
[0217.695] GetThemeAppProperties () returned 0x3
[0217.695] IsAppThemed () returned 0x1
[0217.695] GetThemeAppProperties () returned 0x3
[0217.695] GetThemeAppProperties () returned 0x3
[0217.696] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2da4bb0 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0217.696] IsAppThemed () returned 0x1
[0217.696] GetThemeAppProperties () returned 0x3
[0217.696] GetThemeAppProperties () returned 0x3
[0217.696] IsAppThemed () returned 0x1
[0217.696] GetThemeAppProperties () returned 0x3
[0217.696] GetThemeAppProperties () returned 0x3
[0217.696] GetFocus () returned 0x1b02d8
[0217.696] IsAppThemed () returned 0x1
[0217.696] GetThemeAppProperties () returned 0x3
[0217.696] GetThemeAppProperties () returned 0x3
[0217.696] IsAppThemed () returned 0x1
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] IsThemePartDefined () returned 0x1
[0217.697] IsAppThemed () returned 0x1
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0217.697] IsAppThemed () returned 0x1
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] IsAppThemed () returned 0x1
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] GetThemeAppProperties () returned 0x3
[0217.697] IsThemePartDefined () returned 0x1
[0217.697] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0217.697] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.697] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0217.697] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0217.697] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0217.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0217.698] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0217.698] LocalFree (hMem=0x11eea28) returned 0x0
[0217.698] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.698] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0217.698] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.698] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0217.698] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e018) returned 0x0
[0217.698] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e008) returned 0x0
[0217.698] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0217.698] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.698] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0217.698] GetCurrentObject (hdc=0x970107f8, type=0x1) returned 0xb00017
[0217.698] GetCurrentObject (hdc=0x970107f8, type=0x2) returned 0x900010
[0217.698] GetCurrentObject (hdc=0x970107f8, type=0x7) returned 0x4a0507fe
[0217.698] GetCurrentObject (hdc=0x970107f8, type=0x6) returned 0x8a01c2
[0217.698] SaveDC (hdc=0x970107f8) returned 1
[0217.699] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x920407de
[0217.699] GetClipRgn (hdc=0x970107f8, hrgn=0x920407de) returned 0
[0217.699] SelectClipRgn (hdc=0x970107f8, hrgn=0xa040807) returned 2
[0217.699] DeleteObject (ho=0x920407de) returned 1
[0217.699] DeleteObject (ho=0xa040807) returned 1
[0217.699] OffsetViewportOrgEx (in: hdc=0x970107f8, x=0, y=0, lppt=0x2da5260 | out: lppt=0x2da5260) returned 1
[0217.699] DrawThemeParentBackground () returned 0x0
[0217.699] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0217.699] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0217.699] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.699] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.699] GetSystemMetrics (nIndex=42) returned 0
[0217.699] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.699] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0217.700] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0217.700] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0217.700] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0217.700] SelectPalette (hdc=0x970107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.700] GdipCreateFromHDC (hdc=0x970107f8, graphics=0xd7dac8) returned 0x0
[0217.708] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0217.708] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0217.708] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638d28) returned 0x0
[0217.708] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7daa0) returned 0x0
[0217.708] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0217.708] GdipCreateRegion (region=0xd7da88) returned 0x0
[0217.708] GdipGetClip (graphics=0x666a708, region=0x66464d8) returned 0x0
[0217.708] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x666a708, result=0xd7da94) returned 0x0
[0217.708] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0217.708] GdipSaveGraphics (graphics=0x666a708, state=0xd7dac0) returned 0x0
[0217.708] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0217.714] GdipFillRectangleI (graphics=0x666a708, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0217.715] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0217.743] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0217.744] SelectPalette (hdc=0x970107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.744] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.744] GetSystemMetrics (nIndex=42) returned 0
[0217.744] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0217.744] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0217.744] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0217.744] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0217.744] SelectPalette (hdc=0x970107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.744] GdipCreateFromHDC (hdc=0x970107f8, graphics=0xd7da68) returned 0x0
[0217.744] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0217.745] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0217.745] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638b18) returned 0x0
[0217.745] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7da40) returned 0x0
[0217.745] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0217.745] GdipCreateRegion (region=0xd7da28) returned 0x0
[0217.745] GdipGetClip (graphics=0x666a708, region=0x6646f88) returned 0x0
[0217.745] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x666a708, result=0xd7da34) returned 0x0
[0217.745] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.745] GdipSaveGraphics (graphics=0x666a708, state=0xd7da60) returned 0x0
[0217.745] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0217.756] GdipFillRectangleI (graphics=0x666a708, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0217.756] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0217.758] GdipRestoreGraphics (graphics=0x666a708, state=0xf9dc0dbd) returned 0x0
[0217.758] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.758] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.758] GetSystemMetrics (nIndex=42) returned 0
[0217.758] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.758] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0217.758] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0217.758] SelectPalette (hdc=0x970107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.758] RestoreDC (hdc=0x970107f8, nSavedDC=-1) returned 1
[0217.758] GdipReleaseDC (graphics=0x6600030, hdc=0x970107f8) returned 0x0
[0217.758] IsAppThemed () returned 0x1
[0217.759] GetThemeAppProperties () returned 0x3
[0217.759] GetThemeAppProperties () returned 0x3
[0217.759] IsAppThemed () returned 0x1
[0217.759] GetThemeAppProperties () returned 0x3
[0217.759] GetThemeAppProperties () returned 0x3
[0217.759] IsThemePartDefined () returned 0x1
[0217.759] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0217.759] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.759] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0217.759] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0217.759] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0217.759] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0217.759] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea60) returned 0x0
[0217.759] LocalFree (hMem=0x11eea60) returned 0x0
[0217.759] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.759] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0217.759] LocalFree (hMem=0x11ee788) returned 0x0
[0217.759] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0217.760] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0217.760] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0217.760] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0217.760] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.760] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0217.760] GetCurrentObject (hdc=0x970107f8, type=0x1) returned 0xb00017
[0217.760] GetCurrentObject (hdc=0x970107f8, type=0x2) returned 0x900010
[0217.760] GetCurrentObject (hdc=0x970107f8, type=0x7) returned 0x4a0507fe
[0217.760] GetCurrentObject (hdc=0x970107f8, type=0x6) returned 0x8a01c2
[0217.760] SaveDC (hdc=0x970107f8) returned 1
[0217.760] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb040807
[0217.760] GetClipRgn (hdc=0x970107f8, hrgn=0xb040807) returned 0
[0217.760] SelectClipRgn (hdc=0x970107f8, hrgn=0x940407de) returned 2
[0217.760] DeleteObject (ho=0xb040807) returned 1
[0217.760] DeleteObject (ho=0x940407de) returned 1
[0217.760] OffsetViewportOrgEx (in: hdc=0x970107f8, x=0, y=0, lppt=0x2dabab0 | out: lppt=0x2dabab0) returned 1
[0217.761] IsAppThemed () returned 0x1
[0217.761] GetThemeAppProperties () returned 0x3
[0217.761] GetThemeAppProperties () returned 0x3
[0217.761] DrawThemeBackground () returned 0x0
[0217.761] RestoreDC (hdc=0x970107f8, nSavedDC=-1) returned 1
[0217.761] GdipReleaseDC (graphics=0x6600030, hdc=0x970107f8) returned 0x0
[0217.761] GdipCreateRegion (region=0xd7df60) returned 0x0
[0217.761] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.761] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0217.761] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0217.761] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0217.761] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0217.761] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.761] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0217.761] LocalFree (hMem=0x11ee788) returned 0x0
[0217.761] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0217.761] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0217.762] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df90) returned 0x0
[0217.762] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0217.762] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.762] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0217.762] GetCurrentObject (hdc=0x970107f8, type=0x1) returned 0xb00017
[0217.762] GetCurrentObject (hdc=0x970107f8, type=0x2) returned 0x900010
[0217.762] GetCurrentObject (hdc=0x970107f8, type=0x7) returned 0x4a0507fe
[0217.762] GetCurrentObject (hdc=0x970107f8, type=0x6) returned 0x8a01c2
[0217.762] SaveDC (hdc=0x970107f8) returned 1
[0217.762] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x950407de
[0217.762] GetClipRgn (hdc=0x970107f8, hrgn=0x950407de) returned 0
[0217.762] SelectClipRgn (hdc=0x970107f8, hrgn=0xc040807) returned 2
[0217.762] DeleteObject (ho=0x950407de) returned 1
[0217.762] DeleteObject (ho=0xc040807) returned 1
[0217.768] OffsetViewportOrgEx (in: hdc=0x970107f8, x=0, y=0, lppt=0x2dabd84 | out: lppt=0x2dabd84) returned 1
[0217.768] IsAppThemed () returned 0x1
[0217.768] GetThemeAppProperties () returned 0x3
[0217.768] GetThemeAppProperties () returned 0x3
[0217.768] GetThemeBackgroundContentRect () returned 0x0
[0217.768] RestoreDC (hdc=0x970107f8, nSavedDC=-1) returned 1
[0217.768] GdipReleaseDC (graphics=0x6600030, hdc=0x970107f8) returned 0x0
[0217.768] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0217.769] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0217.769] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0217.769] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0217.769] IsAppThemed () returned 0x1
[0217.769] GetThemeAppProperties () returned 0x3
[0217.769] GetThemeAppProperties () returned 0x3
[0217.769] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0217.769] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0217.769] GetCurrentObject (hdc=0x970107f8, type=0x1) returned 0xb00017
[0217.769] GetCurrentObject (hdc=0x970107f8, type=0x2) returned 0x900010
[0217.769] GetCurrentObject (hdc=0x970107f8, type=0x7) returned 0x4a0507fe
[0217.769] GetCurrentObject (hdc=0x970107f8, type=0x6) returned 0x8a01c2
[0217.769] SaveDC (hdc=0x970107f8) returned 1
[0217.769] GetTextAlign (hdc=0x970107f8) returned 0x0
[0217.769] GetTextColor (hdc=0x970107f8) returned 0x0
[0217.769] GetCurrentObject (hdc=0x970107f8, type=0x6) returned 0x8a01c2
[0217.770] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0217.770] SelectObject (hdc=0x970107f8, h=0x6d0a0520) returned 0x8a01c2
[0217.770] GetBkMode (hdc=0x970107f8) returned 2
[0217.770] SetBkMode (hdc=0x970107f8, mode=1) returned 2
[0217.770] DrawTextExW (in: hdc=0x970107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dac148 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0217.770] DrawTextExW (in: hdc=0x970107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dac148 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0217.771] RestoreDC (hdc=0x970107f8, nSavedDC=-1) returned 1
[0217.771] GdipReleaseDC (graphics=0x6600030, hdc=0x970107f8) returned 0x0
[0217.771] GetFocus () returned 0x1b02d8
[0217.771] IsAppThemed () returned 0x1
[0217.771] GetThemeAppProperties () returned 0x3
[0217.771] GetThemeAppProperties () returned 0x3
[0217.771] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0217.771] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x970107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.771] GdipReleaseDC (graphics=0x6600030, hdc=0x970107f8) returned 0x0
[0217.771] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.771] SelectObject (hdc=0x970107f8, h=0x85000f) returned 0x4a0507fe
[0217.772] DeleteDC (hdc=0x970107f8) returned 1
[0217.772] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.772] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0217.772] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.772] IsWindowUnicode (hWnd=0xe02d0) returned 1
[0217.772] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.773] GetDlgItem (hDlg=0xf02ce, nIDDlgItem=0) returned 0x0
[0217.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x210, wParam=0x201, lParam=0x65011d) returned 0x0
[0217.773] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x21, wParam=0xf02ce, lParam=0x2010001) returned 0x1
[0217.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x21, wParam=0xf02ce, lParam=0x2010001) returned 0x1
[0217.773] SetCursor (hCursor=0x10003) returned 0x10003
[0217.773] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.773] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.773] GetKeyState (nVirtKey=1) returned -127
[0217.773] GetKeyState (nVirtKey=2) returned 0
[0217.773] GetKeyState (nVirtKey=4) returned 0
[0217.773] GetKeyState (nVirtKey=5) returned 0
[0217.773] GetKeyState (nVirtKey=6) returned 0
[0217.773] IsWindowVisible (hWnd=0xe02d0) returned 1
[0217.773] IsWindowEnabled (hWnd=0xe02d0) returned 1
[0217.773] SetFocus (hWnd=0xe02d0) returned 0x1b02d8
[0217.774] GetFocus () returned 0xe02d0
[0217.774] IsChild (hWndParent=0xf02ce, hWnd=0xe02d0) returned 1
[0217.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x8, wParam=0xe02d0, lParam=0x0) returned 0x0
[0217.774] GetCapture () returned 0x0
[0217.774] InvalidateRect (hWnd=0x1b02d8, lpRect=0x0, bErase=0) returned 1
[0217.775] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0217.777] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0217.779] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.780] InvalidateRect (hWnd=0x1b02d8, lpRect=0x0, bErase=0) returned 1
[0217.780] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.780] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x7, wParam=0x1b02d8, lParam=0x0) returned 0x0
[0217.780] GetStockObject (i=5) returned 0x900015
[0217.780] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0217.780] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0217.780] GetDlgItem (hDlg=0xf02ce, nIDDlgItem=918224) returned 0xe02d0
[0217.780] SendMessageW (hWnd=0xe02d0, Msg=0x202b, wParam=0xe02d0, lParam=0xd7dddc) returned 0x0
[0217.780] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x202b, wParam=0xe02d0, lParam=0xd7dddc) returned 0x0
[0217.780] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.783] GetFocus () returned 0xe02d0
[0217.783] GetFocus () returned 0xe02d0
[0217.783] GetFocus () returned 0xe02d0
[0217.783] GetKeyState (nVirtKey=1) returned -127
[0217.783] GetKeyState (nVirtKey=2) returned 0
[0217.783] GetKeyState (nVirtKey=4) returned 0
[0217.783] GetKeyState (nVirtKey=5) returned 0
[0217.783] GetKeyState (nVirtKey=6) returned 0
[0217.783] GetCapture () returned 0x0
[0217.783] SetCapture (hWnd=0xe02d0) returned 0x0
[0217.783] GetKeyState (nVirtKey=1) returned -127
[0217.783] GetKeyState (nVirtKey=2) returned 0
[0217.784] GetKeyState (nVirtKey=4) returned 0
[0217.784] GetKeyState (nVirtKey=5) returned 0
[0217.784] GetKeyState (nVirtKey=6) returned 0
[0217.784] NotifyWinEvent (event=0x800a, hwnd=0xe02d0, idObject=-4, idChild=0)
[0217.784] InvalidateRect (hWnd=0xe02d0, lpRect=0xd7e430, bErase=0) returned 1
[0217.784] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.784] IsWindowUnicode (hWnd=0xe02d0) returned 1
[0217.784] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.784] TranslateMessage (lpMsg=0xd7e808) returned 0
[0217.784] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0217.784] MapWindowPoints (in: hWndFrom=0xe02d0, hWndTo=0x0, lpPoints=0x2dac338, cPoints=0x1 | out: lpPoints=0x2dac338) returned 30999254
[0217.784] NotifyWinEvent (event=0x800a, hwnd=0xe02d0, idObject=-4, idChild=0)
[0217.784] InvalidateRect (hWnd=0xe02d0, lpRect=0xd7e3d0, bErase=0) returned 1
[0217.784] UpdateWindow (hWnd=0xe02d0) returned 1
[0217.784] BeginPaint (in: hWnd=0xe02d0, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0217.785] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.785] CreateCompatibleDC (hdc=0x107b9) returned 0x980107f8
[0217.785] SelectObject (hdc=0x980107f8, h=0x4a0507fe) returned 0x85000f
[0217.785] GdipCreateFromHDC (hdc=0x980107f8, graphics=0xd7df00) returned 0x0
[0217.785] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.785] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0217.785] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0217.785] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0217.785] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df60) returned 0x0
[0217.785] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.786] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0217.786] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.787] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0217.787] GdipCreateRegion (region=0xd7df48) returned 0x0
[0217.787] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0217.787] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0217.787] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0217.787] GdipRestoreGraphics (graphics=0x6600030, state=0xf9da0dbd) returned 0x0
[0217.787] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0217.787] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0217.787] GetCurrentObject (hdc=0x980107f8, type=0x1) returned 0xb00017
[0217.787] GetCurrentObject (hdc=0x980107f8, type=0x2) returned 0x900010
[0217.787] GetCurrentObject (hdc=0x980107f8, type=0x7) returned 0x4a0507fe
[0217.787] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.787] SaveDC (hdc=0x980107f8) returned 1
[0217.787] GetNearestColor (hdc=0x980107f8, color=0xf0f0f0) returned 0xf0f0f0
[0217.788] GetNearestColor (hdc=0x980107f8, color=0xa0a0a0) returned 0xa0a0a0
[0217.788] GetNearestColor (hdc=0x980107f8, color=0x696969) returned 0x696969
[0217.788] GetNearestColor (hdc=0x980107f8, color=0xa0a0a0) returned 0xa0a0a0
[0217.788] GetNearestColor (hdc=0x980107f8, color=0x0) returned 0x0
[0217.788] GetNearestColor (hdc=0x980107f8, color=0xffffff) returned 0xffffff
[0217.788] GetNearestColor (hdc=0x980107f8, color=0xe5e5e5) returned 0xe5e5e5
[0217.788] GetNearestColor (hdc=0x980107f8, color=0xd7d7d7) returned 0xd7d7d7
[0217.788] GetNearestColor (hdc=0x980107f8, color=0x0) returned 0x0
[0217.788] RestoreDC (hdc=0x980107f8, nSavedDC=-1) returned 1
[0217.788] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f8) returned 0x0
[0217.788] IsAppThemed () returned 0x1
[0217.788] GetThemeAppProperties () returned 0x3
[0217.788] GetThemeAppProperties () returned 0x3
[0217.789] IsAppThemed () returned 0x1
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2daca90 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0217.789] IsAppThemed () returned 0x1
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] IsAppThemed () returned 0x1
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] IsAppThemed () returned 0x1
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] GetThemeAppProperties () returned 0x3
[0217.789] IsAppThemed () returned 0x1
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] IsThemePartDefined () returned 0x1
[0217.790] IsAppThemed () returned 0x1
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0217.790] IsAppThemed () returned 0x1
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] IsAppThemed () returned 0x1
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] GetThemeAppProperties () returned 0x3
[0217.790] IsThemePartDefined () returned 0x1
[0217.790] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0217.790] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0217.790] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0217.790] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0217.790] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc7c) returned 0x0
[0217.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.790] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0217.791] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.791] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.791] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0217.791] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.791] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0217.791] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0217.791] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0217.791] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0217.791] GdipDeleteRegion (region=0x6646688) returned 0x0
[0217.791] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0217.791] GetCurrentObject (hdc=0x980107f8, type=0x1) returned 0xb00017
[0217.791] GetCurrentObject (hdc=0x980107f8, type=0x2) returned 0x900010
[0217.791] GetCurrentObject (hdc=0x980107f8, type=0x7) returned 0x4a0507fe
[0217.791] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.791] SaveDC (hdc=0x980107f8) returned 1
[0217.791] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd040807
[0217.792] GetClipRgn (hdc=0x980107f8, hrgn=0xd040807) returned 0
[0217.792] SelectClipRgn (hdc=0x980107f8, hrgn=0x990407de) returned 2
[0217.792] DeleteObject (ho=0xd040807) returned 1
[0217.792] DeleteObject (ho=0x990407de) returned 1
[0217.792] OffsetViewportOrgEx (in: hdc=0x980107f8, x=0, y=0, lppt=0x2dad140 | out: lppt=0x2dad140) returned 1
[0217.792] DrawThemeParentBackground () returned 0x0
[0217.792] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0217.792] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0217.792] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.792] GetSystemMetrics (nIndex=42) returned 0
[0217.792] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0217.792] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0217.793] GetCurrentObject (hdc=0x980107f8, type=0x1) returned 0xb00017
[0217.793] GetCurrentObject (hdc=0x980107f8, type=0x2) returned 0x900010
[0217.793] GetCurrentObject (hdc=0x980107f8, type=0x7) returned 0x4a0507fe
[0217.793] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.793] SaveDC (hdc=0x980107f8) returned 2
[0217.793] GetNearestColor (hdc=0x980107f8, color=0xf0f0f0) returned 0xf0f0f0
[0217.793] CreateSolidBrush (color=0xf0f0f0) returned 0x311007e1
[0217.793] FillRect (hDC=0x980107f8, lprc=0xd7d6c8, hbr=0x311007e1) returned 1
[0217.793] DeleteObject (ho=0x311007e1) returned 1
[0217.793] RestoreDC (hdc=0x980107f8, nSavedDC=-1) returned 1
[0217.793] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.793] GetSystemMetrics (nIndex=42) returned 0
[0217.793] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0217.794] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0217.794] GetCurrentObject (hdc=0x980107f8, type=0x1) returned 0xb00017
[0217.794] GetCurrentObject (hdc=0x980107f8, type=0x2) returned 0x900010
[0217.800] GetCurrentObject (hdc=0x980107f8, type=0x7) returned 0x4a0507fe
[0217.800] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.800] SaveDC (hdc=0x980107f8) returned 2
[0217.800] GetNearestColor (hdc=0x980107f8, color=0xf0f0f0) returned 0xf0f0f0
[0217.800] CreateSolidBrush (color=0xf0f0f0) returned 0x321007e1
[0217.800] FillRect (hDC=0x980107f8, lprc=0xd7d668, hbr=0x321007e1) returned 1
[0217.800] DeleteObject (ho=0x321007e1) returned 1
[0217.800] RestoreDC (hdc=0x980107f8, nSavedDC=-1) returned 1
[0217.800] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.800] GetSystemMetrics (nIndex=42) returned 0
[0217.801] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0217.801] RestoreDC (hdc=0x980107f8, nSavedDC=-1) returned 1
[0217.801] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f8) returned 0x0
[0217.801] IsAppThemed () returned 0x1
[0217.801] GetThemeAppProperties () returned 0x3
[0217.801] GetThemeAppProperties () returned 0x3
[0217.801] IsAppThemed () returned 0x1
[0217.801] GetThemeAppProperties () returned 0x3
[0217.801] GetThemeAppProperties () returned 0x3
[0217.801] IsThemePartDefined () returned 0x1
[0217.801] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0217.801] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.801] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0217.801] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0217.801] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0217.802] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.802] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0217.802] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.802] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0217.802] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0217.802] LocalFree (hMem=0x11ee868) returned 0x0
[0217.802] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0217.802] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0217.802] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0217.802] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0217.802] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.802] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0217.802] GetCurrentObject (hdc=0x980107f8, type=0x1) returned 0xb00017
[0217.802] GetCurrentObject (hdc=0x980107f8, type=0x2) returned 0x900010
[0217.802] GetCurrentObject (hdc=0x980107f8, type=0x7) returned 0x4a0507fe
[0217.802] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.802] SaveDC (hdc=0x980107f8) returned 1
[0217.803] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a0407de
[0217.803] GetClipRgn (hdc=0x980107f8, hrgn=0x9a0407de) returned 0
[0217.803] SelectClipRgn (hdc=0x980107f8, hrgn=0xf040807) returned 2
[0217.803] DeleteObject (ho=0x9a0407de) returned 1
[0217.803] DeleteObject (ho=0xf040807) returned 1
[0217.803] OffsetViewportOrgEx (in: hdc=0x980107f8, x=0, y=0, lppt=0x2dadac4 | out: lppt=0x2dadac4) returned 1
[0217.803] IsAppThemed () returned 0x1
[0217.803] GetThemeAppProperties () returned 0x3
[0217.803] GetThemeAppProperties () returned 0x3
[0217.803] DrawThemeBackground () returned 0x0
[0217.803] RestoreDC (hdc=0x980107f8, nSavedDC=-1) returned 1
[0217.803] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f8) returned 0x0
[0217.803] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0217.803] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0217.803] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0217.803] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0217.804] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dc04) returned 0x0
[0217.804] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.804] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0217.804] LocalFree (hMem=0x11ee788) returned 0x0
[0217.804] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.804] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eecc8) returned 0x0
[0217.804] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.804] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0217.804] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0217.804] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0217.804] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0217.804] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.804] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0217.804] GetCurrentObject (hdc=0x980107f8, type=0x1) returned 0xb00017
[0217.804] GetCurrentObject (hdc=0x980107f8, type=0x2) returned 0x900010
[0217.804] GetCurrentObject (hdc=0x980107f8, type=0x7) returned 0x4a0507fe
[0217.804] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.805] SaveDC (hdc=0x980107f8) returned 1
[0217.805] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x10040807
[0217.805] GetClipRgn (hdc=0x980107f8, hrgn=0x10040807) returned 0
[0217.805] SelectClipRgn (hdc=0x980107f8, hrgn=0x9b0407de) returned 2
[0217.805] DeleteObject (ho=0x10040807) returned 1
[0217.805] DeleteObject (ho=0x9b0407de) returned 1
[0217.805] OffsetViewportOrgEx (in: hdc=0x980107f8, x=0, y=0, lppt=0x2dadd98 | out: lppt=0x2dadd98) returned 1
[0217.805] IsAppThemed () returned 0x1
[0217.805] GetThemeAppProperties () returned 0x3
[0217.805] GetThemeAppProperties () returned 0x3
[0217.805] GetThemeBackgroundContentRect () returned 0x0
[0217.805] RestoreDC (hdc=0x980107f8, nSavedDC=-1) returned 1
[0217.805] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f8) returned 0x0
[0217.805] IsAppThemed () returned 0x1
[0217.805] GetThemeAppProperties () returned 0x3
[0217.805] GetThemeAppProperties () returned 0x3
[0217.805] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0217.806] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0217.806] GetCurrentObject (hdc=0x980107f8, type=0x1) returned 0xb00017
[0217.806] GetCurrentObject (hdc=0x980107f8, type=0x2) returned 0x900010
[0217.806] GetCurrentObject (hdc=0x980107f8, type=0x7) returned 0x4a0507fe
[0217.806] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.806] SaveDC (hdc=0x980107f8) returned 1
[0217.806] GetTextAlign (hdc=0x980107f8) returned 0x0
[0217.806] GetTextColor (hdc=0x980107f8) returned 0x0
[0217.806] GetCurrentObject (hdc=0x980107f8, type=0x6) returned 0x8a01c2
[0217.806] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0217.806] SelectObject (hdc=0x980107f8, h=0x6d0a0520) returned 0x8a01c2
[0217.806] GetBkMode (hdc=0x980107f8) returned 2
[0217.806] SetBkMode (hdc=0x980107f8, mode=1) returned 2
[0217.806] DrawTextExW (in: hdc=0x980107f8, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dae138 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0217.807] DrawTextExW (in: hdc=0x980107f8, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dae138 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0217.807] RestoreDC (hdc=0x980107f8, nSavedDC=-1) returned 1
[0217.807] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f8) returned 0x0
[0217.807] GetFocus () returned 0xe02d0
[0217.807] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0217.807] SendMessageW (hWnd=0xf02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0217.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0217.808] IsAppThemed () returned 0x1
[0217.808] GetThemeAppProperties () returned 0x3
[0217.808] GetThemeAppProperties () returned 0x3
[0217.808] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0217.808] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x980107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.808] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f8) returned 0x0
[0217.808] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.808] SelectObject (hdc=0x980107f8, h=0x85000f) returned 0x4a0507fe
[0217.808] DeleteDC (hdc=0x980107f8) returned 1
[0217.808] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.808] EndPaint (hWnd=0xe02d0, lpPaint=0xd7dee4) returned 1
[0217.809] MapWindowPoints (in: hWndFrom=0xe02d0, hWndTo=0x0, lpPoints=0x2dae234, cPoints=0x1 | out: lpPoints=0x2dae234) returned 30999254
[0217.809] WindowFromPoint (Point=0x312) returned 0xe02d0
[0217.809] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.809] NotifyWinEvent (event=0x800a, hwnd=0xe02d0, idObject=-4, idChild=0)
[0217.846] NotifyWinEvent (event=0x800c, hwnd=0xe02d0, idObject=-4, idChild=0)
[0217.846] GetCapture () returned 0xe02d0
[0217.846] ReleaseCapture () returned 1
[0217.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0217.846] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0217.847] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.847] IsWindow (hWnd=0x7005c) returned 1
[0217.847] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0217.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0217.848] IsWindow (hWnd=0xf02ce) returned 1
[0217.848] SetActiveWindow (hWnd=0xf02ce) returned 0xf02ce
[0217.848] IsWindow (hWnd=0xf02ce) returned 1
[0217.848] SetFocus (hWnd=0xf02ce) returned 0xe02d0
[0217.849] GetFocus () returned 0xf02ce
[0217.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x8, wParam=0xf02ce, lParam=0x0) returned 0x0
[0217.849] GetCapture () returned 0x0
[0217.849] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0217.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0217.853] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.853] GetFocus () returned 0xf02ce
[0217.853] SetFocus (hWnd=0xe02d0) returned 0xf02ce
[0217.854] GetFocus () returned 0xe02d0
[0217.854] IsChild (hWndParent=0xf02ce, hWnd=0xe02d0) returned 1
[0217.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x8, wParam=0xe02d0, lParam=0x0) returned 0x0
[0217.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0217.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0217.861] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x7, wParam=0xf02ce, lParam=0x0) returned 0x0
[0217.861] GetStockObject (i=5) returned 0x900015
[0217.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0217.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0217.862] GetDlgItem (hDlg=0xf02ce, nIDDlgItem=918224) returned 0xe02d0
[0217.862] SendMessageW (hWnd=0xe02d0, Msg=0x202b, wParam=0xe02d0, lParam=0xd7ddcc) returned 0x0
[0217.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x202b, wParam=0xe02d0, lParam=0xd7ddcc) returned 0x0
[0217.862] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.865] GetWindowLongW (hWnd=0xf02ce, nIndex=-8) returned 458844
[0217.865] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0217.865] GetCurrentThreadId () returned 0xf50
[0217.865] IsWindow (hWnd=0x7005c) returned 1
[0217.865] IsWindow (hWnd=0x7005c) returned 1
[0217.865] IsWindowVisible (hWnd=0x7005c) returned 1
[0217.865] SetActiveWindow (hWnd=0x7005c) returned 0xf02ce
[0217.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0217.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0217.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0217.869] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0217.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0217.869] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0217.869] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0217.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0xf02ce) returned 0x1
[0217.875] GetFocus () returned 0xe02d0
[0217.875] SetFocus (hWnd=0x602c4) returned 0xe02d0
[0217.876] GetFocus () returned 0x602c4
[0217.876] IsChild (hWndParent=0xf02ce, hWnd=0x602c4) returned 0
[0217.876] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0217.876] GetCapture () returned 0x0
[0217.876] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.877] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0217.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0217.880] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0217.880] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0217.881] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0217.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0xe02d0, lParam=0x0) returned 0x0
[0217.881] GetStockObject (i=5) returned 0x900015
[0217.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0217.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed968) returned 0xc
[0217.881] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0217.881] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0217.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0217.881] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0217.886] GetFocus () returned 0x602c4
[0217.886] IsChild (hWndParent=0xf02ce, hWnd=0x602c4) returned 0
[0217.886] ShowWindow (hWnd=0xf02ce, nCmdShow=0) returned 1
[0217.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0217.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0217.898] GetWindowPlacement (in: hWnd=0xf02ce, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0217.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0217.898] GetClientRect (in: hWnd=0xf02ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0217.898] GetWindowRect (in: hWnd=0xf02ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0217.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0217.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0217.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0217.899] GetWindowLongW (hWnd=0xf02ce, nIndex=-20) returned 327945
[0217.899] DestroyWindow (hWnd=0xf02ce) returned 1
[0217.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0217.900] GetWindowTextLengthW (hWnd=0xf02ce) returned 24
[0217.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0217.901] GetSystemMetrics (nIndex=42) returned 0
[0217.901] GetWindowTextW (in: hWnd=0xf02ce, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0217.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0217.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0217.901] GetWindowTextLengthW (hWnd=0x1902da) returned 0
[0217.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0217.901] GetSystemMetrics (nIndex=42) returned 0
[0217.901] GetWindowTextW (in: hWnd=0x1902da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0217.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0217.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0217.901] GetWindowThreadProcessId (in: hWnd=0x1c00ea, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0217.901] GetWindow (hWnd=0x1c00ea, uCmd=0x5) returned 0x0
[0217.901] GetWindowLongW (hWnd=0x1c00ea, nIndex=-20) returned 65792
[0217.901] DestroyWindow (hWnd=0x1c00ea) returned 1
[0217.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0217.902] GetWindowTextLengthW (hWnd=0x1c00ea) returned 25
[0217.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0217.902] GetSystemMetrics (nIndex=42) returned 0
[0217.902] GetWindowTextW (in: hWnd=0x1c00ea, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0217.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0217.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0217.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.918] GetWindowTextLengthW (hWnd=0x1902dc) returned 232
[0217.918] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0217.918] GetSystemMetrics (nIndex=42) returned 0
[0217.918] GetWindowTextW (in: hWnd=0x1902dc, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0217.918] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0217.918] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0217.918] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0217.918] InvalidateRect (hWnd=0xe02d0, lpRect=0x0, bErase=0) returned 1
[0217.918] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0217.919] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0217.919] SendMessageW (hWnd=0x1902de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0217.919] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0217.919] SendMessageW (hWnd=0x1902de, Msg=0xb0, wParam=0x2d79dc0, lParam=0xd7e480) returned 0x0
[0217.919] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0xb0, wParam=0x2d79dc0, lParam=0xd7e480) returned 0x0
[0217.919] GetWindowTextLengthW (hWnd=0x1902de) returned 4363
[0217.919] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0217.920] GetSystemMetrics (nIndex=42) returned 0
[0217.920] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0217.920] GetWindowTextW (in: hWnd=0x1902de, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0217.920] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0217.920] CoTaskMemFree (pv=0x1209508)
[0217.920] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0217.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.922] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.923] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.924] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0xe02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.925] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.927] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1902de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0217.931] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.931] IsWindowUnicode (hWnd=0x30122) returned 1
[0217.931] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.931] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.931] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.931] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.931] IsWindowUnicode (hWnd=0x7005c) returned 1
[0217.931] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.932] SetCursor (hCursor=0x10003) returned 0x10003
[0217.932] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.932] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.932] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0217.932] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0217.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0217.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b0254) returned 0x0
[0217.933] GetKeyState (nVirtKey=1) returned 1
[0217.933] GetKeyState (nVirtKey=2) returned 0
[0217.933] GetKeyState (nVirtKey=4) returned 0
[0217.933] GetKeyState (nVirtKey=5) returned 0
[0217.933] GetKeyState (nVirtKey=6) returned 0
[0217.933] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.933] IsWindowUnicode (hWnd=0x7005c) returned 1
[0217.933] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.933] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.933] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.934] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.934] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.934] IsWindowUnicode (hWnd=0x7005c) returned 1
[0217.934] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.934] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00312) returned 0x1
[0217.934] SetCursor (hCursor=0x10003) returned 0x10003
[0217.940] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.940] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b0254) returned 0x0
[0217.940] GetKeyState (nVirtKey=1) returned 1
[0217.940] GetKeyState (nVirtKey=2) returned 0
[0217.940] GetKeyState (nVirtKey=4) returned 0
[0217.940] GetKeyState (nVirtKey=5) returned 0
[0217.940] GetKeyState (nVirtKey=6) returned 0
[0217.940] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.940] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.940] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.940] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.941] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.941] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.941] IsWindowUnicode (hWnd=0x602c4) returned 1
[0217.942] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0217.942] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0217.942] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0217.942] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0217.942] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.942] CreateCompatibleDC (hdc=0xf0105ee) returned 0xcd0106b6
[0217.942] SelectObject (hdc=0xcd0106b6, h=0x4a0507fe) returned 0x85000f
[0217.942] GdipCreateFromHDC (hdc=0xcd0106b6, graphics=0xd7e798) returned 0x0
[0217.942] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0217.942] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0217.942] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0217.943] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0217.943] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e7f8) returned 0x0
[0217.943] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.943] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0217.943] LocalFree (hMem=0x11ee788) returned 0x0
[0217.943] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0217.943] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0217.943] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0217.943] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0217.943] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0217.943] GdipRestoreGraphics (graphics=0x6600030, state=0xf9d80dbd) returned 0x0
[0217.943] GdipDeleteRegion (region=0x6646718) returned 0x0
[0217.943] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0217.943] GetCurrentObject (hdc=0xcd0106b6, type=0x1) returned 0xb00017
[0217.943] GetCurrentObject (hdc=0xcd0106b6, type=0x2) returned 0x900010
[0217.943] GetCurrentObject (hdc=0xcd0106b6, type=0x7) returned 0x4a0507fe
[0217.944] GetCurrentObject (hdc=0xcd0106b6, type=0x6) returned 0x8a01c2
[0217.944] SaveDC (hdc=0xcd0106b6) returned 1
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0xff) returned 0xff
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0x55) returned 0x55
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0x0) returned 0x0
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0x55) returned 0x55
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0x0) returned 0x0
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0x8080ff) returned 0x8080ff
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0x7373e5) returned 0x7373e5
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0xe5) returned 0xe5
[0217.944] GetNearestColor (hdc=0xcd0106b6, color=0x0) returned 0x0
[0217.944] RestoreDC (hdc=0xcd0106b6, nSavedDC=-1) returned 1
[0217.945] GdipReleaseDC (graphics=0x6600030, hdc=0xcd0106b6) returned 0x0
[0217.945] IsAppThemed () returned 0x1
[0217.945] GetThemeAppProperties () returned 0x3
[0217.945] GetThemeAppProperties () returned 0x3
[0217.945] IsAppThemed () returned 0x1
[0217.945] GetThemeAppProperties () returned 0x3
[0217.945] GetThemeAppProperties () returned 0x3
[0217.945] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2db5fe8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0217.945] IsAppThemed () returned 0x1
[0217.945] GetThemeAppProperties () returned 0x3
[0217.945] GetThemeAppProperties () returned 0x3
[0217.945] IsAppThemed () returned 0x1
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] GetFocus () returned 0x602c4
[0217.946] IsAppThemed () returned 0x1
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] IsAppThemed () returned 0x1
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] IsThemePartDefined () returned 0x1
[0217.946] IsAppThemed () returned 0x1
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0217.946] IsAppThemed () returned 0x1
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] IsAppThemed () returned 0x1
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] GetThemeAppProperties () returned 0x3
[0217.946] IsThemePartDefined () returned 0x1
[0217.946] GdipCreateRegion (region=0xd7e508) returned 0x0
[0217.947] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0217.947] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0217.947] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0217.947] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e520) returned 0x0
[0217.947] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.947] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0217.947] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.947] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0217.947] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea98) returned 0x0
[0217.947] LocalFree (hMem=0x11eea98) returned 0x0
[0217.947] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0217.947] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e548) returned 0x0
[0217.947] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e538) returned 0x0
[0217.947] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0217.947] GdipDeleteRegion (region=0x6646718) returned 0x0
[0217.947] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0217.948] GetCurrentObject (hdc=0xcd0106b6, type=0x1) returned 0xb00017
[0217.948] GetCurrentObject (hdc=0xcd0106b6, type=0x2) returned 0x900010
[0217.948] GetCurrentObject (hdc=0xcd0106b6, type=0x7) returned 0x4a0507fe
[0217.948] GetCurrentObject (hdc=0xcd0106b6, type=0x6) returned 0x8a01c2
[0217.948] SaveDC (hdc=0xcd0106b6) returned 1
[0217.948] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9c0407de
[0217.948] GetClipRgn (hdc=0xcd0106b6, hrgn=0x9c0407de) returned 0
[0217.948] SelectClipRgn (hdc=0xcd0106b6, hrgn=0x14040807) returned 2
[0217.948] DeleteObject (ho=0x9c0407de) returned 1
[0217.948] DeleteObject (ho=0x14040807) returned 1
[0217.948] OffsetViewportOrgEx (in: hdc=0xcd0106b6, x=0, y=0, lppt=0x2db6698 | out: lppt=0x2db6698) returned 1
[0217.948] DrawThemeParentBackground () returned 0x0
[0217.948] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0217.949] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0217.949] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.949] GetSystemMetrics (nIndex=42) returned 0
[0217.949] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0217.949] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0217.949] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0217.949] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0217.949] SelectPalette (hdc=0xcd0106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.950] GdipCreateFromHDC (hdc=0xcd0106b6, graphics=0xd7dff8) returned 0x0
[0217.950] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0217.955] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0217.955] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638ba8) returned 0x0
[0217.956] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dfd0) returned 0x0
[0217.956] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0217.956] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0217.956] GdipGetClip (graphics=0x666a708, region=0x6646f88) returned 0x0
[0217.956] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x666a708, result=0xd7dfc4) returned 0x0
[0217.956] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0217.956] GdipSaveGraphics (graphics=0x666a708, state=0xd7dff0) returned 0x0
[0217.956] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0217.963] GdipFillRectangleI (graphics=0x666a708, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0217.963] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0217.965] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0217.965] SelectPalette (hdc=0xcd0106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.965] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.965] GetSystemMetrics (nIndex=42) returned 0
[0217.965] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0217.965] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0217.965] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0217.965] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0217.965] SelectPalette (hdc=0xcd0106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0217.965] GdipCreateFromHDC (hdc=0xcd0106b6, graphics=0xd7df98) returned 0x0
[0217.966] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0217.966] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0217.966] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638a88) returned 0x0
[0217.966] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df70) returned 0x0
[0217.966] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0217.966] GdipCreateRegion (region=0xd7df58) returned 0x0
[0217.967] GdipGetClip (graphics=0x666a708, region=0x66469e8) returned 0x0
[0217.967] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x666a708, result=0xd7df64) returned 0x0
[0217.967] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0217.967] GdipSaveGraphics (graphics=0x666a708, state=0xd7df90) returned 0x0
[0217.967] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0217.973] GdipFillRectangleI (graphics=0x666a708, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0217.973] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0217.974] GdipRestoreGraphics (graphics=0x666a708, state=0xf9d40dbd) returned 0x0
[0217.975] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0217.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0217.975] GetSystemMetrics (nIndex=42) returned 0
[0217.975] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0217.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0217.975] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0217.975] SelectPalette (hdc=0xcd0106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.975] RestoreDC (hdc=0xcd0106b6, nSavedDC=-1) returned 1
[0217.975] GdipReleaseDC (graphics=0x6600030, hdc=0xcd0106b6) returned 0x0
[0217.975] IsAppThemed () returned 0x1
[0217.975] GetThemeAppProperties () returned 0x3
[0217.975] GetThemeAppProperties () returned 0x3
[0217.975] IsAppThemed () returned 0x1
[0217.976] GetThemeAppProperties () returned 0x3
[0217.976] GetThemeAppProperties () returned 0x3
[0217.976] IsThemePartDefined () returned 0x1
[0217.976] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0217.976] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0217.976] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0217.976] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0217.976] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e4a4) returned 0x0
[0217.976] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.976] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0217.976] LocalFree (hMem=0x11ee788) returned 0x0
[0217.976] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0217.976] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0217.976] LocalFree (hMem=0x11eecc8) returned 0x0
[0217.976] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0217.976] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0217.976] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0217.976] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0217.976] GdipDeleteRegion (region=0x6646688) returned 0x0
[0217.977] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0217.977] GetCurrentObject (hdc=0xcd0106b6, type=0x1) returned 0xb00017
[0217.977] GetCurrentObject (hdc=0xcd0106b6, type=0x2) returned 0x900010
[0217.977] GetCurrentObject (hdc=0xcd0106b6, type=0x7) returned 0x4a0507fe
[0217.977] GetCurrentObject (hdc=0xcd0106b6, type=0x6) returned 0x8a01c2
[0217.977] SaveDC (hdc=0xcd0106b6) returned 1
[0217.977] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x15040807
[0217.977] GetClipRgn (hdc=0xcd0106b6, hrgn=0x15040807) returned 0
[0217.977] SelectClipRgn (hdc=0xcd0106b6, hrgn=0x9e0407de) returned 2
[0217.977] DeleteObject (ho=0x15040807) returned 1
[0217.977] DeleteObject (ho=0x9e0407de) returned 1
[0217.977] OffsetViewportOrgEx (in: hdc=0xcd0106b6, x=0, y=0, lppt=0x2dbcee8 | out: lppt=0x2dbcee8) returned 1
[0217.977] IsAppThemed () returned 0x1
[0217.977] GetThemeAppProperties () returned 0x3
[0217.977] GetThemeAppProperties () returned 0x3
[0217.977] DrawThemeBackground () returned 0x0
[0217.978] RestoreDC (hdc=0xcd0106b6, nSavedDC=-1) returned 1
[0217.978] GdipReleaseDC (graphics=0x6600030, hdc=0xcd0106b6) returned 0x0
[0217.978] GdipCreateRegion (region=0xd7e490) returned 0x0
[0217.978] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0217.978] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0217.978] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0217.978] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e4a8) returned 0x0
[0217.978] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.978] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0217.978] LocalFree (hMem=0x11ee788) returned 0x0
[0217.978] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0217.978] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0217.978] LocalFree (hMem=0x11ee788) returned 0x0
[0217.978] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0217.978] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0217.978] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0217.979] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0217.979] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0217.979] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0217.979] GetCurrentObject (hdc=0xcd0106b6, type=0x1) returned 0xb00017
[0217.979] GetCurrentObject (hdc=0xcd0106b6, type=0x2) returned 0x900010
[0217.979] GetCurrentObject (hdc=0xcd0106b6, type=0x7) returned 0x4a0507fe
[0217.979] GetCurrentObject (hdc=0xcd0106b6, type=0x6) returned 0x8a01c2
[0217.979] SaveDC (hdc=0xcd0106b6) returned 1
[0217.979] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f0407de
[0217.979] GetClipRgn (hdc=0xcd0106b6, hrgn=0x9f0407de) returned 0
[0217.979] SelectClipRgn (hdc=0xcd0106b6, hrgn=0x16040807) returned 2
[0217.979] DeleteObject (ho=0x9f0407de) returned 1
[0217.979] DeleteObject (ho=0x16040807) returned 1
[0217.979] OffsetViewportOrgEx (in: hdc=0xcd0106b6, x=0, y=0, lppt=0x2dbd1bc | out: lppt=0x2dbd1bc) returned 1
[0217.980] IsAppThemed () returned 0x1
[0217.980] GetThemeAppProperties () returned 0x3
[0217.980] GetThemeAppProperties () returned 0x3
[0217.980] GetThemeBackgroundContentRect () returned 0x0
[0217.980] RestoreDC (hdc=0xcd0106b6, nSavedDC=-1) returned 1
[0217.980] GdipReleaseDC (graphics=0x6600030, hdc=0xcd0106b6) returned 0x0
[0217.980] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0217.980] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0217.980] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0217.980] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0217.980] IsAppThemed () returned 0x1
[0217.980] GetThemeAppProperties () returned 0x3
[0217.980] GetThemeAppProperties () returned 0x3
[0217.980] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0217.980] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0217.980] GetCurrentObject (hdc=0xcd0106b6, type=0x1) returned 0xb00017
[0217.980] GetCurrentObject (hdc=0xcd0106b6, type=0x2) returned 0x900010
[0217.980] GetCurrentObject (hdc=0xcd0106b6, type=0x7) returned 0x4a0507fe
[0217.981] GetCurrentObject (hdc=0xcd0106b6, type=0x6) returned 0x8a01c2
[0217.981] SaveDC (hdc=0xcd0106b6) returned 1
[0217.981] GetTextAlign (hdc=0xcd0106b6) returned 0x0
[0217.981] GetTextColor (hdc=0xcd0106b6) returned 0x0
[0217.981] GetCurrentObject (hdc=0xcd0106b6, type=0x6) returned 0x8a01c2
[0217.981] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0217.981] SelectObject (hdc=0xcd0106b6, h=0x6d0a0520) returned 0x8a01c2
[0217.988] GetBkMode (hdc=0xcd0106b6) returned 2
[0217.988] SetBkMode (hdc=0xcd0106b6, mode=1) returned 2
[0217.988] DrawTextExW (in: hdc=0xcd0106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2dbd580 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0217.988] DrawTextExW (in: hdc=0xcd0106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2dbd580 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0217.989] RestoreDC (hdc=0xcd0106b6, nSavedDC=-1) returned 1
[0217.989] GdipReleaseDC (graphics=0x6600030, hdc=0xcd0106b6) returned 0x0
[0217.989] GetFocus () returned 0x602c4
[0217.989] IsAppThemed () returned 0x1
[0217.989] GetThemeAppProperties () returned 0x3
[0217.989] GetThemeAppProperties () returned 0x3
[0217.989] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0217.989] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xcd0106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0217.989] GdipReleaseDC (graphics=0x6600030, hdc=0xcd0106b6) returned 0x0
[0217.989] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0217.990] SelectObject (hdc=0xcd0106b6, h=0x85000f) returned 0x4a0507fe
[0217.990] DeleteDC (hdc=0xcd0106b6) returned 1
[0217.990] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0217.990] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0217.990] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0217.990] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0217.990] WaitMessage () returned 1
[0218.007] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.007] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.007] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.007] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.007] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.009] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.009] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.009] WaitMessage () returned 1
[0218.009] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.009] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.009] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.009] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.010] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.010] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.011] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.011] WaitMessage () returned 1
[0218.012] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.012] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.012] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.012] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.012] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.018] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.018] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.018] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.018] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.018] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.019] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.019] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.019] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.019] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.019] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.019] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.020] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.020] WaitMessage () returned 1
[0218.021] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.022] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.022] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.022] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.022] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.023] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.023] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.023] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.024] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.024] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.024] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.024] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.024] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.024] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.024] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.024] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.025] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.025] WaitMessage () returned 1
[0218.050] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.050] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.050] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.051] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.051] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.053] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.053] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.053] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.053] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.054] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.054] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.055] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.055] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.055] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.055] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.055] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.055] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.055] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.056] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.056] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.057] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.057] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.057] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.057] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.057] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.057] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.058] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.058] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.058] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.058] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.058] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.058] IsWindowUnicode (hWnd=0x30122) returned 1
[0218.058] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.058] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.058] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.058] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.059] IsWindowUnicode (hWnd=0x7005c) returned 1
[0218.059] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.059] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.059] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.060] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.060] IsWindowUnicode (hWnd=0x7005c) returned 1
[0218.060] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.060] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.060] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10b0254) returned 0x0
[0218.060] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.060] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.060] WaitMessage () returned 1
[0218.187] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.187] IsWindowUnicode (hWnd=0x502c6) returned 1
[0218.187] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0218.187] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0218.187] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0218.188] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.188] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0218.188] WaitMessage () returned 1
[0220.062] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.063] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010c) returned 0x1
[0220.063] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.063] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.063] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.063] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0220.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.064] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010c) returned 0x1
[0220.064] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.064] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.064] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010c) returned 0x1
[0220.064] SetCursor (hCursor=0x10003) returned 0x10003
[0220.064] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.064] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.064] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0220.064] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0220.064] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0220.064] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0220.064] GetKeyState (nVirtKey=1) returned 1
[0220.065] GetKeyState (nVirtKey=2) returned 0
[0220.065] GetKeyState (nVirtKey=4) returned 0
[0220.065] GetKeyState (nVirtKey=5) returned 0
[0220.065] GetKeyState (nVirtKey=6) returned 0
[0220.065] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.065] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.065] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.065] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.065] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.065] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0220.065] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.065] CreateCompatibleDC (hdc=0xf0105ee) returned 0xbb0107e0
[0220.065] SelectObject (hdc=0xbb0107e0, h=0x4a0507fe) returned 0x85000f
[0220.066] GdipCreateFromHDC (hdc=0xbb0107e0, graphics=0xd7e798) returned 0x0
[0220.066] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.066] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0220.066] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0220.066] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0220.066] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e7f8) returned 0x0
[0220.066] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.066] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0220.066] LocalFree (hMem=0x11eec58) returned 0x0
[0220.066] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0220.066] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0220.067] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0220.067] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0220.067] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0220.067] GdipRestoreGraphics (graphics=0x6600030, state=0xf9d20dbd) returned 0x0
[0220.067] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0220.067] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0220.067] GetCurrentObject (hdc=0xbb0107e0, type=0x1) returned 0xb00017
[0220.067] GetCurrentObject (hdc=0xbb0107e0, type=0x2) returned 0x900010
[0220.067] GetCurrentObject (hdc=0xbb0107e0, type=0x7) returned 0x4a0507fe
[0220.067] GetCurrentObject (hdc=0xbb0107e0, type=0x6) returned 0x8a01c2
[0220.067] SaveDC (hdc=0xbb0107e0) returned 1
[0220.067] GetNearestColor (hdc=0xbb0107e0, color=0xff) returned 0xff
[0220.067] GetNearestColor (hdc=0xbb0107e0, color=0x55) returned 0x55
[0220.068] GetNearestColor (hdc=0xbb0107e0, color=0x0) returned 0x0
[0220.068] GetNearestColor (hdc=0xbb0107e0, color=0x55) returned 0x55
[0220.068] GetNearestColor (hdc=0xbb0107e0, color=0x0) returned 0x0
[0220.068] GetNearestColor (hdc=0xbb0107e0, color=0x8080ff) returned 0x8080ff
[0220.068] GetNearestColor (hdc=0xbb0107e0, color=0x7373e5) returned 0x7373e5
[0220.068] GetNearestColor (hdc=0xbb0107e0, color=0xe5) returned 0xe5
[0220.068] GetNearestColor (hdc=0xbb0107e0, color=0x0) returned 0x0
[0220.068] RestoreDC (hdc=0xbb0107e0, nSavedDC=-1) returned 1
[0220.068] GdipReleaseDC (graphics=0x6600030, hdc=0xbb0107e0) returned 0x0
[0220.068] IsAppThemed () returned 0x1
[0220.068] GetThemeAppProperties () returned 0x3
[0220.068] GetThemeAppProperties () returned 0x3
[0220.068] IsAppThemed () returned 0x1
[0220.069] GetThemeAppProperties () returned 0x3
[0220.069] GetThemeAppProperties () returned 0x3
[0220.069] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2dbde84 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0220.069] IsAppThemed () returned 0x1
[0220.069] GetThemeAppProperties () returned 0x3
[0220.069] GetThemeAppProperties () returned 0x3
[0220.069] IsAppThemed () returned 0x1
[0220.069] GetThemeAppProperties () returned 0x3
[0220.069] GetThemeAppProperties () returned 0x3
[0220.070] IsAppThemed () returned 0x1
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] IsAppThemed () returned 0x1
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] IsThemePartDefined () returned 0x1
[0220.070] IsAppThemed () returned 0x1
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0220.070] IsAppThemed () returned 0x1
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] IsAppThemed () returned 0x1
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] GetThemeAppProperties () returned 0x3
[0220.070] IsThemePartDefined () returned 0x1
[0220.070] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0220.070] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0220.070] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0220.070] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0220.071] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e514) returned 0x0
[0220.071] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0220.071] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0220.071] LocalFree (hMem=0x11eecc8) returned 0x0
[0220.071] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.071] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0220.071] LocalFree (hMem=0x11eec58) returned 0x0
[0220.071] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0220.071] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0220.071] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0220.071] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0220.071] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0220.071] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0220.071] GetCurrentObject (hdc=0xbb0107e0, type=0x1) returned 0xb00017
[0220.071] GetCurrentObject (hdc=0xbb0107e0, type=0x2) returned 0x900010
[0220.071] GetCurrentObject (hdc=0xbb0107e0, type=0x7) returned 0x4a0507fe
[0220.072] GetCurrentObject (hdc=0xbb0107e0, type=0x6) returned 0x8a01c2
[0220.072] SaveDC (hdc=0xbb0107e0) returned 1
[0220.072] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x17040807
[0220.072] GetClipRgn (hdc=0xbb0107e0, hrgn=0x17040807) returned 0
[0220.072] SelectClipRgn (hdc=0xbb0107e0, hrgn=0xa30407de) returned 2
[0220.072] DeleteObject (ho=0x17040807) returned 1
[0220.072] DeleteObject (ho=0xa30407de) returned 1
[0220.072] OffsetViewportOrgEx (in: hdc=0xbb0107e0, x=0, y=0, lppt=0x2dbe534 | out: lppt=0x2dbe534) returned 1
[0220.072] DrawThemeParentBackground () returned 0x0
[0220.072] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0220.072] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0220.072] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.073] GetSystemMetrics (nIndex=42) returned 0
[0220.073] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0220.073] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0220.073] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0220.073] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0220.073] SelectPalette (hdc=0xbb0107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.073] GdipCreateFromHDC (hdc=0xbb0107e0, graphics=0xd7dff0) returned 0x0
[0220.073] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0220.073] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0220.073] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638c08) returned 0x0
[0220.073] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfc8) returned 0x0
[0220.073] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0220.074] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0220.074] GdipGetClip (graphics=0x666a708, region=0x66464d8) returned 0x0
[0220.074] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x666a708, result=0xd7dfbc) returned 0x0
[0220.074] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.074] GdipSaveGraphics (graphics=0x666a708, state=0xd7dfe8) returned 0x0
[0220.074] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0220.080] GdipFillRectangleI (graphics=0x666a708, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0220.080] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0220.082] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0220.082] SelectPalette (hdc=0xbb0107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.082] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.082] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.082] GetSystemMetrics (nIndex=42) returned 0
[0220.082] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.083] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0220.083] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0220.083] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0220.083] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0220.083] SelectPalette (hdc=0xbb0107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.083] GdipCreateFromHDC (hdc=0xbb0107e0, graphics=0xd7df90) returned 0x0
[0220.083] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0220.083] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0220.083] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638c68) returned 0x0
[0220.083] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0220.083] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0220.083] GdipCreateRegion (region=0xd7df50) returned 0x0
[0220.083] GdipGetClip (graphics=0x666a708, region=0x6646688) returned 0x0
[0220.083] GdipIsInfiniteRegion (region=0x6646688, graphics=0x666a708, result=0xd7df5c) returned 0x0
[0220.084] GdipDeleteRegion (region=0x6646688) returned 0x0
[0220.084] GdipSaveGraphics (graphics=0x666a708, state=0xd7df88) returned 0x0
[0220.084] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0220.090] GdipFillRectangleI (graphics=0x666a708, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0220.090] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0220.091] GdipRestoreGraphics (graphics=0x666a708, state=0xf9ce0dbd) returned 0x0
[0220.091] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.091] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.091] GetSystemMetrics (nIndex=42) returned 0
[0220.092] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.092] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0220.092] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0220.092] SelectPalette (hdc=0xbb0107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.092] RestoreDC (hdc=0xbb0107e0, nSavedDC=-1) returned 1
[0220.092] GdipReleaseDC (graphics=0x6600030, hdc=0xbb0107e0) returned 0x0
[0220.092] IsAppThemed () returned 0x1
[0220.092] GetThemeAppProperties () returned 0x3
[0220.092] GetThemeAppProperties () returned 0x3
[0220.092] IsAppThemed () returned 0x1
[0220.092] GetThemeAppProperties () returned 0x3
[0220.092] GetThemeAppProperties () returned 0x3
[0220.092] IsThemePartDefined () returned 0x1
[0220.092] GdipCreateRegion (region=0xd7e480) returned 0x0
[0220.093] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0220.093] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0220.093] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0220.093] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e498) returned 0x0
[0220.093] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0220.093] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0220.093] LocalFree (hMem=0x11ee868) returned 0x0
[0220.093] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0220.093] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0220.093] LocalFree (hMem=0x11ee868) returned 0x0
[0220.093] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0220.093] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0220.093] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0220.093] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0220.093] GdipDeleteRegion (region=0x6646688) returned 0x0
[0220.093] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0220.093] GetCurrentObject (hdc=0xbb0107e0, type=0x1) returned 0xb00017
[0220.093] GetCurrentObject (hdc=0xbb0107e0, type=0x2) returned 0x900010
[0220.094] GetCurrentObject (hdc=0xbb0107e0, type=0x7) returned 0x4a0507fe
[0220.094] GetCurrentObject (hdc=0xbb0107e0, type=0x6) returned 0x8a01c2
[0220.094] SaveDC (hdc=0xbb0107e0) returned 1
[0220.094] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa40407de
[0220.094] GetClipRgn (hdc=0xbb0107e0, hrgn=0xa40407de) returned 0
[0220.094] SelectClipRgn (hdc=0xbb0107e0, hrgn=0x19040807) returned 2
[0220.094] DeleteObject (ho=0xa40407de) returned 1
[0220.094] DeleteObject (ho=0x19040807) returned 1
[0220.094] OffsetViewportOrgEx (in: hdc=0xbb0107e0, x=0, y=0, lppt=0x2dc4d84 | out: lppt=0x2dc4d84) returned 1
[0220.094] IsAppThemed () returned 0x1
[0220.094] GetThemeAppProperties () returned 0x3
[0220.094] GetThemeAppProperties () returned 0x3
[0220.094] DrawThemeBackground () returned 0x0
[0220.094] RestoreDC (hdc=0xbb0107e0, nSavedDC=-1) returned 1
[0220.095] GdipReleaseDC (graphics=0x6600030, hdc=0xbb0107e0) returned 0x0
[0220.095] GdipCreateRegion (region=0xd7e484) returned 0x0
[0220.095] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0220.095] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0220.095] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0220.095] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e49c) returned 0x0
[0220.095] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0220.095] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0220.095] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.095] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.095] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0220.095] LocalFree (hMem=0x11eec58) returned 0x0
[0220.095] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0220.095] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0220.095] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0220.095] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0220.095] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0220.096] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0220.096] GetCurrentObject (hdc=0xbb0107e0, type=0x1) returned 0xb00017
[0220.096] GetCurrentObject (hdc=0xbb0107e0, type=0x2) returned 0x900010
[0220.096] GetCurrentObject (hdc=0xbb0107e0, type=0x7) returned 0x4a0507fe
[0220.096] GetCurrentObject (hdc=0xbb0107e0, type=0x6) returned 0x8a01c2
[0220.096] SaveDC (hdc=0xbb0107e0) returned 1
[0220.096] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a040807
[0220.096] GetClipRgn (hdc=0xbb0107e0, hrgn=0x1a040807) returned 0
[0220.096] SelectClipRgn (hdc=0xbb0107e0, hrgn=0xa50407de) returned 2
[0220.096] DeleteObject (ho=0x1a040807) returned 1
[0220.096] DeleteObject (ho=0xa50407de) returned 1
[0220.096] OffsetViewportOrgEx (in: hdc=0xbb0107e0, x=0, y=0, lppt=0x2dc5058 | out: lppt=0x2dc5058) returned 1
[0220.096] IsAppThemed () returned 0x1
[0220.096] GetThemeAppProperties () returned 0x3
[0220.096] GetThemeAppProperties () returned 0x3
[0220.097] GetThemeBackgroundContentRect () returned 0x0
[0220.097] RestoreDC (hdc=0xbb0107e0, nSavedDC=-1) returned 1
[0220.097] GdipReleaseDC (graphics=0x6600030, hdc=0xbb0107e0) returned 0x0
[0220.097] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0220.097] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0220.097] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0220.097] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0220.097] IsAppThemed () returned 0x1
[0220.097] GetThemeAppProperties () returned 0x3
[0220.097] GetThemeAppProperties () returned 0x3
[0220.097] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0220.097] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0220.097] GetCurrentObject (hdc=0xbb0107e0, type=0x1) returned 0xb00017
[0220.097] GetCurrentObject (hdc=0xbb0107e0, type=0x2) returned 0x900010
[0220.097] GetCurrentObject (hdc=0xbb0107e0, type=0x7) returned 0x4a0507fe
[0220.097] GetCurrentObject (hdc=0xbb0107e0, type=0x6) returned 0x8a01c2
[0220.098] SaveDC (hdc=0xbb0107e0) returned 1
[0220.098] GetTextAlign (hdc=0xbb0107e0) returned 0x0
[0220.098] GetTextColor (hdc=0xbb0107e0) returned 0x0
[0220.098] GetCurrentObject (hdc=0xbb0107e0, type=0x6) returned 0x8a01c2
[0220.098] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0220.098] SelectObject (hdc=0xbb0107e0, h=0x6d0a0520) returned 0x8a01c2
[0220.098] GetBkMode (hdc=0xbb0107e0) returned 2
[0220.098] SetBkMode (hdc=0xbb0107e0, mode=1) returned 2
[0220.098] DrawTextExW (in: hdc=0xbb0107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2dc541c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0220.099] DrawTextExW (in: hdc=0xbb0107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2dc541c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0220.099] RestoreDC (hdc=0xbb0107e0, nSavedDC=-1) returned 1
[0220.099] GdipReleaseDC (graphics=0x6600030, hdc=0xbb0107e0) returned 0x0
[0220.099] GetFocus () returned 0x602c4
[0220.099] IsAppThemed () returned 0x1
[0220.099] GetThemeAppProperties () returned 0x3
[0220.099] GetThemeAppProperties () returned 0x3
[0220.099] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0220.099] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xbb0107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.100] GdipReleaseDC (graphics=0x6600030, hdc=0xbb0107e0) returned 0x0
[0220.100] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.100] SelectObject (hdc=0xbb0107e0, h=0x85000f) returned 0x4a0507fe
[0220.100] DeleteDC (hdc=0xbb0107e0) returned 1
[0220.100] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.100] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0220.100] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0220.100] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0220.101] WaitMessage () returned 1
[0220.186] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.186] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.186] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.186] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.186] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.186] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.186] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.186] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.187] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.187] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.187] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x40031) returned 0x0
[0220.187] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0220.187] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0220.187] WaitMessage () returned 1
[0220.304] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010c) returned 0x1
[0220.304] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.304] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010c) returned 0x1
[0220.305] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0220.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x196004e) returned 0x0
[0220.305] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0220.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0220.305] SetCursor (hCursor=0x10003) returned 0x10003
[0220.305] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.305] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.305] GetKeyState (nVirtKey=1) returned -128
[0220.305] GetKeyState (nVirtKey=2) returned 0
[0220.305] GetKeyState (nVirtKey=4) returned 0
[0220.305] GetKeyState (nVirtKey=5) returned 0
[0220.305] GetKeyState (nVirtKey=6) returned 0
[0220.305] IsWindowVisible (hWnd=0x602c4) returned 1
[0220.305] IsWindowEnabled (hWnd=0x602c4) returned 1
[0220.305] SetFocus (hWnd=0x602c4) returned 0x602c4
[0220.305] GetFocus () returned 0x602c4
[0220.306] GetFocus () returned 0x602c4
[0220.306] GetFocus () returned 0x602c4
[0220.306] GetKeyState (nVirtKey=1) returned -128
[0220.306] GetKeyState (nVirtKey=2) returned 0
[0220.306] GetKeyState (nVirtKey=4) returned 0
[0220.306] GetKeyState (nVirtKey=5) returned 0
[0220.306] GetKeyState (nVirtKey=6) returned 0
[0220.306] GetCapture () returned 0x0
[0220.306] SetCapture (hWnd=0x602c4) returned 0x0
[0220.306] GetKeyState (nVirtKey=1) returned -128
[0220.306] GetKeyState (nVirtKey=2) returned 0
[0220.306] GetKeyState (nVirtKey=4) returned 0
[0220.306] GetKeyState (nVirtKey=5) returned 0
[0220.306] GetKeyState (nVirtKey=6) returned 0
[0220.306] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0220.306] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0220.306] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.306] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.306] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.307] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.307] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.307] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dc55a0, cPoints=0x1 | out: lpPoints=0x2dc55a0) returned 40304859
[0220.307] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0220.307] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0220.307] UpdateWindow (hWnd=0x602c4) returned 1
[0220.307] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0220.307] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.307] CreateCompatibleDC (hdc=0xf0105ee) returned 0xbc0107e0
[0220.307] SelectObject (hdc=0xbc0107e0, h=0x4a0507fe) returned 0x85000f
[0220.307] GdipCreateFromHDC (hdc=0xbc0107e0, graphics=0xd7e430) returned 0x0
[0220.308] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.308] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0220.308] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0220.308] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0220.308] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e490) returned 0x0
[0220.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.308] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0220.308] LocalFree (hMem=0x11ee788) returned 0x0
[0220.308] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0220.308] GdipCreateRegion (region=0xd7e478) returned 0x0
[0220.308] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0220.308] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e484) returned 0x0
[0220.308] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0220.308] GdipRestoreGraphics (graphics=0x6600030, state=0xf9cc0dbd) returned 0x0
[0220.308] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0220.309] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0220.309] GetCurrentObject (hdc=0xbc0107e0, type=0x1) returned 0xb00017
[0220.309] GetCurrentObject (hdc=0xbc0107e0, type=0x2) returned 0x900010
[0220.309] GetCurrentObject (hdc=0xbc0107e0, type=0x7) returned 0x4a0507fe
[0220.309] GetCurrentObject (hdc=0xbc0107e0, type=0x6) returned 0x8a01c2
[0220.309] SaveDC (hdc=0xbc0107e0) returned 1
[0220.309] GetNearestColor (hdc=0xbc0107e0, color=0xff) returned 0xff
[0220.309] GetNearestColor (hdc=0xbc0107e0, color=0x55) returned 0x55
[0220.309] GetNearestColor (hdc=0xbc0107e0, color=0x0) returned 0x0
[0220.309] GetNearestColor (hdc=0xbc0107e0, color=0x55) returned 0x55
[0220.309] GetNearestColor (hdc=0xbc0107e0, color=0x0) returned 0x0
[0220.309] GetNearestColor (hdc=0xbc0107e0, color=0x8080ff) returned 0x8080ff
[0220.310] GetNearestColor (hdc=0xbc0107e0, color=0x7373e5) returned 0x7373e5
[0220.310] GetNearestColor (hdc=0xbc0107e0, color=0xe5) returned 0xe5
[0220.310] GetNearestColor (hdc=0xbc0107e0, color=0x0) returned 0x0
[0220.310] RestoreDC (hdc=0xbc0107e0, nSavedDC=-1) returned 1
[0220.310] GdipReleaseDC (graphics=0x6600030, hdc=0xbc0107e0) returned 0x0
[0220.310] IsAppThemed () returned 0x1
[0220.310] GetThemeAppProperties () returned 0x3
[0220.310] GetThemeAppProperties () returned 0x3
[0220.310] IsAppThemed () returned 0x1
[0220.310] GetThemeAppProperties () returned 0x3
[0220.310] GetThemeAppProperties () returned 0x3
[0220.310] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2dc5cbc | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0220.311] IsAppThemed () returned 0x1
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] IsAppThemed () returned 0x1
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] IsAppThemed () returned 0x1
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] IsAppThemed () returned 0x1
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] IsThemePartDefined () returned 0x1
[0220.311] IsAppThemed () returned 0x1
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] GetThemeAppProperties () returned 0x3
[0220.311] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0220.311] IsAppThemed () returned 0x1
[0220.311] GetThemeAppProperties () returned 0x3
[0220.312] GetThemeAppProperties () returned 0x3
[0220.312] IsAppThemed () returned 0x1
[0220.312] GetThemeAppProperties () returned 0x3
[0220.312] GetThemeAppProperties () returned 0x3
[0220.312] IsThemePartDefined () returned 0x1
[0220.312] GdipCreateRegion (region=0xd7e194) returned 0x0
[0220.312] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0220.312] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0220.312] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0220.312] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e1ac) returned 0x0
[0220.312] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.312] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0220.312] LocalFree (hMem=0x11ee788) returned 0x0
[0220.312] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.312] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0220.312] LocalFree (hMem=0x11eec58) returned 0x0
[0220.312] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0220.312] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0220.312] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0220.313] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0220.313] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0220.313] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0220.313] GetCurrentObject (hdc=0xbc0107e0, type=0x1) returned 0xb00017
[0220.313] GetCurrentObject (hdc=0xbc0107e0, type=0x2) returned 0x900010
[0220.313] GetCurrentObject (hdc=0xbc0107e0, type=0x7) returned 0x4a0507fe
[0220.313] GetCurrentObject (hdc=0xbc0107e0, type=0x6) returned 0x8a01c2
[0220.313] SaveDC (hdc=0xbc0107e0) returned 1
[0220.313] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa60407de
[0220.313] GetClipRgn (hdc=0xbc0107e0, hrgn=0xa60407de) returned 0
[0220.313] SelectClipRgn (hdc=0xbc0107e0, hrgn=0x1e040807) returned 2
[0220.313] DeleteObject (ho=0xa60407de) returned 1
[0220.313] DeleteObject (ho=0x1e040807) returned 1
[0220.313] OffsetViewportOrgEx (in: hdc=0xbc0107e0, x=0, y=0, lppt=0x2dc636c | out: lppt=0x2dc636c) returned 1
[0220.313] DrawThemeParentBackground () returned 0x0
[0220.314] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0220.314] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0220.314] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.314] GetSystemMetrics (nIndex=42) returned 0
[0220.314] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0220.314] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0220.314] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0220.314] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0220.314] SelectPalette (hdc=0xbc0107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.314] GdipCreateFromHDC (hdc=0xbc0107e0, graphics=0xd7dc88) returned 0x0
[0220.314] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0220.315] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0220.315] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638c68) returned 0x0
[0220.315] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc60) returned 0x0
[0220.315] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0220.315] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0220.315] GdipGetClip (graphics=0x666a708, region=0x6646f88) returned 0x0
[0220.315] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x666a708, result=0xd7dc54) returned 0x0
[0220.315] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0220.315] GdipSaveGraphics (graphics=0x666a708, state=0xd7dc80) returned 0x0
[0220.315] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0220.322] GdipFillRectangleI (graphics=0x666a708, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0220.322] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0220.323] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0220.323] SelectPalette (hdc=0xbc0107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.324] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.324] GetSystemMetrics (nIndex=42) returned 0
[0220.324] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0220.324] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0220.324] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0220.324] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0220.324] SelectPalette (hdc=0xbc0107e0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.324] GdipCreateFromHDC (hdc=0xbc0107e0, graphics=0xd7dc28) returned 0x0
[0220.324] GdipSetPageUnit (graphics=0x666a708, unit=0x2) returned 0x0
[0220.324] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0220.324] GdipGetWorldTransform (graphics=0x666a708, matrix=0x6638ae8) returned 0x0
[0220.324] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc00) returned 0x0
[0220.325] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0220.325] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0220.325] GdipGetClip (graphics=0x666a708, region=0x6646f88) returned 0x0
[0220.325] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x666a708, result=0xd7dbf4) returned 0x0
[0220.325] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0220.325] GdipSaveGraphics (graphics=0x666a708, state=0xd7dc20) returned 0x0
[0220.325] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0220.332] GdipFillRectangleI (graphics=0x666a708, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0220.332] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0220.333] GdipRestoreGraphics (graphics=0x666a708, state=0xf9c80dbd) returned 0x0
[0220.333] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.333] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.334] GetSystemMetrics (nIndex=42) returned 0
[0220.334] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0220.334] GdipDeleteGraphics (graphics=0x666a708) returned 0x0
[0220.334] SelectPalette (hdc=0xbc0107e0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.334] RestoreDC (hdc=0xbc0107e0, nSavedDC=-1) returned 1
[0220.334] GdipReleaseDC (graphics=0x6600030, hdc=0xbc0107e0) returned 0x0
[0220.334] IsAppThemed () returned 0x1
[0220.334] GetThemeAppProperties () returned 0x3
[0220.334] GetThemeAppProperties () returned 0x3
[0220.334] IsAppThemed () returned 0x1
[0220.335] GetThemeAppProperties () returned 0x3
[0220.335] GetThemeAppProperties () returned 0x3
[0220.335] IsThemePartDefined () returned 0x1
[0220.335] GdipCreateRegion (region=0xd7e118) returned 0x0
[0220.335] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0220.335] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0220.335] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0220.335] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e130) returned 0x0
[0220.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.335] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0220.335] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0220.335] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0220.335] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.335] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0220.335] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e158) returned 0x0
[0220.335] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e148) returned 0x0
[0220.335] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0220.336] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0220.336] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0220.336] GetCurrentObject (hdc=0xbc0107e0, type=0x1) returned 0xb00017
[0220.336] GetCurrentObject (hdc=0xbc0107e0, type=0x2) returned 0x900010
[0220.336] GetCurrentObject (hdc=0xbc0107e0, type=0x7) returned 0x4a0507fe
[0220.336] GetCurrentObject (hdc=0xbc0107e0, type=0x6) returned 0x8a01c2
[0220.336] SaveDC (hdc=0xbc0107e0) returned 1
[0220.336] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f040807
[0220.336] GetClipRgn (hdc=0xbc0107e0, hrgn=0x1f040807) returned 0
[0220.336] SelectClipRgn (hdc=0xbc0107e0, hrgn=0xa80407de) returned 2
[0220.336] DeleteObject (ho=0x1f040807) returned 1
[0220.336] DeleteObject (ho=0xa80407de) returned 1
[0220.336] OffsetViewportOrgEx (in: hdc=0xbc0107e0, x=0, y=0, lppt=0x2dccbbc | out: lppt=0x2dccbbc) returned 1
[0220.336] IsAppThemed () returned 0x1
[0220.336] GetThemeAppProperties () returned 0x3
[0220.336] GetThemeAppProperties () returned 0x3
[0220.337] DrawThemeBackground () returned 0x0
[0220.337] RestoreDC (hdc=0xbc0107e0, nSavedDC=-1) returned 1
[0220.337] GdipReleaseDC (graphics=0x6600030, hdc=0xbc0107e0) returned 0x0
[0220.337] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0220.337] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.337] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0220.337] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0220.337] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e134) returned 0x0
[0220.337] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0220.337] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea98) returned 0x0
[0220.337] LocalFree (hMem=0x11eea98) returned 0x0
[0220.337] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.337] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0220.337] LocalFree (hMem=0x11ee788) returned 0x0
[0220.337] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0220.337] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0220.337] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0220.338] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0220.338] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.338] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0220.338] GetCurrentObject (hdc=0xbc0107e0, type=0x1) returned 0xb00017
[0220.338] GetCurrentObject (hdc=0xbc0107e0, type=0x2) returned 0x900010
[0220.338] GetCurrentObject (hdc=0xbc0107e0, type=0x7) returned 0x4a0507fe
[0220.338] GetCurrentObject (hdc=0xbc0107e0, type=0x6) returned 0x8a01c2
[0220.338] SaveDC (hdc=0xbc0107e0) returned 1
[0220.338] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa90407de
[0220.338] GetClipRgn (hdc=0xbc0107e0, hrgn=0xa90407de) returned 0
[0220.338] SelectClipRgn (hdc=0xbc0107e0, hrgn=0x20040807) returned 2
[0220.338] DeleteObject (ho=0xa90407de) returned 1
[0220.338] DeleteObject (ho=0x20040807) returned 1
[0220.338] OffsetViewportOrgEx (in: hdc=0xbc0107e0, x=0, y=0, lppt=0x2dcce90 | out: lppt=0x2dcce90) returned 1
[0220.338] IsAppThemed () returned 0x1
[0220.339] GetThemeAppProperties () returned 0x3
[0220.339] GetThemeAppProperties () returned 0x3
[0220.339] GetThemeBackgroundContentRect () returned 0x0
[0220.339] RestoreDC (hdc=0xbc0107e0, nSavedDC=-1) returned 1
[0220.339] GdipReleaseDC (graphics=0x6600030, hdc=0xbc0107e0) returned 0x0
[0220.339] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0220.339] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0220.339] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0220.339] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0220.339] IsAppThemed () returned 0x1
[0220.339] GetThemeAppProperties () returned 0x3
[0220.339] GetThemeAppProperties () returned 0x3
[0220.339] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0220.339] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0220.339] GetCurrentObject (hdc=0xbc0107e0, type=0x1) returned 0xb00017
[0220.339] GetCurrentObject (hdc=0xbc0107e0, type=0x2) returned 0x900010
[0220.339] GetCurrentObject (hdc=0xbc0107e0, type=0x7) returned 0x4a0507fe
[0220.340] GetCurrentObject (hdc=0xbc0107e0, type=0x6) returned 0x8a01c2
[0220.340] SaveDC (hdc=0xbc0107e0) returned 1
[0220.340] GetTextAlign (hdc=0xbc0107e0) returned 0x0
[0220.340] GetTextColor (hdc=0xbc0107e0) returned 0x0
[0220.340] GetCurrentObject (hdc=0xbc0107e0, type=0x6) returned 0x8a01c2
[0220.340] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0220.340] SelectObject (hdc=0xbc0107e0, h=0x6d0a0520) returned 0x8a01c2
[0220.340] GetBkMode (hdc=0xbc0107e0) returned 2
[0220.340] SetBkMode (hdc=0xbc0107e0, mode=1) returned 2
[0220.340] DrawTextExW (in: hdc=0xbc0107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2dcd254 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0220.341] DrawTextExW (in: hdc=0xbc0107e0, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2dcd254 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0220.341] RestoreDC (hdc=0xbc0107e0, nSavedDC=-1) returned 1
[0220.341] GdipReleaseDC (graphics=0x6600030, hdc=0xbc0107e0) returned 0x0
[0220.341] GetFocus () returned 0x602c4
[0220.342] IsAppThemed () returned 0x1
[0220.342] GetThemeAppProperties () returned 0x3
[0220.342] GetThemeAppProperties () returned 0x3
[0220.342] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0220.342] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xbc0107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.342] GdipReleaseDC (graphics=0x6600030, hdc=0xbc0107e0) returned 0x0
[0220.342] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.342] SelectObject (hdc=0xbc0107e0, h=0x85000f) returned 0x4a0507fe
[0220.342] DeleteDC (hdc=0xbc0107e0) returned 1
[0220.342] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.343] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0220.343] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dcd350, cPoints=0x1 | out: lpPoints=0x2dcd350) returned 40304859
[0220.343] WindowFromPoint (Point=0x10c) returned 0x602c4
[0220.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010c) returned 0x1
[0220.343] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0220.343] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0220.343] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0220.343] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0220.343] GetSystemMetrics (nIndex=42) returned 0
[0220.343] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0220.343] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0220.346] GetCapture () returned 0x602c4
[0220.346] ReleaseCapture () returned 1
[0220.346] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0220.346] GetProcessWindowStation () returned 0x13c
[0220.347] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.347] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0220.347] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.347] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0220.348] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.348] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0220.348] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.348] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0220.348] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.349] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0220.349] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.349] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0220.349] GetDC (hWnd=0x0) returned 0x60100ce
[0220.349] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0220.349] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0220.350] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.350] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0220.350] GetSystemMetrics (nIndex=5) returned 1
[0220.350] GetSystemMetrics (nIndex=6) returned 1
[0220.350] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.350] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0220.350] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.351] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0220.354] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0220.354] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0220.355] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.355] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0220.355] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.355] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0220.356] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2dd2d6c | out: lpData=0x2dd2d6c) returned 1
[0220.357] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd317c, puLen=0xd7e810) returned 1
[0220.357] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2e24, puLen=0xd7e790) returned 1
[0220.357] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2e78, puLen=0xd7e790) returned 1
[0220.357] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2ef8, puLen=0xd7e790) returned 1
[0220.357] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2f60, puLen=0xd7e790) returned 1
[0220.357] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2fa0, puLen=0xd7e790) returned 1
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd3028, puLen=0xd7e790) returned 1
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd3064, puLen=0xd7e790) returned 1
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd30bc, puLen=0xd7e790) returned 1
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd30ec, puLen=0xd7e790) returned 1
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd3128, puLen=0xd7e790) returned 1
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd317c, puLen=0xd7e784) returned 1
[0220.358] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.358] VerQueryValueW (in: pBlock=0x2dd2d6c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd2d94, puLen=0xd7e794) returned 1
[0220.359] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0220.359] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0220.359] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.359] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0220.359] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.359] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0220.359] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2dd4cdc | out: lpData=0x2dd4cdc) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd4d78, puLen=0xd7e810) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4df0, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4e20, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4e5c, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4e8c, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4ed4, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4f4c, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4f90, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4fd0, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4dce, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4f1c, puLen=0xd7e790) returned 1
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd4d78, puLen=0xd7e784) returned 1
[0220.360] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0220.360] VerQueryValueW (in: pBlock=0x2dd4cdc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd4d04, puLen=0xd7e794) returned 1
[0220.361] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0220.361] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0220.361] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.361] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0220.362] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.362] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0220.363] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2dd6fb4 | out: lpData=0x2dd6fb4) returned 1
[0220.363] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd73c8, puLen=0xd7e810) returned 1
[0220.363] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd706c, puLen=0xd7e790) returned 1
[0220.363] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd70c0, puLen=0xd7e790) returned 1
[0220.363] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd711c, puLen=0xd7e790) returned 1
[0220.363] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd717c, puLen=0xd7e790) returned 1
[0220.363] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd71d4, puLen=0xd7e790) returned 1
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd725c, puLen=0xd7e790) returned 1
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd72b0, puLen=0xd7e790) returned 1
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd7308, puLen=0xd7e790) returned 1
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd7338, puLen=0xd7e790) returned 1
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd7374, puLen=0xd7e790) returned 1
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd73c8, puLen=0xd7e784) returned 1
[0220.364] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.364] VerQueryValueW (in: pBlock=0x2dd6fb4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd6fdc, puLen=0xd7e794) returned 1
[0220.365] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0220.365] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0220.365] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.365] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0220.365] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.365] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0220.367] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dd95ec | out: lpData=0x2dd95ec) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd99ec, puLen=0xd7e810) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd96a4, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd96f8, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd9738, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd97a0, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd97f8, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd9880, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd98d4, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd992c, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd995c, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd9998, puLen=0xd7e790) returned 1
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd99ec, puLen=0xd7e784) returned 1
[0220.368] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.368] VerQueryValueW (in: pBlock=0x2dd95ec, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd9614, puLen=0xd7e794) returned 1
[0220.369] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0220.369] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0220.369] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.369] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0220.370] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.370] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0220.371] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2ddbd28 | out: lpData=0x2ddbd28) returned 1
[0220.371] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ddc0f0, puLen=0xd7e810) returned 1
[0220.372] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddbde0, puLen=0xd7e790) returned 1
[0220.372] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddbe34, puLen=0xd7e790) returned 1
[0220.372] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddbe74, puLen=0xd7e790) returned 1
[0220.372] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddbedc, puLen=0xd7e790) returned 1
[0220.372] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddbf18, puLen=0xd7e790) returned 1
[0220.372] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddbfa0, puLen=0xd7e790) returned 1
[0220.410] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddbfd8, puLen=0xd7e790) returned 1
[0220.410] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddc030, puLen=0xd7e790) returned 1
[0220.410] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddc060, puLen=0xd7e790) returned 1
[0220.410] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.410] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddc09c, puLen=0xd7e790) returned 1
[0220.410] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.410] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ddc0f0, puLen=0xd7e784) returned 1
[0220.410] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.411] VerQueryValueW (in: pBlock=0x2ddbd28, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ddbd50, puLen=0xd7e794) returned 1
[0220.411] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0220.412] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0220.412] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.412] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0220.412] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.412] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0220.413] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2ddf390 | out: lpData=0x2ddf390) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ddf770, puLen=0xd7e810) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf448, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf49c, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf4dc, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf53c, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf588, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf610, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf658, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf6b0, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf6e0, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddf71c, puLen=0xd7e790) returned 1
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ddf770, puLen=0xd7e784) returned 1
[0220.414] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.414] VerQueryValueW (in: pBlock=0x2ddf390, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ddf3b8, puLen=0xd7e794) returned 1
[0220.416] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0220.416] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0220.416] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.416] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0220.416] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.416] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0220.417] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2de1bb0 | out: lpData=0x2de1bb0) returned 1
[0220.417] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de1fbc, puLen=0xd7e810) returned 1
[0220.417] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1c68, puLen=0xd7e790) returned 1
[0220.417] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1cbc, puLen=0xd7e790) returned 1
[0220.417] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1d10, puLen=0xd7e790) returned 1
[0220.417] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1d70, puLen=0xd7e790) returned 1
[0220.417] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1dc8, puLen=0xd7e790) returned 1
[0220.417] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1e50, puLen=0xd7e790) returned 1
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1ea4, puLen=0xd7e790) returned 1
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1efc, puLen=0xd7e790) returned 1
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1f2c, puLen=0xd7e790) returned 1
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de1f68, puLen=0xd7e790) returned 1
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de1fbc, puLen=0xd7e784) returned 1
[0220.418] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.418] VerQueryValueW (in: pBlock=0x2de1bb0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de1bd8, puLen=0xd7e794) returned 1
[0220.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0220.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0220.421] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.421] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0220.421] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.421] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0220.422] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2de43c4 | out: lpData=0x2de43c4) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de479c, puLen=0xd7e810) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de447c, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de44d0, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de4510, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de4578, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de45bc, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de4644, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de4684, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de46dc, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de470c, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de4748, puLen=0xd7e790) returned 1
[0220.423] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.424] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de479c, puLen=0xd7e784) returned 1
[0220.424] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.424] VerQueryValueW (in: pBlock=0x2de43c4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de43ec, puLen=0xd7e794) returned 1
[0220.425] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0220.425] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0220.425] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.425] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0220.425] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.425] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0220.426] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2de691c | out: lpData=0x2de691c) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de6cf4, puLen=0xd7e810) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de69d4, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6a28, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6a68, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6ad0, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6b14, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6b9c, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6bdc, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6c34, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6c64, puLen=0xd7e790) returned 1
[0220.427] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.428] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de6ca0, puLen=0xd7e790) returned 1
[0220.428] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.428] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de6cf4, puLen=0xd7e784) returned 1
[0220.428] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.428] VerQueryValueW (in: pBlock=0x2de691c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de6944, puLen=0xd7e794) returned 1
[0220.429] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0220.429] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0220.429] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0220.429] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0220.429] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0220.429] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0220.429] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2de9054 | out: lpData=0x2de9054) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de9484, puLen=0xd7e810) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de910c, puLen=0xd7e790) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de9160, puLen=0xd7e790) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de91d0, puLen=0xd7e790) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de9230, puLen=0xd7e790) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de928c, puLen=0xd7e790) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de9314, puLen=0xd7e790) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de936c, puLen=0xd7e790) returned 1
[0220.430] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de93c4, puLen=0xd7e790) returned 1
[0220.431] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de93f4, puLen=0xd7e790) returned 1
[0220.431] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.431] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de9430, puLen=0xd7e790) returned 1
[0220.431] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0220.431] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de9484, puLen=0xd7e784) returned 1
[0220.431] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0220.431] VerQueryValueW (in: pBlock=0x2de9054, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de907c, puLen=0xd7e794) returned 1
[0220.431] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0220.432] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.432] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0220.432] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.432] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.432] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002ce
[0220.433] SetWindowLongW (hWnd=0x1002ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0220.433] GetWindowLongW (hWnd=0x1002ce, nIndex=-4) returned 1950089536
[0220.434] SetWindowLongW (hWnd=0x1002ce, nIndex=-4, dwNewLong=19946878) returned 1950089536
[0220.434] GetWindowLongW (hWnd=0x1002ce, nIndex=-4) returned 19946878
[0220.434] GetWindowLongW (hWnd=0x1002ce, nIndex=-16) returned 113311744
[0220.434] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0220.436] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0220.437] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0220.437] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0220.437] GetClientRect (in: hWnd=0x1002ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0220.437] GetWindowRect (in: hWnd=0x1002ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0220.437] SetWindowTextW (hWnd=0x1002ce, lpString="WindowsFormsParkingWindow") returned 1
[0220.437] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0xc, wParam=0x0, lParam=0x2dae670) returned 0x1
[0220.438] GetParent (hWnd=0x1002ce) returned 0x0
[0220.438] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.438] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1002ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a02de
[0220.439] SetWindowLongW (hWnd=0x1a02de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0220.439] GetWindowLongW (hWnd=0x1a02de, nIndex=-4) returned 1868147648
[0220.439] SetWindowLongW (hWnd=0x1a02de, nIndex=-4, dwNewLong=19946718) returned 1868147648
[0220.439] GetWindowLongW (hWnd=0x1a02de, nIndex=-4) returned 19946718
[0220.439] GetWindowLongW (hWnd=0x1a02de, nIndex=-16) returned 1174405133
[0220.439] GetWindowLongW (hWnd=0x1a02de, nIndex=-12) returned 0
[0220.439] SetWindowLongW (hWnd=0x1a02de, nIndex=-12, dwNewLong=1704670) returned 0
[0220.439] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0220.440] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0220.440] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0220.441] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0220.441] GetWindowRect (in: hWnd=0x1a02de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0220.441] GetParent (hWnd=0x1a02de) returned 0x1002ce
[0220.441] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002ce, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0220.441] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0220.441] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0220.441] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0220.441] GetWindowRect (in: hWnd=0x1a02de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0220.441] GetParent (hWnd=0x1a02de) returned 0x1002ce
[0220.441] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002ce, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0220.442] SendMessageW (hWnd=0x1a02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1a02de) returned 0x0
[0220.442] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1a02de) returned 0x0
[0220.442] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.442] GetParent (hWnd=0x1a02de) returned 0x1002ce
[0220.442] GdipCreateFromHWND (hwnd=0x1a02de, graphics=0xd7e844) returned 0x0
[0220.442] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0220.443] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.443] GetForegroundWindow () returned 0x7005c
[0220.443] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.443] GetSystemMetrics (nIndex=42) returned 0
[0220.443] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0220.443] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.443] GetSystemMetrics (nIndex=42) returned 0
[0220.443] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0220.444] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.444] GetCursorPos (in: lpPoint=0x2ded4d8 | out: lpPoint=0x2ded4d8*(x=268, y=619)) returned 1
[0220.444] MonitorFromPoint (pt=0x10c, dwFlags=0x26b) returned 0x10001
[0220.444] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0220.444] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xbf0107e0
[0220.444] GetDeviceCaps (hdc=0xbf0107e0, index=12) returned 32
[0220.444] GetDeviceCaps (hdc=0xbf0107e0, index=14) returned 1
[0220.444] DeleteDC (hdc=0xbf0107e0) returned 1
[0220.445] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0220.445] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0220.445] GetSystemMetrics (nIndex=59) returned 1460
[0220.445] GetSystemMetrics (nIndex=60) returned 920
[0220.445] GetSystemMetrics (nIndex=34) returned 136
[0220.445] GetSystemMetrics (nIndex=35) returned 39
[0220.445] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.445] GetCursorPos (in: lpPoint=0x2ded744 | out: lpPoint=0x2ded744*(x=268, y=619)) returned 1
[0220.445] MonitorFromPoint (pt=0x10b, dwFlags=0x26b) returned 0x10001
[0220.445] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0220.446] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc00107e0
[0220.446] GetDeviceCaps (hdc=0xc00107e0, index=12) returned 32
[0220.446] GetDeviceCaps (hdc=0xc00107e0, index=14) returned 1
[0220.446] DeleteDC (hdc=0xc00107e0) returned 1
[0220.446] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0220.446] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0220.446] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.446] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0220.447] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2ded9dc | out: piconinfo=0x2ded9dc) returned 1
[0220.447] GetObjectW (in: h=0x390507da, c=24, pv=0x2ded9f8 | out: pv=0x2ded9f8) returned 24
[0220.447] GdipCreateBitmapFromHBITMAP (hbm=0x390507da, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0220.447] GdipGetImageWidth (image=0x664ea70, width=0xd7e750) returned 0x0
[0220.447] GdipGetImageHeight (image=0x664ea70, height=0xd7e748) returned 0x0
[0220.447] GdipGetImagePixelFormat (image=0x664ea70, format=0xd7e740) returned 0x0
[0220.447] GdipBitmapLockBits (bitmap=0x664ea70, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2dedab0) returned 0x0
[0220.447] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0220.448] GdipBitmapLockBits (bitmap=0x66504b0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2dedae8) returned 0x0
[0220.448] RtlMoveMemory (in: Destination=0x6659f20, Source=0x665fec8, Length=0x80 | out: Destination=0x6659f20)
[0220.448] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x665fe48, Length=0x80 | out: Destination=0x6659fa0)
[0220.448] RtlMoveMemory (in: Destination=0x665a020, Source=0x665fdc8, Length=0x80 | out: Destination=0x665a020)
[0220.448] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x665fd48, Length=0x80 | out: Destination=0x665a0a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a120, Source=0x665fcc8, Length=0x80 | out: Destination=0x665a120)
[0220.448] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x665fc48, Length=0x80 | out: Destination=0x665a1a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a220, Source=0x665fbc8, Length=0x80 | out: Destination=0x665a220)
[0220.448] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x665fb48, Length=0x80 | out: Destination=0x665a2a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a320, Source=0x665fac8, Length=0x80 | out: Destination=0x665a320)
[0220.448] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x665fa48, Length=0x80 | out: Destination=0x665a3a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a420, Source=0x665f9c8, Length=0x80 | out: Destination=0x665a420)
[0220.448] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x665f948, Length=0x80 | out: Destination=0x665a4a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a520, Source=0x665f8c8, Length=0x80 | out: Destination=0x665a520)
[0220.448] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x665f848, Length=0x80 | out: Destination=0x665a5a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a620, Source=0x665f7c8, Length=0x80 | out: Destination=0x665a620)
[0220.448] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x665f748, Length=0x80 | out: Destination=0x665a6a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a720, Source=0x665f6c8, Length=0x80 | out: Destination=0x665a720)
[0220.448] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x665f648, Length=0x80 | out: Destination=0x665a7a0)
[0220.448] RtlMoveMemory (in: Destination=0x665a820, Source=0x665f5c8, Length=0x80 | out: Destination=0x665a820)
[0220.448] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x665f548, Length=0x80 | out: Destination=0x665a8a0)
[0220.449] RtlMoveMemory (in: Destination=0x665a920, Source=0x665f4c8, Length=0x80 | out: Destination=0x665a920)
[0220.449] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x665f448, Length=0x80 | out: Destination=0x665a9a0)
[0220.449] RtlMoveMemory (in: Destination=0x665aa20, Source=0x665f3c8, Length=0x80 | out: Destination=0x665aa20)
[0220.449] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x665f348, Length=0x80 | out: Destination=0x665aaa0)
[0220.449] RtlMoveMemory (in: Destination=0x665ab20, Source=0x665f2c8, Length=0x80 | out: Destination=0x665ab20)
[0220.449] RtlMoveMemory (in: Destination=0x665aba0, Source=0x665f248, Length=0x80 | out: Destination=0x665aba0)
[0220.449] RtlMoveMemory (in: Destination=0x665ac20, Source=0x665f1c8, Length=0x80 | out: Destination=0x665ac20)
[0220.449] RtlMoveMemory (in: Destination=0x665aca0, Source=0x665f148, Length=0x80 | out: Destination=0x665aca0)
[0220.449] RtlMoveMemory (in: Destination=0x665ad20, Source=0x665f0c8, Length=0x80 | out: Destination=0x665ad20)
[0220.449] RtlMoveMemory (in: Destination=0x665ada0, Source=0x665f048, Length=0x80 | out: Destination=0x665ada0)
[0220.449] RtlMoveMemory (in: Destination=0x665ae20, Source=0x665efc8, Length=0x80 | out: Destination=0x665ae20)
[0220.449] RtlMoveMemory (in: Destination=0x665aea0, Source=0x665ef48, Length=0x80 | out: Destination=0x665aea0)
[0220.449] GdipBitmapUnlockBits (bitmap=0x664ea70, lockedBitmapData=0x2dedab0) returned 0x0
[0220.449] GdipBitmapUnlockBits (bitmap=0x66504b0, lockedBitmapData=0x2dedae8) returned 0x0
[0220.449] GdipDisposeImage (image=0x664ea70) returned 0x0
[0220.449] DeleteObject (ho=0x390507da) returned 1
[0220.449] DeleteObject (ho=0xc10507e0) returned 1
[0220.449] GetCurrentThreadId () returned 0xf50
[0220.449] GetCurrentThreadId () returned 0xf50
[0220.449] SetWindowPos (hWnd=0x1a02de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0220.449] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0220.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0220.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0220.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0220.450] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0220.450] GetWindowRect (in: hWnd=0x1a02de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0220.450] GetParent (hWnd=0x1a02de) returned 0x1002ce
[0220.450] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002ce, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0220.450] InvalidateRect (hWnd=0x1a02de, lpRect=0x0, bErase=1) returned 1
[0220.450] GetWindowTextLengthW (hWnd=0x1a02de) returned 0
[0220.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0220.450] GetSystemMetrics (nIndex=42) returned 0
[0220.450] GetWindowTextW (in: hWnd=0x1a02de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0220.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0220.451] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0220.451] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0220.451] GetWindowRect (in: hWnd=0x1a02de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0220.451] GetParent (hWnd=0x1a02de) returned 0x1002ce
[0220.451] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1002ce, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0220.451] GetWindowTextLengthW (hWnd=0x1a02de) returned 0
[0220.451] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0220.451] GetSystemMetrics (nIndex=42) returned 0
[0220.451] GetWindowTextW (in: hWnd=0x1a02de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0220.451] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0220.451] GetWindowTextLengthW (hWnd=0x1a02de) returned 0
[0220.451] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0220.451] GetSystemMetrics (nIndex=42) returned 0
[0220.451] GetWindowTextW (in: hWnd=0x1a02de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0220.451] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0220.452] SetWindowTextW (hWnd=0x1a02de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0220.452] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xc, wParam=0x0, lParam=0x2dce944) returned 0x1
[0220.452] InvalidateRect (hWnd=0x1a02de, lpRect=0x0, bErase=1) returned 1
[0220.452] GetCurrentThreadId () returned 0xf50
[0220.452] GetWindowThreadProcessId (in: hWnd=0x1a02de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0220.452] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0220.453] GdipImageForceValidation (image=0x6650b40) returned 0x0
[0220.455] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0220.455] GdipGetImageHeight (image=0x6650b40, height=0xd7e824) returned 0x0
[0220.455] GdipGetImageWidth (image=0x6650b40, width=0xd7e824) returned 0x0
[0220.455] GdipGetImageWidth (image=0x6650b40, width=0xd7e810) returned 0x0
[0220.455] GdipGetImageHeight (image=0x6650b40, height=0xd7e810) returned 0x0
[0220.455] GdipGetImageWidth (image=0x6650b40, width=0xd7e800) returned 0x0
[0220.455] GdipGetImageHeight (image=0x6650b40, height=0xd7e800) returned 0x0
[0220.455] GdipBitmapGetPixel (bitmap=0x6650b40, x=0, y=15, color=0xd7e810) returned 0x0
[0220.455] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0220.455] GdipGetImageWidth (image=0x6650b40, width=0xd7e740) returned 0x0
[0220.455] GdipGetImageHeight (image=0x6650b40, height=0xd7e740) returned 0x0
[0220.455] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0220.456] GdipGetImagePixelFormat (image=0x6651ef0, format=0xd7e740) returned 0x0
[0220.456] GdipGetImageGraphicsContext (image=0x6651ef0, graphics=0xd7e74c) returned 0x0
[0220.456] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0220.456] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0220.456] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0220.456] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650b40, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0220.457] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0220.457] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.457] GdipDisposeImage (image=0x6650b40) returned 0x0
[0220.457] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0220.458] GdipImageForceValidation (image=0x6650b40) returned 0x0
[0220.460] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0220.460] GdipGetImageHeight (image=0x6650b40, height=0xd7e824) returned 0x0
[0220.460] GdipGetImageWidth (image=0x6650b40, width=0xd7e824) returned 0x0
[0220.460] GdipGetImageWidth (image=0x6650b40, width=0xd7e810) returned 0x0
[0220.460] GdipGetImageHeight (image=0x6650b40, height=0xd7e810) returned 0x0
[0220.460] GdipGetImageWidth (image=0x6650b40, width=0xd7e800) returned 0x0
[0220.460] GdipGetImageHeight (image=0x6650b40, height=0xd7e800) returned 0x0
[0220.460] GdipBitmapGetPixel (bitmap=0x6650b40, x=0, y=15, color=0xd7e810) returned 0x0
[0220.460] GdipGetImageRawFormat (image=0x6650b40, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0220.460] GdipGetImageWidth (image=0x6650b40, width=0xd7e740) returned 0x0
[0220.460] GdipGetImageHeight (image=0x6650b40, height=0xd7e740) returned 0x0
[0220.460] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0220.460] GdipGetImagePixelFormat (image=0x6652580, format=0xd7e740) returned 0x0
[0220.460] GdipGetImageGraphicsContext (image=0x6652580, graphics=0xd7e74c) returned 0x0
[0220.460] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0220.461] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0220.461] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0220.461] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650b40, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0220.461] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0220.461] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.461] GdipDisposeImage (image=0x6650b40) returned 0x0
[0220.461] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.462] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0220.462] GetCurrentThreadId () returned 0xf50
[0220.462] GetCurrentThreadId () returned 0xf50
[0220.462] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.462] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0220.462] GetCurrentThreadId () returned 0xf50
[0220.462] GetCurrentThreadId () returned 0xf50
[0220.462] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.463] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0220.463] GetCurrentThreadId () returned 0xf50
[0220.463] GetCurrentThreadId () returned 0xf50
[0220.463] GetSystemMetrics (nIndex=5) returned 1
[0220.463] GetSystemMetrics (nIndex=6) returned 1
[0220.463] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.463] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0220.463] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.463] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0220.464] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.464] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0220.464] GetCurrentThreadId () returned 0xf50
[0220.464] GetCurrentThreadId () returned 0xf50
[0220.464] GetProcessWindowStation () returned 0x13c
[0220.464] GetCapture () returned 0x0
[0220.464] GetActiveWindow () returned 0x7005c
[0220.464] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0220.464] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.465] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0220.465] GetCursorPos (in: lpPoint=0x2deec28 | out: lpPoint=0x2deec28*(x=268, y=619)) returned 1
[0220.465] MonitorFromPoint (pt=0x10c, dwFlags=0x26b) returned 0x10001
[0220.465] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0220.465] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc20107e0
[0220.465] GetDeviceCaps (hdc=0xc20107e0, index=12) returned 32
[0220.465] GetDeviceCaps (hdc=0xc20107e0, index=14) returned 1
[0220.465] DeleteDC (hdc=0xc20107e0) returned 1
[0220.466] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0220.466] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.466] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1402c8
[0220.467] SetWindowLongW (hWnd=0x1402c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0220.467] GetWindowLongW (hWnd=0x1402c8, nIndex=-4) returned 1950089536
[0220.467] SetWindowLongW (hWnd=0x1402c8, nIndex=-4, dwNewLong=19947238) returned 1950089536
[0220.467] GetWindowLongW (hWnd=0x1402c8, nIndex=-4) returned 19947238
[0220.468] GetWindowLongW (hWnd=0x1402c8, nIndex=-16) returned 113770496
[0220.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0220.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0220.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0220.469] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0220.469] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0220.470] SetWindowTextW (hWnd=0x1402c8, lpString="BB ransomware") returned 1
[0220.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xc, wParam=0x0, lParam=0x2ded3c4) returned 0x1
[0220.471] GetStartupInfoW (in: lpStartupInfo=0x2deef64 | out: lpStartupInfo=0x2deef64*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0220.472] GetParent (hWnd=0x1402c8) returned 0x0
[0220.472] SetWindowLongW (hWnd=0x1402c8, nIndex=-8, dwNewLong=0) returned 0
[0220.473] SendMessageW (hWnd=0x1402c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0220.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0220.473] SendMessageW (hWnd=0x1402c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0220.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0220.473] GetSystemMenu (hWnd=0x1402c8, bRevert=0) returned 0x1e0095
[0220.474] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0220.474] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0220.474] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0220.474] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0220.474] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0220.474] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0220.474] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0220.474] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0220.474] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0220.474] SetWindowPos (hWnd=0x1402c8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0220.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0220.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1402c8) returned 0x1
[0220.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0220.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0220.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1402c8, lParam=0x0) returned 0x0
[0220.483] GetCapture () returned 0x0
[0220.483] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0220.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0220.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0220.487] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.487] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0220.488] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0220.488] GetParent (hWnd=0x1402c8) returned 0x0
[0220.488] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0220.491] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0220.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0220.491] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0220.491] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0220.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.494] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.494] GetWindowLongW (hWnd=0x1402c8, nIndex=-16) returned 113770496
[0220.494] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.494] GetSystemMetrics (nIndex=42) returned 0
[0220.494] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0220.494] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.494] GetSystemMetrics (nIndex=42) returned 0
[0220.494] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0220.494] GetCursorPos (in: lpPoint=0x2def1a0 | out: lpPoint=0x2def1a0*(x=268, y=619)) returned 1
[0220.494] MonitorFromPoint (pt=0x10d, dwFlags=0x26a) returned 0x10001
[0220.495] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0220.495] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x170107f4
[0220.495] GetDeviceCaps (hdc=0x170107f4, index=12) returned 32
[0220.495] GetDeviceCaps (hdc=0x170107f4, index=14) returned 1
[0220.495] DeleteDC (hdc=0x170107f4) returned 1
[0220.495] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0220.495] GetWindowLongW (hWnd=0x1402c8, nIndex=-16) returned 113770496
[0220.495] GetWindowLongW (hWnd=0x1402c8, nIndex=-20) returned 327945
[0220.495] SetWindowLongW (hWnd=0x1402c8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0220.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0220.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0220.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.508] SetWindowLongW (hWnd=0x1402c8, nIndex=-20, dwNewLong=327681) returned 327945
[0220.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0220.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0220.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.510] SetWindowPos (hWnd=0x1402c8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0220.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0220.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0220.511] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0220.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0220.511] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0220.511] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0220.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.522] RedrawWindow (hWnd=0x1402c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0220.522] GetSystemMenu (hWnd=0x1402c8, bRevert=0) returned 0x1e0095
[0220.522] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0220.523] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0220.523] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0220.523] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0220.523] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0220.523] EnableMenuItem (hMenu=0x1e0095, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0220.523] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0220.523] GetWindowLongW (hWnd=0x1402c8, nIndex=-8) returned 0
[0220.523] SetWindowLongW (hWnd=0x1402c8, nIndex=-8, dwNewLong=458844) returned 0
[0220.524] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0220.524] GetProcessWindowStation () returned 0x13c
[0220.524] GetCurrentThreadId () returned 0xf50
[0220.525] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305f36, lParam=0x0) returned 1
[0220.525] IsWindowVisible (hWnd=0x1402c8) returned 0
[0220.525] IsWindowVisible (hWnd=0x7005c) returned 1
[0220.525] IsWindowEnabled (hWnd=0x7005c) returned 1
[0220.525] IsWindowVisible (hWnd=0x300ec) returned 0
[0220.525] IsWindowVisible (hWnd=0x502c6) returned 0
[0220.525] IsWindowVisible (hWnd=0x502be) returned 0
[0220.525] GetActiveWindow () returned 0x1402c8
[0220.525] GetFocus () returned 0x1402c8
[0220.525] IsWindow (hWnd=0x7005c) returned 1
[0220.525] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0220.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0220.526] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0220.526] GetWindowLongW (hWnd=0x1402c8, nIndex=-8) returned 458844
[0220.526] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0220.526] GetCurrentThreadId () returned 0xf50
[0220.526] GetWindowLongW (hWnd=0x1402c8, nIndex=-8) returned 458844
[0220.526] IsWindowEnabled (hWnd=0x7005c) returned 0
[0220.526] IsWindowEnabled (hWnd=0x1402c8) returned 1
[0220.526] ShowWindow (hWnd=0x1402c8, nCmdShow=5) returned 0
[0220.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.527] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0220.527] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.527] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.528] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1402c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0xf02d0
[0220.528] SetWindowLongW (hWnd=0xf02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0220.528] GetWindowLongW (hWnd=0xf02d0, nIndex=-4) returned 1950089536
[0220.529] SetWindowLongW (hWnd=0xf02d0, nIndex=-4, dwNewLong=19947438) returned 1950089536
[0220.529] GetWindowLongW (hWnd=0xf02d0, nIndex=-4) returned 19947438
[0220.529] GetWindowLongW (hWnd=0xf02d0, nIndex=-16) returned 1174405120
[0220.529] GetWindowLongW (hWnd=0xf02d0, nIndex=-12) returned 0
[0220.529] SetWindowLongW (hWnd=0xf02d0, nIndex=-12, dwNewLong=983760) returned 0
[0220.529] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0220.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0220.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0220.530] GetWindow (hWnd=0xf02d0, uCmd=0x3) returned 0x0
[0220.530] GetClientRect (in: hWnd=0xf02d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0220.530] GetWindowRect (in: hWnd=0xf02d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0220.530] GetParent (hWnd=0xf02d0) returned 0x1402c8
[0220.530] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0220.531] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0220.531] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0220.531] GetClientRect (in: hWnd=0xf02d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0220.531] GetWindowRect (in: hWnd=0xf02d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0220.531] GetParent (hWnd=0xf02d0) returned 0x1402c8
[0220.531] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0220.531] SendMessageW (hWnd=0xf02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xf02d0) returned 0x0
[0220.531] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x2210, wParam=0x2d00001, lParam=0xf02d0) returned 0x0
[0220.531] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.532] GetParent (hWnd=0xf02d0) returned 0x1402c8
[0220.532] GetParent (hWnd=0x1a02de) returned 0x1002ce
[0220.532] SetParent (hWndChild=0x1a02de, hWndNewParent=0x1402c8) returned 0x1002ce
[0220.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0220.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0220.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0220.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0220.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0220.533] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0220.533] GetWindowRect (in: hWnd=0x1a02de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0220.533] GetParent (hWnd=0x1a02de) returned 0x1402c8
[0220.533] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0220.533] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0220.533] GetWindowRect (in: hWnd=0x1a02de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0220.533] GetParent (hWnd=0x1a02de) returned 0x1402c8
[0220.533] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0220.533] GetParent (hWnd=0x1a02de) returned 0x1402c8
[0220.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.534] GetWindow (hWnd=0x1a02de, uCmd=0x3) returned 0x0
[0220.534] SetWindowPos (hWnd=0x1a02de, hWndInsertAfter=0xf02d0, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0220.534] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0220.534] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0220.535] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0220.535] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0220.535] GetWindowRect (in: hWnd=0x1a02de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0220.535] GetParent (hWnd=0x1a02de) returned 0x1402c8
[0220.535] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0220.535] GetParent (hWnd=0x1a02de) returned 0x1402c8
[0220.535] GetWindow (hWnd=0x1a02de, uCmd=0x3) returned 0xf02d0
[0220.535] GetWindowThreadProcessId (in: hWnd=0x1a02de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0220.535] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0220.535] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.536] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.536] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1402c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c02d8
[0220.536] SetWindowLongW (hWnd=0x1c02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0220.536] GetWindowLongW (hWnd=0x1c02d8, nIndex=-4) returned 1868032000
[0220.537] SetWindowLongW (hWnd=0x1c02d8, nIndex=-4, dwNewLong=19947518) returned 1868032000
[0220.537] GetWindowLongW (hWnd=0x1c02d8, nIndex=-4) returned 19947518
[0220.537] GetWindowLongW (hWnd=0x1c02d8, nIndex=-16) returned 1174470667
[0220.537] GetWindowLongW (hWnd=0x1c02d8, nIndex=-12) returned 0
[0220.537] SetWindowLongW (hWnd=0x1c02d8, nIndex=-12, dwNewLong=1835736) returned 0
[0220.537] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0220.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0220.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0220.541] SendMessageW (hWnd=0x1c02d8, Msg=0x2055, wParam=0x1c02d8, lParam=0x3) returned 0x2
[0220.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0220.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0220.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0220.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0220.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0220.542] RedrawWindow (hWnd=0xf02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0220.542] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0220.542] RedrawWindow (hWnd=0x1a02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0220.542] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0220.542] RedrawWindow (hWnd=0x1c02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0220.542] RedrawWindow (hWnd=0x1402c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0220.542] GetWindow (hWnd=0x1c02d8, uCmd=0x3) returned 0x1a02de
[0220.542] GetClientRect (in: hWnd=0x1c02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0220.542] GetWindowRect (in: hWnd=0x1c02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0220.542] GetParent (hWnd=0x1c02d8) returned 0x1402c8
[0220.542] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0220.543] SetWindowTextW (hWnd=0x1c02d8, lpString="&Details") returned 1
[0220.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0220.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0220.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0220.543] GetClientRect (in: hWnd=0x1c02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0220.543] GetWindowRect (in: hWnd=0x1c02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0220.543] GetParent (hWnd=0x1c02d8) returned 0x1402c8
[0220.543] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0220.543] SendMessageW (hWnd=0x1c02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1c02d8) returned 0x0
[0220.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1c02d8) returned 0x0
[0220.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.545] GetParent (hWnd=0x1c02d8) returned 0x1402c8
[0220.545] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0220.545] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.545] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.545] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1402c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a02dc
[0220.546] SetWindowLongW (hWnd=0x1a02dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0220.546] GetWindowLongW (hWnd=0x1a02dc, nIndex=-4) returned 1868032000
[0220.546] SetWindowLongW (hWnd=0x1a02dc, nIndex=-4, dwNewLong=19946918) returned 1868032000
[0220.546] GetWindowLongW (hWnd=0x1a02dc, nIndex=-4) returned 19946918
[0220.546] GetWindowLongW (hWnd=0x1a02dc, nIndex=-16) returned 1174470667
[0220.546] GetWindowLongW (hWnd=0x1a02dc, nIndex=-12) returned 0
[0220.546] SetWindowLongW (hWnd=0x1a02dc, nIndex=-12, dwNewLong=1704668) returned 0
[0220.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0220.547] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0220.547] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0220.548] SendMessageW (hWnd=0x1a02dc, Msg=0x2055, wParam=0x1a02dc, lParam=0x3) returned 0x2
[0220.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0220.548] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0220.548] GetWindow (hWnd=0x1a02dc, uCmd=0x3) returned 0x1c02d8
[0220.548] GetClientRect (in: hWnd=0x1a02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0220.548] GetWindowRect (in: hWnd=0x1a02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0220.548] GetParent (hWnd=0x1a02dc) returned 0x1402c8
[0220.548] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0220.548] SetWindowTextW (hWnd=0x1a02dc, lpString="&Continue") returned 1
[0220.548] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0220.549] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0220.549] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0220.549] GetClientRect (in: hWnd=0x1a02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0220.549] GetWindowRect (in: hWnd=0x1a02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0220.549] GetParent (hWnd=0x1a02dc) returned 0x1402c8
[0220.549] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0220.549] SendMessageW (hWnd=0x1a02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1a02dc) returned 0x0
[0220.549] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1a02dc) returned 0x0
[0220.549] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.549] GetParent (hWnd=0x1a02dc) returned 0x1402c8
[0220.549] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0220.550] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.550] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.550] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1402c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a02da
[0220.550] SetWindowLongW (hWnd=0x1a02da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0220.551] GetWindowLongW (hWnd=0x1a02da, nIndex=-4) returned 1868032000
[0220.551] SetWindowLongW (hWnd=0x1a02da, nIndex=-4, dwNewLong=19947558) returned 1868032000
[0220.551] GetWindowLongW (hWnd=0x1a02da, nIndex=-4) returned 19947558
[0220.551] GetWindowLongW (hWnd=0x1a02da, nIndex=-16) returned 1174470667
[0220.551] GetWindowLongW (hWnd=0x1a02da, nIndex=-12) returned 0
[0220.551] SetWindowLongW (hWnd=0x1a02da, nIndex=-12, dwNewLong=1704666) returned 0
[0220.551] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0220.552] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0220.552] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0220.552] SendMessageW (hWnd=0x1a02da, Msg=0x2055, wParam=0x1a02da, lParam=0x3) returned 0x2
[0220.553] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0220.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0220.553] GetWindow (hWnd=0x1a02da, uCmd=0x3) returned 0x1a02dc
[0220.553] GetClientRect (in: hWnd=0x1a02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0220.553] GetWindowRect (in: hWnd=0x1a02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0220.553] GetParent (hWnd=0x1a02da) returned 0x1402c8
[0220.553] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0220.553] SetWindowTextW (hWnd=0x1a02da, lpString="&Quit") returned 1
[0220.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0220.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0220.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0220.554] GetClientRect (in: hWnd=0x1a02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0220.554] GetWindowRect (in: hWnd=0x1a02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0220.554] GetParent (hWnd=0x1a02da) returned 0x1402c8
[0220.554] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0220.554] SendMessageW (hWnd=0x1a02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1a02da) returned 0x0
[0220.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1a02da) returned 0x0
[0220.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.554] GetParent (hWnd=0x1a02da) returned 0x1402c8
[0220.554] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0220.554] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.555] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0220.555] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1402c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d00ea
[0220.555] SetWindowLongW (hWnd=0x1d00ea, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0220.555] GetWindowLongW (hWnd=0x1d00ea, nIndex=-4) returned 1868026976
[0220.556] SetWindowLongW (hWnd=0x1d00ea, nIndex=-4, dwNewLong=19947598) returned 1868026976
[0220.556] GetWindowLongW (hWnd=0x1d00ea, nIndex=-4) returned 19947598
[0220.556] GetWindowLongW (hWnd=0x1d00ea, nIndex=-16) returned 1177553092
[0220.556] GetWindowLongW (hWnd=0x1d00ea, nIndex=-12) returned 0
[0220.556] SetWindowLongW (hWnd=0x1d00ea, nIndex=-12, dwNewLong=1900778) returned 0
[0220.556] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0220.557] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0220.558] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0220.572] GetWindow (hWnd=0x1d00ea, uCmd=0x3) returned 0x1a02da
[0220.572] GetClientRect (in: hWnd=0x1d00ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0220.572] GetWindowRect (in: hWnd=0x1d00ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0220.573] GetParent (hWnd=0x1d00ea) returned 0x1402c8
[0220.573] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0220.573] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.573] GetSystemMetrics (nIndex=42) returned 0
[0220.573] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0220.573] SendMessageW (hWnd=0x1d00ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0220.573] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0220.584] SetWindowTextW (hWnd=0x1d00ea, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0220.584] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0xc, wParam=0x0, lParam=0x2deadac) returned 0x1
[0220.585] GetSystemMetrics (nIndex=5) returned 1
[0220.585] GetSystemMetrics (nIndex=6) returned 1
[0220.585] SendMessageW (hWnd=0x1d00ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0220.585] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0220.586] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0220.587] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0220.587] GetClientRect (in: hWnd=0x1d00ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0220.587] GetWindowRect (in: hWnd=0x1d00ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0220.587] GetParent (hWnd=0x1d00ea) returned 0x1402c8
[0220.587] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1402c8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0220.587] SendMessageW (hWnd=0x1d00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1d00ea) returned 0x0
[0220.587] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1d00ea) returned 0x0
[0220.587] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0220.587] GetParent (hWnd=0x1d00ea) returned 0x1402c8
[0220.587] GetWindowLongW (hWnd=0x1402c8, nIndex=-8) returned 458844
[0220.587] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0220.587] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0220.587] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1e0107f4
[0220.588] GetDeviceCaps (hdc=0x1e0107f4, index=12) returned 32
[0220.588] GetDeviceCaps (hdc=0x1e0107f4, index=14) returned 1
[0220.588] DeleteDC (hdc=0x1e0107f4) returned 1
[0220.588] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0220.588] GetWindowThreadProcessId (in: hWnd=0x1402c8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0220.588] GetCurrentThreadId () returned 0xf50
[0220.588] PostMessageW (hWnd=0x1402c8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0220.588] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.588] GetSystemMetrics (nIndex=42) returned 0
[0220.588] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0220.588] GdipImageGetFrameDimensionsCount (image=0x66504b0, count=0xd7e25c) returned 0x0
[0220.588] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200b48
[0220.588] GdipImageGetFrameDimensionsList (image=0x66504b0, dimensionIDs=0x1200b48*(Data1=0x2d002d, Data2=0x2d, Data3=0x2d, Data4=([0]=0x1b, [1]=0x0, [2]=0x25, [3]=0x0, [4]=0x2d, [5]=0x0, [6]=0x2d, [7]=0x0)), count=0x1) returned 0x0
[0220.588] LocalFree (hMem=0x1200b48) returned 0x0
[0220.588] GdipImageGetFrameDimensionsCount (image=0x6651ef0, count=0xd7e250) returned 0x0
[0220.589] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200b48
[0220.589] GdipImageGetFrameDimensionsList (image=0x6651ef0, dimensionIDs=0x1200b48*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0220.589] LocalFree (hMem=0x1200b48) returned 0x0
[0220.589] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0220.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0220.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0220.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0220.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.633] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0220.633] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0220.633] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.633] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.633] GetSystemMetrics (nIndex=42) returned 0
[0220.633] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.633] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0220.633] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0220.633] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0220.633] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0220.633] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0xffffffffdb050173
[0220.633] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0220.633] SaveDC (hdc=0x10105d6) returned 1
[0220.634] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0220.634] CreateSolidBrush (color=0xf0f0f0) returned 0x331007e1
[0220.634] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x331007e1) returned 1
[0220.634] DeleteObject (ho=0x331007e1) returned 1
[0220.634] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0220.634] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0220.634] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0220.635] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0220.635] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0220.635] GetStockObject (i=5) returned 0x900015
[0220.635] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0220.635] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0220.635] GetStockObject (i=5) returned 0x900015
[0220.635] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0220.636] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0220.636] GetStockObject (i=5) returned 0x900015
[0220.636] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0220.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0220.636] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0220.636] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0220.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0220.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0220.642] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0220.642] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0220.642] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.642] InvalidateRect (hWnd=0x1c02d8, lpRect=0x0, bErase=0) returned 1
[0220.642] GetFocus () returned 0x1402c8
[0220.642] GetFocus () returned 0x1402c8
[0220.642] SetFocus (hWnd=0x1c02d8) returned 0x1402c8
[0220.643] GetFocus () returned 0x1c02d8
[0220.643] IsChild (hWndParent=0x1402c8, hWnd=0x1c02d8) returned 1
[0220.644] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x8, wParam=0x1c02d8, lParam=0x0) returned 0x0
[0220.644] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0220.645] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0220.647] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.647] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x7, wParam=0x1402c8, lParam=0x0) returned 0x0
[0220.647] GetStockObject (i=5) returned 0x900015
[0220.647] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0220.647] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0220.647] GetDlgItem (hDlg=0x1402c8, nIDDlgItem=1835736) returned 0x1c02d8
[0220.647] SendMessageW (hWnd=0x1c02d8, Msg=0x202b, wParam=0x1c02d8, lParam=0xd7e0dc) returned 0x0
[0220.647] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x202b, wParam=0x1c02d8, lParam=0xd7e0dc) returned 0x0
[0220.647] InvalidateRect (hWnd=0x1c02d8, lpRect=0x0, bErase=0) returned 1
[0220.650] GetFocus () returned 0x1c02d8
[0220.650] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0220.651] IsWindowUnicode (hWnd=0x1402c8) returned 1
[0220.651] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0220.651] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.651] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0220.651] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0220.657] IsWindowUnicode (hWnd=0x1402c8) returned 1
[0220.657] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.657] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.657] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.657] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.657] IsWindowUnicode (hWnd=0x1a02dc) returned 1
[0220.657] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.657] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.657] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.658] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.658] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.658] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.658] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.658] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0220.658] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0220.658] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.658] IsWindowUnicode (hWnd=0x1a02dc) returned 1
[0220.658] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.658] SetCursor (hCursor=0x10003) returned 0x10003
[0220.659] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.659] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.659] _TrackMouseEvent (in: lpEventTrack=0x2df04e8 | out: lpEventTrack=0x2df04e8) returned 1
[0220.659] SendMessageW (hWnd=0x1a02dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0220.659] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0220.659] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.659] GetKeyState (nVirtKey=1) returned 0
[0220.659] GetKeyState (nVirtKey=2) returned 0
[0220.659] GetKeyState (nVirtKey=4) returned 0
[0220.659] GetKeyState (nVirtKey=5) returned 0
[0220.659] GetKeyState (nVirtKey=6) returned 0
[0220.659] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.659] IsWindowUnicode (hWnd=0x1402c8) returned 1
[0220.659] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.659] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.659] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.660] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.665] IsWindowUnicode (hWnd=0x1402c8) returned 1
[0220.665] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.665] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.665] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.665] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.666] IsWindowUnicode (hWnd=0x30122) returned 1
[0220.666] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.666] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.666] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.666] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.666] IsWindowUnicode (hWnd=0x1402c8) returned 1
[0220.666] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.666] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.666] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.666] BeginPaint (in: hWnd=0x1402c8, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0220.667] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.667] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.667] GetSystemMetrics (nIndex=42) returned 0
[0220.667] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0220.667] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.667] EndPaint (hWnd=0x1402c8, lpPaint=0xd7e274) returned 1
[0220.667] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.667] IsWindowUnicode (hWnd=0xf02d0) returned 1
[0220.667] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.667] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.667] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.667] BeginPaint (in: hWnd=0xf02d0, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0220.668] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.668] CreateCompatibleDC (hdc=0x10105d6) returned 0x5d0107d0
[0220.668] SelectObject (hdc=0x5d0107d0, h=0x4a0507fe) returned 0x85000f
[0220.668] GdipCreateFromHDC (hdc=0x5d0107d0, graphics=0xd7e2b0) returned 0x0
[0220.668] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.668] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0220.668] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0220.668] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0220.668] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e310) returned 0x0
[0220.668] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0220.668] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0220.668] LocalFree (hMem=0x11eed00) returned 0x0
[0220.668] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0220.668] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0220.668] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.669] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e304) returned 0x0
[0220.669] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0220.669] GetWindowTextLengthW (hWnd=0xf02d0) returned 0
[0220.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0220.695] GetSystemMetrics (nIndex=42) returned 0
[0220.695] GetWindowTextW (in: hWnd=0xf02d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0220.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0220.695] GetClientRect (in: hWnd=0xf02d0, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0220.695] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0220.695] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.696] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0220.696] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0220.696] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e164) returned 0x0
[0220.696] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.696] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0220.696] LocalFree (hMem=0x11eec58) returned 0x0
[0220.696] GdipCombineRegionRegion (region=0x66464d8, region2=0x6646718, combineMode=0x1) returned 0x0
[0220.696] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.696] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0220.696] LocalFree (hMem=0x11eec58) returned 0x0
[0220.696] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0220.696] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0220.696] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0220.696] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0220.696] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.696] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0220.697] GetCurrentObject (hdc=0x5d0107d0, type=0x1) returned 0xb00017
[0220.697] GetCurrentObject (hdc=0x5d0107d0, type=0x2) returned 0x900010
[0220.697] GetCurrentObject (hdc=0x5d0107d0, type=0x7) returned 0x4a0507fe
[0220.697] GetCurrentObject (hdc=0x5d0107d0, type=0x6) returned 0x8a01c2
[0220.697] SaveDC (hdc=0x5d0107d0) returned 1
[0220.697] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x21040807
[0220.697] GetClipRgn (hdc=0x5d0107d0, hrgn=0x21040807) returned 0
[0220.697] SelectClipRgn (hdc=0x5d0107d0, hrgn=0xac0407de) returned 2
[0220.697] DeleteObject (ho=0x21040807) returned 1
[0220.697] DeleteObject (ho=0xac0407de) returned 1
[0220.697] OffsetViewportOrgEx (in: hdc=0x5d0107d0, x=0, y=0, lppt=0x2df0964 | out: lppt=0x2df0964) returned 1
[0220.697] GetNearestColor (hdc=0x5d0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0220.697] CreateSolidBrush (color=0xf0f0f0) returned 0x341007e1
[0220.697] FillRect (hDC=0x5d0107d0, lprc=0xd7e198, hbr=0x341007e1) returned 1
[0220.697] DeleteObject (ho=0x341007e1) returned 1
[0220.698] RestoreDC (hdc=0x5d0107d0, nSavedDC=-1) returned 1
[0220.698] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0220.698] GdipRestoreGraphics (graphics=0x6600030, state=0xf9c20dbd) returned 0x0
[0220.698] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.698] GetWindowTextLengthW (hWnd=0xf02d0) returned 0
[0220.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0220.698] GetSystemMetrics (nIndex=42) returned 0
[0220.698] GetWindowTextW (in: hWnd=0xf02d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0220.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0220.698] GdipGetImageWidth (image=0x66504b0, width=0xd7e1e0) returned 0x0
[0220.698] GdipGetImageHeight (image=0x66504b0, height=0xd7e1e0) returned 0x0
[0220.698] GdipGetImageWidth (image=0x66504b0, width=0xd7e1cc) returned 0x0
[0220.698] GdipGetImageHeight (image=0x66504b0, height=0xd7e1cc) returned 0x0
[0220.698] GdipDrawImageRectI (graphics=0x6600030, image=0x66504b0, x=16, y=16, width=32, height=32) returned 0x0
[0220.698] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0220.698] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x5d0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.699] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107d0) returned 0x0
[0220.699] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.699] SelectObject (hdc=0x5d0107d0, h=0x85000f) returned 0x4a0507fe
[0220.699] DeleteDC (hdc=0x5d0107d0) returned 1
[0220.699] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.699] EndPaint (hWnd=0xf02d0, lpPaint=0xd7e294) returned 1
[0220.699] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.699] IsWindowUnicode (hWnd=0x1a02de) returned 1
[0220.699] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.700] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.700] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.700] BeginPaint (in: hWnd=0x1a02de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0220.700] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.700] CreateCompatibleDC (hdc=0x60100ce) returned 0x5f0107d0
[0220.700] GetObjectType (h=0x60100ce) returned 0x3
[0220.700] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0xffffffffa90507a2
[0220.701] GetDIBits (in: hdc=0x60100ce, hbm=0xa90507a2, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0220.701] GetDIBits (in: hdc=0x60100ce, hbm=0xa90507a2, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0220.701] DeleteObject (ho=0xa90507a2) returned 1
[0220.701] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x1405065e
[0220.701] SelectObject (hdc=0x5f0107d0, h=0x1405065e) returned 0x85000f
[0220.701] GdipCreateFromHDC (hdc=0x5f0107d0, graphics=0xd7e234) returned 0x0
[0220.701] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.701] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0220.701] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0220.702] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0220.702] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2d4) returned 0x0
[0220.702] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0220.702] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea28) returned 0x0
[0220.702] LocalFree (hMem=0x11eea28) returned 0x0
[0220.702] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0220.702] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0220.702] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.702] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0220.702] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0220.702] GetWindowTextLengthW (hWnd=0x1a02de) returned 232
[0220.702] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0220.702] GetSystemMetrics (nIndex=42) returned 0
[0220.702] GetWindowTextW (in: hWnd=0x1a02de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0220.702] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0220.702] GetClientRect (in: hWnd=0x1a02de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0220.702] GdipCreateRegion (region=0xd7e110) returned 0x0
[0220.703] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0220.703] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0220.703] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0220.703] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e128) returned 0x0
[0220.703] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.703] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0220.703] LocalFree (hMem=0x11ee788) returned 0x0
[0220.703] GdipCombineRegionRegion (region=0x6646688, region2=0x66464d8, combineMode=0x1) returned 0x0
[0220.703] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0220.703] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eed00) returned 0x0
[0220.703] LocalFree (hMem=0x11eed00) returned 0x0
[0220.703] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0220.703] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e150) returned 0x0
[0220.703] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e140) returned 0x0
[0220.703] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0220.703] GdipDeleteRegion (region=0x6646688) returned 0x0
[0220.703] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0220.703] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0220.704] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0220.704] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x1405065e
[0220.704] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0220.704] SaveDC (hdc=0x5f0107d0) returned 1
[0220.704] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xad0407de
[0220.704] GetClipRgn (hdc=0x5f0107d0, hrgn=0xad0407de) returned 0
[0220.704] SelectClipRgn (hdc=0x5f0107d0, hrgn=0x22040807) returned 2
[0220.704] DeleteObject (ho=0xad0407de) returned 1
[0220.704] DeleteObject (ho=0x22040807) returned 1
[0220.704] OffsetViewportOrgEx (in: hdc=0x5f0107d0, x=0, y=0, lppt=0x2df232c | out: lppt=0x2df232c) returned 1
[0220.704] GetNearestColor (hdc=0x5f0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0220.704] CreateSolidBrush (color=0xf0f0f0) returned 0x351007e1
[0220.704] FillRect (hDC=0x5f0107d0, lprc=0xd7e15c, hbr=0x351007e1) returned 1
[0220.705] DeleteObject (ho=0x351007e1) returned 1
[0220.705] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0220.705] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0220.705] GdipRestoreGraphics (graphics=0x6600030, state=0xf9c00dbd) returned 0x0
[0220.705] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.705] GetWindowTextLengthW (hWnd=0x1a02de) returned 232
[0220.706] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0220.706] GetSystemMetrics (nIndex=42) returned 0
[0220.706] GetWindowTextW (in: hWnd=0x1a02de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0220.706] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0220.706] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0220.706] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0220.706] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0220.706] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x1405065e
[0220.706] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0220.706] SaveDC (hdc=0x5f0107d0) returned 1
[0220.706] GetNearestColor (hdc=0x5f0107d0, color=0x0) returned 0x0
[0220.706] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0220.706] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0220.707] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0220.707] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0220.707] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2df2b28 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0220.708] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0220.708] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0220.708] GetCurrentObject (hdc=0x5f0107d0, type=0x1) returned 0xb00017
[0220.708] GetCurrentObject (hdc=0x5f0107d0, type=0x2) returned 0x900010
[0220.708] GetCurrentObject (hdc=0x5f0107d0, type=0x7) returned 0x1405065e
[0220.708] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0220.708] SaveDC (hdc=0x5f0107d0) returned 1
[0220.708] GetTextAlign (hdc=0x5f0107d0) returned 0x0
[0220.708] GetTextColor (hdc=0x5f0107d0) returned 0x0
[0220.708] GetCurrentObject (hdc=0x5f0107d0, type=0x6) returned 0x8a01c2
[0220.708] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0220.708] SelectObject (hdc=0x5f0107d0, h=0x6d0a0520) returned 0x8a01c2
[0220.709] GetBkMode (hdc=0x5f0107d0) returned 2
[0220.709] SetBkMode (hdc=0x5f0107d0, mode=1) returned 2
[0220.709] DrawTextExW (in: hdc=0x5f0107d0, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2df2d4c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0220.712] RestoreDC (hdc=0x5f0107d0, nSavedDC=-1) returned 1
[0220.712] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0220.712] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0220.712] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0x5f0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.712] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107d0) returned 0x0
[0220.712] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.712] SelectObject (hdc=0x5f0107d0, h=0x85000f) returned 0x1405065e
[0220.713] DeleteDC (hdc=0x5f0107d0) returned 1
[0220.713] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.713] DeleteObject (ho=0x1405065e) returned 1
[0220.713] EndPaint (hWnd=0x1a02de, lpPaint=0xd7e258) returned 1
[0220.714] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.714] IsWindowUnicode (hWnd=0x1c02d8) returned 1
[0220.714] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.714] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.714] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.714] BeginPaint (in: hWnd=0x1c02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0220.715] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.715] CreateCompatibleDC (hdc=0xc0107c5) returned 0xac0107a2
[0220.715] SelectObject (hdc=0xac0107a2, h=0x4a0507fe) returned 0x85000f
[0220.715] GdipCreateFromHDC (hdc=0xac0107a2, graphics=0xd7e268) returned 0x0
[0220.715] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.715] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0220.715] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0220.715] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0220.715] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0220.715] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.715] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0220.715] LocalFree (hMem=0x11ee788) returned 0x0
[0220.715] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0220.715] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0220.724] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.724] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0220.724] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0220.724] GdipRestoreGraphics (graphics=0x6600030, state=0xf9be0dbd) returned 0x0
[0220.724] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.724] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0220.724] GetCurrentObject (hdc=0xac0107a2, type=0x1) returned 0xb00017
[0220.724] GetCurrentObject (hdc=0xac0107a2, type=0x2) returned 0x900010
[0220.724] GetCurrentObject (hdc=0xac0107a2, type=0x7) returned 0x4a0507fe
[0220.724] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.724] SaveDC (hdc=0xac0107a2) returned 1
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0x696969) returned 0x696969
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0x0) returned 0x0
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0xffffff) returned 0xffffff
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0xe5e5e5) returned 0xe5e5e5
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0xd7d7d7) returned 0xd7d7d7
[0220.725] GetNearestColor (hdc=0xac0107a2, color=0x0) returned 0x0
[0220.725] RestoreDC (hdc=0xac0107a2, nSavedDC=-1) returned 1
[0220.725] GdipReleaseDC (graphics=0x6600030, hdc=0xac0107a2) returned 0x0
[0220.725] IsAppThemed () returned 0x1
[0220.725] GetThemeAppProperties () returned 0x3
[0220.725] GetThemeAppProperties () returned 0x3
[0220.725] GdipGetImageWidth (image=0x6651ef0, width=0xd7e168) returned 0x0
[0220.725] GdipGetImageHeight (image=0x6651ef0, height=0xd7e168) returned 0x0
[0220.726] IsAppThemed () returned 0x1
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2df349c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0220.726] IsAppThemed () returned 0x1
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] IsAppThemed () returned 0x1
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] GetFocus () returned 0x1c02d8
[0220.726] IsAppThemed () returned 0x1
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] IsAppThemed () returned 0x1
[0220.726] GetThemeAppProperties () returned 0x3
[0220.726] GetThemeAppProperties () returned 0x3
[0220.727] IsThemePartDefined () returned 0x1
[0220.727] IsAppThemed () returned 0x1
[0220.727] GetThemeAppProperties () returned 0x3
[0220.727] GetThemeAppProperties () returned 0x3
[0220.727] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0220.727] IsAppThemed () returned 0x1
[0220.727] GetThemeAppProperties () returned 0x3
[0220.727] GetThemeAppProperties () returned 0x3
[0220.727] IsAppThemed () returned 0x1
[0220.727] GetThemeAppProperties () returned 0x3
[0220.727] GetThemeAppProperties () returned 0x3
[0220.727] IsThemePartDefined () returned 0x1
[0220.727] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0220.727] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.727] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0220.727] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0220.727] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dff0) returned 0x0
[0220.727] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.727] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0220.727] LocalFree (hMem=0x11eec58) returned 0x0
[0220.727] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.727] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0220.728] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.728] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0220.728] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0220.728] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0220.728] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0220.728] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.728] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0220.728] GetCurrentObject (hdc=0xac0107a2, type=0x1) returned 0xb00017
[0220.728] GetCurrentObject (hdc=0xac0107a2, type=0x2) returned 0x900010
[0220.728] GetCurrentObject (hdc=0xac0107a2, type=0x7) returned 0x4a0507fe
[0220.728] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.728] SaveDC (hdc=0xac0107a2) returned 1
[0220.728] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x23040807
[0220.728] GetClipRgn (hdc=0xac0107a2, hrgn=0x23040807) returned 0
[0220.728] SelectClipRgn (hdc=0xac0107a2, hrgn=0xb10407de) returned 2
[0220.728] DeleteObject (ho=0x23040807) returned 1
[0220.728] DeleteObject (ho=0xb10407de) returned 1
[0220.728] OffsetViewportOrgEx (in: hdc=0xac0107a2, x=0, y=0, lppt=0x2df3b4c | out: lppt=0x2df3b4c) returned 1
[0220.728] DrawThemeParentBackground () returned 0x0
[0220.729] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0220.729] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0220.729] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.729] GetSystemMetrics (nIndex=42) returned 0
[0220.729] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.729] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0220.729] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0220.729] GetCurrentObject (hdc=0xac0107a2, type=0x1) returned 0xb00017
[0220.729] GetCurrentObject (hdc=0xac0107a2, type=0x2) returned 0x900010
[0220.729] GetCurrentObject (hdc=0xac0107a2, type=0x7) returned 0x4a0507fe
[0220.729] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.729] SaveDC (hdc=0xac0107a2) returned 2
[0220.729] GetNearestColor (hdc=0xac0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.729] CreateSolidBrush (color=0xf0f0f0) returned 0x361007e1
[0220.729] FillRect (hDC=0xac0107a2, lprc=0xd7da38, hbr=0x361007e1) returned 1
[0220.729] DeleteObject (ho=0x361007e1) returned 1
[0220.729] RestoreDC (hdc=0xac0107a2, nSavedDC=-1) returned 1
[0220.730] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.730] GetSystemMetrics (nIndex=42) returned 0
[0220.730] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0220.730] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0220.730] GetCurrentObject (hdc=0xac0107a2, type=0x1) returned 0xb00017
[0220.730] GetCurrentObject (hdc=0xac0107a2, type=0x2) returned 0x900010
[0220.730] GetCurrentObject (hdc=0xac0107a2, type=0x7) returned 0x4a0507fe
[0220.730] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.730] SaveDC (hdc=0xac0107a2) returned 2
[0220.730] GetNearestColor (hdc=0xac0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.730] CreateSolidBrush (color=0xf0f0f0) returned 0x371007e1
[0220.730] FillRect (hDC=0xac0107a2, lprc=0xd7d9d8, hbr=0x371007e1) returned 1
[0220.730] DeleteObject (ho=0x371007e1) returned 1
[0220.730] RestoreDC (hdc=0xac0107a2, nSavedDC=-1) returned 1
[0220.730] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.730] GetSystemMetrics (nIndex=42) returned 0
[0220.730] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0220.731] RestoreDC (hdc=0xac0107a2, nSavedDC=-1) returned 1
[0220.731] GdipReleaseDC (graphics=0x6600030, hdc=0xac0107a2) returned 0x0
[0220.731] IsAppThemed () returned 0x1
[0220.731] GetThemeAppProperties () returned 0x3
[0220.731] GetThemeAppProperties () returned 0x3
[0220.731] IsAppThemed () returned 0x1
[0220.731] GetThemeAppProperties () returned 0x3
[0220.731] GetThemeAppProperties () returned 0x3
[0220.731] IsThemePartDefined () returned 0x1
[0220.731] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0220.731] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.731] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0220.731] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0220.736] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df74) returned 0x0
[0220.736] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0220.736] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.736] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0220.736] LocalFree (hMem=0x11eec58) returned 0x0
[0220.736] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0220.736] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0220.736] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0220.736] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0220.736] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.736] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0220.736] GetCurrentObject (hdc=0xac0107a2, type=0x1) returned 0xb00017
[0220.736] GetCurrentObject (hdc=0xac0107a2, type=0x2) returned 0x900010
[0220.736] GetCurrentObject (hdc=0xac0107a2, type=0x7) returned 0x4a0507fe
[0220.736] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.736] SaveDC (hdc=0xac0107a2) returned 1
[0220.736] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb20407de
[0220.736] GetClipRgn (hdc=0xac0107a2, hrgn=0xb20407de) returned 0
[0220.736] SelectClipRgn (hdc=0xac0107a2, hrgn=0x25040807) returned 2
[0220.737] DeleteObject (ho=0xb20407de) returned 1
[0220.737] DeleteObject (ho=0x25040807) returned 1
[0220.737] OffsetViewportOrgEx (in: hdc=0xac0107a2, x=0, y=0, lppt=0x2df43f8 | out: lppt=0x2df43f8) returned 1
[0220.737] IsAppThemed () returned 0x1
[0220.737] GetThemeAppProperties () returned 0x3
[0220.737] GetThemeAppProperties () returned 0x3
[0220.737] DrawThemeBackground () returned 0x0
[0220.737] RestoreDC (hdc=0xac0107a2, nSavedDC=-1) returned 1
[0220.737] GdipReleaseDC (graphics=0x6600030, hdc=0xac0107a2) returned 0x0
[0220.737] GdipCreateRegion (region=0xd7df60) returned 0x0
[0220.737] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.737] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0220.737] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0220.737] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0220.737] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.737] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0220.737] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.737] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0220.737] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea28) returned 0x0
[0220.737] LocalFree (hMem=0x11eea28) returned 0x0
[0220.738] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0220.738] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0220.738] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0220.738] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0220.738] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0220.738] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0220.738] GetCurrentObject (hdc=0xac0107a2, type=0x1) returned 0xb00017
[0220.738] GetCurrentObject (hdc=0xac0107a2, type=0x2) returned 0x900010
[0220.738] GetCurrentObject (hdc=0xac0107a2, type=0x7) returned 0x4a0507fe
[0220.738] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.738] SaveDC (hdc=0xac0107a2) returned 1
[0220.738] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x26040807
[0220.738] GetClipRgn (hdc=0xac0107a2, hrgn=0x26040807) returned 0
[0220.738] SelectClipRgn (hdc=0xac0107a2, hrgn=0xb30407de) returned 2
[0220.738] DeleteObject (ho=0x26040807) returned 1
[0220.738] DeleteObject (ho=0xb30407de) returned 1
[0220.738] OffsetViewportOrgEx (in: hdc=0xac0107a2, x=0, y=0, lppt=0x2df46cc | out: lppt=0x2df46cc) returned 1
[0220.738] IsAppThemed () returned 0x1
[0220.738] GetThemeAppProperties () returned 0x3
[0220.738] GetThemeAppProperties () returned 0x3
[0220.738] GetThemeBackgroundContentRect () returned 0x0
[0220.739] RestoreDC (hdc=0xac0107a2, nSavedDC=-1) returned 1
[0220.739] GdipReleaseDC (graphics=0x6600030, hdc=0xac0107a2) returned 0x0
[0220.739] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0220.739] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0220.739] GdipCloneRegion (region=0x66464d8, cloneRegion=0xd7e150) returned 0x0
[0220.739] GdipCombineRegionRectI (region=0x6646688, rect=0xd7e138, combineMode=0x1) returned 0x0
[0220.739] GdipCombineRegionRectI (region=0x6646688, rect=0xd7e138, combineMode=0x1) returned 0x0
[0220.739] GdipSetClipRegion (graphics=0x6600030, region=0x6646688, combineMode=0x0) returned 0x0
[0220.739] GdipGetImageWidth (image=0x6651ef0, width=0xd7e154) returned 0x0
[0220.739] GdipGetImageHeight (image=0x6651ef0, height=0xd7e148) returned 0x0
[0220.739] GdipDrawImageRectI (graphics=0x6600030, image=0x6651ef0, x=4, y=4, width=16, height=16) returned 0x0
[0220.739] GdipSetClipRegion (graphics=0x6600030, region=0x66464d8, combineMode=0x0) returned 0x0
[0220.739] IsAppThemed () returned 0x1
[0220.739] GetThemeAppProperties () returned 0x3
[0220.739] GetThemeAppProperties () returned 0x3
[0220.739] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0220.739] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0220.739] GetCurrentObject (hdc=0xac0107a2, type=0x1) returned 0xb00017
[0220.740] GetCurrentObject (hdc=0xac0107a2, type=0x2) returned 0x900010
[0220.740] GetCurrentObject (hdc=0xac0107a2, type=0x7) returned 0x4a0507fe
[0220.740] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.740] SaveDC (hdc=0xac0107a2) returned 1
[0220.740] GetTextAlign (hdc=0xac0107a2) returned 0x0
[0220.740] GetTextColor (hdc=0xac0107a2) returned 0x0
[0220.740] GetCurrentObject (hdc=0xac0107a2, type=0x6) returned 0x8a01c2
[0220.740] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0220.740] SelectObject (hdc=0xac0107a2, h=0x6d0a0520) returned 0x8a01c2
[0220.740] GetBkMode (hdc=0xac0107a2) returned 2
[0220.740] SetBkMode (hdc=0xac0107a2, mode=1) returned 2
[0220.740] DrawTextExW (in: hdc=0xac0107a2, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2df4a8c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0220.741] DrawTextExW (in: hdc=0xac0107a2, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2df4a8c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0220.741] RestoreDC (hdc=0xac0107a2, nSavedDC=-1) returned 1
[0220.741] GdipReleaseDC (graphics=0x6600030, hdc=0xac0107a2) returned 0x0
[0220.741] GetFocus () returned 0x1c02d8
[0220.741] IsAppThemed () returned 0x1
[0220.741] GetThemeAppProperties () returned 0x3
[0220.741] GetThemeAppProperties () returned 0x3
[0220.741] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0220.741] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xac0107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.741] GdipReleaseDC (graphics=0x6600030, hdc=0xac0107a2) returned 0x0
[0220.741] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.741] SelectObject (hdc=0xac0107a2, h=0x85000f) returned 0x4a0507fe
[0220.742] DeleteDC (hdc=0xac0107a2) returned 1
[0220.742] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.742] EndPaint (hWnd=0x1c02d8, lpPaint=0xd7e24c) returned 1
[0220.742] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.742] IsWindowUnicode (hWnd=0x1a02dc) returned 1
[0220.742] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.742] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.742] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.742] BeginPaint (in: hWnd=0x1a02dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0220.742] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.742] CreateCompatibleDC (hdc=0xf0105ee) returned 0xae0107a2
[0220.742] SelectObject (hdc=0xae0107a2, h=0x4a0507fe) returned 0x85000f
[0220.742] GdipCreateFromHDC (hdc=0xae0107a2, graphics=0xd7e268) returned 0x0
[0220.743] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.743] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0220.743] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0220.743] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0220.743] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0220.743] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0220.743] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0220.743] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.743] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0220.743] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0220.743] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.743] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0220.743] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0220.743] GdipRestoreGraphics (graphics=0x6600030, state=0xf9bc0dbd) returned 0x0
[0220.743] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.743] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0220.743] GetCurrentObject (hdc=0xae0107a2, type=0x1) returned 0xb00017
[0220.743] GetCurrentObject (hdc=0xae0107a2, type=0x2) returned 0x900010
[0220.743] GetCurrentObject (hdc=0xae0107a2, type=0x7) returned 0x4a0507fe
[0220.743] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.744] SaveDC (hdc=0xae0107a2) returned 1
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0x696969) returned 0x696969
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0x0) returned 0x0
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0xffffff) returned 0xffffff
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0xe5e5e5) returned 0xe5e5e5
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0xd7d7d7) returned 0xd7d7d7
[0220.744] GetNearestColor (hdc=0xae0107a2, color=0x0) returned 0x0
[0220.744] RestoreDC (hdc=0xae0107a2, nSavedDC=-1) returned 1
[0220.744] GdipReleaseDC (graphics=0x6600030, hdc=0xae0107a2) returned 0x0
[0220.744] IsAppThemed () returned 0x1
[0220.744] GetThemeAppProperties () returned 0x3
[0220.744] GetThemeAppProperties () returned 0x3
[0220.744] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0220.744] SendMessageW (hWnd=0x1402c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0220.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0220.745] IsAppThemed () returned 0x1
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2df529c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0220.745] IsAppThemed () returned 0x1
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] IsAppThemed () returned 0x1
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] IsAppThemed () returned 0x1
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] IsAppThemed () returned 0x1
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] GetThemeAppProperties () returned 0x3
[0220.745] IsThemePartDefined () returned 0x1
[0220.745] IsAppThemed () returned 0x1
[0220.746] GetThemeAppProperties () returned 0x3
[0220.746] GetThemeAppProperties () returned 0x3
[0220.746] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0220.746] IsAppThemed () returned 0x1
[0220.746] GetThemeAppProperties () returned 0x3
[0220.746] GetThemeAppProperties () returned 0x3
[0220.746] IsAppThemed () returned 0x1
[0220.746] GetThemeAppProperties () returned 0x3
[0220.746] GetThemeAppProperties () returned 0x3
[0220.746] IsThemePartDefined () returned 0x1
[0220.746] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0220.746] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.746] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0220.746] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0220.746] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dfe4) returned 0x0
[0220.746] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.746] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0220.746] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.746] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.746] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0220.746] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.746] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0220.747] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0220.747] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0220.747] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0220.747] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.747] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0220.747] GetCurrentObject (hdc=0xae0107a2, type=0x1) returned 0xb00017
[0220.748] GetCurrentObject (hdc=0xae0107a2, type=0x2) returned 0x900010
[0220.749] GetCurrentObject (hdc=0xae0107a2, type=0x7) returned 0x4a0507fe
[0220.749] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.749] SaveDC (hdc=0xae0107a2) returned 1
[0220.749] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb40407de
[0220.749] GetClipRgn (hdc=0xae0107a2, hrgn=0xb40407de) returned 0
[0220.749] SelectClipRgn (hdc=0xae0107a2, hrgn=0x2a040807) returned 2
[0220.749] DeleteObject (ho=0xb40407de) returned 1
[0220.749] DeleteObject (ho=0x2a040807) returned 1
[0220.749] OffsetViewportOrgEx (in: hdc=0xae0107a2, x=0, y=0, lppt=0x2df594c | out: lppt=0x2df594c) returned 1
[0220.749] DrawThemeParentBackground () returned 0x0
[0220.749] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0220.749] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0220.749] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.749] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.749] GetSystemMetrics (nIndex=42) returned 0
[0220.749] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.749] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0220.749] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0220.750] GetCurrentObject (hdc=0xae0107a2, type=0x1) returned 0xb00017
[0220.750] GetCurrentObject (hdc=0xae0107a2, type=0x2) returned 0x900010
[0220.750] GetCurrentObject (hdc=0xae0107a2, type=0x7) returned 0x4a0507fe
[0220.750] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.750] SaveDC (hdc=0xae0107a2) returned 2
[0220.750] GetNearestColor (hdc=0xae0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.750] CreateSolidBrush (color=0xf0f0f0) returned 0x381007e1
[0220.750] FillRect (hDC=0xae0107a2, lprc=0xd7da30, hbr=0x381007e1) returned 1
[0220.750] DeleteObject (ho=0x381007e1) returned 1
[0220.750] RestoreDC (hdc=0xae0107a2, nSavedDC=-1) returned 1
[0220.750] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.750] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.750] GetSystemMetrics (nIndex=42) returned 0
[0220.750] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.750] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0220.750] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0220.750] GetCurrentObject (hdc=0xae0107a2, type=0x1) returned 0xb00017
[0220.750] GetCurrentObject (hdc=0xae0107a2, type=0x2) returned 0x900010
[0220.750] GetCurrentObject (hdc=0xae0107a2, type=0x7) returned 0x4a0507fe
[0220.751] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.751] SaveDC (hdc=0xae0107a2) returned 2
[0220.751] GetNearestColor (hdc=0xae0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.751] CreateSolidBrush (color=0xf0f0f0) returned 0x391007e1
[0220.751] FillRect (hDC=0xae0107a2, lprc=0xd7d9d0, hbr=0x391007e1) returned 1
[0220.751] DeleteObject (ho=0x391007e1) returned 1
[0220.751] RestoreDC (hdc=0xae0107a2, nSavedDC=-1) returned 1
[0220.751] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.751] GetSystemMetrics (nIndex=42) returned 0
[0220.751] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0220.751] RestoreDC (hdc=0xae0107a2, nSavedDC=-1) returned 1
[0220.751] GdipReleaseDC (graphics=0x6600030, hdc=0xae0107a2) returned 0x0
[0220.751] IsAppThemed () returned 0x1
[0220.751] GetThemeAppProperties () returned 0x3
[0220.751] GetThemeAppProperties () returned 0x3
[0220.751] IsAppThemed () returned 0x1
[0220.752] GetThemeAppProperties () returned 0x3
[0220.752] GetThemeAppProperties () returned 0x3
[0220.752] IsThemePartDefined () returned 0x1
[0220.752] GdipCreateRegion (region=0xd7df50) returned 0x0
[0220.752] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.752] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0220.752] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0220.752] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0220.752] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.752] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0220.752] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.752] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0220.752] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee910) returned 0x0
[0220.752] LocalFree (hMem=0x11ee910) returned 0x0
[0220.752] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0220.752] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df90) returned 0x0
[0220.752] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df80) returned 0x0
[0220.752] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0220.752] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.752] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0220.752] GetCurrentObject (hdc=0xae0107a2, type=0x1) returned 0xb00017
[0220.752] GetCurrentObject (hdc=0xae0107a2, type=0x2) returned 0x900010
[0220.752] GetCurrentObject (hdc=0xae0107a2, type=0x7) returned 0x4a0507fe
[0220.753] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.753] SaveDC (hdc=0xae0107a2) returned 1
[0220.753] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b040807
[0220.753] GetClipRgn (hdc=0xae0107a2, hrgn=0x2b040807) returned 0
[0220.753] SelectClipRgn (hdc=0xae0107a2, hrgn=0xb60407de) returned 2
[0220.753] DeleteObject (ho=0x2b040807) returned 1
[0220.753] DeleteObject (ho=0xb60407de) returned 1
[0220.753] OffsetViewportOrgEx (in: hdc=0xae0107a2, x=0, y=0, lppt=0x2df61f8 | out: lppt=0x2df61f8) returned 1
[0220.753] IsAppThemed () returned 0x1
[0220.753] GetThemeAppProperties () returned 0x3
[0220.753] GetThemeAppProperties () returned 0x3
[0220.753] DrawThemeBackground () returned 0x0
[0220.753] RestoreDC (hdc=0xae0107a2, nSavedDC=-1) returned 1
[0220.753] GdipReleaseDC (graphics=0x6600030, hdc=0xae0107a2) returned 0x0
[0220.753] GdipCreateRegion (region=0xd7df54) returned 0x0
[0220.753] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.753] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0220.753] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0220.753] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df6c) returned 0x0
[0220.753] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.753] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0220.754] LocalFree (hMem=0x11ee788) returned 0x0
[0220.754] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0220.754] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea98) returned 0x0
[0220.754] LocalFree (hMem=0x11eea98) returned 0x0
[0220.754] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0220.754] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df94) returned 0x0
[0220.754] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df84) returned 0x0
[0220.754] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0220.754] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.754] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0220.754] GetCurrentObject (hdc=0xae0107a2, type=0x1) returned 0xb00017
[0220.754] GetCurrentObject (hdc=0xae0107a2, type=0x2) returned 0x900010
[0220.754] GetCurrentObject (hdc=0xae0107a2, type=0x7) returned 0x4a0507fe
[0220.754] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.754] SaveDC (hdc=0xae0107a2) returned 1
[0220.754] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb70407de
[0220.754] GetClipRgn (hdc=0xae0107a2, hrgn=0xb70407de) returned 0
[0220.754] SelectClipRgn (hdc=0xae0107a2, hrgn=0x2c040807) returned 2
[0220.754] DeleteObject (ho=0xb70407de) returned 1
[0220.754] DeleteObject (ho=0x2c040807) returned 1
[0220.755] OffsetViewportOrgEx (in: hdc=0xae0107a2, x=0, y=0, lppt=0x2df64cc | out: lppt=0x2df64cc) returned 1
[0220.755] IsAppThemed () returned 0x1
[0220.755] GetThemeAppProperties () returned 0x3
[0220.755] GetThemeAppProperties () returned 0x3
[0220.755] GetThemeBackgroundContentRect () returned 0x0
[0220.755] RestoreDC (hdc=0xae0107a2, nSavedDC=-1) returned 1
[0220.755] GdipReleaseDC (graphics=0x6600030, hdc=0xae0107a2) returned 0x0
[0220.755] IsAppThemed () returned 0x1
[0220.755] GetThemeAppProperties () returned 0x3
[0220.755] GetThemeAppProperties () returned 0x3
[0220.755] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0220.755] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0220.755] GetCurrentObject (hdc=0xae0107a2, type=0x1) returned 0xb00017
[0220.755] GetCurrentObject (hdc=0xae0107a2, type=0x2) returned 0x900010
[0220.755] GetCurrentObject (hdc=0xae0107a2, type=0x7) returned 0x4a0507fe
[0220.755] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.755] SaveDC (hdc=0xae0107a2) returned 1
[0220.755] GetTextAlign (hdc=0xae0107a2) returned 0x0
[0220.755] GetTextColor (hdc=0xae0107a2) returned 0x0
[0220.756] GetCurrentObject (hdc=0xae0107a2, type=0x6) returned 0x8a01c2
[0220.756] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0220.756] SelectObject (hdc=0xae0107a2, h=0x6d0a0520) returned 0x8a01c2
[0220.756] GetBkMode (hdc=0xae0107a2) returned 2
[0220.756] SetBkMode (hdc=0xae0107a2, mode=1) returned 2
[0220.756] DrawTextExW (in: hdc=0xae0107a2, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2df686c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0220.756] DrawTextExW (in: hdc=0xae0107a2, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2df686c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0220.757] RestoreDC (hdc=0xae0107a2, nSavedDC=-1) returned 1
[0220.757] GdipReleaseDC (graphics=0x6600030, hdc=0xae0107a2) returned 0x0
[0220.757] GetFocus () returned 0x1c02d8
[0220.757] IsAppThemed () returned 0x1
[0220.757] GetThemeAppProperties () returned 0x3
[0220.757] GetThemeAppProperties () returned 0x3
[0220.757] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0220.757] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xae0107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.757] GdipReleaseDC (graphics=0x6600030, hdc=0xae0107a2) returned 0x0
[0220.757] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.757] SelectObject (hdc=0xae0107a2, h=0x85000f) returned 0x4a0507fe
[0220.757] DeleteDC (hdc=0xae0107a2) returned 1
[0220.757] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.757] EndPaint (hWnd=0x1a02dc, lpPaint=0xd7e24c) returned 1
[0220.758] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.758] IsWindowUnicode (hWnd=0x1a02da) returned 1
[0220.758] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.758] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.758] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.758] BeginPaint (in: hWnd=0x1a02da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0220.758] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.758] CreateCompatibleDC (hdc=0x10105d6) returned 0xb00107a2
[0220.758] SelectObject (hdc=0xb00107a2, h=0x4a0507fe) returned 0x85000f
[0220.758] GdipCreateFromHDC (hdc=0xb00107a2, graphics=0xd7e268) returned 0x0
[0220.759] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.759] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0220.759] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0220.759] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0220.759] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0220.759] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0220.759] LocalFree (hMem=0x11eec58) returned 0x0
[0220.759] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0220.759] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0220.759] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.759] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0220.759] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0220.759] GdipRestoreGraphics (graphics=0x6600030, state=0xf9ba0dbd) returned 0x0
[0220.759] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.759] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0220.760] GetCurrentObject (hdc=0xb00107a2, type=0x1) returned 0xb00017
[0220.760] GetCurrentObject (hdc=0xb00107a2, type=0x2) returned 0x900010
[0220.760] GetCurrentObject (hdc=0xb00107a2, type=0x7) returned 0x4a0507fe
[0220.760] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.760] SaveDC (hdc=0xb00107a2) returned 1
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0xa0a0a0) returned 0xa0a0a0
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0x696969) returned 0x696969
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0xa0a0a0) returned 0xa0a0a0
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0x0) returned 0x0
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0xffffff) returned 0xffffff
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0xe5e5e5) returned 0xe5e5e5
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0xd7d7d7) returned 0xd7d7d7
[0220.760] GetNearestColor (hdc=0xb00107a2, color=0x0) returned 0x0
[0220.760] RestoreDC (hdc=0xb00107a2, nSavedDC=-1) returned 1
[0220.760] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107a2) returned 0x0
[0220.761] IsAppThemed () returned 0x1
[0220.761] GetThemeAppProperties () returned 0x3
[0220.761] GetThemeAppProperties () returned 0x3
[0220.761] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0220.761] SendMessageW (hWnd=0x1402c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0220.761] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0220.761] IsAppThemed () returned 0x1
[0220.761] GetThemeAppProperties () returned 0x3
[0220.761] GetThemeAppProperties () returned 0x3
[0220.761] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2df707c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0220.761] IsAppThemed () returned 0x1
[0220.761] GetThemeAppProperties () returned 0x3
[0220.761] GetThemeAppProperties () returned 0x3
[0220.762] IsAppThemed () returned 0x1
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] GetFocus () returned 0x1c02d8
[0220.762] IsAppThemed () returned 0x1
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] IsAppThemed () returned 0x1
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] IsThemePartDefined () returned 0x1
[0220.762] IsAppThemed () returned 0x1
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0220.762] IsAppThemed () returned 0x1
[0220.762] GetThemeAppProperties () returned 0x3
[0220.762] GetThemeAppProperties () returned 0x3
[0220.768] IsAppThemed () returned 0x1
[0220.768] GetThemeAppProperties () returned 0x3
[0220.768] GetThemeAppProperties () returned 0x3
[0220.769] IsThemePartDefined () returned 0x1
[0220.769] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0220.769] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.769] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0220.769] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0220.769] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0220.769] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0220.769] LocalFree (hMem=0x11eea60) returned 0x0
[0220.769] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0220.769] LocalFree (hMem=0x11ee788) returned 0x0
[0220.769] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0220.769] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e018) returned 0x0
[0220.769] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e008) returned 0x0
[0220.769] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0220.769] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.769] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0220.769] GetCurrentObject (hdc=0xb00107a2, type=0x1) returned 0xb00017
[0220.769] GetCurrentObject (hdc=0xb00107a2, type=0x2) returned 0x900010
[0220.769] GetCurrentObject (hdc=0xb00107a2, type=0x7) returned 0x4a0507fe
[0220.769] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.769] SaveDC (hdc=0xb00107a2) returned 1
[0220.770] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2d040807
[0220.770] GetClipRgn (hdc=0xb00107a2, hrgn=0x2d040807) returned 0
[0220.770] SelectClipRgn (hdc=0xb00107a2, hrgn=0xbb0407de) returned 2
[0220.770] DeleteObject (ho=0x2d040807) returned 1
[0220.770] DeleteObject (ho=0xbb0407de) returned 1
[0220.770] OffsetViewportOrgEx (in: hdc=0xb00107a2, x=0, y=0, lppt=0x2df772c | out: lppt=0x2df772c) returned 1
[0220.770] DrawThemeParentBackground () returned 0x0
[0220.770] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0220.770] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0220.770] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.770] GetSystemMetrics (nIndex=42) returned 0
[0220.770] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0220.770] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0220.770] GetCurrentObject (hdc=0xb00107a2, type=0x1) returned 0xb00017
[0220.770] GetCurrentObject (hdc=0xb00107a2, type=0x2) returned 0x900010
[0220.770] GetCurrentObject (hdc=0xb00107a2, type=0x7) returned 0x4a0507fe
[0220.771] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.771] SaveDC (hdc=0xb00107a2) returned 2
[0220.771] GetNearestColor (hdc=0xb00107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.771] CreateSolidBrush (color=0xf0f0f0) returned 0x3a1007e1
[0220.771] FillRect (hDC=0xb00107a2, lprc=0xd7da38, hbr=0x3a1007e1) returned 1
[0220.771] DeleteObject (ho=0x3a1007e1) returned 1
[0220.771] RestoreDC (hdc=0xb00107a2, nSavedDC=-1) returned 1
[0220.771] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.771] GetSystemMetrics (nIndex=42) returned 0
[0220.771] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0220.771] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0220.771] GetCurrentObject (hdc=0xb00107a2, type=0x1) returned 0xb00017
[0220.771] GetCurrentObject (hdc=0xb00107a2, type=0x2) returned 0x900010
[0220.771] GetCurrentObject (hdc=0xb00107a2, type=0x7) returned 0x4a0507fe
[0220.771] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.771] SaveDC (hdc=0xb00107a2) returned 2
[0220.771] GetNearestColor (hdc=0xb00107a2, color=0xf0f0f0) returned 0xf0f0f0
[0220.772] CreateSolidBrush (color=0xf0f0f0) returned 0x3b1007e1
[0220.772] FillRect (hDC=0xb00107a2, lprc=0xd7d9d8, hbr=0x3b1007e1) returned 1
[0220.772] DeleteObject (ho=0x3b1007e1) returned 1
[0220.772] RestoreDC (hdc=0xb00107a2, nSavedDC=-1) returned 1
[0220.772] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.772] GetSystemMetrics (nIndex=42) returned 0
[0220.772] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0220.772] RestoreDC (hdc=0xb00107a2, nSavedDC=-1) returned 1
[0220.772] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107a2) returned 0x0
[0220.772] IsAppThemed () returned 0x1
[0220.772] GetThemeAppProperties () returned 0x3
[0220.772] GetThemeAppProperties () returned 0x3
[0220.772] IsAppThemed () returned 0x1
[0220.773] GetThemeAppProperties () returned 0x3
[0220.773] GetThemeAppProperties () returned 0x3
[0220.773] IsThemePartDefined () returned 0x1
[0220.773] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0220.773] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.773] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0220.773] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0220.773] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0220.773] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.773] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0220.773] LocalFree (hMem=0x11eec58) returned 0x0
[0220.773] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.773] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0220.773] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.773] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0220.773] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0220.773] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0220.773] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0220.773] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.773] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0220.773] GetCurrentObject (hdc=0xb00107a2, type=0x1) returned 0xb00017
[0220.773] GetCurrentObject (hdc=0xb00107a2, type=0x2) returned 0x900010
[0220.774] GetCurrentObject (hdc=0xb00107a2, type=0x7) returned 0x4a0507fe
[0220.774] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.774] SaveDC (hdc=0xb00107a2) returned 1
[0220.774] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbc0407de
[0220.774] GetClipRgn (hdc=0xb00107a2, hrgn=0xbc0407de) returned 0
[0220.774] SelectClipRgn (hdc=0xb00107a2, hrgn=0x2f040807) returned 2
[0220.774] DeleteObject (ho=0xbc0407de) returned 1
[0220.774] DeleteObject (ho=0x2f040807) returned 1
[0220.774] OffsetViewportOrgEx (in: hdc=0xb00107a2, x=0, y=0, lppt=0x2df7fd8 | out: lppt=0x2df7fd8) returned 1
[0220.774] IsAppThemed () returned 0x1
[0220.774] GetThemeAppProperties () returned 0x3
[0220.774] GetThemeAppProperties () returned 0x3
[0220.774] DrawThemeBackground () returned 0x0
[0220.774] RestoreDC (hdc=0xb00107a2, nSavedDC=-1) returned 1
[0220.774] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107a2) returned 0x0
[0220.774] GdipCreateRegion (region=0xd7df60) returned 0x0
[0220.774] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.774] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0220.774] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0220.774] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0220.775] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.775] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0220.775] LocalFree (hMem=0x11ee788) returned 0x0
[0220.775] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0220.775] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0220.775] LocalFree (hMem=0x11eec58) returned 0x0
[0220.775] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0220.775] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0220.775] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df90) returned 0x0
[0220.775] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0220.775] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.775] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0220.775] GetCurrentObject (hdc=0xb00107a2, type=0x1) returned 0xb00017
[0220.775] GetCurrentObject (hdc=0xb00107a2, type=0x2) returned 0x900010
[0220.775] GetCurrentObject (hdc=0xb00107a2, type=0x7) returned 0x4a0507fe
[0220.775] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.775] SaveDC (hdc=0xb00107a2) returned 1
[0220.775] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x30040807
[0220.775] GetClipRgn (hdc=0xb00107a2, hrgn=0x30040807) returned 0
[0220.776] SelectClipRgn (hdc=0xb00107a2, hrgn=0xbd0407de) returned 2
[0220.776] DeleteObject (ho=0x30040807) returned 1
[0220.776] DeleteObject (ho=0xbd0407de) returned 1
[0220.776] OffsetViewportOrgEx (in: hdc=0xb00107a2, x=0, y=0, lppt=0x2df82ac | out: lppt=0x2df82ac) returned 1
[0220.776] IsAppThemed () returned 0x1
[0220.776] GetThemeAppProperties () returned 0x3
[0220.776] GetThemeAppProperties () returned 0x3
[0220.776] GetThemeBackgroundContentRect () returned 0x0
[0220.776] RestoreDC (hdc=0xb00107a2, nSavedDC=-1) returned 1
[0220.776] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107a2) returned 0x0
[0220.776] IsAppThemed () returned 0x1
[0220.776] GetThemeAppProperties () returned 0x3
[0220.776] GetThemeAppProperties () returned 0x3
[0220.776] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0220.776] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0220.776] GetCurrentObject (hdc=0xb00107a2, type=0x1) returned 0xb00017
[0220.776] GetCurrentObject (hdc=0xb00107a2, type=0x2) returned 0x900010
[0220.776] GetCurrentObject (hdc=0xb00107a2, type=0x7) returned 0x4a0507fe
[0220.776] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.777] SaveDC (hdc=0xb00107a2) returned 1
[0220.777] GetTextAlign (hdc=0xb00107a2) returned 0x0
[0220.777] GetTextColor (hdc=0xb00107a2) returned 0x0
[0220.777] GetCurrentObject (hdc=0xb00107a2, type=0x6) returned 0x8a01c2
[0220.777] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0220.777] SelectObject (hdc=0xb00107a2, h=0x6d0a0520) returned 0x8a01c2
[0220.777] GetBkMode (hdc=0xb00107a2) returned 2
[0220.777] SetBkMode (hdc=0xb00107a2, mode=1) returned 2
[0220.777] DrawTextExW (in: hdc=0xb00107a2, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2df864c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0220.778] DrawTextExW (in: hdc=0xb00107a2, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2df864c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0220.778] RestoreDC (hdc=0xb00107a2, nSavedDC=-1) returned 1
[0220.778] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107a2) returned 0x0
[0220.810] GetFocus () returned 0x1c02d8
[0220.810] IsAppThemed () returned 0x1
[0220.810] GetThemeAppProperties () returned 0x3
[0220.810] GetThemeAppProperties () returned 0x3
[0220.810] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0220.810] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xb00107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.810] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107a2) returned 0x0
[0220.810] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.810] SelectObject (hdc=0xb00107a2, h=0x85000f) returned 0x4a0507fe
[0220.810] DeleteDC (hdc=0xb00107a2) returned 1
[0220.811] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.811] EndPaint (hWnd=0x1a02da, lpPaint=0xd7e24c) returned 1
[0220.811] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.811] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.811] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.811] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.811] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.811] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0220.811] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.811] CreateCompatibleDC (hdc=0x60100ce) returned 0xb20107a2
[0220.811] SelectObject (hdc=0xb20107a2, h=0x4a0507fe) returned 0x85000f
[0220.811] GdipCreateFromHDC (hdc=0xb20107a2, graphics=0xd7e268) returned 0x0
[0220.812] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.812] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0220.812] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0220.812] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0220.812] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0220.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0220.812] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0220.812] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.812] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0220.812] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0220.812] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.812] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0220.812] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0220.812] GdipRestoreGraphics (graphics=0x6600030, state=0xf9b80dbd) returned 0x0
[0220.812] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.812] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0220.812] GetCurrentObject (hdc=0xb20107a2, type=0x1) returned 0xb00017
[0220.812] GetCurrentObject (hdc=0xb20107a2, type=0x2) returned 0x900010
[0220.812] GetCurrentObject (hdc=0xb20107a2, type=0x7) returned 0x4a0507fe
[0220.813] GetCurrentObject (hdc=0xb20107a2, type=0x6) returned 0x8a01c2
[0220.813] SaveDC (hdc=0xb20107a2) returned 1
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0xff) returned 0xff
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0x55) returned 0x55
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0x0) returned 0x0
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0x55) returned 0x55
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0x0) returned 0x0
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0x8080ff) returned 0x8080ff
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0x7373e5) returned 0x7373e5
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0xe5) returned 0xe5
[0220.813] GetNearestColor (hdc=0xb20107a2, color=0x0) returned 0x0
[0220.813] RestoreDC (hdc=0xb20107a2, nSavedDC=-1) returned 1
[0220.813] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107a2) returned 0x0
[0220.813] IsAppThemed () returned 0x1
[0220.813] GetThemeAppProperties () returned 0x3
[0220.813] GetThemeAppProperties () returned 0x3
[0220.814] IsAppThemed () returned 0x1
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2df8e14 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0220.814] IsAppThemed () returned 0x1
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] IsAppThemed () returned 0x1
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] GetFocus () returned 0x1c02d8
[0220.814] IsAppThemed () returned 0x1
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] IsAppThemed () returned 0x1
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] GetThemeAppProperties () returned 0x3
[0220.814] IsThemePartDefined () returned 0x1
[0220.815] IsAppThemed () returned 0x1
[0220.815] GetThemeAppProperties () returned 0x3
[0220.815] GetThemeAppProperties () returned 0x3
[0220.815] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0220.815] IsAppThemed () returned 0x1
[0220.815] GetThemeAppProperties () returned 0x3
[0220.815] GetThemeAppProperties () returned 0x3
[0220.815] IsAppThemed () returned 0x1
[0220.815] GetThemeAppProperties () returned 0x3
[0220.815] GetThemeAppProperties () returned 0x3
[0220.815] IsThemePartDefined () returned 0x1
[0220.815] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0220.815] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0220.815] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0220.815] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0220.815] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0220.815] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.815] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0220.815] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.815] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.815] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0220.816] LocalFree (hMem=0x11ee788) returned 0x0
[0220.816] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0220.816] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e018) returned 0x0
[0220.816] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e008) returned 0x0
[0220.816] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0220.816] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.816] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0220.816] GetCurrentObject (hdc=0xb20107a2, type=0x1) returned 0xb00017
[0220.816] GetCurrentObject (hdc=0xb20107a2, type=0x2) returned 0x900010
[0220.816] GetCurrentObject (hdc=0xb20107a2, type=0x7) returned 0x4a0507fe
[0220.816] GetCurrentObject (hdc=0xb20107a2, type=0x6) returned 0x8a01c2
[0220.816] SaveDC (hdc=0xb20107a2) returned 1
[0220.816] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbe0407de
[0220.816] GetClipRgn (hdc=0xb20107a2, hrgn=0xbe0407de) returned 0
[0220.816] SelectClipRgn (hdc=0xb20107a2, hrgn=0x34040807) returned 2
[0220.816] DeleteObject (ho=0xbe0407de) returned 1
[0220.816] DeleteObject (ho=0x34040807) returned 1
[0220.816] OffsetViewportOrgEx (in: hdc=0xb20107a2, x=0, y=0, lppt=0x2df94c4 | out: lppt=0x2df94c4) returned 1
[0220.817] DrawThemeParentBackground () returned 0x0
[0220.817] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0220.817] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0220.817] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.817] GetSystemMetrics (nIndex=42) returned 0
[0220.817] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0220.817] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0220.817] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0220.817] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0220.817] SelectPalette (hdc=0xb20107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.817] GdipCreateFromHDC (hdc=0xb20107a2, graphics=0xd7dac8) returned 0x0
[0220.817] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0220.818] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0220.818] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638cf8) returned 0x0
[0220.818] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7daa0) returned 0x0
[0220.818] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0220.818] GdipCreateRegion (region=0xd7da88) returned 0x0
[0220.818] GdipGetClip (graphics=0x6631fe8, region=0x6646718) returned 0x0
[0220.818] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6631fe8, result=0xd7da94) returned 0x0
[0220.818] GdipDeleteRegion (region=0x6646718) returned 0x0
[0220.818] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dac0) returned 0x0
[0220.818] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0220.824] GdipFillRectangleI (graphics=0x6631fe8, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0220.824] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0220.852] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0220.852] SelectPalette (hdc=0xb20107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.852] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.852] GetSystemMetrics (nIndex=42) returned 0
[0220.852] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0220.852] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0220.852] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0220.853] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0220.853] SelectPalette (hdc=0xb20107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.853] GdipCreateFromHDC (hdc=0xb20107a2, graphics=0xd7da68) returned 0x0
[0220.853] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0220.853] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0220.853] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638c68) returned 0x0
[0220.853] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7da40) returned 0x0
[0220.853] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0220.853] GdipCreateRegion (region=0xd7da28) returned 0x0
[0220.853] GdipGetClip (graphics=0x6631fe8, region=0x6645758) returned 0x0
[0220.853] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6631fe8, result=0xd7da34) returned 0x0
[0220.853] GdipDeleteRegion (region=0x6645758) returned 0x0
[0220.853] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7da60) returned 0x0
[0220.853] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0220.862] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0220.862] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0220.863] GdipRestoreGraphics (graphics=0x6631fe8, state=0xf9b40dbd) returned 0x0
[0220.863] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0220.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.863] GetSystemMetrics (nIndex=42) returned 0
[0220.863] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0220.864] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0220.864] SelectPalette (hdc=0xb20107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.864] RestoreDC (hdc=0xb20107a2, nSavedDC=-1) returned 1
[0220.864] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107a2) returned 0x0
[0220.864] IsAppThemed () returned 0x1
[0220.864] GetThemeAppProperties () returned 0x3
[0220.864] GetThemeAppProperties () returned 0x3
[0220.864] IsAppThemed () returned 0x1
[0220.864] GetThemeAppProperties () returned 0x3
[0220.864] GetThemeAppProperties () returned 0x3
[0220.864] IsThemePartDefined () returned 0x1
[0220.864] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0220.864] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0220.864] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0220.865] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0220.865] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0220.865] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0220.865] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0220.865] LocalFree (hMem=0x11eead0) returned 0x0
[0220.865] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0220.865] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0220.865] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.865] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0220.865] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0220.865] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0220.865] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0220.865] GdipDeleteRegion (region=0x6645518) returned 0x0
[0220.865] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0220.865] GetCurrentObject (hdc=0xb20107a2, type=0x1) returned 0xb00017
[0220.865] GetCurrentObject (hdc=0xb20107a2, type=0x2) returned 0x900010
[0220.865] GetCurrentObject (hdc=0xb20107a2, type=0x7) returned 0x4a0507fe
[0220.865] GetCurrentObject (hdc=0xb20107a2, type=0x6) returned 0x8a01c2
[0220.865] SaveDC (hdc=0xb20107a2) returned 1
[0220.866] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x35040807
[0220.866] GetClipRgn (hdc=0xb20107a2, hrgn=0x35040807) returned 0
[0220.866] SelectClipRgn (hdc=0xb20107a2, hrgn=0xc00407de) returned 2
[0220.866] DeleteObject (ho=0x35040807) returned 1
[0220.866] DeleteObject (ho=0xc00407de) returned 1
[0220.866] OffsetViewportOrgEx (in: hdc=0xb20107a2, x=0, y=0, lppt=0x2dffd14 | out: lppt=0x2dffd14) returned 1
[0220.866] IsAppThemed () returned 0x1
[0220.866] GetThemeAppProperties () returned 0x3
[0220.866] GetThemeAppProperties () returned 0x3
[0220.866] DrawThemeBackground () returned 0x0
[0220.866] RestoreDC (hdc=0xb20107a2, nSavedDC=-1) returned 1
[0220.866] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107a2) returned 0x0
[0220.866] GdipCreateRegion (region=0xd7df60) returned 0x0
[0220.866] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0220.866] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0220.866] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0220.866] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0220.866] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0220.866] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.867] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea60) returned 0x0
[0220.867] LocalFree (hMem=0x11eea60) returned 0x0
[0220.867] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0220.867] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0220.867] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7df90) returned 0x0
[0220.867] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0220.867] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0220.867] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0220.867] GetCurrentObject (hdc=0xb20107a2, type=0x1) returned 0xb00017
[0220.867] GetCurrentObject (hdc=0xb20107a2, type=0x2) returned 0x900010
[0220.867] GetCurrentObject (hdc=0xb20107a2, type=0x7) returned 0x4a0507fe
[0220.867] GetCurrentObject (hdc=0xb20107a2, type=0x6) returned 0x8a01c2
[0220.867] SaveDC (hdc=0xb20107a2) returned 1
[0220.867] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc10407de
[0220.867] GetClipRgn (hdc=0xb20107a2, hrgn=0xc10407de) returned 0
[0220.867] SelectClipRgn (hdc=0xb20107a2, hrgn=0x36040807) returned 2
[0220.867] DeleteObject (ho=0xc10407de) returned 1
[0220.867] DeleteObject (ho=0x36040807) returned 1
[0220.867] OffsetViewportOrgEx (in: hdc=0xb20107a2, x=0, y=0, lppt=0x2dfffe8 | out: lppt=0x2dfffe8) returned 1
[0220.867] IsAppThemed () returned 0x1
[0220.867] GetThemeAppProperties () returned 0x3
[0220.867] GetThemeAppProperties () returned 0x3
[0220.867] GetThemeBackgroundContentRect () returned 0x0
[0220.868] RestoreDC (hdc=0xb20107a2, nSavedDC=-1) returned 1
[0220.868] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107a2) returned 0x0
[0220.868] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0220.868] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0220.868] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0220.868] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0220.868] IsAppThemed () returned 0x1
[0220.868] GetThemeAppProperties () returned 0x3
[0220.868] GetThemeAppProperties () returned 0x3
[0220.868] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0220.868] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0220.868] GetCurrentObject (hdc=0xb20107a2, type=0x1) returned 0xb00017
[0220.868] GetCurrentObject (hdc=0xb20107a2, type=0x2) returned 0x900010
[0220.868] GetCurrentObject (hdc=0xb20107a2, type=0x7) returned 0x4a0507fe
[0220.868] GetCurrentObject (hdc=0xb20107a2, type=0x6) returned 0x8a01c2
[0220.868] SaveDC (hdc=0xb20107a2) returned 1
[0220.868] GetTextAlign (hdc=0xb20107a2) returned 0x0
[0220.868] GetTextColor (hdc=0xb20107a2) returned 0x0
[0220.868] GetCurrentObject (hdc=0xb20107a2, type=0x6) returned 0x8a01c2
[0220.868] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0220.869] SelectObject (hdc=0xb20107a2, h=0x6d0a0520) returned 0x8a01c2
[0220.869] GetBkMode (hdc=0xb20107a2) returned 2
[0220.869] SetBkMode (hdc=0xb20107a2, mode=1) returned 2
[0220.869] DrawTextExW (in: hdc=0xb20107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e003ac | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0220.869] DrawTextExW (in: hdc=0xb20107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e003ac | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0220.869] RestoreDC (hdc=0xb20107a2, nSavedDC=-1) returned 1
[0220.869] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107a2) returned 0x0
[0220.869] GetFocus () returned 0x1c02d8
[0220.870] IsAppThemed () returned 0x1
[0220.870] GetThemeAppProperties () returned 0x3
[0220.870] GetThemeAppProperties () returned 0x3
[0220.870] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0220.870] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xb20107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.870] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107a2) returned 0x0
[0220.870] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.870] SelectObject (hdc=0xb20107a2, h=0x85000f) returned 0x4a0507fe
[0220.870] DeleteDC (hdc=0xb20107a2) returned 1
[0220.870] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.870] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0220.870] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.870] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.871] IsWindowUnicode (hWnd=0x1a02dc) returned 1
[0220.871] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.871] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.871] GetDlgItem (hDlg=0x1402c8, nIDDlgItem=0) returned 0x0
[0220.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x210, wParam=0x201, lParam=0x6600fa) returned 0x0
[0220.871] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x21, wParam=0x1402c8, lParam=0x2010001) returned 0x1
[0220.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x21, wParam=0x1402c8, lParam=0x2010001) returned 0x1
[0220.871] SetCursor (hCursor=0x10003) returned 0x10003
[0220.871] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.871] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.871] GetKeyState (nVirtKey=1) returned -127
[0220.871] GetKeyState (nVirtKey=2) returned 0
[0220.871] GetKeyState (nVirtKey=4) returned 0
[0220.871] GetKeyState (nVirtKey=5) returned 0
[0220.871] GetKeyState (nVirtKey=6) returned 0
[0220.872] IsWindowVisible (hWnd=0x1a02dc) returned 1
[0220.872] IsWindowEnabled (hWnd=0x1a02dc) returned 1
[0220.872] SetFocus (hWnd=0x1a02dc) returned 0x1c02d8
[0220.878] GetFocus () returned 0x1a02dc
[0220.878] IsChild (hWndParent=0x1402c8, hWnd=0x1a02dc) returned 1
[0220.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x8, wParam=0x1a02dc, lParam=0x0) returned 0x0
[0220.878] GetCapture () returned 0x0
[0220.878] InvalidateRect (hWnd=0x1c02d8, lpRect=0x0, bErase=0) returned 1
[0220.879] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0220.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0220.881] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.881] InvalidateRect (hWnd=0x1c02d8, lpRect=0x0, bErase=0) returned 1
[0220.882] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x7, wParam=0x1c02d8, lParam=0x0) returned 0x0
[0220.882] GetStockObject (i=5) returned 0x900015
[0220.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0220.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0220.882] GetDlgItem (hDlg=0x1402c8, nIDDlgItem=1704668) returned 0x1a02dc
[0220.882] SendMessageW (hWnd=0x1a02dc, Msg=0x202b, wParam=0x1a02dc, lParam=0xd7dddc) returned 0x0
[0220.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x202b, wParam=0x1a02dc, lParam=0xd7dddc) returned 0x0
[0220.882] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.884] GetFocus () returned 0x1a02dc
[0220.884] GetFocus () returned 0x1a02dc
[0220.884] GetFocus () returned 0x1a02dc
[0220.884] GetKeyState (nVirtKey=1) returned -127
[0220.884] GetKeyState (nVirtKey=2) returned 0
[0220.885] GetKeyState (nVirtKey=4) returned 0
[0220.885] GetKeyState (nVirtKey=5) returned 0
[0220.885] GetKeyState (nVirtKey=6) returned 0
[0220.885] GetCapture () returned 0x0
[0220.885] SetCapture (hWnd=0x1a02dc) returned 0x0
[0220.885] GetKeyState (nVirtKey=1) returned -127
[0220.885] GetKeyState (nVirtKey=2) returned 0
[0220.885] GetKeyState (nVirtKey=4) returned 0
[0220.885] GetKeyState (nVirtKey=5) returned 0
[0220.885] GetKeyState (nVirtKey=6) returned 0
[0220.885] NotifyWinEvent (event=0x800a, hwnd=0x1a02dc, idObject=-4, idChild=0)
[0220.885] InvalidateRect (hWnd=0x1a02dc, lpRect=0xd7e430, bErase=0) returned 1
[0220.885] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.885] IsWindowUnicode (hWnd=0x1a02dc) returned 1
[0220.885] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.885] TranslateMessage (lpMsg=0xd7e808) returned 0
[0220.885] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0220.885] MapWindowPoints (in: hWndFrom=0x1a02dc, hWndTo=0x0, lpPoints=0x2e0059c, cPoints=0x1 | out: lpPoints=0x2e0059c) returned 30999254
[0220.885] NotifyWinEvent (event=0x800a, hwnd=0x1a02dc, idObject=-4, idChild=0)
[0220.885] InvalidateRect (hWnd=0x1a02dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0220.885] UpdateWindow (hWnd=0x1a02dc) returned 1
[0220.885] BeginPaint (in: hWnd=0x1a02dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0220.886] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.886] CreateCompatibleDC (hdc=0xf0105ee) returned 0x730107d0
[0220.886] SelectObject (hdc=0x730107d0, h=0x4a0507fe) returned 0x85000f
[0220.886] GdipCreateFromHDC (hdc=0x730107d0, graphics=0xd7df00) returned 0x0
[0220.886] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.886] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0220.886] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0220.886] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0220.886] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df60) returned 0x0
[0220.886] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0220.886] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0220.886] LocalFree (hMem=0x11ee9f0) returned 0x0
[0220.886] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0220.886] GdipCreateRegion (region=0xd7df48) returned 0x0
[0220.886] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0220.886] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df54) returned 0x0
[0220.887] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0220.887] GdipRestoreGraphics (graphics=0x6600030, state=0xf9b20dbd) returned 0x0
[0220.887] GdipDeleteRegion (region=0x6645518) returned 0x0
[0220.887] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0220.887] GetCurrentObject (hdc=0x730107d0, type=0x1) returned 0xb00017
[0220.887] GetCurrentObject (hdc=0x730107d0, type=0x2) returned 0x900010
[0220.887] GetCurrentObject (hdc=0x730107d0, type=0x7) returned 0x4a0507fe
[0220.887] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.887] SaveDC (hdc=0x730107d0) returned 1
[0220.887] GetNearestColor (hdc=0x730107d0, color=0xf0f0f0) returned 0xf0f0f0
[0220.887] GetNearestColor (hdc=0x730107d0, color=0xa0a0a0) returned 0xa0a0a0
[0220.887] GetNearestColor (hdc=0x730107d0, color=0x696969) returned 0x696969
[0220.887] GetNearestColor (hdc=0x730107d0, color=0xa0a0a0) returned 0xa0a0a0
[0220.887] GetNearestColor (hdc=0x730107d0, color=0x0) returned 0x0
[0220.887] GetNearestColor (hdc=0x730107d0, color=0xffffff) returned 0xffffff
[0220.887] GetNearestColor (hdc=0x730107d0, color=0xe5e5e5) returned 0xe5e5e5
[0220.888] GetNearestColor (hdc=0x730107d0, color=0xd7d7d7) returned 0xd7d7d7
[0220.888] GetNearestColor (hdc=0x730107d0, color=0x0) returned 0x0
[0220.888] RestoreDC (hdc=0x730107d0, nSavedDC=-1) returned 1
[0220.888] GdipReleaseDC (graphics=0x6600030, hdc=0x730107d0) returned 0x0
[0220.888] IsAppThemed () returned 0x1
[0220.888] GetThemeAppProperties () returned 0x3
[0220.888] GetThemeAppProperties () returned 0x3
[0220.888] IsAppThemed () returned 0x1
[0220.888] GetThemeAppProperties () returned 0x3
[0220.888] GetThemeAppProperties () returned 0x3
[0220.888] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e00cf4 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0220.889] IsAppThemed () returned 0x1
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] IsAppThemed () returned 0x1
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] IsAppThemed () returned 0x1
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] IsAppThemed () returned 0x1
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] IsThemePartDefined () returned 0x1
[0220.889] IsAppThemed () returned 0x1
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0220.889] IsAppThemed () returned 0x1
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] IsAppThemed () returned 0x1
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] GetThemeAppProperties () returned 0x3
[0220.889] IsThemePartDefined () returned 0x1
[0220.889] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0220.889] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0220.890] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0220.890] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0220.890] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc7c) returned 0x0
[0220.890] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0220.890] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea98) returned 0x0
[0220.890] LocalFree (hMem=0x11eea98) returned 0x0
[0220.890] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.890] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0220.890] LocalFree (hMem=0x11ee788) returned 0x0
[0220.890] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0220.890] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0220.890] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0220.890] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0220.890] GdipDeleteRegion (region=0x6645248) returned 0x0
[0220.890] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0220.890] GetCurrentObject (hdc=0x730107d0, type=0x1) returned 0xb00017
[0220.890] GetCurrentObject (hdc=0x730107d0, type=0x2) returned 0x900010
[0220.890] GetCurrentObject (hdc=0x730107d0, type=0x7) returned 0x4a0507fe
[0220.890] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.890] SaveDC (hdc=0x730107d0) returned 1
[0220.890] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x37040807
[0220.891] GetClipRgn (hdc=0x730107d0, hrgn=0x37040807) returned 0
[0220.891] SelectClipRgn (hdc=0x730107d0, hrgn=0xc50407de) returned 2
[0220.891] DeleteObject (ho=0x37040807) returned 1
[0220.891] DeleteObject (ho=0xc50407de) returned 1
[0220.891] OffsetViewportOrgEx (in: hdc=0x730107d0, x=0, y=0, lppt=0x2e013a4 | out: lppt=0x2e013a4) returned 1
[0220.891] DrawThemeParentBackground () returned 0x0
[0220.891] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0220.891] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0220.891] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.891] GetSystemMetrics (nIndex=42) returned 0
[0220.891] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0220.891] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0220.891] GetCurrentObject (hdc=0x730107d0, type=0x1) returned 0xb00017
[0220.891] GetCurrentObject (hdc=0x730107d0, type=0x2) returned 0x900010
[0220.891] GetCurrentObject (hdc=0x730107d0, type=0x7) returned 0x4a0507fe
[0220.891] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.891] SaveDC (hdc=0x730107d0) returned 2
[0220.892] GetNearestColor (hdc=0x730107d0, color=0xf0f0f0) returned 0xf0f0f0
[0220.892] CreateSolidBrush (color=0xf0f0f0) returned 0x3c1007e1
[0220.892] FillRect (hDC=0x730107d0, lprc=0xd7d6c8, hbr=0x3c1007e1) returned 1
[0220.892] DeleteObject (ho=0x3c1007e1) returned 1
[0220.892] RestoreDC (hdc=0x730107d0, nSavedDC=-1) returned 1
[0220.892] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.892] GetSystemMetrics (nIndex=42) returned 0
[0220.892] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0220.892] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0220.892] GetCurrentObject (hdc=0x730107d0, type=0x1) returned 0xb00017
[0220.892] GetCurrentObject (hdc=0x730107d0, type=0x2) returned 0x900010
[0220.892] GetCurrentObject (hdc=0x730107d0, type=0x7) returned 0x4a0507fe
[0220.892] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.892] SaveDC (hdc=0x730107d0) returned 2
[0220.892] GetNearestColor (hdc=0x730107d0, color=0xf0f0f0) returned 0xf0f0f0
[0220.892] CreateSolidBrush (color=0xf0f0f0) returned 0x3d1007e1
[0220.892] FillRect (hDC=0x730107d0, lprc=0xd7d668, hbr=0x3d1007e1) returned 1
[0220.893] DeleteObject (ho=0x3d1007e1) returned 1
[0220.893] RestoreDC (hdc=0x730107d0, nSavedDC=-1) returned 1
[0220.893] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.893] GetSystemMetrics (nIndex=42) returned 0
[0220.893] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0220.893] RestoreDC (hdc=0x730107d0, nSavedDC=-1) returned 1
[0220.893] GdipReleaseDC (graphics=0x6600030, hdc=0x730107d0) returned 0x0
[0220.893] IsAppThemed () returned 0x1
[0220.893] GetThemeAppProperties () returned 0x3
[0220.893] GetThemeAppProperties () returned 0x3
[0220.893] IsAppThemed () returned 0x1
[0220.893] GetThemeAppProperties () returned 0x3
[0220.893] GetThemeAppProperties () returned 0x3
[0220.893] IsThemePartDefined () returned 0x1
[0220.893] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0220.893] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0220.893] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0220.894] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0220.894] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc00) returned 0x0
[0220.894] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0220.894] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0220.894] LocalFree (hMem=0x11ee8d8) returned 0x0
[0220.894] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0220.894] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eead0) returned 0x0
[0220.894] LocalFree (hMem=0x11eead0) returned 0x0
[0220.894] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0220.894] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0220.894] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0220.894] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0220.894] GdipDeleteRegion (region=0x6645638) returned 0x0
[0220.894] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0220.894] GetCurrentObject (hdc=0x730107d0, type=0x1) returned 0xb00017
[0220.894] GetCurrentObject (hdc=0x730107d0, type=0x2) returned 0x900010
[0220.894] GetCurrentObject (hdc=0x730107d0, type=0x7) returned 0x4a0507fe
[0220.894] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.894] SaveDC (hdc=0x730107d0) returned 1
[0220.894] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc60407de
[0220.894] GetClipRgn (hdc=0x730107d0, hrgn=0xc60407de) returned 0
[0220.895] SelectClipRgn (hdc=0x730107d0, hrgn=0x39040807) returned 2
[0220.895] DeleteObject (ho=0xc60407de) returned 1
[0220.895] DeleteObject (ho=0x39040807) returned 1
[0220.895] OffsetViewportOrgEx (in: hdc=0x730107d0, x=0, y=0, lppt=0x2e01c50 | out: lppt=0x2e01c50) returned 1
[0220.895] IsAppThemed () returned 0x1
[0220.895] GetThemeAppProperties () returned 0x3
[0220.895] GetThemeAppProperties () returned 0x3
[0220.895] DrawThemeBackground () returned 0x0
[0220.895] RestoreDC (hdc=0x730107d0, nSavedDC=-1) returned 1
[0220.895] GdipReleaseDC (graphics=0x6600030, hdc=0x730107d0) returned 0x0
[0220.895] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0220.895] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0220.895] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0220.895] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0220.895] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dc04) returned 0x0
[0220.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0220.895] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea60) returned 0x0
[0220.895] LocalFree (hMem=0x11eea60) returned 0x0
[0220.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.895] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0220.895] LocalFree (hMem=0x11ee788) returned 0x0
[0220.896] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0220.896] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0220.896] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0220.896] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0220.896] GdipDeleteRegion (region=0x6646178) returned 0x0
[0220.896] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0220.896] GetCurrentObject (hdc=0x730107d0, type=0x1) returned 0xb00017
[0220.896] GetCurrentObject (hdc=0x730107d0, type=0x2) returned 0x900010
[0220.896] GetCurrentObject (hdc=0x730107d0, type=0x7) returned 0x4a0507fe
[0220.896] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.896] SaveDC (hdc=0x730107d0) returned 1
[0220.896] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a040807
[0220.896] GetClipRgn (hdc=0x730107d0, hrgn=0x3a040807) returned 0
[0220.896] SelectClipRgn (hdc=0x730107d0, hrgn=0xc70407de) returned 2
[0220.896] DeleteObject (ho=0x3a040807) returned 1
[0220.896] DeleteObject (ho=0xc70407de) returned 1
[0220.896] OffsetViewportOrgEx (in: hdc=0x730107d0, x=0, y=0, lppt=0x2e01f24 | out: lppt=0x2e01f24) returned 1
[0220.896] IsAppThemed () returned 0x1
[0220.897] GetThemeAppProperties () returned 0x3
[0220.897] GetThemeAppProperties () returned 0x3
[0220.897] GetThemeBackgroundContentRect () returned 0x0
[0220.897] RestoreDC (hdc=0x730107d0, nSavedDC=-1) returned 1
[0220.897] GdipReleaseDC (graphics=0x6600030, hdc=0x730107d0) returned 0x0
[0220.897] IsAppThemed () returned 0x1
[0220.897] GetThemeAppProperties () returned 0x3
[0220.897] GetThemeAppProperties () returned 0x3
[0220.897] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0220.897] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0220.897] GetCurrentObject (hdc=0x730107d0, type=0x1) returned 0xb00017
[0220.897] GetCurrentObject (hdc=0x730107d0, type=0x2) returned 0x900010
[0220.897] GetCurrentObject (hdc=0x730107d0, type=0x7) returned 0x4a0507fe
[0220.897] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.897] SaveDC (hdc=0x730107d0) returned 1
[0220.897] GetTextAlign (hdc=0x730107d0) returned 0x0
[0220.897] GetTextColor (hdc=0x730107d0) returned 0x0
[0220.897] GetCurrentObject (hdc=0x730107d0, type=0x6) returned 0x8a01c2
[0220.897] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0220.898] SelectObject (hdc=0x730107d0, h=0x6d0a0520) returned 0x8a01c2
[0220.898] GetBkMode (hdc=0x730107d0) returned 2
[0220.898] SetBkMode (hdc=0x730107d0, mode=1) returned 2
[0220.898] DrawTextExW (in: hdc=0x730107d0, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e022c4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0220.898] DrawTextExW (in: hdc=0x730107d0, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e022c4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0220.898] RestoreDC (hdc=0x730107d0, nSavedDC=-1) returned 1
[0220.898] GdipReleaseDC (graphics=0x6600030, hdc=0x730107d0) returned 0x0
[0220.898] GetFocus () returned 0x1a02dc
[0220.898] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0220.899] SendMessageW (hWnd=0x1402c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0220.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0220.899] IsAppThemed () returned 0x1
[0220.899] GetThemeAppProperties () returned 0x3
[0220.899] GetThemeAppProperties () returned 0x3
[0220.899] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0220.899] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x730107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0220.899] GdipReleaseDC (graphics=0x6600030, hdc=0x730107d0) returned 0x0
[0220.899] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0220.899] SelectObject (hdc=0x730107d0, h=0x85000f) returned 0x4a0507fe
[0220.899] DeleteDC (hdc=0x730107d0) returned 1
[0220.899] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0220.899] EndPaint (hWnd=0x1a02dc, lpPaint=0xd7dee4) returned 1
[0220.899] MapWindowPoints (in: hWndFrom=0x1a02dc, hWndTo=0x0, lpPoints=0x2e023c0, cPoints=0x1 | out: lpPoints=0x2e023c0) returned 30999254
[0220.900] WindowFromPoint (Point=0x2ef) returned 0x1a02dc
[0220.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.900] NotifyWinEvent (event=0x800a, hwnd=0x1a02dc, idObject=-4, idChild=0)
[0220.900] NotifyWinEvent (event=0x800c, hwnd=0x1a02dc, idObject=-4, idChild=0)
[0220.900] GetCapture () returned 0x1a02dc
[0220.900] ReleaseCapture () returned 1
[0220.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0220.900] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0220.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.901] IsWindow (hWnd=0x7005c) returned 1
[0220.901] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0220.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0220.901] IsWindow (hWnd=0x1402c8) returned 1
[0220.901] SetActiveWindow (hWnd=0x1402c8) returned 0x1402c8
[0220.901] IsWindow (hWnd=0x1402c8) returned 1
[0220.901] SetFocus (hWnd=0x1402c8) returned 0x1a02dc
[0220.902] GetFocus () returned 0x1402c8
[0220.902] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x8, wParam=0x1402c8, lParam=0x0) returned 0x0
[0220.902] GetCapture () returned 0x0
[0220.902] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.903] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0220.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0220.911] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.911] GetFocus () returned 0x1402c8
[0220.911] SetFocus (hWnd=0x1a02dc) returned 0x1402c8
[0220.911] GetFocus () returned 0x1a02dc
[0220.911] IsChild (hWndParent=0x1402c8, hWnd=0x1a02dc) returned 1
[0220.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x8, wParam=0x1a02dc, lParam=0x0) returned 0x0
[0220.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0220.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0220.915] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.915] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x7, wParam=0x1402c8, lParam=0x0) returned 0x0
[0220.915] GetStockObject (i=5) returned 0x900015
[0220.915] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0220.915] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0220.915] GetDlgItem (hDlg=0x1402c8, nIDDlgItem=1704668) returned 0x1a02dc
[0220.915] SendMessageW (hWnd=0x1a02dc, Msg=0x202b, wParam=0x1a02dc, lParam=0xd7ddcc) returned 0x0
[0220.915] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x202b, wParam=0x1a02dc, lParam=0xd7ddcc) returned 0x0
[0220.915] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.918] GetWindowLongW (hWnd=0x1402c8, nIndex=-8) returned 458844
[0220.918] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0220.918] GetCurrentThreadId () returned 0xf50
[0220.918] IsWindow (hWnd=0x7005c) returned 1
[0220.918] IsWindow (hWnd=0x7005c) returned 1
[0220.918] IsWindowVisible (hWnd=0x7005c) returned 1
[0220.918] SetActiveWindow (hWnd=0x7005c) returned 0x1402c8
[0220.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0220.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0220.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0220.922] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0220.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0220.922] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0220.922] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0220.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1402c8) returned 0x1
[0220.926] GetFocus () returned 0x1a02dc
[0220.927] SetFocus (hWnd=0x602c4) returned 0x1a02dc
[0220.927] GetFocus () returned 0x602c4
[0220.927] IsChild (hWndParent=0x1402c8, hWnd=0x602c4) returned 0
[0220.927] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0220.927] GetCapture () returned 0x0
[0220.928] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0220.930] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0220.932] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0220.932] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0220.933] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0220.933] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1a02dc, lParam=0x0) returned 0x0
[0220.933] GetStockObject (i=5) returned 0x900015
[0220.933] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0220.933] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda80) returned 0xc
[0220.933] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0220.933] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0220.933] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0220.933] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0220.950] GetFocus () returned 0x602c4
[0220.950] IsChild (hWndParent=0x1402c8, hWnd=0x602c4) returned 0
[0220.950] ShowWindow (hWnd=0x1402c8, nCmdShow=0) returned 1
[0220.951] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0220.951] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0220.952] GetWindowPlacement (in: hWnd=0x1402c8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0220.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0220.953] GetClientRect (in: hWnd=0x1402c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0220.953] GetWindowRect (in: hWnd=0x1402c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0220.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0220.954] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0220.954] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0220.954] GetWindowLongW (hWnd=0x1402c8, nIndex=-20) returned 327945
[0220.954] DestroyWindow (hWnd=0x1402c8) returned 1
[0220.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0220.955] GetWindowTextLengthW (hWnd=0x1402c8) returned 13
[0220.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0220.955] GetSystemMetrics (nIndex=42) returned 0
[0220.955] GetWindowTextW (in: hWnd=0x1402c8, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0220.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0220.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0220.955] GetWindowTextLengthW (hWnd=0xf02d0) returned 0
[0220.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0220.955] GetSystemMetrics (nIndex=42) returned 0
[0220.955] GetWindowTextW (in: hWnd=0xf02d0, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0220.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0220.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0220.956] GetWindowThreadProcessId (in: hWnd=0x1002ce, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0220.956] GetWindow (hWnd=0x1002ce, uCmd=0x5) returned 0x0
[0220.956] GetWindowLongW (hWnd=0x1002ce, nIndex=-20) returned 65792
[0220.956] DestroyWindow (hWnd=0x1002ce) returned 1
[0220.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0220.956] GetWindowTextLengthW (hWnd=0x1002ce) returned 25
[0220.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0220.956] GetSystemMetrics (nIndex=42) returned 0
[0220.956] GetWindowTextW (in: hWnd=0x1002ce, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0220.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0220.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0220.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1002ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.958] GetWindowTextLengthW (hWnd=0x1a02de) returned 232
[0220.958] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0220.958] GetSystemMetrics (nIndex=42) returned 0
[0220.958] GetWindowTextW (in: hWnd=0x1a02de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0220.958] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0220.958] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0220.958] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0220.959] InvalidateRect (hWnd=0x1a02dc, lpRect=0x0, bErase=0) returned 1
[0220.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0220.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0220.959] SendMessageW (hWnd=0x1d00ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0220.959] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0220.959] SendMessageW (hWnd=0x1d00ea, Msg=0xb0, wParam=0x2dce2e4, lParam=0xd7e480) returned 0x0
[0220.959] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0xb0, wParam=0x2dce2e4, lParam=0xd7e480) returned 0x0
[0220.959] GetWindowTextLengthW (hWnd=0x1d00ea) returned 4363
[0220.959] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0220.960] GetSystemMetrics (nIndex=42) returned 0
[0220.960] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0220.960] GetWindowTextW (in: hWnd=0x1d00ea, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0220.960] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0220.960] CoTaskMemFree (pv=0x1209508)
[0220.960] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0220.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0xf02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1a02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.963] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.984] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.986] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0220.990] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.990] IsWindowUnicode (hWnd=0x30122) returned 1
[0220.990] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.990] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.990] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.990] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.991] IsWindowUnicode (hWnd=0x7005c) returned 1
[0220.991] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.991] SetCursor (hCursor=0x10003) returned 0x10003
[0220.991] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.991] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.991] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0220.991] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0220.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0220.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0231) returned 0x0
[0220.992] GetKeyState (nVirtKey=1) returned 1
[0220.992] GetKeyState (nVirtKey=2) returned 0
[0220.992] GetKeyState (nVirtKey=4) returned 0
[0220.992] GetKeyState (nVirtKey=5) returned 0
[0220.992] GetKeyState (nVirtKey=6) returned 0
[0220.992] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.992] IsWindowUnicode (hWnd=0x7005c) returned 1
[0220.993] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.993] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.993] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.993] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.993] IsWindowUnicode (hWnd=0x7005c) returned 1
[0220.993] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e102ef) returned 0x1
[0220.994] SetCursor (hCursor=0x10003) returned 0x10003
[0220.994] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.994] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0231) returned 0x0
[0220.994] GetKeyState (nVirtKey=1) returned 1
[0220.994] GetKeyState (nVirtKey=2) returned 0
[0220.994] GetKeyState (nVirtKey=4) returned 0
[0220.994] GetKeyState (nVirtKey=5) returned 0
[0220.994] GetKeyState (nVirtKey=6) returned 0
[0220.994] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.994] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.994] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.995] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.995] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.995] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.996] IsWindowUnicode (hWnd=0x602c4) returned 1
[0220.996] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0220.996] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0220.996] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0220.996] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0220.996] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0220.996] CreateCompatibleDC (hdc=0xf0105ee) returned 0x5c01065e
[0220.996] SelectObject (hdc=0x5c01065e, h=0x4a0507fe) returned 0x85000f
[0220.996] GdipCreateFromHDC (hdc=0x5c01065e, graphics=0xd7e798) returned 0x0
[0220.997] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0220.997] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0220.997] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0220.997] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0220.997] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e7f8) returned 0x0
[0220.997] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0220.997] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0220.997] LocalFree (hMem=0x11ee788) returned 0x0
[0220.997] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0220.997] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0220.998] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0220.998] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0220.998] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0220.998] GdipRestoreGraphics (graphics=0x6600030, state=0xf9b00dbd) returned 0x0
[0220.998] GdipDeleteRegion (region=0x6645488) returned 0x0
[0220.998] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0220.998] GetCurrentObject (hdc=0x5c01065e, type=0x1) returned 0xb00017
[0220.998] GetCurrentObject (hdc=0x5c01065e, type=0x2) returned 0x900010
[0220.998] GetCurrentObject (hdc=0x5c01065e, type=0x7) returned 0x4a0507fe
[0220.998] GetCurrentObject (hdc=0x5c01065e, type=0x6) returned 0x8a01c2
[0220.998] SaveDC (hdc=0x5c01065e) returned 1
[0220.998] GetNearestColor (hdc=0x5c01065e, color=0xff) returned 0xff
[0220.998] GetNearestColor (hdc=0x5c01065e, color=0x55) returned 0x55
[0220.999] GetNearestColor (hdc=0x5c01065e, color=0x0) returned 0x0
[0220.999] GetNearestColor (hdc=0x5c01065e, color=0x55) returned 0x55
[0220.999] GetNearestColor (hdc=0x5c01065e, color=0x0) returned 0x0
[0220.999] GetNearestColor (hdc=0x5c01065e, color=0x8080ff) returned 0x8080ff
[0220.999] GetNearestColor (hdc=0x5c01065e, color=0x7373e5) returned 0x7373e5
[0220.999] GetNearestColor (hdc=0x5c01065e, color=0xe5) returned 0xe5
[0220.999] GetNearestColor (hdc=0x5c01065e, color=0x0) returned 0x0
[0220.999] RestoreDC (hdc=0x5c01065e, nSavedDC=-1) returned 1
[0220.999] GdipReleaseDC (graphics=0x6600030, hdc=0x5c01065e) returned 0x0
[0220.999] IsAppThemed () returned 0x1
[0220.999] GetThemeAppProperties () returned 0x3
[0220.999] GetThemeAppProperties () returned 0x3
[0220.999] IsAppThemed () returned 0x1
[0221.000] GetThemeAppProperties () returned 0x3
[0221.000] GetThemeAppProperties () returned 0x3
[0221.000] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e0a12c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0221.000] IsAppThemed () returned 0x1
[0221.000] GetThemeAppProperties () returned 0x3
[0221.000] GetThemeAppProperties () returned 0x3
[0221.000] IsAppThemed () returned 0x1
[0221.000] GetThemeAppProperties () returned 0x3
[0221.000] GetThemeAppProperties () returned 0x3
[0221.000] GetFocus () returned 0x602c4
[0221.000] IsAppThemed () returned 0x1
[0221.000] GetThemeAppProperties () returned 0x3
[0221.000] GetThemeAppProperties () returned 0x3
[0221.001] IsAppThemed () returned 0x1
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] IsThemePartDefined () returned 0x1
[0221.001] IsAppThemed () returned 0x1
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0221.001] IsAppThemed () returned 0x1
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] IsAppThemed () returned 0x1
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] GetThemeAppProperties () returned 0x3
[0221.001] IsThemePartDefined () returned 0x1
[0221.001] GdipCreateRegion (region=0xd7e508) returned 0x0
[0221.001] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0221.001] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0221.001] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0221.001] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e520) returned 0x0
[0221.001] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0221.002] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0221.002] LocalFree (hMem=0x11ee8d8) returned 0x0
[0221.002] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0221.002] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0221.002] LocalFree (hMem=0x11ee788) returned 0x0
[0221.002] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0221.002] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e548) returned 0x0
[0221.002] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e538) returned 0x0
[0221.002] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0221.002] GdipDeleteRegion (region=0x6645488) returned 0x0
[0221.002] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0221.002] GetCurrentObject (hdc=0x5c01065e, type=0x1) returned 0xb00017
[0221.002] GetCurrentObject (hdc=0x5c01065e, type=0x2) returned 0x900010
[0221.002] GetCurrentObject (hdc=0x5c01065e, type=0x7) returned 0x4a0507fe
[0221.002] GetCurrentObject (hdc=0x5c01065e, type=0x6) returned 0x8a01c2
[0221.002] SaveDC (hdc=0x5c01065e) returned 1
[0221.003] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc80407de
[0221.003] GetClipRgn (hdc=0x5c01065e, hrgn=0xc80407de) returned 0
[0221.003] SelectClipRgn (hdc=0x5c01065e, hrgn=0x3e040807) returned 2
[0221.003] DeleteObject (ho=0xc80407de) returned 1
[0221.003] DeleteObject (ho=0x3e040807) returned 1
[0221.003] OffsetViewportOrgEx (in: hdc=0x5c01065e, x=0, y=0, lppt=0x2e0a7dc | out: lppt=0x2e0a7dc) returned 1
[0221.003] DrawThemeParentBackground () returned 0x0
[0221.003] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0221.003] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0221.003] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0221.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0221.003] GetSystemMetrics (nIndex=42) returned 0
[0221.003] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0221.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0221.004] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0221.004] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0221.004] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0221.004] SelectPalette (hdc=0x5c01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0221.004] GdipCreateFromHDC (hdc=0x5c01065e, graphics=0xd7dff8) returned 0x0
[0221.004] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0221.004] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0221.004] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638d28) returned 0x0
[0221.004] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dfd0) returned 0x0
[0221.004] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0221.004] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0221.005] GdipGetClip (graphics=0x6631fe8, region=0x6645bd8) returned 0x0
[0221.005] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6631fe8, result=0xd7dfc4) returned 0x0
[0221.005] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0221.005] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dff0) returned 0x0
[0221.005] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0221.049] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0221.049] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0221.050] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0221.050] SelectPalette (hdc=0x5c01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0221.050] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0221.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0221.050] GetSystemMetrics (nIndex=42) returned 0
[0221.050] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0221.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0221.051] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0221.051] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0221.051] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0221.051] SelectPalette (hdc=0x5c01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0221.051] GdipCreateFromHDC (hdc=0x5c01065e, graphics=0xd7df98) returned 0x0
[0221.051] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0221.051] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0221.051] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638d88) returned 0x0
[0221.051] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df70) returned 0x0
[0221.051] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0221.051] GdipCreateRegion (region=0xd7df58) returned 0x0
[0221.051] GdipGetClip (graphics=0x6631fe8, region=0x66452d8) returned 0x0
[0221.051] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6631fe8, result=0xd7df64) returned 0x0
[0221.051] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0221.051] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7df90) returned 0x0
[0221.051] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0221.058] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0221.058] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0221.059] GdipRestoreGraphics (graphics=0x6631fe8, state=0xf9ac0dbd) returned 0x0
[0221.059] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0221.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0221.064] GetSystemMetrics (nIndex=42) returned 0
[0221.064] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0221.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0221.064] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0221.064] SelectPalette (hdc=0x5c01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0221.065] RestoreDC (hdc=0x5c01065e, nSavedDC=-1) returned 1
[0221.065] GdipReleaseDC (graphics=0x6600030, hdc=0x5c01065e) returned 0x0
[0221.065] IsAppThemed () returned 0x1
[0221.065] GetThemeAppProperties () returned 0x3
[0221.065] GetThemeAppProperties () returned 0x3
[0221.065] IsAppThemed () returned 0x1
[0221.065] GetThemeAppProperties () returned 0x3
[0221.065] GetThemeAppProperties () returned 0x3
[0221.065] IsThemePartDefined () returned 0x1
[0221.065] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0221.065] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0221.065] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0221.065] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0221.065] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e4a4) returned 0x0
[0221.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0221.066] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0221.066] LocalFree (hMem=0x11eec58) returned 0x0
[0221.066] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0221.066] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0221.066] LocalFree (hMem=0x11eec58) returned 0x0
[0221.066] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0221.066] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0221.066] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0221.066] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0221.066] GdipDeleteRegion (region=0x6645638) returned 0x0
[0221.066] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0221.066] GetCurrentObject (hdc=0x5c01065e, type=0x1) returned 0xb00017
[0221.066] GetCurrentObject (hdc=0x5c01065e, type=0x2) returned 0x900010
[0221.066] GetCurrentObject (hdc=0x5c01065e, type=0x7) returned 0x4a0507fe
[0221.066] GetCurrentObject (hdc=0x5c01065e, type=0x6) returned 0x8a01c2
[0221.066] SaveDC (hdc=0x5c01065e) returned 1
[0221.066] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040807
[0221.066] GetClipRgn (hdc=0x5c01065e, hrgn=0x3f040807) returned 0
[0221.066] SelectClipRgn (hdc=0x5c01065e, hrgn=0xca0407de) returned 2
[0221.067] DeleteObject (ho=0x3f040807) returned 1
[0221.067] DeleteObject (ho=0xca0407de) returned 1
[0221.067] OffsetViewportOrgEx (in: hdc=0x5c01065e, x=0, y=0, lppt=0x2e1102c | out: lppt=0x2e1102c) returned 1
[0221.067] IsAppThemed () returned 0x1
[0221.067] GetThemeAppProperties () returned 0x3
[0221.067] GetThemeAppProperties () returned 0x3
[0221.067] DrawThemeBackground () returned 0x0
[0221.067] RestoreDC (hdc=0x5c01065e, nSavedDC=-1) returned 1
[0221.067] GdipReleaseDC (graphics=0x6600030, hdc=0x5c01065e) returned 0x0
[0221.067] GdipCreateRegion (region=0xd7e490) returned 0x0
[0221.067] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0221.067] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0221.067] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0221.067] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a8) returned 0x0
[0221.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0221.067] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0221.067] LocalFree (hMem=0x11eecc8) returned 0x0
[0221.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0221.067] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0221.067] LocalFree (hMem=0x11eec58) returned 0x0
[0221.068] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0221.068] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0221.068] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0221.068] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0221.068] GdipDeleteRegion (region=0x6645998) returned 0x0
[0221.068] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0221.068] GetCurrentObject (hdc=0x5c01065e, type=0x1) returned 0xb00017
[0221.068] GetCurrentObject (hdc=0x5c01065e, type=0x2) returned 0x900010
[0221.068] GetCurrentObject (hdc=0x5c01065e, type=0x7) returned 0x4a0507fe
[0221.068] GetCurrentObject (hdc=0x5c01065e, type=0x6) returned 0x8a01c2
[0221.068] SaveDC (hdc=0x5c01065e) returned 1
[0221.068] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcb0407de
[0221.068] GetClipRgn (hdc=0x5c01065e, hrgn=0xcb0407de) returned 0
[0221.068] SelectClipRgn (hdc=0x5c01065e, hrgn=0x40040807) returned 2
[0221.068] DeleteObject (ho=0xcb0407de) returned 1
[0221.068] DeleteObject (ho=0x40040807) returned 1
[0221.068] OffsetViewportOrgEx (in: hdc=0x5c01065e, x=0, y=0, lppt=0x2e11300 | out: lppt=0x2e11300) returned 1
[0221.068] IsAppThemed () returned 0x1
[0221.068] GetThemeAppProperties () returned 0x3
[0221.068] GetThemeAppProperties () returned 0x3
[0221.069] GetThemeBackgroundContentRect () returned 0x0
[0221.069] RestoreDC (hdc=0x5c01065e, nSavedDC=-1) returned 1
[0221.069] GdipReleaseDC (graphics=0x6600030, hdc=0x5c01065e) returned 0x0
[0221.069] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0221.069] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0221.069] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0221.069] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0221.069] IsAppThemed () returned 0x1
[0221.069] GetThemeAppProperties () returned 0x3
[0221.069] GetThemeAppProperties () returned 0x3
[0221.069] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0221.069] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0221.069] GetCurrentObject (hdc=0x5c01065e, type=0x1) returned 0xb00017
[0221.069] GetCurrentObject (hdc=0x5c01065e, type=0x2) returned 0x900010
[0221.069] GetCurrentObject (hdc=0x5c01065e, type=0x7) returned 0x4a0507fe
[0221.069] GetCurrentObject (hdc=0x5c01065e, type=0x6) returned 0x8a01c2
[0221.069] SaveDC (hdc=0x5c01065e) returned 1
[0221.069] GetTextAlign (hdc=0x5c01065e) returned 0x0
[0221.069] GetTextColor (hdc=0x5c01065e) returned 0x0
[0221.069] GetCurrentObject (hdc=0x5c01065e, type=0x6) returned 0x8a01c2
[0221.070] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0221.070] SelectObject (hdc=0x5c01065e, h=0x6d0a0520) returned 0x8a01c2
[0221.070] GetBkMode (hdc=0x5c01065e) returned 2
[0221.070] SetBkMode (hdc=0x5c01065e, mode=1) returned 2
[0221.070] DrawTextExW (in: hdc=0x5c01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e116c4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0221.070] DrawTextExW (in: hdc=0x5c01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e116c4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0221.070] RestoreDC (hdc=0x5c01065e, nSavedDC=-1) returned 1
[0221.071] GdipReleaseDC (graphics=0x6600030, hdc=0x5c01065e) returned 0x0
[0221.071] GetFocus () returned 0x602c4
[0221.071] IsAppThemed () returned 0x1
[0221.071] GetThemeAppProperties () returned 0x3
[0221.071] GetThemeAppProperties () returned 0x3
[0221.071] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0221.071] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x5c01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0221.071] GdipReleaseDC (graphics=0x6600030, hdc=0x5c01065e) returned 0x0
[0221.071] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0221.071] SelectObject (hdc=0x5c01065e, h=0x85000f) returned 0x4a0507fe
[0221.071] DeleteDC (hdc=0x5c01065e) returned 1
[0221.071] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0221.071] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0221.071] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.072] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.072] WaitMessage () returned 1
[0221.072] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.072] IsWindowUnicode (hWnd=0x30122) returned 1
[0221.072] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.072] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.072] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.074] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.075] IsWindowUnicode (hWnd=0x30122) returned 1
[0221.075] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.075] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.075] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.076] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.076] IsWindowUnicode (hWnd=0x30122) returned 1
[0221.076] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.076] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.076] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.076] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.076] IsWindowUnicode (hWnd=0x30122) returned 1
[0221.076] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.076] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.076] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.077] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.077] IsWindowUnicode (hWnd=0x30122) returned 1
[0221.077] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.077] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.077] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.077] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.078] IsWindowUnicode (hWnd=0x30122) returned 1
[0221.078] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.078] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.078] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.078] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.078] IsWindowUnicode (hWnd=0x30122) returned 1
[0221.078] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.078] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.078] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.078] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.079] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.079] WaitMessage () returned 1
[0221.095] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.095] IsWindowUnicode (hWnd=0x7005c) returned 1
[0221.095] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.095] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.095] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.095] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.095] IsWindowUnicode (hWnd=0x7005c) returned 1
[0221.095] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.096] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.096] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10c0231) returned 0x0
[0221.096] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.096] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.096] WaitMessage () returned 1
[0221.254] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.254] IsWindowUnicode (hWnd=0x502c6) returned 1
[0221.254] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0221.254] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0221.254] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0221.254] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.254] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0221.254] WaitMessage () returned 1
[0223.113] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.114] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b0101) returned 0x1
[0223.115] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.115] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.115] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0223.115] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0223.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0223.115] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.115] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b0101) returned 0x1
[0223.115] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.115] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.115] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b0101) returned 0x1
[0223.116] SetCursor (hCursor=0x10003) returned 0x10003
[0223.116] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0223.116] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0223.116] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0223.116] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0223.116] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0223.116] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0223.117] GetKeyState (nVirtKey=1) returned 1
[0223.117] GetKeyState (nVirtKey=2) returned 0
[0223.117] GetKeyState (nVirtKey=4) returned 0
[0223.117] GetKeyState (nVirtKey=5) returned 0
[0223.117] GetKeyState (nVirtKey=6) returned 0
[0223.117] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.117] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.117] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.117] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0223.117] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0223.117] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0223.118] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.118] CreateCompatibleDC (hdc=0xf0105ee) returned 0x510107da
[0223.118] SelectObject (hdc=0x510107da, h=0x4a0507fe) returned 0x85000f
[0223.119] GdipCreateFromHDC (hdc=0x510107da, graphics=0xd7e798) returned 0x0
[0223.119] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0223.119] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0223.119] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0223.119] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0223.119] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e7f8) returned 0x0
[0223.119] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0223.119] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0223.120] LocalFree (hMem=0x11eecc8) returned 0x0
[0223.120] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0223.120] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0223.120] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0223.120] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0223.120] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0223.120] GdipRestoreGraphics (graphics=0x6600030, state=0xf9aa0dbd) returned 0x0
[0223.120] GdipDeleteRegion (region=0x6645998) returned 0x0
[0223.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0223.120] GetCurrentObject (hdc=0x510107da, type=0x1) returned 0xb00017
[0223.120] GetCurrentObject (hdc=0x510107da, type=0x2) returned 0x900010
[0223.120] GetCurrentObject (hdc=0x510107da, type=0x7) returned 0x4a0507fe
[0223.120] GetCurrentObject (hdc=0x510107da, type=0x6) returned 0x8a01c2
[0223.120] SaveDC (hdc=0x510107da) returned 1
[0223.121] GetNearestColor (hdc=0x510107da, color=0xff) returned 0xff
[0223.121] GetNearestColor (hdc=0x510107da, color=0x55) returned 0x55
[0223.121] GetNearestColor (hdc=0x510107da, color=0x0) returned 0x0
[0223.121] GetNearestColor (hdc=0x510107da, color=0x55) returned 0x55
[0223.121] GetNearestColor (hdc=0x510107da, color=0x0) returned 0x0
[0223.121] GetNearestColor (hdc=0x510107da, color=0x8080ff) returned 0x8080ff
[0223.121] GetNearestColor (hdc=0x510107da, color=0x7373e5) returned 0x7373e5
[0223.121] GetNearestColor (hdc=0x510107da, color=0xe5) returned 0xe5
[0223.121] GetNearestColor (hdc=0x510107da, color=0x0) returned 0x0
[0223.121] RestoreDC (hdc=0x510107da, nSavedDC=-1) returned 1
[0223.121] GdipReleaseDC (graphics=0x6600030, hdc=0x510107da) returned 0x0
[0223.122] IsAppThemed () returned 0x1
[0223.122] GetThemeAppProperties () returned 0x3
[0223.122] GetThemeAppProperties () returned 0x3
[0223.122] IsAppThemed () returned 0x1
[0223.122] GetThemeAppProperties () returned 0x3
[0223.122] GetThemeAppProperties () returned 0x3
[0223.122] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e11f5c | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0223.123] IsAppThemed () returned 0x1
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] IsAppThemed () returned 0x1
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] IsAppThemed () returned 0x1
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] IsAppThemed () returned 0x1
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] IsThemePartDefined () returned 0x1
[0223.123] IsAppThemed () returned 0x1
[0223.123] GetThemeAppProperties () returned 0x3
[0223.123] GetThemeAppProperties () returned 0x3
[0223.124] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0223.124] IsAppThemed () returned 0x1
[0223.124] GetThemeAppProperties () returned 0x3
[0223.124] GetThemeAppProperties () returned 0x3
[0223.124] IsAppThemed () returned 0x1
[0223.124] GetThemeAppProperties () returned 0x3
[0223.124] GetThemeAppProperties () returned 0x3
[0223.124] IsThemePartDefined () returned 0x1
[0223.124] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0223.124] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0223.124] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0223.124] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0223.124] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e514) returned 0x0
[0223.124] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0223.124] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0223.124] LocalFree (hMem=0x11ee868) returned 0x0
[0223.124] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.124] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0223.124] LocalFree (hMem=0x11ee788) returned 0x0
[0223.125] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0223.125] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0223.125] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0223.125] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0223.125] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0223.125] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0223.125] GetCurrentObject (hdc=0x510107da, type=0x1) returned 0xb00017
[0223.125] GetCurrentObject (hdc=0x510107da, type=0x2) returned 0x900010
[0223.125] GetCurrentObject (hdc=0x510107da, type=0x7) returned 0x4a0507fe
[0223.125] GetCurrentObject (hdc=0x510107da, type=0x6) returned 0x8a01c2
[0223.125] SaveDC (hdc=0x510107da) returned 1
[0223.125] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x41040807
[0223.125] GetClipRgn (hdc=0x510107da, hrgn=0x41040807) returned 0
[0223.125] SelectClipRgn (hdc=0x510107da, hrgn=0xcf0407de) returned 2
[0223.125] DeleteObject (ho=0x41040807) returned 1
[0223.126] DeleteObject (ho=0xcf0407de) returned 1
[0223.126] OffsetViewportOrgEx (in: hdc=0x510107da, x=0, y=0, lppt=0x2e1260c | out: lppt=0x2e1260c) returned 1
[0223.126] DrawThemeParentBackground () returned 0x0
[0223.126] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0223.126] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0223.126] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.126] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.126] GetSystemMetrics (nIndex=42) returned 0
[0223.126] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.126] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0223.126] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0223.126] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0223.126] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0223.126] SelectPalette (hdc=0x510107da, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.127] GdipCreateFromHDC (hdc=0x510107da, graphics=0xd7dff0) returned 0x0
[0223.127] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0223.127] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0223.127] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638b48) returned 0x0
[0223.127] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfc8) returned 0x0
[0223.127] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0223.127] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0223.127] GdipGetClip (graphics=0x6631fe8, region=0x6645cf8) returned 0x0
[0223.127] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6631fe8, result=0xd7dfbc) returned 0x0
[0223.127] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0223.127] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dfe8) returned 0x0
[0223.127] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0223.135] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0223.135] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0223.137] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0223.137] SelectPalette (hdc=0x510107da, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.137] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.137] GetSystemMetrics (nIndex=42) returned 0
[0223.137] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0223.137] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0223.137] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0223.137] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0223.137] SelectPalette (hdc=0x510107da, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.137] GdipCreateFromHDC (hdc=0x510107da, graphics=0xd7df90) returned 0x0
[0223.138] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0223.138] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0223.138] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638db8) returned 0x0
[0223.138] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df68) returned 0x0
[0223.138] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0223.138] GdipCreateRegion (region=0xd7df50) returned 0x0
[0223.138] GdipGetClip (graphics=0x6631fe8, region=0x66460e8) returned 0x0
[0223.138] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6631fe8, result=0xd7df5c) returned 0x0
[0223.138] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0223.138] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7df88) returned 0x0
[0223.138] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0223.145] GdipFillRectangleI (graphics=0x6631fe8, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0223.145] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0223.147] GdipRestoreGraphics (graphics=0x6631fe8, state=0xf9a60dbd) returned 0x0
[0223.147] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.147] GetSystemMetrics (nIndex=42) returned 0
[0223.147] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0223.147] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0223.147] SelectPalette (hdc=0x510107da, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.147] RestoreDC (hdc=0x510107da, nSavedDC=-1) returned 1
[0223.147] GdipReleaseDC (graphics=0x6600030, hdc=0x510107da) returned 0x0
[0223.148] IsAppThemed () returned 0x1
[0223.148] GetThemeAppProperties () returned 0x3
[0223.148] GetThemeAppProperties () returned 0x3
[0223.148] IsAppThemed () returned 0x1
[0223.148] GetThemeAppProperties () returned 0x3
[0223.148] GetThemeAppProperties () returned 0x3
[0223.148] IsThemePartDefined () returned 0x1
[0223.148] GdipCreateRegion (region=0xd7e480) returned 0x0
[0223.148] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0223.148] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0223.148] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0223.148] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e498) returned 0x0
[0223.148] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0223.148] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0223.148] LocalFree (hMem=0x11ee8d8) returned 0x0
[0223.148] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0223.148] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0223.148] LocalFree (hMem=0x11eec58) returned 0x0
[0223.148] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0223.149] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0223.149] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0223.149] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0223.149] GdipDeleteRegion (region=0x6645758) returned 0x0
[0223.149] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0223.149] GetCurrentObject (hdc=0x510107da, type=0x1) returned 0xb00017
[0223.149] GetCurrentObject (hdc=0x510107da, type=0x2) returned 0x900010
[0223.149] GetCurrentObject (hdc=0x510107da, type=0x7) returned 0x4a0507fe
[0223.149] GetCurrentObject (hdc=0x510107da, type=0x6) returned 0x8a01c2
[0223.149] SaveDC (hdc=0x510107da) returned 1
[0223.149] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd00407de
[0223.149] GetClipRgn (hdc=0x510107da, hrgn=0xd00407de) returned 0
[0223.149] SelectClipRgn (hdc=0x510107da, hrgn=0x43040807) returned 2
[0223.149] DeleteObject (ho=0xd00407de) returned 1
[0223.149] DeleteObject (ho=0x43040807) returned 1
[0223.150] OffsetViewportOrgEx (in: hdc=0x510107da, x=0, y=0, lppt=0x2e18e5c | out: lppt=0x2e18e5c) returned 1
[0223.150] IsAppThemed () returned 0x1
[0223.150] GetThemeAppProperties () returned 0x3
[0223.150] GetThemeAppProperties () returned 0x3
[0223.150] DrawThemeBackground () returned 0x0
[0223.150] RestoreDC (hdc=0x510107da, nSavedDC=-1) returned 1
[0223.150] GdipReleaseDC (graphics=0x6600030, hdc=0x510107da) returned 0x0
[0223.150] GdipCreateRegion (region=0xd7e484) returned 0x0
[0223.150] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0223.150] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0223.150] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0223.150] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e49c) returned 0x0
[0223.150] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0223.150] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0223.150] LocalFree (hMem=0x11ee9f0) returned 0x0
[0223.151] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0223.151] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0223.151] LocalFree (hMem=0x11ee9f0) returned 0x0
[0223.151] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0223.151] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0223.151] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0223.151] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0223.151] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0223.151] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0223.151] GetCurrentObject (hdc=0x510107da, type=0x1) returned 0xb00017
[0223.151] GetCurrentObject (hdc=0x510107da, type=0x2) returned 0x900010
[0223.151] GetCurrentObject (hdc=0x510107da, type=0x7) returned 0x4a0507fe
[0223.151] GetCurrentObject (hdc=0x510107da, type=0x6) returned 0x8a01c2
[0223.151] SaveDC (hdc=0x510107da) returned 1
[0223.151] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x44040807
[0223.151] GetClipRgn (hdc=0x510107da, hrgn=0x44040807) returned 0
[0223.151] SelectClipRgn (hdc=0x510107da, hrgn=0xd10407de) returned 2
[0223.152] DeleteObject (ho=0x44040807) returned 1
[0223.152] DeleteObject (ho=0xd10407de) returned 1
[0223.152] OffsetViewportOrgEx (in: hdc=0x510107da, x=0, y=0, lppt=0x2e19130 | out: lppt=0x2e19130) returned 1
[0223.152] IsAppThemed () returned 0x1
[0223.152] GetThemeAppProperties () returned 0x3
[0223.152] GetThemeAppProperties () returned 0x3
[0223.152] GetThemeBackgroundContentRect () returned 0x0
[0223.152] RestoreDC (hdc=0x510107da, nSavedDC=-1) returned 1
[0223.152] GdipReleaseDC (graphics=0x6600030, hdc=0x510107da) returned 0x0
[0223.152] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0223.152] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0223.152] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0223.152] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0223.152] IsAppThemed () returned 0x1
[0223.152] GetThemeAppProperties () returned 0x3
[0223.152] GetThemeAppProperties () returned 0x3
[0223.152] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0223.153] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0223.153] GetCurrentObject (hdc=0x510107da, type=0x1) returned 0xb00017
[0223.153] GetCurrentObject (hdc=0x510107da, type=0x2) returned 0x900010
[0223.153] GetCurrentObject (hdc=0x510107da, type=0x7) returned 0x4a0507fe
[0223.153] GetCurrentObject (hdc=0x510107da, type=0x6) returned 0x8a01c2
[0223.153] SaveDC (hdc=0x510107da) returned 1
[0223.153] GetTextAlign (hdc=0x510107da) returned 0x0
[0223.153] GetTextColor (hdc=0x510107da) returned 0x0
[0223.153] GetCurrentObject (hdc=0x510107da, type=0x6) returned 0x8a01c2
[0223.153] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0223.153] SelectObject (hdc=0x510107da, h=0x6d0a0520) returned 0x8a01c2
[0223.153] GetBkMode (hdc=0x510107da) returned 2
[0223.153] SetBkMode (hdc=0x510107da, mode=1) returned 2
[0223.154] DrawTextExW (in: hdc=0x510107da, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e194f4 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0223.154] DrawTextExW (in: hdc=0x510107da, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e194f4 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0223.155] RestoreDC (hdc=0x510107da, nSavedDC=-1) returned 1
[0223.155] GdipReleaseDC (graphics=0x6600030, hdc=0x510107da) returned 0x0
[0223.155] GetFocus () returned 0x602c4
[0223.155] IsAppThemed () returned 0x1
[0223.155] GetThemeAppProperties () returned 0x3
[0223.155] GetThemeAppProperties () returned 0x3
[0223.155] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0223.155] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x510107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0223.156] GdipReleaseDC (graphics=0x6600030, hdc=0x510107da) returned 0x0
[0223.156] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.156] SelectObject (hdc=0x510107da, h=0x85000f) returned 0x4a0507fe
[0223.156] DeleteDC (hdc=0x510107da) returned 1
[0223.156] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.156] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0223.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0223.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0223.156] WaitMessage () returned 1
[0223.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.232] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.232] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.232] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0223.232] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0223.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.232] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.232] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.232] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0223.232] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0223.232] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x40026) returned 0x0
[0223.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0223.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0223.233] WaitMessage () returned 1
[0223.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b0101) returned 0x1
[0223.361] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.361] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b0101) returned 0x1
[0223.362] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0223.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1960043) returned 0x0
[0223.362] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0223.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0223.362] SetCursor (hCursor=0x10003) returned 0x10003
[0223.362] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0223.362] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0223.362] GetKeyState (nVirtKey=1) returned -128
[0223.362] GetKeyState (nVirtKey=2) returned 0
[0223.362] GetKeyState (nVirtKey=4) returned 0
[0223.362] GetKeyState (nVirtKey=5) returned 0
[0223.362] GetKeyState (nVirtKey=6) returned 0
[0223.362] IsWindowVisible (hWnd=0x602c4) returned 1
[0223.363] IsWindowEnabled (hWnd=0x602c4) returned 1
[0223.363] SetFocus (hWnd=0x602c4) returned 0x602c4
[0223.363] GetFocus () returned 0x602c4
[0223.363] GetFocus () returned 0x602c4
[0223.363] GetFocus () returned 0x602c4
[0223.363] GetKeyState (nVirtKey=1) returned -128
[0223.363] GetKeyState (nVirtKey=2) returned 0
[0223.363] GetKeyState (nVirtKey=4) returned 0
[0223.363] GetKeyState (nVirtKey=5) returned 0
[0223.363] GetKeyState (nVirtKey=6) returned 0
[0223.363] GetCapture () returned 0x0
[0223.363] SetCapture (hWnd=0x602c4) returned 0x0
[0223.363] GetKeyState (nVirtKey=1) returned -128
[0223.363] GetKeyState (nVirtKey=2) returned 0
[0223.363] GetKeyState (nVirtKey=4) returned 0
[0223.363] GetKeyState (nVirtKey=5) returned 0
[0223.363] GetKeyState (nVirtKey=6) returned 0
[0223.363] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0223.363] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0223.364] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.364] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.364] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0223.364] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0223.364] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0223.364] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e19678, cPoints=0x1 | out: lpPoints=0x2e19678) returned 40304859
[0223.364] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0223.364] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0223.364] UpdateWindow (hWnd=0x602c4) returned 1
[0223.364] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0223.364] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.365] CreateCompatibleDC (hdc=0xf0105ee) returned 0x520107da
[0223.365] SelectObject (hdc=0x520107da, h=0x4a0507fe) returned 0x85000f
[0223.365] GdipCreateFromHDC (hdc=0x520107da, graphics=0xd7e430) returned 0x0
[0223.365] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0223.365] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0223.365] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0223.365] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0223.365] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e490) returned 0x0
[0223.365] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0223.365] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0223.365] LocalFree (hMem=0x11ee9f0) returned 0x0
[0223.365] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0223.365] GdipCreateRegion (region=0xd7e478) returned 0x0
[0223.366] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0223.366] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0223.366] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0223.366] GdipRestoreGraphics (graphics=0x6600030, state=0xf9a40dbd) returned 0x0
[0223.366] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0223.366] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0223.366] GetCurrentObject (hdc=0x520107da, type=0x1) returned 0xb00017
[0223.366] GetCurrentObject (hdc=0x520107da, type=0x2) returned 0x900010
[0223.366] GetCurrentObject (hdc=0x520107da, type=0x7) returned 0x4a0507fe
[0223.366] GetCurrentObject (hdc=0x520107da, type=0x6) returned 0x8a01c2
[0223.366] SaveDC (hdc=0x520107da) returned 1
[0223.366] GetNearestColor (hdc=0x520107da, color=0xff) returned 0xff
[0223.366] GetNearestColor (hdc=0x520107da, color=0x55) returned 0x55
[0223.366] GetNearestColor (hdc=0x520107da, color=0x0) returned 0x0
[0223.366] GetNearestColor (hdc=0x520107da, color=0x55) returned 0x55
[0223.367] GetNearestColor (hdc=0x520107da, color=0x0) returned 0x0
[0223.367] GetNearestColor (hdc=0x520107da, color=0x8080ff) returned 0x8080ff
[0223.367] GetNearestColor (hdc=0x520107da, color=0x7373e5) returned 0x7373e5
[0223.367] GetNearestColor (hdc=0x520107da, color=0xe5) returned 0xe5
[0223.367] GetNearestColor (hdc=0x520107da, color=0x0) returned 0x0
[0223.367] RestoreDC (hdc=0x520107da, nSavedDC=-1) returned 1
[0223.367] GdipReleaseDC (graphics=0x6600030, hdc=0x520107da) returned 0x0
[0223.367] IsAppThemed () returned 0x1
[0223.367] GetThemeAppProperties () returned 0x3
[0223.367] GetThemeAppProperties () returned 0x3
[0223.367] IsAppThemed () returned 0x1
[0223.367] GetThemeAppProperties () returned 0x3
[0223.367] GetThemeAppProperties () returned 0x3
[0223.367] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e19d94 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0223.368] IsAppThemed () returned 0x1
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] IsAppThemed () returned 0x1
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] IsAppThemed () returned 0x1
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] IsAppThemed () returned 0x1
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] IsThemePartDefined () returned 0x1
[0223.368] IsAppThemed () returned 0x1
[0223.368] GetThemeAppProperties () returned 0x3
[0223.368] GetThemeAppProperties () returned 0x3
[0223.369] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0223.369] IsAppThemed () returned 0x1
[0223.369] GetThemeAppProperties () returned 0x3
[0223.369] GetThemeAppProperties () returned 0x3
[0223.369] IsAppThemed () returned 0x1
[0223.369] GetThemeAppProperties () returned 0x3
[0223.369] GetThemeAppProperties () returned 0x3
[0223.369] IsThemePartDefined () returned 0x1
[0223.369] GdipCreateRegion (region=0xd7e194) returned 0x0
[0223.369] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0223.369] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0223.369] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0223.369] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e1ac) returned 0x0
[0223.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.369] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0223.369] LocalFree (hMem=0x11ee788) returned 0x0
[0223.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0223.369] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea98) returned 0x0
[0223.369] LocalFree (hMem=0x11eea98) returned 0x0
[0223.370] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0223.370] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0223.370] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0223.370] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0223.370] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0223.370] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0223.370] GetCurrentObject (hdc=0x520107da, type=0x1) returned 0xb00017
[0223.370] GetCurrentObject (hdc=0x520107da, type=0x2) returned 0x900010
[0223.370] GetCurrentObject (hdc=0x520107da, type=0x7) returned 0x4a0507fe
[0223.370] GetCurrentObject (hdc=0x520107da, type=0x6) returned 0x8a01c2
[0223.370] SaveDC (hdc=0x520107da) returned 1
[0223.370] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd20407de
[0223.370] GetClipRgn (hdc=0x520107da, hrgn=0xd20407de) returned 0
[0223.370] SelectClipRgn (hdc=0x520107da, hrgn=0x48040807) returned 2
[0223.370] DeleteObject (ho=0xd20407de) returned 1
[0223.370] DeleteObject (ho=0x48040807) returned 1
[0223.371] OffsetViewportOrgEx (in: hdc=0x520107da, x=0, y=0, lppt=0x2e1a444 | out: lppt=0x2e1a444) returned 1
[0223.371] DrawThemeParentBackground () returned 0x0
[0223.371] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0223.371] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0223.371] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.371] GetSystemMetrics (nIndex=42) returned 0
[0223.371] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0223.371] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0223.371] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0223.371] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0223.371] SelectPalette (hdc=0x520107da, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.371] GdipCreateFromHDC (hdc=0x520107da, graphics=0xd7dc88) returned 0x0
[0223.372] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0223.372] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0223.372] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638a88) returned 0x0
[0223.372] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc60) returned 0x0
[0223.373] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0223.373] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0223.373] GdipGetClip (graphics=0x6631fe8, region=0x6645bd8) returned 0x0
[0223.373] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6631fe8, result=0xd7dc54) returned 0x0
[0223.373] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0223.373] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dc80) returned 0x0
[0223.373] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0223.380] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0223.380] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0223.381] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0223.382] SelectPalette (hdc=0x520107da, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.382] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.382] GetSystemMetrics (nIndex=42) returned 0
[0223.382] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0223.382] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0223.382] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0223.382] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0223.382] SelectPalette (hdc=0x520107da, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.382] GdipCreateFromHDC (hdc=0x520107da, graphics=0xd7dc28) returned 0x0
[0223.383] GdipSetPageUnit (graphics=0x6631fe8, unit=0x2) returned 0x0
[0223.383] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0223.383] GdipGetWorldTransform (graphics=0x6631fe8, matrix=0x6638b18) returned 0x0
[0223.383] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0223.383] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0223.383] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0223.383] GdipGetClip (graphics=0x6631fe8, region=0x6645ea8) returned 0x0
[0223.383] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6631fe8, result=0xd7dbf4) returned 0x0
[0223.383] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0223.383] GdipSaveGraphics (graphics=0x6631fe8, state=0xd7dc20) returned 0x0
[0223.383] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0223.390] GdipFillRectangleI (graphics=0x6631fe8, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0223.390] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0223.392] GdipRestoreGraphics (graphics=0x6631fe8, state=0xf9a00dbd) returned 0x0
[0223.392] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.392] GetSystemMetrics (nIndex=42) returned 0
[0223.392] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0223.392] GdipDeleteGraphics (graphics=0x6631fe8) returned 0x0
[0223.392] SelectPalette (hdc=0x520107da, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.392] RestoreDC (hdc=0x520107da, nSavedDC=-1) returned 1
[0223.392] GdipReleaseDC (graphics=0x6600030, hdc=0x520107da) returned 0x0
[0223.392] IsAppThemed () returned 0x1
[0223.393] GetThemeAppProperties () returned 0x3
[0223.393] GetThemeAppProperties () returned 0x3
[0223.393] IsAppThemed () returned 0x1
[0223.393] GetThemeAppProperties () returned 0x3
[0223.393] GetThemeAppProperties () returned 0x3
[0223.393] IsThemePartDefined () returned 0x1
[0223.393] GdipCreateRegion (region=0xd7e118) returned 0x0
[0223.393] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0223.393] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0223.393] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0223.393] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e130) returned 0x0
[0223.393] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0223.393] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0223.393] LocalFree (hMem=0x11ee868) returned 0x0
[0223.393] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0223.393] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eead0) returned 0x0
[0223.393] LocalFree (hMem=0x11eead0) returned 0x0
[0223.393] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0223.394] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e158) returned 0x0
[0223.394] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e148) returned 0x0
[0223.394] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0223.394] GdipDeleteRegion (region=0x6645518) returned 0x0
[0223.394] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0223.394] GetCurrentObject (hdc=0x520107da, type=0x1) returned 0xb00017
[0223.394] GetCurrentObject (hdc=0x520107da, type=0x2) returned 0x900010
[0223.394] GetCurrentObject (hdc=0x520107da, type=0x7) returned 0x4a0507fe
[0223.394] GetCurrentObject (hdc=0x520107da, type=0x6) returned 0x8a01c2
[0223.394] SaveDC (hdc=0x520107da) returned 1
[0223.394] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x49040807
[0223.394] GetClipRgn (hdc=0x520107da, hrgn=0x49040807) returned 0
[0223.394] SelectClipRgn (hdc=0x520107da, hrgn=0xd40407de) returned 2
[0223.394] DeleteObject (ho=0x49040807) returned 1
[0223.394] DeleteObject (ho=0xd40407de) returned 1
[0223.394] OffsetViewportOrgEx (in: hdc=0x520107da, x=0, y=0, lppt=0x2e20c94 | out: lppt=0x2e20c94) returned 1
[0223.395] IsAppThemed () returned 0x1
[0223.395] GetThemeAppProperties () returned 0x3
[0223.395] GetThemeAppProperties () returned 0x3
[0223.395] DrawThemeBackground () returned 0x0
[0223.395] RestoreDC (hdc=0x520107da, nSavedDC=-1) returned 1
[0223.395] GdipReleaseDC (graphics=0x6600030, hdc=0x520107da) returned 0x0
[0223.395] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0223.395] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0223.395] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0223.395] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0223.395] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e134) returned 0x0
[0223.395] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0223.395] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0223.395] LocalFree (hMem=0x11eec58) returned 0x0
[0223.395] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.395] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0223.395] LocalFree (hMem=0x11ee788) returned 0x0
[0223.396] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0223.396] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0223.396] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0223.396] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0223.396] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0223.396] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0223.396] GetCurrentObject (hdc=0x520107da, type=0x1) returned 0xb00017
[0223.396] GetCurrentObject (hdc=0x520107da, type=0x2) returned 0x900010
[0223.396] GetCurrentObject (hdc=0x520107da, type=0x7) returned 0x4a0507fe
[0223.396] GetCurrentObject (hdc=0x520107da, type=0x6) returned 0x8a01c2
[0223.396] SaveDC (hdc=0x520107da) returned 1
[0223.396] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd50407de
[0223.396] GetClipRgn (hdc=0x520107da, hrgn=0xd50407de) returned 0
[0223.396] SelectClipRgn (hdc=0x520107da, hrgn=0x4a040807) returned 2
[0223.396] DeleteObject (ho=0xd50407de) returned 1
[0223.396] DeleteObject (ho=0x4a040807) returned 1
[0223.397] OffsetViewportOrgEx (in: hdc=0x520107da, x=0, y=0, lppt=0x2e20f68 | out: lppt=0x2e20f68) returned 1
[0223.397] IsAppThemed () returned 0x1
[0223.397] GetThemeAppProperties () returned 0x3
[0223.397] GetThemeAppProperties () returned 0x3
[0223.397] GetThemeBackgroundContentRect () returned 0x0
[0223.397] RestoreDC (hdc=0x520107da, nSavedDC=-1) returned 1
[0223.397] GdipReleaseDC (graphics=0x6600030, hdc=0x520107da) returned 0x0
[0223.397] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0223.397] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0223.397] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0223.397] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0223.397] IsAppThemed () returned 0x1
[0223.397] GetThemeAppProperties () returned 0x3
[0223.397] GetThemeAppProperties () returned 0x3
[0223.397] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0223.397] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0223.397] GetCurrentObject (hdc=0x520107da, type=0x1) returned 0xb00017
[0223.397] GetCurrentObject (hdc=0x520107da, type=0x2) returned 0x900010
[0223.398] GetCurrentObject (hdc=0x520107da, type=0x7) returned 0x4a0507fe
[0223.398] GetCurrentObject (hdc=0x520107da, type=0x6) returned 0x8a01c2
[0223.398] SaveDC (hdc=0x520107da) returned 1
[0223.398] GetTextAlign (hdc=0x520107da) returned 0x0
[0223.398] GetTextColor (hdc=0x520107da) returned 0x0
[0223.398] GetCurrentObject (hdc=0x520107da, type=0x6) returned 0x8a01c2
[0223.398] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0223.398] SelectObject (hdc=0x520107da, h=0x6d0a0520) returned 0x8a01c2
[0223.398] GetBkMode (hdc=0x520107da) returned 2
[0223.398] SetBkMode (hdc=0x520107da, mode=1) returned 2
[0223.398] DrawTextExW (in: hdc=0x520107da, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e2132c | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0223.399] DrawTextExW (in: hdc=0x520107da, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e2132c | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0223.399] RestoreDC (hdc=0x520107da, nSavedDC=-1) returned 1
[0223.399] GdipReleaseDC (graphics=0x6600030, hdc=0x520107da) returned 0x0
[0223.399] GetFocus () returned 0x602c4
[0223.399] IsAppThemed () returned 0x1
[0223.399] GetThemeAppProperties () returned 0x3
[0223.399] GetThemeAppProperties () returned 0x3
[0223.400] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0223.400] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x520107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0223.400] GdipReleaseDC (graphics=0x6600030, hdc=0x520107da) returned 0x0
[0223.400] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.400] SelectObject (hdc=0x520107da, h=0x85000f) returned 0x4a0507fe
[0223.400] DeleteDC (hdc=0x520107da) returned 1
[0223.400] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.400] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0223.401] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e21428, cPoints=0x1 | out: lpPoints=0x2e21428) returned 40304859
[0223.401] WindowFromPoint (Point=0x101) returned 0x602c4
[0223.401] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b0101) returned 0x1
[0223.401] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0223.401] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0223.401] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0223.401] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0223.401] GetSystemMetrics (nIndex=42) returned 0
[0223.401] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0223.401] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0223.405] GetCapture () returned 0x602c4
[0223.405] ReleaseCapture () returned 1
[0223.405] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0223.405] GetProcessWindowStation () returned 0x13c
[0223.405] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.406] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0223.406] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.406] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0223.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.407] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0223.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.407] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0223.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.408] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0223.408] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.408] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0223.408] GetDC (hWnd=0x0) returned 0xc0107c5
[0223.408] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0223.409] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0223.409] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.409] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0223.409] GetSystemMetrics (nIndex=5) returned 1
[0223.409] GetSystemMetrics (nIndex=6) returned 1
[0223.409] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.409] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0223.409] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.410] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0223.414] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0223.414] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0223.414] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.414] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0223.414] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.414] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0223.415] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e26e44 | out: lpData=0x2e26e44) returned 1
[0223.416] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e27254, puLen=0xd7e810) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26efc, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26f50, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26fd0, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e27038, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e27078, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e27100, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2713c, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e27194, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e271c4, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e27200, puLen=0xd7e790) returned 1
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e27254, puLen=0xd7e784) returned 1
[0223.417] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.417] VerQueryValueW (in: pBlock=0x2e26e44, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e26e6c, puLen=0xd7e794) returned 1
[0223.418] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0223.418] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0223.418] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.418] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0223.418] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.419] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0223.419] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e28db4 | out: lpData=0x2e28db4) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e28e50, puLen=0xd7e810) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28ec8, puLen=0xd7e790) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28ef8, puLen=0xd7e790) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28f34, puLen=0xd7e790) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28f64, puLen=0xd7e790) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28fac, puLen=0xd7e790) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e29024, puLen=0xd7e790) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e29068, puLen=0xd7e790) returned 1
[0223.419] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e290a8, puLen=0xd7e790) returned 1
[0223.420] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28ea6, puLen=0xd7e790) returned 1
[0223.420] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28ff4, puLen=0xd7e790) returned 1
[0223.420] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.420] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.420] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e28e50, puLen=0xd7e784) returned 1
[0223.420] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0223.420] VerQueryValueW (in: pBlock=0x2e28db4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e28ddc, puLen=0xd7e794) returned 1
[0223.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0223.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0223.421] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.421] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0223.421] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.421] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0223.422] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e2b08c | out: lpData=0x2e2b08c) returned 1
[0223.423] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2b4a0, puLen=0xd7e810) returned 1
[0223.423] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b144, puLen=0xd7e790) returned 1
[0223.423] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b198, puLen=0xd7e790) returned 1
[0223.423] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b1f4, puLen=0xd7e790) returned 1
[0223.423] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b254, puLen=0xd7e790) returned 1
[0223.423] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b2ac, puLen=0xd7e790) returned 1
[0223.423] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b334, puLen=0xd7e790) returned 1
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b388, puLen=0xd7e790) returned 1
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b3e0, puLen=0xd7e790) returned 1
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b410, puLen=0xd7e790) returned 1
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2b44c, puLen=0xd7e790) returned 1
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2b4a0, puLen=0xd7e784) returned 1
[0223.424] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.424] VerQueryValueW (in: pBlock=0x2e2b08c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2b0b4, puLen=0xd7e794) returned 1
[0223.425] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0223.425] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0223.425] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.425] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0223.426] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.426] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0223.427] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e2d6c4 | out: lpData=0x2e2d6c4) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2dac4, puLen=0xd7e810) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2d77c, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2d7d0, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2d810, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2d878, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2d8d0, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2d958, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2d9ac, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2da04, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2da34, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2da70, puLen=0xd7e790) returned 1
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2dac4, puLen=0xd7e784) returned 1
[0223.428] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.428] VerQueryValueW (in: pBlock=0x2e2d6c4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2d6ec, puLen=0xd7e794) returned 1
[0223.429] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0223.429] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0223.429] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.430] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0223.430] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.430] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0223.431] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e2fe00 | out: lpData=0x2e2fe00) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e301c8, puLen=0xd7e810) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2feb8, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ff0c, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ff4c, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ffb4, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2fff0, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e30078, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e300b0, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e30108, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e30138, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e30174, puLen=0xd7e790) returned 1
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e301c8, puLen=0xd7e784) returned 1
[0223.432] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.432] VerQueryValueW (in: pBlock=0x2e2fe00, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2fe28, puLen=0xd7e794) returned 1
[0223.433] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0223.433] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0223.433] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.434] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0223.434] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.434] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0223.438] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e33468 | out: lpData=0x2e33468) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e33848, puLen=0xd7e810) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33520, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33574, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e335b4, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33614, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33660, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e336e8, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33730, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e33788, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e337b8, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e337f4, puLen=0xd7e790) returned 1
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.439] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e33848, puLen=0xd7e784) returned 1
[0223.440] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.440] VerQueryValueW (in: pBlock=0x2e33468, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e33490, puLen=0xd7e794) returned 1
[0223.441] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0223.441] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0223.441] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.441] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0223.441] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.441] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0223.442] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e35c88 | out: lpData=0x2e35c88) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e36094, puLen=0xd7e810) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35d40, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35d94, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35de8, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35e48, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35ea0, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35f28, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35f7c, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e35fd4, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e36004, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e36040, puLen=0xd7e790) returned 1
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e36094, puLen=0xd7e784) returned 1
[0223.443] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.443] VerQueryValueW (in: pBlock=0x2e35c88, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e35cb0, puLen=0xd7e794) returned 1
[0223.444] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0223.444] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0223.445] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.445] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0223.445] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.445] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0223.446] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e3849c | out: lpData=0x2e3849c) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e38874, puLen=0xd7e810) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e38554, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e385a8, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e385e8, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e38650, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e38694, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3871c, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3875c, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e387b4, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e387e4, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e38820, puLen=0xd7e790) returned 1
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e38874, puLen=0xd7e784) returned 1
[0223.447] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.447] VerQueryValueW (in: pBlock=0x2e3849c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e384c4, puLen=0xd7e794) returned 1
[0223.448] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0223.448] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0223.448] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.448] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0223.449] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.449] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0223.450] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e3a9f4 | out: lpData=0x2e3a9f4) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3adcc, puLen=0xd7e810) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3aaac, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ab00, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ab40, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3aba8, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3abec, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ac74, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3acb4, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ad0c, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ad3c, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ad78, puLen=0xd7e790) returned 1
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3adcc, puLen=0xd7e784) returned 1
[0223.451] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.451] VerQueryValueW (in: pBlock=0x2e3a9f4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3aa1c, puLen=0xd7e794) returned 1
[0223.452] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0223.452] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0223.452] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0223.452] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0223.453] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0223.453] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0223.453] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e3d12c | out: lpData=0x2e3d12c) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3d55c, puLen=0xd7e810) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d1e4, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d238, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d2a8, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d308, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d364, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d3ec, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d444, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d49c, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d4cc, puLen=0xd7e790) returned 1
[0223.454] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.455] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d508, puLen=0xd7e790) returned 1
[0223.455] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0223.455] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3d55c, puLen=0xd7e784) returned 1
[0223.455] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0223.455] VerQueryValueW (in: pBlock=0x2e3d12c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3d154, puLen=0xd7e794) returned 1
[0223.455] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0223.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.456] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0223.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.456] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.456] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1502c8
[0223.457] SetWindowLongW (hWnd=0x1502c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0223.457] GetWindowLongW (hWnd=0x1502c8, nIndex=-4) returned 1950089536
[0223.458] SetWindowLongW (hWnd=0x1502c8, nIndex=-4, dwNewLong=19946958) returned 1950089536
[0223.458] GetWindowLongW (hWnd=0x1502c8, nIndex=-4) returned 19946958
[0223.458] GetWindowLongW (hWnd=0x1502c8, nIndex=-16) returned 113311744
[0223.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0223.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0223.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0223.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0223.460] GetClientRect (in: hWnd=0x1502c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0223.460] GetWindowRect (in: hWnd=0x1502c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0223.460] SetWindowTextW (hWnd=0x1502c8, lpString="WindowsFormsParkingWindow") returned 1
[0223.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0xc, wParam=0x0, lParam=0x2e027b4) returned 0x1
[0223.461] GetParent (hWnd=0x1502c8) returned 0x0
[0223.461] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.461] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1502c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e00ea
[0223.462] SetWindowLongW (hWnd=0x1e00ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0223.462] GetWindowLongW (hWnd=0x1e00ea, nIndex=-4) returned 1868147648
[0223.462] SetWindowLongW (hWnd=0x1e00ea, nIndex=-4, dwNewLong=19946998) returned 1868147648
[0223.462] GetWindowLongW (hWnd=0x1e00ea, nIndex=-4) returned 19946998
[0223.462] GetWindowLongW (hWnd=0x1e00ea, nIndex=-16) returned 1174405133
[0223.462] GetWindowLongW (hWnd=0x1e00ea, nIndex=-12) returned 0
[0223.463] SetWindowLongW (hWnd=0x1e00ea, nIndex=-12, dwNewLong=1966314) returned 0
[0223.463] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0223.463] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0223.464] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0223.464] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0223.464] GetWindowRect (in: hWnd=0x1e00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0223.464] GetParent (hWnd=0x1e00ea) returned 0x1502c8
[0223.464] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502c8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0223.465] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0223.465] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0223.465] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0223.465] GetWindowRect (in: hWnd=0x1e00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0223.465] GetParent (hWnd=0x1e00ea) returned 0x1502c8
[0223.465] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502c8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0223.465] SendMessageW (hWnd=0x1e00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1e00ea) returned 0x0
[0223.465] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1e00ea) returned 0x0
[0223.466] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.467] GetParent (hWnd=0x1e00ea) returned 0x1502c8
[0223.467] GdipCreateFromHWND (hwnd=0x1e00ea, graphics=0xd7e844) returned 0x0
[0223.468] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0223.468] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.468] GetForegroundWindow () returned 0x7005c
[0223.469] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.469] GetSystemMetrics (nIndex=42) returned 0
[0223.469] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0223.469] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0223.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.469] GetSystemMetrics (nIndex=42) returned 0
[0223.469] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0223.470] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.470] GetCursorPos (in: lpPoint=0x2e415b0 | out: lpPoint=0x2e415b0*(x=257, y=619)) returned 1
[0223.470] MonitorFromPoint (pt=0x101, dwFlags=0x26b) returned 0x10001
[0223.470] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0223.470] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x550107da
[0223.470] GetDeviceCaps (hdc=0x550107da, index=12) returned 32
[0223.470] GetDeviceCaps (hdc=0x550107da, index=14) returned 1
[0223.470] DeleteDC (hdc=0x550107da) returned 1
[0223.471] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0223.471] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0223.471] GetSystemMetrics (nIndex=59) returned 1460
[0223.471] GetSystemMetrics (nIndex=60) returned 920
[0223.471] GetSystemMetrics (nIndex=34) returned 136
[0223.471] GetSystemMetrics (nIndex=35) returned 39
[0223.471] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.471] GetCursorPos (in: lpPoint=0x2e4181c | out: lpPoint=0x2e4181c*(x=257, y=619)) returned 1
[0223.471] MonitorFromPoint (pt=0x101, dwFlags=0x26b) returned 0x10001
[0223.471] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0223.472] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x560107da
[0223.472] GetDeviceCaps (hdc=0x560107da, index=12) returned 32
[0223.472] GetDeviceCaps (hdc=0x560107da, index=14) returned 1
[0223.472] DeleteDC (hdc=0x560107da) returned 1
[0223.472] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0223.472] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0223.472] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.472] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0223.473] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e41ab4 | out: piconinfo=0x2e41ab4) returned 1
[0223.473] GetObjectW (in: h=0xef050173, c=24, pv=0x2e41ad0 | out: pv=0x2e41ad0) returned 24
[0223.473] GdipCreateBitmapFromHBITMAP (hbm=0xef050173, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0223.473] GdipGetImageWidth (image=0x664f448, width=0xd7e750) returned 0x0
[0223.473] GdipGetImageHeight (image=0x664f448, height=0xd7e748) returned 0x0
[0223.473] GdipGetImagePixelFormat (image=0x664f448, format=0xd7e740) returned 0x0
[0223.474] GdipBitmapLockBits (bitmap=0x664f448, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e41b88) returned 0x0
[0223.474] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0223.474] GdipBitmapLockBits (bitmap=0x664ea70, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e41bc0) returned 0x0
[0223.474] RtlMoveMemory (in: Destination=0x6660f58, Source=0x665bea8, Length=0x80 | out: Destination=0x6660f58)
[0223.474] RtlMoveMemory (in: Destination=0x6660fd8, Source=0x665be28, Length=0x80 | out: Destination=0x6660fd8)
[0223.474] RtlMoveMemory (in: Destination=0x6661058, Source=0x665bda8, Length=0x80 | out: Destination=0x6661058)
[0223.474] RtlMoveMemory (in: Destination=0x66610d8, Source=0x665bd28, Length=0x80 | out: Destination=0x66610d8)
[0223.474] RtlMoveMemory (in: Destination=0x6661158, Source=0x665bca8, Length=0x80 | out: Destination=0x6661158)
[0223.474] RtlMoveMemory (in: Destination=0x66611d8, Source=0x665bc28, Length=0x80 | out: Destination=0x66611d8)
[0223.474] RtlMoveMemory (in: Destination=0x6661258, Source=0x665bba8, Length=0x80 | out: Destination=0x6661258)
[0223.474] RtlMoveMemory (in: Destination=0x66612d8, Source=0x665bb28, Length=0x80 | out: Destination=0x66612d8)
[0223.474] RtlMoveMemory (in: Destination=0x6661358, Source=0x665baa8, Length=0x80 | out: Destination=0x6661358)
[0223.474] RtlMoveMemory (in: Destination=0x66613d8, Source=0x665ba28, Length=0x80 | out: Destination=0x66613d8)
[0223.474] RtlMoveMemory (in: Destination=0x6661458, Source=0x665b9a8, Length=0x80 | out: Destination=0x6661458)
[0223.474] RtlMoveMemory (in: Destination=0x66614d8, Source=0x665b928, Length=0x80 | out: Destination=0x66614d8)
[0223.474] RtlMoveMemory (in: Destination=0x6661558, Source=0x665b8a8, Length=0x80 | out: Destination=0x6661558)
[0223.475] RtlMoveMemory (in: Destination=0x66615d8, Source=0x665b828, Length=0x80 | out: Destination=0x66615d8)
[0223.475] RtlMoveMemory (in: Destination=0x6661658, Source=0x665b7a8, Length=0x80 | out: Destination=0x6661658)
[0223.475] RtlMoveMemory (in: Destination=0x66616d8, Source=0x665b728, Length=0x80 | out: Destination=0x66616d8)
[0223.475] RtlMoveMemory (in: Destination=0x6661758, Source=0x665b6a8, Length=0x80 | out: Destination=0x6661758)
[0223.475] RtlMoveMemory (in: Destination=0x66617d8, Source=0x665b628, Length=0x80 | out: Destination=0x66617d8)
[0223.475] RtlMoveMemory (in: Destination=0x6661858, Source=0x665b5a8, Length=0x80 | out: Destination=0x6661858)
[0223.475] RtlMoveMemory (in: Destination=0x66618d8, Source=0x665b528, Length=0x80 | out: Destination=0x66618d8)
[0223.475] RtlMoveMemory (in: Destination=0x6661958, Source=0x665b4a8, Length=0x80 | out: Destination=0x6661958)
[0223.475] RtlMoveMemory (in: Destination=0x66619d8, Source=0x665b428, Length=0x80 | out: Destination=0x66619d8)
[0223.475] RtlMoveMemory (in: Destination=0x6661a58, Source=0x665b3a8, Length=0x80 | out: Destination=0x6661a58)
[0223.475] RtlMoveMemory (in: Destination=0x6661ad8, Source=0x665b328, Length=0x80 | out: Destination=0x6661ad8)
[0223.475] RtlMoveMemory (in: Destination=0x6661b58, Source=0x665b2a8, Length=0x80 | out: Destination=0x6661b58)
[0223.475] RtlMoveMemory (in: Destination=0x6661bd8, Source=0x665b228, Length=0x80 | out: Destination=0x6661bd8)
[0223.475] RtlMoveMemory (in: Destination=0x6661c58, Source=0x665b1a8, Length=0x80 | out: Destination=0x6661c58)
[0223.475] RtlMoveMemory (in: Destination=0x6661cd8, Source=0x665b128, Length=0x80 | out: Destination=0x6661cd8)
[0223.475] RtlMoveMemory (in: Destination=0x6661d58, Source=0x665b0a8, Length=0x80 | out: Destination=0x6661d58)
[0223.475] RtlMoveMemory (in: Destination=0x6661dd8, Source=0x665b028, Length=0x80 | out: Destination=0x6661dd8)
[0223.475] RtlMoveMemory (in: Destination=0x6661e58, Source=0x665afa8, Length=0x80 | out: Destination=0x6661e58)
[0223.476] RtlMoveMemory (in: Destination=0x6661ed8, Source=0x665af28, Length=0x80 | out: Destination=0x6661ed8)
[0223.476] GdipBitmapUnlockBits (bitmap=0x664f448, lockedBitmapData=0x2e41b88) returned 0x0
[0223.476] GdipBitmapUnlockBits (bitmap=0x664ea70, lockedBitmapData=0x2e41bc0) returned 0x0
[0223.476] GdipDisposeImage (image=0x664f448) returned 0x0
[0223.476] DeleteObject (ho=0xef050173) returned 1
[0223.476] DeleteObject (ho=0x570507da) returned 1
[0223.476] GetCurrentThreadId () returned 0xf50
[0223.476] GetCurrentThreadId () returned 0xf50
[0223.476] SetWindowPos (hWnd=0x1e00ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0223.476] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0223.477] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0223.477] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0223.477] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0223.477] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0223.477] GetWindowRect (in: hWnd=0x1e00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0223.477] GetParent (hWnd=0x1e00ea) returned 0x1502c8
[0223.477] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502c8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0223.477] InvalidateRect (hWnd=0x1e00ea, lpRect=0x0, bErase=1) returned 1
[0223.477] GetWindowTextLengthW (hWnd=0x1e00ea) returned 0
[0223.477] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0223.477] GetSystemMetrics (nIndex=42) returned 0
[0223.478] GetWindowTextW (in: hWnd=0x1e00ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0223.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0223.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0223.478] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0223.478] GetWindowRect (in: hWnd=0x1e00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0223.478] GetParent (hWnd=0x1e00ea) returned 0x1502c8
[0223.478] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1502c8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0223.478] GetWindowTextLengthW (hWnd=0x1e00ea) returned 0
[0223.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0223.478] GetSystemMetrics (nIndex=42) returned 0
[0223.478] GetWindowTextW (in: hWnd=0x1e00ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0223.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0223.478] GetWindowTextLengthW (hWnd=0x1e00ea) returned 0
[0223.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0223.478] GetSystemMetrics (nIndex=42) returned 0
[0223.478] GetWindowTextW (in: hWnd=0x1e00ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0223.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0223.479] SetWindowTextW (hWnd=0x1e00ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0223.479] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xc, wParam=0x0, lParam=0x2e22a1c) returned 0x1
[0223.479] InvalidateRect (hWnd=0x1e00ea, lpRect=0x0, bErase=1) returned 1
[0223.479] GetCurrentThreadId () returned 0xf50
[0223.479] GetWindowThreadProcessId (in: hWnd=0x1e00ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0223.479] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0223.480] GdipImageForceValidation (image=0x664f448) returned 0x0
[0223.511] GdipGetImageRawFormat (image=0x664f448, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0223.512] GdipGetImageHeight (image=0x664f448, height=0xd7e824) returned 0x0
[0223.512] GdipGetImageWidth (image=0x664f448, width=0xd7e824) returned 0x0
[0223.512] GdipGetImageWidth (image=0x664f448, width=0xd7e810) returned 0x0
[0223.512] GdipGetImageHeight (image=0x664f448, height=0xd7e810) returned 0x0
[0223.512] GdipGetImageWidth (image=0x664f448, width=0xd7e800) returned 0x0
[0223.512] GdipGetImageHeight (image=0x664f448, height=0xd7e800) returned 0x0
[0223.512] GdipBitmapGetPixel (bitmap=0x664f448, x=0, y=15, color=0xd7e810) returned 0x0
[0223.512] GdipGetImageRawFormat (image=0x664f448, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0223.512] GdipGetImageWidth (image=0x664f448, width=0xd7e740) returned 0x0
[0223.512] GdipGetImageHeight (image=0x664f448, height=0xd7e740) returned 0x0
[0223.512] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0223.512] GdipGetImagePixelFormat (image=0x6650b40, format=0xd7e740) returned 0x0
[0223.512] GdipGetImageGraphicsContext (image=0x6650b40, graphics=0xd7e74c) returned 0x0
[0223.513] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0223.513] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0223.513] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0223.513] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f448, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0223.513] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0223.513] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.513] GdipDisposeImage (image=0x664f448) returned 0x0
[0223.514] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0223.515] GdipImageForceValidation (image=0x664f448) returned 0x0
[0223.516] GdipGetImageRawFormat (image=0x664f448, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0223.516] GdipGetImageHeight (image=0x664f448, height=0xd7e824) returned 0x0
[0223.516] GdipGetImageWidth (image=0x664f448, width=0xd7e824) returned 0x0
[0223.516] GdipGetImageWidth (image=0x664f448, width=0xd7e810) returned 0x0
[0223.516] GdipGetImageHeight (image=0x664f448, height=0xd7e810) returned 0x0
[0223.516] GdipGetImageWidth (image=0x664f448, width=0xd7e800) returned 0x0
[0223.517] GdipGetImageHeight (image=0x664f448, height=0xd7e800) returned 0x0
[0223.517] GdipBitmapGetPixel (bitmap=0x664f448, x=0, y=15, color=0xd7e810) returned 0x0
[0223.517] GdipGetImageRawFormat (image=0x664f448, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0223.517] GdipGetImageWidth (image=0x664f448, width=0xd7e740) returned 0x0
[0223.517] GdipGetImageHeight (image=0x664f448, height=0xd7e740) returned 0x0
[0223.517] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0223.517] GdipGetImagePixelFormat (image=0x6650e88, format=0xd7e740) returned 0x0
[0223.517] GdipGetImageGraphicsContext (image=0x6650e88, graphics=0xd7e74c) returned 0x0
[0223.517] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0223.517] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0223.517] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0223.517] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f448, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0223.518] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0223.518] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.518] GdipDisposeImage (image=0x664f448) returned 0x0
[0223.518] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.518] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0223.518] GetCurrentThreadId () returned 0xf50
[0223.518] GetCurrentThreadId () returned 0xf50
[0223.519] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.519] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0223.519] GetCurrentThreadId () returned 0xf50
[0223.519] GetCurrentThreadId () returned 0xf50
[0223.519] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.519] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0223.519] GetCurrentThreadId () returned 0xf50
[0223.519] GetCurrentThreadId () returned 0xf50
[0223.519] GetSystemMetrics (nIndex=5) returned 1
[0223.519] GetSystemMetrics (nIndex=6) returned 1
[0223.520] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.520] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0223.520] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.520] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0223.520] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.520] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0223.521] GetCurrentThreadId () returned 0xf50
[0223.521] GetCurrentThreadId () returned 0xf50
[0223.521] GetProcessWindowStation () returned 0x13c
[0223.521] GetCapture () returned 0x0
[0223.521] GetActiveWindow () returned 0x7005c
[0223.521] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0223.521] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.521] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0223.521] GetCursorPos (in: lpPoint=0x2e42d00 | out: lpPoint=0x2e42d00*(x=257, y=619)) returned 1
[0223.521] MonitorFromPoint (pt=0x104, dwFlags=0x269) returned 0x10001
[0223.522] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0223.522] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc4010693
[0223.522] GetDeviceCaps (hdc=0xc4010693, index=12) returned 32
[0223.522] GetDeviceCaps (hdc=0xc4010693, index=14) returned 1
[0223.522] DeleteDC (hdc=0xc4010693) returned 1
[0223.522] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0223.522] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.522] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b02da
[0223.538] SetWindowLongW (hWnd=0x1b02da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0223.538] GetWindowLongW (hWnd=0x1b02da, nIndex=-4) returned 1950089536
[0223.538] SetWindowLongW (hWnd=0x1b02da, nIndex=-4, dwNewLong=19947718) returned 1950089536
[0223.538] GetWindowLongW (hWnd=0x1b02da, nIndex=-4) returned 19947718
[0223.538] GetWindowLongW (hWnd=0x1b02da, nIndex=-16) returned 113770496
[0223.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0223.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0223.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0223.540] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0223.540] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0223.541] SetWindowTextW (hWnd=0x1b02da, lpString="BB ransomware") returned 1
[0223.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xc, wParam=0x0, lParam=0x2e4149c) returned 0x1
[0223.542] GetStartupInfoW (in: lpStartupInfo=0x2e4303c | out: lpStartupInfo=0x2e4303c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0223.545] GetParent (hWnd=0x1b02da) returned 0x0
[0223.545] SetWindowLongW (hWnd=0x1b02da, nIndex=-8, dwNewLong=0) returned 0
[0223.545] SendMessageW (hWnd=0x1b02da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0223.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0223.546] SendMessageW (hWnd=0x1b02da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0223.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0223.546] GetSystemMenu (hWnd=0x1b02da, bRevert=0) returned 0x430113
[0223.547] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0223.547] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0223.547] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0223.547] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0223.547] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0223.547] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0223.547] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0223.547] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0223.547] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0223.547] SetWindowPos (hWnd=0x1b02da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0223.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0223.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1b02da) returned 0x1
[0223.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0223.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0223.553] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0223.553] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0223.553] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0223.555] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1b02da, lParam=0x0) returned 0x0
[0223.555] GetCapture () returned 0x0
[0223.555] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0223.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0223.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0223.571] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0223.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0223.572] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0223.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0223.573] GetParent (hWnd=0x1b02da) returned 0x0
[0223.573] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0223.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0223.575] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0223.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0223.575] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0223.575] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0223.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0223.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0223.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0223.578] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.578] GetWindowLongW (hWnd=0x1b02da, nIndex=-16) returned 113770496
[0223.578] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.578] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.578] GetSystemMetrics (nIndex=42) returned 0
[0223.578] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.578] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0223.578] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.578] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.579] GetSystemMetrics (nIndex=42) returned 0
[0223.579] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0223.579] GetCursorPos (in: lpPoint=0x2e43278 | out: lpPoint=0x2e43278*(x=257, y=619)) returned 1
[0223.579] MonitorFromPoint (pt=0x101, dwFlags=0x26b) returned 0x10001
[0223.579] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0223.579] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1d0107ef
[0223.579] GetDeviceCaps (hdc=0x1d0107ef, index=12) returned 32
[0223.579] GetDeviceCaps (hdc=0x1d0107ef, index=14) returned 1
[0223.579] DeleteDC (hdc=0x1d0107ef) returned 1
[0223.579] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0223.580] GetWindowLongW (hWnd=0x1b02da, nIndex=-16) returned 113770496
[0223.580] GetWindowLongW (hWnd=0x1b02da, nIndex=-20) returned 327945
[0223.580] SetWindowLongW (hWnd=0x1b02da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0223.580] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0223.580] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0223.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0223.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0223.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0223.582] SetWindowLongW (hWnd=0x1b02da, nIndex=-20, dwNewLong=327681) returned 327945
[0223.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0223.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0223.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0223.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0223.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0223.584] SetWindowPos (hWnd=0x1b02da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0223.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0223.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0223.585] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0223.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0223.586] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0223.586] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0223.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0223.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0223.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0223.588] RedrawWindow (hWnd=0x1b02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0223.588] GetSystemMenu (hWnd=0x1b02da, bRevert=0) returned 0x430113
[0223.588] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0223.588] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0223.588] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0223.588] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0223.588] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0223.588] EnableMenuItem (hMenu=0x430113, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0223.588] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0223.588] GetWindowLongW (hWnd=0x1b02da, nIndex=-8) returned 0
[0223.588] SetWindowLongW (hWnd=0x1b02da, nIndex=-8, dwNewLong=458844) returned 0
[0223.589] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0223.589] GetProcessWindowStation () returned 0x13c
[0223.590] GetCurrentThreadId () returned 0xf50
[0223.590] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13060ee, lParam=0x0) returned 1
[0223.590] IsWindowVisible (hWnd=0x1b02da) returned 0
[0223.590] IsWindowVisible (hWnd=0x7005c) returned 1
[0223.590] IsWindowEnabled (hWnd=0x7005c) returned 1
[0223.590] IsWindowVisible (hWnd=0x300ec) returned 0
[0223.590] IsWindowVisible (hWnd=0x502c6) returned 0
[0223.590] IsWindowVisible (hWnd=0x502be) returned 0
[0223.590] GetActiveWindow () returned 0x1b02da
[0223.590] GetFocus () returned 0x1b02da
[0223.590] IsWindow (hWnd=0x7005c) returned 1
[0223.599] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0223.599] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0223.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0223.600] GetWindowLongW (hWnd=0x1b02da, nIndex=-8) returned 458844
[0223.600] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0223.600] GetCurrentThreadId () returned 0xf50
[0223.600] GetWindowLongW (hWnd=0x1b02da, nIndex=-8) returned 458844
[0223.600] IsWindowEnabled (hWnd=0x7005c) returned 0
[0223.600] IsWindowEnabled (hWnd=0x1b02da) returned 1
[0223.600] ShowWindow (hWnd=0x1b02da, nCmdShow=5) returned 0
[0223.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.600] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0223.601] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.601] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.601] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1b02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b02dc
[0223.602] SetWindowLongW (hWnd=0x1b02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0223.602] GetWindowLongW (hWnd=0x1b02dc, nIndex=-4) returned 1950089536
[0223.602] SetWindowLongW (hWnd=0x1b02dc, nIndex=-4, dwNewLong=19947198) returned 1950089536
[0223.602] GetWindowLongW (hWnd=0x1b02dc, nIndex=-4) returned 19947198
[0223.602] GetWindowLongW (hWnd=0x1b02dc, nIndex=-16) returned 1174405120
[0223.602] GetWindowLongW (hWnd=0x1b02dc, nIndex=-12) returned 0
[0223.602] SetWindowLongW (hWnd=0x1b02dc, nIndex=-12, dwNewLong=1770204) returned 0
[0223.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0223.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0223.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0223.603] GetWindow (hWnd=0x1b02dc, uCmd=0x3) returned 0x0
[0223.603] GetClientRect (in: hWnd=0x1b02dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0223.603] GetWindowRect (in: hWnd=0x1b02dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0223.603] GetParent (hWnd=0x1b02dc) returned 0x1b02da
[0223.603] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0223.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0223.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0223.604] GetClientRect (in: hWnd=0x1b02dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0223.605] GetWindowRect (in: hWnd=0x1b02dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0223.605] GetParent (hWnd=0x1b02dc) returned 0x1b02da
[0223.605] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0223.605] SendMessageW (hWnd=0x1b02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1b02dc) returned 0x0
[0223.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1b02dc) returned 0x0
[0223.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.605] GetParent (hWnd=0x1b02dc) returned 0x1b02da
[0223.605] GetParent (hWnd=0x1e00ea) returned 0x1502c8
[0223.605] SetParent (hWndChild=0x1e00ea, hWndNewParent=0x1b02da) returned 0x1502c8
[0223.605] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0223.606] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0223.606] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0223.607] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0223.607] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0223.607] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0223.607] GetWindowRect (in: hWnd=0x1e00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0223.607] GetParent (hWnd=0x1e00ea) returned 0x1b02da
[0223.607] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0223.607] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0223.607] GetWindowRect (in: hWnd=0x1e00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0223.607] GetParent (hWnd=0x1e00ea) returned 0x1b02da
[0223.607] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0223.607] GetParent (hWnd=0x1e00ea) returned 0x1b02da
[0223.607] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.607] GetWindow (hWnd=0x1e00ea, uCmd=0x3) returned 0x0
[0223.607] SetWindowPos (hWnd=0x1e00ea, hWndInsertAfter=0x1b02dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0223.608] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0223.608] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0223.608] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0223.608] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0223.608] GetWindowRect (in: hWnd=0x1e00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0223.608] GetParent (hWnd=0x1e00ea) returned 0x1b02da
[0223.608] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0223.608] GetParent (hWnd=0x1e00ea) returned 0x1b02da
[0223.608] GetWindow (hWnd=0x1e00ea, uCmd=0x3) returned 0x1b02dc
[0223.609] GetWindowThreadProcessId (in: hWnd=0x1e00ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0223.609] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0223.609] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.609] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.609] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d02d8
[0223.610] SetWindowLongW (hWnd=0x1d02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0223.610] GetWindowLongW (hWnd=0x1d02d8, nIndex=-4) returned 1868032000
[0223.610] SetWindowLongW (hWnd=0x1d02d8, nIndex=-4, dwNewLong=19947638) returned 1868032000
[0223.610] GetWindowLongW (hWnd=0x1d02d8, nIndex=-4) returned 19947638
[0223.611] GetWindowLongW (hWnd=0x1d02d8, nIndex=-16) returned 1174470667
[0223.611] GetWindowLongW (hWnd=0x1d02d8, nIndex=-12) returned 0
[0223.611] SetWindowLongW (hWnd=0x1d02d8, nIndex=-12, dwNewLong=1901272) returned 0
[0223.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0223.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0223.612] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0223.613] SendMessageW (hWnd=0x1d02d8, Msg=0x2055, wParam=0x1d02d8, lParam=0x3) returned 0x2
[0223.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0223.613] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0223.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0223.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0223.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0223.613] RedrawWindow (hWnd=0x1b02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0223.613] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0223.613] RedrawWindow (hWnd=0x1e00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0223.613] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0223.614] RedrawWindow (hWnd=0x1d02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0223.614] RedrawWindow (hWnd=0x1b02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0223.614] GetWindow (hWnd=0x1d02d8, uCmd=0x3) returned 0x1e00ea
[0223.614] GetClientRect (in: hWnd=0x1d02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0223.614] GetWindowRect (in: hWnd=0x1d02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0223.614] GetParent (hWnd=0x1d02d8) returned 0x1b02da
[0223.614] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0223.614] SetWindowTextW (hWnd=0x1d02d8, lpString="&Details") returned 1
[0223.614] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0223.615] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0223.615] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0223.615] GetClientRect (in: hWnd=0x1d02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0223.615] GetWindowRect (in: hWnd=0x1d02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0223.615] GetParent (hWnd=0x1d02d8) returned 0x1b02da
[0223.615] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0223.615] SendMessageW (hWnd=0x1d02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1d02d8) returned 0x0
[0223.615] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1d02d8) returned 0x0
[0223.615] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.616] GetParent (hWnd=0x1d02d8) returned 0x1b02da
[0223.616] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0223.616] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.616] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.616] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b02de
[0223.617] SetWindowLongW (hWnd=0x1b02de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0223.617] GetWindowLongW (hWnd=0x1b02de, nIndex=-4) returned 1868032000
[0223.617] SetWindowLongW (hWnd=0x1b02de, nIndex=-4, dwNewLong=19947038) returned 1868032000
[0223.617] GetWindowLongW (hWnd=0x1b02de, nIndex=-4) returned 19947038
[0223.617] GetWindowLongW (hWnd=0x1b02de, nIndex=-16) returned 1174470667
[0223.617] GetWindowLongW (hWnd=0x1b02de, nIndex=-12) returned 0
[0223.618] SetWindowLongW (hWnd=0x1b02de, nIndex=-12, dwNewLong=1770206) returned 0
[0223.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0223.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0223.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0223.619] SendMessageW (hWnd=0x1b02de, Msg=0x2055, wParam=0x1b02de, lParam=0x3) returned 0x2
[0223.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0223.620] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0223.620] GetWindow (hWnd=0x1b02de, uCmd=0x3) returned 0x1d02d8
[0223.620] GetClientRect (in: hWnd=0x1b02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0223.620] GetWindowRect (in: hWnd=0x1b02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0223.620] GetParent (hWnd=0x1b02de) returned 0x1b02da
[0223.620] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0223.620] SetWindowTextW (hWnd=0x1b02de, lpString="&Continue") returned 1
[0223.620] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0223.621] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0223.621] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0223.621] GetClientRect (in: hWnd=0x1b02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0223.621] GetWindowRect (in: hWnd=0x1b02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0223.621] GetParent (hWnd=0x1b02de) returned 0x1b02da
[0223.621] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0223.621] SendMessageW (hWnd=0x1b02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1b02de) returned 0x0
[0223.621] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1b02de) returned 0x0
[0223.621] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.621] GetParent (hWnd=0x1b02de) returned 0x1b02da
[0223.621] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0223.622] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.623] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.623] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1002d0
[0223.623] SetWindowLongW (hWnd=0x1002d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0223.623] GetWindowLongW (hWnd=0x1002d0, nIndex=-4) returned 1868032000
[0223.624] SetWindowLongW (hWnd=0x1002d0, nIndex=-4, dwNewLong=19947678) returned 1868032000
[0223.624] GetWindowLongW (hWnd=0x1002d0, nIndex=-4) returned 19947678
[0223.624] GetWindowLongW (hWnd=0x1002d0, nIndex=-16) returned 1174470667
[0223.624] GetWindowLongW (hWnd=0x1002d0, nIndex=-12) returned 0
[0223.624] SetWindowLongW (hWnd=0x1002d0, nIndex=-12, dwNewLong=1049296) returned 0
[0223.624] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0223.625] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0223.625] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0223.626] SendMessageW (hWnd=0x1002d0, Msg=0x2055, wParam=0x1002d0, lParam=0x3) returned 0x2
[0223.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0223.626] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0223.626] GetWindow (hWnd=0x1002d0, uCmd=0x3) returned 0x1b02de
[0223.626] GetClientRect (in: hWnd=0x1002d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0223.626] GetWindowRect (in: hWnd=0x1002d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0223.626] GetParent (hWnd=0x1002d0) returned 0x1b02da
[0223.626] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0223.627] SetWindowTextW (hWnd=0x1002d0, lpString="&Quit") returned 1
[0223.627] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0223.627] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0223.627] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0223.627] GetClientRect (in: hWnd=0x1002d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0223.627] GetWindowRect (in: hWnd=0x1002d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0223.627] GetParent (hWnd=0x1002d0) returned 0x1b02da
[0223.627] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0223.628] SendMessageW (hWnd=0x1002d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1002d0) returned 0x0
[0223.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1002d0) returned 0x0
[0223.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.628] GetParent (hWnd=0x1002d0) returned 0x1b02da
[0223.628] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0223.628] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.629] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0223.629] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1b02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102ce
[0223.629] SetWindowLongW (hWnd=0x1102ce, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0223.629] GetWindowLongW (hWnd=0x1102ce, nIndex=-4) returned 1868026976
[0223.630] SetWindowLongW (hWnd=0x1102ce, nIndex=-4, dwNewLong=19947798) returned 1868026976
[0223.630] GetWindowLongW (hWnd=0x1102ce, nIndex=-4) returned 19947798
[0223.630] GetWindowLongW (hWnd=0x1102ce, nIndex=-16) returned 1177553092
[0223.630] GetWindowLongW (hWnd=0x1102ce, nIndex=-12) returned 0
[0223.630] SetWindowLongW (hWnd=0x1102ce, nIndex=-12, dwNewLong=1114830) returned 0
[0223.630] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0223.631] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0223.632] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0223.651] GetWindow (hWnd=0x1102ce, uCmd=0x3) returned 0x1002d0
[0223.651] GetClientRect (in: hWnd=0x1102ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0223.651] GetWindowRect (in: hWnd=0x1102ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0223.651] GetParent (hWnd=0x1102ce) returned 0x1b02da
[0223.651] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0223.651] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.651] GetSystemMetrics (nIndex=42) returned 0
[0223.651] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0223.651] SendMessageW (hWnd=0x1102ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0223.651] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0223.658] SetWindowTextW (hWnd=0x1102ce, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0223.658] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0xc, wParam=0x0, lParam=0x2e3ee84) returned 0x1
[0223.660] GetSystemMetrics (nIndex=5) returned 1
[0223.660] GetSystemMetrics (nIndex=6) returned 1
[0223.660] SendMessageW (hWnd=0x1102ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0223.660] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0223.661] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0223.662] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0223.662] GetClientRect (in: hWnd=0x1102ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0223.662] GetWindowRect (in: hWnd=0x1102ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0223.662] GetParent (hWnd=0x1102ce) returned 0x1b02da
[0223.662] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0223.662] SendMessageW (hWnd=0x1102ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1102ce) returned 0x0
[0223.662] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1102ce) returned 0x0
[0223.662] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0223.663] GetParent (hWnd=0x1102ce) returned 0x1b02da
[0223.663] GetWindowLongW (hWnd=0x1b02da, nIndex=-8) returned 458844
[0223.663] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0223.663] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0223.663] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x240107ef
[0223.663] GetDeviceCaps (hdc=0x240107ef, index=12) returned 32
[0223.663] GetDeviceCaps (hdc=0x240107ef, index=14) returned 1
[0223.663] DeleteDC (hdc=0x240107ef) returned 1
[0223.663] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0223.664] GetWindowThreadProcessId (in: hWnd=0x1b02da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0223.664] GetCurrentThreadId () returned 0xf50
[0223.664] PostMessageW (hWnd=0x1b02da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0223.664] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.664] GetSystemMetrics (nIndex=42) returned 0
[0223.664] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0223.664] GdipImageGetFrameDimensionsCount (image=0x664ea70, count=0xd7e25c) returned 0x0
[0223.664] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200e78
[0223.664] GdipImageGetFrameDimensionsList (image=0x664ea70, dimensionIDs=0x1200e78*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0223.664] LocalFree (hMem=0x1200e78) returned 0x0
[0223.664] GdipImageGetFrameDimensionsCount (image=0x6650b40, count=0xd7e250) returned 0x0
[0223.664] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200ed8
[0223.664] GdipImageGetFrameDimensionsList (image=0x6650b40, dimensionIDs=0x1200ed8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0223.665] LocalFree (hMem=0x1200ed8) returned 0x0
[0223.665] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0223.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0223.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0223.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0223.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0223.778] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0223.778] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0223.779] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0223.779] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0223.779] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.779] GetSystemMetrics (nIndex=42) returned 0
[0223.779] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0223.780] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0223.780] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0223.780] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0223.780] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0xffffffffe00507f1
[0223.780] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0223.780] SaveDC (hdc=0xf0105ee) returned 1
[0223.780] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0223.780] CreateSolidBrush (color=0xf0f0f0) returned 0x3e1007e1
[0223.780] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0x3e1007e1) returned 1
[0223.780] DeleteObject (ho=0x3e1007e1) returned 1
[0223.780] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0223.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0223.781] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0223.781] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0223.781] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0223.781] GetStockObject (i=5) returned 0x900015
[0223.782] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0223.782] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0223.782] GetStockObject (i=5) returned 0x900015
[0223.782] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0223.782] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0223.782] GetStockObject (i=5) returned 0x900015
[0223.783] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0223.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0223.783] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0223.783] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0223.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0223.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0223.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0223.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0223.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0223.785] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0223.785] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0223.786] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0223.786] InvalidateRect (hWnd=0x1d02d8, lpRect=0x0, bErase=0) returned 1
[0223.786] GetFocus () returned 0x1b02da
[0223.786] GetFocus () returned 0x1b02da
[0223.786] SetFocus (hWnd=0x1d02d8) returned 0x1b02da
[0223.787] GetFocus () returned 0x1d02d8
[0223.787] IsChild (hWndParent=0x1b02da, hWnd=0x1d02d8) returned 1
[0223.787] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x8, wParam=0x1d02d8, lParam=0x0) returned 0x0
[0223.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0223.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0223.791] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0223.791] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x7, wParam=0x1b02da, lParam=0x0) returned 0x0
[0223.791] GetStockObject (i=5) returned 0x900015
[0223.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0223.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0223.792] GetDlgItem (hDlg=0x1b02da, nIDDlgItem=1901272) returned 0x1d02d8
[0223.792] SendMessageW (hWnd=0x1d02d8, Msg=0x202b, wParam=0x1d02d8, lParam=0xd7e0dc) returned 0x0
[0223.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x202b, wParam=0x1d02d8, lParam=0xd7e0dc) returned 0x0
[0223.792] InvalidateRect (hWnd=0x1d02d8, lpRect=0x0, bErase=0) returned 1
[0223.798] GetFocus () returned 0x1d02d8
[0223.798] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.798] IsWindowUnicode (hWnd=0x1b02da) returned 1
[0223.798] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.798] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.798] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0223.799] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.799] IsWindowUnicode (hWnd=0x1b02da) returned 1
[0223.799] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.799] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.799] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.799] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0223.800] IsWindowUnicode (hWnd=0x1b02de) returned 1
[0223.800] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.800] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.800] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.800] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.800] IsWindowUnicode (hWnd=0x602c4) returned 1
[0223.800] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.800] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.800] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.800] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0223.800] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0223.800] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0223.801] IsWindowUnicode (hWnd=0x1b02de) returned 1
[0223.801] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0223.801] SetCursor (hCursor=0x10003) returned 0x10003
[0223.801] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.801] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.801] _TrackMouseEvent (in: lpEventTrack=0x2e445c0 | out: lpEventTrack=0x2e445c0) returned 1
[0223.801] SendMessageW (hWnd=0x1b02de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0223.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0223.801] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0223.802] GetKeyState (nVirtKey=1) returned 0
[0223.802] GetKeyState (nVirtKey=2) returned 0
[0223.802] GetKeyState (nVirtKey=4) returned 0
[0223.802] GetKeyState (nVirtKey=5) returned 0
[0223.802] GetKeyState (nVirtKey=6) returned 0
[0223.802] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.802] IsWindowUnicode (hWnd=0x1b02da) returned 1
[0223.802] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.802] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.802] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.803] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.804] IsWindowUnicode (hWnd=0x1b02da) returned 1
[0223.804] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.804] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.804] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.804] BeginPaint (in: hWnd=0x1b02da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0223.804] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.804] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.804] GetSystemMetrics (nIndex=42) returned 0
[0223.804] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0223.804] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.805] EndPaint (hWnd=0x1b02da, lpPaint=0xd7e274) returned 1
[0223.805] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.805] IsWindowUnicode (hWnd=0x1b02dc) returned 1
[0223.805] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.805] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.805] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.805] BeginPaint (in: hWnd=0x1b02dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0223.805] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.805] CreateCompatibleDC (hdc=0xc0107c5) returned 0x600107da
[0223.805] SelectObject (hdc=0x600107da, h=0x4a0507fe) returned 0x85000f
[0223.806] GdipCreateFromHDC (hdc=0x600107da, graphics=0xd7e2b0) returned 0x0
[0223.806] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0223.806] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0223.806] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0223.806] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0223.806] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e310) returned 0x0
[0223.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.806] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0223.806] LocalFree (hMem=0x11ee788) returned 0x0
[0223.806] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0223.806] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0223.806] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0223.806] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e304) returned 0x0
[0223.806] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0223.806] GetWindowTextLengthW (hWnd=0x1b02dc) returned 0
[0223.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0223.807] GetSystemMetrics (nIndex=42) returned 0
[0223.807] GetWindowTextW (in: hWnd=0x1b02dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0223.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0223.807] GetClientRect (in: hWnd=0x1b02dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0223.807] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0223.807] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0223.807] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0223.807] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0223.807] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e164) returned 0x0
[0223.807] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.807] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0223.807] LocalFree (hMem=0x11ee788) returned 0x0
[0223.807] GdipCombineRegionRegion (region=0x6645c68, region2=0x6645e18, combineMode=0x1) returned 0x0
[0223.807] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.807] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0223.807] LocalFree (hMem=0x11ee788) returned 0x0
[0223.807] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0223.808] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0223.808] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0223.808] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0223.808] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0223.808] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0223.808] GetCurrentObject (hdc=0x600107da, type=0x1) returned 0xb00017
[0223.808] GetCurrentObject (hdc=0x600107da, type=0x2) returned 0x900010
[0223.808] GetCurrentObject (hdc=0x600107da, type=0x7) returned 0x4a0507fe
[0223.808] GetCurrentObject (hdc=0x600107da, type=0x6) returned 0x8a01c2
[0223.808] SaveDC (hdc=0x600107da) returned 1
[0223.808] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b040807
[0223.808] GetClipRgn (hdc=0x600107da, hrgn=0x4b040807) returned 0
[0223.808] SelectClipRgn (hdc=0x600107da, hrgn=0xd80407de) returned 2
[0223.808] DeleteObject (ho=0x4b040807) returned 1
[0223.808] DeleteObject (ho=0xd80407de) returned 1
[0223.809] OffsetViewportOrgEx (in: hdc=0x600107da, x=0, y=0, lppt=0x2e44a3c | out: lppt=0x2e44a3c) returned 1
[0223.809] GetNearestColor (hdc=0x600107da, color=0xf0f0f0) returned 0xf0f0f0
[0223.809] CreateSolidBrush (color=0xf0f0f0) returned 0x3f1007e1
[0223.809] FillRect (hDC=0x600107da, lprc=0xd7e198, hbr=0x3f1007e1) returned 1
[0223.809] DeleteObject (ho=0x3f1007e1) returned 1
[0223.809] RestoreDC (hdc=0x600107da, nSavedDC=-1) returned 1
[0223.809] GdipReleaseDC (graphics=0x6600030, hdc=0x600107da) returned 0x0
[0223.809] GdipRestoreGraphics (graphics=0x6600030, state=0xf99a0dbd) returned 0x0
[0223.809] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0223.809] GetWindowTextLengthW (hWnd=0x1b02dc) returned 0
[0223.809] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0223.809] GetSystemMetrics (nIndex=42) returned 0
[0223.818] GetWindowTextW (in: hWnd=0x1b02dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0223.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0223.819] GdipGetImageWidth (image=0x664ea70, width=0xd7e1e0) returned 0x0
[0223.819] GdipGetImageHeight (image=0x664ea70, height=0xd7e1e0) returned 0x0
[0223.819] GdipGetImageWidth (image=0x664ea70, width=0xd7e1cc) returned 0x0
[0223.819] GdipGetImageHeight (image=0x664ea70, height=0xd7e1cc) returned 0x0
[0223.819] GdipDrawImageRectI (graphics=0x6600030, image=0x664ea70, x=16, y=16, width=32, height=32) returned 0x0
[0223.819] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0223.819] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0x600107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0223.819] GdipReleaseDC (graphics=0x6600030, hdc=0x600107da) returned 0x0
[0223.819] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.819] SelectObject (hdc=0x600107da, h=0x85000f) returned 0x4a0507fe
[0223.819] DeleteDC (hdc=0x600107da) returned 1
[0223.819] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.820] EndPaint (hWnd=0x1b02dc, lpPaint=0xd7e294) returned 1
[0223.820] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.820] IsWindowUnicode (hWnd=0x1e00ea) returned 1
[0223.820] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.820] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.820] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.820] BeginPaint (in: hWnd=0x1e00ea, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0223.820] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.820] CreateCompatibleDC (hdc=0xf0105ee) returned 0x620107da
[0223.820] GetObjectType (h=0xf0105ee) returned 0x3
[0223.821] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0xffffffff890507d2
[0223.821] GetDIBits (in: hdc=0xf0105ee, hbm=0x890507d2, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0223.821] GetDIBits (in: hdc=0xf0105ee, hbm=0x890507d2, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0223.821] DeleteObject (ho=0x890507d2) returned 1
[0223.821] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xed0507a2
[0223.821] SelectObject (hdc=0x620107da, h=0xed0507a2) returned 0x85000f
[0223.821] GdipCreateFromHDC (hdc=0x620107da, graphics=0xd7e234) returned 0x0
[0223.821] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0223.822] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0223.822] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0223.822] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0223.822] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2d4) returned 0x0
[0223.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0223.822] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eea98) returned 0x0
[0223.822] LocalFree (hMem=0x11eea98) returned 0x0
[0223.822] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0223.822] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0223.822] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0223.822] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0223.822] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0223.822] GetWindowTextLengthW (hWnd=0x1e00ea) returned 232
[0223.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0223.822] GetSystemMetrics (nIndex=42) returned 0
[0223.822] GetWindowTextW (in: hWnd=0x1e00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0223.822] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0223.823] GetClientRect (in: hWnd=0x1e00ea, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0223.823] GdipCreateRegion (region=0xd7e110) returned 0x0
[0223.823] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0223.823] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0223.823] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0223.823] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e128) returned 0x0
[0223.823] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0223.823] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0223.823] LocalFree (hMem=0x11eec58) returned 0x0
[0223.823] GdipCombineRegionRegion (region=0x6645f38, region2=0x6645878, combineMode=0x1) returned 0x0
[0223.823] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.823] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0223.823] LocalFree (hMem=0x11ee788) returned 0x0
[0223.823] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0223.823] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e150) returned 0x0
[0223.823] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e140) returned 0x0
[0223.823] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0223.824] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0223.824] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0223.824] GetCurrentObject (hdc=0x620107da, type=0x1) returned 0xb00017
[0223.824] GetCurrentObject (hdc=0x620107da, type=0x2) returned 0x900010
[0223.824] GetCurrentObject (hdc=0x620107da, type=0x7) returned 0xffffffffed0507a2
[0223.824] GetCurrentObject (hdc=0x620107da, type=0x6) returned 0x8a01c2
[0223.824] SaveDC (hdc=0x620107da) returned 1
[0223.824] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd90407de
[0223.824] GetClipRgn (hdc=0x620107da, hrgn=0xd90407de) returned 0
[0223.824] SelectClipRgn (hdc=0x620107da, hrgn=0x4c040807) returned 2
[0223.824] DeleteObject (ho=0xd90407de) returned 1
[0223.824] DeleteObject (ho=0x4c040807) returned 1
[0223.824] OffsetViewportOrgEx (in: hdc=0x620107da, x=0, y=0, lppt=0x2e46404 | out: lppt=0x2e46404) returned 1
[0223.824] GetNearestColor (hdc=0x620107da, color=0xf0f0f0) returned 0xf0f0f0
[0223.824] CreateSolidBrush (color=0xf0f0f0) returned 0x401007e1
[0223.825] FillRect (hDC=0x620107da, lprc=0xd7e15c, hbr=0x401007e1) returned 1
[0223.866] DeleteObject (ho=0x401007e1) returned 1
[0223.866] RestoreDC (hdc=0x620107da, nSavedDC=-1) returned 1
[0223.867] GdipReleaseDC (graphics=0x6600030, hdc=0x620107da) returned 0x0
[0223.867] GdipRestoreGraphics (graphics=0x6600030, state=0xf9980dbd) returned 0x0
[0223.867] GdipDeleteRegion (region=0x6645878) returned 0x0
[0223.867] GetWindowTextLengthW (hWnd=0x1e00ea) returned 232
[0223.867] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0223.867] GetSystemMetrics (nIndex=42) returned 0
[0223.867] GetWindowTextW (in: hWnd=0x1e00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0223.867] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0223.867] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0223.867] GetCurrentObject (hdc=0x620107da, type=0x1) returned 0xb00017
[0223.867] GetCurrentObject (hdc=0x620107da, type=0x2) returned 0x900010
[0223.867] GetCurrentObject (hdc=0x620107da, type=0x7) returned 0xffffffffed0507a2
[0223.867] GetCurrentObject (hdc=0x620107da, type=0x6) returned 0x8a01c2
[0223.867] SaveDC (hdc=0x620107da) returned 1
[0223.868] GetNearestColor (hdc=0x620107da, color=0x0) returned 0x0
[0223.868] RestoreDC (hdc=0x620107da, nSavedDC=-1) returned 1
[0223.868] GdipReleaseDC (graphics=0x6600030, hdc=0x620107da) returned 0x0
[0223.868] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0223.868] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0223.869] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e46c00 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0223.869] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0223.869] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0223.869] GetCurrentObject (hdc=0x620107da, type=0x1) returned 0xb00017
[0223.869] GetCurrentObject (hdc=0x620107da, type=0x2) returned 0x900010
[0223.869] GetCurrentObject (hdc=0x620107da, type=0x7) returned 0xffffffffed0507a2
[0223.869] GetCurrentObject (hdc=0x620107da, type=0x6) returned 0x8a01c2
[0223.869] SaveDC (hdc=0x620107da) returned 1
[0223.869] GetTextAlign (hdc=0x620107da) returned 0x0
[0223.870] GetTextColor (hdc=0x620107da) returned 0x0
[0223.870] GetCurrentObject (hdc=0x620107da, type=0x6) returned 0x8a01c2
[0223.870] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0223.870] SelectObject (hdc=0x620107da, h=0x6d0a0520) returned 0x8a01c2
[0223.870] GetBkMode (hdc=0x620107da) returned 2
[0223.870] SetBkMode (hdc=0x620107da, mode=1) returned 2
[0223.870] DrawTextExW (in: hdc=0x620107da, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e46e24 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0223.874] RestoreDC (hdc=0x620107da, nSavedDC=-1) returned 1
[0223.874] GdipReleaseDC (graphics=0x6600030, hdc=0x620107da) returned 0x0
[0223.874] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0223.874] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0x620107da, x1=0, y1=0, rop=0xcc0020) returned 1
[0223.874] GdipReleaseDC (graphics=0x6600030, hdc=0x620107da) returned 0x0
[0223.874] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.874] SelectObject (hdc=0x620107da, h=0x85000f) returned 0xed0507a2
[0223.875] DeleteDC (hdc=0x620107da) returned 1
[0223.875] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.875] DeleteObject (ho=0xed0507a2) returned 1
[0223.875] EndPaint (hWnd=0x1e00ea, lpPaint=0xd7e258) returned 1
[0223.876] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0223.876] IsWindowUnicode (hWnd=0x30122) returned 1
[0223.877] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0223.877] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.877] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.878] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0223.880] IsWindowUnicode (hWnd=0x30122) returned 1
[0223.880] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.880] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.880] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.880] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.882] IsWindowUnicode (hWnd=0x1d02d8) returned 1
[0223.882] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.882] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.882] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.882] BeginPaint (in: hWnd=0x1d02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0223.882] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.882] CreateCompatibleDC (hdc=0x60100ce) returned 0x8c0107d2
[0223.882] SelectObject (hdc=0x8c0107d2, h=0x4a0507fe) returned 0x85000f
[0223.882] GdipCreateFromHDC (hdc=0x8c0107d2, graphics=0xd7e268) returned 0x0
[0223.882] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0223.883] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0223.883] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0223.883] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0223.883] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0223.883] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.883] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0223.883] LocalFree (hMem=0x11ee788) returned 0x0
[0223.883] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0223.883] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0223.883] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0223.883] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0223.883] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0223.883] GdipRestoreGraphics (graphics=0x6600030, state=0xf9960dbd) returned 0x0
[0223.883] GdipDeleteRegion (region=0x6645518) returned 0x0
[0223.883] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0223.883] GetCurrentObject (hdc=0x8c0107d2, type=0x1) returned 0xb00017
[0223.884] GetCurrentObject (hdc=0x8c0107d2, type=0x2) returned 0x900010
[0223.884] GetCurrentObject (hdc=0x8c0107d2, type=0x7) returned 0x4a0507fe
[0223.884] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.884] SaveDC (hdc=0x8c0107d2) returned 1
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0xa0a0a0) returned 0xa0a0a0
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0x696969) returned 0x696969
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0xa0a0a0) returned 0xa0a0a0
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0x0) returned 0x0
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0xffffff) returned 0xffffff
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0xe5e5e5) returned 0xe5e5e5
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0xd7d7d7) returned 0xd7d7d7
[0223.884] GetNearestColor (hdc=0x8c0107d2, color=0x0) returned 0x0
[0223.885] RestoreDC (hdc=0x8c0107d2, nSavedDC=-1) returned 1
[0223.885] GdipReleaseDC (graphics=0x6600030, hdc=0x8c0107d2) returned 0x0
[0223.885] IsAppThemed () returned 0x1
[0223.885] GetThemeAppProperties () returned 0x3
[0223.885] GetThemeAppProperties () returned 0x3
[0223.885] GdipGetImageWidth (image=0x6650b40, width=0xd7e168) returned 0x0
[0223.885] GdipGetImageHeight (image=0x6650b40, height=0xd7e168) returned 0x0
[0223.885] IsAppThemed () returned 0x1
[0223.885] GetThemeAppProperties () returned 0x3
[0223.885] GetThemeAppProperties () returned 0x3
[0223.885] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e47574 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0223.885] IsAppThemed () returned 0x1
[0223.885] GetThemeAppProperties () returned 0x3
[0223.885] GetThemeAppProperties () returned 0x3
[0223.886] IsAppThemed () returned 0x1
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] GetFocus () returned 0x1d02d8
[0223.886] IsAppThemed () returned 0x1
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] IsAppThemed () returned 0x1
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] IsThemePartDefined () returned 0x1
[0223.886] IsAppThemed () returned 0x1
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0223.886] IsAppThemed () returned 0x1
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] GetThemeAppProperties () returned 0x3
[0223.886] IsAppThemed () returned 0x1
[0223.887] GetThemeAppProperties () returned 0x3
[0223.887] GetThemeAppProperties () returned 0x3
[0223.887] IsThemePartDefined () returned 0x1
[0223.887] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0223.887] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0223.887] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0223.887] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0223.887] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dff0) returned 0x0
[0223.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0223.887] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0223.887] LocalFree (hMem=0x11ee868) returned 0x0
[0223.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.887] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0223.887] LocalFree (hMem=0x11ee788) returned 0x0
[0223.887] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0223.887] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e018) returned 0x0
[0223.887] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e008) returned 0x0
[0223.894] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0223.894] GdipDeleteRegion (region=0x6645518) returned 0x0
[0223.894] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0223.894] GetCurrentObject (hdc=0x8c0107d2, type=0x1) returned 0xb00017
[0223.895] GetCurrentObject (hdc=0x8c0107d2, type=0x2) returned 0x900010
[0223.895] GetCurrentObject (hdc=0x8c0107d2, type=0x7) returned 0x4a0507fe
[0223.895] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.895] SaveDC (hdc=0x8c0107d2) returned 1
[0223.895] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4d040807
[0223.895] GetClipRgn (hdc=0x8c0107d2, hrgn=0x4d040807) returned 0
[0223.895] SelectClipRgn (hdc=0x8c0107d2, hrgn=0xdd0407de) returned 2
[0223.895] DeleteObject (ho=0x4d040807) returned 1
[0223.895] DeleteObject (ho=0xdd0407de) returned 1
[0223.895] OffsetViewportOrgEx (in: hdc=0x8c0107d2, x=0, y=0, lppt=0x2e47c24 | out: lppt=0x2e47c24) returned 1
[0223.895] DrawThemeParentBackground () returned 0x0
[0223.896] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0223.896] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0223.896] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.896] GetSystemMetrics (nIndex=42) returned 0
[0223.896] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0223.896] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0223.896] GetCurrentObject (hdc=0x8c0107d2, type=0x1) returned 0xb00017
[0223.896] GetCurrentObject (hdc=0x8c0107d2, type=0x2) returned 0x900010
[0223.896] GetCurrentObject (hdc=0x8c0107d2, type=0x7) returned 0x4a0507fe
[0223.896] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.896] SaveDC (hdc=0x8c0107d2) returned 2
[0223.896] GetNearestColor (hdc=0x8c0107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.896] CreateSolidBrush (color=0xf0f0f0) returned 0x411007e1
[0223.896] FillRect (hDC=0x8c0107d2, lprc=0xd7da38, hbr=0x411007e1) returned 1
[0223.897] DeleteObject (ho=0x411007e1) returned 1
[0223.897] RestoreDC (hdc=0x8c0107d2, nSavedDC=-1) returned 1
[0223.897] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.897] GetSystemMetrics (nIndex=42) returned 0
[0223.897] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0223.897] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0223.897] GetCurrentObject (hdc=0x8c0107d2, type=0x1) returned 0xb00017
[0223.897] GetCurrentObject (hdc=0x8c0107d2, type=0x2) returned 0x900010
[0223.897] GetCurrentObject (hdc=0x8c0107d2, type=0x7) returned 0x4a0507fe
[0223.897] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.897] SaveDC (hdc=0x8c0107d2) returned 2
[0223.897] GetNearestColor (hdc=0x8c0107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.897] CreateSolidBrush (color=0xf0f0f0) returned 0x421007e1
[0223.897] FillRect (hDC=0x8c0107d2, lprc=0xd7d9d8, hbr=0x421007e1) returned 1
[0223.898] DeleteObject (ho=0x421007e1) returned 1
[0223.898] RestoreDC (hdc=0x8c0107d2, nSavedDC=-1) returned 1
[0223.898] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.898] GetSystemMetrics (nIndex=42) returned 0
[0223.898] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0223.898] RestoreDC (hdc=0x8c0107d2, nSavedDC=-1) returned 1
[0223.898] GdipReleaseDC (graphics=0x6600030, hdc=0x8c0107d2) returned 0x0
[0223.898] IsAppThemed () returned 0x1
[0223.898] GetThemeAppProperties () returned 0x3
[0223.898] GetThemeAppProperties () returned 0x3
[0223.898] IsAppThemed () returned 0x1
[0223.899] GetThemeAppProperties () returned 0x3
[0223.899] GetThemeAppProperties () returned 0x3
[0223.899] IsThemePartDefined () returned 0x1
[0223.899] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0223.899] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0223.899] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0223.899] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0223.899] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0223.899] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eecc8) returned 0x0
[0223.899] LocalFree (hMem=0x11eecc8) returned 0x0
[0223.899] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0223.899] LocalFree (hMem=0x11ee788) returned 0x0
[0223.899] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0223.899] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0223.899] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0223.899] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0223.900] GdipDeleteRegion (region=0x6645248) returned 0x0
[0223.900] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0223.900] GetCurrentObject (hdc=0x8c0107d2, type=0x1) returned 0xb00017
[0223.900] GetCurrentObject (hdc=0x8c0107d2, type=0x2) returned 0x900010
[0223.900] GetCurrentObject (hdc=0x8c0107d2, type=0x7) returned 0x4a0507fe
[0223.900] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.900] SaveDC (hdc=0x8c0107d2) returned 1
[0223.900] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xde0407de
[0223.900] GetClipRgn (hdc=0x8c0107d2, hrgn=0xde0407de) returned 0
[0223.900] SelectClipRgn (hdc=0x8c0107d2, hrgn=0x4f040807) returned 2
[0223.900] DeleteObject (ho=0xde0407de) returned 1
[0223.900] DeleteObject (ho=0x4f040807) returned 1
[0223.900] OffsetViewportOrgEx (in: hdc=0x8c0107d2, x=0, y=0, lppt=0x2e484d0 | out: lppt=0x2e484d0) returned 1
[0223.900] IsAppThemed () returned 0x1
[0223.900] GetThemeAppProperties () returned 0x3
[0223.901] GetThemeAppProperties () returned 0x3
[0223.901] DrawThemeBackground () returned 0x0
[0223.901] RestoreDC (hdc=0x8c0107d2, nSavedDC=-1) returned 1
[0223.901] GdipReleaseDC (graphics=0x6600030, hdc=0x8c0107d2) returned 0x0
[0223.901] GdipCreateRegion (region=0xd7df60) returned 0x0
[0223.901] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0223.901] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0223.901] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0223.901] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0223.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0223.901] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0223.901] LocalFree (hMem=0x11ee868) returned 0x0
[0223.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0223.901] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0223.901] LocalFree (hMem=0x11eecc8) returned 0x0
[0223.902] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0223.902] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0223.902] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df90) returned 0x0
[0223.902] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0223.902] GdipDeleteRegion (region=0x6646058) returned 0x0
[0223.902] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0223.902] GetCurrentObject (hdc=0x8c0107d2, type=0x1) returned 0xb00017
[0223.902] GetCurrentObject (hdc=0x8c0107d2, type=0x2) returned 0x900010
[0223.902] GetCurrentObject (hdc=0x8c0107d2, type=0x7) returned 0x4a0507fe
[0223.902] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.902] SaveDC (hdc=0x8c0107d2) returned 1
[0223.902] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x50040807
[0223.902] GetClipRgn (hdc=0x8c0107d2, hrgn=0x50040807) returned 0
[0223.902] SelectClipRgn (hdc=0x8c0107d2, hrgn=0xdf0407de) returned 2
[0223.903] DeleteObject (ho=0x50040807) returned 1
[0223.903] DeleteObject (ho=0xdf0407de) returned 1
[0223.903] OffsetViewportOrgEx (in: hdc=0x8c0107d2, x=0, y=0, lppt=0x2e487a4 | out: lppt=0x2e487a4) returned 1
[0223.903] IsAppThemed () returned 0x1
[0223.903] GetThemeAppProperties () returned 0x3
[0223.903] GetThemeAppProperties () returned 0x3
[0223.903] GetThemeBackgroundContentRect () returned 0x0
[0223.903] RestoreDC (hdc=0x8c0107d2, nSavedDC=-1) returned 1
[0223.910] GdipReleaseDC (graphics=0x6600030, hdc=0x8c0107d2) returned 0x0
[0223.910] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0223.910] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0223.910] GdipCloneRegion (region=0x6645998, cloneRegion=0xd7e150) returned 0x0
[0223.910] GdipCombineRegionRectI (region=0x66455a8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0223.911] GdipCombineRegionRectI (region=0x66455a8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0223.911] GdipSetClipRegion (graphics=0x6600030, region=0x66455a8, combineMode=0x0) returned 0x0
[0223.911] GdipGetImageWidth (image=0x6650b40, width=0xd7e154) returned 0x0
[0223.911] GdipGetImageHeight (image=0x6650b40, height=0xd7e148) returned 0x0
[0223.911] GdipDrawImageRectI (graphics=0x6600030, image=0x6650b40, x=4, y=4, width=16, height=16) returned 0x0
[0223.911] GdipSetClipRegion (graphics=0x6600030, region=0x6645998, combineMode=0x0) returned 0x0
[0223.911] IsAppThemed () returned 0x1
[0223.911] GetThemeAppProperties () returned 0x3
[0223.911] GetThemeAppProperties () returned 0x3
[0223.911] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0223.911] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0223.911] GetCurrentObject (hdc=0x8c0107d2, type=0x1) returned 0xb00017
[0223.911] GetCurrentObject (hdc=0x8c0107d2, type=0x2) returned 0x900010
[0223.911] GetCurrentObject (hdc=0x8c0107d2, type=0x7) returned 0x4a0507fe
[0223.911] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.912] SaveDC (hdc=0x8c0107d2) returned 1
[0223.912] GetTextAlign (hdc=0x8c0107d2) returned 0x0
[0223.912] GetTextColor (hdc=0x8c0107d2) returned 0x0
[0223.912] GetCurrentObject (hdc=0x8c0107d2, type=0x6) returned 0x8a01c2
[0223.912] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0223.912] SelectObject (hdc=0x8c0107d2, h=0x6d0a0520) returned 0x8a01c2
[0223.912] GetBkMode (hdc=0x8c0107d2) returned 2
[0223.912] SetBkMode (hdc=0x8c0107d2, mode=1) returned 2
[0223.912] DrawTextExW (in: hdc=0x8c0107d2, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e48b64 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0223.913] DrawTextExW (in: hdc=0x8c0107d2, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e48b64 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0223.913] RestoreDC (hdc=0x8c0107d2, nSavedDC=-1) returned 1
[0223.913] GdipReleaseDC (graphics=0x6600030, hdc=0x8c0107d2) returned 0x0
[0223.913] GetFocus () returned 0x1d02d8
[0223.913] IsAppThemed () returned 0x1
[0223.913] GetThemeAppProperties () returned 0x3
[0223.913] GetThemeAppProperties () returned 0x3
[0223.913] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0223.913] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x8c0107d2, x1=0, y1=0, rop=0xcc0020) returned 1
[0223.914] GdipReleaseDC (graphics=0x6600030, hdc=0x8c0107d2) returned 0x0
[0223.914] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.914] SelectObject (hdc=0x8c0107d2, h=0x85000f) returned 0x4a0507fe
[0223.914] DeleteDC (hdc=0x8c0107d2) returned 1
[0223.914] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.914] EndPaint (hWnd=0x1d02d8, lpPaint=0xd7e24c) returned 1
[0223.914] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.914] IsWindowUnicode (hWnd=0x1b02de) returned 1
[0223.914] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.915] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.915] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.915] BeginPaint (in: hWnd=0x1b02de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0223.915] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.915] CreateCompatibleDC (hdc=0xc0107c5) returned 0x8e0107d2
[0223.915] SelectObject (hdc=0x8e0107d2, h=0x4a0507fe) returned 0x85000f
[0223.915] GdipCreateFromHDC (hdc=0x8e0107d2, graphics=0xd7e268) returned 0x0
[0223.915] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0223.915] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0223.915] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0223.915] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0223.916] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0223.916] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0223.916] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0223.916] LocalFree (hMem=0x11ee788) returned 0x0
[0223.916] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0223.916] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0223.916] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0223.916] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0223.916] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0223.916] GdipRestoreGraphics (graphics=0x6600030, state=0xf9940dbd) returned 0x0
[0223.916] GdipDeleteRegion (region=0x6645638) returned 0x0
[0223.916] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0223.916] GetCurrentObject (hdc=0x8e0107d2, type=0x1) returned 0xb00017
[0223.916] GetCurrentObject (hdc=0x8e0107d2, type=0x2) returned 0x900010
[0223.916] GetCurrentObject (hdc=0x8e0107d2, type=0x7) returned 0x4a0507fe
[0223.917] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.917] SaveDC (hdc=0x8e0107d2) returned 1
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0xa0a0a0) returned 0xa0a0a0
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0x696969) returned 0x696969
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0xa0a0a0) returned 0xa0a0a0
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0x0) returned 0x0
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0xffffff) returned 0xffffff
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0xe5e5e5) returned 0xe5e5e5
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0xd7d7d7) returned 0xd7d7d7
[0223.917] GetNearestColor (hdc=0x8e0107d2, color=0x0) returned 0x0
[0223.917] RestoreDC (hdc=0x8e0107d2, nSavedDC=-1) returned 1
[0223.918] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107d2) returned 0x0
[0223.918] IsAppThemed () returned 0x1
[0223.918] GetThemeAppProperties () returned 0x3
[0223.918] GetThemeAppProperties () returned 0x3
[0223.918] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0223.918] SendMessageW (hWnd=0x1b02da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0223.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0223.918] IsAppThemed () returned 0x1
[0223.918] GetThemeAppProperties () returned 0x3
[0223.918] GetThemeAppProperties () returned 0x3
[0223.918] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e49374 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0223.918] IsAppThemed () returned 0x1
[0223.919] GetThemeAppProperties () returned 0x3
[0223.919] GetThemeAppProperties () returned 0x3
[0223.919] IsAppThemed () returned 0x1
[0223.919] GetThemeAppProperties () returned 0x3
[0223.919] GetThemeAppProperties () returned 0x3
[0223.919] IsAppThemed () returned 0x1
[0223.919] GetThemeAppProperties () returned 0x3
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] IsAppThemed () returned 0x1
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] IsThemePartDefined () returned 0x1
[0223.920] IsAppThemed () returned 0x1
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0223.920] IsAppThemed () returned 0x1
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] IsAppThemed () returned 0x1
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] GetThemeAppProperties () returned 0x3
[0223.920] IsThemePartDefined () returned 0x1
[0223.920] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0223.920] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0223.920] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0223.920] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0223.921] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfe4) returned 0x0
[0223.921] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0223.921] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0223.921] LocalFree (hMem=0x11eea28) returned 0x0
[0223.921] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0223.921] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0223.921] LocalFree (hMem=0x11eed00) returned 0x0
[0223.921] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0223.921] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0223.921] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0223.921] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0223.921] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0223.921] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0223.921] GetCurrentObject (hdc=0x8e0107d2, type=0x1) returned 0xb00017
[0223.921] GetCurrentObject (hdc=0x8e0107d2, type=0x2) returned 0x900010
[0223.921] GetCurrentObject (hdc=0x8e0107d2, type=0x7) returned 0x4a0507fe
[0223.922] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.922] SaveDC (hdc=0x8e0107d2) returned 1
[0223.922] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe00407de
[0223.922] GetClipRgn (hdc=0x8e0107d2, hrgn=0xe00407de) returned 0
[0223.922] SelectClipRgn (hdc=0x8e0107d2, hrgn=0x54040807) returned 2
[0223.922] DeleteObject (ho=0xe00407de) returned 1
[0223.922] DeleteObject (ho=0x54040807) returned 1
[0223.922] OffsetViewportOrgEx (in: hdc=0x8e0107d2, x=0, y=0, lppt=0x2e49a24 | out: lppt=0x2e49a24) returned 1
[0223.922] DrawThemeParentBackground () returned 0x0
[0223.922] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0223.922] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0223.922] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.923] GetSystemMetrics (nIndex=42) returned 0
[0223.923] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0223.923] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0223.923] GetCurrentObject (hdc=0x8e0107d2, type=0x1) returned 0xb00017
[0223.923] GetCurrentObject (hdc=0x8e0107d2, type=0x2) returned 0x900010
[0223.923] GetCurrentObject (hdc=0x8e0107d2, type=0x7) returned 0x4a0507fe
[0223.923] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.923] SaveDC (hdc=0x8e0107d2) returned 2
[0223.923] GetNearestColor (hdc=0x8e0107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.923] CreateSolidBrush (color=0xf0f0f0) returned 0x431007e1
[0223.923] FillRect (hDC=0x8e0107d2, lprc=0xd7da30, hbr=0x431007e1) returned 1
[0223.923] DeleteObject (ho=0x431007e1) returned 1
[0223.924] RestoreDC (hdc=0x8e0107d2, nSavedDC=-1) returned 1
[0223.924] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.924] GetSystemMetrics (nIndex=42) returned 0
[0223.924] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0223.924] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0223.924] GetCurrentObject (hdc=0x8e0107d2, type=0x1) returned 0xb00017
[0223.924] GetCurrentObject (hdc=0x8e0107d2, type=0x2) returned 0x900010
[0223.924] GetCurrentObject (hdc=0x8e0107d2, type=0x7) returned 0x4a0507fe
[0223.924] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.924] SaveDC (hdc=0x8e0107d2) returned 2
[0223.924] GetNearestColor (hdc=0x8e0107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.924] CreateSolidBrush (color=0xf0f0f0) returned 0x441007e1
[0223.924] FillRect (hDC=0x8e0107d2, lprc=0xd7d9d0, hbr=0x441007e1) returned 1
[0223.925] DeleteObject (ho=0x441007e1) returned 1
[0223.925] RestoreDC (hdc=0x8e0107d2, nSavedDC=-1) returned 1
[0223.925] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.925] GetSystemMetrics (nIndex=42) returned 0
[0223.925] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0223.925] RestoreDC (hdc=0x8e0107d2, nSavedDC=-1) returned 1
[0223.925] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107d2) returned 0x0
[0223.925] IsAppThemed () returned 0x1
[0223.925] GetThemeAppProperties () returned 0x3
[0223.925] GetThemeAppProperties () returned 0x3
[0223.925] IsAppThemed () returned 0x1
[0223.926] GetThemeAppProperties () returned 0x3
[0223.926] GetThemeAppProperties () returned 0x3
[0223.926] IsThemePartDefined () returned 0x1
[0223.926] GdipCreateRegion (region=0xd7df50) returned 0x0
[0223.926] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0223.926] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0223.926] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0223.926] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df68) returned 0x0
[0223.926] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0223.926] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0223.926] LocalFree (hMem=0x11eec58) returned 0x0
[0223.926] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0223.926] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eecc8) returned 0x0
[0223.926] LocalFree (hMem=0x11eecc8) returned 0x0
[0223.926] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0223.926] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0223.926] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7df80) returned 0x0
[0223.927] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0223.927] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0223.927] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0223.927] GetCurrentObject (hdc=0x8e0107d2, type=0x1) returned 0xb00017
[0223.927] GetCurrentObject (hdc=0x8e0107d2, type=0x2) returned 0x900010
[0223.927] GetCurrentObject (hdc=0x8e0107d2, type=0x7) returned 0x4a0507fe
[0223.927] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.927] SaveDC (hdc=0x8e0107d2) returned 1
[0223.927] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0223.927] GetClipRgn (hdc=0x8e0107d2, hrgn=0x55040807) returned 0
[0223.927] SelectClipRgn (hdc=0x8e0107d2, hrgn=0xe20407de) returned 2
[0223.927] DeleteObject (ho=0x55040807) returned 1
[0223.927] DeleteObject (ho=0xe20407de) returned 1
[0223.927] OffsetViewportOrgEx (in: hdc=0x8e0107d2, x=0, y=0, lppt=0x2e4a2d0 | out: lppt=0x2e4a2d0) returned 1
[0223.927] IsAppThemed () returned 0x1
[0223.928] GetThemeAppProperties () returned 0x3
[0223.928] GetThemeAppProperties () returned 0x3
[0223.928] DrawThemeBackground () returned 0x0
[0223.928] RestoreDC (hdc=0x8e0107d2, nSavedDC=-1) returned 1
[0223.928] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107d2) returned 0x0
[0223.928] GdipCreateRegion (region=0xd7df54) returned 0x0
[0223.928] GdipGetClip (graphics=0x6600030, region=0x6645b48) returned 0x0
[0223.928] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0223.928] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0223.928] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df6c) returned 0x0
[0223.928] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0223.928] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0223.928] LocalFree (hMem=0x11eea28) returned 0x0
[0223.928] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0223.928] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0223.928] LocalFree (hMem=0x11ee868) returned 0x0
[0223.929] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0223.929] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7df94) returned 0x0
[0223.929] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7df84) returned 0x0
[0223.929] GdipGetRegionHRgn (region=0x6645b48, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0223.929] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0223.929] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0223.929] GetCurrentObject (hdc=0x8e0107d2, type=0x1) returned 0xb00017
[0223.929] GetCurrentObject (hdc=0x8e0107d2, type=0x2) returned 0x900010
[0223.929] GetCurrentObject (hdc=0x8e0107d2, type=0x7) returned 0x4a0507fe
[0223.929] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.929] SaveDC (hdc=0x8e0107d2) returned 1
[0223.929] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe30407de
[0223.929] GetClipRgn (hdc=0x8e0107d2, hrgn=0xe30407de) returned 0
[0223.929] SelectClipRgn (hdc=0x8e0107d2, hrgn=0x56040807) returned 2
[0223.929] DeleteObject (ho=0xe30407de) returned 1
[0223.930] DeleteObject (ho=0x56040807) returned 1
[0223.930] OffsetViewportOrgEx (in: hdc=0x8e0107d2, x=0, y=0, lppt=0x2e4a5a4 | out: lppt=0x2e4a5a4) returned 1
[0223.930] IsAppThemed () returned 0x1
[0223.930] GetThemeAppProperties () returned 0x3
[0223.930] GetThemeAppProperties () returned 0x3
[0223.930] GetThemeBackgroundContentRect () returned 0x0
[0223.930] RestoreDC (hdc=0x8e0107d2, nSavedDC=-1) returned 1
[0223.930] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107d2) returned 0x0
[0223.930] IsAppThemed () returned 0x1
[0223.930] GetThemeAppProperties () returned 0x3
[0223.930] GetThemeAppProperties () returned 0x3
[0223.930] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0223.930] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0223.930] GetCurrentObject (hdc=0x8e0107d2, type=0x1) returned 0xb00017
[0223.930] GetCurrentObject (hdc=0x8e0107d2, type=0x2) returned 0x900010
[0223.930] GetCurrentObject (hdc=0x8e0107d2, type=0x7) returned 0x4a0507fe
[0223.930] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.931] SaveDC (hdc=0x8e0107d2) returned 1
[0223.931] GetTextAlign (hdc=0x8e0107d2) returned 0x0
[0223.931] GetTextColor (hdc=0x8e0107d2) returned 0x0
[0223.931] GetCurrentObject (hdc=0x8e0107d2, type=0x6) returned 0x8a01c2
[0223.931] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0223.931] SelectObject (hdc=0x8e0107d2, h=0x6d0a0520) returned 0x8a01c2
[0223.931] GetBkMode (hdc=0x8e0107d2) returned 2
[0223.931] SetBkMode (hdc=0x8e0107d2, mode=1) returned 2
[0223.931] DrawTextExW (in: hdc=0x8e0107d2, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e4a944 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0223.932] DrawTextExW (in: hdc=0x8e0107d2, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e4a944 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0223.932] RestoreDC (hdc=0x8e0107d2, nSavedDC=-1) returned 1
[0223.932] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107d2) returned 0x0
[0223.932] GetFocus () returned 0x1d02d8
[0223.932] IsAppThemed () returned 0x1
[0223.932] GetThemeAppProperties () returned 0x3
[0223.932] GetThemeAppProperties () returned 0x3
[0223.932] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0223.932] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x8e0107d2, x1=0, y1=0, rop=0xcc0020) returned 1
[0223.932] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107d2) returned 0x0
[0223.933] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.933] SelectObject (hdc=0x8e0107d2, h=0x85000f) returned 0x4a0507fe
[0223.933] DeleteDC (hdc=0x8e0107d2) returned 1
[0223.933] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.933] EndPaint (hWnd=0x1b02de, lpPaint=0xd7e24c) returned 1
[0223.933] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.933] IsWindowUnicode (hWnd=0x1002d0) returned 1
[0223.933] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.933] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.933] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.933] BeginPaint (in: hWnd=0x1002d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0223.934] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0223.934] CreateCompatibleDC (hdc=0xf0105ee) returned 0x900107d2
[0223.934] SelectObject (hdc=0x900107d2, h=0x4a0507fe) returned 0x85000f
[0223.934] GdipCreateFromHDC (hdc=0x900107d2, graphics=0xd7e268) returned 0x0
[0223.934] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0223.934] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0223.934] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0223.934] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0223.941] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0223.941] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0223.941] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0223.941] LocalFree (hMem=0x11eead0) returned 0x0
[0223.942] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0223.942] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0223.942] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0223.942] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0223.942] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0223.942] GdipRestoreGraphics (graphics=0x6600030, state=0xf9920dbd) returned 0x0
[0223.942] GdipDeleteRegion (region=0x6645368) returned 0x0
[0223.942] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0223.942] GetCurrentObject (hdc=0x900107d2, type=0x1) returned 0xb00017
[0223.942] GetCurrentObject (hdc=0x900107d2, type=0x2) returned 0x900010
[0223.942] GetCurrentObject (hdc=0x900107d2, type=0x7) returned 0x4a0507fe
[0223.942] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.942] SaveDC (hdc=0x900107d2) returned 1
[0223.942] GetNearestColor (hdc=0x900107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.942] GetNearestColor (hdc=0x900107d2, color=0xa0a0a0) returned 0xa0a0a0
[0223.942] GetNearestColor (hdc=0x900107d2, color=0x696969) returned 0x696969
[0223.943] GetNearestColor (hdc=0x900107d2, color=0xa0a0a0) returned 0xa0a0a0
[0223.943] GetNearestColor (hdc=0x900107d2, color=0x0) returned 0x0
[0223.943] GetNearestColor (hdc=0x900107d2, color=0xffffff) returned 0xffffff
[0223.943] GetNearestColor (hdc=0x900107d2, color=0xe5e5e5) returned 0xe5e5e5
[0223.943] GetNearestColor (hdc=0x900107d2, color=0xd7d7d7) returned 0xd7d7d7
[0223.943] GetNearestColor (hdc=0x900107d2, color=0x0) returned 0x0
[0223.943] RestoreDC (hdc=0x900107d2, nSavedDC=-1) returned 1
[0223.943] GdipReleaseDC (graphics=0x6600030, hdc=0x900107d2) returned 0x0
[0223.943] IsAppThemed () returned 0x1
[0223.943] GetThemeAppProperties () returned 0x3
[0223.943] GetThemeAppProperties () returned 0x3
[0223.943] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0223.943] SendMessageW (hWnd=0x1b02da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0223.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0223.943] IsAppThemed () returned 0x1
[0223.944] GetThemeAppProperties () returned 0x3
[0223.944] GetThemeAppProperties () returned 0x3
[0223.944] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e4b154 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0223.944] IsAppThemed () returned 0x1
[0223.944] GetThemeAppProperties () returned 0x3
[0223.944] GetThemeAppProperties () returned 0x3
[0223.944] IsAppThemed () returned 0x1
[0223.944] GetThemeAppProperties () returned 0x3
[0223.944] GetThemeAppProperties () returned 0x3
[0223.944] GetFocus () returned 0x1d02d8
[0223.944] IsAppThemed () returned 0x1
[0223.944] GetThemeAppProperties () returned 0x3
[0223.944] GetThemeAppProperties () returned 0x3
[0223.945] IsAppThemed () returned 0x1
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] IsThemePartDefined () returned 0x1
[0223.945] IsAppThemed () returned 0x1
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0223.945] IsAppThemed () returned 0x1
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] IsAppThemed () returned 0x1
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] GetThemeAppProperties () returned 0x3
[0223.945] IsThemePartDefined () returned 0x1
[0223.945] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0223.945] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0223.945] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0223.945] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0223.945] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0223.946] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0223.946] LocalFree (hMem=0x11eea60) returned 0x0
[0223.946] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0223.946] LocalFree (hMem=0x11ee788) returned 0x0
[0223.946] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0223.946] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e018) returned 0x0
[0223.946] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e008) returned 0x0
[0223.946] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0223.946] GdipDeleteRegion (region=0x6646178) returned 0x0
[0223.946] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0223.946] GetCurrentObject (hdc=0x900107d2, type=0x1) returned 0xb00017
[0223.946] GetCurrentObject (hdc=0x900107d2, type=0x2) returned 0x900010
[0223.946] GetCurrentObject (hdc=0x900107d2, type=0x7) returned 0x4a0507fe
[0223.946] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.946] SaveDC (hdc=0x900107d2) returned 1
[0223.946] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x57040807
[0223.946] GetClipRgn (hdc=0x900107d2, hrgn=0x57040807) returned 0
[0223.946] SelectClipRgn (hdc=0x900107d2, hrgn=0xe70407de) returned 2
[0223.946] DeleteObject (ho=0x57040807) returned 1
[0223.947] DeleteObject (ho=0xe70407de) returned 1
[0223.947] OffsetViewportOrgEx (in: hdc=0x900107d2, x=0, y=0, lppt=0x2e4b804 | out: lppt=0x2e4b804) returned 1
[0223.947] DrawThemeParentBackground () returned 0x0
[0223.947] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0223.947] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0223.947] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.947] GetSystemMetrics (nIndex=42) returned 0
[0223.947] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0223.947] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0223.947] GetCurrentObject (hdc=0x900107d2, type=0x1) returned 0xb00017
[0223.947] GetCurrentObject (hdc=0x900107d2, type=0x2) returned 0x900010
[0223.947] GetCurrentObject (hdc=0x900107d2, type=0x7) returned 0x4a0507fe
[0223.947] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.947] SaveDC (hdc=0x900107d2) returned 2
[0223.947] GetNearestColor (hdc=0x900107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.948] CreateSolidBrush (color=0xf0f0f0) returned 0x451007e1
[0223.948] FillRect (hDC=0x900107d2, lprc=0xd7da38, hbr=0x451007e1) returned 1
[0223.948] DeleteObject (ho=0x451007e1) returned 1
[0223.948] RestoreDC (hdc=0x900107d2, nSavedDC=-1) returned 1
[0223.948] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.948] GetSystemMetrics (nIndex=42) returned 0
[0223.948] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0223.948] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0223.948] GetCurrentObject (hdc=0x900107d2, type=0x1) returned 0xb00017
[0223.948] GetCurrentObject (hdc=0x900107d2, type=0x2) returned 0x900010
[0223.948] GetCurrentObject (hdc=0x900107d2, type=0x7) returned 0x4a0507fe
[0223.948] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.948] SaveDC (hdc=0x900107d2) returned 2
[0223.948] GetNearestColor (hdc=0x900107d2, color=0xf0f0f0) returned 0xf0f0f0
[0223.948] CreateSolidBrush (color=0xf0f0f0) returned 0x461007e1
[0223.948] FillRect (hDC=0x900107d2, lprc=0xd7d9d8, hbr=0x461007e1) returned 1
[0223.949] DeleteObject (ho=0x461007e1) returned 1
[0223.949] RestoreDC (hdc=0x900107d2, nSavedDC=-1) returned 1
[0223.949] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0223.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0223.949] GetSystemMetrics (nIndex=42) returned 0
[0223.949] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0223.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0223.949] RestoreDC (hdc=0x900107d2, nSavedDC=-1) returned 1
[0223.949] GdipReleaseDC (graphics=0x6600030, hdc=0x900107d2) returned 0x0
[0223.949] IsAppThemed () returned 0x1
[0223.949] GetThemeAppProperties () returned 0x3
[0223.949] GetThemeAppProperties () returned 0x3
[0223.949] IsAppThemed () returned 0x1
[0223.949] GetThemeAppProperties () returned 0x3
[0223.950] GetThemeAppProperties () returned 0x3
[0223.950] IsThemePartDefined () returned 0x1
[0223.950] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0223.950] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0223.950] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0223.950] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0223.950] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0223.950] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0223.951] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea60) returned 0x0
[0223.951] LocalFree (hMem=0x11eea60) returned 0x0
[0223.951] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0223.951] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0223.951] LocalFree (hMem=0x11eec58) returned 0x0
[0223.951] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0223.951] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0223.951] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0223.952] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0223.952] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0223.952] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0223.952] GetCurrentObject (hdc=0x900107d2, type=0x1) returned 0xb00017
[0223.952] GetCurrentObject (hdc=0x900107d2, type=0x2) returned 0x900010
[0223.952] GetCurrentObject (hdc=0x900107d2, type=0x7) returned 0x4a0507fe
[0223.952] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.952] SaveDC (hdc=0x900107d2) returned 1
[0223.952] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe80407de
[0223.952] GetClipRgn (hdc=0x900107d2, hrgn=0xe80407de) returned 0
[0223.952] SelectClipRgn (hdc=0x900107d2, hrgn=0x59040807) returned 2
[0223.952] DeleteObject (ho=0xe80407de) returned 1
[0223.952] DeleteObject (ho=0x59040807) returned 1
[0223.952] OffsetViewportOrgEx (in: hdc=0x900107d2, x=0, y=0, lppt=0x2e4c0b0 | out: lppt=0x2e4c0b0) returned 1
[0223.953] IsAppThemed () returned 0x1
[0223.953] GetThemeAppProperties () returned 0x3
[0223.953] GetThemeAppProperties () returned 0x3
[0223.953] DrawThemeBackground () returned 0x0
[0223.953] RestoreDC (hdc=0x900107d2, nSavedDC=-1) returned 1
[0223.953] GdipReleaseDC (graphics=0x6600030, hdc=0x900107d2) returned 0x0
[0223.953] GdipCreateRegion (region=0xd7df60) returned 0x0
[0223.953] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0223.953] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0223.953] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0223.953] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0223.953] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0223.953] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0223.953] LocalFree (hMem=0x11eecc8) returned 0x0
[0223.953] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0223.953] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0223.954] LocalFree (hMem=0x11eecc8) returned 0x0
[0223.954] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0223.954] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0223.954] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7df90) returned 0x0
[0223.954] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0223.954] GdipDeleteRegion (region=0x6645098) returned 0x0
[0223.954] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0223.954] GetCurrentObject (hdc=0x900107d2, type=0x1) returned 0xb00017
[0223.954] GetCurrentObject (hdc=0x900107d2, type=0x2) returned 0x900010
[0223.954] GetCurrentObject (hdc=0x900107d2, type=0x7) returned 0x4a0507fe
[0223.954] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.954] SaveDC (hdc=0x900107d2) returned 1
[0223.954] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a040807
[0223.954] GetClipRgn (hdc=0x900107d2, hrgn=0x5a040807) returned 0
[0223.954] SelectClipRgn (hdc=0x900107d2, hrgn=0xe90407de) returned 2
[0223.955] DeleteObject (ho=0x5a040807) returned 1
[0223.955] DeleteObject (ho=0xe90407de) returned 1
[0223.955] OffsetViewportOrgEx (in: hdc=0x900107d2, x=0, y=0, lppt=0x2e4c384 | out: lppt=0x2e4c384) returned 1
[0223.955] IsAppThemed () returned 0x1
[0223.983] GetThemeAppProperties () returned 0x3
[0223.983] GetThemeAppProperties () returned 0x3
[0223.983] GetThemeBackgroundContentRect () returned 0x0
[0223.983] RestoreDC (hdc=0x900107d2, nSavedDC=-1) returned 1
[0223.984] GdipReleaseDC (graphics=0x6600030, hdc=0x900107d2) returned 0x0
[0223.984] IsAppThemed () returned 0x1
[0223.984] GetThemeAppProperties () returned 0x3
[0223.984] GetThemeAppProperties () returned 0x3
[0223.984] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0223.984] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0223.984] GetCurrentObject (hdc=0x900107d2, type=0x1) returned 0xb00017
[0223.984] GetCurrentObject (hdc=0x900107d2, type=0x2) returned 0x900010
[0223.984] GetCurrentObject (hdc=0x900107d2, type=0x7) returned 0x4a0507fe
[0223.984] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.984] SaveDC (hdc=0x900107d2) returned 1
[0223.984] GetTextAlign (hdc=0x900107d2) returned 0x0
[0223.984] GetTextColor (hdc=0x900107d2) returned 0x0
[0223.984] GetCurrentObject (hdc=0x900107d2, type=0x6) returned 0x8a01c2
[0223.985] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0223.985] SelectObject (hdc=0x900107d2, h=0x6d0a0520) returned 0x8a01c2
[0223.985] GetBkMode (hdc=0x900107d2) returned 2
[0223.985] SetBkMode (hdc=0x900107d2, mode=1) returned 2
[0223.985] DrawTextExW (in: hdc=0x900107d2, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e4c724 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0223.985] DrawTextExW (in: hdc=0x900107d2, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e4c724 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0223.986] RestoreDC (hdc=0x900107d2, nSavedDC=-1) returned 1
[0223.986] GdipReleaseDC (graphics=0x6600030, hdc=0x900107d2) returned 0x0
[0223.986] GetFocus () returned 0x1d02d8
[0223.986] IsAppThemed () returned 0x1
[0223.986] GetThemeAppProperties () returned 0x3
[0223.986] GetThemeAppProperties () returned 0x3
[0223.986] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0223.986] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x900107d2, x1=0, y1=0, rop=0xcc0020) returned 1
[0223.986] GdipReleaseDC (graphics=0x6600030, hdc=0x900107d2) returned 0x0
[0223.986] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0223.986] SelectObject (hdc=0x900107d2, h=0x85000f) returned 0x4a0507fe
[0223.986] DeleteDC (hdc=0x900107d2) returned 1
[0223.987] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0223.987] EndPaint (hWnd=0x1002d0, lpPaint=0xd7e24c) returned 1
[0223.987] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.987] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0223.987] IsWindowUnicode (hWnd=0x1b02de) returned 1
[0223.987] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0223.987] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0223.988] GetDlgItem (hDlg=0x1b02da, nIDDlgItem=0) returned 0x0
[0223.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x210, wParam=0x201, lParam=0x6c0121) returned 0x0
[0223.988] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x21, wParam=0x1b02da, lParam=0x2010001) returned 0x1
[0223.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x21, wParam=0x1b02da, lParam=0x2010001) returned 0x1
[0223.988] SetCursor (hCursor=0x10003) returned 0x10003
[0223.988] TranslateMessage (lpMsg=0xd7e808) returned 0
[0223.988] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0223.988] GetKeyState (nVirtKey=1) returned -127
[0223.988] GetKeyState (nVirtKey=2) returned 0
[0223.988] GetKeyState (nVirtKey=4) returned 0
[0223.989] GetKeyState (nVirtKey=5) returned 0
[0223.989] GetKeyState (nVirtKey=6) returned 0
[0223.989] IsWindowVisible (hWnd=0x1b02de) returned 1
[0223.989] IsWindowEnabled (hWnd=0x1b02de) returned 1
[0223.989] SetFocus (hWnd=0x1b02de) returned 0x1d02d8
[0223.990] GetFocus () returned 0x1b02de
[0223.990] IsChild (hWndParent=0x1b02da, hWnd=0x1b02de) returned 1
[0223.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x8, wParam=0x1b02de, lParam=0x0) returned 0x0
[0223.990] GetCapture () returned 0x0
[0223.990] InvalidateRect (hWnd=0x1d02d8, lpRect=0x0, bErase=0) returned 1
[0223.991] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0223.992] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0223.994] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0223.994] InvalidateRect (hWnd=0x1d02d8, lpRect=0x0, bErase=0) returned 1
[0223.995] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0223.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x7, wParam=0x1d02d8, lParam=0x0) returned 0x0
[0223.995] GetStockObject (i=5) returned 0x900015
[0223.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0223.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0223.995] GetDlgItem (hDlg=0x1b02da, nIDDlgItem=1770206) returned 0x1b02de
[0223.995] SendMessageW (hWnd=0x1b02de, Msg=0x202b, wParam=0x1b02de, lParam=0xd7dddc) returned 0x0
[0223.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x202b, wParam=0x1b02de, lParam=0xd7dddc) returned 0x0
[0223.995] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0224.004] GetFocus () returned 0x1b02de
[0224.004] GetFocus () returned 0x1b02de
[0224.004] GetFocus () returned 0x1b02de
[0224.004] GetKeyState (nVirtKey=1) returned -127
[0224.004] GetKeyState (nVirtKey=2) returned 0
[0224.004] GetKeyState (nVirtKey=4) returned 0
[0224.004] GetKeyState (nVirtKey=5) returned 0
[0224.004] GetKeyState (nVirtKey=6) returned 0
[0224.004] GetCapture () returned 0x0
[0224.004] SetCapture (hWnd=0x1b02de) returned 0x0
[0224.004] GetKeyState (nVirtKey=1) returned -127
[0224.004] GetKeyState (nVirtKey=2) returned 0
[0224.004] GetKeyState (nVirtKey=4) returned 0
[0224.005] GetKeyState (nVirtKey=5) returned 0
[0224.005] GetKeyState (nVirtKey=6) returned 0
[0224.005] NotifyWinEvent (event=0x800a, hwnd=0x1b02de, idObject=-4, idChild=0)
[0224.005] InvalidateRect (hWnd=0x1b02de, lpRect=0xd7e430, bErase=0) returned 1
[0224.005] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0224.005] IsWindowUnicode (hWnd=0x1b02de) returned 1
[0224.005] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0224.005] TranslateMessage (lpMsg=0xd7e808) returned 0
[0224.005] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0224.005] MapWindowPoints (in: hWndFrom=0x1b02de, hWndTo=0x0, lpPoints=0x2e4c914, cPoints=0x1 | out: lpPoints=0x2e4c914) returned 30999254
[0224.005] NotifyWinEvent (event=0x800a, hwnd=0x1b02de, idObject=-4, idChild=0)
[0224.005] InvalidateRect (hWnd=0x1b02de, lpRect=0xd7e3d0, bErase=0) returned 1
[0224.005] UpdateWindow (hWnd=0x1b02de) returned 1
[0224.005] BeginPaint (in: hWnd=0x1b02de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0224.006] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0224.006] CreateCompatibleDC (hdc=0xc0107c5) returned 0xfb0107a2
[0224.006] SelectObject (hdc=0xfb0107a2, h=0x4a0507fe) returned 0x85000f
[0224.006] GdipCreateFromHDC (hdc=0xfb0107a2, graphics=0xd7df00) returned 0x0
[0224.006] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0224.006] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0224.006] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0224.006] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0224.006] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df60) returned 0x0
[0224.006] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0224.007] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0224.007] LocalFree (hMem=0x11ee788) returned 0x0
[0224.007] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0224.007] GdipCreateRegion (region=0xd7df48) returned 0x0
[0224.007] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0224.007] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7df54) returned 0x0
[0224.007] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0224.007] GdipRestoreGraphics (graphics=0x6600030, state=0xf9900dbd) returned 0x0
[0224.007] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0224.007] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0224.007] GetCurrentObject (hdc=0xfb0107a2, type=0x1) returned 0xb00017
[0224.007] GetCurrentObject (hdc=0xfb0107a2, type=0x2) returned 0x900010
[0224.007] GetCurrentObject (hdc=0xfb0107a2, type=0x7) returned 0x4a0507fe
[0224.007] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.007] SaveDC (hdc=0xfb0107a2) returned 1
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0x696969) returned 0x696969
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0xa0a0a0) returned 0xa0a0a0
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0x0) returned 0x0
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0xffffff) returned 0xffffff
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0xe5e5e5) returned 0xe5e5e5
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0xd7d7d7) returned 0xd7d7d7
[0224.008] GetNearestColor (hdc=0xfb0107a2, color=0x0) returned 0x0
[0224.008] RestoreDC (hdc=0xfb0107a2, nSavedDC=-1) returned 1
[0224.008] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107a2) returned 0x0
[0224.008] IsAppThemed () returned 0x1
[0224.008] GetThemeAppProperties () returned 0x3
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] IsAppThemed () returned 0x1
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e4d06c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0224.009] IsAppThemed () returned 0x1
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] IsAppThemed () returned 0x1
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] IsAppThemed () returned 0x1
[0224.009] GetThemeAppProperties () returned 0x3
[0224.009] GetThemeAppProperties () returned 0x3
[0224.010] IsAppThemed () returned 0x1
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] IsThemePartDefined () returned 0x1
[0224.010] IsAppThemed () returned 0x1
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0224.010] IsAppThemed () returned 0x1
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] IsAppThemed () returned 0x1
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] GetThemeAppProperties () returned 0x3
[0224.010] IsThemePartDefined () returned 0x1
[0224.010] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0224.010] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0224.010] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0224.010] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0224.011] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc7c) returned 0x0
[0224.011] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0224.011] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0224.011] LocalFree (hMem=0x11ee868) returned 0x0
[0224.011] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0224.011] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0224.011] LocalFree (hMem=0x11ee788) returned 0x0
[0224.011] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0224.011] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0224.011] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0224.011] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0224.011] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0224.011] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0224.011] GetCurrentObject (hdc=0xfb0107a2, type=0x1) returned 0xb00017
[0224.011] GetCurrentObject (hdc=0xfb0107a2, type=0x2) returned 0x900010
[0224.011] GetCurrentObject (hdc=0xfb0107a2, type=0x7) returned 0x4a0507fe
[0224.012] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.012] SaveDC (hdc=0xfb0107a2) returned 1
[0224.012] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xea0407de
[0224.012] GetClipRgn (hdc=0xfb0107a2, hrgn=0xea0407de) returned 0
[0224.012] SelectClipRgn (hdc=0xfb0107a2, hrgn=0x5e040807) returned 2
[0224.012] DeleteObject (ho=0xea0407de) returned 1
[0224.012] DeleteObject (ho=0x5e040807) returned 1
[0224.012] OffsetViewportOrgEx (in: hdc=0xfb0107a2, x=0, y=0, lppt=0x2e4d71c | out: lppt=0x2e4d71c) returned 1
[0224.012] DrawThemeParentBackground () returned 0x0
[0224.012] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0224.019] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0224.019] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0224.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0224.020] GetSystemMetrics (nIndex=42) returned 0
[0224.020] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0224.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0224.020] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0224.020] GetCurrentObject (hdc=0xfb0107a2, type=0x1) returned 0xb00017
[0224.020] GetCurrentObject (hdc=0xfb0107a2, type=0x2) returned 0x900010
[0224.020] GetCurrentObject (hdc=0xfb0107a2, type=0x7) returned 0x4a0507fe
[0224.020] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.020] SaveDC (hdc=0xfb0107a2) returned 2
[0224.020] GetNearestColor (hdc=0xfb0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0224.020] CreateSolidBrush (color=0xf0f0f0) returned 0x471007e1
[0224.020] FillRect (hDC=0xfb0107a2, lprc=0xd7d6c8, hbr=0x471007e1) returned 1
[0224.021] DeleteObject (ho=0x471007e1) returned 1
[0224.021] RestoreDC (hdc=0xfb0107a2, nSavedDC=-1) returned 1
[0224.021] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0224.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0224.021] GetSystemMetrics (nIndex=42) returned 0
[0224.021] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0224.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0224.021] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0224.021] GetCurrentObject (hdc=0xfb0107a2, type=0x1) returned 0xb00017
[0224.021] GetCurrentObject (hdc=0xfb0107a2, type=0x2) returned 0x900010
[0224.021] GetCurrentObject (hdc=0xfb0107a2, type=0x7) returned 0x4a0507fe
[0224.021] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.021] SaveDC (hdc=0xfb0107a2) returned 2
[0224.021] GetNearestColor (hdc=0xfb0107a2, color=0xf0f0f0) returned 0xf0f0f0
[0224.022] CreateSolidBrush (color=0xf0f0f0) returned 0x481007e1
[0224.022] FillRect (hDC=0xfb0107a2, lprc=0xd7d668, hbr=0x481007e1) returned 1
[0224.022] DeleteObject (ho=0x481007e1) returned 1
[0224.022] RestoreDC (hdc=0xfb0107a2, nSavedDC=-1) returned 1
[0224.022] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0224.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0224.022] GetSystemMetrics (nIndex=42) returned 0
[0224.022] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0224.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0224.022] RestoreDC (hdc=0xfb0107a2, nSavedDC=-1) returned 1
[0224.022] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107a2) returned 0x0
[0224.022] IsAppThemed () returned 0x1
[0224.023] GetThemeAppProperties () returned 0x3
[0224.023] GetThemeAppProperties () returned 0x3
[0224.023] IsAppThemed () returned 0x1
[0224.023] GetThemeAppProperties () returned 0x3
[0224.023] GetThemeAppProperties () returned 0x3
[0224.023] IsThemePartDefined () returned 0x1
[0224.023] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0224.023] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0224.023] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0224.023] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0224.023] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0224.023] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0224.023] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0224.023] LocalFree (hMem=0x11ee788) returned 0x0
[0224.023] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0224.023] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0224.024] LocalFree (hMem=0x11eec58) returned 0x0
[0224.024] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0224.024] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0224.024] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0224.024] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0224.024] GdipDeleteRegion (region=0x6645248) returned 0x0
[0224.024] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0224.024] GetCurrentObject (hdc=0xfb0107a2, type=0x1) returned 0xb00017
[0224.024] GetCurrentObject (hdc=0xfb0107a2, type=0x2) returned 0x900010
[0224.024] GetCurrentObject (hdc=0xfb0107a2, type=0x7) returned 0x4a0507fe
[0224.024] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.024] SaveDC (hdc=0xfb0107a2) returned 1
[0224.024] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0224.024] GetClipRgn (hdc=0xfb0107a2, hrgn=0x5f040807) returned 0
[0224.024] SelectClipRgn (hdc=0xfb0107a2, hrgn=0xec0407de) returned 2
[0224.025] DeleteObject (ho=0x5f040807) returned 1
[0224.025] DeleteObject (ho=0xec0407de) returned 1
[0224.025] OffsetViewportOrgEx (in: hdc=0xfb0107a2, x=0, y=0, lppt=0x2e4dfc8 | out: lppt=0x2e4dfc8) returned 1
[0224.025] IsAppThemed () returned 0x1
[0224.025] GetThemeAppProperties () returned 0x3
[0224.025] GetThemeAppProperties () returned 0x3
[0224.025] DrawThemeBackground () returned 0x0
[0224.025] RestoreDC (hdc=0xfb0107a2, nSavedDC=-1) returned 1
[0224.025] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107a2) returned 0x0
[0224.025] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0224.025] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0224.025] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0224.025] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0224.025] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc04) returned 0x0
[0224.025] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0224.025] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea28) returned 0x0
[0224.025] LocalFree (hMem=0x11eea28) returned 0x0
[0224.026] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0224.026] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea28) returned 0x0
[0224.026] LocalFree (hMem=0x11eea28) returned 0x0
[0224.026] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0224.026] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0224.026] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0224.026] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0224.026] GdipDeleteRegion (region=0x6645758) returned 0x0
[0224.026] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0224.026] GetCurrentObject (hdc=0xfb0107a2, type=0x1) returned 0xb00017
[0224.026] GetCurrentObject (hdc=0xfb0107a2, type=0x2) returned 0x900010
[0224.026] GetCurrentObject (hdc=0xfb0107a2, type=0x7) returned 0x4a0507fe
[0224.026] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.026] SaveDC (hdc=0xfb0107a2) returned 1
[0224.026] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xed0407de
[0224.026] GetClipRgn (hdc=0xfb0107a2, hrgn=0xed0407de) returned 0
[0224.027] SelectClipRgn (hdc=0xfb0107a2, hrgn=0x60040807) returned 2
[0224.027] DeleteObject (ho=0xed0407de) returned 1
[0224.027] DeleteObject (ho=0x60040807) returned 1
[0224.027] OffsetViewportOrgEx (in: hdc=0xfb0107a2, x=0, y=0, lppt=0x2e4e29c | out: lppt=0x2e4e29c) returned 1
[0224.027] IsAppThemed () returned 0x1
[0224.027] GetThemeAppProperties () returned 0x3
[0224.027] GetThemeAppProperties () returned 0x3
[0224.027] GetThemeBackgroundContentRect () returned 0x0
[0224.027] RestoreDC (hdc=0xfb0107a2, nSavedDC=-1) returned 1
[0224.027] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107a2) returned 0x0
[0224.027] IsAppThemed () returned 0x1
[0224.027] GetThemeAppProperties () returned 0x3
[0224.027] GetThemeAppProperties () returned 0x3
[0224.027] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0224.027] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0224.027] GetCurrentObject (hdc=0xfb0107a2, type=0x1) returned 0xb00017
[0224.028] GetCurrentObject (hdc=0xfb0107a2, type=0x2) returned 0x900010
[0224.028] GetCurrentObject (hdc=0xfb0107a2, type=0x7) returned 0x4a0507fe
[0224.028] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.028] SaveDC (hdc=0xfb0107a2) returned 1
[0224.028] GetTextAlign (hdc=0xfb0107a2) returned 0x0
[0224.028] GetTextColor (hdc=0xfb0107a2) returned 0x0
[0224.028] GetCurrentObject (hdc=0xfb0107a2, type=0x6) returned 0x8a01c2
[0224.065] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0224.065] SelectObject (hdc=0xfb0107a2, h=0x6d0a0520) returned 0x8a01c2
[0224.065] GetBkMode (hdc=0xfb0107a2) returned 2
[0224.065] SetBkMode (hdc=0xfb0107a2, mode=1) returned 2
[0224.066] DrawTextExW (in: hdc=0xfb0107a2, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e4e63c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0224.066] DrawTextExW (in: hdc=0xfb0107a2, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e4e63c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0224.066] RestoreDC (hdc=0xfb0107a2, nSavedDC=-1) returned 1
[0224.066] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107a2) returned 0x0
[0224.066] GetFocus () returned 0x1b02de
[0224.066] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0224.067] SendMessageW (hWnd=0x1b02da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0224.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0224.067] IsAppThemed () returned 0x1
[0224.067] GetThemeAppProperties () returned 0x3
[0224.067] GetThemeAppProperties () returned 0x3
[0224.067] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0224.067] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xfb0107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0224.067] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107a2) returned 0x0
[0224.067] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0224.067] SelectObject (hdc=0xfb0107a2, h=0x85000f) returned 0x4a0507fe
[0224.067] DeleteDC (hdc=0xfb0107a2) returned 1
[0224.067] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0224.068] EndPaint (hWnd=0x1b02de, lpPaint=0xd7dee4) returned 1
[0224.068] MapWindowPoints (in: hWndFrom=0x1b02de, hWndTo=0x0, lpPoints=0x2e4e738, cPoints=0x1 | out: lpPoints=0x2e4e738) returned 30999254
[0224.068] WindowFromPoint (Point=0x316) returned 0x1b02de
[0224.068] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0224.068] NotifyWinEvent (event=0x800a, hwnd=0x1b02de, idObject=-4, idChild=0)
[0224.068] NotifyWinEvent (event=0x800c, hwnd=0x1b02de, idObject=-4, idChild=0)
[0224.068] GetCapture () returned 0x1b02de
[0224.068] ReleaseCapture () returned 1
[0224.068] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0224.069] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0224.069] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0224.069] IsWindow (hWnd=0x7005c) returned 1
[0224.069] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0224.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0224.070] IsWindow (hWnd=0x1b02da) returned 1
[0224.070] SetActiveWindow (hWnd=0x1b02da) returned 0x1b02da
[0224.070] IsWindow (hWnd=0x1b02da) returned 1
[0224.070] SetFocus (hWnd=0x1b02da) returned 0x1b02de
[0224.071] GetFocus () returned 0x1b02da
[0224.071] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x8, wParam=0x1b02da, lParam=0x0) returned 0x0
[0224.071] GetCapture () returned 0x0
[0224.071] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0224.072] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0224.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0224.077] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0224.077] GetFocus () returned 0x1b02da
[0224.077] SetFocus (hWnd=0x1b02de) returned 0x1b02da
[0224.077] GetFocus () returned 0x1b02de
[0224.077] IsChild (hWndParent=0x1b02da, hWnd=0x1b02de) returned 1
[0224.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x8, wParam=0x1b02de, lParam=0x0) returned 0x0
[0224.078] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0224.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0224.082] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0224.082] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x7, wParam=0x1b02da, lParam=0x0) returned 0x0
[0224.082] GetStockObject (i=5) returned 0x900015
[0224.082] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0224.082] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0224.082] GetDlgItem (hDlg=0x1b02da, nIDDlgItem=1770206) returned 0x1b02de
[0224.083] SendMessageW (hWnd=0x1b02de, Msg=0x202b, wParam=0x1b02de, lParam=0xd7ddcc) returned 0x0
[0224.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x202b, wParam=0x1b02de, lParam=0xd7ddcc) returned 0x0
[0224.083] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0224.085] GetWindowLongW (hWnd=0x1b02da, nIndex=-8) returned 458844
[0224.085] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0224.085] GetCurrentThreadId () returned 0xf50
[0224.086] IsWindow (hWnd=0x7005c) returned 1
[0224.086] IsWindow (hWnd=0x7005c) returned 1
[0224.086] IsWindowVisible (hWnd=0x7005c) returned 1
[0224.086] SetActiveWindow (hWnd=0x7005c) returned 0x1b02da
[0224.086] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0224.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0224.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0224.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0224.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0224.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0224.097] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0224.097] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0224.097] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0224.097] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0224.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0224.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0224.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0224.099] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1b02da) returned 0x1
[0224.102] GetFocus () returned 0x1b02de
[0224.102] SetFocus (hWnd=0x602c4) returned 0x1b02de
[0224.103] GetFocus () returned 0x602c4
[0224.103] IsChild (hWndParent=0x1b02da, hWnd=0x602c4) returned 0
[0224.103] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0224.103] GetCapture () returned 0x0
[0224.103] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0224.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0224.106] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0224.118] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0224.118] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0224.118] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0224.118] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0224.119] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0224.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1b02de, lParam=0x0) returned 0x0
[0224.119] GetStockObject (i=5) returned 0x900015
[0224.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0224.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8f0) returned 0xc
[0224.119] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0224.119] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0224.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0224.119] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0224.142] GetFocus () returned 0x602c4
[0224.142] IsChild (hWndParent=0x1b02da, hWnd=0x602c4) returned 0
[0224.142] ShowWindow (hWnd=0x1b02da, nCmdShow=0) returned 1
[0224.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0224.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0224.145] GetWindowPlacement (in: hWnd=0x1b02da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0224.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0224.145] GetClientRect (in: hWnd=0x1b02da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0224.145] GetWindowRect (in: hWnd=0x1b02da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0224.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0224.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0224.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0224.147] GetWindowLongW (hWnd=0x1b02da, nIndex=-20) returned 327945
[0224.147] DestroyWindow (hWnd=0x1b02da) returned 1
[0224.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0224.148] GetWindowTextLengthW (hWnd=0x1b02da) returned 13
[0224.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0224.148] GetSystemMetrics (nIndex=42) returned 0
[0224.148] GetWindowTextW (in: hWnd=0x1b02da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0224.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0224.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0224.149] GetWindowTextLengthW (hWnd=0x1b02dc) returned 0
[0224.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0224.149] GetSystemMetrics (nIndex=42) returned 0
[0224.149] GetWindowTextW (in: hWnd=0x1b02dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0224.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0224.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0224.149] GetWindowThreadProcessId (in: hWnd=0x1502c8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0224.149] GetWindow (hWnd=0x1502c8, uCmd=0x5) returned 0x0
[0224.149] GetWindowLongW (hWnd=0x1502c8, nIndex=-20) returned 65792
[0224.149] DestroyWindow (hWnd=0x1502c8) returned 1
[0224.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0224.149] GetWindowTextLengthW (hWnd=0x1502c8) returned 25
[0224.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0224.149] GetSystemMetrics (nIndex=42) returned 0
[0224.149] GetWindowTextW (in: hWnd=0x1502c8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0224.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0224.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0224.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1502c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.152] GetWindowTextLengthW (hWnd=0x1e00ea) returned 232
[0224.152] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0224.152] GetSystemMetrics (nIndex=42) returned 0
[0224.152] GetWindowTextW (in: hWnd=0x1e00ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0224.152] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0224.152] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0224.152] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0224.152] InvalidateRect (hWnd=0x1b02de, lpRect=0x0, bErase=0) returned 1
[0224.152] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0224.152] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0224.153] SendMessageW (hWnd=0x1102ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0224.153] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0224.153] SendMessageW (hWnd=0x1102ce, Msg=0xb0, wParam=0x2e223bc, lParam=0xd7e480) returned 0x0
[0224.153] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0xb0, wParam=0x2e223bc, lParam=0xd7e480) returned 0x0
[0224.153] GetWindowTextLengthW (hWnd=0x1102ce) returned 4363
[0224.153] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0224.153] GetSystemMetrics (nIndex=42) returned 0
[0224.153] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0224.153] GetWindowTextW (in: hWnd=0x1102ce, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0224.162] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0224.163] CoTaskMemFree (pv=0x1209508)
[0224.163] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0224.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.165] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.167] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.168] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1b02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1002d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.171] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1102ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.173] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0224.175] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.175] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.175] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.175] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.175] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.175] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0224.176] IsWindowUnicode (hWnd=0x7005c) returned 1
[0224.176] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0224.176] SetCursor (hCursor=0x10003) returned 0x10003
[0224.176] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.176] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.176] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0224.176] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0224.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0224.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1120258) returned 0x0
[0224.177] GetKeyState (nVirtKey=1) returned 1
[0224.177] GetKeyState (nVirtKey=2) returned 0
[0224.177] GetKeyState (nVirtKey=4) returned 0
[0224.177] GetKeyState (nVirtKey=5) returned 0
[0224.177] GetKeyState (nVirtKey=6) returned 0
[0224.177] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0224.177] IsWindowUnicode (hWnd=0x7005c) returned 1
[0224.177] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.178] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.178] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.178] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0224.178] IsWindowUnicode (hWnd=0x7005c) returned 1
[0224.178] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e70316) returned 0x1
[0224.178] SetCursor (hCursor=0x10003) returned 0x10003
[0224.179] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.179] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1120258) returned 0x0
[0224.179] GetKeyState (nVirtKey=1) returned 1
[0224.179] GetKeyState (nVirtKey=2) returned 0
[0224.179] GetKeyState (nVirtKey=4) returned 0
[0224.179] GetKeyState (nVirtKey=5) returned 0
[0224.179] GetKeyState (nVirtKey=6) returned 0
[0224.179] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.179] IsWindowUnicode (hWnd=0x602c4) returned 1
[0224.179] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.180] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.180] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.180] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.181] IsWindowUnicode (hWnd=0x602c4) returned 1
[0224.181] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.181] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.181] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.181] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0224.181] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0224.181] CreateCompatibleDC (hdc=0x10105d6) returned 0x1f0107eb
[0224.181] SelectObject (hdc=0x1f0107eb, h=0x4a0507fe) returned 0x85000f
[0224.181] GdipCreateFromHDC (hdc=0x1f0107eb, graphics=0xd7e798) returned 0x0
[0224.182] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0224.182] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0224.182] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0224.182] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0224.182] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e7f8) returned 0x0
[0224.182] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0224.182] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0224.182] LocalFree (hMem=0x11ee788) returned 0x0
[0224.182] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0224.182] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0224.182] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0224.182] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0224.182] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0224.182] GdipRestoreGraphics (graphics=0x6600030, state=0xf98e0dbd) returned 0x0
[0224.182] GdipDeleteRegion (region=0x6645518) returned 0x0
[0224.183] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0224.183] GetCurrentObject (hdc=0x1f0107eb, type=0x1) returned 0xb00017
[0224.183] GetCurrentObject (hdc=0x1f0107eb, type=0x2) returned 0x900010
[0224.183] GetCurrentObject (hdc=0x1f0107eb, type=0x7) returned 0x4a0507fe
[0224.183] GetCurrentObject (hdc=0x1f0107eb, type=0x6) returned 0x8a01c2
[0224.183] SaveDC (hdc=0x1f0107eb) returned 1
[0224.183] GetNearestColor (hdc=0x1f0107eb, color=0xff) returned 0xff
[0224.183] GetNearestColor (hdc=0x1f0107eb, color=0x55) returned 0x55
[0224.183] GetNearestColor (hdc=0x1f0107eb, color=0x0) returned 0x0
[0224.183] GetNearestColor (hdc=0x1f0107eb, color=0x55) returned 0x55
[0224.183] GetNearestColor (hdc=0x1f0107eb, color=0x0) returned 0x0
[0224.183] GetNearestColor (hdc=0x1f0107eb, color=0x8080ff) returned 0x8080ff
[0224.183] GetNearestColor (hdc=0x1f0107eb, color=0x7373e5) returned 0x7373e5
[0224.184] GetNearestColor (hdc=0x1f0107eb, color=0xe5) returned 0xe5
[0224.184] GetNearestColor (hdc=0x1f0107eb, color=0x0) returned 0x0
[0224.184] RestoreDC (hdc=0x1f0107eb, nSavedDC=-1) returned 1
[0224.184] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107eb) returned 0x0
[0224.184] IsAppThemed () returned 0x1
[0224.184] GetThemeAppProperties () returned 0x3
[0224.184] GetThemeAppProperties () returned 0x3
[0224.184] IsAppThemed () returned 0x1
[0224.184] GetThemeAppProperties () returned 0x3
[0224.184] GetThemeAppProperties () returned 0x3
[0224.184] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e564a4 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0224.190] IsAppThemed () returned 0x1
[0224.190] GetThemeAppProperties () returned 0x3
[0224.190] GetThemeAppProperties () returned 0x3
[0224.190] IsAppThemed () returned 0x1
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] GetFocus () returned 0x602c4
[0224.191] IsAppThemed () returned 0x1
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] IsAppThemed () returned 0x1
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] IsThemePartDefined () returned 0x1
[0224.191] IsAppThemed () returned 0x1
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0224.191] IsAppThemed () returned 0x1
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] GetThemeAppProperties () returned 0x3
[0224.191] IsAppThemed () returned 0x1
[0224.191] GetThemeAppProperties () returned 0x3
[0224.192] GetThemeAppProperties () returned 0x3
[0224.192] IsThemePartDefined () returned 0x1
[0224.192] GdipCreateRegion (region=0xd7e508) returned 0x0
[0224.192] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0224.192] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0224.192] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0224.192] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e520) returned 0x0
[0224.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0224.192] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0224.192] LocalFree (hMem=0x11ee868) returned 0x0
[0224.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0224.192] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0224.192] LocalFree (hMem=0x11eec58) returned 0x0
[0224.192] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0224.192] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e548) returned 0x0
[0224.192] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e538) returned 0x0
[0224.192] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0224.193] GdipDeleteRegion (region=0x6646178) returned 0x0
[0224.193] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0224.193] GetCurrentObject (hdc=0x1f0107eb, type=0x1) returned 0xb00017
[0224.193] GetCurrentObject (hdc=0x1f0107eb, type=0x2) returned 0x900010
[0224.193] GetCurrentObject (hdc=0x1f0107eb, type=0x7) returned 0x4a0507fe
[0224.193] GetCurrentObject (hdc=0x1f0107eb, type=0x6) returned 0x8a01c2
[0224.193] SaveDC (hdc=0x1f0107eb) returned 1
[0224.193] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x61040807
[0224.193] GetClipRgn (hdc=0x1f0107eb, hrgn=0x61040807) returned 0
[0224.193] SelectClipRgn (hdc=0x1f0107eb, hrgn=0xf10407de) returned 2
[0224.193] DeleteObject (ho=0x61040807) returned 1
[0224.193] DeleteObject (ho=0xf10407de) returned 1
[0224.193] OffsetViewportOrgEx (in: hdc=0x1f0107eb, x=0, y=0, lppt=0x2e56b54 | out: lppt=0x2e56b54) returned 1
[0224.193] DrawThemeParentBackground () returned 0x0
[0224.194] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0224.194] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0224.194] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0224.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0224.194] GetSystemMetrics (nIndex=42) returned 0
[0224.194] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0224.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0224.194] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0224.194] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0224.194] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0224.194] SelectPalette (hdc=0x1f0107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0224.194] GdipCreateFromHDC (hdc=0x1f0107eb, graphics=0xd7dff8) returned 0x0
[0224.195] GdipSetPageUnit (graphics=0x66323f0, unit=0x2) returned 0x0
[0224.195] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0224.195] GdipGetWorldTransform (graphics=0x66323f0, matrix=0x6638b78) returned 0x0
[0224.195] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfd0) returned 0x0
[0224.195] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0224.195] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0224.195] GdipGetClip (graphics=0x66323f0, region=0x6645518) returned 0x0
[0224.195] GdipIsInfiniteRegion (region=0x6645518, graphics=0x66323f0, result=0xd7dfc4) returned 0x0
[0224.195] GdipDeleteRegion (region=0x6645518) returned 0x0
[0224.195] GdipSaveGraphics (graphics=0x66323f0, state=0xd7dff0) returned 0x0
[0224.195] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0224.203] GdipFillRectangleI (graphics=0x66323f0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0224.203] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0224.205] GdipDeleteGraphics (graphics=0x66323f0) returned 0x0
[0224.205] SelectPalette (hdc=0x1f0107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0224.205] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0224.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0224.205] GetSystemMetrics (nIndex=42) returned 0
[0224.205] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0224.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0224.205] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0224.205] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0224.206] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0224.206] SelectPalette (hdc=0x1f0107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0224.206] GdipCreateFromHDC (hdc=0x1f0107eb, graphics=0xd7df98) returned 0x0
[0224.206] GdipSetPageUnit (graphics=0x66323f0, unit=0x2) returned 0x0
[0224.206] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0224.206] GdipGetWorldTransform (graphics=0x66323f0, matrix=0x6638ab8) returned 0x0
[0224.206] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df70) returned 0x0
[0224.206] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0224.206] GdipCreateRegion (region=0xd7df58) returned 0x0
[0224.206] GdipGetClip (graphics=0x66323f0, region=0x6645d88) returned 0x0
[0224.206] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x66323f0, result=0xd7df64) returned 0x0
[0224.206] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0224.206] GdipSaveGraphics (graphics=0x66323f0, state=0xd7df90) returned 0x0
[0224.207] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0224.213] GdipFillRectangleI (graphics=0x66323f0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0224.213] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0224.215] GdipRestoreGraphics (graphics=0x66323f0, state=0xf98a0dbd) returned 0x0
[0224.215] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0224.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0224.215] GetSystemMetrics (nIndex=42) returned 0
[0224.215] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0224.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0224.215] GdipDeleteGraphics (graphics=0x66323f0) returned 0x0
[0224.215] SelectPalette (hdc=0x1f0107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0224.221] RestoreDC (hdc=0x1f0107eb, nSavedDC=-1) returned 1
[0224.222] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107eb) returned 0x0
[0224.222] IsAppThemed () returned 0x1
[0224.222] GetThemeAppProperties () returned 0x3
[0224.222] GetThemeAppProperties () returned 0x3
[0224.222] IsAppThemed () returned 0x1
[0224.222] GetThemeAppProperties () returned 0x3
[0224.222] GetThemeAppProperties () returned 0x3
[0224.222] IsThemePartDefined () returned 0x1
[0224.222] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0224.222] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0224.222] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0224.222] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0224.222] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e4a4) returned 0x0
[0224.222] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0224.222] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea60) returned 0x0
[0224.223] LocalFree (hMem=0x11eea60) returned 0x0
[0224.223] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0224.223] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0224.223] LocalFree (hMem=0x11ee788) returned 0x0
[0224.223] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0224.223] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0224.223] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0224.223] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0224.223] GdipDeleteRegion (region=0x6646178) returned 0x0
[0224.223] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0224.223] GetCurrentObject (hdc=0x1f0107eb, type=0x1) returned 0xb00017
[0224.223] GetCurrentObject (hdc=0x1f0107eb, type=0x2) returned 0x900010
[0224.223] GetCurrentObject (hdc=0x1f0107eb, type=0x7) returned 0x4a0507fe
[0224.223] GetCurrentObject (hdc=0x1f0107eb, type=0x6) returned 0x8a01c2
[0224.224] SaveDC (hdc=0x1f0107eb) returned 1
[0224.224] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf20407de
[0224.224] GetClipRgn (hdc=0x1f0107eb, hrgn=0xf20407de) returned 0
[0224.224] SelectClipRgn (hdc=0x1f0107eb, hrgn=0x63040807) returned 2
[0224.224] DeleteObject (ho=0xf20407de) returned 1
[0224.224] DeleteObject (ho=0x63040807) returned 1
[0224.224] OffsetViewportOrgEx (in: hdc=0x1f0107eb, x=0, y=0, lppt=0x2e5d3a4 | out: lppt=0x2e5d3a4) returned 1
[0224.224] IsAppThemed () returned 0x1
[0224.224] GetThemeAppProperties () returned 0x3
[0224.224] GetThemeAppProperties () returned 0x3
[0224.224] DrawThemeBackground () returned 0x0
[0224.224] RestoreDC (hdc=0x1f0107eb, nSavedDC=-1) returned 1
[0224.224] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107eb) returned 0x0
[0224.225] GdipCreateRegion (region=0xd7e490) returned 0x0
[0224.225] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0224.225] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0224.225] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0224.225] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e4a8) returned 0x0
[0224.225] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0224.225] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0224.225] LocalFree (hMem=0x11eec58) returned 0x0
[0224.225] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0224.225] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0224.225] LocalFree (hMem=0x11ee788) returned 0x0
[0224.225] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0224.225] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0224.225] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0224.225] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0224.225] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0224.225] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0224.226] GetCurrentObject (hdc=0x1f0107eb, type=0x1) returned 0xb00017
[0224.226] GetCurrentObject (hdc=0x1f0107eb, type=0x2) returned 0x900010
[0224.226] GetCurrentObject (hdc=0x1f0107eb, type=0x7) returned 0x4a0507fe
[0224.226] GetCurrentObject (hdc=0x1f0107eb, type=0x6) returned 0x8a01c2
[0224.226] SaveDC (hdc=0x1f0107eb) returned 1
[0224.226] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x64040807
[0224.226] GetClipRgn (hdc=0x1f0107eb, hrgn=0x64040807) returned 0
[0224.226] SelectClipRgn (hdc=0x1f0107eb, hrgn=0xf30407de) returned 2
[0224.226] DeleteObject (ho=0x64040807) returned 1
[0224.226] DeleteObject (ho=0xf30407de) returned 1
[0224.226] OffsetViewportOrgEx (in: hdc=0x1f0107eb, x=0, y=0, lppt=0x2e5d678 | out: lppt=0x2e5d678) returned 1
[0224.226] IsAppThemed () returned 0x1
[0224.226] GetThemeAppProperties () returned 0x3
[0224.226] GetThemeAppProperties () returned 0x3
[0224.227] GetThemeBackgroundContentRect () returned 0x0
[0224.227] RestoreDC (hdc=0x1f0107eb, nSavedDC=-1) returned 1
[0224.227] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107eb) returned 0x0
[0224.227] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0224.227] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0224.227] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0224.227] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0224.227] IsAppThemed () returned 0x1
[0224.227] GetThemeAppProperties () returned 0x3
[0224.227] GetThemeAppProperties () returned 0x3
[0224.227] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0224.227] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0224.227] GetCurrentObject (hdc=0x1f0107eb, type=0x1) returned 0xb00017
[0224.227] GetCurrentObject (hdc=0x1f0107eb, type=0x2) returned 0x900010
[0224.228] GetCurrentObject (hdc=0x1f0107eb, type=0x7) returned 0x4a0507fe
[0224.228] GetCurrentObject (hdc=0x1f0107eb, type=0x6) returned 0x8a01c2
[0224.228] SaveDC (hdc=0x1f0107eb) returned 1
[0224.228] GetTextAlign (hdc=0x1f0107eb) returned 0x0
[0224.228] GetTextColor (hdc=0x1f0107eb) returned 0x0
[0224.228] GetCurrentObject (hdc=0x1f0107eb, type=0x6) returned 0x8a01c2
[0224.228] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0224.228] SelectObject (hdc=0x1f0107eb, h=0x6d0a0520) returned 0x8a01c2
[0224.228] GetBkMode (hdc=0x1f0107eb) returned 2
[0224.228] SetBkMode (hdc=0x1f0107eb, mode=1) returned 2
[0224.229] DrawTextExW (in: hdc=0x1f0107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e5da3c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0224.229] DrawTextExW (in: hdc=0x1f0107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e5da3c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0224.229] RestoreDC (hdc=0x1f0107eb, nSavedDC=-1) returned 1
[0224.229] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107eb) returned 0x0
[0224.229] GetFocus () returned 0x602c4
[0224.230] IsAppThemed () returned 0x1
[0224.230] GetThemeAppProperties () returned 0x3
[0224.230] GetThemeAppProperties () returned 0x3
[0224.230] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0224.230] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x1f0107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0224.230] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107eb) returned 0x0
[0224.230] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0224.230] SelectObject (hdc=0x1f0107eb, h=0x85000f) returned 0x4a0507fe
[0224.230] DeleteDC (hdc=0x1f0107eb) returned 1
[0224.230] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0224.230] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0224.231] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.231] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.231] WaitMessage () returned 1
[0224.283] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.283] IsWindowUnicode (hWnd=0x7005c) returned 1
[0224.283] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.283] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.283] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.283] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.283] IsWindowUnicode (hWnd=0x7005c) returned 1
[0224.283] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.283] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.283] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1120258) returned 0x0
[0224.283] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.283] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.283] WaitMessage () returned 1
[0224.320] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.320] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.320] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.320] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.320] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.321] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.321] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.321] WaitMessage () returned 1
[0224.323] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.323] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.323] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.323] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.323] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.324] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.324] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.324] WaitMessage () returned 1
[0224.325] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.325] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.329] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.329] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.329] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.330] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.331] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.331] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.331] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.331] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.331] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.331] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.331] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.331] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.332] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.332] WaitMessage () returned 1
[0224.334] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.334] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.334] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.334] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.334] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.336] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.336] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.336] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.336] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.336] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.337] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.337] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.337] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.337] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.337] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.337] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.338] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.338] WaitMessage () returned 1
[0224.338] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.338] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.338] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.338] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.338] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.339] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.340] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.340] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.340] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.340] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.340] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.340] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.340] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.340] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.340] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.340] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.345] WaitMessage () returned 1
[0224.346] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.346] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.346] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.346] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.347] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.348] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.349] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.349] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.349] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.349] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.349] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.349] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.349] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.349] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.349] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.349] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.351] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.351] WaitMessage () returned 1
[0224.352] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.352] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.352] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.352] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.352] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.353] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.354] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.354] WaitMessage () returned 1
[0224.355] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.355] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.355] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.355] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.355] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.356] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.356] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.356] WaitMessage () returned 1
[0224.360] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.360] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.360] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.360] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.360] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.361] WaitMessage () returned 1
[0224.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.361] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.361] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.362] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.362] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.363] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.363] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.363] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.364] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.364] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.364] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.364] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.364] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.364] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.364] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.364] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.365] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.365] WaitMessage () returned 1
[0224.365] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.365] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.365] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.365] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.365] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.366] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.367] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.367] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.367] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.367] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.367] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.367] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.367] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.367] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.367] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.367] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.368] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.368] WaitMessage () returned 1
[0224.368] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.368] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.368] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.368] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.368] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.369] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.370] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.370] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.370] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.370] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.370] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.370] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.370] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.370] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.370] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.370] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.371] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.371] WaitMessage () returned 1
[0224.372] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.372] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.372] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.372] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.372] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.376] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.376] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.376] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.376] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.377] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.377] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.377] IsWindowUnicode (hWnd=0x30122) returned 1
[0224.377] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.377] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.377] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.377] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.377] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.377] WaitMessage () returned 1
[0224.422] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.422] IsWindowUnicode (hWnd=0x502c6) returned 1
[0224.422] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0224.422] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0224.422] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0224.422] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.422] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0224.422] WaitMessage () returned 1
[0226.153] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.153] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300ff) returned 0x1
[0226.153] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.153] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.153] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0226.153] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0226.153] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0226.153] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.153] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300ff) returned 0x1
[0226.153] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.153] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.153] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300ff) returned 0x1
[0226.154] SetCursor (hCursor=0x10003) returned 0x10003
[0226.154] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0226.154] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0226.154] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0226.154] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0226.154] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0226.154] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0226.154] GetKeyState (nVirtKey=1) returned 1
[0226.154] GetKeyState (nVirtKey=2) returned 0
[0226.154] GetKeyState (nVirtKey=4) returned 0
[0226.154] GetKeyState (nVirtKey=5) returned 0
[0226.154] GetKeyState (nVirtKey=6) returned 0
[0226.154] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.154] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.154] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.154] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0226.154] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0226.154] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0226.155] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.155] CreateCompatibleDC (hdc=0x10105d6) returned 0xab010803
[0226.155] SelectObject (hdc=0xab010803, h=0x4a0507fe) returned 0x85000f
[0226.155] GdipCreateFromHDC (hdc=0xab010803, graphics=0xd7e798) returned 0x0
[0226.155] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.155] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0226.155] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0226.155] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0226.155] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e7f8) returned 0x0
[0226.155] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0226.155] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0226.155] LocalFree (hMem=0x11ee8d8) returned 0x0
[0226.155] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0226.155] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0226.156] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0226.156] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0226.156] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0226.156] GdipRestoreGraphics (graphics=0x6600030, state=0xf9880dbd) returned 0x0
[0226.156] GdipDeleteRegion (region=0x6645098) returned 0x0
[0226.156] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0226.156] GetCurrentObject (hdc=0xab010803, type=0x1) returned 0xb00017
[0226.156] GetCurrentObject (hdc=0xab010803, type=0x2) returned 0x900010
[0226.156] GetCurrentObject (hdc=0xab010803, type=0x7) returned 0x4a0507fe
[0226.156] GetCurrentObject (hdc=0xab010803, type=0x6) returned 0x8a01c2
[0226.156] SaveDC (hdc=0xab010803) returned 1
[0226.156] GetNearestColor (hdc=0xab010803, color=0xff) returned 0xff
[0226.156] GetNearestColor (hdc=0xab010803, color=0x55) returned 0x55
[0226.156] GetNearestColor (hdc=0xab010803, color=0x0) returned 0x0
[0226.156] GetNearestColor (hdc=0xab010803, color=0x55) returned 0x55
[0226.156] GetNearestColor (hdc=0xab010803, color=0x0) returned 0x0
[0226.156] GetNearestColor (hdc=0xab010803, color=0x8080ff) returned 0x8080ff
[0226.157] GetNearestColor (hdc=0xab010803, color=0x7373e5) returned 0x7373e5
[0226.157] GetNearestColor (hdc=0xab010803, color=0xe5) returned 0xe5
[0226.157] GetNearestColor (hdc=0xab010803, color=0x0) returned 0x0
[0226.157] RestoreDC (hdc=0xab010803, nSavedDC=-1) returned 1
[0226.157] GdipReleaseDC (graphics=0x6600030, hdc=0xab010803) returned 0x0
[0226.157] IsAppThemed () returned 0x1
[0226.157] GetThemeAppProperties () returned 0x3
[0226.157] GetThemeAppProperties () returned 0x3
[0226.157] IsAppThemed () returned 0x1
[0226.157] GetThemeAppProperties () returned 0x3
[0226.157] GetThemeAppProperties () returned 0x3
[0226.157] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e5e484 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0226.157] IsAppThemed () returned 0x1
[0226.157] GetThemeAppProperties () returned 0x3
[0226.157] GetThemeAppProperties () returned 0x3
[0226.157] IsAppThemed () returned 0x1
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] IsAppThemed () returned 0x1
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] IsAppThemed () returned 0x1
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] IsThemePartDefined () returned 0x1
[0226.158] IsAppThemed () returned 0x1
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0226.158] IsAppThemed () returned 0x1
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] IsAppThemed () returned 0x1
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] GetThemeAppProperties () returned 0x3
[0226.158] IsThemePartDefined () returned 0x1
[0226.158] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0226.158] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0226.158] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0226.158] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0226.158] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e514) returned 0x0
[0226.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0226.158] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0226.159] LocalFree (hMem=0x11ee868) returned 0x0
[0226.159] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0226.159] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0226.159] LocalFree (hMem=0x11eec58) returned 0x0
[0226.159] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0226.159] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0226.159] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0226.159] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0226.159] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0226.159] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0226.159] GetCurrentObject (hdc=0xab010803, type=0x1) returned 0xb00017
[0226.159] GetCurrentObject (hdc=0xab010803, type=0x2) returned 0x900010
[0226.159] GetCurrentObject (hdc=0xab010803, type=0x7) returned 0x4a0507fe
[0226.159] GetCurrentObject (hdc=0xab010803, type=0x6) returned 0x8a01c2
[0226.159] SaveDC (hdc=0xab010803) returned 1
[0226.159] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf40407de
[0226.159] GetClipRgn (hdc=0xab010803, hrgn=0xf40407de) returned 0
[0226.160] SelectClipRgn (hdc=0xab010803, hrgn=0x68040807) returned 2
[0226.160] DeleteObject (ho=0xf40407de) returned 1
[0226.160] DeleteObject (ho=0x68040807) returned 1
[0226.160] OffsetViewportOrgEx (in: hdc=0xab010803, x=0, y=0, lppt=0x2e5eb34 | out: lppt=0x2e5eb34) returned 1
[0226.160] DrawThemeParentBackground () returned 0x0
[0226.160] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0226.160] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0226.160] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.160] GetSystemMetrics (nIndex=42) returned 0
[0226.160] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0226.160] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0226.160] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0226.160] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0226.160] SelectPalette (hdc=0xab010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.161] GdipCreateFromHDC (hdc=0xab010803, graphics=0xd7dff0) returned 0x0
[0226.161] GdipSetPageUnit (graphics=0x66323f0, unit=0x2) returned 0x0
[0226.161] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0226.161] GdipGetWorldTransform (graphics=0x66323f0, matrix=0x6638ae8) returned 0x0
[0226.161] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfc8) returned 0x0
[0226.161] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0226.161] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0226.161] GdipGetClip (graphics=0x66323f0, region=0x6646058) returned 0x0
[0226.161] GdipIsInfiniteRegion (region=0x6646058, graphics=0x66323f0, result=0xd7dfbc) returned 0x0
[0226.161] GdipDeleteRegion (region=0x6646058) returned 0x0
[0226.161] GdipSaveGraphics (graphics=0x66323f0, state=0xd7dfe8) returned 0x0
[0226.161] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0226.169] GdipFillRectangleI (graphics=0x66323f0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0226.169] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0226.170] GdipDeleteGraphics (graphics=0x66323f0) returned 0x0
[0226.171] SelectPalette (hdc=0xab010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.171] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.171] GetSystemMetrics (nIndex=42) returned 0
[0226.171] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0226.171] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0226.171] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0226.171] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0226.171] SelectPalette (hdc=0xab010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.171] GdipCreateFromHDC (hdc=0xab010803, graphics=0xd7df90) returned 0x0
[0226.171] GdipSetPageUnit (graphics=0x66323f0, unit=0x2) returned 0x0
[0226.171] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0226.172] GdipGetWorldTransform (graphics=0x66323f0, matrix=0x6638bd8) returned 0x0
[0226.172] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df68) returned 0x0
[0226.172] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0226.172] GdipCreateRegion (region=0xd7df50) returned 0x0
[0226.172] GdipGetClip (graphics=0x66323f0, region=0x6645908) returned 0x0
[0226.172] GdipIsInfiniteRegion (region=0x6645908, graphics=0x66323f0, result=0xd7df5c) returned 0x0
[0226.172] GdipDeleteRegion (region=0x6645908) returned 0x0
[0226.172] GdipSaveGraphics (graphics=0x66323f0, state=0xd7df88) returned 0x0
[0226.172] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0226.178] GdipFillRectangleI (graphics=0x66323f0, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0226.179] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0226.180] GdipRestoreGraphics (graphics=0x66323f0, state=0xf9840dbd) returned 0x0
[0226.180] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.180] GetSystemMetrics (nIndex=42) returned 0
[0226.180] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0226.180] GdipDeleteGraphics (graphics=0x66323f0) returned 0x0
[0226.181] SelectPalette (hdc=0xab010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.181] RestoreDC (hdc=0xab010803, nSavedDC=-1) returned 1
[0226.181] GdipReleaseDC (graphics=0x6600030, hdc=0xab010803) returned 0x0
[0226.181] IsAppThemed () returned 0x1
[0226.181] GetThemeAppProperties () returned 0x3
[0226.181] GetThemeAppProperties () returned 0x3
[0226.181] IsAppThemed () returned 0x1
[0226.181] GetThemeAppProperties () returned 0x3
[0226.181] GetThemeAppProperties () returned 0x3
[0226.181] IsThemePartDefined () returned 0x1
[0226.181] GdipCreateRegion (region=0xd7e480) returned 0x0
[0226.181] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0226.181] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0226.181] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0226.181] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0226.182] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0226.182] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0226.182] LocalFree (hMem=0x11eec58) returned 0x0
[0226.182] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0226.182] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0226.182] LocalFree (hMem=0x11eec58) returned 0x0
[0226.182] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0226.182] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0226.182] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0226.182] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0226.182] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0226.182] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0226.182] GetCurrentObject (hdc=0xab010803, type=0x1) returned 0xb00017
[0226.182] GetCurrentObject (hdc=0xab010803, type=0x2) returned 0x900010
[0226.182] GetCurrentObject (hdc=0xab010803, type=0x7) returned 0x4a0507fe
[0226.182] GetCurrentObject (hdc=0xab010803, type=0x6) returned 0x8a01c2
[0226.183] SaveDC (hdc=0xab010803) returned 1
[0226.183] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x69040807
[0226.183] GetClipRgn (hdc=0xab010803, hrgn=0x69040807) returned 0
[0226.183] SelectClipRgn (hdc=0xab010803, hrgn=0xf60407de) returned 2
[0226.183] DeleteObject (ho=0x69040807) returned 1
[0226.183] DeleteObject (ho=0xf60407de) returned 1
[0226.183] OffsetViewportOrgEx (in: hdc=0xab010803, x=0, y=0, lppt=0x2e65384 | out: lppt=0x2e65384) returned 1
[0226.183] IsAppThemed () returned 0x1
[0226.183] GetThemeAppProperties () returned 0x3
[0226.183] GetThemeAppProperties () returned 0x3
[0226.183] DrawThemeBackground () returned 0x0
[0226.183] RestoreDC (hdc=0xab010803, nSavedDC=-1) returned 1
[0226.183] GdipReleaseDC (graphics=0x6600030, hdc=0xab010803) returned 0x0
[0226.183] GdipCreateRegion (region=0xd7e484) returned 0x0
[0226.183] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0226.184] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0226.184] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0226.184] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e49c) returned 0x0
[0226.184] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.184] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0226.184] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.184] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0226.184] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0226.184] LocalFree (hMem=0x11eec58) returned 0x0
[0226.184] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0226.184] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0226.184] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0226.184] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0226.184] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0226.184] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0226.184] GetCurrentObject (hdc=0xab010803, type=0x1) returned 0xb00017
[0226.184] GetCurrentObject (hdc=0xab010803, type=0x2) returned 0x900010
[0226.185] GetCurrentObject (hdc=0xab010803, type=0x7) returned 0x4a0507fe
[0226.185] GetCurrentObject (hdc=0xab010803, type=0x6) returned 0x8a01c2
[0226.185] SaveDC (hdc=0xab010803) returned 1
[0226.185] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf70407de
[0226.185] GetClipRgn (hdc=0xab010803, hrgn=0xf70407de) returned 0
[0226.185] SelectClipRgn (hdc=0xab010803, hrgn=0x6a040807) returned 2
[0226.185] DeleteObject (ho=0xf70407de) returned 1
[0226.185] DeleteObject (ho=0x6a040807) returned 1
[0226.185] OffsetViewportOrgEx (in: hdc=0xab010803, x=0, y=0, lppt=0x2e65658 | out: lppt=0x2e65658) returned 1
[0226.185] IsAppThemed () returned 0x1
[0226.185] GetThemeAppProperties () returned 0x3
[0226.185] GetThemeAppProperties () returned 0x3
[0226.185] GetThemeBackgroundContentRect () returned 0x0
[0226.185] RestoreDC (hdc=0xab010803, nSavedDC=-1) returned 1
[0226.185] GdipReleaseDC (graphics=0x6600030, hdc=0xab010803) returned 0x0
[0226.185] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0226.186] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0226.186] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0226.186] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0226.186] IsAppThemed () returned 0x1
[0226.186] GetThemeAppProperties () returned 0x3
[0226.186] GetThemeAppProperties () returned 0x3
[0226.186] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0226.186] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0226.186] GetCurrentObject (hdc=0xab010803, type=0x1) returned 0xb00017
[0226.186] GetCurrentObject (hdc=0xab010803, type=0x2) returned 0x900010
[0226.186] GetCurrentObject (hdc=0xab010803, type=0x7) returned 0x4a0507fe
[0226.186] GetCurrentObject (hdc=0xab010803, type=0x6) returned 0x8a01c2
[0226.186] SaveDC (hdc=0xab010803) returned 1
[0226.186] GetTextAlign (hdc=0xab010803) returned 0x0
[0226.186] GetTextColor (hdc=0xab010803) returned 0x0
[0226.186] GetCurrentObject (hdc=0xab010803, type=0x6) returned 0x8a01c2
[0226.187] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0226.187] SelectObject (hdc=0xab010803, h=0x6d0a0520) returned 0x8a01c2
[0226.187] GetBkMode (hdc=0xab010803) returned 2
[0226.187] SetBkMode (hdc=0xab010803, mode=1) returned 2
[0226.187] DrawTextExW (in: hdc=0xab010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e65a1c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0226.187] DrawTextExW (in: hdc=0xab010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e65a1c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0226.188] RestoreDC (hdc=0xab010803, nSavedDC=-1) returned 1
[0226.188] GdipReleaseDC (graphics=0x6600030, hdc=0xab010803) returned 0x0
[0226.188] GetFocus () returned 0x602c4
[0226.188] IsAppThemed () returned 0x1
[0226.188] GetThemeAppProperties () returned 0x3
[0226.188] GetThemeAppProperties () returned 0x3
[0226.188] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0226.188] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xab010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.188] GdipReleaseDC (graphics=0x6600030, hdc=0xab010803) returned 0x0
[0226.188] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.189] SelectObject (hdc=0xab010803, h=0x85000f) returned 0x4a0507fe
[0226.189] DeleteDC (hdc=0xab010803) returned 1
[0226.189] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.189] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0226.189] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0226.189] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0226.189] WaitMessage () returned 1
[0226.263] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.263] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.263] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.263] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0226.263] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0226.263] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.263] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.263] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.263] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0226.263] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0226.263] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0024) returned 0x0
[0226.264] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0226.264] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0226.264] WaitMessage () returned 1
[0226.418] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300ff) returned 0x1
[0226.418] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.418] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300ff) returned 0x1
[0226.419] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0226.419] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e0041) returned 0x0
[0226.419] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0226.419] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0226.419] SetCursor (hCursor=0x10003) returned 0x10003
[0226.419] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0226.419] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0226.419] GetKeyState (nVirtKey=1) returned -128
[0226.419] GetKeyState (nVirtKey=2) returned 0
[0226.419] GetKeyState (nVirtKey=4) returned 0
[0226.419] GetKeyState (nVirtKey=5) returned 0
[0226.419] GetKeyState (nVirtKey=6) returned 0
[0226.419] IsWindowVisible (hWnd=0x602c4) returned 1
[0226.419] IsWindowEnabled (hWnd=0x602c4) returned 1
[0226.420] SetFocus (hWnd=0x602c4) returned 0x602c4
[0226.420] GetFocus () returned 0x602c4
[0226.420] GetFocus () returned 0x602c4
[0226.420] GetFocus () returned 0x602c4
[0226.420] GetKeyState (nVirtKey=1) returned -128
[0226.420] GetKeyState (nVirtKey=2) returned 0
[0226.420] GetKeyState (nVirtKey=4) returned 0
[0226.420] GetKeyState (nVirtKey=5) returned 0
[0226.420] GetKeyState (nVirtKey=6) returned 0
[0226.420] GetCapture () returned 0x0
[0226.420] SetCapture (hWnd=0x602c4) returned 0x0
[0226.420] GetKeyState (nVirtKey=1) returned -128
[0226.420] GetKeyState (nVirtKey=2) returned 0
[0226.420] GetKeyState (nVirtKey=4) returned 0
[0226.420] GetKeyState (nVirtKey=5) returned 0
[0226.420] GetKeyState (nVirtKey=6) returned 0
[0226.420] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0226.420] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0226.420] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.421] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.421] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0226.421] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0226.421] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0226.421] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e65ba0, cPoints=0x1 | out: lpPoints=0x2e65ba0) returned 40304859
[0226.421] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0226.421] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0226.421] UpdateWindow (hWnd=0x602c4) returned 1
[0226.421] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0226.421] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.421] CreateCompatibleDC (hdc=0x10105d6) returned 0xac010803
[0226.421] SelectObject (hdc=0xac010803, h=0x4a0507fe) returned 0x85000f
[0226.421] GdipCreateFromHDC (hdc=0xac010803, graphics=0xd7e430) returned 0x0
[0226.422] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.422] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0226.422] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0226.422] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0226.422] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e490) returned 0x0
[0226.422] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.422] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0226.422] LocalFree (hMem=0x11ee788) returned 0x0
[0226.422] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0226.422] GdipCreateRegion (region=0xd7e478) returned 0x0
[0226.422] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0226.422] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0226.422] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0226.422] GdipRestoreGraphics (graphics=0x6600030, state=0xf9820dbd) returned 0x0
[0226.422] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0226.423] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0226.423] GetCurrentObject (hdc=0xac010803, type=0x1) returned 0xb00017
[0226.423] GetCurrentObject (hdc=0xac010803, type=0x2) returned 0x900010
[0226.423] GetCurrentObject (hdc=0xac010803, type=0x7) returned 0x4a0507fe
[0226.423] GetCurrentObject (hdc=0xac010803, type=0x6) returned 0x8a01c2
[0226.423] SaveDC (hdc=0xac010803) returned 1
[0226.423] GetNearestColor (hdc=0xac010803, color=0xff) returned 0xff
[0226.423] GetNearestColor (hdc=0xac010803, color=0x55) returned 0x55
[0226.423] GetNearestColor (hdc=0xac010803, color=0x0) returned 0x0
[0226.423] GetNearestColor (hdc=0xac010803, color=0x55) returned 0x55
[0226.423] GetNearestColor (hdc=0xac010803, color=0x0) returned 0x0
[0226.424] GetNearestColor (hdc=0xac010803, color=0x8080ff) returned 0x8080ff
[0226.424] GetNearestColor (hdc=0xac010803, color=0x7373e5) returned 0x7373e5
[0226.424] GetNearestColor (hdc=0xac010803, color=0xe5) returned 0xe5
[0226.424] GetNearestColor (hdc=0xac010803, color=0x0) returned 0x0
[0226.424] RestoreDC (hdc=0xac010803, nSavedDC=-1) returned 1
[0226.424] GdipReleaseDC (graphics=0x6600030, hdc=0xac010803) returned 0x0
[0226.424] IsAppThemed () returned 0x1
[0226.424] GetThemeAppProperties () returned 0x3
[0226.424] GetThemeAppProperties () returned 0x3
[0226.424] IsAppThemed () returned 0x1
[0226.424] GetThemeAppProperties () returned 0x3
[0226.424] GetThemeAppProperties () returned 0x3
[0226.424] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e662bc | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0226.425] IsAppThemed () returned 0x1
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] IsAppThemed () returned 0x1
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] IsAppThemed () returned 0x1
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] IsAppThemed () returned 0x1
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] GetThemeAppProperties () returned 0x3
[0226.425] IsThemePartDefined () returned 0x1
[0226.425] IsAppThemed () returned 0x1
[0226.426] GetThemeAppProperties () returned 0x3
[0226.426] GetThemeAppProperties () returned 0x3
[0226.426] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0226.426] IsAppThemed () returned 0x1
[0226.426] GetThemeAppProperties () returned 0x3
[0226.426] GetThemeAppProperties () returned 0x3
[0226.426] IsAppThemed () returned 0x1
[0226.426] GetThemeAppProperties () returned 0x3
[0226.426] GetThemeAppProperties () returned 0x3
[0226.426] IsThemePartDefined () returned 0x1
[0226.426] GdipCreateRegion (region=0xd7e194) returned 0x0
[0226.426] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0226.426] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0226.426] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0226.426] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e1ac) returned 0x0
[0226.426] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.426] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0226.427] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.427] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.427] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0226.427] LocalFree (hMem=0x11ee788) returned 0x0
[0226.427] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0226.427] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0226.427] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0226.427] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0226.427] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0226.427] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0226.427] GetCurrentObject (hdc=0xac010803, type=0x1) returned 0xb00017
[0226.427] GetCurrentObject (hdc=0xac010803, type=0x2) returned 0x900010
[0226.427] GetCurrentObject (hdc=0xac010803, type=0x7) returned 0x4a0507fe
[0226.427] GetCurrentObject (hdc=0xac010803, type=0x6) returned 0x8a01c2
[0226.427] SaveDC (hdc=0xac010803) returned 1
[0226.428] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b040807
[0226.428] GetClipRgn (hdc=0xac010803, hrgn=0x6b040807) returned 0
[0226.428] SelectClipRgn (hdc=0xac010803, hrgn=0xfb0407de) returned 2
[0226.428] DeleteObject (ho=0x6b040807) returned 1
[0226.428] DeleteObject (ho=0xfb0407de) returned 1
[0226.428] OffsetViewportOrgEx (in: hdc=0xac010803, x=0, y=0, lppt=0x2e6696c | out: lppt=0x2e6696c) returned 1
[0226.428] DrawThemeParentBackground () returned 0x0
[0226.428] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0226.428] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0226.428] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.428] GetSystemMetrics (nIndex=42) returned 0
[0226.429] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0226.429] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0226.429] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0226.429] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0226.429] SelectPalette (hdc=0xac010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.429] GdipCreateFromHDC (hdc=0xac010803, graphics=0xd7dc88) returned 0x0
[0226.429] GdipSetPageUnit (graphics=0x66323f0, unit=0x2) returned 0x0
[0226.429] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0226.429] GdipGetWorldTransform (graphics=0x66323f0, matrix=0x6638b48) returned 0x0
[0226.429] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc60) returned 0x0
[0226.429] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0226.430] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0226.430] GdipGetClip (graphics=0x66323f0, region=0x6645518) returned 0x0
[0226.430] GdipIsInfiniteRegion (region=0x6645518, graphics=0x66323f0, result=0xd7dc54) returned 0x0
[0226.430] GdipDeleteRegion (region=0x6645518) returned 0x0
[0226.430] GdipSaveGraphics (graphics=0x66323f0, state=0xd7dc80) returned 0x0
[0226.430] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0226.438] GdipFillRectangleI (graphics=0x66323f0, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0226.438] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0226.439] GdipDeleteGraphics (graphics=0x66323f0) returned 0x0
[0226.439] SelectPalette (hdc=0xac010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.439] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.440] GetSystemMetrics (nIndex=42) returned 0
[0226.440] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0226.440] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0226.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0226.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0226.440] SelectPalette (hdc=0xac010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.440] GdipCreateFromHDC (hdc=0xac010803, graphics=0xd7dc28) returned 0x0
[0226.440] GdipSetPageUnit (graphics=0x66323f0, unit=0x2) returned 0x0
[0226.440] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0226.440] GdipGetWorldTransform (graphics=0x66323f0, matrix=0x6638ae8) returned 0x0
[0226.440] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc00) returned 0x0
[0226.440] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0226.440] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0226.441] GdipGetClip (graphics=0x66323f0, region=0x6645098) returned 0x0
[0226.441] GdipIsInfiniteRegion (region=0x6645098, graphics=0x66323f0, result=0xd7dbf4) returned 0x0
[0226.441] GdipDeleteRegion (region=0x6645098) returned 0x0
[0226.441] GdipSaveGraphics (graphics=0x66323f0, state=0xd7dc20) returned 0x0
[0226.441] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0226.448] GdipFillRectangleI (graphics=0x66323f0, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0226.448] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0226.449] GdipRestoreGraphics (graphics=0x66323f0, state=0xf97e0dbd) returned 0x0
[0226.449] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.450] GetSystemMetrics (nIndex=42) returned 0
[0226.450] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0226.450] GdipDeleteGraphics (graphics=0x66323f0) returned 0x0
[0226.450] SelectPalette (hdc=0xac010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.450] RestoreDC (hdc=0xac010803, nSavedDC=-1) returned 1
[0226.451] GdipReleaseDC (graphics=0x6600030, hdc=0xac010803) returned 0x0
[0226.451] IsAppThemed () returned 0x1
[0226.451] GetThemeAppProperties () returned 0x3
[0226.451] GetThemeAppProperties () returned 0x3
[0226.451] IsAppThemed () returned 0x1
[0226.451] GetThemeAppProperties () returned 0x3
[0226.451] GetThemeAppProperties () returned 0x3
[0226.451] IsThemePartDefined () returned 0x1
[0226.451] GdipCreateRegion (region=0xd7e118) returned 0x0
[0226.451] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0226.451] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0226.451] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0226.451] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e130) returned 0x0
[0226.451] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0226.451] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea60) returned 0x0
[0226.451] LocalFree (hMem=0x11eea60) returned 0x0
[0226.451] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.452] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0226.452] LocalFree (hMem=0x11ee788) returned 0x0
[0226.452] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0226.452] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e158) returned 0x0
[0226.452] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e148) returned 0x0
[0226.452] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0226.452] GdipDeleteRegion (region=0x6646178) returned 0x0
[0226.452] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0226.452] GetCurrentObject (hdc=0xac010803, type=0x1) returned 0xb00017
[0226.452] GetCurrentObject (hdc=0xac010803, type=0x2) returned 0x900010
[0226.452] GetCurrentObject (hdc=0xac010803, type=0x7) returned 0x4a0507fe
[0226.452] GetCurrentObject (hdc=0xac010803, type=0x6) returned 0x8a01c2
[0226.452] SaveDC (hdc=0xac010803) returned 1
[0226.452] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfc0407de
[0226.452] GetClipRgn (hdc=0xac010803, hrgn=0xfc0407de) returned 0
[0226.453] SelectClipRgn (hdc=0xac010803, hrgn=0x6d040807) returned 2
[0226.453] DeleteObject (ho=0xfc0407de) returned 1
[0226.453] DeleteObject (ho=0x6d040807) returned 1
[0226.453] OffsetViewportOrgEx (in: hdc=0xac010803, x=0, y=0, lppt=0x2e6d1bc | out: lppt=0x2e6d1bc) returned 1
[0226.453] IsAppThemed () returned 0x1
[0226.453] GetThemeAppProperties () returned 0x3
[0226.453] GetThemeAppProperties () returned 0x3
[0226.453] DrawThemeBackground () returned 0x0
[0226.453] RestoreDC (hdc=0xac010803, nSavedDC=-1) returned 1
[0226.453] GdipReleaseDC (graphics=0x6600030, hdc=0xac010803) returned 0x0
[0226.453] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0226.453] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0226.453] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0226.453] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0226.453] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e134) returned 0x0
[0226.453] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0226.453] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea60) returned 0x0
[0226.454] LocalFree (hMem=0x11eea60) returned 0x0
[0226.454] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0226.454] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0226.454] LocalFree (hMem=0x11eec58) returned 0x0
[0226.454] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0226.454] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0226.454] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0226.454] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0226.454] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0226.454] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0226.454] GetCurrentObject (hdc=0xac010803, type=0x1) returned 0xb00017
[0226.454] GetCurrentObject (hdc=0xac010803, type=0x2) returned 0x900010
[0226.454] GetCurrentObject (hdc=0xac010803, type=0x7) returned 0x4a0507fe
[0226.454] GetCurrentObject (hdc=0xac010803, type=0x6) returned 0x8a01c2
[0226.454] SaveDC (hdc=0xac010803) returned 1
[0226.455] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e040807
[0226.455] GetClipRgn (hdc=0xac010803, hrgn=0x6e040807) returned 0
[0226.455] SelectClipRgn (hdc=0xac010803, hrgn=0xfd0407de) returned 2
[0226.455] DeleteObject (ho=0x6e040807) returned 1
[0226.455] DeleteObject (ho=0xfd0407de) returned 1
[0226.455] OffsetViewportOrgEx (in: hdc=0xac010803, x=0, y=0, lppt=0x2e6d490 | out: lppt=0x2e6d490) returned 1
[0226.455] IsAppThemed () returned 0x1
[0226.455] GetThemeAppProperties () returned 0x3
[0226.455] GetThemeAppProperties () returned 0x3
[0226.455] GetThemeBackgroundContentRect () returned 0x0
[0226.455] RestoreDC (hdc=0xac010803, nSavedDC=-1) returned 1
[0226.455] GdipReleaseDC (graphics=0x6600030, hdc=0xac010803) returned 0x0
[0226.455] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0226.455] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0226.455] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0226.455] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0226.455] IsAppThemed () returned 0x1
[0226.456] GetThemeAppProperties () returned 0x3
[0226.456] GetThemeAppProperties () returned 0x3
[0226.456] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0226.456] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0226.456] GetCurrentObject (hdc=0xac010803, type=0x1) returned 0xb00017
[0226.456] GetCurrentObject (hdc=0xac010803, type=0x2) returned 0x900010
[0226.456] GetCurrentObject (hdc=0xac010803, type=0x7) returned 0x4a0507fe
[0226.456] GetCurrentObject (hdc=0xac010803, type=0x6) returned 0x8a01c2
[0226.456] SaveDC (hdc=0xac010803) returned 1
[0226.456] GetTextAlign (hdc=0xac010803) returned 0x0
[0226.456] GetTextColor (hdc=0xac010803) returned 0x0
[0226.456] GetCurrentObject (hdc=0xac010803, type=0x6) returned 0x8a01c2
[0226.456] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0226.456] SelectObject (hdc=0xac010803, h=0x6d0a0520) returned 0x8a01c2
[0226.457] GetBkMode (hdc=0xac010803) returned 2
[0226.457] SetBkMode (hdc=0xac010803, mode=1) returned 2
[0226.457] DrawTextExW (in: hdc=0xac010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e6d854 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0226.457] DrawTextExW (in: hdc=0xac010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e6d854 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0226.457] RestoreDC (hdc=0xac010803, nSavedDC=-1) returned 1
[0226.458] GdipReleaseDC (graphics=0x6600030, hdc=0xac010803) returned 0x0
[0226.458] GetFocus () returned 0x602c4
[0226.458] IsAppThemed () returned 0x1
[0226.458] GetThemeAppProperties () returned 0x3
[0226.458] GetThemeAppProperties () returned 0x3
[0226.458] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0226.458] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xac010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.458] GdipReleaseDC (graphics=0x6600030, hdc=0xac010803) returned 0x0
[0226.458] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.459] SelectObject (hdc=0xac010803, h=0x85000f) returned 0x4a0507fe
[0226.459] DeleteDC (hdc=0xac010803) returned 1
[0226.459] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.459] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0226.459] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e6d950, cPoints=0x1 | out: lpPoints=0x2e6d950) returned 40304859
[0226.459] WindowFromPoint (Point=0xff) returned 0x602c4
[0226.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300ff) returned 0x1
[0226.459] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0226.459] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0226.459] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0226.459] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0226.460] GetSystemMetrics (nIndex=42) returned 0
[0226.460] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0226.460] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0226.462] GetCapture () returned 0x602c4
[0226.462] ReleaseCapture () returned 1
[0226.462] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0226.462] GetProcessWindowStation () returned 0x13c
[0226.462] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.463] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0226.463] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.463] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0226.463] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.463] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0226.464] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.464] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0226.464] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.464] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0226.465] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.465] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0226.465] GetDC (hWnd=0x0) returned 0x107b9
[0226.465] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0226.465] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0226.465] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.465] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0226.465] GetSystemMetrics (nIndex=5) returned 1
[0226.466] GetSystemMetrics (nIndex=6) returned 1
[0226.466] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.467] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0226.467] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.467] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0226.471] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0226.471] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0226.471] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.471] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0226.471] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.471] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0226.473] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e7336c | out: lpData=0x2e7336c) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7377c, puLen=0xd7e810) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73424, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73478, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e734f8, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73560, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e735a0, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73628, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73664, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e736bc, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e736ec, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73728, puLen=0xd7e790) returned 1
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.474] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7377c, puLen=0xd7e784) returned 1
[0226.474] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.475] VerQueryValueW (in: pBlock=0x2e7336c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e73394, puLen=0xd7e794) returned 1
[0226.475] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0226.475] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0226.475] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.476] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0226.476] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.476] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0226.476] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e752dc | out: lpData=0x2e752dc) returned 1
[0226.476] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e75378, puLen=0xd7e810) returned 1
[0226.476] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e753f0, puLen=0xd7e790) returned 1
[0226.476] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e75420, puLen=0xd7e790) returned 1
[0226.476] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7545c, puLen=0xd7e790) returned 1
[0226.476] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7548c, puLen=0xd7e790) returned 1
[0226.476] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e754d4, puLen=0xd7e790) returned 1
[0226.476] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7554c, puLen=0xd7e790) returned 1
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e75590, puLen=0xd7e790) returned 1
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e755d0, puLen=0xd7e790) returned 1
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e753ce, puLen=0xd7e790) returned 1
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7551c, puLen=0xd7e790) returned 1
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e75378, puLen=0xd7e784) returned 1
[0226.477] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0226.477] VerQueryValueW (in: pBlock=0x2e752dc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e75304, puLen=0xd7e794) returned 1
[0226.478] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0226.478] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0226.478] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.478] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0226.478] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.478] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0226.479] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e775b4 | out: lpData=0x2e775b4) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e779c8, puLen=0xd7e810) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7766c, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e776c0, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7771c, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7777c, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e777d4, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7785c, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e778b0, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e77908, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e77938, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e77974, puLen=0xd7e790) returned 1
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.480] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e779c8, puLen=0xd7e784) returned 1
[0226.481] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.481] VerQueryValueW (in: pBlock=0x2e775b4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e775dc, puLen=0xd7e794) returned 1
[0226.484] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0226.485] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0226.485] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.485] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0226.485] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.485] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0226.486] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e79bec | out: lpData=0x2e79bec) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e79fec, puLen=0xd7e810) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79ca4, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79cf8, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79d38, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79da0, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79df8, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79e80, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79ed4, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79f2c, puLen=0xd7e790) returned 1
[0226.487] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79f5c, puLen=0xd7e790) returned 1
[0226.488] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.488] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e79f98, puLen=0xd7e790) returned 1
[0226.488] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.488] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e79fec, puLen=0xd7e784) returned 1
[0226.488] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.488] VerQueryValueW (in: pBlock=0x2e79bec, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e79c14, puLen=0xd7e794) returned 1
[0226.489] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0226.489] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0226.489] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.489] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0226.489] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.489] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0226.490] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e7c328 | out: lpData=0x2e7c328) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7c6f0, puLen=0xd7e810) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c3e0, puLen=0xd7e790) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c434, puLen=0xd7e790) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c474, puLen=0xd7e790) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c4dc, puLen=0xd7e790) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c518, puLen=0xd7e790) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c5a0, puLen=0xd7e790) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c5d8, puLen=0xd7e790) returned 1
[0226.491] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c630, puLen=0xd7e790) returned 1
[0226.492] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c660, puLen=0xd7e790) returned 1
[0226.492] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.492] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c69c, puLen=0xd7e790) returned 1
[0226.492] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.492] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7c6f0, puLen=0xd7e784) returned 1
[0226.492] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.492] VerQueryValueW (in: pBlock=0x2e7c328, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7c350, puLen=0xd7e794) returned 1
[0226.493] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0226.493] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0226.493] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.493] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0226.493] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.494] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0226.494] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e7f990 | out: lpData=0x2e7f990) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7fd70, puLen=0xd7e810) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fa48, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fa9c, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fadc, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fb3c, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fb88, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fc10, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fc58, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fcb0, puLen=0xd7e790) returned 1
[0226.495] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fce0, puLen=0xd7e790) returned 1
[0226.496] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.496] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7fd1c, puLen=0xd7e790) returned 1
[0226.496] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.496] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7fd70, puLen=0xd7e784) returned 1
[0226.496] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.496] VerQueryValueW (in: pBlock=0x2e7f990, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7f9b8, puLen=0xd7e794) returned 1
[0226.497] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0226.497] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0226.497] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.497] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0226.497] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.497] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0226.498] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e821b0 | out: lpData=0x2e821b0) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e825bc, puLen=0xd7e810) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82268, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e822bc, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82310, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82370, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e823c8, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82450, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e824a4, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e824fc, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8252c, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82568, puLen=0xd7e790) returned 1
[0226.499] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.500] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e825bc, puLen=0xd7e784) returned 1
[0226.500] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.500] VerQueryValueW (in: pBlock=0x2e821b0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e821d8, puLen=0xd7e794) returned 1
[0226.501] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0226.501] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0226.501] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.501] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0226.501] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.501] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0226.502] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e849c4 | out: lpData=0x2e849c4) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e84d9c, puLen=0xd7e810) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84a7c, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84ad0, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84b10, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84b78, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84bbc, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84c44, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84c84, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84cdc, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84d0c, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e84d48, puLen=0xd7e790) returned 1
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.503] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e84d9c, puLen=0xd7e784) returned 1
[0226.504] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.504] VerQueryValueW (in: pBlock=0x2e849c4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e849ec, puLen=0xd7e794) returned 1
[0226.505] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0226.505] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0226.505] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.505] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0226.505] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.505] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0226.506] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e86f1c | out: lpData=0x2e86f1c) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e872f4, puLen=0xd7e810) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e86fd4, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e87028, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e87068, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e870d0, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e87114, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8719c, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e871dc, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e87234, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e87264, puLen=0xd7e790) returned 1
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.507] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e872a0, puLen=0xd7e790) returned 1
[0226.508] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.508] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e872f4, puLen=0xd7e784) returned 1
[0226.508] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.508] VerQueryValueW (in: pBlock=0x2e86f1c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e86f44, puLen=0xd7e794) returned 1
[0226.509] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0226.509] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0226.509] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0226.509] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0226.509] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0226.509] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0226.510] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e89654 | out: lpData=0x2e89654) returned 1
[0226.510] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e89a84, puLen=0xd7e810) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8970c, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e89760, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e897d0, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e89830, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8988c, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e89914, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8996c, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e899c4, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e899f4, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e89a30, puLen=0xd7e790) returned 1
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e89a84, puLen=0xd7e784) returned 1
[0226.511] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0226.511] VerQueryValueW (in: pBlock=0x2e89654, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e8967c, puLen=0xd7e794) returned 1
[0226.512] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0226.512] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.512] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0226.512] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.514] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.514] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c02da
[0226.515] SetWindowLongW (hWnd=0x1c02da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0226.515] GetWindowLongW (hWnd=0x1c02da, nIndex=-4) returned 1950089536
[0226.515] SetWindowLongW (hWnd=0x1c02da, nIndex=-4, dwNewLong=19946558) returned 1950089536
[0226.515] GetWindowLongW (hWnd=0x1c02da, nIndex=-4) returned 19946558
[0226.515] GetWindowLongW (hWnd=0x1c02da, nIndex=-16) returned 113311744
[0226.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0226.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0226.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0226.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0226.517] GetClientRect (in: hWnd=0x1c02da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0226.517] GetWindowRect (in: hWnd=0x1c02da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0226.517] SetWindowTextW (hWnd=0x1c02da, lpString="WindowsFormsParkingWindow") returned 1
[0226.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0xc, wParam=0x0, lParam=0x2e4eb2c) returned 0x1
[0226.518] GetParent (hWnd=0x1c02da) returned 0x0
[0226.518] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.518] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1c02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1202ce
[0226.518] SetWindowLongW (hWnd=0x1202ce, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0226.519] GetWindowLongW (hWnd=0x1202ce, nIndex=-4) returned 1868147648
[0226.519] SetWindowLongW (hWnd=0x1202ce, nIndex=-4, dwNewLong=19946598) returned 1868147648
[0226.519] GetWindowLongW (hWnd=0x1202ce, nIndex=-4) returned 19946598
[0226.519] GetWindowLongW (hWnd=0x1202ce, nIndex=-16) returned 1174405133
[0226.519] GetWindowLongW (hWnd=0x1202ce, nIndex=-12) returned 0
[0226.519] SetWindowLongW (hWnd=0x1202ce, nIndex=-12, dwNewLong=1180366) returned 0
[0226.519] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0226.520] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0226.520] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0226.521] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0226.521] GetWindowRect (in: hWnd=0x1202ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0226.521] GetParent (hWnd=0x1202ce) returned 0x1c02da
[0226.521] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0226.521] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0226.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0226.522] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0226.522] GetWindowRect (in: hWnd=0x1202ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0226.522] GetParent (hWnd=0x1202ce) returned 0x1c02da
[0226.522] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0226.522] SendMessageW (hWnd=0x1202ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1202ce) returned 0x0
[0226.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1202ce) returned 0x0
[0226.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.522] GetParent (hWnd=0x1202ce) returned 0x1c02da
[0226.522] GdipCreateFromHWND (hwnd=0x1202ce, graphics=0xd7e844) returned 0x0
[0226.523] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0226.523] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.523] GetForegroundWindow () returned 0x7005c
[0226.523] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.523] GetSystemMetrics (nIndex=42) returned 0
[0226.523] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0226.524] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.524] GetSystemMetrics (nIndex=42) returned 0
[0226.524] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0226.524] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.524] GetCursorPos (in: lpPoint=0x2e8dad8 | out: lpPoint=0x2e8dad8*(x=255, y=627)) returned 1
[0226.524] MonitorFromPoint (pt=0xff, dwFlags=0x273) returned 0x10001
[0226.524] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0226.525] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xaf010803
[0226.525] GetDeviceCaps (hdc=0xaf010803, index=12) returned 32
[0226.525] GetDeviceCaps (hdc=0xaf010803, index=14) returned 1
[0226.525] DeleteDC (hdc=0xaf010803) returned 1
[0226.525] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0226.525] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0226.525] GetSystemMetrics (nIndex=59) returned 1460
[0226.525] GetSystemMetrics (nIndex=60) returned 920
[0226.525] GetSystemMetrics (nIndex=34) returned 136
[0226.525] GetSystemMetrics (nIndex=35) returned 39
[0226.526] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.526] GetCursorPos (in: lpPoint=0x2e8dd44 | out: lpPoint=0x2e8dd44*(x=255, y=627)) returned 1
[0226.526] MonitorFromPoint (pt=0xff, dwFlags=0x273) returned 0x10001
[0226.526] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0226.526] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb0010803
[0226.527] GetDeviceCaps (hdc=0xb0010803, index=12) returned 32
[0226.527] GetDeviceCaps (hdc=0xb0010803, index=14) returned 1
[0226.527] DeleteDC (hdc=0xb0010803) returned 1
[0226.527] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0226.527] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0226.527] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.527] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0226.527] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e8dfdc | out: piconinfo=0x2e8dfdc) returned 1
[0226.528] GetObjectW (in: h=0x5b0507e8, c=24, pv=0x2e8dff8 | out: pv=0x2e8dff8) returned 24
[0226.528] GdipCreateBitmapFromHBITMAP (hbm=0x5b0507e8, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0226.528] GdipGetImageWidth (image=0x664f448, width=0xd7e750) returned 0x0
[0226.528] GdipGetImageHeight (image=0x664f448, height=0xd7e748) returned 0x0
[0226.528] GdipGetImagePixelFormat (image=0x664f448, format=0xd7e740) returned 0x0
[0226.528] GdipBitmapLockBits (bitmap=0x664f448, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e8e0b0) returned 0x0
[0226.528] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0226.529] GdipBitmapLockBits (bitmap=0x6601d38, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e8e0e8) returned 0x0
[0226.529] RtlMoveMemory (in: Destination=0x6661f60, Source=0x665fec8, Length=0x80 | out: Destination=0x6661f60)
[0226.529] RtlMoveMemory (in: Destination=0x6661fe0, Source=0x665fe48, Length=0x80 | out: Destination=0x6661fe0)
[0226.529] RtlMoveMemory (in: Destination=0x6662060, Source=0x665fdc8, Length=0x80 | out: Destination=0x6662060)
[0226.529] RtlMoveMemory (in: Destination=0x66620e0, Source=0x665fd48, Length=0x80 | out: Destination=0x66620e0)
[0226.529] RtlMoveMemory (in: Destination=0x6662160, Source=0x665fcc8, Length=0x80 | out: Destination=0x6662160)
[0226.529] RtlMoveMemory (in: Destination=0x66621e0, Source=0x665fc48, Length=0x80 | out: Destination=0x66621e0)
[0226.529] RtlMoveMemory (in: Destination=0x6662260, Source=0x665fbc8, Length=0x80 | out: Destination=0x6662260)
[0226.529] RtlMoveMemory (in: Destination=0x66622e0, Source=0x665fb48, Length=0x80 | out: Destination=0x66622e0)
[0226.529] RtlMoveMemory (in: Destination=0x6662360, Source=0x665fac8, Length=0x80 | out: Destination=0x6662360)
[0226.529] RtlMoveMemory (in: Destination=0x66623e0, Source=0x665fa48, Length=0x80 | out: Destination=0x66623e0)
[0226.529] RtlMoveMemory (in: Destination=0x6662460, Source=0x665f9c8, Length=0x80 | out: Destination=0x6662460)
[0226.529] RtlMoveMemory (in: Destination=0x66624e0, Source=0x665f948, Length=0x80 | out: Destination=0x66624e0)
[0226.529] RtlMoveMemory (in: Destination=0x6662560, Source=0x665f8c8, Length=0x80 | out: Destination=0x6662560)
[0226.529] RtlMoveMemory (in: Destination=0x66625e0, Source=0x665f848, Length=0x80 | out: Destination=0x66625e0)
[0226.529] RtlMoveMemory (in: Destination=0x6662660, Source=0x665f7c8, Length=0x80 | out: Destination=0x6662660)
[0226.529] RtlMoveMemory (in: Destination=0x66626e0, Source=0x665f748, Length=0x80 | out: Destination=0x66626e0)
[0226.530] RtlMoveMemory (in: Destination=0x6662760, Source=0x665f6c8, Length=0x80 | out: Destination=0x6662760)
[0226.530] RtlMoveMemory (in: Destination=0x66627e0, Source=0x665f648, Length=0x80 | out: Destination=0x66627e0)
[0226.530] RtlMoveMemory (in: Destination=0x6662860, Source=0x665f5c8, Length=0x80 | out: Destination=0x6662860)
[0226.530] RtlMoveMemory (in: Destination=0x66628e0, Source=0x665f548, Length=0x80 | out: Destination=0x66628e0)
[0226.530] RtlMoveMemory (in: Destination=0x6662960, Source=0x665f4c8, Length=0x80 | out: Destination=0x6662960)
[0226.530] RtlMoveMemory (in: Destination=0x66629e0, Source=0x665f448, Length=0x80 | out: Destination=0x66629e0)
[0226.530] RtlMoveMemory (in: Destination=0x6662a60, Source=0x665f3c8, Length=0x80 | out: Destination=0x6662a60)
[0226.530] RtlMoveMemory (in: Destination=0x6662ae0, Source=0x665f348, Length=0x80 | out: Destination=0x6662ae0)
[0226.530] RtlMoveMemory (in: Destination=0x6662b60, Source=0x665f2c8, Length=0x80 | out: Destination=0x6662b60)
[0226.530] RtlMoveMemory (in: Destination=0x6662be0, Source=0x665f248, Length=0x80 | out: Destination=0x6662be0)
[0226.530] RtlMoveMemory (in: Destination=0x6662c60, Source=0x665f1c8, Length=0x80 | out: Destination=0x6662c60)
[0226.530] RtlMoveMemory (in: Destination=0x6662ce0, Source=0x665f148, Length=0x80 | out: Destination=0x6662ce0)
[0226.530] RtlMoveMemory (in: Destination=0x6662d60, Source=0x665f0c8, Length=0x80 | out: Destination=0x6662d60)
[0226.530] RtlMoveMemory (in: Destination=0x6662de0, Source=0x665f048, Length=0x80 | out: Destination=0x6662de0)
[0226.530] RtlMoveMemory (in: Destination=0x6662e60, Source=0x665efc8, Length=0x80 | out: Destination=0x6662e60)
[0226.530] RtlMoveMemory (in: Destination=0x6662ee0, Source=0x665ef48, Length=0x80 | out: Destination=0x6662ee0)
[0226.530] GdipBitmapUnlockBits (bitmap=0x664f448, lockedBitmapData=0x2e8e0b0) returned 0x0
[0226.531] GdipBitmapUnlockBits (bitmap=0x6601d38, lockedBitmapData=0x2e8e0e8) returned 0x0
[0226.531] GdipDisposeImage (image=0x664f448) returned 0x0
[0226.531] DeleteObject (ho=0x5b0507e8) returned 1
[0226.531] DeleteObject (ho=0xb1050803) returned 1
[0226.531] GetCurrentThreadId () returned 0xf50
[0226.531] GetCurrentThreadId () returned 0xf50
[0226.531] SetWindowPos (hWnd=0x1202ce, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0226.531] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0226.531] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0226.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0226.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0226.532] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0226.532] GetWindowRect (in: hWnd=0x1202ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0226.532] GetParent (hWnd=0x1202ce) returned 0x1c02da
[0226.532] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0226.532] InvalidateRect (hWnd=0x1202ce, lpRect=0x0, bErase=1) returned 1
[0226.532] GetWindowTextLengthW (hWnd=0x1202ce) returned 0
[0226.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0226.532] GetSystemMetrics (nIndex=42) returned 0
[0226.532] GetWindowTextW (in: hWnd=0x1202ce, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0226.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0226.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0226.532] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0226.532] GetWindowRect (in: hWnd=0x1202ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0226.532] GetParent (hWnd=0x1202ce) returned 0x1c02da
[0226.532] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0226.533] GetWindowTextLengthW (hWnd=0x1202ce) returned 0
[0226.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0226.533] GetSystemMetrics (nIndex=42) returned 0
[0226.533] GetWindowTextW (in: hWnd=0x1202ce, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0226.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0226.533] GetWindowTextLengthW (hWnd=0x1202ce) returned 0
[0226.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0226.533] GetSystemMetrics (nIndex=42) returned 0
[0226.533] GetWindowTextW (in: hWnd=0x1202ce, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0226.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0226.533] SetWindowTextW (hWnd=0x1202ce, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0226.533] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xc, wParam=0x0, lParam=0x2e6ef44) returned 0x1
[0226.533] InvalidateRect (hWnd=0x1202ce, lpRect=0x0, bErase=1) returned 1
[0226.533] GetCurrentThreadId () returned 0xf50
[0226.533] GetWindowThreadProcessId (in: hWnd=0x1202ce, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0226.534] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0226.535] GdipImageForceValidation (image=0x6602a58) returned 0x0
[0226.536] GdipGetImageRawFormat (image=0x6602a58, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0226.537] GdipGetImageHeight (image=0x6602a58, height=0xd7e824) returned 0x0
[0226.537] GdipGetImageWidth (image=0x6602a58, width=0xd7e824) returned 0x0
[0226.537] GdipGetImageWidth (image=0x6602a58, width=0xd7e810) returned 0x0
[0226.537] GdipGetImageHeight (image=0x6602a58, height=0xd7e810) returned 0x0
[0226.537] GdipGetImageWidth (image=0x6602a58, width=0xd7e800) returned 0x0
[0226.537] GdipGetImageHeight (image=0x6602a58, height=0xd7e800) returned 0x0
[0226.537] GdipBitmapGetPixel (bitmap=0x6602a58, x=0, y=15, color=0xd7e810) returned 0x0
[0226.537] GdipGetImageRawFormat (image=0x6602a58, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0226.537] GdipGetImageWidth (image=0x6602a58, width=0xd7e740) returned 0x0
[0226.537] GdipGetImageHeight (image=0x6602a58, height=0xd7e740) returned 0x0
[0226.537] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0226.537] GdipGetImagePixelFormat (image=0x66030e8, format=0xd7e740) returned 0x0
[0226.537] GdipGetImageGraphicsContext (image=0x66030e8, graphics=0xd7e74c) returned 0x0
[0226.537] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0226.537] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0226.538] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0226.538] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602a58, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0226.538] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0226.538] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.538] GdipDisposeImage (image=0x6602a58) returned 0x0
[0226.539] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0226.540] GdipImageForceValidation (image=0x66023c8) returned 0x0
[0226.541] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0226.541] GdipGetImageHeight (image=0x66023c8, height=0xd7e824) returned 0x0
[0226.541] GdipGetImageWidth (image=0x66023c8, width=0xd7e824) returned 0x0
[0226.541] GdipGetImageWidth (image=0x66023c8, width=0xd7e810) returned 0x0
[0226.541] GdipGetImageHeight (image=0x66023c8, height=0xd7e810) returned 0x0
[0226.541] GdipGetImageWidth (image=0x66023c8, width=0xd7e800) returned 0x0
[0226.541] GdipGetImageHeight (image=0x66023c8, height=0xd7e800) returned 0x0
[0226.541] GdipBitmapGetPixel (bitmap=0x66023c8, x=0, y=15, color=0xd7e810) returned 0x0
[0226.541] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0226.541] GdipGetImageWidth (image=0x66023c8, width=0xd7e740) returned 0x0
[0226.542] GdipGetImageHeight (image=0x66023c8, height=0xd7e740) returned 0x0
[0226.542] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0226.542] GdipGetImagePixelFormat (image=0x6603ac0, format=0xd7e740) returned 0x0
[0226.542] GdipGetImageGraphicsContext (image=0x6603ac0, graphics=0xd7e74c) returned 0x0
[0226.542] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0226.542] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0226.542] GdipSetImageAttributesColorKeys (imageattr=0x6638cf8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0226.542] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66023c8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cf8, callback=0x0, callbackData=0x0) returned 0x0
[0226.542] GdipDisposeImageAttributes (imageattr=0x6638cf8) returned 0x0
[0226.542] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.542] GdipDisposeImage (image=0x66023c8) returned 0x0
[0226.543] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.543] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0226.543] GetCurrentThreadId () returned 0xf50
[0226.543] GetCurrentThreadId () returned 0xf50
[0226.543] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.544] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0226.544] GetCurrentThreadId () returned 0xf50
[0226.544] GetCurrentThreadId () returned 0xf50
[0226.545] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.545] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0226.545] GetCurrentThreadId () returned 0xf50
[0226.545] GetCurrentThreadId () returned 0xf50
[0226.545] GetSystemMetrics (nIndex=5) returned 1
[0226.545] GetSystemMetrics (nIndex=6) returned 1
[0226.545] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.545] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0226.546] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.546] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0226.546] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.546] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0226.546] GetCurrentThreadId () returned 0xf50
[0226.546] GetCurrentThreadId () returned 0xf50
[0226.546] GetProcessWindowStation () returned 0x13c
[0226.546] GetCapture () returned 0x0
[0226.546] GetActiveWindow () returned 0x7005c
[0226.547] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0226.547] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.547] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0226.547] GetCursorPos (in: lpPoint=0x2e8f228 | out: lpPoint=0x2e8f228*(x=255, y=627)) returned 1
[0226.547] MonitorFromPoint (pt=0xff, dwFlags=0x273) returned 0x10001
[0226.547] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0226.547] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb2010803
[0226.547] GetDeviceCaps (hdc=0xb2010803, index=12) returned 32
[0226.547] GetDeviceCaps (hdc=0xb2010803, index=14) returned 1
[0226.548] DeleteDC (hdc=0xb2010803) returned 1
[0226.548] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0226.548] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.548] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1102d0
[0226.549] SetWindowLongW (hWnd=0x1102d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0226.549] GetWindowLongW (hWnd=0x1102d0, nIndex=-4) returned 1950089536
[0226.549] SetWindowLongW (hWnd=0x1102d0, nIndex=-4, dwNewLong=19946638) returned 1950089536
[0226.550] GetWindowLongW (hWnd=0x1102d0, nIndex=-4) returned 19946638
[0226.550] GetWindowLongW (hWnd=0x1102d0, nIndex=-16) returned 113770496
[0226.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0226.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0226.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0226.552] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0226.552] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0226.552] SetWindowTextW (hWnd=0x1102d0, lpString="BB ransomware") returned 1
[0226.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xc, wParam=0x0, lParam=0x2e8d9c4) returned 0x1
[0226.553] GetStartupInfoW (in: lpStartupInfo=0x2e8f564 | out: lpStartupInfo=0x2e8f564*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0226.554] GetParent (hWnd=0x1102d0) returned 0x0
[0226.554] SetWindowLongW (hWnd=0x1102d0, nIndex=-8, dwNewLong=0) returned 0
[0226.555] SendMessageW (hWnd=0x1102d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0226.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0226.555] SendMessageW (hWnd=0x1102d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0226.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0226.555] GetSystemMenu (hWnd=0x1102d0, bRevert=0) returned 0x20111
[0226.556] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0226.556] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0226.556] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0226.556] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0226.556] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0226.556] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0226.557] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0226.557] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0226.557] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0226.557] SetWindowPos (hWnd=0x1102d0, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0226.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0226.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1102d0) returned 0x1
[0226.560] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0226.560] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0226.561] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0226.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0226.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0226.564] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1102d0, lParam=0x0) returned 0x0
[0226.564] GetCapture () returned 0x0
[0226.564] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0226.565] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0226.566] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0226.568] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0226.568] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0226.568] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0226.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0226.569] GetParent (hWnd=0x1102d0) returned 0x0
[0226.569] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0226.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0226.572] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0226.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0226.572] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0226.572] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0226.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0226.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0226.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0226.574] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.574] GetWindowLongW (hWnd=0x1102d0, nIndex=-16) returned 113770496
[0226.575] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.575] GetSystemMetrics (nIndex=42) returned 0
[0226.575] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0226.575] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.639] GetSystemMetrics (nIndex=42) returned 0
[0226.639] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.639] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0226.639] GetCursorPos (in: lpPoint=0x2e8f7a0 | out: lpPoint=0x2e8f7a0*(x=255, y=627)) returned 1
[0226.639] MonitorFromPoint (pt=0xfd, dwFlags=0x276) returned 0x10001
[0226.639] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0226.639] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x890107bb
[0226.639] GetDeviceCaps (hdc=0x890107bb, index=12) returned 32
[0226.639] GetDeviceCaps (hdc=0x890107bb, index=14) returned 1
[0226.639] DeleteDC (hdc=0x890107bb) returned 1
[0226.640] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0226.640] GetWindowLongW (hWnd=0x1102d0, nIndex=-16) returned 113770496
[0226.640] GetWindowLongW (hWnd=0x1102d0, nIndex=-20) returned 327945
[0226.640] SetWindowLongW (hWnd=0x1102d0, nIndex=-16, dwNewLong=46661632) returned 113770496
[0226.640] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0226.640] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0226.641] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0226.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0226.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0226.643] SetWindowLongW (hWnd=0x1102d0, nIndex=-20, dwNewLong=327681) returned 327945
[0226.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0226.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0226.644] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0226.644] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0226.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0226.645] SetWindowPos (hWnd=0x1102d0, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0226.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0226.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0226.646] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0226.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0226.646] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0226.646] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0226.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0226.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0226.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0226.648] RedrawWindow (hWnd=0x1102d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0226.648] GetSystemMenu (hWnd=0x1102d0, bRevert=0) returned 0x20111
[0226.648] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0226.648] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0226.648] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0226.648] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0226.648] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0226.649] EnableMenuItem (hMenu=0x20111, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0226.649] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0226.649] GetWindowLongW (hWnd=0x1102d0, nIndex=-8) returned 0
[0226.649] SetWindowLongW (hWnd=0x1102d0, nIndex=-8, dwNewLong=458844) returned 0
[0226.650] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0226.650] GetProcessWindowStation () returned 0x13c
[0226.650] GetCurrentThreadId () returned 0xf50
[0226.650] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305cb6, lParam=0x0) returned 1
[0226.650] IsWindowVisible (hWnd=0x1102d0) returned 0
[0226.650] IsWindowVisible (hWnd=0x7005c) returned 1
[0226.650] IsWindowEnabled (hWnd=0x7005c) returned 1
[0226.651] IsWindowVisible (hWnd=0x300ec) returned 0
[0226.651] IsWindowVisible (hWnd=0x502c6) returned 0
[0226.651] IsWindowVisible (hWnd=0x502be) returned 0
[0226.651] GetActiveWindow () returned 0x1102d0
[0226.651] GetFocus () returned 0x1102d0
[0226.651] IsWindow (hWnd=0x7005c) returned 1
[0226.651] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0226.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0226.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0226.652] GetWindowLongW (hWnd=0x1102d0, nIndex=-8) returned 458844
[0226.652] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0226.652] GetCurrentThreadId () returned 0xf50
[0226.652] GetWindowLongW (hWnd=0x1102d0, nIndex=-8) returned 458844
[0226.652] IsWindowEnabled (hWnd=0x7005c) returned 0
[0226.652] IsWindowEnabled (hWnd=0x1102d0) returned 1
[0226.652] ShowWindow (hWnd=0x1102d0, nCmdShow=5) returned 0
[0226.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.652] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0226.653] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.653] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.653] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1102d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c02de
[0226.654] SetWindowLongW (hWnd=0x1c02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0226.654] GetWindowLongW (hWnd=0x1c02de, nIndex=-4) returned 1950089536
[0226.655] SetWindowLongW (hWnd=0x1c02de, nIndex=-4, dwNewLong=19948358) returned 1950089536
[0226.655] GetWindowLongW (hWnd=0x1c02de, nIndex=-4) returned 19948358
[0226.655] GetWindowLongW (hWnd=0x1c02de, nIndex=-16) returned 1174405120
[0226.655] GetWindowLongW (hWnd=0x1c02de, nIndex=-12) returned 0
[0226.655] SetWindowLongW (hWnd=0x1c02de, nIndex=-12, dwNewLong=1835742) returned 0
[0226.655] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0226.655] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0226.656] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0226.656] GetWindow (hWnd=0x1c02de, uCmd=0x3) returned 0x0
[0226.656] GetClientRect (in: hWnd=0x1c02de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0226.656] GetWindowRect (in: hWnd=0x1c02de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0226.656] GetParent (hWnd=0x1c02de) returned 0x1102d0
[0226.656] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0226.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0226.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0226.657] GetClientRect (in: hWnd=0x1c02de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0226.657] GetWindowRect (in: hWnd=0x1c02de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0226.657] GetParent (hWnd=0x1c02de) returned 0x1102d0
[0226.657] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0226.657] SendMessageW (hWnd=0x1c02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1c02de) returned 0x0
[0226.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1c02de) returned 0x0
[0226.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.658] GetParent (hWnd=0x1c02de) returned 0x1102d0
[0226.658] GetParent (hWnd=0x1202ce) returned 0x1c02da
[0226.658] SetParent (hWndChild=0x1202ce, hWndNewParent=0x1102d0) returned 0x1c02da
[0226.658] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0226.659] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0226.659] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0226.659] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0226.659] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0226.659] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0226.659] GetWindowRect (in: hWnd=0x1202ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0226.659] GetParent (hWnd=0x1202ce) returned 0x1102d0
[0226.659] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0226.659] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0226.659] GetWindowRect (in: hWnd=0x1202ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0226.659] GetParent (hWnd=0x1202ce) returned 0x1102d0
[0226.659] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0226.659] GetParent (hWnd=0x1202ce) returned 0x1102d0
[0226.660] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.660] GetWindow (hWnd=0x1202ce, uCmd=0x3) returned 0x0
[0226.660] SetWindowPos (hWnd=0x1202ce, hWndInsertAfter=0x1c02de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0226.660] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0226.660] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0226.661] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0226.661] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0226.661] GetWindowRect (in: hWnd=0x1202ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0226.661] GetParent (hWnd=0x1202ce) returned 0x1102d0
[0226.661] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0226.661] GetParent (hWnd=0x1202ce) returned 0x1102d0
[0226.661] GetWindow (hWnd=0x1202ce, uCmd=0x3) returned 0x1c02de
[0226.661] GetWindowThreadProcessId (in: hWnd=0x1202ce, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0226.661] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0226.662] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.662] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.662] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1102d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e02d8
[0226.663] SetWindowLongW (hWnd=0x1e02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0226.663] GetWindowLongW (hWnd=0x1e02d8, nIndex=-4) returned 1868032000
[0226.663] SetWindowLongW (hWnd=0x1e02d8, nIndex=-4, dwNewLong=19948198) returned 1868032000
[0226.663] GetWindowLongW (hWnd=0x1e02d8, nIndex=-4) returned 19948198
[0226.663] GetWindowLongW (hWnd=0x1e02d8, nIndex=-16) returned 1174470667
[0226.663] GetWindowLongW (hWnd=0x1e02d8, nIndex=-12) returned 0
[0226.663] SetWindowLongW (hWnd=0x1e02d8, nIndex=-12, dwNewLong=1966808) returned 0
[0226.664] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0226.664] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0226.664] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0226.665] SendMessageW (hWnd=0x1e02d8, Msg=0x2055, wParam=0x1e02d8, lParam=0x3) returned 0x2
[0226.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0226.665] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0226.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0226.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0226.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0226.665] RedrawWindow (hWnd=0x1c02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0226.665] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0226.666] RedrawWindow (hWnd=0x1202ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0226.666] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0226.666] RedrawWindow (hWnd=0x1e02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0226.666] RedrawWindow (hWnd=0x1102d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0226.666] GetWindow (hWnd=0x1e02d8, uCmd=0x3) returned 0x1202ce
[0226.666] GetClientRect (in: hWnd=0x1e02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0226.666] GetWindowRect (in: hWnd=0x1e02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0226.666] GetParent (hWnd=0x1e02d8) returned 0x1102d0
[0226.666] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0226.666] SetWindowTextW (hWnd=0x1e02d8, lpString="&Details") returned 1
[0226.666] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0226.667] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0226.667] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0226.667] GetClientRect (in: hWnd=0x1e02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0226.667] GetWindowRect (in: hWnd=0x1e02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0226.667] GetParent (hWnd=0x1e02d8) returned 0x1102d0
[0226.667] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0226.667] SendMessageW (hWnd=0x1e02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1e02d8) returned 0x0
[0226.667] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1e02d8) returned 0x0
[0226.667] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.673] GetParent (hWnd=0x1e02d8) returned 0x1102d0
[0226.673] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0226.673] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.673] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.674] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1102d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f00ea
[0226.674] SetWindowLongW (hWnd=0x1f00ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0226.674] GetWindowLongW (hWnd=0x1f00ea, nIndex=-4) returned 1868032000
[0226.674] SetWindowLongW (hWnd=0x1f00ea, nIndex=-4, dwNewLong=19948398) returned 1868032000
[0226.675] GetWindowLongW (hWnd=0x1f00ea, nIndex=-4) returned 19948398
[0226.675] GetWindowLongW (hWnd=0x1f00ea, nIndex=-16) returned 1174470667
[0226.675] GetWindowLongW (hWnd=0x1f00ea, nIndex=-12) returned 0
[0226.675] SetWindowLongW (hWnd=0x1f00ea, nIndex=-12, dwNewLong=2031850) returned 0
[0226.675] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0226.675] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0226.676] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0226.676] SendMessageW (hWnd=0x1f00ea, Msg=0x2055, wParam=0x1f00ea, lParam=0x3) returned 0x2
[0226.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0226.677] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0226.677] GetWindow (hWnd=0x1f00ea, uCmd=0x3) returned 0x1e02d8
[0226.677] GetClientRect (in: hWnd=0x1f00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0226.677] GetWindowRect (in: hWnd=0x1f00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0226.677] GetParent (hWnd=0x1f00ea) returned 0x1102d0
[0226.677] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0226.677] SetWindowTextW (hWnd=0x1f00ea, lpString="&Continue") returned 1
[0226.677] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0226.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0226.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0226.678] GetClientRect (in: hWnd=0x1f00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0226.678] GetWindowRect (in: hWnd=0x1f00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0226.678] GetParent (hWnd=0x1f00ea) returned 0x1102d0
[0226.678] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0226.678] SendMessageW (hWnd=0x1f00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1f00ea) returned 0x0
[0226.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x2210, wParam=0xea0001, lParam=0x1f00ea) returned 0x0
[0226.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.679] GetParent (hWnd=0x1f00ea) returned 0x1102d0
[0226.679] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0226.679] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.679] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.679] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1102d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c02dc
[0226.699] SetWindowLongW (hWnd=0x1c02dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0226.699] GetWindowLongW (hWnd=0x1c02dc, nIndex=-4) returned 1868032000
[0226.699] SetWindowLongW (hWnd=0x1c02dc, nIndex=-4, dwNewLong=19948238) returned 1868032000
[0226.699] GetWindowLongW (hWnd=0x1c02dc, nIndex=-4) returned 19948238
[0226.699] GetWindowLongW (hWnd=0x1c02dc, nIndex=-16) returned 1174470667
[0226.699] GetWindowLongW (hWnd=0x1c02dc, nIndex=-12) returned 0
[0226.699] SetWindowLongW (hWnd=0x1c02dc, nIndex=-12, dwNewLong=1835740) returned 0
[0226.700] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0226.700] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0226.701] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0226.701] SendMessageW (hWnd=0x1c02dc, Msg=0x2055, wParam=0x1c02dc, lParam=0x3) returned 0x2
[0226.702] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0226.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0226.702] GetWindow (hWnd=0x1c02dc, uCmd=0x3) returned 0x1f00ea
[0226.702] GetClientRect (in: hWnd=0x1c02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0226.702] GetWindowRect (in: hWnd=0x1c02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0226.702] GetParent (hWnd=0x1c02dc) returned 0x1102d0
[0226.702] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0226.702] SetWindowTextW (hWnd=0x1c02dc, lpString="&Quit") returned 1
[0226.702] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0226.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0226.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0226.704] GetClientRect (in: hWnd=0x1c02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0226.704] GetWindowRect (in: hWnd=0x1c02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0226.704] GetParent (hWnd=0x1c02dc) returned 0x1102d0
[0226.704] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0226.704] SendMessageW (hWnd=0x1c02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1c02dc) returned 0x0
[0226.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1c02dc) returned 0x0
[0226.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.704] GetParent (hWnd=0x1c02dc) returned 0x1102d0
[0226.704] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0226.705] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.705] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0226.705] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1102d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1602c8
[0226.706] SetWindowLongW (hWnd=0x1602c8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0226.706] GetWindowLongW (hWnd=0x1602c8, nIndex=-4) returned 1868026976
[0226.706] SetWindowLongW (hWnd=0x1602c8, nIndex=-4, dwNewLong=19948038) returned 1868026976
[0226.706] GetWindowLongW (hWnd=0x1602c8, nIndex=-4) returned 19948038
[0226.706] GetWindowLongW (hWnd=0x1602c8, nIndex=-16) returned 1177553092
[0226.706] GetWindowLongW (hWnd=0x1602c8, nIndex=-12) returned 0
[0226.706] SetWindowLongW (hWnd=0x1602c8, nIndex=-12, dwNewLong=1442504) returned 0
[0226.707] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0226.708] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0226.709] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0226.727] GetWindow (hWnd=0x1602c8, uCmd=0x3) returned 0x1c02dc
[0226.727] GetClientRect (in: hWnd=0x1602c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0226.727] GetWindowRect (in: hWnd=0x1602c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0226.727] GetParent (hWnd=0x1602c8) returned 0x1102d0
[0226.727] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0226.727] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.728] GetSystemMetrics (nIndex=42) returned 0
[0226.728] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0226.728] SendMessageW (hWnd=0x1602c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0226.728] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0226.733] SetWindowTextW (hWnd=0x1602c8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0226.733] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0xc, wParam=0x0, lParam=0x2e8b3ac) returned 0x1
[0226.735] GetSystemMetrics (nIndex=5) returned 1
[0226.735] GetSystemMetrics (nIndex=6) returned 1
[0226.736] SendMessageW (hWnd=0x1602c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0226.736] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0226.736] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0226.737] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0226.737] GetClientRect (in: hWnd=0x1602c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0226.737] GetWindowRect (in: hWnd=0x1602c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0226.737] GetParent (hWnd=0x1602c8) returned 0x1102d0
[0226.737] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1102d0, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0226.737] SendMessageW (hWnd=0x1602c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1602c8) returned 0x0
[0226.737] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1602c8) returned 0x0
[0226.737] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0226.738] GetParent (hWnd=0x1602c8) returned 0x1102d0
[0226.738] GetWindowLongW (hWnd=0x1102d0, nIndex=-8) returned 458844
[0226.738] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0226.738] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0226.738] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x900107bb
[0226.738] GetDeviceCaps (hdc=0x900107bb, index=12) returned 32
[0226.738] GetDeviceCaps (hdc=0x900107bb, index=14) returned 1
[0226.738] DeleteDC (hdc=0x900107bb) returned 1
[0226.738] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0226.739] GetWindowThreadProcessId (in: hWnd=0x1102d0, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0226.739] GetCurrentThreadId () returned 0xf50
[0226.739] PostMessageW (hWnd=0x1102d0, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0226.739] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.739] GetSystemMetrics (nIndex=42) returned 0
[0226.739] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0226.739] GdipImageGetFrameDimensionsCount (image=0x6601d38, count=0xd7e25c) returned 0x0
[0226.739] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200d28
[0226.739] GdipImageGetFrameDimensionsList (image=0x6601d38, dimensionIDs=0x1200d28*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0226.739] LocalFree (hMem=0x1200d28) returned 0x0
[0226.739] GdipImageGetFrameDimensionsCount (image=0x66030e8, count=0xd7e250) returned 0x0
[0226.739] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200ed8
[0226.739] GdipImageGetFrameDimensionsList (image=0x66030e8, dimensionIDs=0x1200ed8*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0226.740] LocalFree (hMem=0x1200ed8) returned 0x0
[0226.740] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0226.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0226.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0226.753] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0226.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0226.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0226.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0226.755] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0226.755] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0226.755] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.755] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.755] GetSystemMetrics (nIndex=42) returned 0
[0226.755] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.755] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0226.755] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0226.755] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0226.755] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0226.755] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x320507a1
[0226.755] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0226.755] SaveDC (hdc=0x10105d6) returned 1
[0226.756] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0226.756] CreateSolidBrush (color=0xf0f0f0) returned 0x491007e1
[0226.756] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x491007e1) returned 1
[0226.756] DeleteObject (ho=0x491007e1) returned 1
[0226.756] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0226.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0226.756] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0226.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0226.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0226.757] GetStockObject (i=5) returned 0x900015
[0226.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0226.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0226.757] GetStockObject (i=5) returned 0x900015
[0226.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0226.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0226.758] GetStockObject (i=5) returned 0x900015
[0226.758] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0226.758] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0226.758] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0226.758] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0226.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0226.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0226.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0226.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0226.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0226.760] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0226.760] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0226.761] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0226.761] InvalidateRect (hWnd=0x1e02d8, lpRect=0x0, bErase=0) returned 1
[0226.761] GetFocus () returned 0x1102d0
[0226.761] GetFocus () returned 0x1102d0
[0226.761] SetFocus (hWnd=0x1e02d8) returned 0x1102d0
[0226.762] GetFocus () returned 0x1e02d8
[0226.762] IsChild (hWndParent=0x1102d0, hWnd=0x1e02d8) returned 1
[0226.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x8, wParam=0x1e02d8, lParam=0x0) returned 0x0
[0226.763] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0226.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0226.766] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0226.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x7, wParam=0x1102d0, lParam=0x0) returned 0x0
[0226.766] GetStockObject (i=5) returned 0x900015
[0226.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0226.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0226.767] GetDlgItem (hDlg=0x1102d0, nIDDlgItem=1966808) returned 0x1e02d8
[0226.767] SendMessageW (hWnd=0x1e02d8, Msg=0x202b, wParam=0x1e02d8, lParam=0xd7e0dc) returned 0x0
[0226.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x202b, wParam=0x1e02d8, lParam=0xd7e0dc) returned 0x0
[0226.767] InvalidateRect (hWnd=0x1e02d8, lpRect=0x0, bErase=0) returned 1
[0226.769] GetFocus () returned 0x1e02d8
[0226.769] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.769] IsWindowUnicode (hWnd=0x1102d0) returned 1
[0226.769] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.769] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.769] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0226.770] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.770] IsWindowUnicode (hWnd=0x1102d0) returned 1
[0226.770] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.770] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.770] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.770] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0226.771] IsWindowUnicode (hWnd=0x1102d0) returned 1
[0226.771] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.771] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.771] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.771] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.772] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.772] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.772] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.772] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0226.772] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0226.772] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.773] IsWindowUnicode (hWnd=0x1102d0) returned 1
[0226.773] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.773] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.773] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.773] BeginPaint (in: hWnd=0x1102d0, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0226.773] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.773] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.773] GetSystemMetrics (nIndex=42) returned 0
[0226.774] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0226.774] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.774] EndPaint (hWnd=0x1102d0, lpPaint=0xd7e274) returned 1
[0226.774] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.774] IsWindowUnicode (hWnd=0x1c02de) returned 1
[0226.774] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.774] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.774] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.774] BeginPaint (in: hWnd=0x1c02de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0226.774] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.774] CreateCompatibleDC (hdc=0xf0105ee) returned 0xd0107f1
[0226.775] SelectObject (hdc=0xd0107f1, h=0x4a0507fe) returned 0x85000f
[0226.775] GdipCreateFromHDC (hdc=0xd0107f1, graphics=0xd7e2b0) returned 0x0
[0226.775] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.775] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0226.775] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0226.775] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0226.775] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e310) returned 0x0
[0226.775] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0226.775] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0226.775] LocalFree (hMem=0x11ee8d8) returned 0x0
[0226.775] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0226.775] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0226.775] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0226.776] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0226.776] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0226.776] GetWindowTextLengthW (hWnd=0x1c02de) returned 0
[0226.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0226.776] GetSystemMetrics (nIndex=42) returned 0
[0226.776] GetWindowTextW (in: hWnd=0x1c02de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0226.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0226.776] GetClientRect (in: hWnd=0x1c02de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0226.776] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0226.776] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0226.776] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0226.776] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0226.776] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e164) returned 0x0
[0226.776] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.776] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0226.776] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.776] GdipCombineRegionRegion (region=0x6646058, region2=0x66457e8, combineMode=0x1) returned 0x0
[0226.776] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.776] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0226.777] LocalFree (hMem=0x11ee788) returned 0x0
[0226.777] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0226.777] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0226.777] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0226.777] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0226.777] GdipDeleteRegion (region=0x6646058) returned 0x0
[0226.777] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0226.777] GetCurrentObject (hdc=0xd0107f1, type=0x1) returned 0xb00017
[0226.777] GetCurrentObject (hdc=0xd0107f1, type=0x2) returned 0x900010
[0226.777] GetCurrentObject (hdc=0xd0107f1, type=0x7) returned 0x4a0507fe
[0226.777] GetCurrentObject (hdc=0xd0107f1, type=0x6) returned 0x8a01c2
[0226.777] SaveDC (hdc=0xd0107f1) returned 1
[0226.777] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfe0407de
[0226.777] GetClipRgn (hdc=0xd0107f1, hrgn=0xfe0407de) returned 0
[0226.777] SelectClipRgn (hdc=0xd0107f1, hrgn=0x71040807) returned 2
[0226.777] DeleteObject (ho=0xfe0407de) returned 1
[0226.778] DeleteObject (ho=0x71040807) returned 1
[0226.778] OffsetViewportOrgEx (in: hdc=0xd0107f1, x=0, y=0, lppt=0x2e90f0c | out: lppt=0x2e90f0c) returned 1
[0226.778] GetNearestColor (hdc=0xd0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0226.778] CreateSolidBrush (color=0xf0f0f0) returned 0x4a1007e1
[0226.778] FillRect (hDC=0xd0107f1, lprc=0xd7e198, hbr=0x4a1007e1) returned 1
[0226.778] DeleteObject (ho=0x4a1007e1) returned 1
[0226.778] RestoreDC (hdc=0xd0107f1, nSavedDC=-1) returned 1
[0226.778] GdipReleaseDC (graphics=0x6600030, hdc=0xd0107f1) returned 0x0
[0226.786] GdipRestoreGraphics (graphics=0x6600030, state=0xf9780dbd) returned 0x0
[0226.786] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0226.786] GetWindowTextLengthW (hWnd=0x1c02de) returned 0
[0226.786] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0226.786] GetSystemMetrics (nIndex=42) returned 0
[0226.786] GetWindowTextW (in: hWnd=0x1c02de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0226.786] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0226.786] GdipGetImageWidth (image=0x6601d38, width=0xd7e1e0) returned 0x0
[0226.786] GdipGetImageHeight (image=0x6601d38, height=0xd7e1e0) returned 0x0
[0226.786] GdipGetImageWidth (image=0x6601d38, width=0xd7e1cc) returned 0x0
[0226.786] GdipGetImageHeight (image=0x6601d38, height=0xd7e1cc) returned 0x0
[0226.786] GdipDrawImageRectI (graphics=0x6600030, image=0x6601d38, x=16, y=16, width=32, height=32) returned 0x0
[0226.786] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0226.786] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0xd0107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.787] GdipReleaseDC (graphics=0x6600030, hdc=0xd0107f1) returned 0x0
[0226.787] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.787] SelectObject (hdc=0xd0107f1, h=0x85000f) returned 0x4a0507fe
[0226.787] DeleteDC (hdc=0xd0107f1) returned 1
[0226.787] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.787] EndPaint (hWnd=0x1c02de, lpPaint=0xd7e294) returned 1
[0226.787] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.787] IsWindowUnicode (hWnd=0x1202ce) returned 1
[0226.787] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.787] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.787] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.788] BeginPaint (in: hWnd=0x1202ce, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0226.788] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.788] CreateCompatibleDC (hdc=0x10105d6) returned 0xf0107f1
[0226.788] GetObjectType (h=0x10105d6) returned 0x3
[0226.788] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffff9b0507bb
[0226.788] GetDIBits (in: hdc=0x10105d6, hbm=0x9b0507bb, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0226.788] GetDIBits (in: hdc=0x10105d6, hbm=0x9b0507bb, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0226.788] DeleteObject (ho=0x9b0507bb) returned 1
[0226.788] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x4a0505d8
[0226.788] SelectObject (hdc=0xf0107f1, h=0x4a0505d8) returned 0x85000f
[0226.789] GdipCreateFromHDC (hdc=0xf0107f1, graphics=0xd7e234) returned 0x0
[0226.789] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.789] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0226.789] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0226.789] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0226.789] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2d4) returned 0x0
[0226.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0226.789] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0226.789] LocalFree (hMem=0x11ee868) returned 0x0
[0226.789] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0226.789] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0226.789] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0226.789] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0226.790] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0226.790] GetWindowTextLengthW (hWnd=0x1202ce) returned 232
[0226.790] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0226.790] GetSystemMetrics (nIndex=42) returned 0
[0226.790] GetWindowTextW (in: hWnd=0x1202ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0226.790] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0226.790] GetClientRect (in: hWnd=0x1202ce, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0226.790] GdipCreateRegion (region=0xd7e110) returned 0x0
[0226.790] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0226.790] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0226.790] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0226.790] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e128) returned 0x0
[0226.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.790] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0226.790] LocalFree (hMem=0x11ee788) returned 0x0
[0226.790] GdipCombineRegionRegion (region=0x6645c68, region2=0x6645d88, combineMode=0x1) returned 0x0
[0226.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0226.790] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea60) returned 0x0
[0226.791] LocalFree (hMem=0x11eea60) returned 0x0
[0226.791] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0226.791] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e150) returned 0x0
[0226.791] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e140) returned 0x0
[0226.791] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0226.791] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0226.791] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0226.791] GetCurrentObject (hdc=0xf0107f1, type=0x1) returned 0xb00017
[0226.791] GetCurrentObject (hdc=0xf0107f1, type=0x2) returned 0x900010
[0226.791] GetCurrentObject (hdc=0xf0107f1, type=0x7) returned 0x4a0505d8
[0226.791] GetCurrentObject (hdc=0xf0107f1, type=0x6) returned 0x8a01c2
[0226.791] SaveDC (hdc=0xf0107f1) returned 1
[0226.791] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x72040807
[0226.791] GetClipRgn (hdc=0xf0107f1, hrgn=0x72040807) returned 0
[0226.791] SelectClipRgn (hdc=0xf0107f1, hrgn=0xff0407de) returned 2
[0226.791] DeleteObject (ho=0x72040807) returned 1
[0226.792] DeleteObject (ho=0xff0407de) returned 1
[0226.792] OffsetViewportOrgEx (in: hdc=0xf0107f1, x=0, y=0, lppt=0x2e928d4 | out: lppt=0x2e928d4) returned 1
[0226.792] GetNearestColor (hdc=0xf0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0226.792] CreateSolidBrush (color=0xf0f0f0) returned 0x4b1007e1
[0226.792] FillRect (hDC=0xf0107f1, lprc=0xd7e15c, hbr=0x4b1007e1) returned 1
[0226.793] DeleteObject (ho=0x4b1007e1) returned 1
[0226.793] RestoreDC (hdc=0xf0107f1, nSavedDC=-1) returned 1
[0226.793] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f1) returned 0x0
[0226.793] GdipRestoreGraphics (graphics=0x6600030, state=0xf9760dbd) returned 0x0
[0226.793] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0226.793] GetWindowTextLengthW (hWnd=0x1202ce) returned 232
[0226.793] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0226.793] GetSystemMetrics (nIndex=42) returned 0
[0226.793] GetWindowTextW (in: hWnd=0x1202ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0226.793] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0226.793] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0226.793] GetCurrentObject (hdc=0xf0107f1, type=0x1) returned 0xb00017
[0226.793] GetCurrentObject (hdc=0xf0107f1, type=0x2) returned 0x900010
[0226.793] GetCurrentObject (hdc=0xf0107f1, type=0x7) returned 0x4a0505d8
[0226.793] GetCurrentObject (hdc=0xf0107f1, type=0x6) returned 0x8a01c2
[0226.793] SaveDC (hdc=0xf0107f1) returned 1
[0226.793] GetNearestColor (hdc=0xf0107f1, color=0x0) returned 0x0
[0226.794] RestoreDC (hdc=0xf0107f1, nSavedDC=-1) returned 1
[0226.794] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f1) returned 0x0
[0226.798] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0226.799] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0226.799] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e930d0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0226.799] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0226.799] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0226.799] GetCurrentObject (hdc=0xf0107f1, type=0x1) returned 0xb00017
[0226.799] GetCurrentObject (hdc=0xf0107f1, type=0x2) returned 0x900010
[0226.799] GetCurrentObject (hdc=0xf0107f1, type=0x7) returned 0x4a0505d8
[0226.799] GetCurrentObject (hdc=0xf0107f1, type=0x6) returned 0x8a01c2
[0226.799] SaveDC (hdc=0xf0107f1) returned 1
[0226.799] GetTextAlign (hdc=0xf0107f1) returned 0x0
[0226.800] GetTextColor (hdc=0xf0107f1) returned 0x0
[0226.800] GetCurrentObject (hdc=0xf0107f1, type=0x6) returned 0x8a01c2
[0226.800] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0226.800] SelectObject (hdc=0xf0107f1, h=0x6d0a0520) returned 0x8a01c2
[0226.800] GetBkMode (hdc=0xf0107f1) returned 2
[0226.800] SetBkMode (hdc=0xf0107f1, mode=1) returned 2
[0226.800] DrawTextExW (in: hdc=0xf0107f1, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e932f4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0226.803] RestoreDC (hdc=0xf0107f1, nSavedDC=-1) returned 1
[0226.803] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f1) returned 0x0
[0226.803] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0226.803] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xf0107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.803] GdipReleaseDC (graphics=0x6600030, hdc=0xf0107f1) returned 0x0
[0226.803] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.804] SelectObject (hdc=0xf0107f1, h=0x85000f) returned 0x4a0505d8
[0226.804] DeleteDC (hdc=0xf0107f1) returned 1
[0226.804] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.804] DeleteObject (ho=0x4a0505d8) returned 1
[0226.804] EndPaint (hWnd=0x1202ce, lpPaint=0xd7e258) returned 1
[0226.805] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.805] IsWindowUnicode (hWnd=0x1e02d8) returned 1
[0226.805] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.805] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.805] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.805] BeginPaint (in: hWnd=0x1e02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0226.805] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.805] CreateCompatibleDC (hdc=0x60100ce) returned 0x9d0107bb
[0226.805] SelectObject (hdc=0x9d0107bb, h=0x4a0507fe) returned 0x85000f
[0226.805] GdipCreateFromHDC (hdc=0x9d0107bb, graphics=0xd7e268) returned 0x0
[0226.806] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.806] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0226.806] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0226.806] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0226.806] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0226.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0226.806] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0226.806] LocalFree (hMem=0x11ee8d8) returned 0x0
[0226.806] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0226.806] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0226.806] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0226.806] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0226.806] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0226.806] GdipRestoreGraphics (graphics=0x6600030, state=0xf9740dbd) returned 0x0
[0226.806] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.806] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0226.807] GetCurrentObject (hdc=0x9d0107bb, type=0x1) returned 0xb00017
[0226.807] GetCurrentObject (hdc=0x9d0107bb, type=0x2) returned 0x900010
[0226.807] GetCurrentObject (hdc=0x9d0107bb, type=0x7) returned 0x4a0507fe
[0226.807] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.807] SaveDC (hdc=0x9d0107bb) returned 1
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0x696969) returned 0x696969
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0x0) returned 0x0
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0xffffff) returned 0xffffff
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0xe5e5e5) returned 0xe5e5e5
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0xd7d7d7) returned 0xd7d7d7
[0226.807] GetNearestColor (hdc=0x9d0107bb, color=0x0) returned 0x0
[0226.807] RestoreDC (hdc=0x9d0107bb, nSavedDC=-1) returned 1
[0226.808] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107bb) returned 0x0
[0226.808] IsAppThemed () returned 0x1
[0226.808] GetThemeAppProperties () returned 0x3
[0226.808] GetThemeAppProperties () returned 0x3
[0226.808] GdipGetImageWidth (image=0x66030e8, width=0xd7e168) returned 0x0
[0226.808] GdipGetImageHeight (image=0x66030e8, height=0xd7e168) returned 0x0
[0226.808] IsAppThemed () returned 0x1
[0226.808] GetThemeAppProperties () returned 0x3
[0226.808] GetThemeAppProperties () returned 0x3
[0226.808] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e93a44 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0226.808] IsAppThemed () returned 0x1
[0226.808] GetThemeAppProperties () returned 0x3
[0226.808] GetThemeAppProperties () returned 0x3
[0226.808] IsAppThemed () returned 0x1
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] GetFocus () returned 0x1e02d8
[0226.809] IsAppThemed () returned 0x1
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] IsAppThemed () returned 0x1
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] IsThemePartDefined () returned 0x1
[0226.809] IsAppThemed () returned 0x1
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0226.809] IsAppThemed () returned 0x1
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] GetThemeAppProperties () returned 0x3
[0226.809] IsAppThemed () returned 0x1
[0226.811] GetThemeAppProperties () returned 0x3
[0226.811] GetThemeAppProperties () returned 0x3
[0226.811] IsThemePartDefined () returned 0x1
[0226.811] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0226.811] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0226.811] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0226.811] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0226.811] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0226.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.812] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0226.812] LocalFree (hMem=0x11ee788) returned 0x0
[0226.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0226.812] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0226.812] LocalFree (hMem=0x11ee9f0) returned 0x0
[0226.812] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0226.812] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0226.812] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0226.812] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0226.812] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0226.812] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0226.812] GetCurrentObject (hdc=0x9d0107bb, type=0x1) returned 0xb00017
[0226.812] GetCurrentObject (hdc=0x9d0107bb, type=0x2) returned 0x900010
[0226.812] GetCurrentObject (hdc=0x9d0107bb, type=0x7) returned 0x4a0507fe
[0226.812] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.813] SaveDC (hdc=0x9d0107bb) returned 1
[0226.813] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x407de
[0226.813] GetClipRgn (hdc=0x9d0107bb, hrgn=0x407de) returned 0
[0226.813] SelectClipRgn (hdc=0x9d0107bb, hrgn=0x76040807) returned 2
[0226.813] DeleteObject (ho=0x407de) returned 1
[0226.813] DeleteObject (ho=0x76040807) returned 1
[0226.813] OffsetViewportOrgEx (in: hdc=0x9d0107bb, x=0, y=0, lppt=0x2e940f4 | out: lppt=0x2e940f4) returned 1
[0226.813] DrawThemeParentBackground () returned 0x0
[0226.813] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0226.813] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0226.813] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.813] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.813] GetSystemMetrics (nIndex=42) returned 0
[0226.813] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.813] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0226.814] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0226.814] GetCurrentObject (hdc=0x9d0107bb, type=0x1) returned 0xb00017
[0226.814] GetCurrentObject (hdc=0x9d0107bb, type=0x2) returned 0x900010
[0226.814] GetCurrentObject (hdc=0x9d0107bb, type=0x7) returned 0x4a0507fe
[0226.814] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.814] SaveDC (hdc=0x9d0107bb) returned 2
[0226.814] GetNearestColor (hdc=0x9d0107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.814] CreateSolidBrush (color=0xf0f0f0) returned 0x4c1007e1
[0226.814] FillRect (hDC=0x9d0107bb, lprc=0xd7da38, hbr=0x4c1007e1) returned 1
[0226.814] DeleteObject (ho=0x4c1007e1) returned 1
[0226.814] RestoreDC (hdc=0x9d0107bb, nSavedDC=-1) returned 1
[0226.814] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.814] GetSystemMetrics (nIndex=42) returned 0
[0226.814] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.814] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0226.815] GetCurrentObject (hdc=0x9d0107bb, type=0x1) returned 0xb00017
[0226.815] GetCurrentObject (hdc=0x9d0107bb, type=0x2) returned 0x900010
[0226.815] GetCurrentObject (hdc=0x9d0107bb, type=0x7) returned 0x4a0507fe
[0226.815] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.815] SaveDC (hdc=0x9d0107bb) returned 2
[0226.815] GetNearestColor (hdc=0x9d0107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.815] CreateSolidBrush (color=0xf0f0f0) returned 0x4d1007e1
[0226.815] FillRect (hDC=0x9d0107bb, lprc=0xd7d9d8, hbr=0x4d1007e1) returned 1
[0226.815] DeleteObject (ho=0x4d1007e1) returned 1
[0226.815] RestoreDC (hdc=0x9d0107bb, nSavedDC=-1) returned 1
[0226.815] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.815] GetSystemMetrics (nIndex=42) returned 0
[0226.815] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.815] RestoreDC (hdc=0x9d0107bb, nSavedDC=-1) returned 1
[0226.816] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107bb) returned 0x0
[0226.816] IsAppThemed () returned 0x1
[0226.816] GetThemeAppProperties () returned 0x3
[0226.816] GetThemeAppProperties () returned 0x3
[0226.816] IsAppThemed () returned 0x1
[0226.816] GetThemeAppProperties () returned 0x3
[0226.816] GetThemeAppProperties () returned 0x3
[0226.816] IsThemePartDefined () returned 0x1
[0226.816] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0226.816] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0226.816] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0226.816] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0226.816] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df74) returned 0x0
[0226.816] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0226.816] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.816] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0226.816] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.816] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0226.816] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0226.816] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0226.817] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0226.817] GdipDeleteRegion (region=0x6646058) returned 0x0
[0226.817] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0226.817] GetCurrentObject (hdc=0x9d0107bb, type=0x1) returned 0xb00017
[0226.817] GetCurrentObject (hdc=0x9d0107bb, type=0x2) returned 0x900010
[0226.817] GetCurrentObject (hdc=0x9d0107bb, type=0x7) returned 0x4a0507fe
[0226.817] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.817] SaveDC (hdc=0x9d0107bb) returned 1
[0226.817] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x77040807
[0226.817] GetClipRgn (hdc=0x9d0107bb, hrgn=0x77040807) returned 0
[0226.817] SelectClipRgn (hdc=0x9d0107bb, hrgn=0x20407de) returned 2
[0226.817] DeleteObject (ho=0x77040807) returned 1
[0226.817] DeleteObject (ho=0x20407de) returned 1
[0226.817] OffsetViewportOrgEx (in: hdc=0x9d0107bb, x=0, y=0, lppt=0x2e949a0 | out: lppt=0x2e949a0) returned 1
[0226.817] IsAppThemed () returned 0x1
[0226.817] GetThemeAppProperties () returned 0x3
[0226.817] GetThemeAppProperties () returned 0x3
[0226.817] DrawThemeBackground () returned 0x0
[0226.818] RestoreDC (hdc=0x9d0107bb, nSavedDC=-1) returned 1
[0226.818] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107bb) returned 0x0
[0226.818] GdipCreateRegion (region=0xd7df60) returned 0x0
[0226.818] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0226.818] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0226.818] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0226.818] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0226.818] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.818] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0226.818] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.818] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0226.818] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0226.818] LocalFree (hMem=0x11ee868) returned 0x0
[0226.818] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0226.818] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0226.818] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df90) returned 0x0
[0226.818] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0226.818] GdipDeleteRegion (region=0x6645128) returned 0x0
[0226.819] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0226.819] GetCurrentObject (hdc=0x9d0107bb, type=0x1) returned 0xb00017
[0226.819] GetCurrentObject (hdc=0x9d0107bb, type=0x2) returned 0x900010
[0226.819] GetCurrentObject (hdc=0x9d0107bb, type=0x7) returned 0x4a0507fe
[0226.819] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.819] SaveDC (hdc=0x9d0107bb) returned 1
[0226.819] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x30407de
[0226.819] GetClipRgn (hdc=0x9d0107bb, hrgn=0x30407de) returned 0
[0226.819] SelectClipRgn (hdc=0x9d0107bb, hrgn=0x78040807) returned 2
[0226.819] DeleteObject (ho=0x30407de) returned 1
[0226.819] DeleteObject (ho=0x78040807) returned 1
[0226.819] OffsetViewportOrgEx (in: hdc=0x9d0107bb, x=0, y=0, lppt=0x2e94c74 | out: lppt=0x2e94c74) returned 1
[0226.819] IsAppThemed () returned 0x1
[0226.819] GetThemeAppProperties () returned 0x3
[0226.819] GetThemeAppProperties () returned 0x3
[0226.819] GetThemeBackgroundContentRect () returned 0x0
[0226.819] RestoreDC (hdc=0x9d0107bb, nSavedDC=-1) returned 1
[0226.819] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107bb) returned 0x0
[0226.820] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0226.820] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0226.820] GdipCloneRegion (region=0x6645518, cloneRegion=0xd7e150) returned 0x0
[0226.820] GdipCombineRegionRectI (region=0x6645098, rect=0xd7e138, combineMode=0x1) returned 0x0
[0226.820] GdipCombineRegionRectI (region=0x6645098, rect=0xd7e138, combineMode=0x1) returned 0x0
[0226.820] GdipSetClipRegion (graphics=0x6600030, region=0x6645098, combineMode=0x0) returned 0x0
[0226.820] GdipGetImageWidth (image=0x66030e8, width=0xd7e154) returned 0x0
[0226.820] GdipGetImageHeight (image=0x66030e8, height=0xd7e148) returned 0x0
[0226.820] GdipDrawImageRectI (graphics=0x6600030, image=0x66030e8, x=4, y=4, width=16, height=16) returned 0x0
[0226.820] GdipSetClipRegion (graphics=0x6600030, region=0x6645518, combineMode=0x0) returned 0x0
[0226.820] IsAppThemed () returned 0x1
[0226.820] GetThemeAppProperties () returned 0x3
[0226.820] GetThemeAppProperties () returned 0x3
[0226.820] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0226.820] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0226.820] GetCurrentObject (hdc=0x9d0107bb, type=0x1) returned 0xb00017
[0226.820] GetCurrentObject (hdc=0x9d0107bb, type=0x2) returned 0x900010
[0226.820] GetCurrentObject (hdc=0x9d0107bb, type=0x7) returned 0x4a0507fe
[0226.821] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.821] SaveDC (hdc=0x9d0107bb) returned 1
[0226.821] GetTextAlign (hdc=0x9d0107bb) returned 0x0
[0226.821] GetTextColor (hdc=0x9d0107bb) returned 0x0
[0226.821] GetCurrentObject (hdc=0x9d0107bb, type=0x6) returned 0x8a01c2
[0226.821] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0226.821] SelectObject (hdc=0x9d0107bb, h=0x6d0a0520) returned 0x8a01c2
[0226.821] GetBkMode (hdc=0x9d0107bb) returned 2
[0226.821] SetBkMode (hdc=0x9d0107bb, mode=1) returned 2
[0226.821] DrawTextExW (in: hdc=0x9d0107bb, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e95034 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0226.822] DrawTextExW (in: hdc=0x9d0107bb, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e95034 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0226.822] RestoreDC (hdc=0x9d0107bb, nSavedDC=-1) returned 1
[0226.822] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107bb) returned 0x0
[0226.822] GetFocus () returned 0x1e02d8
[0226.823] IsAppThemed () returned 0x1
[0226.823] GetThemeAppProperties () returned 0x3
[0226.823] GetThemeAppProperties () returned 0x3
[0226.823] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0226.823] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x9d0107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.823] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107bb) returned 0x0
[0226.823] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.823] SelectObject (hdc=0x9d0107bb, h=0x85000f) returned 0x4a0507fe
[0226.823] DeleteDC (hdc=0x9d0107bb) returned 1
[0226.823] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.824] EndPaint (hWnd=0x1e02d8, lpPaint=0xd7e24c) returned 1
[0226.824] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.824] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0226.824] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.824] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.824] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.824] BeginPaint (in: hWnd=0x1f00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0226.824] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.824] CreateCompatibleDC (hdc=0xc0107c5) returned 0x9f0107bb
[0226.824] SelectObject (hdc=0x9f0107bb, h=0x4a0507fe) returned 0x85000f
[0226.824] GdipCreateFromHDC (hdc=0x9f0107bb, graphics=0xd7e268) returned 0x0
[0226.825] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.825] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0226.825] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0226.825] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0226.825] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0226.862] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.862] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0226.862] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.862] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0226.862] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0226.862] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0226.862] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0226.862] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0226.862] GdipRestoreGraphics (graphics=0x6600030, state=0xf9720dbd) returned 0x0
[0226.862] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.862] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0226.863] GetCurrentObject (hdc=0x9f0107bb, type=0x1) returned 0xb00017
[0226.863] GetCurrentObject (hdc=0x9f0107bb, type=0x2) returned 0x900010
[0226.863] GetCurrentObject (hdc=0x9f0107bb, type=0x7) returned 0x4a0507fe
[0226.863] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.863] SaveDC (hdc=0x9f0107bb) returned 1
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0x696969) returned 0x696969
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0x0) returned 0x0
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0xffffff) returned 0xffffff
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0xe5e5e5) returned 0xe5e5e5
[0226.863] GetNearestColor (hdc=0x9f0107bb, color=0xd7d7d7) returned 0xd7d7d7
[0226.864] GetNearestColor (hdc=0x9f0107bb, color=0x0) returned 0x0
[0226.864] RestoreDC (hdc=0x9f0107bb, nSavedDC=-1) returned 1
[0226.864] GdipReleaseDC (graphics=0x6600030, hdc=0x9f0107bb) returned 0x0
[0226.864] IsAppThemed () returned 0x1
[0226.864] GetThemeAppProperties () returned 0x3
[0226.864] GetThemeAppProperties () returned 0x3
[0226.864] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0226.864] SendMessageW (hWnd=0x1102d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0226.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0226.864] IsAppThemed () returned 0x1
[0226.864] GetThemeAppProperties () returned 0x3
[0226.864] GetThemeAppProperties () returned 0x3
[0226.864] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2e95844 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0226.865] IsAppThemed () returned 0x1
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] IsAppThemed () returned 0x1
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] GetFocus () returned 0x1e02d8
[0226.865] IsAppThemed () returned 0x1
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] IsAppThemed () returned 0x1
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] IsThemePartDefined () returned 0x1
[0226.865] IsAppThemed () returned 0x1
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] GetThemeAppProperties () returned 0x3
[0226.865] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0226.865] IsAppThemed () returned 0x1
[0226.866] GetThemeAppProperties () returned 0x3
[0226.866] GetThemeAppProperties () returned 0x3
[0226.866] IsAppThemed () returned 0x1
[0226.866] GetThemeAppProperties () returned 0x3
[0226.866] GetThemeAppProperties () returned 0x3
[0226.866] IsThemePartDefined () returned 0x1
[0226.866] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0226.866] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0226.866] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0226.866] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0226.866] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0226.866] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0226.866] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0226.866] LocalFree (hMem=0x11ee9f0) returned 0x0
[0226.866] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.866] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0226.866] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.866] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0226.867] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e018) returned 0x0
[0226.867] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e008) returned 0x0
[0226.867] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0226.867] GdipDeleteRegion (region=0x6646058) returned 0x0
[0226.867] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0226.867] GetCurrentObject (hdc=0x9f0107bb, type=0x1) returned 0xb00017
[0226.867] GetCurrentObject (hdc=0x9f0107bb, type=0x2) returned 0x900010
[0226.867] GetCurrentObject (hdc=0x9f0107bb, type=0x7) returned 0x4a0507fe
[0226.867] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.867] SaveDC (hdc=0x9f0107bb) returned 1
[0226.867] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x79040807
[0226.867] GetClipRgn (hdc=0x9f0107bb, hrgn=0x79040807) returned 0
[0226.867] SelectClipRgn (hdc=0x9f0107bb, hrgn=0x70407de) returned 2
[0226.867] DeleteObject (ho=0x79040807) returned 1
[0226.868] DeleteObject (ho=0x70407de) returned 1
[0226.868] OffsetViewportOrgEx (in: hdc=0x9f0107bb, x=0, y=0, lppt=0x2e95ef4 | out: lppt=0x2e95ef4) returned 1
[0226.868] DrawThemeParentBackground () returned 0x0
[0226.868] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0226.868] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0226.868] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.868] GetSystemMetrics (nIndex=42) returned 0
[0226.868] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0226.868] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0226.868] GetCurrentObject (hdc=0x9f0107bb, type=0x1) returned 0xb00017
[0226.868] GetCurrentObject (hdc=0x9f0107bb, type=0x2) returned 0x900010
[0226.868] GetCurrentObject (hdc=0x9f0107bb, type=0x7) returned 0x4a0507fe
[0226.869] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.869] SaveDC (hdc=0x9f0107bb) returned 2
[0226.869] GetNearestColor (hdc=0x9f0107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.869] CreateSolidBrush (color=0xf0f0f0) returned 0x4e1007e1
[0226.869] FillRect (hDC=0x9f0107bb, lprc=0xd7da38, hbr=0x4e1007e1) returned 1
[0226.869] DeleteObject (ho=0x4e1007e1) returned 1
[0226.869] RestoreDC (hdc=0x9f0107bb, nSavedDC=-1) returned 1
[0226.869] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.869] GetSystemMetrics (nIndex=42) returned 0
[0226.869] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.869] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0226.869] GetCurrentObject (hdc=0x9f0107bb, type=0x1) returned 0xb00017
[0226.869] GetCurrentObject (hdc=0x9f0107bb, type=0x2) returned 0x900010
[0226.870] GetCurrentObject (hdc=0x9f0107bb, type=0x7) returned 0x4a0507fe
[0226.870] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.870] SaveDC (hdc=0x9f0107bb) returned 2
[0226.870] GetNearestColor (hdc=0x9f0107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.870] CreateSolidBrush (color=0xf0f0f0) returned 0x4f1007e1
[0226.870] FillRect (hDC=0x9f0107bb, lprc=0xd7d9d8, hbr=0x4f1007e1) returned 1
[0226.870] DeleteObject (ho=0x4f1007e1) returned 1
[0226.870] RestoreDC (hdc=0x9f0107bb, nSavedDC=-1) returned 1
[0226.870] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.870] GetSystemMetrics (nIndex=42) returned 0
[0226.870] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.871] RestoreDC (hdc=0x9f0107bb, nSavedDC=-1) returned 1
[0226.871] GdipReleaseDC (graphics=0x6600030, hdc=0x9f0107bb) returned 0x0
[0226.871] IsAppThemed () returned 0x1
[0226.871] GetThemeAppProperties () returned 0x3
[0226.871] GetThemeAppProperties () returned 0x3
[0226.871] IsAppThemed () returned 0x1
[0226.871] GetThemeAppProperties () returned 0x3
[0226.871] GetThemeAppProperties () returned 0x3
[0226.871] IsThemePartDefined () returned 0x1
[0226.871] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0226.871] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0226.871] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0226.871] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0226.871] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df74) returned 0x0
[0226.871] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0226.871] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0226.871] LocalFree (hMem=0x11ee9f0) returned 0x0
[0226.872] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.872] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0226.872] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.872] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0226.878] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0226.878] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0226.878] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0226.878] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.878] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0226.878] GetCurrentObject (hdc=0x9f0107bb, type=0x1) returned 0xb00017
[0226.878] GetCurrentObject (hdc=0x9f0107bb, type=0x2) returned 0x900010
[0226.878] GetCurrentObject (hdc=0x9f0107bb, type=0x7) returned 0x4a0507fe
[0226.878] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.878] SaveDC (hdc=0x9f0107bb) returned 1
[0226.878] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x80407de
[0226.878] GetClipRgn (hdc=0x9f0107bb, hrgn=0x80407de) returned 0
[0226.878] SelectClipRgn (hdc=0x9f0107bb, hrgn=0x7b040807) returned 2
[0226.879] DeleteObject (ho=0x80407de) returned 1
[0226.879] DeleteObject (ho=0x7b040807) returned 1
[0226.879] OffsetViewportOrgEx (in: hdc=0x9f0107bb, x=0, y=0, lppt=0x2e967a0 | out: lppt=0x2e967a0) returned 1
[0226.879] IsAppThemed () returned 0x1
[0226.879] GetThemeAppProperties () returned 0x3
[0226.879] GetThemeAppProperties () returned 0x3
[0226.879] DrawThemeBackground () returned 0x0
[0226.879] RestoreDC (hdc=0x9f0107bb, nSavedDC=-1) returned 1
[0226.879] GdipReleaseDC (graphics=0x6600030, hdc=0x9f0107bb) returned 0x0
[0226.879] GdipCreateRegion (region=0xd7df60) returned 0x0
[0226.879] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0226.879] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0226.879] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0226.879] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df78) returned 0x0
[0226.879] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0226.879] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0226.880] LocalFree (hMem=0x11ee8d8) returned 0x0
[0226.880] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.880] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0226.880] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.880] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0226.880] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0226.880] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df90) returned 0x0
[0226.880] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0226.880] GdipDeleteRegion (region=0x6646178) returned 0x0
[0226.880] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0226.880] GetCurrentObject (hdc=0x9f0107bb, type=0x1) returned 0xb00017
[0226.880] GetCurrentObject (hdc=0x9f0107bb, type=0x2) returned 0x900010
[0226.880] GetCurrentObject (hdc=0x9f0107bb, type=0x7) returned 0x4a0507fe
[0226.880] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.880] SaveDC (hdc=0x9f0107bb) returned 1
[0226.880] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c040807
[0226.881] GetClipRgn (hdc=0x9f0107bb, hrgn=0x7c040807) returned 0
[0226.881] SelectClipRgn (hdc=0x9f0107bb, hrgn=0x90407de) returned 2
[0226.881] DeleteObject (ho=0x7c040807) returned 1
[0226.881] DeleteObject (ho=0x90407de) returned 1
[0226.881] OffsetViewportOrgEx (in: hdc=0x9f0107bb, x=0, y=0, lppt=0x2e96a74 | out: lppt=0x2e96a74) returned 1
[0226.881] IsAppThemed () returned 0x1
[0226.881] GetThemeAppProperties () returned 0x3
[0226.881] GetThemeAppProperties () returned 0x3
[0226.881] GetThemeBackgroundContentRect () returned 0x0
[0226.881] RestoreDC (hdc=0x9f0107bb, nSavedDC=-1) returned 1
[0226.881] GdipReleaseDC (graphics=0x6600030, hdc=0x9f0107bb) returned 0x0
[0226.881] IsAppThemed () returned 0x1
[0226.881] GetThemeAppProperties () returned 0x3
[0226.881] GetThemeAppProperties () returned 0x3
[0226.881] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0226.881] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0226.881] GetCurrentObject (hdc=0x9f0107bb, type=0x1) returned 0xb00017
[0226.881] GetCurrentObject (hdc=0x9f0107bb, type=0x2) returned 0x900010
[0226.882] GetCurrentObject (hdc=0x9f0107bb, type=0x7) returned 0x4a0507fe
[0226.882] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.882] SaveDC (hdc=0x9f0107bb) returned 1
[0226.882] GetTextAlign (hdc=0x9f0107bb) returned 0x0
[0226.882] GetTextColor (hdc=0x9f0107bb) returned 0x0
[0226.882] GetCurrentObject (hdc=0x9f0107bb, type=0x6) returned 0x8a01c2
[0226.882] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0226.882] SelectObject (hdc=0x9f0107bb, h=0x6d0a0520) returned 0x8a01c2
[0226.882] GetBkMode (hdc=0x9f0107bb) returned 2
[0226.882] SetBkMode (hdc=0x9f0107bb, mode=1) returned 2
[0226.882] DrawTextExW (in: hdc=0x9f0107bb, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2e96e14 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0226.883] DrawTextExW (in: hdc=0x9f0107bb, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e96e14 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0226.883] RestoreDC (hdc=0x9f0107bb, nSavedDC=-1) returned 1
[0226.883] GdipReleaseDC (graphics=0x6600030, hdc=0x9f0107bb) returned 0x0
[0226.883] GetFocus () returned 0x1e02d8
[0226.883] IsAppThemed () returned 0x1
[0226.883] GetThemeAppProperties () returned 0x3
[0226.883] GetThemeAppProperties () returned 0x3
[0226.883] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0226.883] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x9f0107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.883] GdipReleaseDC (graphics=0x6600030, hdc=0x9f0107bb) returned 0x0
[0226.884] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.884] SelectObject (hdc=0x9f0107bb, h=0x85000f) returned 0x4a0507fe
[0226.884] DeleteDC (hdc=0x9f0107bb) returned 1
[0226.884] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.884] EndPaint (hWnd=0x1f00ea, lpPaint=0xd7e24c) returned 1
[0226.884] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0226.885] IsWindowUnicode (hWnd=0x30122) returned 1
[0226.885] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0226.886] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.886] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.886] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0226.887] IsWindowUnicode (hWnd=0x30122) returned 1
[0226.887] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.888] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.888] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.888] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.889] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0226.889] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0226.889] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.889] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.889] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.889] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.889] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0226.889] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0226.889] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0226.890] SetCursor (hCursor=0x10003) returned 0x10003
[0226.890] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.890] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.890] _TrackMouseEvent (in: lpEventTrack=0x2e96f10 | out: lpEventTrack=0x2e96f10) returned 1
[0226.890] SendMessageW (hWnd=0x1f00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0226.890] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0226.890] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0226.890] GetKeyState (nVirtKey=1) returned 0
[0226.890] GetKeyState (nVirtKey=2) returned 0
[0226.890] GetKeyState (nVirtKey=4) returned 0
[0226.890] GetKeyState (nVirtKey=5) returned 0
[0226.890] GetKeyState (nVirtKey=6) returned 0
[0226.890] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.891] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0226.891] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.891] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.891] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.891] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.892] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0226.892] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.892] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.892] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.892] BeginPaint (in: hWnd=0x1f00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0226.892] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.892] CreateCompatibleDC (hdc=0xc0107c5) returned 0xa00107bb
[0226.892] SelectObject (hdc=0xa00107bb, h=0x4a0507fe) returned 0x85000f
[0226.892] GdipCreateFromHDC (hdc=0xa00107bb, graphics=0xd7e268) returned 0x0
[0226.893] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.893] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0226.893] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0226.893] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0226.893] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0226.893] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0226.893] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0226.893] LocalFree (hMem=0x11ee868) returned 0x0
[0226.893] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0226.893] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0226.893] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0226.893] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0226.893] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0226.893] GdipRestoreGraphics (graphics=0x6600030, state=0xf9700dbd) returned 0x0
[0226.893] GdipDeleteRegion (region=0x6645878) returned 0x0
[0226.893] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0226.894] GetCurrentObject (hdc=0xa00107bb, type=0x1) returned 0xb00017
[0226.894] GetCurrentObject (hdc=0xa00107bb, type=0x2) returned 0x900010
[0226.894] GetCurrentObject (hdc=0xa00107bb, type=0x7) returned 0x4a0507fe
[0226.894] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.894] SaveDC (hdc=0xa00107bb) returned 1
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0x696969) returned 0x696969
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0x0) returned 0x0
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0xffffff) returned 0xffffff
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0xe5e5e5) returned 0xe5e5e5
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0xd7d7d7) returned 0xd7d7d7
[0226.894] GetNearestColor (hdc=0xa00107bb, color=0x0) returned 0x0
[0226.894] RestoreDC (hdc=0xa00107bb, nSavedDC=-1) returned 1
[0226.894] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107bb) returned 0x0
[0226.895] IsAppThemed () returned 0x1
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] IsAppThemed () returned 0x1
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e97670 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0226.895] IsAppThemed () returned 0x1
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] IsAppThemed () returned 0x1
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] GetThemeAppProperties () returned 0x3
[0226.895] IsAppThemed () returned 0x1
[0226.895] GetThemeAppProperties () returned 0x3
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] IsAppThemed () returned 0x1
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] IsThemePartDefined () returned 0x1
[0226.896] IsAppThemed () returned 0x1
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0226.896] IsAppThemed () returned 0x1
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] IsAppThemed () returned 0x1
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] GetThemeAppProperties () returned 0x3
[0226.896] IsThemePartDefined () returned 0x1
[0226.896] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0226.896] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0226.896] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0226.897] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0226.897] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfe4) returned 0x0
[0226.897] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0226.897] LocalFree (hMem=0x11ee788) returned 0x0
[0226.897] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0226.897] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.897] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0226.897] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0226.897] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0226.897] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0226.897] GdipDeleteRegion (region=0x6645908) returned 0x0
[0226.897] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0226.897] GetCurrentObject (hdc=0xa00107bb, type=0x1) returned 0xb00017
[0226.897] GetCurrentObject (hdc=0xa00107bb, type=0x2) returned 0x900010
[0226.897] GetCurrentObject (hdc=0xa00107bb, type=0x7) returned 0x4a0507fe
[0226.897] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.897] SaveDC (hdc=0xa00107bb) returned 1
[0226.897] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa0407de
[0226.898] GetClipRgn (hdc=0xa00107bb, hrgn=0xa0407de) returned 0
[0226.898] SelectClipRgn (hdc=0xa00107bb, hrgn=0x80040807) returned 2
[0226.898] DeleteObject (ho=0xa0407de) returned 1
[0226.898] DeleteObject (ho=0x80040807) returned 1
[0226.898] OffsetViewportOrgEx (in: hdc=0xa00107bb, x=0, y=0, lppt=0x2e97d20 | out: lppt=0x2e97d20) returned 1
[0226.898] DrawThemeParentBackground () returned 0x0
[0226.898] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0226.898] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0226.898] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.898] GetSystemMetrics (nIndex=42) returned 0
[0226.898] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0226.898] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0226.898] GetCurrentObject (hdc=0xa00107bb, type=0x1) returned 0xb00017
[0226.898] GetCurrentObject (hdc=0xa00107bb, type=0x2) returned 0x900010
[0226.898] GetCurrentObject (hdc=0xa00107bb, type=0x7) returned 0x4a0507fe
[0226.899] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.899] SaveDC (hdc=0xa00107bb) returned 2
[0226.899] GetNearestColor (hdc=0xa00107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.899] CreateSolidBrush (color=0xf0f0f0) returned 0x501007e1
[0226.899] FillRect (hDC=0xa00107bb, lprc=0xd7da30, hbr=0x501007e1) returned 1
[0226.899] DeleteObject (ho=0x501007e1) returned 1
[0226.899] RestoreDC (hdc=0xa00107bb, nSavedDC=-1) returned 1
[0226.899] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.899] GetSystemMetrics (nIndex=42) returned 0
[0226.899] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.899] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0226.899] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0226.899] GetCurrentObject (hdc=0xa00107bb, type=0x1) returned 0xb00017
[0226.899] GetCurrentObject (hdc=0xa00107bb, type=0x2) returned 0x900010
[0226.899] GetCurrentObject (hdc=0xa00107bb, type=0x7) returned 0x4a0507fe
[0226.900] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.900] SaveDC (hdc=0xa00107bb) returned 2
[0226.900] GetNearestColor (hdc=0xa00107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.900] CreateSolidBrush (color=0xf0f0f0) returned 0x511007e1
[0226.900] FillRect (hDC=0xa00107bb, lprc=0xd7d9d0, hbr=0x511007e1) returned 1
[0226.900] DeleteObject (ho=0x511007e1) returned 1
[0226.900] RestoreDC (hdc=0xa00107bb, nSavedDC=-1) returned 1
[0226.900] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.900] GetSystemMetrics (nIndex=42) returned 0
[0226.900] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0226.901] RestoreDC (hdc=0xa00107bb, nSavedDC=-1) returned 1
[0226.901] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107bb) returned 0x0
[0226.901] IsAppThemed () returned 0x1
[0226.901] GetThemeAppProperties () returned 0x3
[0226.901] GetThemeAppProperties () returned 0x3
[0226.901] IsAppThemed () returned 0x1
[0226.901] GetThemeAppProperties () returned 0x3
[0226.901] GetThemeAppProperties () returned 0x3
[0226.901] IsThemePartDefined () returned 0x1
[0226.901] GdipCreateRegion (region=0xd7df50) returned 0x0
[0226.901] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0226.901] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0226.901] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0226.901] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df68) returned 0x0
[0226.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.901] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0226.901] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0226.901] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0226.902] LocalFree (hMem=0x11eea28) returned 0x0
[0226.902] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0226.902] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df90) returned 0x0
[0226.902] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df80) returned 0x0
[0226.902] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0226.902] GdipDeleteRegion (region=0x6645128) returned 0x0
[0226.902] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0226.902] GetCurrentObject (hdc=0xa00107bb, type=0x1) returned 0xb00017
[0226.902] GetCurrentObject (hdc=0xa00107bb, type=0x2) returned 0x900010
[0226.902] GetCurrentObject (hdc=0xa00107bb, type=0x7) returned 0x4a0507fe
[0226.902] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.902] SaveDC (hdc=0xa00107bb) returned 1
[0226.902] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x81040807
[0226.902] GetClipRgn (hdc=0xa00107bb, hrgn=0x81040807) returned 0
[0226.902] SelectClipRgn (hdc=0xa00107bb, hrgn=0xc0407de) returned 2
[0226.903] DeleteObject (ho=0x81040807) returned 1
[0226.903] DeleteObject (ho=0xc0407de) returned 1
[0226.903] OffsetViewportOrgEx (in: hdc=0xa00107bb, x=0, y=0, lppt=0x2e985cc | out: lppt=0x2e985cc) returned 1
[0226.903] IsAppThemed () returned 0x1
[0226.903] GetThemeAppProperties () returned 0x3
[0226.903] GetThemeAppProperties () returned 0x3
[0226.903] DrawThemeBackground () returned 0x0
[0226.903] RestoreDC (hdc=0xa00107bb, nSavedDC=-1) returned 1
[0226.909] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107bb) returned 0x0
[0226.909] GdipCreateRegion (region=0xd7df54) returned 0x0
[0226.909] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0226.909] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0226.909] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0226.910] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df6c) returned 0x0
[0226.910] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.910] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0226.910] LocalFree (hMem=0x11ee788) returned 0x0
[0226.910] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0226.910] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea98) returned 0x0
[0226.910] LocalFree (hMem=0x11eea98) returned 0x0
[0226.910] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0226.910] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df94) returned 0x0
[0226.910] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df84) returned 0x0
[0226.910] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0226.910] GdipDeleteRegion (region=0x6646058) returned 0x0
[0226.910] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0226.910] GetCurrentObject (hdc=0xa00107bb, type=0x1) returned 0xb00017
[0226.910] GetCurrentObject (hdc=0xa00107bb, type=0x2) returned 0x900010
[0226.910] GetCurrentObject (hdc=0xa00107bb, type=0x7) returned 0x4a0507fe
[0226.910] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.911] SaveDC (hdc=0xa00107bb) returned 1
[0226.911] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd0407de
[0226.911] GetClipRgn (hdc=0xa00107bb, hrgn=0xd0407de) returned 0
[0226.911] SelectClipRgn (hdc=0xa00107bb, hrgn=0x82040807) returned 2
[0226.911] DeleteObject (ho=0xd0407de) returned 1
[0226.911] DeleteObject (ho=0x82040807) returned 1
[0226.911] OffsetViewportOrgEx (in: hdc=0xa00107bb, x=0, y=0, lppt=0x2e988a0 | out: lppt=0x2e988a0) returned 1
[0226.911] IsAppThemed () returned 0x1
[0226.911] GetThemeAppProperties () returned 0x3
[0226.911] GetThemeAppProperties () returned 0x3
[0226.911] GetThemeBackgroundContentRect () returned 0x0
[0226.911] RestoreDC (hdc=0xa00107bb, nSavedDC=-1) returned 1
[0226.911] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107bb) returned 0x0
[0226.911] IsAppThemed () returned 0x1
[0226.912] GetThemeAppProperties () returned 0x3
[0226.912] GetThemeAppProperties () returned 0x3
[0226.912] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0226.912] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0226.912] GetCurrentObject (hdc=0xa00107bb, type=0x1) returned 0xb00017
[0226.912] GetCurrentObject (hdc=0xa00107bb, type=0x2) returned 0x900010
[0226.912] GetCurrentObject (hdc=0xa00107bb, type=0x7) returned 0x4a0507fe
[0226.912] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.912] SaveDC (hdc=0xa00107bb) returned 1
[0226.912] GetTextAlign (hdc=0xa00107bb) returned 0x0
[0226.912] GetTextColor (hdc=0xa00107bb) returned 0x0
[0226.912] GetCurrentObject (hdc=0xa00107bb, type=0x6) returned 0x8a01c2
[0226.912] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0226.912] SelectObject (hdc=0xa00107bb, h=0x6d0a0520) returned 0x8a01c2
[0226.912] GetBkMode (hdc=0xa00107bb) returned 2
[0226.913] SetBkMode (hdc=0xa00107bb, mode=1) returned 2
[0226.913] DrawTextExW (in: hdc=0xa00107bb, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e98c40 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0226.913] DrawTextExW (in: hdc=0xa00107bb, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e98c40 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0226.913] RestoreDC (hdc=0xa00107bb, nSavedDC=-1) returned 1
[0226.913] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107bb) returned 0x0
[0226.913] GetFocus () returned 0x1e02d8
[0226.913] IsAppThemed () returned 0x1
[0226.913] GetThemeAppProperties () returned 0x3
[0226.914] GetThemeAppProperties () returned 0x3
[0226.914] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0226.914] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xa00107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.914] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107bb) returned 0x0
[0226.914] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.914] SelectObject (hdc=0xa00107bb, h=0x85000f) returned 0x4a0507fe
[0226.914] DeleteDC (hdc=0xa00107bb) returned 1
[0226.914] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.914] EndPaint (hWnd=0x1f00ea, lpPaint=0xd7e24c) returned 1
[0226.915] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.915] IsWindowUnicode (hWnd=0x1c02dc) returned 1
[0226.915] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.915] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.915] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.915] BeginPaint (in: hWnd=0x1c02dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0226.915] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.915] CreateCompatibleDC (hdc=0x10105d6) returned 0xa20107bb
[0226.915] SelectObject (hdc=0xa20107bb, h=0x4a0507fe) returned 0x85000f
[0226.915] GdipCreateFromHDC (hdc=0xa20107bb, graphics=0xd7e268) returned 0x0
[0226.916] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.916] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0226.916] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0226.916] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0226.916] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0226.916] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.916] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0226.916] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.916] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0226.916] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0226.916] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0226.916] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0226.916] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0226.916] GdipRestoreGraphics (graphics=0x6600030, state=0xf96e0dbd) returned 0x0
[0226.916] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.916] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0226.916] GetCurrentObject (hdc=0xa20107bb, type=0x1) returned 0xb00017
[0226.916] GetCurrentObject (hdc=0xa20107bb, type=0x2) returned 0x900010
[0226.917] GetCurrentObject (hdc=0xa20107bb, type=0x7) returned 0x4a0507fe
[0226.917] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.917] SaveDC (hdc=0xa20107bb) returned 1
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0x696969) returned 0x696969
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0xa0a0a0) returned 0xa0a0a0
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0x0) returned 0x0
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0xffffff) returned 0xffffff
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0xe5e5e5) returned 0xe5e5e5
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0xd7d7d7) returned 0xd7d7d7
[0226.917] GetNearestColor (hdc=0xa20107bb, color=0x0) returned 0x0
[0226.917] RestoreDC (hdc=0xa20107bb, nSavedDC=-1) returned 1
[0226.918] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107bb) returned 0x0
[0226.918] IsAppThemed () returned 0x1
[0226.918] GetThemeAppProperties () returned 0x3
[0226.918] GetThemeAppProperties () returned 0x3
[0226.918] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0226.918] SendMessageW (hWnd=0x1102d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0226.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0226.918] IsAppThemed () returned 0x1
[0226.918] GetThemeAppProperties () returned 0x3
[0226.918] GetThemeAppProperties () returned 0x3
[0226.918] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e99450 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0226.918] IsAppThemed () returned 0x1
[0226.918] GetThemeAppProperties () returned 0x3
[0226.918] GetThemeAppProperties () returned 0x3
[0226.918] IsAppThemed () returned 0x1
[0226.919] GetThemeAppProperties () returned 0x3
[0226.919] GetThemeAppProperties () returned 0x3
[0226.919] GetFocus () returned 0x1e02d8
[0226.919] IsAppThemed () returned 0x1
[0226.919] GetThemeAppProperties () returned 0x3
[0226.919] GetThemeAppProperties () returned 0x3
[0226.919] IsAppThemed () returned 0x1
[0226.919] GetThemeAppProperties () returned 0x3
[0226.920] GetThemeAppProperties () returned 0x3
[0226.920] IsThemePartDefined () returned 0x1
[0226.920] IsAppThemed () returned 0x1
[0226.920] GetThemeAppProperties () returned 0x3
[0226.920] GetThemeAppProperties () returned 0x3
[0226.920] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0226.920] IsAppThemed () returned 0x1
[0226.920] GetThemeAppProperties () returned 0x3
[0226.920] GetThemeAppProperties () returned 0x3
[0226.920] IsAppThemed () returned 0x1
[0226.920] GetThemeAppProperties () returned 0x3
[0226.920] GetThemeAppProperties () returned 0x3
[0226.920] IsThemePartDefined () returned 0x1
[0226.920] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0226.920] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0226.920] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0226.920] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0226.920] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dff0) returned 0x0
[0226.920] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.920] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0226.921] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.921] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0226.921] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0226.921] LocalFree (hMem=0x11ee9f0) returned 0x0
[0226.921] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0226.921] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e018) returned 0x0
[0226.921] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e008) returned 0x0
[0226.921] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0226.921] GdipDeleteRegion (region=0x6646058) returned 0x0
[0226.921] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0226.921] GetCurrentObject (hdc=0xa20107bb, type=0x1) returned 0xb00017
[0226.921] GetCurrentObject (hdc=0xa20107bb, type=0x2) returned 0x900010
[0226.921] GetCurrentObject (hdc=0xa20107bb, type=0x7) returned 0x4a0507fe
[0226.921] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.921] SaveDC (hdc=0xa20107bb) returned 1
[0226.921] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x83040807
[0226.921] GetClipRgn (hdc=0xa20107bb, hrgn=0x83040807) returned 0
[0226.922] SelectClipRgn (hdc=0xa20107bb, hrgn=0x110407de) returned 2
[0226.922] DeleteObject (ho=0x83040807) returned 1
[0226.922] DeleteObject (ho=0x110407de) returned 1
[0226.922] OffsetViewportOrgEx (in: hdc=0xa20107bb, x=0, y=0, lppt=0x2e99b00 | out: lppt=0x2e99b00) returned 1
[0226.922] DrawThemeParentBackground () returned 0x0
[0226.922] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0226.922] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0226.922] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.922] GetSystemMetrics (nIndex=42) returned 0
[0226.922] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0226.922] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0226.922] GetCurrentObject (hdc=0xa20107bb, type=0x1) returned 0xb00017
[0226.922] GetCurrentObject (hdc=0xa20107bb, type=0x2) returned 0x900010
[0226.923] GetCurrentObject (hdc=0xa20107bb, type=0x7) returned 0x4a0507fe
[0226.923] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.923] SaveDC (hdc=0xa20107bb) returned 2
[0226.923] GetNearestColor (hdc=0xa20107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.923] CreateSolidBrush (color=0xf0f0f0) returned 0x521007e1
[0226.923] FillRect (hDC=0xa20107bb, lprc=0xd7da38, hbr=0x521007e1) returned 1
[0226.923] DeleteObject (ho=0x521007e1) returned 1
[0226.923] RestoreDC (hdc=0xa20107bb, nSavedDC=-1) returned 1
[0226.923] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.923] GetSystemMetrics (nIndex=42) returned 0
[0226.923] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.923] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0226.923] GetCurrentObject (hdc=0xa20107bb, type=0x1) returned 0xb00017
[0226.923] GetCurrentObject (hdc=0xa20107bb, type=0x2) returned 0x900010
[0226.923] GetCurrentObject (hdc=0xa20107bb, type=0x7) returned 0x4a0507fe
[0226.924] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.924] SaveDC (hdc=0xa20107bb) returned 2
[0226.924] GetNearestColor (hdc=0xa20107bb, color=0xf0f0f0) returned 0xf0f0f0
[0226.924] CreateSolidBrush (color=0xf0f0f0) returned 0x531007e1
[0226.924] FillRect (hDC=0xa20107bb, lprc=0xd7d9d8, hbr=0x531007e1) returned 1
[0226.924] DeleteObject (ho=0x531007e1) returned 1
[0226.924] RestoreDC (hdc=0xa20107bb, nSavedDC=-1) returned 1
[0226.924] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0226.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.924] GetSystemMetrics (nIndex=42) returned 0
[0226.924] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.924] RestoreDC (hdc=0xa20107bb, nSavedDC=-1) returned 1
[0226.924] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107bb) returned 0x0
[0226.925] IsAppThemed () returned 0x1
[0226.925] GetThemeAppProperties () returned 0x3
[0226.925] GetThemeAppProperties () returned 0x3
[0226.925] IsAppThemed () returned 0x1
[0226.925] GetThemeAppProperties () returned 0x3
[0226.925] GetThemeAppProperties () returned 0x3
[0226.925] IsThemePartDefined () returned 0x1
[0226.925] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0226.925] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0226.925] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0226.925] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0226.925] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0226.925] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.925] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0226.925] LocalFree (hMem=0x11ee788) returned 0x0
[0226.925] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.925] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0226.925] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.925] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0226.926] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0226.926] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0226.926] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0226.926] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0226.926] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0226.926] GetCurrentObject (hdc=0xa20107bb, type=0x1) returned 0xb00017
[0226.926] GetCurrentObject (hdc=0xa20107bb, type=0x2) returned 0x900010
[0226.926] GetCurrentObject (hdc=0xa20107bb, type=0x7) returned 0x4a0507fe
[0226.926] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.926] SaveDC (hdc=0xa20107bb) returned 1
[0226.926] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x120407de
[0226.926] GetClipRgn (hdc=0xa20107bb, hrgn=0x120407de) returned 0
[0226.926] SelectClipRgn (hdc=0xa20107bb, hrgn=0x85040807) returned 2
[0226.926] DeleteObject (ho=0x120407de) returned 1
[0226.926] DeleteObject (ho=0x85040807) returned 1
[0226.926] OffsetViewportOrgEx (in: hdc=0xa20107bb, x=0, y=0, lppt=0x2e9a3ac | out: lppt=0x2e9a3ac) returned 1
[0226.926] IsAppThemed () returned 0x1
[0226.927] GetThemeAppProperties () returned 0x3
[0226.927] GetThemeAppProperties () returned 0x3
[0226.927] DrawThemeBackground () returned 0x0
[0226.927] RestoreDC (hdc=0xa20107bb, nSavedDC=-1) returned 1
[0226.927] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107bb) returned 0x0
[0226.927] GdipCreateRegion (region=0xd7df60) returned 0x0
[0226.927] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0226.927] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0226.927] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0226.927] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0226.927] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.927] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0226.927] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.927] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.927] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0226.927] LocalFree (hMem=0x11ee788) returned 0x0
[0226.927] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0226.927] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0226.928] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7df90) returned 0x0
[0226.928] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0226.928] GdipDeleteRegion (region=0x6646058) returned 0x0
[0226.928] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0226.928] GetCurrentObject (hdc=0xa20107bb, type=0x1) returned 0xb00017
[0226.928] GetCurrentObject (hdc=0xa20107bb, type=0x2) returned 0x900010
[0226.928] GetCurrentObject (hdc=0xa20107bb, type=0x7) returned 0x4a0507fe
[0226.928] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.928] SaveDC (hdc=0xa20107bb) returned 1
[0226.928] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x86040807
[0226.928] GetClipRgn (hdc=0xa20107bb, hrgn=0x86040807) returned 0
[0226.928] SelectClipRgn (hdc=0xa20107bb, hrgn=0x130407de) returned 2
[0226.928] DeleteObject (ho=0x86040807) returned 1
[0226.928] DeleteObject (ho=0x130407de) returned 1
[0226.928] OffsetViewportOrgEx (in: hdc=0xa20107bb, x=0, y=0, lppt=0x2e9a680 | out: lppt=0x2e9a680) returned 1
[0226.928] IsAppThemed () returned 0x1
[0226.928] GetThemeAppProperties () returned 0x3
[0226.929] GetThemeAppProperties () returned 0x3
[0226.929] GetThemeBackgroundContentRect () returned 0x0
[0226.929] RestoreDC (hdc=0xa20107bb, nSavedDC=-1) returned 1
[0226.929] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107bb) returned 0x0
[0226.929] IsAppThemed () returned 0x1
[0226.929] GetThemeAppProperties () returned 0x3
[0226.929] GetThemeAppProperties () returned 0x3
[0226.929] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0226.929] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0226.929] GetCurrentObject (hdc=0xa20107bb, type=0x1) returned 0xb00017
[0226.929] GetCurrentObject (hdc=0xa20107bb, type=0x2) returned 0x900010
[0226.929] GetCurrentObject (hdc=0xa20107bb, type=0x7) returned 0x4a0507fe
[0226.929] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.929] SaveDC (hdc=0xa20107bb) returned 1
[0226.929] GetTextAlign (hdc=0xa20107bb) returned 0x0
[0226.929] GetTextColor (hdc=0xa20107bb) returned 0x0
[0226.929] GetCurrentObject (hdc=0xa20107bb, type=0x6) returned 0x8a01c2
[0226.929] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0226.930] SelectObject (hdc=0xa20107bb, h=0x6d0a0520) returned 0x8a01c2
[0226.930] GetBkMode (hdc=0xa20107bb) returned 2
[0226.930] SetBkMode (hdc=0xa20107bb, mode=1) returned 2
[0226.930] DrawTextExW (in: hdc=0xa20107bb, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e9aa20 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0226.930] DrawTextExW (in: hdc=0xa20107bb, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e9aa20 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0226.930] RestoreDC (hdc=0xa20107bb, nSavedDC=-1) returned 1
[0226.930] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107bb) returned 0x0
[0226.930] GetFocus () returned 0x1e02d8
[0226.931] IsAppThemed () returned 0x1
[0226.931] GetThemeAppProperties () returned 0x3
[0226.931] GetThemeAppProperties () returned 0x3
[0226.931] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0226.931] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xa20107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.931] GdipReleaseDC (graphics=0x6600030, hdc=0xa20107bb) returned 0x0
[0226.931] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.931] SelectObject (hdc=0xa20107bb, h=0x85000f) returned 0x4a0507fe
[0226.931] DeleteDC (hdc=0xa20107bb) returned 1
[0226.931] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.931] EndPaint (hWnd=0x1c02dc, lpPaint=0xd7e24c) returned 1
[0226.932] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.932] IsWindowUnicode (hWnd=0x602c4) returned 1
[0226.932] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0226.932] TranslateMessage (lpMsg=0xd7e808) returned 0
[0226.932] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0226.933] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0226.933] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.933] CreateCompatibleDC (hdc=0x60100ce) returned 0xa40107bb
[0226.933] SelectObject (hdc=0xa40107bb, h=0x4a0507fe) returned 0x85000f
[0226.933] GdipCreateFromHDC (hdc=0xa40107bb, graphics=0xd7e268) returned 0x0
[0226.933] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0226.933] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0226.933] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0226.933] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0226.933] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0226.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0226.933] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0226.934] LocalFree (hMem=0x11eecc8) returned 0x0
[0226.934] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0226.934] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0226.934] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0226.934] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0226.934] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0226.934] GdipRestoreGraphics (graphics=0x6600030, state=0xf96c0dbd) returned 0x0
[0226.934] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0226.934] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0226.934] GetCurrentObject (hdc=0xa40107bb, type=0x1) returned 0xb00017
[0226.934] GetCurrentObject (hdc=0xa40107bb, type=0x2) returned 0x900010
[0226.934] GetCurrentObject (hdc=0xa40107bb, type=0x7) returned 0x4a0507fe
[0226.941] GetCurrentObject (hdc=0xa40107bb, type=0x6) returned 0x8a01c2
[0226.941] SaveDC (hdc=0xa40107bb) returned 1
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0xff) returned 0xff
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0x55) returned 0x55
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0x0) returned 0x0
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0x55) returned 0x55
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0x0) returned 0x0
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0x8080ff) returned 0x8080ff
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0x7373e5) returned 0x7373e5
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0xe5) returned 0xe5
[0226.941] GetNearestColor (hdc=0xa40107bb, color=0x0) returned 0x0
[0226.941] RestoreDC (hdc=0xa40107bb, nSavedDC=-1) returned 1
[0226.941] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107bb) returned 0x0
[0226.942] IsAppThemed () returned 0x1
[0226.942] GetThemeAppProperties () returned 0x3
[0226.942] GetThemeAppProperties () returned 0x3
[0226.942] IsAppThemed () returned 0x1
[0226.942] GetThemeAppProperties () returned 0x3
[0226.942] GetThemeAppProperties () returned 0x3
[0226.942] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e9b1e8 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0226.942] IsAppThemed () returned 0x1
[0226.942] GetThemeAppProperties () returned 0x3
[0226.942] GetThemeAppProperties () returned 0x3
[0226.942] IsAppThemed () returned 0x1
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] GetFocus () returned 0x1e02d8
[0226.943] IsAppThemed () returned 0x1
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] IsAppThemed () returned 0x1
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] IsThemePartDefined () returned 0x1
[0226.943] IsAppThemed () returned 0x1
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0226.943] IsAppThemed () returned 0x1
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] IsAppThemed () returned 0x1
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] GetThemeAppProperties () returned 0x3
[0226.943] IsThemePartDefined () returned 0x1
[0226.943] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0226.944] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0226.944] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0226.944] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0226.944] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0226.944] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.944] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0226.944] LocalFree (hMem=0x11ee788) returned 0x0
[0226.944] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0226.944] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0226.944] LocalFree (hMem=0x11ee8d8) returned 0x0
[0226.944] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0226.944] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e018) returned 0x0
[0226.944] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e008) returned 0x0
[0226.944] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0226.944] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.944] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0226.944] GetCurrentObject (hdc=0xa40107bb, type=0x1) returned 0xb00017
[0226.945] GetCurrentObject (hdc=0xa40107bb, type=0x2) returned 0x900010
[0226.945] GetCurrentObject (hdc=0xa40107bb, type=0x7) returned 0x4a0507fe
[0226.945] GetCurrentObject (hdc=0xa40107bb, type=0x6) returned 0x8a01c2
[0226.945] SaveDC (hdc=0xa40107bb) returned 1
[0226.945] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x140407de
[0226.945] GetClipRgn (hdc=0xa40107bb, hrgn=0x140407de) returned 0
[0226.945] SelectClipRgn (hdc=0xa40107bb, hrgn=0x8a040807) returned 2
[0226.945] DeleteObject (ho=0x140407de) returned 1
[0226.945] DeleteObject (ho=0x8a040807) returned 1
[0226.945] OffsetViewportOrgEx (in: hdc=0xa40107bb, x=0, y=0, lppt=0x2e9b898 | out: lppt=0x2e9b898) returned 1
[0226.945] DrawThemeParentBackground () returned 0x0
[0226.945] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0226.945] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0226.945] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.946] GetSystemMetrics (nIndex=42) returned 0
[0226.946] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0226.946] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0226.946] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0226.946] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0226.946] SelectPalette (hdc=0xa40107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.946] GdipCreateFromHDC (hdc=0xa40107bb, graphics=0xd7dac8) returned 0x0
[0226.946] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0226.946] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0226.946] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638b18) returned 0x0
[0226.946] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7daa0) returned 0x0
[0226.946] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0226.946] GdipCreateRegion (region=0xd7da88) returned 0x0
[0226.947] GdipGetClip (graphics=0x6654bd0, region=0x6645638) returned 0x0
[0226.947] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6654bd0, result=0xd7da94) returned 0x0
[0226.947] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.947] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7dac0) returned 0x0
[0226.947] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0226.960] GdipFillRectangleI (graphics=0x6654bd0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0226.960] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0226.962] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0226.962] SelectPalette (hdc=0xa40107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.962] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.962] GetSystemMetrics (nIndex=42) returned 0
[0226.962] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.962] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0226.962] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0226.962] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0226.962] SelectPalette (hdc=0xa40107bb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0226.963] GdipCreateFromHDC (hdc=0xa40107bb, graphics=0xd7da68) returned 0x0
[0226.963] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0226.963] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0226.963] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638d28) returned 0x0
[0226.963] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7da40) returned 0x0
[0226.963] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0226.963] GdipCreateRegion (region=0xd7da28) returned 0x0
[0226.963] GdipGetClip (graphics=0x6654bd0, region=0x6645638) returned 0x0
[0226.963] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6654bd0, result=0xd7da34) returned 0x0
[0226.963] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.963] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7da60) returned 0x0
[0226.963] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0226.970] GdipFillRectangleI (graphics=0x6654bd0, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0226.971] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0226.972] GdipRestoreGraphics (graphics=0x6654bd0, state=0xf9680dbd) returned 0x0
[0226.972] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0226.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0226.972] GetSystemMetrics (nIndex=42) returned 0
[0226.972] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0226.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0226.973] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0226.973] SelectPalette (hdc=0xa40107bb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.973] RestoreDC (hdc=0xa40107bb, nSavedDC=-1) returned 1
[0226.973] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107bb) returned 0x0
[0226.973] IsAppThemed () returned 0x1
[0226.973] GetThemeAppProperties () returned 0x3
[0226.973] GetThemeAppProperties () returned 0x3
[0226.973] IsAppThemed () returned 0x1
[0226.973] GetThemeAppProperties () returned 0x3
[0226.973] GetThemeAppProperties () returned 0x3
[0226.974] IsThemePartDefined () returned 0x1
[0226.974] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0226.974] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0226.974] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0226.974] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0226.974] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0226.974] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0226.974] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0226.974] LocalFree (hMem=0x11ee788) returned 0x0
[0226.974] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0226.974] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea60) returned 0x0
[0226.974] LocalFree (hMem=0x11eea60) returned 0x0
[0226.974] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0226.974] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0226.974] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0226.974] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0226.975] GdipDeleteRegion (region=0x6645638) returned 0x0
[0226.975] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0226.975] GetCurrentObject (hdc=0xa40107bb, type=0x1) returned 0xb00017
[0226.975] GetCurrentObject (hdc=0xa40107bb, type=0x2) returned 0x900010
[0226.975] GetCurrentObject (hdc=0xa40107bb, type=0x7) returned 0x4a0507fe
[0226.975] GetCurrentObject (hdc=0xa40107bb, type=0x6) returned 0x8a01c2
[0226.975] SaveDC (hdc=0xa40107bb) returned 1
[0226.975] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b040807
[0226.975] GetClipRgn (hdc=0xa40107bb, hrgn=0x8b040807) returned 0
[0226.975] SelectClipRgn (hdc=0xa40107bb, hrgn=0x160407de) returned 2
[0226.975] DeleteObject (ho=0x8b040807) returned 1
[0226.975] DeleteObject (ho=0x160407de) returned 1
[0226.975] OffsetViewportOrgEx (in: hdc=0xa40107bb, x=0, y=0, lppt=0x2ea20e8 | out: lppt=0x2ea20e8) returned 1
[0226.975] IsAppThemed () returned 0x1
[0226.976] GetThemeAppProperties () returned 0x3
[0226.976] GetThemeAppProperties () returned 0x3
[0226.976] DrawThemeBackground () returned 0x0
[0226.976] RestoreDC (hdc=0xa40107bb, nSavedDC=-1) returned 1
[0226.976] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107bb) returned 0x0
[0226.976] GdipCreateRegion (region=0xd7df60) returned 0x0
[0226.976] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0226.976] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0226.976] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0226.976] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0226.976] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0226.976] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0226.976] LocalFree (hMem=0x11ee9f0) returned 0x0
[0226.977] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0226.977] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea60) returned 0x0
[0226.977] LocalFree (hMem=0x11eea60) returned 0x0
[0226.977] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0226.977] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0226.977] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df90) returned 0x0
[0226.977] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0226.977] GdipDeleteRegion (region=0x6645128) returned 0x0
[0226.977] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0226.977] GetCurrentObject (hdc=0xa40107bb, type=0x1) returned 0xb00017
[0226.977] GetCurrentObject (hdc=0xa40107bb, type=0x2) returned 0x900010
[0226.977] GetCurrentObject (hdc=0xa40107bb, type=0x7) returned 0x4a0507fe
[0226.977] GetCurrentObject (hdc=0xa40107bb, type=0x6) returned 0x8a01c2
[0226.977] SaveDC (hdc=0xa40107bb) returned 1
[0226.978] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x170407de
[0226.978] GetClipRgn (hdc=0xa40107bb, hrgn=0x170407de) returned 0
[0226.978] SelectClipRgn (hdc=0xa40107bb, hrgn=0x8c040807) returned 2
[0226.978] DeleteObject (ho=0x170407de) returned 1
[0226.978] DeleteObject (ho=0x8c040807) returned 1
[0226.978] OffsetViewportOrgEx (in: hdc=0xa40107bb, x=0, y=0, lppt=0x2ea23bc | out: lppt=0x2ea23bc) returned 1
[0226.978] IsAppThemed () returned 0x1
[0226.978] GetThemeAppProperties () returned 0x3
[0226.978] GetThemeAppProperties () returned 0x3
[0226.978] GetThemeBackgroundContentRect () returned 0x0
[0226.978] RestoreDC (hdc=0xa40107bb, nSavedDC=-1) returned 1
[0226.978] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107bb) returned 0x0
[0226.978] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0226.978] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0226.978] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0226.979] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0226.979] IsAppThemed () returned 0x1
[0226.979] GetThemeAppProperties () returned 0x3
[0226.979] GetThemeAppProperties () returned 0x3
[0226.979] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0226.979] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0226.979] GetCurrentObject (hdc=0xa40107bb, type=0x1) returned 0xb00017
[0226.979] GetCurrentObject (hdc=0xa40107bb, type=0x2) returned 0x900010
[0226.979] GetCurrentObject (hdc=0xa40107bb, type=0x7) returned 0x4a0507fe
[0226.979] GetCurrentObject (hdc=0xa40107bb, type=0x6) returned 0x8a01c2
[0226.979] SaveDC (hdc=0xa40107bb) returned 1
[0226.979] GetTextAlign (hdc=0xa40107bb) returned 0x0
[0226.979] GetTextColor (hdc=0xa40107bb) returned 0x0
[0226.979] GetCurrentObject (hdc=0xa40107bb, type=0x6) returned 0x8a01c2
[0226.979] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0226.980] SelectObject (hdc=0xa40107bb, h=0x6d0a0520) returned 0x8a01c2
[0226.980] GetBkMode (hdc=0xa40107bb) returned 2
[0226.980] SetBkMode (hdc=0xa40107bb, mode=1) returned 2
[0226.980] DrawTextExW (in: hdc=0xa40107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2ea2780 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0226.980] DrawTextExW (in: hdc=0xa40107bb, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ea2780 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0226.980] RestoreDC (hdc=0xa40107bb, nSavedDC=-1) returned 1
[0226.981] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107bb) returned 0x0
[0226.981] GetFocus () returned 0x1e02d8
[0226.981] IsAppThemed () returned 0x1
[0226.981] GetThemeAppProperties () returned 0x3
[0226.981] GetThemeAppProperties () returned 0x3
[0226.981] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0226.981] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xa40107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0226.981] GdipReleaseDC (graphics=0x6600030, hdc=0xa40107bb) returned 0x0
[0226.981] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0226.987] SelectObject (hdc=0xa40107bb, h=0x85000f) returned 0x4a0507fe
[0226.987] DeleteDC (hdc=0xa40107bb) returned 1
[0226.987] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0226.987] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0226.987] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0226.987] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0226.987] WaitMessage () returned 1
[0227.001] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.001] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0227.001] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.001] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.001] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.001] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.001] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0227.001] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.001] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.001] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.001] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x2a1, wParam=0x0, lParam=0x40044) returned 0x0
[0227.001] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.002] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.002] WaitMessage () returned 1
[0227.014] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.014] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.014] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.014] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.014] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.015] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.015] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.015] WaitMessage () returned 1
[0227.016] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.016] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.016] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.016] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.016] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.017] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.017] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.017] WaitMessage () returned 1
[0227.018] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.018] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.018] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.018] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.018] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.019] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.020] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.020] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.020] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.020] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.020] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.020] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.020] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.020] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.020] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.020] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.021] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.021] WaitMessage () returned 1
[0227.021] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.021] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.021] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.022] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.022] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.024] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.024] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.024] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.024] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.024] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.024] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.024] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.024] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.025] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.025] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.025] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.025] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.025] WaitMessage () returned 1
[0227.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.026] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.026] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.026] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.026] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.027] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.028] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.028] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.028] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.028] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.028] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.028] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.033] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.033] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.033] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.033] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.033] WaitMessage () returned 1
[0227.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.036] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.038] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.038] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.038] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.038] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.038] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.038] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.038] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.038] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.038] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.038] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.060] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0227.060] WaitMessage () returned 1
[0227.066] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.066] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.066] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0227.066] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.066] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.066] GetDlgItem (hDlg=0x1102d0, nIDDlgItem=0) returned 0x0
[0227.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x210, wParam=0x201, lParam=0x620125) returned 0x0
[0227.067] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x21, wParam=0x1102d0, lParam=0x2010001) returned 0x1
[0227.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x21, wParam=0x1102d0, lParam=0x2010001) returned 0x1
[0227.067] SetCursor (hCursor=0x10003) returned 0x10003
[0227.067] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.067] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.067] GetKeyState (nVirtKey=1) returned -127
[0227.067] GetKeyState (nVirtKey=2) returned 0
[0227.067] GetKeyState (nVirtKey=4) returned 0
[0227.067] GetKeyState (nVirtKey=5) returned 0
[0227.067] GetKeyState (nVirtKey=6) returned 0
[0227.067] IsWindowVisible (hWnd=0x1f00ea) returned 1
[0227.067] IsWindowEnabled (hWnd=0x1f00ea) returned 1
[0227.067] SetFocus (hWnd=0x1f00ea) returned 0x1e02d8
[0227.068] GetFocus () returned 0x1f00ea
[0227.068] IsChild (hWndParent=0x1102d0, hWnd=0x1f00ea) returned 1
[0227.068] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x8, wParam=0x1f00ea, lParam=0x0) returned 0x0
[0227.068] GetCapture () returned 0x0
[0227.068] InvalidateRect (hWnd=0x1e02d8, lpRect=0x0, bErase=0) returned 1
[0227.069] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0227.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0227.072] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0227.072] InvalidateRect (hWnd=0x1e02d8, lpRect=0x0, bErase=0) returned 1
[0227.072] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0227.072] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x7, wParam=0x1e02d8, lParam=0x0) returned 0x0
[0227.072] GetStockObject (i=5) returned 0x900015
[0227.072] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0227.072] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0227.072] GetDlgItem (hDlg=0x1102d0, nIDDlgItem=2031850) returned 0x1f00ea
[0227.073] SendMessageW (hWnd=0x1f00ea, Msg=0x202b, wParam=0x1f00ea, lParam=0xd7dddc) returned 0x0
[0227.073] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x202b, wParam=0x1f00ea, lParam=0xd7dddc) returned 0x0
[0227.073] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0227.074] GetFocus () returned 0x1f00ea
[0227.074] GetFocus () returned 0x1f00ea
[0227.074] GetFocus () returned 0x1f00ea
[0227.074] GetKeyState (nVirtKey=1) returned -127
[0227.074] GetKeyState (nVirtKey=2) returned 0
[0227.074] GetKeyState (nVirtKey=4) returned 0
[0227.074] GetKeyState (nVirtKey=5) returned 0
[0227.074] GetKeyState (nVirtKey=6) returned 0
[0227.075] GetCapture () returned 0x0
[0227.075] SetCapture (hWnd=0x1f00ea) returned 0x0
[0227.075] GetKeyState (nVirtKey=1) returned -127
[0227.075] GetKeyState (nVirtKey=2) returned 0
[0227.075] GetKeyState (nVirtKey=4) returned 0
[0227.075] GetKeyState (nVirtKey=5) returned 0
[0227.075] GetKeyState (nVirtKey=6) returned 0
[0227.075] NotifyWinEvent (event=0x800a, hwnd=0x1f00ea, idObject=-4, idChild=0)
[0227.075] InvalidateRect (hWnd=0x1f00ea, lpRect=0xd7e430, bErase=0) returned 1
[0227.078] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.079] IsWindowUnicode (hWnd=0x1f00ea) returned 1
[0227.079] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.079] TranslateMessage (lpMsg=0xd7e808) returned 0
[0227.079] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0227.079] MapWindowPoints (in: hWndFrom=0x1f00ea, hWndTo=0x0, lpPoints=0x2ea2a90, cPoints=0x1 | out: lpPoints=0x2ea2a90) returned 30999254
[0227.079] NotifyWinEvent (event=0x800a, hwnd=0x1f00ea, idObject=-4, idChild=0)
[0227.079] InvalidateRect (hWnd=0x1f00ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0227.079] UpdateWindow (hWnd=0x1f00ea) returned 1
[0227.079] BeginPaint (in: hWnd=0x1f00ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0227.079] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0227.079] CreateCompatibleDC (hdc=0xc0107c5) returned 0x550107f1
[0227.079] SelectObject (hdc=0x550107f1, h=0x4a0507fe) returned 0x85000f
[0227.079] GdipCreateFromHDC (hdc=0x550107f1, graphics=0xd7df00) returned 0x0
[0227.080] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0227.080] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0227.080] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0227.080] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0227.080] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df60) returned 0x0
[0227.080] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0227.080] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0227.080] LocalFree (hMem=0x11ee9f0) returned 0x0
[0227.080] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0227.080] GdipCreateRegion (region=0xd7df48) returned 0x0
[0227.080] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0227.080] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df54) returned 0x0
[0227.080] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0227.080] GdipRestoreGraphics (graphics=0x6600030, state=0xf9660dbd) returned 0x0
[0227.080] GdipDeleteRegion (region=0x6645758) returned 0x0
[0227.081] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0227.081] GetCurrentObject (hdc=0x550107f1, type=0x1) returned 0xb00017
[0227.081] GetCurrentObject (hdc=0x550107f1, type=0x2) returned 0x900010
[0227.081] GetCurrentObject (hdc=0x550107f1, type=0x7) returned 0x4a0507fe
[0227.081] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.081] SaveDC (hdc=0x550107f1) returned 1
[0227.081] GetNearestColor (hdc=0x550107f1, color=0xf0f0f0) returned 0xf0f0f0
[0227.081] GetNearestColor (hdc=0x550107f1, color=0xa0a0a0) returned 0xa0a0a0
[0227.081] GetNearestColor (hdc=0x550107f1, color=0x696969) returned 0x696969
[0227.081] GetNearestColor (hdc=0x550107f1, color=0xa0a0a0) returned 0xa0a0a0
[0227.081] GetNearestColor (hdc=0x550107f1, color=0x0) returned 0x0
[0227.081] GetNearestColor (hdc=0x550107f1, color=0xffffff) returned 0xffffff
[0227.081] GetNearestColor (hdc=0x550107f1, color=0xe5e5e5) returned 0xe5e5e5
[0227.081] GetNearestColor (hdc=0x550107f1, color=0xd7d7d7) returned 0xd7d7d7
[0227.081] GetNearestColor (hdc=0x550107f1, color=0x0) returned 0x0
[0227.082] RestoreDC (hdc=0x550107f1, nSavedDC=-1) returned 1
[0227.082] GdipReleaseDC (graphics=0x6600030, hdc=0x550107f1) returned 0x0
[0227.082] IsAppThemed () returned 0x1
[0227.082] GetThemeAppProperties () returned 0x3
[0227.082] GetThemeAppProperties () returned 0x3
[0227.082] IsAppThemed () returned 0x1
[0227.082] GetThemeAppProperties () returned 0x3
[0227.082] GetThemeAppProperties () returned 0x3
[0227.082] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2ea31e8 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0227.082] IsAppThemed () returned 0x1
[0227.082] GetThemeAppProperties () returned 0x3
[0227.082] GetThemeAppProperties () returned 0x3
[0227.082] IsAppThemed () returned 0x1
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] IsAppThemed () returned 0x1
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] IsAppThemed () returned 0x1
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] IsThemePartDefined () returned 0x1
[0227.083] IsAppThemed () returned 0x1
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0227.083] IsAppThemed () returned 0x1
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] IsAppThemed () returned 0x1
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] GetThemeAppProperties () returned 0x3
[0227.083] IsThemePartDefined () returned 0x1
[0227.083] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0227.083] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0227.084] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0227.084] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0227.084] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc7c) returned 0x0
[0227.084] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0227.084] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea98) returned 0x0
[0227.084] LocalFree (hMem=0x11eea98) returned 0x0
[0227.084] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0227.084] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0227.084] LocalFree (hMem=0x11eec58) returned 0x0
[0227.084] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0227.084] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0227.084] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0227.084] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0227.084] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0227.084] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0227.084] GetCurrentObject (hdc=0x550107f1, type=0x1) returned 0xb00017
[0227.084] GetCurrentObject (hdc=0x550107f1, type=0x2) returned 0x900010
[0227.084] GetCurrentObject (hdc=0x550107f1, type=0x7) returned 0x4a0507fe
[0227.084] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.085] SaveDC (hdc=0x550107f1) returned 1
[0227.085] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8d040807
[0227.085] GetClipRgn (hdc=0x550107f1, hrgn=0x8d040807) returned 0
[0227.085] SelectClipRgn (hdc=0x550107f1, hrgn=0x1b0407de) returned 2
[0227.085] DeleteObject (ho=0x8d040807) returned 1
[0227.085] DeleteObject (ho=0x1b0407de) returned 1
[0227.085] OffsetViewportOrgEx (in: hdc=0x550107f1, x=0, y=0, lppt=0x2ea3898 | out: lppt=0x2ea3898) returned 1
[0227.085] DrawThemeParentBackground () returned 0x0
[0227.085] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0227.085] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0227.085] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0227.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0227.085] GetSystemMetrics (nIndex=42) returned 0
[0227.085] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0227.086] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0227.086] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0227.086] GetCurrentObject (hdc=0x550107f1, type=0x1) returned 0xb00017
[0227.086] GetCurrentObject (hdc=0x550107f1, type=0x2) returned 0x900010
[0227.086] GetCurrentObject (hdc=0x550107f1, type=0x7) returned 0x4a0507fe
[0227.086] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.086] SaveDC (hdc=0x550107f1) returned 2
[0227.086] GetNearestColor (hdc=0x550107f1, color=0xf0f0f0) returned 0xf0f0f0
[0227.086] CreateSolidBrush (color=0xf0f0f0) returned 0x541007e1
[0227.086] FillRect (hDC=0x550107f1, lprc=0xd7d6c8, hbr=0x541007e1) returned 1
[0227.086] DeleteObject (ho=0x541007e1) returned 1
[0227.086] RestoreDC (hdc=0x550107f1, nSavedDC=-1) returned 1
[0227.086] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0227.086] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0227.086] GetSystemMetrics (nIndex=42) returned 0
[0227.086] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0227.086] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0227.087] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0227.087] GetCurrentObject (hdc=0x550107f1, type=0x1) returned 0xb00017
[0227.087] GetCurrentObject (hdc=0x550107f1, type=0x2) returned 0x900010
[0227.087] GetCurrentObject (hdc=0x550107f1, type=0x7) returned 0x4a0507fe
[0227.087] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.087] SaveDC (hdc=0x550107f1) returned 2
[0227.087] GetNearestColor (hdc=0x550107f1, color=0xf0f0f0) returned 0xf0f0f0
[0227.087] CreateSolidBrush (color=0xf0f0f0) returned 0x551007e1
[0227.087] FillRect (hDC=0x550107f1, lprc=0xd7d668, hbr=0x551007e1) returned 1
[0227.087] DeleteObject (ho=0x551007e1) returned 1
[0227.087] RestoreDC (hdc=0x550107f1, nSavedDC=-1) returned 1
[0227.087] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0227.087] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0227.087] GetSystemMetrics (nIndex=42) returned 0
[0227.087] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0227.087] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0227.088] RestoreDC (hdc=0x550107f1, nSavedDC=-1) returned 1
[0227.088] GdipReleaseDC (graphics=0x6600030, hdc=0x550107f1) returned 0x0
[0227.088] IsAppThemed () returned 0x1
[0227.088] GetThemeAppProperties () returned 0x3
[0227.088] GetThemeAppProperties () returned 0x3
[0227.088] IsAppThemed () returned 0x1
[0227.088] GetThemeAppProperties () returned 0x3
[0227.088] GetThemeAppProperties () returned 0x3
[0227.088] IsThemePartDefined () returned 0x1
[0227.088] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0227.088] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0227.088] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0227.088] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0227.088] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0227.088] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0227.088] LocalFree (hMem=0x11eec58) returned 0x0
[0227.088] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0227.088] LocalFree (hMem=0x11ee9f0) returned 0x0
[0227.088] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0227.088] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0227.089] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0227.089] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0227.089] GdipDeleteRegion (region=0x6645638) returned 0x0
[0227.089] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0227.089] GetCurrentObject (hdc=0x550107f1, type=0x1) returned 0xb00017
[0227.089] GetCurrentObject (hdc=0x550107f1, type=0x2) returned 0x900010
[0227.089] GetCurrentObject (hdc=0x550107f1, type=0x7) returned 0x4a0507fe
[0227.089] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.089] SaveDC (hdc=0x550107f1) returned 1
[0227.089] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1c0407de
[0227.089] GetClipRgn (hdc=0x550107f1, hrgn=0x1c0407de) returned 0
[0227.089] SelectClipRgn (hdc=0x550107f1, hrgn=0x8f040807) returned 2
[0227.089] DeleteObject (ho=0x1c0407de) returned 1
[0227.089] DeleteObject (ho=0x8f040807) returned 1
[0227.089] OffsetViewportOrgEx (in: hdc=0x550107f1, x=0, y=0, lppt=0x2ea4144 | out: lppt=0x2ea4144) returned 1
[0227.089] IsAppThemed () returned 0x1
[0227.090] GetThemeAppProperties () returned 0x3
[0227.090] GetThemeAppProperties () returned 0x3
[0227.090] DrawThemeBackground () returned 0x0
[0227.090] RestoreDC (hdc=0x550107f1, nSavedDC=-1) returned 1
[0227.090] GdipReleaseDC (graphics=0x6600030, hdc=0x550107f1) returned 0x0
[0227.090] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0227.090] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0227.090] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0227.090] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0227.090] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc04) returned 0x0
[0227.090] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0227.090] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0227.090] LocalFree (hMem=0x11eecc8) returned 0x0
[0227.090] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0227.090] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0227.090] LocalFree (hMem=0x11ee9f0) returned 0x0
[0227.090] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0227.090] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0227.092] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0227.092] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0227.092] GdipDeleteRegion (region=0x6645758) returned 0x0
[0227.092] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0227.092] GetCurrentObject (hdc=0x550107f1, type=0x1) returned 0xb00017
[0227.092] GetCurrentObject (hdc=0x550107f1, type=0x2) returned 0x900010
[0227.092] GetCurrentObject (hdc=0x550107f1, type=0x7) returned 0x4a0507fe
[0227.092] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.092] SaveDC (hdc=0x550107f1) returned 1
[0227.092] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90040807
[0227.092] GetClipRgn (hdc=0x550107f1, hrgn=0x90040807) returned 0
[0227.093] SelectClipRgn (hdc=0x550107f1, hrgn=0x1d0407de) returned 2
[0227.093] DeleteObject (ho=0x90040807) returned 1
[0227.093] DeleteObject (ho=0x1d0407de) returned 1
[0227.093] OffsetViewportOrgEx (in: hdc=0x550107f1, x=0, y=0, lppt=0x2ea4418 | out: lppt=0x2ea4418) returned 1
[0227.093] IsAppThemed () returned 0x1
[0227.093] GetThemeAppProperties () returned 0x3
[0227.093] GetThemeAppProperties () returned 0x3
[0227.093] GetThemeBackgroundContentRect () returned 0x0
[0227.093] RestoreDC (hdc=0x550107f1, nSavedDC=-1) returned 1
[0227.093] GdipReleaseDC (graphics=0x6600030, hdc=0x550107f1) returned 0x0
[0227.093] IsAppThemed () returned 0x1
[0227.093] GetThemeAppProperties () returned 0x3
[0227.093] GetThemeAppProperties () returned 0x3
[0227.093] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0227.093] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0227.093] GetCurrentObject (hdc=0x550107f1, type=0x1) returned 0xb00017
[0227.093] GetCurrentObject (hdc=0x550107f1, type=0x2) returned 0x900010
[0227.093] GetCurrentObject (hdc=0x550107f1, type=0x7) returned 0x4a0507fe
[0227.093] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.094] SaveDC (hdc=0x550107f1) returned 1
[0227.094] GetTextAlign (hdc=0x550107f1) returned 0x0
[0227.094] GetTextColor (hdc=0x550107f1) returned 0x0
[0227.094] GetCurrentObject (hdc=0x550107f1, type=0x6) returned 0x8a01c2
[0227.094] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0227.094] SelectObject (hdc=0x550107f1, h=0x6d0a0520) returned 0x8a01c2
[0227.094] GetBkMode (hdc=0x550107f1) returned 2
[0227.094] SetBkMode (hdc=0x550107f1, mode=1) returned 2
[0227.094] DrawTextExW (in: hdc=0x550107f1, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2ea47b8 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0227.094] DrawTextExW (in: hdc=0x550107f1, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2ea47b8 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0227.095] RestoreDC (hdc=0x550107f1, nSavedDC=-1) returned 1
[0227.095] GdipReleaseDC (graphics=0x6600030, hdc=0x550107f1) returned 0x0
[0227.095] GetFocus () returned 0x1f00ea
[0227.095] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0227.095] SendMessageW (hWnd=0x1102d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0227.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0227.095] IsAppThemed () returned 0x1
[0227.095] GetThemeAppProperties () returned 0x3
[0227.095] GetThemeAppProperties () returned 0x3
[0227.095] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0227.095] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x550107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0227.096] GdipReleaseDC (graphics=0x6600030, hdc=0x550107f1) returned 0x0
[0227.096] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0227.096] SelectObject (hdc=0x550107f1, h=0x85000f) returned 0x4a0507fe
[0227.096] DeleteDC (hdc=0x550107f1) returned 1
[0227.096] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0227.096] EndPaint (hWnd=0x1f00ea, lpPaint=0xd7dee4) returned 1
[0227.096] MapWindowPoints (in: hWndFrom=0x1f00ea, hWndTo=0x0, lpPoints=0x2ea48b4, cPoints=0x1 | out: lpPoints=0x2ea48b4) returned 30999254
[0227.096] WindowFromPoint (Point=0x31a) returned 0x1f00ea
[0227.096] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.096] NotifyWinEvent (event=0x800a, hwnd=0x1f00ea, idObject=-4, idChild=0)
[0227.096] NotifyWinEvent (event=0x800c, hwnd=0x1f00ea, idObject=-4, idChild=0)
[0227.097] GetCapture () returned 0x1f00ea
[0227.097] ReleaseCapture () returned 1
[0227.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0227.097] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0227.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.097] IsWindow (hWnd=0x7005c) returned 1
[0227.097] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0227.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0227.098] IsWindow (hWnd=0x1102d0) returned 1
[0227.098] SetActiveWindow (hWnd=0x1102d0) returned 0x1102d0
[0227.098] IsWindow (hWnd=0x1102d0) returned 1
[0227.098] SetFocus (hWnd=0x1102d0) returned 0x1f00ea
[0227.099] GetFocus () returned 0x1102d0
[0227.099] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x8, wParam=0x1102d0, lParam=0x0) returned 0x0
[0227.099] GetCapture () returned 0x0
[0227.099] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0227.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0227.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0227.103] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0227.103] GetFocus () returned 0x1102d0
[0227.103] SetFocus (hWnd=0x1f00ea) returned 0x1102d0
[0227.103] GetFocus () returned 0x1f00ea
[0227.103] IsChild (hWndParent=0x1102d0, hWnd=0x1f00ea) returned 1
[0227.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x8, wParam=0x1f00ea, lParam=0x0) returned 0x0
[0227.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0227.106] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0227.107] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0227.107] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x7, wParam=0x1102d0, lParam=0x0) returned 0x0
[0227.108] GetStockObject (i=5) returned 0x900015
[0227.108] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0227.108] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0227.108] GetDlgItem (hDlg=0x1102d0, nIDDlgItem=2031850) returned 0x1f00ea
[0227.108] SendMessageW (hWnd=0x1f00ea, Msg=0x202b, wParam=0x1f00ea, lParam=0xd7ddcc) returned 0x0
[0227.108] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x202b, wParam=0x1f00ea, lParam=0xd7ddcc) returned 0x0
[0227.108] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0227.110] GetWindowLongW (hWnd=0x1102d0, nIndex=-8) returned 458844
[0227.110] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0227.110] GetCurrentThreadId () returned 0xf50
[0227.110] IsWindow (hWnd=0x7005c) returned 1
[0227.110] IsWindow (hWnd=0x7005c) returned 1
[0227.110] IsWindowVisible (hWnd=0x7005c) returned 1
[0227.110] SetActiveWindow (hWnd=0x7005c) returned 0x1102d0
[0227.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0227.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0227.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0227.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0227.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0227.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0227.114] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0227.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0227.114] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0227.114] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0227.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0227.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0227.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0227.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1102d0) returned 0x1
[0227.119] GetFocus () returned 0x1f00ea
[0227.119] SetFocus (hWnd=0x602c4) returned 0x1f00ea
[0227.119] GetFocus () returned 0x602c4
[0227.119] IsChild (hWndParent=0x1102d0, hWnd=0x602c4) returned 0
[0227.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0227.119] GetCapture () returned 0x0
[0227.119] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0227.120] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0227.121] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0227.127] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0227.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0227.128] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0227.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0227.128] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0227.129] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1f00ea, lParam=0x0) returned 0x0
[0227.129] GetStockObject (i=5) returned 0x900015
[0227.129] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0227.129] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0227.129] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0227.129] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0227.129] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0227.129] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0227.131] GetFocus () returned 0x602c4
[0227.131] IsChild (hWndParent=0x1102d0, hWnd=0x602c4) returned 0
[0227.131] ShowWindow (hWnd=0x1102d0, nCmdShow=0) returned 1
[0227.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0227.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0227.133] GetWindowPlacement (in: hWnd=0x1102d0, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0227.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0227.133] GetClientRect (in: hWnd=0x1102d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0227.133] GetWindowRect (in: hWnd=0x1102d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0227.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0227.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0227.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0227.135] GetWindowLongW (hWnd=0x1102d0, nIndex=-20) returned 327945
[0227.135] DestroyWindow (hWnd=0x1102d0) returned 1
[0227.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0227.135] GetWindowTextLengthW (hWnd=0x1102d0) returned 13
[0227.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0227.135] GetSystemMetrics (nIndex=42) returned 0
[0227.135] GetWindowTextW (in: hWnd=0x1102d0, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0227.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0227.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0227.136] GetWindowTextLengthW (hWnd=0x1c02de) returned 0
[0227.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0227.136] GetSystemMetrics (nIndex=42) returned 0
[0227.136] GetWindowTextW (in: hWnd=0x1c02de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0227.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0227.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0227.136] GetWindowThreadProcessId (in: hWnd=0x1c02da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0227.136] GetWindow (hWnd=0x1c02da, uCmd=0x5) returned 0x0
[0227.136] GetWindowLongW (hWnd=0x1c02da, nIndex=-20) returned 65792
[0227.136] DestroyWindow (hWnd=0x1c02da) returned 1
[0227.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0227.136] GetWindowTextLengthW (hWnd=0x1c02da) returned 25
[0227.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0227.136] GetSystemMetrics (nIndex=42) returned 0
[0227.136] GetWindowTextW (in: hWnd=0x1c02da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0227.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0227.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0227.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.138] GetWindowTextLengthW (hWnd=0x1202ce) returned 232
[0227.138] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0227.138] GetSystemMetrics (nIndex=42) returned 0
[0227.138] GetWindowTextW (in: hWnd=0x1202ce, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0227.138] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0227.138] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0227.138] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0227.139] InvalidateRect (hWnd=0x1f00ea, lpRect=0x0, bErase=0) returned 1
[0227.139] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0227.139] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0227.139] SendMessageW (hWnd=0x1602c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0227.139] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0227.139] SendMessageW (hWnd=0x1602c8, Msg=0xb0, wParam=0x2e6e8e4, lParam=0xd7e480) returned 0x0
[0227.139] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0xb0, wParam=0x2e6e8e4, lParam=0xd7e480) returned 0x0
[0227.139] GetWindowTextLengthW (hWnd=0x1602c8) returned 4363
[0227.139] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0227.139] GetSystemMetrics (nIndex=42) returned 0
[0227.139] CoTaskMemAlloc (cb=0x221c) returned 0x1209508
[0227.139] GetWindowTextW (in: hWnd=0x1602c8, lpString=0x1209508, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0227.139] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0xd, wParam=0x110c, lParam=0x1209508) returned 0x110b
[0227.140] CoTaskMemFree (pv=0x1209508)
[0227.140] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0227.140] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.141] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1202ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.142] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.145] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.146] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1602c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1102d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0227.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.149] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.149] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.149] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.149] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.150] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.150] IsWindowUnicode (hWnd=0x7005c) returned 1
[0227.150] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.150] SetCursor (hCursor=0x10003) returned 0x10003
[0227.150] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.151] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.151] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0227.151] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0227.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0227.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x108025c) returned 0x0
[0227.151] GetKeyState (nVirtKey=1) returned 1
[0227.151] GetKeyState (nVirtKey=2) returned 0
[0227.151] GetKeyState (nVirtKey=4) returned 0
[0227.151] GetKeyState (nVirtKey=5) returned 0
[0227.151] GetKeyState (nVirtKey=6) returned 0
[0227.151] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.152] IsWindowUnicode (hWnd=0x7005c) returned 1
[0227.152] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.152] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.152] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.152] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.152] IsWindowUnicode (hWnd=0x7005c) returned 1
[0227.152] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031a) returned 0x1
[0227.153] SetCursor (hCursor=0x10003) returned 0x10003
[0227.153] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.153] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.153] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x108025c) returned 0x0
[0227.153] GetKeyState (nVirtKey=1) returned 1
[0227.153] GetKeyState (nVirtKey=2) returned 0
[0227.153] GetKeyState (nVirtKey=4) returned 0
[0227.153] GetKeyState (nVirtKey=5) returned 0
[0227.153] GetKeyState (nVirtKey=6) returned 0
[0227.153] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.174] IsWindowUnicode (hWnd=0x602c4) returned 1
[0227.174] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.175] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.175] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.175] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.176] IsWindowUnicode (hWnd=0x602c4) returned 1
[0227.176] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.176] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.176] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.176] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0227.176] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0227.176] CreateCompatibleDC (hdc=0x10105d6) returned 0x2a0107e9
[0227.176] SelectObject (hdc=0x2a0107e9, h=0x4a0507fe) returned 0x85000f
[0227.176] GdipCreateFromHDC (hdc=0x2a0107e9, graphics=0xd7e798) returned 0x0
[0227.176] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0227.176] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0227.176] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0227.177] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0227.177] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e7f8) returned 0x0
[0227.177] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0227.177] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0227.177] LocalFree (hMem=0x11ee788) returned 0x0
[0227.177] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0227.177] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0227.177] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0227.177] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0227.177] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0227.177] GdipRestoreGraphics (graphics=0x6600030, state=0xf9640dbd) returned 0x0
[0227.177] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0227.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0227.177] GetCurrentObject (hdc=0x2a0107e9, type=0x1) returned 0xb00017
[0227.177] GetCurrentObject (hdc=0x2a0107e9, type=0x2) returned 0x900010
[0227.177] GetCurrentObject (hdc=0x2a0107e9, type=0x7) returned 0x4a0507fe
[0227.178] GetCurrentObject (hdc=0x2a0107e9, type=0x6) returned 0x8a01c2
[0227.178] SaveDC (hdc=0x2a0107e9) returned 1
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0xff) returned 0xff
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0x55) returned 0x55
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0x0) returned 0x0
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0x55) returned 0x55
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0x0) returned 0x0
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0x8080ff) returned 0x8080ff
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0x7373e5) returned 0x7373e5
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0xe5) returned 0xe5
[0227.178] GetNearestColor (hdc=0x2a0107e9, color=0x0) returned 0x0
[0227.178] RestoreDC (hdc=0x2a0107e9, nSavedDC=-1) returned 1
[0227.178] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107e9) returned 0x0
[0227.178] IsAppThemed () returned 0x1
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] IsAppThemed () returned 0x1
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2eac620 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0227.179] IsAppThemed () returned 0x1
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] IsAppThemed () returned 0x1
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] GetThemeAppProperties () returned 0x3
[0227.179] GetFocus () returned 0x602c4
[0227.179] IsAppThemed () returned 0x1
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] IsAppThemed () returned 0x1
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] IsThemePartDefined () returned 0x1
[0227.180] IsAppThemed () returned 0x1
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0227.180] IsAppThemed () returned 0x1
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] IsAppThemed () returned 0x1
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] GetThemeAppProperties () returned 0x3
[0227.180] IsThemePartDefined () returned 0x1
[0227.180] GdipCreateRegion (region=0xd7e508) returned 0x0
[0227.180] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0227.180] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0227.180] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0227.181] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e520) returned 0x0
[0227.181] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0227.181] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0227.181] LocalFree (hMem=0x11eec58) returned 0x0
[0227.181] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0227.181] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0227.181] LocalFree (hMem=0x11ee788) returned 0x0
[0227.181] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0227.181] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e548) returned 0x0
[0227.181] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e538) returned 0x0
[0227.181] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0227.181] GdipDeleteRegion (region=0x6646058) returned 0x0
[0227.181] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0227.181] GetCurrentObject (hdc=0x2a0107e9, type=0x1) returned 0xb00017
[0227.181] GetCurrentObject (hdc=0x2a0107e9, type=0x2) returned 0x900010
[0227.181] GetCurrentObject (hdc=0x2a0107e9, type=0x7) returned 0x4a0507fe
[0227.181] GetCurrentObject (hdc=0x2a0107e9, type=0x6) returned 0x8a01c2
[0227.182] SaveDC (hdc=0x2a0107e9) returned 1
[0227.182] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1e0407de
[0227.182] GetClipRgn (hdc=0x2a0107e9, hrgn=0x1e0407de) returned 0
[0227.182] SelectClipRgn (hdc=0x2a0107e9, hrgn=0x94040807) returned 2
[0227.182] DeleteObject (ho=0x1e0407de) returned 1
[0227.182] DeleteObject (ho=0x94040807) returned 1
[0227.182] OffsetViewportOrgEx (in: hdc=0x2a0107e9, x=0, y=0, lppt=0x2eaccd0 | out: lppt=0x2eaccd0) returned 1
[0227.182] DrawThemeParentBackground () returned 0x0
[0227.182] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0227.182] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0227.182] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0227.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0227.182] GetSystemMetrics (nIndex=42) returned 0
[0227.182] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0227.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0227.183] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0227.183] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0227.183] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0227.183] SelectPalette (hdc=0x2a0107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0227.183] GdipCreateFromHDC (hdc=0x2a0107e9, graphics=0xd7dff8) returned 0x0
[0227.183] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0227.183] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0227.183] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638b18) returned 0x0
[0227.183] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfd0) returned 0x0
[0227.183] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0227.183] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0227.183] GdipGetClip (graphics=0x6654bd0, region=0x66460e8) returned 0x0
[0227.184] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6654bd0, result=0xd7dfc4) returned 0x0
[0227.184] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0227.184] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7dff0) returned 0x0
[0227.184] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0227.193] GdipFillRectangleI (graphics=0x6654bd0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0227.193] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0227.194] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0227.194] SelectPalette (hdc=0x2a0107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0227.195] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0227.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0227.195] GetSystemMetrics (nIndex=42) returned 0
[0227.195] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0227.195] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0227.195] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0227.195] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0227.195] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0227.195] SelectPalette (hdc=0x2a0107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0227.195] GdipCreateFromHDC (hdc=0x2a0107e9, graphics=0xd7df98) returned 0x0
[0227.195] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0227.195] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0227.196] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638a88) returned 0x0
[0227.196] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df70) returned 0x0
[0227.196] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0227.196] GdipCreateRegion (region=0xd7df58) returned 0x0
[0227.196] GdipGetClip (graphics=0x6654bd0, region=0x6645248) returned 0x0
[0227.196] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6654bd0, result=0xd7df64) returned 0x0
[0227.196] GdipDeleteRegion (region=0x6645248) returned 0x0
[0227.196] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7df90) returned 0x0
[0227.196] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0227.207] GdipFillRectangleI (graphics=0x6654bd0, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0227.207] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0227.209] GdipRestoreGraphics (graphics=0x6654bd0, state=0xf9600dbd) returned 0x0
[0227.209] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0227.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0227.209] GetSystemMetrics (nIndex=42) returned 0
[0227.209] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0227.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0227.209] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0227.209] SelectPalette (hdc=0x2a0107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0227.210] RestoreDC (hdc=0x2a0107e9, nSavedDC=-1) returned 1
[0227.210] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107e9) returned 0x0
[0227.210] IsAppThemed () returned 0x1
[0227.210] GetThemeAppProperties () returned 0x3
[0227.210] GetThemeAppProperties () returned 0x3
[0227.210] IsAppThemed () returned 0x1
[0227.210] GetThemeAppProperties () returned 0x3
[0227.210] GetThemeAppProperties () returned 0x3
[0227.210] IsThemePartDefined () returned 0x1
[0227.210] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0227.210] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0227.210] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0227.210] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0227.210] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a4) returned 0x0
[0227.210] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0227.210] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0227.210] LocalFree (hMem=0x11ee788) returned 0x0
[0227.210] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0227.211] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0227.211] LocalFree (hMem=0x11ee868) returned 0x0
[0227.211] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0227.211] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0227.211] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0227.211] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0227.211] GdipDeleteRegion (region=0x6645638) returned 0x0
[0227.211] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0227.211] GetCurrentObject (hdc=0x2a0107e9, type=0x1) returned 0xb00017
[0227.211] GetCurrentObject (hdc=0x2a0107e9, type=0x2) returned 0x900010
[0227.211] GetCurrentObject (hdc=0x2a0107e9, type=0x7) returned 0x4a0507fe
[0227.211] GetCurrentObject (hdc=0x2a0107e9, type=0x6) returned 0x8a01c2
[0227.211] SaveDC (hdc=0x2a0107e9) returned 1
[0227.211] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x95040807
[0227.211] GetClipRgn (hdc=0x2a0107e9, hrgn=0x95040807) returned 0
[0227.211] SelectClipRgn (hdc=0x2a0107e9, hrgn=0x200407de) returned 2
[0227.212] DeleteObject (ho=0x95040807) returned 1
[0227.212] DeleteObject (ho=0x200407de) returned 1
[0227.212] OffsetViewportOrgEx (in: hdc=0x2a0107e9, x=0, y=0, lppt=0x2eb3520 | out: lppt=0x2eb3520) returned 1
[0227.212] IsAppThemed () returned 0x1
[0227.212] GetThemeAppProperties () returned 0x3
[0227.212] GetThemeAppProperties () returned 0x3
[0227.212] DrawThemeBackground () returned 0x0
[0227.212] RestoreDC (hdc=0x2a0107e9, nSavedDC=-1) returned 1
[0227.212] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107e9) returned 0x0
[0227.212] GdipCreateRegion (region=0xd7e490) returned 0x0
[0227.212] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0227.212] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0227.212] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0227.212] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e4a8) returned 0x0
[0227.212] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0227.212] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0227.212] LocalFree (hMem=0x11ee868) returned 0x0
[0227.213] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0227.213] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0227.213] LocalFree (hMem=0x11eec58) returned 0x0
[0227.213] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0227.213] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0227.213] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0227.213] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0227.213] GdipDeleteRegion (region=0x6645638) returned 0x0
[0227.213] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0227.213] GetCurrentObject (hdc=0x2a0107e9, type=0x1) returned 0xb00017
[0227.213] GetCurrentObject (hdc=0x2a0107e9, type=0x2) returned 0x900010
[0227.213] GetCurrentObject (hdc=0x2a0107e9, type=0x7) returned 0x4a0507fe
[0227.213] GetCurrentObject (hdc=0x2a0107e9, type=0x6) returned 0x8a01c2
[0227.213] SaveDC (hdc=0x2a0107e9) returned 1
[0227.213] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x210407de
[0227.213] GetClipRgn (hdc=0x2a0107e9, hrgn=0x210407de) returned 0
[0227.213] SelectClipRgn (hdc=0x2a0107e9, hrgn=0x96040807) returned 2
[0227.214] DeleteObject (ho=0x210407de) returned 1
[0227.214] DeleteObject (ho=0x96040807) returned 1
[0227.214] OffsetViewportOrgEx (in: hdc=0x2a0107e9, x=0, y=0, lppt=0x2eb37f4 | out: lppt=0x2eb37f4) returned 1
[0227.214] IsAppThemed () returned 0x1
[0227.214] GetThemeAppProperties () returned 0x3
[0227.214] GetThemeAppProperties () returned 0x3
[0227.214] GetThemeBackgroundContentRect () returned 0x0
[0227.214] RestoreDC (hdc=0x2a0107e9, nSavedDC=-1) returned 1
[0227.214] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107e9) returned 0x0
[0227.214] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0227.214] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0227.214] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0227.214] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0227.214] IsAppThemed () returned 0x1
[0227.214] GetThemeAppProperties () returned 0x3
[0227.214] GetThemeAppProperties () returned 0x3
[0227.214] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0227.215] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0227.215] GetCurrentObject (hdc=0x2a0107e9, type=0x1) returned 0xb00017
[0227.215] GetCurrentObject (hdc=0x2a0107e9, type=0x2) returned 0x900010
[0227.215] GetCurrentObject (hdc=0x2a0107e9, type=0x7) returned 0x4a0507fe
[0227.215] GetCurrentObject (hdc=0x2a0107e9, type=0x6) returned 0x8a01c2
[0227.215] SaveDC (hdc=0x2a0107e9) returned 1
[0227.215] GetTextAlign (hdc=0x2a0107e9) returned 0x0
[0227.215] GetTextColor (hdc=0x2a0107e9) returned 0x0
[0227.215] GetCurrentObject (hdc=0x2a0107e9, type=0x6) returned 0x8a01c2
[0227.215] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0227.215] SelectObject (hdc=0x2a0107e9, h=0x6d0a0520) returned 0x8a01c2
[0227.215] GetBkMode (hdc=0x2a0107e9) returned 2
[0227.215] SetBkMode (hdc=0x2a0107e9, mode=1) returned 2
[0227.216] DrawTextExW (in: hdc=0x2a0107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2eb3bb8 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0227.223] DrawTextExW (in: hdc=0x2a0107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2eb3bb8 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0227.223] RestoreDC (hdc=0x2a0107e9, nSavedDC=-1) returned 1
[0227.223] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107e9) returned 0x0
[0227.223] GetFocus () returned 0x602c4
[0227.223] IsAppThemed () returned 0x1
[0227.223] GetThemeAppProperties () returned 0x3
[0227.223] GetThemeAppProperties () returned 0x3
[0227.223] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0227.224] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x2a0107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0227.224] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107e9) returned 0x0
[0227.224] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0227.224] SelectObject (hdc=0x2a0107e9, h=0x85000f) returned 0x4a0507fe
[0227.224] DeleteDC (hdc=0x2a0107e9) returned 1
[0227.224] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0227.224] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0227.224] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.224] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.224] WaitMessage () returned 1
[0227.240] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.240] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.240] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.240] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.240] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.241] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.241] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.241] WaitMessage () returned 1
[0227.242] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.242] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.242] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.243] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.243] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.244] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.244] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.244] WaitMessage () returned 1
[0227.245] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.245] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.245] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.245] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.245] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.246] WaitMessage () returned 1
[0227.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.246] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.247] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.247] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.247] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.252] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.253] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.253] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.253] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.253] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.253] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.253] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.253] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.253] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.253] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.253] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.254] IsWindowUnicode (hWnd=0x7005c) returned 1
[0227.254] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.254] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.254] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.254] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.254] IsWindowUnicode (hWnd=0x7005c) returned 1
[0227.254] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.254] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.254] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x108025c) returned 0x0
[0227.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.255] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.255] WaitMessage () returned 1
[0227.256] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.257] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.257] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.257] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.257] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.258] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.258] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.258] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.258] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.258] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.259] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.259] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.259] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.259] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.259] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.259] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.259] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.260] WaitMessage () returned 1
[0227.260] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.260] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.260] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.260] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.260] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.261] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.262] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.262] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.262] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.262] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.262] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.262] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.262] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.262] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.262] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.262] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.263] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.263] WaitMessage () returned 1
[0227.263] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.264] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.264] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.264] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.264] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.265] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.266] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.266] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.266] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.266] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.266] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.266] IsWindowUnicode (hWnd=0x30122) returned 1
[0227.266] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.266] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.266] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.266] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.267] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.267] WaitMessage () returned 1
[0227.435] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.435] IsWindowUnicode (hWnd=0x502c6) returned 1
[0227.435] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0227.435] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0227.435] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0227.435] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.435] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0227.435] WaitMessage () returned 1
[0229.296] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.296] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0229.296] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.296] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.297] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0229.297] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0229.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0229.297] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0229.297] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.297] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0229.297] SetCursor (hCursor=0x10003) returned 0x10003
[0229.297] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0229.297] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0229.297] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0229.297] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0229.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0229.298] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0229.298] GetKeyState (nVirtKey=1) returned 1
[0229.298] GetKeyState (nVirtKey=2) returned 0
[0229.298] GetKeyState (nVirtKey=4) returned 0
[0229.298] GetKeyState (nVirtKey=5) returned 0
[0229.298] GetKeyState (nVirtKey=6) returned 0
[0229.298] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.298] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.298] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.298] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0229.298] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0229.298] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0229.298] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.298] CreateCompatibleDC (hdc=0x10105d6) returned 0x770107e8
[0229.298] SelectObject (hdc=0x770107e8, h=0x4a0507fe) returned 0x85000f
[0229.299] GdipCreateFromHDC (hdc=0x770107e8, graphics=0xd7e798) returned 0x0
[0229.299] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0229.299] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0229.299] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0229.299] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0229.299] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e7f8) returned 0x0
[0229.299] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0229.299] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0229.299] LocalFree (hMem=0x11eec58) returned 0x0
[0229.299] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0229.299] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0229.299] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0229.299] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0229.300] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0229.300] GdipRestoreGraphics (graphics=0x6600030, state=0xf95e0dbd) returned 0x0
[0229.300] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0229.300] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0229.300] GetCurrentObject (hdc=0x770107e8, type=0x1) returned 0xb00017
[0229.300] GetCurrentObject (hdc=0x770107e8, type=0x2) returned 0x900010
[0229.300] GetCurrentObject (hdc=0x770107e8, type=0x7) returned 0x4a0507fe
[0229.300] GetCurrentObject (hdc=0x770107e8, type=0x6) returned 0x8a01c2
[0229.300] SaveDC (hdc=0x770107e8) returned 1
[0229.300] GetNearestColor (hdc=0x770107e8, color=0xff) returned 0xff
[0229.300] GetNearestColor (hdc=0x770107e8, color=0x55) returned 0x55
[0229.300] GetNearestColor (hdc=0x770107e8, color=0x0) returned 0x0
[0229.300] GetNearestColor (hdc=0x770107e8, color=0x55) returned 0x55
[0229.300] GetNearestColor (hdc=0x770107e8, color=0x0) returned 0x0
[0229.301] GetNearestColor (hdc=0x770107e8, color=0x8080ff) returned 0x8080ff
[0229.301] GetNearestColor (hdc=0x770107e8, color=0x7373e5) returned 0x7373e5
[0229.301] GetNearestColor (hdc=0x770107e8, color=0xe5) returned 0xe5
[0229.301] GetNearestColor (hdc=0x770107e8, color=0x0) returned 0x0
[0229.301] RestoreDC (hdc=0x770107e8, nSavedDC=-1) returned 1
[0229.301] GdipReleaseDC (graphics=0x6600030, hdc=0x770107e8) returned 0x0
[0229.301] IsAppThemed () returned 0x1
[0229.301] GetThemeAppProperties () returned 0x3
[0229.301] GetThemeAppProperties () returned 0x3
[0229.301] IsAppThemed () returned 0x1
[0229.301] GetThemeAppProperties () returned 0x3
[0229.301] GetThemeAppProperties () returned 0x3
[0229.301] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2eb4ce4 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0229.302] IsAppThemed () returned 0x1
[0229.302] GetThemeAppProperties () returned 0x3
[0229.302] GetThemeAppProperties () returned 0x3
[0229.302] IsAppThemed () returned 0x1
[0229.302] GetThemeAppProperties () returned 0x3
[0229.302] GetThemeAppProperties () returned 0x3
[0229.302] IsAppThemed () returned 0x1
[0229.302] GetThemeAppProperties () returned 0x3
[0229.302] GetThemeAppProperties () returned 0x3
[0229.302] IsAppThemed () returned 0x1
[0229.303] GetThemeAppProperties () returned 0x3
[0229.303] GetThemeAppProperties () returned 0x3
[0229.303] IsThemePartDefined () returned 0x1
[0229.303] IsAppThemed () returned 0x1
[0229.303] GetThemeAppProperties () returned 0x3
[0229.303] GetThemeAppProperties () returned 0x3
[0229.303] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0229.303] IsAppThemed () returned 0x1
[0229.304] GetThemeAppProperties () returned 0x3
[0229.304] GetThemeAppProperties () returned 0x3
[0229.304] IsAppThemed () returned 0x1
[0229.304] GetThemeAppProperties () returned 0x3
[0229.304] GetThemeAppProperties () returned 0x3
[0229.304] IsThemePartDefined () returned 0x1
[0229.304] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0229.304] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0229.304] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0229.304] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0229.304] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e514) returned 0x0
[0229.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.304] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0229.304] LocalFree (hMem=0x11ee788) returned 0x0
[0229.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.304] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0229.304] LocalFree (hMem=0x11ee788) returned 0x0
[0229.304] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0229.304] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0229.304] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0229.304] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0229.304] GdipDeleteRegion (region=0x6645638) returned 0x0
[0229.304] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0229.305] GetCurrentObject (hdc=0x770107e8, type=0x1) returned 0xb00017
[0229.305] GetCurrentObject (hdc=0x770107e8, type=0x2) returned 0x900010
[0229.305] GetCurrentObject (hdc=0x770107e8, type=0x7) returned 0x4a0507fe
[0229.305] GetCurrentObject (hdc=0x770107e8, type=0x6) returned 0x8a01c2
[0229.305] SaveDC (hdc=0x770107e8) returned 1
[0229.305] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x97040807
[0229.305] GetClipRgn (hdc=0x770107e8, hrgn=0x97040807) returned 0
[0229.305] SelectClipRgn (hdc=0x770107e8, hrgn=0x250407de) returned 2
[0229.305] DeleteObject (ho=0x97040807) returned 1
[0229.305] DeleteObject (ho=0x250407de) returned 1
[0229.305] OffsetViewportOrgEx (in: hdc=0x770107e8, x=0, y=0, lppt=0x2eb5394 | out: lppt=0x2eb5394) returned 1
[0229.305] DrawThemeParentBackground () returned 0x0
[0229.305] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0229.305] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0229.305] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.306] GetSystemMetrics (nIndex=42) returned 0
[0229.306] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0229.306] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0229.306] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0229.306] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0229.306] SelectPalette (hdc=0x770107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.306] GdipCreateFromHDC (hdc=0x770107e8, graphics=0xd7dff0) returned 0x0
[0229.306] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0229.306] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0229.306] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638ae8) returned 0x0
[0229.306] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfc8) returned 0x0
[0229.306] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0229.306] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0229.306] GdipGetClip (graphics=0x6654bd0, region=0x6645638) returned 0x0
[0229.306] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6654bd0, result=0xd7dfbc) returned 0x0
[0229.306] GdipDeleteRegion (region=0x6645638) returned 0x0
[0229.306] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7dfe8) returned 0x0
[0229.307] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0229.314] GdipFillRectangleI (graphics=0x6654bd0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0229.314] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0229.315] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0229.316] SelectPalette (hdc=0x770107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.316] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.316] GetSystemMetrics (nIndex=42) returned 0
[0229.316] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0229.316] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0229.316] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0229.316] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0229.316] SelectPalette (hdc=0x770107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.316] GdipCreateFromHDC (hdc=0x770107e8, graphics=0xd7df90) returned 0x0
[0229.316] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0229.316] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0229.316] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638b18) returned 0x0
[0229.316] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df68) returned 0x0
[0229.316] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0229.317] GdipCreateRegion (region=0xd7df50) returned 0x0
[0229.317] GdipGetClip (graphics=0x6654bd0, region=0x6646058) returned 0x0
[0229.317] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6654bd0, result=0xd7df5c) returned 0x0
[0229.317] GdipDeleteRegion (region=0x6646058) returned 0x0
[0229.317] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7df88) returned 0x0
[0229.317] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0229.322] GdipFillRectangleI (graphics=0x6654bd0, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0229.322] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0229.324] GdipRestoreGraphics (graphics=0x6654bd0, state=0xf95a0dbd) returned 0x0
[0229.324] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.324] GetSystemMetrics (nIndex=42) returned 0
[0229.324] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0229.324] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0229.324] SelectPalette (hdc=0x770107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.324] RestoreDC (hdc=0x770107e8, nSavedDC=-1) returned 1
[0229.324] GdipReleaseDC (graphics=0x6600030, hdc=0x770107e8) returned 0x0
[0229.324] IsAppThemed () returned 0x1
[0229.324] GetThemeAppProperties () returned 0x3
[0229.324] GetThemeAppProperties () returned 0x3
[0229.324] IsAppThemed () returned 0x1
[0229.324] GetThemeAppProperties () returned 0x3
[0229.325] GetThemeAppProperties () returned 0x3
[0229.325] IsThemePartDefined () returned 0x1
[0229.325] GdipCreateRegion (region=0xd7e480) returned 0x0
[0229.325] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0229.325] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0229.325] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0229.325] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e498) returned 0x0
[0229.325] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0229.325] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee910) returned 0x0
[0229.325] LocalFree (hMem=0x11ee910) returned 0x0
[0229.325] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.325] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0229.325] LocalFree (hMem=0x11ee788) returned 0x0
[0229.325] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0229.325] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0229.325] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0229.325] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0229.325] GdipDeleteRegion (region=0x6645248) returned 0x0
[0229.325] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0229.325] GetCurrentObject (hdc=0x770107e8, type=0x1) returned 0xb00017
[0229.326] GetCurrentObject (hdc=0x770107e8, type=0x2) returned 0x900010
[0229.326] GetCurrentObject (hdc=0x770107e8, type=0x7) returned 0x4a0507fe
[0229.326] GetCurrentObject (hdc=0x770107e8, type=0x6) returned 0x8a01c2
[0229.326] SaveDC (hdc=0x770107e8) returned 1
[0229.326] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x260407de
[0229.326] GetClipRgn (hdc=0x770107e8, hrgn=0x260407de) returned 0
[0229.326] SelectClipRgn (hdc=0x770107e8, hrgn=0x99040807) returned 2
[0229.326] DeleteObject (ho=0x260407de) returned 1
[0229.326] DeleteObject (ho=0x99040807) returned 1
[0229.326] OffsetViewportOrgEx (in: hdc=0x770107e8, x=0, y=0, lppt=0x2ebbbe4 | out: lppt=0x2ebbbe4) returned 1
[0229.326] IsAppThemed () returned 0x1
[0229.326] GetThemeAppProperties () returned 0x3
[0229.326] GetThemeAppProperties () returned 0x3
[0229.326] DrawThemeBackground () returned 0x0
[0229.326] RestoreDC (hdc=0x770107e8, nSavedDC=-1) returned 1
[0229.326] GdipReleaseDC (graphics=0x6600030, hdc=0x770107e8) returned 0x0
[0229.326] GdipCreateRegion (region=0xd7e484) returned 0x0
[0229.326] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0229.327] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0229.327] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0229.327] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e49c) returned 0x0
[0229.327] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0229.327] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0229.327] LocalFree (hMem=0x11ee9f0) returned 0x0
[0229.327] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.327] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0229.327] LocalFree (hMem=0x11ee788) returned 0x0
[0229.327] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0229.327] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0229.327] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0229.327] GdipGetRegionHRgn (region=0x6646058, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0229.327] GdipDeleteRegion (region=0x6646058) returned 0x0
[0229.327] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0229.327] GetCurrentObject (hdc=0x770107e8, type=0x1) returned 0xb00017
[0229.327] GetCurrentObject (hdc=0x770107e8, type=0x2) returned 0x900010
[0229.327] GetCurrentObject (hdc=0x770107e8, type=0x7) returned 0x4a0507fe
[0229.327] GetCurrentObject (hdc=0x770107e8, type=0x6) returned 0x8a01c2
[0229.327] SaveDC (hdc=0x770107e8) returned 1
[0229.327] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a040807
[0229.328] GetClipRgn (hdc=0x770107e8, hrgn=0x9a040807) returned 0
[0229.328] SelectClipRgn (hdc=0x770107e8, hrgn=0x270407de) returned 2
[0229.328] DeleteObject (ho=0x9a040807) returned 1
[0229.328] DeleteObject (ho=0x270407de) returned 1
[0229.328] OffsetViewportOrgEx (in: hdc=0x770107e8, x=0, y=0, lppt=0x2ebbeb8 | out: lppt=0x2ebbeb8) returned 1
[0229.328] IsAppThemed () returned 0x1
[0229.328] GetThemeAppProperties () returned 0x3
[0229.328] GetThemeAppProperties () returned 0x3
[0229.328] GetThemeBackgroundContentRect () returned 0x0
[0229.328] RestoreDC (hdc=0x770107e8, nSavedDC=-1) returned 1
[0229.328] GdipReleaseDC (graphics=0x6600030, hdc=0x770107e8) returned 0x0
[0229.328] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0229.328] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0229.328] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0229.328] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0229.328] IsAppThemed () returned 0x1
[0229.328] GetThemeAppProperties () returned 0x3
[0229.329] GetThemeAppProperties () returned 0x3
[0229.329] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0229.329] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0229.329] GetCurrentObject (hdc=0x770107e8, type=0x1) returned 0xb00017
[0229.329] GetCurrentObject (hdc=0x770107e8, type=0x2) returned 0x900010
[0229.329] GetCurrentObject (hdc=0x770107e8, type=0x7) returned 0x4a0507fe
[0229.329] GetCurrentObject (hdc=0x770107e8, type=0x6) returned 0x8a01c2
[0229.329] SaveDC (hdc=0x770107e8) returned 1
[0229.329] GetTextAlign (hdc=0x770107e8) returned 0x0
[0229.329] GetTextColor (hdc=0x770107e8) returned 0x0
[0229.329] GetCurrentObject (hdc=0x770107e8, type=0x6) returned 0x8a01c2
[0229.329] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0229.329] SelectObject (hdc=0x770107e8, h=0x6d0a0520) returned 0x8a01c2
[0229.329] GetBkMode (hdc=0x770107e8) returned 2
[0229.330] SetBkMode (hdc=0x770107e8, mode=1) returned 2
[0229.330] DrawTextExW (in: hdc=0x770107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ebc27c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0229.330] DrawTextExW (in: hdc=0x770107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ebc27c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0229.330] RestoreDC (hdc=0x770107e8, nSavedDC=-1) returned 1
[0229.330] GdipReleaseDC (graphics=0x6600030, hdc=0x770107e8) returned 0x0
[0229.330] GetFocus () returned 0x602c4
[0229.330] IsAppThemed () returned 0x1
[0229.331] GetThemeAppProperties () returned 0x3
[0229.331] GetThemeAppProperties () returned 0x3
[0229.331] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0229.331] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x770107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0229.331] GdipReleaseDC (graphics=0x6600030, hdc=0x770107e8) returned 0x0
[0229.331] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.331] SelectObject (hdc=0x770107e8, h=0x85000f) returned 0x4a0507fe
[0229.331] DeleteDC (hdc=0x770107e8) returned 1
[0229.331] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.331] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0229.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0229.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0229.332] WaitMessage () returned 1
[0229.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.404] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.404] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.404] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0229.404] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0229.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.404] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.404] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.404] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0229.404] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0229.405] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xa0026) returned 0x0
[0229.405] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0229.405] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0229.405] WaitMessage () returned 1
[0229.538] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0229.538] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.538] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0229.538] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0229.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19c0043) returned 0x0
[0229.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0229.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0229.539] SetCursor (hCursor=0x10003) returned 0x10003
[0229.539] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0229.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0229.539] GetKeyState (nVirtKey=1) returned -128
[0229.539] GetKeyState (nVirtKey=2) returned 0
[0229.539] GetKeyState (nVirtKey=4) returned 0
[0229.539] GetKeyState (nVirtKey=5) returned 0
[0229.539] GetKeyState (nVirtKey=6) returned 0
[0229.539] IsWindowVisible (hWnd=0x602c4) returned 1
[0229.539] IsWindowEnabled (hWnd=0x602c4) returned 1
[0229.539] SetFocus (hWnd=0x602c4) returned 0x602c4
[0229.539] GetFocus () returned 0x602c4
[0229.539] GetFocus () returned 0x602c4
[0229.539] GetFocus () returned 0x602c4
[0229.539] GetKeyState (nVirtKey=1) returned -128
[0229.539] GetKeyState (nVirtKey=2) returned 0
[0229.539] GetKeyState (nVirtKey=4) returned 0
[0229.539] GetKeyState (nVirtKey=5) returned 0
[0229.540] GetKeyState (nVirtKey=6) returned 0
[0229.540] GetCapture () returned 0x0
[0229.540] SetCapture (hWnd=0x602c4) returned 0x0
[0229.540] GetKeyState (nVirtKey=1) returned -128
[0229.540] GetKeyState (nVirtKey=2) returned 0
[0229.540] GetKeyState (nVirtKey=4) returned 0
[0229.540] GetKeyState (nVirtKey=5) returned 0
[0229.540] GetKeyState (nVirtKey=6) returned 0
[0229.540] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0229.540] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0229.540] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.540] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.540] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0229.540] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0229.540] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0229.540] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ebc400, cPoints=0x1 | out: lpPoints=0x2ebc400) returned 40304859
[0229.540] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0229.540] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0229.541] UpdateWindow (hWnd=0x602c4) returned 1
[0229.541] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0229.541] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.541] CreateCompatibleDC (hdc=0x10105d6) returned 0x780107e8
[0229.541] SelectObject (hdc=0x780107e8, h=0x4a0507fe) returned 0x85000f
[0229.541] GdipCreateFromHDC (hdc=0x780107e8, graphics=0xd7e430) returned 0x0
[0229.541] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0229.541] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0229.541] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0229.541] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0229.541] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e490) returned 0x0
[0229.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0229.542] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0229.542] LocalFree (hMem=0x11eec58) returned 0x0
[0229.542] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0229.542] GdipCreateRegion (region=0xd7e478) returned 0x0
[0229.542] GdipGetClip (graphics=0x6600030, region=0x6646058) returned 0x0
[0229.542] GdipIsInfiniteRegion (region=0x6646058, graphics=0x6600030, result=0xd7e484) returned 0x0
[0229.542] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0229.542] GdipRestoreGraphics (graphics=0x6600030, state=0xf9580dbd) returned 0x0
[0229.542] GdipDeleteRegion (region=0x6646058) returned 0x0
[0229.542] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0229.542] GetCurrentObject (hdc=0x780107e8, type=0x1) returned 0xb00017
[0229.542] GetCurrentObject (hdc=0x780107e8, type=0x2) returned 0x900010
[0229.542] GetCurrentObject (hdc=0x780107e8, type=0x7) returned 0x4a0507fe
[0229.542] GetCurrentObject (hdc=0x780107e8, type=0x6) returned 0x8a01c2
[0229.542] SaveDC (hdc=0x780107e8) returned 1
[0229.543] GetNearestColor (hdc=0x780107e8, color=0xff) returned 0xff
[0229.543] GetNearestColor (hdc=0x780107e8, color=0x55) returned 0x55
[0229.543] GetNearestColor (hdc=0x780107e8, color=0x0) returned 0x0
[0229.543] GetNearestColor (hdc=0x780107e8, color=0x55) returned 0x55
[0229.543] GetNearestColor (hdc=0x780107e8, color=0x0) returned 0x0
[0229.543] GetNearestColor (hdc=0x780107e8, color=0x8080ff) returned 0x8080ff
[0229.543] GetNearestColor (hdc=0x780107e8, color=0x7373e5) returned 0x7373e5
[0229.543] GetNearestColor (hdc=0x780107e8, color=0xe5) returned 0xe5
[0229.543] GetNearestColor (hdc=0x780107e8, color=0x0) returned 0x0
[0229.543] RestoreDC (hdc=0x780107e8, nSavedDC=-1) returned 1
[0229.543] GdipReleaseDC (graphics=0x6600030, hdc=0x780107e8) returned 0x0
[0229.543] IsAppThemed () returned 0x1
[0229.543] GetThemeAppProperties () returned 0x3
[0229.544] GetThemeAppProperties () returned 0x3
[0229.544] IsAppThemed () returned 0x1
[0229.544] GetThemeAppProperties () returned 0x3
[0229.544] GetThemeAppProperties () returned 0x3
[0229.544] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2ebcb1c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0229.544] IsAppThemed () returned 0x1
[0229.544] GetThemeAppProperties () returned 0x3
[0229.544] GetThemeAppProperties () returned 0x3
[0229.544] IsAppThemed () returned 0x1
[0229.544] GetThemeAppProperties () returned 0x3
[0229.544] GetThemeAppProperties () returned 0x3
[0229.544] IsAppThemed () returned 0x1
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] IsAppThemed () returned 0x1
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] IsThemePartDefined () returned 0x1
[0229.545] IsAppThemed () returned 0x1
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0229.545] IsAppThemed () returned 0x1
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] IsAppThemed () returned 0x1
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] GetThemeAppProperties () returned 0x3
[0229.545] IsThemePartDefined () returned 0x1
[0229.545] GdipCreateRegion (region=0xd7e194) returned 0x0
[0229.545] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0229.545] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0229.546] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0229.546] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e1ac) returned 0x0
[0229.546] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.546] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0229.546] LocalFree (hMem=0x11ee788) returned 0x0
[0229.546] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.546] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0229.546] LocalFree (hMem=0x11ee788) returned 0x0
[0229.546] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0229.546] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0229.546] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0229.546] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0229.546] GdipDeleteRegion (region=0x6645638) returned 0x0
[0229.546] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0229.546] GetCurrentObject (hdc=0x780107e8, type=0x1) returned 0xb00017
[0229.546] GetCurrentObject (hdc=0x780107e8, type=0x2) returned 0x900010
[0229.546] GetCurrentObject (hdc=0x780107e8, type=0x7) returned 0x4a0507fe
[0229.546] GetCurrentObject (hdc=0x780107e8, type=0x6) returned 0x8a01c2
[0229.547] SaveDC (hdc=0x780107e8) returned 1
[0229.547] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x280407de
[0229.547] GetClipRgn (hdc=0x780107e8, hrgn=0x280407de) returned 0
[0229.547] SelectClipRgn (hdc=0x780107e8, hrgn=0x9e040807) returned 2
[0229.547] DeleteObject (ho=0x280407de) returned 1
[0229.547] DeleteObject (ho=0x9e040807) returned 1
[0229.547] OffsetViewportOrgEx (in: hdc=0x780107e8, x=0, y=0, lppt=0x2ebd1cc | out: lppt=0x2ebd1cc) returned 1
[0229.547] DrawThemeParentBackground () returned 0x0
[0229.547] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0229.547] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0229.547] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.547] GetSystemMetrics (nIndex=42) returned 0
[0229.548] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0229.548] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0229.548] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0229.548] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0229.548] SelectPalette (hdc=0x780107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.548] GdipCreateFromHDC (hdc=0x780107e8, graphics=0xd7dc88) returned 0x0
[0229.548] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0229.548] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0229.548] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638d28) returned 0x0
[0229.548] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc60) returned 0x0
[0229.548] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0229.548] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0229.548] GdipGetClip (graphics=0x6654bd0, region=0x66460e8) returned 0x0
[0229.548] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6654bd0, result=0xd7dc54) returned 0x0
[0229.548] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0229.548] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7dc80) returned 0x0
[0229.549] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0229.555] GdipFillRectangleI (graphics=0x6654bd0, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0229.555] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0229.557] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0229.557] SelectPalette (hdc=0x780107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.557] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.557] GetSystemMetrics (nIndex=42) returned 0
[0229.557] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0229.557] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0229.557] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0229.557] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0229.558] SelectPalette (hdc=0x780107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.558] GdipCreateFromHDC (hdc=0x780107e8, graphics=0xd7dc28) returned 0x0
[0229.558] GdipSetPageUnit (graphics=0x6654bd0, unit=0x2) returned 0x0
[0229.558] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0229.558] GdipGetWorldTransform (graphics=0x6654bd0, matrix=0x6638b78) returned 0x0
[0229.558] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0229.558] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0229.558] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0229.558] GdipGetClip (graphics=0x6654bd0, region=0x6645638) returned 0x0
[0229.558] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6654bd0, result=0xd7dbf4) returned 0x0
[0229.558] GdipDeleteRegion (region=0x6645638) returned 0x0
[0229.558] GdipSaveGraphics (graphics=0x6654bd0, state=0xd7dc20) returned 0x0
[0229.558] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0229.565] GdipFillRectangleI (graphics=0x6654bd0, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0229.565] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0229.567] GdipRestoreGraphics (graphics=0x6654bd0, state=0xf9540dbd) returned 0x0
[0229.567] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.567] GetSystemMetrics (nIndex=42) returned 0
[0229.567] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0229.567] GdipDeleteGraphics (graphics=0x6654bd0) returned 0x0
[0229.567] SelectPalette (hdc=0x780107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.567] RestoreDC (hdc=0x780107e8, nSavedDC=-1) returned 1
[0229.568] GdipReleaseDC (graphics=0x6600030, hdc=0x780107e8) returned 0x0
[0229.568] IsAppThemed () returned 0x1
[0229.568] GetThemeAppProperties () returned 0x3
[0229.568] GetThemeAppProperties () returned 0x3
[0229.568] IsAppThemed () returned 0x1
[0229.568] GetThemeAppProperties () returned 0x3
[0229.568] GetThemeAppProperties () returned 0x3
[0229.568] IsThemePartDefined () returned 0x1
[0229.568] GdipCreateRegion (region=0xd7e118) returned 0x0
[0229.568] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0229.568] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0229.568] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0229.568] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e130) returned 0x0
[0229.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0229.568] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0229.568] LocalFree (hMem=0x11eec58) returned 0x0
[0229.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0229.568] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0229.569] LocalFree (hMem=0x11ee9f0) returned 0x0
[0229.569] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0229.569] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e158) returned 0x0
[0229.569] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e148) returned 0x0
[0229.569] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0229.569] GdipDeleteRegion (region=0x6645878) returned 0x0
[0229.569] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0229.569] GetCurrentObject (hdc=0x780107e8, type=0x1) returned 0xb00017
[0229.569] GetCurrentObject (hdc=0x780107e8, type=0x2) returned 0x900010
[0229.569] GetCurrentObject (hdc=0x780107e8, type=0x7) returned 0x4a0507fe
[0229.569] GetCurrentObject (hdc=0x780107e8, type=0x6) returned 0x8a01c2
[0229.569] SaveDC (hdc=0x780107e8) returned 1
[0229.569] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f040807
[0229.569] GetClipRgn (hdc=0x780107e8, hrgn=0x9f040807) returned 0
[0229.569] SelectClipRgn (hdc=0x780107e8, hrgn=0x2a0407de) returned 2
[0229.569] DeleteObject (ho=0x9f040807) returned 1
[0229.570] DeleteObject (ho=0x2a0407de) returned 1
[0229.570] OffsetViewportOrgEx (in: hdc=0x780107e8, x=0, y=0, lppt=0x2ec3a1c | out: lppt=0x2ec3a1c) returned 1
[0229.570] IsAppThemed () returned 0x1
[0229.570] GetThemeAppProperties () returned 0x3
[0229.570] GetThemeAppProperties () returned 0x3
[0229.570] DrawThemeBackground () returned 0x0
[0229.570] RestoreDC (hdc=0x780107e8, nSavedDC=-1) returned 1
[0229.570] GdipReleaseDC (graphics=0x6600030, hdc=0x780107e8) returned 0x0
[0229.570] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0229.570] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0229.570] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0229.570] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0229.570] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e134) returned 0x0
[0229.570] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0229.570] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0229.570] LocalFree (hMem=0x11ee868) returned 0x0
[0229.570] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.571] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0229.571] LocalFree (hMem=0x11ee788) returned 0x0
[0229.571] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0229.571] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0229.571] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0229.571] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0229.571] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0229.571] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0229.571] GetCurrentObject (hdc=0x780107e8, type=0x1) returned 0xb00017
[0229.571] GetCurrentObject (hdc=0x780107e8, type=0x2) returned 0x900010
[0229.571] GetCurrentObject (hdc=0x780107e8, type=0x7) returned 0x4a0507fe
[0229.571] GetCurrentObject (hdc=0x780107e8, type=0x6) returned 0x8a01c2
[0229.571] SaveDC (hdc=0x780107e8) returned 1
[0229.571] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b0407de
[0229.571] GetClipRgn (hdc=0x780107e8, hrgn=0x2b0407de) returned 0
[0229.571] SelectClipRgn (hdc=0x780107e8, hrgn=0xa0040807) returned 2
[0229.572] DeleteObject (ho=0x2b0407de) returned 1
[0229.572] DeleteObject (ho=0xa0040807) returned 1
[0229.572] OffsetViewportOrgEx (in: hdc=0x780107e8, x=0, y=0, lppt=0x2ec3cf0 | out: lppt=0x2ec3cf0) returned 1
[0229.572] IsAppThemed () returned 0x1
[0229.572] GetThemeAppProperties () returned 0x3
[0229.572] GetThemeAppProperties () returned 0x3
[0229.572] GetThemeBackgroundContentRect () returned 0x0
[0229.572] RestoreDC (hdc=0x780107e8, nSavedDC=-1) returned 1
[0229.572] GdipReleaseDC (graphics=0x6600030, hdc=0x780107e8) returned 0x0
[0229.572] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0229.572] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0229.572] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0229.572] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0229.572] IsAppThemed () returned 0x1
[0229.572] GetThemeAppProperties () returned 0x3
[0229.572] GetThemeAppProperties () returned 0x3
[0229.572] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0229.572] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0229.573] GetCurrentObject (hdc=0x780107e8, type=0x1) returned 0xb00017
[0229.573] GetCurrentObject (hdc=0x780107e8, type=0x2) returned 0x900010
[0229.573] GetCurrentObject (hdc=0x780107e8, type=0x7) returned 0x4a0507fe
[0229.573] GetCurrentObject (hdc=0x780107e8, type=0x6) returned 0x8a01c2
[0229.573] SaveDC (hdc=0x780107e8) returned 1
[0229.573] GetTextAlign (hdc=0x780107e8) returned 0x0
[0229.573] GetTextColor (hdc=0x780107e8) returned 0x0
[0229.573] GetCurrentObject (hdc=0x780107e8, type=0x6) returned 0x8a01c2
[0229.573] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0229.573] SelectObject (hdc=0x780107e8, h=0x6d0a0520) returned 0x8a01c2
[0229.573] GetBkMode (hdc=0x780107e8) returned 2
[0229.573] SetBkMode (hdc=0x780107e8, mode=1) returned 2
[0229.573] DrawTextExW (in: hdc=0x780107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2ec40b4 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0229.574] DrawTextExW (in: hdc=0x780107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2ec40b4 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0229.574] RestoreDC (hdc=0x780107e8, nSavedDC=-1) returned 1
[0229.574] GdipReleaseDC (graphics=0x6600030, hdc=0x780107e8) returned 0x0
[0229.574] GetFocus () returned 0x602c4
[0229.574] IsAppThemed () returned 0x1
[0229.574] GetThemeAppProperties () returned 0x3
[0229.574] GetThemeAppProperties () returned 0x3
[0229.575] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0229.575] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x780107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0229.575] GdipReleaseDC (graphics=0x6600030, hdc=0x780107e8) returned 0x0
[0229.575] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.575] SelectObject (hdc=0x780107e8, h=0x85000f) returned 0x4a0507fe
[0229.575] DeleteDC (hdc=0x780107e8) returned 1
[0229.575] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.575] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0229.576] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ec41b0, cPoints=0x1 | out: lpPoints=0x2ec41b0) returned 40304859
[0229.576] WindowFromPoint (Point=0x101) returned 0x602c4
[0229.576] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2710101) returned 0x1
[0229.576] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0229.576] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0229.576] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0229.576] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0229.576] GetSystemMetrics (nIndex=42) returned 0
[0229.576] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0229.576] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0229.579] GetCapture () returned 0x602c4
[0229.579] ReleaseCapture () returned 1
[0229.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0229.579] GetProcessWindowStation () returned 0x13c
[0229.580] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.580] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0229.580] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.580] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0229.580] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.581] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0229.581] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.581] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0229.581] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.581] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0229.582] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.582] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0229.582] GetDC (hWnd=0x0) returned 0xf0105ee
[0229.582] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0229.583] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0229.583] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.583] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0229.583] GetSystemMetrics (nIndex=5) returned 1
[0229.583] GetSystemMetrics (nIndex=6) returned 1
[0229.583] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.583] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0229.584] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.584] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0229.587] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0229.588] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0229.588] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.588] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0229.588] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.588] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0229.589] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2ec9bcc | out: lpData=0x2ec9bcc) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ec9fdc, puLen=0xd7e810) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9c84, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9cd8, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9d58, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9dc0, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9e00, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9e88, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9ec4, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9f1c, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9f4c, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ec9f88, puLen=0xd7e790) returned 1
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.590] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ec9fdc, puLen=0xd7e784) returned 1
[0229.591] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.591] VerQueryValueW (in: pBlock=0x2ec9bcc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ec9bf4, puLen=0xd7e794) returned 1
[0229.592] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0229.592] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0229.592] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.592] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0229.592] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.593] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0229.593] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2ecbb3c | out: lpData=0x2ecbb3c) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ecbbd8, puLen=0xd7e810) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbc50, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbc80, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbcbc, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbcec, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbd34, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbdac, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbdf0, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbe30, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbc2e, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecbd7c, puLen=0xd7e790) returned 1
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.593] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ecbbd8, puLen=0xd7e784) returned 1
[0229.593] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0229.594] VerQueryValueW (in: pBlock=0x2ecbb3c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ecbb64, puLen=0xd7e794) returned 1
[0229.595] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0229.595] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0229.595] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.595] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0229.595] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.595] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0229.596] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2ecde14 | out: lpData=0x2ecde14) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ece228, puLen=0xd7e810) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecdecc, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecdf20, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecdf7c, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ecdfdc, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ece034, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ece0bc, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ece110, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ece168, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ece198, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ece1d4, puLen=0xd7e790) returned 1
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ece228, puLen=0xd7e784) returned 1
[0229.597] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.597] VerQueryValueW (in: pBlock=0x2ecde14, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ecde3c, puLen=0xd7e794) returned 1
[0229.598] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0229.598] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0229.598] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.598] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0229.599] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.599] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0229.600] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2ed044c | out: lpData=0x2ed044c) returned 1
[0229.600] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed084c, puLen=0xd7e810) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0504, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0558, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0598, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0600, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0658, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed06e0, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0734, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed078c, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed07bc, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed07f8, puLen=0xd7e790) returned 1
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed084c, puLen=0xd7e784) returned 1
[0229.601] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.601] VerQueryValueW (in: pBlock=0x2ed044c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed0474, puLen=0xd7e794) returned 1
[0229.602] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0229.602] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0229.602] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.602] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0229.602] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.602] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0229.603] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2ed2b88 | out: lpData=0x2ed2b88) returned 1
[0229.604] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed2f50, puLen=0xd7e810) returned 1
[0229.604] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2c40, puLen=0xd7e790) returned 1
[0229.604] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2c94, puLen=0xd7e790) returned 1
[0229.604] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2cd4, puLen=0xd7e790) returned 1
[0229.604] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2d3c, puLen=0xd7e790) returned 1
[0229.604] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2d78, puLen=0xd7e790) returned 1
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2e00, puLen=0xd7e790) returned 1
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2e38, puLen=0xd7e790) returned 1
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2e90, puLen=0xd7e790) returned 1
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2ec0, puLen=0xd7e790) returned 1
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2efc, puLen=0xd7e790) returned 1
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed2f50, puLen=0xd7e784) returned 1
[0229.605] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.605] VerQueryValueW (in: pBlock=0x2ed2b88, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed2bb0, puLen=0xd7e794) returned 1
[0229.609] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0229.609] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0229.609] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.609] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0229.609] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.609] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0229.610] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2ed61f0 | out: lpData=0x2ed61f0) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed65d0, puLen=0xd7e810) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed62a8, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed62fc, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed633c, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed639c, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed63e8, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed6470, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed64b8, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed6510, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed6540, puLen=0xd7e790) returned 1
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.611] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed657c, puLen=0xd7e790) returned 1
[0229.612] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.612] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed65d0, puLen=0xd7e784) returned 1
[0229.612] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.612] VerQueryValueW (in: pBlock=0x2ed61f0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed6218, puLen=0xd7e794) returned 1
[0229.613] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0229.613] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0229.613] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.613] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0229.613] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.613] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0229.614] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2ed8a10 | out: lpData=0x2ed8a10) returned 1
[0229.614] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed8e1c, puLen=0xd7e810) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8ac8, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8b1c, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8b70, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8bd0, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8c28, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8cb0, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8d04, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8d5c, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8d8c, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed8dc8, puLen=0xd7e790) returned 1
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed8e1c, puLen=0xd7e784) returned 1
[0229.615] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.615] VerQueryValueW (in: pBlock=0x2ed8a10, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed8a38, puLen=0xd7e794) returned 1
[0229.616] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0229.616] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0229.616] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.616] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0229.617] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.617] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0229.617] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2edb224 | out: lpData=0x2edb224) returned 1
[0229.618] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2edb5fc, puLen=0xd7e810) returned 1
[0229.618] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb2dc, puLen=0xd7e790) returned 1
[0229.618] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb330, puLen=0xd7e790) returned 1
[0229.618] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb370, puLen=0xd7e790) returned 1
[0229.618] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb3d8, puLen=0xd7e790) returned 1
[0229.618] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb41c, puLen=0xd7e790) returned 1
[0229.618] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb4a4, puLen=0xd7e790) returned 1
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb4e4, puLen=0xd7e790) returned 1
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb53c, puLen=0xd7e790) returned 1
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb56c, puLen=0xd7e790) returned 1
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edb5a8, puLen=0xd7e790) returned 1
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2edb5fc, puLen=0xd7e784) returned 1
[0229.619] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.619] VerQueryValueW (in: pBlock=0x2edb224, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2edb24c, puLen=0xd7e794) returned 1
[0229.620] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0229.620] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0229.620] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.620] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0229.620] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.620] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0229.621] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2edd77c | out: lpData=0x2edd77c) returned 1
[0229.623] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eddb54, puLen=0xd7e810) returned 1
[0229.623] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd834, puLen=0xd7e790) returned 1
[0229.623] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd888, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd8c8, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd930, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd974, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd9fc, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edda3c, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edda94, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eddac4, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eddb00, puLen=0xd7e790) returned 1
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eddb54, puLen=0xd7e784) returned 1
[0229.624] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.624] VerQueryValueW (in: pBlock=0x2edd77c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2edd7a4, puLen=0xd7e794) returned 1
[0229.625] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0229.625] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0229.625] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0229.625] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0229.625] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0229.625] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0229.626] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2edfeb4 | out: lpData=0x2edfeb4) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ee02e4, puLen=0xd7e810) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edff6c, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edffc0, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee0030, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee0090, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee00ec, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee0174, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee01cc, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee0224, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee0254, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee0290, puLen=0xd7e790) returned 1
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0229.627] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ee02e4, puLen=0xd7e784) returned 1
[0229.628] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0229.628] VerQueryValueW (in: pBlock=0x2edfeb4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2edfedc, puLen=0xd7e794) returned 1
[0229.629] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0229.629] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.629] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0229.629] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.630] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.630] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1202d0
[0229.630] SetWindowLongW (hWnd=0x1202d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0229.630] GetWindowLongW (hWnd=0x1202d0, nIndex=-4) returned 1950089536
[0229.631] SetWindowLongW (hWnd=0x1202d0, nIndex=-4, dwNewLong=19947958) returned 1950089536
[0229.631] GetWindowLongW (hWnd=0x1202d0, nIndex=-4) returned 19947958
[0229.631] GetWindowLongW (hWnd=0x1202d0, nIndex=-16) returned 113311744
[0229.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0229.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0229.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0229.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0229.637] GetClientRect (in: hWnd=0x1202d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0229.637] GetWindowRect (in: hWnd=0x1202d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0229.637] SetWindowTextW (hWnd=0x1202d0, lpString="WindowsFormsParkingWindow") returned 1
[0229.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0xc, wParam=0x0, lParam=0x2ea4ca8) returned 0x1
[0229.638] GetParent (hWnd=0x1202d0) returned 0x0
[0229.639] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.639] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1202d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1702c8
[0229.639] SetWindowLongW (hWnd=0x1702c8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0229.639] GetWindowLongW (hWnd=0x1702c8, nIndex=-4) returned 1868147648
[0229.640] SetWindowLongW (hWnd=0x1702c8, nIndex=-4, dwNewLong=19947838) returned 1868147648
[0229.640] GetWindowLongW (hWnd=0x1702c8, nIndex=-4) returned 19947838
[0229.640] GetWindowLongW (hWnd=0x1702c8, nIndex=-16) returned 1174405133
[0229.640] GetWindowLongW (hWnd=0x1702c8, nIndex=-12) returned 0
[0229.640] SetWindowLongW (hWnd=0x1702c8, nIndex=-12, dwNewLong=1508040) returned 0
[0229.640] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0229.641] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0229.641] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0229.641] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0229.641] GetWindowRect (in: hWnd=0x1702c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0229.641] GetParent (hWnd=0x1702c8) returned 0x1202d0
[0229.642] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202d0, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0229.642] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0229.642] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0229.642] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0229.642] GetWindowRect (in: hWnd=0x1702c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0229.642] GetParent (hWnd=0x1702c8) returned 0x1202d0
[0229.642] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202d0, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0229.643] SendMessageW (hWnd=0x1702c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1702c8) returned 0x0
[0229.643] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1702c8) returned 0x0
[0229.643] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.643] GetParent (hWnd=0x1702c8) returned 0x1202d0
[0229.643] GdipCreateFromHWND (hwnd=0x1702c8, graphics=0xd7e844) returned 0x0
[0229.643] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0229.645] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.645] GetForegroundWindow () returned 0x7005c
[0229.645] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.645] GetSystemMetrics (nIndex=42) returned 0
[0229.645] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0229.645] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0229.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.645] GetSystemMetrics (nIndex=42) returned 0
[0229.645] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.645] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0229.646] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.646] GetCursorPos (in: lpPoint=0x2ee4338 | out: lpPoint=0x2ee4338*(x=257, y=625)) returned 1
[0229.646] MonitorFromPoint (pt=0x101, dwFlags=0x271) returned 0x10001
[0229.646] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0229.646] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7b0107e8
[0229.647] GetDeviceCaps (hdc=0x7b0107e8, index=12) returned 32
[0229.647] GetDeviceCaps (hdc=0x7b0107e8, index=14) returned 1
[0229.647] DeleteDC (hdc=0x7b0107e8) returned 1
[0229.647] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0229.647] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0229.647] GetSystemMetrics (nIndex=59) returned 1460
[0229.647] GetSystemMetrics (nIndex=60) returned 920
[0229.647] GetSystemMetrics (nIndex=34) returned 136
[0229.647] GetSystemMetrics (nIndex=35) returned 39
[0229.647] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.648] GetCursorPos (in: lpPoint=0x2ee45a4 | out: lpPoint=0x2ee45a4*(x=257, y=625)) returned 1
[0229.648] MonitorFromPoint (pt=0x103, dwFlags=0x273) returned 0x10001
[0229.648] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0229.648] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7c0107e8
[0229.648] GetDeviceCaps (hdc=0x7c0107e8, index=12) returned 32
[0229.648] GetDeviceCaps (hdc=0x7c0107e8, index=14) returned 1
[0229.648] DeleteDC (hdc=0x7c0107e8) returned 1
[0229.648] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0229.648] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0229.649] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.649] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0229.649] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2ee483c | out: piconinfo=0x2ee483c) returned 1
[0229.649] GetObjectW (in: h=0x4a0507a1, c=24, pv=0x2ee4858 | out: pv=0x2ee4858) returned 24
[0229.649] GdipCreateBitmapFromHBITMAP (hbm=0x4a0507a1, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0229.650] GdipGetImageWidth (image=0x6603430, width=0xd7e750) returned 0x0
[0229.650] GdipGetImageHeight (image=0x6603430, height=0xd7e748) returned 0x0
[0229.650] GdipGetImagePixelFormat (image=0x6603430, format=0xd7e740) returned 0x0
[0229.650] GdipBitmapLockBits (bitmap=0x6603430, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2ee4910) returned 0x0
[0229.650] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0229.650] GdipBitmapLockBits (bitmap=0x6602710, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2ee4948) returned 0x0
[0229.650] RtlMoveMemory (in: Destination=0x665af28, Source=0x665fec8, Length=0x80 | out: Destination=0x665af28)
[0229.650] RtlMoveMemory (in: Destination=0x665afa8, Source=0x665fe48, Length=0x80 | out: Destination=0x665afa8)
[0229.650] RtlMoveMemory (in: Destination=0x665b028, Source=0x665fdc8, Length=0x80 | out: Destination=0x665b028)
[0229.650] RtlMoveMemory (in: Destination=0x665b0a8, Source=0x665fd48, Length=0x80 | out: Destination=0x665b0a8)
[0229.650] RtlMoveMemory (in: Destination=0x665b128, Source=0x665fcc8, Length=0x80 | out: Destination=0x665b128)
[0229.650] RtlMoveMemory (in: Destination=0x665b1a8, Source=0x665fc48, Length=0x80 | out: Destination=0x665b1a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b228, Source=0x665fbc8, Length=0x80 | out: Destination=0x665b228)
[0229.651] RtlMoveMemory (in: Destination=0x665b2a8, Source=0x665fb48, Length=0x80 | out: Destination=0x665b2a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b328, Source=0x665fac8, Length=0x80 | out: Destination=0x665b328)
[0229.651] RtlMoveMemory (in: Destination=0x665b3a8, Source=0x665fa48, Length=0x80 | out: Destination=0x665b3a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b428, Source=0x665f9c8, Length=0x80 | out: Destination=0x665b428)
[0229.651] RtlMoveMemory (in: Destination=0x665b4a8, Source=0x665f948, Length=0x80 | out: Destination=0x665b4a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b528, Source=0x665f8c8, Length=0x80 | out: Destination=0x665b528)
[0229.651] RtlMoveMemory (in: Destination=0x665b5a8, Source=0x665f848, Length=0x80 | out: Destination=0x665b5a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b628, Source=0x665f7c8, Length=0x80 | out: Destination=0x665b628)
[0229.651] RtlMoveMemory (in: Destination=0x665b6a8, Source=0x665f748, Length=0x80 | out: Destination=0x665b6a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b728, Source=0x665f6c8, Length=0x80 | out: Destination=0x665b728)
[0229.651] RtlMoveMemory (in: Destination=0x665b7a8, Source=0x665f648, Length=0x80 | out: Destination=0x665b7a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b828, Source=0x665f5c8, Length=0x80 | out: Destination=0x665b828)
[0229.651] RtlMoveMemory (in: Destination=0x665b8a8, Source=0x665f548, Length=0x80 | out: Destination=0x665b8a8)
[0229.651] RtlMoveMemory (in: Destination=0x665b928, Source=0x665f4c8, Length=0x80 | out: Destination=0x665b928)
[0229.651] RtlMoveMemory (in: Destination=0x665b9a8, Source=0x665f448, Length=0x80 | out: Destination=0x665b9a8)
[0229.651] RtlMoveMemory (in: Destination=0x665ba28, Source=0x665f3c8, Length=0x80 | out: Destination=0x665ba28)
[0229.651] RtlMoveMemory (in: Destination=0x665baa8, Source=0x665f348, Length=0x80 | out: Destination=0x665baa8)
[0229.652] RtlMoveMemory (in: Destination=0x665bb28, Source=0x665f2c8, Length=0x80 | out: Destination=0x665bb28)
[0229.652] RtlMoveMemory (in: Destination=0x665bba8, Source=0x665f248, Length=0x80 | out: Destination=0x665bba8)
[0229.652] RtlMoveMemory (in: Destination=0x665bc28, Source=0x665f1c8, Length=0x80 | out: Destination=0x665bc28)
[0229.652] RtlMoveMemory (in: Destination=0x665bca8, Source=0x665f148, Length=0x80 | out: Destination=0x665bca8)
[0229.652] RtlMoveMemory (in: Destination=0x665bd28, Source=0x665f0c8, Length=0x80 | out: Destination=0x665bd28)
[0229.652] RtlMoveMemory (in: Destination=0x665bda8, Source=0x665f048, Length=0x80 | out: Destination=0x665bda8)
[0229.652] RtlMoveMemory (in: Destination=0x665be28, Source=0x665efc8, Length=0x80 | out: Destination=0x665be28)
[0229.652] RtlMoveMemory (in: Destination=0x665bea8, Source=0x665ef48, Length=0x80 | out: Destination=0x665bea8)
[0229.652] GdipBitmapUnlockBits (bitmap=0x6603430, lockedBitmapData=0x2ee4910) returned 0x0
[0229.652] GdipBitmapUnlockBits (bitmap=0x6602710, lockedBitmapData=0x2ee4948) returned 0x0
[0229.652] GdipDisposeImage (image=0x6603430) returned 0x0
[0229.652] DeleteObject (ho=0x4a0507a1) returned 1
[0229.652] DeleteObject (ho=0x7d0507e8) returned 1
[0229.652] GetCurrentThreadId () returned 0xf50
[0229.652] GetCurrentThreadId () returned 0xf50
[0229.652] SetWindowPos (hWnd=0x1702c8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0229.653] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0229.653] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0229.653] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0229.653] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0229.653] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0229.653] GetWindowRect (in: hWnd=0x1702c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0229.654] GetParent (hWnd=0x1702c8) returned 0x1202d0
[0229.654] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202d0, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0229.654] InvalidateRect (hWnd=0x1702c8, lpRect=0x0, bErase=1) returned 1
[0229.654] GetWindowTextLengthW (hWnd=0x1702c8) returned 0
[0229.654] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0229.654] GetSystemMetrics (nIndex=42) returned 0
[0229.654] GetWindowTextW (in: hWnd=0x1702c8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0229.654] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0229.654] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0229.654] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0229.654] GetWindowRect (in: hWnd=0x1702c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0229.654] GetParent (hWnd=0x1702c8) returned 0x1202d0
[0229.654] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1202d0, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0229.654] GetWindowTextLengthW (hWnd=0x1702c8) returned 0
[0229.655] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0229.655] GetSystemMetrics (nIndex=42) returned 0
[0229.655] GetWindowTextW (in: hWnd=0x1702c8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0229.655] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0229.655] GetWindowTextLengthW (hWnd=0x1702c8) returned 0
[0229.655] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0229.655] GetSystemMetrics (nIndex=42) returned 0
[0229.655] GetWindowTextW (in: hWnd=0x1702c8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0229.655] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0229.655] SetWindowTextW (hWnd=0x1702c8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0229.655] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xc, wParam=0x0, lParam=0x2ec57a4) returned 0x1
[0229.655] InvalidateRect (hWnd=0x1702c8, lpRect=0x0, bErase=1) returned 1
[0229.655] GetCurrentThreadId () returned 0xf50
[0229.655] GetWindowThreadProcessId (in: hWnd=0x1702c8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0229.656] GdipCreateBitmapFromStream (stream=0x509ff10, bitmap=0xd7e840) returned 0x0
[0229.657] GdipImageForceValidation (image=0x6603778) returned 0x0
[0229.659] GdipGetImageRawFormat (image=0x6603778, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0229.659] GdipGetImageHeight (image=0x6603778, height=0xd7e824) returned 0x0
[0229.659] GdipGetImageWidth (image=0x6603778, width=0xd7e824) returned 0x0
[0229.659] GdipGetImageWidth (image=0x6603778, width=0xd7e810) returned 0x0
[0229.659] GdipGetImageHeight (image=0x6603778, height=0xd7e810) returned 0x0
[0229.659] GdipGetImageWidth (image=0x6603778, width=0xd7e800) returned 0x0
[0229.659] GdipGetImageHeight (image=0x6603778, height=0xd7e800) returned 0x0
[0229.659] GdipBitmapGetPixel (bitmap=0x6603778, x=0, y=15, color=0xd7e810) returned 0x0
[0229.659] GdipGetImageRawFormat (image=0x6603778, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0229.659] GdipGetImageWidth (image=0x6603778, width=0xd7e740) returned 0x0
[0229.659] GdipGetImageHeight (image=0x6603778, height=0xd7e740) returned 0x0
[0229.659] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0229.659] GdipGetImagePixelFormat (image=0x6600988, format=0xd7e740) returned 0x0
[0229.660] GdipGetImageGraphicsContext (image=0x6600988, graphics=0xd7e74c) returned 0x0
[0229.660] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0229.660] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0229.660] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0229.660] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603778, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0229.660] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0229.660] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.660] GdipDisposeImage (image=0x6603778) returned 0x0
[0229.661] GdipCreateBitmapFromStream (stream=0x509fef0, bitmap=0xd7e840) returned 0x0
[0229.663] GdipImageForceValidation (image=0x6601018) returned 0x0
[0229.664] GdipGetImageRawFormat (image=0x6601018, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0229.664] GdipGetImageHeight (image=0x6601018, height=0xd7e824) returned 0x0
[0229.664] GdipGetImageWidth (image=0x6601018, width=0xd7e824) returned 0x0
[0229.664] GdipGetImageWidth (image=0x6601018, width=0xd7e810) returned 0x0
[0229.664] GdipGetImageHeight (image=0x6601018, height=0xd7e810) returned 0x0
[0229.664] GdipGetImageWidth (image=0x6601018, width=0xd7e800) returned 0x0
[0229.665] GdipGetImageHeight (image=0x6601018, height=0xd7e800) returned 0x0
[0229.665] GdipBitmapGetPixel (bitmap=0x6601018, x=0, y=15, color=0xd7e810) returned 0x0
[0229.665] GdipGetImageRawFormat (image=0x6601018, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0229.665] GdipGetImageWidth (image=0x6601018, width=0xd7e740) returned 0x0
[0229.665] GdipGetImageHeight (image=0x6601018, height=0xd7e740) returned 0x0
[0229.665] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0229.665] GdipGetImagePixelFormat (image=0x66016a8, format=0xd7e740) returned 0x0
[0229.665] GdipGetImageGraphicsContext (image=0x66016a8, graphics=0xd7e74c) returned 0x0
[0229.666] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0229.666] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0229.666] GdipSetImageAttributesColorKeys (imageattr=0x6638cf8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0229.666] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601018, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cf8, callback=0x0, callbackData=0x0) returned 0x0
[0229.666] GdipDisposeImageAttributes (imageattr=0x6638cf8) returned 0x0
[0229.666] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.666] GdipDisposeImage (image=0x6601018) returned 0x0
[0229.667] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.667] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0229.667] GetCurrentThreadId () returned 0xf50
[0229.667] GetCurrentThreadId () returned 0xf50
[0229.667] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.667] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0229.667] GetCurrentThreadId () returned 0xf50
[0229.667] GetCurrentThreadId () returned 0xf50
[0229.668] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.668] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0229.668] GetCurrentThreadId () returned 0xf50
[0229.668] GetCurrentThreadId () returned 0xf50
[0229.668] GetSystemMetrics (nIndex=5) returned 1
[0229.668] GetSystemMetrics (nIndex=6) returned 1
[0229.668] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.668] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0229.668] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.669] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0229.669] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.669] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0229.669] GetCurrentThreadId () returned 0xf50
[0229.669] GetCurrentThreadId () returned 0xf50
[0229.670] GetProcessWindowStation () returned 0x13c
[0229.670] GetCapture () returned 0x0
[0229.670] GetActiveWindow () returned 0x7005c
[0229.670] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0229.670] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.670] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0229.670] GetCursorPos (in: lpPoint=0x2ee5a88 | out: lpPoint=0x2ee5a88*(x=257, y=625)) returned 1
[0229.670] MonitorFromPoint (pt=0x101, dwFlags=0x271) returned 0x10001
[0229.670] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0229.671] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7e0107e8
[0229.671] GetDeviceCaps (hdc=0x7e0107e8, index=12) returned 32
[0229.671] GetDeviceCaps (hdc=0x7e0107e8, index=14) returned 1
[0229.671] DeleteDC (hdc=0x7e0107e8) returned 1
[0229.671] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0229.671] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.671] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d02dc
[0229.672] SetWindowLongW (hWnd=0x1d02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0229.672] GetWindowLongW (hWnd=0x1d02dc, nIndex=-4) returned 1950089536
[0229.672] SetWindowLongW (hWnd=0x1d02dc, nIndex=-4, dwNewLong=19948078) returned 1950089536
[0229.672] GetWindowLongW (hWnd=0x1d02dc, nIndex=-4) returned 19948078
[0229.672] GetWindowLongW (hWnd=0x1d02dc, nIndex=-16) returned 113770496
[0229.673] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0229.674] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0229.674] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0229.674] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0229.674] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0229.675] SetWindowTextW (hWnd=0x1d02dc, lpString="BB ransomware") returned 1
[0229.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xc, wParam=0x0, lParam=0x2ee4224) returned 0x1
[0229.676] GetStartupInfoW (in: lpStartupInfo=0x2ee5dc4 | out: lpStartupInfo=0x2ee5dc4*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0229.679] GetParent (hWnd=0x1d02dc) returned 0x0
[0229.679] SetWindowLongW (hWnd=0x1d02dc, nIndex=-8, dwNewLong=0) returned 0
[0229.680] SendMessageW (hWnd=0x1d02dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0229.680] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0229.680] SendMessageW (hWnd=0x1d02dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0229.680] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0229.681] GetSystemMenu (hWnd=0x1d02dc, bRevert=0) returned 0x6f013b
[0229.681] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0229.681] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0229.681] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0229.681] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0229.681] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0229.681] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0229.682] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0229.682] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0229.682] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0229.682] SetWindowPos (hWnd=0x1d02dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0229.682] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0229.682] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1d02dc) returned 0x1
[0229.700] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0229.701] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0229.702] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0229.702] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0229.702] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0229.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1d02dc, lParam=0x0) returned 0x0
[0229.706] GetCapture () returned 0x0
[0229.706] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0229.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0229.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0229.710] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0229.710] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0229.710] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0229.711] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0229.711] GetParent (hWnd=0x1d02dc) returned 0x0
[0229.711] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0229.711] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0229.714] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0229.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0229.714] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0229.714] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0229.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0229.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0229.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0229.816] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.816] GetWindowLongW (hWnd=0x1d02dc, nIndex=-16) returned 113770496
[0229.816] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0229.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.816] GetSystemMetrics (nIndex=42) returned 0
[0229.816] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0229.816] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0229.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.816] GetSystemMetrics (nIndex=42) returned 0
[0229.816] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0229.817] GetCursorPos (in: lpPoint=0x2ee6000 | out: lpPoint=0x2ee6000*(x=257, y=625)) returned 1
[0229.817] MonitorFromPoint (pt=0x101, dwFlags=0x271) returned 0x10001
[0229.817] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0229.817] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8f01065e
[0229.817] GetDeviceCaps (hdc=0x8f01065e, index=12) returned 32
[0229.817] GetDeviceCaps (hdc=0x8f01065e, index=14) returned 1
[0229.817] DeleteDC (hdc=0x8f01065e) returned 1
[0229.817] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0229.817] GetWindowLongW (hWnd=0x1d02dc, nIndex=-16) returned 113770496
[0229.817] GetWindowLongW (hWnd=0x1d02dc, nIndex=-20) returned 327945
[0229.817] SetWindowLongW (hWnd=0x1d02dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0229.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0229.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0229.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0229.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0229.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0229.820] SetWindowLongW (hWnd=0x1d02dc, nIndex=-20, dwNewLong=327681) returned 327945
[0229.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0229.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0229.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0229.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0229.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0229.822] SetWindowPos (hWnd=0x1d02dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0229.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0229.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0229.823] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0229.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0229.823] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0229.823] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0229.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0229.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0229.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0229.825] RedrawWindow (hWnd=0x1d02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0229.825] GetSystemMenu (hWnd=0x1d02dc, bRevert=0) returned 0x6f013b
[0229.825] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0229.825] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0229.826] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0229.826] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0229.826] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0229.826] EnableMenuItem (hMenu=0x6f013b, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0229.826] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0229.826] GetWindowLongW (hWnd=0x1d02dc, nIndex=-8) returned 0
[0229.826] SetWindowLongW (hWnd=0x1d02dc, nIndex=-8, dwNewLong=458844) returned 0
[0229.827] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0229.827] GetProcessWindowStation () returned 0x13c
[0229.827] GetCurrentThreadId () returned 0xf50
[0229.827] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306396, lParam=0x0) returned 1
[0229.827] IsWindowVisible (hWnd=0x1d02dc) returned 0
[0229.827] IsWindowVisible (hWnd=0x7005c) returned 1
[0229.827] IsWindowEnabled (hWnd=0x7005c) returned 1
[0229.828] IsWindowVisible (hWnd=0x300ec) returned 0
[0229.828] IsWindowVisible (hWnd=0x502c6) returned 0
[0229.828] IsWindowVisible (hWnd=0x502be) returned 0
[0229.828] GetActiveWindow () returned 0x1d02dc
[0229.828] GetFocus () returned 0x1d02dc
[0229.828] IsWindow (hWnd=0x7005c) returned 1
[0229.828] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0229.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0229.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0229.829] GetWindowLongW (hWnd=0x1d02dc, nIndex=-8) returned 458844
[0229.829] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0229.829] GetCurrentThreadId () returned 0xf50
[0229.829] GetWindowLongW (hWnd=0x1d02dc, nIndex=-8) returned 458844
[0229.829] IsWindowEnabled (hWnd=0x7005c) returned 0
[0229.829] IsWindowEnabled (hWnd=0x1d02dc) returned 1
[0229.829] ShowWindow (hWnd=0x1d02dc, nCmdShow=5) returned 0
[0229.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.829] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0229.830] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.830] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.830] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1d02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2000ea
[0229.830] SetWindowLongW (hWnd=0x2000ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0229.831] GetWindowLongW (hWnd=0x2000ea, nIndex=-4) returned 1950089536
[0229.831] SetWindowLongW (hWnd=0x2000ea, nIndex=-4, dwNewLong=19948478) returned 1950089536
[0229.832] GetWindowLongW (hWnd=0x2000ea, nIndex=-4) returned 19948478
[0229.832] GetWindowLongW (hWnd=0x2000ea, nIndex=-16) returned 1174405120
[0229.832] GetWindowLongW (hWnd=0x2000ea, nIndex=-12) returned 0
[0229.832] SetWindowLongW (hWnd=0x2000ea, nIndex=-12, dwNewLong=2097386) returned 0
[0229.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0229.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0229.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0229.833] GetWindow (hWnd=0x2000ea, uCmd=0x3) returned 0x0
[0229.833] GetClientRect (in: hWnd=0x2000ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0229.833] GetWindowRect (in: hWnd=0x2000ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0229.833] GetParent (hWnd=0x2000ea) returned 0x1d02dc
[0229.833] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0229.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0229.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0229.833] GetClientRect (in: hWnd=0x2000ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0229.833] GetWindowRect (in: hWnd=0x2000ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0229.833] GetParent (hWnd=0x2000ea) returned 0x1d02dc
[0229.834] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0229.834] SendMessageW (hWnd=0x2000ea, Msg=0x2210, wParam=0xea0001, lParam=0x2000ea) returned 0x0
[0229.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x2210, wParam=0xea0001, lParam=0x2000ea) returned 0x0
[0229.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.834] GetParent (hWnd=0x2000ea) returned 0x1d02dc
[0229.834] GetParent (hWnd=0x1702c8) returned 0x1202d0
[0229.834] SetParent (hWndChild=0x1702c8, hWndNewParent=0x1d02dc) returned 0x1202d0
[0229.834] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0229.835] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0229.835] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0229.835] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0229.835] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0229.835] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0229.835] GetWindowRect (in: hWnd=0x1702c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0229.835] GetParent (hWnd=0x1702c8) returned 0x1d02dc
[0229.835] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0229.835] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0229.836] GetWindowRect (in: hWnd=0x1702c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0229.836] GetParent (hWnd=0x1702c8) returned 0x1d02dc
[0229.836] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0229.836] GetParent (hWnd=0x1702c8) returned 0x1d02dc
[0229.836] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.836] GetWindow (hWnd=0x1702c8, uCmd=0x3) returned 0x0
[0229.836] SetWindowPos (hWnd=0x1702c8, hWndInsertAfter=0x2000ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0229.836] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0229.837] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0229.837] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0229.837] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0229.837] GetWindowRect (in: hWnd=0x1702c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0229.837] GetParent (hWnd=0x1702c8) returned 0x1d02dc
[0229.837] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0229.837] GetParent (hWnd=0x1702c8) returned 0x1d02dc
[0229.837] GetWindow (hWnd=0x1702c8, uCmd=0x3) returned 0x2000ea
[0229.837] GetWindowThreadProcessId (in: hWnd=0x1702c8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0229.837] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0229.837] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.838] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.838] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1d02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f02d8
[0229.838] SetWindowLongW (hWnd=0x1f02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0229.838] GetWindowLongW (hWnd=0x1f02d8, nIndex=-4) returned 1868032000
[0229.839] SetWindowLongW (hWnd=0x1f02d8, nIndex=-4, dwNewLong=19948278) returned 1868032000
[0229.839] GetWindowLongW (hWnd=0x1f02d8, nIndex=-4) returned 19948278
[0229.839] GetWindowLongW (hWnd=0x1f02d8, nIndex=-16) returned 1174470667
[0229.839] GetWindowLongW (hWnd=0x1f02d8, nIndex=-12) returned 0
[0229.839] SetWindowLongW (hWnd=0x1f02d8, nIndex=-12, dwNewLong=2032344) returned 0
[0229.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0229.840] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0229.840] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0229.841] SendMessageW (hWnd=0x1f02d8, Msg=0x2055, wParam=0x1f02d8, lParam=0x3) returned 0x2
[0229.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0229.841] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0229.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0229.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0229.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0229.842] RedrawWindow (hWnd=0x2000ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0229.842] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0229.842] RedrawWindow (hWnd=0x1702c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0229.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0229.842] RedrawWindow (hWnd=0x1f02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0229.842] RedrawWindow (hWnd=0x1d02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0229.842] GetWindow (hWnd=0x1f02d8, uCmd=0x3) returned 0x1702c8
[0229.842] GetClientRect (in: hWnd=0x1f02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0229.842] GetWindowRect (in: hWnd=0x1f02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0229.842] GetParent (hWnd=0x1f02d8) returned 0x1d02dc
[0229.842] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0229.843] SetWindowTextW (hWnd=0x1f02d8, lpString="&Details") returned 1
[0229.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0229.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0229.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0229.843] GetClientRect (in: hWnd=0x1f02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0229.843] GetWindowRect (in: hWnd=0x1f02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0229.843] GetParent (hWnd=0x1f02d8) returned 0x1d02dc
[0229.843] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0229.844] SendMessageW (hWnd=0x1f02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1f02d8) returned 0x0
[0229.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x1f02d8) returned 0x0
[0229.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.844] GetParent (hWnd=0x1f02d8) returned 0x1d02dc
[0229.844] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0229.844] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.845] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.845] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1d02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1302ce
[0229.845] SetWindowLongW (hWnd=0x1302ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0229.845] GetWindowLongW (hWnd=0x1302ce, nIndex=-4) returned 1868032000
[0229.846] SetWindowLongW (hWnd=0x1302ce, nIndex=-4, dwNewLong=19948118) returned 1868032000
[0229.846] GetWindowLongW (hWnd=0x1302ce, nIndex=-4) returned 19948118
[0229.846] GetWindowLongW (hWnd=0x1302ce, nIndex=-16) returned 1174470667
[0229.846] GetWindowLongW (hWnd=0x1302ce, nIndex=-12) returned 0
[0229.846] SetWindowLongW (hWnd=0x1302ce, nIndex=-12, dwNewLong=1245902) returned 0
[0229.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0229.847] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0229.847] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0229.848] SendMessageW (hWnd=0x1302ce, Msg=0x2055, wParam=0x1302ce, lParam=0x3) returned 0x2
[0229.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0229.848] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0229.848] GetWindow (hWnd=0x1302ce, uCmd=0x3) returned 0x1f02d8
[0229.848] GetClientRect (in: hWnd=0x1302ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0229.848] GetWindowRect (in: hWnd=0x1302ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0229.848] GetParent (hWnd=0x1302ce) returned 0x1d02dc
[0229.848] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0229.849] SetWindowTextW (hWnd=0x1302ce, lpString="&Continue") returned 1
[0229.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0229.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0229.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0229.849] GetClientRect (in: hWnd=0x1302ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0229.849] GetWindowRect (in: hWnd=0x1302ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0229.849] GetParent (hWnd=0x1302ce) returned 0x1d02dc
[0229.849] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0229.849] SendMessageW (hWnd=0x1302ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1302ce) returned 0x0
[0229.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1302ce) returned 0x0
[0229.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.850] GetParent (hWnd=0x1302ce) returned 0x1d02dc
[0229.850] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0229.850] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.851] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.851] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1d02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d02de
[0229.851] SetWindowLongW (hWnd=0x1d02de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0229.851] GetWindowLongW (hWnd=0x1d02de, nIndex=-4) returned 1868032000
[0229.852] SetWindowLongW (hWnd=0x1d02de, nIndex=-4, dwNewLong=19948158) returned 1868032000
[0229.852] GetWindowLongW (hWnd=0x1d02de, nIndex=-4) returned 19948158
[0229.852] GetWindowLongW (hWnd=0x1d02de, nIndex=-16) returned 1174470667
[0229.852] GetWindowLongW (hWnd=0x1d02de, nIndex=-12) returned 0
[0229.852] SetWindowLongW (hWnd=0x1d02de, nIndex=-12, dwNewLong=1901278) returned 0
[0229.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0229.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0229.853] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0229.854] SendMessageW (hWnd=0x1d02de, Msg=0x2055, wParam=0x1d02de, lParam=0x3) returned 0x2
[0229.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0229.854] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0229.854] GetWindow (hWnd=0x1d02de, uCmd=0x3) returned 0x1302ce
[0229.854] GetClientRect (in: hWnd=0x1d02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0229.855] GetWindowRect (in: hWnd=0x1d02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0229.855] GetParent (hWnd=0x1d02de) returned 0x1d02dc
[0229.855] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0229.855] SetWindowTextW (hWnd=0x1d02de, lpString="&Quit") returned 1
[0229.855] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0229.855] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0229.855] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0229.856] GetClientRect (in: hWnd=0x1d02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0229.856] GetWindowRect (in: hWnd=0x1d02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0229.856] GetParent (hWnd=0x1d02de) returned 0x1d02dc
[0229.856] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0229.856] SendMessageW (hWnd=0x1d02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1d02de) returned 0x0
[0229.856] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x2210, wParam=0x2de0001, lParam=0x1d02de) returned 0x0
[0229.856] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.857] GetParent (hWnd=0x1d02de) returned 0x1d02dc
[0229.857] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0229.857] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.857] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0229.858] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1d02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d02da
[0229.858] SetWindowLongW (hWnd=0x1d02da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0229.858] GetWindowLongW (hWnd=0x1d02da, nIndex=-4) returned 1868026976
[0229.858] SetWindowLongW (hWnd=0x1d02da, nIndex=-4, dwNewLong=19947878) returned 1868026976
[0229.859] GetWindowLongW (hWnd=0x1d02da, nIndex=-4) returned 19947878
[0229.859] GetWindowLongW (hWnd=0x1d02da, nIndex=-16) returned 1177553092
[0229.859] GetWindowLongW (hWnd=0x1d02da, nIndex=-12) returned 0
[0229.859] SetWindowLongW (hWnd=0x1d02da, nIndex=-12, dwNewLong=1901274) returned 0
[0229.859] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0229.860] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0229.861] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0229.879] GetWindow (hWnd=0x1d02da, uCmd=0x3) returned 0x1d02de
[0229.879] GetClientRect (in: hWnd=0x1d02da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0229.879] GetWindowRect (in: hWnd=0x1d02da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0229.879] GetParent (hWnd=0x1d02da) returned 0x1d02dc
[0229.879] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0229.879] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0229.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.879] GetSystemMetrics (nIndex=42) returned 0
[0229.879] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0229.880] SendMessageW (hWnd=0x1d02da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0229.880] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0229.885] SetWindowTextW (hWnd=0x1d02da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0229.885] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0xc, wParam=0x0, lParam=0x2ee1c0c) returned 0x1
[0229.887] GetSystemMetrics (nIndex=5) returned 1
[0229.887] GetSystemMetrics (nIndex=6) returned 1
[0229.887] SendMessageW (hWnd=0x1d02da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0229.887] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0229.888] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0229.889] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0229.889] GetClientRect (in: hWnd=0x1d02da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0229.889] GetWindowRect (in: hWnd=0x1d02da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0229.889] GetParent (hWnd=0x1d02da) returned 0x1d02dc
[0229.889] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0229.889] SendMessageW (hWnd=0x1d02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1d02da) returned 0x0
[0229.889] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1d02da) returned 0x0
[0229.889] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0229.889] GetParent (hWnd=0x1d02da) returned 0x1d02dc
[0229.890] GetWindowLongW (hWnd=0x1d02dc, nIndex=-8) returned 458844
[0229.890] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0229.890] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0229.890] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9601065e
[0229.890] GetDeviceCaps (hdc=0x9601065e, index=12) returned 32
[0229.890] GetDeviceCaps (hdc=0x9601065e, index=14) returned 1
[0229.890] DeleteDC (hdc=0x9601065e) returned 1
[0229.890] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0229.890] GetWindowThreadProcessId (in: hWnd=0x1d02dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0229.890] GetCurrentThreadId () returned 0xf50
[0229.890] PostMessageW (hWnd=0x1d02dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0229.891] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0229.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.891] GetSystemMetrics (nIndex=42) returned 0
[0229.891] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0229.891] GdipImageGetFrameDimensionsCount (image=0x6602710, count=0xd7e25c) returned 0x0
[0229.891] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12011d8
[0229.891] GdipImageGetFrameDimensionsList (image=0x6602710, dimensionIDs=0x12011d8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0229.891] LocalFree (hMem=0x12011d8) returned 0x0
[0229.891] GdipImageGetFrameDimensionsCount (image=0x6600988, count=0xd7e250) returned 0x0
[0229.891] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12011c0
[0229.891] GdipImageGetFrameDimensionsList (image=0x6600988, dimensionIDs=0x12011c0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0229.891] LocalFree (hMem=0x12011c0) returned 0x0
[0229.891] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0229.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0229.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0229.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0229.903] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0229.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0229.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0229.904] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0229.904] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0229.905] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0229.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.905] GetSystemMetrics (nIndex=42) returned 0
[0229.905] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0229.905] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0229.905] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0229.905] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0229.905] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0xffffffff820507f3
[0229.905] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0229.905] SaveDC (hdc=0x10105d6) returned 1
[0229.905] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0229.905] CreateSolidBrush (color=0xf0f0f0) returned 0x561007e1
[0229.905] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x561007e1) returned 1
[0229.905] DeleteObject (ho=0x561007e1) returned 1
[0229.906] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0229.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0229.906] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0229.906] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0229.906] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0229.907] GetStockObject (i=5) returned 0x900015
[0229.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0229.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0229.907] GetStockObject (i=5) returned 0x900015
[0229.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0229.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0229.907] GetStockObject (i=5) returned 0x900015
[0229.908] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0229.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0229.908] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0229.908] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0229.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0229.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0229.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0229.910] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0229.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0229.911] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0229.911] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0229.911] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0229.911] InvalidateRect (hWnd=0x1f02d8, lpRect=0x0, bErase=0) returned 1
[0229.911] GetFocus () returned 0x1d02dc
[0229.911] GetFocus () returned 0x1d02dc
[0229.911] SetFocus (hWnd=0x1f02d8) returned 0x1d02dc
[0229.912] GetFocus () returned 0x1f02d8
[0229.912] IsChild (hWndParent=0x1d02dc, hWnd=0x1f02d8) returned 1
[0229.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x8, wParam=0x1f02d8, lParam=0x0) returned 0x0
[0229.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0229.914] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0229.916] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0229.916] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x7, wParam=0x1d02dc, lParam=0x0) returned 0x0
[0229.916] GetStockObject (i=5) returned 0x900015
[0229.916] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0229.916] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0229.916] GetDlgItem (hDlg=0x1d02dc, nIDDlgItem=2032344) returned 0x1f02d8
[0229.916] SendMessageW (hWnd=0x1f02d8, Msg=0x202b, wParam=0x1f02d8, lParam=0xd7e0dc) returned 0x0
[0229.916] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x202b, wParam=0x1f02d8, lParam=0xd7e0dc) returned 0x0
[0229.916] InvalidateRect (hWnd=0x1f02d8, lpRect=0x0, bErase=0) returned 1
[0229.919] GetFocus () returned 0x1f02d8
[0229.919] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.925] IsWindowUnicode (hWnd=0x1d02dc) returned 1
[0229.925] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.925] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.925] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0229.926] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.926] IsWindowUnicode (hWnd=0x1d02dc) returned 1
[0229.926] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.926] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.926] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.926] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.926] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0229.927] IsWindowUnicode (hWnd=0x1302ce) returned 1
[0229.927] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.927] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.927] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.927] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.927] IsWindowUnicode (hWnd=0x602c4) returned 1
[0229.927] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.927] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.927] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.927] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0229.927] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0229.927] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.927] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0229.928] IsWindowUnicode (hWnd=0x1302ce) returned 1
[0229.928] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.928] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0229.928] SetCursor (hCursor=0x10003) returned 0x10003
[0229.928] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.928] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.928] _TrackMouseEvent (in: lpEventTrack=0x2ee7348 | out: lpEventTrack=0x2ee7348) returned 1
[0229.928] SendMessageW (hWnd=0x1302ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0229.928] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0229.928] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0229.928] GetKeyState (nVirtKey=1) returned 0
[0229.929] GetKeyState (nVirtKey=2) returned 0
[0229.929] GetKeyState (nVirtKey=4) returned 0
[0229.929] GetKeyState (nVirtKey=5) returned 0
[0229.929] GetKeyState (nVirtKey=6) returned 0
[0229.929] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.929] IsWindowUnicode (hWnd=0x1d02dc) returned 1
[0229.929] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.929] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.929] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.929] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.930] IsWindowUnicode (hWnd=0x1d02dc) returned 1
[0229.930] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.930] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.930] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.930] BeginPaint (in: hWnd=0x1d02dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0229.931] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.931] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0229.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0229.931] GetSystemMetrics (nIndex=42) returned 0
[0229.931] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0229.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0229.931] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.931] EndPaint (hWnd=0x1d02dc, lpPaint=0xd7e274) returned 1
[0229.931] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.931] IsWindowUnicode (hWnd=0x2000ea) returned 1
[0229.931] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.931] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.931] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.932] BeginPaint (in: hWnd=0x2000ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0229.932] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.932] CreateCompatibleDC (hdc=0xf0105ee) returned 0x8d010671
[0229.932] SelectObject (hdc=0x8d010671, h=0x4a0507fe) returned 0x85000f
[0229.932] GdipCreateFromHDC (hdc=0x8d010671, graphics=0xd7e2b0) returned 0x0
[0229.932] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0229.932] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0229.932] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0229.932] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0229.932] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e310) returned 0x0
[0229.932] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0229.932] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0229.933] LocalFree (hMem=0x11ee868) returned 0x0
[0229.933] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0229.933] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0229.933] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0229.933] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e304) returned 0x0
[0229.933] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0229.933] GetWindowTextLengthW (hWnd=0x2000ea) returned 0
[0229.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0229.933] GetSystemMetrics (nIndex=42) returned 0
[0229.933] GetWindowTextW (in: hWnd=0x2000ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0229.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0229.933] GetClientRect (in: hWnd=0x2000ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0229.933] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0229.933] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0229.933] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0229.933] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0229.933] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e164) returned 0x0
[0229.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0229.933] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0229.934] LocalFree (hMem=0x11ee788) returned 0x0
[0229.934] GdipCombineRegionRegion (region=0x6645638, region2=0x6646178, combineMode=0x1) returned 0x0
[0229.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0229.934] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0229.934] LocalFree (hMem=0x11ee868) returned 0x0
[0229.934] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0229.934] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0229.934] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0229.934] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0229.934] GdipDeleteRegion (region=0x6645638) returned 0x0
[0229.934] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0229.934] GetCurrentObject (hdc=0x8d010671, type=0x1) returned 0xb00017
[0229.934] GetCurrentObject (hdc=0x8d010671, type=0x2) returned 0x900010
[0229.934] GetCurrentObject (hdc=0x8d010671, type=0x7) returned 0x4a0507fe
[0229.938] GetCurrentObject (hdc=0x8d010671, type=0x6) returned 0x8a01c2
[0229.938] SaveDC (hdc=0x8d010671) returned 1
[0229.938] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa1040807
[0229.938] GetClipRgn (hdc=0x8d010671, hrgn=0xa1040807) returned 0
[0229.938] SelectClipRgn (hdc=0x8d010671, hrgn=0x2e0407de) returned 2
[0229.938] DeleteObject (ho=0xa1040807) returned 1
[0229.938] DeleteObject (ho=0x2e0407de) returned 1
[0229.938] OffsetViewportOrgEx (in: hdc=0x8d010671, x=0, y=0, lppt=0x2ee77c4 | out: lppt=0x2ee77c4) returned 1
[0229.938] GetNearestColor (hdc=0x8d010671, color=0xf0f0f0) returned 0xf0f0f0
[0229.939] CreateSolidBrush (color=0xf0f0f0) returned 0x571007e1
[0229.939] FillRect (hDC=0x8d010671, lprc=0xd7e198, hbr=0x571007e1) returned 1
[0229.939] DeleteObject (ho=0x571007e1) returned 1
[0229.939] RestoreDC (hdc=0x8d010671, nSavedDC=-1) returned 1
[0229.939] GdipReleaseDC (graphics=0x6600030, hdc=0x8d010671) returned 0x0
[0229.939] GdipRestoreGraphics (graphics=0x6600030, state=0xf94e0dbd) returned 0x0
[0229.939] GdipDeleteRegion (region=0x6646178) returned 0x0
[0229.939] GetWindowTextLengthW (hWnd=0x2000ea) returned 0
[0229.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0229.939] GetSystemMetrics (nIndex=42) returned 0
[0229.939] GetWindowTextW (in: hWnd=0x2000ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0229.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0229.939] GdipGetImageWidth (image=0x6602710, width=0xd7e1e0) returned 0x0
[0229.939] GdipGetImageHeight (image=0x6602710, height=0xd7e1e0) returned 0x0
[0229.939] GdipGetImageWidth (image=0x6602710, width=0xd7e1cc) returned 0x0
[0229.939] GdipGetImageHeight (image=0x6602710, height=0xd7e1cc) returned 0x0
[0229.940] GdipDrawImageRectI (graphics=0x6600030, image=0x6602710, x=16, y=16, width=32, height=32) returned 0x0
[0229.940] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0229.940] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0x8d010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0229.940] GdipReleaseDC (graphics=0x6600030, hdc=0x8d010671) returned 0x0
[0229.940] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.940] SelectObject (hdc=0x8d010671, h=0x85000f) returned 0x4a0507fe
[0229.940] DeleteDC (hdc=0x8d010671) returned 1
[0229.940] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.940] EndPaint (hWnd=0x2000ea, lpPaint=0xd7e294) returned 1
[0229.940] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.941] IsWindowUnicode (hWnd=0x1702c8) returned 1
[0229.941] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.941] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.941] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.941] BeginPaint (in: hWnd=0x1702c8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0229.941] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0229.941] CreateCompatibleDC (hdc=0x10105d6) returned 0x8f010671
[0229.941] GetObjectType (h=0x10105d6) returned 0x3
[0229.941] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffffa305065e
[0229.941] GetDIBits (in: hdc=0x10105d6, hbm=0xa305065e, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0229.974] GetDIBits (in: hdc=0x10105d6, hbm=0xa305065e, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0229.974] DeleteObject (ho=0xa305065e) returned 1
[0229.975] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xa00507a2
[0229.975] SelectObject (hdc=0x8f010671, h=0xa00507a2) returned 0x85000f
[0229.975] GdipCreateFromHDC (hdc=0x8f010671, graphics=0xd7e234) returned 0x0
[0229.975] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0229.975] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0229.975] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0229.975] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0229.975] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2d4) returned 0x0
[0229.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0229.975] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0229.975] LocalFree (hMem=0x11eec58) returned 0x0
[0229.976] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0229.976] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0229.976] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0229.976] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0229.976] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0229.976] GetWindowTextLengthW (hWnd=0x1702c8) returned 232
[0229.976] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0229.976] GetSystemMetrics (nIndex=42) returned 0
[0229.976] GetWindowTextW (in: hWnd=0x1702c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0229.976] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0229.976] GetClientRect (in: hWnd=0x1702c8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0229.976] GdipCreateRegion (region=0xd7e110) returned 0x0
[0229.976] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0229.976] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0229.976] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0229.976] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e128) returned 0x0
[0229.976] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0229.976] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0229.977] LocalFree (hMem=0x11eea60) returned 0x0
[0229.977] GdipCombineRegionRegion (region=0x6646178, region2=0x6645c68, combineMode=0x1) returned 0x0
[0229.977] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0229.977] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0229.977] LocalFree (hMem=0x11eec58) returned 0x0
[0229.977] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0229.977] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e150) returned 0x0
[0229.977] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e140) returned 0x0
[0229.977] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0229.977] GdipDeleteRegion (region=0x6646178) returned 0x0
[0229.977] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0229.977] GetCurrentObject (hdc=0x8f010671, type=0x1) returned 0xb00017
[0229.977] GetCurrentObject (hdc=0x8f010671, type=0x2) returned 0x900010
[0229.977] GetCurrentObject (hdc=0x8f010671, type=0x7) returned 0xffffffffa00507a2
[0229.977] GetCurrentObject (hdc=0x8f010671, type=0x6) returned 0x8a01c2
[0229.977] SaveDC (hdc=0x8f010671) returned 1
[0229.978] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2f0407de
[0229.978] GetClipRgn (hdc=0x8f010671, hrgn=0x2f0407de) returned 0
[0229.978] SelectClipRgn (hdc=0x8f010671, hrgn=0xa2040807) returned 2
[0229.978] DeleteObject (ho=0x2f0407de) returned 1
[0229.978] DeleteObject (ho=0xa2040807) returned 1
[0229.978] OffsetViewportOrgEx (in: hdc=0x8f010671, x=0, y=0, lppt=0x2d1be04 | out: lppt=0x2d1be04) returned 1
[0229.978] GetNearestColor (hdc=0x8f010671, color=0xf0f0f0) returned 0xf0f0f0
[0229.978] CreateSolidBrush (color=0xf0f0f0) returned 0x581007e1
[0229.978] FillRect (hDC=0x8f010671, lprc=0xd7e15c, hbr=0x581007e1) returned 1
[0229.979] DeleteObject (ho=0x581007e1) returned 1
[0229.979] RestoreDC (hdc=0x8f010671, nSavedDC=-1) returned 1
[0229.979] GdipReleaseDC (graphics=0x6600030, hdc=0x8f010671) returned 0x0
[0229.979] GdipRestoreGraphics (graphics=0x6600030, state=0xf94c0dbd) returned 0x0
[0229.979] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0229.979] GetWindowTextLengthW (hWnd=0x1702c8) returned 232
[0229.979] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0229.979] GetSystemMetrics (nIndex=42) returned 0
[0229.979] GetWindowTextW (in: hWnd=0x1702c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0229.979] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0229.979] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0229.979] GetCurrentObject (hdc=0x8f010671, type=0x1) returned 0xb00017
[0229.980] GetCurrentObject (hdc=0x8f010671, type=0x2) returned 0x900010
[0229.980] GetCurrentObject (hdc=0x8f010671, type=0x7) returned 0xffffffffa00507a2
[0229.980] GetCurrentObject (hdc=0x8f010671, type=0x6) returned 0x8a01c2
[0229.980] SaveDC (hdc=0x8f010671) returned 1
[0229.980] GetNearestColor (hdc=0x8f010671, color=0x0) returned 0x0
[0229.980] RestoreDC (hdc=0x8f010671, nSavedDC=-1) returned 1
[0229.980] GdipReleaseDC (graphics=0x6600030, hdc=0x8f010671) returned 0x0
[0229.980] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0229.981] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0229.981] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d1c600 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0229.981] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0229.981] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0229.990] GetCurrentObject (hdc=0x8f010671, type=0x1) returned 0xb00017
[0229.990] GetCurrentObject (hdc=0x8f010671, type=0x2) returned 0x900010
[0229.990] GetCurrentObject (hdc=0x8f010671, type=0x7) returned 0xffffffffa00507a2
[0229.990] GetCurrentObject (hdc=0x8f010671, type=0x6) returned 0x8a01c2
[0229.990] SaveDC (hdc=0x8f010671) returned 1
[0229.990] GetTextAlign (hdc=0x8f010671) returned 0x0
[0229.990] GetTextColor (hdc=0x8f010671) returned 0x0
[0229.990] GetCurrentObject (hdc=0x8f010671, type=0x6) returned 0x8a01c2
[0229.990] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0229.990] SelectObject (hdc=0x8f010671, h=0x6d0a0520) returned 0x8a01c2
[0229.991] GetBkMode (hdc=0x8f010671) returned 2
[0229.991] SetBkMode (hdc=0x8f010671, mode=1) returned 2
[0229.991] DrawTextExW (in: hdc=0x8f010671, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d1c824 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0229.994] RestoreDC (hdc=0x8f010671, nSavedDC=-1) returned 1
[0229.994] GdipReleaseDC (graphics=0x6600030, hdc=0x8f010671) returned 0x0
[0229.994] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0229.994] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0x8f010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0229.994] GdipReleaseDC (graphics=0x6600030, hdc=0x8f010671) returned 0x0
[0229.994] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0229.994] SelectObject (hdc=0x8f010671, h=0x85000f) returned 0xa00507a2
[0229.994] DeleteDC (hdc=0x8f010671) returned 1
[0229.994] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0229.994] DeleteObject (ho=0xa00507a2) returned 1
[0229.995] EndPaint (hWnd=0x1702c8, lpPaint=0xd7e258) returned 1
[0229.995] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0229.996] IsWindowUnicode (hWnd=0x30122) returned 1
[0229.996] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0229.997] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.997] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0229.998] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.998] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0229.999] IsWindowUnicode (hWnd=0x30122) returned 1
[0229.999] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0229.999] TranslateMessage (lpMsg=0xd7e808) returned 0
[0229.999] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0230.000] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.000] IsWindowUnicode (hWnd=0x1f02d8) returned 1
[0230.000] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.001] TranslateMessage (lpMsg=0xd7e808) returned 0
[0230.001] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0230.001] BeginPaint (in: hWnd=0x1f02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0230.001] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.001] CreateCompatibleDC (hdc=0x60100ce) returned 0xa601065e
[0230.001] SelectObject (hdc=0xa601065e, h=0x4a0507fe) returned 0x85000f
[0230.001] GdipCreateFromHDC (hdc=0xa601065e, graphics=0xd7e268) returned 0x0
[0230.001] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0230.001] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0230.001] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0230.001] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0230.002] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2c8) returned 0x0
[0230.002] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0230.002] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0230.002] LocalFree (hMem=0x11eec58) returned 0x0
[0230.002] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0230.002] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0230.002] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0230.002] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0230.002] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0230.002] GdipRestoreGraphics (graphics=0x6600030, state=0xf94a0dbd) returned 0x0
[0230.002] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0230.002] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0230.002] GetCurrentObject (hdc=0xa601065e, type=0x1) returned 0xb00017
[0230.002] GetCurrentObject (hdc=0xa601065e, type=0x2) returned 0x900010
[0230.002] GetCurrentObject (hdc=0xa601065e, type=0x7) returned 0x4a0507fe
[0230.003] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.003] SaveDC (hdc=0xa601065e) returned 1
[0230.003] GetNearestColor (hdc=0xa601065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.003] GetNearestColor (hdc=0xa601065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.003] GetNearestColor (hdc=0xa601065e, color=0x696969) returned 0x696969
[0230.003] GetNearestColor (hdc=0xa601065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.003] GetNearestColor (hdc=0xa601065e, color=0x0) returned 0x0
[0230.003] GetNearestColor (hdc=0xa601065e, color=0xffffff) returned 0xffffff
[0230.003] GetNearestColor (hdc=0xa601065e, color=0xe5e5e5) returned 0xe5e5e5
[0230.003] GetNearestColor (hdc=0xa601065e, color=0xd7d7d7) returned 0xd7d7d7
[0230.003] GetNearestColor (hdc=0xa601065e, color=0x0) returned 0x0
[0230.003] RestoreDC (hdc=0xa601065e, nSavedDC=-1) returned 1
[0230.003] GdipReleaseDC (graphics=0x6600030, hdc=0xa601065e) returned 0x0
[0230.004] IsAppThemed () returned 0x1
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] GdipGetImageWidth (image=0x6600988, width=0xd7e168) returned 0x0
[0230.004] GdipGetImageHeight (image=0x6600988, height=0xd7e168) returned 0x0
[0230.004] IsAppThemed () returned 0x1
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d1cf74 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0230.004] IsAppThemed () returned 0x1
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] IsAppThemed () returned 0x1
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] GetThemeAppProperties () returned 0x3
[0230.004] GetFocus () returned 0x1f02d8
[0230.005] IsAppThemed () returned 0x1
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] IsAppThemed () returned 0x1
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] IsThemePartDefined () returned 0x1
[0230.005] IsAppThemed () returned 0x1
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0230.005] IsAppThemed () returned 0x1
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] IsAppThemed () returned 0x1
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] GetThemeAppProperties () returned 0x3
[0230.005] IsThemePartDefined () returned 0x1
[0230.005] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0230.005] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0230.005] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0230.006] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0230.006] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0230.006] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0230.006] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0230.006] LocalFree (hMem=0x11eecc8) returned 0x0
[0230.006] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0230.006] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0230.006] LocalFree (hMem=0x11ee868) returned 0x0
[0230.006] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0230.006] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e018) returned 0x0
[0230.006] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e008) returned 0x0
[0230.006] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0230.006] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.006] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0230.006] GetCurrentObject (hdc=0xa601065e, type=0x1) returned 0xb00017
[0230.006] GetCurrentObject (hdc=0xa601065e, type=0x2) returned 0x900010
[0230.006] GetCurrentObject (hdc=0xa601065e, type=0x7) returned 0x4a0507fe
[0230.006] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.007] SaveDC (hdc=0xa601065e) returned 1
[0230.007] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa3040807
[0230.007] GetClipRgn (hdc=0xa601065e, hrgn=0xa3040807) returned 0
[0230.007] SelectClipRgn (hdc=0xa601065e, hrgn=0x330407de) returned 2
[0230.007] DeleteObject (ho=0xa3040807) returned 1
[0230.007] DeleteObject (ho=0x330407de) returned 1
[0230.007] OffsetViewportOrgEx (in: hdc=0xa601065e, x=0, y=0, lppt=0x2d1d624 | out: lppt=0x2d1d624) returned 1
[0230.007] DrawThemeParentBackground () returned 0x0
[0230.007] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0230.007] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0230.007] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.007] GetSystemMetrics (nIndex=42) returned 0
[0230.007] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0230.008] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0230.008] GetCurrentObject (hdc=0xa601065e, type=0x1) returned 0xb00017
[0230.008] GetCurrentObject (hdc=0xa601065e, type=0x2) returned 0x900010
[0230.008] GetCurrentObject (hdc=0xa601065e, type=0x7) returned 0x4a0507fe
[0230.008] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.008] SaveDC (hdc=0xa601065e) returned 2
[0230.008] GetNearestColor (hdc=0xa601065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.008] CreateSolidBrush (color=0xf0f0f0) returned 0x591007e1
[0230.008] FillRect (hDC=0xa601065e, lprc=0xd7da38, hbr=0x591007e1) returned 1
[0230.008] DeleteObject (ho=0x591007e1) returned 1
[0230.008] RestoreDC (hdc=0xa601065e, nSavedDC=-1) returned 1
[0230.008] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.008] GetSystemMetrics (nIndex=42) returned 0
[0230.008] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0230.009] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0230.009] GetCurrentObject (hdc=0xa601065e, type=0x1) returned 0xb00017
[0230.009] GetCurrentObject (hdc=0xa601065e, type=0x2) returned 0x900010
[0230.009] GetCurrentObject (hdc=0xa601065e, type=0x7) returned 0x4a0507fe
[0230.009] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.009] SaveDC (hdc=0xa601065e) returned 2
[0230.009] GetNearestColor (hdc=0xa601065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.009] CreateSolidBrush (color=0xf0f0f0) returned 0x5a1007e1
[0230.009] FillRect (hDC=0xa601065e, lprc=0xd7d9d8, hbr=0x5a1007e1) returned 1
[0230.009] DeleteObject (ho=0x5a1007e1) returned 1
[0230.009] RestoreDC (hdc=0xa601065e, nSavedDC=-1) returned 1
[0230.009] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.009] GetSystemMetrics (nIndex=42) returned 0
[0230.009] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0230.010] RestoreDC (hdc=0xa601065e, nSavedDC=-1) returned 1
[0230.010] GdipReleaseDC (graphics=0x6600030, hdc=0xa601065e) returned 0x0
[0230.010] IsAppThemed () returned 0x1
[0230.010] GetThemeAppProperties () returned 0x3
[0230.010] GetThemeAppProperties () returned 0x3
[0230.010] IsAppThemed () returned 0x1
[0230.010] GetThemeAppProperties () returned 0x3
[0230.010] GetThemeAppProperties () returned 0x3
[0230.010] IsThemePartDefined () returned 0x1
[0230.010] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0230.010] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0230.010] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0230.010] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0230.010] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0230.010] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0230.010] LocalFree (hMem=0x11ee788) returned 0x0
[0230.010] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0230.010] LocalFree (hMem=0x11eec58) returned 0x0
[0230.010] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0230.010] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0230.011] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0230.011] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0230.011] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.011] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0230.011] GetCurrentObject (hdc=0xa601065e, type=0x1) returned 0xb00017
[0230.011] GetCurrentObject (hdc=0xa601065e, type=0x2) returned 0x900010
[0230.011] GetCurrentObject (hdc=0xa601065e, type=0x7) returned 0x4a0507fe
[0230.011] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.011] SaveDC (hdc=0xa601065e) returned 1
[0230.011] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x340407de
[0230.011] GetClipRgn (hdc=0xa601065e, hrgn=0x340407de) returned 0
[0230.011] SelectClipRgn (hdc=0xa601065e, hrgn=0xa5040807) returned 2
[0230.011] DeleteObject (ho=0x340407de) returned 1
[0230.011] DeleteObject (ho=0xa5040807) returned 1
[0230.011] OffsetViewportOrgEx (in: hdc=0xa601065e, x=0, y=0, lppt=0x2d1ded0 | out: lppt=0x2d1ded0) returned 1
[0230.011] IsAppThemed () returned 0x1
[0230.011] GetThemeAppProperties () returned 0x3
[0230.011] GetThemeAppProperties () returned 0x3
[0230.012] DrawThemeBackground () returned 0x0
[0230.012] RestoreDC (hdc=0xa601065e, nSavedDC=-1) returned 1
[0230.012] GdipReleaseDC (graphics=0x6600030, hdc=0xa601065e) returned 0x0
[0230.012] GdipCreateRegion (region=0xd7df60) returned 0x0
[0230.012] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0230.012] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0230.012] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0230.012] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df78) returned 0x0
[0230.012] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0230.012] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0230.012] LocalFree (hMem=0x11ee8d8) returned 0x0
[0230.012] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.012] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0230.012] LocalFree (hMem=0x11ee788) returned 0x0
[0230.012] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0230.012] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0230.019] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0230.019] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0230.019] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0230.019] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0230.019] GetCurrentObject (hdc=0xa601065e, type=0x1) returned 0xb00017
[0230.019] GetCurrentObject (hdc=0xa601065e, type=0x2) returned 0x900010
[0230.019] GetCurrentObject (hdc=0xa601065e, type=0x7) returned 0x4a0507fe
[0230.019] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.019] SaveDC (hdc=0xa601065e) returned 1
[0230.019] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa6040807
[0230.019] GetClipRgn (hdc=0xa601065e, hrgn=0xa6040807) returned 0
[0230.019] SelectClipRgn (hdc=0xa601065e, hrgn=0x350407de) returned 2
[0230.019] DeleteObject (ho=0xa6040807) returned 1
[0230.020] DeleteObject (ho=0x350407de) returned 1
[0230.020] OffsetViewportOrgEx (in: hdc=0xa601065e, x=0, y=0, lppt=0x2d1e1a4 | out: lppt=0x2d1e1a4) returned 1
[0230.020] IsAppThemed () returned 0x1
[0230.020] GetThemeAppProperties () returned 0x3
[0230.020] GetThemeAppProperties () returned 0x3
[0230.020] GetThemeBackgroundContentRect () returned 0x0
[0230.020] RestoreDC (hdc=0xa601065e, nSavedDC=-1) returned 1
[0230.020] GdipReleaseDC (graphics=0x6600030, hdc=0xa601065e) returned 0x0
[0230.020] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0230.020] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0230.020] GdipCloneRegion (region=0x6645638, cloneRegion=0xd7e150) returned 0x0
[0230.020] GdipCombineRegionRectI (region=0x6645128, rect=0xd7e138, combineMode=0x1) returned 0x0
[0230.020] GdipCombineRegionRectI (region=0x6645128, rect=0xd7e138, combineMode=0x1) returned 0x0
[0230.020] GdipSetClipRegion (graphics=0x6600030, region=0x6645128, combineMode=0x0) returned 0x0
[0230.020] GdipGetImageWidth (image=0x6600988, width=0xd7e154) returned 0x0
[0230.020] GdipGetImageHeight (image=0x6600988, height=0xd7e148) returned 0x0
[0230.020] GdipDrawImageRectI (graphics=0x6600030, image=0x6600988, x=4, y=4, width=16, height=16) returned 0x0
[0230.021] GdipSetClipRegion (graphics=0x6600030, region=0x6645638, combineMode=0x0) returned 0x0
[0230.021] IsAppThemed () returned 0x1
[0230.021] GetThemeAppProperties () returned 0x3
[0230.021] GetThemeAppProperties () returned 0x3
[0230.021] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0230.021] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0230.021] GetCurrentObject (hdc=0xa601065e, type=0x1) returned 0xb00017
[0230.021] GetCurrentObject (hdc=0xa601065e, type=0x2) returned 0x900010
[0230.021] GetCurrentObject (hdc=0xa601065e, type=0x7) returned 0x4a0507fe
[0230.021] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.021] SaveDC (hdc=0xa601065e) returned 1
[0230.021] GetTextAlign (hdc=0xa601065e) returned 0x0
[0230.021] GetTextColor (hdc=0xa601065e) returned 0x0
[0230.021] GetCurrentObject (hdc=0xa601065e, type=0x6) returned 0x8a01c2
[0230.021] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0230.021] SelectObject (hdc=0xa601065e, h=0x6d0a0520) returned 0x8a01c2
[0230.022] GetBkMode (hdc=0xa601065e) returned 2
[0230.022] SetBkMode (hdc=0xa601065e, mode=1) returned 2
[0230.022] DrawTextExW (in: hdc=0xa601065e, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d1e564 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0230.022] DrawTextExW (in: hdc=0xa601065e, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d1e564 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0230.022] RestoreDC (hdc=0xa601065e, nSavedDC=-1) returned 1
[0230.022] GdipReleaseDC (graphics=0x6600030, hdc=0xa601065e) returned 0x0
[0230.022] GetFocus () returned 0x1f02d8
[0230.023] IsAppThemed () returned 0x1
[0230.023] GetThemeAppProperties () returned 0x3
[0230.023] GetThemeAppProperties () returned 0x3
[0230.023] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0230.023] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xa601065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0230.023] GdipReleaseDC (graphics=0x6600030, hdc=0xa601065e) returned 0x0
[0230.023] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.023] SelectObject (hdc=0xa601065e, h=0x85000f) returned 0x4a0507fe
[0230.023] DeleteDC (hdc=0xa601065e) returned 1
[0230.023] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0230.023] EndPaint (hWnd=0x1f02d8, lpPaint=0xd7e24c) returned 1
[0230.023] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.024] IsWindowUnicode (hWnd=0x1302ce) returned 1
[0230.024] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.024] TranslateMessage (lpMsg=0xd7e808) returned 0
[0230.024] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0230.024] BeginPaint (in: hWnd=0x1302ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0230.024] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.024] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa801065e
[0230.024] SelectObject (hdc=0xa801065e, h=0x4a0507fe) returned 0x85000f
[0230.024] GdipCreateFromHDC (hdc=0xa801065e, graphics=0xd7e268) returned 0x0
[0230.024] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0230.024] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0230.024] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0230.024] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0230.025] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0230.025] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0230.025] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0230.025] LocalFree (hMem=0x11eec58) returned 0x0
[0230.025] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0230.025] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0230.025] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0230.025] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0230.025] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0230.025] GdipRestoreGraphics (graphics=0x6600030, state=0xf9480dbd) returned 0x0
[0230.025] GdipDeleteRegion (region=0x6645758) returned 0x0
[0230.025] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0230.025] GetCurrentObject (hdc=0xa801065e, type=0x1) returned 0xb00017
[0230.025] GetCurrentObject (hdc=0xa801065e, type=0x2) returned 0x900010
[0230.025] GetCurrentObject (hdc=0xa801065e, type=0x7) returned 0x4a0507fe
[0230.025] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.025] SaveDC (hdc=0xa801065e) returned 1
[0230.026] GetNearestColor (hdc=0xa801065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.026] GetNearestColor (hdc=0xa801065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.026] GetNearestColor (hdc=0xa801065e, color=0x696969) returned 0x696969
[0230.026] GetNearestColor (hdc=0xa801065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.026] GetNearestColor (hdc=0xa801065e, color=0x0) returned 0x0
[0230.026] GetNearestColor (hdc=0xa801065e, color=0xffffff) returned 0xffffff
[0230.026] GetNearestColor (hdc=0xa801065e, color=0xe5e5e5) returned 0xe5e5e5
[0230.026] GetNearestColor (hdc=0xa801065e, color=0xd7d7d7) returned 0xd7d7d7
[0230.026] GetNearestColor (hdc=0xa801065e, color=0x0) returned 0x0
[0230.026] RestoreDC (hdc=0xa801065e, nSavedDC=-1) returned 1
[0230.026] GdipReleaseDC (graphics=0x6600030, hdc=0xa801065e) returned 0x0
[0230.026] IsAppThemed () returned 0x1
[0230.026] GetThemeAppProperties () returned 0x3
[0230.026] GetThemeAppProperties () returned 0x3
[0230.026] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0230.027] SendMessageW (hWnd=0x1d02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0230.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0230.027] IsAppThemed () returned 0x1
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d1ed74 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0230.027] IsAppThemed () returned 0x1
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] IsAppThemed () returned 0x1
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] IsAppThemed () returned 0x1
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] GetThemeAppProperties () returned 0x3
[0230.027] IsAppThemed () returned 0x1
[0230.028] GetThemeAppProperties () returned 0x3
[0230.028] GetThemeAppProperties () returned 0x3
[0230.028] IsThemePartDefined () returned 0x1
[0230.028] IsAppThemed () returned 0x1
[0230.028] GetThemeAppProperties () returned 0x3
[0230.028] GetThemeAppProperties () returned 0x3
[0230.028] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0230.028] IsAppThemed () returned 0x1
[0230.028] GetThemeAppProperties () returned 0x3
[0230.028] GetThemeAppProperties () returned 0x3
[0230.028] IsAppThemed () returned 0x1
[0230.029] GetThemeAppProperties () returned 0x3
[0230.029] GetThemeAppProperties () returned 0x3
[0230.029] IsThemePartDefined () returned 0x1
[0230.029] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0230.029] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0230.029] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0230.029] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0230.029] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfe4) returned 0x0
[0230.029] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0230.029] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0230.029] LocalFree (hMem=0x11eea98) returned 0x0
[0230.029] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.029] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0230.029] LocalFree (hMem=0x11ee788) returned 0x0
[0230.029] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0230.029] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0230.029] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0230.029] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0230.029] GdipDeleteRegion (region=0x6645248) returned 0x0
[0230.029] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0230.030] GetCurrentObject (hdc=0xa801065e, type=0x1) returned 0xb00017
[0230.030] GetCurrentObject (hdc=0xa801065e, type=0x2) returned 0x900010
[0230.030] GetCurrentObject (hdc=0xa801065e, type=0x7) returned 0x4a0507fe
[0230.030] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.030] SaveDC (hdc=0xa801065e) returned 1
[0230.030] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x360407de
[0230.030] GetClipRgn (hdc=0xa801065e, hrgn=0x360407de) returned 0
[0230.030] SelectClipRgn (hdc=0xa801065e, hrgn=0xaa040807) returned 2
[0230.030] DeleteObject (ho=0x360407de) returned 1
[0230.030] DeleteObject (ho=0xaa040807) returned 1
[0230.030] OffsetViewportOrgEx (in: hdc=0xa801065e, x=0, y=0, lppt=0x2d1f424 | out: lppt=0x2d1f424) returned 1
[0230.030] DrawThemeParentBackground () returned 0x0
[0230.030] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0230.031] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0230.031] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.031] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.031] GetSystemMetrics (nIndex=42) returned 0
[0230.031] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.031] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0230.031] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0230.031] GetCurrentObject (hdc=0xa801065e, type=0x1) returned 0xb00017
[0230.031] GetCurrentObject (hdc=0xa801065e, type=0x2) returned 0x900010
[0230.031] GetCurrentObject (hdc=0xa801065e, type=0x7) returned 0x4a0507fe
[0230.031] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.031] SaveDC (hdc=0xa801065e) returned 2
[0230.031] GetNearestColor (hdc=0xa801065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.031] CreateSolidBrush (color=0xf0f0f0) returned 0x5b1007e1
[0230.031] FillRect (hDC=0xa801065e, lprc=0xd7da30, hbr=0x5b1007e1) returned 1
[0230.031] DeleteObject (ho=0x5b1007e1) returned 1
[0230.031] RestoreDC (hdc=0xa801065e, nSavedDC=-1) returned 1
[0230.032] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.032] GetSystemMetrics (nIndex=42) returned 0
[0230.032] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0230.032] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0230.032] GetCurrentObject (hdc=0xa801065e, type=0x1) returned 0xb00017
[0230.032] GetCurrentObject (hdc=0xa801065e, type=0x2) returned 0x900010
[0230.032] GetCurrentObject (hdc=0xa801065e, type=0x7) returned 0x4a0507fe
[0230.032] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.032] SaveDC (hdc=0xa801065e) returned 2
[0230.032] GetNearestColor (hdc=0xa801065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.032] CreateSolidBrush (color=0xf0f0f0) returned 0x5c1007e1
[0230.032] FillRect (hDC=0xa801065e, lprc=0xd7d9d0, hbr=0x5c1007e1) returned 1
[0230.032] DeleteObject (ho=0x5c1007e1) returned 1
[0230.032] RestoreDC (hdc=0xa801065e, nSavedDC=-1) returned 1
[0230.032] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.033] GetSystemMetrics (nIndex=42) returned 0
[0230.033] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0230.033] RestoreDC (hdc=0xa801065e, nSavedDC=-1) returned 1
[0230.033] GdipReleaseDC (graphics=0x6600030, hdc=0xa801065e) returned 0x0
[0230.033] IsAppThemed () returned 0x1
[0230.033] GetThemeAppProperties () returned 0x3
[0230.033] GetThemeAppProperties () returned 0x3
[0230.033] IsAppThemed () returned 0x1
[0230.033] GetThemeAppProperties () returned 0x3
[0230.033] GetThemeAppProperties () returned 0x3
[0230.033] IsThemePartDefined () returned 0x1
[0230.033] GdipCreateRegion (region=0xd7df50) returned 0x0
[0230.033] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0230.033] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0230.033] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0230.034] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df68) returned 0x0
[0230.034] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.034] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0230.034] LocalFree (hMem=0x11eea28) returned 0x0
[0230.034] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.034] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0230.034] LocalFree (hMem=0x11ee788) returned 0x0
[0230.034] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0230.034] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df90) returned 0x0
[0230.034] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df80) returned 0x0
[0230.034] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0230.034] GdipDeleteRegion (region=0x6645758) returned 0x0
[0230.034] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0230.034] GetCurrentObject (hdc=0xa801065e, type=0x1) returned 0xb00017
[0230.034] GetCurrentObject (hdc=0xa801065e, type=0x2) returned 0x900010
[0230.034] GetCurrentObject (hdc=0xa801065e, type=0x7) returned 0x4a0507fe
[0230.034] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.034] SaveDC (hdc=0xa801065e) returned 1
[0230.035] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab040807
[0230.035] GetClipRgn (hdc=0xa801065e, hrgn=0xab040807) returned 0
[0230.035] SelectClipRgn (hdc=0xa801065e, hrgn=0x380407de) returned 2
[0230.035] DeleteObject (ho=0xab040807) returned 1
[0230.035] DeleteObject (ho=0x380407de) returned 1
[0230.035] OffsetViewportOrgEx (in: hdc=0xa801065e, x=0, y=0, lppt=0x2d1fcd0 | out: lppt=0x2d1fcd0) returned 1
[0230.035] IsAppThemed () returned 0x1
[0230.035] GetThemeAppProperties () returned 0x3
[0230.035] GetThemeAppProperties () returned 0x3
[0230.035] DrawThemeBackground () returned 0x0
[0230.035] RestoreDC (hdc=0xa801065e, nSavedDC=-1) returned 1
[0230.035] GdipReleaseDC (graphics=0x6600030, hdc=0xa801065e) returned 0x0
[0230.035] GdipCreateRegion (region=0xd7df54) returned 0x0
[0230.035] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0230.035] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0230.035] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0230.035] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df6c) returned 0x0
[0230.036] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0230.036] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee8d8) returned 0x0
[0230.036] LocalFree (hMem=0x11ee8d8) returned 0x0
[0230.036] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0230.036] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0230.036] LocalFree (hMem=0x11eecc8) returned 0x0
[0230.036] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0230.036] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df94) returned 0x0
[0230.036] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df84) returned 0x0
[0230.036] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0230.036] GdipDeleteRegion (region=0x6645758) returned 0x0
[0230.036] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0230.036] GetCurrentObject (hdc=0xa801065e, type=0x1) returned 0xb00017
[0230.036] GetCurrentObject (hdc=0xa801065e, type=0x2) returned 0x900010
[0230.036] GetCurrentObject (hdc=0xa801065e, type=0x7) returned 0x4a0507fe
[0230.036] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.036] SaveDC (hdc=0xa801065e) returned 1
[0230.037] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x390407de
[0230.037] GetClipRgn (hdc=0xa801065e, hrgn=0x390407de) returned 0
[0230.037] SelectClipRgn (hdc=0xa801065e, hrgn=0xac040807) returned 2
[0230.037] DeleteObject (ho=0x390407de) returned 1
[0230.037] DeleteObject (ho=0xac040807) returned 1
[0230.037] OffsetViewportOrgEx (in: hdc=0xa801065e, x=0, y=0, lppt=0x2d1ffa4 | out: lppt=0x2d1ffa4) returned 1
[0230.037] IsAppThemed () returned 0x1
[0230.037] GetThemeAppProperties () returned 0x3
[0230.037] GetThemeAppProperties () returned 0x3
[0230.037] GetThemeBackgroundContentRect () returned 0x0
[0230.037] RestoreDC (hdc=0xa801065e, nSavedDC=-1) returned 1
[0230.037] GdipReleaseDC (graphics=0x6600030, hdc=0xa801065e) returned 0x0
[0230.037] IsAppThemed () returned 0x1
[0230.037] GetThemeAppProperties () returned 0x3
[0230.037] GetThemeAppProperties () returned 0x3
[0230.037] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0230.037] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0230.037] GetCurrentObject (hdc=0xa801065e, type=0x1) returned 0xb00017
[0230.038] GetCurrentObject (hdc=0xa801065e, type=0x2) returned 0x900010
[0230.038] GetCurrentObject (hdc=0xa801065e, type=0x7) returned 0x4a0507fe
[0230.038] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.038] SaveDC (hdc=0xa801065e) returned 1
[0230.038] GetTextAlign (hdc=0xa801065e) returned 0x0
[0230.038] GetTextColor (hdc=0xa801065e) returned 0x0
[0230.038] GetCurrentObject (hdc=0xa801065e, type=0x6) returned 0x8a01c2
[0230.038] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0230.038] SelectObject (hdc=0xa801065e, h=0x6d0a0520) returned 0x8a01c2
[0230.038] GetBkMode (hdc=0xa801065e) returned 2
[0230.038] SetBkMode (hdc=0xa801065e, mode=1) returned 2
[0230.038] DrawTextExW (in: hdc=0xa801065e, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d20344 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0230.039] DrawTextExW (in: hdc=0xa801065e, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d20344 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0230.039] RestoreDC (hdc=0xa801065e, nSavedDC=-1) returned 1
[0230.039] GdipReleaseDC (graphics=0x6600030, hdc=0xa801065e) returned 0x0
[0230.039] GetFocus () returned 0x1f02d8
[0230.039] IsAppThemed () returned 0x1
[0230.039] GetThemeAppProperties () returned 0x3
[0230.039] GetThemeAppProperties () returned 0x3
[0230.039] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0230.039] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xa801065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0230.039] GdipReleaseDC (graphics=0x6600030, hdc=0xa801065e) returned 0x0
[0230.039] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.040] SelectObject (hdc=0xa801065e, h=0x85000f) returned 0x4a0507fe
[0230.040] DeleteDC (hdc=0xa801065e) returned 1
[0230.040] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0230.040] EndPaint (hWnd=0x1302ce, lpPaint=0xd7e24c) returned 1
[0230.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.040] IsWindowUnicode (hWnd=0x1d02de) returned 1
[0230.040] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.040] TranslateMessage (lpMsg=0xd7e808) returned 0
[0230.040] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0230.040] BeginPaint (in: hWnd=0x1d02de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0230.040] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.041] CreateCompatibleDC (hdc=0x10105d6) returned 0xaa01065e
[0230.041] SelectObject (hdc=0xaa01065e, h=0x4a0507fe) returned 0x85000f
[0230.041] GdipCreateFromHDC (hdc=0xaa01065e, graphics=0xd7e268) returned 0x0
[0230.041] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0230.041] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0230.041] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0230.041] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0230.041] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0230.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.041] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea28) returned 0x0
[0230.041] LocalFree (hMem=0x11eea28) returned 0x0
[0230.041] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0230.041] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0230.041] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0230.042] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0230.042] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0230.042] GdipRestoreGraphics (graphics=0x6600030, state=0xf9460dbd) returned 0x0
[0230.042] GdipDeleteRegion (region=0x6645908) returned 0x0
[0230.042] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0230.042] GetCurrentObject (hdc=0xaa01065e, type=0x1) returned 0xb00017
[0230.042] GetCurrentObject (hdc=0xaa01065e, type=0x2) returned 0x900010
[0230.042] GetCurrentObject (hdc=0xaa01065e, type=0x7) returned 0x4a0507fe
[0230.042] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.042] SaveDC (hdc=0xaa01065e) returned 1
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0x696969) returned 0x696969
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0x0) returned 0x0
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0xffffff) returned 0xffffff
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0xe5e5e5) returned 0xe5e5e5
[0230.042] GetNearestColor (hdc=0xaa01065e, color=0xd7d7d7) returned 0xd7d7d7
[0230.043] GetNearestColor (hdc=0xaa01065e, color=0x0) returned 0x0
[0230.043] RestoreDC (hdc=0xaa01065e, nSavedDC=-1) returned 1
[0230.043] GdipReleaseDC (graphics=0x6600030, hdc=0xaa01065e) returned 0x0
[0230.043] IsAppThemed () returned 0x1
[0230.043] GetThemeAppProperties () returned 0x3
[0230.043] GetThemeAppProperties () returned 0x3
[0230.043] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0230.043] SendMessageW (hWnd=0x1d02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0230.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0230.043] IsAppThemed () returned 0x1
[0230.043] GetThemeAppProperties () returned 0x3
[0230.043] GetThemeAppProperties () returned 0x3
[0230.043] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d20b54 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0230.043] IsAppThemed () returned 0x1
[0230.044] GetThemeAppProperties () returned 0x3
[0230.044] GetThemeAppProperties () returned 0x3
[0230.050] IsAppThemed () returned 0x1
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] GetFocus () returned 0x1f02d8
[0230.050] IsAppThemed () returned 0x1
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] IsAppThemed () returned 0x1
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] IsThemePartDefined () returned 0x1
[0230.050] IsAppThemed () returned 0x1
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] GetThemeAppProperties () returned 0x3
[0230.050] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0230.050] IsAppThemed () returned 0x1
[0230.050] GetThemeAppProperties () returned 0x3
[0230.051] GetThemeAppProperties () returned 0x3
[0230.051] IsAppThemed () returned 0x1
[0230.051] GetThemeAppProperties () returned 0x3
[0230.051] GetThemeAppProperties () returned 0x3
[0230.051] IsThemePartDefined () returned 0x1
[0230.051] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0230.051] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0230.051] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0230.051] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0230.051] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0230.051] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0230.051] LocalFree (hMem=0x11eec58) returned 0x0
[0230.051] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0230.051] LocalFree (hMem=0x11eed00) returned 0x0
[0230.051] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0230.051] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e018) returned 0x0
[0230.051] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e008) returned 0x0
[0230.051] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0230.051] GdipDeleteRegion (region=0x6645758) returned 0x0
[0230.051] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0230.052] GetCurrentObject (hdc=0xaa01065e, type=0x1) returned 0xb00017
[0230.052] GetCurrentObject (hdc=0xaa01065e, type=0x2) returned 0x900010
[0230.052] GetCurrentObject (hdc=0xaa01065e, type=0x7) returned 0x4a0507fe
[0230.052] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.052] SaveDC (hdc=0xaa01065e) returned 1
[0230.052] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xad040807
[0230.052] GetClipRgn (hdc=0xaa01065e, hrgn=0xad040807) returned 0
[0230.052] SelectClipRgn (hdc=0xaa01065e, hrgn=0x3d0407de) returned 2
[0230.052] DeleteObject (ho=0xad040807) returned 1
[0230.052] DeleteObject (ho=0x3d0407de) returned 1
[0230.052] OffsetViewportOrgEx (in: hdc=0xaa01065e, x=0, y=0, lppt=0x2d21204 | out: lppt=0x2d21204) returned 1
[0230.052] DrawThemeParentBackground () returned 0x0
[0230.052] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0230.053] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0230.053] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.053] GetSystemMetrics (nIndex=42) returned 0
[0230.053] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0230.053] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0230.053] GetCurrentObject (hdc=0xaa01065e, type=0x1) returned 0xb00017
[0230.053] GetCurrentObject (hdc=0xaa01065e, type=0x2) returned 0x900010
[0230.053] GetCurrentObject (hdc=0xaa01065e, type=0x7) returned 0x4a0507fe
[0230.053] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.053] SaveDC (hdc=0xaa01065e) returned 2
[0230.053] GetNearestColor (hdc=0xaa01065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.053] CreateSolidBrush (color=0xf0f0f0) returned 0x5d1007e1
[0230.053] FillRect (hDC=0xaa01065e, lprc=0xd7da38, hbr=0x5d1007e1) returned 1
[0230.053] DeleteObject (ho=0x5d1007e1) returned 1
[0230.053] RestoreDC (hdc=0xaa01065e, nSavedDC=-1) returned 1
[0230.054] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.054] GetSystemMetrics (nIndex=42) returned 0
[0230.054] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0230.054] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0230.054] GetCurrentObject (hdc=0xaa01065e, type=0x1) returned 0xb00017
[0230.054] GetCurrentObject (hdc=0xaa01065e, type=0x2) returned 0x900010
[0230.054] GetCurrentObject (hdc=0xaa01065e, type=0x7) returned 0x4a0507fe
[0230.054] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.054] SaveDC (hdc=0xaa01065e) returned 2
[0230.054] GetNearestColor (hdc=0xaa01065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.054] CreateSolidBrush (color=0xf0f0f0) returned 0x5e1007e1
[0230.054] FillRect (hDC=0xaa01065e, lprc=0xd7d9d8, hbr=0x5e1007e1) returned 1
[0230.054] DeleteObject (ho=0x5e1007e1) returned 1
[0230.054] RestoreDC (hdc=0xaa01065e, nSavedDC=-1) returned 1
[0230.054] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.055] GetSystemMetrics (nIndex=42) returned 0
[0230.055] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.055] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0230.055] RestoreDC (hdc=0xaa01065e, nSavedDC=-1) returned 1
[0230.055] GdipReleaseDC (graphics=0x6600030, hdc=0xaa01065e) returned 0x0
[0230.055] IsAppThemed () returned 0x1
[0230.056] GetThemeAppProperties () returned 0x3
[0230.056] GetThemeAppProperties () returned 0x3
[0230.056] IsAppThemed () returned 0x1
[0230.056] GetThemeAppProperties () returned 0x3
[0230.056] GetThemeAppProperties () returned 0x3
[0230.056] IsThemePartDefined () returned 0x1
[0230.056] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0230.056] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0230.056] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0230.056] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0230.056] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0230.056] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0230.056] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0230.056] LocalFree (hMem=0x11eec58) returned 0x0
[0230.056] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0230.056] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0230.056] LocalFree (hMem=0x11eec58) returned 0x0
[0230.056] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0230.056] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0230.056] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0230.057] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0230.057] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0230.057] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0230.057] GetCurrentObject (hdc=0xaa01065e, type=0x1) returned 0xb00017
[0230.057] GetCurrentObject (hdc=0xaa01065e, type=0x2) returned 0x900010
[0230.057] GetCurrentObject (hdc=0xaa01065e, type=0x7) returned 0x4a0507fe
[0230.057] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.057] SaveDC (hdc=0xaa01065e) returned 1
[0230.057] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3e0407de
[0230.057] GetClipRgn (hdc=0xaa01065e, hrgn=0x3e0407de) returned 0
[0230.057] SelectClipRgn (hdc=0xaa01065e, hrgn=0xaf040807) returned 2
[0230.057] DeleteObject (ho=0x3e0407de) returned 1
[0230.057] DeleteObject (ho=0xaf040807) returned 1
[0230.057] OffsetViewportOrgEx (in: hdc=0xaa01065e, x=0, y=0, lppt=0x2d21ab0 | out: lppt=0x2d21ab0) returned 1
[0230.057] IsAppThemed () returned 0x1
[0230.057] GetThemeAppProperties () returned 0x3
[0230.057] GetThemeAppProperties () returned 0x3
[0230.057] DrawThemeBackground () returned 0x0
[0230.058] RestoreDC (hdc=0xaa01065e, nSavedDC=-1) returned 1
[0230.058] GdipReleaseDC (graphics=0x6600030, hdc=0xaa01065e) returned 0x0
[0230.058] GdipCreateRegion (region=0xd7df60) returned 0x0
[0230.058] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0230.058] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0230.058] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0230.058] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df78) returned 0x0
[0230.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0230.058] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea98) returned 0x0
[0230.058] LocalFree (hMem=0x11eea98) returned 0x0
[0230.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.058] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0230.058] LocalFree (hMem=0x11ee788) returned 0x0
[0230.058] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0230.058] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0230.058] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7df90) returned 0x0
[0230.058] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0230.059] GdipDeleteRegion (region=0x6645908) returned 0x0
[0230.059] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0230.059] GetCurrentObject (hdc=0xaa01065e, type=0x1) returned 0xb00017
[0230.059] GetCurrentObject (hdc=0xaa01065e, type=0x2) returned 0x900010
[0230.059] GetCurrentObject (hdc=0xaa01065e, type=0x7) returned 0x4a0507fe
[0230.059] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.059] SaveDC (hdc=0xaa01065e) returned 1
[0230.059] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb0040807
[0230.059] GetClipRgn (hdc=0xaa01065e, hrgn=0xb0040807) returned 0
[0230.059] SelectClipRgn (hdc=0xaa01065e, hrgn=0x3f0407de) returned 2
[0230.059] DeleteObject (ho=0xb0040807) returned 1
[0230.059] DeleteObject (ho=0x3f0407de) returned 1
[0230.065] OffsetViewportOrgEx (in: hdc=0xaa01065e, x=0, y=0, lppt=0x2d21d84 | out: lppt=0x2d21d84) returned 1
[0230.066] IsAppThemed () returned 0x1
[0230.066] GetThemeAppProperties () returned 0x3
[0230.066] GetThemeAppProperties () returned 0x3
[0230.066] GetThemeBackgroundContentRect () returned 0x0
[0230.066] RestoreDC (hdc=0xaa01065e, nSavedDC=-1) returned 1
[0230.066] GdipReleaseDC (graphics=0x6600030, hdc=0xaa01065e) returned 0x0
[0230.066] IsAppThemed () returned 0x1
[0230.066] GetThemeAppProperties () returned 0x3
[0230.066] GetThemeAppProperties () returned 0x3
[0230.066] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0230.066] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0230.066] GetCurrentObject (hdc=0xaa01065e, type=0x1) returned 0xb00017
[0230.066] GetCurrentObject (hdc=0xaa01065e, type=0x2) returned 0x900010
[0230.066] GetCurrentObject (hdc=0xaa01065e, type=0x7) returned 0x4a0507fe
[0230.066] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.066] SaveDC (hdc=0xaa01065e) returned 1
[0230.066] GetTextAlign (hdc=0xaa01065e) returned 0x0
[0230.067] GetTextColor (hdc=0xaa01065e) returned 0x0
[0230.067] GetCurrentObject (hdc=0xaa01065e, type=0x6) returned 0x8a01c2
[0230.067] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0230.067] SelectObject (hdc=0xaa01065e, h=0x6d0a0520) returned 0x8a01c2
[0230.067] GetBkMode (hdc=0xaa01065e) returned 2
[0230.067] SetBkMode (hdc=0xaa01065e, mode=1) returned 2
[0230.067] DrawTextExW (in: hdc=0xaa01065e, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d22124 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0230.067] DrawTextExW (in: hdc=0xaa01065e, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d22124 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0230.068] RestoreDC (hdc=0xaa01065e, nSavedDC=-1) returned 1
[0230.068] GdipReleaseDC (graphics=0x6600030, hdc=0xaa01065e) returned 0x0
[0230.068] GetFocus () returned 0x1f02d8
[0230.068] IsAppThemed () returned 0x1
[0230.068] GetThemeAppProperties () returned 0x3
[0230.068] GetThemeAppProperties () returned 0x3
[0230.068] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0230.068] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xaa01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0230.068] GdipReleaseDC (graphics=0x6600030, hdc=0xaa01065e) returned 0x0
[0230.068] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.068] SelectObject (hdc=0xaa01065e, h=0x85000f) returned 0x4a0507fe
[0230.068] DeleteDC (hdc=0xaa01065e) returned 1
[0230.068] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0230.069] EndPaint (hWnd=0x1d02de, lpPaint=0xd7e24c) returned 1
[0230.069] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.069] IsWindowUnicode (hWnd=0x602c4) returned 1
[0230.069] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.070] TranslateMessage (lpMsg=0xd7e808) returned 0
[0230.070] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0230.070] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0230.070] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.070] CreateCompatibleDC (hdc=0xc0107c5) returned 0xac01065e
[0230.070] SelectObject (hdc=0xac01065e, h=0x4a0507fe) returned 0x85000f
[0230.070] GdipCreateFromHDC (hdc=0xac01065e, graphics=0xd7e268) returned 0x0
[0230.070] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0230.070] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0230.070] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0230.070] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0230.070] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0230.070] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0230.071] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee910) returned 0x0
[0230.071] LocalFree (hMem=0x11ee910) returned 0x0
[0230.071] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0230.071] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0230.071] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0230.071] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0230.071] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0230.071] GdipRestoreGraphics (graphics=0x6600030, state=0xf9440dbd) returned 0x0
[0230.071] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.071] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0230.071] GetCurrentObject (hdc=0xac01065e, type=0x1) returned 0xb00017
[0230.071] GetCurrentObject (hdc=0xac01065e, type=0x2) returned 0x900010
[0230.071] GetCurrentObject (hdc=0xac01065e, type=0x7) returned 0x4a0507fe
[0230.071] GetCurrentObject (hdc=0xac01065e, type=0x6) returned 0x8a01c2
[0230.071] SaveDC (hdc=0xac01065e) returned 1
[0230.071] GetNearestColor (hdc=0xac01065e, color=0xff) returned 0xff
[0230.072] GetNearestColor (hdc=0xac01065e, color=0x55) returned 0x55
[0230.072] GetNearestColor (hdc=0xac01065e, color=0x0) returned 0x0
[0230.072] GetNearestColor (hdc=0xac01065e, color=0x55) returned 0x55
[0230.072] GetNearestColor (hdc=0xac01065e, color=0x0) returned 0x0
[0230.072] GetNearestColor (hdc=0xac01065e, color=0x8080ff) returned 0x8080ff
[0230.072] GetNearestColor (hdc=0xac01065e, color=0x7373e5) returned 0x7373e5
[0230.072] GetNearestColor (hdc=0xac01065e, color=0xe5) returned 0xe5
[0230.072] GetNearestColor (hdc=0xac01065e, color=0x0) returned 0x0
[0230.072] RestoreDC (hdc=0xac01065e, nSavedDC=-1) returned 1
[0230.072] GdipReleaseDC (graphics=0x6600030, hdc=0xac01065e) returned 0x0
[0230.072] IsAppThemed () returned 0x1
[0230.072] GetThemeAppProperties () returned 0x3
[0230.072] GetThemeAppProperties () returned 0x3
[0230.072] IsAppThemed () returned 0x1
[0230.072] GetThemeAppProperties () returned 0x3
[0230.072] GetThemeAppProperties () returned 0x3
[0230.073] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d228ec | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0230.073] IsAppThemed () returned 0x1
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] IsAppThemed () returned 0x1
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] GetFocus () returned 0x1f02d8
[0230.073] IsAppThemed () returned 0x1
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] IsAppThemed () returned 0x1
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] GetThemeAppProperties () returned 0x3
[0230.073] IsThemePartDefined () returned 0x1
[0230.074] IsAppThemed () returned 0x1
[0230.074] GetThemeAppProperties () returned 0x3
[0230.074] GetThemeAppProperties () returned 0x3
[0230.074] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0230.074] IsAppThemed () returned 0x1
[0230.074] GetThemeAppProperties () returned 0x3
[0230.074] GetThemeAppProperties () returned 0x3
[0230.074] IsAppThemed () returned 0x1
[0230.074] GetThemeAppProperties () returned 0x3
[0230.074] GetThemeAppProperties () returned 0x3
[0230.074] IsThemePartDefined () returned 0x1
[0230.074] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0230.074] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0230.074] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0230.074] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0230.074] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dff0) returned 0x0
[0230.074] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.074] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea28) returned 0x0
[0230.074] LocalFree (hMem=0x11eea28) returned 0x0
[0230.074] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.074] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea28) returned 0x0
[0230.075] LocalFree (hMem=0x11eea28) returned 0x0
[0230.075] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0230.075] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e018) returned 0x0
[0230.075] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e008) returned 0x0
[0230.075] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0230.075] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.075] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0230.075] GetCurrentObject (hdc=0xac01065e, type=0x1) returned 0xb00017
[0230.075] GetCurrentObject (hdc=0xac01065e, type=0x2) returned 0x900010
[0230.076] GetCurrentObject (hdc=0xac01065e, type=0x7) returned 0x4a0507fe
[0230.076] GetCurrentObject (hdc=0xac01065e, type=0x6) returned 0x8a01c2
[0230.076] SaveDC (hdc=0xac01065e) returned 1
[0230.076] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x400407de
[0230.076] GetClipRgn (hdc=0xac01065e, hrgn=0x400407de) returned 0
[0230.076] SelectClipRgn (hdc=0xac01065e, hrgn=0xb4040807) returned 2
[0230.076] DeleteObject (ho=0x400407de) returned 1
[0230.076] DeleteObject (ho=0xb4040807) returned 1
[0230.076] OffsetViewportOrgEx (in: hdc=0xac01065e, x=0, y=0, lppt=0x2d22f9c | out: lppt=0x2d22f9c) returned 1
[0230.076] DrawThemeParentBackground () returned 0x0
[0230.076] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0230.076] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0230.076] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0230.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.077] GetSystemMetrics (nIndex=42) returned 0
[0230.077] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0230.077] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0230.077] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0230.077] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0230.077] SelectPalette (hdc=0xac01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.077] GdipCreateFromHDC (hdc=0xac01065e, graphics=0xd7dac8) returned 0x0
[0230.077] GdipSetPageUnit (graphics=0x6649da0, unit=0x2) returned 0x0
[0230.077] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0230.077] GdipGetWorldTransform (graphics=0x6649da0, matrix=0x6638a28) returned 0x0
[0230.077] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7daa0) returned 0x0
[0230.077] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0230.077] GdipCreateRegion (region=0xd7da88) returned 0x0
[0230.078] GdipGetClip (graphics=0x6649da0, region=0x6645758) returned 0x0
[0230.078] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6649da0, result=0xd7da94) returned 0x0
[0230.078] GdipDeleteRegion (region=0x6645758) returned 0x0
[0230.078] GdipSaveGraphics (graphics=0x6649da0, state=0xd7dac0) returned 0x0
[0230.078] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0230.085] GdipFillRectangleI (graphics=0x6649da0, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0230.085] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0230.086] GdipDeleteGraphics (graphics=0x6649da0) returned 0x0
[0230.086] SelectPalette (hdc=0xac01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.086] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0230.086] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.087] GetSystemMetrics (nIndex=42) returned 0
[0230.087] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.087] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0230.087] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0230.087] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0230.087] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0230.087] SelectPalette (hdc=0xac01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.087] GdipCreateFromHDC (hdc=0xac01065e, graphics=0xd7da68) returned 0x0
[0230.087] GdipSetPageUnit (graphics=0x6649da0, unit=0x2) returned 0x0
[0230.087] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0230.087] GdipGetWorldTransform (graphics=0x6649da0, matrix=0x6638cf8) returned 0x0
[0230.087] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7da40) returned 0x0
[0230.087] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0230.087] GdipCreateRegion (region=0xd7da28) returned 0x0
[0230.087] GdipGetClip (graphics=0x6649da0, region=0x6645248) returned 0x0
[0230.088] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6649da0, result=0xd7da34) returned 0x0
[0230.088] GdipDeleteRegion (region=0x6645248) returned 0x0
[0230.088] GdipSaveGraphics (graphics=0x6649da0, state=0xd7da60) returned 0x0
[0230.088] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0230.100] GdipFillRectangleI (graphics=0x6649da0, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0230.100] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0230.101] GdipRestoreGraphics (graphics=0x6649da0, state=0xf9400dbd) returned 0x0
[0230.101] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0230.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.101] GetSystemMetrics (nIndex=42) returned 0
[0230.101] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0230.102] GdipDeleteGraphics (graphics=0x6649da0) returned 0x0
[0230.102] SelectPalette (hdc=0xac01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.102] RestoreDC (hdc=0xac01065e, nSavedDC=-1) returned 1
[0230.102] GdipReleaseDC (graphics=0x6600030, hdc=0xac01065e) returned 0x0
[0230.102] IsAppThemed () returned 0x1
[0230.102] GetThemeAppProperties () returned 0x3
[0230.102] GetThemeAppProperties () returned 0x3
[0230.102] IsAppThemed () returned 0x1
[0230.102] GetThemeAppProperties () returned 0x3
[0230.102] GetThemeAppProperties () returned 0x3
[0230.102] IsThemePartDefined () returned 0x1
[0230.102] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0230.102] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0230.103] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0230.103] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0230.103] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0230.103] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0230.103] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0230.103] LocalFree (hMem=0x11ee868) returned 0x0
[0230.103] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.103] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0230.103] LocalFree (hMem=0x11ee788) returned 0x0
[0230.103] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0230.103] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0230.103] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0230.103] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0230.103] GdipDeleteRegion (region=0x6645758) returned 0x0
[0230.103] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0230.103] GetCurrentObject (hdc=0xac01065e, type=0x1) returned 0xb00017
[0230.103] GetCurrentObject (hdc=0xac01065e, type=0x2) returned 0x900010
[0230.103] GetCurrentObject (hdc=0xac01065e, type=0x7) returned 0x4a0507fe
[0230.104] GetCurrentObject (hdc=0xac01065e, type=0x6) returned 0x8a01c2
[0230.104] SaveDC (hdc=0xac01065e) returned 1
[0230.104] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb5040807
[0230.104] GetClipRgn (hdc=0xac01065e, hrgn=0xb5040807) returned 0
[0230.104] SelectClipRgn (hdc=0xac01065e, hrgn=0x420407de) returned 2
[0230.104] DeleteObject (ho=0xb5040807) returned 1
[0230.104] DeleteObject (ho=0x420407de) returned 1
[0230.104] OffsetViewportOrgEx (in: hdc=0xac01065e, x=0, y=0, lppt=0x2d297ec | out: lppt=0x2d297ec) returned 1
[0230.104] IsAppThemed () returned 0x1
[0230.104] GetThemeAppProperties () returned 0x3
[0230.104] GetThemeAppProperties () returned 0x3
[0230.104] DrawThemeBackground () returned 0x0
[0230.104] RestoreDC (hdc=0xac01065e, nSavedDC=-1) returned 1
[0230.104] GdipReleaseDC (graphics=0x6600030, hdc=0xac01065e) returned 0x0
[0230.104] GdipCreateRegion (region=0xd7df60) returned 0x0
[0230.104] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0230.105] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0230.105] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0230.105] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df78) returned 0x0
[0230.105] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0230.105] LocalFree (hMem=0x11eec58) returned 0x0
[0230.105] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea98) returned 0x0
[0230.105] LocalFree (hMem=0x11eea98) returned 0x0
[0230.105] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0230.105] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0230.105] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df90) returned 0x0
[0230.105] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0230.105] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.105] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0230.105] GetCurrentObject (hdc=0xac01065e, type=0x1) returned 0xb00017
[0230.105] GetCurrentObject (hdc=0xac01065e, type=0x2) returned 0x900010
[0230.105] GetCurrentObject (hdc=0xac01065e, type=0x7) returned 0x4a0507fe
[0230.105] GetCurrentObject (hdc=0xac01065e, type=0x6) returned 0x8a01c2
[0230.105] SaveDC (hdc=0xac01065e) returned 1
[0230.106] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x430407de
[0230.106] GetClipRgn (hdc=0xac01065e, hrgn=0x430407de) returned 0
[0230.106] SelectClipRgn (hdc=0xac01065e, hrgn=0xb6040807) returned 2
[0230.106] DeleteObject (ho=0x430407de) returned 1
[0230.106] DeleteObject (ho=0xb6040807) returned 1
[0230.106] OffsetViewportOrgEx (in: hdc=0xac01065e, x=0, y=0, lppt=0x2d29ac0 | out: lppt=0x2d29ac0) returned 1
[0230.106] IsAppThemed () returned 0x1
[0230.106] GetThemeAppProperties () returned 0x3
[0230.106] GetThemeAppProperties () returned 0x3
[0230.106] GetThemeBackgroundContentRect () returned 0x0
[0230.106] RestoreDC (hdc=0xac01065e, nSavedDC=-1) returned 1
[0230.106] GdipReleaseDC (graphics=0x6600030, hdc=0xac01065e) returned 0x0
[0230.162] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0230.162] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0230.162] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0230.162] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0230.162] IsAppThemed () returned 0x1
[0230.162] GetThemeAppProperties () returned 0x3
[0230.162] GetThemeAppProperties () returned 0x3
[0230.162] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0230.162] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0230.162] GetCurrentObject (hdc=0xac01065e, type=0x1) returned 0xb00017
[0230.162] GetCurrentObject (hdc=0xac01065e, type=0x2) returned 0x900010
[0230.162] GetCurrentObject (hdc=0xac01065e, type=0x7) returned 0x4a0507fe
[0230.162] GetCurrentObject (hdc=0xac01065e, type=0x6) returned 0x8a01c2
[0230.162] SaveDC (hdc=0xac01065e) returned 1
[0230.163] GetTextAlign (hdc=0xac01065e) returned 0x0
[0230.163] GetTextColor (hdc=0xac01065e) returned 0x0
[0230.163] GetCurrentObject (hdc=0xac01065e, type=0x6) returned 0x8a01c2
[0230.163] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0230.163] SelectObject (hdc=0xac01065e, h=0x6d0a0520) returned 0x8a01c2
[0230.163] GetBkMode (hdc=0xac01065e) returned 2
[0230.163] SetBkMode (hdc=0xac01065e, mode=1) returned 2
[0230.163] DrawTextExW (in: hdc=0xac01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d29e84 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0230.163] DrawTextExW (in: hdc=0xac01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d29e84 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0230.164] RestoreDC (hdc=0xac01065e, nSavedDC=-1) returned 1
[0230.164] GdipReleaseDC (graphics=0x6600030, hdc=0xac01065e) returned 0x0
[0230.164] GetFocus () returned 0x1f02d8
[0230.164] IsAppThemed () returned 0x1
[0230.164] GetThemeAppProperties () returned 0x3
[0230.164] GetThemeAppProperties () returned 0x3
[0230.164] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0230.164] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xac01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0230.164] GdipReleaseDC (graphics=0x6600030, hdc=0xac01065e) returned 0x0
[0230.164] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.165] SelectObject (hdc=0xac01065e, h=0x85000f) returned 0x4a0507fe
[0230.165] DeleteDC (hdc=0xac01065e) returned 1
[0230.165] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0230.165] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0230.165] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.165] IsWindowUnicode (hWnd=0x1302ce) returned 1
[0230.165] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.166] GetDlgItem (hDlg=0x1d02dc, nIDDlgItem=0) returned 0x0
[0230.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x210, wParam=0x201, lParam=0x62010b) returned 0x0
[0230.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x21, wParam=0x1d02dc, lParam=0x2010001) returned 0x1
[0230.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x21, wParam=0x1d02dc, lParam=0x2010001) returned 0x1
[0230.166] SetCursor (hCursor=0x10003) returned 0x10003
[0230.166] TranslateMessage (lpMsg=0xd7e808) returned 0
[0230.166] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0230.166] GetKeyState (nVirtKey=1) returned -127
[0230.166] GetKeyState (nVirtKey=2) returned 0
[0230.166] GetKeyState (nVirtKey=4) returned 0
[0230.166] GetKeyState (nVirtKey=5) returned 0
[0230.166] GetKeyState (nVirtKey=6) returned 0
[0230.166] IsWindowVisible (hWnd=0x1302ce) returned 1
[0230.166] IsWindowEnabled (hWnd=0x1302ce) returned 1
[0230.166] SetFocus (hWnd=0x1302ce) returned 0x1f02d8
[0230.167] GetFocus () returned 0x1302ce
[0230.167] IsChild (hWndParent=0x1d02dc, hWnd=0x1302ce) returned 1
[0230.167] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x8, wParam=0x1302ce, lParam=0x0) returned 0x0
[0230.167] GetCapture () returned 0x0
[0230.168] InvalidateRect (hWnd=0x1f02d8, lpRect=0x0, bErase=0) returned 1
[0230.168] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0230.174] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0230.176] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0230.176] InvalidateRect (hWnd=0x1f02d8, lpRect=0x0, bErase=0) returned 1
[0230.176] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0230.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x7, wParam=0x1f02d8, lParam=0x0) returned 0x0
[0230.176] GetStockObject (i=5) returned 0x900015
[0230.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0230.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0230.176] GetDlgItem (hDlg=0x1d02dc, nIDDlgItem=1245902) returned 0x1302ce
[0230.176] SendMessageW (hWnd=0x1302ce, Msg=0x202b, wParam=0x1302ce, lParam=0xd7dddc) returned 0x0
[0230.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x202b, wParam=0x1302ce, lParam=0xd7dddc) returned 0x0
[0230.177] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0230.179] GetFocus () returned 0x1302ce
[0230.179] GetFocus () returned 0x1302ce
[0230.179] GetFocus () returned 0x1302ce
[0230.179] GetKeyState (nVirtKey=1) returned -127
[0230.179] GetKeyState (nVirtKey=2) returned 0
[0230.179] GetKeyState (nVirtKey=4) returned 0
[0230.179] GetKeyState (nVirtKey=5) returned 0
[0230.179] GetKeyState (nVirtKey=6) returned 0
[0230.179] GetCapture () returned 0x0
[0230.179] SetCapture (hWnd=0x1302ce) returned 0x0
[0230.179] GetKeyState (nVirtKey=1) returned -127
[0230.179] GetKeyState (nVirtKey=2) returned 0
[0230.179] GetKeyState (nVirtKey=4) returned 0
[0230.179] GetKeyState (nVirtKey=5) returned 0
[0230.179] GetKeyState (nVirtKey=6) returned 0
[0230.179] NotifyWinEvent (event=0x800a, hwnd=0x1302ce, idObject=-4, idChild=0)
[0230.179] InvalidateRect (hWnd=0x1302ce, lpRect=0xd7e430, bErase=0) returned 1
[0230.180] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.180] IsWindowUnicode (hWnd=0x1302ce) returned 1
[0230.180] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.180] TranslateMessage (lpMsg=0xd7e808) returned 0
[0230.180] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0230.180] MapWindowPoints (in: hWndFrom=0x1302ce, hWndTo=0x0, lpPoints=0x2d2a074, cPoints=0x1 | out: lpPoints=0x2d2a074) returned 30999254
[0230.180] NotifyWinEvent (event=0x800a, hwnd=0x1302ce, idObject=-4, idChild=0)
[0230.180] InvalidateRect (hWnd=0x1302ce, lpRect=0xd7e3d0, bErase=0) returned 1
[0230.180] UpdateWindow (hWnd=0x1302ce) returned 1
[0230.180] BeginPaint (in: hWnd=0x1302ce, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0230.180] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.180] CreateCompatibleDC (hdc=0xf0105ee) returned 0xae01065e
[0230.180] SelectObject (hdc=0xae01065e, h=0x4a0507fe) returned 0x85000f
[0230.181] GdipCreateFromHDC (hdc=0xae01065e, graphics=0xd7df00) returned 0x0
[0230.181] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0230.181] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0230.181] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0230.181] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0230.181] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df60) returned 0x0
[0230.181] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.181] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0230.181] LocalFree (hMem=0x11ee788) returned 0x0
[0230.181] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0230.181] GdipCreateRegion (region=0xd7df48) returned 0x0
[0230.181] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0230.181] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df54) returned 0x0
[0230.181] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0230.182] GdipRestoreGraphics (graphics=0x6600030, state=0xf93e0dbd) returned 0x0
[0230.182] GdipDeleteRegion (region=0x6645488) returned 0x0
[0230.182] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0230.182] GetCurrentObject (hdc=0xae01065e, type=0x1) returned 0xb00017
[0230.182] GetCurrentObject (hdc=0xae01065e, type=0x2) returned 0x900010
[0230.182] GetCurrentObject (hdc=0xae01065e, type=0x7) returned 0x4a0507fe
[0230.182] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.182] SaveDC (hdc=0xae01065e) returned 1
[0230.182] GetNearestColor (hdc=0xae01065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.182] GetNearestColor (hdc=0xae01065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.182] GetNearestColor (hdc=0xae01065e, color=0x696969) returned 0x696969
[0230.182] GetNearestColor (hdc=0xae01065e, color=0xa0a0a0) returned 0xa0a0a0
[0230.182] GetNearestColor (hdc=0xae01065e, color=0x0) returned 0x0
[0230.182] GetNearestColor (hdc=0xae01065e, color=0xffffff) returned 0xffffff
[0230.182] GetNearestColor (hdc=0xae01065e, color=0xe5e5e5) returned 0xe5e5e5
[0230.183] GetNearestColor (hdc=0xae01065e, color=0xd7d7d7) returned 0xd7d7d7
[0230.183] GetNearestColor (hdc=0xae01065e, color=0x0) returned 0x0
[0230.183] RestoreDC (hdc=0xae01065e, nSavedDC=-1) returned 1
[0230.183] GdipReleaseDC (graphics=0x6600030, hdc=0xae01065e) returned 0x0
[0230.183] IsAppThemed () returned 0x1
[0230.183] GetThemeAppProperties () returned 0x3
[0230.183] GetThemeAppProperties () returned 0x3
[0230.183] IsAppThemed () returned 0x1
[0230.183] GetThemeAppProperties () returned 0x3
[0230.183] GetThemeAppProperties () returned 0x3
[0230.183] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d2a7cc | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0230.183] IsAppThemed () returned 0x1
[0230.183] GetThemeAppProperties () returned 0x3
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] IsAppThemed () returned 0x1
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] IsAppThemed () returned 0x1
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] IsAppThemed () returned 0x1
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] IsThemePartDefined () returned 0x1
[0230.184] IsAppThemed () returned 0x1
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] GetThemeAppProperties () returned 0x3
[0230.184] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0230.184] IsAppThemed () returned 0x1
[0230.187] GetThemeAppProperties () returned 0x3
[0230.187] GetThemeAppProperties () returned 0x3
[0230.187] IsAppThemed () returned 0x1
[0230.187] GetThemeAppProperties () returned 0x3
[0230.187] GetThemeAppProperties () returned 0x3
[0230.187] IsThemePartDefined () returned 0x1
[0230.187] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0230.187] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0230.187] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0230.187] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0230.187] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc7c) returned 0x0
[0230.187] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.187] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea28) returned 0x0
[0230.187] LocalFree (hMem=0x11eea28) returned 0x0
[0230.187] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.187] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea28) returned 0x0
[0230.187] LocalFree (hMem=0x11eea28) returned 0x0
[0230.187] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0230.188] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0230.188] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0230.188] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0230.188] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0230.188] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0230.188] GetCurrentObject (hdc=0xae01065e, type=0x1) returned 0xb00017
[0230.188] GetCurrentObject (hdc=0xae01065e, type=0x2) returned 0x900010
[0230.188] GetCurrentObject (hdc=0xae01065e, type=0x7) returned 0x4a0507fe
[0230.188] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.188] SaveDC (hdc=0xae01065e) returned 1
[0230.188] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb7040807
[0230.188] GetClipRgn (hdc=0xae01065e, hrgn=0xb7040807) returned 0
[0230.188] SelectClipRgn (hdc=0xae01065e, hrgn=0x470407de) returned 2
[0230.188] DeleteObject (ho=0xb7040807) returned 1
[0230.188] DeleteObject (ho=0x470407de) returned 1
[0230.188] OffsetViewportOrgEx (in: hdc=0xae01065e, x=0, y=0, lppt=0x2d2ae7c | out: lppt=0x2d2ae7c) returned 1
[0230.188] DrawThemeParentBackground () returned 0x0
[0230.189] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0230.189] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0230.189] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.189] GetSystemMetrics (nIndex=42) returned 0
[0230.189] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.189] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0230.189] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0230.189] GetCurrentObject (hdc=0xae01065e, type=0x1) returned 0xb00017
[0230.189] GetCurrentObject (hdc=0xae01065e, type=0x2) returned 0x900010
[0230.189] GetCurrentObject (hdc=0xae01065e, type=0x7) returned 0x4a0507fe
[0230.189] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.189] SaveDC (hdc=0xae01065e) returned 2
[0230.189] GetNearestColor (hdc=0xae01065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.189] CreateSolidBrush (color=0xf0f0f0) returned 0x5f1007e1
[0230.190] FillRect (hDC=0xae01065e, lprc=0xd7d6c8, hbr=0x5f1007e1) returned 1
[0230.190] DeleteObject (ho=0x5f1007e1) returned 1
[0230.190] RestoreDC (hdc=0xae01065e, nSavedDC=-1) returned 1
[0230.190] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.190] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.190] GetSystemMetrics (nIndex=42) returned 0
[0230.190] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.190] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0230.190] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0230.190] GetCurrentObject (hdc=0xae01065e, type=0x1) returned 0xb00017
[0230.190] GetCurrentObject (hdc=0xae01065e, type=0x2) returned 0x900010
[0230.190] GetCurrentObject (hdc=0xae01065e, type=0x7) returned 0x4a0507fe
[0230.190] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.190] SaveDC (hdc=0xae01065e) returned 2
[0230.190] GetNearestColor (hdc=0xae01065e, color=0xf0f0f0) returned 0xf0f0f0
[0230.190] CreateSolidBrush (color=0xf0f0f0) returned 0x601007e1
[0230.191] FillRect (hDC=0xae01065e, lprc=0xd7d668, hbr=0x601007e1) returned 1
[0230.191] DeleteObject (ho=0x601007e1) returned 1
[0230.191] RestoreDC (hdc=0xae01065e, nSavedDC=-1) returned 1
[0230.191] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.191] GetSystemMetrics (nIndex=42) returned 0
[0230.191] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0230.191] RestoreDC (hdc=0xae01065e, nSavedDC=-1) returned 1
[0230.191] GdipReleaseDC (graphics=0x6600030, hdc=0xae01065e) returned 0x0
[0230.191] IsAppThemed () returned 0x1
[0230.191] GetThemeAppProperties () returned 0x3
[0230.191] GetThemeAppProperties () returned 0x3
[0230.191] IsAppThemed () returned 0x1
[0230.192] GetThemeAppProperties () returned 0x3
[0230.192] GetThemeAppProperties () returned 0x3
[0230.192] IsThemePartDefined () returned 0x1
[0230.192] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0230.192] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0230.192] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0230.192] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0230.192] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0230.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.192] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea28) returned 0x0
[0230.192] LocalFree (hMem=0x11eea28) returned 0x0
[0230.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.192] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0230.192] LocalFree (hMem=0x11ee788) returned 0x0
[0230.192] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0230.192] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0230.192] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0230.192] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0230.192] GdipDeleteRegion (region=0x6645488) returned 0x0
[0230.193] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0230.193] GetCurrentObject (hdc=0xae01065e, type=0x1) returned 0xb00017
[0230.193] GetCurrentObject (hdc=0xae01065e, type=0x2) returned 0x900010
[0230.193] GetCurrentObject (hdc=0xae01065e, type=0x7) returned 0x4a0507fe
[0230.193] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.193] SaveDC (hdc=0xae01065e) returned 1
[0230.193] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x480407de
[0230.193] GetClipRgn (hdc=0xae01065e, hrgn=0x480407de) returned 0
[0230.193] SelectClipRgn (hdc=0xae01065e, hrgn=0xb9040807) returned 2
[0230.193] DeleteObject (ho=0x480407de) returned 1
[0230.193] DeleteObject (ho=0xb9040807) returned 1
[0230.193] OffsetViewportOrgEx (in: hdc=0xae01065e, x=0, y=0, lppt=0x2d2b728 | out: lppt=0x2d2b728) returned 1
[0230.193] IsAppThemed () returned 0x1
[0230.193] GetThemeAppProperties () returned 0x3
[0230.193] GetThemeAppProperties () returned 0x3
[0230.193] DrawThemeBackground () returned 0x0
[0230.194] RestoreDC (hdc=0xae01065e, nSavedDC=-1) returned 1
[0230.194] GdipReleaseDC (graphics=0x6600030, hdc=0xae01065e) returned 0x0
[0230.194] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0230.194] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0230.194] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0230.194] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0230.194] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc04) returned 0x0
[0230.194] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.194] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0230.194] LocalFree (hMem=0x11ee788) returned 0x0
[0230.194] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0230.194] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0230.194] LocalFree (hMem=0x11eec58) returned 0x0
[0230.194] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0230.194] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0230.194] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0230.194] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0230.194] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0230.195] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0230.195] GetCurrentObject (hdc=0xae01065e, type=0x1) returned 0xb00017
[0230.195] GetCurrentObject (hdc=0xae01065e, type=0x2) returned 0x900010
[0230.195] GetCurrentObject (hdc=0xae01065e, type=0x7) returned 0x4a0507fe
[0230.195] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.195] SaveDC (hdc=0xae01065e) returned 1
[0230.195] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xba040807
[0230.195] GetClipRgn (hdc=0xae01065e, hrgn=0xba040807) returned 0
[0230.195] SelectClipRgn (hdc=0xae01065e, hrgn=0x490407de) returned 2
[0230.195] DeleteObject (ho=0xba040807) returned 1
[0230.195] DeleteObject (ho=0x490407de) returned 1
[0230.195] OffsetViewportOrgEx (in: hdc=0xae01065e, x=0, y=0, lppt=0x2d2b9fc | out: lppt=0x2d2b9fc) returned 1
[0230.195] IsAppThemed () returned 0x1
[0230.195] GetThemeAppProperties () returned 0x3
[0230.195] GetThemeAppProperties () returned 0x3
[0230.195] GetThemeBackgroundContentRect () returned 0x0
[0230.195] RestoreDC (hdc=0xae01065e, nSavedDC=-1) returned 1
[0230.196] GdipReleaseDC (graphics=0x6600030, hdc=0xae01065e) returned 0x0
[0230.196] IsAppThemed () returned 0x1
[0230.196] GetThemeAppProperties () returned 0x3
[0230.196] GetThemeAppProperties () returned 0x3
[0230.196] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0230.196] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0230.196] GetCurrentObject (hdc=0xae01065e, type=0x1) returned 0xb00017
[0230.196] GetCurrentObject (hdc=0xae01065e, type=0x2) returned 0x900010
[0230.196] GetCurrentObject (hdc=0xae01065e, type=0x7) returned 0x4a0507fe
[0230.196] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.196] SaveDC (hdc=0xae01065e) returned 1
[0230.196] GetTextAlign (hdc=0xae01065e) returned 0x0
[0230.196] GetTextColor (hdc=0xae01065e) returned 0x0
[0230.196] GetCurrentObject (hdc=0xae01065e, type=0x6) returned 0x8a01c2
[0230.196] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0230.197] SelectObject (hdc=0xae01065e, h=0x6d0a0520) returned 0x8a01c2
[0230.197] GetBkMode (hdc=0xae01065e) returned 2
[0230.197] SetBkMode (hdc=0xae01065e, mode=1) returned 2
[0230.197] DrawTextExW (in: hdc=0xae01065e, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d2bd9c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0230.197] DrawTextExW (in: hdc=0xae01065e, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d2bd9c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0230.197] RestoreDC (hdc=0xae01065e, nSavedDC=-1) returned 1
[0230.197] GdipReleaseDC (graphics=0x6600030, hdc=0xae01065e) returned 0x0
[0230.197] GetFocus () returned 0x1302ce
[0230.198] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0230.198] SendMessageW (hWnd=0x1d02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0230.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0230.198] IsAppThemed () returned 0x1
[0230.198] GetThemeAppProperties () returned 0x3
[0230.198] GetThemeAppProperties () returned 0x3
[0230.198] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0230.198] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xae01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0230.198] GdipReleaseDC (graphics=0x6600030, hdc=0xae01065e) returned 0x0
[0230.198] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.198] SelectObject (hdc=0xae01065e, h=0x85000f) returned 0x4a0507fe
[0230.198] DeleteDC (hdc=0xae01065e) returned 1
[0230.198] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0230.198] EndPaint (hWnd=0x1302ce, lpPaint=0xd7dee4) returned 1
[0230.199] MapWindowPoints (in: hWndFrom=0x1302ce, hWndTo=0x0, lpPoints=0x2d2be98, cPoints=0x1 | out: lpPoints=0x2d2be98) returned 30999254
[0230.199] WindowFromPoint (Point=0x300) returned 0x1302ce
[0230.199] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.199] NotifyWinEvent (event=0x800a, hwnd=0x1302ce, idObject=-4, idChild=0)
[0230.199] NotifyWinEvent (event=0x800c, hwnd=0x1302ce, idObject=-4, idChild=0)
[0230.199] GetCapture () returned 0x1302ce
[0230.199] ReleaseCapture () returned 1
[0230.199] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0230.199] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0230.200] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.206] IsWindow (hWnd=0x7005c) returned 1
[0230.206] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0230.207] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0230.207] IsWindow (hWnd=0x1d02dc) returned 1
[0230.207] SetActiveWindow (hWnd=0x1d02dc) returned 0x1d02dc
[0230.207] IsWindow (hWnd=0x1d02dc) returned 1
[0230.207] SetFocus (hWnd=0x1d02dc) returned 0x1302ce
[0230.208] GetFocus () returned 0x1d02dc
[0230.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x8, wParam=0x1d02dc, lParam=0x0) returned 0x0
[0230.208] GetCapture () returned 0x0
[0230.208] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0230.209] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0230.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0230.212] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0230.212] GetFocus () returned 0x1d02dc
[0230.212] SetFocus (hWnd=0x1302ce) returned 0x1d02dc
[0230.213] GetFocus () returned 0x1302ce
[0230.213] IsChild (hWndParent=0x1d02dc, hWnd=0x1302ce) returned 1
[0230.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x8, wParam=0x1302ce, lParam=0x0) returned 0x0
[0230.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0230.215] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0230.217] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0230.217] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x7, wParam=0x1d02dc, lParam=0x0) returned 0x0
[0230.218] GetStockObject (i=5) returned 0x900015
[0230.218] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0230.218] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0230.218] GetDlgItem (hDlg=0x1d02dc, nIDDlgItem=1245902) returned 0x1302ce
[0230.218] SendMessageW (hWnd=0x1302ce, Msg=0x202b, wParam=0x1302ce, lParam=0xd7ddcc) returned 0x0
[0230.218] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x202b, wParam=0x1302ce, lParam=0xd7ddcc) returned 0x0
[0230.218] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0230.220] GetWindowLongW (hWnd=0x1d02dc, nIndex=-8) returned 458844
[0230.220] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0230.220] GetCurrentThreadId () returned 0xf50
[0230.220] IsWindow (hWnd=0x7005c) returned 1
[0230.220] IsWindow (hWnd=0x7005c) returned 1
[0230.220] IsWindowVisible (hWnd=0x7005c) returned 1
[0230.220] SetActiveWindow (hWnd=0x7005c) returned 0x1d02dc
[0230.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0230.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0230.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0230.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0230.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0230.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0230.225] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0230.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0230.225] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0230.225] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0230.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0230.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0230.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0230.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1d02dc) returned 0x1
[0230.229] GetFocus () returned 0x1302ce
[0230.230] SetFocus (hWnd=0x602c4) returned 0x1302ce
[0230.230] GetFocus () returned 0x602c4
[0230.230] IsChild (hWndParent=0x1d02dc, hWnd=0x602c4) returned 0
[0230.230] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0230.230] GetCapture () returned 0x0
[0230.230] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0230.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0230.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0230.242] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0230.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0230.242] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0230.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0230.243] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0230.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1302ce, lParam=0x0) returned 0x0
[0230.243] GetStockObject (i=5) returned 0x900015
[0230.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0230.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0230.243] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0230.243] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0230.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0230.243] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0230.261] GetFocus () returned 0x602c4
[0230.261] IsChild (hWndParent=0x1d02dc, hWnd=0x602c4) returned 0
[0230.261] ShowWindow (hWnd=0x1d02dc, nCmdShow=0) returned 1
[0230.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0230.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0230.264] GetWindowPlacement (in: hWnd=0x1d02dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0230.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0230.264] GetClientRect (in: hWnd=0x1d02dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0230.264] GetWindowRect (in: hWnd=0x1d02dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0230.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0230.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0230.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0230.266] GetWindowLongW (hWnd=0x1d02dc, nIndex=-20) returned 327945
[0230.266] DestroyWindow (hWnd=0x1d02dc) returned 1
[0230.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0230.267] GetWindowTextLengthW (hWnd=0x1d02dc) returned 13
[0230.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.267] GetSystemMetrics (nIndex=42) returned 0
[0230.267] GetWindowTextW (in: hWnd=0x1d02dc, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0230.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0230.267] GetWindowTextLengthW (hWnd=0x2000ea) returned 0
[0230.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0230.267] GetSystemMetrics (nIndex=42) returned 0
[0230.267] GetWindowTextW (in: hWnd=0x2000ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0230.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0230.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0230.268] GetWindowThreadProcessId (in: hWnd=0x1202d0, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0230.268] GetWindow (hWnd=0x1202d0, uCmd=0x5) returned 0x0
[0230.268] GetWindowLongW (hWnd=0x1202d0, nIndex=-20) returned 65792
[0230.268] DestroyWindow (hWnd=0x1202d0) returned 1
[0230.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0230.268] GetWindowTextLengthW (hWnd=0x1202d0) returned 25
[0230.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0230.268] GetSystemMetrics (nIndex=42) returned 0
[0230.268] GetWindowTextW (in: hWnd=0x1202d0, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0230.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0230.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0230.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1202d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.269] GetWindowTextLengthW (hWnd=0x1702c8) returned 232
[0230.269] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0230.269] GetSystemMetrics (nIndex=42) returned 0
[0230.270] GetWindowTextW (in: hWnd=0x1702c8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0230.270] InvalidateRect (hWnd=0x1302ce, lpRect=0x0, bErase=0) returned 1
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0230.270] SendMessageW (hWnd=0x1d02da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0230.270] SendMessageW (hWnd=0x1d02da, Msg=0xb0, wParam=0x2d17744, lParam=0xd7e480) returned 0x0
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0xb0, wParam=0x2d17744, lParam=0xd7e480) returned 0x0
[0230.270] GetWindowTextLengthW (hWnd=0x1d02da) returned 4363
[0230.270] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0230.271] GetSystemMetrics (nIndex=42) returned 0
[0230.271] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0230.271] GetWindowTextW (in: hWnd=0x1d02da, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0230.271] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0230.271] CoTaskMemFree (pv=0x120a4b0)
[0230.271] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0230.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2000ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.273] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1702c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.275] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1302ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.276] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1d02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.278] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0230.289] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.289] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.289] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.290] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.290] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.290] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.290] IsWindowUnicode (hWnd=0x7005c) returned 1
[0230.290] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.290] SetCursor (hCursor=0x10003) returned 0x10003
[0230.291] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.291] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.291] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0230.291] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0230.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0230.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080242) returned 0x0
[0230.291] GetKeyState (nVirtKey=1) returned 1
[0230.291] GetKeyState (nVirtKey=2) returned 0
[0230.291] GetKeyState (nVirtKey=4) returned 0
[0230.291] GetKeyState (nVirtKey=5) returned 0
[0230.291] GetKeyState (nVirtKey=6) returned 0
[0230.291] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.292] IsWindowUnicode (hWnd=0x7005c) returned 1
[0230.292] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.292] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.292] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.292] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.292] IsWindowUnicode (hWnd=0x7005c) returned 1
[0230.292] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0300) returned 0x1
[0230.293] SetCursor (hCursor=0x10003) returned 0x10003
[0230.293] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.293] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080242) returned 0x0
[0230.293] GetKeyState (nVirtKey=1) returned 1
[0230.293] GetKeyState (nVirtKey=2) returned 0
[0230.293] GetKeyState (nVirtKey=4) returned 0
[0230.293] GetKeyState (nVirtKey=5) returned 0
[0230.293] GetKeyState (nVirtKey=6) returned 0
[0230.293] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.293] IsWindowUnicode (hWnd=0x602c4) returned 1
[0230.293] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.294] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.294] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.298] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.298] IsWindowUnicode (hWnd=0x602c4) returned 1
[0230.298] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.298] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.299] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.299] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0230.299] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.299] CreateCompatibleDC (hdc=0x107b9) returned 0x90010173
[0230.299] SelectObject (hdc=0x90010173, h=0x4a0507fe) returned 0x85000f
[0230.299] GdipCreateFromHDC (hdc=0x90010173, graphics=0xd7e798) returned 0x0
[0230.299] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0230.299] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0230.299] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0230.299] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0230.299] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e7f8) returned 0x0
[0230.300] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0230.300] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eead0) returned 0x0
[0230.300] LocalFree (hMem=0x11eead0) returned 0x0
[0230.300] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0230.300] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0230.300] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0230.300] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0230.300] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0230.300] GdipRestoreGraphics (graphics=0x6600030, state=0xf93c0dbd) returned 0x0
[0230.300] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.300] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0230.300] GetCurrentObject (hdc=0x90010173, type=0x1) returned 0xb00017
[0230.300] GetCurrentObject (hdc=0x90010173, type=0x2) returned 0x900010
[0230.300] GetCurrentObject (hdc=0x90010173, type=0x7) returned 0x4a0507fe
[0230.300] GetCurrentObject (hdc=0x90010173, type=0x6) returned 0x8a01c2
[0230.300] SaveDC (hdc=0x90010173) returned 1
[0230.301] GetNearestColor (hdc=0x90010173, color=0xff) returned 0xff
[0230.301] GetNearestColor (hdc=0x90010173, color=0x55) returned 0x55
[0230.301] GetNearestColor (hdc=0x90010173, color=0x0) returned 0x0
[0230.301] GetNearestColor (hdc=0x90010173, color=0x55) returned 0x55
[0230.301] GetNearestColor (hdc=0x90010173, color=0x0) returned 0x0
[0230.301] GetNearestColor (hdc=0x90010173, color=0x8080ff) returned 0x8080ff
[0230.301] GetNearestColor (hdc=0x90010173, color=0x7373e5) returned 0x7373e5
[0230.301] GetNearestColor (hdc=0x90010173, color=0xe5) returned 0xe5
[0230.301] GetNearestColor (hdc=0x90010173, color=0x0) returned 0x0
[0230.301] RestoreDC (hdc=0x90010173, nSavedDC=-1) returned 1
[0230.301] GdipReleaseDC (graphics=0x6600030, hdc=0x90010173) returned 0x0
[0230.301] IsAppThemed () returned 0x1
[0230.301] GetThemeAppProperties () returned 0x3
[0230.301] GetThemeAppProperties () returned 0x3
[0230.302] IsAppThemed () returned 0x1
[0230.302] GetThemeAppProperties () returned 0x3
[0230.302] GetThemeAppProperties () returned 0x3
[0230.302] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d33c90 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0230.302] IsAppThemed () returned 0x1
[0230.302] GetThemeAppProperties () returned 0x3
[0230.302] GetThemeAppProperties () returned 0x3
[0230.302] IsAppThemed () returned 0x1
[0230.302] GetThemeAppProperties () returned 0x3
[0230.302] GetThemeAppProperties () returned 0x3
[0230.302] GetFocus () returned 0x602c4
[0230.302] IsAppThemed () returned 0x1
[0230.302] GetThemeAppProperties () returned 0x3
[0230.302] GetThemeAppProperties () returned 0x3
[0230.303] IsAppThemed () returned 0x1
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] IsThemePartDefined () returned 0x1
[0230.303] IsAppThemed () returned 0x1
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0230.303] IsAppThemed () returned 0x1
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] IsAppThemed () returned 0x1
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] GetThemeAppProperties () returned 0x3
[0230.303] IsThemePartDefined () returned 0x1
[0230.303] GdipCreateRegion (region=0xd7e508) returned 0x0
[0230.303] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0230.303] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0230.303] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0230.303] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e520) returned 0x0
[0230.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0230.304] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0230.304] LocalFree (hMem=0x11ee788) returned 0x0
[0230.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.304] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea28) returned 0x0
[0230.304] LocalFree (hMem=0x11eea28) returned 0x0
[0230.304] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0230.304] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e548) returned 0x0
[0230.304] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e538) returned 0x0
[0230.304] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0230.304] GdipDeleteRegion (region=0x6645518) returned 0x0
[0230.304] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0230.304] GetCurrentObject (hdc=0x90010173, type=0x1) returned 0xb00017
[0230.304] GetCurrentObject (hdc=0x90010173, type=0x2) returned 0x900010
[0230.304] GetCurrentObject (hdc=0x90010173, type=0x7) returned 0x4a0507fe
[0230.304] GetCurrentObject (hdc=0x90010173, type=0x6) returned 0x8a01c2
[0230.304] SaveDC (hdc=0x90010173) returned 1
[0230.304] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4a0407de
[0230.305] GetClipRgn (hdc=0x90010173, hrgn=0x4a0407de) returned 0
[0230.305] SelectClipRgn (hdc=0x90010173, hrgn=0xbe040807) returned 2
[0230.305] DeleteObject (ho=0x4a0407de) returned 1
[0230.305] DeleteObject (ho=0xbe040807) returned 1
[0230.305] OffsetViewportOrgEx (in: hdc=0x90010173, x=0, y=0, lppt=0x2d34340 | out: lppt=0x2d34340) returned 1
[0230.305] DrawThemeParentBackground () returned 0x0
[0230.305] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0230.305] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0230.305] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0230.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.305] GetSystemMetrics (nIndex=42) returned 0
[0230.305] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0230.305] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0230.305] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0230.306] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0230.306] SelectPalette (hdc=0x90010173, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.306] GdipCreateFromHDC (hdc=0x90010173, graphics=0xd7dff8) returned 0x0
[0230.306] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0230.306] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0230.306] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638ba8) returned 0x0
[0230.306] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dfd0) returned 0x0
[0230.306] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0230.306] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0230.306] GdipGetClip (graphics=0x663e568, region=0x6645878) returned 0x0
[0230.306] GdipIsInfiniteRegion (region=0x6645878, graphics=0x663e568, result=0xd7dfc4) returned 0x0
[0230.306] GdipDeleteRegion (region=0x6645878) returned 0x0
[0230.306] GdipSaveGraphics (graphics=0x663e568, state=0xd7dff0) returned 0x0
[0230.306] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0230.316] GdipFillRectangleI (graphics=0x663e568, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0230.316] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0230.317] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0230.317] SelectPalette (hdc=0x90010173, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.317] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0230.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.318] GetSystemMetrics (nIndex=42) returned 0
[0230.318] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0230.318] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0230.318] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0230.318] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0230.318] SelectPalette (hdc=0x90010173, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0230.318] GdipCreateFromHDC (hdc=0x90010173, graphics=0xd7df98) returned 0x0
[0230.318] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0230.318] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0230.318] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638d28) returned 0x0
[0230.318] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df70) returned 0x0
[0230.318] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0230.318] GdipCreateRegion (region=0xd7df58) returned 0x0
[0230.318] GdipGetClip (graphics=0x663e568, region=0x6646178) returned 0x0
[0230.319] GdipIsInfiniteRegion (region=0x6646178, graphics=0x663e568, result=0xd7df64) returned 0x0
[0230.319] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.319] GdipSaveGraphics (graphics=0x663e568, state=0xd7df90) returned 0x0
[0230.319] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0230.325] GdipFillRectangleI (graphics=0x663e568, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0230.325] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0230.362] GdipRestoreGraphics (graphics=0x663e568, state=0xf9380dbd) returned 0x0
[0230.362] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0230.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0230.362] GetSystemMetrics (nIndex=42) returned 0
[0230.362] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0230.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0230.362] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0230.362] SelectPalette (hdc=0x90010173, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.363] RestoreDC (hdc=0x90010173, nSavedDC=-1) returned 1
[0230.363] GdipReleaseDC (graphics=0x6600030, hdc=0x90010173) returned 0x0
[0230.363] IsAppThemed () returned 0x1
[0230.363] GetThemeAppProperties () returned 0x3
[0230.363] GetThemeAppProperties () returned 0x3
[0230.363] IsAppThemed () returned 0x1
[0230.363] GetThemeAppProperties () returned 0x3
[0230.363] GetThemeAppProperties () returned 0x3
[0230.363] IsThemePartDefined () returned 0x1
[0230.363] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0230.363] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0230.363] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0230.363] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0230.363] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e4a4) returned 0x0
[0230.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0230.364] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0230.364] LocalFree (hMem=0x11ee868) returned 0x0
[0230.364] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0230.364] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0230.364] LocalFree (hMem=0x11eec58) returned 0x0
[0230.364] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0230.364] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0230.364] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0230.364] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0230.364] GdipDeleteRegion (region=0x6646178) returned 0x0
[0230.364] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0230.364] GetCurrentObject (hdc=0x90010173, type=0x1) returned 0xb00017
[0230.364] GetCurrentObject (hdc=0x90010173, type=0x2) returned 0x900010
[0230.364] GetCurrentObject (hdc=0x90010173, type=0x7) returned 0x4a0507fe
[0230.364] GetCurrentObject (hdc=0x90010173, type=0x6) returned 0x8a01c2
[0230.364] SaveDC (hdc=0x90010173) returned 1
[0230.365] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbf040807
[0230.365] GetClipRgn (hdc=0x90010173, hrgn=0xbf040807) returned 0
[0230.365] SelectClipRgn (hdc=0x90010173, hrgn=0x4c0407de) returned 2
[0230.365] DeleteObject (ho=0xbf040807) returned 1
[0230.365] DeleteObject (ho=0x4c0407de) returned 1
[0230.365] OffsetViewportOrgEx (in: hdc=0x90010173, x=0, y=0, lppt=0x2d3ab90 | out: lppt=0x2d3ab90) returned 1
[0230.365] IsAppThemed () returned 0x1
[0230.365] GetThemeAppProperties () returned 0x3
[0230.365] GetThemeAppProperties () returned 0x3
[0230.365] DrawThemeBackground () returned 0x0
[0230.365] RestoreDC (hdc=0x90010173, nSavedDC=-1) returned 1
[0230.365] GdipReleaseDC (graphics=0x6600030, hdc=0x90010173) returned 0x0
[0230.365] GdipCreateRegion (region=0xd7e490) returned 0x0
[0230.365] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0230.365] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0230.366] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0230.366] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e4a8) returned 0x0
[0230.366] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0230.366] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea28) returned 0x0
[0230.366] LocalFree (hMem=0x11eea28) returned 0x0
[0230.366] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0230.366] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0230.366] LocalFree (hMem=0x11ee868) returned 0x0
[0230.366] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0230.366] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0230.366] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0230.366] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0230.366] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0230.366] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0230.367] GetCurrentObject (hdc=0x90010173, type=0x1) returned 0xb00017
[0230.367] GetCurrentObject (hdc=0x90010173, type=0x2) returned 0x900010
[0230.367] GetCurrentObject (hdc=0x90010173, type=0x7) returned 0x4a0507fe
[0230.367] GetCurrentObject (hdc=0x90010173, type=0x6) returned 0x8a01c2
[0230.367] SaveDC (hdc=0x90010173) returned 1
[0230.367] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4d0407de
[0230.367] GetClipRgn (hdc=0x90010173, hrgn=0x4d0407de) returned 0
[0230.367] SelectClipRgn (hdc=0x90010173, hrgn=0xc0040807) returned 2
[0230.367] DeleteObject (ho=0x4d0407de) returned 1
[0230.367] DeleteObject (ho=0xc0040807) returned 1
[0230.367] OffsetViewportOrgEx (in: hdc=0x90010173, x=0, y=0, lppt=0x2d3ae64 | out: lppt=0x2d3ae64) returned 1
[0230.367] IsAppThemed () returned 0x1
[0230.367] GetThemeAppProperties () returned 0x3
[0230.367] GetThemeAppProperties () returned 0x3
[0230.367] GetThemeBackgroundContentRect () returned 0x0
[0230.367] RestoreDC (hdc=0x90010173, nSavedDC=-1) returned 1
[0230.367] GdipReleaseDC (graphics=0x6600030, hdc=0x90010173) returned 0x0
[0230.368] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0230.368] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0230.368] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0230.368] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0230.368] IsAppThemed () returned 0x1
[0230.368] GetThemeAppProperties () returned 0x3
[0230.368] GetThemeAppProperties () returned 0x3
[0230.368] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0230.368] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0230.368] GetCurrentObject (hdc=0x90010173, type=0x1) returned 0xb00017
[0230.368] GetCurrentObject (hdc=0x90010173, type=0x2) returned 0x900010
[0230.368] GetCurrentObject (hdc=0x90010173, type=0x7) returned 0x4a0507fe
[0230.368] GetCurrentObject (hdc=0x90010173, type=0x6) returned 0x8a01c2
[0230.368] SaveDC (hdc=0x90010173) returned 1
[0230.368] GetTextAlign (hdc=0x90010173) returned 0x0
[0230.368] GetTextColor (hdc=0x90010173) returned 0x0
[0230.368] GetCurrentObject (hdc=0x90010173, type=0x6) returned 0x8a01c2
[0230.369] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0230.369] SelectObject (hdc=0x90010173, h=0x6d0a0520) returned 0x8a01c2
[0230.369] GetBkMode (hdc=0x90010173) returned 2
[0230.369] SetBkMode (hdc=0x90010173, mode=1) returned 2
[0230.369] DrawTextExW (in: hdc=0x90010173, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d3b228 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0230.369] DrawTextExW (in: hdc=0x90010173, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d3b228 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0230.370] RestoreDC (hdc=0x90010173, nSavedDC=-1) returned 1
[0230.370] GdipReleaseDC (graphics=0x6600030, hdc=0x90010173) returned 0x0
[0230.370] GetFocus () returned 0x602c4
[0230.370] IsAppThemed () returned 0x1
[0230.370] GetThemeAppProperties () returned 0x3
[0230.370] GetThemeAppProperties () returned 0x3
[0230.370] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0230.370] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x90010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0230.370] GdipReleaseDC (graphics=0x6600030, hdc=0x90010173) returned 0x0
[0230.370] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0230.371] SelectObject (hdc=0x90010173, h=0x85000f) returned 0x4a0507fe
[0230.371] DeleteDC (hdc=0x90010173) returned 1
[0230.371] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0230.371] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0230.371] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.371] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.371] WaitMessage () returned 1
[0230.380] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.380] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.380] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.380] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.380] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.381] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.381] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.381] WaitMessage () returned 1
[0230.382] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.382] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.382] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.382] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.382] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.383] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.383] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.383] WaitMessage () returned 1
[0230.384] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.384] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.384] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.384] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.384] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.386] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.386] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.386] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.386] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.386] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.386] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.386] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.387] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.387] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.387] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.387] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.387] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.387] WaitMessage () returned 1
[0230.392] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.392] IsWindowUnicode (hWnd=0x7005c) returned 1
[0230.392] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.392] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.392] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.392] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.392] IsWindowUnicode (hWnd=0x7005c) returned 1
[0230.392] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.393] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.393] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1080242) returned 0x0
[0230.393] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.393] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.393] WaitMessage () returned 1
[0230.395] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.395] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.395] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.395] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.395] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.396] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.396] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.397] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.397] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.397] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.397] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.397] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.397] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.397] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.397] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.397] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.398] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.398] WaitMessage () returned 1
[0230.398] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.398] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.398] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.398] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.398] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.400] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.400] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.400] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.400] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.400] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.400] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.400] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.400] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.400] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.400] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.400] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.401] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.401] WaitMessage () returned 1
[0230.401] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.401] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.401] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.402] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.402] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.403] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.404] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.404] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.404] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.404] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.404] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.404] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.404] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.404] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.404] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.405] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.405] WaitMessage () returned 1
[0230.407] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.407] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.407] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.407] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.407] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.409] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.409] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.409] WaitMessage () returned 1
[0230.410] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.410] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.410] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.410] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.410] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.411] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.411] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.411] WaitMessage () returned 1
[0230.412] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.412] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.412] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.412] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.412] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.413] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.413] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.413] WaitMessage () returned 1
[0230.414] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.414] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.414] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.414] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.414] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.415] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.416] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.416] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.416] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.416] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.416] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.416] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.416] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.416] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.416] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.416] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.417] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.417] WaitMessage () returned 1
[0230.417] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.417] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.417] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.417] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.417] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.419] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.423] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.423] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.423] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.423] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.423] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.423] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.423] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.423] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.423] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.423] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.424] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.424] WaitMessage () returned 1
[0230.426] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.426] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.427] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.427] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.427] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.429] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.429] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.429] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.429] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.429] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.429] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.429] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.429] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.429] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.429] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.430] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.430] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.430] WaitMessage () returned 1
[0230.431] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.432] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.432] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.432] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.432] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.433] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.434] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.434] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.434] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.434] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.434] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.434] IsWindowUnicode (hWnd=0x30122) returned 1
[0230.434] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.434] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.434] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.434] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.435] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.435] WaitMessage () returned 1
[0230.546] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.546] IsWindowUnicode (hWnd=0x502c6) returned 1
[0230.546] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0230.546] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0230.546] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0230.547] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.547] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0230.547] WaitMessage () returned 1
[0232.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.345] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730103) returned 0x1
[0232.345] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.345] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.345] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0232.345] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0232.345] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0232.345] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.346] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730103) returned 0x1
[0232.346] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.346] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.346] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730103) returned 0x1
[0232.346] SetCursor (hCursor=0x10003) returned 0x10003
[0232.346] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0232.346] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0232.346] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0232.346] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0232.346] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0232.346] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0232.346] GetKeyState (nVirtKey=1) returned 1
[0232.346] GetKeyState (nVirtKey=2) returned 0
[0232.346] GetKeyState (nVirtKey=4) returned 0
[0232.346] GetKeyState (nVirtKey=5) returned 0
[0232.346] GetKeyState (nVirtKey=6) returned 0
[0232.346] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.347] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.347] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.347] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0232.347] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0232.347] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0232.347] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.347] CreateCompatibleDC (hdc=0x107b9) returned 0x9a0107f3
[0232.347] SelectObject (hdc=0x9a0107f3, h=0x4a0507fe) returned 0x85000f
[0232.347] GdipCreateFromHDC (hdc=0x9a0107f3, graphics=0xd7e798) returned 0x0
[0232.347] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.347] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0232.348] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0232.348] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0232.348] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e7f8) returned 0x0
[0232.348] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.348] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0232.348] LocalFree (hMem=0x11eec58) returned 0x0
[0232.348] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0232.348] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0232.348] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0232.348] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0232.348] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0232.348] GdipRestoreGraphics (graphics=0x6600030, state=0xf9360dbd) returned 0x0
[0232.348] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0232.348] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0232.348] GetCurrentObject (hdc=0x9a0107f3, type=0x1) returned 0xb00017
[0232.348] GetCurrentObject (hdc=0x9a0107f3, type=0x2) returned 0x900010
[0232.348] GetCurrentObject (hdc=0x9a0107f3, type=0x7) returned 0x4a0507fe
[0232.348] GetCurrentObject (hdc=0x9a0107f3, type=0x6) returned 0x8a01c2
[0232.348] SaveDC (hdc=0x9a0107f3) returned 1
[0232.348] GetNearestColor (hdc=0x9a0107f3, color=0xff) returned 0xff
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0x55) returned 0x55
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0x0) returned 0x0
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0x55) returned 0x55
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0x0) returned 0x0
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0x8080ff) returned 0x8080ff
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0x7373e5) returned 0x7373e5
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0xe5) returned 0xe5
[0232.349] GetNearestColor (hdc=0x9a0107f3, color=0x0) returned 0x0
[0232.349] RestoreDC (hdc=0x9a0107f3, nSavedDC=-1) returned 1
[0232.349] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0107f3) returned 0x0
[0232.349] IsAppThemed () returned 0x1
[0232.349] GetThemeAppProperties () returned 0x3
[0232.349] GetThemeAppProperties () returned 0x3
[0232.349] IsAppThemed () returned 0x1
[0232.349] GetThemeAppProperties () returned 0x3
[0232.349] GetThemeAppProperties () returned 0x3
[0232.349] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d3bc70 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0232.350] IsAppThemed () returned 0x1
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] IsAppThemed () returned 0x1
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] IsAppThemed () returned 0x1
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] IsAppThemed () returned 0x1
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] IsThemePartDefined () returned 0x1
[0232.350] IsAppThemed () returned 0x1
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0232.350] IsAppThemed () returned 0x1
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] GetThemeAppProperties () returned 0x3
[0232.350] IsAppThemed () returned 0x1
[0232.350] GetThemeAppProperties () returned 0x3
[0232.351] GetThemeAppProperties () returned 0x3
[0232.351] IsThemePartDefined () returned 0x1
[0232.351] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0232.351] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0232.351] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0232.351] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0232.351] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e514) returned 0x0
[0232.351] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0232.351] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0232.351] LocalFree (hMem=0x11ee8d8) returned 0x0
[0232.351] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0232.351] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0232.351] LocalFree (hMem=0x11ee9f0) returned 0x0
[0232.351] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0232.351] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0232.351] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0232.351] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0232.351] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0232.351] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0232.351] GetCurrentObject (hdc=0x9a0107f3, type=0x1) returned 0xb00017
[0232.351] GetCurrentObject (hdc=0x9a0107f3, type=0x2) returned 0x900010
[0232.351] GetCurrentObject (hdc=0x9a0107f3, type=0x7) returned 0x4a0507fe
[0232.352] GetCurrentObject (hdc=0x9a0107f3, type=0x6) returned 0x8a01c2
[0232.352] SaveDC (hdc=0x9a0107f3) returned 1
[0232.352] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc1040807
[0232.352] GetClipRgn (hdc=0x9a0107f3, hrgn=0xc1040807) returned 0
[0232.352] SelectClipRgn (hdc=0x9a0107f3, hrgn=0x510407de) returned 2
[0232.352] DeleteObject (ho=0xc1040807) returned 1
[0232.352] DeleteObject (ho=0x510407de) returned 1
[0232.352] OffsetViewportOrgEx (in: hdc=0x9a0107f3, x=0, y=0, lppt=0x2d3c320 | out: lppt=0x2d3c320) returned 1
[0232.352] DrawThemeParentBackground () returned 0x0
[0232.352] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0232.352] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0232.352] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0232.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0232.352] GetSystemMetrics (nIndex=42) returned 0
[0232.352] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0232.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0232.352] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0232.353] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0232.353] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0232.353] SelectPalette (hdc=0x9a0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.353] GdipCreateFromHDC (hdc=0x9a0107f3, graphics=0xd7dff0) returned 0x0
[0232.353] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0232.353] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0232.353] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c38) returned 0x0
[0232.353] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dfc8) returned 0x0
[0232.353] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0232.353] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0232.353] GdipGetClip (graphics=0x663e568, region=0x6645cf8) returned 0x0
[0232.353] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x663e568, result=0xd7dfbc) returned 0x0
[0232.353] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0232.353] GdipSaveGraphics (graphics=0x663e568, state=0xd7dfe8) returned 0x0
[0232.353] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0232.359] GdipFillRectangleI (graphics=0x663e568, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0232.359] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0232.360] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0232.360] SelectPalette (hdc=0x9a0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.360] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0232.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0232.360] GetSystemMetrics (nIndex=42) returned 0
[0232.360] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0232.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0232.360] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0232.360] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0232.360] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0232.360] SelectPalette (hdc=0x9a0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.361] GdipCreateFromHDC (hdc=0x9a0107f3, graphics=0xd7df90) returned 0x0
[0232.361] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0232.361] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0232.361] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cf8) returned 0x0
[0232.361] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df68) returned 0x0
[0232.361] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0232.361] GdipCreateRegion (region=0xd7df50) returned 0x0
[0232.361] GdipGetClip (graphics=0x663e568, region=0x6645ab8) returned 0x0
[0232.361] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x663e568, result=0xd7df5c) returned 0x0
[0232.361] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0232.361] GdipSaveGraphics (graphics=0x663e568, state=0xd7df88) returned 0x0
[0232.361] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0232.366] GdipFillRectangleI (graphics=0x663e568, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0232.366] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0232.368] GdipRestoreGraphics (graphics=0x663e568, state=0xf9320dbd) returned 0x0
[0232.368] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0232.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0232.368] GetSystemMetrics (nIndex=42) returned 0
[0232.368] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0232.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0232.368] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0232.368] SelectPalette (hdc=0x9a0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.368] RestoreDC (hdc=0x9a0107f3, nSavedDC=-1) returned 1
[0232.368] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0107f3) returned 0x0
[0232.368] IsAppThemed () returned 0x1
[0232.368] GetThemeAppProperties () returned 0x3
[0232.368] GetThemeAppProperties () returned 0x3
[0232.368] IsAppThemed () returned 0x1
[0232.368] GetThemeAppProperties () returned 0x3
[0232.368] GetThemeAppProperties () returned 0x3
[0232.368] IsThemePartDefined () returned 0x1
[0232.369] GdipCreateRegion (region=0xd7e480) returned 0x0
[0232.369] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0232.369] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0232.369] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0232.369] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e498) returned 0x0
[0232.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0232.369] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea28) returned 0x0
[0232.369] LocalFree (hMem=0x11eea28) returned 0x0
[0232.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0232.369] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea60) returned 0x0
[0232.369] LocalFree (hMem=0x11eea60) returned 0x0
[0232.369] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0232.369] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0232.369] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0232.369] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0232.369] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0232.369] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0232.369] GetCurrentObject (hdc=0x9a0107f3, type=0x1) returned 0xb00017
[0232.369] GetCurrentObject (hdc=0x9a0107f3, type=0x2) returned 0x900010
[0232.369] GetCurrentObject (hdc=0x9a0107f3, type=0x7) returned 0x4a0507fe
[0232.369] GetCurrentObject (hdc=0x9a0107f3, type=0x6) returned 0x8a01c2
[0232.369] SaveDC (hdc=0x9a0107f3) returned 1
[0232.370] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x520407de
[0232.370] GetClipRgn (hdc=0x9a0107f3, hrgn=0x520407de) returned 0
[0232.370] SelectClipRgn (hdc=0x9a0107f3, hrgn=0xc3040807) returned 2
[0232.370] DeleteObject (ho=0x520407de) returned 1
[0232.370] DeleteObject (ho=0xc3040807) returned 1
[0232.370] OffsetViewportOrgEx (in: hdc=0x9a0107f3, x=0, y=0, lppt=0x2d42b70 | out: lppt=0x2d42b70) returned 1
[0232.370] IsAppThemed () returned 0x1
[0232.370] GetThemeAppProperties () returned 0x3
[0232.370] GetThemeAppProperties () returned 0x3
[0232.370] DrawThemeBackground () returned 0x0
[0232.370] RestoreDC (hdc=0x9a0107f3, nSavedDC=-1) returned 1
[0232.370] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0107f3) returned 0x0
[0232.370] GdipCreateRegion (region=0xd7e484) returned 0x0
[0232.370] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0232.370] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0232.370] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0232.370] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e49c) returned 0x0
[0232.371] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.371] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0232.371] LocalFree (hMem=0x11eec58) returned 0x0
[0232.371] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0232.371] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0232.371] LocalFree (hMem=0x11eed00) returned 0x0
[0232.371] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0232.371] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0232.371] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0232.371] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0232.371] GdipDeleteRegion (region=0x6645488) returned 0x0
[0232.371] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0232.371] GetCurrentObject (hdc=0x9a0107f3, type=0x1) returned 0xb00017
[0232.371] GetCurrentObject (hdc=0x9a0107f3, type=0x2) returned 0x900010
[0232.371] GetCurrentObject (hdc=0x9a0107f3, type=0x7) returned 0x4a0507fe
[0232.371] GetCurrentObject (hdc=0x9a0107f3, type=0x6) returned 0x8a01c2
[0232.371] SaveDC (hdc=0x9a0107f3) returned 1
[0232.371] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc4040807
[0232.372] GetClipRgn (hdc=0x9a0107f3, hrgn=0xc4040807) returned 0
[0232.372] SelectClipRgn (hdc=0x9a0107f3, hrgn=0x530407de) returned 2
[0232.372] DeleteObject (ho=0xc4040807) returned 1
[0232.372] DeleteObject (ho=0x530407de) returned 1
[0232.372] OffsetViewportOrgEx (in: hdc=0x9a0107f3, x=0, y=0, lppt=0x2d42e44 | out: lppt=0x2d42e44) returned 1
[0232.372] IsAppThemed () returned 0x1
[0232.372] GetThemeAppProperties () returned 0x3
[0232.372] GetThemeAppProperties () returned 0x3
[0232.372] GetThemeBackgroundContentRect () returned 0x0
[0232.372] RestoreDC (hdc=0x9a0107f3, nSavedDC=-1) returned 1
[0232.372] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0107f3) returned 0x0
[0232.372] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0232.372] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0232.372] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0232.372] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0232.372] IsAppThemed () returned 0x1
[0232.373] GetThemeAppProperties () returned 0x3
[0232.373] GetThemeAppProperties () returned 0x3
[0232.373] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0232.373] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0232.373] GetCurrentObject (hdc=0x9a0107f3, type=0x1) returned 0xb00017
[0232.373] GetCurrentObject (hdc=0x9a0107f3, type=0x2) returned 0x900010
[0232.373] GetCurrentObject (hdc=0x9a0107f3, type=0x7) returned 0x4a0507fe
[0232.373] GetCurrentObject (hdc=0x9a0107f3, type=0x6) returned 0x8a01c2
[0232.373] SaveDC (hdc=0x9a0107f3) returned 1
[0232.373] GetTextAlign (hdc=0x9a0107f3) returned 0x0
[0232.373] GetTextColor (hdc=0x9a0107f3) returned 0x0
[0232.373] GetCurrentObject (hdc=0x9a0107f3, type=0x6) returned 0x8a01c2
[0232.373] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0232.373] SelectObject (hdc=0x9a0107f3, h=0x6d0a0520) returned 0x8a01c2
[0232.373] GetBkMode (hdc=0x9a0107f3) returned 2
[0232.373] SetBkMode (hdc=0x9a0107f3, mode=1) returned 2
[0232.373] DrawTextExW (in: hdc=0x9a0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d43208 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0232.374] DrawTextExW (in: hdc=0x9a0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d43208 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0232.374] RestoreDC (hdc=0x9a0107f3, nSavedDC=-1) returned 1
[0232.374] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0107f3) returned 0x0
[0232.374] GetFocus () returned 0x602c4
[0232.374] IsAppThemed () returned 0x1
[0232.374] GetThemeAppProperties () returned 0x3
[0232.374] GetThemeAppProperties () returned 0x3
[0232.374] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0232.374] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x9a0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0232.375] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0107f3) returned 0x0
[0232.375] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.375] SelectObject (hdc=0x9a0107f3, h=0x85000f) returned 0x4a0507fe
[0232.375] DeleteDC (hdc=0x9a0107f3) returned 1
[0232.375] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.375] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0232.375] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0232.375] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0232.375] WaitMessage () returned 1
[0232.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.452] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.452] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.452] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0232.452] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0232.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.452] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.452] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.452] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0232.452] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0232.452] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0028) returned 0x0
[0232.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0232.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0232.452] WaitMessage () returned 1
[0232.595] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730103) returned 0x1
[0232.595] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.595] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730103) returned 0x1
[0232.595] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0232.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e0045) returned 0x0
[0232.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0232.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0232.595] SetCursor (hCursor=0x10003) returned 0x10003
[0232.596] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0232.596] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0232.596] GetKeyState (nVirtKey=1) returned -128
[0232.596] GetKeyState (nVirtKey=2) returned 0
[0232.596] GetKeyState (nVirtKey=4) returned 0
[0232.596] GetKeyState (nVirtKey=5) returned 0
[0232.596] GetKeyState (nVirtKey=6) returned 0
[0232.596] IsWindowVisible (hWnd=0x602c4) returned 1
[0232.596] IsWindowEnabled (hWnd=0x602c4) returned 1
[0232.596] SetFocus (hWnd=0x602c4) returned 0x602c4
[0232.596] GetFocus () returned 0x602c4
[0232.596] GetFocus () returned 0x602c4
[0232.596] GetFocus () returned 0x602c4
[0232.596] GetKeyState (nVirtKey=1) returned -128
[0232.596] GetKeyState (nVirtKey=2) returned 0
[0232.596] GetKeyState (nVirtKey=4) returned 0
[0232.596] GetKeyState (nVirtKey=5) returned 0
[0232.596] GetKeyState (nVirtKey=6) returned 0
[0232.596] GetCapture () returned 0x0
[0232.596] SetCapture (hWnd=0x602c4) returned 0x0
[0232.596] GetKeyState (nVirtKey=1) returned -128
[0232.596] GetKeyState (nVirtKey=2) returned 0
[0232.596] GetKeyState (nVirtKey=4) returned 0
[0232.596] GetKeyState (nVirtKey=5) returned 0
[0232.596] GetKeyState (nVirtKey=6) returned 0
[0232.596] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0232.596] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0232.597] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.597] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.597] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0232.597] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0232.597] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0232.597] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d4338c, cPoints=0x1 | out: lpPoints=0x2d4338c) returned 40304859
[0232.597] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0232.597] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0232.597] UpdateWindow (hWnd=0x602c4) returned 1
[0232.597] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0232.597] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.597] CreateCompatibleDC (hdc=0x107b9) returned 0x9b0107f3
[0232.597] SelectObject (hdc=0x9b0107f3, h=0x4a0507fe) returned 0x85000f
[0232.597] GdipCreateFromHDC (hdc=0x9b0107f3, graphics=0xd7e430) returned 0x0
[0232.598] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.598] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0232.598] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0232.598] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0232.598] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e490) returned 0x0
[0232.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.598] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0232.598] LocalFree (hMem=0x11eec58) returned 0x0
[0232.598] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0232.598] GdipCreateRegion (region=0xd7e478) returned 0x0
[0232.598] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0232.598] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e484) returned 0x0
[0232.598] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0232.598] GdipRestoreGraphics (graphics=0x6600030, state=0xf9300dbd) returned 0x0
[0232.598] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0232.598] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0232.598] GetCurrentObject (hdc=0x9b0107f3, type=0x1) returned 0xb00017
[0232.598] GetCurrentObject (hdc=0x9b0107f3, type=0x2) returned 0x900010
[0232.598] GetCurrentObject (hdc=0x9b0107f3, type=0x7) returned 0x4a0507fe
[0232.598] GetCurrentObject (hdc=0x9b0107f3, type=0x6) returned 0x8a01c2
[0232.599] SaveDC (hdc=0x9b0107f3) returned 1
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0xff) returned 0xff
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0x55) returned 0x55
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0x0) returned 0x0
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0x55) returned 0x55
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0x0) returned 0x0
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0x8080ff) returned 0x8080ff
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0x7373e5) returned 0x7373e5
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0xe5) returned 0xe5
[0232.599] GetNearestColor (hdc=0x9b0107f3, color=0x0) returned 0x0
[0232.599] RestoreDC (hdc=0x9b0107f3, nSavedDC=-1) returned 1
[0232.599] GdipReleaseDC (graphics=0x6600030, hdc=0x9b0107f3) returned 0x0
[0232.599] IsAppThemed () returned 0x1
[0232.599] GetThemeAppProperties () returned 0x3
[0232.599] GetThemeAppProperties () returned 0x3
[0232.599] IsAppThemed () returned 0x1
[0232.599] GetThemeAppProperties () returned 0x3
[0232.599] GetThemeAppProperties () returned 0x3
[0232.600] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d43aa8 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0232.600] IsAppThemed () returned 0x1
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] IsAppThemed () returned 0x1
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] IsAppThemed () returned 0x1
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] IsAppThemed () returned 0x1
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] IsThemePartDefined () returned 0x1
[0232.600] IsAppThemed () returned 0x1
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] GetThemeAppProperties () returned 0x3
[0232.600] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0232.600] IsAppThemed () returned 0x1
[0232.601] GetThemeAppProperties () returned 0x3
[0232.601] GetThemeAppProperties () returned 0x3
[0232.601] IsAppThemed () returned 0x1
[0232.601] GetThemeAppProperties () returned 0x3
[0232.601] GetThemeAppProperties () returned 0x3
[0232.601] IsThemePartDefined () returned 0x1
[0232.601] GdipCreateRegion (region=0xd7e194) returned 0x0
[0232.601] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0232.601] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0232.601] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0232.601] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e1ac) returned 0x0
[0232.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0232.601] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea98) returned 0x0
[0232.601] LocalFree (hMem=0x11eea98) returned 0x0
[0232.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0232.601] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0232.601] LocalFree (hMem=0x11ee788) returned 0x0
[0232.601] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0232.601] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0232.601] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0232.601] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0232.601] GdipDeleteRegion (region=0x6645908) returned 0x0
[0232.601] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0232.601] GetCurrentObject (hdc=0x9b0107f3, type=0x1) returned 0xb00017
[0232.602] GetCurrentObject (hdc=0x9b0107f3, type=0x2) returned 0x900010
[0232.602] GetCurrentObject (hdc=0x9b0107f3, type=0x7) returned 0x4a0507fe
[0232.602] GetCurrentObject (hdc=0x9b0107f3, type=0x6) returned 0x8a01c2
[0232.602] SaveDC (hdc=0x9b0107f3) returned 1
[0232.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x540407de
[0232.602] GetClipRgn (hdc=0x9b0107f3, hrgn=0x540407de) returned 0
[0232.602] SelectClipRgn (hdc=0x9b0107f3, hrgn=0xc8040807) returned 2
[0232.602] DeleteObject (ho=0x540407de) returned 1
[0232.602] DeleteObject (ho=0xc8040807) returned 1
[0232.602] OffsetViewportOrgEx (in: hdc=0x9b0107f3, x=0, y=0, lppt=0x2d44158 | out: lppt=0x2d44158) returned 1
[0232.602] DrawThemeParentBackground () returned 0x0
[0232.602] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0232.602] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0232.602] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0232.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0232.602] GetSystemMetrics (nIndex=42) returned 0
[0232.602] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0232.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0232.603] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0232.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0232.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0232.603] SelectPalette (hdc=0x9b0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.603] GdipCreateFromHDC (hdc=0x9b0107f3, graphics=0xd7dc88) returned 0x0
[0232.603] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0232.603] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0232.603] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c38) returned 0x0
[0232.603] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dc60) returned 0x0
[0232.603] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0232.603] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0232.603] GdipGetClip (graphics=0x663e568, region=0x66455a8) returned 0x0
[0232.603] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x663e568, result=0xd7dc54) returned 0x0
[0232.603] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0232.603] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc80) returned 0x0
[0232.604] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0232.609] GdipFillRectangleI (graphics=0x663e568, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0232.610] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0232.611] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0232.611] SelectPalette (hdc=0x9b0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.611] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0232.611] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0232.611] GetSystemMetrics (nIndex=42) returned 0
[0232.611] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0232.611] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0232.611] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0232.611] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0232.612] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0232.612] SelectPalette (hdc=0x9b0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.612] GdipCreateFromHDC (hdc=0x9b0107f3, graphics=0xd7dc28) returned 0x0
[0232.612] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0232.612] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0232.612] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c08) returned 0x0
[0232.612] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0232.612] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0232.612] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0232.612] GdipGetClip (graphics=0x663e568, region=0x6645ab8) returned 0x0
[0232.613] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x663e568, result=0xd7dbf4) returned 0x0
[0232.613] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0232.613] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc20) returned 0x0
[0232.613] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0232.618] GdipFillRectangleI (graphics=0x663e568, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0232.618] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0232.619] GdipRestoreGraphics (graphics=0x663e568, state=0xf92c0dbd) returned 0x0
[0232.619] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0232.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0232.619] GetSystemMetrics (nIndex=42) returned 0
[0232.619] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0232.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0232.619] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0232.619] SelectPalette (hdc=0x9b0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.620] RestoreDC (hdc=0x9b0107f3, nSavedDC=-1) returned 1
[0232.620] GdipReleaseDC (graphics=0x6600030, hdc=0x9b0107f3) returned 0x0
[0232.620] IsAppThemed () returned 0x1
[0232.620] GetThemeAppProperties () returned 0x3
[0232.620] GetThemeAppProperties () returned 0x3
[0232.620] IsAppThemed () returned 0x1
[0232.620] GetThemeAppProperties () returned 0x3
[0232.620] GetThemeAppProperties () returned 0x3
[0232.620] IsThemePartDefined () returned 0x1
[0232.620] GdipCreateRegion (region=0xd7e118) returned 0x0
[0232.620] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0232.620] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0232.620] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0232.620] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e130) returned 0x0
[0232.620] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0232.620] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0232.621] LocalFree (hMem=0x11ee9f0) returned 0x0
[0232.621] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0232.621] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eead0) returned 0x0
[0232.621] LocalFree (hMem=0x11eead0) returned 0x0
[0232.621] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0232.621] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e158) returned 0x0
[0232.621] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e148) returned 0x0
[0232.621] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0232.621] GdipDeleteRegion (region=0x6645098) returned 0x0
[0232.621] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0232.621] GetCurrentObject (hdc=0x9b0107f3, type=0x1) returned 0xb00017
[0232.621] GetCurrentObject (hdc=0x9b0107f3, type=0x2) returned 0x900010
[0232.621] GetCurrentObject (hdc=0x9b0107f3, type=0x7) returned 0x4a0507fe
[0232.621] GetCurrentObject (hdc=0x9b0107f3, type=0x6) returned 0x8a01c2
[0232.621] SaveDC (hdc=0x9b0107f3) returned 1
[0232.621] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc9040807
[0232.621] GetClipRgn (hdc=0x9b0107f3, hrgn=0xc9040807) returned 0
[0232.621] SelectClipRgn (hdc=0x9b0107f3, hrgn=0x560407de) returned 2
[0232.621] DeleteObject (ho=0xc9040807) returned 1
[0232.621] DeleteObject (ho=0x560407de) returned 1
[0232.622] OffsetViewportOrgEx (in: hdc=0x9b0107f3, x=0, y=0, lppt=0x2d4a9a8 | out: lppt=0x2d4a9a8) returned 1
[0232.622] IsAppThemed () returned 0x1
[0232.622] GetThemeAppProperties () returned 0x3
[0232.622] GetThemeAppProperties () returned 0x3
[0232.622] DrawThemeBackground () returned 0x0
[0232.622] RestoreDC (hdc=0x9b0107f3, nSavedDC=-1) returned 1
[0232.622] GdipReleaseDC (graphics=0x6600030, hdc=0x9b0107f3) returned 0x0
[0232.622] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0232.622] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0232.622] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0232.623] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0232.623] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e134) returned 0x0
[0232.623] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0232.623] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0232.623] LocalFree (hMem=0x11ee8d8) returned 0x0
[0232.623] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0232.623] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0232.623] LocalFree (hMem=0x11ee8d8) returned 0x0
[0232.623] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0232.623] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0232.623] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0232.623] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0232.623] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0232.623] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0232.623] GetCurrentObject (hdc=0x9b0107f3, type=0x1) returned 0xb00017
[0232.623] GetCurrentObject (hdc=0x9b0107f3, type=0x2) returned 0x900010
[0232.623] GetCurrentObject (hdc=0x9b0107f3, type=0x7) returned 0x4a0507fe
[0232.623] GetCurrentObject (hdc=0x9b0107f3, type=0x6) returned 0x8a01c2
[0232.623] SaveDC (hdc=0x9b0107f3) returned 1
[0232.623] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x570407de
[0232.624] GetClipRgn (hdc=0x9b0107f3, hrgn=0x570407de) returned 0
[0232.624] SelectClipRgn (hdc=0x9b0107f3, hrgn=0xca040807) returned 2
[0232.624] DeleteObject (ho=0x570407de) returned 1
[0232.624] DeleteObject (ho=0xca040807) returned 1
[0232.624] OffsetViewportOrgEx (in: hdc=0x9b0107f3, x=0, y=0, lppt=0x2d4ac7c | out: lppt=0x2d4ac7c) returned 1
[0232.624] IsAppThemed () returned 0x1
[0232.624] GetThemeAppProperties () returned 0x3
[0232.624] GetThemeAppProperties () returned 0x3
[0232.624] GetThemeBackgroundContentRect () returned 0x0
[0232.624] RestoreDC (hdc=0x9b0107f3, nSavedDC=-1) returned 1
[0232.624] GdipReleaseDC (graphics=0x6600030, hdc=0x9b0107f3) returned 0x0
[0232.624] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0232.624] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0232.624] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0232.624] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0232.624] IsAppThemed () returned 0x1
[0232.624] GetThemeAppProperties () returned 0x3
[0232.624] GetThemeAppProperties () returned 0x3
[0232.624] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0232.624] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0232.624] GetCurrentObject (hdc=0x9b0107f3, type=0x1) returned 0xb00017
[0232.625] GetCurrentObject (hdc=0x9b0107f3, type=0x2) returned 0x900010
[0232.625] GetCurrentObject (hdc=0x9b0107f3, type=0x7) returned 0x4a0507fe
[0232.625] GetCurrentObject (hdc=0x9b0107f3, type=0x6) returned 0x8a01c2
[0232.625] SaveDC (hdc=0x9b0107f3) returned 1
[0232.625] GetTextAlign (hdc=0x9b0107f3) returned 0x0
[0232.625] GetTextColor (hdc=0x9b0107f3) returned 0x0
[0232.625] GetCurrentObject (hdc=0x9b0107f3, type=0x6) returned 0x8a01c2
[0232.625] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0232.625] SelectObject (hdc=0x9b0107f3, h=0x6d0a0520) returned 0x8a01c2
[0232.625] GetBkMode (hdc=0x9b0107f3) returned 2
[0232.625] SetBkMode (hdc=0x9b0107f3, mode=1) returned 2
[0232.625] DrawTextExW (in: hdc=0x9b0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d4b040 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0232.626] DrawTextExW (in: hdc=0x9b0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d4b040 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0232.626] RestoreDC (hdc=0x9b0107f3, nSavedDC=-1) returned 1
[0232.626] GdipReleaseDC (graphics=0x6600030, hdc=0x9b0107f3) returned 0x0
[0232.626] GetFocus () returned 0x602c4
[0232.626] IsAppThemed () returned 0x1
[0232.626] GetThemeAppProperties () returned 0x3
[0232.626] GetThemeAppProperties () returned 0x3
[0232.626] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0232.626] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x9b0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0232.626] GdipReleaseDC (graphics=0x6600030, hdc=0x9b0107f3) returned 0x0
[0232.627] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.627] SelectObject (hdc=0x9b0107f3, h=0x85000f) returned 0x4a0507fe
[0232.627] DeleteDC (hdc=0x9b0107f3) returned 1
[0232.627] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.627] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0232.627] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d4b13c, cPoints=0x1 | out: lpPoints=0x2d4b13c) returned 40304859
[0232.627] WindowFromPoint (Point=0x103) returned 0x602c4
[0232.627] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730103) returned 0x1
[0232.627] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0232.627] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0232.627] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0232.627] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0232.627] GetSystemMetrics (nIndex=42) returned 0
[0232.628] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0232.628] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0232.629] GetCapture () returned 0x602c4
[0232.629] ReleaseCapture () returned 1
[0232.629] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0232.629] GetProcessWindowStation () returned 0x13c
[0232.630] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.630] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0232.630] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.630] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0232.631] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.631] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0232.631] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.631] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0232.631] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.631] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0232.632] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.632] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0232.632] GetDC (hWnd=0x0) returned 0x60100ce
[0232.632] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0232.632] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0232.632] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.632] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0232.632] GetSystemMetrics (nIndex=5) returned 1
[0232.633] GetSystemMetrics (nIndex=6) returned 1
[0232.633] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.633] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0232.633] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.633] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0232.640] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0232.640] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0232.640] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.640] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0232.640] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.640] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0232.641] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d5220c | out: lpData=0x2d5220c) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5261c, puLen=0xd7e810) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d522c4, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d52318, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d52398, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d52400, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d52440, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d524c8, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d52504, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5255c, puLen=0xd7e790) returned 1
[0232.642] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5258c, puLen=0xd7e790) returned 1
[0232.643] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.643] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d525c8, puLen=0xd7e790) returned 1
[0232.643] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.643] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5261c, puLen=0xd7e784) returned 1
[0232.643] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.643] VerQueryValueW (in: pBlock=0x2d5220c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d52234, puLen=0xd7e794) returned 1
[0232.643] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0232.643] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0232.643] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.644] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0232.644] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.644] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0232.644] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d5417c | out: lpData=0x2d5417c) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d54218, puLen=0xd7e810) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54290, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d542c0, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d542fc, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5432c, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54374, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d543ec, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54430, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54470, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5426e, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d543bc, puLen=0xd7e790) returned 1
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.644] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d54218, puLen=0xd7e784) returned 1
[0232.645] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0232.645] VerQueryValueW (in: pBlock=0x2d5417c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d541a4, puLen=0xd7e794) returned 1
[0232.645] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0232.645] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0232.645] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.645] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0232.646] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.646] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0232.646] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d56454 | out: lpData=0x2d56454) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d56868, puLen=0xd7e810) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5650c, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56560, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d565bc, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5661c, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56674, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d566fc, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56750, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d567a8, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d567d8, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56814, puLen=0xd7e790) returned 1
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d56868, puLen=0xd7e784) returned 1
[0232.647] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.647] VerQueryValueW (in: pBlock=0x2d56454, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5647c, puLen=0xd7e794) returned 1
[0232.648] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0232.648] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0232.648] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.648] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0232.648] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.648] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0232.649] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d58a8c | out: lpData=0x2d58a8c) returned 1
[0232.650] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d58e8c, puLen=0xd7e810) returned 1
[0232.650] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58b44, puLen=0xd7e790) returned 1
[0232.650] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58b98, puLen=0xd7e790) returned 1
[0232.650] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58bd8, puLen=0xd7e790) returned 1
[0232.650] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58c40, puLen=0xd7e790) returned 1
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58c98, puLen=0xd7e790) returned 1
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58d20, puLen=0xd7e790) returned 1
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58d74, puLen=0xd7e790) returned 1
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58dcc, puLen=0xd7e790) returned 1
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58dfc, puLen=0xd7e790) returned 1
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58e38, puLen=0xd7e790) returned 1
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d58e8c, puLen=0xd7e784) returned 1
[0232.651] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.651] VerQueryValueW (in: pBlock=0x2d58a8c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d58ab4, puLen=0xd7e794) returned 1
[0232.652] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0232.652] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0232.652] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.652] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0232.652] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.652] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0232.653] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d5b1c8 | out: lpData=0x2d5b1c8) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5b590, puLen=0xd7e810) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b280, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b2d4, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b314, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b37c, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b3b8, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b440, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b478, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b4d0, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b500, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b53c, puLen=0xd7e790) returned 1
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.656] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5b590, puLen=0xd7e784) returned 1
[0232.656] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.657] VerQueryValueW (in: pBlock=0x2d5b1c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5b1f0, puLen=0xd7e794) returned 1
[0232.657] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0232.658] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0232.658] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.658] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0232.658] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.658] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0232.659] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d5e830 | out: lpData=0x2d5e830) returned 1
[0232.659] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5ec10, puLen=0xd7e810) returned 1
[0232.659] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e8e8, puLen=0xd7e790) returned 1
[0232.659] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e93c, puLen=0xd7e790) returned 1
[0232.659] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e97c, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5e9dc, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5ea28, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5eab0, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5eaf8, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5eb50, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5eb80, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5ebbc, puLen=0xd7e790) returned 1
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5ec10, puLen=0xd7e784) returned 1
[0232.660] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.660] VerQueryValueW (in: pBlock=0x2d5e830, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5e858, puLen=0xd7e794) returned 1
[0232.661] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0232.661] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0232.661] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.661] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0232.661] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.661] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0232.662] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d61050 | out: lpData=0x2d61050) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d6145c, puLen=0xd7e810) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d61108, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6115c, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d611b0, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d61210, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d61268, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d612f0, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d61344, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6139c, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d613cc, puLen=0xd7e790) returned 1
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.662] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d61408, puLen=0xd7e790) returned 1
[0232.663] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.663] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d6145c, puLen=0xd7e784) returned 1
[0232.663] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.663] VerQueryValueW (in: pBlock=0x2d61050, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d61078, puLen=0xd7e794) returned 1
[0232.663] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0232.663] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0232.663] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.664] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0232.664] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.664] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0232.664] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d63864 | out: lpData=0x2d63864) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d63c3c, puLen=0xd7e810) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6391c, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63970, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d639b0, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63a18, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63a5c, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63ae4, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63b24, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63b7c, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63bac, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d63be8, puLen=0xd7e790) returned 1
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.665] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d63c3c, puLen=0xd7e784) returned 1
[0232.666] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.666] VerQueryValueW (in: pBlock=0x2d63864, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6388c, puLen=0xd7e794) returned 1
[0232.666] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0232.666] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0232.666] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.666] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0232.667] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.667] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0232.667] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d65dbc | out: lpData=0x2d65dbc) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d66194, puLen=0xd7e810) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65e74, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65ec8, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65f08, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65f70, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d65fb4, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6603c, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6607c, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d660d4, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d66104, puLen=0xd7e790) returned 1
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.668] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d66140, puLen=0xd7e790) returned 1
[0232.669] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.669] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d66194, puLen=0xd7e784) returned 1
[0232.669] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.669] VerQueryValueW (in: pBlock=0x2d65dbc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d65de4, puLen=0xd7e794) returned 1
[0232.669] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0232.669] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0232.670] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0232.670] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0232.670] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0232.670] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0232.670] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d684f4 | out: lpData=0x2d684f4) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d68924, puLen=0xd7e810) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d685ac, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68600, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68670, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d686d0, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6872c, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d687b4, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6880c, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68864, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d68894, puLen=0xd7e790) returned 1
[0232.671] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.672] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d688d0, puLen=0xd7e790) returned 1
[0232.672] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0232.672] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d68924, puLen=0xd7e784) returned 1
[0232.672] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0232.672] VerQueryValueW (in: pBlock=0x2d684f4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6851c, puLen=0xd7e794) returned 1
[0232.672] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0232.673] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.673] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0232.673] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.673] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.673] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e02dc
[0232.674] SetWindowLongW (hWnd=0x1e02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0232.674] GetWindowLongW (hWnd=0x1e02dc, nIndex=-4) returned 1950089536
[0232.674] SetWindowLongW (hWnd=0x1e02dc, nIndex=-4, dwNewLong=19947318) returned 1950089536
[0232.674] GetWindowLongW (hWnd=0x1e02dc, nIndex=-4) returned 19947318
[0232.674] GetWindowLongW (hWnd=0x1e02dc, nIndex=-16) returned 113311744
[0232.674] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0232.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0232.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0232.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0232.676] GetClientRect (in: hWnd=0x1e02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0232.676] GetWindowRect (in: hWnd=0x1e02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0232.676] SetWindowTextW (hWnd=0x1e02dc, lpString="WindowsFormsParkingWindow") returned 1
[0232.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0xc, wParam=0x0, lParam=0x2d2c318) returned 0x1
[0232.677] GetParent (hWnd=0x1e02dc) returned 0x0
[0232.677] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.677] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1e02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e02da
[0232.678] SetWindowLongW (hWnd=0x1e02da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0232.678] GetWindowLongW (hWnd=0x1e02da, nIndex=-4) returned 1868147648
[0232.678] SetWindowLongW (hWnd=0x1e02da, nIndex=-4, dwNewLong=19947758) returned 1868147648
[0232.678] GetWindowLongW (hWnd=0x1e02da, nIndex=-4) returned 19947758
[0232.678] GetWindowLongW (hWnd=0x1e02da, nIndex=-16) returned 1174405133
[0232.678] GetWindowLongW (hWnd=0x1e02da, nIndex=-12) returned 0
[0232.678] SetWindowLongW (hWnd=0x1e02da, nIndex=-12, dwNewLong=1966810) returned 0
[0232.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0232.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0232.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0232.680] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0232.680] GetWindowRect (in: hWnd=0x1e02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0232.680] GetParent (hWnd=0x1e02da) returned 0x1e02dc
[0232.680] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0232.680] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0232.680] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0232.680] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0232.680] GetWindowRect (in: hWnd=0x1e02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0232.681] GetParent (hWnd=0x1e02da) returned 0x1e02dc
[0232.681] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0232.681] SendMessageW (hWnd=0x1e02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1e02da) returned 0x0
[0232.681] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1e02da) returned 0x0
[0232.681] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.681] GetParent (hWnd=0x1e02da) returned 0x1e02dc
[0232.681] GdipCreateFromHWND (hwnd=0x1e02da, graphics=0xd7e844) returned 0x0
[0232.681] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0232.682] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.682] GetForegroundWindow () returned 0x602c4
[0232.682] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.682] GetCursorPos (in: lpPoint=0x2d6c800 | out: lpPoint=0x2d6c800*(x=259, y=627)) returned 1
[0232.682] MonitorFromPoint (pt=0x103, dwFlags=0x273) returned 0x10001
[0232.682] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0232.683] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9e0107f3
[0232.683] GetDeviceCaps (hdc=0x9e0107f3, index=12) returned 32
[0232.683] GetDeviceCaps (hdc=0x9e0107f3, index=14) returned 1
[0232.683] DeleteDC (hdc=0x9e0107f3) returned 1
[0232.683] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0232.683] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0232.683] GetSystemMetrics (nIndex=59) returned 1460
[0232.683] GetSystemMetrics (nIndex=60) returned 920
[0232.683] GetSystemMetrics (nIndex=34) returned 136
[0232.683] GetSystemMetrics (nIndex=35) returned 39
[0232.683] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.683] GetCursorPos (in: lpPoint=0x2d6ca6c | out: lpPoint=0x2d6ca6c*(x=259, y=627)) returned 1
[0232.684] MonitorFromPoint (pt=0x103, dwFlags=0x270) returned 0x10001
[0232.684] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0232.695] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9f0107f3
[0232.695] GetDeviceCaps (hdc=0x9f0107f3, index=12) returned 32
[0232.695] GetDeviceCaps (hdc=0x9f0107f3, index=14) returned 1
[0232.695] DeleteDC (hdc=0x9f0107f3) returned 1
[0232.695] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0232.695] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0232.696] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.696] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0232.696] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d6cd04 | out: piconinfo=0x2d6cd04) returned 1
[0232.696] GetObjectW (in: h=0x80507fc, c=24, pv=0x2d6cd20 | out: pv=0x2d6cd20) returned 24
[0232.696] GdipCreateBitmapFromHBITMAP (hbm=0x80507fc, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0232.697] GdipGetImageWidth (image=0x66023c8, width=0xd7e750) returned 0x0
[0232.697] GdipGetImageHeight (image=0x66023c8, height=0xd7e748) returned 0x0
[0232.697] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0232.697] GdipBitmapLockBits (bitmap=0x66023c8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d6cdd8) returned 0x0
[0232.697] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0232.697] GdipBitmapLockBits (bitmap=0x6603778, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d6ce10) returned 0x0
[0232.697] RtlMoveMemory (in: Destination=0x665bf30, Source=0x665aea0, Length=0x80 | out: Destination=0x665bf30)
[0232.697] RtlMoveMemory (in: Destination=0x665bfb0, Source=0x665ae20, Length=0x80 | out: Destination=0x665bfb0)
[0232.697] RtlMoveMemory (in: Destination=0x665c030, Source=0x665ada0, Length=0x80 | out: Destination=0x665c030)
[0232.697] RtlMoveMemory (in: Destination=0x665c0b0, Source=0x665ad20, Length=0x80 | out: Destination=0x665c0b0)
[0232.697] RtlMoveMemory (in: Destination=0x665c130, Source=0x665aca0, Length=0x80 | out: Destination=0x665c130)
[0232.697] RtlMoveMemory (in: Destination=0x665c1b0, Source=0x665ac20, Length=0x80 | out: Destination=0x665c1b0)
[0232.697] RtlMoveMemory (in: Destination=0x665c230, Source=0x665aba0, Length=0x80 | out: Destination=0x665c230)
[0232.697] RtlMoveMemory (in: Destination=0x665c2b0, Source=0x665ab20, Length=0x80 | out: Destination=0x665c2b0)
[0232.697] RtlMoveMemory (in: Destination=0x665c330, Source=0x665aaa0, Length=0x80 | out: Destination=0x665c330)
[0232.697] RtlMoveMemory (in: Destination=0x665c3b0, Source=0x665aa20, Length=0x80 | out: Destination=0x665c3b0)
[0232.697] RtlMoveMemory (in: Destination=0x665c430, Source=0x665a9a0, Length=0x80 | out: Destination=0x665c430)
[0232.697] RtlMoveMemory (in: Destination=0x665c4b0, Source=0x665a920, Length=0x80 | out: Destination=0x665c4b0)
[0232.698] RtlMoveMemory (in: Destination=0x665c530, Source=0x665a8a0, Length=0x80 | out: Destination=0x665c530)
[0232.698] RtlMoveMemory (in: Destination=0x665c5b0, Source=0x665a820, Length=0x80 | out: Destination=0x665c5b0)
[0232.698] RtlMoveMemory (in: Destination=0x665c630, Source=0x665a7a0, Length=0x80 | out: Destination=0x665c630)
[0232.698] RtlMoveMemory (in: Destination=0x665c6b0, Source=0x665a720, Length=0x80 | out: Destination=0x665c6b0)
[0232.698] RtlMoveMemory (in: Destination=0x665c730, Source=0x665a6a0, Length=0x80 | out: Destination=0x665c730)
[0232.698] RtlMoveMemory (in: Destination=0x665c7b0, Source=0x665a620, Length=0x80 | out: Destination=0x665c7b0)
[0232.698] RtlMoveMemory (in: Destination=0x665c830, Source=0x665a5a0, Length=0x80 | out: Destination=0x665c830)
[0232.698] RtlMoveMemory (in: Destination=0x665c8b0, Source=0x665a520, Length=0x80 | out: Destination=0x665c8b0)
[0232.698] RtlMoveMemory (in: Destination=0x665c930, Source=0x665a4a0, Length=0x80 | out: Destination=0x665c930)
[0232.698] RtlMoveMemory (in: Destination=0x665c9b0, Source=0x665a420, Length=0x80 | out: Destination=0x665c9b0)
[0232.698] RtlMoveMemory (in: Destination=0x665ca30, Source=0x665a3a0, Length=0x80 | out: Destination=0x665ca30)
[0232.698] RtlMoveMemory (in: Destination=0x665cab0, Source=0x665a320, Length=0x80 | out: Destination=0x665cab0)
[0232.698] RtlMoveMemory (in: Destination=0x665cb30, Source=0x665a2a0, Length=0x80 | out: Destination=0x665cb30)
[0232.698] RtlMoveMemory (in: Destination=0x665cbb0, Source=0x665a220, Length=0x80 | out: Destination=0x665cbb0)
[0232.698] RtlMoveMemory (in: Destination=0x665cc30, Source=0x665a1a0, Length=0x80 | out: Destination=0x665cc30)
[0232.698] RtlMoveMemory (in: Destination=0x665ccb0, Source=0x665a120, Length=0x80 | out: Destination=0x665ccb0)
[0232.698] RtlMoveMemory (in: Destination=0x665cd30, Source=0x665a0a0, Length=0x80 | out: Destination=0x665cd30)
[0232.698] RtlMoveMemory (in: Destination=0x665cdb0, Source=0x665a020, Length=0x80 | out: Destination=0x665cdb0)
[0232.698] RtlMoveMemory (in: Destination=0x665ce30, Source=0x6659fa0, Length=0x80 | out: Destination=0x665ce30)
[0232.698] RtlMoveMemory (in: Destination=0x665ceb0, Source=0x6659f20, Length=0x80 | out: Destination=0x665ceb0)
[0232.698] GdipBitmapUnlockBits (bitmap=0x66023c8, lockedBitmapData=0x2d6cdd8) returned 0x0
[0232.698] GdipBitmapUnlockBits (bitmap=0x6603778, lockedBitmapData=0x2d6ce10) returned 0x0
[0232.699] GdipDisposeImage (image=0x66023c8) returned 0x0
[0232.699] DeleteObject (ho=0x80507fc) returned 1
[0232.699] DeleteObject (ho=0xa00507f3) returned 1
[0232.699] GetCurrentThreadId () returned 0xf50
[0232.699] GetCurrentThreadId () returned 0xf50
[0232.699] SetWindowPos (hWnd=0x1e02da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0232.699] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0232.699] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0232.700] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0232.700] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0232.700] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0232.700] GetWindowRect (in: hWnd=0x1e02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0232.700] GetParent (hWnd=0x1e02da) returned 0x1e02dc
[0232.700] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0232.700] InvalidateRect (hWnd=0x1e02da, lpRect=0x0, bErase=1) returned 1
[0232.700] GetWindowTextLengthW (hWnd=0x1e02da) returned 0
[0232.700] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0232.700] GetSystemMetrics (nIndex=42) returned 0
[0232.700] GetWindowTextW (in: hWnd=0x1e02da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0232.700] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0232.700] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0232.700] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0232.700] GetWindowRect (in: hWnd=0x1e02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0232.700] GetParent (hWnd=0x1e02da) returned 0x1e02dc
[0232.700] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0232.700] GetWindowTextLengthW (hWnd=0x1e02da) returned 0
[0232.700] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0232.700] GetSystemMetrics (nIndex=42) returned 0
[0232.700] GetWindowTextW (in: hWnd=0x1e02da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0232.700] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0232.701] GetWindowTextLengthW (hWnd=0x1e02da) returned 0
[0232.701] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0232.701] GetSystemMetrics (nIndex=42) returned 0
[0232.701] GetWindowTextW (in: hWnd=0x1e02da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0232.701] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0232.701] SetWindowTextW (hWnd=0x1e02da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0232.701] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xc, wParam=0x0, lParam=0x2d4c730) returned 0x1
[0232.701] InvalidateRect (hWnd=0x1e02da, lpRect=0x0, bErase=1) returned 1
[0232.701] GetCurrentThreadId () returned 0xf50
[0232.701] GetWindowThreadProcessId (in: hWnd=0x1e02da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0232.702] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0232.702] GdipImageForceValidation (image=0x6601018) returned 0x0
[0232.704] GdipGetImageRawFormat (image=0x6601018, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0232.704] GdipGetImageHeight (image=0x6601018, height=0xd7e824) returned 0x0
[0232.704] GdipGetImageWidth (image=0x6601018, width=0xd7e824) returned 0x0
[0232.704] GdipGetImageWidth (image=0x6601018, width=0xd7e810) returned 0x0
[0232.704] GdipGetImageHeight (image=0x6601018, height=0xd7e810) returned 0x0
[0232.704] GdipGetImageWidth (image=0x6601018, width=0xd7e800) returned 0x0
[0232.704] GdipGetImageHeight (image=0x6601018, height=0xd7e800) returned 0x0
[0232.704] GdipBitmapGetPixel (bitmap=0x6601018, x=0, y=15, color=0xd7e810) returned 0x0
[0232.704] GdipGetImageRawFormat (image=0x6601018, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0232.704] GdipGetImageWidth (image=0x6601018, width=0xd7e740) returned 0x0
[0232.704] GdipGetImageHeight (image=0x6601018, height=0xd7e740) returned 0x0
[0232.704] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0232.704] GdipGetImagePixelFormat (image=0x66019f0, format=0xd7e740) returned 0x0
[0232.704] GdipGetImageGraphicsContext (image=0x66019f0, graphics=0xd7e74c) returned 0x0
[0232.704] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0232.704] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0232.704] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0232.704] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601018, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0232.705] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0232.705] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.705] GdipDisposeImage (image=0x6601018) returned 0x0
[0232.705] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0232.706] GdipImageForceValidation (image=0x6601018) returned 0x0
[0232.707] GdipGetImageRawFormat (image=0x6601018, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0232.707] GdipGetImageHeight (image=0x6601018, height=0xd7e824) returned 0x0
[0232.708] GdipGetImageWidth (image=0x6601018, width=0xd7e824) returned 0x0
[0232.708] GdipGetImageWidth (image=0x6601018, width=0xd7e810) returned 0x0
[0232.708] GdipGetImageHeight (image=0x6601018, height=0xd7e810) returned 0x0
[0232.708] GdipGetImageWidth (image=0x6601018, width=0xd7e800) returned 0x0
[0232.708] GdipGetImageHeight (image=0x6601018, height=0xd7e800) returned 0x0
[0232.708] GdipBitmapGetPixel (bitmap=0x6601018, x=0, y=15, color=0xd7e810) returned 0x0
[0232.708] GdipGetImageRawFormat (image=0x6601018, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0232.708] GdipGetImageWidth (image=0x6601018, width=0xd7e740) returned 0x0
[0232.708] GdipGetImageHeight (image=0x6601018, height=0xd7e740) returned 0x0
[0232.708] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0232.708] GdipGetImagePixelFormat (image=0x6604150, format=0xd7e740) returned 0x0
[0232.708] GdipGetImageGraphicsContext (image=0x6604150, graphics=0xd7e74c) returned 0x0
[0232.708] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0232.708] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0232.708] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0232.708] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601018, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0232.708] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0232.708] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.709] GdipDisposeImage (image=0x6601018) returned 0x0
[0232.709] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.709] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0232.709] GetCurrentThreadId () returned 0xf50
[0232.709] GetCurrentThreadId () returned 0xf50
[0232.709] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.710] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0232.710] GetCurrentThreadId () returned 0xf50
[0232.710] GetCurrentThreadId () returned 0xf50
[0232.710] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.710] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0232.710] GetCurrentThreadId () returned 0xf50
[0232.710] GetCurrentThreadId () returned 0xf50
[0232.710] GetSystemMetrics (nIndex=5) returned 1
[0232.710] GetSystemMetrics (nIndex=6) returned 1
[0232.710] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.710] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0232.711] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.711] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0232.711] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.711] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0232.711] GetCurrentThreadId () returned 0xf50
[0232.711] GetCurrentThreadId () returned 0xf50
[0232.711] GetProcessWindowStation () returned 0x13c
[0232.711] GetCapture () returned 0x0
[0232.711] GetActiveWindow () returned 0x7005c
[0232.711] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0232.712] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.712] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0232.712] GetCursorPos (in: lpPoint=0x2d6df88 | out: lpPoint=0x2d6df88*(x=259, y=627)) returned 1
[0232.712] MonitorFromPoint (pt=0x103, dwFlags=0x273) returned 0x10001
[0232.712] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0232.712] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xa10107f3
[0232.712] GetDeviceCaps (hdc=0xa10107f3, index=12) returned 32
[0232.712] GetDeviceCaps (hdc=0xa10107f3, index=14) returned 1
[0232.712] DeleteDC (hdc=0xa10107f3) returned 1
[0232.712] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0232.713] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.713] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e02de
[0232.713] SetWindowLongW (hWnd=0x1e02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0232.713] GetWindowLongW (hWnd=0x1e02de, nIndex=-4) returned 1950089536
[0232.713] SetWindowLongW (hWnd=0x1e02de, nIndex=-4, dwNewLong=19946558) returned 1950089536
[0232.714] GetWindowLongW (hWnd=0x1e02de, nIndex=-4) returned 19946558
[0232.714] GetWindowLongW (hWnd=0x1e02de, nIndex=-16) returned 113770496
[0232.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0232.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0232.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0232.715] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0232.715] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0232.715] SetWindowTextW (hWnd=0x1e02de, lpString="Microsoft .NET Framework") returned 1
[0232.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xc, wParam=0x0, lParam=0x2c50f5c) returned 0x1
[0232.716] GetStartupInfoW (in: lpStartupInfo=0x2d6e2c4 | out: lpStartupInfo=0x2d6e2c4*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0232.718] GetParent (hWnd=0x1e02de) returned 0x0
[0232.718] SetWindowLongW (hWnd=0x1e02de, nIndex=-8, dwNewLong=0) returned 0
[0232.719] SendMessageW (hWnd=0x1e02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0232.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0232.719] SendMessageW (hWnd=0x1e02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0232.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0232.719] GetSystemMenu (hWnd=0x1e02de, bRevert=0) returned 0x84020f
[0232.719] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0232.719] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0232.719] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0232.719] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0232.720] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0232.720] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0232.720] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0232.720] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0232.720] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0232.720] SetWindowPos (hWnd=0x1e02de, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0232.720] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0232.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1e02de) returned 0x1
[0232.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0232.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0232.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0232.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0232.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0232.726] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1e02de, lParam=0x0) returned 0x0
[0232.726] GetCapture () returned 0x0
[0232.726] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0232.727] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0232.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0232.730] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0232.730] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0232.730] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0232.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0232.730] GetParent (hWnd=0x1e02de) returned 0x0
[0232.730] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0232.730] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0232.733] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0232.733] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0232.733] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0232.733] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0232.734] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0232.734] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0232.734] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0232.735] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.735] GetWindowLongW (hWnd=0x1e02de, nIndex=-16) returned 113770496
[0232.735] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.735] GetSystemMetrics (nIndex=42) returned 0
[0232.735] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0232.735] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.735] GetSystemMetrics (nIndex=42) returned 0
[0232.735] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0232.735] GetCursorPos (in: lpPoint=0x2d6e590 | out: lpPoint=0x2d6e590*(x=259, y=627)) returned 1
[0232.735] MonitorFromPoint (pt=0x103, dwFlags=0x273) returned 0x10001
[0232.735] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0232.735] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x4e0107d0
[0232.736] GetDeviceCaps (hdc=0x4e0107d0, index=12) returned 32
[0232.736] GetDeviceCaps (hdc=0x4e0107d0, index=14) returned 1
[0232.736] DeleteDC (hdc=0x4e0107d0) returned 1
[0232.736] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0232.736] GetWindowLongW (hWnd=0x1e02de, nIndex=-16) returned 113770496
[0232.736] GetWindowLongW (hWnd=0x1e02de, nIndex=-20) returned 327945
[0232.736] SetWindowLongW (hWnd=0x1e02de, nIndex=-16, dwNewLong=46661632) returned 113770496
[0232.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0232.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0232.737] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0232.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0232.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0232.738] SetWindowLongW (hWnd=0x1e02de, nIndex=-20, dwNewLong=327681) returned 327945
[0232.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0232.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0232.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0232.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0232.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0232.740] SetWindowPos (hWnd=0x1e02de, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0232.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0232.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0232.740] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0232.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0232.740] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0232.740] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0232.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0232.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0232.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0232.743] RedrawWindow (hWnd=0x1e02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0232.743] GetSystemMenu (hWnd=0x1e02de, bRevert=0) returned 0x84020f
[0232.743] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0232.743] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0232.743] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0232.743] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0232.743] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0232.743] EnableMenuItem (hMenu=0x84020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0232.743] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0232.743] GetWindowLongW (hWnd=0x1e02de, nIndex=-8) returned 0
[0232.743] SetWindowLongW (hWnd=0x1e02de, nIndex=-8, dwNewLong=458844) returned 0
[0232.744] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0232.744] GetProcessWindowStation () returned 0x13c
[0232.744] GetCurrentThreadId () returned 0xf50
[0232.744] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305cb6, lParam=0x0) returned 1
[0232.744] IsWindowVisible (hWnd=0x1e02de) returned 0
[0232.744] IsWindowVisible (hWnd=0x7005c) returned 1
[0232.744] IsWindowEnabled (hWnd=0x7005c) returned 1
[0232.745] IsWindowVisible (hWnd=0x300ec) returned 0
[0232.745] IsWindowVisible (hWnd=0x502c6) returned 0
[0232.745] IsWindowVisible (hWnd=0x502be) returned 0
[0232.745] GetActiveWindow () returned 0x1e02de
[0232.745] GetFocus () returned 0x1e02de
[0232.745] IsWindow (hWnd=0x7005c) returned 1
[0232.745] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0232.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0232.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0232.745] GetWindowLongW (hWnd=0x1e02de, nIndex=-8) returned 458844
[0232.745] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0232.745] GetCurrentThreadId () returned 0xf50
[0232.746] GetWindowLongW (hWnd=0x1e02de, nIndex=-8) returned 458844
[0232.746] IsWindowEnabled (hWnd=0x7005c) returned 0
[0232.746] IsWindowEnabled (hWnd=0x1e02de) returned 1
[0232.746] ShowWindow (hWnd=0x1e02de, nCmdShow=5) returned 0
[0232.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.746] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0232.746] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.746] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.746] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1e02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1402ce
[0232.747] SetWindowLongW (hWnd=0x1402ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0232.750] GetWindowLongW (hWnd=0x1402ce, nIndex=-4) returned 1950089536
[0232.750] SetWindowLongW (hWnd=0x1402ce, nIndex=-4, dwNewLong=19946758) returned 1950089536
[0232.750] GetWindowLongW (hWnd=0x1402ce, nIndex=-4) returned 19946758
[0232.750] GetWindowLongW (hWnd=0x1402ce, nIndex=-16) returned 1174405120
[0232.750] GetWindowLongW (hWnd=0x1402ce, nIndex=-12) returned 0
[0232.750] SetWindowLongW (hWnd=0x1402ce, nIndex=-12, dwNewLong=1311438) returned 0
[0232.750] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0232.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0232.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0232.751] GetWindow (hWnd=0x1402ce, uCmd=0x3) returned 0x0
[0232.751] GetClientRect (in: hWnd=0x1402ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0232.751] GetWindowRect (in: hWnd=0x1402ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0232.751] GetParent (hWnd=0x1402ce) returned 0x1e02de
[0232.751] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0232.752] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0232.752] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0232.752] GetClientRect (in: hWnd=0x1402ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0232.752] GetWindowRect (in: hWnd=0x1402ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0232.752] GetParent (hWnd=0x1402ce) returned 0x1e02de
[0232.752] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0232.752] SendMessageW (hWnd=0x1402ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1402ce) returned 0x0
[0232.752] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1402ce) returned 0x0
[0232.752] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.753] GetParent (hWnd=0x1402ce) returned 0x1e02de
[0232.753] GetParent (hWnd=0x1e02da) returned 0x1e02dc
[0232.753] SetParent (hWndChild=0x1e02da, hWndNewParent=0x1e02de) returned 0x1e02dc
[0232.753] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0232.753] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0232.754] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0232.754] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0232.754] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0232.754] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0232.754] GetWindowRect (in: hWnd=0x1e02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0232.754] GetParent (hWnd=0x1e02da) returned 0x1e02de
[0232.754] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0232.754] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0232.754] GetWindowRect (in: hWnd=0x1e02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0232.754] GetParent (hWnd=0x1e02da) returned 0x1e02de
[0232.755] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0232.755] GetParent (hWnd=0x1e02da) returned 0x1e02de
[0232.755] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.755] GetWindow (hWnd=0x1e02da, uCmd=0x3) returned 0x0
[0232.755] SetWindowPos (hWnd=0x1e02da, hWndInsertAfter=0x1402ce, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0232.755] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0232.755] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0232.756] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0232.756] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0232.756] GetWindowRect (in: hWnd=0x1e02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0232.756] GetParent (hWnd=0x1e02da) returned 0x1e02de
[0232.756] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0232.756] GetParent (hWnd=0x1e02da) returned 0x1e02de
[0232.756] GetWindow (hWnd=0x1e02da, uCmd=0x3) returned 0x1402ce
[0232.756] GetWindowThreadProcessId (in: hWnd=0x1e02da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0232.756] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0232.756] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.756] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.757] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1e02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2002d8
[0232.757] SetWindowLongW (hWnd=0x2002d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0232.757] GetWindowLongW (hWnd=0x2002d8, nIndex=-4) returned 1868032000
[0232.757] SetWindowLongW (hWnd=0x2002d8, nIndex=-4, dwNewLong=19946798) returned 1868032000
[0232.757] GetWindowLongW (hWnd=0x2002d8, nIndex=-4) returned 19946798
[0232.757] GetWindowLongW (hWnd=0x2002d8, nIndex=-16) returned 1174470667
[0232.757] GetWindowLongW (hWnd=0x2002d8, nIndex=-12) returned 0
[0232.757] SetWindowLongW (hWnd=0x2002d8, nIndex=-12, dwNewLong=2097880) returned 0
[0232.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0232.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0232.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0232.759] SendMessageW (hWnd=0x2002d8, Msg=0x2055, wParam=0x2002d8, lParam=0x3) returned 0x2
[0232.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0232.759] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0232.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0232.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0232.759] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0232.759] RedrawWindow (hWnd=0x1402ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0232.759] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0232.760] RedrawWindow (hWnd=0x1e02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0232.760] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0232.760] RedrawWindow (hWnd=0x2002d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0232.760] RedrawWindow (hWnd=0x1e02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0232.760] GetWindow (hWnd=0x2002d8, uCmd=0x3) returned 0x1e02da
[0232.760] GetClientRect (in: hWnd=0x2002d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0232.760] GetWindowRect (in: hWnd=0x2002d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0232.760] GetParent (hWnd=0x2002d8) returned 0x1e02de
[0232.760] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0232.760] SetWindowTextW (hWnd=0x2002d8, lpString="&Details") returned 1
[0232.760] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0232.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0232.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0232.761] GetClientRect (in: hWnd=0x2002d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0232.761] GetWindowRect (in: hWnd=0x2002d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0232.761] GetParent (hWnd=0x2002d8) returned 0x1e02de
[0232.761] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0232.761] SendMessageW (hWnd=0x2002d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2002d8) returned 0x0
[0232.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2002d8) returned 0x0
[0232.761] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.761] GetParent (hWnd=0x2002d8) returned 0x1e02de
[0232.761] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0232.762] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.762] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.762] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1e02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1802c8
[0232.762] SetWindowLongW (hWnd=0x1802c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0232.763] GetWindowLongW (hWnd=0x1802c8, nIndex=-4) returned 1868032000
[0232.763] SetWindowLongW (hWnd=0x1802c8, nIndex=-4, dwNewLong=19946878) returned 1868032000
[0232.763] GetWindowLongW (hWnd=0x1802c8, nIndex=-4) returned 19946878
[0232.763] GetWindowLongW (hWnd=0x1802c8, nIndex=-16) returned 1174470667
[0232.763] GetWindowLongW (hWnd=0x1802c8, nIndex=-12) returned 0
[0232.763] SetWindowLongW (hWnd=0x1802c8, nIndex=-12, dwNewLong=1573576) returned 0
[0232.763] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0232.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0232.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0232.765] SendMessageW (hWnd=0x1802c8, Msg=0x2055, wParam=0x1802c8, lParam=0x3) returned 0x2
[0232.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0232.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0232.765] GetWindow (hWnd=0x1802c8, uCmd=0x3) returned 0x2002d8
[0232.765] GetClientRect (in: hWnd=0x1802c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0232.765] GetWindowRect (in: hWnd=0x1802c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0232.765] GetParent (hWnd=0x1802c8) returned 0x1e02de
[0232.765] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0232.765] SetWindowTextW (hWnd=0x1802c8, lpString="&Continue") returned 1
[0232.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0232.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0232.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0232.766] GetClientRect (in: hWnd=0x1802c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0232.766] GetWindowRect (in: hWnd=0x1802c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0232.766] GetParent (hWnd=0x1802c8) returned 0x1e02de
[0232.766] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0232.766] SendMessageW (hWnd=0x1802c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1802c8) returned 0x0
[0232.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1802c8) returned 0x0
[0232.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.766] GetParent (hWnd=0x1802c8) returned 0x1e02de
[0232.766] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0232.767] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.767] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.767] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1e02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2100ea
[0232.767] SetWindowLongW (hWnd=0x2100ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0232.768] GetWindowLongW (hWnd=0x2100ea, nIndex=-4) returned 1868032000
[0232.768] SetWindowLongW (hWnd=0x2100ea, nIndex=-4, dwNewLong=19946958) returned 1868032000
[0232.768] GetWindowLongW (hWnd=0x2100ea, nIndex=-4) returned 19946958
[0232.768] GetWindowLongW (hWnd=0x2100ea, nIndex=-16) returned 1174470667
[0232.768] GetWindowLongW (hWnd=0x2100ea, nIndex=-12) returned 0
[0232.768] SetWindowLongW (hWnd=0x2100ea, nIndex=-12, dwNewLong=2162922) returned 0
[0232.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0232.769] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0232.769] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0232.770] SendMessageW (hWnd=0x2100ea, Msg=0x2055, wParam=0x2100ea, lParam=0x3) returned 0x2
[0232.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0232.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0232.770] GetWindow (hWnd=0x2100ea, uCmd=0x3) returned 0x1802c8
[0232.770] GetClientRect (in: hWnd=0x2100ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0232.770] GetWindowRect (in: hWnd=0x2100ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0232.770] GetParent (hWnd=0x2100ea) returned 0x1e02de
[0232.770] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0232.770] SetWindowTextW (hWnd=0x2100ea, lpString="&Quit") returned 1
[0232.770] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0232.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0232.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0232.771] GetClientRect (in: hWnd=0x2100ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0232.771] GetWindowRect (in: hWnd=0x2100ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0232.771] GetParent (hWnd=0x2100ea) returned 0x1e02de
[0232.771] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0232.771] SendMessageW (hWnd=0x2100ea, Msg=0x2210, wParam=0xea0001, lParam=0x2100ea) returned 0x0
[0232.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x2210, wParam=0xea0001, lParam=0x2100ea) returned 0x0
[0232.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.772] GetParent (hWnd=0x2100ea) returned 0x1e02de
[0232.772] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0232.772] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.773] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0232.773] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1e02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1302d0
[0232.773] SetWindowLongW (hWnd=0x1302d0, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0232.773] GetWindowLongW (hWnd=0x1302d0, nIndex=-4) returned 1868026976
[0232.773] SetWindowLongW (hWnd=0x1302d0, nIndex=-4, dwNewLong=19948318) returned 1868026976
[0232.773] GetWindowLongW (hWnd=0x1302d0, nIndex=-4) returned 19948318
[0232.773] GetWindowLongW (hWnd=0x1302d0, nIndex=-16) returned 1177553092
[0232.773] GetWindowLongW (hWnd=0x1302d0, nIndex=-12) returned 0
[0232.773] SetWindowLongW (hWnd=0x1302d0, nIndex=-12, dwNewLong=1245904) returned 0
[0232.774] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0232.774] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0232.775] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0232.827] GetWindow (hWnd=0x1302d0, uCmd=0x3) returned 0x2100ea
[0232.827] GetClientRect (in: hWnd=0x1302d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0232.827] GetWindowRect (in: hWnd=0x1302d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0232.827] GetParent (hWnd=0x1302d0) returned 0x1e02de
[0232.827] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0232.827] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.827] GetSystemMetrics (nIndex=42) returned 0
[0232.827] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0232.827] SendMessageW (hWnd=0x1302d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0232.827] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0232.831] SetWindowTextW (hWnd=0x1302d0, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0232.831] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0xc, wParam=0x0, lParam=0x2d6a24c) returned 0x1
[0232.833] GetSystemMetrics (nIndex=5) returned 1
[0232.833] GetSystemMetrics (nIndex=6) returned 1
[0232.833] SendMessageW (hWnd=0x1302d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0232.833] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0232.834] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0232.834] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0232.834] GetClientRect (in: hWnd=0x1302d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0232.834] GetWindowRect (in: hWnd=0x1302d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0232.834] GetParent (hWnd=0x1302d0) returned 0x1e02de
[0232.834] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02de, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0232.834] SendMessageW (hWnd=0x1302d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1302d0) returned 0x0
[0232.834] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1302d0) returned 0x0
[0232.835] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0232.835] GetParent (hWnd=0x1302d0) returned 0x1e02de
[0232.835] GetWindowLongW (hWnd=0x1e02de, nIndex=-8) returned 458844
[0232.835] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0232.835] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0232.835] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x550107d0
[0232.835] GetDeviceCaps (hdc=0x550107d0, index=12) returned 32
[0232.835] GetDeviceCaps (hdc=0x550107d0, index=14) returned 1
[0232.835] DeleteDC (hdc=0x550107d0) returned 1
[0232.835] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0232.835] GetWindowThreadProcessId (in: hWnd=0x1e02de, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0232.835] GetCurrentThreadId () returned 0xf50
[0232.836] PostMessageW (hWnd=0x1e02de, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0232.836] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.836] GetSystemMetrics (nIndex=42) returned 0
[0232.836] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0232.836] GdipImageGetFrameDimensionsCount (image=0x6603778, count=0xd7e25c) returned 0x0
[0232.836] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201208
[0232.836] GdipImageGetFrameDimensionsList (image=0x6603778, dimensionIDs=0x1201208*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x1, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0232.836] LocalFree (hMem=0x1201208) returned 0x0
[0232.836] GdipImageGetFrameDimensionsCount (image=0x66019f0, count=0xd7e250) returned 0x0
[0232.836] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200fe0
[0232.836] GdipImageGetFrameDimensionsList (image=0x66019f0, dimensionIDs=0x1200fe0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0232.836] LocalFree (hMem=0x1200fe0) returned 0x0
[0232.836] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0232.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0232.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0232.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0232.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0232.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0232.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0232.849] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0232.849] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0232.849] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.849] GetSystemMetrics (nIndex=42) returned 0
[0232.849] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0232.849] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0232.849] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0232.849] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0232.849] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0x200507a2
[0232.849] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0232.849] SaveDC (hdc=0x107b9) returned 1
[0232.849] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0232.849] CreateSolidBrush (color=0xf0f0f0) returned 0x611007e1
[0232.849] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x611007e1) returned 1
[0232.850] DeleteObject (ho=0x611007e1) returned 1
[0232.850] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0232.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0232.850] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0232.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0232.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0232.850] GetStockObject (i=5) returned 0x900015
[0232.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0232.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0232.851] GetStockObject (i=5) returned 0x900015
[0232.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0232.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0232.851] GetStockObject (i=5) returned 0x900015
[0232.851] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0232.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0232.851] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0232.851] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0232.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0232.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0232.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0232.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0232.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0232.853] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0232.853] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0232.853] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0232.853] InvalidateRect (hWnd=0x2002d8, lpRect=0x0, bErase=0) returned 1
[0232.853] GetFocus () returned 0x1e02de
[0232.853] GetFocus () returned 0x1e02de
[0232.854] SetFocus (hWnd=0x2002d8) returned 0x1e02de
[0232.855] GetFocus () returned 0x2002d8
[0232.855] IsChild (hWndParent=0x1e02de, hWnd=0x2002d8) returned 1
[0232.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x8, wParam=0x2002d8, lParam=0x0) returned 0x0
[0232.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0232.857] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0232.858] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0232.858] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x7, wParam=0x1e02de, lParam=0x0) returned 0x0
[0232.858] GetStockObject (i=5) returned 0x900015
[0232.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0232.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0232.859] GetDlgItem (hDlg=0x1e02de, nIDDlgItem=2097880) returned 0x2002d8
[0232.859] SendMessageW (hWnd=0x2002d8, Msg=0x202b, wParam=0x2002d8, lParam=0xd7e0dc) returned 0x0
[0232.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x202b, wParam=0x2002d8, lParam=0xd7e0dc) returned 0x0
[0232.859] InvalidateRect (hWnd=0x2002d8, lpRect=0x0, bErase=0) returned 1
[0232.861] GetFocus () returned 0x2002d8
[0232.861] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.861] IsWindowUnicode (hWnd=0x1e02de) returned 1
[0232.861] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.861] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.861] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.861] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0232.861] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.862] IsWindowUnicode (hWnd=0x1e02de) returned 1
[0232.862] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.862] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.862] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.862] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.862] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0232.863] IsWindowUnicode (hWnd=0x1e02de) returned 1
[0232.863] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.863] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.863] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.863] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.863] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.863] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.863] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.863] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.863] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0232.863] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0232.863] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.865] IsWindowUnicode (hWnd=0x1e02de) returned 1
[0232.865] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.865] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0232.865] SetCursor (hCursor=0x10003) returned 0x10003
[0232.865] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.865] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.865] _TrackMouseEvent (in: lpEventTrack=0x2d6f9b0 | out: lpEventTrack=0x2d6f9b0) returned 1
[0232.865] SendMessageW (hWnd=0x1802c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0232.865] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0232.865] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0232.865] GetKeyState (nVirtKey=1) returned 0
[0232.866] GetKeyState (nVirtKey=2) returned 0
[0232.866] GetKeyState (nVirtKey=4) returned 0
[0232.866] GetKeyState (nVirtKey=5) returned 0
[0232.866] GetKeyState (nVirtKey=6) returned 0
[0232.866] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.866] IsWindowUnicode (hWnd=0x1e02de) returned 1
[0232.866] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.866] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.866] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.866] BeginPaint (in: hWnd=0x1e02de, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0232.866] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.866] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.866] GetSystemMetrics (nIndex=42) returned 0
[0232.866] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0232.866] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.866] EndPaint (hWnd=0x1e02de, lpPaint=0xd7e274) returned 1
[0232.867] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.867] IsWindowUnicode (hWnd=0x1402ce) returned 1
[0232.867] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.867] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.867] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.867] BeginPaint (in: hWnd=0x1402ce, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0232.867] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.867] CreateCompatibleDC (hdc=0xc0107c5) returned 0x800107f8
[0232.867] SelectObject (hdc=0x800107f8, h=0x4a0507fe) returned 0x85000f
[0232.867] GdipCreateFromHDC (hdc=0x800107f8, graphics=0xd7e2b0) returned 0x0
[0232.867] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.867] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0232.867] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0232.867] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0232.868] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e310) returned 0x0
[0232.868] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0232.868] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0232.868] LocalFree (hMem=0x11ee8d8) returned 0x0
[0232.868] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0232.868] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0232.868] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0232.868] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e304) returned 0x0
[0232.868] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0232.868] GetWindowTextLengthW (hWnd=0x1402ce) returned 0
[0232.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0232.868] GetSystemMetrics (nIndex=42) returned 0
[0232.868] GetWindowTextW (in: hWnd=0x1402ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0232.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0232.868] GetClientRect (in: hWnd=0x1402ce, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0232.868] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0232.868] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0232.868] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0232.868] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0232.868] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e164) returned 0x0
[0232.868] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.868] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0232.868] LocalFree (hMem=0x11eec58) returned 0x0
[0232.869] GdipCombineRegionRegion (region=0x6645998, region2=0x6646178, combineMode=0x1) returned 0x0
[0232.869] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.869] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0232.869] LocalFree (hMem=0x11eec58) returned 0x0
[0232.869] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0232.869] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0232.869] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0232.869] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0232.869] GdipDeleteRegion (region=0x6645998) returned 0x0
[0232.869] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0232.869] GetCurrentObject (hdc=0x800107f8, type=0x1) returned 0xb00017
[0232.869] GetCurrentObject (hdc=0x800107f8, type=0x2) returned 0x900010
[0232.869] GetCurrentObject (hdc=0x800107f8, type=0x7) returned 0x4a0507fe
[0232.869] GetCurrentObject (hdc=0x800107f8, type=0x6) returned 0x8a01c2
[0232.869] SaveDC (hdc=0x800107f8) returned 1
[0232.869] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcb040807
[0232.869] GetClipRgn (hdc=0x800107f8, hrgn=0xcb040807) returned 0
[0232.869] SelectClipRgn (hdc=0x800107f8, hrgn=0x5a0407de) returned 2
[0232.869] DeleteObject (ho=0xcb040807) returned 1
[0232.869] DeleteObject (ho=0x5a0407de) returned 1
[0232.869] OffsetViewportOrgEx (in: hdc=0x800107f8, x=0, y=0, lppt=0x2d6fe74 | out: lppt=0x2d6fe74) returned 1
[0232.870] GetNearestColor (hdc=0x800107f8, color=0xf0f0f0) returned 0xf0f0f0
[0232.870] CreateSolidBrush (color=0xf0f0f0) returned 0x621007e1
[0232.870] FillRect (hDC=0x800107f8, lprc=0xd7e198, hbr=0x621007e1) returned 1
[0232.870] DeleteObject (ho=0x621007e1) returned 1
[0232.870] RestoreDC (hdc=0x800107f8, nSavedDC=-1) returned 1
[0232.870] GdipReleaseDC (graphics=0x6600030, hdc=0x800107f8) returned 0x0
[0232.870] GdipRestoreGraphics (graphics=0x6600030, state=0xf9260dbd) returned 0x0
[0232.870] GdipDeleteRegion (region=0x6646178) returned 0x0
[0232.870] GetWindowTextLengthW (hWnd=0x1402ce) returned 0
[0232.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0232.870] GetSystemMetrics (nIndex=42) returned 0
[0232.870] GetWindowTextW (in: hWnd=0x1402ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0232.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0232.870] GdipGetImageWidth (image=0x6603778, width=0xd7e1e0) returned 0x0
[0232.870] GdipGetImageHeight (image=0x6603778, height=0xd7e1e0) returned 0x0
[0232.870] GdipGetImageWidth (image=0x6603778, width=0xd7e1cc) returned 0x0
[0232.870] GdipGetImageHeight (image=0x6603778, height=0xd7e1cc) returned 0x0
[0232.870] GdipDrawImageRectI (graphics=0x6600030, image=0x6603778, x=16, y=16, width=32, height=32) returned 0x0
[0232.870] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0232.870] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0x800107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0232.871] GdipReleaseDC (graphics=0x6600030, hdc=0x800107f8) returned 0x0
[0232.871] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.871] SelectObject (hdc=0x800107f8, h=0x85000f) returned 0x4a0507fe
[0232.871] DeleteDC (hdc=0x800107f8) returned 1
[0232.871] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.871] EndPaint (hWnd=0x1402ce, lpPaint=0xd7e294) returned 1
[0232.871] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.871] IsWindowUnicode (hWnd=0x1e02da) returned 1
[0232.871] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.871] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.871] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.871] BeginPaint (in: hWnd=0x1e02da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0232.871] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.872] CreateCompatibleDC (hdc=0x60100ce) returned 0x820107f8
[0232.872] GetObjectType (h=0x60100ce) returned 0x3
[0232.872] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0xffffffffe405065e
[0232.872] GetDIBits (in: hdc=0x60100ce, hbm=0xe405065e, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0232.876] GetDIBits (in: hdc=0x60100ce, hbm=0xe405065e, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0232.876] DeleteObject (ho=0xe405065e) returned 1
[0232.876] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xcc0507eb
[0232.876] SelectObject (hdc=0x820107f8, h=0xcc0507eb) returned 0x85000f
[0232.876] GdipCreateFromHDC (hdc=0x820107f8, graphics=0xd7e234) returned 0x0
[0232.877] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.877] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0232.877] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0232.877] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0232.877] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2d4) returned 0x0
[0232.877] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0232.877] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eed00) returned 0x0
[0232.877] LocalFree (hMem=0x11eed00) returned 0x0
[0232.877] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0232.877] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0232.877] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0232.877] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0232.877] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0232.877] GetWindowTextLengthW (hWnd=0x1e02da) returned 232
[0232.877] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0232.877] GetSystemMetrics (nIndex=42) returned 0
[0232.877] GetWindowTextW (in: hWnd=0x1e02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0232.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0232.878] GetClientRect (in: hWnd=0x1e02da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0232.878] GdipCreateRegion (region=0xd7e110) returned 0x0
[0232.878] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0232.878] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0232.878] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0232.878] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e128) returned 0x0
[0232.878] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0232.878] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eead0) returned 0x0
[0232.878] LocalFree (hMem=0x11eead0) returned 0x0
[0232.878] GdipCombineRegionRegion (region=0x6645bd8, region2=0x6645ab8, combineMode=0x1) returned 0x0
[0232.878] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.878] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0232.878] LocalFree (hMem=0x11eec58) returned 0x0
[0232.878] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0232.878] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0232.878] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0232.878] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0232.878] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0232.878] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0232.878] GetCurrentObject (hdc=0x820107f8, type=0x1) returned 0xb00017
[0232.878] GetCurrentObject (hdc=0x820107f8, type=0x2) returned 0x900010
[0232.878] GetCurrentObject (hdc=0x820107f8, type=0x7) returned 0xffffffffcc0507eb
[0232.879] GetCurrentObject (hdc=0x820107f8, type=0x6) returned 0x8a01c2
[0232.879] SaveDC (hdc=0x820107f8) returned 1
[0232.879] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5b0407de
[0232.879] GetClipRgn (hdc=0x820107f8, hrgn=0x5b0407de) returned 0
[0232.879] SelectClipRgn (hdc=0x820107f8, hrgn=0xcc040807) returned 2
[0232.879] DeleteObject (ho=0x5b0407de) returned 1
[0232.879] DeleteObject (ho=0xcc040807) returned 1
[0232.879] OffsetViewportOrgEx (in: hdc=0x820107f8, x=0, y=0, lppt=0x2d7183c | out: lppt=0x2d7183c) returned 1
[0232.879] GetNearestColor (hdc=0x820107f8, color=0xf0f0f0) returned 0xf0f0f0
[0232.879] CreateSolidBrush (color=0xf0f0f0) returned 0x631007e1
[0232.879] FillRect (hDC=0x820107f8, lprc=0xd7e15c, hbr=0x631007e1) returned 1
[0232.880] DeleteObject (ho=0x631007e1) returned 1
[0232.880] RestoreDC (hdc=0x820107f8, nSavedDC=-1) returned 1
[0232.880] GdipReleaseDC (graphics=0x6600030, hdc=0x820107f8) returned 0x0
[0232.880] GdipRestoreGraphics (graphics=0x6600030, state=0xf9240dbd) returned 0x0
[0232.880] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0232.880] GetWindowTextLengthW (hWnd=0x1e02da) returned 232
[0232.880] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0232.880] GetSystemMetrics (nIndex=42) returned 0
[0232.880] GetWindowTextW (in: hWnd=0x1e02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0232.880] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0232.880] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0232.880] GetCurrentObject (hdc=0x820107f8, type=0x1) returned 0xb00017
[0232.880] GetCurrentObject (hdc=0x820107f8, type=0x2) returned 0x900010
[0232.880] GetCurrentObject (hdc=0x820107f8, type=0x7) returned 0xffffffffcc0507eb
[0232.880] GetCurrentObject (hdc=0x820107f8, type=0x6) returned 0x8a01c2
[0232.880] SaveDC (hdc=0x820107f8) returned 1
[0232.881] GetNearestColor (hdc=0x820107f8, color=0x0) returned 0x0
[0232.881] RestoreDC (hdc=0x820107f8, nSavedDC=-1) returned 1
[0232.881] GdipReleaseDC (graphics=0x6600030, hdc=0x820107f8) returned 0x0
[0232.881] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0232.881] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0232.881] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d72038 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0232.882] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0232.882] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0232.882] GetCurrentObject (hdc=0x820107f8, type=0x1) returned 0xb00017
[0232.882] GetCurrentObject (hdc=0x820107f8, type=0x2) returned 0x900010
[0232.882] GetCurrentObject (hdc=0x820107f8, type=0x7) returned 0xffffffffcc0507eb
[0232.882] GetCurrentObject (hdc=0x820107f8, type=0x6) returned 0x8a01c2
[0232.882] SaveDC (hdc=0x820107f8) returned 1
[0232.882] GetTextAlign (hdc=0x820107f8) returned 0x0
[0232.882] GetTextColor (hdc=0x820107f8) returned 0x0
[0232.882] GetCurrentObject (hdc=0x820107f8, type=0x6) returned 0x8a01c2
[0232.882] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0232.882] SelectObject (hdc=0x820107f8, h=0x6d0a0520) returned 0x8a01c2
[0232.882] GetBkMode (hdc=0x820107f8) returned 2
[0232.882] SetBkMode (hdc=0x820107f8, mode=1) returned 2
[0232.882] DrawTextExW (in: hdc=0x820107f8, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d7225c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0232.885] RestoreDC (hdc=0x820107f8, nSavedDC=-1) returned 1
[0232.885] GdipReleaseDC (graphics=0x6600030, hdc=0x820107f8) returned 0x0
[0232.885] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0232.885] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0x820107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0232.885] GdipReleaseDC (graphics=0x6600030, hdc=0x820107f8) returned 0x0
[0232.885] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.885] SelectObject (hdc=0x820107f8, h=0x85000f) returned 0xcc0507eb
[0232.885] DeleteDC (hdc=0x820107f8) returned 1
[0232.885] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.885] DeleteObject (ho=0xcc0507eb) returned 1
[0232.886] EndPaint (hWnd=0x1e02da, lpPaint=0xd7e258) returned 1
[0232.886] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.886] IsWindowUnicode (hWnd=0x2002d8) returned 1
[0232.886] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.886] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.886] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.886] BeginPaint (in: hWnd=0x2002d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0232.886] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.886] CreateCompatibleDC (hdc=0xf0105ee) returned 0xe601065e
[0232.887] SelectObject (hdc=0xe601065e, h=0x4a0507fe) returned 0x85000f
[0232.887] GdipCreateFromHDC (hdc=0xe601065e, graphics=0xd7e268) returned 0x0
[0232.887] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.887] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0232.887] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0232.887] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0232.887] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0232.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0232.887] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0232.887] LocalFree (hMem=0x11ee788) returned 0x0
[0232.887] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0232.887] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0232.887] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0232.887] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0232.887] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0232.887] GdipRestoreGraphics (graphics=0x6600030, state=0xf9220dbd) returned 0x0
[0232.927] GdipDeleteRegion (region=0x6645098) returned 0x0
[0232.927] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0232.927] GetCurrentObject (hdc=0xe601065e, type=0x1) returned 0xb00017
[0232.927] GetCurrentObject (hdc=0xe601065e, type=0x2) returned 0x900010
[0232.927] GetCurrentObject (hdc=0xe601065e, type=0x7) returned 0x4a0507fe
[0232.927] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.927] SaveDC (hdc=0xe601065e) returned 1
[0232.927] GetNearestColor (hdc=0xe601065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.927] GetNearestColor (hdc=0xe601065e, color=0xa0a0a0) returned 0xa0a0a0
[0232.927] GetNearestColor (hdc=0xe601065e, color=0x696969) returned 0x696969
[0232.927] GetNearestColor (hdc=0xe601065e, color=0xa0a0a0) returned 0xa0a0a0
[0232.928] GetNearestColor (hdc=0xe601065e, color=0x0) returned 0x0
[0232.928] GetNearestColor (hdc=0xe601065e, color=0xffffff) returned 0xffffff
[0232.928] GetNearestColor (hdc=0xe601065e, color=0xe5e5e5) returned 0xe5e5e5
[0232.928] GetNearestColor (hdc=0xe601065e, color=0xd7d7d7) returned 0xd7d7d7
[0232.928] GetNearestColor (hdc=0xe601065e, color=0x0) returned 0x0
[0232.928] RestoreDC (hdc=0xe601065e, nSavedDC=-1) returned 1
[0232.928] GdipReleaseDC (graphics=0x6600030, hdc=0xe601065e) returned 0x0
[0232.928] IsAppThemed () returned 0x1
[0232.928] GetThemeAppProperties () returned 0x3
[0232.928] GetThemeAppProperties () returned 0x3
[0232.928] GdipGetImageWidth (image=0x66019f0, width=0xd7e168) returned 0x0
[0232.928] GdipGetImageHeight (image=0x66019f0, height=0xd7e168) returned 0x0
[0232.928] IsAppThemed () returned 0x1
[0232.928] GetThemeAppProperties () returned 0x3
[0232.928] GetThemeAppProperties () returned 0x3
[0232.928] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d729ac | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0232.929] IsAppThemed () returned 0x1
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] IsAppThemed () returned 0x1
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetFocus () returned 0x2002d8
[0232.929] IsAppThemed () returned 0x1
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] IsAppThemed () returned 0x1
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] IsThemePartDefined () returned 0x1
[0232.929] IsAppThemed () returned 0x1
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0232.929] IsAppThemed () returned 0x1
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] IsAppThemed () returned 0x1
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] GetThemeAppProperties () returned 0x3
[0232.929] IsThemePartDefined () returned 0x1
[0232.929] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0232.929] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0232.930] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0232.930] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0232.930] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dff0) returned 0x0
[0232.930] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0232.930] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0232.930] LocalFree (hMem=0x11eea60) returned 0x0
[0232.930] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0232.930] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0232.930] LocalFree (hMem=0x11ee868) returned 0x0
[0232.930] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0232.930] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e018) returned 0x0
[0232.930] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e008) returned 0x0
[0232.930] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0232.930] GdipDeleteRegion (region=0x6645908) returned 0x0
[0232.930] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0232.930] GetCurrentObject (hdc=0xe601065e, type=0x1) returned 0xb00017
[0232.930] GetCurrentObject (hdc=0xe601065e, type=0x2) returned 0x900010
[0232.930] GetCurrentObject (hdc=0xe601065e, type=0x7) returned 0x4a0507fe
[0232.930] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.930] SaveDC (hdc=0xe601065e) returned 1
[0232.931] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcd040807
[0232.931] GetClipRgn (hdc=0xe601065e, hrgn=0xcd040807) returned 0
[0232.931] SelectClipRgn (hdc=0xe601065e, hrgn=0x5f0407de) returned 2
[0232.931] DeleteObject (ho=0xcd040807) returned 1
[0232.931] DeleteObject (ho=0x5f0407de) returned 1
[0232.931] OffsetViewportOrgEx (in: hdc=0xe601065e, x=0, y=0, lppt=0x2d7305c | out: lppt=0x2d7305c) returned 1
[0232.931] DrawThemeParentBackground () returned 0x0
[0232.931] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0232.931] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0232.931] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.931] GetSystemMetrics (nIndex=42) returned 0
[0232.931] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0232.931] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0232.931] GetCurrentObject (hdc=0xe601065e, type=0x1) returned 0xb00017
[0232.931] GetCurrentObject (hdc=0xe601065e, type=0x2) returned 0x900010
[0232.931] GetCurrentObject (hdc=0xe601065e, type=0x7) returned 0x4a0507fe
[0232.931] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.932] SaveDC (hdc=0xe601065e) returned 2
[0232.932] GetNearestColor (hdc=0xe601065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.932] CreateSolidBrush (color=0xf0f0f0) returned 0x641007e1
[0232.932] FillRect (hDC=0xe601065e, lprc=0xd7da38, hbr=0x641007e1) returned 1
[0232.932] DeleteObject (ho=0x641007e1) returned 1
[0232.932] RestoreDC (hdc=0xe601065e, nSavedDC=-1) returned 1
[0232.932] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.932] GetSystemMetrics (nIndex=42) returned 0
[0232.932] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0232.932] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0232.932] GetCurrentObject (hdc=0xe601065e, type=0x1) returned 0xb00017
[0232.932] GetCurrentObject (hdc=0xe601065e, type=0x2) returned 0x900010
[0232.932] GetCurrentObject (hdc=0xe601065e, type=0x7) returned 0x4a0507fe
[0232.932] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.932] SaveDC (hdc=0xe601065e) returned 2
[0232.932] GetNearestColor (hdc=0xe601065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.932] CreateSolidBrush (color=0xf0f0f0) returned 0x651007e1
[0232.932] FillRect (hDC=0xe601065e, lprc=0xd7d9d8, hbr=0x651007e1) returned 1
[0232.932] DeleteObject (ho=0x651007e1) returned 1
[0232.933] RestoreDC (hdc=0xe601065e, nSavedDC=-1) returned 1
[0232.933] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.933] GetSystemMetrics (nIndex=42) returned 0
[0232.933] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0232.933] RestoreDC (hdc=0xe601065e, nSavedDC=-1) returned 1
[0232.933] GdipReleaseDC (graphics=0x6600030, hdc=0xe601065e) returned 0x0
[0232.933] IsAppThemed () returned 0x1
[0232.933] GetThemeAppProperties () returned 0x3
[0232.933] GetThemeAppProperties () returned 0x3
[0232.933] IsAppThemed () returned 0x1
[0232.933] GetThemeAppProperties () returned 0x3
[0232.933] GetThemeAppProperties () returned 0x3
[0232.933] IsThemePartDefined () returned 0x1
[0232.933] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0232.933] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0232.933] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0232.933] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0232.933] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0232.933] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0232.934] LocalFree (hMem=0x11ee9f0) returned 0x0
[0232.934] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0232.934] LocalFree (hMem=0x11ee868) returned 0x0
[0232.934] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0232.934] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0232.934] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0232.934] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0232.934] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0232.934] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0232.934] GetCurrentObject (hdc=0xe601065e, type=0x1) returned 0xb00017
[0232.934] GetCurrentObject (hdc=0xe601065e, type=0x2) returned 0x900010
[0232.934] GetCurrentObject (hdc=0xe601065e, type=0x7) returned 0x4a0507fe
[0232.934] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.934] SaveDC (hdc=0xe601065e) returned 1
[0232.934] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x600407de
[0232.934] GetClipRgn (hdc=0xe601065e, hrgn=0x600407de) returned 0
[0232.938] SelectClipRgn (hdc=0xe601065e, hrgn=0xcf040807) returned 2
[0232.938] DeleteObject (ho=0x600407de) returned 1
[0232.938] DeleteObject (ho=0xcf040807) returned 1
[0232.938] OffsetViewportOrgEx (in: hdc=0xe601065e, x=0, y=0, lppt=0x2d739e0 | out: lppt=0x2d739e0) returned 1
[0232.938] IsAppThemed () returned 0x1
[0232.938] GetThemeAppProperties () returned 0x3
[0232.938] GetThemeAppProperties () returned 0x3
[0232.938] DrawThemeBackground () returned 0x0
[0232.938] RestoreDC (hdc=0xe601065e, nSavedDC=-1) returned 1
[0232.938] GdipReleaseDC (graphics=0x6600030, hdc=0xe601065e) returned 0x0
[0232.938] GdipCreateRegion (region=0xd7df60) returned 0x0
[0232.938] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0232.938] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0232.938] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0232.938] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0232.939] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0232.939] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0232.939] LocalFree (hMem=0x11eecc8) returned 0x0
[0232.939] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0232.939] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0232.939] LocalFree (hMem=0x11ee8d8) returned 0x0
[0232.939] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0232.939] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0232.939] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0232.939] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0232.939] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0232.939] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0232.939] GetCurrentObject (hdc=0xe601065e, type=0x1) returned 0xb00017
[0232.939] GetCurrentObject (hdc=0xe601065e, type=0x2) returned 0x900010
[0232.939] GetCurrentObject (hdc=0xe601065e, type=0x7) returned 0x4a0507fe
[0232.939] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.939] SaveDC (hdc=0xe601065e) returned 1
[0232.939] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd0040807
[0232.939] GetClipRgn (hdc=0xe601065e, hrgn=0xd0040807) returned 0
[0232.939] SelectClipRgn (hdc=0xe601065e, hrgn=0x610407de) returned 2
[0232.939] DeleteObject (ho=0xd0040807) returned 1
[0232.940] DeleteObject (ho=0x610407de) returned 1
[0232.940] OffsetViewportOrgEx (in: hdc=0xe601065e, x=0, y=0, lppt=0x2d73cb4 | out: lppt=0x2d73cb4) returned 1
[0232.940] IsAppThemed () returned 0x1
[0232.940] GetThemeAppProperties () returned 0x3
[0232.940] GetThemeAppProperties () returned 0x3
[0232.940] GetThemeBackgroundContentRect () returned 0x0
[0232.940] RestoreDC (hdc=0xe601065e, nSavedDC=-1) returned 1
[0232.940] GdipReleaseDC (graphics=0x6600030, hdc=0xe601065e) returned 0x0
[0232.940] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0232.940] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0232.940] GdipCloneRegion (region=0x6645bd8, cloneRegion=0xd7e150) returned 0x0
[0232.940] GdipCombineRegionRectI (region=0x6645098, rect=0xd7e138, combineMode=0x1) returned 0x0
[0232.940] GdipCombineRegionRectI (region=0x6645098, rect=0xd7e138, combineMode=0x1) returned 0x0
[0232.940] GdipSetClipRegion (graphics=0x6600030, region=0x6645098, combineMode=0x0) returned 0x0
[0232.940] GdipGetImageWidth (image=0x66019f0, width=0xd7e154) returned 0x0
[0232.940] GdipGetImageHeight (image=0x66019f0, height=0xd7e148) returned 0x0
[0232.940] GdipDrawImageRectI (graphics=0x6600030, image=0x66019f0, x=4, y=4, width=16, height=16) returned 0x0
[0232.940] GdipSetClipRegion (graphics=0x6600030, region=0x6645bd8, combineMode=0x0) returned 0x0
[0232.940] IsAppThemed () returned 0x1
[0232.940] GetThemeAppProperties () returned 0x3
[0232.940] GetThemeAppProperties () returned 0x3
[0232.940] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0232.941] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0232.941] GetCurrentObject (hdc=0xe601065e, type=0x1) returned 0xb00017
[0232.941] GetCurrentObject (hdc=0xe601065e, type=0x2) returned 0x900010
[0232.941] GetCurrentObject (hdc=0xe601065e, type=0x7) returned 0x4a0507fe
[0232.941] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.941] SaveDC (hdc=0xe601065e) returned 1
[0232.941] GetTextAlign (hdc=0xe601065e) returned 0x0
[0232.941] GetTextColor (hdc=0xe601065e) returned 0x0
[0232.941] GetCurrentObject (hdc=0xe601065e, type=0x6) returned 0x8a01c2
[0232.941] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0232.941] SelectObject (hdc=0xe601065e, h=0x6d0a0520) returned 0x8a01c2
[0232.941] GetBkMode (hdc=0xe601065e) returned 2
[0232.941] SetBkMode (hdc=0xe601065e, mode=1) returned 2
[0232.941] DrawTextExW (in: hdc=0xe601065e, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d74074 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0232.941] DrawTextExW (in: hdc=0xe601065e, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d74074 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0232.942] RestoreDC (hdc=0xe601065e, nSavedDC=-1) returned 1
[0232.942] GdipReleaseDC (graphics=0x6600030, hdc=0xe601065e) returned 0x0
[0232.942] GetFocus () returned 0x2002d8
[0232.942] IsAppThemed () returned 0x1
[0232.942] GetThemeAppProperties () returned 0x3
[0232.942] GetThemeAppProperties () returned 0x3
[0232.942] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0232.942] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xe601065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0232.942] GdipReleaseDC (graphics=0x6600030, hdc=0xe601065e) returned 0x0
[0232.942] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.942] SelectObject (hdc=0xe601065e, h=0x85000f) returned 0x4a0507fe
[0232.942] DeleteDC (hdc=0xe601065e) returned 1
[0232.942] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.943] EndPaint (hWnd=0x2002d8, lpPaint=0xd7e24c) returned 1
[0232.943] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0232.943] IsWindowUnicode (hWnd=0x30122) returned 1
[0232.943] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0232.944] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.944] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.944] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0232.945] IsWindowUnicode (hWnd=0x30122) returned 1
[0232.945] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.946] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.946] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.946] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.947] IsWindowUnicode (hWnd=0x1802c8) returned 1
[0232.947] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.947] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.947] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.947] BeginPaint (in: hWnd=0x1802c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0232.947] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.947] CreateCompatibleDC (hdc=0xc0107c5) returned 0xe801065e
[0232.947] SelectObject (hdc=0xe801065e, h=0x4a0507fe) returned 0x85000f
[0232.947] GdipCreateFromHDC (hdc=0xe801065e, graphics=0xd7e268) returned 0x0
[0232.947] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.947] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0232.947] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0232.947] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0232.947] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0232.947] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.948] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0232.948] LocalFree (hMem=0x11eec58) returned 0x0
[0232.948] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0232.948] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0232.948] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0232.948] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0232.948] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0232.948] GdipRestoreGraphics (graphics=0x6600030, state=0xf9200dbd) returned 0x0
[0232.948] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0232.948] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0232.948] GetCurrentObject (hdc=0xe801065e, type=0x1) returned 0xb00017
[0232.948] GetCurrentObject (hdc=0xe801065e, type=0x2) returned 0x900010
[0232.948] GetCurrentObject (hdc=0xe801065e, type=0x7) returned 0x4a0507fe
[0232.948] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.948] SaveDC (hdc=0xe801065e) returned 1
[0232.948] GetNearestColor (hdc=0xe801065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.948] GetNearestColor (hdc=0xe801065e, color=0xa0a0a0) returned 0xa0a0a0
[0232.948] GetNearestColor (hdc=0xe801065e, color=0x696969) returned 0x696969
[0232.948] GetNearestColor (hdc=0xe801065e, color=0xa0a0a0) returned 0xa0a0a0
[0232.948] GetNearestColor (hdc=0xe801065e, color=0x0) returned 0x0
[0232.949] GetNearestColor (hdc=0xe801065e, color=0xffffff) returned 0xffffff
[0232.949] GetNearestColor (hdc=0xe801065e, color=0xe5e5e5) returned 0xe5e5e5
[0232.949] GetNearestColor (hdc=0xe801065e, color=0xd7d7d7) returned 0xd7d7d7
[0232.949] GetNearestColor (hdc=0xe801065e, color=0x0) returned 0x0
[0232.949] RestoreDC (hdc=0xe801065e, nSavedDC=-1) returned 1
[0232.949] GdipReleaseDC (graphics=0x6600030, hdc=0xe801065e) returned 0x0
[0232.949] IsAppThemed () returned 0x1
[0232.949] GetThemeAppProperties () returned 0x3
[0232.949] GetThemeAppProperties () returned 0x3
[0232.949] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0232.949] SendMessageW (hWnd=0x1e02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0232.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0232.949] IsAppThemed () returned 0x1
[0232.949] GetThemeAppProperties () returned 0x3
[0232.949] GetThemeAppProperties () returned 0x3
[0232.949] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d74884 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0232.950] IsAppThemed () returned 0x1
[0232.950] GetThemeAppProperties () returned 0x3
[0232.950] GetThemeAppProperties () returned 0x3
[0232.950] IsAppThemed () returned 0x1
[0232.950] GetThemeAppProperties () returned 0x3
[0232.950] GetThemeAppProperties () returned 0x3
[0232.950] IsAppThemed () returned 0x1
[0232.950] GetThemeAppProperties () returned 0x3
[0232.950] GetThemeAppProperties () returned 0x3
[0232.950] IsAppThemed () returned 0x1
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] IsThemePartDefined () returned 0x1
[0232.956] IsAppThemed () returned 0x1
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0232.956] IsAppThemed () returned 0x1
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] IsAppThemed () returned 0x1
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] GetThemeAppProperties () returned 0x3
[0232.956] IsThemePartDefined () returned 0x1
[0232.956] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0232.956] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0232.956] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0232.956] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0232.956] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfe4) returned 0x0
[0232.956] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0232.956] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0232.956] LocalFree (hMem=0x11eea60) returned 0x0
[0232.957] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.957] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0232.957] LocalFree (hMem=0x11eec58) returned 0x0
[0232.957] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0232.957] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0232.957] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0232.957] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0232.957] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0232.957] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0232.957] GetCurrentObject (hdc=0xe801065e, type=0x1) returned 0xb00017
[0232.957] GetCurrentObject (hdc=0xe801065e, type=0x2) returned 0x900010
[0232.957] GetCurrentObject (hdc=0xe801065e, type=0x7) returned 0x4a0507fe
[0232.957] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.957] SaveDC (hdc=0xe801065e) returned 1
[0232.957] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x620407de
[0232.957] GetClipRgn (hdc=0xe801065e, hrgn=0x620407de) returned 0
[0232.957] SelectClipRgn (hdc=0xe801065e, hrgn=0xd4040807) returned 2
[0232.957] DeleteObject (ho=0x620407de) returned 1
[0232.957] DeleteObject (ho=0xd4040807) returned 1
[0232.957] OffsetViewportOrgEx (in: hdc=0xe801065e, x=0, y=0, lppt=0x2d74f34 | out: lppt=0x2d74f34) returned 1
[0232.958] DrawThemeParentBackground () returned 0x0
[0232.958] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0232.958] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0232.958] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.958] GetSystemMetrics (nIndex=42) returned 0
[0232.958] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0232.958] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0232.958] GetCurrentObject (hdc=0xe801065e, type=0x1) returned 0xb00017
[0232.958] GetCurrentObject (hdc=0xe801065e, type=0x2) returned 0x900010
[0232.958] GetCurrentObject (hdc=0xe801065e, type=0x7) returned 0x4a0507fe
[0232.958] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.958] SaveDC (hdc=0xe801065e) returned 2
[0232.958] GetNearestColor (hdc=0xe801065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.958] CreateSolidBrush (color=0xf0f0f0) returned 0x661007e1
[0232.958] FillRect (hDC=0xe801065e, lprc=0xd7da30, hbr=0x661007e1) returned 1
[0232.958] DeleteObject (ho=0x661007e1) returned 1
[0232.958] RestoreDC (hdc=0xe801065e, nSavedDC=-1) returned 1
[0232.959] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.959] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.959] GetSystemMetrics (nIndex=42) returned 0
[0232.959] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.959] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0232.959] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0232.959] GetCurrentObject (hdc=0xe801065e, type=0x1) returned 0xb00017
[0232.959] GetCurrentObject (hdc=0xe801065e, type=0x2) returned 0x900010
[0232.959] GetCurrentObject (hdc=0xe801065e, type=0x7) returned 0x4a0507fe
[0232.959] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.959] SaveDC (hdc=0xe801065e) returned 2
[0232.959] GetNearestColor (hdc=0xe801065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.959] CreateSolidBrush (color=0xf0f0f0) returned 0x671007e1
[0232.959] FillRect (hDC=0xe801065e, lprc=0xd7d9d0, hbr=0x671007e1) returned 1
[0232.959] DeleteObject (ho=0x671007e1) returned 1
[0232.959] RestoreDC (hdc=0xe801065e, nSavedDC=-1) returned 1
[0232.959] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.959] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.959] GetSystemMetrics (nIndex=42) returned 0
[0232.959] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0232.960] RestoreDC (hdc=0xe801065e, nSavedDC=-1) returned 1
[0232.960] GdipReleaseDC (graphics=0x6600030, hdc=0xe801065e) returned 0x0
[0232.960] IsAppThemed () returned 0x1
[0232.960] GetThemeAppProperties () returned 0x3
[0232.960] GetThemeAppProperties () returned 0x3
[0232.960] IsAppThemed () returned 0x1
[0232.960] GetThemeAppProperties () returned 0x3
[0232.960] GetThemeAppProperties () returned 0x3
[0232.960] IsThemePartDefined () returned 0x1
[0232.960] GdipCreateRegion (region=0xd7df50) returned 0x0
[0232.960] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0232.960] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0232.960] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0232.960] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df68) returned 0x0
[0232.960] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0232.960] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0232.960] LocalFree (hMem=0x11ee868) returned 0x0
[0232.960] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0232.960] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0232.961] LocalFree (hMem=0x11ee8d8) returned 0x0
[0232.961] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0232.961] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7df90) returned 0x0
[0232.961] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7df80) returned 0x0
[0232.961] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0232.961] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0232.961] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0232.961] GetCurrentObject (hdc=0xe801065e, type=0x1) returned 0xb00017
[0232.961] GetCurrentObject (hdc=0xe801065e, type=0x2) returned 0x900010
[0232.961] GetCurrentObject (hdc=0xe801065e, type=0x7) returned 0x4a0507fe
[0232.961] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.961] SaveDC (hdc=0xe801065e) returned 1
[0232.961] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd5040807
[0232.961] GetClipRgn (hdc=0xe801065e, hrgn=0xd5040807) returned 0
[0232.961] SelectClipRgn (hdc=0xe801065e, hrgn=0x640407de) returned 2
[0232.961] DeleteObject (ho=0xd5040807) returned 1
[0232.961] DeleteObject (ho=0x640407de) returned 1
[0232.961] OffsetViewportOrgEx (in: hdc=0xe801065e, x=0, y=0, lppt=0x2d758b8 | out: lppt=0x2d758b8) returned 1
[0232.961] IsAppThemed () returned 0x1
[0232.961] GetThemeAppProperties () returned 0x3
[0232.962] GetThemeAppProperties () returned 0x3
[0232.962] DrawThemeBackground () returned 0x0
[0232.962] RestoreDC (hdc=0xe801065e, nSavedDC=-1) returned 1
[0232.962] GdipReleaseDC (graphics=0x6600030, hdc=0xe801065e) returned 0x0
[0232.962] GdipCreateRegion (region=0xd7df54) returned 0x0
[0232.962] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0232.962] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0232.962] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0232.962] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df6c) returned 0x0
[0232.962] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.962] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0232.962] LocalFree (hMem=0x11eec58) returned 0x0
[0232.962] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0232.962] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0232.962] LocalFree (hMem=0x11ee788) returned 0x0
[0232.962] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0232.962] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0232.962] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0232.962] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0232.962] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0232.962] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0232.962] GetCurrentObject (hdc=0xe801065e, type=0x1) returned 0xb00017
[0232.962] GetCurrentObject (hdc=0xe801065e, type=0x2) returned 0x900010
[0232.962] GetCurrentObject (hdc=0xe801065e, type=0x7) returned 0x4a0507fe
[0232.963] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.963] SaveDC (hdc=0xe801065e) returned 1
[0232.963] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x650407de
[0232.963] GetClipRgn (hdc=0xe801065e, hrgn=0x650407de) returned 0
[0232.963] SelectClipRgn (hdc=0xe801065e, hrgn=0xd6040807) returned 2
[0232.963] DeleteObject (ho=0x650407de) returned 1
[0232.963] DeleteObject (ho=0xd6040807) returned 1
[0232.963] OffsetViewportOrgEx (in: hdc=0xe801065e, x=0, y=0, lppt=0x2d75b8c | out: lppt=0x2d75b8c) returned 1
[0232.963] IsAppThemed () returned 0x1
[0232.963] GetThemeAppProperties () returned 0x3
[0232.963] GetThemeAppProperties () returned 0x3
[0232.963] GetThemeBackgroundContentRect () returned 0x0
[0232.963] RestoreDC (hdc=0xe801065e, nSavedDC=-1) returned 1
[0232.963] GdipReleaseDC (graphics=0x6600030, hdc=0xe801065e) returned 0x0
[0232.963] IsAppThemed () returned 0x1
[0232.963] GetThemeAppProperties () returned 0x3
[0232.963] GetThemeAppProperties () returned 0x3
[0232.963] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0232.963] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0232.963] GetCurrentObject (hdc=0xe801065e, type=0x1) returned 0xb00017
[0232.963] GetCurrentObject (hdc=0xe801065e, type=0x2) returned 0x900010
[0232.964] GetCurrentObject (hdc=0xe801065e, type=0x7) returned 0x4a0507fe
[0232.964] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.964] SaveDC (hdc=0xe801065e) returned 1
[0232.964] GetTextAlign (hdc=0xe801065e) returned 0x0
[0232.964] GetTextColor (hdc=0xe801065e) returned 0x0
[0232.964] GetCurrentObject (hdc=0xe801065e, type=0x6) returned 0x8a01c2
[0232.964] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0232.964] SelectObject (hdc=0xe801065e, h=0x6d0a0520) returned 0x8a01c2
[0232.964] GetBkMode (hdc=0xe801065e) returned 2
[0232.964] SetBkMode (hdc=0xe801065e, mode=1) returned 2
[0232.964] DrawTextExW (in: hdc=0xe801065e, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d75f2c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0232.964] DrawTextExW (in: hdc=0xe801065e, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d75f2c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0232.965] RestoreDC (hdc=0xe801065e, nSavedDC=-1) returned 1
[0232.965] GdipReleaseDC (graphics=0x6600030, hdc=0xe801065e) returned 0x0
[0232.965] GetFocus () returned 0x2002d8
[0232.965] IsAppThemed () returned 0x1
[0232.965] GetThemeAppProperties () returned 0x3
[0232.965] GetThemeAppProperties () returned 0x3
[0232.965] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0232.965] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xe801065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0232.965] GdipReleaseDC (graphics=0x6600030, hdc=0xe801065e) returned 0x0
[0232.965] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.965] SelectObject (hdc=0xe801065e, h=0x85000f) returned 0x4a0507fe
[0232.965] DeleteDC (hdc=0xe801065e) returned 1
[0232.965] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.965] EndPaint (hWnd=0x1802c8, lpPaint=0xd7e24c) returned 1
[0232.966] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.966] IsWindowUnicode (hWnd=0x2100ea) returned 1
[0232.966] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.966] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.966] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.966] BeginPaint (in: hWnd=0x2100ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0232.966] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.966] CreateCompatibleDC (hdc=0x60100ce) returned 0xea01065e
[0232.966] SelectObject (hdc=0xea01065e, h=0x4a0507fe) returned 0x85000f
[0232.967] GdipCreateFromHDC (hdc=0xea01065e, graphics=0xd7e268) returned 0x0
[0232.967] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.967] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0232.967] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0232.967] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0232.967] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0232.967] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0232.967] LocalFree (hMem=0x11eecc8) returned 0x0
[0232.967] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0232.967] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0232.967] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0232.967] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0232.967] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0232.967] GdipRestoreGraphics (graphics=0x6600030, state=0xf91e0dbd) returned 0x0
[0232.967] GdipDeleteRegion (region=0x6645248) returned 0x0
[0232.967] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0232.967] GetCurrentObject (hdc=0xea01065e, type=0x1) returned 0xb00017
[0232.967] GetCurrentObject (hdc=0xea01065e, type=0x2) returned 0x900010
[0232.967] GetCurrentObject (hdc=0xea01065e, type=0x7) returned 0x4a0507fe
[0232.967] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.968] SaveDC (hdc=0xea01065e) returned 1
[0232.968] GetNearestColor (hdc=0xea01065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.968] GetNearestColor (hdc=0xea01065e, color=0xa0a0a0) returned 0xa0a0a0
[0232.968] GetNearestColor (hdc=0xea01065e, color=0x696969) returned 0x696969
[0232.968] GetNearestColor (hdc=0xea01065e, color=0xa0a0a0) returned 0xa0a0a0
[0232.968] GetNearestColor (hdc=0xea01065e, color=0x0) returned 0x0
[0232.968] GetNearestColor (hdc=0xea01065e, color=0xffffff) returned 0xffffff
[0232.968] GetNearestColor (hdc=0xea01065e, color=0xe5e5e5) returned 0xe5e5e5
[0232.968] GetNearestColor (hdc=0xea01065e, color=0xd7d7d7) returned 0xd7d7d7
[0232.968] GetNearestColor (hdc=0xea01065e, color=0x0) returned 0x0
[0232.968] RestoreDC (hdc=0xea01065e, nSavedDC=-1) returned 1
[0232.968] GdipReleaseDC (graphics=0x6600030, hdc=0xea01065e) returned 0x0
[0232.968] IsAppThemed () returned 0x1
[0232.968] GetThemeAppProperties () returned 0x3
[0232.968] GetThemeAppProperties () returned 0x3
[0232.968] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0232.968] SendMessageW (hWnd=0x1e02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0232.968] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0232.968] IsAppThemed () returned 0x1
[0232.968] GetThemeAppProperties () returned 0x3
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d7673c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0232.969] IsAppThemed () returned 0x1
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] IsAppThemed () returned 0x1
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] GetFocus () returned 0x2002d8
[0232.969] IsAppThemed () returned 0x1
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] IsAppThemed () returned 0x1
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] IsThemePartDefined () returned 0x1
[0232.969] IsAppThemed () returned 0x1
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] GetThemeAppProperties () returned 0x3
[0232.969] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0232.969] IsAppThemed () returned 0x1
[0232.969] GetThemeAppProperties () returned 0x3
[0232.970] GetThemeAppProperties () returned 0x3
[0232.970] IsAppThemed () returned 0x1
[0232.970] GetThemeAppProperties () returned 0x3
[0232.970] GetThemeAppProperties () returned 0x3
[0232.970] IsThemePartDefined () returned 0x1
[0232.970] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0232.970] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0232.970] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0232.970] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0232.970] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0232.970] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea60) returned 0x0
[0232.970] LocalFree (hMem=0x11eea60) returned 0x0
[0232.970] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0232.970] LocalFree (hMem=0x11eec58) returned 0x0
[0232.970] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0232.970] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e018) returned 0x0
[0232.970] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e008) returned 0x0
[0232.970] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0232.970] GdipDeleteRegion (region=0x6645248) returned 0x0
[0232.970] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0232.970] GetCurrentObject (hdc=0xea01065e, type=0x1) returned 0xb00017
[0232.970] GetCurrentObject (hdc=0xea01065e, type=0x2) returned 0x900010
[0232.970] GetCurrentObject (hdc=0xea01065e, type=0x7) returned 0x4a0507fe
[0232.970] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.970] SaveDC (hdc=0xea01065e) returned 1
[0232.970] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd7040807
[0232.970] GetClipRgn (hdc=0xea01065e, hrgn=0xd7040807) returned 0
[0232.971] SelectClipRgn (hdc=0xea01065e, hrgn=0x690407de) returned 2
[0232.971] DeleteObject (ho=0xd7040807) returned 1
[0232.971] DeleteObject (ho=0x690407de) returned 1
[0232.971] OffsetViewportOrgEx (in: hdc=0xea01065e, x=0, y=0, lppt=0x2d76dec | out: lppt=0x2d76dec) returned 1
[0232.971] DrawThemeParentBackground () returned 0x0
[0232.971] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0232.971] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0232.971] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.971] GetSystemMetrics (nIndex=42) returned 0
[0232.971] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0232.971] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0232.971] GetCurrentObject (hdc=0xea01065e, type=0x1) returned 0xb00017
[0232.971] GetCurrentObject (hdc=0xea01065e, type=0x2) returned 0x900010
[0232.971] GetCurrentObject (hdc=0xea01065e, type=0x7) returned 0x4a0507fe
[0232.971] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.971] SaveDC (hdc=0xea01065e) returned 2
[0232.972] GetNearestColor (hdc=0xea01065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.972] CreateSolidBrush (color=0xf0f0f0) returned 0x681007e1
[0232.972] FillRect (hDC=0xea01065e, lprc=0xd7da38, hbr=0x681007e1) returned 1
[0232.972] DeleteObject (ho=0x681007e1) returned 1
[0232.972] RestoreDC (hdc=0xea01065e, nSavedDC=-1) returned 1
[0232.972] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.972] GetSystemMetrics (nIndex=42) returned 0
[0232.972] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0232.972] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0232.972] GetCurrentObject (hdc=0xea01065e, type=0x1) returned 0xb00017
[0232.972] GetCurrentObject (hdc=0xea01065e, type=0x2) returned 0x900010
[0232.972] GetCurrentObject (hdc=0xea01065e, type=0x7) returned 0x4a0507fe
[0232.972] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.972] SaveDC (hdc=0xea01065e) returned 2
[0232.972] GetNearestColor (hdc=0xea01065e, color=0xf0f0f0) returned 0xf0f0f0
[0232.972] CreateSolidBrush (color=0xf0f0f0) returned 0x691007e1
[0232.972] FillRect (hDC=0xea01065e, lprc=0xd7d9d8, hbr=0x691007e1) returned 1
[0232.972] DeleteObject (ho=0x691007e1) returned 1
[0232.972] RestoreDC (hdc=0xea01065e, nSavedDC=-1) returned 1
[0232.973] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0232.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0232.973] GetSystemMetrics (nIndex=42) returned 0
[0232.973] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0232.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0232.973] RestoreDC (hdc=0xea01065e, nSavedDC=-1) returned 1
[0232.973] GdipReleaseDC (graphics=0x6600030, hdc=0xea01065e) returned 0x0
[0232.973] IsAppThemed () returned 0x1
[0232.973] GetThemeAppProperties () returned 0x3
[0232.973] GetThemeAppProperties () returned 0x3
[0232.973] IsAppThemed () returned 0x1
[0232.973] GetThemeAppProperties () returned 0x3
[0232.973] GetThemeAppProperties () returned 0x3
[0232.973] IsThemePartDefined () returned 0x1
[0232.973] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0232.973] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0232.973] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0232.973] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0232.973] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0232.973] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0232.973] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee8d8) returned 0x0
[0232.974] LocalFree (hMem=0x11ee8d8) returned 0x0
[0232.974] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0232.974] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0232.974] LocalFree (hMem=0x11ee788) returned 0x0
[0232.974] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0232.974] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0232.974] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0232.974] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0232.974] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0232.974] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0232.974] GetCurrentObject (hdc=0xea01065e, type=0x1) returned 0xb00017
[0232.974] GetCurrentObject (hdc=0xea01065e, type=0x2) returned 0x900010
[0232.974] GetCurrentObject (hdc=0xea01065e, type=0x7) returned 0x4a0507fe
[0232.974] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.974] SaveDC (hdc=0xea01065e) returned 1
[0232.974] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6a0407de
[0232.974] GetClipRgn (hdc=0xea01065e, hrgn=0x6a0407de) returned 0
[0232.974] SelectClipRgn (hdc=0xea01065e, hrgn=0xd9040807) returned 2
[0232.974] DeleteObject (ho=0x6a0407de) returned 1
[0232.974] DeleteObject (ho=0xd9040807) returned 1
[0232.974] OffsetViewportOrgEx (in: hdc=0xea01065e, x=0, y=0, lppt=0x2d77770 | out: lppt=0x2d77770) returned 1
[0232.975] IsAppThemed () returned 0x1
[0232.975] GetThemeAppProperties () returned 0x3
[0232.975] GetThemeAppProperties () returned 0x3
[0232.975] DrawThemeBackground () returned 0x0
[0232.975] RestoreDC (hdc=0xea01065e, nSavedDC=-1) returned 1
[0232.975] GdipReleaseDC (graphics=0x6600030, hdc=0xea01065e) returned 0x0
[0232.975] GdipCreateRegion (region=0xd7df60) returned 0x0
[0232.975] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0232.975] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0232.975] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0232.975] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0232.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.975] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0232.975] LocalFree (hMem=0x11eec58) returned 0x0
[0232.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.975] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0232.975] LocalFree (hMem=0x11eec58) returned 0x0
[0232.975] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0232.975] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0232.975] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df90) returned 0x0
[0232.975] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0232.975] GdipDeleteRegion (region=0x6645368) returned 0x0
[0232.975] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0232.976] GetCurrentObject (hdc=0xea01065e, type=0x1) returned 0xb00017
[0232.976] GetCurrentObject (hdc=0xea01065e, type=0x2) returned 0x900010
[0232.976] GetCurrentObject (hdc=0xea01065e, type=0x7) returned 0x4a0507fe
[0232.976] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.976] SaveDC (hdc=0xea01065e) returned 1
[0232.976] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xda040807
[0232.976] GetClipRgn (hdc=0xea01065e, hrgn=0xda040807) returned 0
[0232.976] SelectClipRgn (hdc=0xea01065e, hrgn=0x6b0407de) returned 2
[0232.976] DeleteObject (ho=0xda040807) returned 1
[0232.976] DeleteObject (ho=0x6b0407de) returned 1
[0232.976] OffsetViewportOrgEx (in: hdc=0xea01065e, x=0, y=0, lppt=0x2d77a44 | out: lppt=0x2d77a44) returned 1
[0232.976] IsAppThemed () returned 0x1
[0232.976] GetThemeAppProperties () returned 0x3
[0232.976] GetThemeAppProperties () returned 0x3
[0232.976] GetThemeBackgroundContentRect () returned 0x0
[0232.976] RestoreDC (hdc=0xea01065e, nSavedDC=-1) returned 1
[0232.976] GdipReleaseDC (graphics=0x6600030, hdc=0xea01065e) returned 0x0
[0232.976] IsAppThemed () returned 0x1
[0232.976] GetThemeAppProperties () returned 0x3
[0232.976] GetThemeAppProperties () returned 0x3
[0232.976] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0232.977] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0232.977] GetCurrentObject (hdc=0xea01065e, type=0x1) returned 0xb00017
[0232.977] GetCurrentObject (hdc=0xea01065e, type=0x2) returned 0x900010
[0232.977] GetCurrentObject (hdc=0xea01065e, type=0x7) returned 0x4a0507fe
[0232.977] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.977] SaveDC (hdc=0xea01065e) returned 1
[0232.977] GetTextAlign (hdc=0xea01065e) returned 0x0
[0232.977] GetTextColor (hdc=0xea01065e) returned 0x0
[0232.977] GetCurrentObject (hdc=0xea01065e, type=0x6) returned 0x8a01c2
[0232.977] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0232.977] SelectObject (hdc=0xea01065e, h=0x6d0a0520) returned 0x8a01c2
[0232.977] GetBkMode (hdc=0xea01065e) returned 2
[0232.977] SetBkMode (hdc=0xea01065e, mode=1) returned 2
[0232.977] DrawTextExW (in: hdc=0xea01065e, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d77de4 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0232.977] DrawTextExW (in: hdc=0xea01065e, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d77de4 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0232.978] RestoreDC (hdc=0xea01065e, nSavedDC=-1) returned 1
[0232.978] GdipReleaseDC (graphics=0x6600030, hdc=0xea01065e) returned 0x0
[0232.978] GetFocus () returned 0x2002d8
[0232.978] IsAppThemed () returned 0x1
[0232.978] GetThemeAppProperties () returned 0x3
[0232.978] GetThemeAppProperties () returned 0x3
[0232.978] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0232.978] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xea01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0232.978] GdipReleaseDC (graphics=0x6600030, hdc=0xea01065e) returned 0x0
[0232.978] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0232.978] SelectObject (hdc=0xea01065e, h=0x85000f) returned 0x4a0507fe
[0232.978] DeleteDC (hdc=0xea01065e) returned 1
[0232.978] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0232.978] EndPaint (hWnd=0x2100ea, lpPaint=0xd7e24c) returned 1
[0232.979] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.979] IsWindowUnicode (hWnd=0x602c4) returned 1
[0232.979] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0232.979] TranslateMessage (lpMsg=0xd7e808) returned 0
[0232.979] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0232.979] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0232.979] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.979] CreateCompatibleDC (hdc=0xf0105ee) returned 0xec01065e
[0232.979] SelectObject (hdc=0xec01065e, h=0x4a0507fe) returned 0x85000f
[0232.979] GdipCreateFromHDC (hdc=0xec01065e, graphics=0xd7e268) returned 0x0
[0232.979] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0232.979] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0232.979] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0232.980] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0232.980] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0232.980] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0232.980] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0232.980] LocalFree (hMem=0x11eec58) returned 0x0
[0232.980] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0232.980] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0232.980] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0232.980] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0232.980] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0232.980] GdipRestoreGraphics (graphics=0x6600030, state=0xf91c0dbd) returned 0x0
[0232.980] GdipDeleteRegion (region=0x6645368) returned 0x0
[0232.980] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0232.980] GetCurrentObject (hdc=0xec01065e, type=0x1) returned 0xb00017
[0232.980] GetCurrentObject (hdc=0xec01065e, type=0x2) returned 0x900010
[0232.980] GetCurrentObject (hdc=0xec01065e, type=0x7) returned 0x4a0507fe
[0232.980] GetCurrentObject (hdc=0xec01065e, type=0x6) returned 0x8a01c2
[0232.980] SaveDC (hdc=0xec01065e) returned 1
[0232.980] GetNearestColor (hdc=0xec01065e, color=0xff) returned 0xff
[0232.980] GetNearestColor (hdc=0xec01065e, color=0x55) returned 0x55
[0232.980] GetNearestColor (hdc=0xec01065e, color=0x0) returned 0x0
[0232.981] GetNearestColor (hdc=0xec01065e, color=0x55) returned 0x55
[0232.981] GetNearestColor (hdc=0xec01065e, color=0x0) returned 0x0
[0232.981] GetNearestColor (hdc=0xec01065e, color=0x8080ff) returned 0x8080ff
[0232.981] GetNearestColor (hdc=0xec01065e, color=0x7373e5) returned 0x7373e5
[0232.981] GetNearestColor (hdc=0xec01065e, color=0xe5) returned 0xe5
[0232.981] GetNearestColor (hdc=0xec01065e, color=0x0) returned 0x0
[0232.981] RestoreDC (hdc=0xec01065e, nSavedDC=-1) returned 1
[0232.981] GdipReleaseDC (graphics=0x6600030, hdc=0xec01065e) returned 0x0
[0232.981] IsAppThemed () returned 0x1
[0232.981] GetThemeAppProperties () returned 0x3
[0232.981] GetThemeAppProperties () returned 0x3
[0232.981] IsAppThemed () returned 0x1
[0232.986] GetThemeAppProperties () returned 0x3
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d785ac | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0232.987] IsAppThemed () returned 0x1
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] IsAppThemed () returned 0x1
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] GetFocus () returned 0x2002d8
[0232.987] IsAppThemed () returned 0x1
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] IsAppThemed () returned 0x1
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] IsThemePartDefined () returned 0x1
[0232.987] IsAppThemed () returned 0x1
[0232.987] GetThemeAppProperties () returned 0x3
[0232.987] GetThemeAppProperties () returned 0x3
[0232.988] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0232.988] IsAppThemed () returned 0x1
[0232.988] GetThemeAppProperties () returned 0x3
[0232.988] GetThemeAppProperties () returned 0x3
[0232.988] IsAppThemed () returned 0x1
[0232.988] GetThemeAppProperties () returned 0x3
[0232.988] GetThemeAppProperties () returned 0x3
[0232.988] IsThemePartDefined () returned 0x1
[0232.988] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0232.988] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0232.988] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0232.988] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0232.988] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0232.988] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0232.988] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0232.988] LocalFree (hMem=0x11ee788) returned 0x0
[0232.988] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0232.988] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0232.988] LocalFree (hMem=0x11ee868) returned 0x0
[0232.988] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0232.988] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e018) returned 0x0
[0232.988] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e008) returned 0x0
[0232.988] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0232.988] GdipDeleteRegion (region=0x6645518) returned 0x0
[0232.989] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0232.989] GetCurrentObject (hdc=0xec01065e, type=0x1) returned 0xb00017
[0232.989] GetCurrentObject (hdc=0xec01065e, type=0x2) returned 0x900010
[0232.989] GetCurrentObject (hdc=0xec01065e, type=0x7) returned 0x4a0507fe
[0232.989] GetCurrentObject (hdc=0xec01065e, type=0x6) returned 0x8a01c2
[0232.989] SaveDC (hdc=0xec01065e) returned 1
[0232.989] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6c0407de
[0232.989] GetClipRgn (hdc=0xec01065e, hrgn=0x6c0407de) returned 0
[0232.989] SelectClipRgn (hdc=0xec01065e, hrgn=0xde040807) returned 2
[0232.989] DeleteObject (ho=0x6c0407de) returned 1
[0232.989] DeleteObject (ho=0xde040807) returned 1
[0232.989] OffsetViewportOrgEx (in: hdc=0xec01065e, x=0, y=0, lppt=0x2d78c5c | out: lppt=0x2d78c5c) returned 1
[0232.989] DrawThemeParentBackground () returned 0x0
[0232.989] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0232.989] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0232.989] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0232.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0232.989] GetSystemMetrics (nIndex=42) returned 0
[0232.990] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0232.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0232.990] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0232.990] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0232.990] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0232.990] SelectPalette (hdc=0xec01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0232.990] GdipCreateFromHDC (hdc=0xec01065e, graphics=0xd7dac8) returned 0x0
[0232.990] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0232.990] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0232.990] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cf8) returned 0x0
[0232.990] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7daa0) returned 0x0
[0232.990] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0232.990] GdipCreateRegion (region=0xd7da88) returned 0x0
[0232.990] GdipGetClip (graphics=0x663e568, region=0x6645d88) returned 0x0
[0232.990] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x663e568, result=0xd7da94) returned 0x0
[0232.990] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0232.990] GdipSaveGraphics (graphics=0x663e568, state=0xd7dac0) returned 0x0
[0232.990] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0232.996] GdipFillRectangleI (graphics=0x663e568, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0232.996] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0233.002] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0233.002] SelectPalette (hdc=0xec01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0233.002] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0233.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0233.002] GetSystemMetrics (nIndex=42) returned 0
[0233.002] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0233.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0233.002] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0233.002] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0233.002] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0233.002] SelectPalette (hdc=0xec01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0233.003] GdipCreateFromHDC (hdc=0xec01065e, graphics=0xd7da68) returned 0x0
[0233.003] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0233.003] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0233.003] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c08) returned 0x0
[0233.003] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7da40) returned 0x0
[0233.003] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0233.003] GdipCreateRegion (region=0xd7da28) returned 0x0
[0233.003] GdipGetClip (graphics=0x663e568, region=0x6645248) returned 0x0
[0233.003] GdipIsInfiniteRegion (region=0x6645248, graphics=0x663e568, result=0xd7da34) returned 0x0
[0233.003] GdipDeleteRegion (region=0x6645248) returned 0x0
[0233.003] GdipSaveGraphics (graphics=0x663e568, state=0xd7da60) returned 0x0
[0233.003] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0233.008] GdipFillRectangleI (graphics=0x663e568, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0233.008] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0233.010] GdipRestoreGraphics (graphics=0x663e568, state=0xf9180dbd) returned 0x0
[0233.010] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0233.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0233.010] GetSystemMetrics (nIndex=42) returned 0
[0233.010] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0233.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0233.010] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0233.010] SelectPalette (hdc=0xec01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0233.010] RestoreDC (hdc=0xec01065e, nSavedDC=-1) returned 1
[0233.010] GdipReleaseDC (graphics=0x6600030, hdc=0xec01065e) returned 0x0
[0233.010] IsAppThemed () returned 0x1
[0233.010] GetThemeAppProperties () returned 0x3
[0233.010] GetThemeAppProperties () returned 0x3
[0233.010] IsAppThemed () returned 0x1
[0233.011] GetThemeAppProperties () returned 0x3
[0233.011] GetThemeAppProperties () returned 0x3
[0233.011] IsThemePartDefined () returned 0x1
[0233.011] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0233.011] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0233.011] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0233.011] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0233.011] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0233.011] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0233.011] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0233.011] LocalFree (hMem=0x11ee910) returned 0x0
[0233.011] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0233.011] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eecc8) returned 0x0
[0233.011] LocalFree (hMem=0x11eecc8) returned 0x0
[0233.011] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0233.011] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0233.011] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0233.011] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0233.011] GdipDeleteRegion (region=0x6645248) returned 0x0
[0233.011] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0233.011] GetCurrentObject (hdc=0xec01065e, type=0x1) returned 0xb00017
[0233.011] GetCurrentObject (hdc=0xec01065e, type=0x2) returned 0x900010
[0233.011] GetCurrentObject (hdc=0xec01065e, type=0x7) returned 0x4a0507fe
[0233.011] GetCurrentObject (hdc=0xec01065e, type=0x6) returned 0x8a01c2
[0233.012] SaveDC (hdc=0xec01065e) returned 1
[0233.012] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdf040807
[0233.012] GetClipRgn (hdc=0xec01065e, hrgn=0xdf040807) returned 0
[0233.012] SelectClipRgn (hdc=0xec01065e, hrgn=0x6e0407de) returned 2
[0233.012] DeleteObject (ho=0xdf040807) returned 1
[0233.012] DeleteObject (ho=0x6e0407de) returned 1
[0233.012] OffsetViewportOrgEx (in: hdc=0xec01065e, x=0, y=0, lppt=0x2d7f4ac | out: lppt=0x2d7f4ac) returned 1
[0233.012] IsAppThemed () returned 0x1
[0233.012] GetThemeAppProperties () returned 0x3
[0233.012] GetThemeAppProperties () returned 0x3
[0233.012] DrawThemeBackground () returned 0x0
[0233.012] RestoreDC (hdc=0xec01065e, nSavedDC=-1) returned 1
[0233.012] GdipReleaseDC (graphics=0x6600030, hdc=0xec01065e) returned 0x0
[0233.012] GdipCreateRegion (region=0xd7df60) returned 0x0
[0233.012] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0233.012] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0233.012] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0233.013] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df78) returned 0x0
[0233.013] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0233.013] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0233.013] LocalFree (hMem=0x11eec58) returned 0x0
[0233.013] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0233.013] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eead0) returned 0x0
[0233.013] LocalFree (hMem=0x11eead0) returned 0x0
[0233.013] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0233.013] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0233.013] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df90) returned 0x0
[0233.013] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0233.013] GdipDeleteRegion (region=0x6646178) returned 0x0
[0233.013] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0233.013] GetCurrentObject (hdc=0xec01065e, type=0x1) returned 0xb00017
[0233.013] GetCurrentObject (hdc=0xec01065e, type=0x2) returned 0x900010
[0233.013] GetCurrentObject (hdc=0xec01065e, type=0x7) returned 0x4a0507fe
[0233.014] GetCurrentObject (hdc=0xec01065e, type=0x6) returned 0x8a01c2
[0233.014] SaveDC (hdc=0xec01065e) returned 1
[0233.014] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6f0407de
[0233.014] GetClipRgn (hdc=0xec01065e, hrgn=0x6f0407de) returned 0
[0233.014] SelectClipRgn (hdc=0xec01065e, hrgn=0xe0040807) returned 2
[0233.014] DeleteObject (ho=0x6f0407de) returned 1
[0233.014] DeleteObject (ho=0xe0040807) returned 1
[0233.014] OffsetViewportOrgEx (in: hdc=0xec01065e, x=0, y=0, lppt=0x2d7f780 | out: lppt=0x2d7f780) returned 1
[0233.014] IsAppThemed () returned 0x1
[0233.014] GetThemeAppProperties () returned 0x3
[0233.014] GetThemeAppProperties () returned 0x3
[0233.014] GetThemeBackgroundContentRect () returned 0x0
[0233.014] RestoreDC (hdc=0xec01065e, nSavedDC=-1) returned 1
[0233.014] GdipReleaseDC (graphics=0x6600030, hdc=0xec01065e) returned 0x0
[0233.014] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0233.014] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0233.014] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0233.014] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0233.014] IsAppThemed () returned 0x1
[0233.014] GetThemeAppProperties () returned 0x3
[0233.014] GetThemeAppProperties () returned 0x3
[0233.014] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0233.014] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0233.015] GetCurrentObject (hdc=0xec01065e, type=0x1) returned 0xb00017
[0233.015] GetCurrentObject (hdc=0xec01065e, type=0x2) returned 0x900010
[0233.015] GetCurrentObject (hdc=0xec01065e, type=0x7) returned 0x4a0507fe
[0233.015] GetCurrentObject (hdc=0xec01065e, type=0x6) returned 0x8a01c2
[0233.015] SaveDC (hdc=0xec01065e) returned 1
[0233.015] GetTextAlign (hdc=0xec01065e) returned 0x0
[0233.015] GetTextColor (hdc=0xec01065e) returned 0x0
[0233.015] GetCurrentObject (hdc=0xec01065e, type=0x6) returned 0x8a01c2
[0233.015] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0233.015] SelectObject (hdc=0xec01065e, h=0x6d0a0520) returned 0x8a01c2
[0233.015] GetBkMode (hdc=0xec01065e) returned 2
[0233.015] SetBkMode (hdc=0xec01065e, mode=1) returned 2
[0233.015] DrawTextExW (in: hdc=0xec01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d7fb44 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0233.015] DrawTextExW (in: hdc=0xec01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d7fb44 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0233.016] RestoreDC (hdc=0xec01065e, nSavedDC=-1) returned 1
[0233.016] GdipReleaseDC (graphics=0x6600030, hdc=0xec01065e) returned 0x0
[0233.016] GetFocus () returned 0x2002d8
[0233.016] IsAppThemed () returned 0x1
[0233.016] GetThemeAppProperties () returned 0x3
[0233.016] GetThemeAppProperties () returned 0x3
[0233.016] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0233.016] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xec01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0233.016] GdipReleaseDC (graphics=0x6600030, hdc=0xec01065e) returned 0x0
[0233.016] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0233.017] SelectObject (hdc=0xec01065e, h=0x85000f) returned 0x4a0507fe
[0233.017] DeleteDC (hdc=0xec01065e) returned 1
[0233.017] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0233.017] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0233.017] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.017] IsWindowUnicode (hWnd=0x1802c8) returned 1
[0233.017] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.017] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.017] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.017] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.017] IsWindowUnicode (hWnd=0x1802c8) returned 1
[0233.018] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.018] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.018] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.018] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x2a1, wParam=0x0, lParam=0x90048) returned 0x0
[0233.018] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.018] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.018] WaitMessage () returned 1
[0233.024] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.024] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.024] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.024] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.024] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.025] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.025] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.025] WaitMessage () returned 1
[0233.025] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.025] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.025] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.025] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.025] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.026] WaitMessage () returned 1
[0233.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.027] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.027] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.027] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.027] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.028] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.032] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.032] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.032] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.032] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.032] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.032] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.032] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.032] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.032] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.032] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.033] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.033] WaitMessage () returned 1
[0233.034] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.035] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.035] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.035] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.035] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.036] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.036] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.037] WaitMessage () returned 1
[0233.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.037] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.037] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.037] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.037] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.038] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.039] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.039] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.039] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.039] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.039] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.039] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.039] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.039] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.039] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.039] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.040] WaitMessage () returned 1
[0233.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.040] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.040] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.040] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.040] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.041] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.041] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.041] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.042] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.042] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.042] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.042] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.042] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.042] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.042] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.042] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.042] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0233.042] WaitMessage () returned 1
[0233.097] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.097] IsWindowUnicode (hWnd=0x1802c8) returned 1
[0233.097] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.098] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.098] GetDlgItem (hDlg=0x1e02de, nIDDlgItem=0) returned 0x0
[0233.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x210, wParam=0x201, lParam=0x670129) returned 0x0
[0233.098] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x21, wParam=0x1e02de, lParam=0x2010001) returned 0x1
[0233.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x21, wParam=0x1e02de, lParam=0x2010001) returned 0x1
[0233.098] SetCursor (hCursor=0x10003) returned 0x10003
[0233.098] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.098] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.098] GetKeyState (nVirtKey=1) returned -127
[0233.098] GetKeyState (nVirtKey=2) returned 0
[0233.098] GetKeyState (nVirtKey=4) returned 0
[0233.098] GetKeyState (nVirtKey=5) returned 0
[0233.098] GetKeyState (nVirtKey=6) returned 0
[0233.098] IsWindowVisible (hWnd=0x1802c8) returned 1
[0233.098] IsWindowEnabled (hWnd=0x1802c8) returned 1
[0233.098] SetFocus (hWnd=0x1802c8) returned 0x2002d8
[0233.099] GetFocus () returned 0x1802c8
[0233.099] IsChild (hWndParent=0x1e02de, hWnd=0x1802c8) returned 1
[0233.099] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x8, wParam=0x1802c8, lParam=0x0) returned 0x0
[0233.099] GetCapture () returned 0x0
[0233.099] InvalidateRect (hWnd=0x2002d8, lpRect=0x0, bErase=0) returned 1
[0233.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0233.101] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0233.102] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0233.102] InvalidateRect (hWnd=0x2002d8, lpRect=0x0, bErase=0) returned 1
[0233.102] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0233.103] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x7, wParam=0x2002d8, lParam=0x0) returned 0x0
[0233.103] GetStockObject (i=5) returned 0x900015
[0233.103] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0233.103] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0233.103] GetDlgItem (hDlg=0x1e02de, nIDDlgItem=1573576) returned 0x1802c8
[0233.103] SendMessageW (hWnd=0x1802c8, Msg=0x202b, wParam=0x1802c8, lParam=0xd7dddc) returned 0x0
[0233.103] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x202b, wParam=0x1802c8, lParam=0xd7dddc) returned 0x0
[0233.103] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0233.104] GetFocus () returned 0x1802c8
[0233.104] GetFocus () returned 0x1802c8
[0233.104] GetFocus () returned 0x1802c8
[0233.104] GetKeyState (nVirtKey=1) returned -127
[0233.104] GetKeyState (nVirtKey=2) returned 0
[0233.104] GetKeyState (nVirtKey=4) returned 0
[0233.104] GetKeyState (nVirtKey=5) returned 0
[0233.105] GetKeyState (nVirtKey=6) returned 0
[0233.105] GetCapture () returned 0x0
[0233.105] SetCapture (hWnd=0x1802c8) returned 0x0
[0233.105] GetKeyState (nVirtKey=1) returned -127
[0233.105] GetKeyState (nVirtKey=2) returned 0
[0233.105] GetKeyState (nVirtKey=4) returned 0
[0233.105] GetKeyState (nVirtKey=5) returned 0
[0233.105] GetKeyState (nVirtKey=6) returned 0
[0233.105] NotifyWinEvent (event=0x800a, hwnd=0x1802c8, idObject=-4, idChild=0)
[0233.105] InvalidateRect (hWnd=0x1802c8, lpRect=0xd7e430, bErase=0) returned 1
[0233.105] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.105] IsWindowUnicode (hWnd=0x1802c8) returned 1
[0233.105] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.105] TranslateMessage (lpMsg=0xd7e808) returned 0
[0233.105] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0233.105] MapWindowPoints (in: hWndFrom=0x1802c8, hWndTo=0x0, lpPoints=0x2d7fe30, cPoints=0x1 | out: lpPoints=0x2d7fe30) returned 30999254
[0233.105] NotifyWinEvent (event=0x800a, hwnd=0x1802c8, idObject=-4, idChild=0)
[0233.105] InvalidateRect (hWnd=0x1802c8, lpRect=0xd7e3d0, bErase=0) returned 1
[0233.105] UpdateWindow (hWnd=0x1802c8) returned 1
[0233.105] BeginPaint (in: hWnd=0x1802c8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0233.106] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0233.106] CreateCompatibleDC (hdc=0xc0107c5) returned 0x11010671
[0233.106] SelectObject (hdc=0x11010671, h=0x4a0507fe) returned 0x85000f
[0233.106] GdipCreateFromHDC (hdc=0x11010671, graphics=0xd7df00) returned 0x0
[0233.106] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0233.106] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0233.106] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0233.106] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0233.106] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df60) returned 0x0
[0233.106] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0233.106] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0233.106] LocalFree (hMem=0x11ee868) returned 0x0
[0233.107] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0233.107] GdipCreateRegion (region=0xd7df48) returned 0x0
[0233.107] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0233.107] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df54) returned 0x0
[0233.107] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0233.107] GdipRestoreGraphics (graphics=0x6600030, state=0xf9160dbd) returned 0x0
[0233.107] GdipDeleteRegion (region=0x6645368) returned 0x0
[0233.107] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0233.107] GetCurrentObject (hdc=0x11010671, type=0x1) returned 0xb00017
[0233.107] GetCurrentObject (hdc=0x11010671, type=0x2) returned 0x900010
[0233.107] GetCurrentObject (hdc=0x11010671, type=0x7) returned 0x4a0507fe
[0233.107] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.107] SaveDC (hdc=0x11010671) returned 1
[0233.107] GetNearestColor (hdc=0x11010671, color=0xf0f0f0) returned 0xf0f0f0
[0233.107] GetNearestColor (hdc=0x11010671, color=0xa0a0a0) returned 0xa0a0a0
[0233.107] GetNearestColor (hdc=0x11010671, color=0x696969) returned 0x696969
[0233.107] GetNearestColor (hdc=0x11010671, color=0xa0a0a0) returned 0xa0a0a0
[0233.107] GetNearestColor (hdc=0x11010671, color=0x0) returned 0x0
[0233.107] GetNearestColor (hdc=0x11010671, color=0xffffff) returned 0xffffff
[0233.108] GetNearestColor (hdc=0x11010671, color=0xe5e5e5) returned 0xe5e5e5
[0233.108] GetNearestColor (hdc=0x11010671, color=0xd7d7d7) returned 0xd7d7d7
[0233.108] GetNearestColor (hdc=0x11010671, color=0x0) returned 0x0
[0233.108] RestoreDC (hdc=0x11010671, nSavedDC=-1) returned 1
[0233.108] GdipReleaseDC (graphics=0x6600030, hdc=0x11010671) returned 0x0
[0233.108] IsAppThemed () returned 0x1
[0233.108] GetThemeAppProperties () returned 0x3
[0233.108] GetThemeAppProperties () returned 0x3
[0233.108] IsAppThemed () returned 0x1
[0233.108] GetThemeAppProperties () returned 0x3
[0233.108] GetThemeAppProperties () returned 0x3
[0233.108] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d80588 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0233.108] IsAppThemed () returned 0x1
[0233.108] GetThemeAppProperties () returned 0x3
[0233.108] GetThemeAppProperties () returned 0x3
[0233.108] IsAppThemed () returned 0x1
[0233.108] GetThemeAppProperties () returned 0x3
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] IsAppThemed () returned 0x1
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] IsAppThemed () returned 0x1
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] IsThemePartDefined () returned 0x1
[0233.109] IsAppThemed () returned 0x1
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0233.109] IsAppThemed () returned 0x1
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] IsAppThemed () returned 0x1
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] GetThemeAppProperties () returned 0x3
[0233.109] IsThemePartDefined () returned 0x1
[0233.109] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0233.109] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0233.109] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0233.109] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0233.109] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc7c) returned 0x0
[0233.109] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0233.109] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0233.109] LocalFree (hMem=0x11eea60) returned 0x0
[0233.110] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0233.110] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0233.110] LocalFree (hMem=0x11ee788) returned 0x0
[0233.110] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0233.110] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0233.110] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0233.110] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0233.110] GdipDeleteRegion (region=0x6646178) returned 0x0
[0233.110] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0233.110] GetCurrentObject (hdc=0x11010671, type=0x1) returned 0xb00017
[0233.110] GetCurrentObject (hdc=0x11010671, type=0x2) returned 0x900010
[0233.110] GetCurrentObject (hdc=0x11010671, type=0x7) returned 0x4a0507fe
[0233.110] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.110] SaveDC (hdc=0x11010671) returned 1
[0233.110] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe1040807
[0233.110] GetClipRgn (hdc=0x11010671, hrgn=0xe1040807) returned 0
[0233.110] SelectClipRgn (hdc=0x11010671, hrgn=0x730407de) returned 2
[0233.110] DeleteObject (ho=0xe1040807) returned 1
[0233.110] DeleteObject (ho=0x730407de) returned 1
[0233.110] OffsetViewportOrgEx (in: hdc=0x11010671, x=0, y=0, lppt=0x2d80c38 | out: lppt=0x2d80c38) returned 1
[0233.110] DrawThemeParentBackground () returned 0x0
[0233.111] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0233.111] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0233.111] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0233.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0233.111] GetSystemMetrics (nIndex=42) returned 0
[0233.111] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0233.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0233.111] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0233.111] GetCurrentObject (hdc=0x11010671, type=0x1) returned 0xb00017
[0233.111] GetCurrentObject (hdc=0x11010671, type=0x2) returned 0x900010
[0233.111] GetCurrentObject (hdc=0x11010671, type=0x7) returned 0x4a0507fe
[0233.111] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.111] SaveDC (hdc=0x11010671) returned 2
[0233.111] GetNearestColor (hdc=0x11010671, color=0xf0f0f0) returned 0xf0f0f0
[0233.111] CreateSolidBrush (color=0xf0f0f0) returned 0x6a1007e1
[0233.111] FillRect (hDC=0x11010671, lprc=0xd7d6c8, hbr=0x6a1007e1) returned 1
[0233.111] DeleteObject (ho=0x6a1007e1) returned 1
[0233.111] RestoreDC (hdc=0x11010671, nSavedDC=-1) returned 1
[0233.112] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0233.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0233.112] GetSystemMetrics (nIndex=42) returned 0
[0233.112] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0233.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0233.112] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0233.112] GetCurrentObject (hdc=0x11010671, type=0x1) returned 0xb00017
[0233.112] GetCurrentObject (hdc=0x11010671, type=0x2) returned 0x900010
[0233.112] GetCurrentObject (hdc=0x11010671, type=0x7) returned 0x4a0507fe
[0233.112] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.112] SaveDC (hdc=0x11010671) returned 2
[0233.112] GetNearestColor (hdc=0x11010671, color=0xf0f0f0) returned 0xf0f0f0
[0233.112] CreateSolidBrush (color=0xf0f0f0) returned 0x6b1007e1
[0233.112] FillRect (hDC=0x11010671, lprc=0xd7d668, hbr=0x6b1007e1) returned 1
[0233.112] DeleteObject (ho=0x6b1007e1) returned 1
[0233.112] RestoreDC (hdc=0x11010671, nSavedDC=-1) returned 1
[0233.112] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0233.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0233.112] GetSystemMetrics (nIndex=42) returned 0
[0233.112] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0233.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0233.113] RestoreDC (hdc=0x11010671, nSavedDC=-1) returned 1
[0233.113] GdipReleaseDC (graphics=0x6600030, hdc=0x11010671) returned 0x0
[0233.113] IsAppThemed () returned 0x1
[0233.113] GetThemeAppProperties () returned 0x3
[0233.113] GetThemeAppProperties () returned 0x3
[0233.113] IsAppThemed () returned 0x1
[0233.113] GetThemeAppProperties () returned 0x3
[0233.113] GetThemeAppProperties () returned 0x3
[0233.113] IsThemePartDefined () returned 0x1
[0233.113] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0233.113] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0233.113] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0233.113] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0233.113] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc00) returned 0x0
[0233.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0233.113] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea60) returned 0x0
[0233.113] LocalFree (hMem=0x11eea60) returned 0x0
[0233.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0233.113] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0233.113] LocalFree (hMem=0x11eec58) returned 0x0
[0233.113] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0233.114] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0233.114] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0233.114] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0233.114] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0233.114] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0233.114] GetCurrentObject (hdc=0x11010671, type=0x1) returned 0xb00017
[0233.114] GetCurrentObject (hdc=0x11010671, type=0x2) returned 0x900010
[0233.114] GetCurrentObject (hdc=0x11010671, type=0x7) returned 0x4a0507fe
[0233.114] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.114] SaveDC (hdc=0x11010671) returned 1
[0233.114] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x740407de
[0233.114] GetClipRgn (hdc=0x11010671, hrgn=0x740407de) returned 0
[0233.114] SelectClipRgn (hdc=0x11010671, hrgn=0xe3040807) returned 2
[0233.114] DeleteObject (ho=0x740407de) returned 1
[0233.114] DeleteObject (ho=0xe3040807) returned 1
[0233.114] OffsetViewportOrgEx (in: hdc=0x11010671, x=0, y=0, lppt=0x2d815bc | out: lppt=0x2d815bc) returned 1
[0233.114] IsAppThemed () returned 0x1
[0233.114] GetThemeAppProperties () returned 0x3
[0233.114] GetThemeAppProperties () returned 0x3
[0233.114] DrawThemeBackground () returned 0x0
[0233.115] RestoreDC (hdc=0x11010671, nSavedDC=-1) returned 1
[0233.115] GdipReleaseDC (graphics=0x6600030, hdc=0x11010671) returned 0x0
[0233.115] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0233.115] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0233.115] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0233.115] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0233.115] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc04) returned 0x0
[0233.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0233.115] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0233.115] LocalFree (hMem=0x11eec58) returned 0x0
[0233.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0233.115] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0233.115] LocalFree (hMem=0x11ee868) returned 0x0
[0233.115] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0233.115] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0233.115] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0233.115] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0233.115] GdipDeleteRegion (region=0x6645248) returned 0x0
[0233.115] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0233.115] GetCurrentObject (hdc=0x11010671, type=0x1) returned 0xb00017
[0233.115] GetCurrentObject (hdc=0x11010671, type=0x2) returned 0x900010
[0233.115] GetCurrentObject (hdc=0x11010671, type=0x7) returned 0x4a0507fe
[0233.115] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.116] SaveDC (hdc=0x11010671) returned 1
[0233.116] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe4040807
[0233.116] GetClipRgn (hdc=0x11010671, hrgn=0xe4040807) returned 0
[0233.116] SelectClipRgn (hdc=0x11010671, hrgn=0x750407de) returned 2
[0233.116] DeleteObject (ho=0xe4040807) returned 1
[0233.116] DeleteObject (ho=0x750407de) returned 1
[0233.116] OffsetViewportOrgEx (in: hdc=0x11010671, x=0, y=0, lppt=0x2d81890 | out: lppt=0x2d81890) returned 1
[0233.116] IsAppThemed () returned 0x1
[0233.116] GetThemeAppProperties () returned 0x3
[0233.116] GetThemeAppProperties () returned 0x3
[0233.116] GetThemeBackgroundContentRect () returned 0x0
[0233.116] RestoreDC (hdc=0x11010671, nSavedDC=-1) returned 1
[0233.116] GdipReleaseDC (graphics=0x6600030, hdc=0x11010671) returned 0x0
[0233.116] IsAppThemed () returned 0x1
[0233.116] GetThemeAppProperties () returned 0x3
[0233.116] GetThemeAppProperties () returned 0x3
[0233.116] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0233.116] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0233.116] GetCurrentObject (hdc=0x11010671, type=0x1) returned 0xb00017
[0233.116] GetCurrentObject (hdc=0x11010671, type=0x2) returned 0x900010
[0233.116] GetCurrentObject (hdc=0x11010671, type=0x7) returned 0x4a0507fe
[0233.116] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.117] SaveDC (hdc=0x11010671) returned 1
[0233.117] GetTextAlign (hdc=0x11010671) returned 0x0
[0233.117] GetTextColor (hdc=0x11010671) returned 0x0
[0233.117] GetCurrentObject (hdc=0x11010671, type=0x6) returned 0x8a01c2
[0233.117] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0233.117] SelectObject (hdc=0x11010671, h=0x6d0a0520) returned 0x8a01c2
[0233.117] GetBkMode (hdc=0x11010671) returned 2
[0233.117] SetBkMode (hdc=0x11010671, mode=1) returned 2
[0233.117] DrawTextExW (in: hdc=0x11010671, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d81c30 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0233.117] DrawTextExW (in: hdc=0x11010671, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d81c30 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0233.118] RestoreDC (hdc=0x11010671, nSavedDC=-1) returned 1
[0233.118] GdipReleaseDC (graphics=0x6600030, hdc=0x11010671) returned 0x0
[0233.118] GetFocus () returned 0x1802c8
[0233.118] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0233.118] SendMessageW (hWnd=0x1e02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0233.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0233.118] IsAppThemed () returned 0x1
[0233.118] GetThemeAppProperties () returned 0x3
[0233.118] GetThemeAppProperties () returned 0x3
[0233.118] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0233.118] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x11010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0233.118] GdipReleaseDC (graphics=0x6600030, hdc=0x11010671) returned 0x0
[0233.118] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0233.118] SelectObject (hdc=0x11010671, h=0x85000f) returned 0x4a0507fe
[0233.118] DeleteDC (hdc=0x11010671) returned 1
[0233.118] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0233.118] EndPaint (hWnd=0x1802c8, lpPaint=0xd7dee4) returned 1
[0233.119] MapWindowPoints (in: hWndFrom=0x1802c8, hWndTo=0x0, lpPoints=0x2d81d2c, cPoints=0x1 | out: lpPoints=0x2d81d2c) returned 30999254
[0233.119] WindowFromPoint (Point=0x31e) returned 0x1802c8
[0233.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.119] NotifyWinEvent (event=0x800a, hwnd=0x1802c8, idObject=-4, idChild=0)
[0233.119] NotifyWinEvent (event=0x800c, hwnd=0x1802c8, idObject=-4, idChild=0)
[0233.119] GetCapture () returned 0x1802c8
[0233.119] ReleaseCapture () returned 1
[0233.119] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0233.119] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0233.120] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.120] IsWindow (hWnd=0x7005c) returned 1
[0233.120] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0233.126] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0233.126] IsWindow (hWnd=0x1e02de) returned 1
[0233.126] SetActiveWindow (hWnd=0x1e02de) returned 0x1e02de
[0233.126] IsWindow (hWnd=0x1e02de) returned 1
[0233.126] SetFocus (hWnd=0x1e02de) returned 0x1802c8
[0233.127] GetFocus () returned 0x1e02de
[0233.127] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x8, wParam=0x1e02de, lParam=0x0) returned 0x0
[0233.127] GetCapture () returned 0x0
[0233.127] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0233.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0233.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0233.130] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0233.130] GetFocus () returned 0x1e02de
[0233.130] SetFocus (hWnd=0x1802c8) returned 0x1e02de
[0233.131] GetFocus () returned 0x1802c8
[0233.131] IsChild (hWndParent=0x1e02de, hWnd=0x1802c8) returned 1
[0233.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x8, wParam=0x1802c8, lParam=0x0) returned 0x0
[0233.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0233.133] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0233.134] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0233.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x7, wParam=0x1e02de, lParam=0x0) returned 0x0
[0233.135] GetStockObject (i=5) returned 0x900015
[0233.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0233.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0233.135] GetDlgItem (hDlg=0x1e02de, nIDDlgItem=1573576) returned 0x1802c8
[0233.135] SendMessageW (hWnd=0x1802c8, Msg=0x202b, wParam=0x1802c8, lParam=0xd7ddcc) returned 0x0
[0233.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x202b, wParam=0x1802c8, lParam=0xd7ddcc) returned 0x0
[0233.135] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0233.137] GetWindowLongW (hWnd=0x1e02de, nIndex=-8) returned 458844
[0233.137] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0233.137] GetCurrentThreadId () returned 0xf50
[0233.137] IsWindow (hWnd=0x7005c) returned 1
[0233.137] IsWindow (hWnd=0x7005c) returned 1
[0233.137] IsWindowVisible (hWnd=0x7005c) returned 1
[0233.137] SetActiveWindow (hWnd=0x7005c) returned 0x1e02de
[0233.139] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0233.140] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0233.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0233.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0233.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0233.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0233.143] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0233.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0233.143] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0233.143] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0233.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0233.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0233.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0233.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1e02de) returned 0x1
[0233.147] GetFocus () returned 0x1802c8
[0233.147] SetFocus (hWnd=0x602c4) returned 0x1802c8
[0233.147] GetFocus () returned 0x602c4
[0233.147] IsChild (hWndParent=0x1e02de, hWnd=0x602c4) returned 0
[0233.147] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0233.147] GetCapture () returned 0x0
[0233.147] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0233.148] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0233.149] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0233.151] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0233.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0233.151] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0233.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0233.151] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0233.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1802c8, lParam=0x0) returned 0x0
[0233.152] GetStockObject (i=5) returned 0x900015
[0233.152] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0233.152] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed760) returned 0xc
[0233.152] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0233.152] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0233.152] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0233.152] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0233.162] GetFocus () returned 0x602c4
[0233.163] IsChild (hWndParent=0x1e02de, hWnd=0x602c4) returned 0
[0233.163] ShowWindow (hWnd=0x1e02de, nCmdShow=0) returned 1
[0233.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0233.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0233.165] GetWindowPlacement (in: hWnd=0x1e02de, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0233.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0233.165] GetClientRect (in: hWnd=0x1e02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0233.165] GetWindowRect (in: hWnd=0x1e02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0233.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0233.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0233.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0233.166] GetWindowLongW (hWnd=0x1e02de, nIndex=-20) returned 327945
[0233.166] DestroyWindow (hWnd=0x1e02de) returned 1
[0233.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0233.167] GetWindowTextLengthW (hWnd=0x1e02de) returned 24
[0233.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0233.167] GetSystemMetrics (nIndex=42) returned 0
[0233.167] GetWindowTextW (in: hWnd=0x1e02de, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0233.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0233.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0233.167] GetWindowTextLengthW (hWnd=0x1402ce) returned 0
[0233.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0233.167] GetSystemMetrics (nIndex=42) returned 0
[0233.168] GetWindowTextW (in: hWnd=0x1402ce, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0233.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0233.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0233.168] GetWindowThreadProcessId (in: hWnd=0x1e02dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0233.168] GetWindow (hWnd=0x1e02dc, uCmd=0x5) returned 0x0
[0233.168] GetWindowLongW (hWnd=0x1e02dc, nIndex=-20) returned 65792
[0233.168] DestroyWindow (hWnd=0x1e02dc) returned 1
[0233.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0233.168] GetWindowTextLengthW (hWnd=0x1e02dc) returned 25
[0233.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0233.168] GetSystemMetrics (nIndex=42) returned 0
[0233.168] GetWindowTextW (in: hWnd=0x1e02dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0233.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0233.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0233.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.170] GetWindowTextLengthW (hWnd=0x1e02da) returned 232
[0233.170] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0233.170] GetSystemMetrics (nIndex=42) returned 0
[0233.170] GetWindowTextW (in: hWnd=0x1e02da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0233.170] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0233.170] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0233.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0233.170] InvalidateRect (hWnd=0x1802c8, lpRect=0x0, bErase=0) returned 1
[0233.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0233.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0233.170] SendMessageW (hWnd=0x1302d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0233.170] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0233.171] SendMessageW (hWnd=0x1302d0, Msg=0xb0, wParam=0x2d4c0d0, lParam=0xd7e480) returned 0x0
[0233.171] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0xb0, wParam=0x2d4c0d0, lParam=0xd7e480) returned 0x0
[0233.171] GetWindowTextLengthW (hWnd=0x1302d0) returned 4363
[0233.171] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0233.171] GetSystemMetrics (nIndex=42) returned 0
[0233.171] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0233.171] GetWindowTextW (in: hWnd=0x1302d0, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0233.171] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0233.171] CoTaskMemFree (pv=0x120a4b0)
[0233.171] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0233.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1402ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2002d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.174] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1802c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2100ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.177] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1302d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0233.181] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.181] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.181] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.181] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.181] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.181] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.182] IsWindowUnicode (hWnd=0x7005c) returned 1
[0233.182] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.182] SetCursor (hCursor=0x10003) returned 0x10003
[0233.182] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.182] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.182] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0233.182] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0233.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0233.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10d0260) returned 0x0
[0233.182] GetKeyState (nVirtKey=1) returned 1
[0233.182] GetKeyState (nVirtKey=2) returned 0
[0233.182] GetKeyState (nVirtKey=4) returned 0
[0233.182] GetKeyState (nVirtKey=5) returned 0
[0233.182] GetKeyState (nVirtKey=6) returned 0
[0233.183] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.183] IsWindowUnicode (hWnd=0x7005c) returned 1
[0233.183] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.183] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.183] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.184] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.184] IsWindowUnicode (hWnd=0x7005c) returned 1
[0233.184] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e2031e) returned 0x1
[0233.184] SetCursor (hCursor=0x10003) returned 0x10003
[0233.202] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.202] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10d0260) returned 0x0
[0233.202] GetKeyState (nVirtKey=1) returned 1
[0233.202] GetKeyState (nVirtKey=2) returned 0
[0233.202] GetKeyState (nVirtKey=4) returned 0
[0233.202] GetKeyState (nVirtKey=5) returned 0
[0233.202] GetKeyState (nVirtKey=6) returned 0
[0233.202] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.202] IsWindowUnicode (hWnd=0x602c4) returned 1
[0233.202] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.202] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.202] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.202] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.203] IsWindowUnicode (hWnd=0x602c4) returned 1
[0233.203] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.203] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.203] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.203] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0233.203] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0233.203] CreateCompatibleDC (hdc=0x107b9) returned 0xd301067c
[0233.204] SelectObject (hdc=0xd301067c, h=0x4a0507fe) returned 0x85000f
[0233.204] GdipCreateFromHDC (hdc=0xd301067c, graphics=0xd7e798) returned 0x0
[0233.204] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0233.204] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0233.204] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0233.204] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0233.204] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e7f8) returned 0x0
[0233.204] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0233.204] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0233.204] LocalFree (hMem=0x11eecc8) returned 0x0
[0233.204] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0233.204] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0233.204] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0233.204] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0233.204] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0233.204] GdipRestoreGraphics (graphics=0x6600030, state=0xf9140dbd) returned 0x0
[0233.204] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0233.204] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0233.205] GetCurrentObject (hdc=0xd301067c, type=0x1) returned 0xb00017
[0233.205] GetCurrentObject (hdc=0xd301067c, type=0x2) returned 0x900010
[0233.205] GetCurrentObject (hdc=0xd301067c, type=0x7) returned 0x4a0507fe
[0233.205] GetCurrentObject (hdc=0xd301067c, type=0x6) returned 0x8a01c2
[0233.205] SaveDC (hdc=0xd301067c) returned 1
[0233.205] GetNearestColor (hdc=0xd301067c, color=0xff) returned 0xff
[0233.205] GetNearestColor (hdc=0xd301067c, color=0x55) returned 0x55
[0233.205] GetNearestColor (hdc=0xd301067c, color=0x0) returned 0x0
[0233.205] GetNearestColor (hdc=0xd301067c, color=0x55) returned 0x55
[0233.205] GetNearestColor (hdc=0xd301067c, color=0x0) returned 0x0
[0233.205] GetNearestColor (hdc=0xd301067c, color=0x8080ff) returned 0x8080ff
[0233.205] GetNearestColor (hdc=0xd301067c, color=0x7373e5) returned 0x7373e5
[0233.205] GetNearestColor (hdc=0xd301067c, color=0xe5) returned 0xe5
[0233.205] GetNearestColor (hdc=0xd301067c, color=0x0) returned 0x0
[0233.205] RestoreDC (hdc=0xd301067c, nSavedDC=-1) returned 1
[0233.205] GdipReleaseDC (graphics=0x6600030, hdc=0xd301067c) returned 0x0
[0233.205] IsAppThemed () returned 0x1
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] IsAppThemed () returned 0x1
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d89ae0 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0233.206] IsAppThemed () returned 0x1
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] IsAppThemed () returned 0x1
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] GetFocus () returned 0x602c4
[0233.206] IsAppThemed () returned 0x1
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] IsAppThemed () returned 0x1
[0233.206] GetThemeAppProperties () returned 0x3
[0233.206] GetThemeAppProperties () returned 0x3
[0233.207] IsThemePartDefined () returned 0x1
[0233.207] IsAppThemed () returned 0x1
[0233.207] GetThemeAppProperties () returned 0x3
[0233.207] GetThemeAppProperties () returned 0x3
[0233.207] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0233.207] IsAppThemed () returned 0x1
[0233.207] GetThemeAppProperties () returned 0x3
[0233.207] GetThemeAppProperties () returned 0x3
[0233.207] IsAppThemed () returned 0x1
[0233.207] GetThemeAppProperties () returned 0x3
[0233.207] GetThemeAppProperties () returned 0x3
[0233.207] IsThemePartDefined () returned 0x1
[0233.207] GdipCreateRegion (region=0xd7e508) returned 0x0
[0233.207] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0233.207] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0233.207] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0233.207] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e520) returned 0x0
[0233.207] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0233.207] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0233.207] LocalFree (hMem=0x11ee868) returned 0x0
[0233.207] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0233.207] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0233.207] LocalFree (hMem=0x11ee868) returned 0x0
[0233.207] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0233.208] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e548) returned 0x0
[0233.208] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e538) returned 0x0
[0233.208] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0233.208] GdipDeleteRegion (region=0x6645248) returned 0x0
[0233.208] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0233.208] GetCurrentObject (hdc=0xd301067c, type=0x1) returned 0xb00017
[0233.208] GetCurrentObject (hdc=0xd301067c, type=0x2) returned 0x900010
[0233.208] GetCurrentObject (hdc=0xd301067c, type=0x7) returned 0x4a0507fe
[0233.208] GetCurrentObject (hdc=0xd301067c, type=0x6) returned 0x8a01c2
[0233.208] SaveDC (hdc=0xd301067c) returned 1
[0233.208] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x760407de
[0233.208] GetClipRgn (hdc=0xd301067c, hrgn=0x760407de) returned 0
[0233.208] SelectClipRgn (hdc=0xd301067c, hrgn=0xe8040807) returned 2
[0233.208] DeleteObject (ho=0x760407de) returned 1
[0233.208] DeleteObject (ho=0xe8040807) returned 1
[0233.209] OffsetViewportOrgEx (in: hdc=0xd301067c, x=0, y=0, lppt=0x2d8a190 | out: lppt=0x2d8a190) returned 1
[0233.209] DrawThemeParentBackground () returned 0x0
[0233.209] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0233.209] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0233.209] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0233.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0233.209] GetSystemMetrics (nIndex=42) returned 0
[0233.209] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0233.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0233.209] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0233.209] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0233.209] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0233.209] SelectPalette (hdc=0xd301067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0233.209] GdipCreateFromHDC (hdc=0xd301067c, graphics=0xd7dff8) returned 0x0
[0233.210] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0233.210] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0233.210] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638bd8) returned 0x0
[0233.210] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dfd0) returned 0x0
[0233.210] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0233.210] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0233.210] GdipGetClip (graphics=0x663e568, region=0x6645248) returned 0x0
[0233.210] GdipIsInfiniteRegion (region=0x6645248, graphics=0x663e568, result=0xd7dfc4) returned 0x0
[0233.210] GdipDeleteRegion (region=0x6645248) returned 0x0
[0233.210] GdipSaveGraphics (graphics=0x663e568, state=0xd7dff0) returned 0x0
[0233.210] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0233.222] GdipFillRectangleI (graphics=0x663e568, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0233.222] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0233.223] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0233.223] SelectPalette (hdc=0xd301067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0233.223] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0233.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0233.223] GetSystemMetrics (nIndex=42) returned 0
[0233.223] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0233.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0233.223] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0233.223] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0233.223] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0233.223] SelectPalette (hdc=0xd301067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0233.224] GdipCreateFromHDC (hdc=0xd301067c, graphics=0xd7df98) returned 0x0
[0233.224] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0233.224] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0233.224] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cf8) returned 0x0
[0233.224] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df70) returned 0x0
[0233.224] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0233.224] GdipCreateRegion (region=0xd7df58) returned 0x0
[0233.224] GdipGetClip (graphics=0x663e568, region=0x6645878) returned 0x0
[0233.224] GdipIsInfiniteRegion (region=0x6645878, graphics=0x663e568, result=0xd7df64) returned 0x0
[0233.224] GdipDeleteRegion (region=0x6645878) returned 0x0
[0233.224] GdipSaveGraphics (graphics=0x663e568, state=0xd7df90) returned 0x0
[0233.224] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0233.230] GdipFillRectangleI (graphics=0x663e568, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0233.230] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0233.237] GdipRestoreGraphics (graphics=0x663e568, state=0xf9100dbd) returned 0x0
[0233.237] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0233.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0233.237] GetSystemMetrics (nIndex=42) returned 0
[0233.237] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0233.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0233.237] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0233.237] SelectPalette (hdc=0xd301067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0233.237] RestoreDC (hdc=0xd301067c, nSavedDC=-1) returned 1
[0233.238] GdipReleaseDC (graphics=0x6600030, hdc=0xd301067c) returned 0x0
[0233.238] IsAppThemed () returned 0x1
[0233.238] GetThemeAppProperties () returned 0x3
[0233.238] GetThemeAppProperties () returned 0x3
[0233.238] IsAppThemed () returned 0x1
[0233.238] GetThemeAppProperties () returned 0x3
[0233.238] GetThemeAppProperties () returned 0x3
[0233.238] IsThemePartDefined () returned 0x1
[0233.238] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0233.238] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0233.238] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0233.238] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0233.238] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e4a4) returned 0x0
[0233.238] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0233.238] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0233.238] LocalFree (hMem=0x11eea60) returned 0x0
[0233.238] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0233.238] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0233.238] LocalFree (hMem=0x11eec58) returned 0x0
[0233.238] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0233.238] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0233.238] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0233.238] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0233.239] GdipDeleteRegion (region=0x6645758) returned 0x0
[0233.239] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0233.239] GetCurrentObject (hdc=0xd301067c, type=0x1) returned 0xb00017
[0233.239] GetCurrentObject (hdc=0xd301067c, type=0x2) returned 0x900010
[0233.239] GetCurrentObject (hdc=0xd301067c, type=0x7) returned 0x4a0507fe
[0233.239] GetCurrentObject (hdc=0xd301067c, type=0x6) returned 0x8a01c2
[0233.239] SaveDC (hdc=0xd301067c) returned 1
[0233.239] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe9040807
[0233.239] GetClipRgn (hdc=0xd301067c, hrgn=0xe9040807) returned 0
[0233.239] SelectClipRgn (hdc=0xd301067c, hrgn=0x780407de) returned 2
[0233.239] DeleteObject (ho=0xe9040807) returned 1
[0233.239] DeleteObject (ho=0x780407de) returned 1
[0233.239] OffsetViewportOrgEx (in: hdc=0xd301067c, x=0, y=0, lppt=0x2d909e0 | out: lppt=0x2d909e0) returned 1
[0233.239] IsAppThemed () returned 0x1
[0233.239] GetThemeAppProperties () returned 0x3
[0233.239] GetThemeAppProperties () returned 0x3
[0233.239] DrawThemeBackground () returned 0x0
[0233.239] RestoreDC (hdc=0xd301067c, nSavedDC=-1) returned 1
[0233.239] GdipReleaseDC (graphics=0x6600030, hdc=0xd301067c) returned 0x0
[0233.240] GdipCreateRegion (region=0xd7e490) returned 0x0
[0233.240] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0233.240] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0233.240] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0233.240] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e4a8) returned 0x0
[0233.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0233.240] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0233.240] LocalFree (hMem=0x11ee788) returned 0x0
[0233.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0233.240] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0233.240] LocalFree (hMem=0x11ee788) returned 0x0
[0233.240] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0233.240] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0233.240] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0233.240] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0233.240] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0233.240] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0233.240] GetCurrentObject (hdc=0xd301067c, type=0x1) returned 0xb00017
[0233.240] GetCurrentObject (hdc=0xd301067c, type=0x2) returned 0x900010
[0233.240] GetCurrentObject (hdc=0xd301067c, type=0x7) returned 0x4a0507fe
[0233.240] GetCurrentObject (hdc=0xd301067c, type=0x6) returned 0x8a01c2
[0233.240] SaveDC (hdc=0xd301067c) returned 1
[0233.240] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x790407de
[0233.241] GetClipRgn (hdc=0xd301067c, hrgn=0x790407de) returned 0
[0233.241] SelectClipRgn (hdc=0xd301067c, hrgn=0xea040807) returned 2
[0233.241] DeleteObject (ho=0x790407de) returned 1
[0233.241] DeleteObject (ho=0xea040807) returned 1
[0233.241] OffsetViewportOrgEx (in: hdc=0xd301067c, x=0, y=0, lppt=0x2d90cb4 | out: lppt=0x2d90cb4) returned 1
[0233.241] IsAppThemed () returned 0x1
[0233.241] GetThemeAppProperties () returned 0x3
[0233.241] GetThemeAppProperties () returned 0x3
[0233.241] GetThemeBackgroundContentRect () returned 0x0
[0233.241] RestoreDC (hdc=0xd301067c, nSavedDC=-1) returned 1
[0233.241] GdipReleaseDC (graphics=0x6600030, hdc=0xd301067c) returned 0x0
[0233.241] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0233.241] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0233.241] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0233.241] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0233.241] IsAppThemed () returned 0x1
[0233.241] GetThemeAppProperties () returned 0x3
[0233.241] GetThemeAppProperties () returned 0x3
[0233.241] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0233.241] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0233.241] GetCurrentObject (hdc=0xd301067c, type=0x1) returned 0xb00017
[0233.241] GetCurrentObject (hdc=0xd301067c, type=0x2) returned 0x900010
[0233.242] GetCurrentObject (hdc=0xd301067c, type=0x7) returned 0x4a0507fe
[0233.242] GetCurrentObject (hdc=0xd301067c, type=0x6) returned 0x8a01c2
[0233.242] SaveDC (hdc=0xd301067c) returned 1
[0233.242] GetTextAlign (hdc=0xd301067c) returned 0x0
[0233.242] GetTextColor (hdc=0xd301067c) returned 0x0
[0233.242] GetCurrentObject (hdc=0xd301067c, type=0x6) returned 0x8a01c2
[0233.242] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0233.242] SelectObject (hdc=0xd301067c, h=0x6d0a0520) returned 0x8a01c2
[0233.242] GetBkMode (hdc=0xd301067c) returned 2
[0233.242] SetBkMode (hdc=0xd301067c, mode=1) returned 2
[0233.242] DrawTextExW (in: hdc=0xd301067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d91078 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0233.242] DrawTextExW (in: hdc=0xd301067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d91078 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0233.243] RestoreDC (hdc=0xd301067c, nSavedDC=-1) returned 1
[0233.243] GdipReleaseDC (graphics=0x6600030, hdc=0xd301067c) returned 0x0
[0233.243] GetFocus () returned 0x602c4
[0233.243] IsAppThemed () returned 0x1
[0233.243] GetThemeAppProperties () returned 0x3
[0233.243] GetThemeAppProperties () returned 0x3
[0233.243] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0233.243] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xd301067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0233.243] GdipReleaseDC (graphics=0x6600030, hdc=0xd301067c) returned 0x0
[0233.243] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0233.243] SelectObject (hdc=0xd301067c, h=0x85000f) returned 0x4a0507fe
[0233.243] DeleteDC (hdc=0xd301067c) returned 1
[0233.243] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0233.243] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0233.244] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.244] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.244] WaitMessage () returned 1
[0233.245] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.245] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.245] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.245] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.245] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.246] WaitMessage () returned 1
[0233.259] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.259] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.259] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.259] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.259] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.260] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.260] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.260] WaitMessage () returned 1
[0233.261] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.261] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.261] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.261] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.261] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.262] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.262] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.262] WaitMessage () returned 1
[0233.267] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.267] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.267] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.267] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.267] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.268] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.269] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.269] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.269] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.269] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.269] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.269] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.269] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.269] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.269] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.269] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.270] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.270] WaitMessage () returned 1
[0233.270] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.270] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.270] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.270] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.270] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.271] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.271] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.271] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.271] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.272] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.272] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.272] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.272] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.272] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.272] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.272] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.272] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.272] WaitMessage () returned 1
[0233.273] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.273] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.273] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.273] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.273] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.274] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.274] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.274] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.274] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.274] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.274] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.274] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.274] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.274] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.274] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.274] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.275] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.275] WaitMessage () returned 1
[0233.275] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.275] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.275] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.275] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.275] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.277] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.277] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.277] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.278] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.278] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.278] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.278] IsWindowUnicode (hWnd=0x30122) returned 1
[0233.278] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.278] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.278] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.278] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.285] IsWindowUnicode (hWnd=0x7005c) returned 1
[0233.285] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.285] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.285] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.286] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.286] IsWindowUnicode (hWnd=0x7005c) returned 1
[0233.286] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.286] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.286] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10d0260) returned 0x0
[0233.286] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.286] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.286] WaitMessage () returned 1
[0233.451] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.451] IsWindowUnicode (hWnd=0x502c6) returned 1
[0233.451] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0233.452] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0233.452] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0233.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0233.452] WaitMessage () returned 1
[0235.454] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.454] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27200f7) returned 0x1
[0235.455] IsWindowUnicode (hWnd=0x602c4) returned 1
[0235.455] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.455] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0235.455] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0235.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0235.455] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27200f7) returned 0x1
[0235.455] IsWindowUnicode (hWnd=0x602c4) returned 1
[0235.455] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27200f7) returned 0x1
[0235.455] SetCursor (hCursor=0x10003) returned 0x10003
[0235.455] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0235.455] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0235.456] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0235.456] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0235.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0235.456] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0235.456] GetKeyState (nVirtKey=1) returned 1
[0235.456] GetKeyState (nVirtKey=2) returned 0
[0235.456] GetKeyState (nVirtKey=4) returned 0
[0235.456] GetKeyState (nVirtKey=5) returned 0
[0235.456] GetKeyState (nVirtKey=6) returned 0
[0235.456] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.456] IsWindowUnicode (hWnd=0x602c4) returned 1
[0235.456] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.456] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0235.456] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0235.456] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0235.456] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0235.457] CreateCompatibleDC (hdc=0x107b9) returned 0xc010781
[0235.457] SelectObject (hdc=0xc010781, h=0x4a0507fe) returned 0x85000f
[0235.457] GdipCreateFromHDC (hdc=0xc010781, graphics=0xd7e798) returned 0x0
[0235.457] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0235.457] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0235.457] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0235.457] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0235.457] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e7f8) returned 0x0
[0235.457] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0235.457] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0235.458] LocalFree (hMem=0x11ee9f0) returned 0x0
[0235.458] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0235.458] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0235.458] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0235.458] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0235.458] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0235.458] GdipRestoreGraphics (graphics=0x6600030, state=0xf90e0dbd) returned 0x0
[0235.458] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0235.458] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0235.458] GetCurrentObject (hdc=0xc010781, type=0x1) returned 0xb00017
[0235.458] GetCurrentObject (hdc=0xc010781, type=0x2) returned 0x900010
[0235.458] GetCurrentObject (hdc=0xc010781, type=0x7) returned 0x4a0507fe
[0235.458] GetCurrentObject (hdc=0xc010781, type=0x6) returned 0x8a01c2
[0235.458] SaveDC (hdc=0xc010781) returned 1
[0235.458] GetNearestColor (hdc=0xc010781, color=0xff) returned 0xff
[0235.458] GetNearestColor (hdc=0xc010781, color=0x55) returned 0x55
[0235.458] GetNearestColor (hdc=0xc010781, color=0x0) returned 0x0
[0235.459] GetNearestColor (hdc=0xc010781, color=0x55) returned 0x55
[0235.459] GetNearestColor (hdc=0xc010781, color=0x0) returned 0x0
[0235.459] GetNearestColor (hdc=0xc010781, color=0x8080ff) returned 0x8080ff
[0235.459] GetNearestColor (hdc=0xc010781, color=0x7373e5) returned 0x7373e5
[0235.459] GetNearestColor (hdc=0xc010781, color=0xe5) returned 0xe5
[0235.459] GetNearestColor (hdc=0xc010781, color=0x0) returned 0x0
[0235.459] RestoreDC (hdc=0xc010781, nSavedDC=-1) returned 1
[0235.459] GdipReleaseDC (graphics=0x6600030, hdc=0xc010781) returned 0x0
[0235.459] IsAppThemed () returned 0x1
[0235.459] GetThemeAppProperties () returned 0x3
[0235.459] GetThemeAppProperties () returned 0x3
[0235.459] IsAppThemed () returned 0x1
[0235.459] GetThemeAppProperties () returned 0x3
[0235.459] GetThemeAppProperties () returned 0x3
[0235.459] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d919c4 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0235.460] IsAppThemed () returned 0x1
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] IsAppThemed () returned 0x1
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] IsAppThemed () returned 0x1
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] IsAppThemed () returned 0x1
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] IsThemePartDefined () returned 0x1
[0235.460] IsAppThemed () returned 0x1
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] GetThemeAppProperties () returned 0x3
[0235.460] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0235.460] IsAppThemed () returned 0x1
[0235.461] GetThemeAppProperties () returned 0x3
[0235.461] GetThemeAppProperties () returned 0x3
[0235.461] IsAppThemed () returned 0x1
[0235.461] GetThemeAppProperties () returned 0x3
[0235.461] GetThemeAppProperties () returned 0x3
[0235.461] IsThemePartDefined () returned 0x1
[0235.461] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0235.461] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0235.461] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0235.461] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0235.461] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e514) returned 0x0
[0235.461] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0235.461] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0235.461] LocalFree (hMem=0x11ee788) returned 0x0
[0235.461] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0235.461] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0235.461] LocalFree (hMem=0x11ee788) returned 0x0
[0235.461] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0235.461] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0235.461] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0235.461] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0235.461] GdipDeleteRegion (region=0x6645248) returned 0x0
[0235.461] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0235.461] GetCurrentObject (hdc=0xc010781, type=0x1) returned 0xb00017
[0235.462] GetCurrentObject (hdc=0xc010781, type=0x2) returned 0x900010
[0235.462] GetCurrentObject (hdc=0xc010781, type=0x7) returned 0x4a0507fe
[0235.462] GetCurrentObject (hdc=0xc010781, type=0x6) returned 0x8a01c2
[0235.462] SaveDC (hdc=0xc010781) returned 1
[0235.462] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xeb040807
[0235.462] GetClipRgn (hdc=0xc010781, hrgn=0xeb040807) returned 0
[0235.462] SelectClipRgn (hdc=0xc010781, hrgn=0x7d0407de) returned 2
[0235.462] DeleteObject (ho=0xeb040807) returned 1
[0235.462] DeleteObject (ho=0x7d0407de) returned 1
[0235.462] OffsetViewportOrgEx (in: hdc=0xc010781, x=0, y=0, lppt=0x2d92074 | out: lppt=0x2d92074) returned 1
[0235.462] DrawThemeParentBackground () returned 0x0
[0235.462] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0235.462] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0235.462] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.462] GetSystemMetrics (nIndex=42) returned 0
[0235.462] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0235.463] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0235.463] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0235.463] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0235.463] SelectPalette (hdc=0xc010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0235.463] GdipCreateFromHDC (hdc=0xc010781, graphics=0xd7dff0) returned 0x0
[0235.463] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0235.463] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0235.463] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638bd8) returned 0x0
[0235.463] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dfc8) returned 0x0
[0235.463] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0235.463] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0235.463] GdipGetClip (graphics=0x663e568, region=0x6646178) returned 0x0
[0235.463] GdipIsInfiniteRegion (region=0x6646178, graphics=0x663e568, result=0xd7dfbc) returned 0x0
[0235.463] GdipDeleteRegion (region=0x6646178) returned 0x0
[0235.463] GdipSaveGraphics (graphics=0x663e568, state=0xd7dfe8) returned 0x0
[0235.463] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0235.469] GdipFillRectangleI (graphics=0x663e568, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0235.469] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0235.470] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0235.470] SelectPalette (hdc=0xc010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0235.470] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.471] GetSystemMetrics (nIndex=42) returned 0
[0235.471] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0235.471] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0235.471] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0235.471] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0235.471] SelectPalette (hdc=0xc010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0235.471] GdipCreateFromHDC (hdc=0xc010781, graphics=0xd7df90) returned 0x0
[0235.471] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0235.471] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0235.471] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cc8) returned 0x0
[0235.471] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df68) returned 0x0
[0235.471] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0235.471] GdipCreateRegion (region=0xd7df50) returned 0x0
[0235.471] GdipGetClip (graphics=0x663e568, region=0x6645c68) returned 0x0
[0235.471] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x663e568, result=0xd7df5c) returned 0x0
[0235.471] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0235.471] GdipSaveGraphics (graphics=0x663e568, state=0xd7df88) returned 0x0
[0235.472] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0235.476] GdipFillRectangleI (graphics=0x663e568, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0235.477] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0235.478] GdipRestoreGraphics (graphics=0x663e568, state=0xf90a0dbd) returned 0x0
[0235.478] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.478] GetSystemMetrics (nIndex=42) returned 0
[0235.478] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0235.478] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0235.478] SelectPalette (hdc=0xc010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0235.478] RestoreDC (hdc=0xc010781, nSavedDC=-1) returned 1
[0235.478] GdipReleaseDC (graphics=0x6600030, hdc=0xc010781) returned 0x0
[0235.478] IsAppThemed () returned 0x1
[0235.478] GetThemeAppProperties () returned 0x3
[0235.479] GetThemeAppProperties () returned 0x3
[0235.479] IsAppThemed () returned 0x1
[0235.479] GetThemeAppProperties () returned 0x3
[0235.479] GetThemeAppProperties () returned 0x3
[0235.479] IsThemePartDefined () returned 0x1
[0235.479] GdipCreateRegion (region=0xd7e480) returned 0x0
[0235.479] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0235.479] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0235.479] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0235.479] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e498) returned 0x0
[0235.479] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0235.479] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0235.479] LocalFree (hMem=0x11ee788) returned 0x0
[0235.479] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0235.479] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0235.479] LocalFree (hMem=0x11eea60) returned 0x0
[0235.479] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0235.479] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0235.479] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0235.479] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0235.479] GdipDeleteRegion (region=0x6645248) returned 0x0
[0235.479] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0235.479] GetCurrentObject (hdc=0xc010781, type=0x1) returned 0xb00017
[0235.479] GetCurrentObject (hdc=0xc010781, type=0x2) returned 0x900010
[0235.479] GetCurrentObject (hdc=0xc010781, type=0x7) returned 0x4a0507fe
[0235.480] GetCurrentObject (hdc=0xc010781, type=0x6) returned 0x8a01c2
[0235.480] SaveDC (hdc=0xc010781) returned 1
[0235.480] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7e0407de
[0235.480] GetClipRgn (hdc=0xc010781, hrgn=0x7e0407de) returned 0
[0235.480] SelectClipRgn (hdc=0xc010781, hrgn=0xed040807) returned 2
[0235.480] DeleteObject (ho=0x7e0407de) returned 1
[0235.480] DeleteObject (ho=0xed040807) returned 1
[0235.480] OffsetViewportOrgEx (in: hdc=0xc010781, x=0, y=0, lppt=0x2d988c4 | out: lppt=0x2d988c4) returned 1
[0235.480] IsAppThemed () returned 0x1
[0235.480] GetThemeAppProperties () returned 0x3
[0235.480] GetThemeAppProperties () returned 0x3
[0235.480] DrawThemeBackground () returned 0x0
[0235.480] RestoreDC (hdc=0xc010781, nSavedDC=-1) returned 1
[0235.480] GdipReleaseDC (graphics=0x6600030, hdc=0xc010781) returned 0x0
[0235.480] GdipCreateRegion (region=0xd7e484) returned 0x0
[0235.480] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0235.480] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0235.480] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0235.481] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e49c) returned 0x0
[0235.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0235.481] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0235.481] LocalFree (hMem=0x11eec58) returned 0x0
[0235.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0235.481] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee8d8) returned 0x0
[0235.481] LocalFree (hMem=0x11ee8d8) returned 0x0
[0235.481] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0235.481] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0235.481] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0235.481] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0235.481] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0235.481] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0235.481] GetCurrentObject (hdc=0xc010781, type=0x1) returned 0xb00017
[0235.481] GetCurrentObject (hdc=0xc010781, type=0x2) returned 0x900010
[0235.481] GetCurrentObject (hdc=0xc010781, type=0x7) returned 0x4a0507fe
[0235.481] GetCurrentObject (hdc=0xc010781, type=0x6) returned 0x8a01c2
[0235.481] SaveDC (hdc=0xc010781) returned 1
[0235.481] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xee040807
[0235.481] GetClipRgn (hdc=0xc010781, hrgn=0xee040807) returned 0
[0235.482] SelectClipRgn (hdc=0xc010781, hrgn=0x7f0407de) returned 2
[0235.482] DeleteObject (ho=0xee040807) returned 1
[0235.482] DeleteObject (ho=0x7f0407de) returned 1
[0235.482] OffsetViewportOrgEx (in: hdc=0xc010781, x=0, y=0, lppt=0x2d98b98 | out: lppt=0x2d98b98) returned 1
[0235.482] IsAppThemed () returned 0x1
[0235.482] GetThemeAppProperties () returned 0x3
[0235.482] GetThemeAppProperties () returned 0x3
[0235.482] GetThemeBackgroundContentRect () returned 0x0
[0235.482] RestoreDC (hdc=0xc010781, nSavedDC=-1) returned 1
[0235.482] GdipReleaseDC (graphics=0x6600030, hdc=0xc010781) returned 0x0
[0235.482] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0235.482] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0235.482] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0235.482] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0235.482] IsAppThemed () returned 0x1
[0235.482] GetThemeAppProperties () returned 0x3
[0235.482] GetThemeAppProperties () returned 0x3
[0235.482] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0235.482] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0235.482] GetCurrentObject (hdc=0xc010781, type=0x1) returned 0xb00017
[0235.482] GetCurrentObject (hdc=0xc010781, type=0x2) returned 0x900010
[0235.482] GetCurrentObject (hdc=0xc010781, type=0x7) returned 0x4a0507fe
[0235.483] GetCurrentObject (hdc=0xc010781, type=0x6) returned 0x8a01c2
[0235.483] SaveDC (hdc=0xc010781) returned 1
[0235.483] GetTextAlign (hdc=0xc010781) returned 0x0
[0235.483] GetTextColor (hdc=0xc010781) returned 0x0
[0235.483] GetCurrentObject (hdc=0xc010781, type=0x6) returned 0x8a01c2
[0235.483] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0235.483] SelectObject (hdc=0xc010781, h=0x6d0a0520) returned 0x8a01c2
[0235.483] GetBkMode (hdc=0xc010781) returned 2
[0235.483] SetBkMode (hdc=0xc010781, mode=1) returned 2
[0235.483] DrawTextExW (in: hdc=0xc010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d98f5c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0235.483] DrawTextExW (in: hdc=0xc010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d98f5c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0235.484] RestoreDC (hdc=0xc010781, nSavedDC=-1) returned 1
[0235.484] GdipReleaseDC (graphics=0x6600030, hdc=0xc010781) returned 0x0
[0235.484] GetFocus () returned 0x602c4
[0235.484] IsAppThemed () returned 0x1
[0235.484] GetThemeAppProperties () returned 0x3
[0235.484] GetThemeAppProperties () returned 0x3
[0235.484] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0235.484] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xc010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0235.485] GdipReleaseDC (graphics=0x6600030, hdc=0xc010781) returned 0x0
[0235.485] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0235.485] SelectObject (hdc=0xc010781, h=0x85000f) returned 0x4a0507fe
[0235.485] DeleteDC (hdc=0xc010781) returned 1
[0235.485] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0235.485] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0235.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0235.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0235.485] WaitMessage () returned 1
[0235.560] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.560] IsWindowUnicode (hWnd=0x602c4) returned 1
[0235.560] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.560] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0235.560] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0235.561] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.561] IsWindowUnicode (hWnd=0x602c4) returned 1
[0235.561] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.561] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0235.561] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0235.561] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xb001c) returned 0x0
[0235.561] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0235.561] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0235.561] WaitMessage () returned 1
[0235.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.697] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27200f7) returned 0x1
[0235.697] IsWindowUnicode (hWnd=0x602c4) returned 1
[0235.697] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.697] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27200f7) returned 0x1
[0235.697] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0235.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19d0039) returned 0x0
[0235.697] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0235.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0235.697] SetCursor (hCursor=0x10003) returned 0x10003
[0235.697] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0235.697] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0235.698] GetKeyState (nVirtKey=1) returned -128
[0235.698] GetKeyState (nVirtKey=2) returned 0
[0235.698] GetKeyState (nVirtKey=4) returned 0
[0235.698] GetKeyState (nVirtKey=5) returned 0
[0235.698] GetKeyState (nVirtKey=6) returned 0
[0235.698] IsWindowVisible (hWnd=0x602c4) returned 1
[0235.698] IsWindowEnabled (hWnd=0x602c4) returned 1
[0235.698] SetFocus (hWnd=0x602c4) returned 0x602c4
[0235.698] GetFocus () returned 0x602c4
[0235.698] GetFocus () returned 0x602c4
[0235.698] GetFocus () returned 0x602c4
[0235.698] GetKeyState (nVirtKey=1) returned -128
[0235.698] GetKeyState (nVirtKey=2) returned 0
[0235.698] GetKeyState (nVirtKey=4) returned 0
[0235.698] GetKeyState (nVirtKey=5) returned 0
[0235.698] GetKeyState (nVirtKey=6) returned 0
[0235.698] GetCapture () returned 0x0
[0235.698] SetCapture (hWnd=0x602c4) returned 0x0
[0235.698] GetKeyState (nVirtKey=1) returned -128
[0235.698] GetKeyState (nVirtKey=2) returned 0
[0235.698] GetKeyState (nVirtKey=4) returned 0
[0235.698] GetKeyState (nVirtKey=5) returned 0
[0235.698] GetKeyState (nVirtKey=6) returned 0
[0235.698] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0235.698] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0235.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.699] IsWindowUnicode (hWnd=0x602c4) returned 1
[0235.699] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0235.699] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0235.699] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0235.699] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d990e0, cPoints=0x1 | out: lpPoints=0x2d990e0) returned 40304859
[0235.699] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0235.699] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0235.699] UpdateWindow (hWnd=0x602c4) returned 1
[0235.699] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0235.699] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0235.699] CreateCompatibleDC (hdc=0x107b9) returned 0xd010781
[0235.699] SelectObject (hdc=0xd010781, h=0x4a0507fe) returned 0x85000f
[0235.699] GdipCreateFromHDC (hdc=0xd010781, graphics=0xd7e430) returned 0x0
[0235.700] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0235.700] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0235.700] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0235.700] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0235.700] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e490) returned 0x0
[0235.700] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0235.700] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0235.700] LocalFree (hMem=0x11ee788) returned 0x0
[0235.700] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0235.700] GdipCreateRegion (region=0xd7e478) returned 0x0
[0235.700] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0235.700] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e484) returned 0x0
[0235.700] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0235.700] GdipRestoreGraphics (graphics=0x6600030, state=0xf9080dbd) returned 0x0
[0235.700] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0235.701] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0235.701] GetCurrentObject (hdc=0xd010781, type=0x1) returned 0xb00017
[0235.701] GetCurrentObject (hdc=0xd010781, type=0x2) returned 0x900010
[0235.701] GetCurrentObject (hdc=0xd010781, type=0x7) returned 0x4a0507fe
[0235.701] GetCurrentObject (hdc=0xd010781, type=0x6) returned 0x8a01c2
[0235.701] SaveDC (hdc=0xd010781) returned 1
[0235.701] GetNearestColor (hdc=0xd010781, color=0xff) returned 0xff
[0235.701] GetNearestColor (hdc=0xd010781, color=0x55) returned 0x55
[0235.701] GetNearestColor (hdc=0xd010781, color=0x0) returned 0x0
[0235.701] GetNearestColor (hdc=0xd010781, color=0x55) returned 0x55
[0235.701] GetNearestColor (hdc=0xd010781, color=0x0) returned 0x0
[0235.701] GetNearestColor (hdc=0xd010781, color=0x8080ff) returned 0x8080ff
[0235.701] GetNearestColor (hdc=0xd010781, color=0x7373e5) returned 0x7373e5
[0235.701] GetNearestColor (hdc=0xd010781, color=0xe5) returned 0xe5
[0235.701] GetNearestColor (hdc=0xd010781, color=0x0) returned 0x0
[0235.701] RestoreDC (hdc=0xd010781, nSavedDC=-1) returned 1
[0235.701] GdipReleaseDC (graphics=0x6600030, hdc=0xd010781) returned 0x0
[0235.702] IsAppThemed () returned 0x1
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] IsAppThemed () returned 0x1
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d997fc | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0235.702] IsAppThemed () returned 0x1
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] IsAppThemed () returned 0x1
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] IsAppThemed () returned 0x1
[0235.702] GetThemeAppProperties () returned 0x3
[0235.702] GetThemeAppProperties () returned 0x3
[0235.703] IsAppThemed () returned 0x1
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] IsThemePartDefined () returned 0x1
[0235.703] IsAppThemed () returned 0x1
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0235.703] IsAppThemed () returned 0x1
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] IsAppThemed () returned 0x1
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] GetThemeAppProperties () returned 0x3
[0235.703] IsThemePartDefined () returned 0x1
[0235.703] GdipCreateRegion (region=0xd7e194) returned 0x0
[0235.703] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0235.703] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0235.703] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0235.703] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e1ac) returned 0x0
[0235.703] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0235.703] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0235.703] LocalFree (hMem=0x11eec58) returned 0x0
[0235.703] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0235.703] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0235.704] LocalFree (hMem=0x11ee868) returned 0x0
[0235.704] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0235.704] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0235.704] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0235.704] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0235.704] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0235.704] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0235.704] GetCurrentObject (hdc=0xd010781, type=0x1) returned 0xb00017
[0235.704] GetCurrentObject (hdc=0xd010781, type=0x2) returned 0x900010
[0235.704] GetCurrentObject (hdc=0xd010781, type=0x7) returned 0x4a0507fe
[0235.704] GetCurrentObject (hdc=0xd010781, type=0x6) returned 0x8a01c2
[0235.704] SaveDC (hdc=0xd010781) returned 1
[0235.704] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x800407de
[0235.704] GetClipRgn (hdc=0xd010781, hrgn=0x800407de) returned 0
[0235.704] SelectClipRgn (hdc=0xd010781, hrgn=0xf2040807) returned 2
[0235.704] DeleteObject (ho=0x800407de) returned 1
[0235.704] DeleteObject (ho=0xf2040807) returned 1
[0235.705] OffsetViewportOrgEx (in: hdc=0xd010781, x=0, y=0, lppt=0x2d99eac | out: lppt=0x2d99eac) returned 1
[0235.705] DrawThemeParentBackground () returned 0x0
[0235.705] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0235.705] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0235.705] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.705] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.705] GetSystemMetrics (nIndex=42) returned 0
[0235.705] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.705] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0235.705] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0235.705] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0235.705] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0235.705] SelectPalette (hdc=0xd010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0235.705] GdipCreateFromHDC (hdc=0xd010781, graphics=0xd7dc88) returned 0x0
[0235.705] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0235.706] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0235.706] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638b18) returned 0x0
[0235.706] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc60) returned 0x0
[0235.706] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0235.706] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0235.706] GdipGetClip (graphics=0x663e568, region=0x6645ab8) returned 0x0
[0235.706] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x663e568, result=0xd7dc54) returned 0x0
[0235.706] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0235.706] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc80) returned 0x0
[0235.706] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0235.711] GdipFillRectangleI (graphics=0x663e568, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0235.712] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0235.713] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0235.713] SelectPalette (hdc=0xd010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0235.713] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.713] GetSystemMetrics (nIndex=42) returned 0
[0235.713] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0235.713] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0235.713] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0235.713] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0235.713] SelectPalette (hdc=0xd010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0235.713] GdipCreateFromHDC (hdc=0xd010781, graphics=0xd7dc28) returned 0x0
[0235.714] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0235.714] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0235.714] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638ba8) returned 0x0
[0235.714] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc00) returned 0x0
[0235.714] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0235.714] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0235.714] GdipGetClip (graphics=0x663e568, region=0x6646178) returned 0x0
[0235.714] GdipIsInfiniteRegion (region=0x6646178, graphics=0x663e568, result=0xd7dbf4) returned 0x0
[0235.714] GdipDeleteRegion (region=0x6646178) returned 0x0
[0235.714] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc20) returned 0x0
[0235.714] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0235.720] GdipFillRectangleI (graphics=0x663e568, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0235.720] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0235.721] GdipRestoreGraphics (graphics=0x663e568, state=0xf9040dbd) returned 0x0
[0235.721] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.721] GetSystemMetrics (nIndex=42) returned 0
[0235.721] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0235.721] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0235.721] SelectPalette (hdc=0xd010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0235.722] RestoreDC (hdc=0xd010781, nSavedDC=-1) returned 1
[0235.722] GdipReleaseDC (graphics=0x6600030, hdc=0xd010781) returned 0x0
[0235.722] IsAppThemed () returned 0x1
[0235.722] GetThemeAppProperties () returned 0x3
[0235.722] GetThemeAppProperties () returned 0x3
[0235.722] IsAppThemed () returned 0x1
[0235.722] GetThemeAppProperties () returned 0x3
[0235.722] GetThemeAppProperties () returned 0x3
[0235.722] IsThemePartDefined () returned 0x1
[0235.722] GdipCreateRegion (region=0xd7e118) returned 0x0
[0235.722] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0235.722] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0235.722] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0235.722] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e130) returned 0x0
[0235.722] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0235.722] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0235.722] LocalFree (hMem=0x11ee8d8) returned 0x0
[0235.723] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0235.723] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0235.723] LocalFree (hMem=0x11eec58) returned 0x0
[0235.723] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0235.723] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0235.723] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0235.723] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0235.723] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0235.723] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0235.723] GetCurrentObject (hdc=0xd010781, type=0x1) returned 0xb00017
[0235.723] GetCurrentObject (hdc=0xd010781, type=0x2) returned 0x900010
[0235.723] GetCurrentObject (hdc=0xd010781, type=0x7) returned 0x4a0507fe
[0235.723] GetCurrentObject (hdc=0xd010781, type=0x6) returned 0x8a01c2
[0235.723] SaveDC (hdc=0xd010781) returned 1
[0235.723] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf3040807
[0235.723] GetClipRgn (hdc=0xd010781, hrgn=0xf3040807) returned 0
[0235.723] SelectClipRgn (hdc=0xd010781, hrgn=0x820407de) returned 2
[0235.723] DeleteObject (ho=0xf3040807) returned 1
[0235.723] DeleteObject (ho=0x820407de) returned 1
[0235.724] OffsetViewportOrgEx (in: hdc=0xd010781, x=0, y=0, lppt=0x2da06fc | out: lppt=0x2da06fc) returned 1
[0235.724] IsAppThemed () returned 0x1
[0235.724] GetThemeAppProperties () returned 0x3
[0235.724] GetThemeAppProperties () returned 0x3
[0235.724] DrawThemeBackground () returned 0x0
[0235.724] RestoreDC (hdc=0xd010781, nSavedDC=-1) returned 1
[0235.724] GdipReleaseDC (graphics=0x6600030, hdc=0xd010781) returned 0x0
[0235.724] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0235.724] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0235.724] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0235.724] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0235.724] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e134) returned 0x0
[0235.724] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0235.724] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0235.724] LocalFree (hMem=0x11ee910) returned 0x0
[0235.724] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0235.724] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eecc8) returned 0x0
[0235.724] LocalFree (hMem=0x11eecc8) returned 0x0
[0235.724] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0235.725] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0235.725] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0235.725] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0235.725] GdipDeleteRegion (region=0x6645248) returned 0x0
[0235.725] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0235.725] GetCurrentObject (hdc=0xd010781, type=0x1) returned 0xb00017
[0235.725] GetCurrentObject (hdc=0xd010781, type=0x2) returned 0x900010
[0235.725] GetCurrentObject (hdc=0xd010781, type=0x7) returned 0x4a0507fe
[0235.725] GetCurrentObject (hdc=0xd010781, type=0x6) returned 0x8a01c2
[0235.725] SaveDC (hdc=0xd010781) returned 1
[0235.725] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x830407de
[0235.725] GetClipRgn (hdc=0xd010781, hrgn=0x830407de) returned 0
[0235.725] SelectClipRgn (hdc=0xd010781, hrgn=0xf4040807) returned 2
[0235.725] DeleteObject (ho=0x830407de) returned 1
[0235.725] DeleteObject (ho=0xf4040807) returned 1
[0235.725] OffsetViewportOrgEx (in: hdc=0xd010781, x=0, y=0, lppt=0x2da09d0 | out: lppt=0x2da09d0) returned 1
[0235.725] IsAppThemed () returned 0x1
[0235.726] GetThemeAppProperties () returned 0x3
[0235.726] GetThemeAppProperties () returned 0x3
[0235.726] GetThemeBackgroundContentRect () returned 0x0
[0235.726] RestoreDC (hdc=0xd010781, nSavedDC=-1) returned 1
[0235.726] GdipReleaseDC (graphics=0x6600030, hdc=0xd010781) returned 0x0
[0235.726] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0235.726] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0235.726] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0235.726] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0235.726] IsAppThemed () returned 0x1
[0235.726] GetThemeAppProperties () returned 0x3
[0235.726] GetThemeAppProperties () returned 0x3
[0235.726] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0235.726] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0235.726] GetCurrentObject (hdc=0xd010781, type=0x1) returned 0xb00017
[0235.726] GetCurrentObject (hdc=0xd010781, type=0x2) returned 0x900010
[0235.726] GetCurrentObject (hdc=0xd010781, type=0x7) returned 0x4a0507fe
[0235.726] GetCurrentObject (hdc=0xd010781, type=0x6) returned 0x8a01c2
[0235.726] SaveDC (hdc=0xd010781) returned 1
[0235.726] GetTextAlign (hdc=0xd010781) returned 0x0
[0235.727] GetTextColor (hdc=0xd010781) returned 0x0
[0235.727] GetCurrentObject (hdc=0xd010781, type=0x6) returned 0x8a01c2
[0235.727] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0235.727] SelectObject (hdc=0xd010781, h=0x6d0a0520) returned 0x8a01c2
[0235.727] GetBkMode (hdc=0xd010781) returned 2
[0235.727] SetBkMode (hdc=0xd010781, mode=1) returned 2
[0235.727] DrawTextExW (in: hdc=0xd010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2da0d94 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0235.727] DrawTextExW (in: hdc=0xd010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2da0d94 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0235.728] RestoreDC (hdc=0xd010781, nSavedDC=-1) returned 1
[0235.728] GdipReleaseDC (graphics=0x6600030, hdc=0xd010781) returned 0x0
[0235.728] GetFocus () returned 0x602c4
[0235.728] IsAppThemed () returned 0x1
[0235.728] GetThemeAppProperties () returned 0x3
[0235.728] GetThemeAppProperties () returned 0x3
[0235.728] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0235.728] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xd010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0235.728] GdipReleaseDC (graphics=0x6600030, hdc=0xd010781) returned 0x0
[0235.728] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0235.729] SelectObject (hdc=0xd010781, h=0x85000f) returned 0x4a0507fe
[0235.729] DeleteDC (hdc=0xd010781) returned 1
[0235.729] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0235.729] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0235.729] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2da0e90, cPoints=0x1 | out: lpPoints=0x2da0e90) returned 40304859
[0235.729] WindowFromPoint (Point=0xf7) returned 0x602c4
[0235.729] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27200f7) returned 0x1
[0235.729] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0235.729] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0235.729] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0235.729] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0235.729] GetSystemMetrics (nIndex=42) returned 0
[0235.730] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0235.730] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0235.732] GetCapture () returned 0x602c4
[0235.733] ReleaseCapture () returned 1
[0235.733] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0235.733] GetProcessWindowStation () returned 0x13c
[0235.733] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.734] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0235.734] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.734] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0235.734] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.734] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0235.735] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.735] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0235.735] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.735] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0235.735] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.735] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0235.735] GetDC (hWnd=0x0) returned 0x10105d6
[0235.735] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0235.736] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0235.736] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0235.736] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0235.736] GetSystemMetrics (nIndex=5) returned 1
[0235.736] GetSystemMetrics (nIndex=6) returned 1
[0235.736] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.736] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0235.736] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.736] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0235.740] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0235.740] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0235.740] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.740] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0235.740] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.740] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0235.741] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2da68ac | out: lpData=0x2da68ac) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da6cbc, puLen=0xd7e810) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6964, puLen=0xd7e790) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da69b8, puLen=0xd7e790) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6a38, puLen=0xd7e790) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6aa0, puLen=0xd7e790) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6ae0, puLen=0xd7e790) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6b68, puLen=0xd7e790) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6ba4, puLen=0xd7e790) returned 1
[0235.742] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6bfc, puLen=0xd7e790) returned 1
[0235.743] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6c2c, puLen=0xd7e790) returned 1
[0235.743] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.743] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6c68, puLen=0xd7e790) returned 1
[0235.743] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.743] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da6cbc, puLen=0xd7e784) returned 1
[0235.743] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.743] VerQueryValueW (in: pBlock=0x2da68ac, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da68d4, puLen=0xd7e794) returned 1
[0235.744] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0235.744] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0235.744] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.744] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0235.744] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.744] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0235.744] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2da881c | out: lpData=0x2da881c) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da88b8, puLen=0xd7e810) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8930, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8960, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da899c, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da89cc, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8a14, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8a8c, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8ad0, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8b10, puLen=0xd7e790) returned 1
[0235.744] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da890e, puLen=0xd7e790) returned 1
[0235.745] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8a5c, puLen=0xd7e790) returned 1
[0235.745] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.745] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.745] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da88b8, puLen=0xd7e784) returned 1
[0235.745] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0235.745] VerQueryValueW (in: pBlock=0x2da881c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da8844, puLen=0xd7e794) returned 1
[0235.746] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0235.746] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0235.746] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.746] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0235.746] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.746] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0235.746] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2daaaf4 | out: lpData=0x2daaaf4) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2daaf08, puLen=0xd7e810) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daabac, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daac00, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daac5c, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daacbc, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daad14, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daad9c, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daadf0, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daae48, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daae78, puLen=0xd7e790) returned 1
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.747] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daaeb4, puLen=0xd7e790) returned 1
[0235.748] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.748] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2daaf08, puLen=0xd7e784) returned 1
[0235.748] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.748] VerQueryValueW (in: pBlock=0x2daaaf4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2daab1c, puLen=0xd7e794) returned 1
[0235.748] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0235.748] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0235.749] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.749] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0235.749] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.749] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0235.750] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dad12c | out: lpData=0x2dad12c) returned 1
[0235.750] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dad52c, puLen=0xd7e810) returned 1
[0235.750] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad1e4, puLen=0xd7e790) returned 1
[0235.750] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad238, puLen=0xd7e790) returned 1
[0235.750] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad278, puLen=0xd7e790) returned 1
[0235.750] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad2e0, puLen=0xd7e790) returned 1
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad338, puLen=0xd7e790) returned 1
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad3c0, puLen=0xd7e790) returned 1
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad414, puLen=0xd7e790) returned 1
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad46c, puLen=0xd7e790) returned 1
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad49c, puLen=0xd7e790) returned 1
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad4d8, puLen=0xd7e790) returned 1
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dad52c, puLen=0xd7e784) returned 1
[0235.751] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.751] VerQueryValueW (in: pBlock=0x2dad12c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dad154, puLen=0xd7e794) returned 1
[0235.752] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0235.752] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0235.752] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.752] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0235.752] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.752] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0235.753] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2daf868 | out: lpData=0x2daf868) returned 1
[0235.753] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dafc30, puLen=0xd7e810) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf920, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf974, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daf9b4, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafa1c, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafa58, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafae0, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafb18, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafb70, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafba0, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dafbdc, puLen=0xd7e790) returned 1
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dafc30, puLen=0xd7e784) returned 1
[0235.754] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.754] VerQueryValueW (in: pBlock=0x2daf868, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2daf890, puLen=0xd7e794) returned 1
[0235.755] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0235.755] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0235.755] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.755] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0235.755] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.755] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0235.756] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2db2ed0 | out: lpData=0x2db2ed0) returned 1
[0235.756] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db32b0, puLen=0xd7e810) returned 1
[0235.756] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2f88, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db2fdc, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db301c, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db307c, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db30c8, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db3150, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db3198, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db31f0, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db3220, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db325c, puLen=0xd7e790) returned 1
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db32b0, puLen=0xd7e784) returned 1
[0235.757] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.757] VerQueryValueW (in: pBlock=0x2db2ed0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db2ef8, puLen=0xd7e794) returned 1
[0235.758] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0235.758] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0235.758] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.758] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0235.758] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.758] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0235.759] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2db56f0 | out: lpData=0x2db56f0) returned 1
[0235.759] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db5afc, puLen=0xd7e810) returned 1
[0235.759] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db57a8, puLen=0xd7e790) returned 1
[0235.759] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db57fc, puLen=0xd7e790) returned 1
[0235.759] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5850, puLen=0xd7e790) returned 1
[0235.759] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db58b0, puLen=0xd7e790) returned 1
[0235.759] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5908, puLen=0xd7e790) returned 1
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5990, puLen=0xd7e790) returned 1
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db59e4, puLen=0xd7e790) returned 1
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5a3c, puLen=0xd7e790) returned 1
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5a6c, puLen=0xd7e790) returned 1
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db5aa8, puLen=0xd7e790) returned 1
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db5afc, puLen=0xd7e784) returned 1
[0235.760] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.760] VerQueryValueW (in: pBlock=0x2db56f0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db5718, puLen=0xd7e794) returned 1
[0235.761] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0235.761] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0235.761] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.761] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0235.761] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.761] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0235.762] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2db7f04 | out: lpData=0x2db7f04) returned 1
[0235.762] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2db82dc, puLen=0xd7e810) returned 1
[0235.762] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db7fbc, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db8010, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db8050, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db80b8, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db80fc, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db8184, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db81c4, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db821c, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db824c, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2db8288, puLen=0xd7e790) returned 1
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2db82dc, puLen=0xd7e784) returned 1
[0235.765] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.765] VerQueryValueW (in: pBlock=0x2db7f04, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2db7f2c, puLen=0xd7e794) returned 1
[0235.766] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0235.766] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0235.766] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.766] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0235.766] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.766] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0235.767] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dba45c | out: lpData=0x2dba45c) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dba834, puLen=0xd7e810) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba514, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba568, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba5a8, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba610, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba654, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba6dc, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba71c, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba774, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba7a4, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dba7e0, puLen=0xd7e790) returned 1
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.768] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dba834, puLen=0xd7e784) returned 1
[0235.768] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.769] VerQueryValueW (in: pBlock=0x2dba45c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dba484, puLen=0xd7e794) returned 1
[0235.769] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0235.769] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0235.769] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0235.769] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0235.770] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0235.770] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0235.770] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2dbcb94 | out: lpData=0x2dbcb94) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dbcfc4, puLen=0xd7e810) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcc4c, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcca0, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcd10, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcd70, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcdcc, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbce54, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbceac, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcf04, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcf34, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbcf70, puLen=0xd7e790) returned 1
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dbcfc4, puLen=0xd7e784) returned 1
[0235.771] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0235.771] VerQueryValueW (in: pBlock=0x2dbcb94, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dbcbbc, puLen=0xd7e794) returned 1
[0235.772] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0235.772] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.772] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0235.772] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.772] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.772] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f02de
[0235.773] SetWindowLongW (hWnd=0x1f02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0235.773] GetWindowLongW (hWnd=0x1f02de, nIndex=-4) returned 1950089536
[0235.773] SetWindowLongW (hWnd=0x1f02de, nIndex=-4, dwNewLong=19948438) returned 1950089536
[0235.774] GetWindowLongW (hWnd=0x1f02de, nIndex=-4) returned 19948438
[0235.774] GetWindowLongW (hWnd=0x1f02de, nIndex=-16) returned 113311744
[0235.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0235.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0235.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0235.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0235.776] GetClientRect (in: hWnd=0x1f02de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0235.776] GetWindowRect (in: hWnd=0x1f02de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0235.776] SetWindowTextW (hWnd=0x1f02de, lpString="WindowsFormsParkingWindow") returned 1
[0235.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0xc, wParam=0x0, lParam=0x2d82168) returned 0x1
[0235.777] GetParent (hWnd=0x1f02de) returned 0x0
[0235.777] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.777] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1f02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1402d0
[0235.777] SetWindowLongW (hWnd=0x1402d0, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0235.777] GetWindowLongW (hWnd=0x1402d0, nIndex=-4) returned 1868147648
[0235.778] SetWindowLongW (hWnd=0x1402d0, nIndex=-4, dwNewLong=19948518) returned 1868147648
[0235.778] GetWindowLongW (hWnd=0x1402d0, nIndex=-4) returned 19948518
[0235.778] GetWindowLongW (hWnd=0x1402d0, nIndex=-16) returned 1174405133
[0235.778] GetWindowLongW (hWnd=0x1402d0, nIndex=-12) returned 0
[0235.778] SetWindowLongW (hWnd=0x1402d0, nIndex=-12, dwNewLong=1311440) returned 0
[0235.778] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0235.778] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0235.779] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0235.779] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0235.779] GetWindowRect (in: hWnd=0x1402d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0235.779] GetParent (hWnd=0x1402d0) returned 0x1f02de
[0235.779] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02de, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0235.780] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0235.780] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0235.780] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0235.780] GetWindowRect (in: hWnd=0x1402d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0235.780] GetParent (hWnd=0x1402d0) returned 0x1f02de
[0235.780] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02de, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0235.780] SendMessageW (hWnd=0x1402d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1402d0) returned 0x0
[0235.780] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1402d0) returned 0x0
[0235.781] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.781] GetParent (hWnd=0x1402d0) returned 0x1f02de
[0235.781] GdipCreateFromHWND (hwnd=0x1402d0, graphics=0xd7e844) returned 0x0
[0235.781] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0235.782] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0235.782] GetForegroundWindow () returned 0x7005c
[0235.782] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.782] GetSystemMetrics (nIndex=42) returned 0
[0235.782] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0235.782] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0235.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.782] GetSystemMetrics (nIndex=42) returned 0
[0235.783] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.783] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0235.783] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.783] GetCursorPos (in: lpPoint=0x2dc1018 | out: lpPoint=0x2dc1018*(x=247, y=626)) returned 1
[0235.783] MonitorFromPoint (pt=0xf7, dwFlags=0x272) returned 0x10001
[0235.783] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0235.783] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x10010781
[0235.784] GetDeviceCaps (hdc=0x10010781, index=12) returned 32
[0235.784] GetDeviceCaps (hdc=0x10010781, index=14) returned 1
[0235.784] DeleteDC (hdc=0x10010781) returned 1
[0235.784] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0235.784] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0235.784] GetSystemMetrics (nIndex=59) returned 1460
[0235.784] GetSystemMetrics (nIndex=60) returned 920
[0235.784] GetSystemMetrics (nIndex=34) returned 136
[0235.784] GetSystemMetrics (nIndex=35) returned 39
[0235.784] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.784] GetCursorPos (in: lpPoint=0x2dc1284 | out: lpPoint=0x2dc1284*(x=247, y=626)) returned 1
[0235.785] MonitorFromPoint (pt=0xfa, dwFlags=0x273) returned 0x10001
[0235.785] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0235.785] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x11010781
[0235.785] GetDeviceCaps (hdc=0x11010781, index=12) returned 32
[0235.785] GetDeviceCaps (hdc=0x11010781, index=14) returned 1
[0235.785] DeleteDC (hdc=0x11010781) returned 1
[0235.785] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0235.785] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0235.785] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.785] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0235.786] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2dc151c | out: piconinfo=0x2dc151c) returned 1
[0235.786] GetObjectW (in: h=0xe40507e9, c=24, pv=0x2dc1538 | out: pv=0x2dc1538) returned 24
[0235.786] GdipCreateBitmapFromHBITMAP (hbm=0xe40507e9, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0235.786] GdipGetImageWidth (image=0x6602a58, width=0xd7e750) returned 0x0
[0235.786] GdipGetImageHeight (image=0x6602a58, height=0xd7e748) returned 0x0
[0235.786] GdipGetImagePixelFormat (image=0x6602a58, format=0xd7e740) returned 0x0
[0235.786] GdipBitmapLockBits (bitmap=0x6602a58, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2dc15f0) returned 0x0
[0235.786] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0235.787] GdipBitmapLockBits (bitmap=0x6602da0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2dc1628) returned 0x0
[0235.787] RtlMoveMemory (in: Destination=0x665ff50, Source=0x665fec8, Length=0x80 | out: Destination=0x665ff50)
[0235.787] RtlMoveMemory (in: Destination=0x665ffd0, Source=0x665fe48, Length=0x80 | out: Destination=0x665ffd0)
[0235.787] RtlMoveMemory (in: Destination=0x6660050, Source=0x665fdc8, Length=0x80 | out: Destination=0x6660050)
[0235.787] RtlMoveMemory (in: Destination=0x66600d0, Source=0x665fd48, Length=0x80 | out: Destination=0x66600d0)
[0235.787] RtlMoveMemory (in: Destination=0x6660150, Source=0x665fcc8, Length=0x80 | out: Destination=0x6660150)
[0235.787] RtlMoveMemory (in: Destination=0x66601d0, Source=0x665fc48, Length=0x80 | out: Destination=0x66601d0)
[0235.787] RtlMoveMemory (in: Destination=0x6660250, Source=0x665fbc8, Length=0x80 | out: Destination=0x6660250)
[0235.787] RtlMoveMemory (in: Destination=0x66602d0, Source=0x665fb48, Length=0x80 | out: Destination=0x66602d0)
[0235.787] RtlMoveMemory (in: Destination=0x6660350, Source=0x665fac8, Length=0x80 | out: Destination=0x6660350)
[0235.787] RtlMoveMemory (in: Destination=0x66603d0, Source=0x665fa48, Length=0x80 | out: Destination=0x66603d0)
[0235.787] RtlMoveMemory (in: Destination=0x6660450, Source=0x665f9c8, Length=0x80 | out: Destination=0x6660450)
[0235.787] RtlMoveMemory (in: Destination=0x66604d0, Source=0x665f948, Length=0x80 | out: Destination=0x66604d0)
[0235.787] RtlMoveMemory (in: Destination=0x6660550, Source=0x665f8c8, Length=0x80 | out: Destination=0x6660550)
[0235.788] RtlMoveMemory (in: Destination=0x66605d0, Source=0x665f848, Length=0x80 | out: Destination=0x66605d0)
[0235.788] RtlMoveMemory (in: Destination=0x6660650, Source=0x665f7c8, Length=0x80 | out: Destination=0x6660650)
[0235.788] RtlMoveMemory (in: Destination=0x66606d0, Source=0x665f748, Length=0x80 | out: Destination=0x66606d0)
[0235.788] RtlMoveMemory (in: Destination=0x6660750, Source=0x665f6c8, Length=0x80 | out: Destination=0x6660750)
[0235.788] RtlMoveMemory (in: Destination=0x66607d0, Source=0x665f648, Length=0x80 | out: Destination=0x66607d0)
[0235.788] RtlMoveMemory (in: Destination=0x6660850, Source=0x665f5c8, Length=0x80 | out: Destination=0x6660850)
[0235.788] RtlMoveMemory (in: Destination=0x66608d0, Source=0x665f548, Length=0x80 | out: Destination=0x66608d0)
[0235.788] RtlMoveMemory (in: Destination=0x6660950, Source=0x665f4c8, Length=0x80 | out: Destination=0x6660950)
[0235.788] RtlMoveMemory (in: Destination=0x66609d0, Source=0x665f448, Length=0x80 | out: Destination=0x66609d0)
[0235.788] RtlMoveMemory (in: Destination=0x6660a50, Source=0x665f3c8, Length=0x80 | out: Destination=0x6660a50)
[0235.788] RtlMoveMemory (in: Destination=0x6660ad0, Source=0x665f348, Length=0x80 | out: Destination=0x6660ad0)
[0235.788] RtlMoveMemory (in: Destination=0x6660b50, Source=0x665f2c8, Length=0x80 | out: Destination=0x6660b50)
[0235.788] RtlMoveMemory (in: Destination=0x6660bd0, Source=0x665f248, Length=0x80 | out: Destination=0x6660bd0)
[0235.788] RtlMoveMemory (in: Destination=0x6660c50, Source=0x665f1c8, Length=0x80 | out: Destination=0x6660c50)
[0235.788] RtlMoveMemory (in: Destination=0x6660cd0, Source=0x665f148, Length=0x80 | out: Destination=0x6660cd0)
[0235.788] RtlMoveMemory (in: Destination=0x6660d50, Source=0x665f0c8, Length=0x80 | out: Destination=0x6660d50)
[0235.788] RtlMoveMemory (in: Destination=0x6660dd0, Source=0x665f048, Length=0x80 | out: Destination=0x6660dd0)
[0235.789] RtlMoveMemory (in: Destination=0x6660e50, Source=0x665efc8, Length=0x80 | out: Destination=0x6660e50)
[0235.789] RtlMoveMemory (in: Destination=0x6660ed0, Source=0x665ef48, Length=0x80 | out: Destination=0x6660ed0)
[0235.789] GdipBitmapUnlockBits (bitmap=0x6602a58, lockedBitmapData=0x2dc15f0) returned 0x0
[0235.789] GdipBitmapUnlockBits (bitmap=0x6602da0, lockedBitmapData=0x2dc1628) returned 0x0
[0235.789] GdipDisposeImage (image=0x6602a58) returned 0x0
[0235.789] DeleteObject (ho=0xe40507e9) returned 1
[0235.789] DeleteObject (ho=0x12050781) returned 1
[0235.789] GetCurrentThreadId () returned 0xf50
[0235.789] GetCurrentThreadId () returned 0xf50
[0235.789] SetWindowPos (hWnd=0x1402d0, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0235.789] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0235.790] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0235.790] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0235.790] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0235.790] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0235.790] GetWindowRect (in: hWnd=0x1402d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0235.790] GetParent (hWnd=0x1402d0) returned 0x1f02de
[0235.790] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02de, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0235.790] InvalidateRect (hWnd=0x1402d0, lpRect=0x0, bErase=1) returned 1
[0235.790] GetWindowTextLengthW (hWnd=0x1402d0) returned 0
[0235.790] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0235.791] GetSystemMetrics (nIndex=42) returned 0
[0235.791] GetWindowTextW (in: hWnd=0x1402d0, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0235.791] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0235.791] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0235.791] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0235.791] GetWindowRect (in: hWnd=0x1402d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0235.791] GetParent (hWnd=0x1402d0) returned 0x1f02de
[0235.791] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02de, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0235.791] GetWindowTextLengthW (hWnd=0x1402d0) returned 0
[0235.791] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0235.791] GetSystemMetrics (nIndex=42) returned 0
[0235.791] GetWindowTextW (in: hWnd=0x1402d0, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0235.791] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0235.791] GetWindowTextLengthW (hWnd=0x1402d0) returned 0
[0235.792] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0235.792] GetSystemMetrics (nIndex=42) returned 0
[0235.792] GetWindowTextW (in: hWnd=0x1402d0, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0235.792] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0235.792] SetWindowTextW (hWnd=0x1402d0, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0235.792] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xc, wParam=0x0, lParam=0x2da2484) returned 0x1
[0235.792] InvalidateRect (hWnd=0x1402d0, lpRect=0x0, bErase=1) returned 1
[0235.792] GetCurrentThreadId () returned 0xf50
[0235.792] GetWindowThreadProcessId (in: hWnd=0x1402d0, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0235.793] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0235.795] GdipImageForceValidation (image=0x6601d38) returned 0x0
[0235.797] GdipGetImageRawFormat (image=0x6601d38, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0235.797] GdipGetImageHeight (image=0x6601d38, height=0xd7e824) returned 0x0
[0235.797] GdipGetImageWidth (image=0x6601d38, width=0xd7e824) returned 0x0
[0235.797] GdipGetImageWidth (image=0x6601d38, width=0xd7e810) returned 0x0
[0235.797] GdipGetImageHeight (image=0x6601d38, height=0xd7e810) returned 0x0
[0235.797] GdipGetImageWidth (image=0x6601d38, width=0xd7e800) returned 0x0
[0235.797] GdipGetImageHeight (image=0x6601d38, height=0xd7e800) returned 0x0
[0235.797] GdipBitmapGetPixel (bitmap=0x6601d38, x=0, y=15, color=0xd7e810) returned 0x0
[0235.797] GdipGetImageRawFormat (image=0x6601d38, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0235.797] GdipGetImageWidth (image=0x6601d38, width=0xd7e740) returned 0x0
[0235.797] GdipGetImageHeight (image=0x6601d38, height=0xd7e740) returned 0x0
[0235.797] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0235.798] GdipGetImagePixelFormat (image=0x66030e8, format=0xd7e740) returned 0x0
[0235.798] GdipGetImageGraphicsContext (image=0x66030e8, graphics=0xd7e74c) returned 0x0
[0235.798] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0235.798] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0235.798] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0235.798] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601d38, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0235.798] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0235.798] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0235.798] GdipDisposeImage (image=0x6601d38) returned 0x0
[0235.799] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0235.800] GdipImageForceValidation (image=0x66023c8) returned 0x0
[0235.802] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0235.802] GdipGetImageHeight (image=0x66023c8, height=0xd7e824) returned 0x0
[0235.802] GdipGetImageWidth (image=0x66023c8, width=0xd7e824) returned 0x0
[0235.802] GdipGetImageWidth (image=0x66023c8, width=0xd7e810) returned 0x0
[0235.802] GdipGetImageHeight (image=0x66023c8, height=0xd7e810) returned 0x0
[0235.802] GdipGetImageWidth (image=0x66023c8, width=0xd7e800) returned 0x0
[0235.802] GdipGetImageHeight (image=0x66023c8, height=0xd7e800) returned 0x0
[0235.802] GdipBitmapGetPixel (bitmap=0x66023c8, x=0, y=15, color=0xd7e810) returned 0x0
[0235.802] GdipGetImageRawFormat (image=0x66023c8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0235.802] GdipGetImageWidth (image=0x66023c8, width=0xd7e740) returned 0x0
[0235.802] GdipGetImageHeight (image=0x66023c8, height=0xd7e740) returned 0x0
[0235.802] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0235.802] GdipGetImagePixelFormat (image=0x6602a58, format=0xd7e740) returned 0x0
[0235.802] GdipGetImageGraphicsContext (image=0x6602a58, graphics=0xd7e74c) returned 0x0
[0235.802] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0235.803] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0235.803] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0235.803] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66023c8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0235.803] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0235.803] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0235.803] GdipDisposeImage (image=0x66023c8) returned 0x0
[0235.803] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.804] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0235.804] GetCurrentThreadId () returned 0xf50
[0235.804] GetCurrentThreadId () returned 0xf50
[0235.804] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.804] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0235.804] GetCurrentThreadId () returned 0xf50
[0235.804] GetCurrentThreadId () returned 0xf50
[0235.805] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.805] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0235.805] GetCurrentThreadId () returned 0xf50
[0235.805] GetCurrentThreadId () returned 0xf50
[0235.805] GetSystemMetrics (nIndex=5) returned 1
[0235.805] GetSystemMetrics (nIndex=6) returned 1
[0235.805] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.805] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0235.805] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.805] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0235.806] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.806] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0235.806] GetCurrentThreadId () returned 0xf50
[0235.806] GetCurrentThreadId () returned 0xf50
[0235.806] GetProcessWindowStation () returned 0x13c
[0235.806] GetCapture () returned 0x0
[0235.806] GetActiveWindow () returned 0x7005c
[0235.806] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0235.807] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.807] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0235.807] GetCursorPos (in: lpPoint=0x2dc2768 | out: lpPoint=0x2dc2768*(x=247, y=626)) returned 1
[0235.807] MonitorFromPoint (pt=0xf7, dwFlags=0x272) returned 0x10001
[0235.807] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0235.807] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x13010781
[0235.807] GetDeviceCaps (hdc=0x13010781, index=12) returned 32
[0235.807] GetDeviceCaps (hdc=0x13010781, index=14) returned 1
[0235.807] DeleteDC (hdc=0x13010781) returned 1
[0235.808] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0235.808] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.808] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2200ea
[0235.809] SetWindowLongW (hWnd=0x2200ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0235.809] GetWindowLongW (hWnd=0x2200ea, nIndex=-4) returned 1950089536
[0235.809] SetWindowLongW (hWnd=0x2200ea, nIndex=-4, dwNewLong=19947918) returned 1950089536
[0235.809] GetWindowLongW (hWnd=0x2200ea, nIndex=-4) returned 19947918
[0235.809] GetWindowLongW (hWnd=0x2200ea, nIndex=-16) returned 113770496
[0235.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0235.811] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0235.812] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0235.812] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0235.812] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0235.812] SetWindowTextW (hWnd=0x2200ea, lpString="BB ransomware") returned 1
[0235.812] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xc, wParam=0x0, lParam=0x2dc0f04) returned 0x1
[0235.813] GetStartupInfoW (in: lpStartupInfo=0x2dc2aa4 | out: lpStartupInfo=0x2dc2aa4*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0235.815] GetParent (hWnd=0x2200ea) returned 0x0
[0235.815] SetWindowLongW (hWnd=0x2200ea, nIndex=-8, dwNewLong=0) returned 0
[0235.817] SendMessageW (hWnd=0x2200ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0235.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0235.817] SendMessageW (hWnd=0x2200ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0235.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0235.817] GetSystemMenu (hWnd=0x2200ea, bRevert=0) returned 0x480113
[0235.818] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0235.818] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0235.818] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0235.818] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0235.818] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0235.819] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0235.819] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0235.819] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0235.819] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0235.819] SetWindowPos (hWnd=0x2200ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0235.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0235.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2200ea) returned 0x1
[0235.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0235.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0235.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0235.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0235.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0235.827] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2200ea, lParam=0x0) returned 0x0
[0235.827] GetCapture () returned 0x0
[0235.827] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0235.828] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0235.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0235.831] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0235.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0235.832] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0235.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0235.832] GetParent (hWnd=0x2200ea) returned 0x0
[0235.832] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0235.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0235.835] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0235.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0235.835] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0235.835] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0235.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0235.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0235.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0235.838] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.838] GetWindowLongW (hWnd=0x2200ea, nIndex=-16) returned 113770496
[0235.838] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0235.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.838] GetSystemMetrics (nIndex=42) returned 0
[0235.838] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0235.838] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0235.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.838] GetSystemMetrics (nIndex=42) returned 0
[0235.838] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0235.838] GetCursorPos (in: lpPoint=0x2dc2ce0 | out: lpPoint=0x2dc2ce0*(x=247, y=626)) returned 1
[0235.839] MonitorFromPoint (pt=0xf9, dwFlags=0x270) returned 0x10001
[0235.839] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0235.839] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x150107f9
[0235.839] GetDeviceCaps (hdc=0x150107f9, index=12) returned 32
[0235.839] GetDeviceCaps (hdc=0x150107f9, index=14) returned 1
[0235.839] DeleteDC (hdc=0x150107f9) returned 1
[0235.839] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0235.839] GetWindowLongW (hWnd=0x2200ea, nIndex=-16) returned 113770496
[0235.839] GetWindowLongW (hWnd=0x2200ea, nIndex=-20) returned 327945
[0235.839] SetWindowLongW (hWnd=0x2200ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0235.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0235.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0235.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0235.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0235.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0235.846] SetWindowLongW (hWnd=0x2200ea, nIndex=-20, dwNewLong=327681) returned 327945
[0235.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0235.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0235.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0235.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0235.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0235.849] SetWindowPos (hWnd=0x2200ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0235.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0235.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0235.850] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0235.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0235.850] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0235.850] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0235.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0235.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0235.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0235.852] RedrawWindow (hWnd=0x2200ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0235.852] GetSystemMenu (hWnd=0x2200ea, bRevert=0) returned 0x480113
[0235.852] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0235.852] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0235.852] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0235.852] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0235.852] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0235.852] EnableMenuItem (hMenu=0x480113, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0235.852] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0235.852] GetWindowLongW (hWnd=0x2200ea, nIndex=-8) returned 0
[0235.852] SetWindowLongW (hWnd=0x2200ea, nIndex=-8, dwNewLong=458844) returned 0
[0235.853] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0235.853] GetProcessWindowStation () returned 0x13c
[0235.853] GetCurrentThreadId () returned 0xf50
[0235.853] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13061de, lParam=0x0) returned 1
[0235.853] IsWindowVisible (hWnd=0x2200ea) returned 0
[0235.854] IsWindowVisible (hWnd=0x7005c) returned 1
[0235.854] IsWindowEnabled (hWnd=0x7005c) returned 1
[0235.854] IsWindowVisible (hWnd=0x300ec) returned 0
[0235.854] IsWindowVisible (hWnd=0x502c6) returned 0
[0235.854] IsWindowVisible (hWnd=0x502be) returned 0
[0235.854] GetActiveWindow () returned 0x2200ea
[0235.854] GetFocus () returned 0x2200ea
[0235.854] IsWindow (hWnd=0x7005c) returned 1
[0235.854] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0235.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0235.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0235.855] GetWindowLongW (hWnd=0x2200ea, nIndex=-8) returned 458844
[0235.855] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0235.855] GetCurrentThreadId () returned 0xf50
[0235.855] GetWindowLongW (hWnd=0x2200ea, nIndex=-8) returned 458844
[0235.855] IsWindowEnabled (hWnd=0x7005c) returned 0
[0235.855] IsWindowEnabled (hWnd=0x2200ea) returned 1
[0235.855] ShowWindow (hWnd=0x2200ea, nCmdShow=5) returned 0
[0235.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.855] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0235.855] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.856] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.856] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2200ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1902c8
[0235.856] SetWindowLongW (hWnd=0x1902c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0235.856] GetWindowLongW (hWnd=0x1902c8, nIndex=-4) returned 1950089536
[0235.943] SetWindowLongW (hWnd=0x1902c8, nIndex=-4, dwNewLong=19944246) returned 1950089536
[0235.943] GetWindowLongW (hWnd=0x1902c8, nIndex=-4) returned 19944246
[0235.943] GetWindowLongW (hWnd=0x1902c8, nIndex=-16) returned 1174405120
[0235.943] GetWindowLongW (hWnd=0x1902c8, nIndex=-12) returned 0
[0235.943] SetWindowLongW (hWnd=0x1902c8, nIndex=-12, dwNewLong=1639112) returned 0
[0235.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0235.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0235.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0235.944] GetWindow (hWnd=0x1902c8, uCmd=0x3) returned 0x0
[0235.944] GetClientRect (in: hWnd=0x1902c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0235.944] GetWindowRect (in: hWnd=0x1902c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0235.944] GetParent (hWnd=0x1902c8) returned 0x2200ea
[0235.944] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0235.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0235.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0235.945] GetClientRect (in: hWnd=0x1902c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0235.945] GetWindowRect (in: hWnd=0x1902c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0235.945] GetParent (hWnd=0x1902c8) returned 0x2200ea
[0235.945] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0235.945] SendMessageW (hWnd=0x1902c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1902c8) returned 0x0
[0235.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1902c8) returned 0x0
[0235.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.945] GetParent (hWnd=0x1902c8) returned 0x2200ea
[0235.945] GetParent (hWnd=0x1402d0) returned 0x1f02de
[0235.945] SetParent (hWndChild=0x1402d0, hWndNewParent=0x2200ea) returned 0x1f02de
[0235.945] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0235.946] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0235.946] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0235.946] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0235.946] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0235.946] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0235.946] GetWindowRect (in: hWnd=0x1402d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0235.946] GetParent (hWnd=0x1402d0) returned 0x2200ea
[0235.946] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0235.946] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0235.946] GetWindowRect (in: hWnd=0x1402d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0235.947] GetParent (hWnd=0x1402d0) returned 0x2200ea
[0235.947] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0235.947] GetParent (hWnd=0x1402d0) returned 0x2200ea
[0235.947] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.947] GetWindow (hWnd=0x1402d0, uCmd=0x3) returned 0x0
[0235.947] SetWindowPos (hWnd=0x1402d0, hWndInsertAfter=0x1902c8, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0235.947] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0235.947] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0235.948] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0235.948] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0235.948] GetWindowRect (in: hWnd=0x1402d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0235.948] GetParent (hWnd=0x1402d0) returned 0x2200ea
[0235.948] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0235.948] GetParent (hWnd=0x1402d0) returned 0x2200ea
[0235.948] GetWindow (hWnd=0x1402d0, uCmd=0x3) returned 0x1902c8
[0235.948] GetWindowThreadProcessId (in: hWnd=0x1402d0, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0235.948] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0235.948] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.949] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.949] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2200ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2102d8
[0235.949] SetWindowLongW (hWnd=0x2102d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0235.949] GetWindowLongW (hWnd=0x2102d8, nIndex=-4) returned 1868032000
[0235.950] SetWindowLongW (hWnd=0x2102d8, nIndex=-4, dwNewLong=19943686) returned 1868032000
[0235.950] GetWindowLongW (hWnd=0x2102d8, nIndex=-4) returned 19943686
[0235.950] GetWindowLongW (hWnd=0x2102d8, nIndex=-16) returned 1174470667
[0235.950] GetWindowLongW (hWnd=0x2102d8, nIndex=-12) returned 0
[0235.950] SetWindowLongW (hWnd=0x2102d8, nIndex=-12, dwNewLong=2163416) returned 0
[0235.950] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0235.951] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0235.951] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0235.952] SendMessageW (hWnd=0x2102d8, Msg=0x2055, wParam=0x2102d8, lParam=0x3) returned 0x2
[0235.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0235.952] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0235.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0235.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0235.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0235.952] RedrawWindow (hWnd=0x1902c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0235.952] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0235.953] RedrawWindow (hWnd=0x1402d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0235.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0235.953] RedrawWindow (hWnd=0x2102d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0235.953] RedrawWindow (hWnd=0x2200ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0235.953] GetWindow (hWnd=0x2102d8, uCmd=0x3) returned 0x1402d0
[0235.953] GetClientRect (in: hWnd=0x2102d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0235.953] GetWindowRect (in: hWnd=0x2102d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0235.953] GetParent (hWnd=0x2102d8) returned 0x2200ea
[0235.953] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0235.953] SetWindowTextW (hWnd=0x2102d8, lpString="&Details") returned 1
[0235.953] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0235.954] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0235.954] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0235.954] GetClientRect (in: hWnd=0x2102d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0235.954] GetWindowRect (in: hWnd=0x2102d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0235.954] GetParent (hWnd=0x2102d8) returned 0x2200ea
[0235.954] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0235.954] SendMessageW (hWnd=0x2102d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2102d8) returned 0x0
[0235.954] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2102d8) returned 0x0
[0235.954] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.955] GetParent (hWnd=0x2102d8) returned 0x2200ea
[0235.955] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0235.955] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.955] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.955] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2200ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f02da
[0235.956] SetWindowLongW (hWnd=0x1f02da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0235.956] GetWindowLongW (hWnd=0x1f02da, nIndex=-4) returned 1868032000
[0235.956] SetWindowLongW (hWnd=0x1f02da, nIndex=-4, dwNewLong=19944942) returned 1868032000
[0235.956] GetWindowLongW (hWnd=0x1f02da, nIndex=-4) returned 19944942
[0235.956] GetWindowLongW (hWnd=0x1f02da, nIndex=-16) returned 1174470667
[0235.956] GetWindowLongW (hWnd=0x1f02da, nIndex=-12) returned 0
[0235.956] SetWindowLongW (hWnd=0x1f02da, nIndex=-12, dwNewLong=2032346) returned 0
[0235.956] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0235.957] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0235.957] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0235.958] SendMessageW (hWnd=0x1f02da, Msg=0x2055, wParam=0x1f02da, lParam=0x3) returned 0x2
[0235.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0235.958] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0235.958] GetWindow (hWnd=0x1f02da, uCmd=0x3) returned 0x2102d8
[0235.958] GetClientRect (in: hWnd=0x1f02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0235.958] GetWindowRect (in: hWnd=0x1f02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0235.958] GetParent (hWnd=0x1f02da) returned 0x2200ea
[0235.958] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0235.958] SetWindowTextW (hWnd=0x1f02da, lpString="&Continue") returned 1
[0235.958] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0235.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0235.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0235.959] GetClientRect (in: hWnd=0x1f02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0235.959] GetWindowRect (in: hWnd=0x1f02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0235.959] GetParent (hWnd=0x1f02da) returned 0x2200ea
[0235.959] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0235.959] SendMessageW (hWnd=0x1f02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1f02da) returned 0x0
[0235.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x2210, wParam=0x2da0001, lParam=0x1f02da) returned 0x0
[0235.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.960] GetParent (hWnd=0x1f02da) returned 0x2200ea
[0235.960] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0235.960] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.960] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.960] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2200ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1502ce
[0235.961] SetWindowLongW (hWnd=0x1502ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0235.961] GetWindowLongW (hWnd=0x1502ce, nIndex=-4) returned 1868032000
[0235.961] SetWindowLongW (hWnd=0x1502ce, nIndex=-4, dwNewLong=19945582) returned 1868032000
[0235.961] GetWindowLongW (hWnd=0x1502ce, nIndex=-4) returned 19945582
[0235.961] GetWindowLongW (hWnd=0x1502ce, nIndex=-16) returned 1174470667
[0235.961] GetWindowLongW (hWnd=0x1502ce, nIndex=-12) returned 0
[0235.961] SetWindowLongW (hWnd=0x1502ce, nIndex=-12, dwNewLong=1376974) returned 0
[0235.961] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0235.962] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0235.962] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0235.963] SendMessageW (hWnd=0x1502ce, Msg=0x2055, wParam=0x1502ce, lParam=0x3) returned 0x2
[0235.963] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0235.963] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0235.963] GetWindow (hWnd=0x1502ce, uCmd=0x3) returned 0x1f02da
[0235.963] GetClientRect (in: hWnd=0x1502ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0235.963] GetWindowRect (in: hWnd=0x1502ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0235.963] GetParent (hWnd=0x1502ce) returned 0x2200ea
[0235.963] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0235.963] SetWindowTextW (hWnd=0x1502ce, lpString="&Quit") returned 1
[0235.963] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0235.964] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0235.964] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0235.964] GetClientRect (in: hWnd=0x1502ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0235.964] GetWindowRect (in: hWnd=0x1502ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0235.964] GetParent (hWnd=0x1502ce) returned 0x2200ea
[0235.964] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0235.964] SendMessageW (hWnd=0x1502ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1502ce) returned 0x0
[0235.964] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1502ce) returned 0x0
[0235.964] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.964] GetParent (hWnd=0x1502ce) returned 0x2200ea
[0235.964] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0235.965] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0235.965] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0235.965] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2200ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f02dc
[0235.965] SetWindowLongW (hWnd=0x1f02dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0235.966] GetWindowLongW (hWnd=0x1f02dc, nIndex=-4) returned 1868026976
[0235.966] SetWindowLongW (hWnd=0x1f02dc, nIndex=-4, dwNewLong=19948894) returned 1868026976
[0235.966] GetWindowLongW (hWnd=0x1f02dc, nIndex=-4) returned 19948894
[0235.966] GetWindowLongW (hWnd=0x1f02dc, nIndex=-16) returned 1177553092
[0235.966] GetWindowLongW (hWnd=0x1f02dc, nIndex=-12) returned 0
[0235.966] SetWindowLongW (hWnd=0x1f02dc, nIndex=-12, dwNewLong=2032348) returned 0
[0235.966] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0235.967] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0235.968] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0235.985] GetWindow (hWnd=0x1f02dc, uCmd=0x3) returned 0x1502ce
[0235.985] GetClientRect (in: hWnd=0x1f02dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0235.985] GetWindowRect (in: hWnd=0x1f02dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0235.985] GetParent (hWnd=0x1f02dc) returned 0x2200ea
[0235.985] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0235.985] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0235.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.985] GetSystemMetrics (nIndex=42) returned 0
[0235.985] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0235.985] SendMessageW (hWnd=0x1f02dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0235.985] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0235.990] SetWindowTextW (hWnd=0x1f02dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0235.990] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0xc, wParam=0x0, lParam=0x2dbe8ec) returned 0x1
[0235.992] GetSystemMetrics (nIndex=5) returned 1
[0235.992] GetSystemMetrics (nIndex=6) returned 1
[0235.992] SendMessageW (hWnd=0x1f02dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0235.992] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0235.993] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0235.993] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0235.993] GetClientRect (in: hWnd=0x1f02dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0235.993] GetWindowRect (in: hWnd=0x1f02dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0235.993] GetParent (hWnd=0x1f02dc) returned 0x2200ea
[0235.993] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2200ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0235.993] SendMessageW (hWnd=0x1f02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1f02dc) returned 0x0
[0235.994] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x1f02dc) returned 0x0
[0235.994] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0235.994] GetParent (hWnd=0x1f02dc) returned 0x2200ea
[0235.994] GetWindowLongW (hWnd=0x2200ea, nIndex=-8) returned 458844
[0235.994] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0235.994] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0235.994] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1c0107f9
[0235.994] GetDeviceCaps (hdc=0x1c0107f9, index=12) returned 32
[0235.994] GetDeviceCaps (hdc=0x1c0107f9, index=14) returned 1
[0235.995] DeleteDC (hdc=0x1c0107f9) returned 1
[0235.995] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0235.995] GetWindowThreadProcessId (in: hWnd=0x2200ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0235.995] GetCurrentThreadId () returned 0xf50
[0235.995] PostMessageW (hWnd=0x2200ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0235.995] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0235.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0235.995] GetSystemMetrics (nIndex=42) returned 0
[0235.995] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0235.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0235.995] GdipImageGetFrameDimensionsCount (image=0x6602da0, count=0xd7e25c) returned 0x0
[0235.995] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201070
[0235.995] GdipImageGetFrameDimensionsList (image=0x6602da0, dimensionIDs=0x1201070*(Data1=0x720074, Data2=0x6f, Data3=0x6c, Data4=([0]=0x4e, [1]=0x0, [2]=0x61, [3]=0x0, [4]=0x74, [5]=0x0, [6]=0x69, [7]=0x0)), count=0x1) returned 0x0
[0235.995] LocalFree (hMem=0x1201070) returned 0x0
[0235.995] GdipImageGetFrameDimensionsCount (image=0x66030e8, count=0xd7e250) returned 0x0
[0235.996] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201298
[0235.996] GdipImageGetFrameDimensionsList (image=0x66030e8, dimensionIDs=0x1201298*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0235.996] LocalFree (hMem=0x1201298) returned 0x0
[0235.996] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0235.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0235.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0236.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0236.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0236.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0236.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0236.010] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0236.010] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0236.010] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.010] GetSystemMetrics (nIndex=42) returned 0
[0236.010] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0236.010] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0236.010] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0236.010] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0236.010] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xffffffff890507e8
[0236.010] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0236.011] SaveDC (hdc=0x107b9) returned 1
[0236.011] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0236.011] CreateSolidBrush (color=0xf0f0f0) returned 0x6c1007e1
[0236.011] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x6c1007e1) returned 1
[0236.011] DeleteObject (ho=0x6c1007e1) returned 1
[0236.011] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0236.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0236.011] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0236.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0236.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0236.012] GetStockObject (i=5) returned 0x900015
[0236.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0236.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0236.016] GetStockObject (i=5) returned 0x900015
[0236.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0236.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0236.016] GetStockObject (i=5) returned 0x900015
[0236.017] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0236.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0236.017] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0236.017] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0236.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0236.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0236.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0236.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0236.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0236.019] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0236.019] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0236.019] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.019] InvalidateRect (hWnd=0x2102d8, lpRect=0x0, bErase=0) returned 1
[0236.019] GetFocus () returned 0x2200ea
[0236.019] GetFocus () returned 0x2200ea
[0236.019] SetFocus (hWnd=0x2102d8) returned 0x2200ea
[0236.020] GetFocus () returned 0x2102d8
[0236.020] IsChild (hWndParent=0x2200ea, hWnd=0x2102d8) returned 1
[0236.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x8, wParam=0x2102d8, lParam=0x0) returned 0x0
[0236.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0236.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0236.023] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0236.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x7, wParam=0x2200ea, lParam=0x0) returned 0x0
[0236.024] GetStockObject (i=5) returned 0x900015
[0236.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0236.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0236.024] GetDlgItem (hDlg=0x2200ea, nIDDlgItem=2163416) returned 0x2102d8
[0236.024] SendMessageW (hWnd=0x2102d8, Msg=0x202b, wParam=0x2102d8, lParam=0xd7e0dc) returned 0x0
[0236.024] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x202b, wParam=0x2102d8, lParam=0xd7e0dc) returned 0x0
[0236.024] InvalidateRect (hWnd=0x2102d8, lpRect=0x0, bErase=0) returned 1
[0236.026] GetFocus () returned 0x2102d8
[0236.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.026] IsWindowUnicode (hWnd=0x2200ea) returned 1
[0236.026] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.026] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.026] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0236.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.026] IsWindowUnicode (hWnd=0x2200ea) returned 1
[0236.026] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.027] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.027] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0236.027] IsWindowUnicode (hWnd=0x2200ea) returned 1
[0236.027] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.027] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.027] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.028] IsWindowUnicode (hWnd=0x602c4) returned 1
[0236.028] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.028] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.028] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.028] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0236.028] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0236.028] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.029] IsWindowUnicode (hWnd=0x2200ea) returned 1
[0236.029] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.029] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.029] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.029] BeginPaint (in: hWnd=0x2200ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0236.029] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.029] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.029] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.029] GetSystemMetrics (nIndex=42) returned 0
[0236.029] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.029] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0236.030] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.030] EndPaint (hWnd=0x2200ea, lpPaint=0xd7e274) returned 1
[0236.030] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.030] IsWindowUnicode (hWnd=0x1902c8) returned 1
[0236.030] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.030] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.030] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.030] BeginPaint (in: hWnd=0x1902c8, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0236.030] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.030] CreateCompatibleDC (hdc=0xf0105ee) returned 0xb50107a1
[0236.030] SelectObject (hdc=0xb50107a1, h=0x4a0507fe) returned 0x85000f
[0236.030] GdipCreateFromHDC (hdc=0xb50107a1, graphics=0xd7e2b0) returned 0x0
[0236.031] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.031] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0236.031] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0236.031] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0236.031] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e310) returned 0x0
[0236.031] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.031] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0236.031] LocalFree (hMem=0x11ee788) returned 0x0
[0236.031] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0236.031] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0236.031] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0236.031] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0236.031] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0236.031] GetWindowTextLengthW (hWnd=0x1902c8) returned 0
[0236.031] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0236.031] GetSystemMetrics (nIndex=42) returned 0
[0236.031] GetWindowTextW (in: hWnd=0x1902c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0236.031] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0236.031] GetClientRect (in: hWnd=0x1902c8, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0236.032] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0236.032] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0236.032] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0236.032] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0236.032] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e164) returned 0x0
[0236.032] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0236.032] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0236.032] LocalFree (hMem=0x11ee8d8) returned 0x0
[0236.032] GdipCombineRegionRegion (region=0x6645d88, region2=0x6645ab8, combineMode=0x1) returned 0x0
[0236.032] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.032] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0236.032] LocalFree (hMem=0x11ee788) returned 0x0
[0236.032] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0236.032] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0236.032] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0236.032] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0236.032] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0236.032] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0236.032] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0236.032] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0236.032] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0236.033] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0236.033] SaveDC (hdc=0xb50107a1) returned 1
[0236.033] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf5040807
[0236.033] GetClipRgn (hdc=0xb50107a1, hrgn=0xf5040807) returned 0
[0236.033] SelectClipRgn (hdc=0xb50107a1, hrgn=0x860407de) returned 2
[0236.033] DeleteObject (ho=0xf5040807) returned 1
[0236.033] DeleteObject (ho=0x860407de) returned 1
[0236.033] OffsetViewportOrgEx (in: hdc=0xb50107a1, x=0, y=0, lppt=0x2dc444c | out: lppt=0x2dc444c) returned 1
[0236.033] GetNearestColor (hdc=0xb50107a1, color=0xf0f0f0) returned 0xf0f0f0
[0236.033] CreateSolidBrush (color=0xf0f0f0) returned 0x6d1007e1
[0236.033] FillRect (hDC=0xb50107a1, lprc=0xd7e198, hbr=0x6d1007e1) returned 1
[0236.033] DeleteObject (ho=0x6d1007e1) returned 1
[0236.033] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0236.033] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0236.033] GdipRestoreGraphics (graphics=0x6600030, state=0xf8fe0dbd) returned 0x0
[0236.033] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0236.033] GetWindowTextLengthW (hWnd=0x1902c8) returned 0
[0236.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0236.034] GetSystemMetrics (nIndex=42) returned 0
[0236.034] GetWindowTextW (in: hWnd=0x1902c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0236.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0236.034] GdipGetImageWidth (image=0x6602da0, width=0xd7e1e0) returned 0x0
[0236.034] GdipGetImageHeight (image=0x6602da0, height=0xd7e1e0) returned 0x0
[0236.034] GdipGetImageWidth (image=0x6602da0, width=0xd7e1cc) returned 0x0
[0236.034] GdipGetImageHeight (image=0x6602da0, height=0xd7e1cc) returned 0x0
[0236.034] GdipDrawImageRectI (graphics=0x6600030, image=0x6602da0, x=16, y=16, width=32, height=32) returned 0x0
[0236.034] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0236.034] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0xb50107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.034] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0236.034] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.034] SelectObject (hdc=0xb50107a1, h=0x85000f) returned 0x4a0507fe
[0236.034] DeleteDC (hdc=0xb50107a1) returned 1
[0236.034] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.034] EndPaint (hWnd=0x1902c8, lpPaint=0xd7e294) returned 1
[0236.035] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.036] IsWindowUnicode (hWnd=0x1402d0) returned 1
[0236.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.036] BeginPaint (in: hWnd=0x1402d0, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0236.036] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.036] CreateCompatibleDC (hdc=0x10105d6) returned 0xb70107a1
[0236.036] GetObjectType (h=0x10105d6) returned 0x3
[0236.036] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffffe7050173
[0236.036] GetDIBits (in: hdc=0x10105d6, hbm=0xe7050173, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0236.036] GetDIBits (in: hdc=0x10105d6, hbm=0xe7050173, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0236.037] DeleteObject (ho=0xe7050173) returned 1
[0236.037] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x250507f9
[0236.037] SelectObject (hdc=0xb70107a1, h=0x250507f9) returned 0x85000f
[0236.038] GdipCreateFromHDC (hdc=0xb70107a1, graphics=0xd7e234) returned 0x0
[0236.038] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.039] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0236.039] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0236.039] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0236.039] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0236.039] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.039] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0236.039] LocalFree (hMem=0x11eec58) returned 0x0
[0236.039] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0236.039] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0236.039] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0236.039] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0236.039] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0236.039] GetWindowTextLengthW (hWnd=0x1402d0) returned 232
[0236.039] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0236.039] GetSystemMetrics (nIndex=42) returned 0
[0236.039] GetWindowTextW (in: hWnd=0x1402d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0236.039] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0236.039] GetClientRect (in: hWnd=0x1402d0, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0236.039] GdipCreateRegion (region=0xd7e110) returned 0x0
[0236.039] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0236.040] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0236.040] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0236.040] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e128) returned 0x0
[0236.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.040] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0236.040] LocalFree (hMem=0x11ee788) returned 0x0
[0236.040] GdipCombineRegionRegion (region=0x6645ab8, region2=0x6645d88, combineMode=0x1) returned 0x0
[0236.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.040] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0236.040] LocalFree (hMem=0x11ee788) returned 0x0
[0236.040] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0236.040] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0236.040] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0236.040] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0236.040] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0236.040] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0236.040] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0236.040] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0236.040] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x250507f9
[0236.041] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0236.041] SaveDC (hdc=0xb70107a1) returned 1
[0236.041] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x870407de
[0236.041] GetClipRgn (hdc=0xb70107a1, hrgn=0x870407de) returned 0
[0236.041] SelectClipRgn (hdc=0xb70107a1, hrgn=0xf6040807) returned 2
[0236.041] DeleteObject (ho=0x870407de) returned 1
[0236.041] DeleteObject (ho=0xf6040807) returned 1
[0236.041] OffsetViewportOrgEx (in: hdc=0xb70107a1, x=0, y=0, lppt=0x2dc5e14 | out: lppt=0x2dc5e14) returned 1
[0236.041] GetNearestColor (hdc=0xb70107a1, color=0xf0f0f0) returned 0xf0f0f0
[0236.041] CreateSolidBrush (color=0xf0f0f0) returned 0x6e1007e1
[0236.041] FillRect (hDC=0xb70107a1, lprc=0xd7e15c, hbr=0x6e1007e1) returned 1
[0236.042] DeleteObject (ho=0x6e1007e1) returned 1
[0236.042] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0236.042] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0236.042] GdipRestoreGraphics (graphics=0x6600030, state=0xf8fc0dbd) returned 0x0
[0236.042] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0236.042] GetWindowTextLengthW (hWnd=0x1402d0) returned 232
[0236.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0236.042] GetSystemMetrics (nIndex=42) returned 0
[0236.042] GetWindowTextW (in: hWnd=0x1402d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0236.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0236.042] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0236.042] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0236.043] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0236.043] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x250507f9
[0236.043] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0236.043] SaveDC (hdc=0xb70107a1) returned 1
[0236.043] GetNearestColor (hdc=0xb70107a1, color=0x0) returned 0x0
[0236.043] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0236.043] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0236.043] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0236.043] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0236.043] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2dc6610 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0236.076] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0236.076] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0236.076] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0236.076] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0236.076] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x250507f9
[0236.076] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0236.076] SaveDC (hdc=0xb70107a1) returned 1
[0236.076] GetTextAlign (hdc=0xb70107a1) returned 0x0
[0236.076] GetTextColor (hdc=0xb70107a1) returned 0x0
[0236.076] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0236.076] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0236.076] SelectObject (hdc=0xb70107a1, h=0x6d0a0520) returned 0x8a01c2
[0236.076] GetBkMode (hdc=0xb70107a1) returned 2
[0236.076] SetBkMode (hdc=0xb70107a1, mode=1) returned 2
[0236.076] DrawTextExW (in: hdc=0xb70107a1, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2dc6834 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0236.079] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0236.079] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0236.079] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0236.079] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xb70107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.079] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0236.079] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.079] SelectObject (hdc=0xb70107a1, h=0x85000f) returned 0x250507f9
[0236.080] DeleteDC (hdc=0xb70107a1) returned 1
[0236.080] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.080] DeleteObject (ho=0x250507f9) returned 1
[0236.080] EndPaint (hWnd=0x1402d0, lpPaint=0xd7e258) returned 1
[0236.080] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.080] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0236.081] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.081] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.081] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.081] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.081] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.082] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.082] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.082] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.082] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.082] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.082] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.082] IsWindowUnicode (hWnd=0x1f02da) returned 1
[0236.082] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.082] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.082] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.083] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.083] IsWindowUnicode (hWnd=0x1f02da) returned 1
[0236.083] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.083] SetCursor (hCursor=0x10003) returned 0x10003
[0236.083] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.083] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.083] _TrackMouseEvent (in: lpEventTrack=0x2dc6870 | out: lpEventTrack=0x2dc6870) returned 1
[0236.083] SendMessageW (hWnd=0x1f02da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0236.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0236.083] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.084] GetKeyState (nVirtKey=1) returned 0
[0236.084] GetKeyState (nVirtKey=2) returned 0
[0236.084] GetKeyState (nVirtKey=4) returned 0
[0236.084] GetKeyState (nVirtKey=5) returned 0
[0236.084] GetKeyState (nVirtKey=6) returned 0
[0236.084] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.084] IsWindowUnicode (hWnd=0x2102d8) returned 1
[0236.084] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.084] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.084] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.084] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.085] IsWindowUnicode (hWnd=0x2102d8) returned 1
[0236.085] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.085] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.085] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.085] BeginPaint (in: hWnd=0x2102d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0236.085] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.085] CreateCompatibleDC (hdc=0x60100ce) returned 0xea010173
[0236.085] SelectObject (hdc=0xea010173, h=0x4a0507fe) returned 0x85000f
[0236.085] GdipCreateFromHDC (hdc=0xea010173, graphics=0xd7e268) returned 0x0
[0236.086] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.086] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0236.086] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0236.086] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0236.086] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0236.086] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.086] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0236.086] LocalFree (hMem=0x11ee788) returned 0x0
[0236.086] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0236.086] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0236.086] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0236.086] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0236.086] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0236.086] GdipRestoreGraphics (graphics=0x6600030, state=0xf8fa0dbd) returned 0x0
[0236.086] GdipDeleteRegion (region=0x6645998) returned 0x0
[0236.086] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0236.087] GetCurrentObject (hdc=0xea010173, type=0x1) returned 0xb00017
[0236.087] GetCurrentObject (hdc=0xea010173, type=0x2) returned 0x900010
[0236.087] GetCurrentObject (hdc=0xea010173, type=0x7) returned 0x4a0507fe
[0236.087] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.087] SaveDC (hdc=0xea010173) returned 1
[0236.087] GetNearestColor (hdc=0xea010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.087] GetNearestColor (hdc=0xea010173, color=0xa0a0a0) returned 0xa0a0a0
[0236.087] GetNearestColor (hdc=0xea010173, color=0x696969) returned 0x696969
[0236.087] GetNearestColor (hdc=0xea010173, color=0xa0a0a0) returned 0xa0a0a0
[0236.087] GetNearestColor (hdc=0xea010173, color=0x0) returned 0x0
[0236.087] GetNearestColor (hdc=0xea010173, color=0xffffff) returned 0xffffff
[0236.087] GetNearestColor (hdc=0xea010173, color=0xe5e5e5) returned 0xe5e5e5
[0236.087] GetNearestColor (hdc=0xea010173, color=0xd7d7d7) returned 0xd7d7d7
[0236.087] GetNearestColor (hdc=0xea010173, color=0x0) returned 0x0
[0236.087] RestoreDC (hdc=0xea010173, nSavedDC=-1) returned 1
[0236.088] GdipReleaseDC (graphics=0x6600030, hdc=0xea010173) returned 0x0
[0236.088] IsAppThemed () returned 0x1
[0236.088] GetThemeAppProperties () returned 0x3
[0236.088] GetThemeAppProperties () returned 0x3
[0236.088] GdipGetImageWidth (image=0x66030e8, width=0xd7e168) returned 0x0
[0236.088] GdipGetImageHeight (image=0x66030e8, height=0xd7e168) returned 0x0
[0236.088] IsAppThemed () returned 0x1
[0236.088] GetThemeAppProperties () returned 0x3
[0236.088] GetThemeAppProperties () returned 0x3
[0236.088] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2dc6fdc | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0236.088] IsAppThemed () returned 0x1
[0236.088] GetThemeAppProperties () returned 0x3
[0236.088] GetThemeAppProperties () returned 0x3
[0236.088] IsAppThemed () returned 0x1
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] GetFocus () returned 0x2102d8
[0236.089] IsAppThemed () returned 0x1
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] IsAppThemed () returned 0x1
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] IsThemePartDefined () returned 0x1
[0236.089] IsAppThemed () returned 0x1
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0236.089] IsAppThemed () returned 0x1
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] IsAppThemed () returned 0x1
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] GetThemeAppProperties () returned 0x3
[0236.089] IsThemePartDefined () returned 0x1
[0236.089] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0236.089] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0236.089] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0236.090] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0236.090] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0236.090] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.090] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0236.090] LocalFree (hMem=0x11eec58) returned 0x0
[0236.090] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.090] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0236.090] LocalFree (hMem=0x11eec58) returned 0x0
[0236.090] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0236.090] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0236.090] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0236.090] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0236.090] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0236.090] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0236.090] GetCurrentObject (hdc=0xea010173, type=0x1) returned 0xb00017
[0236.090] GetCurrentObject (hdc=0xea010173, type=0x2) returned 0x900010
[0236.090] GetCurrentObject (hdc=0xea010173, type=0x7) returned 0x4a0507fe
[0236.090] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.094] SaveDC (hdc=0xea010173) returned 1
[0236.094] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf7040807
[0236.094] GetClipRgn (hdc=0xea010173, hrgn=0xf7040807) returned 0
[0236.094] SelectClipRgn (hdc=0xea010173, hrgn=0x8b0407de) returned 2
[0236.094] DeleteObject (ho=0xf7040807) returned 1
[0236.094] DeleteObject (ho=0x8b0407de) returned 1
[0236.094] OffsetViewportOrgEx (in: hdc=0xea010173, x=0, y=0, lppt=0x2dc768c | out: lppt=0x2dc768c) returned 1
[0236.094] DrawThemeParentBackground () returned 0x0
[0236.095] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0236.095] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0236.095] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.095] GetSystemMetrics (nIndex=42) returned 0
[0236.095] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0236.095] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0236.095] GetCurrentObject (hdc=0xea010173, type=0x1) returned 0xb00017
[0236.095] GetCurrentObject (hdc=0xea010173, type=0x2) returned 0x900010
[0236.095] GetCurrentObject (hdc=0xea010173, type=0x7) returned 0x4a0507fe
[0236.095] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.095] SaveDC (hdc=0xea010173) returned 2
[0236.095] GetNearestColor (hdc=0xea010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.095] CreateSolidBrush (color=0xf0f0f0) returned 0x6f1007e1
[0236.095] FillRect (hDC=0xea010173, lprc=0xd7da38, hbr=0x6f1007e1) returned 1
[0236.096] DeleteObject (ho=0x6f1007e1) returned 1
[0236.096] RestoreDC (hdc=0xea010173, nSavedDC=-1) returned 1
[0236.096] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.096] GetSystemMetrics (nIndex=42) returned 0
[0236.096] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0236.096] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0236.096] GetCurrentObject (hdc=0xea010173, type=0x1) returned 0xb00017
[0236.096] GetCurrentObject (hdc=0xea010173, type=0x2) returned 0x900010
[0236.096] GetCurrentObject (hdc=0xea010173, type=0x7) returned 0x4a0507fe
[0236.096] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.096] SaveDC (hdc=0xea010173) returned 2
[0236.096] GetNearestColor (hdc=0xea010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.096] CreateSolidBrush (color=0xf0f0f0) returned 0x701007e1
[0236.096] FillRect (hDC=0xea010173, lprc=0xd7d9d8, hbr=0x701007e1) returned 1
[0236.096] DeleteObject (ho=0x701007e1) returned 1
[0236.096] RestoreDC (hdc=0xea010173, nSavedDC=-1) returned 1
[0236.097] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.097] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.097] GetSystemMetrics (nIndex=42) returned 0
[0236.097] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.097] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0236.097] RestoreDC (hdc=0xea010173, nSavedDC=-1) returned 1
[0236.097] GdipReleaseDC (graphics=0x6600030, hdc=0xea010173) returned 0x0
[0236.097] IsAppThemed () returned 0x1
[0236.097] GetThemeAppProperties () returned 0x3
[0236.097] GetThemeAppProperties () returned 0x3
[0236.097] IsAppThemed () returned 0x1
[0236.097] GetThemeAppProperties () returned 0x3
[0236.097] GetThemeAppProperties () returned 0x3
[0236.097] IsThemePartDefined () returned 0x1
[0236.097] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0236.097] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0236.097] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0236.097] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0236.098] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df74) returned 0x0
[0236.098] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eed00) returned 0x0
[0236.098] LocalFree (hMem=0x11eed00) returned 0x0
[0236.098] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eead0) returned 0x0
[0236.098] LocalFree (hMem=0x11eead0) returned 0x0
[0236.098] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0236.098] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0236.098] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0236.098] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0236.098] GdipDeleteRegion (region=0x6645518) returned 0x0
[0236.098] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0236.098] GetCurrentObject (hdc=0xea010173, type=0x1) returned 0xb00017
[0236.098] GetCurrentObject (hdc=0xea010173, type=0x2) returned 0x900010
[0236.098] GetCurrentObject (hdc=0xea010173, type=0x7) returned 0x4a0507fe
[0236.098] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.098] SaveDC (hdc=0xea010173) returned 1
[0236.098] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8c0407de
[0236.098] GetClipRgn (hdc=0xea010173, hrgn=0x8c0407de) returned 0
[0236.098] SelectClipRgn (hdc=0xea010173, hrgn=0xf9040807) returned 2
[0236.099] DeleteObject (ho=0x8c0407de) returned 1
[0236.099] DeleteObject (ho=0xf9040807) returned 1
[0236.099] OffsetViewportOrgEx (in: hdc=0xea010173, x=0, y=0, lppt=0x2dc7f38 | out: lppt=0x2dc7f38) returned 1
[0236.099] IsAppThemed () returned 0x1
[0236.099] GetThemeAppProperties () returned 0x3
[0236.099] GetThemeAppProperties () returned 0x3
[0236.099] DrawThemeBackground () returned 0x0
[0236.099] RestoreDC (hdc=0xea010173, nSavedDC=-1) returned 1
[0236.099] GdipReleaseDC (graphics=0x6600030, hdc=0xea010173) returned 0x0
[0236.099] GdipCreateRegion (region=0xd7df60) returned 0x0
[0236.099] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0236.099] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0236.099] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0236.099] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0236.099] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0236.099] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea98) returned 0x0
[0236.099] LocalFree (hMem=0x11eea98) returned 0x0
[0236.099] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.099] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0236.100] LocalFree (hMem=0x11eec58) returned 0x0
[0236.100] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0236.100] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0236.100] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0236.100] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0236.100] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0236.100] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0236.100] GetCurrentObject (hdc=0xea010173, type=0x1) returned 0xb00017
[0236.100] GetCurrentObject (hdc=0xea010173, type=0x2) returned 0x900010
[0236.100] GetCurrentObject (hdc=0xea010173, type=0x7) returned 0x4a0507fe
[0236.100] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.100] SaveDC (hdc=0xea010173) returned 1
[0236.100] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa040807
[0236.100] GetClipRgn (hdc=0xea010173, hrgn=0xfa040807) returned 0
[0236.100] SelectClipRgn (hdc=0xea010173, hrgn=0x8d0407de) returned 2
[0236.100] DeleteObject (ho=0xfa040807) returned 1
[0236.100] DeleteObject (ho=0x8d0407de) returned 1
[0236.100] OffsetViewportOrgEx (in: hdc=0xea010173, x=0, y=0, lppt=0x2dc820c | out: lppt=0x2dc820c) returned 1
[0236.100] IsAppThemed () returned 0x1
[0236.101] GetThemeAppProperties () returned 0x3
[0236.101] GetThemeAppProperties () returned 0x3
[0236.101] GetThemeBackgroundContentRect () returned 0x0
[0236.101] RestoreDC (hdc=0xea010173, nSavedDC=-1) returned 1
[0236.101] GdipReleaseDC (graphics=0x6600030, hdc=0xea010173) returned 0x0
[0236.101] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0236.101] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0236.101] GdipCloneRegion (region=0x66456c8, cloneRegion=0xd7e150) returned 0x0
[0236.101] GdipCombineRegionRectI (region=0x66452d8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0236.101] GdipCombineRegionRectI (region=0x66452d8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0236.101] GdipSetClipRegion (graphics=0x6600030, region=0x66452d8, combineMode=0x0) returned 0x0
[0236.101] GdipGetImageWidth (image=0x66030e8, width=0xd7e154) returned 0x0
[0236.101] GdipGetImageHeight (image=0x66030e8, height=0xd7e148) returned 0x0
[0236.101] GdipDrawImageRectI (graphics=0x6600030, image=0x66030e8, x=4, y=4, width=16, height=16) returned 0x0
[0236.101] GdipSetClipRegion (graphics=0x6600030, region=0x66456c8, combineMode=0x0) returned 0x0
[0236.101] IsAppThemed () returned 0x1
[0236.101] GetThemeAppProperties () returned 0x3
[0236.101] GetThemeAppProperties () returned 0x3
[0236.101] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0236.101] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0236.101] GetCurrentObject (hdc=0xea010173, type=0x1) returned 0xb00017
[0236.102] GetCurrentObject (hdc=0xea010173, type=0x2) returned 0x900010
[0236.102] GetCurrentObject (hdc=0xea010173, type=0x7) returned 0x4a0507fe
[0236.102] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.102] SaveDC (hdc=0xea010173) returned 1
[0236.102] GetTextAlign (hdc=0xea010173) returned 0x0
[0236.102] GetTextColor (hdc=0xea010173) returned 0x0
[0236.102] GetCurrentObject (hdc=0xea010173, type=0x6) returned 0x8a01c2
[0236.102] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0236.102] SelectObject (hdc=0xea010173, h=0x6d0a0520) returned 0x8a01c2
[0236.102] GetBkMode (hdc=0xea010173) returned 2
[0236.102] SetBkMode (hdc=0xea010173, mode=1) returned 2
[0236.102] DrawTextExW (in: hdc=0xea010173, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc85cc | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0236.103] DrawTextExW (in: hdc=0xea010173, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc85cc | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0236.103] RestoreDC (hdc=0xea010173, nSavedDC=-1) returned 1
[0236.103] GdipReleaseDC (graphics=0x6600030, hdc=0xea010173) returned 0x0
[0236.103] GetFocus () returned 0x2102d8
[0236.103] IsAppThemed () returned 0x1
[0236.103] GetThemeAppProperties () returned 0x3
[0236.103] GetThemeAppProperties () returned 0x3
[0236.103] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0236.103] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xea010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.103] GdipReleaseDC (graphics=0x6600030, hdc=0xea010173) returned 0x0
[0236.103] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.103] SelectObject (hdc=0xea010173, h=0x85000f) returned 0x4a0507fe
[0236.104] DeleteDC (hdc=0xea010173) returned 1
[0236.104] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.104] EndPaint (hWnd=0x2102d8, lpPaint=0xd7e24c) returned 1
[0236.104] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.104] IsWindowUnicode (hWnd=0x1f02da) returned 1
[0236.104] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.104] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.104] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.104] BeginPaint (in: hWnd=0x1f02da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0236.104] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.104] CreateCompatibleDC (hdc=0xf0105ee) returned 0xec010173
[0236.104] SelectObject (hdc=0xec010173, h=0x4a0507fe) returned 0x85000f
[0236.104] GdipCreateFromHDC (hdc=0xec010173, graphics=0xd7e268) returned 0x0
[0236.105] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.105] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0236.105] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0236.105] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0236.105] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0236.105] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.105] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0236.105] LocalFree (hMem=0x11ee788) returned 0x0
[0236.105] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0236.105] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0236.105] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0236.105] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0236.105] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0236.105] GdipRestoreGraphics (graphics=0x6600030, state=0xf8f80dbd) returned 0x0
[0236.105] GdipDeleteRegion (region=0x6645908) returned 0x0
[0236.105] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0236.105] GetCurrentObject (hdc=0xec010173, type=0x1) returned 0xb00017
[0236.106] GetCurrentObject (hdc=0xec010173, type=0x2) returned 0x900010
[0236.106] GetCurrentObject (hdc=0xec010173, type=0x7) returned 0x4a0507fe
[0236.106] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.106] SaveDC (hdc=0xec010173) returned 1
[0236.106] GetNearestColor (hdc=0xec010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.106] GetNearestColor (hdc=0xec010173, color=0xa0a0a0) returned 0xa0a0a0
[0236.106] GetNearestColor (hdc=0xec010173, color=0x696969) returned 0x696969
[0236.106] GetNearestColor (hdc=0xec010173, color=0xa0a0a0) returned 0xa0a0a0
[0236.106] GetNearestColor (hdc=0xec010173, color=0x0) returned 0x0
[0236.106] GetNearestColor (hdc=0xec010173, color=0xffffff) returned 0xffffff
[0236.106] GetNearestColor (hdc=0xec010173, color=0xe5e5e5) returned 0xe5e5e5
[0236.106] GetNearestColor (hdc=0xec010173, color=0xd7d7d7) returned 0xd7d7d7
[0236.107] GetNearestColor (hdc=0xec010173, color=0x0) returned 0x0
[0236.107] RestoreDC (hdc=0xec010173, nSavedDC=-1) returned 1
[0236.107] GdipReleaseDC (graphics=0x6600030, hdc=0xec010173) returned 0x0
[0236.107] IsAppThemed () returned 0x1
[0236.107] GetThemeAppProperties () returned 0x3
[0236.107] GetThemeAppProperties () returned 0x3
[0236.107] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0236.107] SendMessageW (hWnd=0x2200ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0236.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0236.107] IsAppThemed () returned 0x1
[0236.107] GetThemeAppProperties () returned 0x3
[0236.107] GetThemeAppProperties () returned 0x3
[0236.107] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2dc8ddc | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0236.107] IsAppThemed () returned 0x1
[0236.107] GetThemeAppProperties () returned 0x3
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] IsAppThemed () returned 0x1
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] IsAppThemed () returned 0x1
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] IsAppThemed () returned 0x1
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] IsThemePartDefined () returned 0x1
[0236.108] IsAppThemed () returned 0x1
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0236.108] IsAppThemed () returned 0x1
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] IsAppThemed () returned 0x1
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] GetThemeAppProperties () returned 0x3
[0236.108] IsThemePartDefined () returned 0x1
[0236.108] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0236.108] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0236.108] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0236.108] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0236.109] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfe4) returned 0x0
[0236.109] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.109] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0236.109] LocalFree (hMem=0x11eec58) returned 0x0
[0236.109] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0236.109] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0236.109] LocalFree (hMem=0x11ee9f0) returned 0x0
[0236.109] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0236.109] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0236.109] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0236.109] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0236.109] GdipDeleteRegion (region=0x6646178) returned 0x0
[0236.109] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0236.109] GetCurrentObject (hdc=0xec010173, type=0x1) returned 0xb00017
[0236.109] GetCurrentObject (hdc=0xec010173, type=0x2) returned 0x900010
[0236.109] GetCurrentObject (hdc=0xec010173, type=0x7) returned 0x4a0507fe
[0236.109] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.109] SaveDC (hdc=0xec010173) returned 1
[0236.110] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8e0407de
[0236.110] GetClipRgn (hdc=0xec010173, hrgn=0x8e0407de) returned 0
[0236.110] SelectClipRgn (hdc=0xec010173, hrgn=0xfe040807) returned 2
[0236.110] DeleteObject (ho=0x8e0407de) returned 1
[0236.110] DeleteObject (ho=0xfe040807) returned 1
[0236.110] OffsetViewportOrgEx (in: hdc=0xec010173, x=0, y=0, lppt=0x2dc948c | out: lppt=0x2dc948c) returned 1
[0236.110] DrawThemeParentBackground () returned 0x0
[0236.110] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0236.110] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0236.110] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.110] GetSystemMetrics (nIndex=42) returned 0
[0236.110] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0236.110] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0236.110] GetCurrentObject (hdc=0xec010173, type=0x1) returned 0xb00017
[0236.110] GetCurrentObject (hdc=0xec010173, type=0x2) returned 0x900010
[0236.111] GetCurrentObject (hdc=0xec010173, type=0x7) returned 0x4a0507fe
[0236.111] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.111] SaveDC (hdc=0xec010173) returned 2
[0236.111] GetNearestColor (hdc=0xec010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.111] CreateSolidBrush (color=0xf0f0f0) returned 0x711007e1
[0236.111] FillRect (hDC=0xec010173, lprc=0xd7da30, hbr=0x711007e1) returned 1
[0236.111] DeleteObject (ho=0x711007e1) returned 1
[0236.111] RestoreDC (hdc=0xec010173, nSavedDC=-1) returned 1
[0236.111] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.111] GetSystemMetrics (nIndex=42) returned 0
[0236.111] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0236.111] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0236.111] GetCurrentObject (hdc=0xec010173, type=0x1) returned 0xb00017
[0236.111] GetCurrentObject (hdc=0xec010173, type=0x2) returned 0x900010
[0236.111] GetCurrentObject (hdc=0xec010173, type=0x7) returned 0x4a0507fe
[0236.111] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.111] SaveDC (hdc=0xec010173) returned 2
[0236.112] GetNearestColor (hdc=0xec010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.112] CreateSolidBrush (color=0xf0f0f0) returned 0x721007e1
[0236.112] FillRect (hDC=0xec010173, lprc=0xd7d9d0, hbr=0x721007e1) returned 1
[0236.112] DeleteObject (ho=0x721007e1) returned 1
[0236.112] RestoreDC (hdc=0xec010173, nSavedDC=-1) returned 1
[0236.112] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.112] GetSystemMetrics (nIndex=42) returned 0
[0236.112] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0236.112] RestoreDC (hdc=0xec010173, nSavedDC=-1) returned 1
[0236.112] GdipReleaseDC (graphics=0x6600030, hdc=0xec010173) returned 0x0
[0236.112] IsAppThemed () returned 0x1
[0236.112] GetThemeAppProperties () returned 0x3
[0236.112] GetThemeAppProperties () returned 0x3
[0236.112] IsAppThemed () returned 0x1
[0236.113] GetThemeAppProperties () returned 0x3
[0236.113] GetThemeAppProperties () returned 0x3
[0236.113] IsThemePartDefined () returned 0x1
[0236.113] GdipCreateRegion (region=0xd7df50) returned 0x0
[0236.113] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0236.113] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0236.113] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0236.113] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df68) returned 0x0
[0236.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.113] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0236.113] LocalFree (hMem=0x11eec58) returned 0x0
[0236.113] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0236.113] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0236.113] LocalFree (hMem=0x11ee8d8) returned 0x0
[0236.113] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0236.113] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df90) returned 0x0
[0236.113] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df80) returned 0x0
[0236.113] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0236.113] GdipDeleteRegion (region=0x6646178) returned 0x0
[0236.113] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0236.113] GetCurrentObject (hdc=0xec010173, type=0x1) returned 0xb00017
[0236.113] GetCurrentObject (hdc=0xec010173, type=0x2) returned 0x900010
[0236.114] GetCurrentObject (hdc=0xec010173, type=0x7) returned 0x4a0507fe
[0236.114] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.114] SaveDC (hdc=0xec010173) returned 1
[0236.114] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff040807
[0236.114] GetClipRgn (hdc=0xec010173, hrgn=0xff040807) returned 0
[0236.114] SelectClipRgn (hdc=0xec010173, hrgn=0x900407de) returned 2
[0236.114] DeleteObject (ho=0xff040807) returned 1
[0236.114] DeleteObject (ho=0x900407de) returned 1
[0236.114] OffsetViewportOrgEx (in: hdc=0xec010173, x=0, y=0, lppt=0x2dc9d38 | out: lppt=0x2dc9d38) returned 1
[0236.114] IsAppThemed () returned 0x1
[0236.114] GetThemeAppProperties () returned 0x3
[0236.114] GetThemeAppProperties () returned 0x3
[0236.114] DrawThemeBackground () returned 0x0
[0236.114] RestoreDC (hdc=0xec010173, nSavedDC=-1) returned 1
[0236.114] GdipReleaseDC (graphics=0x6600030, hdc=0xec010173) returned 0x0
[0236.114] GdipCreateRegion (region=0xd7df54) returned 0x0
[0236.114] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0236.114] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0236.115] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0236.115] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df6c) returned 0x0
[0236.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.115] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0236.115] LocalFree (hMem=0x11eec58) returned 0x0
[0236.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.115] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0236.115] LocalFree (hMem=0x11eec58) returned 0x0
[0236.115] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0236.115] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df94) returned 0x0
[0236.115] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df84) returned 0x0
[0236.115] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0236.115] GdipDeleteRegion (region=0x6645518) returned 0x0
[0236.115] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0236.115] GetCurrentObject (hdc=0xec010173, type=0x1) returned 0xb00017
[0236.115] GetCurrentObject (hdc=0xec010173, type=0x2) returned 0x900010
[0236.115] GetCurrentObject (hdc=0xec010173, type=0x7) returned 0x4a0507fe
[0236.115] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.115] SaveDC (hdc=0xec010173) returned 1
[0236.115] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x910407de
[0236.116] GetClipRgn (hdc=0xec010173, hrgn=0x910407de) returned 0
[0236.116] SelectClipRgn (hdc=0xec010173, hrgn=0x40807) returned 2
[0236.116] DeleteObject (ho=0x910407de) returned 1
[0236.116] DeleteObject (ho=0x40807) returned 1
[0236.116] OffsetViewportOrgEx (in: hdc=0xec010173, x=0, y=0, lppt=0x2dca00c | out: lppt=0x2dca00c) returned 1
[0236.116] IsAppThemed () returned 0x1
[0236.116] GetThemeAppProperties () returned 0x3
[0236.116] GetThemeAppProperties () returned 0x3
[0236.116] GetThemeBackgroundContentRect () returned 0x0
[0236.116] RestoreDC (hdc=0xec010173, nSavedDC=-1) returned 1
[0236.116] GdipReleaseDC (graphics=0x6600030, hdc=0xec010173) returned 0x0
[0236.116] IsAppThemed () returned 0x1
[0236.116] GetThemeAppProperties () returned 0x3
[0236.116] GetThemeAppProperties () returned 0x3
[0236.116] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0236.116] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0236.116] GetCurrentObject (hdc=0xec010173, type=0x1) returned 0xb00017
[0236.116] GetCurrentObject (hdc=0xec010173, type=0x2) returned 0x900010
[0236.116] GetCurrentObject (hdc=0xec010173, type=0x7) returned 0x4a0507fe
[0236.116] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.117] SaveDC (hdc=0xec010173) returned 1
[0236.117] GetTextAlign (hdc=0xec010173) returned 0x0
[0236.117] GetTextColor (hdc=0xec010173) returned 0x0
[0236.117] GetCurrentObject (hdc=0xec010173, type=0x6) returned 0x8a01c2
[0236.117] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0236.117] SelectObject (hdc=0xec010173, h=0x6d0a0520) returned 0x8a01c2
[0236.117] GetBkMode (hdc=0xec010173) returned 2
[0236.117] SetBkMode (hdc=0xec010173, mode=1) returned 2
[0236.117] DrawTextExW (in: hdc=0xec010173, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2dca3ac | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0236.117] DrawTextExW (in: hdc=0xec010173, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2dca3ac | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0236.118] RestoreDC (hdc=0xec010173, nSavedDC=-1) returned 1
[0236.118] GdipReleaseDC (graphics=0x6600030, hdc=0xec010173) returned 0x0
[0236.118] GetFocus () returned 0x2102d8
[0236.118] IsAppThemed () returned 0x1
[0236.118] GetThemeAppProperties () returned 0x3
[0236.118] GetThemeAppProperties () returned 0x3
[0236.118] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0236.118] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xec010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.118] GdipReleaseDC (graphics=0x6600030, hdc=0xec010173) returned 0x0
[0236.118] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.118] SelectObject (hdc=0xec010173, h=0x85000f) returned 0x4a0507fe
[0236.118] DeleteDC (hdc=0xec010173) returned 1
[0236.118] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.118] EndPaint (hWnd=0x1f02da, lpPaint=0xd7e24c) returned 1
[0236.119] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.119] IsWindowUnicode (hWnd=0x1502ce) returned 1
[0236.119] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.119] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.119] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.119] BeginPaint (in: hWnd=0x1502ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0236.119] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.119] CreateCompatibleDC (hdc=0x10105d6) returned 0xee010173
[0236.119] SelectObject (hdc=0xee010173, h=0x4a0507fe) returned 0x85000f
[0236.119] GdipCreateFromHDC (hdc=0xee010173, graphics=0xd7e268) returned 0x0
[0236.119] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.119] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0236.119] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0236.120] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0236.120] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0236.120] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0236.120] LocalFree (hMem=0x11ee8d8) returned 0x0
[0236.120] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0236.120] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0236.120] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0236.120] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0236.120] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0236.120] GdipRestoreGraphics (graphics=0x6600030, state=0xf8f60dbd) returned 0x0
[0236.120] GdipDeleteRegion (region=0x6646178) returned 0x0
[0236.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0236.120] GetCurrentObject (hdc=0xee010173, type=0x1) returned 0xb00017
[0236.120] GetCurrentObject (hdc=0xee010173, type=0x2) returned 0x900010
[0236.120] GetCurrentObject (hdc=0xee010173, type=0x7) returned 0x4a0507fe
[0236.120] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.120] SaveDC (hdc=0xee010173) returned 1
[0236.120] GetNearestColor (hdc=0xee010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.120] GetNearestColor (hdc=0xee010173, color=0xa0a0a0) returned 0xa0a0a0
[0236.121] GetNearestColor (hdc=0xee010173, color=0x696969) returned 0x696969
[0236.121] GetNearestColor (hdc=0xee010173, color=0xa0a0a0) returned 0xa0a0a0
[0236.121] GetNearestColor (hdc=0xee010173, color=0x0) returned 0x0
[0236.121] GetNearestColor (hdc=0xee010173, color=0xffffff) returned 0xffffff
[0236.121] GetNearestColor (hdc=0xee010173, color=0xe5e5e5) returned 0xe5e5e5
[0236.121] GetNearestColor (hdc=0xee010173, color=0xd7d7d7) returned 0xd7d7d7
[0236.121] GetNearestColor (hdc=0xee010173, color=0x0) returned 0x0
[0236.121] RestoreDC (hdc=0xee010173, nSavedDC=-1) returned 1
[0236.121] GdipReleaseDC (graphics=0x6600030, hdc=0xee010173) returned 0x0
[0236.121] IsAppThemed () returned 0x1
[0236.121] GetThemeAppProperties () returned 0x3
[0236.121] GetThemeAppProperties () returned 0x3
[0236.121] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0236.121] SendMessageW (hWnd=0x2200ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0236.121] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0236.121] IsAppThemed () returned 0x1
[0236.121] GetThemeAppProperties () returned 0x3
[0236.121] GetThemeAppProperties () returned 0x3
[0236.122] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2dcabbc | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0236.122] IsAppThemed () returned 0x1
[0236.125] GetThemeAppProperties () returned 0x3
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] IsAppThemed () returned 0x1
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] GetFocus () returned 0x2102d8
[0236.126] IsAppThemed () returned 0x1
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] IsAppThemed () returned 0x1
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] IsThemePartDefined () returned 0x1
[0236.126] IsAppThemed () returned 0x1
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0236.126] IsAppThemed () returned 0x1
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] IsAppThemed () returned 0x1
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] GetThemeAppProperties () returned 0x3
[0236.126] IsThemePartDefined () returned 0x1
[0236.126] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0236.127] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0236.127] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0236.127] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0236.127] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dff0) returned 0x0
[0236.127] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0236.127] LocalFree (hMem=0x11eec58) returned 0x0
[0236.127] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0236.127] LocalFree (hMem=0x11eec58) returned 0x0
[0236.127] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0236.127] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e018) returned 0x0
[0236.127] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e008) returned 0x0
[0236.127] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0236.127] GdipDeleteRegion (region=0x6645758) returned 0x0
[0236.127] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0236.127] GetCurrentObject (hdc=0xee010173, type=0x1) returned 0xb00017
[0236.127] GetCurrentObject (hdc=0xee010173, type=0x2) returned 0x900010
[0236.127] GetCurrentObject (hdc=0xee010173, type=0x7) returned 0x4a0507fe
[0236.127] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.127] SaveDC (hdc=0xee010173) returned 1
[0236.127] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1040807
[0236.127] GetClipRgn (hdc=0xee010173, hrgn=0x1040807) returned 0
[0236.128] SelectClipRgn (hdc=0xee010173, hrgn=0x950407de) returned 2
[0236.128] DeleteObject (ho=0x1040807) returned 1
[0236.128] DeleteObject (ho=0x950407de) returned 1
[0236.128] OffsetViewportOrgEx (in: hdc=0xee010173, x=0, y=0, lppt=0x2dcb26c | out: lppt=0x2dcb26c) returned 1
[0236.128] DrawThemeParentBackground () returned 0x0
[0236.128] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0236.128] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0236.128] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.128] GetSystemMetrics (nIndex=42) returned 0
[0236.128] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0236.128] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0236.128] GetCurrentObject (hdc=0xee010173, type=0x1) returned 0xb00017
[0236.128] GetCurrentObject (hdc=0xee010173, type=0x2) returned 0x900010
[0236.128] GetCurrentObject (hdc=0xee010173, type=0x7) returned 0x4a0507fe
[0236.128] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.129] SaveDC (hdc=0xee010173) returned 2
[0236.129] GetNearestColor (hdc=0xee010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.129] CreateSolidBrush (color=0xf0f0f0) returned 0x731007e1
[0236.129] FillRect (hDC=0xee010173, lprc=0xd7da38, hbr=0x731007e1) returned 1
[0236.129] DeleteObject (ho=0x731007e1) returned 1
[0236.129] RestoreDC (hdc=0xee010173, nSavedDC=-1) returned 1
[0236.129] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.129] GetSystemMetrics (nIndex=42) returned 0
[0236.129] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0236.129] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0236.129] GetCurrentObject (hdc=0xee010173, type=0x1) returned 0xb00017
[0236.129] GetCurrentObject (hdc=0xee010173, type=0x2) returned 0x900010
[0236.129] GetCurrentObject (hdc=0xee010173, type=0x7) returned 0x4a0507fe
[0236.129] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.129] SaveDC (hdc=0xee010173) returned 2
[0236.129] GetNearestColor (hdc=0xee010173, color=0xf0f0f0) returned 0xf0f0f0
[0236.130] CreateSolidBrush (color=0xf0f0f0) returned 0x741007e1
[0236.130] FillRect (hDC=0xee010173, lprc=0xd7d9d8, hbr=0x741007e1) returned 1
[0236.130] DeleteObject (ho=0x741007e1) returned 1
[0236.130] RestoreDC (hdc=0xee010173, nSavedDC=-1) returned 1
[0236.130] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.130] GetSystemMetrics (nIndex=42) returned 0
[0236.130] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0236.130] RestoreDC (hdc=0xee010173, nSavedDC=-1) returned 1
[0236.130] GdipReleaseDC (graphics=0x6600030, hdc=0xee010173) returned 0x0
[0236.130] IsAppThemed () returned 0x1
[0236.130] GetThemeAppProperties () returned 0x3
[0236.130] GetThemeAppProperties () returned 0x3
[0236.130] IsAppThemed () returned 0x1
[0236.130] GetThemeAppProperties () returned 0x3
[0236.130] GetThemeAppProperties () returned 0x3
[0236.130] IsThemePartDefined () returned 0x1
[0236.130] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0236.131] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0236.131] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0236.131] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0236.131] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df74) returned 0x0
[0236.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0236.131] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0236.131] LocalFree (hMem=0x11eea60) returned 0x0
[0236.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.131] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0236.131] LocalFree (hMem=0x11eec58) returned 0x0
[0236.131] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0236.131] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0236.131] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0236.131] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0236.131] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0236.131] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0236.131] GetCurrentObject (hdc=0xee010173, type=0x1) returned 0xb00017
[0236.131] GetCurrentObject (hdc=0xee010173, type=0x2) returned 0x900010
[0236.131] GetCurrentObject (hdc=0xee010173, type=0x7) returned 0x4a0507fe
[0236.131] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.132] SaveDC (hdc=0xee010173) returned 1
[0236.132] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x960407de
[0236.132] GetClipRgn (hdc=0xee010173, hrgn=0x960407de) returned 0
[0236.132] SelectClipRgn (hdc=0xee010173, hrgn=0x3040807) returned 2
[0236.132] DeleteObject (ho=0x960407de) returned 1
[0236.132] DeleteObject (ho=0x3040807) returned 1
[0236.132] OffsetViewportOrgEx (in: hdc=0xee010173, x=0, y=0, lppt=0x2dcbb18 | out: lppt=0x2dcbb18) returned 1
[0236.132] IsAppThemed () returned 0x1
[0236.132] GetThemeAppProperties () returned 0x3
[0236.132] GetThemeAppProperties () returned 0x3
[0236.132] DrawThemeBackground () returned 0x0
[0236.132] RestoreDC (hdc=0xee010173, nSavedDC=-1) returned 1
[0236.132] GdipReleaseDC (graphics=0x6600030, hdc=0xee010173) returned 0x0
[0236.132] GdipCreateRegion (region=0xd7df60) returned 0x0
[0236.132] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0236.132] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0236.132] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0236.133] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df78) returned 0x0
[0236.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0236.133] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0236.133] LocalFree (hMem=0x11ee8d8) returned 0x0
[0236.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0236.133] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0236.133] LocalFree (hMem=0x11ee9f0) returned 0x0
[0236.133] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0236.133] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0236.133] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7df90) returned 0x0
[0236.133] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0236.133] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0236.133] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0236.133] GetCurrentObject (hdc=0xee010173, type=0x1) returned 0xb00017
[0236.133] GetCurrentObject (hdc=0xee010173, type=0x2) returned 0x900010
[0236.133] GetCurrentObject (hdc=0xee010173, type=0x7) returned 0x4a0507fe
[0236.133] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.133] SaveDC (hdc=0xee010173) returned 1
[0236.133] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4040807
[0236.133] GetClipRgn (hdc=0xee010173, hrgn=0x4040807) returned 0
[0236.134] SelectClipRgn (hdc=0xee010173, hrgn=0x970407de) returned 2
[0236.134] DeleteObject (ho=0x4040807) returned 1
[0236.134] DeleteObject (ho=0x970407de) returned 1
[0236.134] OffsetViewportOrgEx (in: hdc=0xee010173, x=0, y=0, lppt=0x2dcbdec | out: lppt=0x2dcbdec) returned 1
[0236.134] IsAppThemed () returned 0x1
[0236.134] GetThemeAppProperties () returned 0x3
[0236.134] GetThemeAppProperties () returned 0x3
[0236.134] GetThemeBackgroundContentRect () returned 0x0
[0236.134] RestoreDC (hdc=0xee010173, nSavedDC=-1) returned 1
[0236.134] GdipReleaseDC (graphics=0x6600030, hdc=0xee010173) returned 0x0
[0236.134] IsAppThemed () returned 0x1
[0236.134] GetThemeAppProperties () returned 0x3
[0236.134] GetThemeAppProperties () returned 0x3
[0236.134] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0236.134] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0236.134] GetCurrentObject (hdc=0xee010173, type=0x1) returned 0xb00017
[0236.134] GetCurrentObject (hdc=0xee010173, type=0x2) returned 0x900010
[0236.134] GetCurrentObject (hdc=0xee010173, type=0x7) returned 0x4a0507fe
[0236.134] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.134] SaveDC (hdc=0xee010173) returned 1
[0236.135] GetTextAlign (hdc=0xee010173) returned 0x0
[0236.135] GetTextColor (hdc=0xee010173) returned 0x0
[0236.135] GetCurrentObject (hdc=0xee010173, type=0x6) returned 0x8a01c2
[0236.135] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0236.135] SelectObject (hdc=0xee010173, h=0x6d0a0520) returned 0x8a01c2
[0236.135] GetBkMode (hdc=0xee010173) returned 2
[0236.135] SetBkMode (hdc=0xee010173, mode=1) returned 2
[0236.135] DrawTextExW (in: hdc=0xee010173, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2dcc18c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0236.135] DrawTextExW (in: hdc=0xee010173, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dcc18c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0236.136] RestoreDC (hdc=0xee010173, nSavedDC=-1) returned 1
[0236.136] GdipReleaseDC (graphics=0x6600030, hdc=0xee010173) returned 0x0
[0236.136] GetFocus () returned 0x2102d8
[0236.136] IsAppThemed () returned 0x1
[0236.136] GetThemeAppProperties () returned 0x3
[0236.136] GetThemeAppProperties () returned 0x3
[0236.136] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0236.136] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xee010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.136] GdipReleaseDC (graphics=0x6600030, hdc=0xee010173) returned 0x0
[0236.136] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.136] SelectObject (hdc=0xee010173, h=0x85000f) returned 0x4a0507fe
[0236.136] DeleteDC (hdc=0xee010173) returned 1
[0236.136] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.136] EndPaint (hWnd=0x1502ce, lpPaint=0xd7e24c) returned 1
[0236.137] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.137] IsWindowUnicode (hWnd=0x602c4) returned 1
[0236.137] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.137] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.137] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.137] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0236.138] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.138] CreateCompatibleDC (hdc=0x107b9) returned 0xf0010173
[0236.138] SelectObject (hdc=0xf0010173, h=0x4a0507fe) returned 0x85000f
[0236.138] GdipCreateFromHDC (hdc=0xf0010173, graphics=0xd7e268) returned 0x0
[0236.138] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.138] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0236.138] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0236.138] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0236.138] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0236.138] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.138] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0236.138] LocalFree (hMem=0x11eec58) returned 0x0
[0236.139] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0236.139] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0236.139] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0236.139] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0236.139] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0236.139] GdipRestoreGraphics (graphics=0x6600030, state=0xf8f40dbd) returned 0x0
[0236.139] GdipDeleteRegion (region=0x6645758) returned 0x0
[0236.139] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0236.139] GetCurrentObject (hdc=0xf0010173, type=0x1) returned 0xb00017
[0236.139] GetCurrentObject (hdc=0xf0010173, type=0x2) returned 0x900010
[0236.139] GetCurrentObject (hdc=0xf0010173, type=0x7) returned 0x4a0507fe
[0236.139] GetCurrentObject (hdc=0xf0010173, type=0x6) returned 0x8a01c2
[0236.139] SaveDC (hdc=0xf0010173) returned 1
[0236.139] GetNearestColor (hdc=0xf0010173, color=0xff) returned 0xff
[0236.139] GetNearestColor (hdc=0xf0010173, color=0x55) returned 0x55
[0236.139] GetNearestColor (hdc=0xf0010173, color=0x0) returned 0x0
[0236.139] GetNearestColor (hdc=0xf0010173, color=0x55) returned 0x55
[0236.139] GetNearestColor (hdc=0xf0010173, color=0x0) returned 0x0
[0236.140] GetNearestColor (hdc=0xf0010173, color=0x8080ff) returned 0x8080ff
[0236.140] GetNearestColor (hdc=0xf0010173, color=0x7373e5) returned 0x7373e5
[0236.140] GetNearestColor (hdc=0xf0010173, color=0xe5) returned 0xe5
[0236.140] GetNearestColor (hdc=0xf0010173, color=0x0) returned 0x0
[0236.140] RestoreDC (hdc=0xf0010173, nSavedDC=-1) returned 1
[0236.140] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010173) returned 0x0
[0236.140] IsAppThemed () returned 0x1
[0236.140] GetThemeAppProperties () returned 0x3
[0236.140] GetThemeAppProperties () returned 0x3
[0236.140] IsAppThemed () returned 0x1
[0236.140] GetThemeAppProperties () returned 0x3
[0236.140] GetThemeAppProperties () returned 0x3
[0236.140] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2dcc954 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0236.140] IsAppThemed () returned 0x1
[0236.140] GetThemeAppProperties () returned 0x3
[0236.140] GetThemeAppProperties () returned 0x3
[0236.141] IsAppThemed () returned 0x1
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] GetFocus () returned 0x2102d8
[0236.141] IsAppThemed () returned 0x1
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] IsAppThemed () returned 0x1
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] IsThemePartDefined () returned 0x1
[0236.141] IsAppThemed () returned 0x1
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0236.141] IsAppThemed () returned 0x1
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] IsAppThemed () returned 0x1
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] GetThemeAppProperties () returned 0x3
[0236.141] IsThemePartDefined () returned 0x1
[0236.141] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0236.141] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0236.141] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0236.142] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0236.142] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0236.142] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.142] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0236.142] LocalFree (hMem=0x11ee788) returned 0x0
[0236.142] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.142] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0236.142] LocalFree (hMem=0x11ee788) returned 0x0
[0236.142] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0236.142] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e018) returned 0x0
[0236.142] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e008) returned 0x0
[0236.142] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0236.142] GdipDeleteRegion (region=0x6645248) returned 0x0
[0236.142] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0236.142] GetCurrentObject (hdc=0xf0010173, type=0x1) returned 0xb00017
[0236.142] GetCurrentObject (hdc=0xf0010173, type=0x2) returned 0x900010
[0236.142] GetCurrentObject (hdc=0xf0010173, type=0x7) returned 0x4a0507fe
[0236.142] GetCurrentObject (hdc=0xf0010173, type=0x6) returned 0x8a01c2
[0236.142] SaveDC (hdc=0xf0010173) returned 1
[0236.143] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x980407de
[0236.143] GetClipRgn (hdc=0xf0010173, hrgn=0x980407de) returned 0
[0236.143] SelectClipRgn (hdc=0xf0010173, hrgn=0x8040807) returned 2
[0236.143] DeleteObject (ho=0x980407de) returned 1
[0236.143] DeleteObject (ho=0x8040807) returned 1
[0236.143] OffsetViewportOrgEx (in: hdc=0xf0010173, x=0, y=0, lppt=0x2dcd004 | out: lppt=0x2dcd004) returned 1
[0236.143] DrawThemeParentBackground () returned 0x0
[0236.143] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0236.143] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0236.143] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0236.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.143] GetSystemMetrics (nIndex=42) returned 0
[0236.143] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0236.143] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0236.143] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0236.143] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0236.143] SelectPalette (hdc=0xf0010173, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.144] GdipCreateFromHDC (hdc=0xf0010173, graphics=0xd7dac8) returned 0x0
[0236.144] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0236.144] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0236.144] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a88) returned 0x0
[0236.144] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7daa0) returned 0x0
[0236.144] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0236.144] GdipCreateRegion (region=0xd7da88) returned 0x0
[0236.144] GdipGetClip (graphics=0x663e568, region=0x6645248) returned 0x0
[0236.144] GdipIsInfiniteRegion (region=0x6645248, graphics=0x663e568, result=0xd7da94) returned 0x0
[0236.144] GdipDeleteRegion (region=0x6645248) returned 0x0
[0236.144] GdipSaveGraphics (graphics=0x663e568, state=0xd7dac0) returned 0x0
[0236.144] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0236.150] GdipFillRectangleI (graphics=0x663e568, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0236.150] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0236.151] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0236.151] SelectPalette (hdc=0xf0010173, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.151] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0236.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.152] GetSystemMetrics (nIndex=42) returned 0
[0236.152] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0236.152] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0236.152] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0236.152] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0236.152] SelectPalette (hdc=0xf0010173, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.152] GdipCreateFromHDC (hdc=0xf0010173, graphics=0xd7da68) returned 0x0
[0236.152] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0236.152] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0236.152] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c08) returned 0x0
[0236.152] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7da40) returned 0x0
[0236.152] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0236.152] GdipCreateRegion (region=0xd7da28) returned 0x0
[0236.152] GdipGetClip (graphics=0x663e568, region=0x6646178) returned 0x0
[0236.152] GdipIsInfiniteRegion (region=0x6646178, graphics=0x663e568, result=0xd7da34) returned 0x0
[0236.152] GdipDeleteRegion (region=0x6646178) returned 0x0
[0236.152] GdipSaveGraphics (graphics=0x663e568, state=0xd7da60) returned 0x0
[0236.153] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0236.162] GdipFillRectangleI (graphics=0x663e568, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0236.162] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0236.163] GdipRestoreGraphics (graphics=0x663e568, state=0xf8f00dbd) returned 0x0
[0236.163] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0236.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.164] GetSystemMetrics (nIndex=42) returned 0
[0236.164] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0236.164] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0236.164] SelectPalette (hdc=0xf0010173, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.164] RestoreDC (hdc=0xf0010173, nSavedDC=-1) returned 1
[0236.164] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010173) returned 0x0
[0236.164] IsAppThemed () returned 0x1
[0236.164] GetThemeAppProperties () returned 0x3
[0236.164] GetThemeAppProperties () returned 0x3
[0236.164] IsAppThemed () returned 0x1
[0236.164] GetThemeAppProperties () returned 0x3
[0236.164] GetThemeAppProperties () returned 0x3
[0236.164] IsThemePartDefined () returned 0x1
[0236.164] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0236.165] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0236.165] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0236.165] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0236.165] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0236.165] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.165] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0236.165] LocalFree (hMem=0x11eec58) returned 0x0
[0236.165] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0236.165] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0236.165] LocalFree (hMem=0x11eead0) returned 0x0
[0236.165] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0236.165] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0236.165] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0236.165] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0236.165] GdipDeleteRegion (region=0x6646178) returned 0x0
[0236.165] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0236.165] GetCurrentObject (hdc=0xf0010173, type=0x1) returned 0xb00017
[0236.165] GetCurrentObject (hdc=0xf0010173, type=0x2) returned 0x900010
[0236.165] GetCurrentObject (hdc=0xf0010173, type=0x7) returned 0x4a0507fe
[0236.166] GetCurrentObject (hdc=0xf0010173, type=0x6) returned 0x8a01c2
[0236.166] SaveDC (hdc=0xf0010173) returned 1
[0236.166] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9040807
[0236.166] GetClipRgn (hdc=0xf0010173, hrgn=0x9040807) returned 0
[0236.166] SelectClipRgn (hdc=0xf0010173, hrgn=0x9a0407de) returned 2
[0236.166] DeleteObject (ho=0x9040807) returned 1
[0236.166] DeleteObject (ho=0x9a0407de) returned 1
[0236.166] OffsetViewportOrgEx (in: hdc=0xf0010173, x=0, y=0, lppt=0x2dd3854 | out: lppt=0x2dd3854) returned 1
[0236.166] IsAppThemed () returned 0x1
[0236.166] GetThemeAppProperties () returned 0x3
[0236.166] GetThemeAppProperties () returned 0x3
[0236.166] DrawThemeBackground () returned 0x0
[0236.166] RestoreDC (hdc=0xf0010173, nSavedDC=-1) returned 1
[0236.166] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010173) returned 0x0
[0236.166] GdipCreateRegion (region=0xd7df60) returned 0x0
[0236.166] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0236.166] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0236.166] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0236.166] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0236.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0236.167] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0236.167] LocalFree (hMem=0x11ee9f0) returned 0x0
[0236.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0236.167] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0236.167] LocalFree (hMem=0x11ee9f0) returned 0x0
[0236.167] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0236.167] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0236.167] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df90) returned 0x0
[0236.167] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0236.167] GdipDeleteRegion (region=0x6645248) returned 0x0
[0236.167] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0236.167] GetCurrentObject (hdc=0xf0010173, type=0x1) returned 0xb00017
[0236.167] GetCurrentObject (hdc=0xf0010173, type=0x2) returned 0x900010
[0236.167] GetCurrentObject (hdc=0xf0010173, type=0x7) returned 0x4a0507fe
[0236.167] GetCurrentObject (hdc=0xf0010173, type=0x6) returned 0x8a01c2
[0236.167] SaveDC (hdc=0xf0010173) returned 1
[0236.167] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9b0407de
[0236.167] GetClipRgn (hdc=0xf0010173, hrgn=0x9b0407de) returned 0
[0236.167] SelectClipRgn (hdc=0xf0010173, hrgn=0xa040807) returned 2
[0236.167] DeleteObject (ho=0x9b0407de) returned 1
[0236.168] DeleteObject (ho=0xa040807) returned 1
[0236.168] OffsetViewportOrgEx (in: hdc=0xf0010173, x=0, y=0, lppt=0x2dd3b28 | out: lppt=0x2dd3b28) returned 1
[0236.168] IsAppThemed () returned 0x1
[0236.168] GetThemeAppProperties () returned 0x3
[0236.168] GetThemeAppProperties () returned 0x3
[0236.168] GetThemeBackgroundContentRect () returned 0x0
[0236.168] RestoreDC (hdc=0xf0010173, nSavedDC=-1) returned 1
[0236.168] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010173) returned 0x0
[0236.168] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0236.168] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0236.168] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0236.168] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0236.168] IsAppThemed () returned 0x1
[0236.168] GetThemeAppProperties () returned 0x3
[0236.168] GetThemeAppProperties () returned 0x3
[0236.168] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0236.168] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0236.168] GetCurrentObject (hdc=0xf0010173, type=0x1) returned 0xb00017
[0236.168] GetCurrentObject (hdc=0xf0010173, type=0x2) returned 0x900010
[0236.168] GetCurrentObject (hdc=0xf0010173, type=0x7) returned 0x4a0507fe
[0236.168] GetCurrentObject (hdc=0xf0010173, type=0x6) returned 0x8a01c2
[0236.168] SaveDC (hdc=0xf0010173) returned 1
[0236.169] GetTextAlign (hdc=0xf0010173) returned 0x0
[0236.169] GetTextColor (hdc=0xf0010173) returned 0x0
[0236.169] GetCurrentObject (hdc=0xf0010173, type=0x6) returned 0x8a01c2
[0236.169] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0236.169] SelectObject (hdc=0xf0010173, h=0x6d0a0520) returned 0x8a01c2
[0236.169] GetBkMode (hdc=0xf0010173) returned 2
[0236.169] SetBkMode (hdc=0xf0010173, mode=1) returned 2
[0236.169] DrawTextExW (in: hdc=0xf0010173, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dd3eec | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0236.170] DrawTextExW (in: hdc=0xf0010173, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dd3eec | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0236.170] RestoreDC (hdc=0xf0010173, nSavedDC=-1) returned 1
[0236.170] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010173) returned 0x0
[0236.170] GetFocus () returned 0x2102d8
[0236.170] IsAppThemed () returned 0x1
[0236.170] GetThemeAppProperties () returned 0x3
[0236.170] GetThemeAppProperties () returned 0x3
[0236.170] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0236.170] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xf0010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.170] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010173) returned 0x0
[0236.170] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.170] SelectObject (hdc=0xf0010173, h=0x85000f) returned 0x4a0507fe
[0236.171] DeleteDC (hdc=0xf0010173) returned 1
[0236.171] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.171] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0236.171] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.171] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.171] WaitMessage () returned 1
[0236.172] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0236.172] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.172] WaitMessage () returned 1
[0236.172] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0236.173] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.173] WaitMessage () returned 1
[0236.188] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.188] IsWindowUnicode (hWnd=0x1f02da) returned 1
[0236.188] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.188] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.188] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.188] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.188] IsWindowUnicode (hWnd=0x1f02da) returned 1
[0236.189] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.189] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.189] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.189] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x2a1, wParam=0x0, lParam=0xd0027) returned 0x0
[0236.189] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.189] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.189] WaitMessage () returned 1
[0236.200] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.200] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.200] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.200] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.200] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.201] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.201] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.201] WaitMessage () returned 1
[0236.202] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.202] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.202] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.203] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.203] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.204] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.204] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.204] WaitMessage () returned 1
[0236.204] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.205] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.205] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.205] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.205] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.206] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.207] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.207] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.207] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.207] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.207] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.207] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.207] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.207] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.207] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.207] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.208] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.208] WaitMessage () returned 1
[0236.208] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.208] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.208] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.208] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.208] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.209] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.209] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.210] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.210] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.210] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.210] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.210] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.210] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.210] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.210] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.210] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.211] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.211] WaitMessage () returned 1
[0236.213] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.213] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.213] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.213] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.213] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.214] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.215] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.215] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.215] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.215] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.215] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.215] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.215] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.215] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.215] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.222] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.222] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.222] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.222] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.222] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.222] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.223] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0236.223] WaitMessage () returned 1
[0236.277] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.277] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.277] IsWindowUnicode (hWnd=0x1f02da) returned 1
[0236.277] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.277] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.277] GetDlgItem (hDlg=0x2200ea, nIDDlgItem=0) returned 0x0
[0236.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x210, wParam=0x201, lParam=0x6b0108) returned 0x0
[0236.278] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x21, wParam=0x2200ea, lParam=0x2010001) returned 0x1
[0236.278] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x21, wParam=0x2200ea, lParam=0x2010001) returned 0x1
[0236.278] SetCursor (hCursor=0x10003) returned 0x10003
[0236.278] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.278] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.286] GetKeyState (nVirtKey=1) returned -127
[0236.286] GetKeyState (nVirtKey=2) returned 0
[0236.286] GetKeyState (nVirtKey=4) returned 0
[0236.286] GetKeyState (nVirtKey=5) returned 0
[0236.286] GetKeyState (nVirtKey=6) returned 0
[0236.286] IsWindowVisible (hWnd=0x1f02da) returned 1
[0236.287] IsWindowEnabled (hWnd=0x1f02da) returned 1
[0236.287] SetFocus (hWnd=0x1f02da) returned 0x2102d8
[0236.287] GetFocus () returned 0x1f02da
[0236.287] IsChild (hWndParent=0x2200ea, hWnd=0x1f02da) returned 1
[0236.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x8, wParam=0x1f02da, lParam=0x0) returned 0x0
[0236.287] GetCapture () returned 0x0
[0236.287] InvalidateRect (hWnd=0x2102d8, lpRect=0x0, bErase=0) returned 1
[0236.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0236.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0236.292] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0236.292] InvalidateRect (hWnd=0x2102d8, lpRect=0x0, bErase=0) returned 1
[0236.292] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x7, wParam=0x2102d8, lParam=0x0) returned 0x0
[0236.292] GetStockObject (i=5) returned 0x900015
[0236.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0236.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0236.292] GetDlgItem (hDlg=0x2200ea, nIDDlgItem=2032346) returned 0x1f02da
[0236.292] SendMessageW (hWnd=0x1f02da, Msg=0x202b, wParam=0x1f02da, lParam=0xd7dddc) returned 0x0
[0236.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x202b, wParam=0x1f02da, lParam=0xd7dddc) returned 0x0
[0236.293] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.294] GetFocus () returned 0x1f02da
[0236.294] GetFocus () returned 0x1f02da
[0236.294] GetFocus () returned 0x1f02da
[0236.294] GetKeyState (nVirtKey=1) returned -127
[0236.294] GetKeyState (nVirtKey=2) returned 0
[0236.294] GetKeyState (nVirtKey=4) returned 0
[0236.294] GetKeyState (nVirtKey=5) returned 0
[0236.294] GetKeyState (nVirtKey=6) returned 0
[0236.294] GetCapture () returned 0x0
[0236.294] SetCapture (hWnd=0x1f02da) returned 0x0
[0236.294] GetKeyState (nVirtKey=1) returned -127
[0236.294] GetKeyState (nVirtKey=2) returned 0
[0236.294] GetKeyState (nVirtKey=4) returned 0
[0236.294] GetKeyState (nVirtKey=5) returned 0
[0236.294] GetKeyState (nVirtKey=6) returned 0
[0236.294] NotifyWinEvent (event=0x800a, hwnd=0x1f02da, idObject=-4, idChild=0)
[0236.295] InvalidateRect (hWnd=0x1f02da, lpRect=0xd7e430, bErase=0) returned 1
[0236.295] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.295] IsWindowUnicode (hWnd=0x1f02da) returned 1
[0236.295] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.295] TranslateMessage (lpMsg=0xd7e808) returned 0
[0236.295] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0236.295] MapWindowPoints (in: hWndFrom=0x1f02da, hWndTo=0x0, lpPoints=0x2dd4220, cPoints=0x1 | out: lpPoints=0x2dd4220) returned 30999254
[0236.295] NotifyWinEvent (event=0x800a, hwnd=0x1f02da, idObject=-4, idChild=0)
[0236.295] InvalidateRect (hWnd=0x1f02da, lpRect=0xd7e3d0, bErase=0) returned 1
[0236.295] UpdateWindow (hWnd=0x1f02da) returned 1
[0236.295] BeginPaint (in: hWnd=0x1f02da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0236.295] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.295] CreateCompatibleDC (hdc=0xf0105ee) returned 0x580107e0
[0236.295] SelectObject (hdc=0x580107e0, h=0x4a0507fe) returned 0x85000f
[0236.295] GdipCreateFromHDC (hdc=0x580107e0, graphics=0xd7df00) returned 0x0
[0236.296] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.296] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0236.296] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0236.296] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0236.296] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df60) returned 0x0
[0236.296] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.296] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0236.296] LocalFree (hMem=0x11ee788) returned 0x0
[0236.296] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0236.296] GdipCreateRegion (region=0xd7df48) returned 0x0
[0236.296] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0236.296] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df54) returned 0x0
[0236.296] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0236.296] GdipRestoreGraphics (graphics=0x6600030, state=0xf8ee0dbd) returned 0x0
[0236.296] GdipDeleteRegion (region=0x6645248) returned 0x0
[0236.297] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0236.297] GetCurrentObject (hdc=0x580107e0, type=0x1) returned 0xb00017
[0236.297] GetCurrentObject (hdc=0x580107e0, type=0x2) returned 0x900010
[0236.297] GetCurrentObject (hdc=0x580107e0, type=0x7) returned 0x4a0507fe
[0236.297] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.297] SaveDC (hdc=0x580107e0) returned 1
[0236.297] GetNearestColor (hdc=0x580107e0, color=0xf0f0f0) returned 0xf0f0f0
[0236.297] GetNearestColor (hdc=0x580107e0, color=0xa0a0a0) returned 0xa0a0a0
[0236.297] GetNearestColor (hdc=0x580107e0, color=0x696969) returned 0x696969
[0236.297] GetNearestColor (hdc=0x580107e0, color=0xa0a0a0) returned 0xa0a0a0
[0236.297] GetNearestColor (hdc=0x580107e0, color=0x0) returned 0x0
[0236.297] GetNearestColor (hdc=0x580107e0, color=0xffffff) returned 0xffffff
[0236.297] GetNearestColor (hdc=0x580107e0, color=0xe5e5e5) returned 0xe5e5e5
[0236.297] GetNearestColor (hdc=0x580107e0, color=0xd7d7d7) returned 0xd7d7d7
[0236.297] GetNearestColor (hdc=0x580107e0, color=0x0) returned 0x0
[0236.297] RestoreDC (hdc=0x580107e0, nSavedDC=-1) returned 1
[0236.297] GdipReleaseDC (graphics=0x6600030, hdc=0x580107e0) returned 0x0
[0236.298] IsAppThemed () returned 0x1
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] IsAppThemed () returned 0x1
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dd4978 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0236.298] IsAppThemed () returned 0x1
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] IsAppThemed () returned 0x1
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] IsAppThemed () returned 0x1
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] IsAppThemed () returned 0x1
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] GetThemeAppProperties () returned 0x3
[0236.298] IsThemePartDefined () returned 0x1
[0236.298] IsAppThemed () returned 0x1
[0236.299] GetThemeAppProperties () returned 0x3
[0236.299] GetThemeAppProperties () returned 0x3
[0236.299] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0236.299] IsAppThemed () returned 0x1
[0236.299] GetThemeAppProperties () returned 0x3
[0236.299] GetThemeAppProperties () returned 0x3
[0236.299] IsAppThemed () returned 0x1
[0236.299] GetThemeAppProperties () returned 0x3
[0236.299] GetThemeAppProperties () returned 0x3
[0236.299] IsThemePartDefined () returned 0x1
[0236.299] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0236.299] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0236.299] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0236.299] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0236.299] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc7c) returned 0x0
[0236.299] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0236.299] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0236.299] LocalFree (hMem=0x11ee9f0) returned 0x0
[0236.299] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.299] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0236.299] LocalFree (hMem=0x11ee788) returned 0x0
[0236.299] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0236.299] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0236.299] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0236.300] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0236.300] GdipDeleteRegion (region=0x6645758) returned 0x0
[0236.300] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0236.300] GetCurrentObject (hdc=0x580107e0, type=0x1) returned 0xb00017
[0236.300] GetCurrentObject (hdc=0x580107e0, type=0x2) returned 0x900010
[0236.300] GetCurrentObject (hdc=0x580107e0, type=0x7) returned 0x4a0507fe
[0236.300] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.300] SaveDC (hdc=0x580107e0) returned 1
[0236.300] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb040807
[0236.300] GetClipRgn (hdc=0x580107e0, hrgn=0xb040807) returned 0
[0236.300] SelectClipRgn (hdc=0x580107e0, hrgn=0x9f0407de) returned 2
[0236.300] DeleteObject (ho=0xb040807) returned 1
[0236.300] DeleteObject (ho=0x9f0407de) returned 1
[0236.300] OffsetViewportOrgEx (in: hdc=0x580107e0, x=0, y=0, lppt=0x2dd5028 | out: lppt=0x2dd5028) returned 1
[0236.300] DrawThemeParentBackground () returned 0x0
[0236.300] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0236.300] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0236.300] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.301] GetSystemMetrics (nIndex=42) returned 0
[0236.301] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0236.301] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0236.301] GetCurrentObject (hdc=0x580107e0, type=0x1) returned 0xb00017
[0236.301] GetCurrentObject (hdc=0x580107e0, type=0x2) returned 0x900010
[0236.301] GetCurrentObject (hdc=0x580107e0, type=0x7) returned 0x4a0507fe
[0236.301] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.301] SaveDC (hdc=0x580107e0) returned 2
[0236.301] GetNearestColor (hdc=0x580107e0, color=0xf0f0f0) returned 0xf0f0f0
[0236.301] CreateSolidBrush (color=0xf0f0f0) returned 0x751007e1
[0236.301] FillRect (hDC=0x580107e0, lprc=0xd7d6c8, hbr=0x751007e1) returned 1
[0236.301] DeleteObject (ho=0x751007e1) returned 1
[0236.301] RestoreDC (hdc=0x580107e0, nSavedDC=-1) returned 1
[0236.301] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.302] GetSystemMetrics (nIndex=42) returned 0
[0236.302] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0236.302] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0236.302] GetCurrentObject (hdc=0x580107e0, type=0x1) returned 0xb00017
[0236.302] GetCurrentObject (hdc=0x580107e0, type=0x2) returned 0x900010
[0236.302] GetCurrentObject (hdc=0x580107e0, type=0x7) returned 0x4a0507fe
[0236.302] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.302] SaveDC (hdc=0x580107e0) returned 2
[0236.302] GetNearestColor (hdc=0x580107e0, color=0xf0f0f0) returned 0xf0f0f0
[0236.302] CreateSolidBrush (color=0xf0f0f0) returned 0x761007e1
[0236.302] FillRect (hDC=0x580107e0, lprc=0xd7d668, hbr=0x761007e1) returned 1
[0236.302] DeleteObject (ho=0x761007e1) returned 1
[0236.302] RestoreDC (hdc=0x580107e0, nSavedDC=-1) returned 1
[0236.302] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.302] GetSystemMetrics (nIndex=42) returned 0
[0236.302] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0236.303] RestoreDC (hdc=0x580107e0, nSavedDC=-1) returned 1
[0236.303] GdipReleaseDC (graphics=0x6600030, hdc=0x580107e0) returned 0x0
[0236.303] IsAppThemed () returned 0x1
[0236.303] GetThemeAppProperties () returned 0x3
[0236.303] GetThemeAppProperties () returned 0x3
[0236.303] IsAppThemed () returned 0x1
[0236.303] GetThemeAppProperties () returned 0x3
[0236.303] GetThemeAppProperties () returned 0x3
[0236.303] IsThemePartDefined () returned 0x1
[0236.303] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0236.303] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0236.303] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0236.303] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0236.303] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0236.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0236.303] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0236.303] LocalFree (hMem=0x11eec58) returned 0x0
[0236.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0236.303] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0236.303] LocalFree (hMem=0x11ee868) returned 0x0
[0236.303] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0236.304] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0236.304] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0236.304] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0236.304] GdipDeleteRegion (region=0x6645518) returned 0x0
[0236.304] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0236.304] GetCurrentObject (hdc=0x580107e0, type=0x1) returned 0xb00017
[0236.304] GetCurrentObject (hdc=0x580107e0, type=0x2) returned 0x900010
[0236.304] GetCurrentObject (hdc=0x580107e0, type=0x7) returned 0x4a0507fe
[0236.304] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.304] SaveDC (hdc=0x580107e0) returned 1
[0236.304] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa00407de
[0236.304] GetClipRgn (hdc=0x580107e0, hrgn=0xa00407de) returned 0
[0236.304] SelectClipRgn (hdc=0x580107e0, hrgn=0xd040807) returned 2
[0236.304] DeleteObject (ho=0xa00407de) returned 1
[0236.304] DeleteObject (ho=0xd040807) returned 1
[0236.304] OffsetViewportOrgEx (in: hdc=0x580107e0, x=0, y=0, lppt=0x2dd58d4 | out: lppt=0x2dd58d4) returned 1
[0236.304] IsAppThemed () returned 0x1
[0236.304] GetThemeAppProperties () returned 0x3
[0236.304] GetThemeAppProperties () returned 0x3
[0236.304] DrawThemeBackground () returned 0x0
[0236.305] RestoreDC (hdc=0x580107e0, nSavedDC=-1) returned 1
[0236.305] GdipReleaseDC (graphics=0x6600030, hdc=0x580107e0) returned 0x0
[0236.305] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0236.305] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0236.305] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0236.305] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0236.305] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc04) returned 0x0
[0236.305] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0236.305] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0236.305] LocalFree (hMem=0x11eecc8) returned 0x0
[0236.305] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0236.305] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0236.305] LocalFree (hMem=0x11ee8d8) returned 0x0
[0236.305] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0236.305] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0236.305] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0236.305] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0236.305] GdipDeleteRegion (region=0x6645248) returned 0x0
[0236.305] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0236.305] GetCurrentObject (hdc=0x580107e0, type=0x1) returned 0xb00017
[0236.305] GetCurrentObject (hdc=0x580107e0, type=0x2) returned 0x900010
[0236.305] GetCurrentObject (hdc=0x580107e0, type=0x7) returned 0x4a0507fe
[0236.306] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.306] SaveDC (hdc=0x580107e0) returned 1
[0236.306] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe040807
[0236.306] GetClipRgn (hdc=0x580107e0, hrgn=0xe040807) returned 0
[0236.306] SelectClipRgn (hdc=0x580107e0, hrgn=0xa10407de) returned 2
[0236.306] DeleteObject (ho=0xe040807) returned 1
[0236.306] DeleteObject (ho=0xa10407de) returned 1
[0236.306] OffsetViewportOrgEx (in: hdc=0x580107e0, x=0, y=0, lppt=0x2dd5ba8 | out: lppt=0x2dd5ba8) returned 1
[0236.306] IsAppThemed () returned 0x1
[0236.306] GetThemeAppProperties () returned 0x3
[0236.306] GetThemeAppProperties () returned 0x3
[0236.306] GetThemeBackgroundContentRect () returned 0x0
[0236.306] RestoreDC (hdc=0x580107e0, nSavedDC=-1) returned 1
[0236.306] GdipReleaseDC (graphics=0x6600030, hdc=0x580107e0) returned 0x0
[0236.306] IsAppThemed () returned 0x1
[0236.306] GetThemeAppProperties () returned 0x3
[0236.306] GetThemeAppProperties () returned 0x3
[0236.306] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0236.306] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0236.306] GetCurrentObject (hdc=0x580107e0, type=0x1) returned 0xb00017
[0236.307] GetCurrentObject (hdc=0x580107e0, type=0x2) returned 0x900010
[0236.307] GetCurrentObject (hdc=0x580107e0, type=0x7) returned 0x4a0507fe
[0236.307] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.307] SaveDC (hdc=0x580107e0) returned 1
[0236.307] GetTextAlign (hdc=0x580107e0) returned 0x0
[0236.307] GetTextColor (hdc=0x580107e0) returned 0x0
[0236.307] GetCurrentObject (hdc=0x580107e0, type=0x6) returned 0x8a01c2
[0236.307] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0236.307] SelectObject (hdc=0x580107e0, h=0x6d0a0520) returned 0x8a01c2
[0236.307] GetBkMode (hdc=0x580107e0) returned 2
[0236.307] SetBkMode (hdc=0x580107e0, mode=1) returned 2
[0236.307] DrawTextExW (in: hdc=0x580107e0, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dd5f48 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0236.307] DrawTextExW (in: hdc=0x580107e0, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dd5f48 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0236.308] RestoreDC (hdc=0x580107e0, nSavedDC=-1) returned 1
[0236.308] GdipReleaseDC (graphics=0x6600030, hdc=0x580107e0) returned 0x0
[0236.308] GetFocus () returned 0x1f02da
[0236.308] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0236.308] SendMessageW (hWnd=0x2200ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0236.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0236.308] IsAppThemed () returned 0x1
[0236.308] GetThemeAppProperties () returned 0x3
[0236.308] GetThemeAppProperties () returned 0x3
[0236.308] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0236.308] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x580107e0, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.308] GdipReleaseDC (graphics=0x6600030, hdc=0x580107e0) returned 0x0
[0236.308] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.308] SelectObject (hdc=0x580107e0, h=0x85000f) returned 0x4a0507fe
[0236.308] DeleteDC (hdc=0x580107e0) returned 1
[0236.309] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.309] EndPaint (hWnd=0x1f02da, lpPaint=0xd7dee4) returned 1
[0236.309] MapWindowPoints (in: hWndFrom=0x1f02da, hWndTo=0x0, lpPoints=0x2dd6044, cPoints=0x1 | out: lpPoints=0x2dd6044) returned 30999254
[0236.309] WindowFromPoint (Point=0x2fd) returned 0x1f02da
[0236.309] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.309] NotifyWinEvent (event=0x800a, hwnd=0x1f02da, idObject=-4, idChild=0)
[0236.309] NotifyWinEvent (event=0x800c, hwnd=0x1f02da, idObject=-4, idChild=0)
[0236.309] GetCapture () returned 0x1f02da
[0236.309] ReleaseCapture () returned 1
[0236.309] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0236.313] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0236.313] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.313] IsWindow (hWnd=0x7005c) returned 1
[0236.313] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0236.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0236.314] IsWindow (hWnd=0x2200ea) returned 1
[0236.314] SetActiveWindow (hWnd=0x2200ea) returned 0x2200ea
[0236.314] IsWindow (hWnd=0x2200ea) returned 1
[0236.314] SetFocus (hWnd=0x2200ea) returned 0x1f02da
[0236.314] GetFocus () returned 0x2200ea
[0236.314] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x8, wParam=0x2200ea, lParam=0x0) returned 0x0
[0236.314] GetCapture () returned 0x0
[0236.314] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.315] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0236.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0236.317] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0236.317] GetFocus () returned 0x2200ea
[0236.318] SetFocus (hWnd=0x1f02da) returned 0x2200ea
[0236.318] GetFocus () returned 0x1f02da
[0236.318] IsChild (hWndParent=0x2200ea, hWnd=0x1f02da) returned 1
[0236.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x8, wParam=0x1f02da, lParam=0x0) returned 0x0
[0236.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0236.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0236.322] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0236.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x7, wParam=0x2200ea, lParam=0x0) returned 0x0
[0236.322] GetStockObject (i=5) returned 0x900015
[0236.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0236.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0236.322] GetDlgItem (hDlg=0x2200ea, nIDDlgItem=2032346) returned 0x1f02da
[0236.322] SendMessageW (hWnd=0x1f02da, Msg=0x202b, wParam=0x1f02da, lParam=0xd7ddcc) returned 0x0
[0236.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x202b, wParam=0x1f02da, lParam=0xd7ddcc) returned 0x0
[0236.322] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.324] GetWindowLongW (hWnd=0x2200ea, nIndex=-8) returned 458844
[0236.324] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0236.324] GetCurrentThreadId () returned 0xf50
[0236.324] IsWindow (hWnd=0x7005c) returned 1
[0236.324] IsWindow (hWnd=0x7005c) returned 1
[0236.324] IsWindowVisible (hWnd=0x7005c) returned 1
[0236.324] SetActiveWindow (hWnd=0x7005c) returned 0x2200ea
[0236.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0236.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0236.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0236.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0236.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0236.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0236.332] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0236.332] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0236.332] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0236.332] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0236.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0236.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0236.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0236.336] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2200ea) returned 0x1
[0236.339] GetFocus () returned 0x1f02da
[0236.339] SetFocus (hWnd=0x602c4) returned 0x1f02da
[0236.339] GetFocus () returned 0x602c4
[0236.339] IsChild (hWndParent=0x2200ea, hWnd=0x602c4) returned 0
[0236.339] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0236.339] GetCapture () returned 0x0
[0236.339] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.341] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0236.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0236.344] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0236.344] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0236.345] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0236.345] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0236.345] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0236.345] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1f02da, lParam=0x0) returned 0x0
[0236.346] GetStockObject (i=5) returned 0x900015
[0236.346] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0236.346] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8a0) returned 0xc
[0236.346] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0236.346] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0236.346] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0236.346] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0236.348] GetFocus () returned 0x602c4
[0236.348] IsChild (hWndParent=0x2200ea, hWnd=0x602c4) returned 0
[0236.348] ShowWindow (hWnd=0x2200ea, nCmdShow=0) returned 1
[0236.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0236.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0236.351] GetWindowPlacement (in: hWnd=0x2200ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0236.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0236.351] GetClientRect (in: hWnd=0x2200ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0236.351] GetWindowRect (in: hWnd=0x2200ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0236.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0236.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0236.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0236.352] GetWindowLongW (hWnd=0x2200ea, nIndex=-20) returned 327945
[0236.352] DestroyWindow (hWnd=0x2200ea) returned 1
[0236.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0236.353] GetWindowTextLengthW (hWnd=0x2200ea) returned 13
[0236.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.353] GetSystemMetrics (nIndex=42) returned 0
[0236.353] GetWindowTextW (in: hWnd=0x2200ea, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0236.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0236.353] GetWindowTextLengthW (hWnd=0x1902c8) returned 0
[0236.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0236.353] GetSystemMetrics (nIndex=42) returned 0
[0236.353] GetWindowTextW (in: hWnd=0x1902c8, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0236.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0236.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0236.354] GetWindowThreadProcessId (in: hWnd=0x1f02de, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0236.354] GetWindow (hWnd=0x1f02de, uCmd=0x5) returned 0x0
[0236.354] GetWindowLongW (hWnd=0x1f02de, nIndex=-20) returned 65792
[0236.354] DestroyWindow (hWnd=0x1f02de) returned 1
[0236.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0236.354] GetWindowTextLengthW (hWnd=0x1f02de) returned 25
[0236.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0236.354] GetSystemMetrics (nIndex=42) returned 0
[0236.354] GetWindowTextW (in: hWnd=0x1f02de, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0236.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0236.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0236.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.356] GetWindowTextLengthW (hWnd=0x1402d0) returned 232
[0236.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0236.356] GetSystemMetrics (nIndex=42) returned 0
[0236.356] GetWindowTextW (in: hWnd=0x1402d0, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0236.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0236.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0236.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0236.364] InvalidateRect (hWnd=0x1f02da, lpRect=0x0, bErase=0) returned 1
[0236.364] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0236.364] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0236.364] SendMessageW (hWnd=0x1f02dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0236.364] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0236.364] SendMessageW (hWnd=0x1f02dc, Msg=0xb0, wParam=0x2da1e24, lParam=0xd7e480) returned 0x0
[0236.364] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0xb0, wParam=0x2da1e24, lParam=0xd7e480) returned 0x0
[0236.364] GetWindowTextLengthW (hWnd=0x1f02dc) returned 4363
[0236.364] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0236.364] GetSystemMetrics (nIndex=42) returned 0
[0236.364] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0236.364] GetWindowTextW (in: hWnd=0x1f02dc, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0236.365] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0236.365] CoTaskMemFree (pv=0x120a4b0)
[0236.365] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0236.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.367] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1402d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.369] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.370] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.372] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2200ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0236.376] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.376] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.376] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.376] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.376] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.376] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.376] IsWindowUnicode (hWnd=0x7005c) returned 1
[0236.376] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.377] SetCursor (hCursor=0x10003) returned 0x10003
[0236.377] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.377] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.377] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0236.377] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0236.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0236.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x111023f) returned 0x0
[0236.377] GetKeyState (nVirtKey=1) returned 1
[0236.377] GetKeyState (nVirtKey=2) returned 0
[0236.377] GetKeyState (nVirtKey=4) returned 0
[0236.377] GetKeyState (nVirtKey=5) returned 0
[0236.377] GetKeyState (nVirtKey=6) returned 0
[0236.377] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.378] IsWindowUnicode (hWnd=0x7005c) returned 1
[0236.378] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.378] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.378] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.378] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.379] IsWindowUnicode (hWnd=0x7005c) returned 1
[0236.379] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e602fd) returned 0x1
[0236.379] SetCursor (hCursor=0x10003) returned 0x10003
[0236.379] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.379] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x111023f) returned 0x0
[0236.379] GetKeyState (nVirtKey=1) returned 1
[0236.379] GetKeyState (nVirtKey=2) returned 0
[0236.379] GetKeyState (nVirtKey=4) returned 0
[0236.379] GetKeyState (nVirtKey=5) returned 0
[0236.380] GetKeyState (nVirtKey=6) returned 0
[0236.380] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.380] IsWindowUnicode (hWnd=0x602c4) returned 1
[0236.380] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.380] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.380] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.380] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.381] IsWindowUnicode (hWnd=0x602c4) returned 1
[0236.381] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.381] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.381] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.381] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0236.381] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.382] CreateCompatibleDC (hdc=0xf0105ee) returned 0x20010781
[0236.382] SelectObject (hdc=0x20010781, h=0x4a0507fe) returned 0x85000f
[0236.382] GdipCreateFromHDC (hdc=0x20010781, graphics=0xd7e798) returned 0x0
[0236.382] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0236.382] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0236.382] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0236.382] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0236.382] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e7f8) returned 0x0
[0236.382] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0236.382] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0236.382] LocalFree (hMem=0x11ee868) returned 0x0
[0236.382] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0236.383] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0236.383] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0236.383] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0236.383] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0236.383] GdipRestoreGraphics (graphics=0x6600030, state=0xf8ec0dbd) returned 0x0
[0236.383] GdipDeleteRegion (region=0x6646178) returned 0x0
[0236.383] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0236.383] GetCurrentObject (hdc=0x20010781, type=0x1) returned 0xb00017
[0236.383] GetCurrentObject (hdc=0x20010781, type=0x2) returned 0x900010
[0236.383] GetCurrentObject (hdc=0x20010781, type=0x7) returned 0x4a0507fe
[0236.383] GetCurrentObject (hdc=0x20010781, type=0x6) returned 0x8a01c2
[0236.383] SaveDC (hdc=0x20010781) returned 1
[0236.383] GetNearestColor (hdc=0x20010781, color=0xff) returned 0xff
[0236.383] GetNearestColor (hdc=0x20010781, color=0x55) returned 0x55
[0236.383] GetNearestColor (hdc=0x20010781, color=0x0) returned 0x0
[0236.384] GetNearestColor (hdc=0x20010781, color=0x55) returned 0x55
[0236.384] GetNearestColor (hdc=0x20010781, color=0x0) returned 0x0
[0236.384] GetNearestColor (hdc=0x20010781, color=0x8080ff) returned 0x8080ff
[0236.384] GetNearestColor (hdc=0x20010781, color=0x7373e5) returned 0x7373e5
[0236.384] GetNearestColor (hdc=0x20010781, color=0xe5) returned 0xe5
[0236.384] GetNearestColor (hdc=0x20010781, color=0x0) returned 0x0
[0236.384] RestoreDC (hdc=0x20010781, nSavedDC=-1) returned 1
[0236.384] GdipReleaseDC (graphics=0x6600030, hdc=0x20010781) returned 0x0
[0236.384] IsAppThemed () returned 0x1
[0236.384] GetThemeAppProperties () returned 0x3
[0236.384] GetThemeAppProperties () returned 0x3
[0236.384] IsAppThemed () returned 0x1
[0236.384] GetThemeAppProperties () returned 0x3
[0236.384] GetThemeAppProperties () returned 0x3
[0236.384] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2ddddb0 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0236.385] IsAppThemed () returned 0x1
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] IsAppThemed () returned 0x1
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] GetFocus () returned 0x602c4
[0236.385] IsAppThemed () returned 0x1
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] IsAppThemed () returned 0x1
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] GetThemeAppProperties () returned 0x3
[0236.385] IsThemePartDefined () returned 0x1
[0236.385] IsAppThemed () returned 0x1
[0236.386] GetThemeAppProperties () returned 0x3
[0236.386] GetThemeAppProperties () returned 0x3
[0236.386] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0236.386] IsAppThemed () returned 0x1
[0236.386] GetThemeAppProperties () returned 0x3
[0236.386] GetThemeAppProperties () returned 0x3
[0236.386] IsAppThemed () returned 0x1
[0236.386] GetThemeAppProperties () returned 0x3
[0236.386] GetThemeAppProperties () returned 0x3
[0236.386] IsThemePartDefined () returned 0x1
[0236.386] GdipCreateRegion (region=0xd7e508) returned 0x0
[0236.386] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0236.386] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0236.386] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0236.386] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e520) returned 0x0
[0236.386] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.386] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0236.386] LocalFree (hMem=0x11ee788) returned 0x0
[0236.386] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0236.387] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0236.387] LocalFree (hMem=0x11ee868) returned 0x0
[0236.387] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0236.387] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e548) returned 0x0
[0236.387] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e538) returned 0x0
[0236.387] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0236.387] GdipDeleteRegion (region=0x6645248) returned 0x0
[0236.387] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0236.387] GetCurrentObject (hdc=0x20010781, type=0x1) returned 0xb00017
[0236.387] GetCurrentObject (hdc=0x20010781, type=0x2) returned 0x900010
[0236.387] GetCurrentObject (hdc=0x20010781, type=0x7) returned 0x4a0507fe
[0236.387] GetCurrentObject (hdc=0x20010781, type=0x6) returned 0x8a01c2
[0236.387] SaveDC (hdc=0x20010781) returned 1
[0236.387] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa20407de
[0236.395] GetClipRgn (hdc=0x20010781, hrgn=0xa20407de) returned 0
[0236.395] SelectClipRgn (hdc=0x20010781, hrgn=0x12040807) returned 2
[0236.395] DeleteObject (ho=0xa20407de) returned 1
[0236.395] DeleteObject (ho=0x12040807) returned 1
[0236.395] OffsetViewportOrgEx (in: hdc=0x20010781, x=0, y=0, lppt=0x2dde460 | out: lppt=0x2dde460) returned 1
[0236.395] DrawThemeParentBackground () returned 0x0
[0236.395] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0236.395] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0236.395] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0236.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.395] GetSystemMetrics (nIndex=42) returned 0
[0236.395] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0236.396] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0236.396] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0236.396] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0236.396] SelectPalette (hdc=0x20010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.396] GdipCreateFromHDC (hdc=0x20010781, graphics=0xd7dff8) returned 0x0
[0236.396] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0236.396] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0236.396] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638b48) returned 0x0
[0236.396] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfd0) returned 0x0
[0236.396] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0236.396] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0236.396] GdipGetClip (graphics=0x663e568, region=0x6645998) returned 0x0
[0236.396] GdipIsInfiniteRegion (region=0x6645998, graphics=0x663e568, result=0xd7dfc4) returned 0x0
[0236.396] GdipDeleteRegion (region=0x6645998) returned 0x0
[0236.397] GdipSaveGraphics (graphics=0x663e568, state=0xd7dff0) returned 0x0
[0236.397] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0236.408] GdipFillRectangleI (graphics=0x663e568, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0236.408] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0236.410] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0236.410] SelectPalette (hdc=0x20010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.410] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0236.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.410] GetSystemMetrics (nIndex=42) returned 0
[0236.410] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0236.411] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0236.411] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0236.411] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0236.411] SelectPalette (hdc=0x20010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0236.411] GdipCreateFromHDC (hdc=0x20010781, graphics=0xd7df98) returned 0x0
[0236.411] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0236.411] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0236.411] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638bd8) returned 0x0
[0236.411] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df70) returned 0x0
[0236.411] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0236.411] GdipCreateRegion (region=0xd7df58) returned 0x0
[0236.411] GdipGetClip (graphics=0x663e568, region=0x6645248) returned 0x0
[0236.411] GdipIsInfiniteRegion (region=0x6645248, graphics=0x663e568, result=0xd7df64) returned 0x0
[0236.411] GdipDeleteRegion (region=0x6645248) returned 0x0
[0236.412] GdipSaveGraphics (graphics=0x663e568, state=0xd7df90) returned 0x0
[0236.412] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0236.419] GdipFillRectangleI (graphics=0x663e568, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0236.430] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0236.432] GdipRestoreGraphics (graphics=0x663e568, state=0xf8e80dbd) returned 0x0
[0236.432] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0236.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0236.432] GetSystemMetrics (nIndex=42) returned 0
[0236.432] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0236.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0236.433] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0236.433] SelectPalette (hdc=0x20010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.433] RestoreDC (hdc=0x20010781, nSavedDC=-1) returned 1
[0236.433] GdipReleaseDC (graphics=0x6600030, hdc=0x20010781) returned 0x0
[0236.433] IsAppThemed () returned 0x1
[0236.433] GetThemeAppProperties () returned 0x3
[0236.433] GetThemeAppProperties () returned 0x3
[0236.433] IsAppThemed () returned 0x1
[0236.433] GetThemeAppProperties () returned 0x3
[0236.433] GetThemeAppProperties () returned 0x3
[0236.433] IsThemePartDefined () returned 0x1
[0236.433] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0236.434] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0236.434] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0236.434] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0236.434] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a4) returned 0x0
[0236.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0236.434] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea28) returned 0x0
[0236.434] LocalFree (hMem=0x11eea28) returned 0x0
[0236.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0236.434] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea60) returned 0x0
[0236.434] LocalFree (hMem=0x11eea60) returned 0x0
[0236.434] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0236.434] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0236.438] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0236.438] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0236.438] GdipDeleteRegion (region=0x6645758) returned 0x0
[0236.438] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0236.438] GetCurrentObject (hdc=0x20010781, type=0x1) returned 0xb00017
[0236.439] GetCurrentObject (hdc=0x20010781, type=0x2) returned 0x900010
[0236.439] GetCurrentObject (hdc=0x20010781, type=0x7) returned 0x4a0507fe
[0236.439] GetCurrentObject (hdc=0x20010781, type=0x6) returned 0x8a01c2
[0236.439] SaveDC (hdc=0x20010781) returned 1
[0236.439] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x13040807
[0236.439] GetClipRgn (hdc=0x20010781, hrgn=0x13040807) returned 0
[0236.439] SelectClipRgn (hdc=0x20010781, hrgn=0xa40407de) returned 2
[0236.439] DeleteObject (ho=0x13040807) returned 1
[0236.439] DeleteObject (ho=0xa40407de) returned 1
[0236.439] OffsetViewportOrgEx (in: hdc=0x20010781, x=0, y=0, lppt=0x2de4cb0 | out: lppt=0x2de4cb0) returned 1
[0236.439] IsAppThemed () returned 0x1
[0236.439] GetThemeAppProperties () returned 0x3
[0236.439] GetThemeAppProperties () returned 0x3
[0236.440] DrawThemeBackground () returned 0x0
[0236.440] RestoreDC (hdc=0x20010781, nSavedDC=-1) returned 1
[0236.440] GdipReleaseDC (graphics=0x6600030, hdc=0x20010781) returned 0x0
[0236.440] GdipCreateRegion (region=0xd7e490) returned 0x0
[0236.440] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0236.440] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0236.440] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0236.440] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e4a8) returned 0x0
[0236.440] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0236.440] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0236.440] LocalFree (hMem=0x11eecc8) returned 0x0
[0236.440] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0236.440] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0236.440] LocalFree (hMem=0x11ee788) returned 0x0
[0236.440] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0236.440] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0236.440] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0236.440] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0236.440] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0236.440] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0236.440] GetCurrentObject (hdc=0x20010781, type=0x1) returned 0xb00017
[0236.441] GetCurrentObject (hdc=0x20010781, type=0x2) returned 0x900010
[0236.441] GetCurrentObject (hdc=0x20010781, type=0x7) returned 0x4a0507fe
[0236.441] GetCurrentObject (hdc=0x20010781, type=0x6) returned 0x8a01c2
[0236.441] SaveDC (hdc=0x20010781) returned 1
[0236.441] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa50407de
[0236.441] GetClipRgn (hdc=0x20010781, hrgn=0xa50407de) returned 0
[0236.441] SelectClipRgn (hdc=0x20010781, hrgn=0x14040807) returned 2
[0236.441] DeleteObject (ho=0xa50407de) returned 1
[0236.441] DeleteObject (ho=0x14040807) returned 1
[0236.441] OffsetViewportOrgEx (in: hdc=0x20010781, x=0, y=0, lppt=0x2de4f84 | out: lppt=0x2de4f84) returned 1
[0236.441] IsAppThemed () returned 0x1
[0236.441] GetThemeAppProperties () returned 0x3
[0236.441] GetThemeAppProperties () returned 0x3
[0236.441] GetThemeBackgroundContentRect () returned 0x0
[0236.441] RestoreDC (hdc=0x20010781, nSavedDC=-1) returned 1
[0236.441] GdipReleaseDC (graphics=0x6600030, hdc=0x20010781) returned 0x0
[0236.441] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0236.441] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0236.441] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0236.441] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0236.442] IsAppThemed () returned 0x1
[0236.442] GetThemeAppProperties () returned 0x3
[0236.442] GetThemeAppProperties () returned 0x3
[0236.442] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0236.442] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0236.442] GetCurrentObject (hdc=0x20010781, type=0x1) returned 0xb00017
[0236.442] GetCurrentObject (hdc=0x20010781, type=0x2) returned 0x900010
[0236.442] GetCurrentObject (hdc=0x20010781, type=0x7) returned 0x4a0507fe
[0236.442] GetCurrentObject (hdc=0x20010781, type=0x6) returned 0x8a01c2
[0236.442] SaveDC (hdc=0x20010781) returned 1
[0236.442] GetTextAlign (hdc=0x20010781) returned 0x0
[0236.442] GetTextColor (hdc=0x20010781) returned 0x0
[0236.442] GetCurrentObject (hdc=0x20010781, type=0x6) returned 0x8a01c2
[0236.442] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0236.442] SelectObject (hdc=0x20010781, h=0x6d0a0520) returned 0x8a01c2
[0236.442] GetBkMode (hdc=0x20010781) returned 2
[0236.442] SetBkMode (hdc=0x20010781, mode=1) returned 2
[0236.442] DrawTextExW (in: hdc=0x20010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2de5348 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0236.443] DrawTextExW (in: hdc=0x20010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2de5348 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0236.443] RestoreDC (hdc=0x20010781, nSavedDC=-1) returned 1
[0236.443] GdipReleaseDC (graphics=0x6600030, hdc=0x20010781) returned 0x0
[0236.443] GetFocus () returned 0x602c4
[0236.443] IsAppThemed () returned 0x1
[0236.443] GetThemeAppProperties () returned 0x3
[0236.443] GetThemeAppProperties () returned 0x3
[0236.443] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0236.443] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x20010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0236.444] GdipReleaseDC (graphics=0x6600030, hdc=0x20010781) returned 0x0
[0236.444] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0236.444] SelectObject (hdc=0x20010781, h=0x85000f) returned 0x4a0507fe
[0236.444] DeleteDC (hdc=0x20010781) returned 1
[0236.444] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0236.444] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0236.444] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.444] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.444] WaitMessage () returned 1
[0236.444] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.444] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.444] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.444] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.444] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.445] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.445] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.446] WaitMessage () returned 1
[0236.459] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.459] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.459] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.459] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.459] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.460] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.460] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.460] WaitMessage () returned 1
[0236.461] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.461] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.461] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.461] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.461] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.462] WaitMessage () returned 1
[0236.463] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.463] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.463] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.463] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.463] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.464] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.464] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.464] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.464] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.464] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.465] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.465] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.465] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.465] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.465] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.465] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.465] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.465] WaitMessage () returned 1
[0236.465] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.469] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.469] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.469] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.469] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.470] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.470] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.470] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.470] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.471] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.471] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.471] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.471] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.471] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.471] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.471] WaitMessage () returned 1
[0236.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.473] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.473] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.473] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.473] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.474] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.474] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.474] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.474] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.475] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.475] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.475] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.475] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.475] WaitMessage () returned 1
[0236.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.475] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.476] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.476] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.476] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.477] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.477] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.478] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.478] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.478] IsWindowUnicode (hWnd=0x30122) returned 1
[0236.478] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.478] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.478] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.478] WaitMessage () returned 1
[0236.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.484] IsWindowUnicode (hWnd=0x7005c) returned 1
[0236.484] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.485] IsWindowUnicode (hWnd=0x7005c) returned 1
[0236.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x111023f) returned 0x0
[0236.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.485] WaitMessage () returned 1
[0236.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.654] IsWindowUnicode (hWnd=0x502c6) returned 1
[0236.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0236.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0236.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0236.655] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.655] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0236.655] WaitMessage () returned 1
[0238.532] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750100) returned 0x1
[0238.533] IsWindowUnicode (hWnd=0x602c4) returned 1
[0238.533] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.533] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0238.533] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0238.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0238.533] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750100) returned 0x1
[0238.533] IsWindowUnicode (hWnd=0x602c4) returned 1
[0238.533] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750100) returned 0x1
[0238.533] SetCursor (hCursor=0x10003) returned 0x10003
[0238.533] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0238.534] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0238.534] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0238.534] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0238.534] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0238.534] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0238.534] GetKeyState (nVirtKey=1) returned 1
[0238.534] GetKeyState (nVirtKey=2) returned 0
[0238.534] GetKeyState (nVirtKey=4) returned 0
[0238.534] GetKeyState (nVirtKey=5) returned 0
[0238.534] GetKeyState (nVirtKey=6) returned 0
[0238.534] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.534] IsWindowUnicode (hWnd=0x602c4) returned 1
[0238.534] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.534] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0238.534] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0238.534] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0238.535] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0238.535] CreateCompatibleDC (hdc=0xf0105ee) returned 0xf80107e9
[0238.535] SelectObject (hdc=0xf80107e9, h=0x4a0507fe) returned 0x85000f
[0238.535] GdipCreateFromHDC (hdc=0xf80107e9, graphics=0xd7e798) returned 0x0
[0238.535] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0238.535] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0238.535] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0238.535] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0238.536] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e7f8) returned 0x0
[0238.536] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0238.536] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0238.536] LocalFree (hMem=0x11ee788) returned 0x0
[0238.536] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0238.536] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0238.536] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0238.536] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0238.536] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0238.536] GdipRestoreGraphics (graphics=0x6600030, state=0xf8e60dbd) returned 0x0
[0238.536] GdipDeleteRegion (region=0x6645368) returned 0x0
[0238.536] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0238.536] GetCurrentObject (hdc=0xf80107e9, type=0x1) returned 0xb00017
[0238.536] GetCurrentObject (hdc=0xf80107e9, type=0x2) returned 0x900010
[0238.536] GetCurrentObject (hdc=0xf80107e9, type=0x7) returned 0x4a0507fe
[0238.537] GetCurrentObject (hdc=0xf80107e9, type=0x6) returned 0x8a01c2
[0238.537] SaveDC (hdc=0xf80107e9) returned 1
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0xff) returned 0xff
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0x55) returned 0x55
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0x0) returned 0x0
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0x55) returned 0x55
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0x0) returned 0x0
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0x8080ff) returned 0x8080ff
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0x7373e5) returned 0x7373e5
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0xe5) returned 0xe5
[0238.537] GetNearestColor (hdc=0xf80107e9, color=0x0) returned 0x0
[0238.537] RestoreDC (hdc=0xf80107e9, nSavedDC=-1) returned 1
[0238.538] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107e9) returned 0x0
[0238.538] IsAppThemed () returned 0x1
[0238.538] GetThemeAppProperties () returned 0x3
[0238.538] GetThemeAppProperties () returned 0x3
[0238.538] IsAppThemed () returned 0x1
[0238.538] GetThemeAppProperties () returned 0x3
[0238.538] GetThemeAppProperties () returned 0x3
[0238.538] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2de5cb8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0238.538] IsAppThemed () returned 0x1
[0238.538] GetThemeAppProperties () returned 0x3
[0238.538] GetThemeAppProperties () returned 0x3
[0238.539] IsAppThemed () returned 0x1
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] IsAppThemed () returned 0x1
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] IsAppThemed () returned 0x1
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] IsThemePartDefined () returned 0x1
[0238.539] IsAppThemed () returned 0x1
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0238.539] IsAppThemed () returned 0x1
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] GetThemeAppProperties () returned 0x3
[0238.539] IsAppThemed () returned 0x1
[0238.540] GetThemeAppProperties () returned 0x3
[0238.540] GetThemeAppProperties () returned 0x3
[0238.540] IsThemePartDefined () returned 0x1
[0238.540] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0238.540] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0238.540] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0238.540] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0238.540] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e514) returned 0x0
[0238.540] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0238.540] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0238.540] LocalFree (hMem=0x11ee788) returned 0x0
[0238.540] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0238.540] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0238.540] LocalFree (hMem=0x11ee8d8) returned 0x0
[0238.540] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0238.540] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0238.540] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0238.541] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0238.541] GdipDeleteRegion (region=0x6645998) returned 0x0
[0238.541] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0238.541] GetCurrentObject (hdc=0xf80107e9, type=0x1) returned 0xb00017
[0238.541] GetCurrentObject (hdc=0xf80107e9, type=0x2) returned 0x900010
[0238.541] GetCurrentObject (hdc=0xf80107e9, type=0x7) returned 0x4a0507fe
[0238.541] GetCurrentObject (hdc=0xf80107e9, type=0x6) returned 0x8a01c2
[0238.541] SaveDC (hdc=0xf80107e9) returned 1
[0238.541] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x15040807
[0238.541] GetClipRgn (hdc=0xf80107e9, hrgn=0x15040807) returned 0
[0238.541] SelectClipRgn (hdc=0xf80107e9, hrgn=0xa90407de) returned 2
[0238.541] DeleteObject (ho=0x15040807) returned 1
[0238.541] DeleteObject (ho=0xa90407de) returned 1
[0238.541] OffsetViewportOrgEx (in: hdc=0xf80107e9, x=0, y=0, lppt=0x2de6368 | out: lppt=0x2de6368) returned 1
[0238.542] DrawThemeParentBackground () returned 0x0
[0238.542] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0238.542] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0238.542] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.542] GetSystemMetrics (nIndex=42) returned 0
[0238.542] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0238.542] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0238.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0238.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0238.542] SelectPalette (hdc=0xf80107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0238.542] GdipCreateFromHDC (hdc=0xf80107e9, graphics=0xd7dff0) returned 0x0
[0238.543] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0238.543] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0238.543] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638d88) returned 0x0
[0238.543] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfc8) returned 0x0
[0238.543] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0238.543] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0238.543] GdipGetClip (graphics=0x663e568, region=0x6645998) returned 0x0
[0238.543] GdipIsInfiniteRegion (region=0x6645998, graphics=0x663e568, result=0xd7dfbc) returned 0x0
[0238.543] GdipDeleteRegion (region=0x6645998) returned 0x0
[0238.543] GdipSaveGraphics (graphics=0x663e568, state=0xd7dfe8) returned 0x0
[0238.543] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0238.550] GdipFillRectangleI (graphics=0x663e568, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0238.550] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0238.552] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0238.552] SelectPalette (hdc=0xf80107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0238.552] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.552] GetSystemMetrics (nIndex=42) returned 0
[0238.552] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0238.553] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0238.553] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0238.553] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0238.553] SelectPalette (hdc=0xf80107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0238.553] GdipCreateFromHDC (hdc=0xf80107e9, graphics=0xd7df90) returned 0x0
[0238.553] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0238.553] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0238.553] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a88) returned 0x0
[0238.553] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df68) returned 0x0
[0238.553] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0238.553] GdipCreateRegion (region=0xd7df50) returned 0x0
[0238.553] GdipGetClip (graphics=0x663e568, region=0x6645ab8) returned 0x0
[0238.553] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x663e568, result=0xd7df5c) returned 0x0
[0238.553] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0238.554] GdipSaveGraphics (graphics=0x663e568, state=0xd7df88) returned 0x0
[0238.554] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0238.560] GdipFillRectangleI (graphics=0x663e568, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0238.560] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0238.562] GdipRestoreGraphics (graphics=0x663e568, state=0xf8e20dbd) returned 0x0
[0238.562] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.562] GetSystemMetrics (nIndex=42) returned 0
[0238.562] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0238.562] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0238.562] SelectPalette (hdc=0xf80107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0238.563] RestoreDC (hdc=0xf80107e9, nSavedDC=-1) returned 1
[0238.563] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107e9) returned 0x0
[0238.563] IsAppThemed () returned 0x1
[0238.563] GetThemeAppProperties () returned 0x3
[0238.563] GetThemeAppProperties () returned 0x3
[0238.563] IsAppThemed () returned 0x1
[0238.563] GetThemeAppProperties () returned 0x3
[0238.563] GetThemeAppProperties () returned 0x3
[0238.563] IsThemePartDefined () returned 0x1
[0238.563] GdipCreateRegion (region=0xd7e480) returned 0x0
[0238.563] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0238.563] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0238.563] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0238.563] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e498) returned 0x0
[0238.563] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0238.563] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0238.563] LocalFree (hMem=0x11ee868) returned 0x0
[0238.564] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0238.564] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0238.564] LocalFree (hMem=0x11ee788) returned 0x0
[0238.564] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0238.564] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0238.564] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0238.564] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0238.564] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0238.564] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0238.564] GetCurrentObject (hdc=0xf80107e9, type=0x1) returned 0xb00017
[0238.564] GetCurrentObject (hdc=0xf80107e9, type=0x2) returned 0x900010
[0238.564] GetCurrentObject (hdc=0xf80107e9, type=0x7) returned 0x4a0507fe
[0238.564] GetCurrentObject (hdc=0xf80107e9, type=0x6) returned 0x8a01c2
[0238.564] SaveDC (hdc=0xf80107e9) returned 1
[0238.564] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xaa0407de
[0238.564] GetClipRgn (hdc=0xf80107e9, hrgn=0xaa0407de) returned 0
[0238.565] SelectClipRgn (hdc=0xf80107e9, hrgn=0x17040807) returned 2
[0238.565] DeleteObject (ho=0xaa0407de) returned 1
[0238.565] DeleteObject (ho=0x17040807) returned 1
[0238.565] OffsetViewportOrgEx (in: hdc=0xf80107e9, x=0, y=0, lppt=0x2decbb8 | out: lppt=0x2decbb8) returned 1
[0238.565] IsAppThemed () returned 0x1
[0238.565] GetThemeAppProperties () returned 0x3
[0238.565] GetThemeAppProperties () returned 0x3
[0238.565] DrawThemeBackground () returned 0x0
[0238.565] RestoreDC (hdc=0xf80107e9, nSavedDC=-1) returned 1
[0238.565] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107e9) returned 0x0
[0238.565] GdipCreateRegion (region=0xd7e484) returned 0x0
[0238.565] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0238.565] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0238.565] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0238.565] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e49c) returned 0x0
[0238.565] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0238.565] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0238.566] LocalFree (hMem=0x11eec58) returned 0x0
[0238.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0238.566] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0238.566] LocalFree (hMem=0x11eec58) returned 0x0
[0238.566] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0238.566] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0238.566] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0238.566] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0238.566] GdipDeleteRegion (region=0x6645758) returned 0x0
[0238.566] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0238.566] GetCurrentObject (hdc=0xf80107e9, type=0x1) returned 0xb00017
[0238.566] GetCurrentObject (hdc=0xf80107e9, type=0x2) returned 0x900010
[0238.566] GetCurrentObject (hdc=0xf80107e9, type=0x7) returned 0x4a0507fe
[0238.566] GetCurrentObject (hdc=0xf80107e9, type=0x6) returned 0x8a01c2
[0238.566] SaveDC (hdc=0xf80107e9) returned 1
[0238.566] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x18040807
[0238.567] GetClipRgn (hdc=0xf80107e9, hrgn=0x18040807) returned 0
[0238.567] SelectClipRgn (hdc=0xf80107e9, hrgn=0xab0407de) returned 2
[0238.567] DeleteObject (ho=0x18040807) returned 1
[0238.567] DeleteObject (ho=0xab0407de) returned 1
[0238.567] OffsetViewportOrgEx (in: hdc=0xf80107e9, x=0, y=0, lppt=0x2dece8c | out: lppt=0x2dece8c) returned 1
[0238.567] IsAppThemed () returned 0x1
[0238.567] GetThemeAppProperties () returned 0x3
[0238.567] GetThemeAppProperties () returned 0x3
[0238.567] GetThemeBackgroundContentRect () returned 0x0
[0238.567] RestoreDC (hdc=0xf80107e9, nSavedDC=-1) returned 1
[0238.567] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107e9) returned 0x0
[0238.567] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0238.567] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0238.567] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0238.567] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0238.567] IsAppThemed () returned 0x1
[0238.568] GetThemeAppProperties () returned 0x3
[0238.568] GetThemeAppProperties () returned 0x3
[0238.568] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0238.568] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0238.568] GetCurrentObject (hdc=0xf80107e9, type=0x1) returned 0xb00017
[0238.568] GetCurrentObject (hdc=0xf80107e9, type=0x2) returned 0x900010
[0238.568] GetCurrentObject (hdc=0xf80107e9, type=0x7) returned 0x4a0507fe
[0238.568] GetCurrentObject (hdc=0xf80107e9, type=0x6) returned 0x8a01c2
[0238.568] SaveDC (hdc=0xf80107e9) returned 1
[0238.568] GetTextAlign (hdc=0xf80107e9) returned 0x0
[0238.568] GetTextColor (hdc=0xf80107e9) returned 0x0
[0238.568] GetCurrentObject (hdc=0xf80107e9, type=0x6) returned 0x8a01c2
[0238.568] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0238.568] SelectObject (hdc=0xf80107e9, h=0x6d0a0520) returned 0x8a01c2
[0238.569] GetBkMode (hdc=0xf80107e9) returned 2
[0238.569] SetBkMode (hdc=0xf80107e9, mode=1) returned 2
[0238.569] DrawTextExW (in: hdc=0xf80107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ded250 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0238.569] DrawTextExW (in: hdc=0xf80107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ded250 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0238.569] RestoreDC (hdc=0xf80107e9, nSavedDC=-1) returned 1
[0238.570] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107e9) returned 0x0
[0238.570] GetFocus () returned 0x602c4
[0238.570] IsAppThemed () returned 0x1
[0238.570] GetThemeAppProperties () returned 0x3
[0238.570] GetThemeAppProperties () returned 0x3
[0238.570] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0238.570] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xf80107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0238.570] GdipReleaseDC (graphics=0x6600030, hdc=0xf80107e9) returned 0x0
[0238.570] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0238.570] SelectObject (hdc=0xf80107e9, h=0x85000f) returned 0x4a0507fe
[0238.571] DeleteDC (hdc=0xf80107e9) returned 1
[0238.571] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0238.571] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0238.571] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0238.571] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0238.571] WaitMessage () returned 1
[0238.640] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.640] IsWindowUnicode (hWnd=0x602c4) returned 1
[0238.640] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.640] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0238.640] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0238.640] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.640] IsWindowUnicode (hWnd=0x602c4) returned 1
[0238.640] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.640] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0238.640] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0238.640] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xe0025) returned 0x0
[0238.640] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0238.640] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0238.640] WaitMessage () returned 1
[0238.790] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.790] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750100) returned 0x1
[0238.791] IsWindowUnicode (hWnd=0x602c4) returned 1
[0238.791] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.791] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750100) returned 0x1
[0238.791] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0238.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1a00042) returned 0x0
[0238.791] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0238.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0238.791] SetCursor (hCursor=0x10003) returned 0x10003
[0238.791] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0238.791] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0238.791] GetKeyState (nVirtKey=1) returned -128
[0238.791] GetKeyState (nVirtKey=2) returned 0
[0238.791] GetKeyState (nVirtKey=4) returned 0
[0238.791] GetKeyState (nVirtKey=5) returned 0
[0238.791] GetKeyState (nVirtKey=6) returned 0
[0238.791] IsWindowVisible (hWnd=0x602c4) returned 1
[0238.792] IsWindowEnabled (hWnd=0x602c4) returned 1
[0238.792] SetFocus (hWnd=0x602c4) returned 0x602c4
[0238.792] GetFocus () returned 0x602c4
[0238.792] GetFocus () returned 0x602c4
[0238.792] GetFocus () returned 0x602c4
[0238.792] GetKeyState (nVirtKey=1) returned -128
[0238.792] GetKeyState (nVirtKey=2) returned 0
[0238.792] GetKeyState (nVirtKey=4) returned 0
[0238.792] GetKeyState (nVirtKey=5) returned 0
[0238.792] GetKeyState (nVirtKey=6) returned 0
[0238.792] GetCapture () returned 0x0
[0238.792] SetCapture (hWnd=0x602c4) returned 0x0
[0238.792] GetKeyState (nVirtKey=1) returned -128
[0238.792] GetKeyState (nVirtKey=2) returned 0
[0238.792] GetKeyState (nVirtKey=4) returned 0
[0238.792] GetKeyState (nVirtKey=5) returned 0
[0238.792] GetKeyState (nVirtKey=6) returned 0
[0238.792] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0238.792] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0238.792] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.792] IsWindowUnicode (hWnd=0x602c4) returned 1
[0238.792] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0238.793] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0238.793] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0238.793] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ded3d4, cPoints=0x1 | out: lpPoints=0x2ded3d4) returned 40304859
[0238.793] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0238.793] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0238.793] UpdateWindow (hWnd=0x602c4) returned 1
[0238.793] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0238.793] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0238.793] CreateCompatibleDC (hdc=0xf0105ee) returned 0xf90107e9
[0238.793] SelectObject (hdc=0xf90107e9, h=0x4a0507fe) returned 0x85000f
[0238.793] GdipCreateFromHDC (hdc=0xf90107e9, graphics=0xd7e430) returned 0x0
[0238.793] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0238.793] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0238.793] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0238.794] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0238.794] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e490) returned 0x0
[0238.794] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0238.794] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0238.794] LocalFree (hMem=0x11eea60) returned 0x0
[0238.794] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0238.794] GdipCreateRegion (region=0xd7e478) returned 0x0
[0238.794] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0238.794] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e484) returned 0x0
[0238.794] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0238.794] GdipRestoreGraphics (graphics=0x6600030, state=0xf8e00dbd) returned 0x0
[0238.794] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0238.794] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0238.794] GetCurrentObject (hdc=0xf90107e9, type=0x1) returned 0xb00017
[0238.794] GetCurrentObject (hdc=0xf90107e9, type=0x2) returned 0x900010
[0238.794] GetCurrentObject (hdc=0xf90107e9, type=0x7) returned 0x4a0507fe
[0238.794] GetCurrentObject (hdc=0xf90107e9, type=0x6) returned 0x8a01c2
[0238.794] SaveDC (hdc=0xf90107e9) returned 1
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0xff) returned 0xff
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0x55) returned 0x55
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0x0) returned 0x0
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0x55) returned 0x55
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0x0) returned 0x0
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0x8080ff) returned 0x8080ff
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0x7373e5) returned 0x7373e5
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0xe5) returned 0xe5
[0238.795] GetNearestColor (hdc=0xf90107e9, color=0x0) returned 0x0
[0238.795] RestoreDC (hdc=0xf90107e9, nSavedDC=-1) returned 1
[0238.795] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107e9) returned 0x0
[0238.795] IsAppThemed () returned 0x1
[0238.795] GetThemeAppProperties () returned 0x3
[0238.795] GetThemeAppProperties () returned 0x3
[0238.795] IsAppThemed () returned 0x1
[0238.795] GetThemeAppProperties () returned 0x3
[0238.795] GetThemeAppProperties () returned 0x3
[0238.795] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2dedaf0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0238.796] IsAppThemed () returned 0x1
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] IsAppThemed () returned 0x1
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] IsAppThemed () returned 0x1
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] IsAppThemed () returned 0x1
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] IsThemePartDefined () returned 0x1
[0238.796] IsAppThemed () returned 0x1
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] GetThemeAppProperties () returned 0x3
[0238.796] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0238.796] IsAppThemed () returned 0x1
[0238.796] GetThemeAppProperties () returned 0x3
[0238.797] GetThemeAppProperties () returned 0x3
[0238.797] IsAppThemed () returned 0x1
[0238.797] GetThemeAppProperties () returned 0x3
[0238.797] GetThemeAppProperties () returned 0x3
[0238.797] IsThemePartDefined () returned 0x1
[0238.797] GdipCreateRegion (region=0xd7e194) returned 0x0
[0238.797] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0238.797] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0238.797] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0238.797] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e1ac) returned 0x0
[0238.797] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0238.797] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0238.797] LocalFree (hMem=0x11ee868) returned 0x0
[0238.797] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0238.797] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0238.797] LocalFree (hMem=0x11ee9f0) returned 0x0
[0238.797] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0238.797] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0238.797] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0238.797] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0238.797] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0238.797] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0238.797] GetCurrentObject (hdc=0xf90107e9, type=0x1) returned 0xb00017
[0238.797] GetCurrentObject (hdc=0xf90107e9, type=0x2) returned 0x900010
[0238.798] GetCurrentObject (hdc=0xf90107e9, type=0x7) returned 0x4a0507fe
[0238.798] GetCurrentObject (hdc=0xf90107e9, type=0x6) returned 0x8a01c2
[0238.798] SaveDC (hdc=0xf90107e9) returned 1
[0238.798] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xac0407de
[0238.798] GetClipRgn (hdc=0xf90107e9, hrgn=0xac0407de) returned 0
[0238.798] SelectClipRgn (hdc=0xf90107e9, hrgn=0x1c040807) returned 2
[0238.798] DeleteObject (ho=0xac0407de) returned 1
[0238.798] DeleteObject (ho=0x1c040807) returned 1
[0238.798] OffsetViewportOrgEx (in: hdc=0xf90107e9, x=0, y=0, lppt=0x2dee1a0 | out: lppt=0x2dee1a0) returned 1
[0238.798] DrawThemeParentBackground () returned 0x0
[0238.798] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0238.798] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0238.798] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.798] GetSystemMetrics (nIndex=42) returned 0
[0238.798] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0238.799] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0238.799] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0238.799] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0238.799] SelectPalette (hdc=0xf90107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0238.799] GdipCreateFromHDC (hdc=0xf90107e9, graphics=0xd7dc88) returned 0x0
[0238.799] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0238.799] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0238.799] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638ba8) returned 0x0
[0238.799] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc60) returned 0x0
[0238.799] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0238.799] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0238.799] GdipGetClip (graphics=0x663e568, region=0x6645ab8) returned 0x0
[0238.799] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x663e568, result=0xd7dc54) returned 0x0
[0238.799] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0238.799] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc80) returned 0x0
[0238.800] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0238.807] GdipFillRectangleI (graphics=0x663e568, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0238.807] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0238.809] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0238.809] SelectPalette (hdc=0xf90107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0238.810] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.810] GetSystemMetrics (nIndex=42) returned 0
[0238.810] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0238.810] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0238.810] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0238.810] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0238.810] SelectPalette (hdc=0xf90107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0238.810] GdipCreateFromHDC (hdc=0xf90107e9, graphics=0xd7dc28) returned 0x0
[0238.810] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0238.810] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0238.810] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a58) returned 0x0
[0238.810] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc00) returned 0x0
[0238.810] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0238.810] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0238.810] GdipGetClip (graphics=0x663e568, region=0x6645d88) returned 0x0
[0238.811] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x663e568, result=0xd7dbf4) returned 0x0
[0238.811] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0238.811] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc20) returned 0x0
[0238.811] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0238.818] GdipFillRectangleI (graphics=0x663e568, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0238.818] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0238.819] GdipRestoreGraphics (graphics=0x663e568, state=0xf8dc0dbd) returned 0x0
[0238.819] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.819] GetSystemMetrics (nIndex=42) returned 0
[0238.819] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0238.819] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0238.820] SelectPalette (hdc=0xf90107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0238.820] RestoreDC (hdc=0xf90107e9, nSavedDC=-1) returned 1
[0238.820] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107e9) returned 0x0
[0238.820] IsAppThemed () returned 0x1
[0238.820] GetThemeAppProperties () returned 0x3
[0238.820] GetThemeAppProperties () returned 0x3
[0238.820] IsAppThemed () returned 0x1
[0238.820] GetThemeAppProperties () returned 0x3
[0238.820] GetThemeAppProperties () returned 0x3
[0238.820] IsThemePartDefined () returned 0x1
[0238.820] GdipCreateRegion (region=0xd7e118) returned 0x0
[0238.820] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0238.820] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0238.820] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0238.820] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e130) returned 0x0
[0238.820] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0238.820] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0238.820] LocalFree (hMem=0x11eea28) returned 0x0
[0238.821] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0238.821] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0238.821] LocalFree (hMem=0x11ee788) returned 0x0
[0238.821] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0238.821] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e158) returned 0x0
[0238.821] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e148) returned 0x0
[0238.821] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0238.821] GdipDeleteRegion (region=0x6645758) returned 0x0
[0238.821] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0238.821] GetCurrentObject (hdc=0xf90107e9, type=0x1) returned 0xb00017
[0238.821] GetCurrentObject (hdc=0xf90107e9, type=0x2) returned 0x900010
[0238.821] GetCurrentObject (hdc=0xf90107e9, type=0x7) returned 0x4a0507fe
[0238.821] GetCurrentObject (hdc=0xf90107e9, type=0x6) returned 0x8a01c2
[0238.821] SaveDC (hdc=0xf90107e9) returned 1
[0238.821] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1d040807
[0238.821] GetClipRgn (hdc=0xf90107e9, hrgn=0x1d040807) returned 0
[0238.821] SelectClipRgn (hdc=0xf90107e9, hrgn=0xae0407de) returned 2
[0238.821] DeleteObject (ho=0x1d040807) returned 1
[0238.821] DeleteObject (ho=0xae0407de) returned 1
[0238.821] OffsetViewportOrgEx (in: hdc=0xf90107e9, x=0, y=0, lppt=0x2df49f0 | out: lppt=0x2df49f0) returned 1
[0238.822] IsAppThemed () returned 0x1
[0238.822] GetThemeAppProperties () returned 0x3
[0238.822] GetThemeAppProperties () returned 0x3
[0238.822] DrawThemeBackground () returned 0x0
[0238.822] RestoreDC (hdc=0xf90107e9, nSavedDC=-1) returned 1
[0238.822] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107e9) returned 0x0
[0238.822] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0238.822] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0238.822] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0238.822] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0238.822] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e134) returned 0x0
[0238.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0238.822] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0238.822] LocalFree (hMem=0x11ee9f0) returned 0x0
[0238.822] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0238.822] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0238.822] LocalFree (hMem=0x11ee788) returned 0x0
[0238.822] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0238.822] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0238.822] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0238.822] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0238.823] GdipDeleteRegion (region=0x6645368) returned 0x0
[0238.823] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0238.823] GetCurrentObject (hdc=0xf90107e9, type=0x1) returned 0xb00017
[0238.823] GetCurrentObject (hdc=0xf90107e9, type=0x2) returned 0x900010
[0238.823] GetCurrentObject (hdc=0xf90107e9, type=0x7) returned 0x4a0507fe
[0238.823] GetCurrentObject (hdc=0xf90107e9, type=0x6) returned 0x8a01c2
[0238.823] SaveDC (hdc=0xf90107e9) returned 1
[0238.823] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xaf0407de
[0238.823] GetClipRgn (hdc=0xf90107e9, hrgn=0xaf0407de) returned 0
[0238.823] SelectClipRgn (hdc=0xf90107e9, hrgn=0x1e040807) returned 2
[0238.823] DeleteObject (ho=0xaf0407de) returned 1
[0238.823] DeleteObject (ho=0x1e040807) returned 1
[0238.823] OffsetViewportOrgEx (in: hdc=0xf90107e9, x=0, y=0, lppt=0x2df4cc4 | out: lppt=0x2df4cc4) returned 1
[0238.823] IsAppThemed () returned 0x1
[0238.823] GetThemeAppProperties () returned 0x3
[0238.823] GetThemeAppProperties () returned 0x3
[0238.823] GetThemeBackgroundContentRect () returned 0x0
[0238.823] RestoreDC (hdc=0xf90107e9, nSavedDC=-1) returned 1
[0238.823] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107e9) returned 0x0
[0238.823] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0238.824] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0238.824] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0238.824] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0238.824] IsAppThemed () returned 0x1
[0238.824] GetThemeAppProperties () returned 0x3
[0238.824] GetThemeAppProperties () returned 0x3
[0238.824] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0238.824] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0238.824] GetCurrentObject (hdc=0xf90107e9, type=0x1) returned 0xb00017
[0238.824] GetCurrentObject (hdc=0xf90107e9, type=0x2) returned 0x900010
[0238.824] GetCurrentObject (hdc=0xf90107e9, type=0x7) returned 0x4a0507fe
[0238.824] GetCurrentObject (hdc=0xf90107e9, type=0x6) returned 0x8a01c2
[0238.824] SaveDC (hdc=0xf90107e9) returned 1
[0238.824] GetTextAlign (hdc=0xf90107e9) returned 0x0
[0238.824] GetTextColor (hdc=0xf90107e9) returned 0x0
[0238.824] GetCurrentObject (hdc=0xf90107e9, type=0x6) returned 0x8a01c2
[0238.824] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0238.824] SelectObject (hdc=0xf90107e9, h=0x6d0a0520) returned 0x8a01c2
[0238.825] GetBkMode (hdc=0xf90107e9) returned 2
[0238.825] SetBkMode (hdc=0xf90107e9, mode=1) returned 2
[0238.825] DrawTextExW (in: hdc=0xf90107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2df5088 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0238.825] DrawTextExW (in: hdc=0xf90107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2df5088 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0238.826] RestoreDC (hdc=0xf90107e9, nSavedDC=-1) returned 1
[0238.826] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107e9) returned 0x0
[0238.826] GetFocus () returned 0x602c4
[0238.826] IsAppThemed () returned 0x1
[0238.826] GetThemeAppProperties () returned 0x3
[0238.826] GetThemeAppProperties () returned 0x3
[0238.826] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0238.826] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xf90107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0238.826] GdipReleaseDC (graphics=0x6600030, hdc=0xf90107e9) returned 0x0
[0238.826] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0238.826] SelectObject (hdc=0xf90107e9, h=0x85000f) returned 0x4a0507fe
[0238.827] DeleteDC (hdc=0xf90107e9) returned 1
[0238.827] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0238.827] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0238.827] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2df5184, cPoints=0x1 | out: lpPoints=0x2df5184) returned 40304859
[0238.827] WindowFromPoint (Point=0x100) returned 0x602c4
[0238.827] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2750100) returned 0x1
[0238.827] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0238.827] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0238.827] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0238.827] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0238.827] GetSystemMetrics (nIndex=42) returned 0
[0238.827] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0238.827] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0238.829] GetCapture () returned 0x602c4
[0238.829] ReleaseCapture () returned 1
[0238.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0238.829] GetProcessWindowStation () returned 0x13c
[0238.830] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.830] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0238.831] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.831] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0238.831] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.831] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0238.831] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.831] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0238.832] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.832] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0238.832] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.832] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0238.832] GetDC (hWnd=0x0) returned 0xc0107c5
[0238.832] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0238.833] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0238.833] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0238.833] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0238.833] GetSystemMetrics (nIndex=5) returned 1
[0238.833] GetSystemMetrics (nIndex=6) returned 1
[0238.833] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.833] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0238.834] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.834] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0238.836] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0238.836] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0238.836] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.837] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0238.837] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.837] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0238.838] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2dfaba0 | out: lpData=0x2dfaba0) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfafb0, puLen=0xd7e810) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfac58, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfacac, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfad2c, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfad94, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfadd4, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfae5c, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfae98, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfaef0, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfaf20, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfaf5c, puLen=0xd7e790) returned 1
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfafb0, puLen=0xd7e784) returned 1
[0238.839] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.839] VerQueryValueW (in: pBlock=0x2dfaba0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfabc8, puLen=0xd7e794) returned 1
[0238.840] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0238.840] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0238.840] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.840] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0238.840] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.840] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0238.840] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2dfcb10 | out: lpData=0x2dfcb10) returned 1
[0238.840] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfcbac, puLen=0xd7e810) returned 1
[0238.840] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcc24, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcc54, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcc90, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfccc0, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcd08, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcd80, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcdc4, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfce04, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcc02, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfcd50, puLen=0xd7e790) returned 1
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.841] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfcbac, puLen=0xd7e784) returned 1
[0238.841] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0238.842] VerQueryValueW (in: pBlock=0x2dfcb10, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfcb38, puLen=0xd7e794) returned 1
[0238.842] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0238.842] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0238.842] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.842] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0238.843] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.843] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0238.843] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2dfede8 | out: lpData=0x2dfede8) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dff1fc, puLen=0xd7e810) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeea0, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeef4, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfef50, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfefb0, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dff008, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dff090, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dff0e4, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dff13c, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dff16c, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dff1a8, puLen=0xd7e790) returned 1
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dff1fc, puLen=0xd7e784) returned 1
[0238.844] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.844] VerQueryValueW (in: pBlock=0x2dfede8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfee10, puLen=0xd7e794) returned 1
[0238.845] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0238.845] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0238.845] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.845] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0238.846] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.846] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0238.846] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e01420 | out: lpData=0x2e01420) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e01820, puLen=0xd7e810) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e014d8, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0152c, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0156c, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e015d4, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0162c, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e016b4, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01708, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01760, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01790, puLen=0xd7e790) returned 1
[0238.847] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.848] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e017cc, puLen=0xd7e790) returned 1
[0238.848] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.848] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e01820, puLen=0xd7e784) returned 1
[0238.848] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.848] VerQueryValueW (in: pBlock=0x2e01420, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e01448, puLen=0xd7e794) returned 1
[0238.848] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0238.849] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0238.849] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.849] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0238.849] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.849] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0238.850] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e03b5c | out: lpData=0x2e03b5c) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e03f24, puLen=0xd7e810) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03c14, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03c68, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03ca8, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03d10, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03d4c, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03dd4, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03e0c, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03e64, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03e94, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e03ed0, puLen=0xd7e790) returned 1
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.851] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e03f24, puLen=0xd7e784) returned 1
[0238.852] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.852] VerQueryValueW (in: pBlock=0x2e03b5c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e03b84, puLen=0xd7e794) returned 1
[0238.852] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0238.853] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0238.853] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.853] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0238.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.853] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0238.854] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e071c4 | out: lpData=0x2e071c4) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e075a4, puLen=0xd7e810) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0727c, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e072d0, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e07310, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e07370, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e073bc, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e07444, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0748c, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e074e4, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e07514, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e07550, puLen=0xd7e790) returned 1
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e075a4, puLen=0xd7e784) returned 1
[0238.855] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.855] VerQueryValueW (in: pBlock=0x2e071c4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e071ec, puLen=0xd7e794) returned 1
[0238.856] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0238.856] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0238.856] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.856] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0238.856] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.856] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0238.857] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e099e4 | out: lpData=0x2e099e4) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e09df0, puLen=0xd7e810) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09a9c, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09af0, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09b44, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09ba4, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09bfc, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09c84, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09cd8, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09d30, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09d60, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e09d9c, puLen=0xd7e790) returned 1
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e09df0, puLen=0xd7e784) returned 1
[0238.858] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.858] VerQueryValueW (in: pBlock=0x2e099e4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e09a0c, puLen=0xd7e794) returned 1
[0238.859] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0238.859] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0238.859] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.859] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0238.859] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.859] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0238.860] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e0c1f8 | out: lpData=0x2e0c1f8) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e0c5d0, puLen=0xd7e810) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c2b0, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c304, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c344, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c3ac, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c3f0, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c478, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c4b8, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c510, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c540, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0c57c, puLen=0xd7e790) returned 1
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e0c5d0, puLen=0xd7e784) returned 1
[0238.861] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.861] VerQueryValueW (in: pBlock=0x2e0c1f8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e0c220, puLen=0xd7e794) returned 1
[0238.862] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0238.862] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0238.862] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.862] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0238.862] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.862] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0238.863] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e0e750 | out: lpData=0x2e0e750) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e0eb28, puLen=0xd7e810) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e808, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e85c, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e89c, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e904, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e948, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0e9d0, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0ea10, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0ea68, puLen=0xd7e790) returned 1
[0238.864] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0ea98, puLen=0xd7e790) returned 1
[0238.865] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.865] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e0ead4, puLen=0xd7e790) returned 1
[0238.865] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.865] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e0eb28, puLen=0xd7e784) returned 1
[0238.865] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.865] VerQueryValueW (in: pBlock=0x2e0e750, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e0e778, puLen=0xd7e794) returned 1
[0238.866] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0238.866] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0238.866] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0238.866] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0238.866] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0238.866] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0238.867] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e10e88 | out: lpData=0x2e10e88) returned 1
[0238.867] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e112b8, puLen=0xd7e810) returned 1
[0238.867] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e10f40, puLen=0xd7e790) returned 1
[0238.867] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e10f94, puLen=0xd7e790) returned 1
[0238.867] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e11004, puLen=0xd7e790) returned 1
[0238.867] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e11064, puLen=0xd7e790) returned 1
[0238.867] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e110c0, puLen=0xd7e790) returned 1
[0238.867] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e11148, puLen=0xd7e790) returned 1
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e111a0, puLen=0xd7e790) returned 1
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e111f8, puLen=0xd7e790) returned 1
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e11228, puLen=0xd7e790) returned 1
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e11264, puLen=0xd7e790) returned 1
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e112b8, puLen=0xd7e784) returned 1
[0238.868] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0238.868] VerQueryValueW (in: pBlock=0x2e10e88, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e10eb0, puLen=0xd7e794) returned 1
[0238.868] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0238.868] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.869] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0238.869] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.869] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.869] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2300ea
[0238.870] SetWindowLongW (hWnd=0x2300ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0238.870] GetWindowLongW (hWnd=0x2300ea, nIndex=-4) returned 1950089536
[0238.870] SetWindowLongW (hWnd=0x2300ea, nIndex=-4, dwNewLong=19948934) returned 1950089536
[0238.870] GetWindowLongW (hWnd=0x2300ea, nIndex=-4) returned 19948934
[0238.870] GetWindowLongW (hWnd=0x2300ea, nIndex=-16) returned 113311744
[0238.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0238.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0238.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0238.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0238.872] GetClientRect (in: hWnd=0x2300ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0238.872] GetWindowRect (in: hWnd=0x2300ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0238.874] SetWindowTextW (hWnd=0x2300ea, lpString="WindowsFormsParkingWindow") returned 1
[0238.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0xc, wParam=0x0, lParam=0x2dd6438) returned 0x1
[0238.874] GetParent (hWnd=0x2300ea) returned 0x0
[0238.875] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.875] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2300ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2002dc
[0238.875] SetWindowLongW (hWnd=0x2002dc, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0238.875] GetWindowLongW (hWnd=0x2002dc, nIndex=-4) returned 1868147648
[0238.876] SetWindowLongW (hWnd=0x2002dc, nIndex=-4, dwNewLong=19948734) returned 1868147648
[0238.876] GetWindowLongW (hWnd=0x2002dc, nIndex=-4) returned 19948734
[0238.876] GetWindowLongW (hWnd=0x2002dc, nIndex=-16) returned 1174405133
[0238.876] GetWindowLongW (hWnd=0x2002dc, nIndex=-12) returned 0
[0238.876] SetWindowLongW (hWnd=0x2002dc, nIndex=-12, dwNewLong=2097884) returned 0
[0238.876] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0238.877] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0238.877] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0238.877] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0238.877] GetWindowRect (in: hWnd=0x2002dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0238.877] GetParent (hWnd=0x2002dc) returned 0x2300ea
[0238.877] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2300ea, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0238.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0238.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0238.878] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0238.878] GetWindowRect (in: hWnd=0x2002dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0238.878] GetParent (hWnd=0x2002dc) returned 0x2300ea
[0238.878] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2300ea, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0238.878] SendMessageW (hWnd=0x2002dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2002dc) returned 0x0
[0238.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2002dc) returned 0x0
[0238.878] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0238.879] GetParent (hWnd=0x2002dc) returned 0x2300ea
[0238.879] GdipCreateFromHWND (hwnd=0x2002dc, graphics=0xd7e844) returned 0x0
[0238.879] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0238.879] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0238.880] GetForegroundWindow () returned 0x7005c
[0238.880] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.880] GetSystemMetrics (nIndex=42) returned 0
[0238.880] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0238.880] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0238.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.880] GetSystemMetrics (nIndex=42) returned 0
[0238.880] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0238.880] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.881] GetCursorPos (in: lpPoint=0x2e1530c | out: lpPoint=0x2e1530c*(x=256, y=629)) returned 1
[0238.881] MonitorFromPoint (pt=0x100, dwFlags=0x275) returned 0x10001
[0238.881] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0238.881] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfc0107e9
[0238.881] GetDeviceCaps (hdc=0xfc0107e9, index=12) returned 32
[0238.881] GetDeviceCaps (hdc=0xfc0107e9, index=14) returned 1
[0238.881] DeleteDC (hdc=0xfc0107e9) returned 1
[0238.881] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0238.881] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0238.881] GetSystemMetrics (nIndex=59) returned 1460
[0238.881] GetSystemMetrics (nIndex=60) returned 920
[0238.881] GetSystemMetrics (nIndex=34) returned 136
[0238.881] GetSystemMetrics (nIndex=35) returned 39
[0238.882] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.882] GetCursorPos (in: lpPoint=0x2e15578 | out: lpPoint=0x2e15578*(x=256, y=629)) returned 1
[0238.882] MonitorFromPoint (pt=0x100, dwFlags=0x275) returned 0x10001
[0238.882] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0238.882] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfd0107e9
[0238.882] GetDeviceCaps (hdc=0xfd0107e9, index=12) returned 32
[0238.882] GetDeviceCaps (hdc=0xfd0107e9, index=14) returned 1
[0238.882] DeleteDC (hdc=0xfd0107e9) returned 1
[0238.882] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0238.882] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0238.883] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.883] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0238.883] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e15810 | out: piconinfo=0x2e15810) returned 1
[0238.883] GetObjectW (in: h=0x9e0507e8, c=24, pv=0x2e1582c | out: pv=0x2e1582c) returned 24
[0238.883] GdipCreateBitmapFromHBITMAP (hbm=0x9e0507e8, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0238.883] GdipGetImageWidth (image=0x6601018, width=0xd7e750) returned 0x0
[0238.883] GdipGetImageHeight (image=0x6601018, height=0xd7e748) returned 0x0
[0238.884] GdipGetImagePixelFormat (image=0x6601018, format=0xd7e740) returned 0x0
[0238.884] GdipBitmapLockBits (bitmap=0x6601018, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e158e4) returned 0x0
[0238.884] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0238.884] GdipBitmapLockBits (bitmap=0x6603430, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e1591c) returned 0x0
[0238.884] RtlMoveMemory (in: Destination=0x6660f58, Source=0x665aea0, Length=0x80 | out: Destination=0x6660f58)
[0238.884] RtlMoveMemory (in: Destination=0x6660fd8, Source=0x665ae20, Length=0x80 | out: Destination=0x6660fd8)
[0238.884] RtlMoveMemory (in: Destination=0x6661058, Source=0x665ada0, Length=0x80 | out: Destination=0x6661058)
[0238.884] RtlMoveMemory (in: Destination=0x66610d8, Source=0x665ad20, Length=0x80 | out: Destination=0x66610d8)
[0238.884] RtlMoveMemory (in: Destination=0x6661158, Source=0x665aca0, Length=0x80 | out: Destination=0x6661158)
[0238.884] RtlMoveMemory (in: Destination=0x66611d8, Source=0x665ac20, Length=0x80 | out: Destination=0x66611d8)
[0238.884] RtlMoveMemory (in: Destination=0x6661258, Source=0x665aba0, Length=0x80 | out: Destination=0x6661258)
[0238.884] RtlMoveMemory (in: Destination=0x66612d8, Source=0x665ab20, Length=0x80 | out: Destination=0x66612d8)
[0238.884] RtlMoveMemory (in: Destination=0x6661358, Source=0x665aaa0, Length=0x80 | out: Destination=0x6661358)
[0238.884] RtlMoveMemory (in: Destination=0x66613d8, Source=0x665aa20, Length=0x80 | out: Destination=0x66613d8)
[0238.884] RtlMoveMemory (in: Destination=0x6661458, Source=0x665a9a0, Length=0x80 | out: Destination=0x6661458)
[0238.884] RtlMoveMemory (in: Destination=0x66614d8, Source=0x665a920, Length=0x80 | out: Destination=0x66614d8)
[0238.884] RtlMoveMemory (in: Destination=0x6661558, Source=0x665a8a0, Length=0x80 | out: Destination=0x6661558)
[0238.884] RtlMoveMemory (in: Destination=0x66615d8, Source=0x665a820, Length=0x80 | out: Destination=0x66615d8)
[0238.884] RtlMoveMemory (in: Destination=0x6661658, Source=0x665a7a0, Length=0x80 | out: Destination=0x6661658)
[0238.884] RtlMoveMemory (in: Destination=0x66616d8, Source=0x665a720, Length=0x80 | out: Destination=0x66616d8)
[0238.884] RtlMoveMemory (in: Destination=0x6661758, Source=0x665a6a0, Length=0x80 | out: Destination=0x6661758)
[0238.885] RtlMoveMemory (in: Destination=0x66617d8, Source=0x665a620, Length=0x80 | out: Destination=0x66617d8)
[0238.885] RtlMoveMemory (in: Destination=0x6661858, Source=0x665a5a0, Length=0x80 | out: Destination=0x6661858)
[0238.885] RtlMoveMemory (in: Destination=0x66618d8, Source=0x665a520, Length=0x80 | out: Destination=0x66618d8)
[0238.885] RtlMoveMemory (in: Destination=0x6661958, Source=0x665a4a0, Length=0x80 | out: Destination=0x6661958)
[0238.885] RtlMoveMemory (in: Destination=0x66619d8, Source=0x665a420, Length=0x80 | out: Destination=0x66619d8)
[0238.885] RtlMoveMemory (in: Destination=0x6661a58, Source=0x665a3a0, Length=0x80 | out: Destination=0x6661a58)
[0238.885] RtlMoveMemory (in: Destination=0x6661ad8, Source=0x665a320, Length=0x80 | out: Destination=0x6661ad8)
[0238.885] RtlMoveMemory (in: Destination=0x6661b58, Source=0x665a2a0, Length=0x80 | out: Destination=0x6661b58)
[0238.885] RtlMoveMemory (in: Destination=0x6661bd8, Source=0x665a220, Length=0x80 | out: Destination=0x6661bd8)
[0238.885] RtlMoveMemory (in: Destination=0x6661c58, Source=0x665a1a0, Length=0x80 | out: Destination=0x6661c58)
[0238.885] RtlMoveMemory (in: Destination=0x6661cd8, Source=0x665a120, Length=0x80 | out: Destination=0x6661cd8)
[0238.885] RtlMoveMemory (in: Destination=0x6661d58, Source=0x665a0a0, Length=0x80 | out: Destination=0x6661d58)
[0238.885] RtlMoveMemory (in: Destination=0x6661dd8, Source=0x665a020, Length=0x80 | out: Destination=0x6661dd8)
[0238.885] RtlMoveMemory (in: Destination=0x6661e58, Source=0x6659fa0, Length=0x80 | out: Destination=0x6661e58)
[0238.885] RtlMoveMemory (in: Destination=0x6661ed8, Source=0x6659f20, Length=0x80 | out: Destination=0x6661ed8)
[0238.885] GdipBitmapUnlockBits (bitmap=0x6601018, lockedBitmapData=0x2e158e4) returned 0x0
[0238.885] GdipBitmapUnlockBits (bitmap=0x6603430, lockedBitmapData=0x2e1591c) returned 0x0
[0238.885] GdipDisposeImage (image=0x6601018) returned 0x0
[0238.885] DeleteObject (ho=0x9e0507e8) returned 1
[0238.885] DeleteObject (ho=0xfe0507e9) returned 1
[0238.885] GetCurrentThreadId () returned 0xf50
[0238.885] GetCurrentThreadId () returned 0xf50
[0238.886] SetWindowPos (hWnd=0x2002dc, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0238.886] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0238.886] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0238.886] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0238.886] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0238.886] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0238.886] GetWindowRect (in: hWnd=0x2002dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0238.886] GetParent (hWnd=0x2002dc) returned 0x2300ea
[0238.886] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2300ea, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0238.886] InvalidateRect (hWnd=0x2002dc, lpRect=0x0, bErase=1) returned 1
[0238.886] GetWindowTextLengthW (hWnd=0x2002dc) returned 0
[0238.886] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0238.886] GetSystemMetrics (nIndex=42) returned 0
[0238.887] GetWindowTextW (in: hWnd=0x2002dc, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0238.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0238.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0238.887] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0238.887] GetWindowRect (in: hWnd=0x2002dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0238.887] GetParent (hWnd=0x2002dc) returned 0x2300ea
[0238.887] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2300ea, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0238.887] GetWindowTextLengthW (hWnd=0x2002dc) returned 0
[0238.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0238.887] GetSystemMetrics (nIndex=42) returned 0
[0238.887] GetWindowTextW (in: hWnd=0x2002dc, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0238.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0238.887] GetWindowTextLengthW (hWnd=0x2002dc) returned 0
[0238.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0238.887] GetSystemMetrics (nIndex=42) returned 0
[0238.887] GetWindowTextW (in: hWnd=0x2002dc, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0238.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0238.887] SetWindowTextW (hWnd=0x2002dc, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0238.887] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xc, wParam=0x0, lParam=0x2df6778) returned 0x1
[0238.888] InvalidateRect (hWnd=0x2002dc, lpRect=0x0, bErase=1) returned 1
[0238.888] GetCurrentThreadId () returned 0xf50
[0238.888] GetWindowThreadProcessId (in: hWnd=0x2002dc, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0238.888] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0238.889] GdipImageForceValidation (image=0x6603ac0) returned 0x0
[0238.891] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0238.891] GdipGetImageHeight (image=0x6603ac0, height=0xd7e824) returned 0x0
[0238.891] GdipGetImageWidth (image=0x6603ac0, width=0xd7e824) returned 0x0
[0238.891] GdipGetImageWidth (image=0x6603ac0, width=0xd7e810) returned 0x0
[0238.891] GdipGetImageHeight (image=0x6603ac0, height=0xd7e810) returned 0x0
[0238.891] GdipGetImageWidth (image=0x6603ac0, width=0xd7e800) returned 0x0
[0238.891] GdipGetImageHeight (image=0x6603ac0, height=0xd7e800) returned 0x0
[0238.891] GdipBitmapGetPixel (bitmap=0x6603ac0, x=0, y=15, color=0xd7e810) returned 0x0
[0238.891] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0238.891] GdipGetImageWidth (image=0x6603ac0, width=0xd7e740) returned 0x0
[0238.891] GdipGetImageHeight (image=0x6603ac0, height=0xd7e740) returned 0x0
[0238.891] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0238.891] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0238.891] GdipGetImageGraphicsContext (image=0x66023c8, graphics=0xd7e74c) returned 0x0
[0238.891] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0238.891] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0238.891] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0238.891] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603ac0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0238.892] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0238.892] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0238.892] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0238.892] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0238.893] GdipImageForceValidation (image=0x6601018) returned 0x0
[0238.894] GdipGetImageRawFormat (image=0x6601018, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0238.894] GdipGetImageHeight (image=0x6601018, height=0xd7e824) returned 0x0
[0238.894] GdipGetImageWidth (image=0x6601018, width=0xd7e824) returned 0x0
[0238.894] GdipGetImageWidth (image=0x6601018, width=0xd7e810) returned 0x0
[0238.894] GdipGetImageHeight (image=0x6601018, height=0xd7e810) returned 0x0
[0238.894] GdipGetImageWidth (image=0x6601018, width=0xd7e800) returned 0x0
[0238.894] GdipGetImageHeight (image=0x6601018, height=0xd7e800) returned 0x0
[0238.894] GdipBitmapGetPixel (bitmap=0x6601018, x=0, y=15, color=0xd7e810) returned 0x0
[0238.894] GdipGetImageRawFormat (image=0x6601018, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0238.894] GdipGetImageWidth (image=0x6601018, width=0xd7e740) returned 0x0
[0238.894] GdipGetImageHeight (image=0x6601018, height=0xd7e740) returned 0x0
[0238.894] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0238.895] GdipGetImagePixelFormat (image=0x6600640, format=0xd7e740) returned 0x0
[0238.895] GdipGetImageGraphicsContext (image=0x6600640, graphics=0xd7e74c) returned 0x0
[0238.895] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0238.895] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0238.895] GdipSetImageAttributesColorKeys (imageattr=0x6638a28, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0238.895] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601018, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a28, callback=0x0, callbackData=0x0) returned 0x0
[0238.895] GdipDisposeImageAttributes (imageattr=0x6638a28) returned 0x0
[0238.895] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0238.895] GdipDisposeImage (image=0x6601018) returned 0x0
[0238.895] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.896] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0238.896] GetCurrentThreadId () returned 0xf50
[0238.896] GetCurrentThreadId () returned 0xf50
[0238.896] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.896] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0238.896] GetCurrentThreadId () returned 0xf50
[0238.896] GetCurrentThreadId () returned 0xf50
[0238.896] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.896] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0238.896] GetCurrentThreadId () returned 0xf50
[0238.896] GetCurrentThreadId () returned 0xf50
[0238.896] GetSystemMetrics (nIndex=5) returned 1
[0238.896] GetSystemMetrics (nIndex=6) returned 1
[0238.897] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.897] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0238.897] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.897] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0238.897] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.897] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0238.897] GetCurrentThreadId () returned 0xf50
[0238.897] GetCurrentThreadId () returned 0xf50
[0238.897] GetProcessWindowStation () returned 0x13c
[0238.897] GetCapture () returned 0x0
[0238.897] GetActiveWindow () returned 0x7005c
[0238.898] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0238.898] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.898] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0238.898] GetCursorPos (in: lpPoint=0x2e16a5c | out: lpPoint=0x2e16a5c*(x=256, y=629)) returned 1
[0238.898] MonitorFromPoint (pt=0x101, dwFlags=0x273) returned 0x10001
[0238.898] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0238.898] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xff0107e9
[0238.898] GetDeviceCaps (hdc=0xff0107e9, index=12) returned 32
[0238.898] GetDeviceCaps (hdc=0xff0107e9, index=14) returned 1
[0238.898] DeleteDC (hdc=0xff0107e9) returned 1
[0238.898] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0238.899] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.899] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1602ce
[0238.899] SetWindowLongW (hWnd=0x1602ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0238.899] GetWindowLongW (hWnd=0x1602ce, nIndex=-4) returned 1950089536
[0238.899] SetWindowLongW (hWnd=0x1602ce, nIndex=-4, dwNewLong=19948774) returned 1950089536
[0238.900] GetWindowLongW (hWnd=0x1602ce, nIndex=-4) returned 19948774
[0238.900] GetWindowLongW (hWnd=0x1602ce, nIndex=-16) returned 113770496
[0238.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0238.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0238.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0238.901] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0238.901] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0238.901] SetWindowTextW (hWnd=0x1602ce, lpString="BB ransomware") returned 1
[0238.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xc, wParam=0x0, lParam=0x2e151f8) returned 0x1
[0238.902] GetStartupInfoW (in: lpStartupInfo=0x2e16d98 | out: lpStartupInfo=0x2e16d98*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0238.904] GetParent (hWnd=0x1602ce) returned 0x0
[0238.904] SetWindowLongW (hWnd=0x1602ce, nIndex=-8, dwNewLong=0) returned 0
[0238.905] SendMessageW (hWnd=0x1602ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0238.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0238.905] SendMessageW (hWnd=0x1602ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0238.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0238.905] GetSystemMenu (hWnd=0x1602ce, bRevert=0) returned 0x9002a1
[0238.906] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0238.906] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0238.906] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0238.906] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0238.906] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0238.906] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0238.906] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0238.906] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0238.906] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0238.906] SetWindowPos (hWnd=0x1602ce, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0238.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0238.907] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1602ce) returned 0x1
[0238.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0238.909] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0238.910] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0238.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0238.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0238.912] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1602ce, lParam=0x0) returned 0x0
[0238.912] GetCapture () returned 0x0
[0238.912] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0238.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0238.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0238.915] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0238.915] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0238.916] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0238.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0238.916] GetParent (hWnd=0x1602ce) returned 0x0
[0238.916] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0238.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0238.918] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0238.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0238.918] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0238.918] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0238.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0238.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0238.920] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0238.921] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.921] GetWindowLongW (hWnd=0x1602ce, nIndex=-16) returned 113770496
[0238.921] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0238.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.921] GetSystemMetrics (nIndex=42) returned 0
[0238.921] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0238.922] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0238.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.922] GetSystemMetrics (nIndex=42) returned 0
[0238.922] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0238.922] GetCursorPos (in: lpPoint=0x2e16fd4 | out: lpPoint=0x2e16fd4*(x=256, y=629)) returned 1
[0238.922] MonitorFromPoint (pt=0x100, dwFlags=0x275) returned 0x10001
[0238.922] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0238.922] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc40107e6
[0238.922] GetDeviceCaps (hdc=0xc40107e6, index=12) returned 32
[0238.922] GetDeviceCaps (hdc=0xc40107e6, index=14) returned 1
[0238.922] DeleteDC (hdc=0xc40107e6) returned 1
[0238.922] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0238.922] GetWindowLongW (hWnd=0x1602ce, nIndex=-16) returned 113770496
[0238.922] GetWindowLongW (hWnd=0x1602ce, nIndex=-20) returned 327945
[0238.923] SetWindowLongW (hWnd=0x1602ce, nIndex=-16, dwNewLong=46661632) returned 113770496
[0238.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0238.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0238.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0238.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0238.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0238.924] SetWindowLongW (hWnd=0x1602ce, nIndex=-20, dwNewLong=327681) returned 327945
[0238.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0238.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0238.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0238.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0238.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0238.926] SetWindowPos (hWnd=0x1602ce, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0238.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0238.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0238.927] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0238.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0238.927] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0238.927] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0238.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0238.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0238.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0238.929] RedrawWindow (hWnd=0x1602ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0238.929] GetSystemMenu (hWnd=0x1602ce, bRevert=0) returned 0x9002a1
[0238.929] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0238.929] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0238.929] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0238.929] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0238.929] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0238.929] EnableMenuItem (hMenu=0x9002a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0238.929] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0238.929] GetWindowLongW (hWnd=0x1602ce, nIndex=-8) returned 0
[0238.929] SetWindowLongW (hWnd=0x1602ce, nIndex=-8, dwNewLong=458844) returned 0
[0238.930] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0238.930] GetProcessWindowStation () returned 0x13c
[0238.931] GetCurrentThreadId () returned 0xf50
[0238.931] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130650e, lParam=0x0) returned 1
[0238.931] IsWindowVisible (hWnd=0x1602ce) returned 0
[0238.931] IsWindowVisible (hWnd=0x7005c) returned 1
[0238.931] IsWindowEnabled (hWnd=0x7005c) returned 1
[0238.931] IsWindowVisible (hWnd=0x300ec) returned 0
[0238.931] IsWindowVisible (hWnd=0x502c6) returned 0
[0238.931] IsWindowVisible (hWnd=0x502be) returned 0
[0238.931] GetActiveWindow () returned 0x1602ce
[0238.931] GetFocus () returned 0x1602ce
[0238.931] IsWindow (hWnd=0x7005c) returned 1
[0238.931] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0238.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0238.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0238.932] GetWindowLongW (hWnd=0x1602ce, nIndex=-8) returned 458844
[0238.932] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0238.932] GetCurrentThreadId () returned 0xf50
[0238.932] GetWindowLongW (hWnd=0x1602ce, nIndex=-8) returned 458844
[0238.932] IsWindowEnabled (hWnd=0x7005c) returned 0
[0238.932] IsWindowEnabled (hWnd=0x1602ce) returned 1
[0238.932] ShowWindow (hWnd=0x1602ce, nCmdShow=5) returned 0
[0238.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0238.932] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0238.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.933] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.933] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1602ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2002da
[0238.934] SetWindowLongW (hWnd=0x2002da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0238.934] GetWindowLongW (hWnd=0x2002da, nIndex=-4) returned 1950089536
[0238.934] SetWindowLongW (hWnd=0x2002da, nIndex=-4, dwNewLong=19948974) returned 1950089536
[0238.934] GetWindowLongW (hWnd=0x2002da, nIndex=-4) returned 19948974
[0238.934] GetWindowLongW (hWnd=0x2002da, nIndex=-16) returned 1174405120
[0238.934] GetWindowLongW (hWnd=0x2002da, nIndex=-12) returned 0
[0238.938] SetWindowLongW (hWnd=0x2002da, nIndex=-12, dwNewLong=2097882) returned 0
[0238.938] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0238.938] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0238.938] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0238.938] GetWindow (hWnd=0x2002da, uCmd=0x3) returned 0x0
[0238.938] GetClientRect (in: hWnd=0x2002da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0238.938] GetWindowRect (in: hWnd=0x2002da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0238.938] GetParent (hWnd=0x2002da) returned 0x1602ce
[0238.938] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0238.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0238.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0238.939] GetClientRect (in: hWnd=0x2002da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0238.939] GetWindowRect (in: hWnd=0x2002da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0238.939] GetParent (hWnd=0x2002da) returned 0x1602ce
[0238.939] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0238.939] SendMessageW (hWnd=0x2002da, Msg=0x2210, wParam=0x2da0001, lParam=0x2002da) returned 0x0
[0238.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x2210, wParam=0x2da0001, lParam=0x2002da) returned 0x0
[0238.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0238.940] GetParent (hWnd=0x2002da) returned 0x1602ce
[0238.940] GetParent (hWnd=0x2002dc) returned 0x2300ea
[0238.940] SetParent (hWndChild=0x2002dc, hWndNewParent=0x1602ce) returned 0x2300ea
[0238.940] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0238.940] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0238.940] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0238.941] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0238.941] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0238.941] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0238.941] GetWindowRect (in: hWnd=0x2002dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0238.941] GetParent (hWnd=0x2002dc) returned 0x1602ce
[0238.941] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0238.941] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0238.941] GetWindowRect (in: hWnd=0x2002dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0238.941] GetParent (hWnd=0x2002dc) returned 0x1602ce
[0238.941] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0238.941] GetParent (hWnd=0x2002dc) returned 0x1602ce
[0238.941] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0238.941] GetWindow (hWnd=0x2002dc, uCmd=0x3) returned 0x0
[0238.941] SetWindowPos (hWnd=0x2002dc, hWndInsertAfter=0x2002da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0238.941] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0238.942] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0238.942] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0238.942] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0238.942] GetWindowRect (in: hWnd=0x2002dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0238.942] GetParent (hWnd=0x2002dc) returned 0x1602ce
[0238.942] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0238.942] GetParent (hWnd=0x2002dc) returned 0x1602ce
[0238.942] GetWindow (hWnd=0x2002dc, uCmd=0x3) returned 0x2002da
[0238.942] GetWindowThreadProcessId (in: hWnd=0x2002dc, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0238.942] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0238.943] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.943] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.943] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1602ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2202d8
[0238.944] SetWindowLongW (hWnd=0x2202d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0238.944] GetWindowLongW (hWnd=0x2202d8, nIndex=-4) returned 1868032000
[0238.944] SetWindowLongW (hWnd=0x2202d8, nIndex=-4, dwNewLong=19949774) returned 1868032000
[0238.944] GetWindowLongW (hWnd=0x2202d8, nIndex=-4) returned 19949774
[0238.944] GetWindowLongW (hWnd=0x2202d8, nIndex=-16) returned 1174470667
[0238.944] GetWindowLongW (hWnd=0x2202d8, nIndex=-12) returned 0
[0238.944] SetWindowLongW (hWnd=0x2202d8, nIndex=-12, dwNewLong=2228952) returned 0
[0238.944] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0238.945] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0238.945] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0238.946] SendMessageW (hWnd=0x2202d8, Msg=0x2055, wParam=0x2202d8, lParam=0x3) returned 0x2
[0238.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0238.946] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0238.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0238.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0238.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0238.946] RedrawWindow (hWnd=0x2002da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0238.947] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0238.947] RedrawWindow (hWnd=0x2002dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0238.947] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0238.947] RedrawWindow (hWnd=0x2202d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0238.947] RedrawWindow (hWnd=0x1602ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0238.947] GetWindow (hWnd=0x2202d8, uCmd=0x3) returned 0x2002dc
[0238.947] GetClientRect (in: hWnd=0x2202d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0238.947] GetWindowRect (in: hWnd=0x2202d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0238.947] GetParent (hWnd=0x2202d8) returned 0x1602ce
[0238.947] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0238.948] SetWindowTextW (hWnd=0x2202d8, lpString="&Details") returned 1
[0238.948] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0238.948] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0238.948] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0238.948] GetClientRect (in: hWnd=0x2202d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0238.948] GetWindowRect (in: hWnd=0x2202d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0238.948] GetParent (hWnd=0x2202d8) returned 0x1602ce
[0238.948] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0238.949] SendMessageW (hWnd=0x2202d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2202d8) returned 0x0
[0238.949] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2202d8) returned 0x0
[0238.949] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0238.949] GetParent (hWnd=0x2202d8) returned 0x1602ce
[0238.949] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0238.950] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.950] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.957] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1602ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1502d0
[0238.957] SetWindowLongW (hWnd=0x1502d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0238.958] GetWindowLongW (hWnd=0x1502d0, nIndex=-4) returned 1868032000
[0238.958] SetWindowLongW (hWnd=0x1502d0, nIndex=-4, dwNewLong=19949534) returned 1868032000
[0238.958] GetWindowLongW (hWnd=0x1502d0, nIndex=-4) returned 19949534
[0238.958] GetWindowLongW (hWnd=0x1502d0, nIndex=-16) returned 1174470667
[0238.958] GetWindowLongW (hWnd=0x1502d0, nIndex=-12) returned 0
[0238.958] SetWindowLongW (hWnd=0x1502d0, nIndex=-12, dwNewLong=1376976) returned 0
[0238.958] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0238.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0238.959] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0238.960] SendMessageW (hWnd=0x1502d0, Msg=0x2055, wParam=0x1502d0, lParam=0x3) returned 0x2
[0238.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0238.960] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0238.960] GetWindow (hWnd=0x1502d0, uCmd=0x3) returned 0x2202d8
[0238.960] GetClientRect (in: hWnd=0x1502d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0238.960] GetWindowRect (in: hWnd=0x1502d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0238.960] GetParent (hWnd=0x1502d0) returned 0x1602ce
[0238.960] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0238.960] SetWindowTextW (hWnd=0x1502d0, lpString="&Continue") returned 1
[0238.960] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0238.961] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0238.961] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0238.961] GetClientRect (in: hWnd=0x1502d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0238.961] GetWindowRect (in: hWnd=0x1502d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0238.961] GetParent (hWnd=0x1502d0) returned 0x1602ce
[0238.961] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0238.961] SendMessageW (hWnd=0x1502d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1502d0) returned 0x0
[0238.961] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1502d0) returned 0x0
[0238.961] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0238.962] GetParent (hWnd=0x1502d0) returned 0x1602ce
[0238.962] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0238.962] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.962] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.962] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1602ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a02c8
[0238.963] SetWindowLongW (hWnd=0x1a02c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0238.963] GetWindowLongW (hWnd=0x1a02c8, nIndex=-4) returned 1868032000
[0238.963] SetWindowLongW (hWnd=0x1a02c8, nIndex=-4, dwNewLong=19948854) returned 1868032000
[0238.963] GetWindowLongW (hWnd=0x1a02c8, nIndex=-4) returned 19948854
[0238.963] GetWindowLongW (hWnd=0x1a02c8, nIndex=-16) returned 1174470667
[0238.963] GetWindowLongW (hWnd=0x1a02c8, nIndex=-12) returned 0
[0238.963] SetWindowLongW (hWnd=0x1a02c8, nIndex=-12, dwNewLong=1704648) returned 0
[0238.963] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0238.964] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0238.964] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0238.965] SendMessageW (hWnd=0x1a02c8, Msg=0x2055, wParam=0x1a02c8, lParam=0x3) returned 0x2
[0238.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0238.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0238.965] GetWindow (hWnd=0x1a02c8, uCmd=0x3) returned 0x1502d0
[0238.965] GetClientRect (in: hWnd=0x1a02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0238.965] GetWindowRect (in: hWnd=0x1a02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0238.965] GetParent (hWnd=0x1a02c8) returned 0x1602ce
[0238.965] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0238.965] SetWindowTextW (hWnd=0x1a02c8, lpString="&Quit") returned 1
[0238.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0238.966] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0238.966] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0238.966] GetClientRect (in: hWnd=0x1a02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0238.966] GetWindowRect (in: hWnd=0x1a02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0238.966] GetParent (hWnd=0x1a02c8) returned 0x1602ce
[0238.966] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0238.966] SendMessageW (hWnd=0x1a02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1a02c8) returned 0x0
[0238.966] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1a02c8) returned 0x0
[0238.966] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0238.967] GetParent (hWnd=0x1a02c8) returned 0x1602ce
[0238.967] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0238.967] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0238.967] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0238.967] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1602ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2002de
[0238.968] SetWindowLongW (hWnd=0x2002de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0238.968] GetWindowLongW (hWnd=0x2002de, nIndex=-4) returned 1868026976
[0238.968] SetWindowLongW (hWnd=0x2002de, nIndex=-4, dwNewLong=19948694) returned 1868026976
[0238.968] GetWindowLongW (hWnd=0x2002de, nIndex=-4) returned 19948694
[0238.968] GetWindowLongW (hWnd=0x2002de, nIndex=-16) returned 1177553092
[0238.968] GetWindowLongW (hWnd=0x2002de, nIndex=-12) returned 0
[0238.968] SetWindowLongW (hWnd=0x2002de, nIndex=-12, dwNewLong=2097886) returned 0
[0238.968] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0238.970] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0238.970] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0238.986] GetWindow (hWnd=0x2002de, uCmd=0x3) returned 0x1a02c8
[0238.986] GetClientRect (in: hWnd=0x2002de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0238.986] GetWindowRect (in: hWnd=0x2002de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0238.986] GetParent (hWnd=0x2002de) returned 0x1602ce
[0238.986] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0238.986] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0238.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0238.986] GetSystemMetrics (nIndex=42) returned 0
[0238.986] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0238.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0238.986] SendMessageW (hWnd=0x2002de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0238.986] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0238.996] SetWindowTextW (hWnd=0x2002de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0238.996] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0xc, wParam=0x0, lParam=0x2e12be0) returned 0x1
[0238.998] GetSystemMetrics (nIndex=5) returned 1
[0238.998] GetSystemMetrics (nIndex=6) returned 1
[0238.998] SendMessageW (hWnd=0x2002de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0238.998] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0238.999] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0239.000] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0239.000] GetClientRect (in: hWnd=0x2002de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0239.000] GetWindowRect (in: hWnd=0x2002de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0239.000] GetParent (hWnd=0x2002de) returned 0x1602ce
[0239.000] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1602ce, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0239.000] SendMessageW (hWnd=0x2002de, Msg=0x2210, wParam=0x2de0001, lParam=0x2002de) returned 0x0
[0239.000] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x2210, wParam=0x2de0001, lParam=0x2002de) returned 0x0
[0239.000] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0239.000] GetParent (hWnd=0x2002de) returned 0x1602ce
[0239.000] GetWindowLongW (hWnd=0x1602ce, nIndex=-8) returned 458844
[0239.000] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0239.000] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0239.000] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xcb0107e6
[0239.001] GetDeviceCaps (hdc=0xcb0107e6, index=12) returned 32
[0239.001] GetDeviceCaps (hdc=0xcb0107e6, index=14) returned 1
[0239.001] DeleteDC (hdc=0xcb0107e6) returned 1
[0239.001] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0239.001] GetWindowThreadProcessId (in: hWnd=0x1602ce, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0239.001] GetCurrentThreadId () returned 0xf50
[0239.001] PostMessageW (hWnd=0x1602ce, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0239.001] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.001] GetSystemMetrics (nIndex=42) returned 0
[0239.001] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0239.001] GdipImageGetFrameDimensionsCount (image=0x6603430, count=0xd7e25c) returned 0x0
[0239.001] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201268
[0239.001] GdipImageGetFrameDimensionsList (image=0x6603430, dimensionIDs=0x1201268*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0239.001] LocalFree (hMem=0x1201268) returned 0x0
[0239.002] GdipImageGetFrameDimensionsCount (image=0x66023c8, count=0xd7e250) returned 0x0
[0239.002] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200ff8
[0239.002] GdipImageGetFrameDimensionsList (image=0x66023c8, dimensionIDs=0x1200ff8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0239.002] LocalFree (hMem=0x1200ff8) returned 0x0
[0239.002] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0239.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0239.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0239.016] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0239.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0239.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0239.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0239.018] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0239.018] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0239.018] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.018] GetSystemMetrics (nIndex=42) returned 0
[0239.018] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0239.018] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0239.018] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0239.018] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0239.018] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0xd0507f8
[0239.018] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0239.018] SaveDC (hdc=0xf0105ee) returned 1
[0239.019] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0239.019] CreateSolidBrush (color=0xf0f0f0) returned 0x771007e1
[0239.019] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0x771007e1) returned 1
[0239.019] DeleteObject (ho=0x771007e1) returned 1
[0239.019] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0239.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0239.019] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0239.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0239.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0239.020] GetStockObject (i=5) returned 0x900015
[0239.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0239.021] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0239.021] GetStockObject (i=5) returned 0x900015
[0239.021] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0239.021] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0239.021] GetStockObject (i=5) returned 0x900015
[0239.021] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0239.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0239.021] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0239.021] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0239.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0239.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0239.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0239.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0239.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0239.023] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0239.023] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0239.023] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.024] InvalidateRect (hWnd=0x2202d8, lpRect=0x0, bErase=0) returned 1
[0239.024] GetFocus () returned 0x1602ce
[0239.024] GetFocus () returned 0x1602ce
[0239.024] SetFocus (hWnd=0x2202d8) returned 0x1602ce
[0239.025] GetFocus () returned 0x2202d8
[0239.025] IsChild (hWndParent=0x1602ce, hWnd=0x2202d8) returned 1
[0239.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x8, wParam=0x2202d8, lParam=0x0) returned 0x0
[0239.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0239.028] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0239.034] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0239.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x7, wParam=0x1602ce, lParam=0x0) returned 0x0
[0239.034] GetStockObject (i=5) returned 0x900015
[0239.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0239.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0239.034] GetDlgItem (hDlg=0x1602ce, nIDDlgItem=2228952) returned 0x2202d8
[0239.034] SendMessageW (hWnd=0x2202d8, Msg=0x202b, wParam=0x2202d8, lParam=0xd7e0dc) returned 0x0
[0239.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x202b, wParam=0x2202d8, lParam=0xd7e0dc) returned 0x0
[0239.034] InvalidateRect (hWnd=0x2202d8, lpRect=0x0, bErase=0) returned 1
[0239.036] GetFocus () returned 0x2202d8
[0239.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.036] IsWindowUnicode (hWnd=0x1602ce) returned 1
[0239.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0239.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.037] IsWindowUnicode (hWnd=0x1602ce) returned 1
[0239.037] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.037] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.037] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.037] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0239.037] IsWindowUnicode (hWnd=0x1602ce) returned 1
[0239.037] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.037] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.037] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.038] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.038] IsWindowUnicode (hWnd=0x602c4) returned 1
[0239.038] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.038] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.038] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.038] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0239.038] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0239.038] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.038] IsWindowUnicode (hWnd=0x1602ce) returned 1
[0239.038] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.039] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.039] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.039] BeginPaint (in: hWnd=0x1602ce, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0239.039] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.039] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.039] GetSystemMetrics (nIndex=42) returned 0
[0239.039] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0239.039] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.039] EndPaint (hWnd=0x1602ce, lpPaint=0xd7e274) returned 1
[0239.039] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.039] IsWindowUnicode (hWnd=0x2002da) returned 1
[0239.039] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.040] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.040] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.040] BeginPaint (in: hWnd=0x2002da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0239.040] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.040] CreateCompatibleDC (hdc=0xc0107c5) returned 0xfb010801
[0239.040] SelectObject (hdc=0xfb010801, h=0x4a0507fe) returned 0x85000f
[0239.040] GdipCreateFromHDC (hdc=0xfb010801, graphics=0xd7e2b0) returned 0x0
[0239.040] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.040] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0239.040] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0239.040] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0239.040] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e310) returned 0x0
[0239.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.040] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0239.040] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.040] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0239.041] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0239.041] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0239.041] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0239.041] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0239.041] GetWindowTextLengthW (hWnd=0x2002da) returned 0
[0239.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0239.041] GetSystemMetrics (nIndex=42) returned 0
[0239.041] GetWindowTextW (in: hWnd=0x2002da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0239.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0239.041] GetClientRect (in: hWnd=0x2002da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0239.041] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0239.041] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0239.041] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0239.041] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0239.041] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e164) returned 0x0
[0239.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.041] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0239.041] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.041] GdipCombineRegionRegion (region=0x6646178, region2=0x6645fc8, combineMode=0x1) returned 0x0
[0239.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.041] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0239.041] LocalFree (hMem=0x11ee788) returned 0x0
[0239.041] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0239.041] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0239.042] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0239.042] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0239.042] GdipDeleteRegion (region=0x6646178) returned 0x0
[0239.042] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0239.042] GetCurrentObject (hdc=0xfb010801, type=0x1) returned 0xb00017
[0239.042] GetCurrentObject (hdc=0xfb010801, type=0x2) returned 0x900010
[0239.042] GetCurrentObject (hdc=0xfb010801, type=0x7) returned 0x4a0507fe
[0239.042] GetCurrentObject (hdc=0xfb010801, type=0x6) returned 0x8a01c2
[0239.042] SaveDC (hdc=0xfb010801) returned 1
[0239.042] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f040807
[0239.042] GetClipRgn (hdc=0xfb010801, hrgn=0x1f040807) returned 0
[0239.042] SelectClipRgn (hdc=0xfb010801, hrgn=0xb20407de) returned 2
[0239.042] DeleteObject (ho=0x1f040807) returned 1
[0239.042] DeleteObject (ho=0xb20407de) returned 1
[0239.042] OffsetViewportOrgEx (in: hdc=0xfb010801, x=0, y=0, lppt=0x2e18740 | out: lppt=0x2e18740) returned 1
[0239.042] GetNearestColor (hdc=0xfb010801, color=0xf0f0f0) returned 0xf0f0f0
[0239.042] CreateSolidBrush (color=0xf0f0f0) returned 0x781007e1
[0239.042] FillRect (hDC=0xfb010801, lprc=0xd7e198, hbr=0x781007e1) returned 1
[0239.042] DeleteObject (ho=0x781007e1) returned 1
[0239.043] RestoreDC (hdc=0xfb010801, nSavedDC=-1) returned 1
[0239.043] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010801) returned 0x0
[0239.043] GdipRestoreGraphics (graphics=0x6600030, state=0xf8d60dbd) returned 0x0
[0239.043] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.043] GetWindowTextLengthW (hWnd=0x2002da) returned 0
[0239.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0239.043] GetSystemMetrics (nIndex=42) returned 0
[0239.043] GetWindowTextW (in: hWnd=0x2002da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0239.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0239.043] GdipGetImageWidth (image=0x6603430, width=0xd7e1e0) returned 0x0
[0239.043] GdipGetImageHeight (image=0x6603430, height=0xd7e1e0) returned 0x0
[0239.043] GdipGetImageWidth (image=0x6603430, width=0xd7e1cc) returned 0x0
[0239.043] GdipGetImageHeight (image=0x6603430, height=0xd7e1cc) returned 0x0
[0239.043] GdipDrawImageRectI (graphics=0x6600030, image=0x6603430, x=16, y=16, width=32, height=32) returned 0x0
[0239.043] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0239.043] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0xfb010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.043] GdipReleaseDC (graphics=0x6600030, hdc=0xfb010801) returned 0x0
[0239.043] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.043] SelectObject (hdc=0xfb010801, h=0x85000f) returned 0x4a0507fe
[0239.043] DeleteDC (hdc=0xfb010801) returned 1
[0239.044] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.044] EndPaint (hWnd=0x2002da, lpPaint=0xd7e294) returned 1
[0239.044] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.044] IsWindowUnicode (hWnd=0x2002dc) returned 1
[0239.044] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.044] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.044] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.044] BeginPaint (in: hWnd=0x2002dc, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0239.045] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.045] CreateCompatibleDC (hdc=0xf0105ee) returned 0xfd010801
[0239.045] GetObjectType (h=0xf0105ee) returned 0x3
[0239.045] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0xffffffffd70507e6
[0239.045] GetDIBits (in: hdc=0xf0105ee, hbm=0xd70507e6, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0239.045] GetDIBits (in: hdc=0xf0105ee, hbm=0xd70507e6, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0239.045] DeleteObject (ho=0xd70507e6) returned 1
[0239.045] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x71050781
[0239.045] SelectObject (hdc=0xfd010801, h=0x71050781) returned 0x85000f
[0239.045] GdipCreateFromHDC (hdc=0xfd010801, graphics=0xd7e234) returned 0x0
[0239.046] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.046] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0239.046] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0239.046] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0239.046] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2d4) returned 0x0
[0239.046] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0239.046] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea60) returned 0x0
[0239.046] LocalFree (hMem=0x11eea60) returned 0x0
[0239.046] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0239.046] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0239.046] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0239.046] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0239.046] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0239.046] GetWindowTextLengthW (hWnd=0x2002dc) returned 232
[0239.046] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0239.046] GetSystemMetrics (nIndex=42) returned 0
[0239.046] GetWindowTextW (in: hWnd=0x2002dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0239.046] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0239.046] GetClientRect (in: hWnd=0x2002dc, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0239.046] GdipCreateRegion (region=0xd7e110) returned 0x0
[0239.046] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0239.046] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0239.047] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0239.047] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e128) returned 0x0
[0239.047] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0239.047] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea28) returned 0x0
[0239.047] LocalFree (hMem=0x11eea28) returned 0x0
[0239.047] GdipCombineRegionRegion (region=0x6645758, region2=0x6645248, combineMode=0x1) returned 0x0
[0239.047] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0239.047] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea60) returned 0x0
[0239.047] LocalFree (hMem=0x11eea60) returned 0x0
[0239.047] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0239.047] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e150) returned 0x0
[0239.047] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e140) returned 0x0
[0239.047] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0239.047] GdipDeleteRegion (region=0x6645758) returned 0x0
[0239.047] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0239.047] GetCurrentObject (hdc=0xfd010801, type=0x1) returned 0xb00017
[0239.047] GetCurrentObject (hdc=0xfd010801, type=0x2) returned 0x900010
[0239.047] GetCurrentObject (hdc=0xfd010801, type=0x7) returned 0x71050781
[0239.047] GetCurrentObject (hdc=0xfd010801, type=0x6) returned 0x8a01c2
[0239.047] SaveDC (hdc=0xfd010801) returned 1
[0239.047] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb30407de
[0239.048] GetClipRgn (hdc=0xfd010801, hrgn=0xb30407de) returned 0
[0239.048] SelectClipRgn (hdc=0xfd010801, hrgn=0x20040807) returned 2
[0239.048] DeleteObject (ho=0xb30407de) returned 1
[0239.048] DeleteObject (ho=0x20040807) returned 1
[0239.048] OffsetViewportOrgEx (in: hdc=0xfd010801, x=0, y=0, lppt=0x2e1a108 | out: lppt=0x2e1a108) returned 1
[0239.048] GetNearestColor (hdc=0xfd010801, color=0xf0f0f0) returned 0xf0f0f0
[0239.048] CreateSolidBrush (color=0xf0f0f0) returned 0x791007e1
[0239.048] FillRect (hDC=0xfd010801, lprc=0xd7e15c, hbr=0x791007e1) returned 1
[0239.049] DeleteObject (ho=0x791007e1) returned 1
[0239.049] RestoreDC (hdc=0xfd010801, nSavedDC=-1) returned 1
[0239.049] GdipReleaseDC (graphics=0x6600030, hdc=0xfd010801) returned 0x0
[0239.049] GdipRestoreGraphics (graphics=0x6600030, state=0xf8d40dbd) returned 0x0
[0239.049] GdipDeleteRegion (region=0x6645248) returned 0x0
[0239.049] GetWindowTextLengthW (hWnd=0x2002dc) returned 232
[0239.049] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0239.049] GetSystemMetrics (nIndex=42) returned 0
[0239.049] GetWindowTextW (in: hWnd=0x2002dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0239.049] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0239.049] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0239.049] GetCurrentObject (hdc=0xfd010801, type=0x1) returned 0xb00017
[0239.049] GetCurrentObject (hdc=0xfd010801, type=0x2) returned 0x900010
[0239.049] GetCurrentObject (hdc=0xfd010801, type=0x7) returned 0x71050781
[0239.049] GetCurrentObject (hdc=0xfd010801, type=0x6) returned 0x8a01c2
[0239.050] SaveDC (hdc=0xfd010801) returned 1
[0239.050] GetNearestColor (hdc=0xfd010801, color=0x0) returned 0x0
[0239.050] RestoreDC (hdc=0xfd010801, nSavedDC=-1) returned 1
[0239.050] GdipReleaseDC (graphics=0x6600030, hdc=0xfd010801) returned 0x0
[0239.050] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0239.050] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0239.050] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e1a904 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0239.051] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0239.051] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0239.051] GetCurrentObject (hdc=0xfd010801, type=0x1) returned 0xb00017
[0239.051] GetCurrentObject (hdc=0xfd010801, type=0x2) returned 0x900010
[0239.051] GetCurrentObject (hdc=0xfd010801, type=0x7) returned 0x71050781
[0239.051] GetCurrentObject (hdc=0xfd010801, type=0x6) returned 0x8a01c2
[0239.051] SaveDC (hdc=0xfd010801) returned 1
[0239.051] GetTextAlign (hdc=0xfd010801) returned 0x0
[0239.051] GetTextColor (hdc=0xfd010801) returned 0x0
[0239.051] GetCurrentObject (hdc=0xfd010801, type=0x6) returned 0x8a01c2
[0239.051] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0239.051] SelectObject (hdc=0xfd010801, h=0x6d0a0520) returned 0x8a01c2
[0239.051] GetBkMode (hdc=0xfd010801) returned 2
[0239.051] SetBkMode (hdc=0xfd010801, mode=1) returned 2
[0239.051] DrawTextExW (in: hdc=0xfd010801, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e1ab28 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0239.054] RestoreDC (hdc=0xfd010801, nSavedDC=-1) returned 1
[0239.054] GdipReleaseDC (graphics=0x6600030, hdc=0xfd010801) returned 0x0
[0239.054] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0239.054] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0xfd010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.054] GdipReleaseDC (graphics=0x6600030, hdc=0xfd010801) returned 0x0
[0239.054] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.054] SelectObject (hdc=0xfd010801, h=0x85000f) returned 0x71050781
[0239.054] DeleteDC (hdc=0xfd010801) returned 1
[0239.054] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.054] DeleteObject (ho=0x71050781) returned 1
[0239.055] EndPaint (hWnd=0x2002dc, lpPaint=0xd7e258) returned 1
[0239.055] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.056] IsWindowUnicode (hWnd=0x2202d8) returned 1
[0239.056] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.056] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.056] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.057] BeginPaint (in: hWnd=0x2202d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0239.058] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.058] CreateCompatibleDC (hdc=0x60100ce) returned 0xd90107e6
[0239.058] SelectObject (hdc=0xd90107e6, h=0x4a0507fe) returned 0x85000f
[0239.058] GdipCreateFromHDC (hdc=0xd90107e6, graphics=0xd7e268) returned 0x0
[0239.058] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.058] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0239.058] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0239.058] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0239.058] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2c8) returned 0x0
[0239.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0239.058] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0239.059] LocalFree (hMem=0x11eea98) returned 0x0
[0239.059] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0239.059] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0239.059] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0239.059] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0239.059] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0239.059] GdipRestoreGraphics (graphics=0x6600030, state=0xf8d20dbd) returned 0x0
[0239.059] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.059] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0239.059] GetCurrentObject (hdc=0xd90107e6, type=0x1) returned 0xb00017
[0239.059] GetCurrentObject (hdc=0xd90107e6, type=0x2) returned 0x900010
[0239.059] GetCurrentObject (hdc=0xd90107e6, type=0x7) returned 0x4a0507fe
[0239.059] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.059] SaveDC (hdc=0xd90107e6) returned 1
[0239.059] GetNearestColor (hdc=0xd90107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0xa0a0a0) returned 0xa0a0a0
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0x696969) returned 0x696969
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0xa0a0a0) returned 0xa0a0a0
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0x0) returned 0x0
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0xffffff) returned 0xffffff
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0xe5e5e5) returned 0xe5e5e5
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0xd7d7d7) returned 0xd7d7d7
[0239.065] GetNearestColor (hdc=0xd90107e6, color=0x0) returned 0x0
[0239.065] RestoreDC (hdc=0xd90107e6, nSavedDC=-1) returned 1
[0239.065] GdipReleaseDC (graphics=0x6600030, hdc=0xd90107e6) returned 0x0
[0239.065] IsAppThemed () returned 0x1
[0239.065] GetThemeAppProperties () returned 0x3
[0239.065] GetThemeAppProperties () returned 0x3
[0239.065] GdipGetImageWidth (image=0x66023c8, width=0xd7e168) returned 0x0
[0239.065] GdipGetImageHeight (image=0x66023c8, height=0xd7e168) returned 0x0
[0239.066] IsAppThemed () returned 0x1
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e1b278 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0239.066] IsAppThemed () returned 0x1
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] IsAppThemed () returned 0x1
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] GetFocus () returned 0x2202d8
[0239.066] IsAppThemed () returned 0x1
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] IsAppThemed () returned 0x1
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] GetThemeAppProperties () returned 0x3
[0239.066] IsThemePartDefined () returned 0x1
[0239.066] IsAppThemed () returned 0x1
[0239.067] GetThemeAppProperties () returned 0x3
[0239.067] GetThemeAppProperties () returned 0x3
[0239.067] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0239.067] IsAppThemed () returned 0x1
[0239.067] GetThemeAppProperties () returned 0x3
[0239.067] GetThemeAppProperties () returned 0x3
[0239.067] IsAppThemed () returned 0x1
[0239.067] GetThemeAppProperties () returned 0x3
[0239.067] GetThemeAppProperties () returned 0x3
[0239.067] IsThemePartDefined () returned 0x1
[0239.067] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0239.067] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0239.067] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0239.067] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0239.067] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0239.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0239.067] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0239.067] LocalFree (hMem=0x11eec58) returned 0x0
[0239.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.067] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0239.067] LocalFree (hMem=0x11ee788) returned 0x0
[0239.067] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0239.068] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e018) returned 0x0
[0239.068] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e008) returned 0x0
[0239.068] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0239.068] GdipDeleteRegion (region=0x6645368) returned 0x0
[0239.068] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0239.068] GetCurrentObject (hdc=0xd90107e6, type=0x1) returned 0xb00017
[0239.068] GetCurrentObject (hdc=0xd90107e6, type=0x2) returned 0x900010
[0239.068] GetCurrentObject (hdc=0xd90107e6, type=0x7) returned 0x4a0507fe
[0239.068] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.068] SaveDC (hdc=0xd90107e6) returned 1
[0239.068] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x21040807
[0239.068] GetClipRgn (hdc=0xd90107e6, hrgn=0x21040807) returned 0
[0239.068] SelectClipRgn (hdc=0xd90107e6, hrgn=0xb70407de) returned 2
[0239.068] DeleteObject (ho=0x21040807) returned 1
[0239.068] DeleteObject (ho=0xb70407de) returned 1
[0239.068] OffsetViewportOrgEx (in: hdc=0xd90107e6, x=0, y=0, lppt=0x2e1b928 | out: lppt=0x2e1b928) returned 1
[0239.068] DrawThemeParentBackground () returned 0x0
[0239.069] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0239.069] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0239.069] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.069] GetSystemMetrics (nIndex=42) returned 0
[0239.069] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0239.069] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0239.069] GetCurrentObject (hdc=0xd90107e6, type=0x1) returned 0xb00017
[0239.069] GetCurrentObject (hdc=0xd90107e6, type=0x2) returned 0x900010
[0239.069] GetCurrentObject (hdc=0xd90107e6, type=0x7) returned 0x4a0507fe
[0239.069] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.069] SaveDC (hdc=0xd90107e6) returned 2
[0239.069] GetNearestColor (hdc=0xd90107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.069] CreateSolidBrush (color=0xf0f0f0) returned 0x7a1007e1
[0239.069] FillRect (hDC=0xd90107e6, lprc=0xd7da38, hbr=0x7a1007e1) returned 1
[0239.069] DeleteObject (ho=0x7a1007e1) returned 1
[0239.069] RestoreDC (hdc=0xd90107e6, nSavedDC=-1) returned 1
[0239.069] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.070] GetSystemMetrics (nIndex=42) returned 0
[0239.070] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0239.070] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0239.070] GetCurrentObject (hdc=0xd90107e6, type=0x1) returned 0xb00017
[0239.070] GetCurrentObject (hdc=0xd90107e6, type=0x2) returned 0x900010
[0239.070] GetCurrentObject (hdc=0xd90107e6, type=0x7) returned 0x4a0507fe
[0239.070] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.070] SaveDC (hdc=0xd90107e6) returned 2
[0239.070] GetNearestColor (hdc=0xd90107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.070] CreateSolidBrush (color=0xf0f0f0) returned 0x7b1007e1
[0239.070] FillRect (hDC=0xd90107e6, lprc=0xd7d9d8, hbr=0x7b1007e1) returned 1
[0239.070] DeleteObject (ho=0x7b1007e1) returned 1
[0239.070] RestoreDC (hdc=0xd90107e6, nSavedDC=-1) returned 1
[0239.070] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.070] GetSystemMetrics (nIndex=42) returned 0
[0239.070] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0239.071] RestoreDC (hdc=0xd90107e6, nSavedDC=-1) returned 1
[0239.071] GdipReleaseDC (graphics=0x6600030, hdc=0xd90107e6) returned 0x0
[0239.071] IsAppThemed () returned 0x1
[0239.071] GetThemeAppProperties () returned 0x3
[0239.071] GetThemeAppProperties () returned 0x3
[0239.071] IsAppThemed () returned 0x1
[0239.071] GetThemeAppProperties () returned 0x3
[0239.071] GetThemeAppProperties () returned 0x3
[0239.071] IsThemePartDefined () returned 0x1
[0239.071] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0239.071] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0239.071] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0239.071] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0239.071] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df74) returned 0x0
[0239.071] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0239.071] LocalFree (hMem=0x11eec58) returned 0x0
[0239.071] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0239.071] LocalFree (hMem=0x11ee868) returned 0x0
[0239.071] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0239.071] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0239.071] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0239.071] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0239.072] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0239.072] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0239.072] GetCurrentObject (hdc=0xd90107e6, type=0x1) returned 0xb00017
[0239.072] GetCurrentObject (hdc=0xd90107e6, type=0x2) returned 0x900010
[0239.072] GetCurrentObject (hdc=0xd90107e6, type=0x7) returned 0x4a0507fe
[0239.072] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.072] SaveDC (hdc=0xd90107e6) returned 1
[0239.072] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb80407de
[0239.072] GetClipRgn (hdc=0xd90107e6, hrgn=0xb80407de) returned 0
[0239.072] SelectClipRgn (hdc=0xd90107e6, hrgn=0x23040807) returned 2
[0239.072] DeleteObject (ho=0xb80407de) returned 1
[0239.072] DeleteObject (ho=0x23040807) returned 1
[0239.072] OffsetViewportOrgEx (in: hdc=0xd90107e6, x=0, y=0, lppt=0x2e1c1d4 | out: lppt=0x2e1c1d4) returned 1
[0239.072] IsAppThemed () returned 0x1
[0239.072] GetThemeAppProperties () returned 0x3
[0239.072] GetThemeAppProperties () returned 0x3
[0239.072] DrawThemeBackground () returned 0x0
[0239.072] RestoreDC (hdc=0xd90107e6, nSavedDC=-1) returned 1
[0239.072] GdipReleaseDC (graphics=0x6600030, hdc=0xd90107e6) returned 0x0
[0239.072] GdipCreateRegion (region=0xd7df60) returned 0x0
[0239.073] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0239.073] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0239.073] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0239.073] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0239.073] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0239.073] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0239.073] LocalFree (hMem=0x11eec58) returned 0x0
[0239.073] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.073] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0239.073] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.073] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0239.073] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0239.073] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df90) returned 0x0
[0239.073] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0239.073] GdipDeleteRegion (region=0x6645248) returned 0x0
[0239.073] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0239.073] GetCurrentObject (hdc=0xd90107e6, type=0x1) returned 0xb00017
[0239.073] GetCurrentObject (hdc=0xd90107e6, type=0x2) returned 0x900010
[0239.073] GetCurrentObject (hdc=0xd90107e6, type=0x7) returned 0x4a0507fe
[0239.073] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.074] SaveDC (hdc=0xd90107e6) returned 1
[0239.074] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x24040807
[0239.074] GetClipRgn (hdc=0xd90107e6, hrgn=0x24040807) returned 0
[0239.074] SelectClipRgn (hdc=0xd90107e6, hrgn=0xb90407de) returned 2
[0239.074] DeleteObject (ho=0x24040807) returned 1
[0239.074] DeleteObject (ho=0xb90407de) returned 1
[0239.074] OffsetViewportOrgEx (in: hdc=0xd90107e6, x=0, y=0, lppt=0x2e1c4a8 | out: lppt=0x2e1c4a8) returned 1
[0239.074] IsAppThemed () returned 0x1
[0239.074] GetThemeAppProperties () returned 0x3
[0239.074] GetThemeAppProperties () returned 0x3
[0239.074] GetThemeBackgroundContentRect () returned 0x0
[0239.074] RestoreDC (hdc=0xd90107e6, nSavedDC=-1) returned 1
[0239.074] GdipReleaseDC (graphics=0x6600030, hdc=0xd90107e6) returned 0x0
[0239.074] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0239.074] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0239.074] GdipCloneRegion (region=0x6645ab8, cloneRegion=0xd7e150) returned 0x0
[0239.074] GdipCombineRegionRectI (region=0x6645758, rect=0xd7e138, combineMode=0x1) returned 0x0
[0239.074] GdipCombineRegionRectI (region=0x6645758, rect=0xd7e138, combineMode=0x1) returned 0x0
[0239.074] GdipSetClipRegion (graphics=0x6600030, region=0x6645758, combineMode=0x0) returned 0x0
[0239.074] GdipGetImageWidth (image=0x66023c8, width=0xd7e154) returned 0x0
[0239.074] GdipGetImageHeight (image=0x66023c8, height=0xd7e148) returned 0x0
[0239.075] GdipDrawImageRectI (graphics=0x6600030, image=0x66023c8, x=4, y=4, width=16, height=16) returned 0x0
[0239.075] GdipSetClipRegion (graphics=0x6600030, region=0x6645ab8, combineMode=0x0) returned 0x0
[0239.075] IsAppThemed () returned 0x1
[0239.075] GetThemeAppProperties () returned 0x3
[0239.075] GetThemeAppProperties () returned 0x3
[0239.075] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0239.075] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0239.075] GetCurrentObject (hdc=0xd90107e6, type=0x1) returned 0xb00017
[0239.075] GetCurrentObject (hdc=0xd90107e6, type=0x2) returned 0x900010
[0239.075] GetCurrentObject (hdc=0xd90107e6, type=0x7) returned 0x4a0507fe
[0239.085] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.085] SaveDC (hdc=0xd90107e6) returned 1
[0239.085] GetTextAlign (hdc=0xd90107e6) returned 0x0
[0239.085] GetTextColor (hdc=0xd90107e6) returned 0x0
[0239.085] GetCurrentObject (hdc=0xd90107e6, type=0x6) returned 0x8a01c2
[0239.085] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0239.085] SelectObject (hdc=0xd90107e6, h=0x6d0a0520) returned 0x8a01c2
[0239.085] GetBkMode (hdc=0xd90107e6) returned 2
[0239.085] SetBkMode (hdc=0xd90107e6, mode=1) returned 2
[0239.085] DrawTextExW (in: hdc=0xd90107e6, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e1c868 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0239.085] DrawTextExW (in: hdc=0xd90107e6, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e1c868 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0239.086] RestoreDC (hdc=0xd90107e6, nSavedDC=-1) returned 1
[0239.086] GdipReleaseDC (graphics=0x6600030, hdc=0xd90107e6) returned 0x0
[0239.086] GetFocus () returned 0x2202d8
[0239.086] IsAppThemed () returned 0x1
[0239.086] GetThemeAppProperties () returned 0x3
[0239.086] GetThemeAppProperties () returned 0x3
[0239.086] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0239.086] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xd90107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.086] GdipReleaseDC (graphics=0x6600030, hdc=0xd90107e6) returned 0x0
[0239.086] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.086] SelectObject (hdc=0xd90107e6, h=0x85000f) returned 0x4a0507fe
[0239.086] DeleteDC (hdc=0xd90107e6) returned 1
[0239.086] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.086] EndPaint (hWnd=0x2202d8, lpPaint=0xd7e24c) returned 1
[0239.087] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.087] IsWindowUnicode (hWnd=0x1502d0) returned 1
[0239.087] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.087] SetCursor (hCursor=0x10003) returned 0x10003
[0239.087] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.087] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.087] _TrackMouseEvent (in: lpEventTrack=0x2e1c964 | out: lpEventTrack=0x2e1c964) returned 1
[0239.087] SendMessageW (hWnd=0x1502d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0239.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0239.087] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.088] GetKeyState (nVirtKey=1) returned 0
[0239.088] GetKeyState (nVirtKey=2) returned 0
[0239.088] GetKeyState (nVirtKey=4) returned 0
[0239.088] GetKeyState (nVirtKey=5) returned 0
[0239.088] GetKeyState (nVirtKey=6) returned 0
[0239.088] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.088] IsWindowUnicode (hWnd=0x1502d0) returned 1
[0239.088] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.088] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.088] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.088] BeginPaint (in: hWnd=0x1502d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0239.088] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.088] CreateCompatibleDC (hdc=0x107b9) returned 0xdb0107e6
[0239.088] SelectObject (hdc=0xdb0107e6, h=0x4a0507fe) returned 0x85000f
[0239.088] GdipCreateFromHDC (hdc=0xdb0107e6, graphics=0xd7e268) returned 0x0
[0239.089] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.089] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0239.089] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0239.089] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0239.089] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0239.089] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.089] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0239.089] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.089] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0239.089] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0239.089] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0239.089] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0239.089] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0239.089] GdipRestoreGraphics (graphics=0x6600030, state=0xf8d00dbd) returned 0x0
[0239.089] GdipDeleteRegion (region=0x6645248) returned 0x0
[0239.089] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0239.089] GetCurrentObject (hdc=0xdb0107e6, type=0x1) returned 0xb00017
[0239.089] GetCurrentObject (hdc=0xdb0107e6, type=0x2) returned 0x900010
[0239.090] GetCurrentObject (hdc=0xdb0107e6, type=0x7) returned 0x4a0507fe
[0239.090] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.090] SaveDC (hdc=0xdb0107e6) returned 1
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0x696969) returned 0x696969
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0x0) returned 0x0
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0xffffff) returned 0xffffff
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0239.090] GetNearestColor (hdc=0xdb0107e6, color=0x0) returned 0x0
[0239.090] RestoreDC (hdc=0xdb0107e6, nSavedDC=-1) returned 1
[0239.090] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0107e6) returned 0x0
[0239.090] IsAppThemed () returned 0x1
[0239.091] GetThemeAppProperties () returned 0x3
[0239.091] GetThemeAppProperties () returned 0x3
[0239.091] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0239.091] SendMessageW (hWnd=0x1602ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0239.091] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0239.091] IsAppThemed () returned 0x1
[0239.091] GetThemeAppProperties () returned 0x3
[0239.091] GetThemeAppProperties () returned 0x3
[0239.091] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e1d0d0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0239.092] IsAppThemed () returned 0x1
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] IsAppThemed () returned 0x1
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] IsAppThemed () returned 0x1
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] IsAppThemed () returned 0x1
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] IsThemePartDefined () returned 0x1
[0239.092] IsAppThemed () returned 0x1
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0239.092] IsAppThemed () returned 0x1
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] IsAppThemed () returned 0x1
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] GetThemeAppProperties () returned 0x3
[0239.092] IsThemePartDefined () returned 0x1
[0239.092] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0239.093] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0239.093] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0239.093] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0239.093] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfe4) returned 0x0
[0239.093] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.093] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0239.093] LocalFree (hMem=0x11ee788) returned 0x0
[0239.093] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0239.093] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0239.093] LocalFree (hMem=0x11ee8d8) returned 0x0
[0239.093] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0239.093] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0239.093] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0239.093] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0239.093] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.093] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0239.093] GetCurrentObject (hdc=0xdb0107e6, type=0x1) returned 0xb00017
[0239.093] GetCurrentObject (hdc=0xdb0107e6, type=0x2) returned 0x900010
[0239.093] GetCurrentObject (hdc=0xdb0107e6, type=0x7) returned 0x4a0507fe
[0239.093] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.093] SaveDC (hdc=0xdb0107e6) returned 1
[0239.093] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xba0407de
[0239.094] GetClipRgn (hdc=0xdb0107e6, hrgn=0xba0407de) returned 0
[0239.094] SelectClipRgn (hdc=0xdb0107e6, hrgn=0x28040807) returned 2
[0239.094] DeleteObject (ho=0xba0407de) returned 1
[0239.094] DeleteObject (ho=0x28040807) returned 1
[0239.094] OffsetViewportOrgEx (in: hdc=0xdb0107e6, x=0, y=0, lppt=0x2e1d780 | out: lppt=0x2e1d780) returned 1
[0239.094] DrawThemeParentBackground () returned 0x0
[0239.094] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0239.094] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0239.094] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.094] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.094] GetSystemMetrics (nIndex=42) returned 0
[0239.094] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.094] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0239.094] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0239.094] GetCurrentObject (hdc=0xdb0107e6, type=0x1) returned 0xb00017
[0239.094] GetCurrentObject (hdc=0xdb0107e6, type=0x2) returned 0x900010
[0239.094] GetCurrentObject (hdc=0xdb0107e6, type=0x7) returned 0x4a0507fe
[0239.094] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.094] SaveDC (hdc=0xdb0107e6) returned 2
[0239.095] GetNearestColor (hdc=0xdb0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.095] CreateSolidBrush (color=0xf0f0f0) returned 0x7c1007e1
[0239.095] FillRect (hDC=0xdb0107e6, lprc=0xd7da30, hbr=0x7c1007e1) returned 1
[0239.095] DeleteObject (ho=0x7c1007e1) returned 1
[0239.095] RestoreDC (hdc=0xdb0107e6, nSavedDC=-1) returned 1
[0239.095] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.095] GetSystemMetrics (nIndex=42) returned 0
[0239.095] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0239.095] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0239.095] GetCurrentObject (hdc=0xdb0107e6, type=0x1) returned 0xb00017
[0239.095] GetCurrentObject (hdc=0xdb0107e6, type=0x2) returned 0x900010
[0239.095] GetCurrentObject (hdc=0xdb0107e6, type=0x7) returned 0x4a0507fe
[0239.095] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.095] SaveDC (hdc=0xdb0107e6) returned 2
[0239.095] GetNearestColor (hdc=0xdb0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.095] CreateSolidBrush (color=0xf0f0f0) returned 0x7d1007e1
[0239.095] FillRect (hDC=0xdb0107e6, lprc=0xd7d9d0, hbr=0x7d1007e1) returned 1
[0239.095] DeleteObject (ho=0x7d1007e1) returned 1
[0239.096] RestoreDC (hdc=0xdb0107e6, nSavedDC=-1) returned 1
[0239.096] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.096] GetSystemMetrics (nIndex=42) returned 0
[0239.096] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0239.096] RestoreDC (hdc=0xdb0107e6, nSavedDC=-1) returned 1
[0239.096] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0107e6) returned 0x0
[0239.096] IsAppThemed () returned 0x1
[0239.096] GetThemeAppProperties () returned 0x3
[0239.096] GetThemeAppProperties () returned 0x3
[0239.096] IsAppThemed () returned 0x1
[0239.096] GetThemeAppProperties () returned 0x3
[0239.096] GetThemeAppProperties () returned 0x3
[0239.096] IsThemePartDefined () returned 0x1
[0239.096] GdipCreateRegion (region=0xd7df50) returned 0x0
[0239.096] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0239.096] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0239.096] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0239.096] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0239.096] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0239.097] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0239.097] LocalFree (hMem=0x11ee868) returned 0x0
[0239.097] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0239.097] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0239.097] LocalFree (hMem=0x11eec58) returned 0x0
[0239.097] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0239.097] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df90) returned 0x0
[0239.097] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7df80) returned 0x0
[0239.097] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0239.097] GdipDeleteRegion (region=0x6646178) returned 0x0
[0239.097] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0239.097] GetCurrentObject (hdc=0xdb0107e6, type=0x1) returned 0xb00017
[0239.097] GetCurrentObject (hdc=0xdb0107e6, type=0x2) returned 0x900010
[0239.097] GetCurrentObject (hdc=0xdb0107e6, type=0x7) returned 0x4a0507fe
[0239.097] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.097] SaveDC (hdc=0xdb0107e6) returned 1
[0239.097] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x29040807
[0239.097] GetClipRgn (hdc=0xdb0107e6, hrgn=0x29040807) returned 0
[0239.097] SelectClipRgn (hdc=0xdb0107e6, hrgn=0xbc0407de) returned 2
[0239.098] DeleteObject (ho=0x29040807) returned 1
[0239.098] DeleteObject (ho=0xbc0407de) returned 1
[0239.098] OffsetViewportOrgEx (in: hdc=0xdb0107e6, x=0, y=0, lppt=0x2e1e02c | out: lppt=0x2e1e02c) returned 1
[0239.098] IsAppThemed () returned 0x1
[0239.098] GetThemeAppProperties () returned 0x3
[0239.098] GetThemeAppProperties () returned 0x3
[0239.098] DrawThemeBackground () returned 0x0
[0239.098] RestoreDC (hdc=0xdb0107e6, nSavedDC=-1) returned 1
[0239.098] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0107e6) returned 0x0
[0239.098] GdipCreateRegion (region=0xd7df54) returned 0x0
[0239.098] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0239.098] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0239.098] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0239.098] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df6c) returned 0x0
[0239.098] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.098] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0239.098] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.098] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.098] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0239.098] LocalFree (hMem=0x11ee788) returned 0x0
[0239.099] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0239.099] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0239.099] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0239.099] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0239.099] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.099] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0239.099] GetCurrentObject (hdc=0xdb0107e6, type=0x1) returned 0xb00017
[0239.099] GetCurrentObject (hdc=0xdb0107e6, type=0x2) returned 0x900010
[0239.099] GetCurrentObject (hdc=0xdb0107e6, type=0x7) returned 0x4a0507fe
[0239.099] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.099] SaveDC (hdc=0xdb0107e6) returned 1
[0239.099] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbd0407de
[0239.099] GetClipRgn (hdc=0xdb0107e6, hrgn=0xbd0407de) returned 0
[0239.099] SelectClipRgn (hdc=0xdb0107e6, hrgn=0x2a040807) returned 2
[0239.099] DeleteObject (ho=0xbd0407de) returned 1
[0239.099] DeleteObject (ho=0x2a040807) returned 1
[0239.099] OffsetViewportOrgEx (in: hdc=0xdb0107e6, x=0, y=0, lppt=0x2e1e300 | out: lppt=0x2e1e300) returned 1
[0239.099] IsAppThemed () returned 0x1
[0239.099] GetThemeAppProperties () returned 0x3
[0239.099] GetThemeAppProperties () returned 0x3
[0239.100] GetThemeBackgroundContentRect () returned 0x0
[0239.100] RestoreDC (hdc=0xdb0107e6, nSavedDC=-1) returned 1
[0239.100] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0107e6) returned 0x0
[0239.100] IsAppThemed () returned 0x1
[0239.100] GetThemeAppProperties () returned 0x3
[0239.100] GetThemeAppProperties () returned 0x3
[0239.100] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0239.100] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0239.100] GetCurrentObject (hdc=0xdb0107e6, type=0x1) returned 0xb00017
[0239.100] GetCurrentObject (hdc=0xdb0107e6, type=0x2) returned 0x900010
[0239.100] GetCurrentObject (hdc=0xdb0107e6, type=0x7) returned 0x4a0507fe
[0239.100] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.100] SaveDC (hdc=0xdb0107e6) returned 1
[0239.100] GetTextAlign (hdc=0xdb0107e6) returned 0x0
[0239.100] GetTextColor (hdc=0xdb0107e6) returned 0x0
[0239.100] GetCurrentObject (hdc=0xdb0107e6, type=0x6) returned 0x8a01c2
[0239.100] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0239.100] SelectObject (hdc=0xdb0107e6, h=0x6d0a0520) returned 0x8a01c2
[0239.100] GetBkMode (hdc=0xdb0107e6) returned 2
[0239.101] SetBkMode (hdc=0xdb0107e6, mode=1) returned 2
[0239.101] DrawTextExW (in: hdc=0xdb0107e6, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e1e6a0 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0239.101] DrawTextExW (in: hdc=0xdb0107e6, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e1e6a0 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0239.101] RestoreDC (hdc=0xdb0107e6, nSavedDC=-1) returned 1
[0239.101] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0107e6) returned 0x0
[0239.101] GetFocus () returned 0x2202d8
[0239.101] IsAppThemed () returned 0x1
[0239.101] GetThemeAppProperties () returned 0x3
[0239.101] GetThemeAppProperties () returned 0x3
[0239.102] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0239.102] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xdb0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.102] GdipReleaseDC (graphics=0x6600030, hdc=0xdb0107e6) returned 0x0
[0239.102] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.102] SelectObject (hdc=0xdb0107e6, h=0x85000f) returned 0x4a0507fe
[0239.102] DeleteDC (hdc=0xdb0107e6) returned 1
[0239.102] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.102] EndPaint (hWnd=0x1502d0, lpPaint=0xd7e24c) returned 1
[0239.102] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.102] IsWindowUnicode (hWnd=0x1a02c8) returned 1
[0239.102] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.102] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.103] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.103] BeginPaint (in: hWnd=0x1a02c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0239.103] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.103] CreateCompatibleDC (hdc=0xc0107c5) returned 0xdd0107e6
[0239.103] SelectObject (hdc=0xdd0107e6, h=0x4a0507fe) returned 0x85000f
[0239.103] GdipCreateFromHDC (hdc=0xdd0107e6, graphics=0xd7e268) returned 0x0
[0239.103] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.103] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0239.103] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0239.103] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0239.103] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0239.103] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0239.103] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea28) returned 0x0
[0239.103] LocalFree (hMem=0x11eea28) returned 0x0
[0239.103] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0239.103] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0239.104] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0239.104] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0239.104] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0239.104] GdipRestoreGraphics (graphics=0x6600030, state=0xf8ce0dbd) returned 0x0
[0239.104] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.104] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0239.104] GetCurrentObject (hdc=0xdd0107e6, type=0x1) returned 0xb00017
[0239.104] GetCurrentObject (hdc=0xdd0107e6, type=0x2) returned 0x900010
[0239.104] GetCurrentObject (hdc=0xdd0107e6, type=0x7) returned 0x4a0507fe
[0239.104] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.104] SaveDC (hdc=0xdd0107e6) returned 1
[0239.104] GetNearestColor (hdc=0xdd0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.104] GetNearestColor (hdc=0xdd0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0239.104] GetNearestColor (hdc=0xdd0107e6, color=0x696969) returned 0x696969
[0239.104] GetNearestColor (hdc=0xdd0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0239.104] GetNearestColor (hdc=0xdd0107e6, color=0x0) returned 0x0
[0239.104] GetNearestColor (hdc=0xdd0107e6, color=0xffffff) returned 0xffffff
[0239.104] GetNearestColor (hdc=0xdd0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0239.105] GetNearestColor (hdc=0xdd0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0239.105] GetNearestColor (hdc=0xdd0107e6, color=0x0) returned 0x0
[0239.105] RestoreDC (hdc=0xdd0107e6, nSavedDC=-1) returned 1
[0239.105] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107e6) returned 0x0
[0239.105] IsAppThemed () returned 0x1
[0239.105] GetThemeAppProperties () returned 0x3
[0239.105] GetThemeAppProperties () returned 0x3
[0239.105] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0239.105] SendMessageW (hWnd=0x1602ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0239.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0239.105] IsAppThemed () returned 0x1
[0239.105] GetThemeAppProperties () returned 0x3
[0239.105] GetThemeAppProperties () returned 0x3
[0239.105] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e1eeb0 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0239.105] IsAppThemed () returned 0x1
[0239.105] GetThemeAppProperties () returned 0x3
[0239.105] GetThemeAppProperties () returned 0x3
[0239.105] IsAppThemed () returned 0x1
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] GetFocus () returned 0x2202d8
[0239.106] IsAppThemed () returned 0x1
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] IsAppThemed () returned 0x1
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] IsThemePartDefined () returned 0x1
[0239.106] IsAppThemed () returned 0x1
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0239.106] IsAppThemed () returned 0x1
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] GetThemeAppProperties () returned 0x3
[0239.106] IsAppThemed () returned 0x1
[0239.111] GetThemeAppProperties () returned 0x3
[0239.111] GetThemeAppProperties () returned 0x3
[0239.111] IsThemePartDefined () returned 0x1
[0239.111] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0239.111] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0239.111] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0239.111] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0239.111] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0239.111] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0239.111] LocalFree (hMem=0x11eec58) returned 0x0
[0239.111] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0239.111] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.111] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0239.112] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0239.112] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0239.112] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0239.112] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0239.112] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0239.112] GetCurrentObject (hdc=0xdd0107e6, type=0x1) returned 0xb00017
[0239.112] GetCurrentObject (hdc=0xdd0107e6, type=0x2) returned 0x900010
[0239.112] GetCurrentObject (hdc=0xdd0107e6, type=0x7) returned 0x4a0507fe
[0239.112] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.112] SaveDC (hdc=0xdd0107e6) returned 1
[0239.112] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b040807
[0239.112] GetClipRgn (hdc=0xdd0107e6, hrgn=0x2b040807) returned 0
[0239.112] SelectClipRgn (hdc=0xdd0107e6, hrgn=0xc10407de) returned 2
[0239.112] DeleteObject (ho=0x2b040807) returned 1
[0239.112] DeleteObject (ho=0xc10407de) returned 1
[0239.112] OffsetViewportOrgEx (in: hdc=0xdd0107e6, x=0, y=0, lppt=0x2e1f560 | out: lppt=0x2e1f560) returned 1
[0239.112] DrawThemeParentBackground () returned 0x0
[0239.112] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0239.113] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0239.113] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.113] GetSystemMetrics (nIndex=42) returned 0
[0239.113] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0239.113] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0239.113] GetCurrentObject (hdc=0xdd0107e6, type=0x1) returned 0xb00017
[0239.113] GetCurrentObject (hdc=0xdd0107e6, type=0x2) returned 0x900010
[0239.113] GetCurrentObject (hdc=0xdd0107e6, type=0x7) returned 0x4a0507fe
[0239.113] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.113] SaveDC (hdc=0xdd0107e6) returned 2
[0239.113] GetNearestColor (hdc=0xdd0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.113] CreateSolidBrush (color=0xf0f0f0) returned 0x7e1007e1
[0239.113] FillRect (hDC=0xdd0107e6, lprc=0xd7da38, hbr=0x7e1007e1) returned 1
[0239.113] DeleteObject (ho=0x7e1007e1) returned 1
[0239.113] RestoreDC (hdc=0xdd0107e6, nSavedDC=-1) returned 1
[0239.113] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.113] GetSystemMetrics (nIndex=42) returned 0
[0239.113] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0239.114] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0239.114] GetCurrentObject (hdc=0xdd0107e6, type=0x1) returned 0xb00017
[0239.114] GetCurrentObject (hdc=0xdd0107e6, type=0x2) returned 0x900010
[0239.114] GetCurrentObject (hdc=0xdd0107e6, type=0x7) returned 0x4a0507fe
[0239.114] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.114] SaveDC (hdc=0xdd0107e6) returned 2
[0239.114] GetNearestColor (hdc=0xdd0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0239.114] CreateSolidBrush (color=0xf0f0f0) returned 0x7f1007e1
[0239.114] FillRect (hDC=0xdd0107e6, lprc=0xd7d9d8, hbr=0x7f1007e1) returned 1
[0239.114] DeleteObject (ho=0x7f1007e1) returned 1
[0239.114] RestoreDC (hdc=0xdd0107e6, nSavedDC=-1) returned 1
[0239.114] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.114] GetSystemMetrics (nIndex=42) returned 0
[0239.114] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0239.114] RestoreDC (hdc=0xdd0107e6, nSavedDC=-1) returned 1
[0239.114] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107e6) returned 0x0
[0239.115] IsAppThemed () returned 0x1
[0239.115] GetThemeAppProperties () returned 0x3
[0239.115] GetThemeAppProperties () returned 0x3
[0239.115] IsAppThemed () returned 0x1
[0239.115] GetThemeAppProperties () returned 0x3
[0239.115] GetThemeAppProperties () returned 0x3
[0239.115] IsThemePartDefined () returned 0x1
[0239.115] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0239.115] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0239.115] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0239.115] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0239.115] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df74) returned 0x0
[0239.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0239.115] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eead0) returned 0x0
[0239.115] LocalFree (hMem=0x11eead0) returned 0x0
[0239.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.115] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0239.115] LocalFree (hMem=0x11ee788) returned 0x0
[0239.115] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0239.115] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0239.115] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0239.115] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0239.115] GdipDeleteRegion (region=0x6645368) returned 0x0
[0239.116] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0239.116] GetCurrentObject (hdc=0xdd0107e6, type=0x1) returned 0xb00017
[0239.116] GetCurrentObject (hdc=0xdd0107e6, type=0x2) returned 0x900010
[0239.116] GetCurrentObject (hdc=0xdd0107e6, type=0x7) returned 0x4a0507fe
[0239.116] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.116] SaveDC (hdc=0xdd0107e6) returned 1
[0239.116] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc20407de
[0239.116] GetClipRgn (hdc=0xdd0107e6, hrgn=0xc20407de) returned 0
[0239.116] SelectClipRgn (hdc=0xdd0107e6, hrgn=0x2d040807) returned 2
[0239.116] DeleteObject (ho=0xc20407de) returned 1
[0239.116] DeleteObject (ho=0x2d040807) returned 1
[0239.116] OffsetViewportOrgEx (in: hdc=0xdd0107e6, x=0, y=0, lppt=0x2e1fe0c | out: lppt=0x2e1fe0c) returned 1
[0239.116] IsAppThemed () returned 0x1
[0239.116] GetThemeAppProperties () returned 0x3
[0239.116] GetThemeAppProperties () returned 0x3
[0239.116] DrawThemeBackground () returned 0x0
[0239.116] RestoreDC (hdc=0xdd0107e6, nSavedDC=-1) returned 1
[0239.116] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107e6) returned 0x0
[0239.116] GdipCreateRegion (region=0xd7df60) returned 0x0
[0239.116] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0239.116] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0239.117] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0239.117] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0239.117] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.117] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0239.117] LocalFree (hMem=0x11ee788) returned 0x0
[0239.117] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.117] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0239.117] LocalFree (hMem=0x11ee788) returned 0x0
[0239.117] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0239.117] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0239.117] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df90) returned 0x0
[0239.117] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0239.117] GdipDeleteRegion (region=0x6645248) returned 0x0
[0239.117] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0239.117] GetCurrentObject (hdc=0xdd0107e6, type=0x1) returned 0xb00017
[0239.117] GetCurrentObject (hdc=0xdd0107e6, type=0x2) returned 0x900010
[0239.117] GetCurrentObject (hdc=0xdd0107e6, type=0x7) returned 0x4a0507fe
[0239.117] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.117] SaveDC (hdc=0xdd0107e6) returned 1
[0239.117] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e040807
[0239.118] GetClipRgn (hdc=0xdd0107e6, hrgn=0x2e040807) returned 0
[0239.118] SelectClipRgn (hdc=0xdd0107e6, hrgn=0xc30407de) returned 2
[0239.118] DeleteObject (ho=0x2e040807) returned 1
[0239.118] DeleteObject (ho=0xc30407de) returned 1
[0239.118] OffsetViewportOrgEx (in: hdc=0xdd0107e6, x=0, y=0, lppt=0x2e200e0 | out: lppt=0x2e200e0) returned 1
[0239.118] IsAppThemed () returned 0x1
[0239.118] GetThemeAppProperties () returned 0x3
[0239.118] GetThemeAppProperties () returned 0x3
[0239.118] GetThemeBackgroundContentRect () returned 0x0
[0239.118] RestoreDC (hdc=0xdd0107e6, nSavedDC=-1) returned 1
[0239.118] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107e6) returned 0x0
[0239.118] IsAppThemed () returned 0x1
[0239.118] GetThemeAppProperties () returned 0x3
[0239.118] GetThemeAppProperties () returned 0x3
[0239.118] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0239.118] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0239.118] GetCurrentObject (hdc=0xdd0107e6, type=0x1) returned 0xb00017
[0239.118] GetCurrentObject (hdc=0xdd0107e6, type=0x2) returned 0x900010
[0239.118] GetCurrentObject (hdc=0xdd0107e6, type=0x7) returned 0x4a0507fe
[0239.119] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.119] SaveDC (hdc=0xdd0107e6) returned 1
[0239.119] GetTextAlign (hdc=0xdd0107e6) returned 0x0
[0239.119] GetTextColor (hdc=0xdd0107e6) returned 0x0
[0239.119] GetCurrentObject (hdc=0xdd0107e6, type=0x6) returned 0x8a01c2
[0239.119] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0239.119] SelectObject (hdc=0xdd0107e6, h=0x6d0a0520) returned 0x8a01c2
[0239.119] GetBkMode (hdc=0xdd0107e6) returned 2
[0239.119] SetBkMode (hdc=0xdd0107e6, mode=1) returned 2
[0239.119] DrawTextExW (in: hdc=0xdd0107e6, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e20480 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0239.120] DrawTextExW (in: hdc=0xdd0107e6, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e20480 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0239.120] RestoreDC (hdc=0xdd0107e6, nSavedDC=-1) returned 1
[0239.120] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107e6) returned 0x0
[0239.120] GetFocus () returned 0x2202d8
[0239.120] IsAppThemed () returned 0x1
[0239.120] GetThemeAppProperties () returned 0x3
[0239.120] GetThemeAppProperties () returned 0x3
[0239.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0239.120] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xdd0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.120] GdipReleaseDC (graphics=0x6600030, hdc=0xdd0107e6) returned 0x0
[0239.121] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.121] SelectObject (hdc=0xdd0107e6, h=0x85000f) returned 0x4a0507fe
[0239.121] DeleteDC (hdc=0xdd0107e6) returned 1
[0239.121] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.121] EndPaint (hWnd=0x1a02c8, lpPaint=0xd7e24c) returned 1
[0239.121] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.121] IsWindowUnicode (hWnd=0x602c4) returned 1
[0239.121] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.121] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.121] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.121] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0239.121] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.122] CreateCompatibleDC (hdc=0xf0105ee) returned 0xdf0107e6
[0239.122] SelectObject (hdc=0xdf0107e6, h=0x4a0507fe) returned 0x85000f
[0239.122] GdipCreateFromHDC (hdc=0xdf0107e6, graphics=0xd7e268) returned 0x0
[0239.168] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.168] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0239.168] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0239.168] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0239.168] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0239.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.168] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0239.168] LocalFree (hMem=0x11ee788) returned 0x0
[0239.168] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0239.168] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0239.168] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0239.168] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0239.168] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0239.168] GdipRestoreGraphics (graphics=0x6600030, state=0xf8cc0dbd) returned 0x0
[0239.168] GdipDeleteRegion (region=0x6645248) returned 0x0
[0239.168] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0239.168] GetCurrentObject (hdc=0xdf0107e6, type=0x1) returned 0xb00017
[0239.168] GetCurrentObject (hdc=0xdf0107e6, type=0x2) returned 0x900010
[0239.168] GetCurrentObject (hdc=0xdf0107e6, type=0x7) returned 0x4a0507fe
[0239.168] GetCurrentObject (hdc=0xdf0107e6, type=0x6) returned 0x8a01c2
[0239.169] SaveDC (hdc=0xdf0107e6) returned 1
[0239.169] GetNearestColor (hdc=0xdf0107e6, color=0xff) returned 0xff
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0x55) returned 0x55
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0x0) returned 0x0
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0x55) returned 0x55
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0x0) returned 0x0
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0x8080ff) returned 0x8080ff
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0x7373e5) returned 0x7373e5
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0xe5) returned 0xe5
[0239.207] GetNearestColor (hdc=0xdf0107e6, color=0x0) returned 0x0
[0239.207] RestoreDC (hdc=0xdf0107e6, nSavedDC=-1) returned 1
[0239.207] GdipReleaseDC (graphics=0x6600030, hdc=0xdf0107e6) returned 0x0
[0239.207] IsAppThemed () returned 0x1
[0239.207] GetThemeAppProperties () returned 0x3
[0239.207] GetThemeAppProperties () returned 0x3
[0239.207] IsAppThemed () returned 0x1
[0239.207] GetThemeAppProperties () returned 0x3
[0239.207] GetThemeAppProperties () returned 0x3
[0239.207] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e20c48 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0239.208] IsAppThemed () returned 0x1
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] IsAppThemed () returned 0x1
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] GetFocus () returned 0x2202d8
[0239.208] IsAppThemed () returned 0x1
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] IsAppThemed () returned 0x1
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] IsThemePartDefined () returned 0x1
[0239.208] IsAppThemed () returned 0x1
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0239.208] IsAppThemed () returned 0x1
[0239.208] GetThemeAppProperties () returned 0x3
[0239.208] GetThemeAppProperties () returned 0x3
[0239.209] IsAppThemed () returned 0x1
[0239.209] GetThemeAppProperties () returned 0x3
[0239.209] GetThemeAppProperties () returned 0x3
[0239.209] IsThemePartDefined () returned 0x1
[0239.209] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0239.209] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0239.209] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0239.209] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0239.209] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0239.209] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0239.209] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0239.209] LocalFree (hMem=0x11eec58) returned 0x0
[0239.209] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.209] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0239.209] LocalFree (hMem=0x11ee788) returned 0x0
[0239.209] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0239.209] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0239.209] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0239.209] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0239.209] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0239.209] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0239.209] GetCurrentObject (hdc=0xdf0107e6, type=0x1) returned 0xb00017
[0239.209] GetCurrentObject (hdc=0xdf0107e6, type=0x2) returned 0x900010
[0239.209] GetCurrentObject (hdc=0xdf0107e6, type=0x7) returned 0x4a0507fe
[0239.210] GetCurrentObject (hdc=0xdf0107e6, type=0x6) returned 0x8a01c2
[0239.210] SaveDC (hdc=0xdf0107e6) returned 1
[0239.210] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc40407de
[0239.210] GetClipRgn (hdc=0xdf0107e6, hrgn=0xc40407de) returned 0
[0239.210] SelectClipRgn (hdc=0xdf0107e6, hrgn=0x32040807) returned 2
[0239.210] DeleteObject (ho=0xc40407de) returned 1
[0239.210] DeleteObject (ho=0x32040807) returned 1
[0239.210] OffsetViewportOrgEx (in: hdc=0xdf0107e6, x=0, y=0, lppt=0x2e212f8 | out: lppt=0x2e212f8) returned 1
[0239.210] DrawThemeParentBackground () returned 0x0
[0239.210] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0239.210] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0239.210] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0239.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.210] GetSystemMetrics (nIndex=42) returned 0
[0239.210] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0239.210] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0239.210] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0239.210] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0239.210] SelectPalette (hdc=0xdf0107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.211] GdipCreateFromHDC (hdc=0xdf0107e6, graphics=0xd7dac8) returned 0x0
[0239.211] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0239.211] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0239.211] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638ab8) returned 0x0
[0239.211] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7daa0) returned 0x0
[0239.211] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0239.211] GdipCreateRegion (region=0xd7da88) returned 0x0
[0239.211] GdipGetClip (graphics=0x6636988, region=0x6645fc8) returned 0x0
[0239.211] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6636988, result=0xd7da94) returned 0x0
[0239.211] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.211] GdipSaveGraphics (graphics=0x6636988, state=0xd7dac0) returned 0x0
[0239.211] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0239.220] GdipFillRectangleI (graphics=0x6636988, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0239.220] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0239.221] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0239.221] SelectPalette (hdc=0xdf0107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.222] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0239.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.222] GetSystemMetrics (nIndex=42) returned 0
[0239.222] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0239.222] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0239.222] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0239.222] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0239.222] SelectPalette (hdc=0xdf0107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.222] GdipCreateFromHDC (hdc=0xdf0107e6, graphics=0xd7da68) returned 0x0
[0239.222] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0239.222] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0239.222] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638ae8) returned 0x0
[0239.222] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7da40) returned 0x0
[0239.222] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0239.222] GdipCreateRegion (region=0xd7da28) returned 0x0
[0239.222] GdipGetClip (graphics=0x6636988, region=0x66457e8) returned 0x0
[0239.222] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6636988, result=0xd7da34) returned 0x0
[0239.223] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0239.223] GdipSaveGraphics (graphics=0x6636988, state=0xd7da60) returned 0x0
[0239.223] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0239.228] GdipFillRectangleI (graphics=0x6636988, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0239.228] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0239.229] GdipRestoreGraphics (graphics=0x6636988, state=0xf8c80dbd) returned 0x0
[0239.229] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0239.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.229] GetSystemMetrics (nIndex=42) returned 0
[0239.229] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0239.229] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0239.229] SelectPalette (hdc=0xdf0107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.229] RestoreDC (hdc=0xdf0107e6, nSavedDC=-1) returned 1
[0239.230] GdipReleaseDC (graphics=0x6600030, hdc=0xdf0107e6) returned 0x0
[0239.230] IsAppThemed () returned 0x1
[0239.230] GetThemeAppProperties () returned 0x3
[0239.230] GetThemeAppProperties () returned 0x3
[0239.230] IsAppThemed () returned 0x1
[0239.230] GetThemeAppProperties () returned 0x3
[0239.230] GetThemeAppProperties () returned 0x3
[0239.230] IsThemePartDefined () returned 0x1
[0239.230] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0239.230] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0239.230] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0239.230] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0239.230] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0239.230] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0239.230] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0239.230] LocalFree (hMem=0x11ee868) returned 0x0
[0239.230] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0239.230] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0239.230] LocalFree (hMem=0x11eec58) returned 0x0
[0239.230] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0239.230] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0239.230] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0239.230] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0239.231] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0239.231] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0239.231] GetCurrentObject (hdc=0xdf0107e6, type=0x1) returned 0xb00017
[0239.231] GetCurrentObject (hdc=0xdf0107e6, type=0x2) returned 0x900010
[0239.231] GetCurrentObject (hdc=0xdf0107e6, type=0x7) returned 0x4a0507fe
[0239.231] GetCurrentObject (hdc=0xdf0107e6, type=0x6) returned 0x8a01c2
[0239.231] SaveDC (hdc=0xdf0107e6) returned 1
[0239.231] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x33040807
[0239.231] GetClipRgn (hdc=0xdf0107e6, hrgn=0x33040807) returned 0
[0239.231] SelectClipRgn (hdc=0xdf0107e6, hrgn=0xc60407de) returned 2
[0239.231] DeleteObject (ho=0x33040807) returned 1
[0239.231] DeleteObject (ho=0xc60407de) returned 1
[0239.231] OffsetViewportOrgEx (in: hdc=0xdf0107e6, x=0, y=0, lppt=0x2e27b48 | out: lppt=0x2e27b48) returned 1
[0239.231] IsAppThemed () returned 0x1
[0239.236] GetThemeAppProperties () returned 0x3
[0239.236] GetThemeAppProperties () returned 0x3
[0239.237] DrawThemeBackground () returned 0x0
[0239.237] RestoreDC (hdc=0xdf0107e6, nSavedDC=-1) returned 1
[0239.237] GdipReleaseDC (graphics=0x6600030, hdc=0xdf0107e6) returned 0x0
[0239.237] GdipCreateRegion (region=0xd7df60) returned 0x0
[0239.237] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0239.237] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0239.237] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0239.237] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df78) returned 0x0
[0239.237] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0239.237] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0239.237] LocalFree (hMem=0x11eea60) returned 0x0
[0239.237] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0239.237] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee910) returned 0x0
[0239.237] LocalFree (hMem=0x11ee910) returned 0x0
[0239.237] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0239.237] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0239.237] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7df90) returned 0x0
[0239.237] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0239.237] GdipDeleteRegion (region=0x6645368) returned 0x0
[0239.237] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0239.237] GetCurrentObject (hdc=0xdf0107e6, type=0x1) returned 0xb00017
[0239.238] GetCurrentObject (hdc=0xdf0107e6, type=0x2) returned 0x900010
[0239.238] GetCurrentObject (hdc=0xdf0107e6, type=0x7) returned 0x4a0507fe
[0239.238] GetCurrentObject (hdc=0xdf0107e6, type=0x6) returned 0x8a01c2
[0239.238] SaveDC (hdc=0xdf0107e6) returned 1
[0239.238] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc70407de
[0239.238] GetClipRgn (hdc=0xdf0107e6, hrgn=0xc70407de) returned 0
[0239.238] SelectClipRgn (hdc=0xdf0107e6, hrgn=0x34040807) returned 2
[0239.238] DeleteObject (ho=0xc70407de) returned 1
[0239.238] DeleteObject (ho=0x34040807) returned 1
[0239.238] OffsetViewportOrgEx (in: hdc=0xdf0107e6, x=0, y=0, lppt=0x2e27e1c | out: lppt=0x2e27e1c) returned 1
[0239.238] IsAppThemed () returned 0x1
[0239.238] GetThemeAppProperties () returned 0x3
[0239.238] GetThemeAppProperties () returned 0x3
[0239.238] GetThemeBackgroundContentRect () returned 0x0
[0239.238] RestoreDC (hdc=0xdf0107e6, nSavedDC=-1) returned 1
[0239.238] GdipReleaseDC (graphics=0x6600030, hdc=0xdf0107e6) returned 0x0
[0239.238] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0239.238] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0239.238] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0239.238] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0239.238] IsAppThemed () returned 0x1
[0239.238] GetThemeAppProperties () returned 0x3
[0239.238] GetThemeAppProperties () returned 0x3
[0239.238] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0239.238] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0239.239] GetCurrentObject (hdc=0xdf0107e6, type=0x1) returned 0xb00017
[0239.239] GetCurrentObject (hdc=0xdf0107e6, type=0x2) returned 0x900010
[0239.239] GetCurrentObject (hdc=0xdf0107e6, type=0x7) returned 0x4a0507fe
[0239.239] GetCurrentObject (hdc=0xdf0107e6, type=0x6) returned 0x8a01c2
[0239.239] SaveDC (hdc=0xdf0107e6) returned 1
[0239.239] GetTextAlign (hdc=0xdf0107e6) returned 0x0
[0239.239] GetTextColor (hdc=0xdf0107e6) returned 0x0
[0239.239] GetCurrentObject (hdc=0xdf0107e6, type=0x6) returned 0x8a01c2
[0239.239] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0239.239] SelectObject (hdc=0xdf0107e6, h=0x6d0a0520) returned 0x8a01c2
[0239.239] GetBkMode (hdc=0xdf0107e6) returned 2
[0239.239] SetBkMode (hdc=0xdf0107e6, mode=1) returned 2
[0239.239] DrawTextExW (in: hdc=0xdf0107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e281e0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0239.239] DrawTextExW (in: hdc=0xdf0107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e281e0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0239.240] RestoreDC (hdc=0xdf0107e6, nSavedDC=-1) returned 1
[0239.240] GdipReleaseDC (graphics=0x6600030, hdc=0xdf0107e6) returned 0x0
[0239.240] GetFocus () returned 0x2202d8
[0239.240] IsAppThemed () returned 0x1
[0239.240] GetThemeAppProperties () returned 0x3
[0239.240] GetThemeAppProperties () returned 0x3
[0239.240] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0239.240] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xdf0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.240] GdipReleaseDC (graphics=0x6600030, hdc=0xdf0107e6) returned 0x0
[0239.240] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.240] SelectObject (hdc=0xdf0107e6, h=0x85000f) returned 0x4a0507fe
[0239.240] DeleteDC (hdc=0xdf0107e6) returned 1
[0239.240] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.241] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0239.241] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0239.241] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.241] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0239.242] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.242] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.243] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0239.243] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.243] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.244] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.244] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.244] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.244] IsWindowUnicode (hWnd=0x1502d0) returned 1
[0239.244] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.244] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.244] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.245] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.245] IsWindowUnicode (hWnd=0x1502d0) returned 1
[0239.245] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.245] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.245] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x2a1, wParam=0x0, lParam=0x80032) returned 0x0
[0239.245] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.245] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.245] WaitMessage () returned 1
[0239.274] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.274] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.274] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.274] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.274] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.275] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.275] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.275] WaitMessage () returned 1
[0239.276] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.276] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.276] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.276] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.276] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.277] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.277] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.277] WaitMessage () returned 1
[0239.278] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.278] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.278] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.278] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.278] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.283] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.283] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.283] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.283] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.283] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.283] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.283] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.283] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.283] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.283] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.283] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.284] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.284] WaitMessage () returned 1
[0239.286] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.286] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.286] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.286] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.286] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.287] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.287] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.287] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.287] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.287] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.288] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.288] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.288] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.288] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.288] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.288] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.288] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.288] WaitMessage () returned 1
[0239.289] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.289] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.289] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.289] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.289] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.290] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.290] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.290] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.290] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.290] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.290] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.290] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.290] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.290] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.290] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.290] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.291] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.291] WaitMessage () returned 1
[0239.291] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.291] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.291] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.291] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.291] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.293] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.293] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.293] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.293] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.293] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.293] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.293] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.293] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.293] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.293] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.293] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.294] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.294] WaitMessage () returned 1
[0239.343] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.343] IsWindowUnicode (hWnd=0x502c6) returned 1
[0239.343] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.343] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.343] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.344] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.344] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0239.344] WaitMessage () returned 1
[0239.418] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.418] IsWindowUnicode (hWnd=0x1502d0) returned 1
[0239.418] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.418] GetDlgItem (hDlg=0x1602ce, nIDDlgItem=0) returned 0x0
[0239.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x210, wParam=0x201, lParam=0x660113) returned 0x0
[0239.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x21, wParam=0x1602ce, lParam=0x2010001) returned 0x1
[0239.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x21, wParam=0x1602ce, lParam=0x2010001) returned 0x1
[0239.418] SetCursor (hCursor=0x10003) returned 0x10003
[0239.419] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.419] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.419] GetKeyState (nVirtKey=1) returned -127
[0239.419] GetKeyState (nVirtKey=2) returned 0
[0239.419] GetKeyState (nVirtKey=4) returned 0
[0239.419] GetKeyState (nVirtKey=5) returned 0
[0239.419] GetKeyState (nVirtKey=6) returned 0
[0239.419] IsWindowVisible (hWnd=0x1502d0) returned 1
[0239.419] IsWindowEnabled (hWnd=0x1502d0) returned 1
[0239.419] SetFocus (hWnd=0x1502d0) returned 0x2202d8
[0239.419] GetFocus () returned 0x1502d0
[0239.420] IsChild (hWndParent=0x1602ce, hWnd=0x1502d0) returned 1
[0239.420] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x8, wParam=0x1502d0, lParam=0x0) returned 0x0
[0239.420] GetCapture () returned 0x0
[0239.420] InvalidateRect (hWnd=0x2202d8, lpRect=0x0, bErase=0) returned 1
[0239.420] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0239.422] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0239.423] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0239.423] InvalidateRect (hWnd=0x2202d8, lpRect=0x0, bErase=0) returned 1
[0239.423] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.423] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x7, wParam=0x2202d8, lParam=0x0) returned 0x0
[0239.423] GetStockObject (i=5) returned 0x900015
[0239.423] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0239.424] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0239.424] GetDlgItem (hDlg=0x1602ce, nIDDlgItem=1376976) returned 0x1502d0
[0239.424] SendMessageW (hWnd=0x1502d0, Msg=0x202b, wParam=0x1502d0, lParam=0xd7dddc) returned 0x0
[0239.424] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x202b, wParam=0x1502d0, lParam=0xd7dddc) returned 0x0
[0239.424] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.425] GetFocus () returned 0x1502d0
[0239.425] GetFocus () returned 0x1502d0
[0239.425] GetFocus () returned 0x1502d0
[0239.425] GetKeyState (nVirtKey=1) returned -127
[0239.425] GetKeyState (nVirtKey=2) returned 0
[0239.425] GetKeyState (nVirtKey=4) returned 0
[0239.425] GetKeyState (nVirtKey=5) returned 0
[0239.425] GetKeyState (nVirtKey=6) returned 0
[0239.425] GetCapture () returned 0x0
[0239.425] SetCapture (hWnd=0x1502d0) returned 0x0
[0239.425] GetKeyState (nVirtKey=1) returned -127
[0239.425] GetKeyState (nVirtKey=2) returned 0
[0239.425] GetKeyState (nVirtKey=4) returned 0
[0239.425] GetKeyState (nVirtKey=5) returned 0
[0239.425] GetKeyState (nVirtKey=6) returned 0
[0239.426] NotifyWinEvent (event=0x800a, hwnd=0x1502d0, idObject=-4, idChild=0)
[0239.426] InvalidateRect (hWnd=0x1502d0, lpRect=0xd7e430, bErase=0) returned 1
[0239.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.426] IsWindowUnicode (hWnd=0x1502d0) returned 1
[0239.426] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.426] TranslateMessage (lpMsg=0xd7e808) returned 0
[0239.426] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0239.426] MapWindowPoints (in: hWndFrom=0x1502d0, hWndTo=0x0, lpPoints=0x2e284f0, cPoints=0x1 | out: lpPoints=0x2e284f0) returned 30999254
[0239.426] NotifyWinEvent (event=0x800a, hwnd=0x1502d0, idObject=-4, idChild=0)
[0239.426] InvalidateRect (hWnd=0x1502d0, lpRect=0xd7e3d0, bErase=0) returned 1
[0239.426] UpdateWindow (hWnd=0x1502d0) returned 1
[0239.426] BeginPaint (in: hWnd=0x1502d0, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0239.426] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.426] CreateCompatibleDC (hdc=0xc0107c5) returned 0x340107d3
[0239.426] SelectObject (hdc=0x340107d3, h=0x4a0507fe) returned 0x85000f
[0239.426] GdipCreateFromHDC (hdc=0x340107d3, graphics=0xd7df00) returned 0x0
[0239.427] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.427] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0239.427] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0239.427] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0239.427] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df60) returned 0x0
[0239.427] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0239.427] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0239.427] LocalFree (hMem=0x11ee868) returned 0x0
[0239.427] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0239.427] GdipCreateRegion (region=0xd7df48) returned 0x0
[0239.427] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0239.427] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df54) returned 0x0
[0239.427] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0239.427] GdipRestoreGraphics (graphics=0x6600030, state=0xf8c60dbd) returned 0x0
[0239.427] GdipDeleteRegion (region=0x6645248) returned 0x0
[0239.427] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0239.427] GetCurrentObject (hdc=0x340107d3, type=0x1) returned 0xb00017
[0239.427] GetCurrentObject (hdc=0x340107d3, type=0x2) returned 0x900010
[0239.428] GetCurrentObject (hdc=0x340107d3, type=0x7) returned 0x4a0507fe
[0239.428] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.428] SaveDC (hdc=0x340107d3) returned 1
[0239.428] GetNearestColor (hdc=0x340107d3, color=0xf0f0f0) returned 0xf0f0f0
[0239.428] GetNearestColor (hdc=0x340107d3, color=0xa0a0a0) returned 0xa0a0a0
[0239.428] GetNearestColor (hdc=0x340107d3, color=0x696969) returned 0x696969
[0239.428] GetNearestColor (hdc=0x340107d3, color=0xa0a0a0) returned 0xa0a0a0
[0239.428] GetNearestColor (hdc=0x340107d3, color=0x0) returned 0x0
[0239.428] GetNearestColor (hdc=0x340107d3, color=0xffffff) returned 0xffffff
[0239.428] GetNearestColor (hdc=0x340107d3, color=0xe5e5e5) returned 0xe5e5e5
[0239.428] GetNearestColor (hdc=0x340107d3, color=0xd7d7d7) returned 0xd7d7d7
[0239.428] GetNearestColor (hdc=0x340107d3, color=0x0) returned 0x0
[0239.428] RestoreDC (hdc=0x340107d3, nSavedDC=-1) returned 1
[0239.428] GdipReleaseDC (graphics=0x6600030, hdc=0x340107d3) returned 0x0
[0239.428] IsAppThemed () returned 0x1
[0239.428] GetThemeAppProperties () returned 0x3
[0239.428] GetThemeAppProperties () returned 0x3
[0239.428] IsAppThemed () returned 0x1
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e28c48 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0239.429] IsAppThemed () returned 0x1
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] IsAppThemed () returned 0x1
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] IsAppThemed () returned 0x1
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] IsAppThemed () returned 0x1
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] IsThemePartDefined () returned 0x1
[0239.429] IsAppThemed () returned 0x1
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] GetThemeAppProperties () returned 0x3
[0239.429] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0239.429] IsAppThemed () returned 0x1
[0239.430] GetThemeAppProperties () returned 0x3
[0239.430] GetThemeAppProperties () returned 0x3
[0239.430] IsAppThemed () returned 0x1
[0239.430] GetThemeAppProperties () returned 0x3
[0239.430] GetThemeAppProperties () returned 0x3
[0239.430] IsThemePartDefined () returned 0x1
[0239.430] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0239.430] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0239.430] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0239.430] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0239.430] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc7c) returned 0x0
[0239.430] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.430] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0239.430] LocalFree (hMem=0x11ee788) returned 0x0
[0239.430] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0239.430] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea98) returned 0x0
[0239.430] LocalFree (hMem=0x11eea98) returned 0x0
[0239.430] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0239.430] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0239.430] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0239.430] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0239.430] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0239.430] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0239.431] GetCurrentObject (hdc=0x340107d3, type=0x1) returned 0xb00017
[0239.431] GetCurrentObject (hdc=0x340107d3, type=0x2) returned 0x900010
[0239.431] GetCurrentObject (hdc=0x340107d3, type=0x7) returned 0x4a0507fe
[0239.431] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.431] SaveDC (hdc=0x340107d3) returned 1
[0239.431] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x35040807
[0239.431] GetClipRgn (hdc=0x340107d3, hrgn=0x35040807) returned 0
[0239.431] SelectClipRgn (hdc=0x340107d3, hrgn=0xcb0407de) returned 2
[0239.431] DeleteObject (ho=0x35040807) returned 1
[0239.431] DeleteObject (ho=0xcb0407de) returned 1
[0239.431] OffsetViewportOrgEx (in: hdc=0x340107d3, x=0, y=0, lppt=0x2e292f8 | out: lppt=0x2e292f8) returned 1
[0239.431] DrawThemeParentBackground () returned 0x0
[0239.431] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0239.431] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0239.431] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.431] GetSystemMetrics (nIndex=42) returned 0
[0239.431] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0239.432] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0239.432] GetCurrentObject (hdc=0x340107d3, type=0x1) returned 0xb00017
[0239.432] GetCurrentObject (hdc=0x340107d3, type=0x2) returned 0x900010
[0239.432] GetCurrentObject (hdc=0x340107d3, type=0x7) returned 0x4a0507fe
[0239.432] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.432] SaveDC (hdc=0x340107d3) returned 2
[0239.432] GetNearestColor (hdc=0x340107d3, color=0xf0f0f0) returned 0xf0f0f0
[0239.432] CreateSolidBrush (color=0xf0f0f0) returned 0x801007e1
[0239.432] FillRect (hDC=0x340107d3, lprc=0xd7d6c8, hbr=0x801007e1) returned 1
[0239.432] DeleteObject (ho=0x801007e1) returned 1
[0239.432] RestoreDC (hdc=0x340107d3, nSavedDC=-1) returned 1
[0239.432] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.432] GetSystemMetrics (nIndex=42) returned 0
[0239.432] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0239.432] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0239.432] GetCurrentObject (hdc=0x340107d3, type=0x1) returned 0xb00017
[0239.432] GetCurrentObject (hdc=0x340107d3, type=0x2) returned 0x900010
[0239.432] GetCurrentObject (hdc=0x340107d3, type=0x7) returned 0x4a0507fe
[0239.433] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.433] SaveDC (hdc=0x340107d3) returned 2
[0239.433] GetNearestColor (hdc=0x340107d3, color=0xf0f0f0) returned 0xf0f0f0
[0239.433] CreateSolidBrush (color=0xf0f0f0) returned 0x811007e1
[0239.433] FillRect (hDC=0x340107d3, lprc=0xd7d668, hbr=0x811007e1) returned 1
[0239.433] DeleteObject (ho=0x811007e1) returned 1
[0239.433] RestoreDC (hdc=0x340107d3, nSavedDC=-1) returned 1
[0239.433] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.433] GetSystemMetrics (nIndex=42) returned 0
[0239.433] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0239.433] RestoreDC (hdc=0x340107d3, nSavedDC=-1) returned 1
[0239.433] GdipReleaseDC (graphics=0x6600030, hdc=0x340107d3) returned 0x0
[0239.433] IsAppThemed () returned 0x1
[0239.433] GetThemeAppProperties () returned 0x3
[0239.433] GetThemeAppProperties () returned 0x3
[0239.433] IsAppThemed () returned 0x1
[0239.434] GetThemeAppProperties () returned 0x3
[0239.434] GetThemeAppProperties () returned 0x3
[0239.434] IsThemePartDefined () returned 0x1
[0239.434] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0239.434] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0239.434] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0239.434] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0239.434] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0239.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0239.434] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eead0) returned 0x0
[0239.434] LocalFree (hMem=0x11eead0) returned 0x0
[0239.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.434] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0239.434] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.434] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0239.434] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0239.434] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0239.436] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0239.437] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.437] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0239.437] GetCurrentObject (hdc=0x340107d3, type=0x1) returned 0xb00017
[0239.437] GetCurrentObject (hdc=0x340107d3, type=0x2) returned 0x900010
[0239.437] GetCurrentObject (hdc=0x340107d3, type=0x7) returned 0x4a0507fe
[0239.437] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.437] SaveDC (hdc=0x340107d3) returned 1
[0239.437] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcc0407de
[0239.437] GetClipRgn (hdc=0x340107d3, hrgn=0xcc0407de) returned 0
[0239.437] SelectClipRgn (hdc=0x340107d3, hrgn=0x37040807) returned 2
[0239.437] DeleteObject (ho=0xcc0407de) returned 1
[0239.437] DeleteObject (ho=0x37040807) returned 1
[0239.437] OffsetViewportOrgEx (in: hdc=0x340107d3, x=0, y=0, lppt=0x2e29ba4 | out: lppt=0x2e29ba4) returned 1
[0239.437] IsAppThemed () returned 0x1
[0239.437] GetThemeAppProperties () returned 0x3
[0239.437] GetThemeAppProperties () returned 0x3
[0239.437] DrawThemeBackground () returned 0x0
[0239.437] RestoreDC (hdc=0x340107d3, nSavedDC=-1) returned 1
[0239.438] GdipReleaseDC (graphics=0x6600030, hdc=0x340107d3) returned 0x0
[0239.438] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0239.438] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0239.438] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0239.438] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0239.438] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc04) returned 0x0
[0239.438] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0239.438] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0239.438] LocalFree (hMem=0x11eec58) returned 0x0
[0239.438] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0239.438] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0239.438] LocalFree (hMem=0x11eec58) returned 0x0
[0239.438] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0239.438] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0239.438] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0239.438] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0239.438] GdipDeleteRegion (region=0x6645248) returned 0x0
[0239.438] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0239.438] GetCurrentObject (hdc=0x340107d3, type=0x1) returned 0xb00017
[0239.438] GetCurrentObject (hdc=0x340107d3, type=0x2) returned 0x900010
[0239.438] GetCurrentObject (hdc=0x340107d3, type=0x7) returned 0x4a0507fe
[0239.439] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.439] SaveDC (hdc=0x340107d3) returned 1
[0239.439] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x38040807
[0239.439] GetClipRgn (hdc=0x340107d3, hrgn=0x38040807) returned 0
[0239.439] SelectClipRgn (hdc=0x340107d3, hrgn=0xcd0407de) returned 2
[0239.439] DeleteObject (ho=0x38040807) returned 1
[0239.439] DeleteObject (ho=0xcd0407de) returned 1
[0239.439] OffsetViewportOrgEx (in: hdc=0x340107d3, x=0, y=0, lppt=0x2e29e78 | out: lppt=0x2e29e78) returned 1
[0239.439] IsAppThemed () returned 0x1
[0239.439] GetThemeAppProperties () returned 0x3
[0239.439] GetThemeAppProperties () returned 0x3
[0239.439] GetThemeBackgroundContentRect () returned 0x0
[0239.439] RestoreDC (hdc=0x340107d3, nSavedDC=-1) returned 1
[0239.439] GdipReleaseDC (graphics=0x6600030, hdc=0x340107d3) returned 0x0
[0239.439] IsAppThemed () returned 0x1
[0239.439] GetThemeAppProperties () returned 0x3
[0239.439] GetThemeAppProperties () returned 0x3
[0239.439] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0239.439] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0239.439] GetCurrentObject (hdc=0x340107d3, type=0x1) returned 0xb00017
[0239.439] GetCurrentObject (hdc=0x340107d3, type=0x2) returned 0x900010
[0239.440] GetCurrentObject (hdc=0x340107d3, type=0x7) returned 0x4a0507fe
[0239.440] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.440] SaveDC (hdc=0x340107d3) returned 1
[0239.440] GetTextAlign (hdc=0x340107d3) returned 0x0
[0239.440] GetTextColor (hdc=0x340107d3) returned 0x0
[0239.440] GetCurrentObject (hdc=0x340107d3, type=0x6) returned 0x8a01c2
[0239.440] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0239.440] SelectObject (hdc=0x340107d3, h=0x6d0a0520) returned 0x8a01c2
[0239.440] GetBkMode (hdc=0x340107d3) returned 2
[0239.440] SetBkMode (hdc=0x340107d3, mode=1) returned 2
[0239.440] DrawTextExW (in: hdc=0x340107d3, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e2a218 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0239.440] DrawTextExW (in: hdc=0x340107d3, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e2a218 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0239.441] RestoreDC (hdc=0x340107d3, nSavedDC=-1) returned 1
[0239.441] GdipReleaseDC (graphics=0x6600030, hdc=0x340107d3) returned 0x0
[0239.441] GetFocus () returned 0x1502d0
[0239.441] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0239.441] SendMessageW (hWnd=0x1602ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0239.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0239.441] IsAppThemed () returned 0x1
[0239.441] GetThemeAppProperties () returned 0x3
[0239.441] GetThemeAppProperties () returned 0x3
[0239.441] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0239.441] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x340107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.441] GdipReleaseDC (graphics=0x6600030, hdc=0x340107d3) returned 0x0
[0239.441] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.441] SelectObject (hdc=0x340107d3, h=0x85000f) returned 0x4a0507fe
[0239.442] DeleteDC (hdc=0x340107d3) returned 1
[0239.442] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.442] EndPaint (hWnd=0x1502d0, lpPaint=0xd7dee4) returned 1
[0239.442] MapWindowPoints (in: hWndFrom=0x1502d0, hWndTo=0x0, lpPoints=0x2e2a314, cPoints=0x1 | out: lpPoints=0x2e2a314) returned 30999254
[0239.442] WindowFromPoint (Point=0x308) returned 0x1502d0
[0239.442] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.442] NotifyWinEvent (event=0x800a, hwnd=0x1502d0, idObject=-4, idChild=0)
[0239.442] NotifyWinEvent (event=0x800c, hwnd=0x1502d0, idObject=-4, idChild=0)
[0239.442] GetCapture () returned 0x1502d0
[0239.442] ReleaseCapture () returned 1
[0239.442] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0239.442] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0239.443] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.443] IsWindow (hWnd=0x7005c) returned 1
[0239.443] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0239.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0239.444] IsWindow (hWnd=0x1602ce) returned 1
[0239.444] SetActiveWindow (hWnd=0x1602ce) returned 0x1602ce
[0239.444] IsWindow (hWnd=0x1602ce) returned 1
[0239.444] SetFocus (hWnd=0x1602ce) returned 0x1502d0
[0239.444] GetFocus () returned 0x1602ce
[0239.444] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x8, wParam=0x1602ce, lParam=0x0) returned 0x0
[0239.444] GetCapture () returned 0x0
[0239.444] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0239.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0239.447] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0239.447] GetFocus () returned 0x1602ce
[0239.447] SetFocus (hWnd=0x1502d0) returned 0x1602ce
[0239.448] GetFocus () returned 0x1502d0
[0239.448] IsChild (hWndParent=0x1602ce, hWnd=0x1502d0) returned 1
[0239.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x8, wParam=0x1502d0, lParam=0x0) returned 0x0
[0239.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0239.450] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0239.451] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0239.451] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x7, wParam=0x1602ce, lParam=0x0) returned 0x0
[0239.451] GetStockObject (i=5) returned 0x900015
[0239.451] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0239.451] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0239.451] GetDlgItem (hDlg=0x1602ce, nIDDlgItem=1376976) returned 0x1502d0
[0239.451] SendMessageW (hWnd=0x1502d0, Msg=0x202b, wParam=0x1502d0, lParam=0xd7ddcc) returned 0x0
[0239.451] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x202b, wParam=0x1502d0, lParam=0xd7ddcc) returned 0x0
[0239.451] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.453] GetWindowLongW (hWnd=0x1602ce, nIndex=-8) returned 458844
[0239.453] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0239.453] GetCurrentThreadId () returned 0xf50
[0239.453] IsWindow (hWnd=0x7005c) returned 1
[0239.453] IsWindow (hWnd=0x7005c) returned 1
[0239.453] IsWindowVisible (hWnd=0x7005c) returned 1
[0239.453] SetActiveWindow (hWnd=0x7005c) returned 0x1602ce
[0239.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0239.454] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0239.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0239.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0239.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0239.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0239.456] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0239.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0239.456] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0239.456] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0239.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0239.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0239.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0239.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1602ce) returned 0x1
[0239.460] GetFocus () returned 0x1502d0
[0239.460] SetFocus (hWnd=0x602c4) returned 0x1502d0
[0239.460] GetFocus () returned 0x602c4
[0239.460] IsChild (hWndParent=0x1602ce, hWnd=0x602c4) returned 0
[0239.460] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0239.460] GetCapture () returned 0x0
[0239.460] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.461] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0239.462] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0239.463] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0239.463] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0239.464] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0239.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0239.464] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0239.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1502d0, lParam=0x0) returned 0x0
[0239.464] GetStockObject (i=5) returned 0x900015
[0239.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0239.465] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0239.465] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0239.465] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0239.465] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0239.465] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0239.470] GetFocus () returned 0x602c4
[0239.470] IsChild (hWndParent=0x1602ce, hWnd=0x602c4) returned 0
[0239.470] ShowWindow (hWnd=0x1602ce, nCmdShow=0) returned 1
[0239.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0239.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0239.472] GetWindowPlacement (in: hWnd=0x1602ce, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0239.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0239.472] GetClientRect (in: hWnd=0x1602ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0239.472] GetWindowRect (in: hWnd=0x1602ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0239.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0239.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0239.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0239.473] GetWindowLongW (hWnd=0x1602ce, nIndex=-20) returned 327945
[0239.473] DestroyWindow (hWnd=0x1602ce) returned 1
[0239.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0239.473] GetWindowTextLengthW (hWnd=0x1602ce) returned 13
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.474] GetSystemMetrics (nIndex=42) returned 0
[0239.474] GetWindowTextW (in: hWnd=0x1602ce, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0239.474] GetWindowTextLengthW (hWnd=0x2002da) returned 0
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0239.474] GetSystemMetrics (nIndex=42) returned 0
[0239.474] GetWindowTextW (in: hWnd=0x2002da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0239.474] GetWindowThreadProcessId (in: hWnd=0x2300ea, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0239.474] GetWindow (hWnd=0x2300ea, uCmd=0x5) returned 0x0
[0239.474] GetWindowLongW (hWnd=0x2300ea, nIndex=-20) returned 65792
[0239.474] DestroyWindow (hWnd=0x2300ea) returned 1
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0239.474] GetWindowTextLengthW (hWnd=0x2300ea) returned 25
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0239.474] GetSystemMetrics (nIndex=42) returned 0
[0239.474] GetWindowTextW (in: hWnd=0x2300ea, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0239.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0239.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0239.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2300ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.476] GetWindowTextLengthW (hWnd=0x2002dc) returned 232
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0239.476] GetSystemMetrics (nIndex=42) returned 0
[0239.476] GetWindowTextW (in: hWnd=0x2002dc, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0239.476] InvalidateRect (hWnd=0x1502d0, lpRect=0x0, bErase=0) returned 1
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0239.476] SendMessageW (hWnd=0x2002de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0239.476] SendMessageW (hWnd=0x2002de, Msg=0xb0, wParam=0x2df6118, lParam=0xd7e480) returned 0x0
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0xb0, wParam=0x2df6118, lParam=0xd7e480) returned 0x0
[0239.476] GetWindowTextLengthW (hWnd=0x2002de) returned 4363
[0239.476] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0239.477] GetSystemMetrics (nIndex=42) returned 0
[0239.477] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0239.477] GetWindowTextW (in: hWnd=0x2002de, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0239.477] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0239.477] CoTaskMemFree (pv=0x120a4b0)
[0239.477] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0239.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.478] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1502d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.482] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2002de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0239.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.485] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.486] IsWindowUnicode (hWnd=0x7005c) returned 1
[0239.486] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.486] SetCursor (hCursor=0x10003) returned 0x10003
[0239.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.486] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0239.486] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0239.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0239.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c024a) returned 0x0
[0239.486] GetKeyState (nVirtKey=1) returned 1
[0239.486] GetKeyState (nVirtKey=2) returned 0
[0239.487] GetKeyState (nVirtKey=4) returned 0
[0239.487] GetKeyState (nVirtKey=5) returned 0
[0239.487] GetKeyState (nVirtKey=6) returned 0
[0239.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.487] IsWindowUnicode (hWnd=0x7005c) returned 1
[0239.487] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.487] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.487] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.488] IsWindowUnicode (hWnd=0x7005c) returned 1
[0239.488] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10308) returned 0x1
[0239.488] SetCursor (hCursor=0x10003) returned 0x10003
[0239.488] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.488] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c024a) returned 0x0
[0239.488] GetKeyState (nVirtKey=1) returned 1
[0239.488] GetKeyState (nVirtKey=2) returned 0
[0239.488] GetKeyState (nVirtKey=4) returned 0
[0239.489] GetKeyState (nVirtKey=5) returned 0
[0239.489] GetKeyState (nVirtKey=6) returned 0
[0239.489] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.489] IsWindowUnicode (hWnd=0x602c4) returned 1
[0239.489] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.489] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.489] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.489] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.490] IsWindowUnicode (hWnd=0x602c4) returned 1
[0239.490] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.490] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.490] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.490] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0239.490] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.490] CreateCompatibleDC (hdc=0xc0107c5) returned 0xc0107e9
[0239.490] SelectObject (hdc=0xc0107e9, h=0x4a0507fe) returned 0x85000f
[0239.490] GdipCreateFromHDC (hdc=0xc0107e9, graphics=0xd7e798) returned 0x0
[0239.491] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0239.491] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0239.491] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0239.491] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0239.491] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e7f8) returned 0x0
[0239.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.491] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0239.491] LocalFree (hMem=0x11ee788) returned 0x0
[0239.491] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0239.491] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0239.491] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0239.491] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0239.491] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0239.491] GdipRestoreGraphics (graphics=0x6600030, state=0xf8c40dbd) returned 0x0
[0239.491] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0239.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0239.491] GetCurrentObject (hdc=0xc0107e9, type=0x1) returned 0xb00017
[0239.491] GetCurrentObject (hdc=0xc0107e9, type=0x2) returned 0x900010
[0239.491] GetCurrentObject (hdc=0xc0107e9, type=0x7) returned 0x4a0507fe
[0239.491] GetCurrentObject (hdc=0xc0107e9, type=0x6) returned 0x8a01c2
[0239.492] SaveDC (hdc=0xc0107e9) returned 1
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0xff) returned 0xff
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0x55) returned 0x55
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0x0) returned 0x0
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0x55) returned 0x55
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0x0) returned 0x0
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0x8080ff) returned 0x8080ff
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0x7373e5) returned 0x7373e5
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0xe5) returned 0xe5
[0239.492] GetNearestColor (hdc=0xc0107e9, color=0x0) returned 0x0
[0239.492] RestoreDC (hdc=0xc0107e9, nSavedDC=-1) returned 1
[0239.492] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107e9) returned 0x0
[0239.492] IsAppThemed () returned 0x1
[0239.492] GetThemeAppProperties () returned 0x3
[0239.492] GetThemeAppProperties () returned 0x3
[0239.492] IsAppThemed () returned 0x1
[0239.492] GetThemeAppProperties () returned 0x3
[0239.492] GetThemeAppProperties () returned 0x3
[0239.493] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e32080 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0239.493] IsAppThemed () returned 0x1
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] IsAppThemed () returned 0x1
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] GetFocus () returned 0x602c4
[0239.493] IsAppThemed () returned 0x1
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] IsAppThemed () returned 0x1
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] IsThemePartDefined () returned 0x1
[0239.493] IsAppThemed () returned 0x1
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] GetThemeAppProperties () returned 0x3
[0239.493] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0239.493] IsAppThemed () returned 0x1
[0239.494] GetThemeAppProperties () returned 0x3
[0239.494] GetThemeAppProperties () returned 0x3
[0239.494] IsAppThemed () returned 0x1
[0239.494] GetThemeAppProperties () returned 0x3
[0239.494] GetThemeAppProperties () returned 0x3
[0239.494] IsThemePartDefined () returned 0x1
[0239.494] GdipCreateRegion (region=0xd7e508) returned 0x0
[0239.494] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0239.494] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0239.494] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0239.494] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e520) returned 0x0
[0239.494] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0239.494] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0239.494] LocalFree (hMem=0x11ee788) returned 0x0
[0239.494] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0239.494] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0239.494] LocalFree (hMem=0x11ee868) returned 0x0
[0239.494] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0239.494] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e548) returned 0x0
[0239.494] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e538) returned 0x0
[0239.494] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0239.494] GdipDeleteRegion (region=0x6645518) returned 0x0
[0239.494] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0239.494] GetCurrentObject (hdc=0xc0107e9, type=0x1) returned 0xb00017
[0239.495] GetCurrentObject (hdc=0xc0107e9, type=0x2) returned 0x900010
[0239.495] GetCurrentObject (hdc=0xc0107e9, type=0x7) returned 0x4a0507fe
[0239.495] GetCurrentObject (hdc=0xc0107e9, type=0x6) returned 0x8a01c2
[0239.495] SaveDC (hdc=0xc0107e9) returned 1
[0239.495] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xce0407de
[0239.495] GetClipRgn (hdc=0xc0107e9, hrgn=0xce0407de) returned 0
[0239.495] SelectClipRgn (hdc=0xc0107e9, hrgn=0x3c040807) returned 2
[0239.495] DeleteObject (ho=0xce0407de) returned 1
[0239.495] DeleteObject (ho=0x3c040807) returned 1
[0239.495] OffsetViewportOrgEx (in: hdc=0xc0107e9, x=0, y=0, lppt=0x2e32730 | out: lppt=0x2e32730) returned 1
[0239.495] DrawThemeParentBackground () returned 0x0
[0239.495] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0239.495] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0239.495] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0239.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.495] GetSystemMetrics (nIndex=42) returned 0
[0239.495] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0239.496] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0239.496] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0239.496] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0239.496] SelectPalette (hdc=0xc0107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.496] GdipCreateFromHDC (hdc=0xc0107e9, graphics=0xd7dff8) returned 0x0
[0239.496] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0239.496] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0239.496] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638b78) returned 0x0
[0239.496] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfd0) returned 0x0
[0239.496] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0239.496] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0239.496] GdipGetClip (graphics=0x6636988, region=0x6646178) returned 0x0
[0239.496] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6636988, result=0xd7dfc4) returned 0x0
[0239.496] GdipDeleteRegion (region=0x6646178) returned 0x0
[0239.496] GdipSaveGraphics (graphics=0x6636988, state=0xd7dff0) returned 0x0
[0239.496] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0239.523] GdipFillRectangleI (graphics=0x6636988, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0239.523] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0239.525] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0239.525] SelectPalette (hdc=0xc0107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.525] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0239.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.525] GetSystemMetrics (nIndex=42) returned 0
[0239.525] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0239.525] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0239.525] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0239.525] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0239.525] SelectPalette (hdc=0xc0107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0239.525] GdipCreateFromHDC (hdc=0xc0107e9, graphics=0xd7df98) returned 0x0
[0239.526] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0239.526] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0239.526] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638c68) returned 0x0
[0239.526] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df70) returned 0x0
[0239.526] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0239.526] GdipCreateRegion (region=0xd7df58) returned 0x0
[0239.526] GdipGetClip (graphics=0x6636988, region=0x6645368) returned 0x0
[0239.526] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6636988, result=0xd7df64) returned 0x0
[0239.526] GdipDeleteRegion (region=0x6645368) returned 0x0
[0239.526] GdipSaveGraphics (graphics=0x6636988, state=0xd7df90) returned 0x0
[0239.526] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0239.535] GdipFillRectangleI (graphics=0x6636988, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0239.535] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0239.536] GdipRestoreGraphics (graphics=0x6636988, state=0xf8c00dbd) returned 0x0
[0239.537] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0239.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0239.537] GetSystemMetrics (nIndex=42) returned 0
[0239.537] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0239.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0239.537] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0239.537] SelectPalette (hdc=0xc0107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.537] RestoreDC (hdc=0xc0107e9, nSavedDC=-1) returned 1
[0239.537] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107e9) returned 0x0
[0239.537] IsAppThemed () returned 0x1
[0239.538] GetThemeAppProperties () returned 0x3
[0239.538] GetThemeAppProperties () returned 0x3
[0239.538] IsAppThemed () returned 0x1
[0239.538] GetThemeAppProperties () returned 0x3
[0239.538] GetThemeAppProperties () returned 0x3
[0239.538] IsThemePartDefined () returned 0x1
[0239.538] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0239.538] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0239.538] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0239.538] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0239.538] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a4) returned 0x0
[0239.538] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.538] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0239.538] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.538] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0239.538] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0239.538] LocalFree (hMem=0x11ee910) returned 0x0
[0239.538] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0239.539] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0239.539] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0239.539] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0239.539] GdipDeleteRegion (region=0x6645368) returned 0x0
[0239.539] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0239.539] GetCurrentObject (hdc=0xc0107e9, type=0x1) returned 0xb00017
[0239.539] GetCurrentObject (hdc=0xc0107e9, type=0x2) returned 0x900010
[0239.539] GetCurrentObject (hdc=0xc0107e9, type=0x7) returned 0x4a0507fe
[0239.539] GetCurrentObject (hdc=0xc0107e9, type=0x6) returned 0x8a01c2
[0239.539] SaveDC (hdc=0xc0107e9) returned 1
[0239.539] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d040807
[0239.539] GetClipRgn (hdc=0xc0107e9, hrgn=0x3d040807) returned 0
[0239.539] SelectClipRgn (hdc=0xc0107e9, hrgn=0xd00407de) returned 2
[0239.539] DeleteObject (ho=0x3d040807) returned 1
[0239.540] DeleteObject (ho=0xd00407de) returned 1
[0239.540] OffsetViewportOrgEx (in: hdc=0xc0107e9, x=0, y=0, lppt=0x2e38f80 | out: lppt=0x2e38f80) returned 1
[0239.540] IsAppThemed () returned 0x1
[0239.540] GetThemeAppProperties () returned 0x3
[0239.540] GetThemeAppProperties () returned 0x3
[0239.540] DrawThemeBackground () returned 0x0
[0239.540] RestoreDC (hdc=0xc0107e9, nSavedDC=-1) returned 1
[0239.540] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107e9) returned 0x0
[0239.540] GdipCreateRegion (region=0xd7e490) returned 0x0
[0239.540] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0239.540] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0239.540] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0239.540] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e4a8) returned 0x0
[0239.540] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0239.540] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0239.540] LocalFree (hMem=0x11ee9f0) returned 0x0
[0239.541] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0239.541] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea28) returned 0x0
[0239.541] LocalFree (hMem=0x11eea28) returned 0x0
[0239.541] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0239.541] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0239.541] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0239.541] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0239.541] GdipDeleteRegion (region=0x6645368) returned 0x0
[0239.541] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0239.541] GetCurrentObject (hdc=0xc0107e9, type=0x1) returned 0xb00017
[0239.541] GetCurrentObject (hdc=0xc0107e9, type=0x2) returned 0x900010
[0239.541] GetCurrentObject (hdc=0xc0107e9, type=0x7) returned 0x4a0507fe
[0239.541] GetCurrentObject (hdc=0xc0107e9, type=0x6) returned 0x8a01c2
[0239.541] SaveDC (hdc=0xc0107e9) returned 1
[0239.541] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd10407de
[0239.541] GetClipRgn (hdc=0xc0107e9, hrgn=0xd10407de) returned 0
[0239.542] SelectClipRgn (hdc=0xc0107e9, hrgn=0x3e040807) returned 2
[0239.542] DeleteObject (ho=0xd10407de) returned 1
[0239.542] DeleteObject (ho=0x3e040807) returned 1
[0239.542] OffsetViewportOrgEx (in: hdc=0xc0107e9, x=0, y=0, lppt=0x2e39254 | out: lppt=0x2e39254) returned 1
[0239.542] IsAppThemed () returned 0x1
[0239.542] GetThemeAppProperties () returned 0x3
[0239.542] GetThemeAppProperties () returned 0x3
[0239.542] GetThemeBackgroundContentRect () returned 0x0
[0239.542] RestoreDC (hdc=0xc0107e9, nSavedDC=-1) returned 1
[0239.542] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107e9) returned 0x0
[0239.542] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0239.542] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0239.542] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0239.542] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0239.542] IsAppThemed () returned 0x1
[0239.543] GetThemeAppProperties () returned 0x3
[0239.543] GetThemeAppProperties () returned 0x3
[0239.543] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0239.543] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0239.543] GetCurrentObject (hdc=0xc0107e9, type=0x1) returned 0xb00017
[0239.543] GetCurrentObject (hdc=0xc0107e9, type=0x2) returned 0x900010
[0239.543] GetCurrentObject (hdc=0xc0107e9, type=0x7) returned 0x4a0507fe
[0239.543] GetCurrentObject (hdc=0xc0107e9, type=0x6) returned 0x8a01c2
[0239.543] SaveDC (hdc=0xc0107e9) returned 1
[0239.543] GetTextAlign (hdc=0xc0107e9) returned 0x0
[0239.543] GetTextColor (hdc=0xc0107e9) returned 0x0
[0239.543] GetCurrentObject (hdc=0xc0107e9, type=0x6) returned 0x8a01c2
[0239.543] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0239.543] SelectObject (hdc=0xc0107e9, h=0x6d0a0520) returned 0x8a01c2
[0239.544] GetBkMode (hdc=0xc0107e9) returned 2
[0239.544] SetBkMode (hdc=0xc0107e9, mode=1) returned 2
[0239.549] DrawTextExW (in: hdc=0xc0107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e39618 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0239.550] DrawTextExW (in: hdc=0xc0107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e39618 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0239.550] RestoreDC (hdc=0xc0107e9, nSavedDC=-1) returned 1
[0239.550] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107e9) returned 0x0
[0239.550] GetFocus () returned 0x602c4
[0239.550] IsAppThemed () returned 0x1
[0239.551] GetThemeAppProperties () returned 0x3
[0239.551] GetThemeAppProperties () returned 0x3
[0239.551] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0239.551] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xc0107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0239.551] GdipReleaseDC (graphics=0x6600030, hdc=0xc0107e9) returned 0x0
[0239.551] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0239.551] SelectObject (hdc=0xc0107e9, h=0x85000f) returned 0x4a0507fe
[0239.551] DeleteDC (hdc=0xc0107e9) returned 1
[0239.551] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0239.551] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0239.552] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.552] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.552] WaitMessage () returned 1
[0239.552] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.552] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.552] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.552] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.552] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.553] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.553] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.553] WaitMessage () returned 1
[0239.574] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.574] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.574] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.574] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.574] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.575] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.575] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.575] WaitMessage () returned 1
[0239.577] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.577] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.577] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.577] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.577] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.578] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.578] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.578] WaitMessage () returned 1
[0239.579] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.579] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.579] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.579] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.579] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.581] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.581] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.581] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.581] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.581] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.581] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.581] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.581] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.581] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.581] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.582] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.582] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.582] WaitMessage () returned 1
[0239.582] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.583] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.583] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.583] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.583] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.584] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.585] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.585] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.585] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.585] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.585] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.585] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.585] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.585] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.585] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.585] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.586] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.586] WaitMessage () returned 1
[0239.586] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.586] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.586] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.586] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.586] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.588] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.589] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.589] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.589] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.589] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.589] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.589] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.589] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.589] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.589] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.589] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.590] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.590] WaitMessage () returned 1
[0239.590] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.590] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.590] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.590] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.590] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.596] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.596] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.596] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.596] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.596] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.597] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.597] IsWindowUnicode (hWnd=0x30122) returned 1
[0239.597] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.597] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.597] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.597] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.598] IsWindowUnicode (hWnd=0x7005c) returned 1
[0239.598] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.598] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.598] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.598] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.598] IsWindowUnicode (hWnd=0x7005c) returned 1
[0239.598] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.598] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.598] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.598] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10c024a) returned 0x0
[0239.598] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.598] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.598] WaitMessage () returned 1
[0239.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.763] IsWindowUnicode (hWnd=0x502c6) returned 1
[0239.763] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0239.763] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0239.763] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0239.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.764] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0239.764] WaitMessage () returned 1
[0241.594] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.594] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f3) returned 0x1
[0241.594] IsWindowUnicode (hWnd=0x602c4) returned 1
[0241.594] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.594] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0241.594] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0241.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0241.594] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.594] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f3) returned 0x1
[0241.594] IsWindowUnicode (hWnd=0x602c4) returned 1
[0241.594] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f3) returned 0x1
[0241.595] SetCursor (hCursor=0x10003) returned 0x10003
[0241.595] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0241.595] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0241.595] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0241.595] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0241.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0241.595] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0241.595] GetKeyState (nVirtKey=1) returned 1
[0241.595] GetKeyState (nVirtKey=2) returned 0
[0241.595] GetKeyState (nVirtKey=4) returned 0
[0241.595] GetKeyState (nVirtKey=5) returned 0
[0241.595] GetKeyState (nVirtKey=6) returned 0
[0241.596] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.596] IsWindowUnicode (hWnd=0x602c4) returned 1
[0241.596] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.596] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0241.596] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0241.596] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0241.596] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0241.596] CreateCompatibleDC (hdc=0xc0107c5) returned 0x280107f8
[0241.596] SelectObject (hdc=0x280107f8, h=0x4a0507fe) returned 0x85000f
[0241.596] GdipCreateFromHDC (hdc=0x280107f8, graphics=0xd7e798) returned 0x0
[0241.596] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0241.597] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0241.597] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0241.597] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0241.597] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0241.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0241.597] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0241.597] LocalFree (hMem=0x11eec58) returned 0x0
[0241.597] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0241.597] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0241.597] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0241.597] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0241.597] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0241.597] GdipRestoreGraphics (graphics=0x6600030, state=0xf8be0dbd) returned 0x0
[0241.597] GdipDeleteRegion (region=0x6645878) returned 0x0
[0241.597] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0241.597] GetCurrentObject (hdc=0x280107f8, type=0x1) returned 0xb00017
[0241.598] GetCurrentObject (hdc=0x280107f8, type=0x2) returned 0x900010
[0241.598] GetCurrentObject (hdc=0x280107f8, type=0x7) returned 0x4a0507fe
[0241.598] GetCurrentObject (hdc=0x280107f8, type=0x6) returned 0x8a01c2
[0241.598] SaveDC (hdc=0x280107f8) returned 1
[0241.598] GetNearestColor (hdc=0x280107f8, color=0xff) returned 0xff
[0241.598] GetNearestColor (hdc=0x280107f8, color=0x55) returned 0x55
[0241.598] GetNearestColor (hdc=0x280107f8, color=0x0) returned 0x0
[0241.598] GetNearestColor (hdc=0x280107f8, color=0x55) returned 0x55
[0241.598] GetNearestColor (hdc=0x280107f8, color=0x0) returned 0x0
[0241.598] GetNearestColor (hdc=0x280107f8, color=0x8080ff) returned 0x8080ff
[0241.598] GetNearestColor (hdc=0x280107f8, color=0x7373e5) returned 0x7373e5
[0241.598] GetNearestColor (hdc=0x280107f8, color=0xe5) returned 0xe5
[0241.598] GetNearestColor (hdc=0x280107f8, color=0x0) returned 0x0
[0241.599] RestoreDC (hdc=0x280107f8, nSavedDC=-1) returned 1
[0241.599] GdipReleaseDC (graphics=0x6600030, hdc=0x280107f8) returned 0x0
[0241.599] IsAppThemed () returned 0x1
[0241.599] GetThemeAppProperties () returned 0x3
[0241.599] GetThemeAppProperties () returned 0x3
[0241.599] IsAppThemed () returned 0x1
[0241.599] GetThemeAppProperties () returned 0x3
[0241.599] GetThemeAppProperties () returned 0x3
[0241.599] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e39f64 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0241.599] IsAppThemed () returned 0x1
[0241.599] GetThemeAppProperties () returned 0x3
[0241.599] GetThemeAppProperties () returned 0x3
[0241.600] IsAppThemed () returned 0x1
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] IsAppThemed () returned 0x1
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] IsAppThemed () returned 0x1
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] IsThemePartDefined () returned 0x1
[0241.600] IsAppThemed () returned 0x1
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0241.600] IsAppThemed () returned 0x1
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] IsAppThemed () returned 0x1
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] GetThemeAppProperties () returned 0x3
[0241.600] IsThemePartDefined () returned 0x1
[0241.600] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0241.601] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0241.601] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0241.601] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0241.601] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e514) returned 0x0
[0241.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0241.601] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0241.601] LocalFree (hMem=0x11eea98) returned 0x0
[0241.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0241.601] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0241.601] LocalFree (hMem=0x11eec58) returned 0x0
[0241.601] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0241.601] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0241.601] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0241.601] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0241.601] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0241.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0241.602] GetCurrentObject (hdc=0x280107f8, type=0x1) returned 0xb00017
[0241.602] GetCurrentObject (hdc=0x280107f8, type=0x2) returned 0x900010
[0241.602] GetCurrentObject (hdc=0x280107f8, type=0x7) returned 0x4a0507fe
[0241.602] GetCurrentObject (hdc=0x280107f8, type=0x6) returned 0x8a01c2
[0241.602] SaveDC (hdc=0x280107f8) returned 1
[0241.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040807
[0241.602] GetClipRgn (hdc=0x280107f8, hrgn=0x3f040807) returned 0
[0241.602] SelectClipRgn (hdc=0x280107f8, hrgn=0xd50407de) returned 2
[0241.602] DeleteObject (ho=0x3f040807) returned 1
[0241.602] DeleteObject (ho=0xd50407de) returned 1
[0241.602] OffsetViewportOrgEx (in: hdc=0x280107f8, x=0, y=0, lppt=0x2e3a614 | out: lppt=0x2e3a614) returned 1
[0241.602] DrawThemeParentBackground () returned 0x0
[0241.603] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0241.603] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0241.603] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.603] GetSystemMetrics (nIndex=42) returned 0
[0241.603] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0241.603] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0241.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0241.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0241.603] SelectPalette (hdc=0x280107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0241.603] GdipCreateFromHDC (hdc=0x280107f8, graphics=0xd7dff0) returned 0x0
[0241.603] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0241.604] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0241.604] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638ab8) returned 0x0
[0241.604] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfc8) returned 0x0
[0241.604] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0241.604] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0241.604] GdipGetClip (graphics=0x6636988, region=0x6645248) returned 0x0
[0241.604] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6636988, result=0xd7dfbc) returned 0x0
[0241.604] GdipDeleteRegion (region=0x6645248) returned 0x0
[0241.604] GdipSaveGraphics (graphics=0x6636988, state=0xd7dfe8) returned 0x0
[0241.604] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0241.611] GdipFillRectangleI (graphics=0x6636988, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0241.611] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0241.613] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0241.613] SelectPalette (hdc=0x280107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0241.613] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.613] GetSystemMetrics (nIndex=42) returned 0
[0241.613] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0241.613] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0241.613] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0241.613] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0241.613] SelectPalette (hdc=0x280107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0241.613] GdipCreateFromHDC (hdc=0x280107f8, graphics=0xd7df90) returned 0x0
[0241.614] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0241.614] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0241.614] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638a28) returned 0x0
[0241.614] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0241.614] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0241.614] GdipCreateRegion (region=0xd7df50) returned 0x0
[0241.614] GdipGetClip (graphics=0x6636988, region=0x6645fc8) returned 0x0
[0241.614] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6636988, result=0xd7df5c) returned 0x0
[0241.614] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0241.614] GdipSaveGraphics (graphics=0x6636988, state=0xd7df88) returned 0x0
[0241.614] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0241.621] GdipFillRectangleI (graphics=0x6636988, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0241.621] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0241.623] GdipRestoreGraphics (graphics=0x6636988, state=0xf8ba0dbd) returned 0x0
[0241.623] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.623] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.623] GetSystemMetrics (nIndex=42) returned 0
[0241.623] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.623] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0241.623] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0241.623] SelectPalette (hdc=0x280107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0241.624] RestoreDC (hdc=0x280107f8, nSavedDC=-1) returned 1
[0241.624] GdipReleaseDC (graphics=0x6600030, hdc=0x280107f8) returned 0x0
[0241.624] IsAppThemed () returned 0x1
[0241.624] GetThemeAppProperties () returned 0x3
[0241.624] GetThemeAppProperties () returned 0x3
[0241.624] IsAppThemed () returned 0x1
[0241.624] GetThemeAppProperties () returned 0x3
[0241.624] GetThemeAppProperties () returned 0x3
[0241.624] IsThemePartDefined () returned 0x1
[0241.624] GdipCreateRegion (region=0xd7e480) returned 0x0
[0241.624] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0241.624] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0241.624] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0241.624] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0241.624] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0241.625] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0241.625] LocalFree (hMem=0x11ee868) returned 0x0
[0241.625] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0241.625] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0241.625] LocalFree (hMem=0x11ee868) returned 0x0
[0241.625] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0241.625] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0241.625] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0241.625] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0241.625] GdipDeleteRegion (region=0x6645368) returned 0x0
[0241.625] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0241.625] GetCurrentObject (hdc=0x280107f8, type=0x1) returned 0xb00017
[0241.625] GetCurrentObject (hdc=0x280107f8, type=0x2) returned 0x900010
[0241.625] GetCurrentObject (hdc=0x280107f8, type=0x7) returned 0x4a0507fe
[0241.625] GetCurrentObject (hdc=0x280107f8, type=0x6) returned 0x8a01c2
[0241.625] SaveDC (hdc=0x280107f8) returned 1
[0241.626] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd60407de
[0241.626] GetClipRgn (hdc=0x280107f8, hrgn=0xd60407de) returned 0
[0241.626] SelectClipRgn (hdc=0x280107f8, hrgn=0x41040807) returned 2
[0241.626] DeleteObject (ho=0xd60407de) returned 1
[0241.626] DeleteObject (ho=0x41040807) returned 1
[0241.626] OffsetViewportOrgEx (in: hdc=0x280107f8, x=0, y=0, lppt=0x2e40e64 | out: lppt=0x2e40e64) returned 1
[0241.626] IsAppThemed () returned 0x1
[0241.626] GetThemeAppProperties () returned 0x3
[0241.626] GetThemeAppProperties () returned 0x3
[0241.626] DrawThemeBackground () returned 0x0
[0241.626] RestoreDC (hdc=0x280107f8, nSavedDC=-1) returned 1
[0241.626] GdipReleaseDC (graphics=0x6600030, hdc=0x280107f8) returned 0x0
[0241.626] GdipCreateRegion (region=0xd7e484) returned 0x0
[0241.626] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0241.626] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0241.626] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0241.627] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e49c) returned 0x0
[0241.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0241.627] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0241.627] LocalFree (hMem=0x11ee788) returned 0x0
[0241.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0241.627] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0241.627] LocalFree (hMem=0x11eea60) returned 0x0
[0241.627] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0241.627] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0241.627] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0241.627] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0241.627] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0241.627] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0241.627] GetCurrentObject (hdc=0x280107f8, type=0x1) returned 0xb00017
[0241.627] GetCurrentObject (hdc=0x280107f8, type=0x2) returned 0x900010
[0241.627] GetCurrentObject (hdc=0x280107f8, type=0x7) returned 0x4a0507fe
[0241.627] GetCurrentObject (hdc=0x280107f8, type=0x6) returned 0x8a01c2
[0241.628] SaveDC (hdc=0x280107f8) returned 1
[0241.628] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x42040807
[0241.628] GetClipRgn (hdc=0x280107f8, hrgn=0x42040807) returned 0
[0241.628] SelectClipRgn (hdc=0x280107f8, hrgn=0xd70407de) returned 2
[0241.628] DeleteObject (ho=0x42040807) returned 1
[0241.628] DeleteObject (ho=0xd70407de) returned 1
[0241.628] OffsetViewportOrgEx (in: hdc=0x280107f8, x=0, y=0, lppt=0x2e41138 | out: lppt=0x2e41138) returned 1
[0241.628] IsAppThemed () returned 0x1
[0241.628] GetThemeAppProperties () returned 0x3
[0241.628] GetThemeAppProperties () returned 0x3
[0241.628] GetThemeBackgroundContentRect () returned 0x0
[0241.628] RestoreDC (hdc=0x280107f8, nSavedDC=-1) returned 1
[0241.628] GdipReleaseDC (graphics=0x6600030, hdc=0x280107f8) returned 0x0
[0241.628] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0241.628] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0241.628] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0241.629] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0241.629] IsAppThemed () returned 0x1
[0241.629] GetThemeAppProperties () returned 0x3
[0241.629] GetThemeAppProperties () returned 0x3
[0241.629] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0241.629] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0241.629] GetCurrentObject (hdc=0x280107f8, type=0x1) returned 0xb00017
[0241.629] GetCurrentObject (hdc=0x280107f8, type=0x2) returned 0x900010
[0241.629] GetCurrentObject (hdc=0x280107f8, type=0x7) returned 0x4a0507fe
[0241.629] GetCurrentObject (hdc=0x280107f8, type=0x6) returned 0x8a01c2
[0241.629] SaveDC (hdc=0x280107f8) returned 1
[0241.629] GetTextAlign (hdc=0x280107f8) returned 0x0
[0241.629] GetTextColor (hdc=0x280107f8) returned 0x0
[0241.629] GetCurrentObject (hdc=0x280107f8, type=0x6) returned 0x8a01c2
[0241.629] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0241.630] SelectObject (hdc=0x280107f8, h=0x6d0a0520) returned 0x8a01c2
[0241.630] GetBkMode (hdc=0x280107f8) returned 2
[0241.630] SetBkMode (hdc=0x280107f8, mode=1) returned 2
[0241.630] DrawTextExW (in: hdc=0x280107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e414fc | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0241.630] DrawTextExW (in: hdc=0x280107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e414fc | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0241.631] RestoreDC (hdc=0x280107f8, nSavedDC=-1) returned 1
[0241.631] GdipReleaseDC (graphics=0x6600030, hdc=0x280107f8) returned 0x0
[0241.631] GetFocus () returned 0x602c4
[0241.631] IsAppThemed () returned 0x1
[0241.631] GetThemeAppProperties () returned 0x3
[0241.631] GetThemeAppProperties () returned 0x3
[0241.631] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0241.631] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x280107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0241.632] GdipReleaseDC (graphics=0x6600030, hdc=0x280107f8) returned 0x0
[0241.632] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0241.632] SelectObject (hdc=0x280107f8, h=0x85000f) returned 0x4a0507fe
[0241.632] DeleteDC (hdc=0x280107f8) returned 1
[0241.632] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0241.632] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0241.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0241.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0241.632] WaitMessage () returned 1
[0241.714] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.714] IsWindowUnicode (hWnd=0x602c4) returned 1
[0241.714] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.714] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0241.714] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0241.714] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.714] IsWindowUnicode (hWnd=0x602c4) returned 1
[0241.714] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.714] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0241.714] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0241.714] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x80018) returned 0x0
[0241.714] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0241.714] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0241.714] WaitMessage () returned 1
[0241.867] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f3) returned 0x1
[0241.868] IsWindowUnicode (hWnd=0x602c4) returned 1
[0241.868] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f3) returned 0x1
[0241.868] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0241.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19a0035) returned 0x0
[0241.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0241.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0241.868] SetCursor (hCursor=0x10003) returned 0x10003
[0241.868] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0241.869] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0241.869] GetKeyState (nVirtKey=1) returned -128
[0241.869] GetKeyState (nVirtKey=2) returned 0
[0241.869] GetKeyState (nVirtKey=4) returned 0
[0241.869] GetKeyState (nVirtKey=5) returned 0
[0241.869] GetKeyState (nVirtKey=6) returned 0
[0241.869] IsWindowVisible (hWnd=0x602c4) returned 1
[0241.869] IsWindowEnabled (hWnd=0x602c4) returned 1
[0241.869] SetFocus (hWnd=0x602c4) returned 0x602c4
[0241.869] GetFocus () returned 0x602c4
[0241.869] GetFocus () returned 0x602c4
[0241.869] GetFocus () returned 0x602c4
[0241.869] GetKeyState (nVirtKey=1) returned -128
[0241.869] GetKeyState (nVirtKey=2) returned 0
[0241.869] GetKeyState (nVirtKey=4) returned 0
[0241.869] GetKeyState (nVirtKey=5) returned 0
[0241.869] GetKeyState (nVirtKey=6) returned 0
[0241.869] GetCapture () returned 0x0
[0241.869] SetCapture (hWnd=0x602c4) returned 0x0
[0241.869] GetKeyState (nVirtKey=1) returned -128
[0241.869] GetKeyState (nVirtKey=2) returned 0
[0241.869] GetKeyState (nVirtKey=4) returned 0
[0241.869] GetKeyState (nVirtKey=5) returned 0
[0241.869] GetKeyState (nVirtKey=6) returned 0
[0241.869] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0241.869] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0241.869] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.870] IsWindowUnicode (hWnd=0x602c4) returned 1
[0241.870] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0241.870] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0241.870] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0241.870] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e41680, cPoints=0x1 | out: lpPoints=0x2e41680) returned 40304859
[0241.870] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0241.870] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0241.870] UpdateWindow (hWnd=0x602c4) returned 1
[0241.870] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0241.870] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0241.870] CreateCompatibleDC (hdc=0xc0107c5) returned 0x290107f8
[0241.870] SelectObject (hdc=0x290107f8, h=0x4a0507fe) returned 0x85000f
[0241.870] GdipCreateFromHDC (hdc=0x290107f8, graphics=0xd7e430) returned 0x0
[0241.871] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0241.871] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0241.871] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0241.871] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0241.871] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e490) returned 0x0
[0241.871] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0241.871] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0241.871] LocalFree (hMem=0x11ee868) returned 0x0
[0241.871] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0241.871] GdipCreateRegion (region=0xd7e478) returned 0x0
[0241.871] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0241.871] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e484) returned 0x0
[0241.871] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0241.871] GdipRestoreGraphics (graphics=0x6600030, state=0xf8b80dbd) returned 0x0
[0241.871] GdipDeleteRegion (region=0x6646178) returned 0x0
[0241.871] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0241.871] GetCurrentObject (hdc=0x290107f8, type=0x1) returned 0xb00017
[0241.872] GetCurrentObject (hdc=0x290107f8, type=0x2) returned 0x900010
[0241.872] GetCurrentObject (hdc=0x290107f8, type=0x7) returned 0x4a0507fe
[0241.872] GetCurrentObject (hdc=0x290107f8, type=0x6) returned 0x8a01c2
[0241.872] SaveDC (hdc=0x290107f8) returned 1
[0241.872] GetNearestColor (hdc=0x290107f8, color=0xff) returned 0xff
[0241.872] GetNearestColor (hdc=0x290107f8, color=0x55) returned 0x55
[0241.872] GetNearestColor (hdc=0x290107f8, color=0x0) returned 0x0
[0241.872] GetNearestColor (hdc=0x290107f8, color=0x55) returned 0x55
[0241.872] GetNearestColor (hdc=0x290107f8, color=0x0) returned 0x0
[0241.872] GetNearestColor (hdc=0x290107f8, color=0x8080ff) returned 0x8080ff
[0241.872] GetNearestColor (hdc=0x290107f8, color=0x7373e5) returned 0x7373e5
[0241.872] GetNearestColor (hdc=0x290107f8, color=0xe5) returned 0xe5
[0241.872] GetNearestColor (hdc=0x290107f8, color=0x0) returned 0x0
[0241.873] RestoreDC (hdc=0x290107f8, nSavedDC=-1) returned 1
[0241.873] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f8) returned 0x0
[0241.873] IsAppThemed () returned 0x1
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] IsAppThemed () returned 0x1
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e41d9c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0241.873] IsAppThemed () returned 0x1
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] IsAppThemed () returned 0x1
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] GetThemeAppProperties () returned 0x3
[0241.873] IsAppThemed () returned 0x1
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] IsAppThemed () returned 0x1
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] IsThemePartDefined () returned 0x1
[0241.874] IsAppThemed () returned 0x1
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0241.874] IsAppThemed () returned 0x1
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] IsAppThemed () returned 0x1
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] GetThemeAppProperties () returned 0x3
[0241.874] IsThemePartDefined () returned 0x1
[0241.874] GdipCreateRegion (region=0xd7e194) returned 0x0
[0241.874] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0241.874] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0241.874] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0241.874] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e1ac) returned 0x0
[0241.874] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0241.874] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0241.874] LocalFree (hMem=0x11ee9f0) returned 0x0
[0241.874] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0241.874] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0241.875] LocalFree (hMem=0x11eec58) returned 0x0
[0241.875] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0241.875] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0241.875] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0241.875] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0241.875] GdipDeleteRegion (region=0x6645248) returned 0x0
[0241.875] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0241.875] GetCurrentObject (hdc=0x290107f8, type=0x1) returned 0xb00017
[0241.875] GetCurrentObject (hdc=0x290107f8, type=0x2) returned 0x900010
[0241.875] GetCurrentObject (hdc=0x290107f8, type=0x7) returned 0x4a0507fe
[0241.875] GetCurrentObject (hdc=0x290107f8, type=0x6) returned 0x8a01c2
[0241.875] SaveDC (hdc=0x290107f8) returned 1
[0241.875] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd80407de
[0241.875] GetClipRgn (hdc=0x290107f8, hrgn=0xd80407de) returned 0
[0241.875] SelectClipRgn (hdc=0x290107f8, hrgn=0x46040807) returned 2
[0241.875] DeleteObject (ho=0xd80407de) returned 1
[0241.875] DeleteObject (ho=0x46040807) returned 1
[0241.875] OffsetViewportOrgEx (in: hdc=0x290107f8, x=0, y=0, lppt=0x2e4244c | out: lppt=0x2e4244c) returned 1
[0241.875] DrawThemeParentBackground () returned 0x0
[0241.876] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0241.876] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0241.876] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.876] GetSystemMetrics (nIndex=42) returned 0
[0241.876] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0241.876] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0241.876] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0241.876] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0241.876] SelectPalette (hdc=0x290107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0241.876] GdipCreateFromHDC (hdc=0x290107f8, graphics=0xd7dc88) returned 0x0
[0241.876] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0241.876] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0241.876] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638db8) returned 0x0
[0241.876] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dc60) returned 0x0
[0241.876] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0241.876] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0241.877] GdipGetClip (graphics=0x6636988, region=0x6645248) returned 0x0
[0241.877] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6636988, result=0xd7dc54) returned 0x0
[0241.877] GdipDeleteRegion (region=0x6645248) returned 0x0
[0241.877] GdipSaveGraphics (graphics=0x6636988, state=0xd7dc80) returned 0x0
[0241.877] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0241.882] GdipFillRectangleI (graphics=0x6636988, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0241.882] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0241.884] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0241.884] SelectPalette (hdc=0x290107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0241.884] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.884] GetSystemMetrics (nIndex=42) returned 0
[0241.884] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0241.884] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0241.884] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0241.884] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0241.884] SelectPalette (hdc=0x290107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0241.884] GdipCreateFromHDC (hdc=0x290107f8, graphics=0xd7dc28) returned 0x0
[0241.884] GdipSetPageUnit (graphics=0x6636988, unit=0x2) returned 0x0
[0241.884] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0241.884] GdipGetWorldTransform (graphics=0x6636988, matrix=0x6638a28) returned 0x0
[0241.885] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0241.885] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0241.885] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0241.885] GdipGetClip (graphics=0x6636988, region=0x6645368) returned 0x0
[0241.885] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6636988, result=0xd7dbf4) returned 0x0
[0241.885] GdipDeleteRegion (region=0x6645368) returned 0x0
[0241.885] GdipSaveGraphics (graphics=0x6636988, state=0xd7dc20) returned 0x0
[0241.885] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0241.891] GdipFillRectangleI (graphics=0x6636988, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0241.891] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0241.892] GdipRestoreGraphics (graphics=0x6636988, state=0xf8b40dbd) returned 0x0
[0241.892] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.893] GetSystemMetrics (nIndex=42) returned 0
[0241.893] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0241.893] GdipDeleteGraphics (graphics=0x6636988) returned 0x0
[0241.893] SelectPalette (hdc=0x290107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0241.893] RestoreDC (hdc=0x290107f8, nSavedDC=-1) returned 1
[0241.893] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f8) returned 0x0
[0241.893] IsAppThemed () returned 0x1
[0241.893] GetThemeAppProperties () returned 0x3
[0241.893] GetThemeAppProperties () returned 0x3
[0241.893] IsAppThemed () returned 0x1
[0241.893] GetThemeAppProperties () returned 0x3
[0241.893] GetThemeAppProperties () returned 0x3
[0241.893] IsThemePartDefined () returned 0x1
[0241.893] GdipCreateRegion (region=0xd7e118) returned 0x0
[0241.893] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0241.893] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0241.894] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0241.894] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e130) returned 0x0
[0241.894] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0241.894] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0241.894] LocalFree (hMem=0x11ee8d8) returned 0x0
[0241.894] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0241.894] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0241.894] LocalFree (hMem=0x11ee868) returned 0x0
[0241.894] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0241.894] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0241.894] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0241.894] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0241.894] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0241.894] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0241.894] GetCurrentObject (hdc=0x290107f8, type=0x1) returned 0xb00017
[0241.894] GetCurrentObject (hdc=0x290107f8, type=0x2) returned 0x900010
[0241.894] GetCurrentObject (hdc=0x290107f8, type=0x7) returned 0x4a0507fe
[0241.894] GetCurrentObject (hdc=0x290107f8, type=0x6) returned 0x8a01c2
[0241.894] SaveDC (hdc=0x290107f8) returned 1
[0241.894] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x47040807
[0241.894] GetClipRgn (hdc=0x290107f8, hrgn=0x47040807) returned 0
[0241.894] SelectClipRgn (hdc=0x290107f8, hrgn=0xda0407de) returned 2
[0241.895] DeleteObject (ho=0x47040807) returned 1
[0241.895] DeleteObject (ho=0xda0407de) returned 1
[0241.895] OffsetViewportOrgEx (in: hdc=0x290107f8, x=0, y=0, lppt=0x2e48c9c | out: lppt=0x2e48c9c) returned 1
[0241.895] IsAppThemed () returned 0x1
[0241.895] GetThemeAppProperties () returned 0x3
[0241.895] GetThemeAppProperties () returned 0x3
[0241.895] DrawThemeBackground () returned 0x0
[0241.895] RestoreDC (hdc=0x290107f8, nSavedDC=-1) returned 1
[0241.895] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f8) returned 0x0
[0241.895] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0241.895] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0241.895] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0241.895] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0241.895] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e134) returned 0x0
[0241.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0241.895] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0241.895] LocalFree (hMem=0x11ee788) returned 0x0
[0241.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0241.895] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0241.895] LocalFree (hMem=0x11eea60) returned 0x0
[0241.895] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0241.896] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0241.896] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0241.896] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0241.896] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0241.896] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0241.896] GetCurrentObject (hdc=0x290107f8, type=0x1) returned 0xb00017
[0241.896] GetCurrentObject (hdc=0x290107f8, type=0x2) returned 0x900010
[0241.896] GetCurrentObject (hdc=0x290107f8, type=0x7) returned 0x4a0507fe
[0241.896] GetCurrentObject (hdc=0x290107f8, type=0x6) returned 0x8a01c2
[0241.896] SaveDC (hdc=0x290107f8) returned 1
[0241.896] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdb0407de
[0241.896] GetClipRgn (hdc=0x290107f8, hrgn=0xdb0407de) returned 0
[0241.896] SelectClipRgn (hdc=0x290107f8, hrgn=0x48040807) returned 2
[0241.896] DeleteObject (ho=0xdb0407de) returned 1
[0241.896] DeleteObject (ho=0x48040807) returned 1
[0241.896] OffsetViewportOrgEx (in: hdc=0x290107f8, x=0, y=0, lppt=0x2e48f70 | out: lppt=0x2e48f70) returned 1
[0241.896] IsAppThemed () returned 0x1
[0241.896] GetThemeAppProperties () returned 0x3
[0241.896] GetThemeAppProperties () returned 0x3
[0241.896] GetThemeBackgroundContentRect () returned 0x0
[0241.896] RestoreDC (hdc=0x290107f8, nSavedDC=-1) returned 1
[0241.897] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f8) returned 0x0
[0241.897] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0241.897] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0241.897] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0241.897] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0241.897] IsAppThemed () returned 0x1
[0241.897] GetThemeAppProperties () returned 0x3
[0241.897] GetThemeAppProperties () returned 0x3
[0241.897] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0241.897] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0241.897] GetCurrentObject (hdc=0x290107f8, type=0x1) returned 0xb00017
[0241.897] GetCurrentObject (hdc=0x290107f8, type=0x2) returned 0x900010
[0241.897] GetCurrentObject (hdc=0x290107f8, type=0x7) returned 0x4a0507fe
[0241.897] GetCurrentObject (hdc=0x290107f8, type=0x6) returned 0x8a01c2
[0241.897] SaveDC (hdc=0x290107f8) returned 1
[0241.897] GetTextAlign (hdc=0x290107f8) returned 0x0
[0241.897] GetTextColor (hdc=0x290107f8) returned 0x0
[0241.897] GetCurrentObject (hdc=0x290107f8, type=0x6) returned 0x8a01c2
[0241.897] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0241.898] SelectObject (hdc=0x290107f8, h=0x6d0a0520) returned 0x8a01c2
[0241.898] GetBkMode (hdc=0x290107f8) returned 2
[0241.898] SetBkMode (hdc=0x290107f8, mode=1) returned 2
[0241.898] DrawTextExW (in: hdc=0x290107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e49334 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0241.898] DrawTextExW (in: hdc=0x290107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e49334 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0241.898] RestoreDC (hdc=0x290107f8, nSavedDC=-1) returned 1
[0241.898] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f8) returned 0x0
[0241.898] GetFocus () returned 0x602c4
[0241.898] IsAppThemed () returned 0x1
[0241.899] GetThemeAppProperties () returned 0x3
[0241.899] GetThemeAppProperties () returned 0x3
[0241.899] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0241.899] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x290107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0241.899] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f8) returned 0x0
[0241.899] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0241.899] SelectObject (hdc=0x290107f8, h=0x85000f) returned 0x4a0507fe
[0241.899] DeleteDC (hdc=0x290107f8) returned 1
[0241.899] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0241.899] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0241.900] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e49430, cPoints=0x1 | out: lpPoints=0x2e49430) returned 40304859
[0241.900] WindowFromPoint (Point=0xf3) returned 0x602c4
[0241.900] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f3) returned 0x1
[0241.900] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0241.900] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0241.900] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0241.900] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0241.900] GetSystemMetrics (nIndex=42) returned 0
[0241.900] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0241.900] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0241.902] GetCapture () returned 0x602c4
[0241.902] ReleaseCapture () returned 1
[0241.902] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0241.902] GetProcessWindowStation () returned 0x13c
[0241.902] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.903] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0241.903] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.903] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0241.903] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.904] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0241.904] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.904] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0241.904] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.904] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0241.905] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.905] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0241.905] GetDC (hWnd=0x0) returned 0x60100ce
[0241.905] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0241.905] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0241.905] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0241.905] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0241.905] GetSystemMetrics (nIndex=5) returned 1
[0241.905] GetSystemMetrics (nIndex=6) returned 1
[0241.906] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.906] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0241.906] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.906] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0241.909] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0241.909] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0241.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.909] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0241.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.909] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0241.910] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e4ee4c | out: lpData=0x2e4ee4c) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4f25c, puLen=0xd7e810) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4ef04, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4ef58, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4efd8, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f040, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f080, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f108, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f144, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f19c, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f1cc, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f208, puLen=0xd7e790) returned 1
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4f25c, puLen=0xd7e784) returned 1
[0241.911] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.911] VerQueryValueW (in: pBlock=0x2e4ee4c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4ee74, puLen=0xd7e794) returned 1
[0241.912] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0241.912] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0241.912] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.912] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0241.912] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.912] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0241.913] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e50dbc | out: lpData=0x2e50dbc) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e50e58, puLen=0xd7e810) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50ed0, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50f00, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50f3c, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50f6c, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50fb4, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5102c, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51070, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e510b0, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50eae, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50ffc, puLen=0xd7e790) returned 1
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e50e58, puLen=0xd7e784) returned 1
[0241.913] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0241.913] VerQueryValueW (in: pBlock=0x2e50dbc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e50de4, puLen=0xd7e794) returned 1
[0241.914] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0241.914] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0241.914] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.914] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0241.914] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.914] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0241.915] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e53094 | out: lpData=0x2e53094) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e534a8, puLen=0xd7e810) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5314c, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e531a0, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e531fc, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5325c, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e532b4, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5333c, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e53390, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e533e8, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e53418, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e53454, puLen=0xd7e790) returned 1
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e534a8, puLen=0xd7e784) returned 1
[0241.916] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.916] VerQueryValueW (in: pBlock=0x2e53094, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e530bc, puLen=0xd7e794) returned 1
[0241.917] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0241.917] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0241.917] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.917] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0241.917] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.917] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0241.918] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e556cc | out: lpData=0x2e556cc) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e55acc, puLen=0xd7e810) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55784, puLen=0xd7e790) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e557d8, puLen=0xd7e790) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55818, puLen=0xd7e790) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55880, puLen=0xd7e790) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e558d8, puLen=0xd7e790) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55960, puLen=0xd7e790) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e559b4, puLen=0xd7e790) returned 1
[0241.919] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55a0c, puLen=0xd7e790) returned 1
[0241.921] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55a3c, puLen=0xd7e790) returned 1
[0241.921] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.921] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e55a78, puLen=0xd7e790) returned 1
[0241.921] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.921] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e55acc, puLen=0xd7e784) returned 1
[0241.921] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.921] VerQueryValueW (in: pBlock=0x2e556cc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e556f4, puLen=0xd7e794) returned 1
[0241.922] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0241.922] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0241.922] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.922] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0241.922] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.923] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0241.923] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e57e08 | out: lpData=0x2e57e08) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e581d0, puLen=0xd7e810) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57ec0, puLen=0xd7e790) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57f14, puLen=0xd7e790) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57f54, puLen=0xd7e790) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57fbc, puLen=0xd7e790) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57ff8, puLen=0xd7e790) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58080, puLen=0xd7e790) returned 1
[0241.924] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e580b8, puLen=0xd7e790) returned 1
[0241.925] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58110, puLen=0xd7e790) returned 1
[0241.925] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e58140, puLen=0xd7e790) returned 1
[0241.925] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.925] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5817c, puLen=0xd7e790) returned 1
[0241.925] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.925] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e581d0, puLen=0xd7e784) returned 1
[0241.925] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.925] VerQueryValueW (in: pBlock=0x2e57e08, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e57e30, puLen=0xd7e794) returned 1
[0241.926] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0241.926] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0241.926] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.926] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0241.926] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.926] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0241.927] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e5b470 | out: lpData=0x2e5b470) returned 1
[0241.927] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e5b850, puLen=0xd7e810) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b528, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b57c, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b5bc, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b61c, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b668, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b6f0, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b738, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b790, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b7c0, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5b7fc, puLen=0xd7e790) returned 1
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e5b850, puLen=0xd7e784) returned 1
[0241.928] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.928] VerQueryValueW (in: pBlock=0x2e5b470, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e5b498, puLen=0xd7e794) returned 1
[0241.929] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0241.929] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0241.929] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.929] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0241.930] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.930] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0241.930] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e5dc90 | out: lpData=0x2e5dc90) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e5e09c, puLen=0xd7e810) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5dd48, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5dd9c, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5ddf0, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5de50, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5dea8, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5df30, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5df84, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5dfdc, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5e00c, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5e048, puLen=0xd7e790) returned 1
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e5e09c, puLen=0xd7e784) returned 1
[0241.931] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.931] VerQueryValueW (in: pBlock=0x2e5dc90, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e5dcb8, puLen=0xd7e794) returned 1
[0241.932] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0241.932] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0241.932] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.932] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0241.932] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.932] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0241.933] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e604a4 | out: lpData=0x2e604a4) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e6087c, puLen=0xd7e810) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6055c, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e605b0, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e605f0, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e60658, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6069c, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e60724, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e60764, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e607bc, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e607ec, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e60828, puLen=0xd7e790) returned 1
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e6087c, puLen=0xd7e784) returned 1
[0241.934] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.934] VerQueryValueW (in: pBlock=0x2e604a4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e604cc, puLen=0xd7e794) returned 1
[0241.937] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0241.937] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0241.937] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.937] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0241.937] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.938] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0241.938] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e629fc | out: lpData=0x2e629fc) returned 1
[0241.939] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e62dd4, puLen=0xd7e810) returned 1
[0241.939] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62ab4, puLen=0xd7e790) returned 1
[0241.939] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62b08, puLen=0xd7e790) returned 1
[0241.939] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62b48, puLen=0xd7e790) returned 1
[0241.939] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62bb0, puLen=0xd7e790) returned 1
[0241.939] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62bf4, puLen=0xd7e790) returned 1
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62c7c, puLen=0xd7e790) returned 1
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62cbc, puLen=0xd7e790) returned 1
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62d14, puLen=0xd7e790) returned 1
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62d44, puLen=0xd7e790) returned 1
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e62d80, puLen=0xd7e790) returned 1
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e62dd4, puLen=0xd7e784) returned 1
[0241.940] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.940] VerQueryValueW (in: pBlock=0x2e629fc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e62a24, puLen=0xd7e794) returned 1
[0241.941] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0241.941] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0241.941] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0241.941] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0241.941] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0241.941] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0241.942] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e65134 | out: lpData=0x2e65134) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e65564, puLen=0xd7e810) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e651ec, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e65240, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e652b0, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e65310, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6536c, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e653f4, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6544c, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e654a4, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e654d4, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e65510, puLen=0xd7e790) returned 1
[0241.942] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0241.943] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e65564, puLen=0xd7e784) returned 1
[0241.943] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0241.943] VerQueryValueW (in: pBlock=0x2e65134, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e6515c, puLen=0xd7e794) returned 1
[0241.943] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0241.943] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.943] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0241.944] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.944] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0241.944] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1702ce
[0241.945] SetWindowLongW (hWnd=0x1702ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0241.945] GetWindowLongW (hWnd=0x1702ce, nIndex=-4) returned 1950089536
[0241.945] SetWindowLongW (hWnd=0x1702ce, nIndex=-4, dwNewLong=19949134) returned 1950089536
[0241.945] GetWindowLongW (hWnd=0x1702ce, nIndex=-4) returned 19949134
[0241.945] GetWindowLongW (hWnd=0x1702ce, nIndex=-16) returned 113311744
[0241.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0241.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0241.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0241.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0241.946] GetClientRect (in: hWnd=0x1702ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0241.946] GetWindowRect (in: hWnd=0x1702ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0241.946] SetWindowTextW (hWnd=0x1702ce, lpString="WindowsFormsParkingWindow") returned 1
[0241.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0xc, wParam=0x0, lParam=0x2e2a708) returned 0x1
[0241.947] GetParent (hWnd=0x1702ce) returned 0x0
[0241.947] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0241.947] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1702ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2102de
[0241.947] SetWindowLongW (hWnd=0x2102de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0241.948] GetWindowLongW (hWnd=0x2102de, nIndex=-4) returned 1868147648
[0241.948] SetWindowLongW (hWnd=0x2102de, nIndex=-4, dwNewLong=19949414) returned 1868147648
[0241.948] GetWindowLongW (hWnd=0x2102de, nIndex=-4) returned 19949414
[0241.948] GetWindowLongW (hWnd=0x2102de, nIndex=-16) returned 1174405133
[0241.948] GetWindowLongW (hWnd=0x2102de, nIndex=-12) returned 0
[0241.948] SetWindowLongW (hWnd=0x2102de, nIndex=-12, dwNewLong=2163422) returned 0
[0241.948] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0241.949] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0241.949] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0241.950] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0241.950] GetWindowRect (in: hWnd=0x2102de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0241.950] GetParent (hWnd=0x2102de) returned 0x1702ce
[0241.950] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702ce, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0241.950] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0241.951] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0241.951] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0241.951] GetWindowRect (in: hWnd=0x2102de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0241.951] GetParent (hWnd=0x2102de) returned 0x1702ce
[0241.951] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702ce, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0241.951] SendMessageW (hWnd=0x2102de, Msg=0x2210, wParam=0x2de0001, lParam=0x2102de) returned 0x0
[0241.951] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x2210, wParam=0x2de0001, lParam=0x2102de) returned 0x0
[0241.951] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0241.951] GetParent (hWnd=0x2102de) returned 0x1702ce
[0241.951] GdipCreateFromHWND (hwnd=0x2102de, graphics=0xd7e844) returned 0x0
[0241.952] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0241.952] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0241.952] GetForegroundWindow () returned 0x7005c
[0241.952] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.952] GetSystemMetrics (nIndex=42) returned 0
[0241.952] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0241.952] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0241.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.952] GetSystemMetrics (nIndex=42) returned 0
[0241.952] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0241.953] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.953] GetCursorPos (in: lpPoint=0x2e695b8 | out: lpPoint=0x2e695b8*(x=243, y=623)) returned 1
[0241.953] MonitorFromPoint (pt=0xf3, dwFlags=0x26f) returned 0x10001
[0241.953] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0241.953] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2c0107f8
[0241.954] GetDeviceCaps (hdc=0x2c0107f8, index=12) returned 32
[0241.954] GetDeviceCaps (hdc=0x2c0107f8, index=14) returned 1
[0241.954] DeleteDC (hdc=0x2c0107f8) returned 1
[0241.954] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0241.954] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0241.954] GetSystemMetrics (nIndex=59) returned 1460
[0241.954] GetSystemMetrics (nIndex=60) returned 920
[0241.954] GetSystemMetrics (nIndex=34) returned 136
[0241.954] GetSystemMetrics (nIndex=35) returned 39
[0241.954] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.955] GetCursorPos (in: lpPoint=0x2e69824 | out: lpPoint=0x2e69824*(x=243, y=623)) returned 1
[0241.955] MonitorFromPoint (pt=0xf3, dwFlags=0x26f) returned 0x10001
[0241.955] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0241.955] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2d0107f8
[0241.955] GetDeviceCaps (hdc=0x2d0107f8, index=12) returned 32
[0241.955] GetDeviceCaps (hdc=0x2d0107f8, index=14) returned 1
[0241.955] DeleteDC (hdc=0x2d0107f8) returned 1
[0241.955] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0241.955] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0241.956] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.956] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0241.956] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e69abc | out: piconinfo=0x2e69abc) returned 1
[0241.956] GetObjectW (in: h=0xc80507e0, c=24, pv=0x2e69ad8 | out: pv=0x2e69ad8) returned 24
[0241.956] GdipCreateBitmapFromHBITMAP (hbm=0xc80507e0, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0241.957] GdipGetImageWidth (image=0x6601018, width=0xd7e750) returned 0x0
[0241.957] GdipGetImageHeight (image=0x6601018, height=0xd7e748) returned 0x0
[0241.957] GdipGetImagePixelFormat (image=0x6601018, format=0xd7e740) returned 0x0
[0241.957] GdipBitmapLockBits (bitmap=0x6601018, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e69b90) returned 0x0
[0241.957] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0241.957] GdipBitmapLockBits (bitmap=0x6601360, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e69bc8) returned 0x0
[0241.957] RtlMoveMemory (in: Destination=0x6659f20, Source=0x665fec8, Length=0x80 | out: Destination=0x6659f20)
[0241.957] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x665fe48, Length=0x80 | out: Destination=0x6659fa0)
[0241.957] RtlMoveMemory (in: Destination=0x665a020, Source=0x665fdc8, Length=0x80 | out: Destination=0x665a020)
[0241.957] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x665fd48, Length=0x80 | out: Destination=0x665a0a0)
[0241.957] RtlMoveMemory (in: Destination=0x665a120, Source=0x665fcc8, Length=0x80 | out: Destination=0x665a120)
[0241.957] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x665fc48, Length=0x80 | out: Destination=0x665a1a0)
[0241.957] RtlMoveMemory (in: Destination=0x665a220, Source=0x665fbc8, Length=0x80 | out: Destination=0x665a220)
[0241.957] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x665fb48, Length=0x80 | out: Destination=0x665a2a0)
[0241.957] RtlMoveMemory (in: Destination=0x665a320, Source=0x665fac8, Length=0x80 | out: Destination=0x665a320)
[0241.957] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x665fa48, Length=0x80 | out: Destination=0x665a3a0)
[0241.957] RtlMoveMemory (in: Destination=0x665a420, Source=0x665f9c8, Length=0x80 | out: Destination=0x665a420)
[0241.957] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x665f948, Length=0x80 | out: Destination=0x665a4a0)
[0241.957] RtlMoveMemory (in: Destination=0x665a520, Source=0x665f8c8, Length=0x80 | out: Destination=0x665a520)
[0241.957] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x665f848, Length=0x80 | out: Destination=0x665a5a0)
[0241.957] RtlMoveMemory (in: Destination=0x665a620, Source=0x665f7c8, Length=0x80 | out: Destination=0x665a620)
[0241.958] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x665f748, Length=0x80 | out: Destination=0x665a6a0)
[0241.958] RtlMoveMemory (in: Destination=0x665a720, Source=0x665f6c8, Length=0x80 | out: Destination=0x665a720)
[0241.958] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x665f648, Length=0x80 | out: Destination=0x665a7a0)
[0241.958] RtlMoveMemory (in: Destination=0x665a820, Source=0x665f5c8, Length=0x80 | out: Destination=0x665a820)
[0241.958] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x665f548, Length=0x80 | out: Destination=0x665a8a0)
[0241.958] RtlMoveMemory (in: Destination=0x665a920, Source=0x665f4c8, Length=0x80 | out: Destination=0x665a920)
[0241.958] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x665f448, Length=0x80 | out: Destination=0x665a9a0)
[0241.958] RtlMoveMemory (in: Destination=0x665aa20, Source=0x665f3c8, Length=0x80 | out: Destination=0x665aa20)
[0241.958] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x665f348, Length=0x80 | out: Destination=0x665aaa0)
[0241.958] RtlMoveMemory (in: Destination=0x665ab20, Source=0x665f2c8, Length=0x80 | out: Destination=0x665ab20)
[0241.958] RtlMoveMemory (in: Destination=0x665aba0, Source=0x665f248, Length=0x80 | out: Destination=0x665aba0)
[0241.958] RtlMoveMemory (in: Destination=0x665ac20, Source=0x665f1c8, Length=0x80 | out: Destination=0x665ac20)
[0241.958] RtlMoveMemory (in: Destination=0x665aca0, Source=0x665f148, Length=0x80 | out: Destination=0x665aca0)
[0241.958] RtlMoveMemory (in: Destination=0x665ad20, Source=0x665f0c8, Length=0x80 | out: Destination=0x665ad20)
[0241.958] RtlMoveMemory (in: Destination=0x665ada0, Source=0x665f048, Length=0x80 | out: Destination=0x665ada0)
[0241.958] RtlMoveMemory (in: Destination=0x665ae20, Source=0x665efc8, Length=0x80 | out: Destination=0x665ae20)
[0241.958] RtlMoveMemory (in: Destination=0x665aea0, Source=0x665ef48, Length=0x80 | out: Destination=0x665aea0)
[0241.958] GdipBitmapUnlockBits (bitmap=0x6601018, lockedBitmapData=0x2e69b90) returned 0x0
[0241.958] GdipBitmapUnlockBits (bitmap=0x6601360, lockedBitmapData=0x2e69bc8) returned 0x0
[0241.958] GdipDisposeImage (image=0x6601018) returned 0x0
[0241.958] DeleteObject (ho=0xc80507e0) returned 1
[0241.959] DeleteObject (ho=0x2e0507f8) returned 1
[0241.959] GetCurrentThreadId () returned 0xf50
[0241.959] GetCurrentThreadId () returned 0xf50
[0241.959] SetWindowPos (hWnd=0x2102de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0241.959] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0241.959] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0241.959] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0241.959] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0241.959] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0241.959] GetWindowRect (in: hWnd=0x2102de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0241.960] GetParent (hWnd=0x2102de) returned 0x1702ce
[0241.960] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702ce, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0241.960] InvalidateRect (hWnd=0x2102de, lpRect=0x0, bErase=1) returned 1
[0241.960] GetWindowTextLengthW (hWnd=0x2102de) returned 0
[0241.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0241.960] GetSystemMetrics (nIndex=42) returned 0
[0241.960] GetWindowTextW (in: hWnd=0x2102de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0241.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0241.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0241.960] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0241.960] GetWindowRect (in: hWnd=0x2102de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0241.960] GetParent (hWnd=0x2102de) returned 0x1702ce
[0241.960] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1702ce, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0241.960] GetWindowTextLengthW (hWnd=0x2102de) returned 0
[0241.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0241.960] GetSystemMetrics (nIndex=42) returned 0
[0241.960] GetWindowTextW (in: hWnd=0x2102de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0241.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0241.960] GetWindowTextLengthW (hWnd=0x2102de) returned 0
[0241.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0241.960] GetSystemMetrics (nIndex=42) returned 0
[0241.960] GetWindowTextW (in: hWnd=0x2102de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0241.960] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0241.961] SetWindowTextW (hWnd=0x2102de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0241.961] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xc, wParam=0x0, lParam=0x2e4aa24) returned 0x1
[0241.961] InvalidateRect (hWnd=0x2102de, lpRect=0x0, bErase=1) returned 1
[0241.961] GetCurrentThreadId () returned 0xf50
[0241.961] GetWindowThreadProcessId (in: hWnd=0x2102de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0241.961] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0241.962] GdipImageForceValidation (image=0x6603ac0) returned 0x0
[0241.963] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0241.963] GdipGetImageHeight (image=0x6603ac0, height=0xd7e824) returned 0x0
[0241.964] GdipGetImageWidth (image=0x6603ac0, width=0xd7e824) returned 0x0
[0241.964] GdipGetImageWidth (image=0x6603ac0, width=0xd7e810) returned 0x0
[0241.964] GdipGetImageHeight (image=0x6603ac0, height=0xd7e810) returned 0x0
[0241.964] GdipGetImageWidth (image=0x6603ac0, width=0xd7e800) returned 0x0
[0241.964] GdipGetImageHeight (image=0x6603ac0, height=0xd7e800) returned 0x0
[0241.964] GdipBitmapGetPixel (bitmap=0x6603ac0, x=0, y=15, color=0xd7e810) returned 0x0
[0241.964] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0241.964] GdipGetImageWidth (image=0x6603ac0, width=0xd7e740) returned 0x0
[0241.964] GdipGetImageHeight (image=0x6603ac0, height=0xd7e740) returned 0x0
[0241.964] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0241.964] GdipGetImagePixelFormat (image=0x6601d38, format=0xd7e740) returned 0x0
[0241.964] GdipGetImageGraphicsContext (image=0x6601d38, graphics=0xd7e74c) returned 0x0
[0241.964] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0241.964] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0241.964] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0241.964] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603ac0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0241.965] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0241.965] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0241.965] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0241.965] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0241.967] GdipImageForceValidation (image=0x6601018) returned 0x0
[0241.968] GdipGetImageRawFormat (image=0x6601018, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0241.968] GdipGetImageHeight (image=0x6601018, height=0xd7e824) returned 0x0
[0241.968] GdipGetImageWidth (image=0x6601018, width=0xd7e824) returned 0x0
[0241.968] GdipGetImageWidth (image=0x6601018, width=0xd7e810) returned 0x0
[0241.968] GdipGetImageHeight (image=0x6601018, height=0xd7e810) returned 0x0
[0241.968] GdipGetImageWidth (image=0x6601018, width=0xd7e800) returned 0x0
[0241.968] GdipGetImageHeight (image=0x6601018, height=0xd7e800) returned 0x0
[0241.968] GdipBitmapGetPixel (bitmap=0x6601018, x=0, y=15, color=0xd7e810) returned 0x0
[0241.968] GdipGetImageRawFormat (image=0x6601018, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0241.968] GdipGetImageWidth (image=0x6601018, width=0xd7e740) returned 0x0
[0241.968] GdipGetImageHeight (image=0x6601018, height=0xd7e740) returned 0x0
[0241.968] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0241.968] GdipGetImagePixelFormat (image=0x6603ac0, format=0xd7e740) returned 0x0
[0241.969] GdipGetImageGraphicsContext (image=0x6603ac0, graphics=0xd7e74c) returned 0x0
[0241.969] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0241.969] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0241.969] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0241.969] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601018, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0241.969] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0241.969] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0241.969] GdipDisposeImage (image=0x6601018) returned 0x0
[0241.969] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.970] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0241.970] GetCurrentThreadId () returned 0xf50
[0241.970] GetCurrentThreadId () returned 0xf50
[0241.970] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.970] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0241.970] GetCurrentThreadId () returned 0xf50
[0241.970] GetCurrentThreadId () returned 0xf50
[0241.970] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.970] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0241.970] GetCurrentThreadId () returned 0xf50
[0241.970] GetCurrentThreadId () returned 0xf50
[0241.970] GetSystemMetrics (nIndex=5) returned 1
[0241.970] GetSystemMetrics (nIndex=6) returned 1
[0241.971] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.971] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0241.971] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.971] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0241.971] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.971] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0241.971] GetCurrentThreadId () returned 0xf50
[0241.971] GetCurrentThreadId () returned 0xf50
[0241.972] GetProcessWindowStation () returned 0x13c
[0241.972] GetCapture () returned 0x0
[0241.972] GetActiveWindow () returned 0x7005c
[0241.972] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0241.972] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.972] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0241.972] GetCursorPos (in: lpPoint=0x2e6ad08 | out: lpPoint=0x2e6ad08*(x=243, y=623)) returned 1
[0241.972] MonitorFromPoint (pt=0xf3, dwFlags=0x26f) returned 0x10001
[0241.973] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0241.973] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2f0107f8
[0241.973] GetDeviceCaps (hdc=0x2f0107f8, index=12) returned 32
[0241.973] GetDeviceCaps (hdc=0x2f0107f8, index=14) returned 1
[0241.973] DeleteDC (hdc=0x2f0107f8) returned 1
[0241.973] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0241.973] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0241.973] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b02c8
[0241.974] SetWindowLongW (hWnd=0x1b02c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0241.974] GetWindowLongW (hWnd=0x1b02c8, nIndex=-4) returned 1950089536
[0241.974] SetWindowLongW (hWnd=0x1b02c8, nIndex=-4, dwNewLong=19949494) returned 1950089536
[0241.975] GetWindowLongW (hWnd=0x1b02c8, nIndex=-4) returned 19949494
[0241.975] GetWindowLongW (hWnd=0x1b02c8, nIndex=-16) returned 113770496
[0241.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0241.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0241.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0241.977] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0241.977] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0241.977] SetWindowTextW (hWnd=0x1b02c8, lpString="BB ransomware") returned 1
[0241.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xc, wParam=0x0, lParam=0x2e694a4) returned 0x1
[0241.978] GetStartupInfoW (in: lpStartupInfo=0x2e6b044 | out: lpStartupInfo=0x2e6b044*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0241.979] GetParent (hWnd=0x1b02c8) returned 0x0
[0241.979] SetWindowLongW (hWnd=0x1b02c8, nIndex=-8, dwNewLong=0) returned 0
[0241.980] SendMessageW (hWnd=0x1b02c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0241.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0241.980] SendMessageW (hWnd=0x1b02c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0241.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0241.980] GetSystemMenu (hWnd=0x1b02c8, bRevert=0) returned 0x170111
[0241.981] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0241.981] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0241.981] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0241.981] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0241.981] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0241.981] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0241.981] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0241.981] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0241.981] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0241.982] SetWindowPos (hWnd=0x1b02c8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0241.982] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0241.982] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1b02c8) returned 0x1
[0241.984] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0241.984] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0241.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0241.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0241.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0241.987] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1b02c8, lParam=0x0) returned 0x0
[0241.987] GetCapture () returned 0x0
[0241.987] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0241.988] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0241.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0241.990] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0241.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0241.990] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0241.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0241.991] GetParent (hWnd=0x1b02c8) returned 0x0
[0241.991] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0241.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0241.993] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0241.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0241.993] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0241.993] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0241.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0241.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0241.994] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0241.995] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0241.995] GetWindowLongW (hWnd=0x1b02c8, nIndex=-16) returned 113770496
[0241.995] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0241.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.996] GetSystemMetrics (nIndex=42) returned 0
[0241.996] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0241.996] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0241.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0241.996] GetSystemMetrics (nIndex=42) returned 0
[0241.996] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0241.996] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0241.996] GetCursorPos (in: lpPoint=0x2e6b280 | out: lpPoint=0x2e6b280*(x=243, y=623)) returned 1
[0241.996] MonitorFromPoint (pt=0xf6, dwFlags=0x26e) returned 0x10001
[0241.996] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0241.996] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xca0107e8
[0241.996] GetDeviceCaps (hdc=0xca0107e8, index=12) returned 32
[0241.997] GetDeviceCaps (hdc=0xca0107e8, index=14) returned 1
[0241.997] DeleteDC (hdc=0xca0107e8) returned 1
[0241.997] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0242.000] GetWindowLongW (hWnd=0x1b02c8, nIndex=-16) returned 113770496
[0242.000] GetWindowLongW (hWnd=0x1b02c8, nIndex=-20) returned 327945
[0242.000] SetWindowLongW (hWnd=0x1b02c8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0242.000] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0242.000] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0242.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.002] SetWindowLongW (hWnd=0x1b02c8, nIndex=-20, dwNewLong=327681) returned 327945
[0242.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0242.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0242.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.004] SetWindowPos (hWnd=0x1b02c8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0242.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0242.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0242.004] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0242.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0242.004] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0242.004] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0242.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.006] RedrawWindow (hWnd=0x1b02c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0242.006] GetSystemMenu (hWnd=0x1b02c8, bRevert=0) returned 0x170111
[0242.006] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0242.006] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0242.006] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0242.006] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0242.006] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0242.006] EnableMenuItem (hMenu=0x170111, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0242.006] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0242.006] GetWindowLongW (hWnd=0x1b02c8, nIndex=-8) returned 0
[0242.006] SetWindowLongW (hWnd=0x1b02c8, nIndex=-8, dwNewLong=458844) returned 0
[0242.007] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0242.007] GetProcessWindowStation () returned 0x13c
[0242.007] GetCurrentThreadId () returned 0xf50
[0242.008] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306676, lParam=0x0) returned 1
[0242.008] IsWindowVisible (hWnd=0x1b02c8) returned 0
[0242.008] IsWindowVisible (hWnd=0x7005c) returned 1
[0242.008] IsWindowEnabled (hWnd=0x7005c) returned 1
[0242.008] IsWindowVisible (hWnd=0x300ec) returned 0
[0242.008] IsWindowVisible (hWnd=0x502c6) returned 0
[0242.008] IsWindowVisible (hWnd=0x502be) returned 0
[0242.008] GetActiveWindow () returned 0x1b02c8
[0242.008] GetFocus () returned 0x1b02c8
[0242.008] IsWindow (hWnd=0x7005c) returned 1
[0242.008] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0242.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0242.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0242.009] GetWindowLongW (hWnd=0x1b02c8, nIndex=-8) returned 458844
[0242.009] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0242.009] GetCurrentThreadId () returned 0xf50
[0242.009] GetWindowLongW (hWnd=0x1b02c8, nIndex=-8) returned 458844
[0242.009] IsWindowEnabled (hWnd=0x7005c) returned 0
[0242.009] IsWindowEnabled (hWnd=0x1b02c8) returned 1
[0242.009] ShowWindow (hWnd=0x1b02c8, nCmdShow=5) returned 0
[0242.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0242.009] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0242.010] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0242.010] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0242.010] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1b02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1602d0
[0242.010] SetWindowLongW (hWnd=0x1602d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0242.010] GetWindowLongW (hWnd=0x1602d0, nIndex=-4) returned 1950089536
[0242.011] SetWindowLongW (hWnd=0x1602d0, nIndex=-4, dwNewLong=19949214) returned 1950089536
[0242.011] GetWindowLongW (hWnd=0x1602d0, nIndex=-4) returned 19949214
[0242.011] GetWindowLongW (hWnd=0x1602d0, nIndex=-16) returned 1174405120
[0242.011] GetWindowLongW (hWnd=0x1602d0, nIndex=-12) returned 0
[0242.011] SetWindowLongW (hWnd=0x1602d0, nIndex=-12, dwNewLong=1442512) returned 0
[0242.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0242.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0242.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0242.011] GetWindow (hWnd=0x1602d0, uCmd=0x3) returned 0x0
[0242.011] GetClientRect (in: hWnd=0x1602d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0242.011] GetWindowRect (in: hWnd=0x1602d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0242.012] GetParent (hWnd=0x1602d0) returned 0x1b02c8
[0242.012] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0242.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0242.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0242.012] GetClientRect (in: hWnd=0x1602d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0242.012] GetWindowRect (in: hWnd=0x1602d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0242.012] GetParent (hWnd=0x1602d0) returned 0x1b02c8
[0242.020] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0242.020] SendMessageW (hWnd=0x1602d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1602d0) returned 0x0
[0242.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1602d0) returned 0x0
[0242.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0242.020] GetParent (hWnd=0x1602d0) returned 0x1b02c8
[0242.020] GetParent (hWnd=0x2102de) returned 0x1702ce
[0242.020] SetParent (hWndChild=0x2102de, hWndNewParent=0x1b02c8) returned 0x1702ce
[0242.020] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0242.021] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0242.022] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0242.022] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0242.022] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0242.022] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0242.022] GetWindowRect (in: hWnd=0x2102de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0242.022] GetParent (hWnd=0x2102de) returned 0x1b02c8
[0242.022] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0242.022] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0242.022] GetWindowRect (in: hWnd=0x2102de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0242.022] GetParent (hWnd=0x2102de) returned 0x1b02c8
[0242.022] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0242.022] GetParent (hWnd=0x2102de) returned 0x1b02c8
[0242.023] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0242.023] GetWindow (hWnd=0x2102de, uCmd=0x3) returned 0x0
[0242.023] SetWindowPos (hWnd=0x2102de, hWndInsertAfter=0x1602d0, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0242.023] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0242.024] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0242.024] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0242.024] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0242.024] GetWindowRect (in: hWnd=0x2102de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0242.024] GetParent (hWnd=0x2102de) returned 0x1b02c8
[0242.024] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0242.024] GetParent (hWnd=0x2102de) returned 0x1b02c8
[0242.024] GetWindow (hWnd=0x2102de, uCmd=0x3) returned 0x1602d0
[0242.024] GetWindowThreadProcessId (in: hWnd=0x2102de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0242.024] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0242.025] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0242.025] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0242.025] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2302d8
[0242.026] SetWindowLongW (hWnd=0x2302d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0242.026] GetWindowLongW (hWnd=0x2302d8, nIndex=-4) returned 1868032000
[0242.026] SetWindowLongW (hWnd=0x2302d8, nIndex=-4, dwNewLong=19949014) returned 1868032000
[0242.027] GetWindowLongW (hWnd=0x2302d8, nIndex=-4) returned 19949014
[0242.027] GetWindowLongW (hWnd=0x2302d8, nIndex=-16) returned 1174470667
[0242.027] GetWindowLongW (hWnd=0x2302d8, nIndex=-12) returned 0
[0242.027] SetWindowLongW (hWnd=0x2302d8, nIndex=-12, dwNewLong=2294488) returned 0
[0242.027] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0242.028] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0242.028] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0242.029] SendMessageW (hWnd=0x2302d8, Msg=0x2055, wParam=0x2302d8, lParam=0x3) returned 0x2
[0242.029] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0242.029] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0242.029] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0242.030] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0242.030] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0242.030] RedrawWindow (hWnd=0x1602d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0242.030] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0242.030] RedrawWindow (hWnd=0x2102de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0242.030] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0242.030] RedrawWindow (hWnd=0x2302d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0242.030] RedrawWindow (hWnd=0x1b02c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0242.031] GetWindow (hWnd=0x2302d8, uCmd=0x3) returned 0x2102de
[0242.031] GetClientRect (in: hWnd=0x2302d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0242.031] GetWindowRect (in: hWnd=0x2302d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0242.031] GetParent (hWnd=0x2302d8) returned 0x1b02c8
[0242.031] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0242.031] SetWindowTextW (hWnd=0x2302d8, lpString="&Details") returned 1
[0242.031] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0242.032] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0242.032] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0242.032] GetClientRect (in: hWnd=0x2302d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0242.032] GetWindowRect (in: hWnd=0x2302d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0242.032] GetParent (hWnd=0x2302d8) returned 0x1b02c8
[0242.032] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0242.032] SendMessageW (hWnd=0x2302d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2302d8) returned 0x0
[0242.032] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2302d8) returned 0x0
[0242.032] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0242.033] GetParent (hWnd=0x2302d8) returned 0x1b02c8
[0242.033] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0242.033] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0242.034] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0242.034] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2102dc
[0242.034] SetWindowLongW (hWnd=0x2102dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0242.035] GetWindowLongW (hWnd=0x2102dc, nIndex=-4) returned 1868032000
[0242.036] SetWindowLongW (hWnd=0x2102dc, nIndex=-4, dwNewLong=19949054) returned 1868032000
[0242.036] GetWindowLongW (hWnd=0x2102dc, nIndex=-4) returned 19949054
[0242.036] GetWindowLongW (hWnd=0x2102dc, nIndex=-16) returned 1174470667
[0242.036] GetWindowLongW (hWnd=0x2102dc, nIndex=-12) returned 0
[0242.036] SetWindowLongW (hWnd=0x2102dc, nIndex=-12, dwNewLong=2163420) returned 0
[0242.036] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0242.037] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0242.037] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0242.038] SendMessageW (hWnd=0x2102dc, Msg=0x2055, wParam=0x2102dc, lParam=0x3) returned 0x2
[0242.038] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0242.038] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0242.038] GetWindow (hWnd=0x2102dc, uCmd=0x3) returned 0x2302d8
[0242.038] GetClientRect (in: hWnd=0x2102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0242.038] GetWindowRect (in: hWnd=0x2102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0242.038] GetParent (hWnd=0x2102dc) returned 0x1b02c8
[0242.038] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0242.039] SetWindowTextW (hWnd=0x2102dc, lpString="&Continue") returned 1
[0242.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0242.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0242.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0242.040] GetClientRect (in: hWnd=0x2102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0242.040] GetWindowRect (in: hWnd=0x2102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0242.040] GetParent (hWnd=0x2102dc) returned 0x1b02c8
[0242.040] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0242.040] SendMessageW (hWnd=0x2102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2102dc) returned 0x0
[0242.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2102dc) returned 0x0
[0242.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0242.040] GetParent (hWnd=0x2102dc) returned 0x1b02c8
[0242.040] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0242.041] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0242.042] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0242.042] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1b02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2102da
[0242.042] SetWindowLongW (hWnd=0x2102da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0242.042] GetWindowLongW (hWnd=0x2102da, nIndex=-4) returned 1868032000
[0242.043] SetWindowLongW (hWnd=0x2102da, nIndex=-4, dwNewLong=19949094) returned 1868032000
[0242.043] GetWindowLongW (hWnd=0x2102da, nIndex=-4) returned 19949094
[0242.043] GetWindowLongW (hWnd=0x2102da, nIndex=-16) returned 1174470667
[0242.043] GetWindowLongW (hWnd=0x2102da, nIndex=-12) returned 0
[0242.043] SetWindowLongW (hWnd=0x2102da, nIndex=-12, dwNewLong=2163418) returned 0
[0242.043] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0242.044] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0242.045] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0242.046] SendMessageW (hWnd=0x2102da, Msg=0x2055, wParam=0x2102da, lParam=0x3) returned 0x2
[0242.046] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0242.046] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0242.046] GetWindow (hWnd=0x2102da, uCmd=0x3) returned 0x2102dc
[0242.046] GetClientRect (in: hWnd=0x2102da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0242.046] GetWindowRect (in: hWnd=0x2102da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0242.046] GetParent (hWnd=0x2102da) returned 0x1b02c8
[0242.046] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0242.046] SetWindowTextW (hWnd=0x2102da, lpString="&Quit") returned 1
[0242.046] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0242.047] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0242.047] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0242.047] GetClientRect (in: hWnd=0x2102da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0242.047] GetWindowRect (in: hWnd=0x2102da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0242.047] GetParent (hWnd=0x2102da) returned 0x1b02c8
[0242.047] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0242.047] SendMessageW (hWnd=0x2102da, Msg=0x2210, wParam=0x2da0001, lParam=0x2102da) returned 0x0
[0242.048] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x2210, wParam=0x2da0001, lParam=0x2102da) returned 0x0
[0242.048] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0242.048] GetParent (hWnd=0x2102da) returned 0x1b02c8
[0242.048] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0242.049] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0242.049] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0242.049] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1b02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2400ea
[0242.050] SetWindowLongW (hWnd=0x2400ea, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0242.050] GetWindowLongW (hWnd=0x2400ea, nIndex=-4) returned 1868026976
[0242.050] SetWindowLongW (hWnd=0x2400ea, nIndex=-4, dwNewLong=19949294) returned 1868026976
[0242.050] GetWindowLongW (hWnd=0x2400ea, nIndex=-4) returned 19949294
[0242.051] GetWindowLongW (hWnd=0x2400ea, nIndex=-16) returned 1177553092
[0242.051] GetWindowLongW (hWnd=0x2400ea, nIndex=-12) returned 0
[0242.051] SetWindowLongW (hWnd=0x2400ea, nIndex=-12, dwNewLong=2359530) returned 0
[0242.051] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0242.052] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0242.053] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0242.080] GetWindow (hWnd=0x2400ea, uCmd=0x3) returned 0x2102da
[0242.080] GetClientRect (in: hWnd=0x2400ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0242.080] GetWindowRect (in: hWnd=0x2400ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0242.080] GetParent (hWnd=0x2400ea) returned 0x1b02c8
[0242.080] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0242.081] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.081] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.081] GetSystemMetrics (nIndex=42) returned 0
[0242.081] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.081] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0242.081] SendMessageW (hWnd=0x2400ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0242.081] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0242.086] SetWindowTextW (hWnd=0x2400ea, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0242.086] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0xc, wParam=0x0, lParam=0x2e66e8c) returned 0x1
[0242.088] GetSystemMetrics (nIndex=5) returned 1
[0242.088] GetSystemMetrics (nIndex=6) returned 1
[0242.088] SendMessageW (hWnd=0x2400ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0242.088] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0242.089] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0242.090] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0242.090] GetClientRect (in: hWnd=0x2400ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0242.090] GetWindowRect (in: hWnd=0x2400ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0242.090] GetParent (hWnd=0x2400ea) returned 0x1b02c8
[0242.090] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1b02c8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0242.090] SendMessageW (hWnd=0x2400ea, Msg=0x2210, wParam=0xea0001, lParam=0x2400ea) returned 0x0
[0242.090] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x2210, wParam=0xea0001, lParam=0x2400ea) returned 0x0
[0242.090] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0242.090] GetParent (hWnd=0x2400ea) returned 0x1b02c8
[0242.090] GetWindowLongW (hWnd=0x1b02c8, nIndex=-8) returned 458844
[0242.090] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0242.090] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0242.090] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xd10107e8
[0242.090] GetDeviceCaps (hdc=0xd10107e8, index=12) returned 32
[0242.091] GetDeviceCaps (hdc=0xd10107e8, index=14) returned 1
[0242.091] DeleteDC (hdc=0xd10107e8) returned 1
[0242.091] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0242.091] GetWindowThreadProcessId (in: hWnd=0x1b02c8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0242.091] GetCurrentThreadId () returned 0xf50
[0242.091] PostMessageW (hWnd=0x1b02c8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0242.092] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.092] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.092] GetSystemMetrics (nIndex=42) returned 0
[0242.092] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.092] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0242.092] GdipImageGetFrameDimensionsCount (image=0x6601360, count=0xd7e25c) returned 0x0
[0242.092] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12011a8
[0242.092] GdipImageGetFrameDimensionsList (image=0x6601360, dimensionIDs=0x12011a8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0242.092] LocalFree (hMem=0x12011a8) returned 0x0
[0242.092] GdipImageGetFrameDimensionsCount (image=0x6601d38, count=0xd7e250) returned 0x0
[0242.092] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200ff8
[0242.092] GdipImageGetFrameDimensionsList (image=0x6601d38, dimensionIDs=0x1200ff8*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0242.092] LocalFree (hMem=0x1200ff8) returned 0x0
[0242.092] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0242.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0242.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0242.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0242.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.102] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0242.102] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0242.102] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.102] GetSystemMetrics (nIndex=42) returned 0
[0242.102] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0242.102] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0242.102] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0242.103] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0242.103] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0x510507f2
[0242.103] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0242.103] SaveDC (hdc=0xc0107c5) returned 1
[0242.103] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0242.103] CreateSolidBrush (color=0xf0f0f0) returned 0x821007e1
[0242.103] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0x821007e1) returned 1
[0242.103] DeleteObject (ho=0x821007e1) returned 1
[0242.103] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0242.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0242.103] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0242.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0242.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0242.104] GetStockObject (i=5) returned 0x900015
[0242.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0242.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0242.104] GetStockObject (i=5) returned 0x900015
[0242.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0242.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0242.105] GetStockObject (i=5) returned 0x900015
[0242.105] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0242.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0242.105] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0242.105] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0242.106] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.106] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0242.107] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0242.107] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0242.107] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0242.107] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.107] InvalidateRect (hWnd=0x2302d8, lpRect=0x0, bErase=0) returned 1
[0242.108] GetFocus () returned 0x1b02c8
[0242.108] GetFocus () returned 0x1b02c8
[0242.108] SetFocus (hWnd=0x2302d8) returned 0x1b02c8
[0242.108] GetFocus () returned 0x2302d8
[0242.108] IsChild (hWndParent=0x1b02c8, hWnd=0x2302d8) returned 1
[0242.108] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x8, wParam=0x2302d8, lParam=0x0) returned 0x0
[0242.109] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0242.110] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0242.112] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0242.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x7, wParam=0x1b02c8, lParam=0x0) returned 0x0
[0242.112] GetStockObject (i=5) returned 0x900015
[0242.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0242.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0242.112] GetDlgItem (hDlg=0x1b02c8, nIDDlgItem=2294488) returned 0x2302d8
[0242.112] SendMessageW (hWnd=0x2302d8, Msg=0x202b, wParam=0x2302d8, lParam=0xd7e0dc) returned 0x0
[0242.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x202b, wParam=0x2302d8, lParam=0xd7e0dc) returned 0x0
[0242.112] InvalidateRect (hWnd=0x2302d8, lpRect=0x0, bErase=0) returned 1
[0242.114] GetFocus () returned 0x2302d8
[0242.114] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.114] IsWindowUnicode (hWnd=0x1b02c8) returned 1
[0242.114] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.114] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.114] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0242.114] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.114] IsWindowUnicode (hWnd=0x1b02c8) returned 1
[0242.114] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.115] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.115] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.115] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0242.115] IsWindowUnicode (hWnd=0x1b02c8) returned 1
[0242.115] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.115] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.115] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.115] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.115] IsWindowUnicode (hWnd=0x602c4) returned 1
[0242.115] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.116] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.116] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.116] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0242.116] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0242.116] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.116] IsWindowUnicode (hWnd=0x1b02c8) returned 1
[0242.116] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.116] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.116] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.117] BeginPaint (in: hWnd=0x1b02c8, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0242.117] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.117] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.117] GetSystemMetrics (nIndex=42) returned 0
[0242.117] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0242.117] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.117] EndPaint (hWnd=0x1b02c8, lpPaint=0xd7e274) returned 1
[0242.117] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.117] IsWindowUnicode (hWnd=0x1602d0) returned 1
[0242.117] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.117] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.117] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.117] BeginPaint (in: hWnd=0x1602d0, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0242.118] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.118] CreateCompatibleDC (hdc=0x107b9) returned 0x6c0107e9
[0242.118] SelectObject (hdc=0x6c0107e9, h=0x4a0507fe) returned 0x85000f
[0242.118] GdipCreateFromHDC (hdc=0x6c0107e9, graphics=0xd7e2b0) returned 0x0
[0242.118] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.118] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0242.118] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0242.118] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0242.118] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e310) returned 0x0
[0242.118] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.118] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0242.118] LocalFree (hMem=0x11eec58) returned 0x0
[0242.118] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0242.118] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0242.118] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0242.118] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e304) returned 0x0
[0242.118] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0242.119] GetWindowTextLengthW (hWnd=0x1602d0) returned 0
[0242.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0242.119] GetSystemMetrics (nIndex=42) returned 0
[0242.119] GetWindowTextW (in: hWnd=0x1602d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0242.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0242.119] GetClientRect (in: hWnd=0x1602d0, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0242.119] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0242.119] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.119] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0242.119] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0242.119] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e164) returned 0x0
[0242.119] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.119] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0242.119] LocalFree (hMem=0x11eec58) returned 0x0
[0242.119] GdipCombineRegionRegion (region=0x6645fc8, region2=0x6645248, combineMode=0x1) returned 0x0
[0242.119] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.119] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0242.119] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.119] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0242.119] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0242.119] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0242.120] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0242.120] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0242.120] GetCurrentObject (hdc=0x6c0107e9, type=0x1) returned 0xb00017
[0242.120] GetCurrentObject (hdc=0x6c0107e9, type=0x2) returned 0x900010
[0242.120] GetCurrentObject (hdc=0x6c0107e9, type=0x7) returned 0x4a0507fe
[0242.120] GetCurrentObject (hdc=0x6c0107e9, type=0x6) returned 0x8a01c2
[0242.120] SaveDC (hdc=0x6c0107e9) returned 1
[0242.120] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x49040807
[0242.120] GetClipRgn (hdc=0x6c0107e9, hrgn=0x49040807) returned 0
[0242.120] SelectClipRgn (hdc=0x6c0107e9, hrgn=0xde0407de) returned 2
[0242.120] DeleteObject (ho=0x49040807) returned 1
[0242.120] DeleteObject (ho=0xde0407de) returned 1
[0242.120] OffsetViewportOrgEx (in: hdc=0x6c0107e9, x=0, y=0, lppt=0x2e6c9ec | out: lppt=0x2e6c9ec) returned 1
[0242.120] GetNearestColor (hdc=0x6c0107e9, color=0xf0f0f0) returned 0xf0f0f0
[0242.120] CreateSolidBrush (color=0xf0f0f0) returned 0x831007e1
[0242.121] FillRect (hDC=0x6c0107e9, lprc=0xd7e198, hbr=0x831007e1) returned 1
[0242.121] DeleteObject (ho=0x831007e1) returned 1
[0242.121] RestoreDC (hdc=0x6c0107e9, nSavedDC=-1) returned 1
[0242.121] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107e9) returned 0x0
[0242.121] GdipRestoreGraphics (graphics=0x6600030, state=0xf8ae0dbd) returned 0x0
[0242.121] GdipDeleteRegion (region=0x6645248) returned 0x0
[0242.121] GetWindowTextLengthW (hWnd=0x1602d0) returned 0
[0242.121] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0242.121] GetSystemMetrics (nIndex=42) returned 0
[0242.121] GetWindowTextW (in: hWnd=0x1602d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0242.121] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0242.121] GdipGetImageWidth (image=0x6601360, width=0xd7e1e0) returned 0x0
[0242.121] GdipGetImageHeight (image=0x6601360, height=0xd7e1e0) returned 0x0
[0242.121] GdipGetImageWidth (image=0x6601360, width=0xd7e1cc) returned 0x0
[0242.121] GdipGetImageHeight (image=0x6601360, height=0xd7e1cc) returned 0x0
[0242.121] GdipDrawImageRectI (graphics=0x6600030, image=0x6601360, x=16, y=16, width=32, height=32) returned 0x0
[0242.121] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0242.122] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0x6c0107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.122] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107e9) returned 0x0
[0242.122] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.126] SelectObject (hdc=0x6c0107e9, h=0x85000f) returned 0x4a0507fe
[0242.126] DeleteDC (hdc=0x6c0107e9) returned 1
[0242.126] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.126] EndPaint (hWnd=0x1602d0, lpPaint=0xd7e294) returned 1
[0242.126] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.126] IsWindowUnicode (hWnd=0x2102de) returned 1
[0242.126] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.127] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.127] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.127] BeginPaint (in: hWnd=0x2102de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0242.127] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.127] CreateCompatibleDC (hdc=0xc0107c5) returned 0x6e0107e9
[0242.127] GetObjectType (h=0xc0107c5) returned 0x3
[0242.127] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0xffffffffdc0507e8
[0242.127] GetDIBits (in: hdc=0xc0107c5, hbm=0xdc0507e8, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0242.127] GetDIBits (in: hdc=0xc0107c5, hbm=0xdc0507e8, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0242.127] DeleteObject (ho=0xdc0507e8) returned 1
[0242.127] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x380507e6
[0242.127] SelectObject (hdc=0x6e0107e9, h=0x380507e6) returned 0x85000f
[0242.127] GdipCreateFromHDC (hdc=0x6e0107e9, graphics=0xd7e234) returned 0x0
[0242.128] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.128] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0242.128] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0242.128] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0242.128] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2d4) returned 0x0
[0242.128] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0242.128] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0242.128] LocalFree (hMem=0x11eecc8) returned 0x0
[0242.128] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0242.128] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0242.128] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0242.128] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0242.128] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0242.128] GetWindowTextLengthW (hWnd=0x2102de) returned 232
[0242.128] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0242.128] GetSystemMetrics (nIndex=42) returned 0
[0242.128] GetWindowTextW (in: hWnd=0x2102de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0242.128] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0242.129] GetClientRect (in: hWnd=0x2102de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0242.129] GdipCreateRegion (region=0xd7e110) returned 0x0
[0242.129] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0242.129] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0242.129] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0242.129] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e128) returned 0x0
[0242.129] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.129] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0242.129] LocalFree (hMem=0x11eec58) returned 0x0
[0242.129] GdipCombineRegionRegion (region=0x6645248, region2=0x6645518, combineMode=0x1) returned 0x0
[0242.129] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.129] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0242.129] LocalFree (hMem=0x11eec58) returned 0x0
[0242.129] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0242.129] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e150) returned 0x0
[0242.129] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e140) returned 0x0
[0242.129] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0242.129] GdipDeleteRegion (region=0x6645248) returned 0x0
[0242.129] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0242.129] GetCurrentObject (hdc=0x6e0107e9, type=0x1) returned 0xb00017
[0242.129] GetCurrentObject (hdc=0x6e0107e9, type=0x2) returned 0x900010
[0242.129] GetCurrentObject (hdc=0x6e0107e9, type=0x7) returned 0x380507e6
[0242.130] GetCurrentObject (hdc=0x6e0107e9, type=0x6) returned 0x8a01c2
[0242.130] SaveDC (hdc=0x6e0107e9) returned 1
[0242.130] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdf0407de
[0242.130] GetClipRgn (hdc=0x6e0107e9, hrgn=0xdf0407de) returned 0
[0242.130] SelectClipRgn (hdc=0x6e0107e9, hrgn=0x4a040807) returned 2
[0242.130] DeleteObject (ho=0xdf0407de) returned 1
[0242.130] DeleteObject (ho=0x4a040807) returned 1
[0242.130] OffsetViewportOrgEx (in: hdc=0x6e0107e9, x=0, y=0, lppt=0x2e6e3b4 | out: lppt=0x2e6e3b4) returned 1
[0242.130] GetNearestColor (hdc=0x6e0107e9, color=0xf0f0f0) returned 0xf0f0f0
[0242.130] CreateSolidBrush (color=0xf0f0f0) returned 0x841007e1
[0242.130] FillRect (hDC=0x6e0107e9, lprc=0xd7e15c, hbr=0x841007e1) returned 1
[0242.131] DeleteObject (ho=0x841007e1) returned 1
[0242.131] RestoreDC (hdc=0x6e0107e9, nSavedDC=-1) returned 1
[0242.131] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107e9) returned 0x0
[0242.131] GdipRestoreGraphics (graphics=0x6600030, state=0xf8ac0dbd) returned 0x0
[0242.131] GdipDeleteRegion (region=0x6645518) returned 0x0
[0242.131] GetWindowTextLengthW (hWnd=0x2102de) returned 232
[0242.131] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0242.131] GetSystemMetrics (nIndex=42) returned 0
[0242.131] GetWindowTextW (in: hWnd=0x2102de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0242.131] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0242.131] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0242.131] GetCurrentObject (hdc=0x6e0107e9, type=0x1) returned 0xb00017
[0242.131] GetCurrentObject (hdc=0x6e0107e9, type=0x2) returned 0x900010
[0242.131] GetCurrentObject (hdc=0x6e0107e9, type=0x7) returned 0x380507e6
[0242.131] GetCurrentObject (hdc=0x6e0107e9, type=0x6) returned 0x8a01c2
[0242.132] SaveDC (hdc=0x6e0107e9) returned 1
[0242.132] GetNearestColor (hdc=0x6e0107e9, color=0x0) returned 0x0
[0242.132] RestoreDC (hdc=0x6e0107e9, nSavedDC=-1) returned 1
[0242.132] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107e9) returned 0x0
[0242.132] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0242.132] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0242.132] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e6ebb0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0242.133] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0242.133] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0242.133] GetCurrentObject (hdc=0x6e0107e9, type=0x1) returned 0xb00017
[0242.133] GetCurrentObject (hdc=0x6e0107e9, type=0x2) returned 0x900010
[0242.133] GetCurrentObject (hdc=0x6e0107e9, type=0x7) returned 0x380507e6
[0242.133] GetCurrentObject (hdc=0x6e0107e9, type=0x6) returned 0x8a01c2
[0242.133] SaveDC (hdc=0x6e0107e9) returned 1
[0242.133] GetTextAlign (hdc=0x6e0107e9) returned 0x0
[0242.133] GetTextColor (hdc=0x6e0107e9) returned 0x0
[0242.133] GetCurrentObject (hdc=0x6e0107e9, type=0x6) returned 0x8a01c2
[0242.133] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0242.133] SelectObject (hdc=0x6e0107e9, h=0x6d0a0520) returned 0x8a01c2
[0242.133] GetBkMode (hdc=0x6e0107e9) returned 2
[0242.133] SetBkMode (hdc=0x6e0107e9, mode=1) returned 2
[0242.134] DrawTextExW (in: hdc=0x6e0107e9, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e6edd4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0242.136] RestoreDC (hdc=0x6e0107e9, nSavedDC=-1) returned 1
[0242.136] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107e9) returned 0x0
[0242.136] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0242.136] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0x6e0107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.136] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107e9) returned 0x0
[0242.136] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.136] SelectObject (hdc=0x6e0107e9, h=0x85000f) returned 0x380507e6
[0242.136] DeleteDC (hdc=0x6e0107e9) returned 1
[0242.136] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.136] DeleteObject (ho=0x380507e6) returned 1
[0242.137] EndPaint (hWnd=0x2102de, lpPaint=0xd7e258) returned 1
[0242.143] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.143] IsWindowUnicode (hWnd=0x2302d8) returned 1
[0242.143] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.143] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.143] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.143] BeginPaint (in: hWnd=0x2302d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0242.143] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.143] CreateCompatibleDC (hdc=0xf0105ee) returned 0x3a0107e6
[0242.143] SelectObject (hdc=0x3a0107e6, h=0x4a0507fe) returned 0x85000f
[0242.143] GdipCreateFromHDC (hdc=0x3a0107e6, graphics=0xd7e268) returned 0x0
[0242.143] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.143] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0242.143] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0242.144] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0242.144] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0242.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.144] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0242.144] LocalFree (hMem=0x11ee868) returned 0x0
[0242.144] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0242.144] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0242.144] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.144] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0242.144] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0242.144] GdipRestoreGraphics (graphics=0x6600030, state=0xf8aa0dbd) returned 0x0
[0242.144] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.144] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0242.144] GetCurrentObject (hdc=0x3a0107e6, type=0x1) returned 0xb00017
[0242.144] GetCurrentObject (hdc=0x3a0107e6, type=0x2) returned 0x900010
[0242.144] GetCurrentObject (hdc=0x3a0107e6, type=0x7) returned 0x4a0507fe
[0242.144] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.144] SaveDC (hdc=0x3a0107e6) returned 1
[0242.144] GetNearestColor (hdc=0x3a0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.144] GetNearestColor (hdc=0x3a0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0242.145] GetNearestColor (hdc=0x3a0107e6, color=0x696969) returned 0x696969
[0242.145] GetNearestColor (hdc=0x3a0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0242.145] GetNearestColor (hdc=0x3a0107e6, color=0x0) returned 0x0
[0242.145] GetNearestColor (hdc=0x3a0107e6, color=0xffffff) returned 0xffffff
[0242.145] GetNearestColor (hdc=0x3a0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0242.145] GetNearestColor (hdc=0x3a0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0242.145] GetNearestColor (hdc=0x3a0107e6, color=0x0) returned 0x0
[0242.145] RestoreDC (hdc=0x3a0107e6, nSavedDC=-1) returned 1
[0242.145] GdipReleaseDC (graphics=0x6600030, hdc=0x3a0107e6) returned 0x0
[0242.145] IsAppThemed () returned 0x1
[0242.145] GetThemeAppProperties () returned 0x3
[0242.145] GetThemeAppProperties () returned 0x3
[0242.145] GdipGetImageWidth (image=0x6601d38, width=0xd7e168) returned 0x0
[0242.145] GdipGetImageHeight (image=0x6601d38, height=0xd7e168) returned 0x0
[0242.145] IsAppThemed () returned 0x1
[0242.145] GetThemeAppProperties () returned 0x3
[0242.145] GetThemeAppProperties () returned 0x3
[0242.145] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e6f524 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0242.146] IsAppThemed () returned 0x1
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] IsAppThemed () returned 0x1
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] GetFocus () returned 0x2302d8
[0242.146] IsAppThemed () returned 0x1
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] IsAppThemed () returned 0x1
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] IsThemePartDefined () returned 0x1
[0242.146] IsAppThemed () returned 0x1
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0242.146] IsAppThemed () returned 0x1
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] GetThemeAppProperties () returned 0x3
[0242.146] IsAppThemed () returned 0x1
[0242.146] GetThemeAppProperties () returned 0x3
[0242.147] GetThemeAppProperties () returned 0x3
[0242.147] IsThemePartDefined () returned 0x1
[0242.147] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0242.147] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0242.147] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0242.147] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0242.147] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dff0) returned 0x0
[0242.147] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.147] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0242.147] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.147] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.147] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0242.147] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.147] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0242.147] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e018) returned 0x0
[0242.147] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e008) returned 0x0
[0242.147] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0242.147] GdipDeleteRegion (region=0x6645908) returned 0x0
[0242.147] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0242.147] GetCurrentObject (hdc=0x3a0107e6, type=0x1) returned 0xb00017
[0242.147] GetCurrentObject (hdc=0x3a0107e6, type=0x2) returned 0x900010
[0242.147] GetCurrentObject (hdc=0x3a0107e6, type=0x7) returned 0x4a0507fe
[0242.147] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.148] SaveDC (hdc=0x3a0107e6) returned 1
[0242.148] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b040807
[0242.148] GetClipRgn (hdc=0x3a0107e6, hrgn=0x4b040807) returned 0
[0242.148] SelectClipRgn (hdc=0x3a0107e6, hrgn=0xe30407de) returned 2
[0242.148] DeleteObject (ho=0x4b040807) returned 1
[0242.148] DeleteObject (ho=0xe30407de) returned 1
[0242.148] OffsetViewportOrgEx (in: hdc=0x3a0107e6, x=0, y=0, lppt=0x2e6fbd4 | out: lppt=0x2e6fbd4) returned 1
[0242.148] DrawThemeParentBackground () returned 0x0
[0242.150] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0242.150] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0242.150] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.150] GetSystemMetrics (nIndex=42) returned 0
[0242.150] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0242.150] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0242.150] GetCurrentObject (hdc=0x3a0107e6, type=0x1) returned 0xb00017
[0242.150] GetCurrentObject (hdc=0x3a0107e6, type=0x2) returned 0x900010
[0242.150] GetCurrentObject (hdc=0x3a0107e6, type=0x7) returned 0x4a0507fe
[0242.150] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.150] SaveDC (hdc=0x3a0107e6) returned 2
[0242.150] GetNearestColor (hdc=0x3a0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.150] CreateSolidBrush (color=0xf0f0f0) returned 0x851007e1
[0242.150] FillRect (hDC=0x3a0107e6, lprc=0xd7da38, hbr=0x851007e1) returned 1
[0242.150] DeleteObject (ho=0x851007e1) returned 1
[0242.151] RestoreDC (hdc=0x3a0107e6, nSavedDC=-1) returned 1
[0242.151] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.151] GetSystemMetrics (nIndex=42) returned 0
[0242.151] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0242.151] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0242.151] GetCurrentObject (hdc=0x3a0107e6, type=0x1) returned 0xb00017
[0242.151] GetCurrentObject (hdc=0x3a0107e6, type=0x2) returned 0x900010
[0242.151] GetCurrentObject (hdc=0x3a0107e6, type=0x7) returned 0x4a0507fe
[0242.151] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.151] SaveDC (hdc=0x3a0107e6) returned 2
[0242.151] GetNearestColor (hdc=0x3a0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.151] CreateSolidBrush (color=0xf0f0f0) returned 0x861007e1
[0242.151] FillRect (hDC=0x3a0107e6, lprc=0xd7d9d8, hbr=0x861007e1) returned 1
[0242.151] DeleteObject (ho=0x861007e1) returned 1
[0242.151] RestoreDC (hdc=0x3a0107e6, nSavedDC=-1) returned 1
[0242.151] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.151] GetSystemMetrics (nIndex=42) returned 0
[0242.151] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0242.152] RestoreDC (hdc=0x3a0107e6, nSavedDC=-1) returned 1
[0242.152] GdipReleaseDC (graphics=0x6600030, hdc=0x3a0107e6) returned 0x0
[0242.152] IsAppThemed () returned 0x1
[0242.152] GetThemeAppProperties () returned 0x3
[0242.152] GetThemeAppProperties () returned 0x3
[0242.152] IsAppThemed () returned 0x1
[0242.152] GetThemeAppProperties () returned 0x3
[0242.152] GetThemeAppProperties () returned 0x3
[0242.152] IsThemePartDefined () returned 0x1
[0242.152] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0242.152] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.152] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0242.152] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0242.152] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0242.152] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0242.152] LocalFree (hMem=0x11eec58) returned 0x0
[0242.152] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0242.152] LocalFree (hMem=0x11eea60) returned 0x0
[0242.152] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0242.153] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0242.153] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0242.153] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0242.153] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.153] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0242.153] GetCurrentObject (hdc=0x3a0107e6, type=0x1) returned 0xb00017
[0242.153] GetCurrentObject (hdc=0x3a0107e6, type=0x2) returned 0x900010
[0242.153] GetCurrentObject (hdc=0x3a0107e6, type=0x7) returned 0x4a0507fe
[0242.153] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.153] SaveDC (hdc=0x3a0107e6) returned 1
[0242.153] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe40407de
[0242.153] GetClipRgn (hdc=0x3a0107e6, hrgn=0xe40407de) returned 0
[0242.153] SelectClipRgn (hdc=0x3a0107e6, hrgn=0x4d040807) returned 2
[0242.154] DeleteObject (ho=0xe40407de) returned 1
[0242.154] DeleteObject (ho=0x4d040807) returned 1
[0242.154] OffsetViewportOrgEx (in: hdc=0x3a0107e6, x=0, y=0, lppt=0x2e70480 | out: lppt=0x2e70480) returned 1
[0242.154] IsAppThemed () returned 0x1
[0242.154] GetThemeAppProperties () returned 0x3
[0242.154] GetThemeAppProperties () returned 0x3
[0242.154] DrawThemeBackground () returned 0x0
[0242.154] RestoreDC (hdc=0x3a0107e6, nSavedDC=-1) returned 1
[0242.154] GdipReleaseDC (graphics=0x6600030, hdc=0x3a0107e6) returned 0x0
[0242.154] GdipCreateRegion (region=0xd7df60) returned 0x0
[0242.154] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.154] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0242.154] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0242.154] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df78) returned 0x0
[0242.154] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0242.154] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea98) returned 0x0
[0242.154] LocalFree (hMem=0x11eea98) returned 0x0
[0242.154] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.154] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0242.154] LocalFree (hMem=0x11eec58) returned 0x0
[0242.155] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0242.155] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0242.155] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0242.155] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0242.155] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.155] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0242.155] GetCurrentObject (hdc=0x3a0107e6, type=0x1) returned 0xb00017
[0242.155] GetCurrentObject (hdc=0x3a0107e6, type=0x2) returned 0x900010
[0242.155] GetCurrentObject (hdc=0x3a0107e6, type=0x7) returned 0x4a0507fe
[0242.155] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.155] SaveDC (hdc=0x3a0107e6) returned 1
[0242.155] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4e040807
[0242.155] GetClipRgn (hdc=0x3a0107e6, hrgn=0x4e040807) returned 0
[0242.155] SelectClipRgn (hdc=0x3a0107e6, hrgn=0xe50407de) returned 2
[0242.155] DeleteObject (ho=0x4e040807) returned 1
[0242.155] DeleteObject (ho=0xe50407de) returned 1
[0242.155] OffsetViewportOrgEx (in: hdc=0x3a0107e6, x=0, y=0, lppt=0x2e70754 | out: lppt=0x2e70754) returned 1
[0242.155] IsAppThemed () returned 0x1
[0242.155] GetThemeAppProperties () returned 0x3
[0242.156] GetThemeAppProperties () returned 0x3
[0242.156] GetThemeBackgroundContentRect () returned 0x0
[0242.156] RestoreDC (hdc=0x3a0107e6, nSavedDC=-1) returned 1
[0242.156] GdipReleaseDC (graphics=0x6600030, hdc=0x3a0107e6) returned 0x0
[0242.156] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0242.156] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0242.156] GdipCloneRegion (region=0x6645518, cloneRegion=0xd7e150) returned 0x0
[0242.156] GdipCombineRegionRectI (region=0x6645248, rect=0xd7e138, combineMode=0x1) returned 0x0
[0242.156] GdipCombineRegionRectI (region=0x6645248, rect=0xd7e138, combineMode=0x1) returned 0x0
[0242.156] GdipSetClipRegion (graphics=0x6600030, region=0x6645248, combineMode=0x0) returned 0x0
[0242.156] GdipGetImageWidth (image=0x6601d38, width=0xd7e154) returned 0x0
[0242.156] GdipGetImageHeight (image=0x6601d38, height=0xd7e148) returned 0x0
[0242.156] GdipDrawImageRectI (graphics=0x6600030, image=0x6601d38, x=4, y=4, width=16, height=16) returned 0x0
[0242.156] GdipSetClipRegion (graphics=0x6600030, region=0x6645518, combineMode=0x0) returned 0x0
[0242.156] IsAppThemed () returned 0x1
[0242.156] GetThemeAppProperties () returned 0x3
[0242.156] GetThemeAppProperties () returned 0x3
[0242.156] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0242.156] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0242.156] GetCurrentObject (hdc=0x3a0107e6, type=0x1) returned 0xb00017
[0242.156] GetCurrentObject (hdc=0x3a0107e6, type=0x2) returned 0x900010
[0242.156] GetCurrentObject (hdc=0x3a0107e6, type=0x7) returned 0x4a0507fe
[0242.157] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.157] SaveDC (hdc=0x3a0107e6) returned 1
[0242.157] GetTextAlign (hdc=0x3a0107e6) returned 0x0
[0242.157] GetTextColor (hdc=0x3a0107e6) returned 0x0
[0242.157] GetCurrentObject (hdc=0x3a0107e6, type=0x6) returned 0x8a01c2
[0242.157] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0242.157] SelectObject (hdc=0x3a0107e6, h=0x6d0a0520) returned 0x8a01c2
[0242.157] GetBkMode (hdc=0x3a0107e6) returned 2
[0242.157] SetBkMode (hdc=0x3a0107e6, mode=1) returned 2
[0242.157] DrawTextExW (in: hdc=0x3a0107e6, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e70b14 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0242.157] DrawTextExW (in: hdc=0x3a0107e6, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e70b14 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0242.158] RestoreDC (hdc=0x3a0107e6, nSavedDC=-1) returned 1
[0242.158] GdipReleaseDC (graphics=0x6600030, hdc=0x3a0107e6) returned 0x0
[0242.158] GetFocus () returned 0x2302d8
[0242.158] IsAppThemed () returned 0x1
[0242.158] GetThemeAppProperties () returned 0x3
[0242.158] GetThemeAppProperties () returned 0x3
[0242.158] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0242.158] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x3a0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.158] GdipReleaseDC (graphics=0x6600030, hdc=0x3a0107e6) returned 0x0
[0242.158] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.158] SelectObject (hdc=0x3a0107e6, h=0x85000f) returned 0x4a0507fe
[0242.158] DeleteDC (hdc=0x3a0107e6) returned 1
[0242.158] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.158] EndPaint (hWnd=0x2302d8, lpPaint=0xd7e24c) returned 1
[0242.159] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.159] IsWindowUnicode (hWnd=0x2102dc) returned 1
[0242.159] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.159] SetCursor (hCursor=0x10003) returned 0x10003
[0242.159] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.159] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.159] _TrackMouseEvent (in: lpEventTrack=0x2e70c10 | out: lpEventTrack=0x2e70c10) returned 1
[0242.159] SendMessageW (hWnd=0x2102dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0242.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0242.159] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.160] GetKeyState (nVirtKey=1) returned 0
[0242.160] GetKeyState (nVirtKey=2) returned 0
[0242.160] GetKeyState (nVirtKey=4) returned 0
[0242.160] GetKeyState (nVirtKey=5) returned 0
[0242.160] GetKeyState (nVirtKey=6) returned 0
[0242.160] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.160] IsWindowUnicode (hWnd=0x2102dc) returned 1
[0242.160] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.160] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.160] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.160] BeginPaint (in: hWnd=0x2102dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0242.160] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.160] CreateCompatibleDC (hdc=0x10105d6) returned 0x3c0107e6
[0242.160] SelectObject (hdc=0x3c0107e6, h=0x4a0507fe) returned 0x85000f
[0242.160] GdipCreateFromHDC (hdc=0x3c0107e6, graphics=0xd7e268) returned 0x0
[0242.161] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.161] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0242.161] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0242.161] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0242.161] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0242.161] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0242.161] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0242.161] LocalFree (hMem=0x11eea60) returned 0x0
[0242.161] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0242.161] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0242.161] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.161] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0242.161] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0242.161] GdipRestoreGraphics (graphics=0x6600030, state=0xf8a80dbd) returned 0x0
[0242.161] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.161] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0242.161] GetCurrentObject (hdc=0x3c0107e6, type=0x1) returned 0xb00017
[0242.161] GetCurrentObject (hdc=0x3c0107e6, type=0x2) returned 0x900010
[0242.161] GetCurrentObject (hdc=0x3c0107e6, type=0x7) returned 0x4a0507fe
[0242.161] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.162] SaveDC (hdc=0x3c0107e6) returned 1
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0x696969) returned 0x696969
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0x0) returned 0x0
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0xffffff) returned 0xffffff
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0242.162] GetNearestColor (hdc=0x3c0107e6, color=0x0) returned 0x0
[0242.162] RestoreDC (hdc=0x3c0107e6, nSavedDC=-1) returned 1
[0242.162] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107e6) returned 0x0
[0242.162] IsAppThemed () returned 0x1
[0242.162] GetThemeAppProperties () returned 0x3
[0242.162] GetThemeAppProperties () returned 0x3
[0242.162] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0242.162] SendMessageW (hWnd=0x1b02c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0242.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0242.163] IsAppThemed () returned 0x1
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e7137c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0242.163] IsAppThemed () returned 0x1
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] IsAppThemed () returned 0x1
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] IsAppThemed () returned 0x1
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] IsAppThemed () returned 0x1
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] IsThemePartDefined () returned 0x1
[0242.163] IsAppThemed () returned 0x1
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] GetThemeAppProperties () returned 0x3
[0242.163] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0242.163] IsAppThemed () returned 0x1
[0242.164] GetThemeAppProperties () returned 0x3
[0242.164] GetThemeAppProperties () returned 0x3
[0242.164] IsAppThemed () returned 0x1
[0242.164] GetThemeAppProperties () returned 0x3
[0242.164] GetThemeAppProperties () returned 0x3
[0242.164] IsThemePartDefined () returned 0x1
[0242.164] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0242.164] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.164] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0242.164] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0242.164] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfe4) returned 0x0
[0242.164] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.164] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0242.164] LocalFree (hMem=0x11ee868) returned 0x0
[0242.164] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0242.164] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0242.164] LocalFree (hMem=0x11eed00) returned 0x0
[0242.164] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0242.164] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0242.164] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0242.164] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0242.164] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.164] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0242.165] GetCurrentObject (hdc=0x3c0107e6, type=0x1) returned 0xb00017
[0242.165] GetCurrentObject (hdc=0x3c0107e6, type=0x2) returned 0x900010
[0242.165] GetCurrentObject (hdc=0x3c0107e6, type=0x7) returned 0x4a0507fe
[0242.165] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.165] SaveDC (hdc=0x3c0107e6) returned 1
[0242.165] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe60407de
[0242.165] GetClipRgn (hdc=0x3c0107e6, hrgn=0xe60407de) returned 0
[0242.165] SelectClipRgn (hdc=0x3c0107e6, hrgn=0x52040807) returned 2
[0242.165] DeleteObject (ho=0xe60407de) returned 1
[0242.165] DeleteObject (ho=0x52040807) returned 1
[0242.165] OffsetViewportOrgEx (in: hdc=0x3c0107e6, x=0, y=0, lppt=0x2e71a2c | out: lppt=0x2e71a2c) returned 1
[0242.165] DrawThemeParentBackground () returned 0x0
[0242.165] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0242.165] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0242.165] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.165] GetSystemMetrics (nIndex=42) returned 0
[0242.165] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0242.166] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0242.166] GetCurrentObject (hdc=0x3c0107e6, type=0x1) returned 0xb00017
[0242.166] GetCurrentObject (hdc=0x3c0107e6, type=0x2) returned 0x900010
[0242.166] GetCurrentObject (hdc=0x3c0107e6, type=0x7) returned 0x4a0507fe
[0242.166] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.166] SaveDC (hdc=0x3c0107e6) returned 2
[0242.166] GetNearestColor (hdc=0x3c0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.166] CreateSolidBrush (color=0xf0f0f0) returned 0x871007e1
[0242.166] FillRect (hDC=0x3c0107e6, lprc=0xd7da30, hbr=0x871007e1) returned 1
[0242.166] DeleteObject (ho=0x871007e1) returned 1
[0242.166] RestoreDC (hdc=0x3c0107e6, nSavedDC=-1) returned 1
[0242.166] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.166] GetSystemMetrics (nIndex=42) returned 0
[0242.166] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0242.166] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0242.166] GetCurrentObject (hdc=0x3c0107e6, type=0x1) returned 0xb00017
[0242.166] GetCurrentObject (hdc=0x3c0107e6, type=0x2) returned 0x900010
[0242.167] GetCurrentObject (hdc=0x3c0107e6, type=0x7) returned 0x4a0507fe
[0242.167] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.167] SaveDC (hdc=0x3c0107e6) returned 2
[0242.167] GetNearestColor (hdc=0x3c0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.167] CreateSolidBrush (color=0xf0f0f0) returned 0x881007e1
[0242.167] FillRect (hDC=0x3c0107e6, lprc=0xd7d9d0, hbr=0x881007e1) returned 1
[0242.167] DeleteObject (ho=0x881007e1) returned 1
[0242.167] RestoreDC (hdc=0x3c0107e6, nSavedDC=-1) returned 1
[0242.167] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.167] GetSystemMetrics (nIndex=42) returned 0
[0242.167] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0242.167] RestoreDC (hdc=0x3c0107e6, nSavedDC=-1) returned 1
[0242.167] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107e6) returned 0x0
[0242.167] IsAppThemed () returned 0x1
[0242.168] GetThemeAppProperties () returned 0x3
[0242.168] GetThemeAppProperties () returned 0x3
[0242.168] IsAppThemed () returned 0x1
[0242.168] GetThemeAppProperties () returned 0x3
[0242.168] GetThemeAppProperties () returned 0x3
[0242.168] IsThemePartDefined () returned 0x1
[0242.168] GdipCreateRegion (region=0xd7df50) returned 0x0
[0242.168] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.168] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0242.168] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0242.168] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df68) returned 0x0
[0242.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.168] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0242.168] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.168] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0242.168] LocalFree (hMem=0x11ee868) returned 0x0
[0242.168] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0242.168] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df90) returned 0x0
[0242.168] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df80) returned 0x0
[0242.168] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0242.168] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.168] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0242.169] GetCurrentObject (hdc=0x3c0107e6, type=0x1) returned 0xb00017
[0242.169] GetCurrentObject (hdc=0x3c0107e6, type=0x2) returned 0x900010
[0242.173] GetCurrentObject (hdc=0x3c0107e6, type=0x7) returned 0x4a0507fe
[0242.173] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.174] SaveDC (hdc=0x3c0107e6) returned 1
[0242.174] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x53040807
[0242.174] GetClipRgn (hdc=0x3c0107e6, hrgn=0x53040807) returned 0
[0242.174] SelectClipRgn (hdc=0x3c0107e6, hrgn=0xe80407de) returned 2
[0242.174] DeleteObject (ho=0x53040807) returned 1
[0242.174] DeleteObject (ho=0xe80407de) returned 1
[0242.174] OffsetViewportOrgEx (in: hdc=0x3c0107e6, x=0, y=0, lppt=0x2e722d8 | out: lppt=0x2e722d8) returned 1
[0242.174] IsAppThemed () returned 0x1
[0242.174] GetThemeAppProperties () returned 0x3
[0242.174] GetThemeAppProperties () returned 0x3
[0242.174] DrawThemeBackground () returned 0x0
[0242.174] RestoreDC (hdc=0x3c0107e6, nSavedDC=-1) returned 1
[0242.174] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107e6) returned 0x0
[0242.174] GdipCreateRegion (region=0xd7df54) returned 0x0
[0242.174] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.174] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0242.174] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0242.174] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df6c) returned 0x0
[0242.174] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.174] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0242.175] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.175] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0242.175] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0242.175] LocalFree (hMem=0x11ee788) returned 0x0
[0242.175] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0242.175] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df94) returned 0x0
[0242.175] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df84) returned 0x0
[0242.175] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0242.175] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.175] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0242.175] GetCurrentObject (hdc=0x3c0107e6, type=0x1) returned 0xb00017
[0242.175] GetCurrentObject (hdc=0x3c0107e6, type=0x2) returned 0x900010
[0242.175] GetCurrentObject (hdc=0x3c0107e6, type=0x7) returned 0x4a0507fe
[0242.175] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.175] SaveDC (hdc=0x3c0107e6) returned 1
[0242.175] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe90407de
[0242.175] GetClipRgn (hdc=0x3c0107e6, hrgn=0xe90407de) returned 0
[0242.175] SelectClipRgn (hdc=0x3c0107e6, hrgn=0x54040807) returned 2
[0242.176] DeleteObject (ho=0xe90407de) returned 1
[0242.176] DeleteObject (ho=0x54040807) returned 1
[0242.176] OffsetViewportOrgEx (in: hdc=0x3c0107e6, x=0, y=0, lppt=0x2e725ac | out: lppt=0x2e725ac) returned 1
[0242.176] IsAppThemed () returned 0x1
[0242.176] GetThemeAppProperties () returned 0x3
[0242.176] GetThemeAppProperties () returned 0x3
[0242.176] GetThemeBackgroundContentRect () returned 0x0
[0242.176] RestoreDC (hdc=0x3c0107e6, nSavedDC=-1) returned 1
[0242.176] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107e6) returned 0x0
[0242.176] IsAppThemed () returned 0x1
[0242.176] GetThemeAppProperties () returned 0x3
[0242.176] GetThemeAppProperties () returned 0x3
[0242.176] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0242.176] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0242.176] GetCurrentObject (hdc=0x3c0107e6, type=0x1) returned 0xb00017
[0242.176] GetCurrentObject (hdc=0x3c0107e6, type=0x2) returned 0x900010
[0242.176] GetCurrentObject (hdc=0x3c0107e6, type=0x7) returned 0x4a0507fe
[0242.176] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.176] SaveDC (hdc=0x3c0107e6) returned 1
[0242.177] GetTextAlign (hdc=0x3c0107e6) returned 0x0
[0242.177] GetTextColor (hdc=0x3c0107e6) returned 0x0
[0242.177] GetCurrentObject (hdc=0x3c0107e6, type=0x6) returned 0x8a01c2
[0242.177] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0242.177] SelectObject (hdc=0x3c0107e6, h=0x6d0a0520) returned 0x8a01c2
[0242.177] GetBkMode (hdc=0x3c0107e6) returned 2
[0242.177] SetBkMode (hdc=0x3c0107e6, mode=1) returned 2
[0242.177] DrawTextExW (in: hdc=0x3c0107e6, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e7294c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0242.177] DrawTextExW (in: hdc=0x3c0107e6, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e7294c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0242.178] RestoreDC (hdc=0x3c0107e6, nSavedDC=-1) returned 1
[0242.178] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107e6) returned 0x0
[0242.178] GetFocus () returned 0x2302d8
[0242.178] IsAppThemed () returned 0x1
[0242.178] GetThemeAppProperties () returned 0x3
[0242.178] GetThemeAppProperties () returned 0x3
[0242.178] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0242.178] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x3c0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.178] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107e6) returned 0x0
[0242.178] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.178] SelectObject (hdc=0x3c0107e6, h=0x85000f) returned 0x4a0507fe
[0242.178] DeleteDC (hdc=0x3c0107e6) returned 1
[0242.178] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.178] EndPaint (hWnd=0x2102dc, lpPaint=0xd7e24c) returned 1
[0242.179] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.179] IsWindowUnicode (hWnd=0x2102da) returned 1
[0242.179] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.179] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.179] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.179] BeginPaint (in: hWnd=0x2102da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0242.179] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.179] CreateCompatibleDC (hdc=0x107b9) returned 0x3e0107e6
[0242.179] SelectObject (hdc=0x3e0107e6, h=0x4a0507fe) returned 0x85000f
[0242.179] GdipCreateFromHDC (hdc=0x3e0107e6, graphics=0xd7e268) returned 0x0
[0242.179] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.179] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0242.179] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0242.179] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0242.179] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0242.180] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0242.180] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee8d8) returned 0x0
[0242.180] LocalFree (hMem=0x11ee8d8) returned 0x0
[0242.180] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0242.180] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0242.180] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.180] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0242.180] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0242.180] GdipRestoreGraphics (graphics=0x6600030, state=0xf8a60dbd) returned 0x0
[0242.180] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.180] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0242.180] GetCurrentObject (hdc=0x3e0107e6, type=0x1) returned 0xb00017
[0242.180] GetCurrentObject (hdc=0x3e0107e6, type=0x2) returned 0x900010
[0242.180] GetCurrentObject (hdc=0x3e0107e6, type=0x7) returned 0x4a0507fe
[0242.180] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.180] SaveDC (hdc=0x3e0107e6) returned 1
[0242.180] GetNearestColor (hdc=0x3e0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.180] GetNearestColor (hdc=0x3e0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0242.180] GetNearestColor (hdc=0x3e0107e6, color=0x696969) returned 0x696969
[0242.180] GetNearestColor (hdc=0x3e0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0242.180] GetNearestColor (hdc=0x3e0107e6, color=0x0) returned 0x0
[0242.181] GetNearestColor (hdc=0x3e0107e6, color=0xffffff) returned 0xffffff
[0242.181] GetNearestColor (hdc=0x3e0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0242.181] GetNearestColor (hdc=0x3e0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0242.181] GetNearestColor (hdc=0x3e0107e6, color=0x0) returned 0x0
[0242.181] RestoreDC (hdc=0x3e0107e6, nSavedDC=-1) returned 1
[0242.181] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107e6) returned 0x0
[0242.181] IsAppThemed () returned 0x1
[0242.181] GetThemeAppProperties () returned 0x3
[0242.181] GetThemeAppProperties () returned 0x3
[0242.181] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0242.181] SendMessageW (hWnd=0x1b02c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0242.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0242.181] IsAppThemed () returned 0x1
[0242.181] GetThemeAppProperties () returned 0x3
[0242.181] GetThemeAppProperties () returned 0x3
[0242.181] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e7315c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0242.181] IsAppThemed () returned 0x1
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] IsAppThemed () returned 0x1
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetFocus () returned 0x2302d8
[0242.182] IsAppThemed () returned 0x1
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] IsAppThemed () returned 0x1
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] IsThemePartDefined () returned 0x1
[0242.182] IsAppThemed () returned 0x1
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0242.182] IsAppThemed () returned 0x1
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] IsAppThemed () returned 0x1
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] GetThemeAppProperties () returned 0x3
[0242.182] IsThemePartDefined () returned 0x1
[0242.182] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0242.182] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0242.183] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0242.183] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0242.183] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dff0) returned 0x0
[0242.183] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0242.183] LocalFree (hMem=0x11eec58) returned 0x0
[0242.183] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0242.183] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.183] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0242.183] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e018) returned 0x0
[0242.183] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e008) returned 0x0
[0242.183] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0242.183] GdipDeleteRegion (region=0x6645998) returned 0x0
[0242.183] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0242.183] GetCurrentObject (hdc=0x3e0107e6, type=0x1) returned 0xb00017
[0242.183] GetCurrentObject (hdc=0x3e0107e6, type=0x2) returned 0x900010
[0242.183] GetCurrentObject (hdc=0x3e0107e6, type=0x7) returned 0x4a0507fe
[0242.183] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.183] SaveDC (hdc=0x3e0107e6) returned 1
[0242.183] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0242.183] GetClipRgn (hdc=0x3e0107e6, hrgn=0x55040807) returned 0
[0242.183] SelectClipRgn (hdc=0x3e0107e6, hrgn=0xed0407de) returned 2
[0242.184] DeleteObject (ho=0x55040807) returned 1
[0242.184] DeleteObject (ho=0xed0407de) returned 1
[0242.184] OffsetViewportOrgEx (in: hdc=0x3e0107e6, x=0, y=0, lppt=0x2e7380c | out: lppt=0x2e7380c) returned 1
[0242.184] DrawThemeParentBackground () returned 0x0
[0242.184] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0242.184] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0242.184] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.184] GetSystemMetrics (nIndex=42) returned 0
[0242.184] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0242.184] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0242.184] GetCurrentObject (hdc=0x3e0107e6, type=0x1) returned 0xb00017
[0242.193] GetCurrentObject (hdc=0x3e0107e6, type=0x2) returned 0x900010
[0242.193] GetCurrentObject (hdc=0x3e0107e6, type=0x7) returned 0x4a0507fe
[0242.193] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.193] SaveDC (hdc=0x3e0107e6) returned 2
[0242.193] GetNearestColor (hdc=0x3e0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.193] CreateSolidBrush (color=0xf0f0f0) returned 0x891007e1
[0242.193] FillRect (hDC=0x3e0107e6, lprc=0xd7da38, hbr=0x891007e1) returned 1
[0242.193] DeleteObject (ho=0x891007e1) returned 1
[0242.193] RestoreDC (hdc=0x3e0107e6, nSavedDC=-1) returned 1
[0242.193] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.193] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.193] GetSystemMetrics (nIndex=42) returned 0
[0242.193] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.193] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0242.194] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0242.194] GetCurrentObject (hdc=0x3e0107e6, type=0x1) returned 0xb00017
[0242.194] GetCurrentObject (hdc=0x3e0107e6, type=0x2) returned 0x900010
[0242.194] GetCurrentObject (hdc=0x3e0107e6, type=0x7) returned 0x4a0507fe
[0242.194] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.194] SaveDC (hdc=0x3e0107e6) returned 2
[0242.194] GetNearestColor (hdc=0x3e0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0242.194] CreateSolidBrush (color=0xf0f0f0) returned 0x8a1007e1
[0242.194] FillRect (hDC=0x3e0107e6, lprc=0xd7d9d8, hbr=0x8a1007e1) returned 1
[0242.194] DeleteObject (ho=0x8a1007e1) returned 1
[0242.194] RestoreDC (hdc=0x3e0107e6, nSavedDC=-1) returned 1
[0242.194] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.194] GetSystemMetrics (nIndex=42) returned 0
[0242.194] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0242.195] RestoreDC (hdc=0x3e0107e6, nSavedDC=-1) returned 1
[0242.195] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107e6) returned 0x0
[0242.195] IsAppThemed () returned 0x1
[0242.195] GetThemeAppProperties () returned 0x3
[0242.195] GetThemeAppProperties () returned 0x3
[0242.195] IsAppThemed () returned 0x1
[0242.195] GetThemeAppProperties () returned 0x3
[0242.195] GetThemeAppProperties () returned 0x3
[0242.195] IsThemePartDefined () returned 0x1
[0242.195] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0242.195] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.195] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0242.195] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0242.195] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0242.195] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.196] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0242.196] LocalFree (hMem=0x11eec58) returned 0x0
[0242.196] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.196] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0242.196] LocalFree (hMem=0x11eec58) returned 0x0
[0242.196] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0242.196] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0242.196] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0242.196] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0242.196] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.196] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0242.196] GetCurrentObject (hdc=0x3e0107e6, type=0x1) returned 0xb00017
[0242.196] GetCurrentObject (hdc=0x3e0107e6, type=0x2) returned 0x900010
[0242.196] GetCurrentObject (hdc=0x3e0107e6, type=0x7) returned 0x4a0507fe
[0242.196] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.196] SaveDC (hdc=0x3e0107e6) returned 1
[0242.196] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xee0407de
[0242.196] GetClipRgn (hdc=0x3e0107e6, hrgn=0xee0407de) returned 0
[0242.196] SelectClipRgn (hdc=0x3e0107e6, hrgn=0x57040807) returned 2
[0242.196] DeleteObject (ho=0xee0407de) returned 1
[0242.197] DeleteObject (ho=0x57040807) returned 1
[0242.197] OffsetViewportOrgEx (in: hdc=0x3e0107e6, x=0, y=0, lppt=0x2e740b8 | out: lppt=0x2e740b8) returned 1
[0242.197] IsAppThemed () returned 0x1
[0242.197] GetThemeAppProperties () returned 0x3
[0242.197] GetThemeAppProperties () returned 0x3
[0242.197] DrawThemeBackground () returned 0x0
[0242.197] RestoreDC (hdc=0x3e0107e6, nSavedDC=-1) returned 1
[0242.197] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107e6) returned 0x0
[0242.197] GdipCreateRegion (region=0xd7df60) returned 0x0
[0242.197] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.197] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0242.197] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0242.197] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0242.197] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.197] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0242.197] LocalFree (hMem=0x11ee868) returned 0x0
[0242.197] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0242.197] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0242.198] LocalFree (hMem=0x11ee788) returned 0x0
[0242.198] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0242.198] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0242.198] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df90) returned 0x0
[0242.198] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0242.198] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.198] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0242.198] GetCurrentObject (hdc=0x3e0107e6, type=0x1) returned 0xb00017
[0242.198] GetCurrentObject (hdc=0x3e0107e6, type=0x2) returned 0x900010
[0242.198] GetCurrentObject (hdc=0x3e0107e6, type=0x7) returned 0x4a0507fe
[0242.198] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.198] SaveDC (hdc=0x3e0107e6) returned 1
[0242.198] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x58040807
[0242.198] GetClipRgn (hdc=0x3e0107e6, hrgn=0x58040807) returned 0
[0242.198] SelectClipRgn (hdc=0x3e0107e6, hrgn=0xef0407de) returned 2
[0242.198] DeleteObject (ho=0x58040807) returned 1
[0242.198] DeleteObject (ho=0xef0407de) returned 1
[0242.199] OffsetViewportOrgEx (in: hdc=0x3e0107e6, x=0, y=0, lppt=0x2e7438c | out: lppt=0x2e7438c) returned 1
[0242.199] IsAppThemed () returned 0x1
[0242.199] GetThemeAppProperties () returned 0x3
[0242.199] GetThemeAppProperties () returned 0x3
[0242.199] GetThemeBackgroundContentRect () returned 0x0
[0242.199] RestoreDC (hdc=0x3e0107e6, nSavedDC=-1) returned 1
[0242.199] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107e6) returned 0x0
[0242.199] IsAppThemed () returned 0x1
[0242.199] GetThemeAppProperties () returned 0x3
[0242.199] GetThemeAppProperties () returned 0x3
[0242.199] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0242.199] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0242.199] GetCurrentObject (hdc=0x3e0107e6, type=0x1) returned 0xb00017
[0242.199] GetCurrentObject (hdc=0x3e0107e6, type=0x2) returned 0x900010
[0242.199] GetCurrentObject (hdc=0x3e0107e6, type=0x7) returned 0x4a0507fe
[0242.199] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.199] SaveDC (hdc=0x3e0107e6) returned 1
[0242.199] GetTextAlign (hdc=0x3e0107e6) returned 0x0
[0242.199] GetTextColor (hdc=0x3e0107e6) returned 0x0
[0242.199] GetCurrentObject (hdc=0x3e0107e6, type=0x6) returned 0x8a01c2
[0242.200] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0242.200] SelectObject (hdc=0x3e0107e6, h=0x6d0a0520) returned 0x8a01c2
[0242.200] GetBkMode (hdc=0x3e0107e6) returned 2
[0242.200] SetBkMode (hdc=0x3e0107e6, mode=1) returned 2
[0242.200] DrawTextExW (in: hdc=0x3e0107e6, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e7472c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0242.201] DrawTextExW (in: hdc=0x3e0107e6, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e7472c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0242.201] RestoreDC (hdc=0x3e0107e6, nSavedDC=-1) returned 1
[0242.201] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107e6) returned 0x0
[0242.201] GetFocus () returned 0x2302d8
[0242.201] IsAppThemed () returned 0x1
[0242.201] GetThemeAppProperties () returned 0x3
[0242.201] GetThemeAppProperties () returned 0x3
[0242.201] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0242.201] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x3e0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.202] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107e6) returned 0x0
[0242.202] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.202] SelectObject (hdc=0x3e0107e6, h=0x85000f) returned 0x4a0507fe
[0242.202] DeleteDC (hdc=0x3e0107e6) returned 1
[0242.202] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.202] EndPaint (hWnd=0x2102da, lpPaint=0xd7e24c) returned 1
[0242.202] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.202] IsWindowUnicode (hWnd=0x602c4) returned 1
[0242.202] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.202] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.202] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.202] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0242.202] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.202] CreateCompatibleDC (hdc=0xc0107c5) returned 0x400107e6
[0242.203] SelectObject (hdc=0x400107e6, h=0x4a0507fe) returned 0x85000f
[0242.203] GdipCreateFromHDC (hdc=0x400107e6, graphics=0xd7e268) returned 0x0
[0242.203] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.203] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0242.203] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0242.203] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0242.203] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0242.203] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.203] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0242.203] LocalFree (hMem=0x11ee868) returned 0x0
[0242.203] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0242.203] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0242.203] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.203] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0242.203] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0242.203] GdipRestoreGraphics (graphics=0x6600030, state=0xf8a40dbd) returned 0x0
[0242.203] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.203] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0242.204] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0242.204] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0242.204] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0242.204] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0242.204] SaveDC (hdc=0x400107e6) returned 1
[0242.204] GetNearestColor (hdc=0x400107e6, color=0xff) returned 0xff
[0242.204] GetNearestColor (hdc=0x400107e6, color=0x55) returned 0x55
[0242.204] GetNearestColor (hdc=0x400107e6, color=0x0) returned 0x0
[0242.204] GetNearestColor (hdc=0x400107e6, color=0x55) returned 0x55
[0242.204] GetNearestColor (hdc=0x400107e6, color=0x0) returned 0x0
[0242.204] GetNearestColor (hdc=0x400107e6, color=0x8080ff) returned 0x8080ff
[0242.204] GetNearestColor (hdc=0x400107e6, color=0x7373e5) returned 0x7373e5
[0242.204] GetNearestColor (hdc=0x400107e6, color=0xe5) returned 0xe5
[0242.205] GetNearestColor (hdc=0x400107e6, color=0x0) returned 0x0
[0242.205] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0242.205] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0242.205] IsAppThemed () returned 0x1
[0242.205] GetThemeAppProperties () returned 0x3
[0242.205] GetThemeAppProperties () returned 0x3
[0242.205] IsAppThemed () returned 0x1
[0242.205] GetThemeAppProperties () returned 0x3
[0242.205] GetThemeAppProperties () returned 0x3
[0242.205] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e74ef4 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0242.205] IsAppThemed () returned 0x1
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] IsAppThemed () returned 0x1
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] GetFocus () returned 0x2302d8
[0242.206] IsAppThemed () returned 0x1
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] IsAppThemed () returned 0x1
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] IsThemePartDefined () returned 0x1
[0242.206] IsAppThemed () returned 0x1
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0242.206] IsAppThemed () returned 0x1
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] GetThemeAppProperties () returned 0x3
[0242.206] IsAppThemed () returned 0x1
[0242.207] GetThemeAppProperties () returned 0x3
[0242.207] GetThemeAppProperties () returned 0x3
[0242.207] IsThemePartDefined () returned 0x1
[0242.207] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0242.207] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.207] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0242.207] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0242.207] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dff0) returned 0x0
[0242.207] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.207] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0242.207] LocalFree (hMem=0x11ee868) returned 0x0
[0242.207] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0242.207] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eead0) returned 0x0
[0242.207] LocalFree (hMem=0x11eead0) returned 0x0
[0242.207] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0242.207] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e018) returned 0x0
[0242.207] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e008) returned 0x0
[0242.207] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0242.207] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.208] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0242.208] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0242.208] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0242.208] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0242.208] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0242.208] SaveDC (hdc=0x400107e6) returned 1
[0242.208] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf00407de
[0242.208] GetClipRgn (hdc=0x400107e6, hrgn=0xf00407de) returned 0
[0242.208] SelectClipRgn (hdc=0x400107e6, hrgn=0x5c040807) returned 2
[0242.208] DeleteObject (ho=0xf00407de) returned 1
[0242.208] DeleteObject (ho=0x5c040807) returned 1
[0242.208] OffsetViewportOrgEx (in: hdc=0x400107e6, x=0, y=0, lppt=0x2e755a4 | out: lppt=0x2e755a4) returned 1
[0242.208] DrawThemeParentBackground () returned 0x0
[0242.209] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0242.209] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0242.209] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0242.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.209] GetSystemMetrics (nIndex=42) returned 0
[0242.209] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0242.209] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0242.209] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0242.209] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0242.209] SelectPalette (hdc=0x400107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.209] GdipCreateFromHDC (hdc=0x400107e6, graphics=0xd7dac8) returned 0x0
[0242.210] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0242.210] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0242.210] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638db8) returned 0x0
[0242.210] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7daa0) returned 0x0
[0242.210] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0242.210] GdipCreateRegion (region=0xd7da88) returned 0x0
[0242.210] GdipGetClip (graphics=0x6640bc0, region=0x6645878) returned 0x0
[0242.210] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6640bc0, result=0xd7da94) returned 0x0
[0242.210] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.210] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dac0) returned 0x0
[0242.210] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0242.249] GdipFillRectangleI (graphics=0x6640bc0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0242.250] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0242.251] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0242.252] SelectPalette (hdc=0x400107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.252] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0242.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.252] GetSystemMetrics (nIndex=42) returned 0
[0242.252] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0242.252] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0242.252] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0242.252] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0242.252] SelectPalette (hdc=0x400107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.252] GdipCreateFromHDC (hdc=0x400107e6, graphics=0xd7da68) returned 0x0
[0242.253] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0242.253] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0242.253] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638d28) returned 0x0
[0242.253] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7da40) returned 0x0
[0242.253] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0242.253] GdipCreateRegion (region=0xd7da28) returned 0x0
[0242.253] GdipGetClip (graphics=0x6640bc0, region=0x6645878) returned 0x0
[0242.253] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6640bc0, result=0xd7da34) returned 0x0
[0242.253] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.253] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7da60) returned 0x0
[0242.253] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0242.261] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0242.261] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0242.269] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf8a00dbd) returned 0x0
[0242.269] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0242.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.269] GetSystemMetrics (nIndex=42) returned 0
[0242.269] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0242.269] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0242.269] SelectPalette (hdc=0x400107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.270] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0242.270] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0242.270] IsAppThemed () returned 0x1
[0242.270] GetThemeAppProperties () returned 0x3
[0242.270] GetThemeAppProperties () returned 0x3
[0242.270] IsAppThemed () returned 0x1
[0242.270] GetThemeAppProperties () returned 0x3
[0242.270] GetThemeAppProperties () returned 0x3
[0242.270] IsThemePartDefined () returned 0x1
[0242.270] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0242.270] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.270] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0242.270] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0242.270] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0242.270] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.270] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0242.270] LocalFree (hMem=0x11eec58) returned 0x0
[0242.271] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.271] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0242.271] LocalFree (hMem=0x11eec58) returned 0x0
[0242.271] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0242.271] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0242.271] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0242.271] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0242.271] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.271] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0242.271] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0242.271] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0242.271] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0242.271] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0242.271] SaveDC (hdc=0x400107e6) returned 1
[0242.271] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5d040807
[0242.272] GetClipRgn (hdc=0x400107e6, hrgn=0x5d040807) returned 0
[0242.272] SelectClipRgn (hdc=0x400107e6, hrgn=0xf20407de) returned 2
[0242.272] DeleteObject (ho=0x5d040807) returned 1
[0242.272] DeleteObject (ho=0xf20407de) returned 1
[0242.272] OffsetViewportOrgEx (in: hdc=0x400107e6, x=0, y=0, lppt=0x2e7bdf4 | out: lppt=0x2e7bdf4) returned 1
[0242.272] IsAppThemed () returned 0x1
[0242.272] GetThemeAppProperties () returned 0x3
[0242.272] GetThemeAppProperties () returned 0x3
[0242.272] DrawThemeBackground () returned 0x0
[0242.272] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0242.272] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0242.272] GdipCreateRegion (region=0xd7df60) returned 0x0
[0242.272] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.272] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0242.272] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0242.273] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df78) returned 0x0
[0242.273] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0242.273] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0242.273] LocalFree (hMem=0x11ee788) returned 0x0
[0242.273] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0242.273] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0242.273] LocalFree (hMem=0x11eecc8) returned 0x0
[0242.273] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0242.273] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0242.273] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df90) returned 0x0
[0242.273] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0242.273] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.273] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0242.273] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0242.273] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0242.273] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0242.273] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0242.274] SaveDC (hdc=0x400107e6) returned 1
[0242.274] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf30407de
[0242.274] GetClipRgn (hdc=0x400107e6, hrgn=0xf30407de) returned 0
[0242.274] SelectClipRgn (hdc=0x400107e6, hrgn=0x5e040807) returned 2
[0242.274] DeleteObject (ho=0xf30407de) returned 1
[0242.274] DeleteObject (ho=0x5e040807) returned 1
[0242.274] OffsetViewportOrgEx (in: hdc=0x400107e6, x=0, y=0, lppt=0x2e7c0c8 | out: lppt=0x2e7c0c8) returned 1
[0242.274] IsAppThemed () returned 0x1
[0242.274] GetThemeAppProperties () returned 0x3
[0242.274] GetThemeAppProperties () returned 0x3
[0242.274] GetThemeBackgroundContentRect () returned 0x0
[0242.274] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0242.274] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0242.274] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0242.274] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0242.274] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0242.275] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0242.275] IsAppThemed () returned 0x1
[0242.275] GetThemeAppProperties () returned 0x3
[0242.275] GetThemeAppProperties () returned 0x3
[0242.275] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0242.275] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0242.275] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0242.275] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0242.275] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0242.275] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0242.275] SaveDC (hdc=0x400107e6) returned 1
[0242.275] GetTextAlign (hdc=0x400107e6) returned 0x0
[0242.275] GetTextColor (hdc=0x400107e6) returned 0x0
[0242.275] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0242.275] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0242.275] SelectObject (hdc=0x400107e6, h=0x6d0a0520) returned 0x8a01c2
[0242.276] GetBkMode (hdc=0x400107e6) returned 2
[0242.276] SetBkMode (hdc=0x400107e6, mode=1) returned 2
[0242.276] DrawTextExW (in: hdc=0x400107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e7c48c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0242.276] DrawTextExW (in: hdc=0x400107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e7c48c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0242.277] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0242.277] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0242.277] GetFocus () returned 0x2302d8
[0242.277] IsAppThemed () returned 0x1
[0242.277] GetThemeAppProperties () returned 0x3
[0242.277] GetThemeAppProperties () returned 0x3
[0242.277] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0242.277] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x400107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.277] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0242.277] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.277] SelectObject (hdc=0x400107e6, h=0x85000f) returned 0x4a0507fe
[0242.277] DeleteDC (hdc=0x400107e6) returned 1
[0242.277] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.278] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0242.278] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.278] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0242.279] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.279] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.279] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0242.280] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.280] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.281] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.281] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0242.282] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.282] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.282] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.282] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.282] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.283] IsWindowUnicode (hWnd=0x2102dc) returned 1
[0242.283] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.284] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.284] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.284] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.284] IsWindowUnicode (hWnd=0x2102dc) returned 1
[0242.284] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.284] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.284] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x2a1, wParam=0x0, lParam=0xa001a) returned 0x0
[0242.284] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.284] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.284] WaitMessage () returned 1
[0242.332] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.332] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.332] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.332] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.332] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.333] WaitMessage () returned 1
[0242.334] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.334] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.334] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.334] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.334] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.335] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.335] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.335] WaitMessage () returned 1
[0242.335] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.335] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.335] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.335] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.335] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.336] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.337] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.337] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.337] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.337] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.338] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.338] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.338] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.338] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.338] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.338] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.338] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.338] WaitMessage () returned 1
[0242.339] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.339] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.339] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.339] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.339] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.340] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.340] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.340] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.340] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.340] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.341] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.344] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.344] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.344] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.344] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.344] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.345] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.345] WaitMessage () returned 1
[0242.347] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.347] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.347] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.347] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.347] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.348] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.348] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.348] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.348] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.348] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.348] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.349] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.349] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.349] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.349] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.349] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.349] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.349] WaitMessage () returned 1
[0242.349] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.349] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.349] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.350] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.350] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.351] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.351] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.351] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.351] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.351] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.351] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.351] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.351] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.352] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.352] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.352] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.352] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.352] WaitMessage () returned 1
[0242.419] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.419] IsWindowUnicode (hWnd=0x502c6) returned 1
[0242.419] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.419] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.419] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.419] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.419] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0242.419] WaitMessage () returned 1
[0242.478] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.479] IsWindowUnicode (hWnd=0x2102dc) returned 1
[0242.479] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.479] GetDlgItem (hDlg=0x1b02c8, nIDDlgItem=0) returned 0x0
[0242.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x210, wParam=0x201, lParam=0x6800fb) returned 0x0
[0242.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x21, wParam=0x1b02c8, lParam=0x2010001) returned 0x1
[0242.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x21, wParam=0x1b02c8, lParam=0x2010001) returned 0x1
[0242.479] SetCursor (hCursor=0x10003) returned 0x10003
[0242.479] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.479] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.479] GetKeyState (nVirtKey=1) returned -127
[0242.479] GetKeyState (nVirtKey=2) returned 0
[0242.479] GetKeyState (nVirtKey=4) returned 0
[0242.479] GetKeyState (nVirtKey=5) returned 0
[0242.479] GetKeyState (nVirtKey=6) returned 0
[0242.480] IsWindowVisible (hWnd=0x2102dc) returned 1
[0242.480] IsWindowEnabled (hWnd=0x2102dc) returned 1
[0242.480] SetFocus (hWnd=0x2102dc) returned 0x2302d8
[0242.480] GetFocus () returned 0x2102dc
[0242.480] IsChild (hWndParent=0x1b02c8, hWnd=0x2102dc) returned 1
[0242.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x8, wParam=0x2102dc, lParam=0x0) returned 0x0
[0242.480] GetCapture () returned 0x0
[0242.480] InvalidateRect (hWnd=0x2302d8, lpRect=0x0, bErase=0) returned 1
[0242.481] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0242.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0242.484] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0242.484] InvalidateRect (hWnd=0x2302d8, lpRect=0x0, bErase=0) returned 1
[0242.484] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x7, wParam=0x2302d8, lParam=0x0) returned 0x0
[0242.484] GetStockObject (i=5) returned 0x900015
[0242.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0242.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0242.484] GetDlgItem (hDlg=0x1b02c8, nIDDlgItem=2163420) returned 0x2102dc
[0242.484] SendMessageW (hWnd=0x2102dc, Msg=0x202b, wParam=0x2102dc, lParam=0xd7dddc) returned 0x0
[0242.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x202b, wParam=0x2102dc, lParam=0xd7dddc) returned 0x0
[0242.484] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.486] GetFocus () returned 0x2102dc
[0242.486] GetFocus () returned 0x2102dc
[0242.486] GetFocus () returned 0x2102dc
[0242.486] GetKeyState (nVirtKey=1) returned -127
[0242.486] GetKeyState (nVirtKey=2) returned 0
[0242.486] GetKeyState (nVirtKey=4) returned 0
[0242.486] GetKeyState (nVirtKey=5) returned 0
[0242.486] GetKeyState (nVirtKey=6) returned 0
[0242.486] GetCapture () returned 0x0
[0242.486] SetCapture (hWnd=0x2102dc) returned 0x0
[0242.486] GetKeyState (nVirtKey=1) returned -127
[0242.486] GetKeyState (nVirtKey=2) returned 0
[0242.486] GetKeyState (nVirtKey=4) returned 0
[0242.486] GetKeyState (nVirtKey=5) returned 0
[0242.486] GetKeyState (nVirtKey=6) returned 0
[0242.486] NotifyWinEvent (event=0x800a, hwnd=0x2102dc, idObject=-4, idChild=0)
[0242.486] InvalidateRect (hWnd=0x2102dc, lpRect=0xd7e430, bErase=0) returned 1
[0242.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.486] IsWindowUnicode (hWnd=0x2102dc) returned 1
[0242.487] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.487] TranslateMessage (lpMsg=0xd7e808) returned 0
[0242.487] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0242.487] MapWindowPoints (in: hWndFrom=0x2102dc, hWndTo=0x0, lpPoints=0x2e7c79c, cPoints=0x1 | out: lpPoints=0x2e7c79c) returned 30999254
[0242.487] NotifyWinEvent (event=0x800a, hwnd=0x2102dc, idObject=-4, idChild=0)
[0242.487] InvalidateRect (hWnd=0x2102dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0242.487] UpdateWindow (hWnd=0x2102dc) returned 1
[0242.487] BeginPaint (in: hWnd=0x2102dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0242.487] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.487] CreateCompatibleDC (hdc=0x10105d6) returned 0x4a0107ef
[0242.487] SelectObject (hdc=0x4a0107ef, h=0x4a0507fe) returned 0x85000f
[0242.487] GdipCreateFromHDC (hdc=0x4a0107ef, graphics=0xd7df00) returned 0x0
[0242.487] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.487] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0242.488] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0242.488] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0242.488] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df60) returned 0x0
[0242.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.488] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0242.488] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.488] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0242.488] GdipCreateRegion (region=0xd7df48) returned 0x0
[0242.488] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.488] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df54) returned 0x0
[0242.488] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0242.488] GdipRestoreGraphics (graphics=0x6600030, state=0xf89e0dbd) returned 0x0
[0242.488] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.488] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0242.488] GetCurrentObject (hdc=0x4a0107ef, type=0x1) returned 0xb00017
[0242.488] GetCurrentObject (hdc=0x4a0107ef, type=0x2) returned 0x900010
[0242.488] GetCurrentObject (hdc=0x4a0107ef, type=0x7) returned 0x4a0507fe
[0242.488] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.488] SaveDC (hdc=0x4a0107ef) returned 1
[0242.488] GetNearestColor (hdc=0x4a0107ef, color=0xf0f0f0) returned 0xf0f0f0
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0xa0a0a0) returned 0xa0a0a0
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0x696969) returned 0x696969
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0xa0a0a0) returned 0xa0a0a0
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0x0) returned 0x0
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0xffffff) returned 0xffffff
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0xe5e5e5) returned 0xe5e5e5
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0xd7d7d7) returned 0xd7d7d7
[0242.489] GetNearestColor (hdc=0x4a0107ef, color=0x0) returned 0x0
[0242.489] RestoreDC (hdc=0x4a0107ef, nSavedDC=-1) returned 1
[0242.489] GdipReleaseDC (graphics=0x6600030, hdc=0x4a0107ef) returned 0x0
[0242.489] IsAppThemed () returned 0x1
[0242.489] GetThemeAppProperties () returned 0x3
[0242.489] GetThemeAppProperties () returned 0x3
[0242.489] IsAppThemed () returned 0x1
[0242.489] GetThemeAppProperties () returned 0x3
[0242.489] GetThemeAppProperties () returned 0x3
[0242.489] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e7cef4 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0242.490] IsAppThemed () returned 0x1
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] IsAppThemed () returned 0x1
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] IsAppThemed () returned 0x1
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] IsAppThemed () returned 0x1
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] IsThemePartDefined () returned 0x1
[0242.490] IsAppThemed () returned 0x1
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0242.490] IsAppThemed () returned 0x1
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] IsAppThemed () returned 0x1
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] GetThemeAppProperties () returned 0x3
[0242.490] IsThemePartDefined () returned 0x1
[0242.490] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0242.491] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.491] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0242.491] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0242.491] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc7c) returned 0x0
[0242.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.491] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0242.491] LocalFree (hMem=0x11ee868) returned 0x0
[0242.491] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.491] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0242.491] LocalFree (hMem=0x11eec58) returned 0x0
[0242.491] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0242.491] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0242.491] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0242.491] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0242.491] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.491] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0242.491] GetCurrentObject (hdc=0x4a0107ef, type=0x1) returned 0xb00017
[0242.491] GetCurrentObject (hdc=0x4a0107ef, type=0x2) returned 0x900010
[0242.491] GetCurrentObject (hdc=0x4a0107ef, type=0x7) returned 0x4a0507fe
[0242.491] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.491] SaveDC (hdc=0x4a0107ef) returned 1
[0242.492] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0242.492] GetClipRgn (hdc=0x4a0107ef, hrgn=0x5f040807) returned 0
[0242.492] SelectClipRgn (hdc=0x4a0107ef, hrgn=0xf70407de) returned 2
[0242.492] DeleteObject (ho=0x5f040807) returned 1
[0242.492] DeleteObject (ho=0xf70407de) returned 1
[0242.492] OffsetViewportOrgEx (in: hdc=0x4a0107ef, x=0, y=0, lppt=0x2e7d5a4 | out: lppt=0x2e7d5a4) returned 1
[0242.492] DrawThemeParentBackground () returned 0x0
[0242.492] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0242.492] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0242.492] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.492] GetSystemMetrics (nIndex=42) returned 0
[0242.492] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0242.492] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0242.492] GetCurrentObject (hdc=0x4a0107ef, type=0x1) returned 0xb00017
[0242.492] GetCurrentObject (hdc=0x4a0107ef, type=0x2) returned 0x900010
[0242.492] GetCurrentObject (hdc=0x4a0107ef, type=0x7) returned 0x4a0507fe
[0242.492] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.493] SaveDC (hdc=0x4a0107ef) returned 2
[0242.493] GetNearestColor (hdc=0x4a0107ef, color=0xf0f0f0) returned 0xf0f0f0
[0242.493] CreateSolidBrush (color=0xf0f0f0) returned 0x8b1007e1
[0242.493] FillRect (hDC=0x4a0107ef, lprc=0xd7d6c8, hbr=0x8b1007e1) returned 1
[0242.493] DeleteObject (ho=0x8b1007e1) returned 1
[0242.493] RestoreDC (hdc=0x4a0107ef, nSavedDC=-1) returned 1
[0242.493] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.493] GetSystemMetrics (nIndex=42) returned 0
[0242.493] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0242.493] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0242.493] GetCurrentObject (hdc=0x4a0107ef, type=0x1) returned 0xb00017
[0242.493] GetCurrentObject (hdc=0x4a0107ef, type=0x2) returned 0x900010
[0242.493] GetCurrentObject (hdc=0x4a0107ef, type=0x7) returned 0x4a0507fe
[0242.493] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.493] SaveDC (hdc=0x4a0107ef) returned 2
[0242.493] GetNearestColor (hdc=0x4a0107ef, color=0xf0f0f0) returned 0xf0f0f0
[0242.493] CreateSolidBrush (color=0xf0f0f0) returned 0x8c1007e1
[0242.494] FillRect (hDC=0x4a0107ef, lprc=0xd7d668, hbr=0x8c1007e1) returned 1
[0242.494] DeleteObject (ho=0x8c1007e1) returned 1
[0242.494] RestoreDC (hdc=0x4a0107ef, nSavedDC=-1) returned 1
[0242.494] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.494] GetSystemMetrics (nIndex=42) returned 0
[0242.494] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0242.494] RestoreDC (hdc=0x4a0107ef, nSavedDC=-1) returned 1
[0242.494] GdipReleaseDC (graphics=0x6600030, hdc=0x4a0107ef) returned 0x0
[0242.494] IsAppThemed () returned 0x1
[0242.494] GetThemeAppProperties () returned 0x3
[0242.494] GetThemeAppProperties () returned 0x3
[0242.494] IsAppThemed () returned 0x1
[0242.494] GetThemeAppProperties () returned 0x3
[0242.494] GetThemeAppProperties () returned 0x3
[0242.494] IsThemePartDefined () returned 0x1
[0242.494] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0242.494] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.494] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0242.494] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0242.495] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc00) returned 0x0
[0242.495] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.495] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0242.495] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.495] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0242.495] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0242.495] LocalFree (hMem=0x11eea28) returned 0x0
[0242.495] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0242.495] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0242.495] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0242.495] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0242.495] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.495] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0242.495] GetCurrentObject (hdc=0x4a0107ef, type=0x1) returned 0xb00017
[0242.495] GetCurrentObject (hdc=0x4a0107ef, type=0x2) returned 0x900010
[0242.495] GetCurrentObject (hdc=0x4a0107ef, type=0x7) returned 0x4a0507fe
[0242.495] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.495] SaveDC (hdc=0x4a0107ef) returned 1
[0242.495] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf80407de
[0242.495] GetClipRgn (hdc=0x4a0107ef, hrgn=0xf80407de) returned 0
[0242.496] SelectClipRgn (hdc=0x4a0107ef, hrgn=0x61040807) returned 2
[0242.496] DeleteObject (ho=0xf80407de) returned 1
[0242.496] DeleteObject (ho=0x61040807) returned 1
[0242.496] OffsetViewportOrgEx (in: hdc=0x4a0107ef, x=0, y=0, lppt=0x2e7de50 | out: lppt=0x2e7de50) returned 1
[0242.496] IsAppThemed () returned 0x1
[0242.496] GetThemeAppProperties () returned 0x3
[0242.496] GetThemeAppProperties () returned 0x3
[0242.496] DrawThemeBackground () returned 0x0
[0242.496] RestoreDC (hdc=0x4a0107ef, nSavedDC=-1) returned 1
[0242.496] GdipReleaseDC (graphics=0x6600030, hdc=0x4a0107ef) returned 0x0
[0242.496] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0242.496] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.496] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0242.496] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0242.496] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc04) returned 0x0
[0242.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0242.496] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0242.496] LocalFree (hMem=0x11ee868) returned 0x0
[0242.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0242.496] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0242.496] LocalFree (hMem=0x11ee788) returned 0x0
[0242.497] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0242.497] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0242.497] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0242.497] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0242.497] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.497] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0242.499] GetCurrentObject (hdc=0x4a0107ef, type=0x1) returned 0xb00017
[0242.499] GetCurrentObject (hdc=0x4a0107ef, type=0x2) returned 0x900010
[0242.499] GetCurrentObject (hdc=0x4a0107ef, type=0x7) returned 0x4a0507fe
[0242.499] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.499] SaveDC (hdc=0x4a0107ef) returned 1
[0242.499] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x62040807
[0242.499] GetClipRgn (hdc=0x4a0107ef, hrgn=0x62040807) returned 0
[0242.499] SelectClipRgn (hdc=0x4a0107ef, hrgn=0xf90407de) returned 2
[0242.499] DeleteObject (ho=0x62040807) returned 1
[0242.499] DeleteObject (ho=0xf90407de) returned 1
[0242.500] OffsetViewportOrgEx (in: hdc=0x4a0107ef, x=0, y=0, lppt=0x2e7e124 | out: lppt=0x2e7e124) returned 1
[0242.500] IsAppThemed () returned 0x1
[0242.500] GetThemeAppProperties () returned 0x3
[0242.500] GetThemeAppProperties () returned 0x3
[0242.500] GetThemeBackgroundContentRect () returned 0x0
[0242.500] RestoreDC (hdc=0x4a0107ef, nSavedDC=-1) returned 1
[0242.500] GdipReleaseDC (graphics=0x6600030, hdc=0x4a0107ef) returned 0x0
[0242.500] IsAppThemed () returned 0x1
[0242.500] GetThemeAppProperties () returned 0x3
[0242.500] GetThemeAppProperties () returned 0x3
[0242.500] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0242.500] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0242.500] GetCurrentObject (hdc=0x4a0107ef, type=0x1) returned 0xb00017
[0242.500] GetCurrentObject (hdc=0x4a0107ef, type=0x2) returned 0x900010
[0242.500] GetCurrentObject (hdc=0x4a0107ef, type=0x7) returned 0x4a0507fe
[0242.500] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.500] SaveDC (hdc=0x4a0107ef) returned 1
[0242.500] GetTextAlign (hdc=0x4a0107ef) returned 0x0
[0242.500] GetTextColor (hdc=0x4a0107ef) returned 0x0
[0242.500] GetCurrentObject (hdc=0x4a0107ef, type=0x6) returned 0x8a01c2
[0242.501] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0242.501] SelectObject (hdc=0x4a0107ef, h=0x6d0a0520) returned 0x8a01c2
[0242.501] GetBkMode (hdc=0x4a0107ef) returned 2
[0242.501] SetBkMode (hdc=0x4a0107ef, mode=1) returned 2
[0242.501] DrawTextExW (in: hdc=0x4a0107ef, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e7e4c4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0242.501] DrawTextExW (in: hdc=0x4a0107ef, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e7e4c4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0242.501] RestoreDC (hdc=0x4a0107ef, nSavedDC=-1) returned 1
[0242.501] GdipReleaseDC (graphics=0x6600030, hdc=0x4a0107ef) returned 0x0
[0242.501] GetFocus () returned 0x2102dc
[0242.501] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0242.502] SendMessageW (hWnd=0x1b02c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0242.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0242.502] IsAppThemed () returned 0x1
[0242.502] GetThemeAppProperties () returned 0x3
[0242.502] GetThemeAppProperties () returned 0x3
[0242.502] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0242.502] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x4a0107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.502] GdipReleaseDC (graphics=0x6600030, hdc=0x4a0107ef) returned 0x0
[0242.502] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.502] SelectObject (hdc=0x4a0107ef, h=0x85000f) returned 0x4a0507fe
[0242.502] DeleteDC (hdc=0x4a0107ef) returned 1
[0242.502] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.502] EndPaint (hWnd=0x2102dc, lpPaint=0xd7dee4) returned 1
[0242.502] MapWindowPoints (in: hWndFrom=0x2102dc, hWndTo=0x0, lpPoints=0x2e7e5c0, cPoints=0x1 | out: lpPoints=0x2e7e5c0) returned 30999254
[0242.502] WindowFromPoint (Point=0x2f0) returned 0x2102dc
[0242.503] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.503] NotifyWinEvent (event=0x800a, hwnd=0x2102dc, idObject=-4, idChild=0)
[0242.503] NotifyWinEvent (event=0x800c, hwnd=0x2102dc, idObject=-4, idChild=0)
[0242.503] GetCapture () returned 0x2102dc
[0242.503] ReleaseCapture () returned 1
[0242.503] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0242.503] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0242.503] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.503] IsWindow (hWnd=0x7005c) returned 1
[0242.503] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0242.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0242.504] IsWindow (hWnd=0x1b02c8) returned 1
[0242.504] SetActiveWindow (hWnd=0x1b02c8) returned 0x1b02c8
[0242.504] IsWindow (hWnd=0x1b02c8) returned 1
[0242.504] SetFocus (hWnd=0x1b02c8) returned 0x2102dc
[0242.504] GetFocus () returned 0x1b02c8
[0242.504] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x8, wParam=0x1b02c8, lParam=0x0) returned 0x0
[0242.504] GetCapture () returned 0x0
[0242.505] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.505] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0242.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0242.508] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0242.508] GetFocus () returned 0x1b02c8
[0242.508] SetFocus (hWnd=0x2102dc) returned 0x1b02c8
[0242.508] GetFocus () returned 0x2102dc
[0242.508] IsChild (hWndParent=0x1b02c8, hWnd=0x2102dc) returned 1
[0242.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x8, wParam=0x2102dc, lParam=0x0) returned 0x0
[0242.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0242.510] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0242.512] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0242.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x7, wParam=0x1b02c8, lParam=0x0) returned 0x0
[0242.512] GetStockObject (i=5) returned 0x900015
[0242.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0242.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0242.512] GetDlgItem (hDlg=0x1b02c8, nIDDlgItem=2163420) returned 0x2102dc
[0242.512] SendMessageW (hWnd=0x2102dc, Msg=0x202b, wParam=0x2102dc, lParam=0xd7ddcc) returned 0x0
[0242.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x202b, wParam=0x2102dc, lParam=0xd7ddcc) returned 0x0
[0242.512] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.514] GetWindowLongW (hWnd=0x1b02c8, nIndex=-8) returned 458844
[0242.514] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0242.514] GetCurrentThreadId () returned 0xf50
[0242.514] IsWindow (hWnd=0x7005c) returned 1
[0242.514] IsWindow (hWnd=0x7005c) returned 1
[0242.514] IsWindowVisible (hWnd=0x7005c) returned 1
[0242.514] SetActiveWindow (hWnd=0x7005c) returned 0x1b02c8
[0242.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0242.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0242.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0242.518] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0242.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0242.518] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0242.518] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0242.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1b02c8) returned 0x1
[0242.522] GetFocus () returned 0x2102dc
[0242.522] SetFocus (hWnd=0x602c4) returned 0x2102dc
[0242.522] GetFocus () returned 0x602c4
[0242.522] IsChild (hWndParent=0x1b02c8, hWnd=0x602c4) returned 0
[0242.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0242.523] GetCapture () returned 0x0
[0242.523] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.524] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0242.525] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0242.526] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0242.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0242.526] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0242.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0242.527] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0242.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2102dc, lParam=0x0) returned 0x0
[0242.527] GetStockObject (i=5) returned 0x900015
[0242.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0242.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed6e8) returned 0xc
[0242.527] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0242.527] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0242.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0242.527] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0242.532] GetFocus () returned 0x602c4
[0242.533] IsChild (hWndParent=0x1b02c8, hWnd=0x602c4) returned 0
[0242.533] ShowWindow (hWnd=0x1b02c8, nCmdShow=0) returned 1
[0242.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0242.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0242.534] GetWindowPlacement (in: hWnd=0x1b02c8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0242.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0242.534] GetClientRect (in: hWnd=0x1b02c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0242.534] GetWindowRect (in: hWnd=0x1b02c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0242.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0242.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0242.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0242.535] GetWindowLongW (hWnd=0x1b02c8, nIndex=-20) returned 327945
[0242.535] DestroyWindow (hWnd=0x1b02c8) returned 1
[0242.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0242.536] GetWindowTextLengthW (hWnd=0x1b02c8) returned 13
[0242.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.536] GetSystemMetrics (nIndex=42) returned 0
[0242.536] GetWindowTextW (in: hWnd=0x1b02c8, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0242.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0242.536] GetWindowTextLengthW (hWnd=0x1602d0) returned 0
[0242.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0242.536] GetSystemMetrics (nIndex=42) returned 0
[0242.536] GetWindowTextW (in: hWnd=0x1602d0, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0242.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0242.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0242.536] GetWindowThreadProcessId (in: hWnd=0x1702ce, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0242.536] GetWindow (hWnd=0x1702ce, uCmd=0x5) returned 0x0
[0242.536] GetWindowLongW (hWnd=0x1702ce, nIndex=-20) returned 65792
[0242.537] DestroyWindow (hWnd=0x1702ce) returned 1
[0242.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0242.537] GetWindowTextLengthW (hWnd=0x1702ce) returned 25
[0242.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0242.537] GetSystemMetrics (nIndex=42) returned 0
[0242.537] GetWindowTextW (in: hWnd=0x1702ce, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0242.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0242.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0242.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1702ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.539] GetWindowTextLengthW (hWnd=0x2102de) returned 232
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0242.539] GetSystemMetrics (nIndex=42) returned 0
[0242.539] GetWindowTextW (in: hWnd=0x2102de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0242.539] InvalidateRect (hWnd=0x2102dc, lpRect=0x0, bErase=0) returned 1
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0242.539] SendMessageW (hWnd=0x2400ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0242.539] SendMessageW (hWnd=0x2400ea, Msg=0xb0, wParam=0x2e4a3c4, lParam=0xd7e480) returned 0x0
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0xb0, wParam=0x2e4a3c4, lParam=0xd7e480) returned 0x0
[0242.539] GetWindowTextLengthW (hWnd=0x2400ea) returned 4363
[0242.539] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0242.540] GetSystemMetrics (nIndex=42) returned 0
[0242.540] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0242.540] GetWindowTextW (in: hWnd=0x2400ea, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0242.540] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0242.540] CoTaskMemFree (pv=0x120a4b0)
[0242.540] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0242.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1602d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.541] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2102de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.542] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.544] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.555] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.557] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2400ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0242.562] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.562] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.562] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.563] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.563] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.563] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.563] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.563] IsWindowUnicode (hWnd=0x7005c) returned 1
[0242.563] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.563] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.564] SetCursor (hCursor=0x10003) returned 0x10003
[0242.564] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.564] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.564] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0242.564] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0242.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0242.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0232) returned 0x0
[0242.564] GetKeyState (nVirtKey=1) returned 1
[0242.564] GetKeyState (nVirtKey=2) returned 0
[0242.564] GetKeyState (nVirtKey=4) returned 0
[0242.564] GetKeyState (nVirtKey=5) returned 0
[0242.564] GetKeyState (nVirtKey=6) returned 0
[0242.564] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.565] IsWindowUnicode (hWnd=0x7005c) returned 1
[0242.565] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.565] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.565] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.565] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.566] IsWindowUnicode (hWnd=0x7005c) returned 1
[0242.566] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.566] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e302f0) returned 0x1
[0242.566] SetCursor (hCursor=0x10003) returned 0x10003
[0242.566] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.566] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.566] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0232) returned 0x0
[0242.566] GetKeyState (nVirtKey=1) returned 1
[0242.566] GetKeyState (nVirtKey=2) returned 0
[0242.566] GetKeyState (nVirtKey=4) returned 0
[0242.566] GetKeyState (nVirtKey=5) returned 0
[0242.566] GetKeyState (nVirtKey=6) returned 0
[0242.566] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.567] IsWindowUnicode (hWnd=0x602c4) returned 1
[0242.567] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.567] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.567] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.567] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.568] IsWindowUnicode (hWnd=0x602c4) returned 1
[0242.568] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.568] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.568] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.568] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0242.568] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.569] CreateCompatibleDC (hdc=0x10105d6) returned 0x3c0107f8
[0242.569] SelectObject (hdc=0x3c0107f8, h=0x4a0507fe) returned 0x85000f
[0242.569] GdipCreateFromHDC (hdc=0x3c0107f8, graphics=0xd7e798) returned 0x0
[0242.569] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0242.569] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0242.569] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0242.569] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0242.569] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e7f8) returned 0x0
[0242.569] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0242.569] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0242.569] LocalFree (hMem=0x11ee8d8) returned 0x0
[0242.569] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0242.570] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0242.570] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.570] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0242.570] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0242.570] GdipRestoreGraphics (graphics=0x6600030, state=0xf89c0dbd) returned 0x0
[0242.570] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.570] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0242.570] GetCurrentObject (hdc=0x3c0107f8, type=0x1) returned 0xb00017
[0242.570] GetCurrentObject (hdc=0x3c0107f8, type=0x2) returned 0x900010
[0242.570] GetCurrentObject (hdc=0x3c0107f8, type=0x7) returned 0x4a0507fe
[0242.570] GetCurrentObject (hdc=0x3c0107f8, type=0x6) returned 0x8a01c2
[0242.570] SaveDC (hdc=0x3c0107f8) returned 1
[0242.570] GetNearestColor (hdc=0x3c0107f8, color=0xff) returned 0xff
[0242.570] GetNearestColor (hdc=0x3c0107f8, color=0x55) returned 0x55
[0242.570] GetNearestColor (hdc=0x3c0107f8, color=0x0) returned 0x0
[0242.571] GetNearestColor (hdc=0x3c0107f8, color=0x55) returned 0x55
[0242.571] GetNearestColor (hdc=0x3c0107f8, color=0x0) returned 0x0
[0242.571] GetNearestColor (hdc=0x3c0107f8, color=0x8080ff) returned 0x8080ff
[0242.571] GetNearestColor (hdc=0x3c0107f8, color=0x7373e5) returned 0x7373e5
[0242.571] GetNearestColor (hdc=0x3c0107f8, color=0xe5) returned 0xe5
[0242.571] GetNearestColor (hdc=0x3c0107f8, color=0x0) returned 0x0
[0242.571] RestoreDC (hdc=0x3c0107f8, nSavedDC=-1) returned 1
[0242.571] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107f8) returned 0x0
[0242.571] IsAppThemed () returned 0x1
[0242.571] GetThemeAppProperties () returned 0x3
[0242.571] GetThemeAppProperties () returned 0x3
[0242.571] IsAppThemed () returned 0x1
[0242.571] GetThemeAppProperties () returned 0x3
[0242.571] GetThemeAppProperties () returned 0x3
[0242.572] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e8632c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0242.572] IsAppThemed () returned 0x1
[0242.572] GetThemeAppProperties () returned 0x3
[0242.572] GetThemeAppProperties () returned 0x3
[0242.572] IsAppThemed () returned 0x1
[0242.572] GetThemeAppProperties () returned 0x3
[0242.572] GetThemeAppProperties () returned 0x3
[0242.572] GetFocus () returned 0x602c4
[0242.572] IsAppThemed () returned 0x1
[0242.572] GetThemeAppProperties () returned 0x3
[0242.572] GetThemeAppProperties () returned 0x3
[0242.572] IsAppThemed () returned 0x1
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] IsThemePartDefined () returned 0x1
[0242.573] IsAppThemed () returned 0x1
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0242.573] IsAppThemed () returned 0x1
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] IsAppThemed () returned 0x1
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] GetThemeAppProperties () returned 0x3
[0242.573] IsThemePartDefined () returned 0x1
[0242.573] GdipCreateRegion (region=0xd7e508) returned 0x0
[0242.573] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0242.573] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0242.573] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0242.573] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e520) returned 0x0
[0242.573] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0242.573] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0242.574] LocalFree (hMem=0x11ee788) returned 0x0
[0242.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.574] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0242.574] LocalFree (hMem=0x11eec58) returned 0x0
[0242.574] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0242.574] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e548) returned 0x0
[0242.574] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e538) returned 0x0
[0242.574] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0242.574] GdipDeleteRegion (region=0x6645878) returned 0x0
[0242.574] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0242.574] GetCurrentObject (hdc=0x3c0107f8, type=0x1) returned 0xb00017
[0242.574] GetCurrentObject (hdc=0x3c0107f8, type=0x2) returned 0x900010
[0242.574] GetCurrentObject (hdc=0x3c0107f8, type=0x7) returned 0x4a0507fe
[0242.574] GetCurrentObject (hdc=0x3c0107f8, type=0x6) returned 0x8a01c2
[0242.574] SaveDC (hdc=0x3c0107f8) returned 1
[0242.575] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa0407de
[0242.575] GetClipRgn (hdc=0x3c0107f8, hrgn=0xfa0407de) returned 0
[0242.575] SelectClipRgn (hdc=0x3c0107f8, hrgn=0x66040807) returned 2
[0242.575] DeleteObject (ho=0xfa0407de) returned 1
[0242.575] DeleteObject (ho=0x66040807) returned 1
[0242.575] OffsetViewportOrgEx (in: hdc=0x3c0107f8, x=0, y=0, lppt=0x2e869dc | out: lppt=0x2e869dc) returned 1
[0242.578] DrawThemeParentBackground () returned 0x0
[0242.578] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0242.579] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0242.579] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0242.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.579] GetSystemMetrics (nIndex=42) returned 0
[0242.579] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0242.579] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0242.579] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0242.579] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0242.579] SelectPalette (hdc=0x3c0107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.579] GdipCreateFromHDC (hdc=0x3c0107f8, graphics=0xd7dff8) returned 0x0
[0242.579] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0242.579] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0242.580] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638b78) returned 0x0
[0242.580] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfd0) returned 0x0
[0242.580] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0242.580] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0242.580] GdipGetClip (graphics=0x6640bc0, region=0x6645908) returned 0x0
[0242.580] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6640bc0, result=0xd7dfc4) returned 0x0
[0242.580] GdipDeleteRegion (region=0x6645908) returned 0x0
[0242.580] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dff0) returned 0x0
[0242.580] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0242.588] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0242.588] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0242.590] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0242.590] SelectPalette (hdc=0x3c0107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.590] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0242.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.590] GetSystemMetrics (nIndex=42) returned 0
[0242.590] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0242.598] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0242.598] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0242.598] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0242.598] SelectPalette (hdc=0x3c0107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0242.598] GdipCreateFromHDC (hdc=0x3c0107f8, graphics=0xd7df98) returned 0x0
[0242.598] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0242.598] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0242.598] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638bd8) returned 0x0
[0242.598] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df70) returned 0x0
[0242.598] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0242.599] GdipCreateRegion (region=0xd7df58) returned 0x0
[0242.599] GdipGetClip (graphics=0x6640bc0, region=0x6645fc8) returned 0x0
[0242.599] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6640bc0, result=0xd7df64) returned 0x0
[0242.599] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.599] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7df90) returned 0x0
[0242.599] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0242.606] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0242.606] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0242.614] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf8980dbd) returned 0x0
[0242.614] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0242.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0242.614] GetSystemMetrics (nIndex=42) returned 0
[0242.614] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0242.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0242.614] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0242.614] SelectPalette (hdc=0x3c0107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.614] RestoreDC (hdc=0x3c0107f8, nSavedDC=-1) returned 1
[0242.614] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107f8) returned 0x0
[0242.614] IsAppThemed () returned 0x1
[0242.615] GetThemeAppProperties () returned 0x3
[0242.615] GetThemeAppProperties () returned 0x3
[0242.615] IsAppThemed () returned 0x1
[0242.615] GetThemeAppProperties () returned 0x3
[0242.615] GetThemeAppProperties () returned 0x3
[0242.615] IsThemePartDefined () returned 0x1
[0242.615] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0242.615] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0242.615] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0242.615] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0242.615] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e4a4) returned 0x0
[0242.615] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0242.615] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0242.615] LocalFree (hMem=0x11ee9f0) returned 0x0
[0242.615] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0242.615] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0242.615] LocalFree (hMem=0x11eed00) returned 0x0
[0242.615] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0242.616] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0242.616] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0242.616] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0242.616] GdipDeleteRegion (region=0x6645908) returned 0x0
[0242.616] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0242.616] GetCurrentObject (hdc=0x3c0107f8, type=0x1) returned 0xb00017
[0242.616] GetCurrentObject (hdc=0x3c0107f8, type=0x2) returned 0x900010
[0242.616] GetCurrentObject (hdc=0x3c0107f8, type=0x7) returned 0x4a0507fe
[0242.616] GetCurrentObject (hdc=0x3c0107f8, type=0x6) returned 0x8a01c2
[0242.616] SaveDC (hdc=0x3c0107f8) returned 1
[0242.616] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x67040807
[0242.616] GetClipRgn (hdc=0x3c0107f8, hrgn=0x67040807) returned 0
[0242.616] SelectClipRgn (hdc=0x3c0107f8, hrgn=0xfc0407de) returned 2
[0242.616] DeleteObject (ho=0x67040807) returned 1
[0242.616] DeleteObject (ho=0xfc0407de) returned 1
[0242.617] OffsetViewportOrgEx (in: hdc=0x3c0107f8, x=0, y=0, lppt=0x2e8d22c | out: lppt=0x2e8d22c) returned 1
[0242.617] IsAppThemed () returned 0x1
[0242.617] GetThemeAppProperties () returned 0x3
[0242.617] GetThemeAppProperties () returned 0x3
[0242.617] DrawThemeBackground () returned 0x0
[0242.617] RestoreDC (hdc=0x3c0107f8, nSavedDC=-1) returned 1
[0242.617] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107f8) returned 0x0
[0242.617] GdipCreateRegion (region=0xd7e490) returned 0x0
[0242.617] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0242.617] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0242.617] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0242.617] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e4a8) returned 0x0
[0242.617] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0242.617] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0242.617] LocalFree (hMem=0x11ee788) returned 0x0
[0242.617] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0242.618] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0242.618] LocalFree (hMem=0x11eec58) returned 0x0
[0242.618] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0242.618] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0242.618] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0242.618] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0242.618] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0242.618] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0242.618] GetCurrentObject (hdc=0x3c0107f8, type=0x1) returned 0xb00017
[0242.618] GetCurrentObject (hdc=0x3c0107f8, type=0x2) returned 0x900010
[0242.618] GetCurrentObject (hdc=0x3c0107f8, type=0x7) returned 0x4a0507fe
[0242.618] GetCurrentObject (hdc=0x3c0107f8, type=0x6) returned 0x8a01c2
[0242.618] SaveDC (hdc=0x3c0107f8) returned 1
[0242.618] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfd0407de
[0242.618] GetClipRgn (hdc=0x3c0107f8, hrgn=0xfd0407de) returned 0
[0242.618] SelectClipRgn (hdc=0x3c0107f8, hrgn=0x68040807) returned 2
[0242.619] DeleteObject (ho=0xfd0407de) returned 1
[0242.619] DeleteObject (ho=0x68040807) returned 1
[0242.619] OffsetViewportOrgEx (in: hdc=0x3c0107f8, x=0, y=0, lppt=0x2e8d500 | out: lppt=0x2e8d500) returned 1
[0242.619] IsAppThemed () returned 0x1
[0242.619] GetThemeAppProperties () returned 0x3
[0242.619] GetThemeAppProperties () returned 0x3
[0242.619] GetThemeBackgroundContentRect () returned 0x0
[0242.619] RestoreDC (hdc=0x3c0107f8, nSavedDC=-1) returned 1
[0242.619] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107f8) returned 0x0
[0242.619] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0242.619] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0242.619] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0242.619] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0242.619] IsAppThemed () returned 0x1
[0242.619] GetThemeAppProperties () returned 0x3
[0242.619] GetThemeAppProperties () returned 0x3
[0242.619] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0242.620] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0242.620] GetCurrentObject (hdc=0x3c0107f8, type=0x1) returned 0xb00017
[0242.620] GetCurrentObject (hdc=0x3c0107f8, type=0x2) returned 0x900010
[0242.620] GetCurrentObject (hdc=0x3c0107f8, type=0x7) returned 0x4a0507fe
[0242.620] GetCurrentObject (hdc=0x3c0107f8, type=0x6) returned 0x8a01c2
[0242.620] SaveDC (hdc=0x3c0107f8) returned 1
[0242.620] GetTextAlign (hdc=0x3c0107f8) returned 0x0
[0242.620] GetTextColor (hdc=0x3c0107f8) returned 0x0
[0242.620] GetCurrentObject (hdc=0x3c0107f8, type=0x6) returned 0x8a01c2
[0242.620] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0242.620] SelectObject (hdc=0x3c0107f8, h=0x6d0a0520) returned 0x8a01c2
[0242.620] GetBkMode (hdc=0x3c0107f8) returned 2
[0242.620] SetBkMode (hdc=0x3c0107f8, mode=1) returned 2
[0242.621] DrawTextExW (in: hdc=0x3c0107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e8d8c4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0242.621] DrawTextExW (in: hdc=0x3c0107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e8d8c4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0242.621] RestoreDC (hdc=0x3c0107f8, nSavedDC=-1) returned 1
[0242.621] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107f8) returned 0x0
[0242.621] GetFocus () returned 0x602c4
[0242.622] IsAppThemed () returned 0x1
[0242.622] GetThemeAppProperties () returned 0x3
[0242.622] GetThemeAppProperties () returned 0x3
[0242.622] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0242.622] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x3c0107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0242.622] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107f8) returned 0x0
[0242.622] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0242.623] SelectObject (hdc=0x3c0107f8, h=0x85000f) returned 0x4a0507fe
[0242.623] DeleteDC (hdc=0x3c0107f8) returned 1
[0242.623] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0242.623] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0242.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.623] WaitMessage () returned 1
[0242.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.623] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.623] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.623] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.624] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.625] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.625] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.625] WaitMessage () returned 1
[0242.647] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.647] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.647] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.647] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.647] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.648] WaitMessage () returned 1
[0242.649] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.649] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.649] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.650] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.650] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.651] WaitMessage () returned 1
[0242.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.651] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.651] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.652] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.652] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.653] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.654] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.654] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.656] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.656] WaitMessage () returned 1
[0242.656] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.656] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.656] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.656] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.656] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.658] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.658] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.658] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.658] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.658] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.658] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.659] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.659] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.659] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.659] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.659] WaitMessage () returned 1
[0242.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.660] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.660] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.660] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.660] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.661] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.662] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.662] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.662] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.662] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.662] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.662] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.662] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.663] WaitMessage () returned 1
[0242.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.663] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.663] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.663] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.663] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.665] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.665] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.665] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.665] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.666] IsWindowUnicode (hWnd=0x30122) returned 1
[0242.666] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.666] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.666] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.666] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.666] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.666] WaitMessage () returned 1
[0242.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.673] IsWindowUnicode (hWnd=0x7005c) returned 1
[0242.673] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.673] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.673] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.673] IsWindowUnicode (hWnd=0x7005c) returned 1
[0242.673] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.673] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.674] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.674] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10e0232) returned 0x0
[0242.674] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.674] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.674] WaitMessage () returned 1
[0242.825] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.826] IsWindowUnicode (hWnd=0x502c6) returned 1
[0242.826] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0242.826] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0242.826] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0242.826] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.826] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0242.826] WaitMessage () returned 1
[0244.657] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100fc) returned 0x1
[0244.658] IsWindowUnicode (hWnd=0x602c4) returned 1
[0244.658] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.658] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0244.658] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0244.658] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0244.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100fc) returned 0x1
[0244.658] IsWindowUnicode (hWnd=0x602c4) returned 1
[0244.658] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100fc) returned 0x1
[0244.658] SetCursor (hCursor=0x10003) returned 0x10003
[0244.659] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0244.659] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0244.659] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0244.659] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0244.659] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0244.659] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0244.659] GetKeyState (nVirtKey=1) returned 1
[0244.659] GetKeyState (nVirtKey=2) returned 0
[0244.659] GetKeyState (nVirtKey=4) returned 0
[0244.659] GetKeyState (nVirtKey=5) returned 0
[0244.659] GetKeyState (nVirtKey=6) returned 0
[0244.659] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.659] IsWindowUnicode (hWnd=0x602c4) returned 1
[0244.659] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.659] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0244.659] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0244.660] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0244.660] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0244.660] CreateCompatibleDC (hdc=0x10105d6) returned 0xb20107d3
[0244.660] SelectObject (hdc=0xb20107d3, h=0x4a0507fe) returned 0x85000f
[0244.660] GdipCreateFromHDC (hdc=0xb20107d3, graphics=0xd7e798) returned 0x0
[0244.660] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0244.660] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0244.660] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0244.660] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0244.660] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e7f8) returned 0x0
[0244.660] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0244.661] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0244.661] LocalFree (hMem=0x11eec58) returned 0x0
[0244.661] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0244.661] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0244.661] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0244.661] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0244.661] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0244.661] GdipRestoreGraphics (graphics=0x6600030, state=0xf8960dbd) returned 0x0
[0244.661] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.661] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0244.661] GetCurrentObject (hdc=0xb20107d3, type=0x1) returned 0xb00017
[0244.661] GetCurrentObject (hdc=0xb20107d3, type=0x2) returned 0x900010
[0244.661] GetCurrentObject (hdc=0xb20107d3, type=0x7) returned 0x4a0507fe
[0244.661] GetCurrentObject (hdc=0xb20107d3, type=0x6) returned 0x8a01c2
[0244.661] SaveDC (hdc=0xb20107d3) returned 1
[0244.661] GetNearestColor (hdc=0xb20107d3, color=0xff) returned 0xff
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0x55) returned 0x55
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0x0) returned 0x0
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0x55) returned 0x55
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0x0) returned 0x0
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0x8080ff) returned 0x8080ff
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0x7373e5) returned 0x7373e5
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0xe5) returned 0xe5
[0244.662] GetNearestColor (hdc=0xb20107d3, color=0x0) returned 0x0
[0244.662] RestoreDC (hdc=0xb20107d3, nSavedDC=-1) returned 1
[0244.662] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d3) returned 0x0
[0244.662] IsAppThemed () returned 0x1
[0244.662] GetThemeAppProperties () returned 0x3
[0244.662] GetThemeAppProperties () returned 0x3
[0244.662] IsAppThemed () returned 0x1
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e8e234 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0244.663] IsAppThemed () returned 0x1
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] IsAppThemed () returned 0x1
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] IsAppThemed () returned 0x1
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] GetThemeAppProperties () returned 0x3
[0244.663] IsAppThemed () returned 0x1
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] IsThemePartDefined () returned 0x1
[0244.664] IsAppThemed () returned 0x1
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0244.664] IsAppThemed () returned 0x1
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] IsAppThemed () returned 0x1
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] GetThemeAppProperties () returned 0x3
[0244.664] IsThemePartDefined () returned 0x1
[0244.664] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0244.664] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0244.664] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0244.664] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0244.664] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e514) returned 0x0
[0244.664] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0244.665] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0244.665] LocalFree (hMem=0x11ee868) returned 0x0
[0244.665] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0244.665] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eead0) returned 0x0
[0244.665] LocalFree (hMem=0x11eead0) returned 0x0
[0244.665] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0244.665] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0244.665] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0244.665] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0244.665] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.665] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0244.665] GetCurrentObject (hdc=0xb20107d3, type=0x1) returned 0xb00017
[0244.665] GetCurrentObject (hdc=0xb20107d3, type=0x2) returned 0x900010
[0244.665] GetCurrentObject (hdc=0xb20107d3, type=0x7) returned 0x4a0507fe
[0244.665] GetCurrentObject (hdc=0xb20107d3, type=0x6) returned 0x8a01c2
[0244.665] SaveDC (hdc=0xb20107d3) returned 1
[0244.666] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x69040807
[0244.666] GetClipRgn (hdc=0xb20107d3, hrgn=0x69040807) returned 0
[0244.666] SelectClipRgn (hdc=0xb20107d3, hrgn=0x10407de) returned 2
[0244.666] DeleteObject (ho=0x69040807) returned 1
[0244.666] DeleteObject (ho=0x10407de) returned 1
[0244.666] OffsetViewportOrgEx (in: hdc=0xb20107d3, x=0, y=0, lppt=0x2e8e8e4 | out: lppt=0x2e8e8e4) returned 1
[0244.666] DrawThemeParentBackground () returned 0x0
[0244.666] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0244.666] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0244.666] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.666] GetSystemMetrics (nIndex=42) returned 0
[0244.666] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0244.667] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0244.667] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0244.667] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0244.667] SelectPalette (hdc=0xb20107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0244.667] GdipCreateFromHDC (hdc=0xb20107d3, graphics=0xd7dff0) returned 0x0
[0244.667] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0244.667] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0244.667] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638c08) returned 0x0
[0244.667] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfc8) returned 0x0
[0244.667] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0244.667] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0244.667] GdipGetClip (graphics=0x6640bc0, region=0x6645878) returned 0x0
[0244.667] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6640bc0, result=0xd7dfbc) returned 0x0
[0244.667] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.668] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dfe8) returned 0x0
[0244.668] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0244.675] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0244.675] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0244.677] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0244.677] SelectPalette (hdc=0xb20107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0244.677] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.677] GetSystemMetrics (nIndex=42) returned 0
[0244.677] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0244.677] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0244.677] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0244.677] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0244.677] SelectPalette (hdc=0xb20107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0244.678] GdipCreateFromHDC (hdc=0xb20107d3, graphics=0xd7df90) returned 0x0
[0244.678] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0244.678] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0244.678] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638c38) returned 0x0
[0244.678] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df68) returned 0x0
[0244.678] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0244.678] GdipCreateRegion (region=0xd7df50) returned 0x0
[0244.678] GdipGetClip (graphics=0x6640bc0, region=0x6645878) returned 0x0
[0244.678] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6640bc0, result=0xd7df5c) returned 0x0
[0244.678] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.678] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7df88) returned 0x0
[0244.678] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0244.685] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0244.685] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0244.687] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf8920dbd) returned 0x0
[0244.687] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.687] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.687] GetSystemMetrics (nIndex=42) returned 0
[0244.687] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.687] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0244.687] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0244.687] SelectPalette (hdc=0xb20107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0244.687] RestoreDC (hdc=0xb20107d3, nSavedDC=-1) returned 1
[0244.687] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d3) returned 0x0
[0244.688] IsAppThemed () returned 0x1
[0244.688] GetThemeAppProperties () returned 0x3
[0244.688] GetThemeAppProperties () returned 0x3
[0244.688] IsAppThemed () returned 0x1
[0244.688] GetThemeAppProperties () returned 0x3
[0244.688] GetThemeAppProperties () returned 0x3
[0244.688] IsThemePartDefined () returned 0x1
[0244.688] GdipCreateRegion (region=0xd7e480) returned 0x0
[0244.688] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0244.688] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0244.688] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0244.688] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e498) returned 0x0
[0244.688] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0244.688] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea98) returned 0x0
[0244.688] LocalFree (hMem=0x11eea98) returned 0x0
[0244.688] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0244.688] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0244.688] LocalFree (hMem=0x11eea28) returned 0x0
[0244.688] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0244.689] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0244.689] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0244.689] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0244.689] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.689] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0244.689] GetCurrentObject (hdc=0xb20107d3, type=0x1) returned 0xb00017
[0244.689] GetCurrentObject (hdc=0xb20107d3, type=0x2) returned 0x900010
[0244.689] GetCurrentObject (hdc=0xb20107d3, type=0x7) returned 0x4a0507fe
[0244.689] GetCurrentObject (hdc=0xb20107d3, type=0x6) returned 0x8a01c2
[0244.689] SaveDC (hdc=0xb20107d3) returned 1
[0244.689] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x20407de
[0244.689] GetClipRgn (hdc=0xb20107d3, hrgn=0x20407de) returned 0
[0244.689] SelectClipRgn (hdc=0xb20107d3, hrgn=0x6b040807) returned 2
[0244.689] DeleteObject (ho=0x20407de) returned 1
[0244.689] DeleteObject (ho=0x6b040807) returned 1
[0244.689] OffsetViewportOrgEx (in: hdc=0xb20107d3, x=0, y=0, lppt=0x2e95134 | out: lppt=0x2e95134) returned 1
[0244.689] IsAppThemed () returned 0x1
[0244.690] GetThemeAppProperties () returned 0x3
[0244.690] GetThemeAppProperties () returned 0x3
[0244.690] DrawThemeBackground () returned 0x0
[0244.690] RestoreDC (hdc=0xb20107d3, nSavedDC=-1) returned 1
[0244.690] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d3) returned 0x0
[0244.690] GdipCreateRegion (region=0xd7e484) returned 0x0
[0244.690] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0244.690] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0244.690] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0244.690] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e49c) returned 0x0
[0244.690] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0244.690] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0244.690] LocalFree (hMem=0x11eec58) returned 0x0
[0244.690] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0244.690] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0244.690] LocalFree (hMem=0x11eec58) returned 0x0
[0244.690] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0244.690] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0244.691] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0244.691] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0244.691] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0244.691] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0244.691] GetCurrentObject (hdc=0xb20107d3, type=0x1) returned 0xb00017
[0244.691] GetCurrentObject (hdc=0xb20107d3, type=0x2) returned 0x900010
[0244.691] GetCurrentObject (hdc=0xb20107d3, type=0x7) returned 0x4a0507fe
[0244.691] GetCurrentObject (hdc=0xb20107d3, type=0x6) returned 0x8a01c2
[0244.691] SaveDC (hdc=0xb20107d3) returned 1
[0244.691] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6c040807
[0244.691] GetClipRgn (hdc=0xb20107d3, hrgn=0x6c040807) returned 0
[0244.691] SelectClipRgn (hdc=0xb20107d3, hrgn=0x30407de) returned 2
[0244.691] DeleteObject (ho=0x6c040807) returned 1
[0244.691] DeleteObject (ho=0x30407de) returned 1
[0244.691] OffsetViewportOrgEx (in: hdc=0xb20107d3, x=0, y=0, lppt=0x2e95408 | out: lppt=0x2e95408) returned 1
[0244.691] IsAppThemed () returned 0x1
[0244.692] GetThemeAppProperties () returned 0x3
[0244.692] GetThemeAppProperties () returned 0x3
[0244.692] GetThemeBackgroundContentRect () returned 0x0
[0244.692] RestoreDC (hdc=0xb20107d3, nSavedDC=-1) returned 1
[0244.692] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d3) returned 0x0
[0244.692] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0244.692] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0244.692] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0244.692] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0244.692] IsAppThemed () returned 0x1
[0244.692] GetThemeAppProperties () returned 0x3
[0244.692] GetThemeAppProperties () returned 0x3
[0244.692] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0244.692] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0244.692] GetCurrentObject (hdc=0xb20107d3, type=0x1) returned 0xb00017
[0244.692] GetCurrentObject (hdc=0xb20107d3, type=0x2) returned 0x900010
[0244.692] GetCurrentObject (hdc=0xb20107d3, type=0x7) returned 0x4a0507fe
[0244.692] GetCurrentObject (hdc=0xb20107d3, type=0x6) returned 0x8a01c2
[0244.693] SaveDC (hdc=0xb20107d3) returned 1
[0244.693] GetTextAlign (hdc=0xb20107d3) returned 0x0
[0244.693] GetTextColor (hdc=0xb20107d3) returned 0x0
[0244.693] GetCurrentObject (hdc=0xb20107d3, type=0x6) returned 0x8a01c2
[0244.693] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0244.693] SelectObject (hdc=0xb20107d3, h=0x6d0a0520) returned 0x8a01c2
[0244.693] GetBkMode (hdc=0xb20107d3) returned 2
[0244.693] SetBkMode (hdc=0xb20107d3, mode=1) returned 2
[0244.693] DrawTextExW (in: hdc=0xb20107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e957cc | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0244.694] DrawTextExW (in: hdc=0xb20107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e957cc | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0244.694] RestoreDC (hdc=0xb20107d3, nSavedDC=-1) returned 1
[0244.694] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d3) returned 0x0
[0244.694] GetFocus () returned 0x602c4
[0244.694] IsAppThemed () returned 0x1
[0244.694] GetThemeAppProperties () returned 0x3
[0244.694] GetThemeAppProperties () returned 0x3
[0244.694] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0244.694] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xb20107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0244.695] GdipReleaseDC (graphics=0x6600030, hdc=0xb20107d3) returned 0x0
[0244.695] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0244.695] SelectObject (hdc=0xb20107d3, h=0x85000f) returned 0x4a0507fe
[0244.695] DeleteDC (hdc=0xb20107d3) returned 1
[0244.695] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0244.695] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0244.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0244.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0244.695] WaitMessage () returned 1
[0244.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.763] IsWindowUnicode (hWnd=0x602c4) returned 1
[0244.763] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.763] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0244.763] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0244.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.763] IsWindowUnicode (hWnd=0x602c4) returned 1
[0244.763] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.764] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0244.764] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0244.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xa0021) returned 0x0
[0244.764] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0244.764] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0244.764] WaitMessage () returned 1
[0244.903] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.903] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100fc) returned 0x1
[0244.903] IsWindowUnicode (hWnd=0x602c4) returned 1
[0244.903] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.904] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100fc) returned 0x1
[0244.904] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0244.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19c003e) returned 0x0
[0244.904] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0244.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0244.904] SetCursor (hCursor=0x10003) returned 0x10003
[0244.904] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0244.904] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0244.904] GetKeyState (nVirtKey=1) returned -128
[0244.904] GetKeyState (nVirtKey=2) returned 0
[0244.904] GetKeyState (nVirtKey=4) returned 0
[0244.904] GetKeyState (nVirtKey=5) returned 0
[0244.905] GetKeyState (nVirtKey=6) returned 0
[0244.905] IsWindowVisible (hWnd=0x602c4) returned 1
[0244.905] IsWindowEnabled (hWnd=0x602c4) returned 1
[0244.905] SetFocus (hWnd=0x602c4) returned 0x602c4
[0244.905] GetFocus () returned 0x602c4
[0244.905] GetFocus () returned 0x602c4
[0244.905] GetFocus () returned 0x602c4
[0244.905] GetKeyState (nVirtKey=1) returned -128
[0244.905] GetKeyState (nVirtKey=2) returned 0
[0244.905] GetKeyState (nVirtKey=4) returned 0
[0244.905] GetKeyState (nVirtKey=5) returned 0
[0244.905] GetKeyState (nVirtKey=6) returned 0
[0244.905] GetCapture () returned 0x0
[0244.905] SetCapture (hWnd=0x602c4) returned 0x0
[0244.905] GetKeyState (nVirtKey=1) returned -128
[0244.905] GetKeyState (nVirtKey=2) returned 0
[0244.905] GetKeyState (nVirtKey=4) returned 0
[0244.905] GetKeyState (nVirtKey=5) returned 0
[0244.905] GetKeyState (nVirtKey=6) returned 0
[0244.905] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0244.905] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0244.906] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.906] IsWindowUnicode (hWnd=0x602c4) returned 1
[0244.906] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0244.906] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0244.906] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0244.906] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e95950, cPoints=0x1 | out: lpPoints=0x2e95950) returned 40304859
[0244.906] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0244.906] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0244.906] UpdateWindow (hWnd=0x602c4) returned 1
[0244.906] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0244.906] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0244.906] CreateCompatibleDC (hdc=0x10105d6) returned 0xb30107d3
[0244.907] SelectObject (hdc=0xb30107d3, h=0x4a0507fe) returned 0x85000f
[0244.907] GdipCreateFromHDC (hdc=0xb30107d3, graphics=0xd7e430) returned 0x0
[0244.907] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0244.907] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0244.907] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0244.907] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0244.907] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e490) returned 0x0
[0244.907] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0244.907] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0244.907] LocalFree (hMem=0x11ee868) returned 0x0
[0244.907] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0244.907] GdipCreateRegion (region=0xd7e478) returned 0x0
[0244.907] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0244.908] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0244.908] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0244.908] GdipRestoreGraphics (graphics=0x6600030, state=0xf8900dbd) returned 0x0
[0244.908] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0244.908] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0244.908] GetCurrentObject (hdc=0xb30107d3, type=0x1) returned 0xb00017
[0244.908] GetCurrentObject (hdc=0xb30107d3, type=0x2) returned 0x900010
[0244.908] GetCurrentObject (hdc=0xb30107d3, type=0x7) returned 0x4a0507fe
[0244.908] GetCurrentObject (hdc=0xb30107d3, type=0x6) returned 0x8a01c2
[0244.908] SaveDC (hdc=0xb30107d3) returned 1
[0244.908] GetNearestColor (hdc=0xb30107d3, color=0xff) returned 0xff
[0244.908] GetNearestColor (hdc=0xb30107d3, color=0x55) returned 0x55
[0244.908] GetNearestColor (hdc=0xb30107d3, color=0x0) returned 0x0
[0244.908] GetNearestColor (hdc=0xb30107d3, color=0x55) returned 0x55
[0244.909] GetNearestColor (hdc=0xb30107d3, color=0x0) returned 0x0
[0244.909] GetNearestColor (hdc=0xb30107d3, color=0x8080ff) returned 0x8080ff
[0244.909] GetNearestColor (hdc=0xb30107d3, color=0x7373e5) returned 0x7373e5
[0244.909] GetNearestColor (hdc=0xb30107d3, color=0xe5) returned 0xe5
[0244.909] GetNearestColor (hdc=0xb30107d3, color=0x0) returned 0x0
[0244.909] RestoreDC (hdc=0xb30107d3, nSavedDC=-1) returned 1
[0244.909] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107d3) returned 0x0
[0244.909] IsAppThemed () returned 0x1
[0244.909] GetThemeAppProperties () returned 0x3
[0244.909] GetThemeAppProperties () returned 0x3
[0244.909] IsAppThemed () returned 0x1
[0244.909] GetThemeAppProperties () returned 0x3
[0244.909] GetThemeAppProperties () returned 0x3
[0244.909] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e9606c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0244.910] IsAppThemed () returned 0x1
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] IsAppThemed () returned 0x1
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] IsAppThemed () returned 0x1
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] IsAppThemed () returned 0x1
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] GetThemeAppProperties () returned 0x3
[0244.910] IsThemePartDefined () returned 0x1
[0244.910] IsAppThemed () returned 0x1
[0244.910] GetThemeAppProperties () returned 0x3
[0244.911] GetThemeAppProperties () returned 0x3
[0244.911] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0244.911] IsAppThemed () returned 0x1
[0244.911] GetThemeAppProperties () returned 0x3
[0244.911] GetThemeAppProperties () returned 0x3
[0244.911] IsAppThemed () returned 0x1
[0244.911] GetThemeAppProperties () returned 0x3
[0244.911] GetThemeAppProperties () returned 0x3
[0244.911] IsThemePartDefined () returned 0x1
[0244.911] GdipCreateRegion (region=0xd7e194) returned 0x0
[0244.911] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0244.911] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0244.911] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0244.911] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e1ac) returned 0x0
[0244.911] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0244.911] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0244.911] LocalFree (hMem=0x11ee788) returned 0x0
[0244.911] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0244.911] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0244.912] LocalFree (hMem=0x11ee868) returned 0x0
[0244.912] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0244.912] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0244.912] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0244.912] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0244.912] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.912] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0244.912] GetCurrentObject (hdc=0xb30107d3, type=0x1) returned 0xb00017
[0244.912] GetCurrentObject (hdc=0xb30107d3, type=0x2) returned 0x900010
[0244.912] GetCurrentObject (hdc=0xb30107d3, type=0x7) returned 0x4a0507fe
[0244.912] GetCurrentObject (hdc=0xb30107d3, type=0x6) returned 0x8a01c2
[0244.912] SaveDC (hdc=0xb30107d3) returned 1
[0244.912] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x40407de
[0244.912] GetClipRgn (hdc=0xb30107d3, hrgn=0x40407de) returned 0
[0244.912] SelectClipRgn (hdc=0xb30107d3, hrgn=0x70040807) returned 2
[0244.913] DeleteObject (ho=0x40407de) returned 1
[0244.913] DeleteObject (ho=0x70040807) returned 1
[0244.913] OffsetViewportOrgEx (in: hdc=0xb30107d3, x=0, y=0, lppt=0x2e9671c | out: lppt=0x2e9671c) returned 1
[0244.913] DrawThemeParentBackground () returned 0x0
[0244.913] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0244.913] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0244.913] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.913] GetSystemMetrics (nIndex=42) returned 0
[0244.913] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0244.913] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0244.913] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0244.913] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0244.913] SelectPalette (hdc=0xb30107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0244.914] GdipCreateFromHDC (hdc=0xb30107d3, graphics=0xd7dc88) returned 0x0
[0244.914] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0244.914] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0244.914] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638d58) returned 0x0
[0244.914] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc60) returned 0x0
[0244.914] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0244.914] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0244.914] GdipGetClip (graphics=0x6640bc0, region=0x6645878) returned 0x0
[0244.914] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6640bc0, result=0xd7dc54) returned 0x0
[0244.914] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.914] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dc80) returned 0x0
[0244.914] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0244.921] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0244.922] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0244.923] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0244.923] SelectPalette (hdc=0xb30107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0244.923] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.924] GetSystemMetrics (nIndex=42) returned 0
[0244.924] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0244.924] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0244.924] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0244.924] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0244.924] SelectPalette (hdc=0xb30107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0244.924] GdipCreateFromHDC (hdc=0xb30107d3, graphics=0xd7dc28) returned 0x0
[0244.924] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0244.924] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0244.924] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638d88) returned 0x0
[0244.924] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc00) returned 0x0
[0244.924] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0244.924] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0244.925] GdipGetClip (graphics=0x6640bc0, region=0x6645878) returned 0x0
[0244.925] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6640bc0, result=0xd7dbf4) returned 0x0
[0244.925] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.925] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dc20) returned 0x0
[0244.925] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0244.932] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0244.932] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0244.933] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf88c0dbd) returned 0x0
[0244.934] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.934] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.934] GetSystemMetrics (nIndex=42) returned 0
[0244.934] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.934] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0244.934] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0244.934] SelectPalette (hdc=0xb30107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0244.934] RestoreDC (hdc=0xb30107d3, nSavedDC=-1) returned 1
[0244.934] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107d3) returned 0x0
[0244.935] IsAppThemed () returned 0x1
[0244.935] GetThemeAppProperties () returned 0x3
[0244.935] GetThemeAppProperties () returned 0x3
[0244.935] IsAppThemed () returned 0x1
[0244.935] GetThemeAppProperties () returned 0x3
[0244.935] GetThemeAppProperties () returned 0x3
[0244.935] IsThemePartDefined () returned 0x1
[0244.935] GdipCreateRegion (region=0xd7e118) returned 0x0
[0244.935] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0244.935] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0244.935] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0244.935] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e130) returned 0x0
[0244.935] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0244.935] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0244.935] LocalFree (hMem=0x11ee788) returned 0x0
[0244.935] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0244.935] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0244.936] LocalFree (hMem=0x11ee788) returned 0x0
[0244.936] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0244.936] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0244.936] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0244.936] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0244.936] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0244.936] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0244.936] GetCurrentObject (hdc=0xb30107d3, type=0x1) returned 0xb00017
[0244.936] GetCurrentObject (hdc=0xb30107d3, type=0x2) returned 0x900010
[0244.936] GetCurrentObject (hdc=0xb30107d3, type=0x7) returned 0x4a0507fe
[0244.936] GetCurrentObject (hdc=0xb30107d3, type=0x6) returned 0x8a01c2
[0244.936] SaveDC (hdc=0xb30107d3) returned 1
[0244.936] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x71040807
[0244.936] GetClipRgn (hdc=0xb30107d3, hrgn=0x71040807) returned 0
[0244.936] SelectClipRgn (hdc=0xb30107d3, hrgn=0x60407de) returned 2
[0244.937] DeleteObject (ho=0x71040807) returned 1
[0244.937] DeleteObject (ho=0x60407de) returned 1
[0244.937] OffsetViewportOrgEx (in: hdc=0xb30107d3, x=0, y=0, lppt=0x2e9cf6c | out: lppt=0x2e9cf6c) returned 1
[0244.937] IsAppThemed () returned 0x1
[0244.937] GetThemeAppProperties () returned 0x3
[0244.937] GetThemeAppProperties () returned 0x3
[0244.937] DrawThemeBackground () returned 0x0
[0244.937] RestoreDC (hdc=0xb30107d3, nSavedDC=-1) returned 1
[0244.937] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107d3) returned 0x0
[0244.937] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0244.937] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0244.937] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0244.937] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0244.937] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e134) returned 0x0
[0244.937] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0244.937] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0244.937] LocalFree (hMem=0x11eecc8) returned 0x0
[0244.938] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0244.938] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0244.938] LocalFree (hMem=0x11eec58) returned 0x0
[0244.938] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0244.938] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0244.938] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0244.938] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0244.938] GdipDeleteRegion (region=0x6645878) returned 0x0
[0244.938] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0244.938] GetCurrentObject (hdc=0xb30107d3, type=0x1) returned 0xb00017
[0244.938] GetCurrentObject (hdc=0xb30107d3, type=0x2) returned 0x900010
[0244.938] GetCurrentObject (hdc=0xb30107d3, type=0x7) returned 0x4a0507fe
[0244.938] GetCurrentObject (hdc=0xb30107d3, type=0x6) returned 0x8a01c2
[0244.938] SaveDC (hdc=0xb30107d3) returned 1
[0244.938] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x70407de
[0244.938] GetClipRgn (hdc=0xb30107d3, hrgn=0x70407de) returned 0
[0244.938] SelectClipRgn (hdc=0xb30107d3, hrgn=0x72040807) returned 2
[0244.939] DeleteObject (ho=0x70407de) returned 1
[0244.939] DeleteObject (ho=0x72040807) returned 1
[0244.939] OffsetViewportOrgEx (in: hdc=0xb30107d3, x=0, y=0, lppt=0x2e9d240 | out: lppt=0x2e9d240) returned 1
[0244.939] IsAppThemed () returned 0x1
[0244.939] GetThemeAppProperties () returned 0x3
[0244.939] GetThemeAppProperties () returned 0x3
[0244.939] GetThemeBackgroundContentRect () returned 0x0
[0244.939] RestoreDC (hdc=0xb30107d3, nSavedDC=-1) returned 1
[0244.939] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107d3) returned 0x0
[0244.939] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0244.939] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0244.939] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0244.939] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0244.939] IsAppThemed () returned 0x1
[0244.939] GetThemeAppProperties () returned 0x3
[0244.939] GetThemeAppProperties () returned 0x3
[0244.940] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0244.940] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0244.940] GetCurrentObject (hdc=0xb30107d3, type=0x1) returned 0xb00017
[0244.940] GetCurrentObject (hdc=0xb30107d3, type=0x2) returned 0x900010
[0244.940] GetCurrentObject (hdc=0xb30107d3, type=0x7) returned 0x4a0507fe
[0244.940] GetCurrentObject (hdc=0xb30107d3, type=0x6) returned 0x8a01c2
[0244.940] SaveDC (hdc=0xb30107d3) returned 1
[0244.940] GetTextAlign (hdc=0xb30107d3) returned 0x0
[0244.940] GetTextColor (hdc=0xb30107d3) returned 0x0
[0244.940] GetCurrentObject (hdc=0xb30107d3, type=0x6) returned 0x8a01c2
[0244.940] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0244.940] SelectObject (hdc=0xb30107d3, h=0x6d0a0520) returned 0x8a01c2
[0244.940] GetBkMode (hdc=0xb30107d3) returned 2
[0244.940] SetBkMode (hdc=0xb30107d3, mode=1) returned 2
[0244.941] DrawTextExW (in: hdc=0xb30107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e9d604 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0244.941] DrawTextExW (in: hdc=0xb30107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e9d604 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0244.941] RestoreDC (hdc=0xb30107d3, nSavedDC=-1) returned 1
[0244.941] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107d3) returned 0x0
[0244.941] GetFocus () returned 0x602c4
[0244.942] IsAppThemed () returned 0x1
[0244.942] GetThemeAppProperties () returned 0x3
[0244.942] GetThemeAppProperties () returned 0x3
[0244.942] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0244.942] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xb30107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0244.942] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107d3) returned 0x0
[0244.942] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0244.942] SelectObject (hdc=0xb30107d3, h=0x85000f) returned 0x4a0507fe
[0244.942] DeleteDC (hdc=0xb30107d3) returned 1
[0244.942] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0244.943] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0244.943] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e9d700, cPoints=0x1 | out: lpPoints=0x2e9d700) returned 40304859
[0244.943] WindowFromPoint (Point=0xfc) returned 0x602c4
[0244.943] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27100fc) returned 0x1
[0244.943] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0244.943] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0244.943] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0244.943] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0244.943] GetSystemMetrics (nIndex=42) returned 0
[0244.943] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0244.943] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0244.945] GetCapture () returned 0x602c4
[0244.945] ReleaseCapture () returned 1
[0244.945] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0244.946] GetProcessWindowStation () returned 0x13c
[0244.946] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.946] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0244.947] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.947] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0244.947] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.947] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0244.947] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.947] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0244.948] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.948] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0244.948] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.948] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0244.948] GetDC (hWnd=0x0) returned 0xf0105ee
[0244.948] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0244.949] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0244.949] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0244.949] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0244.949] GetSystemMetrics (nIndex=5) returned 1
[0244.949] GetSystemMetrics (nIndex=6) returned 1
[0244.949] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.949] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0244.949] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.950] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0244.953] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0244.953] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0244.953] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.953] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0244.953] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.953] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0244.954] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2ea311c | out: lpData=0x2ea311c) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea352c, puLen=0xd7e810) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea31d4, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea3228, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea32a8, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea3310, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea3350, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea33d8, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea3414, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea346c, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea349c, puLen=0xd7e790) returned 1
[0244.955] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.956] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea34d8, puLen=0xd7e790) returned 1
[0244.956] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.956] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea352c, puLen=0xd7e784) returned 1
[0244.956] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.956] VerQueryValueW (in: pBlock=0x2ea311c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea3144, puLen=0xd7e794) returned 1
[0244.956] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0244.956] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0244.956] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.957] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0244.957] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.957] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0244.957] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2ea508c | out: lpData=0x2ea508c) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea5128, puLen=0xd7e810) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea51a0, puLen=0xd7e790) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea51d0, puLen=0xd7e790) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea520c, puLen=0xd7e790) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea523c, puLen=0xd7e790) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea5284, puLen=0xd7e790) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea52fc, puLen=0xd7e790) returned 1
[0244.957] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea5340, puLen=0xd7e790) returned 1
[0244.958] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea5380, puLen=0xd7e790) returned 1
[0244.958] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea517e, puLen=0xd7e790) returned 1
[0244.958] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea52cc, puLen=0xd7e790) returned 1
[0244.958] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.958] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.958] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea5128, puLen=0xd7e784) returned 1
[0244.958] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0244.958] VerQueryValueW (in: pBlock=0x2ea508c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea50b4, puLen=0xd7e794) returned 1
[0244.959] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0244.959] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0244.959] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.959] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0244.959] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.959] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0244.960] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2ea7364 | out: lpData=0x2ea7364) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea7778, puLen=0xd7e810) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea741c, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea7470, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea74cc, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea752c, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea7584, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea760c, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea7660, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea76b8, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea76e8, puLen=0xd7e790) returned 1
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.960] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea7724, puLen=0xd7e790) returned 1
[0244.961] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.961] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea7778, puLen=0xd7e784) returned 1
[0244.961] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.961] VerQueryValueW (in: pBlock=0x2ea7364, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea738c, puLen=0xd7e794) returned 1
[0244.961] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0244.961] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0244.961] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.962] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0244.962] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.962] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0244.962] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2ea999c | out: lpData=0x2ea999c) returned 1
[0244.963] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ea9d9c, puLen=0xd7e810) returned 1
[0244.963] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9a54, puLen=0xd7e790) returned 1
[0244.963] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9aa8, puLen=0xd7e790) returned 1
[0244.963] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9ae8, puLen=0xd7e790) returned 1
[0244.963] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9b50, puLen=0xd7e790) returned 1
[0244.963] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9ba8, puLen=0xd7e790) returned 1
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9c30, puLen=0xd7e790) returned 1
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9c84, puLen=0xd7e790) returned 1
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9cdc, puLen=0xd7e790) returned 1
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9d0c, puLen=0xd7e790) returned 1
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ea9d48, puLen=0xd7e790) returned 1
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ea9d9c, puLen=0xd7e784) returned 1
[0244.964] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.964] VerQueryValueW (in: pBlock=0x2ea999c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ea99c4, puLen=0xd7e794) returned 1
[0244.965] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0244.965] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0244.965] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.965] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0244.965] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.965] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0244.967] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2eac0d8 | out: lpData=0x2eac0d8) returned 1
[0244.967] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eac4a0, puLen=0xd7e810) returned 1
[0244.967] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac190, puLen=0xd7e790) returned 1
[0244.967] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac1e4, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac224, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac28c, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac2c8, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac350, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac388, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac3e0, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac410, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eac44c, puLen=0xd7e790) returned 1
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eac4a0, puLen=0xd7e784) returned 1
[0244.968] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.968] VerQueryValueW (in: pBlock=0x2eac0d8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eac100, puLen=0xd7e794) returned 1
[0244.969] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0244.969] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0244.969] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.969] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0244.969] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.969] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0244.970] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2eaf740 | out: lpData=0x2eaf740) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eafb20, puLen=0xd7e810) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf7f8, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf84c, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf88c, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf8ec, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf938, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eaf9c0, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eafa08, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eafa60, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eafa90, puLen=0xd7e790) returned 1
[0244.970] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.971] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eafacc, puLen=0xd7e790) returned 1
[0244.971] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.971] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eafb20, puLen=0xd7e784) returned 1
[0244.971] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.971] VerQueryValueW (in: pBlock=0x2eaf740, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eaf768, puLen=0xd7e794) returned 1
[0244.971] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0244.971] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0244.972] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.972] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0244.972] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.972] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0244.972] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2eb1f60 | out: lpData=0x2eb1f60) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eb236c, puLen=0xd7e810) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb2018, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb206c, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb20c0, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb2120, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb2178, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb2200, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb2254, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb22ac, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb22dc, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb2318, puLen=0xd7e790) returned 1
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eb236c, puLen=0xd7e784) returned 1
[0244.973] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.973] VerQueryValueW (in: pBlock=0x2eb1f60, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eb1f88, puLen=0xd7e794) returned 1
[0244.974] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0244.974] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0244.974] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.974] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0244.975] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.975] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0244.975] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2eb4774 | out: lpData=0x2eb4774) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eb4b4c, puLen=0xd7e810) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb482c, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4880, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb48c0, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4928, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb496c, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb49f4, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4a34, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4a8c, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4abc, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb4af8, puLen=0xd7e790) returned 1
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eb4b4c, puLen=0xd7e784) returned 1
[0244.976] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.976] VerQueryValueW (in: pBlock=0x2eb4774, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eb479c, puLen=0xd7e794) returned 1
[0244.977] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0244.977] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0244.977] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.977] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0244.978] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.978] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0244.978] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2eb6ccc | out: lpData=0x2eb6ccc) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eb70a4, puLen=0xd7e810) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6d84, puLen=0xd7e790) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6dd8, puLen=0xd7e790) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6e18, puLen=0xd7e790) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6e80, puLen=0xd7e790) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6ec4, puLen=0xd7e790) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6f4c, puLen=0xd7e790) returned 1
[0244.979] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6f8c, puLen=0xd7e790) returned 1
[0244.980] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb6fe4, puLen=0xd7e790) returned 1
[0244.980] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb7014, puLen=0xd7e790) returned 1
[0244.980] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.980] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb7050, puLen=0xd7e790) returned 1
[0244.980] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.980] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eb70a4, puLen=0xd7e784) returned 1
[0244.980] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.980] VerQueryValueW (in: pBlock=0x2eb6ccc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eb6cf4, puLen=0xd7e794) returned 1
[0244.981] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0244.981] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0244.981] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0244.981] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0244.981] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0244.981] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0244.983] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2eb9404 | out: lpData=0x2eb9404) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2eb9834, puLen=0xd7e810) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb94bc, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb9510, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb9580, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb95e0, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb963c, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb96c4, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb971c, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb9774, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb97a4, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2eb97e0, puLen=0xd7e790) returned 1
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2eb9834, puLen=0xd7e784) returned 1
[0244.984] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0244.984] VerQueryValueW (in: pBlock=0x2eb9404, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2eb942c, puLen=0xd7e794) returned 1
[0244.985] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0244.985] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.985] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0244.985] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.986] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0244.986] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c02c8
[0244.986] SetWindowLongW (hWnd=0x1c02c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0244.986] GetWindowLongW (hWnd=0x1c02c8, nIndex=-4) returned 1950089536
[0244.986] SetWindowLongW (hWnd=0x1c02c8, nIndex=-4, dwNewLong=19949254) returned 1950089536
[0244.987] GetWindowLongW (hWnd=0x1c02c8, nIndex=-4) returned 19949254
[0244.987] GetWindowLongW (hWnd=0x1c02c8, nIndex=-16) returned 113311744
[0244.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0244.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0244.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0244.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0244.988] GetClientRect (in: hWnd=0x1c02c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0244.988] GetWindowRect (in: hWnd=0x1c02c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0244.988] SetWindowTextW (hWnd=0x1c02c8, lpString="WindowsFormsParkingWindow") returned 1
[0244.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0xc, wParam=0x0, lParam=0x2e7e9b4) returned 0x1
[0244.988] GetParent (hWnd=0x1c02c8) returned 0x0
[0244.989] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0244.989] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1c02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2500ea
[0244.989] SetWindowLongW (hWnd=0x2500ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0244.989] GetWindowLongW (hWnd=0x2500ea, nIndex=-4) returned 1868147648
[0244.989] SetWindowLongW (hWnd=0x2500ea, nIndex=-4, dwNewLong=19949334) returned 1868147648
[0244.989] GetWindowLongW (hWnd=0x2500ea, nIndex=-4) returned 19949334
[0244.989] GetWindowLongW (hWnd=0x2500ea, nIndex=-16) returned 1174405133
[0244.989] GetWindowLongW (hWnd=0x2500ea, nIndex=-12) returned 0
[0244.989] SetWindowLongW (hWnd=0x2500ea, nIndex=-12, dwNewLong=2425066) returned 0
[0244.990] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0244.990] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0244.990] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0244.991] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0244.991] GetWindowRect (in: hWnd=0x2500ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0244.991] GetParent (hWnd=0x2500ea) returned 0x1c02c8
[0244.991] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02c8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0244.991] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0244.991] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0244.991] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0244.991] GetWindowRect (in: hWnd=0x2500ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0244.991] GetParent (hWnd=0x2500ea) returned 0x1c02c8
[0244.991] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02c8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0244.992] SendMessageW (hWnd=0x2500ea, Msg=0x2210, wParam=0xea0001, lParam=0x2500ea) returned 0x0
[0244.992] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x2210, wParam=0xea0001, lParam=0x2500ea) returned 0x0
[0244.992] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0244.992] GetParent (hWnd=0x2500ea) returned 0x1c02c8
[0244.992] GdipCreateFromHWND (hwnd=0x2500ea, graphics=0xd7e844) returned 0x0
[0244.992] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0244.993] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0244.993] GetForegroundWindow () returned 0x7005c
[0244.993] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.993] GetSystemMetrics (nIndex=42) returned 0
[0244.993] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0244.993] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0244.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0244.993] GetSystemMetrics (nIndex=42) returned 0
[0244.993] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0244.993] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0244.994] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.994] GetCursorPos (in: lpPoint=0x2ebd888 | out: lpPoint=0x2ebd888*(x=252, y=625)) returned 1
[0244.994] MonitorFromPoint (pt=0xfc, dwFlags=0x271) returned 0x10001
[0244.994] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0244.994] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb60107d3
[0244.994] GetDeviceCaps (hdc=0xb60107d3, index=12) returned 32
[0244.994] GetDeviceCaps (hdc=0xb60107d3, index=14) returned 1
[0244.994] DeleteDC (hdc=0xb60107d3) returned 1
[0244.994] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0244.994] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0244.995] GetSystemMetrics (nIndex=59) returned 1460
[0244.995] GetSystemMetrics (nIndex=60) returned 920
[0244.995] GetSystemMetrics (nIndex=34) returned 136
[0244.995] GetSystemMetrics (nIndex=35) returned 39
[0244.995] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.995] GetCursorPos (in: lpPoint=0x2ebdaf4 | out: lpPoint=0x2ebdaf4*(x=252, y=625)) returned 1
[0244.995] MonitorFromPoint (pt=0xf9, dwFlags=0x26f) returned 0x10001
[0244.995] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0244.995] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb70107d3
[0244.995] GetDeviceCaps (hdc=0xb70107d3, index=12) returned 32
[0244.995] GetDeviceCaps (hdc=0xb70107d3, index=14) returned 1
[0244.995] DeleteDC (hdc=0xb70107d3) returned 1
[0244.996] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0244.996] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0244.996] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0244.996] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0244.996] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2ebdd8c | out: piconinfo=0x2ebdd8c) returned 1
[0244.996] GetObjectW (in: h=0xe30507e0, c=24, pv=0x2ebdda8 | out: pv=0x2ebdda8) returned 24
[0244.996] GdipCreateBitmapFromHBITMAP (hbm=0xe30507e0, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0244.997] GdipGetImageWidth (image=0x6601018, width=0xd7e750) returned 0x0
[0244.997] GdipGetImageHeight (image=0x6601018, height=0xd7e748) returned 0x0
[0244.997] GdipGetImagePixelFormat (image=0x6601018, format=0xd7e740) returned 0x0
[0244.997] GdipBitmapLockBits (bitmap=0x6601018, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2ebde60) returned 0x0
[0244.997] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0244.997] GdipBitmapLockBits (bitmap=0x6651ba8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2ebde98) returned 0x0
[0244.997] RtlMoveMemory (in: Destination=0x6664f78, Source=0x665fec8, Length=0x80 | out: Destination=0x6664f78)
[0244.997] RtlMoveMemory (in: Destination=0x6664ff8, Source=0x665fe48, Length=0x80 | out: Destination=0x6664ff8)
[0244.997] RtlMoveMemory (in: Destination=0x6665078, Source=0x665fdc8, Length=0x80 | out: Destination=0x6665078)
[0244.997] RtlMoveMemory (in: Destination=0x66650f8, Source=0x665fd48, Length=0x80 | out: Destination=0x66650f8)
[0244.997] RtlMoveMemory (in: Destination=0x6665178, Source=0x665fcc8, Length=0x80 | out: Destination=0x6665178)
[0244.997] RtlMoveMemory (in: Destination=0x66651f8, Source=0x665fc48, Length=0x80 | out: Destination=0x66651f8)
[0244.997] RtlMoveMemory (in: Destination=0x6665278, Source=0x665fbc8, Length=0x80 | out: Destination=0x6665278)
[0244.997] RtlMoveMemory (in: Destination=0x66652f8, Source=0x665fb48, Length=0x80 | out: Destination=0x66652f8)
[0244.997] RtlMoveMemory (in: Destination=0x6665378, Source=0x665fac8, Length=0x80 | out: Destination=0x6665378)
[0244.997] RtlMoveMemory (in: Destination=0x66653f8, Source=0x665fa48, Length=0x80 | out: Destination=0x66653f8)
[0244.997] RtlMoveMemory (in: Destination=0x6665478, Source=0x665f9c8, Length=0x80 | out: Destination=0x6665478)
[0244.998] RtlMoveMemory (in: Destination=0x66654f8, Source=0x665f948, Length=0x80 | out: Destination=0x66654f8)
[0244.998] RtlMoveMemory (in: Destination=0x6665578, Source=0x665f8c8, Length=0x80 | out: Destination=0x6665578)
[0244.998] RtlMoveMemory (in: Destination=0x66655f8, Source=0x665f848, Length=0x80 | out: Destination=0x66655f8)
[0244.998] RtlMoveMemory (in: Destination=0x6665678, Source=0x665f7c8, Length=0x80 | out: Destination=0x6665678)
[0244.998] RtlMoveMemory (in: Destination=0x66656f8, Source=0x665f748, Length=0x80 | out: Destination=0x66656f8)
[0244.998] RtlMoveMemory (in: Destination=0x6665778, Source=0x665f6c8, Length=0x80 | out: Destination=0x6665778)
[0244.998] RtlMoveMemory (in: Destination=0x66657f8, Source=0x665f648, Length=0x80 | out: Destination=0x66657f8)
[0244.998] RtlMoveMemory (in: Destination=0x6665878, Source=0x665f5c8, Length=0x80 | out: Destination=0x6665878)
[0244.998] RtlMoveMemory (in: Destination=0x66658f8, Source=0x665f548, Length=0x80 | out: Destination=0x66658f8)
[0244.998] RtlMoveMemory (in: Destination=0x6665978, Source=0x665f4c8, Length=0x80 | out: Destination=0x6665978)
[0244.998] RtlMoveMemory (in: Destination=0x66659f8, Source=0x665f448, Length=0x80 | out: Destination=0x66659f8)
[0244.998] RtlMoveMemory (in: Destination=0x6665a78, Source=0x665f3c8, Length=0x80 | out: Destination=0x6665a78)
[0244.998] RtlMoveMemory (in: Destination=0x6665af8, Source=0x665f348, Length=0x80 | out: Destination=0x6665af8)
[0244.998] RtlMoveMemory (in: Destination=0x6665b78, Source=0x665f2c8, Length=0x80 | out: Destination=0x6665b78)
[0244.998] RtlMoveMemory (in: Destination=0x6665bf8, Source=0x665f248, Length=0x80 | out: Destination=0x6665bf8)
[0244.998] RtlMoveMemory (in: Destination=0x6665c78, Source=0x665f1c8, Length=0x80 | out: Destination=0x6665c78)
[0244.998] RtlMoveMemory (in: Destination=0x6665cf8, Source=0x665f148, Length=0x80 | out: Destination=0x6665cf8)
[0244.998] RtlMoveMemory (in: Destination=0x6665d78, Source=0x665f0c8, Length=0x80 | out: Destination=0x6665d78)
[0244.998] RtlMoveMemory (in: Destination=0x6665df8, Source=0x665f048, Length=0x80 | out: Destination=0x6665df8)
[0244.998] RtlMoveMemory (in: Destination=0x6665e78, Source=0x665efc8, Length=0x80 | out: Destination=0x6665e78)
[0244.998] RtlMoveMemory (in: Destination=0x6665ef8, Source=0x665ef48, Length=0x80 | out: Destination=0x6665ef8)
[0244.999] GdipBitmapUnlockBits (bitmap=0x6601018, lockedBitmapData=0x2ebde60) returned 0x0
[0244.999] GdipBitmapUnlockBits (bitmap=0x6651ba8, lockedBitmapData=0x2ebde98) returned 0x0
[0244.999] GdipDisposeImage (image=0x6601018) returned 0x0
[0244.999] DeleteObject (ho=0xe30507e0) returned 1
[0244.999] DeleteObject (ho=0xb80507d3) returned 1
[0244.999] GetCurrentThreadId () returned 0xf50
[0244.999] GetCurrentThreadId () returned 0xf50
[0244.999] SetWindowPos (hWnd=0x2500ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0244.999] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0244.999] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0245.000] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0245.000] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0245.000] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0245.000] GetWindowRect (in: hWnd=0x2500ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0245.000] GetParent (hWnd=0x2500ea) returned 0x1c02c8
[0245.000] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02c8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0245.000] InvalidateRect (hWnd=0x2500ea, lpRect=0x0, bErase=1) returned 1
[0245.000] GetWindowTextLengthW (hWnd=0x2500ea) returned 0
[0245.000] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0245.000] GetSystemMetrics (nIndex=42) returned 0
[0245.000] GetWindowTextW (in: hWnd=0x2500ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0245.000] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0245.000] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0245.000] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0245.001] GetWindowRect (in: hWnd=0x2500ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0245.001] GetParent (hWnd=0x2500ea) returned 0x1c02c8
[0245.001] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1c02c8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0245.001] GetWindowTextLengthW (hWnd=0x2500ea) returned 0
[0245.001] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0245.001] GetSystemMetrics (nIndex=42) returned 0
[0245.001] GetWindowTextW (in: hWnd=0x2500ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0245.001] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0245.001] GetWindowTextLengthW (hWnd=0x2500ea) returned 0
[0245.001] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0245.001] GetSystemMetrics (nIndex=42) returned 0
[0245.001] GetWindowTextW (in: hWnd=0x2500ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0245.001] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0245.001] SetWindowTextW (hWnd=0x2500ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0245.001] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xc, wParam=0x0, lParam=0x2e9ecf4) returned 0x1
[0245.001] InvalidateRect (hWnd=0x2500ea, lpRect=0x0, bErase=1) returned 1
[0245.002] GetCurrentThreadId () returned 0xf50
[0245.002] GetWindowThreadProcessId (in: hWnd=0x2500ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0245.002] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0245.003] GdipImageForceValidation (image=0x664fad8) returned 0x0
[0245.005] GdipGetImageRawFormat (image=0x664fad8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0245.005] GdipGetImageHeight (image=0x664fad8, height=0xd7e824) returned 0x0
[0245.005] GdipGetImageWidth (image=0x664fad8, width=0xd7e824) returned 0x0
[0245.005] GdipGetImageWidth (image=0x664fad8, width=0xd7e810) returned 0x0
[0245.005] GdipGetImageHeight (image=0x664fad8, height=0xd7e810) returned 0x0
[0245.005] GdipGetImageWidth (image=0x664fad8, width=0xd7e800) returned 0x0
[0245.005] GdipGetImageHeight (image=0x664fad8, height=0xd7e800) returned 0x0
[0245.005] GdipBitmapGetPixel (bitmap=0x664fad8, x=0, y=15, color=0xd7e810) returned 0x0
[0245.005] GdipGetImageRawFormat (image=0x664fad8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0245.005] GdipGetImageWidth (image=0x664fad8, width=0xd7e740) returned 0x0
[0245.005] GdipGetImageHeight (image=0x664fad8, height=0xd7e740) returned 0x0
[0245.005] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0245.005] GdipGetImagePixelFormat (image=0x6650168, format=0xd7e740) returned 0x0
[0245.006] GdipGetImageGraphicsContext (image=0x6650168, graphics=0xd7e74c) returned 0x0
[0245.006] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0245.006] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0245.006] GdipSetImageAttributesColorKeys (imageattr=0x6638d58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0245.006] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664fad8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d58, callback=0x0, callbackData=0x0) returned 0x0
[0245.006] GdipDisposeImageAttributes (imageattr=0x6638d58) returned 0x0
[0245.006] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.006] GdipDisposeImage (image=0x664fad8) returned 0x0
[0245.007] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0245.008] GdipImageForceValidation (image=0x6651ef0) returned 0x0
[0245.009] GdipGetImageRawFormat (image=0x6651ef0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0245.009] GdipGetImageHeight (image=0x6651ef0, height=0xd7e824) returned 0x0
[0245.009] GdipGetImageWidth (image=0x6651ef0, width=0xd7e824) returned 0x0
[0245.009] GdipGetImageWidth (image=0x6651ef0, width=0xd7e810) returned 0x0
[0245.010] GdipGetImageHeight (image=0x6651ef0, height=0xd7e810) returned 0x0
[0245.010] GdipGetImageWidth (image=0x6651ef0, width=0xd7e800) returned 0x0
[0245.010] GdipGetImageHeight (image=0x6651ef0, height=0xd7e800) returned 0x0
[0245.010] GdipBitmapGetPixel (bitmap=0x6651ef0, x=0, y=15, color=0xd7e810) returned 0x0
[0245.010] GdipGetImageRawFormat (image=0x6651ef0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0245.010] GdipGetImageWidth (image=0x6651ef0, width=0xd7e740) returned 0x0
[0245.010] GdipGetImageHeight (image=0x6651ef0, height=0xd7e740) returned 0x0
[0245.010] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0245.010] GdipGetImagePixelFormat (image=0x664f448, format=0xd7e740) returned 0x0
[0245.010] GdipGetImageGraphicsContext (image=0x664f448, graphics=0xd7e74c) returned 0x0
[0245.010] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0245.011] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0245.011] GdipSetImageAttributesColorKeys (imageattr=0x6638c68, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0245.011] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6651ef0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c68, callback=0x0, callbackData=0x0) returned 0x0
[0245.011] GdipDisposeImageAttributes (imageattr=0x6638c68) returned 0x0
[0245.011] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.011] GdipDisposeImage (image=0x6651ef0) returned 0x0
[0245.012] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.012] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0245.012] GetCurrentThreadId () returned 0xf50
[0245.012] GetCurrentThreadId () returned 0xf50
[0245.012] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.012] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0245.014] GetCurrentThreadId () returned 0xf50
[0245.014] GetCurrentThreadId () returned 0xf50
[0245.014] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.014] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0245.014] GetCurrentThreadId () returned 0xf50
[0245.014] GetCurrentThreadId () returned 0xf50
[0245.014] GetSystemMetrics (nIndex=5) returned 1
[0245.014] GetSystemMetrics (nIndex=6) returned 1
[0245.015] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.015] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0245.015] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.015] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0245.015] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.016] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0245.016] GetCurrentThreadId () returned 0xf50
[0245.016] GetCurrentThreadId () returned 0xf50
[0245.016] GetProcessWindowStation () returned 0x13c
[0245.016] GetCapture () returned 0x0
[0245.016] GetActiveWindow () returned 0x7005c
[0245.016] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0245.016] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.016] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0245.016] GetCursorPos (in: lpPoint=0x2ebefd8 | out: lpPoint=0x2ebefd8*(x=252, y=625)) returned 1
[0245.016] MonitorFromPoint (pt=0xfc, dwFlags=0x271) returned 0x10001
[0245.017] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0245.017] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb90107d3
[0245.017] GetDeviceCaps (hdc=0xb90107d3, index=12) returned 32
[0245.017] GetDeviceCaps (hdc=0xb90107d3, index=14) returned 1
[0245.017] DeleteDC (hdc=0xb90107d3) returned 1
[0245.017] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0245.018] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0245.018] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2202da
[0245.018] SetWindowLongW (hWnd=0x2202da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0245.018] GetWindowLongW (hWnd=0x2202da, nIndex=-4) returned 1950089536
[0245.019] SetWindowLongW (hWnd=0x2202da, nIndex=-4, dwNewLong=19949454) returned 1950089536
[0245.019] GetWindowLongW (hWnd=0x2202da, nIndex=-4) returned 19949454
[0245.019] GetWindowLongW (hWnd=0x2202da, nIndex=-16) returned 113770496
[0245.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0245.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0245.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0245.021] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0245.021] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0245.021] SetWindowTextW (hWnd=0x2202da, lpString="BB ransomware") returned 1
[0245.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xc, wParam=0x0, lParam=0x2ebd774) returned 0x1
[0245.022] GetStartupInfoW (in: lpStartupInfo=0x2ebf314 | out: lpStartupInfo=0x2ebf314*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0245.024] GetParent (hWnd=0x2202da) returned 0x0
[0245.024] SetWindowLongW (hWnd=0x2202da, nIndex=-8, dwNewLong=0) returned 0
[0245.025] SendMessageW (hWnd=0x2202da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0245.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0245.026] SendMessageW (hWnd=0x2202da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0245.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0245.026] GetSystemMenu (hWnd=0x2202da, bRevert=0) returned 0x120087
[0245.026] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0245.026] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0245.027] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0245.027] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0245.027] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0245.027] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0245.027] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0245.027] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0245.027] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0245.027] SetWindowPos (hWnd=0x2202da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0245.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0245.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2202da) returned 0x1
[0245.030] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0245.030] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0245.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.032] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.035] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2202da, lParam=0x0) returned 0x0
[0245.035] GetCapture () returned 0x0
[0245.035] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0245.036] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0245.037] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0245.039] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0245.039] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0245.040] GetParent (hWnd=0x2202da) returned 0x0
[0245.040] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0245.043] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0245.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0245.043] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0245.043] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0245.049] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.049] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.049] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.050] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.050] GetWindowLongW (hWnd=0x2202da, nIndex=-16) returned 113770496
[0245.050] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.050] GetSystemMetrics (nIndex=42) returned 0
[0245.050] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0245.050] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.051] GetSystemMetrics (nIndex=42) returned 0
[0245.051] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0245.051] GetCursorPos (in: lpPoint=0x2ebf550 | out: lpPoint=0x2ebf550*(x=252, y=625)) returned 1
[0245.051] MonitorFromPoint (pt=0xfc, dwFlags=0x271) returned 0x10001
[0245.051] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0245.051] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7a0107f2
[0245.051] GetDeviceCaps (hdc=0x7a0107f2, index=12) returned 32
[0245.051] GetDeviceCaps (hdc=0x7a0107f2, index=14) returned 1
[0245.051] DeleteDC (hdc=0x7a0107f2) returned 1
[0245.052] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0245.052] GetWindowLongW (hWnd=0x2202da, nIndex=-16) returned 113770496
[0245.052] GetWindowLongW (hWnd=0x2202da, nIndex=-20) returned 327945
[0245.052] SetWindowLongW (hWnd=0x2202da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0245.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0245.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0245.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.054] SetWindowLongW (hWnd=0x2202da, nIndex=-20, dwNewLong=327681) returned 327945
[0245.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0245.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0245.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.058] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.058] SetWindowPos (hWnd=0x2202da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0245.058] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0245.058] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0245.059] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0245.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0245.059] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0245.059] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0245.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.061] RedrawWindow (hWnd=0x2202da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0245.061] GetSystemMenu (hWnd=0x2202da, bRevert=0) returned 0x120087
[0245.061] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0245.061] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0245.061] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0245.061] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0245.061] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0245.061] EnableMenuItem (hMenu=0x120087, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0245.061] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0245.061] GetWindowLongW (hWnd=0x2202da, nIndex=-8) returned 0
[0245.061] SetWindowLongW (hWnd=0x2202da, nIndex=-8, dwNewLong=458844) returned 0
[0245.062] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0245.062] GetProcessWindowStation () returned 0x13c
[0245.062] GetCurrentThreadId () returned 0xf50
[0245.063] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130673e, lParam=0x0) returned 1
[0245.063] IsWindowVisible (hWnd=0x2202da) returned 0
[0245.063] IsWindowVisible (hWnd=0x7005c) returned 1
[0245.063] IsWindowEnabled (hWnd=0x7005c) returned 1
[0245.063] IsWindowVisible (hWnd=0x300ec) returned 0
[0245.063] IsWindowVisible (hWnd=0x502c6) returned 0
[0245.063] IsWindowVisible (hWnd=0x502be) returned 0
[0245.063] GetActiveWindow () returned 0x2202da
[0245.063] GetFocus () returned 0x2202da
[0245.063] IsWindow (hWnd=0x7005c) returned 1
[0245.063] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0245.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0245.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0245.064] GetWindowLongW (hWnd=0x2202da, nIndex=-8) returned 458844
[0245.064] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0245.064] GetCurrentThreadId () returned 0xf50
[0245.064] GetWindowLongW (hWnd=0x2202da, nIndex=-8) returned 458844
[0245.064] IsWindowEnabled (hWnd=0x7005c) returned 0
[0245.064] IsWindowEnabled (hWnd=0x2202da) returned 1
[0245.064] ShowWindow (hWnd=0x2202da, nCmdShow=5) returned 0
[0245.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0245.064] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0245.064] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.065] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0245.065] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2202da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2202dc
[0245.065] SetWindowLongW (hWnd=0x2202dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0245.065] GetWindowLongW (hWnd=0x2202dc, nIndex=-4) returned 1950089536
[0245.066] SetWindowLongW (hWnd=0x2202dc, nIndex=-4, dwNewLong=19949694) returned 1950089536
[0245.066] GetWindowLongW (hWnd=0x2202dc, nIndex=-4) returned 19949694
[0245.066] GetWindowLongW (hWnd=0x2202dc, nIndex=-16) returned 1174405120
[0245.066] GetWindowLongW (hWnd=0x2202dc, nIndex=-12) returned 0
[0245.066] SetWindowLongW (hWnd=0x2202dc, nIndex=-12, dwNewLong=2228956) returned 0
[0245.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0245.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0245.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0245.067] GetWindow (hWnd=0x2202dc, uCmd=0x3) returned 0x0
[0245.067] GetClientRect (in: hWnd=0x2202dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0245.067] GetWindowRect (in: hWnd=0x2202dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0245.067] GetParent (hWnd=0x2202dc) returned 0x2202da
[0245.067] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0245.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0245.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0245.068] GetClientRect (in: hWnd=0x2202dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0245.068] GetWindowRect (in: hWnd=0x2202dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0245.068] GetParent (hWnd=0x2202dc) returned 0x2202da
[0245.068] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0245.068] SendMessageW (hWnd=0x2202dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2202dc) returned 0x0
[0245.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2202dc) returned 0x0
[0245.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0245.068] GetParent (hWnd=0x2202dc) returned 0x2202da
[0245.068] GetParent (hWnd=0x2500ea) returned 0x1c02c8
[0245.068] SetParent (hWndChild=0x2500ea, hWndNewParent=0x2202da) returned 0x1c02c8
[0245.068] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0245.069] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0245.069] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0245.069] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0245.069] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0245.069] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0245.069] GetWindowRect (in: hWnd=0x2500ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0245.069] GetParent (hWnd=0x2500ea) returned 0x2202da
[0245.069] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0245.069] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0245.069] GetWindowRect (in: hWnd=0x2500ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0245.069] GetParent (hWnd=0x2500ea) returned 0x2202da
[0245.069] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0245.069] GetParent (hWnd=0x2500ea) returned 0x2202da
[0245.070] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0245.070] GetWindow (hWnd=0x2500ea, uCmd=0x3) returned 0x0
[0245.070] SetWindowPos (hWnd=0x2500ea, hWndInsertAfter=0x2202dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0245.070] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0245.070] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0245.070] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0245.070] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0245.070] GetWindowRect (in: hWnd=0x2500ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0245.070] GetParent (hWnd=0x2500ea) returned 0x2202da
[0245.071] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0245.071] GetParent (hWnd=0x2500ea) returned 0x2202da
[0245.071] GetWindow (hWnd=0x2500ea, uCmd=0x3) returned 0x2202dc
[0245.071] GetWindowThreadProcessId (in: hWnd=0x2500ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0245.071] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0245.071] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.072] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0245.072] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2202da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2402d8
[0245.072] SetWindowLongW (hWnd=0x2402d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0245.072] GetWindowLongW (hWnd=0x2402d8, nIndex=-4) returned 1868032000
[0245.072] SetWindowLongW (hWnd=0x2402d8, nIndex=-4, dwNewLong=19949574) returned 1868032000
[0245.073] GetWindowLongW (hWnd=0x2402d8, nIndex=-4) returned 19949574
[0245.073] GetWindowLongW (hWnd=0x2402d8, nIndex=-16) returned 1174470667
[0245.073] GetWindowLongW (hWnd=0x2402d8, nIndex=-12) returned 0
[0245.073] SetWindowLongW (hWnd=0x2402d8, nIndex=-12, dwNewLong=2360024) returned 0
[0245.073] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0245.073] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0245.073] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0245.074] SendMessageW (hWnd=0x2402d8, Msg=0x2055, wParam=0x2402d8, lParam=0x3) returned 0x2
[0245.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0245.074] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0245.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0245.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0245.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0245.075] RedrawWindow (hWnd=0x2202dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0245.075] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0245.075] RedrawWindow (hWnd=0x2500ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0245.075] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0245.082] RedrawWindow (hWnd=0x2402d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0245.082] RedrawWindow (hWnd=0x2202da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0245.083] GetWindow (hWnd=0x2402d8, uCmd=0x3) returned 0x2500ea
[0245.083] GetClientRect (in: hWnd=0x2402d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0245.083] GetWindowRect (in: hWnd=0x2402d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0245.083] GetParent (hWnd=0x2402d8) returned 0x2202da
[0245.083] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0245.083] SetWindowTextW (hWnd=0x2402d8, lpString="&Details") returned 1
[0245.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0245.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0245.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0245.083] GetClientRect (in: hWnd=0x2402d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0245.083] GetWindowRect (in: hWnd=0x2402d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0245.083] GetParent (hWnd=0x2402d8) returned 0x2202da
[0245.083] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0245.084] SendMessageW (hWnd=0x2402d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2402d8) returned 0x0
[0245.084] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2402d8) returned 0x0
[0245.084] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0245.084] GetParent (hWnd=0x2402d8) returned 0x2202da
[0245.084] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0245.084] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.085] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0245.085] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2202da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2202de
[0245.085] SetWindowLongW (hWnd=0x2202de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0245.085] GetWindowLongW (hWnd=0x2202de, nIndex=-4) returned 1868032000
[0245.085] SetWindowLongW (hWnd=0x2202de, nIndex=-4, dwNewLong=19949614) returned 1868032000
[0245.086] GetWindowLongW (hWnd=0x2202de, nIndex=-4) returned 19949614
[0245.086] GetWindowLongW (hWnd=0x2202de, nIndex=-16) returned 1174470667
[0245.086] GetWindowLongW (hWnd=0x2202de, nIndex=-12) returned 0
[0245.086] SetWindowLongW (hWnd=0x2202de, nIndex=-12, dwNewLong=2228958) returned 0
[0245.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0245.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0245.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0245.088] SendMessageW (hWnd=0x2202de, Msg=0x2055, wParam=0x2202de, lParam=0x3) returned 0x2
[0245.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0245.088] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0245.088] GetWindow (hWnd=0x2202de, uCmd=0x3) returned 0x2402d8
[0245.088] GetClientRect (in: hWnd=0x2202de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0245.088] GetWindowRect (in: hWnd=0x2202de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0245.088] GetParent (hWnd=0x2202de) returned 0x2202da
[0245.088] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0245.088] SetWindowTextW (hWnd=0x2202de, lpString="&Continue") returned 1
[0245.088] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0245.088] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0245.089] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0245.089] GetClientRect (in: hWnd=0x2202de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0245.089] GetWindowRect (in: hWnd=0x2202de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0245.089] GetParent (hWnd=0x2202de) returned 0x2202da
[0245.089] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0245.089] SendMessageW (hWnd=0x2202de, Msg=0x2210, wParam=0x2de0001, lParam=0x2202de) returned 0x0
[0245.089] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x2210, wParam=0x2de0001, lParam=0x2202de) returned 0x0
[0245.089] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0245.089] GetParent (hWnd=0x2202de) returned 0x2202da
[0245.089] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0245.089] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.090] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0245.090] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2202da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1702d0
[0245.090] SetWindowLongW (hWnd=0x1702d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0245.090] GetWindowLongW (hWnd=0x1702d0, nIndex=-4) returned 1868032000
[0245.091] SetWindowLongW (hWnd=0x1702d0, nIndex=-4, dwNewLong=19949654) returned 1868032000
[0245.091] GetWindowLongW (hWnd=0x1702d0, nIndex=-4) returned 19949654
[0245.091] GetWindowLongW (hWnd=0x1702d0, nIndex=-16) returned 1174470667
[0245.091] GetWindowLongW (hWnd=0x1702d0, nIndex=-12) returned 0
[0245.091] SetWindowLongW (hWnd=0x1702d0, nIndex=-12, dwNewLong=1508048) returned 0
[0245.091] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0245.092] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0245.092] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0245.093] SendMessageW (hWnd=0x1702d0, Msg=0x2055, wParam=0x1702d0, lParam=0x3) returned 0x2
[0245.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0245.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0245.093] GetWindow (hWnd=0x1702d0, uCmd=0x3) returned 0x2202de
[0245.093] GetClientRect (in: hWnd=0x1702d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0245.093] GetWindowRect (in: hWnd=0x1702d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0245.093] GetParent (hWnd=0x1702d0) returned 0x2202da
[0245.093] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0245.093] SetWindowTextW (hWnd=0x1702d0, lpString="&Quit") returned 1
[0245.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0245.094] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0245.094] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0245.094] GetClientRect (in: hWnd=0x1702d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0245.094] GetWindowRect (in: hWnd=0x1702d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0245.094] GetParent (hWnd=0x1702d0) returned 0x2202da
[0245.094] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0245.094] SendMessageW (hWnd=0x1702d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1702d0) returned 0x0
[0245.094] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1702d0) returned 0x0
[0245.094] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0245.095] GetParent (hWnd=0x1702d0) returned 0x2202da
[0245.095] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0245.095] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.095] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0245.095] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2202da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1802ce
[0245.096] SetWindowLongW (hWnd=0x1802ce, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0245.096] GetWindowLongW (hWnd=0x1802ce, nIndex=-4) returned 1868026976
[0245.096] SetWindowLongW (hWnd=0x1802ce, nIndex=-4, dwNewLong=19949734) returned 1868026976
[0245.096] GetWindowLongW (hWnd=0x1802ce, nIndex=-4) returned 19949734
[0245.096] GetWindowLongW (hWnd=0x1802ce, nIndex=-16) returned 1177553092
[0245.096] GetWindowLongW (hWnd=0x1802ce, nIndex=-12) returned 0
[0245.096] SetWindowLongW (hWnd=0x1802ce, nIndex=-12, dwNewLong=1573582) returned 0
[0245.096] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0245.097] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0245.098] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0245.115] GetWindow (hWnd=0x1802ce, uCmd=0x3) returned 0x1702d0
[0245.115] GetClientRect (in: hWnd=0x1802ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0245.115] GetWindowRect (in: hWnd=0x1802ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0245.115] GetParent (hWnd=0x1802ce) returned 0x2202da
[0245.115] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0245.115] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.115] GetSystemMetrics (nIndex=42) returned 0
[0245.115] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0245.115] SendMessageW (hWnd=0x1802ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0245.115] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0245.120] SetWindowTextW (hWnd=0x1802ce, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0245.120] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0xc, wParam=0x0, lParam=0x2ebb15c) returned 0x1
[0245.121] GetSystemMetrics (nIndex=5) returned 1
[0245.121] GetSystemMetrics (nIndex=6) returned 1
[0245.121] SendMessageW (hWnd=0x1802ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0245.121] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0245.122] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0245.123] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0245.123] GetClientRect (in: hWnd=0x1802ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0245.123] GetWindowRect (in: hWnd=0x1802ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0245.123] GetParent (hWnd=0x1802ce) returned 0x2202da
[0245.123] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0245.123] SendMessageW (hWnd=0x1802ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1802ce) returned 0x0
[0245.123] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1802ce) returned 0x0
[0245.123] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0245.123] GetParent (hWnd=0x1802ce) returned 0x2202da
[0245.123] GetWindowLongW (hWnd=0x2202da, nIndex=-8) returned 458844
[0245.123] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0245.124] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0245.124] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xbb010803
[0245.124] GetDeviceCaps (hdc=0xbb010803, index=12) returned 32
[0245.124] GetDeviceCaps (hdc=0xbb010803, index=14) returned 1
[0245.124] DeleteDC (hdc=0xbb010803) returned 1
[0245.124] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0245.124] GetWindowThreadProcessId (in: hWnd=0x2202da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0245.124] GetCurrentThreadId () returned 0xf50
[0245.124] PostMessageW (hWnd=0x2202da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0245.124] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.124] GetSystemMetrics (nIndex=42) returned 0
[0245.124] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0245.124] GdipImageGetFrameDimensionsCount (image=0x6651ba8, count=0xd7e25c) returned 0x0
[0245.124] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12010d0
[0245.125] GdipImageGetFrameDimensionsList (image=0x6651ba8, dimensionIDs=0x12010d0*(Data1=0x740073, Data2=0x65, Data3=0x6d, Data4=([0]=0x2e, [1]=0x0, [2]=0x57, [3]=0x0, [4]=0xc0, [5]=0x10, [6]=0x20, [7]=0x1)), count=0x1) returned 0x0
[0245.125] LocalFree (hMem=0x12010d0) returned 0x0
[0245.125] GdipImageGetFrameDimensionsCount (image=0x6650168, count=0xd7e250) returned 0x0
[0245.125] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12011d8
[0245.125] GdipImageGetFrameDimensionsList (image=0x6650168, dimensionIDs=0x12011d8*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0245.125] LocalFree (hMem=0x12011d8) returned 0x0
[0245.125] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0245.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0245.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0245.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0245.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.135] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0245.135] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0245.135] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.135] GetSystemMetrics (nIndex=42) returned 0
[0245.135] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0245.135] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0245.136] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0245.136] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0245.136] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x380507a2
[0245.136] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0245.136] SaveDC (hdc=0x10105d6) returned 1
[0245.136] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0245.136] CreateSolidBrush (color=0xf0f0f0) returned 0x8d1007e1
[0245.136] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x8d1007e1) returned 1
[0245.136] DeleteObject (ho=0x8d1007e1) returned 1
[0245.136] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0245.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0245.136] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0245.137] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0245.137] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0245.140] GetStockObject (i=5) returned 0x900015
[0245.141] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0245.141] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0245.141] GetStockObject (i=5) returned 0x900015
[0245.141] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0245.141] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0245.141] GetStockObject (i=5) returned 0x900015
[0245.141] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0245.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0245.141] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0245.141] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0245.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0245.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0245.143] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0245.143] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0245.143] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.143] InvalidateRect (hWnd=0x2402d8, lpRect=0x0, bErase=0) returned 1
[0245.144] GetFocus () returned 0x2202da
[0245.144] GetFocus () returned 0x2202da
[0245.144] SetFocus (hWnd=0x2402d8) returned 0x2202da
[0245.144] GetFocus () returned 0x2402d8
[0245.144] IsChild (hWndParent=0x2202da, hWnd=0x2402d8) returned 1
[0245.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x8, wParam=0x2402d8, lParam=0x0) returned 0x0
[0245.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0245.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0245.147] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.147] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x7, wParam=0x2202da, lParam=0x0) returned 0x0
[0245.148] GetStockObject (i=5) returned 0x900015
[0245.148] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0245.148] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0245.148] GetDlgItem (hDlg=0x2202da, nIDDlgItem=2360024) returned 0x2402d8
[0245.148] SendMessageW (hWnd=0x2402d8, Msg=0x202b, wParam=0x2402d8, lParam=0xd7e0dc) returned 0x0
[0245.148] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x202b, wParam=0x2402d8, lParam=0xd7e0dc) returned 0x0
[0245.148] InvalidateRect (hWnd=0x2402d8, lpRect=0x0, bErase=0) returned 1
[0245.150] GetFocus () returned 0x2402d8
[0245.150] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.150] IsWindowUnicode (hWnd=0x2202da) returned 1
[0245.150] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.150] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.150] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0245.150] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.150] IsWindowUnicode (hWnd=0x2202da) returned 1
[0245.150] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.150] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.150] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.150] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0245.151] IsWindowUnicode (hWnd=0x2202da) returned 1
[0245.151] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.151] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.151] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.151] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.151] IsWindowUnicode (hWnd=0x602c4) returned 1
[0245.151] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.151] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.151] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0245.151] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0245.152] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.152] IsWindowUnicode (hWnd=0x2202da) returned 1
[0245.152] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.152] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.152] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.152] BeginPaint (in: hWnd=0x2202da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0245.152] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.153] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.153] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.153] GetSystemMetrics (nIndex=42) returned 0
[0245.153] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.153] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0245.153] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.153] EndPaint (hWnd=0x2202da, lpPaint=0xd7e274) returned 1
[0245.153] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.158] IsWindowUnicode (hWnd=0x2202dc) returned 1
[0245.158] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.158] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.158] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.158] BeginPaint (in: hWnd=0x2202dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0245.158] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.158] CreateCompatibleDC (hdc=0xf0105ee) returned 0x850107f2
[0245.158] SelectObject (hdc=0x850107f2, h=0x4a0507fe) returned 0x85000f
[0245.158] GdipCreateFromHDC (hdc=0x850107f2, graphics=0xd7e2b0) returned 0x0
[0245.158] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.158] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0245.158] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0245.158] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0245.158] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e310) returned 0x0
[0245.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0245.159] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea98) returned 0x0
[0245.159] LocalFree (hMem=0x11eea98) returned 0x0
[0245.159] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0245.159] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0245.159] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0245.159] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e304) returned 0x0
[0245.159] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0245.159] GetWindowTextLengthW (hWnd=0x2202dc) returned 0
[0245.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0245.159] GetSystemMetrics (nIndex=42) returned 0
[0245.159] GetWindowTextW (in: hWnd=0x2202dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0245.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0245.159] GetClientRect (in: hWnd=0x2202dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0245.159] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0245.159] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0245.159] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0245.159] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0245.159] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e164) returned 0x0
[0245.159] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.159] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0245.159] LocalFree (hMem=0x11ee788) returned 0x0
[0245.159] GdipCombineRegionRegion (region=0x6646b08, region2=0x6645878, combineMode=0x1) returned 0x0
[0245.159] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.160] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0245.160] LocalFree (hMem=0x11ee868) returned 0x0
[0245.160] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0245.160] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0245.160] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0245.160] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0245.160] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0245.160] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0245.160] GetCurrentObject (hdc=0x850107f2, type=0x1) returned 0xb00017
[0245.160] GetCurrentObject (hdc=0x850107f2, type=0x2) returned 0x900010
[0245.160] GetCurrentObject (hdc=0x850107f2, type=0x7) returned 0x4a0507fe
[0245.160] GetCurrentObject (hdc=0x850107f2, type=0x6) returned 0x8a01c2
[0245.160] SaveDC (hdc=0x850107f2) returned 1
[0245.160] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x73040807
[0245.160] GetClipRgn (hdc=0x850107f2, hrgn=0x73040807) returned 0
[0245.160] SelectClipRgn (hdc=0x850107f2, hrgn=0xa0407de) returned 2
[0245.160] DeleteObject (ho=0x73040807) returned 1
[0245.160] DeleteObject (ho=0xa0407de) returned 1
[0245.160] OffsetViewportOrgEx (in: hdc=0x850107f2, x=0, y=0, lppt=0x2ec0cbc | out: lppt=0x2ec0cbc) returned 1
[0245.160] GetNearestColor (hdc=0x850107f2, color=0xf0f0f0) returned 0xf0f0f0
[0245.161] CreateSolidBrush (color=0xf0f0f0) returned 0x8e1007e1
[0245.161] FillRect (hDC=0x850107f2, lprc=0xd7e198, hbr=0x8e1007e1) returned 1
[0245.161] DeleteObject (ho=0x8e1007e1) returned 1
[0245.161] RestoreDC (hdc=0x850107f2, nSavedDC=-1) returned 1
[0245.161] GdipReleaseDC (graphics=0x6600030, hdc=0x850107f2) returned 0x0
[0245.161] GdipRestoreGraphics (graphics=0x6600030, state=0xf8860dbd) returned 0x0
[0245.161] GdipDeleteRegion (region=0x6645878) returned 0x0
[0245.161] GetWindowTextLengthW (hWnd=0x2202dc) returned 0
[0245.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0245.161] GetSystemMetrics (nIndex=42) returned 0
[0245.161] GetWindowTextW (in: hWnd=0x2202dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0245.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0245.161] GdipGetImageWidth (image=0x6651ba8, width=0xd7e1e0) returned 0x0
[0245.161] GdipGetImageHeight (image=0x6651ba8, height=0xd7e1e0) returned 0x0
[0245.161] GdipGetImageWidth (image=0x6651ba8, width=0xd7e1cc) returned 0x0
[0245.161] GdipGetImageHeight (image=0x6651ba8, height=0xd7e1cc) returned 0x0
[0245.161] GdipDrawImageRectI (graphics=0x6600030, image=0x6651ba8, x=16, y=16, width=32, height=32) returned 0x0
[0245.161] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0245.161] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0x850107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.162] GdipReleaseDC (graphics=0x6600030, hdc=0x850107f2) returned 0x0
[0245.162] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.162] SelectObject (hdc=0x850107f2, h=0x85000f) returned 0x4a0507fe
[0245.162] DeleteDC (hdc=0x850107f2) returned 1
[0245.162] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.162] EndPaint (hWnd=0x2202dc, lpPaint=0xd7e294) returned 1
[0245.162] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.162] IsWindowUnicode (hWnd=0x2500ea) returned 1
[0245.162] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.162] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.162] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.162] BeginPaint (in: hWnd=0x2500ea, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0245.162] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.162] CreateCompatibleDC (hdc=0x10105d6) returned 0x870107f2
[0245.162] GetObjectType (h=0x10105d6) returned 0x3
[0245.163] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffffc6050803
[0245.163] GetDIBits (in: hdc=0x10105d6, hbm=0xc6050803, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0245.163] GetDIBits (in: hdc=0x10105d6, hbm=0xc6050803, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0245.163] DeleteObject (ho=0xc6050803) returned 1
[0245.163] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xac0507fc
[0245.163] SelectObject (hdc=0x870107f2, h=0xac0507fc) returned 0x85000f
[0245.163] GdipCreateFromHDC (hdc=0x870107f2, graphics=0xd7e234) returned 0x0
[0245.163] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.163] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0245.163] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0245.163] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0245.164] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0245.164] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0245.164] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0245.164] LocalFree (hMem=0x11eed00) returned 0x0
[0245.164] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0245.164] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0245.164] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0245.164] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0245.164] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0245.164] GetWindowTextLengthW (hWnd=0x2500ea) returned 232
[0245.164] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0245.164] GetSystemMetrics (nIndex=42) returned 0
[0245.164] GetWindowTextW (in: hWnd=0x2500ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0245.164] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0245.164] GetClientRect (in: hWnd=0x2500ea, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0245.164] GdipCreateRegion (region=0xd7e110) returned 0x0
[0245.164] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0245.164] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0245.164] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0245.164] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e128) returned 0x0
[0245.164] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.164] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0245.164] LocalFree (hMem=0x11eec58) returned 0x0
[0245.164] GdipCombineRegionRegion (region=0x66469e8, region2=0x6645878, combineMode=0x1) returned 0x0
[0245.165] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0245.165] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea60) returned 0x0
[0245.165] LocalFree (hMem=0x11eea60) returned 0x0
[0245.165] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0245.165] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0245.165] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0245.165] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0245.165] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0245.165] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0245.165] GetCurrentObject (hdc=0x870107f2, type=0x1) returned 0xb00017
[0245.165] GetCurrentObject (hdc=0x870107f2, type=0x2) returned 0x900010
[0245.165] GetCurrentObject (hdc=0x870107f2, type=0x7) returned 0xffffffffac0507fc
[0245.165] GetCurrentObject (hdc=0x870107f2, type=0x6) returned 0x8a01c2
[0245.165] SaveDC (hdc=0x870107f2) returned 1
[0245.165] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb0407de
[0245.165] GetClipRgn (hdc=0x870107f2, hrgn=0xb0407de) returned 0
[0245.165] SelectClipRgn (hdc=0x870107f2, hrgn=0x74040807) returned 2
[0245.165] DeleteObject (ho=0xb0407de) returned 1
[0245.165] DeleteObject (ho=0x74040807) returned 1
[0245.165] OffsetViewportOrgEx (in: hdc=0x870107f2, x=0, y=0, lppt=0x2ec2684 | out: lppt=0x2ec2684) returned 1
[0245.165] GetNearestColor (hdc=0x870107f2, color=0xf0f0f0) returned 0xf0f0f0
[0245.166] CreateSolidBrush (color=0xf0f0f0) returned 0x8f1007e1
[0245.166] FillRect (hDC=0x870107f2, lprc=0xd7e15c, hbr=0x8f1007e1) returned 1
[0245.166] DeleteObject (ho=0x8f1007e1) returned 1
[0245.166] RestoreDC (hdc=0x870107f2, nSavedDC=-1) returned 1
[0245.166] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f2) returned 0x0
[0245.166] GdipRestoreGraphics (graphics=0x6600030, state=0xf8840dbd) returned 0x0
[0245.166] GdipDeleteRegion (region=0x6645878) returned 0x0
[0245.167] GetWindowTextLengthW (hWnd=0x2500ea) returned 232
[0245.167] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0245.167] GetSystemMetrics (nIndex=42) returned 0
[0245.167] GetWindowTextW (in: hWnd=0x2500ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0245.167] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0245.167] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0245.167] GetCurrentObject (hdc=0x870107f2, type=0x1) returned 0xb00017
[0245.167] GetCurrentObject (hdc=0x870107f2, type=0x2) returned 0x900010
[0245.167] GetCurrentObject (hdc=0x870107f2, type=0x7) returned 0xffffffffac0507fc
[0245.167] GetCurrentObject (hdc=0x870107f2, type=0x6) returned 0x8a01c2
[0245.167] SaveDC (hdc=0x870107f2) returned 1
[0245.167] GetNearestColor (hdc=0x870107f2, color=0x0) returned 0x0
[0245.167] RestoreDC (hdc=0x870107f2, nSavedDC=-1) returned 1
[0245.167] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f2) returned 0x0
[0245.168] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0245.168] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0245.168] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2ec2e80 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0245.168] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0245.168] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0245.168] GetCurrentObject (hdc=0x870107f2, type=0x1) returned 0xb00017
[0245.168] GetCurrentObject (hdc=0x870107f2, type=0x2) returned 0x900010
[0245.168] GetCurrentObject (hdc=0x870107f2, type=0x7) returned 0xffffffffac0507fc
[0245.168] GetCurrentObject (hdc=0x870107f2, type=0x6) returned 0x8a01c2
[0245.168] SaveDC (hdc=0x870107f2) returned 1
[0245.168] GetTextAlign (hdc=0x870107f2) returned 0x0
[0245.168] GetTextColor (hdc=0x870107f2) returned 0x0
[0245.169] GetCurrentObject (hdc=0x870107f2, type=0x6) returned 0x8a01c2
[0245.169] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0245.174] SelectObject (hdc=0x870107f2, h=0x6d0a0520) returned 0x8a01c2
[0245.174] GetBkMode (hdc=0x870107f2) returned 2
[0245.174] SetBkMode (hdc=0x870107f2, mode=1) returned 2
[0245.174] DrawTextExW (in: hdc=0x870107f2, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2ec30a4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0245.177] RestoreDC (hdc=0x870107f2, nSavedDC=-1) returned 1
[0245.177] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f2) returned 0x0
[0245.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0245.177] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0x870107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.177] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f2) returned 0x0
[0245.177] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.177] SelectObject (hdc=0x870107f2, h=0x85000f) returned 0xac0507fc
[0245.178] DeleteDC (hdc=0x870107f2) returned 1
[0245.178] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.178] DeleteObject (ho=0xac0507fc) returned 1
[0245.178] EndPaint (hWnd=0x2500ea, lpPaint=0xd7e258) returned 1
[0245.178] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.179] IsWindowUnicode (hWnd=0x2202de) returned 1
[0245.179] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.179] SetCursor (hCursor=0x10003) returned 0x10003
[0245.179] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.179] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.179] _TrackMouseEvent (in: lpEventTrack=0x2ec30e0 | out: lpEventTrack=0x2ec30e0) returned 1
[0245.179] SendMessageW (hWnd=0x2202de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0245.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0245.179] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.179] GetKeyState (nVirtKey=1) returned 0
[0245.179] GetKeyState (nVirtKey=2) returned 0
[0245.179] GetKeyState (nVirtKey=4) returned 0
[0245.179] GetKeyState (nVirtKey=5) returned 0
[0245.179] GetKeyState (nVirtKey=6) returned 0
[0245.179] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.180] IsWindowUnicode (hWnd=0x2402d8) returned 1
[0245.180] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.180] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.180] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.180] BeginPaint (in: hWnd=0x2402d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0245.180] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.180] CreateCompatibleDC (hdc=0x107b9) returned 0xc8010803
[0245.180] SelectObject (hdc=0xc8010803, h=0x4a0507fe) returned 0x85000f
[0245.180] GdipCreateFromHDC (hdc=0xc8010803, graphics=0xd7e268) returned 0x0
[0245.180] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.180] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0245.180] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0245.181] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0245.181] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0245.181] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.181] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0245.181] LocalFree (hMem=0x11ee788) returned 0x0
[0245.181] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0245.181] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0245.181] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0245.181] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0245.181] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0245.181] GdipRestoreGraphics (graphics=0x6600030, state=0xf8820dbd) returned 0x0
[0245.181] GdipDeleteRegion (region=0x6645878) returned 0x0
[0245.181] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0245.181] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0245.181] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0245.181] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0245.182] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.182] SaveDC (hdc=0xc8010803) returned 1
[0245.182] GetNearestColor (hdc=0xc8010803, color=0xf0f0f0) returned 0xf0f0f0
[0245.182] GetNearestColor (hdc=0xc8010803, color=0xa0a0a0) returned 0xa0a0a0
[0245.182] GetNearestColor (hdc=0xc8010803, color=0x696969) returned 0x696969
[0245.182] GetNearestColor (hdc=0xc8010803, color=0xa0a0a0) returned 0xa0a0a0
[0245.182] GetNearestColor (hdc=0xc8010803, color=0x0) returned 0x0
[0245.182] GetNearestColor (hdc=0xc8010803, color=0xffffff) returned 0xffffff
[0245.182] GetNearestColor (hdc=0xc8010803, color=0xe5e5e5) returned 0xe5e5e5
[0245.182] GetNearestColor (hdc=0xc8010803, color=0xd7d7d7) returned 0xd7d7d7
[0245.182] GetNearestColor (hdc=0xc8010803, color=0x0) returned 0x0
[0245.182] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0245.183] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0245.183] IsAppThemed () returned 0x1
[0245.183] GetThemeAppProperties () returned 0x3
[0245.183] GetThemeAppProperties () returned 0x3
[0245.183] GdipGetImageWidth (image=0x6650168, width=0xd7e168) returned 0x0
[0245.183] GdipGetImageHeight (image=0x6650168, height=0xd7e168) returned 0x0
[0245.183] IsAppThemed () returned 0x1
[0245.183] GetThemeAppProperties () returned 0x3
[0245.183] GetThemeAppProperties () returned 0x3
[0245.183] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2ec384c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0245.183] IsAppThemed () returned 0x1
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] IsAppThemed () returned 0x1
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] GetFocus () returned 0x2402d8
[0245.184] IsAppThemed () returned 0x1
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] IsAppThemed () returned 0x1
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] IsThemePartDefined () returned 0x1
[0245.184] IsAppThemed () returned 0x1
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] GetThemeAppProperties () returned 0x3
[0245.184] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0245.184] IsAppThemed () returned 0x1
[0245.219] GetThemeAppProperties () returned 0x3
[0245.219] GetThemeAppProperties () returned 0x3
[0245.219] IsAppThemed () returned 0x1
[0245.220] GetThemeAppProperties () returned 0x3
[0245.220] GetThemeAppProperties () returned 0x3
[0245.220] IsThemePartDefined () returned 0x1
[0245.220] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0245.220] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0245.220] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0245.220] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0245.220] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0245.220] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0245.220] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0245.220] LocalFree (hMem=0x11ee9f0) returned 0x0
[0245.220] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0245.220] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0245.220] LocalFree (hMem=0x11ee9f0) returned 0x0
[0245.220] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0245.220] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e018) returned 0x0
[0245.220] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e008) returned 0x0
[0245.220] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0245.220] GdipDeleteRegion (region=0x6645878) returned 0x0
[0245.220] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0245.220] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0245.221] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0245.221] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0245.221] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.221] SaveDC (hdc=0xc8010803) returned 1
[0245.221] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x75040807
[0245.221] GetClipRgn (hdc=0xc8010803, hrgn=0x75040807) returned 0
[0245.221] SelectClipRgn (hdc=0xc8010803, hrgn=0xf0407de) returned 2
[0245.221] DeleteObject (ho=0x75040807) returned 1
[0245.221] DeleteObject (ho=0xf0407de) returned 1
[0245.221] OffsetViewportOrgEx (in: hdc=0xc8010803, x=0, y=0, lppt=0x2ec3efc | out: lppt=0x2ec3efc) returned 1
[0245.221] DrawThemeParentBackground () returned 0x0
[0245.221] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0245.221] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0245.221] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.221] GetSystemMetrics (nIndex=42) returned 0
[0245.221] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0245.222] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.222] SaveDC (hdc=0xc8010803) returned 2
[0245.222] GetNearestColor (hdc=0xc8010803, color=0xf0f0f0) returned 0xf0f0f0
[0245.222] CreateSolidBrush (color=0xf0f0f0) returned 0x901007e1
[0245.222] FillRect (hDC=0xc8010803, lprc=0xd7da38, hbr=0x901007e1) returned 1
[0245.222] DeleteObject (ho=0x901007e1) returned 1
[0245.222] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0245.222] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.222] GetSystemMetrics (nIndex=42) returned 0
[0245.222] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0245.222] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0245.222] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.223] SaveDC (hdc=0xc8010803) returned 2
[0245.223] GetNearestColor (hdc=0xc8010803, color=0xf0f0f0) returned 0xf0f0f0
[0245.223] CreateSolidBrush (color=0xf0f0f0) returned 0x911007e1
[0245.223] FillRect (hDC=0xc8010803, lprc=0xd7d9d8, hbr=0x911007e1) returned 1
[0245.223] DeleteObject (ho=0x911007e1) returned 1
[0245.223] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0245.223] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.223] GetSystemMetrics (nIndex=42) returned 0
[0245.223] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0245.223] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0245.223] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0245.223] IsAppThemed () returned 0x1
[0245.223] GetThemeAppProperties () returned 0x3
[0245.223] GetThemeAppProperties () returned 0x3
[0245.223] IsAppThemed () returned 0x1
[0245.223] GetThemeAppProperties () returned 0x3
[0245.223] GetThemeAppProperties () returned 0x3
[0245.223] IsThemePartDefined () returned 0x1
[0245.223] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0245.224] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0245.224] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0245.224] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0245.224] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0245.224] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eecc8) returned 0x0
[0245.224] LocalFree (hMem=0x11eecc8) returned 0x0
[0245.224] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee910) returned 0x0
[0245.224] LocalFree (hMem=0x11ee910) returned 0x0
[0245.224] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0245.224] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0245.224] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0245.224] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0245.224] GdipDeleteRegion (region=0x6645878) returned 0x0
[0245.224] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0245.224] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0245.224] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0245.224] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0245.224] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.224] SaveDC (hdc=0xc8010803) returned 1
[0245.224] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x100407de
[0245.224] GetClipRgn (hdc=0xc8010803, hrgn=0x100407de) returned 0
[0245.224] SelectClipRgn (hdc=0xc8010803, hrgn=0x77040807) returned 2
[0245.224] DeleteObject (ho=0x100407de) returned 1
[0245.225] DeleteObject (ho=0x77040807) returned 1
[0245.225] OffsetViewportOrgEx (in: hdc=0xc8010803, x=0, y=0, lppt=0x2ec47a8 | out: lppt=0x2ec47a8) returned 1
[0245.225] IsAppThemed () returned 0x1
[0245.225] GetThemeAppProperties () returned 0x3
[0245.225] GetThemeAppProperties () returned 0x3
[0245.225] DrawThemeBackground () returned 0x0
[0245.225] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0245.225] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0245.225] GdipCreateRegion (region=0xd7df60) returned 0x0
[0245.225] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0245.225] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0245.225] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0245.225] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0245.225] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.225] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0245.225] LocalFree (hMem=0x11eec58) returned 0x0
[0245.225] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.225] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0245.225] LocalFree (hMem=0x11eec58) returned 0x0
[0245.225] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0245.225] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0245.225] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df90) returned 0x0
[0245.225] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0245.226] GdipDeleteRegion (region=0x6645878) returned 0x0
[0245.226] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0245.226] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0245.226] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0245.226] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0245.226] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.226] SaveDC (hdc=0xc8010803) returned 1
[0245.226] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x78040807
[0245.226] GetClipRgn (hdc=0xc8010803, hrgn=0x78040807) returned 0
[0245.226] SelectClipRgn (hdc=0xc8010803, hrgn=0x110407de) returned 2
[0245.226] DeleteObject (ho=0x78040807) returned 1
[0245.226] DeleteObject (ho=0x110407de) returned 1
[0245.226] OffsetViewportOrgEx (in: hdc=0xc8010803, x=0, y=0, lppt=0x2ec4a7c | out: lppt=0x2ec4a7c) returned 1
[0245.226] IsAppThemed () returned 0x1
[0245.226] GetThemeAppProperties () returned 0x3
[0245.226] GetThemeAppProperties () returned 0x3
[0245.226] GetThemeBackgroundContentRect () returned 0x0
[0245.226] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0245.226] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0245.226] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0245.226] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0245.227] GdipCloneRegion (region=0x6645878, cloneRegion=0xd7e150) returned 0x0
[0245.227] GdipCombineRegionRectI (region=0x6646718, rect=0xd7e138, combineMode=0x1) returned 0x0
[0245.227] GdipCombineRegionRectI (region=0x6646718, rect=0xd7e138, combineMode=0x1) returned 0x0
[0245.227] GdipSetClipRegion (graphics=0x6600030, region=0x6646718, combineMode=0x0) returned 0x0
[0245.227] GdipGetImageWidth (image=0x6650168, width=0xd7e154) returned 0x0
[0245.227] GdipGetImageHeight (image=0x6650168, height=0xd7e148) returned 0x0
[0245.227] GdipDrawImageRectI (graphics=0x6600030, image=0x6650168, x=4, y=4, width=16, height=16) returned 0x0
[0245.227] GdipSetClipRegion (graphics=0x6600030, region=0x6645878, combineMode=0x0) returned 0x0
[0245.227] IsAppThemed () returned 0x1
[0245.227] GetThemeAppProperties () returned 0x3
[0245.227] GetThemeAppProperties () returned 0x3
[0245.227] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0245.227] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0245.227] GetCurrentObject (hdc=0xc8010803, type=0x1) returned 0xb00017
[0245.227] GetCurrentObject (hdc=0xc8010803, type=0x2) returned 0x900010
[0245.227] GetCurrentObject (hdc=0xc8010803, type=0x7) returned 0x4a0507fe
[0245.227] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.227] SaveDC (hdc=0xc8010803) returned 1
[0245.227] GetTextAlign (hdc=0xc8010803) returned 0x0
[0245.227] GetTextColor (hdc=0xc8010803) returned 0x0
[0245.228] GetCurrentObject (hdc=0xc8010803, type=0x6) returned 0x8a01c2
[0245.228] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0245.228] SelectObject (hdc=0xc8010803, h=0x6d0a0520) returned 0x8a01c2
[0245.228] GetBkMode (hdc=0xc8010803) returned 2
[0245.228] SetBkMode (hdc=0xc8010803, mode=1) returned 2
[0245.228] DrawTextExW (in: hdc=0xc8010803, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2ec4e3c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0245.228] DrawTextExW (in: hdc=0xc8010803, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ec4e3c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0245.228] RestoreDC (hdc=0xc8010803, nSavedDC=-1) returned 1
[0245.228] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0245.228] GetFocus () returned 0x2402d8
[0245.229] IsAppThemed () returned 0x1
[0245.229] GetThemeAppProperties () returned 0x3
[0245.229] GetThemeAppProperties () returned 0x3
[0245.229] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0245.229] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xc8010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.229] GdipReleaseDC (graphics=0x6600030, hdc=0xc8010803) returned 0x0
[0245.229] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.229] SelectObject (hdc=0xc8010803, h=0x85000f) returned 0x4a0507fe
[0245.229] DeleteDC (hdc=0xc8010803) returned 1
[0245.229] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.229] EndPaint (hWnd=0x2402d8, lpPaint=0xd7e24c) returned 1
[0245.229] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0245.230] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.230] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0245.231] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.231] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.237] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0245.238] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.238] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.238] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.238] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.239] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.239] IsWindowUnicode (hWnd=0x2202de) returned 1
[0245.239] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.239] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.239] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.240] BeginPaint (in: hWnd=0x2202de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0245.240] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.240] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa3010781
[0245.240] SelectObject (hdc=0xa3010781, h=0x4a0507fe) returned 0x85000f
[0245.240] GdipCreateFromHDC (hdc=0xa3010781, graphics=0xd7e268) returned 0x0
[0245.240] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.240] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0245.240] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0245.240] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0245.240] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0245.241] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0245.241] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea60) returned 0x0
[0245.241] LocalFree (hMem=0x11eea60) returned 0x0
[0245.241] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0245.241] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0245.241] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0245.241] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0245.241] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0245.241] GdipRestoreGraphics (graphics=0x6600030, state=0xf8800dbd) returned 0x0
[0245.241] GdipDeleteRegion (region=0x6646448) returned 0x0
[0245.241] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0245.241] GetCurrentObject (hdc=0xa3010781, type=0x1) returned 0xb00017
[0245.241] GetCurrentObject (hdc=0xa3010781, type=0x2) returned 0x900010
[0245.241] GetCurrentObject (hdc=0xa3010781, type=0x7) returned 0x4a0507fe
[0245.241] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.241] SaveDC (hdc=0xa3010781) returned 1
[0245.242] GetNearestColor (hdc=0xa3010781, color=0xf0f0f0) returned 0xf0f0f0
[0245.242] GetNearestColor (hdc=0xa3010781, color=0xa0a0a0) returned 0xa0a0a0
[0245.242] GetNearestColor (hdc=0xa3010781, color=0x696969) returned 0x696969
[0245.242] GetNearestColor (hdc=0xa3010781, color=0xa0a0a0) returned 0xa0a0a0
[0245.242] GetNearestColor (hdc=0xa3010781, color=0x0) returned 0x0
[0245.242] GetNearestColor (hdc=0xa3010781, color=0xffffff) returned 0xffffff
[0245.242] GetNearestColor (hdc=0xa3010781, color=0xe5e5e5) returned 0xe5e5e5
[0245.242] GetNearestColor (hdc=0xa3010781, color=0xd7d7d7) returned 0xd7d7d7
[0245.242] GetNearestColor (hdc=0xa3010781, color=0x0) returned 0x0
[0245.242] RestoreDC (hdc=0xa3010781, nSavedDC=-1) returned 1
[0245.242] GdipReleaseDC (graphics=0x6600030, hdc=0xa3010781) returned 0x0
[0245.242] IsAppThemed () returned 0x1
[0245.243] GetThemeAppProperties () returned 0x3
[0245.243] GetThemeAppProperties () returned 0x3
[0245.243] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0245.243] SendMessageW (hWnd=0x2202da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0245.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0245.243] IsAppThemed () returned 0x1
[0245.243] GetThemeAppProperties () returned 0x3
[0245.243] GetThemeAppProperties () returned 0x3
[0245.243] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2ec564c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0245.243] IsAppThemed () returned 0x1
[0245.243] GetThemeAppProperties () returned 0x3
[0245.243] GetThemeAppProperties () returned 0x3
[0245.244] IsAppThemed () returned 0x1
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] IsAppThemed () returned 0x1
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] IsAppThemed () returned 0x1
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] IsThemePartDefined () returned 0x1
[0245.244] IsAppThemed () returned 0x1
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0245.244] IsAppThemed () returned 0x1
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] IsAppThemed () returned 0x1
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] GetThemeAppProperties () returned 0x3
[0245.244] IsThemePartDefined () returned 0x1
[0245.244] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0245.245] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0245.245] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0245.245] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0245.245] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfe4) returned 0x0
[0245.245] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.245] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0245.245] LocalFree (hMem=0x11ee868) returned 0x0
[0245.245] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0245.245] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee910) returned 0x0
[0245.245] LocalFree (hMem=0x11ee910) returned 0x0
[0245.245] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0245.245] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0245.245] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0245.245] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0245.245] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0245.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0245.245] GetCurrentObject (hdc=0xa3010781, type=0x1) returned 0xb00017
[0245.246] GetCurrentObject (hdc=0xa3010781, type=0x2) returned 0x900010
[0245.246] GetCurrentObject (hdc=0xa3010781, type=0x7) returned 0x4a0507fe
[0245.246] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.246] SaveDC (hdc=0xa3010781) returned 1
[0245.246] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x120407de
[0245.246] GetClipRgn (hdc=0xa3010781, hrgn=0x120407de) returned 0
[0245.246] SelectClipRgn (hdc=0xa3010781, hrgn=0x7c040807) returned 2
[0245.246] DeleteObject (ho=0x120407de) returned 1
[0245.246] DeleteObject (ho=0x7c040807) returned 1
[0245.246] OffsetViewportOrgEx (in: hdc=0xa3010781, x=0, y=0, lppt=0x2ec5cfc | out: lppt=0x2ec5cfc) returned 1
[0245.246] DrawThemeParentBackground () returned 0x0
[0245.246] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0245.247] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0245.247] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.247] GetSystemMetrics (nIndex=42) returned 0
[0245.247] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0245.253] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0245.253] GetCurrentObject (hdc=0xa3010781, type=0x1) returned 0xb00017
[0245.253] GetCurrentObject (hdc=0xa3010781, type=0x2) returned 0x900010
[0245.253] GetCurrentObject (hdc=0xa3010781, type=0x7) returned 0x4a0507fe
[0245.254] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.254] SaveDC (hdc=0xa3010781) returned 2
[0245.254] GetNearestColor (hdc=0xa3010781, color=0xf0f0f0) returned 0xf0f0f0
[0245.254] CreateSolidBrush (color=0xf0f0f0) returned 0x921007e1
[0245.254] FillRect (hDC=0xa3010781, lprc=0xd7da30, hbr=0x921007e1) returned 1
[0245.254] DeleteObject (ho=0x921007e1) returned 1
[0245.254] RestoreDC (hdc=0xa3010781, nSavedDC=-1) returned 1
[0245.254] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.254] GetSystemMetrics (nIndex=42) returned 0
[0245.254] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0245.254] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0245.254] GetCurrentObject (hdc=0xa3010781, type=0x1) returned 0xb00017
[0245.254] GetCurrentObject (hdc=0xa3010781, type=0x2) returned 0x900010
[0245.255] GetCurrentObject (hdc=0xa3010781, type=0x7) returned 0x4a0507fe
[0245.255] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.255] SaveDC (hdc=0xa3010781) returned 2
[0245.255] GetNearestColor (hdc=0xa3010781, color=0xf0f0f0) returned 0xf0f0f0
[0245.255] CreateSolidBrush (color=0xf0f0f0) returned 0x931007e1
[0245.255] FillRect (hDC=0xa3010781, lprc=0xd7d9d0, hbr=0x931007e1) returned 1
[0245.255] DeleteObject (ho=0x931007e1) returned 1
[0245.255] RestoreDC (hdc=0xa3010781, nSavedDC=-1) returned 1
[0245.255] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.255] GetSystemMetrics (nIndex=42) returned 0
[0245.255] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0245.256] RestoreDC (hdc=0xa3010781, nSavedDC=-1) returned 1
[0245.256] GdipReleaseDC (graphics=0x6600030, hdc=0xa3010781) returned 0x0
[0245.256] IsAppThemed () returned 0x1
[0245.256] GetThemeAppProperties () returned 0x3
[0245.256] GetThemeAppProperties () returned 0x3
[0245.256] IsAppThemed () returned 0x1
[0245.256] GetThemeAppProperties () returned 0x3
[0245.256] GetThemeAppProperties () returned 0x3
[0245.256] IsThemePartDefined () returned 0x1
[0245.256] GdipCreateRegion (region=0xd7df50) returned 0x0
[0245.256] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0245.256] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0245.257] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0245.257] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0245.257] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.257] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0245.257] LocalFree (hMem=0x11ee788) returned 0x0
[0245.257] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.257] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0245.257] LocalFree (hMem=0x11ee788) returned 0x0
[0245.257] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0245.257] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df90) returned 0x0
[0245.257] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df80) returned 0x0
[0245.257] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0245.257] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0245.257] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0245.257] GetCurrentObject (hdc=0xa3010781, type=0x1) returned 0xb00017
[0245.257] GetCurrentObject (hdc=0xa3010781, type=0x2) returned 0x900010
[0245.258] GetCurrentObject (hdc=0xa3010781, type=0x7) returned 0x4a0507fe
[0245.258] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.258] SaveDC (hdc=0xa3010781) returned 1
[0245.258] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7d040807
[0245.258] GetClipRgn (hdc=0xa3010781, hrgn=0x7d040807) returned 0
[0245.258] SelectClipRgn (hdc=0xa3010781, hrgn=0x140407de) returned 2
[0245.258] DeleteObject (ho=0x7d040807) returned 1
[0245.258] DeleteObject (ho=0x140407de) returned 1
[0245.258] OffsetViewportOrgEx (in: hdc=0xa3010781, x=0, y=0, lppt=0x2ec65a8 | out: lppt=0x2ec65a8) returned 1
[0245.258] IsAppThemed () returned 0x1
[0245.258] GetThemeAppProperties () returned 0x3
[0245.258] GetThemeAppProperties () returned 0x3
[0245.258] DrawThemeBackground () returned 0x0
[0245.258] RestoreDC (hdc=0xa3010781, nSavedDC=-1) returned 1
[0245.259] GdipReleaseDC (graphics=0x6600030, hdc=0xa3010781) returned 0x0
[0245.259] GdipCreateRegion (region=0xd7df54) returned 0x0
[0245.259] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0245.259] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0245.259] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0245.259] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df6c) returned 0x0
[0245.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.259] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0245.259] LocalFree (hMem=0x11ee868) returned 0x0
[0245.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.259] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0245.259] LocalFree (hMem=0x11ee868) returned 0x0
[0245.259] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0245.259] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7df94) returned 0x0
[0245.259] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7df84) returned 0x0
[0245.259] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0245.259] GdipDeleteRegion (region=0x6646958) returned 0x0
[0245.260] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0245.260] GetCurrentObject (hdc=0xa3010781, type=0x1) returned 0xb00017
[0245.260] GetCurrentObject (hdc=0xa3010781, type=0x2) returned 0x900010
[0245.260] GetCurrentObject (hdc=0xa3010781, type=0x7) returned 0x4a0507fe
[0245.260] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.260] SaveDC (hdc=0xa3010781) returned 1
[0245.260] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x150407de
[0245.260] GetClipRgn (hdc=0xa3010781, hrgn=0x150407de) returned 0
[0245.260] SelectClipRgn (hdc=0xa3010781, hrgn=0x7e040807) returned 2
[0245.260] DeleteObject (ho=0x150407de) returned 1
[0245.260] DeleteObject (ho=0x7e040807) returned 1
[0245.260] OffsetViewportOrgEx (in: hdc=0xa3010781, x=0, y=0, lppt=0x2ec687c | out: lppt=0x2ec687c) returned 1
[0245.260] IsAppThemed () returned 0x1
[0245.260] GetThemeAppProperties () returned 0x3
[0245.260] GetThemeAppProperties () returned 0x3
[0245.261] GetThemeBackgroundContentRect () returned 0x0
[0245.261] RestoreDC (hdc=0xa3010781, nSavedDC=-1) returned 1
[0245.261] GdipReleaseDC (graphics=0x6600030, hdc=0xa3010781) returned 0x0
[0245.261] IsAppThemed () returned 0x1
[0245.261] GetThemeAppProperties () returned 0x3
[0245.261] GetThemeAppProperties () returned 0x3
[0245.261] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0245.261] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0245.261] GetCurrentObject (hdc=0xa3010781, type=0x1) returned 0xb00017
[0245.261] GetCurrentObject (hdc=0xa3010781, type=0x2) returned 0x900010
[0245.261] GetCurrentObject (hdc=0xa3010781, type=0x7) returned 0x4a0507fe
[0245.261] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.261] SaveDC (hdc=0xa3010781) returned 1
[0245.261] GetTextAlign (hdc=0xa3010781) returned 0x0
[0245.261] GetTextColor (hdc=0xa3010781) returned 0x0
[0245.261] GetCurrentObject (hdc=0xa3010781, type=0x6) returned 0x8a01c2
[0245.262] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0245.262] SelectObject (hdc=0xa3010781, h=0x6d0a0520) returned 0x8a01c2
[0245.262] GetBkMode (hdc=0xa3010781) returned 2
[0245.262] SetBkMode (hdc=0xa3010781, mode=1) returned 2
[0245.262] DrawTextExW (in: hdc=0xa3010781, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2ec6c1c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0245.262] DrawTextExW (in: hdc=0xa3010781, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2ec6c1c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0245.263] RestoreDC (hdc=0xa3010781, nSavedDC=-1) returned 1
[0245.263] GdipReleaseDC (graphics=0x6600030, hdc=0xa3010781) returned 0x0
[0245.263] GetFocus () returned 0x2402d8
[0245.263] IsAppThemed () returned 0x1
[0245.264] GetThemeAppProperties () returned 0x3
[0245.264] GetThemeAppProperties () returned 0x3
[0245.264] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0245.264] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xa3010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.264] GdipReleaseDC (graphics=0x6600030, hdc=0xa3010781) returned 0x0
[0245.264] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.264] SelectObject (hdc=0xa3010781, h=0x85000f) returned 0x4a0507fe
[0245.264] DeleteDC (hdc=0xa3010781) returned 1
[0245.264] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.264] EndPaint (hWnd=0x2202de, lpPaint=0xd7e24c) returned 1
[0245.264] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.265] IsWindowUnicode (hWnd=0x1702d0) returned 1
[0245.265] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.265] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.265] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.265] BeginPaint (in: hWnd=0x1702d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0245.265] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.265] CreateCompatibleDC (hdc=0x10105d6) returned 0xa5010781
[0245.266] SelectObject (hdc=0xa5010781, h=0x4a0507fe) returned 0x85000f
[0245.266] GdipCreateFromHDC (hdc=0xa5010781, graphics=0xd7e268) returned 0x0
[0245.266] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.266] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0245.266] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0245.266] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0245.266] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0245.266] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.266] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0245.266] LocalFree (hMem=0x11ee788) returned 0x0
[0245.266] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0245.266] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0245.266] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0245.267] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0245.267] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0245.267] GdipRestoreGraphics (graphics=0x6600030, state=0xf87e0dbd) returned 0x0
[0245.267] GdipDeleteRegion (region=0x6646958) returned 0x0
[0245.267] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0245.267] GetCurrentObject (hdc=0xa5010781, type=0x1) returned 0xb00017
[0245.267] GetCurrentObject (hdc=0xa5010781, type=0x2) returned 0x900010
[0245.267] GetCurrentObject (hdc=0xa5010781, type=0x7) returned 0x4a0507fe
[0245.267] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.267] SaveDC (hdc=0xa5010781) returned 1
[0245.267] GetNearestColor (hdc=0xa5010781, color=0xf0f0f0) returned 0xf0f0f0
[0245.267] GetNearestColor (hdc=0xa5010781, color=0xa0a0a0) returned 0xa0a0a0
[0245.267] GetNearestColor (hdc=0xa5010781, color=0x696969) returned 0x696969
[0245.267] GetNearestColor (hdc=0xa5010781, color=0xa0a0a0) returned 0xa0a0a0
[0245.267] GetNearestColor (hdc=0xa5010781, color=0x0) returned 0x0
[0245.267] GetNearestColor (hdc=0xa5010781, color=0xffffff) returned 0xffffff
[0245.268] GetNearestColor (hdc=0xa5010781, color=0xe5e5e5) returned 0xe5e5e5
[0245.268] GetNearestColor (hdc=0xa5010781, color=0xd7d7d7) returned 0xd7d7d7
[0245.268] GetNearestColor (hdc=0xa5010781, color=0x0) returned 0x0
[0245.268] RestoreDC (hdc=0xa5010781, nSavedDC=-1) returned 1
[0245.268] GdipReleaseDC (graphics=0x6600030, hdc=0xa5010781) returned 0x0
[0245.268] IsAppThemed () returned 0x1
[0245.268] GetThemeAppProperties () returned 0x3
[0245.268] GetThemeAppProperties () returned 0x3
[0245.268] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0245.268] SendMessageW (hWnd=0x2202da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0245.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0245.268] IsAppThemed () returned 0x1
[0245.268] GetThemeAppProperties () returned 0x3
[0245.268] GetThemeAppProperties () returned 0x3
[0245.268] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2ec742c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0245.269] IsAppThemed () returned 0x1
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] IsAppThemed () returned 0x1
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] GetFocus () returned 0x2402d8
[0245.269] IsAppThemed () returned 0x1
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] IsAppThemed () returned 0x1
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] GetThemeAppProperties () returned 0x3
[0245.269] IsThemePartDefined () returned 0x1
[0245.269] IsAppThemed () returned 0x1
[0245.269] GetThemeAppProperties () returned 0x3
[0245.270] GetThemeAppProperties () returned 0x3
[0245.270] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0245.270] IsAppThemed () returned 0x1
[0245.270] GetThemeAppProperties () returned 0x3
[0245.270] GetThemeAppProperties () returned 0x3
[0245.270] IsAppThemed () returned 0x1
[0245.270] GetThemeAppProperties () returned 0x3
[0245.270] GetThemeAppProperties () returned 0x3
[0245.270] IsThemePartDefined () returned 0x1
[0245.270] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0245.270] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0245.270] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0245.270] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0245.270] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0245.270] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0245.270] LocalFree (hMem=0x11ee868) returned 0x0
[0245.270] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee910) returned 0x0
[0245.270] LocalFree (hMem=0x11ee910) returned 0x0
[0245.270] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0245.271] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e018) returned 0x0
[0245.271] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e008) returned 0x0
[0245.271] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0245.271] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0245.271] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0245.271] GetCurrentObject (hdc=0xa5010781, type=0x1) returned 0xb00017
[0245.271] GetCurrentObject (hdc=0xa5010781, type=0x2) returned 0x900010
[0245.271] GetCurrentObject (hdc=0xa5010781, type=0x7) returned 0x4a0507fe
[0245.271] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.271] SaveDC (hdc=0xa5010781) returned 1
[0245.271] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7f040807
[0245.271] GetClipRgn (hdc=0xa5010781, hrgn=0x7f040807) returned 0
[0245.271] SelectClipRgn (hdc=0xa5010781, hrgn=0x190407de) returned 2
[0245.271] DeleteObject (ho=0x7f040807) returned 1
[0245.271] DeleteObject (ho=0x190407de) returned 1
[0245.271] OffsetViewportOrgEx (in: hdc=0xa5010781, x=0, y=0, lppt=0x2ec7adc | out: lppt=0x2ec7adc) returned 1
[0245.271] DrawThemeParentBackground () returned 0x0
[0245.272] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0245.272] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0245.272] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.272] GetSystemMetrics (nIndex=42) returned 0
[0245.272] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0245.272] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0245.272] GetCurrentObject (hdc=0xa5010781, type=0x1) returned 0xb00017
[0245.272] GetCurrentObject (hdc=0xa5010781, type=0x2) returned 0x900010
[0245.272] GetCurrentObject (hdc=0xa5010781, type=0x7) returned 0x4a0507fe
[0245.272] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.272] SaveDC (hdc=0xa5010781) returned 2
[0245.272] GetNearestColor (hdc=0xa5010781, color=0xf0f0f0) returned 0xf0f0f0
[0245.273] CreateSolidBrush (color=0xf0f0f0) returned 0x941007e1
[0245.273] FillRect (hDC=0xa5010781, lprc=0xd7da38, hbr=0x941007e1) returned 1
[0245.273] DeleteObject (ho=0x941007e1) returned 1
[0245.273] RestoreDC (hdc=0xa5010781, nSavedDC=-1) returned 1
[0245.273] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.273] GetSystemMetrics (nIndex=42) returned 0
[0245.273] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0245.273] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0245.273] GetCurrentObject (hdc=0xa5010781, type=0x1) returned 0xb00017
[0245.273] GetCurrentObject (hdc=0xa5010781, type=0x2) returned 0x900010
[0245.273] GetCurrentObject (hdc=0xa5010781, type=0x7) returned 0x4a0507fe
[0245.273] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.273] SaveDC (hdc=0xa5010781) returned 2
[0245.274] GetNearestColor (hdc=0xa5010781, color=0xf0f0f0) returned 0xf0f0f0
[0245.274] CreateSolidBrush (color=0xf0f0f0) returned 0x951007e1
[0245.274] FillRect (hDC=0xa5010781, lprc=0xd7d9d8, hbr=0x951007e1) returned 1
[0245.274] DeleteObject (ho=0x951007e1) returned 1
[0245.274] RestoreDC (hdc=0xa5010781, nSavedDC=-1) returned 1
[0245.274] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.274] GetSystemMetrics (nIndex=42) returned 0
[0245.274] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0245.274] RestoreDC (hdc=0xa5010781, nSavedDC=-1) returned 1
[0245.274] GdipReleaseDC (graphics=0x6600030, hdc=0xa5010781) returned 0x0
[0245.275] IsAppThemed () returned 0x1
[0245.275] GetThemeAppProperties () returned 0x3
[0245.275] GetThemeAppProperties () returned 0x3
[0245.275] IsAppThemed () returned 0x1
[0245.275] GetThemeAppProperties () returned 0x3
[0245.275] GetThemeAppProperties () returned 0x3
[0245.275] IsThemePartDefined () returned 0x1
[0245.275] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0245.275] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0245.275] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0245.275] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0245.275] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0245.275] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.275] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0245.275] LocalFree (hMem=0x11ee788) returned 0x0
[0245.275] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0245.275] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0245.275] LocalFree (hMem=0x11eead0) returned 0x0
[0245.276] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0245.276] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0245.276] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0245.276] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0245.276] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0245.276] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0245.276] GetCurrentObject (hdc=0xa5010781, type=0x1) returned 0xb00017
[0245.276] GetCurrentObject (hdc=0xa5010781, type=0x2) returned 0x900010
[0245.276] GetCurrentObject (hdc=0xa5010781, type=0x7) returned 0x4a0507fe
[0245.276] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.276] SaveDC (hdc=0xa5010781) returned 1
[0245.276] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a0407de
[0245.276] GetClipRgn (hdc=0xa5010781, hrgn=0x1a0407de) returned 0
[0245.276] SelectClipRgn (hdc=0xa5010781, hrgn=0x81040807) returned 2
[0245.276] DeleteObject (ho=0x1a0407de) returned 1
[0245.276] DeleteObject (ho=0x81040807) returned 1
[0245.277] OffsetViewportOrgEx (in: hdc=0xa5010781, x=0, y=0, lppt=0x2ec8388 | out: lppt=0x2ec8388) returned 1
[0245.277] IsAppThemed () returned 0x1
[0245.277] GetThemeAppProperties () returned 0x3
[0245.277] GetThemeAppProperties () returned 0x3
[0245.277] DrawThemeBackground () returned 0x0
[0245.277] RestoreDC (hdc=0xa5010781, nSavedDC=-1) returned 1
[0245.277] GdipReleaseDC (graphics=0x6600030, hdc=0xa5010781) returned 0x0
[0245.277] GdipCreateRegion (region=0xd7df60) returned 0x0
[0245.277] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0245.277] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0245.277] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0245.277] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0245.277] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.277] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0245.277] LocalFree (hMem=0x11eec58) returned 0x0
[0245.277] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.277] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0245.278] LocalFree (hMem=0x11eec58) returned 0x0
[0245.278] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0245.278] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0245.278] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0245.278] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0245.278] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0245.278] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0245.278] GetCurrentObject (hdc=0xa5010781, type=0x1) returned 0xb00017
[0245.278] GetCurrentObject (hdc=0xa5010781, type=0x2) returned 0x900010
[0245.278] GetCurrentObject (hdc=0xa5010781, type=0x7) returned 0x4a0507fe
[0245.283] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.283] SaveDC (hdc=0xa5010781) returned 1
[0245.283] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x82040807
[0245.283] GetClipRgn (hdc=0xa5010781, hrgn=0x82040807) returned 0
[0245.283] SelectClipRgn (hdc=0xa5010781, hrgn=0x1b0407de) returned 2
[0245.283] DeleteObject (ho=0x82040807) returned 1
[0245.283] DeleteObject (ho=0x1b0407de) returned 1
[0245.284] OffsetViewportOrgEx (in: hdc=0xa5010781, x=0, y=0, lppt=0x2ec865c | out: lppt=0x2ec865c) returned 1
[0245.284] IsAppThemed () returned 0x1
[0245.284] GetThemeAppProperties () returned 0x3
[0245.284] GetThemeAppProperties () returned 0x3
[0245.284] GetThemeBackgroundContentRect () returned 0x0
[0245.284] RestoreDC (hdc=0xa5010781, nSavedDC=-1) returned 1
[0245.284] GdipReleaseDC (graphics=0x6600030, hdc=0xa5010781) returned 0x0
[0245.284] IsAppThemed () returned 0x1
[0245.284] GetThemeAppProperties () returned 0x3
[0245.284] GetThemeAppProperties () returned 0x3
[0245.284] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0245.284] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0245.284] GetCurrentObject (hdc=0xa5010781, type=0x1) returned 0xb00017
[0245.284] GetCurrentObject (hdc=0xa5010781, type=0x2) returned 0x900010
[0245.284] GetCurrentObject (hdc=0xa5010781, type=0x7) returned 0x4a0507fe
[0245.284] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.284] SaveDC (hdc=0xa5010781) returned 1
[0245.284] GetTextAlign (hdc=0xa5010781) returned 0x0
[0245.284] GetTextColor (hdc=0xa5010781) returned 0x0
[0245.284] GetCurrentObject (hdc=0xa5010781, type=0x6) returned 0x8a01c2
[0245.284] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0245.285] SelectObject (hdc=0xa5010781, h=0x6d0a0520) returned 0x8a01c2
[0245.285] GetBkMode (hdc=0xa5010781) returned 2
[0245.285] SetBkMode (hdc=0xa5010781, mode=1) returned 2
[0245.285] DrawTextExW (in: hdc=0xa5010781, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2ec89fc | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0245.285] DrawTextExW (in: hdc=0xa5010781, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ec89fc | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0245.285] RestoreDC (hdc=0xa5010781, nSavedDC=-1) returned 1
[0245.285] GdipReleaseDC (graphics=0x6600030, hdc=0xa5010781) returned 0x0
[0245.285] GetFocus () returned 0x2402d8
[0245.285] IsAppThemed () returned 0x1
[0245.285] GetThemeAppProperties () returned 0x3
[0245.285] GetThemeAppProperties () returned 0x3
[0245.285] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0245.285] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xa5010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.287] GdipReleaseDC (graphics=0x6600030, hdc=0xa5010781) returned 0x0
[0245.287] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.287] SelectObject (hdc=0xa5010781, h=0x85000f) returned 0x4a0507fe
[0245.287] DeleteDC (hdc=0xa5010781) returned 1
[0245.287] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.287] EndPaint (hWnd=0x1702d0, lpPaint=0xd7e24c) returned 1
[0245.287] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.287] IsWindowUnicode (hWnd=0x602c4) returned 1
[0245.287] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.288] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.288] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.288] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0245.288] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.288] CreateCompatibleDC (hdc=0x107b9) returned 0xa7010781
[0245.288] SelectObject (hdc=0xa7010781, h=0x4a0507fe) returned 0x85000f
[0245.288] GdipCreateFromHDC (hdc=0xa7010781, graphics=0xd7e268) returned 0x0
[0245.288] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.288] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0245.288] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0245.288] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0245.288] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0245.288] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.288] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0245.288] LocalFree (hMem=0x11ee868) returned 0x0
[0245.288] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0245.288] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0245.288] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0245.289] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0245.289] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0245.289] GdipRestoreGraphics (graphics=0x6600030, state=0xf87c0dbd) returned 0x0
[0245.289] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0245.289] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0245.289] GetCurrentObject (hdc=0xa7010781, type=0x1) returned 0xb00017
[0245.289] GetCurrentObject (hdc=0xa7010781, type=0x2) returned 0x900010
[0245.289] GetCurrentObject (hdc=0xa7010781, type=0x7) returned 0x4a0507fe
[0245.289] GetCurrentObject (hdc=0xa7010781, type=0x6) returned 0x8a01c2
[0245.289] SaveDC (hdc=0xa7010781) returned 1
[0245.289] GetNearestColor (hdc=0xa7010781, color=0xff) returned 0xff
[0245.289] GetNearestColor (hdc=0xa7010781, color=0x55) returned 0x55
[0245.289] GetNearestColor (hdc=0xa7010781, color=0x0) returned 0x0
[0245.289] GetNearestColor (hdc=0xa7010781, color=0x55) returned 0x55
[0245.289] GetNearestColor (hdc=0xa7010781, color=0x0) returned 0x0
[0245.289] GetNearestColor (hdc=0xa7010781, color=0x8080ff) returned 0x8080ff
[0245.289] GetNearestColor (hdc=0xa7010781, color=0x7373e5) returned 0x7373e5
[0245.289] GetNearestColor (hdc=0xa7010781, color=0xe5) returned 0xe5
[0245.289] GetNearestColor (hdc=0xa7010781, color=0x0) returned 0x0
[0245.289] RestoreDC (hdc=0xa7010781, nSavedDC=-1) returned 1
[0245.290] GdipReleaseDC (graphics=0x6600030, hdc=0xa7010781) returned 0x0
[0245.290] IsAppThemed () returned 0x1
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] IsAppThemed () returned 0x1
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2ec91c4 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0245.290] IsAppThemed () returned 0x1
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] IsAppThemed () returned 0x1
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] GetFocus () returned 0x2402d8
[0245.290] IsAppThemed () returned 0x1
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] GetThemeAppProperties () returned 0x3
[0245.290] IsAppThemed () returned 0x1
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] IsThemePartDefined () returned 0x1
[0245.291] IsAppThemed () returned 0x1
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0245.291] IsAppThemed () returned 0x1
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] IsAppThemed () returned 0x1
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] GetThemeAppProperties () returned 0x3
[0245.291] IsThemePartDefined () returned 0x1
[0245.291] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0245.291] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0245.291] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0245.291] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0245.291] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0245.291] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0245.291] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0245.291] LocalFree (hMem=0x11eea98) returned 0x0
[0245.291] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0245.291] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea28) returned 0x0
[0245.291] LocalFree (hMem=0x11eea28) returned 0x0
[0245.291] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0245.291] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0245.292] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0245.292] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0245.292] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0245.292] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0245.292] GetCurrentObject (hdc=0xa7010781, type=0x1) returned 0xb00017
[0245.292] GetCurrentObject (hdc=0xa7010781, type=0x2) returned 0x900010
[0245.292] GetCurrentObject (hdc=0xa7010781, type=0x7) returned 0x4a0507fe
[0245.292] GetCurrentObject (hdc=0xa7010781, type=0x6) returned 0x8a01c2
[0245.292] SaveDC (hdc=0xa7010781) returned 1
[0245.292] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1c0407de
[0245.292] GetClipRgn (hdc=0xa7010781, hrgn=0x1c0407de) returned 0
[0245.292] SelectClipRgn (hdc=0xa7010781, hrgn=0x86040807) returned 2
[0245.292] DeleteObject (ho=0x1c0407de) returned 1
[0245.292] DeleteObject (ho=0x86040807) returned 1
[0245.292] OffsetViewportOrgEx (in: hdc=0xa7010781, x=0, y=0, lppt=0x2ec9874 | out: lppt=0x2ec9874) returned 1
[0245.292] DrawThemeParentBackground () returned 0x0
[0245.292] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0245.292] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0245.292] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0245.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.293] GetSystemMetrics (nIndex=42) returned 0
[0245.293] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0245.293] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0245.293] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0245.293] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0245.293] SelectPalette (hdc=0xa7010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.293] GdipCreateFromHDC (hdc=0xa7010781, graphics=0xd7dac8) returned 0x0
[0245.293] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0245.293] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0245.293] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638cc8) returned 0x0
[0245.293] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7daa0) returned 0x0
[0245.293] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0245.293] GdipCreateRegion (region=0xd7da88) returned 0x0
[0245.293] GdipGetClip (graphics=0x6640bc0, region=0x6646688) returned 0x0
[0245.293] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6640bc0, result=0xd7da94) returned 0x0
[0245.293] GdipDeleteRegion (region=0x6646688) returned 0x0
[0245.293] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dac0) returned 0x0
[0245.293] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0245.305] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0245.305] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0245.306] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0245.306] SelectPalette (hdc=0xa7010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.306] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0245.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.306] GetSystemMetrics (nIndex=42) returned 0
[0245.306] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0245.306] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0245.306] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0245.306] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0245.306] SelectPalette (hdc=0xa7010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.306] GdipCreateFromHDC (hdc=0xa7010781, graphics=0xd7da68) returned 0x0
[0245.307] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0245.307] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0245.307] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638c98) returned 0x0
[0245.307] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7da40) returned 0x0
[0245.307] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0245.307] GdipCreateRegion (region=0xd7da28) returned 0x0
[0245.307] GdipGetClip (graphics=0x6640bc0, region=0x6646a78) returned 0x0
[0245.307] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6640bc0, result=0xd7da34) returned 0x0
[0245.307] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0245.307] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7da60) returned 0x0
[0245.307] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0245.317] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0245.317] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0245.319] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf8780dbd) returned 0x0
[0245.319] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0245.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.319] GetSystemMetrics (nIndex=42) returned 0
[0245.319] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0245.319] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0245.319] SelectPalette (hdc=0xa7010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.319] RestoreDC (hdc=0xa7010781, nSavedDC=-1) returned 1
[0245.319] GdipReleaseDC (graphics=0x6600030, hdc=0xa7010781) returned 0x0
[0245.319] IsAppThemed () returned 0x1
[0245.319] GetThemeAppProperties () returned 0x3
[0245.319] GetThemeAppProperties () returned 0x3
[0245.319] IsAppThemed () returned 0x1
[0245.319] GetThemeAppProperties () returned 0x3
[0245.319] GetThemeAppProperties () returned 0x3
[0245.320] IsThemePartDefined () returned 0x1
[0245.320] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0245.320] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0245.320] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0245.320] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0245.320] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0245.320] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0245.320] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0245.320] LocalFree (hMem=0x11eecc8) returned 0x0
[0245.320] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.320] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0245.320] LocalFree (hMem=0x11ee788) returned 0x0
[0245.320] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0245.320] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0245.320] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0245.320] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0245.320] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0245.320] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0245.320] GetCurrentObject (hdc=0xa7010781, type=0x1) returned 0xb00017
[0245.320] GetCurrentObject (hdc=0xa7010781, type=0x2) returned 0x900010
[0245.320] GetCurrentObject (hdc=0xa7010781, type=0x7) returned 0x4a0507fe
[0245.320] GetCurrentObject (hdc=0xa7010781, type=0x6) returned 0x8a01c2
[0245.320] SaveDC (hdc=0xa7010781) returned 1
[0245.320] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x87040807
[0245.321] GetClipRgn (hdc=0xa7010781, hrgn=0x87040807) returned 0
[0245.321] SelectClipRgn (hdc=0xa7010781, hrgn=0x1e0407de) returned 2
[0245.321] DeleteObject (ho=0x87040807) returned 1
[0245.321] DeleteObject (ho=0x1e0407de) returned 1
[0245.321] OffsetViewportOrgEx (in: hdc=0xa7010781, x=0, y=0, lppt=0x2ed00c4 | out: lppt=0x2ed00c4) returned 1
[0245.321] IsAppThemed () returned 0x1
[0245.321] GetThemeAppProperties () returned 0x3
[0245.321] GetThemeAppProperties () returned 0x3
[0245.321] DrawThemeBackground () returned 0x0
[0245.321] RestoreDC (hdc=0xa7010781, nSavedDC=-1) returned 1
[0245.321] GdipReleaseDC (graphics=0x6600030, hdc=0xa7010781) returned 0x0
[0245.321] GdipCreateRegion (region=0xd7df60) returned 0x0
[0245.321] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0245.321] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0245.321] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0245.321] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0245.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.321] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0245.321] LocalFree (hMem=0x11ee868) returned 0x0
[0245.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.321] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0245.321] LocalFree (hMem=0x11ee788) returned 0x0
[0245.322] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0245.322] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0245.322] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0245.322] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0245.322] GdipDeleteRegion (region=0x6646448) returned 0x0
[0245.322] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0245.322] GetCurrentObject (hdc=0xa7010781, type=0x1) returned 0xb00017
[0245.322] GetCurrentObject (hdc=0xa7010781, type=0x2) returned 0x900010
[0245.322] GetCurrentObject (hdc=0xa7010781, type=0x7) returned 0x4a0507fe
[0245.322] GetCurrentObject (hdc=0xa7010781, type=0x6) returned 0x8a01c2
[0245.322] SaveDC (hdc=0xa7010781) returned 1
[0245.322] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f0407de
[0245.322] GetClipRgn (hdc=0xa7010781, hrgn=0x1f0407de) returned 0
[0245.322] SelectClipRgn (hdc=0xa7010781, hrgn=0x88040807) returned 2
[0245.322] DeleteObject (ho=0x1f0407de) returned 1
[0245.322] DeleteObject (ho=0x88040807) returned 1
[0245.322] OffsetViewportOrgEx (in: hdc=0xa7010781, x=0, y=0, lppt=0x2ed0398 | out: lppt=0x2ed0398) returned 1
[0245.322] IsAppThemed () returned 0x1
[0245.322] GetThemeAppProperties () returned 0x3
[0245.322] GetThemeAppProperties () returned 0x3
[0245.322] GetThemeBackgroundContentRect () returned 0x0
[0245.322] RestoreDC (hdc=0xa7010781, nSavedDC=-1) returned 1
[0245.322] GdipReleaseDC (graphics=0x6600030, hdc=0xa7010781) returned 0x0
[0245.322] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0245.322] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0245.323] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0245.323] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0245.323] IsAppThemed () returned 0x1
[0245.323] GetThemeAppProperties () returned 0x3
[0245.323] GetThemeAppProperties () returned 0x3
[0245.323] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0245.323] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0245.323] GetCurrentObject (hdc=0xa7010781, type=0x1) returned 0xb00017
[0245.323] GetCurrentObject (hdc=0xa7010781, type=0x2) returned 0x900010
[0245.323] GetCurrentObject (hdc=0xa7010781, type=0x7) returned 0x4a0507fe
[0245.323] GetCurrentObject (hdc=0xa7010781, type=0x6) returned 0x8a01c2
[0245.323] SaveDC (hdc=0xa7010781) returned 1
[0245.323] GetTextAlign (hdc=0xa7010781) returned 0x0
[0245.323] GetTextColor (hdc=0xa7010781) returned 0x0
[0245.323] GetCurrentObject (hdc=0xa7010781, type=0x6) returned 0x8a01c2
[0245.323] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0245.323] SelectObject (hdc=0xa7010781, h=0x6d0a0520) returned 0x8a01c2
[0245.323] GetBkMode (hdc=0xa7010781) returned 2
[0245.323] SetBkMode (hdc=0xa7010781, mode=1) returned 2
[0245.323] DrawTextExW (in: hdc=0xa7010781, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2ed075c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0245.324] DrawTextExW (in: hdc=0xa7010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ed075c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0245.324] RestoreDC (hdc=0xa7010781, nSavedDC=-1) returned 1
[0245.324] GdipReleaseDC (graphics=0x6600030, hdc=0xa7010781) returned 0x0
[0245.324] GetFocus () returned 0x2402d8
[0245.324] IsAppThemed () returned 0x1
[0245.324] GetThemeAppProperties () returned 0x3
[0245.324] GetThemeAppProperties () returned 0x3
[0245.324] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0245.324] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xa7010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.324] GdipReleaseDC (graphics=0x6600030, hdc=0xa7010781) returned 0x0
[0245.324] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.325] SelectObject (hdc=0xa7010781, h=0x85000f) returned 0x4a0507fe
[0245.325] DeleteDC (hdc=0xa7010781) returned 1
[0245.325] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.325] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0245.325] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.325] IsWindowUnicode (hWnd=0x2202de) returned 1
[0245.325] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.325] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.326] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.326] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.326] IsWindowUnicode (hWnd=0x2202de) returned 1
[0245.326] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.326] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.326] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x2a1, wParam=0x0, lParam=0xc0023) returned 0x0
[0245.326] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.326] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.326] WaitMessage () returned 1
[0245.331] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.331] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.331] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.331] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.331] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.332] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.332] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.332] WaitMessage () returned 1
[0245.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.333] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.333] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.333] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.333] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.333] WaitMessage () returned 1
[0245.334] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.334] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.334] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.334] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.334] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.335] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.335] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.335] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.335] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.335] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.336] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.336] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.336] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.336] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.336] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.336] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.336] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.336] WaitMessage () returned 1
[0245.337] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.337] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.337] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.337] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.337] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.338] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.338] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.338] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.338] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.338] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.338] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.338] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.339] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.339] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.339] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.339] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.339] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.339] WaitMessage () returned 1
[0245.339] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.340] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.340] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.340] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.340] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.345] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.345] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.345] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.345] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.345] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.345] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.345] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.345] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.345] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.345] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.345] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.346] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.346] WaitMessage () returned 1
[0245.348] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.348] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.348] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.348] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.348] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.349] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.350] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.350] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.350] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.350] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.350] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.350] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.350] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.350] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.351] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0245.351] WaitMessage () returned 1
[0245.414] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.414] IsWindowUnicode (hWnd=0x2202de) returned 1
[0245.414] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.415] GetDlgItem (hDlg=0x2202da, nIDDlgItem=0) returned 0x0
[0245.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x210, wParam=0x201, lParam=0x6a0104) returned 0x0
[0245.415] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x21, wParam=0x2202da, lParam=0x2010001) returned 0x1
[0245.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x21, wParam=0x2202da, lParam=0x2010001) returned 0x1
[0245.415] SetCursor (hCursor=0x10003) returned 0x10003
[0245.415] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.415] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.415] GetKeyState (nVirtKey=1) returned -127
[0245.415] GetKeyState (nVirtKey=2) returned 0
[0245.415] GetKeyState (nVirtKey=4) returned 0
[0245.415] GetKeyState (nVirtKey=5) returned 0
[0245.415] GetKeyState (nVirtKey=6) returned 0
[0245.415] IsWindowVisible (hWnd=0x2202de) returned 1
[0245.415] IsWindowEnabled (hWnd=0x2202de) returned 1
[0245.415] SetFocus (hWnd=0x2202de) returned 0x2402d8
[0245.416] GetFocus () returned 0x2202de
[0245.416] IsChild (hWndParent=0x2202da, hWnd=0x2202de) returned 1
[0245.416] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x8, wParam=0x2202de, lParam=0x0) returned 0x0
[0245.416] GetCapture () returned 0x0
[0245.416] InvalidateRect (hWnd=0x2402d8, lpRect=0x0, bErase=0) returned 1
[0245.417] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0245.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0245.419] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.419] InvalidateRect (hWnd=0x2402d8, lpRect=0x0, bErase=0) returned 1
[0245.419] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.420] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x7, wParam=0x2402d8, lParam=0x0) returned 0x0
[0245.420] GetStockObject (i=5) returned 0x900015
[0245.420] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0245.420] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0245.420] GetDlgItem (hDlg=0x2202da, nIDDlgItem=2228958) returned 0x2202de
[0245.420] SendMessageW (hWnd=0x2202de, Msg=0x202b, wParam=0x2202de, lParam=0xd7dddc) returned 0x0
[0245.420] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x202b, wParam=0x2202de, lParam=0xd7dddc) returned 0x0
[0245.420] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.422] GetFocus () returned 0x2202de
[0245.422] GetFocus () returned 0x2202de
[0245.422] GetFocus () returned 0x2202de
[0245.422] GetKeyState (nVirtKey=1) returned -127
[0245.422] GetKeyState (nVirtKey=2) returned 0
[0245.422] GetKeyState (nVirtKey=4) returned 0
[0245.422] GetKeyState (nVirtKey=5) returned 0
[0245.422] GetKeyState (nVirtKey=6) returned 0
[0245.422] GetCapture () returned 0x0
[0245.422] SetCapture (hWnd=0x2202de) returned 0x0
[0245.422] GetKeyState (nVirtKey=1) returned -127
[0245.422] GetKeyState (nVirtKey=2) returned 0
[0245.422] GetKeyState (nVirtKey=4) returned 0
[0245.422] GetKeyState (nVirtKey=5) returned 0
[0245.422] GetKeyState (nVirtKey=6) returned 0
[0245.422] NotifyWinEvent (event=0x800a, hwnd=0x2202de, idObject=-4, idChild=0)
[0245.423] InvalidateRect (hWnd=0x2202de, lpRect=0xd7e430, bErase=0) returned 1
[0245.423] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.423] IsWindowUnicode (hWnd=0x2202de) returned 1
[0245.423] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.423] TranslateMessage (lpMsg=0xd7e808) returned 0
[0245.423] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0245.423] MapWindowPoints (in: hWndFrom=0x2202de, hWndTo=0x0, lpPoints=0x2ed0a48, cPoints=0x1 | out: lpPoints=0x2ed0a48) returned 30999254
[0245.423] NotifyWinEvent (event=0x800a, hwnd=0x2202de, idObject=-4, idChild=0)
[0245.423] InvalidateRect (hWnd=0x2202de, lpRect=0xd7e3d0, bErase=0) returned 1
[0245.423] UpdateWindow (hWnd=0x2202de) returned 1
[0245.423] BeginPaint (in: hWnd=0x2202de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0245.424] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.424] CreateCompatibleDC (hdc=0xf0105ee) returned 0x980107e9
[0245.424] SelectObject (hdc=0x980107e9, h=0x4a0507fe) returned 0x85000f
[0245.424] GdipCreateFromHDC (hdc=0x980107e9, graphics=0xd7df00) returned 0x0
[0245.424] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.424] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0245.424] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0245.424] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0245.424] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df60) returned 0x0
[0245.424] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.424] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0245.425] LocalFree (hMem=0x11eec58) returned 0x0
[0245.425] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0245.425] GdipCreateRegion (region=0xd7df48) returned 0x0
[0245.425] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0245.425] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0245.425] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0245.425] GdipRestoreGraphics (graphics=0x6600030, state=0xf8760dbd) returned 0x0
[0245.425] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0245.425] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0245.425] GetCurrentObject (hdc=0x980107e9, type=0x1) returned 0xb00017
[0245.425] GetCurrentObject (hdc=0x980107e9, type=0x2) returned 0x900010
[0245.425] GetCurrentObject (hdc=0x980107e9, type=0x7) returned 0x4a0507fe
[0245.425] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.425] SaveDC (hdc=0x980107e9) returned 1
[0245.425] GetNearestColor (hdc=0x980107e9, color=0xf0f0f0) returned 0xf0f0f0
[0245.426] GetNearestColor (hdc=0x980107e9, color=0xa0a0a0) returned 0xa0a0a0
[0245.426] GetNearestColor (hdc=0x980107e9, color=0x696969) returned 0x696969
[0245.426] GetNearestColor (hdc=0x980107e9, color=0xa0a0a0) returned 0xa0a0a0
[0245.426] GetNearestColor (hdc=0x980107e9, color=0x0) returned 0x0
[0245.426] GetNearestColor (hdc=0x980107e9, color=0xffffff) returned 0xffffff
[0245.426] GetNearestColor (hdc=0x980107e9, color=0xe5e5e5) returned 0xe5e5e5
[0245.426] GetNearestColor (hdc=0x980107e9, color=0xd7d7d7) returned 0xd7d7d7
[0245.426] GetNearestColor (hdc=0x980107e9, color=0x0) returned 0x0
[0245.426] RestoreDC (hdc=0x980107e9, nSavedDC=-1) returned 1
[0245.426] GdipReleaseDC (graphics=0x6600030, hdc=0x980107e9) returned 0x0
[0245.426] IsAppThemed () returned 0x1
[0245.426] GetThemeAppProperties () returned 0x3
[0245.426] GetThemeAppProperties () returned 0x3
[0245.427] IsAppThemed () returned 0x1
[0245.427] GetThemeAppProperties () returned 0x3
[0245.427] GetThemeAppProperties () returned 0x3
[0245.427] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2ed11a0 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0245.427] IsAppThemed () returned 0x1
[0245.427] GetThemeAppProperties () returned 0x3
[0245.427] GetThemeAppProperties () returned 0x3
[0245.427] IsAppThemed () returned 0x1
[0245.427] GetThemeAppProperties () returned 0x3
[0245.427] GetThemeAppProperties () returned 0x3
[0245.427] IsAppThemed () returned 0x1
[0245.427] GetThemeAppProperties () returned 0x3
[0245.427] GetThemeAppProperties () returned 0x3
[0245.428] IsAppThemed () returned 0x1
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] IsThemePartDefined () returned 0x1
[0245.428] IsAppThemed () returned 0x1
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0245.428] IsAppThemed () returned 0x1
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] IsAppThemed () returned 0x1
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] GetThemeAppProperties () returned 0x3
[0245.428] IsThemePartDefined () returned 0x1
[0245.428] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0245.428] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0245.428] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0245.428] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0245.428] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc7c) returned 0x0
[0245.429] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0245.429] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee910) returned 0x0
[0245.429] LocalFree (hMem=0x11ee910) returned 0x0
[0245.429] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.429] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0245.429] LocalFree (hMem=0x11ee868) returned 0x0
[0245.429] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0245.429] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0245.429] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0245.429] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0245.429] GdipDeleteRegion (region=0x6646448) returned 0x0
[0245.429] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0245.429] GetCurrentObject (hdc=0x980107e9, type=0x1) returned 0xb00017
[0245.429] GetCurrentObject (hdc=0x980107e9, type=0x2) returned 0x900010
[0245.429] GetCurrentObject (hdc=0x980107e9, type=0x7) returned 0x4a0507fe
[0245.429] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.430] SaveDC (hdc=0x980107e9) returned 1
[0245.430] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x89040807
[0245.430] GetClipRgn (hdc=0x980107e9, hrgn=0x89040807) returned 0
[0245.430] SelectClipRgn (hdc=0x980107e9, hrgn=0x230407de) returned 2
[0245.430] DeleteObject (ho=0x89040807) returned 1
[0245.430] DeleteObject (ho=0x230407de) returned 1
[0245.430] OffsetViewportOrgEx (in: hdc=0x980107e9, x=0, y=0, lppt=0x2ed1850 | out: lppt=0x2ed1850) returned 1
[0245.430] DrawThemeParentBackground () returned 0x0
[0245.430] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0245.430] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0245.430] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.431] GetSystemMetrics (nIndex=42) returned 0
[0245.431] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0245.431] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0245.431] GetCurrentObject (hdc=0x980107e9, type=0x1) returned 0xb00017
[0245.431] GetCurrentObject (hdc=0x980107e9, type=0x2) returned 0x900010
[0245.431] GetCurrentObject (hdc=0x980107e9, type=0x7) returned 0x4a0507fe
[0245.431] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.431] SaveDC (hdc=0x980107e9) returned 2
[0245.431] GetNearestColor (hdc=0x980107e9, color=0xf0f0f0) returned 0xf0f0f0
[0245.431] CreateSolidBrush (color=0xf0f0f0) returned 0x961007e1
[0245.431] FillRect (hDC=0x980107e9, lprc=0xd7d6c8, hbr=0x961007e1) returned 1
[0245.431] DeleteObject (ho=0x961007e1) returned 1
[0245.431] RestoreDC (hdc=0x980107e9, nSavedDC=-1) returned 1
[0245.432] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.432] GetSystemMetrics (nIndex=42) returned 0
[0245.432] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0245.432] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0245.432] GetCurrentObject (hdc=0x980107e9, type=0x1) returned 0xb00017
[0245.432] GetCurrentObject (hdc=0x980107e9, type=0x2) returned 0x900010
[0245.432] GetCurrentObject (hdc=0x980107e9, type=0x7) returned 0x4a0507fe
[0245.432] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.432] SaveDC (hdc=0x980107e9) returned 2
[0245.432] GetNearestColor (hdc=0x980107e9, color=0xf0f0f0) returned 0xf0f0f0
[0245.432] CreateSolidBrush (color=0xf0f0f0) returned 0x971007e1
[0245.432] FillRect (hDC=0x980107e9, lprc=0xd7d668, hbr=0x971007e1) returned 1
[0245.433] DeleteObject (ho=0x971007e1) returned 1
[0245.433] RestoreDC (hdc=0x980107e9, nSavedDC=-1) returned 1
[0245.433] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.433] GetSystemMetrics (nIndex=42) returned 0
[0245.433] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0245.433] RestoreDC (hdc=0x980107e9, nSavedDC=-1) returned 1
[0245.433] GdipReleaseDC (graphics=0x6600030, hdc=0x980107e9) returned 0x0
[0245.433] IsAppThemed () returned 0x1
[0245.433] GetThemeAppProperties () returned 0x3
[0245.433] GetThemeAppProperties () returned 0x3
[0245.433] IsAppThemed () returned 0x1
[0245.434] GetThemeAppProperties () returned 0x3
[0245.434] GetThemeAppProperties () returned 0x3
[0245.434] IsThemePartDefined () returned 0x1
[0245.434] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0245.434] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0245.434] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0245.434] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0245.434] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0245.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.434] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0245.434] LocalFree (hMem=0x11ee868) returned 0x0
[0245.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.434] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0245.441] LocalFree (hMem=0x11ee788) returned 0x0
[0245.442] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0245.442] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0245.442] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0245.442] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0245.442] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0245.442] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0245.442] GetCurrentObject (hdc=0x980107e9, type=0x1) returned 0xb00017
[0245.442] GetCurrentObject (hdc=0x980107e9, type=0x2) returned 0x900010
[0245.442] GetCurrentObject (hdc=0x980107e9, type=0x7) returned 0x4a0507fe
[0245.442] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.442] SaveDC (hdc=0x980107e9) returned 1
[0245.442] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x240407de
[0245.442] GetClipRgn (hdc=0x980107e9, hrgn=0x240407de) returned 0
[0245.443] SelectClipRgn (hdc=0x980107e9, hrgn=0x8b040807) returned 2
[0245.443] DeleteObject (ho=0x240407de) returned 1
[0245.443] DeleteObject (ho=0x8b040807) returned 1
[0245.443] OffsetViewportOrgEx (in: hdc=0x980107e9, x=0, y=0, lppt=0x2ed20fc | out: lppt=0x2ed20fc) returned 1
[0245.443] IsAppThemed () returned 0x1
[0245.443] GetThemeAppProperties () returned 0x3
[0245.443] GetThemeAppProperties () returned 0x3
[0245.443] DrawThemeBackground () returned 0x0
[0245.443] RestoreDC (hdc=0x980107e9, nSavedDC=-1) returned 1
[0245.443] GdipReleaseDC (graphics=0x6600030, hdc=0x980107e9) returned 0x0
[0245.443] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0245.443] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0245.443] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0245.443] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0245.444] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc04) returned 0x0
[0245.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0245.444] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0245.444] LocalFree (hMem=0x11ee788) returned 0x0
[0245.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.444] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0245.444] LocalFree (hMem=0x11eec58) returned 0x0
[0245.444] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0245.444] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0245.444] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0245.444] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0245.444] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0245.444] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0245.444] GetCurrentObject (hdc=0x980107e9, type=0x1) returned 0xb00017
[0245.444] GetCurrentObject (hdc=0x980107e9, type=0x2) returned 0x900010
[0245.444] GetCurrentObject (hdc=0x980107e9, type=0x7) returned 0x4a0507fe
[0245.445] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.445] SaveDC (hdc=0x980107e9) returned 1
[0245.445] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8c040807
[0245.445] GetClipRgn (hdc=0x980107e9, hrgn=0x8c040807) returned 0
[0245.445] SelectClipRgn (hdc=0x980107e9, hrgn=0x250407de) returned 2
[0245.445] DeleteObject (ho=0x8c040807) returned 1
[0245.445] DeleteObject (ho=0x250407de) returned 1
[0245.445] OffsetViewportOrgEx (in: hdc=0x980107e9, x=0, y=0, lppt=0x2ed23d0 | out: lppt=0x2ed23d0) returned 1
[0245.445] IsAppThemed () returned 0x1
[0245.445] GetThemeAppProperties () returned 0x3
[0245.445] GetThemeAppProperties () returned 0x3
[0245.445] GetThemeBackgroundContentRect () returned 0x0
[0245.445] RestoreDC (hdc=0x980107e9, nSavedDC=-1) returned 1
[0245.445] GdipReleaseDC (graphics=0x6600030, hdc=0x980107e9) returned 0x0
[0245.446] IsAppThemed () returned 0x1
[0245.446] GetThemeAppProperties () returned 0x3
[0245.446] GetThemeAppProperties () returned 0x3
[0245.446] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0245.446] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0245.446] GetCurrentObject (hdc=0x980107e9, type=0x1) returned 0xb00017
[0245.446] GetCurrentObject (hdc=0x980107e9, type=0x2) returned 0x900010
[0245.446] GetCurrentObject (hdc=0x980107e9, type=0x7) returned 0x4a0507fe
[0245.446] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.446] SaveDC (hdc=0x980107e9) returned 1
[0245.446] GetTextAlign (hdc=0x980107e9) returned 0x0
[0245.446] GetTextColor (hdc=0x980107e9) returned 0x0
[0245.446] GetCurrentObject (hdc=0x980107e9, type=0x6) returned 0x8a01c2
[0245.446] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0245.447] SelectObject (hdc=0x980107e9, h=0x6d0a0520) returned 0x8a01c2
[0245.447] GetBkMode (hdc=0x980107e9) returned 2
[0245.447] SetBkMode (hdc=0x980107e9, mode=1) returned 2
[0245.447] DrawTextExW (in: hdc=0x980107e9, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2ed2770 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0245.447] DrawTextExW (in: hdc=0x980107e9, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2ed2770 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0245.447] RestoreDC (hdc=0x980107e9, nSavedDC=-1) returned 1
[0245.448] GdipReleaseDC (graphics=0x6600030, hdc=0x980107e9) returned 0x0
[0245.448] GetFocus () returned 0x2202de
[0245.448] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0245.448] SendMessageW (hWnd=0x2202da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0245.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0245.448] IsAppThemed () returned 0x1
[0245.448] GetThemeAppProperties () returned 0x3
[0245.448] GetThemeAppProperties () returned 0x3
[0245.448] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0245.448] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x980107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.448] GdipReleaseDC (graphics=0x6600030, hdc=0x980107e9) returned 0x0
[0245.448] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.448] SelectObject (hdc=0x980107e9, h=0x85000f) returned 0x4a0507fe
[0245.449] DeleteDC (hdc=0x980107e9) returned 1
[0245.449] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.449] EndPaint (hWnd=0x2202de, lpPaint=0xd7dee4) returned 1
[0245.449] MapWindowPoints (in: hWndFrom=0x2202de, hWndTo=0x0, lpPoints=0x2ed286c, cPoints=0x1 | out: lpPoints=0x2ed286c) returned 30999254
[0245.449] WindowFromPoint (Point=0x2f9) returned 0x2202de
[0245.449] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.449] NotifyWinEvent (event=0x800a, hwnd=0x2202de, idObject=-4, idChild=0)
[0245.449] NotifyWinEvent (event=0x800c, hwnd=0x2202de, idObject=-4, idChild=0)
[0245.449] GetCapture () returned 0x2202de
[0245.449] ReleaseCapture () returned 1
[0245.450] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0245.450] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0245.451] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.451] IsWindow (hWnd=0x7005c) returned 1
[0245.451] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0245.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0245.452] IsWindow (hWnd=0x2202da) returned 1
[0245.452] SetActiveWindow (hWnd=0x2202da) returned 0x2202da
[0245.452] IsWindow (hWnd=0x2202da) returned 1
[0245.452] SetFocus (hWnd=0x2202da) returned 0x2202de
[0245.453] GetFocus () returned 0x2202da
[0245.453] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x8, wParam=0x2202da, lParam=0x0) returned 0x0
[0245.454] GetCapture () returned 0x0
[0245.454] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0245.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0245.458] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.458] GetFocus () returned 0x2202da
[0245.458] SetFocus (hWnd=0x2202de) returned 0x2202da
[0245.459] GetFocus () returned 0x2202de
[0245.459] IsChild (hWndParent=0x2202da, hWnd=0x2202de) returned 1
[0245.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x8, wParam=0x2202de, lParam=0x0) returned 0x0
[0245.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0245.462] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0245.464] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x7, wParam=0x2202da, lParam=0x0) returned 0x0
[0245.464] GetStockObject (i=5) returned 0x900015
[0245.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0245.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0245.465] GetDlgItem (hDlg=0x2202da, nIDDlgItem=2228958) returned 0x2202de
[0245.465] SendMessageW (hWnd=0x2202de, Msg=0x202b, wParam=0x2202de, lParam=0xd7ddcc) returned 0x0
[0245.465] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x202b, wParam=0x2202de, lParam=0xd7ddcc) returned 0x0
[0245.465] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.471] GetWindowLongW (hWnd=0x2202da, nIndex=-8) returned 458844
[0245.471] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0245.471] GetCurrentThreadId () returned 0xf50
[0245.471] IsWindow (hWnd=0x7005c) returned 1
[0245.471] IsWindow (hWnd=0x7005c) returned 1
[0245.471] IsWindowVisible (hWnd=0x7005c) returned 1
[0245.471] SetActiveWindow (hWnd=0x7005c) returned 0x2202da
[0245.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0245.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0245.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0245.476] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0245.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0245.476] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0245.476] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0245.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2202da) returned 0x1
[0245.482] GetFocus () returned 0x2202de
[0245.483] SetFocus (hWnd=0x602c4) returned 0x2202de
[0245.483] GetFocus () returned 0x602c4
[0245.483] IsChild (hWndParent=0x2202da, hWnd=0x602c4) returned 0
[0245.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0245.484] GetCapture () returned 0x0
[0245.484] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0245.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0245.488] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0245.488] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0245.489] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0245.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2202de, lParam=0x0) returned 0x0
[0245.489] GetStockObject (i=5) returned 0x900015
[0245.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0245.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8c8) returned 0xc
[0245.489] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0245.489] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0245.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0245.489] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0245.494] GetFocus () returned 0x602c4
[0245.494] IsChild (hWndParent=0x2202da, hWnd=0x602c4) returned 0
[0245.494] ShowWindow (hWnd=0x2202da, nCmdShow=0) returned 1
[0245.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0245.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0245.496] GetWindowPlacement (in: hWnd=0x2202da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0245.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0245.496] GetClientRect (in: hWnd=0x2202da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0245.496] GetWindowRect (in: hWnd=0x2202da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0245.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0245.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0245.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0245.505] GetWindowLongW (hWnd=0x2202da, nIndex=-20) returned 327945
[0245.505] DestroyWindow (hWnd=0x2202da) returned 1
[0245.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0245.506] GetWindowTextLengthW (hWnd=0x2202da) returned 13
[0245.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.506] GetSystemMetrics (nIndex=42) returned 0
[0245.506] GetWindowTextW (in: hWnd=0x2202da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0245.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0245.507] GetWindowTextLengthW (hWnd=0x2202dc) returned 0
[0245.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0245.507] GetSystemMetrics (nIndex=42) returned 0
[0245.507] GetWindowTextW (in: hWnd=0x2202dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0245.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0245.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0245.507] GetWindowThreadProcessId (in: hWnd=0x1c02c8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0245.507] GetWindow (hWnd=0x1c02c8, uCmd=0x5) returned 0x0
[0245.507] GetWindowLongW (hWnd=0x1c02c8, nIndex=-20) returned 65792
[0245.507] DestroyWindow (hWnd=0x1c02c8) returned 1
[0245.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0245.507] GetWindowTextLengthW (hWnd=0x1c02c8) returned 25
[0245.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0245.508] GetSystemMetrics (nIndex=42) returned 0
[0245.508] GetWindowTextW (in: hWnd=0x1c02c8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0245.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0245.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0245.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1c02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.509] GetWindowTextLengthW (hWnd=0x2500ea) returned 232
[0245.509] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0245.509] GetSystemMetrics (nIndex=42) returned 0
[0245.509] GetWindowTextW (in: hWnd=0x2500ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0245.509] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0245.509] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0245.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0245.509] InvalidateRect (hWnd=0x2202de, lpRect=0x0, bErase=0) returned 1
[0245.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0245.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0245.509] SendMessageW (hWnd=0x1802ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0245.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0245.510] SendMessageW (hWnd=0x1802ce, Msg=0xb0, wParam=0x2e9e694, lParam=0xd7e480) returned 0x0
[0245.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0xb0, wParam=0x2e9e694, lParam=0xd7e480) returned 0x0
[0245.510] GetWindowTextLengthW (hWnd=0x1802ce) returned 4363
[0245.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0245.510] GetSystemMetrics (nIndex=42) returned 0
[0245.510] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0245.510] GetWindowTextW (in: hWnd=0x1802ce, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0245.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0245.510] CoTaskMemFree (pv=0x120a4b0)
[0245.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0245.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.511] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2500ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.514] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2202de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.515] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1702d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.516] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1802ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0245.519] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.519] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.519] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.519] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.519] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.519] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.519] IsWindowUnicode (hWnd=0x7005c) returned 1
[0245.519] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.519] SetCursor (hCursor=0x10003) returned 0x10003
[0245.520] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.520] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.520] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0245.520] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0245.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0245.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x110023b) returned 0x0
[0245.520] GetKeyState (nVirtKey=1) returned 1
[0245.520] GetKeyState (nVirtKey=2) returned 0
[0245.520] GetKeyState (nVirtKey=4) returned 0
[0245.520] GetKeyState (nVirtKey=5) returned 0
[0245.520] GetKeyState (nVirtKey=6) returned 0
[0245.520] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.520] IsWindowUnicode (hWnd=0x7005c) returned 1
[0245.520] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.520] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.520] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.521] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.521] IsWindowUnicode (hWnd=0x7005c) returned 1
[0245.521] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f9) returned 0x1
[0245.521] SetCursor (hCursor=0x10003) returned 0x10003
[0245.521] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.521] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x110023b) returned 0x0
[0245.521] GetKeyState (nVirtKey=1) returned 1
[0245.521] GetKeyState (nVirtKey=2) returned 0
[0245.521] GetKeyState (nVirtKey=4) returned 0
[0245.521] GetKeyState (nVirtKey=5) returned 0
[0245.521] GetKeyState (nVirtKey=6) returned 0
[0245.521] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.522] IsWindowUnicode (hWnd=0x602c4) returned 1
[0245.522] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.522] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.522] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.522] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.523] IsWindowUnicode (hWnd=0x602c4) returned 1
[0245.523] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.523] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.523] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.523] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0245.523] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.523] CreateCompatibleDC (hdc=0xc0107c5) returned 0x6010803
[0245.523] SelectObject (hdc=0x6010803, h=0x4a0507fe) returned 0x85000f
[0245.523] GdipCreateFromHDC (hdc=0x6010803, graphics=0xd7e798) returned 0x0
[0245.523] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0245.523] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0245.523] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0245.523] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0245.523] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e7f8) returned 0x0
[0245.523] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0245.524] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eead0) returned 0x0
[0245.524] LocalFree (hMem=0x11eead0) returned 0x0
[0245.524] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0245.524] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0245.524] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0245.524] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0245.524] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0245.524] GdipRestoreGraphics (graphics=0x6600030, state=0xf8740dbd) returned 0x0
[0245.524] GdipDeleteRegion (region=0x6646688) returned 0x0
[0245.524] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0245.524] GetCurrentObject (hdc=0x6010803, type=0x1) returned 0xb00017
[0245.524] GetCurrentObject (hdc=0x6010803, type=0x2) returned 0x900010
[0245.524] GetCurrentObject (hdc=0x6010803, type=0x7) returned 0x4a0507fe
[0245.524] GetCurrentObject (hdc=0x6010803, type=0x6) returned 0x8a01c2
[0245.524] SaveDC (hdc=0x6010803) returned 1
[0245.524] GetNearestColor (hdc=0x6010803, color=0xff) returned 0xff
[0245.524] GetNearestColor (hdc=0x6010803, color=0x55) returned 0x55
[0245.524] GetNearestColor (hdc=0x6010803, color=0x0) returned 0x0
[0245.524] GetNearestColor (hdc=0x6010803, color=0x55) returned 0x55
[0245.524] GetNearestColor (hdc=0x6010803, color=0x0) returned 0x0
[0245.525] GetNearestColor (hdc=0x6010803, color=0x8080ff) returned 0x8080ff
[0245.525] GetNearestColor (hdc=0x6010803, color=0x7373e5) returned 0x7373e5
[0245.525] GetNearestColor (hdc=0x6010803, color=0xe5) returned 0xe5
[0245.525] GetNearestColor (hdc=0x6010803, color=0x0) returned 0x0
[0245.525] RestoreDC (hdc=0x6010803, nSavedDC=-1) returned 1
[0245.525] GdipReleaseDC (graphics=0x6600030, hdc=0x6010803) returned 0x0
[0245.525] IsAppThemed () returned 0x1
[0245.525] GetThemeAppProperties () returned 0x3
[0245.525] GetThemeAppProperties () returned 0x3
[0245.525] IsAppThemed () returned 0x1
[0245.525] GetThemeAppProperties () returned 0x3
[0245.525] GetThemeAppProperties () returned 0x3
[0245.525] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2eda5d8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0245.525] IsAppThemed () returned 0x1
[0245.525] GetThemeAppProperties () returned 0x3
[0245.525] GetThemeAppProperties () returned 0x3
[0245.525] IsAppThemed () returned 0x1
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] GetFocus () returned 0x602c4
[0245.526] IsAppThemed () returned 0x1
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] IsAppThemed () returned 0x1
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] IsThemePartDefined () returned 0x1
[0245.526] IsAppThemed () returned 0x1
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0245.526] IsAppThemed () returned 0x1
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] IsAppThemed () returned 0x1
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] GetThemeAppProperties () returned 0x3
[0245.526] IsThemePartDefined () returned 0x1
[0245.526] GdipCreateRegion (region=0xd7e508) returned 0x0
[0245.526] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0245.526] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0245.526] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0245.526] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e520) returned 0x0
[0245.526] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0245.527] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0245.527] LocalFree (hMem=0x11ee8d8) returned 0x0
[0245.527] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.527] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0245.527] LocalFree (hMem=0x11eec58) returned 0x0
[0245.527] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0245.527] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e548) returned 0x0
[0245.527] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e538) returned 0x0
[0245.527] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0245.527] GdipDeleteRegion (region=0x6646448) returned 0x0
[0245.527] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0245.527] GetCurrentObject (hdc=0x6010803, type=0x1) returned 0xb00017
[0245.527] GetCurrentObject (hdc=0x6010803, type=0x2) returned 0x900010
[0245.527] GetCurrentObject (hdc=0x6010803, type=0x7) returned 0x4a0507fe
[0245.527] GetCurrentObject (hdc=0x6010803, type=0x6) returned 0x8a01c2
[0245.527] SaveDC (hdc=0x6010803) returned 1
[0245.527] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x260407de
[0245.527] GetClipRgn (hdc=0x6010803, hrgn=0x260407de) returned 0
[0245.527] SelectClipRgn (hdc=0x6010803, hrgn=0x90040807) returned 2
[0245.527] DeleteObject (ho=0x260407de) returned 1
[0245.527] DeleteObject (ho=0x90040807) returned 1
[0245.528] OffsetViewportOrgEx (in: hdc=0x6010803, x=0, y=0, lppt=0x2edac88 | out: lppt=0x2edac88) returned 1
[0245.528] DrawThemeParentBackground () returned 0x0
[0245.528] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0245.528] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0245.528] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0245.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.528] GetSystemMetrics (nIndex=42) returned 0
[0245.528] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0245.528] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0245.541] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0245.541] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0245.541] SelectPalette (hdc=0x6010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.541] GdipCreateFromHDC (hdc=0x6010803, graphics=0xd7dff8) returned 0x0
[0245.542] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0245.542] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0245.542] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638ab8) returned 0x0
[0245.542] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfd0) returned 0x0
[0245.542] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0245.542] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0245.542] GdipGetClip (graphics=0x6640bc0, region=0x6646f88) returned 0x0
[0245.542] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6640bc0, result=0xd7dfc4) returned 0x0
[0245.542] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0245.542] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dff0) returned 0x0
[0245.542] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0245.551] GdipFillRectangleI (graphics=0x6640bc0, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0245.551] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0245.553] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0245.553] SelectPalette (hdc=0x6010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.553] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0245.553] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.553] GetSystemMetrics (nIndex=42) returned 0
[0245.553] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.553] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0245.554] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0245.554] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0245.554] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0245.554] SelectPalette (hdc=0x6010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0245.554] GdipCreateFromHDC (hdc=0x6010803, graphics=0xd7df98) returned 0x0
[0245.554] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0245.554] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0245.554] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638a28) returned 0x0
[0245.554] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df70) returned 0x0
[0245.554] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0245.554] GdipCreateRegion (region=0xd7df58) returned 0x0
[0245.554] GdipGetClip (graphics=0x6640bc0, region=0x6646b08) returned 0x0
[0245.555] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6640bc0, result=0xd7df64) returned 0x0
[0245.555] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0245.555] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7df90) returned 0x0
[0245.555] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0245.568] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0245.568] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0245.570] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf8700dbd) returned 0x0
[0245.570] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0245.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0245.570] GetSystemMetrics (nIndex=42) returned 0
[0245.570] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0245.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0245.570] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0245.571] SelectPalette (hdc=0x6010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.571] RestoreDC (hdc=0x6010803, nSavedDC=-1) returned 1
[0245.571] GdipReleaseDC (graphics=0x6600030, hdc=0x6010803) returned 0x0
[0245.571] IsAppThemed () returned 0x1
[0245.571] GetThemeAppProperties () returned 0x3
[0245.571] GetThemeAppProperties () returned 0x3
[0245.571] IsAppThemed () returned 0x1
[0245.571] GetThemeAppProperties () returned 0x3
[0245.571] GetThemeAppProperties () returned 0x3
[0245.571] IsThemePartDefined () returned 0x1
[0245.571] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0245.571] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0245.571] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0245.572] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0245.572] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e4a4) returned 0x0
[0245.572] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0245.572] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0245.572] LocalFree (hMem=0x11eea28) returned 0x0
[0245.572] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0245.572] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0245.572] LocalFree (hMem=0x11eec58) returned 0x0
[0245.572] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0245.572] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0245.572] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0245.572] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0245.572] GdipDeleteRegion (region=0x6646568) returned 0x0
[0245.572] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0245.572] GetCurrentObject (hdc=0x6010803, type=0x1) returned 0xb00017
[0245.572] GetCurrentObject (hdc=0x6010803, type=0x2) returned 0x900010
[0245.573] GetCurrentObject (hdc=0x6010803, type=0x7) returned 0x4a0507fe
[0245.573] GetCurrentObject (hdc=0x6010803, type=0x6) returned 0x8a01c2
[0245.573] SaveDC (hdc=0x6010803) returned 1
[0245.573] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x91040807
[0245.573] GetClipRgn (hdc=0x6010803, hrgn=0x91040807) returned 0
[0245.573] SelectClipRgn (hdc=0x6010803, hrgn=0x280407de) returned 2
[0245.573] DeleteObject (ho=0x91040807) returned 1
[0245.573] DeleteObject (ho=0x280407de) returned 1
[0245.573] OffsetViewportOrgEx (in: hdc=0x6010803, x=0, y=0, lppt=0x2ee14d8 | out: lppt=0x2ee14d8) returned 1
[0245.573] IsAppThemed () returned 0x1
[0245.573] GetThemeAppProperties () returned 0x3
[0245.573] GetThemeAppProperties () returned 0x3
[0245.573] DrawThemeBackground () returned 0x0
[0245.574] RestoreDC (hdc=0x6010803, nSavedDC=-1) returned 1
[0245.574] GdipReleaseDC (graphics=0x6600030, hdc=0x6010803) returned 0x0
[0245.574] GdipCreateRegion (region=0xd7e490) returned 0x0
[0245.574] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0245.574] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0245.574] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0245.574] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a8) returned 0x0
[0245.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0245.574] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0245.574] LocalFree (hMem=0x11ee868) returned 0x0
[0245.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0245.574] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea60) returned 0x0
[0245.574] LocalFree (hMem=0x11eea60) returned 0x0
[0245.574] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0245.574] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0245.575] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0245.575] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0245.575] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0245.575] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0245.575] GetCurrentObject (hdc=0x6010803, type=0x1) returned 0xb00017
[0245.575] GetCurrentObject (hdc=0x6010803, type=0x2) returned 0x900010
[0245.582] GetCurrentObject (hdc=0x6010803, type=0x7) returned 0x4a0507fe
[0245.582] GetCurrentObject (hdc=0x6010803, type=0x6) returned 0x8a01c2
[0245.582] SaveDC (hdc=0x6010803) returned 1
[0245.582] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x290407de
[0245.582] GetClipRgn (hdc=0x6010803, hrgn=0x290407de) returned 0
[0245.582] SelectClipRgn (hdc=0x6010803, hrgn=0x92040807) returned 2
[0245.583] DeleteObject (ho=0x290407de) returned 1
[0245.583] DeleteObject (ho=0x92040807) returned 1
[0245.583] OffsetViewportOrgEx (in: hdc=0x6010803, x=0, y=0, lppt=0x2ee17ac | out: lppt=0x2ee17ac) returned 1
[0245.583] IsAppThemed () returned 0x1
[0245.583] GetThemeAppProperties () returned 0x3
[0245.583] GetThemeAppProperties () returned 0x3
[0245.583] GetThemeBackgroundContentRect () returned 0x0
[0245.583] RestoreDC (hdc=0x6010803, nSavedDC=-1) returned 1
[0245.583] GdipReleaseDC (graphics=0x6600030, hdc=0x6010803) returned 0x0
[0245.583] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0245.583] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0245.583] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0245.583] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0245.583] IsAppThemed () returned 0x1
[0245.583] GetThemeAppProperties () returned 0x3
[0245.584] GetThemeAppProperties () returned 0x3
[0245.584] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0245.584] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0245.584] GetCurrentObject (hdc=0x6010803, type=0x1) returned 0xb00017
[0245.584] GetCurrentObject (hdc=0x6010803, type=0x2) returned 0x900010
[0245.584] GetCurrentObject (hdc=0x6010803, type=0x7) returned 0x4a0507fe
[0245.584] GetCurrentObject (hdc=0x6010803, type=0x6) returned 0x8a01c2
[0245.584] SaveDC (hdc=0x6010803) returned 1
[0245.584] GetTextAlign (hdc=0x6010803) returned 0x0
[0245.584] GetTextColor (hdc=0x6010803) returned 0x0
[0245.584] GetCurrentObject (hdc=0x6010803, type=0x6) returned 0x8a01c2
[0245.584] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0245.584] SelectObject (hdc=0x6010803, h=0x6d0a0520) returned 0x8a01c2
[0245.584] GetBkMode (hdc=0x6010803) returned 2
[0245.585] SetBkMode (hdc=0x6010803, mode=1) returned 2
[0245.585] DrawTextExW (in: hdc=0x6010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2ee1b70 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0245.585] DrawTextExW (in: hdc=0x6010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2ee1b70 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0245.585] RestoreDC (hdc=0x6010803, nSavedDC=-1) returned 1
[0245.586] GdipReleaseDC (graphics=0x6600030, hdc=0x6010803) returned 0x0
[0245.586] GetFocus () returned 0x602c4
[0245.586] IsAppThemed () returned 0x1
[0245.586] GetThemeAppProperties () returned 0x3
[0245.586] GetThemeAppProperties () returned 0x3
[0245.586] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0245.586] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x6010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0245.586] GdipReleaseDC (graphics=0x6600030, hdc=0x6010803) returned 0x0
[0245.586] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0245.586] SelectObject (hdc=0x6010803, h=0x85000f) returned 0x4a0507fe
[0245.586] DeleteDC (hdc=0x6010803) returned 1
[0245.586] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0245.587] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0245.587] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.587] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.587] WaitMessage () returned 1
[0245.588] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.588] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.588] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.588] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.588] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.589] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.589] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.589] WaitMessage () returned 1
[0245.613] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.613] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.613] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.613] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.613] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.614] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.614] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.614] WaitMessage () returned 1
[0245.616] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.616] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.616] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.616] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.616] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.617] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.617] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.617] WaitMessage () returned 1
[0245.618] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.618] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.618] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.618] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.618] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.619] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.620] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.620] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.620] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.620] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.620] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.620] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.620] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.620] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.620] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.620] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.621] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.621] WaitMessage () returned 1
[0245.621] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.621] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.621] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.622] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.622] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.627] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.628] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.628] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.628] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.628] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.628] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.628] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.628] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.628] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.628] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.628] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.629] IsWindowUnicode (hWnd=0x7005c) returned 1
[0245.629] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.629] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.629] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.629] IsWindowUnicode (hWnd=0x7005c) returned 1
[0245.629] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.629] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.629] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x110023b) returned 0x0
[0245.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.630] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.630] WaitMessage () returned 1
[0245.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.632] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.632] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.632] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.632] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.633] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.634] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.634] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.634] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.634] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.634] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.634] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.634] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.634] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.634] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.634] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.635] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.635] WaitMessage () returned 1
[0245.635] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.635] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.635] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.636] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.636] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.638] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.638] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.638] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.639] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.639] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.639] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.639] IsWindowUnicode (hWnd=0x30122) returned 1
[0245.639] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.639] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.639] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.639] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.640] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.640] WaitMessage () returned 1
[0245.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.797] IsWindowUnicode (hWnd=0x502c6) returned 1
[0245.797] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0245.797] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0245.797] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0245.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0245.797] WaitMessage () returned 1
[0247.737] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.737] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0247.738] IsWindowUnicode (hWnd=0x602c4) returned 1
[0247.738] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.738] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0247.738] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0247.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0247.738] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.738] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0247.738] IsWindowUnicode (hWnd=0x602c4) returned 1
[0247.738] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.738] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0247.738] SetCursor (hCursor=0x10003) returned 0x10003
[0247.739] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0247.739] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0247.739] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0247.739] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0247.739] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0247.739] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0247.739] GetKeyState (nVirtKey=1) returned 1
[0247.739] GetKeyState (nVirtKey=2) returned 0
[0247.739] GetKeyState (nVirtKey=4) returned 0
[0247.739] GetKeyState (nVirtKey=5) returned 0
[0247.739] GetKeyState (nVirtKey=6) returned 0
[0247.739] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.739] IsWindowUnicode (hWnd=0x602c4) returned 1
[0247.739] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.739] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0247.740] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0247.740] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0247.740] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0247.740] CreateCompatibleDC (hdc=0xc0107c5) returned 0x540107a2
[0247.740] SelectObject (hdc=0x540107a2, h=0x4a0507fe) returned 0x85000f
[0247.740] GdipCreateFromHDC (hdc=0x540107a2, graphics=0xd7e798) returned 0x0
[0247.740] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0247.740] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0247.741] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0247.741] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0247.741] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e7f8) returned 0x0
[0247.741] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0247.741] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea28) returned 0x0
[0247.741] LocalFree (hMem=0x11eea28) returned 0x0
[0247.741] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0247.741] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0247.741] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0247.741] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0247.741] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0247.741] GdipRestoreGraphics (graphics=0x6600030, state=0xf86e0dbd) returned 0x0
[0247.741] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0247.741] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0247.741] GetCurrentObject (hdc=0x540107a2, type=0x1) returned 0xb00017
[0247.741] GetCurrentObject (hdc=0x540107a2, type=0x2) returned 0x900010
[0247.742] GetCurrentObject (hdc=0x540107a2, type=0x7) returned 0x4a0507fe
[0247.742] GetCurrentObject (hdc=0x540107a2, type=0x6) returned 0x8a01c2
[0247.742] SaveDC (hdc=0x540107a2) returned 1
[0247.742] GetNearestColor (hdc=0x540107a2, color=0xff) returned 0xff
[0247.742] GetNearestColor (hdc=0x540107a2, color=0x55) returned 0x55
[0247.742] GetNearestColor (hdc=0x540107a2, color=0x0) returned 0x0
[0247.742] GetNearestColor (hdc=0x540107a2, color=0x55) returned 0x55
[0247.742] GetNearestColor (hdc=0x540107a2, color=0x0) returned 0x0
[0247.742] GetNearestColor (hdc=0x540107a2, color=0x8080ff) returned 0x8080ff
[0247.742] GetNearestColor (hdc=0x540107a2, color=0x7373e5) returned 0x7373e5
[0247.742] GetNearestColor (hdc=0x540107a2, color=0xe5) returned 0xe5
[0247.742] GetNearestColor (hdc=0x540107a2, color=0x0) returned 0x0
[0247.742] RestoreDC (hdc=0x540107a2, nSavedDC=-1) returned 1
[0247.743] GdipReleaseDC (graphics=0x6600030, hdc=0x540107a2) returned 0x0
[0247.743] IsAppThemed () returned 0x1
[0247.743] GetThemeAppProperties () returned 0x3
[0247.743] GetThemeAppProperties () returned 0x3
[0247.743] IsAppThemed () returned 0x1
[0247.743] GetThemeAppProperties () returned 0x3
[0247.743] GetThemeAppProperties () returned 0x3
[0247.743] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2ee24bc | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0247.743] IsAppThemed () returned 0x1
[0247.743] GetThemeAppProperties () returned 0x3
[0247.743] GetThemeAppProperties () returned 0x3
[0247.743] IsAppThemed () returned 0x1
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] IsAppThemed () returned 0x1
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] IsAppThemed () returned 0x1
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] IsThemePartDefined () returned 0x1
[0247.744] IsAppThemed () returned 0x1
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0247.744] IsAppThemed () returned 0x1
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] IsAppThemed () returned 0x1
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] GetThemeAppProperties () returned 0x3
[0247.744] IsThemePartDefined () returned 0x1
[0247.744] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0247.745] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0247.745] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0247.745] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0247.745] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e514) returned 0x0
[0247.745] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0247.745] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0247.745] LocalFree (hMem=0x11ee788) returned 0x0
[0247.745] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0247.745] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0247.745] LocalFree (hMem=0x11eec58) returned 0x0
[0247.745] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0247.745] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0247.745] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0247.745] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0247.745] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0247.745] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0247.745] GetCurrentObject (hdc=0x540107a2, type=0x1) returned 0xb00017
[0247.745] GetCurrentObject (hdc=0x540107a2, type=0x2) returned 0x900010
[0247.746] GetCurrentObject (hdc=0x540107a2, type=0x7) returned 0x4a0507fe
[0247.746] GetCurrentObject (hdc=0x540107a2, type=0x6) returned 0x8a01c2
[0247.746] SaveDC (hdc=0x540107a2) returned 1
[0247.746] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x93040807
[0247.746] GetClipRgn (hdc=0x540107a2, hrgn=0x93040807) returned 0
[0247.746] SelectClipRgn (hdc=0x540107a2, hrgn=0x2d0407de) returned 2
[0247.746] DeleteObject (ho=0x93040807) returned 1
[0247.746] DeleteObject (ho=0x2d0407de) returned 1
[0247.746] OffsetViewportOrgEx (in: hdc=0x540107a2, x=0, y=0, lppt=0x2ee2b6c | out: lppt=0x2ee2b6c) returned 1
[0247.746] DrawThemeParentBackground () returned 0x0
[0247.746] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0247.747] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0247.747] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0247.747] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0247.747] GetSystemMetrics (nIndex=42) returned 0
[0247.747] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0247.747] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0247.747] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0247.747] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0247.747] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0247.747] SelectPalette (hdc=0x540107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0247.747] GdipCreateFromHDC (hdc=0x540107a2, graphics=0xd7dff0) returned 0x0
[0247.747] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0247.748] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0247.748] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638a88) returned 0x0
[0247.748] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfc8) returned 0x0
[0247.748] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0247.748] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0247.748] GdipGetClip (graphics=0x6640bc0, region=0x6646b98) returned 0x0
[0247.748] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6640bc0, result=0xd7dfbc) returned 0x0
[0247.748] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0247.748] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dfe8) returned 0x0
[0247.748] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0247.755] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0247.756] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0247.757] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0247.757] SelectPalette (hdc=0x540107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0247.757] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0247.758] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0247.758] GetSystemMetrics (nIndex=42) returned 0
[0247.758] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0247.758] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0247.758] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0247.758] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0247.758] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0247.758] SelectPalette (hdc=0x540107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0247.758] GdipCreateFromHDC (hdc=0x540107a2, graphics=0xd7df90) returned 0x0
[0247.758] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0247.758] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0247.758] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638ab8) returned 0x0
[0247.758] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df68) returned 0x0
[0247.758] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0247.759] GdipCreateRegion (region=0xd7df50) returned 0x0
[0247.759] GdipGetClip (graphics=0x6640bc0, region=0x6646958) returned 0x0
[0247.759] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6640bc0, result=0xd7df5c) returned 0x0
[0247.759] GdipDeleteRegion (region=0x6646958) returned 0x0
[0247.759] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7df88) returned 0x0
[0247.759] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0247.766] GdipFillRectangleI (graphics=0x6640bc0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0247.766] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0247.768] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf86a0dbd) returned 0x0
[0247.768] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0247.768] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0247.768] GetSystemMetrics (nIndex=42) returned 0
[0247.768] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0247.768] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0247.768] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0247.768] SelectPalette (hdc=0x540107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0247.768] RestoreDC (hdc=0x540107a2, nSavedDC=-1) returned 1
[0247.768] GdipReleaseDC (graphics=0x6600030, hdc=0x540107a2) returned 0x0
[0247.768] IsAppThemed () returned 0x1
[0247.769] GetThemeAppProperties () returned 0x3
[0247.769] GetThemeAppProperties () returned 0x3
[0247.769] IsAppThemed () returned 0x1
[0247.769] GetThemeAppProperties () returned 0x3
[0247.769] GetThemeAppProperties () returned 0x3
[0247.769] IsThemePartDefined () returned 0x1
[0247.769] GdipCreateRegion (region=0xd7e480) returned 0x0
[0247.769] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0247.769] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0247.769] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0247.769] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e498) returned 0x0
[0247.769] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0247.769] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0247.769] LocalFree (hMem=0x11eead0) returned 0x0
[0247.769] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0247.769] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0247.769] LocalFree (hMem=0x11eec58) returned 0x0
[0247.769] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0247.769] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0247.770] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0247.770] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0247.770] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0247.770] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0247.770] GetCurrentObject (hdc=0x540107a2, type=0x1) returned 0xb00017
[0247.770] GetCurrentObject (hdc=0x540107a2, type=0x2) returned 0x900010
[0247.770] GetCurrentObject (hdc=0x540107a2, type=0x7) returned 0x4a0507fe
[0247.770] GetCurrentObject (hdc=0x540107a2, type=0x6) returned 0x8a01c2
[0247.770] SaveDC (hdc=0x540107a2) returned 1
[0247.770] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e0407de
[0247.770] GetClipRgn (hdc=0x540107a2, hrgn=0x2e0407de) returned 0
[0247.770] SelectClipRgn (hdc=0x540107a2, hrgn=0x95040807) returned 2
[0247.770] DeleteObject (ho=0x2e0407de) returned 1
[0247.770] DeleteObject (ho=0x95040807) returned 1
[0247.770] OffsetViewportOrgEx (in: hdc=0x540107a2, x=0, y=0, lppt=0x2ee93bc | out: lppt=0x2ee93bc) returned 1
[0247.771] IsAppThemed () returned 0x1
[0247.771] GetThemeAppProperties () returned 0x3
[0247.771] GetThemeAppProperties () returned 0x3
[0247.771] DrawThemeBackground () returned 0x0
[0247.771] RestoreDC (hdc=0x540107a2, nSavedDC=-1) returned 1
[0247.771] GdipReleaseDC (graphics=0x6600030, hdc=0x540107a2) returned 0x0
[0247.771] GdipCreateRegion (region=0xd7e484) returned 0x0
[0247.771] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0247.771] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0247.771] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0247.771] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e49c) returned 0x0
[0247.771] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0247.771] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0247.771] LocalFree (hMem=0x11ee8d8) returned 0x0
[0247.771] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0247.771] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0247.771] LocalFree (hMem=0x11eec58) returned 0x0
[0247.772] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0247.772] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0247.772] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0247.772] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0247.772] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0247.772] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0247.772] GetCurrentObject (hdc=0x540107a2, type=0x1) returned 0xb00017
[0247.772] GetCurrentObject (hdc=0x540107a2, type=0x2) returned 0x900010
[0247.772] GetCurrentObject (hdc=0x540107a2, type=0x7) returned 0x4a0507fe
[0247.772] GetCurrentObject (hdc=0x540107a2, type=0x6) returned 0x8a01c2
[0247.772] SaveDC (hdc=0x540107a2) returned 1
[0247.772] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x96040807
[0247.772] GetClipRgn (hdc=0x540107a2, hrgn=0x96040807) returned 0
[0247.772] SelectClipRgn (hdc=0x540107a2, hrgn=0x2f0407de) returned 2
[0247.772] DeleteObject (ho=0x96040807) returned 1
[0247.772] DeleteObject (ho=0x2f0407de) returned 1
[0247.773] OffsetViewportOrgEx (in: hdc=0x540107a2, x=0, y=0, lppt=0x2ee9690 | out: lppt=0x2ee9690) returned 1
[0247.773] IsAppThemed () returned 0x1
[0247.773] GetThemeAppProperties () returned 0x3
[0247.773] GetThemeAppProperties () returned 0x3
[0247.773] GetThemeBackgroundContentRect () returned 0x0
[0247.773] RestoreDC (hdc=0x540107a2, nSavedDC=-1) returned 1
[0247.773] GdipReleaseDC (graphics=0x6600030, hdc=0x540107a2) returned 0x0
[0247.773] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0247.773] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0247.773] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0247.773] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0247.773] IsAppThemed () returned 0x1
[0247.773] GetThemeAppProperties () returned 0x3
[0247.773] GetThemeAppProperties () returned 0x3
[0247.773] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0247.773] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0247.773] GetCurrentObject (hdc=0x540107a2, type=0x1) returned 0xb00017
[0247.773] GetCurrentObject (hdc=0x540107a2, type=0x2) returned 0x900010
[0247.774] GetCurrentObject (hdc=0x540107a2, type=0x7) returned 0x4a0507fe
[0247.774] GetCurrentObject (hdc=0x540107a2, type=0x6) returned 0x8a01c2
[0247.774] SaveDC (hdc=0x540107a2) returned 1
[0247.774] GetTextAlign (hdc=0x540107a2) returned 0x0
[0247.774] GetTextColor (hdc=0x540107a2) returned 0x0
[0247.774] GetCurrentObject (hdc=0x540107a2, type=0x6) returned 0x8a01c2
[0247.774] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0247.774] SelectObject (hdc=0x540107a2, h=0x6d0a0520) returned 0x8a01c2
[0247.774] GetBkMode (hdc=0x540107a2) returned 2
[0247.774] SetBkMode (hdc=0x540107a2, mode=1) returned 2
[0247.774] DrawTextExW (in: hdc=0x540107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ee9a54 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0247.775] DrawTextExW (in: hdc=0x540107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ee9a54 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0247.775] RestoreDC (hdc=0x540107a2, nSavedDC=-1) returned 1
[0247.775] GdipReleaseDC (graphics=0x6600030, hdc=0x540107a2) returned 0x0
[0247.775] GetFocus () returned 0x602c4
[0247.775] IsAppThemed () returned 0x1
[0247.775] GetThemeAppProperties () returned 0x3
[0247.775] GetThemeAppProperties () returned 0x3
[0247.776] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0247.776] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x540107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0247.776] GdipReleaseDC (graphics=0x6600030, hdc=0x540107a2) returned 0x0
[0247.776] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0247.776] SelectObject (hdc=0x540107a2, h=0x85000f) returned 0x4a0507fe
[0247.776] DeleteDC (hdc=0x540107a2) returned 1
[0247.776] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0247.776] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0247.777] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0247.777] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0247.777] WaitMessage () returned 1
[0247.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.857] IsWindowUnicode (hWnd=0x602c4) returned 1
[0247.857] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.857] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0247.857] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0247.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.857] IsWindowUnicode (hWnd=0x602c4) returned 1
[0247.857] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.857] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0247.857] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0247.857] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0026) returned 0x0
[0247.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0247.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0247.857] WaitMessage () returned 1
[0247.998] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.999] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0247.999] IsWindowUnicode (hWnd=0x602c4) returned 1
[0247.999] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0247.999] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0247.999] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0247.999] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0043) returned 0x0
[0247.999] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0247.999] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0248.000] SetCursor (hCursor=0x10003) returned 0x10003
[0248.000] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.000] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.000] GetKeyState (nVirtKey=1) returned -128
[0248.000] GetKeyState (nVirtKey=2) returned 0
[0248.000] GetKeyState (nVirtKey=4) returned 0
[0248.000] GetKeyState (nVirtKey=5) returned 0
[0248.000] GetKeyState (nVirtKey=6) returned 0
[0248.000] IsWindowVisible (hWnd=0x602c4) returned 1
[0248.000] IsWindowEnabled (hWnd=0x602c4) returned 1
[0248.000] SetFocus (hWnd=0x602c4) returned 0x602c4
[0248.000] GetFocus () returned 0x602c4
[0248.001] GetFocus () returned 0x602c4
[0248.001] GetFocus () returned 0x602c4
[0248.001] GetKeyState (nVirtKey=1) returned -128
[0248.001] GetKeyState (nVirtKey=2) returned 0
[0248.001] GetKeyState (nVirtKey=4) returned 0
[0248.001] GetKeyState (nVirtKey=5) returned 0
[0248.001] GetKeyState (nVirtKey=6) returned 0
[0248.001] GetCapture () returned 0x0
[0248.001] SetCapture (hWnd=0x602c4) returned 0x0
[0248.001] GetKeyState (nVirtKey=1) returned -128
[0248.001] GetKeyState (nVirtKey=2) returned 0
[0248.001] GetKeyState (nVirtKey=4) returned 0
[0248.001] GetKeyState (nVirtKey=5) returned 0
[0248.001] GetKeyState (nVirtKey=6) returned 0
[0248.002] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0248.002] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0248.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.002] IsWindowUnicode (hWnd=0x602c4) returned 1
[0248.002] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.002] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.002] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.002] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ee9bd8, cPoints=0x1 | out: lpPoints=0x2ee9bd8) returned 40304859
[0248.002] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0248.002] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0248.002] UpdateWindow (hWnd=0x602c4) returned 1
[0248.003] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0248.003] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.003] CreateCompatibleDC (hdc=0xc0107c5) returned 0x550107a2
[0248.003] SelectObject (hdc=0x550107a2, h=0x4a0507fe) returned 0x85000f
[0248.003] GdipCreateFromHDC (hdc=0x550107a2, graphics=0xd7e430) returned 0x0
[0248.003] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.003] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0248.003] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0248.004] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0248.004] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e490) returned 0x0
[0248.004] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0248.004] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0248.004] LocalFree (hMem=0x11eead0) returned 0x0
[0248.004] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0248.004] GdipCreateRegion (region=0xd7e478) returned 0x0
[0248.004] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0248.004] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0248.004] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0248.004] GdipRestoreGraphics (graphics=0x6600030, state=0xf8680dbd) returned 0x0
[0248.004] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0248.005] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0248.005] GetCurrentObject (hdc=0x550107a2, type=0x1) returned 0xb00017
[0248.005] GetCurrentObject (hdc=0x550107a2, type=0x2) returned 0x900010
[0248.005] GetCurrentObject (hdc=0x550107a2, type=0x7) returned 0x4a0507fe
[0248.005] GetCurrentObject (hdc=0x550107a2, type=0x6) returned 0x8a01c2
[0248.005] SaveDC (hdc=0x550107a2) returned 1
[0248.005] GetNearestColor (hdc=0x550107a2, color=0xff) returned 0xff
[0248.005] GetNearestColor (hdc=0x550107a2, color=0x55) returned 0x55
[0248.005] GetNearestColor (hdc=0x550107a2, color=0x0) returned 0x0
[0248.005] GetNearestColor (hdc=0x550107a2, color=0x55) returned 0x55
[0248.006] GetNearestColor (hdc=0x550107a2, color=0x0) returned 0x0
[0248.006] GetNearestColor (hdc=0x550107a2, color=0x8080ff) returned 0x8080ff
[0248.006] GetNearestColor (hdc=0x550107a2, color=0x7373e5) returned 0x7373e5
[0248.006] GetNearestColor (hdc=0x550107a2, color=0xe5) returned 0xe5
[0248.006] GetNearestColor (hdc=0x550107a2, color=0x0) returned 0x0
[0248.006] RestoreDC (hdc=0x550107a2, nSavedDC=-1) returned 1
[0248.006] GdipReleaseDC (graphics=0x6600030, hdc=0x550107a2) returned 0x0
[0248.006] IsAppThemed () returned 0x1
[0248.006] GetThemeAppProperties () returned 0x3
[0248.006] GetThemeAppProperties () returned 0x3
[0248.006] IsAppThemed () returned 0x1
[0248.007] GetThemeAppProperties () returned 0x3
[0248.007] GetThemeAppProperties () returned 0x3
[0248.007] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2eea2f4 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0248.007] IsAppThemed () returned 0x1
[0248.007] GetThemeAppProperties () returned 0x3
[0248.007] GetThemeAppProperties () returned 0x3
[0248.007] IsAppThemed () returned 0x1
[0248.007] GetThemeAppProperties () returned 0x3
[0248.007] GetThemeAppProperties () returned 0x3
[0248.008] IsAppThemed () returned 0x1
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] IsAppThemed () returned 0x1
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] IsThemePartDefined () returned 0x1
[0248.008] IsAppThemed () returned 0x1
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0248.008] IsAppThemed () returned 0x1
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] GetThemeAppProperties () returned 0x3
[0248.008] IsAppThemed () returned 0x1
[0248.009] GetThemeAppProperties () returned 0x3
[0248.009] GetThemeAppProperties () returned 0x3
[0248.009] IsThemePartDefined () returned 0x1
[0248.009] GdipCreateRegion (region=0xd7e194) returned 0x0
[0248.009] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0248.009] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0248.009] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0248.009] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e1ac) returned 0x0
[0248.009] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0248.009] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0248.009] LocalFree (hMem=0x11eec58) returned 0x0
[0248.009] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0248.009] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea28) returned 0x0
[0248.010] LocalFree (hMem=0x11eea28) returned 0x0
[0248.010] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0248.010] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0248.010] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0248.010] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0248.010] GdipDeleteRegion (region=0x6646688) returned 0x0
[0248.010] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0248.010] GetCurrentObject (hdc=0x550107a2, type=0x1) returned 0xb00017
[0248.010] GetCurrentObject (hdc=0x550107a2, type=0x2) returned 0x900010
[0248.010] GetCurrentObject (hdc=0x550107a2, type=0x7) returned 0x4a0507fe
[0248.010] GetCurrentObject (hdc=0x550107a2, type=0x6) returned 0x8a01c2
[0248.010] SaveDC (hdc=0x550107a2) returned 1
[0248.011] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x300407de
[0248.011] GetClipRgn (hdc=0x550107a2, hrgn=0x300407de) returned 0
[0248.011] SelectClipRgn (hdc=0x550107a2, hrgn=0x9a040807) returned 2
[0248.011] DeleteObject (ho=0x300407de) returned 1
[0248.011] DeleteObject (ho=0x9a040807) returned 1
[0248.011] OffsetViewportOrgEx (in: hdc=0x550107a2, x=0, y=0, lppt=0x2eea9a4 | out: lppt=0x2eea9a4) returned 1
[0248.011] DrawThemeParentBackground () returned 0x0
[0248.011] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0248.011] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0248.011] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.012] GetSystemMetrics (nIndex=42) returned 0
[0248.012] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0248.012] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0248.012] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0248.012] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0248.012] SelectPalette (hdc=0x550107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.012] GdipCreateFromHDC (hdc=0x550107a2, graphics=0xd7dc88) returned 0x0
[0248.012] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0248.012] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0248.012] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638ae8) returned 0x0
[0248.012] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc60) returned 0x0
[0248.012] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0248.013] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0248.013] GdipGetClip (graphics=0x6640bc0, region=0x6646a78) returned 0x0
[0248.013] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6640bc0, result=0xd7dc54) returned 0x0
[0248.013] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0248.013] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dc80) returned 0x0
[0248.013] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0248.021] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6653570, x=0, y=0, width=801, height=453) returned 0x0
[0248.021] GdipDeleteBrush (brush=0x6653570) returned 0x0
[0248.023] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0248.023] SelectPalette (hdc=0x550107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.023] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.023] GetSystemMetrics (nIndex=42) returned 0
[0248.023] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0248.023] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0248.023] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0248.023] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0248.024] SelectPalette (hdc=0x550107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.024] GdipCreateFromHDC (hdc=0x550107a2, graphics=0xd7dc28) returned 0x0
[0248.024] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0248.024] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0248.024] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638d88) returned 0x0
[0248.024] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc00) returned 0x0
[0248.024] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0248.024] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0248.024] GdipGetClip (graphics=0x6640bc0, region=0x6646448) returned 0x0
[0248.024] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6640bc0, result=0xd7dbf4) returned 0x0
[0248.025] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.025] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dc20) returned 0x0
[0248.025] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0248.033] GdipFillRectangleI (graphics=0x6640bc0, brush=0x66531c8, x=0, y=0, width=801, height=453) returned 0x0
[0248.033] GdipDeleteBrush (brush=0x66531c8) returned 0x0
[0248.035] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf8640dbd) returned 0x0
[0248.035] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.035] GetSystemMetrics (nIndex=42) returned 0
[0248.035] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0248.036] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0248.036] SelectPalette (hdc=0x550107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.036] RestoreDC (hdc=0x550107a2, nSavedDC=-1) returned 1
[0248.036] GdipReleaseDC (graphics=0x6600030, hdc=0x550107a2) returned 0x0
[0248.036] IsAppThemed () returned 0x1
[0248.036] GetThemeAppProperties () returned 0x3
[0248.037] GetThemeAppProperties () returned 0x3
[0248.037] IsAppThemed () returned 0x1
[0248.037] GetThemeAppProperties () returned 0x3
[0248.037] GetThemeAppProperties () returned 0x3
[0248.037] IsThemePartDefined () returned 0x1
[0248.037] GdipCreateRegion (region=0xd7e118) returned 0x0
[0248.037] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.037] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0248.037] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0248.037] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e130) returned 0x0
[0248.037] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0248.037] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0248.037] LocalFree (hMem=0x11ee9f0) returned 0x0
[0248.038] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0248.038] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0248.038] LocalFree (hMem=0x11ee8d8) returned 0x0
[0248.038] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0248.038] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e158) returned 0x0
[0248.038] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e148) returned 0x0
[0248.038] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0248.038] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.038] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0248.038] GetCurrentObject (hdc=0x550107a2, type=0x1) returned 0xb00017
[0248.038] GetCurrentObject (hdc=0x550107a2, type=0x2) returned 0x900010
[0248.038] GetCurrentObject (hdc=0x550107a2, type=0x7) returned 0x4a0507fe
[0248.039] GetCurrentObject (hdc=0x550107a2, type=0x6) returned 0x8a01c2
[0248.039] SaveDC (hdc=0x550107a2) returned 1
[0248.039] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9b040807
[0248.039] GetClipRgn (hdc=0x550107a2, hrgn=0x9b040807) returned 0
[0248.039] SelectClipRgn (hdc=0x550107a2, hrgn=0x320407de) returned 2
[0248.039] DeleteObject (ho=0x9b040807) returned 1
[0248.039] DeleteObject (ho=0x320407de) returned 1
[0248.039] OffsetViewportOrgEx (in: hdc=0x550107a2, x=0, y=0, lppt=0x2ef11f4 | out: lppt=0x2ef11f4) returned 1
[0248.039] IsAppThemed () returned 0x1
[0248.039] GetThemeAppProperties () returned 0x3
[0248.040] GetThemeAppProperties () returned 0x3
[0248.040] DrawThemeBackground () returned 0x0
[0248.040] RestoreDC (hdc=0x550107a2, nSavedDC=-1) returned 1
[0248.040] GdipReleaseDC (graphics=0x6600030, hdc=0x550107a2) returned 0x0
[0248.040] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0248.040] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.040] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0248.040] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0248.040] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e134) returned 0x0
[0248.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.040] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0248.040] LocalFree (hMem=0x11ee788) returned 0x0
[0248.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0248.041] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0248.041] LocalFree (hMem=0x11eec58) returned 0x0
[0248.041] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0248.041] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0248.041] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0248.041] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0248.041] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.041] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0248.041] GetCurrentObject (hdc=0x550107a2, type=0x1) returned 0xb00017
[0248.041] GetCurrentObject (hdc=0x550107a2, type=0x2) returned 0x900010
[0248.041] GetCurrentObject (hdc=0x550107a2, type=0x7) returned 0x4a0507fe
[0248.041] GetCurrentObject (hdc=0x550107a2, type=0x6) returned 0x8a01c2
[0248.042] SaveDC (hdc=0x550107a2) returned 1
[0248.042] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x330407de
[0248.042] GetClipRgn (hdc=0x550107a2, hrgn=0x330407de) returned 0
[0248.042] SelectClipRgn (hdc=0x550107a2, hrgn=0x9c040807) returned 2
[0248.042] DeleteObject (ho=0x330407de) returned 1
[0248.042] DeleteObject (ho=0x9c040807) returned 1
[0248.042] OffsetViewportOrgEx (in: hdc=0x550107a2, x=0, y=0, lppt=0x2ef14c8 | out: lppt=0x2ef14c8) returned 1
[0248.042] IsAppThemed () returned 0x1
[0248.042] GetThemeAppProperties () returned 0x3
[0248.042] GetThemeAppProperties () returned 0x3
[0248.042] GetThemeBackgroundContentRect () returned 0x0
[0248.043] RestoreDC (hdc=0x550107a2, nSavedDC=-1) returned 1
[0248.043] GdipReleaseDC (graphics=0x6600030, hdc=0x550107a2) returned 0x0
[0248.043] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0248.043] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0248.043] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0248.043] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0248.043] IsAppThemed () returned 0x1
[0248.043] GetThemeAppProperties () returned 0x3
[0248.043] GetThemeAppProperties () returned 0x3
[0248.043] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0248.043] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0248.043] GetCurrentObject (hdc=0x550107a2, type=0x1) returned 0xb00017
[0248.044] GetCurrentObject (hdc=0x550107a2, type=0x2) returned 0x900010
[0248.044] GetCurrentObject (hdc=0x550107a2, type=0x7) returned 0x4a0507fe
[0248.045] GetCurrentObject (hdc=0x550107a2, type=0x6) returned 0x8a01c2
[0248.045] SaveDC (hdc=0x550107a2) returned 1
[0248.045] GetTextAlign (hdc=0x550107a2) returned 0x0
[0248.045] GetTextColor (hdc=0x550107a2) returned 0x0
[0248.045] GetCurrentObject (hdc=0x550107a2, type=0x6) returned 0x8a01c2
[0248.046] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0248.046] SelectObject (hdc=0x550107a2, h=0x6d0a0520) returned 0x8a01c2
[0248.046] GetBkMode (hdc=0x550107a2) returned 2
[0248.046] SetBkMode (hdc=0x550107a2, mode=1) returned 2
[0248.046] DrawTextExW (in: hdc=0x550107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2ef188c | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0248.047] DrawTextExW (in: hdc=0x550107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2ef188c | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0248.047] RestoreDC (hdc=0x550107a2, nSavedDC=-1) returned 1
[0248.047] GdipReleaseDC (graphics=0x6600030, hdc=0x550107a2) returned 0x0
[0248.047] GetFocus () returned 0x602c4
[0248.047] IsAppThemed () returned 0x1
[0248.048] GetThemeAppProperties () returned 0x3
[0248.048] GetThemeAppProperties () returned 0x3
[0248.048] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0248.049] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x550107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.049] GdipReleaseDC (graphics=0x6600030, hdc=0x550107a2) returned 0x0
[0248.049] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.049] SelectObject (hdc=0x550107a2, h=0x85000f) returned 0x4a0507fe
[0248.049] DeleteDC (hdc=0x550107a2) returned 1
[0248.050] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.050] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0248.051] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ef1988, cPoints=0x1 | out: lpPoints=0x2ef1988) returned 40304859
[0248.051] WindowFromPoint (Point=0x101) returned 0x602c4
[0248.051] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2740101) returned 0x1
[0248.051] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0248.051] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0248.051] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0248.051] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0248.052] GetSystemMetrics (nIndex=42) returned 0
[0248.052] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0248.052] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0248.058] GetCapture () returned 0x602c4
[0248.058] ReleaseCapture () returned 1
[0248.059] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0248.059] GetProcessWindowStation () returned 0x13c
[0248.059] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.063] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0248.063] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.063] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0248.064] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.066] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0248.066] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.066] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0248.066] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.067] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0248.067] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.067] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0248.067] GetDC (hWnd=0x0) returned 0x60100ce
[0248.067] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0248.070] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0248.070] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.070] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0248.070] GetSystemMetrics (nIndex=5) returned 1
[0248.070] GetSystemMetrics (nIndex=6) returned 1
[0248.071] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.071] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0248.071] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.071] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0248.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0248.085] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0248.085] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.085] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0248.085] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.086] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0248.091] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2ef73a4 | out: lpData=0x2ef73a4) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ef77b4, puLen=0xd7e810) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef745c, puLen=0xd7e790) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef74b0, puLen=0xd7e790) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef7530, puLen=0xd7e790) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef7598, puLen=0xd7e790) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef75d8, puLen=0xd7e790) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef7660, puLen=0xd7e790) returned 1
[0248.092] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef769c, puLen=0xd7e790) returned 1
[0248.093] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef76f4, puLen=0xd7e790) returned 1
[0248.093] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef7724, puLen=0xd7e790) returned 1
[0248.093] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.093] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef7760, puLen=0xd7e790) returned 1
[0248.093] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.093] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ef77b4, puLen=0xd7e784) returned 1
[0248.093] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.093] VerQueryValueW (in: pBlock=0x2ef73a4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ef73cc, puLen=0xd7e794) returned 1
[0248.096] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0248.096] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0248.096] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.096] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0248.097] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.097] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0248.097] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2ef9314 | out: lpData=0x2ef9314) returned 1
[0248.097] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ef93b0, puLen=0xd7e810) returned 1
[0248.097] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef9428, puLen=0xd7e790) returned 1
[0248.097] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef9458, puLen=0xd7e790) returned 1
[0248.097] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef9494, puLen=0xd7e790) returned 1
[0248.097] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef94c4, puLen=0xd7e790) returned 1
[0248.097] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef950c, puLen=0xd7e790) returned 1
[0248.105] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef9584, puLen=0xd7e790) returned 1
[0248.105] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef95c8, puLen=0xd7e790) returned 1
[0248.105] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef9608, puLen=0xd7e790) returned 1
[0248.105] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef9406, puLen=0xd7e790) returned 1
[0248.105] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ef9554, puLen=0xd7e790) returned 1
[0248.106] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.106] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.106] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ef93b0, puLen=0xd7e784) returned 1
[0248.106] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0248.106] VerQueryValueW (in: pBlock=0x2ef9314, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ef933c, puLen=0xd7e794) returned 1
[0248.109] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0248.109] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0248.109] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.109] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0248.109] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.109] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0248.110] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2efb5ec | out: lpData=0x2efb5ec) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2efba00, puLen=0xd7e810) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb6a4, puLen=0xd7e790) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb6f8, puLen=0xd7e790) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb754, puLen=0xd7e790) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb7b4, puLen=0xd7e790) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb80c, puLen=0xd7e790) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb894, puLen=0xd7e790) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb8e8, puLen=0xd7e790) returned 1
[0248.111] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb940, puLen=0xd7e790) returned 1
[0248.112] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb970, puLen=0xd7e790) returned 1
[0248.112] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.112] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efb9ac, puLen=0xd7e790) returned 1
[0248.112] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.112] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2efba00, puLen=0xd7e784) returned 1
[0248.112] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.112] VerQueryValueW (in: pBlock=0x2efb5ec, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2efb614, puLen=0xd7e794) returned 1
[0248.113] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0248.113] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0248.113] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.113] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0248.113] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.113] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0248.114] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2efdc24 | out: lpData=0x2efdc24) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2efe024, puLen=0xd7e810) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdcdc, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdd30, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdd70, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efddd8, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efde30, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdeb8, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdf0c, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdf64, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdf94, puLen=0xd7e790) returned 1
[0248.123] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.124] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2efdfd0, puLen=0xd7e790) returned 1
[0248.124] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.124] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2efe024, puLen=0xd7e784) returned 1
[0248.124] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.124] VerQueryValueW (in: pBlock=0x2efdc24, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2efdc4c, puLen=0xd7e794) returned 1
[0248.125] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0248.125] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0248.125] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.125] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0248.125] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.125] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0248.127] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2f00360 | out: lpData=0x2f00360) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f00728, puLen=0xd7e810) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f00418, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0046c, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f004ac, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f00514, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f00550, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f005d8, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f00610, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f00668, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f00698, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f006d4, puLen=0xd7e790) returned 1
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f00728, puLen=0xd7e784) returned 1
[0248.128] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.128] VerQueryValueW (in: pBlock=0x2f00360, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f00388, puLen=0xd7e794) returned 1
[0248.129] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0248.129] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0248.129] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.130] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0248.130] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.130] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0248.131] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2f039c8 | out: lpData=0x2f039c8) returned 1
[0248.131] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f03da8, puLen=0xd7e810) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03a80, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03ad4, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03b14, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03b74, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03bc0, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03c48, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03c90, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03ce8, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03d18, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f03d54, puLen=0xd7e790) returned 1
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.132] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f03da8, puLen=0xd7e784) returned 1
[0248.132] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.133] VerQueryValueW (in: pBlock=0x2f039c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f039f0, puLen=0xd7e794) returned 1
[0248.151] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0248.154] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0248.154] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.154] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0248.155] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.155] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0248.156] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2f061e8 | out: lpData=0x2f061e8) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f065f4, puLen=0xd7e810) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f062a0, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f062f4, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f06348, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f063a8, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f06400, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f06488, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f064dc, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f06534, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f06564, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f065a0, puLen=0xd7e790) returned 1
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f065f4, puLen=0xd7e784) returned 1
[0248.157] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.157] VerQueryValueW (in: pBlock=0x2f061e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f06210, puLen=0xd7e794) returned 1
[0248.158] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0248.158] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0248.158] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.159] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0248.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.159] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0248.160] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2f089fc | out: lpData=0x2f089fc) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f08dd4, puLen=0xd7e810) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08ab4, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08b08, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08b48, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08bb0, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08bf4, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08c7c, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08cbc, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08d14, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08d44, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f08d80, puLen=0xd7e790) returned 1
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.161] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f08dd4, puLen=0xd7e784) returned 1
[0248.162] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.162] VerQueryValueW (in: pBlock=0x2f089fc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f08a24, puLen=0xd7e794) returned 1
[0248.163] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0248.163] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0248.163] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.163] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0248.163] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.163] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0248.164] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2f0af54 | out: lpData=0x2f0af54) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f0b32c, puLen=0xd7e810) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b00c, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b060, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b0a0, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b108, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b14c, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b1d4, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b214, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b26c, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b29c, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0b2d8, puLen=0xd7e790) returned 1
[0248.166] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.167] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f0b32c, puLen=0xd7e784) returned 1
[0248.167] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.167] VerQueryValueW (in: pBlock=0x2f0af54, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f0af7c, puLen=0xd7e794) returned 1
[0248.168] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0248.168] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0248.168] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0248.168] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0248.168] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0248.168] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0248.169] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2f0d68c | out: lpData=0x2f0d68c) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f0dabc, puLen=0xd7e810) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d744, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d798, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d808, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d868, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d8c4, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d94c, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d9a4, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0d9fc, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0da2c, puLen=0xd7e790) returned 1
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.170] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f0da68, puLen=0xd7e790) returned 1
[0248.171] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0248.171] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f0dabc, puLen=0xd7e784) returned 1
[0248.171] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0248.171] VerQueryValueW (in: pBlock=0x2f0d68c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f0d6b4, puLen=0xd7e794) returned 1
[0248.171] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0248.172] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.172] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0248.172] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.173] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.173] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2302da
[0248.173] SetWindowLongW (hWnd=0x2302da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0248.173] GetWindowLongW (hWnd=0x2302da, nIndex=-4) returned 1950089536
[0248.174] SetWindowLongW (hWnd=0x2302da, nIndex=-4, dwNewLong=19949814) returned 1950089536
[0248.174] GetWindowLongW (hWnd=0x2302da, nIndex=-4) returned 19949814
[0248.174] GetWindowLongW (hWnd=0x2302da, nIndex=-16) returned 113311744
[0248.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0248.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0248.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0248.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0248.175] GetClientRect (in: hWnd=0x2302da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0248.175] GetWindowRect (in: hWnd=0x2302da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0248.176] SetWindowTextW (hWnd=0x2302da, lpString="WindowsFormsParkingWindow") returned 1
[0248.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0xc, wParam=0x0, lParam=0x2ed2c60) returned 0x1
[0248.176] GetParent (hWnd=0x2302da) returned 0x0
[0248.177] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.177] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2302da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1902ce
[0248.177] SetWindowLongW (hWnd=0x1902ce, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0248.177] GetWindowLongW (hWnd=0x1902ce, nIndex=-4) returned 1868147648
[0248.178] SetWindowLongW (hWnd=0x1902ce, nIndex=-4, dwNewLong=19949854) returned 1868147648
[0248.178] GetWindowLongW (hWnd=0x1902ce, nIndex=-4) returned 19949854
[0248.178] GetWindowLongW (hWnd=0x1902ce, nIndex=-16) returned 1174405133
[0248.178] GetWindowLongW (hWnd=0x1902ce, nIndex=-12) returned 0
[0248.178] SetWindowLongW (hWnd=0x1902ce, nIndex=-12, dwNewLong=1639118) returned 0
[0248.178] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0248.179] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0248.179] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0248.180] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0248.180] GetWindowRect (in: hWnd=0x1902ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0248.180] GetParent (hWnd=0x1902ce) returned 0x2302da
[0248.180] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0248.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0248.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0248.181] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0248.181] GetWindowRect (in: hWnd=0x1902ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0248.181] GetParent (hWnd=0x1902ce) returned 0x2302da
[0248.181] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0248.181] SendMessageW (hWnd=0x1902ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1902ce) returned 0x0
[0248.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1902ce) returned 0x0
[0248.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.182] GetParent (hWnd=0x1902ce) returned 0x2302da
[0248.182] GdipCreateFromHWND (hwnd=0x1902ce, graphics=0xd7e844) returned 0x0
[0248.182] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0248.183] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.183] GetForegroundWindow () returned 0x602c4
[0248.184] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.184] GetCursorPos (in: lpPoint=0x2f11998 | out: lpPoint=0x2f11998*(x=257, y=628)) returned 1
[0248.184] MonitorFromPoint (pt=0x101, dwFlags=0x274) returned 0x10001
[0248.184] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0248.185] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x580107a2
[0248.185] GetDeviceCaps (hdc=0x580107a2, index=12) returned 32
[0248.185] GetDeviceCaps (hdc=0x580107a2, index=14) returned 1
[0248.185] DeleteDC (hdc=0x580107a2) returned 1
[0248.185] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0248.185] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0248.185] GetSystemMetrics (nIndex=59) returned 1460
[0248.185] GetSystemMetrics (nIndex=60) returned 920
[0248.185] GetSystemMetrics (nIndex=34) returned 136
[0248.185] GetSystemMetrics (nIndex=35) returned 39
[0248.186] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.186] GetCursorPos (in: lpPoint=0x2f11c04 | out: lpPoint=0x2f11c04*(x=257, y=628)) returned 1
[0248.186] MonitorFromPoint (pt=0x101, dwFlags=0x275) returned 0x10001
[0248.186] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0248.186] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x590107a2
[0248.186] GetDeviceCaps (hdc=0x590107a2, index=12) returned 32
[0248.186] GetDeviceCaps (hdc=0x590107a2, index=14) returned 1
[0248.187] DeleteDC (hdc=0x590107a2) returned 1
[0248.187] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0248.187] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0248.187] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.187] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0248.187] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2f11e9c | out: piconinfo=0x2f11e9c) returned 1
[0248.188] GetObjectW (in: h=0x520505d8, c=24, pv=0x2f11eb8 | out: pv=0x2f11eb8) returned 24
[0248.188] GdipCreateBitmapFromHBITMAP (hbm=0x520505d8, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0248.188] GdipGetImageWidth (image=0x6651ef0, width=0xd7e750) returned 0x0
[0248.188] GdipGetImageHeight (image=0x6651ef0, height=0xd7e748) returned 0x0
[0248.188] GdipGetImagePixelFormat (image=0x6651ef0, format=0xd7e740) returned 0x0
[0248.188] GdipBitmapLockBits (bitmap=0x6651ef0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2f11f70) returned 0x0
[0248.188] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0248.189] GdipBitmapLockBits (bitmap=0x6650b40, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2f11fa8) returned 0x0
[0248.189] RtlMoveMemory (in: Destination=0x6661f60, Source=0x6663ee8, Length=0x80 | out: Destination=0x6661f60)
[0248.189] RtlMoveMemory (in: Destination=0x6661fe0, Source=0x6663e68, Length=0x80 | out: Destination=0x6661fe0)
[0248.189] RtlMoveMemory (in: Destination=0x6662060, Source=0x6663de8, Length=0x80 | out: Destination=0x6662060)
[0248.189] RtlMoveMemory (in: Destination=0x66620e0, Source=0x6663d68, Length=0x80 | out: Destination=0x66620e0)
[0248.189] RtlMoveMemory (in: Destination=0x6662160, Source=0x6663ce8, Length=0x80 | out: Destination=0x6662160)
[0248.189] RtlMoveMemory (in: Destination=0x66621e0, Source=0x6663c68, Length=0x80 | out: Destination=0x66621e0)
[0248.189] RtlMoveMemory (in: Destination=0x6662260, Source=0x6663be8, Length=0x80 | out: Destination=0x6662260)
[0248.189] RtlMoveMemory (in: Destination=0x66622e0, Source=0x6663b68, Length=0x80 | out: Destination=0x66622e0)
[0248.189] RtlMoveMemory (in: Destination=0x6662360, Source=0x6663ae8, Length=0x80 | out: Destination=0x6662360)
[0248.189] RtlMoveMemory (in: Destination=0x66623e0, Source=0x6663a68, Length=0x80 | out: Destination=0x66623e0)
[0248.189] RtlMoveMemory (in: Destination=0x6662460, Source=0x66639e8, Length=0x80 | out: Destination=0x6662460)
[0248.189] RtlMoveMemory (in: Destination=0x66624e0, Source=0x6663968, Length=0x80 | out: Destination=0x66624e0)
[0248.189] RtlMoveMemory (in: Destination=0x6662560, Source=0x66638e8, Length=0x80 | out: Destination=0x6662560)
[0248.189] RtlMoveMemory (in: Destination=0x66625e0, Source=0x6663868, Length=0x80 | out: Destination=0x66625e0)
[0248.190] RtlMoveMemory (in: Destination=0x6662660, Source=0x66637e8, Length=0x80 | out: Destination=0x6662660)
[0248.190] RtlMoveMemory (in: Destination=0x66626e0, Source=0x6663768, Length=0x80 | out: Destination=0x66626e0)
[0248.190] RtlMoveMemory (in: Destination=0x6662760, Source=0x66636e8, Length=0x80 | out: Destination=0x6662760)
[0248.190] RtlMoveMemory (in: Destination=0x66627e0, Source=0x6663668, Length=0x80 | out: Destination=0x66627e0)
[0248.190] RtlMoveMemory (in: Destination=0x6662860, Source=0x66635e8, Length=0x80 | out: Destination=0x6662860)
[0248.190] RtlMoveMemory (in: Destination=0x66628e0, Source=0x6663568, Length=0x80 | out: Destination=0x66628e0)
[0248.190] RtlMoveMemory (in: Destination=0x6662960, Source=0x66634e8, Length=0x80 | out: Destination=0x6662960)
[0248.190] RtlMoveMemory (in: Destination=0x66629e0, Source=0x6663468, Length=0x80 | out: Destination=0x66629e0)
[0248.190] RtlMoveMemory (in: Destination=0x6662a60, Source=0x66633e8, Length=0x80 | out: Destination=0x6662a60)
[0248.190] RtlMoveMemory (in: Destination=0x6662ae0, Source=0x6663368, Length=0x80 | out: Destination=0x6662ae0)
[0248.190] RtlMoveMemory (in: Destination=0x6662b60, Source=0x66632e8, Length=0x80 | out: Destination=0x6662b60)
[0248.190] RtlMoveMemory (in: Destination=0x6662be0, Source=0x6663268, Length=0x80 | out: Destination=0x6662be0)
[0248.190] RtlMoveMemory (in: Destination=0x6662c60, Source=0x66631e8, Length=0x80 | out: Destination=0x6662c60)
[0248.190] RtlMoveMemory (in: Destination=0x6662ce0, Source=0x6663168, Length=0x80 | out: Destination=0x6662ce0)
[0248.190] RtlMoveMemory (in: Destination=0x6662d60, Source=0x66630e8, Length=0x80 | out: Destination=0x6662d60)
[0248.190] RtlMoveMemory (in: Destination=0x6662de0, Source=0x6663068, Length=0x80 | out: Destination=0x6662de0)
[0248.190] RtlMoveMemory (in: Destination=0x6662e60, Source=0x6662fe8, Length=0x80 | out: Destination=0x6662e60)
[0248.191] RtlMoveMemory (in: Destination=0x6662ee0, Source=0x6662f68, Length=0x80 | out: Destination=0x6662ee0)
[0248.191] GdipBitmapUnlockBits (bitmap=0x6651ef0, lockedBitmapData=0x2f11f70) returned 0x0
[0248.191] GdipBitmapUnlockBits (bitmap=0x6650b40, lockedBitmapData=0x2f11fa8) returned 0x0
[0248.191] GdipDisposeImage (image=0x6651ef0) returned 0x0
[0248.191] DeleteObject (ho=0x520505d8) returned 1
[0248.191] DeleteObject (ho=0x5a0507a2) returned 1
[0248.191] GetCurrentThreadId () returned 0xf50
[0248.191] GetCurrentThreadId () returned 0xf50
[0248.191] SetWindowPos (hWnd=0x1902ce, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0248.191] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0248.191] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0248.192] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0248.192] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0248.192] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0248.192] GetWindowRect (in: hWnd=0x1902ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0248.192] GetParent (hWnd=0x1902ce) returned 0x2302da
[0248.192] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0248.192] InvalidateRect (hWnd=0x1902ce, lpRect=0x0, bErase=1) returned 1
[0248.192] GetWindowTextLengthW (hWnd=0x1902ce) returned 0
[0248.192] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0248.192] GetSystemMetrics (nIndex=42) returned 0
[0248.193] GetWindowTextW (in: hWnd=0x1902ce, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0248.193] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0248.193] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0248.193] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0248.193] GetWindowRect (in: hWnd=0x1902ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0248.193] GetParent (hWnd=0x1902ce) returned 0x2302da
[0248.193] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0248.193] GetWindowTextLengthW (hWnd=0x1902ce) returned 0
[0248.193] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0248.193] GetSystemMetrics (nIndex=42) returned 0
[0248.193] GetWindowTextW (in: hWnd=0x1902ce, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0248.193] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0248.193] GetWindowTextLengthW (hWnd=0x1902ce) returned 0
[0248.193] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0248.194] GetSystemMetrics (nIndex=42) returned 0
[0248.194] GetWindowTextW (in: hWnd=0x1902ce, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0248.194] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0248.194] SetWindowTextW (hWnd=0x1902ce, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0248.194] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xc, wParam=0x0, lParam=0x2ef2f7c) returned 0x1
[0248.194] InvalidateRect (hWnd=0x1902ce, lpRect=0x0, bErase=1) returned 1
[0248.194] GetCurrentThreadId () returned 0xf50
[0248.194] GetWindowThreadProcessId (in: hWnd=0x1902ce, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0248.195] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0248.196] GdipImageForceValidation (image=0x66511d0) returned 0x0
[0248.199] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0248.199] GdipGetImageHeight (image=0x66511d0, height=0xd7e824) returned 0x0
[0248.199] GdipGetImageWidth (image=0x66511d0, width=0xd7e824) returned 0x0
[0248.199] GdipGetImageWidth (image=0x66511d0, width=0xd7e810) returned 0x0
[0248.199] GdipGetImageHeight (image=0x66511d0, height=0xd7e810) returned 0x0
[0248.199] GdipGetImageWidth (image=0x66511d0, width=0xd7e800) returned 0x0
[0248.199] GdipGetImageHeight (image=0x66511d0, height=0xd7e800) returned 0x0
[0248.199] GdipBitmapGetPixel (bitmap=0x66511d0, x=0, y=15, color=0xd7e810) returned 0x0
[0248.199] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0248.200] GdipGetImageWidth (image=0x66511d0, width=0xd7e740) returned 0x0
[0248.200] GdipGetImageHeight (image=0x66511d0, height=0xd7e740) returned 0x0
[0248.200] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0248.200] GdipGetImagePixelFormat (image=0x664f100, format=0xd7e740) returned 0x0
[0248.200] GdipGetImageGraphicsContext (image=0x664f100, graphics=0xd7e74c) returned 0x0
[0248.200] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0248.200] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0248.201] GdipSetImageAttributesColorKeys (imageattr=0x6638d28, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0248.201] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66511d0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d28, callback=0x0, callbackData=0x0) returned 0x0
[0248.201] GdipDisposeImageAttributes (imageattr=0x6638d28) returned 0x0
[0248.201] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.201] GdipDisposeImage (image=0x66511d0) returned 0x0
[0248.202] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0248.203] GdipImageForceValidation (image=0x66511d0) returned 0x0
[0248.204] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0248.204] GdipGetImageHeight (image=0x66511d0, height=0xd7e824) returned 0x0
[0248.204] GdipGetImageWidth (image=0x66511d0, width=0xd7e824) returned 0x0
[0248.204] GdipGetImageWidth (image=0x66511d0, width=0xd7e810) returned 0x0
[0248.204] GdipGetImageHeight (image=0x66511d0, height=0xd7e810) returned 0x0
[0248.205] GdipGetImageWidth (image=0x66511d0, width=0xd7e800) returned 0x0
[0248.205] GdipGetImageHeight (image=0x66511d0, height=0xd7e800) returned 0x0
[0248.205] GdipBitmapGetPixel (bitmap=0x66511d0, x=0, y=15, color=0xd7e810) returned 0x0
[0248.205] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0248.205] GdipGetImageWidth (image=0x66511d0, width=0xd7e740) returned 0x0
[0248.205] GdipGetImageHeight (image=0x66511d0, height=0xd7e740) returned 0x0
[0248.205] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0248.205] GdipGetImagePixelFormat (image=0x6651ef0, format=0xd7e740) returned 0x0
[0248.205] GdipGetImageGraphicsContext (image=0x6651ef0, graphics=0xd7e74c) returned 0x0
[0248.205] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0248.205] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0248.205] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0248.205] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66511d0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0248.206] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0248.206] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.206] GdipDisposeImage (image=0x66511d0) returned 0x0
[0248.206] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.207] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0248.207] GetCurrentThreadId () returned 0xf50
[0248.207] GetCurrentThreadId () returned 0xf50
[0248.207] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.207] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0248.207] GetCurrentThreadId () returned 0xf50
[0248.207] GetCurrentThreadId () returned 0xf50
[0248.208] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.208] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0248.208] GetCurrentThreadId () returned 0xf50
[0248.208] GetCurrentThreadId () returned 0xf50
[0248.208] GetSystemMetrics (nIndex=5) returned 1
[0248.208] GetSystemMetrics (nIndex=6) returned 1
[0248.208] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.208] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0248.209] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.209] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0248.209] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.209] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0248.209] GetCurrentThreadId () returned 0xf50
[0248.209] GetCurrentThreadId () returned 0xf50
[0248.209] GetProcessWindowStation () returned 0x13c
[0248.209] GetCapture () returned 0x0
[0248.209] GetActiveWindow () returned 0x7005c
[0248.210] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0248.210] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.210] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0248.210] GetCursorPos (in: lpPoint=0x2f130e8 | out: lpPoint=0x2f130e8*(x=257, y=628)) returned 1
[0248.210] MonitorFromPoint (pt=0x101, dwFlags=0x274) returned 0x10001
[0248.210] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0248.210] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x5b0107a2
[0248.211] GetDeviceCaps (hdc=0x5b0107a2, index=12) returned 32
[0248.211] GetDeviceCaps (hdc=0x5b0107a2, index=14) returned 1
[0248.211] DeleteDC (hdc=0x5b0107a2) returned 1
[0248.211] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0248.211] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.227] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1802d0
[0248.228] SetWindowLongW (hWnd=0x1802d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0248.228] GetWindowLongW (hWnd=0x1802d0, nIndex=-4) returned 1950089536
[0248.229] SetWindowLongW (hWnd=0x1802d0, nIndex=-4, dwNewLong=19948614) returned 1950089536
[0248.229] GetWindowLongW (hWnd=0x1802d0, nIndex=-4) returned 19948614
[0248.229] GetWindowLongW (hWnd=0x1802d0, nIndex=-16) returned 113770496
[0248.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0248.233] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0248.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0248.240] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0248.240] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0248.240] SetWindowTextW (hWnd=0x1802d0, lpString="Microsoft .NET Framework") returned 1
[0248.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xc, wParam=0x0, lParam=0x2c50f5c) returned 0x1
[0248.241] GetStartupInfoW (in: lpStartupInfo=0x2f13424 | out: lpStartupInfo=0x2f13424*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0248.242] GetParent (hWnd=0x1802d0) returned 0x0
[0248.243] SetWindowLongW (hWnd=0x1802d0, nIndex=-8, dwNewLong=0) returned 0
[0248.243] SendMessageW (hWnd=0x1802d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0248.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0248.244] SendMessageW (hWnd=0x1802d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0248.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0248.244] GetSystemMenu (hWnd=0x1802d0, bRevert=0) returned 0x87013b
[0248.244] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0248.245] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0248.245] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0248.245] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0248.245] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0248.245] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0248.245] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0248.245] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0248.245] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0248.245] SetWindowPos (hWnd=0x1802d0, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0248.245] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0248.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1802d0) returned 0x1
[0248.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0248.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0248.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.278] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1802d0, lParam=0x0) returned 0x0
[0248.279] GetCapture () returned 0x0
[0248.279] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0248.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0248.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0248.291] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0248.292] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0248.293] GetParent (hWnd=0x1802d0) returned 0x0
[0248.293] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0248.296] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0248.296] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0248.296] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0248.296] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0248.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.299] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.299] GetWindowLongW (hWnd=0x1802d0, nIndex=-16) returned 113770496
[0248.299] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.299] GetSystemMetrics (nIndex=42) returned 0
[0248.299] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0248.300] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.300] GetSystemMetrics (nIndex=42) returned 0
[0248.300] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0248.300] GetCursorPos (in: lpPoint=0x2f136f0 | out: lpPoint=0x2f136f0*(x=257, y=628)) returned 1
[0248.300] MonitorFromPoint (pt=0x101, dwFlags=0x274) returned 0x10001
[0248.300] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0248.300] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xd001067c
[0248.300] GetDeviceCaps (hdc=0xd001067c, index=12) returned 32
[0248.300] GetDeviceCaps (hdc=0xd001067c, index=14) returned 1
[0248.300] DeleteDC (hdc=0xd001067c) returned 1
[0248.301] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0248.301] GetWindowLongW (hWnd=0x1802d0, nIndex=-16) returned 113770496
[0248.301] GetWindowLongW (hWnd=0x1802d0, nIndex=-20) returned 327945
[0248.301] SetWindowLongW (hWnd=0x1802d0, nIndex=-16, dwNewLong=46661632) returned 113770496
[0248.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0248.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0248.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.303] SetWindowLongW (hWnd=0x1802d0, nIndex=-20, dwNewLong=327681) returned 327945
[0248.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0248.304] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0248.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.306] SetWindowPos (hWnd=0x1802d0, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0248.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0248.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0248.306] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0248.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0248.307] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0248.307] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0248.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.309] RedrawWindow (hWnd=0x1802d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0248.309] GetSystemMenu (hWnd=0x1802d0, bRevert=0) returned 0x87013b
[0248.309] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0248.309] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0248.309] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0248.309] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0248.309] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0248.309] EnableMenuItem (hMenu=0x87013b, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0248.309] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0248.309] GetWindowLongW (hWnd=0x1802d0, nIndex=-8) returned 0
[0248.309] SetWindowLongW (hWnd=0x1802d0, nIndex=-8, dwNewLong=458844) returned 0
[0248.311] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0248.311] GetProcessWindowStation () returned 0x13c
[0248.311] GetCurrentThreadId () returned 0xf50
[0248.311] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130646e, lParam=0x0) returned 1
[0248.311] IsWindowVisible (hWnd=0x1802d0) returned 0
[0248.311] IsWindowVisible (hWnd=0x7005c) returned 1
[0248.311] IsWindowEnabled (hWnd=0x7005c) returned 1
[0248.311] IsWindowVisible (hWnd=0x300ec) returned 0
[0248.311] IsWindowVisible (hWnd=0x502c6) returned 0
[0248.311] IsWindowVisible (hWnd=0x502be) returned 0
[0248.311] GetActiveWindow () returned 0x1802d0
[0248.312] GetFocus () returned 0x1802d0
[0248.312] IsWindow (hWnd=0x7005c) returned 1
[0248.312] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0248.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0248.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0248.313] GetWindowLongW (hWnd=0x1802d0, nIndex=-8) returned 458844
[0248.313] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0248.313] GetCurrentThreadId () returned 0xf50
[0248.313] GetWindowLongW (hWnd=0x1802d0, nIndex=-8) returned 458844
[0248.313] IsWindowEnabled (hWnd=0x7005c) returned 0
[0248.313] IsWindowEnabled (hWnd=0x1802d0) returned 1
[0248.313] ShowWindow (hWnd=0x1802d0, nCmdShow=5) returned 0
[0248.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.313] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0248.313] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.314] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.314] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1802d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2302de
[0248.315] SetWindowLongW (hWnd=0x2302de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0248.315] GetWindowLongW (hWnd=0x2302de, nIndex=-4) returned 1950089536
[0248.315] SetWindowLongW (hWnd=0x2302de, nIndex=-4, dwNewLong=19950534) returned 1950089536
[0248.315] GetWindowLongW (hWnd=0x2302de, nIndex=-4) returned 19950534
[0248.315] GetWindowLongW (hWnd=0x2302de, nIndex=-16) returned 1174405120
[0248.315] GetWindowLongW (hWnd=0x2302de, nIndex=-12) returned 0
[0248.315] SetWindowLongW (hWnd=0x2302de, nIndex=-12, dwNewLong=2294494) returned 0
[0248.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0248.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0248.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0248.316] GetWindow (hWnd=0x2302de, uCmd=0x3) returned 0x0
[0248.316] GetClientRect (in: hWnd=0x2302de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0248.316] GetWindowRect (in: hWnd=0x2302de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0248.316] GetParent (hWnd=0x2302de) returned 0x1802d0
[0248.316] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0248.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0248.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0248.317] GetClientRect (in: hWnd=0x2302de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0248.317] GetWindowRect (in: hWnd=0x2302de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0248.317] GetParent (hWnd=0x2302de) returned 0x1802d0
[0248.317] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0248.317] SendMessageW (hWnd=0x2302de, Msg=0x2210, wParam=0x2de0001, lParam=0x2302de) returned 0x0
[0248.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x2210, wParam=0x2de0001, lParam=0x2302de) returned 0x0
[0248.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.318] GetParent (hWnd=0x2302de) returned 0x1802d0
[0248.318] GetParent (hWnd=0x1902ce) returned 0x2302da
[0248.318] SetParent (hWndChild=0x1902ce, hWndNewParent=0x1802d0) returned 0x2302da
[0248.318] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0248.319] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0248.319] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0248.319] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0248.319] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0248.319] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0248.319] GetWindowRect (in: hWnd=0x1902ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0248.319] GetParent (hWnd=0x1902ce) returned 0x1802d0
[0248.319] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0248.319] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0248.320] GetWindowRect (in: hWnd=0x1902ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0248.320] GetParent (hWnd=0x1902ce) returned 0x1802d0
[0248.320] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0248.320] GetParent (hWnd=0x1902ce) returned 0x1802d0
[0248.320] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.320] GetWindow (hWnd=0x1902ce, uCmd=0x3) returned 0x0
[0248.320] SetWindowPos (hWnd=0x1902ce, hWndInsertAfter=0x2302de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0248.320] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0248.321] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0248.321] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0248.321] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0248.321] GetWindowRect (in: hWnd=0x1902ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0248.321] GetParent (hWnd=0x1902ce) returned 0x1802d0
[0248.321] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0248.321] GetParent (hWnd=0x1902ce) returned 0x1802d0
[0248.321] GetWindow (hWnd=0x1902ce, uCmd=0x3) returned 0x2302de
[0248.321] GetWindowThreadProcessId (in: hWnd=0x1902ce, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0248.321] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0248.322] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.322] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.322] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1802d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2502d8
[0248.323] SetWindowLongW (hWnd=0x2502d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0248.323] GetWindowLongW (hWnd=0x2502d8, nIndex=-4) returned 1868032000
[0248.323] SetWindowLongW (hWnd=0x2502d8, nIndex=-4, dwNewLong=19950374) returned 1868032000
[0248.323] GetWindowLongW (hWnd=0x2502d8, nIndex=-4) returned 19950374
[0248.323] GetWindowLongW (hWnd=0x2502d8, nIndex=-16) returned 1174470667
[0248.323] GetWindowLongW (hWnd=0x2502d8, nIndex=-12) returned 0
[0248.323] SetWindowLongW (hWnd=0x2502d8, nIndex=-12, dwNewLong=2425560) returned 0
[0248.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0248.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0248.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0248.326] SendMessageW (hWnd=0x2502d8, Msg=0x2055, wParam=0x2502d8, lParam=0x3) returned 0x2
[0248.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0248.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0248.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0248.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0248.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0248.327] RedrawWindow (hWnd=0x2302de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0248.327] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0248.327] RedrawWindow (hWnd=0x1902ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0248.327] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0248.327] RedrawWindow (hWnd=0x2502d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0248.327] RedrawWindow (hWnd=0x1802d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0248.327] GetWindow (hWnd=0x2502d8, uCmd=0x3) returned 0x1902ce
[0248.327] GetClientRect (in: hWnd=0x2502d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0248.328] GetWindowRect (in: hWnd=0x2502d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0248.328] GetParent (hWnd=0x2502d8) returned 0x1802d0
[0248.328] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0248.328] SetWindowTextW (hWnd=0x2502d8, lpString="&Details") returned 1
[0248.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0248.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0248.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0248.329] GetClientRect (in: hWnd=0x2502d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0248.329] GetWindowRect (in: hWnd=0x2502d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0248.329] GetParent (hWnd=0x2502d8) returned 0x1802d0
[0248.329] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0248.329] SendMessageW (hWnd=0x2502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2502d8) returned 0x0
[0248.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2502d8) returned 0x0
[0248.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.329] GetParent (hWnd=0x2502d8) returned 0x1802d0
[0248.329] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0248.330] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.330] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.330] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1802d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2600ea
[0248.331] SetWindowLongW (hWnd=0x2600ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0248.331] GetWindowLongW (hWnd=0x2600ea, nIndex=-4) returned 1868032000
[0248.331] SetWindowLongW (hWnd=0x2600ea, nIndex=-4, dwNewLong=19949974) returned 1868032000
[0248.332] GetWindowLongW (hWnd=0x2600ea, nIndex=-4) returned 19949974
[0248.332] GetWindowLongW (hWnd=0x2600ea, nIndex=-16) returned 1174470667
[0248.332] GetWindowLongW (hWnd=0x2600ea, nIndex=-12) returned 0
[0248.332] SetWindowLongW (hWnd=0x2600ea, nIndex=-12, dwNewLong=2490602) returned 0
[0248.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0248.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0248.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0248.334] SendMessageW (hWnd=0x2600ea, Msg=0x2055, wParam=0x2600ea, lParam=0x3) returned 0x2
[0248.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0248.334] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0248.334] GetWindow (hWnd=0x2600ea, uCmd=0x3) returned 0x2502d8
[0248.334] GetClientRect (in: hWnd=0x2600ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0248.334] GetWindowRect (in: hWnd=0x2600ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0248.334] GetParent (hWnd=0x2600ea) returned 0x1802d0
[0248.334] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0248.334] SetWindowTextW (hWnd=0x2600ea, lpString="&Continue") returned 1
[0248.334] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0248.335] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0248.335] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0248.335] GetClientRect (in: hWnd=0x2600ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0248.335] GetWindowRect (in: hWnd=0x2600ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0248.335] GetParent (hWnd=0x2600ea) returned 0x1802d0
[0248.335] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0248.335] SendMessageW (hWnd=0x2600ea, Msg=0x2210, wParam=0xea0001, lParam=0x2600ea) returned 0x0
[0248.335] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x2210, wParam=0xea0001, lParam=0x2600ea) returned 0x0
[0248.335] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.336] GetParent (hWnd=0x2600ea) returned 0x1802d0
[0248.336] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0248.336] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.337] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.337] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1802d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2302dc
[0248.338] SetWindowLongW (hWnd=0x2302dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0248.338] GetWindowLongW (hWnd=0x2302dc, nIndex=-4) returned 1868032000
[0248.338] SetWindowLongW (hWnd=0x2302dc, nIndex=-4, dwNewLong=19950174) returned 1868032000
[0248.339] GetWindowLongW (hWnd=0x2302dc, nIndex=-4) returned 19950174
[0248.339] GetWindowLongW (hWnd=0x2302dc, nIndex=-16) returned 1174470667
[0248.339] GetWindowLongW (hWnd=0x2302dc, nIndex=-12) returned 0
[0248.339] SetWindowLongW (hWnd=0x2302dc, nIndex=-12, dwNewLong=2294492) returned 0
[0248.339] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0248.339] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0248.340] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0248.341] SendMessageW (hWnd=0x2302dc, Msg=0x2055, wParam=0x2302dc, lParam=0x3) returned 0x2
[0248.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0248.341] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0248.341] GetWindow (hWnd=0x2302dc, uCmd=0x3) returned 0x2600ea
[0248.341] GetClientRect (in: hWnd=0x2302dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0248.341] GetWindowRect (in: hWnd=0x2302dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0248.341] GetParent (hWnd=0x2302dc) returned 0x1802d0
[0248.341] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0248.342] SetWindowTextW (hWnd=0x2302dc, lpString="&Quit") returned 1
[0248.342] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0248.342] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0248.342] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0248.342] GetClientRect (in: hWnd=0x2302dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0248.342] GetWindowRect (in: hWnd=0x2302dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0248.343] GetParent (hWnd=0x2302dc) returned 0x1802d0
[0248.343] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0248.343] SendMessageW (hWnd=0x2302dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2302dc) returned 0x0
[0248.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2302dc) returned 0x0
[0248.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.343] GetParent (hWnd=0x2302dc) returned 0x1802d0
[0248.343] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0248.344] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.344] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0248.344] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1802d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d02c8
[0248.345] SetWindowLongW (hWnd=0x1d02c8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0248.345] GetWindowLongW (hWnd=0x1d02c8, nIndex=-4) returned 1868026976
[0248.345] SetWindowLongW (hWnd=0x1d02c8, nIndex=-4, dwNewLong=19950414) returned 1868026976
[0248.345] GetWindowLongW (hWnd=0x1d02c8, nIndex=-4) returned 19950414
[0248.345] GetWindowLongW (hWnd=0x1d02c8, nIndex=-16) returned 1177553092
[0248.345] GetWindowLongW (hWnd=0x1d02c8, nIndex=-12) returned 0
[0248.345] SetWindowLongW (hWnd=0x1d02c8, nIndex=-12, dwNewLong=1901256) returned 0
[0248.345] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0248.347] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0248.348] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0248.370] GetWindow (hWnd=0x1d02c8, uCmd=0x3) returned 0x2302dc
[0248.370] GetClientRect (in: hWnd=0x1d02c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0248.370] GetWindowRect (in: hWnd=0x1d02c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0248.370] GetParent (hWnd=0x1d02c8) returned 0x1802d0
[0248.370] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0248.370] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.370] GetSystemMetrics (nIndex=42) returned 0
[0248.370] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0248.370] SendMessageW (hWnd=0x1d02c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0248.370] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0248.376] SetWindowTextW (hWnd=0x1d02c8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0248.376] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0xc, wParam=0x0, lParam=0x2f0f3e4) returned 0x1
[0248.379] GetSystemMetrics (nIndex=5) returned 1
[0248.379] GetSystemMetrics (nIndex=6) returned 1
[0248.379] SendMessageW (hWnd=0x1d02c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0248.379] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0248.385] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0248.385] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0248.386] GetClientRect (in: hWnd=0x1d02c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0248.386] GetWindowRect (in: hWnd=0x1d02c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0248.386] GetParent (hWnd=0x1d02c8) returned 0x1802d0
[0248.386] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1802d0, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0248.387] SendMessageW (hWnd=0x1d02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1d02c8) returned 0x0
[0248.387] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1d02c8) returned 0x0
[0248.387] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0248.388] GetParent (hWnd=0x1d02c8) returned 0x1802d0
[0248.388] GetWindowLongW (hWnd=0x1802d0, nIndex=-8) returned 458844
[0248.388] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0248.388] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0248.388] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xd701067c
[0248.388] GetDeviceCaps (hdc=0xd701067c, index=12) returned 32
[0248.388] GetDeviceCaps (hdc=0xd701067c, index=14) returned 1
[0248.388] DeleteDC (hdc=0xd701067c) returned 1
[0248.389] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0248.389] GetWindowThreadProcessId (in: hWnd=0x1802d0, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0248.389] GetCurrentThreadId () returned 0xf50
[0248.389] PostMessageW (hWnd=0x1802d0, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0248.389] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.389] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.389] GetSystemMetrics (nIndex=42) returned 0
[0248.389] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.389] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0248.389] GdipImageGetFrameDimensionsCount (image=0x6650b40, count=0xd7e25c) returned 0x0
[0248.389] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201520
[0248.389] GdipImageGetFrameDimensionsList (image=0x6650b40, dimensionIDs=0x1201520*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0248.389] LocalFree (hMem=0x1201520) returned 0x0
[0248.389] GdipImageGetFrameDimensionsCount (image=0x664f100, count=0xd7e250) returned 0x0
[0248.390] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201520
[0248.390] GdipImageGetFrameDimensionsList (image=0x664f100, dimensionIDs=0x1201520*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0248.390] LocalFree (hMem=0x1201520) returned 0x0
[0248.390] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0248.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0248.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0248.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0248.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.409] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0248.409] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0248.409] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.410] GetSystemMetrics (nIndex=42) returned 0
[0248.410] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0248.410] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0248.410] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0248.410] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0248.410] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0x360507f4
[0248.410] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0248.410] SaveDC (hdc=0xc0107c5) returned 1
[0248.410] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0248.410] CreateSolidBrush (color=0xf0f0f0) returned 0x981007e1
[0248.410] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0x981007e1) returned 1
[0248.410] DeleteObject (ho=0x981007e1) returned 1
[0248.411] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0248.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0248.411] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0248.411] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0248.412] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0248.412] GetStockObject (i=5) returned 0x900015
[0248.413] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0248.413] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0248.413] GetStockObject (i=5) returned 0x900015
[0248.413] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0248.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0248.414] GetStockObject (i=5) returned 0x900015
[0248.414] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0248.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0248.414] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0248.414] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0248.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0248.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0248.417] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0248.417] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0248.417] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.417] InvalidateRect (hWnd=0x2502d8, lpRect=0x0, bErase=0) returned 1
[0248.417] GetFocus () returned 0x1802d0
[0248.417] GetFocus () returned 0x1802d0
[0248.417] SetFocus (hWnd=0x2502d8) returned 0x1802d0
[0248.418] GetFocus () returned 0x2502d8
[0248.418] IsChild (hWndParent=0x1802d0, hWnd=0x2502d8) returned 1
[0248.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x8, wParam=0x2502d8, lParam=0x0) returned 0x0
[0248.419] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0248.421] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0248.423] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.423] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x7, wParam=0x1802d0, lParam=0x0) returned 0x0
[0248.423] GetStockObject (i=5) returned 0x900015
[0248.423] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0248.423] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0248.423] GetDlgItem (hDlg=0x1802d0, nIDDlgItem=2425560) returned 0x2502d8
[0248.423] SendMessageW (hWnd=0x2502d8, Msg=0x202b, wParam=0x2502d8, lParam=0xd7e0dc) returned 0x0
[0248.423] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x202b, wParam=0x2502d8, lParam=0xd7e0dc) returned 0x0
[0248.423] InvalidateRect (hWnd=0x2502d8, lpRect=0x0, bErase=0) returned 1
[0248.426] GetFocus () returned 0x2502d8
[0248.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.426] IsWindowUnicode (hWnd=0x1802d0) returned 1
[0248.426] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.426] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.426] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0248.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.426] IsWindowUnicode (hWnd=0x1802d0) returned 1
[0248.426] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.427] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.427] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.427] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0248.427] IsWindowUnicode (hWnd=0x1802d0) returned 1
[0248.427] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.427] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.428] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.428] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.428] IsWindowUnicode (hWnd=0x602c4) returned 1
[0248.428] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.428] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.428] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.428] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0248.428] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0248.428] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.429] IsWindowUnicode (hWnd=0x1802d0) returned 1
[0248.429] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.429] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.429] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.429] BeginPaint (in: hWnd=0x1802d0, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0248.429] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.429] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.430] GetSystemMetrics (nIndex=42) returned 0
[0248.430] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0248.430] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.430] EndPaint (hWnd=0x1802d0, lpPaint=0xd7e274) returned 1
[0248.430] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.430] IsWindowUnicode (hWnd=0x2302de) returned 1
[0248.430] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.430] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.430] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.430] BeginPaint (in: hWnd=0x2302de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0248.430] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.431] CreateCompatibleDC (hdc=0x107b9) returned 0x2a0107f3
[0248.431] SelectObject (hdc=0x2a0107f3, h=0x4a0507fe) returned 0x85000f
[0248.431] GdipCreateFromHDC (hdc=0x2a0107f3, graphics=0xd7e2b0) returned 0x0
[0248.431] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.431] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0248.431] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0248.431] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0248.431] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e310) returned 0x0
[0248.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0248.431] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eed00) returned 0x0
[0248.431] LocalFree (hMem=0x11eed00) returned 0x0
[0248.431] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0248.432] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0248.432] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0248.432] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e304) returned 0x0
[0248.432] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0248.432] GetWindowTextLengthW (hWnd=0x2302de) returned 0
[0248.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0248.432] GetSystemMetrics (nIndex=42) returned 0
[0248.432] GetWindowTextW (in: hWnd=0x2302de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0248.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0248.432] GetClientRect (in: hWnd=0x2302de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0248.432] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0248.432] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0248.432] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0248.432] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0248.432] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e164) returned 0x0
[0248.432] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0248.432] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea98) returned 0x0
[0248.432] LocalFree (hMem=0x11eea98) returned 0x0
[0248.432] GdipCombineRegionRegion (region=0x66469e8, region2=0x6646568, combineMode=0x1) returned 0x0
[0248.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0248.433] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0248.433] LocalFree (hMem=0x11ee868) returned 0x0
[0248.433] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0248.433] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0248.433] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0248.433] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0248.433] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.433] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0248.433] GetCurrentObject (hdc=0x2a0107f3, type=0x1) returned 0xb00017
[0248.433] GetCurrentObject (hdc=0x2a0107f3, type=0x2) returned 0x900010
[0248.433] GetCurrentObject (hdc=0x2a0107f3, type=0x7) returned 0x4a0507fe
[0248.433] GetCurrentObject (hdc=0x2a0107f3, type=0x6) returned 0x8a01c2
[0248.433] SaveDC (hdc=0x2a0107f3) returned 1
[0248.433] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9d040807
[0248.433] GetClipRgn (hdc=0x2a0107f3, hrgn=0x9d040807) returned 0
[0248.434] SelectClipRgn (hdc=0x2a0107f3, hrgn=0x360407de) returned 2
[0248.434] DeleteObject (ho=0x9d040807) returned 1
[0248.434] DeleteObject (ho=0x360407de) returned 1
[0248.434] OffsetViewportOrgEx (in: hdc=0x2a0107f3, x=0, y=0, lppt=0x2f14f7c | out: lppt=0x2f14f7c) returned 1
[0248.434] GetNearestColor (hdc=0x2a0107f3, color=0xf0f0f0) returned 0xf0f0f0
[0248.434] CreateSolidBrush (color=0xf0f0f0) returned 0x991007e1
[0248.434] FillRect (hDC=0x2a0107f3, lprc=0xd7e198, hbr=0x991007e1) returned 1
[0248.434] DeleteObject (ho=0x991007e1) returned 1
[0248.434] RestoreDC (hdc=0x2a0107f3, nSavedDC=-1) returned 1
[0248.435] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107f3) returned 0x0
[0248.435] GdipRestoreGraphics (graphics=0x6600030, state=0xf85e0dbd) returned 0x0
[0248.435] GdipDeleteRegion (region=0x6646568) returned 0x0
[0248.435] GetWindowTextLengthW (hWnd=0x2302de) returned 0
[0248.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0248.435] GetSystemMetrics (nIndex=42) returned 0
[0248.435] GetWindowTextW (in: hWnd=0x2302de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0248.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0248.436] GdipGetImageWidth (image=0x6650b40, width=0xd7e1e0) returned 0x0
[0248.436] GdipGetImageHeight (image=0x6650b40, height=0xd7e1e0) returned 0x0
[0248.436] GdipGetImageWidth (image=0x6650b40, width=0xd7e1cc) returned 0x0
[0248.436] GdipGetImageHeight (image=0x6650b40, height=0xd7e1cc) returned 0x0
[0248.436] GdipDrawImageRectI (graphics=0x6600030, image=0x6650b40, x=16, y=16, width=32, height=32) returned 0x0
[0248.436] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0248.436] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0x2a0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.436] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107f3) returned 0x0
[0248.436] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.436] SelectObject (hdc=0x2a0107f3, h=0x85000f) returned 0x4a0507fe
[0248.437] DeleteDC (hdc=0x2a0107f3) returned 1
[0248.437] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.437] EndPaint (hWnd=0x2302de, lpPaint=0xd7e294) returned 1
[0248.437] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.437] IsWindowUnicode (hWnd=0x1902ce) returned 1
[0248.437] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.437] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.437] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.438] BeginPaint (in: hWnd=0x1902ce, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0248.438] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.438] CreateCompatibleDC (hdc=0x60100ce) returned 0x2c0107f3
[0248.438] GetObjectType (h=0x60100ce) returned 0x3
[0248.438] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0xffffffffbc0507e9
[0248.438] GetDIBits (in: hdc=0x60100ce, hbm=0xbc0507e9, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0248.438] GetDIBits (in: hdc=0x60100ce, hbm=0xbc0507e9, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0248.438] DeleteObject (ho=0xbc0507e9) returned 1
[0248.439] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xe005067c
[0248.439] SelectObject (hdc=0x2c0107f3, h=0xe005067c) returned 0x85000f
[0248.439] GdipCreateFromHDC (hdc=0x2c0107f3, graphics=0xd7e234) returned 0x0
[0248.439] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.439] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0248.439] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0248.439] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0248.439] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2d4) returned 0x0
[0248.440] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0248.440] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0248.440] LocalFree (hMem=0x11ee868) returned 0x0
[0248.440] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0248.440] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0248.440] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0248.447] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0248.447] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0248.447] GetWindowTextLengthW (hWnd=0x1902ce) returned 232
[0248.447] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0248.447] GetSystemMetrics (nIndex=42) returned 0
[0248.447] GetWindowTextW (in: hWnd=0x1902ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0248.447] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0248.447] GetClientRect (in: hWnd=0x1902ce, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0248.447] GdipCreateRegion (region=0xd7e110) returned 0x0
[0248.447] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0248.447] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0248.447] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0248.447] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e128) returned 0x0
[0248.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.447] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0248.447] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.448] GdipCombineRegionRegion (region=0x6646e68, region2=0x66469e8, combineMode=0x1) returned 0x0
[0248.448] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.448] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0248.448] LocalFree (hMem=0x11ee788) returned 0x0
[0248.448] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0248.448] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e150) returned 0x0
[0248.448] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e140) returned 0x0
[0248.448] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0248.448] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0248.448] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0248.448] GetCurrentObject (hdc=0x2c0107f3, type=0x1) returned 0xb00017
[0248.448] GetCurrentObject (hdc=0x2c0107f3, type=0x2) returned 0x900010
[0248.448] GetCurrentObject (hdc=0x2c0107f3, type=0x7) returned 0xffffffffe005067c
[0248.448] GetCurrentObject (hdc=0x2c0107f3, type=0x6) returned 0x8a01c2
[0248.448] SaveDC (hdc=0x2c0107f3) returned 1
[0248.448] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x370407de
[0248.449] GetClipRgn (hdc=0x2c0107f3, hrgn=0x370407de) returned 0
[0248.449] SelectClipRgn (hdc=0x2c0107f3, hrgn=0x9e040807) returned 2
[0248.449] DeleteObject (ho=0x370407de) returned 1
[0248.449] DeleteObject (ho=0x9e040807) returned 1
[0248.449] OffsetViewportOrgEx (in: hdc=0x2c0107f3, x=0, y=0, lppt=0x2f16944 | out: lppt=0x2f16944) returned 1
[0248.449] GetNearestColor (hdc=0x2c0107f3, color=0xf0f0f0) returned 0xf0f0f0
[0248.449] CreateSolidBrush (color=0xf0f0f0) returned 0x9a1007e1
[0248.449] FillRect (hDC=0x2c0107f3, lprc=0xd7e15c, hbr=0x9a1007e1) returned 1
[0248.450] DeleteObject (ho=0x9a1007e1) returned 1
[0248.450] RestoreDC (hdc=0x2c0107f3, nSavedDC=-1) returned 1
[0248.450] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107f3) returned 0x0
[0248.450] GdipRestoreGraphics (graphics=0x6600030, state=0xf85c0dbd) returned 0x0
[0248.450] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.450] GetWindowTextLengthW (hWnd=0x1902ce) returned 232
[0248.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0248.450] GetSystemMetrics (nIndex=42) returned 0
[0248.450] GetWindowTextW (in: hWnd=0x1902ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0248.450] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0248.451] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0248.451] GetCurrentObject (hdc=0x2c0107f3, type=0x1) returned 0xb00017
[0248.451] GetCurrentObject (hdc=0x2c0107f3, type=0x2) returned 0x900010
[0248.451] GetCurrentObject (hdc=0x2c0107f3, type=0x7) returned 0xffffffffe005067c
[0248.451] GetCurrentObject (hdc=0x2c0107f3, type=0x6) returned 0x8a01c2
[0248.451] SaveDC (hdc=0x2c0107f3) returned 1
[0248.451] GetNearestColor (hdc=0x2c0107f3, color=0x0) returned 0x0
[0248.451] RestoreDC (hdc=0x2c0107f3, nSavedDC=-1) returned 1
[0248.451] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107f3) returned 0x0
[0248.452] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0248.452] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0248.452] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2f17140 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0248.452] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0248.452] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0248.453] GetCurrentObject (hdc=0x2c0107f3, type=0x1) returned 0xb00017
[0248.453] GetCurrentObject (hdc=0x2c0107f3, type=0x2) returned 0x900010
[0248.453] GetCurrentObject (hdc=0x2c0107f3, type=0x7) returned 0xffffffffe005067c
[0248.453] GetCurrentObject (hdc=0x2c0107f3, type=0x6) returned 0x8a01c2
[0248.453] SaveDC (hdc=0x2c0107f3) returned 1
[0248.453] GetTextAlign (hdc=0x2c0107f3) returned 0x0
[0248.453] GetTextColor (hdc=0x2c0107f3) returned 0x0
[0248.453] GetCurrentObject (hdc=0x2c0107f3, type=0x6) returned 0x8a01c2
[0248.453] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0248.453] SelectObject (hdc=0x2c0107f3, h=0x6d0a0520) returned 0x8a01c2
[0248.453] GetBkMode (hdc=0x2c0107f3) returned 2
[0248.453] SetBkMode (hdc=0x2c0107f3, mode=1) returned 2
[0248.454] DrawTextExW (in: hdc=0x2c0107f3, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2f17364 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0248.457] RestoreDC (hdc=0x2c0107f3, nSavedDC=-1) returned 1
[0248.457] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107f3) returned 0x0
[0248.457] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0248.457] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0x2c0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.457] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107f3) returned 0x0
[0248.457] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.457] SelectObject (hdc=0x2c0107f3, h=0x85000f) returned 0xe005067c
[0248.457] DeleteDC (hdc=0x2c0107f3) returned 1
[0248.457] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.458] DeleteObject (ho=0xe005067c) returned 1
[0248.458] EndPaint (hWnd=0x1902ce, lpPaint=0xd7e258) returned 1
[0248.459] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.459] IsWindowUnicode (hWnd=0x2502d8) returned 1
[0248.459] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.459] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.459] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.459] BeginPaint (in: hWnd=0x2502d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0248.459] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.459] CreateCompatibleDC (hdc=0xf0105ee) returned 0xbe0107e9
[0248.459] SelectObject (hdc=0xbe0107e9, h=0x4a0507fe) returned 0x85000f
[0248.459] GdipCreateFromHDC (hdc=0xbe0107e9, graphics=0xd7e268) returned 0x0
[0248.459] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.460] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0248.460] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0248.460] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0248.460] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0248.460] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0248.460] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0248.460] LocalFree (hMem=0x11ee910) returned 0x0
[0248.460] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0248.460] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0248.460] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0248.460] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0248.460] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0248.460] GdipRestoreGraphics (graphics=0x6600030, state=0xf85a0dbd) returned 0x0
[0248.460] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.460] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0248.460] GetCurrentObject (hdc=0xbe0107e9, type=0x1) returned 0xb00017
[0248.461] GetCurrentObject (hdc=0xbe0107e9, type=0x2) returned 0x900010
[0248.461] GetCurrentObject (hdc=0xbe0107e9, type=0x7) returned 0x4a0507fe
[0248.461] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.461] SaveDC (hdc=0xbe0107e9) returned 1
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0x696969) returned 0x696969
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0x0) returned 0x0
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0xffffff) returned 0xffffff
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0xe5e5e5) returned 0xe5e5e5
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0xd7d7d7) returned 0xd7d7d7
[0248.461] GetNearestColor (hdc=0xbe0107e9, color=0x0) returned 0x0
[0248.462] RestoreDC (hdc=0xbe0107e9, nSavedDC=-1) returned 1
[0248.462] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107e9) returned 0x0
[0248.462] IsAppThemed () returned 0x1
[0248.462] GetThemeAppProperties () returned 0x3
[0248.462] GetThemeAppProperties () returned 0x3
[0248.462] GdipGetImageWidth (image=0x664f100, width=0xd7e168) returned 0x0
[0248.462] GdipGetImageHeight (image=0x664f100, height=0xd7e168) returned 0x0
[0248.462] IsAppThemed () returned 0x1
[0248.462] GetThemeAppProperties () returned 0x3
[0248.462] GetThemeAppProperties () returned 0x3
[0248.462] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2f17ab4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0248.462] IsAppThemed () returned 0x1
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] IsAppThemed () returned 0x1
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] GetFocus () returned 0x2502d8
[0248.463] IsAppThemed () returned 0x1
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] IsAppThemed () returned 0x1
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] IsThemePartDefined () returned 0x1
[0248.463] IsAppThemed () returned 0x1
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] GetThemeAppProperties () returned 0x3
[0248.463] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0248.463] IsAppThemed () returned 0x1
[0248.463] GetThemeAppProperties () returned 0x3
[0248.464] GetThemeAppProperties () returned 0x3
[0248.464] IsAppThemed () returned 0x1
[0248.464] GetThemeAppProperties () returned 0x3
[0248.464] GetThemeAppProperties () returned 0x3
[0248.464] IsThemePartDefined () returned 0x1
[0248.464] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0248.464] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.464] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0248.464] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0248.464] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0248.464] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0248.464] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0248.464] LocalFree (hMem=0x11ee868) returned 0x0
[0248.464] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.464] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0248.464] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.464] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0248.464] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e018) returned 0x0
[0248.465] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e008) returned 0x0
[0248.465] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0248.465] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.465] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0248.465] GetCurrentObject (hdc=0xbe0107e9, type=0x1) returned 0xb00017
[0248.465] GetCurrentObject (hdc=0xbe0107e9, type=0x2) returned 0x900010
[0248.465] GetCurrentObject (hdc=0xbe0107e9, type=0x7) returned 0x4a0507fe
[0248.465] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.465] SaveDC (hdc=0xbe0107e9) returned 1
[0248.465] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f040807
[0248.465] GetClipRgn (hdc=0xbe0107e9, hrgn=0x9f040807) returned 0
[0248.465] SelectClipRgn (hdc=0xbe0107e9, hrgn=0x3b0407de) returned 2
[0248.466] DeleteObject (ho=0x9f040807) returned 1
[0248.475] DeleteObject (ho=0x3b0407de) returned 1
[0248.475] OffsetViewportOrgEx (in: hdc=0xbe0107e9, x=0, y=0, lppt=0x2f18164 | out: lppt=0x2f18164) returned 1
[0248.475] DrawThemeParentBackground () returned 0x0
[0248.475] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0248.475] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0248.475] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.476] GetSystemMetrics (nIndex=42) returned 0
[0248.476] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0248.476] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0248.476] GetCurrentObject (hdc=0xbe0107e9, type=0x1) returned 0xb00017
[0248.476] GetCurrentObject (hdc=0xbe0107e9, type=0x2) returned 0x900010
[0248.476] GetCurrentObject (hdc=0xbe0107e9, type=0x7) returned 0x4a0507fe
[0248.476] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.476] SaveDC (hdc=0xbe0107e9) returned 2
[0248.476] GetNearestColor (hdc=0xbe0107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.476] CreateSolidBrush (color=0xf0f0f0) returned 0x9b1007e1
[0248.476] FillRect (hDC=0xbe0107e9, lprc=0xd7da38, hbr=0x9b1007e1) returned 1
[0248.476] DeleteObject (ho=0x9b1007e1) returned 1
[0248.476] RestoreDC (hdc=0xbe0107e9, nSavedDC=-1) returned 1
[0248.476] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.477] GetSystemMetrics (nIndex=42) returned 0
[0248.477] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0248.477] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0248.477] GetCurrentObject (hdc=0xbe0107e9, type=0x1) returned 0xb00017
[0248.477] GetCurrentObject (hdc=0xbe0107e9, type=0x2) returned 0x900010
[0248.477] GetCurrentObject (hdc=0xbe0107e9, type=0x7) returned 0x4a0507fe
[0248.477] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.477] SaveDC (hdc=0xbe0107e9) returned 2
[0248.477] GetNearestColor (hdc=0xbe0107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.477] CreateSolidBrush (color=0xf0f0f0) returned 0x9c1007e1
[0248.477] FillRect (hDC=0xbe0107e9, lprc=0xd7d9d8, hbr=0x9c1007e1) returned 1
[0248.477] DeleteObject (ho=0x9c1007e1) returned 1
[0248.477] RestoreDC (hdc=0xbe0107e9, nSavedDC=-1) returned 1
[0248.477] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.477] GetSystemMetrics (nIndex=42) returned 0
[0248.478] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0248.478] RestoreDC (hdc=0xbe0107e9, nSavedDC=-1) returned 1
[0248.478] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107e9) returned 0x0
[0248.478] IsAppThemed () returned 0x1
[0248.478] GetThemeAppProperties () returned 0x3
[0248.478] GetThemeAppProperties () returned 0x3
[0248.478] IsAppThemed () returned 0x1
[0248.478] GetThemeAppProperties () returned 0x3
[0248.478] GetThemeAppProperties () returned 0x3
[0248.478] IsThemePartDefined () returned 0x1
[0248.478] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0248.478] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0248.478] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0248.478] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0248.479] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0248.479] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0248.479] LocalFree (hMem=0x11ee868) returned 0x0
[0248.479] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0248.479] LocalFree (hMem=0x11ee868) returned 0x0
[0248.479] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0248.479] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0248.479] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0248.479] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0248.479] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.479] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0248.479] GetCurrentObject (hdc=0xbe0107e9, type=0x1) returned 0xb00017
[0248.479] GetCurrentObject (hdc=0xbe0107e9, type=0x2) returned 0x900010
[0248.479] GetCurrentObject (hdc=0xbe0107e9, type=0x7) returned 0x4a0507fe
[0248.479] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.479] SaveDC (hdc=0xbe0107e9) returned 1
[0248.480] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3c0407de
[0248.480] GetClipRgn (hdc=0xbe0107e9, hrgn=0x3c0407de) returned 0
[0248.480] SelectClipRgn (hdc=0xbe0107e9, hrgn=0xa1040807) returned 2
[0248.480] DeleteObject (ho=0x3c0407de) returned 1
[0248.480] DeleteObject (ho=0xa1040807) returned 1
[0248.480] OffsetViewportOrgEx (in: hdc=0xbe0107e9, x=0, y=0, lppt=0x2f18ae8 | out: lppt=0x2f18ae8) returned 1
[0248.480] IsAppThemed () returned 0x1
[0248.480] GetThemeAppProperties () returned 0x3
[0248.480] GetThemeAppProperties () returned 0x3
[0248.480] DrawThemeBackground () returned 0x0
[0248.480] RestoreDC (hdc=0xbe0107e9, nSavedDC=-1) returned 1
[0248.480] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107e9) returned 0x0
[0248.480] GdipCreateRegion (region=0xd7df60) returned 0x0
[0248.480] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0248.480] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0248.481] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0248.481] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df78) returned 0x0
[0248.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0248.481] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0248.481] LocalFree (hMem=0x11ee9f0) returned 0x0
[0248.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0248.481] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0248.481] LocalFree (hMem=0x11ee9f0) returned 0x0
[0248.481] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0248.481] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0248.482] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0248.482] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0248.482] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0248.482] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0248.482] GetCurrentObject (hdc=0xbe0107e9, type=0x1) returned 0xb00017
[0248.482] GetCurrentObject (hdc=0xbe0107e9, type=0x2) returned 0x900010
[0248.482] GetCurrentObject (hdc=0xbe0107e9, type=0x7) returned 0x4a0507fe
[0248.482] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.482] SaveDC (hdc=0xbe0107e9) returned 1
[0248.482] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa2040807
[0248.483] GetClipRgn (hdc=0xbe0107e9, hrgn=0xa2040807) returned 0
[0248.483] SelectClipRgn (hdc=0xbe0107e9, hrgn=0x3d0407de) returned 2
[0248.483] DeleteObject (ho=0xa2040807) returned 1
[0248.483] DeleteObject (ho=0x3d0407de) returned 1
[0248.483] OffsetViewportOrgEx (in: hdc=0xbe0107e9, x=0, y=0, lppt=0x2f18dbc | out: lppt=0x2f18dbc) returned 1
[0248.483] IsAppThemed () returned 0x1
[0248.483] GetThemeAppProperties () returned 0x3
[0248.483] GetThemeAppProperties () returned 0x3
[0248.483] GetThemeBackgroundContentRect () returned 0x0
[0248.483] RestoreDC (hdc=0xbe0107e9, nSavedDC=-1) returned 1
[0248.483] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107e9) returned 0x0
[0248.483] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0248.483] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0248.484] GdipCloneRegion (region=0x66465f8, cloneRegion=0xd7e150) returned 0x0
[0248.484] GdipCombineRegionRectI (region=0x6646688, rect=0xd7e138, combineMode=0x1) returned 0x0
[0248.484] GdipCombineRegionRectI (region=0x6646688, rect=0xd7e138, combineMode=0x1) returned 0x0
[0248.484] GdipSetClipRegion (graphics=0x6600030, region=0x6646688, combineMode=0x0) returned 0x0
[0248.484] GdipGetImageWidth (image=0x664f100, width=0xd7e154) returned 0x0
[0248.484] GdipGetImageHeight (image=0x664f100, height=0xd7e148) returned 0x0
[0248.484] GdipDrawImageRectI (graphics=0x6600030, image=0x664f100, x=4, y=4, width=16, height=16) returned 0x0
[0248.484] GdipSetClipRegion (graphics=0x6600030, region=0x66465f8, combineMode=0x0) returned 0x0
[0248.484] IsAppThemed () returned 0x1
[0248.484] GetThemeAppProperties () returned 0x3
[0248.484] GetThemeAppProperties () returned 0x3
[0248.484] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0248.484] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0248.484] GetCurrentObject (hdc=0xbe0107e9, type=0x1) returned 0xb00017
[0248.484] GetCurrentObject (hdc=0xbe0107e9, type=0x2) returned 0x900010
[0248.484] GetCurrentObject (hdc=0xbe0107e9, type=0x7) returned 0x4a0507fe
[0248.485] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.485] SaveDC (hdc=0xbe0107e9) returned 1
[0248.485] GetTextAlign (hdc=0xbe0107e9) returned 0x0
[0248.485] GetTextColor (hdc=0xbe0107e9) returned 0x0
[0248.485] GetCurrentObject (hdc=0xbe0107e9, type=0x6) returned 0x8a01c2
[0248.485] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0248.485] SelectObject (hdc=0xbe0107e9, h=0x6d0a0520) returned 0x8a01c2
[0248.485] GetBkMode (hdc=0xbe0107e9) returned 2
[0248.485] SetBkMode (hdc=0xbe0107e9, mode=1) returned 2
[0248.485] DrawTextExW (in: hdc=0xbe0107e9, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2f1917c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0248.486] DrawTextExW (in: hdc=0xbe0107e9, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2f1917c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0248.486] RestoreDC (hdc=0xbe0107e9, nSavedDC=-1) returned 1
[0248.486] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107e9) returned 0x0
[0248.486] GetFocus () returned 0x2502d8
[0248.486] IsAppThemed () returned 0x1
[0248.486] GetThemeAppProperties () returned 0x3
[0248.486] GetThemeAppProperties () returned 0x3
[0248.487] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0248.487] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xbe0107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.487] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107e9) returned 0x0
[0248.487] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.487] SelectObject (hdc=0xbe0107e9, h=0x85000f) returned 0x4a0507fe
[0248.487] DeleteDC (hdc=0xbe0107e9) returned 1
[0248.487] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.487] EndPaint (hWnd=0x2502d8, lpPaint=0xd7e24c) returned 1
[0248.487] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.488] IsWindowUnicode (hWnd=0x2600ea) returned 1
[0248.488] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.488] SetCursor (hCursor=0x10003) returned 0x10003
[0248.488] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.488] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.489] _TrackMouseEvent (in: lpEventTrack=0x2f19278 | out: lpEventTrack=0x2f19278) returned 1
[0248.489] SendMessageW (hWnd=0x2600ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0248.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0248.489] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.489] GetKeyState (nVirtKey=1) returned 0
[0248.489] GetKeyState (nVirtKey=2) returned 0
[0248.489] GetKeyState (nVirtKey=4) returned 0
[0248.489] GetKeyState (nVirtKey=5) returned 0
[0248.489] GetKeyState (nVirtKey=6) returned 0
[0248.489] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.489] IsWindowUnicode (hWnd=0x2600ea) returned 1
[0248.489] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.489] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.489] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.489] BeginPaint (in: hWnd=0x2600ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0248.490] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.490] CreateCompatibleDC (hdc=0x10105d6) returned 0xc00107e9
[0248.490] SelectObject (hdc=0xc00107e9, h=0x4a0507fe) returned 0x85000f
[0248.490] GdipCreateFromHDC (hdc=0xc00107e9, graphics=0xd7e268) returned 0x0
[0248.490] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.490] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0248.490] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0248.490] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0248.490] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0248.490] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0248.490] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0248.491] LocalFree (hMem=0x11ee9f0) returned 0x0
[0248.491] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0248.491] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0248.491] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.491] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0248.491] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0248.491] GdipRestoreGraphics (graphics=0x6600030, state=0xf8580dbd) returned 0x0
[0248.491] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0248.491] GetCurrentObject (hdc=0xc00107e9, type=0x1) returned 0xb00017
[0248.491] GetCurrentObject (hdc=0xc00107e9, type=0x2) returned 0x900010
[0248.491] GetCurrentObject (hdc=0xc00107e9, type=0x7) returned 0x4a0507fe
[0248.491] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.491] SaveDC (hdc=0xc00107e9) returned 1
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0x696969) returned 0x696969
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0x0) returned 0x0
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0xffffff) returned 0xffffff
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0xe5e5e5) returned 0xe5e5e5
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0xd7d7d7) returned 0xd7d7d7
[0248.492] GetNearestColor (hdc=0xc00107e9, color=0x0) returned 0x0
[0248.492] RestoreDC (hdc=0xc00107e9, nSavedDC=-1) returned 1
[0248.493] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107e9) returned 0x0
[0248.493] IsAppThemed () returned 0x1
[0248.493] GetThemeAppProperties () returned 0x3
[0248.493] GetThemeAppProperties () returned 0x3
[0248.493] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0248.493] SendMessageW (hWnd=0x1802d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0248.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0248.493] IsAppThemed () returned 0x1
[0248.493] GetThemeAppProperties () returned 0x3
[0248.493] GetThemeAppProperties () returned 0x3
[0248.493] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2f199e4 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0248.494] IsAppThemed () returned 0x1
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] IsAppThemed () returned 0x1
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] IsAppThemed () returned 0x1
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] IsAppThemed () returned 0x1
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] GetThemeAppProperties () returned 0x3
[0248.494] IsThemePartDefined () returned 0x1
[0248.494] IsAppThemed () returned 0x1
[0248.495] GetThemeAppProperties () returned 0x3
[0248.495] GetThemeAppProperties () returned 0x3
[0248.495] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0248.495] IsAppThemed () returned 0x1
[0248.495] GetThemeAppProperties () returned 0x3
[0248.495] GetThemeAppProperties () returned 0x3
[0248.495] IsAppThemed () returned 0x1
[0248.495] GetThemeAppProperties () returned 0x3
[0248.495] GetThemeAppProperties () returned 0x3
[0248.495] IsThemePartDefined () returned 0x1
[0248.495] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0248.495] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0248.495] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0248.495] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0248.496] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dfe4) returned 0x0
[0248.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.496] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0248.496] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.496] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0248.496] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.496] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0248.496] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0248.496] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0248.496] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0248.496] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0248.496] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0248.496] GetCurrentObject (hdc=0xc00107e9, type=0x1) returned 0xb00017
[0248.497] GetCurrentObject (hdc=0xc00107e9, type=0x2) returned 0x900010
[0248.497] GetCurrentObject (hdc=0xc00107e9, type=0x7) returned 0x4a0507fe
[0248.497] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.497] SaveDC (hdc=0xc00107e9) returned 1
[0248.497] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3e0407de
[0248.497] GetClipRgn (hdc=0xc00107e9, hrgn=0x3e0407de) returned 0
[0248.497] SelectClipRgn (hdc=0xc00107e9, hrgn=0xa6040807) returned 2
[0248.497] DeleteObject (ho=0x3e0407de) returned 1
[0248.497] DeleteObject (ho=0xa6040807) returned 1
[0248.497] OffsetViewportOrgEx (in: hdc=0xc00107e9, x=0, y=0, lppt=0x2f1a094 | out: lppt=0x2f1a094) returned 1
[0248.497] DrawThemeParentBackground () returned 0x0
[0248.498] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0248.498] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0248.498] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.498] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.498] GetSystemMetrics (nIndex=42) returned 0
[0248.498] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.498] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0248.498] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0248.510] GetCurrentObject (hdc=0xc00107e9, type=0x1) returned 0xb00017
[0248.510] GetCurrentObject (hdc=0xc00107e9, type=0x2) returned 0x900010
[0248.510] GetCurrentObject (hdc=0xc00107e9, type=0x7) returned 0x4a0507fe
[0248.510] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.510] SaveDC (hdc=0xc00107e9) returned 2
[0248.512] GetNearestColor (hdc=0xc00107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.512] CreateSolidBrush (color=0xf0f0f0) returned 0x9d1007e1
[0248.512] FillRect (hDC=0xc00107e9, lprc=0xd7da30, hbr=0x9d1007e1) returned 1
[0248.513] DeleteObject (ho=0x9d1007e1) returned 1
[0248.513] RestoreDC (hdc=0xc00107e9, nSavedDC=-1) returned 1
[0248.513] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.513] GetSystemMetrics (nIndex=42) returned 0
[0248.513] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0248.513] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0248.513] GetCurrentObject (hdc=0xc00107e9, type=0x1) returned 0xb00017
[0248.513] GetCurrentObject (hdc=0xc00107e9, type=0x2) returned 0x900010
[0248.513] GetCurrentObject (hdc=0xc00107e9, type=0x7) returned 0x4a0507fe
[0248.513] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.513] SaveDC (hdc=0xc00107e9) returned 2
[0248.513] GetNearestColor (hdc=0xc00107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.514] CreateSolidBrush (color=0xf0f0f0) returned 0x9e1007e1
[0248.514] FillRect (hDC=0xc00107e9, lprc=0xd7d9d0, hbr=0x9e1007e1) returned 1
[0248.514] DeleteObject (ho=0x9e1007e1) returned 1
[0248.514] RestoreDC (hdc=0xc00107e9, nSavedDC=-1) returned 1
[0248.514] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.514] GetSystemMetrics (nIndex=42) returned 0
[0248.514] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0248.514] RestoreDC (hdc=0xc00107e9, nSavedDC=-1) returned 1
[0248.514] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107e9) returned 0x0
[0248.514] IsAppThemed () returned 0x1
[0248.514] GetThemeAppProperties () returned 0x3
[0248.514] GetThemeAppProperties () returned 0x3
[0248.515] IsAppThemed () returned 0x1
[0248.515] GetThemeAppProperties () returned 0x3
[0248.515] GetThemeAppProperties () returned 0x3
[0248.515] IsThemePartDefined () returned 0x1
[0248.515] GdipCreateRegion (region=0xd7df50) returned 0x0
[0248.515] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0248.515] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0248.515] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0248.515] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0248.515] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.515] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0248.515] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.515] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.515] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0248.515] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.515] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0248.517] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0248.550] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df80) returned 0x0
[0248.550] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0248.550] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0248.550] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0248.550] GetCurrentObject (hdc=0xc00107e9, type=0x1) returned 0xb00017
[0248.550] GetCurrentObject (hdc=0xc00107e9, type=0x2) returned 0x900010
[0248.550] GetCurrentObject (hdc=0xc00107e9, type=0x7) returned 0x4a0507fe
[0248.550] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.588] SaveDC (hdc=0xc00107e9) returned 1
[0248.588] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa7040807
[0248.588] GetClipRgn (hdc=0xc00107e9, hrgn=0xa7040807) returned 0
[0248.588] SelectClipRgn (hdc=0xc00107e9, hrgn=0x400407de) returned 2
[0248.588] DeleteObject (ho=0xa7040807) returned 1
[0248.589] DeleteObject (ho=0x400407de) returned 1
[0248.589] OffsetViewportOrgEx (in: hdc=0xc00107e9, x=0, y=0, lppt=0x2d4b900 | out: lppt=0x2d4b900) returned 1
[0248.589] IsAppThemed () returned 0x1
[0248.589] GetThemeAppProperties () returned 0x3
[0248.589] GetThemeAppProperties () returned 0x3
[0248.589] DrawThemeBackground () returned 0x0
[0248.589] RestoreDC (hdc=0xc00107e9, nSavedDC=-1) returned 1
[0248.589] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107e9) returned 0x0
[0248.589] GdipCreateRegion (region=0xd7df54) returned 0x0
[0248.589] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.589] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0248.589] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0248.589] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df6c) returned 0x0
[0248.589] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.590] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0248.590] LocalFree (hMem=0x11ee788) returned 0x0
[0248.590] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0248.590] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea98) returned 0x0
[0248.590] LocalFree (hMem=0x11eea98) returned 0x0
[0248.590] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0248.590] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df94) returned 0x0
[0248.590] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df84) returned 0x0
[0248.590] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0248.590] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.590] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0248.590] GetCurrentObject (hdc=0xc00107e9, type=0x1) returned 0xb00017
[0248.590] GetCurrentObject (hdc=0xc00107e9, type=0x2) returned 0x900010
[0248.590] GetCurrentObject (hdc=0xc00107e9, type=0x7) returned 0x4a0507fe
[0248.590] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.590] SaveDC (hdc=0xc00107e9) returned 1
[0248.591] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x410407de
[0248.591] GetClipRgn (hdc=0xc00107e9, hrgn=0x410407de) returned 0
[0248.591] SelectClipRgn (hdc=0xc00107e9, hrgn=0xa8040807) returned 2
[0248.591] DeleteObject (ho=0x410407de) returned 1
[0248.591] DeleteObject (ho=0xa8040807) returned 1
[0248.591] OffsetViewportOrgEx (in: hdc=0xc00107e9, x=0, y=0, lppt=0x2d4bbd4 | out: lppt=0x2d4bbd4) returned 1
[0248.591] IsAppThemed () returned 0x1
[0248.591] GetThemeAppProperties () returned 0x3
[0248.591] GetThemeAppProperties () returned 0x3
[0248.591] GetThemeBackgroundContentRect () returned 0x0
[0248.591] RestoreDC (hdc=0xc00107e9, nSavedDC=-1) returned 1
[0248.592] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107e9) returned 0x0
[0248.592] IsAppThemed () returned 0x1
[0248.592] GetThemeAppProperties () returned 0x3
[0248.592] GetThemeAppProperties () returned 0x3
[0248.592] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0248.592] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0248.592] GetCurrentObject (hdc=0xc00107e9, type=0x1) returned 0xb00017
[0248.592] GetCurrentObject (hdc=0xc00107e9, type=0x2) returned 0x900010
[0248.592] GetCurrentObject (hdc=0xc00107e9, type=0x7) returned 0x4a0507fe
[0248.592] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.592] SaveDC (hdc=0xc00107e9) returned 1
[0248.592] GetTextAlign (hdc=0xc00107e9) returned 0x0
[0248.592] GetTextColor (hdc=0xc00107e9) returned 0x0
[0248.592] GetCurrentObject (hdc=0xc00107e9, type=0x6) returned 0x8a01c2
[0248.592] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0248.593] SelectObject (hdc=0xc00107e9, h=0x6d0a0520) returned 0x8a01c2
[0248.593] GetBkMode (hdc=0xc00107e9) returned 2
[0248.593] SetBkMode (hdc=0xc00107e9, mode=1) returned 2
[0248.593] DrawTextExW (in: hdc=0xc00107e9, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d4bf74 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0248.593] DrawTextExW (in: hdc=0xc00107e9, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d4bf74 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0248.593] RestoreDC (hdc=0xc00107e9, nSavedDC=-1) returned 1
[0248.594] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107e9) returned 0x0
[0248.594] GetFocus () returned 0x2502d8
[0248.594] IsAppThemed () returned 0x1
[0248.594] GetThemeAppProperties () returned 0x3
[0248.594] GetThemeAppProperties () returned 0x3
[0248.594] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0248.594] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xc00107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.594] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107e9) returned 0x0
[0248.594] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.594] SelectObject (hdc=0xc00107e9, h=0x85000f) returned 0x4a0507fe
[0248.594] DeleteDC (hdc=0xc00107e9) returned 1
[0248.594] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.595] EndPaint (hWnd=0x2600ea, lpPaint=0xd7e24c) returned 1
[0248.595] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.595] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.595] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.595] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.595] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.596] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.596] IsWindowUnicode (hWnd=0x2302dc) returned 1
[0248.596] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.596] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.596] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.596] BeginPaint (in: hWnd=0x2302dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0248.597] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.597] CreateCompatibleDC (hdc=0x107b9) returned 0xc20107e9
[0248.597] SelectObject (hdc=0xc20107e9, h=0x4a0507fe) returned 0x85000f
[0248.597] GdipCreateFromHDC (hdc=0xc20107e9, graphics=0xd7e268) returned 0x0
[0248.597] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.597] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0248.597] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0248.597] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0248.597] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0248.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0248.597] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0248.597] LocalFree (hMem=0x11ee868) returned 0x0
[0248.597] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0248.598] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0248.598] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0248.598] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0248.598] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0248.598] GdipRestoreGraphics (graphics=0x6600030, state=0xf8560dbd) returned 0x0
[0248.598] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0248.598] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0248.598] GetCurrentObject (hdc=0xc20107e9, type=0x1) returned 0xb00017
[0248.598] GetCurrentObject (hdc=0xc20107e9, type=0x2) returned 0x900010
[0248.598] GetCurrentObject (hdc=0xc20107e9, type=0x7) returned 0x4a0507fe
[0248.598] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.598] SaveDC (hdc=0xc20107e9) returned 1
[0248.598] GetNearestColor (hdc=0xc20107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.598] GetNearestColor (hdc=0xc20107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.598] GetNearestColor (hdc=0xc20107e9, color=0x696969) returned 0x696969
[0248.598] GetNearestColor (hdc=0xc20107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.599] GetNearestColor (hdc=0xc20107e9, color=0x0) returned 0x0
[0248.599] GetNearestColor (hdc=0xc20107e9, color=0xffffff) returned 0xffffff
[0248.599] GetNearestColor (hdc=0xc20107e9, color=0xe5e5e5) returned 0xe5e5e5
[0248.599] GetNearestColor (hdc=0xc20107e9, color=0xd7d7d7) returned 0xd7d7d7
[0248.599] GetNearestColor (hdc=0xc20107e9, color=0x0) returned 0x0
[0248.599] RestoreDC (hdc=0xc20107e9, nSavedDC=-1) returned 1
[0248.599] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107e9) returned 0x0
[0248.599] IsAppThemed () returned 0x1
[0248.599] GetThemeAppProperties () returned 0x3
[0248.599] GetThemeAppProperties () returned 0x3
[0248.599] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0248.599] SendMessageW (hWnd=0x1802d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0248.599] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0248.599] IsAppThemed () returned 0x1
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d4c784 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0248.600] IsAppThemed () returned 0x1
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] IsAppThemed () returned 0x1
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] GetFocus () returned 0x2502d8
[0248.600] IsAppThemed () returned 0x1
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] GetThemeAppProperties () returned 0x3
[0248.600] IsAppThemed () returned 0x1
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] IsThemePartDefined () returned 0x1
[0248.601] IsAppThemed () returned 0x1
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0248.601] IsAppThemed () returned 0x1
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] IsAppThemed () returned 0x1
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] GetThemeAppProperties () returned 0x3
[0248.601] IsThemePartDefined () returned 0x1
[0248.601] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0248.601] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.601] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0248.601] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0248.601] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0248.602] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0248.602] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.602] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0248.602] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.602] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0248.602] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e018) returned 0x0
[0248.602] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e008) returned 0x0
[0248.602] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0248.602] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0248.602] GetCurrentObject (hdc=0xc20107e9, type=0x1) returned 0xb00017
[0248.602] GetCurrentObject (hdc=0xc20107e9, type=0x2) returned 0x900010
[0248.602] GetCurrentObject (hdc=0xc20107e9, type=0x7) returned 0x4a0507fe
[0248.602] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.602] SaveDC (hdc=0xc20107e9) returned 1
[0248.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa9040807
[0248.602] GetClipRgn (hdc=0xc20107e9, hrgn=0xa9040807) returned 0
[0248.603] SelectClipRgn (hdc=0xc20107e9, hrgn=0x450407de) returned 2
[0248.603] DeleteObject (ho=0xa9040807) returned 1
[0248.603] DeleteObject (ho=0x450407de) returned 1
[0248.603] OffsetViewportOrgEx (in: hdc=0xc20107e9, x=0, y=0, lppt=0x2d4ce34 | out: lppt=0x2d4ce34) returned 1
[0248.603] DrawThemeParentBackground () returned 0x0
[0248.603] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0248.603] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0248.603] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.603] GetSystemMetrics (nIndex=42) returned 0
[0248.603] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0248.603] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0248.603] GetCurrentObject (hdc=0xc20107e9, type=0x1) returned 0xb00017
[0248.604] GetCurrentObject (hdc=0xc20107e9, type=0x2) returned 0x900010
[0248.604] GetCurrentObject (hdc=0xc20107e9, type=0x7) returned 0x4a0507fe
[0248.604] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.604] SaveDC (hdc=0xc20107e9) returned 2
[0248.604] GetNearestColor (hdc=0xc20107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.604] CreateSolidBrush (color=0xf0f0f0) returned 0x9f1007e1
[0248.604] FillRect (hDC=0xc20107e9, lprc=0xd7da38, hbr=0x9f1007e1) returned 1
[0248.604] DeleteObject (ho=0x9f1007e1) returned 1
[0248.604] RestoreDC (hdc=0xc20107e9, nSavedDC=-1) returned 1
[0248.604] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.604] GetSystemMetrics (nIndex=42) returned 0
[0248.604] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0248.605] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0248.605] GetCurrentObject (hdc=0xc20107e9, type=0x1) returned 0xb00017
[0248.605] GetCurrentObject (hdc=0xc20107e9, type=0x2) returned 0x900010
[0248.605] GetCurrentObject (hdc=0xc20107e9, type=0x7) returned 0x4a0507fe
[0248.605] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.605] SaveDC (hdc=0xc20107e9) returned 2
[0248.605] GetNearestColor (hdc=0xc20107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.605] CreateSolidBrush (color=0xf0f0f0) returned 0xa01007e1
[0248.605] FillRect (hDC=0xc20107e9, lprc=0xd7d9d8, hbr=0xa01007e1) returned 1
[0248.605] DeleteObject (ho=0xa01007e1) returned 1
[0248.605] RestoreDC (hdc=0xc20107e9, nSavedDC=-1) returned 1
[0248.605] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.605] GetSystemMetrics (nIndex=42) returned 0
[0248.605] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0248.606] RestoreDC (hdc=0xc20107e9, nSavedDC=-1) returned 1
[0248.606] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107e9) returned 0x0
[0248.606] IsAppThemed () returned 0x1
[0248.606] GetThemeAppProperties () returned 0x3
[0248.606] GetThemeAppProperties () returned 0x3
[0248.606] IsAppThemed () returned 0x1
[0248.606] GetThemeAppProperties () returned 0x3
[0248.606] GetThemeAppProperties () returned 0x3
[0248.606] IsThemePartDefined () returned 0x1
[0248.610] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0248.610] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0248.610] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0248.610] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0248.610] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0248.610] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.611] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0248.611] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.611] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.611] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0248.611] LocalFree (hMem=0x11ee788) returned 0x0
[0248.611] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0248.611] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0248.611] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0248.611] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0248.611] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0248.611] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0248.611] GetCurrentObject (hdc=0xc20107e9, type=0x1) returned 0xb00017
[0248.611] GetCurrentObject (hdc=0xc20107e9, type=0x2) returned 0x900010
[0248.611] GetCurrentObject (hdc=0xc20107e9, type=0x7) returned 0x4a0507fe
[0248.611] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.612] SaveDC (hdc=0xc20107e9) returned 1
[0248.612] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x460407de
[0248.612] GetClipRgn (hdc=0xc20107e9, hrgn=0x460407de) returned 0
[0248.612] SelectClipRgn (hdc=0xc20107e9, hrgn=0xab040807) returned 2
[0248.612] DeleteObject (ho=0x460407de) returned 1
[0248.612] DeleteObject (ho=0xab040807) returned 1
[0248.612] OffsetViewportOrgEx (in: hdc=0xc20107e9, x=0, y=0, lppt=0x2d4d7b8 | out: lppt=0x2d4d7b8) returned 1
[0248.612] IsAppThemed () returned 0x1
[0248.612] GetThemeAppProperties () returned 0x3
[0248.612] GetThemeAppProperties () returned 0x3
[0248.612] DrawThemeBackground () returned 0x0
[0248.612] RestoreDC (hdc=0xc20107e9, nSavedDC=-1) returned 1
[0248.612] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107e9) returned 0x0
[0248.612] GdipCreateRegion (region=0xd7df60) returned 0x0
[0248.612] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.613] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0248.613] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0248.613] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0248.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0248.613] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0248.613] LocalFree (hMem=0x11ee8d8) returned 0x0
[0248.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0248.613] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0248.613] LocalFree (hMem=0x11ee9f0) returned 0x0
[0248.613] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0248.613] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0248.613] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0248.613] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0248.613] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.613] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0248.613] GetCurrentObject (hdc=0xc20107e9, type=0x1) returned 0xb00017
[0248.613] GetCurrentObject (hdc=0xc20107e9, type=0x2) returned 0x900010
[0248.614] GetCurrentObject (hdc=0xc20107e9, type=0x7) returned 0x4a0507fe
[0248.614] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.614] SaveDC (hdc=0xc20107e9) returned 1
[0248.614] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xac040807
[0248.614] GetClipRgn (hdc=0xc20107e9, hrgn=0xac040807) returned 0
[0248.614] SelectClipRgn (hdc=0xc20107e9, hrgn=0x470407de) returned 2
[0248.614] DeleteObject (ho=0xac040807) returned 1
[0248.614] DeleteObject (ho=0x470407de) returned 1
[0248.614] OffsetViewportOrgEx (in: hdc=0xc20107e9, x=0, y=0, lppt=0x2d4da8c | out: lppt=0x2d4da8c) returned 1
[0248.614] IsAppThemed () returned 0x1
[0248.614] GetThemeAppProperties () returned 0x3
[0248.614] GetThemeAppProperties () returned 0x3
[0248.614] GetThemeBackgroundContentRect () returned 0x0
[0248.614] RestoreDC (hdc=0xc20107e9, nSavedDC=-1) returned 1
[0248.614] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107e9) returned 0x0
[0248.614] IsAppThemed () returned 0x1
[0248.615] GetThemeAppProperties () returned 0x3
[0248.615] GetThemeAppProperties () returned 0x3
[0248.615] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0248.615] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0248.615] GetCurrentObject (hdc=0xc20107e9, type=0x1) returned 0xb00017
[0248.615] GetCurrentObject (hdc=0xc20107e9, type=0x2) returned 0x900010
[0248.615] GetCurrentObject (hdc=0xc20107e9, type=0x7) returned 0x4a0507fe
[0248.615] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.615] SaveDC (hdc=0xc20107e9) returned 1
[0248.615] GetTextAlign (hdc=0xc20107e9) returned 0x0
[0248.615] GetTextColor (hdc=0xc20107e9) returned 0x0
[0248.615] GetCurrentObject (hdc=0xc20107e9, type=0x6) returned 0x8a01c2
[0248.615] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0248.615] SelectObject (hdc=0xc20107e9, h=0x6d0a0520) returned 0x8a01c2
[0248.616] GetBkMode (hdc=0xc20107e9) returned 2
[0248.616] SetBkMode (hdc=0xc20107e9, mode=1) returned 2
[0248.616] DrawTextExW (in: hdc=0xc20107e9, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d4de2c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0248.616] DrawTextExW (in: hdc=0xc20107e9, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d4de2c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0248.616] RestoreDC (hdc=0xc20107e9, nSavedDC=-1) returned 1
[0248.616] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107e9) returned 0x0
[0248.616] GetFocus () returned 0x2502d8
[0248.617] IsAppThemed () returned 0x1
[0248.617] GetThemeAppProperties () returned 0x3
[0248.617] GetThemeAppProperties () returned 0x3
[0248.617] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0248.617] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xc20107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.617] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107e9) returned 0x0
[0248.617] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.617] SelectObject (hdc=0xc20107e9, h=0x85000f) returned 0x4a0507fe
[0248.617] DeleteDC (hdc=0xc20107e9) returned 1
[0248.617] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.617] EndPaint (hWnd=0x2302dc, lpPaint=0xd7e24c) returned 1
[0248.618] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.618] IsWindowUnicode (hWnd=0x602c4) returned 1
[0248.618] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.618] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.618] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.618] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0248.618] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.618] CreateCompatibleDC (hdc=0x60100ce) returned 0xc40107e9
[0248.618] SelectObject (hdc=0xc40107e9, h=0x4a0507fe) returned 0x85000f
[0248.618] GdipCreateFromHDC (hdc=0xc40107e9, graphics=0xd7e268) returned 0x0
[0248.619] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.619] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0248.619] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0248.619] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0248.619] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0248.619] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.619] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0248.619] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.619] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0248.619] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0248.619] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0248.619] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0248.619] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0248.619] GdipRestoreGraphics (graphics=0x6600030, state=0xf8540dbd) returned 0x0
[0248.619] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.620] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0248.620] GetCurrentObject (hdc=0xc40107e9, type=0x1) returned 0xb00017
[0248.620] GetCurrentObject (hdc=0xc40107e9, type=0x2) returned 0x900010
[0248.620] GetCurrentObject (hdc=0xc40107e9, type=0x7) returned 0x4a0507fe
[0248.620] GetCurrentObject (hdc=0xc40107e9, type=0x6) returned 0x8a01c2
[0248.620] SaveDC (hdc=0xc40107e9) returned 1
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0xff) returned 0xff
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0x55) returned 0x55
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0x0) returned 0x0
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0x55) returned 0x55
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0x0) returned 0x0
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0x8080ff) returned 0x8080ff
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0x7373e5) returned 0x7373e5
[0248.620] GetNearestColor (hdc=0xc40107e9, color=0xe5) returned 0xe5
[0248.621] GetNearestColor (hdc=0xc40107e9, color=0x0) returned 0x0
[0248.621] RestoreDC (hdc=0xc40107e9, nSavedDC=-1) returned 1
[0248.621] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107e9) returned 0x0
[0248.621] IsAppThemed () returned 0x1
[0248.621] GetThemeAppProperties () returned 0x3
[0248.621] GetThemeAppProperties () returned 0x3
[0248.621] IsAppThemed () returned 0x1
[0248.621] GetThemeAppProperties () returned 0x3
[0248.621] GetThemeAppProperties () returned 0x3
[0248.621] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d4e5f4 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0248.621] IsAppThemed () returned 0x1
[0248.621] GetThemeAppProperties () returned 0x3
[0248.622] GetThemeAppProperties () returned 0x3
[0248.622] IsAppThemed () returned 0x1
[0248.622] GetThemeAppProperties () returned 0x3
[0248.622] GetThemeAppProperties () returned 0x3
[0248.622] GetFocus () returned 0x2502d8
[0248.626] IsAppThemed () returned 0x1
[0248.626] GetThemeAppProperties () returned 0x3
[0248.626] GetThemeAppProperties () returned 0x3
[0248.626] IsAppThemed () returned 0x1
[0248.626] GetThemeAppProperties () returned 0x3
[0248.626] GetThemeAppProperties () returned 0x3
[0248.627] IsThemePartDefined () returned 0x1
[0248.627] IsAppThemed () returned 0x1
[0248.627] GetThemeAppProperties () returned 0x3
[0248.627] GetThemeAppProperties () returned 0x3
[0248.627] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0248.627] IsAppThemed () returned 0x1
[0248.627] GetThemeAppProperties () returned 0x3
[0248.627] GetThemeAppProperties () returned 0x3
[0248.627] IsAppThemed () returned 0x1
[0248.627] GetThemeAppProperties () returned 0x3
[0248.627] GetThemeAppProperties () returned 0x3
[0248.627] IsThemePartDefined () returned 0x1
[0248.627] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0248.627] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0248.627] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0248.627] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0248.627] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0248.652] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.652] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0248.652] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.652] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.652] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0248.652] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.652] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0248.652] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e018) returned 0x0
[0248.652] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e008) returned 0x0
[0248.652] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0248.652] GdipDeleteRegion (region=0x6646568) returned 0x0
[0248.652] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0248.653] GetCurrentObject (hdc=0xc40107e9, type=0x1) returned 0xb00017
[0248.653] GetCurrentObject (hdc=0xc40107e9, type=0x2) returned 0x900010
[0248.653] GetCurrentObject (hdc=0xc40107e9, type=0x7) returned 0x4a0507fe
[0248.653] GetCurrentObject (hdc=0xc40107e9, type=0x6) returned 0x8a01c2
[0248.653] SaveDC (hdc=0xc40107e9) returned 1
[0248.653] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x480407de
[0248.653] GetClipRgn (hdc=0xc40107e9, hrgn=0x480407de) returned 0
[0248.653] SelectClipRgn (hdc=0xc40107e9, hrgn=0xb0040807) returned 2
[0248.653] DeleteObject (ho=0x480407de) returned 1
[0248.653] DeleteObject (ho=0xb0040807) returned 1
[0248.653] OffsetViewportOrgEx (in: hdc=0xc40107e9, x=0, y=0, lppt=0x2d4eca4 | out: lppt=0x2d4eca4) returned 1
[0248.653] DrawThemeParentBackground () returned 0x0
[0248.654] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0248.654] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0248.654] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.654] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.654] GetSystemMetrics (nIndex=42) returned 0
[0248.654] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.654] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0248.654] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0248.654] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0248.654] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0248.654] SelectPalette (hdc=0xc40107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.654] GdipCreateFromHDC (hdc=0xc40107e9, graphics=0xd7dac8) returned 0x0
[0248.655] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0248.655] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0248.655] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638bd8) returned 0x0
[0248.655] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7daa0) returned 0x0
[0248.655] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0248.655] GdipCreateRegion (region=0xd7da88) returned 0x0
[0248.655] GdipGetClip (graphics=0x663e568, region=0x66469e8) returned 0x0
[0248.655] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x663e568, result=0xd7da94) returned 0x0
[0248.655] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.655] GdipSaveGraphics (graphics=0x663e568, state=0xd7dac0) returned 0x0
[0248.655] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0248.663] GdipFillRectangleI (graphics=0x663e568, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0248.663] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0248.665] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0248.665] SelectPalette (hdc=0xc40107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.665] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.665] GetSystemMetrics (nIndex=42) returned 0
[0248.665] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0248.665] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0248.665] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0248.665] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0248.665] SelectPalette (hdc=0xc40107e9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.665] GdipCreateFromHDC (hdc=0xc40107e9, graphics=0xd7da68) returned 0x0
[0248.666] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0248.666] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0248.666] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c08) returned 0x0
[0248.666] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7da40) returned 0x0
[0248.666] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0248.666] GdipCreateRegion (region=0xd7da28) returned 0x0
[0248.666] GdipGetClip (graphics=0x663e568, region=0x66469e8) returned 0x0
[0248.666] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x663e568, result=0xd7da34) returned 0x0
[0248.666] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.666] GdipSaveGraphics (graphics=0x663e568, state=0xd7da60) returned 0x0
[0248.666] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0248.677] GdipFillRectangleI (graphics=0x663e568, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0248.677] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0248.679] GdipRestoreGraphics (graphics=0x663e568, state=0xf8500dbd) returned 0x0
[0248.679] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.679] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.679] GetSystemMetrics (nIndex=42) returned 0
[0248.679] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.679] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0248.679] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0248.679] SelectPalette (hdc=0xc40107e9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.679] RestoreDC (hdc=0xc40107e9, nSavedDC=-1) returned 1
[0248.680] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107e9) returned 0x0
[0248.680] IsAppThemed () returned 0x1
[0248.680] GetThemeAppProperties () returned 0x3
[0248.680] GetThemeAppProperties () returned 0x3
[0248.680] IsAppThemed () returned 0x1
[0248.680] GetThemeAppProperties () returned 0x3
[0248.680] GetThemeAppProperties () returned 0x3
[0248.680] IsThemePartDefined () returned 0x1
[0248.680] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0248.680] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.680] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0248.680] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0248.680] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0248.680] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.680] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0248.680] LocalFree (hMem=0x11ee788) returned 0x0
[0248.680] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.681] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0248.681] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.681] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0248.681] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0248.681] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0248.681] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0248.681] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.681] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0248.681] GetCurrentObject (hdc=0xc40107e9, type=0x1) returned 0xb00017
[0248.681] GetCurrentObject (hdc=0xc40107e9, type=0x2) returned 0x900010
[0248.681] GetCurrentObject (hdc=0xc40107e9, type=0x7) returned 0x4a0507fe
[0248.681] GetCurrentObject (hdc=0xc40107e9, type=0x6) returned 0x8a01c2
[0248.681] SaveDC (hdc=0xc40107e9) returned 1
[0248.681] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb1040807
[0248.681] GetClipRgn (hdc=0xc40107e9, hrgn=0xb1040807) returned 0
[0248.682] SelectClipRgn (hdc=0xc40107e9, hrgn=0x4a0407de) returned 2
[0248.682] DeleteObject (ho=0xb1040807) returned 1
[0248.682] DeleteObject (ho=0x4a0407de) returned 1
[0248.682] OffsetViewportOrgEx (in: hdc=0xc40107e9, x=0, y=0, lppt=0x2d554f4 | out: lppt=0x2d554f4) returned 1
[0248.682] IsAppThemed () returned 0x1
[0248.682] GetThemeAppProperties () returned 0x3
[0248.682] GetThemeAppProperties () returned 0x3
[0248.682] DrawThemeBackground () returned 0x0
[0248.682] RestoreDC (hdc=0xc40107e9, nSavedDC=-1) returned 1
[0248.682] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107e9) returned 0x0
[0248.682] GdipCreateRegion (region=0xd7df60) returned 0x0
[0248.682] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0248.682] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0248.682] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0248.682] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0248.682] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.683] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0248.683] LocalFree (hMem=0x11ee788) returned 0x0
[0248.683] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0248.683] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0248.683] LocalFree (hMem=0x11eea60) returned 0x0
[0248.683] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0248.683] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0248.683] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0248.683] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0248.683] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0248.683] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0248.683] GetCurrentObject (hdc=0xc40107e9, type=0x1) returned 0xb00017
[0248.683] GetCurrentObject (hdc=0xc40107e9, type=0x2) returned 0x900010
[0248.683] GetCurrentObject (hdc=0xc40107e9, type=0x7) returned 0x4a0507fe
[0248.683] GetCurrentObject (hdc=0xc40107e9, type=0x6) returned 0x8a01c2
[0248.683] SaveDC (hdc=0xc40107e9) returned 1
[0248.683] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b0407de
[0248.684] GetClipRgn (hdc=0xc40107e9, hrgn=0x4b0407de) returned 0
[0248.684] SelectClipRgn (hdc=0xc40107e9, hrgn=0xb2040807) returned 2
[0248.684] DeleteObject (ho=0x4b0407de) returned 1
[0248.684] DeleteObject (ho=0xb2040807) returned 1
[0248.684] OffsetViewportOrgEx (in: hdc=0xc40107e9, x=0, y=0, lppt=0x2d557c8 | out: lppt=0x2d557c8) returned 1
[0248.684] IsAppThemed () returned 0x1
[0248.684] GetThemeAppProperties () returned 0x3
[0248.684] GetThemeAppProperties () returned 0x3
[0248.684] GetThemeBackgroundContentRect () returned 0x0
[0248.684] RestoreDC (hdc=0xc40107e9, nSavedDC=-1) returned 1
[0248.684] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107e9) returned 0x0
[0248.684] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0248.684] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0248.684] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0248.685] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0248.685] IsAppThemed () returned 0x1
[0248.685] GetThemeAppProperties () returned 0x3
[0248.685] GetThemeAppProperties () returned 0x3
[0248.685] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0248.685] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0248.685] GetCurrentObject (hdc=0xc40107e9, type=0x1) returned 0xb00017
[0248.685] GetCurrentObject (hdc=0xc40107e9, type=0x2) returned 0x900010
[0248.685] GetCurrentObject (hdc=0xc40107e9, type=0x7) returned 0x4a0507fe
[0248.685] GetCurrentObject (hdc=0xc40107e9, type=0x6) returned 0x8a01c2
[0248.685] SaveDC (hdc=0xc40107e9) returned 1
[0248.685] GetTextAlign (hdc=0xc40107e9) returned 0x0
[0248.685] GetTextColor (hdc=0xc40107e9) returned 0x0
[0248.685] GetCurrentObject (hdc=0xc40107e9, type=0x6) returned 0x8a01c2
[0248.685] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0248.685] SelectObject (hdc=0xc40107e9, h=0x6d0a0520) returned 0x8a01c2
[0248.686] GetBkMode (hdc=0xc40107e9) returned 2
[0248.686] SetBkMode (hdc=0xc40107e9, mode=1) returned 2
[0248.686] DrawTextExW (in: hdc=0xc40107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d55b8c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0248.686] DrawTextExW (in: hdc=0xc40107e9, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d55b8c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0248.686] RestoreDC (hdc=0xc40107e9, nSavedDC=-1) returned 1
[0248.687] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107e9) returned 0x0
[0248.687] GetFocus () returned 0x2502d8
[0248.687] IsAppThemed () returned 0x1
[0248.687] GetThemeAppProperties () returned 0x3
[0248.687] GetThemeAppProperties () returned 0x3
[0248.687] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0248.687] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xc40107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.687] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107e9) returned 0x0
[0248.687] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.687] SelectObject (hdc=0xc40107e9, h=0x85000f) returned 0x4a0507fe
[0248.687] DeleteDC (hdc=0xc40107e9) returned 1
[0248.687] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.687] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0248.688] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.688] IsWindowUnicode (hWnd=0x2600ea) returned 1
[0248.688] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.688] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.689] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.689] IsWindowUnicode (hWnd=0x2600ea) returned 1
[0248.689] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.689] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.689] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.689] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x2a1, wParam=0x0, lParam=0x70030) returned 0x0
[0248.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0248.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0248.689] WaitMessage () returned 1
[0248.745] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.745] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.746] IsWindowUnicode (hWnd=0x2600ea) returned 1
[0248.746] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.746] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.751] GetDlgItem (hDlg=0x1802d0, nIDDlgItem=0) returned 0x0
[0248.751] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x210, wParam=0x201, lParam=0x650111) returned 0x0
[0248.752] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x21, wParam=0x1802d0, lParam=0x2010001) returned 0x1
[0248.752] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x21, wParam=0x1802d0, lParam=0x2010001) returned 0x1
[0248.752] SetCursor (hCursor=0x10003) returned 0x10003
[0248.752] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.752] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.752] GetKeyState (nVirtKey=1) returned -127
[0248.752] GetKeyState (nVirtKey=2) returned 0
[0248.752] GetKeyState (nVirtKey=4) returned 0
[0248.752] GetKeyState (nVirtKey=5) returned 0
[0248.753] GetKeyState (nVirtKey=6) returned 0
[0248.753] IsWindowVisible (hWnd=0x2600ea) returned 1
[0248.753] IsWindowEnabled (hWnd=0x2600ea) returned 1
[0248.753] SetFocus (hWnd=0x2600ea) returned 0x2502d8
[0248.753] GetFocus () returned 0x2600ea
[0248.753] IsChild (hWndParent=0x1802d0, hWnd=0x2600ea) returned 1
[0248.753] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x8, wParam=0x2600ea, lParam=0x0) returned 0x0
[0248.753] GetCapture () returned 0x0
[0248.753] InvalidateRect (hWnd=0x2502d8, lpRect=0x0, bErase=0) returned 1
[0248.755] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0248.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0248.761] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.761] InvalidateRect (hWnd=0x2502d8, lpRect=0x0, bErase=0) returned 1
[0248.761] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.762] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x7, wParam=0x2502d8, lParam=0x0) returned 0x0
[0248.762] GetStockObject (i=5) returned 0x900015
[0248.762] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0248.762] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0248.762] GetDlgItem (hDlg=0x1802d0, nIDDlgItem=2490602) returned 0x2600ea
[0248.763] SendMessageW (hWnd=0x2600ea, Msg=0x202b, wParam=0x2600ea, lParam=0xd7dddc) returned 0x0
[0248.763] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x202b, wParam=0x2600ea, lParam=0xd7dddc) returned 0x0
[0248.763] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.765] GetFocus () returned 0x2600ea
[0248.765] GetFocus () returned 0x2600ea
[0248.765] GetFocus () returned 0x2600ea
[0248.765] GetKeyState (nVirtKey=1) returned -127
[0248.765] GetKeyState (nVirtKey=2) returned 0
[0248.765] GetKeyState (nVirtKey=4) returned 0
[0248.765] GetKeyState (nVirtKey=5) returned 0
[0248.765] GetKeyState (nVirtKey=6) returned 0
[0248.765] GetCapture () returned 0x0
[0248.765] SetCapture (hWnd=0x2600ea) returned 0x0
[0248.765] GetKeyState (nVirtKey=1) returned -127
[0248.765] GetKeyState (nVirtKey=2) returned 0
[0248.766] GetKeyState (nVirtKey=4) returned 0
[0248.766] GetKeyState (nVirtKey=5) returned 0
[0248.766] GetKeyState (nVirtKey=6) returned 0
[0248.766] NotifyWinEvent (event=0x800a, hwnd=0x2600ea, idObject=-4, idChild=0)
[0248.766] InvalidateRect (hWnd=0x2600ea, lpRect=0xd7e430, bErase=0) returned 1
[0248.766] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.766] IsWindowUnicode (hWnd=0x2600ea) returned 1
[0248.766] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.766] TranslateMessage (lpMsg=0xd7e808) returned 0
[0248.766] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0248.766] MapWindowPoints (in: hWndFrom=0x2600ea, hWndTo=0x0, lpPoints=0x2d55da0, cPoints=0x1 | out: lpPoints=0x2d55da0) returned 30999254
[0248.766] NotifyWinEvent (event=0x800a, hwnd=0x2600ea, idObject=-4, idChild=0)
[0248.766] InvalidateRect (hWnd=0x2600ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0248.766] UpdateWindow (hWnd=0x2600ea) returned 1
[0248.766] BeginPaint (in: hWnd=0x2600ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0248.767] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.767] CreateCompatibleDC (hdc=0x10105d6) returned 0xc50107e9
[0248.767] SelectObject (hdc=0xc50107e9, h=0x4a0507fe) returned 0x85000f
[0248.767] GdipCreateFromHDC (hdc=0xc50107e9, graphics=0xd7df00) returned 0x0
[0248.767] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.767] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0248.768] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0248.768] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0248.768] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df60) returned 0x0
[0248.768] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0248.768] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee8d8) returned 0x0
[0248.768] LocalFree (hMem=0x11ee8d8) returned 0x0
[0248.768] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0248.768] GdipCreateRegion (region=0xd7df48) returned 0x0
[0248.768] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0248.768] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0248.768] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0248.768] GdipRestoreGraphics (graphics=0x6600030, state=0xf84e0dbd) returned 0x0
[0248.768] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0248.768] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0248.768] GetCurrentObject (hdc=0xc50107e9, type=0x1) returned 0xb00017
[0248.768] GetCurrentObject (hdc=0xc50107e9, type=0x2) returned 0x900010
[0248.769] GetCurrentObject (hdc=0xc50107e9, type=0x7) returned 0x4a0507fe
[0248.769] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.769] SaveDC (hdc=0xc50107e9) returned 1
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0x696969) returned 0x696969
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0xa0a0a0) returned 0xa0a0a0
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0x0) returned 0x0
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0xffffff) returned 0xffffff
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0xe5e5e5) returned 0xe5e5e5
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0xd7d7d7) returned 0xd7d7d7
[0248.769] GetNearestColor (hdc=0xc50107e9, color=0x0) returned 0x0
[0248.769] RestoreDC (hdc=0xc50107e9, nSavedDC=-1) returned 1
[0248.770] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107e9) returned 0x0
[0248.770] IsAppThemed () returned 0x1
[0248.770] GetThemeAppProperties () returned 0x3
[0248.770] GetThemeAppProperties () returned 0x3
[0248.770] IsAppThemed () returned 0x1
[0248.770] GetThemeAppProperties () returned 0x3
[0248.770] GetThemeAppProperties () returned 0x3
[0248.770] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d564f8 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0248.770] IsAppThemed () returned 0x1
[0248.770] GetThemeAppProperties () returned 0x3
[0248.770] GetThemeAppProperties () returned 0x3
[0248.771] IsAppThemed () returned 0x1
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] IsAppThemed () returned 0x1
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] IsAppThemed () returned 0x1
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] IsThemePartDefined () returned 0x1
[0248.771] IsAppThemed () returned 0x1
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] GetThemeAppProperties () returned 0x3
[0248.771] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0248.771] IsAppThemed () returned 0x1
[0248.772] GetThemeAppProperties () returned 0x3
[0248.772] GetThemeAppProperties () returned 0x3
[0248.772] IsAppThemed () returned 0x1
[0248.772] GetThemeAppProperties () returned 0x3
[0248.772] GetThemeAppProperties () returned 0x3
[0248.772] IsThemePartDefined () returned 0x1
[0248.772] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0248.772] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0248.772] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0248.772] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0248.772] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc7c) returned 0x0
[0248.772] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0248.772] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0248.772] LocalFree (hMem=0x11ee910) returned 0x0
[0248.773] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0248.773] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0248.773] LocalFree (hMem=0x11ee8d8) returned 0x0
[0248.773] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0248.773] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0248.773] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0248.773] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0248.773] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0248.773] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0248.773] GetCurrentObject (hdc=0xc50107e9, type=0x1) returned 0xb00017
[0248.773] GetCurrentObject (hdc=0xc50107e9, type=0x2) returned 0x900010
[0248.773] GetCurrentObject (hdc=0xc50107e9, type=0x7) returned 0x4a0507fe
[0248.773] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.774] SaveDC (hdc=0xc50107e9) returned 1
[0248.774] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb3040807
[0248.774] GetClipRgn (hdc=0xc50107e9, hrgn=0xb3040807) returned 0
[0248.774] SelectClipRgn (hdc=0xc50107e9, hrgn=0x4f0407de) returned 2
[0248.774] DeleteObject (ho=0xb3040807) returned 1
[0248.774] DeleteObject (ho=0x4f0407de) returned 1
[0248.774] OffsetViewportOrgEx (in: hdc=0xc50107e9, x=0, y=0, lppt=0x2d56ba8 | out: lppt=0x2d56ba8) returned 1
[0248.774] DrawThemeParentBackground () returned 0x0
[0248.775] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0248.775] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0248.775] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.775] GetSystemMetrics (nIndex=42) returned 0
[0248.775] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0248.775] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0248.775] GetCurrentObject (hdc=0xc50107e9, type=0x1) returned 0xb00017
[0248.775] GetCurrentObject (hdc=0xc50107e9, type=0x2) returned 0x900010
[0248.775] GetCurrentObject (hdc=0xc50107e9, type=0x7) returned 0x4a0507fe
[0248.775] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.776] SaveDC (hdc=0xc50107e9) returned 2
[0248.776] GetNearestColor (hdc=0xc50107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.776] CreateSolidBrush (color=0xf0f0f0) returned 0xa11007e1
[0248.776] FillRect (hDC=0xc50107e9, lprc=0xd7d6c8, hbr=0xa11007e1) returned 1
[0248.776] DeleteObject (ho=0xa11007e1) returned 1
[0248.776] RestoreDC (hdc=0xc50107e9, nSavedDC=-1) returned 1
[0248.776] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.776] GetSystemMetrics (nIndex=42) returned 0
[0248.776] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0248.777] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0248.777] GetCurrentObject (hdc=0xc50107e9, type=0x1) returned 0xb00017
[0248.777] GetCurrentObject (hdc=0xc50107e9, type=0x2) returned 0x900010
[0248.777] GetCurrentObject (hdc=0xc50107e9, type=0x7) returned 0x4a0507fe
[0248.777] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.777] SaveDC (hdc=0xc50107e9) returned 2
[0248.777] GetNearestColor (hdc=0xc50107e9, color=0xf0f0f0) returned 0xf0f0f0
[0248.777] CreateSolidBrush (color=0xf0f0f0) returned 0xa21007e1
[0248.777] FillRect (hDC=0xc50107e9, lprc=0xd7d668, hbr=0xa21007e1) returned 1
[0248.777] DeleteObject (ho=0xa21007e1) returned 1
[0248.777] RestoreDC (hdc=0xc50107e9, nSavedDC=-1) returned 1
[0248.777] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.778] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.778] GetSystemMetrics (nIndex=42) returned 0
[0248.778] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.778] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0248.778] RestoreDC (hdc=0xc50107e9, nSavedDC=-1) returned 1
[0248.780] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107e9) returned 0x0
[0248.780] IsAppThemed () returned 0x1
[0248.780] GetThemeAppProperties () returned 0x3
[0248.780] GetThemeAppProperties () returned 0x3
[0248.780] IsAppThemed () returned 0x1
[0248.780] GetThemeAppProperties () returned 0x3
[0248.780] GetThemeAppProperties () returned 0x3
[0248.780] IsThemePartDefined () returned 0x1
[0248.780] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0248.781] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0248.781] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0248.781] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0248.781] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc00) returned 0x0
[0248.781] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0248.781] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0248.781] LocalFree (hMem=0x11ee868) returned 0x0
[0248.781] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.781] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0248.781] LocalFree (hMem=0x11ee788) returned 0x0
[0248.781] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0248.781] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0248.781] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0248.782] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0248.782] GdipDeleteRegion (region=0x6646448) returned 0x0
[0248.782] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0248.782] GetCurrentObject (hdc=0xc50107e9, type=0x1) returned 0xb00017
[0248.782] GetCurrentObject (hdc=0xc50107e9, type=0x2) returned 0x900010
[0248.782] GetCurrentObject (hdc=0xc50107e9, type=0x7) returned 0x4a0507fe
[0248.782] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.782] SaveDC (hdc=0xc50107e9) returned 1
[0248.782] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x500407de
[0248.782] GetClipRgn (hdc=0xc50107e9, hrgn=0x500407de) returned 0
[0248.782] SelectClipRgn (hdc=0xc50107e9, hrgn=0xb5040807) returned 2
[0248.782] DeleteObject (ho=0x500407de) returned 1
[0248.783] DeleteObject (ho=0xb5040807) returned 1
[0248.783] OffsetViewportOrgEx (in: hdc=0xc50107e9, x=0, y=0, lppt=0x2d5752c | out: lppt=0x2d5752c) returned 1
[0248.783] IsAppThemed () returned 0x1
[0248.783] GetThemeAppProperties () returned 0x3
[0248.783] GetThemeAppProperties () returned 0x3
[0248.783] DrawThemeBackground () returned 0x0
[0248.783] RestoreDC (hdc=0xc50107e9, nSavedDC=-1) returned 1
[0248.783] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107e9) returned 0x0
[0248.783] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0248.783] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0248.783] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0248.784] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0248.784] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc04) returned 0x0
[0248.784] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.784] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0248.784] LocalFree (hMem=0x11ee788) returned 0x0
[0248.785] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0248.785] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0248.785] LocalFree (hMem=0x11ee788) returned 0x0
[0248.785] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0248.785] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0248.785] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0248.785] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0248.785] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.785] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0248.785] GetCurrentObject (hdc=0xc50107e9, type=0x1) returned 0xb00017
[0248.785] GetCurrentObject (hdc=0xc50107e9, type=0x2) returned 0x900010
[0248.785] GetCurrentObject (hdc=0xc50107e9, type=0x7) returned 0x4a0507fe
[0248.785] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.786] SaveDC (hdc=0xc50107e9) returned 1
[0248.786] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb6040807
[0248.786] GetClipRgn (hdc=0xc50107e9, hrgn=0xb6040807) returned 0
[0248.786] SelectClipRgn (hdc=0xc50107e9, hrgn=0x510407de) returned 2
[0248.786] DeleteObject (ho=0xb6040807) returned 1
[0248.786] DeleteObject (ho=0x510407de) returned 1
[0248.786] OffsetViewportOrgEx (in: hdc=0xc50107e9, x=0, y=0, lppt=0x2d57800 | out: lppt=0x2d57800) returned 1
[0248.786] IsAppThemed () returned 0x1
[0248.786] GetThemeAppProperties () returned 0x3
[0248.787] GetThemeAppProperties () returned 0x3
[0248.787] GetThemeBackgroundContentRect () returned 0x0
[0248.787] RestoreDC (hdc=0xc50107e9, nSavedDC=-1) returned 1
[0248.787] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107e9) returned 0x0
[0248.787] IsAppThemed () returned 0x1
[0248.787] GetThemeAppProperties () returned 0x3
[0248.787] GetThemeAppProperties () returned 0x3
[0248.787] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0248.787] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0248.787] GetCurrentObject (hdc=0xc50107e9, type=0x1) returned 0xb00017
[0248.787] GetCurrentObject (hdc=0xc50107e9, type=0x2) returned 0x900010
[0248.787] GetCurrentObject (hdc=0xc50107e9, type=0x7) returned 0x4a0507fe
[0248.787] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.788] SaveDC (hdc=0xc50107e9) returned 1
[0248.788] GetTextAlign (hdc=0xc50107e9) returned 0x0
[0248.788] GetTextColor (hdc=0xc50107e9) returned 0x0
[0248.788] GetCurrentObject (hdc=0xc50107e9, type=0x6) returned 0x8a01c2
[0248.788] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0248.788] SelectObject (hdc=0xc50107e9, h=0x6d0a0520) returned 0x8a01c2
[0248.788] GetBkMode (hdc=0xc50107e9) returned 2
[0248.788] SetBkMode (hdc=0xc50107e9, mode=1) returned 2
[0248.788] DrawTextExW (in: hdc=0xc50107e9, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d57ba0 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0248.789] DrawTextExW (in: hdc=0xc50107e9, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d57ba0 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0248.789] RestoreDC (hdc=0xc50107e9, nSavedDC=-1) returned 1
[0248.789] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107e9) returned 0x0
[0248.789] GetFocus () returned 0x2600ea
[0248.789] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0248.789] SendMessageW (hWnd=0x1802d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0248.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0248.790] IsAppThemed () returned 0x1
[0248.790] GetThemeAppProperties () returned 0x3
[0248.790] GetThemeAppProperties () returned 0x3
[0248.790] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0248.790] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xc50107e9, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.790] GdipReleaseDC (graphics=0x6600030, hdc=0xc50107e9) returned 0x0
[0248.790] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.790] SelectObject (hdc=0xc50107e9, h=0x85000f) returned 0x4a0507fe
[0248.790] DeleteDC (hdc=0xc50107e9) returned 1
[0248.790] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.791] EndPaint (hWnd=0x2600ea, lpPaint=0xd7dee4) returned 1
[0248.791] MapWindowPoints (in: hWndFrom=0x2600ea, hWndTo=0x0, lpPoints=0x2d57c9c, cPoints=0x1 | out: lpPoints=0x2d57c9c) returned 30999254
[0248.791] WindowFromPoint (Point=0x306) returned 0x2600ea
[0248.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.792] NotifyWinEvent (event=0x800a, hwnd=0x2600ea, idObject=-4, idChild=0)
[0248.792] NotifyWinEvent (event=0x800c, hwnd=0x2600ea, idObject=-4, idChild=0)
[0248.792] GetCapture () returned 0x2600ea
[0248.792] ReleaseCapture () returned 1
[0248.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0248.792] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0248.793] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.793] IsWindow (hWnd=0x7005c) returned 1
[0248.793] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0248.794] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0248.794] IsWindow (hWnd=0x1802d0) returned 1
[0248.794] SetActiveWindow (hWnd=0x1802d0) returned 0x1802d0
[0248.794] IsWindow (hWnd=0x1802d0) returned 1
[0248.794] SetFocus (hWnd=0x1802d0) returned 0x2600ea
[0248.795] GetFocus () returned 0x1802d0
[0248.795] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x8, wParam=0x1802d0, lParam=0x0) returned 0x0
[0248.795] GetCapture () returned 0x0
[0248.795] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.796] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0248.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0248.799] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.799] GetFocus () returned 0x1802d0
[0248.803] SetFocus (hWnd=0x2600ea) returned 0x1802d0
[0248.808] GetFocus () returned 0x2600ea
[0248.808] IsChild (hWndParent=0x1802d0, hWnd=0x2600ea) returned 1
[0248.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x8, wParam=0x2600ea, lParam=0x0) returned 0x0
[0248.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0248.822] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0248.824] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x7, wParam=0x1802d0, lParam=0x0) returned 0x0
[0248.824] GetStockObject (i=5) returned 0x900015
[0248.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0248.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0248.824] GetDlgItem (hDlg=0x1802d0, nIDDlgItem=2490602) returned 0x2600ea
[0248.825] SendMessageW (hWnd=0x2600ea, Msg=0x202b, wParam=0x2600ea, lParam=0xd7ddcc) returned 0x0
[0248.825] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x202b, wParam=0x2600ea, lParam=0xd7ddcc) returned 0x0
[0248.825] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.827] GetWindowLongW (hWnd=0x1802d0, nIndex=-8) returned 458844
[0248.827] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0248.827] GetCurrentThreadId () returned 0xf50
[0248.827] IsWindow (hWnd=0x7005c) returned 1
[0248.827] IsWindow (hWnd=0x7005c) returned 1
[0248.827] IsWindowVisible (hWnd=0x7005c) returned 1
[0248.827] SetActiveWindow (hWnd=0x7005c) returned 0x1802d0
[0248.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0248.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0248.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0248.831] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0248.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0248.831] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0248.831] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0248.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1802d0) returned 0x1
[0248.836] GetFocus () returned 0x2600ea
[0248.836] SetFocus (hWnd=0x602c4) returned 0x2600ea
[0248.836] GetFocus () returned 0x602c4
[0248.836] IsChild (hWndParent=0x1802d0, hWnd=0x602c4) returned 0
[0248.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0248.836] GetCapture () returned 0x0
[0248.836] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.837] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0248.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0248.840] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.840] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0248.845] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0248.845] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0248.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2600ea, lParam=0x0) returned 0x0
[0248.845] GetStockObject (i=5) returned 0x900015
[0248.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0248.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8c8) returned 0xc
[0248.846] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0248.846] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0248.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0248.846] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0248.847] GetFocus () returned 0x602c4
[0248.847] IsChild (hWndParent=0x1802d0, hWnd=0x602c4) returned 0
[0248.847] ShowWindow (hWnd=0x1802d0, nCmdShow=0) returned 1
[0248.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0248.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0248.849] GetWindowPlacement (in: hWnd=0x1802d0, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0248.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0248.849] GetClientRect (in: hWnd=0x1802d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0248.849] GetWindowRect (in: hWnd=0x1802d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0248.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0248.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0248.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0248.851] GetWindowLongW (hWnd=0x1802d0, nIndex=-20) returned 327945
[0248.851] DestroyWindow (hWnd=0x1802d0) returned 1
[0248.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0248.851] GetWindowTextLengthW (hWnd=0x1802d0) returned 24
[0248.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0248.851] GetSystemMetrics (nIndex=42) returned 0
[0248.851] GetWindowTextW (in: hWnd=0x1802d0, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0248.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0248.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0248.852] GetWindowTextLengthW (hWnd=0x2302de) returned 0
[0248.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0248.852] GetSystemMetrics (nIndex=42) returned 0
[0248.852] GetWindowTextW (in: hWnd=0x2302de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0248.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0248.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0248.852] GetWindowThreadProcessId (in: hWnd=0x2302da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0248.852] GetWindow (hWnd=0x2302da, uCmd=0x5) returned 0x0
[0248.852] GetWindowLongW (hWnd=0x2302da, nIndex=-20) returned 65792
[0248.852] DestroyWindow (hWnd=0x2302da) returned 1
[0248.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0248.852] GetWindowTextLengthW (hWnd=0x2302da) returned 25
[0248.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0248.852] GetSystemMetrics (nIndex=42) returned 0
[0248.852] GetWindowTextW (in: hWnd=0x2302da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0248.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0248.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0248.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.854] GetWindowTextLengthW (hWnd=0x1902ce) returned 232
[0248.854] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0248.854] GetSystemMetrics (nIndex=42) returned 0
[0248.854] GetWindowTextW (in: hWnd=0x1902ce, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0248.854] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0248.854] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0248.854] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0248.854] InvalidateRect (hWnd=0x2600ea, lpRect=0x0, bErase=0) returned 1
[0248.854] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0248.854] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0248.855] SendMessageW (hWnd=0x1d02c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0248.855] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0248.855] SendMessageW (hWnd=0x1d02c8, Msg=0xb0, wParam=0x2d47c40, lParam=0xd7e480) returned 0x0
[0248.855] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0xb0, wParam=0x2d47c40, lParam=0xd7e480) returned 0x0
[0248.855] GetWindowTextLengthW (hWnd=0x1d02c8) returned 4363
[0248.855] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0248.855] GetSystemMetrics (nIndex=42) returned 0
[0248.855] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0248.855] GetWindowTextW (in: hWnd=0x1d02c8, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0248.855] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0248.855] CoTaskMemFree (pv=0x120a4b0)
[0248.855] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0248.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.857] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1902ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.858] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.872] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2600ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.873] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.874] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1d02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.877] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1802d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0248.878] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.878] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.878] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.878] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.878] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.879] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.879] IsWindowUnicode (hWnd=0x7005c) returned 1
[0248.879] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.879] SetCursor (hCursor=0x10003) returned 0x10003
[0248.880] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.880] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.880] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0248.880] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0248.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0248.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b0248) returned 0x0
[0248.880] GetKeyState (nVirtKey=1) returned 1
[0248.880] GetKeyState (nVirtKey=2) returned 0
[0248.880] GetKeyState (nVirtKey=4) returned 0
[0248.880] GetKeyState (nVirtKey=5) returned 0
[0248.880] GetKeyState (nVirtKey=6) returned 0
[0248.880] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.881] IsWindowUnicode (hWnd=0x7005c) returned 1
[0248.881] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.881] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.881] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.881] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.881] IsWindowUnicode (hWnd=0x7005c) returned 1
[0248.881] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00306) returned 0x1
[0248.882] SetCursor (hCursor=0x10003) returned 0x10003
[0248.882] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.882] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b0248) returned 0x0
[0248.882] GetKeyState (nVirtKey=1) returned 1
[0248.882] GetKeyState (nVirtKey=2) returned 0
[0248.882] GetKeyState (nVirtKey=4) returned 0
[0248.882] GetKeyState (nVirtKey=5) returned 0
[0248.882] GetKeyState (nVirtKey=6) returned 0
[0248.882] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.883] IsWindowUnicode (hWnd=0x602c4) returned 1
[0248.883] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.883] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.883] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.884] IsWindowUnicode (hWnd=0x602c4) returned 1
[0248.884] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.884] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.884] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.884] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0248.884] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.885] CreateCompatibleDC (hdc=0x10105d6) returned 0x680107a2
[0248.885] SelectObject (hdc=0x680107a2, h=0x4a0507fe) returned 0x85000f
[0248.885] GdipCreateFromHDC (hdc=0x680107a2, graphics=0xd7e798) returned 0x0
[0248.885] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0248.885] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0248.885] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0248.885] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0248.885] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e7f8) returned 0x0
[0248.885] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.885] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0248.885] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.885] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0248.886] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0248.886] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0248.886] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0248.886] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0248.886] GdipRestoreGraphics (graphics=0x6600030, state=0xf84c0dbd) returned 0x0
[0248.886] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0248.886] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0248.886] GetCurrentObject (hdc=0x680107a2, type=0x1) returned 0xb00017
[0248.886] GetCurrentObject (hdc=0x680107a2, type=0x2) returned 0x900010
[0248.886] GetCurrentObject (hdc=0x680107a2, type=0x7) returned 0x4a0507fe
[0248.886] GetCurrentObject (hdc=0x680107a2, type=0x6) returned 0x8a01c2
[0248.886] SaveDC (hdc=0x680107a2) returned 1
[0248.887] GetNearestColor (hdc=0x680107a2, color=0xff) returned 0xff
[0248.887] GetNearestColor (hdc=0x680107a2, color=0x55) returned 0x55
[0248.887] GetNearestColor (hdc=0x680107a2, color=0x0) returned 0x0
[0248.887] GetNearestColor (hdc=0x680107a2, color=0x55) returned 0x55
[0248.887] GetNearestColor (hdc=0x680107a2, color=0x0) returned 0x0
[0248.887] GetNearestColor (hdc=0x680107a2, color=0x8080ff) returned 0x8080ff
[0248.887] GetNearestColor (hdc=0x680107a2, color=0x7373e5) returned 0x7373e5
[0248.887] GetNearestColor (hdc=0x680107a2, color=0xe5) returned 0xe5
[0248.887] GetNearestColor (hdc=0x680107a2, color=0x0) returned 0x0
[0248.887] RestoreDC (hdc=0x680107a2, nSavedDC=-1) returned 1
[0248.932] GdipReleaseDC (graphics=0x6600030, hdc=0x680107a2) returned 0x0
[0248.932] IsAppThemed () returned 0x1
[0248.933] GetThemeAppProperties () returned 0x3
[0248.933] GetThemeAppProperties () returned 0x3
[0248.933] IsAppThemed () returned 0x1
[0248.933] GetThemeAppProperties () returned 0x3
[0248.933] GetThemeAppProperties () returned 0x3
[0248.933] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d5fadc | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0248.933] IsAppThemed () returned 0x1
[0248.933] GetThemeAppProperties () returned 0x3
[0248.933] GetThemeAppProperties () returned 0x3
[0248.933] IsAppThemed () returned 0x1
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] GetFocus () returned 0x602c4
[0248.934] IsAppThemed () returned 0x1
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] IsAppThemed () returned 0x1
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] IsThemePartDefined () returned 0x1
[0248.934] IsAppThemed () returned 0x1
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] GetThemeAppProperties () returned 0x3
[0248.934] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0248.935] IsAppThemed () returned 0x1
[0248.935] GetThemeAppProperties () returned 0x3
[0248.935] GetThemeAppProperties () returned 0x3
[0248.935] IsAppThemed () returned 0x1
[0248.935] GetThemeAppProperties () returned 0x3
[0248.935] GetThemeAppProperties () returned 0x3
[0248.935] IsThemePartDefined () returned 0x1
[0248.935] GdipCreateRegion (region=0xd7e508) returned 0x0
[0248.935] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0248.935] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0248.935] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0248.935] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e520) returned 0x0
[0248.935] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.936] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0248.936] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.936] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.936] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0248.936] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.936] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0248.936] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e548) returned 0x0
[0248.936] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e538) returned 0x0
[0248.936] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0248.936] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0248.936] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0248.936] GetCurrentObject (hdc=0x680107a2, type=0x1) returned 0xb00017
[0248.936] GetCurrentObject (hdc=0x680107a2, type=0x2) returned 0x900010
[0248.936] GetCurrentObject (hdc=0x680107a2, type=0x7) returned 0x4a0507fe
[0248.936] GetCurrentObject (hdc=0x680107a2, type=0x6) returned 0x8a01c2
[0248.936] SaveDC (hdc=0x680107a2) returned 1
[0248.937] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x520407de
[0248.937] GetClipRgn (hdc=0x680107a2, hrgn=0x520407de) returned 0
[0248.937] SelectClipRgn (hdc=0x680107a2, hrgn=0xba040807) returned 2
[0248.937] DeleteObject (ho=0x520407de) returned 1
[0248.937] DeleteObject (ho=0xba040807) returned 1
[0248.937] OffsetViewportOrgEx (in: hdc=0x680107a2, x=0, y=0, lppt=0x2d6018c | out: lppt=0x2d6018c) returned 1
[0248.937] DrawThemeParentBackground () returned 0x0
[0248.937] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0248.937] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0248.937] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.937] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.937] GetSystemMetrics (nIndex=42) returned 0
[0248.937] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.937] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0248.938] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0248.938] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0248.938] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0248.938] SelectPalette (hdc=0x680107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.938] GdipCreateFromHDC (hdc=0x680107a2, graphics=0xd7dff8) returned 0x0
[0248.938] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0248.938] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0248.938] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c98) returned 0x0
[0248.938] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfd0) returned 0x0
[0248.939] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0248.939] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0248.939] GdipGetClip (graphics=0x663e568, region=0x6646ef8) returned 0x0
[0248.939] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x663e568, result=0xd7dfc4) returned 0x0
[0248.939] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0248.939] GdipSaveGraphics (graphics=0x663e568, state=0xd7dff0) returned 0x0
[0248.939] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0248.947] GdipFillRectangleI (graphics=0x663e568, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0248.947] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0248.949] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0248.949] SelectPalette (hdc=0x680107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.949] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.949] GetSystemMetrics (nIndex=42) returned 0
[0248.949] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0248.949] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0248.949] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0248.949] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0248.950] SelectPalette (hdc=0x680107a2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0248.950] GdipCreateFromHDC (hdc=0x680107a2, graphics=0xd7df98) returned 0x0
[0248.950] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0248.950] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0248.950] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c68) returned 0x0
[0248.950] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df70) returned 0x0
[0248.957] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0248.957] GdipCreateRegion (region=0xd7df58) returned 0x0
[0248.957] GdipGetClip (graphics=0x663e568, region=0x66464d8) returned 0x0
[0248.957] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x663e568, result=0xd7df64) returned 0x0
[0248.957] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0248.957] GdipSaveGraphics (graphics=0x663e568, state=0xd7df90) returned 0x0
[0248.957] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0248.965] GdipFillRectangleI (graphics=0x663e568, brush=0x6653918, x=0, y=0, width=801, height=453) returned 0x0
[0248.965] GdipDeleteBrush (brush=0x6653918) returned 0x0
[0248.974] GdipRestoreGraphics (graphics=0x663e568, state=0xf8480dbd) returned 0x0
[0248.974] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0248.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0248.974] GetSystemMetrics (nIndex=42) returned 0
[0248.974] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0248.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0248.974] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0248.974] SelectPalette (hdc=0x680107a2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.974] RestoreDC (hdc=0x680107a2, nSavedDC=-1) returned 1
[0248.974] GdipReleaseDC (graphics=0x6600030, hdc=0x680107a2) returned 0x0
[0248.974] IsAppThemed () returned 0x1
[0248.975] GetThemeAppProperties () returned 0x3
[0248.975] GetThemeAppProperties () returned 0x3
[0248.975] IsAppThemed () returned 0x1
[0248.975] GetThemeAppProperties () returned 0x3
[0248.975] GetThemeAppProperties () returned 0x3
[0248.975] IsThemePartDefined () returned 0x1
[0248.975] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0248.975] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0248.975] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0248.975] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0248.975] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e4a4) returned 0x0
[0248.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0248.975] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0248.975] LocalFree (hMem=0x11eea60) returned 0x0
[0248.975] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0248.975] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eead0) returned 0x0
[0248.975] LocalFree (hMem=0x11eead0) returned 0x0
[0248.976] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0248.976] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0248.976] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0248.976] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0248.976] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0248.976] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0248.976] GetCurrentObject (hdc=0x680107a2, type=0x1) returned 0xb00017
[0248.976] GetCurrentObject (hdc=0x680107a2, type=0x2) returned 0x900010
[0248.976] GetCurrentObject (hdc=0x680107a2, type=0x7) returned 0x4a0507fe
[0248.976] GetCurrentObject (hdc=0x680107a2, type=0x6) returned 0x8a01c2
[0248.976] SaveDC (hdc=0x680107a2) returned 1
[0248.976] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbb040807
[0248.976] GetClipRgn (hdc=0x680107a2, hrgn=0xbb040807) returned 0
[0248.976] SelectClipRgn (hdc=0x680107a2, hrgn=0x540407de) returned 2
[0248.976] DeleteObject (ho=0xbb040807) returned 1
[0248.977] DeleteObject (ho=0x540407de) returned 1
[0248.977] OffsetViewportOrgEx (in: hdc=0x680107a2, x=0, y=0, lppt=0x2d669dc | out: lppt=0x2d669dc) returned 1
[0248.977] IsAppThemed () returned 0x1
[0248.977] GetThemeAppProperties () returned 0x3
[0248.977] GetThemeAppProperties () returned 0x3
[0248.977] DrawThemeBackground () returned 0x0
[0248.977] RestoreDC (hdc=0x680107a2, nSavedDC=-1) returned 1
[0248.977] GdipReleaseDC (graphics=0x6600030, hdc=0x680107a2) returned 0x0
[0248.977] GdipCreateRegion (region=0xd7e490) returned 0x0
[0248.977] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0248.977] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0248.977] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0248.977] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e4a8) returned 0x0
[0248.977] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0248.977] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0248.978] LocalFree (hMem=0x11ee9f0) returned 0x0
[0248.978] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0248.978] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0248.978] LocalFree (hMem=0x11eecc8) returned 0x0
[0248.978] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0248.978] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0248.978] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0248.978] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0248.978] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0248.978] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0248.978] GetCurrentObject (hdc=0x680107a2, type=0x1) returned 0xb00017
[0248.978] GetCurrentObject (hdc=0x680107a2, type=0x2) returned 0x900010
[0248.978] GetCurrentObject (hdc=0x680107a2, type=0x7) returned 0x4a0507fe
[0248.979] GetCurrentObject (hdc=0x680107a2, type=0x6) returned 0x8a01c2
[0248.979] SaveDC (hdc=0x680107a2) returned 1
[0248.979] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x550407de
[0248.979] GetClipRgn (hdc=0x680107a2, hrgn=0x550407de) returned 0
[0248.979] SelectClipRgn (hdc=0x680107a2, hrgn=0xbc040807) returned 2
[0248.979] DeleteObject (ho=0x550407de) returned 1
[0248.979] DeleteObject (ho=0xbc040807) returned 1
[0248.979] OffsetViewportOrgEx (in: hdc=0x680107a2, x=0, y=0, lppt=0x2d66cb0 | out: lppt=0x2d66cb0) returned 1
[0248.979] IsAppThemed () returned 0x1
[0248.979] GetThemeAppProperties () returned 0x3
[0248.979] GetThemeAppProperties () returned 0x3
[0248.979] GetThemeBackgroundContentRect () returned 0x0
[0248.980] RestoreDC (hdc=0x680107a2, nSavedDC=-1) returned 1
[0248.980] GdipReleaseDC (graphics=0x6600030, hdc=0x680107a2) returned 0x0
[0248.980] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0248.980] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0248.980] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0248.980] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0248.980] IsAppThemed () returned 0x1
[0248.980] GetThemeAppProperties () returned 0x3
[0248.980] GetThemeAppProperties () returned 0x3
[0248.980] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0248.980] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0248.980] GetCurrentObject (hdc=0x680107a2, type=0x1) returned 0xb00017
[0248.981] GetCurrentObject (hdc=0x680107a2, type=0x2) returned 0x900010
[0248.981] GetCurrentObject (hdc=0x680107a2, type=0x7) returned 0x4a0507fe
[0248.981] GetCurrentObject (hdc=0x680107a2, type=0x6) returned 0x8a01c2
[0248.981] SaveDC (hdc=0x680107a2) returned 1
[0248.981] GetTextAlign (hdc=0x680107a2) returned 0x0
[0248.981] GetTextColor (hdc=0x680107a2) returned 0x0
[0248.981] GetCurrentObject (hdc=0x680107a2, type=0x6) returned 0x8a01c2
[0248.981] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0248.981] SelectObject (hdc=0x680107a2, h=0x6d0a0520) returned 0x8a01c2
[0248.982] GetBkMode (hdc=0x680107a2) returned 2
[0248.982] SetBkMode (hdc=0x680107a2, mode=1) returned 2
[0248.982] DrawTextExW (in: hdc=0x680107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d67074 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0248.982] DrawTextExW (in: hdc=0x680107a2, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d67074 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0248.983] RestoreDC (hdc=0x680107a2, nSavedDC=-1) returned 1
[0248.983] GdipReleaseDC (graphics=0x6600030, hdc=0x680107a2) returned 0x0
[0248.983] GetFocus () returned 0x602c4
[0248.983] IsAppThemed () returned 0x1
[0248.983] GetThemeAppProperties () returned 0x3
[0248.983] GetThemeAppProperties () returned 0x3
[0248.983] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0248.983] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x680107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0248.983] GdipReleaseDC (graphics=0x6600030, hdc=0x680107a2) returned 0x0
[0248.983] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0248.983] SelectObject (hdc=0x680107a2, h=0x85000f) returned 0x4a0507fe
[0248.984] DeleteDC (hdc=0x680107a2) returned 1
[0248.984] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0248.984] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0248.984] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0248.984] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0248.984] WaitMessage () returned 1
[0248.984] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.984] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.984] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.984] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.984] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.989] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.990] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.990] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.990] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.990] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.990] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.990] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.990] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.990] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.990] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.991] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.991] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.991] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.991] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.991] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.992] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.992] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.992] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.992] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.992] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.992] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.992] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.992] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.993] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.993] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.993] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.993] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.993] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.993] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.993] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.994] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.994] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.994] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.994] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.994] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.995] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.995] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.995] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.995] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.995] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.996] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.996] IsWindowUnicode (hWnd=0x30122) returned 1
[0248.996] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0248.996] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0248.996] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0248.996] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0249.002] IsWindowUnicode (hWnd=0x7005c) returned 1
[0249.002] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0249.002] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0249.002] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0249.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0249.003] IsWindowUnicode (hWnd=0x7005c) returned 1
[0249.003] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0249.003] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0249.003] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0249.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10b0248) returned 0x0
[0249.003] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0249.003] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0249.003] WaitMessage () returned 1
[0249.143] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0249.143] IsWindowUnicode (hWnd=0x502c6) returned 1
[0249.143] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0249.143] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0249.143] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0249.143] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0249.143] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0249.143] WaitMessage () returned 1
[0250.845] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00ef) returned 0x1
[0250.845] IsWindowUnicode (hWnd=0x602c4) returned 1
[0250.845] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.845] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0250.846] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0250.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0250.846] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00ef) returned 0x1
[0250.846] IsWindowUnicode (hWnd=0x602c4) returned 1
[0250.846] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00ef) returned 0x1
[0250.846] SetCursor (hCursor=0x10003) returned 0x10003
[0250.846] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0250.846] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0250.846] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0250.846] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0250.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0250.847] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0250.847] GetKeyState (nVirtKey=1) returned 1
[0250.847] GetKeyState (nVirtKey=2) returned 0
[0250.847] GetKeyState (nVirtKey=4) returned 0
[0250.847] GetKeyState (nVirtKey=5) returned 0
[0250.847] GetKeyState (nVirtKey=6) returned 0
[0250.847] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.847] IsWindowUnicode (hWnd=0x602c4) returned 1
[0250.847] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.847] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0250.847] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0250.847] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0250.847] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0250.848] CreateCompatibleDC (hdc=0x10105d6) returned 0x600107f4
[0250.848] SelectObject (hdc=0x600107f4, h=0x4a0507fe) returned 0x85000f
[0250.848] GdipCreateFromHDC (hdc=0x600107f4, graphics=0xd7e798) returned 0x0
[0250.848] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0250.848] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0250.848] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0250.848] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0250.848] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e7f8) returned 0x0
[0250.848] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0250.848] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0250.849] LocalFree (hMem=0x11ee868) returned 0x0
[0250.849] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0250.849] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0250.849] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0250.849] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0250.849] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0250.849] GdipRestoreGraphics (graphics=0x6600030, state=0xf8460dbd) returned 0x0
[0250.849] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0250.849] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0250.849] GetCurrentObject (hdc=0x600107f4, type=0x1) returned 0xb00017
[0250.849] GetCurrentObject (hdc=0x600107f4, type=0x2) returned 0x900010
[0250.849] GetCurrentObject (hdc=0x600107f4, type=0x7) returned 0x4a0507fe
[0250.849] GetCurrentObject (hdc=0x600107f4, type=0x6) returned 0x8a01c2
[0250.849] SaveDC (hdc=0x600107f4) returned 1
[0250.849] GetNearestColor (hdc=0x600107f4, color=0xff) returned 0xff
[0250.850] GetNearestColor (hdc=0x600107f4, color=0x55) returned 0x55
[0250.850] GetNearestColor (hdc=0x600107f4, color=0x0) returned 0x0
[0250.850] GetNearestColor (hdc=0x600107f4, color=0x55) returned 0x55
[0250.850] GetNearestColor (hdc=0x600107f4, color=0x0) returned 0x0
[0250.850] GetNearestColor (hdc=0x600107f4, color=0x8080ff) returned 0x8080ff
[0250.850] GetNearestColor (hdc=0x600107f4, color=0x7373e5) returned 0x7373e5
[0250.850] GetNearestColor (hdc=0x600107f4, color=0xe5) returned 0xe5
[0250.850] GetNearestColor (hdc=0x600107f4, color=0x0) returned 0x0
[0250.850] RestoreDC (hdc=0x600107f4, nSavedDC=-1) returned 1
[0250.850] GdipReleaseDC (graphics=0x6600030, hdc=0x600107f4) returned 0x0
[0250.850] IsAppThemed () returned 0x1
[0250.850] GetThemeAppProperties () returned 0x3
[0250.850] GetThemeAppProperties () returned 0x3
[0250.850] IsAppThemed () returned 0x1
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d678e8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0250.851] IsAppThemed () returned 0x1
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] IsAppThemed () returned 0x1
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] IsAppThemed () returned 0x1
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] GetThemeAppProperties () returned 0x3
[0250.851] IsAppThemed () returned 0x1
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] IsThemePartDefined () returned 0x1
[0250.852] IsAppThemed () returned 0x1
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0250.852] IsAppThemed () returned 0x1
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] IsAppThemed () returned 0x1
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] GetThemeAppProperties () returned 0x3
[0250.852] IsThemePartDefined () returned 0x1
[0250.852] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0250.852] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0250.852] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0250.852] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0250.852] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e514) returned 0x0
[0250.852] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0250.852] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0250.853] LocalFree (hMem=0x11eec58) returned 0x0
[0250.853] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0250.853] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0250.853] LocalFree (hMem=0x11ee788) returned 0x0
[0250.853] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0250.853] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0250.853] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0250.853] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0250.853] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0250.853] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0250.853] GetCurrentObject (hdc=0x600107f4, type=0x1) returned 0xb00017
[0250.853] GetCurrentObject (hdc=0x600107f4, type=0x2) returned 0x900010
[0250.853] GetCurrentObject (hdc=0x600107f4, type=0x7) returned 0x4a0507fe
[0250.853] GetCurrentObject (hdc=0x600107f4, type=0x6) returned 0x8a01c2
[0250.853] SaveDC (hdc=0x600107f4) returned 1
[0250.853] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbd040807
[0250.854] GetClipRgn (hdc=0x600107f4, hrgn=0xbd040807) returned 0
[0250.854] SelectClipRgn (hdc=0x600107f4, hrgn=0x590407de) returned 2
[0250.854] DeleteObject (ho=0xbd040807) returned 1
[0250.854] DeleteObject (ho=0x590407de) returned 1
[0250.854] OffsetViewportOrgEx (in: hdc=0x600107f4, x=0, y=0, lppt=0x2d67f98 | out: lppt=0x2d67f98) returned 1
[0250.854] DrawThemeParentBackground () returned 0x0
[0250.854] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0250.854] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0250.854] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0250.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0250.854] GetSystemMetrics (nIndex=42) returned 0
[0250.854] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0250.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0250.854] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0250.855] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0250.855] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0250.855] SelectPalette (hdc=0x600107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0250.855] GdipCreateFromHDC (hdc=0x600107f4, graphics=0xd7dff0) returned 0x0
[0250.855] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0250.855] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0250.855] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c68) returned 0x0
[0250.855] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfc8) returned 0x0
[0250.855] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0250.855] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0250.855] GdipGetClip (graphics=0x663e568, region=0x66469e8) returned 0x0
[0250.855] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x663e568, result=0xd7dfbc) returned 0x0
[0250.855] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0250.855] GdipSaveGraphics (graphics=0x663e568, state=0xd7dfe8) returned 0x0
[0250.856] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0250.863] GdipFillRectangleI (graphics=0x663e568, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0250.863] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0250.865] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0250.865] SelectPalette (hdc=0x600107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0250.865] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0250.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0250.865] GetSystemMetrics (nIndex=42) returned 0
[0250.865] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0250.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0250.865] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0250.865] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0250.865] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0250.865] SelectPalette (hdc=0x600107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0250.866] GdipCreateFromHDC (hdc=0x600107f4, graphics=0xd7df90) returned 0x0
[0250.866] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0250.866] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0250.866] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638b78) returned 0x0
[0250.866] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df68) returned 0x0
[0250.866] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0250.866] GdipCreateRegion (region=0xd7df50) returned 0x0
[0250.866] GdipGetClip (graphics=0x663e568, region=0x66469e8) returned 0x0
[0250.866] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x663e568, result=0xd7df5c) returned 0x0
[0250.866] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0250.866] GdipSaveGraphics (graphics=0x663e568, state=0xd7df88) returned 0x0
[0250.866] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0250.873] GdipFillRectangleI (graphics=0x663e568, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0250.873] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0250.875] GdipRestoreGraphics (graphics=0x663e568, state=0xf8420dbd) returned 0x0
[0250.875] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0250.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0250.875] GetSystemMetrics (nIndex=42) returned 0
[0250.875] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0250.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0250.875] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0250.875] SelectPalette (hdc=0x600107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0250.876] RestoreDC (hdc=0x600107f4, nSavedDC=-1) returned 1
[0250.876] GdipReleaseDC (graphics=0x6600030, hdc=0x600107f4) returned 0x0
[0250.876] IsAppThemed () returned 0x1
[0250.876] GetThemeAppProperties () returned 0x3
[0250.876] GetThemeAppProperties () returned 0x3
[0250.876] IsAppThemed () returned 0x1
[0250.876] GetThemeAppProperties () returned 0x3
[0250.876] GetThemeAppProperties () returned 0x3
[0250.876] IsThemePartDefined () returned 0x1
[0250.876] GdipCreateRegion (region=0xd7e480) returned 0x0
[0250.876] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0250.876] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0250.876] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0250.876] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e498) returned 0x0
[0250.877] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0250.877] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee910) returned 0x0
[0250.877] LocalFree (hMem=0x11ee910) returned 0x0
[0250.877] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0250.877] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0250.877] LocalFree (hMem=0x11ee788) returned 0x0
[0250.877] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0250.877] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0250.877] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0250.877] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0250.877] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0250.877] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0250.877] GetCurrentObject (hdc=0x600107f4, type=0x1) returned 0xb00017
[0250.877] GetCurrentObject (hdc=0x600107f4, type=0x2) returned 0x900010
[0250.877] GetCurrentObject (hdc=0x600107f4, type=0x7) returned 0x4a0507fe
[0250.877] GetCurrentObject (hdc=0x600107f4, type=0x6) returned 0x8a01c2
[0250.877] SaveDC (hdc=0x600107f4) returned 1
[0250.878] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a0407de
[0250.878] GetClipRgn (hdc=0x600107f4, hrgn=0x5a0407de) returned 0
[0250.878] SelectClipRgn (hdc=0x600107f4, hrgn=0xbf040807) returned 2
[0250.878] DeleteObject (ho=0x5a0407de) returned 1
[0250.878] DeleteObject (ho=0xbf040807) returned 1
[0250.878] OffsetViewportOrgEx (in: hdc=0x600107f4, x=0, y=0, lppt=0x2d6e7e8 | out: lppt=0x2d6e7e8) returned 1
[0250.878] IsAppThemed () returned 0x1
[0250.878] GetThemeAppProperties () returned 0x3
[0250.878] GetThemeAppProperties () returned 0x3
[0250.878] DrawThemeBackground () returned 0x0
[0250.878] RestoreDC (hdc=0x600107f4, nSavedDC=-1) returned 1
[0250.878] GdipReleaseDC (graphics=0x6600030, hdc=0x600107f4) returned 0x0
[0250.878] GdipCreateRegion (region=0xd7e484) returned 0x0
[0250.878] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0250.878] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0250.879] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0250.879] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e49c) returned 0x0
[0250.879] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0250.879] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0250.879] LocalFree (hMem=0x11ee868) returned 0x0
[0250.879] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0250.879] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0250.879] LocalFree (hMem=0x11ee868) returned 0x0
[0250.879] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0250.879] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0250.879] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0250.879] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0250.879] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0250.879] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0250.879] GetCurrentObject (hdc=0x600107f4, type=0x1) returned 0xb00017
[0250.879] GetCurrentObject (hdc=0x600107f4, type=0x2) returned 0x900010
[0250.879] GetCurrentObject (hdc=0x600107f4, type=0x7) returned 0x4a0507fe
[0250.880] GetCurrentObject (hdc=0x600107f4, type=0x6) returned 0x8a01c2
[0250.880] SaveDC (hdc=0x600107f4) returned 1
[0250.880] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc0040807
[0250.880] GetClipRgn (hdc=0x600107f4, hrgn=0xc0040807) returned 0
[0250.880] SelectClipRgn (hdc=0x600107f4, hrgn=0x5b0407de) returned 2
[0250.880] DeleteObject (ho=0xc0040807) returned 1
[0250.880] DeleteObject (ho=0x5b0407de) returned 1
[0250.880] OffsetViewportOrgEx (in: hdc=0x600107f4, x=0, y=0, lppt=0x2d6eabc | out: lppt=0x2d6eabc) returned 1
[0250.880] IsAppThemed () returned 0x1
[0250.880] GetThemeAppProperties () returned 0x3
[0250.880] GetThemeAppProperties () returned 0x3
[0250.880] GetThemeBackgroundContentRect () returned 0x0
[0250.880] RestoreDC (hdc=0x600107f4, nSavedDC=-1) returned 1
[0250.880] GdipReleaseDC (graphics=0x6600030, hdc=0x600107f4) returned 0x0
[0250.880] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0250.880] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0250.881] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0250.881] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0250.881] IsAppThemed () returned 0x1
[0250.881] GetThemeAppProperties () returned 0x3
[0250.881] GetThemeAppProperties () returned 0x3
[0250.881] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0250.881] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0250.881] GetCurrentObject (hdc=0x600107f4, type=0x1) returned 0xb00017
[0250.881] GetCurrentObject (hdc=0x600107f4, type=0x2) returned 0x900010
[0250.881] GetCurrentObject (hdc=0x600107f4, type=0x7) returned 0x4a0507fe
[0250.881] GetCurrentObject (hdc=0x600107f4, type=0x6) returned 0x8a01c2
[0250.881] SaveDC (hdc=0x600107f4) returned 1
[0250.881] GetTextAlign (hdc=0x600107f4) returned 0x0
[0250.881] GetTextColor (hdc=0x600107f4) returned 0x0
[0250.881] GetCurrentObject (hdc=0x600107f4, type=0x6) returned 0x8a01c2
[0250.881] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0250.882] SelectObject (hdc=0x600107f4, h=0x6d0a0520) returned 0x8a01c2
[0250.882] GetBkMode (hdc=0x600107f4) returned 2
[0250.882] SetBkMode (hdc=0x600107f4, mode=1) returned 2
[0250.882] DrawTextExW (in: hdc=0x600107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d6ee80 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0250.882] DrawTextExW (in: hdc=0x600107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d6ee80 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0250.883] RestoreDC (hdc=0x600107f4, nSavedDC=-1) returned 1
[0250.883] GdipReleaseDC (graphics=0x6600030, hdc=0x600107f4) returned 0x0
[0250.883] GetFocus () returned 0x602c4
[0250.883] IsAppThemed () returned 0x1
[0250.883] GetThemeAppProperties () returned 0x3
[0250.883] GetThemeAppProperties () returned 0x3
[0250.883] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0250.883] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x600107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0250.883] GdipReleaseDC (graphics=0x6600030, hdc=0x600107f4) returned 0x0
[0250.884] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0250.884] SelectObject (hdc=0x600107f4, h=0x85000f) returned 0x4a0507fe
[0250.884] DeleteDC (hdc=0x600107f4) returned 1
[0250.884] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0250.884] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0250.884] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0250.884] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0250.884] WaitMessage () returned 1
[0250.950] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.951] IsWindowUnicode (hWnd=0x602c4) returned 1
[0250.951] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.951] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0250.951] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0250.951] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.951] IsWindowUnicode (hWnd=0x602c4) returned 1
[0250.951] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0250.951] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0250.951] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0250.951] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x60014) returned 0x0
[0250.951] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0250.951] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0250.951] WaitMessage () returned 1
[0251.095] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.095] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00ef) returned 0x1
[0251.096] IsWindowUnicode (hWnd=0x602c4) returned 1
[0251.096] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.096] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00ef) returned 0x1
[0251.096] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0251.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1980031) returned 0x0
[0251.096] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0251.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0251.096] SetCursor (hCursor=0x10003) returned 0x10003
[0251.096] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.096] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.096] GetKeyState (nVirtKey=1) returned -128
[0251.096] GetKeyState (nVirtKey=2) returned 0
[0251.096] GetKeyState (nVirtKey=4) returned 0
[0251.097] GetKeyState (nVirtKey=5) returned 0
[0251.097] GetKeyState (nVirtKey=6) returned 0
[0251.097] IsWindowVisible (hWnd=0x602c4) returned 1
[0251.097] IsWindowEnabled (hWnd=0x602c4) returned 1
[0251.097] SetFocus (hWnd=0x602c4) returned 0x602c4
[0251.097] GetFocus () returned 0x602c4
[0251.097] GetFocus () returned 0x602c4
[0251.097] GetFocus () returned 0x602c4
[0251.097] GetKeyState (nVirtKey=1) returned -128
[0251.097] GetKeyState (nVirtKey=2) returned 0
[0251.097] GetKeyState (nVirtKey=4) returned 0
[0251.097] GetKeyState (nVirtKey=5) returned 0
[0251.097] GetKeyState (nVirtKey=6) returned 0
[0251.097] GetCapture () returned 0x0
[0251.097] SetCapture (hWnd=0x602c4) returned 0x0
[0251.097] GetKeyState (nVirtKey=1) returned -128
[0251.097] GetKeyState (nVirtKey=2) returned 0
[0251.097] GetKeyState (nVirtKey=4) returned 0
[0251.097] GetKeyState (nVirtKey=5) returned 0
[0251.097] GetKeyState (nVirtKey=6) returned 0
[0251.097] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0251.097] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0251.097] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.097] IsWindowUnicode (hWnd=0x602c4) returned 1
[0251.097] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.097] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.098] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.098] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d6f004, cPoints=0x1 | out: lpPoints=0x2d6f004) returned 40304859
[0251.098] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0251.098] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0251.098] UpdateWindow (hWnd=0x602c4) returned 1
[0251.098] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0251.098] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.098] CreateCompatibleDC (hdc=0x10105d6) returned 0x610107f4
[0251.098] SelectObject (hdc=0x610107f4, h=0x4a0507fe) returned 0x85000f
[0251.098] GdipCreateFromHDC (hdc=0x610107f4, graphics=0xd7e430) returned 0x0
[0251.098] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.098] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0251.098] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0251.098] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0251.098] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e490) returned 0x0
[0251.098] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0251.099] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0251.099] LocalFree (hMem=0x11eead0) returned 0x0
[0251.099] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0251.099] GdipCreateRegion (region=0xd7e478) returned 0x0
[0251.099] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0251.099] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e484) returned 0x0
[0251.099] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0251.099] GdipRestoreGraphics (graphics=0x6600030, state=0xf8400dbd) returned 0x0
[0251.099] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.099] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0251.099] GetCurrentObject (hdc=0x610107f4, type=0x1) returned 0xb00017
[0251.099] GetCurrentObject (hdc=0x610107f4, type=0x2) returned 0x900010
[0251.099] GetCurrentObject (hdc=0x610107f4, type=0x7) returned 0x4a0507fe
[0251.099] GetCurrentObject (hdc=0x610107f4, type=0x6) returned 0x8a01c2
[0251.099] SaveDC (hdc=0x610107f4) returned 1
[0251.099] GetNearestColor (hdc=0x610107f4, color=0xff) returned 0xff
[0251.099] GetNearestColor (hdc=0x610107f4, color=0x55) returned 0x55
[0251.099] GetNearestColor (hdc=0x610107f4, color=0x0) returned 0x0
[0251.100] GetNearestColor (hdc=0x610107f4, color=0x55) returned 0x55
[0251.100] GetNearestColor (hdc=0x610107f4, color=0x0) returned 0x0
[0251.100] GetNearestColor (hdc=0x610107f4, color=0x8080ff) returned 0x8080ff
[0251.100] GetNearestColor (hdc=0x610107f4, color=0x7373e5) returned 0x7373e5
[0251.100] GetNearestColor (hdc=0x610107f4, color=0xe5) returned 0xe5
[0251.100] GetNearestColor (hdc=0x610107f4, color=0x0) returned 0x0
[0251.100] RestoreDC (hdc=0x610107f4, nSavedDC=-1) returned 1
[0251.100] GdipReleaseDC (graphics=0x6600030, hdc=0x610107f4) returned 0x0
[0251.100] IsAppThemed () returned 0x1
[0251.100] GetThemeAppProperties () returned 0x3
[0251.100] GetThemeAppProperties () returned 0x3
[0251.100] IsAppThemed () returned 0x1
[0251.100] GetThemeAppProperties () returned 0x3
[0251.100] GetThemeAppProperties () returned 0x3
[0251.100] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d6f720 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0251.101] IsAppThemed () returned 0x1
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] IsAppThemed () returned 0x1
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] IsAppThemed () returned 0x1
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] IsAppThemed () returned 0x1
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] IsThemePartDefined () returned 0x1
[0251.101] IsAppThemed () returned 0x1
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.101] IsAppThemed () returned 0x1
[0251.101] GetThemeAppProperties () returned 0x3
[0251.101] GetThemeAppProperties () returned 0x3
[0251.102] IsAppThemed () returned 0x1
[0251.102] GetThemeAppProperties () returned 0x3
[0251.102] GetThemeAppProperties () returned 0x3
[0251.102] IsThemePartDefined () returned 0x1
[0251.102] GdipCreateRegion (region=0xd7e194) returned 0x0
[0251.102] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0251.102] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0251.102] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0251.102] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e1ac) returned 0x0
[0251.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0251.102] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0251.102] LocalFree (hMem=0x11ee8d8) returned 0x0
[0251.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.102] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0251.102] LocalFree (hMem=0x11eec58) returned 0x0
[0251.102] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0251.102] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0251.102] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0251.102] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0251.102] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0251.102] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0251.102] GetCurrentObject (hdc=0x610107f4, type=0x1) returned 0xb00017
[0251.103] GetCurrentObject (hdc=0x610107f4, type=0x2) returned 0x900010
[0251.103] GetCurrentObject (hdc=0x610107f4, type=0x7) returned 0x4a0507fe
[0251.103] GetCurrentObject (hdc=0x610107f4, type=0x6) returned 0x8a01c2
[0251.103] SaveDC (hdc=0x610107f4) returned 1
[0251.103] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5c0407de
[0251.103] GetClipRgn (hdc=0x610107f4, hrgn=0x5c0407de) returned 0
[0251.103] SelectClipRgn (hdc=0x610107f4, hrgn=0xc4040807) returned 2
[0251.103] DeleteObject (ho=0x5c0407de) returned 1
[0251.103] DeleteObject (ho=0xc4040807) returned 1
[0251.103] OffsetViewportOrgEx (in: hdc=0x610107f4, x=0, y=0, lppt=0x2d6fdd0 | out: lppt=0x2d6fdd0) returned 1
[0251.103] DrawThemeParentBackground () returned 0x0
[0251.103] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0251.103] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0251.103] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.103] GetSystemMetrics (nIndex=42) returned 0
[0251.103] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0251.104] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0251.104] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0251.104] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0251.104] SelectPalette (hdc=0x610107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.104] GdipCreateFromHDC (hdc=0x610107f4, graphics=0xd7dc88) returned 0x0
[0251.104] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0251.104] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0251.104] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a58) returned 0x0
[0251.104] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc60) returned 0x0
[0251.104] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0251.104] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0251.104] GdipGetClip (graphics=0x663e568, region=0x6646448) returned 0x0
[0251.104] GdipIsInfiniteRegion (region=0x6646448, graphics=0x663e568, result=0xd7dc54) returned 0x0
[0251.104] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.104] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc80) returned 0x0
[0251.104] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0251.110] GdipFillRectangleI (graphics=0x663e568, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0251.110] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0251.111] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0251.111] SelectPalette (hdc=0x610107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.111] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.111] GetSystemMetrics (nIndex=42) returned 0
[0251.111] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0251.111] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0251.111] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0251.111] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0251.111] SelectPalette (hdc=0x610107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.112] GdipCreateFromHDC (hdc=0x610107f4, graphics=0xd7dc28) returned 0x0
[0251.112] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0251.112] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0251.112] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638bd8) returned 0x0
[0251.112] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc00) returned 0x0
[0251.112] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0251.112] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0251.112] GdipGetClip (graphics=0x663e568, region=0x6646f88) returned 0x0
[0251.112] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x663e568, result=0xd7dbf4) returned 0x0
[0251.112] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0251.112] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc20) returned 0x0
[0251.112] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0251.117] GdipFillRectangleI (graphics=0x663e568, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0251.117] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0251.119] GdipRestoreGraphics (graphics=0x663e568, state=0xf83c0dbd) returned 0x0
[0251.119] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.119] GetSystemMetrics (nIndex=42) returned 0
[0251.119] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0251.119] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0251.119] SelectPalette (hdc=0x610107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.119] RestoreDC (hdc=0x610107f4, nSavedDC=-1) returned 1
[0251.119] GdipReleaseDC (graphics=0x6600030, hdc=0x610107f4) returned 0x0
[0251.119] IsAppThemed () returned 0x1
[0251.119] GetThemeAppProperties () returned 0x3
[0251.119] GetThemeAppProperties () returned 0x3
[0251.119] IsAppThemed () returned 0x1
[0251.119] GetThemeAppProperties () returned 0x3
[0251.119] GetThemeAppProperties () returned 0x3
[0251.120] IsThemePartDefined () returned 0x1
[0251.120] GdipCreateRegion (region=0xd7e118) returned 0x0
[0251.120] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0251.120] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0251.120] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0251.120] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e130) returned 0x0
[0251.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.120] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0251.120] LocalFree (hMem=0x11eec58) returned 0x0
[0251.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0251.120] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea60) returned 0x0
[0251.120] LocalFree (hMem=0x11eea60) returned 0x0
[0251.120] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0251.120] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0251.120] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0251.120] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0251.120] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0251.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0251.120] GetCurrentObject (hdc=0x610107f4, type=0x1) returned 0xb00017
[0251.120] GetCurrentObject (hdc=0x610107f4, type=0x2) returned 0x900010
[0251.120] GetCurrentObject (hdc=0x610107f4, type=0x7) returned 0x4a0507fe
[0251.120] GetCurrentObject (hdc=0x610107f4, type=0x6) returned 0x8a01c2
[0251.120] SaveDC (hdc=0x610107f4) returned 1
[0251.121] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc5040807
[0251.121] GetClipRgn (hdc=0x610107f4, hrgn=0xc5040807) returned 0
[0251.121] SelectClipRgn (hdc=0x610107f4, hrgn=0x5e0407de) returned 2
[0251.121] DeleteObject (ho=0xc5040807) returned 1
[0251.121] DeleteObject (ho=0x5e0407de) returned 1
[0251.121] OffsetViewportOrgEx (in: hdc=0x610107f4, x=0, y=0, lppt=0x2d76620 | out: lppt=0x2d76620) returned 1
[0251.121] IsAppThemed () returned 0x1
[0251.121] GetThemeAppProperties () returned 0x3
[0251.121] GetThemeAppProperties () returned 0x3
[0251.121] DrawThemeBackground () returned 0x0
[0251.121] RestoreDC (hdc=0x610107f4, nSavedDC=-1) returned 1
[0251.121] GdipReleaseDC (graphics=0x6600030, hdc=0x610107f4) returned 0x0
[0251.121] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0251.121] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0251.121] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0251.121] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0251.121] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e134) returned 0x0
[0251.121] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.121] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0251.121] LocalFree (hMem=0x11eec58) returned 0x0
[0251.121] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0251.121] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0251.122] LocalFree (hMem=0x11ee788) returned 0x0
[0251.122] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0251.122] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0251.122] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0251.122] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0251.122] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0251.122] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0251.122] GetCurrentObject (hdc=0x610107f4, type=0x1) returned 0xb00017
[0251.122] GetCurrentObject (hdc=0x610107f4, type=0x2) returned 0x900010
[0251.122] GetCurrentObject (hdc=0x610107f4, type=0x7) returned 0x4a0507fe
[0251.122] GetCurrentObject (hdc=0x610107f4, type=0x6) returned 0x8a01c2
[0251.122] SaveDC (hdc=0x610107f4) returned 1
[0251.122] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f0407de
[0251.122] GetClipRgn (hdc=0x610107f4, hrgn=0x5f0407de) returned 0
[0251.122] SelectClipRgn (hdc=0x610107f4, hrgn=0xc6040807) returned 2
[0251.122] DeleteObject (ho=0x5f0407de) returned 1
[0251.123] DeleteObject (ho=0xc6040807) returned 1
[0251.123] OffsetViewportOrgEx (in: hdc=0x610107f4, x=0, y=0, lppt=0x2d768f4 | out: lppt=0x2d768f4) returned 1
[0251.123] IsAppThemed () returned 0x1
[0251.123] GetThemeAppProperties () returned 0x3
[0251.123] GetThemeAppProperties () returned 0x3
[0251.123] GetThemeBackgroundContentRect () returned 0x0
[0251.123] RestoreDC (hdc=0x610107f4, nSavedDC=-1) returned 1
[0251.123] GdipReleaseDC (graphics=0x6600030, hdc=0x610107f4) returned 0x0
[0251.123] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0251.123] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0251.123] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0251.123] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0251.123] IsAppThemed () returned 0x1
[0251.123] GetThemeAppProperties () returned 0x3
[0251.123] GetThemeAppProperties () returned 0x3
[0251.123] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0251.123] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0251.123] GetCurrentObject (hdc=0x610107f4, type=0x1) returned 0xb00017
[0251.123] GetCurrentObject (hdc=0x610107f4, type=0x2) returned 0x900010
[0251.123] GetCurrentObject (hdc=0x610107f4, type=0x7) returned 0x4a0507fe
[0251.123] GetCurrentObject (hdc=0x610107f4, type=0x6) returned 0x8a01c2
[0251.123] SaveDC (hdc=0x610107f4) returned 1
[0251.124] GetTextAlign (hdc=0x610107f4) returned 0x0
[0251.124] GetTextColor (hdc=0x610107f4) returned 0x0
[0251.124] GetCurrentObject (hdc=0x610107f4, type=0x6) returned 0x8a01c2
[0251.124] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0251.124] SelectObject (hdc=0x610107f4, h=0x6d0a0520) returned 0x8a01c2
[0251.124] GetBkMode (hdc=0x610107f4) returned 2
[0251.124] SetBkMode (hdc=0x610107f4, mode=1) returned 2
[0251.124] DrawTextExW (in: hdc=0x610107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d76cb8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0251.124] DrawTextExW (in: hdc=0x610107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d76cb8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0251.124] RestoreDC (hdc=0x610107f4, nSavedDC=-1) returned 1
[0251.125] GdipReleaseDC (graphics=0x6600030, hdc=0x610107f4) returned 0x0
[0251.125] GetFocus () returned 0x602c4
[0251.125] IsAppThemed () returned 0x1
[0251.125] GetThemeAppProperties () returned 0x3
[0251.125] GetThemeAppProperties () returned 0x3
[0251.125] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0251.125] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x610107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.125] GdipReleaseDC (graphics=0x6600030, hdc=0x610107f4) returned 0x0
[0251.125] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.125] SelectObject (hdc=0x610107f4, h=0x85000f) returned 0x4a0507fe
[0251.125] DeleteDC (hdc=0x610107f4) returned 1
[0251.125] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.125] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0251.126] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d76db4, cPoints=0x1 | out: lpPoints=0x2d76db4) returned 40304859
[0251.126] WindowFromPoint (Point=0xef) returned 0x602c4
[0251.126] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00ef) returned 0x1
[0251.126] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0251.126] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0251.126] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0251.126] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0251.126] GetSystemMetrics (nIndex=42) returned 0
[0251.126] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0251.126] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0251.128] GetCapture () returned 0x602c4
[0251.128] ReleaseCapture () returned 1
[0251.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0251.128] GetProcessWindowStation () returned 0x13c
[0251.128] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.128] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0251.128] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.128] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0251.129] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.129] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0251.129] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.129] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0251.129] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.129] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0251.129] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.129] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0251.129] GetDC (hWnd=0x0) returned 0xf0105ee
[0251.130] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0251.130] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0251.130] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.130] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0251.130] GetSystemMetrics (nIndex=5) returned 1
[0251.130] GetSystemMetrics (nIndex=6) returned 1
[0251.130] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.130] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0251.131] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.131] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0251.136] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0251.136] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0251.137] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.137] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0251.137] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.137] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0251.138] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d7de84 | out: lpData=0x2d7de84) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d7e294, puLen=0xd7e810) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7df3c, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7df90, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e010, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e078, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e0b8, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e140, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e17c, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e1d4, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e204, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e240, puLen=0xd7e790) returned 1
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.139] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d7e294, puLen=0xd7e784) returned 1
[0251.139] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.140] VerQueryValueW (in: pBlock=0x2d7de84, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d7deac, puLen=0xd7e794) returned 1
[0251.140] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0251.140] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0251.140] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.140] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0251.140] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.140] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0251.141] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d7fdf4 | out: lpData=0x2d7fdf4) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d7fe90, puLen=0xd7e810) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ff08, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ff38, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ff74, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ffa4, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7ffec, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80064, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d800a8, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d800e8, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7fee6, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80034, puLen=0xd7e790) returned 1
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d7fe90, puLen=0xd7e784) returned 1
[0251.141] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0251.141] VerQueryValueW (in: pBlock=0x2d7fdf4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d7fe1c, puLen=0xd7e794) returned 1
[0251.142] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0251.142] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0251.142] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.142] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0251.142] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.142] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0251.143] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d820cc | out: lpData=0x2d820cc) returned 1
[0251.143] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d824e0, puLen=0xd7e810) returned 1
[0251.143] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82184, puLen=0xd7e790) returned 1
[0251.143] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d821d8, puLen=0xd7e790) returned 1
[0251.143] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82234, puLen=0xd7e790) returned 1
[0251.143] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82294, puLen=0xd7e790) returned 1
[0251.143] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d822ec, puLen=0xd7e790) returned 1
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82374, puLen=0xd7e790) returned 1
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d823c8, puLen=0xd7e790) returned 1
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82420, puLen=0xd7e790) returned 1
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d82450, puLen=0xd7e790) returned 1
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8248c, puLen=0xd7e790) returned 1
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d824e0, puLen=0xd7e784) returned 1
[0251.144] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.144] VerQueryValueW (in: pBlock=0x2d820cc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d820f4, puLen=0xd7e794) returned 1
[0251.145] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0251.145] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0251.145] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.145] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0251.145] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.145] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0251.146] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d84704 | out: lpData=0x2d84704) returned 1
[0251.146] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d84b04, puLen=0xd7e810) returned 1
[0251.146] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d847bc, puLen=0xd7e790) returned 1
[0251.146] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84810, puLen=0xd7e790) returned 1
[0251.146] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84850, puLen=0xd7e790) returned 1
[0251.146] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d848b8, puLen=0xd7e790) returned 1
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84910, puLen=0xd7e790) returned 1
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84998, puLen=0xd7e790) returned 1
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d849ec, puLen=0xd7e790) returned 1
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84a44, puLen=0xd7e790) returned 1
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84a74, puLen=0xd7e790) returned 1
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d84ab0, puLen=0xd7e790) returned 1
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d84b04, puLen=0xd7e784) returned 1
[0251.147] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.147] VerQueryValueW (in: pBlock=0x2d84704, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8472c, puLen=0xd7e794) returned 1
[0251.148] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0251.148] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0251.148] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.148] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0251.148] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.148] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0251.149] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d86e40 | out: lpData=0x2d86e40) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d87208, puLen=0xd7e810) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86ef8, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86f4c, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86f8c, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d86ff4, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87030, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d870b8, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d870f0, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87148, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d87178, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d871b4, puLen=0xd7e790) returned 1
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d87208, puLen=0xd7e784) returned 1
[0251.150] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.150] VerQueryValueW (in: pBlock=0x2d86e40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d86e68, puLen=0xd7e794) returned 1
[0251.151] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0251.151] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0251.151] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.151] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0251.151] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.151] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0251.152] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d8a4a8 | out: lpData=0x2d8a4a8) returned 1
[0251.152] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d8a888, puLen=0xd7e810) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a560, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a5b4, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a5f4, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a654, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a6a0, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a728, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a770, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a7c8, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a7f8, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8a834, puLen=0xd7e790) returned 1
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d8a888, puLen=0xd7e784) returned 1
[0251.153] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.153] VerQueryValueW (in: pBlock=0x2d8a4a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8a4d0, puLen=0xd7e794) returned 1
[0251.156] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0251.156] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0251.156] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.156] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0251.156] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.156] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0251.157] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d8ccc8 | out: lpData=0x2d8ccc8) returned 1
[0251.157] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d8d0d4, puLen=0xd7e810) returned 1
[0251.157] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8cd80, puLen=0xd7e790) returned 1
[0251.157] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8cdd4, puLen=0xd7e790) returned 1
[0251.157] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8ce28, puLen=0xd7e790) returned 1
[0251.157] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8ce88, puLen=0xd7e790) returned 1
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8cee0, puLen=0xd7e790) returned 1
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8cf68, puLen=0xd7e790) returned 1
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8cfbc, puLen=0xd7e790) returned 1
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d014, puLen=0xd7e790) returned 1
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d044, puLen=0xd7e790) returned 1
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8d080, puLen=0xd7e790) returned 1
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d8d0d4, puLen=0xd7e784) returned 1
[0251.158] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.158] VerQueryValueW (in: pBlock=0x2d8ccc8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8ccf0, puLen=0xd7e794) returned 1
[0251.159] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0251.159] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0251.159] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.159] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0251.159] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.159] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0251.160] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d8f4dc | out: lpData=0x2d8f4dc) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d8f8b4, puLen=0xd7e810) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f594, puLen=0xd7e790) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f5e8, puLen=0xd7e790) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f628, puLen=0xd7e790) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f690, puLen=0xd7e790) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f6d4, puLen=0xd7e790) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f75c, puLen=0xd7e790) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f79c, puLen=0xd7e790) returned 1
[0251.160] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f7f4, puLen=0xd7e790) returned 1
[0251.161] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f824, puLen=0xd7e790) returned 1
[0251.161] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.161] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d8f860, puLen=0xd7e790) returned 1
[0251.161] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.161] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d8f8b4, puLen=0xd7e784) returned 1
[0251.161] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.161] VerQueryValueW (in: pBlock=0x2d8f4dc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d8f504, puLen=0xd7e794) returned 1
[0251.161] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0251.161] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0251.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.162] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0251.162] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.162] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0251.162] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d91a34 | out: lpData=0x2d91a34) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d91e0c, puLen=0xd7e810) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91aec, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91b40, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91b80, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91be8, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91c2c, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91cb4, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91cf4, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91d4c, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91d7c, puLen=0xd7e790) returned 1
[0251.163] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.164] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91db8, puLen=0xd7e790) returned 1
[0251.164] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.164] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d91e0c, puLen=0xd7e784) returned 1
[0251.164] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.164] VerQueryValueW (in: pBlock=0x2d91a34, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d91a5c, puLen=0xd7e794) returned 1
[0251.164] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0251.164] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0251.164] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0251.164] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0251.165] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0251.165] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0251.165] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d9416c | out: lpData=0x2d9416c) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9459c, puLen=0xd7e810) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94224, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94278, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d942e8, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94348, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d943a4, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9442c, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94484, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d944dc, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9450c, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d94548, puLen=0xd7e790) returned 1
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9459c, puLen=0xd7e784) returned 1
[0251.166] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0251.166] VerQueryValueW (in: pBlock=0x2d9416c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d94194, puLen=0xd7e794) returned 1
[0251.166] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0251.167] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.167] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0251.167] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.167] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.167] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1902d0
[0251.168] SetWindowLongW (hWnd=0x1902d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0251.168] GetWindowLongW (hWnd=0x1902d0, nIndex=-4) returned 1950089536
[0251.169] SetWindowLongW (hWnd=0x1902d0, nIndex=-4, dwNewLong=19948654) returned 1950089536
[0251.169] GetWindowLongW (hWnd=0x1902d0, nIndex=-4) returned 19948654
[0251.169] GetWindowLongW (hWnd=0x1902d0, nIndex=-16) returned 113311744
[0251.169] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0251.169] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0251.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0251.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0251.170] GetClientRect (in: hWnd=0x1902d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0251.170] GetWindowRect (in: hWnd=0x1902d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0251.170] SetWindowTextW (hWnd=0x1902d0, lpString="WindowsFormsParkingWindow") returned 1
[0251.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0xc, wParam=0x0, lParam=0x2d58164) returned 0x1
[0251.171] GetParent (hWnd=0x1902d0) returned 0x0
[0251.171] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.171] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1902d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e02c8
[0251.171] SetWindowLongW (hWnd=0x1e02c8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0251.171] GetWindowLongW (hWnd=0x1e02c8, nIndex=-4) returned 1868147648
[0251.171] SetWindowLongW (hWnd=0x1e02c8, nIndex=-4, dwNewLong=19949374) returned 1868147648
[0251.172] GetWindowLongW (hWnd=0x1e02c8, nIndex=-4) returned 19949374
[0251.172] GetWindowLongW (hWnd=0x1e02c8, nIndex=-16) returned 1174405133
[0251.172] GetWindowLongW (hWnd=0x1e02c8, nIndex=-12) returned 0
[0251.172] SetWindowLongW (hWnd=0x1e02c8, nIndex=-12, dwNewLong=1966792) returned 0
[0251.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0251.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0251.172] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0251.173] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0251.173] GetWindowRect (in: hWnd=0x1e02c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0251.173] GetParent (hWnd=0x1e02c8) returned 0x1902d0
[0251.173] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1902d0, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0251.173] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0251.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0251.174] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0251.174] GetWindowRect (in: hWnd=0x1e02c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0251.174] GetParent (hWnd=0x1e02c8) returned 0x1902d0
[0251.174] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1902d0, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0251.174] SendMessageW (hWnd=0x1e02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1e02c8) returned 0x0
[0251.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1e02c8) returned 0x0
[0251.174] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.174] GetParent (hWnd=0x1e02c8) returned 0x1902d0
[0251.174] GdipCreateFromHWND (hwnd=0x1e02c8, graphics=0xd7e844) returned 0x0
[0251.174] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0251.175] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.175] GetForegroundWindow () returned 0x7005c
[0251.175] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.175] GetSystemMetrics (nIndex=42) returned 0
[0251.175] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0251.175] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.175] GetSystemMetrics (nIndex=42) returned 0
[0251.175] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0251.176] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.176] GetCursorPos (in: lpPoint=0x2d985f0 | out: lpPoint=0x2d985f0*(x=239, y=621)) returned 1
[0251.176] MonitorFromPoint (pt=0xef, dwFlags=0x26d) returned 0x10001
[0251.176] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0251.176] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xa90107ef
[0251.176] GetDeviceCaps (hdc=0xa90107ef, index=12) returned 32
[0251.176] GetDeviceCaps (hdc=0xa90107ef, index=14) returned 1
[0251.176] DeleteDC (hdc=0xa90107ef) returned 1
[0251.176] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0251.176] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0251.176] GetSystemMetrics (nIndex=59) returned 1460
[0251.176] GetSystemMetrics (nIndex=60) returned 920
[0251.177] GetSystemMetrics (nIndex=34) returned 136
[0251.177] GetSystemMetrics (nIndex=35) returned 39
[0251.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.177] GetCursorPos (in: lpPoint=0x2d9885c | out: lpPoint=0x2d9885c*(x=239, y=621)) returned 1
[0251.177] MonitorFromPoint (pt=0xf2, dwFlags=0x26e) returned 0x10001
[0251.177] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0251.177] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xaa0107ef
[0251.177] GetDeviceCaps (hdc=0xaa0107ef, index=12) returned 32
[0251.177] GetDeviceCaps (hdc=0xaa0107ef, index=14) returned 1
[0251.177] DeleteDC (hdc=0xaa0107ef) returned 1
[0251.177] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0251.178] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0251.178] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.178] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0251.178] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d98af4 | out: piconinfo=0x2d98af4) returned 1
[0251.178] GetObjectW (in: h=0x10507f8, c=24, pv=0x2d98b10 | out: pv=0x2d98b10) returned 24
[0251.178] GdipCreateBitmapFromHBITMAP (hbm=0x10507f8, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0251.178] GdipGetImageWidth (image=0x664ea70, width=0xd7e750) returned 0x0
[0251.178] GdipGetImageHeight (image=0x664ea70, height=0xd7e748) returned 0x0
[0251.179] GdipGetImagePixelFormat (image=0x664ea70, format=0xd7e740) returned 0x0
[0251.179] GdipBitmapLockBits (bitmap=0x664ea70, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d98bc8) returned 0x0
[0251.179] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0251.179] GdipBitmapLockBits (bitmap=0x664f448, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d98c00) returned 0x0
[0251.179] RtlMoveMemory (in: Destination=0x665bf30, Source=0x6660ed0, Length=0x80 | out: Destination=0x665bf30)
[0251.179] RtlMoveMemory (in: Destination=0x665bfb0, Source=0x6660e50, Length=0x80 | out: Destination=0x665bfb0)
[0251.179] RtlMoveMemory (in: Destination=0x665c030, Source=0x6660dd0, Length=0x80 | out: Destination=0x665c030)
[0251.179] RtlMoveMemory (in: Destination=0x665c0b0, Source=0x6660d50, Length=0x80 | out: Destination=0x665c0b0)
[0251.179] RtlMoveMemory (in: Destination=0x665c130, Source=0x6660cd0, Length=0x80 | out: Destination=0x665c130)
[0251.179] RtlMoveMemory (in: Destination=0x665c1b0, Source=0x6660c50, Length=0x80 | out: Destination=0x665c1b0)
[0251.179] RtlMoveMemory (in: Destination=0x665c230, Source=0x6660bd0, Length=0x80 | out: Destination=0x665c230)
[0251.179] RtlMoveMemory (in: Destination=0x665c2b0, Source=0x6660b50, Length=0x80 | out: Destination=0x665c2b0)
[0251.179] RtlMoveMemory (in: Destination=0x665c330, Source=0x6660ad0, Length=0x80 | out: Destination=0x665c330)
[0251.179] RtlMoveMemory (in: Destination=0x665c3b0, Source=0x6660a50, Length=0x80 | out: Destination=0x665c3b0)
[0251.179] RtlMoveMemory (in: Destination=0x665c430, Source=0x66609d0, Length=0x80 | out: Destination=0x665c430)
[0251.179] RtlMoveMemory (in: Destination=0x665c4b0, Source=0x6660950, Length=0x80 | out: Destination=0x665c4b0)
[0251.179] RtlMoveMemory (in: Destination=0x665c530, Source=0x66608d0, Length=0x80 | out: Destination=0x665c530)
[0251.179] RtlMoveMemory (in: Destination=0x665c5b0, Source=0x6660850, Length=0x80 | out: Destination=0x665c5b0)
[0251.179] RtlMoveMemory (in: Destination=0x665c630, Source=0x66607d0, Length=0x80 | out: Destination=0x665c630)
[0251.179] RtlMoveMemory (in: Destination=0x665c6b0, Source=0x6660750, Length=0x80 | out: Destination=0x665c6b0)
[0251.179] RtlMoveMemory (in: Destination=0x665c730, Source=0x66606d0, Length=0x80 | out: Destination=0x665c730)
[0251.179] RtlMoveMemory (in: Destination=0x665c7b0, Source=0x6660650, Length=0x80 | out: Destination=0x665c7b0)
[0251.180] RtlMoveMemory (in: Destination=0x665c830, Source=0x66605d0, Length=0x80 | out: Destination=0x665c830)
[0251.180] RtlMoveMemory (in: Destination=0x665c8b0, Source=0x6660550, Length=0x80 | out: Destination=0x665c8b0)
[0251.180] RtlMoveMemory (in: Destination=0x665c930, Source=0x66604d0, Length=0x80 | out: Destination=0x665c930)
[0251.180] RtlMoveMemory (in: Destination=0x665c9b0, Source=0x6660450, Length=0x80 | out: Destination=0x665c9b0)
[0251.180] RtlMoveMemory (in: Destination=0x665ca30, Source=0x66603d0, Length=0x80 | out: Destination=0x665ca30)
[0251.180] RtlMoveMemory (in: Destination=0x665cab0, Source=0x6660350, Length=0x80 | out: Destination=0x665cab0)
[0251.180] RtlMoveMemory (in: Destination=0x665cb30, Source=0x66602d0, Length=0x80 | out: Destination=0x665cb30)
[0251.180] RtlMoveMemory (in: Destination=0x665cbb0, Source=0x6660250, Length=0x80 | out: Destination=0x665cbb0)
[0251.180] RtlMoveMemory (in: Destination=0x665cc30, Source=0x66601d0, Length=0x80 | out: Destination=0x665cc30)
[0251.180] RtlMoveMemory (in: Destination=0x665ccb0, Source=0x6660150, Length=0x80 | out: Destination=0x665ccb0)
[0251.180] RtlMoveMemory (in: Destination=0x665cd30, Source=0x66600d0, Length=0x80 | out: Destination=0x665cd30)
[0251.180] RtlMoveMemory (in: Destination=0x665cdb0, Source=0x6660050, Length=0x80 | out: Destination=0x665cdb0)
[0251.180] RtlMoveMemory (in: Destination=0x665ce30, Source=0x665ffd0, Length=0x80 | out: Destination=0x665ce30)
[0251.180] RtlMoveMemory (in: Destination=0x665ceb0, Source=0x665ff50, Length=0x80 | out: Destination=0x665ceb0)
[0251.180] GdipBitmapUnlockBits (bitmap=0x664ea70, lockedBitmapData=0x2d98bc8) returned 0x0
[0251.180] GdipBitmapUnlockBits (bitmap=0x664f448, lockedBitmapData=0x2d98c00) returned 0x0
[0251.180] GdipDisposeImage (image=0x664ea70) returned 0x0
[0251.180] DeleteObject (ho=0x10507f8) returned 1
[0251.180] DeleteObject (ho=0xab0507ef) returned 1
[0251.180] GetCurrentThreadId () returned 0xf50
[0251.180] GetCurrentThreadId () returned 0xf50
[0251.180] SetWindowPos (hWnd=0x1e02c8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0251.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0251.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0251.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0251.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0251.181] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0251.181] GetWindowRect (in: hWnd=0x1e02c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0251.181] GetParent (hWnd=0x1e02c8) returned 0x1902d0
[0251.181] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1902d0, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0251.181] InvalidateRect (hWnd=0x1e02c8, lpRect=0x0, bErase=1) returned 1
[0251.181] GetWindowTextLengthW (hWnd=0x1e02c8) returned 0
[0251.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0251.181] GetSystemMetrics (nIndex=42) returned 0
[0251.181] GetWindowTextW (in: hWnd=0x1e02c8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0251.181] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0251.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0251.182] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0251.182] GetWindowRect (in: hWnd=0x1e02c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0251.182] GetParent (hWnd=0x1e02c8) returned 0x1902d0
[0251.182] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1902d0, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0251.182] GetWindowTextLengthW (hWnd=0x1e02c8) returned 0
[0251.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0251.182] GetSystemMetrics (nIndex=42) returned 0
[0251.182] GetWindowTextW (in: hWnd=0x1e02c8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0251.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0251.182] GetWindowTextLengthW (hWnd=0x1e02c8) returned 0
[0251.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0251.182] GetSystemMetrics (nIndex=42) returned 0
[0251.182] GetWindowTextW (in: hWnd=0x1e02c8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0251.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0251.182] SetWindowTextW (hWnd=0x1e02c8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0251.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xc, wParam=0x0, lParam=0x2d783a8) returned 0x1
[0251.182] InvalidateRect (hWnd=0x1e02c8, lpRect=0x0, bErase=1) returned 1
[0251.182] GetCurrentThreadId () returned 0xf50
[0251.182] GetWindowThreadProcessId (in: hWnd=0x1e02c8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0251.183] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0251.184] GdipImageForceValidation (image=0x664ea70) returned 0x0
[0251.186] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0251.186] GdipGetImageHeight (image=0x664ea70, height=0xd7e824) returned 0x0
[0251.186] GdipGetImageWidth (image=0x664ea70, width=0xd7e824) returned 0x0
[0251.186] GdipGetImageWidth (image=0x664ea70, width=0xd7e810) returned 0x0
[0251.186] GdipGetImageHeight (image=0x664ea70, height=0xd7e810) returned 0x0
[0251.186] GdipGetImageWidth (image=0x664ea70, width=0xd7e800) returned 0x0
[0251.186] GdipGetImageHeight (image=0x664ea70, height=0xd7e800) returned 0x0
[0251.187] GdipBitmapGetPixel (bitmap=0x664ea70, x=0, y=15, color=0xd7e810) returned 0x0
[0251.187] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0251.187] GdipGetImageWidth (image=0x664ea70, width=0xd7e740) returned 0x0
[0251.187] GdipGetImageHeight (image=0x664ea70, height=0xd7e740) returned 0x0
[0251.187] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0251.187] GdipGetImagePixelFormat (image=0x664fe20, format=0xd7e740) returned 0x0
[0251.187] GdipGetImageGraphicsContext (image=0x664fe20, graphics=0xd7e74c) returned 0x0
[0251.187] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0251.187] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0251.187] GdipSetImageAttributesColorKeys (imageattr=0x6638cc8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0251.187] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664ea70, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cc8, callback=0x0, callbackData=0x0) returned 0x0
[0251.187] GdipDisposeImageAttributes (imageattr=0x6638cc8) returned 0x0
[0251.187] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.188] GdipDisposeImage (image=0x664ea70) returned 0x0
[0251.188] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0251.189] GdipImageForceValidation (image=0x664fad8) returned 0x0
[0251.190] GdipGetImageRawFormat (image=0x664fad8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0251.190] GdipGetImageHeight (image=0x664fad8, height=0xd7e824) returned 0x0
[0251.190] GdipGetImageWidth (image=0x664fad8, width=0xd7e824) returned 0x0
[0251.191] GdipGetImageWidth (image=0x664fad8, width=0xd7e810) returned 0x0
[0251.191] GdipGetImageHeight (image=0x664fad8, height=0xd7e810) returned 0x0
[0251.191] GdipGetImageWidth (image=0x664fad8, width=0xd7e800) returned 0x0
[0251.191] GdipGetImageHeight (image=0x664fad8, height=0xd7e800) returned 0x0
[0251.191] GdipBitmapGetPixel (bitmap=0x664fad8, x=0, y=15, color=0xd7e810) returned 0x0
[0251.191] GdipGetImageRawFormat (image=0x664fad8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0251.191] GdipGetImageWidth (image=0x664fad8, width=0xd7e740) returned 0x0
[0251.191] GdipGetImageHeight (image=0x664fad8, height=0xd7e740) returned 0x0
[0251.191] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0251.191] GdipGetImagePixelFormat (image=0x6651ba8, format=0xd7e740) returned 0x0
[0251.191] GdipGetImageGraphicsContext (image=0x6651ba8, graphics=0xd7e74c) returned 0x0
[0251.191] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0251.191] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0251.191] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0251.191] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664fad8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0251.191] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0251.191] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.191] GdipDisposeImage (image=0x664fad8) returned 0x0
[0251.192] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.192] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0251.192] GetCurrentThreadId () returned 0xf50
[0251.192] GetCurrentThreadId () returned 0xf50
[0251.192] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.192] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0251.192] GetCurrentThreadId () returned 0xf50
[0251.192] GetCurrentThreadId () returned 0xf50
[0251.193] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.193] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0251.193] GetCurrentThreadId () returned 0xf50
[0251.193] GetCurrentThreadId () returned 0xf50
[0251.193] GetSystemMetrics (nIndex=5) returned 1
[0251.193] GetSystemMetrics (nIndex=6) returned 1
[0251.193] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.193] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0251.193] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.193] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0251.194] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.194] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0251.194] GetCurrentThreadId () returned 0xf50
[0251.194] GetCurrentThreadId () returned 0xf50
[0251.194] GetProcessWindowStation () returned 0x13c
[0251.194] GetCapture () returned 0x0
[0251.194] GetActiveWindow () returned 0x7005c
[0251.194] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0251.194] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.194] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0251.194] GetCursorPos (in: lpPoint=0x2d99d78 | out: lpPoint=0x2d99d78*(x=239, y=621)) returned 1
[0251.194] MonitorFromPoint (pt=0xef, dwFlags=0x26d) returned 0x10001
[0251.194] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0251.195] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xac0107ef
[0251.195] GetDeviceCaps (hdc=0xac0107ef, index=12) returned 32
[0251.195] GetDeviceCaps (hdc=0xac0107ef, index=14) returned 1
[0251.195] DeleteDC (hdc=0xac0107ef) returned 1
[0251.195] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0251.195] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.195] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2402dc
[0251.196] SetWindowLongW (hWnd=0x2402dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0251.196] GetWindowLongW (hWnd=0x2402dc, nIndex=-4) returned 1950089536
[0251.196] SetWindowLongW (hWnd=0x2402dc, nIndex=-4, dwNewLong=19948814) returned 1950089536
[0251.196] GetWindowLongW (hWnd=0x2402dc, nIndex=-4) returned 19948814
[0251.196] GetWindowLongW (hWnd=0x2402dc, nIndex=-16) returned 113770496
[0251.196] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0251.197] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0251.197] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0251.197] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0251.197] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0251.198] SetWindowTextW (hWnd=0x2402dc, lpString="BB ransomware") returned 1
[0251.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xc, wParam=0x0, lParam=0x2d984dc) returned 0x1
[0251.198] GetStartupInfoW (in: lpStartupInfo=0x2d9a0b4 | out: lpStartupInfo=0x2d9a0b4*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0251.199] GetParent (hWnd=0x2402dc) returned 0x0
[0251.199] SetWindowLongW (hWnd=0x2402dc, nIndex=-8, dwNewLong=0) returned 0
[0251.200] SendMessageW (hWnd=0x2402dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0251.200] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0251.200] SendMessageW (hWnd=0x2402dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0251.201] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0251.201] GetSystemMenu (hWnd=0x2402dc, bRevert=0) returned 0x9802a1
[0251.201] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0251.202] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0251.202] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0251.202] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0251.202] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0251.202] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0251.202] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0251.202] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0251.202] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0251.202] SetWindowPos (hWnd=0x2402dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0251.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0251.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2402dc) returned 0x1
[0251.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0251.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0251.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.207] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2402dc, lParam=0x0) returned 0x0
[0251.207] GetCapture () returned 0x0
[0251.207] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0251.208] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0251.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0251.210] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.210] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0251.211] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0251.211] GetParent (hWnd=0x2402dc) returned 0x0
[0251.211] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.212] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0251.213] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0251.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0251.213] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0251.213] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0251.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.215] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.216] GetWindowLongW (hWnd=0x2402dc, nIndex=-16) returned 113770496
[0251.216] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.216] GetSystemMetrics (nIndex=42) returned 0
[0251.216] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0251.216] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.216] GetSystemMetrics (nIndex=42) returned 0
[0251.216] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0251.216] GetCursorPos (in: lpPoint=0x2d9a2f0 | out: lpPoint=0x2d9a2f0*(x=239, y=621)) returned 1
[0251.216] MonitorFromPoint (pt=0xf0, dwFlags=0x270) returned 0x10001
[0251.216] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0251.216] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x780107ee
[0251.217] GetDeviceCaps (hdc=0x780107ee, index=12) returned 32
[0251.217] GetDeviceCaps (hdc=0x780107ee, index=14) returned 1
[0251.217] DeleteDC (hdc=0x780107ee) returned 1
[0251.217] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0251.217] GetWindowLongW (hWnd=0x2402dc, nIndex=-16) returned 113770496
[0251.217] GetWindowLongW (hWnd=0x2402dc, nIndex=-20) returned 327945
[0251.217] SetWindowLongW (hWnd=0x2402dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0251.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0251.217] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0251.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.218] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.219] SetWindowLongW (hWnd=0x2402dc, nIndex=-20, dwNewLong=327681) returned 327945
[0251.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0251.219] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0251.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.221] SetWindowPos (hWnd=0x2402dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0251.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0251.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0251.221] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0251.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0251.221] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0251.221] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0251.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.223] RedrawWindow (hWnd=0x2402dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0251.223] GetSystemMenu (hWnd=0x2402dc, bRevert=0) returned 0x9802a1
[0251.223] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0251.223] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0251.223] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0251.223] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0251.224] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0251.224] EnableMenuItem (hMenu=0x9802a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0251.224] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0251.224] GetWindowLongW (hWnd=0x2402dc, nIndex=-8) returned 0
[0251.224] SetWindowLongW (hWnd=0x2402dc, nIndex=-8, dwNewLong=458844) returned 0
[0251.224] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0251.225] GetProcessWindowStation () returned 0x13c
[0251.225] GetCurrentThreadId () returned 0xf50
[0251.225] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306586, lParam=0x0) returned 1
[0251.225] IsWindowVisible (hWnd=0x2402dc) returned 0
[0251.225] IsWindowVisible (hWnd=0x7005c) returned 1
[0251.225] IsWindowEnabled (hWnd=0x7005c) returned 1
[0251.225] IsWindowVisible (hWnd=0x300ec) returned 0
[0251.225] IsWindowVisible (hWnd=0x502c6) returned 0
[0251.225] IsWindowVisible (hWnd=0x502be) returned 0
[0251.225] GetActiveWindow () returned 0x2402dc
[0251.225] GetFocus () returned 0x2402dc
[0251.225] IsWindow (hWnd=0x7005c) returned 1
[0251.225] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0251.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0251.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0251.226] GetWindowLongW (hWnd=0x2402dc, nIndex=-8) returned 458844
[0251.226] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0251.226] GetCurrentThreadId () returned 0xf50
[0251.226] GetWindowLongW (hWnd=0x2402dc, nIndex=-8) returned 458844
[0251.226] IsWindowEnabled (hWnd=0x7005c) returned 0
[0251.226] IsWindowEnabled (hWnd=0x2402dc) returned 1
[0251.226] ShowWindow (hWnd=0x2402dc, nCmdShow=5) returned 0
[0251.226] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.226] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0251.227] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.227] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.227] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2402dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2700ea
[0251.227] SetWindowLongW (hWnd=0x2700ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0251.227] GetWindowLongW (hWnd=0x2700ea, nIndex=-4) returned 1950089536
[0251.228] SetWindowLongW (hWnd=0x2700ea, nIndex=-4, dwNewLong=19949134) returned 1950089536
[0251.228] GetWindowLongW (hWnd=0x2700ea, nIndex=-4) returned 19949134
[0251.228] GetWindowLongW (hWnd=0x2700ea, nIndex=-16) returned 1174405120
[0251.228] GetWindowLongW (hWnd=0x2700ea, nIndex=-12) returned 0
[0251.228] SetWindowLongW (hWnd=0x2700ea, nIndex=-12, dwNewLong=2556138) returned 0
[0251.228] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0251.228] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0251.228] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0251.228] GetWindow (hWnd=0x2700ea, uCmd=0x3) returned 0x0
[0251.228] GetClientRect (in: hWnd=0x2700ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0251.228] GetWindowRect (in: hWnd=0x2700ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0251.228] GetParent (hWnd=0x2700ea) returned 0x2402dc
[0251.229] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0251.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0251.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0251.229] GetClientRect (in: hWnd=0x2700ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0251.229] GetWindowRect (in: hWnd=0x2700ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0251.229] GetParent (hWnd=0x2700ea) returned 0x2402dc
[0251.229] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0251.229] SendMessageW (hWnd=0x2700ea, Msg=0x2210, wParam=0xea0001, lParam=0x2700ea) returned 0x0
[0251.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x2210, wParam=0xea0001, lParam=0x2700ea) returned 0x0
[0251.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.230] GetParent (hWnd=0x2700ea) returned 0x2402dc
[0251.230] GetParent (hWnd=0x1e02c8) returned 0x1902d0
[0251.230] SetParent (hWndChild=0x1e02c8, hWndNewParent=0x2402dc) returned 0x1902d0
[0251.230] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0251.230] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0251.230] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0251.231] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0251.231] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0251.231] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0251.231] GetWindowRect (in: hWnd=0x1e02c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0251.231] GetParent (hWnd=0x1e02c8) returned 0x2402dc
[0251.231] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0251.231] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0251.231] GetWindowRect (in: hWnd=0x1e02c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0251.231] GetParent (hWnd=0x1e02c8) returned 0x2402dc
[0251.231] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0251.231] GetParent (hWnd=0x1e02c8) returned 0x2402dc
[0251.231] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.231] GetWindow (hWnd=0x1e02c8, uCmd=0x3) returned 0x0
[0251.231] SetWindowPos (hWnd=0x1e02c8, hWndInsertAfter=0x2700ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0251.235] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0251.235] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0251.235] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0251.235] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0251.235] GetWindowRect (in: hWnd=0x1e02c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0251.235] GetParent (hWnd=0x1e02c8) returned 0x2402dc
[0251.235] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0251.235] GetParent (hWnd=0x1e02c8) returned 0x2402dc
[0251.235] GetWindow (hWnd=0x1e02c8, uCmd=0x3) returned 0x2700ea
[0251.236] GetWindowThreadProcessId (in: hWnd=0x1e02c8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0251.236] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0251.236] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.236] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.236] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2402dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2602d8
[0251.237] SetWindowLongW (hWnd=0x2602d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0251.237] GetWindowLongW (hWnd=0x2602d8, nIndex=-4) returned 1868032000
[0251.237] SetWindowLongW (hWnd=0x2602d8, nIndex=-4, dwNewLong=19949174) returned 1868032000
[0251.237] GetWindowLongW (hWnd=0x2602d8, nIndex=-4) returned 19949174
[0251.237] GetWindowLongW (hWnd=0x2602d8, nIndex=-16) returned 1174470667
[0251.237] GetWindowLongW (hWnd=0x2602d8, nIndex=-12) returned 0
[0251.237] SetWindowLongW (hWnd=0x2602d8, nIndex=-12, dwNewLong=2491096) returned 0
[0251.237] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0251.238] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0251.238] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0251.239] SendMessageW (hWnd=0x2602d8, Msg=0x2055, wParam=0x2602d8, lParam=0x3) returned 0x2
[0251.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0251.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0251.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0251.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0251.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0251.239] RedrawWindow (hWnd=0x2700ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0251.239] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0251.239] RedrawWindow (hWnd=0x1e02c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0251.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0251.239] RedrawWindow (hWnd=0x2602d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0251.240] RedrawWindow (hWnd=0x2402dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0251.240] GetWindow (hWnd=0x2602d8, uCmd=0x3) returned 0x1e02c8
[0251.240] GetClientRect (in: hWnd=0x2602d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0251.240] GetWindowRect (in: hWnd=0x2602d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0251.240] GetParent (hWnd=0x2602d8) returned 0x2402dc
[0251.240] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0251.240] SetWindowTextW (hWnd=0x2602d8, lpString="&Details") returned 1
[0251.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0251.241] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0251.241] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0251.241] GetClientRect (in: hWnd=0x2602d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0251.241] GetWindowRect (in: hWnd=0x2602d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0251.241] GetParent (hWnd=0x2602d8) returned 0x2402dc
[0251.241] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0251.241] SendMessageW (hWnd=0x2602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2602d8) returned 0x0
[0251.241] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2602d8) returned 0x0
[0251.241] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.241] GetParent (hWnd=0x2602d8) returned 0x2402dc
[0251.241] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0251.242] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.242] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.242] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2402dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a02ce
[0251.242] SetWindowLongW (hWnd=0x1a02ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0251.242] GetWindowLongW (hWnd=0x1a02ce, nIndex=-4) returned 1868032000
[0251.243] SetWindowLongW (hWnd=0x1a02ce, nIndex=-4, dwNewLong=19949254) returned 1868032000
[0251.243] GetWindowLongW (hWnd=0x1a02ce, nIndex=-4) returned 19949254
[0251.243] GetWindowLongW (hWnd=0x1a02ce, nIndex=-16) returned 1174470667
[0251.243] GetWindowLongW (hWnd=0x1a02ce, nIndex=-12) returned 0
[0251.243] SetWindowLongW (hWnd=0x1a02ce, nIndex=-12, dwNewLong=1704654) returned 0
[0251.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0251.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0251.244] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0251.244] SendMessageW (hWnd=0x1a02ce, Msg=0x2055, wParam=0x1a02ce, lParam=0x3) returned 0x2
[0251.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0251.244] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0251.244] GetWindow (hWnd=0x1a02ce, uCmd=0x3) returned 0x2602d8
[0251.244] GetClientRect (in: hWnd=0x1a02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0251.245] GetWindowRect (in: hWnd=0x1a02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0251.245] GetParent (hWnd=0x1a02ce) returned 0x2402dc
[0251.245] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0251.245] SetWindowTextW (hWnd=0x1a02ce, lpString="&Continue") returned 1
[0251.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0251.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0251.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0251.245] GetClientRect (in: hWnd=0x1a02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0251.245] GetWindowRect (in: hWnd=0x1a02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0251.245] GetParent (hWnd=0x1a02ce) returned 0x2402dc
[0251.245] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0251.245] SendMessageW (hWnd=0x1a02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1a02ce) returned 0x0
[0251.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1a02ce) returned 0x0
[0251.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.246] GetParent (hWnd=0x1a02ce) returned 0x2402dc
[0251.246] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0251.246] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.247] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.247] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2402dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2402de
[0251.254] SetWindowLongW (hWnd=0x2402de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0251.254] GetWindowLongW (hWnd=0x2402de, nIndex=-4) returned 1868032000
[0251.255] SetWindowLongW (hWnd=0x2402de, nIndex=-4, dwNewLong=19950014) returned 1868032000
[0251.255] GetWindowLongW (hWnd=0x2402de, nIndex=-4) returned 19950014
[0251.255] GetWindowLongW (hWnd=0x2402de, nIndex=-16) returned 1174470667
[0251.255] GetWindowLongW (hWnd=0x2402de, nIndex=-12) returned 0
[0251.255] SetWindowLongW (hWnd=0x2402de, nIndex=-12, dwNewLong=2360030) returned 0
[0251.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0251.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0251.256] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0251.256] SendMessageW (hWnd=0x2402de, Msg=0x2055, wParam=0x2402de, lParam=0x3) returned 0x2
[0251.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0251.256] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0251.257] GetWindow (hWnd=0x2402de, uCmd=0x3) returned 0x1a02ce
[0251.257] GetClientRect (in: hWnd=0x2402de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0251.257] GetWindowRect (in: hWnd=0x2402de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0251.257] GetParent (hWnd=0x2402de) returned 0x2402dc
[0251.257] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0251.257] SetWindowTextW (hWnd=0x2402de, lpString="&Quit") returned 1
[0251.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0251.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0251.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0251.257] GetClientRect (in: hWnd=0x2402de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0251.257] GetWindowRect (in: hWnd=0x2402de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0251.257] GetParent (hWnd=0x2402de) returned 0x2402dc
[0251.257] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0251.258] SendMessageW (hWnd=0x2402de, Msg=0x2210, wParam=0x2de0001, lParam=0x2402de) returned 0x0
[0251.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x2210, wParam=0x2de0001, lParam=0x2402de) returned 0x0
[0251.258] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.258] GetParent (hWnd=0x2402de) returned 0x2402dc
[0251.258] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0251.258] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.259] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0251.259] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2402dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2402da
[0251.259] SetWindowLongW (hWnd=0x2402da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0251.259] GetWindowLongW (hWnd=0x2402da, nIndex=-4) returned 1868026976
[0251.259] SetWindowLongW (hWnd=0x2402da, nIndex=-4, dwNewLong=19950454) returned 1868026976
[0251.259] GetWindowLongW (hWnd=0x2402da, nIndex=-4) returned 19950454
[0251.260] GetWindowLongW (hWnd=0x2402da, nIndex=-16) returned 1177553092
[0251.260] GetWindowLongW (hWnd=0x2402da, nIndex=-12) returned 0
[0251.260] SetWindowLongW (hWnd=0x2402da, nIndex=-12, dwNewLong=2360026) returned 0
[0251.260] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0251.260] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0251.262] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0251.278] GetWindow (hWnd=0x2402da, uCmd=0x3) returned 0x2402de
[0251.278] GetClientRect (in: hWnd=0x2402da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0251.278] GetWindowRect (in: hWnd=0x2402da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0251.278] GetParent (hWnd=0x2402da) returned 0x2402dc
[0251.278] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0251.278] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.278] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.278] GetSystemMetrics (nIndex=42) returned 0
[0251.278] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.278] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0251.278] SendMessageW (hWnd=0x2402da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0251.281] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0251.285] SetWindowTextW (hWnd=0x2402da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0251.285] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0xc, wParam=0x0, lParam=0x2d95ec4) returned 0x1
[0251.287] GetSystemMetrics (nIndex=5) returned 1
[0251.287] GetSystemMetrics (nIndex=6) returned 1
[0251.287] SendMessageW (hWnd=0x2402da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0251.287] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0251.287] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0251.288] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0251.288] GetClientRect (in: hWnd=0x2402da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0251.288] GetWindowRect (in: hWnd=0x2402da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0251.288] GetParent (hWnd=0x2402da) returned 0x2402dc
[0251.288] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0251.288] SendMessageW (hWnd=0x2402da, Msg=0x2210, wParam=0x2da0001, lParam=0x2402da) returned 0x0
[0251.288] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x2210, wParam=0x2da0001, lParam=0x2402da) returned 0x0
[0251.288] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0251.289] GetParent (hWnd=0x2402da) returned 0x2402dc
[0251.289] GetWindowLongW (hWnd=0x2402dc, nIndex=-8) returned 458844
[0251.289] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0251.289] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0251.289] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7f0107ee
[0251.289] GetDeviceCaps (hdc=0x7f0107ee, index=12) returned 32
[0251.289] GetDeviceCaps (hdc=0x7f0107ee, index=14) returned 1
[0251.289] DeleteDC (hdc=0x7f0107ee) returned 1
[0251.289] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0251.290] GetWindowThreadProcessId (in: hWnd=0x2402dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0251.290] GetCurrentThreadId () returned 0xf50
[0251.290] PostMessageW (hWnd=0x2402dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0251.290] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.290] GetSystemMetrics (nIndex=42) returned 0
[0251.290] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0251.290] GdipImageGetFrameDimensionsCount (image=0x664f448, count=0xd7e25c) returned 0x0
[0251.290] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201490
[0251.290] GdipImageGetFrameDimensionsList (image=0x664f448, dimensionIDs=0x1201490*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0251.290] LocalFree (hMem=0x1201490) returned 0x0
[0251.290] GdipImageGetFrameDimensionsCount (image=0x664fe20, count=0xd7e250) returned 0x0
[0251.290] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12012e0
[0251.290] GdipImageGetFrameDimensionsList (image=0x664fe20, dimensionIDs=0x12012e0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0251.290] LocalFree (hMem=0x12012e0) returned 0x0
[0251.290] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0251.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0251.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0251.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0251.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.314] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0251.315] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0251.315] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.315] GetSystemMetrics (nIndex=42) returned 0
[0251.315] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0251.315] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0251.315] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0251.315] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0251.315] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0xffffffffc60507d3
[0251.315] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0251.315] SaveDC (hdc=0xc0107c5) returned 1
[0251.315] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0251.315] CreateSolidBrush (color=0xf0f0f0) returned 0xa31007e1
[0251.315] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0xa31007e1) returned 1
[0251.315] DeleteObject (ho=0xa31007e1) returned 1
[0251.315] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0251.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0251.316] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0251.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0251.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0251.316] GetStockObject (i=5) returned 0x900015
[0251.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0251.317] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0251.317] GetStockObject (i=5) returned 0x900015
[0251.317] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0251.317] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0251.317] GetStockObject (i=5) returned 0x900015
[0251.317] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0251.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0251.317] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0251.317] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0251.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0251.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0251.319] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0251.319] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0251.319] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.319] InvalidateRect (hWnd=0x2602d8, lpRect=0x0, bErase=0) returned 1
[0251.319] GetFocus () returned 0x2402dc
[0251.319] GetFocus () returned 0x2402dc
[0251.319] SetFocus (hWnd=0x2602d8) returned 0x2402dc
[0251.320] GetFocus () returned 0x2602d8
[0251.320] IsChild (hWndParent=0x2402dc, hWnd=0x2602d8) returned 1
[0251.320] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x8, wParam=0x2602d8, lParam=0x0) returned 0x0
[0251.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0251.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0251.323] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x7, wParam=0x2402dc, lParam=0x0) returned 0x0
[0251.323] GetStockObject (i=5) returned 0x900015
[0251.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0251.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0251.324] GetDlgItem (hDlg=0x2402dc, nIDDlgItem=2491096) returned 0x2602d8
[0251.324] SendMessageW (hWnd=0x2602d8, Msg=0x202b, wParam=0x2602d8, lParam=0xd7e0dc) returned 0x0
[0251.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x202b, wParam=0x2602d8, lParam=0xd7e0dc) returned 0x0
[0251.324] InvalidateRect (hWnd=0x2602d8, lpRect=0x0, bErase=0) returned 1
[0251.326] GetFocus () returned 0x2602d8
[0251.326] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0251.326] IsWindowUnicode (hWnd=0x2402dc) returned 1
[0251.327] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.327] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0251.327] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.327] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.328] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0251.328] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.328] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0251.329] IsWindowUnicode (hWnd=0x2402dc) returned 1
[0251.329] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.329] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.329] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.329] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0251.331] IsWindowUnicode (hWnd=0x2402dc) returned 1
[0251.331] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.331] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.331] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.332] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.332] IsWindowUnicode (hWnd=0x602c4) returned 1
[0251.332] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.332] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.332] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0251.332] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0251.332] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.332] IsWindowUnicode (hWnd=0x2402dc) returned 1
[0251.333] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.333] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.333] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.333] BeginPaint (in: hWnd=0x2402dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0251.333] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.333] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.333] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.333] GetSystemMetrics (nIndex=42) returned 0
[0251.333] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.333] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0251.333] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.333] EndPaint (hWnd=0x2402dc, lpPaint=0xd7e274) returned 1
[0251.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.333] IsWindowUnicode (hWnd=0x2700ea) returned 1
[0251.333] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.333] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.334] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.334] BeginPaint (in: hWnd=0x2700ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0251.334] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.334] CreateCompatibleDC (hdc=0x10105d6) returned 0x90010693
[0251.334] SelectObject (hdc=0x90010693, h=0x4a0507fe) returned 0x85000f
[0251.334] GdipCreateFromHDC (hdc=0x90010693, graphics=0xd7e2b0) returned 0x0
[0251.334] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.334] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0251.334] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0251.334] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0251.334] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e310) returned 0x0
[0251.334] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0251.334] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0251.334] LocalFree (hMem=0x11eea28) returned 0x0
[0251.334] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0251.334] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0251.335] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0251.335] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e304) returned 0x0
[0251.335] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0251.335] GetWindowTextLengthW (hWnd=0x2700ea) returned 0
[0251.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0251.335] GetSystemMetrics (nIndex=42) returned 0
[0251.335] GetWindowTextW (in: hWnd=0x2700ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0251.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0251.335] GetClientRect (in: hWnd=0x2700ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0251.335] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0251.335] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0251.335] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0251.335] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0251.335] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e164) returned 0x0
[0251.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.335] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0251.335] LocalFree (hMem=0x11eec58) returned 0x0
[0251.335] GdipCombineRegionRegion (region=0x6646a78, region2=0x6646718, combineMode=0x1) returned 0x0
[0251.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.335] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0251.335] LocalFree (hMem=0x11ee868) returned 0x0
[0251.335] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0251.336] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0251.336] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0251.336] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0251.336] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0251.336] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0251.336] GetCurrentObject (hdc=0x90010693, type=0x1) returned 0xb00017
[0251.336] GetCurrentObject (hdc=0x90010693, type=0x2) returned 0x900010
[0251.336] GetCurrentObject (hdc=0x90010693, type=0x7) returned 0x4a0507fe
[0251.336] GetCurrentObject (hdc=0x90010693, type=0x6) returned 0x8a01c2
[0251.336] SaveDC (hdc=0x90010693) returned 1
[0251.336] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc7040807
[0251.336] GetClipRgn (hdc=0x90010693, hrgn=0xc7040807) returned 0
[0251.336] SelectClipRgn (hdc=0x90010693, hrgn=0x620407de) returned 2
[0251.336] DeleteObject (ho=0xc7040807) returned 1
[0251.336] DeleteObject (ho=0x620407de) returned 1
[0251.336] OffsetViewportOrgEx (in: hdc=0x90010693, x=0, y=0, lppt=0x2d9ba5c | out: lppt=0x2d9ba5c) returned 1
[0251.336] GetNearestColor (hdc=0x90010693, color=0xf0f0f0) returned 0xf0f0f0
[0251.337] CreateSolidBrush (color=0xf0f0f0) returned 0xa41007e1
[0251.337] FillRect (hDC=0x90010693, lprc=0xd7e198, hbr=0xa41007e1) returned 1
[0251.337] DeleteObject (ho=0xa41007e1) returned 1
[0251.337] RestoreDC (hdc=0x90010693, nSavedDC=-1) returned 1
[0251.337] GdipReleaseDC (graphics=0x6600030, hdc=0x90010693) returned 0x0
[0251.337] GdipRestoreGraphics (graphics=0x6600030, state=0xf8360dbd) returned 0x0
[0251.337] GdipDeleteRegion (region=0x6646718) returned 0x0
[0251.337] GetWindowTextLengthW (hWnd=0x2700ea) returned 0
[0251.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0251.337] GetSystemMetrics (nIndex=42) returned 0
[0251.337] GetWindowTextW (in: hWnd=0x2700ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0251.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0251.337] GdipGetImageWidth (image=0x664f448, width=0xd7e1e0) returned 0x0
[0251.337] GdipGetImageHeight (image=0x664f448, height=0xd7e1e0) returned 0x0
[0251.337] GdipGetImageWidth (image=0x664f448, width=0xd7e1cc) returned 0x0
[0251.337] GdipGetImageHeight (image=0x664f448, height=0xd7e1cc) returned 0x0
[0251.337] GdipDrawImageRectI (graphics=0x6600030, image=0x664f448, x=16, y=16, width=32, height=32) returned 0x0
[0251.337] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0251.337] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x90010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.337] GdipReleaseDC (graphics=0x6600030, hdc=0x90010693) returned 0x0
[0251.337] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.338] SelectObject (hdc=0x90010693, h=0x85000f) returned 0x4a0507fe
[0251.338] DeleteDC (hdc=0x90010693) returned 1
[0251.338] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.338] EndPaint (hWnd=0x2700ea, lpPaint=0xd7e294) returned 1
[0251.338] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.338] IsWindowUnicode (hWnd=0x1e02c8) returned 1
[0251.338] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.338] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.338] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.338] BeginPaint (in: hWnd=0x1e02c8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0251.338] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.338] CreateCompatibleDC (hdc=0xc0107c5) returned 0x92010693
[0251.338] GetObjectType (h=0xc0107c5) returned 0x3
[0251.338] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0xffffffffe7050801
[0251.339] GetDIBits (in: hdc=0xc0107c5, hbm=0xe7050801, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0251.339] GetDIBits (in: hdc=0xc0107c5, hbm=0xe7050801, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0251.339] DeleteObject (ho=0xe7050801) returned 1
[0251.339] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xf30507e9
[0251.339] SelectObject (hdc=0x92010693, h=0xf30507e9) returned 0x85000f
[0251.339] GdipCreateFromHDC (hdc=0x92010693, graphics=0xd7e234) returned 0x0
[0251.339] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.339] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0251.339] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0251.339] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0251.339] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2d4) returned 0x0
[0251.339] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.339] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0251.340] LocalFree (hMem=0x11ee868) returned 0x0
[0251.340] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0251.340] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0251.340] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0251.340] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0251.340] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0251.340] GetWindowTextLengthW (hWnd=0x1e02c8) returned 232
[0251.340] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0251.340] GetSystemMetrics (nIndex=42) returned 0
[0251.340] GetWindowTextW (in: hWnd=0x1e02c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0251.340] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0251.340] GetClientRect (in: hWnd=0x1e02c8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0251.340] GdipCreateRegion (region=0xd7e110) returned 0x0
[0251.340] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0251.340] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0251.340] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0251.340] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e128) returned 0x0
[0251.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0251.340] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0251.340] LocalFree (hMem=0x11eea28) returned 0x0
[0251.340] GdipCombineRegionRegion (region=0x6646568, region2=0x6646448, combineMode=0x1) returned 0x0
[0251.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.340] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0251.341] LocalFree (hMem=0x11ee868) returned 0x0
[0251.344] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0251.344] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e150) returned 0x0
[0251.344] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e140) returned 0x0
[0251.344] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0251.344] GdipDeleteRegion (region=0x6646568) returned 0x0
[0251.344] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0251.344] GetCurrentObject (hdc=0x92010693, type=0x1) returned 0xb00017
[0251.344] GetCurrentObject (hdc=0x92010693, type=0x2) returned 0x900010
[0251.344] GetCurrentObject (hdc=0x92010693, type=0x7) returned 0xfffffffff30507e9
[0251.344] GetCurrentObject (hdc=0x92010693, type=0x6) returned 0x8a01c2
[0251.344] SaveDC (hdc=0x92010693) returned 1
[0251.344] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x630407de
[0251.344] GetClipRgn (hdc=0x92010693, hrgn=0x630407de) returned 0
[0251.344] SelectClipRgn (hdc=0x92010693, hrgn=0xc8040807) returned 2
[0251.345] DeleteObject (ho=0x630407de) returned 1
[0251.345] DeleteObject (ho=0xc8040807) returned 1
[0251.345] OffsetViewportOrgEx (in: hdc=0x92010693, x=0, y=0, lppt=0x2d9d424 | out: lppt=0x2d9d424) returned 1
[0251.345] GetNearestColor (hdc=0x92010693, color=0xf0f0f0) returned 0xf0f0f0
[0251.345] CreateSolidBrush (color=0xf0f0f0) returned 0xa51007e1
[0251.345] FillRect (hDC=0x92010693, lprc=0xd7e15c, hbr=0xa51007e1) returned 1
[0251.346] DeleteObject (ho=0xa51007e1) returned 1
[0251.346] RestoreDC (hdc=0x92010693, nSavedDC=-1) returned 1
[0251.346] GdipReleaseDC (graphics=0x6600030, hdc=0x92010693) returned 0x0
[0251.346] GdipRestoreGraphics (graphics=0x6600030, state=0xf8340dbd) returned 0x0
[0251.346] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.346] GetWindowTextLengthW (hWnd=0x1e02c8) returned 232
[0251.346] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0251.346] GetSystemMetrics (nIndex=42) returned 0
[0251.346] GetWindowTextW (in: hWnd=0x1e02c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0251.346] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0251.346] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0251.346] GetCurrentObject (hdc=0x92010693, type=0x1) returned 0xb00017
[0251.346] GetCurrentObject (hdc=0x92010693, type=0x2) returned 0x900010
[0251.346] GetCurrentObject (hdc=0x92010693, type=0x7) returned 0xfffffffff30507e9
[0251.346] GetCurrentObject (hdc=0x92010693, type=0x6) returned 0x8a01c2
[0251.346] SaveDC (hdc=0x92010693) returned 1
[0251.346] GetNearestColor (hdc=0x92010693, color=0x0) returned 0x0
[0251.346] RestoreDC (hdc=0x92010693, nSavedDC=-1) returned 1
[0251.346] GdipReleaseDC (graphics=0x6600030, hdc=0x92010693) returned 0x0
[0251.347] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0251.347] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0251.347] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d9dc20 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0251.347] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0251.347] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0251.347] GetCurrentObject (hdc=0x92010693, type=0x1) returned 0xb00017
[0251.348] GetCurrentObject (hdc=0x92010693, type=0x2) returned 0x900010
[0251.348] GetCurrentObject (hdc=0x92010693, type=0x7) returned 0xfffffffff30507e9
[0251.348] GetCurrentObject (hdc=0x92010693, type=0x6) returned 0x8a01c2
[0251.348] SaveDC (hdc=0x92010693) returned 1
[0251.348] GetTextAlign (hdc=0x92010693) returned 0x0
[0251.348] GetTextColor (hdc=0x92010693) returned 0x0
[0251.348] GetCurrentObject (hdc=0x92010693, type=0x6) returned 0x8a01c2
[0251.348] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0251.348] SelectObject (hdc=0x92010693, h=0x6d0a0520) returned 0x8a01c2
[0251.348] GetBkMode (hdc=0x92010693) returned 2
[0251.348] SetBkMode (hdc=0x92010693, mode=1) returned 2
[0251.348] DrawTextExW (in: hdc=0x92010693, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d9de44 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0251.351] RestoreDC (hdc=0x92010693, nSavedDC=-1) returned 1
[0251.351] GdipReleaseDC (graphics=0x6600030, hdc=0x92010693) returned 0x0
[0251.351] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0251.351] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0x92010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.351] GdipReleaseDC (graphics=0x6600030, hdc=0x92010693) returned 0x0
[0251.351] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.351] SelectObject (hdc=0x92010693, h=0x85000f) returned 0xf30507e9
[0251.351] DeleteDC (hdc=0x92010693) returned 1
[0251.351] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.351] DeleteObject (ho=0xf30507e9) returned 1
[0251.352] EndPaint (hWnd=0x1e02c8, lpPaint=0xd7e258) returned 1
[0251.352] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.352] IsWindowUnicode (hWnd=0x2602d8) returned 1
[0251.352] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.352] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.352] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.352] BeginPaint (in: hWnd=0x2602d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0251.352] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.352] CreateCompatibleDC (hdc=0x60100ce) returned 0xe9010801
[0251.353] SelectObject (hdc=0xe9010801, h=0x4a0507fe) returned 0x85000f
[0251.353] GdipCreateFromHDC (hdc=0xe9010801, graphics=0xd7e268) returned 0x0
[0251.353] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.353] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0251.353] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0251.353] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0251.353] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0251.353] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.353] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0251.353] LocalFree (hMem=0x11eec58) returned 0x0
[0251.353] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0251.353] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0251.353] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0251.353] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0251.353] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0251.353] GdipRestoreGraphics (graphics=0x6600030, state=0xf8320dbd) returned 0x0
[0251.353] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0251.353] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0251.353] GetCurrentObject (hdc=0xe9010801, type=0x1) returned 0xb00017
[0251.353] GetCurrentObject (hdc=0xe9010801, type=0x2) returned 0x900010
[0251.354] GetCurrentObject (hdc=0xe9010801, type=0x7) returned 0x4a0507fe
[0251.354] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.354] SaveDC (hdc=0xe9010801) returned 1
[0251.354] GetNearestColor (hdc=0xe9010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.354] GetNearestColor (hdc=0xe9010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.354] GetNearestColor (hdc=0xe9010801, color=0x696969) returned 0x696969
[0251.354] GetNearestColor (hdc=0xe9010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.354] GetNearestColor (hdc=0xe9010801, color=0x0) returned 0x0
[0251.354] GetNearestColor (hdc=0xe9010801, color=0xffffff) returned 0xffffff
[0251.354] GetNearestColor (hdc=0xe9010801, color=0xe5e5e5) returned 0xe5e5e5
[0251.354] GetNearestColor (hdc=0xe9010801, color=0xd7d7d7) returned 0xd7d7d7
[0251.354] GetNearestColor (hdc=0xe9010801, color=0x0) returned 0x0
[0251.354] RestoreDC (hdc=0xe9010801, nSavedDC=-1) returned 1
[0251.354] GdipReleaseDC (graphics=0x6600030, hdc=0xe9010801) returned 0x0
[0251.354] IsAppThemed () returned 0x1
[0251.354] GetThemeAppProperties () returned 0x3
[0251.354] GetThemeAppProperties () returned 0x3
[0251.354] GdipGetImageWidth (image=0x664fe20, width=0xd7e168) returned 0x0
[0251.355] GdipGetImageHeight (image=0x664fe20, height=0xd7e168) returned 0x0
[0251.355] IsAppThemed () returned 0x1
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d9e594 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0251.355] IsAppThemed () returned 0x1
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] IsAppThemed () returned 0x1
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] GetFocus () returned 0x2602d8
[0251.355] IsAppThemed () returned 0x1
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] IsAppThemed () returned 0x1
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] GetThemeAppProperties () returned 0x3
[0251.355] IsThemePartDefined () returned 0x1
[0251.355] IsAppThemed () returned 0x1
[0251.356] GetThemeAppProperties () returned 0x3
[0251.356] GetThemeAppProperties () returned 0x3
[0251.356] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.356] IsAppThemed () returned 0x1
[0251.356] GetThemeAppProperties () returned 0x3
[0251.356] GetThemeAppProperties () returned 0x3
[0251.356] IsAppThemed () returned 0x1
[0251.356] GetThemeAppProperties () returned 0x3
[0251.356] GetThemeAppProperties () returned 0x3
[0251.356] IsThemePartDefined () returned 0x1
[0251.356] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0251.356] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0251.356] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0251.356] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0251.356] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dff0) returned 0x0
[0251.356] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.356] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eecc8) returned 0x0
[0251.356] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.358] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.358] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eecc8) returned 0x0
[0251.358] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.358] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0251.358] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e018) returned 0x0
[0251.358] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e008) returned 0x0
[0251.358] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0251.358] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0251.358] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0251.358] GetCurrentObject (hdc=0xe9010801, type=0x1) returned 0xb00017
[0251.358] GetCurrentObject (hdc=0xe9010801, type=0x2) returned 0x900010
[0251.358] GetCurrentObject (hdc=0xe9010801, type=0x7) returned 0x4a0507fe
[0251.358] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.358] SaveDC (hdc=0xe9010801) returned 1
[0251.359] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc9040807
[0251.359] GetClipRgn (hdc=0xe9010801, hrgn=0xc9040807) returned 0
[0251.359] SelectClipRgn (hdc=0xe9010801, hrgn=0x670407de) returned 2
[0251.359] DeleteObject (ho=0xc9040807) returned 1
[0251.359] DeleteObject (ho=0x670407de) returned 1
[0251.359] OffsetViewportOrgEx (in: hdc=0xe9010801, x=0, y=0, lppt=0x2d9ec44 | out: lppt=0x2d9ec44) returned 1
[0251.359] DrawThemeParentBackground () returned 0x0
[0251.359] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0251.359] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0251.359] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.359] GetSystemMetrics (nIndex=42) returned 0
[0251.359] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0251.359] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0251.359] GetCurrentObject (hdc=0xe9010801, type=0x1) returned 0xb00017
[0251.359] GetCurrentObject (hdc=0xe9010801, type=0x2) returned 0x900010
[0251.359] GetCurrentObject (hdc=0xe9010801, type=0x7) returned 0x4a0507fe
[0251.359] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.360] SaveDC (hdc=0xe9010801) returned 2
[0251.360] GetNearestColor (hdc=0xe9010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.360] CreateSolidBrush (color=0xf0f0f0) returned 0xa61007e1
[0251.360] FillRect (hDC=0xe9010801, lprc=0xd7da38, hbr=0xa61007e1) returned 1
[0251.360] DeleteObject (ho=0xa61007e1) returned 1
[0251.360] RestoreDC (hdc=0xe9010801, nSavedDC=-1) returned 1
[0251.360] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.360] GetSystemMetrics (nIndex=42) returned 0
[0251.360] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.360] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0251.360] GetCurrentObject (hdc=0xe9010801, type=0x1) returned 0xb00017
[0251.360] GetCurrentObject (hdc=0xe9010801, type=0x2) returned 0x900010
[0251.360] GetCurrentObject (hdc=0xe9010801, type=0x7) returned 0x4a0507fe
[0251.360] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.360] SaveDC (hdc=0xe9010801) returned 2
[0251.360] GetNearestColor (hdc=0xe9010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.360] CreateSolidBrush (color=0xf0f0f0) returned 0xa71007e1
[0251.360] FillRect (hDC=0xe9010801, lprc=0xd7d9d8, hbr=0xa71007e1) returned 1
[0251.360] DeleteObject (ho=0xa71007e1) returned 1
[0251.360] RestoreDC (hdc=0xe9010801, nSavedDC=-1) returned 1
[0251.361] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.361] GetSystemMetrics (nIndex=42) returned 0
[0251.361] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.361] RestoreDC (hdc=0xe9010801, nSavedDC=-1) returned 1
[0251.361] GdipReleaseDC (graphics=0x6600030, hdc=0xe9010801) returned 0x0
[0251.361] IsAppThemed () returned 0x1
[0251.361] GetThemeAppProperties () returned 0x3
[0251.361] GetThemeAppProperties () returned 0x3
[0251.361] IsAppThemed () returned 0x1
[0251.361] GetThemeAppProperties () returned 0x3
[0251.361] GetThemeAppProperties () returned 0x3
[0251.361] IsThemePartDefined () returned 0x1
[0251.361] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0251.361] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0251.361] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0251.361] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0251.361] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0251.361] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0251.361] LocalFree (hMem=0x11eec58) returned 0x0
[0251.362] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0251.362] LocalFree (hMem=0x11ee9f0) returned 0x0
[0251.362] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0251.362] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0251.362] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0251.362] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0251.362] GdipDeleteRegion (region=0x6646688) returned 0x0
[0251.362] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0251.362] GetCurrentObject (hdc=0xe9010801, type=0x1) returned 0xb00017
[0251.362] GetCurrentObject (hdc=0xe9010801, type=0x2) returned 0x900010
[0251.362] GetCurrentObject (hdc=0xe9010801, type=0x7) returned 0x4a0507fe
[0251.362] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.362] SaveDC (hdc=0xe9010801) returned 1
[0251.362] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x680407de
[0251.362] GetClipRgn (hdc=0xe9010801, hrgn=0x680407de) returned 0
[0251.362] SelectClipRgn (hdc=0xe9010801, hrgn=0xcb040807) returned 2
[0251.362] DeleteObject (ho=0x680407de) returned 1
[0251.362] DeleteObject (ho=0xcb040807) returned 1
[0251.362] OffsetViewportOrgEx (in: hdc=0xe9010801, x=0, y=0, lppt=0x2d9f4f0 | out: lppt=0x2d9f4f0) returned 1
[0251.362] IsAppThemed () returned 0x1
[0251.362] GetThemeAppProperties () returned 0x3
[0251.362] GetThemeAppProperties () returned 0x3
[0251.362] DrawThemeBackground () returned 0x0
[0251.363] RestoreDC (hdc=0xe9010801, nSavedDC=-1) returned 1
[0251.363] GdipReleaseDC (graphics=0x6600030, hdc=0xe9010801) returned 0x0
[0251.363] GdipCreateRegion (region=0xd7df60) returned 0x0
[0251.363] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.363] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0251.363] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0251.363] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df78) returned 0x0
[0251.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.363] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0251.363] LocalFree (hMem=0x11ee868) returned 0x0
[0251.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.363] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0251.363] LocalFree (hMem=0x11eec58) returned 0x0
[0251.363] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0251.363] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0251.363] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0251.363] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0251.363] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.363] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0251.363] GetCurrentObject (hdc=0xe9010801, type=0x1) returned 0xb00017
[0251.363] GetCurrentObject (hdc=0xe9010801, type=0x2) returned 0x900010
[0251.363] GetCurrentObject (hdc=0xe9010801, type=0x7) returned 0x4a0507fe
[0251.364] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.364] SaveDC (hdc=0xe9010801) returned 1
[0251.364] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcc040807
[0251.364] GetClipRgn (hdc=0xe9010801, hrgn=0xcc040807) returned 0
[0251.364] SelectClipRgn (hdc=0xe9010801, hrgn=0x690407de) returned 2
[0251.364] DeleteObject (ho=0xcc040807) returned 1
[0251.364] DeleteObject (ho=0x690407de) returned 1
[0251.364] OffsetViewportOrgEx (in: hdc=0xe9010801, x=0, y=0, lppt=0x2d9f7c4 | out: lppt=0x2d9f7c4) returned 1
[0251.364] IsAppThemed () returned 0x1
[0251.364] GetThemeAppProperties () returned 0x3
[0251.364] GetThemeAppProperties () returned 0x3
[0251.364] GetThemeBackgroundContentRect () returned 0x0
[0251.364] RestoreDC (hdc=0xe9010801, nSavedDC=-1) returned 1
[0251.364] GdipReleaseDC (graphics=0x6600030, hdc=0xe9010801) returned 0x0
[0251.364] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0251.364] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0251.364] GdipCloneRegion (region=0x6646f88, cloneRegion=0xd7e150) returned 0x0
[0251.364] GdipCombineRegionRectI (region=0x6646a78, rect=0xd7e138, combineMode=0x1) returned 0x0
[0251.364] GdipCombineRegionRectI (region=0x6646a78, rect=0xd7e138, combineMode=0x1) returned 0x0
[0251.364] GdipSetClipRegion (graphics=0x6600030, region=0x6646a78, combineMode=0x0) returned 0x0
[0251.364] GdipGetImageWidth (image=0x664fe20, width=0xd7e154) returned 0x0
[0251.365] GdipGetImageHeight (image=0x664fe20, height=0xd7e148) returned 0x0
[0251.365] GdipDrawImageRectI (graphics=0x6600030, image=0x664fe20, x=4, y=4, width=16, height=16) returned 0x0
[0251.365] GdipSetClipRegion (graphics=0x6600030, region=0x6646f88, combineMode=0x0) returned 0x0
[0251.365] IsAppThemed () returned 0x1
[0251.365] GetThemeAppProperties () returned 0x3
[0251.365] GetThemeAppProperties () returned 0x3
[0251.365] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0251.365] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0251.365] GetCurrentObject (hdc=0xe9010801, type=0x1) returned 0xb00017
[0251.365] GetCurrentObject (hdc=0xe9010801, type=0x2) returned 0x900010
[0251.365] GetCurrentObject (hdc=0xe9010801, type=0x7) returned 0x4a0507fe
[0251.365] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.365] SaveDC (hdc=0xe9010801) returned 1
[0251.365] GetTextAlign (hdc=0xe9010801) returned 0x0
[0251.365] GetTextColor (hdc=0xe9010801) returned 0x0
[0251.365] GetCurrentObject (hdc=0xe9010801, type=0x6) returned 0x8a01c2
[0251.365] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0251.365] SelectObject (hdc=0xe9010801, h=0x6d0a0520) returned 0x8a01c2
[0251.365] GetBkMode (hdc=0xe9010801) returned 2
[0251.366] SetBkMode (hdc=0xe9010801, mode=1) returned 2
[0251.366] DrawTextExW (in: hdc=0xe9010801, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d9fb84 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0251.366] DrawTextExW (in: hdc=0xe9010801, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d9fb84 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0251.366] RestoreDC (hdc=0xe9010801, nSavedDC=-1) returned 1
[0251.366] GdipReleaseDC (graphics=0x6600030, hdc=0xe9010801) returned 0x0
[0251.366] GetFocus () returned 0x2602d8
[0251.367] IsAppThemed () returned 0x1
[0251.367] GetThemeAppProperties () returned 0x3
[0251.367] GetThemeAppProperties () returned 0x3
[0251.367] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0251.367] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xe9010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.367] GdipReleaseDC (graphics=0x6600030, hdc=0xe9010801) returned 0x0
[0251.367] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.368] SelectObject (hdc=0xe9010801, h=0x85000f) returned 0x4a0507fe
[0251.368] DeleteDC (hdc=0xe9010801) returned 1
[0251.368] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.368] EndPaint (hWnd=0x2602d8, lpPaint=0xd7e24c) returned 1
[0251.368] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.368] IsWindowUnicode (hWnd=0x1a02ce) returned 1
[0251.368] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.369] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.369] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.369] BeginPaint (in: hWnd=0x1a02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0251.369] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.369] CreateCompatibleDC (hdc=0x107b9) returned 0xeb010801
[0251.369] SelectObject (hdc=0xeb010801, h=0x4a0507fe) returned 0x85000f
[0251.369] GdipCreateFromHDC (hdc=0xeb010801, graphics=0xd7e268) returned 0x0
[0251.369] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.369] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0251.369] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0251.369] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0251.369] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2c8) returned 0x0
[0251.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.369] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0251.369] LocalFree (hMem=0x11ee868) returned 0x0
[0251.369] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0251.369] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0251.369] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0251.370] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0251.370] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0251.370] GdipRestoreGraphics (graphics=0x6600030, state=0xf8300dbd) returned 0x0
[0251.370] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0251.370] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0251.370] GetCurrentObject (hdc=0xeb010801, type=0x1) returned 0xb00017
[0251.370] GetCurrentObject (hdc=0xeb010801, type=0x2) returned 0x900010
[0251.370] GetCurrentObject (hdc=0xeb010801, type=0x7) returned 0x4a0507fe
[0251.370] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.370] SaveDC (hdc=0xeb010801) returned 1
[0251.370] GetNearestColor (hdc=0xeb010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.370] GetNearestColor (hdc=0xeb010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.370] GetNearestColor (hdc=0xeb010801, color=0x696969) returned 0x696969
[0251.370] GetNearestColor (hdc=0xeb010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.370] GetNearestColor (hdc=0xeb010801, color=0x0) returned 0x0
[0251.370] GetNearestColor (hdc=0xeb010801, color=0xffffff) returned 0xffffff
[0251.370] GetNearestColor (hdc=0xeb010801, color=0xe5e5e5) returned 0xe5e5e5
[0251.370] GetNearestColor (hdc=0xeb010801, color=0xd7d7d7) returned 0xd7d7d7
[0251.370] GetNearestColor (hdc=0xeb010801, color=0x0) returned 0x0
[0251.371] RestoreDC (hdc=0xeb010801, nSavedDC=-1) returned 1
[0251.371] GdipReleaseDC (graphics=0x6600030, hdc=0xeb010801) returned 0x0
[0251.371] IsAppThemed () returned 0x1
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0251.371] SendMessageW (hWnd=0x2402dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0251.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0251.371] IsAppThemed () returned 0x1
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2da0394 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0251.371] IsAppThemed () returned 0x1
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] IsAppThemed () returned 0x1
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] GetThemeAppProperties () returned 0x3
[0251.371] GetFocus () returned 0x2602d8
[0251.372] IsAppThemed () returned 0x1
[0251.372] GetThemeAppProperties () returned 0x3
[0251.372] GetThemeAppProperties () returned 0x3
[0251.372] IsAppThemed () returned 0x1
[0251.372] GetThemeAppProperties () returned 0x3
[0251.372] GetThemeAppProperties () returned 0x3
[0251.378] IsThemePartDefined () returned 0x1
[0251.378] IsAppThemed () returned 0x1
[0251.378] GetThemeAppProperties () returned 0x3
[0251.378] GetThemeAppProperties () returned 0x3
[0251.378] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.378] IsAppThemed () returned 0x1
[0251.378] GetThemeAppProperties () returned 0x3
[0251.378] GetThemeAppProperties () returned 0x3
[0251.378] IsAppThemed () returned 0x1
[0251.378] GetThemeAppProperties () returned 0x3
[0251.378] GetThemeAppProperties () returned 0x3
[0251.378] IsThemePartDefined () returned 0x1
[0251.378] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0251.378] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0251.378] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0251.379] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0251.379] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dff0) returned 0x0
[0251.379] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0251.379] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0251.379] LocalFree (hMem=0x11ee9f0) returned 0x0
[0251.379] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0251.379] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eed00) returned 0x0
[0251.379] LocalFree (hMem=0x11eed00) returned 0x0
[0251.379] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0251.379] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e018) returned 0x0
[0251.379] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e008) returned 0x0
[0251.379] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0251.379] GdipDeleteRegion (region=0x6646688) returned 0x0
[0251.379] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0251.379] GetCurrentObject (hdc=0xeb010801, type=0x1) returned 0xb00017
[0251.379] GetCurrentObject (hdc=0xeb010801, type=0x2) returned 0x900010
[0251.379] GetCurrentObject (hdc=0xeb010801, type=0x7) returned 0x4a0507fe
[0251.379] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.379] SaveDC (hdc=0xeb010801) returned 1
[0251.379] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6a0407de
[0251.379] GetClipRgn (hdc=0xeb010801, hrgn=0x6a0407de) returned 0
[0251.380] SelectClipRgn (hdc=0xeb010801, hrgn=0xd0040807) returned 2
[0251.380] DeleteObject (ho=0x6a0407de) returned 1
[0251.380] DeleteObject (ho=0xd0040807) returned 1
[0251.381] OffsetViewportOrgEx (in: hdc=0xeb010801, x=0, y=0, lppt=0x2da0a44 | out: lppt=0x2da0a44) returned 1
[0251.381] DrawThemeParentBackground () returned 0x0
[0251.381] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0251.381] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0251.381] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.381] GetSystemMetrics (nIndex=42) returned 0
[0251.381] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0251.381] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0251.381] GetCurrentObject (hdc=0xeb010801, type=0x1) returned 0xb00017
[0251.381] GetCurrentObject (hdc=0xeb010801, type=0x2) returned 0x900010
[0251.382] GetCurrentObject (hdc=0xeb010801, type=0x7) returned 0x4a0507fe
[0251.382] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.382] SaveDC (hdc=0xeb010801) returned 2
[0251.382] GetNearestColor (hdc=0xeb010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.382] CreateSolidBrush (color=0xf0f0f0) returned 0xa81007e1
[0251.382] FillRect (hDC=0xeb010801, lprc=0xd7da38, hbr=0xa81007e1) returned 1
[0251.382] DeleteObject (ho=0xa81007e1) returned 1
[0251.382] RestoreDC (hdc=0xeb010801, nSavedDC=-1) returned 1
[0251.382] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.382] GetSystemMetrics (nIndex=42) returned 0
[0251.382] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.382] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0251.382] GetCurrentObject (hdc=0xeb010801, type=0x1) returned 0xb00017
[0251.382] GetCurrentObject (hdc=0xeb010801, type=0x2) returned 0x900010
[0251.382] GetCurrentObject (hdc=0xeb010801, type=0x7) returned 0x4a0507fe
[0251.382] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.382] SaveDC (hdc=0xeb010801) returned 2
[0251.382] GetNearestColor (hdc=0xeb010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.383] CreateSolidBrush (color=0xf0f0f0) returned 0xa91007e1
[0251.383] FillRect (hDC=0xeb010801, lprc=0xd7d9d8, hbr=0xa91007e1) returned 1
[0251.383] DeleteObject (ho=0xa91007e1) returned 1
[0251.383] RestoreDC (hdc=0xeb010801, nSavedDC=-1) returned 1
[0251.383] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.383] GetSystemMetrics (nIndex=42) returned 0
[0251.383] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.383] RestoreDC (hdc=0xeb010801, nSavedDC=-1) returned 1
[0251.383] GdipReleaseDC (graphics=0x6600030, hdc=0xeb010801) returned 0x0
[0251.383] IsAppThemed () returned 0x1
[0251.383] GetThemeAppProperties () returned 0x3
[0251.383] GetThemeAppProperties () returned 0x3
[0251.383] IsAppThemed () returned 0x1
[0251.383] GetThemeAppProperties () returned 0x3
[0251.383] GetThemeAppProperties () returned 0x3
[0251.383] IsThemePartDefined () returned 0x1
[0251.383] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0251.383] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.383] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0251.384] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0251.384] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df74) returned 0x0
[0251.384] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.384] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0251.384] LocalFree (hMem=0x11ee868) returned 0x0
[0251.384] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0251.384] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0251.384] LocalFree (hMem=0x11ee9f0) returned 0x0
[0251.384] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0251.384] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0251.384] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0251.384] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0251.384] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.384] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0251.384] GetCurrentObject (hdc=0xeb010801, type=0x1) returned 0xb00017
[0251.384] GetCurrentObject (hdc=0xeb010801, type=0x2) returned 0x900010
[0251.384] GetCurrentObject (hdc=0xeb010801, type=0x7) returned 0x4a0507fe
[0251.384] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.384] SaveDC (hdc=0xeb010801) returned 1
[0251.384] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd1040807
[0251.384] GetClipRgn (hdc=0xeb010801, hrgn=0xd1040807) returned 0
[0251.384] SelectClipRgn (hdc=0xeb010801, hrgn=0x6c0407de) returned 2
[0251.385] DeleteObject (ho=0xd1040807) returned 1
[0251.385] DeleteObject (ho=0x6c0407de) returned 1
[0251.385] OffsetViewportOrgEx (in: hdc=0xeb010801, x=0, y=0, lppt=0x2da12f0 | out: lppt=0x2da12f0) returned 1
[0251.385] IsAppThemed () returned 0x1
[0251.385] GetThemeAppProperties () returned 0x3
[0251.385] GetThemeAppProperties () returned 0x3
[0251.385] DrawThemeBackground () returned 0x0
[0251.385] RestoreDC (hdc=0xeb010801, nSavedDC=-1) returned 1
[0251.385] GdipReleaseDC (graphics=0x6600030, hdc=0xeb010801) returned 0x0
[0251.385] GdipCreateRegion (region=0xd7df60) returned 0x0
[0251.385] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.385] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0251.385] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0251.385] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0251.385] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.385] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0251.385] LocalFree (hMem=0x11eec58) returned 0x0
[0251.385] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.385] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0251.385] LocalFree (hMem=0x11ee868) returned 0x0
[0251.385] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0251.385] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0251.386] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0251.386] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0251.386] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.386] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0251.386] GetCurrentObject (hdc=0xeb010801, type=0x1) returned 0xb00017
[0251.386] GetCurrentObject (hdc=0xeb010801, type=0x2) returned 0x900010
[0251.386] GetCurrentObject (hdc=0xeb010801, type=0x7) returned 0x4a0507fe
[0251.386] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.386] SaveDC (hdc=0xeb010801) returned 1
[0251.386] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6d0407de
[0251.386] GetClipRgn (hdc=0xeb010801, hrgn=0x6d0407de) returned 0
[0251.386] SelectClipRgn (hdc=0xeb010801, hrgn=0xd2040807) returned 2
[0251.386] DeleteObject (ho=0x6d0407de) returned 1
[0251.386] DeleteObject (ho=0xd2040807) returned 1
[0251.386] OffsetViewportOrgEx (in: hdc=0xeb010801, x=0, y=0, lppt=0x2da15c4 | out: lppt=0x2da15c4) returned 1
[0251.386] IsAppThemed () returned 0x1
[0251.386] GetThemeAppProperties () returned 0x3
[0251.386] GetThemeAppProperties () returned 0x3
[0251.386] GetThemeBackgroundContentRect () returned 0x0
[0251.386] RestoreDC (hdc=0xeb010801, nSavedDC=-1) returned 1
[0251.386] GdipReleaseDC (graphics=0x6600030, hdc=0xeb010801) returned 0x0
[0251.386] IsAppThemed () returned 0x1
[0251.387] GetThemeAppProperties () returned 0x3
[0251.387] GetThemeAppProperties () returned 0x3
[0251.387] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0251.387] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0251.387] GetCurrentObject (hdc=0xeb010801, type=0x1) returned 0xb00017
[0251.387] GetCurrentObject (hdc=0xeb010801, type=0x2) returned 0x900010
[0251.387] GetCurrentObject (hdc=0xeb010801, type=0x7) returned 0x4a0507fe
[0251.387] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.387] SaveDC (hdc=0xeb010801) returned 1
[0251.387] GetTextAlign (hdc=0xeb010801) returned 0x0
[0251.387] GetTextColor (hdc=0xeb010801) returned 0x0
[0251.387] GetCurrentObject (hdc=0xeb010801, type=0x6) returned 0x8a01c2
[0251.387] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0251.387] SelectObject (hdc=0xeb010801, h=0x6d0a0520) returned 0x8a01c2
[0251.387] GetBkMode (hdc=0xeb010801) returned 2
[0251.387] SetBkMode (hdc=0xeb010801, mode=1) returned 2
[0251.388] DrawTextExW (in: hdc=0xeb010801, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2da1964 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0251.388] DrawTextExW (in: hdc=0xeb010801, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2da1964 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0251.388] RestoreDC (hdc=0xeb010801, nSavedDC=-1) returned 1
[0251.388] GdipReleaseDC (graphics=0x6600030, hdc=0xeb010801) returned 0x0
[0251.388] GetFocus () returned 0x2602d8
[0251.388] IsAppThemed () returned 0x1
[0251.389] GetThemeAppProperties () returned 0x3
[0251.389] GetThemeAppProperties () returned 0x3
[0251.389] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0251.389] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xeb010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.389] GdipReleaseDC (graphics=0x6600030, hdc=0xeb010801) returned 0x0
[0251.389] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.389] SelectObject (hdc=0xeb010801, h=0x85000f) returned 0x4a0507fe
[0251.389] DeleteDC (hdc=0xeb010801) returned 1
[0251.389] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.389] EndPaint (hWnd=0x1a02ce, lpPaint=0xd7e24c) returned 1
[0251.389] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.389] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.389] IsWindowUnicode (hWnd=0x1a02ce) returned 1
[0251.389] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.389] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.390] SetCursor (hCursor=0x10003) returned 0x10003
[0251.390] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.390] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.390] _TrackMouseEvent (in: lpEventTrack=0x2da1a60 | out: lpEventTrack=0x2da1a60) returned 1
[0251.390] SendMessageW (hWnd=0x1a02ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0251.390] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0251.390] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.390] GetKeyState (nVirtKey=1) returned 0
[0251.390] GetKeyState (nVirtKey=2) returned 0
[0251.390] GetKeyState (nVirtKey=4) returned 0
[0251.390] GetKeyState (nVirtKey=5) returned 0
[0251.390] GetKeyState (nVirtKey=6) returned 0
[0251.390] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.390] IsWindowUnicode (hWnd=0x1a02ce) returned 1
[0251.390] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.390] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.390] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.390] BeginPaint (in: hWnd=0x1a02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0251.390] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.391] CreateCompatibleDC (hdc=0x107b9) returned 0xec010801
[0251.391] SelectObject (hdc=0xec010801, h=0x4a0507fe) returned 0x85000f
[0251.391] GdipCreateFromHDC (hdc=0xec010801, graphics=0xd7e268) returned 0x0
[0251.391] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.391] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0251.391] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0251.391] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0251.391] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0251.391] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0251.391] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea60) returned 0x0
[0251.391] LocalFree (hMem=0x11eea60) returned 0x0
[0251.391] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0251.391] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0251.391] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0251.391] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0251.391] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0251.391] GdipRestoreGraphics (graphics=0x6600030, state=0xf82e0dbd) returned 0x0
[0251.391] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.391] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0251.392] GetCurrentObject (hdc=0xec010801, type=0x1) returned 0xb00017
[0251.392] GetCurrentObject (hdc=0xec010801, type=0x2) returned 0x900010
[0251.392] GetCurrentObject (hdc=0xec010801, type=0x7) returned 0x4a0507fe
[0251.392] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.392] SaveDC (hdc=0xec010801) returned 1
[0251.392] GetNearestColor (hdc=0xec010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.392] GetNearestColor (hdc=0xec010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.392] GetNearestColor (hdc=0xec010801, color=0x696969) returned 0x696969
[0251.392] GetNearestColor (hdc=0xec010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.392] GetNearestColor (hdc=0xec010801, color=0x0) returned 0x0
[0251.392] GetNearestColor (hdc=0xec010801, color=0xffffff) returned 0xffffff
[0251.392] GetNearestColor (hdc=0xec010801, color=0xe5e5e5) returned 0xe5e5e5
[0251.392] GetNearestColor (hdc=0xec010801, color=0xd7d7d7) returned 0xd7d7d7
[0251.392] GetNearestColor (hdc=0xec010801, color=0x0) returned 0x0
[0251.392] RestoreDC (hdc=0xec010801, nSavedDC=-1) returned 1
[0251.392] GdipReleaseDC (graphics=0x6600030, hdc=0xec010801) returned 0x0
[0251.392] IsAppThemed () returned 0x1
[0251.392] GetThemeAppProperties () returned 0x3
[0251.392] GetThemeAppProperties () returned 0x3
[0251.392] IsAppThemed () returned 0x1
[0251.393] GetThemeAppProperties () returned 0x3
[0251.393] GetThemeAppProperties () returned 0x3
[0251.393] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2da21c0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0251.394] IsAppThemed () returned 0x1
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] IsAppThemed () returned 0x1
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] IsAppThemed () returned 0x1
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] IsAppThemed () returned 0x1
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] IsThemePartDefined () returned 0x1
[0251.394] IsAppThemed () returned 0x1
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.394] IsAppThemed () returned 0x1
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] GetThemeAppProperties () returned 0x3
[0251.394] IsAppThemed () returned 0x1
[0251.394] GetThemeAppProperties () returned 0x3
[0251.395] GetThemeAppProperties () returned 0x3
[0251.395] IsThemePartDefined () returned 0x1
[0251.395] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0251.395] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0251.395] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0251.395] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0251.395] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfe4) returned 0x0
[0251.395] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0251.395] LocalFree (hMem=0x11eec58) returned 0x0
[0251.395] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0251.395] LocalFree (hMem=0x11ee9f0) returned 0x0
[0251.395] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0251.395] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0251.395] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0251.395] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0251.395] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.395] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0251.395] GetCurrentObject (hdc=0xec010801, type=0x1) returned 0xb00017
[0251.395] GetCurrentObject (hdc=0xec010801, type=0x2) returned 0x900010
[0251.395] GetCurrentObject (hdc=0xec010801, type=0x7) returned 0x4a0507fe
[0251.395] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.395] SaveDC (hdc=0xec010801) returned 1
[0251.395] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd3040807
[0251.395] GetClipRgn (hdc=0xec010801, hrgn=0xd3040807) returned 0
[0251.395] SelectClipRgn (hdc=0xec010801, hrgn=0x710407de) returned 2
[0251.396] DeleteObject (ho=0xd3040807) returned 1
[0251.396] DeleteObject (ho=0x710407de) returned 1
[0251.396] OffsetViewportOrgEx (in: hdc=0xec010801, x=0, y=0, lppt=0x2da2870 | out: lppt=0x2da2870) returned 1
[0251.396] DrawThemeParentBackground () returned 0x0
[0251.396] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0251.396] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0251.396] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.396] GetSystemMetrics (nIndex=42) returned 0
[0251.396] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0251.396] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0251.396] GetCurrentObject (hdc=0xec010801, type=0x1) returned 0xb00017
[0251.396] GetCurrentObject (hdc=0xec010801, type=0x2) returned 0x900010
[0251.396] GetCurrentObject (hdc=0xec010801, type=0x7) returned 0x4a0507fe
[0251.396] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.396] SaveDC (hdc=0xec010801) returned 2
[0251.396] GetNearestColor (hdc=0xec010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.396] CreateSolidBrush (color=0xf0f0f0) returned 0xaa1007e1
[0251.396] FillRect (hDC=0xec010801, lprc=0xd7da30, hbr=0xaa1007e1) returned 1
[0251.397] DeleteObject (ho=0xaa1007e1) returned 1
[0251.397] RestoreDC (hdc=0xec010801, nSavedDC=-1) returned 1
[0251.397] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.397] GetSystemMetrics (nIndex=42) returned 0
[0251.397] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0251.397] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0251.397] GetCurrentObject (hdc=0xec010801, type=0x1) returned 0xb00017
[0251.397] GetCurrentObject (hdc=0xec010801, type=0x2) returned 0x900010
[0251.397] GetCurrentObject (hdc=0xec010801, type=0x7) returned 0x4a0507fe
[0251.397] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.397] SaveDC (hdc=0xec010801) returned 2
[0251.397] GetNearestColor (hdc=0xec010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.397] CreateSolidBrush (color=0xf0f0f0) returned 0xab1007e1
[0251.397] FillRect (hDC=0xec010801, lprc=0xd7d9d0, hbr=0xab1007e1) returned 1
[0251.397] DeleteObject (ho=0xab1007e1) returned 1
[0251.397] RestoreDC (hdc=0xec010801, nSavedDC=-1) returned 1
[0251.397] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.397] GetSystemMetrics (nIndex=42) returned 0
[0251.397] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0251.398] RestoreDC (hdc=0xec010801, nSavedDC=-1) returned 1
[0251.398] GdipReleaseDC (graphics=0x6600030, hdc=0xec010801) returned 0x0
[0251.398] IsAppThemed () returned 0x1
[0251.398] GetThemeAppProperties () returned 0x3
[0251.398] GetThemeAppProperties () returned 0x3
[0251.398] IsAppThemed () returned 0x1
[0251.398] GetThemeAppProperties () returned 0x3
[0251.398] GetThemeAppProperties () returned 0x3
[0251.398] IsThemePartDefined () returned 0x1
[0251.398] GdipCreateRegion (region=0xd7df50) returned 0x0
[0251.398] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.398] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0251.398] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0251.398] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0251.398] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0251.398] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea60) returned 0x0
[0251.398] LocalFree (hMem=0x11eea60) returned 0x0
[0251.398] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.398] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0251.398] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.399] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0251.399] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0251.399] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df80) returned 0x0
[0251.399] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0251.399] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.399] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0251.399] GetCurrentObject (hdc=0xec010801, type=0x1) returned 0xb00017
[0251.399] GetCurrentObject (hdc=0xec010801, type=0x2) returned 0x900010
[0251.399] GetCurrentObject (hdc=0xec010801, type=0x7) returned 0x4a0507fe
[0251.399] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.399] SaveDC (hdc=0xec010801) returned 1
[0251.399] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x720407de
[0251.399] GetClipRgn (hdc=0xec010801, hrgn=0x720407de) returned 0
[0251.399] SelectClipRgn (hdc=0xec010801, hrgn=0xd5040807) returned 2
[0251.399] DeleteObject (ho=0x720407de) returned 1
[0251.399] DeleteObject (ho=0xd5040807) returned 1
[0251.399] OffsetViewportOrgEx (in: hdc=0xec010801, x=0, y=0, lppt=0x2da311c | out: lppt=0x2da311c) returned 1
[0251.399] IsAppThemed () returned 0x1
[0251.399] GetThemeAppProperties () returned 0x3
[0251.399] GetThemeAppProperties () returned 0x3
[0251.399] DrawThemeBackground () returned 0x0
[0251.400] RestoreDC (hdc=0xec010801, nSavedDC=-1) returned 1
[0251.400] GdipReleaseDC (graphics=0x6600030, hdc=0xec010801) returned 0x0
[0251.400] GdipCreateRegion (region=0xd7df54) returned 0x0
[0251.400] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0251.400] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0251.400] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0251.400] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df6c) returned 0x0
[0251.400] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.400] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0251.400] LocalFree (hMem=0x11ee868) returned 0x0
[0251.400] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.400] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0251.400] LocalFree (hMem=0x11ee868) returned 0x0
[0251.400] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0251.400] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df94) returned 0x0
[0251.400] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df84) returned 0x0
[0251.400] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0251.400] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.400] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0251.400] GetCurrentObject (hdc=0xec010801, type=0x1) returned 0xb00017
[0251.400] GetCurrentObject (hdc=0xec010801, type=0x2) returned 0x900010
[0251.400] GetCurrentObject (hdc=0xec010801, type=0x7) returned 0x4a0507fe
[0251.400] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.401] SaveDC (hdc=0xec010801) returned 1
[0251.401] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd6040807
[0251.401] GetClipRgn (hdc=0xec010801, hrgn=0xd6040807) returned 0
[0251.401] SelectClipRgn (hdc=0xec010801, hrgn=0x730407de) returned 2
[0251.401] DeleteObject (ho=0xd6040807) returned 1
[0251.401] DeleteObject (ho=0x730407de) returned 1
[0251.401] OffsetViewportOrgEx (in: hdc=0xec010801, x=0, y=0, lppt=0x2da33f0 | out: lppt=0x2da33f0) returned 1
[0251.401] IsAppThemed () returned 0x1
[0251.401] GetThemeAppProperties () returned 0x3
[0251.401] GetThemeAppProperties () returned 0x3
[0251.401] GetThemeBackgroundContentRect () returned 0x0
[0251.401] RestoreDC (hdc=0xec010801, nSavedDC=-1) returned 1
[0251.401] GdipReleaseDC (graphics=0x6600030, hdc=0xec010801) returned 0x0
[0251.401] IsAppThemed () returned 0x1
[0251.401] GetThemeAppProperties () returned 0x3
[0251.401] GetThemeAppProperties () returned 0x3
[0251.401] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0251.401] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0251.401] GetCurrentObject (hdc=0xec010801, type=0x1) returned 0xb00017
[0251.401] GetCurrentObject (hdc=0xec010801, type=0x2) returned 0x900010
[0251.401] GetCurrentObject (hdc=0xec010801, type=0x7) returned 0x4a0507fe
[0251.401] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.402] SaveDC (hdc=0xec010801) returned 1
[0251.402] GetTextAlign (hdc=0xec010801) returned 0x0
[0251.402] GetTextColor (hdc=0xec010801) returned 0x0
[0251.402] GetCurrentObject (hdc=0xec010801, type=0x6) returned 0x8a01c2
[0251.402] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0251.402] SelectObject (hdc=0xec010801, h=0x6d0a0520) returned 0x8a01c2
[0251.402] GetBkMode (hdc=0xec010801) returned 2
[0251.402] SetBkMode (hdc=0xec010801, mode=1) returned 2
[0251.402] DrawTextExW (in: hdc=0xec010801, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2da3790 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0251.402] DrawTextExW (in: hdc=0xec010801, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2da3790 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0251.402] RestoreDC (hdc=0xec010801, nSavedDC=-1) returned 1
[0251.403] GdipReleaseDC (graphics=0x6600030, hdc=0xec010801) returned 0x0
[0251.403] GetFocus () returned 0x2602d8
[0251.403] IsAppThemed () returned 0x1
[0251.403] GetThemeAppProperties () returned 0x3
[0251.403] GetThemeAppProperties () returned 0x3
[0251.403] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0251.403] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xec010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.403] GdipReleaseDC (graphics=0x6600030, hdc=0xec010801) returned 0x0
[0251.403] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.411] SelectObject (hdc=0xec010801, h=0x85000f) returned 0x4a0507fe
[0251.411] DeleteDC (hdc=0xec010801) returned 1
[0251.411] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.411] EndPaint (hWnd=0x1a02ce, lpPaint=0xd7e24c) returned 1
[0251.411] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.411] IsWindowUnicode (hWnd=0x2402de) returned 1
[0251.411] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.411] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.411] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.411] BeginPaint (in: hWnd=0x2402de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0251.411] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.411] CreateCompatibleDC (hdc=0x10105d6) returned 0xee010801
[0251.411] SelectObject (hdc=0xee010801, h=0x4a0507fe) returned 0x85000f
[0251.412] GdipCreateFromHDC (hdc=0xee010801, graphics=0xd7e268) returned 0x0
[0251.412] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.412] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0251.412] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0251.412] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0251.412] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0251.412] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0251.412] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0251.412] LocalFree (hMem=0x11ee9f0) returned 0x0
[0251.412] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0251.412] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0251.412] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0251.412] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0251.412] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0251.412] GdipRestoreGraphics (graphics=0x6600030, state=0xf82c0dbd) returned 0x0
[0251.412] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.412] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0251.412] GetCurrentObject (hdc=0xee010801, type=0x1) returned 0xb00017
[0251.412] GetCurrentObject (hdc=0xee010801, type=0x2) returned 0x900010
[0251.413] GetCurrentObject (hdc=0xee010801, type=0x7) returned 0x4a0507fe
[0251.413] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.413] SaveDC (hdc=0xee010801) returned 1
[0251.413] GetNearestColor (hdc=0xee010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.413] GetNearestColor (hdc=0xee010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.413] GetNearestColor (hdc=0xee010801, color=0x696969) returned 0x696969
[0251.413] GetNearestColor (hdc=0xee010801, color=0xa0a0a0) returned 0xa0a0a0
[0251.413] GetNearestColor (hdc=0xee010801, color=0x0) returned 0x0
[0251.413] GetNearestColor (hdc=0xee010801, color=0xffffff) returned 0xffffff
[0251.413] GetNearestColor (hdc=0xee010801, color=0xe5e5e5) returned 0xe5e5e5
[0251.413] GetNearestColor (hdc=0xee010801, color=0xd7d7d7) returned 0xd7d7d7
[0251.413] GetNearestColor (hdc=0xee010801, color=0x0) returned 0x0
[0251.413] RestoreDC (hdc=0xee010801, nSavedDC=-1) returned 1
[0251.413] GdipReleaseDC (graphics=0x6600030, hdc=0xee010801) returned 0x0
[0251.413] IsAppThemed () returned 0x1
[0251.413] GetThemeAppProperties () returned 0x3
[0251.413] GetThemeAppProperties () returned 0x3
[0251.413] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0251.414] SendMessageW (hWnd=0x2402dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0251.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0251.414] IsAppThemed () returned 0x1
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2da3fa0 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0251.414] IsAppThemed () returned 0x1
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] IsAppThemed () returned 0x1
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] GetFocus () returned 0x2602d8
[0251.414] IsAppThemed () returned 0x1
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] IsAppThemed () returned 0x1
[0251.414] GetThemeAppProperties () returned 0x3
[0251.414] GetThemeAppProperties () returned 0x3
[0251.415] IsThemePartDefined () returned 0x1
[0251.415] IsAppThemed () returned 0x1
[0251.415] GetThemeAppProperties () returned 0x3
[0251.415] GetThemeAppProperties () returned 0x3
[0251.415] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.415] IsAppThemed () returned 0x1
[0251.415] GetThemeAppProperties () returned 0x3
[0251.415] GetThemeAppProperties () returned 0x3
[0251.415] IsAppThemed () returned 0x1
[0251.415] GetThemeAppProperties () returned 0x3
[0251.415] GetThemeAppProperties () returned 0x3
[0251.415] IsThemePartDefined () returned 0x1
[0251.415] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0251.415] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0251.415] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0251.415] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0251.415] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0251.415] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0251.415] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0251.415] LocalFree (hMem=0x11ee910) returned 0x0
[0251.415] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.415] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0251.415] LocalFree (hMem=0x11ee868) returned 0x0
[0251.415] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0251.415] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0251.415] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0251.416] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0251.416] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0251.416] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0251.416] GetCurrentObject (hdc=0xee010801, type=0x1) returned 0xb00017
[0251.416] GetCurrentObject (hdc=0xee010801, type=0x2) returned 0x900010
[0251.416] GetCurrentObject (hdc=0xee010801, type=0x7) returned 0x4a0507fe
[0251.416] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.416] SaveDC (hdc=0xee010801) returned 1
[0251.416] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x740407de
[0251.416] GetClipRgn (hdc=0xee010801, hrgn=0x740407de) returned 0
[0251.416] SelectClipRgn (hdc=0xee010801, hrgn=0xda040807) returned 2
[0251.416] DeleteObject (ho=0x740407de) returned 1
[0251.416] DeleteObject (ho=0xda040807) returned 1
[0251.416] OffsetViewportOrgEx (in: hdc=0xee010801, x=0, y=0, lppt=0x2da4650 | out: lppt=0x2da4650) returned 1
[0251.416] DrawThemeParentBackground () returned 0x0
[0251.416] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0251.416] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0251.416] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.417] GetSystemMetrics (nIndex=42) returned 0
[0251.417] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0251.417] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0251.417] GetCurrentObject (hdc=0xee010801, type=0x1) returned 0xb00017
[0251.417] GetCurrentObject (hdc=0xee010801, type=0x2) returned 0x900010
[0251.417] GetCurrentObject (hdc=0xee010801, type=0x7) returned 0x4a0507fe
[0251.417] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.417] SaveDC (hdc=0xee010801) returned 2
[0251.417] GetNearestColor (hdc=0xee010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.417] CreateSolidBrush (color=0xf0f0f0) returned 0xac1007e1
[0251.417] FillRect (hDC=0xee010801, lprc=0xd7da38, hbr=0xac1007e1) returned 1
[0251.417] DeleteObject (ho=0xac1007e1) returned 1
[0251.417] RestoreDC (hdc=0xee010801, nSavedDC=-1) returned 1
[0251.417] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.417] GetSystemMetrics (nIndex=42) returned 0
[0251.417] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.417] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0251.417] GetCurrentObject (hdc=0xee010801, type=0x1) returned 0xb00017
[0251.418] GetCurrentObject (hdc=0xee010801, type=0x2) returned 0x900010
[0251.418] GetCurrentObject (hdc=0xee010801, type=0x7) returned 0x4a0507fe
[0251.418] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.418] SaveDC (hdc=0xee010801) returned 2
[0251.418] GetNearestColor (hdc=0xee010801, color=0xf0f0f0) returned 0xf0f0f0
[0251.418] CreateSolidBrush (color=0xf0f0f0) returned 0xad1007e1
[0251.418] FillRect (hDC=0xee010801, lprc=0xd7d9d8, hbr=0xad1007e1) returned 1
[0251.418] DeleteObject (ho=0xad1007e1) returned 1
[0251.418] RestoreDC (hdc=0xee010801, nSavedDC=-1) returned 1
[0251.418] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.418] GetSystemMetrics (nIndex=42) returned 0
[0251.418] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.418] RestoreDC (hdc=0xee010801, nSavedDC=-1) returned 1
[0251.418] GdipReleaseDC (graphics=0x6600030, hdc=0xee010801) returned 0x0
[0251.418] IsAppThemed () returned 0x1
[0251.418] GetThemeAppProperties () returned 0x3
[0251.418] GetThemeAppProperties () returned 0x3
[0251.419] IsAppThemed () returned 0x1
[0251.419] GetThemeAppProperties () returned 0x3
[0251.419] GetThemeAppProperties () returned 0x3
[0251.419] IsThemePartDefined () returned 0x1
[0251.439] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0251.439] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0251.439] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0251.439] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0251.439] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0251.439] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.439] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0251.439] LocalFree (hMem=0x11eec58) returned 0x0
[0251.439] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0251.439] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0251.439] LocalFree (hMem=0x11ee910) returned 0x0
[0251.439] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0251.439] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0251.439] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0251.439] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0251.439] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.439] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0251.440] GetCurrentObject (hdc=0xee010801, type=0x1) returned 0xb00017
[0251.440] GetCurrentObject (hdc=0xee010801, type=0x2) returned 0x900010
[0251.440] GetCurrentObject (hdc=0xee010801, type=0x7) returned 0x4a0507fe
[0251.440] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.440] SaveDC (hdc=0xee010801) returned 1
[0251.440] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdb040807
[0251.440] GetClipRgn (hdc=0xee010801, hrgn=0xdb040807) returned 0
[0251.440] SelectClipRgn (hdc=0xee010801, hrgn=0x760407de) returned 2
[0251.440] DeleteObject (ho=0xdb040807) returned 1
[0251.440] DeleteObject (ho=0x760407de) returned 1
[0251.440] OffsetViewportOrgEx (in: hdc=0xee010801, x=0, y=0, lppt=0x2da4efc | out: lppt=0x2da4efc) returned 1
[0251.440] IsAppThemed () returned 0x1
[0251.440] GetThemeAppProperties () returned 0x3
[0251.440] GetThemeAppProperties () returned 0x3
[0251.440] DrawThemeBackground () returned 0x0
[0251.440] RestoreDC (hdc=0xee010801, nSavedDC=-1) returned 1
[0251.440] GdipReleaseDC (graphics=0x6600030, hdc=0xee010801) returned 0x0
[0251.440] GdipCreateRegion (region=0xd7df60) returned 0x0
[0251.440] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0251.440] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0251.441] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0251.441] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0251.441] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.441] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0251.441] LocalFree (hMem=0x11eec58) returned 0x0
[0251.441] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.441] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0251.441] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.441] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0251.441] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0251.441] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0251.441] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0251.441] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.441] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0251.441] GetCurrentObject (hdc=0xee010801, type=0x1) returned 0xb00017
[0251.441] GetCurrentObject (hdc=0xee010801, type=0x2) returned 0x900010
[0251.441] GetCurrentObject (hdc=0xee010801, type=0x7) returned 0x4a0507fe
[0251.441] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.441] SaveDC (hdc=0xee010801) returned 1
[0251.441] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x770407de
[0251.441] GetClipRgn (hdc=0xee010801, hrgn=0x770407de) returned 0
[0251.441] SelectClipRgn (hdc=0xee010801, hrgn=0xdc040807) returned 2
[0251.442] DeleteObject (ho=0x770407de) returned 1
[0251.442] DeleteObject (ho=0xdc040807) returned 1
[0251.442] OffsetViewportOrgEx (in: hdc=0xee010801, x=0, y=0, lppt=0x2da51d0 | out: lppt=0x2da51d0) returned 1
[0251.442] IsAppThemed () returned 0x1
[0251.442] GetThemeAppProperties () returned 0x3
[0251.442] GetThemeAppProperties () returned 0x3
[0251.442] GetThemeBackgroundContentRect () returned 0x0
[0251.442] RestoreDC (hdc=0xee010801, nSavedDC=-1) returned 1
[0251.442] GdipReleaseDC (graphics=0x6600030, hdc=0xee010801) returned 0x0
[0251.442] IsAppThemed () returned 0x1
[0251.442] GetThemeAppProperties () returned 0x3
[0251.442] GetThemeAppProperties () returned 0x3
[0251.442] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0251.442] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0251.442] GetCurrentObject (hdc=0xee010801, type=0x1) returned 0xb00017
[0251.442] GetCurrentObject (hdc=0xee010801, type=0x2) returned 0x900010
[0251.442] GetCurrentObject (hdc=0xee010801, type=0x7) returned 0x4a0507fe
[0251.442] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.442] SaveDC (hdc=0xee010801) returned 1
[0251.442] GetTextAlign (hdc=0xee010801) returned 0x0
[0251.442] GetTextColor (hdc=0xee010801) returned 0x0
[0251.442] GetCurrentObject (hdc=0xee010801, type=0x6) returned 0x8a01c2
[0251.443] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0251.443] SelectObject (hdc=0xee010801, h=0x6d0a0520) returned 0x8a01c2
[0251.443] GetBkMode (hdc=0xee010801) returned 2
[0251.443] SetBkMode (hdc=0xee010801, mode=1) returned 2
[0251.443] DrawTextExW (in: hdc=0xee010801, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2da5570 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0251.443] DrawTextExW (in: hdc=0xee010801, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2da5570 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0251.443] RestoreDC (hdc=0xee010801, nSavedDC=-1) returned 1
[0251.443] GdipReleaseDC (graphics=0x6600030, hdc=0xee010801) returned 0x0
[0251.443] GetFocus () returned 0x2602d8
[0251.443] IsAppThemed () returned 0x1
[0251.443] GetThemeAppProperties () returned 0x3
[0251.444] GetThemeAppProperties () returned 0x3
[0251.444] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0251.444] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xee010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.444] GdipReleaseDC (graphics=0x6600030, hdc=0xee010801) returned 0x0
[0251.444] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.444] SelectObject (hdc=0xee010801, h=0x85000f) returned 0x4a0507fe
[0251.444] DeleteDC (hdc=0xee010801) returned 1
[0251.444] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.444] EndPaint (hWnd=0x2402de, lpPaint=0xd7e24c) returned 1
[0251.444] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.444] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.444] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.444] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.444] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.445] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.445] IsWindowUnicode (hWnd=0x602c4) returned 1
[0251.445] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.445] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.445] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.446] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0251.446] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.446] CreateCompatibleDC (hdc=0x60100ce) returned 0xf0010801
[0251.446] SelectObject (hdc=0xf0010801, h=0x4a0507fe) returned 0x85000f
[0251.446] GdipCreateFromHDC (hdc=0xf0010801, graphics=0xd7e268) returned 0x0
[0251.446] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.446] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0251.446] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0251.446] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0251.446] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0251.446] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.446] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0251.446] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.446] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0251.446] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0251.446] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0251.446] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0251.447] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0251.447] GdipRestoreGraphics (graphics=0x6600030, state=0xf82a0dbd) returned 0x0
[0251.447] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.447] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0251.447] GetCurrentObject (hdc=0xf0010801, type=0x1) returned 0xb00017
[0251.447] GetCurrentObject (hdc=0xf0010801, type=0x2) returned 0x900010
[0251.447] GetCurrentObject (hdc=0xf0010801, type=0x7) returned 0x4a0507fe
[0251.447] GetCurrentObject (hdc=0xf0010801, type=0x6) returned 0x8a01c2
[0251.447] SaveDC (hdc=0xf0010801) returned 1
[0251.447] GetNearestColor (hdc=0xf0010801, color=0xff) returned 0xff
[0251.447] GetNearestColor (hdc=0xf0010801, color=0x55) returned 0x55
[0251.447] GetNearestColor (hdc=0xf0010801, color=0x0) returned 0x0
[0251.447] GetNearestColor (hdc=0xf0010801, color=0x55) returned 0x55
[0251.447] GetNearestColor (hdc=0xf0010801, color=0x0) returned 0x0
[0251.447] GetNearestColor (hdc=0xf0010801, color=0x8080ff) returned 0x8080ff
[0251.447] GetNearestColor (hdc=0xf0010801, color=0x7373e5) returned 0x7373e5
[0251.447] GetNearestColor (hdc=0xf0010801, color=0xe5) returned 0xe5
[0251.447] GetNearestColor (hdc=0xf0010801, color=0x0) returned 0x0
[0251.448] RestoreDC (hdc=0xf0010801, nSavedDC=-1) returned 1
[0251.448] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010801) returned 0x0
[0251.448] IsAppThemed () returned 0x1
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] IsAppThemed () returned 0x1
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2da5d38 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0251.448] IsAppThemed () returned 0x1
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] IsAppThemed () returned 0x1
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] GetFocus () returned 0x2602d8
[0251.448] IsAppThemed () returned 0x1
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] GetThemeAppProperties () returned 0x3
[0251.448] IsAppThemed () returned 0x1
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] IsThemePartDefined () returned 0x1
[0251.449] IsAppThemed () returned 0x1
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.449] IsAppThemed () returned 0x1
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] IsAppThemed () returned 0x1
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] GetThemeAppProperties () returned 0x3
[0251.449] IsThemePartDefined () returned 0x1
[0251.449] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0251.449] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0251.449] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0251.449] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0251.449] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0251.449] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0251.449] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0251.449] LocalFree (hMem=0x11eea98) returned 0x0
[0251.449] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.449] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0251.449] LocalFree (hMem=0x11eec58) returned 0x0
[0251.449] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0251.450] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e018) returned 0x0
[0251.450] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e008) returned 0x0
[0251.450] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0251.450] GdipDeleteRegion (region=0x6646688) returned 0x0
[0251.450] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0251.450] GetCurrentObject (hdc=0xf0010801, type=0x1) returned 0xb00017
[0251.450] GetCurrentObject (hdc=0xf0010801, type=0x2) returned 0x900010
[0251.450] GetCurrentObject (hdc=0xf0010801, type=0x7) returned 0x4a0507fe
[0251.450] GetCurrentObject (hdc=0xf0010801, type=0x6) returned 0x8a01c2
[0251.455] SaveDC (hdc=0xf0010801) returned 1
[0251.455] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdd040807
[0251.455] GetClipRgn (hdc=0xf0010801, hrgn=0xdd040807) returned 0
[0251.455] SelectClipRgn (hdc=0xf0010801, hrgn=0x7b0407de) returned 2
[0251.455] DeleteObject (ho=0xdd040807) returned 1
[0251.455] DeleteObject (ho=0x7b0407de) returned 1
[0251.455] OffsetViewportOrgEx (in: hdc=0xf0010801, x=0, y=0, lppt=0x2da63e8 | out: lppt=0x2da63e8) returned 1
[0251.455] DrawThemeParentBackground () returned 0x0
[0251.455] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0251.455] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0251.455] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.455] GetSystemMetrics (nIndex=42) returned 0
[0251.455] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0251.455] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0251.455] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0251.455] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0251.455] SelectPalette (hdc=0xf0010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.456] GdipCreateFromHDC (hdc=0xf0010801, graphics=0xd7dac8) returned 0x0
[0251.456] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0251.456] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0251.456] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638ab8) returned 0x0
[0251.456] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7daa0) returned 0x0
[0251.456] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0251.456] GdipCreateRegion (region=0xd7da88) returned 0x0
[0251.456] GdipGetClip (graphics=0x663e568, region=0x6646448) returned 0x0
[0251.456] GdipIsInfiniteRegion (region=0x6646448, graphics=0x663e568, result=0xd7da94) returned 0x0
[0251.456] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.456] GdipSaveGraphics (graphics=0x663e568, state=0xd7dac0) returned 0x0
[0251.456] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0251.462] GdipFillRectangleI (graphics=0x663e568, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0251.462] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0251.463] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0251.463] SelectPalette (hdc=0xf0010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.463] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.463] GetSystemMetrics (nIndex=42) returned 0
[0251.463] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.463] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0251.463] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0251.463] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0251.463] SelectPalette (hdc=0xf0010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.463] GdipCreateFromHDC (hdc=0xf0010801, graphics=0xd7da68) returned 0x0
[0251.464] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0251.464] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0251.464] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a88) returned 0x0
[0251.464] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7da40) returned 0x0
[0251.464] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0251.464] GdipCreateRegion (region=0xd7da28) returned 0x0
[0251.464] GdipGetClip (graphics=0x663e568, region=0x66465f8) returned 0x0
[0251.464] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x663e568, result=0xd7da34) returned 0x0
[0251.464] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0251.464] GdipSaveGraphics (graphics=0x663e568, state=0xd7da60) returned 0x0
[0251.464] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0251.475] GdipFillRectangleI (graphics=0x663e568, brush=0x6652ce8, x=0, y=0, width=801, height=453) returned 0x0
[0251.475] GdipDeleteBrush (brush=0x6652ce8) returned 0x0
[0251.476] GdipRestoreGraphics (graphics=0x663e568, state=0xf8260dbd) returned 0x0
[0251.476] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.476] GetSystemMetrics (nIndex=42) returned 0
[0251.476] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0251.476] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0251.476] SelectPalette (hdc=0xf0010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.477] RestoreDC (hdc=0xf0010801, nSavedDC=-1) returned 1
[0251.477] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010801) returned 0x0
[0251.477] IsAppThemed () returned 0x1
[0251.477] GetThemeAppProperties () returned 0x3
[0251.477] GetThemeAppProperties () returned 0x3
[0251.477] IsAppThemed () returned 0x1
[0251.477] GetThemeAppProperties () returned 0x3
[0251.477] GetThemeAppProperties () returned 0x3
[0251.477] IsThemePartDefined () returned 0x1
[0251.477] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0251.477] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0251.477] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0251.477] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0251.477] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0251.477] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0251.477] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea98) returned 0x0
[0251.477] LocalFree (hMem=0x11eea98) returned 0x0
[0251.477] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.477] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eecc8) returned 0x0
[0251.477] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.477] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0251.477] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0251.478] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0251.478] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0251.478] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.478] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0251.478] GetCurrentObject (hdc=0xf0010801, type=0x1) returned 0xb00017
[0251.478] GetCurrentObject (hdc=0xf0010801, type=0x2) returned 0x900010
[0251.478] GetCurrentObject (hdc=0xf0010801, type=0x7) returned 0x4a0507fe
[0251.478] GetCurrentObject (hdc=0xf0010801, type=0x6) returned 0x8a01c2
[0251.478] SaveDC (hdc=0xf0010801) returned 1
[0251.478] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c0407de
[0251.478] GetClipRgn (hdc=0xf0010801, hrgn=0x7c0407de) returned 0
[0251.478] SelectClipRgn (hdc=0xf0010801, hrgn=0xdf040807) returned 2
[0251.478] DeleteObject (ho=0x7c0407de) returned 1
[0251.478] DeleteObject (ho=0xdf040807) returned 1
[0251.478] OffsetViewportOrgEx (in: hdc=0xf0010801, x=0, y=0, lppt=0x2dacc38 | out: lppt=0x2dacc38) returned 1
[0251.478] IsAppThemed () returned 0x1
[0251.478] GetThemeAppProperties () returned 0x3
[0251.478] GetThemeAppProperties () returned 0x3
[0251.478] DrawThemeBackground () returned 0x0
[0251.478] RestoreDC (hdc=0xf0010801, nSavedDC=-1) returned 1
[0251.479] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010801) returned 0x0
[0251.479] GdipCreateRegion (region=0xd7df60) returned 0x0
[0251.479] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0251.479] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0251.479] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0251.479] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df78) returned 0x0
[0251.479] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0251.479] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0251.479] LocalFree (hMem=0x11eea60) returned 0x0
[0251.479] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0251.479] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0251.479] LocalFree (hMem=0x11eea60) returned 0x0
[0251.479] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0251.479] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0251.479] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df90) returned 0x0
[0251.479] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0251.479] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.479] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0251.479] GetCurrentObject (hdc=0xf0010801, type=0x1) returned 0xb00017
[0251.479] GetCurrentObject (hdc=0xf0010801, type=0x2) returned 0x900010
[0251.479] GetCurrentObject (hdc=0xf0010801, type=0x7) returned 0x4a0507fe
[0251.479] GetCurrentObject (hdc=0xf0010801, type=0x6) returned 0x8a01c2
[0251.479] SaveDC (hdc=0xf0010801) returned 1
[0251.480] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe0040807
[0251.480] GetClipRgn (hdc=0xf0010801, hrgn=0xe0040807) returned 0
[0251.480] SelectClipRgn (hdc=0xf0010801, hrgn=0x7d0407de) returned 2
[0251.480] DeleteObject (ho=0xe0040807) returned 1
[0251.480] DeleteObject (ho=0x7d0407de) returned 1
[0251.480] OffsetViewportOrgEx (in: hdc=0xf0010801, x=0, y=0, lppt=0x2dacf0c | out: lppt=0x2dacf0c) returned 1
[0251.480] IsAppThemed () returned 0x1
[0251.480] GetThemeAppProperties () returned 0x3
[0251.480] GetThemeAppProperties () returned 0x3
[0251.480] GetThemeBackgroundContentRect () returned 0x0
[0251.480] RestoreDC (hdc=0xf0010801, nSavedDC=-1) returned 1
[0251.480] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010801) returned 0x0
[0251.480] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0251.480] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0251.480] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0251.480] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0251.480] IsAppThemed () returned 0x1
[0251.480] GetThemeAppProperties () returned 0x3
[0251.480] GetThemeAppProperties () returned 0x3
[0251.480] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0251.480] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0251.480] GetCurrentObject (hdc=0xf0010801, type=0x1) returned 0xb00017
[0251.480] GetCurrentObject (hdc=0xf0010801, type=0x2) returned 0x900010
[0251.481] GetCurrentObject (hdc=0xf0010801, type=0x7) returned 0x4a0507fe
[0251.481] GetCurrentObject (hdc=0xf0010801, type=0x6) returned 0x8a01c2
[0251.481] SaveDC (hdc=0xf0010801) returned 1
[0251.481] GetTextAlign (hdc=0xf0010801) returned 0x0
[0251.481] GetTextColor (hdc=0xf0010801) returned 0x0
[0251.481] GetCurrentObject (hdc=0xf0010801, type=0x6) returned 0x8a01c2
[0251.481] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0251.481] SelectObject (hdc=0xf0010801, h=0x6d0a0520) returned 0x8a01c2
[0251.481] GetBkMode (hdc=0xf0010801) returned 2
[0251.481] SetBkMode (hdc=0xf0010801, mode=1) returned 2
[0251.484] DrawTextExW (in: hdc=0xf0010801, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dad2d0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0251.485] DrawTextExW (in: hdc=0xf0010801, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dad2d0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0251.485] RestoreDC (hdc=0xf0010801, nSavedDC=-1) returned 1
[0251.485] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010801) returned 0x0
[0251.485] GetFocus () returned 0x2602d8
[0251.486] IsAppThemed () returned 0x1
[0251.486] GetThemeAppProperties () returned 0x3
[0251.486] GetThemeAppProperties () returned 0x3
[0251.486] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0251.486] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xf0010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.486] GdipReleaseDC (graphics=0x6600030, hdc=0xf0010801) returned 0x0
[0251.486] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.486] SelectObject (hdc=0xf0010801, h=0x85000f) returned 0x4a0507fe
[0251.486] DeleteDC (hdc=0xf0010801) returned 1
[0251.486] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.486] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0251.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.486] WaitMessage () returned 1
[0251.487] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.487] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.487] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.487] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.487] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.488] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.488] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.488] WaitMessage () returned 1
[0251.489] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.489] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.489] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.489] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.489] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.489] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.490] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.490] WaitMessage () returned 1
[0251.490] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.490] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.490] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.490] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.490] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.491] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.491] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.491] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.492] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.492] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.492] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.492] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.492] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.492] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.492] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.492] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.492] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.492] WaitMessage () returned 1
[0251.493] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.493] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.493] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.494] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.494] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.494] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.494] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.495] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.495] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.495] WaitMessage () returned 1
[0251.495] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.495] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.495] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.495] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.495] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.497] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.497] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.497] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.497] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.497] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.498] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.498] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.498] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.498] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.498] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.498] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.498] IsWindowUnicode (hWnd=0x1a02ce) returned 1
[0251.498] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.498] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.498] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.498] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.499] IsWindowUnicode (hWnd=0x1a02ce) returned 1
[0251.499] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.499] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.499] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.499] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x2a1, wParam=0x0, lParam=0x50022) returned 0x0
[0251.499] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.499] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.499] WaitMessage () returned 1
[0251.500] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.500] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.500] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.501] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.501] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.502] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.502] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.502] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.502] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.502] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.502] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.502] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.502] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.502] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.502] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.502] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.503] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0251.503] WaitMessage () returned 1
[0251.612] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.613] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.613] IsWindowUnicode (hWnd=0x1a02ce) returned 1
[0251.613] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.613] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.613] GetDlgItem (hDlg=0x2402dc, nIDDlgItem=0) returned 0x0
[0251.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x210, wParam=0x201, lParam=0x630103) returned 0x0
[0251.613] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x21, wParam=0x2402dc, lParam=0x2010001) returned 0x1
[0251.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x21, wParam=0x2402dc, lParam=0x2010001) returned 0x1
[0251.613] SetCursor (hCursor=0x10003) returned 0x10003
[0251.613] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.613] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.613] GetKeyState (nVirtKey=1) returned -127
[0251.613] GetKeyState (nVirtKey=2) returned 0
[0251.613] GetKeyState (nVirtKey=4) returned 0
[0251.613] GetKeyState (nVirtKey=5) returned 0
[0251.614] GetKeyState (nVirtKey=6) returned 0
[0251.614] IsWindowVisible (hWnd=0x1a02ce) returned 1
[0251.614] IsWindowEnabled (hWnd=0x1a02ce) returned 1
[0251.614] SetFocus (hWnd=0x1a02ce) returned 0x2602d8
[0251.614] GetFocus () returned 0x1a02ce
[0251.614] IsChild (hWndParent=0x2402dc, hWnd=0x1a02ce) returned 1
[0251.614] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x8, wParam=0x1a02ce, lParam=0x0) returned 0x0
[0251.614] GetCapture () returned 0x0
[0251.614] InvalidateRect (hWnd=0x2602d8, lpRect=0x0, bErase=0) returned 1
[0251.615] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0251.616] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0251.617] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.617] InvalidateRect (hWnd=0x2602d8, lpRect=0x0, bErase=0) returned 1
[0251.618] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x7, wParam=0x2602d8, lParam=0x0) returned 0x0
[0251.618] GetStockObject (i=5) returned 0x900015
[0251.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0251.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0251.618] GetDlgItem (hDlg=0x2402dc, nIDDlgItem=1704654) returned 0x1a02ce
[0251.618] SendMessageW (hWnd=0x1a02ce, Msg=0x202b, wParam=0x1a02ce, lParam=0xd7dddc) returned 0x0
[0251.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x202b, wParam=0x1a02ce, lParam=0xd7dddc) returned 0x0
[0251.618] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.619] GetFocus () returned 0x1a02ce
[0251.619] GetFocus () returned 0x1a02ce
[0251.619] GetFocus () returned 0x1a02ce
[0251.620] GetKeyState (nVirtKey=1) returned -127
[0251.620] GetKeyState (nVirtKey=2) returned 0
[0251.620] GetKeyState (nVirtKey=4) returned 0
[0251.620] GetKeyState (nVirtKey=5) returned 0
[0251.620] GetKeyState (nVirtKey=6) returned 0
[0251.620] GetCapture () returned 0x0
[0251.620] SetCapture (hWnd=0x1a02ce) returned 0x0
[0251.620] GetKeyState (nVirtKey=1) returned -127
[0251.620] GetKeyState (nVirtKey=2) returned 0
[0251.620] GetKeyState (nVirtKey=4) returned 0
[0251.620] GetKeyState (nVirtKey=5) returned 0
[0251.620] GetKeyState (nVirtKey=6) returned 0
[0251.620] NotifyWinEvent (event=0x800a, hwnd=0x1a02ce, idObject=-4, idChild=0)
[0251.620] InvalidateRect (hWnd=0x1a02ce, lpRect=0xd7e430, bErase=0) returned 1
[0251.620] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.620] IsWindowUnicode (hWnd=0x1a02ce) returned 1
[0251.620] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.620] TranslateMessage (lpMsg=0xd7e808) returned 0
[0251.620] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0251.620] MapWindowPoints (in: hWndFrom=0x1a02ce, hWndTo=0x0, lpPoints=0x2dad5bc, cPoints=0x1 | out: lpPoints=0x2dad5bc) returned 30999254
[0251.620] NotifyWinEvent (event=0x800a, hwnd=0x1a02ce, idObject=-4, idChild=0)
[0251.620] InvalidateRect (hWnd=0x1a02ce, lpRect=0xd7e3d0, bErase=0) returned 1
[0251.620] UpdateWindow (hWnd=0x1a02ce) returned 1
[0251.620] BeginPaint (in: hWnd=0x1a02ce, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0251.621] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.621] CreateCompatibleDC (hdc=0x107b9) returned 0x440107a1
[0251.621] SelectObject (hdc=0x440107a1, h=0x4a0507fe) returned 0x85000f
[0251.621] GdipCreateFromHDC (hdc=0x440107a1, graphics=0xd7df00) returned 0x0
[0251.621] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.621] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0251.621] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0251.621] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0251.621] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df60) returned 0x0
[0251.621] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.621] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0251.621] LocalFree (hMem=0x11eec58) returned 0x0
[0251.621] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0251.621] GdipCreateRegion (region=0xd7df48) returned 0x0
[0251.621] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0251.622] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df54) returned 0x0
[0251.622] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0251.622] GdipRestoreGraphics (graphics=0x6600030, state=0xf8240dbd) returned 0x0
[0251.622] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.622] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0251.622] GetCurrentObject (hdc=0x440107a1, type=0x1) returned 0xb00017
[0251.622] GetCurrentObject (hdc=0x440107a1, type=0x2) returned 0x900010
[0251.622] GetCurrentObject (hdc=0x440107a1, type=0x7) returned 0x4a0507fe
[0251.622] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.622] SaveDC (hdc=0x440107a1) returned 1
[0251.622] GetNearestColor (hdc=0x440107a1, color=0xf0f0f0) returned 0xf0f0f0
[0251.622] GetNearestColor (hdc=0x440107a1, color=0xa0a0a0) returned 0xa0a0a0
[0251.622] GetNearestColor (hdc=0x440107a1, color=0x696969) returned 0x696969
[0251.622] GetNearestColor (hdc=0x440107a1, color=0xa0a0a0) returned 0xa0a0a0
[0251.623] GetNearestColor (hdc=0x440107a1, color=0x0) returned 0x0
[0251.623] GetNearestColor (hdc=0x440107a1, color=0xffffff) returned 0xffffff
[0251.623] GetNearestColor (hdc=0x440107a1, color=0xe5e5e5) returned 0xe5e5e5
[0251.623] GetNearestColor (hdc=0x440107a1, color=0xd7d7d7) returned 0xd7d7d7
[0251.623] GetNearestColor (hdc=0x440107a1, color=0x0) returned 0x0
[0251.623] RestoreDC (hdc=0x440107a1, nSavedDC=-1) returned 1
[0251.623] GdipReleaseDC (graphics=0x6600030, hdc=0x440107a1) returned 0x0
[0251.623] IsAppThemed () returned 0x1
[0251.623] GetThemeAppProperties () returned 0x3
[0251.623] GetThemeAppProperties () returned 0x3
[0251.623] IsAppThemed () returned 0x1
[0251.623] GetThemeAppProperties () returned 0x3
[0251.623] GetThemeAppProperties () returned 0x3
[0251.623] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dadd14 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0251.623] IsAppThemed () returned 0x1
[0251.623] GetThemeAppProperties () returned 0x3
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] IsAppThemed () returned 0x1
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] IsAppThemed () returned 0x1
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] IsAppThemed () returned 0x1
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] IsThemePartDefined () returned 0x1
[0251.624] IsAppThemed () returned 0x1
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.624] IsAppThemed () returned 0x1
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] IsAppThemed () returned 0x1
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] GetThemeAppProperties () returned 0x3
[0251.624] IsThemePartDefined () returned 0x1
[0251.624] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0251.624] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.624] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0251.624] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0251.625] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc7c) returned 0x0
[0251.625] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0251.625] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0251.625] LocalFree (hMem=0x11ee788) returned 0x0
[0251.625] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.625] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0251.625] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.625] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0251.625] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0251.625] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0251.625] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0251.625] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.625] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0251.625] GetCurrentObject (hdc=0x440107a1, type=0x1) returned 0xb00017
[0251.625] GetCurrentObject (hdc=0x440107a1, type=0x2) returned 0x900010
[0251.625] GetCurrentObject (hdc=0x440107a1, type=0x7) returned 0x4a0507fe
[0251.625] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.625] SaveDC (hdc=0x440107a1) returned 1
[0251.625] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7e0407de
[0251.625] GetClipRgn (hdc=0x440107a1, hrgn=0x7e0407de) returned 0
[0251.626] SelectClipRgn (hdc=0x440107a1, hrgn=0xe4040807) returned 2
[0251.626] DeleteObject (ho=0x7e0407de) returned 1
[0251.626] DeleteObject (ho=0xe4040807) returned 1
[0251.626] OffsetViewportOrgEx (in: hdc=0x440107a1, x=0, y=0, lppt=0x2dae3c4 | out: lppt=0x2dae3c4) returned 1
[0251.626] DrawThemeParentBackground () returned 0x0
[0251.626] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0251.626] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0251.626] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.626] GetSystemMetrics (nIndex=42) returned 0
[0251.626] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0251.626] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0251.626] GetCurrentObject (hdc=0x440107a1, type=0x1) returned 0xb00017
[0251.626] GetCurrentObject (hdc=0x440107a1, type=0x2) returned 0x900010
[0251.626] GetCurrentObject (hdc=0x440107a1, type=0x7) returned 0x4a0507fe
[0251.626] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.626] SaveDC (hdc=0x440107a1) returned 2
[0251.626] GetNearestColor (hdc=0x440107a1, color=0xf0f0f0) returned 0xf0f0f0
[0251.626] CreateSolidBrush (color=0xf0f0f0) returned 0xae1007e1
[0251.627] FillRect (hDC=0x440107a1, lprc=0xd7d6c8, hbr=0xae1007e1) returned 1
[0251.627] DeleteObject (ho=0xae1007e1) returned 1
[0251.627] RestoreDC (hdc=0x440107a1, nSavedDC=-1) returned 1
[0251.627] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.627] GetSystemMetrics (nIndex=42) returned 0
[0251.627] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0251.627] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0251.627] GetCurrentObject (hdc=0x440107a1, type=0x1) returned 0xb00017
[0251.627] GetCurrentObject (hdc=0x440107a1, type=0x2) returned 0x900010
[0251.627] GetCurrentObject (hdc=0x440107a1, type=0x7) returned 0x4a0507fe
[0251.627] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.627] SaveDC (hdc=0x440107a1) returned 2
[0251.627] GetNearestColor (hdc=0x440107a1, color=0xf0f0f0) returned 0xf0f0f0
[0251.627] CreateSolidBrush (color=0xf0f0f0) returned 0xaf1007e1
[0251.627] FillRect (hDC=0x440107a1, lprc=0xd7d668, hbr=0xaf1007e1) returned 1
[0251.627] DeleteObject (ho=0xaf1007e1) returned 1
[0251.627] RestoreDC (hdc=0x440107a1, nSavedDC=-1) returned 1
[0251.627] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.627] GetSystemMetrics (nIndex=42) returned 0
[0251.628] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0251.628] RestoreDC (hdc=0x440107a1, nSavedDC=-1) returned 1
[0251.628] GdipReleaseDC (graphics=0x6600030, hdc=0x440107a1) returned 0x0
[0251.628] IsAppThemed () returned 0x1
[0251.628] GetThemeAppProperties () returned 0x3
[0251.628] GetThemeAppProperties () returned 0x3
[0251.628] IsAppThemed () returned 0x1
[0251.628] GetThemeAppProperties () returned 0x3
[0251.628] GetThemeAppProperties () returned 0x3
[0251.628] IsThemePartDefined () returned 0x1
[0251.628] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0251.628] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0251.628] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0251.628] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0251.628] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0251.628] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0251.628] LocalFree (hMem=0x11eec58) returned 0x0
[0251.628] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0251.628] LocalFree (hMem=0x11eed00) returned 0x0
[0251.628] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0251.629] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0251.629] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0251.629] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0251.629] GdipDeleteRegion (region=0x6646568) returned 0x0
[0251.629] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0251.629] GetCurrentObject (hdc=0x440107a1, type=0x1) returned 0xb00017
[0251.629] GetCurrentObject (hdc=0x440107a1, type=0x2) returned 0x900010
[0251.629] GetCurrentObject (hdc=0x440107a1, type=0x7) returned 0x4a0507fe
[0251.629] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.629] SaveDC (hdc=0x440107a1) returned 1
[0251.629] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe5040807
[0251.629] GetClipRgn (hdc=0x440107a1, hrgn=0xe5040807) returned 0
[0251.629] SelectClipRgn (hdc=0x440107a1, hrgn=0x800407de) returned 2
[0251.629] DeleteObject (ho=0xe5040807) returned 1
[0251.629] DeleteObject (ho=0x800407de) returned 1
[0251.629] OffsetViewportOrgEx (in: hdc=0x440107a1, x=0, y=0, lppt=0x2daec70 | out: lppt=0x2daec70) returned 1
[0251.629] IsAppThemed () returned 0x1
[0251.629] GetThemeAppProperties () returned 0x3
[0251.629] GetThemeAppProperties () returned 0x3
[0251.629] DrawThemeBackground () returned 0x0
[0251.629] RestoreDC (hdc=0x440107a1, nSavedDC=-1) returned 1
[0251.630] GdipReleaseDC (graphics=0x6600030, hdc=0x440107a1) returned 0x0
[0251.630] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0251.630] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0251.630] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0251.630] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0251.630] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc04) returned 0x0
[0251.630] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0251.630] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0251.630] LocalFree (hMem=0x11ee868) returned 0x0
[0251.630] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0251.630] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0251.630] LocalFree (hMem=0x11eec58) returned 0x0
[0251.630] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0251.630] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0251.630] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0251.630] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0251.630] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0251.630] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0251.630] GetCurrentObject (hdc=0x440107a1, type=0x1) returned 0xb00017
[0251.630] GetCurrentObject (hdc=0x440107a1, type=0x2) returned 0x900010
[0251.630] GetCurrentObject (hdc=0x440107a1, type=0x7) returned 0x4a0507fe
[0251.630] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.630] SaveDC (hdc=0x440107a1) returned 1
[0251.631] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x810407de
[0251.631] GetClipRgn (hdc=0x440107a1, hrgn=0x810407de) returned 0
[0251.631] SelectClipRgn (hdc=0x440107a1, hrgn=0xe6040807) returned 2
[0251.631] DeleteObject (ho=0x810407de) returned 1
[0251.631] DeleteObject (ho=0xe6040807) returned 1
[0251.631] OffsetViewportOrgEx (in: hdc=0x440107a1, x=0, y=0, lppt=0x2daef44 | out: lppt=0x2daef44) returned 1
[0251.631] IsAppThemed () returned 0x1
[0251.631] GetThemeAppProperties () returned 0x3
[0251.631] GetThemeAppProperties () returned 0x3
[0251.631] GetThemeBackgroundContentRect () returned 0x0
[0251.631] RestoreDC (hdc=0x440107a1, nSavedDC=-1) returned 1
[0251.631] GdipReleaseDC (graphics=0x6600030, hdc=0x440107a1) returned 0x0
[0251.631] IsAppThemed () returned 0x1
[0251.631] GetThemeAppProperties () returned 0x3
[0251.631] GetThemeAppProperties () returned 0x3
[0251.631] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0251.631] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0251.631] GetCurrentObject (hdc=0x440107a1, type=0x1) returned 0xb00017
[0251.631] GetCurrentObject (hdc=0x440107a1, type=0x2) returned 0x900010
[0251.631] GetCurrentObject (hdc=0x440107a1, type=0x7) returned 0x4a0507fe
[0251.631] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.631] SaveDC (hdc=0x440107a1) returned 1
[0251.632] GetTextAlign (hdc=0x440107a1) returned 0x0
[0251.632] GetTextColor (hdc=0x440107a1) returned 0x0
[0251.632] GetCurrentObject (hdc=0x440107a1, type=0x6) returned 0x8a01c2
[0251.632] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0251.632] SelectObject (hdc=0x440107a1, h=0x6d0a0520) returned 0x8a01c2
[0251.632] GetBkMode (hdc=0x440107a1) returned 2
[0251.632] SetBkMode (hdc=0x440107a1, mode=1) returned 2
[0251.632] DrawTextExW (in: hdc=0x440107a1, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2daf2e4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0251.632] DrawTextExW (in: hdc=0x440107a1, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2daf2e4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0251.632] RestoreDC (hdc=0x440107a1, nSavedDC=-1) returned 1
[0251.632] GdipReleaseDC (graphics=0x6600030, hdc=0x440107a1) returned 0x0
[0251.633] GetFocus () returned 0x1a02ce
[0251.633] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0251.633] SendMessageW (hWnd=0x2402dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0251.633] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0251.633] IsAppThemed () returned 0x1
[0251.633] GetThemeAppProperties () returned 0x3
[0251.633] GetThemeAppProperties () returned 0x3
[0251.633] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0251.633] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x440107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.633] GdipReleaseDC (graphics=0x6600030, hdc=0x440107a1) returned 0x0
[0251.633] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.633] SelectObject (hdc=0x440107a1, h=0x85000f) returned 0x4a0507fe
[0251.633] DeleteDC (hdc=0x440107a1) returned 1
[0251.633] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.633] EndPaint (hWnd=0x1a02ce, lpPaint=0xd7dee4) returned 1
[0251.633] MapWindowPoints (in: hWndFrom=0x1a02ce, hWndTo=0x0, lpPoints=0x2daf3e0, cPoints=0x1 | out: lpPoints=0x2daf3e0) returned 30999254
[0251.633] WindowFromPoint (Point=0x2f8) returned 0x1a02ce
[0251.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.634] NotifyWinEvent (event=0x800a, hwnd=0x1a02ce, idObject=-4, idChild=0)
[0251.634] NotifyWinEvent (event=0x800c, hwnd=0x1a02ce, idObject=-4, idChild=0)
[0251.634] GetCapture () returned 0x1a02ce
[0251.634] ReleaseCapture () returned 1
[0251.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0251.634] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0251.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.634] IsWindow (hWnd=0x7005c) returned 1
[0251.635] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0251.635] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0251.635] IsWindow (hWnd=0x2402dc) returned 1
[0251.635] SetActiveWindow (hWnd=0x2402dc) returned 0x2402dc
[0251.635] IsWindow (hWnd=0x2402dc) returned 1
[0251.635] SetFocus (hWnd=0x2402dc) returned 0x1a02ce
[0251.635] GetFocus () returned 0x2402dc
[0251.635] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x8, wParam=0x2402dc, lParam=0x0) returned 0x0
[0251.636] GetCapture () returned 0x0
[0251.636] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.636] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0251.641] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0251.642] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.642] GetFocus () returned 0x2402dc
[0251.642] SetFocus (hWnd=0x1a02ce) returned 0x2402dc
[0251.642] GetFocus () returned 0x1a02ce
[0251.642] IsChild (hWndParent=0x2402dc, hWnd=0x1a02ce) returned 1
[0251.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x8, wParam=0x1a02ce, lParam=0x0) returned 0x0
[0251.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0251.644] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0251.645] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.646] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x7, wParam=0x2402dc, lParam=0x0) returned 0x0
[0251.646] GetStockObject (i=5) returned 0x900015
[0251.646] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0251.646] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0251.646] GetDlgItem (hDlg=0x2402dc, nIDDlgItem=1704654) returned 0x1a02ce
[0251.646] SendMessageW (hWnd=0x1a02ce, Msg=0x202b, wParam=0x1a02ce, lParam=0xd7ddcc) returned 0x0
[0251.646] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x202b, wParam=0x1a02ce, lParam=0xd7ddcc) returned 0x0
[0251.646] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.647] GetWindowLongW (hWnd=0x2402dc, nIndex=-8) returned 458844
[0251.647] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0251.647] GetCurrentThreadId () returned 0xf50
[0251.647] IsWindow (hWnd=0x7005c) returned 1
[0251.647] IsWindow (hWnd=0x7005c) returned 1
[0251.647] IsWindowVisible (hWnd=0x7005c) returned 1
[0251.647] SetActiveWindow (hWnd=0x7005c) returned 0x2402dc
[0251.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0251.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0251.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0251.651] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0251.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0251.651] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0251.651] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0251.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.653] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2402dc) returned 0x1
[0251.655] GetFocus () returned 0x1a02ce
[0251.656] SetFocus (hWnd=0x602c4) returned 0x1a02ce
[0251.656] GetFocus () returned 0x602c4
[0251.656] IsChild (hWndParent=0x2402dc, hWnd=0x602c4) returned 0
[0251.656] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0251.656] GetCapture () returned 0x0
[0251.656] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0251.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0251.659] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.659] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0251.660] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.660] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0251.660] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0251.660] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1a02ce, lParam=0x0) returned 0x0
[0251.660] GetStockObject (i=5) returned 0x900015
[0251.661] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0251.661] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8c8) returned 0xc
[0251.661] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0251.661] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0251.661] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0251.661] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0251.662] GetFocus () returned 0x602c4
[0251.663] IsChild (hWndParent=0x2402dc, hWnd=0x602c4) returned 0
[0251.663] ShowWindow (hWnd=0x2402dc, nCmdShow=0) returned 1
[0251.663] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0251.663] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0251.664] GetWindowPlacement (in: hWnd=0x2402dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0251.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0251.664] GetClientRect (in: hWnd=0x2402dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0251.664] GetWindowRect (in: hWnd=0x2402dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0251.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0251.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0251.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0251.665] GetWindowLongW (hWnd=0x2402dc, nIndex=-20) returned 327945
[0251.665] DestroyWindow (hWnd=0x2402dc) returned 1
[0251.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0251.666] GetWindowTextLengthW (hWnd=0x2402dc) returned 13
[0251.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.666] GetSystemMetrics (nIndex=42) returned 0
[0251.666] GetWindowTextW (in: hWnd=0x2402dc, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0251.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0251.666] GetWindowTextLengthW (hWnd=0x2700ea) returned 0
[0251.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0251.666] GetSystemMetrics (nIndex=42) returned 0
[0251.666] GetWindowTextW (in: hWnd=0x2700ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0251.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0251.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0251.666] GetWindowThreadProcessId (in: hWnd=0x1902d0, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0251.666] GetWindow (hWnd=0x1902d0, uCmd=0x5) returned 0x0
[0251.666] GetWindowLongW (hWnd=0x1902d0, nIndex=-20) returned 65792
[0251.666] DestroyWindow (hWnd=0x1902d0) returned 1
[0251.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0251.667] GetWindowTextLengthW (hWnd=0x1902d0) returned 25
[0251.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0251.667] GetSystemMetrics (nIndex=42) returned 0
[0251.667] GetWindowTextW (in: hWnd=0x1902d0, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0251.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0251.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0251.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1902d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.668] GetWindowTextLengthW (hWnd=0x1e02c8) returned 232
[0251.668] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0251.668] GetSystemMetrics (nIndex=42) returned 0
[0251.668] GetWindowTextW (in: hWnd=0x1e02c8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0251.668] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0251.668] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0251.668] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0251.668] InvalidateRect (hWnd=0x1a02ce, lpRect=0x0, bErase=0) returned 1
[0251.668] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0251.669] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0251.669] SendMessageW (hWnd=0x2402da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0251.676] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0251.676] SendMessageW (hWnd=0x2402da, Msg=0xb0, wParam=0x2d77d48, lParam=0xd7e480) returned 0x0
[0251.676] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0xb0, wParam=0x2d77d48, lParam=0xd7e480) returned 0x0
[0251.676] GetWindowTextLengthW (hWnd=0x2402da) returned 4363
[0251.676] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0251.676] GetSystemMetrics (nIndex=42) returned 0
[0251.676] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0251.676] GetWindowTextW (in: hWnd=0x2402da, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0251.676] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0251.677] CoTaskMemFree (pv=0x120a4b0)
[0251.677] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0251.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2700ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1e02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.679] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1a02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.681] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2402de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.682] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.684] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0251.685] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.685] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.685] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.685] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.685] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.685] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.685] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.686] IsWindowUnicode (hWnd=0x7005c) returned 1
[0251.686] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.686] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.686] SetCursor (hCursor=0x10003) returned 0x10003
[0251.686] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.686] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.686] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0251.686] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0251.686] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0251.686] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x109023a) returned 0x0
[0251.686] GetKeyState (nVirtKey=1) returned 1
[0251.686] GetKeyState (nVirtKey=2) returned 0
[0251.686] GetKeyState (nVirtKey=4) returned 0
[0251.686] GetKeyState (nVirtKey=5) returned 0
[0251.686] GetKeyState (nVirtKey=6) returned 0
[0251.686] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.687] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.687] IsWindowUnicode (hWnd=0x7005c) returned 1
[0251.687] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.687] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.687] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.687] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.687] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.687] IsWindowUnicode (hWnd=0x7005c) returned 1
[0251.688] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.688] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02f8) returned 0x1
[0251.688] SetCursor (hCursor=0x10003) returned 0x10003
[0251.688] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.688] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.688] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x109023a) returned 0x0
[0251.688] GetKeyState (nVirtKey=1) returned 1
[0251.688] GetKeyState (nVirtKey=2) returned 0
[0251.688] GetKeyState (nVirtKey=4) returned 0
[0251.688] GetKeyState (nVirtKey=5) returned 0
[0251.688] GetKeyState (nVirtKey=6) returned 0
[0251.688] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.688] IsWindowUnicode (hWnd=0x602c4) returned 1
[0251.688] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.688] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.688] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.689] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.689] IsWindowUnicode (hWnd=0x602c4) returned 1
[0251.689] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.689] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.689] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.689] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0251.690] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.690] CreateCompatibleDC (hdc=0x107b9) returned 0xb90107ef
[0251.690] SelectObject (hdc=0xb90107ef, h=0x4a0507fe) returned 0x85000f
[0251.690] GdipCreateFromHDC (hdc=0xb90107ef, graphics=0xd7e798) returned 0x0
[0251.690] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0251.690] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0251.690] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0251.690] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0251.690] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e7f8) returned 0x0
[0251.690] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0251.690] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0251.690] LocalFree (hMem=0x11ee910) returned 0x0
[0251.690] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0251.690] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0251.690] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.690] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0251.690] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0251.690] GdipRestoreGraphics (graphics=0x6600030, state=0xf8220dbd) returned 0x0
[0251.691] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.691] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0251.691] GetCurrentObject (hdc=0xb90107ef, type=0x1) returned 0xb00017
[0251.691] GetCurrentObject (hdc=0xb90107ef, type=0x2) returned 0x900010
[0251.691] GetCurrentObject (hdc=0xb90107ef, type=0x7) returned 0x4a0507fe
[0251.691] GetCurrentObject (hdc=0xb90107ef, type=0x6) returned 0x8a01c2
[0251.691] SaveDC (hdc=0xb90107ef) returned 1
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0xff) returned 0xff
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0x55) returned 0x55
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0x0) returned 0x0
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0x55) returned 0x55
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0x0) returned 0x0
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0x8080ff) returned 0x8080ff
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0x7373e5) returned 0x7373e5
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0xe5) returned 0xe5
[0251.691] GetNearestColor (hdc=0xb90107ef, color=0x0) returned 0x0
[0251.691] RestoreDC (hdc=0xb90107ef, nSavedDC=-1) returned 1
[0251.692] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107ef) returned 0x0
[0251.692] IsAppThemed () returned 0x1
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] IsAppThemed () returned 0x1
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2db714c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0251.692] IsAppThemed () returned 0x1
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] IsAppThemed () returned 0x1
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] GetThemeAppProperties () returned 0x3
[0251.692] GetFocus () returned 0x602c4
[0251.692] IsAppThemed () returned 0x1
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] IsAppThemed () returned 0x1
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] IsThemePartDefined () returned 0x1
[0251.693] IsAppThemed () returned 0x1
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0251.693] IsAppThemed () returned 0x1
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] IsAppThemed () returned 0x1
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] GetThemeAppProperties () returned 0x3
[0251.693] IsThemePartDefined () returned 0x1
[0251.693] GdipCreateRegion (region=0xd7e508) returned 0x0
[0251.693] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.693] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0251.694] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0251.694] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e520) returned 0x0
[0251.694] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0251.694] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0251.694] LocalFree (hMem=0x11ee9f0) returned 0x0
[0251.694] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0251.694] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0251.694] LocalFree (hMem=0x11eecc8) returned 0x0
[0251.694] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0251.694] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e548) returned 0x0
[0251.694] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e538) returned 0x0
[0251.694] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0251.694] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.694] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0251.694] GetCurrentObject (hdc=0xb90107ef, type=0x1) returned 0xb00017
[0251.694] GetCurrentObject (hdc=0xb90107ef, type=0x2) returned 0x900010
[0251.694] GetCurrentObject (hdc=0xb90107ef, type=0x7) returned 0x4a0507fe
[0251.694] GetCurrentObject (hdc=0xb90107ef, type=0x6) returned 0x8a01c2
[0251.694] SaveDC (hdc=0xb90107ef) returned 1
[0251.694] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe7040807
[0251.694] GetClipRgn (hdc=0xb90107ef, hrgn=0xe7040807) returned 0
[0251.695] SelectClipRgn (hdc=0xb90107ef, hrgn=0x850407de) returned 2
[0251.695] DeleteObject (ho=0xe7040807) returned 1
[0251.695] DeleteObject (ho=0x850407de) returned 1
[0251.695] OffsetViewportOrgEx (in: hdc=0xb90107ef, x=0, y=0, lppt=0x2db77fc | out: lppt=0x2db77fc) returned 1
[0251.695] DrawThemeParentBackground () returned 0x0
[0251.695] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0251.695] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0251.695] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.695] GetSystemMetrics (nIndex=42) returned 0
[0251.695] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0251.695] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0251.695] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0251.695] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0251.695] SelectPalette (hdc=0xb90107ef, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.695] GdipCreateFromHDC (hdc=0xb90107ef, graphics=0xd7dff8) returned 0x0
[0251.696] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0251.696] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0251.696] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638b78) returned 0x0
[0251.696] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfd0) returned 0x0
[0251.696] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0251.696] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0251.696] GdipGetClip (graphics=0x663e568, region=0x6646b08) returned 0x0
[0251.696] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x663e568, result=0xd7dfc4) returned 0x0
[0251.696] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.696] GdipSaveGraphics (graphics=0x663e568, state=0xd7dff0) returned 0x0
[0251.696] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0251.710] GdipFillRectangleI (graphics=0x663e568, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0251.710] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0251.712] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0251.712] SelectPalette (hdc=0xb90107ef, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.712] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.712] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.712] GetSystemMetrics (nIndex=42) returned 0
[0251.713] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0251.713] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0251.713] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0251.713] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0251.713] SelectPalette (hdc=0xb90107ef, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0251.713] GdipCreateFromHDC (hdc=0xb90107ef, graphics=0xd7df98) returned 0x0
[0251.713] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0251.713] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0251.713] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638ba8) returned 0x0
[0251.713] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df70) returned 0x0
[0251.713] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0251.713] GdipCreateRegion (region=0xd7df58) returned 0x0
[0251.714] GdipGetClip (graphics=0x663e568, region=0x6646b08) returned 0x0
[0251.714] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x663e568, result=0xd7df64) returned 0x0
[0251.714] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0251.714] GdipSaveGraphics (graphics=0x663e568, state=0xd7df90) returned 0x0
[0251.714] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0251.744] GdipFillRectangleI (graphics=0x663e568, brush=0x6653300, x=0, y=0, width=801, height=453) returned 0x0
[0251.744] GdipDeleteBrush (brush=0x6653300) returned 0x0
[0251.746] GdipRestoreGraphics (graphics=0x663e568, state=0xf81e0dbd) returned 0x0
[0251.746] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0251.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0251.746] GetSystemMetrics (nIndex=42) returned 0
[0251.746] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0251.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0251.746] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0251.746] SelectPalette (hdc=0xb90107ef, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.746] RestoreDC (hdc=0xb90107ef, nSavedDC=-1) returned 1
[0251.747] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107ef) returned 0x0
[0251.747] IsAppThemed () returned 0x1
[0251.747] GetThemeAppProperties () returned 0x3
[0251.747] GetThemeAppProperties () returned 0x3
[0251.747] IsAppThemed () returned 0x1
[0251.755] GetThemeAppProperties () returned 0x3
[0251.755] GetThemeAppProperties () returned 0x3
[0251.755] IsThemePartDefined () returned 0x1
[0251.755] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0251.755] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0251.755] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0251.755] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0251.756] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e4a4) returned 0x0
[0251.756] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0251.756] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0251.756] LocalFree (hMem=0x11ee788) returned 0x0
[0251.756] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0251.756] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea60) returned 0x0
[0251.756] LocalFree (hMem=0x11eea60) returned 0x0
[0251.756] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0251.756] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0251.756] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0251.756] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0251.756] GdipDeleteRegion (region=0x6646298) returned 0x0
[0251.756] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0251.756] GetCurrentObject (hdc=0xb90107ef, type=0x1) returned 0xb00017
[0251.756] GetCurrentObject (hdc=0xb90107ef, type=0x2) returned 0x900010
[0251.756] GetCurrentObject (hdc=0xb90107ef, type=0x7) returned 0x4a0507fe
[0251.757] GetCurrentObject (hdc=0xb90107ef, type=0x6) returned 0x8a01c2
[0251.757] SaveDC (hdc=0xb90107ef) returned 1
[0251.757] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x860407de
[0251.757] GetClipRgn (hdc=0xb90107ef, hrgn=0x860407de) returned 0
[0251.757] SelectClipRgn (hdc=0xb90107ef, hrgn=0xe9040807) returned 2
[0251.757] DeleteObject (ho=0x860407de) returned 1
[0251.757] DeleteObject (ho=0xe9040807) returned 1
[0251.757] OffsetViewportOrgEx (in: hdc=0xb90107ef, x=0, y=0, lppt=0x2dbe04c | out: lppt=0x2dbe04c) returned 1
[0251.757] IsAppThemed () returned 0x1
[0251.757] GetThemeAppProperties () returned 0x3
[0251.757] GetThemeAppProperties () returned 0x3
[0251.757] DrawThemeBackground () returned 0x0
[0251.757] RestoreDC (hdc=0xb90107ef, nSavedDC=-1) returned 1
[0251.757] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107ef) returned 0x0
[0251.757] GdipCreateRegion (region=0xd7e490) returned 0x0
[0251.758] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0251.758] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0251.758] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0251.758] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e4a8) returned 0x0
[0251.758] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0251.758] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0251.758] LocalFree (hMem=0x11ee788) returned 0x0
[0251.758] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0251.758] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0251.758] LocalFree (hMem=0x11ee788) returned 0x0
[0251.758] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0251.758] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0251.758] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0251.758] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0251.758] GdipDeleteRegion (region=0x6646448) returned 0x0
[0251.758] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0251.758] GetCurrentObject (hdc=0xb90107ef, type=0x1) returned 0xb00017
[0251.759] GetCurrentObject (hdc=0xb90107ef, type=0x2) returned 0x900010
[0251.759] GetCurrentObject (hdc=0xb90107ef, type=0x7) returned 0x4a0507fe
[0251.759] GetCurrentObject (hdc=0xb90107ef, type=0x6) returned 0x8a01c2
[0251.759] SaveDC (hdc=0xb90107ef) returned 1
[0251.759] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xea040807
[0251.759] GetClipRgn (hdc=0xb90107ef, hrgn=0xea040807) returned 0
[0251.759] SelectClipRgn (hdc=0xb90107ef, hrgn=0x870407de) returned 2
[0251.759] DeleteObject (ho=0xea040807) returned 1
[0251.759] DeleteObject (ho=0x870407de) returned 1
[0251.759] OffsetViewportOrgEx (in: hdc=0xb90107ef, x=0, y=0, lppt=0x2dbe320 | out: lppt=0x2dbe320) returned 1
[0251.759] IsAppThemed () returned 0x1
[0251.759] GetThemeAppProperties () returned 0x3
[0251.759] GetThemeAppProperties () returned 0x3
[0251.759] GetThemeBackgroundContentRect () returned 0x0
[0251.759] RestoreDC (hdc=0xb90107ef, nSavedDC=-1) returned 1
[0251.759] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107ef) returned 0x0
[0251.760] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0251.760] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0251.760] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0251.760] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0251.760] IsAppThemed () returned 0x1
[0251.760] GetThemeAppProperties () returned 0x3
[0251.760] GetThemeAppProperties () returned 0x3
[0251.760] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0251.760] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0251.760] GetCurrentObject (hdc=0xb90107ef, type=0x1) returned 0xb00017
[0251.760] GetCurrentObject (hdc=0xb90107ef, type=0x2) returned 0x900010
[0251.760] GetCurrentObject (hdc=0xb90107ef, type=0x7) returned 0x4a0507fe
[0251.760] GetCurrentObject (hdc=0xb90107ef, type=0x6) returned 0x8a01c2
[0251.760] SaveDC (hdc=0xb90107ef) returned 1
[0251.760] GetTextAlign (hdc=0xb90107ef) returned 0x0
[0251.760] GetTextColor (hdc=0xb90107ef) returned 0x0
[0251.761] GetCurrentObject (hdc=0xb90107ef, type=0x6) returned 0x8a01c2
[0251.761] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0251.761] SelectObject (hdc=0xb90107ef, h=0x6d0a0520) returned 0x8a01c2
[0251.761] GetBkMode (hdc=0xb90107ef) returned 2
[0251.761] SetBkMode (hdc=0xb90107ef, mode=1) returned 2
[0251.761] DrawTextExW (in: hdc=0xb90107ef, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2dbe6e4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0251.761] DrawTextExW (in: hdc=0xb90107ef, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2dbe6e4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0251.762] RestoreDC (hdc=0xb90107ef, nSavedDC=-1) returned 1
[0251.762] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107ef) returned 0x0
[0251.762] GetFocus () returned 0x602c4
[0251.762] IsAppThemed () returned 0x1
[0251.762] GetThemeAppProperties () returned 0x3
[0251.762] GetThemeAppProperties () returned 0x3
[0251.762] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0251.762] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xb90107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0251.762] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107ef) returned 0x0
[0251.763] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0251.763] SelectObject (hdc=0xb90107ef, h=0x85000f) returned 0x4a0507fe
[0251.763] DeleteDC (hdc=0xb90107ef) returned 1
[0251.763] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0251.763] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0251.767] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.767] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.767] WaitMessage () returned 1
[0251.768] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.768] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.768] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.768] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.768] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.769] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.769] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.769] WaitMessage () returned 1
[0251.786] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.786] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.786] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.787] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.787] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.788] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.788] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.788] WaitMessage () returned 1
[0251.790] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.790] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.790] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.790] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.790] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.791] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.791] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.791] WaitMessage () returned 1
[0251.800] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.800] IsWindowUnicode (hWnd=0x7005c) returned 1
[0251.800] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.800] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.801] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.801] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.801] IsWindowUnicode (hWnd=0x7005c) returned 1
[0251.801] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.801] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.801] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x109023a) returned 0x0
[0251.801] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.801] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.801] WaitMessage () returned 1
[0251.803] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.803] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.803] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.804] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.804] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.806] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.806] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.806] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.806] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.806] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.806] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.807] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.807] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.807] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.807] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.807] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.807] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.807] WaitMessage () returned 1
[0251.808] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.808] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.808] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.808] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.808] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.809] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.809] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.810] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.810] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.810] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.810] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.810] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.810] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.810] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.810] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.810] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.811] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.811] WaitMessage () returned 1
[0251.811] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.811] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.811] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.811] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.811] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.813] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.813] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.813] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.813] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.813] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.813] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.813] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.813] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.813] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.814] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.814] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.814] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.814] WaitMessage () returned 1
[0251.815] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.815] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.815] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.815] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.815] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.816] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.817] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.817] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.817] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.817] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.817] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.817] IsWindowUnicode (hWnd=0x30122) returned 1
[0251.817] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0251.817] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0251.817] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0251.817] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.818] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0251.818] WaitMessage () returned 1
[0252.014] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0252.014] IsWindowUnicode (hWnd=0x502c6) returned 1
[0252.014] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0252.014] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0252.015] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0252.015] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0252.015] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0252.015] WaitMessage () returned 1
[0253.860] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.860] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x275010f) returned 0x1
[0253.861] IsWindowUnicode (hWnd=0x602c4) returned 1
[0253.861] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.861] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0253.861] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0253.861] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0253.861] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x275010f) returned 0x1
[0253.861] IsWindowUnicode (hWnd=0x602c4) returned 1
[0253.861] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x275010f) returned 0x1
[0253.861] SetCursor (hCursor=0x10003) returned 0x10003
[0253.861] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0253.861] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0253.861] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0253.861] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0253.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0253.862] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0253.862] GetKeyState (nVirtKey=1) returned 1
[0253.862] GetKeyState (nVirtKey=2) returned 0
[0253.862] GetKeyState (nVirtKey=4) returned 0
[0253.862] GetKeyState (nVirtKey=5) returned 0
[0253.862] GetKeyState (nVirtKey=6) returned 0
[0253.862] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.862] IsWindowUnicode (hWnd=0x602c4) returned 1
[0253.862] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.862] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0253.862] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0253.862] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0253.862] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0253.862] CreateCompatibleDC (hdc=0x107b9) returned 0x160107f8
[0253.862] SelectObject (hdc=0x160107f8, h=0x4a0507fe) returned 0x85000f
[0253.862] GdipCreateFromHDC (hdc=0x160107f8, graphics=0xd7e798) returned 0x0
[0253.863] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0253.863] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0253.863] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0253.863] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0253.863] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e7f8) returned 0x0
[0253.863] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0253.863] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0253.863] LocalFree (hMem=0x11eec58) returned 0x0
[0253.863] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0253.863] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0253.863] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0253.863] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0253.863] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0253.863] GdipRestoreGraphics (graphics=0x6600030, state=0xf81c0dbd) returned 0x0
[0253.863] GdipDeleteRegion (region=0x6646298) returned 0x0
[0253.863] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0253.863] GetCurrentObject (hdc=0x160107f8, type=0x1) returned 0xb00017
[0253.863] GetCurrentObject (hdc=0x160107f8, type=0x2) returned 0x900010
[0253.864] GetCurrentObject (hdc=0x160107f8, type=0x7) returned 0x4a0507fe
[0253.864] GetCurrentObject (hdc=0x160107f8, type=0x6) returned 0x8a01c2
[0253.864] SaveDC (hdc=0x160107f8) returned 1
[0253.864] GetNearestColor (hdc=0x160107f8, color=0xff) returned 0xff
[0253.864] GetNearestColor (hdc=0x160107f8, color=0x55) returned 0x55
[0253.864] GetNearestColor (hdc=0x160107f8, color=0x0) returned 0x0
[0253.864] GetNearestColor (hdc=0x160107f8, color=0x55) returned 0x55
[0253.864] GetNearestColor (hdc=0x160107f8, color=0x0) returned 0x0
[0253.864] GetNearestColor (hdc=0x160107f8, color=0x8080ff) returned 0x8080ff
[0253.864] GetNearestColor (hdc=0x160107f8, color=0x7373e5) returned 0x7373e5
[0253.864] GetNearestColor (hdc=0x160107f8, color=0xe5) returned 0xe5
[0253.864] GetNearestColor (hdc=0x160107f8, color=0x0) returned 0x0
[0253.864] RestoreDC (hdc=0x160107f8, nSavedDC=-1) returned 1
[0253.864] GdipReleaseDC (graphics=0x6600030, hdc=0x160107f8) returned 0x0
[0253.865] IsAppThemed () returned 0x1
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] IsAppThemed () returned 0x1
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2dbf054 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0253.865] IsAppThemed () returned 0x1
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] IsAppThemed () returned 0x1
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] GetThemeAppProperties () returned 0x3
[0253.865] IsAppThemed () returned 0x1
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] IsAppThemed () returned 0x1
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] IsThemePartDefined () returned 0x1
[0253.866] IsAppThemed () returned 0x1
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0253.866] IsAppThemed () returned 0x1
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] IsAppThemed () returned 0x1
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] GetThemeAppProperties () returned 0x3
[0253.866] IsThemePartDefined () returned 0x1
[0253.866] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0253.866] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0253.866] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0253.866] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0253.866] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e514) returned 0x0
[0253.866] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0253.866] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea60) returned 0x0
[0253.867] LocalFree (hMem=0x11eea60) returned 0x0
[0253.867] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0253.867] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eed00) returned 0x0
[0253.867] LocalFree (hMem=0x11eed00) returned 0x0
[0253.867] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0253.867] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0253.867] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0253.867] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0253.867] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0253.867] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0253.867] GetCurrentObject (hdc=0x160107f8, type=0x1) returned 0xb00017
[0253.867] GetCurrentObject (hdc=0x160107f8, type=0x2) returned 0x900010
[0253.867] GetCurrentObject (hdc=0x160107f8, type=0x7) returned 0x4a0507fe
[0253.867] GetCurrentObject (hdc=0x160107f8, type=0x6) returned 0x8a01c2
[0253.867] SaveDC (hdc=0x160107f8) returned 1
[0253.867] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x880407de
[0253.867] GetClipRgn (hdc=0x160107f8, hrgn=0x880407de) returned 0
[0253.867] SelectClipRgn (hdc=0x160107f8, hrgn=0xee040807) returned 2
[0253.867] DeleteObject (ho=0x880407de) returned 1
[0253.867] DeleteObject (ho=0xee040807) returned 1
[0253.868] OffsetViewportOrgEx (in: hdc=0x160107f8, x=0, y=0, lppt=0x2dbf704 | out: lppt=0x2dbf704) returned 1
[0253.868] DrawThemeParentBackground () returned 0x0
[0253.868] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0253.868] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0253.868] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0253.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0253.868] GetSystemMetrics (nIndex=42) returned 0
[0253.868] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0253.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0253.868] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0253.868] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0253.868] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0253.868] SelectPalette (hdc=0x160107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0253.868] GdipCreateFromHDC (hdc=0x160107f8, graphics=0xd7dff0) returned 0x0
[0253.868] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0253.868] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0253.868] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638ae8) returned 0x0
[0253.869] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfc8) returned 0x0
[0253.869] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0253.869] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0253.869] GdipGetClip (graphics=0x663e568, region=0x6646b08) returned 0x0
[0253.869] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x663e568, result=0xd7dfbc) returned 0x0
[0253.869] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0253.869] GdipSaveGraphics (graphics=0x663e568, state=0xd7dfe8) returned 0x0
[0253.869] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0253.875] GdipFillRectangleI (graphics=0x663e568, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0253.875] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0253.876] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0253.876] SelectPalette (hdc=0x160107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0253.876] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0253.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0253.876] GetSystemMetrics (nIndex=42) returned 0
[0253.876] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0253.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0253.876] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0253.876] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0253.876] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0253.876] SelectPalette (hdc=0x160107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0253.876] GdipCreateFromHDC (hdc=0x160107f8, graphics=0xd7df90) returned 0x0
[0253.877] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0253.877] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0253.877] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c68) returned 0x0
[0253.877] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0253.877] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0253.877] GdipCreateRegion (region=0xd7df50) returned 0x0
[0253.877] GdipGetClip (graphics=0x663e568, region=0x6646b08) returned 0x0
[0253.877] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x663e568, result=0xd7df5c) returned 0x0
[0253.877] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0253.877] GdipSaveGraphics (graphics=0x663e568, state=0xd7df88) returned 0x0
[0253.877] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0253.882] GdipFillRectangleI (graphics=0x663e568, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0253.882] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0253.884] GdipRestoreGraphics (graphics=0x663e568, state=0xf8180dbd) returned 0x0
[0253.884] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0253.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0253.884] GetSystemMetrics (nIndex=42) returned 0
[0253.884] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0253.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0253.884] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0253.884] SelectPalette (hdc=0x160107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0253.884] RestoreDC (hdc=0x160107f8, nSavedDC=-1) returned 1
[0253.884] GdipReleaseDC (graphics=0x6600030, hdc=0x160107f8) returned 0x0
[0253.884] IsAppThemed () returned 0x1
[0253.884] GetThemeAppProperties () returned 0x3
[0253.884] GetThemeAppProperties () returned 0x3
[0253.885] IsAppThemed () returned 0x1
[0253.885] GetThemeAppProperties () returned 0x3
[0253.885] GetThemeAppProperties () returned 0x3
[0253.885] IsThemePartDefined () returned 0x1
[0253.885] GdipCreateRegion (region=0xd7e480) returned 0x0
[0253.885] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0253.885] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0253.885] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0253.885] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0253.885] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0253.885] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0253.885] LocalFree (hMem=0x11ee910) returned 0x0
[0253.885] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0253.885] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0253.885] LocalFree (hMem=0x11eec58) returned 0x0
[0253.885] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0253.885] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0253.885] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0253.885] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0253.885] GdipDeleteRegion (region=0x6646718) returned 0x0
[0253.885] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0253.885] GetCurrentObject (hdc=0x160107f8, type=0x1) returned 0xb00017
[0253.885] GetCurrentObject (hdc=0x160107f8, type=0x2) returned 0x900010
[0253.886] GetCurrentObject (hdc=0x160107f8, type=0x7) returned 0x4a0507fe
[0253.886] GetCurrentObject (hdc=0x160107f8, type=0x6) returned 0x8a01c2
[0253.886] SaveDC (hdc=0x160107f8) returned 1
[0253.886] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xef040807
[0253.886] GetClipRgn (hdc=0x160107f8, hrgn=0xef040807) returned 0
[0253.886] SelectClipRgn (hdc=0x160107f8, hrgn=0x8a0407de) returned 2
[0253.886] DeleteObject (ho=0xef040807) returned 1
[0253.886] DeleteObject (ho=0x8a0407de) returned 1
[0253.886] OffsetViewportOrgEx (in: hdc=0x160107f8, x=0, y=0, lppt=0x2dc5f54 | out: lppt=0x2dc5f54) returned 1
[0253.886] IsAppThemed () returned 0x1
[0253.886] GetThemeAppProperties () returned 0x3
[0253.886] GetThemeAppProperties () returned 0x3
[0253.886] DrawThemeBackground () returned 0x0
[0253.886] RestoreDC (hdc=0x160107f8, nSavedDC=-1) returned 1
[0253.886] GdipReleaseDC (graphics=0x6600030, hdc=0x160107f8) returned 0x0
[0253.886] GdipCreateRegion (region=0xd7e484) returned 0x0
[0253.886] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0253.886] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0253.886] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0253.886] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e49c) returned 0x0
[0253.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0253.887] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0253.887] LocalFree (hMem=0x11ee788) returned 0x0
[0253.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0253.887] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0253.887] LocalFree (hMem=0x11ee788) returned 0x0
[0253.887] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0253.887] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0253.887] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0253.887] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0253.887] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0253.887] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0253.887] GetCurrentObject (hdc=0x160107f8, type=0x1) returned 0xb00017
[0253.887] GetCurrentObject (hdc=0x160107f8, type=0x2) returned 0x900010
[0253.887] GetCurrentObject (hdc=0x160107f8, type=0x7) returned 0x4a0507fe
[0253.887] GetCurrentObject (hdc=0x160107f8, type=0x6) returned 0x8a01c2
[0253.887] SaveDC (hdc=0x160107f8) returned 1
[0253.887] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b0407de
[0253.887] GetClipRgn (hdc=0x160107f8, hrgn=0x8b0407de) returned 0
[0253.887] SelectClipRgn (hdc=0x160107f8, hrgn=0xf0040807) returned 2
[0253.888] DeleteObject (ho=0x8b0407de) returned 1
[0253.888] DeleteObject (ho=0xf0040807) returned 1
[0253.888] OffsetViewportOrgEx (in: hdc=0x160107f8, x=0, y=0, lppt=0x2dc6228 | out: lppt=0x2dc6228) returned 1
[0253.888] IsAppThemed () returned 0x1
[0253.888] GetThemeAppProperties () returned 0x3
[0253.888] GetThemeAppProperties () returned 0x3
[0253.888] GetThemeBackgroundContentRect () returned 0x0
[0253.888] RestoreDC (hdc=0x160107f8, nSavedDC=-1) returned 1
[0253.888] GdipReleaseDC (graphics=0x6600030, hdc=0x160107f8) returned 0x0
[0253.888] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0253.888] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0253.888] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0253.888] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0253.888] IsAppThemed () returned 0x1
[0253.888] GetThemeAppProperties () returned 0x3
[0253.888] GetThemeAppProperties () returned 0x3
[0253.888] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0253.888] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0253.888] GetCurrentObject (hdc=0x160107f8, type=0x1) returned 0xb00017
[0253.888] GetCurrentObject (hdc=0x160107f8, type=0x2) returned 0x900010
[0253.888] GetCurrentObject (hdc=0x160107f8, type=0x7) returned 0x4a0507fe
[0253.888] GetCurrentObject (hdc=0x160107f8, type=0x6) returned 0x8a01c2
[0253.888] SaveDC (hdc=0x160107f8) returned 1
[0253.889] GetTextAlign (hdc=0x160107f8) returned 0x0
[0253.889] GetTextColor (hdc=0x160107f8) returned 0x0
[0253.889] GetCurrentObject (hdc=0x160107f8, type=0x6) returned 0x8a01c2
[0253.889] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0253.889] SelectObject (hdc=0x160107f8, h=0x6d0a0520) returned 0x8a01c2
[0253.889] GetBkMode (hdc=0x160107f8) returned 2
[0253.889] SetBkMode (hdc=0x160107f8, mode=1) returned 2
[0253.889] DrawTextExW (in: hdc=0x160107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2dc65ec | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0253.889] DrawTextExW (in: hdc=0x160107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2dc65ec | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0253.890] RestoreDC (hdc=0x160107f8, nSavedDC=-1) returned 1
[0253.890] GdipReleaseDC (graphics=0x6600030, hdc=0x160107f8) returned 0x0
[0253.890] GetFocus () returned 0x602c4
[0253.890] IsAppThemed () returned 0x1
[0253.890] GetThemeAppProperties () returned 0x3
[0253.890] GetThemeAppProperties () returned 0x3
[0253.890] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0253.890] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x160107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0253.890] GdipReleaseDC (graphics=0x6600030, hdc=0x160107f8) returned 0x0
[0253.890] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0253.890] SelectObject (hdc=0x160107f8, h=0x85000f) returned 0x4a0507fe
[0253.890] DeleteDC (hdc=0x160107f8) returned 1
[0253.890] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0253.891] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0253.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0253.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0253.891] WaitMessage () returned 1
[0253.966] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.967] IsWindowUnicode (hWnd=0x602c4) returned 1
[0253.967] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.967] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0253.967] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0253.967] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.967] IsWindowUnicode (hWnd=0x602c4) returned 1
[0253.967] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0253.967] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0253.967] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0253.967] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xe0034) returned 0x0
[0253.967] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0253.967] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0253.967] WaitMessage () returned 1
[0254.100] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x275010f) returned 0x1
[0254.100] IsWindowUnicode (hWnd=0x602c4) returned 1
[0254.100] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x275010f) returned 0x1
[0254.100] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0254.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1a00051) returned 0x0
[0254.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0254.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0254.101] SetCursor (hCursor=0x10003) returned 0x10003
[0254.101] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.101] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.101] GetKeyState (nVirtKey=1) returned -128
[0254.101] GetKeyState (nVirtKey=2) returned 0
[0254.101] GetKeyState (nVirtKey=4) returned 0
[0254.101] GetKeyState (nVirtKey=5) returned 0
[0254.101] GetKeyState (nVirtKey=6) returned 0
[0254.101] IsWindowVisible (hWnd=0x602c4) returned 1
[0254.101] IsWindowEnabled (hWnd=0x602c4) returned 1
[0254.101] SetFocus (hWnd=0x602c4) returned 0x602c4
[0254.101] GetFocus () returned 0x602c4
[0254.101] GetFocus () returned 0x602c4
[0254.101] GetFocus () returned 0x602c4
[0254.101] GetKeyState (nVirtKey=1) returned -128
[0254.101] GetKeyState (nVirtKey=2) returned 0
[0254.101] GetKeyState (nVirtKey=4) returned 0
[0254.102] GetKeyState (nVirtKey=5) returned 0
[0254.102] GetKeyState (nVirtKey=6) returned 0
[0254.102] GetCapture () returned 0x0
[0254.102] SetCapture (hWnd=0x602c4) returned 0x0
[0254.102] GetKeyState (nVirtKey=1) returned -128
[0254.102] GetKeyState (nVirtKey=2) returned 0
[0254.102] GetKeyState (nVirtKey=4) returned 0
[0254.102] GetKeyState (nVirtKey=5) returned 0
[0254.102] GetKeyState (nVirtKey=6) returned 0
[0254.102] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0254.102] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0254.102] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.102] IsWindowUnicode (hWnd=0x602c4) returned 1
[0254.102] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.102] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.102] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.102] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dc6770, cPoints=0x1 | out: lpPoints=0x2dc6770) returned 40304859
[0254.102] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0254.102] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0254.103] UpdateWindow (hWnd=0x602c4) returned 1
[0254.103] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0254.103] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.103] CreateCompatibleDC (hdc=0x107b9) returned 0x170107f8
[0254.103] SelectObject (hdc=0x170107f8, h=0x4a0507fe) returned 0x85000f
[0254.103] GdipCreateFromHDC (hdc=0x170107f8, graphics=0xd7e430) returned 0x0
[0254.103] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.103] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0254.103] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0254.103] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0254.104] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e490) returned 0x0
[0254.104] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.104] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0254.104] LocalFree (hMem=0x11ee868) returned 0x0
[0254.104] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0254.104] GdipCreateRegion (region=0xd7e478) returned 0x0
[0254.104] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.104] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e484) returned 0x0
[0254.104] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0254.104] GdipRestoreGraphics (graphics=0x6600030, state=0xf8160dbd) returned 0x0
[0254.104] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.104] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0254.104] GetCurrentObject (hdc=0x170107f8, type=0x1) returned 0xb00017
[0254.104] GetCurrentObject (hdc=0x170107f8, type=0x2) returned 0x900010
[0254.104] GetCurrentObject (hdc=0x170107f8, type=0x7) returned 0x4a0507fe
[0254.104] GetCurrentObject (hdc=0x170107f8, type=0x6) returned 0x8a01c2
[0254.105] SaveDC (hdc=0x170107f8) returned 1
[0254.105] GetNearestColor (hdc=0x170107f8, color=0xff) returned 0xff
[0254.105] GetNearestColor (hdc=0x170107f8, color=0x55) returned 0x55
[0254.105] GetNearestColor (hdc=0x170107f8, color=0x0) returned 0x0
[0254.105] GetNearestColor (hdc=0x170107f8, color=0x55) returned 0x55
[0254.105] GetNearestColor (hdc=0x170107f8, color=0x0) returned 0x0
[0254.105] GetNearestColor (hdc=0x170107f8, color=0x8080ff) returned 0x8080ff
[0254.105] GetNearestColor (hdc=0x170107f8, color=0x7373e5) returned 0x7373e5
[0254.105] GetNearestColor (hdc=0x170107f8, color=0xe5) returned 0xe5
[0254.105] GetNearestColor (hdc=0x170107f8, color=0x0) returned 0x0
[0254.105] RestoreDC (hdc=0x170107f8, nSavedDC=-1) returned 1
[0254.105] GdipReleaseDC (graphics=0x6600030, hdc=0x170107f8) returned 0x0
[0254.105] IsAppThemed () returned 0x1
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] IsAppThemed () returned 0x1
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2dc6e8c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0254.106] IsAppThemed () returned 0x1
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] IsAppThemed () returned 0x1
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] GetThemeAppProperties () returned 0x3
[0254.106] IsAppThemed () returned 0x1
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] IsAppThemed () returned 0x1
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] IsThemePartDefined () returned 0x1
[0254.107] IsAppThemed () returned 0x1
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0254.107] IsAppThemed () returned 0x1
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] IsAppThemed () returned 0x1
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] GetThemeAppProperties () returned 0x3
[0254.107] IsThemePartDefined () returned 0x1
[0254.107] GdipCreateRegion (region=0xd7e194) returned 0x0
[0254.107] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.107] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0254.107] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0254.107] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e1ac) returned 0x0
[0254.108] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0254.108] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0254.108] LocalFree (hMem=0x11eecc8) returned 0x0
[0254.108] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0254.108] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0254.108] LocalFree (hMem=0x11eecc8) returned 0x0
[0254.108] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0254.108] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0254.108] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0254.108] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0254.108] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.108] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0254.108] GetCurrentObject (hdc=0x170107f8, type=0x1) returned 0xb00017
[0254.108] GetCurrentObject (hdc=0x170107f8, type=0x2) returned 0x900010
[0254.108] GetCurrentObject (hdc=0x170107f8, type=0x7) returned 0x4a0507fe
[0254.108] GetCurrentObject (hdc=0x170107f8, type=0x6) returned 0x8a01c2
[0254.108] SaveDC (hdc=0x170107f8) returned 1
[0254.109] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf1040807
[0254.109] GetClipRgn (hdc=0x170107f8, hrgn=0xf1040807) returned 0
[0254.109] SelectClipRgn (hdc=0x170107f8, hrgn=0x8f0407de) returned 2
[0254.109] DeleteObject (ho=0xf1040807) returned 1
[0254.109] DeleteObject (ho=0x8f0407de) returned 1
[0254.109] OffsetViewportOrgEx (in: hdc=0x170107f8, x=0, y=0, lppt=0x2dc753c | out: lppt=0x2dc753c) returned 1
[0254.109] DrawThemeParentBackground () returned 0x0
[0254.109] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0254.109] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0254.109] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.109] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.109] GetSystemMetrics (nIndex=42) returned 0
[0254.109] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.109] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0254.110] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0254.110] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0254.110] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0254.110] SelectPalette (hdc=0x170107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.110] GdipCreateFromHDC (hdc=0x170107f8, graphics=0xd7dc88) returned 0x0
[0254.110] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0254.110] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0254.110] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cf8) returned 0x0
[0254.110] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc60) returned 0x0
[0254.110] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0254.110] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0254.110] GdipGetClip (graphics=0x663e568, region=0x6646448) returned 0x0
[0254.110] GdipIsInfiniteRegion (region=0x6646448, graphics=0x663e568, result=0xd7dc54) returned 0x0
[0254.110] GdipDeleteRegion (region=0x6646448) returned 0x0
[0254.110] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc80) returned 0x0
[0254.110] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0254.117] GdipFillRectangleI (graphics=0x663e568, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0254.117] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0254.119] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0254.119] SelectPalette (hdc=0x170107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.119] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.119] GetSystemMetrics (nIndex=42) returned 0
[0254.120] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0254.120] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0254.120] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0254.120] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0254.120] SelectPalette (hdc=0x170107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.120] GdipCreateFromHDC (hdc=0x170107f8, graphics=0xd7dc28) returned 0x0
[0254.120] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0254.120] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0254.120] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638d58) returned 0x0
[0254.120] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0254.120] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0254.120] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0254.120] GdipGetClip (graphics=0x663e568, region=0x66464d8) returned 0x0
[0254.121] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x663e568, result=0xd7dbf4) returned 0x0
[0254.121] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0254.121] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc20) returned 0x0
[0254.121] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0254.127] GdipFillRectangleI (graphics=0x663e568, brush=0x66536a8, x=0, y=0, width=801, height=453) returned 0x0
[0254.128] GdipDeleteBrush (brush=0x66536a8) returned 0x0
[0254.129] GdipRestoreGraphics (graphics=0x663e568, state=0xf8120dbd) returned 0x0
[0254.129] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.129] GetSystemMetrics (nIndex=42) returned 0
[0254.129] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0254.129] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0254.130] SelectPalette (hdc=0x170107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.130] RestoreDC (hdc=0x170107f8, nSavedDC=-1) returned 1
[0254.130] GdipReleaseDC (graphics=0x6600030, hdc=0x170107f8) returned 0x0
[0254.130] IsAppThemed () returned 0x1
[0254.130] GetThemeAppProperties () returned 0x3
[0254.130] GetThemeAppProperties () returned 0x3
[0254.130] IsAppThemed () returned 0x1
[0254.130] GetThemeAppProperties () returned 0x3
[0254.130] GetThemeAppProperties () returned 0x3
[0254.130] IsThemePartDefined () returned 0x1
[0254.130] GdipCreateRegion (region=0xd7e118) returned 0x0
[0254.130] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0254.130] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0254.130] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0254.131] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e130) returned 0x0
[0254.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0254.131] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea98) returned 0x0
[0254.131] LocalFree (hMem=0x11eea98) returned 0x0
[0254.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0254.131] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0254.131] LocalFree (hMem=0x11ee9f0) returned 0x0
[0254.131] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0254.131] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e158) returned 0x0
[0254.131] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e148) returned 0x0
[0254.131] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0254.131] GdipDeleteRegion (region=0x6646718) returned 0x0
[0254.131] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0254.131] GetCurrentObject (hdc=0x170107f8, type=0x1) returned 0xb00017
[0254.131] GetCurrentObject (hdc=0x170107f8, type=0x2) returned 0x900010
[0254.131] GetCurrentObject (hdc=0x170107f8, type=0x7) returned 0x4a0507fe
[0254.131] GetCurrentObject (hdc=0x170107f8, type=0x6) returned 0x8a01c2
[0254.132] SaveDC (hdc=0x170107f8) returned 1
[0254.132] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x900407de
[0254.132] GetClipRgn (hdc=0x170107f8, hrgn=0x900407de) returned 0
[0254.132] SelectClipRgn (hdc=0x170107f8, hrgn=0xf3040807) returned 2
[0254.132] DeleteObject (ho=0x900407de) returned 1
[0254.132] DeleteObject (ho=0xf3040807) returned 1
[0254.132] OffsetViewportOrgEx (in: hdc=0x170107f8, x=0, y=0, lppt=0x2dcdd8c | out: lppt=0x2dcdd8c) returned 1
[0254.132] IsAppThemed () returned 0x1
[0254.132] GetThemeAppProperties () returned 0x3
[0254.132] GetThemeAppProperties () returned 0x3
[0254.132] DrawThemeBackground () returned 0x0
[0254.132] RestoreDC (hdc=0x170107f8, nSavedDC=-1) returned 1
[0254.132] GdipReleaseDC (graphics=0x6600030, hdc=0x170107f8) returned 0x0
[0254.132] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0254.132] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.132] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0254.133] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0254.133] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e134) returned 0x0
[0254.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0254.133] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea98) returned 0x0
[0254.133] LocalFree (hMem=0x11eea98) returned 0x0
[0254.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.133] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0254.133] LocalFree (hMem=0x11eec58) returned 0x0
[0254.133] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0254.133] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0254.133] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0254.133] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0254.133] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.133] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0254.133] GetCurrentObject (hdc=0x170107f8, type=0x1) returned 0xb00017
[0254.133] GetCurrentObject (hdc=0x170107f8, type=0x2) returned 0x900010
[0254.133] GetCurrentObject (hdc=0x170107f8, type=0x7) returned 0x4a0507fe
[0254.133] GetCurrentObject (hdc=0x170107f8, type=0x6) returned 0x8a01c2
[0254.134] SaveDC (hdc=0x170107f8) returned 1
[0254.134] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf4040807
[0254.134] GetClipRgn (hdc=0x170107f8, hrgn=0xf4040807) returned 0
[0254.134] SelectClipRgn (hdc=0x170107f8, hrgn=0x910407de) returned 2
[0254.134] DeleteObject (ho=0xf4040807) returned 1
[0254.134] DeleteObject (ho=0x910407de) returned 1
[0254.134] OffsetViewportOrgEx (in: hdc=0x170107f8, x=0, y=0, lppt=0x2dce060 | out: lppt=0x2dce060) returned 1
[0254.134] IsAppThemed () returned 0x1
[0254.134] GetThemeAppProperties () returned 0x3
[0254.134] GetThemeAppProperties () returned 0x3
[0254.134] GetThemeBackgroundContentRect () returned 0x0
[0254.134] RestoreDC (hdc=0x170107f8, nSavedDC=-1) returned 1
[0254.134] GdipReleaseDC (graphics=0x6600030, hdc=0x170107f8) returned 0x0
[0254.134] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0254.134] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0254.134] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0254.135] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0254.135] IsAppThemed () returned 0x1
[0254.135] GetThemeAppProperties () returned 0x3
[0254.135] GetThemeAppProperties () returned 0x3
[0254.135] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0254.135] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0254.135] GetCurrentObject (hdc=0x170107f8, type=0x1) returned 0xb00017
[0254.135] GetCurrentObject (hdc=0x170107f8, type=0x2) returned 0x900010
[0254.135] GetCurrentObject (hdc=0x170107f8, type=0x7) returned 0x4a0507fe
[0254.135] GetCurrentObject (hdc=0x170107f8, type=0x6) returned 0x8a01c2
[0254.135] SaveDC (hdc=0x170107f8) returned 1
[0254.135] GetTextAlign (hdc=0x170107f8) returned 0x0
[0254.135] GetTextColor (hdc=0x170107f8) returned 0x0
[0254.135] GetCurrentObject (hdc=0x170107f8, type=0x6) returned 0x8a01c2
[0254.135] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0254.136] SelectObject (hdc=0x170107f8, h=0x6d0a0520) returned 0x8a01c2
[0254.136] GetBkMode (hdc=0x170107f8) returned 2
[0254.136] SetBkMode (hdc=0x170107f8, mode=1) returned 2
[0254.136] DrawTextExW (in: hdc=0x170107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2dce424 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0254.136] DrawTextExW (in: hdc=0x170107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2dce424 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0254.137] RestoreDC (hdc=0x170107f8, nSavedDC=-1) returned 1
[0254.137] GdipReleaseDC (graphics=0x6600030, hdc=0x170107f8) returned 0x0
[0254.137] GetFocus () returned 0x602c4
[0254.137] IsAppThemed () returned 0x1
[0254.137] GetThemeAppProperties () returned 0x3
[0254.137] GetThemeAppProperties () returned 0x3
[0254.137] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0254.137] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x170107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.138] GdipReleaseDC (graphics=0x6600030, hdc=0x170107f8) returned 0x0
[0254.138] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.138] SelectObject (hdc=0x170107f8, h=0x85000f) returned 0x4a0507fe
[0254.138] DeleteDC (hdc=0x170107f8) returned 1
[0254.138] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.139] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0254.139] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dce520, cPoints=0x1 | out: lpPoints=0x2dce520) returned 40304859
[0254.139] WindowFromPoint (Point=0x10f) returned 0x602c4
[0254.139] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x275010f) returned 0x1
[0254.139] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0254.139] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0254.139] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0254.139] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0254.139] GetSystemMetrics (nIndex=42) returned 0
[0254.139] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0254.139] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0254.141] GetCapture () returned 0x602c4
[0254.141] ReleaseCapture () returned 1
[0254.141] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0254.142] GetProcessWindowStation () returned 0x13c
[0254.142] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.142] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0254.142] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.143] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0254.143] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.143] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0254.143] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.143] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0254.144] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.144] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0254.144] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.144] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0254.144] GetDC (hWnd=0x0) returned 0xc0107c5
[0254.144] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0254.145] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0254.145] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.145] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0254.145] GetSystemMetrics (nIndex=5) returned 1
[0254.145] GetSystemMetrics (nIndex=6) returned 1
[0254.145] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.145] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0254.145] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.146] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0254.149] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0254.149] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0254.149] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.149] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0254.149] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.149] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0254.150] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2dd3f3c | out: lpData=0x2dd3f3c) returned 1
[0254.151] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd434c, puLen=0xd7e810) returned 1
[0254.151] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd3ff4, puLen=0xd7e790) returned 1
[0254.151] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4048, puLen=0xd7e790) returned 1
[0254.151] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd40c8, puLen=0xd7e790) returned 1
[0254.151] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4130, puLen=0xd7e790) returned 1
[0254.151] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4170, puLen=0xd7e790) returned 1
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd41f8, puLen=0xd7e790) returned 1
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd4234, puLen=0xd7e790) returned 1
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd428c, puLen=0xd7e790) returned 1
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd42bc, puLen=0xd7e790) returned 1
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd42f8, puLen=0xd7e790) returned 1
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd434c, puLen=0xd7e784) returned 1
[0254.152] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.152] VerQueryValueW (in: pBlock=0x2dd3f3c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd3f64, puLen=0xd7e794) returned 1
[0254.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0254.153] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0254.153] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.153] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0254.153] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.155] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0254.155] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2dd5eac | out: lpData=0x2dd5eac) returned 1
[0254.155] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd5f48, puLen=0xd7e810) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5fc0, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5ff0, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd602c, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd605c, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd60a4, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd611c, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd6160, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd61a0, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5f9e, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd60ec, puLen=0xd7e790) returned 1
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd5f48, puLen=0xd7e784) returned 1
[0254.156] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0254.156] VerQueryValueW (in: pBlock=0x2dd5eac, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd5ed4, puLen=0xd7e794) returned 1
[0254.157] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0254.157] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0254.157] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.157] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0254.157] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.157] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0254.158] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2dd8184 | out: lpData=0x2dd8184) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd8598, puLen=0xd7e810) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd823c, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8290, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd82ec, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd834c, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd83a4, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd842c, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8480, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd84d8, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8508, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd8544, puLen=0xd7e790) returned 1
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.159] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd8598, puLen=0xd7e784) returned 1
[0254.159] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.160] VerQueryValueW (in: pBlock=0x2dd8184, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd81ac, puLen=0xd7e794) returned 1
[0254.160] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0254.160] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0254.161] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.161] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0254.161] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.161] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0254.162] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dda7bc | out: lpData=0x2dda7bc) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ddabbc, puLen=0xd7e810) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dda874, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dda8c8, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dda908, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dda970, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dda9c8, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddaa50, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddaaa4, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddaafc, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddab2c, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddab68, puLen=0xd7e790) returned 1
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ddabbc, puLen=0xd7e784) returned 1
[0254.163] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.163] VerQueryValueW (in: pBlock=0x2dda7bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dda7e4, puLen=0xd7e794) returned 1
[0254.164] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0254.164] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0254.164] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.164] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0254.165] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.165] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0254.165] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2ddcef8 | out: lpData=0x2ddcef8) returned 1
[0254.166] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ddd2c0, puLen=0xd7e810) returned 1
[0254.166] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddcfb0, puLen=0xd7e790) returned 1
[0254.166] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd004, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd044, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd0ac, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd0e8, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd170, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd1a8, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd200, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd230, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ddd26c, puLen=0xd7e790) returned 1
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ddd2c0, puLen=0xd7e784) returned 1
[0254.167] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.167] VerQueryValueW (in: pBlock=0x2ddcef8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ddcf20, puLen=0xd7e794) returned 1
[0254.168] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0254.168] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0254.168] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.168] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0254.168] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.168] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0254.171] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2de0560 | out: lpData=0x2de0560) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de0940, puLen=0xd7e810) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de0618, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de066c, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de06ac, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de070c, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de0758, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de07e0, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de0828, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de0880, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de08b0, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de08ec, puLen=0xd7e790) returned 1
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de0940, puLen=0xd7e784) returned 1
[0254.172] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.172] VerQueryValueW (in: pBlock=0x2de0560, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de0588, puLen=0xd7e794) returned 1
[0254.173] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0254.173] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0254.173] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.173] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0254.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.174] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0254.174] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2de2d80 | out: lpData=0x2de2d80) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de318c, puLen=0xd7e810) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de2e38, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de2e8c, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de2ee0, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de2f40, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de2f98, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de3020, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de3074, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de30cc, puLen=0xd7e790) returned 1
[0254.175] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de30fc, puLen=0xd7e790) returned 1
[0254.176] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.176] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de3138, puLen=0xd7e790) returned 1
[0254.176] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.176] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de318c, puLen=0xd7e784) returned 1
[0254.176] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.176] VerQueryValueW (in: pBlock=0x2de2d80, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de2da8, puLen=0xd7e794) returned 1
[0254.177] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0254.177] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0254.177] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.177] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0254.177] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.177] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0254.178] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2de5594 | out: lpData=0x2de5594) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de596c, puLen=0xd7e810) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de564c, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de56a0, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de56e0, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de5748, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de578c, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de5814, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de5854, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de58ac, puLen=0xd7e790) returned 1
[0254.179] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de58dc, puLen=0xd7e790) returned 1
[0254.180] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.180] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de5918, puLen=0xd7e790) returned 1
[0254.180] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.180] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de596c, puLen=0xd7e784) returned 1
[0254.180] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.180] VerQueryValueW (in: pBlock=0x2de5594, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de55bc, puLen=0xd7e794) returned 1
[0254.181] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0254.181] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0254.181] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.181] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0254.181] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.181] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0254.182] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2de7aec | out: lpData=0x2de7aec) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de7ec4, puLen=0xd7e810) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7ba4, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7bf8, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7c38, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7ca0, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7ce4, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7d6c, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7dac, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7e04, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7e34, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7e70, puLen=0xd7e790) returned 1
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.183] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de7ec4, puLen=0xd7e784) returned 1
[0254.183] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.184] VerQueryValueW (in: pBlock=0x2de7aec, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de7b14, puLen=0xd7e794) returned 1
[0254.185] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0254.185] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0254.185] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0254.185] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0254.185] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0254.185] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0254.186] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2dea224 | out: lpData=0x2dea224) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dea654, puLen=0xd7e810) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea2dc, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea330, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea3a0, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea400, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea45c, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea4e4, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea53c, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea594, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea5c4, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dea600, puLen=0xd7e790) returned 1
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dea654, puLen=0xd7e784) returned 1
[0254.187] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0254.187] VerQueryValueW (in: pBlock=0x2dea224, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dea24c, puLen=0xd7e794) returned 1
[0254.188] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0254.188] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.188] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0254.188] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.189] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.189] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2502dc
[0254.189] SetWindowLongW (hWnd=0x2502dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0254.190] GetWindowLongW (hWnd=0x2502dc, nIndex=-4) returned 1950089536
[0254.190] SetWindowLongW (hWnd=0x2502dc, nIndex=-4, dwNewLong=19950134) returned 1950089536
[0254.190] GetWindowLongW (hWnd=0x2502dc, nIndex=-4) returned 19950134
[0254.190] GetWindowLongW (hWnd=0x2502dc, nIndex=-16) returned 113311744
[0254.190] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0254.190] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0254.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0254.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0254.191] GetClientRect (in: hWnd=0x2502dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0254.191] GetWindowRect (in: hWnd=0x2502dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0254.192] SetWindowTextW (hWnd=0x2502dc, lpString="WindowsFormsParkingWindow") returned 1
[0254.192] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0xc, wParam=0x0, lParam=0x2daf7d4) returned 0x1
[0254.192] GetParent (hWnd=0x2502dc) returned 0x0
[0254.193] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.193] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2502dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2502da
[0254.193] SetWindowLongW (hWnd=0x2502da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0254.193] GetWindowLongW (hWnd=0x2502da, nIndex=-4) returned 1868147648
[0254.193] SetWindowLongW (hWnd=0x2502da, nIndex=-4, dwNewLong=19950054) returned 1868147648
[0254.194] GetWindowLongW (hWnd=0x2502da, nIndex=-4) returned 19950054
[0254.194] GetWindowLongW (hWnd=0x2502da, nIndex=-16) returned 1174405133
[0254.194] GetWindowLongW (hWnd=0x2502da, nIndex=-12) returned 0
[0254.194] SetWindowLongW (hWnd=0x2502da, nIndex=-12, dwNewLong=2425562) returned 0
[0254.194] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0254.194] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0254.195] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0254.195] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0254.195] GetWindowRect (in: hWnd=0x2502da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0254.195] GetParent (hWnd=0x2502da) returned 0x2502dc
[0254.195] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0254.196] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0254.196] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0254.196] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0254.196] GetWindowRect (in: hWnd=0x2502da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0254.196] GetParent (hWnd=0x2502da) returned 0x2502dc
[0254.196] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0254.196] SendMessageW (hWnd=0x2502da, Msg=0x2210, wParam=0x2da0001, lParam=0x2502da) returned 0x0
[0254.196] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x2210, wParam=0x2da0001, lParam=0x2502da) returned 0x0
[0254.197] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.197] GetParent (hWnd=0x2502da) returned 0x2502dc
[0254.197] GdipCreateFromHWND (hwnd=0x2502da, graphics=0xd7e844) returned 0x0
[0254.197] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0254.198] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.198] GetForegroundWindow () returned 0x7005c
[0254.198] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.198] GetSystemMetrics (nIndex=42) returned 0
[0254.198] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0254.198] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.198] GetSystemMetrics (nIndex=42) returned 0
[0254.198] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.198] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0254.199] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.199] GetCursorPos (in: lpPoint=0x2dee6a8 | out: lpPoint=0x2dee6a8*(x=271, y=629)) returned 1
[0254.199] MonitorFromPoint (pt=0x10f, dwFlags=0x275) returned 0x10001
[0254.199] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0254.199] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1a0107f8
[0254.199] GetDeviceCaps (hdc=0x1a0107f8, index=12) returned 32
[0254.199] GetDeviceCaps (hdc=0x1a0107f8, index=14) returned 1
[0254.199] DeleteDC (hdc=0x1a0107f8) returned 1
[0254.200] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0254.200] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0254.200] GetSystemMetrics (nIndex=59) returned 1460
[0254.200] GetSystemMetrics (nIndex=60) returned 920
[0254.200] GetSystemMetrics (nIndex=34) returned 136
[0254.200] GetSystemMetrics (nIndex=35) returned 39
[0254.200] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.201] GetCursorPos (in: lpPoint=0x2dee914 | out: lpPoint=0x2dee914*(x=271, y=629)) returned 1
[0254.201] MonitorFromPoint (pt=0x10f, dwFlags=0x275) returned 0x10001
[0254.201] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0254.201] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1b0107f8
[0254.201] GetDeviceCaps (hdc=0x1b0107f8, index=12) returned 32
[0254.201] GetDeviceCaps (hdc=0x1b0107f8, index=14) returned 1
[0254.201] DeleteDC (hdc=0x1b0107f8) returned 1
[0254.201] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0254.201] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0254.202] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.202] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0254.202] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2deebac | out: piconinfo=0x2deebac) returned 1
[0254.202] GetObjectW (in: h=0xda0507d3, c=24, pv=0x2deebc8 | out: pv=0x2deebc8) returned 24
[0254.202] GdipCreateBitmapFromHBITMAP (hbm=0xda0507d3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0254.203] GdipGetImageWidth (image=0x6652580, width=0xd7e750) returned 0x0
[0254.203] GdipGetImageHeight (image=0x6652580, height=0xd7e748) returned 0x0
[0254.203] GdipGetImagePixelFormat (image=0x6652580, format=0xd7e740) returned 0x0
[0254.203] GdipBitmapLockBits (bitmap=0x6652580, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2deec80) returned 0x0
[0254.203] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0254.203] GdipBitmapLockBits (bitmap=0x66511d0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2deecb8) returned 0x0
[0254.203] RtlMoveMemory (in: Destination=0x6659f20, Source=0x665fec8, Length=0x80 | out: Destination=0x6659f20)
[0254.203] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x665fe48, Length=0x80 | out: Destination=0x6659fa0)
[0254.203] RtlMoveMemory (in: Destination=0x665a020, Source=0x665fdc8, Length=0x80 | out: Destination=0x665a020)
[0254.203] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x665fd48, Length=0x80 | out: Destination=0x665a0a0)
[0254.203] RtlMoveMemory (in: Destination=0x665a120, Source=0x665fcc8, Length=0x80 | out: Destination=0x665a120)
[0254.203] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x665fc48, Length=0x80 | out: Destination=0x665a1a0)
[0254.203] RtlMoveMemory (in: Destination=0x665a220, Source=0x665fbc8, Length=0x80 | out: Destination=0x665a220)
[0254.203] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x665fb48, Length=0x80 | out: Destination=0x665a2a0)
[0254.204] RtlMoveMemory (in: Destination=0x665a320, Source=0x665fac8, Length=0x80 | out: Destination=0x665a320)
[0254.204] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x665fa48, Length=0x80 | out: Destination=0x665a3a0)
[0254.204] RtlMoveMemory (in: Destination=0x665a420, Source=0x665f9c8, Length=0x80 | out: Destination=0x665a420)
[0254.204] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x665f948, Length=0x80 | out: Destination=0x665a4a0)
[0254.204] RtlMoveMemory (in: Destination=0x665a520, Source=0x665f8c8, Length=0x80 | out: Destination=0x665a520)
[0254.204] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x665f848, Length=0x80 | out: Destination=0x665a5a0)
[0254.204] RtlMoveMemory (in: Destination=0x665a620, Source=0x665f7c8, Length=0x80 | out: Destination=0x665a620)
[0254.204] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x665f748, Length=0x80 | out: Destination=0x665a6a0)
[0254.204] RtlMoveMemory (in: Destination=0x665a720, Source=0x665f6c8, Length=0x80 | out: Destination=0x665a720)
[0254.204] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x665f648, Length=0x80 | out: Destination=0x665a7a0)
[0254.204] RtlMoveMemory (in: Destination=0x665a820, Source=0x665f5c8, Length=0x80 | out: Destination=0x665a820)
[0254.204] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x665f548, Length=0x80 | out: Destination=0x665a8a0)
[0254.204] RtlMoveMemory (in: Destination=0x665a920, Source=0x665f4c8, Length=0x80 | out: Destination=0x665a920)
[0254.204] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x665f448, Length=0x80 | out: Destination=0x665a9a0)
[0254.204] RtlMoveMemory (in: Destination=0x665aa20, Source=0x665f3c8, Length=0x80 | out: Destination=0x665aa20)
[0254.204] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x665f348, Length=0x80 | out: Destination=0x665aaa0)
[0254.204] RtlMoveMemory (in: Destination=0x665ab20, Source=0x665f2c8, Length=0x80 | out: Destination=0x665ab20)
[0254.204] RtlMoveMemory (in: Destination=0x665aba0, Source=0x665f248, Length=0x80 | out: Destination=0x665aba0)
[0254.204] RtlMoveMemory (in: Destination=0x665ac20, Source=0x665f1c8, Length=0x80 | out: Destination=0x665ac20)
[0254.205] RtlMoveMemory (in: Destination=0x665aca0, Source=0x665f148, Length=0x80 | out: Destination=0x665aca0)
[0254.205] RtlMoveMemory (in: Destination=0x665ad20, Source=0x665f0c8, Length=0x80 | out: Destination=0x665ad20)
[0254.205] RtlMoveMemory (in: Destination=0x665ada0, Source=0x665f048, Length=0x80 | out: Destination=0x665ada0)
[0254.205] RtlMoveMemory (in: Destination=0x665ae20, Source=0x665efc8, Length=0x80 | out: Destination=0x665ae20)
[0254.205] RtlMoveMemory (in: Destination=0x665aea0, Source=0x665ef48, Length=0x80 | out: Destination=0x665aea0)
[0254.205] GdipBitmapUnlockBits (bitmap=0x6652580, lockedBitmapData=0x2deec80) returned 0x0
[0254.205] GdipBitmapUnlockBits (bitmap=0x66511d0, lockedBitmapData=0x2deecb8) returned 0x0
[0254.205] GdipDisposeImage (image=0x6652580) returned 0x0
[0254.205] DeleteObject (ho=0xda0507d3) returned 1
[0254.205] DeleteObject (ho=0x1c0507f8) returned 1
[0254.205] GetCurrentThreadId () returned 0xf50
[0254.205] GetCurrentThreadId () returned 0xf50
[0254.205] SetWindowPos (hWnd=0x2502da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0254.205] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0254.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0254.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0254.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0254.206] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0254.206] GetWindowRect (in: hWnd=0x2502da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0254.206] GetParent (hWnd=0x2502da) returned 0x2502dc
[0254.206] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0254.206] InvalidateRect (hWnd=0x2502da, lpRect=0x0, bErase=1) returned 1
[0254.206] GetWindowTextLengthW (hWnd=0x2502da) returned 0
[0254.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0254.206] GetSystemMetrics (nIndex=42) returned 0
[0254.206] GetWindowTextW (in: hWnd=0x2502da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0254.206] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0254.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0254.207] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0254.207] GetWindowRect (in: hWnd=0x2502da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0254.207] GetParent (hWnd=0x2502da) returned 0x2502dc
[0254.207] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0254.207] GetWindowTextLengthW (hWnd=0x2502da) returned 0
[0254.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0254.207] GetSystemMetrics (nIndex=42) returned 0
[0254.207] GetWindowTextW (in: hWnd=0x2502da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0254.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0254.207] GetWindowTextLengthW (hWnd=0x2502da) returned 0
[0254.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0254.207] GetSystemMetrics (nIndex=42) returned 0
[0254.207] GetWindowTextW (in: hWnd=0x2502da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0254.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0254.207] SetWindowTextW (hWnd=0x2502da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0254.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xc, wParam=0x0, lParam=0x2dcfb14) returned 0x1
[0254.208] InvalidateRect (hWnd=0x2502da, lpRect=0x0, bErase=1) returned 1
[0254.208] GetCurrentThreadId () returned 0xf50
[0254.208] GetWindowThreadProcessId (in: hWnd=0x2502da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0254.208] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0254.209] GdipImageForceValidation (image=0x6652580) returned 0x0
[0254.211] GdipGetImageRawFormat (image=0x6652580, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0254.211] GdipGetImageHeight (image=0x6652580, height=0xd7e824) returned 0x0
[0254.211] GdipGetImageWidth (image=0x6652580, width=0xd7e824) returned 0x0
[0254.211] GdipGetImageWidth (image=0x6652580, width=0xd7e810) returned 0x0
[0254.211] GdipGetImageHeight (image=0x6652580, height=0xd7e810) returned 0x0
[0254.211] GdipGetImageWidth (image=0x6652580, width=0xd7e800) returned 0x0
[0254.211] GdipGetImageHeight (image=0x6652580, height=0xd7e800) returned 0x0
[0254.211] GdipBitmapGetPixel (bitmap=0x6652580, x=0, y=15, color=0xd7e810) returned 0x0
[0254.211] GdipGetImageRawFormat (image=0x6652580, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0254.211] GdipGetImageWidth (image=0x6652580, width=0xd7e740) returned 0x0
[0254.211] GdipGetImageHeight (image=0x6652580, height=0xd7e740) returned 0x0
[0254.211] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0254.211] GdipGetImagePixelFormat (image=0x6650168, format=0xd7e740) returned 0x0
[0254.211] GdipGetImageGraphicsContext (image=0x6650168, graphics=0xd7e74c) returned 0x0
[0254.211] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0254.212] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0254.212] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0254.212] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6652580, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0254.212] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0254.212] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.212] GdipDisposeImage (image=0x6652580) returned 0x0
[0254.213] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0254.214] GdipImageForceValidation (image=0x6652580) returned 0x0
[0254.215] GdipGetImageRawFormat (image=0x6652580, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0254.215] GdipGetImageHeight (image=0x6652580, height=0xd7e824) returned 0x0
[0254.215] GdipGetImageWidth (image=0x6652580, width=0xd7e824) returned 0x0
[0254.216] GdipGetImageWidth (image=0x6652580, width=0xd7e810) returned 0x0
[0254.216] GdipGetImageHeight (image=0x6652580, height=0xd7e810) returned 0x0
[0254.216] GdipGetImageWidth (image=0x6652580, width=0xd7e800) returned 0x0
[0254.216] GdipGetImageHeight (image=0x6652580, height=0xd7e800) returned 0x0
[0254.216] GdipBitmapGetPixel (bitmap=0x6652580, x=0, y=15, color=0xd7e810) returned 0x0
[0254.216] GdipGetImageRawFormat (image=0x6652580, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0254.216] GdipGetImageWidth (image=0x6652580, width=0xd7e740) returned 0x0
[0254.216] GdipGetImageHeight (image=0x6652580, height=0xd7e740) returned 0x0
[0254.216] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0254.216] GdipGetImagePixelFormat (image=0x664ea70, format=0xd7e740) returned 0x0
[0254.216] GdipGetImageGraphicsContext (image=0x664ea70, graphics=0xd7e74c) returned 0x0
[0254.217] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0254.217] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0254.217] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0254.217] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6652580, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0254.217] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0254.217] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.217] GdipDisposeImage (image=0x6652580) returned 0x0
[0254.217] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.218] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0254.218] GetCurrentThreadId () returned 0xf50
[0254.218] GetCurrentThreadId () returned 0xf50
[0254.218] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.218] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0254.218] GetCurrentThreadId () returned 0xf50
[0254.218] GetCurrentThreadId () returned 0xf50
[0254.219] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.219] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0254.219] GetCurrentThreadId () returned 0xf50
[0254.219] GetCurrentThreadId () returned 0xf50
[0254.219] GetSystemMetrics (nIndex=5) returned 1
[0254.219] GetSystemMetrics (nIndex=6) returned 1
[0254.219] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.219] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0254.219] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.219] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0254.220] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.220] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0254.220] GetCurrentThreadId () returned 0xf50
[0254.220] GetCurrentThreadId () returned 0xf50
[0254.220] GetProcessWindowStation () returned 0x13c
[0254.220] GetCapture () returned 0x0
[0254.220] GetActiveWindow () returned 0x7005c
[0254.220] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0254.221] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.221] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0254.221] GetCursorPos (in: lpPoint=0x2defdf8 | out: lpPoint=0x2defdf8*(x=271, y=629)) returned 1
[0254.221] MonitorFromPoint (pt=0x10f, dwFlags=0x276) returned 0x10001
[0254.221] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0254.221] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1d0107f8
[0254.221] GetDeviceCaps (hdc=0x1d0107f8, index=12) returned 32
[0254.221] GetDeviceCaps (hdc=0x1d0107f8, index=14) returned 1
[0254.221] DeleteDC (hdc=0x1d0107f8) returned 1
[0254.221] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0254.222] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.222] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2502de
[0254.222] SetWindowLongW (hWnd=0x2502de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0254.222] GetWindowLongW (hWnd=0x2502de, nIndex=-4) returned 1950089536
[0254.223] SetWindowLongW (hWnd=0x2502de, nIndex=-4, dwNewLong=19950094) returned 1950089536
[0254.223] GetWindowLongW (hWnd=0x2502de, nIndex=-4) returned 19950094
[0254.223] GetWindowLongW (hWnd=0x2502de, nIndex=-16) returned 113770496
[0254.223] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0254.224] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0254.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0254.225] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0254.225] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0254.225] SetWindowTextW (hWnd=0x2502de, lpString="BB ransomware") returned 1
[0254.225] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xc, wParam=0x0, lParam=0x2dee594) returned 0x1
[0254.226] GetStartupInfoW (in: lpStartupInfo=0x2df0134 | out: lpStartupInfo=0x2df0134*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0254.227] GetParent (hWnd=0x2502de) returned 0x0
[0254.227] SetWindowLongW (hWnd=0x2502de, nIndex=-8, dwNewLong=0) returned 0
[0254.228] SendMessageW (hWnd=0x2502de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0254.228] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0254.228] SendMessageW (hWnd=0x2502de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0254.228] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0254.228] GetSystemMenu (hWnd=0x2502de, bRevert=0) returned 0x4a02b9
[0254.229] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0254.229] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0254.229] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0254.229] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0254.229] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0254.229] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0254.229] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0254.229] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0254.229] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0254.230] SetWindowPos (hWnd=0x2502de, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0254.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0254.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2502de) returned 0x1
[0254.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0254.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0254.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2502de, lParam=0x0) returned 0x0
[0254.239] GetCapture () returned 0x0
[0254.239] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0254.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0254.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0254.243] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0254.243] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0254.244] GetParent (hWnd=0x2502de) returned 0x0
[0254.244] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0254.246] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0254.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0254.247] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0254.247] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0254.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.257] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.258] GetWindowLongW (hWnd=0x2502de, nIndex=-16) returned 113770496
[0254.258] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.258] GetSystemMetrics (nIndex=42) returned 0
[0254.258] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0254.258] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.258] GetSystemMetrics (nIndex=42) returned 0
[0254.258] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0254.258] GetCursorPos (in: lpPoint=0x2df0370 | out: lpPoint=0x2df0370*(x=271, y=629)) returned 1
[0254.258] MonitorFromPoint (pt=0x10f, dwFlags=0x275) returned 0x10001
[0254.258] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0254.258] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x660107ec
[0254.259] GetDeviceCaps (hdc=0x660107ec, index=12) returned 32
[0254.259] GetDeviceCaps (hdc=0x660107ec, index=14) returned 1
[0254.259] DeleteDC (hdc=0x660107ec) returned 1
[0254.259] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0254.259] GetWindowLongW (hWnd=0x2502de, nIndex=-16) returned 113770496
[0254.259] GetWindowLongW (hWnd=0x2502de, nIndex=-20) returned 327945
[0254.259] SetWindowLongW (hWnd=0x2502de, nIndex=-16, dwNewLong=46661632) returned 113770496
[0254.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0254.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0254.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.262] SetWindowLongW (hWnd=0x2502de, nIndex=-20, dwNewLong=327681) returned 327945
[0254.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0254.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0254.263] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.264] SetWindowPos (hWnd=0x2502de, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0254.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0254.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0254.265] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0254.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0254.265] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0254.265] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0254.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.267] RedrawWindow (hWnd=0x2502de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0254.267] GetSystemMenu (hWnd=0x2502de, bRevert=0) returned 0x4a02b9
[0254.267] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0254.267] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0254.267] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0254.267] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0254.267] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0254.267] EnableMenuItem (hMenu=0x4a02b9, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0254.267] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0254.267] GetWindowLongW (hWnd=0x2502de, nIndex=-8) returned 0
[0254.267] SetWindowLongW (hWnd=0x2502de, nIndex=-8, dwNewLong=458844) returned 0
[0254.269] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0254.269] GetProcessWindowStation () returned 0x13c
[0254.269] GetCurrentThreadId () returned 0xf50
[0254.269] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306b9e, lParam=0x0) returned 1
[0254.269] IsWindowVisible (hWnd=0x2502de) returned 0
[0254.269] IsWindowVisible (hWnd=0x7005c) returned 1
[0254.269] IsWindowEnabled (hWnd=0x7005c) returned 1
[0254.269] IsWindowVisible (hWnd=0x300ec) returned 0
[0254.269] IsWindowVisible (hWnd=0x502c6) returned 0
[0254.269] IsWindowVisible (hWnd=0x502be) returned 0
[0254.269] GetActiveWindow () returned 0x2502de
[0254.269] GetFocus () returned 0x2502de
[0254.270] IsWindow (hWnd=0x7005c) returned 1
[0254.270] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0254.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0254.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0254.271] GetWindowLongW (hWnd=0x2502de, nIndex=-8) returned 458844
[0254.271] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0254.271] GetCurrentThreadId () returned 0xf50
[0254.271] GetWindowLongW (hWnd=0x2502de, nIndex=-8) returned 458844
[0254.271] IsWindowEnabled (hWnd=0x7005c) returned 0
[0254.271] IsWindowEnabled (hWnd=0x2502de) returned 1
[0254.271] ShowWindow (hWnd=0x2502de, nCmdShow=5) returned 0
[0254.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.271] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0254.272] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.272] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.272] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2502de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b02ce
[0254.273] SetWindowLongW (hWnd=0x1b02ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0254.273] GetWindowLongW (hWnd=0x1b02ce, nIndex=-4) returned 1950089536
[0254.273] SetWindowLongW (hWnd=0x1b02ce, nIndex=-4, dwNewLong=19950214) returned 1950089536
[0254.273] GetWindowLongW (hWnd=0x1b02ce, nIndex=-4) returned 19950214
[0254.273] GetWindowLongW (hWnd=0x1b02ce, nIndex=-16) returned 1174405120
[0254.273] GetWindowLongW (hWnd=0x1b02ce, nIndex=-12) returned 0
[0254.273] SetWindowLongW (hWnd=0x1b02ce, nIndex=-12, dwNewLong=1770190) returned 0
[0254.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0254.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0254.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0254.274] GetWindow (hWnd=0x1b02ce, uCmd=0x3) returned 0x0
[0254.274] GetClientRect (in: hWnd=0x1b02ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0254.274] GetWindowRect (in: hWnd=0x1b02ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0254.274] GetParent (hWnd=0x1b02ce) returned 0x2502de
[0254.274] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0254.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0254.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0254.275] GetClientRect (in: hWnd=0x1b02ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0254.275] GetWindowRect (in: hWnd=0x1b02ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0254.275] GetParent (hWnd=0x1b02ce) returned 0x2502de
[0254.275] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0254.275] SendMessageW (hWnd=0x1b02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1b02ce) returned 0x0
[0254.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1b02ce) returned 0x0
[0254.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.276] GetParent (hWnd=0x1b02ce) returned 0x2502de
[0254.276] GetParent (hWnd=0x2502da) returned 0x2502dc
[0254.276] SetParent (hWndChild=0x2502da, hWndNewParent=0x2502de) returned 0x2502dc
[0254.276] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0254.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0254.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0254.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0254.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0254.277] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0254.277] GetWindowRect (in: hWnd=0x2502da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0254.277] GetParent (hWnd=0x2502da) returned 0x2502de
[0254.277] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0254.277] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0254.277] GetWindowRect (in: hWnd=0x2502da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0254.277] GetParent (hWnd=0x2502da) returned 0x2502de
[0254.277] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0254.277] GetParent (hWnd=0x2502da) returned 0x2502de
[0254.278] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.278] GetWindow (hWnd=0x2502da, uCmd=0x3) returned 0x0
[0254.278] SetWindowPos (hWnd=0x2502da, hWndInsertAfter=0x1b02ce, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0254.278] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0254.279] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0254.279] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0254.279] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0254.279] GetWindowRect (in: hWnd=0x2502da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0254.279] GetParent (hWnd=0x2502da) returned 0x2502de
[0254.279] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0254.279] GetParent (hWnd=0x2502da) returned 0x2502de
[0254.279] GetWindow (hWnd=0x2502da, uCmd=0x3) returned 0x1b02ce
[0254.280] GetWindowThreadProcessId (in: hWnd=0x2502da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0254.280] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0254.280] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.281] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.281] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2502de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2702d8
[0254.281] SetWindowLongW (hWnd=0x2702d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0254.281] GetWindowLongW (hWnd=0x2702d8, nIndex=-4) returned 1868032000
[0254.281] SetWindowLongW (hWnd=0x2702d8, nIndex=-4, dwNewLong=19950574) returned 1868032000
[0254.282] GetWindowLongW (hWnd=0x2702d8, nIndex=-4) returned 19950574
[0254.282] GetWindowLongW (hWnd=0x2702d8, nIndex=-16) returned 1174470667
[0254.282] GetWindowLongW (hWnd=0x2702d8, nIndex=-12) returned 0
[0254.282] SetWindowLongW (hWnd=0x2702d8, nIndex=-12, dwNewLong=2556632) returned 0
[0254.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0254.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0254.283] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0254.284] SendMessageW (hWnd=0x2702d8, Msg=0x2055, wParam=0x2702d8, lParam=0x3) returned 0x2
[0254.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0254.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0254.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0254.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0254.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0254.284] RedrawWindow (hWnd=0x1b02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0254.284] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0254.284] RedrawWindow (hWnd=0x2502da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0254.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0254.284] RedrawWindow (hWnd=0x2702d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0254.285] RedrawWindow (hWnd=0x2502de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0254.285] GetWindow (hWnd=0x2702d8, uCmd=0x3) returned 0x2502da
[0254.285] GetClientRect (in: hWnd=0x2702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0254.285] GetWindowRect (in: hWnd=0x2702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0254.285] GetParent (hWnd=0x2702d8) returned 0x2502de
[0254.285] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0254.285] SetWindowTextW (hWnd=0x2702d8, lpString="&Details") returned 1
[0254.285] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0254.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0254.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0254.286] GetClientRect (in: hWnd=0x2702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0254.286] GetWindowRect (in: hWnd=0x2702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0254.286] GetParent (hWnd=0x2702d8) returned 0x2502de
[0254.286] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0254.286] SendMessageW (hWnd=0x2702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2702d8) returned 0x0
[0254.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2702d8) returned 0x0
[0254.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.287] GetParent (hWnd=0x2702d8) returned 0x2502de
[0254.287] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0254.287] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.287] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.287] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2502de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f02c8
[0254.288] SetWindowLongW (hWnd=0x1f02c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0254.288] GetWindowLongW (hWnd=0x1f02c8, nIndex=-4) returned 1868032000
[0254.288] SetWindowLongW (hWnd=0x1f02c8, nIndex=-4, dwNewLong=19950254) returned 1868032000
[0254.288] GetWindowLongW (hWnd=0x1f02c8, nIndex=-4) returned 19950254
[0254.288] GetWindowLongW (hWnd=0x1f02c8, nIndex=-16) returned 1174470667
[0254.288] GetWindowLongW (hWnd=0x1f02c8, nIndex=-12) returned 0
[0254.288] SetWindowLongW (hWnd=0x1f02c8, nIndex=-12, dwNewLong=2032328) returned 0
[0254.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0254.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0254.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0254.290] SendMessageW (hWnd=0x1f02c8, Msg=0x2055, wParam=0x1f02c8, lParam=0x3) returned 0x2
[0254.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0254.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0254.291] GetWindow (hWnd=0x1f02c8, uCmd=0x3) returned 0x2702d8
[0254.291] GetClientRect (in: hWnd=0x1f02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0254.291] GetWindowRect (in: hWnd=0x1f02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0254.291] GetParent (hWnd=0x1f02c8) returned 0x2502de
[0254.291] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0254.291] SetWindowTextW (hWnd=0x1f02c8, lpString="&Continue") returned 1
[0254.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0254.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0254.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0254.292] GetClientRect (in: hWnd=0x1f02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0254.292] GetWindowRect (in: hWnd=0x1f02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0254.292] GetParent (hWnd=0x1f02c8) returned 0x2502de
[0254.292] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0254.292] SendMessageW (hWnd=0x1f02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1f02c8) returned 0x0
[0254.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x1f02c8) returned 0x0
[0254.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.293] GetParent (hWnd=0x1f02c8) returned 0x2502de
[0254.293] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0254.293] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.293] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.294] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2502de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2800ea
[0254.294] SetWindowLongW (hWnd=0x2800ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0254.295] GetWindowLongW (hWnd=0x2800ea, nIndex=-4) returned 1868032000
[0254.295] SetWindowLongW (hWnd=0x2800ea, nIndex=-4, dwNewLong=19949894) returned 1868032000
[0254.295] GetWindowLongW (hWnd=0x2800ea, nIndex=-4) returned 19949894
[0254.295] GetWindowLongW (hWnd=0x2800ea, nIndex=-16) returned 1174470667
[0254.295] GetWindowLongW (hWnd=0x2800ea, nIndex=-12) returned 0
[0254.295] SetWindowLongW (hWnd=0x2800ea, nIndex=-12, dwNewLong=2621674) returned 0
[0254.295] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0254.296] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0254.296] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0254.297] SendMessageW (hWnd=0x2800ea, Msg=0x2055, wParam=0x2800ea, lParam=0x3) returned 0x2
[0254.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0254.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0254.297] GetWindow (hWnd=0x2800ea, uCmd=0x3) returned 0x1f02c8
[0254.297] GetClientRect (in: hWnd=0x2800ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0254.297] GetWindowRect (in: hWnd=0x2800ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0254.297] GetParent (hWnd=0x2800ea) returned 0x2502de
[0254.297] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0254.297] SetWindowTextW (hWnd=0x2800ea, lpString="&Quit") returned 1
[0254.298] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0254.298] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0254.298] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0254.298] GetClientRect (in: hWnd=0x2800ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0254.298] GetWindowRect (in: hWnd=0x2800ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0254.298] GetParent (hWnd=0x2800ea) returned 0x2502de
[0254.298] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0254.298] SendMessageW (hWnd=0x2800ea, Msg=0x2210, wParam=0xea0001, lParam=0x2800ea) returned 0x0
[0254.298] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x2210, wParam=0xea0001, lParam=0x2800ea) returned 0x0
[0254.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.299] GetParent (hWnd=0x2800ea) returned 0x2502de
[0254.299] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0254.299] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.300] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0254.300] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2502de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1a02d0
[0254.300] SetWindowLongW (hWnd=0x1a02d0, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0254.300] GetWindowLongW (hWnd=0x1a02d0, nIndex=-4) returned 1868026976
[0254.301] SetWindowLongW (hWnd=0x1a02d0, nIndex=-4, dwNewLong=19949934) returned 1868026976
[0254.301] GetWindowLongW (hWnd=0x1a02d0, nIndex=-4) returned 19949934
[0254.301] GetWindowLongW (hWnd=0x1a02d0, nIndex=-16) returned 1177553092
[0254.301] GetWindowLongW (hWnd=0x1a02d0, nIndex=-12) returned 0
[0254.301] SetWindowLongW (hWnd=0x1a02d0, nIndex=-12, dwNewLong=1704656) returned 0
[0254.301] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0254.302] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0254.303] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0254.328] GetWindow (hWnd=0x1a02d0, uCmd=0x3) returned 0x2800ea
[0254.328] GetClientRect (in: hWnd=0x1a02d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0254.328] GetWindowRect (in: hWnd=0x1a02d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0254.328] GetParent (hWnd=0x1a02d0) returned 0x2502de
[0254.328] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0254.328] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.328] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.328] GetSystemMetrics (nIndex=42) returned 0
[0254.328] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0254.329] SendMessageW (hWnd=0x1a02d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0254.329] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0254.334] SetWindowTextW (hWnd=0x1a02d0, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0254.334] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0xc, wParam=0x0, lParam=0x2debf7c) returned 0x1
[0254.336] GetSystemMetrics (nIndex=5) returned 1
[0254.336] GetSystemMetrics (nIndex=6) returned 1
[0254.336] SendMessageW (hWnd=0x1a02d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0254.336] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0254.337] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0254.338] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0254.338] GetClientRect (in: hWnd=0x1a02d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0254.338] GetWindowRect (in: hWnd=0x1a02d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0254.338] GetParent (hWnd=0x1a02d0) returned 0x2502de
[0254.338] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502de, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0254.338] SendMessageW (hWnd=0x1a02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1a02d0) returned 0x0
[0254.338] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1a02d0) returned 0x0
[0254.338] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0254.339] GetParent (hWnd=0x1a02d0) returned 0x2502de
[0254.339] GetWindowLongW (hWnd=0x2502de, nIndex=-8) returned 458844
[0254.339] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0254.339] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0254.339] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x6d0107ec
[0254.339] GetDeviceCaps (hdc=0x6d0107ec, index=12) returned 32
[0254.339] GetDeviceCaps (hdc=0x6d0107ec, index=14) returned 1
[0254.339] DeleteDC (hdc=0x6d0107ec) returned 1
[0254.339] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0254.340] GetWindowThreadProcessId (in: hWnd=0x2502de, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0254.340] GetCurrentThreadId () returned 0xf50
[0254.340] PostMessageW (hWnd=0x2502de, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0254.340] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.340] GetSystemMetrics (nIndex=42) returned 0
[0254.340] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0254.340] GdipImageGetFrameDimensionsCount (image=0x66511d0, count=0xd7e25c) returned 0x0
[0254.340] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12013a0
[0254.340] GdipImageGetFrameDimensionsList (image=0x66511d0, dimensionIDs=0x12013a0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0254.340] LocalFree (hMem=0x12013a0) returned 0x0
[0254.340] GdipImageGetFrameDimensionsCount (image=0x6650168, count=0xd7e250) returned 0x0
[0254.340] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201520
[0254.340] GdipImageGetFrameDimensionsList (image=0x6650168, dimensionIDs=0x1201520*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0254.340] LocalFree (hMem=0x1201520) returned 0x0
[0254.341] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0254.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0254.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0254.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0254.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.353] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0254.353] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0254.353] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.353] GetSystemMetrics (nIndex=42) returned 0
[0254.353] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0254.353] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0254.353] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0254.353] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0254.353] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xf0507ef
[0254.354] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0254.354] SaveDC (hdc=0x107b9) returned 1
[0254.354] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0254.354] CreateSolidBrush (color=0xf0f0f0) returned 0xb01007e1
[0254.354] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0xb01007e1) returned 1
[0254.354] DeleteObject (ho=0xb01007e1) returned 1
[0254.354] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0254.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0254.355] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0254.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0254.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0254.355] GetStockObject (i=5) returned 0x900015
[0254.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0254.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0254.356] GetStockObject (i=5) returned 0x900015
[0254.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0254.356] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0254.356] GetStockObject (i=5) returned 0x900015
[0254.360] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0254.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0254.360] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0254.360] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0254.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0254.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0254.362] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0254.362] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0254.363] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.363] InvalidateRect (hWnd=0x2702d8, lpRect=0x0, bErase=0) returned 1
[0254.363] GetFocus () returned 0x2502de
[0254.363] GetFocus () returned 0x2502de
[0254.363] SetFocus (hWnd=0x2702d8) returned 0x2502de
[0254.364] GetFocus () returned 0x2702d8
[0254.364] IsChild (hWndParent=0x2502de, hWnd=0x2702d8) returned 1
[0254.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x8, wParam=0x2702d8, lParam=0x0) returned 0x0
[0254.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0254.367] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0254.368] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x7, wParam=0x2502de, lParam=0x0) returned 0x0
[0254.368] GetStockObject (i=5) returned 0x900015
[0254.369] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0254.369] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0254.369] GetDlgItem (hDlg=0x2502de, nIDDlgItem=2556632) returned 0x2702d8
[0254.369] SendMessageW (hWnd=0x2702d8, Msg=0x202b, wParam=0x2702d8, lParam=0xd7e0dc) returned 0x0
[0254.369] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x202b, wParam=0x2702d8, lParam=0xd7e0dc) returned 0x0
[0254.369] InvalidateRect (hWnd=0x2702d8, lpRect=0x0, bErase=0) returned 1
[0254.372] GetFocus () returned 0x2702d8
[0254.372] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.373] IsWindowUnicode (hWnd=0x2502de) returned 1
[0254.373] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.373] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.373] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.373] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0254.373] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.373] IsWindowUnicode (hWnd=0x2502de) returned 1
[0254.373] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.373] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.373] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.373] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0254.374] IsWindowUnicode (hWnd=0x2502de) returned 1
[0254.374] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.374] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.374] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.374] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.374] IsWindowUnicode (hWnd=0x602c4) returned 1
[0254.374] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.374] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.374] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.374] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0254.374] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0254.375] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.375] IsWindowUnicode (hWnd=0x2502de) returned 1
[0254.375] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.376] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.376] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.376] BeginPaint (in: hWnd=0x2502de, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0254.376] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.376] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.376] GetSystemMetrics (nIndex=42) returned 0
[0254.376] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0254.376] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.376] EndPaint (hWnd=0x2502de, lpPaint=0xd7e274) returned 1
[0254.377] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.377] IsWindowUnicode (hWnd=0x1b02ce) returned 1
[0254.377] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.378] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.378] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.378] BeginPaint (in: hWnd=0x1b02ce, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0254.378] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.379] CreateCompatibleDC (hdc=0x60100ce) returned 0x370107ee
[0254.379] SelectObject (hdc=0x370107ee, h=0x4a0507fe) returned 0x85000f
[0254.379] GdipCreateFromHDC (hdc=0x370107ee, graphics=0xd7e2b0) returned 0x0
[0254.379] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.379] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0254.379] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0254.379] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0254.379] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e310) returned 0x0
[0254.379] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.379] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0254.379] LocalFree (hMem=0x11ee868) returned 0x0
[0254.379] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0254.380] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0254.380] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0254.380] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e304) returned 0x0
[0254.380] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0254.380] GetWindowTextLengthW (hWnd=0x1b02ce) returned 0
[0254.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0254.380] GetSystemMetrics (nIndex=42) returned 0
[0254.380] GetWindowTextW (in: hWnd=0x1b02ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0254.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0254.380] GetClientRect (in: hWnd=0x1b02ce, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0254.380] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0254.380] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.380] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0254.380] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0254.380] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e164) returned 0x0
[0254.380] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.380] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0254.380] LocalFree (hMem=0x11eec58) returned 0x0
[0254.380] GdipCombineRegionRegion (region=0x6646298, region2=0x6646b98, combineMode=0x1) returned 0x0
[0254.381] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.381] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0254.381] LocalFree (hMem=0x11ee868) returned 0x0
[0254.381] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0254.381] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0254.381] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0254.381] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0254.381] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.381] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0254.381] GetCurrentObject (hdc=0x370107ee, type=0x1) returned 0xb00017
[0254.381] GetCurrentObject (hdc=0x370107ee, type=0x2) returned 0x900010
[0254.381] GetCurrentObject (hdc=0x370107ee, type=0x7) returned 0x4a0507fe
[0254.381] GetCurrentObject (hdc=0x370107ee, type=0x6) returned 0x8a01c2
[0254.381] SaveDC (hdc=0x370107ee) returned 1
[0254.381] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x920407de
[0254.381] GetClipRgn (hdc=0x370107ee, hrgn=0x920407de) returned 0
[0254.382] SelectClipRgn (hdc=0x370107ee, hrgn=0xf7040807) returned 2
[0254.382] DeleteObject (ho=0x920407de) returned 1
[0254.382] DeleteObject (ho=0xf7040807) returned 1
[0254.382] OffsetViewportOrgEx (in: hdc=0x370107ee, x=0, y=0, lppt=0x2df1adc | out: lppt=0x2df1adc) returned 1
[0254.382] GetNearestColor (hdc=0x370107ee, color=0xf0f0f0) returned 0xf0f0f0
[0254.382] CreateSolidBrush (color=0xf0f0f0) returned 0xb11007e1
[0254.382] FillRect (hDC=0x370107ee, lprc=0xd7e198, hbr=0xb11007e1) returned 1
[0254.382] DeleteObject (ho=0xb11007e1) returned 1
[0254.382] RestoreDC (hdc=0x370107ee, nSavedDC=-1) returned 1
[0254.382] GdipReleaseDC (graphics=0x6600030, hdc=0x370107ee) returned 0x0
[0254.382] GdipRestoreGraphics (graphics=0x6600030, state=0xf80c0dbd) returned 0x0
[0254.382] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0254.382] GetWindowTextLengthW (hWnd=0x1b02ce) returned 0
[0254.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0254.382] GetSystemMetrics (nIndex=42) returned 0
[0254.382] GetWindowTextW (in: hWnd=0x1b02ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0254.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0254.383] GdipGetImageWidth (image=0x66511d0, width=0xd7e1e0) returned 0x0
[0254.383] GdipGetImageHeight (image=0x66511d0, height=0xd7e1e0) returned 0x0
[0254.383] GdipGetImageWidth (image=0x66511d0, width=0xd7e1cc) returned 0x0
[0254.383] GdipGetImageHeight (image=0x66511d0, height=0xd7e1cc) returned 0x0
[0254.383] GdipDrawImageRectI (graphics=0x6600030, image=0x66511d0, x=16, y=16, width=32, height=32) returned 0x0
[0254.383] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0254.383] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x370107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.383] GdipReleaseDC (graphics=0x6600030, hdc=0x370107ee) returned 0x0
[0254.383] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.383] SelectObject (hdc=0x370107ee, h=0x85000f) returned 0x4a0507fe
[0254.383] DeleteDC (hdc=0x370107ee) returned 1
[0254.383] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.384] EndPaint (hWnd=0x1b02ce, lpPaint=0xd7e294) returned 1
[0254.384] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.384] IsWindowUnicode (hWnd=0x1f02c8) returned 1
[0254.384] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.384] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.384] SetCursor (hCursor=0x10003) returned 0x10003
[0254.384] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.384] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.385] _TrackMouseEvent (in: lpEventTrack=0x2df1ba8 | out: lpEventTrack=0x2df1ba8) returned 1
[0254.385] SendMessageW (hWnd=0x1f02c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0254.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0254.385] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.385] GetKeyState (nVirtKey=1) returned 0
[0254.385] GetKeyState (nVirtKey=2) returned 0
[0254.385] GetKeyState (nVirtKey=4) returned 0
[0254.385] GetKeyState (nVirtKey=5) returned 0
[0254.385] GetKeyState (nVirtKey=6) returned 0
[0254.385] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.385] IsWindowUnicode (hWnd=0x2502da) returned 1
[0254.385] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.385] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.385] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.385] BeginPaint (in: hWnd=0x2502da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0254.385] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.386] CreateCompatibleDC (hdc=0xc0107c5) returned 0x390107ee
[0254.386] GetObjectType (h=0xc0107c5) returned 0x3
[0254.386] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0x6e0507a1
[0254.386] GetDIBits (in: hdc=0xc0107c5, hbm=0x6e0507a1, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0254.386] GetDIBits (in: hdc=0xc0107c5, hbm=0x6e0507a1, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0254.386] DeleteObject (ho=0x6e0507a1) returned 1
[0254.386] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x760507ec
[0254.386] SelectObject (hdc=0x390107ee, h=0x760507ec) returned 0x85000f
[0254.386] GdipCreateFromHDC (hdc=0x390107ee, graphics=0xd7e234) returned 0x0
[0254.387] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.387] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0254.387] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0254.387] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0254.387] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2d4) returned 0x0
[0254.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0254.387] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea28) returned 0x0
[0254.387] LocalFree (hMem=0x11eea28) returned 0x0
[0254.387] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0254.387] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0254.387] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.393] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0254.393] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0254.393] GetWindowTextLengthW (hWnd=0x2502da) returned 232
[0254.393] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0254.393] GetSystemMetrics (nIndex=42) returned 0
[0254.393] GetWindowTextW (in: hWnd=0x2502da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0254.393] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0254.393] GetClientRect (in: hWnd=0x2502da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0254.393] GdipCreateRegion (region=0xd7e110) returned 0x0
[0254.393] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0254.394] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0254.394] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0254.394] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e128) returned 0x0
[0254.394] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0254.394] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea60) returned 0x0
[0254.394] LocalFree (hMem=0x11eea60) returned 0x0
[0254.394] GdipCombineRegionRegion (region=0x6646568, region2=0x6646298, combineMode=0x1) returned 0x0
[0254.394] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.394] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0254.394] LocalFree (hMem=0x11ee868) returned 0x0
[0254.394] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0254.394] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e150) returned 0x0
[0254.394] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e140) returned 0x0
[0254.394] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0254.394] GdipDeleteRegion (region=0x6646568) returned 0x0
[0254.394] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0254.394] GetCurrentObject (hdc=0x390107ee, type=0x1) returned 0xb00017
[0254.395] GetCurrentObject (hdc=0x390107ee, type=0x2) returned 0x900010
[0254.395] GetCurrentObject (hdc=0x390107ee, type=0x7) returned 0x760507ec
[0254.395] GetCurrentObject (hdc=0x390107ee, type=0x6) returned 0x8a01c2
[0254.395] SaveDC (hdc=0x390107ee) returned 1
[0254.395] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf8040807
[0254.395] GetClipRgn (hdc=0x390107ee, hrgn=0xf8040807) returned 0
[0254.395] SelectClipRgn (hdc=0x390107ee, hrgn=0x930407de) returned 2
[0254.395] DeleteObject (ho=0xf8040807) returned 1
[0254.395] DeleteObject (ho=0x930407de) returned 1
[0254.395] OffsetViewportOrgEx (in: hdc=0x390107ee, x=0, y=0, lppt=0x2df34fc | out: lppt=0x2df34fc) returned 1
[0254.395] GetNearestColor (hdc=0x390107ee, color=0xf0f0f0) returned 0xf0f0f0
[0254.395] CreateSolidBrush (color=0xf0f0f0) returned 0xb21007e1
[0254.395] FillRect (hDC=0x390107ee, lprc=0xd7e15c, hbr=0xb21007e1) returned 1
[0254.396] DeleteObject (ho=0xb21007e1) returned 1
[0254.396] RestoreDC (hdc=0x390107ee, nSavedDC=-1) returned 1
[0254.396] GdipReleaseDC (graphics=0x6600030, hdc=0x390107ee) returned 0x0
[0254.396] GdipRestoreGraphics (graphics=0x6600030, state=0xf80a0dbd) returned 0x0
[0254.396] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.397] GetWindowTextLengthW (hWnd=0x2502da) returned 232
[0254.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0254.397] GetSystemMetrics (nIndex=42) returned 0
[0254.397] GetWindowTextW (in: hWnd=0x2502da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0254.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0254.397] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0254.397] GetCurrentObject (hdc=0x390107ee, type=0x1) returned 0xb00017
[0254.397] GetCurrentObject (hdc=0x390107ee, type=0x2) returned 0x900010
[0254.397] GetCurrentObject (hdc=0x390107ee, type=0x7) returned 0x760507ec
[0254.397] GetCurrentObject (hdc=0x390107ee, type=0x6) returned 0x8a01c2
[0254.397] SaveDC (hdc=0x390107ee) returned 1
[0254.397] GetNearestColor (hdc=0x390107ee, color=0x0) returned 0x0
[0254.397] RestoreDC (hdc=0x390107ee, nSavedDC=-1) returned 1
[0254.397] GdipReleaseDC (graphics=0x6600030, hdc=0x390107ee) returned 0x0
[0254.398] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0254.398] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0254.398] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2df3cf8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0254.399] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0254.399] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0254.399] GetCurrentObject (hdc=0x390107ee, type=0x1) returned 0xb00017
[0254.399] GetCurrentObject (hdc=0x390107ee, type=0x2) returned 0x900010
[0254.399] GetCurrentObject (hdc=0x390107ee, type=0x7) returned 0x760507ec
[0254.399] GetCurrentObject (hdc=0x390107ee, type=0x6) returned 0x8a01c2
[0254.399] SaveDC (hdc=0x390107ee) returned 1
[0254.399] GetTextAlign (hdc=0x390107ee) returned 0x0
[0254.399] GetTextColor (hdc=0x390107ee) returned 0x0
[0254.399] GetCurrentObject (hdc=0x390107ee, type=0x6) returned 0x8a01c2
[0254.399] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0254.399] SelectObject (hdc=0x390107ee, h=0x6d0a0520) returned 0x8a01c2
[0254.400] GetBkMode (hdc=0x390107ee) returned 2
[0254.400] SetBkMode (hdc=0x390107ee, mode=1) returned 2
[0254.400] DrawTextExW (in: hdc=0x390107ee, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2df3f1c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0254.404] RestoreDC (hdc=0x390107ee, nSavedDC=-1) returned 1
[0254.404] GdipReleaseDC (graphics=0x6600030, hdc=0x390107ee) returned 0x0
[0254.404] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0254.404] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0x390107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.404] GdipReleaseDC (graphics=0x6600030, hdc=0x390107ee) returned 0x0
[0254.404] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.404] SelectObject (hdc=0x390107ee, h=0x85000f) returned 0x760507ec
[0254.405] DeleteDC (hdc=0x390107ee) returned 1
[0254.405] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.405] DeleteObject (ho=0x760507ec) returned 1
[0254.405] EndPaint (hWnd=0x2502da, lpPaint=0xd7e258) returned 1
[0254.406] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.406] IsWindowUnicode (hWnd=0x2702d8) returned 1
[0254.406] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.406] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.406] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.406] BeginPaint (in: hWnd=0x2702d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0254.406] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.406] CreateCompatibleDC (hdc=0x10105d6) returned 0x700107a1
[0254.406] SelectObject (hdc=0x700107a1, h=0x4a0507fe) returned 0x85000f
[0254.407] GdipCreateFromHDC (hdc=0x700107a1, graphics=0xd7e268) returned 0x0
[0254.407] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.407] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0254.407] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0254.407] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0254.407] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0254.407] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0254.407] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0254.407] LocalFree (hMem=0x11eea28) returned 0x0
[0254.407] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0254.407] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0254.408] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.408] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0254.408] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0254.408] GdipRestoreGraphics (graphics=0x6600030, state=0xf8080dbd) returned 0x0
[0254.408] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.408] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0254.408] GetCurrentObject (hdc=0x700107a1, type=0x1) returned 0xb00017
[0254.408] GetCurrentObject (hdc=0x700107a1, type=0x2) returned 0x900010
[0254.408] GetCurrentObject (hdc=0x700107a1, type=0x7) returned 0x4a0507fe
[0254.408] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.408] SaveDC (hdc=0x700107a1) returned 1
[0254.408] GetNearestColor (hdc=0x700107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.408] GetNearestColor (hdc=0x700107a1, color=0xa0a0a0) returned 0xa0a0a0
[0254.408] GetNearestColor (hdc=0x700107a1, color=0x696969) returned 0x696969
[0254.408] GetNearestColor (hdc=0x700107a1, color=0xa0a0a0) returned 0xa0a0a0
[0254.409] GetNearestColor (hdc=0x700107a1, color=0x0) returned 0x0
[0254.409] GetNearestColor (hdc=0x700107a1, color=0xffffff) returned 0xffffff
[0254.409] GetNearestColor (hdc=0x700107a1, color=0xe5e5e5) returned 0xe5e5e5
[0254.409] GetNearestColor (hdc=0x700107a1, color=0xd7d7d7) returned 0xd7d7d7
[0254.409] GetNearestColor (hdc=0x700107a1, color=0x0) returned 0x0
[0254.409] RestoreDC (hdc=0x700107a1, nSavedDC=-1) returned 1
[0254.409] GdipReleaseDC (graphics=0x6600030, hdc=0x700107a1) returned 0x0
[0254.409] IsAppThemed () returned 0x1
[0254.409] GetThemeAppProperties () returned 0x3
[0254.409] GetThemeAppProperties () returned 0x3
[0254.409] GdipGetImageWidth (image=0x6650168, width=0xd7e168) returned 0x0
[0254.409] GdipGetImageHeight (image=0x6650168, height=0xd7e168) returned 0x0
[0254.409] IsAppThemed () returned 0x1
[0254.410] GetThemeAppProperties () returned 0x3
[0254.410] GetThemeAppProperties () returned 0x3
[0254.410] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2df466c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0254.410] IsAppThemed () returned 0x1
[0254.410] GetThemeAppProperties () returned 0x3
[0254.410] GetThemeAppProperties () returned 0x3
[0254.410] IsAppThemed () returned 0x1
[0254.410] GetThemeAppProperties () returned 0x3
[0254.410] GetThemeAppProperties () returned 0x3
[0254.411] GetFocus () returned 0x2702d8
[0254.411] IsAppThemed () returned 0x1
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] IsAppThemed () returned 0x1
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] IsThemePartDefined () returned 0x1
[0254.411] IsAppThemed () returned 0x1
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0254.411] IsAppThemed () returned 0x1
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] GetThemeAppProperties () returned 0x3
[0254.411] IsAppThemed () returned 0x1
[0254.412] GetThemeAppProperties () returned 0x3
[0254.412] GetThemeAppProperties () returned 0x3
[0254.412] IsThemePartDefined () returned 0x1
[0254.412] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0254.412] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.412] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0254.412] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0254.412] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dff0) returned 0x0
[0254.412] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0254.412] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0254.412] LocalFree (hMem=0x11eecc8) returned 0x0
[0254.412] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.412] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0254.412] LocalFree (hMem=0x11ee788) returned 0x0
[0254.412] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0254.412] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0254.412] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0254.412] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0254.412] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.413] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0254.413] GetCurrentObject (hdc=0x700107a1, type=0x1) returned 0xb00017
[0254.413] GetCurrentObject (hdc=0x700107a1, type=0x2) returned 0x900010
[0254.413] GetCurrentObject (hdc=0x700107a1, type=0x7) returned 0x4a0507fe
[0254.413] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.413] SaveDC (hdc=0x700107a1) returned 1
[0254.413] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x940407de
[0254.413] GetClipRgn (hdc=0x700107a1, hrgn=0x940407de) returned 0
[0254.413] SelectClipRgn (hdc=0x700107a1, hrgn=0xfc040807) returned 2
[0254.413] DeleteObject (ho=0x940407de) returned 1
[0254.413] DeleteObject (ho=0xfc040807) returned 1
[0254.413] OffsetViewportOrgEx (in: hdc=0x700107a1, x=0, y=0, lppt=0x2df4d1c | out: lppt=0x2df4d1c) returned 1
[0254.413] DrawThemeParentBackground () returned 0x0
[0254.414] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0254.414] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0254.414] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.414] GetSystemMetrics (nIndex=42) returned 0
[0254.414] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0254.414] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0254.414] GetCurrentObject (hdc=0x700107a1, type=0x1) returned 0xb00017
[0254.414] GetCurrentObject (hdc=0x700107a1, type=0x2) returned 0x900010
[0254.414] GetCurrentObject (hdc=0x700107a1, type=0x7) returned 0x4a0507fe
[0254.414] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.414] SaveDC (hdc=0x700107a1) returned 2
[0254.414] GetNearestColor (hdc=0x700107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.414] CreateSolidBrush (color=0xf0f0f0) returned 0xb31007e1
[0254.414] FillRect (hDC=0x700107a1, lprc=0xd7da38, hbr=0xb31007e1) returned 1
[0254.414] DeleteObject (ho=0xb31007e1) returned 1
[0254.415] RestoreDC (hdc=0x700107a1, nSavedDC=-1) returned 1
[0254.415] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.415] GetSystemMetrics (nIndex=42) returned 0
[0254.415] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0254.415] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0254.415] GetCurrentObject (hdc=0x700107a1, type=0x1) returned 0xb00017
[0254.415] GetCurrentObject (hdc=0x700107a1, type=0x2) returned 0x900010
[0254.415] GetCurrentObject (hdc=0x700107a1, type=0x7) returned 0x4a0507fe
[0254.415] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.415] SaveDC (hdc=0x700107a1) returned 2
[0254.415] GetNearestColor (hdc=0x700107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.415] CreateSolidBrush (color=0xf0f0f0) returned 0xb41007e1
[0254.415] FillRect (hDC=0x700107a1, lprc=0xd7d9d8, hbr=0xb41007e1) returned 1
[0254.415] DeleteObject (ho=0xb41007e1) returned 1
[0254.415] RestoreDC (hdc=0x700107a1, nSavedDC=-1) returned 1
[0254.415] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.416] GetSystemMetrics (nIndex=42) returned 0
[0254.416] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0254.416] RestoreDC (hdc=0x700107a1, nSavedDC=-1) returned 1
[0254.416] GdipReleaseDC (graphics=0x6600030, hdc=0x700107a1) returned 0x0
[0254.416] IsAppThemed () returned 0x1
[0254.416] GetThemeAppProperties () returned 0x3
[0254.416] GetThemeAppProperties () returned 0x3
[0254.416] IsAppThemed () returned 0x1
[0254.416] GetThemeAppProperties () returned 0x3
[0254.416] GetThemeAppProperties () returned 0x3
[0254.416] IsThemePartDefined () returned 0x1
[0254.416] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0254.416] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0254.416] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0254.416] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0254.416] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0254.417] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eecc8) returned 0x0
[0254.417] LocalFree (hMem=0x11eecc8) returned 0x0
[0254.417] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0254.417] LocalFree (hMem=0x11ee788) returned 0x0
[0254.417] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0254.417] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0254.417] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0254.417] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0254.417] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0254.417] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0254.417] GetCurrentObject (hdc=0x700107a1, type=0x1) returned 0xb00017
[0254.417] GetCurrentObject (hdc=0x700107a1, type=0x2) returned 0x900010
[0254.417] GetCurrentObject (hdc=0x700107a1, type=0x7) returned 0x4a0507fe
[0254.417] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.417] SaveDC (hdc=0x700107a1) returned 1
[0254.417] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfd040807
[0254.417] GetClipRgn (hdc=0x700107a1, hrgn=0xfd040807) returned 0
[0254.417] SelectClipRgn (hdc=0x700107a1, hrgn=0x960407de) returned 2
[0254.418] DeleteObject (ho=0xfd040807) returned 1
[0254.418] DeleteObject (ho=0x960407de) returned 1
[0254.418] OffsetViewportOrgEx (in: hdc=0x700107a1, x=0, y=0, lppt=0x2df55c8 | out: lppt=0x2df55c8) returned 1
[0254.418] IsAppThemed () returned 0x1
[0254.418] GetThemeAppProperties () returned 0x3
[0254.418] GetThemeAppProperties () returned 0x3
[0254.418] DrawThemeBackground () returned 0x0
[0254.418] RestoreDC (hdc=0x700107a1, nSavedDC=-1) returned 1
[0254.418] GdipReleaseDC (graphics=0x6600030, hdc=0x700107a1) returned 0x0
[0254.418] GdipCreateRegion (region=0xd7df60) returned 0x0
[0254.418] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.418] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0254.418] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0254.418] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df78) returned 0x0
[0254.418] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0254.418] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea28) returned 0x0
[0254.418] LocalFree (hMem=0x11eea28) returned 0x0
[0254.418] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.418] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0254.419] LocalFree (hMem=0x11ee868) returned 0x0
[0254.419] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0254.424] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0254.424] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0254.424] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0254.424] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.424] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0254.424] GetCurrentObject (hdc=0x700107a1, type=0x1) returned 0xb00017
[0254.424] GetCurrentObject (hdc=0x700107a1, type=0x2) returned 0x900010
[0254.424] GetCurrentObject (hdc=0x700107a1, type=0x7) returned 0x4a0507fe
[0254.424] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.424] SaveDC (hdc=0x700107a1) returned 1
[0254.425] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x970407de
[0254.425] GetClipRgn (hdc=0x700107a1, hrgn=0x970407de) returned 0
[0254.425] SelectClipRgn (hdc=0x700107a1, hrgn=0xfe040807) returned 2
[0254.425] DeleteObject (ho=0x970407de) returned 1
[0254.425] DeleteObject (ho=0xfe040807) returned 1
[0254.425] OffsetViewportOrgEx (in: hdc=0x700107a1, x=0, y=0, lppt=0x2df589c | out: lppt=0x2df589c) returned 1
[0254.425] IsAppThemed () returned 0x1
[0254.425] GetThemeAppProperties () returned 0x3
[0254.425] GetThemeAppProperties () returned 0x3
[0254.425] GetThemeBackgroundContentRect () returned 0x0
[0254.425] RestoreDC (hdc=0x700107a1, nSavedDC=-1) returned 1
[0254.425] GdipReleaseDC (graphics=0x6600030, hdc=0x700107a1) returned 0x0
[0254.425] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0254.425] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0254.425] GdipCloneRegion (region=0x6646b98, cloneRegion=0xd7e150) returned 0x0
[0254.425] GdipCombineRegionRectI (region=0x6646718, rect=0xd7e138, combineMode=0x1) returned 0x0
[0254.425] GdipCombineRegionRectI (region=0x6646718, rect=0xd7e138, combineMode=0x1) returned 0x0
[0254.425] GdipSetClipRegion (graphics=0x6600030, region=0x6646718, combineMode=0x0) returned 0x0
[0254.426] GdipGetImageWidth (image=0x6650168, width=0xd7e154) returned 0x0
[0254.426] GdipGetImageHeight (image=0x6650168, height=0xd7e148) returned 0x0
[0254.426] GdipDrawImageRectI (graphics=0x6600030, image=0x6650168, x=4, y=4, width=16, height=16) returned 0x0
[0254.426] GdipSetClipRegion (graphics=0x6600030, region=0x6646b98, combineMode=0x0) returned 0x0
[0254.426] IsAppThemed () returned 0x1
[0254.426] GetThemeAppProperties () returned 0x3
[0254.426] GetThemeAppProperties () returned 0x3
[0254.426] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0254.426] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0254.426] GetCurrentObject (hdc=0x700107a1, type=0x1) returned 0xb00017
[0254.426] GetCurrentObject (hdc=0x700107a1, type=0x2) returned 0x900010
[0254.426] GetCurrentObject (hdc=0x700107a1, type=0x7) returned 0x4a0507fe
[0254.426] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.426] SaveDC (hdc=0x700107a1) returned 1
[0254.426] GetTextAlign (hdc=0x700107a1) returned 0x0
[0254.426] GetTextColor (hdc=0x700107a1) returned 0x0
[0254.426] GetCurrentObject (hdc=0x700107a1, type=0x6) returned 0x8a01c2
[0254.427] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0254.427] SelectObject (hdc=0x700107a1, h=0x6d0a0520) returned 0x8a01c2
[0254.427] GetBkMode (hdc=0x700107a1) returned 2
[0254.427] SetBkMode (hdc=0x700107a1, mode=1) returned 2
[0254.427] DrawTextExW (in: hdc=0x700107a1, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2df5c5c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0254.427] DrawTextExW (in: hdc=0x700107a1, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2df5c5c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0254.427] RestoreDC (hdc=0x700107a1, nSavedDC=-1) returned 1
[0254.428] GdipReleaseDC (graphics=0x6600030, hdc=0x700107a1) returned 0x0
[0254.428] GetFocus () returned 0x2702d8
[0254.428] IsAppThemed () returned 0x1
[0254.428] GetThemeAppProperties () returned 0x3
[0254.428] GetThemeAppProperties () returned 0x3
[0254.428] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0254.428] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x700107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.428] GdipReleaseDC (graphics=0x6600030, hdc=0x700107a1) returned 0x0
[0254.428] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.428] SelectObject (hdc=0x700107a1, h=0x85000f) returned 0x4a0507fe
[0254.428] DeleteDC (hdc=0x700107a1) returned 1
[0254.428] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.428] EndPaint (hWnd=0x2702d8, lpPaint=0xd7e24c) returned 1
[0254.429] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.429] IsWindowUnicode (hWnd=0x1f02c8) returned 1
[0254.429] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.429] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.429] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.429] BeginPaint (in: hWnd=0x1f02c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0254.429] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.429] CreateCompatibleDC (hdc=0xf0105ee) returned 0x720107a1
[0254.429] SelectObject (hdc=0x720107a1, h=0x4a0507fe) returned 0x85000f
[0254.429] GdipCreateFromHDC (hdc=0x720107a1, graphics=0xd7e268) returned 0x0
[0254.430] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.430] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0254.430] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0254.430] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0254.430] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0254.430] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.430] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0254.430] LocalFree (hMem=0x11ee788) returned 0x0
[0254.430] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0254.430] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0254.430] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.430] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0254.430] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0254.430] GdipRestoreGraphics (graphics=0x6600030, state=0xf8060dbd) returned 0x0
[0254.430] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.430] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0254.430] GetCurrentObject (hdc=0x720107a1, type=0x1) returned 0xb00017
[0254.431] GetCurrentObject (hdc=0x720107a1, type=0x2) returned 0x900010
[0254.431] GetCurrentObject (hdc=0x720107a1, type=0x7) returned 0x4a0507fe
[0254.431] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.431] SaveDC (hdc=0x720107a1) returned 1
[0254.431] GetNearestColor (hdc=0x720107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.431] GetNearestColor (hdc=0x720107a1, color=0xa0a0a0) returned 0xa0a0a0
[0254.431] GetNearestColor (hdc=0x720107a1, color=0x696969) returned 0x696969
[0254.431] GetNearestColor (hdc=0x720107a1, color=0xa0a0a0) returned 0xa0a0a0
[0254.431] GetNearestColor (hdc=0x720107a1, color=0x0) returned 0x0
[0254.431] GetNearestColor (hdc=0x720107a1, color=0xffffff) returned 0xffffff
[0254.431] GetNearestColor (hdc=0x720107a1, color=0xe5e5e5) returned 0xe5e5e5
[0254.431] GetNearestColor (hdc=0x720107a1, color=0xd7d7d7) returned 0xd7d7d7
[0254.431] GetNearestColor (hdc=0x720107a1, color=0x0) returned 0x0
[0254.431] RestoreDC (hdc=0x720107a1, nSavedDC=-1) returned 1
[0254.432] GdipReleaseDC (graphics=0x6600030, hdc=0x720107a1) returned 0x0
[0254.432] IsAppThemed () returned 0x1
[0254.432] GetThemeAppProperties () returned 0x3
[0254.432] GetThemeAppProperties () returned 0x3
[0254.432] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0254.432] SendMessageW (hWnd=0x2502de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0254.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0254.432] IsAppThemed () returned 0x1
[0254.432] GetThemeAppProperties () returned 0x3
[0254.432] GetThemeAppProperties () returned 0x3
[0254.432] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2df646c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0254.432] IsAppThemed () returned 0x1
[0254.432] GetThemeAppProperties () returned 0x3
[0254.432] GetThemeAppProperties () returned 0x3
[0254.432] IsAppThemed () returned 0x1
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] IsAppThemed () returned 0x1
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] IsAppThemed () returned 0x1
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] IsThemePartDefined () returned 0x1
[0254.433] IsAppThemed () returned 0x1
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0254.433] IsAppThemed () returned 0x1
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] IsAppThemed () returned 0x1
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] GetThemeAppProperties () returned 0x3
[0254.433] IsThemePartDefined () returned 0x1
[0254.433] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0254.433] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.433] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0254.434] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0254.434] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfe4) returned 0x0
[0254.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0254.434] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0254.434] LocalFree (hMem=0x11eea28) returned 0x0
[0254.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.434] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0254.434] LocalFree (hMem=0x11ee788) returned 0x0
[0254.434] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0254.434] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0254.434] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0254.434] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0254.434] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.443] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0254.443] GetCurrentObject (hdc=0x720107a1, type=0x1) returned 0xb00017
[0254.443] GetCurrentObject (hdc=0x720107a1, type=0x2) returned 0x900010
[0254.443] GetCurrentObject (hdc=0x720107a1, type=0x7) returned 0x4a0507fe
[0254.443] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.443] SaveDC (hdc=0x720107a1) returned 1
[0254.443] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff040807
[0254.443] GetClipRgn (hdc=0x720107a1, hrgn=0xff040807) returned 0
[0254.444] SelectClipRgn (hdc=0x720107a1, hrgn=0x9b0407de) returned 2
[0254.444] DeleteObject (ho=0xff040807) returned 1
[0254.444] DeleteObject (ho=0x9b0407de) returned 1
[0254.444] OffsetViewportOrgEx (in: hdc=0x720107a1, x=0, y=0, lppt=0x2df6b1c | out: lppt=0x2df6b1c) returned 1
[0254.444] DrawThemeParentBackground () returned 0x0
[0254.444] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0254.444] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0254.444] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.444] GetSystemMetrics (nIndex=42) returned 0
[0254.444] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0254.444] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0254.444] GetCurrentObject (hdc=0x720107a1, type=0x1) returned 0xb00017
[0254.444] GetCurrentObject (hdc=0x720107a1, type=0x2) returned 0x900010
[0254.445] GetCurrentObject (hdc=0x720107a1, type=0x7) returned 0x4a0507fe
[0254.445] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.445] SaveDC (hdc=0x720107a1) returned 2
[0254.445] GetNearestColor (hdc=0x720107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.445] CreateSolidBrush (color=0xf0f0f0) returned 0xb51007e1
[0254.445] FillRect (hDC=0x720107a1, lprc=0xd7da30, hbr=0xb51007e1) returned 1
[0254.445] DeleteObject (ho=0xb51007e1) returned 1
[0254.445] RestoreDC (hdc=0x720107a1, nSavedDC=-1) returned 1
[0254.445] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.445] GetSystemMetrics (nIndex=42) returned 0
[0254.445] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0254.445] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0254.445] GetCurrentObject (hdc=0x720107a1, type=0x1) returned 0xb00017
[0254.445] GetCurrentObject (hdc=0x720107a1, type=0x2) returned 0x900010
[0254.446] GetCurrentObject (hdc=0x720107a1, type=0x7) returned 0x4a0507fe
[0254.446] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.446] SaveDC (hdc=0x720107a1) returned 2
[0254.446] GetNearestColor (hdc=0x720107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.446] CreateSolidBrush (color=0xf0f0f0) returned 0xb61007e1
[0254.446] FillRect (hDC=0x720107a1, lprc=0xd7d9d0, hbr=0xb61007e1) returned 1
[0254.446] DeleteObject (ho=0xb61007e1) returned 1
[0254.446] RestoreDC (hdc=0x720107a1, nSavedDC=-1) returned 1
[0254.446] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.446] GetSystemMetrics (nIndex=42) returned 0
[0254.446] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0254.446] RestoreDC (hdc=0x720107a1, nSavedDC=-1) returned 1
[0254.447] GdipReleaseDC (graphics=0x6600030, hdc=0x720107a1) returned 0x0
[0254.447] IsAppThemed () returned 0x1
[0254.447] GetThemeAppProperties () returned 0x3
[0254.447] GetThemeAppProperties () returned 0x3
[0254.447] IsAppThemed () returned 0x1
[0254.447] GetThemeAppProperties () returned 0x3
[0254.447] GetThemeAppProperties () returned 0x3
[0254.447] IsThemePartDefined () returned 0x1
[0254.447] GdipCreateRegion (region=0xd7df50) returned 0x0
[0254.447] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.447] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0254.447] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0254.447] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0254.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.447] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0254.447] LocalFree (hMem=0x11ee868) returned 0x0
[0254.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0254.447] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eed00) returned 0x0
[0254.448] LocalFree (hMem=0x11eed00) returned 0x0
[0254.448] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0254.448] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0254.448] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df80) returned 0x0
[0254.448] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0254.448] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.448] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0254.448] GetCurrentObject (hdc=0x720107a1, type=0x1) returned 0xb00017
[0254.448] GetCurrentObject (hdc=0x720107a1, type=0x2) returned 0x900010
[0254.448] GetCurrentObject (hdc=0x720107a1, type=0x7) returned 0x4a0507fe
[0254.448] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.448] SaveDC (hdc=0x720107a1) returned 1
[0254.448] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9c0407de
[0254.448] GetClipRgn (hdc=0x720107a1, hrgn=0x9c0407de) returned 0
[0254.448] SelectClipRgn (hdc=0x720107a1, hrgn=0x1040807) returned 2
[0254.448] DeleteObject (ho=0x9c0407de) returned 1
[0254.449] DeleteObject (ho=0x1040807) returned 1
[0254.449] OffsetViewportOrgEx (in: hdc=0x720107a1, x=0, y=0, lppt=0x2df73c8 | out: lppt=0x2df73c8) returned 1
[0254.449] IsAppThemed () returned 0x1
[0254.449] GetThemeAppProperties () returned 0x3
[0254.449] GetThemeAppProperties () returned 0x3
[0254.449] DrawThemeBackground () returned 0x0
[0254.449] RestoreDC (hdc=0x720107a1, nSavedDC=-1) returned 1
[0254.449] GdipReleaseDC (graphics=0x6600030, hdc=0x720107a1) returned 0x0
[0254.449] GdipCreateRegion (region=0xd7df54) returned 0x0
[0254.449] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0254.449] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0254.449] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0254.449] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df6c) returned 0x0
[0254.449] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.449] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0254.449] LocalFree (hMem=0x11eec58) returned 0x0
[0254.449] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.449] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0254.450] LocalFree (hMem=0x11eec58) returned 0x0
[0254.450] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0254.450] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7df94) returned 0x0
[0254.450] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7df84) returned 0x0
[0254.450] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0254.450] GdipDeleteRegion (region=0x6646568) returned 0x0
[0254.450] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0254.455] GetCurrentObject (hdc=0x720107a1, type=0x1) returned 0xb00017
[0254.455] GetCurrentObject (hdc=0x720107a1, type=0x2) returned 0x900010
[0254.455] GetCurrentObject (hdc=0x720107a1, type=0x7) returned 0x4a0507fe
[0254.455] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.455] SaveDC (hdc=0x720107a1) returned 1
[0254.455] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2040807
[0254.455] GetClipRgn (hdc=0x720107a1, hrgn=0x2040807) returned 0
[0254.455] SelectClipRgn (hdc=0x720107a1, hrgn=0x9d0407de) returned 2
[0254.455] DeleteObject (ho=0x2040807) returned 1
[0254.455] DeleteObject (ho=0x9d0407de) returned 1
[0254.455] OffsetViewportOrgEx (in: hdc=0x720107a1, x=0, y=0, lppt=0x2df769c | out: lppt=0x2df769c) returned 1
[0254.455] IsAppThemed () returned 0x1
[0254.455] GetThemeAppProperties () returned 0x3
[0254.455] GetThemeAppProperties () returned 0x3
[0254.455] GetThemeBackgroundContentRect () returned 0x0
[0254.455] RestoreDC (hdc=0x720107a1, nSavedDC=-1) returned 1
[0254.456] GdipReleaseDC (graphics=0x6600030, hdc=0x720107a1) returned 0x0
[0254.456] IsAppThemed () returned 0x1
[0254.456] GetThemeAppProperties () returned 0x3
[0254.456] GetThemeAppProperties () returned 0x3
[0254.456] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0254.456] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0254.456] GetCurrentObject (hdc=0x720107a1, type=0x1) returned 0xb00017
[0254.456] GetCurrentObject (hdc=0x720107a1, type=0x2) returned 0x900010
[0254.456] GetCurrentObject (hdc=0x720107a1, type=0x7) returned 0x4a0507fe
[0254.456] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.456] SaveDC (hdc=0x720107a1) returned 1
[0254.456] GetTextAlign (hdc=0x720107a1) returned 0x0
[0254.456] GetTextColor (hdc=0x720107a1) returned 0x0
[0254.456] GetCurrentObject (hdc=0x720107a1, type=0x6) returned 0x8a01c2
[0254.456] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0254.457] SelectObject (hdc=0x720107a1, h=0x6d0a0520) returned 0x8a01c2
[0254.457] GetBkMode (hdc=0x720107a1) returned 2
[0254.457] SetBkMode (hdc=0x720107a1, mode=1) returned 2
[0254.457] DrawTextExW (in: hdc=0x720107a1, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2df7a3c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0254.457] DrawTextExW (in: hdc=0x720107a1, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2df7a3c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0254.457] RestoreDC (hdc=0x720107a1, nSavedDC=-1) returned 1
[0254.457] GdipReleaseDC (graphics=0x6600030, hdc=0x720107a1) returned 0x0
[0254.458] GetFocus () returned 0x2702d8
[0254.458] IsAppThemed () returned 0x1
[0254.458] GetThemeAppProperties () returned 0x3
[0254.458] GetThemeAppProperties () returned 0x3
[0254.458] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0254.458] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x720107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.458] GdipReleaseDC (graphics=0x6600030, hdc=0x720107a1) returned 0x0
[0254.458] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.458] SelectObject (hdc=0x720107a1, h=0x85000f) returned 0x4a0507fe
[0254.458] DeleteDC (hdc=0x720107a1) returned 1
[0254.458] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.458] EndPaint (hWnd=0x1f02c8, lpPaint=0xd7e24c) returned 1
[0254.459] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.459] IsWindowUnicode (hWnd=0x2800ea) returned 1
[0254.459] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.459] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.459] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.459] BeginPaint (in: hWnd=0x2800ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0254.459] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.459] CreateCompatibleDC (hdc=0x60100ce) returned 0x740107a1
[0254.459] SelectObject (hdc=0x740107a1, h=0x4a0507fe) returned 0x85000f
[0254.459] GdipCreateFromHDC (hdc=0x740107a1, graphics=0xd7e268) returned 0x0
[0254.460] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.460] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0254.460] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0254.460] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0254.460] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0254.460] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.460] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0254.460] LocalFree (hMem=0x11eec58) returned 0x0
[0254.460] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0254.460] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0254.460] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.460] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0254.460] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0254.460] GdipRestoreGraphics (graphics=0x6600030, state=0xf8040dbd) returned 0x0
[0254.460] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.460] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0254.460] GetCurrentObject (hdc=0x740107a1, type=0x1) returned 0xb00017
[0254.460] GetCurrentObject (hdc=0x740107a1, type=0x2) returned 0x900010
[0254.460] GetCurrentObject (hdc=0x740107a1, type=0x7) returned 0x4a0507fe
[0254.461] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.461] SaveDC (hdc=0x740107a1) returned 1
[0254.461] GetNearestColor (hdc=0x740107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.461] GetNearestColor (hdc=0x740107a1, color=0xa0a0a0) returned 0xa0a0a0
[0254.461] GetNearestColor (hdc=0x740107a1, color=0x696969) returned 0x696969
[0254.461] GetNearestColor (hdc=0x740107a1, color=0xa0a0a0) returned 0xa0a0a0
[0254.461] GetNearestColor (hdc=0x740107a1, color=0x0) returned 0x0
[0254.461] GetNearestColor (hdc=0x740107a1, color=0xffffff) returned 0xffffff
[0254.461] GetNearestColor (hdc=0x740107a1, color=0xe5e5e5) returned 0xe5e5e5
[0254.461] GetNearestColor (hdc=0x740107a1, color=0xd7d7d7) returned 0xd7d7d7
[0254.461] GetNearestColor (hdc=0x740107a1, color=0x0) returned 0x0
[0254.461] RestoreDC (hdc=0x740107a1, nSavedDC=-1) returned 1
[0254.461] GdipReleaseDC (graphics=0x6600030, hdc=0x740107a1) returned 0x0
[0254.461] IsAppThemed () returned 0x1
[0254.461] GetThemeAppProperties () returned 0x3
[0254.461] GetThemeAppProperties () returned 0x3
[0254.462] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0254.462] SendMessageW (hWnd=0x2502de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0254.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0254.462] IsAppThemed () returned 0x1
[0254.462] GetThemeAppProperties () returned 0x3
[0254.462] GetThemeAppProperties () returned 0x3
[0254.462] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2df824c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0254.462] IsAppThemed () returned 0x1
[0254.462] GetThemeAppProperties () returned 0x3
[0254.462] GetThemeAppProperties () returned 0x3
[0254.462] IsAppThemed () returned 0x1
[0254.462] GetThemeAppProperties () returned 0x3
[0254.462] GetThemeAppProperties () returned 0x3
[0254.462] GetFocus () returned 0x2702d8
[0254.462] IsAppThemed () returned 0x1
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] IsAppThemed () returned 0x1
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] IsThemePartDefined () returned 0x1
[0254.463] IsAppThemed () returned 0x1
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0254.463] IsAppThemed () returned 0x1
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] IsAppThemed () returned 0x1
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] GetThemeAppProperties () returned 0x3
[0254.463] IsThemePartDefined () returned 0x1
[0254.463] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0254.463] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0254.463] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0254.463] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0254.463] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0254.464] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea60) returned 0x0
[0254.464] LocalFree (hMem=0x11eea60) returned 0x0
[0254.464] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea28) returned 0x0
[0254.464] LocalFree (hMem=0x11eea28) returned 0x0
[0254.464] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0254.464] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e018) returned 0x0
[0254.464] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e008) returned 0x0
[0254.464] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0254.464] GdipDeleteRegion (region=0x6646568) returned 0x0
[0254.464] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0254.464] GetCurrentObject (hdc=0x740107a1, type=0x1) returned 0xb00017
[0254.464] GetCurrentObject (hdc=0x740107a1, type=0x2) returned 0x900010
[0254.464] GetCurrentObject (hdc=0x740107a1, type=0x7) returned 0x4a0507fe
[0254.464] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.464] SaveDC (hdc=0x740107a1) returned 1
[0254.464] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9e0407de
[0254.464] GetClipRgn (hdc=0x740107a1, hrgn=0x9e0407de) returned 0
[0254.464] SelectClipRgn (hdc=0x740107a1, hrgn=0x6040807) returned 2
[0254.465] DeleteObject (ho=0x9e0407de) returned 1
[0254.465] DeleteObject (ho=0x6040807) returned 1
[0254.465] OffsetViewportOrgEx (in: hdc=0x740107a1, x=0, y=0, lppt=0x2df88fc | out: lppt=0x2df88fc) returned 1
[0254.465] DrawThemeParentBackground () returned 0x0
[0254.465] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0254.465] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0254.465] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.465] GetSystemMetrics (nIndex=42) returned 0
[0254.465] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0254.465] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0254.465] GetCurrentObject (hdc=0x740107a1, type=0x1) returned 0xb00017
[0254.465] GetCurrentObject (hdc=0x740107a1, type=0x2) returned 0x900010
[0254.465] GetCurrentObject (hdc=0x740107a1, type=0x7) returned 0x4a0507fe
[0254.498] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.498] SaveDC (hdc=0x740107a1) returned 2
[0254.498] GetNearestColor (hdc=0x740107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.498] CreateSolidBrush (color=0xf0f0f0) returned 0xb71007e1
[0254.498] FillRect (hDC=0x740107a1, lprc=0xd7da38, hbr=0xb71007e1) returned 1
[0254.498] DeleteObject (ho=0xb71007e1) returned 1
[0254.498] RestoreDC (hdc=0x740107a1, nSavedDC=-1) returned 1
[0254.498] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.498] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.498] GetSystemMetrics (nIndex=42) returned 0
[0254.498] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.498] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0254.499] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0254.499] GetCurrentObject (hdc=0x740107a1, type=0x1) returned 0xb00017
[0254.499] GetCurrentObject (hdc=0x740107a1, type=0x2) returned 0x900010
[0254.499] GetCurrentObject (hdc=0x740107a1, type=0x7) returned 0x4a0507fe
[0254.499] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.499] SaveDC (hdc=0x740107a1) returned 2
[0254.499] GetNearestColor (hdc=0x740107a1, color=0xf0f0f0) returned 0xf0f0f0
[0254.499] CreateSolidBrush (color=0xf0f0f0) returned 0xb81007e1
[0254.499] FillRect (hDC=0x740107a1, lprc=0xd7d9d8, hbr=0xb81007e1) returned 1
[0254.499] DeleteObject (ho=0xb81007e1) returned 1
[0254.499] RestoreDC (hdc=0x740107a1, nSavedDC=-1) returned 1
[0254.499] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.499] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.499] GetSystemMetrics (nIndex=42) returned 0
[0254.499] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.499] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0254.500] RestoreDC (hdc=0x740107a1, nSavedDC=-1) returned 1
[0254.500] GdipReleaseDC (graphics=0x6600030, hdc=0x740107a1) returned 0x0
[0254.500] IsAppThemed () returned 0x1
[0254.500] GetThemeAppProperties () returned 0x3
[0254.500] GetThemeAppProperties () returned 0x3
[0254.500] IsAppThemed () returned 0x1
[0254.500] GetThemeAppProperties () returned 0x3
[0254.500] GetThemeAppProperties () returned 0x3
[0254.500] IsThemePartDefined () returned 0x1
[0254.500] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0254.500] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.500] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0254.500] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0254.500] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df74) returned 0x0
[0254.500] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.501] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0254.501] LocalFree (hMem=0x11ee788) returned 0x0
[0254.501] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0254.501] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea28) returned 0x0
[0254.501] LocalFree (hMem=0x11eea28) returned 0x0
[0254.501] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0254.501] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0254.501] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0254.501] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0254.501] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.501] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0254.501] GetCurrentObject (hdc=0x740107a1, type=0x1) returned 0xb00017
[0254.501] GetCurrentObject (hdc=0x740107a1, type=0x2) returned 0x900010
[0254.501] GetCurrentObject (hdc=0x740107a1, type=0x7) returned 0x4a0507fe
[0254.501] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.501] SaveDC (hdc=0x740107a1) returned 1
[0254.502] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7040807
[0254.502] GetClipRgn (hdc=0x740107a1, hrgn=0x7040807) returned 0
[0254.502] SelectClipRgn (hdc=0x740107a1, hrgn=0xa00407de) returned 2
[0254.502] DeleteObject (ho=0x7040807) returned 1
[0254.502] DeleteObject (ho=0xa00407de) returned 1
[0254.502] OffsetViewportOrgEx (in: hdc=0x740107a1, x=0, y=0, lppt=0x2df91a8 | out: lppt=0x2df91a8) returned 1
[0254.502] IsAppThemed () returned 0x1
[0254.502] GetThemeAppProperties () returned 0x3
[0254.502] GetThemeAppProperties () returned 0x3
[0254.502] DrawThemeBackground () returned 0x0
[0254.502] RestoreDC (hdc=0x740107a1, nSavedDC=-1) returned 1
[0254.502] GdipReleaseDC (graphics=0x6600030, hdc=0x740107a1) returned 0x0
[0254.502] GdipCreateRegion (region=0xd7df60) returned 0x0
[0254.502] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.502] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0254.502] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0254.503] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0254.503] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0254.503] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0254.503] LocalFree (hMem=0x11eecc8) returned 0x0
[0254.503] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.503] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0254.503] LocalFree (hMem=0x11eec58) returned 0x0
[0254.503] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0254.503] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0254.503] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0254.503] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0254.503] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.503] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0254.503] GetCurrentObject (hdc=0x740107a1, type=0x1) returned 0xb00017
[0254.503] GetCurrentObject (hdc=0x740107a1, type=0x2) returned 0x900010
[0254.503] GetCurrentObject (hdc=0x740107a1, type=0x7) returned 0x4a0507fe
[0254.503] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.504] SaveDC (hdc=0x740107a1) returned 1
[0254.504] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa10407de
[0254.504] GetClipRgn (hdc=0x740107a1, hrgn=0xa10407de) returned 0
[0254.504] SelectClipRgn (hdc=0x740107a1, hrgn=0x8040807) returned 2
[0254.504] DeleteObject (ho=0xa10407de) returned 1
[0254.504] DeleteObject (ho=0x8040807) returned 1
[0254.504] OffsetViewportOrgEx (in: hdc=0x740107a1, x=0, y=0, lppt=0x2df947c | out: lppt=0x2df947c) returned 1
[0254.504] IsAppThemed () returned 0x1
[0254.504] GetThemeAppProperties () returned 0x3
[0254.504] GetThemeAppProperties () returned 0x3
[0254.504] GetThemeBackgroundContentRect () returned 0x0
[0254.504] RestoreDC (hdc=0x740107a1, nSavedDC=-1) returned 1
[0254.504] GdipReleaseDC (graphics=0x6600030, hdc=0x740107a1) returned 0x0
[0254.504] IsAppThemed () returned 0x1
[0254.504] GetThemeAppProperties () returned 0x3
[0254.504] GetThemeAppProperties () returned 0x3
[0254.504] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0254.505] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0254.505] GetCurrentObject (hdc=0x740107a1, type=0x1) returned 0xb00017
[0254.505] GetCurrentObject (hdc=0x740107a1, type=0x2) returned 0x900010
[0254.505] GetCurrentObject (hdc=0x740107a1, type=0x7) returned 0x4a0507fe
[0254.505] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.505] SaveDC (hdc=0x740107a1) returned 1
[0254.505] GetTextAlign (hdc=0x740107a1) returned 0x0
[0254.505] GetTextColor (hdc=0x740107a1) returned 0x0
[0254.505] GetCurrentObject (hdc=0x740107a1, type=0x6) returned 0x8a01c2
[0254.505] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0254.505] SelectObject (hdc=0x740107a1, h=0x6d0a0520) returned 0x8a01c2
[0254.505] GetBkMode (hdc=0x740107a1) returned 2
[0254.505] SetBkMode (hdc=0x740107a1, mode=1) returned 2
[0254.505] DrawTextExW (in: hdc=0x740107a1, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2df981c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0254.506] DrawTextExW (in: hdc=0x740107a1, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2df981c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0254.506] RestoreDC (hdc=0x740107a1, nSavedDC=-1) returned 1
[0254.506] GdipReleaseDC (graphics=0x6600030, hdc=0x740107a1) returned 0x0
[0254.506] GetFocus () returned 0x2702d8
[0254.506] IsAppThemed () returned 0x1
[0254.506] GetThemeAppProperties () returned 0x3
[0254.506] GetThemeAppProperties () returned 0x3
[0254.506] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0254.506] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x740107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.507] GdipReleaseDC (graphics=0x6600030, hdc=0x740107a1) returned 0x0
[0254.507] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.507] SelectObject (hdc=0x740107a1, h=0x85000f) returned 0x4a0507fe
[0254.507] DeleteDC (hdc=0x740107a1) returned 1
[0254.507] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.507] EndPaint (hWnd=0x2800ea, lpPaint=0xd7e24c) returned 1
[0254.507] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0254.508] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.508] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0254.509] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.509] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.510] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0254.511] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.511] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.511] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.511] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.511] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.512] IsWindowUnicode (hWnd=0x602c4) returned 1
[0254.512] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.512] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.512] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.512] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0254.512] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.512] CreateCompatibleDC (hdc=0x10105d6) returned 0x760107a1
[0254.512] SelectObject (hdc=0x760107a1, h=0x4a0507fe) returned 0x85000f
[0254.512] GdipCreateFromHDC (hdc=0x760107a1, graphics=0xd7e268) returned 0x0
[0254.517] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.517] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0254.517] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0254.517] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0254.517] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0254.517] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.517] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0254.518] LocalFree (hMem=0x11ee868) returned 0x0
[0254.518] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0254.518] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0254.518] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.518] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0254.518] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0254.518] GdipRestoreGraphics (graphics=0x6600030, state=0xf8020dbd) returned 0x0
[0254.518] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.518] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0254.518] GetCurrentObject (hdc=0x760107a1, type=0x1) returned 0xb00017
[0254.518] GetCurrentObject (hdc=0x760107a1, type=0x2) returned 0x900010
[0254.518] GetCurrentObject (hdc=0x760107a1, type=0x7) returned 0x4a0507fe
[0254.518] GetCurrentObject (hdc=0x760107a1, type=0x6) returned 0x8a01c2
[0254.518] SaveDC (hdc=0x760107a1) returned 1
[0254.518] GetNearestColor (hdc=0x760107a1, color=0xff) returned 0xff
[0254.518] GetNearestColor (hdc=0x760107a1, color=0x55) returned 0x55
[0254.519] GetNearestColor (hdc=0x760107a1, color=0x0) returned 0x0
[0254.519] GetNearestColor (hdc=0x760107a1, color=0x55) returned 0x55
[0254.519] GetNearestColor (hdc=0x760107a1, color=0x0) returned 0x0
[0254.519] GetNearestColor (hdc=0x760107a1, color=0x8080ff) returned 0x8080ff
[0254.519] GetNearestColor (hdc=0x760107a1, color=0x7373e5) returned 0x7373e5
[0254.519] GetNearestColor (hdc=0x760107a1, color=0xe5) returned 0xe5
[0254.519] GetNearestColor (hdc=0x760107a1, color=0x0) returned 0x0
[0254.519] RestoreDC (hdc=0x760107a1, nSavedDC=-1) returned 1
[0254.519] GdipReleaseDC (graphics=0x6600030, hdc=0x760107a1) returned 0x0
[0254.519] IsAppThemed () returned 0x1
[0254.519] GetThemeAppProperties () returned 0x3
[0254.519] GetThemeAppProperties () returned 0x3
[0254.519] IsAppThemed () returned 0x1
[0254.519] GetThemeAppProperties () returned 0x3
[0254.519] GetThemeAppProperties () returned 0x3
[0254.520] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2df9fe4 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0254.520] IsAppThemed () returned 0x1
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] IsAppThemed () returned 0x1
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] GetFocus () returned 0x2702d8
[0254.520] IsAppThemed () returned 0x1
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] IsAppThemed () returned 0x1
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] GetThemeAppProperties () returned 0x3
[0254.520] IsThemePartDefined () returned 0x1
[0254.521] IsAppThemed () returned 0x1
[0254.521] GetThemeAppProperties () returned 0x3
[0254.521] GetThemeAppProperties () returned 0x3
[0254.521] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0254.521] IsAppThemed () returned 0x1
[0254.521] GetThemeAppProperties () returned 0x3
[0254.521] GetThemeAppProperties () returned 0x3
[0254.521] IsAppThemed () returned 0x1
[0254.521] GetThemeAppProperties () returned 0x3
[0254.521] GetThemeAppProperties () returned 0x3
[0254.521] IsThemePartDefined () returned 0x1
[0254.521] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0254.521] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.521] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0254.521] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0254.521] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0254.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0254.521] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0254.521] LocalFree (hMem=0x11ee910) returned 0x0
[0254.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.521] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0254.522] LocalFree (hMem=0x11ee788) returned 0x0
[0254.522] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0254.522] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e018) returned 0x0
[0254.522] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e008) returned 0x0
[0254.522] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0254.522] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.522] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0254.522] GetCurrentObject (hdc=0x760107a1, type=0x1) returned 0xb00017
[0254.522] GetCurrentObject (hdc=0x760107a1, type=0x2) returned 0x900010
[0254.522] GetCurrentObject (hdc=0x760107a1, type=0x7) returned 0x4a0507fe
[0254.522] GetCurrentObject (hdc=0x760107a1, type=0x6) returned 0x8a01c2
[0254.522] SaveDC (hdc=0x760107a1) returned 1
[0254.522] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9040807
[0254.522] GetClipRgn (hdc=0x760107a1, hrgn=0x9040807) returned 0
[0254.522] SelectClipRgn (hdc=0x760107a1, hrgn=0xa50407de) returned 2
[0254.522] DeleteObject (ho=0x9040807) returned 1
[0254.522] DeleteObject (ho=0xa50407de) returned 1
[0254.523] OffsetViewportOrgEx (in: hdc=0x760107a1, x=0, y=0, lppt=0x2dfa694 | out: lppt=0x2dfa694) returned 1
[0254.523] DrawThemeParentBackground () returned 0x0
[0254.523] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0254.523] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0254.523] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.523] GetSystemMetrics (nIndex=42) returned 0
[0254.523] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0254.523] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0254.523] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0254.523] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0254.523] SelectPalette (hdc=0x760107a1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.523] GdipCreateFromHDC (hdc=0x760107a1, graphics=0xd7dac8) returned 0x0
[0254.524] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0254.524] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0254.524] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638ba8) returned 0x0
[0254.524] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7daa0) returned 0x0
[0254.524] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0254.524] GdipCreateRegion (region=0xd7da88) returned 0x0
[0254.524] GdipGetClip (graphics=0x66376f8, region=0x6646c28) returned 0x0
[0254.524] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x66376f8, result=0xd7da94) returned 0x0
[0254.524] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.524] GdipSaveGraphics (graphics=0x66376f8, state=0xd7dac0) returned 0x0
[0254.524] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0254.535] GdipFillRectangleI (graphics=0x66376f8, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0254.535] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0254.537] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0254.537] SelectPalette (hdc=0x760107a1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.537] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.537] GetSystemMetrics (nIndex=42) returned 0
[0254.537] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0254.537] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0254.537] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0254.538] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0254.538] SelectPalette (hdc=0x760107a1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.538] GdipCreateFromHDC (hdc=0x760107a1, graphics=0xd7da68) returned 0x0
[0254.538] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0254.538] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0254.538] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638a58) returned 0x0
[0254.538] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7da40) returned 0x0
[0254.538] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0254.538] GdipCreateRegion (region=0xd7da28) returned 0x0
[0254.538] GdipGetClip (graphics=0x66376f8, region=0x6646c28) returned 0x0
[0254.538] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x66376f8, result=0xd7da34) returned 0x0
[0254.538] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.538] GdipSaveGraphics (graphics=0x66376f8, state=0xd7da60) returned 0x0
[0254.538] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0254.549] GdipFillRectangleI (graphics=0x66376f8, brush=0x6652e20, x=0, y=0, width=801, height=453) returned 0x0
[0254.549] GdipDeleteBrush (brush=0x6652e20) returned 0x0
[0254.550] GdipRestoreGraphics (graphics=0x66376f8, state=0xf7fe0dbd) returned 0x0
[0254.550] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.550] GetSystemMetrics (nIndex=42) returned 0
[0254.551] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.551] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0254.551] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0254.551] SelectPalette (hdc=0x760107a1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.551] RestoreDC (hdc=0x760107a1, nSavedDC=-1) returned 1
[0254.551] GdipReleaseDC (graphics=0x6600030, hdc=0x760107a1) returned 0x0
[0254.551] IsAppThemed () returned 0x1
[0254.551] GetThemeAppProperties () returned 0x3
[0254.551] GetThemeAppProperties () returned 0x3
[0254.551] IsAppThemed () returned 0x1
[0254.551] GetThemeAppProperties () returned 0x3
[0254.551] GetThemeAppProperties () returned 0x3
[0254.551] IsThemePartDefined () returned 0x1
[0254.551] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0254.552] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.552] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0254.552] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0254.552] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0254.552] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0254.552] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee910) returned 0x0
[0254.552] LocalFree (hMem=0x11ee910) returned 0x0
[0254.552] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.552] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0254.552] LocalFree (hMem=0x11ee868) returned 0x0
[0254.552] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0254.552] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0254.552] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0254.552] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0254.552] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.552] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0254.552] GetCurrentObject (hdc=0x760107a1, type=0x1) returned 0xb00017
[0254.552] GetCurrentObject (hdc=0x760107a1, type=0x2) returned 0x900010
[0254.553] GetCurrentObject (hdc=0x760107a1, type=0x7) returned 0x4a0507fe
[0254.553] GetCurrentObject (hdc=0x760107a1, type=0x6) returned 0x8a01c2
[0254.553] SaveDC (hdc=0x760107a1) returned 1
[0254.553] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa60407de
[0254.553] GetClipRgn (hdc=0x760107a1, hrgn=0xa60407de) returned 0
[0254.553] SelectClipRgn (hdc=0x760107a1, hrgn=0xb040807) returned 2
[0254.553] DeleteObject (ho=0xa60407de) returned 1
[0254.553] DeleteObject (ho=0xb040807) returned 1
[0254.553] OffsetViewportOrgEx (in: hdc=0x760107a1, x=0, y=0, lppt=0x2e00ee4 | out: lppt=0x2e00ee4) returned 1
[0254.553] IsAppThemed () returned 0x1
[0254.553] GetThemeAppProperties () returned 0x3
[0254.553] GetThemeAppProperties () returned 0x3
[0254.553] DrawThemeBackground () returned 0x0
[0254.553] RestoreDC (hdc=0x760107a1, nSavedDC=-1) returned 1
[0254.553] GdipReleaseDC (graphics=0x6600030, hdc=0x760107a1) returned 0x0
[0254.554] GdipCreateRegion (region=0xd7df60) returned 0x0
[0254.554] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.554] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0254.554] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0254.554] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0254.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0254.554] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eecc8) returned 0x0
[0254.554] LocalFree (hMem=0x11eecc8) returned 0x0
[0254.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0254.554] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eed00) returned 0x0
[0254.554] LocalFree (hMem=0x11eed00) returned 0x0
[0254.554] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0254.554] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0254.554] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0254.554] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0254.554] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.554] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0254.554] GetCurrentObject (hdc=0x760107a1, type=0x1) returned 0xb00017
[0254.554] GetCurrentObject (hdc=0x760107a1, type=0x2) returned 0x900010
[0254.555] GetCurrentObject (hdc=0x760107a1, type=0x7) returned 0x4a0507fe
[0254.555] GetCurrentObject (hdc=0x760107a1, type=0x6) returned 0x8a01c2
[0254.555] SaveDC (hdc=0x760107a1) returned 1
[0254.555] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc040807
[0254.555] GetClipRgn (hdc=0x760107a1, hrgn=0xc040807) returned 0
[0254.555] SelectClipRgn (hdc=0x760107a1, hrgn=0xa70407de) returned 2
[0254.555] DeleteObject (ho=0xc040807) returned 1
[0254.555] DeleteObject (ho=0xa70407de) returned 1
[0254.555] OffsetViewportOrgEx (in: hdc=0x760107a1, x=0, y=0, lppt=0x2e011b8 | out: lppt=0x2e011b8) returned 1
[0254.555] IsAppThemed () returned 0x1
[0254.555] GetThemeAppProperties () returned 0x3
[0254.555] GetThemeAppProperties () returned 0x3
[0254.555] GetThemeBackgroundContentRect () returned 0x0
[0254.555] RestoreDC (hdc=0x760107a1, nSavedDC=-1) returned 1
[0254.555] GdipReleaseDC (graphics=0x6600030, hdc=0x760107a1) returned 0x0
[0254.555] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0254.555] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0254.555] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0254.556] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0254.556] IsAppThemed () returned 0x1
[0254.556] GetThemeAppProperties () returned 0x3
[0254.556] GetThemeAppProperties () returned 0x3
[0254.556] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0254.556] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0254.556] GetCurrentObject (hdc=0x760107a1, type=0x1) returned 0xb00017
[0254.556] GetCurrentObject (hdc=0x760107a1, type=0x2) returned 0x900010
[0254.556] GetCurrentObject (hdc=0x760107a1, type=0x7) returned 0x4a0507fe
[0254.556] GetCurrentObject (hdc=0x760107a1, type=0x6) returned 0x8a01c2
[0254.556] SaveDC (hdc=0x760107a1) returned 1
[0254.556] GetTextAlign (hdc=0x760107a1) returned 0x0
[0254.556] GetTextColor (hdc=0x760107a1) returned 0x0
[0254.556] GetCurrentObject (hdc=0x760107a1, type=0x6) returned 0x8a01c2
[0254.556] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0254.556] SelectObject (hdc=0x760107a1, h=0x6d0a0520) returned 0x8a01c2
[0254.557] GetBkMode (hdc=0x760107a1) returned 2
[0254.557] SetBkMode (hdc=0x760107a1, mode=1) returned 2
[0254.557] DrawTextExW (in: hdc=0x760107a1, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e0157c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0254.557] DrawTextExW (in: hdc=0x760107a1, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e0157c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0254.557] RestoreDC (hdc=0x760107a1, nSavedDC=-1) returned 1
[0254.557] GdipReleaseDC (graphics=0x6600030, hdc=0x760107a1) returned 0x0
[0254.558] GetFocus () returned 0x2702d8
[0254.558] IsAppThemed () returned 0x1
[0254.558] GetThemeAppProperties () returned 0x3
[0254.558] GetThemeAppProperties () returned 0x3
[0254.558] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0254.558] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x760107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.558] GdipReleaseDC (graphics=0x6600030, hdc=0x760107a1) returned 0x0
[0254.558] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.558] SelectObject (hdc=0x760107a1, h=0x85000f) returned 0x4a0507fe
[0254.558] DeleteDC (hdc=0x760107a1) returned 1
[0254.558] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.558] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0254.559] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.559] IsWindowUnicode (hWnd=0x1f02c8) returned 1
[0254.559] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.559] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.559] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.559] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.559] IsWindowUnicode (hWnd=0x1f02c8) returned 1
[0254.559] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.559] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.559] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.559] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x2a1, wParam=0x0, lParam=0x4003d) returned 0x0
[0254.559] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.563] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.563] WaitMessage () returned 1
[0254.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.581] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.581] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.581] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.581] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.582] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.582] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.582] WaitMessage () returned 1
[0254.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.583] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.583] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.584] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.584] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.585] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.585] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.585] WaitMessage () returned 1
[0254.586] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.586] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.586] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.586] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.586] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.587] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.588] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.588] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.588] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.588] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.588] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.588] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.588] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.588] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.588] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.588] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.589] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.589] WaitMessage () returned 1
[0254.589] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.589] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.589] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.589] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.589] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.591] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.591] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.591] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.591] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.591] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.592] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.592] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.592] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.592] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.592] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.592] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.592] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.593] WaitMessage () returned 1
[0254.593] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.593] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.593] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.593] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.593] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.595] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.595] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.595] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.595] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.595] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.595] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.595] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.595] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.596] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.596] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.596] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.597] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.597] WaitMessage () returned 1
[0254.597] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.597] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.597] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.597] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.597] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.599] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.599] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.599] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.599] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.599] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.600] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.600] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.600] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.600] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.600] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.600] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.601] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.601] WaitMessage () returned 1
[0254.673] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.673] IsWindowUnicode (hWnd=0x502c6) returned 1
[0254.673] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.673] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.673] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.674] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.674] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0254.674] WaitMessage () returned 1
[0254.707] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.707] IsWindowUnicode (hWnd=0x1f02c8) returned 1
[0254.707] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.707] GetDlgItem (hDlg=0x2502de, nIDDlgItem=0) returned 0x0
[0254.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x210, wParam=0x201, lParam=0x62011e) returned 0x0
[0254.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x21, wParam=0x2502de, lParam=0x2010001) returned 0x1
[0254.707] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x21, wParam=0x2502de, lParam=0x2010001) returned 0x1
[0254.708] SetCursor (hCursor=0x10003) returned 0x10003
[0254.708] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.708] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.708] GetKeyState (nVirtKey=1) returned -127
[0254.708] GetKeyState (nVirtKey=2) returned 0
[0254.708] GetKeyState (nVirtKey=4) returned 0
[0254.708] GetKeyState (nVirtKey=5) returned 0
[0254.708] GetKeyState (nVirtKey=6) returned 0
[0254.708] IsWindowVisible (hWnd=0x1f02c8) returned 1
[0254.708] IsWindowEnabled (hWnd=0x1f02c8) returned 1
[0254.708] SetFocus (hWnd=0x1f02c8) returned 0x2702d8
[0254.709] GetFocus () returned 0x1f02c8
[0254.709] IsChild (hWndParent=0x2502de, hWnd=0x1f02c8) returned 1
[0254.709] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x8, wParam=0x1f02c8, lParam=0x0) returned 0x0
[0254.709] GetCapture () returned 0x0
[0254.709] InvalidateRect (hWnd=0x2702d8, lpRect=0x0, bErase=0) returned 1
[0254.710] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0254.711] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0254.713] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.713] InvalidateRect (hWnd=0x2702d8, lpRect=0x0, bErase=0) returned 1
[0254.713] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x7, wParam=0x2702d8, lParam=0x0) returned 0x0
[0254.713] GetStockObject (i=5) returned 0x900015
[0254.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0254.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0254.714] GetDlgItem (hDlg=0x2502de, nIDDlgItem=2032328) returned 0x1f02c8
[0254.714] SendMessageW (hWnd=0x1f02c8, Msg=0x202b, wParam=0x1f02c8, lParam=0xd7dddc) returned 0x0
[0254.714] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x202b, wParam=0x1f02c8, lParam=0xd7dddc) returned 0x0
[0254.714] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.715] GetFocus () returned 0x1f02c8
[0254.715] GetFocus () returned 0x1f02c8
[0254.715] GetFocus () returned 0x1f02c8
[0254.718] GetKeyState (nVirtKey=1) returned -127
[0254.718] GetKeyState (nVirtKey=2) returned 0
[0254.718] GetKeyState (nVirtKey=4) returned 0
[0254.718] GetKeyState (nVirtKey=5) returned 0
[0254.718] GetKeyState (nVirtKey=6) returned 0
[0254.718] GetCapture () returned 0x0
[0254.718] SetCapture (hWnd=0x1f02c8) returned 0x0
[0254.718] GetKeyState (nVirtKey=1) returned -127
[0254.718] GetKeyState (nVirtKey=2) returned 0
[0254.718] GetKeyState (nVirtKey=4) returned 0
[0254.718] GetKeyState (nVirtKey=5) returned 0
[0254.719] GetKeyState (nVirtKey=6) returned 0
[0254.719] NotifyWinEvent (event=0x800a, hwnd=0x1f02c8, idObject=-4, idChild=0)
[0254.719] InvalidateRect (hWnd=0x1f02c8, lpRect=0xd7e430, bErase=0) returned 1
[0254.719] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.719] IsWindowUnicode (hWnd=0x1f02c8) returned 1
[0254.719] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.719] TranslateMessage (lpMsg=0xd7e808) returned 0
[0254.719] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0254.719] MapWindowPoints (in: hWndFrom=0x1f02c8, hWndTo=0x0, lpPoints=0x2e0188c, cPoints=0x1 | out: lpPoints=0x2e0188c) returned 30999254
[0254.719] NotifyWinEvent (event=0x800a, hwnd=0x1f02c8, idObject=-4, idChild=0)
[0254.719] InvalidateRect (hWnd=0x1f02c8, lpRect=0xd7e3d0, bErase=0) returned 1
[0254.719] UpdateWindow (hWnd=0x1f02c8) returned 1
[0254.719] BeginPaint (in: hWnd=0x1f02c8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0254.720] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.720] CreateCompatibleDC (hdc=0xf0105ee) returned 0x980107f4
[0254.720] SelectObject (hdc=0x980107f4, h=0x4a0507fe) returned 0x85000f
[0254.720] GdipCreateFromHDC (hdc=0x980107f4, graphics=0xd7df00) returned 0x0
[0254.720] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.720] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0254.720] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0254.720] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0254.720] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df60) returned 0x0
[0254.720] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.720] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0254.720] LocalFree (hMem=0x11ee788) returned 0x0
[0254.721] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0254.721] GdipCreateRegion (region=0xd7df48) returned 0x0
[0254.721] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.721] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df54) returned 0x0
[0254.721] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0254.721] GdipRestoreGraphics (graphics=0x6600030, state=0xf7fc0dbd) returned 0x0
[0254.721] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.721] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0254.721] GetCurrentObject (hdc=0x980107f4, type=0x1) returned 0xb00017
[0254.721] GetCurrentObject (hdc=0x980107f4, type=0x2) returned 0x900010
[0254.721] GetCurrentObject (hdc=0x980107f4, type=0x7) returned 0x4a0507fe
[0254.721] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.721] SaveDC (hdc=0x980107f4) returned 1
[0254.721] GetNearestColor (hdc=0x980107f4, color=0xf0f0f0) returned 0xf0f0f0
[0254.721] GetNearestColor (hdc=0x980107f4, color=0xa0a0a0) returned 0xa0a0a0
[0254.722] GetNearestColor (hdc=0x980107f4, color=0x696969) returned 0x696969
[0254.722] GetNearestColor (hdc=0x980107f4, color=0xa0a0a0) returned 0xa0a0a0
[0254.722] GetNearestColor (hdc=0x980107f4, color=0x0) returned 0x0
[0254.722] GetNearestColor (hdc=0x980107f4, color=0xffffff) returned 0xffffff
[0254.722] GetNearestColor (hdc=0x980107f4, color=0xe5e5e5) returned 0xe5e5e5
[0254.722] GetNearestColor (hdc=0x980107f4, color=0xd7d7d7) returned 0xd7d7d7
[0254.722] GetNearestColor (hdc=0x980107f4, color=0x0) returned 0x0
[0254.722] RestoreDC (hdc=0x980107f4, nSavedDC=-1) returned 1
[0254.722] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f4) returned 0x0
[0254.722] IsAppThemed () returned 0x1
[0254.722] GetThemeAppProperties () returned 0x3
[0254.722] GetThemeAppProperties () returned 0x3
[0254.722] IsAppThemed () returned 0x1
[0254.722] GetThemeAppProperties () returned 0x3
[0254.722] GetThemeAppProperties () returned 0x3
[0254.723] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e01fe4 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0254.723] IsAppThemed () returned 0x1
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] IsAppThemed () returned 0x1
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] IsAppThemed () returned 0x1
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] IsAppThemed () returned 0x1
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] GetThemeAppProperties () returned 0x3
[0254.723] IsThemePartDefined () returned 0x1
[0254.723] IsAppThemed () returned 0x1
[0254.724] GetThemeAppProperties () returned 0x3
[0254.724] GetThemeAppProperties () returned 0x3
[0254.724] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0254.724] IsAppThemed () returned 0x1
[0254.724] GetThemeAppProperties () returned 0x3
[0254.724] GetThemeAppProperties () returned 0x3
[0254.724] IsAppThemed () returned 0x1
[0254.724] GetThemeAppProperties () returned 0x3
[0254.724] GetThemeAppProperties () returned 0x3
[0254.724] IsThemePartDefined () returned 0x1
[0254.724] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0254.724] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0254.724] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0254.724] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0254.724] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc7c) returned 0x0
[0254.724] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0254.724] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0254.724] LocalFree (hMem=0x11ee910) returned 0x0
[0254.724] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0254.724] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eead0) returned 0x0
[0254.725] LocalFree (hMem=0x11eead0) returned 0x0
[0254.725] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0254.725] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0254.725] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0254.725] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0254.725] GdipDeleteRegion (region=0x6646568) returned 0x0
[0254.725] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0254.725] GetCurrentObject (hdc=0x980107f4, type=0x1) returned 0xb00017
[0254.725] GetCurrentObject (hdc=0x980107f4, type=0x2) returned 0x900010
[0254.725] GetCurrentObject (hdc=0x980107f4, type=0x7) returned 0x4a0507fe
[0254.725] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.725] SaveDC (hdc=0x980107f4) returned 1
[0254.725] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa80407de
[0254.725] GetClipRgn (hdc=0x980107f4, hrgn=0xa80407de) returned 0
[0254.725] SelectClipRgn (hdc=0x980107f4, hrgn=0x10040807) returned 2
[0254.725] DeleteObject (ho=0xa80407de) returned 1
[0254.726] DeleteObject (ho=0x10040807) returned 1
[0254.726] OffsetViewportOrgEx (in: hdc=0x980107f4, x=0, y=0, lppt=0x2e02694 | out: lppt=0x2e02694) returned 1
[0254.726] DrawThemeParentBackground () returned 0x0
[0254.726] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0254.726] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0254.726] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.726] GetSystemMetrics (nIndex=42) returned 0
[0254.726] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0254.726] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0254.726] GetCurrentObject (hdc=0x980107f4, type=0x1) returned 0xb00017
[0254.726] GetCurrentObject (hdc=0x980107f4, type=0x2) returned 0x900010
[0254.726] GetCurrentObject (hdc=0x980107f4, type=0x7) returned 0x4a0507fe
[0254.726] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.727] SaveDC (hdc=0x980107f4) returned 2
[0254.727] GetNearestColor (hdc=0x980107f4, color=0xf0f0f0) returned 0xf0f0f0
[0254.727] CreateSolidBrush (color=0xf0f0f0) returned 0xb91007e1
[0254.727] FillRect (hDC=0x980107f4, lprc=0xd7d6c8, hbr=0xb91007e1) returned 1
[0254.727] DeleteObject (ho=0xb91007e1) returned 1
[0254.727] RestoreDC (hdc=0x980107f4, nSavedDC=-1) returned 1
[0254.727] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.727] GetSystemMetrics (nIndex=42) returned 0
[0254.727] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0254.727] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0254.727] GetCurrentObject (hdc=0x980107f4, type=0x1) returned 0xb00017
[0254.727] GetCurrentObject (hdc=0x980107f4, type=0x2) returned 0x900010
[0254.727] GetCurrentObject (hdc=0x980107f4, type=0x7) returned 0x4a0507fe
[0254.727] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.728] SaveDC (hdc=0x980107f4) returned 2
[0254.728] GetNearestColor (hdc=0x980107f4, color=0xf0f0f0) returned 0xf0f0f0
[0254.728] CreateSolidBrush (color=0xf0f0f0) returned 0xba1007e1
[0254.728] FillRect (hDC=0x980107f4, lprc=0xd7d668, hbr=0xba1007e1) returned 1
[0254.728] DeleteObject (ho=0xba1007e1) returned 1
[0254.728] RestoreDC (hdc=0x980107f4, nSavedDC=-1) returned 1
[0254.728] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.728] GetSystemMetrics (nIndex=42) returned 0
[0254.728] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0254.728] RestoreDC (hdc=0x980107f4, nSavedDC=-1) returned 1
[0254.729] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f4) returned 0x0
[0254.729] IsAppThemed () returned 0x1
[0254.729] GetThemeAppProperties () returned 0x3
[0254.729] GetThemeAppProperties () returned 0x3
[0254.729] IsAppThemed () returned 0x1
[0254.729] GetThemeAppProperties () returned 0x3
[0254.729] GetThemeAppProperties () returned 0x3
[0254.729] IsThemePartDefined () returned 0x1
[0254.729] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0254.729] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.729] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0254.729] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0254.729] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc00) returned 0x0
[0254.729] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.729] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0254.729] LocalFree (hMem=0x11eec58) returned 0x0
[0254.729] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0254.729] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0254.729] LocalFree (hMem=0x11ee8d8) returned 0x0
[0254.730] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0254.730] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0254.730] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0254.730] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0254.730] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.730] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0254.730] GetCurrentObject (hdc=0x980107f4, type=0x1) returned 0xb00017
[0254.730] GetCurrentObject (hdc=0x980107f4, type=0x2) returned 0x900010
[0254.730] GetCurrentObject (hdc=0x980107f4, type=0x7) returned 0x4a0507fe
[0254.730] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.730] SaveDC (hdc=0x980107f4) returned 1
[0254.730] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x11040807
[0254.730] GetClipRgn (hdc=0x980107f4, hrgn=0x11040807) returned 0
[0254.730] SelectClipRgn (hdc=0x980107f4, hrgn=0xaa0407de) returned 2
[0254.730] DeleteObject (ho=0x11040807) returned 1
[0254.730] DeleteObject (ho=0xaa0407de) returned 1
[0254.731] OffsetViewportOrgEx (in: hdc=0x980107f4, x=0, y=0, lppt=0x2e02f40 | out: lppt=0x2e02f40) returned 1
[0254.731] IsAppThemed () returned 0x1
[0254.731] GetThemeAppProperties () returned 0x3
[0254.731] GetThemeAppProperties () returned 0x3
[0254.731] DrawThemeBackground () returned 0x0
[0254.731] RestoreDC (hdc=0x980107f4, nSavedDC=-1) returned 1
[0254.731] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f4) returned 0x0
[0254.731] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0254.731] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0254.731] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0254.731] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0254.732] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc04) returned 0x0
[0254.732] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.732] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0254.732] LocalFree (hMem=0x11eec58) returned 0x0
[0254.732] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.732] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0254.732] LocalFree (hMem=0x11ee788) returned 0x0
[0254.732] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0254.732] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0254.732] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0254.732] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0254.732] GdipDeleteRegion (region=0x6646298) returned 0x0
[0254.732] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0254.732] GetCurrentObject (hdc=0x980107f4, type=0x1) returned 0xb00017
[0254.732] GetCurrentObject (hdc=0x980107f4, type=0x2) returned 0x900010
[0254.732] GetCurrentObject (hdc=0x980107f4, type=0x7) returned 0x4a0507fe
[0254.732] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.733] SaveDC (hdc=0x980107f4) returned 1
[0254.733] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab0407de
[0254.733] GetClipRgn (hdc=0x980107f4, hrgn=0xab0407de) returned 0
[0254.733] SelectClipRgn (hdc=0x980107f4, hrgn=0x12040807) returned 2
[0254.733] DeleteObject (ho=0xab0407de) returned 1
[0254.733] DeleteObject (ho=0x12040807) returned 1
[0254.733] OffsetViewportOrgEx (in: hdc=0x980107f4, x=0, y=0, lppt=0x2e03214 | out: lppt=0x2e03214) returned 1
[0254.733] IsAppThemed () returned 0x1
[0254.744] GetThemeAppProperties () returned 0x3
[0254.744] GetThemeAppProperties () returned 0x3
[0254.744] GetThemeBackgroundContentRect () returned 0x0
[0254.744] RestoreDC (hdc=0x980107f4, nSavedDC=-1) returned 1
[0254.744] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f4) returned 0x0
[0254.744] IsAppThemed () returned 0x1
[0254.744] GetThemeAppProperties () returned 0x3
[0254.744] GetThemeAppProperties () returned 0x3
[0254.744] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0254.744] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0254.744] GetCurrentObject (hdc=0x980107f4, type=0x1) returned 0xb00017
[0254.744] GetCurrentObject (hdc=0x980107f4, type=0x2) returned 0x900010
[0254.744] GetCurrentObject (hdc=0x980107f4, type=0x7) returned 0x4a0507fe
[0254.745] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.745] SaveDC (hdc=0x980107f4) returned 1
[0254.745] GetTextAlign (hdc=0x980107f4) returned 0x0
[0254.745] GetTextColor (hdc=0x980107f4) returned 0x0
[0254.745] GetCurrentObject (hdc=0x980107f4, type=0x6) returned 0x8a01c2
[0254.745] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0254.745] SelectObject (hdc=0x980107f4, h=0x6d0a0520) returned 0x8a01c2
[0254.745] GetBkMode (hdc=0x980107f4) returned 2
[0254.745] SetBkMode (hdc=0x980107f4, mode=1) returned 2
[0254.745] DrawTextExW (in: hdc=0x980107f4, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e035b4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0254.746] DrawTextExW (in: hdc=0x980107f4, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e035b4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0254.746] RestoreDC (hdc=0x980107f4, nSavedDC=-1) returned 1
[0254.746] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f4) returned 0x0
[0254.746] GetFocus () returned 0x1f02c8
[0254.746] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0254.746] SendMessageW (hWnd=0x2502de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0254.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0254.746] IsAppThemed () returned 0x1
[0254.746] GetThemeAppProperties () returned 0x3
[0254.747] GetThemeAppProperties () returned 0x3
[0254.747] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0254.747] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x980107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.751] GdipReleaseDC (graphics=0x6600030, hdc=0x980107f4) returned 0x0
[0254.751] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.752] SelectObject (hdc=0x980107f4, h=0x85000f) returned 0x4a0507fe
[0254.752] DeleteDC (hdc=0x980107f4) returned 1
[0254.752] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.752] EndPaint (hWnd=0x1f02c8, lpPaint=0xd7dee4) returned 1
[0254.752] MapWindowPoints (in: hWndFrom=0x1f02c8, hWndTo=0x0, lpPoints=0x2e036b0, cPoints=0x1 | out: lpPoints=0x2e036b0) returned 30999254
[0254.752] WindowFromPoint (Point=0x313) returned 0x1f02c8
[0254.752] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.752] NotifyWinEvent (event=0x800a, hwnd=0x1f02c8, idObject=-4, idChild=0)
[0254.752] NotifyWinEvent (event=0x800c, hwnd=0x1f02c8, idObject=-4, idChild=0)
[0254.752] GetCapture () returned 0x1f02c8
[0254.752] ReleaseCapture () returned 1
[0254.753] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0254.753] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0254.753] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.753] IsWindow (hWnd=0x7005c) returned 1
[0254.753] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0254.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0254.754] IsWindow (hWnd=0x2502de) returned 1
[0254.754] SetActiveWindow (hWnd=0x2502de) returned 0x2502de
[0254.754] IsWindow (hWnd=0x2502de) returned 1
[0254.754] SetFocus (hWnd=0x2502de) returned 0x1f02c8
[0254.755] GetFocus () returned 0x2502de
[0254.756] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x8, wParam=0x2502de, lParam=0x0) returned 0x0
[0254.756] GetCapture () returned 0x0
[0254.756] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.757] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0254.758] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0254.760] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.760] GetFocus () returned 0x2502de
[0254.760] SetFocus (hWnd=0x1f02c8) returned 0x2502de
[0254.761] GetFocus () returned 0x1f02c8
[0254.761] IsChild (hWndParent=0x2502de, hWnd=0x1f02c8) returned 1
[0254.761] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x8, wParam=0x1f02c8, lParam=0x0) returned 0x0
[0254.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0254.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0254.766] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x7, wParam=0x2502de, lParam=0x0) returned 0x0
[0254.766] GetStockObject (i=5) returned 0x900015
[0254.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0254.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0254.766] GetDlgItem (hDlg=0x2502de, nIDDlgItem=2032328) returned 0x1f02c8
[0254.766] SendMessageW (hWnd=0x1f02c8, Msg=0x202b, wParam=0x1f02c8, lParam=0xd7ddcc) returned 0x0
[0254.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x202b, wParam=0x1f02c8, lParam=0xd7ddcc) returned 0x0
[0254.767] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.770] GetWindowLongW (hWnd=0x2502de, nIndex=-8) returned 458844
[0254.770] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0254.770] GetCurrentThreadId () returned 0xf50
[0254.770] IsWindow (hWnd=0x7005c) returned 1
[0254.770] IsWindow (hWnd=0x7005c) returned 1
[0254.770] IsWindowVisible (hWnd=0x7005c) returned 1
[0254.770] SetActiveWindow (hWnd=0x7005c) returned 0x2502de
[0254.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0254.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0254.774] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0254.775] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0254.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0254.775] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0254.775] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0254.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2502de) returned 0x1
[0254.786] GetFocus () returned 0x1f02c8
[0254.786] SetFocus (hWnd=0x602c4) returned 0x1f02c8
[0254.787] GetFocus () returned 0x602c4
[0254.787] IsChild (hWndParent=0x2502de, hWnd=0x602c4) returned 0
[0254.787] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0254.787] GetCapture () returned 0x0
[0254.787] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.788] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0254.790] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0254.792] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0254.792] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0254.793] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0254.793] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1f02c8, lParam=0x0) returned 0x0
[0254.793] GetStockObject (i=5) returned 0x900015
[0254.793] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0254.793] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8c8) returned 0xc
[0254.793] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0254.793] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0254.793] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0254.793] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0254.799] GetFocus () returned 0x602c4
[0254.799] IsChild (hWndParent=0x2502de, hWnd=0x602c4) returned 0
[0254.799] ShowWindow (hWnd=0x2502de, nCmdShow=0) returned 1
[0254.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0254.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0254.802] GetWindowPlacement (in: hWnd=0x2502de, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0254.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0254.802] GetClientRect (in: hWnd=0x2502de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0254.802] GetWindowRect (in: hWnd=0x2502de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0254.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0254.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0254.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0254.803] GetWindowLongW (hWnd=0x2502de, nIndex=-20) returned 327945
[0254.803] DestroyWindow (hWnd=0x2502de) returned 1
[0254.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0254.804] GetWindowTextLengthW (hWnd=0x2502de) returned 13
[0254.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.804] GetSystemMetrics (nIndex=42) returned 0
[0254.805] GetWindowTextW (in: hWnd=0x2502de, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0254.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0254.805] GetWindowTextLengthW (hWnd=0x1b02ce) returned 0
[0254.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0254.805] GetSystemMetrics (nIndex=42) returned 0
[0254.805] GetWindowTextW (in: hWnd=0x1b02ce, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0254.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0254.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0254.805] GetWindowThreadProcessId (in: hWnd=0x2502dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0254.805] GetWindow (hWnd=0x2502dc, uCmd=0x5) returned 0x0
[0254.805] GetWindowLongW (hWnd=0x2502dc, nIndex=-20) returned 65792
[0254.805] DestroyWindow (hWnd=0x2502dc) returned 1
[0254.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0254.806] GetWindowTextLengthW (hWnd=0x2502dc) returned 25
[0254.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0254.806] GetSystemMetrics (nIndex=42) returned 0
[0254.806] GetWindowTextW (in: hWnd=0x2502dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0254.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0254.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0254.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.807] GetWindowTextLengthW (hWnd=0x2502da) returned 232
[0254.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0254.807] GetSystemMetrics (nIndex=42) returned 0
[0254.807] GetWindowTextW (in: hWnd=0x2502da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0254.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0254.807] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0254.808] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0254.808] InvalidateRect (hWnd=0x1f02c8, lpRect=0x0, bErase=0) returned 1
[0254.808] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0254.808] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0254.808] SendMessageW (hWnd=0x1a02d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0254.808] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0254.808] SendMessageW (hWnd=0x1a02d0, Msg=0xb0, wParam=0x2dcf4b4, lParam=0xd7e480) returned 0x0
[0254.808] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0xb0, wParam=0x2dcf4b4, lParam=0xd7e480) returned 0x0
[0254.808] GetWindowTextLengthW (hWnd=0x1a02d0) returned 4363
[0254.808] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0254.808] GetSystemMetrics (nIndex=42) returned 0
[0254.808] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0254.808] GetWindowTextW (in: hWnd=0x1a02d0, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0254.808] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0254.809] CoTaskMemFree (pv=0x120a4b0)
[0254.809] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0254.809] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1b02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.827] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2702d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.830] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1f02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2800ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.832] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1a02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0254.836] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.836] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.836] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.836] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.837] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.837] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.837] IsWindowUnicode (hWnd=0x7005c) returned 1
[0254.837] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.837] SetCursor (hCursor=0x10003) returned 0x10003
[0254.838] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.838] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.838] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0254.838] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0254.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0254.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080255) returned 0x0
[0254.838] GetKeyState (nVirtKey=1) returned 1
[0254.838] GetKeyState (nVirtKey=2) returned 0
[0254.838] GetKeyState (nVirtKey=4) returned 0
[0254.838] GetKeyState (nVirtKey=5) returned 0
[0254.838] GetKeyState (nVirtKey=6) returned 0
[0254.838] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.839] IsWindowUnicode (hWnd=0x7005c) returned 1
[0254.839] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.839] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.839] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.839] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.839] IsWindowUnicode (hWnd=0x7005c) returned 1
[0254.839] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0254.840] SetCursor (hCursor=0x10003) returned 0x10003
[0254.840] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.840] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080255) returned 0x0
[0254.840] GetKeyState (nVirtKey=1) returned 1
[0254.840] GetKeyState (nVirtKey=2) returned 0
[0254.840] GetKeyState (nVirtKey=4) returned 0
[0254.840] GetKeyState (nVirtKey=5) returned 0
[0254.840] GetKeyState (nVirtKey=6) returned 0
[0254.840] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.846] IsWindowUnicode (hWnd=0x602c4) returned 1
[0254.846] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.846] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.846] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.846] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.847] IsWindowUnicode (hWnd=0x602c4) returned 1
[0254.847] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.847] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.847] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.847] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0254.847] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.847] CreateCompatibleDC (hdc=0x107b9) returned 0xa50107f4
[0254.847] SelectObject (hdc=0xa50107f4, h=0x4a0507fe) returned 0x85000f
[0254.848] GdipCreateFromHDC (hdc=0xa50107f4, graphics=0xd7e798) returned 0x0
[0254.848] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0254.848] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0254.848] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0254.848] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0254.848] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e7f8) returned 0x0
[0254.848] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0254.848] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0254.848] LocalFree (hMem=0x11ee9f0) returned 0x0
[0254.848] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0254.848] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0254.848] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.848] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0254.848] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0254.848] GdipRestoreGraphics (graphics=0x6600030, state=0xf7fa0dbd) returned 0x0
[0254.849] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.849] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0254.849] GetCurrentObject (hdc=0xa50107f4, type=0x1) returned 0xb00017
[0254.849] GetCurrentObject (hdc=0xa50107f4, type=0x2) returned 0x900010
[0254.849] GetCurrentObject (hdc=0xa50107f4, type=0x7) returned 0x4a0507fe
[0254.849] GetCurrentObject (hdc=0xa50107f4, type=0x6) returned 0x8a01c2
[0254.849] SaveDC (hdc=0xa50107f4) returned 1
[0254.849] GetNearestColor (hdc=0xa50107f4, color=0xff) returned 0xff
[0254.849] GetNearestColor (hdc=0xa50107f4, color=0x55) returned 0x55
[0254.849] GetNearestColor (hdc=0xa50107f4, color=0x0) returned 0x0
[0254.849] GetNearestColor (hdc=0xa50107f4, color=0x55) returned 0x55
[0254.849] GetNearestColor (hdc=0xa50107f4, color=0x0) returned 0x0
[0254.849] GetNearestColor (hdc=0xa50107f4, color=0x8080ff) returned 0x8080ff
[0254.849] GetNearestColor (hdc=0xa50107f4, color=0x7373e5) returned 0x7373e5
[0254.850] GetNearestColor (hdc=0xa50107f4, color=0xe5) returned 0xe5
[0254.850] GetNearestColor (hdc=0xa50107f4, color=0x0) returned 0x0
[0254.850] RestoreDC (hdc=0xa50107f4, nSavedDC=-1) returned 1
[0254.850] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f4) returned 0x0
[0254.850] IsAppThemed () returned 0x1
[0254.850] GetThemeAppProperties () returned 0x3
[0254.850] GetThemeAppProperties () returned 0x3
[0254.850] IsAppThemed () returned 0x1
[0254.850] GetThemeAppProperties () returned 0x3
[0254.850] GetThemeAppProperties () returned 0x3
[0254.850] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e0b41c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0254.851] IsAppThemed () returned 0x1
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] IsAppThemed () returned 0x1
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] GetFocus () returned 0x602c4
[0254.851] IsAppThemed () returned 0x1
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] IsAppThemed () returned 0x1
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] IsThemePartDefined () returned 0x1
[0254.851] IsAppThemed () returned 0x1
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0254.851] IsAppThemed () returned 0x1
[0254.851] GetThemeAppProperties () returned 0x3
[0254.851] GetThemeAppProperties () returned 0x3
[0254.852] IsAppThemed () returned 0x1
[0254.852] GetThemeAppProperties () returned 0x3
[0254.852] GetThemeAppProperties () returned 0x3
[0254.852] IsThemePartDefined () returned 0x1
[0254.852] GdipCreateRegion (region=0xd7e508) returned 0x0
[0254.852] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0254.852] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0254.852] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0254.852] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e520) returned 0x0
[0254.852] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.852] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0254.852] LocalFree (hMem=0x11ee868) returned 0x0
[0254.852] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0254.852] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0254.852] LocalFree (hMem=0x11eec58) returned 0x0
[0254.852] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0254.852] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e548) returned 0x0
[0254.852] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e538) returned 0x0
[0254.852] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0254.853] GdipDeleteRegion (region=0x6646568) returned 0x0
[0254.853] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0254.853] GetCurrentObject (hdc=0xa50107f4, type=0x1) returned 0xb00017
[0254.853] GetCurrentObject (hdc=0xa50107f4, type=0x2) returned 0x900010
[0254.853] GetCurrentObject (hdc=0xa50107f4, type=0x7) returned 0x4a0507fe
[0254.853] GetCurrentObject (hdc=0xa50107f4, type=0x6) returned 0x8a01c2
[0254.853] SaveDC (hdc=0xa50107f4) returned 1
[0254.853] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x13040807
[0254.853] GetClipRgn (hdc=0xa50107f4, hrgn=0x13040807) returned 0
[0254.853] SelectClipRgn (hdc=0xa50107f4, hrgn=0xaf0407de) returned 2
[0254.853] DeleteObject (ho=0x13040807) returned 1
[0254.853] DeleteObject (ho=0xaf0407de) returned 1
[0254.853] OffsetViewportOrgEx (in: hdc=0xa50107f4, x=0, y=0, lppt=0x2e0bacc | out: lppt=0x2e0bacc) returned 1
[0254.853] DrawThemeParentBackground () returned 0x0
[0254.854] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0254.854] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0254.854] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.854] GetSystemMetrics (nIndex=42) returned 0
[0254.854] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0254.854] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0254.854] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0254.854] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0254.854] SelectPalette (hdc=0xa50107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.854] GdipCreateFromHDC (hdc=0xa50107f4, graphics=0xd7dff8) returned 0x0
[0254.854] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0254.855] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0254.855] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638a58) returned 0x0
[0254.855] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dfd0) returned 0x0
[0254.855] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0254.855] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0254.855] GdipGetClip (graphics=0x66376f8, region=0x6646688) returned 0x0
[0254.855] GdipIsInfiniteRegion (region=0x6646688, graphics=0x66376f8, result=0xd7dfc4) returned 0x0
[0254.855] GdipDeleteRegion (region=0x6646688) returned 0x0
[0254.855] GdipSaveGraphics (graphics=0x66376f8, state=0xd7dff0) returned 0x0
[0254.855] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0254.868] GdipFillRectangleI (graphics=0x66376f8, brush=0x6653090, x=0, y=0, width=801, height=453) returned 0x0
[0254.868] GdipDeleteBrush (brush=0x6653090) returned 0x0
[0254.869] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0254.870] SelectPalette (hdc=0xa50107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.870] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.870] GetSystemMetrics (nIndex=42) returned 0
[0254.870] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0254.870] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0254.870] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0254.870] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0254.870] SelectPalette (hdc=0xa50107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0254.870] GdipCreateFromHDC (hdc=0xa50107f4, graphics=0xd7df98) returned 0x0
[0254.870] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0254.870] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0254.871] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638c98) returned 0x0
[0254.871] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df70) returned 0x0
[0254.871] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0254.871] GdipCreateRegion (region=0xd7df58) returned 0x0
[0254.871] GdipGetClip (graphics=0x66376f8, region=0x6646c28) returned 0x0
[0254.871] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x66376f8, result=0xd7df64) returned 0x0
[0254.871] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.871] GdipSaveGraphics (graphics=0x66376f8, state=0xd7df90) returned 0x0
[0254.871] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0254.884] GdipFillRectangleI (graphics=0x66376f8, brush=0x6652f58, x=0, y=0, width=801, height=453) returned 0x0
[0254.884] GdipDeleteBrush (brush=0x6652f58) returned 0x0
[0254.886] GdipRestoreGraphics (graphics=0x66376f8, state=0xf7f60dbd) returned 0x0
[0254.886] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0254.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0254.886] GetSystemMetrics (nIndex=42) returned 0
[0254.886] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0254.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0254.886] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0254.886] SelectPalette (hdc=0xa50107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.886] RestoreDC (hdc=0xa50107f4, nSavedDC=-1) returned 1
[0254.886] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f4) returned 0x0
[0254.887] IsAppThemed () returned 0x1
[0254.887] GetThemeAppProperties () returned 0x3
[0254.887] GetThemeAppProperties () returned 0x3
[0254.887] IsAppThemed () returned 0x1
[0254.887] GetThemeAppProperties () returned 0x3
[0254.887] GetThemeAppProperties () returned 0x3
[0254.887] IsThemePartDefined () returned 0x1
[0254.887] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0254.887] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0254.887] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0254.887] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0254.887] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e4a4) returned 0x0
[0254.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0254.887] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0254.887] LocalFree (hMem=0x11ee9f0) returned 0x0
[0254.887] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0254.887] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0254.887] LocalFree (hMem=0x11ee788) returned 0x0
[0254.888] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0254.888] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0254.888] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0254.888] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0254.888] GdipDeleteRegion (region=0x6646568) returned 0x0
[0254.888] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0254.888] GetCurrentObject (hdc=0xa50107f4, type=0x1) returned 0xb00017
[0254.888] GetCurrentObject (hdc=0xa50107f4, type=0x2) returned 0x900010
[0254.888] GetCurrentObject (hdc=0xa50107f4, type=0x7) returned 0x4a0507fe
[0254.888] GetCurrentObject (hdc=0xa50107f4, type=0x6) returned 0x8a01c2
[0254.888] SaveDC (hdc=0xa50107f4) returned 1
[0254.888] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb00407de
[0254.888] GetClipRgn (hdc=0xa50107f4, hrgn=0xb00407de) returned 0
[0254.889] SelectClipRgn (hdc=0xa50107f4, hrgn=0x15040807) returned 2
[0254.889] DeleteObject (ho=0xb00407de) returned 1
[0254.889] DeleteObject (ho=0x15040807) returned 1
[0254.889] OffsetViewportOrgEx (in: hdc=0xa50107f4, x=0, y=0, lppt=0x2e1231c | out: lppt=0x2e1231c) returned 1
[0254.889] IsAppThemed () returned 0x1
[0254.889] GetThemeAppProperties () returned 0x3
[0254.889] GetThemeAppProperties () returned 0x3
[0254.889] DrawThemeBackground () returned 0x0
[0254.889] RestoreDC (hdc=0xa50107f4, nSavedDC=-1) returned 1
[0254.889] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f4) returned 0x0
[0254.889] GdipCreateRegion (region=0xd7e490) returned 0x0
[0254.889] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0254.889] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0254.889] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0254.889] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e4a8) returned 0x0
[0254.889] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0254.889] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0254.890] LocalFree (hMem=0x11ee868) returned 0x0
[0254.890] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0254.890] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0254.890] LocalFree (hMem=0x11eecc8) returned 0x0
[0254.890] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0254.890] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0254.890] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0254.890] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0254.890] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0254.890] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0254.890] GetCurrentObject (hdc=0xa50107f4, type=0x1) returned 0xb00017
[0254.890] GetCurrentObject (hdc=0xa50107f4, type=0x2) returned 0x900010
[0254.890] GetCurrentObject (hdc=0xa50107f4, type=0x7) returned 0x4a0507fe
[0254.890] GetCurrentObject (hdc=0xa50107f4, type=0x6) returned 0x8a01c2
[0254.890] SaveDC (hdc=0xa50107f4) returned 1
[0254.890] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x16040807
[0254.890] GetClipRgn (hdc=0xa50107f4, hrgn=0x16040807) returned 0
[0254.891] SelectClipRgn (hdc=0xa50107f4, hrgn=0xb10407de) returned 2
[0254.891] DeleteObject (ho=0x16040807) returned 1
[0254.891] DeleteObject (ho=0xb10407de) returned 1
[0254.891] OffsetViewportOrgEx (in: hdc=0xa50107f4, x=0, y=0, lppt=0x2e125f0 | out: lppt=0x2e125f0) returned 1
[0254.891] IsAppThemed () returned 0x1
[0254.891] GetThemeAppProperties () returned 0x3
[0254.891] GetThemeAppProperties () returned 0x3
[0254.891] GetThemeBackgroundContentRect () returned 0x0
[0254.891] RestoreDC (hdc=0xa50107f4, nSavedDC=-1) returned 1
[0254.891] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f4) returned 0x0
[0254.891] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0254.891] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0254.891] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0254.891] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0254.891] IsAppThemed () returned 0x1
[0254.891] GetThemeAppProperties () returned 0x3
[0254.891] GetThemeAppProperties () returned 0x3
[0254.891] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0254.892] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0254.892] GetCurrentObject (hdc=0xa50107f4, type=0x1) returned 0xb00017
[0254.892] GetCurrentObject (hdc=0xa50107f4, type=0x2) returned 0x900010
[0254.892] GetCurrentObject (hdc=0xa50107f4, type=0x7) returned 0x4a0507fe
[0254.892] GetCurrentObject (hdc=0xa50107f4, type=0x6) returned 0x8a01c2
[0254.892] SaveDC (hdc=0xa50107f4) returned 1
[0254.892] GetTextAlign (hdc=0xa50107f4) returned 0x0
[0254.892] GetTextColor (hdc=0xa50107f4) returned 0x0
[0254.892] GetCurrentObject (hdc=0xa50107f4, type=0x6) returned 0x8a01c2
[0254.892] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0254.892] SelectObject (hdc=0xa50107f4, h=0x6d0a0520) returned 0x8a01c2
[0254.892] GetBkMode (hdc=0xa50107f4) returned 2
[0254.892] SetBkMode (hdc=0xa50107f4, mode=1) returned 2
[0254.892] DrawTextExW (in: hdc=0xa50107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e129b4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0254.893] DrawTextExW (in: hdc=0xa50107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e129b4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0254.893] RestoreDC (hdc=0xa50107f4, nSavedDC=-1) returned 1
[0254.893] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f4) returned 0x0
[0254.893] GetFocus () returned 0x602c4
[0254.893] IsAppThemed () returned 0x1
[0254.893] GetThemeAppProperties () returned 0x3
[0254.894] GetThemeAppProperties () returned 0x3
[0254.894] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0254.894] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xa50107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0254.894] GdipReleaseDC (graphics=0x6600030, hdc=0xa50107f4) returned 0x0
[0254.894] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0254.894] SelectObject (hdc=0xa50107f4, h=0x85000f) returned 0x4a0507fe
[0254.894] DeleteDC (hdc=0xa50107f4) returned 1
[0254.894] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0254.894] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0254.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.894] WaitMessage () returned 1
[0254.895] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.896] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.896] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.896] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.896] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.897] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.897] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.897] WaitMessage () returned 1
[0254.919] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.919] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.919] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.923] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.923] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.924] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.924] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.924] WaitMessage () returned 1
[0254.927] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.927] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.927] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.927] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.927] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.928] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.928] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.928] WaitMessage () returned 1
[0254.928] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.929] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.929] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.929] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.929] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.930] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.930] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.930] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.931] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.931] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.931] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.931] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.931] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.931] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.931] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.931] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.932] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.932] WaitMessage () returned 1
[0254.936] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.936] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.936] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.936] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.936] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.941] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.941] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.941] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.941] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.941] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.941] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.942] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.942] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.942] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.942] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.942] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.942] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.942] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.942] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.943] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.943] IsWindowUnicode (hWnd=0x30122) returned 1
[0254.943] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.943] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.943] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.943] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.944] IsWindowUnicode (hWnd=0x7005c) returned 1
[0254.944] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.944] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.944] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.944] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.944] IsWindowUnicode (hWnd=0x7005c) returned 1
[0254.944] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0254.944] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0254.944] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0254.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1080255) returned 0x0
[0254.944] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.944] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0254.944] WaitMessage () returned 1
[0255.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0255.092] IsWindowUnicode (hWnd=0x502c6) returned 1
[0255.092] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0255.092] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0255.092] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0255.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0255.092] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0255.092] WaitMessage () returned 1
[0256.893] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.893] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2700102) returned 0x1
[0256.894] IsWindowUnicode (hWnd=0x602c4) returned 1
[0256.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0256.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0256.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0256.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.894] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2700102) returned 0x1
[0256.894] IsWindowUnicode (hWnd=0x602c4) returned 1
[0256.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.894] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2700102) returned 0x1
[0256.894] SetCursor (hCursor=0x10003) returned 0x10003
[0256.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0256.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0256.895] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0256.895] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0256.895] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0256.895] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0256.895] GetKeyState (nVirtKey=1) returned 1
[0256.895] GetKeyState (nVirtKey=2) returned 0
[0256.895] GetKeyState (nVirtKey=4) returned 0
[0256.895] GetKeyState (nVirtKey=5) returned 0
[0256.895] GetKeyState (nVirtKey=6) returned 0
[0256.895] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.895] IsWindowUnicode (hWnd=0x602c4) returned 1
[0256.895] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.895] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0256.895] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0256.895] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0256.895] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0256.896] CreateCompatibleDC (hdc=0x107b9) returned 0xf50107d3
[0256.896] SelectObject (hdc=0xf50107d3, h=0x4a0507fe) returned 0x85000f
[0256.896] GdipCreateFromHDC (hdc=0xf50107d3, graphics=0xd7e798) returned 0x0
[0256.896] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0256.896] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0256.896] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0256.896] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0256.896] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e7f8) returned 0x0
[0256.896] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0256.896] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0256.896] LocalFree (hMem=0x11ee788) returned 0x0
[0256.897] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0256.897] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0256.897] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0256.897] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0256.897] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0256.897] GdipRestoreGraphics (graphics=0x6600030, state=0xf7f40dbd) returned 0x0
[0256.897] GdipDeleteRegion (region=0x6646298) returned 0x0
[0256.897] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0256.897] GetCurrentObject (hdc=0xf50107d3, type=0x1) returned 0xb00017
[0256.897] GetCurrentObject (hdc=0xf50107d3, type=0x2) returned 0x900010
[0256.897] GetCurrentObject (hdc=0xf50107d3, type=0x7) returned 0x4a0507fe
[0256.897] GetCurrentObject (hdc=0xf50107d3, type=0x6) returned 0x8a01c2
[0256.897] SaveDC (hdc=0xf50107d3) returned 1
[0256.897] GetNearestColor (hdc=0xf50107d3, color=0xff) returned 0xff
[0256.897] GetNearestColor (hdc=0xf50107d3, color=0x55) returned 0x55
[0256.898] GetNearestColor (hdc=0xf50107d3, color=0x0) returned 0x0
[0256.898] GetNearestColor (hdc=0xf50107d3, color=0x55) returned 0x55
[0256.898] GetNearestColor (hdc=0xf50107d3, color=0x0) returned 0x0
[0256.898] GetNearestColor (hdc=0xf50107d3, color=0x8080ff) returned 0x8080ff
[0256.898] GetNearestColor (hdc=0xf50107d3, color=0x7373e5) returned 0x7373e5
[0256.898] GetNearestColor (hdc=0xf50107d3, color=0xe5) returned 0xe5
[0256.898] GetNearestColor (hdc=0xf50107d3, color=0x0) returned 0x0
[0256.898] RestoreDC (hdc=0xf50107d3, nSavedDC=-1) returned 1
[0256.898] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107d3) returned 0x0
[0256.898] IsAppThemed () returned 0x1
[0256.898] GetThemeAppProperties () returned 0x3
[0256.898] GetThemeAppProperties () returned 0x3
[0256.898] IsAppThemed () returned 0x1
[0256.898] GetThemeAppProperties () returned 0x3
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e132b8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0256.899] IsAppThemed () returned 0x1
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] IsAppThemed () returned 0x1
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] IsAppThemed () returned 0x1
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] IsAppThemed () returned 0x1
[0256.899] GetThemeAppProperties () returned 0x3
[0256.899] GetThemeAppProperties () returned 0x3
[0256.900] IsThemePartDefined () returned 0x1
[0256.900] IsAppThemed () returned 0x1
[0256.900] GetThemeAppProperties () returned 0x3
[0256.900] GetThemeAppProperties () returned 0x3
[0256.900] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0256.900] IsAppThemed () returned 0x1
[0256.900] GetThemeAppProperties () returned 0x3
[0256.900] GetThemeAppProperties () returned 0x3
[0256.900] IsAppThemed () returned 0x1
[0256.900] GetThemeAppProperties () returned 0x3
[0256.900] GetThemeAppProperties () returned 0x3
[0256.900] IsThemePartDefined () returned 0x1
[0256.900] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0256.900] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0256.900] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0256.900] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0256.900] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e514) returned 0x0
[0256.900] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0256.900] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0256.900] LocalFree (hMem=0x11eecc8) returned 0x0
[0256.901] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0256.901] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0256.901] LocalFree (hMem=0x11ee9f0) returned 0x0
[0256.901] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0256.901] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0256.901] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0256.901] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0256.901] GdipDeleteRegion (region=0x6646298) returned 0x0
[0256.901] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0256.901] GetCurrentObject (hdc=0xf50107d3, type=0x1) returned 0xb00017
[0256.901] GetCurrentObject (hdc=0xf50107d3, type=0x2) returned 0x900010
[0256.901] GetCurrentObject (hdc=0xf50107d3, type=0x7) returned 0x4a0507fe
[0256.901] GetCurrentObject (hdc=0xf50107d3, type=0x6) returned 0x8a01c2
[0256.901] SaveDC (hdc=0xf50107d3) returned 1
[0256.901] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb20407de
[0256.902] GetClipRgn (hdc=0xf50107d3, hrgn=0xb20407de) returned 0
[0256.902] SelectClipRgn (hdc=0xf50107d3, hrgn=0x1a040807) returned 2
[0256.902] DeleteObject (ho=0xb20407de) returned 1
[0256.902] DeleteObject (ho=0x1a040807) returned 1
[0256.902] OffsetViewportOrgEx (in: hdc=0xf50107d3, x=0, y=0, lppt=0x2e13968 | out: lppt=0x2e13968) returned 1
[0256.902] DrawThemeParentBackground () returned 0x0
[0256.902] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0256.902] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0256.902] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0256.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0256.902] GetSystemMetrics (nIndex=42) returned 0
[0256.902] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0256.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0256.902] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0256.903] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0256.903] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0256.903] SelectPalette (hdc=0xf50107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0256.903] GdipCreateFromHDC (hdc=0xf50107d3, graphics=0xd7dff0) returned 0x0
[0256.903] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0256.903] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0256.903] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638c38) returned 0x0
[0256.903] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dfc8) returned 0x0
[0256.903] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0256.904] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0256.904] GdipGetClip (graphics=0x66376f8, region=0x6646c28) returned 0x0
[0256.904] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x66376f8, result=0xd7dfbc) returned 0x0
[0256.904] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0256.904] GdipSaveGraphics (graphics=0x66376f8, state=0xd7dfe8) returned 0x0
[0256.904] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0256.911] GdipFillRectangleI (graphics=0x66376f8, brush=0x6652a78, x=0, y=0, width=801, height=453) returned 0x0
[0256.911] GdipDeleteBrush (brush=0x6652a78) returned 0x0
[0256.912] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0256.913] SelectPalette (hdc=0xf50107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0256.913] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0256.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0256.913] GetSystemMetrics (nIndex=42) returned 0
[0256.913] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0256.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0256.913] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0256.913] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0256.913] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0256.913] SelectPalette (hdc=0xf50107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0256.913] GdipCreateFromHDC (hdc=0xf50107d3, graphics=0xd7df90) returned 0x0
[0256.913] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0256.913] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0256.913] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638c68) returned 0x0
[0256.913] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0256.913] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0256.913] GdipCreateRegion (region=0xd7df50) returned 0x0
[0256.914] GdipGetClip (graphics=0x66376f8, region=0x6646c28) returned 0x0
[0256.914] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x66376f8, result=0xd7df5c) returned 0x0
[0256.914] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0256.914] GdipSaveGraphics (graphics=0x66376f8, state=0xd7df88) returned 0x0
[0256.914] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0256.919] GdipFillRectangleI (graphics=0x66376f8, brush=0x6653438, x=0, y=0, width=801, height=453) returned 0x0
[0256.919] GdipDeleteBrush (brush=0x6653438) returned 0x0
[0256.921] GdipRestoreGraphics (graphics=0x66376f8, state=0xf7f00dbd) returned 0x0
[0256.921] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0256.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0256.921] GetSystemMetrics (nIndex=42) returned 0
[0256.921] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0256.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0256.921] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0256.921] SelectPalette (hdc=0xf50107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0256.921] RestoreDC (hdc=0xf50107d3, nSavedDC=-1) returned 1
[0256.921] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107d3) returned 0x0
[0256.921] IsAppThemed () returned 0x1
[0256.921] GetThemeAppProperties () returned 0x3
[0256.921] GetThemeAppProperties () returned 0x3
[0256.921] IsAppThemed () returned 0x1
[0256.922] GetThemeAppProperties () returned 0x3
[0256.922] GetThemeAppProperties () returned 0x3
[0256.922] IsThemePartDefined () returned 0x1
[0256.922] GdipCreateRegion (region=0xd7e480) returned 0x0
[0256.922] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0256.922] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0256.922] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0256.922] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e498) returned 0x0
[0256.922] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0256.922] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0256.922] LocalFree (hMem=0x11eec58) returned 0x0
[0256.922] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0256.922] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0256.922] LocalFree (hMem=0x11ee788) returned 0x0
[0256.922] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0256.922] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0256.922] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0256.922] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0256.922] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0256.922] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0256.922] GetCurrentObject (hdc=0xf50107d3, type=0x1) returned 0xb00017
[0256.922] GetCurrentObject (hdc=0xf50107d3, type=0x2) returned 0x900010
[0256.922] GetCurrentObject (hdc=0xf50107d3, type=0x7) returned 0x4a0507fe
[0256.922] GetCurrentObject (hdc=0xf50107d3, type=0x6) returned 0x8a01c2
[0256.923] SaveDC (hdc=0xf50107d3) returned 1
[0256.923] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1b040807
[0256.923] GetClipRgn (hdc=0xf50107d3, hrgn=0x1b040807) returned 0
[0256.923] SelectClipRgn (hdc=0xf50107d3, hrgn=0xb40407de) returned 2
[0256.923] DeleteObject (ho=0x1b040807) returned 1
[0256.923] DeleteObject (ho=0xb40407de) returned 1
[0256.923] OffsetViewportOrgEx (in: hdc=0xf50107d3, x=0, y=0, lppt=0x2e1a1b8 | out: lppt=0x2e1a1b8) returned 1
[0256.923] IsAppThemed () returned 0x1
[0256.923] GetThemeAppProperties () returned 0x3
[0256.923] GetThemeAppProperties () returned 0x3
[0256.923] DrawThemeBackground () returned 0x0
[0256.923] RestoreDC (hdc=0xf50107d3, nSavedDC=-1) returned 1
[0256.923] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107d3) returned 0x0
[0256.923] GdipCreateRegion (region=0xd7e484) returned 0x0
[0256.923] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0256.923] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0256.923] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0256.923] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e49c) returned 0x0
[0256.923] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0256.923] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0256.924] LocalFree (hMem=0x11ee868) returned 0x0
[0256.924] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0256.924] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0256.924] LocalFree (hMem=0x11eecc8) returned 0x0
[0256.924] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0256.924] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0256.924] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0256.924] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0256.924] GdipDeleteRegion (region=0x6646568) returned 0x0
[0256.924] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0256.924] GetCurrentObject (hdc=0xf50107d3, type=0x1) returned 0xb00017
[0256.924] GetCurrentObject (hdc=0xf50107d3, type=0x2) returned 0x900010
[0256.924] GetCurrentObject (hdc=0xf50107d3, type=0x7) returned 0x4a0507fe
[0256.924] GetCurrentObject (hdc=0xf50107d3, type=0x6) returned 0x8a01c2
[0256.924] SaveDC (hdc=0xf50107d3) returned 1
[0256.924] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb50407de
[0256.924] GetClipRgn (hdc=0xf50107d3, hrgn=0xb50407de) returned 0
[0256.924] SelectClipRgn (hdc=0xf50107d3, hrgn=0x1c040807) returned 2
[0256.924] DeleteObject (ho=0xb50407de) returned 1
[0256.925] DeleteObject (ho=0x1c040807) returned 1
[0256.925] OffsetViewportOrgEx (in: hdc=0xf50107d3, x=0, y=0, lppt=0x2e1a48c | out: lppt=0x2e1a48c) returned 1
[0256.925] IsAppThemed () returned 0x1
[0256.925] GetThemeAppProperties () returned 0x3
[0256.925] GetThemeAppProperties () returned 0x3
[0256.925] GetThemeBackgroundContentRect () returned 0x0
[0256.925] RestoreDC (hdc=0xf50107d3, nSavedDC=-1) returned 1
[0256.925] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107d3) returned 0x0
[0256.925] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0256.925] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0256.925] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0256.925] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0256.925] IsAppThemed () returned 0x1
[0256.925] GetThemeAppProperties () returned 0x3
[0256.925] GetThemeAppProperties () returned 0x3
[0256.925] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0256.925] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0256.925] GetCurrentObject (hdc=0xf50107d3, type=0x1) returned 0xb00017
[0256.925] GetCurrentObject (hdc=0xf50107d3, type=0x2) returned 0x900010
[0256.925] GetCurrentObject (hdc=0xf50107d3, type=0x7) returned 0x4a0507fe
[0256.925] GetCurrentObject (hdc=0xf50107d3, type=0x6) returned 0x8a01c2
[0256.925] SaveDC (hdc=0xf50107d3) returned 1
[0256.926] GetTextAlign (hdc=0xf50107d3) returned 0x0
[0256.926] GetTextColor (hdc=0xf50107d3) returned 0x0
[0256.926] GetCurrentObject (hdc=0xf50107d3, type=0x6) returned 0x8a01c2
[0256.926] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0256.926] SelectObject (hdc=0xf50107d3, h=0x6d0a0520) returned 0x8a01c2
[0256.926] GetBkMode (hdc=0xf50107d3) returned 2
[0256.926] SetBkMode (hdc=0xf50107d3, mode=1) returned 2
[0256.926] DrawTextExW (in: hdc=0xf50107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e1a850 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0256.926] DrawTextExW (in: hdc=0xf50107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e1a850 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0256.927] RestoreDC (hdc=0xf50107d3, nSavedDC=-1) returned 1
[0256.927] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107d3) returned 0x0
[0256.927] GetFocus () returned 0x602c4
[0256.927] IsAppThemed () returned 0x1
[0256.927] GetThemeAppProperties () returned 0x3
[0256.927] GetThemeAppProperties () returned 0x3
[0256.927] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0256.927] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xf50107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0256.927] GdipReleaseDC (graphics=0x6600030, hdc=0xf50107d3) returned 0x0
[0256.927] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0256.927] SelectObject (hdc=0xf50107d3, h=0x85000f) returned 0x4a0507fe
[0256.927] DeleteDC (hdc=0xf50107d3) returned 1
[0256.928] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0256.928] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0256.928] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0256.928] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0256.928] WaitMessage () returned 1
[0256.997] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.997] IsWindowUnicode (hWnd=0x602c4) returned 1
[0256.997] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.997] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0256.997] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0256.997] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.998] IsWindowUnicode (hWnd=0x602c4) returned 1
[0256.998] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0256.998] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0256.998] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0256.998] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x90027) returned 0x0
[0256.998] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0256.998] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0256.998] WaitMessage () returned 1
[0257.127] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.127] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2700102) returned 0x1
[0257.127] IsWindowUnicode (hWnd=0x602c4) returned 1
[0257.127] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.127] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2700102) returned 0x1
[0257.128] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0257.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19b0044) returned 0x0
[0257.128] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0257.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0257.128] SetCursor (hCursor=0x10003) returned 0x10003
[0257.128] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.128] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.128] GetKeyState (nVirtKey=1) returned -128
[0257.128] GetKeyState (nVirtKey=2) returned 0
[0257.128] GetKeyState (nVirtKey=4) returned 0
[0257.128] GetKeyState (nVirtKey=5) returned 0
[0257.128] GetKeyState (nVirtKey=6) returned 0
[0257.128] IsWindowVisible (hWnd=0x602c4) returned 1
[0257.128] IsWindowEnabled (hWnd=0x602c4) returned 1
[0257.128] SetFocus (hWnd=0x602c4) returned 0x602c4
[0257.128] GetFocus () returned 0x602c4
[0257.128] GetFocus () returned 0x602c4
[0257.128] GetFocus () returned 0x602c4
[0257.129] GetKeyState (nVirtKey=1) returned -128
[0257.129] GetKeyState (nVirtKey=2) returned 0
[0257.129] GetKeyState (nVirtKey=4) returned 0
[0257.129] GetKeyState (nVirtKey=5) returned 0
[0257.129] GetKeyState (nVirtKey=6) returned 0
[0257.129] GetCapture () returned 0x0
[0257.129] SetCapture (hWnd=0x602c4) returned 0x0
[0257.129] GetKeyState (nVirtKey=1) returned -128
[0257.129] GetKeyState (nVirtKey=2) returned 0
[0257.129] GetKeyState (nVirtKey=4) returned 0
[0257.129] GetKeyState (nVirtKey=5) returned 0
[0257.129] GetKeyState (nVirtKey=6) returned 0
[0257.129] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0257.129] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0257.129] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.129] IsWindowUnicode (hWnd=0x602c4) returned 1
[0257.129] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.129] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.129] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.129] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e1a9d4, cPoints=0x1 | out: lpPoints=0x2e1a9d4) returned 40304859
[0257.129] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0257.129] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0257.129] UpdateWindow (hWnd=0x602c4) returned 1
[0257.129] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0257.130] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.130] CreateCompatibleDC (hdc=0x107b9) returned 0xf60107d3
[0257.130] SelectObject (hdc=0xf60107d3, h=0x4a0507fe) returned 0x85000f
[0257.130] GdipCreateFromHDC (hdc=0xf60107d3, graphics=0xd7e430) returned 0x0
[0257.130] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.130] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0257.130] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0257.130] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0257.130] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e490) returned 0x0
[0257.130] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0257.130] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0257.130] LocalFree (hMem=0x11ee788) returned 0x0
[0257.130] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0257.130] GdipCreateRegion (region=0xd7e478) returned 0x0
[0257.130] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0257.130] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e484) returned 0x0
[0257.131] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0257.131] GdipRestoreGraphics (graphics=0x6600030, state=0xf7ee0dbd) returned 0x0
[0257.131] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0257.131] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0257.131] GetCurrentObject (hdc=0xf60107d3, type=0x1) returned 0xb00017
[0257.131] GetCurrentObject (hdc=0xf60107d3, type=0x2) returned 0x900010
[0257.131] GetCurrentObject (hdc=0xf60107d3, type=0x7) returned 0x4a0507fe
[0257.131] GetCurrentObject (hdc=0xf60107d3, type=0x6) returned 0x8a01c2
[0257.131] SaveDC (hdc=0xf60107d3) returned 1
[0257.131] GetNearestColor (hdc=0xf60107d3, color=0xff) returned 0xff
[0257.131] GetNearestColor (hdc=0xf60107d3, color=0x55) returned 0x55
[0257.131] GetNearestColor (hdc=0xf60107d3, color=0x0) returned 0x0
[0257.131] GetNearestColor (hdc=0xf60107d3, color=0x55) returned 0x55
[0257.131] GetNearestColor (hdc=0xf60107d3, color=0x0) returned 0x0
[0257.131] GetNearestColor (hdc=0xf60107d3, color=0x8080ff) returned 0x8080ff
[0257.131] GetNearestColor (hdc=0xf60107d3, color=0x7373e5) returned 0x7373e5
[0257.132] GetNearestColor (hdc=0xf60107d3, color=0xe5) returned 0xe5
[0257.132] GetNearestColor (hdc=0xf60107d3, color=0x0) returned 0x0
[0257.132] RestoreDC (hdc=0xf60107d3, nSavedDC=-1) returned 1
[0257.132] GdipReleaseDC (graphics=0x6600030, hdc=0xf60107d3) returned 0x0
[0257.132] IsAppThemed () returned 0x1
[0257.132] GetThemeAppProperties () returned 0x3
[0257.132] GetThemeAppProperties () returned 0x3
[0257.132] IsAppThemed () returned 0x1
[0257.132] GetThemeAppProperties () returned 0x3
[0257.132] GetThemeAppProperties () returned 0x3
[0257.132] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e1b0f0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0257.132] IsAppThemed () returned 0x1
[0257.132] GetThemeAppProperties () returned 0x3
[0257.132] GetThemeAppProperties () returned 0x3
[0257.133] IsAppThemed () returned 0x1
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] IsAppThemed () returned 0x1
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] IsAppThemed () returned 0x1
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] IsThemePartDefined () returned 0x1
[0257.133] IsAppThemed () returned 0x1
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0257.133] IsAppThemed () returned 0x1
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] IsAppThemed () returned 0x1
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] GetThemeAppProperties () returned 0x3
[0257.133] IsThemePartDefined () returned 0x1
[0257.133] GdipCreateRegion (region=0xd7e194) returned 0x0
[0257.133] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0257.133] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0257.133] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0257.133] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e1ac) returned 0x0
[0257.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0257.134] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0257.134] LocalFree (hMem=0x11ee788) returned 0x0
[0257.134] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.134] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0257.134] LocalFree (hMem=0x11eec58) returned 0x0
[0257.134] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0257.134] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0257.134] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0257.134] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0257.134] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0257.134] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0257.134] GetCurrentObject (hdc=0xf60107d3, type=0x1) returned 0xb00017
[0257.134] GetCurrentObject (hdc=0xf60107d3, type=0x2) returned 0x900010
[0257.134] GetCurrentObject (hdc=0xf60107d3, type=0x7) returned 0x4a0507fe
[0257.134] GetCurrentObject (hdc=0xf60107d3, type=0x6) returned 0x8a01c2
[0257.134] SaveDC (hdc=0xf60107d3) returned 1
[0257.134] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1d040807
[0257.134] GetClipRgn (hdc=0xf60107d3, hrgn=0x1d040807) returned 0
[0257.134] SelectClipRgn (hdc=0xf60107d3, hrgn=0xb90407de) returned 2
[0257.134] DeleteObject (ho=0x1d040807) returned 1
[0257.134] DeleteObject (ho=0xb90407de) returned 1
[0257.135] OffsetViewportOrgEx (in: hdc=0xf60107d3, x=0, y=0, lppt=0x2e1b7a0 | out: lppt=0x2e1b7a0) returned 1
[0257.135] DrawThemeParentBackground () returned 0x0
[0257.135] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0257.135] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0257.135] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.135] GetSystemMetrics (nIndex=42) returned 0
[0257.135] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0257.135] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0257.135] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0257.135] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0257.135] SelectPalette (hdc=0xf60107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.135] GdipCreateFromHDC (hdc=0xf60107d3, graphics=0xd7dc88) returned 0x0
[0257.135] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0257.136] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0257.136] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638b78) returned 0x0
[0257.136] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc60) returned 0x0
[0257.136] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0257.136] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0257.136] GdipGetClip (graphics=0x66376f8, region=0x6646568) returned 0x0
[0257.136] GdipIsInfiniteRegion (region=0x6646568, graphics=0x66376f8, result=0xd7dc54) returned 0x0
[0257.136] GdipDeleteRegion (region=0x6646568) returned 0x0
[0257.136] GdipSaveGraphics (graphics=0x66376f8, state=0xd7dc80) returned 0x0
[0257.136] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0257.142] GdipFillRectangleI (graphics=0x66376f8, brush=0x66537e0, x=0, y=0, width=801, height=453) returned 0x0
[0257.142] GdipDeleteBrush (brush=0x66537e0) returned 0x0
[0257.143] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0257.143] SelectPalette (hdc=0xf60107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.143] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.143] GetSystemMetrics (nIndex=42) returned 0
[0257.143] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0257.143] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0257.143] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0257.143] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0257.143] SelectPalette (hdc=0xf60107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.144] GdipCreateFromHDC (hdc=0xf60107d3, graphics=0xd7dc28) returned 0x0
[0257.144] GdipSetPageUnit (graphics=0x66376f8, unit=0x2) returned 0x0
[0257.144] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0257.144] GdipGetWorldTransform (graphics=0x66376f8, matrix=0x6638c08) returned 0x0
[0257.144] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0257.144] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0257.144] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0257.144] GdipGetClip (graphics=0x66376f8, region=0x6646298) returned 0x0
[0257.144] GdipIsInfiniteRegion (region=0x6646298, graphics=0x66376f8, result=0xd7dbf4) returned 0x0
[0257.144] GdipDeleteRegion (region=0x6646298) returned 0x0
[0257.144] GdipSaveGraphics (graphics=0x66376f8, state=0xd7dc20) returned 0x0
[0257.144] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0257.150] GdipFillRectangleI (graphics=0x66376f8, brush=0x6652bb0, x=0, y=0, width=801, height=453) returned 0x0
[0257.150] GdipDeleteBrush (brush=0x6652bb0) returned 0x0
[0257.151] GdipRestoreGraphics (graphics=0x66376f8, state=0xf7ea0dbd) returned 0x0
[0257.151] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.151] GetSystemMetrics (nIndex=42) returned 0
[0257.151] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0257.151] GdipDeleteGraphics (graphics=0x66376f8) returned 0x0
[0257.151] SelectPalette (hdc=0xf60107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.151] RestoreDC (hdc=0xf60107d3, nSavedDC=-1) returned 1
[0257.152] GdipReleaseDC (graphics=0x6600030, hdc=0xf60107d3) returned 0x0
[0257.152] IsAppThemed () returned 0x1
[0257.152] GetThemeAppProperties () returned 0x3
[0257.152] GetThemeAppProperties () returned 0x3
[0257.152] IsAppThemed () returned 0x1
[0257.152] GetThemeAppProperties () returned 0x3
[0257.152] GetThemeAppProperties () returned 0x3
[0257.152] IsThemePartDefined () returned 0x1
[0257.152] GdipCreateRegion (region=0xd7e118) returned 0x0
[0257.152] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0257.152] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0257.152] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0257.152] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e130) returned 0x0
[0257.152] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0257.152] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0257.152] LocalFree (hMem=0x11eed00) returned 0x0
[0257.152] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.152] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0257.152] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.152] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0257.152] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e158) returned 0x0
[0257.152] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e148) returned 0x0
[0257.153] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0257.153] GdipDeleteRegion (region=0x6646298) returned 0x0
[0257.153] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0257.153] GetCurrentObject (hdc=0xf60107d3, type=0x1) returned 0xb00017
[0257.153] GetCurrentObject (hdc=0xf60107d3, type=0x2) returned 0x900010
[0257.153] GetCurrentObject (hdc=0xf60107d3, type=0x7) returned 0x4a0507fe
[0257.153] GetCurrentObject (hdc=0xf60107d3, type=0x6) returned 0x8a01c2
[0257.153] SaveDC (hdc=0xf60107d3) returned 1
[0257.153] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xba0407de
[0257.153] GetClipRgn (hdc=0xf60107d3, hrgn=0xba0407de) returned 0
[0257.153] SelectClipRgn (hdc=0xf60107d3, hrgn=0x1f040807) returned 2
[0257.153] DeleteObject (ho=0xba0407de) returned 1
[0257.153] DeleteObject (ho=0x1f040807) returned 1
[0257.154] OffsetViewportOrgEx (in: hdc=0xf60107d3, x=0, y=0, lppt=0x2e21ff0 | out: lppt=0x2e21ff0) returned 1
[0257.154] IsAppThemed () returned 0x1
[0257.154] GetThemeAppProperties () returned 0x3
[0257.154] GetThemeAppProperties () returned 0x3
[0257.154] DrawThemeBackground () returned 0x0
[0257.154] RestoreDC (hdc=0xf60107d3, nSavedDC=-1) returned 1
[0257.154] GdipReleaseDC (graphics=0x6600030, hdc=0xf60107d3) returned 0x0
[0257.154] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0257.154] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0257.154] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0257.154] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0257.154] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e134) returned 0x0
[0257.154] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.154] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0257.154] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.154] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0257.154] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0257.154] LocalFree (hMem=0x11ee788) returned 0x0
[0257.154] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0257.154] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0257.154] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0257.154] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0257.155] GdipDeleteRegion (region=0x6646568) returned 0x0
[0257.155] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0257.155] GetCurrentObject (hdc=0xf60107d3, type=0x1) returned 0xb00017
[0257.155] GetCurrentObject (hdc=0xf60107d3, type=0x2) returned 0x900010
[0257.155] GetCurrentObject (hdc=0xf60107d3, type=0x7) returned 0x4a0507fe
[0257.155] GetCurrentObject (hdc=0xf60107d3, type=0x6) returned 0x8a01c2
[0257.155] SaveDC (hdc=0xf60107d3) returned 1
[0257.155] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x20040807
[0257.155] GetClipRgn (hdc=0xf60107d3, hrgn=0x20040807) returned 0
[0257.155] SelectClipRgn (hdc=0xf60107d3, hrgn=0xbb0407de) returned 2
[0257.155] DeleteObject (ho=0x20040807) returned 1
[0257.155] DeleteObject (ho=0xbb0407de) returned 1
[0257.155] OffsetViewportOrgEx (in: hdc=0xf60107d3, x=0, y=0, lppt=0x2e222c4 | out: lppt=0x2e222c4) returned 1
[0257.155] IsAppThemed () returned 0x1
[0257.155] GetThemeAppProperties () returned 0x3
[0257.155] GetThemeAppProperties () returned 0x3
[0257.155] GetThemeBackgroundContentRect () returned 0x0
[0257.155] RestoreDC (hdc=0xf60107d3, nSavedDC=-1) returned 1
[0257.156] GdipReleaseDC (graphics=0x6600030, hdc=0xf60107d3) returned 0x0
[0257.156] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0257.156] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0257.156] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0257.156] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0257.156] IsAppThemed () returned 0x1
[0257.156] GetThemeAppProperties () returned 0x3
[0257.156] GetThemeAppProperties () returned 0x3
[0257.156] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0257.156] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0257.156] GetCurrentObject (hdc=0xf60107d3, type=0x1) returned 0xb00017
[0257.156] GetCurrentObject (hdc=0xf60107d3, type=0x2) returned 0x900010
[0257.156] GetCurrentObject (hdc=0xf60107d3, type=0x7) returned 0x4a0507fe
[0257.156] GetCurrentObject (hdc=0xf60107d3, type=0x6) returned 0x8a01c2
[0257.156] SaveDC (hdc=0xf60107d3) returned 1
[0257.156] GetTextAlign (hdc=0xf60107d3) returned 0x0
[0257.156] GetTextColor (hdc=0xf60107d3) returned 0x0
[0257.157] GetCurrentObject (hdc=0xf60107d3, type=0x6) returned 0x8a01c2
[0257.157] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0257.157] SelectObject (hdc=0xf60107d3, h=0x6d0a0520) returned 0x8a01c2
[0257.157] GetBkMode (hdc=0xf60107d3) returned 2
[0257.157] SetBkMode (hdc=0xf60107d3, mode=1) returned 2
[0257.157] DrawTextExW (in: hdc=0xf60107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e22688 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0257.157] DrawTextExW (in: hdc=0xf60107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e22688 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0257.158] RestoreDC (hdc=0xf60107d3, nSavedDC=-1) returned 1
[0257.158] GdipReleaseDC (graphics=0x6600030, hdc=0xf60107d3) returned 0x0
[0257.158] GetFocus () returned 0x602c4
[0257.158] IsAppThemed () returned 0x1
[0257.158] GetThemeAppProperties () returned 0x3
[0257.158] GetThemeAppProperties () returned 0x3
[0257.158] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0257.158] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xf60107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.159] GdipReleaseDC (graphics=0x6600030, hdc=0xf60107d3) returned 0x0
[0257.159] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.159] SelectObject (hdc=0xf60107d3, h=0x85000f) returned 0x4a0507fe
[0257.159] DeleteDC (hdc=0xf60107d3) returned 1
[0257.159] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.159] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0257.159] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e22784, cPoints=0x1 | out: lpPoints=0x2e22784) returned 40304859
[0257.159] WindowFromPoint (Point=0x102) returned 0x602c4
[0257.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2700102) returned 0x1
[0257.159] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0257.160] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0257.160] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0257.160] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0257.160] GetSystemMetrics (nIndex=42) returned 0
[0257.160] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0257.160] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0257.162] GetCapture () returned 0x602c4
[0257.162] ReleaseCapture () returned 1
[0257.162] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0257.162] GetProcessWindowStation () returned 0x13c
[0257.162] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.163] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0257.163] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.163] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0257.163] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.164] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0257.164] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.164] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0257.164] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.164] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0257.165] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.165] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0257.165] GetDC (hWnd=0x0) returned 0xc0107c5
[0257.165] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0257.165] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0257.165] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.165] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0257.166] GetSystemMetrics (nIndex=5) returned 1
[0257.166] GetSystemMetrics (nIndex=6) returned 1
[0257.166] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.166] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0257.166] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.166] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0257.171] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0257.171] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0257.171] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.171] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0257.171] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.171] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0257.172] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e281a0 | out: lpData=0x2e281a0) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e285b0, puLen=0xd7e810) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28258, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e282ac, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2832c, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28394, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e283d4, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2845c, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28498, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e284f0, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e28520, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2855c, puLen=0xd7e790) returned 1
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e285b0, puLen=0xd7e784) returned 1
[0257.173] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.173] VerQueryValueW (in: pBlock=0x2e281a0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e281c8, puLen=0xd7e794) returned 1
[0257.174] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0257.174] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0257.174] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.174] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0257.174] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.174] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0257.174] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e2a110 | out: lpData=0x2e2a110) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2a1ac, puLen=0xd7e810) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a224, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a254, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a290, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a2c0, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a308, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a380, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a3c4, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a404, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a202, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2a350, puLen=0xd7e790) returned 1
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2a1ac, puLen=0xd7e784) returned 1
[0257.175] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0257.175] VerQueryValueW (in: pBlock=0x2e2a110, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2a138, puLen=0xd7e794) returned 1
[0257.176] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0257.176] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0257.176] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.176] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0257.176] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.176] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0257.177] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e2c3e8 | out: lpData=0x2e2c3e8) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2c7fc, puLen=0xd7e810) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c4a0, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c4f4, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c550, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c5b0, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c608, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c690, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c6e4, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c73c, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c76c, puLen=0xd7e790) returned 1
[0257.177] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.178] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2c7a8, puLen=0xd7e790) returned 1
[0257.178] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.178] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2c7fc, puLen=0xd7e784) returned 1
[0257.178] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.178] VerQueryValueW (in: pBlock=0x2e2c3e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2c410, puLen=0xd7e794) returned 1
[0257.178] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0257.178] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0257.178] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.179] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0257.179] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.179] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0257.180] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e2ea20 | out: lpData=0x2e2ea20) returned 1
[0257.180] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e2ee20, puLen=0xd7e810) returned 1
[0257.180] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ead8, puLen=0xd7e790) returned 1
[0257.180] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2eb2c, puLen=0xd7e790) returned 1
[0257.180] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2eb6c, puLen=0xd7e790) returned 1
[0257.180] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ebd4, puLen=0xd7e790) returned 1
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ec2c, puLen=0xd7e790) returned 1
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ecb4, puLen=0xd7e790) returned 1
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ed08, puLen=0xd7e790) returned 1
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ed60, puLen=0xd7e790) returned 1
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2ed90, puLen=0xd7e790) returned 1
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2edcc, puLen=0xd7e790) returned 1
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e2ee20, puLen=0xd7e784) returned 1
[0257.181] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.181] VerQueryValueW (in: pBlock=0x2e2ea20, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e2ea48, puLen=0xd7e794) returned 1
[0257.182] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0257.182] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0257.182] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.182] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0257.182] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.182] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0257.183] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e3115c | out: lpData=0x2e3115c) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e31524, puLen=0xd7e810) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31214, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31268, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e312a8, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31310, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3134c, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e313d4, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3140c, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31464, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e31494, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e314d0, puLen=0xd7e790) returned 1
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e31524, puLen=0xd7e784) returned 1
[0257.184] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.184] VerQueryValueW (in: pBlock=0x2e3115c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e31184, puLen=0xd7e794) returned 1
[0257.185] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0257.185] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0257.185] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.185] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0257.185] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.185] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0257.186] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e347c4 | out: lpData=0x2e347c4) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e34ba4, puLen=0xd7e810) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3487c, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e348d0, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34910, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34970, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e349bc, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34a44, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34a8c, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34ae4, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34b14, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e34b50, puLen=0xd7e790) returned 1
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e34ba4, puLen=0xd7e784) returned 1
[0257.187] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.187] VerQueryValueW (in: pBlock=0x2e347c4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e347ec, puLen=0xd7e794) returned 1
[0257.188] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0257.188] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0257.188] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.188] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0257.188] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.188] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0257.189] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e36fe4 | out: lpData=0x2e36fe4) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e373f0, puLen=0xd7e810) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3709c, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e370f0, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e37144, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e371a4, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e371fc, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e37284, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e372d8, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e37330, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e37360, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3739c, puLen=0xd7e790) returned 1
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e373f0, puLen=0xd7e784) returned 1
[0257.190] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.190] VerQueryValueW (in: pBlock=0x2e36fe4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3700c, puLen=0xd7e794) returned 1
[0257.191] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0257.191] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0257.191] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.191] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0257.191] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.191] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0257.193] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e397f8 | out: lpData=0x2e397f8) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e39bd0, puLen=0xd7e810) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e398b0, puLen=0xd7e790) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e39904, puLen=0xd7e790) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e39944, puLen=0xd7e790) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e399ac, puLen=0xd7e790) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e399f0, puLen=0xd7e790) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e39a78, puLen=0xd7e790) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e39ab8, puLen=0xd7e790) returned 1
[0257.193] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e39b10, puLen=0xd7e790) returned 1
[0257.194] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e39b40, puLen=0xd7e790) returned 1
[0257.194] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.194] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e39b7c, puLen=0xd7e790) returned 1
[0257.194] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.194] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e39bd0, puLen=0xd7e784) returned 1
[0257.194] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.194] VerQueryValueW (in: pBlock=0x2e397f8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e39820, puLen=0xd7e794) returned 1
[0257.194] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0257.195] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0257.195] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.195] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0257.195] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.195] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0257.196] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e3bd50 | out: lpData=0x2e3bd50) returned 1
[0257.196] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3c128, puLen=0xd7e810) returned 1
[0257.196] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3be08, puLen=0xd7e790) returned 1
[0257.196] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3be5c, puLen=0xd7e790) returned 1
[0257.196] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3be9c, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bf04, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bf48, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bfd0, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3c010, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3c068, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3c098, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3c0d4, puLen=0xd7e790) returned 1
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3c128, puLen=0xd7e784) returned 1
[0257.197] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.197] VerQueryValueW (in: pBlock=0x2e3bd50, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3bd78, puLen=0xd7e794) returned 1
[0257.198] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0257.198] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0257.198] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0257.198] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0257.198] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0257.198] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0257.199] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e3e488 | out: lpData=0x2e3e488) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3e8b8, puLen=0xd7e810) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e540, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e594, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e604, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e664, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e6c0, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e748, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e7a0, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e7f8, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e828, puLen=0xd7e790) returned 1
[0257.199] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.200] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3e864, puLen=0xd7e790) returned 1
[0257.200] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0257.200] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3e8b8, puLen=0xd7e784) returned 1
[0257.200] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0257.200] VerQueryValueW (in: pBlock=0x2e3e488, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3e4b0, puLen=0xd7e794) returned 1
[0257.202] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0257.203] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.203] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0257.203] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.203] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.203] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2602de
[0257.204] SetWindowLongW (hWnd=0x2602de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0257.204] GetWindowLongW (hWnd=0x2602de, nIndex=-4) returned 1950089536
[0257.204] SetWindowLongW (hWnd=0x2602de, nIndex=-4, dwNewLong=19950294) returned 1950089536
[0257.204] GetWindowLongW (hWnd=0x2602de, nIndex=-4) returned 19950294
[0257.204] GetWindowLongW (hWnd=0x2602de, nIndex=-16) returned 113311744
[0257.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0257.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0257.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0257.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0257.206] GetClientRect (in: hWnd=0x2602de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0257.206] GetWindowRect (in: hWnd=0x2602de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0257.206] SetWindowTextW (hWnd=0x2602de, lpString="WindowsFormsParkingWindow") returned 1
[0257.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0xc, wParam=0x0, lParam=0x2e03aa4) returned 0x1
[0257.206] GetParent (hWnd=0x2602de) returned 0x0
[0257.207] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.207] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2602de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1b02d0
[0257.207] SetWindowLongW (hWnd=0x1b02d0, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0257.207] GetWindowLongW (hWnd=0x1b02d0, nIndex=-4) returned 1868147648
[0257.207] SetWindowLongW (hWnd=0x1b02d0, nIndex=-4, dwNewLong=19950334) returned 1868147648
[0257.207] GetWindowLongW (hWnd=0x1b02d0, nIndex=-4) returned 19950334
[0257.207] GetWindowLongW (hWnd=0x1b02d0, nIndex=-16) returned 1174405133
[0257.207] GetWindowLongW (hWnd=0x1b02d0, nIndex=-12) returned 0
[0257.207] SetWindowLongW (hWnd=0x1b02d0, nIndex=-12, dwNewLong=1770192) returned 0
[0257.207] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0257.208] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0257.208] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0257.209] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0257.209] GetWindowRect (in: hWnd=0x1b02d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0257.209] GetParent (hWnd=0x1b02d0) returned 0x2602de
[0257.209] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602de, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0257.209] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0257.209] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0257.209] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0257.209] GetWindowRect (in: hWnd=0x1b02d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0257.209] GetParent (hWnd=0x1b02d0) returned 0x2602de
[0257.210] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602de, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0257.210] SendMessageW (hWnd=0x1b02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1b02d0) returned 0x0
[0257.210] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1b02d0) returned 0x0
[0257.210] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.210] GetParent (hWnd=0x1b02d0) returned 0x2602de
[0257.210] GdipCreateFromHWND (hwnd=0x1b02d0, graphics=0xd7e844) returned 0x0
[0257.210] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0257.211] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.211] GetForegroundWindow () returned 0x7005c
[0257.211] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.211] GetSystemMetrics (nIndex=42) returned 0
[0257.211] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0257.211] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.211] GetSystemMetrics (nIndex=42) returned 0
[0257.211] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.211] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0257.212] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.212] GetCursorPos (in: lpPoint=0x2e4290c | out: lpPoint=0x2e4290c*(x=258, y=624)) returned 1
[0257.212] MonitorFromPoint (pt=0x102, dwFlags=0x270) returned 0x10001
[0257.212] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0257.212] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf90107d3
[0257.212] GetDeviceCaps (hdc=0xf90107d3, index=12) returned 32
[0257.212] GetDeviceCaps (hdc=0xf90107d3, index=14) returned 1
[0257.212] DeleteDC (hdc=0xf90107d3) returned 1
[0257.212] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0257.212] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0257.212] GetSystemMetrics (nIndex=59) returned 1460
[0257.212] GetSystemMetrics (nIndex=60) returned 920
[0257.212] GetSystemMetrics (nIndex=34) returned 136
[0257.213] GetSystemMetrics (nIndex=35) returned 39
[0257.213] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.213] GetCursorPos (in: lpPoint=0x2e42b78 | out: lpPoint=0x2e42b78*(x=258, y=624)) returned 1
[0257.213] MonitorFromPoint (pt=0x102, dwFlags=0x270) returned 0x10001
[0257.213] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0257.213] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfa0107d3
[0257.213] GetDeviceCaps (hdc=0xfa0107d3, index=12) returned 32
[0257.213] GetDeviceCaps (hdc=0xfa0107d3, index=14) returned 1
[0257.213] DeleteDC (hdc=0xfa0107d3) returned 1
[0257.213] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0257.213] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0257.214] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.214] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0257.214] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e42e10 | out: piconinfo=0x2e42e10) returned 1
[0257.214] GetObjectW (in: h=0x270507ef, c=24, pv=0x2e42e2c | out: pv=0x2e42e2c) returned 24
[0257.214] GdipCreateBitmapFromHBITMAP (hbm=0x270507ef, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0257.214] GdipGetImageWidth (image=0x6650e88, width=0xd7e750) returned 0x0
[0257.214] GdipGetImageHeight (image=0x6650e88, height=0xd7e748) returned 0x0
[0257.214] GdipGetImagePixelFormat (image=0x6650e88, format=0xd7e740) returned 0x0
[0257.215] GdipBitmapLockBits (bitmap=0x6650e88, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e42ee4) returned 0x0
[0257.215] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0257.215] GdipBitmapLockBits (bitmap=0x664fad8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e42f1c) returned 0x0
[0257.215] RtlMoveMemory (in: Destination=0x6665f80, Source=0x6665ef8, Length=0x80 | out: Destination=0x6665f80)
[0257.215] RtlMoveMemory (in: Destination=0x6666000, Source=0x6665e78, Length=0x80 | out: Destination=0x6666000)
[0257.215] RtlMoveMemory (in: Destination=0x6666080, Source=0x6665df8, Length=0x80 | out: Destination=0x6666080)
[0257.215] RtlMoveMemory (in: Destination=0x6666100, Source=0x6665d78, Length=0x80 | out: Destination=0x6666100)
[0257.215] RtlMoveMemory (in: Destination=0x6666180, Source=0x6665cf8, Length=0x80 | out: Destination=0x6666180)
[0257.215] RtlMoveMemory (in: Destination=0x6666200, Source=0x6665c78, Length=0x80 | out: Destination=0x6666200)
[0257.215] RtlMoveMemory (in: Destination=0x6666280, Source=0x6665bf8, Length=0x80 | out: Destination=0x6666280)
[0257.215] RtlMoveMemory (in: Destination=0x6666300, Source=0x6665b78, Length=0x80 | out: Destination=0x6666300)
[0257.215] RtlMoveMemory (in: Destination=0x6666380, Source=0x6665af8, Length=0x80 | out: Destination=0x6666380)
[0257.215] RtlMoveMemory (in: Destination=0x6666400, Source=0x6665a78, Length=0x80 | out: Destination=0x6666400)
[0257.215] RtlMoveMemory (in: Destination=0x6666480, Source=0x66659f8, Length=0x80 | out: Destination=0x6666480)
[0257.215] RtlMoveMemory (in: Destination=0x6666500, Source=0x6665978, Length=0x80 | out: Destination=0x6666500)
[0257.215] RtlMoveMemory (in: Destination=0x6666580, Source=0x66658f8, Length=0x80 | out: Destination=0x6666580)
[0257.215] RtlMoveMemory (in: Destination=0x6666600, Source=0x6665878, Length=0x80 | out: Destination=0x6666600)
[0257.215] RtlMoveMemory (in: Destination=0x6666680, Source=0x66657f8, Length=0x80 | out: Destination=0x6666680)
[0257.215] RtlMoveMemory (in: Destination=0x6666700, Source=0x6665778, Length=0x80 | out: Destination=0x6666700)
[0257.215] RtlMoveMemory (in: Destination=0x6666780, Source=0x66656f8, Length=0x80 | out: Destination=0x6666780)
[0257.215] RtlMoveMemory (in: Destination=0x6666800, Source=0x6665678, Length=0x80 | out: Destination=0x6666800)
[0257.215] RtlMoveMemory (in: Destination=0x6666880, Source=0x66655f8, Length=0x80 | out: Destination=0x6666880)
[0257.216] RtlMoveMemory (in: Destination=0x6666900, Source=0x6665578, Length=0x80 | out: Destination=0x6666900)
[0257.216] RtlMoveMemory (in: Destination=0x6666980, Source=0x66654f8, Length=0x80 | out: Destination=0x6666980)
[0257.216] RtlMoveMemory (in: Destination=0x6666a00, Source=0x6665478, Length=0x80 | out: Destination=0x6666a00)
[0257.216] RtlMoveMemory (in: Destination=0x6666a80, Source=0x66653f8, Length=0x80 | out: Destination=0x6666a80)
[0257.216] RtlMoveMemory (in: Destination=0x6666b00, Source=0x6665378, Length=0x80 | out: Destination=0x6666b00)
[0257.216] RtlMoveMemory (in: Destination=0x6666b80, Source=0x66652f8, Length=0x80 | out: Destination=0x6666b80)
[0257.216] RtlMoveMemory (in: Destination=0x6666c00, Source=0x6665278, Length=0x80 | out: Destination=0x6666c00)
[0257.216] RtlMoveMemory (in: Destination=0x6666c80, Source=0x66651f8, Length=0x80 | out: Destination=0x6666c80)
[0257.216] RtlMoveMemory (in: Destination=0x6666d00, Source=0x6665178, Length=0x80 | out: Destination=0x6666d00)
[0257.216] RtlMoveMemory (in: Destination=0x6666d80, Source=0x66650f8, Length=0x80 | out: Destination=0x6666d80)
[0257.216] RtlMoveMemory (in: Destination=0x6666e00, Source=0x6665078, Length=0x80 | out: Destination=0x6666e00)
[0257.216] RtlMoveMemory (in: Destination=0x6666e80, Source=0x6664ff8, Length=0x80 | out: Destination=0x6666e80)
[0257.216] RtlMoveMemory (in: Destination=0x6666f00, Source=0x6664f78, Length=0x80 | out: Destination=0x6666f00)
[0257.216] GdipBitmapUnlockBits (bitmap=0x6650e88, lockedBitmapData=0x2e42ee4) returned 0x0
[0257.216] GdipBitmapUnlockBits (bitmap=0x664fad8, lockedBitmapData=0x2e42f1c) returned 0x0
[0257.216] GdipDisposeImage (image=0x6650e88) returned 0x0
[0257.216] DeleteObject (ho=0x270507ef) returned 1
[0257.216] DeleteObject (ho=0xfb0507d3) returned 1
[0257.216] GetCurrentThreadId () returned 0xf50
[0257.216] GetCurrentThreadId () returned 0xf50
[0257.217] SetWindowPos (hWnd=0x1b02d0, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0257.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0257.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0257.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0257.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0257.217] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0257.217] GetWindowRect (in: hWnd=0x1b02d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0257.217] GetParent (hWnd=0x1b02d0) returned 0x2602de
[0257.217] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602de, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0257.217] InvalidateRect (hWnd=0x1b02d0, lpRect=0x0, bErase=1) returned 1
[0257.217] GetWindowTextLengthW (hWnd=0x1b02d0) returned 0
[0257.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0257.217] GetSystemMetrics (nIndex=42) returned 0
[0257.217] GetWindowTextW (in: hWnd=0x1b02d0, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0257.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0257.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0257.218] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0257.218] GetWindowRect (in: hWnd=0x1b02d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0257.218] GetParent (hWnd=0x1b02d0) returned 0x2602de
[0257.218] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602de, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0257.218] GetWindowTextLengthW (hWnd=0x1b02d0) returned 0
[0257.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0257.218] GetSystemMetrics (nIndex=42) returned 0
[0257.218] GetWindowTextW (in: hWnd=0x1b02d0, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0257.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0257.218] GetWindowTextLengthW (hWnd=0x1b02d0) returned 0
[0257.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0257.218] GetSystemMetrics (nIndex=42) returned 0
[0257.218] GetWindowTextW (in: hWnd=0x1b02d0, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0257.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0257.218] SetWindowTextW (hWnd=0x1b02d0, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0257.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xc, wParam=0x0, lParam=0x2e23d78) returned 0x1
[0257.218] InvalidateRect (hWnd=0x1b02d0, lpRect=0x0, bErase=1) returned 1
[0257.218] GetCurrentThreadId () returned 0xf50
[0257.218] GetWindowThreadProcessId (in: hWnd=0x1b02d0, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0257.219] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0257.220] GdipImageForceValidation (image=0x6650e88) returned 0x0
[0257.221] GdipGetImageRawFormat (image=0x6650e88, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0257.221] GdipGetImageHeight (image=0x6650e88, height=0xd7e824) returned 0x0
[0257.221] GdipGetImageWidth (image=0x6650e88, width=0xd7e824) returned 0x0
[0257.221] GdipGetImageWidth (image=0x6650e88, width=0xd7e810) returned 0x0
[0257.221] GdipGetImageHeight (image=0x6650e88, height=0xd7e810) returned 0x0
[0257.221] GdipGetImageWidth (image=0x6650e88, width=0xd7e800) returned 0x0
[0257.222] GdipGetImageHeight (image=0x6650e88, height=0xd7e800) returned 0x0
[0257.222] GdipBitmapGetPixel (bitmap=0x6650e88, x=0, y=15, color=0xd7e810) returned 0x0
[0257.222] GdipGetImageRawFormat (image=0x6650e88, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0257.222] GdipGetImageWidth (image=0x6650e88, width=0xd7e740) returned 0x0
[0257.222] GdipGetImageHeight (image=0x6650e88, height=0xd7e740) returned 0x0
[0257.222] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0257.222] GdipGetImagePixelFormat (image=0x6652580, format=0xd7e740) returned 0x0
[0257.222] GdipGetImageGraphicsContext (image=0x6652580, graphics=0xd7e74c) returned 0x0
[0257.222] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0257.222] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0257.222] GdipSetImageAttributesColorKeys (imageattr=0x6638bd8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0257.222] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650e88, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638bd8, callback=0x0, callbackData=0x0) returned 0x0
[0257.222] GdipDisposeImageAttributes (imageattr=0x6638bd8) returned 0x0
[0257.222] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.222] GdipDisposeImage (image=0x6650e88) returned 0x0
[0257.223] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0257.224] GdipImageForceValidation (image=0x66504b0) returned 0x0
[0257.225] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0257.225] GdipGetImageHeight (image=0x66504b0, height=0xd7e824) returned 0x0
[0257.225] GdipGetImageWidth (image=0x66504b0, width=0xd7e824) returned 0x0
[0257.225] GdipGetImageWidth (image=0x66504b0, width=0xd7e810) returned 0x0
[0257.225] GdipGetImageHeight (image=0x66504b0, height=0xd7e810) returned 0x0
[0257.225] GdipGetImageWidth (image=0x66504b0, width=0xd7e800) returned 0x0
[0257.225] GdipGetImageHeight (image=0x66504b0, height=0xd7e800) returned 0x0
[0257.225] GdipBitmapGetPixel (bitmap=0x66504b0, x=0, y=15, color=0xd7e810) returned 0x0
[0257.225] GdipGetImageRawFormat (image=0x66504b0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0257.225] GdipGetImageWidth (image=0x66504b0, width=0xd7e740) returned 0x0
[0257.225] GdipGetImageHeight (image=0x66504b0, height=0xd7e740) returned 0x0
[0257.225] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0257.225] GdipGetImagePixelFormat (image=0x6650e88, format=0xd7e740) returned 0x0
[0257.225] GdipGetImageGraphicsContext (image=0x6650e88, graphics=0xd7e74c) returned 0x0
[0257.225] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0257.225] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0257.225] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0257.225] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66504b0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0257.226] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0257.226] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.226] GdipDisposeImage (image=0x66504b0) returned 0x0
[0257.226] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.226] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0257.226] GetCurrentThreadId () returned 0xf50
[0257.226] GetCurrentThreadId () returned 0xf50
[0257.226] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.226] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0257.226] GetCurrentThreadId () returned 0xf50
[0257.227] GetCurrentThreadId () returned 0xf50
[0257.227] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.227] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0257.227] GetCurrentThreadId () returned 0xf50
[0257.227] GetCurrentThreadId () returned 0xf50
[0257.227] GetSystemMetrics (nIndex=5) returned 1
[0257.227] GetSystemMetrics (nIndex=6) returned 1
[0257.227] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.227] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0257.227] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.227] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0257.228] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.228] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0257.228] GetCurrentThreadId () returned 0xf50
[0257.228] GetCurrentThreadId () returned 0xf50
[0257.228] GetProcessWindowStation () returned 0x13c
[0257.228] GetCapture () returned 0x0
[0257.228] GetActiveWindow () returned 0x7005c
[0257.228] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0257.228] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.228] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0257.228] GetCursorPos (in: lpPoint=0x2e4405c | out: lpPoint=0x2e4405c*(x=258, y=624)) returned 1
[0257.228] MonitorFromPoint (pt=0x102, dwFlags=0x270) returned 0x10001
[0257.229] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0257.229] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfc0107d3
[0257.229] GetDeviceCaps (hdc=0xfc0107d3, index=12) returned 32
[0257.229] GetDeviceCaps (hdc=0xfc0107d3, index=14) returned 1
[0257.229] DeleteDC (hdc=0xfc0107d3) returned 1
[0257.229] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0257.229] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.229] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2900ea
[0257.230] SetWindowLongW (hWnd=0x2900ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0257.230] GetWindowLongW (hWnd=0x2900ea, nIndex=-4) returned 1950089536
[0257.230] SetWindowLongW (hWnd=0x2900ea, nIndex=-4, dwNewLong=19947998) returned 1950089536
[0257.230] GetWindowLongW (hWnd=0x2900ea, nIndex=-4) returned 19947998
[0257.230] GetWindowLongW (hWnd=0x2900ea, nIndex=-16) returned 113770496
[0257.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0257.231] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0257.233] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0257.233] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0257.233] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0257.233] SetWindowTextW (hWnd=0x2900ea, lpString="BB ransomware") returned 1
[0257.233] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xc, wParam=0x0, lParam=0x2e427f8) returned 0x1
[0257.234] GetStartupInfoW (in: lpStartupInfo=0x2e44398 | out: lpStartupInfo=0x2e44398*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0257.235] GetParent (hWnd=0x2900ea) returned 0x0
[0257.235] SetWindowLongW (hWnd=0x2900ea, nIndex=-8, dwNewLong=0) returned 0
[0257.236] SendMessageW (hWnd=0x2900ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0257.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0257.236] SendMessageW (hWnd=0x2900ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0257.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0257.236] GetSystemMenu (hWnd=0x2900ea, bRevert=0) returned 0x2c0111
[0257.236] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0257.236] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0257.237] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0257.237] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0257.237] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0257.237] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0257.237] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0257.237] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0257.237] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0257.237] SetWindowPos (hWnd=0x2900ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0257.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0257.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2900ea) returned 0x1
[0257.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0257.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0257.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2900ea, lParam=0x0) returned 0x0
[0257.243] GetCapture () returned 0x0
[0257.243] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0257.244] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0257.245] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0257.246] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0257.246] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0257.250] GetParent (hWnd=0x2900ea) returned 0x0
[0257.250] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0257.252] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0257.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0257.252] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0257.252] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0257.253] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.253] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.253] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.254] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.254] GetWindowLongW (hWnd=0x2900ea, nIndex=-16) returned 113770496
[0257.254] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.254] GetSystemMetrics (nIndex=42) returned 0
[0257.254] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0257.255] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.255] GetSystemMetrics (nIndex=42) returned 0
[0257.255] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0257.255] GetCursorPos (in: lpPoint=0x2e445d4 | out: lpPoint=0x2e445d4*(x=258, y=624)) returned 1
[0257.255] MonitorFromPoint (pt=0xff, dwFlags=0x26d) returned 0x10001
[0257.255] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0257.255] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x6d010801
[0257.255] GetDeviceCaps (hdc=0x6d010801, index=12) returned 32
[0257.256] GetDeviceCaps (hdc=0x6d010801, index=14) returned 1
[0257.256] DeleteDC (hdc=0x6d010801) returned 1
[0257.256] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0257.256] GetWindowLongW (hWnd=0x2900ea, nIndex=-16) returned 113770496
[0257.256] GetWindowLongW (hWnd=0x2900ea, nIndex=-20) returned 327945
[0257.256] SetWindowLongW (hWnd=0x2900ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0257.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0257.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0257.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.258] SetWindowLongW (hWnd=0x2900ea, nIndex=-20, dwNewLong=327681) returned 327945
[0257.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0257.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0257.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.259] SetWindowPos (hWnd=0x2900ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0257.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0257.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0257.260] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0257.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0257.260] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0257.260] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0257.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.262] RedrawWindow (hWnd=0x2900ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0257.262] GetSystemMenu (hWnd=0x2900ea, bRevert=0) returned 0x2c0111
[0257.262] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0257.262] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0257.262] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0257.262] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0257.262] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0257.262] EnableMenuItem (hMenu=0x2c0111, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0257.262] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0257.262] GetWindowLongW (hWnd=0x2900ea, nIndex=-8) returned 0
[0257.262] SetWindowLongW (hWnd=0x2900ea, nIndex=-8, dwNewLong=458844) returned 0
[0257.263] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0257.263] GetProcessWindowStation () returned 0x13c
[0257.263] GetCurrentThreadId () returned 0xf50
[0257.263] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306396, lParam=0x0) returned 1
[0257.264] IsWindowVisible (hWnd=0x2900ea) returned 0
[0257.264] IsWindowVisible (hWnd=0x7005c) returned 1
[0257.264] IsWindowEnabled (hWnd=0x7005c) returned 1
[0257.264] IsWindowVisible (hWnd=0x300ec) returned 0
[0257.264] IsWindowVisible (hWnd=0x502c6) returned 0
[0257.264] IsWindowVisible (hWnd=0x502be) returned 0
[0257.264] GetActiveWindow () returned 0x2900ea
[0257.264] GetFocus () returned 0x2900ea
[0257.264] IsWindow (hWnd=0x7005c) returned 1
[0257.264] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0257.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0257.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0257.265] GetWindowLongW (hWnd=0x2900ea, nIndex=-8) returned 458844
[0257.265] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0257.265] GetCurrentThreadId () returned 0xf50
[0257.265] GetWindowLongW (hWnd=0x2900ea, nIndex=-8) returned 458844
[0257.265] IsWindowEnabled (hWnd=0x7005c) returned 0
[0257.265] IsWindowEnabled (hWnd=0x2900ea) returned 1
[0257.265] ShowWindow (hWnd=0x2900ea, nCmdShow=5) returned 0
[0257.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.265] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0257.265] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.266] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.266] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2900ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2002c8
[0257.266] SetWindowLongW (hWnd=0x2002c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0257.266] GetWindowLongW (hWnd=0x2002c8, nIndex=-4) returned 1950089536
[0257.266] SetWindowLongW (hWnd=0x2002c8, nIndex=-4, dwNewLong=19946678) returned 1950089536
[0257.266] GetWindowLongW (hWnd=0x2002c8, nIndex=-4) returned 19946678
[0257.267] GetWindowLongW (hWnd=0x2002c8, nIndex=-16) returned 1174405120
[0257.267] GetWindowLongW (hWnd=0x2002c8, nIndex=-12) returned 0
[0257.267] SetWindowLongW (hWnd=0x2002c8, nIndex=-12, dwNewLong=2097864) returned 0
[0257.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0257.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0257.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0257.267] GetWindow (hWnd=0x2002c8, uCmd=0x3) returned 0x0
[0257.267] GetClientRect (in: hWnd=0x2002c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0257.267] GetWindowRect (in: hWnd=0x2002c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0257.267] GetParent (hWnd=0x2002c8) returned 0x2900ea
[0257.267] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0257.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0257.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0257.268] GetClientRect (in: hWnd=0x2002c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0257.268] GetWindowRect (in: hWnd=0x2002c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0257.268] GetParent (hWnd=0x2002c8) returned 0x2900ea
[0257.269] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0257.269] SendMessageW (hWnd=0x2002c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2002c8) returned 0x0
[0257.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2002c8) returned 0x0
[0257.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.269] GetParent (hWnd=0x2002c8) returned 0x2900ea
[0257.269] GetParent (hWnd=0x1b02d0) returned 0x2602de
[0257.269] SetParent (hWndChild=0x1b02d0, hWndNewParent=0x2900ea) returned 0x2602de
[0257.269] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0257.270] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0257.270] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0257.270] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0257.270] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0257.270] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0257.270] GetWindowRect (in: hWnd=0x1b02d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0257.270] GetParent (hWnd=0x1b02d0) returned 0x2900ea
[0257.270] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0257.270] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0257.270] GetWindowRect (in: hWnd=0x1b02d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0257.271] GetParent (hWnd=0x1b02d0) returned 0x2900ea
[0257.271] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0257.271] GetParent (hWnd=0x1b02d0) returned 0x2900ea
[0257.271] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.271] GetWindow (hWnd=0x1b02d0, uCmd=0x3) returned 0x0
[0257.271] SetWindowPos (hWnd=0x1b02d0, hWndInsertAfter=0x2002c8, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0257.271] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0257.272] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0257.272] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0257.272] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0257.272] GetWindowRect (in: hWnd=0x1b02d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0257.272] GetParent (hWnd=0x1b02d0) returned 0x2900ea
[0257.272] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0257.272] GetParent (hWnd=0x1b02d0) returned 0x2900ea
[0257.272] GetWindow (hWnd=0x1b02d0, uCmd=0x3) returned 0x2002c8
[0257.272] GetWindowThreadProcessId (in: hWnd=0x1b02d0, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0257.272] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0257.273] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.273] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.273] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2900ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2802d8
[0257.273] SetWindowLongW (hWnd=0x2802d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0257.274] GetWindowLongW (hWnd=0x2802d8, nIndex=-4) returned 1868032000
[0257.274] SetWindowLongW (hWnd=0x2802d8, nIndex=-4, dwNewLong=19947318) returned 1868032000
[0257.274] GetWindowLongW (hWnd=0x2802d8, nIndex=-4) returned 19947318
[0257.274] GetWindowLongW (hWnd=0x2802d8, nIndex=-16) returned 1174470667
[0257.274] GetWindowLongW (hWnd=0x2802d8, nIndex=-12) returned 0
[0257.274] SetWindowLongW (hWnd=0x2802d8, nIndex=-12, dwNewLong=2622168) returned 0
[0257.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0257.275] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0257.275] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0257.276] SendMessageW (hWnd=0x2802d8, Msg=0x2055, wParam=0x2802d8, lParam=0x3) returned 0x2
[0257.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0257.276] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0257.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0257.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0257.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0257.276] RedrawWindow (hWnd=0x2002c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0257.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0257.277] RedrawWindow (hWnd=0x1b02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0257.277] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0257.277] RedrawWindow (hWnd=0x2802d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0257.277] RedrawWindow (hWnd=0x2900ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0257.277] GetWindow (hWnd=0x2802d8, uCmd=0x3) returned 0x1b02d0
[0257.277] GetClientRect (in: hWnd=0x2802d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0257.277] GetWindowRect (in: hWnd=0x2802d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0257.277] GetParent (hWnd=0x2802d8) returned 0x2900ea
[0257.277] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0257.278] SetWindowTextW (hWnd=0x2802d8, lpString="&Details") returned 1
[0257.278] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0257.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0257.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0257.287] GetClientRect (in: hWnd=0x2802d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0257.287] GetWindowRect (in: hWnd=0x2802d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0257.287] GetParent (hWnd=0x2802d8) returned 0x2900ea
[0257.287] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0257.287] SendMessageW (hWnd=0x2802d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2802d8) returned 0x0
[0257.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2802d8) returned 0x0
[0257.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.288] GetParent (hWnd=0x2802d8) returned 0x2900ea
[0257.288] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0257.288] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.289] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.289] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2900ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2602da
[0257.289] SetWindowLongW (hWnd=0x2602da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0257.290] GetWindowLongW (hWnd=0x2602da, nIndex=-4) returned 1868032000
[0257.291] SetWindowLongW (hWnd=0x2602da, nIndex=-4, dwNewLong=19950830) returned 1868032000
[0257.291] GetWindowLongW (hWnd=0x2602da, nIndex=-4) returned 19950830
[0257.291] GetWindowLongW (hWnd=0x2602da, nIndex=-16) returned 1174470667
[0257.291] GetWindowLongW (hWnd=0x2602da, nIndex=-12) returned 0
[0257.291] SetWindowLongW (hWnd=0x2602da, nIndex=-12, dwNewLong=2491098) returned 0
[0257.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0257.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0257.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0257.293] SendMessageW (hWnd=0x2602da, Msg=0x2055, wParam=0x2602da, lParam=0x3) returned 0x2
[0257.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0257.293] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0257.293] GetWindow (hWnd=0x2602da, uCmd=0x3) returned 0x2802d8
[0257.293] GetClientRect (in: hWnd=0x2602da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0257.293] GetWindowRect (in: hWnd=0x2602da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0257.293] GetParent (hWnd=0x2602da) returned 0x2900ea
[0257.293] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0257.293] SetWindowTextW (hWnd=0x2602da, lpString="&Continue") returned 1
[0257.293] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0257.294] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0257.295] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0257.295] GetClientRect (in: hWnd=0x2602da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0257.295] GetWindowRect (in: hWnd=0x2602da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0257.295] GetParent (hWnd=0x2602da) returned 0x2900ea
[0257.295] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0257.295] SendMessageW (hWnd=0x2602da, Msg=0x2210, wParam=0x2da0001, lParam=0x2602da) returned 0x0
[0257.295] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x2210, wParam=0x2da0001, lParam=0x2602da) returned 0x0
[0257.295] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.295] GetParent (hWnd=0x2602da) returned 0x2900ea
[0257.295] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0257.296] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.296] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.296] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2900ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c02ce
[0257.297] SetWindowLongW (hWnd=0x1c02ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0257.297] GetWindowLongW (hWnd=0x1c02ce, nIndex=-4) returned 1868032000
[0257.298] SetWindowLongW (hWnd=0x1c02ce, nIndex=-4, dwNewLong=19950990) returned 1868032000
[0257.298] GetWindowLongW (hWnd=0x1c02ce, nIndex=-4) returned 19950990
[0257.298] GetWindowLongW (hWnd=0x1c02ce, nIndex=-16) returned 1174470667
[0257.298] GetWindowLongW (hWnd=0x1c02ce, nIndex=-12) returned 0
[0257.298] SetWindowLongW (hWnd=0x1c02ce, nIndex=-12, dwNewLong=1835726) returned 0
[0257.298] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0257.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0257.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0257.300] SendMessageW (hWnd=0x1c02ce, Msg=0x2055, wParam=0x1c02ce, lParam=0x3) returned 0x2
[0257.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0257.300] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0257.300] GetWindow (hWnd=0x1c02ce, uCmd=0x3) returned 0x2602da
[0257.300] GetClientRect (in: hWnd=0x1c02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0257.300] GetWindowRect (in: hWnd=0x1c02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0257.300] GetParent (hWnd=0x1c02ce) returned 0x2900ea
[0257.300] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0257.301] SetWindowTextW (hWnd=0x1c02ce, lpString="&Quit") returned 1
[0257.301] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0257.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0257.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0257.302] GetClientRect (in: hWnd=0x1c02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0257.302] GetWindowRect (in: hWnd=0x1c02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0257.302] GetParent (hWnd=0x1c02ce) returned 0x2900ea
[0257.302] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0257.302] SendMessageW (hWnd=0x1c02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1c02ce) returned 0x0
[0257.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1c02ce) returned 0x0
[0257.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.303] GetParent (hWnd=0x1c02ce) returned 0x2900ea
[0257.303] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0257.303] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.304] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0257.304] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2900ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2602dc
[0257.304] SetWindowLongW (hWnd=0x2602dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0257.304] GetWindowLongW (hWnd=0x2602dc, nIndex=-4) returned 1868026976
[0257.305] SetWindowLongW (hWnd=0x2602dc, nIndex=-4, dwNewLong=19950670) returned 1868026976
[0257.305] GetWindowLongW (hWnd=0x2602dc, nIndex=-4) returned 19950670
[0257.305] GetWindowLongW (hWnd=0x2602dc, nIndex=-16) returned 1177553092
[0257.305] GetWindowLongW (hWnd=0x2602dc, nIndex=-12) returned 0
[0257.305] SetWindowLongW (hWnd=0x2602dc, nIndex=-12, dwNewLong=2491100) returned 0
[0257.305] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0257.306] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0257.307] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0257.331] GetWindow (hWnd=0x2602dc, uCmd=0x3) returned 0x1c02ce
[0257.331] GetClientRect (in: hWnd=0x2602dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0257.331] GetWindowRect (in: hWnd=0x2602dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0257.331] GetParent (hWnd=0x2602dc) returned 0x2900ea
[0257.331] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0257.331] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.331] GetSystemMetrics (nIndex=42) returned 0
[0257.331] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0257.331] SendMessageW (hWnd=0x2602dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0257.331] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0257.336] SetWindowTextW (hWnd=0x2602dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0257.337] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0xc, wParam=0x0, lParam=0x2e401e0) returned 0x1
[0257.339] GetSystemMetrics (nIndex=5) returned 1
[0257.339] GetSystemMetrics (nIndex=6) returned 1
[0257.339] SendMessageW (hWnd=0x2602dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0257.339] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0257.340] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0257.340] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0257.340] GetClientRect (in: hWnd=0x2602dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0257.340] GetWindowRect (in: hWnd=0x2602dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0257.340] GetParent (hWnd=0x2602dc) returned 0x2900ea
[0257.341] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2900ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0257.341] SendMessageW (hWnd=0x2602dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2602dc) returned 0x0
[0257.341] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2602dc) returned 0x0
[0257.341] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0257.341] GetParent (hWnd=0x2602dc) returned 0x2900ea
[0257.342] GetWindowLongW (hWnd=0x2900ea, nIndex=-8) returned 458844
[0257.342] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0257.342] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0257.342] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xcd0107a2
[0257.342] GetDeviceCaps (hdc=0xcd0107a2, index=12) returned 32
[0257.342] GetDeviceCaps (hdc=0xcd0107a2, index=14) returned 1
[0257.342] DeleteDC (hdc=0xcd0107a2) returned 1
[0257.342] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0257.342] GetWindowThreadProcessId (in: hWnd=0x2900ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0257.342] GetCurrentThreadId () returned 0xf50
[0257.342] PostMessageW (hWnd=0x2900ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0257.343] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.343] GetSystemMetrics (nIndex=42) returned 0
[0257.343] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0257.343] GdipImageGetFrameDimensionsCount (image=0x664fad8, count=0xd7e25c) returned 0x0
[0257.343] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12014c0
[0257.343] GdipImageGetFrameDimensionsList (image=0x664fad8, dimensionIDs=0x12014c0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0257.343] LocalFree (hMem=0x12014c0) returned 0x0
[0257.343] GdipImageGetFrameDimensionsCount (image=0x6652580, count=0xd7e250) returned 0x0
[0257.343] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12012e0
[0257.343] GdipImageGetFrameDimensionsList (image=0x6652580, dimensionIDs=0x12012e0*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0257.343] LocalFree (hMem=0x12012e0) returned 0x0
[0257.343] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0257.344] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0257.344] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0257.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0257.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.359] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0257.359] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0257.359] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.359] GetSystemMetrics (nIndex=42) returned 0
[0257.359] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0257.360] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0257.360] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0257.360] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0257.360] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0xffffffff890505d8
[0257.360] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0257.360] SaveDC (hdc=0x107b9) returned 1
[0257.360] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0257.360] CreateSolidBrush (color=0xf0f0f0) returned 0xbb1007e1
[0257.360] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0xbb1007e1) returned 1
[0257.360] DeleteObject (ho=0xbb1007e1) returned 1
[0257.360] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0257.360] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0257.361] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0257.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0257.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0257.361] GetStockObject (i=5) returned 0x900015
[0257.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0257.362] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0257.362] GetStockObject (i=5) returned 0x900015
[0257.362] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0257.362] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0257.362] GetStockObject (i=5) returned 0x900015
[0257.362] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0257.363] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0257.363] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0257.363] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0257.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.364] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0257.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0257.365] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0257.365] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0257.365] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.365] InvalidateRect (hWnd=0x2802d8, lpRect=0x0, bErase=0) returned 1
[0257.365] GetFocus () returned 0x2900ea
[0257.365] GetFocus () returned 0x2900ea
[0257.365] SetFocus (hWnd=0x2802d8) returned 0x2900ea
[0257.366] GetFocus () returned 0x2802d8
[0257.366] IsChild (hWndParent=0x2900ea, hWnd=0x2802d8) returned 1
[0257.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x8, wParam=0x2802d8, lParam=0x0) returned 0x0
[0257.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0257.370] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0257.378] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x7, wParam=0x2900ea, lParam=0x0) returned 0x0
[0257.378] GetStockObject (i=5) returned 0x900015
[0257.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0257.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0257.378] GetDlgItem (hDlg=0x2900ea, nIDDlgItem=2622168) returned 0x2802d8
[0257.378] SendMessageW (hWnd=0x2802d8, Msg=0x202b, wParam=0x2802d8, lParam=0xd7e0dc) returned 0x0
[0257.378] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x202b, wParam=0x2802d8, lParam=0xd7e0dc) returned 0x0
[0257.378] InvalidateRect (hWnd=0x2802d8, lpRect=0x0, bErase=0) returned 1
[0257.380] GetFocus () returned 0x2802d8
[0257.381] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.381] IsWindowUnicode (hWnd=0x2900ea) returned 1
[0257.381] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.381] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.381] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0257.381] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.381] IsWindowUnicode (hWnd=0x2900ea) returned 1
[0257.381] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.381] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.381] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.381] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0257.382] IsWindowUnicode (hWnd=0x2900ea) returned 1
[0257.382] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.382] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.382] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.382] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.382] IsWindowUnicode (hWnd=0x602c4) returned 1
[0257.382] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.382] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.382] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.383] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0257.383] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0257.383] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.384] IsWindowUnicode (hWnd=0x2900ea) returned 1
[0257.384] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.384] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.384] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.384] BeginPaint (in: hWnd=0x2900ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0257.384] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.384] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.384] GetSystemMetrics (nIndex=42) returned 0
[0257.384] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0257.384] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.384] EndPaint (hWnd=0x2900ea, lpPaint=0xd7e274) returned 1
[0257.385] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.385] IsWindowUnicode (hWnd=0x2002c8) returned 1
[0257.385] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.385] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.385] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.385] BeginPaint (in: hWnd=0x2002c8, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0257.385] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.385] CreateCompatibleDC (hdc=0xc0107c5) returned 0x7c010801
[0257.385] SelectObject (hdc=0x7c010801, h=0x4a0507fe) returned 0x85000f
[0257.385] GdipCreateFromHDC (hdc=0x7c010801, graphics=0xd7e2b0) returned 0x0
[0257.386] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.386] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0257.386] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0257.386] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0257.386] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e310) returned 0x0
[0257.386] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0257.386] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0257.386] LocalFree (hMem=0x11eecc8) returned 0x0
[0257.386] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0257.386] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0257.386] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0257.386] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e304) returned 0x0
[0257.386] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0257.386] GetWindowTextLengthW (hWnd=0x2002c8) returned 0
[0257.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0257.386] GetSystemMetrics (nIndex=42) returned 0
[0257.386] GetWindowTextW (in: hWnd=0x2002c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0257.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0257.387] GetClientRect (in: hWnd=0x2002c8, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0257.387] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0257.387] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0257.387] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0257.387] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0257.387] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e164) returned 0x0
[0257.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.387] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0257.387] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.387] GdipCombineRegionRegion (region=0x6646c28, region2=0x6646688, combineMode=0x1) returned 0x0
[0257.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.387] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0257.387] LocalFree (hMem=0x11eec58) returned 0x0
[0257.387] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0257.387] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0257.387] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0257.393] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0257.393] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0257.393] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0257.393] GetCurrentObject (hdc=0x7c010801, type=0x1) returned 0xb00017
[0257.393] GetCurrentObject (hdc=0x7c010801, type=0x2) returned 0x900010
[0257.393] GetCurrentObject (hdc=0x7c010801, type=0x7) returned 0x4a0507fe
[0257.393] GetCurrentObject (hdc=0x7c010801, type=0x6) returned 0x8a01c2
[0257.393] SaveDC (hdc=0x7c010801) returned 1
[0257.393] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbc0407de
[0257.393] GetClipRgn (hdc=0x7c010801, hrgn=0xbc0407de) returned 0
[0257.393] SelectClipRgn (hdc=0x7c010801, hrgn=0x23040807) returned 2
[0257.393] DeleteObject (ho=0xbc0407de) returned 1
[0257.393] DeleteObject (ho=0x23040807) returned 1
[0257.393] OffsetViewportOrgEx (in: hdc=0x7c010801, x=0, y=0, lppt=0x2e45d40 | out: lppt=0x2e45d40) returned 1
[0257.394] GetNearestColor (hdc=0x7c010801, color=0xf0f0f0) returned 0xf0f0f0
[0257.394] CreateSolidBrush (color=0xf0f0f0) returned 0xbc1007e1
[0257.394] FillRect (hDC=0x7c010801, lprc=0xd7e198, hbr=0xbc1007e1) returned 1
[0257.394] DeleteObject (ho=0xbc1007e1) returned 1
[0257.394] RestoreDC (hdc=0x7c010801, nSavedDC=-1) returned 1
[0257.394] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010801) returned 0x0
[0257.394] GdipRestoreGraphics (graphics=0x6600030, state=0xf7e40dbd) returned 0x0
[0257.394] GdipDeleteRegion (region=0x6646688) returned 0x0
[0257.394] GetWindowTextLengthW (hWnd=0x2002c8) returned 0
[0257.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0257.394] GetSystemMetrics (nIndex=42) returned 0
[0257.394] GetWindowTextW (in: hWnd=0x2002c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0257.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0257.394] GdipGetImageWidth (image=0x664fad8, width=0xd7e1e0) returned 0x0
[0257.394] GdipGetImageHeight (image=0x664fad8, height=0xd7e1e0) returned 0x0
[0257.394] GdipGetImageWidth (image=0x664fad8, width=0xd7e1cc) returned 0x0
[0257.394] GdipGetImageHeight (image=0x664fad8, height=0xd7e1cc) returned 0x0
[0257.395] GdipDrawImageRectI (graphics=0x6600030, image=0x664fad8, x=16, y=16, width=32, height=32) returned 0x0
[0257.395] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0257.395] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0x7c010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.395] GdipReleaseDC (graphics=0x6600030, hdc=0x7c010801) returned 0x0
[0257.395] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.395] SelectObject (hdc=0x7c010801, h=0x85000f) returned 0x4a0507fe
[0257.395] DeleteDC (hdc=0x7c010801) returned 1
[0257.395] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.395] EndPaint (hWnd=0x2002c8, lpPaint=0xd7e294) returned 1
[0257.396] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.396] IsWindowUnicode (hWnd=0x1b02d0) returned 1
[0257.396] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.396] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.396] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.396] BeginPaint (in: hWnd=0x1b02d0, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0257.396] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.396] CreateCompatibleDC (hdc=0x107b9) returned 0x7e010801
[0257.396] GetObjectType (h=0x107b9) returned 0x3
[0257.396] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0xffffffffe4050803
[0257.396] GetDIBits (in: hdc=0x107b9, hbm=0xe4050803, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0257.397] GetDIBits (in: hdc=0x107b9, hbm=0xe4050803, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0257.397] DeleteObject (ho=0xe4050803) returned 1
[0257.397] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xc0507fb
[0257.397] SelectObject (hdc=0x7e010801, h=0xc0507fb) returned 0x85000f
[0257.397] GdipCreateFromHDC (hdc=0x7e010801, graphics=0xd7e234) returned 0x0
[0257.397] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.397] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0257.397] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0257.398] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0257.398] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2d4) returned 0x0
[0257.398] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0257.398] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0257.398] LocalFree (hMem=0x11eecc8) returned 0x0
[0257.398] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0257.398] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0257.398] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0257.398] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0257.398] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0257.398] GetWindowTextLengthW (hWnd=0x1b02d0) returned 232
[0257.398] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0257.398] GetSystemMetrics (nIndex=42) returned 0
[0257.398] GetWindowTextW (in: hWnd=0x1b02d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0257.398] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0257.398] GetClientRect (in: hWnd=0x1b02d0, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0257.398] GdipCreateRegion (region=0xd7e110) returned 0x0
[0257.399] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0257.399] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0257.399] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0257.399] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e128) returned 0x0
[0257.399] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0257.399] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eecc8) returned 0x0
[0257.399] LocalFree (hMem=0x11eecc8) returned 0x0
[0257.399] GdipCombineRegionRegion (region=0x6646c28, region2=0x6646688, combineMode=0x1) returned 0x0
[0257.399] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0257.399] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0257.399] LocalFree (hMem=0x11ee868) returned 0x0
[0257.399] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0257.399] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e150) returned 0x0
[0257.399] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e140) returned 0x0
[0257.399] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0257.399] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0257.399] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0257.400] GetCurrentObject (hdc=0x7e010801, type=0x1) returned 0xb00017
[0257.400] GetCurrentObject (hdc=0x7e010801, type=0x2) returned 0x900010
[0257.400] GetCurrentObject (hdc=0x7e010801, type=0x7) returned 0xc0507fb
[0257.400] GetCurrentObject (hdc=0x7e010801, type=0x6) returned 0x8a01c2
[0257.400] SaveDC (hdc=0x7e010801) returned 1
[0257.400] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x24040807
[0257.400] GetClipRgn (hdc=0x7e010801, hrgn=0x24040807) returned 0
[0257.400] SelectClipRgn (hdc=0x7e010801, hrgn=0xbd0407de) returned 2
[0257.400] DeleteObject (ho=0x24040807) returned 1
[0257.400] DeleteObject (ho=0xbd0407de) returned 1
[0257.400] OffsetViewportOrgEx (in: hdc=0x7e010801, x=0, y=0, lppt=0x2e47708 | out: lppt=0x2e47708) returned 1
[0257.400] GetNearestColor (hdc=0x7e010801, color=0xf0f0f0) returned 0xf0f0f0
[0257.400] CreateSolidBrush (color=0xf0f0f0) returned 0xbd1007e1
[0257.400] FillRect (hDC=0x7e010801, lprc=0xd7e15c, hbr=0xbd1007e1) returned 1
[0257.401] DeleteObject (ho=0xbd1007e1) returned 1
[0257.401] RestoreDC (hdc=0x7e010801, nSavedDC=-1) returned 1
[0257.401] GdipReleaseDC (graphics=0x6600030, hdc=0x7e010801) returned 0x0
[0257.402] GdipRestoreGraphics (graphics=0x6600030, state=0xf7e20dbd) returned 0x0
[0257.402] GdipDeleteRegion (region=0x6646688) returned 0x0
[0257.402] GetWindowTextLengthW (hWnd=0x1b02d0) returned 232
[0257.402] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0257.402] GetSystemMetrics (nIndex=42) returned 0
[0257.402] GetWindowTextW (in: hWnd=0x1b02d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0257.402] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0257.402] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0257.402] GetCurrentObject (hdc=0x7e010801, type=0x1) returned 0xb00017
[0257.402] GetCurrentObject (hdc=0x7e010801, type=0x2) returned 0x900010
[0257.402] GetCurrentObject (hdc=0x7e010801, type=0x7) returned 0xc0507fb
[0257.402] GetCurrentObject (hdc=0x7e010801, type=0x6) returned 0x8a01c2
[0257.402] SaveDC (hdc=0x7e010801) returned 1
[0257.402] GetNearestColor (hdc=0x7e010801, color=0x0) returned 0x0
[0257.402] RestoreDC (hdc=0x7e010801, nSavedDC=-1) returned 1
[0257.402] GdipReleaseDC (graphics=0x6600030, hdc=0x7e010801) returned 0x0
[0257.403] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0257.411] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0257.411] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e47f04 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0257.411] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0257.411] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0257.411] GetCurrentObject (hdc=0x7e010801, type=0x1) returned 0xb00017
[0257.411] GetCurrentObject (hdc=0x7e010801, type=0x2) returned 0x900010
[0257.411] GetCurrentObject (hdc=0x7e010801, type=0x7) returned 0xc0507fb
[0257.411] GetCurrentObject (hdc=0x7e010801, type=0x6) returned 0x8a01c2
[0257.412] SaveDC (hdc=0x7e010801) returned 1
[0257.412] GetTextAlign (hdc=0x7e010801) returned 0x0
[0257.412] GetTextColor (hdc=0x7e010801) returned 0x0
[0257.412] GetCurrentObject (hdc=0x7e010801, type=0x6) returned 0x8a01c2
[0257.412] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0257.412] SelectObject (hdc=0x7e010801, h=0x6d0a0520) returned 0x8a01c2
[0257.412] GetBkMode (hdc=0x7e010801) returned 2
[0257.412] SetBkMode (hdc=0x7e010801, mode=1) returned 2
[0257.412] DrawTextExW (in: hdc=0x7e010801, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e48128 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0257.416] RestoreDC (hdc=0x7e010801, nSavedDC=-1) returned 1
[0257.416] GdipReleaseDC (graphics=0x6600030, hdc=0x7e010801) returned 0x0
[0257.416] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0257.416] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x7e010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.416] GdipReleaseDC (graphics=0x6600030, hdc=0x7e010801) returned 0x0
[0257.416] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.418] SelectObject (hdc=0x7e010801, h=0x85000f) returned 0xc0507fb
[0257.418] DeleteDC (hdc=0x7e010801) returned 1
[0257.418] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.418] DeleteObject (ho=0xc0507fb) returned 1
[0257.428] EndPaint (hWnd=0x1b02d0, lpPaint=0xd7e258) returned 1
[0257.428] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.428] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.428] IsWindowUnicode (hWnd=0x2602da) returned 1
[0257.428] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.429] SetCursor (hCursor=0x10003) returned 0x10003
[0257.429] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.429] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.429] _TrackMouseEvent (in: lpEventTrack=0x2e48164 | out: lpEventTrack=0x2e48164) returned 1
[0257.429] SendMessageW (hWnd=0x2602da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0257.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0257.429] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.429] GetKeyState (nVirtKey=1) returned 0
[0257.429] GetKeyState (nVirtKey=2) returned 0
[0257.429] GetKeyState (nVirtKey=4) returned 0
[0257.429] GetKeyState (nVirtKey=5) returned 0
[0257.429] GetKeyState (nVirtKey=6) returned 0
[0257.429] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.430] IsWindowUnicode (hWnd=0x2802d8) returned 1
[0257.430] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.430] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.430] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.430] BeginPaint (in: hWnd=0x2802d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0257.430] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.430] CreateCompatibleDC (hdc=0xf0105ee) returned 0xe6010803
[0257.430] SelectObject (hdc=0xe6010803, h=0x4a0507fe) returned 0x85000f
[0257.430] GdipCreateFromHDC (hdc=0xe6010803, graphics=0xd7e268) returned 0x0
[0257.430] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.430] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0257.431] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0257.431] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0257.431] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0257.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.431] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0257.431] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.431] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0257.431] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0257.431] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0257.431] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0257.431] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0257.431] GdipRestoreGraphics (graphics=0x6600030, state=0xf7e00dbd) returned 0x0
[0257.431] GdipDeleteRegion (region=0x6646688) returned 0x0
[0257.431] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0257.431] GetCurrentObject (hdc=0xe6010803, type=0x1) returned 0xb00017
[0257.431] GetCurrentObject (hdc=0xe6010803, type=0x2) returned 0x900010
[0257.431] GetCurrentObject (hdc=0xe6010803, type=0x7) returned 0x4a0507fe
[0257.432] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.432] SaveDC (hdc=0xe6010803) returned 1
[0257.432] GetNearestColor (hdc=0xe6010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.432] GetNearestColor (hdc=0xe6010803, color=0xa0a0a0) returned 0xa0a0a0
[0257.432] GetNearestColor (hdc=0xe6010803, color=0x696969) returned 0x696969
[0257.432] GetNearestColor (hdc=0xe6010803, color=0xa0a0a0) returned 0xa0a0a0
[0257.432] GetNearestColor (hdc=0xe6010803, color=0x0) returned 0x0
[0257.432] GetNearestColor (hdc=0xe6010803, color=0xffffff) returned 0xffffff
[0257.432] GetNearestColor (hdc=0xe6010803, color=0xe5e5e5) returned 0xe5e5e5
[0257.432] GetNearestColor (hdc=0xe6010803, color=0xd7d7d7) returned 0xd7d7d7
[0257.432] GetNearestColor (hdc=0xe6010803, color=0x0) returned 0x0
[0257.432] RestoreDC (hdc=0xe6010803, nSavedDC=-1) returned 1
[0257.433] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010803) returned 0x0
[0257.433] IsAppThemed () returned 0x1
[0257.433] GetThemeAppProperties () returned 0x3
[0257.433] GetThemeAppProperties () returned 0x3
[0257.433] GdipGetImageWidth (image=0x6652580, width=0xd7e168) returned 0x0
[0257.433] GdipGetImageHeight (image=0x6652580, height=0xd7e168) returned 0x0
[0257.433] IsAppThemed () returned 0x1
[0257.433] GetThemeAppProperties () returned 0x3
[0257.433] GetThemeAppProperties () returned 0x3
[0257.433] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e488d0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0257.433] IsAppThemed () returned 0x1
[0257.434] GetThemeAppProperties () returned 0x3
[0257.434] GetThemeAppProperties () returned 0x3
[0257.434] IsAppThemed () returned 0x1
[0257.434] GetThemeAppProperties () returned 0x3
[0257.434] GetThemeAppProperties () returned 0x3
[0257.434] GetFocus () returned 0x2802d8
[0257.434] IsAppThemed () returned 0x1
[0257.434] GetThemeAppProperties () returned 0x3
[0257.434] GetThemeAppProperties () returned 0x3
[0257.434] IsAppThemed () returned 0x1
[0257.434] GetThemeAppProperties () returned 0x3
[0257.434] GetThemeAppProperties () returned 0x3
[0257.435] IsThemePartDefined () returned 0x1
[0257.435] IsAppThemed () returned 0x1
[0257.435] GetThemeAppProperties () returned 0x3
[0257.435] GetThemeAppProperties () returned 0x3
[0257.435] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0257.435] IsAppThemed () returned 0x1
[0257.435] GetThemeAppProperties () returned 0x3
[0257.435] GetThemeAppProperties () returned 0x3
[0257.435] IsAppThemed () returned 0x1
[0257.435] GetThemeAppProperties () returned 0x3
[0257.435] GetThemeAppProperties () returned 0x3
[0257.435] IsThemePartDefined () returned 0x1
[0257.436] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0257.436] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0257.436] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0257.436] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0257.436] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dff0) returned 0x0
[0257.436] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.436] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0257.436] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.436] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.436] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0257.436] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.436] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0257.436] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e018) returned 0x0
[0257.436] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e008) returned 0x0
[0257.437] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0257.437] GdipDeleteRegion (region=0x6646688) returned 0x0
[0257.437] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0257.437] GetCurrentObject (hdc=0xe6010803, type=0x1) returned 0xb00017
[0257.437] GetCurrentObject (hdc=0xe6010803, type=0x2) returned 0x900010
[0257.437] GetCurrentObject (hdc=0xe6010803, type=0x7) returned 0x4a0507fe
[0257.437] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.437] SaveDC (hdc=0xe6010803) returned 1
[0257.437] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbe0407de
[0257.437] GetClipRgn (hdc=0xe6010803, hrgn=0xbe0407de) returned 0
[0257.437] SelectClipRgn (hdc=0xe6010803, hrgn=0x28040807) returned 2
[0257.437] DeleteObject (ho=0xbe0407de) returned 1
[0257.437] DeleteObject (ho=0x28040807) returned 1
[0257.437] OffsetViewportOrgEx (in: hdc=0xe6010803, x=0, y=0, lppt=0x2e48f80 | out: lppt=0x2e48f80) returned 1
[0257.437] DrawThemeParentBackground () returned 0x0
[0257.438] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0257.438] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0257.438] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.438] GetSystemMetrics (nIndex=42) returned 0
[0257.438] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0257.438] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0257.438] GetCurrentObject (hdc=0xe6010803, type=0x1) returned 0xb00017
[0257.438] GetCurrentObject (hdc=0xe6010803, type=0x2) returned 0x900010
[0257.438] GetCurrentObject (hdc=0xe6010803, type=0x7) returned 0x4a0507fe
[0257.438] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.438] SaveDC (hdc=0xe6010803) returned 2
[0257.438] GetNearestColor (hdc=0xe6010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.439] CreateSolidBrush (color=0xf0f0f0) returned 0xbe1007e1
[0257.439] FillRect (hDC=0xe6010803, lprc=0xd7da38, hbr=0xbe1007e1) returned 1
[0257.439] DeleteObject (ho=0xbe1007e1) returned 1
[0257.439] RestoreDC (hdc=0xe6010803, nSavedDC=-1) returned 1
[0257.439] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.439] GetSystemMetrics (nIndex=42) returned 0
[0257.439] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.439] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0257.439] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0257.439] GetCurrentObject (hdc=0xe6010803, type=0x1) returned 0xb00017
[0257.439] GetCurrentObject (hdc=0xe6010803, type=0x2) returned 0x900010
[0257.439] GetCurrentObject (hdc=0xe6010803, type=0x7) returned 0x4a0507fe
[0257.439] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.439] SaveDC (hdc=0xe6010803) returned 2
[0257.440] GetNearestColor (hdc=0xe6010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.440] CreateSolidBrush (color=0xf0f0f0) returned 0xbf1007e1
[0257.440] FillRect (hDC=0xe6010803, lprc=0xd7d9d8, hbr=0xbf1007e1) returned 1
[0257.440] DeleteObject (ho=0xbf1007e1) returned 1
[0257.440] RestoreDC (hdc=0xe6010803, nSavedDC=-1) returned 1
[0257.440] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.440] GetSystemMetrics (nIndex=42) returned 0
[0257.440] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0257.440] RestoreDC (hdc=0xe6010803, nSavedDC=-1) returned 1
[0257.440] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010803) returned 0x0
[0257.441] IsAppThemed () returned 0x1
[0257.441] GetThemeAppProperties () returned 0x3
[0257.441] GetThemeAppProperties () returned 0x3
[0257.441] IsAppThemed () returned 0x1
[0257.441] GetThemeAppProperties () returned 0x3
[0257.441] GetThemeAppProperties () returned 0x3
[0257.441] IsThemePartDefined () returned 0x1
[0257.441] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0257.441] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0257.441] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0257.441] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0257.441] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0257.441] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0257.441] LocalFree (hMem=0x11ee868) returned 0x0
[0257.441] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0257.442] LocalFree (hMem=0x11eea28) returned 0x0
[0257.442] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0257.442] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0257.442] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0257.442] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0257.442] GdipDeleteRegion (region=0x6646688) returned 0x0
[0257.442] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0257.442] GetCurrentObject (hdc=0xe6010803, type=0x1) returned 0xb00017
[0257.442] GetCurrentObject (hdc=0xe6010803, type=0x2) returned 0x900010
[0257.442] GetCurrentObject (hdc=0xe6010803, type=0x7) returned 0x4a0507fe
[0257.442] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.442] SaveDC (hdc=0xe6010803) returned 1
[0257.442] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x29040807
[0257.442] GetClipRgn (hdc=0xe6010803, hrgn=0x29040807) returned 0
[0257.442] SelectClipRgn (hdc=0xe6010803, hrgn=0xc00407de) returned 2
[0257.443] DeleteObject (ho=0x29040807) returned 1
[0257.443] DeleteObject (ho=0xc00407de) returned 1
[0257.443] OffsetViewportOrgEx (in: hdc=0xe6010803, x=0, y=0, lppt=0x2e4982c | out: lppt=0x2e4982c) returned 1
[0257.443] IsAppThemed () returned 0x1
[0257.443] GetThemeAppProperties () returned 0x3
[0257.443] GetThemeAppProperties () returned 0x3
[0257.443] DrawThemeBackground () returned 0x0
[0257.443] RestoreDC (hdc=0xe6010803, nSavedDC=-1) returned 1
[0257.443] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010803) returned 0x0
[0257.443] GdipCreateRegion (region=0xd7df60) returned 0x0
[0257.443] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0257.443] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0257.443] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0257.443] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0257.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0257.444] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eead0) returned 0x0
[0257.444] LocalFree (hMem=0x11eead0) returned 0x0
[0257.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0257.444] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0257.444] LocalFree (hMem=0x11ee868) returned 0x0
[0257.444] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0257.444] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0257.444] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0257.444] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0257.444] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0257.444] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0257.444] GetCurrentObject (hdc=0xe6010803, type=0x1) returned 0xb00017
[0257.444] GetCurrentObject (hdc=0xe6010803, type=0x2) returned 0x900010
[0257.444] GetCurrentObject (hdc=0xe6010803, type=0x7) returned 0x4a0507fe
[0257.444] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.445] SaveDC (hdc=0xe6010803) returned 1
[0257.445] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc10407de
[0257.445] GetClipRgn (hdc=0xe6010803, hrgn=0xc10407de) returned 0
[0257.445] SelectClipRgn (hdc=0xe6010803, hrgn=0x2a040807) returned 2
[0257.445] DeleteObject (ho=0xc10407de) returned 1
[0257.445] DeleteObject (ho=0x2a040807) returned 1
[0257.445] OffsetViewportOrgEx (in: hdc=0xe6010803, x=0, y=0, lppt=0x2e49b00 | out: lppt=0x2e49b00) returned 1
[0257.445] IsAppThemed () returned 0x1
[0257.445] GetThemeAppProperties () returned 0x3
[0257.445] GetThemeAppProperties () returned 0x3
[0257.445] GetThemeBackgroundContentRect () returned 0x0
[0257.445] RestoreDC (hdc=0xe6010803, nSavedDC=-1) returned 1
[0257.445] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010803) returned 0x0
[0257.445] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0257.445] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0257.445] GdipCloneRegion (region=0x6646688, cloneRegion=0xd7e150) returned 0x0
[0257.445] GdipCombineRegionRectI (region=0x6646c28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0257.446] GdipCombineRegionRectI (region=0x6646c28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0257.446] GdipSetClipRegion (graphics=0x6600030, region=0x6646c28, combineMode=0x0) returned 0x0
[0257.446] GdipGetImageWidth (image=0x6652580, width=0xd7e154) returned 0x0
[0257.446] GdipGetImageHeight (image=0x6652580, height=0xd7e148) returned 0x0
[0257.446] GdipDrawImageRectI (graphics=0x6600030, image=0x6652580, x=4, y=4, width=16, height=16) returned 0x0
[0257.446] GdipSetClipRegion (graphics=0x6600030, region=0x6646688, combineMode=0x0) returned 0x0
[0257.446] IsAppThemed () returned 0x1
[0257.446] GetThemeAppProperties () returned 0x3
[0257.446] GetThemeAppProperties () returned 0x3
[0257.446] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0257.446] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0257.446] GetCurrentObject (hdc=0xe6010803, type=0x1) returned 0xb00017
[0257.446] GetCurrentObject (hdc=0xe6010803, type=0x2) returned 0x900010
[0257.446] GetCurrentObject (hdc=0xe6010803, type=0x7) returned 0x4a0507fe
[0257.446] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.446] SaveDC (hdc=0xe6010803) returned 1
[0257.447] GetTextAlign (hdc=0xe6010803) returned 0x0
[0257.447] GetTextColor (hdc=0xe6010803) returned 0x0
[0257.447] GetCurrentObject (hdc=0xe6010803, type=0x6) returned 0x8a01c2
[0257.447] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0257.447] SelectObject (hdc=0xe6010803, h=0x6d0a0520) returned 0x8a01c2
[0257.447] GetBkMode (hdc=0xe6010803) returned 2
[0257.447] SetBkMode (hdc=0xe6010803, mode=1) returned 2
[0257.447] DrawTextExW (in: hdc=0xe6010803, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e49ec0 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0257.447] DrawTextExW (in: hdc=0xe6010803, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e49ec0 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0257.448] RestoreDC (hdc=0xe6010803, nSavedDC=-1) returned 1
[0257.448] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010803) returned 0x0
[0257.448] GetFocus () returned 0x2802d8
[0257.448] IsAppThemed () returned 0x1
[0257.448] GetThemeAppProperties () returned 0x3
[0257.448] GetThemeAppProperties () returned 0x3
[0257.448] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0257.448] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xe6010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.448] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010803) returned 0x0
[0257.448] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.449] SelectObject (hdc=0xe6010803, h=0x85000f) returned 0x4a0507fe
[0257.449] DeleteDC (hdc=0xe6010803) returned 1
[0257.449] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.449] EndPaint (hWnd=0x2802d8, lpPaint=0xd7e24c) returned 1
[0257.449] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.449] IsWindowUnicode (hWnd=0x2602da) returned 1
[0257.449] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.449] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.449] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.449] BeginPaint (in: hWnd=0x2602da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0257.450] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.450] CreateCompatibleDC (hdc=0x10105d6) returned 0xe8010803
[0257.450] SelectObject (hdc=0xe8010803, h=0x4a0507fe) returned 0x85000f
[0257.450] GdipCreateFromHDC (hdc=0xe8010803, graphics=0xd7e268) returned 0x0
[0257.457] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.457] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0257.457] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0257.457] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0257.457] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0257.457] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0257.457] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea60) returned 0x0
[0257.457] LocalFree (hMem=0x11eea60) returned 0x0
[0257.457] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0257.457] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0257.457] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0257.457] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0257.457] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0257.457] GdipRestoreGraphics (graphics=0x6600030, state=0xf7de0dbd) returned 0x0
[0257.457] GdipDeleteRegion (region=0x6645248) returned 0x0
[0257.458] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0257.458] GetCurrentObject (hdc=0xe8010803, type=0x1) returned 0xb00017
[0257.458] GetCurrentObject (hdc=0xe8010803, type=0x2) returned 0x900010
[0257.458] GetCurrentObject (hdc=0xe8010803, type=0x7) returned 0x4a0507fe
[0257.458] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.458] SaveDC (hdc=0xe8010803) returned 1
[0257.458] GetNearestColor (hdc=0xe8010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.458] GetNearestColor (hdc=0xe8010803, color=0xa0a0a0) returned 0xa0a0a0
[0257.458] GetNearestColor (hdc=0xe8010803, color=0x696969) returned 0x696969
[0257.458] GetNearestColor (hdc=0xe8010803, color=0xa0a0a0) returned 0xa0a0a0
[0257.458] GetNearestColor (hdc=0xe8010803, color=0x0) returned 0x0
[0257.458] GetNearestColor (hdc=0xe8010803, color=0xffffff) returned 0xffffff
[0257.458] GetNearestColor (hdc=0xe8010803, color=0xe5e5e5) returned 0xe5e5e5
[0257.458] GetNearestColor (hdc=0xe8010803, color=0xd7d7d7) returned 0xd7d7d7
[0257.459] GetNearestColor (hdc=0xe8010803, color=0x0) returned 0x0
[0257.459] RestoreDC (hdc=0xe8010803, nSavedDC=-1) returned 1
[0257.459] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010803) returned 0x0
[0257.459] IsAppThemed () returned 0x1
[0257.459] GetThemeAppProperties () returned 0x3
[0257.459] GetThemeAppProperties () returned 0x3
[0257.459] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0257.459] SendMessageW (hWnd=0x2900ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0257.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0257.459] IsAppThemed () returned 0x1
[0257.459] GetThemeAppProperties () returned 0x3
[0257.459] GetThemeAppProperties () returned 0x3
[0257.459] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e4a6d0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0257.460] IsAppThemed () returned 0x1
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] IsAppThemed () returned 0x1
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] IsAppThemed () returned 0x1
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] IsAppThemed () returned 0x1
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] IsThemePartDefined () returned 0x1
[0257.460] IsAppThemed () returned 0x1
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] GetThemeAppProperties () returned 0x3
[0257.460] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0257.460] IsAppThemed () returned 0x1
[0257.461] GetThemeAppProperties () returned 0x3
[0257.461] GetThemeAppProperties () returned 0x3
[0257.461] IsAppThemed () returned 0x1
[0257.461] GetThemeAppProperties () returned 0x3
[0257.461] GetThemeAppProperties () returned 0x3
[0257.461] IsThemePartDefined () returned 0x1
[0257.461] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0257.461] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0257.461] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0257.461] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0257.461] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfe4) returned 0x0
[0257.461] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.461] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0257.461] LocalFree (hMem=0x11eec58) returned 0x0
[0257.461] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0257.461] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0257.461] LocalFree (hMem=0x11ee8d8) returned 0x0
[0257.461] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0257.462] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0257.462] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0257.462] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0257.462] GdipDeleteRegion (region=0x6645368) returned 0x0
[0257.462] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0257.462] GetCurrentObject (hdc=0xe8010803, type=0x1) returned 0xb00017
[0257.462] GetCurrentObject (hdc=0xe8010803, type=0x2) returned 0x900010
[0257.462] GetCurrentObject (hdc=0xe8010803, type=0x7) returned 0x4a0507fe
[0257.462] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.462] SaveDC (hdc=0xe8010803) returned 1
[0257.462] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b040807
[0257.462] GetClipRgn (hdc=0xe8010803, hrgn=0x2b040807) returned 0
[0257.462] SelectClipRgn (hdc=0xe8010803, hrgn=0xc50407de) returned 2
[0257.462] DeleteObject (ho=0x2b040807) returned 1
[0257.462] DeleteObject (ho=0xc50407de) returned 1
[0257.462] OffsetViewportOrgEx (in: hdc=0xe8010803, x=0, y=0, lppt=0x2e4ad80 | out: lppt=0x2e4ad80) returned 1
[0257.463] DrawThemeParentBackground () returned 0x0
[0257.463] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0257.463] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0257.463] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.463] GetSystemMetrics (nIndex=42) returned 0
[0257.463] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0257.463] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0257.463] GetCurrentObject (hdc=0xe8010803, type=0x1) returned 0xb00017
[0257.463] GetCurrentObject (hdc=0xe8010803, type=0x2) returned 0x900010
[0257.463] GetCurrentObject (hdc=0xe8010803, type=0x7) returned 0x4a0507fe
[0257.463] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.463] SaveDC (hdc=0xe8010803) returned 2
[0257.464] GetNearestColor (hdc=0xe8010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.464] CreateSolidBrush (color=0xf0f0f0) returned 0xc01007e1
[0257.464] FillRect (hDC=0xe8010803, lprc=0xd7da30, hbr=0xc01007e1) returned 1
[0257.464] DeleteObject (ho=0xc01007e1) returned 1
[0257.464] RestoreDC (hdc=0xe8010803, nSavedDC=-1) returned 1
[0257.464] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.464] GetSystemMetrics (nIndex=42) returned 0
[0257.464] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0257.464] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0257.464] GetCurrentObject (hdc=0xe8010803, type=0x1) returned 0xb00017
[0257.464] GetCurrentObject (hdc=0xe8010803, type=0x2) returned 0x900010
[0257.464] GetCurrentObject (hdc=0xe8010803, type=0x7) returned 0x4a0507fe
[0257.464] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.464] SaveDC (hdc=0xe8010803) returned 2
[0257.465] GetNearestColor (hdc=0xe8010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.465] CreateSolidBrush (color=0xf0f0f0) returned 0xc11007e1
[0257.465] FillRect (hDC=0xe8010803, lprc=0xd7d9d0, hbr=0xc11007e1) returned 1
[0257.465] DeleteObject (ho=0xc11007e1) returned 1
[0257.465] RestoreDC (hdc=0xe8010803, nSavedDC=-1) returned 1
[0257.465] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.465] GetSystemMetrics (nIndex=42) returned 0
[0257.465] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0257.465] RestoreDC (hdc=0xe8010803, nSavedDC=-1) returned 1
[0257.465] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010803) returned 0x0
[0257.466] IsAppThemed () returned 0x1
[0257.466] GetThemeAppProperties () returned 0x3
[0257.466] GetThemeAppProperties () returned 0x3
[0257.466] IsAppThemed () returned 0x1
[0257.466] GetThemeAppProperties () returned 0x3
[0257.466] GetThemeAppProperties () returned 0x3
[0257.466] IsThemePartDefined () returned 0x1
[0257.466] GdipCreateRegion (region=0xd7df50) returned 0x0
[0257.466] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0257.466] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0257.466] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0257.466] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df68) returned 0x0
[0257.466] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.466] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0257.467] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.467] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0257.467] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0257.467] LocalFree (hMem=0x11ee868) returned 0x0
[0257.467] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0257.467] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7df90) returned 0x0
[0257.467] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7df80) returned 0x0
[0257.467] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0257.467] GdipDeleteRegion (region=0x6645908) returned 0x0
[0257.467] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0257.467] GetCurrentObject (hdc=0xe8010803, type=0x1) returned 0xb00017
[0257.467] GetCurrentObject (hdc=0xe8010803, type=0x2) returned 0x900010
[0257.467] GetCurrentObject (hdc=0xe8010803, type=0x7) returned 0x4a0507fe
[0257.467] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.467] SaveDC (hdc=0xe8010803) returned 1
[0257.467] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc60407de
[0257.468] GetClipRgn (hdc=0xe8010803, hrgn=0xc60407de) returned 0
[0257.468] SelectClipRgn (hdc=0xe8010803, hrgn=0x2d040807) returned 2
[0257.468] DeleteObject (ho=0xc60407de) returned 1
[0257.468] DeleteObject (ho=0x2d040807) returned 1
[0257.468] OffsetViewportOrgEx (in: hdc=0xe8010803, x=0, y=0, lppt=0x2e4b62c | out: lppt=0x2e4b62c) returned 1
[0257.468] IsAppThemed () returned 0x1
[0257.468] GetThemeAppProperties () returned 0x3
[0257.468] GetThemeAppProperties () returned 0x3
[0257.468] DrawThemeBackground () returned 0x0
[0257.468] RestoreDC (hdc=0xe8010803, nSavedDC=-1) returned 1
[0257.468] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010803) returned 0x0
[0257.468] GdipCreateRegion (region=0xd7df54) returned 0x0
[0257.468] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0257.468] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0257.468] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0257.468] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df6c) returned 0x0
[0257.469] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0257.469] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0257.469] LocalFree (hMem=0x11ee8d8) returned 0x0
[0257.469] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0257.469] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0257.469] LocalFree (hMem=0x11eecc8) returned 0x0
[0257.469] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0257.469] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0257.469] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0257.469] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0257.469] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0257.469] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0257.469] GetCurrentObject (hdc=0xe8010803, type=0x1) returned 0xb00017
[0257.469] GetCurrentObject (hdc=0xe8010803, type=0x2) returned 0x900010
[0257.469] GetCurrentObject (hdc=0xe8010803, type=0x7) returned 0x4a0507fe
[0257.469] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.469] SaveDC (hdc=0xe8010803) returned 1
[0257.470] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e040807
[0257.470] GetClipRgn (hdc=0xe8010803, hrgn=0x2e040807) returned 0
[0257.470] SelectClipRgn (hdc=0xe8010803, hrgn=0xc70407de) returned 2
[0257.470] DeleteObject (ho=0x2e040807) returned 1
[0257.470] DeleteObject (ho=0xc70407de) returned 1
[0257.470] OffsetViewportOrgEx (in: hdc=0xe8010803, x=0, y=0, lppt=0x2e4b900 | out: lppt=0x2e4b900) returned 1
[0257.470] IsAppThemed () returned 0x1
[0257.470] GetThemeAppProperties () returned 0x3
[0257.470] GetThemeAppProperties () returned 0x3
[0257.470] GetThemeBackgroundContentRect () returned 0x0
[0257.470] RestoreDC (hdc=0xe8010803, nSavedDC=-1) returned 1
[0257.470] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010803) returned 0x0
[0257.470] IsAppThemed () returned 0x1
[0257.470] GetThemeAppProperties () returned 0x3
[0257.470] GetThemeAppProperties () returned 0x3
[0257.470] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0257.471] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0257.471] GetCurrentObject (hdc=0xe8010803, type=0x1) returned 0xb00017
[0257.471] GetCurrentObject (hdc=0xe8010803, type=0x2) returned 0x900010
[0257.471] GetCurrentObject (hdc=0xe8010803, type=0x7) returned 0x4a0507fe
[0257.471] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.471] SaveDC (hdc=0xe8010803) returned 1
[0257.471] GetTextAlign (hdc=0xe8010803) returned 0x0
[0257.471] GetTextColor (hdc=0xe8010803) returned 0x0
[0257.471] GetCurrentObject (hdc=0xe8010803, type=0x6) returned 0x8a01c2
[0257.471] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0257.471] SelectObject (hdc=0xe8010803, h=0x6d0a0520) returned 0x8a01c2
[0257.471] GetBkMode (hdc=0xe8010803) returned 2
[0257.471] SetBkMode (hdc=0xe8010803, mode=1) returned 2
[0257.472] DrawTextExW (in: hdc=0xe8010803, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e4bca0 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0257.472] DrawTextExW (in: hdc=0xe8010803, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e4bca0 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0257.472] RestoreDC (hdc=0xe8010803, nSavedDC=-1) returned 1
[0257.472] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010803) returned 0x0
[0257.472] GetFocus () returned 0x2802d8
[0257.472] IsAppThemed () returned 0x1
[0257.472] GetThemeAppProperties () returned 0x3
[0257.472] GetThemeAppProperties () returned 0x3
[0257.473] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0257.473] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xe8010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.473] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010803) returned 0x0
[0257.473] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.473] SelectObject (hdc=0xe8010803, h=0x85000f) returned 0x4a0507fe
[0257.473] DeleteDC (hdc=0xe8010803) returned 1
[0257.473] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.473] EndPaint (hWnd=0x2602da, lpPaint=0xd7e24c) returned 1
[0257.473] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.473] IsWindowUnicode (hWnd=0x1c02ce) returned 1
[0257.473] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.474] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.474] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.474] BeginPaint (in: hWnd=0x1c02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0257.474] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.474] CreateCompatibleDC (hdc=0xc0107c5) returned 0xea010803
[0257.474] SelectObject (hdc=0xea010803, h=0x4a0507fe) returned 0x85000f
[0257.474] GdipCreateFromHDC (hdc=0xea010803, graphics=0xd7e268) returned 0x0
[0257.474] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.474] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0257.474] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0257.474] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0257.475] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0257.475] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0257.475] LocalFree (hMem=0x11ee868) returned 0x0
[0257.475] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0257.475] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0257.475] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0257.475] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0257.475] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0257.475] GdipRestoreGraphics (graphics=0x6600030, state=0xf7dc0dbd) returned 0x0
[0257.475] GdipDeleteRegion (region=0x6645128) returned 0x0
[0257.475] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0257.475] GetCurrentObject (hdc=0xea010803, type=0x1) returned 0xb00017
[0257.475] GetCurrentObject (hdc=0xea010803, type=0x2) returned 0x900010
[0257.475] GetCurrentObject (hdc=0xea010803, type=0x7) returned 0x4a0507fe
[0257.475] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.475] SaveDC (hdc=0xea010803) returned 1
[0257.475] GetNearestColor (hdc=0xea010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.476] GetNearestColor (hdc=0xea010803, color=0xa0a0a0) returned 0xa0a0a0
[0257.476] GetNearestColor (hdc=0xea010803, color=0x696969) returned 0x696969
[0257.476] GetNearestColor (hdc=0xea010803, color=0xa0a0a0) returned 0xa0a0a0
[0257.476] GetNearestColor (hdc=0xea010803, color=0x0) returned 0x0
[0257.476] GetNearestColor (hdc=0xea010803, color=0xffffff) returned 0xffffff
[0257.476] GetNearestColor (hdc=0xea010803, color=0xe5e5e5) returned 0xe5e5e5
[0257.476] GetNearestColor (hdc=0xea010803, color=0xd7d7d7) returned 0xd7d7d7
[0257.476] GetNearestColor (hdc=0xea010803, color=0x0) returned 0x0
[0257.476] RestoreDC (hdc=0xea010803, nSavedDC=-1) returned 1
[0257.476] GdipReleaseDC (graphics=0x6600030, hdc=0xea010803) returned 0x0
[0257.476] IsAppThemed () returned 0x1
[0257.476] GetThemeAppProperties () returned 0x3
[0257.476] GetThemeAppProperties () returned 0x3
[0257.476] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0257.476] SendMessageW (hWnd=0x2900ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0257.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0257.477] IsAppThemed () returned 0x1
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e4c4b0 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0257.477] IsAppThemed () returned 0x1
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] IsAppThemed () returned 0x1
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] GetFocus () returned 0x2802d8
[0257.477] IsAppThemed () returned 0x1
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] GetThemeAppProperties () returned 0x3
[0257.477] IsAppThemed () returned 0x1
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] IsThemePartDefined () returned 0x1
[0257.478] IsAppThemed () returned 0x1
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0257.478] IsAppThemed () returned 0x1
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] IsAppThemed () returned 0x1
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] GetThemeAppProperties () returned 0x3
[0257.478] IsThemePartDefined () returned 0x1
[0257.478] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0257.478] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0257.478] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0257.478] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0257.478] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0257.478] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0257.478] LocalFree (hMem=0x11ee868) returned 0x0
[0257.479] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0257.479] LocalFree (hMem=0x11ee868) returned 0x0
[0257.479] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0257.479] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0257.479] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0257.479] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0257.479] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0257.479] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0257.479] GetCurrentObject (hdc=0xea010803, type=0x1) returned 0xb00017
[0257.479] GetCurrentObject (hdc=0xea010803, type=0x2) returned 0x900010
[0257.479] GetCurrentObject (hdc=0xea010803, type=0x7) returned 0x4a0507fe
[0257.479] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.479] SaveDC (hdc=0xea010803) returned 1
[0257.479] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc80407de
[0257.479] GetClipRgn (hdc=0xea010803, hrgn=0xc80407de) returned 0
[0257.479] SelectClipRgn (hdc=0xea010803, hrgn=0x32040807) returned 2
[0257.479] DeleteObject (ho=0xc80407de) returned 1
[0257.479] DeleteObject (ho=0x32040807) returned 1
[0257.479] OffsetViewportOrgEx (in: hdc=0xea010803, x=0, y=0, lppt=0x2e4cb60 | out: lppt=0x2e4cb60) returned 1
[0257.480] DrawThemeParentBackground () returned 0x0
[0257.480] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0257.480] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0257.480] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.480] GetSystemMetrics (nIndex=42) returned 0
[0257.480] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0257.480] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0257.480] GetCurrentObject (hdc=0xea010803, type=0x1) returned 0xb00017
[0257.480] GetCurrentObject (hdc=0xea010803, type=0x2) returned 0x900010
[0257.480] GetCurrentObject (hdc=0xea010803, type=0x7) returned 0x4a0507fe
[0257.480] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.480] SaveDC (hdc=0xea010803) returned 2
[0257.480] GetNearestColor (hdc=0xea010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.481] CreateSolidBrush (color=0xf0f0f0) returned 0xc21007e1
[0257.481] FillRect (hDC=0xea010803, lprc=0xd7da38, hbr=0xc21007e1) returned 1
[0257.481] DeleteObject (ho=0xc21007e1) returned 1
[0257.481] RestoreDC (hdc=0xea010803, nSavedDC=-1) returned 1
[0257.481] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.481] GetSystemMetrics (nIndex=42) returned 0
[0257.481] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0257.481] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0257.481] GetCurrentObject (hdc=0xea010803, type=0x1) returned 0xb00017
[0257.518] GetCurrentObject (hdc=0xea010803, type=0x2) returned 0x900010
[0257.518] GetCurrentObject (hdc=0xea010803, type=0x7) returned 0x4a0507fe
[0257.518] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.518] SaveDC (hdc=0xea010803) returned 2
[0257.518] GetNearestColor (hdc=0xea010803, color=0xf0f0f0) returned 0xf0f0f0
[0257.518] CreateSolidBrush (color=0xf0f0f0) returned 0xc31007e1
[0257.518] FillRect (hDC=0xea010803, lprc=0xd7d9d8, hbr=0xc31007e1) returned 1
[0257.518] DeleteObject (ho=0xc31007e1) returned 1
[0257.518] RestoreDC (hdc=0xea010803, nSavedDC=-1) returned 1
[0257.518] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.518] GetSystemMetrics (nIndex=42) returned 0
[0257.518] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0257.519] RestoreDC (hdc=0xea010803, nSavedDC=-1) returned 1
[0257.519] GdipReleaseDC (graphics=0x6600030, hdc=0xea010803) returned 0x0
[0257.519] IsAppThemed () returned 0x1
[0257.519] GetThemeAppProperties () returned 0x3
[0257.519] GetThemeAppProperties () returned 0x3
[0257.519] IsAppThemed () returned 0x1
[0257.519] GetThemeAppProperties () returned 0x3
[0257.519] GetThemeAppProperties () returned 0x3
[0257.519] IsThemePartDefined () returned 0x1
[0257.519] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0257.519] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0257.519] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0257.519] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0257.519] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df74) returned 0x0
[0257.519] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.520] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0257.520] LocalFree (hMem=0x11eec58) returned 0x0
[0257.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.520] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0257.520] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.520] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0257.520] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0257.520] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0257.520] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0257.520] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0257.520] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0257.520] GetCurrentObject (hdc=0xea010803, type=0x1) returned 0xb00017
[0257.520] GetCurrentObject (hdc=0xea010803, type=0x2) returned 0x900010
[0257.520] GetCurrentObject (hdc=0xea010803, type=0x7) returned 0x4a0507fe
[0257.520] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.520] SaveDC (hdc=0xea010803) returned 1
[0257.520] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x33040807
[0257.520] GetClipRgn (hdc=0xea010803, hrgn=0x33040807) returned 0
[0257.520] SelectClipRgn (hdc=0xea010803, hrgn=0xca0407de) returned 2
[0257.521] DeleteObject (ho=0x33040807) returned 1
[0257.521] DeleteObject (ho=0xca0407de) returned 1
[0257.521] OffsetViewportOrgEx (in: hdc=0xea010803, x=0, y=0, lppt=0x2e4d40c | out: lppt=0x2e4d40c) returned 1
[0257.521] IsAppThemed () returned 0x1
[0257.521] GetThemeAppProperties () returned 0x3
[0257.521] GetThemeAppProperties () returned 0x3
[0257.521] DrawThemeBackground () returned 0x0
[0257.521] RestoreDC (hdc=0xea010803, nSavedDC=-1) returned 1
[0257.521] GdipReleaseDC (graphics=0x6600030, hdc=0xea010803) returned 0x0
[0257.521] GdipCreateRegion (region=0xd7df60) returned 0x0
[0257.521] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0257.521] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0257.521] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0257.521] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0257.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.521] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0257.521] LocalFree (hMem=0x11eec58) returned 0x0
[0257.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.521] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0257.521] LocalFree (hMem=0x11eec58) returned 0x0
[0257.521] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0257.522] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0257.522] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0257.522] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0257.522] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0257.522] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0257.522] GetCurrentObject (hdc=0xea010803, type=0x1) returned 0xb00017
[0257.522] GetCurrentObject (hdc=0xea010803, type=0x2) returned 0x900010
[0257.522] GetCurrentObject (hdc=0xea010803, type=0x7) returned 0x4a0507fe
[0257.522] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.522] SaveDC (hdc=0xea010803) returned 1
[0257.522] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcb0407de
[0257.522] GetClipRgn (hdc=0xea010803, hrgn=0xcb0407de) returned 0
[0257.522] SelectClipRgn (hdc=0xea010803, hrgn=0x34040807) returned 2
[0257.522] DeleteObject (ho=0xcb0407de) returned 1
[0257.522] DeleteObject (ho=0x34040807) returned 1
[0257.522] OffsetViewportOrgEx (in: hdc=0xea010803, x=0, y=0, lppt=0x2e4d6e0 | out: lppt=0x2e4d6e0) returned 1
[0257.522] IsAppThemed () returned 0x1
[0257.522] GetThemeAppProperties () returned 0x3
[0257.522] GetThemeAppProperties () returned 0x3
[0257.522] GetThemeBackgroundContentRect () returned 0x0
[0257.522] RestoreDC (hdc=0xea010803, nSavedDC=-1) returned 1
[0257.523] GdipReleaseDC (graphics=0x6600030, hdc=0xea010803) returned 0x0
[0257.523] IsAppThemed () returned 0x1
[0257.523] GetThemeAppProperties () returned 0x3
[0257.523] GetThemeAppProperties () returned 0x3
[0257.523] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0257.523] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0257.523] GetCurrentObject (hdc=0xea010803, type=0x1) returned 0xb00017
[0257.523] GetCurrentObject (hdc=0xea010803, type=0x2) returned 0x900010
[0257.523] GetCurrentObject (hdc=0xea010803, type=0x7) returned 0x4a0507fe
[0257.523] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.523] SaveDC (hdc=0xea010803) returned 1
[0257.523] GetTextAlign (hdc=0xea010803) returned 0x0
[0257.523] GetTextColor (hdc=0xea010803) returned 0x0
[0257.523] GetCurrentObject (hdc=0xea010803, type=0x6) returned 0x8a01c2
[0257.523] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0257.523] SelectObject (hdc=0xea010803, h=0x6d0a0520) returned 0x8a01c2
[0257.523] GetBkMode (hdc=0xea010803) returned 2
[0257.524] SetBkMode (hdc=0xea010803, mode=1) returned 2
[0257.524] DrawTextExW (in: hdc=0xea010803, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e4da80 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0257.524] DrawTextExW (in: hdc=0xea010803, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e4da80 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0257.524] RestoreDC (hdc=0xea010803, nSavedDC=-1) returned 1
[0257.524] GdipReleaseDC (graphics=0x6600030, hdc=0xea010803) returned 0x0
[0257.524] GetFocus () returned 0x2802d8
[0257.524] IsAppThemed () returned 0x1
[0257.524] GetThemeAppProperties () returned 0x3
[0257.524] GetThemeAppProperties () returned 0x3
[0257.524] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0257.524] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xea010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.525] GdipReleaseDC (graphics=0x6600030, hdc=0xea010803) returned 0x0
[0257.525] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.525] SelectObject (hdc=0xea010803, h=0x85000f) returned 0x4a0507fe
[0257.525] DeleteDC (hdc=0xea010803) returned 1
[0257.525] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.525] EndPaint (hWnd=0x1c02ce, lpPaint=0xd7e24c) returned 1
[0257.525] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0257.526] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.526] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.526] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0257.526] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.526] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.527] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0257.528] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.528] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.529] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.529] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.529] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.529] IsWindowUnicode (hWnd=0x602c4) returned 1
[0257.529] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.529] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.529] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.530] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0257.530] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.530] CreateCompatibleDC (hdc=0xf0105ee) returned 0xec010803
[0257.530] SelectObject (hdc=0xec010803, h=0x4a0507fe) returned 0x85000f
[0257.530] GdipCreateFromHDC (hdc=0xec010803, graphics=0xd7e268) returned 0x0
[0257.530] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.530] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0257.530] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0257.530] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0257.530] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0257.530] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0257.530] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0257.530] LocalFree (hMem=0x11ee868) returned 0x0
[0257.530] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0257.530] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0257.530] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0257.531] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0257.531] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0257.531] GdipRestoreGraphics (graphics=0x6600030, state=0xf7da0dbd) returned 0x0
[0257.531] GdipDeleteRegion (region=0x6645998) returned 0x0
[0257.531] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0257.531] GetCurrentObject (hdc=0xec010803, type=0x1) returned 0xb00017
[0257.531] GetCurrentObject (hdc=0xec010803, type=0x2) returned 0x900010
[0257.531] GetCurrentObject (hdc=0xec010803, type=0x7) returned 0x4a0507fe
[0257.531] GetCurrentObject (hdc=0xec010803, type=0x6) returned 0x8a01c2
[0257.531] SaveDC (hdc=0xec010803) returned 1
[0257.531] GetNearestColor (hdc=0xec010803, color=0xff) returned 0xff
[0257.531] GetNearestColor (hdc=0xec010803, color=0x55) returned 0x55
[0257.531] GetNearestColor (hdc=0xec010803, color=0x0) returned 0x0
[0257.531] GetNearestColor (hdc=0xec010803, color=0x55) returned 0x55
[0257.531] GetNearestColor (hdc=0xec010803, color=0x0) returned 0x0
[0257.531] GetNearestColor (hdc=0xec010803, color=0x8080ff) returned 0x8080ff
[0257.531] GetNearestColor (hdc=0xec010803, color=0x7373e5) returned 0x7373e5
[0257.532] GetNearestColor (hdc=0xec010803, color=0xe5) returned 0xe5
[0257.532] GetNearestColor (hdc=0xec010803, color=0x0) returned 0x0
[0257.532] RestoreDC (hdc=0xec010803, nSavedDC=-1) returned 1
[0257.532] GdipReleaseDC (graphics=0x6600030, hdc=0xec010803) returned 0x0
[0257.532] IsAppThemed () returned 0x1
[0257.532] GetThemeAppProperties () returned 0x3
[0257.532] GetThemeAppProperties () returned 0x3
[0257.532] IsAppThemed () returned 0x1
[0257.532] GetThemeAppProperties () returned 0x3
[0257.532] GetThemeAppProperties () returned 0x3
[0257.532] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e4e248 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0257.532] IsAppThemed () returned 0x1
[0257.532] GetThemeAppProperties () returned 0x3
[0257.532] GetThemeAppProperties () returned 0x3
[0257.532] IsAppThemed () returned 0x1
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] GetFocus () returned 0x2802d8
[0257.533] IsAppThemed () returned 0x1
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] IsAppThemed () returned 0x1
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] IsThemePartDefined () returned 0x1
[0257.533] IsAppThemed () returned 0x1
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0257.533] IsAppThemed () returned 0x1
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] IsAppThemed () returned 0x1
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] GetThemeAppProperties () returned 0x3
[0257.533] IsThemePartDefined () returned 0x1
[0257.533] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0257.533] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0257.533] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0257.533] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0257.533] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0257.534] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0257.534] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0257.534] LocalFree (hMem=0x11eea60) returned 0x0
[0257.534] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0257.534] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eead0) returned 0x0
[0257.534] LocalFree (hMem=0x11eead0) returned 0x0
[0257.534] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0257.534] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0257.534] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0257.534] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0257.534] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0257.534] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0257.534] GetCurrentObject (hdc=0xec010803, type=0x1) returned 0xb00017
[0257.534] GetCurrentObject (hdc=0xec010803, type=0x2) returned 0x900010
[0257.534] GetCurrentObject (hdc=0xec010803, type=0x7) returned 0x4a0507fe
[0257.534] GetCurrentObject (hdc=0xec010803, type=0x6) returned 0x8a01c2
[0257.534] SaveDC (hdc=0xec010803) returned 1
[0257.534] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x35040807
[0257.534] GetClipRgn (hdc=0xec010803, hrgn=0x35040807) returned 0
[0257.534] SelectClipRgn (hdc=0xec010803, hrgn=0xcf0407de) returned 2
[0257.535] DeleteObject (ho=0x35040807) returned 1
[0257.535] DeleteObject (ho=0xcf0407de) returned 1
[0257.535] OffsetViewportOrgEx (in: hdc=0xec010803, x=0, y=0, lppt=0x2e4e8f8 | out: lppt=0x2e4e8f8) returned 1
[0257.535] DrawThemeParentBackground () returned 0x0
[0257.535] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0257.535] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0257.535] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.535] GetSystemMetrics (nIndex=42) returned 0
[0257.535] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0257.535] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0257.535] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0257.535] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0257.535] SelectPalette (hdc=0xec010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.535] GdipCreateFromHDC (hdc=0xec010803, graphics=0xd7dac8) returned 0x0
[0257.536] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0257.536] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0257.536] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638b18) returned 0x0
[0257.536] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7daa0) returned 0x0
[0257.536] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0257.536] GdipCreateRegion (region=0xd7da88) returned 0x0
[0257.536] GdipGetClip (graphics=0x663e568, region=0x6645518) returned 0x0
[0257.536] GdipIsInfiniteRegion (region=0x6645518, graphics=0x663e568, result=0xd7da94) returned 0x0
[0257.536] GdipDeleteRegion (region=0x6645518) returned 0x0
[0257.536] GdipSaveGraphics (graphics=0x663e568, state=0xd7dac0) returned 0x0
[0257.536] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0257.542] GdipFillRectangleI (graphics=0x663e568, brush=0x6635ba8, x=0, y=0, width=801, height=453) returned 0x0
[0257.542] GdipDeleteBrush (brush=0x6635ba8) returned 0x0
[0257.543] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0257.543] SelectPalette (hdc=0xec010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.544] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.550] GetSystemMetrics (nIndex=42) returned 0
[0257.550] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0257.550] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0257.550] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0257.550] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0257.550] SelectPalette (hdc=0xec010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.551] GdipCreateFromHDC (hdc=0xec010803, graphics=0xd7da68) returned 0x0
[0257.551] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0257.551] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0257.551] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cc8) returned 0x0
[0257.551] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7da40) returned 0x0
[0257.551] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0257.551] GdipCreateRegion (region=0xd7da28) returned 0x0
[0257.551] GdipGetClip (graphics=0x663e568, region=0x6645248) returned 0x0
[0257.551] GdipIsInfiniteRegion (region=0x6645248, graphics=0x663e568, result=0xd7da34) returned 0x0
[0257.551] GdipDeleteRegion (region=0x6645248) returned 0x0
[0257.551] GdipSaveGraphics (graphics=0x663e568, state=0xd7da60) returned 0x0
[0257.551] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0257.558] GdipFillRectangleI (graphics=0x663e568, brush=0x66351e8, x=0, y=0, width=801, height=453) returned 0x0
[0257.559] GdipDeleteBrush (brush=0x66351e8) returned 0x0
[0257.567] GdipRestoreGraphics (graphics=0x663e568, state=0xf7d60dbd) returned 0x0
[0257.567] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.567] GetSystemMetrics (nIndex=42) returned 0
[0257.567] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0257.567] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0257.567] SelectPalette (hdc=0xec010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.568] RestoreDC (hdc=0xec010803, nSavedDC=-1) returned 1
[0257.568] GdipReleaseDC (graphics=0x6600030, hdc=0xec010803) returned 0x0
[0257.568] IsAppThemed () returned 0x1
[0257.568] GetThemeAppProperties () returned 0x3
[0257.568] GetThemeAppProperties () returned 0x3
[0257.568] IsAppThemed () returned 0x1
[0257.568] GetThemeAppProperties () returned 0x3
[0257.568] GetThemeAppProperties () returned 0x3
[0257.568] IsThemePartDefined () returned 0x1
[0257.568] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0257.568] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0257.568] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0257.568] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0257.568] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0257.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.568] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0257.569] LocalFree (hMem=0x11eec58) returned 0x0
[0257.569] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0257.569] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0257.569] LocalFree (hMem=0x11eea98) returned 0x0
[0257.569] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0257.569] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0257.569] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0257.569] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0257.569] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0257.569] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0257.569] GetCurrentObject (hdc=0xec010803, type=0x1) returned 0xb00017
[0257.569] GetCurrentObject (hdc=0xec010803, type=0x2) returned 0x900010
[0257.569] GetCurrentObject (hdc=0xec010803, type=0x7) returned 0x4a0507fe
[0257.569] GetCurrentObject (hdc=0xec010803, type=0x6) returned 0x8a01c2
[0257.569] SaveDC (hdc=0xec010803) returned 1
[0257.569] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd00407de
[0257.570] GetClipRgn (hdc=0xec010803, hrgn=0xd00407de) returned 0
[0257.570] SelectClipRgn (hdc=0xec010803, hrgn=0x37040807) returned 2
[0257.570] DeleteObject (ho=0xd00407de) returned 1
[0257.570] DeleteObject (ho=0x37040807) returned 1
[0257.570] OffsetViewportOrgEx (in: hdc=0xec010803, x=0, y=0, lppt=0x2e55148 | out: lppt=0x2e55148) returned 1
[0257.570] IsAppThemed () returned 0x1
[0257.570] GetThemeAppProperties () returned 0x3
[0257.570] GetThemeAppProperties () returned 0x3
[0257.570] DrawThemeBackground () returned 0x0
[0257.570] RestoreDC (hdc=0xec010803, nSavedDC=-1) returned 1
[0257.570] GdipReleaseDC (graphics=0x6600030, hdc=0xec010803) returned 0x0
[0257.570] GdipCreateRegion (region=0xd7df60) returned 0x0
[0257.570] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0257.570] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0257.570] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0257.570] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0257.570] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0257.570] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0257.571] LocalFree (hMem=0x11ee868) returned 0x0
[0257.571] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0257.571] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea60) returned 0x0
[0257.571] LocalFree (hMem=0x11eea60) returned 0x0
[0257.571] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0257.571] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0257.571] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0257.571] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0257.571] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0257.571] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0257.571] GetCurrentObject (hdc=0xec010803, type=0x1) returned 0xb00017
[0257.571] GetCurrentObject (hdc=0xec010803, type=0x2) returned 0x900010
[0257.571] GetCurrentObject (hdc=0xec010803, type=0x7) returned 0x4a0507fe
[0257.571] GetCurrentObject (hdc=0xec010803, type=0x6) returned 0x8a01c2
[0257.571] SaveDC (hdc=0xec010803) returned 1
[0257.571] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x38040807
[0257.572] GetClipRgn (hdc=0xec010803, hrgn=0x38040807) returned 0
[0257.572] SelectClipRgn (hdc=0xec010803, hrgn=0xd10407de) returned 2
[0257.572] DeleteObject (ho=0x38040807) returned 1
[0257.572] DeleteObject (ho=0xd10407de) returned 1
[0257.572] OffsetViewportOrgEx (in: hdc=0xec010803, x=0, y=0, lppt=0x2e5541c | out: lppt=0x2e5541c) returned 1
[0257.572] IsAppThemed () returned 0x1
[0257.572] GetThemeAppProperties () returned 0x3
[0257.572] GetThemeAppProperties () returned 0x3
[0257.572] GetThemeBackgroundContentRect () returned 0x0
[0257.572] RestoreDC (hdc=0xec010803, nSavedDC=-1) returned 1
[0257.572] GdipReleaseDC (graphics=0x6600030, hdc=0xec010803) returned 0x0
[0257.572] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0257.572] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0257.572] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0257.572] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0257.572] IsAppThemed () returned 0x1
[0257.572] GetThemeAppProperties () returned 0x3
[0257.572] GetThemeAppProperties () returned 0x3
[0257.572] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0257.572] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0257.573] GetCurrentObject (hdc=0xec010803, type=0x1) returned 0xb00017
[0257.573] GetCurrentObject (hdc=0xec010803, type=0x2) returned 0x900010
[0257.573] GetCurrentObject (hdc=0xec010803, type=0x7) returned 0x4a0507fe
[0257.573] GetCurrentObject (hdc=0xec010803, type=0x6) returned 0x8a01c2
[0257.573] SaveDC (hdc=0xec010803) returned 1
[0257.573] GetTextAlign (hdc=0xec010803) returned 0x0
[0257.573] GetTextColor (hdc=0xec010803) returned 0x0
[0257.573] GetCurrentObject (hdc=0xec010803, type=0x6) returned 0x8a01c2
[0257.573] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0257.573] SelectObject (hdc=0xec010803, h=0x6d0a0520) returned 0x8a01c2
[0257.573] GetBkMode (hdc=0xec010803) returned 2
[0257.573] SetBkMode (hdc=0xec010803, mode=1) returned 2
[0257.573] DrawTextExW (in: hdc=0xec010803, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e557e0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0257.574] DrawTextExW (in: hdc=0xec010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e557e0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0257.574] RestoreDC (hdc=0xec010803, nSavedDC=-1) returned 1
[0257.574] GdipReleaseDC (graphics=0x6600030, hdc=0xec010803) returned 0x0
[0257.574] GetFocus () returned 0x2802d8
[0257.574] IsAppThemed () returned 0x1
[0257.574] GetThemeAppProperties () returned 0x3
[0257.574] GetThemeAppProperties () returned 0x3
[0257.574] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0257.574] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xec010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.575] GdipReleaseDC (graphics=0x6600030, hdc=0xec010803) returned 0x0
[0257.575] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.575] SelectObject (hdc=0xec010803, h=0x85000f) returned 0x4a0507fe
[0257.575] DeleteDC (hdc=0xec010803) returned 1
[0257.575] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.579] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0257.579] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.579] IsWindowUnicode (hWnd=0x2602da) returned 1
[0257.579] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.579] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.580] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.580] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.580] IsWindowUnicode (hWnd=0x2602da) returned 1
[0257.580] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.580] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.580] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.580] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x2a1, wParam=0x0, lParam=0x4003d) returned 0x0
[0257.580] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.580] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.580] WaitMessage () returned 1
[0257.602] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.602] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.602] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.602] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.602] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.603] WaitMessage () returned 1
[0257.605] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.605] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.605] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.605] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.605] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.606] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.606] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.606] WaitMessage () returned 1
[0257.613] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.613] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.613] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.613] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.613] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.615] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.615] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.615] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.615] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.615] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.615] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.615] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.615] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.615] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.616] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.616] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.616] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.616] WaitMessage () returned 1
[0257.616] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.616] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.617] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.617] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.617] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.618] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.618] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.618] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.618] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.618] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.618] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.618] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.618] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.618] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.618] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.619] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.619] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.619] WaitMessage () returned 1
[0257.619] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.619] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.619] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.619] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.619] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.620] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.621] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.621] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.621] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.621] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.621] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.621] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.621] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.621] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.621] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.621] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.622] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.622] WaitMessage () returned 1
[0257.623] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.623] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.623] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.623] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.623] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.624] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.625] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.625] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.625] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.625] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.625] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.625] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.625] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.626] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.626] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.626] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.627] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.627] WaitMessage () returned 1
[0257.672] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.673] IsWindowUnicode (hWnd=0x502c6) returned 1
[0257.673] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.673] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.673] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.673] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.673] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0257.673] WaitMessage () returned 1
[0257.764] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.765] IsWindowUnicode (hWnd=0x2602da) returned 1
[0257.765] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.765] GetDlgItem (hDlg=0x2900ea, nIDDlgItem=0) returned 0x0
[0257.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x210, wParam=0x201, lParam=0x62011e) returned 0x0
[0257.765] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x21, wParam=0x2900ea, lParam=0x2010001) returned 0x1
[0257.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x21, wParam=0x2900ea, lParam=0x2010001) returned 0x1
[0257.765] SetCursor (hCursor=0x10003) returned 0x10003
[0257.766] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.766] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.766] GetKeyState (nVirtKey=1) returned -127
[0257.766] GetKeyState (nVirtKey=2) returned 0
[0257.766] GetKeyState (nVirtKey=4) returned 0
[0257.766] GetKeyState (nVirtKey=5) returned 0
[0257.766] GetKeyState (nVirtKey=6) returned 0
[0257.766] IsWindowVisible (hWnd=0x2602da) returned 1
[0257.766] IsWindowEnabled (hWnd=0x2602da) returned 1
[0257.766] SetFocus (hWnd=0x2602da) returned 0x2802d8
[0257.766] GetFocus () returned 0x2602da
[0257.766] IsChild (hWndParent=0x2900ea, hWnd=0x2602da) returned 1
[0257.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x8, wParam=0x2602da, lParam=0x0) returned 0x0
[0257.767] GetCapture () returned 0x0
[0257.767] InvalidateRect (hWnd=0x2802d8, lpRect=0x0, bErase=0) returned 1
[0257.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0257.769] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0257.771] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.771] InvalidateRect (hWnd=0x2802d8, lpRect=0x0, bErase=0) returned 1
[0257.771] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x7, wParam=0x2802d8, lParam=0x0) returned 0x0
[0257.771] GetStockObject (i=5) returned 0x900015
[0257.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0257.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0257.771] GetDlgItem (hDlg=0x2900ea, nIDDlgItem=2491098) returned 0x2602da
[0257.771] SendMessageW (hWnd=0x2602da, Msg=0x202b, wParam=0x2602da, lParam=0xd7dddc) returned 0x0
[0257.772] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x202b, wParam=0x2602da, lParam=0xd7dddc) returned 0x0
[0257.772] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.773] GetFocus () returned 0x2602da
[0257.773] GetFocus () returned 0x2602da
[0257.773] GetFocus () returned 0x2602da
[0257.773] GetKeyState (nVirtKey=1) returned -127
[0257.773] GetKeyState (nVirtKey=2) returned 0
[0257.773] GetKeyState (nVirtKey=4) returned 0
[0257.773] GetKeyState (nVirtKey=5) returned 0
[0257.773] GetKeyState (nVirtKey=6) returned 0
[0257.774] GetCapture () returned 0x0
[0257.774] SetCapture (hWnd=0x2602da) returned 0x0
[0257.774] GetKeyState (nVirtKey=1) returned -127
[0257.774] GetKeyState (nVirtKey=2) returned 0
[0257.774] GetKeyState (nVirtKey=4) returned 0
[0257.774] GetKeyState (nVirtKey=5) returned 0
[0257.774] GetKeyState (nVirtKey=6) returned 0
[0257.774] NotifyWinEvent (event=0x800a, hwnd=0x2602da, idObject=-4, idChild=0)
[0257.774] InvalidateRect (hWnd=0x2602da, lpRect=0xd7e430, bErase=0) returned 1
[0257.774] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.774] IsWindowUnicode (hWnd=0x2602da) returned 1
[0257.774] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.774] TranslateMessage (lpMsg=0xd7e808) returned 0
[0257.774] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0257.774] MapWindowPoints (in: hWndFrom=0x2602da, hWndTo=0x0, lpPoints=0x2e55af0, cPoints=0x1 | out: lpPoints=0x2e55af0) returned 30999254
[0257.774] NotifyWinEvent (event=0x800a, hwnd=0x2602da, idObject=-4, idChild=0)
[0257.774] InvalidateRect (hWnd=0x2602da, lpRect=0xd7e3d0, bErase=0) returned 1
[0257.774] UpdateWindow (hWnd=0x2602da) returned 1
[0257.775] BeginPaint (in: hWnd=0x2602da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0257.775] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.775] CreateCompatibleDC (hdc=0x10105d6) returned 0xcc0107f9
[0257.775] SelectObject (hdc=0xcc0107f9, h=0x4a0507fe) returned 0x85000f
[0257.775] GdipCreateFromHDC (hdc=0xcc0107f9, graphics=0xd7df00) returned 0x0
[0257.775] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.775] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0257.775] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0257.775] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0257.775] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df60) returned 0x0
[0257.776] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0257.776] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0257.776] LocalFree (hMem=0x11ee788) returned 0x0
[0257.776] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0257.776] GdipCreateRegion (region=0xd7df48) returned 0x0
[0257.776] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0257.776] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df54) returned 0x0
[0257.776] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0257.776] GdipRestoreGraphics (graphics=0x6600030, state=0xf7d40dbd) returned 0x0
[0257.776] GdipDeleteRegion (region=0x6645518) returned 0x0
[0257.776] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0257.776] GetCurrentObject (hdc=0xcc0107f9, type=0x1) returned 0xb00017
[0257.776] GetCurrentObject (hdc=0xcc0107f9, type=0x2) returned 0x900010
[0257.776] GetCurrentObject (hdc=0xcc0107f9, type=0x7) returned 0x4a0507fe
[0257.776] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.776] SaveDC (hdc=0xcc0107f9) returned 1
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0xf0f0f0) returned 0xf0f0f0
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0xa0a0a0) returned 0xa0a0a0
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0x696969) returned 0x696969
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0xa0a0a0) returned 0xa0a0a0
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0x0) returned 0x0
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0xffffff) returned 0xffffff
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0xe5e5e5) returned 0xe5e5e5
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0xd7d7d7) returned 0xd7d7d7
[0257.777] GetNearestColor (hdc=0xcc0107f9, color=0x0) returned 0x0
[0257.777] RestoreDC (hdc=0xcc0107f9, nSavedDC=-1) returned 1
[0257.777] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107f9) returned 0x0
[0257.777] IsAppThemed () returned 0x1
[0257.777] GetThemeAppProperties () returned 0x3
[0257.777] GetThemeAppProperties () returned 0x3
[0257.777] IsAppThemed () returned 0x1
[0257.778] GetThemeAppProperties () returned 0x3
[0257.778] GetThemeAppProperties () returned 0x3
[0257.778] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e56248 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0257.778] IsAppThemed () returned 0x1
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] IsAppThemed () returned 0x1
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] IsAppThemed () returned 0x1
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] IsAppThemed () returned 0x1
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] IsThemePartDefined () returned 0x1
[0257.781] IsAppThemed () returned 0x1
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0257.781] IsAppThemed () returned 0x1
[0257.781] GetThemeAppProperties () returned 0x3
[0257.781] GetThemeAppProperties () returned 0x3
[0257.782] IsAppThemed () returned 0x1
[0257.782] GetThemeAppProperties () returned 0x3
[0257.782] GetThemeAppProperties () returned 0x3
[0257.782] IsThemePartDefined () returned 0x1
[0257.782] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0257.782] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0257.782] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0257.782] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0257.782] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc7c) returned 0x0
[0257.782] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0257.782] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0257.782] LocalFree (hMem=0x11ee788) returned 0x0
[0257.782] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0257.782] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0257.782] LocalFree (hMem=0x11ee788) returned 0x0
[0257.782] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0257.782] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0257.782] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0257.783] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0257.783] GdipDeleteRegion (region=0x6645758) returned 0x0
[0257.783] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0257.783] GetCurrentObject (hdc=0xcc0107f9, type=0x1) returned 0xb00017
[0257.783] GetCurrentObject (hdc=0xcc0107f9, type=0x2) returned 0x900010
[0257.783] GetCurrentObject (hdc=0xcc0107f9, type=0x7) returned 0x4a0507fe
[0257.783] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.783] SaveDC (hdc=0xcc0107f9) returned 1
[0257.783] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd20407de
[0257.783] GetClipRgn (hdc=0xcc0107f9, hrgn=0xd20407de) returned 0
[0257.783] SelectClipRgn (hdc=0xcc0107f9, hrgn=0x3c040807) returned 2
[0257.783] DeleteObject (ho=0xd20407de) returned 1
[0257.783] DeleteObject (ho=0x3c040807) returned 1
[0257.783] OffsetViewportOrgEx (in: hdc=0xcc0107f9, x=0, y=0, lppt=0x2e568f8 | out: lppt=0x2e568f8) returned 1
[0257.783] DrawThemeParentBackground () returned 0x0
[0257.784] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0257.784] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0257.784] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.784] GetSystemMetrics (nIndex=42) returned 0
[0257.784] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.784] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0257.784] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0257.784] GetCurrentObject (hdc=0xcc0107f9, type=0x1) returned 0xb00017
[0257.784] GetCurrentObject (hdc=0xcc0107f9, type=0x2) returned 0x900010
[0257.784] GetCurrentObject (hdc=0xcc0107f9, type=0x7) returned 0x4a0507fe
[0257.784] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.784] SaveDC (hdc=0xcc0107f9) returned 2
[0257.784] GetNearestColor (hdc=0xcc0107f9, color=0xf0f0f0) returned 0xf0f0f0
[0257.785] CreateSolidBrush (color=0xf0f0f0) returned 0xc41007e1
[0257.785] FillRect (hDC=0xcc0107f9, lprc=0xd7d6c8, hbr=0xc41007e1) returned 1
[0257.785] DeleteObject (ho=0xc41007e1) returned 1
[0257.785] RestoreDC (hdc=0xcc0107f9, nSavedDC=-1) returned 1
[0257.785] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.785] GetSystemMetrics (nIndex=42) returned 0
[0257.785] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0257.785] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0257.785] GetCurrentObject (hdc=0xcc0107f9, type=0x1) returned 0xb00017
[0257.785] GetCurrentObject (hdc=0xcc0107f9, type=0x2) returned 0x900010
[0257.785] GetCurrentObject (hdc=0xcc0107f9, type=0x7) returned 0x4a0507fe
[0257.785] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.785] SaveDC (hdc=0xcc0107f9) returned 2
[0257.785] GetNearestColor (hdc=0xcc0107f9, color=0xf0f0f0) returned 0xf0f0f0
[0257.787] CreateSolidBrush (color=0xf0f0f0) returned 0xc51007e1
[0257.787] FillRect (hDC=0xcc0107f9, lprc=0xd7d668, hbr=0xc51007e1) returned 1
[0257.787] DeleteObject (ho=0xc51007e1) returned 1
[0257.787] RestoreDC (hdc=0xcc0107f9, nSavedDC=-1) returned 1
[0257.787] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.787] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.787] GetSystemMetrics (nIndex=42) returned 0
[0257.787] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.787] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0257.787] RestoreDC (hdc=0xcc0107f9, nSavedDC=-1) returned 1
[0257.787] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107f9) returned 0x0
[0257.787] IsAppThemed () returned 0x1
[0257.787] GetThemeAppProperties () returned 0x3
[0257.787] GetThemeAppProperties () returned 0x3
[0257.788] IsAppThemed () returned 0x1
[0257.788] GetThemeAppProperties () returned 0x3
[0257.788] GetThemeAppProperties () returned 0x3
[0257.788] IsThemePartDefined () returned 0x1
[0257.788] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0257.788] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0257.788] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0257.788] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0257.788] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0257.788] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0257.788] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea60) returned 0x0
[0257.788] LocalFree (hMem=0x11eea60) returned 0x0
[0257.788] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0257.788] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0257.788] LocalFree (hMem=0x11ee788) returned 0x0
[0257.788] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0257.788] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0257.788] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0257.788] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0257.789] GdipDeleteRegion (region=0x6645908) returned 0x0
[0257.789] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0257.789] GetCurrentObject (hdc=0xcc0107f9, type=0x1) returned 0xb00017
[0257.789] GetCurrentObject (hdc=0xcc0107f9, type=0x2) returned 0x900010
[0257.789] GetCurrentObject (hdc=0xcc0107f9, type=0x7) returned 0x4a0507fe
[0257.789] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.789] SaveDC (hdc=0xcc0107f9) returned 1
[0257.789] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d040807
[0257.789] GetClipRgn (hdc=0xcc0107f9, hrgn=0x3d040807) returned 0
[0257.789] SelectClipRgn (hdc=0xcc0107f9, hrgn=0xd40407de) returned 2
[0257.789] DeleteObject (ho=0x3d040807) returned 1
[0257.789] DeleteObject (ho=0xd40407de) returned 1
[0257.789] OffsetViewportOrgEx (in: hdc=0xcc0107f9, x=0, y=0, lppt=0x2e571a4 | out: lppt=0x2e571a4) returned 1
[0257.789] IsAppThemed () returned 0x1
[0257.789] GetThemeAppProperties () returned 0x3
[0257.789] GetThemeAppProperties () returned 0x3
[0257.790] DrawThemeBackground () returned 0x0
[0257.790] RestoreDC (hdc=0xcc0107f9, nSavedDC=-1) returned 1
[0257.790] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107f9) returned 0x0
[0257.790] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0257.790] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0257.790] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0257.790] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0257.790] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc04) returned 0x0
[0257.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0257.790] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0257.790] LocalFree (hMem=0x11ee868) returned 0x0
[0257.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.790] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0257.790] LocalFree (hMem=0x11eec58) returned 0x0
[0257.790] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0257.790] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0257.790] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0257.791] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0257.791] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0257.791] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0257.791] GetCurrentObject (hdc=0xcc0107f9, type=0x1) returned 0xb00017
[0257.791] GetCurrentObject (hdc=0xcc0107f9, type=0x2) returned 0x900010
[0257.791] GetCurrentObject (hdc=0xcc0107f9, type=0x7) returned 0x4a0507fe
[0257.791] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.791] SaveDC (hdc=0xcc0107f9) returned 1
[0257.791] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd50407de
[0257.791] GetClipRgn (hdc=0xcc0107f9, hrgn=0xd50407de) returned 0
[0257.791] SelectClipRgn (hdc=0xcc0107f9, hrgn=0x3e040807) returned 2
[0257.791] DeleteObject (ho=0xd50407de) returned 1
[0257.791] DeleteObject (ho=0x3e040807) returned 1
[0257.791] OffsetViewportOrgEx (in: hdc=0xcc0107f9, x=0, y=0, lppt=0x2e57478 | out: lppt=0x2e57478) returned 1
[0257.791] IsAppThemed () returned 0x1
[0257.791] GetThemeAppProperties () returned 0x3
[0257.792] GetThemeAppProperties () returned 0x3
[0257.792] GetThemeBackgroundContentRect () returned 0x0
[0257.792] RestoreDC (hdc=0xcc0107f9, nSavedDC=-1) returned 1
[0257.792] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107f9) returned 0x0
[0257.792] IsAppThemed () returned 0x1
[0257.792] GetThemeAppProperties () returned 0x3
[0257.792] GetThemeAppProperties () returned 0x3
[0257.792] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0257.792] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0257.792] GetCurrentObject (hdc=0xcc0107f9, type=0x1) returned 0xb00017
[0257.792] GetCurrentObject (hdc=0xcc0107f9, type=0x2) returned 0x900010
[0257.792] GetCurrentObject (hdc=0xcc0107f9, type=0x7) returned 0x4a0507fe
[0257.792] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.792] SaveDC (hdc=0xcc0107f9) returned 1
[0257.792] GetTextAlign (hdc=0xcc0107f9) returned 0x0
[0257.792] GetTextColor (hdc=0xcc0107f9) returned 0x0
[0257.792] GetCurrentObject (hdc=0xcc0107f9, type=0x6) returned 0x8a01c2
[0257.793] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0257.793] SelectObject (hdc=0xcc0107f9, h=0x6d0a0520) returned 0x8a01c2
[0257.793] GetBkMode (hdc=0xcc0107f9) returned 2
[0257.793] SetBkMode (hdc=0xcc0107f9, mode=1) returned 2
[0257.793] DrawTextExW (in: hdc=0xcc0107f9, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e57818 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0257.793] DrawTextExW (in: hdc=0xcc0107f9, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e57818 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0257.793] RestoreDC (hdc=0xcc0107f9, nSavedDC=-1) returned 1
[0257.794] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107f9) returned 0x0
[0257.794] GetFocus () returned 0x2602da
[0257.795] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0257.795] SendMessageW (hWnd=0x2900ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0257.795] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0257.795] IsAppThemed () returned 0x1
[0257.795] GetThemeAppProperties () returned 0x3
[0257.795] GetThemeAppProperties () returned 0x3
[0257.795] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0257.795] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xcc0107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.795] GdipReleaseDC (graphics=0x6600030, hdc=0xcc0107f9) returned 0x0
[0257.795] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.796] SelectObject (hdc=0xcc0107f9, h=0x85000f) returned 0x4a0507fe
[0257.796] DeleteDC (hdc=0xcc0107f9) returned 1
[0257.796] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.796] EndPaint (hWnd=0x2602da, lpPaint=0xd7dee4) returned 1
[0257.796] MapWindowPoints (in: hWndFrom=0x2602da, hWndTo=0x0, lpPoints=0x2e57914, cPoints=0x1 | out: lpPoints=0x2e57914) returned 30999254
[0257.796] WindowFromPoint (Point=0x313) returned 0x2602da
[0257.796] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.796] NotifyWinEvent (event=0x800a, hwnd=0x2602da, idObject=-4, idChild=0)
[0257.796] NotifyWinEvent (event=0x800c, hwnd=0x2602da, idObject=-4, idChild=0)
[0257.796] GetCapture () returned 0x2602da
[0257.796] ReleaseCapture () returned 1
[0257.797] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0257.797] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0257.797] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.797] IsWindow (hWnd=0x7005c) returned 1
[0257.797] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0257.798] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0257.798] IsWindow (hWnd=0x2900ea) returned 1
[0257.798] SetActiveWindow (hWnd=0x2900ea) returned 0x2900ea
[0257.798] IsWindow (hWnd=0x2900ea) returned 1
[0257.799] SetFocus (hWnd=0x2900ea) returned 0x2602da
[0257.799] GetFocus () returned 0x2900ea
[0257.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x8, wParam=0x2900ea, lParam=0x0) returned 0x0
[0257.799] GetCapture () returned 0x0
[0257.800] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.801] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0257.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0257.804] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.805] GetFocus () returned 0x2900ea
[0257.805] SetFocus (hWnd=0x2602da) returned 0x2900ea
[0257.805] GetFocus () returned 0x2602da
[0257.805] IsChild (hWndParent=0x2900ea, hWnd=0x2602da) returned 1
[0257.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x8, wParam=0x2602da, lParam=0x0) returned 0x0
[0257.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0257.807] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0257.809] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.809] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x7, wParam=0x2900ea, lParam=0x0) returned 0x0
[0257.809] GetStockObject (i=5) returned 0x900015
[0257.810] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0257.810] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0257.810] GetDlgItem (hDlg=0x2900ea, nIDDlgItem=2491098) returned 0x2602da
[0257.810] SendMessageW (hWnd=0x2602da, Msg=0x202b, wParam=0x2602da, lParam=0xd7ddcc) returned 0x0
[0257.810] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x202b, wParam=0x2602da, lParam=0xd7ddcc) returned 0x0
[0257.810] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.812] GetWindowLongW (hWnd=0x2900ea, nIndex=-8) returned 458844
[0257.812] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0257.812] GetCurrentThreadId () returned 0xf50
[0257.812] IsWindow (hWnd=0x7005c) returned 1
[0257.812] IsWindow (hWnd=0x7005c) returned 1
[0257.812] IsWindowVisible (hWnd=0x7005c) returned 1
[0257.812] SetActiveWindow (hWnd=0x7005c) returned 0x2900ea
[0257.812] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0257.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0257.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0257.816] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0257.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0257.816] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0257.816] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0257.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2900ea) returned 0x1
[0257.821] GetFocus () returned 0x2602da
[0257.821] SetFocus (hWnd=0x602c4) returned 0x2602da
[0257.821] GetFocus () returned 0x602c4
[0257.821] IsChild (hWndParent=0x2900ea, hWnd=0x602c4) returned 0
[0257.821] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0257.821] GetCapture () returned 0x0
[0257.822] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0257.824] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0257.830] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.830] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0257.831] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0257.832] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0257.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2602da, lParam=0x0) returned 0x0
[0257.832] GetStockObject (i=5) returned 0x900015
[0257.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0257.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed800) returned 0xc
[0257.832] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0257.832] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0257.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0257.832] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0257.834] GetFocus () returned 0x602c4
[0257.834] IsChild (hWndParent=0x2900ea, hWnd=0x602c4) returned 0
[0257.834] ShowWindow (hWnd=0x2900ea, nCmdShow=0) returned 1
[0257.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0257.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0257.836] GetWindowPlacement (in: hWnd=0x2900ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0257.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0257.836] GetClientRect (in: hWnd=0x2900ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0257.836] GetWindowRect (in: hWnd=0x2900ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0257.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0257.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0257.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0257.838] GetWindowLongW (hWnd=0x2900ea, nIndex=-20) returned 327945
[0257.838] DestroyWindow (hWnd=0x2900ea) returned 1
[0257.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0257.838] GetWindowTextLengthW (hWnd=0x2900ea) returned 13
[0257.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.838] GetSystemMetrics (nIndex=42) returned 0
[0257.838] GetWindowTextW (in: hWnd=0x2900ea, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0257.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0257.839] GetWindowTextLengthW (hWnd=0x2002c8) returned 0
[0257.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0257.839] GetSystemMetrics (nIndex=42) returned 0
[0257.839] GetWindowTextW (in: hWnd=0x2002c8, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0257.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0257.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0257.839] GetWindowThreadProcessId (in: hWnd=0x2602de, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0257.839] GetWindow (hWnd=0x2602de, uCmd=0x5) returned 0x0
[0257.839] GetWindowLongW (hWnd=0x2602de, nIndex=-20) returned 65792
[0257.839] DestroyWindow (hWnd=0x2602de) returned 1
[0257.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0257.839] GetWindowTextLengthW (hWnd=0x2602de) returned 25
[0257.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0257.839] GetSystemMetrics (nIndex=42) returned 0
[0257.839] GetWindowTextW (in: hWnd=0x2602de, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0257.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0257.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0257.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.841] GetWindowTextLengthW (hWnd=0x1b02d0) returned 232
[0257.841] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0257.841] GetSystemMetrics (nIndex=42) returned 0
[0257.841] GetWindowTextW (in: hWnd=0x1b02d0, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0257.841] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0257.841] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0257.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0257.842] InvalidateRect (hWnd=0x2602da, lpRect=0x0, bErase=0) returned 1
[0257.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0257.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0257.842] SendMessageW (hWnd=0x2602dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0257.842] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0257.842] SendMessageW (hWnd=0x2602dc, Msg=0xb0, wParam=0x2e23718, lParam=0xd7e480) returned 0x0
[0257.842] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0xb0, wParam=0x2e23718, lParam=0xd7e480) returned 0x0
[0257.842] GetWindowTextLengthW (hWnd=0x2602dc) returned 4363
[0257.842] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0257.842] GetSystemMetrics (nIndex=42) returned 0
[0257.842] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0257.842] GetWindowTextW (in: hWnd=0x2602dc, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0257.842] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0257.843] CoTaskMemFree (pv=0x120a4b0)
[0257.843] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0257.843] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.844] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x1b02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.847] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.848] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.849] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2900ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0257.853] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.853] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.853] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.853] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.853] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.853] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.854] IsWindowUnicode (hWnd=0x7005c) returned 1
[0257.854] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.854] SetCursor (hCursor=0x10003) returned 0x10003
[0257.854] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.854] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.854] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0257.854] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0257.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0257.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080255) returned 0x0
[0257.854] GetKeyState (nVirtKey=1) returned 1
[0257.854] GetKeyState (nVirtKey=2) returned 0
[0257.854] GetKeyState (nVirtKey=4) returned 0
[0257.854] GetKeyState (nVirtKey=5) returned 0
[0257.855] GetKeyState (nVirtKey=6) returned 0
[0257.855] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.855] IsWindowUnicode (hWnd=0x7005c) returned 1
[0257.855] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.855] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.855] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.855] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.856] IsWindowUnicode (hWnd=0x7005c) returned 1
[0257.856] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0313) returned 0x1
[0257.856] SetCursor (hCursor=0x10003) returned 0x10003
[0257.871] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.871] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080255) returned 0x0
[0257.871] GetKeyState (nVirtKey=1) returned 1
[0257.871] GetKeyState (nVirtKey=2) returned 0
[0257.871] GetKeyState (nVirtKey=4) returned 0
[0257.872] GetKeyState (nVirtKey=5) returned 0
[0257.872] GetKeyState (nVirtKey=6) returned 0
[0257.872] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.874] IsWindowUnicode (hWnd=0x602c4) returned 1
[0257.874] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.874] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.874] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.874] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.875] IsWindowUnicode (hWnd=0x602c4) returned 1
[0257.875] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.875] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.875] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.875] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0257.875] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.875] CreateCompatibleDC (hdc=0x10105d6) returned 0x750107d7
[0257.875] SelectObject (hdc=0x750107d7, h=0x4a0507fe) returned 0x85000f
[0257.875] GdipCreateFromHDC (hdc=0x750107d7, graphics=0xd7e798) returned 0x0
[0257.876] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0257.876] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0257.876] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0257.876] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0257.876] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e7f8) returned 0x0
[0257.876] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0257.876] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0257.876] LocalFree (hMem=0x11ee868) returned 0x0
[0257.876] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0257.876] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0257.876] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0257.876] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0257.876] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0257.876] GdipRestoreGraphics (graphics=0x6600030, state=0xf7d20dbd) returned 0x0
[0257.876] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0257.876] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0257.877] GetCurrentObject (hdc=0x750107d7, type=0x1) returned 0xb00017
[0257.877] GetCurrentObject (hdc=0x750107d7, type=0x2) returned 0x900010
[0257.877] GetCurrentObject (hdc=0x750107d7, type=0x7) returned 0x4a0507fe
[0257.877] GetCurrentObject (hdc=0x750107d7, type=0x6) returned 0x8a01c2
[0257.877] SaveDC (hdc=0x750107d7) returned 1
[0257.877] GetNearestColor (hdc=0x750107d7, color=0xff) returned 0xff
[0257.877] GetNearestColor (hdc=0x750107d7, color=0x55) returned 0x55
[0257.877] GetNearestColor (hdc=0x750107d7, color=0x0) returned 0x0
[0257.877] GetNearestColor (hdc=0x750107d7, color=0x55) returned 0x55
[0257.877] GetNearestColor (hdc=0x750107d7, color=0x0) returned 0x0
[0257.877] GetNearestColor (hdc=0x750107d7, color=0x8080ff) returned 0x8080ff
[0257.877] GetNearestColor (hdc=0x750107d7, color=0x7373e5) returned 0x7373e5
[0257.877] GetNearestColor (hdc=0x750107d7, color=0xe5) returned 0xe5
[0257.877] GetNearestColor (hdc=0x750107d7, color=0x0) returned 0x0
[0257.878] RestoreDC (hdc=0x750107d7, nSavedDC=-1) returned 1
[0257.878] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d7) returned 0x0
[0257.878] IsAppThemed () returned 0x1
[0257.878] GetThemeAppProperties () returned 0x3
[0257.878] GetThemeAppProperties () returned 0x3
[0257.878] IsAppThemed () returned 0x1
[0257.878] GetThemeAppProperties () returned 0x3
[0257.878] GetThemeAppProperties () returned 0x3
[0257.878] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e5f680 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0257.878] IsAppThemed () returned 0x1
[0257.878] GetThemeAppProperties () returned 0x3
[0257.878] GetThemeAppProperties () returned 0x3
[0257.878] IsAppThemed () returned 0x1
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] GetFocus () returned 0x602c4
[0257.879] IsAppThemed () returned 0x1
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] IsAppThemed () returned 0x1
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] IsThemePartDefined () returned 0x1
[0257.879] IsAppThemed () returned 0x1
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] GetThemeAppProperties () returned 0x3
[0257.879] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0257.879] IsAppThemed () returned 0x1
[0257.879] GetThemeAppProperties () returned 0x3
[0257.880] GetThemeAppProperties () returned 0x3
[0257.880] IsAppThemed () returned 0x1
[0257.880] GetThemeAppProperties () returned 0x3
[0257.880] GetThemeAppProperties () returned 0x3
[0257.880] IsThemePartDefined () returned 0x1
[0257.880] GdipCreateRegion (region=0xd7e508) returned 0x0
[0257.880] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0257.880] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0257.880] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0257.880] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e520) returned 0x0
[0257.880] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.880] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0257.880] LocalFree (hMem=0x11eec58) returned 0x0
[0257.880] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0257.880] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0257.880] LocalFree (hMem=0x11ee9f0) returned 0x0
[0257.880] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0257.880] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e548) returned 0x0
[0257.880] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e538) returned 0x0
[0257.880] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0257.881] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0257.881] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0257.881] GetCurrentObject (hdc=0x750107d7, type=0x1) returned 0xb00017
[0257.881] GetCurrentObject (hdc=0x750107d7, type=0x2) returned 0x900010
[0257.881] GetCurrentObject (hdc=0x750107d7, type=0x7) returned 0x4a0507fe
[0257.881] GetCurrentObject (hdc=0x750107d7, type=0x6) returned 0x8a01c2
[0257.881] SaveDC (hdc=0x750107d7) returned 1
[0257.881] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040807
[0257.881] GetClipRgn (hdc=0x750107d7, hrgn=0x3f040807) returned 0
[0257.881] SelectClipRgn (hdc=0x750107d7, hrgn=0xd90407de) returned 2
[0257.881] DeleteObject (ho=0x3f040807) returned 1
[0257.881] DeleteObject (ho=0xd90407de) returned 1
[0257.881] OffsetViewportOrgEx (in: hdc=0x750107d7, x=0, y=0, lppt=0x2e5fd30 | out: lppt=0x2e5fd30) returned 1
[0257.881] DrawThemeParentBackground () returned 0x0
[0257.882] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0257.882] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0257.882] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.882] GetSystemMetrics (nIndex=42) returned 0
[0257.882] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0257.882] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0257.882] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0257.882] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0257.882] SelectPalette (hdc=0x750107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.882] GdipCreateFromHDC (hdc=0x750107d7, graphics=0xd7dff8) returned 0x0
[0257.882] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0257.882] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0257.883] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638a88) returned 0x0
[0257.883] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfd0) returned 0x0
[0257.883] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0257.883] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0257.883] GdipGetClip (graphics=0x663e568, region=0x6645bd8) returned 0x0
[0257.883] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x663e568, result=0xd7dfc4) returned 0x0
[0257.883] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0257.883] GdipSaveGraphics (graphics=0x663e568, state=0xd7dff0) returned 0x0
[0257.883] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0257.901] GdipFillRectangleI (graphics=0x663e568, brush=0x6635800, x=0, y=0, width=801, height=453) returned 0x0
[0257.901] GdipDeleteBrush (brush=0x6635800) returned 0x0
[0257.903] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0257.903] SelectPalette (hdc=0x750107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.903] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.904] GetSystemMetrics (nIndex=42) returned 0
[0257.904] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0257.904] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0257.904] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0257.904] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0257.905] SelectPalette (hdc=0x750107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0257.905] GdipCreateFromHDC (hdc=0x750107d7, graphics=0xd7df98) returned 0x0
[0257.905] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0257.905] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0257.905] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638bd8) returned 0x0
[0257.905] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df70) returned 0x0
[0257.905] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0257.905] GdipCreateRegion (region=0xd7df58) returned 0x0
[0257.905] GdipGetClip (graphics=0x663e568, region=0x6645248) returned 0x0
[0257.905] GdipIsInfiniteRegion (region=0x6645248, graphics=0x663e568, result=0xd7df64) returned 0x0
[0257.905] GdipDeleteRegion (region=0x6645248) returned 0x0
[0257.905] GdipSaveGraphics (graphics=0x663e568, state=0xd7df90) returned 0x0
[0257.905] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0257.912] GdipFillRectangleI (graphics=0x663e568, brush=0x6635320, x=0, y=0, width=801, height=453) returned 0x0
[0257.912] GdipDeleteBrush (brush=0x6635320) returned 0x0
[0257.914] GdipRestoreGraphics (graphics=0x663e568, state=0xf7ce0dbd) returned 0x0
[0257.914] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0257.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0257.914] GetSystemMetrics (nIndex=42) returned 0
[0257.914] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0257.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0257.914] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0257.914] SelectPalette (hdc=0x750107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.915] RestoreDC (hdc=0x750107d7, nSavedDC=-1) returned 1
[0257.915] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d7) returned 0x0
[0257.915] IsAppThemed () returned 0x1
[0257.915] GetThemeAppProperties () returned 0x3
[0257.915] GetThemeAppProperties () returned 0x3
[0257.915] IsAppThemed () returned 0x1
[0257.915] GetThemeAppProperties () returned 0x3
[0257.916] GetThemeAppProperties () returned 0x3
[0257.916] IsThemePartDefined () returned 0x1
[0257.916] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0257.916] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0257.916] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0257.916] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0257.916] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e4a4) returned 0x0
[0257.916] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0257.916] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea60) returned 0x0
[0257.916] LocalFree (hMem=0x11eea60) returned 0x0
[0257.916] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0257.916] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee910) returned 0x0
[0257.916] LocalFree (hMem=0x11ee910) returned 0x0
[0257.916] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0257.916] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0257.916] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0257.916] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0257.916] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0257.917] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0257.917] GetCurrentObject (hdc=0x750107d7, type=0x1) returned 0xb00017
[0257.917] GetCurrentObject (hdc=0x750107d7, type=0x2) returned 0x900010
[0257.917] GetCurrentObject (hdc=0x750107d7, type=0x7) returned 0x4a0507fe
[0257.917] GetCurrentObject (hdc=0x750107d7, type=0x6) returned 0x8a01c2
[0257.917] SaveDC (hdc=0x750107d7) returned 1
[0257.917] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xda0407de
[0257.917] GetClipRgn (hdc=0x750107d7, hrgn=0xda0407de) returned 0
[0257.917] SelectClipRgn (hdc=0x750107d7, hrgn=0x41040807) returned 2
[0257.917] DeleteObject (ho=0xda0407de) returned 1
[0257.917] DeleteObject (ho=0x41040807) returned 1
[0257.917] OffsetViewportOrgEx (in: hdc=0x750107d7, x=0, y=0, lppt=0x2e66580 | out: lppt=0x2e66580) returned 1
[0257.917] IsAppThemed () returned 0x1
[0257.917] GetThemeAppProperties () returned 0x3
[0257.917] GetThemeAppProperties () returned 0x3
[0257.917] DrawThemeBackground () returned 0x0
[0257.918] RestoreDC (hdc=0x750107d7, nSavedDC=-1) returned 1
[0257.918] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d7) returned 0x0
[0257.918] GdipCreateRegion (region=0xd7e490) returned 0x0
[0257.918] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0257.918] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0257.918] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0257.918] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a8) returned 0x0
[0257.918] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0257.918] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0257.918] LocalFree (hMem=0x11eec58) returned 0x0
[0257.918] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0257.918] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea98) returned 0x0
[0257.918] LocalFree (hMem=0x11eea98) returned 0x0
[0257.918] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0257.918] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0257.918] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0257.918] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0257.918] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0257.919] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0257.919] GetCurrentObject (hdc=0x750107d7, type=0x1) returned 0xb00017
[0257.924] GetCurrentObject (hdc=0x750107d7, type=0x2) returned 0x900010
[0257.924] GetCurrentObject (hdc=0x750107d7, type=0x7) returned 0x4a0507fe
[0257.924] GetCurrentObject (hdc=0x750107d7, type=0x6) returned 0x8a01c2
[0257.924] SaveDC (hdc=0x750107d7) returned 1
[0257.925] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x42040807
[0257.925] GetClipRgn (hdc=0x750107d7, hrgn=0x42040807) returned 0
[0257.925] SelectClipRgn (hdc=0x750107d7, hrgn=0xdb0407de) returned 2
[0257.925] DeleteObject (ho=0x42040807) returned 1
[0257.925] DeleteObject (ho=0xdb0407de) returned 1
[0257.925] OffsetViewportOrgEx (in: hdc=0x750107d7, x=0, y=0, lppt=0x2e66854 | out: lppt=0x2e66854) returned 1
[0257.925] IsAppThemed () returned 0x1
[0257.925] GetThemeAppProperties () returned 0x3
[0257.925] GetThemeAppProperties () returned 0x3
[0257.925] GetThemeBackgroundContentRect () returned 0x0
[0257.925] RestoreDC (hdc=0x750107d7, nSavedDC=-1) returned 1
[0257.925] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d7) returned 0x0
[0257.925] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0257.925] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0257.925] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0257.925] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0257.926] IsAppThemed () returned 0x1
[0257.926] GetThemeAppProperties () returned 0x3
[0257.926] GetThemeAppProperties () returned 0x3
[0257.926] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0257.926] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0257.926] GetCurrentObject (hdc=0x750107d7, type=0x1) returned 0xb00017
[0257.926] GetCurrentObject (hdc=0x750107d7, type=0x2) returned 0x900010
[0257.926] GetCurrentObject (hdc=0x750107d7, type=0x7) returned 0x4a0507fe
[0257.926] GetCurrentObject (hdc=0x750107d7, type=0x6) returned 0x8a01c2
[0257.926] SaveDC (hdc=0x750107d7) returned 1
[0257.926] GetTextAlign (hdc=0x750107d7) returned 0x0
[0257.926] GetTextColor (hdc=0x750107d7) returned 0x0
[0257.926] GetCurrentObject (hdc=0x750107d7, type=0x6) returned 0x8a01c2
[0257.926] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0257.926] SelectObject (hdc=0x750107d7, h=0x6d0a0520) returned 0x8a01c2
[0257.927] GetBkMode (hdc=0x750107d7) returned 2
[0257.927] SetBkMode (hdc=0x750107d7, mode=1) returned 2
[0257.927] DrawTextExW (in: hdc=0x750107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e66c18 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0257.927] DrawTextExW (in: hdc=0x750107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e66c18 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0257.927] RestoreDC (hdc=0x750107d7, nSavedDC=-1) returned 1
[0257.927] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d7) returned 0x0
[0257.928] GetFocus () returned 0x602c4
[0257.928] IsAppThemed () returned 0x1
[0257.928] GetThemeAppProperties () returned 0x3
[0257.928] GetThemeAppProperties () returned 0x3
[0257.928] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0257.928] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x750107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0257.928] GdipReleaseDC (graphics=0x6600030, hdc=0x750107d7) returned 0x0
[0257.928] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0257.928] SelectObject (hdc=0x750107d7, h=0x85000f) returned 0x4a0507fe
[0257.928] DeleteDC (hdc=0x750107d7) returned 1
[0257.928] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0257.928] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0257.929] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.929] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.929] WaitMessage () returned 1
[0257.929] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.929] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.929] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.929] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.929] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.930] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.930] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.930] WaitMessage () returned 1
[0257.945] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.946] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.946] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.946] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.946] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.947] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.947] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.947] WaitMessage () returned 1
[0257.948] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.948] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.948] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.948] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.948] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.949] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.949] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.949] WaitMessage () returned 1
[0257.954] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.954] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.954] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.954] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.954] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.956] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.956] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.956] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.956] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.956] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.956] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.956] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.957] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.957] IsWindowUnicode (hWnd=0x7005c) returned 1
[0257.957] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.957] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.957] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.958] IsWindowUnicode (hWnd=0x7005c) returned 1
[0257.958] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.958] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.958] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1080255) returned 0x0
[0257.958] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.958] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.958] WaitMessage () returned 1
[0257.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.960] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.960] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.960] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.960] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.962] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.962] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.962] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.962] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.962] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.962] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.963] WaitMessage () returned 1
[0257.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.964] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.964] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.964] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.964] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.965] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.965] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.965] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.965] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.970] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.970] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.970] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.970] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.970] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.970] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.970] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.971] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.971] WaitMessage () returned 1
[0257.971] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.971] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.971] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.971] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.971] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.973] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.973] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.973] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.974] IsWindowUnicode (hWnd=0x30122) returned 1
[0257.974] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0257.974] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0257.974] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0257.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0257.975] WaitMessage () returned 1
[0258.138] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0258.138] IsWindowUnicode (hWnd=0x502c6) returned 1
[0258.138] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0258.138] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0258.138] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0258.139] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0258.139] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0258.139] WaitMessage () returned 1
[0260.033] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010a) returned 0x1
[0260.033] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.033] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.034] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.034] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.034] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0260.034] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010a) returned 0x1
[0260.034] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.034] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010a) returned 0x1
[0260.034] SetCursor (hCursor=0x10003) returned 0x10003
[0260.034] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.034] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.034] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0260.035] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0260.035] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0260.035] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0260.035] GetKeyState (nVirtKey=1) returned 1
[0260.035] GetKeyState (nVirtKey=2) returned 0
[0260.035] GetKeyState (nVirtKey=4) returned 0
[0260.035] GetKeyState (nVirtKey=5) returned 0
[0260.035] GetKeyState (nVirtKey=6) returned 0
[0260.035] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.035] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.035] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.035] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.035] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.035] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0260.035] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.036] CreateCompatibleDC (hdc=0x10105d6) returned 0xa10105d8
[0260.036] SelectObject (hdc=0xa10105d8, h=0x4a0507fe) returned 0x85000f
[0260.036] GdipCreateFromHDC (hdc=0xa10105d8, graphics=0xd7e798) returned 0x0
[0260.036] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.036] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0260.036] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0260.036] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0260.036] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e7f8) returned 0x0
[0260.036] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0260.036] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0260.036] LocalFree (hMem=0x11eecc8) returned 0x0
[0260.036] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0260.037] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0260.037] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0260.037] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0260.037] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0260.037] GdipRestoreGraphics (graphics=0x6600030, state=0xf7cc0dbd) returned 0x0
[0260.037] GdipDeleteRegion (region=0x6645098) returned 0x0
[0260.037] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0260.037] GetCurrentObject (hdc=0xa10105d8, type=0x1) returned 0xb00017
[0260.037] GetCurrentObject (hdc=0xa10105d8, type=0x2) returned 0x900010
[0260.037] GetCurrentObject (hdc=0xa10105d8, type=0x7) returned 0x4a0507fe
[0260.037] GetCurrentObject (hdc=0xa10105d8, type=0x6) returned 0x8a01c2
[0260.037] SaveDC (hdc=0xa10105d8) returned 1
[0260.037] GetNearestColor (hdc=0xa10105d8, color=0xff) returned 0xff
[0260.037] GetNearestColor (hdc=0xa10105d8, color=0x55) returned 0x55
[0260.037] GetNearestColor (hdc=0xa10105d8, color=0x0) returned 0x0
[0260.038] GetNearestColor (hdc=0xa10105d8, color=0x55) returned 0x55
[0260.038] GetNearestColor (hdc=0xa10105d8, color=0x0) returned 0x0
[0260.038] GetNearestColor (hdc=0xa10105d8, color=0x8080ff) returned 0x8080ff
[0260.038] GetNearestColor (hdc=0xa10105d8, color=0x7373e5) returned 0x7373e5
[0260.038] GetNearestColor (hdc=0xa10105d8, color=0xe5) returned 0xe5
[0260.038] GetNearestColor (hdc=0xa10105d8, color=0x0) returned 0x0
[0260.038] RestoreDC (hdc=0xa10105d8, nSavedDC=-1) returned 1
[0260.038] GdipReleaseDC (graphics=0x6600030, hdc=0xa10105d8) returned 0x0
[0260.038] IsAppThemed () returned 0x1
[0260.038] GetThemeAppProperties () returned 0x3
[0260.038] GetThemeAppProperties () returned 0x3
[0260.038] IsAppThemed () returned 0x1
[0260.038] GetThemeAppProperties () returned 0x3
[0260.038] GetThemeAppProperties () returned 0x3
[0260.039] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e67564 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0260.039] IsAppThemed () returned 0x1
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] IsAppThemed () returned 0x1
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] IsAppThemed () returned 0x1
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] IsAppThemed () returned 0x1
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] GetThemeAppProperties () returned 0x3
[0260.039] IsThemePartDefined () returned 0x1
[0260.039] IsAppThemed () returned 0x1
[0260.040] GetThemeAppProperties () returned 0x3
[0260.040] GetThemeAppProperties () returned 0x3
[0260.040] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.040] IsAppThemed () returned 0x1
[0260.040] GetThemeAppProperties () returned 0x3
[0260.040] GetThemeAppProperties () returned 0x3
[0260.040] IsAppThemed () returned 0x1
[0260.040] GetThemeAppProperties () returned 0x3
[0260.040] GetThemeAppProperties () returned 0x3
[0260.040] IsThemePartDefined () returned 0x1
[0260.040] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0260.040] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0260.040] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0260.040] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0260.040] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e514) returned 0x0
[0260.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.040] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0260.040] LocalFree (hMem=0x11eec58) returned 0x0
[0260.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0260.041] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eead0) returned 0x0
[0260.041] LocalFree (hMem=0x11eead0) returned 0x0
[0260.041] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0260.041] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0260.041] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0260.041] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0260.041] GdipDeleteRegion (region=0x6645878) returned 0x0
[0260.041] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0260.041] GetCurrentObject (hdc=0xa10105d8, type=0x1) returned 0xb00017
[0260.041] GetCurrentObject (hdc=0xa10105d8, type=0x2) returned 0x900010
[0260.041] GetCurrentObject (hdc=0xa10105d8, type=0x7) returned 0x4a0507fe
[0260.041] GetCurrentObject (hdc=0xa10105d8, type=0x6) returned 0x8a01c2
[0260.041] SaveDC (hdc=0xa10105d8) returned 1
[0260.041] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdc0407de
[0260.041] GetClipRgn (hdc=0xa10105d8, hrgn=0xdc0407de) returned 0
[0260.041] SelectClipRgn (hdc=0xa10105d8, hrgn=0x46040807) returned 2
[0260.042] DeleteObject (ho=0xdc0407de) returned 1
[0260.042] DeleteObject (ho=0x46040807) returned 1
[0260.042] OffsetViewportOrgEx (in: hdc=0xa10105d8, x=0, y=0, lppt=0x2e67c14 | out: lppt=0x2e67c14) returned 1
[0260.042] DrawThemeParentBackground () returned 0x0
[0260.042] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0260.042] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0260.042] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.042] GetSystemMetrics (nIndex=42) returned 0
[0260.042] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0260.042] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0260.042] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0260.042] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0260.043] SelectPalette (hdc=0xa10105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.043] GdipCreateFromHDC (hdc=0xa10105d8, graphics=0xd7dff0) returned 0x0
[0260.043] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0260.043] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0260.043] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638d58) returned 0x0
[0260.043] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfc8) returned 0x0
[0260.043] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0260.043] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0260.043] GdipGetClip (graphics=0x663e568, region=0x6645488) returned 0x0
[0260.043] GdipIsInfiniteRegion (region=0x6645488, graphics=0x663e568, result=0xd7dfbc) returned 0x0
[0260.043] GdipDeleteRegion (region=0x6645488) returned 0x0
[0260.043] GdipSaveGraphics (graphics=0x663e568, state=0xd7dfe8) returned 0x0
[0260.043] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0260.051] GdipFillRectangleI (graphics=0x663e568, brush=0x6635800, x=0, y=0, width=801, height=453) returned 0x0
[0260.051] GdipDeleteBrush (brush=0x6635800) returned 0x0
[0260.053] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0260.053] SelectPalette (hdc=0xa10105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.053] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.053] GetSystemMetrics (nIndex=42) returned 0
[0260.053] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0260.053] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0260.053] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0260.053] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0260.053] SelectPalette (hdc=0xa10105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.054] GdipCreateFromHDC (hdc=0xa10105d8, graphics=0xd7df90) returned 0x0
[0260.054] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0260.054] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0260.054] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c68) returned 0x0
[0260.054] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0260.054] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0260.054] GdipCreateRegion (region=0xd7df50) returned 0x0
[0260.054] GdipGetClip (graphics=0x663e568, region=0x6645518) returned 0x0
[0260.054] GdipIsInfiniteRegion (region=0x6645518, graphics=0x663e568, result=0xd7df5c) returned 0x0
[0260.054] GdipDeleteRegion (region=0x6645518) returned 0x0
[0260.054] GdipSaveGraphics (graphics=0x663e568, state=0xd7df88) returned 0x0
[0260.054] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0260.063] GdipFillRectangleI (graphics=0x663e568, brush=0x6635a70, x=0, y=0, width=801, height=453) returned 0x0
[0260.063] GdipDeleteBrush (brush=0x6635a70) returned 0x0
[0260.065] GdipRestoreGraphics (graphics=0x663e568, state=0xf7c80dbd) returned 0x0
[0260.065] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.065] GetSystemMetrics (nIndex=42) returned 0
[0260.065] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0260.066] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0260.066] SelectPalette (hdc=0xa10105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.066] RestoreDC (hdc=0xa10105d8, nSavedDC=-1) returned 1
[0260.066] GdipReleaseDC (graphics=0x6600030, hdc=0xa10105d8) returned 0x0
[0260.066] IsAppThemed () returned 0x1
[0260.066] GetThemeAppProperties () returned 0x3
[0260.066] GetThemeAppProperties () returned 0x3
[0260.066] IsAppThemed () returned 0x1
[0260.066] GetThemeAppProperties () returned 0x3
[0260.066] GetThemeAppProperties () returned 0x3
[0260.066] IsThemePartDefined () returned 0x1
[0260.066] GdipCreateRegion (region=0xd7e480) returned 0x0
[0260.066] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0260.067] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0260.067] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0260.067] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e498) returned 0x0
[0260.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.067] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0260.067] LocalFree (hMem=0x11eec58) returned 0x0
[0260.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.067] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0260.067] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.067] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0260.067] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0260.067] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0260.067] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0260.067] GdipDeleteRegion (region=0x6646178) returned 0x0
[0260.067] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0260.067] GetCurrentObject (hdc=0xa10105d8, type=0x1) returned 0xb00017
[0260.067] GetCurrentObject (hdc=0xa10105d8, type=0x2) returned 0x900010
[0260.068] GetCurrentObject (hdc=0xa10105d8, type=0x7) returned 0x4a0507fe
[0260.068] GetCurrentObject (hdc=0xa10105d8, type=0x6) returned 0x8a01c2
[0260.068] SaveDC (hdc=0xa10105d8) returned 1
[0260.068] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x47040807
[0260.068] GetClipRgn (hdc=0xa10105d8, hrgn=0x47040807) returned 0
[0260.068] SelectClipRgn (hdc=0xa10105d8, hrgn=0xde0407de) returned 2
[0260.068] DeleteObject (ho=0x47040807) returned 1
[0260.068] DeleteObject (ho=0xde0407de) returned 1
[0260.068] OffsetViewportOrgEx (in: hdc=0xa10105d8, x=0, y=0, lppt=0x2e6e464 | out: lppt=0x2e6e464) returned 1
[0260.068] IsAppThemed () returned 0x1
[0260.068] GetThemeAppProperties () returned 0x3
[0260.068] GetThemeAppProperties () returned 0x3
[0260.068] DrawThemeBackground () returned 0x0
[0260.068] RestoreDC (hdc=0xa10105d8, nSavedDC=-1) returned 1
[0260.069] GdipReleaseDC (graphics=0x6600030, hdc=0xa10105d8) returned 0x0
[0260.069] GdipCreateRegion (region=0xd7e484) returned 0x0
[0260.069] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0260.069] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0260.069] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0260.069] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e49c) returned 0x0
[0260.069] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.069] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0260.069] LocalFree (hMem=0x11ee788) returned 0x0
[0260.069] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0260.069] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0260.069] LocalFree (hMem=0x11eea98) returned 0x0
[0260.069] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0260.069] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0260.069] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0260.069] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0260.069] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0260.069] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0260.070] GetCurrentObject (hdc=0xa10105d8, type=0x1) returned 0xb00017
[0260.070] GetCurrentObject (hdc=0xa10105d8, type=0x2) returned 0x900010
[0260.070] GetCurrentObject (hdc=0xa10105d8, type=0x7) returned 0x4a0507fe
[0260.070] GetCurrentObject (hdc=0xa10105d8, type=0x6) returned 0x8a01c2
[0260.070] SaveDC (hdc=0xa10105d8) returned 1
[0260.070] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdf0407de
[0260.070] GetClipRgn (hdc=0xa10105d8, hrgn=0xdf0407de) returned 0
[0260.070] SelectClipRgn (hdc=0xa10105d8, hrgn=0x48040807) returned 2
[0260.070] DeleteObject (ho=0xdf0407de) returned 1
[0260.070] DeleteObject (ho=0x48040807) returned 1
[0260.070] OffsetViewportOrgEx (in: hdc=0xa10105d8, x=0, y=0, lppt=0x2e6e738 | out: lppt=0x2e6e738) returned 1
[0260.070] IsAppThemed () returned 0x1
[0260.070] GetThemeAppProperties () returned 0x3
[0260.070] GetThemeAppProperties () returned 0x3
[0260.070] GetThemeBackgroundContentRect () returned 0x0
[0260.070] RestoreDC (hdc=0xa10105d8, nSavedDC=-1) returned 1
[0260.071] GdipReleaseDC (graphics=0x6600030, hdc=0xa10105d8) returned 0x0
[0260.071] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0260.071] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0260.071] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0260.071] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0260.071] IsAppThemed () returned 0x1
[0260.071] GetThemeAppProperties () returned 0x3
[0260.071] GetThemeAppProperties () returned 0x3
[0260.071] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0260.071] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0260.071] GetCurrentObject (hdc=0xa10105d8, type=0x1) returned 0xb00017
[0260.071] GetCurrentObject (hdc=0xa10105d8, type=0x2) returned 0x900010
[0260.071] GetCurrentObject (hdc=0xa10105d8, type=0x7) returned 0x4a0507fe
[0260.071] GetCurrentObject (hdc=0xa10105d8, type=0x6) returned 0x8a01c2
[0260.071] SaveDC (hdc=0xa10105d8) returned 1
[0260.072] GetTextAlign (hdc=0xa10105d8) returned 0x0
[0260.072] GetTextColor (hdc=0xa10105d8) returned 0x0
[0260.072] GetCurrentObject (hdc=0xa10105d8, type=0x6) returned 0x8a01c2
[0260.072] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0260.072] SelectObject (hdc=0xa10105d8, h=0x6d0a0520) returned 0x8a01c2
[0260.072] GetBkMode (hdc=0xa10105d8) returned 2
[0260.072] SetBkMode (hdc=0xa10105d8, mode=1) returned 2
[0260.072] DrawTextExW (in: hdc=0xa10105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e6eafc | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0260.072] DrawTextExW (in: hdc=0xa10105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e6eafc | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0260.073] RestoreDC (hdc=0xa10105d8, nSavedDC=-1) returned 1
[0260.073] GdipReleaseDC (graphics=0x6600030, hdc=0xa10105d8) returned 0x0
[0260.073] GetFocus () returned 0x602c4
[0260.073] IsAppThemed () returned 0x1
[0260.073] GetThemeAppProperties () returned 0x3
[0260.073] GetThemeAppProperties () returned 0x3
[0260.073] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0260.073] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xa10105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.074] GdipReleaseDC (graphics=0x6600030, hdc=0xa10105d8) returned 0x0
[0260.074] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.074] SelectObject (hdc=0xa10105d8, h=0x85000f) returned 0x4a0507fe
[0260.074] DeleteDC (hdc=0xa10105d8) returned 1
[0260.074] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.074] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0260.074] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.074] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.074] WaitMessage () returned 1
[0260.154] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.154] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.154] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.154] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.154] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.155] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.155] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.155] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.155] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.155] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.155] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x4002f) returned 0x0
[0260.155] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.155] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.155] WaitMessage () returned 1
[0260.302] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010a) returned 0x1
[0260.302] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.302] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010a) returned 0x1
[0260.302] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0260.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x196004c) returned 0x0
[0260.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0260.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0260.303] SetCursor (hCursor=0x10003) returned 0x10003
[0260.303] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.303] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.303] GetKeyState (nVirtKey=1) returned -128
[0260.303] GetKeyState (nVirtKey=2) returned 0
[0260.303] GetKeyState (nVirtKey=4) returned 0
[0260.303] GetKeyState (nVirtKey=5) returned 0
[0260.303] GetKeyState (nVirtKey=6) returned 0
[0260.303] IsWindowVisible (hWnd=0x602c4) returned 1
[0260.303] IsWindowEnabled (hWnd=0x602c4) returned 1
[0260.303] SetFocus (hWnd=0x602c4) returned 0x602c4
[0260.303] GetFocus () returned 0x602c4
[0260.303] GetFocus () returned 0x602c4
[0260.304] GetFocus () returned 0x602c4
[0260.304] GetKeyState (nVirtKey=1) returned -128
[0260.304] GetKeyState (nVirtKey=2) returned 0
[0260.304] GetKeyState (nVirtKey=4) returned 0
[0260.304] GetKeyState (nVirtKey=5) returned 0
[0260.304] GetKeyState (nVirtKey=6) returned 0
[0260.304] GetCapture () returned 0x0
[0260.304] SetCapture (hWnd=0x602c4) returned 0x0
[0260.304] GetKeyState (nVirtKey=1) returned -128
[0260.304] GetKeyState (nVirtKey=2) returned 0
[0260.304] GetKeyState (nVirtKey=4) returned 0
[0260.304] GetKeyState (nVirtKey=5) returned 0
[0260.304] GetKeyState (nVirtKey=6) returned 0
[0260.304] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0260.304] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0260.304] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.304] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.304] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.304] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.304] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.304] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e6ec80, cPoints=0x1 | out: lpPoints=0x2e6ec80) returned 40304859
[0260.304] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0260.305] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0260.305] UpdateWindow (hWnd=0x602c4) returned 1
[0260.305] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0260.305] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.305] CreateCompatibleDC (hdc=0x10105d6) returned 0xa20105d8
[0260.305] SelectObject (hdc=0xa20105d8, h=0x4a0507fe) returned 0x85000f
[0260.305] GdipCreateFromHDC (hdc=0xa20105d8, graphics=0xd7e430) returned 0x0
[0260.305] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.305] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0260.305] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0260.306] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0260.306] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e490) returned 0x0
[0260.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0260.306] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eead0) returned 0x0
[0260.306] LocalFree (hMem=0x11eead0) returned 0x0
[0260.306] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0260.306] GdipCreateRegion (region=0xd7e478) returned 0x0
[0260.306] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0260.306] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e484) returned 0x0
[0260.306] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0260.306] GdipRestoreGraphics (graphics=0x6600030, state=0xf7c60dbd) returned 0x0
[0260.306] GdipDeleteRegion (region=0x6646178) returned 0x0
[0260.306] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0260.306] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0260.306] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0260.306] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0260.306] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0260.307] SaveDC (hdc=0xa20105d8) returned 1
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0xff) returned 0xff
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0x55) returned 0x55
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0x0) returned 0x0
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0x55) returned 0x55
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0x0) returned 0x0
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0x8080ff) returned 0x8080ff
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0x7373e5) returned 0x7373e5
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0xe5) returned 0xe5
[0260.307] GetNearestColor (hdc=0xa20105d8, color=0x0) returned 0x0
[0260.307] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0260.307] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0260.307] IsAppThemed () returned 0x1
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] IsAppThemed () returned 0x1
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e6f39c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0260.308] IsAppThemed () returned 0x1
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] IsAppThemed () returned 0x1
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] GetThemeAppProperties () returned 0x3
[0260.308] IsAppThemed () returned 0x1
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] IsAppThemed () returned 0x1
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] IsThemePartDefined () returned 0x1
[0260.309] IsAppThemed () returned 0x1
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.309] IsAppThemed () returned 0x1
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] IsAppThemed () returned 0x1
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] GetThemeAppProperties () returned 0x3
[0260.309] IsThemePartDefined () returned 0x1
[0260.309] GdipCreateRegion (region=0xd7e194) returned 0x0
[0260.309] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0260.309] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0260.309] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0260.310] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e1ac) returned 0x0
[0260.310] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0260.310] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0260.310] LocalFree (hMem=0x11eed00) returned 0x0
[0260.310] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0260.310] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0260.310] LocalFree (hMem=0x11ee868) returned 0x0
[0260.310] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0260.310] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0260.310] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0260.310] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0260.310] GdipDeleteRegion (region=0x6645518) returned 0x0
[0260.310] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0260.310] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0260.310] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0260.310] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0260.311] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0260.311] SaveDC (hdc=0xa20105d8) returned 1
[0260.311] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x49040807
[0260.311] GetClipRgn (hdc=0xa20105d8, hrgn=0x49040807) returned 0
[0260.311] SelectClipRgn (hdc=0xa20105d8, hrgn=0xe30407de) returned 2
[0260.311] DeleteObject (ho=0x49040807) returned 1
[0260.311] DeleteObject (ho=0xe30407de) returned 1
[0260.311] OffsetViewportOrgEx (in: hdc=0xa20105d8, x=0, y=0, lppt=0x2e6fa4c | out: lppt=0x2e6fa4c) returned 1
[0260.311] DrawThemeParentBackground () returned 0x0
[0260.311] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0260.311] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0260.311] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.311] GetSystemMetrics (nIndex=42) returned 0
[0260.311] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0260.312] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0260.312] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0260.312] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0260.312] SelectPalette (hdc=0xa20105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.312] GdipCreateFromHDC (hdc=0xa20105d8, graphics=0xd7dc88) returned 0x0
[0260.312] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0260.312] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0260.312] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638c08) returned 0x0
[0260.312] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc60) returned 0x0
[0260.312] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0260.312] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0260.312] GdipGetClip (graphics=0x663e568, region=0x6645098) returned 0x0
[0260.312] GdipIsInfiniteRegion (region=0x6645098, graphics=0x663e568, result=0xd7dc54) returned 0x0
[0260.312] GdipDeleteRegion (region=0x6645098) returned 0x0
[0260.312] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc80) returned 0x0
[0260.312] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0260.319] GdipFillRectangleI (graphics=0x663e568, brush=0x66350b0, x=0, y=0, width=801, height=453) returned 0x0
[0260.319] GdipDeleteBrush (brush=0x66350b0) returned 0x0
[0260.321] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0260.321] SelectPalette (hdc=0xa20105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.321] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.321] GetSystemMetrics (nIndex=42) returned 0
[0260.321] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0260.321] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0260.321] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0260.321] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0260.321] SelectPalette (hdc=0xa20105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.321] GdipCreateFromHDC (hdc=0xa20105d8, graphics=0xd7dc28) returned 0x0
[0260.321] GdipSetPageUnit (graphics=0x663e568, unit=0x2) returned 0x0
[0260.321] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0260.322] GdipGetWorldTransform (graphics=0x663e568, matrix=0x6638cf8) returned 0x0
[0260.322] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0260.322] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0260.322] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0260.322] GdipGetClip (graphics=0x663e568, region=0x6645098) returned 0x0
[0260.322] GdipIsInfiniteRegion (region=0x6645098, graphics=0x663e568, result=0xd7dbf4) returned 0x0
[0260.322] GdipDeleteRegion (region=0x6645098) returned 0x0
[0260.322] GdipSaveGraphics (graphics=0x663e568, state=0xd7dc20) returned 0x0
[0260.322] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0260.328] GdipFillRectangleI (graphics=0x663e568, brush=0x6635320, x=0, y=0, width=801, height=453) returned 0x0
[0260.328] GdipDeleteBrush (brush=0x6635320) returned 0x0
[0260.329] GdipRestoreGraphics (graphics=0x663e568, state=0xf7c20dbd) returned 0x0
[0260.329] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.329] GetSystemMetrics (nIndex=42) returned 0
[0260.329] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0260.329] GdipDeleteGraphics (graphics=0x663e568) returned 0x0
[0260.329] SelectPalette (hdc=0xa20105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.330] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0260.330] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0260.330] IsAppThemed () returned 0x1
[0260.330] GetThemeAppProperties () returned 0x3
[0260.330] GetThemeAppProperties () returned 0x3
[0260.330] IsAppThemed () returned 0x1
[0260.330] GetThemeAppProperties () returned 0x3
[0260.330] GetThemeAppProperties () returned 0x3
[0260.330] IsThemePartDefined () returned 0x1
[0260.330] GdipCreateRegion (region=0xd7e118) returned 0x0
[0260.330] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0260.330] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0260.330] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0260.330] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e130) returned 0x0
[0260.330] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0260.330] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0260.330] LocalFree (hMem=0x11eea60) returned 0x0
[0260.330] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0260.330] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea60) returned 0x0
[0260.331] LocalFree (hMem=0x11eea60) returned 0x0
[0260.331] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0260.331] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e158) returned 0x0
[0260.331] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e148) returned 0x0
[0260.331] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0260.331] GdipDeleteRegion (region=0x6645878) returned 0x0
[0260.331] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0260.331] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0260.331] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0260.331] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0260.331] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0260.331] SaveDC (hdc=0xa20105d8) returned 1
[0260.331] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe40407de
[0260.331] GetClipRgn (hdc=0xa20105d8, hrgn=0xe40407de) returned 0
[0260.331] SelectClipRgn (hdc=0xa20105d8, hrgn=0x4b040807) returned 2
[0260.331] DeleteObject (ho=0xe40407de) returned 1
[0260.331] DeleteObject (ho=0x4b040807) returned 1
[0260.331] OffsetViewportOrgEx (in: hdc=0xa20105d8, x=0, y=0, lppt=0x2e7629c | out: lppt=0x2e7629c) returned 1
[0260.331] IsAppThemed () returned 0x1
[0260.332] GetThemeAppProperties () returned 0x3
[0260.332] GetThemeAppProperties () returned 0x3
[0260.332] DrawThemeBackground () returned 0x0
[0260.332] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0260.332] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0260.332] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0260.332] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0260.332] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0260.332] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0260.332] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e134) returned 0x0
[0260.332] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0260.332] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0260.332] LocalFree (hMem=0x11ee868) returned 0x0
[0260.332] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.332] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0260.332] LocalFree (hMem=0x11eec58) returned 0x0
[0260.332] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0260.332] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0260.332] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0260.332] GdipGetRegionHRgn (region=0x6645368, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0260.332] GdipDeleteRegion (region=0x6645368) returned 0x0
[0260.332] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0260.332] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0260.332] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0260.333] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0260.333] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0260.333] SaveDC (hdc=0xa20105d8) returned 1
[0260.333] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4c040807
[0260.333] GetClipRgn (hdc=0xa20105d8, hrgn=0x4c040807) returned 0
[0260.333] SelectClipRgn (hdc=0xa20105d8, hrgn=0xe50407de) returned 2
[0260.333] DeleteObject (ho=0x4c040807) returned 1
[0260.333] DeleteObject (ho=0xe50407de) returned 1
[0260.333] OffsetViewportOrgEx (in: hdc=0xa20105d8, x=0, y=0, lppt=0x2e76570 | out: lppt=0x2e76570) returned 1
[0260.333] IsAppThemed () returned 0x1
[0260.333] GetThemeAppProperties () returned 0x3
[0260.333] GetThemeAppProperties () returned 0x3
[0260.333] GetThemeBackgroundContentRect () returned 0x0
[0260.333] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0260.333] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0260.333] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0260.333] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0260.333] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0260.333] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0260.333] IsAppThemed () returned 0x1
[0260.334] GetThemeAppProperties () returned 0x3
[0260.334] GetThemeAppProperties () returned 0x3
[0260.334] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0260.334] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0260.334] GetCurrentObject (hdc=0xa20105d8, type=0x1) returned 0xb00017
[0260.334] GetCurrentObject (hdc=0xa20105d8, type=0x2) returned 0x900010
[0260.334] GetCurrentObject (hdc=0xa20105d8, type=0x7) returned 0x4a0507fe
[0260.334] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0260.334] SaveDC (hdc=0xa20105d8) returned 1
[0260.334] GetTextAlign (hdc=0xa20105d8) returned 0x0
[0260.334] GetTextColor (hdc=0xa20105d8) returned 0x0
[0260.334] GetCurrentObject (hdc=0xa20105d8, type=0x6) returned 0x8a01c2
[0260.334] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0260.334] SelectObject (hdc=0xa20105d8, h=0x6d0a0520) returned 0x8a01c2
[0260.334] GetBkMode (hdc=0xa20105d8) returned 2
[0260.334] SetBkMode (hdc=0xa20105d8, mode=1) returned 2
[0260.334] DrawTextExW (in: hdc=0xa20105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e76934 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0260.335] DrawTextExW (in: hdc=0xa20105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e76934 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0260.335] RestoreDC (hdc=0xa20105d8, nSavedDC=-1) returned 1
[0260.335] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0260.335] GetFocus () returned 0x602c4
[0260.335] IsAppThemed () returned 0x1
[0260.335] GetThemeAppProperties () returned 0x3
[0260.335] GetThemeAppProperties () returned 0x3
[0260.335] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0260.335] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xa20105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.336] GdipReleaseDC (graphics=0x6600030, hdc=0xa20105d8) returned 0x0
[0260.336] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.336] SelectObject (hdc=0xa20105d8, h=0x85000f) returned 0x4a0507fe
[0260.336] DeleteDC (hdc=0xa20105d8) returned 1
[0260.336] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.336] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0260.336] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e76a30, cPoints=0x1 | out: lpPoints=0x2e76a30) returned 40304859
[0260.336] WindowFromPoint (Point=0x10a) returned 0x602c4
[0260.336] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b010a) returned 0x1
[0260.336] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0260.336] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0260.336] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0260.336] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0260.336] GetSystemMetrics (nIndex=42) returned 0
[0260.337] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0260.337] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0260.338] GetCapture () returned 0x602c4
[0260.338] ReleaseCapture () returned 1
[0260.339] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0260.339] GetProcessWindowStation () returned 0x13c
[0260.339] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.339] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0260.340] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.340] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0260.340] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.340] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0260.340] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.340] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0260.341] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.341] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0260.341] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.341] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0260.342] GetDC (hWnd=0x0) returned 0x107b9
[0260.342] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0260.342] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0260.342] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.342] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0260.342] GetSystemMetrics (nIndex=5) returned 1
[0260.342] GetSystemMetrics (nIndex=6) returned 1
[0260.342] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.342] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0260.343] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.343] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0260.345] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0260.345] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0260.346] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.346] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0260.346] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.346] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0260.347] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e7c44c | out: lpData=0x2e7c44c) returned 1
[0260.347] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7c85c, puLen=0xd7e810) returned 1
[0260.347] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c504, puLen=0xd7e790) returned 1
[0260.347] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c558, puLen=0xd7e790) returned 1
[0260.347] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c5d8, puLen=0xd7e790) returned 1
[0260.347] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c640, puLen=0xd7e790) returned 1
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c680, puLen=0xd7e790) returned 1
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c708, puLen=0xd7e790) returned 1
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c744, puLen=0xd7e790) returned 1
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c79c, puLen=0xd7e790) returned 1
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c7cc, puLen=0xd7e790) returned 1
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7c808, puLen=0xd7e790) returned 1
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7c85c, puLen=0xd7e784) returned 1
[0260.348] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.348] VerQueryValueW (in: pBlock=0x2e7c44c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7c474, puLen=0xd7e794) returned 1
[0260.349] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0260.349] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0260.349] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.349] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0260.349] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.349] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0260.349] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e7e3bc | out: lpData=0x2e7e3bc) returned 1
[0260.349] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7e458, puLen=0xd7e810) returned 1
[0260.349] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e4d0, puLen=0xd7e790) returned 1
[0260.349] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e500, puLen=0xd7e790) returned 1
[0260.349] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e53c, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e56c, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e5b4, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e62c, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e670, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e6b0, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e4ae, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7e5fc, puLen=0xd7e790) returned 1
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7e458, puLen=0xd7e784) returned 1
[0260.350] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0260.350] VerQueryValueW (in: pBlock=0x2e7e3bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7e3e4, puLen=0xd7e794) returned 1
[0260.351] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0260.351] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0260.351] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.351] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0260.351] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.351] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0260.352] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e80694 | out: lpData=0x2e80694) returned 1
[0260.352] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e80aa8, puLen=0xd7e810) returned 1
[0260.352] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8074c, puLen=0xd7e790) returned 1
[0260.352] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e807a0, puLen=0xd7e790) returned 1
[0260.352] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e807fc, puLen=0xd7e790) returned 1
[0260.352] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8085c, puLen=0xd7e790) returned 1
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e808b4, puLen=0xd7e790) returned 1
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8093c, puLen=0xd7e790) returned 1
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e80990, puLen=0xd7e790) returned 1
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e809e8, puLen=0xd7e790) returned 1
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e80a18, puLen=0xd7e790) returned 1
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e80a54, puLen=0xd7e790) returned 1
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e80aa8, puLen=0xd7e784) returned 1
[0260.353] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.353] VerQueryValueW (in: pBlock=0x2e80694, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e806bc, puLen=0xd7e794) returned 1
[0260.354] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0260.354] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0260.354] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.354] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0260.354] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.354] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0260.355] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e82ccc | out: lpData=0x2e82ccc) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e830cc, puLen=0xd7e810) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82d84, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82dd8, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82e18, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82e80, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82ed8, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82f60, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e82fb4, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8300c, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8303c, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e83078, puLen=0xd7e790) returned 1
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e830cc, puLen=0xd7e784) returned 1
[0260.356] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.356] VerQueryValueW (in: pBlock=0x2e82ccc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e82cf4, puLen=0xd7e794) returned 1
[0260.357] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0260.357] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0260.357] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.357] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0260.357] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.357] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0260.358] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e85408 | out: lpData=0x2e85408) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e857d0, puLen=0xd7e810) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e854c0, puLen=0xd7e790) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e85514, puLen=0xd7e790) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e85554, puLen=0xd7e790) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e855bc, puLen=0xd7e790) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e855f8, puLen=0xd7e790) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e85680, puLen=0xd7e790) returned 1
[0260.359] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e856b8, puLen=0xd7e790) returned 1
[0260.360] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e85710, puLen=0xd7e790) returned 1
[0260.360] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e85740, puLen=0xd7e790) returned 1
[0260.360] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.360] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8577c, puLen=0xd7e790) returned 1
[0260.360] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.360] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e857d0, puLen=0xd7e784) returned 1
[0260.360] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.360] VerQueryValueW (in: pBlock=0x2e85408, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e85430, puLen=0xd7e794) returned 1
[0260.361] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0260.361] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0260.361] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.361] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0260.361] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.361] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0260.362] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e88a70 | out: lpData=0x2e88a70) returned 1
[0260.362] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e88e50, puLen=0xd7e810) returned 1
[0260.362] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88b28, puLen=0xd7e790) returned 1
[0260.362] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88b7c, puLen=0xd7e790) returned 1
[0260.362] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88bbc, puLen=0xd7e790) returned 1
[0260.362] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88c1c, puLen=0xd7e790) returned 1
[0260.362] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88c68, puLen=0xd7e790) returned 1
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88cf0, puLen=0xd7e790) returned 1
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88d38, puLen=0xd7e790) returned 1
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88d90, puLen=0xd7e790) returned 1
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88dc0, puLen=0xd7e790) returned 1
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e88dfc, puLen=0xd7e790) returned 1
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e88e50, puLen=0xd7e784) returned 1
[0260.363] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.363] VerQueryValueW (in: pBlock=0x2e88a70, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e88a98, puLen=0xd7e794) returned 1
[0260.364] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0260.364] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0260.364] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.364] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0260.364] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.364] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0260.365] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e8b290 | out: lpData=0x2e8b290) returned 1
[0260.365] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e8b69c, puLen=0xd7e810) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b348, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b39c, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b3f0, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b450, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b4a8, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b530, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b584, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b5dc, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b60c, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8b648, puLen=0xd7e790) returned 1
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e8b69c, puLen=0xd7e784) returned 1
[0260.366] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.366] VerQueryValueW (in: pBlock=0x2e8b290, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e8b2b8, puLen=0xd7e794) returned 1
[0260.367] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0260.367] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0260.367] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.367] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0260.367] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.367] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0260.368] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e8daa4 | out: lpData=0x2e8daa4) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e8de7c, puLen=0xd7e810) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8db5c, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8dbb0, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8dbf0, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8dc58, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8dc9c, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8dd24, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8dd64, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8ddbc, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8ddec, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e8de28, puLen=0xd7e790) returned 1
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e8de7c, puLen=0xd7e784) returned 1
[0260.369] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.369] VerQueryValueW (in: pBlock=0x2e8daa4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e8dacc, puLen=0xd7e794) returned 1
[0260.370] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0260.370] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0260.370] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.371] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0260.371] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.371] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0260.372] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e8fffc | out: lpData=0x2e8fffc) returned 1
[0260.375] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e903d4, puLen=0xd7e810) returned 1
[0260.375] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e900b4, puLen=0xd7e790) returned 1
[0260.375] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e90108, puLen=0xd7e790) returned 1
[0260.375] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e90148, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e901b0, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e901f4, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e9027c, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e902bc, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e90314, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e90344, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e90380, puLen=0xd7e790) returned 1
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e903d4, puLen=0xd7e784) returned 1
[0260.376] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.376] VerQueryValueW (in: pBlock=0x2e8fffc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e90024, puLen=0xd7e794) returned 1
[0260.377] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0260.377] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0260.377] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0260.377] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0260.377] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0260.377] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0260.378] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e92734 | out: lpData=0x2e92734) returned 1
[0260.378] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e92b64, puLen=0xd7e810) returned 1
[0260.378] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e927ec, puLen=0xd7e790) returned 1
[0260.378] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e92840, puLen=0xd7e790) returned 1
[0260.378] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e928b0, puLen=0xd7e790) returned 1
[0260.378] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e92910, puLen=0xd7e790) returned 1
[0260.378] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e9296c, puLen=0xd7e790) returned 1
[0260.378] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e929f4, puLen=0xd7e790) returned 1
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e92a4c, puLen=0xd7e790) returned 1
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e92aa4, puLen=0xd7e790) returned 1
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e92ad4, puLen=0xd7e790) returned 1
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e92b10, puLen=0xd7e790) returned 1
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e92b64, puLen=0xd7e784) returned 1
[0260.379] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0260.379] VerQueryValueW (in: pBlock=0x2e92734, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e9275c, puLen=0xd7e794) returned 1
[0260.379] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0260.380] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.380] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0260.380] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.380] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.380] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a00ea
[0260.381] SetWindowLongW (hWnd=0x2a00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0260.381] GetWindowLongW (hWnd=0x2a00ea, nIndex=-4) returned 1950089536
[0260.381] SetWindowLongW (hWnd=0x2a00ea, nIndex=-4, dwNewLong=19951270) returned 1950089536
[0260.382] GetWindowLongW (hWnd=0x2a00ea, nIndex=-4) returned 19951270
[0260.382] GetWindowLongW (hWnd=0x2a00ea, nIndex=-16) returned 113311744
[0260.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0260.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0260.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0260.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0260.383] GetClientRect (in: hWnd=0x2a00ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0260.383] GetWindowRect (in: hWnd=0x2a00ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0260.383] SetWindowTextW (hWnd=0x2a00ea, lpString="WindowsFormsParkingWindow") returned 1
[0260.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0xc, wParam=0x0, lParam=0x2e57d08) returned 0x1
[0260.384] GetParent (hWnd=0x2a00ea) returned 0x0
[0260.384] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.384] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2a00ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2702dc
[0260.384] SetWindowLongW (hWnd=0x2702dc, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0260.385] GetWindowLongW (hWnd=0x2702dc, nIndex=-4) returned 1868147648
[0260.385] SetWindowLongW (hWnd=0x2702dc, nIndex=-4, dwNewLong=19951030) returned 1868147648
[0260.385] GetWindowLongW (hWnd=0x2702dc, nIndex=-4) returned 19951030
[0260.385] GetWindowLongW (hWnd=0x2702dc, nIndex=-16) returned 1174405133
[0260.385] GetWindowLongW (hWnd=0x2702dc, nIndex=-12) returned 0
[0260.385] SetWindowLongW (hWnd=0x2702dc, nIndex=-12, dwNewLong=2556636) returned 0
[0260.385] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0260.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0260.386] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0260.386] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0260.386] GetWindowRect (in: hWnd=0x2702dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0260.386] GetParent (hWnd=0x2702dc) returned 0x2a00ea
[0260.386] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a00ea, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0260.387] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0260.387] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0260.387] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0260.387] GetWindowRect (in: hWnd=0x2702dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0260.387] GetParent (hWnd=0x2702dc) returned 0x2a00ea
[0260.387] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a00ea, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0260.387] SendMessageW (hWnd=0x2702dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2702dc) returned 0x0
[0260.387] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2702dc) returned 0x0
[0260.387] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.389] GetParent (hWnd=0x2702dc) returned 0x2a00ea
[0260.389] GdipCreateFromHWND (hwnd=0x2702dc, graphics=0xd7e844) returned 0x0
[0260.389] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0260.389] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.389] GetForegroundWindow () returned 0x7005c
[0260.389] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.389] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.389] GetSystemMetrics (nIndex=42) returned 0
[0260.390] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0260.390] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.390] GetSystemMetrics (nIndex=42) returned 0
[0260.390] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0260.390] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.390] GetCursorPos (in: lpPoint=0x2e96bb8 | out: lpPoint=0x2e96bb8*(x=266, y=619)) returned 1
[0260.390] MonitorFromPoint (pt=0x10a, dwFlags=0x26b) returned 0x10001
[0260.390] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0260.390] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x760107f8
[0260.391] GetDeviceCaps (hdc=0x760107f8, index=12) returned 32
[0260.391] GetDeviceCaps (hdc=0x760107f8, index=14) returned 1
[0260.391] DeleteDC (hdc=0x760107f8) returned 1
[0260.391] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0260.391] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0260.391] GetSystemMetrics (nIndex=59) returned 1460
[0260.391] GetSystemMetrics (nIndex=60) returned 920
[0260.391] GetSystemMetrics (nIndex=34) returned 136
[0260.391] GetSystemMetrics (nIndex=35) returned 39
[0260.391] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.392] GetCursorPos (in: lpPoint=0x2e96e24 | out: lpPoint=0x2e96e24*(x=266, y=619)) returned 1
[0260.392] MonitorFromPoint (pt=0x10d, dwFlags=0x26b) returned 0x10001
[0260.392] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0260.392] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x770107f8
[0260.392] GetDeviceCaps (hdc=0x770107f8, index=12) returned 32
[0260.392] GetDeviceCaps (hdc=0x770107f8, index=14) returned 1
[0260.392] DeleteDC (hdc=0x770107f8) returned 1
[0260.392] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0260.392] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0260.393] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.393] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0260.393] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e970bc | out: piconinfo=0x2e970bc) returned 1
[0260.393] GetObjectW (in: h=0x320507f4, c=24, pv=0x2e970d8 | out: pv=0x2e970d8) returned 24
[0260.393] GdipCreateBitmapFromHBITMAP (hbm=0x320507f4, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0260.393] GdipGetImageWidth (image=0x66504b0, width=0xd7e750) returned 0x0
[0260.393] GdipGetImageHeight (image=0x66504b0, height=0xd7e748) returned 0x0
[0260.393] GdipGetImagePixelFormat (image=0x66504b0, format=0xd7e740) returned 0x0
[0260.393] GdipBitmapLockBits (bitmap=0x66504b0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e97190) returned 0x0
[0260.393] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0260.394] GdipBitmapLockBits (bitmap=0x6601360, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e971c8) returned 0x0
[0260.394] RtlMoveMemory (in: Destination=0x6663f70, Source=0x6663ee8, Length=0x80 | out: Destination=0x6663f70)
[0260.394] RtlMoveMemory (in: Destination=0x6663ff0, Source=0x6663e68, Length=0x80 | out: Destination=0x6663ff0)
[0260.394] RtlMoveMemory (in: Destination=0x6664070, Source=0x6663de8, Length=0x80 | out: Destination=0x6664070)
[0260.394] RtlMoveMemory (in: Destination=0x66640f0, Source=0x6663d68, Length=0x80 | out: Destination=0x66640f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664170, Source=0x6663ce8, Length=0x80 | out: Destination=0x6664170)
[0260.394] RtlMoveMemory (in: Destination=0x66641f0, Source=0x6663c68, Length=0x80 | out: Destination=0x66641f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664270, Source=0x6663be8, Length=0x80 | out: Destination=0x6664270)
[0260.394] RtlMoveMemory (in: Destination=0x66642f0, Source=0x6663b68, Length=0x80 | out: Destination=0x66642f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664370, Source=0x6663ae8, Length=0x80 | out: Destination=0x6664370)
[0260.394] RtlMoveMemory (in: Destination=0x66643f0, Source=0x6663a68, Length=0x80 | out: Destination=0x66643f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664470, Source=0x66639e8, Length=0x80 | out: Destination=0x6664470)
[0260.394] RtlMoveMemory (in: Destination=0x66644f0, Source=0x6663968, Length=0x80 | out: Destination=0x66644f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664570, Source=0x66638e8, Length=0x80 | out: Destination=0x6664570)
[0260.394] RtlMoveMemory (in: Destination=0x66645f0, Source=0x6663868, Length=0x80 | out: Destination=0x66645f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664670, Source=0x66637e8, Length=0x80 | out: Destination=0x6664670)
[0260.394] RtlMoveMemory (in: Destination=0x66646f0, Source=0x6663768, Length=0x80 | out: Destination=0x66646f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664770, Source=0x66636e8, Length=0x80 | out: Destination=0x6664770)
[0260.394] RtlMoveMemory (in: Destination=0x66647f0, Source=0x6663668, Length=0x80 | out: Destination=0x66647f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664870, Source=0x66635e8, Length=0x80 | out: Destination=0x6664870)
[0260.394] RtlMoveMemory (in: Destination=0x66648f0, Source=0x6663568, Length=0x80 | out: Destination=0x66648f0)
[0260.394] RtlMoveMemory (in: Destination=0x6664970, Source=0x66634e8, Length=0x80 | out: Destination=0x6664970)
[0260.394] RtlMoveMemory (in: Destination=0x66649f0, Source=0x6663468, Length=0x80 | out: Destination=0x66649f0)
[0260.395] RtlMoveMemory (in: Destination=0x6664a70, Source=0x66633e8, Length=0x80 | out: Destination=0x6664a70)
[0260.395] RtlMoveMemory (in: Destination=0x6664af0, Source=0x6663368, Length=0x80 | out: Destination=0x6664af0)
[0260.395] RtlMoveMemory (in: Destination=0x6664b70, Source=0x66632e8, Length=0x80 | out: Destination=0x6664b70)
[0260.395] RtlMoveMemory (in: Destination=0x6664bf0, Source=0x6663268, Length=0x80 | out: Destination=0x6664bf0)
[0260.395] RtlMoveMemory (in: Destination=0x6664c70, Source=0x66631e8, Length=0x80 | out: Destination=0x6664c70)
[0260.395] RtlMoveMemory (in: Destination=0x6664cf0, Source=0x6663168, Length=0x80 | out: Destination=0x6664cf0)
[0260.395] RtlMoveMemory (in: Destination=0x6664d70, Source=0x66630e8, Length=0x80 | out: Destination=0x6664d70)
[0260.395] RtlMoveMemory (in: Destination=0x6664df0, Source=0x6663068, Length=0x80 | out: Destination=0x6664df0)
[0260.395] RtlMoveMemory (in: Destination=0x6664e70, Source=0x6662fe8, Length=0x80 | out: Destination=0x6664e70)
[0260.395] RtlMoveMemory (in: Destination=0x6664ef0, Source=0x6662f68, Length=0x80 | out: Destination=0x6664ef0)
[0260.395] GdipBitmapUnlockBits (bitmap=0x66504b0, lockedBitmapData=0x2e97190) returned 0x0
[0260.395] GdipBitmapUnlockBits (bitmap=0x6601360, lockedBitmapData=0x2e971c8) returned 0x0
[0260.395] GdipDisposeImage (image=0x66504b0) returned 0x0
[0260.395] DeleteObject (ho=0x320507f4) returned 1
[0260.395] DeleteObject (ho=0x780507f8) returned 1
[0260.395] GetCurrentThreadId () returned 0xf50
[0260.395] GetCurrentThreadId () returned 0xf50
[0260.395] SetWindowPos (hWnd=0x2702dc, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0260.395] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0260.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0260.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0260.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0260.396] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0260.396] GetWindowRect (in: hWnd=0x2702dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0260.396] GetParent (hWnd=0x2702dc) returned 0x2a00ea
[0260.396] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a00ea, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0260.396] InvalidateRect (hWnd=0x2702dc, lpRect=0x0, bErase=1) returned 1
[0260.396] GetWindowTextLengthW (hWnd=0x2702dc) returned 0
[0260.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0260.396] GetSystemMetrics (nIndex=42) returned 0
[0260.396] GetWindowTextW (in: hWnd=0x2702dc, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0260.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0260.396] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0260.396] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0260.396] GetWindowRect (in: hWnd=0x2702dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0260.396] GetParent (hWnd=0x2702dc) returned 0x2a00ea
[0260.397] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a00ea, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0260.397] GetWindowTextLengthW (hWnd=0x2702dc) returned 0
[0260.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0260.397] GetSystemMetrics (nIndex=42) returned 0
[0260.397] GetWindowTextW (in: hWnd=0x2702dc, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0260.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0260.397] GetWindowTextLengthW (hWnd=0x2702dc) returned 0
[0260.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0260.397] GetSystemMetrics (nIndex=42) returned 0
[0260.397] GetWindowTextW (in: hWnd=0x2702dc, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0260.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0260.397] SetWindowTextW (hWnd=0x2702dc, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0260.397] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xc, wParam=0x0, lParam=0x2e78024) returned 0x1
[0260.397] InvalidateRect (hWnd=0x2702dc, lpRect=0x0, bErase=1) returned 1
[0260.397] GetCurrentThreadId () returned 0xf50
[0260.397] GetWindowThreadProcessId (in: hWnd=0x2702dc, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0260.398] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0260.399] GdipImageForceValidation (image=0x66019f0) returned 0x0
[0260.400] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0260.400] GdipGetImageHeight (image=0x66019f0, height=0xd7e824) returned 0x0
[0260.400] GdipGetImageWidth (image=0x66019f0, width=0xd7e824) returned 0x0
[0260.400] GdipGetImageWidth (image=0x66019f0, width=0xd7e810) returned 0x0
[0260.400] GdipGetImageHeight (image=0x66019f0, height=0xd7e810) returned 0x0
[0260.400] GdipGetImageWidth (image=0x66019f0, width=0xd7e800) returned 0x0
[0260.400] GdipGetImageHeight (image=0x66019f0, height=0xd7e800) returned 0x0
[0260.400] GdipBitmapGetPixel (bitmap=0x66019f0, x=0, y=15, color=0xd7e810) returned 0x0
[0260.400] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0260.400] GdipGetImageWidth (image=0x66019f0, width=0xd7e740) returned 0x0
[0260.400] GdipGetImageHeight (image=0x66019f0, height=0xd7e740) returned 0x0
[0260.401] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0260.401] GdipGetImagePixelFormat (image=0x6602a58, format=0xd7e740) returned 0x0
[0260.401] GdipGetImageGraphicsContext (image=0x6602a58, graphics=0xd7e74c) returned 0x0
[0260.401] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0260.401] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0260.401] GdipSetImageAttributesColorKeys (imageattr=0x6638cf8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0260.401] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66019f0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cf8, callback=0x0, callbackData=0x0) returned 0x0
[0260.401] GdipDisposeImageAttributes (imageattr=0x6638cf8) returned 0x0
[0260.401] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.401] GdipDisposeImage (image=0x66019f0) returned 0x0
[0260.402] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0260.403] GdipImageForceValidation (image=0x6603430) returned 0x0
[0260.404] GdipGetImageRawFormat (image=0x6603430, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0260.404] GdipGetImageHeight (image=0x6603430, height=0xd7e824) returned 0x0
[0260.404] GdipGetImageWidth (image=0x6603430, width=0xd7e824) returned 0x0
[0260.404] GdipGetImageWidth (image=0x6603430, width=0xd7e810) returned 0x0
[0260.404] GdipGetImageHeight (image=0x6603430, height=0xd7e810) returned 0x0
[0260.404] GdipGetImageWidth (image=0x6603430, width=0xd7e800) returned 0x0
[0260.404] GdipGetImageHeight (image=0x6603430, height=0xd7e800) returned 0x0
[0260.404] GdipBitmapGetPixel (bitmap=0x6603430, x=0, y=15, color=0xd7e810) returned 0x0
[0260.404] GdipGetImageRawFormat (image=0x6603430, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0260.404] GdipGetImageWidth (image=0x6603430, width=0xd7e740) returned 0x0
[0260.404] GdipGetImageHeight (image=0x6603430, height=0xd7e740) returned 0x0
[0260.404] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0260.404] GdipGetImagePixelFormat (image=0x66019f0, format=0xd7e740) returned 0x0
[0260.405] GdipGetImageGraphicsContext (image=0x66019f0, graphics=0xd7e74c) returned 0x0
[0260.405] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0260.405] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0260.405] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0260.405] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603430, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0260.405] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0260.405] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.405] GdipDisposeImage (image=0x6603430) returned 0x0
[0260.405] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.405] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0260.406] GetCurrentThreadId () returned 0xf50
[0260.406] GetCurrentThreadId () returned 0xf50
[0260.406] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.406] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0260.406] GetCurrentThreadId () returned 0xf50
[0260.406] GetCurrentThreadId () returned 0xf50
[0260.406] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.406] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0260.406] GetCurrentThreadId () returned 0xf50
[0260.406] GetCurrentThreadId () returned 0xf50
[0260.406] GetSystemMetrics (nIndex=5) returned 1
[0260.406] GetSystemMetrics (nIndex=6) returned 1
[0260.406] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.407] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0260.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.407] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0260.407] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.407] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0260.407] GetCurrentThreadId () returned 0xf50
[0260.407] GetCurrentThreadId () returned 0xf50
[0260.407] GetProcessWindowStation () returned 0x13c
[0260.407] GetCapture () returned 0x0
[0260.407] GetActiveWindow () returned 0x7005c
[0260.407] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0260.408] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.408] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0260.408] GetCursorPos (in: lpPoint=0x2e98308 | out: lpPoint=0x2e98308*(x=266, y=619)) returned 1
[0260.408] MonitorFromPoint (pt=0x10a, dwFlags=0x26b) returned 0x10001
[0260.408] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0260.408] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x790107f8
[0260.408] GetDeviceCaps (hdc=0x790107f8, index=12) returned 32
[0260.408] GetDeviceCaps (hdc=0x790107f8, index=14) returned 1
[0260.408] DeleteDC (hdc=0x790107f8) returned 1
[0260.408] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0260.409] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.409] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d02ce
[0260.409] SetWindowLongW (hWnd=0x1d02ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0260.409] GetWindowLongW (hWnd=0x1d02ce, nIndex=-4) returned 1950089536
[0260.409] SetWindowLongW (hWnd=0x1d02ce, nIndex=-4, dwNewLong=19951310) returned 1950089536
[0260.410] GetWindowLongW (hWnd=0x1d02ce, nIndex=-4) returned 19951310
[0260.410] GetWindowLongW (hWnd=0x1d02ce, nIndex=-16) returned 113770496
[0260.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0260.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0260.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0260.411] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0260.411] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0260.411] SetWindowTextW (hWnd=0x1d02ce, lpString="BB ransomware") returned 1
[0260.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xc, wParam=0x0, lParam=0x2e96aa4) returned 0x1
[0260.412] GetStartupInfoW (in: lpStartupInfo=0x2e98644 | out: lpStartupInfo=0x2e98644*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0260.414] GetParent (hWnd=0x1d02ce) returned 0x0
[0260.414] SetWindowLongW (hWnd=0x1d02ce, nIndex=-8, dwNewLong=0) returned 0
[0260.415] SendMessageW (hWnd=0x1d02ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0260.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0260.416] SendMessageW (hWnd=0x1d02ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0260.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0260.416] GetSystemMenu (hWnd=0x1d02ce, bRevert=0) returned 0x90013b
[0260.416] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0260.416] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0260.416] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0260.416] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0260.417] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0260.417] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0260.417] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0260.417] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0260.417] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0260.417] SetWindowPos (hWnd=0x1d02ce, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0260.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0260.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1d02ce) returned 0x1
[0260.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0260.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0260.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.427] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1d02ce, lParam=0x0) returned 0x0
[0260.427] GetCapture () returned 0x0
[0260.427] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0260.428] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0260.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0260.431] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.431] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0260.432] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0260.432] GetParent (hWnd=0x1d02ce) returned 0x0
[0260.432] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0260.442] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0260.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0260.442] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0260.442] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0260.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.444] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.445] GetWindowLongW (hWnd=0x1d02ce, nIndex=-16) returned 113770496
[0260.445] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.445] GetSystemMetrics (nIndex=42) returned 0
[0260.445] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0260.445] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.445] GetSystemMetrics (nIndex=42) returned 0
[0260.445] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0260.445] GetCursorPos (in: lpPoint=0x2e98880 | out: lpPoint=0x2e98880*(x=266, y=619)) returned 1
[0260.445] MonitorFromPoint (pt=0x10a, dwFlags=0x26b) returned 0x10001
[0260.445] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0260.445] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xcf0107a1
[0260.445] GetDeviceCaps (hdc=0xcf0107a1, index=12) returned 32
[0260.445] GetDeviceCaps (hdc=0xcf0107a1, index=14) returned 1
[0260.445] DeleteDC (hdc=0xcf0107a1) returned 1
[0260.446] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0260.446] GetWindowLongW (hWnd=0x1d02ce, nIndex=-16) returned 113770496
[0260.446] GetWindowLongW (hWnd=0x1d02ce, nIndex=-20) returned 327945
[0260.446] SetWindowLongW (hWnd=0x1d02ce, nIndex=-16, dwNewLong=46661632) returned 113770496
[0260.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0260.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0260.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.448] SetWindowLongW (hWnd=0x1d02ce, nIndex=-20, dwNewLong=327681) returned 327945
[0260.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0260.448] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0260.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.450] SetWindowPos (hWnd=0x1d02ce, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0260.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0260.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0260.450] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0260.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0260.451] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0260.451] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0260.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.452] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.452] RedrawWindow (hWnd=0x1d02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0260.452] GetSystemMenu (hWnd=0x1d02ce, bRevert=0) returned 0x90013b
[0260.452] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0260.452] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0260.452] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0260.452] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0260.453] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0260.453] EnableMenuItem (hMenu=0x90013b, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0260.453] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0260.453] GetWindowLongW (hWnd=0x1d02ce, nIndex=-8) returned 0
[0260.453] SetWindowLongW (hWnd=0x1d02ce, nIndex=-8, dwNewLong=458844) returned 0
[0260.454] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0260.454] GetProcessWindowStation () returned 0x13c
[0260.454] GetCurrentThreadId () returned 0xf50
[0260.454] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306c76, lParam=0x0) returned 1
[0260.454] IsWindowVisible (hWnd=0x1d02ce) returned 0
[0260.454] IsWindowVisible (hWnd=0x7005c) returned 1
[0260.454] IsWindowEnabled (hWnd=0x7005c) returned 1
[0260.454] IsWindowVisible (hWnd=0x300ec) returned 0
[0260.454] IsWindowVisible (hWnd=0x502c6) returned 0
[0260.454] IsWindowVisible (hWnd=0x502be) returned 0
[0260.454] GetActiveWindow () returned 0x1d02ce
[0260.454] GetFocus () returned 0x1d02ce
[0260.455] IsWindow (hWnd=0x7005c) returned 1
[0260.455] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0260.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0260.455] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0260.455] GetWindowLongW (hWnd=0x1d02ce, nIndex=-8) returned 458844
[0260.455] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0260.455] GetCurrentThreadId () returned 0xf50
[0260.455] GetWindowLongW (hWnd=0x1d02ce, nIndex=-8) returned 458844
[0260.455] IsWindowEnabled (hWnd=0x7005c) returned 0
[0260.456] IsWindowEnabled (hWnd=0x1d02ce) returned 1
[0260.456] ShowWindow (hWnd=0x1d02ce, nCmdShow=5) returned 0
[0260.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.456] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0260.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.457] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.457] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1d02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2702da
[0260.457] SetWindowLongW (hWnd=0x2702da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0260.457] GetWindowLongW (hWnd=0x2702da, nIndex=-4) returned 1950089536
[0260.457] SetWindowLongW (hWnd=0x2702da, nIndex=-4, dwNewLong=19950870) returned 1950089536
[0260.458] GetWindowLongW (hWnd=0x2702da, nIndex=-4) returned 19950870
[0260.458] GetWindowLongW (hWnd=0x2702da, nIndex=-16) returned 1174405120
[0260.458] GetWindowLongW (hWnd=0x2702da, nIndex=-12) returned 0
[0260.458] SetWindowLongW (hWnd=0x2702da, nIndex=-12, dwNewLong=2556634) returned 0
[0260.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0260.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0260.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0260.459] GetWindow (hWnd=0x2702da, uCmd=0x3) returned 0x0
[0260.459] GetClientRect (in: hWnd=0x2702da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0260.459] GetWindowRect (in: hWnd=0x2702da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0260.459] GetParent (hWnd=0x2702da) returned 0x1d02ce
[0260.459] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0260.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0260.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0260.459] GetClientRect (in: hWnd=0x2702da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0260.460] GetWindowRect (in: hWnd=0x2702da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0260.460] GetParent (hWnd=0x2702da) returned 0x1d02ce
[0260.460] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0260.460] SendMessageW (hWnd=0x2702da, Msg=0x2210, wParam=0x2da0001, lParam=0x2702da) returned 0x0
[0260.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x2210, wParam=0x2da0001, lParam=0x2702da) returned 0x0
[0260.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.460] GetParent (hWnd=0x2702da) returned 0x1d02ce
[0260.460] GetParent (hWnd=0x2702dc) returned 0x2a00ea
[0260.460] SetParent (hWndChild=0x2702dc, hWndNewParent=0x1d02ce) returned 0x2a00ea
[0260.460] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0260.461] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0260.461] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0260.461] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0260.461] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0260.461] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0260.461] GetWindowRect (in: hWnd=0x2702dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0260.461] GetParent (hWnd=0x2702dc) returned 0x1d02ce
[0260.461] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0260.461] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0260.461] GetWindowRect (in: hWnd=0x2702dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0260.461] GetParent (hWnd=0x2702dc) returned 0x1d02ce
[0260.461] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0260.461] GetParent (hWnd=0x2702dc) returned 0x1d02ce
[0260.462] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.462] GetWindow (hWnd=0x2702dc, uCmd=0x3) returned 0x0
[0260.462] SetWindowPos (hWnd=0x2702dc, hWndInsertAfter=0x2702da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0260.462] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0260.462] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0260.462] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0260.462] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0260.462] GetWindowRect (in: hWnd=0x2702dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0260.462] GetParent (hWnd=0x2702dc) returned 0x1d02ce
[0260.462] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0260.462] GetParent (hWnd=0x2702dc) returned 0x1d02ce
[0260.462] GetWindow (hWnd=0x2702dc, uCmd=0x3) returned 0x2702da
[0260.463] GetWindowThreadProcessId (in: hWnd=0x2702dc, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0260.463] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0260.463] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.463] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.463] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1d02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2902d8
[0260.464] SetWindowLongW (hWnd=0x2902d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0260.464] GetWindowLongW (hWnd=0x2902d8, nIndex=-4) returned 1868032000
[0260.464] SetWindowLongW (hWnd=0x2902d8, nIndex=-4, dwNewLong=19951390) returned 1868032000
[0260.464] GetWindowLongW (hWnd=0x2902d8, nIndex=-4) returned 19951390
[0260.464] GetWindowLongW (hWnd=0x2902d8, nIndex=-16) returned 1174470667
[0260.464] GetWindowLongW (hWnd=0x2902d8, nIndex=-12) returned 0
[0260.464] SetWindowLongW (hWnd=0x2902d8, nIndex=-12, dwNewLong=2687704) returned 0
[0260.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0260.465] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0260.465] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0260.466] SendMessageW (hWnd=0x2902d8, Msg=0x2055, wParam=0x2902d8, lParam=0x3) returned 0x2
[0260.466] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0260.466] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0260.466] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0260.466] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0260.466] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0260.466] RedrawWindow (hWnd=0x2702da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0260.466] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0260.467] RedrawWindow (hWnd=0x2702dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0260.467] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0260.467] RedrawWindow (hWnd=0x2902d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0260.467] RedrawWindow (hWnd=0x1d02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0260.467] GetWindow (hWnd=0x2902d8, uCmd=0x3) returned 0x2702dc
[0260.467] GetClientRect (in: hWnd=0x2902d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0260.467] GetWindowRect (in: hWnd=0x2902d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0260.467] GetParent (hWnd=0x2902d8) returned 0x1d02ce
[0260.467] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0260.467] SetWindowTextW (hWnd=0x2902d8, lpString="&Details") returned 1
[0260.467] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0260.468] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0260.468] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0260.468] GetClientRect (in: hWnd=0x2902d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0260.468] GetWindowRect (in: hWnd=0x2902d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0260.468] GetParent (hWnd=0x2902d8) returned 0x1d02ce
[0260.468] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0260.469] SendMessageW (hWnd=0x2902d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2902d8) returned 0x0
[0260.469] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2902d8) returned 0x0
[0260.469] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.469] GetParent (hWnd=0x2902d8) returned 0x1d02ce
[0260.469] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0260.469] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.470] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.470] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1d02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1c02d0
[0260.470] SetWindowLongW (hWnd=0x1c02d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0260.470] GetWindowLongW (hWnd=0x1c02d0, nIndex=-4) returned 1868032000
[0260.470] SetWindowLongW (hWnd=0x1c02d0, nIndex=-4, dwNewLong=19951790) returned 1868032000
[0260.471] GetWindowLongW (hWnd=0x1c02d0, nIndex=-4) returned 19951790
[0260.471] GetWindowLongW (hWnd=0x1c02d0, nIndex=-16) returned 1174470667
[0260.471] GetWindowLongW (hWnd=0x1c02d0, nIndex=-12) returned 0
[0260.471] SetWindowLongW (hWnd=0x1c02d0, nIndex=-12, dwNewLong=1835728) returned 0
[0260.471] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0260.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0260.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0260.473] SendMessageW (hWnd=0x1c02d0, Msg=0x2055, wParam=0x1c02d0, lParam=0x3) returned 0x2
[0260.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0260.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0260.474] GetWindow (hWnd=0x1c02d0, uCmd=0x3) returned 0x2902d8
[0260.474] GetClientRect (in: hWnd=0x1c02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0260.474] GetWindowRect (in: hWnd=0x1c02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0260.474] GetParent (hWnd=0x1c02d0) returned 0x1d02ce
[0260.474] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0260.474] SetWindowTextW (hWnd=0x1c02d0, lpString="&Continue") returned 1
[0260.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0260.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0260.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0260.474] GetClientRect (in: hWnd=0x1c02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0260.475] GetWindowRect (in: hWnd=0x1c02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0260.475] GetParent (hWnd=0x1c02d0) returned 0x1d02ce
[0260.475] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0260.475] SendMessageW (hWnd=0x1c02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1c02d0) returned 0x0
[0260.475] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1c02d0) returned 0x0
[0260.475] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.475] GetParent (hWnd=0x1c02d0) returned 0x1d02ce
[0260.475] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0260.475] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.476] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.476] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1d02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2102c8
[0260.476] SetWindowLongW (hWnd=0x2102c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0260.476] GetWindowLongW (hWnd=0x2102c8, nIndex=-4) returned 1868032000
[0260.477] SetWindowLongW (hWnd=0x2102c8, nIndex=-4, dwNewLong=19950750) returned 1868032000
[0260.477] GetWindowLongW (hWnd=0x2102c8, nIndex=-4) returned 19950750
[0260.477] GetWindowLongW (hWnd=0x2102c8, nIndex=-16) returned 1174470667
[0260.477] GetWindowLongW (hWnd=0x2102c8, nIndex=-12) returned 0
[0260.477] SetWindowLongW (hWnd=0x2102c8, nIndex=-12, dwNewLong=2163400) returned 0
[0260.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0260.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0260.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0260.478] SendMessageW (hWnd=0x2102c8, Msg=0x2055, wParam=0x2102c8, lParam=0x3) returned 0x2
[0260.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0260.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0260.479] GetWindow (hWnd=0x2102c8, uCmd=0x3) returned 0x1c02d0
[0260.479] GetClientRect (in: hWnd=0x2102c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0260.479] GetWindowRect (in: hWnd=0x2102c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0260.479] GetParent (hWnd=0x2102c8) returned 0x1d02ce
[0260.479] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0260.479] SetWindowTextW (hWnd=0x2102c8, lpString="&Quit") returned 1
[0260.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0260.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0260.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0260.479] GetClientRect (in: hWnd=0x2102c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0260.479] GetWindowRect (in: hWnd=0x2102c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0260.479] GetParent (hWnd=0x2102c8) returned 0x1d02ce
[0260.480] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0260.480] SendMessageW (hWnd=0x2102c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2102c8) returned 0x0
[0260.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2102c8) returned 0x0
[0260.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.480] GetParent (hWnd=0x2102c8) returned 0x1d02ce
[0260.480] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0260.480] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.481] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0260.481] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1d02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2702de
[0260.482] SetWindowLongW (hWnd=0x2702de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0260.482] GetWindowLongW (hWnd=0x2702de, nIndex=-4) returned 1868026976
[0260.482] SetWindowLongW (hWnd=0x2702de, nIndex=-4, dwNewLong=19951190) returned 1868026976
[0260.483] GetWindowLongW (hWnd=0x2702de, nIndex=-4) returned 19951190
[0260.483] GetWindowLongW (hWnd=0x2702de, nIndex=-16) returned 1177553092
[0260.483] GetWindowLongW (hWnd=0x2702de, nIndex=-12) returned 0
[0260.483] SetWindowLongW (hWnd=0x2702de, nIndex=-12, dwNewLong=2556638) returned 0
[0260.483] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0260.484] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0260.485] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0260.501] GetWindow (hWnd=0x2702de, uCmd=0x3) returned 0x2102c8
[0260.501] GetClientRect (in: hWnd=0x2702de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0260.501] GetWindowRect (in: hWnd=0x2702de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0260.501] GetParent (hWnd=0x2702de) returned 0x1d02ce
[0260.501] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0260.501] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.501] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.501] GetSystemMetrics (nIndex=42) returned 0
[0260.501] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.501] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0260.501] SendMessageW (hWnd=0x2702de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0260.501] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0260.506] SetWindowTextW (hWnd=0x2702de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0260.506] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0xc, wParam=0x0, lParam=0x2e9448c) returned 0x1
[0260.508] GetSystemMetrics (nIndex=5) returned 1
[0260.508] GetSystemMetrics (nIndex=6) returned 1
[0260.508] SendMessageW (hWnd=0x2702de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0260.508] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0260.508] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0260.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0260.509] GetClientRect (in: hWnd=0x2702de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0260.509] GetWindowRect (in: hWnd=0x2702de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0260.509] GetParent (hWnd=0x2702de) returned 0x1d02ce
[0260.509] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1d02ce, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0260.509] SendMessageW (hWnd=0x2702de, Msg=0x2210, wParam=0x2de0001, lParam=0x2702de) returned 0x0
[0260.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x2210, wParam=0x2de0001, lParam=0x2702de) returned 0x0
[0260.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0260.510] GetParent (hWnd=0x2702de) returned 0x1d02ce
[0260.510] GetWindowLongW (hWnd=0x1d02ce, nIndex=-8) returned 458844
[0260.510] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0260.510] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0260.510] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xd60107a1
[0260.510] GetDeviceCaps (hdc=0xd60107a1, index=12) returned 32
[0260.510] GetDeviceCaps (hdc=0xd60107a1, index=14) returned 1
[0260.510] DeleteDC (hdc=0xd60107a1) returned 1
[0260.510] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0260.510] GetWindowThreadProcessId (in: hWnd=0x1d02ce, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0260.510] GetCurrentThreadId () returned 0xf50
[0260.510] PostMessageW (hWnd=0x1d02ce, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0260.510] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.511] GetSystemMetrics (nIndex=42) returned 0
[0260.511] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0260.511] GdipImageGetFrameDimensionsCount (image=0x6601360, count=0xd7e25c) returned 0x0
[0260.511] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12014d8
[0260.511] GdipImageGetFrameDimensionsList (image=0x6601360, dimensionIDs=0x12014d8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0260.511] LocalFree (hMem=0x12014d8) returned 0x0
[0260.511] GdipImageGetFrameDimensionsCount (image=0x6602a58, count=0xd7e250) returned 0x0
[0260.511] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12014d8
[0260.511] GdipImageGetFrameDimensionsList (image=0x6602a58, dimensionIDs=0x12014d8*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0260.511] LocalFree (hMem=0x12014d8) returned 0x0
[0260.511] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0260.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0260.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0260.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0260.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.525] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0260.525] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0260.525] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.525] GetSystemMetrics (nIndex=42) returned 0
[0260.525] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0260.525] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0260.525] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0260.525] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0260.525] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0xd0507d3
[0260.525] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0260.526] SaveDC (hdc=0x10105d6) returned 1
[0260.526] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0260.526] CreateSolidBrush (color=0xf0f0f0) returned 0xc61007e1
[0260.526] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0xc61007e1) returned 1
[0260.526] DeleteObject (ho=0xc61007e1) returned 1
[0260.526] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0260.526] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0260.526] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0260.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0260.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0260.527] GetStockObject (i=5) returned 0x900015
[0260.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0260.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0260.528] GetStockObject (i=5) returned 0x900015
[0260.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0260.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0260.528] GetStockObject (i=5) returned 0x900015
[0260.532] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0260.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0260.532] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0260.532] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0260.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0260.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0260.535] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0260.535] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0260.535] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.535] InvalidateRect (hWnd=0x2902d8, lpRect=0x0, bErase=0) returned 1
[0260.535] GetFocus () returned 0x1d02ce
[0260.535] GetFocus () returned 0x1d02ce
[0260.535] SetFocus (hWnd=0x2902d8) returned 0x1d02ce
[0260.536] GetFocus () returned 0x2902d8
[0260.536] IsChild (hWndParent=0x1d02ce, hWnd=0x2902d8) returned 1
[0260.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x8, wParam=0x2902d8, lParam=0x0) returned 0x0
[0260.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0260.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0260.540] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x7, wParam=0x1d02ce, lParam=0x0) returned 0x0
[0260.540] GetStockObject (i=5) returned 0x900015
[0260.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0260.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0260.540] GetDlgItem (hDlg=0x1d02ce, nIDDlgItem=2687704) returned 0x2902d8
[0260.540] SendMessageW (hWnd=0x2902d8, Msg=0x202b, wParam=0x2902d8, lParam=0xd7e0dc) returned 0x0
[0260.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x202b, wParam=0x2902d8, lParam=0xd7e0dc) returned 0x0
[0260.541] InvalidateRect (hWnd=0x2902d8, lpRect=0x0, bErase=0) returned 1
[0260.543] GetFocus () returned 0x2902d8
[0260.543] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.543] IsWindowUnicode (hWnd=0x1d02ce) returned 1
[0260.543] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.543] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.543] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0260.543] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.543] IsWindowUnicode (hWnd=0x1d02ce) returned 1
[0260.543] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.544] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.544] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.545] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.545] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0260.545] IsWindowUnicode (hWnd=0x1d02ce) returned 1
[0260.545] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.545] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.545] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.546] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.546] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.546] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.546] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.546] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.546] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0260.546] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0260.546] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.547] IsWindowUnicode (hWnd=0x1d02ce) returned 1
[0260.547] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.547] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.547] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.547] BeginPaint (in: hWnd=0x1d02ce, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0260.547] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.547] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.547] GetSystemMetrics (nIndex=42) returned 0
[0260.547] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0260.548] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.548] EndPaint (hWnd=0x1d02ce, lpPaint=0xd7e274) returned 1
[0260.548] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.548] IsWindowUnicode (hWnd=0x2702da) returned 1
[0260.548] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.548] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.548] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.548] BeginPaint (in: hWnd=0x2702da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0260.548] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.548] CreateCompatibleDC (hdc=0xf0105ee) returned 0x630107ef
[0260.548] SelectObject (hdc=0x630107ef, h=0x4a0507fe) returned 0x85000f
[0260.549] GdipCreateFromHDC (hdc=0x630107ef, graphics=0xd7e2b0) returned 0x0
[0260.549] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.549] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0260.549] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0260.549] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0260.549] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e310) returned 0x0
[0260.549] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.549] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0260.549] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.549] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0260.549] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0260.549] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0260.549] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e304) returned 0x0
[0260.549] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0260.549] GetWindowTextLengthW (hWnd=0x2702da) returned 0
[0260.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0260.549] GetSystemMetrics (nIndex=42) returned 0
[0260.549] GetWindowTextW (in: hWnd=0x2702da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0260.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0260.550] GetClientRect (in: hWnd=0x2702da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0260.550] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0260.550] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0260.550] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0260.550] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0260.550] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e164) returned 0x0
[0260.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0260.550] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0260.550] LocalFree (hMem=0x11ee868) returned 0x0
[0260.550] GdipCombineRegionRegion (region=0x6645fc8, region2=0x6645f38, combineMode=0x1) returned 0x0
[0260.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.550] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0260.550] LocalFree (hMem=0x11eec58) returned 0x0
[0260.550] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0260.550] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0260.550] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0260.550] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0260.550] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0260.550] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0260.550] GetCurrentObject (hdc=0x630107ef, type=0x1) returned 0xb00017
[0260.551] GetCurrentObject (hdc=0x630107ef, type=0x2) returned 0x900010
[0260.551] GetCurrentObject (hdc=0x630107ef, type=0x7) returned 0x4a0507fe
[0260.551] GetCurrentObject (hdc=0x630107ef, type=0x6) returned 0x8a01c2
[0260.551] SaveDC (hdc=0x630107ef) returned 1
[0260.551] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe60407de
[0260.551] GetClipRgn (hdc=0x630107ef, hrgn=0xe60407de) returned 0
[0260.551] SelectClipRgn (hdc=0x630107ef, hrgn=0x4f040807) returned 2
[0260.551] DeleteObject (ho=0xe60407de) returned 1
[0260.551] DeleteObject (ho=0x4f040807) returned 1
[0260.551] OffsetViewportOrgEx (in: hdc=0x630107ef, x=0, y=0, lppt=0x2e99fec | out: lppt=0x2e99fec) returned 1
[0260.551] GetNearestColor (hdc=0x630107ef, color=0xf0f0f0) returned 0xf0f0f0
[0260.551] CreateSolidBrush (color=0xf0f0f0) returned 0xc71007e1
[0260.551] FillRect (hDC=0x630107ef, lprc=0xd7e198, hbr=0xc71007e1) returned 1
[0260.551] DeleteObject (ho=0xc71007e1) returned 1
[0260.552] RestoreDC (hdc=0x630107ef, nSavedDC=-1) returned 1
[0260.552] GdipReleaseDC (graphics=0x6600030, hdc=0x630107ef) returned 0x0
[0260.552] GdipRestoreGraphics (graphics=0x6600030, state=0xf7bc0dbd) returned 0x0
[0260.552] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0260.552] GetWindowTextLengthW (hWnd=0x2702da) returned 0
[0260.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0260.552] GetSystemMetrics (nIndex=42) returned 0
[0260.552] GetWindowTextW (in: hWnd=0x2702da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0260.552] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0260.552] GdipGetImageWidth (image=0x6601360, width=0xd7e1e0) returned 0x0
[0260.552] GdipGetImageHeight (image=0x6601360, height=0xd7e1e0) returned 0x0
[0260.552] GdipGetImageWidth (image=0x6601360, width=0xd7e1cc) returned 0x0
[0260.552] GdipGetImageHeight (image=0x6601360, height=0xd7e1cc) returned 0x0
[0260.552] GdipDrawImageRectI (graphics=0x6600030, image=0x6601360, x=16, y=16, width=32, height=32) returned 0x0
[0260.552] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0260.552] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0x630107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.552] GdipReleaseDC (graphics=0x6600030, hdc=0x630107ef) returned 0x0
[0260.552] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.552] SelectObject (hdc=0x630107ef, h=0x85000f) returned 0x4a0507fe
[0260.553] DeleteDC (hdc=0x630107ef) returned 1
[0260.553] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.553] EndPaint (hWnd=0x2702da, lpPaint=0xd7e294) returned 1
[0260.553] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.554] IsWindowUnicode (hWnd=0x2702dc) returned 1
[0260.554] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.554] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.554] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.554] BeginPaint (in: hWnd=0x2702dc, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0260.554] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.554] CreateCompatibleDC (hdc=0x107b9) returned 0x650107ef
[0260.554] GetObjectType (h=0x107b9) returned 0x3
[0260.554] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0xffffffffa90505d8
[0260.554] GetDIBits (in: hdc=0x107b9, hbm=0xa90505d8, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0260.554] GetDIBits (in: hdc=0x107b9, hbm=0xa90505d8, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0260.554] DeleteObject (ho=0xa90505d8) returned 1
[0260.555] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xdf0507a1
[0260.555] SelectObject (hdc=0x650107ef, h=0xdf0507a1) returned 0x85000f
[0260.555] GdipCreateFromHDC (hdc=0x650107ef, graphics=0xd7e234) returned 0x0
[0260.555] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.555] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0260.555] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0260.555] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0260.555] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2d4) returned 0x0
[0260.555] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.555] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0260.556] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.556] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0260.556] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0260.556] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0260.556] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0260.556] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0260.556] GetWindowTextLengthW (hWnd=0x2702dc) returned 232
[0260.556] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0260.556] GetSystemMetrics (nIndex=42) returned 0
[0260.556] GetWindowTextW (in: hWnd=0x2702dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0260.556] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0260.556] GetClientRect (in: hWnd=0x2702dc, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0260.556] GdipCreateRegion (region=0xd7e110) returned 0x0
[0260.556] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0260.556] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0260.556] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0260.556] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e128) returned 0x0
[0260.556] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.556] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0260.556] LocalFree (hMem=0x11ee788) returned 0x0
[0260.556] GdipCombineRegionRegion (region=0x6645d88, region2=0x66457e8, combineMode=0x1) returned 0x0
[0260.557] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0260.557] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0260.557] LocalFree (hMem=0x11eea28) returned 0x0
[0260.557] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0260.557] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e150) returned 0x0
[0260.557] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e140) returned 0x0
[0260.557] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0260.557] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0260.557] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0260.557] GetCurrentObject (hdc=0x650107ef, type=0x1) returned 0xb00017
[0260.557] GetCurrentObject (hdc=0x650107ef, type=0x2) returned 0x900010
[0260.557] GetCurrentObject (hdc=0x650107ef, type=0x7) returned 0xffffffffdf0507a1
[0260.557] GetCurrentObject (hdc=0x650107ef, type=0x6) returned 0x8a01c2
[0260.557] SaveDC (hdc=0x650107ef) returned 1
[0260.557] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x50040807
[0260.557] GetClipRgn (hdc=0x650107ef, hrgn=0x50040807) returned 0
[0260.557] SelectClipRgn (hdc=0x650107ef, hrgn=0xe70407de) returned 2
[0260.558] DeleteObject (ho=0x50040807) returned 1
[0260.558] DeleteObject (ho=0xe70407de) returned 1
[0260.558] OffsetViewportOrgEx (in: hdc=0x650107ef, x=0, y=0, lppt=0x2e9b9b4 | out: lppt=0x2e9b9b4) returned 1
[0260.558] GetNearestColor (hdc=0x650107ef, color=0xf0f0f0) returned 0xf0f0f0
[0260.558] CreateSolidBrush (color=0xf0f0f0) returned 0xc81007e1
[0260.558] FillRect (hDC=0x650107ef, lprc=0xd7e15c, hbr=0xc81007e1) returned 1
[0260.559] DeleteObject (ho=0xc81007e1) returned 1
[0260.559] RestoreDC (hdc=0x650107ef, nSavedDC=-1) returned 1
[0260.559] GdipReleaseDC (graphics=0x6600030, hdc=0x650107ef) returned 0x0
[0260.559] GdipRestoreGraphics (graphics=0x6600030, state=0xf7ba0dbd) returned 0x0
[0260.559] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0260.559] GetWindowTextLengthW (hWnd=0x2702dc) returned 232
[0260.559] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0260.559] GetSystemMetrics (nIndex=42) returned 0
[0260.559] GetWindowTextW (in: hWnd=0x2702dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0260.559] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0260.559] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0260.559] GetCurrentObject (hdc=0x650107ef, type=0x1) returned 0xb00017
[0260.599] GetCurrentObject (hdc=0x650107ef, type=0x2) returned 0x900010
[0260.599] GetCurrentObject (hdc=0x650107ef, type=0x7) returned 0xffffffffdf0507a1
[0260.599] GetCurrentObject (hdc=0x650107ef, type=0x6) returned 0x8a01c2
[0260.599] SaveDC (hdc=0x650107ef) returned 1
[0260.599] GetNearestColor (hdc=0x650107ef, color=0x0) returned 0x0
[0260.599] RestoreDC (hdc=0x650107ef, nSavedDC=-1) returned 1
[0260.599] GdipReleaseDC (graphics=0x6600030, hdc=0x650107ef) returned 0x0
[0260.600] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0260.600] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0260.600] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e9c1b0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0260.600] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0260.600] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0260.600] GetCurrentObject (hdc=0x650107ef, type=0x1) returned 0xb00017
[0260.600] GetCurrentObject (hdc=0x650107ef, type=0x2) returned 0x900010
[0260.600] GetCurrentObject (hdc=0x650107ef, type=0x7) returned 0xffffffffdf0507a1
[0260.600] GetCurrentObject (hdc=0x650107ef, type=0x6) returned 0x8a01c2
[0260.601] SaveDC (hdc=0x650107ef) returned 1
[0260.601] GetTextAlign (hdc=0x650107ef) returned 0x0
[0260.601] GetTextColor (hdc=0x650107ef) returned 0x0
[0260.601] GetCurrentObject (hdc=0x650107ef, type=0x6) returned 0x8a01c2
[0260.601] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0260.601] SelectObject (hdc=0x650107ef, h=0x6d0a0520) returned 0x8a01c2
[0260.601] GetBkMode (hdc=0x650107ef) returned 2
[0260.601] SetBkMode (hdc=0x650107ef, mode=1) returned 2
[0260.601] DrawTextExW (in: hdc=0x650107ef, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e9c3d4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0260.603] RestoreDC (hdc=0x650107ef, nSavedDC=-1) returned 1
[0260.603] GdipReleaseDC (graphics=0x6600030, hdc=0x650107ef) returned 0x0
[0260.604] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0260.604] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x650107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.604] GdipReleaseDC (graphics=0x6600030, hdc=0x650107ef) returned 0x0
[0260.604] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.604] SelectObject (hdc=0x650107ef, h=0x85000f) returned 0xdf0507a1
[0260.604] DeleteDC (hdc=0x650107ef) returned 1
[0260.604] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.604] DeleteObject (ho=0xdf0507a1) returned 1
[0260.605] EndPaint (hWnd=0x2702dc, lpPaint=0xd7e258) returned 1
[0260.605] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0260.605] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.605] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0260.606] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.606] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.610] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.610] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0260.611] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.611] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.611] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.611] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.611] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.612] IsWindowUnicode (hWnd=0x1c02d0) returned 1
[0260.612] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.612] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.612] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.612] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.612] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.612] IsWindowUnicode (hWnd=0x1c02d0) returned 1
[0260.612] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.612] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.612] SetCursor (hCursor=0x10003) returned 0x10003
[0260.612] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.612] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.612] _TrackMouseEvent (in: lpEventTrack=0x2e9c410 | out: lpEventTrack=0x2e9c410) returned 1
[0260.612] SendMessageW (hWnd=0x1c02d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0260.612] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0260.612] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.613] GetKeyState (nVirtKey=1) returned 0
[0260.613] GetKeyState (nVirtKey=2) returned 0
[0260.613] GetKeyState (nVirtKey=4) returned 0
[0260.613] GetKeyState (nVirtKey=5) returned 0
[0260.613] GetKeyState (nVirtKey=6) returned 0
[0260.613] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.613] IsWindowUnicode (hWnd=0x2902d8) returned 1
[0260.613] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.613] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.613] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.613] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.614] IsWindowUnicode (hWnd=0x2902d8) returned 1
[0260.614] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.614] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.614] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.614] BeginPaint (in: hWnd=0x2902d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0260.614] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.614] CreateCompatibleDC (hdc=0x60100ce) returned 0xad0105d8
[0260.614] SelectObject (hdc=0xad0105d8, h=0x4a0507fe) returned 0x85000f
[0260.614] GdipCreateFromHDC (hdc=0xad0105d8, graphics=0xd7e268) returned 0x0
[0260.614] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.614] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0260.615] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0260.615] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0260.615] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0260.615] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.615] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0260.615] LocalFree (hMem=0x11eec58) returned 0x0
[0260.615] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0260.615] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0260.615] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0260.615] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0260.615] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0260.615] GdipRestoreGraphics (graphics=0x6600030, state=0xf7b80dbd) returned 0x0
[0260.615] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0260.615] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0260.615] GetCurrentObject (hdc=0xad0105d8, type=0x1) returned 0xb00017
[0260.615] GetCurrentObject (hdc=0xad0105d8, type=0x2) returned 0x900010
[0260.615] GetCurrentObject (hdc=0xad0105d8, type=0x7) returned 0x4a0507fe
[0260.615] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.615] SaveDC (hdc=0xad0105d8) returned 1
[0260.615] GetNearestColor (hdc=0xad0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0x696969) returned 0x696969
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0x0) returned 0x0
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0xffffff) returned 0xffffff
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0xe5e5e5) returned 0xe5e5e5
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0xd7d7d7) returned 0xd7d7d7
[0260.616] GetNearestColor (hdc=0xad0105d8, color=0x0) returned 0x0
[0260.616] RestoreDC (hdc=0xad0105d8, nSavedDC=-1) returned 1
[0260.616] GdipReleaseDC (graphics=0x6600030, hdc=0xad0105d8) returned 0x0
[0260.616] IsAppThemed () returned 0x1
[0260.616] GetThemeAppProperties () returned 0x3
[0260.616] GetThemeAppProperties () returned 0x3
[0260.616] GdipGetImageWidth (image=0x6602a58, width=0xd7e168) returned 0x0
[0260.616] GdipGetImageHeight (image=0x6602a58, height=0xd7e168) returned 0x0
[0260.616] IsAppThemed () returned 0x1
[0260.616] GetThemeAppProperties () returned 0x3
[0260.616] GetThemeAppProperties () returned 0x3
[0260.616] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e9cb7c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0260.617] IsAppThemed () returned 0x1
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] IsAppThemed () returned 0x1
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] GetFocus () returned 0x2902d8
[0260.617] IsAppThemed () returned 0x1
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] IsAppThemed () returned 0x1
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] IsThemePartDefined () returned 0x1
[0260.617] IsAppThemed () returned 0x1
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.617] IsAppThemed () returned 0x1
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] GetThemeAppProperties () returned 0x3
[0260.617] IsAppThemed () returned 0x1
[0260.618] GetThemeAppProperties () returned 0x3
[0260.618] GetThemeAppProperties () returned 0x3
[0260.618] IsThemePartDefined () returned 0x1
[0260.618] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0260.618] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0260.618] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0260.618] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0260.618] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dff0) returned 0x0
[0260.618] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.618] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0260.618] LocalFree (hMem=0x11eec58) returned 0x0
[0260.618] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.618] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0260.618] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.618] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0260.618] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e018) returned 0x0
[0260.618] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e008) returned 0x0
[0260.618] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0260.618] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0260.618] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0260.618] GetCurrentObject (hdc=0xad0105d8, type=0x1) returned 0xb00017
[0260.618] GetCurrentObject (hdc=0xad0105d8, type=0x2) returned 0x900010
[0260.618] GetCurrentObject (hdc=0xad0105d8, type=0x7) returned 0x4a0507fe
[0260.618] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.619] SaveDC (hdc=0xad0105d8) returned 1
[0260.619] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe80407de
[0260.619] GetClipRgn (hdc=0xad0105d8, hrgn=0xe80407de) returned 0
[0260.619] SelectClipRgn (hdc=0xad0105d8, hrgn=0x54040807) returned 2
[0260.619] DeleteObject (ho=0xe80407de) returned 1
[0260.619] DeleteObject (ho=0x54040807) returned 1
[0260.619] OffsetViewportOrgEx (in: hdc=0xad0105d8, x=0, y=0, lppt=0x2e9d22c | out: lppt=0x2e9d22c) returned 1
[0260.619] DrawThemeParentBackground () returned 0x0
[0260.619] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0260.619] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0260.619] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.619] GetSystemMetrics (nIndex=42) returned 0
[0260.619] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0260.619] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0260.619] GetCurrentObject (hdc=0xad0105d8, type=0x1) returned 0xb00017
[0260.619] GetCurrentObject (hdc=0xad0105d8, type=0x2) returned 0x900010
[0260.619] GetCurrentObject (hdc=0xad0105d8, type=0x7) returned 0x4a0507fe
[0260.620] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.620] SaveDC (hdc=0xad0105d8) returned 2
[0260.620] GetNearestColor (hdc=0xad0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.620] CreateSolidBrush (color=0xf0f0f0) returned 0xc91007e1
[0260.620] FillRect (hDC=0xad0105d8, lprc=0xd7da38, hbr=0xc91007e1) returned 1
[0260.620] DeleteObject (ho=0xc91007e1) returned 1
[0260.620] RestoreDC (hdc=0xad0105d8, nSavedDC=-1) returned 1
[0260.620] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.620] GetSystemMetrics (nIndex=42) returned 0
[0260.620] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0260.620] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0260.620] GetCurrentObject (hdc=0xad0105d8, type=0x1) returned 0xb00017
[0260.620] GetCurrentObject (hdc=0xad0105d8, type=0x2) returned 0x900010
[0260.620] GetCurrentObject (hdc=0xad0105d8, type=0x7) returned 0x4a0507fe
[0260.620] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.620] SaveDC (hdc=0xad0105d8) returned 2
[0260.620] GetNearestColor (hdc=0xad0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.620] CreateSolidBrush (color=0xf0f0f0) returned 0xca1007e1
[0260.620] FillRect (hDC=0xad0105d8, lprc=0xd7d9d8, hbr=0xca1007e1) returned 1
[0260.621] DeleteObject (ho=0xca1007e1) returned 1
[0260.621] RestoreDC (hdc=0xad0105d8, nSavedDC=-1) returned 1
[0260.621] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.621] GetSystemMetrics (nIndex=42) returned 0
[0260.621] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0260.621] RestoreDC (hdc=0xad0105d8, nSavedDC=-1) returned 1
[0260.621] GdipReleaseDC (graphics=0x6600030, hdc=0xad0105d8) returned 0x0
[0260.621] IsAppThemed () returned 0x1
[0260.621] GetThemeAppProperties () returned 0x3
[0260.621] GetThemeAppProperties () returned 0x3
[0260.621] IsAppThemed () returned 0x1
[0260.621] GetThemeAppProperties () returned 0x3
[0260.621] GetThemeAppProperties () returned 0x3
[0260.621] IsThemePartDefined () returned 0x1
[0260.621] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0260.622] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0260.622] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0260.622] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0260.622] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0260.622] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0260.625] LocalFree (hMem=0x11ee788) returned 0x0
[0260.626] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0260.626] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.626] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0260.626] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0260.626] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0260.626] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0260.626] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0260.626] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0260.626] GetCurrentObject (hdc=0xad0105d8, type=0x1) returned 0xb00017
[0260.626] GetCurrentObject (hdc=0xad0105d8, type=0x2) returned 0x900010
[0260.626] GetCurrentObject (hdc=0xad0105d8, type=0x7) returned 0x4a0507fe
[0260.626] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.626] SaveDC (hdc=0xad0105d8) returned 1
[0260.626] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0260.626] GetClipRgn (hdc=0xad0105d8, hrgn=0x55040807) returned 0
[0260.626] SelectClipRgn (hdc=0xad0105d8, hrgn=0xea0407de) returned 2
[0260.626] DeleteObject (ho=0x55040807) returned 1
[0260.626] DeleteObject (ho=0xea0407de) returned 1
[0260.626] OffsetViewportOrgEx (in: hdc=0xad0105d8, x=0, y=0, lppt=0x2e9dad8 | out: lppt=0x2e9dad8) returned 1
[0260.626] IsAppThemed () returned 0x1
[0260.626] GetThemeAppProperties () returned 0x3
[0260.627] GetThemeAppProperties () returned 0x3
[0260.627] DrawThemeBackground () returned 0x0
[0260.627] RestoreDC (hdc=0xad0105d8, nSavedDC=-1) returned 1
[0260.627] GdipReleaseDC (graphics=0x6600030, hdc=0xad0105d8) returned 0x0
[0260.627] GdipCreateRegion (region=0xd7df60) returned 0x0
[0260.627] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0260.627] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0260.627] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0260.627] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0260.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.627] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0260.627] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.627] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0260.627] LocalFree (hMem=0x11ee788) returned 0x0
[0260.627] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0260.627] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0260.627] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df90) returned 0x0
[0260.627] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0260.627] GdipDeleteRegion (region=0x6645128) returned 0x0
[0260.627] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0260.627] GetCurrentObject (hdc=0xad0105d8, type=0x1) returned 0xb00017
[0260.627] GetCurrentObject (hdc=0xad0105d8, type=0x2) returned 0x900010
[0260.628] GetCurrentObject (hdc=0xad0105d8, type=0x7) returned 0x4a0507fe
[0260.628] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.628] SaveDC (hdc=0xad0105d8) returned 1
[0260.628] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xeb0407de
[0260.628] GetClipRgn (hdc=0xad0105d8, hrgn=0xeb0407de) returned 0
[0260.628] SelectClipRgn (hdc=0xad0105d8, hrgn=0x56040807) returned 2
[0260.628] DeleteObject (ho=0xeb0407de) returned 1
[0260.628] DeleteObject (ho=0x56040807) returned 1
[0260.628] OffsetViewportOrgEx (in: hdc=0xad0105d8, x=0, y=0, lppt=0x2e9ddac | out: lppt=0x2e9ddac) returned 1
[0260.628] IsAppThemed () returned 0x1
[0260.628] GetThemeAppProperties () returned 0x3
[0260.628] GetThemeAppProperties () returned 0x3
[0260.628] GetThemeBackgroundContentRect () returned 0x0
[0260.628] RestoreDC (hdc=0xad0105d8, nSavedDC=-1) returned 1
[0260.628] GdipReleaseDC (graphics=0x6600030, hdc=0xad0105d8) returned 0x0
[0260.628] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0260.628] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0260.628] GdipCloneRegion (region=0x66457e8, cloneRegion=0xd7e150) returned 0x0
[0260.628] GdipCombineRegionRectI (region=0x6645bd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0260.629] GdipCombineRegionRectI (region=0x6645bd8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0260.629] GdipSetClipRegion (graphics=0x6600030, region=0x6645bd8, combineMode=0x0) returned 0x0
[0260.629] GdipGetImageWidth (image=0x6602a58, width=0xd7e154) returned 0x0
[0260.629] GdipGetImageHeight (image=0x6602a58, height=0xd7e148) returned 0x0
[0260.629] GdipDrawImageRectI (graphics=0x6600030, image=0x6602a58, x=4, y=4, width=16, height=16) returned 0x0
[0260.629] GdipSetClipRegion (graphics=0x6600030, region=0x66457e8, combineMode=0x0) returned 0x0
[0260.629] IsAppThemed () returned 0x1
[0260.629] GetThemeAppProperties () returned 0x3
[0260.629] GetThemeAppProperties () returned 0x3
[0260.629] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0260.629] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0260.629] GetCurrentObject (hdc=0xad0105d8, type=0x1) returned 0xb00017
[0260.629] GetCurrentObject (hdc=0xad0105d8, type=0x2) returned 0x900010
[0260.629] GetCurrentObject (hdc=0xad0105d8, type=0x7) returned 0x4a0507fe
[0260.629] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.629] SaveDC (hdc=0xad0105d8) returned 1
[0260.629] GetTextAlign (hdc=0xad0105d8) returned 0x0
[0260.629] GetTextColor (hdc=0xad0105d8) returned 0x0
[0260.629] GetCurrentObject (hdc=0xad0105d8, type=0x6) returned 0x8a01c2
[0260.630] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0260.630] SelectObject (hdc=0xad0105d8, h=0x6d0a0520) returned 0x8a01c2
[0260.630] GetBkMode (hdc=0xad0105d8) returned 2
[0260.630] SetBkMode (hdc=0xad0105d8, mode=1) returned 2
[0260.630] DrawTextExW (in: hdc=0xad0105d8, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e9e16c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0260.630] DrawTextExW (in: hdc=0xad0105d8, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e9e16c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0260.630] RestoreDC (hdc=0xad0105d8, nSavedDC=-1) returned 1
[0260.630] GdipReleaseDC (graphics=0x6600030, hdc=0xad0105d8) returned 0x0
[0260.630] GetFocus () returned 0x2902d8
[0260.630] IsAppThemed () returned 0x1
[0260.631] GetThemeAppProperties () returned 0x3
[0260.631] GetThemeAppProperties () returned 0x3
[0260.631] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0260.631] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xad0105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.631] GdipReleaseDC (graphics=0x6600030, hdc=0xad0105d8) returned 0x0
[0260.631] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.631] SelectObject (hdc=0xad0105d8, h=0x85000f) returned 0x4a0507fe
[0260.631] DeleteDC (hdc=0xad0105d8) returned 1
[0260.631] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.631] EndPaint (hWnd=0x2902d8, lpPaint=0xd7e24c) returned 1
[0260.631] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.631] IsWindowUnicode (hWnd=0x1c02d0) returned 1
[0260.631] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.632] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.632] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.632] BeginPaint (in: hWnd=0x1c02d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0260.632] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.632] CreateCompatibleDC (hdc=0xf0105ee) returned 0xaf0105d8
[0260.632] SelectObject (hdc=0xaf0105d8, h=0x4a0507fe) returned 0x85000f
[0260.632] GdipCreateFromHDC (hdc=0xaf0105d8, graphics=0xd7e268) returned 0x0
[0260.632] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.632] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0260.632] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0260.632] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0260.632] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0260.632] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0260.632] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0260.632] LocalFree (hMem=0x11eecc8) returned 0x0
[0260.633] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0260.633] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0260.633] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0260.633] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0260.633] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0260.633] GdipRestoreGraphics (graphics=0x6600030, state=0xf7b60dbd) returned 0x0
[0260.633] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0260.633] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0260.633] GetCurrentObject (hdc=0xaf0105d8, type=0x1) returned 0xb00017
[0260.633] GetCurrentObject (hdc=0xaf0105d8, type=0x2) returned 0x900010
[0260.633] GetCurrentObject (hdc=0xaf0105d8, type=0x7) returned 0x4a0507fe
[0260.633] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.633] SaveDC (hdc=0xaf0105d8) returned 1
[0260.633] GetNearestColor (hdc=0xaf0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.633] GetNearestColor (hdc=0xaf0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0260.633] GetNearestColor (hdc=0xaf0105d8, color=0x696969) returned 0x696969
[0260.633] GetNearestColor (hdc=0xaf0105d8, color=0xa0a0a0) returned 0xa0a0a0
[0260.633] GetNearestColor (hdc=0xaf0105d8, color=0x0) returned 0x0
[0260.633] GetNearestColor (hdc=0xaf0105d8, color=0xffffff) returned 0xffffff
[0260.634] GetNearestColor (hdc=0xaf0105d8, color=0xe5e5e5) returned 0xe5e5e5
[0260.634] GetNearestColor (hdc=0xaf0105d8, color=0xd7d7d7) returned 0xd7d7d7
[0260.634] GetNearestColor (hdc=0xaf0105d8, color=0x0) returned 0x0
[0260.634] RestoreDC (hdc=0xaf0105d8, nSavedDC=-1) returned 1
[0260.634] GdipReleaseDC (graphics=0x6600030, hdc=0xaf0105d8) returned 0x0
[0260.634] IsAppThemed () returned 0x1
[0260.634] GetThemeAppProperties () returned 0x3
[0260.634] GetThemeAppProperties () returned 0x3
[0260.634] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0260.634] SendMessageW (hWnd=0x1d02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0260.634] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0260.634] IsAppThemed () returned 0x1
[0260.634] GetThemeAppProperties () returned 0x3
[0260.634] GetThemeAppProperties () returned 0x3
[0260.634] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e9e97c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0260.634] IsAppThemed () returned 0x1
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] IsAppThemed () returned 0x1
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] IsAppThemed () returned 0x1
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] IsAppThemed () returned 0x1
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] IsThemePartDefined () returned 0x1
[0260.635] IsAppThemed () returned 0x1
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.635] IsAppThemed () returned 0x1
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] IsAppThemed () returned 0x1
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] GetThemeAppProperties () returned 0x3
[0260.635] IsThemePartDefined () returned 0x1
[0260.635] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0260.635] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0260.635] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0260.635] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0260.635] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfe4) returned 0x0
[0260.636] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.636] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0260.636] LocalFree (hMem=0x11eec58) returned 0x0
[0260.636] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0260.636] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0260.636] LocalFree (hMem=0x11eecc8) returned 0x0
[0260.636] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0260.636] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0260.636] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0260.636] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0260.636] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0260.636] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0260.636] GetCurrentObject (hdc=0xaf0105d8, type=0x1) returned 0xb00017
[0260.636] GetCurrentObject (hdc=0xaf0105d8, type=0x2) returned 0x900010
[0260.636] GetCurrentObject (hdc=0xaf0105d8, type=0x7) returned 0x4a0507fe
[0260.636] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.636] SaveDC (hdc=0xaf0105d8) returned 1
[0260.636] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x57040807
[0260.637] GetClipRgn (hdc=0xaf0105d8, hrgn=0x57040807) returned 0
[0260.637] SelectClipRgn (hdc=0xaf0105d8, hrgn=0xef0407de) returned 2
[0260.637] DeleteObject (ho=0x57040807) returned 1
[0260.637] DeleteObject (ho=0xef0407de) returned 1
[0260.637] OffsetViewportOrgEx (in: hdc=0xaf0105d8, x=0, y=0, lppt=0x2e9f02c | out: lppt=0x2e9f02c) returned 1
[0260.637] DrawThemeParentBackground () returned 0x0
[0260.637] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0260.637] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0260.637] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.637] GetSystemMetrics (nIndex=42) returned 0
[0260.637] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0260.637] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0260.637] GetCurrentObject (hdc=0xaf0105d8, type=0x1) returned 0xb00017
[0260.641] GetCurrentObject (hdc=0xaf0105d8, type=0x2) returned 0x900010
[0260.641] GetCurrentObject (hdc=0xaf0105d8, type=0x7) returned 0x4a0507fe
[0260.641] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.641] SaveDC (hdc=0xaf0105d8) returned 2
[0260.641] GetNearestColor (hdc=0xaf0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.641] CreateSolidBrush (color=0xf0f0f0) returned 0xcb1007e1
[0260.641] FillRect (hDC=0xaf0105d8, lprc=0xd7da30, hbr=0xcb1007e1) returned 1
[0260.641] DeleteObject (ho=0xcb1007e1) returned 1
[0260.641] RestoreDC (hdc=0xaf0105d8, nSavedDC=-1) returned 1
[0260.642] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.642] GetSystemMetrics (nIndex=42) returned 0
[0260.642] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0260.642] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0260.642] GetCurrentObject (hdc=0xaf0105d8, type=0x1) returned 0xb00017
[0260.642] GetCurrentObject (hdc=0xaf0105d8, type=0x2) returned 0x900010
[0260.642] GetCurrentObject (hdc=0xaf0105d8, type=0x7) returned 0x4a0507fe
[0260.642] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.642] SaveDC (hdc=0xaf0105d8) returned 2
[0260.642] GetNearestColor (hdc=0xaf0105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.642] CreateSolidBrush (color=0xf0f0f0) returned 0xcc1007e1
[0260.642] FillRect (hDC=0xaf0105d8, lprc=0xd7d9d0, hbr=0xcc1007e1) returned 1
[0260.642] DeleteObject (ho=0xcc1007e1) returned 1
[0260.642] RestoreDC (hdc=0xaf0105d8, nSavedDC=-1) returned 1
[0260.642] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.642] GetSystemMetrics (nIndex=42) returned 0
[0260.642] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0260.643] RestoreDC (hdc=0xaf0105d8, nSavedDC=-1) returned 1
[0260.643] GdipReleaseDC (graphics=0x6600030, hdc=0xaf0105d8) returned 0x0
[0260.643] IsAppThemed () returned 0x1
[0260.643] GetThemeAppProperties () returned 0x3
[0260.643] GetThemeAppProperties () returned 0x3
[0260.643] IsAppThemed () returned 0x1
[0260.643] GetThemeAppProperties () returned 0x3
[0260.643] GetThemeAppProperties () returned 0x3
[0260.643] IsThemePartDefined () returned 0x1
[0260.643] GdipCreateRegion (region=0xd7df50) returned 0x0
[0260.643] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0260.643] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0260.643] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0260.643] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df68) returned 0x0
[0260.643] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.643] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0260.643] LocalFree (hMem=0x11eec58) returned 0x0
[0260.643] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.643] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0260.643] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.644] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0260.644] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0260.644] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0260.644] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0260.644] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0260.644] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0260.644] GetCurrentObject (hdc=0xaf0105d8, type=0x1) returned 0xb00017
[0260.644] GetCurrentObject (hdc=0xaf0105d8, type=0x2) returned 0x900010
[0260.644] GetCurrentObject (hdc=0xaf0105d8, type=0x7) returned 0x4a0507fe
[0260.644] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.644] SaveDC (hdc=0xaf0105d8) returned 1
[0260.644] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf00407de
[0260.644] GetClipRgn (hdc=0xaf0105d8, hrgn=0xf00407de) returned 0
[0260.644] SelectClipRgn (hdc=0xaf0105d8, hrgn=0x59040807) returned 2
[0260.644] DeleteObject (ho=0xf00407de) returned 1
[0260.644] DeleteObject (ho=0x59040807) returned 1
[0260.644] OffsetViewportOrgEx (in: hdc=0xaf0105d8, x=0, y=0, lppt=0x2e9f8d8 | out: lppt=0x2e9f8d8) returned 1
[0260.644] IsAppThemed () returned 0x1
[0260.644] GetThemeAppProperties () returned 0x3
[0260.644] GetThemeAppProperties () returned 0x3
[0260.644] DrawThemeBackground () returned 0x0
[0260.645] RestoreDC (hdc=0xaf0105d8, nSavedDC=-1) returned 1
[0260.645] GdipReleaseDC (graphics=0x6600030, hdc=0xaf0105d8) returned 0x0
[0260.645] GdipCreateRegion (region=0xd7df54) returned 0x0
[0260.645] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0260.645] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0260.645] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0260.645] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df6c) returned 0x0
[0260.645] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.645] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0260.645] LocalFree (hMem=0x11eec58) returned 0x0
[0260.645] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.645] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0260.645] LocalFree (hMem=0x11eec58) returned 0x0
[0260.645] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0260.645] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df94) returned 0x0
[0260.645] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df84) returned 0x0
[0260.645] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0260.645] GdipDeleteRegion (region=0x6645878) returned 0x0
[0260.645] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0260.645] GetCurrentObject (hdc=0xaf0105d8, type=0x1) returned 0xb00017
[0260.645] GetCurrentObject (hdc=0xaf0105d8, type=0x2) returned 0x900010
[0260.645] GetCurrentObject (hdc=0xaf0105d8, type=0x7) returned 0x4a0507fe
[0260.645] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.646] SaveDC (hdc=0xaf0105d8) returned 1
[0260.646] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a040807
[0260.646] GetClipRgn (hdc=0xaf0105d8, hrgn=0x5a040807) returned 0
[0260.646] SelectClipRgn (hdc=0xaf0105d8, hrgn=0xf10407de) returned 2
[0260.646] DeleteObject (ho=0x5a040807) returned 1
[0260.646] DeleteObject (ho=0xf10407de) returned 1
[0260.646] OffsetViewportOrgEx (in: hdc=0xaf0105d8, x=0, y=0, lppt=0x2e9fbac | out: lppt=0x2e9fbac) returned 1
[0260.646] IsAppThemed () returned 0x1
[0260.646] GetThemeAppProperties () returned 0x3
[0260.646] GetThemeAppProperties () returned 0x3
[0260.646] GetThemeBackgroundContentRect () returned 0x0
[0260.646] RestoreDC (hdc=0xaf0105d8, nSavedDC=-1) returned 1
[0260.646] GdipReleaseDC (graphics=0x6600030, hdc=0xaf0105d8) returned 0x0
[0260.646] IsAppThemed () returned 0x1
[0260.646] GetThemeAppProperties () returned 0x3
[0260.646] GetThemeAppProperties () returned 0x3
[0260.646] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0260.646] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0260.646] GetCurrentObject (hdc=0xaf0105d8, type=0x1) returned 0xb00017
[0260.646] GetCurrentObject (hdc=0xaf0105d8, type=0x2) returned 0x900010
[0260.646] GetCurrentObject (hdc=0xaf0105d8, type=0x7) returned 0x4a0507fe
[0260.646] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.647] SaveDC (hdc=0xaf0105d8) returned 1
[0260.647] GetTextAlign (hdc=0xaf0105d8) returned 0x0
[0260.647] GetTextColor (hdc=0xaf0105d8) returned 0x0
[0260.647] GetCurrentObject (hdc=0xaf0105d8, type=0x6) returned 0x8a01c2
[0260.647] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0260.647] SelectObject (hdc=0xaf0105d8, h=0x6d0a0520) returned 0x8a01c2
[0260.647] GetBkMode (hdc=0xaf0105d8) returned 2
[0260.647] SetBkMode (hdc=0xaf0105d8, mode=1) returned 2
[0260.647] DrawTextExW (in: hdc=0xaf0105d8, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e9ff4c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0260.647] DrawTextExW (in: hdc=0xaf0105d8, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e9ff4c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0260.648] RestoreDC (hdc=0xaf0105d8, nSavedDC=-1) returned 1
[0260.648] GdipReleaseDC (graphics=0x6600030, hdc=0xaf0105d8) returned 0x0
[0260.648] GetFocus () returned 0x2902d8
[0260.648] IsAppThemed () returned 0x1
[0260.648] GetThemeAppProperties () returned 0x3
[0260.648] GetThemeAppProperties () returned 0x3
[0260.648] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0260.648] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xaf0105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.648] GdipReleaseDC (graphics=0x6600030, hdc=0xaf0105d8) returned 0x0
[0260.648] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.648] SelectObject (hdc=0xaf0105d8, h=0x85000f) returned 0x4a0507fe
[0260.648] DeleteDC (hdc=0xaf0105d8) returned 1
[0260.648] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.648] EndPaint (hWnd=0x1c02d0, lpPaint=0xd7e24c) returned 1
[0260.648] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.649] IsWindowUnicode (hWnd=0x2102c8) returned 1
[0260.649] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.649] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.649] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.649] BeginPaint (in: hWnd=0x2102c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0260.649] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.649] CreateCompatibleDC (hdc=0x107b9) returned 0xb10105d8
[0260.649] SelectObject (hdc=0xb10105d8, h=0x4a0507fe) returned 0x85000f
[0260.649] GdipCreateFromHDC (hdc=0xb10105d8, graphics=0xd7e268) returned 0x0
[0260.649] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.649] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0260.649] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0260.649] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0260.649] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0260.649] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0260.649] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eead0) returned 0x0
[0260.650] LocalFree (hMem=0x11eead0) returned 0x0
[0260.650] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0260.650] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0260.650] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0260.650] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0260.650] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0260.650] GdipRestoreGraphics (graphics=0x6600030, state=0xf7b40dbd) returned 0x0
[0260.650] GdipDeleteRegion (region=0x6645128) returned 0x0
[0260.650] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0260.650] GetCurrentObject (hdc=0xb10105d8, type=0x1) returned 0xb00017
[0260.650] GetCurrentObject (hdc=0xb10105d8, type=0x2) returned 0x900010
[0260.650] GetCurrentObject (hdc=0xb10105d8, type=0x7) returned 0x4a0507fe
[0260.650] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.650] SaveDC (hdc=0xb10105d8) returned 1
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0xa0a0a0) returned 0xa0a0a0
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0x696969) returned 0x696969
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0xa0a0a0) returned 0xa0a0a0
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0x0) returned 0x0
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0xffffff) returned 0xffffff
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0xe5e5e5) returned 0xe5e5e5
[0260.650] GetNearestColor (hdc=0xb10105d8, color=0xd7d7d7) returned 0xd7d7d7
[0260.651] GetNearestColor (hdc=0xb10105d8, color=0x0) returned 0x0
[0260.651] RestoreDC (hdc=0xb10105d8, nSavedDC=-1) returned 1
[0260.651] GdipReleaseDC (graphics=0x6600030, hdc=0xb10105d8) returned 0x0
[0260.651] IsAppThemed () returned 0x1
[0260.651] GetThemeAppProperties () returned 0x3
[0260.651] GetThemeAppProperties () returned 0x3
[0260.651] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0260.651] SendMessageW (hWnd=0x1d02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0260.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0260.651] IsAppThemed () returned 0x1
[0260.651] GetThemeAppProperties () returned 0x3
[0260.651] GetThemeAppProperties () returned 0x3
[0260.651] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2ea075c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0260.651] IsAppThemed () returned 0x1
[0260.651] GetThemeAppProperties () returned 0x3
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] IsAppThemed () returned 0x1
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] GetFocus () returned 0x2902d8
[0260.652] IsAppThemed () returned 0x1
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] IsAppThemed () returned 0x1
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] IsThemePartDefined () returned 0x1
[0260.652] IsAppThemed () returned 0x1
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.652] IsAppThemed () returned 0x1
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] GetThemeAppProperties () returned 0x3
[0260.652] IsAppThemed () returned 0x1
[0260.653] GetThemeAppProperties () returned 0x3
[0260.653] GetThemeAppProperties () returned 0x3
[0260.653] IsThemePartDefined () returned 0x1
[0260.653] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0260.653] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0260.653] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0260.653] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0260.653] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dff0) returned 0x0
[0260.653] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0260.653] LocalFree (hMem=0x11ee788) returned 0x0
[0260.653] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0260.653] LocalFree (hMem=0x11eea60) returned 0x0
[0260.653] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0260.653] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e018) returned 0x0
[0260.653] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e008) returned 0x0
[0260.653] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0260.653] GdipDeleteRegion (region=0x6645998) returned 0x0
[0260.653] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0260.653] GetCurrentObject (hdc=0xb10105d8, type=0x1) returned 0xb00017
[0260.653] GetCurrentObject (hdc=0xb10105d8, type=0x2) returned 0x900010
[0260.654] GetCurrentObject (hdc=0xb10105d8, type=0x7) returned 0x4a0507fe
[0260.654] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.654] SaveDC (hdc=0xb10105d8) returned 1
[0260.654] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf20407de
[0260.654] GetClipRgn (hdc=0xb10105d8, hrgn=0xf20407de) returned 0
[0260.654] SelectClipRgn (hdc=0xb10105d8, hrgn=0x5e040807) returned 2
[0260.654] DeleteObject (ho=0xf20407de) returned 1
[0260.654] DeleteObject (ho=0x5e040807) returned 1
[0260.654] OffsetViewportOrgEx (in: hdc=0xb10105d8, x=0, y=0, lppt=0x2ea0e0c | out: lppt=0x2ea0e0c) returned 1
[0260.654] DrawThemeParentBackground () returned 0x0
[0260.654] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0260.654] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0260.654] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.654] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.655] GetSystemMetrics (nIndex=42) returned 0
[0260.655] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.655] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0260.655] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0260.655] GetCurrentObject (hdc=0xb10105d8, type=0x1) returned 0xb00017
[0260.655] GetCurrentObject (hdc=0xb10105d8, type=0x2) returned 0x900010
[0260.655] GetCurrentObject (hdc=0xb10105d8, type=0x7) returned 0x4a0507fe
[0260.655] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.655] SaveDC (hdc=0xb10105d8) returned 2
[0260.655] GetNearestColor (hdc=0xb10105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.655] CreateSolidBrush (color=0xf0f0f0) returned 0xcd1007e1
[0260.655] FillRect (hDC=0xb10105d8, lprc=0xd7da38, hbr=0xcd1007e1) returned 1
[0260.655] DeleteObject (ho=0xcd1007e1) returned 1
[0260.655] RestoreDC (hdc=0xb10105d8, nSavedDC=-1) returned 1
[0260.656] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.656] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.656] GetSystemMetrics (nIndex=42) returned 0
[0260.656] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.656] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0260.656] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0260.656] GetCurrentObject (hdc=0xb10105d8, type=0x1) returned 0xb00017
[0260.656] GetCurrentObject (hdc=0xb10105d8, type=0x2) returned 0x900010
[0260.656] GetCurrentObject (hdc=0xb10105d8, type=0x7) returned 0x4a0507fe
[0260.656] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.656] SaveDC (hdc=0xb10105d8) returned 2
[0260.656] GetNearestColor (hdc=0xb10105d8, color=0xf0f0f0) returned 0xf0f0f0
[0260.656] CreateSolidBrush (color=0xf0f0f0) returned 0xce1007e1
[0260.656] FillRect (hDC=0xb10105d8, lprc=0xd7d9d8, hbr=0xce1007e1) returned 1
[0260.656] DeleteObject (ho=0xce1007e1) returned 1
[0260.656] RestoreDC (hdc=0xb10105d8, nSavedDC=-1) returned 1
[0260.656] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.657] GetSystemMetrics (nIndex=42) returned 0
[0260.657] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0260.657] RestoreDC (hdc=0xb10105d8, nSavedDC=-1) returned 1
[0260.657] GdipReleaseDC (graphics=0x6600030, hdc=0xb10105d8) returned 0x0
[0260.657] IsAppThemed () returned 0x1
[0260.657] GetThemeAppProperties () returned 0x3
[0260.657] GetThemeAppProperties () returned 0x3
[0260.657] IsAppThemed () returned 0x1
[0260.657] GetThemeAppProperties () returned 0x3
[0260.657] GetThemeAppProperties () returned 0x3
[0260.657] IsThemePartDefined () returned 0x1
[0260.657] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0260.657] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0260.657] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0260.658] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0260.658] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df74) returned 0x0
[0260.658] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0260.658] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee910) returned 0x0
[0260.658] LocalFree (hMem=0x11ee910) returned 0x0
[0260.658] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0260.658] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee910) returned 0x0
[0260.658] LocalFree (hMem=0x11ee910) returned 0x0
[0260.658] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0260.658] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0260.658] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0260.658] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0260.658] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0260.658] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0260.658] GetCurrentObject (hdc=0xb10105d8, type=0x1) returned 0xb00017
[0260.658] GetCurrentObject (hdc=0xb10105d8, type=0x2) returned 0x900010
[0260.658] GetCurrentObject (hdc=0xb10105d8, type=0x7) returned 0x4a0507fe
[0260.658] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.659] SaveDC (hdc=0xb10105d8) returned 1
[0260.659] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0260.659] GetClipRgn (hdc=0xb10105d8, hrgn=0x5f040807) returned 0
[0260.659] SelectClipRgn (hdc=0xb10105d8, hrgn=0xf40407de) returned 2
[0260.659] DeleteObject (ho=0x5f040807) returned 1
[0260.659] DeleteObject (ho=0xf40407de) returned 1
[0260.659] OffsetViewportOrgEx (in: hdc=0xb10105d8, x=0, y=0, lppt=0x2ea16b8 | out: lppt=0x2ea16b8) returned 1
[0260.659] IsAppThemed () returned 0x1
[0260.659] GetThemeAppProperties () returned 0x3
[0260.659] GetThemeAppProperties () returned 0x3
[0260.659] DrawThemeBackground () returned 0x0
[0260.659] RestoreDC (hdc=0xb10105d8, nSavedDC=-1) returned 1
[0260.659] GdipReleaseDC (graphics=0x6600030, hdc=0xb10105d8) returned 0x0
[0260.659] GdipCreateRegion (region=0xd7df60) returned 0x0
[0260.659] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0260.660] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0260.660] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0260.660] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df78) returned 0x0
[0260.660] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.660] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0260.660] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.660] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0260.660] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0260.660] LocalFree (hMem=0x11eea98) returned 0x0
[0260.660] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0260.660] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0260.660] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0260.660] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0260.660] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0260.660] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0260.660] GetCurrentObject (hdc=0xb10105d8, type=0x1) returned 0xb00017
[0260.660] GetCurrentObject (hdc=0xb10105d8, type=0x2) returned 0x900010
[0260.660] GetCurrentObject (hdc=0xb10105d8, type=0x7) returned 0x4a0507fe
[0260.661] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.661] SaveDC (hdc=0xb10105d8) returned 1
[0260.661] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf50407de
[0260.661] GetClipRgn (hdc=0xb10105d8, hrgn=0xf50407de) returned 0
[0260.661] SelectClipRgn (hdc=0xb10105d8, hrgn=0x60040807) returned 2
[0260.661] DeleteObject (ho=0xf50407de) returned 1
[0260.661] DeleteObject (ho=0x60040807) returned 1
[0260.661] OffsetViewportOrgEx (in: hdc=0xb10105d8, x=0, y=0, lppt=0x2ea198c | out: lppt=0x2ea198c) returned 1
[0260.661] IsAppThemed () returned 0x1
[0260.661] GetThemeAppProperties () returned 0x3
[0260.661] GetThemeAppProperties () returned 0x3
[0260.661] GetThemeBackgroundContentRect () returned 0x0
[0260.661] RestoreDC (hdc=0xb10105d8, nSavedDC=-1) returned 1
[0260.661] GdipReleaseDC (graphics=0x6600030, hdc=0xb10105d8) returned 0x0
[0260.661] IsAppThemed () returned 0x1
[0260.662] GetThemeAppProperties () returned 0x3
[0260.662] GetThemeAppProperties () returned 0x3
[0260.662] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0260.662] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0260.662] GetCurrentObject (hdc=0xb10105d8, type=0x1) returned 0xb00017
[0260.662] GetCurrentObject (hdc=0xb10105d8, type=0x2) returned 0x900010
[0260.662] GetCurrentObject (hdc=0xb10105d8, type=0x7) returned 0x4a0507fe
[0260.662] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.662] SaveDC (hdc=0xb10105d8) returned 1
[0260.662] GetTextAlign (hdc=0xb10105d8) returned 0x0
[0260.662] GetTextColor (hdc=0xb10105d8) returned 0x0
[0260.662] GetCurrentObject (hdc=0xb10105d8, type=0x6) returned 0x8a01c2
[0260.662] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0260.662] SelectObject (hdc=0xb10105d8, h=0x6d0a0520) returned 0x8a01c2
[0260.663] GetBkMode (hdc=0xb10105d8) returned 2
[0260.663] SetBkMode (hdc=0xb10105d8, mode=1) returned 2
[0260.663] DrawTextExW (in: hdc=0xb10105d8, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2ea1d2c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0260.663] DrawTextExW (in: hdc=0xb10105d8, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ea1d2c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0260.663] RestoreDC (hdc=0xb10105d8, nSavedDC=-1) returned 1
[0260.663] GdipReleaseDC (graphics=0x6600030, hdc=0xb10105d8) returned 0x0
[0260.663] GetFocus () returned 0x2902d8
[0260.663] IsAppThemed () returned 0x1
[0260.664] GetThemeAppProperties () returned 0x3
[0260.664] GetThemeAppProperties () returned 0x3
[0260.664] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0260.664] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xb10105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.664] GdipReleaseDC (graphics=0x6600030, hdc=0xb10105d8) returned 0x0
[0260.664] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.664] SelectObject (hdc=0xb10105d8, h=0x85000f) returned 0x4a0507fe
[0260.664] DeleteDC (hdc=0xb10105d8) returned 1
[0260.664] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.664] EndPaint (hWnd=0x2102c8, lpPaint=0xd7e24c) returned 1
[0260.664] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.665] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.665] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.665] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.665] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.665] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0260.665] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.665] CreateCompatibleDC (hdc=0xc0107c5) returned 0xb30105d8
[0260.665] SelectObject (hdc=0xb30105d8, h=0x4a0507fe) returned 0x85000f
[0260.665] GdipCreateFromHDC (hdc=0xb30105d8, graphics=0xd7e268) returned 0x0
[0260.665] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.665] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0260.666] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0260.666] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0260.666] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0260.666] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.666] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0260.666] LocalFree (hMem=0x11ee788) returned 0x0
[0260.666] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0260.666] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0260.666] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0260.666] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0260.666] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0260.666] GdipRestoreGraphics (graphics=0x6600030, state=0xf7b20dbd) returned 0x0
[0260.666] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0260.666] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0260.666] GetCurrentObject (hdc=0xb30105d8, type=0x1) returned 0xb00017
[0260.666] GetCurrentObject (hdc=0xb30105d8, type=0x2) returned 0x900010
[0260.666] GetCurrentObject (hdc=0xb30105d8, type=0x7) returned 0x4a0507fe
[0260.666] GetCurrentObject (hdc=0xb30105d8, type=0x6) returned 0x8a01c2
[0260.667] SaveDC (hdc=0xb30105d8) returned 1
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0xff) returned 0xff
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0x55) returned 0x55
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0x0) returned 0x0
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0x55) returned 0x55
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0x0) returned 0x0
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0x8080ff) returned 0x8080ff
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0x7373e5) returned 0x7373e5
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0xe5) returned 0xe5
[0260.667] GetNearestColor (hdc=0xb30105d8, color=0x0) returned 0x0
[0260.667] RestoreDC (hdc=0xb30105d8, nSavedDC=-1) returned 1
[0260.667] GdipReleaseDC (graphics=0x6600030, hdc=0xb30105d8) returned 0x0
[0260.667] IsAppThemed () returned 0x1
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] IsAppThemed () returned 0x1
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2ea24f4 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0260.668] IsAppThemed () returned 0x1
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] IsAppThemed () returned 0x1
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] GetThemeAppProperties () returned 0x3
[0260.668] GetFocus () returned 0x2902d8
[0260.668] IsAppThemed () returned 0x1
[0260.669] GetThemeAppProperties () returned 0x3
[0260.669] GetThemeAppProperties () returned 0x3
[0260.669] IsAppThemed () returned 0x1
[0260.674] GetThemeAppProperties () returned 0x3
[0260.674] GetThemeAppProperties () returned 0x3
[0260.674] IsThemePartDefined () returned 0x1
[0260.674] IsAppThemed () returned 0x1
[0260.674] GetThemeAppProperties () returned 0x3
[0260.674] GetThemeAppProperties () returned 0x3
[0260.674] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.674] IsAppThemed () returned 0x1
[0260.674] GetThemeAppProperties () returned 0x3
[0260.674] GetThemeAppProperties () returned 0x3
[0260.674] IsAppThemed () returned 0x1
[0260.674] GetThemeAppProperties () returned 0x3
[0260.674] GetThemeAppProperties () returned 0x3
[0260.675] IsThemePartDefined () returned 0x1
[0260.675] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0260.675] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0260.675] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0260.675] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0260.675] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0260.675] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.675] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0260.675] LocalFree (hMem=0x11ee788) returned 0x0
[0260.675] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.675] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0260.675] LocalFree (hMem=0x11ee788) returned 0x0
[0260.675] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0260.675] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e018) returned 0x0
[0260.675] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e008) returned 0x0
[0260.675] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0260.675] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0260.676] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0260.676] GetCurrentObject (hdc=0xb30105d8, type=0x1) returned 0xb00017
[0260.676] GetCurrentObject (hdc=0xb30105d8, type=0x2) returned 0x900010
[0260.676] GetCurrentObject (hdc=0xb30105d8, type=0x7) returned 0x4a0507fe
[0260.676] GetCurrentObject (hdc=0xb30105d8, type=0x6) returned 0x8a01c2
[0260.676] SaveDC (hdc=0xb30105d8) returned 1
[0260.676] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x61040807
[0260.676] GetClipRgn (hdc=0xb30105d8, hrgn=0x61040807) returned 0
[0260.676] SelectClipRgn (hdc=0xb30105d8, hrgn=0xf90407de) returned 2
[0260.676] DeleteObject (ho=0x61040807) returned 1
[0260.676] DeleteObject (ho=0xf90407de) returned 1
[0260.676] OffsetViewportOrgEx (in: hdc=0xb30105d8, x=0, y=0, lppt=0x2ea2ba4 | out: lppt=0x2ea2ba4) returned 1
[0260.676] DrawThemeParentBackground () returned 0x0
[0260.677] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0260.677] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0260.677] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.677] GetSystemMetrics (nIndex=42) returned 0
[0260.677] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0260.677] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0260.677] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0260.677] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0260.677] SelectPalette (hdc=0xb30105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.677] GdipCreateFromHDC (hdc=0xb30105d8, graphics=0xd7dac8) returned 0x0
[0260.677] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0260.677] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0260.678] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638a28) returned 0x0
[0260.678] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7daa0) returned 0x0
[0260.678] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0260.678] GdipCreateRegion (region=0xd7da88) returned 0x0
[0260.678] GdipGetClip (graphics=0x6656960, region=0x6646178) returned 0x0
[0260.678] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6656960, result=0xd7da94) returned 0x0
[0260.678] GdipDeleteRegion (region=0x6646178) returned 0x0
[0260.678] GdipSaveGraphics (graphics=0x6656960, state=0xd7dac0) returned 0x0
[0260.678] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0260.684] GdipFillRectangleI (graphics=0x6656960, brush=0x6635938, x=0, y=0, width=801, height=453) returned 0x0
[0260.684] GdipDeleteBrush (brush=0x6635938) returned 0x0
[0260.685] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0260.685] SelectPalette (hdc=0xb30105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.686] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.686] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.686] GetSystemMetrics (nIndex=42) returned 0
[0260.686] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.686] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0260.686] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0260.686] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0260.686] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0260.686] SelectPalette (hdc=0xb30105d8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.686] GdipCreateFromHDC (hdc=0xb30105d8, graphics=0xd7da68) returned 0x0
[0260.686] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0260.686] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0260.686] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638a58) returned 0x0
[0260.686] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7da40) returned 0x0
[0260.687] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0260.687] GdipCreateRegion (region=0xd7da28) returned 0x0
[0260.687] GdipGetClip (graphics=0x6656960, region=0x6645c68) returned 0x0
[0260.687] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6656960, result=0xd7da34) returned 0x0
[0260.687] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0260.687] GdipSaveGraphics (graphics=0x6656960, state=0xd7da60) returned 0x0
[0260.687] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0260.694] GdipFillRectangleI (graphics=0x6656960, brush=0x6635590, x=0, y=0, width=801, height=453) returned 0x0
[0260.694] GdipDeleteBrush (brush=0x6635590) returned 0x0
[0260.695] GdipRestoreGraphics (graphics=0x6656960, state=0xf7ae0dbd) returned 0x0
[0260.695] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.696] GetSystemMetrics (nIndex=42) returned 0
[0260.696] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0260.696] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0260.696] SelectPalette (hdc=0xb30105d8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.696] RestoreDC (hdc=0xb30105d8, nSavedDC=-1) returned 1
[0260.696] GdipReleaseDC (graphics=0x6600030, hdc=0xb30105d8) returned 0x0
[0260.696] IsAppThemed () returned 0x1
[0260.696] GetThemeAppProperties () returned 0x3
[0260.696] GetThemeAppProperties () returned 0x3
[0260.696] IsAppThemed () returned 0x1
[0260.696] GetThemeAppProperties () returned 0x3
[0260.696] GetThemeAppProperties () returned 0x3
[0260.697] IsThemePartDefined () returned 0x1
[0260.697] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0260.697] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0260.697] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0260.697] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0260.697] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0260.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0260.697] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0260.697] LocalFree (hMem=0x11eec58) returned 0x0
[0260.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.697] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0260.697] LocalFree (hMem=0x11ee788) returned 0x0
[0260.697] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0260.697] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0260.697] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0260.697] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0260.697] GdipDeleteRegion (region=0x6645128) returned 0x0
[0260.697] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0260.698] GetCurrentObject (hdc=0xb30105d8, type=0x1) returned 0xb00017
[0260.698] GetCurrentObject (hdc=0xb30105d8, type=0x2) returned 0x900010
[0260.698] GetCurrentObject (hdc=0xb30105d8, type=0x7) returned 0x4a0507fe
[0260.698] GetCurrentObject (hdc=0xb30105d8, type=0x6) returned 0x8a01c2
[0260.698] SaveDC (hdc=0xb30105d8) returned 1
[0260.698] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa0407de
[0260.698] GetClipRgn (hdc=0xb30105d8, hrgn=0xfa0407de) returned 0
[0260.698] SelectClipRgn (hdc=0xb30105d8, hrgn=0x63040807) returned 2
[0260.698] DeleteObject (ho=0xfa0407de) returned 1
[0260.698] DeleteObject (ho=0x63040807) returned 1
[0260.698] OffsetViewportOrgEx (in: hdc=0xb30105d8, x=0, y=0, lppt=0x2ea93f4 | out: lppt=0x2ea93f4) returned 1
[0260.698] IsAppThemed () returned 0x1
[0260.698] GetThemeAppProperties () returned 0x3
[0260.698] GetThemeAppProperties () returned 0x3
[0260.698] DrawThemeBackground () returned 0x0
[0260.698] RestoreDC (hdc=0xb30105d8, nSavedDC=-1) returned 1
[0260.699] GdipReleaseDC (graphics=0x6600030, hdc=0xb30105d8) returned 0x0
[0260.699] GdipCreateRegion (region=0xd7df60) returned 0x0
[0260.699] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0260.699] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0260.699] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0260.699] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0260.699] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0260.699] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0260.699] LocalFree (hMem=0x11ee910) returned 0x0
[0260.699] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0260.699] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0260.699] LocalFree (hMem=0x11ee910) returned 0x0
[0260.699] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0260.699] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0260.699] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0260.699] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0260.699] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0260.700] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0260.700] GetCurrentObject (hdc=0xb30105d8, type=0x1) returned 0xb00017
[0260.700] GetCurrentObject (hdc=0xb30105d8, type=0x2) returned 0x900010
[0260.700] GetCurrentObject (hdc=0xb30105d8, type=0x7) returned 0x4a0507fe
[0260.700] GetCurrentObject (hdc=0xb30105d8, type=0x6) returned 0x8a01c2
[0260.700] SaveDC (hdc=0xb30105d8) returned 1
[0260.700] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x64040807
[0260.704] GetClipRgn (hdc=0xb30105d8, hrgn=0x64040807) returned 0
[0260.705] SelectClipRgn (hdc=0xb30105d8, hrgn=0xfb0407de) returned 2
[0260.705] DeleteObject (ho=0x64040807) returned 1
[0260.705] DeleteObject (ho=0xfb0407de) returned 1
[0260.705] OffsetViewportOrgEx (in: hdc=0xb30105d8, x=0, y=0, lppt=0x2ea96c8 | out: lppt=0x2ea96c8) returned 1
[0260.705] IsAppThemed () returned 0x1
[0260.705] GetThemeAppProperties () returned 0x3
[0260.705] GetThemeAppProperties () returned 0x3
[0260.705] GetThemeBackgroundContentRect () returned 0x0
[0260.705] RestoreDC (hdc=0xb30105d8, nSavedDC=-1) returned 1
[0260.705] GdipReleaseDC (graphics=0x6600030, hdc=0xb30105d8) returned 0x0
[0260.705] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0260.705] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0260.705] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0260.705] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0260.705] IsAppThemed () returned 0x1
[0260.705] GetThemeAppProperties () returned 0x3
[0260.705] GetThemeAppProperties () returned 0x3
[0260.705] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0260.705] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0260.706] GetCurrentObject (hdc=0xb30105d8, type=0x1) returned 0xb00017
[0260.706] GetCurrentObject (hdc=0xb30105d8, type=0x2) returned 0x900010
[0260.706] GetCurrentObject (hdc=0xb30105d8, type=0x7) returned 0x4a0507fe
[0260.706] GetCurrentObject (hdc=0xb30105d8, type=0x6) returned 0x8a01c2
[0260.706] SaveDC (hdc=0xb30105d8) returned 1
[0260.706] GetTextAlign (hdc=0xb30105d8) returned 0x0
[0260.706] GetTextColor (hdc=0xb30105d8) returned 0x0
[0260.706] GetCurrentObject (hdc=0xb30105d8, type=0x6) returned 0x8a01c2
[0260.706] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0260.706] SelectObject (hdc=0xb30105d8, h=0x6d0a0520) returned 0x8a01c2
[0260.706] GetBkMode (hdc=0xb30105d8) returned 2
[0260.706] SetBkMode (hdc=0xb30105d8, mode=1) returned 2
[0260.706] DrawTextExW (in: hdc=0xb30105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2ea9a8c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0260.707] DrawTextExW (in: hdc=0xb30105d8, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ea9a8c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0260.707] RestoreDC (hdc=0xb30105d8, nSavedDC=-1) returned 1
[0260.707] GdipReleaseDC (graphics=0x6600030, hdc=0xb30105d8) returned 0x0
[0260.707] GetFocus () returned 0x2902d8
[0260.707] IsAppThemed () returned 0x1
[0260.707] GetThemeAppProperties () returned 0x3
[0260.707] GetThemeAppProperties () returned 0x3
[0260.708] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0260.708] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xb30105d8, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.708] GdipReleaseDC (graphics=0x6600030, hdc=0xb30105d8) returned 0x0
[0260.708] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.708] SelectObject (hdc=0xb30105d8, h=0x85000f) returned 0x4a0507fe
[0260.708] DeleteDC (hdc=0xb30105d8) returned 1
[0260.708] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.708] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0260.708] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.708] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.708] WaitMessage () returned 1
[0260.719] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.719] IsWindowUnicode (hWnd=0x1c02d0) returned 1
[0260.720] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.720] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.720] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.720] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.720] IsWindowUnicode (hWnd=0x1c02d0) returned 1
[0260.720] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.720] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.720] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x2a1, wParam=0x0, lParam=0x80030) returned 0x0
[0260.720] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.720] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.720] WaitMessage () returned 1
[0260.723] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.723] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.723] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.723] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.723] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.724] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.724] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.724] WaitMessage () returned 1
[0260.725] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.725] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.725] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.725] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.725] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.726] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.726] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.726] WaitMessage () returned 1
[0260.727] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.727] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.727] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.727] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.727] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.729] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.729] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.729] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.730] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.730] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.730] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.730] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.730] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.730] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.730] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.730] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.731] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.731] WaitMessage () returned 1
[0260.736] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.736] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.736] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.736] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.736] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.738] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.738] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.738] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.738] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.738] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.739] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.739] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.739] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.739] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.739] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.739] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.739] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.739] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.739] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.739] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.740] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.740] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.740] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.740] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.740] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.740] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.740] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0260.740] WaitMessage () returned 1
[0260.817] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.818] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.818] IsWindowUnicode (hWnd=0x1c02d0) returned 1
[0260.818] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.818] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.818] GetDlgItem (hDlg=0x1d02ce, nIDDlgItem=0) returned 0x0
[0260.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x210, wParam=0x201, lParam=0x660111) returned 0x0
[0260.818] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x21, wParam=0x1d02ce, lParam=0x2010001) returned 0x1
[0260.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x21, wParam=0x1d02ce, lParam=0x2010001) returned 0x1
[0260.818] SetCursor (hCursor=0x10003) returned 0x10003
[0260.818] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.818] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.818] GetKeyState (nVirtKey=1) returned -127
[0260.819] GetKeyState (nVirtKey=2) returned 0
[0260.819] GetKeyState (nVirtKey=4) returned 0
[0260.819] GetKeyState (nVirtKey=5) returned 0
[0260.819] GetKeyState (nVirtKey=6) returned 0
[0260.819] IsWindowVisible (hWnd=0x1c02d0) returned 1
[0260.819] IsWindowEnabled (hWnd=0x1c02d0) returned 1
[0260.819] SetFocus (hWnd=0x1c02d0) returned 0x2902d8
[0260.819] GetFocus () returned 0x1c02d0
[0260.819] IsChild (hWndParent=0x1d02ce, hWnd=0x1c02d0) returned 1
[0260.819] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x8, wParam=0x1c02d0, lParam=0x0) returned 0x0
[0260.819] GetCapture () returned 0x0
[0260.819] InvalidateRect (hWnd=0x2902d8, lpRect=0x0, bErase=0) returned 1
[0260.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0260.821] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0260.823] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.823] InvalidateRect (hWnd=0x2902d8, lpRect=0x0, bErase=0) returned 1
[0260.823] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x7, wParam=0x2902d8, lParam=0x0) returned 0x0
[0260.823] GetStockObject (i=5) returned 0x900015
[0260.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0260.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0260.823] GetDlgItem (hDlg=0x1d02ce, nIDDlgItem=1835728) returned 0x1c02d0
[0260.823] SendMessageW (hWnd=0x1c02d0, Msg=0x202b, wParam=0x1c02d0, lParam=0xd7dddc) returned 0x0
[0260.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x202b, wParam=0x1c02d0, lParam=0xd7dddc) returned 0x0
[0260.823] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.825] GetFocus () returned 0x1c02d0
[0260.825] GetFocus () returned 0x1c02d0
[0260.825] GetFocus () returned 0x1c02d0
[0260.825] GetKeyState (nVirtKey=1) returned -127
[0260.825] GetKeyState (nVirtKey=2) returned 0
[0260.825] GetKeyState (nVirtKey=4) returned 0
[0260.827] GetKeyState (nVirtKey=5) returned 0
[0260.828] GetKeyState (nVirtKey=6) returned 0
[0260.828] GetCapture () returned 0x0
[0260.828] SetCapture (hWnd=0x1c02d0) returned 0x0
[0260.828] GetKeyState (nVirtKey=1) returned -127
[0260.828] GetKeyState (nVirtKey=2) returned 0
[0260.828] GetKeyState (nVirtKey=4) returned 0
[0260.828] GetKeyState (nVirtKey=5) returned 0
[0260.828] GetKeyState (nVirtKey=6) returned 0
[0260.828] NotifyWinEvent (event=0x800a, hwnd=0x1c02d0, idObject=-4, idChild=0)
[0260.828] InvalidateRect (hWnd=0x1c02d0, lpRect=0xd7e430, bErase=0) returned 1
[0260.828] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.828] IsWindowUnicode (hWnd=0x1c02d0) returned 1
[0260.828] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.828] TranslateMessage (lpMsg=0xd7e808) returned 0
[0260.828] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0260.828] MapWindowPoints (in: hWndFrom=0x1c02d0, hWndTo=0x0, lpPoints=0x2ea9d54, cPoints=0x1 | out: lpPoints=0x2ea9d54) returned 30999254
[0260.828] NotifyWinEvent (event=0x800a, hwnd=0x1c02d0, idObject=-4, idChild=0)
[0260.828] InvalidateRect (hWnd=0x1c02d0, lpRect=0xd7e3d0, bErase=0) returned 1
[0260.828] UpdateWindow (hWnd=0x1c02d0) returned 1
[0260.828] BeginPaint (in: hWnd=0x1c02d0, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0260.829] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.829] CreateCompatibleDC (hdc=0xf0105ee) returned 0xfc0107fc
[0260.829] SelectObject (hdc=0xfc0107fc, h=0x4a0507fe) returned 0x85000f
[0260.829] GdipCreateFromHDC (hdc=0xfc0107fc, graphics=0xd7df00) returned 0x0
[0260.829] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.829] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0260.829] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0260.829] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0260.829] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df60) returned 0x0
[0260.829] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0260.829] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0260.829] LocalFree (hMem=0x11eea28) returned 0x0
[0260.829] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0260.829] GdipCreateRegion (region=0xd7df48) returned 0x0
[0260.829] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0260.829] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df54) returned 0x0
[0260.830] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0260.830] GdipRestoreGraphics (graphics=0x6600030, state=0xf7ac0dbd) returned 0x0
[0260.830] GdipDeleteRegion (region=0x6645488) returned 0x0
[0260.830] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0260.830] GetCurrentObject (hdc=0xfc0107fc, type=0x1) returned 0xb00017
[0260.830] GetCurrentObject (hdc=0xfc0107fc, type=0x2) returned 0x900010
[0260.830] GetCurrentObject (hdc=0xfc0107fc, type=0x7) returned 0x4a0507fe
[0260.830] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.830] SaveDC (hdc=0xfc0107fc) returned 1
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0x696969) returned 0x696969
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0x0) returned 0x0
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0xffffff) returned 0xffffff
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0xe5e5e5) returned 0xe5e5e5
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0xd7d7d7) returned 0xd7d7d7
[0260.830] GetNearestColor (hdc=0xfc0107fc, color=0x0) returned 0x0
[0260.830] RestoreDC (hdc=0xfc0107fc, nSavedDC=-1) returned 1
[0260.831] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107fc) returned 0x0
[0260.831] IsAppThemed () returned 0x1
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] IsAppThemed () returned 0x1
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2eaa4ac | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0260.831] IsAppThemed () returned 0x1
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] IsAppThemed () returned 0x1
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] IsAppThemed () returned 0x1
[0260.831] GetThemeAppProperties () returned 0x3
[0260.831] GetThemeAppProperties () returned 0x3
[0260.832] IsAppThemed () returned 0x1
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] IsThemePartDefined () returned 0x1
[0260.832] IsAppThemed () returned 0x1
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.832] IsAppThemed () returned 0x1
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] IsAppThemed () returned 0x1
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] GetThemeAppProperties () returned 0x3
[0260.832] IsThemePartDefined () returned 0x1
[0260.832] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0260.832] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0260.832] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0260.832] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0260.832] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc7c) returned 0x0
[0260.832] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0260.832] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eed00) returned 0x0
[0260.832] LocalFree (hMem=0x11eed00) returned 0x0
[0260.832] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.832] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0260.832] LocalFree (hMem=0x11ee788) returned 0x0
[0260.833] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0260.833] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0260.833] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0260.833] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0260.833] GdipDeleteRegion (region=0x6645488) returned 0x0
[0260.833] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0260.833] GetCurrentObject (hdc=0xfc0107fc, type=0x1) returned 0xb00017
[0260.833] GetCurrentObject (hdc=0xfc0107fc, type=0x2) returned 0x900010
[0260.833] GetCurrentObject (hdc=0xfc0107fc, type=0x7) returned 0x4a0507fe
[0260.833] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.833] SaveDC (hdc=0xfc0107fc) returned 1
[0260.833] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfc0407de
[0260.833] GetClipRgn (hdc=0xfc0107fc, hrgn=0xfc0407de) returned 0
[0260.833] SelectClipRgn (hdc=0xfc0107fc, hrgn=0x68040807) returned 2
[0260.833] DeleteObject (ho=0xfc0407de) returned 1
[0260.833] DeleteObject (ho=0x68040807) returned 1
[0260.833] OffsetViewportOrgEx (in: hdc=0xfc0107fc, x=0, y=0, lppt=0x2eaab5c | out: lppt=0x2eaab5c) returned 1
[0260.833] DrawThemeParentBackground () returned 0x0
[0260.834] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0260.834] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0260.834] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.834] GetSystemMetrics (nIndex=42) returned 0
[0260.834] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0260.834] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0260.834] GetCurrentObject (hdc=0xfc0107fc, type=0x1) returned 0xb00017
[0260.834] GetCurrentObject (hdc=0xfc0107fc, type=0x2) returned 0x900010
[0260.834] GetCurrentObject (hdc=0xfc0107fc, type=0x7) returned 0x4a0507fe
[0260.834] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.834] SaveDC (hdc=0xfc0107fc) returned 2
[0260.834] GetNearestColor (hdc=0xfc0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0260.834] CreateSolidBrush (color=0xf0f0f0) returned 0xcf1007e1
[0260.834] FillRect (hDC=0xfc0107fc, lprc=0xd7d6c8, hbr=0xcf1007e1) returned 1
[0260.834] DeleteObject (ho=0xcf1007e1) returned 1
[0260.834] RestoreDC (hdc=0xfc0107fc, nSavedDC=-1) returned 1
[0260.834] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.835] GetSystemMetrics (nIndex=42) returned 0
[0260.835] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0260.835] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0260.835] GetCurrentObject (hdc=0xfc0107fc, type=0x1) returned 0xb00017
[0260.835] GetCurrentObject (hdc=0xfc0107fc, type=0x2) returned 0x900010
[0260.835] GetCurrentObject (hdc=0xfc0107fc, type=0x7) returned 0x4a0507fe
[0260.835] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.835] SaveDC (hdc=0xfc0107fc) returned 2
[0260.835] GetNearestColor (hdc=0xfc0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0260.835] CreateSolidBrush (color=0xf0f0f0) returned 0xd01007e1
[0260.835] FillRect (hDC=0xfc0107fc, lprc=0xd7d668, hbr=0xd01007e1) returned 1
[0260.835] DeleteObject (ho=0xd01007e1) returned 1
[0260.835] RestoreDC (hdc=0xfc0107fc, nSavedDC=-1) returned 1
[0260.835] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.835] GetSystemMetrics (nIndex=42) returned 0
[0260.835] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0260.836] RestoreDC (hdc=0xfc0107fc, nSavedDC=-1) returned 1
[0260.836] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107fc) returned 0x0
[0260.836] IsAppThemed () returned 0x1
[0260.836] GetThemeAppProperties () returned 0x3
[0260.836] GetThemeAppProperties () returned 0x3
[0260.836] IsAppThemed () returned 0x1
[0260.836] GetThemeAppProperties () returned 0x3
[0260.836] GetThemeAppProperties () returned 0x3
[0260.836] IsThemePartDefined () returned 0x1
[0260.836] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0260.836] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0260.836] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0260.836] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0260.836] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0260.836] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0260.836] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0260.836] LocalFree (hMem=0x11ee8d8) returned 0x0
[0260.836] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0260.836] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0260.836] LocalFree (hMem=0x11ee868) returned 0x0
[0260.836] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0260.837] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0260.837] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0260.837] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0260.837] GdipDeleteRegion (region=0x6645128) returned 0x0
[0260.837] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0260.837] GetCurrentObject (hdc=0xfc0107fc, type=0x1) returned 0xb00017
[0260.837] GetCurrentObject (hdc=0xfc0107fc, type=0x2) returned 0x900010
[0260.837] GetCurrentObject (hdc=0xfc0107fc, type=0x7) returned 0x4a0507fe
[0260.837] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.837] SaveDC (hdc=0xfc0107fc) returned 1
[0260.837] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x69040807
[0260.837] GetClipRgn (hdc=0xfc0107fc, hrgn=0x69040807) returned 0
[0260.837] SelectClipRgn (hdc=0xfc0107fc, hrgn=0xfe0407de) returned 2
[0260.837] DeleteObject (ho=0x69040807) returned 1
[0260.837] DeleteObject (ho=0xfe0407de) returned 1
[0260.837] OffsetViewportOrgEx (in: hdc=0xfc0107fc, x=0, y=0, lppt=0x2eab408 | out: lppt=0x2eab408) returned 1
[0260.837] IsAppThemed () returned 0x1
[0260.837] GetThemeAppProperties () returned 0x3
[0260.837] GetThemeAppProperties () returned 0x3
[0260.837] DrawThemeBackground () returned 0x0
[0260.838] RestoreDC (hdc=0xfc0107fc, nSavedDC=-1) returned 1
[0260.838] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107fc) returned 0x0
[0260.838] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0260.838] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0260.838] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0260.838] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0260.838] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc04) returned 0x0
[0260.838] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.838] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0260.838] LocalFree (hMem=0x11ee788) returned 0x0
[0260.838] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0260.838] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0260.838] LocalFree (hMem=0x11ee788) returned 0x0
[0260.838] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0260.838] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0260.838] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0260.838] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0260.838] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0260.838] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0260.838] GetCurrentObject (hdc=0xfc0107fc, type=0x1) returned 0xb00017
[0260.838] GetCurrentObject (hdc=0xfc0107fc, type=0x2) returned 0x900010
[0260.838] GetCurrentObject (hdc=0xfc0107fc, type=0x7) returned 0x4a0507fe
[0260.838] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.839] SaveDC (hdc=0xfc0107fc) returned 1
[0260.839] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff0407de
[0260.839] GetClipRgn (hdc=0xfc0107fc, hrgn=0xff0407de) returned 0
[0260.839] SelectClipRgn (hdc=0xfc0107fc, hrgn=0x6a040807) returned 2
[0260.839] DeleteObject (ho=0xff0407de) returned 1
[0260.839] DeleteObject (ho=0x6a040807) returned 1
[0260.839] OffsetViewportOrgEx (in: hdc=0xfc0107fc, x=0, y=0, lppt=0x2eab6dc | out: lppt=0x2eab6dc) returned 1
[0260.839] IsAppThemed () returned 0x1
[0260.839] GetThemeAppProperties () returned 0x3
[0260.839] GetThemeAppProperties () returned 0x3
[0260.839] GetThemeBackgroundContentRect () returned 0x0
[0260.839] RestoreDC (hdc=0xfc0107fc, nSavedDC=-1) returned 1
[0260.839] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107fc) returned 0x0
[0260.839] IsAppThemed () returned 0x1
[0260.839] GetThemeAppProperties () returned 0x3
[0260.839] GetThemeAppProperties () returned 0x3
[0260.839] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0260.839] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0260.839] GetCurrentObject (hdc=0xfc0107fc, type=0x1) returned 0xb00017
[0260.839] GetCurrentObject (hdc=0xfc0107fc, type=0x2) returned 0x900010
[0260.839] GetCurrentObject (hdc=0xfc0107fc, type=0x7) returned 0x4a0507fe
[0260.839] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.840] SaveDC (hdc=0xfc0107fc) returned 1
[0260.840] GetTextAlign (hdc=0xfc0107fc) returned 0x0
[0260.840] GetTextColor (hdc=0xfc0107fc) returned 0x0
[0260.840] GetCurrentObject (hdc=0xfc0107fc, type=0x6) returned 0x8a01c2
[0260.840] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0260.840] SelectObject (hdc=0xfc0107fc, h=0x6d0a0520) returned 0x8a01c2
[0260.840] GetBkMode (hdc=0xfc0107fc) returned 2
[0260.840] SetBkMode (hdc=0xfc0107fc, mode=1) returned 2
[0260.840] DrawTextExW (in: hdc=0xfc0107fc, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2eaba7c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0260.840] DrawTextExW (in: hdc=0xfc0107fc, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2eaba7c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0260.841] RestoreDC (hdc=0xfc0107fc, nSavedDC=-1) returned 1
[0260.841] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107fc) returned 0x0
[0260.841] GetFocus () returned 0x1c02d0
[0260.841] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0260.841] SendMessageW (hWnd=0x1d02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0260.841] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0260.841] IsAppThemed () returned 0x1
[0260.841] GetThemeAppProperties () returned 0x3
[0260.841] GetThemeAppProperties () returned 0x3
[0260.841] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0260.841] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xfc0107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.841] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107fc) returned 0x0
[0260.841] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.841] SelectObject (hdc=0xfc0107fc, h=0x85000f) returned 0x4a0507fe
[0260.842] DeleteDC (hdc=0xfc0107fc) returned 1
[0260.842] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.842] EndPaint (hWnd=0x1c02d0, lpPaint=0xd7dee4) returned 1
[0260.842] MapWindowPoints (in: hWndFrom=0x1c02d0, hWndTo=0x0, lpPoints=0x2eabb78, cPoints=0x1 | out: lpPoints=0x2eabb78) returned 30999254
[0260.842] WindowFromPoint (Point=0x306) returned 0x1c02d0
[0260.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.842] NotifyWinEvent (event=0x800a, hwnd=0x1c02d0, idObject=-4, idChild=0)
[0260.842] NotifyWinEvent (event=0x800c, hwnd=0x1c02d0, idObject=-4, idChild=0)
[0260.842] GetCapture () returned 0x1c02d0
[0260.842] ReleaseCapture () returned 1
[0260.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0260.842] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0260.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.843] IsWindow (hWnd=0x7005c) returned 1
[0260.843] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0260.843] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0260.844] IsWindow (hWnd=0x1d02ce) returned 1
[0260.844] SetActiveWindow (hWnd=0x1d02ce) returned 0x1d02ce
[0260.844] IsWindow (hWnd=0x1d02ce) returned 1
[0260.844] SetFocus (hWnd=0x1d02ce) returned 0x1c02d0
[0260.844] GetFocus () returned 0x1d02ce
[0260.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x8, wParam=0x1d02ce, lParam=0x0) returned 0x0
[0260.844] GetCapture () returned 0x0
[0260.844] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0260.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0260.847] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.847] GetFocus () returned 0x1d02ce
[0260.847] SetFocus (hWnd=0x1c02d0) returned 0x1d02ce
[0260.848] GetFocus () returned 0x1c02d0
[0260.848] IsChild (hWndParent=0x1d02ce, hWnd=0x1c02d0) returned 1
[0260.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x8, wParam=0x1c02d0, lParam=0x0) returned 0x0
[0260.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0260.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0260.851] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x7, wParam=0x1d02ce, lParam=0x0) returned 0x0
[0260.851] GetStockObject (i=5) returned 0x900015
[0260.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0260.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0260.851] GetDlgItem (hDlg=0x1d02ce, nIDDlgItem=1835728) returned 0x1c02d0
[0260.851] SendMessageW (hWnd=0x1c02d0, Msg=0x202b, wParam=0x1c02d0, lParam=0xd7ddcc) returned 0x0
[0260.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x202b, wParam=0x1c02d0, lParam=0xd7ddcc) returned 0x0
[0260.852] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.853] GetWindowLongW (hWnd=0x1d02ce, nIndex=-8) returned 458844
[0260.853] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0260.853] GetCurrentThreadId () returned 0xf50
[0260.853] IsWindow (hWnd=0x7005c) returned 1
[0260.853] IsWindow (hWnd=0x7005c) returned 1
[0260.853] IsWindowVisible (hWnd=0x7005c) returned 1
[0260.853] SetActiveWindow (hWnd=0x7005c) returned 0x1d02ce
[0260.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0260.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0260.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0260.859] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0260.859] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0260.859] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0260.859] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0260.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.860] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.861] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1d02ce) returned 0x1
[0260.863] GetFocus () returned 0x1c02d0
[0260.863] SetFocus (hWnd=0x602c4) returned 0x1c02d0
[0260.864] GetFocus () returned 0x602c4
[0260.864] IsChild (hWndParent=0x1d02ce, hWnd=0x602c4) returned 0
[0260.864] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0260.864] GetCapture () returned 0x0
[0260.864] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.865] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0260.866] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0260.867] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.867] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0260.867] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.867] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0260.868] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0260.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x1c02d0, lParam=0x0) returned 0x0
[0260.868] GetStockObject (i=5) returned 0x900015
[0260.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0260.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0260.868] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0260.868] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0260.868] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0260.868] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0260.870] GetFocus () returned 0x602c4
[0260.870] IsChild (hWndParent=0x1d02ce, hWnd=0x602c4) returned 0
[0260.870] ShowWindow (hWnd=0x1d02ce, nCmdShow=0) returned 1
[0260.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0260.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0260.871] GetWindowPlacement (in: hWnd=0x1d02ce, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0260.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0260.871] GetClientRect (in: hWnd=0x1d02ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0260.871] GetWindowRect (in: hWnd=0x1d02ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0260.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0260.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0260.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0260.879] GetWindowLongW (hWnd=0x1d02ce, nIndex=-20) returned 327945
[0260.879] DestroyWindow (hWnd=0x1d02ce) returned 1
[0260.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0260.879] GetWindowTextLengthW (hWnd=0x1d02ce) returned 13
[0260.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.879] GetSystemMetrics (nIndex=42) returned 0
[0260.879] GetWindowTextW (in: hWnd=0x1d02ce, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0260.880] GetWindowTextLengthW (hWnd=0x2702da) returned 0
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0260.880] GetSystemMetrics (nIndex=42) returned 0
[0260.880] GetWindowTextW (in: hWnd=0x2702da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0260.880] GetWindowThreadProcessId (in: hWnd=0x2a00ea, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0260.880] GetWindow (hWnd=0x2a00ea, uCmd=0x5) returned 0x0
[0260.880] GetWindowLongW (hWnd=0x2a00ea, nIndex=-20) returned 65792
[0260.880] DestroyWindow (hWnd=0x2a00ea) returned 1
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0260.880] GetWindowTextLengthW (hWnd=0x2a00ea) returned 25
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0260.880] GetSystemMetrics (nIndex=42) returned 0
[0260.880] GetWindowTextW (in: hWnd=0x2a00ea, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0260.880] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0260.881] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.882] GetWindowTextLengthW (hWnd=0x2702dc) returned 232
[0260.882] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0260.882] GetSystemMetrics (nIndex=42) returned 0
[0260.882] GetWindowTextW (in: hWnd=0x2702dc, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0260.882] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0260.882] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0260.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0260.882] InvalidateRect (hWnd=0x1c02d0, lpRect=0x0, bErase=0) returned 1
[0260.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0260.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0260.882] SendMessageW (hWnd=0x2702de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0260.882] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0260.882] SendMessageW (hWnd=0x2702de, Msg=0xb0, wParam=0x2e779c4, lParam=0xd7e480) returned 0x0
[0260.883] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0xb0, wParam=0x2e779c4, lParam=0xd7e480) returned 0x0
[0260.883] GetWindowTextLengthW (hWnd=0x2702de) returned 4363
[0260.883] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0260.883] GetSystemMetrics (nIndex=42) returned 0
[0260.883] CoTaskMemAlloc (cb=0x221c) returned 0x120a4b0
[0260.883] GetWindowTextW (in: hWnd=0x2702de, lpString=0x120a4b0, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0260.883] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0xd, wParam=0x110c, lParam=0x120a4b0) returned 0x110b
[0260.883] CoTaskMemFree (pv=0x120a4b0)
[0260.883] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0260.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.885] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.886] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.887] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1c02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.888] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.889] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2702de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0260.892] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.892] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.892] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.892] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.892] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.892] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.892] IsWindowUnicode (hWnd=0x7005c) returned 1
[0260.892] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.893] SetCursor (hCursor=0x10003) returned 0x10003
[0260.893] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.893] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0260.893] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0260.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0260.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0248) returned 0x0
[0260.893] GetKeyState (nVirtKey=1) returned 1
[0260.893] GetKeyState (nVirtKey=2) returned 0
[0260.893] GetKeyState (nVirtKey=4) returned 0
[0260.893] GetKeyState (nVirtKey=5) returned 0
[0260.893] GetKeyState (nVirtKey=6) returned 0
[0260.893] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.894] IsWindowUnicode (hWnd=0x7005c) returned 1
[0260.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.895] IsWindowUnicode (hWnd=0x7005c) returned 1
[0260.895] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.895] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e10306) returned 0x1
[0260.895] SetCursor (hCursor=0x10003) returned 0x10003
[0260.895] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.895] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.895] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10c0248) returned 0x0
[0260.895] GetKeyState (nVirtKey=1) returned 1
[0260.895] GetKeyState (nVirtKey=2) returned 0
[0260.895] GetKeyState (nVirtKey=4) returned 0
[0260.895] GetKeyState (nVirtKey=5) returned 0
[0260.895] GetKeyState (nVirtKey=6) returned 0
[0260.895] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.896] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.896] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.896] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.896] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.896] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.897] IsWindowUnicode (hWnd=0x602c4) returned 1
[0260.897] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.897] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.897] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.897] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0260.897] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.897] CreateCompatibleDC (hdc=0xf0105ee) returned 0x860107f8
[0260.898] SelectObject (hdc=0x860107f8, h=0x4a0507fe) returned 0x85000f
[0260.898] GdipCreateFromHDC (hdc=0x860107f8, graphics=0xd7e798) returned 0x0
[0260.898] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0260.898] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0260.898] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0260.898] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0260.898] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e7f8) returned 0x0
[0260.898] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0260.898] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0260.898] LocalFree (hMem=0x11ee8d8) returned 0x0
[0260.898] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0260.898] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0260.898] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0260.898] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0260.898] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0260.899] GdipRestoreGraphics (graphics=0x6600030, state=0xf7aa0dbd) returned 0x0
[0260.899] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0260.899] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0260.899] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0260.899] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0260.899] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0260.899] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0260.899] SaveDC (hdc=0x860107f8) returned 1
[0260.899] GetNearestColor (hdc=0x860107f8, color=0xff) returned 0xff
[0260.899] GetNearestColor (hdc=0x860107f8, color=0x55) returned 0x55
[0260.899] GetNearestColor (hdc=0x860107f8, color=0x0) returned 0x0
[0260.899] GetNearestColor (hdc=0x860107f8, color=0x55) returned 0x55
[0260.899] GetNearestColor (hdc=0x860107f8, color=0x0) returned 0x0
[0260.899] GetNearestColor (hdc=0x860107f8, color=0x8080ff) returned 0x8080ff
[0260.900] GetNearestColor (hdc=0x860107f8, color=0x7373e5) returned 0x7373e5
[0260.900] GetNearestColor (hdc=0x860107f8, color=0xe5) returned 0xe5
[0260.900] GetNearestColor (hdc=0x860107f8, color=0x0) returned 0x0
[0260.900] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0260.900] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0260.900] IsAppThemed () returned 0x1
[0260.900] GetThemeAppProperties () returned 0x3
[0260.900] GetThemeAppProperties () returned 0x3
[0260.900] IsAppThemed () returned 0x1
[0260.900] GetThemeAppProperties () returned 0x3
[0260.900] GetThemeAppProperties () returned 0x3
[0260.900] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2eb38e4 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0260.901] IsAppThemed () returned 0x1
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] IsAppThemed () returned 0x1
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] GetFocus () returned 0x602c4
[0260.901] IsAppThemed () returned 0x1
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] IsAppThemed () returned 0x1
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] IsThemePartDefined () returned 0x1
[0260.901] IsAppThemed () returned 0x1
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0260.901] IsAppThemed () returned 0x1
[0260.901] GetThemeAppProperties () returned 0x3
[0260.901] GetThemeAppProperties () returned 0x3
[0260.902] IsAppThemed () returned 0x1
[0260.902] GetThemeAppProperties () returned 0x3
[0260.902] GetThemeAppProperties () returned 0x3
[0260.902] IsThemePartDefined () returned 0x1
[0260.902] GdipCreateRegion (region=0xd7e508) returned 0x0
[0260.902] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0260.902] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0260.902] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0260.902] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e520) returned 0x0
[0260.902] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.902] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0260.902] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.902] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0260.902] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eed00) returned 0x0
[0260.902] LocalFree (hMem=0x11eed00) returned 0x0
[0260.902] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0260.902] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e548) returned 0x0
[0260.902] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e538) returned 0x0
[0260.902] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0260.902] GdipDeleteRegion (region=0x6645518) returned 0x0
[0260.902] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0260.903] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0260.903] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0260.903] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0260.903] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0260.903] SaveDC (hdc=0x860107f8) returned 1
[0260.903] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b040807
[0260.903] GetClipRgn (hdc=0x860107f8, hrgn=0x6b040807) returned 0
[0260.903] SelectClipRgn (hdc=0x860107f8, hrgn=0x30407de) returned 2
[0260.910] DeleteObject (ho=0x6b040807) returned 1
[0260.910] DeleteObject (ho=0x30407de) returned 1
[0260.910] OffsetViewportOrgEx (in: hdc=0x860107f8, x=0, y=0, lppt=0x2eb3f94 | out: lppt=0x2eb3f94) returned 1
[0260.910] DrawThemeParentBackground () returned 0x0
[0260.910] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0260.910] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0260.910] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.910] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.910] GetSystemMetrics (nIndex=42) returned 0
[0260.910] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.910] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0260.910] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0260.910] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0260.910] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0260.911] SelectPalette (hdc=0x860107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.911] GdipCreateFromHDC (hdc=0x860107f8, graphics=0xd7dff8) returned 0x0
[0260.911] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0260.911] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0260.911] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638ab8) returned 0x0
[0260.911] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfd0) returned 0x0
[0260.911] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0260.911] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0260.911] GdipGetClip (graphics=0x6656960, region=0x6646178) returned 0x0
[0260.911] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6656960, result=0xd7dfc4) returned 0x0
[0260.911] GdipDeleteRegion (region=0x6646178) returned 0x0
[0260.911] GdipSaveGraphics (graphics=0x6656960, state=0xd7dff0) returned 0x0
[0260.911] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0260.919] GdipFillRectangleI (graphics=0x6656960, brush=0x66356c8, x=0, y=0, width=801, height=453) returned 0x0
[0260.919] GdipDeleteBrush (brush=0x66356c8) returned 0x0
[0260.921] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0260.921] SelectPalette (hdc=0x860107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.921] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.921] GetSystemMetrics (nIndex=42) returned 0
[0260.921] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0260.921] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0260.922] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0260.922] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0260.922] SelectPalette (hdc=0x860107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0260.922] GdipCreateFromHDC (hdc=0x860107f8, graphics=0xd7df98) returned 0x0
[0260.922] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0260.922] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0260.922] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638db8) returned 0x0
[0260.922] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df70) returned 0x0
[0260.922] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0260.922] GdipCreateRegion (region=0xd7df58) returned 0x0
[0260.922] GdipGetClip (graphics=0x6656960, region=0x6645f38) returned 0x0
[0260.922] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6656960, result=0xd7df64) returned 0x0
[0260.922] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0260.922] GdipSaveGraphics (graphics=0x6656960, state=0xd7df90) returned 0x0
[0260.922] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0260.929] GdipFillRectangleI (graphics=0x6656960, brush=0x66350b0, x=0, y=0, width=801, height=453) returned 0x0
[0260.929] GdipDeleteBrush (brush=0x66350b0) returned 0x0
[0260.930] GdipRestoreGraphics (graphics=0x6656960, state=0xf7a60dbd) returned 0x0
[0260.930] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0260.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0260.930] GetSystemMetrics (nIndex=42) returned 0
[0260.930] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0260.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0260.931] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0260.931] SelectPalette (hdc=0x860107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.931] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0260.931] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0260.931] IsAppThemed () returned 0x1
[0260.931] GetThemeAppProperties () returned 0x3
[0260.931] GetThemeAppProperties () returned 0x3
[0260.931] IsAppThemed () returned 0x1
[0260.931] GetThemeAppProperties () returned 0x3
[0260.931] GetThemeAppProperties () returned 0x3
[0260.931] IsThemePartDefined () returned 0x1
[0260.931] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0260.932] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0260.932] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0260.932] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0260.932] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e4a4) returned 0x0
[0260.932] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.932] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0260.932] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.932] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.932] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0260.932] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.932] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0260.932] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0260.932] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0260.932] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0260.932] GdipDeleteRegion (region=0x6645908) returned 0x0
[0260.932] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0260.932] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0260.932] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0260.932] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0260.933] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0260.933] SaveDC (hdc=0x860107f8) returned 1
[0260.933] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x40407de
[0260.933] GetClipRgn (hdc=0x860107f8, hrgn=0x40407de) returned 0
[0260.933] SelectClipRgn (hdc=0x860107f8, hrgn=0x6d040807) returned 2
[0260.933] DeleteObject (ho=0x40407de) returned 1
[0260.933] DeleteObject (ho=0x6d040807) returned 1
[0260.933] OffsetViewportOrgEx (in: hdc=0x860107f8, x=0, y=0, lppt=0x2eba7e4 | out: lppt=0x2eba7e4) returned 1
[0260.933] IsAppThemed () returned 0x1
[0260.933] GetThemeAppProperties () returned 0x3
[0260.933] GetThemeAppProperties () returned 0x3
[0260.933] DrawThemeBackground () returned 0x0
[0260.933] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0260.933] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0260.933] GdipCreateRegion (region=0xd7e490) returned 0x0
[0260.933] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0260.934] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0260.934] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0260.934] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e4a8) returned 0x0
[0260.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0260.934] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0260.934] LocalFree (hMem=0x11ee9f0) returned 0x0
[0260.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0260.934] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0260.934] LocalFree (hMem=0x11ee868) returned 0x0
[0260.934] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0260.934] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0260.934] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0260.934] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0260.934] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0260.938] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0260.938] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0260.938] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0260.938] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0260.938] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0260.938] SaveDC (hdc=0x860107f8) returned 1
[0260.938] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e040807
[0260.938] GetClipRgn (hdc=0x860107f8, hrgn=0x6e040807) returned 0
[0260.938] SelectClipRgn (hdc=0x860107f8, hrgn=0x50407de) returned 2
[0260.938] DeleteObject (ho=0x6e040807) returned 1
[0260.938] DeleteObject (ho=0x50407de) returned 1
[0260.938] OffsetViewportOrgEx (in: hdc=0x860107f8, x=0, y=0, lppt=0x2ebaab8 | out: lppt=0x2ebaab8) returned 1
[0260.938] IsAppThemed () returned 0x1
[0260.939] GetThemeAppProperties () returned 0x3
[0260.939] GetThemeAppProperties () returned 0x3
[0260.939] GetThemeBackgroundContentRect () returned 0x0
[0260.939] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0260.939] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0260.939] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0260.939] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0260.939] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0260.939] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0260.939] IsAppThemed () returned 0x1
[0260.939] GetThemeAppProperties () returned 0x3
[0260.939] GetThemeAppProperties () returned 0x3
[0260.939] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0260.939] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0260.939] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0260.939] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0260.939] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0260.939] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0260.939] SaveDC (hdc=0x860107f8) returned 1
[0260.940] GetTextAlign (hdc=0x860107f8) returned 0x0
[0260.940] GetTextColor (hdc=0x860107f8) returned 0x0
[0260.940] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0260.940] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0260.940] SelectObject (hdc=0x860107f8, h=0x6d0a0520) returned 0x8a01c2
[0260.940] GetBkMode (hdc=0x860107f8) returned 2
[0260.940] SetBkMode (hdc=0x860107f8, mode=1) returned 2
[0260.940] DrawTextExW (in: hdc=0x860107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2ebae7c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0260.940] DrawTextExW (in: hdc=0x860107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2ebae7c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0260.941] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0260.941] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0260.941] GetFocus () returned 0x602c4
[0260.941] IsAppThemed () returned 0x1
[0260.941] GetThemeAppProperties () returned 0x3
[0260.941] GetThemeAppProperties () returned 0x3
[0260.941] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0260.941] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x860107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0260.941] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0260.941] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0260.942] SelectObject (hdc=0x860107f8, h=0x85000f) returned 0x4a0507fe
[0260.942] DeleteDC (hdc=0x860107f8) returned 1
[0260.942] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0260.942] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0260.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.942] WaitMessage () returned 1
[0260.958] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.958] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.958] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.958] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.958] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.959] WaitMessage () returned 1
[0260.972] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.972] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.972] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.972] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.972] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.973] WaitMessage () returned 1
[0260.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.974] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.974] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.974] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.974] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.975] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.975] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.976] WaitMessage () returned 1
[0260.976] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.976] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.976] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.976] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.976] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.978] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.979] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.979] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.979] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.979] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.979] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.979] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.979] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.979] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.979] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.979] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.980] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.980] WaitMessage () returned 1
[0260.980] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.981] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.981] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.981] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.981] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.986] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.986] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.986] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.987] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.987] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.987] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.987] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.987] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.987] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.987] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.987] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.988] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.988] WaitMessage () returned 1
[0260.990] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.990] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.990] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.990] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.990] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.991] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.991] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.991] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.991] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.991] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.992] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.992] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.992] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.992] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.992] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.992] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.993] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.993] WaitMessage () returned 1
[0260.993] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.993] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.993] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.993] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.993] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.995] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.995] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.995] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.995] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.995] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.995] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.995] IsWindowUnicode (hWnd=0x30122) returned 1
[0260.995] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0260.996] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0260.996] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0260.996] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.997] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0260.997] WaitMessage () returned 1
[0261.001] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0261.001] IsWindowUnicode (hWnd=0x7005c) returned 1
[0261.001] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0261.001] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0261.001] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0261.001] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0261.001] IsWindowUnicode (hWnd=0x7005c) returned 1
[0261.001] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0261.001] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0261.001] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0261.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10c0248) returned 0x0
[0261.001] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0261.001] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0261.001] WaitMessage () returned 1
[0261.172] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0261.172] IsWindowUnicode (hWnd=0x502c6) returned 1
[0261.172] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0261.172] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0261.172] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0261.172] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0261.172] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0261.172] WaitMessage () returned 1
[0263.063] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.063] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000ef) returned 0x1
[0263.063] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.063] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.064] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.064] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0263.064] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.064] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000ef) returned 0x1
[0263.064] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.064] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.064] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000ef) returned 0x1
[0263.064] SetCursor (hCursor=0x10003) returned 0x10003
[0263.064] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.064] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.064] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0263.065] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0263.065] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0263.065] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0263.065] GetKeyState (nVirtKey=1) returned 1
[0263.065] GetKeyState (nVirtKey=2) returned 0
[0263.065] GetKeyState (nVirtKey=4) returned 0
[0263.065] GetKeyState (nVirtKey=5) returned 0
[0263.065] GetKeyState (nVirtKey=6) returned 0
[0263.065] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.065] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.065] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.065] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.065] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.065] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0263.065] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.065] CreateCompatibleDC (hdc=0xf0105ee) returned 0x520107f4
[0263.066] SelectObject (hdc=0x520107f4, h=0x4a0507fe) returned 0x85000f
[0263.066] GdipCreateFromHDC (hdc=0x520107f4, graphics=0xd7e798) returned 0x0
[0263.066] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.066] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0263.066] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0263.066] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0263.066] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e7f8) returned 0x0
[0263.066] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0263.066] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0263.066] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.066] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0263.066] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0263.067] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0263.067] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0263.067] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0263.067] GdipRestoreGraphics (graphics=0x6600030, state=0xf7a40dbd) returned 0x0
[0263.067] GdipDeleteRegion (region=0x6645128) returned 0x0
[0263.067] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0263.067] GetCurrentObject (hdc=0x520107f4, type=0x1) returned 0xb00017
[0263.067] GetCurrentObject (hdc=0x520107f4, type=0x2) returned 0x900010
[0263.067] GetCurrentObject (hdc=0x520107f4, type=0x7) returned 0x4a0507fe
[0263.067] GetCurrentObject (hdc=0x520107f4, type=0x6) returned 0x8a01c2
[0263.067] SaveDC (hdc=0x520107f4) returned 1
[0263.067] GetNearestColor (hdc=0x520107f4, color=0xff) returned 0xff
[0263.067] GetNearestColor (hdc=0x520107f4, color=0x55) returned 0x55
[0263.067] GetNearestColor (hdc=0x520107f4, color=0x0) returned 0x0
[0263.068] GetNearestColor (hdc=0x520107f4, color=0x55) returned 0x55
[0263.068] GetNearestColor (hdc=0x520107f4, color=0x0) returned 0x0
[0263.068] GetNearestColor (hdc=0x520107f4, color=0x8080ff) returned 0x8080ff
[0263.068] GetNearestColor (hdc=0x520107f4, color=0x7373e5) returned 0x7373e5
[0263.068] GetNearestColor (hdc=0x520107f4, color=0xe5) returned 0xe5
[0263.068] GetNearestColor (hdc=0x520107f4, color=0x0) returned 0x0
[0263.068] RestoreDC (hdc=0x520107f4, nSavedDC=-1) returned 1
[0263.068] GdipReleaseDC (graphics=0x6600030, hdc=0x520107f4) returned 0x0
[0263.068] IsAppThemed () returned 0x1
[0263.068] GetThemeAppProperties () returned 0x3
[0263.068] GetThemeAppProperties () returned 0x3
[0263.068] IsAppThemed () returned 0x1
[0263.068] GetThemeAppProperties () returned 0x3
[0263.068] GetThemeAppProperties () returned 0x3
[0263.068] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2ebb7ec | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0263.069] IsAppThemed () returned 0x1
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] IsAppThemed () returned 0x1
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] IsAppThemed () returned 0x1
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] IsAppThemed () returned 0x1
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] IsThemePartDefined () returned 0x1
[0263.069] IsAppThemed () returned 0x1
[0263.069] GetThemeAppProperties () returned 0x3
[0263.069] GetThemeAppProperties () returned 0x3
[0263.070] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.070] IsAppThemed () returned 0x1
[0263.070] GetThemeAppProperties () returned 0x3
[0263.070] GetThemeAppProperties () returned 0x3
[0263.070] IsAppThemed () returned 0x1
[0263.070] GetThemeAppProperties () returned 0x3
[0263.070] GetThemeAppProperties () returned 0x3
[0263.070] IsThemePartDefined () returned 0x1
[0263.070] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0263.070] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0263.070] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0263.070] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0263.070] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e514) returned 0x0
[0263.070] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.070] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0263.070] LocalFree (hMem=0x11ee788) returned 0x0
[0263.070] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.070] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0263.070] LocalFree (hMem=0x11eec58) returned 0x0
[0263.071] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0263.071] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0263.071] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0263.071] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0263.071] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0263.071] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0263.071] GetCurrentObject (hdc=0x520107f4, type=0x1) returned 0xb00017
[0263.071] GetCurrentObject (hdc=0x520107f4, type=0x2) returned 0x900010
[0263.071] GetCurrentObject (hdc=0x520107f4, type=0x7) returned 0x4a0507fe
[0263.071] GetCurrentObject (hdc=0x520107f4, type=0x6) returned 0x8a01c2
[0263.071] SaveDC (hdc=0x520107f4) returned 1
[0263.071] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x60407de
[0263.071] GetClipRgn (hdc=0x520107f4, hrgn=0x60407de) returned 0
[0263.071] SelectClipRgn (hdc=0x520107f4, hrgn=0x72040807) returned 2
[0263.071] DeleteObject (ho=0x60407de) returned 1
[0263.071] DeleteObject (ho=0x72040807) returned 1
[0263.072] OffsetViewportOrgEx (in: hdc=0x520107f4, x=0, y=0, lppt=0x2ebbe9c | out: lppt=0x2ebbe9c) returned 1
[0263.072] DrawThemeParentBackground () returned 0x0
[0263.072] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0263.072] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0263.072] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.072] GetSystemMetrics (nIndex=42) returned 0
[0263.072] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0263.072] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0263.072] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0263.072] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0263.072] SelectPalette (hdc=0x520107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.073] GdipCreateFromHDC (hdc=0x520107f4, graphics=0xd7dff0) returned 0x0
[0263.073] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0263.073] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0263.073] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638db8) returned 0x0
[0263.073] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dfc8) returned 0x0
[0263.073] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0263.073] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0263.073] GdipGetClip (graphics=0x6656960, region=0x6645878) returned 0x0
[0263.073] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6656960, result=0xd7dfbc) returned 0x0
[0263.073] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.073] GdipSaveGraphics (graphics=0x6656960, state=0xd7dfe8) returned 0x0
[0263.073] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0263.081] GdipFillRectangleI (graphics=0x6656960, brush=0x6635800, x=0, y=0, width=801, height=453) returned 0x0
[0263.081] GdipDeleteBrush (brush=0x6635800) returned 0x0
[0263.083] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0263.083] SelectPalette (hdc=0x520107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.083] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.083] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.083] GetSystemMetrics (nIndex=42) returned 0
[0263.083] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.083] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0263.083] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0263.083] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0263.083] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0263.083] SelectPalette (hdc=0x520107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.083] GdipCreateFromHDC (hdc=0x520107f4, graphics=0xd7df90) returned 0x0
[0263.084] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0263.084] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0263.084] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638ba8) returned 0x0
[0263.084] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df68) returned 0x0
[0263.084] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0263.084] GdipCreateRegion (region=0xd7df50) returned 0x0
[0263.084] GdipGetClip (graphics=0x6656960, region=0x6646178) returned 0x0
[0263.084] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6656960, result=0xd7df5c) returned 0x0
[0263.084] GdipDeleteRegion (region=0x6646178) returned 0x0
[0263.084] GdipSaveGraphics (graphics=0x6656960, state=0xd7df88) returned 0x0
[0263.084] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0263.091] GdipFillRectangleI (graphics=0x6656960, brush=0x66356c8, x=0, y=0, width=801, height=453) returned 0x0
[0263.091] GdipDeleteBrush (brush=0x66356c8) returned 0x0
[0263.093] GdipRestoreGraphics (graphics=0x6656960, state=0xf7a00dbd) returned 0x0
[0263.093] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.093] GetSystemMetrics (nIndex=42) returned 0
[0263.093] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0263.093] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0263.093] SelectPalette (hdc=0x520107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.094] RestoreDC (hdc=0x520107f4, nSavedDC=-1) returned 1
[0263.094] GdipReleaseDC (graphics=0x6600030, hdc=0x520107f4) returned 0x0
[0263.094] IsAppThemed () returned 0x1
[0263.094] GetThemeAppProperties () returned 0x3
[0263.094] GetThemeAppProperties () returned 0x3
[0263.094] IsAppThemed () returned 0x1
[0263.094] GetThemeAppProperties () returned 0x3
[0263.094] GetThemeAppProperties () returned 0x3
[0263.094] IsThemePartDefined () returned 0x1
[0263.094] GdipCreateRegion (region=0xd7e480) returned 0x0
[0263.094] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0263.095] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0263.095] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0263.095] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e498) returned 0x0
[0263.095] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0263.095] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0263.095] LocalFree (hMem=0x11ee9f0) returned 0x0
[0263.095] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0263.095] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0263.095] LocalFree (hMem=0x11eea98) returned 0x0
[0263.095] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0263.095] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0263.095] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0263.095] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0263.095] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0263.095] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0263.095] GetCurrentObject (hdc=0x520107f4, type=0x1) returned 0xb00017
[0263.095] GetCurrentObject (hdc=0x520107f4, type=0x2) returned 0x900010
[0263.096] GetCurrentObject (hdc=0x520107f4, type=0x7) returned 0x4a0507fe
[0263.096] GetCurrentObject (hdc=0x520107f4, type=0x6) returned 0x8a01c2
[0263.096] SaveDC (hdc=0x520107f4) returned 1
[0263.096] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x73040807
[0263.096] GetClipRgn (hdc=0x520107f4, hrgn=0x73040807) returned 0
[0263.096] SelectClipRgn (hdc=0x520107f4, hrgn=0x80407de) returned 2
[0263.096] DeleteObject (ho=0x73040807) returned 1
[0263.096] DeleteObject (ho=0x80407de) returned 1
[0263.096] OffsetViewportOrgEx (in: hdc=0x520107f4, x=0, y=0, lppt=0x2ec26ec | out: lppt=0x2ec26ec) returned 1
[0263.096] IsAppThemed () returned 0x1
[0263.096] GetThemeAppProperties () returned 0x3
[0263.096] GetThemeAppProperties () returned 0x3
[0263.096] DrawThemeBackground () returned 0x0
[0263.096] RestoreDC (hdc=0x520107f4, nSavedDC=-1) returned 1
[0263.096] GdipReleaseDC (graphics=0x6600030, hdc=0x520107f4) returned 0x0
[0263.097] GdipCreateRegion (region=0xd7e484) returned 0x0
[0263.097] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0263.097] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0263.097] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0263.097] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e49c) returned 0x0
[0263.097] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.097] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0263.097] LocalFree (hMem=0x11ee788) returned 0x0
[0263.097] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0263.097] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eecc8) returned 0x0
[0263.097] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.097] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0263.097] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0263.097] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0263.097] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0263.097] GdipDeleteRegion (region=0x6645128) returned 0x0
[0263.097] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0263.097] GetCurrentObject (hdc=0x520107f4, type=0x1) returned 0xb00017
[0263.098] GetCurrentObject (hdc=0x520107f4, type=0x2) returned 0x900010
[0263.098] GetCurrentObject (hdc=0x520107f4, type=0x7) returned 0x4a0507fe
[0263.098] GetCurrentObject (hdc=0x520107f4, type=0x6) returned 0x8a01c2
[0263.098] SaveDC (hdc=0x520107f4) returned 1
[0263.098] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90407de
[0263.098] GetClipRgn (hdc=0x520107f4, hrgn=0x90407de) returned 0
[0263.098] SelectClipRgn (hdc=0x520107f4, hrgn=0x74040807) returned 2
[0263.098] DeleteObject (ho=0x90407de) returned 1
[0263.098] DeleteObject (ho=0x74040807) returned 1
[0263.098] OffsetViewportOrgEx (in: hdc=0x520107f4, x=0, y=0, lppt=0x2ec29c0 | out: lppt=0x2ec29c0) returned 1
[0263.098] IsAppThemed () returned 0x1
[0263.098] GetThemeAppProperties () returned 0x3
[0263.098] GetThemeAppProperties () returned 0x3
[0263.098] GetThemeBackgroundContentRect () returned 0x0
[0263.098] RestoreDC (hdc=0x520107f4, nSavedDC=-1) returned 1
[0263.098] GdipReleaseDC (graphics=0x6600030, hdc=0x520107f4) returned 0x0
[0263.098] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0263.099] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0263.099] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0263.099] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0263.099] IsAppThemed () returned 0x1
[0263.099] GetThemeAppProperties () returned 0x3
[0263.099] GetThemeAppProperties () returned 0x3
[0263.099] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0263.099] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0263.099] GetCurrentObject (hdc=0x520107f4, type=0x1) returned 0xb00017
[0263.099] GetCurrentObject (hdc=0x520107f4, type=0x2) returned 0x900010
[0263.099] GetCurrentObject (hdc=0x520107f4, type=0x7) returned 0x4a0507fe
[0263.099] GetCurrentObject (hdc=0x520107f4, type=0x6) returned 0x8a01c2
[0263.099] SaveDC (hdc=0x520107f4) returned 1
[0263.099] GetTextAlign (hdc=0x520107f4) returned 0x0
[0263.099] GetTextColor (hdc=0x520107f4) returned 0x0
[0263.099] GetCurrentObject (hdc=0x520107f4, type=0x6) returned 0x8a01c2
[0263.100] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0263.100] SelectObject (hdc=0x520107f4, h=0x6d0a0520) returned 0x8a01c2
[0263.100] GetBkMode (hdc=0x520107f4) returned 2
[0263.100] SetBkMode (hdc=0x520107f4, mode=1) returned 2
[0263.100] DrawTextExW (in: hdc=0x520107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ec2d84 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0263.100] DrawTextExW (in: hdc=0x520107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ec2d84 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0263.101] RestoreDC (hdc=0x520107f4, nSavedDC=-1) returned 1
[0263.101] GdipReleaseDC (graphics=0x6600030, hdc=0x520107f4) returned 0x0
[0263.101] GetFocus () returned 0x602c4
[0263.101] IsAppThemed () returned 0x1
[0263.101] GetThemeAppProperties () returned 0x3
[0263.101] GetThemeAppProperties () returned 0x3
[0263.101] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0263.101] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x520107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.101] GdipReleaseDC (graphics=0x6600030, hdc=0x520107f4) returned 0x0
[0263.101] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.102] SelectObject (hdc=0x520107f4, h=0x85000f) returned 0x4a0507fe
[0263.102] DeleteDC (hdc=0x520107f4) returned 1
[0263.102] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.102] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0263.102] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.102] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.102] WaitMessage () returned 1
[0263.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.170] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.170] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.170] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.170] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.170] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.171] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.171] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.171] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.171] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x90014) returned 0x0
[0263.171] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.171] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.171] WaitMessage () returned 1
[0263.299] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000ef) returned 0x1
[0263.299] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.299] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000ef) returned 0x1
[0263.299] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0263.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19b0031) returned 0x0
[0263.300] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0263.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0263.300] SetCursor (hCursor=0x10003) returned 0x10003
[0263.300] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.300] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.300] GetKeyState (nVirtKey=1) returned -128
[0263.300] GetKeyState (nVirtKey=2) returned 0
[0263.300] GetKeyState (nVirtKey=4) returned 0
[0263.300] GetKeyState (nVirtKey=5) returned 0
[0263.300] GetKeyState (nVirtKey=6) returned 0
[0263.300] IsWindowVisible (hWnd=0x602c4) returned 1
[0263.300] IsWindowEnabled (hWnd=0x602c4) returned 1
[0263.300] SetFocus (hWnd=0x602c4) returned 0x602c4
[0263.300] GetFocus () returned 0x602c4
[0263.300] GetFocus () returned 0x602c4
[0263.301] GetFocus () returned 0x602c4
[0263.301] GetKeyState (nVirtKey=1) returned -128
[0263.301] GetKeyState (nVirtKey=2) returned 0
[0263.301] GetKeyState (nVirtKey=4) returned 0
[0263.301] GetKeyState (nVirtKey=5) returned 0
[0263.301] GetKeyState (nVirtKey=6) returned 0
[0263.301] GetCapture () returned 0x0
[0263.301] SetCapture (hWnd=0x602c4) returned 0x0
[0263.301] GetKeyState (nVirtKey=1) returned -128
[0263.301] GetKeyState (nVirtKey=2) returned 0
[0263.301] GetKeyState (nVirtKey=4) returned 0
[0263.301] GetKeyState (nVirtKey=5) returned 0
[0263.301] GetKeyState (nVirtKey=6) returned 0
[0263.301] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0263.301] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0263.301] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.301] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.301] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.301] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.302] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.302] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ec2f08, cPoints=0x1 | out: lpPoints=0x2ec2f08) returned 40304859
[0263.302] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0263.302] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0263.302] UpdateWindow (hWnd=0x602c4) returned 1
[0263.302] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0263.302] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.302] CreateCompatibleDC (hdc=0xf0105ee) returned 0x530107f4
[0263.302] SelectObject (hdc=0x530107f4, h=0x4a0507fe) returned 0x85000f
[0263.302] GdipCreateFromHDC (hdc=0x530107f4, graphics=0xd7e430) returned 0x0
[0263.302] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.303] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0263.303] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0263.303] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0263.303] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e490) returned 0x0
[0263.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.303] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0263.303] LocalFree (hMem=0x11ee788) returned 0x0
[0263.303] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0263.303] GdipCreateRegion (region=0xd7e478) returned 0x0
[0263.303] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0263.303] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e484) returned 0x0
[0263.303] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0263.303] GdipRestoreGraphics (graphics=0x6600030, state=0xf79e0dbd) returned 0x0
[0263.303] GdipDeleteRegion (region=0x6645908) returned 0x0
[0263.303] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0263.303] GetCurrentObject (hdc=0x530107f4, type=0x1) returned 0xb00017
[0263.304] GetCurrentObject (hdc=0x530107f4, type=0x2) returned 0x900010
[0263.304] GetCurrentObject (hdc=0x530107f4, type=0x7) returned 0x4a0507fe
[0263.304] GetCurrentObject (hdc=0x530107f4, type=0x6) returned 0x8a01c2
[0263.304] SaveDC (hdc=0x530107f4) returned 1
[0263.304] GetNearestColor (hdc=0x530107f4, color=0xff) returned 0xff
[0263.304] GetNearestColor (hdc=0x530107f4, color=0x55) returned 0x55
[0263.304] GetNearestColor (hdc=0x530107f4, color=0x0) returned 0x0
[0263.304] GetNearestColor (hdc=0x530107f4, color=0x55) returned 0x55
[0263.304] GetNearestColor (hdc=0x530107f4, color=0x0) returned 0x0
[0263.304] GetNearestColor (hdc=0x530107f4, color=0x8080ff) returned 0x8080ff
[0263.304] GetNearestColor (hdc=0x530107f4, color=0x7373e5) returned 0x7373e5
[0263.304] GetNearestColor (hdc=0x530107f4, color=0xe5) returned 0xe5
[0263.304] GetNearestColor (hdc=0x530107f4, color=0x0) returned 0x0
[0263.305] RestoreDC (hdc=0x530107f4, nSavedDC=-1) returned 1
[0263.305] GdipReleaseDC (graphics=0x6600030, hdc=0x530107f4) returned 0x0
[0263.305] IsAppThemed () returned 0x1
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] IsAppThemed () returned 0x1
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2ec3624 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0263.305] IsAppThemed () returned 0x1
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] IsAppThemed () returned 0x1
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] GetThemeAppProperties () returned 0x3
[0263.305] IsAppThemed () returned 0x1
[0263.305] GetThemeAppProperties () returned 0x3
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] IsAppThemed () returned 0x1
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] IsThemePartDefined () returned 0x1
[0263.306] IsAppThemed () returned 0x1
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.306] IsAppThemed () returned 0x1
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] IsAppThemed () returned 0x1
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] GetThemeAppProperties () returned 0x3
[0263.306] IsThemePartDefined () returned 0x1
[0263.306] GdipCreateRegion (region=0xd7e194) returned 0x0
[0263.306] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0263.306] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0263.306] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0263.306] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e1ac) returned 0x0
[0263.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.306] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0263.306] LocalFree (hMem=0x11eec58) returned 0x0
[0263.306] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.306] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0263.307] LocalFree (hMem=0x11ee788) returned 0x0
[0263.307] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0263.307] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0263.307] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0263.307] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0263.307] GdipDeleteRegion (region=0x6645128) returned 0x0
[0263.307] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0263.307] GetCurrentObject (hdc=0x530107f4, type=0x1) returned 0xb00017
[0263.307] GetCurrentObject (hdc=0x530107f4, type=0x2) returned 0x900010
[0263.307] GetCurrentObject (hdc=0x530107f4, type=0x7) returned 0x4a0507fe
[0263.307] GetCurrentObject (hdc=0x530107f4, type=0x6) returned 0x8a01c2
[0263.307] SaveDC (hdc=0x530107f4) returned 1
[0263.307] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x75040807
[0263.307] GetClipRgn (hdc=0x530107f4, hrgn=0x75040807) returned 0
[0263.307] SelectClipRgn (hdc=0x530107f4, hrgn=0xd0407de) returned 2
[0263.307] DeleteObject (ho=0x75040807) returned 1
[0263.307] DeleteObject (ho=0xd0407de) returned 1
[0263.307] OffsetViewportOrgEx (in: hdc=0x530107f4, x=0, y=0, lppt=0x2ec3cd4 | out: lppt=0x2ec3cd4) returned 1
[0263.308] DrawThemeParentBackground () returned 0x0
[0263.308] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0263.308] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0263.308] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.308] GetSystemMetrics (nIndex=42) returned 0
[0263.308] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0263.308] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0263.308] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0263.308] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0263.308] SelectPalette (hdc=0x530107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.308] GdipCreateFromHDC (hdc=0x530107f4, graphics=0xd7dc88) returned 0x0
[0263.308] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0263.308] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0263.308] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638b18) returned 0x0
[0263.308] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc60) returned 0x0
[0263.309] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0263.309] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0263.309] GdipGetClip (graphics=0x6656960, region=0x6645248) returned 0x0
[0263.309] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6656960, result=0xd7dc54) returned 0x0
[0263.309] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.309] GdipSaveGraphics (graphics=0x6656960, state=0xd7dc80) returned 0x0
[0263.309] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0263.315] GdipFillRectangleI (graphics=0x6656960, brush=0x6635a70, x=0, y=0, width=801, height=453) returned 0x0
[0263.315] GdipDeleteBrush (brush=0x6635a70) returned 0x0
[0263.316] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0263.316] SelectPalette (hdc=0x530107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.317] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.317] GetSystemMetrics (nIndex=42) returned 0
[0263.317] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0263.317] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0263.317] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0263.317] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0263.317] SelectPalette (hdc=0x530107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.317] GdipCreateFromHDC (hdc=0x530107f4, graphics=0xd7dc28) returned 0x0
[0263.317] GdipSetPageUnit (graphics=0x6656960, unit=0x2) returned 0x0
[0263.317] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0263.317] GdipGetWorldTransform (graphics=0x6656960, matrix=0x6638cf8) returned 0x0
[0263.317] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0263.317] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0263.317] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0263.317] GdipGetClip (graphics=0x6656960, region=0x6645878) returned 0x0
[0263.317] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6656960, result=0xd7dbf4) returned 0x0
[0263.318] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.318] GdipSaveGraphics (graphics=0x6656960, state=0xd7dc20) returned 0x0
[0263.318] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0263.323] GdipFillRectangleI (graphics=0x6656960, brush=0x6635590, x=0, y=0, width=801, height=453) returned 0x0
[0263.323] GdipDeleteBrush (brush=0x6635590) returned 0x0
[0263.324] GdipRestoreGraphics (graphics=0x6656960, state=0xf79a0dbd) returned 0x0
[0263.324] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.324] GetSystemMetrics (nIndex=42) returned 0
[0263.324] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0263.324] GdipDeleteGraphics (graphics=0x6656960) returned 0x0
[0263.324] SelectPalette (hdc=0x530107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.325] RestoreDC (hdc=0x530107f4, nSavedDC=-1) returned 1
[0263.325] GdipReleaseDC (graphics=0x6600030, hdc=0x530107f4) returned 0x0
[0263.325] IsAppThemed () returned 0x1
[0263.325] GetThemeAppProperties () returned 0x3
[0263.325] GetThemeAppProperties () returned 0x3
[0263.325] IsAppThemed () returned 0x1
[0263.325] GetThemeAppProperties () returned 0x3
[0263.325] GetThemeAppProperties () returned 0x3
[0263.325] IsThemePartDefined () returned 0x1
[0263.325] GdipCreateRegion (region=0xd7e118) returned 0x0
[0263.325] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0263.325] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0263.325] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0263.325] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e130) returned 0x0
[0263.325] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0263.325] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0263.326] LocalFree (hMem=0x11ee8d8) returned 0x0
[0263.326] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.326] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0263.326] LocalFree (hMem=0x11ee868) returned 0x0
[0263.326] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0263.326] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e158) returned 0x0
[0263.326] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e148) returned 0x0
[0263.326] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0263.326] GdipDeleteRegion (region=0x6645908) returned 0x0
[0263.326] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0263.326] GetCurrentObject (hdc=0x530107f4, type=0x1) returned 0xb00017
[0263.326] GetCurrentObject (hdc=0x530107f4, type=0x2) returned 0x900010
[0263.326] GetCurrentObject (hdc=0x530107f4, type=0x7) returned 0x4a0507fe
[0263.326] GetCurrentObject (hdc=0x530107f4, type=0x6) returned 0x8a01c2
[0263.326] SaveDC (hdc=0x530107f4) returned 1
[0263.326] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe0407de
[0263.326] GetClipRgn (hdc=0x530107f4, hrgn=0xe0407de) returned 0
[0263.326] SelectClipRgn (hdc=0x530107f4, hrgn=0x77040807) returned 2
[0263.326] DeleteObject (ho=0xe0407de) returned 1
[0263.326] DeleteObject (ho=0x77040807) returned 1
[0263.327] OffsetViewportOrgEx (in: hdc=0x530107f4, x=0, y=0, lppt=0x2eca524 | out: lppt=0x2eca524) returned 1
[0263.327] IsAppThemed () returned 0x1
[0263.327] GetThemeAppProperties () returned 0x3
[0263.327] GetThemeAppProperties () returned 0x3
[0263.327] DrawThemeBackground () returned 0x0
[0263.327] RestoreDC (hdc=0x530107f4, nSavedDC=-1) returned 1
[0263.327] GdipReleaseDC (graphics=0x6600030, hdc=0x530107f4) returned 0x0
[0263.327] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0263.327] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0263.327] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0263.327] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0263.327] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e134) returned 0x0
[0263.327] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.327] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0263.327] LocalFree (hMem=0x11eec58) returned 0x0
[0263.327] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0263.327] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0263.327] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.327] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0263.327] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0263.327] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0263.328] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0263.328] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.328] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0263.328] GetCurrentObject (hdc=0x530107f4, type=0x1) returned 0xb00017
[0263.328] GetCurrentObject (hdc=0x530107f4, type=0x2) returned 0x900010
[0263.328] GetCurrentObject (hdc=0x530107f4, type=0x7) returned 0x4a0507fe
[0263.328] GetCurrentObject (hdc=0x530107f4, type=0x6) returned 0x8a01c2
[0263.328] SaveDC (hdc=0x530107f4) returned 1
[0263.328] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x78040807
[0263.328] GetClipRgn (hdc=0x530107f4, hrgn=0x78040807) returned 0
[0263.328] SelectClipRgn (hdc=0x530107f4, hrgn=0xf0407de) returned 2
[0263.328] DeleteObject (ho=0x78040807) returned 1
[0263.328] DeleteObject (ho=0xf0407de) returned 1
[0263.328] OffsetViewportOrgEx (in: hdc=0x530107f4, x=0, y=0, lppt=0x2eca7f8 | out: lppt=0x2eca7f8) returned 1
[0263.328] IsAppThemed () returned 0x1
[0263.328] GetThemeAppProperties () returned 0x3
[0263.328] GetThemeAppProperties () returned 0x3
[0263.328] GetThemeBackgroundContentRect () returned 0x0
[0263.328] RestoreDC (hdc=0x530107f4, nSavedDC=-1) returned 1
[0263.328] GdipReleaseDC (graphics=0x6600030, hdc=0x530107f4) returned 0x0
[0263.328] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0263.329] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0263.329] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0263.329] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0263.329] IsAppThemed () returned 0x1
[0263.329] GetThemeAppProperties () returned 0x3
[0263.329] GetThemeAppProperties () returned 0x3
[0263.329] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0263.329] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0263.329] GetCurrentObject (hdc=0x530107f4, type=0x1) returned 0xb00017
[0263.329] GetCurrentObject (hdc=0x530107f4, type=0x2) returned 0x900010
[0263.329] GetCurrentObject (hdc=0x530107f4, type=0x7) returned 0x4a0507fe
[0263.329] GetCurrentObject (hdc=0x530107f4, type=0x6) returned 0x8a01c2
[0263.329] SaveDC (hdc=0x530107f4) returned 1
[0263.329] GetTextAlign (hdc=0x530107f4) returned 0x0
[0263.329] GetTextColor (hdc=0x530107f4) returned 0x0
[0263.329] GetCurrentObject (hdc=0x530107f4, type=0x6) returned 0x8a01c2
[0263.329] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0263.329] SelectObject (hdc=0x530107f4, h=0x6d0a0520) returned 0x8a01c2
[0263.330] GetBkMode (hdc=0x530107f4) returned 2
[0263.330] SetBkMode (hdc=0x530107f4, mode=1) returned 2
[0263.330] DrawTextExW (in: hdc=0x530107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2ecabbc | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0263.330] DrawTextExW (in: hdc=0x530107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2ecabbc | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0263.330] RestoreDC (hdc=0x530107f4, nSavedDC=-1) returned 1
[0263.330] GdipReleaseDC (graphics=0x6600030, hdc=0x530107f4) returned 0x0
[0263.330] GetFocus () returned 0x602c4
[0263.330] IsAppThemed () returned 0x1
[0263.330] GetThemeAppProperties () returned 0x3
[0263.330] GetThemeAppProperties () returned 0x3
[0263.331] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0263.331] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x530107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.331] GdipReleaseDC (graphics=0x6600030, hdc=0x530107f4) returned 0x0
[0263.331] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.331] SelectObject (hdc=0x530107f4, h=0x85000f) returned 0x4a0507fe
[0263.331] DeleteDC (hdc=0x530107f4) returned 1
[0263.331] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.331] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0263.331] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ecacb8, cPoints=0x1 | out: lpPoints=0x2ecacb8) returned 40304859
[0263.331] WindowFromPoint (Point=0xef) returned 0x602c4
[0263.331] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000ef) returned 0x1
[0263.332] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0263.332] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0263.332] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0263.332] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0263.332] GetSystemMetrics (nIndex=42) returned 0
[0263.332] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0263.332] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0263.333] GetCapture () returned 0x602c4
[0263.333] ReleaseCapture () returned 1
[0263.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0263.334] GetProcessWindowStation () returned 0x13c
[0263.334] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.334] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0263.334] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.334] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0263.334] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.335] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0263.335] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.335] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0263.335] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.335] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0263.335] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.335] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0263.335] GetDC (hWnd=0x0) returned 0x10105d6
[0263.335] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0263.336] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0263.336] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.336] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0263.336] GetSystemMetrics (nIndex=5) returned 1
[0263.336] GetSystemMetrics (nIndex=6) returned 1
[0263.336] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.336] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0263.336] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.337] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0263.339] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0263.339] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0263.339] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.339] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0263.339] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.340] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0263.340] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2ed06d4 | out: lpData=0x2ed06d4) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed0ae4, puLen=0xd7e810) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed078c, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed07e0, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0860, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed08c8, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0908, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0990, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed09cc, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0a24, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0a54, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed0a90, puLen=0xd7e790) returned 1
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed0ae4, puLen=0xd7e784) returned 1
[0263.342] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.342] VerQueryValueW (in: pBlock=0x2ed06d4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed06fc, puLen=0xd7e794) returned 1
[0263.343] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0263.343] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0263.343] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.343] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0263.343] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.343] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0263.343] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2ed2644 | out: lpData=0x2ed2644) returned 1
[0263.343] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed26e0, puLen=0xd7e810) returned 1
[0263.343] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2758, puLen=0xd7e790) returned 1
[0263.343] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2788, puLen=0xd7e790) returned 1
[0263.343] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed27c4, puLen=0xd7e790) returned 1
[0263.343] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed27f4, puLen=0xd7e790) returned 1
[0263.343] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed283c, puLen=0xd7e790) returned 1
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed28b4, puLen=0xd7e790) returned 1
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed28f8, puLen=0xd7e790) returned 1
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2938, puLen=0xd7e790) returned 1
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2736, puLen=0xd7e790) returned 1
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed2884, puLen=0xd7e790) returned 1
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed26e0, puLen=0xd7e784) returned 1
[0263.344] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0263.344] VerQueryValueW (in: pBlock=0x2ed2644, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed266c, puLen=0xd7e794) returned 1
[0263.345] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0263.345] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0263.345] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.345] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0263.345] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.345] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0263.345] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2ed491c | out: lpData=0x2ed491c) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed4d30, puLen=0xd7e810) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed49d4, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4a28, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4a84, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4ae4, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4b3c, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4bc4, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4c18, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4c70, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4ca0, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed4cdc, puLen=0xd7e790) returned 1
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed4d30, puLen=0xd7e784) returned 1
[0263.346] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.346] VerQueryValueW (in: pBlock=0x2ed491c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed4944, puLen=0xd7e794) returned 1
[0263.347] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0263.347] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0263.347] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.347] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0263.347] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.347] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0263.348] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2ed6f54 | out: lpData=0x2ed6f54) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed7354, puLen=0xd7e810) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed700c, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed7060, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed70a0, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed7108, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed7160, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed71e8, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed723c, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed7294, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed72c4, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed7300, puLen=0xd7e790) returned 1
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed7354, puLen=0xd7e784) returned 1
[0263.349] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.349] VerQueryValueW (in: pBlock=0x2ed6f54, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed6f7c, puLen=0xd7e794) returned 1
[0263.350] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0263.350] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0263.350] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.350] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0263.350] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.350] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0263.351] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2ed9690 | out: lpData=0x2ed9690) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ed9a58, puLen=0xd7e810) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed9748, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed979c, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed97dc, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed9844, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed9880, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed9908, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed9940, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed9998, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed99c8, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ed9a04, puLen=0xd7e790) returned 1
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ed9a58, puLen=0xd7e784) returned 1
[0263.352] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.352] VerQueryValueW (in: pBlock=0x2ed9690, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ed96b8, puLen=0xd7e794) returned 1
[0263.353] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0263.353] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0263.353] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.353] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0263.353] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.353] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0263.354] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2edccf8 | out: lpData=0x2edccf8) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2edd0d8, puLen=0xd7e810) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edcdb0, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edce04, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edce44, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edcea4, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edcef0, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edcf78, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edcfc0, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd018, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd048, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edd084, puLen=0xd7e790) returned 1
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2edd0d8, puLen=0xd7e784) returned 1
[0263.355] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.355] VerQueryValueW (in: pBlock=0x2edccf8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2edcd20, puLen=0xd7e794) returned 1
[0263.356] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0263.356] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0263.356] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.356] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0263.356] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.356] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0263.357] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2edf518 | out: lpData=0x2edf518) returned 1
[0263.357] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2edf924, puLen=0xd7e810) returned 1
[0263.357] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf5d0, puLen=0xd7e790) returned 1
[0263.357] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf624, puLen=0xd7e790) returned 1
[0263.357] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf678, puLen=0xd7e790) returned 1
[0263.357] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf6d8, puLen=0xd7e790) returned 1
[0263.357] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf730, puLen=0xd7e790) returned 1
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf7b8, puLen=0xd7e790) returned 1
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf80c, puLen=0xd7e790) returned 1
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf864, puLen=0xd7e790) returned 1
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf894, puLen=0xd7e790) returned 1
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2edf8d0, puLen=0xd7e790) returned 1
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2edf924, puLen=0xd7e784) returned 1
[0263.358] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.358] VerQueryValueW (in: pBlock=0x2edf518, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2edf540, puLen=0xd7e794) returned 1
[0263.359] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0263.359] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0263.359] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.359] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0263.359] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.359] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0263.359] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2ee1d2c | out: lpData=0x2ee1d2c) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ee2104, puLen=0xd7e810) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee1de4, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee1e38, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee1e78, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee1ee0, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee1f24, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee1fac, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee1fec, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee2044, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee2074, puLen=0xd7e790) returned 1
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.360] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee20b0, puLen=0xd7e790) returned 1
[0263.361] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.361] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ee2104, puLen=0xd7e784) returned 1
[0263.361] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.361] VerQueryValueW (in: pBlock=0x2ee1d2c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ee1d54, puLen=0xd7e794) returned 1
[0263.361] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0263.361] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0263.361] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.361] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0263.362] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.362] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0263.362] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2ee4284 | out: lpData=0x2ee4284) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ee465c, puLen=0xd7e810) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee433c, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee4390, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee43d0, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee4438, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee447c, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee4504, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee4544, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee459c, puLen=0xd7e790) returned 1
[0263.363] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee45cc, puLen=0xd7e790) returned 1
[0263.364] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.364] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee4608, puLen=0xd7e790) returned 1
[0263.364] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.364] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ee465c, puLen=0xd7e784) returned 1
[0263.364] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.364] VerQueryValueW (in: pBlock=0x2ee4284, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ee42ac, puLen=0xd7e794) returned 1
[0263.365] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0263.365] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0263.365] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0263.365] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0263.365] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0263.365] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0263.366] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2ee69bc | out: lpData=0x2ee69bc) returned 1
[0263.366] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ee6dec, puLen=0xd7e810) returned 1
[0263.366] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6a74, puLen=0xd7e790) returned 1
[0263.366] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6ac8, puLen=0xd7e790) returned 1
[0263.366] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6b38, puLen=0xd7e790) returned 1
[0263.366] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6b98, puLen=0xd7e790) returned 1
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6bf4, puLen=0xd7e790) returned 1
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6c7c, puLen=0xd7e790) returned 1
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6cd4, puLen=0xd7e790) returned 1
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6d2c, puLen=0xd7e790) returned 1
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6d5c, puLen=0xd7e790) returned 1
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ee6d98, puLen=0xd7e790) returned 1
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ee6dec, puLen=0xd7e784) returned 1
[0263.367] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0263.367] VerQueryValueW (in: pBlock=0x2ee69bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ee69e4, puLen=0xd7e794) returned 1
[0263.367] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0263.368] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.368] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0263.368] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.368] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.368] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e02ce
[0263.369] SetWindowLongW (hWnd=0x1e02ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0263.369] GetWindowLongW (hWnd=0x1e02ce, nIndex=-4) returned 1950089536
[0263.369] SetWindowLongW (hWnd=0x1e02ce, nIndex=-4, dwNewLong=19951070) returned 1950089536
[0263.369] GetWindowLongW (hWnd=0x1e02ce, nIndex=-4) returned 19951070
[0263.369] GetWindowLongW (hWnd=0x1e02ce, nIndex=-16) returned 113311744
[0263.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0263.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0263.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0263.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0263.371] GetClientRect (in: hWnd=0x1e02ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0263.371] GetWindowRect (in: hWnd=0x1e02ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0263.371] SetWindowTextW (hWnd=0x1e02ce, lpString="WindowsFormsParkingWindow") returned 1
[0263.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0xc, wParam=0x0, lParam=0x2eabf6c) returned 0x1
[0263.371] GetParent (hWnd=0x1e02ce) returned 0x0
[0263.372] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.372] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x1e02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2802de
[0263.373] SetWindowLongW (hWnd=0x2802de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0263.374] GetWindowLongW (hWnd=0x2802de, nIndex=-4) returned 1868147648
[0263.374] SetWindowLongW (hWnd=0x2802de, nIndex=-4, dwNewLong=19950910) returned 1868147648
[0263.374] GetWindowLongW (hWnd=0x2802de, nIndex=-4) returned 19950910
[0263.374] GetWindowLongW (hWnd=0x2802de, nIndex=-16) returned 1174405133
[0263.374] GetWindowLongW (hWnd=0x2802de, nIndex=-12) returned 0
[0263.374] SetWindowLongW (hWnd=0x2802de, nIndex=-12, dwNewLong=2622174) returned 0
[0263.374] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0263.375] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0263.375] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0263.375] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0263.375] GetWindowRect (in: hWnd=0x2802de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0263.375] GetParent (hWnd=0x2802de) returned 0x1e02ce
[0263.375] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02ce, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0263.376] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0263.376] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0263.376] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0263.376] GetWindowRect (in: hWnd=0x2802de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0263.376] GetParent (hWnd=0x2802de) returned 0x1e02ce
[0263.376] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02ce, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0263.376] SendMessageW (hWnd=0x2802de, Msg=0x2210, wParam=0x2de0001, lParam=0x2802de) returned 0x0
[0263.376] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x2210, wParam=0x2de0001, lParam=0x2802de) returned 0x0
[0263.376] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.377] GetParent (hWnd=0x2802de) returned 0x1e02ce
[0263.377] GdipCreateFromHWND (hwnd=0x2802de, graphics=0xd7e844) returned 0x0
[0263.377] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0263.377] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.377] GetForegroundWindow () returned 0x602c4
[0263.378] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.378] GetCursorPos (in: lpPoint=0x2eeacc8 | out: lpPoint=0x2eeacc8*(x=239, y=624)) returned 1
[0263.378] MonitorFromPoint (pt=0xef, dwFlags=0x270) returned 0x10001
[0263.378] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0263.378] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x560107f4
[0263.378] GetDeviceCaps (hdc=0x560107f4, index=12) returned 32
[0263.378] GetDeviceCaps (hdc=0x560107f4, index=14) returned 1
[0263.378] DeleteDC (hdc=0x560107f4) returned 1
[0263.378] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0263.378] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0263.378] GetSystemMetrics (nIndex=59) returned 1460
[0263.378] GetSystemMetrics (nIndex=60) returned 920
[0263.378] GetSystemMetrics (nIndex=34) returned 136
[0263.378] GetSystemMetrics (nIndex=35) returned 39
[0263.379] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.379] GetCursorPos (in: lpPoint=0x2eeaf34 | out: lpPoint=0x2eeaf34*(x=239, y=624)) returned 1
[0263.379] MonitorFromPoint (pt=0xf0, dwFlags=0x26f) returned 0x10001
[0263.379] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0263.379] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x570107f4
[0263.379] GetDeviceCaps (hdc=0x570107f4, index=12) returned 32
[0263.379] GetDeviceCaps (hdc=0x570107f4, index=14) returned 1
[0263.379] DeleteDC (hdc=0x570107f4) returned 1
[0263.379] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0263.379] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0263.380] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.380] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0263.380] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2eeb1cc | out: piconinfo=0x2eeb1cc) returned 1
[0263.380] GetObjectW (in: h=0x280507d3, c=24, pv=0x2eeb1e8 | out: pv=0x2eeb1e8) returned 24
[0263.380] GdipCreateBitmapFromHBITMAP (hbm=0x280507d3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0263.380] GdipGetImageWidth (image=0x6602da0, width=0xd7e750) returned 0x0
[0263.380] GdipGetImageHeight (image=0x6602da0, height=0xd7e748) returned 0x0
[0263.380] GdipGetImagePixelFormat (image=0x6602da0, format=0xd7e740) returned 0x0
[0263.380] GdipBitmapLockBits (bitmap=0x6602da0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2eeb2a0) returned 0x0
[0263.380] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0263.381] GdipBitmapLockBits (bitmap=0x6603778, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2eeb2d8) returned 0x0
[0263.381] RtlMoveMemory (in: Destination=0x665ff50, Source=0x6663ee8, Length=0x80 | out: Destination=0x665ff50)
[0263.381] RtlMoveMemory (in: Destination=0x665ffd0, Source=0x6663e68, Length=0x80 | out: Destination=0x665ffd0)
[0263.381] RtlMoveMemory (in: Destination=0x6660050, Source=0x6663de8, Length=0x80 | out: Destination=0x6660050)
[0263.381] RtlMoveMemory (in: Destination=0x66600d0, Source=0x6663d68, Length=0x80 | out: Destination=0x66600d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660150, Source=0x6663ce8, Length=0x80 | out: Destination=0x6660150)
[0263.381] RtlMoveMemory (in: Destination=0x66601d0, Source=0x6663c68, Length=0x80 | out: Destination=0x66601d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660250, Source=0x6663be8, Length=0x80 | out: Destination=0x6660250)
[0263.381] RtlMoveMemory (in: Destination=0x66602d0, Source=0x6663b68, Length=0x80 | out: Destination=0x66602d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660350, Source=0x6663ae8, Length=0x80 | out: Destination=0x6660350)
[0263.381] RtlMoveMemory (in: Destination=0x66603d0, Source=0x6663a68, Length=0x80 | out: Destination=0x66603d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660450, Source=0x66639e8, Length=0x80 | out: Destination=0x6660450)
[0263.381] RtlMoveMemory (in: Destination=0x66604d0, Source=0x6663968, Length=0x80 | out: Destination=0x66604d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660550, Source=0x66638e8, Length=0x80 | out: Destination=0x6660550)
[0263.381] RtlMoveMemory (in: Destination=0x66605d0, Source=0x6663868, Length=0x80 | out: Destination=0x66605d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660650, Source=0x66637e8, Length=0x80 | out: Destination=0x6660650)
[0263.381] RtlMoveMemory (in: Destination=0x66606d0, Source=0x6663768, Length=0x80 | out: Destination=0x66606d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660750, Source=0x66636e8, Length=0x80 | out: Destination=0x6660750)
[0263.381] RtlMoveMemory (in: Destination=0x66607d0, Source=0x6663668, Length=0x80 | out: Destination=0x66607d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660850, Source=0x66635e8, Length=0x80 | out: Destination=0x6660850)
[0263.381] RtlMoveMemory (in: Destination=0x66608d0, Source=0x6663568, Length=0x80 | out: Destination=0x66608d0)
[0263.381] RtlMoveMemory (in: Destination=0x6660950, Source=0x66634e8, Length=0x80 | out: Destination=0x6660950)
[0263.382] RtlMoveMemory (in: Destination=0x66609d0, Source=0x6663468, Length=0x80 | out: Destination=0x66609d0)
[0263.382] RtlMoveMemory (in: Destination=0x6660a50, Source=0x66633e8, Length=0x80 | out: Destination=0x6660a50)
[0263.382] RtlMoveMemory (in: Destination=0x6660ad0, Source=0x6663368, Length=0x80 | out: Destination=0x6660ad0)
[0263.382] RtlMoveMemory (in: Destination=0x6660b50, Source=0x66632e8, Length=0x80 | out: Destination=0x6660b50)
[0263.382] RtlMoveMemory (in: Destination=0x6660bd0, Source=0x6663268, Length=0x80 | out: Destination=0x6660bd0)
[0263.382] RtlMoveMemory (in: Destination=0x6660c50, Source=0x66631e8, Length=0x80 | out: Destination=0x6660c50)
[0263.382] RtlMoveMemory (in: Destination=0x6660cd0, Source=0x6663168, Length=0x80 | out: Destination=0x6660cd0)
[0263.382] RtlMoveMemory (in: Destination=0x6660d50, Source=0x66630e8, Length=0x80 | out: Destination=0x6660d50)
[0263.382] RtlMoveMemory (in: Destination=0x6660dd0, Source=0x6663068, Length=0x80 | out: Destination=0x6660dd0)
[0263.382] RtlMoveMemory (in: Destination=0x6660e50, Source=0x6662fe8, Length=0x80 | out: Destination=0x6660e50)
[0263.382] RtlMoveMemory (in: Destination=0x6660ed0, Source=0x6662f68, Length=0x80 | out: Destination=0x6660ed0)
[0263.382] GdipBitmapUnlockBits (bitmap=0x6602da0, lockedBitmapData=0x2eeb2a0) returned 0x0
[0263.382] GdipBitmapUnlockBits (bitmap=0x6603778, lockedBitmapData=0x2eeb2d8) returned 0x0
[0263.382] GdipDisposeImage (image=0x6602da0) returned 0x0
[0263.382] DeleteObject (ho=0x280507d3) returned 1
[0263.382] DeleteObject (ho=0x580507f4) returned 1
[0263.382] GetCurrentThreadId () returned 0xf50
[0263.382] GetCurrentThreadId () returned 0xf50
[0263.382] SetWindowPos (hWnd=0x2802de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0263.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0263.383] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0263.383] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0263.383] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0263.383] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0263.383] GetWindowRect (in: hWnd=0x2802de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0263.383] GetParent (hWnd=0x2802de) returned 0x1e02ce
[0263.383] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02ce, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0263.383] InvalidateRect (hWnd=0x2802de, lpRect=0x0, bErase=1) returned 1
[0263.383] GetWindowTextLengthW (hWnd=0x2802de) returned 0
[0263.383] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0263.383] GetSystemMetrics (nIndex=42) returned 0
[0263.383] GetWindowTextW (in: hWnd=0x2802de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0263.383] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0263.383] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0263.383] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0263.383] GetWindowRect (in: hWnd=0x2802de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0263.383] GetParent (hWnd=0x2802de) returned 0x1e02ce
[0263.384] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1e02ce, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0263.384] GetWindowTextLengthW (hWnd=0x2802de) returned 0
[0263.384] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0263.384] GetSystemMetrics (nIndex=42) returned 0
[0263.384] GetWindowTextW (in: hWnd=0x2802de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0263.384] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0263.384] GetWindowTextLengthW (hWnd=0x2802de) returned 0
[0263.384] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0263.384] GetSystemMetrics (nIndex=42) returned 0
[0263.384] GetWindowTextW (in: hWnd=0x2802de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0263.384] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0263.384] SetWindowTextW (hWnd=0x2802de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0263.384] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xc, wParam=0x0, lParam=0x2ecc2ac) returned 0x1
[0263.384] InvalidateRect (hWnd=0x2802de, lpRect=0x0, bErase=1) returned 1
[0263.384] GetCurrentThreadId () returned 0xf50
[0263.384] GetWindowThreadProcessId (in: hWnd=0x2802de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0263.385] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0263.385] GdipImageForceValidation (image=0x6601d38) returned 0x0
[0263.387] GdipGetImageRawFormat (image=0x6601d38, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0263.387] GdipGetImageHeight (image=0x6601d38, height=0xd7e824) returned 0x0
[0263.387] GdipGetImageWidth (image=0x6601d38, width=0xd7e824) returned 0x0
[0263.387] GdipGetImageWidth (image=0x6601d38, width=0xd7e810) returned 0x0
[0263.387] GdipGetImageHeight (image=0x6601d38, height=0xd7e810) returned 0x0
[0263.387] GdipGetImageWidth (image=0x6601d38, width=0xd7e800) returned 0x0
[0263.387] GdipGetImageHeight (image=0x6601d38, height=0xd7e800) returned 0x0
[0263.387] GdipBitmapGetPixel (bitmap=0x6601d38, x=0, y=15, color=0xd7e810) returned 0x0
[0263.387] GdipGetImageRawFormat (image=0x6601d38, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0263.387] GdipGetImageWidth (image=0x6601d38, width=0xd7e740) returned 0x0
[0263.387] GdipGetImageHeight (image=0x6601d38, height=0xd7e740) returned 0x0
[0263.387] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0263.387] GdipGetImagePixelFormat (image=0x66030e8, format=0xd7e740) returned 0x0
[0263.387] GdipGetImageGraphicsContext (image=0x66030e8, graphics=0xd7e74c) returned 0x0
[0263.387] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0263.387] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0263.387] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0263.388] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601d38, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0263.389] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0263.389] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.389] GdipDisposeImage (image=0x6601d38) returned 0x0
[0263.389] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0263.390] GdipImageForceValidation (image=0x6603ac0) returned 0x0
[0263.391] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0263.391] GdipGetImageHeight (image=0x6603ac0, height=0xd7e824) returned 0x0
[0263.391] GdipGetImageWidth (image=0x6603ac0, width=0xd7e824) returned 0x0
[0263.391] GdipGetImageWidth (image=0x6603ac0, width=0xd7e810) returned 0x0
[0263.391] GdipGetImageHeight (image=0x6603ac0, height=0xd7e810) returned 0x0
[0263.391] GdipGetImageWidth (image=0x6603ac0, width=0xd7e800) returned 0x0
[0263.391] GdipGetImageHeight (image=0x6603ac0, height=0xd7e800) returned 0x0
[0263.391] GdipBitmapGetPixel (bitmap=0x6603ac0, x=0, y=15, color=0xd7e810) returned 0x0
[0263.391] GdipGetImageRawFormat (image=0x6603ac0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0263.392] GdipGetImageWidth (image=0x6603ac0, width=0xd7e740) returned 0x0
[0263.392] GdipGetImageHeight (image=0x6603ac0, height=0xd7e740) returned 0x0
[0263.392] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0263.392] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0263.392] GdipGetImageGraphicsContext (image=0x66023c8, graphics=0xd7e74c) returned 0x0
[0263.392] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0263.392] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0263.392] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0263.392] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603ac0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0263.392] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0263.392] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.392] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0263.393] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.393] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0263.393] GetCurrentThreadId () returned 0xf50
[0263.393] GetCurrentThreadId () returned 0xf50
[0263.393] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.393] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0263.393] GetCurrentThreadId () returned 0xf50
[0263.393] GetCurrentThreadId () returned 0xf50
[0263.393] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.393] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0263.393] GetCurrentThreadId () returned 0xf50
[0263.393] GetCurrentThreadId () returned 0xf50
[0263.393] GetSystemMetrics (nIndex=5) returned 1
[0263.393] GetSystemMetrics (nIndex=6) returned 1
[0263.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.394] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0263.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.394] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0263.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.394] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0263.394] GetCurrentThreadId () returned 0xf50
[0263.394] GetCurrentThreadId () returned 0xf50
[0263.394] GetProcessWindowStation () returned 0x13c
[0263.394] GetCapture () returned 0x0
[0263.395] GetActiveWindow () returned 0x7005c
[0263.395] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0263.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.395] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0263.395] GetCursorPos (in: lpPoint=0x2eec418 | out: lpPoint=0x2eec418*(x=239, y=624)) returned 1
[0263.395] MonitorFromPoint (pt=0xef, dwFlags=0x270) returned 0x10001
[0263.395] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0263.395] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x590107f4
[0263.395] GetDeviceCaps (hdc=0x590107f4, index=12) returned 32
[0263.395] GetDeviceCaps (hdc=0x590107f4, index=14) returned 1
[0263.395] DeleteDC (hdc=0x590107f4) returned 1
[0263.395] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0263.396] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.396] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2202c8
[0263.396] SetWindowLongW (hWnd=0x2202c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0263.396] GetWindowLongW (hWnd=0x2202c8, nIndex=-4) returned 1950089536
[0263.396] SetWindowLongW (hWnd=0x2202c8, nIndex=-4, dwNewLong=19951590) returned 1950089536
[0263.397] GetWindowLongW (hWnd=0x2202c8, nIndex=-4) returned 19951590
[0263.397] GetWindowLongW (hWnd=0x2202c8, nIndex=-16) returned 113770496
[0263.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0263.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0263.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0263.398] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0263.399] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0263.399] SetWindowTextW (hWnd=0x2202c8, lpString="Microsoft .NET Framework") returned 1
[0263.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xc, wParam=0x0, lParam=0x2c50f5c) returned 0x1
[0263.399] GetStartupInfoW (in: lpStartupInfo=0x2eec754 | out: lpStartupInfo=0x2eec754*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0263.400] GetParent (hWnd=0x2202c8) returned 0x0
[0263.400] SetWindowLongW (hWnd=0x2202c8, nIndex=-8, dwNewLong=0) returned 0
[0263.401] SendMessageW (hWnd=0x2202c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0263.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0263.401] SendMessageW (hWnd=0x2202c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0263.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0263.401] GetSystemMenu (hWnd=0x2202c8, bRevert=0) returned 0xae020f
[0263.402] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0263.402] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0263.402] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0263.402] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0263.402] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0263.402] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0263.402] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0263.402] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0263.402] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0263.402] SetWindowPos (hWnd=0x2202c8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0263.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0263.403] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2202c8) returned 0x1
[0263.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0263.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0263.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.411] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2202c8, lParam=0x0) returned 0x0
[0263.411] GetCapture () returned 0x0
[0263.411] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0263.412] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0263.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0263.414] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0263.414] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0263.415] GetParent (hWnd=0x2202c8) returned 0x0
[0263.415] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0263.417] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0263.417] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0263.417] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0263.417] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0263.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.419] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.422] GetWindowLongW (hWnd=0x2202c8, nIndex=-16) returned 113770496
[0263.422] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.422] GetSystemMetrics (nIndex=42) returned 0
[0263.422] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0263.422] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.422] GetSystemMetrics (nIndex=42) returned 0
[0263.422] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0263.422] GetCursorPos (in: lpPoint=0x2eeca20 | out: lpPoint=0x2eeca20*(x=239, y=624)) returned 1
[0263.422] MonitorFromPoint (pt=0xef, dwFlags=0x270) returned 0x10001
[0263.422] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0263.422] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xbe0107d0
[0263.423] GetDeviceCaps (hdc=0xbe0107d0, index=12) returned 32
[0263.423] GetDeviceCaps (hdc=0xbe0107d0, index=14) returned 1
[0263.423] DeleteDC (hdc=0xbe0107d0) returned 1
[0263.423] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0263.423] GetWindowLongW (hWnd=0x2202c8, nIndex=-16) returned 113770496
[0263.423] GetWindowLongW (hWnd=0x2202c8, nIndex=-20) returned 327945
[0263.423] SetWindowLongW (hWnd=0x2202c8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0263.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0263.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0263.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.425] SetWindowLongW (hWnd=0x2202c8, nIndex=-20, dwNewLong=327681) returned 327945
[0263.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0263.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0263.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.426] SetWindowPos (hWnd=0x2202c8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0263.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0263.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0263.427] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0263.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0263.427] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0263.427] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0263.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.428] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.429] RedrawWindow (hWnd=0x2202c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0263.429] GetSystemMenu (hWnd=0x2202c8, bRevert=0) returned 0xae020f
[0263.429] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0263.429] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0263.429] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0263.429] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0263.429] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0263.429] EnableMenuItem (hMenu=0xae020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0263.429] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0263.429] GetWindowLongW (hWnd=0x2202c8, nIndex=-8) returned 0
[0263.429] SetWindowLongW (hWnd=0x2202c8, nIndex=-8, dwNewLong=458844) returned 0
[0263.430] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0263.430] GetProcessWindowStation () returned 0x13c
[0263.430] GetCurrentThreadId () returned 0xf50
[0263.431] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306cc6, lParam=0x0) returned 1
[0263.431] IsWindowVisible (hWnd=0x2202c8) returned 0
[0263.431] IsWindowVisible (hWnd=0x7005c) returned 1
[0263.431] IsWindowEnabled (hWnd=0x7005c) returned 1
[0263.431] IsWindowVisible (hWnd=0x300ec) returned 0
[0263.431] IsWindowVisible (hWnd=0x502c6) returned 0
[0263.431] IsWindowVisible (hWnd=0x502be) returned 0
[0263.431] GetActiveWindow () returned 0x2202c8
[0263.431] GetFocus () returned 0x2202c8
[0263.431] IsWindow (hWnd=0x7005c) returned 1
[0263.431] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0263.431] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0263.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0263.432] GetWindowLongW (hWnd=0x2202c8, nIndex=-8) returned 458844
[0263.432] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0263.432] GetCurrentThreadId () returned 0xf50
[0263.432] GetWindowLongW (hWnd=0x2202c8, nIndex=-8) returned 458844
[0263.432] IsWindowEnabled (hWnd=0x7005c) returned 0
[0263.432] IsWindowEnabled (hWnd=0x2202c8) returned 1
[0263.432] ShowWindow (hWnd=0x2202c8, nCmdShow=5) returned 0
[0263.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.432] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0263.432] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.433] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.433] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2202c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1d02d0
[0263.433] SetWindowLongW (hWnd=0x1d02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0263.433] GetWindowLongW (hWnd=0x1d02d0, nIndex=-4) returned 1950089536
[0263.433] SetWindowLongW (hWnd=0x1d02d0, nIndex=-4, dwNewLong=19951230) returned 1950089536
[0263.433] GetWindowLongW (hWnd=0x1d02d0, nIndex=-4) returned 19951230
[0263.433] GetWindowLongW (hWnd=0x1d02d0, nIndex=-16) returned 1174405120
[0263.433] GetWindowLongW (hWnd=0x1d02d0, nIndex=-12) returned 0
[0263.433] SetWindowLongW (hWnd=0x1d02d0, nIndex=-12, dwNewLong=1901264) returned 0
[0263.434] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0263.434] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0263.434] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0263.434] GetWindow (hWnd=0x1d02d0, uCmd=0x3) returned 0x0
[0263.434] GetClientRect (in: hWnd=0x1d02d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0263.434] GetWindowRect (in: hWnd=0x1d02d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0263.434] GetParent (hWnd=0x1d02d0) returned 0x2202c8
[0263.434] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0263.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0263.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0263.435] GetClientRect (in: hWnd=0x1d02d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0263.435] GetWindowRect (in: hWnd=0x1d02d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0263.435] GetParent (hWnd=0x1d02d0) returned 0x2202c8
[0263.435] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0263.435] SendMessageW (hWnd=0x1d02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1d02d0) returned 0x0
[0263.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1d02d0) returned 0x0
[0263.435] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.436] GetParent (hWnd=0x1d02d0) returned 0x2202c8
[0263.436] GetParent (hWnd=0x2802de) returned 0x1e02ce
[0263.436] SetParent (hWndChild=0x2802de, hWndNewParent=0x2202c8) returned 0x1e02ce
[0263.436] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0263.436] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0263.436] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0263.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0263.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0263.437] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0263.437] GetWindowRect (in: hWnd=0x2802de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0263.437] GetParent (hWnd=0x2802de) returned 0x2202c8
[0263.437] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0263.437] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0263.437] GetWindowRect (in: hWnd=0x2802de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0263.437] GetParent (hWnd=0x2802de) returned 0x2202c8
[0263.437] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0263.437] GetParent (hWnd=0x2802de) returned 0x2202c8
[0263.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.437] GetWindow (hWnd=0x2802de, uCmd=0x3) returned 0x0
[0263.437] SetWindowPos (hWnd=0x2802de, hWndInsertAfter=0x1d02d0, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0263.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0263.438] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0263.438] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0263.438] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0263.438] GetWindowRect (in: hWnd=0x2802de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0263.438] GetParent (hWnd=0x2802de) returned 0x2202c8
[0263.438] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0263.438] GetParent (hWnd=0x2802de) returned 0x2202c8
[0263.438] GetWindow (hWnd=0x2802de, uCmd=0x3) returned 0x1d02d0
[0263.438] GetWindowThreadProcessId (in: hWnd=0x2802de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0263.438] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0263.438] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.439] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.439] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2202c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a02d8
[0263.439] SetWindowLongW (hWnd=0x2a02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0263.439] GetWindowLongW (hWnd=0x2a02d8, nIndex=-4) returned 1868032000
[0263.439] SetWindowLongW (hWnd=0x2a02d8, nIndex=-4, dwNewLong=19950950) returned 1868032000
[0263.439] GetWindowLongW (hWnd=0x2a02d8, nIndex=-4) returned 19950950
[0263.439] GetWindowLongW (hWnd=0x2a02d8, nIndex=-16) returned 1174470667
[0263.439] GetWindowLongW (hWnd=0x2a02d8, nIndex=-12) returned 0
[0263.439] SetWindowLongW (hWnd=0x2a02d8, nIndex=-12, dwNewLong=2753240) returned 0
[0263.439] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0263.440] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0263.440] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0263.441] SendMessageW (hWnd=0x2a02d8, Msg=0x2055, wParam=0x2a02d8, lParam=0x3) returned 0x2
[0263.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0263.441] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0263.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0263.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0263.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0263.441] RedrawWindow (hWnd=0x1d02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0263.441] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0263.441] RedrawWindow (hWnd=0x2802de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0263.442] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0263.442] RedrawWindow (hWnd=0x2a02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0263.442] RedrawWindow (hWnd=0x2202c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0263.442] GetWindow (hWnd=0x2a02d8, uCmd=0x3) returned 0x2802de
[0263.442] GetClientRect (in: hWnd=0x2a02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0263.442] GetWindowRect (in: hWnd=0x2a02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0263.442] GetParent (hWnd=0x2a02d8) returned 0x2202c8
[0263.442] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0263.442] SetWindowTextW (hWnd=0x2a02d8, lpString="&Details") returned 1
[0263.442] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0263.443] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0263.443] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0263.443] GetClientRect (in: hWnd=0x2a02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0263.443] GetWindowRect (in: hWnd=0x2a02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0263.443] GetParent (hWnd=0x2a02d8) returned 0x2202c8
[0263.443] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0263.443] SendMessageW (hWnd=0x2a02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2a02d8) returned 0x0
[0263.443] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2a02d8) returned 0x0
[0263.443] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.444] GetParent (hWnd=0x2a02d8) returned 0x2202c8
[0263.444] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0263.444] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.444] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.444] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2202c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2802dc
[0263.444] SetWindowLongW (hWnd=0x2802dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0263.445] GetWindowLongW (hWnd=0x2802dc, nIndex=-4) returned 1868032000
[0263.445] SetWindowLongW (hWnd=0x2802dc, nIndex=-4, dwNewLong=19951670) returned 1868032000
[0263.445] GetWindowLongW (hWnd=0x2802dc, nIndex=-4) returned 19951670
[0263.445] GetWindowLongW (hWnd=0x2802dc, nIndex=-16) returned 1174470667
[0263.445] GetWindowLongW (hWnd=0x2802dc, nIndex=-12) returned 0
[0263.445] SetWindowLongW (hWnd=0x2802dc, nIndex=-12, dwNewLong=2622172) returned 0
[0263.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0263.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0263.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0263.446] SendMessageW (hWnd=0x2802dc, Msg=0x2055, wParam=0x2802dc, lParam=0x3) returned 0x2
[0263.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0263.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0263.447] GetWindow (hWnd=0x2802dc, uCmd=0x3) returned 0x2a02d8
[0263.447] GetClientRect (in: hWnd=0x2802dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0263.447] GetWindowRect (in: hWnd=0x2802dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0263.447] GetParent (hWnd=0x2802dc) returned 0x2202c8
[0263.447] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0263.447] SetWindowTextW (hWnd=0x2802dc, lpString="&Continue") returned 1
[0263.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0263.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0263.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0263.447] GetClientRect (in: hWnd=0x2802dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0263.447] GetWindowRect (in: hWnd=0x2802dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0263.447] GetParent (hWnd=0x2802dc) returned 0x2202c8
[0263.447] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0263.448] SendMessageW (hWnd=0x2802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2802dc) returned 0x0
[0263.448] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2802dc) returned 0x0
[0263.448] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.448] GetParent (hWnd=0x2802dc) returned 0x2202c8
[0263.448] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0263.448] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.448] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.449] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2202c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2802da
[0263.449] SetWindowLongW (hWnd=0x2802da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0263.449] GetWindowLongW (hWnd=0x2802da, nIndex=-4) returned 1868032000
[0263.449] SetWindowLongW (hWnd=0x2802da, nIndex=-4, dwNewLong=19951830) returned 1868032000
[0263.449] GetWindowLongW (hWnd=0x2802da, nIndex=-4) returned 19951830
[0263.449] GetWindowLongW (hWnd=0x2802da, nIndex=-16) returned 1174470667
[0263.449] GetWindowLongW (hWnd=0x2802da, nIndex=-12) returned 0
[0263.449] SetWindowLongW (hWnd=0x2802da, nIndex=-12, dwNewLong=2622170) returned 0
[0263.449] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0263.450] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0263.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0263.458] SendMessageW (hWnd=0x2802da, Msg=0x2055, wParam=0x2802da, lParam=0x3) returned 0x2
[0263.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0263.458] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0263.458] GetWindow (hWnd=0x2802da, uCmd=0x3) returned 0x2802dc
[0263.458] GetClientRect (in: hWnd=0x2802da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0263.458] GetWindowRect (in: hWnd=0x2802da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0263.458] GetParent (hWnd=0x2802da) returned 0x2202c8
[0263.458] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0263.458] SetWindowTextW (hWnd=0x2802da, lpString="&Quit") returned 1
[0263.458] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0263.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0263.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0263.459] GetClientRect (in: hWnd=0x2802da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0263.459] GetWindowRect (in: hWnd=0x2802da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0263.459] GetParent (hWnd=0x2802da) returned 0x2202c8
[0263.459] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0263.459] SendMessageW (hWnd=0x2802da, Msg=0x2210, wParam=0x2da0001, lParam=0x2802da) returned 0x0
[0263.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x2210, wParam=0x2da0001, lParam=0x2802da) returned 0x0
[0263.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.459] GetParent (hWnd=0x2802da) returned 0x2202c8
[0263.459] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0263.460] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.460] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0263.460] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2202c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b00ea
[0263.460] SetWindowLongW (hWnd=0x2b00ea, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0263.461] GetWindowLongW (hWnd=0x2b00ea, nIndex=-4) returned 1868026976
[0263.461] SetWindowLongW (hWnd=0x2b00ea, nIndex=-4, dwNewLong=19951870) returned 1868026976
[0263.461] GetWindowLongW (hWnd=0x2b00ea, nIndex=-4) returned 19951870
[0263.461] GetWindowLongW (hWnd=0x2b00ea, nIndex=-16) returned 1177553092
[0263.461] GetWindowLongW (hWnd=0x2b00ea, nIndex=-12) returned 0
[0263.461] SetWindowLongW (hWnd=0x2b00ea, nIndex=-12, dwNewLong=2818282) returned 0
[0263.461] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0263.462] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0263.463] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0263.477] GetWindow (hWnd=0x2b00ea, uCmd=0x3) returned 0x2802da
[0263.477] GetClientRect (in: hWnd=0x2b00ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0263.477] GetWindowRect (in: hWnd=0x2b00ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0263.477] GetParent (hWnd=0x2b00ea) returned 0x2202c8
[0263.477] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0263.477] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.477] GetSystemMetrics (nIndex=42) returned 0
[0263.477] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0263.478] SendMessageW (hWnd=0x2b00ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0263.478] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0263.486] SetWindowTextW (hWnd=0x2b00ea, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0263.486] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0xc, wParam=0x0, lParam=0x2ee8714) returned 0x1
[0263.488] GetSystemMetrics (nIndex=5) returned 1
[0263.488] GetSystemMetrics (nIndex=6) returned 1
[0263.488] SendMessageW (hWnd=0x2b00ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0263.488] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0263.488] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0263.489] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0263.489] GetClientRect (in: hWnd=0x2b00ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0263.489] GetWindowRect (in: hWnd=0x2b00ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0263.489] GetParent (hWnd=0x2b00ea) returned 0x2202c8
[0263.489] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2202c8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0263.489] SendMessageW (hWnd=0x2b00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2b00ea) returned 0x0
[0263.489] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2b00ea) returned 0x0
[0263.489] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0263.490] GetParent (hWnd=0x2b00ea) returned 0x2202c8
[0263.490] GetWindowLongW (hWnd=0x2202c8, nIndex=-8) returned 458844
[0263.490] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0263.490] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0263.490] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xc50107d0
[0263.490] GetDeviceCaps (hdc=0xc50107d0, index=12) returned 32
[0263.490] GetDeviceCaps (hdc=0xc50107d0, index=14) returned 1
[0263.490] DeleteDC (hdc=0xc50107d0) returned 1
[0263.490] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0263.490] GetWindowThreadProcessId (in: hWnd=0x2202c8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0263.490] GetCurrentThreadId () returned 0xf50
[0263.490] PostMessageW (hWnd=0x2202c8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0263.490] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.490] GetSystemMetrics (nIndex=42) returned 0
[0263.490] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0263.491] GdipImageGetFrameDimensionsCount (image=0x6603778, count=0xd7e25c) returned 0x0
[0263.491] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201820
[0263.491] GdipImageGetFrameDimensionsList (image=0x6603778, dimensionIDs=0x1201820*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0263.491] LocalFree (hMem=0x1201820) returned 0x0
[0263.491] GdipImageGetFrameDimensionsCount (image=0x66030e8, count=0xd7e250) returned 0x0
[0263.491] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201658
[0263.491] GdipImageGetFrameDimensionsList (image=0x66030e8, dimensionIDs=0x1201658*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0263.491] LocalFree (hMem=0x1201658) returned 0x0
[0263.491] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0263.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0263.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0263.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0263.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.505] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0263.505] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0263.505] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.505] GetSystemMetrics (nIndex=42) returned 0
[0263.505] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0263.505] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0263.505] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0263.505] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0263.505] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0xffffffff870507fc
[0263.505] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0263.505] SaveDC (hdc=0xf0105ee) returned 1
[0263.505] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0263.505] CreateSolidBrush (color=0xf0f0f0) returned 0xd11007e1
[0263.505] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0xd11007e1) returned 1
[0263.505] DeleteObject (ho=0xd11007e1) returned 1
[0263.505] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0263.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0263.506] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0263.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0263.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0263.506] GetStockObject (i=5) returned 0x900015
[0263.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0263.507] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0263.507] GetStockObject (i=5) returned 0x900015
[0263.507] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0263.507] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0263.507] GetStockObject (i=5) returned 0x900015
[0263.507] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0263.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0263.507] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0263.507] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0263.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0263.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0263.509] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0263.509] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0263.509] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.509] InvalidateRect (hWnd=0x2a02d8, lpRect=0x0, bErase=0) returned 1
[0263.509] GetFocus () returned 0x2202c8
[0263.509] GetFocus () returned 0x2202c8
[0263.509] SetFocus (hWnd=0x2a02d8) returned 0x2202c8
[0263.510] GetFocus () returned 0x2a02d8
[0263.510] IsChild (hWndParent=0x2202c8, hWnd=0x2a02d8) returned 1
[0263.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x8, wParam=0x2a02d8, lParam=0x0) returned 0x0
[0263.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0263.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0263.514] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.514] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x7, wParam=0x2202c8, lParam=0x0) returned 0x0
[0263.514] GetStockObject (i=5) returned 0x900015
[0263.514] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0263.514] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0263.514] GetDlgItem (hDlg=0x2202c8, nIDDlgItem=2753240) returned 0x2a02d8
[0263.514] SendMessageW (hWnd=0x2a02d8, Msg=0x202b, wParam=0x2a02d8, lParam=0xd7e0dc) returned 0x0
[0263.514] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x202b, wParam=0x2a02d8, lParam=0xd7e0dc) returned 0x0
[0263.514] InvalidateRect (hWnd=0x2a02d8, lpRect=0x0, bErase=0) returned 1
[0263.516] GetFocus () returned 0x2a02d8
[0263.516] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.516] IsWindowUnicode (hWnd=0x2202c8) returned 1
[0263.516] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.516] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.516] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0263.516] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.516] IsWindowUnicode (hWnd=0x2202c8) returned 1
[0263.516] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.516] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.516] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.517] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0263.517] IsWindowUnicode (hWnd=0x2202c8) returned 1
[0263.517] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.517] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.517] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.517] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.517] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.517] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.517] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.517] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0263.517] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0263.518] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.518] IsWindowUnicode (hWnd=0x2202c8) returned 1
[0263.518] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.518] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.518] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.518] BeginPaint (in: hWnd=0x2202c8, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0263.518] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.519] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.519] GetSystemMetrics (nIndex=42) returned 0
[0263.519] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0263.519] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.519] EndPaint (hWnd=0x2202c8, lpPaint=0xd7e274) returned 1
[0263.519] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.519] IsWindowUnicode (hWnd=0x1d02d0) returned 1
[0263.519] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.519] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.519] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.519] BeginPaint (in: hWnd=0x1d02d0, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0263.519] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.519] CreateCompatibleDC (hdc=0xc0107c5) returned 0xc90107c6
[0263.519] SelectObject (hdc=0xc90107c6, h=0x4a0507fe) returned 0x85000f
[0263.520] GdipCreateFromHDC (hdc=0xc90107c6, graphics=0xd7e2b0) returned 0x0
[0263.520] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.520] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0263.520] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0263.520] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0263.520] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e310) returned 0x0
[0263.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.520] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0263.520] LocalFree (hMem=0x11ee868) returned 0x0
[0263.520] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0263.520] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0263.520] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0263.520] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e304) returned 0x0
[0263.520] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0263.520] GetWindowTextLengthW (hWnd=0x1d02d0) returned 0
[0263.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0263.520] GetSystemMetrics (nIndex=42) returned 0
[0263.520] GetWindowTextW (in: hWnd=0x1d02d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0263.520] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0263.520] GetClientRect (in: hWnd=0x1d02d0, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0263.521] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0263.521] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0263.521] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0263.521] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0263.521] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e164) returned 0x0
[0263.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0263.521] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0263.521] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.521] GdipCombineRegionRegion (region=0x6645878, region2=0x6645758, combineMode=0x1) returned 0x0
[0263.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.521] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0263.521] LocalFree (hMem=0x11ee868) returned 0x0
[0263.521] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0263.521] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0263.521] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0263.521] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0263.521] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.521] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0263.521] GetCurrentObject (hdc=0xc90107c6, type=0x1) returned 0xb00017
[0263.521] GetCurrentObject (hdc=0xc90107c6, type=0x2) returned 0x900010
[0263.521] GetCurrentObject (hdc=0xc90107c6, type=0x7) returned 0x4a0507fe
[0263.521] GetCurrentObject (hdc=0xc90107c6, type=0x6) returned 0x8a01c2
[0263.521] SaveDC (hdc=0xc90107c6) returned 1
[0263.522] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x100407de
[0263.522] GetClipRgn (hdc=0xc90107c6, hrgn=0x100407de) returned 0
[0263.522] SelectClipRgn (hdc=0xc90107c6, hrgn=0x7b040807) returned 2
[0263.522] DeleteObject (ho=0x100407de) returned 1
[0263.522] DeleteObject (ho=0x7b040807) returned 1
[0263.522] OffsetViewportOrgEx (in: hdc=0xc90107c6, x=0, y=0, lppt=0x2eee2ac | out: lppt=0x2eee2ac) returned 1
[0263.522] GetNearestColor (hdc=0xc90107c6, color=0xf0f0f0) returned 0xf0f0f0
[0263.522] CreateSolidBrush (color=0xf0f0f0) returned 0xd21007e1
[0263.522] FillRect (hDC=0xc90107c6, lprc=0xd7e198, hbr=0xd21007e1) returned 1
[0263.522] DeleteObject (ho=0xd21007e1) returned 1
[0263.522] RestoreDC (hdc=0xc90107c6, nSavedDC=-1) returned 1
[0263.522] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107c6) returned 0x0
[0263.522] GdipRestoreGraphics (graphics=0x6600030, state=0xf7940dbd) returned 0x0
[0263.522] GdipDeleteRegion (region=0x6645758) returned 0x0
[0263.522] GetWindowTextLengthW (hWnd=0x1d02d0) returned 0
[0263.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0263.522] GetSystemMetrics (nIndex=42) returned 0
[0263.522] GetWindowTextW (in: hWnd=0x1d02d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0263.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0263.522] GdipGetImageWidth (image=0x6603778, width=0xd7e1e0) returned 0x0
[0263.522] GdipGetImageHeight (image=0x6603778, height=0xd7e1e0) returned 0x0
[0263.523] GdipGetImageWidth (image=0x6603778, width=0xd7e1cc) returned 0x0
[0263.523] GdipGetImageHeight (image=0x6603778, height=0xd7e1cc) returned 0x0
[0263.523] GdipDrawImageRectI (graphics=0x6600030, image=0x6603778, x=16, y=16, width=32, height=32) returned 0x0
[0263.523] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0263.523] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0xc90107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.523] GdipReleaseDC (graphics=0x6600030, hdc=0xc90107c6) returned 0x0
[0263.523] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.523] SelectObject (hdc=0xc90107c6, h=0x85000f) returned 0x4a0507fe
[0263.523] DeleteDC (hdc=0xc90107c6) returned 1
[0263.523] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.523] EndPaint (hWnd=0x1d02d0, lpPaint=0xd7e294) returned 1
[0263.524] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.524] IsWindowUnicode (hWnd=0x2802de) returned 1
[0263.524] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.524] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.524] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.524] BeginPaint (in: hWnd=0x2802de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0263.524] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.524] CreateCompatibleDC (hdc=0x10105d6) returned 0xcb0107c6
[0263.524] GetObjectType (h=0x10105d6) returned 0x3
[0263.524] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0x270507f1
[0263.524] GetDIBits (in: hdc=0x10105d6, hbm=0x270507f1, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0263.524] GetDIBits (in: hdc=0x10105d6, hbm=0x270507f1, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0263.524] DeleteObject (ho=0x270507f1) returned 1
[0263.525] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xce0507d0
[0263.525] SelectObject (hdc=0xcb0107c6, h=0xce0507d0) returned 0x85000f
[0263.525] GdipCreateFromHDC (hdc=0xcb0107c6, graphics=0xd7e234) returned 0x0
[0263.525] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.525] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0263.525] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0263.525] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0263.525] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2d4) returned 0x0
[0263.525] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.525] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0263.525] LocalFree (hMem=0x11ee868) returned 0x0
[0263.525] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0263.525] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0263.525] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0263.525] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0263.525] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0263.526] GetWindowTextLengthW (hWnd=0x2802de) returned 232
[0263.526] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0263.526] GetSystemMetrics (nIndex=42) returned 0
[0263.526] GetWindowTextW (in: hWnd=0x2802de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0263.526] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0263.526] GetClientRect (in: hWnd=0x2802de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0263.526] GdipCreateRegion (region=0xd7e110) returned 0x0
[0263.526] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0263.526] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0263.526] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0263.526] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e128) returned 0x0
[0263.526] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.526] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0263.526] LocalFree (hMem=0x11eec58) returned 0x0
[0263.526] GdipCombineRegionRegion (region=0x6645488, region2=0x6645fc8, combineMode=0x1) returned 0x0
[0263.526] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.526] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0263.526] LocalFree (hMem=0x11eec58) returned 0x0
[0263.526] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0263.526] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e150) returned 0x0
[0263.526] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e140) returned 0x0
[0263.526] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0263.526] GdipDeleteRegion (region=0x6645488) returned 0x0
[0263.526] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0263.527] GetCurrentObject (hdc=0xcb0107c6, type=0x1) returned 0xb00017
[0263.527] GetCurrentObject (hdc=0xcb0107c6, type=0x2) returned 0x900010
[0263.527] GetCurrentObject (hdc=0xcb0107c6, type=0x7) returned 0xffffffffce0507d0
[0263.527] GetCurrentObject (hdc=0xcb0107c6, type=0x6) returned 0x8a01c2
[0263.527] SaveDC (hdc=0xcb0107c6) returned 1
[0263.527] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c040807
[0263.527] GetClipRgn (hdc=0xcb0107c6, hrgn=0x7c040807) returned 0
[0263.527] SelectClipRgn (hdc=0xcb0107c6, hrgn=0x110407de) returned 2
[0263.527] DeleteObject (ho=0x7c040807) returned 1
[0263.527] DeleteObject (ho=0x110407de) returned 1
[0263.527] OffsetViewportOrgEx (in: hdc=0xcb0107c6, x=0, y=0, lppt=0x2eefc74 | out: lppt=0x2eefc74) returned 1
[0263.527] GetNearestColor (hdc=0xcb0107c6, color=0xf0f0f0) returned 0xf0f0f0
[0263.527] CreateSolidBrush (color=0xf0f0f0) returned 0xd31007e1
[0263.527] FillRect (hDC=0xcb0107c6, lprc=0xd7e15c, hbr=0xd31007e1) returned 1
[0263.528] DeleteObject (ho=0xd31007e1) returned 1
[0263.528] RestoreDC (hdc=0xcb0107c6, nSavedDC=-1) returned 1
[0263.528] GdipReleaseDC (graphics=0x6600030, hdc=0xcb0107c6) returned 0x0
[0263.532] GdipRestoreGraphics (graphics=0x6600030, state=0xf7920dbd) returned 0x0
[0263.532] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0263.532] GetWindowTextLengthW (hWnd=0x2802de) returned 232
[0263.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0263.532] GetSystemMetrics (nIndex=42) returned 0
[0263.532] GetWindowTextW (in: hWnd=0x2802de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0263.532] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0263.532] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0263.532] GetCurrentObject (hdc=0xcb0107c6, type=0x1) returned 0xb00017
[0263.532] GetCurrentObject (hdc=0xcb0107c6, type=0x2) returned 0x900010
[0263.532] GetCurrentObject (hdc=0xcb0107c6, type=0x7) returned 0xffffffffce0507d0
[0263.533] GetCurrentObject (hdc=0xcb0107c6, type=0x6) returned 0x8a01c2
[0263.533] SaveDC (hdc=0xcb0107c6) returned 1
[0263.533] GetNearestColor (hdc=0xcb0107c6, color=0x0) returned 0x0
[0263.533] RestoreDC (hdc=0xcb0107c6, nSavedDC=-1) returned 1
[0263.533] GdipReleaseDC (graphics=0x6600030, hdc=0xcb0107c6) returned 0x0
[0263.533] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0263.533] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0263.533] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2ef0470 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0263.534] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0263.534] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0263.534] GetCurrentObject (hdc=0xcb0107c6, type=0x1) returned 0xb00017
[0263.534] GetCurrentObject (hdc=0xcb0107c6, type=0x2) returned 0x900010
[0263.534] GetCurrentObject (hdc=0xcb0107c6, type=0x7) returned 0xffffffffce0507d0
[0263.534] GetCurrentObject (hdc=0xcb0107c6, type=0x6) returned 0x8a01c2
[0263.534] SaveDC (hdc=0xcb0107c6) returned 1
[0263.534] GetTextAlign (hdc=0xcb0107c6) returned 0x0
[0263.534] GetTextColor (hdc=0xcb0107c6) returned 0x0
[0263.534] GetCurrentObject (hdc=0xcb0107c6, type=0x6) returned 0x8a01c2
[0263.534] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0263.534] SelectObject (hdc=0xcb0107c6, h=0x6d0a0520) returned 0x8a01c2
[0263.534] GetBkMode (hdc=0xcb0107c6) returned 2
[0263.534] SetBkMode (hdc=0xcb0107c6, mode=1) returned 2
[0263.535] DrawTextExW (in: hdc=0xcb0107c6, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2ef0694 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0263.537] RestoreDC (hdc=0xcb0107c6, nSavedDC=-1) returned 1
[0263.537] GdipReleaseDC (graphics=0x6600030, hdc=0xcb0107c6) returned 0x0
[0263.537] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0263.537] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xcb0107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.537] GdipReleaseDC (graphics=0x6600030, hdc=0xcb0107c6) returned 0x0
[0263.537] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.537] SelectObject (hdc=0xcb0107c6, h=0x85000f) returned 0xce0507d0
[0263.537] DeleteDC (hdc=0xcb0107c6) returned 1
[0263.537] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.537] DeleteObject (ho=0xce0507d0) returned 1
[0263.538] EndPaint (hWnd=0x2802de, lpPaint=0xd7e258) returned 1
[0263.538] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.538] IsWindowUnicode (hWnd=0x2a02d8) returned 1
[0263.538] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.538] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.538] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.538] BeginPaint (in: hWnd=0x2a02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0263.539] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.539] CreateCompatibleDC (hdc=0x107b9) returned 0x290107f1
[0263.539] SelectObject (hdc=0x290107f1, h=0x4a0507fe) returned 0x85000f
[0263.539] GdipCreateFromHDC (hdc=0x290107f1, graphics=0xd7e268) returned 0x0
[0263.539] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.539] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0263.539] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0263.539] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0263.539] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0263.539] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0263.539] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eecc8) returned 0x0
[0263.539] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.539] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0263.539] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0263.539] GdipGetClip (graphics=0x6600030, region=0x6645368) returned 0x0
[0263.539] GdipIsInfiniteRegion (region=0x6645368, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0263.539] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0263.539] GdipRestoreGraphics (graphics=0x6600030, state=0xf7900dbd) returned 0x0
[0263.540] GdipDeleteRegion (region=0x6645368) returned 0x0
[0263.540] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0263.540] GetCurrentObject (hdc=0x290107f1, type=0x1) returned 0xb00017
[0263.540] GetCurrentObject (hdc=0x290107f1, type=0x2) returned 0x900010
[0263.540] GetCurrentObject (hdc=0x290107f1, type=0x7) returned 0x4a0507fe
[0263.540] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.540] SaveDC (hdc=0x290107f1) returned 1
[0263.540] GetNearestColor (hdc=0x290107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.540] GetNearestColor (hdc=0x290107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.540] GetNearestColor (hdc=0x290107f1, color=0x696969) returned 0x696969
[0263.540] GetNearestColor (hdc=0x290107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.540] GetNearestColor (hdc=0x290107f1, color=0x0) returned 0x0
[0263.540] GetNearestColor (hdc=0x290107f1, color=0xffffff) returned 0xffffff
[0263.540] GetNearestColor (hdc=0x290107f1, color=0xe5e5e5) returned 0xe5e5e5
[0263.540] GetNearestColor (hdc=0x290107f1, color=0xd7d7d7) returned 0xd7d7d7
[0263.540] GetNearestColor (hdc=0x290107f1, color=0x0) returned 0x0
[0263.540] RestoreDC (hdc=0x290107f1, nSavedDC=-1) returned 1
[0263.540] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f1) returned 0x0
[0263.540] IsAppThemed () returned 0x1
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] GdipGetImageWidth (image=0x66030e8, width=0xd7e168) returned 0x0
[0263.541] GdipGetImageHeight (image=0x66030e8, height=0xd7e168) returned 0x0
[0263.541] IsAppThemed () returned 0x1
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2ef0de4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0263.541] IsAppThemed () returned 0x1
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] IsAppThemed () returned 0x1
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] GetFocus () returned 0x2a02d8
[0263.541] IsAppThemed () returned 0x1
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] GetThemeAppProperties () returned 0x3
[0263.541] IsAppThemed () returned 0x1
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] IsThemePartDefined () returned 0x1
[0263.542] IsAppThemed () returned 0x1
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.542] IsAppThemed () returned 0x1
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] IsAppThemed () returned 0x1
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] GetThemeAppProperties () returned 0x3
[0263.542] IsThemePartDefined () returned 0x1
[0263.542] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0263.542] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.542] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0263.542] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0263.542] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0263.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0263.542] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0263.542] LocalFree (hMem=0x11ee9f0) returned 0x0
[0263.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.542] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0263.542] LocalFree (hMem=0x11ee868) returned 0x0
[0263.543] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0263.543] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e018) returned 0x0
[0263.543] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e008) returned 0x0
[0263.543] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0263.543] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.543] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0263.543] GetCurrentObject (hdc=0x290107f1, type=0x1) returned 0xb00017
[0263.543] GetCurrentObject (hdc=0x290107f1, type=0x2) returned 0x900010
[0263.543] GetCurrentObject (hdc=0x290107f1, type=0x7) returned 0x4a0507fe
[0263.543] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.543] SaveDC (hdc=0x290107f1) returned 1
[0263.543] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x120407de
[0263.543] GetClipRgn (hdc=0x290107f1, hrgn=0x120407de) returned 0
[0263.543] SelectClipRgn (hdc=0x290107f1, hrgn=0x80040807) returned 2
[0263.543] DeleteObject (ho=0x120407de) returned 1
[0263.543] DeleteObject (ho=0x80040807) returned 1
[0263.543] OffsetViewportOrgEx (in: hdc=0x290107f1, x=0, y=0, lppt=0x2ef1494 | out: lppt=0x2ef1494) returned 1
[0263.543] DrawThemeParentBackground () returned 0x0
[0263.544] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0263.544] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0263.544] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.544] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.544] GetSystemMetrics (nIndex=42) returned 0
[0263.544] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.544] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0263.544] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0263.544] GetCurrentObject (hdc=0x290107f1, type=0x1) returned 0xb00017
[0263.544] GetCurrentObject (hdc=0x290107f1, type=0x2) returned 0x900010
[0263.544] GetCurrentObject (hdc=0x290107f1, type=0x7) returned 0x4a0507fe
[0263.544] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.544] SaveDC (hdc=0x290107f1) returned 2
[0263.545] GetNearestColor (hdc=0x290107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.545] CreateSolidBrush (color=0xf0f0f0) returned 0xd41007e1
[0263.545] FillRect (hDC=0x290107f1, lprc=0xd7da38, hbr=0xd41007e1) returned 1
[0263.545] DeleteObject (ho=0xd41007e1) returned 1
[0263.545] RestoreDC (hdc=0x290107f1, nSavedDC=-1) returned 1
[0263.545] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.545] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.545] GetSystemMetrics (nIndex=42) returned 0
[0263.545] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.545] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0263.545] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0263.545] GetCurrentObject (hdc=0x290107f1, type=0x1) returned 0xb00017
[0263.545] GetCurrentObject (hdc=0x290107f1, type=0x2) returned 0x900010
[0263.545] GetCurrentObject (hdc=0x290107f1, type=0x7) returned 0x4a0507fe
[0263.545] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.545] SaveDC (hdc=0x290107f1) returned 2
[0263.545] GetNearestColor (hdc=0x290107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.545] CreateSolidBrush (color=0xf0f0f0) returned 0xd51007e1
[0263.545] FillRect (hDC=0x290107f1, lprc=0xd7d9d8, hbr=0xd51007e1) returned 1
[0263.545] DeleteObject (ho=0xd51007e1) returned 1
[0263.545] RestoreDC (hdc=0x290107f1, nSavedDC=-1) returned 1
[0263.545] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.545] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.546] GetSystemMetrics (nIndex=42) returned 0
[0263.546] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0263.546] RestoreDC (hdc=0x290107f1, nSavedDC=-1) returned 1
[0263.546] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f1) returned 0x0
[0263.546] IsAppThemed () returned 0x1
[0263.546] GetThemeAppProperties () returned 0x3
[0263.546] GetThemeAppProperties () returned 0x3
[0263.546] IsAppThemed () returned 0x1
[0263.546] GetThemeAppProperties () returned 0x3
[0263.546] GetThemeAppProperties () returned 0x3
[0263.546] IsThemePartDefined () returned 0x1
[0263.546] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0263.546] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0263.546] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0263.546] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0263.546] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0263.546] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0263.546] LocalFree (hMem=0x11ee8d8) returned 0x0
[0263.546] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0263.547] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.547] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0263.547] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0263.547] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0263.547] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0263.547] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.547] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0263.547] GetCurrentObject (hdc=0x290107f1, type=0x1) returned 0xb00017
[0263.547] GetCurrentObject (hdc=0x290107f1, type=0x2) returned 0x900010
[0263.547] GetCurrentObject (hdc=0x290107f1, type=0x7) returned 0x4a0507fe
[0263.547] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.547] SaveDC (hdc=0x290107f1) returned 1
[0263.547] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x81040807
[0263.547] GetClipRgn (hdc=0x290107f1, hrgn=0x81040807) returned 0
[0263.547] SelectClipRgn (hdc=0x290107f1, hrgn=0x140407de) returned 2
[0263.547] DeleteObject (ho=0x81040807) returned 1
[0263.547] DeleteObject (ho=0x140407de) returned 1
[0263.547] OffsetViewportOrgEx (in: hdc=0x290107f1, x=0, y=0, lppt=0x2ef1e18 | out: lppt=0x2ef1e18) returned 1
[0263.547] IsAppThemed () returned 0x1
[0263.547] GetThemeAppProperties () returned 0x3
[0263.547] GetThemeAppProperties () returned 0x3
[0263.547] DrawThemeBackground () returned 0x0
[0263.547] RestoreDC (hdc=0x290107f1, nSavedDC=-1) returned 1
[0263.548] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f1) returned 0x0
[0263.548] GdipCreateRegion (region=0xd7df60) returned 0x0
[0263.548] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0263.548] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0263.548] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0263.548] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0263.548] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0263.548] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0263.548] LocalFree (hMem=0x11ee9f0) returned 0x0
[0263.548] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0263.548] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eecc8) returned 0x0
[0263.548] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.548] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0263.548] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0263.548] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0263.548] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0263.548] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0263.548] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0263.548] GetCurrentObject (hdc=0x290107f1, type=0x1) returned 0xb00017
[0263.548] GetCurrentObject (hdc=0x290107f1, type=0x2) returned 0x900010
[0263.548] GetCurrentObject (hdc=0x290107f1, type=0x7) returned 0x4a0507fe
[0263.548] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.548] SaveDC (hdc=0x290107f1) returned 1
[0263.549] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x150407de
[0263.549] GetClipRgn (hdc=0x290107f1, hrgn=0x150407de) returned 0
[0263.549] SelectClipRgn (hdc=0x290107f1, hrgn=0x82040807) returned 2
[0263.549] DeleteObject (ho=0x150407de) returned 1
[0263.549] DeleteObject (ho=0x82040807) returned 1
[0263.549] OffsetViewportOrgEx (in: hdc=0x290107f1, x=0, y=0, lppt=0x2ef20ec | out: lppt=0x2ef20ec) returned 1
[0263.549] IsAppThemed () returned 0x1
[0263.549] GetThemeAppProperties () returned 0x3
[0263.549] GetThemeAppProperties () returned 0x3
[0263.549] GetThemeBackgroundContentRect () returned 0x0
[0263.549] RestoreDC (hdc=0x290107f1, nSavedDC=-1) returned 1
[0263.549] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f1) returned 0x0
[0263.549] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0263.549] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0263.549] GdipCloneRegion (region=0x6645c68, cloneRegion=0xd7e150) returned 0x0
[0263.549] GdipCombineRegionRectI (region=0x6645fc8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0263.549] GdipCombineRegionRectI (region=0x6645fc8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0263.549] GdipSetClipRegion (graphics=0x6600030, region=0x6645fc8, combineMode=0x0) returned 0x0
[0263.549] GdipGetImageWidth (image=0x66030e8, width=0xd7e154) returned 0x0
[0263.549] GdipGetImageHeight (image=0x66030e8, height=0xd7e148) returned 0x0
[0263.549] GdipDrawImageRectI (graphics=0x6600030, image=0x66030e8, x=4, y=4, width=16, height=16) returned 0x0
[0263.549] GdipSetClipRegion (graphics=0x6600030, region=0x6645c68, combineMode=0x0) returned 0x0
[0263.550] IsAppThemed () returned 0x1
[0263.550] GetThemeAppProperties () returned 0x3
[0263.550] GetThemeAppProperties () returned 0x3
[0263.550] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0263.550] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0263.550] GetCurrentObject (hdc=0x290107f1, type=0x1) returned 0xb00017
[0263.550] GetCurrentObject (hdc=0x290107f1, type=0x2) returned 0x900010
[0263.550] GetCurrentObject (hdc=0x290107f1, type=0x7) returned 0x4a0507fe
[0263.550] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.550] SaveDC (hdc=0x290107f1) returned 1
[0263.550] GetTextAlign (hdc=0x290107f1) returned 0x0
[0263.550] GetTextColor (hdc=0x290107f1) returned 0x0
[0263.550] GetCurrentObject (hdc=0x290107f1, type=0x6) returned 0x8a01c2
[0263.550] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0263.550] SelectObject (hdc=0x290107f1, h=0x6d0a0520) returned 0x8a01c2
[0263.550] GetBkMode (hdc=0x290107f1) returned 2
[0263.550] SetBkMode (hdc=0x290107f1, mode=1) returned 2
[0263.550] DrawTextExW (in: hdc=0x290107f1, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2ef24ac | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0263.551] DrawTextExW (in: hdc=0x290107f1, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ef24ac | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0263.551] RestoreDC (hdc=0x290107f1, nSavedDC=-1) returned 1
[0263.551] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f1) returned 0x0
[0263.551] GetFocus () returned 0x2a02d8
[0263.551] IsAppThemed () returned 0x1
[0263.551] GetThemeAppProperties () returned 0x3
[0263.551] GetThemeAppProperties () returned 0x3
[0263.551] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0263.551] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x290107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.551] GdipReleaseDC (graphics=0x6600030, hdc=0x290107f1) returned 0x0
[0263.551] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.552] SelectObject (hdc=0x290107f1, h=0x85000f) returned 0x4a0507fe
[0263.552] DeleteDC (hdc=0x290107f1) returned 1
[0263.552] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.552] EndPaint (hWnd=0x2a02d8, lpPaint=0xd7e24c) returned 1
[0263.552] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.552] IsWindowUnicode (hWnd=0x2802dc) returned 1
[0263.552] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.552] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.552] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.552] BeginPaint (in: hWnd=0x2802dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0263.552] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.552] CreateCompatibleDC (hdc=0x60100ce) returned 0x2b0107f1
[0263.552] SelectObject (hdc=0x2b0107f1, h=0x4a0507fe) returned 0x85000f
[0263.552] GdipCreateFromHDC (hdc=0x2b0107f1, graphics=0xd7e268) returned 0x0
[0263.553] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.553] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0263.553] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0263.553] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0263.553] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2c8) returned 0x0
[0263.553] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.553] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0263.553] LocalFree (hMem=0x11eec58) returned 0x0
[0263.553] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0263.553] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0263.553] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0263.553] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0263.553] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0263.553] GdipRestoreGraphics (graphics=0x6600030, state=0xf78e0dbd) returned 0x0
[0263.553] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.553] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0263.553] GetCurrentObject (hdc=0x2b0107f1, type=0x1) returned 0xb00017
[0263.553] GetCurrentObject (hdc=0x2b0107f1, type=0x2) returned 0x900010
[0263.553] GetCurrentObject (hdc=0x2b0107f1, type=0x7) returned 0x4a0507fe
[0263.553] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.553] SaveDC (hdc=0x2b0107f1) returned 1
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0x696969) returned 0x696969
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0x0) returned 0x0
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0xffffff) returned 0xffffff
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0xe5e5e5) returned 0xe5e5e5
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0xd7d7d7) returned 0xd7d7d7
[0263.554] GetNearestColor (hdc=0x2b0107f1, color=0x0) returned 0x0
[0263.554] RestoreDC (hdc=0x2b0107f1, nSavedDC=-1) returned 1
[0263.554] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107f1) returned 0x0
[0263.554] IsAppThemed () returned 0x1
[0263.554] GetThemeAppProperties () returned 0x3
[0263.554] GetThemeAppProperties () returned 0x3
[0263.554] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0263.554] SendMessageW (hWnd=0x2202c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0263.554] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0263.554] IsAppThemed () returned 0x1
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2ef2cbc | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0263.555] IsAppThemed () returned 0x1
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] IsAppThemed () returned 0x1
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] GetFocus () returned 0x2a02d8
[0263.555] IsAppThemed () returned 0x1
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] IsAppThemed () returned 0x1
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] IsThemePartDefined () returned 0x1
[0263.555] IsAppThemed () returned 0x1
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] GetThemeAppProperties () returned 0x3
[0263.555] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.555] IsAppThemed () returned 0x1
[0263.556] GetThemeAppProperties () returned 0x3
[0263.556] GetThemeAppProperties () returned 0x3
[0263.556] IsAppThemed () returned 0x1
[0263.556] GetThemeAppProperties () returned 0x3
[0263.556] GetThemeAppProperties () returned 0x3
[0263.556] IsThemePartDefined () returned 0x1
[0263.556] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0263.556] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0263.556] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0263.556] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0263.556] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dff0) returned 0x0
[0263.556] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.556] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0263.556] LocalFree (hMem=0x11eec58) returned 0x0
[0263.556] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.556] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0263.556] LocalFree (hMem=0x11eec58) returned 0x0
[0263.556] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0263.556] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e018) returned 0x0
[0263.556] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7e008) returned 0x0
[0263.556] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0263.556] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.556] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0263.556] GetCurrentObject (hdc=0x2b0107f1, type=0x1) returned 0xb00017
[0263.556] GetCurrentObject (hdc=0x2b0107f1, type=0x2) returned 0x900010
[0263.557] GetCurrentObject (hdc=0x2b0107f1, type=0x7) returned 0x4a0507fe
[0263.557] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.557] SaveDC (hdc=0x2b0107f1) returned 1
[0263.557] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x83040807
[0263.557] GetClipRgn (hdc=0x2b0107f1, hrgn=0x83040807) returned 0
[0263.557] SelectClipRgn (hdc=0x2b0107f1, hrgn=0x190407de) returned 2
[0263.557] DeleteObject (ho=0x83040807) returned 1
[0263.557] DeleteObject (ho=0x190407de) returned 1
[0263.557] OffsetViewportOrgEx (in: hdc=0x2b0107f1, x=0, y=0, lppt=0x2ef336c | out: lppt=0x2ef336c) returned 1
[0263.557] DrawThemeParentBackground () returned 0x0
[0263.557] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0263.557] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0263.557] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.558] GetSystemMetrics (nIndex=42) returned 0
[0263.558] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0263.558] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0263.558] GetCurrentObject (hdc=0x2b0107f1, type=0x1) returned 0xb00017
[0263.558] GetCurrentObject (hdc=0x2b0107f1, type=0x2) returned 0x900010
[0263.558] GetCurrentObject (hdc=0x2b0107f1, type=0x7) returned 0x4a0507fe
[0263.558] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.558] SaveDC (hdc=0x2b0107f1) returned 2
[0263.558] GetNearestColor (hdc=0x2b0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.558] CreateSolidBrush (color=0xf0f0f0) returned 0xd61007e1
[0263.558] FillRect (hDC=0x2b0107f1, lprc=0xd7da38, hbr=0xd61007e1) returned 1
[0263.558] DeleteObject (ho=0xd61007e1) returned 1
[0263.558] RestoreDC (hdc=0x2b0107f1, nSavedDC=-1) returned 1
[0263.559] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.559] GetSystemMetrics (nIndex=42) returned 0
[0263.559] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0263.559] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0263.559] GetCurrentObject (hdc=0x2b0107f1, type=0x1) returned 0xb00017
[0263.559] GetCurrentObject (hdc=0x2b0107f1, type=0x2) returned 0x900010
[0263.559] GetCurrentObject (hdc=0x2b0107f1, type=0x7) returned 0x4a0507fe
[0263.559] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.559] SaveDC (hdc=0x2b0107f1) returned 2
[0263.559] GetNearestColor (hdc=0x2b0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.559] CreateSolidBrush (color=0xf0f0f0) returned 0xd71007e1
[0263.559] FillRect (hDC=0x2b0107f1, lprc=0xd7d9d8, hbr=0xd71007e1) returned 1
[0263.559] DeleteObject (ho=0xd71007e1) returned 1
[0263.564] RestoreDC (hdc=0x2b0107f1, nSavedDC=-1) returned 1
[0263.564] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.564] GetSystemMetrics (nIndex=42) returned 0
[0263.564] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0263.564] RestoreDC (hdc=0x2b0107f1, nSavedDC=-1) returned 1
[0263.565] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107f1) returned 0x0
[0263.565] IsAppThemed () returned 0x1
[0263.565] GetThemeAppProperties () returned 0x3
[0263.565] GetThemeAppProperties () returned 0x3
[0263.565] IsAppThemed () returned 0x1
[0263.565] GetThemeAppProperties () returned 0x3
[0263.565] GetThemeAppProperties () returned 0x3
[0263.565] IsThemePartDefined () returned 0x1
[0263.565] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0263.565] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0263.565] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0263.565] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0263.565] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df74) returned 0x0
[0263.565] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0263.565] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0263.565] LocalFree (hMem=0x11ee8d8) returned 0x0
[0263.565] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0263.565] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0263.565] LocalFree (hMem=0x11eed00) returned 0x0
[0263.565] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0263.565] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0263.566] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0263.566] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0263.566] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0263.566] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0263.566] GetCurrentObject (hdc=0x2b0107f1, type=0x1) returned 0xb00017
[0263.566] GetCurrentObject (hdc=0x2b0107f1, type=0x2) returned 0x900010
[0263.566] GetCurrentObject (hdc=0x2b0107f1, type=0x7) returned 0x4a0507fe
[0263.566] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.566] SaveDC (hdc=0x2b0107f1) returned 1
[0263.566] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a0407de
[0263.566] GetClipRgn (hdc=0x2b0107f1, hrgn=0x1a0407de) returned 0
[0263.566] SelectClipRgn (hdc=0x2b0107f1, hrgn=0x85040807) returned 2
[0263.566] DeleteObject (ho=0x1a0407de) returned 1
[0263.566] DeleteObject (ho=0x85040807) returned 1
[0263.566] OffsetViewportOrgEx (in: hdc=0x2b0107f1, x=0, y=0, lppt=0x2ef3cf0 | out: lppt=0x2ef3cf0) returned 1
[0263.566] IsAppThemed () returned 0x1
[0263.567] GetThemeAppProperties () returned 0x3
[0263.567] GetThemeAppProperties () returned 0x3
[0263.567] DrawThemeBackground () returned 0x0
[0263.567] RestoreDC (hdc=0x2b0107f1, nSavedDC=-1) returned 1
[0263.567] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107f1) returned 0x0
[0263.567] GdipCreateRegion (region=0xd7df60) returned 0x0
[0263.567] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.567] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0263.567] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0263.567] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0263.567] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.567] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0263.567] LocalFree (hMem=0x11ee868) returned 0x0
[0263.567] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0263.567] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eed00) returned 0x0
[0263.568] LocalFree (hMem=0x11eed00) returned 0x0
[0263.568] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0263.568] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0263.568] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df90) returned 0x0
[0263.568] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0263.568] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.568] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0263.568] GetCurrentObject (hdc=0x2b0107f1, type=0x1) returned 0xb00017
[0263.568] GetCurrentObject (hdc=0x2b0107f1, type=0x2) returned 0x900010
[0263.568] GetCurrentObject (hdc=0x2b0107f1, type=0x7) returned 0x4a0507fe
[0263.568] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.568] SaveDC (hdc=0x2b0107f1) returned 1
[0263.568] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x86040807
[0263.568] GetClipRgn (hdc=0x2b0107f1, hrgn=0x86040807) returned 0
[0263.569] SelectClipRgn (hdc=0x2b0107f1, hrgn=0x1b0407de) returned 2
[0263.569] DeleteObject (ho=0x86040807) returned 1
[0263.569] DeleteObject (ho=0x1b0407de) returned 1
[0263.569] OffsetViewportOrgEx (in: hdc=0x2b0107f1, x=0, y=0, lppt=0x2ef3fc4 | out: lppt=0x2ef3fc4) returned 1
[0263.569] IsAppThemed () returned 0x1
[0263.569] GetThemeAppProperties () returned 0x3
[0263.569] GetThemeAppProperties () returned 0x3
[0263.569] GetThemeBackgroundContentRect () returned 0x0
[0263.569] RestoreDC (hdc=0x2b0107f1, nSavedDC=-1) returned 1
[0263.569] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107f1) returned 0x0
[0263.569] IsAppThemed () returned 0x1
[0263.569] GetThemeAppProperties () returned 0x3
[0263.569] GetThemeAppProperties () returned 0x3
[0263.569] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0263.569] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0263.570] GetCurrentObject (hdc=0x2b0107f1, type=0x1) returned 0xb00017
[0263.570] GetCurrentObject (hdc=0x2b0107f1, type=0x2) returned 0x900010
[0263.570] GetCurrentObject (hdc=0x2b0107f1, type=0x7) returned 0x4a0507fe
[0263.570] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.570] SaveDC (hdc=0x2b0107f1) returned 1
[0263.570] GetTextAlign (hdc=0x2b0107f1) returned 0x0
[0263.570] GetTextColor (hdc=0x2b0107f1) returned 0x0
[0263.570] GetCurrentObject (hdc=0x2b0107f1, type=0x6) returned 0x8a01c2
[0263.570] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0263.570] SelectObject (hdc=0x2b0107f1, h=0x6d0a0520) returned 0x8a01c2
[0263.570] GetBkMode (hdc=0x2b0107f1) returned 2
[0263.570] SetBkMode (hdc=0x2b0107f1, mode=1) returned 2
[0263.571] DrawTextExW (in: hdc=0x2b0107f1, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2ef4364 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0263.571] DrawTextExW (in: hdc=0x2b0107f1, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ef4364 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0263.571] RestoreDC (hdc=0x2b0107f1, nSavedDC=-1) returned 1
[0263.571] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107f1) returned 0x0
[0263.571] GetFocus () returned 0x2a02d8
[0263.571] IsAppThemed () returned 0x1
[0263.571] GetThemeAppProperties () returned 0x3
[0263.571] GetThemeAppProperties () returned 0x3
[0263.571] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0263.572] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x2b0107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.572] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107f1) returned 0x0
[0263.572] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.572] SelectObject (hdc=0x2b0107f1, h=0x85000f) returned 0x4a0507fe
[0263.572] DeleteDC (hdc=0x2b0107f1) returned 1
[0263.572] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.572] EndPaint (hWnd=0x2802dc, lpPaint=0xd7e24c) returned 1
[0263.573] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.573] IsWindowUnicode (hWnd=0x2802da) returned 1
[0263.573] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.573] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.573] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.573] BeginPaint (in: hWnd=0x2802da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0263.573] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.573] CreateCompatibleDC (hdc=0xc0107c5) returned 0x2d0107f1
[0263.573] SelectObject (hdc=0x2d0107f1, h=0x4a0507fe) returned 0x85000f
[0263.573] GdipCreateFromHDC (hdc=0x2d0107f1, graphics=0xd7e268) returned 0x0
[0263.573] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.574] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0263.574] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0263.574] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0263.574] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0263.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0263.574] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee8d8) returned 0x0
[0263.574] LocalFree (hMem=0x11ee8d8) returned 0x0
[0263.574] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0263.574] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0263.574] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0263.574] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0263.574] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0263.574] GdipRestoreGraphics (graphics=0x6600030, state=0xf78c0dbd) returned 0x0
[0263.574] GdipDeleteRegion (region=0x6645518) returned 0x0
[0263.574] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0263.574] GetCurrentObject (hdc=0x2d0107f1, type=0x1) returned 0xb00017
[0263.574] GetCurrentObject (hdc=0x2d0107f1, type=0x2) returned 0x900010
[0263.574] GetCurrentObject (hdc=0x2d0107f1, type=0x7) returned 0x4a0507fe
[0263.574] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.574] SaveDC (hdc=0x2d0107f1) returned 1
[0263.575] GetNearestColor (hdc=0x2d0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.575] GetNearestColor (hdc=0x2d0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.575] GetNearestColor (hdc=0x2d0107f1, color=0x696969) returned 0x696969
[0263.575] GetNearestColor (hdc=0x2d0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.575] GetNearestColor (hdc=0x2d0107f1, color=0x0) returned 0x0
[0263.575] GetNearestColor (hdc=0x2d0107f1, color=0xffffff) returned 0xffffff
[0263.575] GetNearestColor (hdc=0x2d0107f1, color=0xe5e5e5) returned 0xe5e5e5
[0263.584] GetNearestColor (hdc=0x2d0107f1, color=0xd7d7d7) returned 0xd7d7d7
[0263.584] GetNearestColor (hdc=0x2d0107f1, color=0x0) returned 0x0
[0263.584] RestoreDC (hdc=0x2d0107f1, nSavedDC=-1) returned 1
[0263.585] GdipReleaseDC (graphics=0x6600030, hdc=0x2d0107f1) returned 0x0
[0263.585] IsAppThemed () returned 0x1
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0263.585] SendMessageW (hWnd=0x2202c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0263.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0263.585] IsAppThemed () returned 0x1
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2ef4b74 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0263.585] IsAppThemed () returned 0x1
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] IsAppThemed () returned 0x1
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] GetThemeAppProperties () returned 0x3
[0263.585] GetFocus () returned 0x2a02d8
[0263.586] IsAppThemed () returned 0x1
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] IsAppThemed () returned 0x1
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] IsThemePartDefined () returned 0x1
[0263.586] IsAppThemed () returned 0x1
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.586] IsAppThemed () returned 0x1
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] IsAppThemed () returned 0x1
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] GetThemeAppProperties () returned 0x3
[0263.586] IsThemePartDefined () returned 0x1
[0263.586] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0263.586] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.586] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0263.586] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0263.586] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0263.586] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0263.586] LocalFree (hMem=0x11ee9f0) returned 0x0
[0263.586] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0263.587] LocalFree (hMem=0x11eea98) returned 0x0
[0263.587] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0263.587] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e018) returned 0x0
[0263.587] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e008) returned 0x0
[0263.587] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0263.587] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.587] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0263.587] GetCurrentObject (hdc=0x2d0107f1, type=0x1) returned 0xb00017
[0263.587] GetCurrentObject (hdc=0x2d0107f1, type=0x2) returned 0x900010
[0263.587] GetCurrentObject (hdc=0x2d0107f1, type=0x7) returned 0x4a0507fe
[0263.587] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.587] SaveDC (hdc=0x2d0107f1) returned 1
[0263.587] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1c0407de
[0263.587] GetClipRgn (hdc=0x2d0107f1, hrgn=0x1c0407de) returned 0
[0263.587] SelectClipRgn (hdc=0x2d0107f1, hrgn=0x8a040807) returned 2
[0263.587] DeleteObject (ho=0x1c0407de) returned 1
[0263.587] DeleteObject (ho=0x8a040807) returned 1
[0263.587] OffsetViewportOrgEx (in: hdc=0x2d0107f1, x=0, y=0, lppt=0x2ef5224 | out: lppt=0x2ef5224) returned 1
[0263.587] DrawThemeParentBackground () returned 0x0
[0263.588] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0263.588] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0263.588] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.588] GetSystemMetrics (nIndex=42) returned 0
[0263.588] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0263.588] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0263.588] GetCurrentObject (hdc=0x2d0107f1, type=0x1) returned 0xb00017
[0263.588] GetCurrentObject (hdc=0x2d0107f1, type=0x2) returned 0x900010
[0263.588] GetCurrentObject (hdc=0x2d0107f1, type=0x7) returned 0x4a0507fe
[0263.588] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.588] SaveDC (hdc=0x2d0107f1) returned 2
[0263.588] GetNearestColor (hdc=0x2d0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.588] CreateSolidBrush (color=0xf0f0f0) returned 0xd81007e1
[0263.588] FillRect (hDC=0x2d0107f1, lprc=0xd7da38, hbr=0xd81007e1) returned 1
[0263.588] DeleteObject (ho=0xd81007e1) returned 1
[0263.588] RestoreDC (hdc=0x2d0107f1, nSavedDC=-1) returned 1
[0263.588] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.589] GetSystemMetrics (nIndex=42) returned 0
[0263.589] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0263.589] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0263.589] GetCurrentObject (hdc=0x2d0107f1, type=0x1) returned 0xb00017
[0263.589] GetCurrentObject (hdc=0x2d0107f1, type=0x2) returned 0x900010
[0263.589] GetCurrentObject (hdc=0x2d0107f1, type=0x7) returned 0x4a0507fe
[0263.589] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.589] SaveDC (hdc=0x2d0107f1) returned 2
[0263.589] GetNearestColor (hdc=0x2d0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.589] CreateSolidBrush (color=0xf0f0f0) returned 0xd91007e1
[0263.589] FillRect (hDC=0x2d0107f1, lprc=0xd7d9d8, hbr=0xd91007e1) returned 1
[0263.589] DeleteObject (ho=0xd91007e1) returned 1
[0263.589] RestoreDC (hdc=0x2d0107f1, nSavedDC=-1) returned 1
[0263.589] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.589] GetSystemMetrics (nIndex=42) returned 0
[0263.589] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0263.590] RestoreDC (hdc=0x2d0107f1, nSavedDC=-1) returned 1
[0263.590] GdipReleaseDC (graphics=0x6600030, hdc=0x2d0107f1) returned 0x0
[0263.590] IsAppThemed () returned 0x1
[0263.590] GetThemeAppProperties () returned 0x3
[0263.590] GetThemeAppProperties () returned 0x3
[0263.590] IsAppThemed () returned 0x1
[0263.590] GetThemeAppProperties () returned 0x3
[0263.590] GetThemeAppProperties () returned 0x3
[0263.590] IsThemePartDefined () returned 0x1
[0263.590] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0263.590] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.590] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0263.590] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0263.590] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0263.590] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.590] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0263.590] LocalFree (hMem=0x11eec58) returned 0x0
[0263.590] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.590] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0263.590] LocalFree (hMem=0x11ee868) returned 0x0
[0263.590] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0263.590] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0263.590] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0263.591] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0263.591] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.591] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0263.591] GetCurrentObject (hdc=0x2d0107f1, type=0x1) returned 0xb00017
[0263.591] GetCurrentObject (hdc=0x2d0107f1, type=0x2) returned 0x900010
[0263.591] GetCurrentObject (hdc=0x2d0107f1, type=0x7) returned 0x4a0507fe
[0263.591] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.591] SaveDC (hdc=0x2d0107f1) returned 1
[0263.591] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b040807
[0263.591] GetClipRgn (hdc=0x2d0107f1, hrgn=0x8b040807) returned 0
[0263.591] SelectClipRgn (hdc=0x2d0107f1, hrgn=0x1e0407de) returned 2
[0263.591] DeleteObject (ho=0x8b040807) returned 1
[0263.592] DeleteObject (ho=0x1e0407de) returned 1
[0263.592] OffsetViewportOrgEx (in: hdc=0x2d0107f1, x=0, y=0, lppt=0x2ef5ba8 | out: lppt=0x2ef5ba8) returned 1
[0263.592] IsAppThemed () returned 0x1
[0263.592] GetThemeAppProperties () returned 0x3
[0263.592] GetThemeAppProperties () returned 0x3
[0263.592] DrawThemeBackground () returned 0x0
[0263.592] RestoreDC (hdc=0x2d0107f1, nSavedDC=-1) returned 1
[0263.592] GdipReleaseDC (graphics=0x6600030, hdc=0x2d0107f1) returned 0x0
[0263.592] GdipCreateRegion (region=0xd7df60) returned 0x0
[0263.592] GdipGetClip (graphics=0x6600030, region=0x6645878) returned 0x0
[0263.592] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0263.592] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0263.592] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0263.592] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.592] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0263.592] LocalFree (hMem=0x11ee868) returned 0x0
[0263.592] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0263.592] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea28) returned 0x0
[0263.592] LocalFree (hMem=0x11eea28) returned 0x0
[0263.592] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0263.592] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0263.592] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6600030, result=0xd7df90) returned 0x0
[0263.593] GdipGetRegionHRgn (region=0x6645878, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0263.593] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.593] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0263.593] GetCurrentObject (hdc=0x2d0107f1, type=0x1) returned 0xb00017
[0263.593] GetCurrentObject (hdc=0x2d0107f1, type=0x2) returned 0x900010
[0263.593] GetCurrentObject (hdc=0x2d0107f1, type=0x7) returned 0x4a0507fe
[0263.593] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.593] SaveDC (hdc=0x2d0107f1) returned 1
[0263.593] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f0407de
[0263.593] GetClipRgn (hdc=0x2d0107f1, hrgn=0x1f0407de) returned 0
[0263.593] SelectClipRgn (hdc=0x2d0107f1, hrgn=0x8c040807) returned 2
[0263.593] DeleteObject (ho=0x1f0407de) returned 1
[0263.593] DeleteObject (ho=0x8c040807) returned 1
[0263.593] OffsetViewportOrgEx (in: hdc=0x2d0107f1, x=0, y=0, lppt=0x2ef5e7c | out: lppt=0x2ef5e7c) returned 1
[0263.593] IsAppThemed () returned 0x1
[0263.593] GetThemeAppProperties () returned 0x3
[0263.593] GetThemeAppProperties () returned 0x3
[0263.593] GetThemeBackgroundContentRect () returned 0x0
[0263.593] RestoreDC (hdc=0x2d0107f1, nSavedDC=-1) returned 1
[0263.593] GdipReleaseDC (graphics=0x6600030, hdc=0x2d0107f1) returned 0x0
[0263.593] IsAppThemed () returned 0x1
[0263.593] GetThemeAppProperties () returned 0x3
[0263.594] GetThemeAppProperties () returned 0x3
[0263.594] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0263.594] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0263.594] GetCurrentObject (hdc=0x2d0107f1, type=0x1) returned 0xb00017
[0263.594] GetCurrentObject (hdc=0x2d0107f1, type=0x2) returned 0x900010
[0263.594] GetCurrentObject (hdc=0x2d0107f1, type=0x7) returned 0x4a0507fe
[0263.594] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.594] SaveDC (hdc=0x2d0107f1) returned 1
[0263.594] GetTextAlign (hdc=0x2d0107f1) returned 0x0
[0263.594] GetTextColor (hdc=0x2d0107f1) returned 0x0
[0263.594] GetCurrentObject (hdc=0x2d0107f1, type=0x6) returned 0x8a01c2
[0263.594] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0263.594] SelectObject (hdc=0x2d0107f1, h=0x6d0a0520) returned 0x8a01c2
[0263.594] GetBkMode (hdc=0x2d0107f1) returned 2
[0263.594] SetBkMode (hdc=0x2d0107f1, mode=1) returned 2
[0263.594] DrawTextExW (in: hdc=0x2d0107f1, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2ef621c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0263.595] DrawTextExW (in: hdc=0x2d0107f1, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ef621c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0263.595] RestoreDC (hdc=0x2d0107f1, nSavedDC=-1) returned 1
[0263.595] GdipReleaseDC (graphics=0x6600030, hdc=0x2d0107f1) returned 0x0
[0263.595] GetFocus () returned 0x2a02d8
[0263.595] IsAppThemed () returned 0x1
[0263.595] GetThemeAppProperties () returned 0x3
[0263.595] GetThemeAppProperties () returned 0x3
[0263.595] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0263.595] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x2d0107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.595] GdipReleaseDC (graphics=0x6600030, hdc=0x2d0107f1) returned 0x0
[0263.595] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.595] SelectObject (hdc=0x2d0107f1, h=0x85000f) returned 0x4a0507fe
[0263.595] DeleteDC (hdc=0x2d0107f1) returned 1
[0263.596] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.596] EndPaint (hWnd=0x2802da, lpPaint=0xd7e24c) returned 1
[0263.596] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.596] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.596] IsWindowUnicode (hWnd=0x2802dc) returned 1
[0263.596] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.596] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.596] SetCursor (hCursor=0x10003) returned 0x10003
[0263.596] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.596] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.596] _TrackMouseEvent (in: lpEventTrack=0x2ef6318 | out: lpEventTrack=0x2ef6318) returned 1
[0263.597] SendMessageW (hWnd=0x2802dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0263.597] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0263.597] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.597] GetKeyState (nVirtKey=1) returned 0
[0263.597] GetKeyState (nVirtKey=2) returned 0
[0263.597] GetKeyState (nVirtKey=4) returned 0
[0263.597] GetKeyState (nVirtKey=5) returned 0
[0263.597] GetKeyState (nVirtKey=6) returned 0
[0263.597] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.597] IsWindowUnicode (hWnd=0x2802dc) returned 1
[0263.597] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.597] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.597] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.597] BeginPaint (in: hWnd=0x2802dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0263.597] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.597] CreateCompatibleDC (hdc=0x60100ce) returned 0x2e0107f1
[0263.597] SelectObject (hdc=0x2e0107f1, h=0x4a0507fe) returned 0x85000f
[0263.597] GdipCreateFromHDC (hdc=0x2e0107f1, graphics=0xd7e268) returned 0x0
[0263.598] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.598] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0263.598] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0263.598] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0263.598] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0263.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.598] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0263.598] LocalFree (hMem=0x11ee868) returned 0x0
[0263.598] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0263.598] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0263.598] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0263.598] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0263.598] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0263.598] GdipRestoreGraphics (graphics=0x6600030, state=0xf78a0dbd) returned 0x0
[0263.598] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0263.598] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0263.598] GetCurrentObject (hdc=0x2e0107f1, type=0x1) returned 0xb00017
[0263.598] GetCurrentObject (hdc=0x2e0107f1, type=0x2) returned 0x900010
[0263.598] GetCurrentObject (hdc=0x2e0107f1, type=0x7) returned 0x4a0507fe
[0263.598] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.598] SaveDC (hdc=0x2e0107f1) returned 1
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0x696969) returned 0x696969
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0xa0a0a0) returned 0xa0a0a0
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0x0) returned 0x0
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0xffffff) returned 0xffffff
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0xe5e5e5) returned 0xe5e5e5
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0xd7d7d7) returned 0xd7d7d7
[0263.599] GetNearestColor (hdc=0x2e0107f1, color=0x0) returned 0x0
[0263.599] RestoreDC (hdc=0x2e0107f1, nSavedDC=-1) returned 1
[0263.599] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f1) returned 0x0
[0263.599] IsAppThemed () returned 0x1
[0263.599] GetThemeAppProperties () returned 0x3
[0263.599] GetThemeAppProperties () returned 0x3
[0263.599] IsAppThemed () returned 0x1
[0263.599] GetThemeAppProperties () returned 0x3
[0263.599] GetThemeAppProperties () returned 0x3
[0263.599] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2ef6a78 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0263.600] IsAppThemed () returned 0x1
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] IsAppThemed () returned 0x1
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] IsAppThemed () returned 0x1
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] IsAppThemed () returned 0x1
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] IsThemePartDefined () returned 0x1
[0263.600] IsAppThemed () returned 0x1
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.600] IsAppThemed () returned 0x1
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] GetThemeAppProperties () returned 0x3
[0263.600] IsAppThemed () returned 0x1
[0263.601] GetThemeAppProperties () returned 0x3
[0263.601] GetThemeAppProperties () returned 0x3
[0263.601] IsThemePartDefined () returned 0x1
[0263.601] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0263.601] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.601] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0263.601] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0263.601] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfe4) returned 0x0
[0263.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.601] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0263.601] LocalFree (hMem=0x11ee868) returned 0x0
[0263.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.601] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0263.601] LocalFree (hMem=0x11ee868) returned 0x0
[0263.601] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0263.601] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0263.601] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0263.601] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0263.601] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.601] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0263.601] GetCurrentObject (hdc=0x2e0107f1, type=0x1) returned 0xb00017
[0263.601] GetCurrentObject (hdc=0x2e0107f1, type=0x2) returned 0x900010
[0263.601] GetCurrentObject (hdc=0x2e0107f1, type=0x7) returned 0x4a0507fe
[0263.601] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.602] SaveDC (hdc=0x2e0107f1) returned 1
[0263.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8d040807
[0263.602] GetClipRgn (hdc=0x2e0107f1, hrgn=0x8d040807) returned 0
[0263.602] SelectClipRgn (hdc=0x2e0107f1, hrgn=0x230407de) returned 2
[0263.602] DeleteObject (ho=0x8d040807) returned 1
[0263.602] DeleteObject (ho=0x230407de) returned 1
[0263.602] OffsetViewportOrgEx (in: hdc=0x2e0107f1, x=0, y=0, lppt=0x2ef7128 | out: lppt=0x2ef7128) returned 1
[0263.602] DrawThemeParentBackground () returned 0x0
[0263.602] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0263.602] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0263.602] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.602] GetSystemMetrics (nIndex=42) returned 0
[0263.602] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0263.602] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0263.602] GetCurrentObject (hdc=0x2e0107f1, type=0x1) returned 0xb00017
[0263.602] GetCurrentObject (hdc=0x2e0107f1, type=0x2) returned 0x900010
[0263.602] GetCurrentObject (hdc=0x2e0107f1, type=0x7) returned 0x4a0507fe
[0263.603] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.603] SaveDC (hdc=0x2e0107f1) returned 2
[0263.603] GetNearestColor (hdc=0x2e0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.603] CreateSolidBrush (color=0xf0f0f0) returned 0xda1007e1
[0263.603] FillRect (hDC=0x2e0107f1, lprc=0xd7da30, hbr=0xda1007e1) returned 1
[0263.603] DeleteObject (ho=0xda1007e1) returned 1
[0263.603] RestoreDC (hdc=0x2e0107f1, nSavedDC=-1) returned 1
[0263.603] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.603] GetSystemMetrics (nIndex=42) returned 0
[0263.603] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0263.603] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0263.603] GetCurrentObject (hdc=0x2e0107f1, type=0x1) returned 0xb00017
[0263.603] GetCurrentObject (hdc=0x2e0107f1, type=0x2) returned 0x900010
[0263.603] GetCurrentObject (hdc=0x2e0107f1, type=0x7) returned 0x4a0507fe
[0263.603] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.603] SaveDC (hdc=0x2e0107f1) returned 2
[0263.603] GetNearestColor (hdc=0x2e0107f1, color=0xf0f0f0) returned 0xf0f0f0
[0263.603] CreateSolidBrush (color=0xf0f0f0) returned 0xdb1007e1
[0263.604] FillRect (hDC=0x2e0107f1, lprc=0xd7d9d0, hbr=0xdb1007e1) returned 1
[0263.604] DeleteObject (ho=0xdb1007e1) returned 1
[0263.604] RestoreDC (hdc=0x2e0107f1, nSavedDC=-1) returned 1
[0263.604] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.604] GetSystemMetrics (nIndex=42) returned 0
[0263.604] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0263.604] RestoreDC (hdc=0x2e0107f1, nSavedDC=-1) returned 1
[0263.604] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f1) returned 0x0
[0263.604] IsAppThemed () returned 0x1
[0263.604] GetThemeAppProperties () returned 0x3
[0263.604] GetThemeAppProperties () returned 0x3
[0263.604] IsAppThemed () returned 0x1
[0263.604] GetThemeAppProperties () returned 0x3
[0263.604] GetThemeAppProperties () returned 0x3
[0263.604] IsThemePartDefined () returned 0x1
[0263.604] GdipCreateRegion (region=0xd7df50) returned 0x0
[0263.604] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.604] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0263.605] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0263.605] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df68) returned 0x0
[0263.605] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.605] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0263.605] LocalFree (hMem=0x11eec58) returned 0x0
[0263.605] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0263.605] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eead0) returned 0x0
[0263.605] LocalFree (hMem=0x11eead0) returned 0x0
[0263.605] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0263.605] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df90) returned 0x0
[0263.605] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df80) returned 0x0
[0263.605] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0263.605] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.605] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0263.605] GetCurrentObject (hdc=0x2e0107f1, type=0x1) returned 0xb00017
[0263.605] GetCurrentObject (hdc=0x2e0107f1, type=0x2) returned 0x900010
[0263.605] GetCurrentObject (hdc=0x2e0107f1, type=0x7) returned 0x4a0507fe
[0263.605] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.605] SaveDC (hdc=0x2e0107f1) returned 1
[0263.605] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x240407de
[0263.605] GetClipRgn (hdc=0x2e0107f1, hrgn=0x240407de) returned 0
[0263.606] SelectClipRgn (hdc=0x2e0107f1, hrgn=0x8f040807) returned 2
[0263.606] DeleteObject (ho=0x240407de) returned 1
[0263.606] DeleteObject (ho=0x8f040807) returned 1
[0263.606] OffsetViewportOrgEx (in: hdc=0x2e0107f1, x=0, y=0, lppt=0x2ef7aac | out: lppt=0x2ef7aac) returned 1
[0263.606] IsAppThemed () returned 0x1
[0263.606] GetThemeAppProperties () returned 0x3
[0263.606] GetThemeAppProperties () returned 0x3
[0263.606] DrawThemeBackground () returned 0x0
[0263.606] RestoreDC (hdc=0x2e0107f1, nSavedDC=-1) returned 1
[0263.606] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f1) returned 0x0
[0263.606] GdipCreateRegion (region=0xd7df54) returned 0x0
[0263.606] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0263.606] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0263.606] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0263.632] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df6c) returned 0x0
[0263.632] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.632] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0263.632] LocalFree (hMem=0x11ee868) returned 0x0
[0263.632] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.632] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0263.632] LocalFree (hMem=0x11ee868) returned 0x0
[0263.633] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0263.633] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df94) returned 0x0
[0263.633] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df84) returned 0x0
[0263.633] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0263.633] GdipDeleteRegion (region=0x6645518) returned 0x0
[0263.633] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0263.633] GetCurrentObject (hdc=0x2e0107f1, type=0x1) returned 0xb00017
[0263.633] GetCurrentObject (hdc=0x2e0107f1, type=0x2) returned 0x900010
[0263.633] GetCurrentObject (hdc=0x2e0107f1, type=0x7) returned 0x4a0507fe
[0263.633] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.633] SaveDC (hdc=0x2e0107f1) returned 1
[0263.633] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90040807
[0263.633] GetClipRgn (hdc=0x2e0107f1, hrgn=0x90040807) returned 0
[0263.633] SelectClipRgn (hdc=0x2e0107f1, hrgn=0x250407de) returned 2
[0263.633] DeleteObject (ho=0x90040807) returned 1
[0263.633] DeleteObject (ho=0x250407de) returned 1
[0263.633] OffsetViewportOrgEx (in: hdc=0x2e0107f1, x=0, y=0, lppt=0x2ef7d80 | out: lppt=0x2ef7d80) returned 1
[0263.633] IsAppThemed () returned 0x1
[0263.634] GetThemeAppProperties () returned 0x3
[0263.634] GetThemeAppProperties () returned 0x3
[0263.634] GetThemeBackgroundContentRect () returned 0x0
[0263.634] RestoreDC (hdc=0x2e0107f1, nSavedDC=-1) returned 1
[0263.634] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f1) returned 0x0
[0263.634] IsAppThemed () returned 0x1
[0263.634] GetThemeAppProperties () returned 0x3
[0263.634] GetThemeAppProperties () returned 0x3
[0263.634] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0263.634] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0263.634] GetCurrentObject (hdc=0x2e0107f1, type=0x1) returned 0xb00017
[0263.634] GetCurrentObject (hdc=0x2e0107f1, type=0x2) returned 0x900010
[0263.634] GetCurrentObject (hdc=0x2e0107f1, type=0x7) returned 0x4a0507fe
[0263.634] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.634] SaveDC (hdc=0x2e0107f1) returned 1
[0263.634] GetTextAlign (hdc=0x2e0107f1) returned 0x0
[0263.634] GetTextColor (hdc=0x2e0107f1) returned 0x0
[0263.634] GetCurrentObject (hdc=0x2e0107f1, type=0x6) returned 0x8a01c2
[0263.634] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0263.634] SelectObject (hdc=0x2e0107f1, h=0x6d0a0520) returned 0x8a01c2
[0263.634] GetBkMode (hdc=0x2e0107f1) returned 2
[0263.634] SetBkMode (hdc=0x2e0107f1, mode=1) returned 2
[0263.635] DrawTextExW (in: hdc=0x2e0107f1, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2ef8120 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0263.635] DrawTextExW (in: hdc=0x2e0107f1, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2ef8120 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0263.635] RestoreDC (hdc=0x2e0107f1, nSavedDC=-1) returned 1
[0263.635] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f1) returned 0x0
[0263.635] GetFocus () returned 0x2a02d8
[0263.635] IsAppThemed () returned 0x1
[0263.635] GetThemeAppProperties () returned 0x3
[0263.635] GetThemeAppProperties () returned 0x3
[0263.635] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0263.635] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x2e0107f1, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.636] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107f1) returned 0x0
[0263.636] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.636] SelectObject (hdc=0x2e0107f1, h=0x85000f) returned 0x4a0507fe
[0263.636] DeleteDC (hdc=0x2e0107f1) returned 1
[0263.636] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.636] EndPaint (hWnd=0x2802dc, lpPaint=0xd7e24c) returned 1
[0263.636] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0263.637] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.637] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0263.643] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.643] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.643] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.643] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0263.644] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.644] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.644] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.644] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.644] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.645] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.645] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.645] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.645] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.645] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0263.645] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.645] CreateCompatibleDC (hdc=0x107b9) returned 0x590107eb
[0263.645] SelectObject (hdc=0x590107eb, h=0x4a0507fe) returned 0x85000f
[0263.646] GdipCreateFromHDC (hdc=0x590107eb, graphics=0xd7e268) returned 0x0
[0263.646] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.646] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0263.646] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0263.646] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0263.646] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2c8) returned 0x0
[0263.646] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.646] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0263.646] LocalFree (hMem=0x11eec58) returned 0x0
[0263.646] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0263.646] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0263.646] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0263.646] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0263.646] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0263.646] GdipRestoreGraphics (graphics=0x6600030, state=0xf7880dbd) returned 0x0
[0263.646] GdipDeleteRegion (region=0x6645998) returned 0x0
[0263.646] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0263.646] GetCurrentObject (hdc=0x590107eb, type=0x1) returned 0xb00017
[0263.646] GetCurrentObject (hdc=0x590107eb, type=0x2) returned 0x900010
[0263.647] GetCurrentObject (hdc=0x590107eb, type=0x7) returned 0x4a0507fe
[0263.647] GetCurrentObject (hdc=0x590107eb, type=0x6) returned 0x8a01c2
[0263.647] SaveDC (hdc=0x590107eb) returned 1
[0263.647] GetNearestColor (hdc=0x590107eb, color=0xff) returned 0xff
[0263.647] GetNearestColor (hdc=0x590107eb, color=0x55) returned 0x55
[0263.647] GetNearestColor (hdc=0x590107eb, color=0x0) returned 0x0
[0263.647] GetNearestColor (hdc=0x590107eb, color=0x55) returned 0x55
[0263.647] GetNearestColor (hdc=0x590107eb, color=0x0) returned 0x0
[0263.647] GetNearestColor (hdc=0x590107eb, color=0x8080ff) returned 0x8080ff
[0263.647] GetNearestColor (hdc=0x590107eb, color=0x7373e5) returned 0x7373e5
[0263.647] GetNearestColor (hdc=0x590107eb, color=0xe5) returned 0xe5
[0263.647] GetNearestColor (hdc=0x590107eb, color=0x0) returned 0x0
[0263.647] RestoreDC (hdc=0x590107eb, nSavedDC=-1) returned 1
[0263.647] GdipReleaseDC (graphics=0x6600030, hdc=0x590107eb) returned 0x0
[0263.647] IsAppThemed () returned 0x1
[0263.647] GetThemeAppProperties () returned 0x3
[0263.647] GetThemeAppProperties () returned 0x3
[0263.648] IsAppThemed () returned 0x1
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2ef88e8 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0263.648] IsAppThemed () returned 0x1
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] IsAppThemed () returned 0x1
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] GetFocus () returned 0x2a02d8
[0263.648] IsAppThemed () returned 0x1
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] IsAppThemed () returned 0x1
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] GetThemeAppProperties () returned 0x3
[0263.648] IsThemePartDefined () returned 0x1
[0263.648] IsAppThemed () returned 0x1
[0263.648] GetThemeAppProperties () returned 0x3
[0263.649] GetThemeAppProperties () returned 0x3
[0263.649] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.649] IsAppThemed () returned 0x1
[0263.649] GetThemeAppProperties () returned 0x3
[0263.649] GetThemeAppProperties () returned 0x3
[0263.649] IsAppThemed () returned 0x1
[0263.649] GetThemeAppProperties () returned 0x3
[0263.649] GetThemeAppProperties () returned 0x3
[0263.649] IsThemePartDefined () returned 0x1
[0263.649] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0263.649] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0263.649] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0263.649] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0263.649] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0263.649] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0263.649] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0263.649] LocalFree (hMem=0x11eecc8) returned 0x0
[0263.649] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0263.649] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea28) returned 0x0
[0263.649] LocalFree (hMem=0x11eea28) returned 0x0
[0263.649] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0263.649] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0263.649] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0263.649] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0263.649] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0263.650] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0263.650] GetCurrentObject (hdc=0x590107eb, type=0x1) returned 0xb00017
[0263.650] GetCurrentObject (hdc=0x590107eb, type=0x2) returned 0x900010
[0263.650] GetCurrentObject (hdc=0x590107eb, type=0x7) returned 0x4a0507fe
[0263.650] GetCurrentObject (hdc=0x590107eb, type=0x6) returned 0x8a01c2
[0263.650] SaveDC (hdc=0x590107eb) returned 1
[0263.650] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x260407de
[0263.650] GetClipRgn (hdc=0x590107eb, hrgn=0x260407de) returned 0
[0263.650] SelectClipRgn (hdc=0x590107eb, hrgn=0x94040807) returned 2
[0263.650] DeleteObject (ho=0x260407de) returned 1
[0263.650] DeleteObject (ho=0x94040807) returned 1
[0263.650] OffsetViewportOrgEx (in: hdc=0x590107eb, x=0, y=0, lppt=0x2ef8f98 | out: lppt=0x2ef8f98) returned 1
[0263.650] DrawThemeParentBackground () returned 0x0
[0263.650] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0263.650] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0263.650] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.650] GetSystemMetrics (nIndex=42) returned 0
[0263.651] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0263.651] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0263.651] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0263.651] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0263.651] SelectPalette (hdc=0x590107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.651] GdipCreateFromHDC (hdc=0x590107eb, graphics=0xd7dac8) returned 0x0
[0263.651] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0263.651] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0263.651] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638cc8) returned 0x0
[0263.651] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7daa0) returned 0x0
[0263.651] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0263.651] GdipCreateRegion (region=0xd7da88) returned 0x0
[0263.651] GdipGetClip (graphics=0x6640bc0, region=0x6645248) returned 0x0
[0263.651] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6640bc0, result=0xd7da94) returned 0x0
[0263.651] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.651] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dac0) returned 0x0
[0263.651] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0263.658] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6635938, x=0, y=0, width=801, height=453) returned 0x0
[0263.658] GdipDeleteBrush (brush=0x6635938) returned 0x0
[0263.659] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0263.659] SelectPalette (hdc=0x590107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.659] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.659] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.659] GetSystemMetrics (nIndex=42) returned 0
[0263.659] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.660] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0263.660] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0263.660] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0263.660] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0263.660] SelectPalette (hdc=0x590107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.660] GdipCreateFromHDC (hdc=0x590107eb, graphics=0xd7da68) returned 0x0
[0263.660] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0263.660] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0263.660] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638ba8) returned 0x0
[0263.660] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7da40) returned 0x0
[0263.660] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0263.660] GdipCreateRegion (region=0xd7da28) returned 0x0
[0263.660] GdipGetClip (graphics=0x6640bc0, region=0x6645248) returned 0x0
[0263.660] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6640bc0, result=0xd7da34) returned 0x0
[0263.660] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.660] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7da60) returned 0x0
[0263.660] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0263.666] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6635800, x=0, y=0, width=801, height=453) returned 0x0
[0263.666] GdipDeleteBrush (brush=0x6635800) returned 0x0
[0263.667] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf7840dbd) returned 0x0
[0263.667] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.667] GetSystemMetrics (nIndex=42) returned 0
[0263.668] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0263.668] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0263.668] SelectPalette (hdc=0x590107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.668] RestoreDC (hdc=0x590107eb, nSavedDC=-1) returned 1
[0263.668] GdipReleaseDC (graphics=0x6600030, hdc=0x590107eb) returned 0x0
[0263.668] IsAppThemed () returned 0x1
[0263.668] GetThemeAppProperties () returned 0x3
[0263.668] GetThemeAppProperties () returned 0x3
[0263.668] IsAppThemed () returned 0x1
[0263.668] GetThemeAppProperties () returned 0x3
[0263.668] GetThemeAppProperties () returned 0x3
[0263.668] IsThemePartDefined () returned 0x1
[0263.668] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0263.668] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.668] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0263.668] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0263.669] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0263.669] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.669] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0263.675] LocalFree (hMem=0x11ee868) returned 0x0
[0263.675] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0263.675] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0263.675] LocalFree (hMem=0x11ee8d8) returned 0x0
[0263.675] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0263.675] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0263.675] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0263.675] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0263.675] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.675] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0263.675] GetCurrentObject (hdc=0x590107eb, type=0x1) returned 0xb00017
[0263.675] GetCurrentObject (hdc=0x590107eb, type=0x2) returned 0x900010
[0263.675] GetCurrentObject (hdc=0x590107eb, type=0x7) returned 0x4a0507fe
[0263.676] GetCurrentObject (hdc=0x590107eb, type=0x6) returned 0x8a01c2
[0263.676] SaveDC (hdc=0x590107eb) returned 1
[0263.676] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x95040807
[0263.676] GetClipRgn (hdc=0x590107eb, hrgn=0x95040807) returned 0
[0263.676] SelectClipRgn (hdc=0x590107eb, hrgn=0x280407de) returned 2
[0263.676] DeleteObject (ho=0x95040807) returned 1
[0263.676] DeleteObject (ho=0x280407de) returned 1
[0263.676] OffsetViewportOrgEx (in: hdc=0x590107eb, x=0, y=0, lppt=0x2eff7e8 | out: lppt=0x2eff7e8) returned 1
[0263.676] IsAppThemed () returned 0x1
[0263.676] GetThemeAppProperties () returned 0x3
[0263.676] GetThemeAppProperties () returned 0x3
[0263.676] DrawThemeBackground () returned 0x0
[0263.676] RestoreDC (hdc=0x590107eb, nSavedDC=-1) returned 1
[0263.676] GdipReleaseDC (graphics=0x6600030, hdc=0x590107eb) returned 0x0
[0263.676] GdipCreateRegion (region=0xd7df60) returned 0x0
[0263.676] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.676] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0263.676] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0263.676] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0263.677] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0263.677] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0263.677] LocalFree (hMem=0x11ee868) returned 0x0
[0263.677] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0263.677] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0263.677] LocalFree (hMem=0x11ee9f0) returned 0x0
[0263.677] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0263.677] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0263.677] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df90) returned 0x0
[0263.677] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0263.677] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.677] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0263.677] GetCurrentObject (hdc=0x590107eb, type=0x1) returned 0xb00017
[0263.677] GetCurrentObject (hdc=0x590107eb, type=0x2) returned 0x900010
[0263.677] GetCurrentObject (hdc=0x590107eb, type=0x7) returned 0x4a0507fe
[0263.677] GetCurrentObject (hdc=0x590107eb, type=0x6) returned 0x8a01c2
[0263.677] SaveDC (hdc=0x590107eb) returned 1
[0263.677] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x290407de
[0263.677] GetClipRgn (hdc=0x590107eb, hrgn=0x290407de) returned 0
[0263.677] SelectClipRgn (hdc=0x590107eb, hrgn=0x96040807) returned 2
[0263.677] DeleteObject (ho=0x290407de) returned 1
[0263.677] DeleteObject (ho=0x96040807) returned 1
[0263.678] OffsetViewportOrgEx (in: hdc=0x590107eb, x=0, y=0, lppt=0x2effabc | out: lppt=0x2effabc) returned 1
[0263.678] IsAppThemed () returned 0x1
[0263.678] GetThemeAppProperties () returned 0x3
[0263.678] GetThemeAppProperties () returned 0x3
[0263.678] GetThemeBackgroundContentRect () returned 0x0
[0263.678] RestoreDC (hdc=0x590107eb, nSavedDC=-1) returned 1
[0263.678] GdipReleaseDC (graphics=0x6600030, hdc=0x590107eb) returned 0x0
[0263.678] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0263.678] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0263.678] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0263.678] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0263.678] IsAppThemed () returned 0x1
[0263.678] GetThemeAppProperties () returned 0x3
[0263.678] GetThemeAppProperties () returned 0x3
[0263.678] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0263.678] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0263.678] GetCurrentObject (hdc=0x590107eb, type=0x1) returned 0xb00017
[0263.678] GetCurrentObject (hdc=0x590107eb, type=0x2) returned 0x900010
[0263.678] GetCurrentObject (hdc=0x590107eb, type=0x7) returned 0x4a0507fe
[0263.678] GetCurrentObject (hdc=0x590107eb, type=0x6) returned 0x8a01c2
[0263.678] SaveDC (hdc=0x590107eb) returned 1
[0263.678] GetTextAlign (hdc=0x590107eb) returned 0x0
[0263.679] GetTextColor (hdc=0x590107eb) returned 0x0
[0263.679] GetCurrentObject (hdc=0x590107eb, type=0x6) returned 0x8a01c2
[0263.679] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0263.679] SelectObject (hdc=0x590107eb, h=0x6d0a0520) returned 0x8a01c2
[0263.679] GetBkMode (hdc=0x590107eb) returned 2
[0263.679] SetBkMode (hdc=0x590107eb, mode=1) returned 2
[0263.679] DrawTextExW (in: hdc=0x590107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2effe80 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0263.679] DrawTextExW (in: hdc=0x590107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2effe80 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0263.680] RestoreDC (hdc=0x590107eb, nSavedDC=-1) returned 1
[0263.680] GdipReleaseDC (graphics=0x6600030, hdc=0x590107eb) returned 0x0
[0263.680] GetFocus () returned 0x2a02d8
[0263.680] IsAppThemed () returned 0x1
[0263.680] GetThemeAppProperties () returned 0x3
[0263.680] GetThemeAppProperties () returned 0x3
[0263.680] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0263.680] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x590107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.680] GdipReleaseDC (graphics=0x6600030, hdc=0x590107eb) returned 0x0
[0263.680] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.680] SelectObject (hdc=0x590107eb, h=0x85000f) returned 0x4a0507fe
[0263.680] DeleteDC (hdc=0x590107eb) returned 1
[0263.680] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.680] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0263.681] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.681] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.681] WaitMessage () returned 1
[0263.686] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.686] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.686] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.686] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.686] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.687] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.687] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.687] WaitMessage () returned 1
[0263.688] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.688] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.688] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.688] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.688] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.689] WaitMessage () returned 1
[0263.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.689] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.689] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.689] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.689] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.690] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.691] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.691] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.691] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.691] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.691] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.691] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.691] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.691] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.691] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.691] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.693] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.693] WaitMessage () returned 1
[0263.693] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.693] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.693] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.693] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.693] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.694] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.694] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.694] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.694] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.694] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.695] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.695] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.695] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.695] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.695] WaitMessage () returned 1
[0263.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.696] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.696] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.696] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.696] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.697] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.697] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.697] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.697] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.697] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.697] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.697] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.697] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.697] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.697] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.697] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.698] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.698] WaitMessage () returned 1
[0263.698] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.698] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.698] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.698] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.698] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.699] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.700] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.700] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.700] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.700] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.703] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.704] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.704] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.704] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.704] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.704] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.705] IsWindowUnicode (hWnd=0x2802dc) returned 1
[0263.705] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.705] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.705] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.705] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.705] IsWindowUnicode (hWnd=0x2802dc) returned 1
[0263.705] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.705] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.705] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x2a1, wParam=0x0, lParam=0xb003e) returned 0x0
[0263.705] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.705] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0263.705] WaitMessage () returned 1
[0263.815] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.815] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.815] IsWindowUnicode (hWnd=0x2802dc) returned 1
[0263.815] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.815] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.815] GetDlgItem (hDlg=0x2202c8, nIDDlgItem=0) returned 0x0
[0263.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x210, wParam=0x201, lParam=0x69011f) returned 0x0
[0263.815] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x21, wParam=0x2202c8, lParam=0x2010001) returned 0x1
[0263.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x21, wParam=0x2202c8, lParam=0x2010001) returned 0x1
[0263.816] SetCursor (hCursor=0x10003) returned 0x10003
[0263.816] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.816] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.816] GetKeyState (nVirtKey=1) returned -127
[0263.816] GetKeyState (nVirtKey=2) returned 0
[0263.816] GetKeyState (nVirtKey=4) returned 0
[0263.816] GetKeyState (nVirtKey=5) returned 0
[0263.816] GetKeyState (nVirtKey=6) returned 0
[0263.816] IsWindowVisible (hWnd=0x2802dc) returned 1
[0263.816] IsWindowEnabled (hWnd=0x2802dc) returned 1
[0263.816] SetFocus (hWnd=0x2802dc) returned 0x2a02d8
[0263.816] GetFocus () returned 0x2802dc
[0263.816] IsChild (hWndParent=0x2202c8, hWnd=0x2802dc) returned 1
[0263.816] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x8, wParam=0x2802dc, lParam=0x0) returned 0x0
[0263.816] GetCapture () returned 0x0
[0263.816] InvalidateRect (hWnd=0x2a02d8, lpRect=0x0, bErase=0) returned 1
[0263.817] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0263.818] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0263.820] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.820] InvalidateRect (hWnd=0x2a02d8, lpRect=0x0, bErase=0) returned 1
[0263.820] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x7, wParam=0x2a02d8, lParam=0x0) returned 0x0
[0263.820] GetStockObject (i=5) returned 0x900015
[0263.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0263.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0263.820] GetDlgItem (hDlg=0x2202c8, nIDDlgItem=2622172) returned 0x2802dc
[0263.820] SendMessageW (hWnd=0x2802dc, Msg=0x202b, wParam=0x2802dc, lParam=0xd7dddc) returned 0x0
[0263.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x202b, wParam=0x2802dc, lParam=0xd7dddc) returned 0x0
[0263.820] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.822] GetFocus () returned 0x2802dc
[0263.822] GetFocus () returned 0x2802dc
[0263.822] GetFocus () returned 0x2802dc
[0263.822] GetKeyState (nVirtKey=1) returned -127
[0263.822] GetKeyState (nVirtKey=2) returned 0
[0263.822] GetKeyState (nVirtKey=4) returned 0
[0263.822] GetKeyState (nVirtKey=5) returned 0
[0263.822] GetKeyState (nVirtKey=6) returned 0
[0263.822] GetCapture () returned 0x0
[0263.822] SetCapture (hWnd=0x2802dc) returned 0x0
[0263.822] GetKeyState (nVirtKey=1) returned -127
[0263.822] GetKeyState (nVirtKey=2) returned 0
[0263.822] GetKeyState (nVirtKey=4) returned 0
[0263.822] GetKeyState (nVirtKey=5) returned 0
[0263.822] GetKeyState (nVirtKey=6) returned 0
[0263.822] NotifyWinEvent (event=0x800a, hwnd=0x2802dc, idObject=-4, idChild=0)
[0263.822] InvalidateRect (hWnd=0x2802dc, lpRect=0xd7e430, bErase=0) returned 1
[0263.822] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.822] IsWindowUnicode (hWnd=0x2802dc) returned 1
[0263.822] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.822] TranslateMessage (lpMsg=0xd7e808) returned 0
[0263.822] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0263.823] MapWindowPoints (in: hWndFrom=0x2802dc, hWndTo=0x0, lpPoints=0x2f0016c, cPoints=0x1 | out: lpPoints=0x2f0016c) returned 30999254
[0263.823] NotifyWinEvent (event=0x800a, hwnd=0x2802dc, idObject=-4, idChild=0)
[0263.823] InvalidateRect (hWnd=0x2802dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0263.823] UpdateWindow (hWnd=0x2802dc) returned 1
[0263.823] BeginPaint (in: hWnd=0x2802dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0263.823] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.823] CreateCompatibleDC (hdc=0x60100ce) returned 0x5c0107e8
[0263.823] SelectObject (hdc=0x5c0107e8, h=0x4a0507fe) returned 0x85000f
[0263.823] GdipCreateFromHDC (hdc=0x5c0107e8, graphics=0xd7df00) returned 0x0
[0263.823] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.823] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0263.823] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0263.823] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0263.823] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df60) returned 0x0
[0263.823] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.823] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0263.824] LocalFree (hMem=0x11ee788) returned 0x0
[0263.824] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0263.824] GdipCreateRegion (region=0xd7df48) returned 0x0
[0263.824] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.824] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7df54) returned 0x0
[0263.824] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0263.824] GdipRestoreGraphics (graphics=0x6600030, state=0xf7820dbd) returned 0x0
[0263.824] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.824] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0263.824] GetCurrentObject (hdc=0x5c0107e8, type=0x1) returned 0xb00017
[0263.824] GetCurrentObject (hdc=0x5c0107e8, type=0x2) returned 0x900010
[0263.824] GetCurrentObject (hdc=0x5c0107e8, type=0x7) returned 0x4a0507fe
[0263.824] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.824] SaveDC (hdc=0x5c0107e8) returned 1
[0263.824] GetNearestColor (hdc=0x5c0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0263.824] GetNearestColor (hdc=0x5c0107e8, color=0xa0a0a0) returned 0xa0a0a0
[0263.824] GetNearestColor (hdc=0x5c0107e8, color=0x696969) returned 0x696969
[0263.824] GetNearestColor (hdc=0x5c0107e8, color=0xa0a0a0) returned 0xa0a0a0
[0263.824] GetNearestColor (hdc=0x5c0107e8, color=0x0) returned 0x0
[0263.825] GetNearestColor (hdc=0x5c0107e8, color=0xffffff) returned 0xffffff
[0263.825] GetNearestColor (hdc=0x5c0107e8, color=0xe5e5e5) returned 0xe5e5e5
[0263.825] GetNearestColor (hdc=0x5c0107e8, color=0xd7d7d7) returned 0xd7d7d7
[0263.825] GetNearestColor (hdc=0x5c0107e8, color=0x0) returned 0x0
[0263.825] RestoreDC (hdc=0x5c0107e8, nSavedDC=-1) returned 1
[0263.825] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107e8) returned 0x0
[0263.828] IsAppThemed () returned 0x1
[0263.828] GetThemeAppProperties () returned 0x3
[0263.828] GetThemeAppProperties () returned 0x3
[0263.828] IsAppThemed () returned 0x1
[0263.828] GetThemeAppProperties () returned 0x3
[0263.828] GetThemeAppProperties () returned 0x3
[0263.828] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2f008c4 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0263.828] IsAppThemed () returned 0x1
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] IsAppThemed () returned 0x1
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] IsAppThemed () returned 0x1
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] IsAppThemed () returned 0x1
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] IsThemePartDefined () returned 0x1
[0263.829] IsAppThemed () returned 0x1
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.829] IsAppThemed () returned 0x1
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] IsAppThemed () returned 0x1
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] GetThemeAppProperties () returned 0x3
[0263.829] IsThemePartDefined () returned 0x1
[0263.829] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0263.829] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.830] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0263.830] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0263.830] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc7c) returned 0x0
[0263.830] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0263.830] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0263.830] LocalFree (hMem=0x11ee9f0) returned 0x0
[0263.830] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.830] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0263.830] LocalFree (hMem=0x11eec58) returned 0x0
[0263.830] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0263.830] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0263.830] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0263.830] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0263.830] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.830] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0263.830] GetCurrentObject (hdc=0x5c0107e8, type=0x1) returned 0xb00017
[0263.830] GetCurrentObject (hdc=0x5c0107e8, type=0x2) returned 0x900010
[0263.830] GetCurrentObject (hdc=0x5c0107e8, type=0x7) returned 0x4a0507fe
[0263.831] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.831] SaveDC (hdc=0x5c0107e8) returned 1
[0263.831] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x97040807
[0263.831] GetClipRgn (hdc=0x5c0107e8, hrgn=0x97040807) returned 0
[0263.831] SelectClipRgn (hdc=0x5c0107e8, hrgn=0x2d0407de) returned 2
[0263.831] DeleteObject (ho=0x97040807) returned 1
[0263.831] DeleteObject (ho=0x2d0407de) returned 1
[0263.831] OffsetViewportOrgEx (in: hdc=0x5c0107e8, x=0, y=0, lppt=0x2f00f74 | out: lppt=0x2f00f74) returned 1
[0263.831] DrawThemeParentBackground () returned 0x0
[0263.831] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0263.831] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0263.831] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.831] GetSystemMetrics (nIndex=42) returned 0
[0263.831] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0263.831] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0263.831] GetCurrentObject (hdc=0x5c0107e8, type=0x1) returned 0xb00017
[0263.832] GetCurrentObject (hdc=0x5c0107e8, type=0x2) returned 0x900010
[0263.832] GetCurrentObject (hdc=0x5c0107e8, type=0x7) returned 0x4a0507fe
[0263.832] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.832] SaveDC (hdc=0x5c0107e8) returned 2
[0263.832] GetNearestColor (hdc=0x5c0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0263.832] CreateSolidBrush (color=0xf0f0f0) returned 0xdc1007e1
[0263.832] FillRect (hDC=0x5c0107e8, lprc=0xd7d6c8, hbr=0xdc1007e1) returned 1
[0263.832] DeleteObject (ho=0xdc1007e1) returned 1
[0263.832] RestoreDC (hdc=0x5c0107e8, nSavedDC=-1) returned 1
[0263.832] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.832] GetSystemMetrics (nIndex=42) returned 0
[0263.832] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0263.832] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0263.832] GetCurrentObject (hdc=0x5c0107e8, type=0x1) returned 0xb00017
[0263.832] GetCurrentObject (hdc=0x5c0107e8, type=0x2) returned 0x900010
[0263.832] GetCurrentObject (hdc=0x5c0107e8, type=0x7) returned 0x4a0507fe
[0263.832] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.832] SaveDC (hdc=0x5c0107e8) returned 2
[0263.832] GetNearestColor (hdc=0x5c0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0263.832] CreateSolidBrush (color=0xf0f0f0) returned 0xdd1007e1
[0263.833] FillRect (hDC=0x5c0107e8, lprc=0xd7d668, hbr=0xdd1007e1) returned 1
[0263.833] DeleteObject (ho=0xdd1007e1) returned 1
[0263.833] RestoreDC (hdc=0x5c0107e8, nSavedDC=-1) returned 1
[0263.833] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.833] GetSystemMetrics (nIndex=42) returned 0
[0263.833] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0263.833] RestoreDC (hdc=0x5c0107e8, nSavedDC=-1) returned 1
[0263.833] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107e8) returned 0x0
[0263.833] IsAppThemed () returned 0x1
[0263.833] GetThemeAppProperties () returned 0x3
[0263.833] GetThemeAppProperties () returned 0x3
[0263.833] IsAppThemed () returned 0x1
[0263.833] GetThemeAppProperties () returned 0x3
[0263.833] GetThemeAppProperties () returned 0x3
[0263.833] IsThemePartDefined () returned 0x1
[0263.833] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0263.833] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0263.833] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0263.833] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0263.833] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc00) returned 0x0
[0263.834] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0263.834] LocalFree (hMem=0x11ee8d8) returned 0x0
[0263.834] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eea60) returned 0x0
[0263.834] LocalFree (hMem=0x11eea60) returned 0x0
[0263.834] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0263.834] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0263.834] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0263.834] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0263.834] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0263.834] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0263.834] GetCurrentObject (hdc=0x5c0107e8, type=0x1) returned 0xb00017
[0263.834] GetCurrentObject (hdc=0x5c0107e8, type=0x2) returned 0x900010
[0263.834] GetCurrentObject (hdc=0x5c0107e8, type=0x7) returned 0x4a0507fe
[0263.834] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.834] SaveDC (hdc=0x5c0107e8) returned 1
[0263.834] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e0407de
[0263.834] GetClipRgn (hdc=0x5c0107e8, hrgn=0x2e0407de) returned 0
[0263.834] SelectClipRgn (hdc=0x5c0107e8, hrgn=0x99040807) returned 2
[0263.834] DeleteObject (ho=0x2e0407de) returned 1
[0263.834] DeleteObject (ho=0x99040807) returned 1
[0263.834] OffsetViewportOrgEx (in: hdc=0x5c0107e8, x=0, y=0, lppt=0x2f018f8 | out: lppt=0x2f018f8) returned 1
[0263.834] IsAppThemed () returned 0x1
[0263.835] GetThemeAppProperties () returned 0x3
[0263.835] GetThemeAppProperties () returned 0x3
[0263.835] DrawThemeBackground () returned 0x0
[0263.835] RestoreDC (hdc=0x5c0107e8, nSavedDC=-1) returned 1
[0263.835] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107e8) returned 0x0
[0263.835] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0263.835] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0263.835] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0263.835] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0263.835] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc04) returned 0x0
[0263.835] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.835] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0263.835] LocalFree (hMem=0x11ee788) returned 0x0
[0263.835] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.835] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0263.835] LocalFree (hMem=0x11eec58) returned 0x0
[0263.835] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0263.835] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0263.835] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0263.835] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0263.835] GdipDeleteRegion (region=0x6645998) returned 0x0
[0263.835] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0263.835] GetCurrentObject (hdc=0x5c0107e8, type=0x1) returned 0xb00017
[0263.836] GetCurrentObject (hdc=0x5c0107e8, type=0x2) returned 0x900010
[0263.836] GetCurrentObject (hdc=0x5c0107e8, type=0x7) returned 0x4a0507fe
[0263.836] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.836] SaveDC (hdc=0x5c0107e8) returned 1
[0263.836] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a040807
[0263.836] GetClipRgn (hdc=0x5c0107e8, hrgn=0x9a040807) returned 0
[0263.836] SelectClipRgn (hdc=0x5c0107e8, hrgn=0x2f0407de) returned 2
[0263.836] DeleteObject (ho=0x9a040807) returned 1
[0263.836] DeleteObject (ho=0x2f0407de) returned 1
[0263.836] OffsetViewportOrgEx (in: hdc=0x5c0107e8, x=0, y=0, lppt=0x2f01bcc | out: lppt=0x2f01bcc) returned 1
[0263.836] IsAppThemed () returned 0x1
[0263.836] GetThemeAppProperties () returned 0x3
[0263.836] GetThemeAppProperties () returned 0x3
[0263.836] GetThemeBackgroundContentRect () returned 0x0
[0263.836] RestoreDC (hdc=0x5c0107e8, nSavedDC=-1) returned 1
[0263.836] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107e8) returned 0x0
[0263.836] IsAppThemed () returned 0x1
[0263.836] GetThemeAppProperties () returned 0x3
[0263.836] GetThemeAppProperties () returned 0x3
[0263.836] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0263.836] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0263.836] GetCurrentObject (hdc=0x5c0107e8, type=0x1) returned 0xb00017
[0263.837] GetCurrentObject (hdc=0x5c0107e8, type=0x2) returned 0x900010
[0263.837] GetCurrentObject (hdc=0x5c0107e8, type=0x7) returned 0x4a0507fe
[0263.837] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.837] SaveDC (hdc=0x5c0107e8) returned 1
[0263.837] GetTextAlign (hdc=0x5c0107e8) returned 0x0
[0263.837] GetTextColor (hdc=0x5c0107e8) returned 0x0
[0263.837] GetCurrentObject (hdc=0x5c0107e8, type=0x6) returned 0x8a01c2
[0263.837] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0263.837] SelectObject (hdc=0x5c0107e8, h=0x6d0a0520) returned 0x8a01c2
[0263.837] GetBkMode (hdc=0x5c0107e8) returned 2
[0263.837] SetBkMode (hdc=0x5c0107e8, mode=1) returned 2
[0263.837] DrawTextExW (in: hdc=0x5c0107e8, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2f01f6c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0263.837] DrawTextExW (in: hdc=0x5c0107e8, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2f01f6c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0263.838] RestoreDC (hdc=0x5c0107e8, nSavedDC=-1) returned 1
[0263.838] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107e8) returned 0x0
[0263.838] GetFocus () returned 0x2802dc
[0263.838] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0263.838] SendMessageW (hWnd=0x2202c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0263.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0263.838] IsAppThemed () returned 0x1
[0263.838] GetThemeAppProperties () returned 0x3
[0263.838] GetThemeAppProperties () returned 0x3
[0263.838] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0263.838] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x5c0107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.838] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107e8) returned 0x0
[0263.838] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.838] SelectObject (hdc=0x5c0107e8, h=0x85000f) returned 0x4a0507fe
[0263.838] DeleteDC (hdc=0x5c0107e8) returned 1
[0263.838] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.838] EndPaint (hWnd=0x2802dc, lpPaint=0xd7dee4) returned 1
[0263.839] MapWindowPoints (in: hWndFrom=0x2802dc, hWndTo=0x0, lpPoints=0x2f02068, cPoints=0x1 | out: lpPoints=0x2f02068) returned 30999254
[0263.839] WindowFromPoint (Point=0x314) returned 0x2802dc
[0263.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.839] NotifyWinEvent (event=0x800a, hwnd=0x2802dc, idObject=-4, idChild=0)
[0263.839] NotifyWinEvent (event=0x800c, hwnd=0x2802dc, idObject=-4, idChild=0)
[0263.839] GetCapture () returned 0x2802dc
[0263.839] ReleaseCapture () returned 1
[0263.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0263.839] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0263.840] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.840] IsWindow (hWnd=0x7005c) returned 1
[0263.840] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0263.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0263.840] IsWindow (hWnd=0x2202c8) returned 1
[0263.840] SetActiveWindow (hWnd=0x2202c8) returned 0x2202c8
[0263.840] IsWindow (hWnd=0x2202c8) returned 1
[0263.840] SetFocus (hWnd=0x2202c8) returned 0x2802dc
[0263.842] GetFocus () returned 0x2202c8
[0263.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x8, wParam=0x2202c8, lParam=0x0) returned 0x0
[0263.842] GetCapture () returned 0x0
[0263.842] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0263.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0263.845] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.845] GetFocus () returned 0x2202c8
[0263.845] SetFocus (hWnd=0x2802dc) returned 0x2202c8
[0263.845] GetFocus () returned 0x2802dc
[0263.845] IsChild (hWndParent=0x2202c8, hWnd=0x2802dc) returned 1
[0263.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x8, wParam=0x2802dc, lParam=0x0) returned 0x0
[0263.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0263.847] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0263.848] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x7, wParam=0x2202c8, lParam=0x0) returned 0x0
[0263.849] GetStockObject (i=5) returned 0x900015
[0263.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0263.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0263.849] GetDlgItem (hDlg=0x2202c8, nIDDlgItem=2622172) returned 0x2802dc
[0263.849] SendMessageW (hWnd=0x2802dc, Msg=0x202b, wParam=0x2802dc, lParam=0xd7ddcc) returned 0x0
[0263.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x202b, wParam=0x2802dc, lParam=0xd7ddcc) returned 0x0
[0263.849] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.850] GetWindowLongW (hWnd=0x2202c8, nIndex=-8) returned 458844
[0263.850] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0263.850] GetCurrentThreadId () returned 0xf50
[0263.850] IsWindow (hWnd=0x7005c) returned 1
[0263.850] IsWindow (hWnd=0x7005c) returned 1
[0263.850] IsWindowVisible (hWnd=0x7005c) returned 1
[0263.850] SetActiveWindow (hWnd=0x7005c) returned 0x2202c8
[0263.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0263.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0263.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0263.854] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0263.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0263.854] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0263.854] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0263.854] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2202c8) returned 0x1
[0263.858] GetFocus () returned 0x2802dc
[0263.858] SetFocus (hWnd=0x602c4) returned 0x2802dc
[0263.858] GetFocus () returned 0x602c4
[0263.858] IsChild (hWndParent=0x2202c8, hWnd=0x602c4) returned 0
[0263.858] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0263.858] GetCapture () returned 0x0
[0263.858] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.859] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0263.860] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0263.861] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.861] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0263.862] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0263.862] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0263.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2802dc, lParam=0x0) returned 0x0
[0263.862] GetStockObject (i=5) returned 0x900015
[0263.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0263.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0263.862] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0263.862] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0263.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0263.863] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0263.864] GetFocus () returned 0x602c4
[0263.864] IsChild (hWndParent=0x2202c8, hWnd=0x602c4) returned 0
[0263.864] ShowWindow (hWnd=0x2202c8, nCmdShow=0) returned 1
[0263.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0263.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0263.865] GetWindowPlacement (in: hWnd=0x2202c8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0263.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0263.865] GetClientRect (in: hWnd=0x2202c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0263.865] GetWindowRect (in: hWnd=0x2202c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0263.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0263.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0263.866] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0263.867] GetWindowLongW (hWnd=0x2202c8, nIndex=-20) returned 327945
[0263.867] DestroyWindow (hWnd=0x2202c8) returned 1
[0263.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0263.867] GetWindowTextLengthW (hWnd=0x2202c8) returned 24
[0263.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0263.867] GetSystemMetrics (nIndex=42) returned 0
[0263.867] GetWindowTextW (in: hWnd=0x2202c8, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0263.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0263.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0263.867] GetWindowTextLengthW (hWnd=0x1d02d0) returned 0
[0263.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0263.867] GetSystemMetrics (nIndex=42) returned 0
[0263.867] GetWindowTextW (in: hWnd=0x1d02d0, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0263.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0263.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0263.868] GetWindowThreadProcessId (in: hWnd=0x1e02ce, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0263.868] GetWindow (hWnd=0x1e02ce, uCmd=0x5) returned 0x0
[0263.868] GetWindowLongW (hWnd=0x1e02ce, nIndex=-20) returned 65792
[0263.868] DestroyWindow (hWnd=0x1e02ce) returned 1
[0263.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0263.868] GetWindowTextLengthW (hWnd=0x1e02ce) returned 25
[0263.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0263.868] GetSystemMetrics (nIndex=42) returned 0
[0263.868] GetWindowTextW (in: hWnd=0x1e02ce, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0263.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0263.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0263.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1e02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.869] GetWindowTextLengthW (hWnd=0x2802de) returned 232
[0263.869] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0263.869] GetSystemMetrics (nIndex=42) returned 0
[0263.869] GetWindowTextW (in: hWnd=0x2802de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0263.869] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0263.869] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0263.869] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0263.869] InvalidateRect (hWnd=0x2802dc, lpRect=0x0, bErase=0) returned 1
[0263.869] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0263.870] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0263.870] SendMessageW (hWnd=0x2b00ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0263.870] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0263.870] SendMessageW (hWnd=0x2b00ea, Msg=0xb0, wParam=0x2ecbc4c, lParam=0xd7e480) returned 0x0
[0263.870] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0xb0, wParam=0x2ecbc4c, lParam=0xd7e480) returned 0x0
[0263.870] GetWindowTextLengthW (hWnd=0x2b00ea) returned 4363
[0263.870] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0263.870] GetSystemMetrics (nIndex=42) returned 0
[0263.870] CoTaskMemAlloc (cb=0x221c) returned 0x120b498
[0263.870] GetWindowTextW (in: hWnd=0x2b00ea, lpString=0x120b498, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0263.870] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0xd, wParam=0x110c, lParam=0x120b498) returned 0x110b
[0263.870] CoTaskMemFree (pv=0x120b498)
[0263.870] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0263.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1d02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.871] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2802de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.879] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.880] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.882] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0263.884] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.885] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.885] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.885] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.885] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.885] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.885] IsWindowUnicode (hWnd=0x7005c) returned 1
[0263.885] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.885] SetCursor (hCursor=0x10003) returned 0x10003
[0263.885] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.886] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.886] _TrackMouseEvent (in: lpEventTrack=0x2c3682c | out: lpEventTrack=0x2c3682c) returned 1
[0263.886] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0263.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0263.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0256) returned 0x0
[0263.886] GetKeyState (nVirtKey=1) returned 1
[0263.886] GetKeyState (nVirtKey=2) returned 0
[0263.886] GetKeyState (nVirtKey=4) returned 0
[0263.886] GetKeyState (nVirtKey=5) returned 0
[0263.886] GetKeyState (nVirtKey=6) returned 0
[0263.886] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.887] IsWindowUnicode (hWnd=0x7005c) returned 1
[0263.887] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.887] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.887] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.887] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.887] IsWindowUnicode (hWnd=0x7005c) returned 1
[0263.887] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.887] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40314) returned 0x1
[0263.887] SetCursor (hCursor=0x10003) returned 0x10003
[0263.887] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0256) returned 0x0
[0263.893] GetKeyState (nVirtKey=1) returned 1
[0263.893] GetKeyState (nVirtKey=2) returned 0
[0263.893] GetKeyState (nVirtKey=4) returned 0
[0263.893] GetKeyState (nVirtKey=5) returned 0
[0263.893] GetKeyState (nVirtKey=6) returned 0
[0263.893] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.893] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.893] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.893] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.893] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.894] IsWindowUnicode (hWnd=0x602c4) returned 1
[0263.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.894] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0263.895] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.895] CreateCompatibleDC (hdc=0x60100ce) returned 0x660107f4
[0263.895] SelectObject (hdc=0x660107f4, h=0x4a0507fe) returned 0x85000f
[0263.895] GdipCreateFromHDC (hdc=0x660107f4, graphics=0xd7e798) returned 0x0
[0263.895] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0263.895] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0263.895] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0263.895] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0263.895] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e7f8) returned 0x0
[0263.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0263.895] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eed00) returned 0x0
[0263.895] LocalFree (hMem=0x11eed00) returned 0x0
[0263.896] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0263.896] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0263.896] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.896] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0263.896] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0263.896] GdipRestoreGraphics (graphics=0x6600030, state=0xf7800dbd) returned 0x0
[0263.896] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.896] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0263.896] GetCurrentObject (hdc=0x660107f4, type=0x1) returned 0xb00017
[0263.896] GetCurrentObject (hdc=0x660107f4, type=0x2) returned 0x900010
[0263.896] GetCurrentObject (hdc=0x660107f4, type=0x7) returned 0x4a0507fe
[0263.896] GetCurrentObject (hdc=0x660107f4, type=0x6) returned 0x8a01c2
[0263.896] SaveDC (hdc=0x660107f4) returned 1
[0263.896] GetNearestColor (hdc=0x660107f4, color=0xff) returned 0xff
[0263.896] GetNearestColor (hdc=0x660107f4, color=0x55) returned 0x55
[0263.896] GetNearestColor (hdc=0x660107f4, color=0x0) returned 0x0
[0263.896] GetNearestColor (hdc=0x660107f4, color=0x55) returned 0x55
[0263.896] GetNearestColor (hdc=0x660107f4, color=0x0) returned 0x0
[0263.896] GetNearestColor (hdc=0x660107f4, color=0x8080ff) returned 0x8080ff
[0263.897] GetNearestColor (hdc=0x660107f4, color=0x7373e5) returned 0x7373e5
[0263.897] GetNearestColor (hdc=0x660107f4, color=0xe5) returned 0xe5
[0263.897] GetNearestColor (hdc=0x660107f4, color=0x0) returned 0x0
[0263.897] RestoreDC (hdc=0x660107f4, nSavedDC=-1) returned 1
[0263.897] GdipReleaseDC (graphics=0x6600030, hdc=0x660107f4) returned 0x0
[0263.897] IsAppThemed () returned 0x1
[0263.897] GetThemeAppProperties () returned 0x3
[0263.897] GetThemeAppProperties () returned 0x3
[0263.897] IsAppThemed () returned 0x1
[0263.897] GetThemeAppProperties () returned 0x3
[0263.897] GetThemeAppProperties () returned 0x3
[0263.897] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2f09e1c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0263.897] IsAppThemed () returned 0x1
[0263.897] GetThemeAppProperties () returned 0x3
[0263.897] GetThemeAppProperties () returned 0x3
[0263.897] IsAppThemed () returned 0x1
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] GetFocus () returned 0x602c4
[0263.898] IsAppThemed () returned 0x1
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] IsAppThemed () returned 0x1
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] IsThemePartDefined () returned 0x1
[0263.898] IsAppThemed () returned 0x1
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0263.898] IsAppThemed () returned 0x1
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] IsAppThemed () returned 0x1
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] GetThemeAppProperties () returned 0x3
[0263.898] IsThemePartDefined () returned 0x1
[0263.898] GdipCreateRegion (region=0xd7e508) returned 0x0
[0263.898] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.898] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0263.898] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0263.898] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e520) returned 0x0
[0263.898] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0263.898] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eed00) returned 0x0
[0263.899] LocalFree (hMem=0x11eed00) returned 0x0
[0263.899] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0263.899] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0263.899] LocalFree (hMem=0x11ee9f0) returned 0x0
[0263.899] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0263.899] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e548) returned 0x0
[0263.899] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e538) returned 0x0
[0263.899] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0263.899] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.899] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0263.899] GetCurrentObject (hdc=0x660107f4, type=0x1) returned 0xb00017
[0263.899] GetCurrentObject (hdc=0x660107f4, type=0x2) returned 0x900010
[0263.899] GetCurrentObject (hdc=0x660107f4, type=0x7) returned 0x4a0507fe
[0263.899] GetCurrentObject (hdc=0x660107f4, type=0x6) returned 0x8a01c2
[0263.899] SaveDC (hdc=0x660107f4) returned 1
[0263.899] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x300407de
[0263.899] GetClipRgn (hdc=0x660107f4, hrgn=0x300407de) returned 0
[0263.899] SelectClipRgn (hdc=0x660107f4, hrgn=0x9e040807) returned 2
[0263.899] DeleteObject (ho=0x300407de) returned 1
[0263.899] DeleteObject (ho=0x9e040807) returned 1
[0263.899] OffsetViewportOrgEx (in: hdc=0x660107f4, x=0, y=0, lppt=0x2f0a4cc | out: lppt=0x2f0a4cc) returned 1
[0263.899] DrawThemeParentBackground () returned 0x0
[0263.900] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0263.900] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0263.900] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.900] GetSystemMetrics (nIndex=42) returned 0
[0263.900] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0263.900] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0263.900] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0263.900] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0263.900] SelectPalette (hdc=0x660107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.900] GdipCreateFromHDC (hdc=0x660107f4, graphics=0xd7dff8) returned 0x0
[0263.900] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0263.900] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0263.900] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638b78) returned 0x0
[0263.900] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfd0) returned 0x0
[0263.900] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0263.900] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0263.901] GdipGetClip (graphics=0x6640bc0, region=0x6645e18) returned 0x0
[0263.901] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6640bc0, result=0xd7dfc4) returned 0x0
[0263.901] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0263.901] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dff0) returned 0x0
[0263.901] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0263.913] GdipFillRectangleI (graphics=0x6640bc0, brush=0x66356c8, x=0, y=0, width=801, height=453) returned 0x0
[0263.913] GdipDeleteBrush (brush=0x66356c8) returned 0x0
[0263.914] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0263.914] SelectPalette (hdc=0x660107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.914] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.914] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.915] GetSystemMetrics (nIndex=42) returned 0
[0263.915] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.915] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0263.915] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0263.915] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0263.915] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0263.915] SelectPalette (hdc=0x660107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0263.915] GdipCreateFromHDC (hdc=0x660107f4, graphics=0xd7df98) returned 0x0
[0263.915] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0263.915] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0263.916] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638ba8) returned 0x0
[0263.916] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df70) returned 0x0
[0263.916] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0263.916] GdipCreateRegion (region=0xd7df58) returned 0x0
[0263.916] GdipGetClip (graphics=0x6640bc0, region=0x6645878) returned 0x0
[0263.916] GdipIsInfiniteRegion (region=0x6645878, graphics=0x6640bc0, result=0xd7df64) returned 0x0
[0263.916] GdipDeleteRegion (region=0x6645878) returned 0x0
[0263.916] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7df90) returned 0x0
[0263.916] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0263.926] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6635938, x=0, y=0, width=801, height=453) returned 0x0
[0263.926] GdipDeleteBrush (brush=0x6635938) returned 0x0
[0263.927] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf77c0dbd) returned 0x0
[0263.927] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0263.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0263.927] GetSystemMetrics (nIndex=42) returned 0
[0263.927] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0263.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0263.928] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0263.928] SelectPalette (hdc=0x660107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.928] RestoreDC (hdc=0x660107f4, nSavedDC=-1) returned 1
[0263.928] GdipReleaseDC (graphics=0x6600030, hdc=0x660107f4) returned 0x0
[0263.928] IsAppThemed () returned 0x1
[0263.928] GetThemeAppProperties () returned 0x3
[0263.928] GetThemeAppProperties () returned 0x3
[0263.928] IsAppThemed () returned 0x1
[0263.928] GetThemeAppProperties () returned 0x3
[0263.928] GetThemeAppProperties () returned 0x3
[0263.928] IsThemePartDefined () returned 0x1
[0263.928] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0263.928] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.928] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0263.928] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0263.928] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a4) returned 0x0
[0263.928] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0263.928] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0263.929] LocalFree (hMem=0x11eed00) returned 0x0
[0263.929] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.929] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0263.929] LocalFree (hMem=0x11ee788) returned 0x0
[0263.929] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0263.929] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0263.929] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0263.929] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0263.929] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.929] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0263.929] GetCurrentObject (hdc=0x660107f4, type=0x1) returned 0xb00017
[0263.929] GetCurrentObject (hdc=0x660107f4, type=0x2) returned 0x900010
[0263.929] GetCurrentObject (hdc=0x660107f4, type=0x7) returned 0x4a0507fe
[0263.929] GetCurrentObject (hdc=0x660107f4, type=0x6) returned 0x8a01c2
[0263.929] SaveDC (hdc=0x660107f4) returned 1
[0263.929] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f040807
[0263.929] GetClipRgn (hdc=0x660107f4, hrgn=0x9f040807) returned 0
[0263.929] SelectClipRgn (hdc=0x660107f4, hrgn=0x320407de) returned 2
[0263.929] DeleteObject (ho=0x9f040807) returned 1
[0263.930] DeleteObject (ho=0x320407de) returned 1
[0263.930] OffsetViewportOrgEx (in: hdc=0x660107f4, x=0, y=0, lppt=0x2f10d1c | out: lppt=0x2f10d1c) returned 1
[0263.930] IsAppThemed () returned 0x1
[0263.930] GetThemeAppProperties () returned 0x3
[0263.930] GetThemeAppProperties () returned 0x3
[0263.930] DrawThemeBackground () returned 0x0
[0263.930] RestoreDC (hdc=0x660107f4, nSavedDC=-1) returned 1
[0263.930] GdipReleaseDC (graphics=0x6600030, hdc=0x660107f4) returned 0x0
[0263.930] GdipCreateRegion (region=0xd7e490) returned 0x0
[0263.930] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0263.930] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0263.930] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0263.930] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e4a8) returned 0x0
[0263.930] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0263.930] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0263.930] LocalFree (hMem=0x11ee788) returned 0x0
[0263.930] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0263.930] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0263.930] LocalFree (hMem=0x11eec58) returned 0x0
[0263.930] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0263.930] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0263.930] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0263.931] GdipGetRegionHRgn (region=0x6645248, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0263.931] GdipDeleteRegion (region=0x6645248) returned 0x0
[0263.931] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0263.931] GetCurrentObject (hdc=0x660107f4, type=0x1) returned 0xb00017
[0263.931] GetCurrentObject (hdc=0x660107f4, type=0x2) returned 0x900010
[0263.931] GetCurrentObject (hdc=0x660107f4, type=0x7) returned 0x4a0507fe
[0263.931] GetCurrentObject (hdc=0x660107f4, type=0x6) returned 0x8a01c2
[0263.931] SaveDC (hdc=0x660107f4) returned 1
[0263.931] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x330407de
[0263.931] GetClipRgn (hdc=0x660107f4, hrgn=0x330407de) returned 0
[0263.931] SelectClipRgn (hdc=0x660107f4, hrgn=0xa0040807) returned 2
[0263.931] DeleteObject (ho=0x330407de) returned 1
[0263.931] DeleteObject (ho=0xa0040807) returned 1
[0263.931] OffsetViewportOrgEx (in: hdc=0x660107f4, x=0, y=0, lppt=0x2f10ff0 | out: lppt=0x2f10ff0) returned 1
[0263.931] IsAppThemed () returned 0x1
[0263.931] GetThemeAppProperties () returned 0x3
[0263.931] GetThemeAppProperties () returned 0x3
[0263.931] GetThemeBackgroundContentRect () returned 0x0
[0263.931] RestoreDC (hdc=0x660107f4, nSavedDC=-1) returned 1
[0263.931] GdipReleaseDC (graphics=0x6600030, hdc=0x660107f4) returned 0x0
[0263.931] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0263.932] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0263.932] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0263.932] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0263.932] IsAppThemed () returned 0x1
[0263.932] GetThemeAppProperties () returned 0x3
[0263.932] GetThemeAppProperties () returned 0x3
[0263.932] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0263.932] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0263.932] GetCurrentObject (hdc=0x660107f4, type=0x1) returned 0xb00017
[0263.932] GetCurrentObject (hdc=0x660107f4, type=0x2) returned 0x900010
[0263.932] GetCurrentObject (hdc=0x660107f4, type=0x7) returned 0x4a0507fe
[0263.932] GetCurrentObject (hdc=0x660107f4, type=0x6) returned 0x8a01c2
[0263.932] SaveDC (hdc=0x660107f4) returned 1
[0263.932] GetTextAlign (hdc=0x660107f4) returned 0x0
[0263.932] GetTextColor (hdc=0x660107f4) returned 0x0
[0263.932] GetCurrentObject (hdc=0x660107f4, type=0x6) returned 0x8a01c2
[0263.932] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0263.932] SelectObject (hdc=0x660107f4, h=0x6d0a0520) returned 0x8a01c2
[0263.933] GetBkMode (hdc=0x660107f4) returned 2
[0263.933] SetBkMode (hdc=0x660107f4, mode=1) returned 2
[0263.933] DrawTextExW (in: hdc=0x660107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2f113b4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0263.933] DrawTextExW (in: hdc=0x660107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2f113b4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0263.933] RestoreDC (hdc=0x660107f4, nSavedDC=-1) returned 1
[0263.933] GdipReleaseDC (graphics=0x6600030, hdc=0x660107f4) returned 0x0
[0263.933] GetFocus () returned 0x602c4
[0263.933] IsAppThemed () returned 0x1
[0263.933] GetThemeAppProperties () returned 0x3
[0263.933] GetThemeAppProperties () returned 0x3
[0263.934] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0263.934] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x660107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0263.934] GdipReleaseDC (graphics=0x6600030, hdc=0x660107f4) returned 0x0
[0263.934] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0263.934] SelectObject (hdc=0x660107f4, h=0x85000f) returned 0x4a0507fe
[0263.934] DeleteDC (hdc=0x660107f4) returned 1
[0263.934] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0263.934] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0263.934] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.934] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.934] WaitMessage () returned 1
[0263.940] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.940] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.940] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.940] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.940] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.941] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.941] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.941] WaitMessage () returned 1
[0263.953] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.953] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.953] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.953] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.953] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.954] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.954] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.954] WaitMessage () returned 1
[0263.955] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.955] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.955] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.955] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.955] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.956] WaitMessage () returned 1
[0263.956] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.956] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.956] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.956] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.956] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.958] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.958] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.958] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.958] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.958] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.958] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.958] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.958] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.958] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.958] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.959] WaitMessage () returned 1
[0263.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.959] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.959] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.959] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.959] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.960] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.960] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.960] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.960] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.961] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.961] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.961] WaitMessage () returned 1
[0263.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.962] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.962] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.962] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.962] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.963] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.964] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.964] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.964] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.964] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.964] WaitMessage () returned 1
[0263.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.965] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.965] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.965] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.965] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.969] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.969] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.969] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.969] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.969] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.970] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.970] IsWindowUnicode (hWnd=0x30122) returned 1
[0263.970] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.970] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.970] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.970] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.970] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.970] WaitMessage () returned 1
[0263.985] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.985] IsWindowUnicode (hWnd=0x7005c) returned 1
[0263.985] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.985] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.985] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.985] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.985] IsWindowUnicode (hWnd=0x7005c) returned 1
[0263.985] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0263.985] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0263.985] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0263.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0256) returned 0x0
[0263.985] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.985] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0263.985] WaitMessage () returned 1
[0264.171] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0264.171] IsWindowUnicode (hWnd=0x502c6) returned 1
[0264.171] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0264.171] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0264.171] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0264.171] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0264.171] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0264.171] WaitMessage () returned 1
[0266.094] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.094] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f6) returned 0x1
[0266.094] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.094] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.094] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0266.094] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0266.094] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0266.094] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.094] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f6) returned 0x1
[0266.095] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.095] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.095] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f6) returned 0x1
[0266.095] SetCursor (hCursor=0x10003) returned 0x10003
[0266.095] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0266.095] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0266.095] _TrackMouseEvent (in: lpEventTrack=0x2c2b9ac | out: lpEventTrack=0x2c2b9ac) returned 1
[0266.095] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0266.095] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0266.095] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0266.095] GetKeyState (nVirtKey=1) returned 1
[0266.095] GetKeyState (nVirtKey=2) returned 0
[0266.095] GetKeyState (nVirtKey=4) returned 0
[0266.095] GetKeyState (nVirtKey=5) returned 0
[0266.095] GetKeyState (nVirtKey=6) returned 0
[0266.095] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.095] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.096] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.096] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0266.096] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0266.096] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0266.096] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.096] CreateCompatibleDC (hdc=0x60100ce) returned 0xa70107fc
[0266.096] SelectObject (hdc=0xa70107fc, h=0x4a0507fe) returned 0x85000f
[0266.096] GdipCreateFromHDC (hdc=0xa70107fc, graphics=0xd7e798) returned 0x0
[0266.096] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.096] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0266.096] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0266.096] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0266.096] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e7f8) returned 0x0
[0266.096] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0266.096] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0266.097] LocalFree (hMem=0x11eec58) returned 0x0
[0266.097] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0266.097] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0266.097] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0266.097] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0266.097] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0266.097] GdipRestoreGraphics (graphics=0x6600030, state=0xf77a0dbd) returned 0x0
[0266.097] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0266.097] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0266.097] GetCurrentObject (hdc=0xa70107fc, type=0x1) returned 0xb00017
[0266.097] GetCurrentObject (hdc=0xa70107fc, type=0x2) returned 0x900010
[0266.097] GetCurrentObject (hdc=0xa70107fc, type=0x7) returned 0x4a0507fe
[0266.097] GetCurrentObject (hdc=0xa70107fc, type=0x6) returned 0x8a01c2
[0266.097] SaveDC (hdc=0xa70107fc) returned 1
[0266.097] GetNearestColor (hdc=0xa70107fc, color=0xff) returned 0xff
[0266.097] GetNearestColor (hdc=0xa70107fc, color=0x55) returned 0x55
[0266.097] GetNearestColor (hdc=0xa70107fc, color=0x0) returned 0x0
[0266.097] GetNearestColor (hdc=0xa70107fc, color=0x55) returned 0x55
[0266.098] GetNearestColor (hdc=0xa70107fc, color=0x0) returned 0x0
[0266.098] GetNearestColor (hdc=0xa70107fc, color=0x8080ff) returned 0x8080ff
[0266.098] GetNearestColor (hdc=0xa70107fc, color=0x7373e5) returned 0x7373e5
[0266.098] GetNearestColor (hdc=0xa70107fc, color=0xe5) returned 0xe5
[0266.098] GetNearestColor (hdc=0xa70107fc, color=0x0) returned 0x0
[0266.098] RestoreDC (hdc=0xa70107fc, nSavedDC=-1) returned 1
[0266.098] GdipReleaseDC (graphics=0x6600030, hdc=0xa70107fc) returned 0x0
[0266.098] IsAppThemed () returned 0x1
[0266.098] GetThemeAppProperties () returned 0x3
[0266.098] GetThemeAppProperties () returned 0x3
[0266.098] IsAppThemed () returned 0x1
[0266.098] GetThemeAppProperties () returned 0x3
[0266.098] GetThemeAppProperties () returned 0x3
[0266.098] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2f11d24 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0266.099] IsAppThemed () returned 0x1
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] IsAppThemed () returned 0x1
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] IsAppThemed () returned 0x1
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] IsAppThemed () returned 0x1
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] IsThemePartDefined () returned 0x1
[0266.099] IsAppThemed () returned 0x1
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.099] IsAppThemed () returned 0x1
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] IsAppThemed () returned 0x1
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] GetThemeAppProperties () returned 0x3
[0266.099] IsThemePartDefined () returned 0x1
[0266.099] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0266.099] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0266.099] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0266.100] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0266.100] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e514) returned 0x0
[0266.100] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0266.100] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0266.100] LocalFree (hMem=0x11eed00) returned 0x0
[0266.100] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.100] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0266.100] LocalFree (hMem=0x11ee788) returned 0x0
[0266.100] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0266.100] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0266.100] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0266.100] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0266.100] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0266.100] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0266.100] GetCurrentObject (hdc=0xa70107fc, type=0x1) returned 0xb00017
[0266.100] GetCurrentObject (hdc=0xa70107fc, type=0x2) returned 0x900010
[0266.100] GetCurrentObject (hdc=0xa70107fc, type=0x7) returned 0x4a0507fe
[0266.100] GetCurrentObject (hdc=0xa70107fc, type=0x6) returned 0x8a01c2
[0266.100] SaveDC (hdc=0xa70107fc) returned 1
[0266.100] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa1040807
[0266.100] GetClipRgn (hdc=0xa70107fc, hrgn=0xa1040807) returned 0
[0266.101] SelectClipRgn (hdc=0xa70107fc, hrgn=0x370407de) returned 2
[0266.101] DeleteObject (ho=0xa1040807) returned 1
[0266.101] DeleteObject (ho=0x370407de) returned 1
[0266.101] OffsetViewportOrgEx (in: hdc=0xa70107fc, x=0, y=0, lppt=0x2f123d4 | out: lppt=0x2f123d4) returned 1
[0266.101] DrawThemeParentBackground () returned 0x0
[0266.101] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0266.101] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0266.101] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.101] GetSystemMetrics (nIndex=42) returned 0
[0266.101] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0266.101] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0266.101] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0266.101] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0266.101] SelectPalette (hdc=0xa70107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.101] GdipCreateFromHDC (hdc=0xa70107fc, graphics=0xd7dff0) returned 0x0
[0266.102] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0266.102] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0266.102] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638a28) returned 0x0
[0266.102] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dfc8) returned 0x0
[0266.102] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0266.102] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0266.102] GdipGetClip (graphics=0x6640bc0, region=0x6645248) returned 0x0
[0266.102] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6640bc0, result=0xd7dfbc) returned 0x0
[0266.102] GdipDeleteRegion (region=0x6645248) returned 0x0
[0266.102] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dfe8) returned 0x0
[0266.102] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0266.108] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6635ba8, x=0, y=0, width=801, height=453) returned 0x0
[0266.108] GdipDeleteBrush (brush=0x6635ba8) returned 0x0
[0266.110] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0266.110] SelectPalette (hdc=0xa70107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.110] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.110] GetSystemMetrics (nIndex=42) returned 0
[0266.110] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0266.110] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0266.110] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0266.110] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0266.110] SelectPalette (hdc=0xa70107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.110] GdipCreateFromHDC (hdc=0xa70107fc, graphics=0xd7df90) returned 0x0
[0266.111] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0266.111] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0266.111] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638c08) returned 0x0
[0266.111] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0266.111] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0266.111] GdipCreateRegion (region=0xd7df50) returned 0x0
[0266.111] GdipGetClip (graphics=0x6640bc0, region=0x6645998) returned 0x0
[0266.111] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6640bc0, result=0xd7df5c) returned 0x0
[0266.111] GdipDeleteRegion (region=0x6645998) returned 0x0
[0266.111] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7df88) returned 0x0
[0266.111] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0266.117] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6634e40, x=0, y=0, width=801, height=453) returned 0x0
[0266.117] GdipDeleteBrush (brush=0x6634e40) returned 0x0
[0266.118] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf7760dbd) returned 0x0
[0266.119] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.119] GetSystemMetrics (nIndex=42) returned 0
[0266.119] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0266.119] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0266.119] SelectPalette (hdc=0xa70107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.119] RestoreDC (hdc=0xa70107fc, nSavedDC=-1) returned 1
[0266.119] GdipReleaseDC (graphics=0x6600030, hdc=0xa70107fc) returned 0x0
[0266.119] IsAppThemed () returned 0x1
[0266.119] GetThemeAppProperties () returned 0x3
[0266.119] GetThemeAppProperties () returned 0x3
[0266.119] IsAppThemed () returned 0x1
[0266.119] GetThemeAppProperties () returned 0x3
[0266.119] GetThemeAppProperties () returned 0x3
[0266.119] IsThemePartDefined () returned 0x1
[0266.119] GdipCreateRegion (region=0xd7e480) returned 0x0
[0266.120] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0266.120] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0266.120] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0266.120] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e498) returned 0x0
[0266.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.120] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0266.120] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.120] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0266.120] LocalFree (hMem=0x11ee788) returned 0x0
[0266.120] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0266.120] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0266.120] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0266.120] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0266.120] GdipDeleteRegion (region=0x6645488) returned 0x0
[0266.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0266.120] GetCurrentObject (hdc=0xa70107fc, type=0x1) returned 0xb00017
[0266.120] GetCurrentObject (hdc=0xa70107fc, type=0x2) returned 0x900010
[0266.120] GetCurrentObject (hdc=0xa70107fc, type=0x7) returned 0x4a0507fe
[0266.120] GetCurrentObject (hdc=0xa70107fc, type=0x6) returned 0x8a01c2
[0266.121] SaveDC (hdc=0xa70107fc) returned 1
[0266.121] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x380407de
[0266.121] GetClipRgn (hdc=0xa70107fc, hrgn=0x380407de) returned 0
[0266.121] SelectClipRgn (hdc=0xa70107fc, hrgn=0xa3040807) returned 2
[0266.121] DeleteObject (ho=0x380407de) returned 1
[0266.121] DeleteObject (ho=0xa3040807) returned 1
[0266.121] OffsetViewportOrgEx (in: hdc=0xa70107fc, x=0, y=0, lppt=0x2f18c24 | out: lppt=0x2f18c24) returned 1
[0266.121] IsAppThemed () returned 0x1
[0266.121] GetThemeAppProperties () returned 0x3
[0266.121] GetThemeAppProperties () returned 0x3
[0266.121] DrawThemeBackground () returned 0x0
[0266.121] RestoreDC (hdc=0xa70107fc, nSavedDC=-1) returned 1
[0266.121] GdipReleaseDC (graphics=0x6600030, hdc=0xa70107fc) returned 0x0
[0266.121] GdipCreateRegion (region=0xd7e484) returned 0x0
[0266.121] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0266.121] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0266.121] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0266.121] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e49c) returned 0x0
[0266.121] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0266.121] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0266.122] LocalFree (hMem=0x11eec58) returned 0x0
[0266.122] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0266.122] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0266.122] LocalFree (hMem=0x11eea98) returned 0x0
[0266.122] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0266.122] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0266.122] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0266.122] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0266.122] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.122] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0266.122] GetCurrentObject (hdc=0xa70107fc, type=0x1) returned 0xb00017
[0266.122] GetCurrentObject (hdc=0xa70107fc, type=0x2) returned 0x900010
[0266.122] GetCurrentObject (hdc=0xa70107fc, type=0x7) returned 0x4a0507fe
[0266.122] GetCurrentObject (hdc=0xa70107fc, type=0x6) returned 0x8a01c2
[0266.122] SaveDC (hdc=0xa70107fc) returned 1
[0266.122] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa4040807
[0266.122] GetClipRgn (hdc=0xa70107fc, hrgn=0xa4040807) returned 0
[0266.122] SelectClipRgn (hdc=0xa70107fc, hrgn=0x390407de) returned 2
[0266.123] DeleteObject (ho=0xa4040807) returned 1
[0266.123] DeleteObject (ho=0x390407de) returned 1
[0266.123] OffsetViewportOrgEx (in: hdc=0xa70107fc, x=0, y=0, lppt=0x2f18ef8 | out: lppt=0x2f18ef8) returned 1
[0266.123] IsAppThemed () returned 0x1
[0266.123] GetThemeAppProperties () returned 0x3
[0266.123] GetThemeAppProperties () returned 0x3
[0266.123] GetThemeBackgroundContentRect () returned 0x0
[0266.123] RestoreDC (hdc=0xa70107fc, nSavedDC=-1) returned 1
[0266.123] GdipReleaseDC (graphics=0x6600030, hdc=0xa70107fc) returned 0x0
[0266.123] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0266.123] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0266.123] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0266.123] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0266.123] IsAppThemed () returned 0x1
[0266.123] GetThemeAppProperties () returned 0x3
[0266.123] GetThemeAppProperties () returned 0x3
[0266.123] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0266.123] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0266.123] GetCurrentObject (hdc=0xa70107fc, type=0x1) returned 0xb00017
[0266.123] GetCurrentObject (hdc=0xa70107fc, type=0x2) returned 0x900010
[0266.123] GetCurrentObject (hdc=0xa70107fc, type=0x7) returned 0x4a0507fe
[0266.123] GetCurrentObject (hdc=0xa70107fc, type=0x6) returned 0x8a01c2
[0266.124] SaveDC (hdc=0xa70107fc) returned 1
[0266.124] GetTextAlign (hdc=0xa70107fc) returned 0x0
[0266.124] GetTextColor (hdc=0xa70107fc) returned 0x0
[0266.124] GetCurrentObject (hdc=0xa70107fc, type=0x6) returned 0x8a01c2
[0266.124] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0266.124] SelectObject (hdc=0xa70107fc, h=0x6d0a0520) returned 0x8a01c2
[0266.124] GetBkMode (hdc=0xa70107fc) returned 2
[0266.124] SetBkMode (hdc=0xa70107fc, mode=1) returned 2
[0266.124] DrawTextExW (in: hdc=0xa70107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2f192bc | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0266.124] DrawTextExW (in: hdc=0xa70107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2f192bc | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0266.125] RestoreDC (hdc=0xa70107fc, nSavedDC=-1) returned 1
[0266.125] GdipReleaseDC (graphics=0x6600030, hdc=0xa70107fc) returned 0x0
[0266.125] GetFocus () returned 0x602c4
[0266.125] IsAppThemed () returned 0x1
[0266.125] GetThemeAppProperties () returned 0x3
[0266.125] GetThemeAppProperties () returned 0x3
[0266.125] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0266.125] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xa70107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.125] GdipReleaseDC (graphics=0x6600030, hdc=0xa70107fc) returned 0x0
[0266.125] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.126] SelectObject (hdc=0xa70107fc, h=0x85000f) returned 0x4a0507fe
[0266.126] DeleteDC (hdc=0xa70107fc) returned 1
[0266.126] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.126] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0266.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0266.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0266.126] WaitMessage () returned 1
[0266.201] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.201] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.201] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.201] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0266.201] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0266.201] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.201] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.201] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.201] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0266.201] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0266.202] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x4001b) returned 0x0
[0266.202] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0266.202] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0266.202] WaitMessage () returned 1
[0266.361] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f6) returned 0x1
[0266.361] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.361] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.361] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f6) returned 0x1
[0266.361] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0266.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1960038) returned 0x0
[0266.362] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0266.362] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0266.362] SetCursor (hCursor=0x10003) returned 0x10003
[0266.362] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0266.362] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0266.362] GetKeyState (nVirtKey=1) returned -128
[0266.362] GetKeyState (nVirtKey=2) returned 0
[0266.362] GetKeyState (nVirtKey=4) returned 0
[0266.362] GetKeyState (nVirtKey=5) returned 0
[0266.362] GetKeyState (nVirtKey=6) returned 0
[0266.362] IsWindowVisible (hWnd=0x602c4) returned 1
[0266.362] IsWindowEnabled (hWnd=0x602c4) returned 1
[0266.362] SetFocus (hWnd=0x602c4) returned 0x602c4
[0266.362] GetFocus () returned 0x602c4
[0266.362] GetFocus () returned 0x602c4
[0266.362] GetFocus () returned 0x602c4
[0266.362] GetKeyState (nVirtKey=1) returned -128
[0266.362] GetKeyState (nVirtKey=2) returned 0
[0266.362] GetKeyState (nVirtKey=4) returned 0
[0266.362] GetKeyState (nVirtKey=5) returned 0
[0266.362] GetKeyState (nVirtKey=6) returned 0
[0266.362] GetCapture () returned 0x0
[0266.362] SetCapture (hWnd=0x602c4) returned 0x0
[0266.363] GetKeyState (nVirtKey=1) returned -128
[0266.363] GetKeyState (nVirtKey=2) returned 0
[0266.363] GetKeyState (nVirtKey=4) returned 0
[0266.363] GetKeyState (nVirtKey=5) returned 0
[0266.363] GetKeyState (nVirtKey=6) returned 0
[0266.363] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0266.363] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0266.363] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.363] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.363] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0266.363] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0266.363] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0266.363] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2f19440, cPoints=0x1 | out: lpPoints=0x2f19440) returned 40304859
[0266.363] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0266.363] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0266.363] UpdateWindow (hWnd=0x602c4) returned 1
[0266.363] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0266.363] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.363] CreateCompatibleDC (hdc=0x60100ce) returned 0xa80107fc
[0266.364] SelectObject (hdc=0xa80107fc, h=0x4a0507fe) returned 0x85000f
[0266.364] GdipCreateFromHDC (hdc=0xa80107fc, graphics=0xd7e430) returned 0x0
[0266.364] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.364] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0266.364] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0266.364] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0266.364] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e490) returned 0x0
[0266.364] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0266.364] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0266.364] LocalFree (hMem=0x11eec58) returned 0x0
[0266.364] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0266.364] GdipCreateRegion (region=0xd7e478) returned 0x0
[0266.364] GdipGetClip (graphics=0x6600030, region=0x6645248) returned 0x0
[0266.364] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6600030, result=0xd7e484) returned 0x0
[0266.364] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0266.364] GdipRestoreGraphics (graphics=0x6600030, state=0xf7740dbd) returned 0x0
[0266.364] GdipDeleteRegion (region=0x6645248) returned 0x0
[0266.364] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0266.365] GetCurrentObject (hdc=0xa80107fc, type=0x1) returned 0xb00017
[0266.365] GetCurrentObject (hdc=0xa80107fc, type=0x2) returned 0x900010
[0266.365] GetCurrentObject (hdc=0xa80107fc, type=0x7) returned 0x4a0507fe
[0266.365] GetCurrentObject (hdc=0xa80107fc, type=0x6) returned 0x8a01c2
[0266.365] SaveDC (hdc=0xa80107fc) returned 1
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0xff) returned 0xff
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0x55) returned 0x55
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0x0) returned 0x0
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0x55) returned 0x55
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0x0) returned 0x0
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0x8080ff) returned 0x8080ff
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0x7373e5) returned 0x7373e5
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0xe5) returned 0xe5
[0266.365] GetNearestColor (hdc=0xa80107fc, color=0x0) returned 0x0
[0266.365] RestoreDC (hdc=0xa80107fc, nSavedDC=-1) returned 1
[0266.365] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107fc) returned 0x0
[0266.365] IsAppThemed () returned 0x1
[0266.365] GetThemeAppProperties () returned 0x3
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] IsAppThemed () returned 0x1
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2f19b5c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0266.366] IsAppThemed () returned 0x1
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] IsAppThemed () returned 0x1
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] IsAppThemed () returned 0x1
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] IsAppThemed () returned 0x1
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] GetThemeAppProperties () returned 0x3
[0266.366] IsThemePartDefined () returned 0x1
[0266.366] IsAppThemed () returned 0x1
[0266.367] GetThemeAppProperties () returned 0x3
[0266.367] GetThemeAppProperties () returned 0x3
[0266.367] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.367] IsAppThemed () returned 0x1
[0266.367] GetThemeAppProperties () returned 0x3
[0266.367] GetThemeAppProperties () returned 0x3
[0266.367] IsAppThemed () returned 0x1
[0266.367] GetThemeAppProperties () returned 0x3
[0266.367] GetThemeAppProperties () returned 0x3
[0266.367] IsThemePartDefined () returned 0x1
[0266.367] GdipCreateRegion (region=0xd7e194) returned 0x0
[0266.367] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0266.367] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0266.367] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0266.367] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e1ac) returned 0x0
[0266.367] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0266.367] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0266.367] LocalFree (hMem=0x11ee868) returned 0x0
[0266.367] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0266.367] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eead0) returned 0x0
[0266.367] LocalFree (hMem=0x11eead0) returned 0x0
[0266.367] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0266.367] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0266.367] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0266.367] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0266.367] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0266.368] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0266.368] GetCurrentObject (hdc=0xa80107fc, type=0x1) returned 0xb00017
[0266.368] GetCurrentObject (hdc=0xa80107fc, type=0x2) returned 0x900010
[0266.368] GetCurrentObject (hdc=0xa80107fc, type=0x7) returned 0x4a0507fe
[0266.368] GetCurrentObject (hdc=0xa80107fc, type=0x6) returned 0x8a01c2
[0266.368] SaveDC (hdc=0xa80107fc) returned 1
[0266.368] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a0407de
[0266.368] GetClipRgn (hdc=0xa80107fc, hrgn=0x3a0407de) returned 0
[0266.368] SelectClipRgn (hdc=0xa80107fc, hrgn=0xa8040807) returned 2
[0266.368] DeleteObject (ho=0x3a0407de) returned 1
[0266.368] DeleteObject (ho=0xa8040807) returned 1
[0266.368] OffsetViewportOrgEx (in: hdc=0xa80107fc, x=0, y=0, lppt=0x2f1a20c | out: lppt=0x2f1a20c) returned 1
[0266.368] DrawThemeParentBackground () returned 0x0
[0266.368] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0266.368] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0266.368] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.368] GetSystemMetrics (nIndex=42) returned 0
[0266.369] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0266.369] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0266.369] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0266.369] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0266.369] SelectPalette (hdc=0xa80107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.369] GdipCreateFromHDC (hdc=0xa80107fc, graphics=0xd7dc88) returned 0x0
[0266.369] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0266.369] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0266.369] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638a58) returned 0x0
[0266.369] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc60) returned 0x0
[0266.369] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0266.369] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0266.369] GdipGetClip (graphics=0x6640bc0, region=0x6645cf8) returned 0x0
[0266.369] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6640bc0, result=0xd7dc54) returned 0x0
[0266.369] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.369] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dc80) returned 0x0
[0266.369] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0266.375] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6635590, x=0, y=0, width=801, height=453) returned 0x0
[0266.375] GdipDeleteBrush (brush=0x6635590) returned 0x0
[0266.376] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0266.376] SelectPalette (hdc=0xa80107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.377] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.377] GetSystemMetrics (nIndex=42) returned 0
[0266.377] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0266.377] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0266.377] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0266.377] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0266.377] SelectPalette (hdc=0xa80107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.377] GdipCreateFromHDC (hdc=0xa80107fc, graphics=0xd7dc28) returned 0x0
[0266.377] GdipSetPageUnit (graphics=0x6640bc0, unit=0x2) returned 0x0
[0266.377] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0266.377] GdipGetWorldTransform (graphics=0x6640bc0, matrix=0x6638c08) returned 0x0
[0266.377] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0266.377] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0266.377] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0266.377] GdipGetClip (graphics=0x6640bc0, region=0x6645248) returned 0x0
[0266.377] GdipIsInfiniteRegion (region=0x6645248, graphics=0x6640bc0, result=0xd7dbf4) returned 0x0
[0266.378] GdipDeleteRegion (region=0x6645248) returned 0x0
[0266.378] GdipSaveGraphics (graphics=0x6640bc0, state=0xd7dc20) returned 0x0
[0266.378] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0266.383] GdipFillRectangleI (graphics=0x6640bc0, brush=0x6635a70, x=0, y=0, width=801, height=453) returned 0x0
[0266.383] GdipDeleteBrush (brush=0x6635a70) returned 0x0
[0266.384] GdipRestoreGraphics (graphics=0x6640bc0, state=0xf7700dbd) returned 0x0
[0266.384] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.384] GetSystemMetrics (nIndex=42) returned 0
[0266.384] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0266.384] GdipDeleteGraphics (graphics=0x6640bc0) returned 0x0
[0266.385] SelectPalette (hdc=0xa80107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.385] RestoreDC (hdc=0xa80107fc, nSavedDC=-1) returned 1
[0266.385] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107fc) returned 0x0
[0266.385] IsAppThemed () returned 0x1
[0266.385] GetThemeAppProperties () returned 0x3
[0266.385] GetThemeAppProperties () returned 0x3
[0266.385] IsAppThemed () returned 0x1
[0266.385] GetThemeAppProperties () returned 0x3
[0266.385] GetThemeAppProperties () returned 0x3
[0266.385] IsThemePartDefined () returned 0x1
[0266.385] GdipCreateRegion (region=0xd7e118) returned 0x0
[0266.385] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0266.385] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0266.385] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0266.385] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e130) returned 0x0
[0266.385] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0266.385] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0266.385] LocalFree (hMem=0x11ee868) returned 0x0
[0266.386] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0266.386] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0266.386] LocalFree (hMem=0x11eec58) returned 0x0
[0266.386] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0266.386] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0266.386] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0266.386] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0266.386] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.386] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0266.386] GetCurrentObject (hdc=0xa80107fc, type=0x1) returned 0xb00017
[0266.386] GetCurrentObject (hdc=0xa80107fc, type=0x2) returned 0x900010
[0266.386] GetCurrentObject (hdc=0xa80107fc, type=0x7) returned 0x4a0507fe
[0266.386] GetCurrentObject (hdc=0xa80107fc, type=0x6) returned 0x8a01c2
[0266.386] SaveDC (hdc=0xa80107fc) returned 1
[0266.386] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa9040807
[0266.386] GetClipRgn (hdc=0xa80107fc, hrgn=0xa9040807) returned 0
[0266.386] SelectClipRgn (hdc=0xa80107fc, hrgn=0x3c0407de) returned 2
[0266.386] DeleteObject (ho=0xa9040807) returned 1
[0266.386] DeleteObject (ho=0x3c0407de) returned 1
[0266.386] OffsetViewportOrgEx (in: hdc=0xa80107fc, x=0, y=0, lppt=0x2f20a5c | out: lppt=0x2f20a5c) returned 1
[0266.386] IsAppThemed () returned 0x1
[0266.387] GetThemeAppProperties () returned 0x3
[0266.387] GetThemeAppProperties () returned 0x3
[0266.387] DrawThemeBackground () returned 0x0
[0266.387] RestoreDC (hdc=0xa80107fc, nSavedDC=-1) returned 1
[0266.387] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107fc) returned 0x0
[0266.387] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0266.387] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0266.387] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0266.387] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0266.387] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e134) returned 0x0
[0266.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0266.387] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0266.387] LocalFree (hMem=0x11eea28) returned 0x0
[0266.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0266.387] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0266.387] LocalFree (hMem=0x11ee8d8) returned 0x0
[0266.387] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0266.387] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0266.387] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0266.388] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0266.388] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.388] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0266.388] GetCurrentObject (hdc=0xa80107fc, type=0x1) returned 0xb00017
[0266.388] GetCurrentObject (hdc=0xa80107fc, type=0x2) returned 0x900010
[0266.388] GetCurrentObject (hdc=0xa80107fc, type=0x7) returned 0x4a0507fe
[0266.388] GetCurrentObject (hdc=0xa80107fc, type=0x6) returned 0x8a01c2
[0266.388] SaveDC (hdc=0xa80107fc) returned 1
[0266.388] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d0407de
[0266.388] GetClipRgn (hdc=0xa80107fc, hrgn=0x3d0407de) returned 0
[0266.388] SelectClipRgn (hdc=0xa80107fc, hrgn=0xaa040807) returned 2
[0266.388] DeleteObject (ho=0x3d0407de) returned 1
[0266.388] DeleteObject (ho=0xaa040807) returned 1
[0266.389] OffsetViewportOrgEx (in: hdc=0xa80107fc, x=0, y=0, lppt=0x2f20d30 | out: lppt=0x2f20d30) returned 1
[0266.389] IsAppThemed () returned 0x1
[0266.389] GetThemeAppProperties () returned 0x3
[0266.389] GetThemeAppProperties () returned 0x3
[0266.389] GetThemeBackgroundContentRect () returned 0x0
[0266.389] RestoreDC (hdc=0xa80107fc, nSavedDC=-1) returned 1
[0266.389] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107fc) returned 0x0
[0266.389] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0266.389] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0266.389] GdipFillRectangleI (graphics=0x6600030, brush=0x66360a8, x=4, y=4, width=67, height=15) returned 0x0
[0266.389] GdipDeleteBrush (brush=0x66360a8) returned 0x0
[0266.389] IsAppThemed () returned 0x1
[0266.389] GetThemeAppProperties () returned 0x3
[0266.389] GetThemeAppProperties () returned 0x3
[0266.389] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0266.389] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0266.389] GetCurrentObject (hdc=0xa80107fc, type=0x1) returned 0xb00017
[0266.389] GetCurrentObject (hdc=0xa80107fc, type=0x2) returned 0x900010
[0266.389] GetCurrentObject (hdc=0xa80107fc, type=0x7) returned 0x4a0507fe
[0266.389] GetCurrentObject (hdc=0xa80107fc, type=0x6) returned 0x8a01c2
[0266.389] SaveDC (hdc=0xa80107fc) returned 1
[0266.389] GetTextAlign (hdc=0xa80107fc) returned 0x0
[0266.390] GetTextColor (hdc=0xa80107fc) returned 0x0
[0266.390] GetCurrentObject (hdc=0xa80107fc, type=0x6) returned 0x8a01c2
[0266.390] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0266.390] SelectObject (hdc=0xa80107fc, h=0x6d0a0520) returned 0x8a01c2
[0266.390] GetBkMode (hdc=0xa80107fc) returned 2
[0266.390] SetBkMode (hdc=0xa80107fc, mode=1) returned 2
[0266.390] DrawTextExW (in: hdc=0xa80107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2f210f4 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0266.390] DrawTextExW (in: hdc=0xa80107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2f210f4 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0266.390] RestoreDC (hdc=0xa80107fc, nSavedDC=-1) returned 1
[0266.391] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107fc) returned 0x0
[0266.391] GetFocus () returned 0x602c4
[0266.391] IsAppThemed () returned 0x1
[0266.391] GetThemeAppProperties () returned 0x3
[0266.391] GetThemeAppProperties () returned 0x3
[0266.391] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0266.391] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xa80107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.391] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107fc) returned 0x0
[0266.391] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.391] SelectObject (hdc=0xa80107fc, h=0x85000f) returned 0x4a0507fe
[0266.391] DeleteDC (hdc=0xa80107fc) returned 1
[0266.391] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.391] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0266.392] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2f211f0, cPoints=0x1 | out: lpPoints=0x2f211f0) returned 40304859
[0266.392] WindowFromPoint (Point=0xf6) returned 0x602c4
[0266.392] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00f6) returned 0x1
[0266.392] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0266.392] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0266.392] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0266.392] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0266.392] GetSystemMetrics (nIndex=42) returned 0
[0266.392] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0266.392] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0266.393] GetCapture () returned 0x602c4
[0266.394] ReleaseCapture () returned 1
[0266.394] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0266.394] GetProcessWindowStation () returned 0x13c
[0266.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.394] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0266.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.394] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0266.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0266.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0266.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0266.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0266.395] GetDC (hWnd=0x0) returned 0x10105d6
[0266.396] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0266.396] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0266.396] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.396] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0266.396] GetSystemMetrics (nIndex=5) returned 1
[0266.396] GetSystemMetrics (nIndex=6) returned 1
[0266.396] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.396] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0266.397] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.397] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0266.400] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0266.400] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0266.400] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.400] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0266.400] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.400] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0266.401] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2f26c0c | out: lpData=0x2f26c0c) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f2701c, puLen=0xd7e810) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26cc4, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26d18, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26d98, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26e00, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26e40, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26ec8, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26f04, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26f5c, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26f8c, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f26fc8, puLen=0xd7e790) returned 1
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f2701c, puLen=0xd7e784) returned 1
[0266.402] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.402] VerQueryValueW (in: pBlock=0x2f26c0c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f26c34, puLen=0xd7e794) returned 1
[0266.403] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0266.403] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0266.403] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.403] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0266.403] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.403] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0266.403] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2f28b7c | out: lpData=0x2f28b7c) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f28c18, puLen=0xd7e810) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28c90, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28cc0, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28cfc, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28d2c, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28d74, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28dec, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28e30, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28e70, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28c6e, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f28dbc, puLen=0xd7e790) returned 1
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f28c18, puLen=0xd7e784) returned 1
[0266.404] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0266.404] VerQueryValueW (in: pBlock=0x2f28b7c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f28ba4, puLen=0xd7e794) returned 1
[0266.405] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0266.405] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0266.405] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.405] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0266.405] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.405] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0266.406] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2f2ae54 | out: lpData=0x2f2ae54) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f2b268, puLen=0xd7e810) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2af0c, puLen=0xd7e790) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2af60, puLen=0xd7e790) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2afbc, puLen=0xd7e790) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2b01c, puLen=0xd7e790) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2b074, puLen=0xd7e790) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2b0fc, puLen=0xd7e790) returned 1
[0266.406] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2b150, puLen=0xd7e790) returned 1
[0266.407] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2b1a8, puLen=0xd7e790) returned 1
[0266.407] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2b1d8, puLen=0xd7e790) returned 1
[0266.407] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.407] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2b214, puLen=0xd7e790) returned 1
[0266.407] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.407] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f2b268, puLen=0xd7e784) returned 1
[0266.407] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.407] VerQueryValueW (in: pBlock=0x2f2ae54, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f2ae7c, puLen=0xd7e794) returned 1
[0266.408] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0266.408] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0266.408] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.408] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0266.408] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.408] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0266.409] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2f2d48c | out: lpData=0x2f2d48c) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f2d88c, puLen=0xd7e810) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d544, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d598, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d5d8, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d640, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d698, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d720, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d774, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d7cc, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d7fc, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2d838, puLen=0xd7e790) returned 1
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f2d88c, puLen=0xd7e784) returned 1
[0266.410] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.410] VerQueryValueW (in: pBlock=0x2f2d48c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f2d4b4, puLen=0xd7e794) returned 1
[0266.411] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0266.411] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0266.411] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.411] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0266.411] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.411] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0266.412] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2f2fbc8 | out: lpData=0x2f2fbc8) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f2ff90, puLen=0xd7e810) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fc80, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fcd4, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fd14, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fd7c, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fdb8, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fe40, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fe78, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2fed0, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2ff00, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f2ff3c, puLen=0xd7e790) returned 1
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.413] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f2ff90, puLen=0xd7e784) returned 1
[0266.413] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.414] VerQueryValueW (in: pBlock=0x2f2fbc8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f2fbf0, puLen=0xd7e794) returned 1
[0266.414] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0266.414] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0266.414] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.415] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0266.415] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.415] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0266.415] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2f33230 | out: lpData=0x2f33230) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f33610, puLen=0xd7e810) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f332e8, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3333c, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3337c, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f333dc, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f33428, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f334b0, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f334f8, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f33550, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f33580, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f335bc, puLen=0xd7e790) returned 1
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.416] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f33610, puLen=0xd7e784) returned 1
[0266.416] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.417] VerQueryValueW (in: pBlock=0x2f33230, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f33258, puLen=0xd7e794) returned 1
[0266.418] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0266.418] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0266.418] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.418] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0266.418] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.418] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0266.419] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2f35a50 | out: lpData=0x2f35a50) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f35e5c, puLen=0xd7e810) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35b08, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35b5c, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35bb0, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35c10, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35c68, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35cf0, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35d44, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35d9c, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35dcc, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f35e08, puLen=0xd7e790) returned 1
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.420] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f35e5c, puLen=0xd7e784) returned 1
[0266.421] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.421] VerQueryValueW (in: pBlock=0x2f35a50, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f35a78, puLen=0xd7e794) returned 1
[0266.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0266.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0266.421] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.421] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0266.422] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.422] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0266.422] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2f38264 | out: lpData=0x2f38264) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f3863c, puLen=0xd7e810) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3831c, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f38370, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f383b0, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f38418, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3845c, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f384e4, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f38524, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3857c, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f385ac, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f385e8, puLen=0xd7e790) returned 1
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f3863c, puLen=0xd7e784) returned 1
[0266.423] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.423] VerQueryValueW (in: pBlock=0x2f38264, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f3828c, puLen=0xd7e794) returned 1
[0266.424] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0266.424] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0266.424] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.424] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0266.424] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.424] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0266.425] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2f3a7bc | out: lpData=0x2f3a7bc) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f3ab94, puLen=0xd7e810) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3a874, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3a8c8, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3a908, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3a970, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3a9b4, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3aa3c, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3aa7c, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3aad4, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3ab04, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3ab40, puLen=0xd7e790) returned 1
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f3ab94, puLen=0xd7e784) returned 1
[0266.426] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.426] VerQueryValueW (in: pBlock=0x2f3a7bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f3a7e4, puLen=0xd7e794) returned 1
[0266.427] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0266.427] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0266.427] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0266.427] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0266.427] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0266.427] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0266.428] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2f3cef4 | out: lpData=0x2f3cef4) returned 1
[0266.428] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2f3d324, puLen=0xd7e810) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3cfac, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d000, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d070, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d0d0, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d12c, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d1b4, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d20c, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d264, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d294, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2f3d2d0, puLen=0xd7e790) returned 1
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2f3d324, puLen=0xd7e784) returned 1
[0266.429] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0266.429] VerQueryValueW (in: pBlock=0x2f3cef4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2f3cf1c, puLen=0xd7e794) returned 1
[0266.429] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0266.430] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.430] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0266.430] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.430] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.430] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2302c8
[0266.431] SetWindowLongW (hWnd=0x2302c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0266.431] GetWindowLongW (hWnd=0x2302c8, nIndex=-4) returned 1950089536
[0266.431] SetWindowLongW (hWnd=0x2302c8, nIndex=-4, dwNewLong=19951110) returned 1950089536
[0266.432] GetWindowLongW (hWnd=0x2302c8, nIndex=-4) returned 19951110
[0266.432] GetWindowLongW (hWnd=0x2302c8, nIndex=-16) returned 113311744
[0266.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0266.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0266.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0266.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0266.433] GetClientRect (in: hWnd=0x2302c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0266.433] GetWindowRect (in: hWnd=0x2302c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0266.433] SetWindowTextW (hWnd=0x2302c8, lpString="WindowsFormsParkingWindow") returned 1
[0266.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0xc, wParam=0x0, lParam=0x2f024a4) returned 0x1
[0266.433] GetParent (hWnd=0x2302c8) returned 0x0
[0266.434] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.434] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2302c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c00ea
[0266.434] SetWindowLongW (hWnd=0x2c00ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0266.434] GetWindowLongW (hWnd=0x2c00ea, nIndex=-4) returned 1868147648
[0266.434] SetWindowLongW (hWnd=0x2c00ea, nIndex=-4, dwNewLong=19951910) returned 1868147648
[0266.435] GetWindowLongW (hWnd=0x2c00ea, nIndex=-4) returned 19951910
[0266.435] GetWindowLongW (hWnd=0x2c00ea, nIndex=-16) returned 1174405133
[0266.435] GetWindowLongW (hWnd=0x2c00ea, nIndex=-12) returned 0
[0266.435] SetWindowLongW (hWnd=0x2c00ea, nIndex=-12, dwNewLong=2883818) returned 0
[0266.435] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0266.435] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0266.435] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0266.436] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0266.436] GetWindowRect (in: hWnd=0x2c00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0266.436] GetParent (hWnd=0x2c00ea) returned 0x2302c8
[0266.436] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302c8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0266.436] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0266.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0266.437] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0266.437] GetWindowRect (in: hWnd=0x2c00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0266.437] GetParent (hWnd=0x2c00ea) returned 0x2302c8
[0266.437] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302c8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0266.437] SendMessageW (hWnd=0x2c00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2c00ea) returned 0x0
[0266.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2c00ea) returned 0x0
[0266.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.437] GetParent (hWnd=0x2c00ea) returned 0x2302c8
[0266.437] GdipCreateFromHWND (hwnd=0x2c00ea, graphics=0xd7e844) returned 0x0
[0266.437] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0266.438] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.438] GetForegroundWindow () returned 0x7005c
[0266.438] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.438] GetSystemMetrics (nIndex=42) returned 0
[0266.438] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0266.438] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.438] GetSystemMetrics (nIndex=42) returned 0
[0266.438] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.438] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0266.439] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.439] GetCursorPos (in: lpPoint=0x2f41378 | out: lpPoint=0x2f41378*(x=246, y=619)) returned 1
[0266.439] MonitorFromPoint (pt=0xf6, dwFlags=0x26b) returned 0x10001
[0266.439] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0266.439] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xab0107fc
[0266.439] GetDeviceCaps (hdc=0xab0107fc, index=12) returned 32
[0266.439] GetDeviceCaps (hdc=0xab0107fc, index=14) returned 1
[0266.439] DeleteDC (hdc=0xab0107fc) returned 1
[0266.439] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0266.439] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0266.439] GetSystemMetrics (nIndex=59) returned 1460
[0266.439] GetSystemMetrics (nIndex=60) returned 920
[0266.439] GetSystemMetrics (nIndex=34) returned 136
[0266.439] GetSystemMetrics (nIndex=35) returned 39
[0266.440] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.440] GetCursorPos (in: lpPoint=0x2f415e4 | out: lpPoint=0x2f415e4*(x=246, y=619)) returned 1
[0266.440] MonitorFromPoint (pt=0xf8, dwFlags=0x26a) returned 0x10001
[0266.440] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0266.440] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xac0107fc
[0266.440] GetDeviceCaps (hdc=0xac0107fc, index=12) returned 32
[0266.440] GetDeviceCaps (hdc=0xac0107fc, index=14) returned 1
[0266.440] DeleteDC (hdc=0xac0107fc) returned 1
[0266.440] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0266.440] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0266.441] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.441] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0266.441] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2f4187c | out: piconinfo=0x2f4187c) returned 1
[0266.441] GetObjectW (in: h=0xfa0507f8, c=24, pv=0x2f41898 | out: pv=0x2f41898) returned 24
[0266.441] GdipCreateBitmapFromHBITMAP (hbm=0xfa0507f8, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0266.441] GdipGetImageWidth (image=0x6603ac0, width=0xd7e750) returned 0x0
[0266.441] GdipGetImageHeight (image=0x6603ac0, height=0xd7e748) returned 0x0
[0266.441] GdipGetImagePixelFormat (image=0x6603ac0, format=0xd7e740) returned 0x0
[0266.441] GdipBitmapLockBits (bitmap=0x6603ac0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2f41950) returned 0x0
[0266.441] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0266.442] GdipBitmapLockBits (bitmap=0x6604150, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2f41988) returned 0x0
[0266.442] RtlMoveMemory (in: Destination=0x6664f78, Source=0x665fec8, Length=0x80 | out: Destination=0x6664f78)
[0266.442] RtlMoveMemory (in: Destination=0x6664ff8, Source=0x665fe48, Length=0x80 | out: Destination=0x6664ff8)
[0266.442] RtlMoveMemory (in: Destination=0x6665078, Source=0x665fdc8, Length=0x80 | out: Destination=0x6665078)
[0266.442] RtlMoveMemory (in: Destination=0x66650f8, Source=0x665fd48, Length=0x80 | out: Destination=0x66650f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665178, Source=0x665fcc8, Length=0x80 | out: Destination=0x6665178)
[0266.442] RtlMoveMemory (in: Destination=0x66651f8, Source=0x665fc48, Length=0x80 | out: Destination=0x66651f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665278, Source=0x665fbc8, Length=0x80 | out: Destination=0x6665278)
[0266.442] RtlMoveMemory (in: Destination=0x66652f8, Source=0x665fb48, Length=0x80 | out: Destination=0x66652f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665378, Source=0x665fac8, Length=0x80 | out: Destination=0x6665378)
[0266.442] RtlMoveMemory (in: Destination=0x66653f8, Source=0x665fa48, Length=0x80 | out: Destination=0x66653f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665478, Source=0x665f9c8, Length=0x80 | out: Destination=0x6665478)
[0266.442] RtlMoveMemory (in: Destination=0x66654f8, Source=0x665f948, Length=0x80 | out: Destination=0x66654f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665578, Source=0x665f8c8, Length=0x80 | out: Destination=0x6665578)
[0266.442] RtlMoveMemory (in: Destination=0x66655f8, Source=0x665f848, Length=0x80 | out: Destination=0x66655f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665678, Source=0x665f7c8, Length=0x80 | out: Destination=0x6665678)
[0266.442] RtlMoveMemory (in: Destination=0x66656f8, Source=0x665f748, Length=0x80 | out: Destination=0x66656f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665778, Source=0x665f6c8, Length=0x80 | out: Destination=0x6665778)
[0266.442] RtlMoveMemory (in: Destination=0x66657f8, Source=0x665f648, Length=0x80 | out: Destination=0x66657f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665878, Source=0x665f5c8, Length=0x80 | out: Destination=0x6665878)
[0266.442] RtlMoveMemory (in: Destination=0x66658f8, Source=0x665f548, Length=0x80 | out: Destination=0x66658f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665978, Source=0x665f4c8, Length=0x80 | out: Destination=0x6665978)
[0266.442] RtlMoveMemory (in: Destination=0x66659f8, Source=0x665f448, Length=0x80 | out: Destination=0x66659f8)
[0266.442] RtlMoveMemory (in: Destination=0x6665a78, Source=0x665f3c8, Length=0x80 | out: Destination=0x6665a78)
[0266.443] RtlMoveMemory (in: Destination=0x6665af8, Source=0x665f348, Length=0x80 | out: Destination=0x6665af8)
[0266.443] RtlMoveMemory (in: Destination=0x6665b78, Source=0x665f2c8, Length=0x80 | out: Destination=0x6665b78)
[0266.443] RtlMoveMemory (in: Destination=0x6665bf8, Source=0x665f248, Length=0x80 | out: Destination=0x6665bf8)
[0266.443] RtlMoveMemory (in: Destination=0x6665c78, Source=0x665f1c8, Length=0x80 | out: Destination=0x6665c78)
[0266.443] RtlMoveMemory (in: Destination=0x6665cf8, Source=0x665f148, Length=0x80 | out: Destination=0x6665cf8)
[0266.443] RtlMoveMemory (in: Destination=0x6665d78, Source=0x665f0c8, Length=0x80 | out: Destination=0x6665d78)
[0266.443] RtlMoveMemory (in: Destination=0x6665df8, Source=0x665f048, Length=0x80 | out: Destination=0x6665df8)
[0266.443] RtlMoveMemory (in: Destination=0x6665e78, Source=0x665efc8, Length=0x80 | out: Destination=0x6665e78)
[0266.443] RtlMoveMemory (in: Destination=0x6665ef8, Source=0x665ef48, Length=0x80 | out: Destination=0x6665ef8)
[0266.443] GdipBitmapUnlockBits (bitmap=0x6603ac0, lockedBitmapData=0x2f41950) returned 0x0
[0266.443] GdipBitmapUnlockBits (bitmap=0x6604150, lockedBitmapData=0x2f41988) returned 0x0
[0266.443] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0266.443] DeleteObject (ho=0xfa0507f8) returned 1
[0266.443] DeleteObject (ho=0xad0507fc) returned 1
[0266.443] GetCurrentThreadId () returned 0xf50
[0266.443] GetCurrentThreadId () returned 0xf50
[0266.443] SetWindowPos (hWnd=0x2c00ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0266.443] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0266.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0266.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0266.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0266.444] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0266.444] GetWindowRect (in: hWnd=0x2c00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0266.444] GetParent (hWnd=0x2c00ea) returned 0x2302c8
[0266.444] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302c8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0266.444] InvalidateRect (hWnd=0x2c00ea, lpRect=0x0, bErase=1) returned 1
[0266.444] GetWindowTextLengthW (hWnd=0x2c00ea) returned 0
[0266.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0266.444] GetSystemMetrics (nIndex=42) returned 0
[0266.444] GetWindowTextW (in: hWnd=0x2c00ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0266.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0266.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0266.444] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0266.445] GetWindowRect (in: hWnd=0x2c00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0266.445] GetParent (hWnd=0x2c00ea) returned 0x2302c8
[0266.445] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2302c8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0266.445] GetWindowTextLengthW (hWnd=0x2c00ea) returned 0
[0266.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0266.445] GetSystemMetrics (nIndex=42) returned 0
[0266.445] GetWindowTextW (in: hWnd=0x2c00ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0266.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0266.445] GetWindowTextLengthW (hWnd=0x2c00ea) returned 0
[0266.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0266.445] GetSystemMetrics (nIndex=42) returned 0
[0266.445] GetWindowTextW (in: hWnd=0x2c00ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0266.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0266.445] SetWindowTextW (hWnd=0x2c00ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0266.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xc, wParam=0x0, lParam=0x2f227e4) returned 0x1
[0266.445] InvalidateRect (hWnd=0x2c00ea, lpRect=0x0, bErase=1) returned 1
[0266.445] GetCurrentThreadId () returned 0xf50
[0266.445] GetWindowThreadProcessId (in: hWnd=0x2c00ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0266.446] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0266.447] GdipImageForceValidation (image=0x6602da0) returned 0x0
[0266.448] GdipGetImageRawFormat (image=0x6602da0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0266.448] GdipGetImageHeight (image=0x6602da0, height=0xd7e824) returned 0x0
[0266.448] GdipGetImageWidth (image=0x6602da0, width=0xd7e824) returned 0x0
[0266.448] GdipGetImageWidth (image=0x6602da0, width=0xd7e810) returned 0x0
[0266.448] GdipGetImageHeight (image=0x6602da0, height=0xd7e810) returned 0x0
[0266.448] GdipGetImageWidth (image=0x6602da0, width=0xd7e800) returned 0x0
[0266.448] GdipGetImageHeight (image=0x6602da0, height=0xd7e800) returned 0x0
[0266.448] GdipBitmapGetPixel (bitmap=0x6602da0, x=0, y=15, color=0xd7e810) returned 0x0
[0266.448] GdipGetImageRawFormat (image=0x6602da0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0266.448] GdipGetImageWidth (image=0x6602da0, width=0xd7e740) returned 0x0
[0266.448] GdipGetImageHeight (image=0x6602da0, height=0xd7e740) returned 0x0
[0266.448] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0266.448] GdipGetImagePixelFormat (image=0x6603ac0, format=0xd7e740) returned 0x0
[0266.448] GdipGetImageGraphicsContext (image=0x6603ac0, graphics=0xd7e74c) returned 0x0
[0266.448] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0266.448] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0266.449] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0266.449] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602da0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0266.449] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0266.449] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.449] GdipDisposeImage (image=0x6602da0) returned 0x0
[0266.449] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0266.452] GdipImageForceValidation (image=0x6603430) returned 0x0
[0266.453] GdipGetImageRawFormat (image=0x6603430, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0266.453] GdipGetImageHeight (image=0x6603430, height=0xd7e824) returned 0x0
[0266.453] GdipGetImageWidth (image=0x6603430, width=0xd7e824) returned 0x0
[0266.453] GdipGetImageWidth (image=0x6603430, width=0xd7e810) returned 0x0
[0266.453] GdipGetImageHeight (image=0x6603430, height=0xd7e810) returned 0x0
[0266.453] GdipGetImageWidth (image=0x6603430, width=0xd7e800) returned 0x0
[0266.454] GdipGetImageHeight (image=0x6603430, height=0xd7e800) returned 0x0
[0266.454] GdipBitmapGetPixel (bitmap=0x6603430, x=0, y=15, color=0xd7e810) returned 0x0
[0266.454] GdipGetImageRawFormat (image=0x6603430, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0266.454] GdipGetImageWidth (image=0x6603430, width=0xd7e740) returned 0x0
[0266.454] GdipGetImageHeight (image=0x6603430, height=0xd7e740) returned 0x0
[0266.454] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0266.454] GdipGetImagePixelFormat (image=0x6602da0, format=0xd7e740) returned 0x0
[0266.454] GdipGetImageGraphicsContext (image=0x6602da0, graphics=0xd7e74c) returned 0x0
[0266.454] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0266.454] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0266.454] GdipSetImageAttributesColorKeys (imageattr=0x6638b78, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0266.454] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603430, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b78, callback=0x0, callbackData=0x0) returned 0x0
[0266.454] GdipDisposeImageAttributes (imageattr=0x6638b78) returned 0x0
[0266.454] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.454] GdipDisposeImage (image=0x6603430) returned 0x0
[0266.455] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.455] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0266.455] GetCurrentThreadId () returned 0xf50
[0266.455] GetCurrentThreadId () returned 0xf50
[0266.455] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.455] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0266.455] GetCurrentThreadId () returned 0xf50
[0266.455] GetCurrentThreadId () returned 0xf50
[0266.455] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.455] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0266.456] GetCurrentThreadId () returned 0xf50
[0266.456] GetCurrentThreadId () returned 0xf50
[0266.456] GetSystemMetrics (nIndex=5) returned 1
[0266.456] GetSystemMetrics (nIndex=6) returned 1
[0266.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.456] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0266.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.456] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0266.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.456] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0266.456] GetCurrentThreadId () returned 0xf50
[0266.456] GetCurrentThreadId () returned 0xf50
[0266.457] GetProcessWindowStation () returned 0x13c
[0266.457] GetCapture () returned 0x0
[0266.457] GetActiveWindow () returned 0x7005c
[0266.457] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0266.457] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.457] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0266.457] GetCursorPos (in: lpPoint=0x2f42ac8 | out: lpPoint=0x2f42ac8*(x=246, y=619)) returned 1
[0266.457] MonitorFromPoint (pt=0xf6, dwFlags=0x26b) returned 0x10001
[0266.457] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0266.457] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xae0107fc
[0266.457] GetDeviceCaps (hdc=0xae0107fc, index=12) returned 32
[0266.457] GetDeviceCaps (hdc=0xae0107fc, index=14) returned 1
[0266.457] DeleteDC (hdc=0xae0107fc) returned 1
[0266.458] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0266.458] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.458] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2902da
[0266.458] SetWindowLongW (hWnd=0x2902da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0266.458] GetWindowLongW (hWnd=0x2902da, nIndex=-4) returned 1950089536
[0266.459] SetWindowLongW (hWnd=0x2902da, nIndex=-4, dwNewLong=19951150) returned 1950089536
[0266.459] GetWindowLongW (hWnd=0x2902da, nIndex=-4) returned 19951150
[0266.459] GetWindowLongW (hWnd=0x2902da, nIndex=-16) returned 113770496
[0266.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0266.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0266.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0266.460] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0266.461] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0266.461] SetWindowTextW (hWnd=0x2902da, lpString="BB ransomware") returned 1
[0266.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xc, wParam=0x0, lParam=0x2f41264) returned 0x1
[0266.461] GetStartupInfoW (in: lpStartupInfo=0x2f42e04 | out: lpStartupInfo=0x2f42e04*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0266.462] GetParent (hWnd=0x2902da) returned 0x0
[0266.462] SetWindowLongW (hWnd=0x2902da, nIndex=-8, dwNewLong=0) returned 0
[0266.463] SendMessageW (hWnd=0x2902da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0266.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0266.463] SendMessageW (hWnd=0x2902da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0266.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0266.463] GetSystemMenu (hWnd=0x2902da, bRevert=0) returned 0x5c02b9
[0266.464] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0266.464] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0266.464] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0266.464] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0266.464] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0266.464] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0266.464] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0266.464] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0266.464] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0266.464] SetWindowPos (hWnd=0x2902da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0266.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0266.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2902da) returned 0x1
[0266.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0266.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0266.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0266.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0266.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0266.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2902da, lParam=0x0) returned 0x0
[0266.471] GetCapture () returned 0x0
[0266.471] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0266.471] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0266.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0266.474] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0266.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0266.474] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0266.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0266.475] GetParent (hWnd=0x2902da) returned 0x0
[0266.475] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0266.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0266.477] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0266.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0266.477] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0266.477] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0266.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0266.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0266.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0266.479] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.479] GetWindowLongW (hWnd=0x2902da, nIndex=-16) returned 113770496
[0266.479] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.479] GetSystemMetrics (nIndex=42) returned 0
[0266.479] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0266.479] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.479] GetSystemMetrics (nIndex=42) returned 0
[0266.480] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0266.480] GetCursorPos (in: lpPoint=0x2f43040 | out: lpPoint=0x2f43040*(x=246, y=619)) returned 1
[0266.480] MonitorFromPoint (pt=0xf7, dwFlags=0x26e) returned 0x10001
[0266.480] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0266.480] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x580107d3
[0266.480] GetDeviceCaps (hdc=0x580107d3, index=12) returned 32
[0266.480] GetDeviceCaps (hdc=0x580107d3, index=14) returned 1
[0266.480] DeleteDC (hdc=0x580107d3) returned 1
[0266.480] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0266.481] GetWindowLongW (hWnd=0x2902da, nIndex=-16) returned 113770496
[0266.481] GetWindowLongW (hWnd=0x2902da, nIndex=-20) returned 327945
[0266.481] SetWindowLongW (hWnd=0x2902da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0266.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0266.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0266.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0266.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0266.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0266.486] SetWindowLongW (hWnd=0x2902da, nIndex=-20, dwNewLong=327681) returned 327945
[0266.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0266.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0266.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0266.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0266.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0266.488] SetWindowPos (hWnd=0x2902da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0266.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0266.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0266.488] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0266.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0266.488] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0266.488] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0266.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0266.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0266.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0266.490] RedrawWindow (hWnd=0x2902da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0266.490] GetSystemMenu (hWnd=0x2902da, bRevert=0) returned 0x5c02b9
[0266.490] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0266.490] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0266.490] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0266.490] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0266.490] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0266.490] EnableMenuItem (hMenu=0x5c02b9, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0266.490] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0266.490] GetWindowLongW (hWnd=0x2902da, nIndex=-8) returned 0
[0266.490] SetWindowLongW (hWnd=0x2902da, nIndex=-8, dwNewLong=458844) returned 0
[0266.491] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0266.491] GetProcessWindowStation () returned 0x13c
[0266.492] GetCurrentThreadId () returned 0xf50
[0266.492] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306ef6, lParam=0x0) returned 1
[0266.492] IsWindowVisible (hWnd=0x2902da) returned 0
[0266.492] IsWindowVisible (hWnd=0x7005c) returned 1
[0266.492] IsWindowEnabled (hWnd=0x7005c) returned 1
[0266.492] IsWindowVisible (hWnd=0x300ec) returned 0
[0266.492] IsWindowVisible (hWnd=0x502c6) returned 0
[0266.492] IsWindowVisible (hWnd=0x502be) returned 0
[0266.493] GetActiveWindow () returned 0x2902da
[0266.493] GetFocus () returned 0x2902da
[0266.493] IsWindow (hWnd=0x7005c) returned 1
[0266.493] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0266.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0266.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0266.493] GetWindowLongW (hWnd=0x2902da, nIndex=-8) returned 458844
[0266.493] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0266.493] GetCurrentThreadId () returned 0xf50
[0266.493] GetWindowLongW (hWnd=0x2902da, nIndex=-8) returned 458844
[0266.493] IsWindowEnabled (hWnd=0x7005c) returned 0
[0266.493] IsWindowEnabled (hWnd=0x2902da) returned 1
[0266.493] ShowWindow (hWnd=0x2902da, nCmdShow=5) returned 0
[0266.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.494] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0266.494] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.494] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.494] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2902dc
[0266.495] SetWindowLongW (hWnd=0x2902dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0266.495] GetWindowLongW (hWnd=0x2902dc, nIndex=-4) returned 1950089536
[0266.495] SetWindowLongW (hWnd=0x2902dc, nIndex=-4, dwNewLong=19951430) returned 1950089536
[0266.495] GetWindowLongW (hWnd=0x2902dc, nIndex=-4) returned 19951430
[0266.495] GetWindowLongW (hWnd=0x2902dc, nIndex=-16) returned 1174405120
[0266.495] GetWindowLongW (hWnd=0x2902dc, nIndex=-12) returned 0
[0266.495] SetWindowLongW (hWnd=0x2902dc, nIndex=-12, dwNewLong=2687708) returned 0
[0266.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0266.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0266.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0266.496] GetWindow (hWnd=0x2902dc, uCmd=0x3) returned 0x0
[0266.496] GetClientRect (in: hWnd=0x2902dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0266.496] GetWindowRect (in: hWnd=0x2902dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0266.496] GetParent (hWnd=0x2902dc) returned 0x2902da
[0266.496] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0266.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0266.497] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0266.497] GetClientRect (in: hWnd=0x2902dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0266.497] GetWindowRect (in: hWnd=0x2902dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0266.497] GetParent (hWnd=0x2902dc) returned 0x2902da
[0266.497] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0266.497] SendMessageW (hWnd=0x2902dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2902dc) returned 0x0
[0266.497] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2902dc) returned 0x0
[0266.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.504] GetParent (hWnd=0x2902dc) returned 0x2902da
[0266.504] GetParent (hWnd=0x2c00ea) returned 0x2302c8
[0266.504] SetParent (hWndChild=0x2c00ea, hWndNewParent=0x2902da) returned 0x2302c8
[0266.504] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0266.505] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0266.505] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0266.505] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0266.505] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0266.505] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0266.506] GetWindowRect (in: hWnd=0x2c00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0266.506] GetParent (hWnd=0x2c00ea) returned 0x2902da
[0266.506] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0266.506] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0266.506] GetWindowRect (in: hWnd=0x2c00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0266.506] GetParent (hWnd=0x2c00ea) returned 0x2902da
[0266.506] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0266.506] GetParent (hWnd=0x2c00ea) returned 0x2902da
[0266.506] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.506] GetWindow (hWnd=0x2c00ea, uCmd=0x3) returned 0x0
[0266.506] SetWindowPos (hWnd=0x2c00ea, hWndInsertAfter=0x2902dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0266.506] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0266.507] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0266.507] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0266.507] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0266.507] GetWindowRect (in: hWnd=0x2c00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0266.507] GetParent (hWnd=0x2c00ea) returned 0x2902da
[0266.507] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0266.507] GetParent (hWnd=0x2c00ea) returned 0x2902da
[0266.507] GetWindow (hWnd=0x2c00ea, uCmd=0x3) returned 0x2902dc
[0266.507] GetWindowThreadProcessId (in: hWnd=0x2c00ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0266.507] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0266.507] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.508] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.508] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b02d8
[0266.508] SetWindowLongW (hWnd=0x2b02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0266.508] GetWindowLongW (hWnd=0x2b02d8, nIndex=-4) returned 1868032000
[0266.508] SetWindowLongW (hWnd=0x2b02d8, nIndex=-4, dwNewLong=19951470) returned 1868032000
[0266.509] GetWindowLongW (hWnd=0x2b02d8, nIndex=-4) returned 19951470
[0266.509] GetWindowLongW (hWnd=0x2b02d8, nIndex=-16) returned 1174470667
[0266.509] GetWindowLongW (hWnd=0x2b02d8, nIndex=-12) returned 0
[0266.509] SetWindowLongW (hWnd=0x2b02d8, nIndex=-12, dwNewLong=2818776) returned 0
[0266.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0266.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0266.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0266.510] SendMessageW (hWnd=0x2b02d8, Msg=0x2055, wParam=0x2b02d8, lParam=0x3) returned 0x2
[0266.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0266.510] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0266.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0266.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0266.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0266.511] RedrawWindow (hWnd=0x2902dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0266.511] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0266.511] RedrawWindow (hWnd=0x2c00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0266.511] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0266.511] RedrawWindow (hWnd=0x2b02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0266.511] RedrawWindow (hWnd=0x2902da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0266.511] GetWindow (hWnd=0x2b02d8, uCmd=0x3) returned 0x2c00ea
[0266.512] GetClientRect (in: hWnd=0x2b02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0266.512] GetWindowRect (in: hWnd=0x2b02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0266.512] GetParent (hWnd=0x2b02d8) returned 0x2902da
[0266.512] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0266.512] SetWindowTextW (hWnd=0x2b02d8, lpString="&Details") returned 1
[0266.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0xc, wParam=0x0, lParam=0x2c33538) returned 0x1
[0266.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0266.513] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0266.513] GetClientRect (in: hWnd=0x2b02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0266.513] GetWindowRect (in: hWnd=0x2b02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0266.513] GetParent (hWnd=0x2b02d8) returned 0x2902da
[0266.513] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0266.513] SendMessageW (hWnd=0x2b02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2b02d8) returned 0x0
[0266.513] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2b02d8) returned 0x0
[0266.513] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.513] GetParent (hWnd=0x2b02d8) returned 0x2902da
[0266.513] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0266.514] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.514] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.514] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2902de
[0266.514] SetWindowLongW (hWnd=0x2902de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0266.514] GetWindowLongW (hWnd=0x2902de, nIndex=-4) returned 1868032000
[0266.515] SetWindowLongW (hWnd=0x2902de, nIndex=-4, dwNewLong=19951710) returned 1868032000
[0266.515] GetWindowLongW (hWnd=0x2902de, nIndex=-4) returned 19951710
[0266.515] GetWindowLongW (hWnd=0x2902de, nIndex=-16) returned 1174470667
[0266.515] GetWindowLongW (hWnd=0x2902de, nIndex=-12) returned 0
[0266.515] SetWindowLongW (hWnd=0x2902de, nIndex=-12, dwNewLong=2687710) returned 0
[0266.515] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0266.515] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0266.516] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0266.516] SendMessageW (hWnd=0x2902de, Msg=0x2055, wParam=0x2902de, lParam=0x3) returned 0x2
[0266.516] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0266.516] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0266.516] GetWindow (hWnd=0x2902de, uCmd=0x3) returned 0x2b02d8
[0266.516] GetClientRect (in: hWnd=0x2902de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0266.516] GetWindowRect (in: hWnd=0x2902de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0266.517] GetParent (hWnd=0x2902de) returned 0x2902da
[0266.517] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0266.517] SetWindowTextW (hWnd=0x2902de, lpString="&Continue") returned 1
[0266.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0xc, wParam=0x0, lParam=0x2c334b8) returned 0x1
[0266.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0266.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0266.517] GetClientRect (in: hWnd=0x2902de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0266.517] GetWindowRect (in: hWnd=0x2902de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0266.517] GetParent (hWnd=0x2902de) returned 0x2902da
[0266.517] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0266.517] SendMessageW (hWnd=0x2902de, Msg=0x2210, wParam=0x2de0001, lParam=0x2902de) returned 0x0
[0266.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x2210, wParam=0x2de0001, lParam=0x2902de) returned 0x0
[0266.518] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.518] GetParent (hWnd=0x2902de) returned 0x2902da
[0266.518] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0266.518] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.518] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.518] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1e02d0
[0266.519] SetWindowLongW (hWnd=0x1e02d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0266.519] GetWindowLongW (hWnd=0x1e02d0, nIndex=-4) returned 1868032000
[0266.520] SetWindowLongW (hWnd=0x1e02d0, nIndex=-4, dwNewLong=19951510) returned 1868032000
[0266.520] GetWindowLongW (hWnd=0x1e02d0, nIndex=-4) returned 19951510
[0266.520] GetWindowLongW (hWnd=0x1e02d0, nIndex=-16) returned 1174470667
[0266.520] GetWindowLongW (hWnd=0x1e02d0, nIndex=-12) returned 0
[0266.520] SetWindowLongW (hWnd=0x1e02d0, nIndex=-12, dwNewLong=1966800) returned 0
[0266.520] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0266.520] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0266.521] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0266.521] SendMessageW (hWnd=0x1e02d0, Msg=0x2055, wParam=0x1e02d0, lParam=0x3) returned 0x2
[0266.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0266.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0266.522] GetWindow (hWnd=0x1e02d0, uCmd=0x3) returned 0x2902de
[0266.522] GetClientRect (in: hWnd=0x1e02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0266.522] GetWindowRect (in: hWnd=0x1e02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0266.522] GetParent (hWnd=0x1e02d0) returned 0x2902da
[0266.522] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0266.522] SetWindowTextW (hWnd=0x1e02d0, lpString="&Quit") returned 1
[0266.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0xc, wParam=0x0, lParam=0x2c334e8) returned 0x1
[0266.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0266.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0266.522] GetClientRect (in: hWnd=0x1e02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0266.522] GetWindowRect (in: hWnd=0x1e02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0266.522] GetParent (hWnd=0x1e02d0) returned 0x2902da
[0266.522] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0266.523] SendMessageW (hWnd=0x1e02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1e02d0) returned 0x0
[0266.523] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x1e02d0) returned 0x0
[0266.523] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.523] GetParent (hWnd=0x1e02d0) returned 0x2902da
[0266.523] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0266.523] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.524] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0266.524] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2902da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f02ce
[0266.524] SetWindowLongW (hWnd=0x1f02ce, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0266.524] GetWindowLongW (hWnd=0x1f02ce, nIndex=-4) returned 1868026976
[0266.524] SetWindowLongW (hWnd=0x1f02ce, nIndex=-4, dwNewLong=19951550) returned 1868026976
[0266.524] GetWindowLongW (hWnd=0x1f02ce, nIndex=-4) returned 19951550
[0266.524] GetWindowLongW (hWnd=0x1f02ce, nIndex=-16) returned 1177553092
[0266.524] GetWindowLongW (hWnd=0x1f02ce, nIndex=-12) returned 0
[0266.525] SetWindowLongW (hWnd=0x1f02ce, nIndex=-12, dwNewLong=2032334) returned 0
[0266.525] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0266.525] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0266.526] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0266.541] GetWindow (hWnd=0x1f02ce, uCmd=0x3) returned 0x1e02d0
[0266.542] GetClientRect (in: hWnd=0x1f02ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0266.542] GetWindowRect (in: hWnd=0x1f02ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0266.542] GetParent (hWnd=0x1f02ce) returned 0x2902da
[0266.542] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0266.542] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.542] GetSystemMetrics (nIndex=42) returned 0
[0266.542] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0266.542] SendMessageW (hWnd=0x1f02ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0266.542] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0266.551] SetWindowTextW (hWnd=0x1f02ce, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0266.551] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0xc, wParam=0x0, lParam=0x2f3ec4c) returned 0x1
[0266.552] GetSystemMetrics (nIndex=5) returned 1
[0266.552] GetSystemMetrics (nIndex=6) returned 1
[0266.553] SendMessageW (hWnd=0x1f02ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0266.553] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0266.553] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0266.554] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0266.554] GetClientRect (in: hWnd=0x1f02ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0266.554] GetWindowRect (in: hWnd=0x1f02ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0266.554] GetParent (hWnd=0x1f02ce) returned 0x2902da
[0266.554] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0266.554] SendMessageW (hWnd=0x1f02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1f02ce) returned 0x0
[0266.554] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x1f02ce) returned 0x0
[0266.554] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0266.554] GetParent (hWnd=0x1f02ce) returned 0x2902da
[0266.554] GetWindowLongW (hWnd=0x2902da, nIndex=-8) returned 458844
[0266.554] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0266.554] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0266.555] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8c0107f2
[0266.555] GetDeviceCaps (hdc=0x8c0107f2, index=12) returned 32
[0266.555] GetDeviceCaps (hdc=0x8c0107f2, index=14) returned 1
[0266.555] DeleteDC (hdc=0x8c0107f2) returned 1
[0266.555] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0266.555] GetWindowThreadProcessId (in: hWnd=0x2902da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0266.555] GetCurrentThreadId () returned 0xf50
[0266.555] PostMessageW (hWnd=0x2902da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0266.555] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.555] GetSystemMetrics (nIndex=42) returned 0
[0266.555] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0266.555] GdipImageGetFrameDimensionsCount (image=0x6604150, count=0xd7e25c) returned 0x0
[0266.555] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12016a0
[0266.555] GdipImageGetFrameDimensionsList (image=0x6604150, dimensionIDs=0x12016a0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0266.555] LocalFree (hMem=0x12016a0) returned 0x0
[0266.556] GdipImageGetFrameDimensionsCount (image=0x6603ac0, count=0xd7e250) returned 0x0
[0266.556] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201670
[0266.556] GdipImageGetFrameDimensionsList (image=0x6603ac0, dimensionIDs=0x1201670*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0266.556] LocalFree (hMem=0x1201670) returned 0x0
[0266.556] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0266.556] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0266.556] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0266.566] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0266.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0266.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0266.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0266.569] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0266.569] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0266.569] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.569] GetSystemMetrics (nIndex=42) returned 0
[0266.569] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0266.569] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0266.569] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0266.569] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0266.569] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0xffffffff820507e6
[0266.569] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0266.569] SaveDC (hdc=0x60100ce) returned 1
[0266.569] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0266.569] CreateSolidBrush (color=0xf0f0f0) returned 0xde1007e1
[0266.569] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0xde1007e1) returned 1
[0266.570] DeleteObject (ho=0xde1007e1) returned 1
[0266.570] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0266.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0266.570] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0266.570] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0266.570] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0266.570] GetStockObject (i=5) returned 0x900015
[0266.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0266.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0266.571] GetStockObject (i=5) returned 0x900015
[0266.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0266.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0266.571] GetStockObject (i=5) returned 0x900015
[0266.571] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0266.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0266.571] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0266.571] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0266.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0266.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0266.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0266.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0266.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0266.573] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0266.573] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0266.573] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0266.573] InvalidateRect (hWnd=0x2b02d8, lpRect=0x0, bErase=0) returned 1
[0266.573] GetFocus () returned 0x2902da
[0266.573] GetFocus () returned 0x2902da
[0266.574] SetFocus (hWnd=0x2b02d8) returned 0x2902da
[0266.574] GetFocus () returned 0x2b02d8
[0266.574] IsChild (hWndParent=0x2902da, hWnd=0x2b02d8) returned 1
[0266.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x8, wParam=0x2b02d8, lParam=0x0) returned 0x0
[0266.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0266.576] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0266.578] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0266.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x7, wParam=0x2902da, lParam=0x0) returned 0x0
[0266.578] GetStockObject (i=5) returned 0x900015
[0266.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0266.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0266.578] GetDlgItem (hDlg=0x2902da, nIDDlgItem=2818776) returned 0x2b02d8
[0266.578] SendMessageW (hWnd=0x2b02d8, Msg=0x202b, wParam=0x2b02d8, lParam=0xd7e0dc) returned 0x0
[0266.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x202b, wParam=0x2b02d8, lParam=0xd7e0dc) returned 0x0
[0266.578] InvalidateRect (hWnd=0x2b02d8, lpRect=0x0, bErase=0) returned 1
[0266.580] GetFocus () returned 0x2b02d8
[0266.580] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.580] IsWindowUnicode (hWnd=0x2902da) returned 1
[0266.580] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.580] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.580] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.580] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0266.580] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.581] IsWindowUnicode (hWnd=0x2902da) returned 1
[0266.581] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.581] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.581] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0266.581] IsWindowUnicode (hWnd=0x2902da) returned 1
[0266.581] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.581] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.581] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.582] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.582] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.582] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.582] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.582] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0266.582] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0266.582] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.582] IsWindowUnicode (hWnd=0x2902da) returned 1
[0266.582] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.582] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.582] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.583] BeginPaint (in: hWnd=0x2902da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0266.583] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.583] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.583] GetSystemMetrics (nIndex=42) returned 0
[0266.583] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0266.583] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.583] EndPaint (hWnd=0x2902da, lpPaint=0xd7e274) returned 1
[0266.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.583] IsWindowUnicode (hWnd=0x2902dc) returned 1
[0266.583] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.583] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.583] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.583] BeginPaint (in: hWnd=0x2902dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0266.584] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.584] CreateCompatibleDC (hdc=0x107b9) returned 0x4c010173
[0266.584] SelectObject (hdc=0x4c010173, h=0x4a0507fe) returned 0x85000f
[0266.584] GdipCreateFromHDC (hdc=0x4c010173, graphics=0xd7e2b0) returned 0x0
[0266.584] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.584] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0266.584] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0266.584] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0266.584] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e310) returned 0x0
[0266.584] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.584] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0266.584] LocalFree (hMem=0x11ee788) returned 0x0
[0266.584] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0266.584] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0266.584] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0266.584] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0266.584] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0266.585] GetWindowTextLengthW (hWnd=0x2902dc) returned 0
[0266.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0266.585] GetSystemMetrics (nIndex=42) returned 0
[0266.585] GetWindowTextW (in: hWnd=0x2902dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0266.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0266.585] GetClientRect (in: hWnd=0x2902dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0266.585] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0266.585] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0266.585] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0266.585] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0266.585] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e164) returned 0x0
[0266.585] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.585] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0266.585] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.585] GdipCombineRegionRegion (region=0x6645cf8, region2=0x66452d8, combineMode=0x1) returned 0x0
[0266.585] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.585] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0266.585] LocalFree (hMem=0x11ee788) returned 0x0
[0266.585] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0266.585] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0266.586] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0266.586] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0266.586] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.586] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0266.586] GetCurrentObject (hdc=0x4c010173, type=0x1) returned 0xb00017
[0266.586] GetCurrentObject (hdc=0x4c010173, type=0x2) returned 0x900010
[0266.586] GetCurrentObject (hdc=0x4c010173, type=0x7) returned 0x4a0507fe
[0266.586] GetCurrentObject (hdc=0x4c010173, type=0x6) returned 0x8a01c2
[0266.586] SaveDC (hdc=0x4c010173) returned 1
[0266.586] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab040807
[0266.586] GetClipRgn (hdc=0x4c010173, hrgn=0xab040807) returned 0
[0266.586] SelectClipRgn (hdc=0x4c010173, hrgn=0x400407de) returned 2
[0266.586] DeleteObject (ho=0xab040807) returned 1
[0266.586] DeleteObject (ho=0x400407de) returned 1
[0266.586] OffsetViewportOrgEx (in: hdc=0x4c010173, x=0, y=0, lppt=0x2f447ac | out: lppt=0x2f447ac) returned 1
[0266.586] GetNearestColor (hdc=0x4c010173, color=0xf0f0f0) returned 0xf0f0f0
[0266.586] CreateSolidBrush (color=0xf0f0f0) returned 0xdf1007e1
[0266.586] FillRect (hDC=0x4c010173, lprc=0xd7e198, hbr=0xdf1007e1) returned 1
[0266.586] DeleteObject (ho=0xdf1007e1) returned 1
[0266.586] RestoreDC (hdc=0x4c010173, nSavedDC=-1) returned 1
[0266.587] GdipReleaseDC (graphics=0x6600030, hdc=0x4c010173) returned 0x0
[0266.587] GdipRestoreGraphics (graphics=0x6600030, state=0xf76a0dbd) returned 0x0
[0266.587] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0266.587] GetWindowTextLengthW (hWnd=0x2902dc) returned 0
[0266.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0266.587] GetSystemMetrics (nIndex=42) returned 0
[0266.587] GetWindowTextW (in: hWnd=0x2902dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0266.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0266.587] GdipGetImageWidth (image=0x6604150, width=0xd7e1e0) returned 0x0
[0266.587] GdipGetImageHeight (image=0x6604150, height=0xd7e1e0) returned 0x0
[0266.587] GdipGetImageWidth (image=0x6604150, width=0xd7e1cc) returned 0x0
[0266.587] GdipGetImageHeight (image=0x6604150, height=0xd7e1cc) returned 0x0
[0266.587] GdipDrawImageRectI (graphics=0x6600030, image=0x6604150, x=16, y=16, width=32, height=32) returned 0x0
[0266.587] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0266.587] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0x4c010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.587] GdipReleaseDC (graphics=0x6600030, hdc=0x4c010173) returned 0x0
[0266.587] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.587] SelectObject (hdc=0x4c010173, h=0x85000f) returned 0x4a0507fe
[0266.587] DeleteDC (hdc=0x4c010173) returned 1
[0266.588] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.588] EndPaint (hWnd=0x2902dc, lpPaint=0xd7e294) returned 1
[0266.588] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.588] IsWindowUnicode (hWnd=0x2c00ea) returned 1
[0266.588] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.588] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.588] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.588] BeginPaint (in: hWnd=0x2c00ea, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0266.588] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.588] CreateCompatibleDC (hdc=0x10105d6) returned 0x4e010173
[0266.588] GetObjectType (h=0x10105d6) returned 0x3
[0266.588] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0x650507d3
[0266.588] GetDIBits (in: hdc=0x10105d6, hbm=0x650507d3, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0266.589] GetDIBits (in: hdc=0x10105d6, hbm=0x650507d3, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0266.589] DeleteObject (ho=0x650507d3) returned 1
[0266.589] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x950507f2
[0266.589] SelectObject (hdc=0x4e010173, h=0x950507f2) returned 0x85000f
[0266.589] GdipCreateFromHDC (hdc=0x4e010173, graphics=0xd7e234) returned 0x0
[0266.590] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.590] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0266.590] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0266.590] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0266.590] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2d4) returned 0x0
[0266.590] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0266.590] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0266.590] LocalFree (hMem=0x11ee8d8) returned 0x0
[0266.590] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0266.590] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0266.590] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0266.590] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0266.590] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0266.590] GetWindowTextLengthW (hWnd=0x2c00ea) returned 232
[0266.590] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0266.590] GetSystemMetrics (nIndex=42) returned 0
[0266.590] GetWindowTextW (in: hWnd=0x2c00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0266.590] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0266.590] GetClientRect (in: hWnd=0x2c00ea, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0266.590] GdipCreateRegion (region=0xd7e110) returned 0x0
[0266.594] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0266.595] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0266.595] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0266.595] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e128) returned 0x0
[0266.595] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.595] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0266.595] LocalFree (hMem=0x11ee788) returned 0x0
[0266.595] GdipCombineRegionRegion (region=0x6645488, region2=0x66452d8, combineMode=0x1) returned 0x0
[0266.595] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0266.595] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eed00) returned 0x0
[0266.595] LocalFree (hMem=0x11eed00) returned 0x0
[0266.595] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0266.595] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e150) returned 0x0
[0266.595] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e140) returned 0x0
[0266.595] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0266.595] GdipDeleteRegion (region=0x6645488) returned 0x0
[0266.595] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0266.595] GetCurrentObject (hdc=0x4e010173, type=0x1) returned 0xb00017
[0266.595] GetCurrentObject (hdc=0x4e010173, type=0x2) returned 0x900010
[0266.595] GetCurrentObject (hdc=0x4e010173, type=0x7) returned 0xffffffff950507f2
[0266.595] GetCurrentObject (hdc=0x4e010173, type=0x6) returned 0x8a01c2
[0266.596] SaveDC (hdc=0x4e010173) returned 1
[0266.596] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x410407de
[0266.596] GetClipRgn (hdc=0x4e010173, hrgn=0x410407de) returned 0
[0266.596] SelectClipRgn (hdc=0x4e010173, hrgn=0xac040807) returned 2
[0266.596] DeleteObject (ho=0x410407de) returned 1
[0266.596] DeleteObject (ho=0xac040807) returned 1
[0266.596] OffsetViewportOrgEx (in: hdc=0x4e010173, x=0, y=0, lppt=0x2f46174 | out: lppt=0x2f46174) returned 1
[0266.596] GetNearestColor (hdc=0x4e010173, color=0xf0f0f0) returned 0xf0f0f0
[0266.596] CreateSolidBrush (color=0xf0f0f0) returned 0xe01007e1
[0266.596] FillRect (hDC=0x4e010173, lprc=0xd7e15c, hbr=0xe01007e1) returned 1
[0266.597] DeleteObject (ho=0xe01007e1) returned 1
[0266.597] RestoreDC (hdc=0x4e010173, nSavedDC=-1) returned 1
[0266.597] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010173) returned 0x0
[0266.597] GdipRestoreGraphics (graphics=0x6600030, state=0xf7680dbd) returned 0x0
[0266.597] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0266.597] GetWindowTextLengthW (hWnd=0x2c00ea) returned 232
[0266.597] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0266.597] GetSystemMetrics (nIndex=42) returned 0
[0266.597] GetWindowTextW (in: hWnd=0x2c00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0266.597] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0266.597] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0266.597] GetCurrentObject (hdc=0x4e010173, type=0x1) returned 0xb00017
[0266.597] GetCurrentObject (hdc=0x4e010173, type=0x2) returned 0x900010
[0266.597] GetCurrentObject (hdc=0x4e010173, type=0x7) returned 0xffffffff950507f2
[0266.597] GetCurrentObject (hdc=0x4e010173, type=0x6) returned 0x8a01c2
[0266.597] SaveDC (hdc=0x4e010173) returned 1
[0266.597] GetNearestColor (hdc=0x4e010173, color=0x0) returned 0x0
[0266.597] RestoreDC (hdc=0x4e010173, nSavedDC=-1) returned 1
[0266.598] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010173) returned 0x0
[0266.598] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0266.598] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0266.598] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2f46970 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0266.598] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0266.598] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0266.598] GetCurrentObject (hdc=0x4e010173, type=0x1) returned 0xb00017
[0266.599] GetCurrentObject (hdc=0x4e010173, type=0x2) returned 0x900010
[0266.599] GetCurrentObject (hdc=0x4e010173, type=0x7) returned 0xffffffff950507f2
[0266.599] GetCurrentObject (hdc=0x4e010173, type=0x6) returned 0x8a01c2
[0266.599] SaveDC (hdc=0x4e010173) returned 1
[0266.599] GetTextAlign (hdc=0x4e010173) returned 0x0
[0266.599] GetTextColor (hdc=0x4e010173) returned 0x0
[0266.599] GetCurrentObject (hdc=0x4e010173, type=0x6) returned 0x8a01c2
[0266.599] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0266.599] SelectObject (hdc=0x4e010173, h=0x6d0a0520) returned 0x8a01c2
[0266.599] GetBkMode (hdc=0x4e010173) returned 2
[0266.599] SetBkMode (hdc=0x4e010173, mode=1) returned 2
[0266.599] DrawTextExW (in: hdc=0x4e010173, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2f46b94 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0266.601] RestoreDC (hdc=0x4e010173, nSavedDC=-1) returned 1
[0266.602] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010173) returned 0x0
[0266.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0266.602] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0x4e010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.602] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010173) returned 0x0
[0266.602] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.602] SelectObject (hdc=0x4e010173, h=0x85000f) returned 0x950507f2
[0266.602] DeleteDC (hdc=0x4e010173) returned 1
[0266.602] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.602] DeleteObject (ho=0x950507f2) returned 1
[0266.603] EndPaint (hWnd=0x2c00ea, lpPaint=0xd7e258) returned 1
[0266.603] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.603] IsWindowUnicode (hWnd=0x2b02d8) returned 1
[0266.603] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.603] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.603] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.603] BeginPaint (in: hWnd=0x2b02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0266.603] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.603] CreateCompatibleDC (hdc=0xc0107c5) returned 0x670107d3
[0266.603] SelectObject (hdc=0x670107d3, h=0x4a0507fe) returned 0x85000f
[0266.603] GdipCreateFromHDC (hdc=0x670107d3, graphics=0xd7e268) returned 0x0
[0266.604] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.604] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0266.604] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0266.604] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0266.604] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0266.604] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0266.604] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea98) returned 0x0
[0266.604] LocalFree (hMem=0x11eea98) returned 0x0
[0266.604] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0266.604] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0266.604] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0266.604] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0266.604] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0266.604] GdipRestoreGraphics (graphics=0x6600030, state=0xf7660dbd) returned 0x0
[0266.604] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0266.604] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0266.604] GetCurrentObject (hdc=0x670107d3, type=0x1) returned 0xb00017
[0266.604] GetCurrentObject (hdc=0x670107d3, type=0x2) returned 0x900010
[0266.604] GetCurrentObject (hdc=0x670107d3, type=0x7) returned 0x4a0507fe
[0266.605] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.605] SaveDC (hdc=0x670107d3) returned 1
[0266.605] GetNearestColor (hdc=0x670107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.605] GetNearestColor (hdc=0x670107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.605] GetNearestColor (hdc=0x670107d3, color=0x696969) returned 0x696969
[0266.605] GetNearestColor (hdc=0x670107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.605] GetNearestColor (hdc=0x670107d3, color=0x0) returned 0x0
[0266.605] GetNearestColor (hdc=0x670107d3, color=0xffffff) returned 0xffffff
[0266.605] GetNearestColor (hdc=0x670107d3, color=0xe5e5e5) returned 0xe5e5e5
[0266.605] GetNearestColor (hdc=0x670107d3, color=0xd7d7d7) returned 0xd7d7d7
[0266.605] GetNearestColor (hdc=0x670107d3, color=0x0) returned 0x0
[0266.605] RestoreDC (hdc=0x670107d3, nSavedDC=-1) returned 1
[0266.605] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d3) returned 0x0
[0266.605] IsAppThemed () returned 0x1
[0266.605] GetThemeAppProperties () returned 0x3
[0266.605] GetThemeAppProperties () returned 0x3
[0266.606] GdipGetImageWidth (image=0x6603ac0, width=0xd7e168) returned 0x0
[0266.606] GdipGetImageHeight (image=0x6603ac0, height=0xd7e168) returned 0x0
[0266.606] IsAppThemed () returned 0x1
[0266.606] GetThemeAppProperties () returned 0x3
[0266.606] GetThemeAppProperties () returned 0x3
[0266.606] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2f472e4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0266.606] IsAppThemed () returned 0x1
[0266.606] GetThemeAppProperties () returned 0x3
[0266.606] GetThemeAppProperties () returned 0x3
[0266.606] IsAppThemed () returned 0x1
[0266.606] GetThemeAppProperties () returned 0x3
[0266.606] GetThemeAppProperties () returned 0x3
[0266.607] GetFocus () returned 0x2b02d8
[0266.607] IsAppThemed () returned 0x1
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] IsAppThemed () returned 0x1
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] IsThemePartDefined () returned 0x1
[0266.607] IsAppThemed () returned 0x1
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.607] IsAppThemed () returned 0x1
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] IsAppThemed () returned 0x1
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] GetThemeAppProperties () returned 0x3
[0266.607] IsThemePartDefined () returned 0x1
[0266.607] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0266.607] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0266.607] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0266.607] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0266.607] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0266.608] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0266.608] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0266.608] LocalFree (hMem=0x11ee910) returned 0x0
[0266.608] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.608] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0266.608] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.608] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0266.608] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e018) returned 0x0
[0266.608] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e008) returned 0x0
[0266.608] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0266.608] GdipDeleteRegion (region=0x6645518) returned 0x0
[0266.608] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0266.608] GetCurrentObject (hdc=0x670107d3, type=0x1) returned 0xb00017
[0266.608] GetCurrentObject (hdc=0x670107d3, type=0x2) returned 0x900010
[0266.608] GetCurrentObject (hdc=0x670107d3, type=0x7) returned 0x4a0507fe
[0266.608] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.608] SaveDC (hdc=0x670107d3) returned 1
[0266.608] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xad040807
[0266.608] GetClipRgn (hdc=0x670107d3, hrgn=0xad040807) returned 0
[0266.608] SelectClipRgn (hdc=0x670107d3, hrgn=0x450407de) returned 2
[0266.609] DeleteObject (ho=0xad040807) returned 1
[0266.609] DeleteObject (ho=0x450407de) returned 1
[0266.609] OffsetViewportOrgEx (in: hdc=0x670107d3, x=0, y=0, lppt=0x2f47994 | out: lppt=0x2f47994) returned 1
[0266.609] DrawThemeParentBackground () returned 0x0
[0266.609] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0266.609] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0266.609] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.609] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.609] GetSystemMetrics (nIndex=42) returned 0
[0266.609] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.609] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0266.609] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0266.609] GetCurrentObject (hdc=0x670107d3, type=0x1) returned 0xb00017
[0266.609] GetCurrentObject (hdc=0x670107d3, type=0x2) returned 0x900010
[0266.609] GetCurrentObject (hdc=0x670107d3, type=0x7) returned 0x4a0507fe
[0266.609] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.609] SaveDC (hdc=0x670107d3) returned 2
[0266.609] GetNearestColor (hdc=0x670107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.609] CreateSolidBrush (color=0xf0f0f0) returned 0xe11007e1
[0266.609] FillRect (hDC=0x670107d3, lprc=0xd7da38, hbr=0xe11007e1) returned 1
[0266.610] DeleteObject (ho=0xe11007e1) returned 1
[0266.610] RestoreDC (hdc=0x670107d3, nSavedDC=-1) returned 1
[0266.610] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.610] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.610] GetSystemMetrics (nIndex=42) returned 0
[0266.610] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.610] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.610] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0266.610] GetCurrentObject (hdc=0x670107d3, type=0x1) returned 0xb00017
[0266.610] GetCurrentObject (hdc=0x670107d3, type=0x2) returned 0x900010
[0266.610] GetCurrentObject (hdc=0x670107d3, type=0x7) returned 0x4a0507fe
[0266.610] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.610] SaveDC (hdc=0x670107d3) returned 2
[0266.610] GetNearestColor (hdc=0x670107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.610] CreateSolidBrush (color=0xf0f0f0) returned 0xe21007e1
[0266.610] FillRect (hDC=0x670107d3, lprc=0xd7d9d8, hbr=0xe21007e1) returned 1
[0266.610] DeleteObject (ho=0xe21007e1) returned 1
[0266.610] RestoreDC (hdc=0x670107d3, nSavedDC=-1) returned 1
[0266.610] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.610] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.610] GetSystemMetrics (nIndex=42) returned 0
[0266.610] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.610] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.611] RestoreDC (hdc=0x670107d3, nSavedDC=-1) returned 1
[0266.611] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d3) returned 0x0
[0266.611] IsAppThemed () returned 0x1
[0266.611] GetThemeAppProperties () returned 0x3
[0266.611] GetThemeAppProperties () returned 0x3
[0266.611] IsAppThemed () returned 0x1
[0266.611] GetThemeAppProperties () returned 0x3
[0266.611] GetThemeAppProperties () returned 0x3
[0266.611] IsThemePartDefined () returned 0x1
[0266.611] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0266.611] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0266.611] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0266.611] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0266.611] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0266.611] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0266.611] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.611] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0266.611] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.611] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0266.611] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0266.611] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0266.611] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0266.612] GdipDeleteRegion (region=0x6645908) returned 0x0
[0266.612] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0266.612] GetCurrentObject (hdc=0x670107d3, type=0x1) returned 0xb00017
[0266.612] GetCurrentObject (hdc=0x670107d3, type=0x2) returned 0x900010
[0266.612] GetCurrentObject (hdc=0x670107d3, type=0x7) returned 0x4a0507fe
[0266.612] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.612] SaveDC (hdc=0x670107d3) returned 1
[0266.612] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x460407de
[0266.612] GetClipRgn (hdc=0x670107d3, hrgn=0x460407de) returned 0
[0266.612] SelectClipRgn (hdc=0x670107d3, hrgn=0xaf040807) returned 2
[0266.612] DeleteObject (ho=0x460407de) returned 1
[0266.612] DeleteObject (ho=0xaf040807) returned 1
[0266.612] OffsetViewportOrgEx (in: hdc=0x670107d3, x=0, y=0, lppt=0x2f48240 | out: lppt=0x2f48240) returned 1
[0266.612] IsAppThemed () returned 0x1
[0266.612] GetThemeAppProperties () returned 0x3
[0266.612] GetThemeAppProperties () returned 0x3
[0266.612] DrawThemeBackground () returned 0x0
[0266.612] RestoreDC (hdc=0x670107d3, nSavedDC=-1) returned 1
[0266.612] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d3) returned 0x0
[0266.612] GdipCreateRegion (region=0xd7df60) returned 0x0
[0266.612] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0266.612] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0266.613] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0266.613] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0266.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.613] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0266.613] LocalFree (hMem=0x11ee788) returned 0x0
[0266.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.613] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0266.613] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.613] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0266.613] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0266.613] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0266.613] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0266.613] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0266.613] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0266.613] GetCurrentObject (hdc=0x670107d3, type=0x1) returned 0xb00017
[0266.613] GetCurrentObject (hdc=0x670107d3, type=0x2) returned 0x900010
[0266.613] GetCurrentObject (hdc=0x670107d3, type=0x7) returned 0x4a0507fe
[0266.613] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.613] SaveDC (hdc=0x670107d3) returned 1
[0266.613] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb0040807
[0266.613] GetClipRgn (hdc=0x670107d3, hrgn=0xb0040807) returned 0
[0266.613] SelectClipRgn (hdc=0x670107d3, hrgn=0x470407de) returned 2
[0266.613] DeleteObject (ho=0xb0040807) returned 1
[0266.614] DeleteObject (ho=0x470407de) returned 1
[0266.614] OffsetViewportOrgEx (in: hdc=0x670107d3, x=0, y=0, lppt=0x2f48514 | out: lppt=0x2f48514) returned 1
[0266.614] IsAppThemed () returned 0x1
[0266.614] GetThemeAppProperties () returned 0x3
[0266.614] GetThemeAppProperties () returned 0x3
[0266.614] GetThemeBackgroundContentRect () returned 0x0
[0266.614] RestoreDC (hdc=0x670107d3, nSavedDC=-1) returned 1
[0266.614] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d3) returned 0x0
[0266.614] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0266.614] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0266.614] GdipCloneRegion (region=0x66452d8, cloneRegion=0xd7e150) returned 0x0
[0266.614] GdipCombineRegionRectI (region=0x6645488, rect=0xd7e138, combineMode=0x1) returned 0x0
[0266.614] GdipCombineRegionRectI (region=0x6645488, rect=0xd7e138, combineMode=0x1) returned 0x0
[0266.614] GdipSetClipRegion (graphics=0x6600030, region=0x6645488, combineMode=0x0) returned 0x0
[0266.614] GdipGetImageWidth (image=0x6603ac0, width=0xd7e154) returned 0x0
[0266.614] GdipGetImageHeight (image=0x6603ac0, height=0xd7e148) returned 0x0
[0266.614] GdipDrawImageRectI (graphics=0x6600030, image=0x6603ac0, x=4, y=4, width=16, height=16) returned 0x0
[0266.614] GdipSetClipRegion (graphics=0x6600030, region=0x66452d8, combineMode=0x0) returned 0x0
[0266.614] IsAppThemed () returned 0x1
[0266.614] GetThemeAppProperties () returned 0x3
[0266.614] GetThemeAppProperties () returned 0x3
[0266.614] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0266.614] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0266.615] GetCurrentObject (hdc=0x670107d3, type=0x1) returned 0xb00017
[0266.615] GetCurrentObject (hdc=0x670107d3, type=0x2) returned 0x900010
[0266.615] GetCurrentObject (hdc=0x670107d3, type=0x7) returned 0x4a0507fe
[0266.615] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.615] SaveDC (hdc=0x670107d3) returned 1
[0266.615] GetTextAlign (hdc=0x670107d3) returned 0x0
[0266.615] GetTextColor (hdc=0x670107d3) returned 0x0
[0266.615] GetCurrentObject (hdc=0x670107d3, type=0x6) returned 0x8a01c2
[0266.615] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0266.615] SelectObject (hdc=0x670107d3, h=0x6d0a0520) returned 0x8a01c2
[0266.615] GetBkMode (hdc=0x670107d3) returned 2
[0266.615] SetBkMode (hdc=0x670107d3, mode=1) returned 2
[0266.615] DrawTextExW (in: hdc=0x670107d3, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2f488d4 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0266.615] DrawTextExW (in: hdc=0x670107d3, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2f488d4 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0266.616] RestoreDC (hdc=0x670107d3, nSavedDC=-1) returned 1
[0266.616] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d3) returned 0x0
[0266.616] GetFocus () returned 0x2b02d8
[0266.616] IsAppThemed () returned 0x1
[0266.616] GetThemeAppProperties () returned 0x3
[0266.616] GetThemeAppProperties () returned 0x3
[0266.616] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0266.616] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x670107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.616] GdipReleaseDC (graphics=0x6600030, hdc=0x670107d3) returned 0x0
[0266.616] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.616] SelectObject (hdc=0x670107d3, h=0x85000f) returned 0x4a0507fe
[0266.616] DeleteDC (hdc=0x670107d3) returned 1
[0266.616] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.616] EndPaint (hWnd=0x2b02d8, lpPaint=0xd7e24c) returned 1
[0266.617] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.617] IsWindowUnicode (hWnd=0x2902de) returned 1
[0266.617] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.617] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.617] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.617] BeginPaint (in: hWnd=0x2902de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0266.617] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.617] CreateCompatibleDC (hdc=0xf0105ee) returned 0x690107d3
[0266.617] SelectObject (hdc=0x690107d3, h=0x4a0507fe) returned 0x85000f
[0266.617] GdipCreateFromHDC (hdc=0x690107d3, graphics=0xd7e268) returned 0x0
[0266.617] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.617] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0266.617] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0266.617] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0266.617] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2c8) returned 0x0
[0266.618] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0266.618] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0266.618] LocalFree (hMem=0x11ee868) returned 0x0
[0266.618] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0266.618] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0266.618] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0266.618] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0266.618] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0266.618] GdipRestoreGraphics (graphics=0x6600030, state=0xf7640dbd) returned 0x0
[0266.618] GdipDeleteRegion (region=0x6645518) returned 0x0
[0266.618] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0266.618] GetCurrentObject (hdc=0x690107d3, type=0x1) returned 0xb00017
[0266.618] GetCurrentObject (hdc=0x690107d3, type=0x2) returned 0x900010
[0266.618] GetCurrentObject (hdc=0x690107d3, type=0x7) returned 0x4a0507fe
[0266.618] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.618] SaveDC (hdc=0x690107d3) returned 1
[0266.618] GetNearestColor (hdc=0x690107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.618] GetNearestColor (hdc=0x690107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.618] GetNearestColor (hdc=0x690107d3, color=0x696969) returned 0x696969
[0266.618] GetNearestColor (hdc=0x690107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.618] GetNearestColor (hdc=0x690107d3, color=0x0) returned 0x0
[0266.619] GetNearestColor (hdc=0x690107d3, color=0xffffff) returned 0xffffff
[0266.619] GetNearestColor (hdc=0x690107d3, color=0xe5e5e5) returned 0xe5e5e5
[0266.619] GetNearestColor (hdc=0x690107d3, color=0xd7d7d7) returned 0xd7d7d7
[0266.619] GetNearestColor (hdc=0x690107d3, color=0x0) returned 0x0
[0266.619] RestoreDC (hdc=0x690107d3, nSavedDC=-1) returned 1
[0266.619] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d3) returned 0x0
[0266.619] IsAppThemed () returned 0x1
[0266.619] GetThemeAppProperties () returned 0x3
[0266.619] GetThemeAppProperties () returned 0x3
[0266.619] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0266.619] SendMessageW (hWnd=0x2902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0266.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0266.619] IsAppThemed () returned 0x1
[0266.619] GetThemeAppProperties () returned 0x3
[0266.619] GetThemeAppProperties () returned 0x3
[0266.619] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2f490e4 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0266.620] IsAppThemed () returned 0x1
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] IsAppThemed () returned 0x1
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetFocus () returned 0x2b02d8
[0266.620] IsAppThemed () returned 0x1
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] IsAppThemed () returned 0x1
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] IsThemePartDefined () returned 0x1
[0266.620] IsAppThemed () returned 0x1
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.620] IsAppThemed () returned 0x1
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] IsAppThemed () returned 0x1
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] GetThemeAppProperties () returned 0x3
[0266.620] IsThemePartDefined () returned 0x1
[0266.620] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0266.620] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0266.621] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0266.621] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0266.621] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0266.621] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.621] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0266.621] LocalFree (hMem=0x11ee788) returned 0x0
[0266.621] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.621] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0266.621] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.621] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0266.621] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e018) returned 0x0
[0266.621] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e008) returned 0x0
[0266.621] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0266.621] GdipDeleteRegion (region=0x6645518) returned 0x0
[0266.621] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0266.621] GetCurrentObject (hdc=0x690107d3, type=0x1) returned 0xb00017
[0266.621] GetCurrentObject (hdc=0x690107d3, type=0x2) returned 0x900010
[0266.621] GetCurrentObject (hdc=0x690107d3, type=0x7) returned 0x4a0507fe
[0266.621] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.621] SaveDC (hdc=0x690107d3) returned 1
[0266.621] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x480407de
[0266.621] GetClipRgn (hdc=0x690107d3, hrgn=0x480407de) returned 0
[0266.622] SelectClipRgn (hdc=0x690107d3, hrgn=0xb4040807) returned 2
[0266.622] DeleteObject (ho=0x480407de) returned 1
[0266.622] DeleteObject (ho=0xb4040807) returned 1
[0266.622] OffsetViewportOrgEx (in: hdc=0x690107d3, x=0, y=0, lppt=0x2f49794 | out: lppt=0x2f49794) returned 1
[0266.622] DrawThemeParentBackground () returned 0x0
[0266.627] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0266.627] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0266.627] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.627] GetSystemMetrics (nIndex=42) returned 0
[0266.627] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0266.627] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0266.627] GetCurrentObject (hdc=0x690107d3, type=0x1) returned 0xb00017
[0266.627] GetCurrentObject (hdc=0x690107d3, type=0x2) returned 0x900010
[0266.627] GetCurrentObject (hdc=0x690107d3, type=0x7) returned 0x4a0507fe
[0266.627] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.627] SaveDC (hdc=0x690107d3) returned 2
[0266.627] GetNearestColor (hdc=0x690107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.627] CreateSolidBrush (color=0xf0f0f0) returned 0xe31007e1
[0266.627] FillRect (hDC=0x690107d3, lprc=0xd7da38, hbr=0xe31007e1) returned 1
[0266.627] DeleteObject (ho=0xe31007e1) returned 1
[0266.627] RestoreDC (hdc=0x690107d3, nSavedDC=-1) returned 1
[0266.627] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.628] GetSystemMetrics (nIndex=42) returned 0
[0266.628] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.628] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0266.628] GetCurrentObject (hdc=0x690107d3, type=0x1) returned 0xb00017
[0266.628] GetCurrentObject (hdc=0x690107d3, type=0x2) returned 0x900010
[0266.628] GetCurrentObject (hdc=0x690107d3, type=0x7) returned 0x4a0507fe
[0266.628] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.628] SaveDC (hdc=0x690107d3) returned 2
[0266.628] GetNearestColor (hdc=0x690107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.628] CreateSolidBrush (color=0xf0f0f0) returned 0xe41007e1
[0266.628] FillRect (hDC=0x690107d3, lprc=0xd7d9d8, hbr=0xe41007e1) returned 1
[0266.628] DeleteObject (ho=0xe41007e1) returned 1
[0266.628] RestoreDC (hdc=0x690107d3, nSavedDC=-1) returned 1
[0266.628] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.628] GetSystemMetrics (nIndex=42) returned 0
[0266.628] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.629] RestoreDC (hdc=0x690107d3, nSavedDC=-1) returned 1
[0266.629] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d3) returned 0x0
[0266.629] IsAppThemed () returned 0x1
[0266.629] GetThemeAppProperties () returned 0x3
[0266.629] GetThemeAppProperties () returned 0x3
[0266.629] IsAppThemed () returned 0x1
[0266.629] GetThemeAppProperties () returned 0x3
[0266.629] GetThemeAppProperties () returned 0x3
[0266.629] IsThemePartDefined () returned 0x1
[0266.629] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0266.629] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0266.629] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0266.629] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0266.629] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0266.629] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.629] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0266.629] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.629] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.629] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0266.629] LocalFree (hMem=0x11ee788) returned 0x0
[0266.629] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0266.629] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0266.629] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0266.629] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0266.630] GdipDeleteRegion (region=0x6645518) returned 0x0
[0266.630] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0266.630] GetCurrentObject (hdc=0x690107d3, type=0x1) returned 0xb00017
[0266.630] GetCurrentObject (hdc=0x690107d3, type=0x2) returned 0x900010
[0266.630] GetCurrentObject (hdc=0x690107d3, type=0x7) returned 0x4a0507fe
[0266.630] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.630] SaveDC (hdc=0x690107d3) returned 1
[0266.630] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb5040807
[0266.630] GetClipRgn (hdc=0x690107d3, hrgn=0xb5040807) returned 0
[0266.630] SelectClipRgn (hdc=0x690107d3, hrgn=0x4a0407de) returned 2
[0266.630] DeleteObject (ho=0xb5040807) returned 1
[0266.630] DeleteObject (ho=0x4a0407de) returned 1
[0266.630] OffsetViewportOrgEx (in: hdc=0x690107d3, x=0, y=0, lppt=0x2f4a040 | out: lppt=0x2f4a040) returned 1
[0266.630] IsAppThemed () returned 0x1
[0266.630] GetThemeAppProperties () returned 0x3
[0266.630] GetThemeAppProperties () returned 0x3
[0266.630] DrawThemeBackground () returned 0x0
[0266.630] RestoreDC (hdc=0x690107d3, nSavedDC=-1) returned 1
[0266.630] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d3) returned 0x0
[0266.630] GdipCreateRegion (region=0xd7df60) returned 0x0
[0266.630] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0266.631] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0266.631] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0266.631] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0266.631] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.631] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0266.631] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.631] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0266.631] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0266.631] LocalFree (hMem=0x11eea98) returned 0x0
[0266.631] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0266.631] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0266.631] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0266.631] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0266.631] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.631] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0266.631] GetCurrentObject (hdc=0x690107d3, type=0x1) returned 0xb00017
[0266.631] GetCurrentObject (hdc=0x690107d3, type=0x2) returned 0x900010
[0266.631] GetCurrentObject (hdc=0x690107d3, type=0x7) returned 0x4a0507fe
[0266.631] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.631] SaveDC (hdc=0x690107d3) returned 1
[0266.631] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b0407de
[0266.631] GetClipRgn (hdc=0x690107d3, hrgn=0x4b0407de) returned 0
[0266.632] SelectClipRgn (hdc=0x690107d3, hrgn=0xb6040807) returned 2
[0266.632] DeleteObject (ho=0x4b0407de) returned 1
[0266.632] DeleteObject (ho=0xb6040807) returned 1
[0266.632] OffsetViewportOrgEx (in: hdc=0x690107d3, x=0, y=0, lppt=0x2f4a314 | out: lppt=0x2f4a314) returned 1
[0266.632] IsAppThemed () returned 0x1
[0266.632] GetThemeAppProperties () returned 0x3
[0266.632] GetThemeAppProperties () returned 0x3
[0266.632] GetThemeBackgroundContentRect () returned 0x0
[0266.632] RestoreDC (hdc=0x690107d3, nSavedDC=-1) returned 1
[0266.632] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d3) returned 0x0
[0266.632] IsAppThemed () returned 0x1
[0266.632] GetThemeAppProperties () returned 0x3
[0266.632] GetThemeAppProperties () returned 0x3
[0266.632] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0266.632] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0266.632] GetCurrentObject (hdc=0x690107d3, type=0x1) returned 0xb00017
[0266.632] GetCurrentObject (hdc=0x690107d3, type=0x2) returned 0x900010
[0266.632] GetCurrentObject (hdc=0x690107d3, type=0x7) returned 0x4a0507fe
[0266.632] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.632] SaveDC (hdc=0x690107d3) returned 1
[0266.632] GetTextAlign (hdc=0x690107d3) returned 0x0
[0266.633] GetTextColor (hdc=0x690107d3) returned 0x0
[0266.633] GetCurrentObject (hdc=0x690107d3, type=0x6) returned 0x8a01c2
[0266.633] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0266.633] SelectObject (hdc=0x690107d3, h=0x6d0a0520) returned 0x8a01c2
[0266.633] GetBkMode (hdc=0x690107d3) returned 2
[0266.633] SetBkMode (hdc=0x690107d3, mode=1) returned 2
[0266.633] DrawTextExW (in: hdc=0x690107d3, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2f4a6b4 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0266.633] DrawTextExW (in: hdc=0x690107d3, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2f4a6b4 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0266.633] RestoreDC (hdc=0x690107d3, nSavedDC=-1) returned 1
[0266.633] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d3) returned 0x0
[0266.633] GetFocus () returned 0x2b02d8
[0266.634] IsAppThemed () returned 0x1
[0266.634] GetThemeAppProperties () returned 0x3
[0266.634] GetThemeAppProperties () returned 0x3
[0266.634] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0266.634] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x690107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.634] GdipReleaseDC (graphics=0x6600030, hdc=0x690107d3) returned 0x0
[0266.634] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.634] SelectObject (hdc=0x690107d3, h=0x85000f) returned 0x4a0507fe
[0266.634] DeleteDC (hdc=0x690107d3) returned 1
[0266.634] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.634] EndPaint (hWnd=0x2902de, lpPaint=0xd7e24c) returned 1
[0266.635] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.635] IsWindowUnicode (hWnd=0x1e02d0) returned 1
[0266.635] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.635] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.635] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.635] BeginPaint (in: hWnd=0x1e02d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0266.635] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.635] CreateCompatibleDC (hdc=0x107b9) returned 0x6b0107d3
[0266.635] SelectObject (hdc=0x6b0107d3, h=0x4a0507fe) returned 0x85000f
[0266.635] GdipCreateFromHDC (hdc=0x6b0107d3, graphics=0xd7e268) returned 0x0
[0266.635] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.636] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0266.636] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0266.636] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0266.636] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0266.636] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.636] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0266.636] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.636] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0266.636] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0266.636] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0266.636] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0266.636] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0266.636] GdipRestoreGraphics (graphics=0x6600030, state=0xf7620dbd) returned 0x0
[0266.636] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.636] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0266.636] GetCurrentObject (hdc=0x6b0107d3, type=0x1) returned 0xb00017
[0266.636] GetCurrentObject (hdc=0x6b0107d3, type=0x2) returned 0x900010
[0266.636] GetCurrentObject (hdc=0x6b0107d3, type=0x7) returned 0x4a0507fe
[0266.636] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.636] SaveDC (hdc=0x6b0107d3) returned 1
[0266.636] GetNearestColor (hdc=0x6b0107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.636] GetNearestColor (hdc=0x6b0107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.637] GetNearestColor (hdc=0x6b0107d3, color=0x696969) returned 0x696969
[0266.637] GetNearestColor (hdc=0x6b0107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.637] GetNearestColor (hdc=0x6b0107d3, color=0x0) returned 0x0
[0266.637] GetNearestColor (hdc=0x6b0107d3, color=0xffffff) returned 0xffffff
[0266.637] GetNearestColor (hdc=0x6b0107d3, color=0xe5e5e5) returned 0xe5e5e5
[0266.637] GetNearestColor (hdc=0x6b0107d3, color=0xd7d7d7) returned 0xd7d7d7
[0266.637] GetNearestColor (hdc=0x6b0107d3, color=0x0) returned 0x0
[0266.637] RestoreDC (hdc=0x6b0107d3, nSavedDC=-1) returned 1
[0266.637] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d3) returned 0x0
[0266.637] IsAppThemed () returned 0x1
[0266.648] GetThemeAppProperties () returned 0x3
[0266.648] GetThemeAppProperties () returned 0x3
[0266.648] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0266.648] SendMessageW (hWnd=0x2902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0266.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0266.648] IsAppThemed () returned 0x1
[0266.648] GetThemeAppProperties () returned 0x3
[0266.648] GetThemeAppProperties () returned 0x3
[0266.648] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2f4aec4 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0266.648] IsAppThemed () returned 0x1
[0266.648] GetThemeAppProperties () returned 0x3
[0266.648] GetThemeAppProperties () returned 0x3
[0266.649] IsAppThemed () returned 0x1
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] GetFocus () returned 0x2b02d8
[0266.649] IsAppThemed () returned 0x1
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] IsAppThemed () returned 0x1
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] IsThemePartDefined () returned 0x1
[0266.649] IsAppThemed () returned 0x1
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.649] IsAppThemed () returned 0x1
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] IsAppThemed () returned 0x1
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] GetThemeAppProperties () returned 0x3
[0266.649] IsThemePartDefined () returned 0x1
[0266.649] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0266.649] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0266.649] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0266.649] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0266.650] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0266.650] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0266.650] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.650] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0266.650] LocalFree (hMem=0x11ee868) returned 0x0
[0266.650] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0266.650] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e018) returned 0x0
[0266.650] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e008) returned 0x0
[0266.650] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0266.650] GdipDeleteRegion (region=0x6645518) returned 0x0
[0266.650] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0266.650] GetCurrentObject (hdc=0x6b0107d3, type=0x1) returned 0xb00017
[0266.650] GetCurrentObject (hdc=0x6b0107d3, type=0x2) returned 0x900010
[0266.650] GetCurrentObject (hdc=0x6b0107d3, type=0x7) returned 0x4a0507fe
[0266.650] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.650] SaveDC (hdc=0x6b0107d3) returned 1
[0266.650] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb7040807
[0266.650] GetClipRgn (hdc=0x6b0107d3, hrgn=0xb7040807) returned 0
[0266.650] SelectClipRgn (hdc=0x6b0107d3, hrgn=0x4f0407de) returned 2
[0266.651] DeleteObject (ho=0xb7040807) returned 1
[0266.651] DeleteObject (ho=0x4f0407de) returned 1
[0266.651] OffsetViewportOrgEx (in: hdc=0x6b0107d3, x=0, y=0, lppt=0x2f4b574 | out: lppt=0x2f4b574) returned 1
[0266.651] DrawThemeParentBackground () returned 0x0
[0266.651] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0266.651] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0266.651] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.651] GetSystemMetrics (nIndex=42) returned 0
[0266.651] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0266.651] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0266.651] GetCurrentObject (hdc=0x6b0107d3, type=0x1) returned 0xb00017
[0266.651] GetCurrentObject (hdc=0x6b0107d3, type=0x2) returned 0x900010
[0266.651] GetCurrentObject (hdc=0x6b0107d3, type=0x7) returned 0x4a0507fe
[0266.651] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.651] SaveDC (hdc=0x6b0107d3) returned 2
[0266.651] GetNearestColor (hdc=0x6b0107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.652] CreateSolidBrush (color=0xf0f0f0) returned 0xe51007e1
[0266.652] FillRect (hDC=0x6b0107d3, lprc=0xd7da38, hbr=0xe51007e1) returned 1
[0266.652] DeleteObject (ho=0xe51007e1) returned 1
[0266.652] RestoreDC (hdc=0x6b0107d3, nSavedDC=-1) returned 1
[0266.652] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.652] GetSystemMetrics (nIndex=42) returned 0
[0266.652] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.656] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0266.656] GetCurrentObject (hdc=0x6b0107d3, type=0x1) returned 0xb00017
[0266.656] GetCurrentObject (hdc=0x6b0107d3, type=0x2) returned 0x900010
[0266.656] GetCurrentObject (hdc=0x6b0107d3, type=0x7) returned 0x4a0507fe
[0266.656] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.656] SaveDC (hdc=0x6b0107d3) returned 2
[0266.656] GetNearestColor (hdc=0x6b0107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.656] CreateSolidBrush (color=0xf0f0f0) returned 0xe61007e1
[0266.656] FillRect (hDC=0x6b0107d3, lprc=0xd7d9d8, hbr=0xe61007e1) returned 1
[0266.656] DeleteObject (ho=0xe61007e1) returned 1
[0266.656] RestoreDC (hdc=0x6b0107d3, nSavedDC=-1) returned 1
[0266.656] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.656] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.657] GetSystemMetrics (nIndex=42) returned 0
[0266.657] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.657] RestoreDC (hdc=0x6b0107d3, nSavedDC=-1) returned 1
[0266.657] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d3) returned 0x0
[0266.657] IsAppThemed () returned 0x1
[0266.657] GetThemeAppProperties () returned 0x3
[0266.657] GetThemeAppProperties () returned 0x3
[0266.657] IsAppThemed () returned 0x1
[0266.657] GetThemeAppProperties () returned 0x3
[0266.657] GetThemeAppProperties () returned 0x3
[0266.657] IsThemePartDefined () returned 0x1
[0266.657] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0266.657] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0266.657] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0266.657] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0266.657] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0266.657] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.658] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0266.658] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.658] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.658] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0266.658] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.658] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0266.658] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0266.658] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0266.658] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0266.658] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0266.658] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0266.658] GetCurrentObject (hdc=0x6b0107d3, type=0x1) returned 0xb00017
[0266.658] GetCurrentObject (hdc=0x6b0107d3, type=0x2) returned 0x900010
[0266.658] GetCurrentObject (hdc=0x6b0107d3, type=0x7) returned 0x4a0507fe
[0266.658] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.658] SaveDC (hdc=0x6b0107d3) returned 1
[0266.658] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x500407de
[0266.658] GetClipRgn (hdc=0x6b0107d3, hrgn=0x500407de) returned 0
[0266.658] SelectClipRgn (hdc=0x6b0107d3, hrgn=0xb9040807) returned 2
[0266.659] DeleteObject (ho=0x500407de) returned 1
[0266.659] DeleteObject (ho=0xb9040807) returned 1
[0266.659] OffsetViewportOrgEx (in: hdc=0x6b0107d3, x=0, y=0, lppt=0x2c6a078 | out: lppt=0x2c6a078) returned 1
[0266.659] IsAppThemed () returned 0x1
[0266.659] GetThemeAppProperties () returned 0x3
[0266.659] GetThemeAppProperties () returned 0x3
[0266.659] DrawThemeBackground () returned 0x0
[0266.659] RestoreDC (hdc=0x6b0107d3, nSavedDC=-1) returned 1
[0266.659] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d3) returned 0x0
[0266.659] GdipCreateRegion (region=0xd7df60) returned 0x0
[0266.659] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0266.659] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0266.659] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0266.659] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0266.659] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0266.659] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea60) returned 0x0
[0266.659] LocalFree (hMem=0x11eea60) returned 0x0
[0266.659] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0266.659] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0266.659] LocalFree (hMem=0x11ee868) returned 0x0
[0266.659] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0266.660] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0266.660] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0266.660] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0266.660] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0266.660] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0266.660] GetCurrentObject (hdc=0x6b0107d3, type=0x1) returned 0xb00017
[0266.660] GetCurrentObject (hdc=0x6b0107d3, type=0x2) returned 0x900010
[0266.660] GetCurrentObject (hdc=0x6b0107d3, type=0x7) returned 0x4a0507fe
[0266.660] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.660] SaveDC (hdc=0x6b0107d3) returned 1
[0266.660] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xba040807
[0266.660] GetClipRgn (hdc=0x6b0107d3, hrgn=0xba040807) returned 0
[0266.660] SelectClipRgn (hdc=0x6b0107d3, hrgn=0x510407de) returned 2
[0266.660] DeleteObject (ho=0xba040807) returned 1
[0266.660] DeleteObject (ho=0x510407de) returned 1
[0266.660] OffsetViewportOrgEx (in: hdc=0x6b0107d3, x=0, y=0, lppt=0x2c6a34c | out: lppt=0x2c6a34c) returned 1
[0266.660] IsAppThemed () returned 0x1
[0266.660] GetThemeAppProperties () returned 0x3
[0266.660] GetThemeAppProperties () returned 0x3
[0266.661] GetThemeBackgroundContentRect () returned 0x0
[0266.661] RestoreDC (hdc=0x6b0107d3, nSavedDC=-1) returned 1
[0266.661] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d3) returned 0x0
[0266.661] IsAppThemed () returned 0x1
[0266.661] GetThemeAppProperties () returned 0x3
[0266.661] GetThemeAppProperties () returned 0x3
[0266.661] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0266.661] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0266.661] GetCurrentObject (hdc=0x6b0107d3, type=0x1) returned 0xb00017
[0266.661] GetCurrentObject (hdc=0x6b0107d3, type=0x2) returned 0x900010
[0266.661] GetCurrentObject (hdc=0x6b0107d3, type=0x7) returned 0x4a0507fe
[0266.661] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.661] SaveDC (hdc=0x6b0107d3) returned 1
[0266.661] GetTextAlign (hdc=0x6b0107d3) returned 0x0
[0266.661] GetTextColor (hdc=0x6b0107d3) returned 0x0
[0266.661] GetCurrentObject (hdc=0x6b0107d3, type=0x6) returned 0x8a01c2
[0266.661] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0266.661] SelectObject (hdc=0x6b0107d3, h=0x6d0a0520) returned 0x8a01c2
[0266.661] GetBkMode (hdc=0x6b0107d3) returned 2
[0266.662] SetBkMode (hdc=0x6b0107d3, mode=1) returned 2
[0266.662] DrawTextExW (in: hdc=0x6b0107d3, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2c6a6ec | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0266.662] DrawTextExW (in: hdc=0x6b0107d3, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c6a6ec | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0266.662] RestoreDC (hdc=0x6b0107d3, nSavedDC=-1) returned 1
[0266.662] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d3) returned 0x0
[0266.662] GetFocus () returned 0x2b02d8
[0266.662] IsAppThemed () returned 0x1
[0266.662] GetThemeAppProperties () returned 0x3
[0266.662] GetThemeAppProperties () returned 0x3
[0266.662] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0266.662] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x6b0107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.663] GdipReleaseDC (graphics=0x6600030, hdc=0x6b0107d3) returned 0x0
[0266.663] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.663] SelectObject (hdc=0x6b0107d3, h=0x85000f) returned 0x4a0507fe
[0266.663] DeleteDC (hdc=0x6b0107d3) returned 1
[0266.663] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.663] EndPaint (hWnd=0x1e02d0, lpPaint=0xd7e24c) returned 1
[0266.663] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.663] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0266.663] IsWindowUnicode (hWnd=0x2902de) returned 1
[0266.663] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.664] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0266.664] SetCursor (hCursor=0x10003) returned 0x10003
[0266.664] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.664] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.664] _TrackMouseEvent (in: lpEventTrack=0x2c6a7e8 | out: lpEventTrack=0x2c6a7e8) returned 1
[0266.664] SendMessageW (hWnd=0x2902de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0266.664] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0266.664] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0266.664] GetKeyState (nVirtKey=1) returned 0
[0266.664] GetKeyState (nVirtKey=2) returned 0
[0266.664] GetKeyState (nVirtKey=4) returned 0
[0266.664] GetKeyState (nVirtKey=5) returned 0
[0266.664] GetKeyState (nVirtKey=6) returned 0
[0266.664] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.664] IsWindowUnicode (hWnd=0x2902de) returned 1
[0266.664] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.664] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.664] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.664] BeginPaint (in: hWnd=0x2902de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0266.665] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.665] CreateCompatibleDC (hdc=0xf0105ee) returned 0x6c0107d3
[0266.665] SelectObject (hdc=0x6c0107d3, h=0x4a0507fe) returned 0x85000f
[0266.665] GdipCreateFromHDC (hdc=0x6c0107d3, graphics=0xd7e268) returned 0x0
[0266.665] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.665] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0266.665] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0266.665] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0266.665] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0266.665] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.665] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0266.665] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.665] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0266.665] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0266.665] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0266.665] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0266.665] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0266.665] GdipRestoreGraphics (graphics=0x6600030, state=0xf7600dbd) returned 0x0
[0266.666] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0266.666] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0266.666] GetCurrentObject (hdc=0x6c0107d3, type=0x1) returned 0xb00017
[0266.666] GetCurrentObject (hdc=0x6c0107d3, type=0x2) returned 0x900010
[0266.666] GetCurrentObject (hdc=0x6c0107d3, type=0x7) returned 0x4a0507fe
[0266.666] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.666] SaveDC (hdc=0x6c0107d3) returned 1
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0x696969) returned 0x696969
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0xa0a0a0) returned 0xa0a0a0
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0x0) returned 0x0
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0xffffff) returned 0xffffff
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0xe5e5e5) returned 0xe5e5e5
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0xd7d7d7) returned 0xd7d7d7
[0266.666] GetNearestColor (hdc=0x6c0107d3, color=0x0) returned 0x0
[0266.666] RestoreDC (hdc=0x6c0107d3, nSavedDC=-1) returned 1
[0266.666] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107d3) returned 0x0
[0266.667] IsAppThemed () returned 0x1
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] IsAppThemed () returned 0x1
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2c6af48 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0266.667] IsAppThemed () returned 0x1
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] IsAppThemed () returned 0x1
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] IsAppThemed () returned 0x1
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] IsAppThemed () returned 0x1
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] GetThemeAppProperties () returned 0x3
[0266.667] IsThemePartDefined () returned 0x1
[0266.667] IsAppThemed () returned 0x1
[0266.668] GetThemeAppProperties () returned 0x3
[0266.668] GetThemeAppProperties () returned 0x3
[0266.668] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.668] IsAppThemed () returned 0x1
[0266.668] GetThemeAppProperties () returned 0x3
[0266.668] GetThemeAppProperties () returned 0x3
[0266.668] IsAppThemed () returned 0x1
[0266.668] GetThemeAppProperties () returned 0x3
[0266.668] GetThemeAppProperties () returned 0x3
[0266.668] IsThemePartDefined () returned 0x1
[0266.668] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0266.668] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0266.668] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0266.668] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0266.668] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfe4) returned 0x0
[0266.668] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.668] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0266.668] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.668] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.668] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0266.668] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.668] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0266.668] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0266.668] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0266.668] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0266.668] GdipDeleteRegion (region=0x6645518) returned 0x0
[0266.668] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0266.669] GetCurrentObject (hdc=0x6c0107d3, type=0x1) returned 0xb00017
[0266.669] GetCurrentObject (hdc=0x6c0107d3, type=0x2) returned 0x900010
[0266.669] GetCurrentObject (hdc=0x6c0107d3, type=0x7) returned 0x4a0507fe
[0266.674] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.674] SaveDC (hdc=0x6c0107d3) returned 1
[0266.674] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x520407de
[0266.674] GetClipRgn (hdc=0x6c0107d3, hrgn=0x520407de) returned 0
[0266.674] SelectClipRgn (hdc=0x6c0107d3, hrgn=0xbe040807) returned 2
[0266.674] DeleteObject (ho=0x520407de) returned 1
[0266.674] DeleteObject (ho=0xbe040807) returned 1
[0266.674] OffsetViewportOrgEx (in: hdc=0x6c0107d3, x=0, y=0, lppt=0x2c6b5f8 | out: lppt=0x2c6b5f8) returned 1
[0266.674] DrawThemeParentBackground () returned 0x0
[0266.674] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0266.674] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0266.675] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.675] GetSystemMetrics (nIndex=42) returned 0
[0266.675] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0266.675] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0266.675] GetCurrentObject (hdc=0x6c0107d3, type=0x1) returned 0xb00017
[0266.675] GetCurrentObject (hdc=0x6c0107d3, type=0x2) returned 0x900010
[0266.675] GetCurrentObject (hdc=0x6c0107d3, type=0x7) returned 0x4a0507fe
[0266.675] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.675] SaveDC (hdc=0x6c0107d3) returned 2
[0266.675] GetNearestColor (hdc=0x6c0107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.675] CreateSolidBrush (color=0xf0f0f0) returned 0xe71007e1
[0266.675] FillRect (hDC=0x6c0107d3, lprc=0xd7da30, hbr=0xe71007e1) returned 1
[0266.675] DeleteObject (ho=0xe71007e1) returned 1
[0266.675] RestoreDC (hdc=0x6c0107d3, nSavedDC=-1) returned 1
[0266.675] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.675] GetSystemMetrics (nIndex=42) returned 0
[0266.675] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0266.676] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0266.676] GetCurrentObject (hdc=0x6c0107d3, type=0x1) returned 0xb00017
[0266.676] GetCurrentObject (hdc=0x6c0107d3, type=0x2) returned 0x900010
[0266.676] GetCurrentObject (hdc=0x6c0107d3, type=0x7) returned 0x4a0507fe
[0266.676] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.676] SaveDC (hdc=0x6c0107d3) returned 2
[0266.676] GetNearestColor (hdc=0x6c0107d3, color=0xf0f0f0) returned 0xf0f0f0
[0266.676] CreateSolidBrush (color=0xf0f0f0) returned 0xe81007e1
[0266.676] FillRect (hDC=0x6c0107d3, lprc=0xd7d9d0, hbr=0xe81007e1) returned 1
[0266.676] DeleteObject (ho=0xe81007e1) returned 1
[0266.676] RestoreDC (hdc=0x6c0107d3, nSavedDC=-1) returned 1
[0266.676] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.676] GetSystemMetrics (nIndex=42) returned 0
[0266.676] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0266.676] RestoreDC (hdc=0x6c0107d3, nSavedDC=-1) returned 1
[0266.677] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107d3) returned 0x0
[0266.677] IsAppThemed () returned 0x1
[0266.677] GetThemeAppProperties () returned 0x3
[0266.677] GetThemeAppProperties () returned 0x3
[0266.677] IsAppThemed () returned 0x1
[0266.677] GetThemeAppProperties () returned 0x3
[0266.677] GetThemeAppProperties () returned 0x3
[0266.677] IsThemePartDefined () returned 0x1
[0266.677] GdipCreateRegion (region=0xd7df50) returned 0x0
[0266.677] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0266.677] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0266.677] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0266.677] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df68) returned 0x0
[0266.677] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.677] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0266.677] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.677] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.677] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0266.677] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.677] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0266.677] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df90) returned 0x0
[0266.677] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df80) returned 0x0
[0266.677] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0266.678] GdipDeleteRegion (region=0x6645638) returned 0x0
[0266.678] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0266.678] GetCurrentObject (hdc=0x6c0107d3, type=0x1) returned 0xb00017
[0266.678] GetCurrentObject (hdc=0x6c0107d3, type=0x2) returned 0x900010
[0266.678] GetCurrentObject (hdc=0x6c0107d3, type=0x7) returned 0x4a0507fe
[0266.678] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.678] SaveDC (hdc=0x6c0107d3) returned 1
[0266.678] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbf040807
[0266.678] GetClipRgn (hdc=0x6c0107d3, hrgn=0xbf040807) returned 0
[0266.678] SelectClipRgn (hdc=0x6c0107d3, hrgn=0x540407de) returned 2
[0266.678] DeleteObject (ho=0xbf040807) returned 1
[0266.678] DeleteObject (ho=0x540407de) returned 1
[0266.678] OffsetViewportOrgEx (in: hdc=0x6c0107d3, x=0, y=0, lppt=0x2c6bea4 | out: lppt=0x2c6bea4) returned 1
[0266.678] IsAppThemed () returned 0x1
[0266.678] GetThemeAppProperties () returned 0x3
[0266.678] GetThemeAppProperties () returned 0x3
[0266.678] DrawThemeBackground () returned 0x0
[0266.678] RestoreDC (hdc=0x6c0107d3, nSavedDC=-1) returned 1
[0266.679] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107d3) returned 0x0
[0266.679] GdipCreateRegion (region=0xd7df54) returned 0x0
[0266.679] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0266.679] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0266.679] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0266.679] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df6c) returned 0x0
[0266.679] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0266.679] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0266.679] LocalFree (hMem=0x11ee868) returned 0x0
[0266.679] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.679] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0266.679] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.679] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0266.679] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df94) returned 0x0
[0266.679] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7df84) returned 0x0
[0266.679] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0266.679] GdipDeleteRegion (region=0x6645518) returned 0x0
[0266.679] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0266.679] GetCurrentObject (hdc=0x6c0107d3, type=0x1) returned 0xb00017
[0266.680] GetCurrentObject (hdc=0x6c0107d3, type=0x2) returned 0x900010
[0266.680] GetCurrentObject (hdc=0x6c0107d3, type=0x7) returned 0x4a0507fe
[0266.680] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.680] SaveDC (hdc=0x6c0107d3) returned 1
[0266.680] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x550407de
[0266.680] GetClipRgn (hdc=0x6c0107d3, hrgn=0x550407de) returned 0
[0266.680] SelectClipRgn (hdc=0x6c0107d3, hrgn=0xc0040807) returned 2
[0266.680] DeleteObject (ho=0x550407de) returned 1
[0266.680] DeleteObject (ho=0xc0040807) returned 1
[0266.680] OffsetViewportOrgEx (in: hdc=0x6c0107d3, x=0, y=0, lppt=0x2c6c178 | out: lppt=0x2c6c178) returned 1
[0266.680] IsAppThemed () returned 0x1
[0266.680] GetThemeAppProperties () returned 0x3
[0266.680] GetThemeAppProperties () returned 0x3
[0266.680] GetThemeBackgroundContentRect () returned 0x0
[0266.680] RestoreDC (hdc=0x6c0107d3, nSavedDC=-1) returned 1
[0266.680] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107d3) returned 0x0
[0266.680] IsAppThemed () returned 0x1
[0266.681] GetThemeAppProperties () returned 0x3
[0266.681] GetThemeAppProperties () returned 0x3
[0266.681] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0266.681] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0266.681] GetCurrentObject (hdc=0x6c0107d3, type=0x1) returned 0xb00017
[0266.681] GetCurrentObject (hdc=0x6c0107d3, type=0x2) returned 0x900010
[0266.681] GetCurrentObject (hdc=0x6c0107d3, type=0x7) returned 0x4a0507fe
[0266.681] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.681] SaveDC (hdc=0x6c0107d3) returned 1
[0266.681] GetTextAlign (hdc=0x6c0107d3) returned 0x0
[0266.681] GetTextColor (hdc=0x6c0107d3) returned 0x0
[0266.681] GetCurrentObject (hdc=0x6c0107d3, type=0x6) returned 0x8a01c2
[0266.681] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0266.681] SelectObject (hdc=0x6c0107d3, h=0x6d0a0520) returned 0x8a01c2
[0266.681] GetBkMode (hdc=0x6c0107d3) returned 2
[0266.681] SetBkMode (hdc=0x6c0107d3, mode=1) returned 2
[0266.681] DrawTextExW (in: hdc=0x6c0107d3, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2c6c518 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0266.681] DrawTextExW (in: hdc=0x6c0107d3, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2c6c518 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0266.682] RestoreDC (hdc=0x6c0107d3, nSavedDC=-1) returned 1
[0266.682] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107d3) returned 0x0
[0266.682] GetFocus () returned 0x2b02d8
[0266.682] IsAppThemed () returned 0x1
[0266.682] GetThemeAppProperties () returned 0x3
[0266.682] GetThemeAppProperties () returned 0x3
[0266.682] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0266.682] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x6c0107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.682] GdipReleaseDC (graphics=0x6600030, hdc=0x6c0107d3) returned 0x0
[0266.682] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.682] SelectObject (hdc=0x6c0107d3, h=0x85000f) returned 0x4a0507fe
[0266.682] DeleteDC (hdc=0x6c0107d3) returned 1
[0266.682] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.682] EndPaint (hWnd=0x2902de, lpPaint=0xd7e24c) returned 1
[0266.683] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.683] IsWindowUnicode (hWnd=0x602c4) returned 1
[0266.683] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.683] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.683] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.683] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0266.683] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.683] CreateCompatibleDC (hdc=0x10105d6) returned 0x6e0107d3
[0266.683] SelectObject (hdc=0x6e0107d3, h=0x4a0507fe) returned 0x85000f
[0266.683] GdipCreateFromHDC (hdc=0x6e0107d3, graphics=0xd7e268) returned 0x0
[0266.683] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.683] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0266.683] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0266.683] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0266.684] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0266.684] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.684] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0266.684] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.684] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0266.684] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0266.684] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0266.684] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0266.684] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0266.684] GdipRestoreGraphics (graphics=0x6600030, state=0xf75e0dbd) returned 0x0
[0266.684] GdipDeleteRegion (region=0x6645758) returned 0x0
[0266.684] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0266.684] GetCurrentObject (hdc=0x6e0107d3, type=0x1) returned 0xb00017
[0266.684] GetCurrentObject (hdc=0x6e0107d3, type=0x2) returned 0x900010
[0266.684] GetCurrentObject (hdc=0x6e0107d3, type=0x7) returned 0x4a0507fe
[0266.684] GetCurrentObject (hdc=0x6e0107d3, type=0x6) returned 0x8a01c2
[0266.684] SaveDC (hdc=0x6e0107d3) returned 1
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0xff) returned 0xff
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0x55) returned 0x55
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0x0) returned 0x0
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0x55) returned 0x55
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0x0) returned 0x0
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0x8080ff) returned 0x8080ff
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0x7373e5) returned 0x7373e5
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0xe5) returned 0xe5
[0266.728] GetNearestColor (hdc=0x6e0107d3, color=0x0) returned 0x0
[0266.729] RestoreDC (hdc=0x6e0107d3, nSavedDC=-1) returned 1
[0266.729] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107d3) returned 0x0
[0266.729] IsAppThemed () returned 0x1
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] IsAppThemed () returned 0x1
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2c6cce0 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0266.729] IsAppThemed () returned 0x1
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] IsAppThemed () returned 0x1
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] GetThemeAppProperties () returned 0x3
[0266.729] GetFocus () returned 0x2b02d8
[0266.730] IsAppThemed () returned 0x1
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] IsAppThemed () returned 0x1
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] IsThemePartDefined () returned 0x1
[0266.730] IsAppThemed () returned 0x1
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.730] IsAppThemed () returned 0x1
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] IsAppThemed () returned 0x1
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] GetThemeAppProperties () returned 0x3
[0266.730] IsThemePartDefined () returned 0x1
[0266.730] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0266.730] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0266.730] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0266.730] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0266.730] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0266.730] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.730] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0266.730] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.731] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.731] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0266.731] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.731] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0266.731] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0266.731] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0266.731] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0266.731] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0266.731] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0266.731] GetCurrentObject (hdc=0x6e0107d3, type=0x1) returned 0xb00017
[0266.731] GetCurrentObject (hdc=0x6e0107d3, type=0x2) returned 0x900010
[0266.731] GetCurrentObject (hdc=0x6e0107d3, type=0x7) returned 0x4a0507fe
[0266.731] GetCurrentObject (hdc=0x6e0107d3, type=0x6) returned 0x8a01c2
[0266.731] SaveDC (hdc=0x6e0107d3) returned 1
[0266.735] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc1040807
[0266.735] GetClipRgn (hdc=0x6e0107d3, hrgn=0xc1040807) returned 0
[0266.735] SelectClipRgn (hdc=0x6e0107d3, hrgn=0x590407de) returned 2
[0266.735] DeleteObject (ho=0xc1040807) returned 1
[0266.735] DeleteObject (ho=0x590407de) returned 1
[0266.736] OffsetViewportOrgEx (in: hdc=0x6e0107d3, x=0, y=0, lppt=0x2c6d390 | out: lppt=0x2c6d390) returned 1
[0266.736] DrawThemeParentBackground () returned 0x0
[0266.736] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0266.736] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0266.736] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.736] GetSystemMetrics (nIndex=42) returned 0
[0266.736] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0266.736] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0266.736] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0266.736] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0266.736] SelectPalette (hdc=0x6e0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.736] GdipCreateFromHDC (hdc=0x6e0107d3, graphics=0xd7dac8) returned 0x0
[0266.737] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0266.737] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0266.737] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638ba8) returned 0x0
[0266.737] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7daa0) returned 0x0
[0266.737] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0266.737] GdipCreateRegion (region=0xd7da88) returned 0x0
[0266.737] GdipGetClip (graphics=0x6635e20, region=0x6646b08) returned 0x0
[0266.737] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6635e20, result=0xd7da94) returned 0x0
[0266.737] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0266.737] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dac0) returned 0x0
[0266.737] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0266.743] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635ba8, x=0, y=0, width=801, height=453) returned 0x0
[0266.743] GdipDeleteBrush (brush=0x6635ba8) returned 0x0
[0266.745] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0266.745] SelectPalette (hdc=0x6e0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.745] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.745] GetSystemMetrics (nIndex=42) returned 0
[0266.745] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.745] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0266.745] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0266.745] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0266.745] SelectPalette (hdc=0x6e0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.745] GdipCreateFromHDC (hdc=0x6e0107d3, graphics=0xd7da68) returned 0x0
[0266.746] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0266.746] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0266.746] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638d58) returned 0x0
[0266.746] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7da40) returned 0x0
[0266.746] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0266.746] GdipCreateRegion (region=0xd7da28) returned 0x0
[0266.746] GdipGetClip (graphics=0x6635e20, region=0x6646298) returned 0x0
[0266.746] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6635e20, result=0xd7da34) returned 0x0
[0266.746] GdipDeleteRegion (region=0x6646298) returned 0x0
[0266.746] GdipSaveGraphics (graphics=0x6635e20, state=0xd7da60) returned 0x0
[0266.746] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0266.767] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635590, x=0, y=0, width=801, height=453) returned 0x0
[0266.767] GdipDeleteBrush (brush=0x6635590) returned 0x0
[0266.768] GdipRestoreGraphics (graphics=0x6635e20, state=0xf75a0dbd) returned 0x0
[0266.768] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0266.768] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.768] GetSystemMetrics (nIndex=42) returned 0
[0266.768] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.768] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0266.768] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0266.769] SelectPalette (hdc=0x6e0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.769] RestoreDC (hdc=0x6e0107d3, nSavedDC=-1) returned 1
[0266.769] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107d3) returned 0x0
[0266.769] IsAppThemed () returned 0x1
[0266.769] GetThemeAppProperties () returned 0x3
[0266.769] GetThemeAppProperties () returned 0x3
[0266.769] IsAppThemed () returned 0x1
[0266.769] GetThemeAppProperties () returned 0x3
[0266.769] GetThemeAppProperties () returned 0x3
[0266.769] IsThemePartDefined () returned 0x1
[0266.769] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0266.769] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0266.769] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0266.769] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0266.769] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df74) returned 0x0
[0266.769] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.769] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0266.770] LocalFree (hMem=0x11ee788) returned 0x0
[0266.770] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0266.770] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0266.770] LocalFree (hMem=0x11eecc8) returned 0x0
[0266.770] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0266.770] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0266.770] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0266.770] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0266.770] GdipDeleteRegion (region=0x6646838) returned 0x0
[0266.770] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0266.770] GetCurrentObject (hdc=0x6e0107d3, type=0x1) returned 0xb00017
[0266.770] GetCurrentObject (hdc=0x6e0107d3, type=0x2) returned 0x900010
[0266.770] GetCurrentObject (hdc=0x6e0107d3, type=0x7) returned 0x4a0507fe
[0266.770] GetCurrentObject (hdc=0x6e0107d3, type=0x6) returned 0x8a01c2
[0266.770] SaveDC (hdc=0x6e0107d3) returned 1
[0266.770] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a0407de
[0266.770] GetClipRgn (hdc=0x6e0107d3, hrgn=0x5a0407de) returned 0
[0266.770] SelectClipRgn (hdc=0x6e0107d3, hrgn=0xc3040807) returned 2
[0266.770] DeleteObject (ho=0x5a0407de) returned 1
[0266.770] DeleteObject (ho=0xc3040807) returned 1
[0266.770] OffsetViewportOrgEx (in: hdc=0x6e0107d3, x=0, y=0, lppt=0x2c73be0 | out: lppt=0x2c73be0) returned 1
[0266.771] IsAppThemed () returned 0x1
[0266.771] GetThemeAppProperties () returned 0x3
[0266.771] GetThemeAppProperties () returned 0x3
[0266.771] DrawThemeBackground () returned 0x0
[0266.771] RestoreDC (hdc=0x6e0107d3, nSavedDC=-1) returned 1
[0266.771] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107d3) returned 0x0
[0266.771] GdipCreateRegion (region=0xd7df60) returned 0x0
[0266.771] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0266.771] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0266.771] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0266.771] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0266.771] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0266.771] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0266.771] LocalFree (hMem=0x11eea28) returned 0x0
[0266.771] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.771] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0266.771] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.771] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0266.771] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0266.771] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0266.771] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0266.771] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0266.772] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0266.772] GetCurrentObject (hdc=0x6e0107d3, type=0x1) returned 0xb00017
[0266.772] GetCurrentObject (hdc=0x6e0107d3, type=0x2) returned 0x900010
[0266.772] GetCurrentObject (hdc=0x6e0107d3, type=0x7) returned 0x4a0507fe
[0266.772] GetCurrentObject (hdc=0x6e0107d3, type=0x6) returned 0x8a01c2
[0266.772] SaveDC (hdc=0x6e0107d3) returned 1
[0266.772] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc4040807
[0266.772] GetClipRgn (hdc=0x6e0107d3, hrgn=0xc4040807) returned 0
[0266.772] SelectClipRgn (hdc=0x6e0107d3, hrgn=0x5b0407de) returned 2
[0266.772] DeleteObject (ho=0xc4040807) returned 1
[0266.772] DeleteObject (ho=0x5b0407de) returned 1
[0266.772] OffsetViewportOrgEx (in: hdc=0x6e0107d3, x=0, y=0, lppt=0x2c73eb4 | out: lppt=0x2c73eb4) returned 1
[0266.772] IsAppThemed () returned 0x1
[0266.772] GetThemeAppProperties () returned 0x3
[0266.772] GetThemeAppProperties () returned 0x3
[0266.772] GetThemeBackgroundContentRect () returned 0x0
[0266.772] RestoreDC (hdc=0x6e0107d3, nSavedDC=-1) returned 1
[0266.772] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107d3) returned 0x0
[0266.772] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0266.772] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0266.772] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0266.773] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0266.773] IsAppThemed () returned 0x1
[0266.773] GetThemeAppProperties () returned 0x3
[0266.773] GetThemeAppProperties () returned 0x3
[0266.773] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0266.773] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0266.773] GetCurrentObject (hdc=0x6e0107d3, type=0x1) returned 0xb00017
[0266.773] GetCurrentObject (hdc=0x6e0107d3, type=0x2) returned 0x900010
[0266.773] GetCurrentObject (hdc=0x6e0107d3, type=0x7) returned 0x4a0507fe
[0266.773] GetCurrentObject (hdc=0x6e0107d3, type=0x6) returned 0x8a01c2
[0266.773] SaveDC (hdc=0x6e0107d3) returned 1
[0266.773] GetTextAlign (hdc=0x6e0107d3) returned 0x0
[0266.773] GetTextColor (hdc=0x6e0107d3) returned 0x0
[0266.773] GetCurrentObject (hdc=0x6e0107d3, type=0x6) returned 0x8a01c2
[0266.773] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0266.773] SelectObject (hdc=0x6e0107d3, h=0x6d0a0520) returned 0x8a01c2
[0266.773] GetBkMode (hdc=0x6e0107d3) returned 2
[0266.773] SetBkMode (hdc=0x6e0107d3, mode=1) returned 2
[0266.774] DrawTextExW (in: hdc=0x6e0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2c74278 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0266.774] DrawTextExW (in: hdc=0x6e0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2c74278 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0266.774] RestoreDC (hdc=0x6e0107d3, nSavedDC=-1) returned 1
[0266.774] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107d3) returned 0x0
[0266.774] GetFocus () returned 0x2b02d8
[0266.774] IsAppThemed () returned 0x1
[0266.774] GetThemeAppProperties () returned 0x3
[0266.774] GetThemeAppProperties () returned 0x3
[0266.774] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0266.774] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x6e0107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.775] GdipReleaseDC (graphics=0x6600030, hdc=0x6e0107d3) returned 0x0
[0266.775] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.775] SelectObject (hdc=0x6e0107d3, h=0x85000f) returned 0x4a0507fe
[0266.775] DeleteDC (hdc=0x6e0107d3) returned 1
[0266.775] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.775] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0266.775] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.775] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.775] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.775] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.775] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.776] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.776] IsWindowUnicode (hWnd=0x2902de) returned 1
[0266.776] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.776] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.776] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.776] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.776] IsWindowUnicode (hWnd=0x2902de) returned 1
[0266.776] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.776] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.776] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.777] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x2a1, wParam=0x0, lParam=0xc0047) returned 0x0
[0266.777] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.777] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.777] WaitMessage () returned 1
[0266.786] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.787] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0266.787] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.787] WaitMessage () returned 1
[0266.787] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0266.788] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.788] WaitMessage () returned 1
[0266.788] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0266.788] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.788] WaitMessage () returned 1
[0266.815] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.815] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.815] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.815] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.815] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.816] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.816] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.816] WaitMessage () returned 1
[0266.817] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.817] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.817] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.817] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.817] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.818] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.818] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.818] WaitMessage () returned 1
[0266.818] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.818] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.818] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.818] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.818] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.819] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.820] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.820] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.820] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.820] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.820] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.820] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.820] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.820] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.820] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.820] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.821] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.821] WaitMessage () returned 1
[0266.821] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.821] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.821] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.821] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.821] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.822] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.822] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.822] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.822] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.822] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.823] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.823] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.823] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.823] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.823] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.823] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.823] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.823] WaitMessage () returned 1
[0266.824] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.824] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.824] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.824] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.824] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.825] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.829] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.829] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.829] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.829] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.830] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.830] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.830] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.830] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.830] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.830] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.830] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.830] WaitMessage () returned 1
[0266.832] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.832] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.832] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.832] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.832] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.833] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.834] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.834] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.834] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.834] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.834] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.835] IsWindowUnicode (hWnd=0x30122) returned 1
[0266.835] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.835] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.835] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.835] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.835] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.835] WaitMessage () returned 1
[0266.888] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.888] IsWindowUnicode (hWnd=0x502c6) returned 1
[0266.888] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.888] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.888] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.888] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.888] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0266.888] WaitMessage () returned 1
[0266.966] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.967] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0266.967] IsWindowUnicode (hWnd=0x2902de) returned 1
[0266.967] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.967] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0266.967] GetDlgItem (hDlg=0x2902da, nIDDlgItem=0) returned 0x0
[0266.967] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x210, wParam=0x201, lParam=0x6a0128) returned 0x0
[0266.967] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x21, wParam=0x2902da, lParam=0x2010001) returned 0x1
[0266.967] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x21, wParam=0x2902da, lParam=0x2010001) returned 0x1
[0266.967] SetCursor (hCursor=0x10003) returned 0x10003
[0266.968] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.968] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.968] GetKeyState (nVirtKey=1) returned -127
[0266.968] GetKeyState (nVirtKey=2) returned 0
[0266.968] GetKeyState (nVirtKey=4) returned 0
[0266.968] GetKeyState (nVirtKey=5) returned 0
[0266.968] GetKeyState (nVirtKey=6) returned 0
[0266.968] IsWindowVisible (hWnd=0x2902de) returned 1
[0266.968] IsWindowEnabled (hWnd=0x2902de) returned 1
[0266.968] SetFocus (hWnd=0x2902de) returned 0x2b02d8
[0266.968] GetFocus () returned 0x2902de
[0266.968] IsChild (hWndParent=0x2902da, hWnd=0x2902de) returned 1
[0266.968] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x8, wParam=0x2902de, lParam=0x0) returned 0x0
[0266.969] GetCapture () returned 0x0
[0266.969] InvalidateRect (hWnd=0x2b02d8, lpRect=0x0, bErase=0) returned 1
[0266.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0266.971] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0266.973] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0266.973] InvalidateRect (hWnd=0x2b02d8, lpRect=0x0, bErase=0) returned 1
[0266.973] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0266.973] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x7, wParam=0x2b02d8, lParam=0x0) returned 0x0
[0266.973] GetStockObject (i=5) returned 0x900015
[0266.973] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0266.973] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0266.973] GetDlgItem (hDlg=0x2902da, nIDDlgItem=2687710) returned 0x2902de
[0266.974] SendMessageW (hWnd=0x2902de, Msg=0x202b, wParam=0x2902de, lParam=0xd7dddc) returned 0x0
[0266.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x202b, wParam=0x2902de, lParam=0xd7dddc) returned 0x0
[0266.974] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0266.975] GetFocus () returned 0x2902de
[0266.975] GetFocus () returned 0x2902de
[0266.975] GetFocus () returned 0x2902de
[0266.976] GetKeyState (nVirtKey=1) returned -127
[0266.976] GetKeyState (nVirtKey=2) returned 0
[0266.976] GetKeyState (nVirtKey=4) returned 0
[0266.976] GetKeyState (nVirtKey=5) returned 0
[0266.976] GetKeyState (nVirtKey=6) returned 0
[0266.976] GetCapture () returned 0x0
[0266.976] SetCapture (hWnd=0x2902de) returned 0x0
[0266.976] GetKeyState (nVirtKey=1) returned -127
[0266.976] GetKeyState (nVirtKey=2) returned 0
[0266.976] GetKeyState (nVirtKey=4) returned 0
[0266.976] GetKeyState (nVirtKey=5) returned 0
[0266.976] GetKeyState (nVirtKey=6) returned 0
[0266.976] NotifyWinEvent (event=0x800a, hwnd=0x2902de, idObject=-4, idChild=0)
[0266.976] InvalidateRect (hWnd=0x2902de, lpRect=0xd7e430, bErase=0) returned 1
[0266.976] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.976] IsWindowUnicode (hWnd=0x2902de) returned 1
[0266.976] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.976] TranslateMessage (lpMsg=0xd7e808) returned 0
[0266.976] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0266.977] MapWindowPoints (in: hWndFrom=0x2902de, hWndTo=0x0, lpPoints=0x2c745f4, cPoints=0x1 | out: lpPoints=0x2c745f4) returned 30999254
[0266.977] NotifyWinEvent (event=0x800a, hwnd=0x2902de, idObject=-4, idChild=0)
[0266.977] InvalidateRect (hWnd=0x2902de, lpRect=0xd7e3d0, bErase=0) returned 1
[0266.977] UpdateWindow (hWnd=0x2902de) returned 1
[0266.977] BeginPaint (in: hWnd=0x2902de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0266.977] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0266.977] CreateCompatibleDC (hdc=0xf0105ee) returned 0x820106b6
[0266.977] SelectObject (hdc=0x820106b6, h=0x4a0507fe) returned 0x85000f
[0266.977] GdipCreateFromHDC (hdc=0x820106b6, graphics=0xd7df00) returned 0x0
[0266.977] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0266.978] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0266.978] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0266.978] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0266.978] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df60) returned 0x0
[0266.978] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0266.978] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0266.978] LocalFree (hMem=0x11eead0) returned 0x0
[0266.978] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0266.978] GdipCreateRegion (region=0xd7df48) returned 0x0
[0266.978] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0266.978] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df54) returned 0x0
[0266.978] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0266.978] GdipRestoreGraphics (graphics=0x6600030, state=0xf7580dbd) returned 0x0
[0266.978] GdipDeleteRegion (region=0x6646688) returned 0x0
[0266.978] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0266.978] GetCurrentObject (hdc=0x820106b6, type=0x1) returned 0xb00017
[0266.978] GetCurrentObject (hdc=0x820106b6, type=0x2) returned 0x900010
[0266.979] GetCurrentObject (hdc=0x820106b6, type=0x7) returned 0x4a0507fe
[0266.979] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.979] SaveDC (hdc=0x820106b6) returned 1
[0266.979] GetNearestColor (hdc=0x820106b6, color=0xf0f0f0) returned 0xf0f0f0
[0266.979] GetNearestColor (hdc=0x820106b6, color=0xa0a0a0) returned 0xa0a0a0
[0266.979] GetNearestColor (hdc=0x820106b6, color=0x696969) returned 0x696969
[0266.979] GetNearestColor (hdc=0x820106b6, color=0xa0a0a0) returned 0xa0a0a0
[0266.979] GetNearestColor (hdc=0x820106b6, color=0x0) returned 0x0
[0266.979] GetNearestColor (hdc=0x820106b6, color=0xffffff) returned 0xffffff
[0266.979] GetNearestColor (hdc=0x820106b6, color=0xe5e5e5) returned 0xe5e5e5
[0266.979] GetNearestColor (hdc=0x820106b6, color=0xd7d7d7) returned 0xd7d7d7
[0266.979] GetNearestColor (hdc=0x820106b6, color=0x0) returned 0x0
[0266.979] RestoreDC (hdc=0x820106b6, nSavedDC=-1) returned 1
[0266.980] GdipReleaseDC (graphics=0x6600030, hdc=0x820106b6) returned 0x0
[0266.980] IsAppThemed () returned 0x1
[0266.980] GetThemeAppProperties () returned 0x3
[0266.980] GetThemeAppProperties () returned 0x3
[0266.980] IsAppThemed () returned 0x1
[0266.980] GetThemeAppProperties () returned 0x3
[0266.980] GetThemeAppProperties () returned 0x3
[0266.980] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2c74d4c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0266.980] IsAppThemed () returned 0x1
[0266.980] GetThemeAppProperties () returned 0x3
[0266.980] GetThemeAppProperties () returned 0x3
[0266.980] IsAppThemed () returned 0x1
[0266.980] GetThemeAppProperties () returned 0x3
[0266.981] GetThemeAppProperties () returned 0x3
[0266.981] IsAppThemed () returned 0x1
[0266.981] GetThemeAppProperties () returned 0x3
[0266.981] GetThemeAppProperties () returned 0x3
[0266.981] IsAppThemed () returned 0x1
[0266.981] GetThemeAppProperties () returned 0x3
[0266.981] GetThemeAppProperties () returned 0x3
[0266.981] IsThemePartDefined () returned 0x1
[0266.981] IsAppThemed () returned 0x1
[0266.981] GetThemeAppProperties () returned 0x3
[0266.981] GetThemeAppProperties () returned 0x3
[0266.981] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0266.981] IsAppThemed () returned 0x1
[0266.981] GetThemeAppProperties () returned 0x3
[0266.984] GetThemeAppProperties () returned 0x3
[0266.984] IsAppThemed () returned 0x1
[0266.984] GetThemeAppProperties () returned 0x3
[0266.984] GetThemeAppProperties () returned 0x3
[0266.984] IsThemePartDefined () returned 0x1
[0266.984] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0266.984] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0266.984] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0266.984] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0266.984] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc7c) returned 0x0
[0266.984] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0266.984] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0266.985] LocalFree (hMem=0x11ee9f0) returned 0x0
[0266.985] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.985] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0266.985] LocalFree (hMem=0x11ee788) returned 0x0
[0266.985] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0266.985] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0266.985] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0266.985] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0266.985] GdipDeleteRegion (region=0x6646328) returned 0x0
[0266.985] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0266.985] GetCurrentObject (hdc=0x820106b6, type=0x1) returned 0xb00017
[0266.985] GetCurrentObject (hdc=0x820106b6, type=0x2) returned 0x900010
[0266.985] GetCurrentObject (hdc=0x820106b6, type=0x7) returned 0x4a0507fe
[0266.985] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.985] SaveDC (hdc=0x820106b6) returned 1
[0266.986] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5c0407de
[0266.986] GetClipRgn (hdc=0x820106b6, hrgn=0x5c0407de) returned 0
[0266.986] SelectClipRgn (hdc=0x820106b6, hrgn=0xc8040807) returned 2
[0266.986] DeleteObject (ho=0x5c0407de) returned 1
[0266.986] DeleteObject (ho=0xc8040807) returned 1
[0266.986] OffsetViewportOrgEx (in: hdc=0x820106b6, x=0, y=0, lppt=0x2c753fc | out: lppt=0x2c753fc) returned 1
[0266.986] DrawThemeParentBackground () returned 0x0
[0266.986] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0266.986] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0266.986] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.986] GetSystemMetrics (nIndex=42) returned 0
[0266.986] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0266.987] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0266.987] GetCurrentObject (hdc=0x820106b6, type=0x1) returned 0xb00017
[0266.987] GetCurrentObject (hdc=0x820106b6, type=0x2) returned 0x900010
[0266.987] GetCurrentObject (hdc=0x820106b6, type=0x7) returned 0x4a0507fe
[0266.987] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.987] SaveDC (hdc=0x820106b6) returned 2
[0266.987] GetNearestColor (hdc=0x820106b6, color=0xf0f0f0) returned 0xf0f0f0
[0266.987] CreateSolidBrush (color=0xf0f0f0) returned 0xe91007e1
[0266.987] FillRect (hDC=0x820106b6, lprc=0xd7d6c8, hbr=0xe91007e1) returned 1
[0266.987] DeleteObject (ho=0xe91007e1) returned 1
[0266.987] RestoreDC (hdc=0x820106b6, nSavedDC=-1) returned 1
[0266.987] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.987] GetSystemMetrics (nIndex=42) returned 0
[0266.987] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0266.987] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0266.988] GetCurrentObject (hdc=0x820106b6, type=0x1) returned 0xb00017
[0266.988] GetCurrentObject (hdc=0x820106b6, type=0x2) returned 0x900010
[0266.988] GetCurrentObject (hdc=0x820106b6, type=0x7) returned 0x4a0507fe
[0266.988] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.988] SaveDC (hdc=0x820106b6) returned 2
[0266.988] GetNearestColor (hdc=0x820106b6, color=0xf0f0f0) returned 0xf0f0f0
[0266.988] CreateSolidBrush (color=0xf0f0f0) returned 0xea1007e1
[0266.988] FillRect (hDC=0x820106b6, lprc=0xd7d668, hbr=0xea1007e1) returned 1
[0266.988] DeleteObject (ho=0xea1007e1) returned 1
[0266.988] RestoreDC (hdc=0x820106b6, nSavedDC=-1) returned 1
[0266.988] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0266.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0266.988] GetSystemMetrics (nIndex=42) returned 0
[0266.988] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0266.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0266.989] RestoreDC (hdc=0x820106b6, nSavedDC=-1) returned 1
[0266.989] GdipReleaseDC (graphics=0x6600030, hdc=0x820106b6) returned 0x0
[0266.989] IsAppThemed () returned 0x1
[0266.989] GetThemeAppProperties () returned 0x3
[0266.989] GetThemeAppProperties () returned 0x3
[0266.989] IsAppThemed () returned 0x1
[0266.989] GetThemeAppProperties () returned 0x3
[0266.989] GetThemeAppProperties () returned 0x3
[0266.989] IsThemePartDefined () returned 0x1
[0266.989] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0266.989] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0266.989] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0266.989] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0266.989] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc00) returned 0x0
[0266.989] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0266.989] LocalFree (hMem=0x11eec58) returned 0x0
[0266.990] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0266.990] LocalFree (hMem=0x11eed00) returned 0x0
[0266.990] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0266.990] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0266.990] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0266.990] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0266.990] GdipDeleteRegion (region=0x6646568) returned 0x0
[0266.990] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0266.990] GetCurrentObject (hdc=0x820106b6, type=0x1) returned 0xb00017
[0266.990] GetCurrentObject (hdc=0x820106b6, type=0x2) returned 0x900010
[0266.990] GetCurrentObject (hdc=0x820106b6, type=0x7) returned 0x4a0507fe
[0266.990] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.990] SaveDC (hdc=0x820106b6) returned 1
[0266.990] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc9040807
[0266.990] GetClipRgn (hdc=0x820106b6, hrgn=0xc9040807) returned 0
[0266.990] SelectClipRgn (hdc=0x820106b6, hrgn=0x5e0407de) returned 2
[0266.991] DeleteObject (ho=0xc9040807) returned 1
[0266.991] DeleteObject (ho=0x5e0407de) returned 1
[0266.991] OffsetViewportOrgEx (in: hdc=0x820106b6, x=0, y=0, lppt=0x2c75ca8 | out: lppt=0x2c75ca8) returned 1
[0266.991] IsAppThemed () returned 0x1
[0266.991] GetThemeAppProperties () returned 0x3
[0266.991] GetThemeAppProperties () returned 0x3
[0266.991] DrawThemeBackground () returned 0x0
[0266.991] RestoreDC (hdc=0x820106b6, nSavedDC=-1) returned 1
[0266.991] GdipReleaseDC (graphics=0x6600030, hdc=0x820106b6) returned 0x0
[0266.991] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0266.991] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0266.991] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0266.991] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0266.991] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc04) returned 0x0
[0266.991] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.991] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0266.992] LocalFree (hMem=0x11ee788) returned 0x0
[0266.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0266.992] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0266.992] LocalFree (hMem=0x11ee788) returned 0x0
[0266.992] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0266.992] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0266.992] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0266.992] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0266.992] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0266.992] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0266.992] GetCurrentObject (hdc=0x820106b6, type=0x1) returned 0xb00017
[0266.992] GetCurrentObject (hdc=0x820106b6, type=0x2) returned 0x900010
[0266.992] GetCurrentObject (hdc=0x820106b6, type=0x7) returned 0x4a0507fe
[0266.992] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.992] SaveDC (hdc=0x820106b6) returned 1
[0266.992] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f0407de
[0266.992] GetClipRgn (hdc=0x820106b6, hrgn=0x5f0407de) returned 0
[0266.992] SelectClipRgn (hdc=0x820106b6, hrgn=0xca040807) returned 2
[0266.993] DeleteObject (ho=0x5f0407de) returned 1
[0266.993] DeleteObject (ho=0xca040807) returned 1
[0266.993] OffsetViewportOrgEx (in: hdc=0x820106b6, x=0, y=0, lppt=0x2c75f7c | out: lppt=0x2c75f7c) returned 1
[0266.993] IsAppThemed () returned 0x1
[0266.993] GetThemeAppProperties () returned 0x3
[0266.993] GetThemeAppProperties () returned 0x3
[0266.993] GetThemeBackgroundContentRect () returned 0x0
[0266.993] RestoreDC (hdc=0x820106b6, nSavedDC=-1) returned 1
[0266.993] GdipReleaseDC (graphics=0x6600030, hdc=0x820106b6) returned 0x0
[0266.993] IsAppThemed () returned 0x1
[0266.993] GetThemeAppProperties () returned 0x3
[0266.993] GetThemeAppProperties () returned 0x3
[0266.993] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0266.993] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0266.993] GetCurrentObject (hdc=0x820106b6, type=0x1) returned 0xb00017
[0266.993] GetCurrentObject (hdc=0x820106b6, type=0x2) returned 0x900010
[0266.993] GetCurrentObject (hdc=0x820106b6, type=0x7) returned 0x4a0507fe
[0266.993] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.993] SaveDC (hdc=0x820106b6) returned 1
[0266.993] GetTextAlign (hdc=0x820106b6) returned 0x0
[0266.993] GetTextColor (hdc=0x820106b6) returned 0x0
[0266.993] GetCurrentObject (hdc=0x820106b6, type=0x6) returned 0x8a01c2
[0266.994] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0266.994] SelectObject (hdc=0x820106b6, h=0x6d0a0520) returned 0x8a01c2
[0266.994] GetBkMode (hdc=0x820106b6) returned 2
[0266.994] SetBkMode (hdc=0x820106b6, mode=1) returned 2
[0266.994] DrawTextExW (in: hdc=0x820106b6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2c7631c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0266.994] DrawTextExW (in: hdc=0x820106b6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2c7631c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0266.994] RestoreDC (hdc=0x820106b6, nSavedDC=-1) returned 1
[0266.994] GdipReleaseDC (graphics=0x6600030, hdc=0x820106b6) returned 0x0
[0266.994] GetFocus () returned 0x2902de
[0266.994] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0266.995] SendMessageW (hWnd=0x2902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0266.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0266.995] IsAppThemed () returned 0x1
[0266.995] GetThemeAppProperties () returned 0x3
[0266.995] GetThemeAppProperties () returned 0x3
[0266.995] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0266.995] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x820106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0266.995] GdipReleaseDC (graphics=0x6600030, hdc=0x820106b6) returned 0x0
[0266.995] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0266.995] SelectObject (hdc=0x820106b6, h=0x85000f) returned 0x4a0507fe
[0266.995] DeleteDC (hdc=0x820106b6) returned 1
[0266.995] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0266.995] EndPaint (hWnd=0x2902de, lpPaint=0xd7dee4) returned 1
[0266.995] MapWindowPoints (in: hWndFrom=0x2902de, hWndTo=0x0, lpPoints=0x2c76418, cPoints=0x1 | out: lpPoints=0x2c76418) returned 30999254
[0266.995] WindowFromPoint (Point=0x31d) returned 0x2902de
[0266.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0266.996] NotifyWinEvent (event=0x800a, hwnd=0x2902de, idObject=-4, idChild=0)
[0266.996] NotifyWinEvent (event=0x800c, hwnd=0x2902de, idObject=-4, idChild=0)
[0266.996] GetCapture () returned 0x2902de
[0266.996] ReleaseCapture () returned 1
[0266.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0266.996] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0266.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0266.997] IsWindow (hWnd=0x7005c) returned 1
[0266.997] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0266.997] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0266.997] IsWindow (hWnd=0x2902da) returned 1
[0266.997] SetActiveWindow (hWnd=0x2902da) returned 0x2902da
[0266.997] IsWindow (hWnd=0x2902da) returned 1
[0266.998] SetFocus (hWnd=0x2902da) returned 0x2902de
[0266.998] GetFocus () returned 0x2902da
[0266.998] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x8, wParam=0x2902da, lParam=0x0) returned 0x0
[0266.998] GetCapture () returned 0x0
[0266.998] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0266.999] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0267.000] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0267.001] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0267.001] GetFocus () returned 0x2902da
[0267.001] SetFocus (hWnd=0x2902de) returned 0x2902da
[0267.002] GetFocus () returned 0x2902de
[0267.002] IsChild (hWndParent=0x2902da, hWnd=0x2902de) returned 1
[0267.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x8, wParam=0x2902de, lParam=0x0) returned 0x0
[0267.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0267.004] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0267.005] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0267.005] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x7, wParam=0x2902da, lParam=0x0) returned 0x0
[0267.005] GetStockObject (i=5) returned 0x900015
[0267.005] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0267.005] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0267.005] GetDlgItem (hDlg=0x2902da, nIDDlgItem=2687710) returned 0x2902de
[0267.005] SendMessageW (hWnd=0x2902de, Msg=0x202b, wParam=0x2902de, lParam=0xd7ddcc) returned 0x0
[0267.005] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x202b, wParam=0x2902de, lParam=0xd7ddcc) returned 0x0
[0267.006] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0267.007] GetWindowLongW (hWnd=0x2902da, nIndex=-8) returned 458844
[0267.007] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0267.007] GetCurrentThreadId () returned 0xf50
[0267.007] IsWindow (hWnd=0x7005c) returned 1
[0267.007] IsWindow (hWnd=0x7005c) returned 1
[0267.007] IsWindowVisible (hWnd=0x7005c) returned 1
[0267.007] SetActiveWindow (hWnd=0x7005c) returned 0x2902da
[0267.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0267.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0267.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0267.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0267.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0267.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0267.011] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0267.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0267.011] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0267.011] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0267.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0267.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0267.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0267.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2902da) returned 0x1
[0267.018] GetFocus () returned 0x2902de
[0267.018] SetFocus (hWnd=0x602c4) returned 0x2902de
[0267.018] GetFocus () returned 0x602c4
[0267.018] IsChild (hWndParent=0x2902da, hWnd=0x602c4) returned 0
[0267.018] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0267.018] GetCapture () returned 0x0
[0267.018] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0267.019] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0267.020] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0267.022] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0267.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0267.022] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0267.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0267.022] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0267.022] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2902de, lParam=0x0) returned 0x0
[0267.023] GetStockObject (i=5) returned 0x900015
[0267.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0267.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8a0) returned 0xc
[0267.023] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0267.023] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0267.023] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0267.023] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0267.024] GetFocus () returned 0x602c4
[0267.024] IsChild (hWndParent=0x2902da, hWnd=0x602c4) returned 0
[0267.024] ShowWindow (hWnd=0x2902da, nCmdShow=0) returned 1
[0267.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0267.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0267.026] GetWindowPlacement (in: hWnd=0x2902da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0267.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0267.026] GetClientRect (in: hWnd=0x2902da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0267.026] GetWindowRect (in: hWnd=0x2902da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0267.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0267.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0267.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0267.027] GetWindowLongW (hWnd=0x2902da, nIndex=-20) returned 327945
[0267.027] DestroyWindow (hWnd=0x2902da) returned 1
[0267.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0267.028] GetWindowTextLengthW (hWnd=0x2902da) returned 13
[0267.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0267.028] GetSystemMetrics (nIndex=42) returned 0
[0267.028] GetWindowTextW (in: hWnd=0x2902da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0267.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0267.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0267.028] GetWindowTextLengthW (hWnd=0x2902dc) returned 0
[0267.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0267.028] GetSystemMetrics (nIndex=42) returned 0
[0267.028] GetWindowTextW (in: hWnd=0x2902dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0267.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0267.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0267.041] GetWindowThreadProcessId (in: hWnd=0x2302c8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0267.041] GetWindow (hWnd=0x2302c8, uCmd=0x5) returned 0x0
[0267.041] GetWindowLongW (hWnd=0x2302c8, nIndex=-20) returned 65792
[0267.041] DestroyWindow (hWnd=0x2302c8) returned 1
[0267.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0267.041] GetWindowTextLengthW (hWnd=0x2302c8) returned 25
[0267.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0267.041] GetSystemMetrics (nIndex=42) returned 0
[0267.041] GetWindowTextW (in: hWnd=0x2302c8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0267.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0267.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0267.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2302c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.042] GetWindowTextLengthW (hWnd=0x2c00ea) returned 232
[0267.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0267.042] GetSystemMetrics (nIndex=42) returned 0
[0267.042] GetWindowTextW (in: hWnd=0x2c00ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0267.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0267.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0267.043] InvalidateRect (hWnd=0x2902de, lpRect=0x0, bErase=0) returned 1
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0267.043] SendMessageW (hWnd=0x1f02ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0267.043] SendMessageW (hWnd=0x1f02ce, Msg=0xb0, wParam=0x2c65a34, lParam=0xd7e480) returned 0x0
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0xb0, wParam=0x2c65a34, lParam=0xd7e480) returned 0x0
[0267.043] GetWindowTextLengthW (hWnd=0x1f02ce) returned 4363
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0267.043] GetSystemMetrics (nIndex=42) returned 0
[0267.043] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0267.043] GetWindowTextW (in: hWnd=0x1f02ce, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0267.043] CoTaskMemFree (pv=0x1202960)
[0267.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0267.044] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.045] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.046] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.047] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2902de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.048] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x1e02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.049] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x1f02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0267.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.051] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.051] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.051] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.051] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0267.051] IsWindowUnicode (hWnd=0x7005c) returned 1
[0267.051] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0267.052] SetCursor (hCursor=0x10003) returned 0x10003
[0267.052] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.052] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.052] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0267.052] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0267.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0267.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x110025f) returned 0x0
[0267.052] GetKeyState (nVirtKey=1) returned 1
[0267.052] GetKeyState (nVirtKey=2) returned 0
[0267.052] GetKeyState (nVirtKey=4) returned 0
[0267.052] GetKeyState (nVirtKey=5) returned 0
[0267.052] GetKeyState (nVirtKey=6) returned 0
[0267.052] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0267.053] IsWindowUnicode (hWnd=0x7005c) returned 1
[0267.053] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.053] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.053] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.053] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0267.053] IsWindowUnicode (hWnd=0x7005c) returned 1
[0267.053] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e5031d) returned 0x1
[0267.053] SetCursor (hCursor=0x10003) returned 0x10003
[0267.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x110025f) returned 0x0
[0267.054] GetKeyState (nVirtKey=1) returned 1
[0267.054] GetKeyState (nVirtKey=2) returned 0
[0267.054] GetKeyState (nVirtKey=4) returned 0
[0267.054] GetKeyState (nVirtKey=5) returned 0
[0267.054] GetKeyState (nVirtKey=6) returned 0
[0267.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.054] IsWindowUnicode (hWnd=0x602c4) returned 1
[0267.054] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.055] IsWindowUnicode (hWnd=0x602c4) returned 1
[0267.055] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.055] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.055] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.055] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0267.055] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0267.055] CreateCompatibleDC (hdc=0xf0105ee) returned 0xf00107f9
[0267.056] SelectObject (hdc=0xf00107f9, h=0x4a0507fe) returned 0x85000f
[0267.057] GdipCreateFromHDC (hdc=0xf00107f9, graphics=0xd7e798) returned 0x0
[0267.057] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0267.057] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0267.057] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0267.057] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0267.057] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e7f8) returned 0x0
[0267.057] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0267.057] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0267.058] LocalFree (hMem=0x11ee868) returned 0x0
[0267.058] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0267.058] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0267.058] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0267.058] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0267.058] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0267.058] GdipRestoreGraphics (graphics=0x6600030, state=0xf7560dbd) returned 0x0
[0267.058] GdipDeleteRegion (region=0x6646838) returned 0x0
[0267.058] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0267.058] GetCurrentObject (hdc=0xf00107f9, type=0x1) returned 0xb00017
[0267.058] GetCurrentObject (hdc=0xf00107f9, type=0x2) returned 0x900010
[0267.058] GetCurrentObject (hdc=0xf00107f9, type=0x7) returned 0x4a0507fe
[0267.058] GetCurrentObject (hdc=0xf00107f9, type=0x6) returned 0x8a01c2
[0267.058] SaveDC (hdc=0xf00107f9) returned 1
[0267.058] GetNearestColor (hdc=0xf00107f9, color=0xff) returned 0xff
[0267.058] GetNearestColor (hdc=0xf00107f9, color=0x55) returned 0x55
[0267.059] GetNearestColor (hdc=0xf00107f9, color=0x0) returned 0x0
[0267.059] GetNearestColor (hdc=0xf00107f9, color=0x55) returned 0x55
[0267.059] GetNearestColor (hdc=0xf00107f9, color=0x0) returned 0x0
[0267.059] GetNearestColor (hdc=0xf00107f9, color=0x8080ff) returned 0x8080ff
[0267.059] GetNearestColor (hdc=0xf00107f9, color=0x7373e5) returned 0x7373e5
[0267.059] GetNearestColor (hdc=0xf00107f9, color=0xe5) returned 0xe5
[0267.059] GetNearestColor (hdc=0xf00107f9, color=0x0) returned 0x0
[0267.059] RestoreDC (hdc=0xf00107f9, nSavedDC=-1) returned 1
[0267.059] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107f9) returned 0x0
[0267.059] IsAppThemed () returned 0x1
[0267.059] GetThemeAppProperties () returned 0x3
[0267.061] GetThemeAppProperties () returned 0x3
[0267.061] IsAppThemed () returned 0x1
[0267.061] GetThemeAppProperties () returned 0x3
[0267.061] GetThemeAppProperties () returned 0x3
[0267.061] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2c7e210 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0267.061] IsAppThemed () returned 0x1
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] IsAppThemed () returned 0x1
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] GetFocus () returned 0x602c4
[0267.062] IsAppThemed () returned 0x1
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] IsAppThemed () returned 0x1
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] IsThemePartDefined () returned 0x1
[0267.062] IsAppThemed () returned 0x1
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0267.062] IsAppThemed () returned 0x1
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] GetThemeAppProperties () returned 0x3
[0267.062] IsAppThemed () returned 0x1
[0267.062] GetThemeAppProperties () returned 0x3
[0267.063] GetThemeAppProperties () returned 0x3
[0267.063] IsThemePartDefined () returned 0x1
[0267.063] GdipCreateRegion (region=0xd7e508) returned 0x0
[0267.063] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0267.063] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0267.063] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0267.063] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e520) returned 0x0
[0267.063] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0267.063] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0267.063] LocalFree (hMem=0x11ee9f0) returned 0x0
[0267.063] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0267.063] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0267.063] LocalFree (hMem=0x11eecc8) returned 0x0
[0267.063] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0267.063] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e548) returned 0x0
[0267.063] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e538) returned 0x0
[0267.063] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0267.063] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0267.063] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0267.064] GetCurrentObject (hdc=0xf00107f9, type=0x1) returned 0xb00017
[0267.064] GetCurrentObject (hdc=0xf00107f9, type=0x2) returned 0x900010
[0267.064] GetCurrentObject (hdc=0xf00107f9, type=0x7) returned 0x4a0507fe
[0267.064] GetCurrentObject (hdc=0xf00107f9, type=0x6) returned 0x8a01c2
[0267.064] SaveDC (hdc=0xf00107f9) returned 1
[0267.064] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcb040807
[0267.064] GetClipRgn (hdc=0xf00107f9, hrgn=0xcb040807) returned 0
[0267.064] SelectClipRgn (hdc=0xf00107f9, hrgn=0x630407de) returned 2
[0267.064] DeleteObject (ho=0xcb040807) returned 1
[0267.064] DeleteObject (ho=0x630407de) returned 1
[0267.064] OffsetViewportOrgEx (in: hdc=0xf00107f9, x=0, y=0, lppt=0x2c7e8c0 | out: lppt=0x2c7e8c0) returned 1
[0267.064] DrawThemeParentBackground () returned 0x0
[0267.064] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0267.064] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0267.065] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0267.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0267.065] GetSystemMetrics (nIndex=42) returned 0
[0267.065] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0267.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0267.065] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0267.065] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0267.065] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0267.065] SelectPalette (hdc=0xf00107f9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0267.065] GdipCreateFromHDC (hdc=0xf00107f9, graphics=0xd7dff8) returned 0x0
[0267.065] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0267.065] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0267.065] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638d58) returned 0x0
[0267.065] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfd0) returned 0x0
[0267.065] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0267.065] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0267.066] GdipGetClip (graphics=0x6635e20, region=0x6646448) returned 0x0
[0267.066] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6635e20, result=0xd7dfc4) returned 0x0
[0267.066] GdipDeleteRegion (region=0x6646448) returned 0x0
[0267.066] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dff0) returned 0x0
[0267.066] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0267.073] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635ba8, x=0, y=0, width=801, height=453) returned 0x0
[0267.073] GdipDeleteBrush (brush=0x6635ba8) returned 0x0
[0267.074] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0267.075] SelectPalette (hdc=0xf00107f9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0267.075] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0267.075] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0267.075] GetSystemMetrics (nIndex=42) returned 0
[0267.075] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0267.082] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0267.082] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0267.082] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0267.082] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0267.083] SelectPalette (hdc=0xf00107f9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0267.083] GdipCreateFromHDC (hdc=0xf00107f9, graphics=0xd7df98) returned 0x0
[0267.083] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0267.083] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0267.083] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638cc8) returned 0x0
[0267.083] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df70) returned 0x0
[0267.083] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0267.083] GdipCreateRegion (region=0xd7df58) returned 0x0
[0267.083] GdipGetClip (graphics=0x6635e20, region=0x6646298) returned 0x0
[0267.083] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6635e20, result=0xd7df64) returned 0x0
[0267.083] GdipDeleteRegion (region=0x6646298) returned 0x0
[0267.083] GdipSaveGraphics (graphics=0x6635e20, state=0xd7df90) returned 0x0
[0267.083] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0267.096] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635ba8, x=0, y=0, width=801, height=453) returned 0x0
[0267.096] GdipDeleteBrush (brush=0x6635ba8) returned 0x0
[0267.098] GdipRestoreGraphics (graphics=0x6635e20, state=0xf7520dbd) returned 0x0
[0267.098] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0267.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0267.098] GetSystemMetrics (nIndex=42) returned 0
[0267.098] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0267.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0267.098] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0267.098] SelectPalette (hdc=0xf00107f9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0267.098] RestoreDC (hdc=0xf00107f9, nSavedDC=-1) returned 1
[0267.099] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107f9) returned 0x0
[0267.099] IsAppThemed () returned 0x1
[0267.099] GetThemeAppProperties () returned 0x3
[0267.099] GetThemeAppProperties () returned 0x3
[0267.099] IsAppThemed () returned 0x1
[0267.099] GetThemeAppProperties () returned 0x3
[0267.099] GetThemeAppProperties () returned 0x3
[0267.099] IsThemePartDefined () returned 0x1
[0267.099] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0267.099] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0267.099] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0267.099] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0267.099] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e4a4) returned 0x0
[0267.099] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0267.099] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0267.099] LocalFree (hMem=0x11eea28) returned 0x0
[0267.099] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0267.099] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0267.100] LocalFree (hMem=0x11eea98) returned 0x0
[0267.100] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0267.100] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0267.100] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0267.100] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0267.100] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0267.100] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0267.100] GetCurrentObject (hdc=0xf00107f9, type=0x1) returned 0xb00017
[0267.100] GetCurrentObject (hdc=0xf00107f9, type=0x2) returned 0x900010
[0267.100] GetCurrentObject (hdc=0xf00107f9, type=0x7) returned 0x4a0507fe
[0267.100] GetCurrentObject (hdc=0xf00107f9, type=0x6) returned 0x8a01c2
[0267.100] SaveDC (hdc=0xf00107f9) returned 1
[0267.100] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x640407de
[0267.100] GetClipRgn (hdc=0xf00107f9, hrgn=0x640407de) returned 0
[0267.100] SelectClipRgn (hdc=0xf00107f9, hrgn=0xcd040807) returned 2
[0267.100] DeleteObject (ho=0x640407de) returned 1
[0267.101] DeleteObject (ho=0xcd040807) returned 1
[0267.101] OffsetViewportOrgEx (in: hdc=0xf00107f9, x=0, y=0, lppt=0x2c85110 | out: lppt=0x2c85110) returned 1
[0267.101] IsAppThemed () returned 0x1
[0267.101] GetThemeAppProperties () returned 0x3
[0267.101] GetThemeAppProperties () returned 0x3
[0267.101] DrawThemeBackground () returned 0x0
[0267.101] RestoreDC (hdc=0xf00107f9, nSavedDC=-1) returned 1
[0267.101] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107f9) returned 0x0
[0267.101] GdipCreateRegion (region=0xd7e490) returned 0x0
[0267.101] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0267.101] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0267.101] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0267.101] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a8) returned 0x0
[0267.101] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0267.101] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea98) returned 0x0
[0267.101] LocalFree (hMem=0x11eea98) returned 0x0
[0267.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0267.102] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eead0) returned 0x0
[0267.102] LocalFree (hMem=0x11eead0) returned 0x0
[0267.102] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0267.102] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0267.102] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0267.102] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0267.102] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0267.102] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0267.102] GetCurrentObject (hdc=0xf00107f9, type=0x1) returned 0xb00017
[0267.102] GetCurrentObject (hdc=0xf00107f9, type=0x2) returned 0x900010
[0267.102] GetCurrentObject (hdc=0xf00107f9, type=0x7) returned 0x4a0507fe
[0267.102] GetCurrentObject (hdc=0xf00107f9, type=0x6) returned 0x8a01c2
[0267.102] SaveDC (hdc=0xf00107f9) returned 1
[0267.102] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xce040807
[0267.102] GetClipRgn (hdc=0xf00107f9, hrgn=0xce040807) returned 0
[0267.103] SelectClipRgn (hdc=0xf00107f9, hrgn=0x650407de) returned 2
[0267.103] DeleteObject (ho=0xce040807) returned 1
[0267.103] DeleteObject (ho=0x650407de) returned 1
[0267.103] OffsetViewportOrgEx (in: hdc=0xf00107f9, x=0, y=0, lppt=0x2c853e4 | out: lppt=0x2c853e4) returned 1
[0267.103] IsAppThemed () returned 0x1
[0267.103] GetThemeAppProperties () returned 0x3
[0267.103] GetThemeAppProperties () returned 0x3
[0267.103] GetThemeBackgroundContentRect () returned 0x0
[0267.103] RestoreDC (hdc=0xf00107f9, nSavedDC=-1) returned 1
[0267.103] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107f9) returned 0x0
[0267.103] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0267.103] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0267.103] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0267.103] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0267.103] IsAppThemed () returned 0x1
[0267.103] GetThemeAppProperties () returned 0x3
[0267.103] GetThemeAppProperties () returned 0x3
[0267.104] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0267.104] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0267.104] GetCurrentObject (hdc=0xf00107f9, type=0x1) returned 0xb00017
[0267.104] GetCurrentObject (hdc=0xf00107f9, type=0x2) returned 0x900010
[0267.104] GetCurrentObject (hdc=0xf00107f9, type=0x7) returned 0x4a0507fe
[0267.104] GetCurrentObject (hdc=0xf00107f9, type=0x6) returned 0x8a01c2
[0267.104] SaveDC (hdc=0xf00107f9) returned 1
[0267.104] GetTextAlign (hdc=0xf00107f9) returned 0x0
[0267.104] GetTextColor (hdc=0xf00107f9) returned 0x0
[0267.104] GetCurrentObject (hdc=0xf00107f9, type=0x6) returned 0x8a01c2
[0267.104] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0267.104] SelectObject (hdc=0xf00107f9, h=0x6d0a0520) returned 0x8a01c2
[0267.104] GetBkMode (hdc=0xf00107f9) returned 2
[0267.104] SetBkMode (hdc=0xf00107f9, mode=1) returned 2
[0267.105] DrawTextExW (in: hdc=0xf00107f9, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2c857a8 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0267.105] DrawTextExW (in: hdc=0xf00107f9, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2c857a8 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0267.105] RestoreDC (hdc=0xf00107f9, nSavedDC=-1) returned 1
[0267.105] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107f9) returned 0x0
[0267.105] GetFocus () returned 0x602c4
[0267.106] IsAppThemed () returned 0x1
[0267.106] GetThemeAppProperties () returned 0x3
[0267.106] GetThemeAppProperties () returned 0x3
[0267.106] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0267.106] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xf00107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0267.106] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107f9) returned 0x0
[0267.106] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0267.106] SelectObject (hdc=0xf00107f9, h=0x85000f) returned 0x4a0507fe
[0267.106] DeleteDC (hdc=0xf00107f9) returned 1
[0267.107] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0267.107] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0267.107] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.107] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.107] WaitMessage () returned 1
[0267.107] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.107] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.107] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.108] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.108] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.109] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.109] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.109] WaitMessage () returned 1
[0267.130] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.130] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.130] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.130] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.130] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.131] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.131] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.131] WaitMessage () returned 1
[0267.133] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.133] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.133] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.133] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.133] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.134] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.134] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.134] WaitMessage () returned 1
[0267.135] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.136] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.136] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.136] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.136] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.137] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.138] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.138] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.138] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.138] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.138] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.138] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.138] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.138] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.138] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.138] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.139] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.139] WaitMessage () returned 1
[0267.140] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.140] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.140] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.140] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.140] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.141] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.141] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.142] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.142] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.142] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.142] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.142] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.142] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.142] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.142] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.143] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.143] WaitMessage () returned 1
[0267.143] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.143] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.143] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.143] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.143] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.145] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.145] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.145] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.145] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.145] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.145] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.145] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.145] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.145] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.145] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.146] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.146] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.146] WaitMessage () returned 1
[0267.146] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.147] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.147] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.147] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.147] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.149] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.149] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.149] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.149] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.149] IsWindowUnicode (hWnd=0x30122) returned 1
[0267.149] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.150] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.150] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.150] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.150] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.150] WaitMessage () returned 1
[0267.187] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.187] IsWindowUnicode (hWnd=0x7005c) returned 1
[0267.187] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.187] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.187] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.187] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.187] IsWindowUnicode (hWnd=0x7005c) returned 1
[0267.187] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.187] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.187] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.187] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x110025f) returned 0x0
[0267.187] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.187] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.187] WaitMessage () returned 1
[0267.327] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.327] IsWindowUnicode (hWnd=0x502c6) returned 1
[0267.327] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0267.327] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0267.327] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0267.328] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.328] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0267.328] WaitMessage () returned 1
[0269.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f8) returned 0x1
[0269.220] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.220] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.220] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0269.220] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0269.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0269.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f8) returned 0x1
[0269.220] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.220] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.220] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f8) returned 0x1
[0269.221] SetCursor (hCursor=0x10003) returned 0x10003
[0269.221] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0269.221] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0269.221] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0269.221] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0269.221] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0269.221] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0269.221] GetKeyState (nVirtKey=1) returned 1
[0269.221] GetKeyState (nVirtKey=2) returned 0
[0269.221] GetKeyState (nVirtKey=4) returned 0
[0269.221] GetKeyState (nVirtKey=5) returned 0
[0269.221] GetKeyState (nVirtKey=6) returned 0
[0269.221] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.221] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.221] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.221] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0269.221] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0269.221] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0269.222] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.222] CreateCompatibleDC (hdc=0xf0105ee) returned 0x460107d7
[0269.222] SelectObject (hdc=0x460107d7, h=0x4a0507fe) returned 0x85000f
[0269.222] GdipCreateFromHDC (hdc=0x460107d7, graphics=0xd7e798) returned 0x0
[0269.222] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.222] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0269.222] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0269.222] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0269.222] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e7f8) returned 0x0
[0269.222] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0269.222] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0269.222] LocalFree (hMem=0x11ee788) returned 0x0
[0269.222] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0269.222] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0269.222] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0269.222] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0269.222] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0269.223] GdipRestoreGraphics (graphics=0x6600030, state=0xf7500dbd) returned 0x0
[0269.223] GdipDeleteRegion (region=0x6646328) returned 0x0
[0269.223] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0269.223] GetCurrentObject (hdc=0x460107d7, type=0x1) returned 0xb00017
[0269.223] GetCurrentObject (hdc=0x460107d7, type=0x2) returned 0x900010
[0269.223] GetCurrentObject (hdc=0x460107d7, type=0x7) returned 0x4a0507fe
[0269.223] GetCurrentObject (hdc=0x460107d7, type=0x6) returned 0x8a01c2
[0269.223] SaveDC (hdc=0x460107d7) returned 1
[0269.223] GetNearestColor (hdc=0x460107d7, color=0xff) returned 0xff
[0269.223] GetNearestColor (hdc=0x460107d7, color=0x55) returned 0x55
[0269.223] GetNearestColor (hdc=0x460107d7, color=0x0) returned 0x0
[0269.223] GetNearestColor (hdc=0x460107d7, color=0x55) returned 0x55
[0269.223] GetNearestColor (hdc=0x460107d7, color=0x0) returned 0x0
[0269.223] GetNearestColor (hdc=0x460107d7, color=0x8080ff) returned 0x8080ff
[0269.223] GetNearestColor (hdc=0x460107d7, color=0x7373e5) returned 0x7373e5
[0269.223] GetNearestColor (hdc=0x460107d7, color=0xe5) returned 0xe5
[0269.223] GetNearestColor (hdc=0x460107d7, color=0x0) returned 0x0
[0269.224] RestoreDC (hdc=0x460107d7, nSavedDC=-1) returned 1
[0269.224] GdipReleaseDC (graphics=0x6600030, hdc=0x460107d7) returned 0x0
[0269.224] IsAppThemed () returned 0x1
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] IsAppThemed () returned 0x1
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2c86118 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0269.224] IsAppThemed () returned 0x1
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] IsAppThemed () returned 0x1
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] GetThemeAppProperties () returned 0x3
[0269.224] IsAppThemed () returned 0x1
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] IsAppThemed () returned 0x1
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] IsThemePartDefined () returned 0x1
[0269.225] IsAppThemed () returned 0x1
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0269.225] IsAppThemed () returned 0x1
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] IsAppThemed () returned 0x1
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] GetThemeAppProperties () returned 0x3
[0269.225] IsThemePartDefined () returned 0x1
[0269.225] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0269.225] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0269.225] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0269.225] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0269.225] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e514) returned 0x0
[0269.225] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.225] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0269.225] LocalFree (hMem=0x11eec58) returned 0x0
[0269.226] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.226] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0269.226] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.226] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0269.226] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0269.226] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0269.226] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0269.226] GdipDeleteRegion (region=0x6646688) returned 0x0
[0269.226] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0269.226] GetCurrentObject (hdc=0x460107d7, type=0x1) returned 0xb00017
[0269.226] GetCurrentObject (hdc=0x460107d7, type=0x2) returned 0x900010
[0269.226] GetCurrentObject (hdc=0x460107d7, type=0x7) returned 0x4a0507fe
[0269.226] GetCurrentObject (hdc=0x460107d7, type=0x6) returned 0x8a01c2
[0269.226] SaveDC (hdc=0x460107d7) returned 1
[0269.226] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x660407de
[0269.226] GetClipRgn (hdc=0x460107d7, hrgn=0x660407de) returned 0
[0269.226] SelectClipRgn (hdc=0x460107d7, hrgn=0xd2040807) returned 2
[0269.226] DeleteObject (ho=0x660407de) returned 1
[0269.226] DeleteObject (ho=0xd2040807) returned 1
[0269.226] OffsetViewportOrgEx (in: hdc=0x460107d7, x=0, y=0, lppt=0x2c867c8 | out: lppt=0x2c867c8) returned 1
[0269.227] DrawThemeParentBackground () returned 0x0
[0269.227] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0269.227] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0269.227] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.227] GetSystemMetrics (nIndex=42) returned 0
[0269.227] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0269.227] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0269.227] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0269.227] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0269.227] SelectPalette (hdc=0x460107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.227] GdipCreateFromHDC (hdc=0x460107d7, graphics=0xd7dff0) returned 0x0
[0269.227] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0269.227] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0269.228] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638c68) returned 0x0
[0269.228] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfc8) returned 0x0
[0269.228] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0269.228] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0269.228] GdipGetClip (graphics=0x6635e20, region=0x6646958) returned 0x0
[0269.228] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6635e20, result=0xd7dfbc) returned 0x0
[0269.228] GdipDeleteRegion (region=0x6646958) returned 0x0
[0269.228] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dfe8) returned 0x0
[0269.228] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0269.234] GdipFillRectangleI (graphics=0x6635e20, brush=0x66356c8, x=0, y=0, width=801, height=453) returned 0x0
[0269.234] GdipDeleteBrush (brush=0x66356c8) returned 0x0
[0269.235] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0269.235] SelectPalette (hdc=0x460107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.235] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.235] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.235] GetSystemMetrics (nIndex=42) returned 0
[0269.235] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.235] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0269.236] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0269.236] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0269.236] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0269.236] SelectPalette (hdc=0x460107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.236] GdipCreateFromHDC (hdc=0x460107d7, graphics=0xd7df90) returned 0x0
[0269.236] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0269.236] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0269.236] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638c08) returned 0x0
[0269.236] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0269.236] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0269.236] GdipCreateRegion (region=0xd7df50) returned 0x0
[0269.236] GdipGetClip (graphics=0x6635e20, region=0x66468c8) returned 0x0
[0269.236] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6635e20, result=0xd7df5c) returned 0x0
[0269.236] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0269.236] GdipSaveGraphics (graphics=0x6635e20, state=0xd7df88) returned 0x0
[0269.236] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0269.242] GdipFillRectangleI (graphics=0x6635e20, brush=0x66350b0, x=0, y=0, width=801, height=453) returned 0x0
[0269.242] GdipDeleteBrush (brush=0x66350b0) returned 0x0
[0269.243] GdipRestoreGraphics (graphics=0x6635e20, state=0xf74c0dbd) returned 0x0
[0269.243] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.243] GetSystemMetrics (nIndex=42) returned 0
[0269.243] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0269.244] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0269.244] SelectPalette (hdc=0x460107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.244] RestoreDC (hdc=0x460107d7, nSavedDC=-1) returned 1
[0269.244] GdipReleaseDC (graphics=0x6600030, hdc=0x460107d7) returned 0x0
[0269.244] IsAppThemed () returned 0x1
[0269.244] GetThemeAppProperties () returned 0x3
[0269.244] GetThemeAppProperties () returned 0x3
[0269.244] IsAppThemed () returned 0x1
[0269.244] GetThemeAppProperties () returned 0x3
[0269.244] GetThemeAppProperties () returned 0x3
[0269.244] IsThemePartDefined () returned 0x1
[0269.244] GdipCreateRegion (region=0xd7e480) returned 0x0
[0269.244] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0269.244] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0269.244] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0269.244] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e498) returned 0x0
[0269.244] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.245] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0269.245] LocalFree (hMem=0x11eec58) returned 0x0
[0269.245] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.245] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0269.245] LocalFree (hMem=0x11eec58) returned 0x0
[0269.245] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0269.245] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0269.245] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0269.245] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0269.245] GdipDeleteRegion (region=0x6646958) returned 0x0
[0269.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0269.245] GetCurrentObject (hdc=0x460107d7, type=0x1) returned 0xb00017
[0269.245] GetCurrentObject (hdc=0x460107d7, type=0x2) returned 0x900010
[0269.245] GetCurrentObject (hdc=0x460107d7, type=0x7) returned 0x4a0507fe
[0269.245] GetCurrentObject (hdc=0x460107d7, type=0x6) returned 0x8a01c2
[0269.245] SaveDC (hdc=0x460107d7) returned 1
[0269.245] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd3040807
[0269.245] GetClipRgn (hdc=0x460107d7, hrgn=0xd3040807) returned 0
[0269.245] SelectClipRgn (hdc=0x460107d7, hrgn=0x680407de) returned 2
[0269.245] DeleteObject (ho=0xd3040807) returned 1
[0269.246] DeleteObject (ho=0x680407de) returned 1
[0269.246] OffsetViewportOrgEx (in: hdc=0x460107d7, x=0, y=0, lppt=0x2c8d018 | out: lppt=0x2c8d018) returned 1
[0269.246] IsAppThemed () returned 0x1
[0269.246] GetThemeAppProperties () returned 0x3
[0269.246] GetThemeAppProperties () returned 0x3
[0269.246] DrawThemeBackground () returned 0x0
[0269.246] RestoreDC (hdc=0x460107d7, nSavedDC=-1) returned 1
[0269.246] GdipReleaseDC (graphics=0x6600030, hdc=0x460107d7) returned 0x0
[0269.246] GdipCreateRegion (region=0xd7e484) returned 0x0
[0269.246] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0269.246] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0269.246] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0269.246] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e49c) returned 0x0
[0269.246] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.246] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0269.246] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.246] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0269.246] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0269.246] LocalFree (hMem=0x11eecc8) returned 0x0
[0269.246] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0269.246] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0269.247] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0269.247] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0269.247] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0269.247] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0269.247] GetCurrentObject (hdc=0x460107d7, type=0x1) returned 0xb00017
[0269.247] GetCurrentObject (hdc=0x460107d7, type=0x2) returned 0x900010
[0269.247] GetCurrentObject (hdc=0x460107d7, type=0x7) returned 0x4a0507fe
[0269.247] GetCurrentObject (hdc=0x460107d7, type=0x6) returned 0x8a01c2
[0269.247] SaveDC (hdc=0x460107d7) returned 1
[0269.247] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x690407de
[0269.247] GetClipRgn (hdc=0x460107d7, hrgn=0x690407de) returned 0
[0269.247] SelectClipRgn (hdc=0x460107d7, hrgn=0xd4040807) returned 2
[0269.247] DeleteObject (ho=0x690407de) returned 1
[0269.248] DeleteObject (ho=0xd4040807) returned 1
[0269.248] OffsetViewportOrgEx (in: hdc=0x460107d7, x=0, y=0, lppt=0x2c8d2ec | out: lppt=0x2c8d2ec) returned 1
[0269.248] IsAppThemed () returned 0x1
[0269.248] GetThemeAppProperties () returned 0x3
[0269.248] GetThemeAppProperties () returned 0x3
[0269.248] GetThemeBackgroundContentRect () returned 0x0
[0269.248] RestoreDC (hdc=0x460107d7, nSavedDC=-1) returned 1
[0269.248] GdipReleaseDC (graphics=0x6600030, hdc=0x460107d7) returned 0x0
[0269.248] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0269.248] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0269.248] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0269.248] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0269.248] IsAppThemed () returned 0x1
[0269.248] GetThemeAppProperties () returned 0x3
[0269.248] GetThemeAppProperties () returned 0x3
[0269.248] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0269.248] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0269.248] GetCurrentObject (hdc=0x460107d7, type=0x1) returned 0xb00017
[0269.248] GetCurrentObject (hdc=0x460107d7, type=0x2) returned 0x900010
[0269.248] GetCurrentObject (hdc=0x460107d7, type=0x7) returned 0x4a0507fe
[0269.248] GetCurrentObject (hdc=0x460107d7, type=0x6) returned 0x8a01c2
[0269.249] SaveDC (hdc=0x460107d7) returned 1
[0269.249] GetTextAlign (hdc=0x460107d7) returned 0x0
[0269.249] GetTextColor (hdc=0x460107d7) returned 0x0
[0269.249] GetCurrentObject (hdc=0x460107d7, type=0x6) returned 0x8a01c2
[0269.249] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0269.249] SelectObject (hdc=0x460107d7, h=0x6d0a0520) returned 0x8a01c2
[0269.249] GetBkMode (hdc=0x460107d7) returned 2
[0269.249] SetBkMode (hdc=0x460107d7, mode=1) returned 2
[0269.249] DrawTextExW (in: hdc=0x460107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2c8d6b0 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0269.249] DrawTextExW (in: hdc=0x460107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2c8d6b0 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0269.250] RestoreDC (hdc=0x460107d7, nSavedDC=-1) returned 1
[0269.250] GdipReleaseDC (graphics=0x6600030, hdc=0x460107d7) returned 0x0
[0269.250] GetFocus () returned 0x602c4
[0269.250] IsAppThemed () returned 0x1
[0269.250] GetThemeAppProperties () returned 0x3
[0269.250] GetThemeAppProperties () returned 0x3
[0269.250] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0269.250] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x460107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.250] GdipReleaseDC (graphics=0x6600030, hdc=0x460107d7) returned 0x0
[0269.250] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.250] SelectObject (hdc=0x460107d7, h=0x85000f) returned 0x4a0507fe
[0269.250] DeleteDC (hdc=0x460107d7) returned 1
[0269.251] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.251] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0269.251] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0269.251] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0269.251] WaitMessage () returned 1
[0269.325] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.326] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.326] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.326] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0269.326] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0269.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.326] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.326] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.326] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0269.326] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0269.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x5001d) returned 0x0
[0269.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0269.326] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0269.326] WaitMessage () returned 1
[0269.456] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f8) returned 0x1
[0269.456] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.456] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f8) returned 0x1
[0269.456] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0269.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x197003a) returned 0x0
[0269.456] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0269.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0269.456] SetCursor (hCursor=0x10003) returned 0x10003
[0269.457] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0269.457] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0269.457] GetKeyState (nVirtKey=1) returned -128
[0269.457] GetKeyState (nVirtKey=2) returned 0
[0269.457] GetKeyState (nVirtKey=4) returned 0
[0269.457] GetKeyState (nVirtKey=5) returned 0
[0269.457] GetKeyState (nVirtKey=6) returned 0
[0269.457] IsWindowVisible (hWnd=0x602c4) returned 1
[0269.457] IsWindowEnabled (hWnd=0x602c4) returned 1
[0269.457] SetFocus (hWnd=0x602c4) returned 0x602c4
[0269.457] GetFocus () returned 0x602c4
[0269.457] GetFocus () returned 0x602c4
[0269.457] GetFocus () returned 0x602c4
[0269.457] GetKeyState (nVirtKey=1) returned -128
[0269.457] GetKeyState (nVirtKey=2) returned 0
[0269.457] GetKeyState (nVirtKey=4) returned 0
[0269.457] GetKeyState (nVirtKey=5) returned 0
[0269.457] GetKeyState (nVirtKey=6) returned 0
[0269.457] GetCapture () returned 0x0
[0269.457] SetCapture (hWnd=0x602c4) returned 0x0
[0269.457] GetKeyState (nVirtKey=1) returned -128
[0269.457] GetKeyState (nVirtKey=2) returned 0
[0269.457] GetKeyState (nVirtKey=4) returned 0
[0269.457] GetKeyState (nVirtKey=5) returned 0
[0269.457] GetKeyState (nVirtKey=6) returned 0
[0269.458] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0269.458] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0269.458] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.458] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.458] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0269.458] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0269.458] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0269.458] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2c8d834, cPoints=0x1 | out: lpPoints=0x2c8d834) returned 40304859
[0269.458] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0269.458] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0269.458] UpdateWindow (hWnd=0x602c4) returned 1
[0269.458] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0269.458] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.458] CreateCompatibleDC (hdc=0xf0105ee) returned 0x470107d7
[0269.458] SelectObject (hdc=0x470107d7, h=0x4a0507fe) returned 0x85000f
[0269.458] GdipCreateFromHDC (hdc=0x470107d7, graphics=0xd7e430) returned 0x0
[0269.459] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.459] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0269.459] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0269.459] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0269.459] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e490) returned 0x0
[0269.459] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0269.459] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0269.459] LocalFree (hMem=0x11ee788) returned 0x0
[0269.459] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0269.459] GdipCreateRegion (region=0xd7e478) returned 0x0
[0269.459] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0269.459] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e484) returned 0x0
[0269.459] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0269.459] GdipRestoreGraphics (graphics=0x6600030, state=0xf74a0dbd) returned 0x0
[0269.459] GdipDeleteRegion (region=0x6646838) returned 0x0
[0269.459] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0269.459] GetCurrentObject (hdc=0x470107d7, type=0x1) returned 0xb00017
[0269.459] GetCurrentObject (hdc=0x470107d7, type=0x2) returned 0x900010
[0269.460] GetCurrentObject (hdc=0x470107d7, type=0x7) returned 0x4a0507fe
[0269.460] GetCurrentObject (hdc=0x470107d7, type=0x6) returned 0x8a01c2
[0269.460] SaveDC (hdc=0x470107d7) returned 1
[0269.460] GetNearestColor (hdc=0x470107d7, color=0xff) returned 0xff
[0269.460] GetNearestColor (hdc=0x470107d7, color=0x55) returned 0x55
[0269.460] GetNearestColor (hdc=0x470107d7, color=0x0) returned 0x0
[0269.460] GetNearestColor (hdc=0x470107d7, color=0x55) returned 0x55
[0269.460] GetNearestColor (hdc=0x470107d7, color=0x0) returned 0x0
[0269.460] GetNearestColor (hdc=0x470107d7, color=0x8080ff) returned 0x8080ff
[0269.460] GetNearestColor (hdc=0x470107d7, color=0x7373e5) returned 0x7373e5
[0269.460] GetNearestColor (hdc=0x470107d7, color=0xe5) returned 0xe5
[0269.460] GetNearestColor (hdc=0x470107d7, color=0x0) returned 0x0
[0269.460] RestoreDC (hdc=0x470107d7, nSavedDC=-1) returned 1
[0269.460] GdipReleaseDC (graphics=0x6600030, hdc=0x470107d7) returned 0x0
[0269.460] IsAppThemed () returned 0x1
[0269.460] GetThemeAppProperties () returned 0x3
[0269.460] GetThemeAppProperties () returned 0x3
[0269.461] IsAppThemed () returned 0x1
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2c8df50 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0269.461] IsAppThemed () returned 0x1
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] IsAppThemed () returned 0x1
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] IsAppThemed () returned 0x1
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] IsAppThemed () returned 0x1
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] GetThemeAppProperties () returned 0x3
[0269.461] IsThemePartDefined () returned 0x1
[0269.461] IsAppThemed () returned 0x1
[0269.461] GetThemeAppProperties () returned 0x3
[0269.462] GetThemeAppProperties () returned 0x3
[0269.462] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0269.462] IsAppThemed () returned 0x1
[0269.462] GetThemeAppProperties () returned 0x3
[0269.462] GetThemeAppProperties () returned 0x3
[0269.462] IsAppThemed () returned 0x1
[0269.462] GetThemeAppProperties () returned 0x3
[0269.462] GetThemeAppProperties () returned 0x3
[0269.462] IsThemePartDefined () returned 0x1
[0269.462] GdipCreateRegion (region=0xd7e194) returned 0x0
[0269.462] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0269.462] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0269.462] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0269.462] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e1ac) returned 0x0
[0269.462] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0269.462] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0269.462] LocalFree (hMem=0x11ee8d8) returned 0x0
[0269.462] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.462] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0269.462] LocalFree (hMem=0x11eec58) returned 0x0
[0269.462] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0269.462] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0269.462] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0269.463] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0269.463] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0269.463] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0269.463] GetCurrentObject (hdc=0x470107d7, type=0x1) returned 0xb00017
[0269.463] GetCurrentObject (hdc=0x470107d7, type=0x2) returned 0x900010
[0269.463] GetCurrentObject (hdc=0x470107d7, type=0x7) returned 0x4a0507fe
[0269.463] GetCurrentObject (hdc=0x470107d7, type=0x6) returned 0x8a01c2
[0269.463] SaveDC (hdc=0x470107d7) returned 1
[0269.463] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd5040807
[0269.463] GetClipRgn (hdc=0x470107d7, hrgn=0xd5040807) returned 0
[0269.463] SelectClipRgn (hdc=0x470107d7, hrgn=0x6d0407de) returned 2
[0269.463] DeleteObject (ho=0xd5040807) returned 1
[0269.463] DeleteObject (ho=0x6d0407de) returned 1
[0269.463] OffsetViewportOrgEx (in: hdc=0x470107d7, x=0, y=0, lppt=0x2c8e600 | out: lppt=0x2c8e600) returned 1
[0269.463] DrawThemeParentBackground () returned 0x0
[0269.463] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0269.464] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0269.464] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.464] GetSystemMetrics (nIndex=42) returned 0
[0269.464] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0269.464] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0269.464] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0269.464] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0269.464] SelectPalette (hdc=0x470107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.464] GdipCreateFromHDC (hdc=0x470107d7, graphics=0xd7dc88) returned 0x0
[0269.464] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0269.464] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0269.464] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638ba8) returned 0x0
[0269.464] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc60) returned 0x0
[0269.464] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0269.464] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0269.464] GdipGetClip (graphics=0x6635e20, region=0x6646dd8) returned 0x0
[0269.464] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6635e20, result=0xd7dc54) returned 0x0
[0269.464] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0269.464] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc80) returned 0x0
[0269.465] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0269.470] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635458, x=0, y=0, width=801, height=453) returned 0x0
[0269.471] GdipDeleteBrush (brush=0x6635458) returned 0x0
[0269.472] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0269.472] SelectPalette (hdc=0x470107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.472] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.472] GetSystemMetrics (nIndex=42) returned 0
[0269.472] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0269.472] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0269.472] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0269.472] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0269.472] SelectPalette (hdc=0x470107d7, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.472] GdipCreateFromHDC (hdc=0x470107d7, graphics=0xd7dc28) returned 0x0
[0269.473] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0269.473] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0269.473] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638cc8) returned 0x0
[0269.473] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc00) returned 0x0
[0269.473] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0269.473] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0269.473] GdipGetClip (graphics=0x6635e20, region=0x6646328) returned 0x0
[0269.473] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6635e20, result=0xd7dbf4) returned 0x0
[0269.473] GdipDeleteRegion (region=0x6646328) returned 0x0
[0269.473] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc20) returned 0x0
[0269.473] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0269.479] GdipFillRectangleI (graphics=0x6635e20, brush=0x6634f78, x=0, y=0, width=801, height=453) returned 0x0
[0269.479] GdipDeleteBrush (brush=0x6634f78) returned 0x0
[0269.480] GdipRestoreGraphics (graphics=0x6635e20, state=0xf7460dbd) returned 0x0
[0269.480] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.481] GetSystemMetrics (nIndex=42) returned 0
[0269.481] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0269.481] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0269.481] SelectPalette (hdc=0x470107d7, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.481] RestoreDC (hdc=0x470107d7, nSavedDC=-1) returned 1
[0269.481] GdipReleaseDC (graphics=0x6600030, hdc=0x470107d7) returned 0x0
[0269.481] IsAppThemed () returned 0x1
[0269.482] GetThemeAppProperties () returned 0x3
[0269.482] GetThemeAppProperties () returned 0x3
[0269.482] IsAppThemed () returned 0x1
[0269.482] GetThemeAppProperties () returned 0x3
[0269.482] GetThemeAppProperties () returned 0x3
[0269.482] IsThemePartDefined () returned 0x1
[0269.482] GdipCreateRegion (region=0xd7e118) returned 0x0
[0269.482] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0269.482] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0269.482] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0269.482] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e130) returned 0x0
[0269.482] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0269.482] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0269.482] LocalFree (hMem=0x11ee788) returned 0x0
[0269.482] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0269.482] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0269.482] LocalFree (hMem=0x11ee788) returned 0x0
[0269.482] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0269.482] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e158) returned 0x0
[0269.482] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e148) returned 0x0
[0269.482] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0269.483] GdipDeleteRegion (region=0x6646838) returned 0x0
[0269.483] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0269.483] GetCurrentObject (hdc=0x470107d7, type=0x1) returned 0xb00017
[0269.483] GetCurrentObject (hdc=0x470107d7, type=0x2) returned 0x900010
[0269.483] GetCurrentObject (hdc=0x470107d7, type=0x7) returned 0x4a0507fe
[0269.483] GetCurrentObject (hdc=0x470107d7, type=0x6) returned 0x8a01c2
[0269.483] SaveDC (hdc=0x470107d7) returned 1
[0269.483] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e0407de
[0269.483] GetClipRgn (hdc=0x470107d7, hrgn=0x6e0407de) returned 0
[0269.483] SelectClipRgn (hdc=0x470107d7, hrgn=0xd7040807) returned 2
[0269.483] DeleteObject (ho=0x6e0407de) returned 1
[0269.483] DeleteObject (ho=0xd7040807) returned 1
[0269.483] OffsetViewportOrgEx (in: hdc=0x470107d7, x=0, y=0, lppt=0x2c94e50 | out: lppt=0x2c94e50) returned 1
[0269.483] IsAppThemed () returned 0x1
[0269.483] GetThemeAppProperties () returned 0x3
[0269.483] GetThemeAppProperties () returned 0x3
[0269.483] DrawThemeBackground () returned 0x0
[0269.483] RestoreDC (hdc=0x470107d7, nSavedDC=-1) returned 1
[0269.483] GdipReleaseDC (graphics=0x6600030, hdc=0x470107d7) returned 0x0
[0269.484] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0269.484] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0269.484] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0269.484] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0269.484] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e134) returned 0x0
[0269.484] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.484] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0269.484] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.484] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.484] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0269.484] LocalFree (hMem=0x11eec58) returned 0x0
[0269.484] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0269.484] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0269.484] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0269.484] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0269.484] GdipDeleteRegion (region=0x6646328) returned 0x0
[0269.484] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0269.484] GetCurrentObject (hdc=0x470107d7, type=0x1) returned 0xb00017
[0269.484] GetCurrentObject (hdc=0x470107d7, type=0x2) returned 0x900010
[0269.484] GetCurrentObject (hdc=0x470107d7, type=0x7) returned 0x4a0507fe
[0269.484] GetCurrentObject (hdc=0x470107d7, type=0x6) returned 0x8a01c2
[0269.485] SaveDC (hdc=0x470107d7) returned 1
[0269.485] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd8040807
[0269.485] GetClipRgn (hdc=0x470107d7, hrgn=0xd8040807) returned 0
[0269.485] SelectClipRgn (hdc=0x470107d7, hrgn=0x6f0407de) returned 2
[0269.485] DeleteObject (ho=0xd8040807) returned 1
[0269.485] DeleteObject (ho=0x6f0407de) returned 1
[0269.485] OffsetViewportOrgEx (in: hdc=0x470107d7, x=0, y=0, lppt=0x2c95124 | out: lppt=0x2c95124) returned 1
[0269.485] IsAppThemed () returned 0x1
[0269.485] GetThemeAppProperties () returned 0x3
[0269.485] GetThemeAppProperties () returned 0x3
[0269.485] GetThemeBackgroundContentRect () returned 0x0
[0269.485] RestoreDC (hdc=0x470107d7, nSavedDC=-1) returned 1
[0269.485] GdipReleaseDC (graphics=0x6600030, hdc=0x470107d7) returned 0x0
[0269.485] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0269.485] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0269.485] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0269.485] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0269.485] IsAppThemed () returned 0x1
[0269.485] GetThemeAppProperties () returned 0x3
[0269.485] GetThemeAppProperties () returned 0x3
[0269.485] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0269.486] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0269.486] GetCurrentObject (hdc=0x470107d7, type=0x1) returned 0xb00017
[0269.486] GetCurrentObject (hdc=0x470107d7, type=0x2) returned 0x900010
[0269.486] GetCurrentObject (hdc=0x470107d7, type=0x7) returned 0x4a0507fe
[0269.486] GetCurrentObject (hdc=0x470107d7, type=0x6) returned 0x8a01c2
[0269.486] SaveDC (hdc=0x470107d7) returned 1
[0269.486] GetTextAlign (hdc=0x470107d7) returned 0x0
[0269.486] GetTextColor (hdc=0x470107d7) returned 0x0
[0269.486] GetCurrentObject (hdc=0x470107d7, type=0x6) returned 0x8a01c2
[0269.486] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0269.486] SelectObject (hdc=0x470107d7, h=0x6d0a0520) returned 0x8a01c2
[0269.486] GetBkMode (hdc=0x470107d7) returned 2
[0269.486] SetBkMode (hdc=0x470107d7, mode=1) returned 2
[0269.486] DrawTextExW (in: hdc=0x470107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2c954e8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0269.487] DrawTextExW (in: hdc=0x470107d7, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2c954e8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0269.487] RestoreDC (hdc=0x470107d7, nSavedDC=-1) returned 1
[0269.487] GdipReleaseDC (graphics=0x6600030, hdc=0x470107d7) returned 0x0
[0269.487] GetFocus () returned 0x602c4
[0269.487] IsAppThemed () returned 0x1
[0269.487] GetThemeAppProperties () returned 0x3
[0269.487] GetThemeAppProperties () returned 0x3
[0269.487] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0269.487] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x470107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.488] GdipReleaseDC (graphics=0x6600030, hdc=0x470107d7) returned 0x0
[0269.488] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.488] SelectObject (hdc=0x470107d7, h=0x85000f) returned 0x4a0507fe
[0269.488] DeleteDC (hdc=0x470107d7) returned 1
[0269.488] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.488] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0269.488] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2c955e4, cPoints=0x1 | out: lpPoints=0x2c955e4) returned 40304859
[0269.488] WindowFromPoint (Point=0xf8) returned 0x602c4
[0269.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c00f8) returned 0x1
[0269.488] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0269.488] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0269.488] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0269.488] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0269.488] GetSystemMetrics (nIndex=42) returned 0
[0269.488] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0269.488] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0269.490] GetCapture () returned 0x602c4
[0269.490] ReleaseCapture () returned 1
[0269.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0269.490] GetProcessWindowStation () returned 0x13c
[0269.491] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.491] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0269.491] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.491] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0269.492] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.492] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0269.492] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.492] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0269.492] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.492] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0269.492] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.492] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0269.492] GetDC (hWnd=0x0) returned 0xc0107c5
[0269.493] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0269.493] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0269.493] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.493] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0269.493] GetSystemMetrics (nIndex=5) returned 1
[0269.493] GetSystemMetrics (nIndex=6) returned 1
[0269.493] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.494] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0269.494] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.494] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0269.501] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0269.501] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0269.501] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.501] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0269.501] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.501] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0269.502] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2c9c6b4 | out: lpData=0x2c9c6b4) returned 1
[0269.503] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c9cac4, puLen=0xd7e810) returned 1
[0269.503] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9c76c, puLen=0xd7e790) returned 1
[0269.503] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9c7c0, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9c840, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9c8a8, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9c8e8, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9c970, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9c9ac, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9ca04, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9ca34, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9ca70, puLen=0xd7e790) returned 1
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c9cac4, puLen=0xd7e784) returned 1
[0269.504] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.504] VerQueryValueW (in: pBlock=0x2c9c6b4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c9c6dc, puLen=0xd7e794) returned 1
[0269.505] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0269.505] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0269.505] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.505] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0269.505] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.505] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0269.506] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2c9e624 | out: lpData=0x2c9e624) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2c9e6c0, puLen=0xd7e810) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e738, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e768, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e7a4, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e7d4, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e81c, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e894, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e8d8, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e918, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e716, puLen=0xd7e790) returned 1
[0269.506] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2c9e864, puLen=0xd7e790) returned 1
[0269.507] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.507] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.507] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2c9e6c0, puLen=0xd7e784) returned 1
[0269.507] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0269.507] VerQueryValueW (in: pBlock=0x2c9e624, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2c9e64c, puLen=0xd7e794) returned 1
[0269.508] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0269.508] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0269.508] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.508] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0269.508] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.508] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0269.509] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2ca08fc | out: lpData=0x2ca08fc) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ca0d10, puLen=0xd7e810) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca09b4, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0a08, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0a64, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0ac4, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0b1c, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0ba4, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0bf8, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0c50, puLen=0xd7e790) returned 1
[0269.509] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0c80, puLen=0xd7e790) returned 1
[0269.510] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.510] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca0cbc, puLen=0xd7e790) returned 1
[0269.510] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.510] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ca0d10, puLen=0xd7e784) returned 1
[0269.510] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.510] VerQueryValueW (in: pBlock=0x2ca08fc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ca0924, puLen=0xd7e794) returned 1
[0269.510] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0269.511] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0269.511] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.511] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0269.511] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.511] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0269.512] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2ca2f34 | out: lpData=0x2ca2f34) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ca3334, puLen=0xd7e810) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca2fec, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca3040, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca3080, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca30e8, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca3140, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca31c8, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca321c, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca3274, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca32a4, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca32e0, puLen=0xd7e790) returned 1
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ca3334, puLen=0xd7e784) returned 1
[0269.513] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.513] VerQueryValueW (in: pBlock=0x2ca2f34, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ca2f5c, puLen=0xd7e794) returned 1
[0269.514] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0269.514] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0269.514] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.514] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0269.515] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.515] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0269.516] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2ca5670 | out: lpData=0x2ca5670) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ca5a38, puLen=0xd7e810) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca5728, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca577c, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca57bc, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca5824, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca5860, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca58e8, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca5920, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca5978, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca59a8, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca59e4, puLen=0xd7e790) returned 1
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ca5a38, puLen=0xd7e784) returned 1
[0269.517] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.517] VerQueryValueW (in: pBlock=0x2ca5670, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ca5698, puLen=0xd7e794) returned 1
[0269.518] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0269.518] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0269.519] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.519] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0269.519] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.519] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0269.520] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2ca8cd8 | out: lpData=0x2ca8cd8) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ca90b8, puLen=0xd7e810) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8d90, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8de4, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8e24, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8e84, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8ed0, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8f58, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8fa0, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca8ff8, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca9028, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ca9064, puLen=0xd7e790) returned 1
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ca90b8, puLen=0xd7e784) returned 1
[0269.521] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.521] VerQueryValueW (in: pBlock=0x2ca8cd8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ca8d00, puLen=0xd7e794) returned 1
[0269.522] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0269.522] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0269.522] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.522] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0269.522] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.522] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0269.523] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2cab4f8 | out: lpData=0x2cab4f8) returned 1
[0269.523] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cab904, puLen=0xd7e810) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab5b0, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab604, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab658, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab6b8, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab710, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab798, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab7ec, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab844, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab874, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cab8b0, puLen=0xd7e790) returned 1
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cab904, puLen=0xd7e784) returned 1
[0269.524] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.524] VerQueryValueW (in: pBlock=0x2cab4f8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cab520, puLen=0xd7e794) returned 1
[0269.525] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0269.525] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0269.525] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.525] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0269.525] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.525] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0269.526] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cadd0c | out: lpData=0x2cadd0c) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cae0e4, puLen=0xd7e810) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2caddc4, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cade18, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cade58, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cadec0, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cadf04, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cadf8c, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cadfcc, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cae024, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cae054, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cae090, puLen=0xd7e790) returned 1
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cae0e4, puLen=0xd7e784) returned 1
[0269.527] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.527] VerQueryValueW (in: pBlock=0x2cadd0c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cadd34, puLen=0xd7e794) returned 1
[0269.528] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0269.530] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0269.530] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.531] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0269.531] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.531] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0269.532] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cb0264 | out: lpData=0x2cb0264) returned 1
[0269.532] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cb063c, puLen=0xd7e810) returned 1
[0269.532] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb031c, puLen=0xd7e790) returned 1
[0269.532] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb0370, puLen=0xd7e790) returned 1
[0269.532] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb03b0, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb0418, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb045c, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb04e4, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb0524, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb057c, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb05ac, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb05e8, puLen=0xd7e790) returned 1
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cb063c, puLen=0xd7e784) returned 1
[0269.533] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.533] VerQueryValueW (in: pBlock=0x2cb0264, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cb028c, puLen=0xd7e794) returned 1
[0269.534] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0269.534] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0269.534] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0269.534] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0269.534] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0269.534] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0269.535] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2cb299c | out: lpData=0x2cb299c) returned 1
[0269.535] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cb2dcc, puLen=0xd7e810) returned 1
[0269.535] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2a54, puLen=0xd7e790) returned 1
[0269.535] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2aa8, puLen=0xd7e790) returned 1
[0269.535] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2b18, puLen=0xd7e790) returned 1
[0269.535] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2b78, puLen=0xd7e790) returned 1
[0269.535] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2bd4, puLen=0xd7e790) returned 1
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2c5c, puLen=0xd7e790) returned 1
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2cb4, puLen=0xd7e790) returned 1
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2d0c, puLen=0xd7e790) returned 1
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2d3c, puLen=0xd7e790) returned 1
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cb2d78, puLen=0xd7e790) returned 1
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cb2dcc, puLen=0xd7e784) returned 1
[0269.536] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0269.536] VerQueryValueW (in: pBlock=0x2cb299c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cb29c4, puLen=0xd7e794) returned 1
[0269.536] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0269.537] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.537] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0269.537] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.537] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.537] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a02da
[0269.538] SetWindowLongW (hWnd=0x2a02da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0269.538] GetWindowLongW (hWnd=0x2a02da, nIndex=-4) returned 1950089536
[0269.538] SetWindowLongW (hWnd=0x2a02da, nIndex=-4, dwNewLong=19946758) returned 1950089536
[0269.538] GetWindowLongW (hWnd=0x2a02da, nIndex=-4) returned 19946758
[0269.538] GetWindowLongW (hWnd=0x2a02da, nIndex=-16) returned 113311744
[0269.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0269.538] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0269.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0269.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0269.540] GetClientRect (in: hWnd=0x2a02da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0269.540] GetWindowRect (in: hWnd=0x2a02da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0269.540] SetWindowTextW (hWnd=0x2a02da, lpString="WindowsFormsParkingWindow") returned 1
[0269.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0xc, wParam=0x0, lParam=0x2c76898) returned 0x1
[0269.541] GetParent (hWnd=0x2a02da) returned 0x0
[0269.541] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.541] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2a02da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2002ce
[0269.542] SetWindowLongW (hWnd=0x2002ce, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0269.542] GetWindowLongW (hWnd=0x2002ce, nIndex=-4) returned 1868147648
[0269.542] SetWindowLongW (hWnd=0x2002ce, nIndex=-4, dwNewLong=19947598) returned 1868147648
[0269.542] GetWindowLongW (hWnd=0x2002ce, nIndex=-4) returned 19947598
[0269.542] GetWindowLongW (hWnd=0x2002ce, nIndex=-16) returned 1174405133
[0269.542] GetWindowLongW (hWnd=0x2002ce, nIndex=-12) returned 0
[0269.542] SetWindowLongW (hWnd=0x2002ce, nIndex=-12, dwNewLong=2097870) returned 0
[0269.542] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0269.543] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0269.543] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0269.543] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0269.543] GetWindowRect (in: hWnd=0x2002ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0269.543] GetParent (hWnd=0x2002ce) returned 0x2a02da
[0269.543] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0269.544] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0269.544] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0269.544] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0269.544] GetWindowRect (in: hWnd=0x2002ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0269.544] GetParent (hWnd=0x2002ce) returned 0x2a02da
[0269.544] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0269.544] SendMessageW (hWnd=0x2002ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2002ce) returned 0x0
[0269.544] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2002ce) returned 0x0
[0269.545] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.545] GetParent (hWnd=0x2002ce) returned 0x2a02da
[0269.545] GdipCreateFromHWND (hwnd=0x2002ce, graphics=0xd7e844) returned 0x0
[0269.545] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0269.545] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.546] GetForegroundWindow () returned 0x7005c
[0269.546] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.546] GetSystemMetrics (nIndex=42) returned 0
[0269.546] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0269.546] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.546] GetSystemMetrics (nIndex=42) returned 0
[0269.546] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.546] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0269.546] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.547] GetCursorPos (in: lpPoint=0x2cb6e20 | out: lpPoint=0x2cb6e20*(x=248, y=620)) returned 1
[0269.547] MonitorFromPoint (pt=0xf8, dwFlags=0x26c) returned 0x10001
[0269.547] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0269.547] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x4a0107d7
[0269.547] GetDeviceCaps (hdc=0x4a0107d7, index=12) returned 32
[0269.547] GetDeviceCaps (hdc=0x4a0107d7, index=14) returned 1
[0269.547] DeleteDC (hdc=0x4a0107d7) returned 1
[0269.547] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0269.548] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0269.548] GetSystemMetrics (nIndex=59) returned 1460
[0269.548] GetSystemMetrics (nIndex=60) returned 920
[0269.548] GetSystemMetrics (nIndex=34) returned 136
[0269.548] GetSystemMetrics (nIndex=35) returned 39
[0269.548] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.548] GetCursorPos (in: lpPoint=0x2cb708c | out: lpPoint=0x2cb708c*(x=248, y=620)) returned 1
[0269.548] MonitorFromPoint (pt=0xf8, dwFlags=0x26c) returned 0x10001
[0269.548] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0269.548] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x4b0107d7
[0269.548] GetDeviceCaps (hdc=0x4b0107d7, index=12) returned 32
[0269.548] GetDeviceCaps (hdc=0x4b0107d7, index=14) returned 1
[0269.549] DeleteDC (hdc=0x4b0107d7) returned 1
[0269.549] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0269.549] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0269.549] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.549] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0269.549] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2cb7324 | out: piconinfo=0x2cb7324) returned 1
[0269.549] GetObjectW (in: h=0x9e0507e6, c=24, pv=0x2cb7340 | out: pv=0x2cb7340) returned 24
[0269.549] GdipCreateBitmapFromHBITMAP (hbm=0x9e0507e6, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0269.550] GdipGetImageWidth (image=0x66019f0, width=0xd7e750) returned 0x0
[0269.550] GdipGetImageHeight (image=0x66019f0, height=0xd7e748) returned 0x0
[0269.550] GdipGetImagePixelFormat (image=0x66019f0, format=0xd7e740) returned 0x0
[0269.550] GdipBitmapLockBits (bitmap=0x66019f0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2cb73f8) returned 0x0
[0269.550] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0269.550] GdipBitmapLockBits (bitmap=0x6600988, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2cb7430) returned 0x0
[0269.550] RtlMoveMemory (in: Destination=0x665bf30, Source=0x665bea8, Length=0x80 | out: Destination=0x665bf30)
[0269.550] RtlMoveMemory (in: Destination=0x665bfb0, Source=0x665be28, Length=0x80 | out: Destination=0x665bfb0)
[0269.550] RtlMoveMemory (in: Destination=0x665c030, Source=0x665bda8, Length=0x80 | out: Destination=0x665c030)
[0269.550] RtlMoveMemory (in: Destination=0x665c0b0, Source=0x665bd28, Length=0x80 | out: Destination=0x665c0b0)
[0269.550] RtlMoveMemory (in: Destination=0x665c130, Source=0x665bca8, Length=0x80 | out: Destination=0x665c130)
[0269.550] RtlMoveMemory (in: Destination=0x665c1b0, Source=0x665bc28, Length=0x80 | out: Destination=0x665c1b0)
[0269.550] RtlMoveMemory (in: Destination=0x665c230, Source=0x665bba8, Length=0x80 | out: Destination=0x665c230)
[0269.550] RtlMoveMemory (in: Destination=0x665c2b0, Source=0x665bb28, Length=0x80 | out: Destination=0x665c2b0)
[0269.550] RtlMoveMemory (in: Destination=0x665c330, Source=0x665baa8, Length=0x80 | out: Destination=0x665c330)
[0269.551] RtlMoveMemory (in: Destination=0x665c3b0, Source=0x665ba28, Length=0x80 | out: Destination=0x665c3b0)
[0269.551] RtlMoveMemory (in: Destination=0x665c430, Source=0x665b9a8, Length=0x80 | out: Destination=0x665c430)
[0269.551] RtlMoveMemory (in: Destination=0x665c4b0, Source=0x665b928, Length=0x80 | out: Destination=0x665c4b0)
[0269.551] RtlMoveMemory (in: Destination=0x665c530, Source=0x665b8a8, Length=0x80 | out: Destination=0x665c530)
[0269.551] RtlMoveMemory (in: Destination=0x665c5b0, Source=0x665b828, Length=0x80 | out: Destination=0x665c5b0)
[0269.551] RtlMoveMemory (in: Destination=0x665c630, Source=0x665b7a8, Length=0x80 | out: Destination=0x665c630)
[0269.551] RtlMoveMemory (in: Destination=0x665c6b0, Source=0x665b728, Length=0x80 | out: Destination=0x665c6b0)
[0269.551] RtlMoveMemory (in: Destination=0x665c730, Source=0x665b6a8, Length=0x80 | out: Destination=0x665c730)
[0269.551] RtlMoveMemory (in: Destination=0x665c7b0, Source=0x665b628, Length=0x80 | out: Destination=0x665c7b0)
[0269.551] RtlMoveMemory (in: Destination=0x665c830, Source=0x665b5a8, Length=0x80 | out: Destination=0x665c830)
[0269.551] RtlMoveMemory (in: Destination=0x665c8b0, Source=0x665b528, Length=0x80 | out: Destination=0x665c8b0)
[0269.551] RtlMoveMemory (in: Destination=0x665c930, Source=0x665b4a8, Length=0x80 | out: Destination=0x665c930)
[0269.551] RtlMoveMemory (in: Destination=0x665c9b0, Source=0x665b428, Length=0x80 | out: Destination=0x665c9b0)
[0269.551] RtlMoveMemory (in: Destination=0x665ca30, Source=0x665b3a8, Length=0x80 | out: Destination=0x665ca30)
[0269.551] RtlMoveMemory (in: Destination=0x665cab0, Source=0x665b328, Length=0x80 | out: Destination=0x665cab0)
[0269.551] RtlMoveMemory (in: Destination=0x665cb30, Source=0x665b2a8, Length=0x80 | out: Destination=0x665cb30)
[0269.551] RtlMoveMemory (in: Destination=0x665cbb0, Source=0x665b228, Length=0x80 | out: Destination=0x665cbb0)
[0269.551] RtlMoveMemory (in: Destination=0x665cc30, Source=0x665b1a8, Length=0x80 | out: Destination=0x665cc30)
[0269.551] RtlMoveMemory (in: Destination=0x665ccb0, Source=0x665b128, Length=0x80 | out: Destination=0x665ccb0)
[0269.551] RtlMoveMemory (in: Destination=0x665cd30, Source=0x665b0a8, Length=0x80 | out: Destination=0x665cd30)
[0269.551] RtlMoveMemory (in: Destination=0x665cdb0, Source=0x665b028, Length=0x80 | out: Destination=0x665cdb0)
[0269.552] RtlMoveMemory (in: Destination=0x665ce30, Source=0x665afa8, Length=0x80 | out: Destination=0x665ce30)
[0269.552] RtlMoveMemory (in: Destination=0x665ceb0, Source=0x665af28, Length=0x80 | out: Destination=0x665ceb0)
[0269.552] GdipBitmapUnlockBits (bitmap=0x66019f0, lockedBitmapData=0x2cb73f8) returned 0x0
[0269.552] GdipBitmapUnlockBits (bitmap=0x6600988, lockedBitmapData=0x2cb7430) returned 0x0
[0269.552] GdipDisposeImage (image=0x66019f0) returned 0x0
[0269.552] DeleteObject (ho=0x9e0507e6) returned 1
[0269.552] DeleteObject (ho=0x4c0507d7) returned 1
[0269.552] GetCurrentThreadId () returned 0xf50
[0269.552] GetCurrentThreadId () returned 0xf50
[0269.552] SetWindowPos (hWnd=0x2002ce, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0269.552] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0269.552] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0269.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0269.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0269.553] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0269.553] GetWindowRect (in: hWnd=0x2002ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0269.553] GetParent (hWnd=0x2002ce) returned 0x2a02da
[0269.553] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0269.553] InvalidateRect (hWnd=0x2002ce, lpRect=0x0, bErase=1) returned 1
[0269.553] GetWindowTextLengthW (hWnd=0x2002ce) returned 0
[0269.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0269.553] GetSystemMetrics (nIndex=42) returned 0
[0269.553] GetWindowTextW (in: hWnd=0x2002ce, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0269.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0269.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0269.553] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0269.553] GetWindowRect (in: hWnd=0x2002ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0269.553] GetParent (hWnd=0x2002ce) returned 0x2a02da
[0269.553] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0269.553] GetWindowTextLengthW (hWnd=0x2002ce) returned 0
[0269.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0269.554] GetSystemMetrics (nIndex=42) returned 0
[0269.554] GetWindowTextW (in: hWnd=0x2002ce, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0269.554] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0269.554] GetWindowTextLengthW (hWnd=0x2002ce) returned 0
[0269.554] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0269.554] GetSystemMetrics (nIndex=42) returned 0
[0269.554] GetWindowTextW (in: hWnd=0x2002ce, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0269.554] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0269.554] SetWindowTextW (hWnd=0x2002ce, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0269.554] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xc, wParam=0x0, lParam=0x2c96bd8) returned 0x1
[0269.554] InvalidateRect (hWnd=0x2002ce, lpRect=0x0, bErase=1) returned 1
[0269.554] GetCurrentThreadId () returned 0xf50
[0269.554] GetWindowThreadProcessId (in: hWnd=0x2002ce, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0269.555] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0269.556] GdipImageForceValidation (image=0x66019f0) returned 0x0
[0269.557] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0269.557] GdipGetImageHeight (image=0x66019f0, height=0xd7e824) returned 0x0
[0269.557] GdipGetImageWidth (image=0x66019f0, width=0xd7e824) returned 0x0
[0269.557] GdipGetImageWidth (image=0x66019f0, width=0xd7e810) returned 0x0
[0269.557] GdipGetImageHeight (image=0x66019f0, height=0xd7e810) returned 0x0
[0269.557] GdipGetImageWidth (image=0x66019f0, width=0xd7e800) returned 0x0
[0269.557] GdipGetImageHeight (image=0x66019f0, height=0xd7e800) returned 0x0
[0269.558] GdipBitmapGetPixel (bitmap=0x66019f0, x=0, y=15, color=0xd7e810) returned 0x0
[0269.558] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0269.558] GdipGetImageWidth (image=0x66019f0, width=0xd7e740) returned 0x0
[0269.558] GdipGetImageHeight (image=0x66019f0, height=0xd7e740) returned 0x0
[0269.558] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0269.558] GdipGetImagePixelFormat (image=0x66030e8, format=0xd7e740) returned 0x0
[0269.558] GdipGetImageGraphicsContext (image=0x66030e8, graphics=0xd7e74c) returned 0x0
[0269.558] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0269.558] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0269.558] GdipSetImageAttributesColorKeys (imageattr=0x6638bd8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0269.558] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66019f0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638bd8, callback=0x0, callbackData=0x0) returned 0x0
[0269.558] GdipDisposeImageAttributes (imageattr=0x6638bd8) returned 0x0
[0269.558] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.558] GdipDisposeImage (image=0x66019f0) returned 0x0
[0269.559] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0269.563] GdipImageForceValidation (image=0x6603e08) returned 0x0
[0269.564] GdipGetImageRawFormat (image=0x6603e08, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0269.564] GdipGetImageHeight (image=0x6603e08, height=0xd7e824) returned 0x0
[0269.564] GdipGetImageWidth (image=0x6603e08, width=0xd7e824) returned 0x0
[0269.564] GdipGetImageWidth (image=0x6603e08, width=0xd7e810) returned 0x0
[0269.564] GdipGetImageHeight (image=0x6603e08, height=0xd7e810) returned 0x0
[0269.564] GdipGetImageWidth (image=0x6603e08, width=0xd7e800) returned 0x0
[0269.564] GdipGetImageHeight (image=0x6603e08, height=0xd7e800) returned 0x0
[0269.564] GdipBitmapGetPixel (bitmap=0x6603e08, x=0, y=15, color=0xd7e810) returned 0x0
[0269.564] GdipGetImageRawFormat (image=0x6603e08, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0269.564] GdipGetImageWidth (image=0x6603e08, width=0xd7e740) returned 0x0
[0269.564] GdipGetImageHeight (image=0x6603e08, height=0xd7e740) returned 0x0
[0269.564] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0269.565] GdipGetImagePixelFormat (image=0x6603430, format=0xd7e740) returned 0x0
[0269.565] GdipGetImageGraphicsContext (image=0x6603430, graphics=0xd7e74c) returned 0x0
[0269.565] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0269.565] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0269.565] GdipSetImageAttributesColorKeys (imageattr=0x6638ba8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0269.565] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603e08, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ba8, callback=0x0, callbackData=0x0) returned 0x0
[0269.565] GdipDisposeImageAttributes (imageattr=0x6638ba8) returned 0x0
[0269.565] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.565] GdipDisposeImage (image=0x6603e08) returned 0x0
[0269.566] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.566] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0269.566] GetCurrentThreadId () returned 0xf50
[0269.566] GetCurrentThreadId () returned 0xf50
[0269.566] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.566] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0269.566] GetCurrentThreadId () returned 0xf50
[0269.566] GetCurrentThreadId () returned 0xf50
[0269.567] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.567] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0269.567] GetCurrentThreadId () returned 0xf50
[0269.567] GetCurrentThreadId () returned 0xf50
[0269.567] GetSystemMetrics (nIndex=5) returned 1
[0269.567] GetSystemMetrics (nIndex=6) returned 1
[0269.567] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.567] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0269.567] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.567] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0269.568] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.568] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0269.568] GetCurrentThreadId () returned 0xf50
[0269.568] GetCurrentThreadId () returned 0xf50
[0269.568] GetProcessWindowStation () returned 0x13c
[0269.568] GetCapture () returned 0x0
[0269.568] GetActiveWindow () returned 0x7005c
[0269.568] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0269.568] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.568] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0269.569] GetCursorPos (in: lpPoint=0x2cb85a8 | out: lpPoint=0x2cb85a8*(x=248, y=620)) returned 1
[0269.569] MonitorFromPoint (pt=0xf8, dwFlags=0x26d) returned 0x10001
[0269.569] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0269.569] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xd6010671
[0269.569] GetDeviceCaps (hdc=0xd6010671, index=12) returned 32
[0269.569] GetDeviceCaps (hdc=0xd6010671, index=14) returned 1
[0269.569] DeleteDC (hdc=0xd6010671) returned 1
[0269.569] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0269.570] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.570] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x1f02d0
[0269.570] SetWindowLongW (hWnd=0x1f02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0269.570] GetWindowLongW (hWnd=0x1f02d0, nIndex=-4) returned 1950089536
[0269.570] SetWindowLongW (hWnd=0x1f02d0, nIndex=-4, dwNewLong=19947078) returned 1950089536
[0269.570] GetWindowLongW (hWnd=0x1f02d0, nIndex=-4) returned 19947078
[0269.570] GetWindowLongW (hWnd=0x1f02d0, nIndex=-16) returned 113770496
[0269.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0269.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0269.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0269.572] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0269.572] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0269.573] SetWindowTextW (hWnd=0x1f02d0, lpString="BB ransomware") returned 1
[0269.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xc, wParam=0x0, lParam=0x2cb6d0c) returned 0x1
[0269.573] GetStartupInfoW (in: lpStartupInfo=0x2cb88e4 | out: lpStartupInfo=0x2cb88e4*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0269.574] GetParent (hWnd=0x1f02d0) returned 0x0
[0269.574] SetWindowLongW (hWnd=0x1f02d0, nIndex=-8, dwNewLong=0) returned 0
[0269.575] SendMessageW (hWnd=0x1f02d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0269.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0269.575] SendMessageW (hWnd=0x1f02d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0269.576] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0269.576] GetSystemMenu (hWnd=0x1f02d0, bRevert=0) returned 0x2c0095
[0269.576] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0269.576] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0269.576] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0269.576] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0269.576] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0269.576] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0269.577] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0269.577] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0269.577] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0269.577] SetWindowPos (hWnd=0x1f02d0, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0269.577] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0269.578] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x1f02d0) returned 0x1
[0269.580] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0269.580] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0269.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0269.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0269.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0269.583] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x1f02d0, lParam=0x0) returned 0x0
[0269.583] GetCapture () returned 0x0
[0269.583] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0269.584] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0269.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0269.586] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0269.586] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0269.587] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0269.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0269.587] GetParent (hWnd=0x1f02d0) returned 0x0
[0269.587] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0269.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0269.589] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0269.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0269.590] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0269.590] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0269.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0269.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0269.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0269.595] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.595] GetWindowLongW (hWnd=0x1f02d0, nIndex=-16) returned 113770496
[0269.595] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.595] GetSystemMetrics (nIndex=42) returned 0
[0269.595] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0269.595] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.596] GetSystemMetrics (nIndex=42) returned 0
[0269.596] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0269.596] GetCursorPos (in: lpPoint=0x2cb8b20 | out: lpPoint=0x2cb8b20*(x=248, y=620)) returned 1
[0269.596] MonitorFromPoint (pt=0xf8, dwFlags=0x26c) returned 0x10001
[0269.596] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0269.596] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2a01067c
[0269.596] GetDeviceCaps (hdc=0x2a01067c, index=12) returned 32
[0269.596] GetDeviceCaps (hdc=0x2a01067c, index=14) returned 1
[0269.596] DeleteDC (hdc=0x2a01067c) returned 1
[0269.596] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0269.596] GetWindowLongW (hWnd=0x1f02d0, nIndex=-16) returned 113770496
[0269.596] GetWindowLongW (hWnd=0x1f02d0, nIndex=-20) returned 327945
[0269.596] SetWindowLongW (hWnd=0x1f02d0, nIndex=-16, dwNewLong=46661632) returned 113770496
[0269.597] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0269.597] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0269.598] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0269.598] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0269.598] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0269.599] SetWindowLongW (hWnd=0x1f02d0, nIndex=-20, dwNewLong=327681) returned 327945
[0269.599] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0269.599] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0269.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0269.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0269.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0269.601] SetWindowPos (hWnd=0x1f02d0, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0269.601] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0269.601] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0269.601] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0269.601] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0269.601] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0269.601] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0269.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0269.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0269.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0269.604] RedrawWindow (hWnd=0x1f02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0269.604] GetSystemMenu (hWnd=0x1f02d0, bRevert=0) returned 0x2c0095
[0269.604] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0269.604] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0269.604] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0269.604] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0269.604] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0269.604] EnableMenuItem (hMenu=0x2c0095, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0269.604] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0269.604] GetWindowLongW (hWnd=0x1f02d0, nIndex=-8) returned 0
[0269.604] SetWindowLongW (hWnd=0x1f02d0, nIndex=-8, dwNewLong=458844) returned 0
[0269.605] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0269.605] GetProcessWindowStation () returned 0x13c
[0269.605] GetCurrentThreadId () returned 0xf50
[0269.605] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306026, lParam=0x0) returned 1
[0269.606] IsWindowVisible (hWnd=0x1f02d0) returned 0
[0269.606] IsWindowVisible (hWnd=0x7005c) returned 1
[0269.606] IsWindowEnabled (hWnd=0x7005c) returned 1
[0269.606] IsWindowVisible (hWnd=0x300ec) returned 0
[0269.606] IsWindowVisible (hWnd=0x502c6) returned 0
[0269.606] IsWindowVisible (hWnd=0x502be) returned 0
[0269.606] GetActiveWindow () returned 0x1f02d0
[0269.606] GetFocus () returned 0x1f02d0
[0269.606] IsWindow (hWnd=0x7005c) returned 1
[0269.606] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0269.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0269.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0269.614] GetWindowLongW (hWnd=0x1f02d0, nIndex=-8) returned 458844
[0269.614] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0269.614] GetCurrentThreadId () returned 0xf50
[0269.614] GetWindowLongW (hWnd=0x1f02d0, nIndex=-8) returned 458844
[0269.614] IsWindowEnabled (hWnd=0x7005c) returned 0
[0269.614] IsWindowEnabled (hWnd=0x1f02d0) returned 1
[0269.614] ShowWindow (hWnd=0x1f02d0, nCmdShow=5) returned 0
[0269.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.614] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0269.615] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.615] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.615] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x1f02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a02de
[0269.616] SetWindowLongW (hWnd=0x2a02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0269.616] GetWindowLongW (hWnd=0x2a02de, nIndex=-4) returned 1950089536
[0269.616] SetWindowLongW (hWnd=0x2a02de, nIndex=-4, dwNewLong=19946598) returned 1950089536
[0269.616] GetWindowLongW (hWnd=0x2a02de, nIndex=-4) returned 19946598
[0269.616] GetWindowLongW (hWnd=0x2a02de, nIndex=-16) returned 1174405120
[0269.616] GetWindowLongW (hWnd=0x2a02de, nIndex=-12) returned 0
[0269.616] SetWindowLongW (hWnd=0x2a02de, nIndex=-12, dwNewLong=2753246) returned 0
[0269.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0269.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0269.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0269.618] GetWindow (hWnd=0x2a02de, uCmd=0x3) returned 0x0
[0269.618] GetClientRect (in: hWnd=0x2a02de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0269.618] GetWindowRect (in: hWnd=0x2a02de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0269.618] GetParent (hWnd=0x2a02de) returned 0x1f02d0
[0269.618] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0269.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0269.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0269.618] GetClientRect (in: hWnd=0x2a02de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0269.618] GetWindowRect (in: hWnd=0x2a02de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0269.618] GetParent (hWnd=0x2a02de) returned 0x1f02d0
[0269.618] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0269.619] SendMessageW (hWnd=0x2a02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2a02de) returned 0x0
[0269.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2a02de) returned 0x0
[0269.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.619] GetParent (hWnd=0x2a02de) returned 0x1f02d0
[0269.619] GetParent (hWnd=0x2002ce) returned 0x2a02da
[0269.619] SetParent (hWndChild=0x2002ce, hWndNewParent=0x1f02d0) returned 0x2a02da
[0269.619] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0269.620] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0269.620] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0269.620] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0269.620] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0269.620] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0269.620] GetWindowRect (in: hWnd=0x2002ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0269.620] GetParent (hWnd=0x2002ce) returned 0x1f02d0
[0269.620] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0269.620] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0269.620] GetWindowRect (in: hWnd=0x2002ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0269.620] GetParent (hWnd=0x2002ce) returned 0x1f02d0
[0269.620] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0269.620] GetParent (hWnd=0x2002ce) returned 0x1f02d0
[0269.620] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.621] GetWindow (hWnd=0x2002ce, uCmd=0x3) returned 0x0
[0269.621] SetWindowPos (hWnd=0x2002ce, hWndInsertAfter=0x2a02de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0269.621] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0269.621] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0269.621] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0269.621] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0269.621] GetWindowRect (in: hWnd=0x2002ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0269.621] GetParent (hWnd=0x2002ce) returned 0x1f02d0
[0269.621] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0269.622] GetParent (hWnd=0x2002ce) returned 0x1f02d0
[0269.622] GetWindow (hWnd=0x2002ce, uCmd=0x3) returned 0x2a02de
[0269.622] GetWindowThreadProcessId (in: hWnd=0x2002ce, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0269.622] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0269.622] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.623] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.623] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x1f02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c02d8
[0269.623] SetWindowLongW (hWnd=0x2c02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0269.624] GetWindowLongW (hWnd=0x2c02d8, nIndex=-4) returned 1868032000
[0269.624] SetWindowLongW (hWnd=0x2c02d8, nIndex=-4, dwNewLong=19946798) returned 1868032000
[0269.624] GetWindowLongW (hWnd=0x2c02d8, nIndex=-4) returned 19946798
[0269.624] GetWindowLongW (hWnd=0x2c02d8, nIndex=-16) returned 1174470667
[0269.624] GetWindowLongW (hWnd=0x2c02d8, nIndex=-12) returned 0
[0269.624] SetWindowLongW (hWnd=0x2c02d8, nIndex=-12, dwNewLong=2884312) returned 0
[0269.624] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0269.625] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0269.625] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0269.626] SendMessageW (hWnd=0x2c02d8, Msg=0x2055, wParam=0x2c02d8, lParam=0x3) returned 0x2
[0269.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0269.626] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0269.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0269.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0269.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0269.626] RedrawWindow (hWnd=0x2a02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0269.626] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0269.626] RedrawWindow (hWnd=0x2002ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0269.626] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0269.626] RedrawWindow (hWnd=0x2c02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0269.627] RedrawWindow (hWnd=0x1f02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0269.627] GetWindow (hWnd=0x2c02d8, uCmd=0x3) returned 0x2002ce
[0269.627] GetClientRect (in: hWnd=0x2c02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0269.627] GetWindowRect (in: hWnd=0x2c02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0269.627] GetParent (hWnd=0x2c02d8) returned 0x1f02d0
[0269.627] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0269.627] SetWindowTextW (hWnd=0x2c02d8, lpString="&Details") returned 1
[0269.627] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0269.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0269.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0269.628] GetClientRect (in: hWnd=0x2c02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0269.628] GetWindowRect (in: hWnd=0x2c02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0269.628] GetParent (hWnd=0x2c02d8) returned 0x1f02d0
[0269.628] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0269.628] SendMessageW (hWnd=0x2c02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2c02d8) returned 0x0
[0269.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2c02d8) returned 0x0
[0269.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.629] GetParent (hWnd=0x2c02d8) returned 0x1f02d0
[0269.629] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0269.629] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.629] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.629] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x1f02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d00ea
[0269.630] SetWindowLongW (hWnd=0x2d00ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0269.630] GetWindowLongW (hWnd=0x2d00ea, nIndex=-4) returned 1868032000
[0269.630] SetWindowLongW (hWnd=0x2d00ea, nIndex=-4, dwNewLong=19946638) returned 1868032000
[0269.630] GetWindowLongW (hWnd=0x2d00ea, nIndex=-4) returned 19946638
[0269.630] GetWindowLongW (hWnd=0x2d00ea, nIndex=-16) returned 1174470667
[0269.630] GetWindowLongW (hWnd=0x2d00ea, nIndex=-12) returned 0
[0269.630] SetWindowLongW (hWnd=0x2d00ea, nIndex=-12, dwNewLong=2949354) returned 0
[0269.630] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0269.631] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0269.631] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0269.633] SendMessageW (hWnd=0x2d00ea, Msg=0x2055, wParam=0x2d00ea, lParam=0x3) returned 0x2
[0269.633] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0269.633] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0269.633] GetWindow (hWnd=0x2d00ea, uCmd=0x3) returned 0x2c02d8
[0269.633] GetClientRect (in: hWnd=0x2d00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0269.633] GetWindowRect (in: hWnd=0x2d00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0269.633] GetParent (hWnd=0x2d00ea) returned 0x1f02d0
[0269.633] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0269.633] SetWindowTextW (hWnd=0x2d00ea, lpString="&Continue") returned 1
[0269.633] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0269.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0269.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0269.634] GetClientRect (in: hWnd=0x2d00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0269.634] GetWindowRect (in: hWnd=0x2d00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0269.634] GetParent (hWnd=0x2d00ea) returned 0x1f02d0
[0269.634] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0269.634] SendMessageW (hWnd=0x2d00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2d00ea) returned 0x0
[0269.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2d00ea) returned 0x0
[0269.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.634] GetParent (hWnd=0x2d00ea) returned 0x1f02d0
[0269.634] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0269.635] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.635] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.635] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x1f02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a02dc
[0269.635] SetWindowLongW (hWnd=0x2a02dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0269.636] GetWindowLongW (hWnd=0x2a02dc, nIndex=-4) returned 1868032000
[0269.636] SetWindowLongW (hWnd=0x2a02dc, nIndex=-4, dwNewLong=19946558) returned 1868032000
[0269.636] GetWindowLongW (hWnd=0x2a02dc, nIndex=-4) returned 19946558
[0269.636] GetWindowLongW (hWnd=0x2a02dc, nIndex=-16) returned 1174470667
[0269.636] GetWindowLongW (hWnd=0x2a02dc, nIndex=-12) returned 0
[0269.636] SetWindowLongW (hWnd=0x2a02dc, nIndex=-12, dwNewLong=2753244) returned 0
[0269.636] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0269.637] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0269.637] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0269.638] SendMessageW (hWnd=0x2a02dc, Msg=0x2055, wParam=0x2a02dc, lParam=0x3) returned 0x2
[0269.638] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0269.638] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0269.638] GetWindow (hWnd=0x2a02dc, uCmd=0x3) returned 0x2d00ea
[0269.638] GetClientRect (in: hWnd=0x2a02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0269.638] GetWindowRect (in: hWnd=0x2a02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0269.638] GetParent (hWnd=0x2a02dc) returned 0x1f02d0
[0269.638] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0269.638] SetWindowTextW (hWnd=0x2a02dc, lpString="&Quit") returned 1
[0269.638] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0269.639] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0269.639] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0269.639] GetClientRect (in: hWnd=0x2a02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0269.639] GetWindowRect (in: hWnd=0x2a02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0269.639] GetParent (hWnd=0x2a02dc) returned 0x1f02d0
[0269.639] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0269.639] SendMessageW (hWnd=0x2a02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2a02dc) returned 0x0
[0269.639] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2a02dc) returned 0x0
[0269.639] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.640] GetParent (hWnd=0x2a02dc) returned 0x1f02d0
[0269.640] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0269.640] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.640] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0269.640] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x1f02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2402c8
[0269.641] SetWindowLongW (hWnd=0x2402c8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0269.641] GetWindowLongW (hWnd=0x2402c8, nIndex=-4) returned 1868026976
[0269.641] SetWindowLongW (hWnd=0x2402c8, nIndex=-4, dwNewLong=19946838) returned 1868026976
[0269.641] GetWindowLongW (hWnd=0x2402c8, nIndex=-4) returned 19946838
[0269.641] GetWindowLongW (hWnd=0x2402c8, nIndex=-16) returned 1177553092
[0269.641] GetWindowLongW (hWnd=0x2402c8, nIndex=-12) returned 0
[0269.641] SetWindowLongW (hWnd=0x2402c8, nIndex=-12, dwNewLong=2360008) returned 0
[0269.641] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0269.642] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0269.643] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0269.665] GetWindow (hWnd=0x2402c8, uCmd=0x3) returned 0x2a02dc
[0269.665] GetClientRect (in: hWnd=0x2402c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0269.665] GetWindowRect (in: hWnd=0x2402c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0269.665] GetParent (hWnd=0x2402c8) returned 0x1f02d0
[0269.665] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0269.665] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.665] GetSystemMetrics (nIndex=42) returned 0
[0269.665] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0269.665] SendMessageW (hWnd=0x2402c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0269.665] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0269.671] SetWindowTextW (hWnd=0x2402c8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0269.671] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0xc, wParam=0x0, lParam=0x2cb46f4) returned 0x1
[0269.673] GetSystemMetrics (nIndex=5) returned 1
[0269.673] GetSystemMetrics (nIndex=6) returned 1
[0269.673] SendMessageW (hWnd=0x2402c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0269.673] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0269.674] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0269.674] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0269.674] GetClientRect (in: hWnd=0x2402c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0269.674] GetWindowRect (in: hWnd=0x2402c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0269.674] GetParent (hWnd=0x2402c8) returned 0x1f02d0
[0269.674] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x1f02d0, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0269.674] SendMessageW (hWnd=0x2402c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2402c8) returned 0x0
[0269.675] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2402c8) returned 0x0
[0269.675] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0269.675] GetParent (hWnd=0x2402c8) returned 0x1f02d0
[0269.675] GetWindowLongW (hWnd=0x1f02d0, nIndex=-8) returned 458844
[0269.675] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0269.675] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0269.675] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3101067c
[0269.675] GetDeviceCaps (hdc=0x3101067c, index=12) returned 32
[0269.675] GetDeviceCaps (hdc=0x3101067c, index=14) returned 1
[0269.675] DeleteDC (hdc=0x3101067c) returned 1
[0269.676] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0269.676] GetWindowThreadProcessId (in: hWnd=0x1f02d0, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0269.676] GetCurrentThreadId () returned 0xf50
[0269.676] PostMessageW (hWnd=0x1f02d0, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0269.676] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.676] GetSystemMetrics (nIndex=42) returned 0
[0269.676] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0269.676] GdipImageGetFrameDimensionsCount (image=0x6600988, count=0xd7e25c) returned 0x0
[0269.676] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201670
[0269.676] GdipImageGetFrameDimensionsList (image=0x6600988, dimensionIDs=0x1201670*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0269.676] LocalFree (hMem=0x1201670) returned 0x0
[0269.677] GdipImageGetFrameDimensionsCount (image=0x66030e8, count=0xd7e250) returned 0x0
[0269.677] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201670
[0269.677] GdipImageGetFrameDimensionsList (image=0x66030e8, dimensionIDs=0x1201670*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0269.677] LocalFree (hMem=0x1201670) returned 0x0
[0269.677] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0269.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0269.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0269.689] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0269.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0269.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0269.690] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0269.691] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0269.691] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0269.691] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.691] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.691] GetSystemMetrics (nIndex=42) returned 0
[0269.691] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.691] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0269.691] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0269.691] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0269.691] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0269.692] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0xffffffffbe0507fc
[0269.692] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0269.692] SaveDC (hdc=0xf0105ee) returned 1
[0269.692] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0269.692] CreateSolidBrush (color=0xf0f0f0) returned 0xeb1007e1
[0269.692] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0xeb1007e1) returned 1
[0269.692] DeleteObject (ho=0xeb1007e1) returned 1
[0269.692] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0269.692] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0269.692] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0269.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0269.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0269.693] GetStockObject (i=5) returned 0x900015
[0269.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0269.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0269.693] GetStockObject (i=5) returned 0x900015
[0269.693] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0269.694] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0269.694] GetStockObject (i=5) returned 0x900015
[0269.694] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0269.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0269.694] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0269.694] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0269.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0269.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0269.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0269.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0269.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0269.696] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0269.696] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0269.696] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0269.696] InvalidateRect (hWnd=0x2c02d8, lpRect=0x0, bErase=0) returned 1
[0269.696] GetFocus () returned 0x1f02d0
[0269.696] GetFocus () returned 0x1f02d0
[0269.696] SetFocus (hWnd=0x2c02d8) returned 0x1f02d0
[0269.697] GetFocus () returned 0x2c02d8
[0269.697] IsChild (hWndParent=0x1f02d0, hWnd=0x2c02d8) returned 1
[0269.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x8, wParam=0x2c02d8, lParam=0x0) returned 0x0
[0269.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0269.699] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0269.705] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0269.705] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x7, wParam=0x1f02d0, lParam=0x0) returned 0x0
[0269.706] GetStockObject (i=5) returned 0x900015
[0269.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0269.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0269.706] GetDlgItem (hDlg=0x1f02d0, nIDDlgItem=2884312) returned 0x2c02d8
[0269.706] SendMessageW (hWnd=0x2c02d8, Msg=0x202b, wParam=0x2c02d8, lParam=0xd7e0dc) returned 0x0
[0269.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x202b, wParam=0x2c02d8, lParam=0xd7e0dc) returned 0x0
[0269.706] InvalidateRect (hWnd=0x2c02d8, lpRect=0x0, bErase=0) returned 1
[0269.708] GetFocus () returned 0x2c02d8
[0269.708] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.709] IsWindowUnicode (hWnd=0x1f02d0) returned 1
[0269.709] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.709] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.709] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0269.709] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.709] IsWindowUnicode (hWnd=0x1f02d0) returned 1
[0269.709] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.709] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.709] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.709] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0269.710] IsWindowUnicode (hWnd=0x1f02d0) returned 1
[0269.710] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.710] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.710] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.710] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.710] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.710] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.710] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.710] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.710] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0269.710] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0269.710] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.711] IsWindowUnicode (hWnd=0x1f02d0) returned 1
[0269.711] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.711] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.711] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.711] BeginPaint (in: hWnd=0x1f02d0, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0269.711] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.712] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.712] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.712] GetSystemMetrics (nIndex=42) returned 0
[0269.712] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.712] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0269.712] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.712] EndPaint (hWnd=0x1f02d0, lpPaint=0xd7e274) returned 1
[0269.712] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.712] IsWindowUnicode (hWnd=0x2a02de) returned 1
[0269.712] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.712] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.712] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.712] BeginPaint (in: hWnd=0x2a02de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0269.712] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.713] CreateCompatibleDC (hdc=0xc0107c5) returned 0x560107d7
[0269.713] SelectObject (hdc=0x560107d7, h=0x4a0507fe) returned 0x85000f
[0269.713] GdipCreateFromHDC (hdc=0x560107d7, graphics=0xd7e2b0) returned 0x0
[0269.713] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.713] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0269.713] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0269.713] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0269.713] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e310) returned 0x0
[0269.713] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.713] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0269.713] LocalFree (hMem=0x11ee868) returned 0x0
[0269.713] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0269.713] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0269.713] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0269.713] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e304) returned 0x0
[0269.713] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0269.714] GetWindowTextLengthW (hWnd=0x2a02de) returned 0
[0269.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0269.714] GetSystemMetrics (nIndex=42) returned 0
[0269.714] GetWindowTextW (in: hWnd=0x2a02de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0269.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0269.714] GetClientRect (in: hWnd=0x2a02de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0269.714] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0269.714] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0269.714] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0269.714] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0269.714] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e164) returned 0x0
[0269.714] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.714] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0269.714] LocalFree (hMem=0x11ee868) returned 0x0
[0269.714] GdipCombineRegionRegion (region=0x6646e68, region2=0x6646a78, combineMode=0x1) returned 0x0
[0269.714] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0269.714] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea28) returned 0x0
[0269.714] LocalFree (hMem=0x11eea28) returned 0x0
[0269.714] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0269.714] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0269.714] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0269.714] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0269.715] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0269.715] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0269.715] GetCurrentObject (hdc=0x560107d7, type=0x1) returned 0xb00017
[0269.715] GetCurrentObject (hdc=0x560107d7, type=0x2) returned 0x900010
[0269.715] GetCurrentObject (hdc=0x560107d7, type=0x7) returned 0x4a0507fe
[0269.715] GetCurrentObject (hdc=0x560107d7, type=0x6) returned 0x8a01c2
[0269.715] SaveDC (hdc=0x560107d7) returned 1
[0269.715] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x700407de
[0269.715] GetClipRgn (hdc=0x560107d7, hrgn=0x700407de) returned 0
[0269.715] SelectClipRgn (hdc=0x560107d7, hrgn=0xdb040807) returned 2
[0269.715] DeleteObject (ho=0x700407de) returned 1
[0269.715] DeleteObject (ho=0xdb040807) returned 1
[0269.715] OffsetViewportOrgEx (in: hdc=0x560107d7, x=0, y=0, lppt=0x2cba28c | out: lppt=0x2cba28c) returned 1
[0269.715] GetNearestColor (hdc=0x560107d7, color=0xf0f0f0) returned 0xf0f0f0
[0269.715] CreateSolidBrush (color=0xf0f0f0) returned 0xec1007e1
[0269.715] FillRect (hDC=0x560107d7, lprc=0xd7e198, hbr=0xec1007e1) returned 1
[0269.716] DeleteObject (ho=0xec1007e1) returned 1
[0269.719] RestoreDC (hdc=0x560107d7, nSavedDC=-1) returned 1
[0269.719] GdipReleaseDC (graphics=0x6600030, hdc=0x560107d7) returned 0x0
[0269.719] GdipRestoreGraphics (graphics=0x6600030, state=0xf7400dbd) returned 0x0
[0269.719] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0269.719] GetWindowTextLengthW (hWnd=0x2a02de) returned 0
[0269.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0269.719] GetSystemMetrics (nIndex=42) returned 0
[0269.719] GetWindowTextW (in: hWnd=0x2a02de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0269.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0269.719] GdipGetImageWidth (image=0x6600988, width=0xd7e1e0) returned 0x0
[0269.719] GdipGetImageHeight (image=0x6600988, height=0xd7e1e0) returned 0x0
[0269.719] GdipGetImageWidth (image=0x6600988, width=0xd7e1cc) returned 0x0
[0269.719] GdipGetImageHeight (image=0x6600988, height=0xd7e1cc) returned 0x0
[0269.719] GdipDrawImageRectI (graphics=0x6600030, image=0x6600988, x=16, y=16, width=32, height=32) returned 0x0
[0269.720] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0269.720] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0x560107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.720] GdipReleaseDC (graphics=0x6600030, hdc=0x560107d7) returned 0x0
[0269.720] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.720] SelectObject (hdc=0x560107d7, h=0x85000f) returned 0x4a0507fe
[0269.720] DeleteDC (hdc=0x560107d7) returned 1
[0269.720] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.720] EndPaint (hWnd=0x2a02de, lpPaint=0xd7e294) returned 1
[0269.720] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.720] IsWindowUnicode (hWnd=0x2002ce) returned 1
[0269.720] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.720] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.720] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.720] BeginPaint (in: hWnd=0x2002ce, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0269.721] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.721] CreateCompatibleDC (hdc=0xf0105ee) returned 0x580107d7
[0269.721] GetObjectType (h=0xf0105ee) returned 0x3
[0269.721] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0x3d05067c
[0269.721] GetDIBits (in: hdc=0xf0105ee, hbm=0x3d05067c, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0269.721] GetDIBits (in: hdc=0xf0105ee, hbm=0x3d05067c, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0269.721] DeleteObject (ho=0x3d05067c) returned 1
[0269.721] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x360507f8
[0269.721] SelectObject (hdc=0x580107d7, h=0x360507f8) returned 0x85000f
[0269.721] GdipCreateFromHDC (hdc=0x580107d7, graphics=0xd7e234) returned 0x0
[0269.722] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.722] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0269.722] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0269.722] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0269.722] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2d4) returned 0x0
[0269.722] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.722] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0269.722] LocalFree (hMem=0x11eec58) returned 0x0
[0269.722] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0269.722] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0269.722] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0269.722] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0269.722] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0269.722] GetWindowTextLengthW (hWnd=0x2002ce) returned 232
[0269.722] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0269.722] GetSystemMetrics (nIndex=42) returned 0
[0269.723] GetWindowTextW (in: hWnd=0x2002ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0269.723] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0269.723] GetClientRect (in: hWnd=0x2002ce, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0269.723] GdipCreateRegion (region=0xd7e110) returned 0x0
[0269.723] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0269.723] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0269.723] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0269.723] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e128) returned 0x0
[0269.723] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.723] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0269.723] LocalFree (hMem=0x11eec58) returned 0x0
[0269.723] GdipCombineRegionRegion (region=0x6646958, region2=0x66467a8, combineMode=0x1) returned 0x0
[0269.723] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0269.723] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0269.723] LocalFree (hMem=0x11eecc8) returned 0x0
[0269.723] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0269.723] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e150) returned 0x0
[0269.723] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e140) returned 0x0
[0269.723] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0269.723] GdipDeleteRegion (region=0x6646958) returned 0x0
[0269.723] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0269.724] GetCurrentObject (hdc=0x580107d7, type=0x1) returned 0xb00017
[0269.724] GetCurrentObject (hdc=0x580107d7, type=0x2) returned 0x900010
[0269.724] GetCurrentObject (hdc=0x580107d7, type=0x7) returned 0x360507f8
[0269.724] GetCurrentObject (hdc=0x580107d7, type=0x6) returned 0x8a01c2
[0269.724] SaveDC (hdc=0x580107d7) returned 1
[0269.724] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdc040807
[0269.724] GetClipRgn (hdc=0x580107d7, hrgn=0xdc040807) returned 0
[0269.724] SelectClipRgn (hdc=0x580107d7, hrgn=0x710407de) returned 2
[0269.724] DeleteObject (ho=0xdc040807) returned 1
[0269.724] DeleteObject (ho=0x710407de) returned 1
[0269.724] OffsetViewportOrgEx (in: hdc=0x580107d7, x=0, y=0, lppt=0x2cbbc54 | out: lppt=0x2cbbc54) returned 1
[0269.724] GetNearestColor (hdc=0x580107d7, color=0xf0f0f0) returned 0xf0f0f0
[0269.724] CreateSolidBrush (color=0xf0f0f0) returned 0xed1007e1
[0269.724] FillRect (hDC=0x580107d7, lprc=0xd7e15c, hbr=0xed1007e1) returned 1
[0269.725] DeleteObject (ho=0xed1007e1) returned 1
[0269.725] RestoreDC (hdc=0x580107d7, nSavedDC=-1) returned 1
[0269.725] GdipReleaseDC (graphics=0x6600030, hdc=0x580107d7) returned 0x0
[0269.725] GdipRestoreGraphics (graphics=0x6600030, state=0xf73e0dbd) returned 0x0
[0269.725] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0269.725] GetWindowTextLengthW (hWnd=0x2002ce) returned 232
[0269.725] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0269.725] GetSystemMetrics (nIndex=42) returned 0
[0269.726] GetWindowTextW (in: hWnd=0x2002ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0269.726] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0269.726] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0269.726] GetCurrentObject (hdc=0x580107d7, type=0x1) returned 0xb00017
[0269.726] GetCurrentObject (hdc=0x580107d7, type=0x2) returned 0x900010
[0269.726] GetCurrentObject (hdc=0x580107d7, type=0x7) returned 0x360507f8
[0269.726] GetCurrentObject (hdc=0x580107d7, type=0x6) returned 0x8a01c2
[0269.726] SaveDC (hdc=0x580107d7) returned 1
[0269.726] GetNearestColor (hdc=0x580107d7, color=0x0) returned 0x0
[0269.726] RestoreDC (hdc=0x580107d7, nSavedDC=-1) returned 1
[0269.726] GdipReleaseDC (graphics=0x6600030, hdc=0x580107d7) returned 0x0
[0269.727] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0269.727] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0269.727] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2cbc450 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0269.727] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0269.727] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0269.727] GetCurrentObject (hdc=0x580107d7, type=0x1) returned 0xb00017
[0269.727] GetCurrentObject (hdc=0x580107d7, type=0x2) returned 0x900010
[0269.727] GetCurrentObject (hdc=0x580107d7, type=0x7) returned 0x360507f8
[0269.727] GetCurrentObject (hdc=0x580107d7, type=0x6) returned 0x8a01c2
[0269.727] SaveDC (hdc=0x580107d7) returned 1
[0269.727] GetTextAlign (hdc=0x580107d7) returned 0x0
[0269.728] GetTextColor (hdc=0x580107d7) returned 0x0
[0269.728] GetCurrentObject (hdc=0x580107d7, type=0x6) returned 0x8a01c2
[0269.728] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0269.728] SelectObject (hdc=0x580107d7, h=0x6d0a0520) returned 0x8a01c2
[0269.728] GetBkMode (hdc=0x580107d7) returned 2
[0269.728] SetBkMode (hdc=0x580107d7, mode=1) returned 2
[0269.728] DrawTextExW (in: hdc=0x580107d7, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2cbc674 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0269.730] RestoreDC (hdc=0x580107d7, nSavedDC=-1) returned 1
[0269.731] GdipReleaseDC (graphics=0x6600030, hdc=0x580107d7) returned 0x0
[0269.731] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0269.731] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0x580107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.731] GdipReleaseDC (graphics=0x6600030, hdc=0x580107d7) returned 0x0
[0269.731] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.731] SelectObject (hdc=0x580107d7, h=0x85000f) returned 0x360507f8
[0269.731] DeleteDC (hdc=0x580107d7) returned 1
[0269.731] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.731] DeleteObject (ho=0x360507f8) returned 1
[0269.734] EndPaint (hWnd=0x2002ce, lpPaint=0xd7e258) returned 1
[0269.734] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.734] IsWindowUnicode (hWnd=0x2c02d8) returned 1
[0269.734] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.734] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.734] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.734] BeginPaint (in: hWnd=0x2c02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0269.734] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.734] CreateCompatibleDC (hdc=0x60100ce) returned 0x3f01067c
[0269.735] SelectObject (hdc=0x3f01067c, h=0x4a0507fe) returned 0x85000f
[0269.735] GdipCreateFromHDC (hdc=0x3f01067c, graphics=0xd7e268) returned 0x0
[0269.735] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.735] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0269.735] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0269.735] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0269.735] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0269.735] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.735] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0269.735] LocalFree (hMem=0x11ee868) returned 0x0
[0269.735] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0269.735] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0269.735] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0269.735] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0269.735] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0269.735] GdipRestoreGraphics (graphics=0x6600030, state=0xf73c0dbd) returned 0x0
[0269.735] GdipDeleteRegion (region=0x6646328) returned 0x0
[0269.736] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0269.736] GetCurrentObject (hdc=0x3f01067c, type=0x1) returned 0xb00017
[0269.736] GetCurrentObject (hdc=0x3f01067c, type=0x2) returned 0x900010
[0269.736] GetCurrentObject (hdc=0x3f01067c, type=0x7) returned 0x4a0507fe
[0269.736] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.736] SaveDC (hdc=0x3f01067c) returned 1
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0xa0a0a0) returned 0xa0a0a0
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0x696969) returned 0x696969
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0xa0a0a0) returned 0xa0a0a0
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0x0) returned 0x0
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0xffffff) returned 0xffffff
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0xe5e5e5) returned 0xe5e5e5
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0xd7d7d7) returned 0xd7d7d7
[0269.736] GetNearestColor (hdc=0x3f01067c, color=0x0) returned 0x0
[0269.736] RestoreDC (hdc=0x3f01067c, nSavedDC=-1) returned 1
[0269.736] GdipReleaseDC (graphics=0x6600030, hdc=0x3f01067c) returned 0x0
[0269.737] IsAppThemed () returned 0x1
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] GdipGetImageWidth (image=0x66030e8, width=0xd7e168) returned 0x0
[0269.737] GdipGetImageHeight (image=0x66030e8, height=0xd7e168) returned 0x0
[0269.737] IsAppThemed () returned 0x1
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2cbcdc4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0269.737] IsAppThemed () returned 0x1
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] IsAppThemed () returned 0x1
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] GetThemeAppProperties () returned 0x3
[0269.737] GetFocus () returned 0x2c02d8
[0269.737] IsAppThemed () returned 0x1
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] IsAppThemed () returned 0x1
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] IsThemePartDefined () returned 0x1
[0269.738] IsAppThemed () returned 0x1
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0269.738] IsAppThemed () returned 0x1
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] IsAppThemed () returned 0x1
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] GetThemeAppProperties () returned 0x3
[0269.738] IsThemePartDefined () returned 0x1
[0269.738] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0269.738] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0269.738] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0269.738] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0269.738] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0269.738] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.738] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0269.738] LocalFree (hMem=0x11ee868) returned 0x0
[0269.739] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.739] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0269.739] LocalFree (hMem=0x11ee868) returned 0x0
[0269.739] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0269.739] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0269.739] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0269.739] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0269.739] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0269.739] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0269.739] GetCurrentObject (hdc=0x3f01067c, type=0x1) returned 0xb00017
[0269.739] GetCurrentObject (hdc=0x3f01067c, type=0x2) returned 0x900010
[0269.739] GetCurrentObject (hdc=0x3f01067c, type=0x7) returned 0x4a0507fe
[0269.739] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.739] SaveDC (hdc=0x3f01067c) returned 1
[0269.739] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x720407de
[0269.739] GetClipRgn (hdc=0x3f01067c, hrgn=0x720407de) returned 0
[0269.739] SelectClipRgn (hdc=0x3f01067c, hrgn=0xe0040807) returned 2
[0269.739] DeleteObject (ho=0x720407de) returned 1
[0269.739] DeleteObject (ho=0xe0040807) returned 1
[0269.740] OffsetViewportOrgEx (in: hdc=0x3f01067c, x=0, y=0, lppt=0x2cbd474 | out: lppt=0x2cbd474) returned 1
[0269.740] DrawThemeParentBackground () returned 0x0
[0269.740] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0269.740] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0269.740] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.740] GetSystemMetrics (nIndex=42) returned 0
[0269.740] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0269.740] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0269.740] GetCurrentObject (hdc=0x3f01067c, type=0x1) returned 0xb00017
[0269.740] GetCurrentObject (hdc=0x3f01067c, type=0x2) returned 0x900010
[0269.740] GetCurrentObject (hdc=0x3f01067c, type=0x7) returned 0x4a0507fe
[0269.740] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.740] SaveDC (hdc=0x3f01067c) returned 2
[0269.740] GetNearestColor (hdc=0x3f01067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.740] CreateSolidBrush (color=0xf0f0f0) returned 0xee1007e1
[0269.740] FillRect (hDC=0x3f01067c, lprc=0xd7da38, hbr=0xee1007e1) returned 1
[0269.741] DeleteObject (ho=0xee1007e1) returned 1
[0269.741] RestoreDC (hdc=0x3f01067c, nSavedDC=-1) returned 1
[0269.741] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.741] GetSystemMetrics (nIndex=42) returned 0
[0269.741] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0269.741] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0269.741] GetCurrentObject (hdc=0x3f01067c, type=0x1) returned 0xb00017
[0269.741] GetCurrentObject (hdc=0x3f01067c, type=0x2) returned 0x900010
[0269.741] GetCurrentObject (hdc=0x3f01067c, type=0x7) returned 0x4a0507fe
[0269.741] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.741] SaveDC (hdc=0x3f01067c) returned 2
[0269.741] GetNearestColor (hdc=0x3f01067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.741] CreateSolidBrush (color=0xf0f0f0) returned 0xef1007e1
[0269.741] FillRect (hDC=0x3f01067c, lprc=0xd7d9d8, hbr=0xef1007e1) returned 1
[0269.741] DeleteObject (ho=0xef1007e1) returned 1
[0269.741] RestoreDC (hdc=0x3f01067c, nSavedDC=-1) returned 1
[0269.741] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.741] GetSystemMetrics (nIndex=42) returned 0
[0269.742] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0269.744] RestoreDC (hdc=0x3f01067c, nSavedDC=-1) returned 1
[0269.744] GdipReleaseDC (graphics=0x6600030, hdc=0x3f01067c) returned 0x0
[0269.744] IsAppThemed () returned 0x1
[0269.744] GetThemeAppProperties () returned 0x3
[0269.744] GetThemeAppProperties () returned 0x3
[0269.744] IsAppThemed () returned 0x1
[0269.744] GetThemeAppProperties () returned 0x3
[0269.744] GetThemeAppProperties () returned 0x3
[0269.744] IsThemePartDefined () returned 0x1
[0269.744] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0269.744] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0269.744] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0269.744] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0269.744] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0269.744] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0269.744] LocalFree (hMem=0x11ee868) returned 0x0
[0269.744] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0269.745] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.745] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0269.745] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0269.745] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0269.745] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0269.745] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0269.745] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0269.745] GetCurrentObject (hdc=0x3f01067c, type=0x1) returned 0xb00017
[0269.745] GetCurrentObject (hdc=0x3f01067c, type=0x2) returned 0x900010
[0269.745] GetCurrentObject (hdc=0x3f01067c, type=0x7) returned 0x4a0507fe
[0269.745] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.745] SaveDC (hdc=0x3f01067c) returned 1
[0269.745] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe1040807
[0269.745] GetClipRgn (hdc=0x3f01067c, hrgn=0xe1040807) returned 0
[0269.745] SelectClipRgn (hdc=0x3f01067c, hrgn=0x740407de) returned 2
[0269.745] DeleteObject (ho=0xe1040807) returned 1
[0269.745] DeleteObject (ho=0x740407de) returned 1
[0269.745] OffsetViewportOrgEx (in: hdc=0x3f01067c, x=0, y=0, lppt=0x2cbdd20 | out: lppt=0x2cbdd20) returned 1
[0269.745] IsAppThemed () returned 0x1
[0269.745] GetThemeAppProperties () returned 0x3
[0269.745] GetThemeAppProperties () returned 0x3
[0269.745] DrawThemeBackground () returned 0x0
[0269.746] RestoreDC (hdc=0x3f01067c, nSavedDC=-1) returned 1
[0269.746] GdipReleaseDC (graphics=0x6600030, hdc=0x3f01067c) returned 0x0
[0269.746] GdipCreateRegion (region=0xd7df60) returned 0x0
[0269.746] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0269.746] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0269.746] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0269.746] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0269.746] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.746] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0269.746] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.746] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.746] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0269.746] LocalFree (hMem=0x11ee868) returned 0x0
[0269.746] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0269.746] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0269.746] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0269.746] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0269.746] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0269.747] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0269.747] GetCurrentObject (hdc=0x3f01067c, type=0x1) returned 0xb00017
[0269.747] GetCurrentObject (hdc=0x3f01067c, type=0x2) returned 0x900010
[0269.747] GetCurrentObject (hdc=0x3f01067c, type=0x7) returned 0x4a0507fe
[0269.761] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.761] SaveDC (hdc=0x3f01067c) returned 1
[0269.761] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x750407de
[0269.761] GetClipRgn (hdc=0x3f01067c, hrgn=0x750407de) returned 0
[0269.761] SelectClipRgn (hdc=0x3f01067c, hrgn=0xe2040807) returned 2
[0269.761] DeleteObject (ho=0x750407de) returned 1
[0269.761] DeleteObject (ho=0xe2040807) returned 1
[0269.761] OffsetViewportOrgEx (in: hdc=0x3f01067c, x=0, y=0, lppt=0x2cbdff4 | out: lppt=0x2cbdff4) returned 1
[0269.761] IsAppThemed () returned 0x1
[0269.761] GetThemeAppProperties () returned 0x3
[0269.761] GetThemeAppProperties () returned 0x3
[0269.761] GetThemeBackgroundContentRect () returned 0x0
[0269.761] RestoreDC (hdc=0x3f01067c, nSavedDC=-1) returned 1
[0269.762] GdipReleaseDC (graphics=0x6600030, hdc=0x3f01067c) returned 0x0
[0269.762] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0269.762] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0269.762] GdipCloneRegion (region=0x6646b98, cloneRegion=0xd7e150) returned 0x0
[0269.762] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0269.762] GdipCombineRegionRectI (region=0x6646958, rect=0xd7e138, combineMode=0x1) returned 0x0
[0269.762] GdipSetClipRegion (graphics=0x6600030, region=0x6646958, combineMode=0x0) returned 0x0
[0269.762] GdipGetImageWidth (image=0x66030e8, width=0xd7e154) returned 0x0
[0269.762] GdipGetImageHeight (image=0x66030e8, height=0xd7e148) returned 0x0
[0269.762] GdipDrawImageRectI (graphics=0x6600030, image=0x66030e8, x=4, y=4, width=16, height=16) returned 0x0
[0269.762] GdipSetClipRegion (graphics=0x6600030, region=0x6646b98, combineMode=0x0) returned 0x0
[0269.762] IsAppThemed () returned 0x1
[0269.762] GetThemeAppProperties () returned 0x3
[0269.762] GetThemeAppProperties () returned 0x3
[0269.762] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0269.762] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0269.763] GetCurrentObject (hdc=0x3f01067c, type=0x1) returned 0xb00017
[0269.763] GetCurrentObject (hdc=0x3f01067c, type=0x2) returned 0x900010
[0269.763] GetCurrentObject (hdc=0x3f01067c, type=0x7) returned 0x4a0507fe
[0269.763] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.763] SaveDC (hdc=0x3f01067c) returned 1
[0269.763] GetTextAlign (hdc=0x3f01067c) returned 0x0
[0269.763] GetTextColor (hdc=0x3f01067c) returned 0x0
[0269.763] GetCurrentObject (hdc=0x3f01067c, type=0x6) returned 0x8a01c2
[0269.763] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0269.764] SelectObject (hdc=0x3f01067c, h=0x6d0a0520) returned 0x8a01c2
[0269.764] GetBkMode (hdc=0x3f01067c) returned 2
[0269.764] SetBkMode (hdc=0x3f01067c, mode=1) returned 2
[0269.764] DrawTextExW (in: hdc=0x3f01067c, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2cbe3b4 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0269.764] DrawTextExW (in: hdc=0x3f01067c, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cbe3b4 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0269.765] RestoreDC (hdc=0x3f01067c, nSavedDC=-1) returned 1
[0269.765] GdipReleaseDC (graphics=0x6600030, hdc=0x3f01067c) returned 0x0
[0269.765] GetFocus () returned 0x2c02d8
[0269.765] IsAppThemed () returned 0x1
[0269.765] GetThemeAppProperties () returned 0x3
[0269.765] GetThemeAppProperties () returned 0x3
[0269.765] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0269.765] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x3f01067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.765] GdipReleaseDC (graphics=0x6600030, hdc=0x3f01067c) returned 0x0
[0269.765] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.765] SelectObject (hdc=0x3f01067c, h=0x85000f) returned 0x4a0507fe
[0269.766] DeleteDC (hdc=0x3f01067c) returned 1
[0269.766] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.766] EndPaint (hWnd=0x2c02d8, lpPaint=0xd7e24c) returned 1
[0269.766] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0269.766] IsWindowUnicode (hWnd=0x2d00ea) returned 1
[0269.766] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.766] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0269.767] SetCursor (hCursor=0x10003) returned 0x10003
[0269.767] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.767] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.767] _TrackMouseEvent (in: lpEventTrack=0x2cbe4b0 | out: lpEventTrack=0x2cbe4b0) returned 1
[0269.767] SendMessageW (hWnd=0x2d00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0269.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0269.767] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0269.767] GetKeyState (nVirtKey=1) returned 0
[0269.767] GetKeyState (nVirtKey=2) returned 0
[0269.767] GetKeyState (nVirtKey=4) returned 0
[0269.767] GetKeyState (nVirtKey=5) returned 0
[0269.767] GetKeyState (nVirtKey=6) returned 0
[0269.767] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.768] IsWindowUnicode (hWnd=0x2d00ea) returned 1
[0269.768] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.768] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.768] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.768] BeginPaint (in: hWnd=0x2d00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0269.768] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.768] CreateCompatibleDC (hdc=0x10105d6) returned 0x4101067c
[0269.768] SelectObject (hdc=0x4101067c, h=0x4a0507fe) returned 0x85000f
[0269.768] GdipCreateFromHDC (hdc=0x4101067c, graphics=0xd7e268) returned 0x0
[0269.769] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.769] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0269.769] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0269.769] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0269.769] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0269.769] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.769] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0269.769] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.769] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0269.769] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0269.769] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0269.770] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0269.770] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0269.770] GdipRestoreGraphics (graphics=0x6600030, state=0xf73a0dbd) returned 0x0
[0269.770] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0269.770] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0269.770] GetCurrentObject (hdc=0x4101067c, type=0x1) returned 0xb00017
[0269.770] GetCurrentObject (hdc=0x4101067c, type=0x2) returned 0x900010
[0269.770] GetCurrentObject (hdc=0x4101067c, type=0x7) returned 0x4a0507fe
[0269.770] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.770] SaveDC (hdc=0x4101067c) returned 1
[0269.770] GetNearestColor (hdc=0x4101067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.770] GetNearestColor (hdc=0x4101067c, color=0xa0a0a0) returned 0xa0a0a0
[0269.770] GetNearestColor (hdc=0x4101067c, color=0x696969) returned 0x696969
[0269.770] GetNearestColor (hdc=0x4101067c, color=0xa0a0a0) returned 0xa0a0a0
[0269.771] GetNearestColor (hdc=0x4101067c, color=0x0) returned 0x0
[0269.771] GetNearestColor (hdc=0x4101067c, color=0xffffff) returned 0xffffff
[0269.771] GetNearestColor (hdc=0x4101067c, color=0xe5e5e5) returned 0xe5e5e5
[0269.771] GetNearestColor (hdc=0x4101067c, color=0xd7d7d7) returned 0xd7d7d7
[0269.771] GetNearestColor (hdc=0x4101067c, color=0x0) returned 0x0
[0269.771] RestoreDC (hdc=0x4101067c, nSavedDC=-1) returned 1
[0269.771] GdipReleaseDC (graphics=0x6600030, hdc=0x4101067c) returned 0x0
[0269.771] IsAppThemed () returned 0x1
[0269.771] GetThemeAppProperties () returned 0x3
[0269.771] GetThemeAppProperties () returned 0x3
[0269.771] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0269.771] SendMessageW (hWnd=0x1f02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0269.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0269.772] IsAppThemed () returned 0x1
[0269.772] GetThemeAppProperties () returned 0x3
[0269.772] GetThemeAppProperties () returned 0x3
[0269.772] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2cbec1c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0269.772] IsAppThemed () returned 0x1
[0269.772] GetThemeAppProperties () returned 0x3
[0269.772] GetThemeAppProperties () returned 0x3
[0269.772] IsAppThemed () returned 0x1
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] IsAppThemed () returned 0x1
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] IsAppThemed () returned 0x1
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] IsThemePartDefined () returned 0x1
[0269.773] IsAppThemed () returned 0x1
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0269.773] IsAppThemed () returned 0x1
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] IsAppThemed () returned 0x1
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] GetThemeAppProperties () returned 0x3
[0269.773] IsThemePartDefined () returned 0x1
[0269.773] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0269.773] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0269.774] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0269.774] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0269.774] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfe4) returned 0x0
[0269.774] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.774] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0269.774] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.774] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.774] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0269.774] LocalFree (hMem=0x11eec58) returned 0x0
[0269.774] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0269.774] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0269.774] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0269.774] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0269.774] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0269.774] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0269.774] GetCurrentObject (hdc=0x4101067c, type=0x1) returned 0xb00017
[0269.774] GetCurrentObject (hdc=0x4101067c, type=0x2) returned 0x900010
[0269.775] GetCurrentObject (hdc=0x4101067c, type=0x7) returned 0x4a0507fe
[0269.775] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.775] SaveDC (hdc=0x4101067c) returned 1
[0269.775] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe3040807
[0269.775] GetClipRgn (hdc=0x4101067c, hrgn=0xe3040807) returned 0
[0269.775] SelectClipRgn (hdc=0x4101067c, hrgn=0x790407de) returned 2
[0269.775] DeleteObject (ho=0xe3040807) returned 1
[0269.775] DeleteObject (ho=0x790407de) returned 1
[0269.775] OffsetViewportOrgEx (in: hdc=0x4101067c, x=0, y=0, lppt=0x2cbf2cc | out: lppt=0x2cbf2cc) returned 1
[0269.775] DrawThemeParentBackground () returned 0x0
[0269.775] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0269.775] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0269.775] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.775] GetSystemMetrics (nIndex=42) returned 0
[0269.775] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0269.776] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0269.776] GetCurrentObject (hdc=0x4101067c, type=0x1) returned 0xb00017
[0269.776] GetCurrentObject (hdc=0x4101067c, type=0x2) returned 0x900010
[0269.776] GetCurrentObject (hdc=0x4101067c, type=0x7) returned 0x4a0507fe
[0269.776] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.776] SaveDC (hdc=0x4101067c) returned 2
[0269.776] GetNearestColor (hdc=0x4101067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.776] CreateSolidBrush (color=0xf0f0f0) returned 0xf01007e1
[0269.776] FillRect (hDC=0x4101067c, lprc=0xd7da30, hbr=0xf01007e1) returned 1
[0269.776] DeleteObject (ho=0xf01007e1) returned 1
[0269.776] RestoreDC (hdc=0x4101067c, nSavedDC=-1) returned 1
[0269.776] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.776] GetSystemMetrics (nIndex=42) returned 0
[0269.776] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0269.776] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0269.776] GetCurrentObject (hdc=0x4101067c, type=0x1) returned 0xb00017
[0269.777] GetCurrentObject (hdc=0x4101067c, type=0x2) returned 0x900010
[0269.777] GetCurrentObject (hdc=0x4101067c, type=0x7) returned 0x4a0507fe
[0269.777] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.777] SaveDC (hdc=0x4101067c) returned 2
[0269.777] GetNearestColor (hdc=0x4101067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.777] CreateSolidBrush (color=0xf0f0f0) returned 0xf11007e1
[0269.777] FillRect (hDC=0x4101067c, lprc=0xd7d9d0, hbr=0xf11007e1) returned 1
[0269.777] DeleteObject (ho=0xf11007e1) returned 1
[0269.777] RestoreDC (hdc=0x4101067c, nSavedDC=-1) returned 1
[0269.777] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.777] GetSystemMetrics (nIndex=42) returned 0
[0269.777] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0269.777] RestoreDC (hdc=0x4101067c, nSavedDC=-1) returned 1
[0269.778] GdipReleaseDC (graphics=0x6600030, hdc=0x4101067c) returned 0x0
[0269.778] IsAppThemed () returned 0x1
[0269.778] GetThemeAppProperties () returned 0x3
[0269.778] GetThemeAppProperties () returned 0x3
[0269.778] IsAppThemed () returned 0x1
[0269.778] GetThemeAppProperties () returned 0x3
[0269.778] GetThemeAppProperties () returned 0x3
[0269.778] IsThemePartDefined () returned 0x1
[0269.778] GdipCreateRegion (region=0xd7df50) returned 0x0
[0269.778] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0269.778] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0269.786] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0269.786] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df68) returned 0x0
[0269.786] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.786] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0269.787] LocalFree (hMem=0x11eec58) returned 0x0
[0269.787] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.787] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0269.787] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.787] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0269.787] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0269.787] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7df80) returned 0x0
[0269.787] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0269.787] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0269.787] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0269.787] GetCurrentObject (hdc=0x4101067c, type=0x1) returned 0xb00017
[0269.787] GetCurrentObject (hdc=0x4101067c, type=0x2) returned 0x900010
[0269.787] GetCurrentObject (hdc=0x4101067c, type=0x7) returned 0x4a0507fe
[0269.787] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.787] SaveDC (hdc=0x4101067c) returned 1
[0269.787] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7a0407de
[0269.787] GetClipRgn (hdc=0x4101067c, hrgn=0x7a0407de) returned 0
[0269.788] SelectClipRgn (hdc=0x4101067c, hrgn=0xe5040807) returned 2
[0269.788] DeleteObject (ho=0x7a0407de) returned 1
[0269.788] DeleteObject (ho=0xe5040807) returned 1
[0269.788] OffsetViewportOrgEx (in: hdc=0x4101067c, x=0, y=0, lppt=0x2cbfb78 | out: lppt=0x2cbfb78) returned 1
[0269.788] IsAppThemed () returned 0x1
[0269.788] GetThemeAppProperties () returned 0x3
[0269.788] GetThemeAppProperties () returned 0x3
[0269.788] DrawThemeBackground () returned 0x0
[0269.788] RestoreDC (hdc=0x4101067c, nSavedDC=-1) returned 1
[0269.788] GdipReleaseDC (graphics=0x6600030, hdc=0x4101067c) returned 0x0
[0269.788] GdipCreateRegion (region=0xd7df54) returned 0x0
[0269.788] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0269.788] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0269.788] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0269.788] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df6c) returned 0x0
[0269.788] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0269.788] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea60) returned 0x0
[0269.789] LocalFree (hMem=0x11eea60) returned 0x0
[0269.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.789] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0269.789] LocalFree (hMem=0x11ee868) returned 0x0
[0269.789] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0269.789] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0269.789] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0269.789] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0269.789] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0269.789] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0269.789] GetCurrentObject (hdc=0x4101067c, type=0x1) returned 0xb00017
[0269.789] GetCurrentObject (hdc=0x4101067c, type=0x2) returned 0x900010
[0269.789] GetCurrentObject (hdc=0x4101067c, type=0x7) returned 0x4a0507fe
[0269.789] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.789] SaveDC (hdc=0x4101067c) returned 1
[0269.789] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe6040807
[0269.789] GetClipRgn (hdc=0x4101067c, hrgn=0xe6040807) returned 0
[0269.789] SelectClipRgn (hdc=0x4101067c, hrgn=0x7b0407de) returned 2
[0269.790] DeleteObject (ho=0xe6040807) returned 1
[0269.790] DeleteObject (ho=0x7b0407de) returned 1
[0269.790] OffsetViewportOrgEx (in: hdc=0x4101067c, x=0, y=0, lppt=0x2cbfe4c | out: lppt=0x2cbfe4c) returned 1
[0269.790] IsAppThemed () returned 0x1
[0269.790] GetThemeAppProperties () returned 0x3
[0269.790] GetThemeAppProperties () returned 0x3
[0269.790] GetThemeBackgroundContentRect () returned 0x0
[0269.790] RestoreDC (hdc=0x4101067c, nSavedDC=-1) returned 1
[0269.790] GdipReleaseDC (graphics=0x6600030, hdc=0x4101067c) returned 0x0
[0269.790] IsAppThemed () returned 0x1
[0269.790] GetThemeAppProperties () returned 0x3
[0269.790] GetThemeAppProperties () returned 0x3
[0269.790] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0269.790] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0269.790] GetCurrentObject (hdc=0x4101067c, type=0x1) returned 0xb00017
[0269.790] GetCurrentObject (hdc=0x4101067c, type=0x2) returned 0x900010
[0269.791] GetCurrentObject (hdc=0x4101067c, type=0x7) returned 0x4a0507fe
[0269.791] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.791] SaveDC (hdc=0x4101067c) returned 1
[0269.791] GetTextAlign (hdc=0x4101067c) returned 0x0
[0269.791] GetTextColor (hdc=0x4101067c) returned 0x0
[0269.791] GetCurrentObject (hdc=0x4101067c, type=0x6) returned 0x8a01c2
[0269.791] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0269.791] SelectObject (hdc=0x4101067c, h=0x6d0a0520) returned 0x8a01c2
[0269.791] GetBkMode (hdc=0x4101067c) returned 2
[0269.791] SetBkMode (hdc=0x4101067c, mode=1) returned 2
[0269.791] DrawTextExW (in: hdc=0x4101067c, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2cc01ec | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0269.792] DrawTextExW (in: hdc=0x4101067c, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2cc01ec | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0269.792] RestoreDC (hdc=0x4101067c, nSavedDC=-1) returned 1
[0269.792] GdipReleaseDC (graphics=0x6600030, hdc=0x4101067c) returned 0x0
[0269.792] GetFocus () returned 0x2c02d8
[0269.792] IsAppThemed () returned 0x1
[0269.792] GetThemeAppProperties () returned 0x3
[0269.792] GetThemeAppProperties () returned 0x3
[0269.792] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0269.793] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x4101067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.793] GdipReleaseDC (graphics=0x6600030, hdc=0x4101067c) returned 0x0
[0269.793] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.793] SelectObject (hdc=0x4101067c, h=0x85000f) returned 0x4a0507fe
[0269.793] DeleteDC (hdc=0x4101067c) returned 1
[0269.793] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.793] EndPaint (hWnd=0x2d00ea, lpPaint=0xd7e24c) returned 1
[0269.794] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.794] IsWindowUnicode (hWnd=0x2a02dc) returned 1
[0269.794] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.794] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.794] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.794] BeginPaint (in: hWnd=0x2a02dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0269.794] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.794] CreateCompatibleDC (hdc=0xc0107c5) returned 0x4301067c
[0269.795] SelectObject (hdc=0x4301067c, h=0x4a0507fe) returned 0x85000f
[0269.795] GdipCreateFromHDC (hdc=0x4301067c, graphics=0xd7e268) returned 0x0
[0269.795] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.795] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0269.795] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0269.795] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0269.795] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e2c8) returned 0x0
[0269.795] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0269.795] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee8d8) returned 0x0
[0269.795] LocalFree (hMem=0x11ee8d8) returned 0x0
[0269.795] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0269.795] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0269.795] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0269.796] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0269.796] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0269.796] GdipRestoreGraphics (graphics=0x6600030, state=0xf7380dbd) returned 0x0
[0269.796] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0269.796] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0269.796] GetCurrentObject (hdc=0x4301067c, type=0x1) returned 0xb00017
[0269.796] GetCurrentObject (hdc=0x4301067c, type=0x2) returned 0x900010
[0269.796] GetCurrentObject (hdc=0x4301067c, type=0x7) returned 0x4a0507fe
[0269.796] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.796] SaveDC (hdc=0x4301067c) returned 1
[0269.796] GetNearestColor (hdc=0x4301067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.796] GetNearestColor (hdc=0x4301067c, color=0xa0a0a0) returned 0xa0a0a0
[0269.796] GetNearestColor (hdc=0x4301067c, color=0x696969) returned 0x696969
[0269.796] GetNearestColor (hdc=0x4301067c, color=0xa0a0a0) returned 0xa0a0a0
[0269.796] GetNearestColor (hdc=0x4301067c, color=0x0) returned 0x0
[0269.796] GetNearestColor (hdc=0x4301067c, color=0xffffff) returned 0xffffff
[0269.796] GetNearestColor (hdc=0x4301067c, color=0xe5e5e5) returned 0xe5e5e5
[0269.797] GetNearestColor (hdc=0x4301067c, color=0xd7d7d7) returned 0xd7d7d7
[0269.797] GetNearestColor (hdc=0x4301067c, color=0x0) returned 0x0
[0269.797] RestoreDC (hdc=0x4301067c, nSavedDC=-1) returned 1
[0269.797] GdipReleaseDC (graphics=0x6600030, hdc=0x4301067c) returned 0x0
[0269.797] IsAppThemed () returned 0x1
[0269.797] GetThemeAppProperties () returned 0x3
[0269.797] GetThemeAppProperties () returned 0x3
[0269.797] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0269.797] SendMessageW (hWnd=0x1f02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0269.797] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0269.797] IsAppThemed () returned 0x1
[0269.797] GetThemeAppProperties () returned 0x3
[0269.797] GetThemeAppProperties () returned 0x3
[0269.798] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2cc09fc | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0269.798] IsAppThemed () returned 0x1
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] IsAppThemed () returned 0x1
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] GetFocus () returned 0x2c02d8
[0269.798] IsAppThemed () returned 0x1
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] IsAppThemed () returned 0x1
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] GetThemeAppProperties () returned 0x3
[0269.798] IsThemePartDefined () returned 0x1
[0269.798] IsAppThemed () returned 0x1
[0269.799] GetThemeAppProperties () returned 0x3
[0269.799] GetThemeAppProperties () returned 0x3
[0269.799] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0269.799] IsAppThemed () returned 0x1
[0269.799] GetThemeAppProperties () returned 0x3
[0269.799] GetThemeAppProperties () returned 0x3
[0269.799] IsAppThemed () returned 0x1
[0269.799] GetThemeAppProperties () returned 0x3
[0269.799] GetThemeAppProperties () returned 0x3
[0269.799] IsThemePartDefined () returned 0x1
[0269.799] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0269.799] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0269.799] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0269.799] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0269.799] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dff0) returned 0x0
[0269.799] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0269.799] LocalFree (hMem=0x11eec58) returned 0x0
[0269.799] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0269.799] LocalFree (hMem=0x11ee868) returned 0x0
[0269.800] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0269.800] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e018) returned 0x0
[0269.800] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e008) returned 0x0
[0269.800] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0269.800] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0269.800] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0269.800] GetCurrentObject (hdc=0x4301067c, type=0x1) returned 0xb00017
[0269.800] GetCurrentObject (hdc=0x4301067c, type=0x2) returned 0x900010
[0269.800] GetCurrentObject (hdc=0x4301067c, type=0x7) returned 0x4a0507fe
[0269.800] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.800] SaveDC (hdc=0x4301067c) returned 1
[0269.800] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c0407de
[0269.800] GetClipRgn (hdc=0x4301067c, hrgn=0x7c0407de) returned 0
[0269.800] SelectClipRgn (hdc=0x4301067c, hrgn=0xea040807) returned 2
[0269.800] DeleteObject (ho=0x7c0407de) returned 1
[0269.800] DeleteObject (ho=0xea040807) returned 1
[0269.801] OffsetViewportOrgEx (in: hdc=0x4301067c, x=0, y=0, lppt=0x2cc10ac | out: lppt=0x2cc10ac) returned 1
[0269.801] DrawThemeParentBackground () returned 0x0
[0269.801] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0269.801] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0269.801] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.801] GetSystemMetrics (nIndex=42) returned 0
[0269.801] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.801] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0269.801] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0269.801] GetCurrentObject (hdc=0x4301067c, type=0x1) returned 0xb00017
[0269.801] GetCurrentObject (hdc=0x4301067c, type=0x2) returned 0x900010
[0269.801] GetCurrentObject (hdc=0x4301067c, type=0x7) returned 0x4a0507fe
[0269.801] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.801] SaveDC (hdc=0x4301067c) returned 2
[0269.802] GetNearestColor (hdc=0x4301067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.802] CreateSolidBrush (color=0xf0f0f0) returned 0xf21007e1
[0269.802] FillRect (hDC=0x4301067c, lprc=0xd7da38, hbr=0xf21007e1) returned 1
[0269.802] DeleteObject (ho=0xf21007e1) returned 1
[0269.802] RestoreDC (hdc=0x4301067c, nSavedDC=-1) returned 1
[0269.802] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.802] GetSystemMetrics (nIndex=42) returned 0
[0269.802] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0269.802] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0269.802] GetCurrentObject (hdc=0x4301067c, type=0x1) returned 0xb00017
[0269.802] GetCurrentObject (hdc=0x4301067c, type=0x2) returned 0x900010
[0269.802] GetCurrentObject (hdc=0x4301067c, type=0x7) returned 0x4a0507fe
[0269.802] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.802] SaveDC (hdc=0x4301067c) returned 2
[0269.803] GetNearestColor (hdc=0x4301067c, color=0xf0f0f0) returned 0xf0f0f0
[0269.803] CreateSolidBrush (color=0xf0f0f0) returned 0xf31007e1
[0269.803] FillRect (hDC=0x4301067c, lprc=0xd7d9d8, hbr=0xf31007e1) returned 1
[0269.803] DeleteObject (ho=0xf31007e1) returned 1
[0269.803] RestoreDC (hdc=0x4301067c, nSavedDC=-1) returned 1
[0269.803] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.803] GetSystemMetrics (nIndex=42) returned 0
[0269.803] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0269.803] RestoreDC (hdc=0x4301067c, nSavedDC=-1) returned 1
[0269.803] GdipReleaseDC (graphics=0x6600030, hdc=0x4301067c) returned 0x0
[0269.803] IsAppThemed () returned 0x1
[0269.804] GetThemeAppProperties () returned 0x3
[0269.804] GetThemeAppProperties () returned 0x3
[0269.804] IsAppThemed () returned 0x1
[0269.804] GetThemeAppProperties () returned 0x3
[0269.804] GetThemeAppProperties () returned 0x3
[0269.804] IsThemePartDefined () returned 0x1
[0269.804] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0269.804] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0269.804] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0269.804] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0269.804] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0269.804] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.804] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0269.804] LocalFree (hMem=0x11eec58) returned 0x0
[0269.804] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.804] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0269.804] LocalFree (hMem=0x11eec58) returned 0x0
[0269.804] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0269.804] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0269.804] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0269.805] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0269.805] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0269.805] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0269.805] GetCurrentObject (hdc=0x4301067c, type=0x1) returned 0xb00017
[0269.805] GetCurrentObject (hdc=0x4301067c, type=0x2) returned 0x900010
[0269.805] GetCurrentObject (hdc=0x4301067c, type=0x7) returned 0x4a0507fe
[0269.805] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.805] SaveDC (hdc=0x4301067c) returned 1
[0269.805] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xeb040807
[0269.805] GetClipRgn (hdc=0x4301067c, hrgn=0xeb040807) returned 0
[0269.805] SelectClipRgn (hdc=0x4301067c, hrgn=0x7e0407de) returned 2
[0269.805] DeleteObject (ho=0xeb040807) returned 1
[0269.805] DeleteObject (ho=0x7e0407de) returned 1
[0269.805] OffsetViewportOrgEx (in: hdc=0x4301067c, x=0, y=0, lppt=0x2cc1958 | out: lppt=0x2cc1958) returned 1
[0269.805] IsAppThemed () returned 0x1
[0269.805] GetThemeAppProperties () returned 0x3
[0269.806] GetThemeAppProperties () returned 0x3
[0269.806] DrawThemeBackground () returned 0x0
[0269.806] RestoreDC (hdc=0x4301067c, nSavedDC=-1) returned 1
[0269.806] GdipReleaseDC (graphics=0x6600030, hdc=0x4301067c) returned 0x0
[0269.806] GdipCreateRegion (region=0xd7df60) returned 0x0
[0269.806] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0269.806] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0269.806] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0269.806] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0269.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.806] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0269.806] LocalFree (hMem=0x11ee868) returned 0x0
[0269.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.806] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0269.806] LocalFree (hMem=0x11eec58) returned 0x0
[0269.806] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0269.806] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0269.806] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0269.807] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0269.807] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0269.807] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0269.807] GetCurrentObject (hdc=0x4301067c, type=0x1) returned 0xb00017
[0269.807] GetCurrentObject (hdc=0x4301067c, type=0x2) returned 0x900010
[0269.807] GetCurrentObject (hdc=0x4301067c, type=0x7) returned 0x4a0507fe
[0269.807] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.807] SaveDC (hdc=0x4301067c) returned 1
[0269.807] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7f0407de
[0269.807] GetClipRgn (hdc=0x4301067c, hrgn=0x7f0407de) returned 0
[0269.807] SelectClipRgn (hdc=0x4301067c, hrgn=0xec040807) returned 2
[0269.807] DeleteObject (ho=0x7f0407de) returned 1
[0269.807] DeleteObject (ho=0xec040807) returned 1
[0269.807] OffsetViewportOrgEx (in: hdc=0x4301067c, x=0, y=0, lppt=0x2cc1c2c | out: lppt=0x2cc1c2c) returned 1
[0269.807] IsAppThemed () returned 0x1
[0269.808] GetThemeAppProperties () returned 0x3
[0269.808] GetThemeAppProperties () returned 0x3
[0269.808] GetThemeBackgroundContentRect () returned 0x0
[0269.808] RestoreDC (hdc=0x4301067c, nSavedDC=-1) returned 1
[0269.808] GdipReleaseDC (graphics=0x6600030, hdc=0x4301067c) returned 0x0
[0269.808] IsAppThemed () returned 0x1
[0269.808] GetThemeAppProperties () returned 0x3
[0269.808] GetThemeAppProperties () returned 0x3
[0269.808] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0269.808] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0269.808] GetCurrentObject (hdc=0x4301067c, type=0x1) returned 0xb00017
[0269.808] GetCurrentObject (hdc=0x4301067c, type=0x2) returned 0x900010
[0269.808] GetCurrentObject (hdc=0x4301067c, type=0x7) returned 0x4a0507fe
[0269.808] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.808] SaveDC (hdc=0x4301067c) returned 1
[0269.808] GetTextAlign (hdc=0x4301067c) returned 0x0
[0269.808] GetTextColor (hdc=0x4301067c) returned 0x0
[0269.808] GetCurrentObject (hdc=0x4301067c, type=0x6) returned 0x8a01c2
[0269.809] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0269.809] SelectObject (hdc=0x4301067c, h=0x6d0a0520) returned 0x8a01c2
[0269.809] GetBkMode (hdc=0x4301067c) returned 2
[0269.809] SetBkMode (hdc=0x4301067c, mode=1) returned 2
[0269.809] DrawTextExW (in: hdc=0x4301067c, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2cc1fcc | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0269.809] DrawTextExW (in: hdc=0x4301067c, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cc1fcc | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0269.845] RestoreDC (hdc=0x4301067c, nSavedDC=-1) returned 1
[0269.846] GdipReleaseDC (graphics=0x6600030, hdc=0x4301067c) returned 0x0
[0269.846] GetFocus () returned 0x2c02d8
[0269.846] IsAppThemed () returned 0x1
[0269.846] GetThemeAppProperties () returned 0x3
[0269.846] GetThemeAppProperties () returned 0x3
[0269.846] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0269.846] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x4301067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.846] GdipReleaseDC (graphics=0x6600030, hdc=0x4301067c) returned 0x0
[0269.846] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.846] SelectObject (hdc=0x4301067c, h=0x85000f) returned 0x4a0507fe
[0269.846] DeleteDC (hdc=0x4301067c) returned 1
[0269.846] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.847] EndPaint (hWnd=0x2a02dc, lpPaint=0xd7e24c) returned 1
[0269.847] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0269.847] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.848] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0269.848] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.848] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.849] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0269.850] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.850] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.850] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.850] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.850] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.851] IsWindowUnicode (hWnd=0x602c4) returned 1
[0269.851] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.851] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.851] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.851] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0269.851] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.851] CreateCompatibleDC (hdc=0x60100ce) returned 0x4501067c
[0269.851] SelectObject (hdc=0x4501067c, h=0x4a0507fe) returned 0x85000f
[0269.851] GdipCreateFromHDC (hdc=0x4501067c, graphics=0xd7e268) returned 0x0
[0269.852] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.852] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0269.852] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0269.852] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0269.852] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0269.852] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.852] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0269.852] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.852] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0269.852] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0269.852] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0269.852] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0269.852] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0269.852] GdipRestoreGraphics (graphics=0x6600030, state=0xf7360dbd) returned 0x0
[0269.852] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0269.853] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0269.853] GetCurrentObject (hdc=0x4501067c, type=0x1) returned 0xb00017
[0269.853] GetCurrentObject (hdc=0x4501067c, type=0x2) returned 0x900010
[0269.853] GetCurrentObject (hdc=0x4501067c, type=0x7) returned 0x4a0507fe
[0269.853] GetCurrentObject (hdc=0x4501067c, type=0x6) returned 0x8a01c2
[0269.853] SaveDC (hdc=0x4501067c) returned 1
[0269.853] GetNearestColor (hdc=0x4501067c, color=0xff) returned 0xff
[0269.853] GetNearestColor (hdc=0x4501067c, color=0x55) returned 0x55
[0269.853] GetNearestColor (hdc=0x4501067c, color=0x0) returned 0x0
[0269.853] GetNearestColor (hdc=0x4501067c, color=0x55) returned 0x55
[0269.853] GetNearestColor (hdc=0x4501067c, color=0x0) returned 0x0
[0269.853] GetNearestColor (hdc=0x4501067c, color=0x8080ff) returned 0x8080ff
[0269.853] GetNearestColor (hdc=0x4501067c, color=0x7373e5) returned 0x7373e5
[0269.854] GetNearestColor (hdc=0x4501067c, color=0xe5) returned 0xe5
[0269.854] GetNearestColor (hdc=0x4501067c, color=0x0) returned 0x0
[0269.854] RestoreDC (hdc=0x4501067c, nSavedDC=-1) returned 1
[0269.854] GdipReleaseDC (graphics=0x6600030, hdc=0x4501067c) returned 0x0
[0269.854] IsAppThemed () returned 0x1
[0269.854] GetThemeAppProperties () returned 0x3
[0269.854] GetThemeAppProperties () returned 0x3
[0269.854] IsAppThemed () returned 0x1
[0269.854] GetThemeAppProperties () returned 0x3
[0269.854] GetThemeAppProperties () returned 0x3
[0269.854] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2cc2794 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0269.854] IsAppThemed () returned 0x1
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] IsAppThemed () returned 0x1
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] GetFocus () returned 0x2c02d8
[0269.855] IsAppThemed () returned 0x1
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] IsAppThemed () returned 0x1
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] IsThemePartDefined () returned 0x1
[0269.855] IsAppThemed () returned 0x1
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0269.855] IsAppThemed () returned 0x1
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] GetThemeAppProperties () returned 0x3
[0269.855] IsAppThemed () returned 0x1
[0269.856] GetThemeAppProperties () returned 0x3
[0269.856] GetThemeAppProperties () returned 0x3
[0269.856] IsThemePartDefined () returned 0x1
[0269.856] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0269.856] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0269.856] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0269.856] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0269.856] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0269.856] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.856] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0269.856] LocalFree (hMem=0x11eec58) returned 0x0
[0269.856] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.856] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0269.856] LocalFree (hMem=0x11ee868) returned 0x0
[0269.857] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0269.857] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e018) returned 0x0
[0269.857] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e008) returned 0x0
[0269.857] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0269.857] GdipDeleteRegion (region=0x6646448) returned 0x0
[0269.857] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0269.857] GetCurrentObject (hdc=0x4501067c, type=0x1) returned 0xb00017
[0269.857] GetCurrentObject (hdc=0x4501067c, type=0x2) returned 0x900010
[0269.857] GetCurrentObject (hdc=0x4501067c, type=0x7) returned 0x4a0507fe
[0269.857] GetCurrentObject (hdc=0x4501067c, type=0x6) returned 0x8a01c2
[0269.857] SaveDC (hdc=0x4501067c) returned 1
[0269.857] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xed040807
[0269.857] GetClipRgn (hdc=0x4501067c, hrgn=0xed040807) returned 0
[0269.857] SelectClipRgn (hdc=0x4501067c, hrgn=0x830407de) returned 2
[0269.857] DeleteObject (ho=0xed040807) returned 1
[0269.857] DeleteObject (ho=0x830407de) returned 1
[0269.858] OffsetViewportOrgEx (in: hdc=0x4501067c, x=0, y=0, lppt=0x2cc2e44 | out: lppt=0x2cc2e44) returned 1
[0269.858] DrawThemeParentBackground () returned 0x0
[0269.858] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0269.858] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0269.858] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.858] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.858] GetSystemMetrics (nIndex=42) returned 0
[0269.858] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.858] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0269.858] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0269.858] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0269.858] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0269.858] SelectPalette (hdc=0x4501067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.858] GdipCreateFromHDC (hdc=0x4501067c, graphics=0xd7dac8) returned 0x0
[0269.859] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0269.859] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0269.859] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638b48) returned 0x0
[0269.859] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7daa0) returned 0x0
[0269.859] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0269.859] GdipCreateRegion (region=0xd7da88) returned 0x0
[0269.859] GdipGetClip (graphics=0x6635e20, region=0x6646cb8) returned 0x0
[0269.859] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6635e20, result=0xd7da94) returned 0x0
[0269.859] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0269.859] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dac0) returned 0x0
[0269.859] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0269.866] GdipFillRectangleI (graphics=0x6635e20, brush=0x66351e8, x=0, y=0, width=801, height=453) returned 0x0
[0269.866] GdipDeleteBrush (brush=0x66351e8) returned 0x0
[0269.868] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0269.868] SelectPalette (hdc=0x4501067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.868] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.868] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.868] GetSystemMetrics (nIndex=42) returned 0
[0269.869] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0269.869] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0269.869] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0269.869] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0269.869] SelectPalette (hdc=0x4501067c, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.869] GdipCreateFromHDC (hdc=0x4501067c, graphics=0xd7da68) returned 0x0
[0269.869] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0269.869] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0269.869] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638a28) returned 0x0
[0269.869] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7da40) returned 0x0
[0269.869] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0269.869] GdipCreateRegion (region=0xd7da28) returned 0x0
[0269.869] GdipGetClip (graphics=0x6635e20, region=0x66469e8) returned 0x0
[0269.869] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6635e20, result=0xd7da34) returned 0x0
[0269.870] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0269.870] GdipSaveGraphics (graphics=0x6635e20, state=0xd7da60) returned 0x0
[0269.870] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0269.881] GdipFillRectangleI (graphics=0x6635e20, brush=0x66351e8, x=0, y=0, width=801, height=453) returned 0x0
[0269.881] GdipDeleteBrush (brush=0x66351e8) returned 0x0
[0269.883] GdipRestoreGraphics (graphics=0x6635e20, state=0xf7320dbd) returned 0x0
[0269.883] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0269.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.883] GetSystemMetrics (nIndex=42) returned 0
[0269.883] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0269.883] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0269.883] SelectPalette (hdc=0x4501067c, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.883] RestoreDC (hdc=0x4501067c, nSavedDC=-1) returned 1
[0269.883] GdipReleaseDC (graphics=0x6600030, hdc=0x4501067c) returned 0x0
[0269.883] IsAppThemed () returned 0x1
[0269.883] GetThemeAppProperties () returned 0x3
[0269.884] GetThemeAppProperties () returned 0x3
[0269.884] IsAppThemed () returned 0x1
[0269.884] GetThemeAppProperties () returned 0x3
[0269.884] GetThemeAppProperties () returned 0x3
[0269.884] IsThemePartDefined () returned 0x1
[0269.884] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0269.884] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0269.884] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0269.884] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0269.884] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0269.884] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.884] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0269.884] LocalFree (hMem=0x11eec58) returned 0x0
[0269.884] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0269.884] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eead0) returned 0x0
[0269.884] LocalFree (hMem=0x11eead0) returned 0x0
[0269.884] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0269.884] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0269.884] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0269.885] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0269.885] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0269.885] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0269.885] GetCurrentObject (hdc=0x4501067c, type=0x1) returned 0xb00017
[0269.885] GetCurrentObject (hdc=0x4501067c, type=0x2) returned 0x900010
[0269.885] GetCurrentObject (hdc=0x4501067c, type=0x7) returned 0x4a0507fe
[0269.885] GetCurrentObject (hdc=0x4501067c, type=0x6) returned 0x8a01c2
[0269.885] SaveDC (hdc=0x4501067c) returned 1
[0269.885] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x840407de
[0269.885] GetClipRgn (hdc=0x4501067c, hrgn=0x840407de) returned 0
[0269.885] SelectClipRgn (hdc=0x4501067c, hrgn=0xef040807) returned 2
[0269.885] DeleteObject (ho=0x840407de) returned 1
[0269.885] DeleteObject (ho=0xef040807) returned 1
[0269.885] OffsetViewportOrgEx (in: hdc=0x4501067c, x=0, y=0, lppt=0x2cc9694 | out: lppt=0x2cc9694) returned 1
[0269.885] IsAppThemed () returned 0x1
[0269.885] GetThemeAppProperties () returned 0x3
[0269.885] GetThemeAppProperties () returned 0x3
[0269.886] DrawThemeBackground () returned 0x0
[0269.886] RestoreDC (hdc=0x4501067c, nSavedDC=-1) returned 1
[0269.886] GdipReleaseDC (graphics=0x6600030, hdc=0x4501067c) returned 0x0
[0269.886] GdipCreateRegion (region=0xd7df60) returned 0x0
[0269.886] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0269.886] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0269.886] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0269.886] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0269.886] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.886] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0269.886] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.886] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0269.886] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0269.886] LocalFree (hMem=0x11ee868) returned 0x0
[0269.886] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0269.886] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0269.886] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df90) returned 0x0
[0269.886] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0269.887] GdipDeleteRegion (region=0x6646328) returned 0x0
[0269.887] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0269.887] GetCurrentObject (hdc=0x4501067c, type=0x1) returned 0xb00017
[0269.887] GetCurrentObject (hdc=0x4501067c, type=0x2) returned 0x900010
[0269.887] GetCurrentObject (hdc=0x4501067c, type=0x7) returned 0x4a0507fe
[0269.887] GetCurrentObject (hdc=0x4501067c, type=0x6) returned 0x8a01c2
[0269.887] SaveDC (hdc=0x4501067c) returned 1
[0269.887] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf0040807
[0269.887] GetClipRgn (hdc=0x4501067c, hrgn=0xf0040807) returned 0
[0269.887] SelectClipRgn (hdc=0x4501067c, hrgn=0x850407de) returned 2
[0269.887] DeleteObject (ho=0xf0040807) returned 1
[0269.887] DeleteObject (ho=0x850407de) returned 1
[0269.887] OffsetViewportOrgEx (in: hdc=0x4501067c, x=0, y=0, lppt=0x2cc9968 | out: lppt=0x2cc9968) returned 1
[0269.887] IsAppThemed () returned 0x1
[0269.887] GetThemeAppProperties () returned 0x3
[0269.887] GetThemeAppProperties () returned 0x3
[0269.887] GetThemeBackgroundContentRect () returned 0x0
[0269.892] RestoreDC (hdc=0x4501067c, nSavedDC=-1) returned 1
[0269.892] GdipReleaseDC (graphics=0x6600030, hdc=0x4501067c) returned 0x0
[0269.892] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0269.892] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0269.892] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0269.892] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0269.892] IsAppThemed () returned 0x1
[0269.893] GetThemeAppProperties () returned 0x3
[0269.893] GetThemeAppProperties () returned 0x3
[0269.893] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0269.893] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0269.893] GetCurrentObject (hdc=0x4501067c, type=0x1) returned 0xb00017
[0269.893] GetCurrentObject (hdc=0x4501067c, type=0x2) returned 0x900010
[0269.893] GetCurrentObject (hdc=0x4501067c, type=0x7) returned 0x4a0507fe
[0269.893] GetCurrentObject (hdc=0x4501067c, type=0x6) returned 0x8a01c2
[0269.893] SaveDC (hdc=0x4501067c) returned 1
[0269.893] GetTextAlign (hdc=0x4501067c) returned 0x0
[0269.893] GetTextColor (hdc=0x4501067c) returned 0x0
[0269.893] GetCurrentObject (hdc=0x4501067c, type=0x6) returned 0x8a01c2
[0269.893] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0269.893] SelectObject (hdc=0x4501067c, h=0x6d0a0520) returned 0x8a01c2
[0269.893] GetBkMode (hdc=0x4501067c) returned 2
[0269.894] SetBkMode (hdc=0x4501067c, mode=1) returned 2
[0269.894] DrawTextExW (in: hdc=0x4501067c, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2cc9d2c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0269.894] DrawTextExW (in: hdc=0x4501067c, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cc9d2c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0269.894] RestoreDC (hdc=0x4501067c, nSavedDC=-1) returned 1
[0269.894] GdipReleaseDC (graphics=0x6600030, hdc=0x4501067c) returned 0x0
[0269.894] GetFocus () returned 0x2c02d8
[0269.895] IsAppThemed () returned 0x1
[0269.895] GetThemeAppProperties () returned 0x3
[0269.895] GetThemeAppProperties () returned 0x3
[0269.895] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0269.895] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x4501067c, x1=0, y1=0, rop=0xcc0020) returned 1
[0269.895] GdipReleaseDC (graphics=0x6600030, hdc=0x4501067c) returned 0x0
[0269.895] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0269.895] SelectObject (hdc=0x4501067c, h=0x85000f) returned 0x4a0507fe
[0269.895] DeleteDC (hdc=0x4501067c) returned 1
[0269.895] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0269.895] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0269.896] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.896] IsWindowUnicode (hWnd=0x2d00ea) returned 1
[0269.896] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.896] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.896] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.896] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.896] IsWindowUnicode (hWnd=0x2d00ea) returned 1
[0269.896] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.896] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.896] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.896] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x2a1, wParam=0x0, lParam=0x40046) returned 0x0
[0269.896] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.896] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.896] WaitMessage () returned 1
[0269.909] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.909] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.909] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.909] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.909] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.910] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.910] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.910] WaitMessage () returned 1
[0269.911] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.911] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.911] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.911] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.911] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.912] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.912] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.912] WaitMessage () returned 1
[0269.912] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.912] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.912] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.912] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.912] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.914] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.914] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.914] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.914] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.914] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.914] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.915] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.915] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.915] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.915] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.915] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.915] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.915] WaitMessage () returned 1
[0269.916] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.916] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.916] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.916] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.916] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.917] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.917] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.917] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.917] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.917] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.917] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.918] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.918] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.918] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.918] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.918] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.918] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.918] WaitMessage () returned 1
[0269.919] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.919] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.919] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.922] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.922] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.923] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.924] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.924] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.924] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.924] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.924] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.924] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.924] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.924] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.924] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.925] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.925] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.925] WaitMessage () returned 1
[0269.927] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.927] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.927] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.927] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.927] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.928] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.929] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.929] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.929] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.929] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.929] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.929] IsWindowUnicode (hWnd=0x30122) returned 1
[0269.929] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.929] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.929] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.929] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.930] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0269.930] WaitMessage () returned 1
[0269.969] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.969] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0269.969] IsWindowUnicode (hWnd=0x2d00ea) returned 1
[0269.969] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0269.970] GetDlgItem (hDlg=0x1f02d0, nIDDlgItem=0) returned 0x0
[0269.970] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x210, wParam=0x201, lParam=0x620127) returned 0x0
[0269.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x21, wParam=0x1f02d0, lParam=0x2010001) returned 0x1
[0269.970] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x21, wParam=0x1f02d0, lParam=0x2010001) returned 0x1
[0269.970] SetCursor (hCursor=0x10003) returned 0x10003
[0269.970] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.970] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.970] GetKeyState (nVirtKey=1) returned -127
[0269.970] GetKeyState (nVirtKey=2) returned 0
[0269.970] GetKeyState (nVirtKey=4) returned 0
[0269.970] GetKeyState (nVirtKey=5) returned 0
[0269.971] GetKeyState (nVirtKey=6) returned 0
[0269.971] IsWindowVisible (hWnd=0x2d00ea) returned 1
[0269.971] IsWindowEnabled (hWnd=0x2d00ea) returned 1
[0269.971] SetFocus (hWnd=0x2d00ea) returned 0x2c02d8
[0269.971] GetFocus () returned 0x2d00ea
[0269.971] IsChild (hWndParent=0x1f02d0, hWnd=0x2d00ea) returned 1
[0269.971] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x8, wParam=0x2d00ea, lParam=0x0) returned 0x0
[0269.971] GetCapture () returned 0x0
[0269.971] InvalidateRect (hWnd=0x2c02d8, lpRect=0x0, bErase=0) returned 1
[0269.972] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0269.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0269.975] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0269.975] InvalidateRect (hWnd=0x2c02d8, lpRect=0x0, bErase=0) returned 1
[0269.975] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0269.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x7, wParam=0x2c02d8, lParam=0x0) returned 0x0
[0269.976] GetStockObject (i=5) returned 0x900015
[0269.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0269.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0269.976] GetDlgItem (hDlg=0x1f02d0, nIDDlgItem=2949354) returned 0x2d00ea
[0269.976] SendMessageW (hWnd=0x2d00ea, Msg=0x202b, wParam=0x2d00ea, lParam=0xd7dddc) returned 0x0
[0269.976] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x202b, wParam=0x2d00ea, lParam=0xd7dddc) returned 0x0
[0269.976] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0269.978] GetFocus () returned 0x2d00ea
[0269.978] GetFocus () returned 0x2d00ea
[0269.978] GetFocus () returned 0x2d00ea
[0269.978] GetKeyState (nVirtKey=1) returned -127
[0269.978] GetKeyState (nVirtKey=2) returned 0
[0269.978] GetKeyState (nVirtKey=4) returned 0
[0269.978] GetKeyState (nVirtKey=5) returned 0
[0269.978] GetKeyState (nVirtKey=6) returned 0
[0269.978] GetCapture () returned 0x0
[0269.978] SetCapture (hWnd=0x2d00ea) returned 0x0
[0269.978] GetKeyState (nVirtKey=1) returned -127
[0269.978] GetKeyState (nVirtKey=2) returned 0
[0269.978] GetKeyState (nVirtKey=4) returned 0
[0269.978] GetKeyState (nVirtKey=5) returned 0
[0269.978] GetKeyState (nVirtKey=6) returned 0
[0269.978] NotifyWinEvent (event=0x800a, hwnd=0x2d00ea, idObject=-4, idChild=0)
[0269.978] InvalidateRect (hWnd=0x2d00ea, lpRect=0xd7e430, bErase=0) returned 1
[0269.978] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.979] IsWindowUnicode (hWnd=0x2d00ea) returned 1
[0269.979] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0269.979] TranslateMessage (lpMsg=0xd7e808) returned 0
[0269.979] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0269.979] MapWindowPoints (in: hWndFrom=0x2d00ea, hWndTo=0x0, lpPoints=0x2cca018, cPoints=0x1 | out: lpPoints=0x2cca018) returned 30999254
[0269.979] NotifyWinEvent (event=0x800a, hwnd=0x2d00ea, idObject=-4, idChild=0)
[0269.979] InvalidateRect (hWnd=0x2d00ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0269.979] UpdateWindow (hWnd=0x2d00ea) returned 1
[0269.979] BeginPaint (in: hWnd=0x2d00ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0269.979] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0269.979] CreateCompatibleDC (hdc=0x10105d6) returned 0x840107ef
[0269.979] SelectObject (hdc=0x840107ef, h=0x4a0507fe) returned 0x85000f
[0269.980] GdipCreateFromHDC (hdc=0x840107ef, graphics=0xd7df00) returned 0x0
[0269.980] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0269.980] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0269.980] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0269.980] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0269.980] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df60) returned 0x0
[0269.980] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0269.980] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eead0) returned 0x0
[0269.980] LocalFree (hMem=0x11eead0) returned 0x0
[0269.980] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0269.980] GdipCreateRegion (region=0xd7df48) returned 0x0
[0269.980] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0269.980] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df54) returned 0x0
[0269.980] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0269.981] GdipRestoreGraphics (graphics=0x6600030, state=0xf7300dbd) returned 0x0
[0269.981] GdipDeleteRegion (region=0x6646718) returned 0x0
[0269.981] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0269.981] GetCurrentObject (hdc=0x840107ef, type=0x1) returned 0xb00017
[0269.981] GetCurrentObject (hdc=0x840107ef, type=0x2) returned 0x900010
[0269.981] GetCurrentObject (hdc=0x840107ef, type=0x7) returned 0x4a0507fe
[0269.981] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.981] SaveDC (hdc=0x840107ef) returned 1
[0269.981] GetNearestColor (hdc=0x840107ef, color=0xf0f0f0) returned 0xf0f0f0
[0269.985] GetNearestColor (hdc=0x840107ef, color=0xa0a0a0) returned 0xa0a0a0
[0269.986] GetNearestColor (hdc=0x840107ef, color=0x696969) returned 0x696969
[0269.986] GetNearestColor (hdc=0x840107ef, color=0xa0a0a0) returned 0xa0a0a0
[0269.986] GetNearestColor (hdc=0x840107ef, color=0x0) returned 0x0
[0269.986] GetNearestColor (hdc=0x840107ef, color=0xffffff) returned 0xffffff
[0269.986] GetNearestColor (hdc=0x840107ef, color=0xe5e5e5) returned 0xe5e5e5
[0269.986] GetNearestColor (hdc=0x840107ef, color=0xd7d7d7) returned 0xd7d7d7
[0269.986] GetNearestColor (hdc=0x840107ef, color=0x0) returned 0x0
[0269.986] RestoreDC (hdc=0x840107ef, nSavedDC=-1) returned 1
[0269.986] GdipReleaseDC (graphics=0x6600030, hdc=0x840107ef) returned 0x0
[0269.986] IsAppThemed () returned 0x1
[0269.986] GetThemeAppProperties () returned 0x3
[0269.986] GetThemeAppProperties () returned 0x3
[0269.986] IsAppThemed () returned 0x1
[0269.986] GetThemeAppProperties () returned 0x3
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2cca770 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0269.987] IsAppThemed () returned 0x1
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] IsAppThemed () returned 0x1
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] IsAppThemed () returned 0x1
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] IsAppThemed () returned 0x1
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] GetThemeAppProperties () returned 0x3
[0269.987] IsThemePartDefined () returned 0x1
[0269.987] IsAppThemed () returned 0x1
[0269.988] GetThemeAppProperties () returned 0x3
[0269.988] GetThemeAppProperties () returned 0x3
[0269.988] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0269.988] IsAppThemed () returned 0x1
[0269.988] GetThemeAppProperties () returned 0x3
[0269.988] GetThemeAppProperties () returned 0x3
[0269.988] IsAppThemed () returned 0x1
[0269.988] GetThemeAppProperties () returned 0x3
[0269.988] GetThemeAppProperties () returned 0x3
[0269.988] IsThemePartDefined () returned 0x1
[0269.988] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0269.988] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0269.988] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0269.988] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0269.988] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc7c) returned 0x0
[0269.988] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0269.988] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0269.988] LocalFree (hMem=0x11ee9f0) returned 0x0
[0269.988] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0269.988] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0269.989] LocalFree (hMem=0x11ee788) returned 0x0
[0269.989] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0269.989] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0269.989] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0269.989] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0269.989] GdipDeleteRegion (region=0x6646328) returned 0x0
[0269.989] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0269.989] GetCurrentObject (hdc=0x840107ef, type=0x1) returned 0xb00017
[0269.989] GetCurrentObject (hdc=0x840107ef, type=0x2) returned 0x900010
[0269.989] GetCurrentObject (hdc=0x840107ef, type=0x7) returned 0x4a0507fe
[0269.989] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.989] SaveDC (hdc=0x840107ef) returned 1
[0269.989] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x860407de
[0269.989] GetClipRgn (hdc=0x840107ef, hrgn=0x860407de) returned 0
[0269.989] SelectClipRgn (hdc=0x840107ef, hrgn=0xf4040807) returned 2
[0269.990] DeleteObject (ho=0x860407de) returned 1
[0269.990] DeleteObject (ho=0xf4040807) returned 1
[0269.990] OffsetViewportOrgEx (in: hdc=0x840107ef, x=0, y=0, lppt=0x2ccae20 | out: lppt=0x2ccae20) returned 1
[0269.990] DrawThemeParentBackground () returned 0x0
[0269.990] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0269.990] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0269.990] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.990] GetSystemMetrics (nIndex=42) returned 0
[0269.990] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0269.990] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0269.990] GetCurrentObject (hdc=0x840107ef, type=0x1) returned 0xb00017
[0269.990] GetCurrentObject (hdc=0x840107ef, type=0x2) returned 0x900010
[0269.990] GetCurrentObject (hdc=0x840107ef, type=0x7) returned 0x4a0507fe
[0269.990] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.990] SaveDC (hdc=0x840107ef) returned 2
[0269.991] GetNearestColor (hdc=0x840107ef, color=0xf0f0f0) returned 0xf0f0f0
[0269.991] CreateSolidBrush (color=0xf0f0f0) returned 0xf41007e1
[0269.991] FillRect (hDC=0x840107ef, lprc=0xd7d6c8, hbr=0xf41007e1) returned 1
[0269.991] DeleteObject (ho=0xf41007e1) returned 1
[0269.991] RestoreDC (hdc=0x840107ef, nSavedDC=-1) returned 1
[0269.991] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.991] GetSystemMetrics (nIndex=42) returned 0
[0269.991] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0269.991] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0269.991] GetCurrentObject (hdc=0x840107ef, type=0x1) returned 0xb00017
[0269.991] GetCurrentObject (hdc=0x840107ef, type=0x2) returned 0x900010
[0269.991] GetCurrentObject (hdc=0x840107ef, type=0x7) returned 0x4a0507fe
[0269.991] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.991] SaveDC (hdc=0x840107ef) returned 2
[0269.991] GetNearestColor (hdc=0x840107ef, color=0xf0f0f0) returned 0xf0f0f0
[0269.991] CreateSolidBrush (color=0xf0f0f0) returned 0xf51007e1
[0269.992] FillRect (hDC=0x840107ef, lprc=0xd7d668, hbr=0xf51007e1) returned 1
[0269.992] DeleteObject (ho=0xf51007e1) returned 1
[0269.992] RestoreDC (hdc=0x840107ef, nSavedDC=-1) returned 1
[0269.992] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0269.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0269.992] GetSystemMetrics (nIndex=42) returned 0
[0269.992] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0269.992] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0269.992] RestoreDC (hdc=0x840107ef, nSavedDC=-1) returned 1
[0269.992] GdipReleaseDC (graphics=0x6600030, hdc=0x840107ef) returned 0x0
[0269.992] IsAppThemed () returned 0x1
[0269.992] GetThemeAppProperties () returned 0x3
[0269.992] GetThemeAppProperties () returned 0x3
[0269.992] IsAppThemed () returned 0x1
[0269.993] GetThemeAppProperties () returned 0x3
[0269.993] GetThemeAppProperties () returned 0x3
[0269.993] IsThemePartDefined () returned 0x1
[0269.993] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0269.993] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0269.993] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0269.993] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0269.993] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc00) returned 0x0
[0269.993] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0269.993] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0269.993] LocalFree (hMem=0x11eec58) returned 0x0
[0269.993] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0269.993] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0269.993] LocalFree (hMem=0x11eed00) returned 0x0
[0269.993] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0269.993] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0269.993] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0269.993] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0269.993] GdipDeleteRegion (region=0x6646568) returned 0x0
[0269.994] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0269.994] GetCurrentObject (hdc=0x840107ef, type=0x1) returned 0xb00017
[0269.994] GetCurrentObject (hdc=0x840107ef, type=0x2) returned 0x900010
[0269.994] GetCurrentObject (hdc=0x840107ef, type=0x7) returned 0x4a0507fe
[0269.994] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.994] SaveDC (hdc=0x840107ef) returned 1
[0269.994] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf5040807
[0269.994] GetClipRgn (hdc=0x840107ef, hrgn=0xf5040807) returned 0
[0269.994] SelectClipRgn (hdc=0x840107ef, hrgn=0x880407de) returned 2
[0269.994] DeleteObject (ho=0xf5040807) returned 1
[0269.994] DeleteObject (ho=0x880407de) returned 1
[0269.994] OffsetViewportOrgEx (in: hdc=0x840107ef, x=0, y=0, lppt=0x2ccb6cc | out: lppt=0x2ccb6cc) returned 1
[0269.994] IsAppThemed () returned 0x1
[0269.994] GetThemeAppProperties () returned 0x3
[0269.994] GetThemeAppProperties () returned 0x3
[0269.994] DrawThemeBackground () returned 0x0
[0269.995] RestoreDC (hdc=0x840107ef, nSavedDC=-1) returned 1
[0269.995] GdipReleaseDC (graphics=0x6600030, hdc=0x840107ef) returned 0x0
[0269.995] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0269.995] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0269.995] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0269.995] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0269.995] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc04) returned 0x0
[0269.995] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0269.995] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0269.995] LocalFree (hMem=0x11ee788) returned 0x0
[0269.995] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0269.995] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0269.995] LocalFree (hMem=0x11ee788) returned 0x0
[0269.995] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0269.995] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0269.995] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0269.995] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0269.996] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0269.996] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0269.996] GetCurrentObject (hdc=0x840107ef, type=0x1) returned 0xb00017
[0269.996] GetCurrentObject (hdc=0x840107ef, type=0x2) returned 0x900010
[0269.996] GetCurrentObject (hdc=0x840107ef, type=0x7) returned 0x4a0507fe
[0269.996] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.996] SaveDC (hdc=0x840107ef) returned 1
[0269.996] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x890407de
[0269.996] GetClipRgn (hdc=0x840107ef, hrgn=0x890407de) returned 0
[0269.996] SelectClipRgn (hdc=0x840107ef, hrgn=0xf6040807) returned 2
[0269.996] DeleteObject (ho=0x890407de) returned 1
[0269.996] DeleteObject (ho=0xf6040807) returned 1
[0269.996] OffsetViewportOrgEx (in: hdc=0x840107ef, x=0, y=0, lppt=0x2ccb9a0 | out: lppt=0x2ccb9a0) returned 1
[0269.996] IsAppThemed () returned 0x1
[0269.996] GetThemeAppProperties () returned 0x3
[0269.996] GetThemeAppProperties () returned 0x3
[0269.997] GetThemeBackgroundContentRect () returned 0x0
[0269.997] RestoreDC (hdc=0x840107ef, nSavedDC=-1) returned 1
[0269.997] GdipReleaseDC (graphics=0x6600030, hdc=0x840107ef) returned 0x0
[0269.997] IsAppThemed () returned 0x1
[0269.997] GetThemeAppProperties () returned 0x3
[0269.997] GetThemeAppProperties () returned 0x3
[0269.997] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0269.997] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0269.997] GetCurrentObject (hdc=0x840107ef, type=0x1) returned 0xb00017
[0269.997] GetCurrentObject (hdc=0x840107ef, type=0x2) returned 0x900010
[0269.997] GetCurrentObject (hdc=0x840107ef, type=0x7) returned 0x4a0507fe
[0269.997] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.998] SaveDC (hdc=0x840107ef) returned 1
[0269.998] GetTextAlign (hdc=0x840107ef) returned 0x0
[0269.998] GetTextColor (hdc=0x840107ef) returned 0x0
[0269.998] GetCurrentObject (hdc=0x840107ef, type=0x6) returned 0x8a01c2
[0269.998] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0269.998] SelectObject (hdc=0x840107ef, h=0x6d0a0520) returned 0x8a01c2
[0269.998] GetBkMode (hdc=0x840107ef) returned 2
[0269.998] SetBkMode (hdc=0x840107ef, mode=1) returned 2
[0269.998] DrawTextExW (in: hdc=0x840107ef, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2ccbd40 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0269.999] DrawTextExW (in: hdc=0x840107ef, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2ccbd40 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0269.999] RestoreDC (hdc=0x840107ef, nSavedDC=-1) returned 1
[0269.999] GdipReleaseDC (graphics=0x6600030, hdc=0x840107ef) returned 0x0
[0269.999] GetFocus () returned 0x2d00ea
[0269.999] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0269.999] SendMessageW (hWnd=0x1f02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0269.999] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0269.999] IsAppThemed () returned 0x1
[0270.000] GetThemeAppProperties () returned 0x3
[0270.000] GetThemeAppProperties () returned 0x3
[0270.000] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0270.000] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x840107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0270.000] GdipReleaseDC (graphics=0x6600030, hdc=0x840107ef) returned 0x0
[0270.000] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0270.000] SelectObject (hdc=0x840107ef, h=0x85000f) returned 0x4a0507fe
[0270.000] DeleteDC (hdc=0x840107ef) returned 1
[0270.000] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0270.000] EndPaint (hWnd=0x2d00ea, lpPaint=0xd7dee4) returned 1
[0270.000] MapWindowPoints (in: hWndFrom=0x2d00ea, hWndTo=0x0, lpPoints=0x2ccbe3c, cPoints=0x1 | out: lpPoints=0x2ccbe3c) returned 30999254
[0270.000] WindowFromPoint (Point=0x31c) returned 0x2d00ea
[0270.000] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0270.001] NotifyWinEvent (event=0x800a, hwnd=0x2d00ea, idObject=-4, idChild=0)
[0270.001] NotifyWinEvent (event=0x800c, hwnd=0x2d00ea, idObject=-4, idChild=0)
[0270.001] GetCapture () returned 0x2d00ea
[0270.001] ReleaseCapture () returned 1
[0270.001] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0270.001] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0270.002] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0270.002] IsWindow (hWnd=0x7005c) returned 1
[0270.002] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0270.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0270.002] IsWindow (hWnd=0x1f02d0) returned 1
[0270.002] SetActiveWindow (hWnd=0x1f02d0) returned 0x1f02d0
[0270.003] IsWindow (hWnd=0x1f02d0) returned 1
[0270.003] SetFocus (hWnd=0x1f02d0) returned 0x2d00ea
[0270.003] GetFocus () returned 0x1f02d0
[0270.003] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x8, wParam=0x1f02d0, lParam=0x0) returned 0x0
[0270.003] GetCapture () returned 0x0
[0270.003] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0270.004] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0270.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0270.007] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0270.007] GetFocus () returned 0x1f02d0
[0270.007] SetFocus (hWnd=0x2d00ea) returned 0x1f02d0
[0270.007] GetFocus () returned 0x2d00ea
[0270.007] IsChild (hWndParent=0x1f02d0, hWnd=0x2d00ea) returned 1
[0270.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x8, wParam=0x2d00ea, lParam=0x0) returned 0x0
[0270.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0270.010] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0270.012] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0270.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x7, wParam=0x1f02d0, lParam=0x0) returned 0x0
[0270.012] GetStockObject (i=5) returned 0x900015
[0270.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0270.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0270.012] GetDlgItem (hDlg=0x1f02d0, nIDDlgItem=2949354) returned 0x2d00ea
[0270.012] SendMessageW (hWnd=0x2d00ea, Msg=0x202b, wParam=0x2d00ea, lParam=0xd7ddcc) returned 0x0
[0270.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x202b, wParam=0x2d00ea, lParam=0xd7ddcc) returned 0x0
[0270.012] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0270.015] GetWindowLongW (hWnd=0x1f02d0, nIndex=-8) returned 458844
[0270.015] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0270.015] GetCurrentThreadId () returned 0xf50
[0270.015] IsWindow (hWnd=0x7005c) returned 1
[0270.015] IsWindow (hWnd=0x7005c) returned 1
[0270.015] IsWindowVisible (hWnd=0x7005c) returned 1
[0270.015] SetActiveWindow (hWnd=0x7005c) returned 0x1f02d0
[0270.016] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0270.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0270.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0270.018] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0270.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0270.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0270.020] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0270.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0270.020] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0270.020] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0270.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0270.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0270.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0270.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x1f02d0) returned 0x1
[0270.024] GetFocus () returned 0x2d00ea
[0270.024] SetFocus (hWnd=0x602c4) returned 0x2d00ea
[0270.024] GetFocus () returned 0x602c4
[0270.025] IsChild (hWndParent=0x1f02d0, hWnd=0x602c4) returned 0
[0270.025] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0270.025] GetCapture () returned 0x0
[0270.025] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0270.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0270.027] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0270.033] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0270.033] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0270.034] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0270.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0270.034] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0270.035] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2d00ea, lParam=0x0) returned 0x0
[0270.035] GetStockObject (i=5) returned 0x900015
[0270.035] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0270.035] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8a0) returned 0xc
[0270.035] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0270.035] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0270.035] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0270.035] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0270.037] GetFocus () returned 0x602c4
[0270.037] IsChild (hWndParent=0x1f02d0, hWnd=0x602c4) returned 0
[0270.037] ShowWindow (hWnd=0x1f02d0, nCmdShow=0) returned 1
[0270.037] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0270.037] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0270.038] GetWindowPlacement (in: hWnd=0x1f02d0, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0270.038] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0270.038] GetClientRect (in: hWnd=0x1f02d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0270.038] GetWindowRect (in: hWnd=0x1f02d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0270.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0270.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0270.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0270.040] GetWindowLongW (hWnd=0x1f02d0, nIndex=-20) returned 327945
[0270.040] DestroyWindow (hWnd=0x1f02d0) returned 1
[0270.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0270.040] GetWindowTextLengthW (hWnd=0x1f02d0) returned 13
[0270.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0270.040] GetSystemMetrics (nIndex=42) returned 0
[0270.040] GetWindowTextW (in: hWnd=0x1f02d0, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0270.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0270.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0270.040] GetWindowTextLengthW (hWnd=0x2a02de) returned 0
[0270.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0270.040] GetSystemMetrics (nIndex=42) returned 0
[0270.040] GetWindowTextW (in: hWnd=0x2a02de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0270.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0270.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0270.041] GetWindowThreadProcessId (in: hWnd=0x2a02da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0270.041] GetWindow (hWnd=0x2a02da, uCmd=0x5) returned 0x0
[0270.041] GetWindowLongW (hWnd=0x2a02da, nIndex=-20) returned 65792
[0270.041] DestroyWindow (hWnd=0x2a02da) returned 1
[0270.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0270.041] GetWindowTextLengthW (hWnd=0x2a02da) returned 25
[0270.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0270.041] GetSystemMetrics (nIndex=42) returned 0
[0270.041] GetWindowTextW (in: hWnd=0x2a02da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0270.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0270.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0270.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.042] GetWindowTextLengthW (hWnd=0x2002ce) returned 232
[0270.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0270.042] GetSystemMetrics (nIndex=42) returned 0
[0270.042] GetWindowTextW (in: hWnd=0x2002ce, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0270.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0270.042] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0270.042] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0270.043] InvalidateRect (hWnd=0x2d00ea, lpRect=0x0, bErase=0) returned 1
[0270.043] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0270.043] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0270.043] SendMessageW (hWnd=0x2402c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0270.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0270.043] SendMessageW (hWnd=0x2402c8, Msg=0xb0, wParam=0x2c96578, lParam=0xd7e480) returned 0x0
[0270.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0xb0, wParam=0x2c96578, lParam=0xd7e480) returned 0x0
[0270.043] GetWindowTextLengthW (hWnd=0x2402c8) returned 4363
[0270.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0270.043] GetSystemMetrics (nIndex=42) returned 0
[0270.043] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0270.043] GetWindowTextW (in: hWnd=0x2402c8, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0270.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0270.043] CoTaskMemFree (pv=0x1202960)
[0270.043] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0270.044] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.045] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2002ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.046] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.047] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.048] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.049] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2402c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x1f02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0270.051] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.051] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.051] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.051] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.051] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.052] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0270.052] IsWindowUnicode (hWnd=0x7005c) returned 1
[0270.052] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0270.052] SetCursor (hCursor=0x10003) returned 0x10003
[0270.052] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.052] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.052] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0270.052] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0270.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0270.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x108025e) returned 0x0
[0270.052] GetKeyState (nVirtKey=1) returned 1
[0270.052] GetKeyState (nVirtKey=2) returned 0
[0270.053] GetKeyState (nVirtKey=4) returned 0
[0270.053] GetKeyState (nVirtKey=5) returned 0
[0270.053] GetKeyState (nVirtKey=6) returned 0
[0270.053] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0270.053] IsWindowUnicode (hWnd=0x7005c) returned 1
[0270.053] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.053] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.053] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.053] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.053] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0270.054] IsWindowUnicode (hWnd=0x7005c) returned 1
[0270.054] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd031c) returned 0x1
[0270.054] SetCursor (hCursor=0x10003) returned 0x10003
[0270.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x108025e) returned 0x0
[0270.054] GetKeyState (nVirtKey=1) returned 1
[0270.054] GetKeyState (nVirtKey=2) returned 0
[0270.054] GetKeyState (nVirtKey=4) returned 0
[0270.054] GetKeyState (nVirtKey=5) returned 0
[0270.054] GetKeyState (nVirtKey=6) returned 0
[0270.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.054] IsWindowUnicode (hWnd=0x602c4) returned 1
[0270.055] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.055] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.055] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.055] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.056] IsWindowUnicode (hWnd=0x602c4) returned 1
[0270.056] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.057] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.057] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.057] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0270.057] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0270.057] CreateCompatibleDC (hdc=0x10105d6) returned 0xe3010671
[0270.058] SelectObject (hdc=0xe3010671, h=0x4a0507fe) returned 0x85000f
[0270.058] GdipCreateFromHDC (hdc=0xe3010671, graphics=0xd7e798) returned 0x0
[0270.058] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0270.058] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0270.058] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0270.058] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0270.058] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e7f8) returned 0x0
[0270.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0270.058] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0270.058] LocalFree (hMem=0x11ee868) returned 0x0
[0270.058] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0270.058] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0270.058] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0270.059] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0270.059] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0270.059] GdipRestoreGraphics (graphics=0x6600030, state=0xf72e0dbd) returned 0x0
[0270.059] GdipDeleteRegion (region=0x6646838) returned 0x0
[0270.059] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0270.059] GetCurrentObject (hdc=0xe3010671, type=0x1) returned 0xb00017
[0270.059] GetCurrentObject (hdc=0xe3010671, type=0x2) returned 0x900010
[0270.059] GetCurrentObject (hdc=0xe3010671, type=0x7) returned 0x4a0507fe
[0270.059] GetCurrentObject (hdc=0xe3010671, type=0x6) returned 0x8a01c2
[0270.059] SaveDC (hdc=0xe3010671) returned 1
[0270.059] GetNearestColor (hdc=0xe3010671, color=0xff) returned 0xff
[0270.072] GetNearestColor (hdc=0xe3010671, color=0x55) returned 0x55
[0270.072] GetNearestColor (hdc=0xe3010671, color=0x0) returned 0x0
[0270.072] GetNearestColor (hdc=0xe3010671, color=0x55) returned 0x55
[0270.072] GetNearestColor (hdc=0xe3010671, color=0x0) returned 0x0
[0270.072] GetNearestColor (hdc=0xe3010671, color=0x8080ff) returned 0x8080ff
[0270.072] GetNearestColor (hdc=0xe3010671, color=0x7373e5) returned 0x7373e5
[0270.072] GetNearestColor (hdc=0xe3010671, color=0xe5) returned 0xe5
[0270.072] GetNearestColor (hdc=0xe3010671, color=0x0) returned 0x0
[0270.072] RestoreDC (hdc=0xe3010671, nSavedDC=-1) returned 1
[0270.072] GdipReleaseDC (graphics=0x6600030, hdc=0xe3010671) returned 0x0
[0270.072] IsAppThemed () returned 0x1
[0270.072] GetThemeAppProperties () returned 0x3
[0270.072] GetThemeAppProperties () returned 0x3
[0270.073] IsAppThemed () returned 0x1
[0270.073] GetThemeAppProperties () returned 0x3
[0270.073] GetThemeAppProperties () returned 0x3
[0270.073] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2cd3ba8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0270.073] IsAppThemed () returned 0x1
[0270.073] GetThemeAppProperties () returned 0x3
[0270.073] GetThemeAppProperties () returned 0x3
[0270.073] IsAppThemed () returned 0x1
[0270.073] GetThemeAppProperties () returned 0x3
[0270.073] GetThemeAppProperties () returned 0x3
[0270.073] GetFocus () returned 0x602c4
[0270.073] IsAppThemed () returned 0x1
[0270.073] GetThemeAppProperties () returned 0x3
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] IsAppThemed () returned 0x1
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] IsThemePartDefined () returned 0x1
[0270.074] IsAppThemed () returned 0x1
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0270.074] IsAppThemed () returned 0x1
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] IsAppThemed () returned 0x1
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] GetThemeAppProperties () returned 0x3
[0270.074] IsThemePartDefined () returned 0x1
[0270.074] GdipCreateRegion (region=0xd7e508) returned 0x0
[0270.074] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0270.074] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0270.074] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0270.075] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e520) returned 0x0
[0270.075] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0270.075] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0270.075] LocalFree (hMem=0x11ee9f0) returned 0x0
[0270.075] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0270.075] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0270.083] LocalFree (hMem=0x11eecc8) returned 0x0
[0270.083] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0270.083] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e548) returned 0x0
[0270.083] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e538) returned 0x0
[0270.083] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0270.083] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0270.083] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0270.083] GetCurrentObject (hdc=0xe3010671, type=0x1) returned 0xb00017
[0270.083] GetCurrentObject (hdc=0xe3010671, type=0x2) returned 0x900010
[0270.083] GetCurrentObject (hdc=0xe3010671, type=0x7) returned 0x4a0507fe
[0270.084] GetCurrentObject (hdc=0xe3010671, type=0x6) returned 0x8a01c2
[0270.084] SaveDC (hdc=0xe3010671) returned 1
[0270.084] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf7040807
[0270.084] GetClipRgn (hdc=0xe3010671, hrgn=0xf7040807) returned 0
[0270.084] SelectClipRgn (hdc=0xe3010671, hrgn=0x8d0407de) returned 2
[0270.084] DeleteObject (ho=0xf7040807) returned 1
[0270.084] DeleteObject (ho=0x8d0407de) returned 1
[0270.084] OffsetViewportOrgEx (in: hdc=0xe3010671, x=0, y=0, lppt=0x2cd4258 | out: lppt=0x2cd4258) returned 1
[0270.084] DrawThemeParentBackground () returned 0x0
[0270.084] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0270.084] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0270.084] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0270.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0270.085] GetSystemMetrics (nIndex=42) returned 0
[0270.085] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0270.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0270.085] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0270.085] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0270.085] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0270.085] SelectPalette (hdc=0xe3010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0270.085] GdipCreateFromHDC (hdc=0xe3010671, graphics=0xd7dff8) returned 0x0
[0270.085] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0270.085] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0270.085] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638d58) returned 0x0
[0270.085] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfd0) returned 0x0
[0270.085] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0270.086] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0270.086] GdipGetClip (graphics=0x6635e20, region=0x6646448) returned 0x0
[0270.086] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6635e20, result=0xd7dfc4) returned 0x0
[0270.086] GdipDeleteRegion (region=0x6646448) returned 0x0
[0270.086] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dff0) returned 0x0
[0270.086] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0270.096] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635ba8, x=0, y=0, width=801, height=453) returned 0x0
[0270.096] GdipDeleteBrush (brush=0x6635ba8) returned 0x0
[0270.098] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0270.098] SelectPalette (hdc=0xe3010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0270.098] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0270.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0270.098] GetSystemMetrics (nIndex=42) returned 0
[0270.098] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0270.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0270.098] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0270.098] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0270.098] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0270.098] SelectPalette (hdc=0xe3010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0270.098] GdipCreateFromHDC (hdc=0xe3010671, graphics=0xd7df98) returned 0x0
[0270.099] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0270.099] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0270.099] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638cc8) returned 0x0
[0270.099] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df70) returned 0x0
[0270.099] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0270.099] GdipCreateRegion (region=0xd7df58) returned 0x0
[0270.099] GdipGetClip (graphics=0x6635e20, region=0x6646298) returned 0x0
[0270.099] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6635e20, result=0xd7df64) returned 0x0
[0270.099] GdipDeleteRegion (region=0x6646298) returned 0x0
[0270.099] GdipSaveGraphics (graphics=0x6635e20, state=0xd7df90) returned 0x0
[0270.099] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0270.112] GdipFillRectangleI (graphics=0x6635e20, brush=0x6634e40, x=0, y=0, width=801, height=453) returned 0x0
[0270.112] GdipDeleteBrush (brush=0x6634e40) returned 0x0
[0270.114] GdipRestoreGraphics (graphics=0x6635e20, state=0xf72a0dbd) returned 0x0
[0270.114] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0270.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0270.114] GetSystemMetrics (nIndex=42) returned 0
[0270.114] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0270.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0270.115] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0270.115] SelectPalette (hdc=0xe3010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0270.115] RestoreDC (hdc=0xe3010671, nSavedDC=-1) returned 1
[0270.115] GdipReleaseDC (graphics=0x6600030, hdc=0xe3010671) returned 0x0
[0270.115] IsAppThemed () returned 0x1
[0270.115] GetThemeAppProperties () returned 0x3
[0270.115] GetThemeAppProperties () returned 0x3
[0270.115] IsAppThemed () returned 0x1
[0270.115] GetThemeAppProperties () returned 0x3
[0270.116] GetThemeAppProperties () returned 0x3
[0270.116] IsThemePartDefined () returned 0x1
[0270.116] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0270.116] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0270.116] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0270.116] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0270.116] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e4a4) returned 0x0
[0270.116] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0270.116] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0270.116] LocalFree (hMem=0x11eec58) returned 0x0
[0270.116] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0270.116] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0270.116] LocalFree (hMem=0x11ee788) returned 0x0
[0270.116] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0270.116] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0270.116] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0270.116] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0270.116] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0270.117] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0270.117] GetCurrentObject (hdc=0xe3010671, type=0x1) returned 0xb00017
[0270.117] GetCurrentObject (hdc=0xe3010671, type=0x2) returned 0x900010
[0270.117] GetCurrentObject (hdc=0xe3010671, type=0x7) returned 0x4a0507fe
[0270.117] GetCurrentObject (hdc=0xe3010671, type=0x6) returned 0x8a01c2
[0270.117] SaveDC (hdc=0xe3010671) returned 1
[0270.117] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8e0407de
[0270.117] GetClipRgn (hdc=0xe3010671, hrgn=0x8e0407de) returned 0
[0270.117] SelectClipRgn (hdc=0xe3010671, hrgn=0xf9040807) returned 2
[0270.117] DeleteObject (ho=0x8e0407de) returned 1
[0270.117] DeleteObject (ho=0xf9040807) returned 1
[0270.117] OffsetViewportOrgEx (in: hdc=0xe3010671, x=0, y=0, lppt=0x2cdaaa8 | out: lppt=0x2cdaaa8) returned 1
[0270.117] IsAppThemed () returned 0x1
[0270.117] GetThemeAppProperties () returned 0x3
[0270.118] GetThemeAppProperties () returned 0x3
[0270.118] DrawThemeBackground () returned 0x0
[0270.118] RestoreDC (hdc=0xe3010671, nSavedDC=-1) returned 1
[0270.118] GdipReleaseDC (graphics=0x6600030, hdc=0xe3010671) returned 0x0
[0270.118] GdipCreateRegion (region=0xd7e490) returned 0x0
[0270.118] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0270.118] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0270.118] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0270.118] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a8) returned 0x0
[0270.118] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0270.118] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea28) returned 0x0
[0270.118] LocalFree (hMem=0x11eea28) returned 0x0
[0270.118] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0270.118] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0270.118] LocalFree (hMem=0x11ee788) returned 0x0
[0270.118] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0270.119] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0270.119] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0270.119] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0270.119] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0270.119] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0270.119] GetCurrentObject (hdc=0xe3010671, type=0x1) returned 0xb00017
[0270.119] GetCurrentObject (hdc=0xe3010671, type=0x2) returned 0x900010
[0270.119] GetCurrentObject (hdc=0xe3010671, type=0x7) returned 0x4a0507fe
[0270.119] GetCurrentObject (hdc=0xe3010671, type=0x6) returned 0x8a01c2
[0270.119] SaveDC (hdc=0xe3010671) returned 1
[0270.119] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa040807
[0270.119] GetClipRgn (hdc=0xe3010671, hrgn=0xfa040807) returned 0
[0270.119] SelectClipRgn (hdc=0xe3010671, hrgn=0x8f0407de) returned 2
[0270.119] DeleteObject (ho=0xfa040807) returned 1
[0270.119] DeleteObject (ho=0x8f0407de) returned 1
[0270.119] OffsetViewportOrgEx (in: hdc=0xe3010671, x=0, y=0, lppt=0x2cdad7c | out: lppt=0x2cdad7c) returned 1
[0270.120] IsAppThemed () returned 0x1
[0270.120] GetThemeAppProperties () returned 0x3
[0270.120] GetThemeAppProperties () returned 0x3
[0270.120] GetThemeBackgroundContentRect () returned 0x0
[0270.120] RestoreDC (hdc=0xe3010671, nSavedDC=-1) returned 1
[0270.120] GdipReleaseDC (graphics=0x6600030, hdc=0xe3010671) returned 0x0
[0270.120] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0270.120] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0270.120] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0270.120] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0270.120] IsAppThemed () returned 0x1
[0270.120] GetThemeAppProperties () returned 0x3
[0270.120] GetThemeAppProperties () returned 0x3
[0270.120] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0270.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0270.120] GetCurrentObject (hdc=0xe3010671, type=0x1) returned 0xb00017
[0270.120] GetCurrentObject (hdc=0xe3010671, type=0x2) returned 0x900010
[0270.121] GetCurrentObject (hdc=0xe3010671, type=0x7) returned 0x4a0507fe
[0270.121] GetCurrentObject (hdc=0xe3010671, type=0x6) returned 0x8a01c2
[0270.121] SaveDC (hdc=0xe3010671) returned 1
[0270.121] GetTextAlign (hdc=0xe3010671) returned 0x0
[0270.121] GetTextColor (hdc=0xe3010671) returned 0x0
[0270.121] GetCurrentObject (hdc=0xe3010671, type=0x6) returned 0x8a01c2
[0270.121] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0270.121] SelectObject (hdc=0xe3010671, h=0x6d0a0520) returned 0x8a01c2
[0270.121] GetBkMode (hdc=0xe3010671) returned 2
[0270.121] SetBkMode (hdc=0xe3010671, mode=1) returned 2
[0270.121] DrawTextExW (in: hdc=0xe3010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2cdb140 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0270.122] DrawTextExW (in: hdc=0xe3010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2cdb140 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0270.123] RestoreDC (hdc=0xe3010671, nSavedDC=-1) returned 1
[0270.123] GdipReleaseDC (graphics=0x6600030, hdc=0xe3010671) returned 0x0
[0270.123] GetFocus () returned 0x602c4
[0270.123] IsAppThemed () returned 0x1
[0270.123] GetThemeAppProperties () returned 0x3
[0270.123] GetThemeAppProperties () returned 0x3
[0270.123] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0270.123] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xe3010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0270.123] GdipReleaseDC (graphics=0x6600030, hdc=0xe3010671) returned 0x0
[0270.123] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0270.124] SelectObject (hdc=0xe3010671, h=0x85000f) returned 0x4a0507fe
[0270.124] DeleteDC (hdc=0xe3010671) returned 1
[0270.124] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0270.124] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0270.124] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.124] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.124] WaitMessage () returned 1
[0270.124] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.124] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.124] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.124] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.125] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.126] WaitMessage () returned 1
[0270.147] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.148] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.148] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.148] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.148] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.149] WaitMessage () returned 1
[0270.150] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.150] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.150] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.150] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.150] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.151] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.151] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.151] WaitMessage () returned 1
[0270.152] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.152] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.152] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.152] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.152] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.158] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.158] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.158] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.158] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.159] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.159] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.159] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.159] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.159] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.159] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.159] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.160] IsWindowUnicode (hWnd=0x7005c) returned 1
[0270.160] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.160] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.160] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.160] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.160] IsWindowUnicode (hWnd=0x7005c) returned 1
[0270.160] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.160] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.160] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x108025e) returned 0x0
[0270.160] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.160] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.160] WaitMessage () returned 1
[0270.162] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.162] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.162] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.163] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.163] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.164] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.164] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.164] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.164] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.164] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.165] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.165] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.165] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.165] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.165] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.165] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.166] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.166] WaitMessage () returned 1
[0270.166] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.166] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.166] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.167] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.167] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.168] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.168] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.168] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.168] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.168] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.169] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.169] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.169] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.169] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.169] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.169] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.170] WaitMessage () returned 1
[0270.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.170] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.170] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.171] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.171] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.172] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.172] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.173] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.173] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.173] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.173] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.173] IsWindowUnicode (hWnd=0x30122) returned 1
[0270.173] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.173] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.173] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.173] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.174] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.174] WaitMessage () returned 1
[0270.342] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.342] IsWindowUnicode (hWnd=0x502c6) returned 1
[0270.342] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0270.342] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0270.342] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0270.342] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.342] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0270.342] WaitMessage () returned 1
[0272.329] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f4) returned 0x1
[0272.329] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.329] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.329] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0272.329] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0272.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0272.329] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f4) returned 0x1
[0272.330] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.330] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f4) returned 0x1
[0272.330] SetCursor (hCursor=0x10003) returned 0x10003
[0272.330] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0272.330] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0272.330] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0272.330] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0272.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0272.330] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0272.330] GetKeyState (nVirtKey=1) returned 1
[0272.331] GetKeyState (nVirtKey=2) returned 0
[0272.331] GetKeyState (nVirtKey=4) returned 0
[0272.331] GetKeyState (nVirtKey=5) returned 0
[0272.331] GetKeyState (nVirtKey=6) returned 0
[0272.331] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.331] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.331] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.331] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0272.331] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0272.331] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0272.331] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.331] CreateCompatibleDC (hdc=0x10105d6) returned 0x2f0107e8
[0272.331] SelectObject (hdc=0x2f0107e8, h=0x4a0507fe) returned 0x85000f
[0272.332] GdipCreateFromHDC (hdc=0x2f0107e8, graphics=0xd7e798) returned 0x0
[0272.332] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0272.332] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0272.332] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0272.332] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0272.332] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e7f8) returned 0x0
[0272.332] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0272.332] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0272.332] LocalFree (hMem=0x11ee788) returned 0x0
[0272.332] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0272.332] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0272.332] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0272.332] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0272.333] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0272.333] GdipRestoreGraphics (graphics=0x6600030, state=0xf7280dbd) returned 0x0
[0272.333] GdipDeleteRegion (region=0x6646328) returned 0x0
[0272.333] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0272.333] GetCurrentObject (hdc=0x2f0107e8, type=0x1) returned 0xb00017
[0272.333] GetCurrentObject (hdc=0x2f0107e8, type=0x2) returned 0x900010
[0272.333] GetCurrentObject (hdc=0x2f0107e8, type=0x7) returned 0x4a0507fe
[0272.333] GetCurrentObject (hdc=0x2f0107e8, type=0x6) returned 0x8a01c2
[0272.333] SaveDC (hdc=0x2f0107e8) returned 1
[0272.333] GetNearestColor (hdc=0x2f0107e8, color=0xff) returned 0xff
[0272.333] GetNearestColor (hdc=0x2f0107e8, color=0x55) returned 0x55
[0272.333] GetNearestColor (hdc=0x2f0107e8, color=0x0) returned 0x0
[0272.333] GetNearestColor (hdc=0x2f0107e8, color=0x55) returned 0x55
[0272.333] GetNearestColor (hdc=0x2f0107e8, color=0x0) returned 0x0
[0272.334] GetNearestColor (hdc=0x2f0107e8, color=0x8080ff) returned 0x8080ff
[0272.334] GetNearestColor (hdc=0x2f0107e8, color=0x7373e5) returned 0x7373e5
[0272.334] GetNearestColor (hdc=0x2f0107e8, color=0xe5) returned 0xe5
[0272.334] GetNearestColor (hdc=0x2f0107e8, color=0x0) returned 0x0
[0272.334] RestoreDC (hdc=0x2f0107e8, nSavedDC=-1) returned 1
[0272.334] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e8) returned 0x0
[0272.334] IsAppThemed () returned 0x1
[0272.334] GetThemeAppProperties () returned 0x3
[0272.334] GetThemeAppProperties () returned 0x3
[0272.334] IsAppThemed () returned 0x1
[0272.334] GetThemeAppProperties () returned 0x3
[0272.334] GetThemeAppProperties () returned 0x3
[0272.334] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2cdba8c | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0272.335] IsAppThemed () returned 0x1
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] IsAppThemed () returned 0x1
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] IsAppThemed () returned 0x1
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] IsAppThemed () returned 0x1
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] IsThemePartDefined () returned 0x1
[0272.335] IsAppThemed () returned 0x1
[0272.335] GetThemeAppProperties () returned 0x3
[0272.335] GetThemeAppProperties () returned 0x3
[0272.336] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0272.336] IsAppThemed () returned 0x1
[0272.336] GetThemeAppProperties () returned 0x3
[0272.336] GetThemeAppProperties () returned 0x3
[0272.336] IsAppThemed () returned 0x1
[0272.336] GetThemeAppProperties () returned 0x3
[0272.336] GetThemeAppProperties () returned 0x3
[0272.336] IsThemePartDefined () returned 0x1
[0272.336] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0272.336] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0272.336] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0272.336] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0272.336] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e514) returned 0x0
[0272.336] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0272.336] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0272.336] LocalFree (hMem=0x11eec58) returned 0x0
[0272.336] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0272.336] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0272.336] LocalFree (hMem=0x11ee9f0) returned 0x0
[0272.337] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0272.337] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0272.337] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0272.337] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0272.337] GdipDeleteRegion (region=0x6646718) returned 0x0
[0272.337] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0272.337] GetCurrentObject (hdc=0x2f0107e8, type=0x1) returned 0xb00017
[0272.337] GetCurrentObject (hdc=0x2f0107e8, type=0x2) returned 0x900010
[0272.337] GetCurrentObject (hdc=0x2f0107e8, type=0x7) returned 0x4a0507fe
[0272.337] GetCurrentObject (hdc=0x2f0107e8, type=0x6) returned 0x8a01c2
[0272.337] SaveDC (hdc=0x2f0107e8) returned 1
[0272.337] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x900407de
[0272.337] GetClipRgn (hdc=0x2f0107e8, hrgn=0x900407de) returned 0
[0272.337] SelectClipRgn (hdc=0x2f0107e8, hrgn=0xfe040807) returned 2
[0272.337] DeleteObject (ho=0x900407de) returned 1
[0272.338] DeleteObject (ho=0xfe040807) returned 1
[0272.338] OffsetViewportOrgEx (in: hdc=0x2f0107e8, x=0, y=0, lppt=0x2cdc13c | out: lppt=0x2cdc13c) returned 1
[0272.338] DrawThemeParentBackground () returned 0x0
[0272.338] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0272.338] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0272.338] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.338] GetSystemMetrics (nIndex=42) returned 0
[0272.338] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0272.338] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0272.338] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0272.338] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0272.338] SelectPalette (hdc=0x2f0107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.339] GdipCreateFromHDC (hdc=0x2f0107e8, graphics=0xd7dff0) returned 0x0
[0272.339] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0272.339] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0272.339] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638c68) returned 0x0
[0272.339] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfc8) returned 0x0
[0272.339] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0272.339] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0272.339] GdipGetClip (graphics=0x6635e20, region=0x66469e8) returned 0x0
[0272.339] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6635e20, result=0xd7dfbc) returned 0x0
[0272.339] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0272.339] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dfe8) returned 0x0
[0272.339] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0272.347] GdipFillRectangleI (graphics=0x6635e20, brush=0x66356c8, x=0, y=0, width=801, height=453) returned 0x0
[0272.348] GdipDeleteBrush (brush=0x66356c8) returned 0x0
[0272.349] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0272.349] SelectPalette (hdc=0x2f0107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.350] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.350] GetSystemMetrics (nIndex=42) returned 0
[0272.350] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0272.350] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0272.350] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0272.350] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0272.350] SelectPalette (hdc=0x2f0107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.350] GdipCreateFromHDC (hdc=0x2f0107e8, graphics=0xd7df90) returned 0x0
[0272.350] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0272.351] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0272.351] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638ab8) returned 0x0
[0272.351] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df68) returned 0x0
[0272.351] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0272.351] GdipCreateRegion (region=0xd7df50) returned 0x0
[0272.351] GdipGetClip (graphics=0x6635e20, region=0x66467a8) returned 0x0
[0272.351] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6635e20, result=0xd7df5c) returned 0x0
[0272.351] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0272.351] GdipSaveGraphics (graphics=0x6635e20, state=0xd7df88) returned 0x0
[0272.351] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0272.359] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635a70, x=0, y=0, width=801, height=453) returned 0x0
[0272.359] GdipDeleteBrush (brush=0x6635a70) returned 0x0
[0272.361] GdipRestoreGraphics (graphics=0x6635e20, state=0xf7240dbd) returned 0x0
[0272.361] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.361] GetSystemMetrics (nIndex=42) returned 0
[0272.361] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0272.361] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0272.361] SelectPalette (hdc=0x2f0107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.361] RestoreDC (hdc=0x2f0107e8, nSavedDC=-1) returned 1
[0272.362] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e8) returned 0x0
[0272.362] IsAppThemed () returned 0x1
[0272.362] GetThemeAppProperties () returned 0x3
[0272.362] GetThemeAppProperties () returned 0x3
[0272.362] IsAppThemed () returned 0x1
[0272.362] GetThemeAppProperties () returned 0x3
[0272.362] GetThemeAppProperties () returned 0x3
[0272.362] IsThemePartDefined () returned 0x1
[0272.362] GdipCreateRegion (region=0xd7e480) returned 0x0
[0272.362] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0272.362] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0272.362] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0272.362] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e498) returned 0x0
[0272.362] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0272.362] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0272.362] LocalFree (hMem=0x11eecc8) returned 0x0
[0272.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0272.363] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0272.363] LocalFree (hMem=0x11eec58) returned 0x0
[0272.363] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0272.363] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0272.363] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0272.363] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0272.363] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0272.363] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0272.363] GetCurrentObject (hdc=0x2f0107e8, type=0x1) returned 0xb00017
[0272.363] GetCurrentObject (hdc=0x2f0107e8, type=0x2) returned 0x900010
[0272.363] GetCurrentObject (hdc=0x2f0107e8, type=0x7) returned 0x4a0507fe
[0272.363] GetCurrentObject (hdc=0x2f0107e8, type=0x6) returned 0x8a01c2
[0272.363] SaveDC (hdc=0x2f0107e8) returned 1
[0272.363] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff040807
[0272.364] GetClipRgn (hdc=0x2f0107e8, hrgn=0xff040807) returned 0
[0272.364] SelectClipRgn (hdc=0x2f0107e8, hrgn=0x920407de) returned 2
[0272.364] DeleteObject (ho=0xff040807) returned 1
[0272.364] DeleteObject (ho=0x920407de) returned 1
[0272.364] OffsetViewportOrgEx (in: hdc=0x2f0107e8, x=0, y=0, lppt=0x2ce298c | out: lppt=0x2ce298c) returned 1
[0272.364] IsAppThemed () returned 0x1
[0272.364] GetThemeAppProperties () returned 0x3
[0272.364] GetThemeAppProperties () returned 0x3
[0272.364] DrawThemeBackground () returned 0x0
[0272.364] RestoreDC (hdc=0x2f0107e8, nSavedDC=-1) returned 1
[0272.364] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e8) returned 0x0
[0272.364] GdipCreateRegion (region=0xd7e484) returned 0x0
[0272.364] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0272.364] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0272.365] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0272.365] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e49c) returned 0x0
[0272.365] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0272.365] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0272.365] LocalFree (hMem=0x11ee868) returned 0x0
[0272.365] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0272.365] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0272.365] LocalFree (hMem=0x11eec58) returned 0x0
[0272.365] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0272.365] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0272.365] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0272.365] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0272.365] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0272.365] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0272.365] GetCurrentObject (hdc=0x2f0107e8, type=0x1) returned 0xb00017
[0272.365] GetCurrentObject (hdc=0x2f0107e8, type=0x2) returned 0x900010
[0272.365] GetCurrentObject (hdc=0x2f0107e8, type=0x7) returned 0x4a0507fe
[0272.366] GetCurrentObject (hdc=0x2f0107e8, type=0x6) returned 0x8a01c2
[0272.366] SaveDC (hdc=0x2f0107e8) returned 1
[0272.366] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x930407de
[0272.366] GetClipRgn (hdc=0x2f0107e8, hrgn=0x930407de) returned 0
[0272.366] SelectClipRgn (hdc=0x2f0107e8, hrgn=0x40807) returned 2
[0272.366] DeleteObject (ho=0x930407de) returned 1
[0272.366] DeleteObject (ho=0x40807) returned 1
[0272.366] OffsetViewportOrgEx (in: hdc=0x2f0107e8, x=0, y=0, lppt=0x2ce2c60 | out: lppt=0x2ce2c60) returned 1
[0272.366] IsAppThemed () returned 0x1
[0272.366] GetThemeAppProperties () returned 0x3
[0272.366] GetThemeAppProperties () returned 0x3
[0272.366] GetThemeBackgroundContentRect () returned 0x0
[0272.366] RestoreDC (hdc=0x2f0107e8, nSavedDC=-1) returned 1
[0272.366] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e8) returned 0x0
[0272.367] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0272.367] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0272.367] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0272.367] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0272.367] IsAppThemed () returned 0x1
[0272.367] GetThemeAppProperties () returned 0x3
[0272.367] GetThemeAppProperties () returned 0x3
[0272.367] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0272.367] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0272.367] GetCurrentObject (hdc=0x2f0107e8, type=0x1) returned 0xb00017
[0272.367] GetCurrentObject (hdc=0x2f0107e8, type=0x2) returned 0x900010
[0272.367] GetCurrentObject (hdc=0x2f0107e8, type=0x7) returned 0x4a0507fe
[0272.367] GetCurrentObject (hdc=0x2f0107e8, type=0x6) returned 0x8a01c2
[0272.367] SaveDC (hdc=0x2f0107e8) returned 1
[0272.367] GetTextAlign (hdc=0x2f0107e8) returned 0x0
[0272.368] GetTextColor (hdc=0x2f0107e8) returned 0x0
[0272.368] GetCurrentObject (hdc=0x2f0107e8, type=0x6) returned 0x8a01c2
[0272.368] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0272.368] SelectObject (hdc=0x2f0107e8, h=0x6d0a0520) returned 0x8a01c2
[0272.368] GetBkMode (hdc=0x2f0107e8) returned 2
[0272.368] SetBkMode (hdc=0x2f0107e8, mode=1) returned 2
[0272.368] DrawTextExW (in: hdc=0x2f0107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ce3024 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0272.368] DrawTextExW (in: hdc=0x2f0107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ce3024 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0272.369] RestoreDC (hdc=0x2f0107e8, nSavedDC=-1) returned 1
[0272.369] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e8) returned 0x0
[0272.369] GetFocus () returned 0x602c4
[0272.369] IsAppThemed () returned 0x1
[0272.369] GetThemeAppProperties () returned 0x3
[0272.369] GetThemeAppProperties () returned 0x3
[0272.369] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0272.369] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x2f0107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0272.370] GdipReleaseDC (graphics=0x6600030, hdc=0x2f0107e8) returned 0x0
[0272.370] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.370] SelectObject (hdc=0x2f0107e8, h=0x85000f) returned 0x4a0507fe
[0272.370] DeleteDC (hdc=0x2f0107e8) returned 1
[0272.370] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.370] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0272.371] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0272.371] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0272.371] WaitMessage () returned 1
[0272.461] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.462] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.462] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.462] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0272.462] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0272.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.462] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.462] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.462] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0272.462] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0272.462] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0019) returned 0x0
[0272.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0272.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0272.462] WaitMessage () returned 1
[0272.615] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.615] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f4) returned 0x1
[0272.616] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.616] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.616] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f4) returned 0x1
[0272.616] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0272.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0036) returned 0x0
[0272.616] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0272.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0272.616] SetCursor (hCursor=0x10003) returned 0x10003
[0272.616] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0272.616] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0272.617] GetKeyState (nVirtKey=1) returned -128
[0272.617] GetKeyState (nVirtKey=2) returned 0
[0272.617] GetKeyState (nVirtKey=4) returned 0
[0272.617] GetKeyState (nVirtKey=5) returned 0
[0272.617] GetKeyState (nVirtKey=6) returned 0
[0272.617] IsWindowVisible (hWnd=0x602c4) returned 1
[0272.617] IsWindowEnabled (hWnd=0x602c4) returned 1
[0272.617] SetFocus (hWnd=0x602c4) returned 0x602c4
[0272.617] GetFocus () returned 0x602c4
[0272.617] GetFocus () returned 0x602c4
[0272.617] GetFocus () returned 0x602c4
[0272.617] GetKeyState (nVirtKey=1) returned -128
[0272.617] GetKeyState (nVirtKey=2) returned 0
[0272.617] GetKeyState (nVirtKey=4) returned 0
[0272.617] GetKeyState (nVirtKey=5) returned 0
[0272.617] GetKeyState (nVirtKey=6) returned 0
[0272.617] GetCapture () returned 0x0
[0272.617] SetCapture (hWnd=0x602c4) returned 0x0
[0272.617] GetKeyState (nVirtKey=1) returned -128
[0272.617] GetKeyState (nVirtKey=2) returned 0
[0272.617] GetKeyState (nVirtKey=4) returned 0
[0272.618] GetKeyState (nVirtKey=5) returned 0
[0272.618] GetKeyState (nVirtKey=6) returned 0
[0272.618] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0272.618] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0272.618] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.618] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.618] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0272.618] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0272.618] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0272.618] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ce31a8, cPoints=0x1 | out: lpPoints=0x2ce31a8) returned 40304859
[0272.618] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0272.618] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0272.618] UpdateWindow (hWnd=0x602c4) returned 1
[0272.619] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0272.619] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.619] CreateCompatibleDC (hdc=0x10105d6) returned 0x300107e8
[0272.619] SelectObject (hdc=0x300107e8, h=0x4a0507fe) returned 0x85000f
[0272.619] GdipCreateFromHDC (hdc=0x300107e8, graphics=0xd7e430) returned 0x0
[0272.619] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0272.619] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0272.619] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0272.619] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0272.620] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e490) returned 0x0
[0272.620] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0272.620] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0272.620] LocalFree (hMem=0x11ee9f0) returned 0x0
[0272.620] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0272.620] GdipCreateRegion (region=0xd7e478) returned 0x0
[0272.620] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0272.620] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0272.620] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0272.620] GdipRestoreGraphics (graphics=0x6600030, state=0xf7220dbd) returned 0x0
[0272.620] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0272.620] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0272.620] GetCurrentObject (hdc=0x300107e8, type=0x1) returned 0xb00017
[0272.620] GetCurrentObject (hdc=0x300107e8, type=0x2) returned 0x900010
[0272.620] GetCurrentObject (hdc=0x300107e8, type=0x7) returned 0x4a0507fe
[0272.621] GetCurrentObject (hdc=0x300107e8, type=0x6) returned 0x8a01c2
[0272.621] SaveDC (hdc=0x300107e8) returned 1
[0272.621] GetNearestColor (hdc=0x300107e8, color=0xff) returned 0xff
[0272.621] GetNearestColor (hdc=0x300107e8, color=0x55) returned 0x55
[0272.621] GetNearestColor (hdc=0x300107e8, color=0x0) returned 0x0
[0272.621] GetNearestColor (hdc=0x300107e8, color=0x55) returned 0x55
[0272.621] GetNearestColor (hdc=0x300107e8, color=0x0) returned 0x0
[0272.621] GetNearestColor (hdc=0x300107e8, color=0x8080ff) returned 0x8080ff
[0272.621] GetNearestColor (hdc=0x300107e8, color=0x7373e5) returned 0x7373e5
[0272.621] GetNearestColor (hdc=0x300107e8, color=0xe5) returned 0xe5
[0272.621] GetNearestColor (hdc=0x300107e8, color=0x0) returned 0x0
[0272.621] RestoreDC (hdc=0x300107e8, nSavedDC=-1) returned 1
[0272.622] GdipReleaseDC (graphics=0x6600030, hdc=0x300107e8) returned 0x0
[0272.622] IsAppThemed () returned 0x1
[0272.622] GetThemeAppProperties () returned 0x3
[0272.622] GetThemeAppProperties () returned 0x3
[0272.622] IsAppThemed () returned 0x1
[0272.622] GetThemeAppProperties () returned 0x3
[0272.622] GetThemeAppProperties () returned 0x3
[0272.622] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2ce38c4 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0272.622] IsAppThemed () returned 0x1
[0272.622] GetThemeAppProperties () returned 0x3
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] IsAppThemed () returned 0x1
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] IsAppThemed () returned 0x1
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] IsAppThemed () returned 0x1
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] IsThemePartDefined () returned 0x1
[0272.623] IsAppThemed () returned 0x1
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0272.623] IsAppThemed () returned 0x1
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] GetThemeAppProperties () returned 0x3
[0272.623] IsAppThemed () returned 0x1
[0272.623] GetThemeAppProperties () returned 0x3
[0272.624] GetThemeAppProperties () returned 0x3
[0272.624] IsThemePartDefined () returned 0x1
[0272.624] GdipCreateRegion (region=0xd7e194) returned 0x0
[0272.624] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0272.624] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0272.624] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0272.624] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e1ac) returned 0x0
[0272.624] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0272.624] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0272.624] LocalFree (hMem=0x11ee9f0) returned 0x0
[0272.624] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0272.624] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea60) returned 0x0
[0272.624] LocalFree (hMem=0x11eea60) returned 0x0
[0272.624] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0272.624] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0272.624] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0272.624] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0272.625] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0272.625] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0272.625] GetCurrentObject (hdc=0x300107e8, type=0x1) returned 0xb00017
[0272.625] GetCurrentObject (hdc=0x300107e8, type=0x2) returned 0x900010
[0272.625] GetCurrentObject (hdc=0x300107e8, type=0x7) returned 0x4a0507fe
[0272.625] GetCurrentObject (hdc=0x300107e8, type=0x6) returned 0x8a01c2
[0272.625] SaveDC (hdc=0x300107e8) returned 1
[0272.625] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1040807
[0272.625] GetClipRgn (hdc=0x300107e8, hrgn=0x1040807) returned 0
[0272.625] SelectClipRgn (hdc=0x300107e8, hrgn=0x970407de) returned 2
[0272.625] DeleteObject (ho=0x1040807) returned 1
[0272.625] DeleteObject (ho=0x970407de) returned 1
[0272.625] OffsetViewportOrgEx (in: hdc=0x300107e8, x=0, y=0, lppt=0x2ce3f74 | out: lppt=0x2ce3f74) returned 1
[0272.625] DrawThemeParentBackground () returned 0x0
[0272.626] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0272.626] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0272.626] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.626] GetSystemMetrics (nIndex=42) returned 0
[0272.626] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0272.626] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0272.626] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0272.626] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0272.626] SelectPalette (hdc=0x300107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.626] GdipCreateFromHDC (hdc=0x300107e8, graphics=0xd7dc88) returned 0x0
[0272.627] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0272.627] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0272.627] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638b78) returned 0x0
[0272.627] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc60) returned 0x0
[0272.627] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0272.627] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0272.627] GdipGetClip (graphics=0x6635e20, region=0x66464d8) returned 0x0
[0272.627] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6635e20, result=0xd7dc54) returned 0x0
[0272.627] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0272.627] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc80) returned 0x0
[0272.627] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0272.635] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635a70, x=0, y=0, width=801, height=453) returned 0x0
[0272.636] GdipDeleteBrush (brush=0x6635a70) returned 0x0
[0272.638] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0272.638] SelectPalette (hdc=0x300107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.638] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.638] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.638] GetSystemMetrics (nIndex=42) returned 0
[0272.638] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.638] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0272.638] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0272.638] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0272.638] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0272.638] SelectPalette (hdc=0x300107e8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.639] GdipCreateFromHDC (hdc=0x300107e8, graphics=0xd7dc28) returned 0x0
[0272.639] GdipSetPageUnit (graphics=0x6635e20, unit=0x2) returned 0x0
[0272.639] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0272.639] GdipGetWorldTransform (graphics=0x6635e20, matrix=0x6638d58) returned 0x0
[0272.639] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0272.639] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0272.639] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0272.639] GdipGetClip (graphics=0x6635e20, region=0x6646298) returned 0x0
[0272.639] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6635e20, result=0xd7dbf4) returned 0x0
[0272.639] GdipDeleteRegion (region=0x6646298) returned 0x0
[0272.639] GdipSaveGraphics (graphics=0x6635e20, state=0xd7dc20) returned 0x0
[0272.639] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0272.647] GdipFillRectangleI (graphics=0x6635e20, brush=0x6635800, x=0, y=0, width=801, height=453) returned 0x0
[0272.647] GdipDeleteBrush (brush=0x6635800) returned 0x0
[0272.649] GdipRestoreGraphics (graphics=0x6635e20, state=0xf71e0dbd) returned 0x0
[0272.649] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.649] GetSystemMetrics (nIndex=42) returned 0
[0272.649] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0272.650] GdipDeleteGraphics (graphics=0x6635e20) returned 0x0
[0272.650] SelectPalette (hdc=0x300107e8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.650] RestoreDC (hdc=0x300107e8, nSavedDC=-1) returned 1
[0272.650] GdipReleaseDC (graphics=0x6600030, hdc=0x300107e8) returned 0x0
[0272.650] IsAppThemed () returned 0x1
[0272.650] GetThemeAppProperties () returned 0x3
[0272.650] GetThemeAppProperties () returned 0x3
[0272.650] IsAppThemed () returned 0x1
[0272.650] GetThemeAppProperties () returned 0x3
[0272.650] GetThemeAppProperties () returned 0x3
[0272.650] IsThemePartDefined () returned 0x1
[0272.650] GdipCreateRegion (region=0xd7e118) returned 0x0
[0272.651] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0272.651] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0272.651] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0272.651] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e130) returned 0x0
[0272.651] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0272.651] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0272.651] LocalFree (hMem=0x11ee788) returned 0x0
[0272.651] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0272.651] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0272.651] LocalFree (hMem=0x11ee8d8) returned 0x0
[0272.651] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0272.651] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e158) returned 0x0
[0272.651] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e148) returned 0x0
[0272.651] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0272.651] GdipDeleteRegion (region=0x6646328) returned 0x0
[0272.651] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0272.652] GetCurrentObject (hdc=0x300107e8, type=0x1) returned 0xb00017
[0272.652] GetCurrentObject (hdc=0x300107e8, type=0x2) returned 0x900010
[0272.652] GetCurrentObject (hdc=0x300107e8, type=0x7) returned 0x4a0507fe
[0272.652] GetCurrentObject (hdc=0x300107e8, type=0x6) returned 0x8a01c2
[0272.652] SaveDC (hdc=0x300107e8) returned 1
[0272.652] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x980407de
[0272.652] GetClipRgn (hdc=0x300107e8, hrgn=0x980407de) returned 0
[0272.652] SelectClipRgn (hdc=0x300107e8, hrgn=0x3040807) returned 2
[0272.652] DeleteObject (ho=0x980407de) returned 1
[0272.652] DeleteObject (ho=0x3040807) returned 1
[0272.652] OffsetViewportOrgEx (in: hdc=0x300107e8, x=0, y=0, lppt=0x2cea7c4 | out: lppt=0x2cea7c4) returned 1
[0272.652] IsAppThemed () returned 0x1
[0272.652] GetThemeAppProperties () returned 0x3
[0272.653] GetThemeAppProperties () returned 0x3
[0272.653] DrawThemeBackground () returned 0x0
[0272.653] RestoreDC (hdc=0x300107e8, nSavedDC=-1) returned 1
[0272.653] GdipReleaseDC (graphics=0x6600030, hdc=0x300107e8) returned 0x0
[0272.653] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0272.653] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0272.653] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0272.653] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0272.653] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e134) returned 0x0
[0272.653] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0272.653] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee910) returned 0x0
[0272.653] LocalFree (hMem=0x11ee910) returned 0x0
[0272.653] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0272.653] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0272.654] LocalFree (hMem=0x11eec58) returned 0x0
[0272.654] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0272.654] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0272.654] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0272.654] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0272.654] GdipDeleteRegion (region=0x6646718) returned 0x0
[0272.654] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0272.654] GetCurrentObject (hdc=0x300107e8, type=0x1) returned 0xb00017
[0272.654] GetCurrentObject (hdc=0x300107e8, type=0x2) returned 0x900010
[0272.654] GetCurrentObject (hdc=0x300107e8, type=0x7) returned 0x4a0507fe
[0272.654] GetCurrentObject (hdc=0x300107e8, type=0x6) returned 0x8a01c2
[0272.654] SaveDC (hdc=0x300107e8) returned 1
[0272.654] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4040807
[0272.654] GetClipRgn (hdc=0x300107e8, hrgn=0x4040807) returned 0
[0272.655] SelectClipRgn (hdc=0x300107e8, hrgn=0x990407de) returned 2
[0272.655] DeleteObject (ho=0x4040807) returned 1
[0272.655] DeleteObject (ho=0x990407de) returned 1
[0272.655] OffsetViewportOrgEx (in: hdc=0x300107e8, x=0, y=0, lppt=0x2ceaa98 | out: lppt=0x2ceaa98) returned 1
[0272.655] IsAppThemed () returned 0x1
[0272.655] GetThemeAppProperties () returned 0x3
[0272.655] GetThemeAppProperties () returned 0x3
[0272.655] GetThemeBackgroundContentRect () returned 0x0
[0272.655] RestoreDC (hdc=0x300107e8, nSavedDC=-1) returned 1
[0272.655] GdipReleaseDC (graphics=0x6600030, hdc=0x300107e8) returned 0x0
[0272.655] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0272.655] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0272.655] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0272.655] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0272.655] IsAppThemed () returned 0x1
[0272.656] GetThemeAppProperties () returned 0x3
[0272.656] GetThemeAppProperties () returned 0x3
[0272.656] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0272.656] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0272.656] GetCurrentObject (hdc=0x300107e8, type=0x1) returned 0xb00017
[0272.656] GetCurrentObject (hdc=0x300107e8, type=0x2) returned 0x900010
[0272.656] GetCurrentObject (hdc=0x300107e8, type=0x7) returned 0x4a0507fe
[0272.656] GetCurrentObject (hdc=0x300107e8, type=0x6) returned 0x8a01c2
[0272.656] SaveDC (hdc=0x300107e8) returned 1
[0272.656] GetTextAlign (hdc=0x300107e8) returned 0x0
[0272.656] GetTextColor (hdc=0x300107e8) returned 0x0
[0272.656] GetCurrentObject (hdc=0x300107e8, type=0x6) returned 0x8a01c2
[0272.656] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0272.657] SelectObject (hdc=0x300107e8, h=0x6d0a0520) returned 0x8a01c2
[0272.657] GetBkMode (hdc=0x300107e8) returned 2
[0272.657] SetBkMode (hdc=0x300107e8, mode=1) returned 2
[0272.657] DrawTextExW (in: hdc=0x300107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2ceae5c | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0272.657] DrawTextExW (in: hdc=0x300107e8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2ceae5c | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0272.658] RestoreDC (hdc=0x300107e8, nSavedDC=-1) returned 1
[0272.658] GdipReleaseDC (graphics=0x6600030, hdc=0x300107e8) returned 0x0
[0272.658] GetFocus () returned 0x602c4
[0272.658] IsAppThemed () returned 0x1
[0272.658] GetThemeAppProperties () returned 0x3
[0272.658] GetThemeAppProperties () returned 0x3
[0272.658] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0272.658] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x300107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0272.658] GdipReleaseDC (graphics=0x6600030, hdc=0x300107e8) returned 0x0
[0272.659] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.659] SelectObject (hdc=0x300107e8, h=0x85000f) returned 0x4a0507fe
[0272.659] DeleteDC (hdc=0x300107e8) returned 1
[0272.659] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.659] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0272.659] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ceaf58, cPoints=0x1 | out: lpPoints=0x2ceaf58) returned 40304859
[0272.659] WindowFromPoint (Point=0xf4) returned 0x602c4
[0272.660] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f4) returned 0x1
[0272.660] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0272.660] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0272.660] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0272.660] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0272.660] GetSystemMetrics (nIndex=42) returned 0
[0272.660] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0272.660] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0272.662] GetCapture () returned 0x602c4
[0272.662] ReleaseCapture () returned 1
[0272.662] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0272.662] GetProcessWindowStation () returned 0x13c
[0272.663] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.663] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0272.664] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.664] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0272.664] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.664] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0272.664] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.664] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0272.665] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.665] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0272.665] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.665] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0272.665] GetDC (hWnd=0x0) returned 0xf0105ee
[0272.665] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0272.666] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0272.666] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.666] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0272.666] GetSystemMetrics (nIndex=5) returned 1
[0272.666] GetSystemMetrics (nIndex=6) returned 1
[0272.666] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.667] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0272.667] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.667] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0272.671] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0272.672] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0272.672] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.672] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0272.672] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.672] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0272.673] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2cf0974 | out: lpData=0x2cf0974) returned 1
[0272.674] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf0d84, puLen=0xd7e810) returned 1
[0272.674] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0a2c, puLen=0xd7e790) returned 1
[0272.674] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0a80, puLen=0xd7e790) returned 1
[0272.674] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0b00, puLen=0xd7e790) returned 1
[0272.674] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0b68, puLen=0xd7e790) returned 1
[0272.674] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0ba8, puLen=0xd7e790) returned 1
[0272.674] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0c30, puLen=0xd7e790) returned 1
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0c6c, puLen=0xd7e790) returned 1
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0cc4, puLen=0xd7e790) returned 1
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0cf4, puLen=0xd7e790) returned 1
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0d30, puLen=0xd7e790) returned 1
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf0d84, puLen=0xd7e784) returned 1
[0272.675] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.675] VerQueryValueW (in: pBlock=0x2cf0974, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf099c, puLen=0xd7e794) returned 1
[0272.676] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0272.676] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0272.676] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.676] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0272.676] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.676] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0272.676] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2cf28e4 | out: lpData=0x2cf28e4) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf2980, puLen=0xd7e810) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf29f8, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2a28, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2a64, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2a94, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2adc, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2b54, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2b98, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2bd8, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf29d6, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2b24, puLen=0xd7e790) returned 1
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf2980, puLen=0xd7e784) returned 1
[0272.677] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0272.677] VerQueryValueW (in: pBlock=0x2cf28e4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf290c, puLen=0xd7e794) returned 1
[0272.678] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0272.678] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0272.678] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.679] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0272.679] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.679] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0272.680] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2cf4bbc | out: lpData=0x2cf4bbc) returned 1
[0272.680] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf4fd0, puLen=0xd7e810) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4c74, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4cc8, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4d24, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4d84, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4ddc, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4e64, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4eb8, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4f10, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4f40, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4f7c, puLen=0xd7e790) returned 1
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf4fd0, puLen=0xd7e784) returned 1
[0272.681] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.681] VerQueryValueW (in: pBlock=0x2cf4bbc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf4be4, puLen=0xd7e794) returned 1
[0272.682] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0272.682] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0272.682] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.682] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0272.683] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.683] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0272.684] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2cf71f4 | out: lpData=0x2cf71f4) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf75f4, puLen=0xd7e810) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf72ac, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7300, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7340, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf73a8, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7400, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7488, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf74dc, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7534, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7564, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf75a0, puLen=0xd7e790) returned 1
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.685] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf75f4, puLen=0xd7e784) returned 1
[0272.686] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.686] VerQueryValueW (in: pBlock=0x2cf71f4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf721c, puLen=0xd7e794) returned 1
[0272.687] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0272.687] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0272.687] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.687] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0272.687] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.687] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0272.688] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2cf9930 | out: lpData=0x2cf9930) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf9cf8, puLen=0xd7e810) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf99e8, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9a3c, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9a7c, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9ae4, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9b20, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9ba8, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9be0, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9c38, puLen=0xd7e790) returned 1
[0272.689] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9c68, puLen=0xd7e790) returned 1
[0272.690] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.690] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf9ca4, puLen=0xd7e790) returned 1
[0272.690] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.690] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf9cf8, puLen=0xd7e784) returned 1
[0272.690] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.690] VerQueryValueW (in: pBlock=0x2cf9930, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf9958, puLen=0xd7e794) returned 1
[0272.691] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0272.691] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0272.691] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.691] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0272.691] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.691] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0272.692] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2cfcf98 | out: lpData=0x2cfcf98) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cfd378, puLen=0xd7e810) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd050, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd0a4, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd0e4, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd144, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd190, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd218, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd260, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd2b8, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd2e8, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd324, puLen=0xd7e790) returned 1
[0272.693] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.694] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cfd378, puLen=0xd7e784) returned 1
[0272.694] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.694] VerQueryValueW (in: pBlock=0x2cfcf98, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cfcfc0, puLen=0xd7e794) returned 1
[0272.695] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0272.695] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0272.695] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.695] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0272.695] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.695] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0272.696] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2cff7b8 | out: lpData=0x2cff7b8) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cffbc4, puLen=0xd7e810) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cff870, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cff8c4, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cff918, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cff978, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cff9d0, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffa58, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffaac, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffb04, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffb34, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffb70, puLen=0xd7e790) returned 1
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.697] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cffbc4, puLen=0xd7e784) returned 1
[0272.698] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.698] VerQueryValueW (in: pBlock=0x2cff7b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cff7e0, puLen=0xd7e794) returned 1
[0272.699] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0272.699] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0272.699] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.699] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0272.699] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.699] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0272.703] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d01fcc | out: lpData=0x2d01fcc) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d023a4, puLen=0xd7e810) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02084, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d020d8, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02118, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02180, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d021c4, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0224c, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0228c, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d022e4, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02314, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02350, puLen=0xd7e790) returned 1
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.704] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d023a4, puLen=0xd7e784) returned 1
[0272.704] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.705] VerQueryValueW (in: pBlock=0x2d01fcc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d01ff4, puLen=0xd7e794) returned 1
[0272.706] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0272.706] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0272.706] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.706] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0272.706] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.706] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0272.707] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d04524 | out: lpData=0x2d04524) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d048fc, puLen=0xd7e810) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d045dc, puLen=0xd7e790) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04630, puLen=0xd7e790) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04670, puLen=0xd7e790) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d046d8, puLen=0xd7e790) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0471c, puLen=0xd7e790) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d047a4, puLen=0xd7e790) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d047e4, puLen=0xd7e790) returned 1
[0272.708] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0483c, puLen=0xd7e790) returned 1
[0272.709] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0486c, puLen=0xd7e790) returned 1
[0272.709] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.709] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d048a8, puLen=0xd7e790) returned 1
[0272.709] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.709] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d048fc, puLen=0xd7e784) returned 1
[0272.709] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.709] VerQueryValueW (in: pBlock=0x2d04524, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d0454c, puLen=0xd7e794) returned 1
[0272.710] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0272.710] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0272.710] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0272.710] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0272.710] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0272.710] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0272.711] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d06c5c | out: lpData=0x2d06c5c) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d0708c, puLen=0xd7e810) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06d14, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06d68, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06dd8, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06e38, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06e94, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06f1c, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06f74, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06fcc, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d06ffc, puLen=0xd7e790) returned 1
[0272.712] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.713] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d07038, puLen=0xd7e790) returned 1
[0272.713] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0272.713] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d0708c, puLen=0xd7e784) returned 1
[0272.713] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0272.713] VerQueryValueW (in: pBlock=0x2d06c5c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d06c84, puLen=0xd7e794) returned 1
[0272.713] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0272.714] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.714] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0272.714] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.714] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.714] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2002d0
[0272.715] SetWindowLongW (hWnd=0x2002d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0272.715] GetWindowLongW (hWnd=0x2002d0, nIndex=-4) returned 1950089536
[0272.716] SetWindowLongW (hWnd=0x2002d0, nIndex=-4, dwNewLong=19946718) returned 1950089536
[0272.716] GetWindowLongW (hWnd=0x2002d0, nIndex=-4) returned 19946718
[0272.716] GetWindowLongW (hWnd=0x2002d0, nIndex=-16) returned 113311744
[0272.717] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0272.717] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0272.717] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0272.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0272.718] GetClientRect (in: hWnd=0x2002d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0272.718] GetWindowRect (in: hWnd=0x2002d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0272.718] SetWindowTextW (hWnd=0x2002d0, lpString="WindowsFormsParkingWindow") returned 1
[0272.718] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0xc, wParam=0x0, lParam=0x2ccc230) returned 0x1
[0272.719] GetParent (hWnd=0x2002d0) returned 0x0
[0272.719] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.719] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2002d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2502c8
[0272.720] SetWindowLongW (hWnd=0x2502c8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0272.720] GetWindowLongW (hWnd=0x2502c8, nIndex=-4) returned 1868147648
[0272.720] SetWindowLongW (hWnd=0x2502c8, nIndex=-4, dwNewLong=19947638) returned 1868147648
[0272.720] GetWindowLongW (hWnd=0x2502c8, nIndex=-4) returned 19947638
[0272.720] GetWindowLongW (hWnd=0x2502c8, nIndex=-16) returned 1174405133
[0272.720] GetWindowLongW (hWnd=0x2502c8, nIndex=-12) returned 0
[0272.720] SetWindowLongW (hWnd=0x2502c8, nIndex=-12, dwNewLong=2425544) returned 0
[0272.721] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0272.721] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0272.721] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0272.722] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0272.722] GetWindowRect (in: hWnd=0x2502c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0272.722] GetParent (hWnd=0x2502c8) returned 0x2002d0
[0272.722] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2002d0, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0272.723] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0272.723] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0272.723] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0272.723] GetWindowRect (in: hWnd=0x2502c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0272.723] GetParent (hWnd=0x2502c8) returned 0x2002d0
[0272.724] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2002d0, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0272.724] SendMessageW (hWnd=0x2502c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2502c8) returned 0x0
[0272.724] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2502c8) returned 0x0
[0272.724] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.724] GetParent (hWnd=0x2502c8) returned 0x2002d0
[0272.724] GdipCreateFromHWND (hwnd=0x2502c8, graphics=0xd7e844) returned 0x0
[0272.725] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0272.725] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.725] GetForegroundWindow () returned 0x7005c
[0272.725] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.725] GetSystemMetrics (nIndex=42) returned 0
[0272.725] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0272.726] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0272.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.726] GetSystemMetrics (nIndex=42) returned 0
[0272.726] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0272.726] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.726] GetCursorPos (in: lpPoint=0x2d0b0e0 | out: lpPoint=0x2d0b0e0*(x=244, y=628)) returned 1
[0272.727] MonitorFromPoint (pt=0xf4, dwFlags=0x274) returned 0x10001
[0272.727] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0272.727] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x330107e8
[0272.727] GetDeviceCaps (hdc=0x330107e8, index=12) returned 32
[0272.727] GetDeviceCaps (hdc=0x330107e8, index=14) returned 1
[0272.727] DeleteDC (hdc=0x330107e8) returned 1
[0272.727] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0272.727] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0272.727] GetSystemMetrics (nIndex=59) returned 1460
[0272.727] GetSystemMetrics (nIndex=60) returned 920
[0272.728] GetSystemMetrics (nIndex=34) returned 136
[0272.728] GetSystemMetrics (nIndex=35) returned 39
[0272.728] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.728] GetCursorPos (in: lpPoint=0x2d0b34c | out: lpPoint=0x2d0b34c*(x=244, y=628)) returned 1
[0272.728] MonitorFromPoint (pt=0xf4, dwFlags=0x274) returned 0x10001
[0272.728] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0272.728] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x340107e8
[0272.729] GetDeviceCaps (hdc=0x340107e8, index=12) returned 32
[0272.729] GetDeviceCaps (hdc=0x340107e8, index=14) returned 1
[0272.729] DeleteDC (hdc=0x340107e8) returned 1
[0272.729] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0272.729] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0272.729] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.729] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0272.729] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d0b5e4 | out: piconinfo=0x2d0b5e4) returned 1
[0272.730] GetObjectW (in: h=0xdc0507fc, c=24, pv=0x2d0b600 | out: pv=0x2d0b600) returned 24
[0272.730] GdipCreateBitmapFromHBITMAP (hbm=0xdc0507fc, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0272.730] GdipGetImageWidth (image=0x6603778, width=0xd7e750) returned 0x0
[0272.730] GdipGetImageHeight (image=0x6603778, height=0xd7e748) returned 0x0
[0272.730] GdipGetImagePixelFormat (image=0x6603778, format=0xd7e740) returned 0x0
[0272.730] GdipBitmapLockBits (bitmap=0x6603778, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d0b6b8) returned 0x0
[0272.731] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0272.731] GdipBitmapLockBits (bitmap=0x66023c8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d0b6f0) returned 0x0
[0272.731] RtlMoveMemory (in: Destination=0x665ff50, Source=0x665deb8, Length=0x80 | out: Destination=0x665ff50)
[0272.731] RtlMoveMemory (in: Destination=0x665ffd0, Source=0x665de38, Length=0x80 | out: Destination=0x665ffd0)
[0272.731] RtlMoveMemory (in: Destination=0x6660050, Source=0x665ddb8, Length=0x80 | out: Destination=0x6660050)
[0272.731] RtlMoveMemory (in: Destination=0x66600d0, Source=0x665dd38, Length=0x80 | out: Destination=0x66600d0)
[0272.731] RtlMoveMemory (in: Destination=0x6660150, Source=0x665dcb8, Length=0x80 | out: Destination=0x6660150)
[0272.731] RtlMoveMemory (in: Destination=0x66601d0, Source=0x665dc38, Length=0x80 | out: Destination=0x66601d0)
[0272.731] RtlMoveMemory (in: Destination=0x6660250, Source=0x665dbb8, Length=0x80 | out: Destination=0x6660250)
[0272.733] RtlMoveMemory (in: Destination=0x66602d0, Source=0x665db38, Length=0x80 | out: Destination=0x66602d0)
[0272.733] RtlMoveMemory (in: Destination=0x6660350, Source=0x665dab8, Length=0x80 | out: Destination=0x6660350)
[0272.733] RtlMoveMemory (in: Destination=0x66603d0, Source=0x665da38, Length=0x80 | out: Destination=0x66603d0)
[0272.733] RtlMoveMemory (in: Destination=0x6660450, Source=0x665d9b8, Length=0x80 | out: Destination=0x6660450)
[0272.733] RtlMoveMemory (in: Destination=0x66604d0, Source=0x665d938, Length=0x80 | out: Destination=0x66604d0)
[0272.733] RtlMoveMemory (in: Destination=0x6660550, Source=0x665d8b8, Length=0x80 | out: Destination=0x6660550)
[0272.733] RtlMoveMemory (in: Destination=0x66605d0, Source=0x665d838, Length=0x80 | out: Destination=0x66605d0)
[0272.733] RtlMoveMemory (in: Destination=0x6660650, Source=0x665d7b8, Length=0x80 | out: Destination=0x6660650)
[0272.733] RtlMoveMemory (in: Destination=0x66606d0, Source=0x665d738, Length=0x80 | out: Destination=0x66606d0)
[0272.733] RtlMoveMemory (in: Destination=0x6660750, Source=0x665d6b8, Length=0x80 | out: Destination=0x6660750)
[0272.733] RtlMoveMemory (in: Destination=0x66607d0, Source=0x665d638, Length=0x80 | out: Destination=0x66607d0)
[0272.733] RtlMoveMemory (in: Destination=0x6660850, Source=0x665d5b8, Length=0x80 | out: Destination=0x6660850)
[0272.733] RtlMoveMemory (in: Destination=0x66608d0, Source=0x665d538, Length=0x80 | out: Destination=0x66608d0)
[0272.733] RtlMoveMemory (in: Destination=0x6660950, Source=0x665d4b8, Length=0x80 | out: Destination=0x6660950)
[0272.734] RtlMoveMemory (in: Destination=0x66609d0, Source=0x665d438, Length=0x80 | out: Destination=0x66609d0)
[0272.734] RtlMoveMemory (in: Destination=0x6660a50, Source=0x665d3b8, Length=0x80 | out: Destination=0x6660a50)
[0272.734] RtlMoveMemory (in: Destination=0x6660ad0, Source=0x665d338, Length=0x80 | out: Destination=0x6660ad0)
[0272.734] RtlMoveMemory (in: Destination=0x6660b50, Source=0x665d2b8, Length=0x80 | out: Destination=0x6660b50)
[0272.734] RtlMoveMemory (in: Destination=0x6660bd0, Source=0x665d238, Length=0x80 | out: Destination=0x6660bd0)
[0272.734] RtlMoveMemory (in: Destination=0x6660c50, Source=0x665d1b8, Length=0x80 | out: Destination=0x6660c50)
[0272.734] RtlMoveMemory (in: Destination=0x6660cd0, Source=0x665d138, Length=0x80 | out: Destination=0x6660cd0)
[0272.734] RtlMoveMemory (in: Destination=0x6660d50, Source=0x665d0b8, Length=0x80 | out: Destination=0x6660d50)
[0272.734] RtlMoveMemory (in: Destination=0x6660dd0, Source=0x665d038, Length=0x80 | out: Destination=0x6660dd0)
[0272.734] RtlMoveMemory (in: Destination=0x6660e50, Source=0x665cfb8, Length=0x80 | out: Destination=0x6660e50)
[0272.734] RtlMoveMemory (in: Destination=0x6660ed0, Source=0x665cf38, Length=0x80 | out: Destination=0x6660ed0)
[0272.734] GdipBitmapUnlockBits (bitmap=0x6603778, lockedBitmapData=0x2d0b6b8) returned 0x0
[0272.734] GdipBitmapUnlockBits (bitmap=0x66023c8, lockedBitmapData=0x2d0b6f0) returned 0x0
[0272.734] GdipDisposeImage (image=0x6603778) returned 0x0
[0272.734] DeleteObject (ho=0xdc0507fc) returned 1
[0272.735] DeleteObject (ho=0x350507e8) returned 1
[0272.735] GetCurrentThreadId () returned 0xf50
[0272.735] GetCurrentThreadId () returned 0xf50
[0272.735] SetWindowPos (hWnd=0x2502c8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0272.735] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0272.735] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0272.735] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0272.736] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0272.736] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0272.736] GetWindowRect (in: hWnd=0x2502c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0272.736] GetParent (hWnd=0x2502c8) returned 0x2002d0
[0272.736] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2002d0, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0272.736] InvalidateRect (hWnd=0x2502c8, lpRect=0x0, bErase=1) returned 1
[0272.736] GetWindowTextLengthW (hWnd=0x2502c8) returned 0
[0272.736] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0272.736] GetSystemMetrics (nIndex=42) returned 0
[0272.736] GetWindowTextW (in: hWnd=0x2502c8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0272.736] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0272.736] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0272.736] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0272.736] GetWindowRect (in: hWnd=0x2502c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0272.736] GetParent (hWnd=0x2502c8) returned 0x2002d0
[0272.736] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2002d0, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0272.737] GetWindowTextLengthW (hWnd=0x2502c8) returned 0
[0272.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0272.737] GetSystemMetrics (nIndex=42) returned 0
[0272.737] GetWindowTextW (in: hWnd=0x2502c8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0272.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0272.737] GetWindowTextLengthW (hWnd=0x2502c8) returned 0
[0272.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0272.737] GetSystemMetrics (nIndex=42) returned 0
[0272.737] GetWindowTextW (in: hWnd=0x2502c8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0272.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0272.737] SetWindowTextW (hWnd=0x2502c8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0272.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xc, wParam=0x0, lParam=0x2cec54c) returned 0x1
[0272.737] InvalidateRect (hWnd=0x2502c8, lpRect=0x0, bErase=1) returned 1
[0272.737] GetCurrentThreadId () returned 0xf50
[0272.737] GetWindowThreadProcessId (in: hWnd=0x2502c8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0272.738] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0272.739] GdipImageForceValidation (image=0x6602080) returned 0x0
[0272.741] GdipGetImageRawFormat (image=0x6602080, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0272.741] GdipGetImageHeight (image=0x6602080, height=0xd7e824) returned 0x0
[0272.741] GdipGetImageWidth (image=0x6602080, width=0xd7e824) returned 0x0
[0272.741] GdipGetImageWidth (image=0x6602080, width=0xd7e810) returned 0x0
[0272.741] GdipGetImageHeight (image=0x6602080, height=0xd7e810) returned 0x0
[0272.741] GdipGetImageWidth (image=0x6602080, width=0xd7e800) returned 0x0
[0272.741] GdipGetImageHeight (image=0x6602080, height=0xd7e800) returned 0x0
[0272.741] GdipBitmapGetPixel (bitmap=0x6602080, x=0, y=15, color=0xd7e810) returned 0x0
[0272.741] GdipGetImageRawFormat (image=0x6602080, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0272.741] GdipGetImageWidth (image=0x6602080, width=0xd7e740) returned 0x0
[0272.741] GdipGetImageHeight (image=0x6602080, height=0xd7e740) returned 0x0
[0272.741] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0272.741] GdipGetImagePixelFormat (image=0x6600cd0, format=0xd7e740) returned 0x0
[0272.742] GdipGetImageGraphicsContext (image=0x6600cd0, graphics=0xd7e74c) returned 0x0
[0272.742] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0272.742] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0272.742] GdipSetImageAttributesColorKeys (imageattr=0x6638b18, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0272.742] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602080, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b18, callback=0x0, callbackData=0x0) returned 0x0
[0272.742] GdipDisposeImageAttributes (imageattr=0x6638b18) returned 0x0
[0272.742] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.742] GdipDisposeImage (image=0x6602080) returned 0x0
[0272.743] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0272.744] GdipImageForceValidation (image=0x6603778) returned 0x0
[0272.745] GdipGetImageRawFormat (image=0x6603778, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0272.745] GdipGetImageHeight (image=0x6603778, height=0xd7e824) returned 0x0
[0272.746] GdipGetImageWidth (image=0x6603778, width=0xd7e824) returned 0x0
[0272.746] GdipGetImageWidth (image=0x6603778, width=0xd7e810) returned 0x0
[0272.746] GdipGetImageHeight (image=0x6603778, height=0xd7e810) returned 0x0
[0272.746] GdipGetImageWidth (image=0x6603778, width=0xd7e800) returned 0x0
[0272.746] GdipGetImageHeight (image=0x6603778, height=0xd7e800) returned 0x0
[0272.746] GdipBitmapGetPixel (bitmap=0x6603778, x=0, y=15, color=0xd7e810) returned 0x0
[0272.746] GdipGetImageRawFormat (image=0x6603778, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0272.746] GdipGetImageWidth (image=0x6603778, width=0xd7e740) returned 0x0
[0272.746] GdipGetImageHeight (image=0x6603778, height=0xd7e740) returned 0x0
[0272.746] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0272.746] GdipGetImagePixelFormat (image=0x6601018, format=0xd7e740) returned 0x0
[0272.746] GdipGetImageGraphicsContext (image=0x6601018, graphics=0xd7e74c) returned 0x0
[0272.746] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0272.746] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0272.747] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0272.747] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603778, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0272.747] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0272.747] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.747] GdipDisposeImage (image=0x6603778) returned 0x0
[0272.748] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.748] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0272.748] GetCurrentThreadId () returned 0xf50
[0272.748] GetCurrentThreadId () returned 0xf50
[0272.748] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.748] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0272.748] GetCurrentThreadId () returned 0xf50
[0272.748] GetCurrentThreadId () returned 0xf50
[0272.749] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.749] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0272.749] GetCurrentThreadId () returned 0xf50
[0272.749] GetCurrentThreadId () returned 0xf50
[0272.749] GetSystemMetrics (nIndex=5) returned 1
[0272.749] GetSystemMetrics (nIndex=6) returned 1
[0272.749] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.749] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0272.750] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.750] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0272.750] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.750] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0272.750] GetCurrentThreadId () returned 0xf50
[0272.750] GetCurrentThreadId () returned 0xf50
[0272.751] GetProcessWindowStation () returned 0x13c
[0272.751] GetCapture () returned 0x0
[0272.751] GetActiveWindow () returned 0x7005c
[0272.751] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0272.751] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.751] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0272.751] GetCursorPos (in: lpPoint=0x2d0c830 | out: lpPoint=0x2d0c830*(x=244, y=628)) returned 1
[0272.751] MonitorFromPoint (pt=0xf4, dwFlags=0x274) returned 0x10001
[0272.751] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0272.752] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x360107e8
[0272.752] GetDeviceCaps (hdc=0x360107e8, index=12) returned 32
[0272.752] GetDeviceCaps (hdc=0x360107e8, index=14) returned 1
[0272.752] DeleteDC (hdc=0x360107e8) returned 1
[0272.752] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0272.752] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.752] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b02dc
[0272.753] SetWindowLongW (hWnd=0x2b02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0272.753] GetWindowLongW (hWnd=0x2b02dc, nIndex=-4) returned 1950089536
[0272.753] SetWindowLongW (hWnd=0x2b02dc, nIndex=-4, dwNewLong=19946878) returned 1950089536
[0272.754] GetWindowLongW (hWnd=0x2b02dc, nIndex=-4) returned 19946878
[0272.754] GetWindowLongW (hWnd=0x2b02dc, nIndex=-16) returned 113770496
[0272.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0272.755] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0272.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0272.756] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0272.756] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0272.756] SetWindowTextW (hWnd=0x2b02dc, lpString="BB ransomware") returned 1
[0272.756] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xc, wParam=0x0, lParam=0x2d0afcc) returned 0x1
[0272.757] GetStartupInfoW (in: lpStartupInfo=0x2d0cb6c | out: lpStartupInfo=0x2d0cb6c*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0272.759] GetParent (hWnd=0x2b02dc) returned 0x0
[0272.759] SetWindowLongW (hWnd=0x2b02dc, nIndex=-8, dwNewLong=0) returned 0
[0272.760] SendMessageW (hWnd=0x2b02dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0272.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0272.760] SendMessageW (hWnd=0x2b02dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0272.760] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0272.760] GetSystemMenu (hWnd=0x2b02dc, bRevert=0) returned 0x410111
[0272.761] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0272.761] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0272.761] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0272.761] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0272.761] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0272.761] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0272.761] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0272.761] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0272.761] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0272.761] SetWindowPos (hWnd=0x2b02dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0272.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0272.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2b02dc) returned 0x1
[0272.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0272.780] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0272.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0272.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0272.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0272.783] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2b02dc, lParam=0x0) returned 0x0
[0272.784] GetCapture () returned 0x0
[0272.784] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0272.785] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0272.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0272.789] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0272.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0272.790] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0272.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0272.790] GetParent (hWnd=0x2b02dc) returned 0x0
[0272.790] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0272.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0272.793] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0272.793] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0272.793] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0272.793] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0272.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0272.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0272.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0272.806] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.807] GetWindowLongW (hWnd=0x2b02dc, nIndex=-16) returned 113770496
[0272.807] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.807] GetSystemMetrics (nIndex=42) returned 0
[0272.807] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0272.807] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.807] GetSystemMetrics (nIndex=42) returned 0
[0272.807] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0272.807] GetCursorPos (in: lpPoint=0x2d0cda8 | out: lpPoint=0x2d0cda8*(x=244, y=628)) returned 1
[0272.807] MonitorFromPoint (pt=0xf1, dwFlags=0x272) returned 0x10001
[0272.808] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0272.808] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xe70107f4
[0272.808] GetDeviceCaps (hdc=0xe70107f4, index=12) returned 32
[0272.808] GetDeviceCaps (hdc=0xe70107f4, index=14) returned 1
[0272.808] DeleteDC (hdc=0xe70107f4) returned 1
[0272.808] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0272.808] GetWindowLongW (hWnd=0x2b02dc, nIndex=-16) returned 113770496
[0272.808] GetWindowLongW (hWnd=0x2b02dc, nIndex=-20) returned 327945
[0272.808] SetWindowLongW (hWnd=0x2b02dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0272.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0272.809] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0272.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0272.811] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0272.811] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0272.811] SetWindowLongW (hWnd=0x2b02dc, nIndex=-20, dwNewLong=327681) returned 327945
[0272.811] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0272.812] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0272.813] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0272.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0272.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0272.814] SetWindowPos (hWnd=0x2b02dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0272.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0272.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0272.815] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0272.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0272.815] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0272.815] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0272.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0272.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0272.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0272.818] RedrawWindow (hWnd=0x2b02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0272.818] GetSystemMenu (hWnd=0x2b02dc, bRevert=0) returned 0x410111
[0272.818] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0272.818] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0272.818] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0272.818] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0272.818] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0272.818] EnableMenuItem (hMenu=0x410111, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0272.818] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0272.818] GetWindowLongW (hWnd=0x2b02dc, nIndex=-8) returned 0
[0272.818] SetWindowLongW (hWnd=0x2b02dc, nIndex=-8, dwNewLong=458844) returned 0
[0272.819] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0272.819] GetProcessWindowStation () returned 0x13c
[0272.820] GetCurrentThreadId () returned 0xf50
[0272.820] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305da6, lParam=0x0) returned 1
[0272.820] IsWindowVisible (hWnd=0x2b02dc) returned 0
[0272.820] IsWindowVisible (hWnd=0x7005c) returned 1
[0272.820] IsWindowEnabled (hWnd=0x7005c) returned 1
[0272.820] IsWindowVisible (hWnd=0x300ec) returned 0
[0272.820] IsWindowVisible (hWnd=0x502c6) returned 0
[0272.820] IsWindowVisible (hWnd=0x502be) returned 0
[0272.820] GetActiveWindow () returned 0x2b02dc
[0272.820] GetFocus () returned 0x2b02dc
[0272.820] IsWindow (hWnd=0x7005c) returned 1
[0272.821] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0272.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0272.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0272.822] GetWindowLongW (hWnd=0x2b02dc, nIndex=-8) returned 458844
[0272.822] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0272.822] GetCurrentThreadId () returned 0xf50
[0272.822] GetWindowLongW (hWnd=0x2b02dc, nIndex=-8) returned 458844
[0272.822] IsWindowEnabled (hWnd=0x7005c) returned 0
[0272.822] IsWindowEnabled (hWnd=0x2b02dc) returned 1
[0272.822] ShowWindow (hWnd=0x2b02dc, nCmdShow=5) returned 0
[0272.822] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.822] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0272.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.823] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.823] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2b02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e00ea
[0272.823] SetWindowLongW (hWnd=0x2e00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0272.823] GetWindowLongW (hWnd=0x2e00ea, nIndex=-4) returned 1950089536
[0272.824] SetWindowLongW (hWnd=0x2e00ea, nIndex=-4, dwNewLong=19947358) returned 1950089536
[0272.824] GetWindowLongW (hWnd=0x2e00ea, nIndex=-4) returned 19947358
[0272.824] GetWindowLongW (hWnd=0x2e00ea, nIndex=-16) returned 1174405120
[0272.824] GetWindowLongW (hWnd=0x2e00ea, nIndex=-12) returned 0
[0272.824] SetWindowLongW (hWnd=0x2e00ea, nIndex=-12, dwNewLong=3014890) returned 0
[0272.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0272.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0272.826] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0272.826] GetWindow (hWnd=0x2e00ea, uCmd=0x3) returned 0x0
[0272.826] GetClientRect (in: hWnd=0x2e00ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0272.826] GetWindowRect (in: hWnd=0x2e00ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0272.826] GetParent (hWnd=0x2e00ea) returned 0x2b02dc
[0272.826] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0272.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0272.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0272.827] GetClientRect (in: hWnd=0x2e00ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0272.827] GetWindowRect (in: hWnd=0x2e00ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0272.827] GetParent (hWnd=0x2e00ea) returned 0x2b02dc
[0272.827] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0272.827] SendMessageW (hWnd=0x2e00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2e00ea) returned 0x0
[0272.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2e00ea) returned 0x0
[0272.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.828] GetParent (hWnd=0x2e00ea) returned 0x2b02dc
[0272.828] GetParent (hWnd=0x2502c8) returned 0x2002d0
[0272.828] SetParent (hWndChild=0x2502c8, hWndNewParent=0x2b02dc) returned 0x2002d0
[0272.828] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0272.829] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0272.829] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0272.829] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0272.829] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0272.829] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0272.829] GetWindowRect (in: hWnd=0x2502c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0272.829] GetParent (hWnd=0x2502c8) returned 0x2b02dc
[0272.829] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0272.829] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0272.829] GetWindowRect (in: hWnd=0x2502c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0272.829] GetParent (hWnd=0x2502c8) returned 0x2b02dc
[0272.829] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0272.829] GetParent (hWnd=0x2502c8) returned 0x2b02dc
[0272.830] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.830] GetWindow (hWnd=0x2502c8, uCmd=0x3) returned 0x0
[0272.830] SetWindowPos (hWnd=0x2502c8, hWndInsertAfter=0x2e00ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0272.830] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0272.831] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0272.831] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0272.831] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0272.831] GetWindowRect (in: hWnd=0x2502c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0272.831] GetParent (hWnd=0x2502c8) returned 0x2b02dc
[0272.831] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0272.831] GetParent (hWnd=0x2502c8) returned 0x2b02dc
[0272.831] GetWindow (hWnd=0x2502c8, uCmd=0x3) returned 0x2e00ea
[0272.832] GetWindowThreadProcessId (in: hWnd=0x2502c8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0272.832] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0272.832] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.833] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.833] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2b02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d02d8
[0272.833] SetWindowLongW (hWnd=0x2d02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0272.833] GetWindowLongW (hWnd=0x2d02d8, nIndex=-4) returned 1868032000
[0272.834] SetWindowLongW (hWnd=0x2d02d8, nIndex=-4, dwNewLong=19946958) returned 1868032000
[0272.834] GetWindowLongW (hWnd=0x2d02d8, nIndex=-4) returned 19946958
[0272.834] GetWindowLongW (hWnd=0x2d02d8, nIndex=-16) returned 1174470667
[0272.834] GetWindowLongW (hWnd=0x2d02d8, nIndex=-12) returned 0
[0272.834] SetWindowLongW (hWnd=0x2d02d8, nIndex=-12, dwNewLong=2949848) returned 0
[0272.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0272.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0272.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0272.836] SendMessageW (hWnd=0x2d02d8, Msg=0x2055, wParam=0x2d02d8, lParam=0x3) returned 0x2
[0272.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0272.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0272.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0272.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0272.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0272.836] RedrawWindow (hWnd=0x2e00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0272.837] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0272.837] RedrawWindow (hWnd=0x2502c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0272.837] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0272.837] RedrawWindow (hWnd=0x2d02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0272.837] RedrawWindow (hWnd=0x2b02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0272.837] GetWindow (hWnd=0x2d02d8, uCmd=0x3) returned 0x2502c8
[0272.837] GetClientRect (in: hWnd=0x2d02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0272.837] GetWindowRect (in: hWnd=0x2d02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0272.837] GetParent (hWnd=0x2d02d8) returned 0x2b02dc
[0272.837] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0272.838] SetWindowTextW (hWnd=0x2d02d8, lpString="&Details") returned 1
[0272.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0272.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0272.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0272.838] GetClientRect (in: hWnd=0x2d02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0272.838] GetWindowRect (in: hWnd=0x2d02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0272.839] GetParent (hWnd=0x2d02d8) returned 0x2b02dc
[0272.839] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0272.839] SendMessageW (hWnd=0x2d02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2d02d8) returned 0x0
[0272.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2d02d8) returned 0x0
[0272.839] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.839] GetParent (hWnd=0x2d02d8) returned 0x2b02dc
[0272.839] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0272.840] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.840] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.840] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2b02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2102ce
[0272.841] SetWindowLongW (hWnd=0x2102ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0272.841] GetWindowLongW (hWnd=0x2102ce, nIndex=-4) returned 1868032000
[0272.841] SetWindowLongW (hWnd=0x2102ce, nIndex=-4, dwNewLong=19946998) returned 1868032000
[0272.842] GetWindowLongW (hWnd=0x2102ce, nIndex=-4) returned 19946998
[0272.842] GetWindowLongW (hWnd=0x2102ce, nIndex=-16) returned 1174470667
[0272.842] GetWindowLongW (hWnd=0x2102ce, nIndex=-12) returned 0
[0272.842] SetWindowLongW (hWnd=0x2102ce, nIndex=-12, dwNewLong=2163406) returned 0
[0272.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0272.842] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0272.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0272.844] SendMessageW (hWnd=0x2102ce, Msg=0x2055, wParam=0x2102ce, lParam=0x3) returned 0x2
[0272.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0272.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0272.844] GetWindow (hWnd=0x2102ce, uCmd=0x3) returned 0x2d02d8
[0272.844] GetClientRect (in: hWnd=0x2102ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0272.844] GetWindowRect (in: hWnd=0x2102ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0272.844] GetParent (hWnd=0x2102ce) returned 0x2b02dc
[0272.844] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0272.844] SetWindowTextW (hWnd=0x2102ce, lpString="&Continue") returned 1
[0272.844] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0272.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0272.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0272.845] GetClientRect (in: hWnd=0x2102ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0272.845] GetWindowRect (in: hWnd=0x2102ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0272.845] GetParent (hWnd=0x2102ce) returned 0x2b02dc
[0272.845] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0272.845] SendMessageW (hWnd=0x2102ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2102ce) returned 0x0
[0272.845] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2102ce) returned 0x0
[0272.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.846] GetParent (hWnd=0x2102ce) returned 0x2b02dc
[0272.846] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0272.846] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.847] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.847] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2b02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b02de
[0272.847] SetWindowLongW (hWnd=0x2b02de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0272.847] GetWindowLongW (hWnd=0x2b02de, nIndex=-4) returned 1868032000
[0272.848] SetWindowLongW (hWnd=0x2b02de, nIndex=-4, dwNewLong=19947758) returned 1868032000
[0272.849] GetWindowLongW (hWnd=0x2b02de, nIndex=-4) returned 19947758
[0272.849] GetWindowLongW (hWnd=0x2b02de, nIndex=-16) returned 1174470667
[0272.849] GetWindowLongW (hWnd=0x2b02de, nIndex=-12) returned 0
[0272.849] SetWindowLongW (hWnd=0x2b02de, nIndex=-12, dwNewLong=2818782) returned 0
[0272.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0272.849] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0272.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0272.851] SendMessageW (hWnd=0x2b02de, Msg=0x2055, wParam=0x2b02de, lParam=0x3) returned 0x2
[0272.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0272.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0272.851] GetWindow (hWnd=0x2b02de, uCmd=0x3) returned 0x2102ce
[0272.851] GetClientRect (in: hWnd=0x2b02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0272.851] GetWindowRect (in: hWnd=0x2b02de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0272.851] GetParent (hWnd=0x2b02de) returned 0x2b02dc
[0272.851] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0272.851] SetWindowTextW (hWnd=0x2b02de, lpString="&Quit") returned 1
[0272.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0272.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0272.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0272.852] GetClientRect (in: hWnd=0x2b02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0272.852] GetWindowRect (in: hWnd=0x2b02de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0272.852] GetParent (hWnd=0x2b02de) returned 0x2b02dc
[0272.852] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0272.852] SendMessageW (hWnd=0x2b02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2b02de) returned 0x0
[0272.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2b02de) returned 0x0
[0272.853] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.853] GetParent (hWnd=0x2b02de) returned 0x2b02dc
[0272.853] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0272.853] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.854] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0272.854] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2b02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b02da
[0272.854] SetWindowLongW (hWnd=0x2b02da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0272.855] GetWindowLongW (hWnd=0x2b02da, nIndex=-4) returned 1868026976
[0272.855] SetWindowLongW (hWnd=0x2b02da, nIndex=-4, dwNewLong=19947038) returned 1868026976
[0272.855] GetWindowLongW (hWnd=0x2b02da, nIndex=-4) returned 19947038
[0272.855] GetWindowLongW (hWnd=0x2b02da, nIndex=-16) returned 1177553092
[0272.855] GetWindowLongW (hWnd=0x2b02da, nIndex=-12) returned 0
[0272.855] SetWindowLongW (hWnd=0x2b02da, nIndex=-12, dwNewLong=2818778) returned 0
[0272.855] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0272.857] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0272.858] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0272.874] GetWindow (hWnd=0x2b02da, uCmd=0x3) returned 0x2b02de
[0272.874] GetClientRect (in: hWnd=0x2b02da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0272.874] GetWindowRect (in: hWnd=0x2b02da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0272.874] GetParent (hWnd=0x2b02da) returned 0x2b02dc
[0272.874] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0272.874] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.874] GetSystemMetrics (nIndex=42) returned 0
[0272.874] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0272.874] SendMessageW (hWnd=0x2b02da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0272.874] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0272.879] SetWindowTextW (hWnd=0x2b02da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0272.879] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0xc, wParam=0x0, lParam=0x2d089b4) returned 0x1
[0272.880] GetSystemMetrics (nIndex=5) returned 1
[0272.880] GetSystemMetrics (nIndex=6) returned 1
[0272.880] SendMessageW (hWnd=0x2b02da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0272.880] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0272.881] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0272.882] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0272.882] GetClientRect (in: hWnd=0x2b02da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0272.882] GetWindowRect (in: hWnd=0x2b02da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0272.882] GetParent (hWnd=0x2b02da) returned 0x2b02dc
[0272.882] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0272.882] SendMessageW (hWnd=0x2b02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2b02da) returned 0x0
[0272.882] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2b02da) returned 0x0
[0272.882] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0272.882] GetParent (hWnd=0x2b02da) returned 0x2b02dc
[0272.882] GetWindowLongW (hWnd=0x2b02dc, nIndex=-8) returned 458844
[0272.882] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0272.882] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0272.882] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xee0107f4
[0272.883] GetDeviceCaps (hdc=0xee0107f4, index=12) returned 32
[0272.883] GetDeviceCaps (hdc=0xee0107f4, index=14) returned 1
[0272.883] DeleteDC (hdc=0xee0107f4) returned 1
[0272.883] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0272.883] GetWindowThreadProcessId (in: hWnd=0x2b02dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0272.883] GetCurrentThreadId () returned 0xf50
[0272.883] PostMessageW (hWnd=0x2b02dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0272.883] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.883] GetSystemMetrics (nIndex=42) returned 0
[0272.883] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.883] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0272.883] GdipImageGetFrameDimensionsCount (image=0x66023c8, count=0xd7e25c) returned 0x0
[0272.883] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201838
[0272.883] GdipImageGetFrameDimensionsList (image=0x66023c8, dimensionIDs=0x1201838*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0272.883] LocalFree (hMem=0x1201838) returned 0x0
[0272.884] GdipImageGetFrameDimensionsCount (image=0x6600cd0, count=0xd7e250) returned 0x0
[0272.884] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12017c0
[0272.884] GdipImageGetFrameDimensionsList (image=0x6600cd0, dimensionIDs=0x12017c0*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0272.884] LocalFree (hMem=0x12017c0) returned 0x0
[0272.884] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0272.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0272.884] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0272.895] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0272.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0272.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0272.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0272.897] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0272.897] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0272.897] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.897] GetSystemMetrics (nIndex=42) returned 0
[0272.897] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.897] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0272.897] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0272.897] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0272.897] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0272.897] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0xffffffff9b050803
[0272.897] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0272.898] SaveDC (hdc=0x10105d6) returned 1
[0272.898] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0272.898] CreateSolidBrush (color=0xf0f0f0) returned 0xf61007e1
[0272.898] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0xf61007e1) returned 1
[0272.898] DeleteObject (ho=0xf61007e1) returned 1
[0272.898] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0272.898] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0272.898] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0272.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0272.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0272.899] GetStockObject (i=5) returned 0x900015
[0272.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0272.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0272.899] GetStockObject (i=5) returned 0x900015
[0272.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0272.899] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0272.899] GetStockObject (i=5) returned 0x900015
[0272.900] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0272.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0272.900] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0272.900] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0272.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0272.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0272.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0272.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0272.902] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0272.902] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0272.902] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0272.902] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0272.902] InvalidateRect (hWnd=0x2d02d8, lpRect=0x0, bErase=0) returned 1
[0272.902] GetFocus () returned 0x2b02dc
[0272.902] GetFocus () returned 0x2b02dc
[0272.902] SetFocus (hWnd=0x2d02d8) returned 0x2b02dc
[0272.904] GetFocus () returned 0x2d02d8
[0272.904] IsChild (hWndParent=0x2b02dc, hWnd=0x2d02d8) returned 1
[0272.904] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x8, wParam=0x2d02d8, lParam=0x0) returned 0x0
[0272.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0272.907] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0272.909] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0272.909] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x7, wParam=0x2b02dc, lParam=0x0) returned 0x0
[0272.909] GetStockObject (i=5) returned 0x900015
[0272.909] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0272.909] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0272.909] GetDlgItem (hDlg=0x2b02dc, nIDDlgItem=2949848) returned 0x2d02d8
[0272.909] SendMessageW (hWnd=0x2d02d8, Msg=0x202b, wParam=0x2d02d8, lParam=0xd7e0dc) returned 0x0
[0272.909] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x202b, wParam=0x2d02d8, lParam=0xd7e0dc) returned 0x0
[0272.909] InvalidateRect (hWnd=0x2d02d8, lpRect=0x0, bErase=0) returned 1
[0272.911] GetFocus () returned 0x2d02d8
[0272.911] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.911] IsWindowUnicode (hWnd=0x2b02dc) returned 1
[0272.911] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.912] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.912] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0272.912] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.912] IsWindowUnicode (hWnd=0x2b02dc) returned 1
[0272.912] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.912] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.912] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.912] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.912] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0272.912] IsWindowUnicode (hWnd=0x2102ce) returned 1
[0272.912] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.913] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.913] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.913] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.913] IsWindowUnicode (hWnd=0x602c4) returned 1
[0272.913] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.913] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.913] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0272.913] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0272.913] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0272.913] IsWindowUnicode (hWnd=0x2102ce) returned 1
[0272.913] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.913] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0272.913] SetCursor (hCursor=0x10003) returned 0x10003
[0272.914] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.914] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.914] _TrackMouseEvent (in: lpEventTrack=0x2d0e0f0 | out: lpEventTrack=0x2d0e0f0) returned 1
[0272.914] SendMessageW (hWnd=0x2102ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0272.914] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0272.914] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0272.914] GetKeyState (nVirtKey=1) returned 0
[0272.914] GetKeyState (nVirtKey=2) returned 0
[0272.914] GetKeyState (nVirtKey=4) returned 0
[0272.914] GetKeyState (nVirtKey=5) returned 0
[0272.914] GetKeyState (nVirtKey=6) returned 0
[0272.914] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.914] IsWindowUnicode (hWnd=0x2b02dc) returned 1
[0272.914] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.914] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.914] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.915] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.915] IsWindowUnicode (hWnd=0x2b02dc) returned 1
[0272.915] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.915] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.915] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.915] BeginPaint (in: hWnd=0x2b02dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0272.916] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.916] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.916] GetSystemMetrics (nIndex=42) returned 0
[0272.916] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0272.916] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.916] EndPaint (hWnd=0x2b02dc, lpPaint=0xd7e274) returned 1
[0272.916] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.916] IsWindowUnicode (hWnd=0x2e00ea) returned 1
[0272.916] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.916] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.916] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.916] BeginPaint (in: hWnd=0x2e00ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0272.917] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.917] CreateCompatibleDC (hdc=0x60100ce) returned 0x46010671
[0272.917] SelectObject (hdc=0x46010671, h=0x4a0507fe) returned 0x85000f
[0272.917] GdipCreateFromHDC (hdc=0x46010671, graphics=0xd7e2b0) returned 0x0
[0272.917] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0272.917] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0272.917] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0272.917] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0272.917] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e310) returned 0x0
[0272.917] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0272.917] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0272.917] LocalFree (hMem=0x11eec58) returned 0x0
[0272.917] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0272.917] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0272.917] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0272.917] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0272.918] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0272.918] GetWindowTextLengthW (hWnd=0x2e00ea) returned 0
[0272.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0272.918] GetSystemMetrics (nIndex=42) returned 0
[0272.918] GetWindowTextW (in: hWnd=0x2e00ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0272.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0272.918] GetClientRect (in: hWnd=0x2e00ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0272.918] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0272.918] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0272.918] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0272.918] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0272.918] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e164) returned 0x0
[0272.918] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0272.918] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0272.918] LocalFree (hMem=0x11ee868) returned 0x0
[0272.918] GdipCombineRegionRegion (region=0x6646448, region2=0x66468c8, combineMode=0x1) returned 0x0
[0272.918] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0272.918] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0272.918] LocalFree (hMem=0x11ee9f0) returned 0x0
[0272.918] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0272.918] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0272.918] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0272.918] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0272.919] GdipDeleteRegion (region=0x6646448) returned 0x0
[0272.919] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0272.919] GetCurrentObject (hdc=0x46010671, type=0x1) returned 0xb00017
[0272.923] GetCurrentObject (hdc=0x46010671, type=0x2) returned 0x900010
[0272.923] GetCurrentObject (hdc=0x46010671, type=0x7) returned 0x4a0507fe
[0272.923] GetCurrentObject (hdc=0x46010671, type=0x6) returned 0x8a01c2
[0272.923] SaveDC (hdc=0x46010671) returned 1
[0272.923] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a0407de
[0272.923] GetClipRgn (hdc=0x46010671, hrgn=0x9a0407de) returned 0
[0272.923] SelectClipRgn (hdc=0x46010671, hrgn=0x7040807) returned 2
[0272.923] DeleteObject (ho=0x9a0407de) returned 1
[0272.923] DeleteObject (ho=0x7040807) returned 1
[0272.923] OffsetViewportOrgEx (in: hdc=0x46010671, x=0, y=0, lppt=0x2d0e56c | out: lppt=0x2d0e56c) returned 1
[0272.923] GetNearestColor (hdc=0x46010671, color=0xf0f0f0) returned 0xf0f0f0
[0272.923] CreateSolidBrush (color=0xf0f0f0) returned 0xf71007e1
[0272.923] FillRect (hDC=0x46010671, lprc=0xd7e198, hbr=0xf71007e1) returned 1
[0272.924] DeleteObject (ho=0xf71007e1) returned 1
[0272.924] RestoreDC (hdc=0x46010671, nSavedDC=-1) returned 1
[0272.924] GdipReleaseDC (graphics=0x6600030, hdc=0x46010671) returned 0x0
[0272.924] GdipRestoreGraphics (graphics=0x6600030, state=0xf7180dbd) returned 0x0
[0272.924] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0272.924] GetWindowTextLengthW (hWnd=0x2e00ea) returned 0
[0272.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0272.924] GetSystemMetrics (nIndex=42) returned 0
[0272.924] GetWindowTextW (in: hWnd=0x2e00ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0272.924] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0272.924] GdipGetImageWidth (image=0x66023c8, width=0xd7e1e0) returned 0x0
[0272.924] GdipGetImageHeight (image=0x66023c8, height=0xd7e1e0) returned 0x0
[0272.924] GdipGetImageWidth (image=0x66023c8, width=0xd7e1cc) returned 0x0
[0272.924] GdipGetImageHeight (image=0x66023c8, height=0xd7e1cc) returned 0x0
[0272.924] GdipDrawImageRectI (graphics=0x6600030, image=0x66023c8, x=16, y=16, width=32, height=32) returned 0x0
[0272.924] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0272.924] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x46010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0272.924] GdipReleaseDC (graphics=0x6600030, hdc=0x46010671) returned 0x0
[0272.924] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.925] SelectObject (hdc=0x46010671, h=0x85000f) returned 0x4a0507fe
[0272.925] DeleteDC (hdc=0x46010671) returned 1
[0272.925] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.925] EndPaint (hWnd=0x2e00ea, lpPaint=0xd7e294) returned 1
[0272.925] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.925] IsWindowUnicode (hWnd=0x2502c8) returned 1
[0272.925] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.925] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.925] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.925] BeginPaint (in: hWnd=0x2502c8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0272.925] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.925] CreateCompatibleDC (hdc=0x10105d6) returned 0x48010671
[0272.925] GetObjectType (h=0x10105d6) returned 0x3
[0272.925] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xfffffffffa0507f4
[0272.926] GetDIBits (in: hdc=0x10105d6, hbm=0xfa0507f4, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0272.926] GetDIBits (in: hdc=0x10105d6, hbm=0xfa0507f4, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0272.926] DeleteObject (ho=0xfa0507f4) returned 1
[0272.926] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xbd0507ef
[0272.926] SelectObject (hdc=0x48010671, h=0xbd0507ef) returned 0x85000f
[0272.926] GdipCreateFromHDC (hdc=0x48010671, graphics=0xd7e234) returned 0x0
[0272.926] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0272.926] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0272.926] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0272.926] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0272.926] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2d4) returned 0x0
[0272.927] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0272.927] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0272.927] LocalFree (hMem=0x11eecc8) returned 0x0
[0272.927] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0272.927] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0272.927] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0272.927] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0272.927] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0272.927] GetWindowTextLengthW (hWnd=0x2502c8) returned 232
[0272.927] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0272.927] GetSystemMetrics (nIndex=42) returned 0
[0272.927] GetWindowTextW (in: hWnd=0x2502c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0272.927] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0272.927] GetClientRect (in: hWnd=0x2502c8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0272.927] GdipCreateRegion (region=0xd7e110) returned 0x0
[0272.927] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0272.927] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0272.927] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0272.927] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e128) returned 0x0
[0272.927] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0272.927] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0272.928] LocalFree (hMem=0x11ee868) returned 0x0
[0272.928] GdipCombineRegionRegion (region=0x6646718, region2=0x66467a8, combineMode=0x1) returned 0x0
[0272.928] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0272.928] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0272.928] LocalFree (hMem=0x11ee868) returned 0x0
[0272.928] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0272.928] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e150) returned 0x0
[0272.928] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e140) returned 0x0
[0272.928] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0272.928] GdipDeleteRegion (region=0x6646718) returned 0x0
[0272.928] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0272.928] GetCurrentObject (hdc=0x48010671, type=0x1) returned 0xb00017
[0272.928] GetCurrentObject (hdc=0x48010671, type=0x2) returned 0x900010
[0272.928] GetCurrentObject (hdc=0x48010671, type=0x7) returned 0xffffffffbd0507ef
[0272.928] GetCurrentObject (hdc=0x48010671, type=0x6) returned 0x8a01c2
[0272.928] SaveDC (hdc=0x48010671) returned 1
[0272.928] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8040807
[0272.928] GetClipRgn (hdc=0x48010671, hrgn=0x8040807) returned 0
[0272.928] SelectClipRgn (hdc=0x48010671, hrgn=0x9b0407de) returned 2
[0272.928] DeleteObject (ho=0x8040807) returned 1
[0272.929] DeleteObject (ho=0x9b0407de) returned 1
[0272.929] OffsetViewportOrgEx (in: hdc=0x48010671, x=0, y=0, lppt=0x2d0ff34 | out: lppt=0x2d0ff34) returned 1
[0272.929] GetNearestColor (hdc=0x48010671, color=0xf0f0f0) returned 0xf0f0f0
[0272.929] CreateSolidBrush (color=0xf0f0f0) returned 0xf81007e1
[0272.929] FillRect (hDC=0x48010671, lprc=0xd7e15c, hbr=0xf81007e1) returned 1
[0272.929] DeleteObject (ho=0xf81007e1) returned 1
[0272.930] RestoreDC (hdc=0x48010671, nSavedDC=-1) returned 1
[0272.930] GdipReleaseDC (graphics=0x6600030, hdc=0x48010671) returned 0x0
[0272.930] GdipRestoreGraphics (graphics=0x6600030, state=0xf7160dbd) returned 0x0
[0272.930] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0272.930] GetWindowTextLengthW (hWnd=0x2502c8) returned 232
[0272.930] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0272.930] GetSystemMetrics (nIndex=42) returned 0
[0272.930] GetWindowTextW (in: hWnd=0x2502c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0272.930] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0272.930] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0272.930] GetCurrentObject (hdc=0x48010671, type=0x1) returned 0xb00017
[0272.930] GetCurrentObject (hdc=0x48010671, type=0x2) returned 0x900010
[0272.930] GetCurrentObject (hdc=0x48010671, type=0x7) returned 0xffffffffbd0507ef
[0272.930] GetCurrentObject (hdc=0x48010671, type=0x6) returned 0x8a01c2
[0272.930] SaveDC (hdc=0x48010671) returned 1
[0272.930] GetNearestColor (hdc=0x48010671, color=0x0) returned 0x0
[0272.930] RestoreDC (hdc=0x48010671, nSavedDC=-1) returned 1
[0272.930] GdipReleaseDC (graphics=0x6600030, hdc=0x48010671) returned 0x0
[0272.931] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0272.931] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0272.931] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d10730 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0272.931] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0272.931] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0272.931] GetCurrentObject (hdc=0x48010671, type=0x1) returned 0xb00017
[0272.931] GetCurrentObject (hdc=0x48010671, type=0x2) returned 0x900010
[0272.931] GetCurrentObject (hdc=0x48010671, type=0x7) returned 0xffffffffbd0507ef
[0272.932] GetCurrentObject (hdc=0x48010671, type=0x6) returned 0x8a01c2
[0272.932] SaveDC (hdc=0x48010671) returned 1
[0272.932] GetTextAlign (hdc=0x48010671) returned 0x0
[0272.932] GetTextColor (hdc=0x48010671) returned 0x0
[0272.932] GetCurrentObject (hdc=0x48010671, type=0x6) returned 0x8a01c2
[0272.932] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0272.932] SelectObject (hdc=0x48010671, h=0x6d0a0520) returned 0x8a01c2
[0272.932] GetBkMode (hdc=0x48010671) returned 2
[0272.932] SetBkMode (hdc=0x48010671, mode=1) returned 2
[0272.932] DrawTextExW (in: hdc=0x48010671, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d10954 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0272.964] RestoreDC (hdc=0x48010671, nSavedDC=-1) returned 1
[0272.964] GdipReleaseDC (graphics=0x6600030, hdc=0x48010671) returned 0x0
[0272.964] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0272.964] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0x48010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0272.964] GdipReleaseDC (graphics=0x6600030, hdc=0x48010671) returned 0x0
[0272.964] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.964] SelectObject (hdc=0x48010671, h=0x85000f) returned 0xbd0507ef
[0272.964] DeleteDC (hdc=0x48010671) returned 1
[0272.964] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.964] DeleteObject (ho=0xbd0507ef) returned 1
[0272.965] EndPaint (hWnd=0x2502c8, lpPaint=0xd7e258) returned 1
[0272.965] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.965] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0272.974] IsWindowUnicode (hWnd=0x30122) returned 1
[0272.974] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0272.975] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.975] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.975] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0272.976] IsWindowUnicode (hWnd=0x30122) returned 1
[0272.976] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.976] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.976] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.976] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.977] IsWindowUnicode (hWnd=0x2d02d8) returned 1
[0272.977] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.977] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.977] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.977] BeginPaint (in: hWnd=0x2d02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0272.977] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.977] CreateCompatibleDC (hdc=0x107b9) returned 0xc00107ef
[0272.977] SelectObject (hdc=0xc00107ef, h=0x4a0507fe) returned 0x85000f
[0272.977] GdipCreateFromHDC (hdc=0xc00107ef, graphics=0xd7e268) returned 0x0
[0272.977] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0272.978] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0272.978] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0272.978] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0272.978] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2c8) returned 0x0
[0272.978] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0272.978] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0272.978] LocalFree (hMem=0x11ee868) returned 0x0
[0272.978] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0272.978] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0272.978] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0272.978] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0272.978] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0272.978] GdipRestoreGraphics (graphics=0x6600030, state=0xf7140dbd) returned 0x0
[0272.978] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0272.978] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0272.978] GetCurrentObject (hdc=0xc00107ef, type=0x1) returned 0xb00017
[0272.978] GetCurrentObject (hdc=0xc00107ef, type=0x2) returned 0x900010
[0272.978] GetCurrentObject (hdc=0xc00107ef, type=0x7) returned 0x4a0507fe
[0272.978] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.978] SaveDC (hdc=0xc00107ef) returned 1
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0xf0f0f0) returned 0xf0f0f0
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0xa0a0a0) returned 0xa0a0a0
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0x696969) returned 0x696969
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0xa0a0a0) returned 0xa0a0a0
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0x0) returned 0x0
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0xffffff) returned 0xffffff
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0xe5e5e5) returned 0xe5e5e5
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0xd7d7d7) returned 0xd7d7d7
[0272.979] GetNearestColor (hdc=0xc00107ef, color=0x0) returned 0x0
[0272.979] RestoreDC (hdc=0xc00107ef, nSavedDC=-1) returned 1
[0272.979] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ef) returned 0x0
[0272.979] IsAppThemed () returned 0x1
[0272.979] GetThemeAppProperties () returned 0x3
[0272.979] GetThemeAppProperties () returned 0x3
[0272.979] GdipGetImageWidth (image=0x6600cd0, width=0xd7e168) returned 0x0
[0272.979] GdipGetImageHeight (image=0x6600cd0, height=0xd7e168) returned 0x0
[0272.979] IsAppThemed () returned 0x1
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d110a4 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0272.980] IsAppThemed () returned 0x1
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] IsAppThemed () returned 0x1
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] GetFocus () returned 0x2d02d8
[0272.980] IsAppThemed () returned 0x1
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] IsAppThemed () returned 0x1
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] IsThemePartDefined () returned 0x1
[0272.980] IsAppThemed () returned 0x1
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] GetThemeAppProperties () returned 0x3
[0272.980] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0272.981] IsAppThemed () returned 0x1
[0272.981] GetThemeAppProperties () returned 0x3
[0272.981] GetThemeAppProperties () returned 0x3
[0272.981] IsAppThemed () returned 0x1
[0272.981] GetThemeAppProperties () returned 0x3
[0272.981] GetThemeAppProperties () returned 0x3
[0272.981] IsThemePartDefined () returned 0x1
[0272.981] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0272.981] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0272.981] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0272.981] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0272.981] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dff0) returned 0x0
[0272.981] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0272.981] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea98) returned 0x0
[0272.981] LocalFree (hMem=0x11eea98) returned 0x0
[0272.985] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0272.985] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eecc8) returned 0x0
[0272.985] LocalFree (hMem=0x11eecc8) returned 0x0
[0272.985] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0272.985] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e018) returned 0x0
[0272.985] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e008) returned 0x0
[0272.985] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0272.985] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0272.986] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0272.986] GetCurrentObject (hdc=0xc00107ef, type=0x1) returned 0xb00017
[0272.986] GetCurrentObject (hdc=0xc00107ef, type=0x2) returned 0x900010
[0272.986] GetCurrentObject (hdc=0xc00107ef, type=0x7) returned 0x4a0507fe
[0272.986] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.986] SaveDC (hdc=0xc00107ef) returned 1
[0272.986] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9c0407de
[0272.986] GetClipRgn (hdc=0xc00107ef, hrgn=0x9c0407de) returned 0
[0272.986] SelectClipRgn (hdc=0xc00107ef, hrgn=0xc040807) returned 2
[0272.986] DeleteObject (ho=0x9c0407de) returned 1
[0272.986] DeleteObject (ho=0xc040807) returned 1
[0272.986] OffsetViewportOrgEx (in: hdc=0xc00107ef, x=0, y=0, lppt=0x2d11754 | out: lppt=0x2d11754) returned 1
[0272.986] DrawThemeParentBackground () returned 0x0
[0272.987] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0272.987] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0272.987] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.987] GetSystemMetrics (nIndex=42) returned 0
[0272.987] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.987] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0272.987] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0272.987] GetCurrentObject (hdc=0xc00107ef, type=0x1) returned 0xb00017
[0272.987] GetCurrentObject (hdc=0xc00107ef, type=0x2) returned 0x900010
[0272.987] GetCurrentObject (hdc=0xc00107ef, type=0x7) returned 0x4a0507fe
[0272.987] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.987] SaveDC (hdc=0xc00107ef) returned 2
[0272.987] GetNearestColor (hdc=0xc00107ef, color=0xf0f0f0) returned 0xf0f0f0
[0272.987] CreateSolidBrush (color=0xf0f0f0) returned 0xf91007e1
[0272.987] FillRect (hDC=0xc00107ef, lprc=0xd7da38, hbr=0xf91007e1) returned 1
[0272.987] DeleteObject (ho=0xf91007e1) returned 1
[0272.987] RestoreDC (hdc=0xc00107ef, nSavedDC=-1) returned 1
[0272.988] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.988] GetSystemMetrics (nIndex=42) returned 0
[0272.988] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0272.988] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0272.988] GetCurrentObject (hdc=0xc00107ef, type=0x1) returned 0xb00017
[0272.988] GetCurrentObject (hdc=0xc00107ef, type=0x2) returned 0x900010
[0272.988] GetCurrentObject (hdc=0xc00107ef, type=0x7) returned 0x4a0507fe
[0272.988] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.988] SaveDC (hdc=0xc00107ef) returned 2
[0272.988] GetNearestColor (hdc=0xc00107ef, color=0xf0f0f0) returned 0xf0f0f0
[0272.988] CreateSolidBrush (color=0xf0f0f0) returned 0xfa1007e1
[0272.988] FillRect (hDC=0xc00107ef, lprc=0xd7d9d8, hbr=0xfa1007e1) returned 1
[0272.988] DeleteObject (ho=0xfa1007e1) returned 1
[0272.988] RestoreDC (hdc=0xc00107ef, nSavedDC=-1) returned 1
[0272.988] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0272.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0272.988] GetSystemMetrics (nIndex=42) returned 0
[0272.988] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0272.988] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0272.989] RestoreDC (hdc=0xc00107ef, nSavedDC=-1) returned 1
[0272.989] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ef) returned 0x0
[0272.989] IsAppThemed () returned 0x1
[0272.989] GetThemeAppProperties () returned 0x3
[0272.989] GetThemeAppProperties () returned 0x3
[0272.989] IsAppThemed () returned 0x1
[0272.989] GetThemeAppProperties () returned 0x3
[0272.989] GetThemeAppProperties () returned 0x3
[0272.989] IsThemePartDefined () returned 0x1
[0272.989] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0272.989] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0272.989] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0272.989] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0272.989] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0272.989] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0272.989] LocalFree (hMem=0x11ee910) returned 0x0
[0272.989] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0272.989] LocalFree (hMem=0x11ee868) returned 0x0
[0272.989] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0272.989] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0272.989] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0272.989] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0272.990] GdipDeleteRegion (region=0x6646838) returned 0x0
[0272.990] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0272.990] GetCurrentObject (hdc=0xc00107ef, type=0x1) returned 0xb00017
[0272.990] GetCurrentObject (hdc=0xc00107ef, type=0x2) returned 0x900010
[0272.990] GetCurrentObject (hdc=0xc00107ef, type=0x7) returned 0x4a0507fe
[0272.990] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.990] SaveDC (hdc=0xc00107ef) returned 1
[0272.990] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd040807
[0272.990] GetClipRgn (hdc=0xc00107ef, hrgn=0xd040807) returned 0
[0272.990] SelectClipRgn (hdc=0xc00107ef, hrgn=0x9e0407de) returned 2
[0272.990] DeleteObject (ho=0xd040807) returned 1
[0272.990] DeleteObject (ho=0x9e0407de) returned 1
[0272.990] OffsetViewportOrgEx (in: hdc=0xc00107ef, x=0, y=0, lppt=0x2d12000 | out: lppt=0x2d12000) returned 1
[0272.990] IsAppThemed () returned 0x1
[0272.990] GetThemeAppProperties () returned 0x3
[0272.990] GetThemeAppProperties () returned 0x3
[0272.990] DrawThemeBackground () returned 0x0
[0272.990] RestoreDC (hdc=0xc00107ef, nSavedDC=-1) returned 1
[0272.990] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ef) returned 0x0
[0272.990] GdipCreateRegion (region=0xd7df60) returned 0x0
[0272.990] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0272.990] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0272.991] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0272.991] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0272.991] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0272.991] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0272.991] LocalFree (hMem=0x11ee8d8) returned 0x0
[0272.991] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0272.991] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea28) returned 0x0
[0272.991] LocalFree (hMem=0x11eea28) returned 0x0
[0272.991] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0272.991] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0272.991] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df90) returned 0x0
[0272.991] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0272.991] GdipDeleteRegion (region=0x6646718) returned 0x0
[0272.991] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0272.991] GetCurrentObject (hdc=0xc00107ef, type=0x1) returned 0xb00017
[0272.991] GetCurrentObject (hdc=0xc00107ef, type=0x2) returned 0x900010
[0272.991] GetCurrentObject (hdc=0xc00107ef, type=0x7) returned 0x4a0507fe
[0272.991] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.991] SaveDC (hdc=0xc00107ef) returned 1
[0272.991] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f0407de
[0272.991] GetClipRgn (hdc=0xc00107ef, hrgn=0x9f0407de) returned 0
[0272.991] SelectClipRgn (hdc=0xc00107ef, hrgn=0xe040807) returned 2
[0272.992] DeleteObject (ho=0x9f0407de) returned 1
[0272.992] DeleteObject (ho=0xe040807) returned 1
[0272.992] OffsetViewportOrgEx (in: hdc=0xc00107ef, x=0, y=0, lppt=0x2d122d4 | out: lppt=0x2d122d4) returned 1
[0272.992] IsAppThemed () returned 0x1
[0272.992] GetThemeAppProperties () returned 0x3
[0272.992] GetThemeAppProperties () returned 0x3
[0272.992] GetThemeBackgroundContentRect () returned 0x0
[0272.992] RestoreDC (hdc=0xc00107ef, nSavedDC=-1) returned 1
[0272.992] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ef) returned 0x0
[0272.992] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0272.992] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0272.992] GdipCloneRegion (region=0x66467a8, cloneRegion=0xd7e150) returned 0x0
[0272.992] GdipCombineRegionRectI (region=0x6646c28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0272.992] GdipCombineRegionRectI (region=0x6646c28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0272.992] GdipSetClipRegion (graphics=0x6600030, region=0x6646c28, combineMode=0x0) returned 0x0
[0272.992] GdipGetImageWidth (image=0x6600cd0, width=0xd7e154) returned 0x0
[0272.992] GdipGetImageHeight (image=0x6600cd0, height=0xd7e148) returned 0x0
[0272.992] GdipDrawImageRectI (graphics=0x6600030, image=0x6600cd0, x=4, y=4, width=16, height=16) returned 0x0
[0272.992] GdipSetClipRegion (graphics=0x6600030, region=0x66467a8, combineMode=0x0) returned 0x0
[0272.992] IsAppThemed () returned 0x1
[0272.992] GetThemeAppProperties () returned 0x3
[0272.992] GetThemeAppProperties () returned 0x3
[0272.992] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0272.993] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0272.993] GetCurrentObject (hdc=0xc00107ef, type=0x1) returned 0xb00017
[0272.993] GetCurrentObject (hdc=0xc00107ef, type=0x2) returned 0x900010
[0272.993] GetCurrentObject (hdc=0xc00107ef, type=0x7) returned 0x4a0507fe
[0272.993] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.993] SaveDC (hdc=0xc00107ef) returned 1
[0272.993] GetTextAlign (hdc=0xc00107ef) returned 0x0
[0272.993] GetTextColor (hdc=0xc00107ef) returned 0x0
[0272.993] GetCurrentObject (hdc=0xc00107ef, type=0x6) returned 0x8a01c2
[0272.993] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0272.993] SelectObject (hdc=0xc00107ef, h=0x6d0a0520) returned 0x8a01c2
[0272.993] GetBkMode (hdc=0xc00107ef) returned 2
[0272.993] SetBkMode (hdc=0xc00107ef, mode=1) returned 2
[0272.993] DrawTextExW (in: hdc=0xc00107ef, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d12694 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0272.994] DrawTextExW (in: hdc=0xc00107ef, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d12694 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0272.994] RestoreDC (hdc=0xc00107ef, nSavedDC=-1) returned 1
[0272.994] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ef) returned 0x0
[0272.994] GetFocus () returned 0x2d02d8
[0272.994] IsAppThemed () returned 0x1
[0272.994] GetThemeAppProperties () returned 0x3
[0272.994] GetThemeAppProperties () returned 0x3
[0272.994] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0272.994] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xc00107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0272.994] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ef) returned 0x0
[0272.994] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0272.994] SelectObject (hdc=0xc00107ef, h=0x85000f) returned 0x4a0507fe
[0272.994] DeleteDC (hdc=0xc00107ef) returned 1
[0272.994] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0272.995] EndPaint (hWnd=0x2d02d8, lpPaint=0xd7e24c) returned 1
[0272.995] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.995] IsWindowUnicode (hWnd=0x2102ce) returned 1
[0272.995] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0272.995] TranslateMessage (lpMsg=0xd7e808) returned 0
[0272.995] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0272.995] BeginPaint (in: hWnd=0x2102ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0272.995] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0272.995] CreateCompatibleDC (hdc=0x60100ce) returned 0xc20107ef
[0272.995] SelectObject (hdc=0xc20107ef, h=0x4a0507fe) returned 0x85000f
[0272.995] GdipCreateFromHDC (hdc=0xc20107ef, graphics=0xd7e268) returned 0x0
[0272.996] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0272.996] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0272.996] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0272.996] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0272.996] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0272.996] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0272.996] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0272.996] LocalFree (hMem=0x11ee868) returned 0x0
[0272.996] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0272.996] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0272.996] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0272.996] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0272.996] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0272.996] GdipRestoreGraphics (graphics=0x6600030, state=0xf7120dbd) returned 0x0
[0272.996] GdipDeleteRegion (region=0x6646838) returned 0x0
[0272.996] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0272.996] GetCurrentObject (hdc=0xc20107ef, type=0x1) returned 0xb00017
[0272.996] GetCurrentObject (hdc=0xc20107ef, type=0x2) returned 0x900010
[0272.996] GetCurrentObject (hdc=0xc20107ef, type=0x7) returned 0x4a0507fe
[0272.997] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0272.997] SaveDC (hdc=0xc20107ef) returned 1
[0272.997] GetNearestColor (hdc=0xc20107ef, color=0xf0f0f0) returned 0xf0f0f0
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0xa0a0a0) returned 0xa0a0a0
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0x696969) returned 0x696969
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0xa0a0a0) returned 0xa0a0a0
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0x0) returned 0x0
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0xffffff) returned 0xffffff
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0xe5e5e5) returned 0xe5e5e5
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0xd7d7d7) returned 0xd7d7d7
[0272.999] GetNearestColor (hdc=0xc20107ef, color=0x0) returned 0x0
[0272.999] RestoreDC (hdc=0xc20107ef, nSavedDC=-1) returned 1
[0272.999] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107ef) returned 0x0
[0272.999] IsAppThemed () returned 0x1
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0273.000] SendMessageW (hWnd=0x2b02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0273.000] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0273.000] IsAppThemed () returned 0x1
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d12ea4 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0273.000] IsAppThemed () returned 0x1
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] IsAppThemed () returned 0x1
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] IsAppThemed () returned 0x1
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] GetThemeAppProperties () returned 0x3
[0273.000] IsAppThemed () returned 0x1
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] IsThemePartDefined () returned 0x1
[0273.001] IsAppThemed () returned 0x1
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0273.001] IsAppThemed () returned 0x1
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] IsAppThemed () returned 0x1
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] GetThemeAppProperties () returned 0x3
[0273.001] IsThemePartDefined () returned 0x1
[0273.001] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0273.001] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0273.001] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0273.001] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0273.001] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dfe4) returned 0x0
[0273.001] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0273.001] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0273.001] LocalFree (hMem=0x11ee910) returned 0x0
[0273.001] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0273.001] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0273.001] LocalFree (hMem=0x11ee8d8) returned 0x0
[0273.002] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0273.002] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0273.002] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0273.002] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0273.002] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0273.002] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0273.002] GetCurrentObject (hdc=0xc20107ef, type=0x1) returned 0xb00017
[0273.002] GetCurrentObject (hdc=0xc20107ef, type=0x2) returned 0x900010
[0273.002] GetCurrentObject (hdc=0xc20107ef, type=0x7) returned 0x4a0507fe
[0273.002] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0273.002] SaveDC (hdc=0xc20107ef) returned 1
[0273.002] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf040807
[0273.002] GetClipRgn (hdc=0xc20107ef, hrgn=0xf040807) returned 0
[0273.002] SelectClipRgn (hdc=0xc20107ef, hrgn=0xa30407de) returned 2
[0273.002] DeleteObject (ho=0xf040807) returned 1
[0273.002] DeleteObject (ho=0xa30407de) returned 1
[0273.002] OffsetViewportOrgEx (in: hdc=0xc20107ef, x=0, y=0, lppt=0x2d13554 | out: lppt=0x2d13554) returned 1
[0273.002] DrawThemeParentBackground () returned 0x0
[0273.003] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0273.003] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0273.003] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.003] GetSystemMetrics (nIndex=42) returned 0
[0273.003] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0273.003] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0273.003] GetCurrentObject (hdc=0xc20107ef, type=0x1) returned 0xb00017
[0273.003] GetCurrentObject (hdc=0xc20107ef, type=0x2) returned 0x900010
[0273.003] GetCurrentObject (hdc=0xc20107ef, type=0x7) returned 0x4a0507fe
[0273.003] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0273.003] SaveDC (hdc=0xc20107ef) returned 2
[0273.003] GetNearestColor (hdc=0xc20107ef, color=0xf0f0f0) returned 0xf0f0f0
[0273.003] CreateSolidBrush (color=0xf0f0f0) returned 0xfb1007e1
[0273.003] FillRect (hDC=0xc20107ef, lprc=0xd7da30, hbr=0xfb1007e1) returned 1
[0273.003] DeleteObject (ho=0xfb1007e1) returned 1
[0273.003] RestoreDC (hdc=0xc20107ef, nSavedDC=-1) returned 1
[0273.003] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.004] GetSystemMetrics (nIndex=42) returned 0
[0273.004] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0273.004] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0273.004] GetCurrentObject (hdc=0xc20107ef, type=0x1) returned 0xb00017
[0273.004] GetCurrentObject (hdc=0xc20107ef, type=0x2) returned 0x900010
[0273.004] GetCurrentObject (hdc=0xc20107ef, type=0x7) returned 0x4a0507fe
[0273.004] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0273.004] SaveDC (hdc=0xc20107ef) returned 2
[0273.004] GetNearestColor (hdc=0xc20107ef, color=0xf0f0f0) returned 0xf0f0f0
[0273.004] CreateSolidBrush (color=0xf0f0f0) returned 0xfc1007e1
[0273.004] FillRect (hDC=0xc20107ef, lprc=0xd7d9d0, hbr=0xfc1007e1) returned 1
[0273.004] DeleteObject (ho=0xfc1007e1) returned 1
[0273.004] RestoreDC (hdc=0xc20107ef, nSavedDC=-1) returned 1
[0273.004] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.004] GetSystemMetrics (nIndex=42) returned 0
[0273.004] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0273.005] RestoreDC (hdc=0xc20107ef, nSavedDC=-1) returned 1
[0273.005] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107ef) returned 0x0
[0273.005] IsAppThemed () returned 0x1
[0273.005] GetThemeAppProperties () returned 0x3
[0273.005] GetThemeAppProperties () returned 0x3
[0273.005] IsAppThemed () returned 0x1
[0273.005] GetThemeAppProperties () returned 0x3
[0273.005] GetThemeAppProperties () returned 0x3
[0273.005] IsThemePartDefined () returned 0x1
[0273.005] GdipCreateRegion (region=0xd7df50) returned 0x0
[0273.005] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0273.005] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0273.005] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0273.005] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df68) returned 0x0
[0273.005] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0273.005] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0273.005] LocalFree (hMem=0x11ee9f0) returned 0x0
[0273.005] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0273.005] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0273.005] LocalFree (hMem=0x11ee9f0) returned 0x0
[0273.006] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0273.006] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0273.006] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df80) returned 0x0
[0273.006] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0273.006] GdipDeleteRegion (region=0x6646298) returned 0x0
[0273.006] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0273.006] GetCurrentObject (hdc=0xc20107ef, type=0x1) returned 0xb00017
[0273.006] GetCurrentObject (hdc=0xc20107ef, type=0x2) returned 0x900010
[0273.006] GetCurrentObject (hdc=0xc20107ef, type=0x7) returned 0x4a0507fe
[0273.006] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0273.006] SaveDC (hdc=0xc20107ef) returned 1
[0273.006] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa40407de
[0273.006] GetClipRgn (hdc=0xc20107ef, hrgn=0xa40407de) returned 0
[0273.006] SelectClipRgn (hdc=0xc20107ef, hrgn=0x11040807) returned 2
[0273.006] DeleteObject (ho=0xa40407de) returned 1
[0273.006] DeleteObject (ho=0x11040807) returned 1
[0273.006] OffsetViewportOrgEx (in: hdc=0xc20107ef, x=0, y=0, lppt=0x2d13e00 | out: lppt=0x2d13e00) returned 1
[0273.006] IsAppThemed () returned 0x1
[0273.006] GetThemeAppProperties () returned 0x3
[0273.007] GetThemeAppProperties () returned 0x3
[0273.007] DrawThemeBackground () returned 0x0
[0273.007] RestoreDC (hdc=0xc20107ef, nSavedDC=-1) returned 1
[0273.007] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107ef) returned 0x0
[0273.007] GdipCreateRegion (region=0xd7df54) returned 0x0
[0273.007] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0273.007] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0273.007] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0273.007] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df6c) returned 0x0
[0273.007] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.007] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0273.007] LocalFree (hMem=0x11eec58) returned 0x0
[0273.007] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0273.007] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0273.007] LocalFree (hMem=0x11ee868) returned 0x0
[0273.007] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0273.007] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df94) returned 0x0
[0273.007] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df84) returned 0x0
[0273.007] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0273.007] GdipDeleteRegion (region=0x6646298) returned 0x0
[0273.007] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0273.008] GetCurrentObject (hdc=0xc20107ef, type=0x1) returned 0xb00017
[0273.008] GetCurrentObject (hdc=0xc20107ef, type=0x2) returned 0x900010
[0273.008] GetCurrentObject (hdc=0xc20107ef, type=0x7) returned 0x4a0507fe
[0273.008] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0273.008] SaveDC (hdc=0xc20107ef) returned 1
[0273.008] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x12040807
[0273.008] GetClipRgn (hdc=0xc20107ef, hrgn=0x12040807) returned 0
[0273.008] SelectClipRgn (hdc=0xc20107ef, hrgn=0xa50407de) returned 2
[0273.008] DeleteObject (ho=0x12040807) returned 1
[0273.008] DeleteObject (ho=0xa50407de) returned 1
[0273.008] OffsetViewportOrgEx (in: hdc=0xc20107ef, x=0, y=0, lppt=0x2d140d4 | out: lppt=0x2d140d4) returned 1
[0273.008] IsAppThemed () returned 0x1
[0273.008] GetThemeAppProperties () returned 0x3
[0273.008] GetThemeAppProperties () returned 0x3
[0273.008] GetThemeBackgroundContentRect () returned 0x0
[0273.008] RestoreDC (hdc=0xc20107ef, nSavedDC=-1) returned 1
[0273.008] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107ef) returned 0x0
[0273.008] IsAppThemed () returned 0x1
[0273.008] GetThemeAppProperties () returned 0x3
[0273.008] GetThemeAppProperties () returned 0x3
[0273.008] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0273.009] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0273.009] GetCurrentObject (hdc=0xc20107ef, type=0x1) returned 0xb00017
[0273.009] GetCurrentObject (hdc=0xc20107ef, type=0x2) returned 0x900010
[0273.009] GetCurrentObject (hdc=0xc20107ef, type=0x7) returned 0x4a0507fe
[0273.009] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0273.009] SaveDC (hdc=0xc20107ef) returned 1
[0273.009] GetTextAlign (hdc=0xc20107ef) returned 0x0
[0273.009] GetTextColor (hdc=0xc20107ef) returned 0x0
[0273.009] GetCurrentObject (hdc=0xc20107ef, type=0x6) returned 0x8a01c2
[0273.009] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0273.009] SelectObject (hdc=0xc20107ef, h=0x6d0a0520) returned 0x8a01c2
[0273.009] GetBkMode (hdc=0xc20107ef) returned 2
[0273.009] SetBkMode (hdc=0xc20107ef, mode=1) returned 2
[0273.009] DrawTextExW (in: hdc=0xc20107ef, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d14474 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0273.010] DrawTextExW (in: hdc=0xc20107ef, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d14474 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0273.010] RestoreDC (hdc=0xc20107ef, nSavedDC=-1) returned 1
[0273.010] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107ef) returned 0x0
[0273.010] GetFocus () returned 0x2d02d8
[0273.010] IsAppThemed () returned 0x1
[0273.010] GetThemeAppProperties () returned 0x3
[0273.010] GetThemeAppProperties () returned 0x3
[0273.010] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0273.010] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xc20107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0273.010] GdipReleaseDC (graphics=0x6600030, hdc=0xc20107ef) returned 0x0
[0273.010] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.010] SelectObject (hdc=0xc20107ef, h=0x85000f) returned 0x4a0507fe
[0273.010] DeleteDC (hdc=0xc20107ef) returned 1
[0273.010] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0273.011] EndPaint (hWnd=0x2102ce, lpPaint=0xd7e24c) returned 1
[0273.011] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.011] IsWindowUnicode (hWnd=0x2b02de) returned 1
[0273.011] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.011] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.011] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.011] BeginPaint (in: hWnd=0x2b02de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0273.012] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.012] CreateCompatibleDC (hdc=0x10105d6) returned 0xc40107ef
[0273.012] SelectObject (hdc=0xc40107ef, h=0x4a0507fe) returned 0x85000f
[0273.012] GdipCreateFromHDC (hdc=0xc40107ef, graphics=0xd7e268) returned 0x0
[0273.012] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0273.012] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0273.012] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0273.012] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0273.012] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0273.012] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.012] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0273.012] LocalFree (hMem=0x11eec58) returned 0x0
[0273.012] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0273.012] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0273.018] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0273.018] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0273.018] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0273.018] GdipRestoreGraphics (graphics=0x6600030, state=0xf7100dbd) returned 0x0
[0273.018] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0273.018] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0273.018] GetCurrentObject (hdc=0xc40107ef, type=0x1) returned 0xb00017
[0273.018] GetCurrentObject (hdc=0xc40107ef, type=0x2) returned 0x900010
[0273.018] GetCurrentObject (hdc=0xc40107ef, type=0x7) returned 0x4a0507fe
[0273.018] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.018] SaveDC (hdc=0xc40107ef) returned 1
[0273.018] GetNearestColor (hdc=0xc40107ef, color=0xf0f0f0) returned 0xf0f0f0
[0273.018] GetNearestColor (hdc=0xc40107ef, color=0xa0a0a0) returned 0xa0a0a0
[0273.018] GetNearestColor (hdc=0xc40107ef, color=0x696969) returned 0x696969
[0273.018] GetNearestColor (hdc=0xc40107ef, color=0xa0a0a0) returned 0xa0a0a0
[0273.018] GetNearestColor (hdc=0xc40107ef, color=0x0) returned 0x0
[0273.018] GetNearestColor (hdc=0xc40107ef, color=0xffffff) returned 0xffffff
[0273.019] GetNearestColor (hdc=0xc40107ef, color=0xe5e5e5) returned 0xe5e5e5
[0273.019] GetNearestColor (hdc=0xc40107ef, color=0xd7d7d7) returned 0xd7d7d7
[0273.019] GetNearestColor (hdc=0xc40107ef, color=0x0) returned 0x0
[0273.019] RestoreDC (hdc=0xc40107ef, nSavedDC=-1) returned 1
[0273.019] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107ef) returned 0x0
[0273.019] IsAppThemed () returned 0x1
[0273.019] GetThemeAppProperties () returned 0x3
[0273.019] GetThemeAppProperties () returned 0x3
[0273.019] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0273.019] SendMessageW (hWnd=0x2b02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0273.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0273.019] IsAppThemed () returned 0x1
[0273.019] GetThemeAppProperties () returned 0x3
[0273.019] GetThemeAppProperties () returned 0x3
[0273.019] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d14c84 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0273.020] IsAppThemed () returned 0x1
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] IsAppThemed () returned 0x1
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetFocus () returned 0x2d02d8
[0273.020] IsAppThemed () returned 0x1
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] IsAppThemed () returned 0x1
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] IsThemePartDefined () returned 0x1
[0273.020] IsAppThemed () returned 0x1
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0273.020] IsAppThemed () returned 0x1
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] IsAppThemed () returned 0x1
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] GetThemeAppProperties () returned 0x3
[0273.020] IsThemePartDefined () returned 0x1
[0273.020] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0273.020] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0273.021] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0273.021] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0273.021] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0273.021] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0273.021] LocalFree (hMem=0x11ee8d8) returned 0x0
[0273.021] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0273.021] LocalFree (hMem=0x11ee868) returned 0x0
[0273.021] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0273.021] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0273.021] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0273.021] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0273.021] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0273.021] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0273.021] GetCurrentObject (hdc=0xc40107ef, type=0x1) returned 0xb00017
[0273.021] GetCurrentObject (hdc=0xc40107ef, type=0x2) returned 0x900010
[0273.021] GetCurrentObject (hdc=0xc40107ef, type=0x7) returned 0x4a0507fe
[0273.021] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.021] SaveDC (hdc=0xc40107ef) returned 1
[0273.021] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa60407de
[0273.021] GetClipRgn (hdc=0xc40107ef, hrgn=0xa60407de) returned 0
[0273.021] SelectClipRgn (hdc=0xc40107ef, hrgn=0x16040807) returned 2
[0273.022] DeleteObject (ho=0xa60407de) returned 1
[0273.022] DeleteObject (ho=0x16040807) returned 1
[0273.022] OffsetViewportOrgEx (in: hdc=0xc40107ef, x=0, y=0, lppt=0x2d15334 | out: lppt=0x2d15334) returned 1
[0273.022] DrawThemeParentBackground () returned 0x0
[0273.022] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0273.022] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0273.022] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.022] GetSystemMetrics (nIndex=42) returned 0
[0273.022] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0273.022] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0273.022] GetCurrentObject (hdc=0xc40107ef, type=0x1) returned 0xb00017
[0273.022] GetCurrentObject (hdc=0xc40107ef, type=0x2) returned 0x900010
[0273.022] GetCurrentObject (hdc=0xc40107ef, type=0x7) returned 0x4a0507fe
[0273.022] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.022] SaveDC (hdc=0xc40107ef) returned 2
[0273.022] GetNearestColor (hdc=0xc40107ef, color=0xf0f0f0) returned 0xf0f0f0
[0273.022] CreateSolidBrush (color=0xf0f0f0) returned 0xfd1007e1
[0273.023] FillRect (hDC=0xc40107ef, lprc=0xd7da38, hbr=0xfd1007e1) returned 1
[0273.023] DeleteObject (ho=0xfd1007e1) returned 1
[0273.023] RestoreDC (hdc=0xc40107ef, nSavedDC=-1) returned 1
[0273.023] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.023] GetSystemMetrics (nIndex=42) returned 0
[0273.023] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0273.023] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0273.023] GetCurrentObject (hdc=0xc40107ef, type=0x1) returned 0xb00017
[0273.023] GetCurrentObject (hdc=0xc40107ef, type=0x2) returned 0x900010
[0273.023] GetCurrentObject (hdc=0xc40107ef, type=0x7) returned 0x4a0507fe
[0273.023] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.023] SaveDC (hdc=0xc40107ef) returned 2
[0273.023] GetNearestColor (hdc=0xc40107ef, color=0xf0f0f0) returned 0xf0f0f0
[0273.023] CreateSolidBrush (color=0xf0f0f0) returned 0xfe1007e1
[0273.023] FillRect (hDC=0xc40107ef, lprc=0xd7d9d8, hbr=0xfe1007e1) returned 1
[0273.023] DeleteObject (ho=0xfe1007e1) returned 1
[0273.023] RestoreDC (hdc=0xc40107ef, nSavedDC=-1) returned 1
[0273.024] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.024] GetSystemMetrics (nIndex=42) returned 0
[0273.024] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0273.024] RestoreDC (hdc=0xc40107ef, nSavedDC=-1) returned 1
[0273.024] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107ef) returned 0x0
[0273.024] IsAppThemed () returned 0x1
[0273.024] GetThemeAppProperties () returned 0x3
[0273.024] GetThemeAppProperties () returned 0x3
[0273.024] IsAppThemed () returned 0x1
[0273.024] GetThemeAppProperties () returned 0x3
[0273.024] GetThemeAppProperties () returned 0x3
[0273.024] IsThemePartDefined () returned 0x1
[0273.024] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0273.024] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0273.024] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0273.024] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0273.024] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0273.024] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0273.025] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0273.025] LocalFree (hMem=0x11ee868) returned 0x0
[0273.025] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0273.025] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0273.025] LocalFree (hMem=0x11ee9f0) returned 0x0
[0273.025] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0273.025] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0273.025] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0273.025] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0273.025] GdipDeleteRegion (region=0x6646328) returned 0x0
[0273.025] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0273.025] GetCurrentObject (hdc=0xc40107ef, type=0x1) returned 0xb00017
[0273.025] GetCurrentObject (hdc=0xc40107ef, type=0x2) returned 0x900010
[0273.025] GetCurrentObject (hdc=0xc40107ef, type=0x7) returned 0x4a0507fe
[0273.025] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.025] SaveDC (hdc=0xc40107ef) returned 1
[0273.025] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x17040807
[0273.025] GetClipRgn (hdc=0xc40107ef, hrgn=0x17040807) returned 0
[0273.025] SelectClipRgn (hdc=0xc40107ef, hrgn=0xa80407de) returned 2
[0273.025] DeleteObject (ho=0x17040807) returned 1
[0273.025] DeleteObject (ho=0xa80407de) returned 1
[0273.026] OffsetViewportOrgEx (in: hdc=0xc40107ef, x=0, y=0, lppt=0x2d15be0 | out: lppt=0x2d15be0) returned 1
[0273.026] IsAppThemed () returned 0x1
[0273.026] GetThemeAppProperties () returned 0x3
[0273.026] GetThemeAppProperties () returned 0x3
[0273.026] DrawThemeBackground () returned 0x0
[0273.026] RestoreDC (hdc=0xc40107ef, nSavedDC=-1) returned 1
[0273.026] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107ef) returned 0x0
[0273.026] GdipCreateRegion (region=0xd7df60) returned 0x0
[0273.026] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0273.026] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0273.026] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0273.026] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0273.026] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0273.026] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0273.026] LocalFree (hMem=0x11ee868) returned 0x0
[0273.026] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.026] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0273.026] LocalFree (hMem=0x11eec58) returned 0x0
[0273.026] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0273.026] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0273.026] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0273.026] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0273.027] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0273.027] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0273.027] GetCurrentObject (hdc=0xc40107ef, type=0x1) returned 0xb00017
[0273.027] GetCurrentObject (hdc=0xc40107ef, type=0x2) returned 0x900010
[0273.027] GetCurrentObject (hdc=0xc40107ef, type=0x7) returned 0x4a0507fe
[0273.027] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.027] SaveDC (hdc=0xc40107ef) returned 1
[0273.027] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa90407de
[0273.027] GetClipRgn (hdc=0xc40107ef, hrgn=0xa90407de) returned 0
[0273.027] SelectClipRgn (hdc=0xc40107ef, hrgn=0x18040807) returned 2
[0273.027] DeleteObject (ho=0xa90407de) returned 1
[0273.027] DeleteObject (ho=0x18040807) returned 1
[0273.027] OffsetViewportOrgEx (in: hdc=0xc40107ef, x=0, y=0, lppt=0x2d15eb4 | out: lppt=0x2d15eb4) returned 1
[0273.027] IsAppThemed () returned 0x1
[0273.027] GetThemeAppProperties () returned 0x3
[0273.027] GetThemeAppProperties () returned 0x3
[0273.027] GetThemeBackgroundContentRect () returned 0x0
[0273.027] RestoreDC (hdc=0xc40107ef, nSavedDC=-1) returned 1
[0273.027] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107ef) returned 0x0
[0273.027] IsAppThemed () returned 0x1
[0273.028] GetThemeAppProperties () returned 0x3
[0273.028] GetThemeAppProperties () returned 0x3
[0273.028] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0273.028] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0273.028] GetCurrentObject (hdc=0xc40107ef, type=0x1) returned 0xb00017
[0273.028] GetCurrentObject (hdc=0xc40107ef, type=0x2) returned 0x900010
[0273.028] GetCurrentObject (hdc=0xc40107ef, type=0x7) returned 0x4a0507fe
[0273.028] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.028] SaveDC (hdc=0xc40107ef) returned 1
[0273.028] GetTextAlign (hdc=0xc40107ef) returned 0x0
[0273.028] GetTextColor (hdc=0xc40107ef) returned 0x0
[0273.034] GetCurrentObject (hdc=0xc40107ef, type=0x6) returned 0x8a01c2
[0273.034] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0273.034] SelectObject (hdc=0xc40107ef, h=0x6d0a0520) returned 0x8a01c2
[0273.034] GetBkMode (hdc=0xc40107ef) returned 2
[0273.034] SetBkMode (hdc=0xc40107ef, mode=1) returned 2
[0273.034] DrawTextExW (in: hdc=0xc40107ef, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d16254 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0273.035] DrawTextExW (in: hdc=0xc40107ef, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d16254 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0273.035] RestoreDC (hdc=0xc40107ef, nSavedDC=-1) returned 1
[0273.035] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107ef) returned 0x0
[0273.035] GetFocus () returned 0x2d02d8
[0273.035] IsAppThemed () returned 0x1
[0273.035] GetThemeAppProperties () returned 0x3
[0273.035] GetThemeAppProperties () returned 0x3
[0273.035] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0273.035] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xc40107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0273.035] GdipReleaseDC (graphics=0x6600030, hdc=0xc40107ef) returned 0x0
[0273.035] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.035] SelectObject (hdc=0xc40107ef, h=0x85000f) returned 0x4a0507fe
[0273.036] DeleteDC (hdc=0xc40107ef) returned 1
[0273.036] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0273.036] EndPaint (hWnd=0x2b02de, lpPaint=0xd7e24c) returned 1
[0273.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.036] IsWindowUnicode (hWnd=0x602c4) returned 1
[0273.036] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.036] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.036] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.036] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0273.036] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.036] CreateCompatibleDC (hdc=0xc0107c5) returned 0xc60107ef
[0273.036] SelectObject (hdc=0xc60107ef, h=0x4a0507fe) returned 0x85000f
[0273.036] GdipCreateFromHDC (hdc=0xc60107ef, graphics=0xd7e268) returned 0x0
[0273.037] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0273.037] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0273.037] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0273.037] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0273.037] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0273.037] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0273.037] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eead0) returned 0x0
[0273.037] LocalFree (hMem=0x11eead0) returned 0x0
[0273.037] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0273.037] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0273.037] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0273.037] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0273.037] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0273.037] GdipRestoreGraphics (graphics=0x6600030, state=0xf70e0dbd) returned 0x0
[0273.037] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0273.037] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0273.037] GetCurrentObject (hdc=0xc60107ef, type=0x1) returned 0xb00017
[0273.037] GetCurrentObject (hdc=0xc60107ef, type=0x2) returned 0x900010
[0273.037] GetCurrentObject (hdc=0xc60107ef, type=0x7) returned 0x4a0507fe
[0273.038] GetCurrentObject (hdc=0xc60107ef, type=0x6) returned 0x8a01c2
[0273.038] SaveDC (hdc=0xc60107ef) returned 1
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0xff) returned 0xff
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0x55) returned 0x55
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0x0) returned 0x0
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0x55) returned 0x55
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0x0) returned 0x0
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0x8080ff) returned 0x8080ff
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0x7373e5) returned 0x7373e5
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0xe5) returned 0xe5
[0273.038] GetNearestColor (hdc=0xc60107ef, color=0x0) returned 0x0
[0273.038] RestoreDC (hdc=0xc60107ef, nSavedDC=-1) returned 1
[0273.038] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107ef) returned 0x0
[0273.038] IsAppThemed () returned 0x1
[0273.038] GetThemeAppProperties () returned 0x3
[0273.038] GetThemeAppProperties () returned 0x3
[0273.038] IsAppThemed () returned 0x1
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d16a1c | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0273.039] IsAppThemed () returned 0x1
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] IsAppThemed () returned 0x1
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] GetFocus () returned 0x2d02d8
[0273.039] IsAppThemed () returned 0x1
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] IsAppThemed () returned 0x1
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] GetThemeAppProperties () returned 0x3
[0273.039] IsThemePartDefined () returned 0x1
[0273.040] IsAppThemed () returned 0x1
[0273.040] GetThemeAppProperties () returned 0x3
[0273.040] GetThemeAppProperties () returned 0x3
[0273.040] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0273.040] IsAppThemed () returned 0x1
[0273.040] GetThemeAppProperties () returned 0x3
[0273.040] GetThemeAppProperties () returned 0x3
[0273.040] IsAppThemed () returned 0x1
[0273.040] GetThemeAppProperties () returned 0x3
[0273.040] GetThemeAppProperties () returned 0x3
[0273.040] IsThemePartDefined () returned 0x1
[0273.040] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0273.040] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0273.040] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0273.040] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0273.040] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dff0) returned 0x0
[0273.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0273.040] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee868) returned 0x0
[0273.040] LocalFree (hMem=0x11ee868) returned 0x0
[0273.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.040] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0273.040] LocalFree (hMem=0x11eec58) returned 0x0
[0273.040] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0273.040] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0273.041] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0273.041] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0273.041] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0273.041] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0273.041] GetCurrentObject (hdc=0xc60107ef, type=0x1) returned 0xb00017
[0273.041] GetCurrentObject (hdc=0xc60107ef, type=0x2) returned 0x900010
[0273.041] GetCurrentObject (hdc=0xc60107ef, type=0x7) returned 0x4a0507fe
[0273.041] GetCurrentObject (hdc=0xc60107ef, type=0x6) returned 0x8a01c2
[0273.041] SaveDC (hdc=0xc60107ef) returned 1
[0273.041] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x19040807
[0273.041] GetClipRgn (hdc=0xc60107ef, hrgn=0x19040807) returned 0
[0273.041] SelectClipRgn (hdc=0xc60107ef, hrgn=0xad0407de) returned 2
[0273.041] DeleteObject (ho=0x19040807) returned 1
[0273.041] DeleteObject (ho=0xad0407de) returned 1
[0273.041] OffsetViewportOrgEx (in: hdc=0xc60107ef, x=0, y=0, lppt=0x2d170cc | out: lppt=0x2d170cc) returned 1
[0273.041] DrawThemeParentBackground () returned 0x0
[0273.041] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0273.042] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0273.042] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0273.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.042] GetSystemMetrics (nIndex=42) returned 0
[0273.042] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0273.042] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0273.042] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0273.042] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0273.042] SelectPalette (hdc=0xc60107ef, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.042] GdipCreateFromHDC (hdc=0xc60107ef, graphics=0xd7dac8) returned 0x0
[0273.042] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0273.042] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0273.042] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638b78) returned 0x0
[0273.042] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7daa0) returned 0x0
[0273.042] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0273.042] GdipCreateRegion (region=0xd7da88) returned 0x0
[0273.042] GdipGetClip (graphics=0x6638e08, region=0x6646448) returned 0x0
[0273.042] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6638e08, result=0xd7da94) returned 0x0
[0273.043] GdipDeleteRegion (region=0x6646448) returned 0x0
[0273.043] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dac0) returned 0x0
[0273.043] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0273.053] GdipFillRectangleI (graphics=0x6638e08, brush=0x66494f8, x=0, y=0, width=801, height=453) returned 0x0
[0273.053] GdipDeleteBrush (brush=0x66494f8) returned 0x0
[0273.054] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0273.054] SelectPalette (hdc=0xc60107ef, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.054] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0273.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.054] GetSystemMetrics (nIndex=42) returned 0
[0273.054] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0273.055] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0273.055] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0273.055] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0273.055] SelectPalette (hdc=0xc60107ef, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.055] GdipCreateFromHDC (hdc=0xc60107ef, graphics=0xd7da68) returned 0x0
[0273.055] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0273.055] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0273.055] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c68) returned 0x0
[0273.055] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7da40) returned 0x0
[0273.055] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0273.055] GdipCreateRegion (region=0xd7da28) returned 0x0
[0273.055] GdipGetClip (graphics=0x6638e08, region=0x6646718) returned 0x0
[0273.055] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6638e08, result=0xd7da34) returned 0x0
[0273.055] GdipDeleteRegion (region=0x6646718) returned 0x0
[0273.055] GdipSaveGraphics (graphics=0x6638e08, state=0xd7da60) returned 0x0
[0273.057] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0273.064] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648da8, x=0, y=0, width=801, height=453) returned 0x0
[0273.064] GdipDeleteBrush (brush=0x6648da8) returned 0x0
[0273.066] GdipRestoreGraphics (graphics=0x6638e08, state=0xf70a0dbd) returned 0x0
[0273.066] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0273.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.066] GetSystemMetrics (nIndex=42) returned 0
[0273.066] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0273.066] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0273.066] SelectPalette (hdc=0xc60107ef, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.066] RestoreDC (hdc=0xc60107ef, nSavedDC=-1) returned 1
[0273.067] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107ef) returned 0x0
[0273.067] IsAppThemed () returned 0x1
[0273.067] GetThemeAppProperties () returned 0x3
[0273.067] GetThemeAppProperties () returned 0x3
[0273.067] IsAppThemed () returned 0x1
[0273.067] GetThemeAppProperties () returned 0x3
[0273.067] GetThemeAppProperties () returned 0x3
[0273.067] IsThemePartDefined () returned 0x1
[0273.067] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0273.067] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0273.067] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0273.067] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0273.067] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0273.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.067] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0273.067] LocalFree (hMem=0x11eec58) returned 0x0
[0273.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0273.067] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0273.067] LocalFree (hMem=0x11ee8d8) returned 0x0
[0273.067] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0273.067] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0273.068] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0273.068] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0273.068] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0273.068] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0273.068] GetCurrentObject (hdc=0xc60107ef, type=0x1) returned 0xb00017
[0273.068] GetCurrentObject (hdc=0xc60107ef, type=0x2) returned 0x900010
[0273.068] GetCurrentObject (hdc=0xc60107ef, type=0x7) returned 0x4a0507fe
[0273.068] GetCurrentObject (hdc=0xc60107ef, type=0x6) returned 0x8a01c2
[0273.068] SaveDC (hdc=0xc60107ef) returned 1
[0273.068] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xae0407de
[0273.068] GetClipRgn (hdc=0xc60107ef, hrgn=0xae0407de) returned 0
[0273.068] SelectClipRgn (hdc=0xc60107ef, hrgn=0x1b040807) returned 2
[0273.068] DeleteObject (ho=0xae0407de) returned 1
[0273.068] DeleteObject (ho=0x1b040807) returned 1
[0273.068] OffsetViewportOrgEx (in: hdc=0xc60107ef, x=0, y=0, lppt=0x2d1d91c | out: lppt=0x2d1d91c) returned 1
[0273.068] IsAppThemed () returned 0x1
[0273.068] GetThemeAppProperties () returned 0x3
[0273.068] GetThemeAppProperties () returned 0x3
[0273.068] DrawThemeBackground () returned 0x0
[0273.069] RestoreDC (hdc=0xc60107ef, nSavedDC=-1) returned 1
[0273.069] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107ef) returned 0x0
[0273.069] GdipCreateRegion (region=0xd7df60) returned 0x0
[0273.069] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0273.069] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0273.069] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0273.069] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0273.069] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0273.069] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0273.069] LocalFree (hMem=0x11ee8d8) returned 0x0
[0273.069] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0273.069] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0273.069] LocalFree (hMem=0x11ee868) returned 0x0
[0273.069] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0273.069] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0273.069] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0273.069] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0273.069] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0273.069] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0273.069] GetCurrentObject (hdc=0xc60107ef, type=0x1) returned 0xb00017
[0273.069] GetCurrentObject (hdc=0xc60107ef, type=0x2) returned 0x900010
[0273.069] GetCurrentObject (hdc=0xc60107ef, type=0x7) returned 0x4a0507fe
[0273.069] GetCurrentObject (hdc=0xc60107ef, type=0x6) returned 0x8a01c2
[0273.070] SaveDC (hdc=0xc60107ef) returned 1
[0273.070] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1c040807
[0273.070] GetClipRgn (hdc=0xc60107ef, hrgn=0x1c040807) returned 0
[0273.070] SelectClipRgn (hdc=0xc60107ef, hrgn=0xaf0407de) returned 2
[0273.070] DeleteObject (ho=0x1c040807) returned 1
[0273.070] DeleteObject (ho=0xaf0407de) returned 1
[0273.070] OffsetViewportOrgEx (in: hdc=0xc60107ef, x=0, y=0, lppt=0x2d1dbf0 | out: lppt=0x2d1dbf0) returned 1
[0273.070] IsAppThemed () returned 0x1
[0273.070] GetThemeAppProperties () returned 0x3
[0273.070] GetThemeAppProperties () returned 0x3
[0273.070] GetThemeBackgroundContentRect () returned 0x0
[0273.070] RestoreDC (hdc=0xc60107ef, nSavedDC=-1) returned 1
[0273.070] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107ef) returned 0x0
[0273.070] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0273.070] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0273.070] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0273.070] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0273.070] IsAppThemed () returned 0x1
[0273.070] GetThemeAppProperties () returned 0x3
[0273.070] GetThemeAppProperties () returned 0x3
[0273.070] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0273.070] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0273.070] GetCurrentObject (hdc=0xc60107ef, type=0x1) returned 0xb00017
[0273.070] GetCurrentObject (hdc=0xc60107ef, type=0x2) returned 0x900010
[0273.070] GetCurrentObject (hdc=0xc60107ef, type=0x7) returned 0x4a0507fe
[0273.071] GetCurrentObject (hdc=0xc60107ef, type=0x6) returned 0x8a01c2
[0273.071] SaveDC (hdc=0xc60107ef) returned 1
[0273.071] GetTextAlign (hdc=0xc60107ef) returned 0x0
[0273.071] GetTextColor (hdc=0xc60107ef) returned 0x0
[0273.071] GetCurrentObject (hdc=0xc60107ef, type=0x6) returned 0x8a01c2
[0273.071] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0273.071] SelectObject (hdc=0xc60107ef, h=0x6d0a0520) returned 0x8a01c2
[0273.071] GetBkMode (hdc=0xc60107ef) returned 2
[0273.071] SetBkMode (hdc=0xc60107ef, mode=1) returned 2
[0273.071] DrawTextExW (in: hdc=0xc60107ef, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d1dfb4 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0273.071] DrawTextExW (in: hdc=0xc60107ef, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d1dfb4 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0273.072] RestoreDC (hdc=0xc60107ef, nSavedDC=-1) returned 1
[0273.072] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107ef) returned 0x0
[0273.072] GetFocus () returned 0x2d02d8
[0273.072] IsAppThemed () returned 0x1
[0273.072] GetThemeAppProperties () returned 0x3
[0273.072] GetThemeAppProperties () returned 0x3
[0273.072] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0273.072] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xc60107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0273.072] GdipReleaseDC (graphics=0x6600030, hdc=0xc60107ef) returned 0x0
[0273.073] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.073] SelectObject (hdc=0xc60107ef, h=0x85000f) returned 0x4a0507fe
[0273.073] DeleteDC (hdc=0xc60107ef) returned 1
[0273.073] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0273.073] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0273.073] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.073] IsWindowUnicode (hWnd=0x2102ce) returned 1
[0273.073] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.073] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.073] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.073] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.073] IsWindowUnicode (hWnd=0x2102ce) returned 1
[0273.073] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.074] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.074] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.074] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x2a1, wParam=0x0, lParam=0xb002a) returned 0x0
[0273.074] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.074] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.074] WaitMessage () returned 1
[0273.086] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.087] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.087] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.087] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.087] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.087] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.087] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.088] WaitMessage () returned 1
[0273.089] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.089] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.089] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.089] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.089] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.089] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.090] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.090] WaitMessage () returned 1
[0273.090] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.090] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.090] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.090] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.090] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.092] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.092] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.092] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.092] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.092] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.092] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.092] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.092] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.092] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.092] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.093] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.093] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.093] WaitMessage () returned 1
[0273.094] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.094] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.094] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.094] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.094] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.095] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.096] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.096] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.096] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.096] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.096] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.096] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.096] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.096] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.096] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.096] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.097] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.097] WaitMessage () returned 1
[0273.097] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.097] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.097] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.097] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.097] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.099] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.099] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.099] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.099] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.099] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.100] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.100] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.100] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.100] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.100] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.100] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.101] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.101] WaitMessage () returned 1
[0273.101] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.101] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.101] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.101] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.101] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.103] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.103] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.103] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.103] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.103] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.104] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.104] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.104] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.104] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.104] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.104] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.104] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0273.104] WaitMessage () returned 1
[0273.164] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.165] IsWindowUnicode (hWnd=0x2102ce) returned 1
[0273.165] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.165] GetDlgItem (hDlg=0x2b02dc, nIDDlgItem=0) returned 0x0
[0273.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x210, wParam=0x201, lParam=0x69010b) returned 0x0
[0273.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x21, wParam=0x2b02dc, lParam=0x2010001) returned 0x1
[0273.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x21, wParam=0x2b02dc, lParam=0x2010001) returned 0x1
[0273.167] SetCursor (hCursor=0x10003) returned 0x10003
[0273.167] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.167] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.167] GetKeyState (nVirtKey=1) returned -127
[0273.167] GetKeyState (nVirtKey=2) returned 0
[0273.167] GetKeyState (nVirtKey=4) returned 0
[0273.167] GetKeyState (nVirtKey=5) returned 0
[0273.167] GetKeyState (nVirtKey=6) returned 0
[0273.167] IsWindowVisible (hWnd=0x2102ce) returned 1
[0273.167] IsWindowEnabled (hWnd=0x2102ce) returned 1
[0273.167] SetFocus (hWnd=0x2102ce) returned 0x2d02d8
[0273.188] GetFocus () returned 0x2102ce
[0273.189] IsChild (hWndParent=0x2b02dc, hWnd=0x2102ce) returned 1
[0273.189] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x8, wParam=0x2102ce, lParam=0x0) returned 0x0
[0273.189] GetCapture () returned 0x0
[0273.189] InvalidateRect (hWnd=0x2d02d8, lpRect=0x0, bErase=0) returned 1
[0273.190] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0273.192] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0273.193] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0273.194] InvalidateRect (hWnd=0x2d02d8, lpRect=0x0, bErase=0) returned 1
[0273.194] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0273.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x7, wParam=0x2d02d8, lParam=0x0) returned 0x0
[0273.194] GetStockObject (i=5) returned 0x900015
[0273.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0273.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0273.194] GetDlgItem (hDlg=0x2b02dc, nIDDlgItem=2163406) returned 0x2102ce
[0273.194] SendMessageW (hWnd=0x2102ce, Msg=0x202b, wParam=0x2102ce, lParam=0xd7dddc) returned 0x0
[0273.194] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x202b, wParam=0x2102ce, lParam=0xd7dddc) returned 0x0
[0273.194] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0273.196] GetFocus () returned 0x2102ce
[0273.196] GetFocus () returned 0x2102ce
[0273.196] GetFocus () returned 0x2102ce
[0273.196] GetKeyState (nVirtKey=1) returned -127
[0273.196] GetKeyState (nVirtKey=2) returned 0
[0273.196] GetKeyState (nVirtKey=4) returned 0
[0273.196] GetKeyState (nVirtKey=5) returned 0
[0273.197] GetKeyState (nVirtKey=6) returned 0
[0273.197] GetCapture () returned 0x0
[0273.197] SetCapture (hWnd=0x2102ce) returned 0x0
[0273.197] GetKeyState (nVirtKey=1) returned -127
[0273.197] GetKeyState (nVirtKey=2) returned 0
[0273.197] GetKeyState (nVirtKey=4) returned 0
[0273.197] GetKeyState (nVirtKey=5) returned 0
[0273.197] GetKeyState (nVirtKey=6) returned 0
[0273.197] NotifyWinEvent (event=0x800a, hwnd=0x2102ce, idObject=-4, idChild=0)
[0273.197] InvalidateRect (hWnd=0x2102ce, lpRect=0xd7e430, bErase=0) returned 1
[0273.197] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.197] IsWindowUnicode (hWnd=0x2102ce) returned 1
[0273.197] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.198] TranslateMessage (lpMsg=0xd7e808) returned 0
[0273.198] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0273.198] MapWindowPoints (in: hWndFrom=0x2102ce, hWndTo=0x0, lpPoints=0x2d1e2a0, cPoints=0x1 | out: lpPoints=0x2d1e2a0) returned 30999254
[0273.198] NotifyWinEvent (event=0x800a, hwnd=0x2102ce, idObject=-4, idChild=0)
[0273.198] InvalidateRect (hWnd=0x2102ce, lpRect=0xd7e3d0, bErase=0) returned 1
[0273.198] UpdateWindow (hWnd=0x2102ce) returned 1
[0273.198] BeginPaint (in: hWnd=0x2102ce, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0273.198] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.198] CreateCompatibleDC (hdc=0x60100ce) returned 0xf70107c6
[0273.198] SelectObject (hdc=0xf70107c6, h=0x4a0507fe) returned 0x85000f
[0273.198] GdipCreateFromHDC (hdc=0xf70107c6, graphics=0xd7df00) returned 0x0
[0273.199] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0273.199] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0273.199] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0273.199] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0273.199] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df60) returned 0x0
[0273.199] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0273.199] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0273.199] LocalFree (hMem=0x11ee788) returned 0x0
[0273.199] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0273.199] GdipCreateRegion (region=0xd7df48) returned 0x0
[0273.200] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0273.200] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0273.200] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0273.200] GdipRestoreGraphics (graphics=0x6600030, state=0xf7080dbd) returned 0x0
[0273.200] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0273.208] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0273.208] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0273.208] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0273.208] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0273.208] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.208] SaveDC (hdc=0xf70107c6) returned 1
[0273.208] GetNearestColor (hdc=0xf70107c6, color=0xf0f0f0) returned 0xf0f0f0
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0xa0a0a0) returned 0xa0a0a0
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0x696969) returned 0x696969
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0xa0a0a0) returned 0xa0a0a0
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0x0) returned 0x0
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0xffffff) returned 0xffffff
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0xe5e5e5) returned 0xe5e5e5
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0xd7d7d7) returned 0xd7d7d7
[0273.209] GetNearestColor (hdc=0xf70107c6, color=0x0) returned 0x0
[0273.209] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0273.209] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0273.210] IsAppThemed () returned 0x1
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] IsAppThemed () returned 0x1
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d1e9f8 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0273.210] IsAppThemed () returned 0x1
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] IsAppThemed () returned 0x1
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] GetThemeAppProperties () returned 0x3
[0273.210] IsAppThemed () returned 0x1
[0273.210] GetThemeAppProperties () returned 0x3
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] IsAppThemed () returned 0x1
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] IsThemePartDefined () returned 0x1
[0273.211] IsAppThemed () returned 0x1
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0273.211] IsAppThemed () returned 0x1
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] IsAppThemed () returned 0x1
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] GetThemeAppProperties () returned 0x3
[0273.211] IsThemePartDefined () returned 0x1
[0273.211] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0273.211] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0273.211] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0273.211] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0273.211] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc7c) returned 0x0
[0273.211] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0273.211] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eed00) returned 0x0
[0273.211] LocalFree (hMem=0x11eed00) returned 0x0
[0273.212] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.212] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0273.212] LocalFree (hMem=0x11eec58) returned 0x0
[0273.212] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0273.212] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0273.212] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0273.212] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0273.212] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0273.212] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0273.212] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0273.212] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0273.212] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0273.212] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.212] SaveDC (hdc=0xf70107c6) returned 1
[0273.212] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb00407de
[0273.212] GetClipRgn (hdc=0xf70107c6, hrgn=0xb00407de) returned 0
[0273.213] SelectClipRgn (hdc=0xf70107c6, hrgn=0x20040807) returned 2
[0273.213] DeleteObject (ho=0xb00407de) returned 1
[0273.213] DeleteObject (ho=0x20040807) returned 1
[0273.213] OffsetViewportOrgEx (in: hdc=0xf70107c6, x=0, y=0, lppt=0x2d1f0a8 | out: lppt=0x2d1f0a8) returned 1
[0273.213] DrawThemeParentBackground () returned 0x0
[0273.213] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0273.213] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0273.213] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.213] GetSystemMetrics (nIndex=42) returned 0
[0273.213] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0273.213] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0273.213] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0273.214] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0273.214] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0273.214] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.214] SaveDC (hdc=0xf70107c6) returned 2
[0273.214] GetNearestColor (hdc=0xf70107c6, color=0xf0f0f0) returned 0xf0f0f0
[0273.214] CreateSolidBrush (color=0xf0f0f0) returned 0xff1007e1
[0273.214] FillRect (hDC=0xf70107c6, lprc=0xd7d6c8, hbr=0xff1007e1) returned 1
[0273.214] DeleteObject (ho=0xff1007e1) returned 1
[0273.214] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0273.214] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.214] GetSystemMetrics (nIndex=42) returned 0
[0273.214] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0273.214] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0273.214] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0273.215] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0273.215] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0273.215] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.215] SaveDC (hdc=0xf70107c6) returned 2
[0273.215] GetNearestColor (hdc=0xf70107c6, color=0xf0f0f0) returned 0xf0f0f0
[0273.215] CreateSolidBrush (color=0xf0f0f0) returned 0x1007e1
[0273.215] FillRect (hDC=0xf70107c6, lprc=0xd7d668, hbr=0x1007e1) returned 1
[0273.215] DeleteObject (ho=0x1007e1) returned 1
[0273.215] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0273.215] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.215] GetSystemMetrics (nIndex=42) returned 0
[0273.215] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.233] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0273.238] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0273.238] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0273.239] IsAppThemed () returned 0x1
[0273.239] GetThemeAppProperties () returned 0x3
[0273.239] GetThemeAppProperties () returned 0x3
[0273.239] IsAppThemed () returned 0x1
[0273.239] GetThemeAppProperties () returned 0x3
[0273.239] GetThemeAppProperties () returned 0x3
[0273.239] IsThemePartDefined () returned 0x1
[0273.239] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0273.239] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0273.239] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0273.239] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0273.239] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc00) returned 0x0
[0273.239] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0273.239] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eed00) returned 0x0
[0273.239] LocalFree (hMem=0x11eed00) returned 0x0
[0273.239] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0273.239] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0273.240] LocalFree (hMem=0x11ee788) returned 0x0
[0273.240] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0273.240] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0273.240] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0273.240] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0273.240] GdipDeleteRegion (region=0x6646718) returned 0x0
[0273.240] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0273.240] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0273.240] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0273.240] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0273.240] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.240] SaveDC (hdc=0xf70107c6) returned 1
[0273.240] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x21040807
[0273.240] GetClipRgn (hdc=0xf70107c6, hrgn=0x21040807) returned 0
[0273.240] SelectClipRgn (hdc=0xf70107c6, hrgn=0xb20407de) returned 2
[0273.241] DeleteObject (ho=0x21040807) returned 1
[0273.241] DeleteObject (ho=0xb20407de) returned 1
[0273.241] OffsetViewportOrgEx (in: hdc=0xf70107c6, x=0, y=0, lppt=0x2d1f954 | out: lppt=0x2d1f954) returned 1
[0273.241] IsAppThemed () returned 0x1
[0273.241] GetThemeAppProperties () returned 0x3
[0273.241] GetThemeAppProperties () returned 0x3
[0273.241] DrawThemeBackground () returned 0x0
[0273.241] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0273.241] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0273.241] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0273.241] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0273.241] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0273.241] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0273.241] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc04) returned 0x0
[0273.241] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0273.241] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0273.241] LocalFree (hMem=0x11eecc8) returned 0x0
[0273.242] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0273.242] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0273.242] LocalFree (hMem=0x11ee9f0) returned 0x0
[0273.242] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0273.242] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0273.242] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0273.242] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0273.242] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0273.242] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0273.242] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0273.242] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0273.242] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0273.242] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.242] SaveDC (hdc=0xf70107c6) returned 1
[0273.242] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb30407de
[0273.242] GetClipRgn (hdc=0xf70107c6, hrgn=0xb30407de) returned 0
[0273.243] SelectClipRgn (hdc=0xf70107c6, hrgn=0x22040807) returned 2
[0273.243] DeleteObject (ho=0xb30407de) returned 1
[0273.251] DeleteObject (ho=0x22040807) returned 1
[0273.252] OffsetViewportOrgEx (in: hdc=0xf70107c6, x=0, y=0, lppt=0x2d1fc28 | out: lppt=0x2d1fc28) returned 1
[0273.252] IsAppThemed () returned 0x1
[0273.252] GetThemeAppProperties () returned 0x3
[0273.252] GetThemeAppProperties () returned 0x3
[0273.252] GetThemeBackgroundContentRect () returned 0x0
[0273.252] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0273.252] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0273.252] IsAppThemed () returned 0x1
[0273.253] GetThemeAppProperties () returned 0x3
[0273.253] GetThemeAppProperties () returned 0x3
[0273.253] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0273.253] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0273.253] GetCurrentObject (hdc=0xf70107c6, type=0x1) returned 0xb00017
[0273.253] GetCurrentObject (hdc=0xf70107c6, type=0x2) returned 0x900010
[0273.253] GetCurrentObject (hdc=0xf70107c6, type=0x7) returned 0x4a0507fe
[0273.253] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.253] SaveDC (hdc=0xf70107c6) returned 1
[0273.253] GetTextAlign (hdc=0xf70107c6) returned 0x0
[0273.253] GetTextColor (hdc=0xf70107c6) returned 0x0
[0273.253] GetCurrentObject (hdc=0xf70107c6, type=0x6) returned 0x8a01c2
[0273.253] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0273.253] SelectObject (hdc=0xf70107c6, h=0x6d0a0520) returned 0x8a01c2
[0273.254] GetBkMode (hdc=0xf70107c6) returned 2
[0273.254] SetBkMode (hdc=0xf70107c6, mode=1) returned 2
[0273.254] DrawTextExW (in: hdc=0xf70107c6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d1ffc8 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0273.254] DrawTextExW (in: hdc=0xf70107c6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d1ffc8 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0273.254] RestoreDC (hdc=0xf70107c6, nSavedDC=-1) returned 1
[0273.254] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0273.254] GetFocus () returned 0x2102ce
[0273.255] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0273.255] SendMessageW (hWnd=0x2b02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0273.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0273.255] IsAppThemed () returned 0x1
[0273.255] GetThemeAppProperties () returned 0x3
[0273.255] GetThemeAppProperties () returned 0x3
[0273.255] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0273.255] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xf70107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0273.255] GdipReleaseDC (graphics=0x6600030, hdc=0xf70107c6) returned 0x0
[0273.255] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.256] SelectObject (hdc=0xf70107c6, h=0x85000f) returned 0x4a0507fe
[0273.256] DeleteDC (hdc=0xf70107c6) returned 1
[0273.256] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0273.256] EndPaint (hWnd=0x2102ce, lpPaint=0xd7dee4) returned 1
[0273.256] MapWindowPoints (in: hWndFrom=0x2102ce, hWndTo=0x0, lpPoints=0x2d200c4, cPoints=0x1 | out: lpPoints=0x2d200c4) returned 30999254
[0273.256] WindowFromPoint (Point=0x300) returned 0x2102ce
[0273.256] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.256] NotifyWinEvent (event=0x800a, hwnd=0x2102ce, idObject=-4, idChild=0)
[0273.256] NotifyWinEvent (event=0x800c, hwnd=0x2102ce, idObject=-4, idChild=0)
[0273.256] GetCapture () returned 0x2102ce
[0273.256] ReleaseCapture () returned 1
[0273.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0273.257] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0273.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.257] IsWindow (hWnd=0x7005c) returned 1
[0273.257] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0273.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0273.269] IsWindow (hWnd=0x2b02dc) returned 1
[0273.269] SetActiveWindow (hWnd=0x2b02dc) returned 0x2b02dc
[0273.269] IsWindow (hWnd=0x2b02dc) returned 1
[0273.269] SetFocus (hWnd=0x2b02dc) returned 0x2102ce
[0273.270] GetFocus () returned 0x2b02dc
[0273.270] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x8, wParam=0x2b02dc, lParam=0x0) returned 0x0
[0273.270] GetCapture () returned 0x0
[0273.270] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0273.271] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0273.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0273.275] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0273.275] GetFocus () returned 0x2b02dc
[0273.275] SetFocus (hWnd=0x2102ce) returned 0x2b02dc
[0273.275] GetFocus () returned 0x2102ce
[0273.275] IsChild (hWndParent=0x2b02dc, hWnd=0x2102ce) returned 1
[0273.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x8, wParam=0x2102ce, lParam=0x0) returned 0x0
[0273.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0273.278] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0273.281] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0273.281] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x7, wParam=0x2b02dc, lParam=0x0) returned 0x0
[0273.281] GetStockObject (i=5) returned 0x900015
[0273.281] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0273.281] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0273.281] GetDlgItem (hDlg=0x2b02dc, nIDDlgItem=2163406) returned 0x2102ce
[0273.281] SendMessageW (hWnd=0x2102ce, Msg=0x202b, wParam=0x2102ce, lParam=0xd7ddcc) returned 0x0
[0273.281] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x202b, wParam=0x2102ce, lParam=0xd7ddcc) returned 0x0
[0273.281] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0273.283] GetWindowLongW (hWnd=0x2b02dc, nIndex=-8) returned 458844
[0273.283] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0273.283] GetCurrentThreadId () returned 0xf50
[0273.283] IsWindow (hWnd=0x7005c) returned 1
[0273.283] IsWindow (hWnd=0x7005c) returned 1
[0273.283] IsWindowVisible (hWnd=0x7005c) returned 1
[0273.283] SetActiveWindow (hWnd=0x7005c) returned 0x2b02dc
[0273.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0273.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0273.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0273.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0273.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0273.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0273.288] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0273.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0273.288] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0273.288] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0273.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0273.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0273.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0273.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2b02dc) returned 0x1
[0273.293] GetFocus () returned 0x2102ce
[0273.293] SetFocus (hWnd=0x602c4) returned 0x2102ce
[0273.293] GetFocus () returned 0x602c4
[0273.293] IsChild (hWndParent=0x2b02dc, hWnd=0x602c4) returned 0
[0273.293] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0273.293] GetCapture () returned 0x0
[0273.293] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0273.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0273.300] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0273.302] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0273.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0273.302] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0273.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0273.303] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0273.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2102ce, lParam=0x0) returned 0x0
[0273.303] GetStockObject (i=5) returned 0x900015
[0273.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0273.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed760) returned 0xc
[0273.304] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0273.304] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0273.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0273.304] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0273.306] GetFocus () returned 0x602c4
[0273.306] IsChild (hWndParent=0x2b02dc, hWnd=0x602c4) returned 0
[0273.306] ShowWindow (hWnd=0x2b02dc, nCmdShow=0) returned 1
[0273.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0273.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0273.308] GetWindowPlacement (in: hWnd=0x2b02dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0273.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0273.308] GetClientRect (in: hWnd=0x2b02dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0273.308] GetWindowRect (in: hWnd=0x2b02dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0273.309] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0273.309] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0273.309] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0273.321] GetWindowLongW (hWnd=0x2b02dc, nIndex=-20) returned 327945
[0273.321] DestroyWindow (hWnd=0x2b02dc) returned 1
[0273.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0273.322] GetWindowTextLengthW (hWnd=0x2b02dc) returned 13
[0273.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.322] GetSystemMetrics (nIndex=42) returned 0
[0273.322] GetWindowTextW (in: hWnd=0x2b02dc, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0273.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0273.322] GetWindowTextLengthW (hWnd=0x2e00ea) returned 0
[0273.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0273.322] GetSystemMetrics (nIndex=42) returned 0
[0273.322] GetWindowTextW (in: hWnd=0x2e00ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0273.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0273.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0273.322] GetWindowThreadProcessId (in: hWnd=0x2002d0, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0273.323] GetWindow (hWnd=0x2002d0, uCmd=0x5) returned 0x0
[0273.323] GetWindowLongW (hWnd=0x2002d0, nIndex=-20) returned 65792
[0273.323] DestroyWindow (hWnd=0x2002d0) returned 1
[0273.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0273.323] GetWindowTextLengthW (hWnd=0x2002d0) returned 25
[0273.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0273.323] GetSystemMetrics (nIndex=42) returned 0
[0273.323] GetWindowTextW (in: hWnd=0x2002d0, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0273.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0273.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0273.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2002d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.325] GetWindowTextLengthW (hWnd=0x2502c8) returned 232
[0273.325] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0273.325] GetSystemMetrics (nIndex=42) returned 0
[0273.325] GetWindowTextW (in: hWnd=0x2502c8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0273.325] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0273.325] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0273.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0273.327] InvalidateRect (hWnd=0x2102ce, lpRect=0x0, bErase=0) returned 1
[0273.327] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0273.327] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0273.327] SendMessageW (hWnd=0x2b02da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0273.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0273.328] SendMessageW (hWnd=0x2b02da, Msg=0xb0, wParam=0x2cebeec, lParam=0xd7e480) returned 0x0
[0273.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0xb0, wParam=0x2cebeec, lParam=0xd7e480) returned 0x0
[0273.328] GetWindowTextLengthW (hWnd=0x2b02da) returned 4363
[0273.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0273.328] GetSystemMetrics (nIndex=42) returned 0
[0273.328] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0273.328] GetWindowTextW (in: hWnd=0x2b02da, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0273.328] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0273.328] CoTaskMemFree (pv=0x1202960)
[0273.329] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0273.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.331] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2502c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.334] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2102ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.335] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2b02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.336] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0273.339] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.339] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.339] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.339] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.339] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.339] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.340] IsWindowUnicode (hWnd=0x7005c) returned 1
[0273.340] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.340] SetCursor (hCursor=0x10003) returned 0x10003
[0273.340] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.340] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.340] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0273.340] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0273.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0273.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0242) returned 0x0
[0273.354] GetKeyState (nVirtKey=1) returned 1
[0273.354] GetKeyState (nVirtKey=2) returned 0
[0273.354] GetKeyState (nVirtKey=4) returned 0
[0273.354] GetKeyState (nVirtKey=5) returned 0
[0273.354] GetKeyState (nVirtKey=6) returned 0
[0273.354] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.355] IsWindowUnicode (hWnd=0x7005c) returned 1
[0273.355] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.355] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.355] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.355] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.355] IsWindowUnicode (hWnd=0x7005c) returned 1
[0273.355] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.355] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e40300) returned 0x1
[0273.355] SetCursor (hCursor=0x10003) returned 0x10003
[0273.356] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.356] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.356] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0242) returned 0x0
[0273.356] GetKeyState (nVirtKey=1) returned 1
[0273.356] GetKeyState (nVirtKey=2) returned 0
[0273.356] GetKeyState (nVirtKey=4) returned 0
[0273.356] GetKeyState (nVirtKey=5) returned 0
[0273.356] GetKeyState (nVirtKey=6) returned 0
[0273.356] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.357] IsWindowUnicode (hWnd=0x602c4) returned 1
[0273.357] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.357] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.357] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.357] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.364] IsWindowUnicode (hWnd=0x602c4) returned 1
[0273.364] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.364] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.364] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.364] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.364] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.364] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.364] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.364] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.364] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.365] IsWindowUnicode (hWnd=0x602c4) returned 1
[0273.365] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.365] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.365] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.365] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0273.365] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.365] CreateCompatibleDC (hdc=0x10105d6) returned 0x2d010801
[0273.365] SelectObject (hdc=0x2d010801, h=0x4a0507fe) returned 0x85000f
[0273.366] GdipCreateFromHDC (hdc=0x2d010801, graphics=0xd7e798) returned 0x0
[0273.366] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0273.366] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0273.366] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0273.366] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0273.366] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e7f8) returned 0x0
[0273.366] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0273.366] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0273.366] LocalFree (hMem=0x11ee788) returned 0x0
[0273.366] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0273.366] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0273.366] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0273.366] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0273.367] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0273.367] GdipRestoreGraphics (graphics=0x6600030, state=0xf7060dbd) returned 0x0
[0273.367] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0273.367] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0273.367] GetCurrentObject (hdc=0x2d010801, type=0x1) returned 0xb00017
[0273.367] GetCurrentObject (hdc=0x2d010801, type=0x2) returned 0x900010
[0273.367] GetCurrentObject (hdc=0x2d010801, type=0x7) returned 0x4a0507fe
[0273.367] GetCurrentObject (hdc=0x2d010801, type=0x6) returned 0x8a01c2
[0273.367] SaveDC (hdc=0x2d010801) returned 1
[0273.367] GetNearestColor (hdc=0x2d010801, color=0xff) returned 0xff
[0273.367] GetNearestColor (hdc=0x2d010801, color=0x55) returned 0x55
[0273.367] GetNearestColor (hdc=0x2d010801, color=0x0) returned 0x0
[0273.367] GetNearestColor (hdc=0x2d010801, color=0x55) returned 0x55
[0273.367] GetNearestColor (hdc=0x2d010801, color=0x0) returned 0x0
[0273.368] GetNearestColor (hdc=0x2d010801, color=0x8080ff) returned 0x8080ff
[0273.368] GetNearestColor (hdc=0x2d010801, color=0x7373e5) returned 0x7373e5
[0273.368] GetNearestColor (hdc=0x2d010801, color=0xe5) returned 0xe5
[0273.368] GetNearestColor (hdc=0x2d010801, color=0x0) returned 0x0
[0273.368] RestoreDC (hdc=0x2d010801, nSavedDC=-1) returned 1
[0273.368] GdipReleaseDC (graphics=0x6600030, hdc=0x2d010801) returned 0x0
[0273.368] IsAppThemed () returned 0x1
[0273.368] GetThemeAppProperties () returned 0x3
[0273.368] GetThemeAppProperties () returned 0x3
[0273.368] IsAppThemed () returned 0x1
[0273.368] GetThemeAppProperties () returned 0x3
[0273.368] GetThemeAppProperties () returned 0x3
[0273.368] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d27e30 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0273.369] IsAppThemed () returned 0x1
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] IsAppThemed () returned 0x1
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] GetFocus () returned 0x602c4
[0273.369] IsAppThemed () returned 0x1
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] IsAppThemed () returned 0x1
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] GetThemeAppProperties () returned 0x3
[0273.369] IsThemePartDefined () returned 0x1
[0273.369] IsAppThemed () returned 0x1
[0273.370] GetThemeAppProperties () returned 0x3
[0273.370] GetThemeAppProperties () returned 0x3
[0273.370] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0273.370] IsAppThemed () returned 0x1
[0273.370] GetThemeAppProperties () returned 0x3
[0273.370] GetThemeAppProperties () returned 0x3
[0273.370] IsAppThemed () returned 0x1
[0273.370] GetThemeAppProperties () returned 0x3
[0273.370] GetThemeAppProperties () returned 0x3
[0273.370] IsThemePartDefined () returned 0x1
[0273.370] GdipCreateRegion (region=0xd7e508) returned 0x0
[0273.370] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0273.370] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0273.370] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0273.370] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e520) returned 0x0
[0273.370] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.370] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0273.370] LocalFree (hMem=0x11eec58) returned 0x0
[0273.370] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0273.370] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0273.371] LocalFree (hMem=0x11ee8d8) returned 0x0
[0273.371] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0273.371] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0273.371] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0273.371] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0273.371] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0273.371] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0273.371] GetCurrentObject (hdc=0x2d010801, type=0x1) returned 0xb00017
[0273.371] GetCurrentObject (hdc=0x2d010801, type=0x2) returned 0x900010
[0273.371] GetCurrentObject (hdc=0x2d010801, type=0x7) returned 0x4a0507fe
[0273.371] GetCurrentObject (hdc=0x2d010801, type=0x6) returned 0x8a01c2
[0273.371] SaveDC (hdc=0x2d010801) returned 1
[0273.371] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x23040807
[0273.371] GetClipRgn (hdc=0x2d010801, hrgn=0x23040807) returned 0
[0273.371] SelectClipRgn (hdc=0x2d010801, hrgn=0xb70407de) returned 2
[0273.372] DeleteObject (ho=0x23040807) returned 1
[0273.372] DeleteObject (ho=0xb70407de) returned 1
[0273.372] OffsetViewportOrgEx (in: hdc=0x2d010801, x=0, y=0, lppt=0x2d284e0 | out: lppt=0x2d284e0) returned 1
[0273.372] DrawThemeParentBackground () returned 0x0
[0273.378] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0273.378] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0273.378] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0273.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.378] GetSystemMetrics (nIndex=42) returned 0
[0273.378] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0273.379] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0273.379] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0273.379] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0273.379] SelectPalette (hdc=0x2d010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.379] GdipCreateFromHDC (hdc=0x2d010801, graphics=0xd7dff8) returned 0x0
[0273.379] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0273.379] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0273.379] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c08) returned 0x0
[0273.379] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfd0) returned 0x0
[0273.379] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0273.379] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0273.379] GdipGetClip (graphics=0x6638e08, region=0x66468c8) returned 0x0
[0273.380] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6638e08, result=0xd7dfc4) returned 0x0
[0273.380] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0273.380] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dff0) returned 0x0
[0273.380] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0273.394] GdipFillRectangleI (graphics=0x6638e08, brush=0x6649768, x=0, y=0, width=801, height=453) returned 0x0
[0273.395] GdipDeleteBrush (brush=0x6649768) returned 0x0
[0273.396] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0273.397] SelectPalette (hdc=0x2d010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.397] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0273.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.397] GetSystemMetrics (nIndex=42) returned 0
[0273.397] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0273.397] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0273.397] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0273.397] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0273.397] SelectPalette (hdc=0x2d010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0273.397] GdipCreateFromHDC (hdc=0x2d010801, graphics=0xd7df98) returned 0x0
[0273.398] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0273.398] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0273.398] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638db8) returned 0x0
[0273.398] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df70) returned 0x0
[0273.398] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0273.398] GdipCreateRegion (region=0xd7df58) returned 0x0
[0273.398] GdipGetClip (graphics=0x6638e08, region=0x6646e68) returned 0x0
[0273.398] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6638e08, result=0xd7df64) returned 0x0
[0273.398] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0273.398] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df90) returned 0x0
[0273.398] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0273.407] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648b38, x=0, y=0, width=801, height=453) returned 0x0
[0273.407] GdipDeleteBrush (brush=0x6648b38) returned 0x0
[0273.409] GdipRestoreGraphics (graphics=0x6638e08, state=0xf7020dbd) returned 0x0
[0273.409] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0273.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0273.409] GetSystemMetrics (nIndex=42) returned 0
[0273.410] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0273.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0273.410] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0273.410] SelectPalette (hdc=0x2d010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.410] RestoreDC (hdc=0x2d010801, nSavedDC=-1) returned 1
[0273.410] GdipReleaseDC (graphics=0x6600030, hdc=0x2d010801) returned 0x0
[0273.410] IsAppThemed () returned 0x1
[0273.410] GetThemeAppProperties () returned 0x3
[0273.410] GetThemeAppProperties () returned 0x3
[0273.410] IsAppThemed () returned 0x1
[0273.411] GetThemeAppProperties () returned 0x3
[0273.411] GetThemeAppProperties () returned 0x3
[0273.411] IsThemePartDefined () returned 0x1
[0273.411] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0273.411] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0273.411] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0273.411] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0273.411] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e4a4) returned 0x0
[0273.411] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0273.411] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0273.411] LocalFree (hMem=0x11ee8d8) returned 0x0
[0273.411] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0273.411] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0273.412] LocalFree (hMem=0x11ee9f0) returned 0x0
[0273.412] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0273.412] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0273.412] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0273.412] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0273.412] GdipDeleteRegion (region=0x6646448) returned 0x0
[0273.412] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0273.412] GetCurrentObject (hdc=0x2d010801, type=0x1) returned 0xb00017
[0273.412] GetCurrentObject (hdc=0x2d010801, type=0x2) returned 0x900010
[0273.412] GetCurrentObject (hdc=0x2d010801, type=0x7) returned 0x4a0507fe
[0273.412] GetCurrentObject (hdc=0x2d010801, type=0x6) returned 0x8a01c2
[0273.412] SaveDC (hdc=0x2d010801) returned 1
[0273.413] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb80407de
[0273.413] GetClipRgn (hdc=0x2d010801, hrgn=0xb80407de) returned 0
[0273.413] SelectClipRgn (hdc=0x2d010801, hrgn=0x25040807) returned 2
[0273.413] DeleteObject (ho=0xb80407de) returned 1
[0273.413] DeleteObject (ho=0x25040807) returned 1
[0273.413] OffsetViewportOrgEx (in: hdc=0x2d010801, x=0, y=0, lppt=0x2d2ed30 | out: lppt=0x2d2ed30) returned 1
[0273.413] IsAppThemed () returned 0x1
[0273.413] GetThemeAppProperties () returned 0x3
[0273.413] GetThemeAppProperties () returned 0x3
[0273.413] DrawThemeBackground () returned 0x0
[0273.413] RestoreDC (hdc=0x2d010801, nSavedDC=-1) returned 1
[0273.414] GdipReleaseDC (graphics=0x6600030, hdc=0x2d010801) returned 0x0
[0273.414] GdipCreateRegion (region=0xd7e490) returned 0x0
[0273.414] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0273.414] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0273.414] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0273.414] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e4a8) returned 0x0
[0273.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0273.414] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0273.414] LocalFree (hMem=0x11eec58) returned 0x0
[0273.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0273.414] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0273.414] LocalFree (hMem=0x11ee788) returned 0x0
[0273.414] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0273.414] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0273.414] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0273.414] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0273.415] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0273.415] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0273.415] GetCurrentObject (hdc=0x2d010801, type=0x1) returned 0xb00017
[0273.415] GetCurrentObject (hdc=0x2d010801, type=0x2) returned 0x900010
[0273.415] GetCurrentObject (hdc=0x2d010801, type=0x7) returned 0x4a0507fe
[0273.415] GetCurrentObject (hdc=0x2d010801, type=0x6) returned 0x8a01c2
[0273.415] SaveDC (hdc=0x2d010801) returned 1
[0273.415] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x26040807
[0273.415] GetClipRgn (hdc=0x2d010801, hrgn=0x26040807) returned 0
[0273.415] SelectClipRgn (hdc=0x2d010801, hrgn=0xb90407de) returned 2
[0273.415] DeleteObject (ho=0x26040807) returned 1
[0273.415] DeleteObject (ho=0xb90407de) returned 1
[0273.415] OffsetViewportOrgEx (in: hdc=0x2d010801, x=0, y=0, lppt=0x2d2f004 | out: lppt=0x2d2f004) returned 1
[0273.415] IsAppThemed () returned 0x1
[0273.416] GetThemeAppProperties () returned 0x3
[0273.416] GetThemeAppProperties () returned 0x3
[0273.416] GetThemeBackgroundContentRect () returned 0x0
[0273.416] RestoreDC (hdc=0x2d010801, nSavedDC=-1) returned 1
[0273.416] GdipReleaseDC (graphics=0x6600030, hdc=0x2d010801) returned 0x0
[0273.416] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0273.416] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0273.416] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0273.416] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0273.416] IsAppThemed () returned 0x1
[0273.416] GetThemeAppProperties () returned 0x3
[0273.416] GetThemeAppProperties () returned 0x3
[0273.416] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0273.416] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0273.416] GetCurrentObject (hdc=0x2d010801, type=0x1) returned 0xb00017
[0273.416] GetCurrentObject (hdc=0x2d010801, type=0x2) returned 0x900010
[0273.416] GetCurrentObject (hdc=0x2d010801, type=0x7) returned 0x4a0507fe
[0273.417] GetCurrentObject (hdc=0x2d010801, type=0x6) returned 0x8a01c2
[0273.417] SaveDC (hdc=0x2d010801) returned 1
[0273.417] GetTextAlign (hdc=0x2d010801) returned 0x0
[0273.417] GetTextColor (hdc=0x2d010801) returned 0x0
[0273.417] GetCurrentObject (hdc=0x2d010801, type=0x6) returned 0x8a01c2
[0273.417] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0273.417] SelectObject (hdc=0x2d010801, h=0x6d0a0520) returned 0x8a01c2
[0273.417] GetBkMode (hdc=0x2d010801) returned 2
[0273.417] SetBkMode (hdc=0x2d010801, mode=1) returned 2
[0273.417] DrawTextExW (in: hdc=0x2d010801, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d2f3c8 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0273.418] DrawTextExW (in: hdc=0x2d010801, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d2f3c8 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0273.418] RestoreDC (hdc=0x2d010801, nSavedDC=-1) returned 1
[0273.418] GdipReleaseDC (graphics=0x6600030, hdc=0x2d010801) returned 0x0
[0273.418] GetFocus () returned 0x602c4
[0273.418] IsAppThemed () returned 0x1
[0273.418] GetThemeAppProperties () returned 0x3
[0273.418] GetThemeAppProperties () returned 0x3
[0273.419] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0273.419] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x2d010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0273.428] GdipReleaseDC (graphics=0x6600030, hdc=0x2d010801) returned 0x0
[0273.428] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0273.428] SelectObject (hdc=0x2d010801, h=0x85000f) returned 0x4a0507fe
[0273.428] DeleteDC (hdc=0x2d010801) returned 1
[0273.428] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0273.428] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0273.429] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.429] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.429] WaitMessage () returned 1
[0273.444] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.444] IsWindowUnicode (hWnd=0x7005c) returned 1
[0273.444] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.444] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.444] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.444] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.444] IsWindowUnicode (hWnd=0x7005c) returned 1
[0273.444] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.445] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.445] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0242) returned 0x0
[0273.445] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.445] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.445] WaitMessage () returned 1
[0273.459] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.459] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.459] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.459] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.459] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.460] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.460] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.460] WaitMessage () returned 1
[0273.462] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.462] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.462] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.462] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.462] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.463] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.463] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.463] WaitMessage () returned 1
[0273.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.470] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.471] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.471] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.471] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.472] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.472] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.472] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.472] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.473] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.473] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.473] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.473] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.473] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.474] WaitMessage () returned 1
[0273.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.474] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.474] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.474] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.474] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.476] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.477] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.477] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.477] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.477] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.477] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.477] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.477] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.477] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.478] WaitMessage () returned 1
[0273.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.479] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.479] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.479] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.479] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.480] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.480] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.480] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.481] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.481] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.481] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.481] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.481] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.481] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.482] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.482] WaitMessage () returned 1
[0273.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.484] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.484] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.484] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.484] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.486] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.486] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.487] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.487] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.487] IsWindowUnicode (hWnd=0x30122) returned 1
[0273.487] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.487] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.487] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.488] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.488] WaitMessage () returned 1
[0273.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.607] IsWindowUnicode (hWnd=0x502c6) returned 1
[0273.607] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0273.607] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0273.607] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0273.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0273.607] WaitMessage () returned 1
[0275.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0104) returned 0x1
[0275.486] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.486] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0275.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0275.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0275.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0104) returned 0x1
[0275.487] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.487] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.487] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0104) returned 0x1
[0275.487] SetCursor (hCursor=0x10003) returned 0x10003
[0275.487] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0275.487] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0275.487] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0275.487] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0275.487] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0275.487] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0275.487] GetKeyState (nVirtKey=1) returned 1
[0275.487] GetKeyState (nVirtKey=2) returned 0
[0275.487] GetKeyState (nVirtKey=4) returned 0
[0275.487] GetKeyState (nVirtKey=5) returned 0
[0275.487] GetKeyState (nVirtKey=6) returned 0
[0275.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.488] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.488] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.488] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0275.488] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0275.488] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0275.488] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.488] CreateCompatibleDC (hdc=0x10105d6) returned 0xb3010803
[0275.488] SelectObject (hdc=0xb3010803, h=0x4a0507fe) returned 0x85000f
[0275.488] GdipCreateFromHDC (hdc=0xb3010803, graphics=0xd7e798) returned 0x0
[0275.488] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0275.488] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0275.488] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0275.488] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0275.488] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e7f8) returned 0x0
[0275.489] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0275.489] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea28) returned 0x0
[0275.489] LocalFree (hMem=0x11eea28) returned 0x0
[0275.489] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0275.489] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0275.489] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0275.489] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0275.489] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0275.489] GdipRestoreGraphics (graphics=0x6600030, state=0xf7000dbd) returned 0x0
[0275.489] GdipDeleteRegion (region=0x6646838) returned 0x0
[0275.489] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0275.489] GetCurrentObject (hdc=0xb3010803, type=0x1) returned 0xb00017
[0275.489] GetCurrentObject (hdc=0xb3010803, type=0x2) returned 0x900010
[0275.489] GetCurrentObject (hdc=0xb3010803, type=0x7) returned 0x4a0507fe
[0275.489] GetCurrentObject (hdc=0xb3010803, type=0x6) returned 0x8a01c2
[0275.489] SaveDC (hdc=0xb3010803) returned 1
[0275.489] GetNearestColor (hdc=0xb3010803, color=0xff) returned 0xff
[0275.489] GetNearestColor (hdc=0xb3010803, color=0x55) returned 0x55
[0275.489] GetNearestColor (hdc=0xb3010803, color=0x0) returned 0x0
[0275.490] GetNearestColor (hdc=0xb3010803, color=0x55) returned 0x55
[0275.490] GetNearestColor (hdc=0xb3010803, color=0x0) returned 0x0
[0275.490] GetNearestColor (hdc=0xb3010803, color=0x8080ff) returned 0x8080ff
[0275.490] GetNearestColor (hdc=0xb3010803, color=0x7373e5) returned 0x7373e5
[0275.490] GetNearestColor (hdc=0xb3010803, color=0xe5) returned 0xe5
[0275.490] GetNearestColor (hdc=0xb3010803, color=0x0) returned 0x0
[0275.490] RestoreDC (hdc=0xb3010803, nSavedDC=-1) returned 1
[0275.490] GdipReleaseDC (graphics=0x6600030, hdc=0xb3010803) returned 0x0
[0275.490] IsAppThemed () returned 0x1
[0275.490] GetThemeAppProperties () returned 0x3
[0275.490] GetThemeAppProperties () returned 0x3
[0275.490] IsAppThemed () returned 0x1
[0275.490] GetThemeAppProperties () returned 0x3
[0275.490] GetThemeAppProperties () returned 0x3
[0275.490] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d2fd14 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0275.490] IsAppThemed () returned 0x1
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] IsAppThemed () returned 0x1
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] IsAppThemed () returned 0x1
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] IsAppThemed () returned 0x1
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] IsThemePartDefined () returned 0x1
[0275.491] IsAppThemed () returned 0x1
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0275.491] IsAppThemed () returned 0x1
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] IsAppThemed () returned 0x1
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] GetThemeAppProperties () returned 0x3
[0275.491] IsThemePartDefined () returned 0x1
[0275.491] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0275.491] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0275.491] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0275.491] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0275.492] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e514) returned 0x0
[0275.492] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0275.492] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0275.492] LocalFree (hMem=0x11ee910) returned 0x0
[0275.492] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0275.492] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea98) returned 0x0
[0275.492] LocalFree (hMem=0x11eea98) returned 0x0
[0275.492] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0275.492] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0275.492] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0275.492] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0275.492] GdipDeleteRegion (region=0x6646718) returned 0x0
[0275.492] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0275.492] GetCurrentObject (hdc=0xb3010803, type=0x1) returned 0xb00017
[0275.492] GetCurrentObject (hdc=0xb3010803, type=0x2) returned 0x900010
[0275.492] GetCurrentObject (hdc=0xb3010803, type=0x7) returned 0x4a0507fe
[0275.492] GetCurrentObject (hdc=0xb3010803, type=0x6) returned 0x8a01c2
[0275.492] SaveDC (hdc=0xb3010803) returned 1
[0275.492] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xba0407de
[0275.492] GetClipRgn (hdc=0xb3010803, hrgn=0xba0407de) returned 0
[0275.493] SelectClipRgn (hdc=0xb3010803, hrgn=0x2a040807) returned 2
[0275.493] DeleteObject (ho=0xba0407de) returned 1
[0275.493] DeleteObject (ho=0x2a040807) returned 1
[0275.493] OffsetViewportOrgEx (in: hdc=0xb3010803, x=0, y=0, lppt=0x2d303c4 | out: lppt=0x2d303c4) returned 1
[0275.493] DrawThemeParentBackground () returned 0x0
[0275.493] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0275.493] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0275.493] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.493] GetSystemMetrics (nIndex=42) returned 0
[0275.493] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0275.493] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0275.493] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0275.493] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0275.493] SelectPalette (hdc=0xb3010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.493] GdipCreateFromHDC (hdc=0xb3010803, graphics=0xd7dff0) returned 0x0
[0275.494] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0275.494] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0275.494] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638bd8) returned 0x0
[0275.494] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dfc8) returned 0x0
[0275.494] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0275.494] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0275.494] GdipGetClip (graphics=0x6638e08, region=0x6646838) returned 0x0
[0275.494] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6638e08, result=0xd7dfbc) returned 0x0
[0275.494] GdipDeleteRegion (region=0x6646838) returned 0x0
[0275.494] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dfe8) returned 0x0
[0275.494] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0275.501] GdipFillRectangleI (graphics=0x6638e08, brush=0x66494f8, x=0, y=0, width=801, height=453) returned 0x0
[0275.501] GdipDeleteBrush (brush=0x66494f8) returned 0x0
[0275.502] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0275.502] SelectPalette (hdc=0xb3010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.502] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.503] GetSystemMetrics (nIndex=42) returned 0
[0275.503] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0275.503] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0275.503] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0275.503] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0275.503] SelectPalette (hdc=0xb3010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.503] GdipCreateFromHDC (hdc=0xb3010803, graphics=0xd7df90) returned 0x0
[0275.503] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0275.503] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0275.503] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638a28) returned 0x0
[0275.503] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0275.503] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0275.503] GdipCreateRegion (region=0xd7df50) returned 0x0
[0275.504] GdipGetClip (graphics=0x6638e08, region=0x6646cb8) returned 0x0
[0275.504] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6638e08, result=0xd7df5c) returned 0x0
[0275.504] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0275.504] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df88) returned 0x0
[0275.504] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0275.509] GdipFillRectangleI (graphics=0x6638e08, brush=0x66494f8, x=0, y=0, width=801, height=453) returned 0x0
[0275.510] GdipDeleteBrush (brush=0x66494f8) returned 0x0
[0275.511] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6fc0dbd) returned 0x0
[0275.511] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.511] GetSystemMetrics (nIndex=42) returned 0
[0275.511] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0275.511] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0275.511] SelectPalette (hdc=0xb3010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.511] RestoreDC (hdc=0xb3010803, nSavedDC=-1) returned 1
[0275.511] GdipReleaseDC (graphics=0x6600030, hdc=0xb3010803) returned 0x0
[0275.511] IsAppThemed () returned 0x1
[0275.512] GetThemeAppProperties () returned 0x3
[0275.512] GetThemeAppProperties () returned 0x3
[0275.512] IsAppThemed () returned 0x1
[0275.512] GetThemeAppProperties () returned 0x3
[0275.512] GetThemeAppProperties () returned 0x3
[0275.512] IsThemePartDefined () returned 0x1
[0275.512] GdipCreateRegion (region=0xd7e480) returned 0x0
[0275.512] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0275.512] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0275.512] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0275.512] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e498) returned 0x0
[0275.512] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0275.512] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0275.512] LocalFree (hMem=0x11ee788) returned 0x0
[0275.512] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0275.512] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0275.512] LocalFree (hMem=0x11eec58) returned 0x0
[0275.512] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0275.512] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0275.512] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0275.512] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0275.535] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0275.535] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0275.535] GetCurrentObject (hdc=0xb3010803, type=0x1) returned 0xb00017
[0275.535] GetCurrentObject (hdc=0xb3010803, type=0x2) returned 0x900010
[0275.535] GetCurrentObject (hdc=0xb3010803, type=0x7) returned 0x4a0507fe
[0275.535] GetCurrentObject (hdc=0xb3010803, type=0x6) returned 0x8a01c2
[0275.535] SaveDC (hdc=0xb3010803) returned 1
[0275.535] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2b040807
[0275.535] GetClipRgn (hdc=0xb3010803, hrgn=0x2b040807) returned 0
[0275.536] SelectClipRgn (hdc=0xb3010803, hrgn=0xbc0407de) returned 2
[0275.536] DeleteObject (ho=0x2b040807) returned 1
[0275.536] DeleteObject (ho=0xbc0407de) returned 1
[0275.536] OffsetViewportOrgEx (in: hdc=0xb3010803, x=0, y=0, lppt=0x2d36c14 | out: lppt=0x2d36c14) returned 1
[0275.536] IsAppThemed () returned 0x1
[0275.536] GetThemeAppProperties () returned 0x3
[0275.536] GetThemeAppProperties () returned 0x3
[0275.536] DrawThemeBackground () returned 0x0
[0275.536] RestoreDC (hdc=0xb3010803, nSavedDC=-1) returned 1
[0275.536] GdipReleaseDC (graphics=0x6600030, hdc=0xb3010803) returned 0x0
[0275.536] GdipCreateRegion (region=0xd7e484) returned 0x0
[0275.536] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0275.536] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0275.536] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0275.536] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e49c) returned 0x0
[0275.536] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0275.536] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eead0) returned 0x0
[0275.536] LocalFree (hMem=0x11eead0) returned 0x0
[0275.536] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0275.536] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0275.537] LocalFree (hMem=0x11ee788) returned 0x0
[0275.537] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0275.537] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0275.537] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0275.537] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0275.537] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0275.537] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0275.537] GetCurrentObject (hdc=0xb3010803, type=0x1) returned 0xb00017
[0275.537] GetCurrentObject (hdc=0xb3010803, type=0x2) returned 0x900010
[0275.537] GetCurrentObject (hdc=0xb3010803, type=0x7) returned 0x4a0507fe
[0275.537] GetCurrentObject (hdc=0xb3010803, type=0x6) returned 0x8a01c2
[0275.537] SaveDC (hdc=0xb3010803) returned 1
[0275.537] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbd0407de
[0275.537] GetClipRgn (hdc=0xb3010803, hrgn=0xbd0407de) returned 0
[0275.537] SelectClipRgn (hdc=0xb3010803, hrgn=0x2c040807) returned 2
[0275.537] DeleteObject (ho=0xbd0407de) returned 1
[0275.537] DeleteObject (ho=0x2c040807) returned 1
[0275.537] OffsetViewportOrgEx (in: hdc=0xb3010803, x=0, y=0, lppt=0x2d36ee8 | out: lppt=0x2d36ee8) returned 1
[0275.537] IsAppThemed () returned 0x1
[0275.537] GetThemeAppProperties () returned 0x3
[0275.537] GetThemeAppProperties () returned 0x3
[0275.538] GetThemeBackgroundContentRect () returned 0x0
[0275.538] RestoreDC (hdc=0xb3010803, nSavedDC=-1) returned 1
[0275.538] GdipReleaseDC (graphics=0x6600030, hdc=0xb3010803) returned 0x0
[0275.538] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0275.538] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0275.538] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0275.538] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0275.538] IsAppThemed () returned 0x1
[0275.538] GetThemeAppProperties () returned 0x3
[0275.538] GetThemeAppProperties () returned 0x3
[0275.538] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0275.538] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0275.538] GetCurrentObject (hdc=0xb3010803, type=0x1) returned 0xb00017
[0275.538] GetCurrentObject (hdc=0xb3010803, type=0x2) returned 0x900010
[0275.538] GetCurrentObject (hdc=0xb3010803, type=0x7) returned 0x4a0507fe
[0275.538] GetCurrentObject (hdc=0xb3010803, type=0x6) returned 0x8a01c2
[0275.538] SaveDC (hdc=0xb3010803) returned 1
[0275.538] GetTextAlign (hdc=0xb3010803) returned 0x0
[0275.538] GetTextColor (hdc=0xb3010803) returned 0x0
[0275.538] GetCurrentObject (hdc=0xb3010803, type=0x6) returned 0x8a01c2
[0275.538] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0275.539] SelectObject (hdc=0xb3010803, h=0x6d0a0520) returned 0x8a01c2
[0275.539] GetBkMode (hdc=0xb3010803) returned 2
[0275.539] SetBkMode (hdc=0xb3010803, mode=1) returned 2
[0275.539] DrawTextExW (in: hdc=0xb3010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d372ac | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0275.539] DrawTextExW (in: hdc=0xb3010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d372ac | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0275.539] RestoreDC (hdc=0xb3010803, nSavedDC=-1) returned 1
[0275.539] GdipReleaseDC (graphics=0x6600030, hdc=0xb3010803) returned 0x0
[0275.539] GetFocus () returned 0x602c4
[0275.540] IsAppThemed () returned 0x1
[0275.540] GetThemeAppProperties () returned 0x3
[0275.540] GetThemeAppProperties () returned 0x3
[0275.540] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0275.540] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xb3010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0275.540] GdipReleaseDC (graphics=0x6600030, hdc=0xb3010803) returned 0x0
[0275.540] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.540] SelectObject (hdc=0xb3010803, h=0x85000f) returned 0x4a0507fe
[0275.540] DeleteDC (hdc=0xb3010803) returned 1
[0275.540] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0275.540] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0275.540] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0275.541] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0275.541] WaitMessage () returned 1
[0275.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.593] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.593] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.593] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0275.593] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0275.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.593] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.593] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.593] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0275.593] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0275.593] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x50029) returned 0x0
[0275.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0275.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0275.593] WaitMessage () returned 1
[0275.720] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0104) returned 0x1
[0275.720] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.720] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0104) returned 0x1
[0275.721] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0275.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1970046) returned 0x0
[0275.721] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0275.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0275.721] SetCursor (hCursor=0x10003) returned 0x10003
[0275.721] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0275.721] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0275.721] GetKeyState (nVirtKey=1) returned -128
[0275.721] GetKeyState (nVirtKey=2) returned 0
[0275.721] GetKeyState (nVirtKey=4) returned 0
[0275.721] GetKeyState (nVirtKey=5) returned 0
[0275.721] GetKeyState (nVirtKey=6) returned 0
[0275.721] IsWindowVisible (hWnd=0x602c4) returned 1
[0275.721] IsWindowEnabled (hWnd=0x602c4) returned 1
[0275.721] SetFocus (hWnd=0x602c4) returned 0x602c4
[0275.721] GetFocus () returned 0x602c4
[0275.721] GetFocus () returned 0x602c4
[0275.721] GetFocus () returned 0x602c4
[0275.722] GetKeyState (nVirtKey=1) returned -128
[0275.722] GetKeyState (nVirtKey=2) returned 0
[0275.722] GetKeyState (nVirtKey=4) returned 0
[0275.722] GetKeyState (nVirtKey=5) returned 0
[0275.722] GetKeyState (nVirtKey=6) returned 0
[0275.722] GetCapture () returned 0x0
[0275.722] SetCapture (hWnd=0x602c4) returned 0x0
[0275.722] GetKeyState (nVirtKey=1) returned -128
[0275.722] GetKeyState (nVirtKey=2) returned 0
[0275.722] GetKeyState (nVirtKey=4) returned 0
[0275.722] GetKeyState (nVirtKey=5) returned 0
[0275.722] GetKeyState (nVirtKey=6) returned 0
[0275.722] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0275.722] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0275.722] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.722] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.722] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0275.722] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0275.722] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0275.722] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d37430, cPoints=0x1 | out: lpPoints=0x2d37430) returned 40304859
[0275.722] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0275.722] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0275.722] UpdateWindow (hWnd=0x602c4) returned 1
[0275.722] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0275.723] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.723] CreateCompatibleDC (hdc=0x10105d6) returned 0xb4010803
[0275.723] SelectObject (hdc=0xb4010803, h=0x4a0507fe) returned 0x85000f
[0275.723] GdipCreateFromHDC (hdc=0xb4010803, graphics=0xd7e430) returned 0x0
[0275.723] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0275.723] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0275.723] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0275.723] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0275.723] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e490) returned 0x0
[0275.723] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0275.723] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0275.723] LocalFree (hMem=0x11eec58) returned 0x0
[0275.723] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0275.723] GdipCreateRegion (region=0xd7e478) returned 0x0
[0275.723] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0275.723] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e484) returned 0x0
[0275.724] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0275.724] GdipRestoreGraphics (graphics=0x6600030, state=0xf6fa0dbd) returned 0x0
[0275.724] GdipDeleteRegion (region=0x6646298) returned 0x0
[0275.724] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0275.724] GetCurrentObject (hdc=0xb4010803, type=0x1) returned 0xb00017
[0275.724] GetCurrentObject (hdc=0xb4010803, type=0x2) returned 0x900010
[0275.724] GetCurrentObject (hdc=0xb4010803, type=0x7) returned 0x4a0507fe
[0275.724] GetCurrentObject (hdc=0xb4010803, type=0x6) returned 0x8a01c2
[0275.724] SaveDC (hdc=0xb4010803) returned 1
[0275.724] GetNearestColor (hdc=0xb4010803, color=0xff) returned 0xff
[0275.724] GetNearestColor (hdc=0xb4010803, color=0x55) returned 0x55
[0275.724] GetNearestColor (hdc=0xb4010803, color=0x0) returned 0x0
[0275.724] GetNearestColor (hdc=0xb4010803, color=0x55) returned 0x55
[0275.724] GetNearestColor (hdc=0xb4010803, color=0x0) returned 0x0
[0275.724] GetNearestColor (hdc=0xb4010803, color=0x8080ff) returned 0x8080ff
[0275.724] GetNearestColor (hdc=0xb4010803, color=0x7373e5) returned 0x7373e5
[0275.724] GetNearestColor (hdc=0xb4010803, color=0xe5) returned 0xe5
[0275.724] GetNearestColor (hdc=0xb4010803, color=0x0) returned 0x0
[0275.725] RestoreDC (hdc=0xb4010803, nSavedDC=-1) returned 1
[0275.725] GdipReleaseDC (graphics=0x6600030, hdc=0xb4010803) returned 0x0
[0275.725] IsAppThemed () returned 0x1
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] IsAppThemed () returned 0x1
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d37b4c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0275.725] IsAppThemed () returned 0x1
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] IsAppThemed () returned 0x1
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] IsAppThemed () returned 0x1
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] GetThemeAppProperties () returned 0x3
[0275.725] IsAppThemed () returned 0x1
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] IsThemePartDefined () returned 0x1
[0275.726] IsAppThemed () returned 0x1
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0275.726] IsAppThemed () returned 0x1
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] IsAppThemed () returned 0x1
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] GetThemeAppProperties () returned 0x3
[0275.726] IsThemePartDefined () returned 0x1
[0275.726] GdipCreateRegion (region=0xd7e194) returned 0x0
[0275.726] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0275.726] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0275.726] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0275.726] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e1ac) returned 0x0
[0275.726] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0275.726] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0275.726] LocalFree (hMem=0x11eec58) returned 0x0
[0275.726] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0275.726] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0275.726] LocalFree (hMem=0x11ee788) returned 0x0
[0275.726] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0275.727] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0275.727] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0275.727] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0275.727] GdipDeleteRegion (region=0x6646838) returned 0x0
[0275.727] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0275.727] GetCurrentObject (hdc=0xb4010803, type=0x1) returned 0xb00017
[0275.727] GetCurrentObject (hdc=0xb4010803, type=0x2) returned 0x900010
[0275.727] GetCurrentObject (hdc=0xb4010803, type=0x7) returned 0x4a0507fe
[0275.727] GetCurrentObject (hdc=0xb4010803, type=0x6) returned 0x8a01c2
[0275.727] SaveDC (hdc=0xb4010803) returned 1
[0275.727] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2d040807
[0275.727] GetClipRgn (hdc=0xb4010803, hrgn=0x2d040807) returned 0
[0275.727] SelectClipRgn (hdc=0xb4010803, hrgn=0xc10407de) returned 2
[0275.727] DeleteObject (ho=0x2d040807) returned 1
[0275.727] DeleteObject (ho=0xc10407de) returned 1
[0275.727] OffsetViewportOrgEx (in: hdc=0xb4010803, x=0, y=0, lppt=0x2d381fc | out: lppt=0x2d381fc) returned 1
[0275.727] DrawThemeParentBackground () returned 0x0
[0275.727] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0275.728] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0275.728] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.728] GetSystemMetrics (nIndex=42) returned 0
[0275.728] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0275.728] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0275.728] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0275.728] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0275.728] SelectPalette (hdc=0xb4010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.728] GdipCreateFromHDC (hdc=0xb4010803, graphics=0xd7dc88) returned 0x0
[0275.728] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0275.728] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0275.728] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c08) returned 0x0
[0275.728] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc60) returned 0x0
[0275.728] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0275.728] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0275.728] GdipGetClip (graphics=0x6638e08, region=0x6646cb8) returned 0x0
[0275.728] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6638e08, result=0xd7dc54) returned 0x0
[0275.728] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0275.728] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc80) returned 0x0
[0275.729] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0275.735] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648c70, x=0, y=0, width=801, height=453) returned 0x0
[0275.735] GdipDeleteBrush (brush=0x6648c70) returned 0x0
[0275.736] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0275.736] SelectPalette (hdc=0xb4010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.736] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.736] GetSystemMetrics (nIndex=42) returned 0
[0275.736] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0275.736] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0275.736] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0275.737] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0275.737] SelectPalette (hdc=0xb4010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.737] GdipCreateFromHDC (hdc=0xb4010803, graphics=0xd7dc28) returned 0x0
[0275.737] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0275.737] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0275.737] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638b18) returned 0x0
[0275.737] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0275.737] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0275.737] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0275.737] GdipGetClip (graphics=0x6638e08, region=0x6646cb8) returned 0x0
[0275.737] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6638e08, result=0xd7dbf4) returned 0x0
[0275.737] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0275.737] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc20) returned 0x0
[0275.737] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0275.743] GdipFillRectangleI (graphics=0x6638e08, brush=0x6649018, x=0, y=0, width=801, height=453) returned 0x0
[0275.743] GdipDeleteBrush (brush=0x6649018) returned 0x0
[0275.744] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6f60dbd) returned 0x0
[0275.744] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.744] GetSystemMetrics (nIndex=42) returned 0
[0275.744] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0275.745] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0275.745] SelectPalette (hdc=0xb4010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.745] RestoreDC (hdc=0xb4010803, nSavedDC=-1) returned 1
[0275.745] GdipReleaseDC (graphics=0x6600030, hdc=0xb4010803) returned 0x0
[0275.745] IsAppThemed () returned 0x1
[0275.745] GetThemeAppProperties () returned 0x3
[0275.745] GetThemeAppProperties () returned 0x3
[0275.745] IsAppThemed () returned 0x1
[0275.745] GetThemeAppProperties () returned 0x3
[0275.745] GetThemeAppProperties () returned 0x3
[0275.745] IsThemePartDefined () returned 0x1
[0275.745] GdipCreateRegion (region=0xd7e118) returned 0x0
[0275.745] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0275.745] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0275.745] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0275.745] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e130) returned 0x0
[0275.745] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0275.746] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0275.746] LocalFree (hMem=0x11ee788) returned 0x0
[0275.746] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0275.746] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0275.746] LocalFree (hMem=0x11eec58) returned 0x0
[0275.746] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0275.746] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e158) returned 0x0
[0275.746] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e148) returned 0x0
[0275.746] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0275.746] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0275.746] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0275.746] GetCurrentObject (hdc=0xb4010803, type=0x1) returned 0xb00017
[0275.746] GetCurrentObject (hdc=0xb4010803, type=0x2) returned 0x900010
[0275.746] GetCurrentObject (hdc=0xb4010803, type=0x7) returned 0x4a0507fe
[0275.746] GetCurrentObject (hdc=0xb4010803, type=0x6) returned 0x8a01c2
[0275.746] SaveDC (hdc=0xb4010803) returned 1
[0275.746] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc20407de
[0275.746] GetClipRgn (hdc=0xb4010803, hrgn=0xc20407de) returned 0
[0275.746] SelectClipRgn (hdc=0xb4010803, hrgn=0x2f040807) returned 2
[0275.746] DeleteObject (ho=0xc20407de) returned 1
[0275.746] DeleteObject (ho=0x2f040807) returned 1
[0275.747] OffsetViewportOrgEx (in: hdc=0xb4010803, x=0, y=0, lppt=0x2d3ea4c | out: lppt=0x2d3ea4c) returned 1
[0275.747] IsAppThemed () returned 0x1
[0275.747] GetThemeAppProperties () returned 0x3
[0275.747] GetThemeAppProperties () returned 0x3
[0275.747] DrawThemeBackground () returned 0x0
[0275.747] RestoreDC (hdc=0xb4010803, nSavedDC=-1) returned 1
[0275.747] GdipReleaseDC (graphics=0x6600030, hdc=0xb4010803) returned 0x0
[0275.747] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0275.747] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0275.747] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0275.747] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0275.747] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e134) returned 0x0
[0275.747] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0275.747] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0275.747] LocalFree (hMem=0x11ee868) returned 0x0
[0275.747] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0275.747] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0275.748] LocalFree (hMem=0x11eec58) returned 0x0
[0275.748] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0275.748] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0275.748] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0275.748] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0275.748] GdipDeleteRegion (region=0x6646838) returned 0x0
[0275.748] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0275.748] GetCurrentObject (hdc=0xb4010803, type=0x1) returned 0xb00017
[0275.748] GetCurrentObject (hdc=0xb4010803, type=0x2) returned 0x900010
[0275.748] GetCurrentObject (hdc=0xb4010803, type=0x7) returned 0x4a0507fe
[0275.748] GetCurrentObject (hdc=0xb4010803, type=0x6) returned 0x8a01c2
[0275.748] SaveDC (hdc=0xb4010803) returned 1
[0275.748] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x30040807
[0275.748] GetClipRgn (hdc=0xb4010803, hrgn=0x30040807) returned 0
[0275.748] SelectClipRgn (hdc=0xb4010803, hrgn=0xc30407de) returned 2
[0275.748] DeleteObject (ho=0x30040807) returned 1
[0275.748] DeleteObject (ho=0xc30407de) returned 1
[0275.748] OffsetViewportOrgEx (in: hdc=0xb4010803, x=0, y=0, lppt=0x2d3ed20 | out: lppt=0x2d3ed20) returned 1
[0275.748] IsAppThemed () returned 0x1
[0275.748] GetThemeAppProperties () returned 0x3
[0275.748] GetThemeAppProperties () returned 0x3
[0275.748] GetThemeBackgroundContentRect () returned 0x0
[0275.749] RestoreDC (hdc=0xb4010803, nSavedDC=-1) returned 1
[0275.749] GdipReleaseDC (graphics=0x6600030, hdc=0xb4010803) returned 0x0
[0275.749] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0275.749] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0275.749] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0275.749] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0275.749] IsAppThemed () returned 0x1
[0275.749] GetThemeAppProperties () returned 0x3
[0275.749] GetThemeAppProperties () returned 0x3
[0275.749] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0275.749] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0275.749] GetCurrentObject (hdc=0xb4010803, type=0x1) returned 0xb00017
[0275.749] GetCurrentObject (hdc=0xb4010803, type=0x2) returned 0x900010
[0275.749] GetCurrentObject (hdc=0xb4010803, type=0x7) returned 0x4a0507fe
[0275.749] GetCurrentObject (hdc=0xb4010803, type=0x6) returned 0x8a01c2
[0275.749] SaveDC (hdc=0xb4010803) returned 1
[0275.749] GetTextAlign (hdc=0xb4010803) returned 0x0
[0275.749] GetTextColor (hdc=0xb4010803) returned 0x0
[0275.749] GetCurrentObject (hdc=0xb4010803, type=0x6) returned 0x8a01c2
[0275.749] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0275.750] SelectObject (hdc=0xb4010803, h=0x6d0a0520) returned 0x8a01c2
[0275.750] GetBkMode (hdc=0xb4010803) returned 2
[0275.750] SetBkMode (hdc=0xb4010803, mode=1) returned 2
[0275.750] DrawTextExW (in: hdc=0xb4010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d3f0e4 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0275.750] DrawTextExW (in: hdc=0xb4010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d3f0e4 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0275.750] RestoreDC (hdc=0xb4010803, nSavedDC=-1) returned 1
[0275.750] GdipReleaseDC (graphics=0x6600030, hdc=0xb4010803) returned 0x0
[0275.750] GetFocus () returned 0x602c4
[0275.750] IsAppThemed () returned 0x1
[0275.750] GetThemeAppProperties () returned 0x3
[0275.751] GetThemeAppProperties () returned 0x3
[0275.751] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0275.751] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xb4010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0275.751] GdipReleaseDC (graphics=0x6600030, hdc=0xb4010803) returned 0x0
[0275.751] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.751] SelectObject (hdc=0xb4010803, h=0x85000f) returned 0x4a0507fe
[0275.751] DeleteDC (hdc=0xb4010803) returned 1
[0275.751] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0275.751] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0275.751] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d3f1e0, cPoints=0x1 | out: lpPoints=0x2d3f1e0) returned 40304859
[0275.751] WindowFromPoint (Point=0x104) returned 0x602c4
[0275.751] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26c0104) returned 0x1
[0275.752] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0275.752] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0275.752] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0275.752] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0275.752] GetSystemMetrics (nIndex=42) returned 0
[0275.752] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0275.752] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0275.753] GetCapture () returned 0x602c4
[0275.753] ReleaseCapture () returned 1
[0275.753] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0275.754] GetProcessWindowStation () returned 0x13c
[0275.754] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.754] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0275.754] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.754] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0275.754] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.755] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0275.755] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.755] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0275.755] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.755] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0275.755] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.755] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0275.755] GetDC (hWnd=0x0) returned 0x107b9
[0275.755] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0275.756] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0275.756] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0275.756] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0275.756] GetSystemMetrics (nIndex=5) returned 1
[0275.756] GetSystemMetrics (nIndex=6) returned 1
[0275.756] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.756] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0275.756] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.757] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0275.759] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0275.759] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0275.759] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.759] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0275.759] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.759] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0275.760] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d44bfc | out: lpData=0x2d44bfc) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4500c, puLen=0xd7e810) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44cb4, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44d08, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44d88, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44df0, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44e30, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44eb8, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44ef4, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44f4c, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44f7c, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44fb8, puLen=0xd7e790) returned 1
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.761] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4500c, puLen=0xd7e784) returned 1
[0275.761] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.762] VerQueryValueW (in: pBlock=0x2d44bfc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d44c24, puLen=0xd7e794) returned 1
[0275.762] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0275.762] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0275.762] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.762] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0275.762] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.763] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0275.763] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d46b6c | out: lpData=0x2d46b6c) returned 1
[0275.763] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d46c08, puLen=0xd7e810) returned 1
[0275.763] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46c80, puLen=0xd7e790) returned 1
[0275.763] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46cb0, puLen=0xd7e790) returned 1
[0275.763] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46cec, puLen=0xd7e790) returned 1
[0275.763] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46d1c, puLen=0xd7e790) returned 1
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46d64, puLen=0xd7e790) returned 1
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46ddc, puLen=0xd7e790) returned 1
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46e20, puLen=0xd7e790) returned 1
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46e60, puLen=0xd7e790) returned 1
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46c5e, puLen=0xd7e790) returned 1
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46dac, puLen=0xd7e790) returned 1
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d46c08, puLen=0xd7e784) returned 1
[0275.764] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0275.764] VerQueryValueW (in: pBlock=0x2d46b6c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d46b94, puLen=0xd7e794) returned 1
[0275.765] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0275.765] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0275.765] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.765] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0275.765] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.765] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0275.765] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d48e44 | out: lpData=0x2d48e44) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d49258, puLen=0xd7e810) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d48efc, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d48f50, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d48fac, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4900c, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49064, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d490ec, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49140, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49198, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d491c8, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49204, puLen=0xd7e790) returned 1
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d49258, puLen=0xd7e784) returned 1
[0275.766] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.766] VerQueryValueW (in: pBlock=0x2d48e44, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d48e6c, puLen=0xd7e794) returned 1
[0275.767] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0275.767] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0275.767] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.767] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0275.767] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.767] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0275.768] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d4b47c | out: lpData=0x2d4b47c) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4b87c, puLen=0xd7e810) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b534, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b588, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b5c8, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b630, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b688, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b710, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b764, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b7bc, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b7ec, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b828, puLen=0xd7e790) returned 1
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.769] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4b87c, puLen=0xd7e784) returned 1
[0275.769] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.770] VerQueryValueW (in: pBlock=0x2d4b47c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d4b4a4, puLen=0xd7e794) returned 1
[0275.770] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0275.770] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0275.770] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.770] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0275.770] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.770] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0275.771] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d4dbb8 | out: lpData=0x2d4dbb8) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4df80, puLen=0xd7e810) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4dc70, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4dcc4, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4dd04, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4dd6c, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4dda8, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4de30, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4de68, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4dec0, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4def0, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4df2c, puLen=0xd7e790) returned 1
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4df80, puLen=0xd7e784) returned 1
[0275.772] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.772] VerQueryValueW (in: pBlock=0x2d4dbb8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d4dbe0, puLen=0xd7e794) returned 1
[0275.773] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0275.773] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0275.773] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.773] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0275.773] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.773] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0275.774] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d51220 | out: lpData=0x2d51220) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d51600, puLen=0xd7e810) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d512d8, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5132c, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5136c, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d513cc, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51418, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d514a0, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d514e8, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51540, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51570, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d515ac, puLen=0xd7e790) returned 1
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d51600, puLen=0xd7e784) returned 1
[0275.775] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.775] VerQueryValueW (in: pBlock=0x2d51220, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d51248, puLen=0xd7e794) returned 1
[0275.776] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0275.776] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0275.776] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.776] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0275.776] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.776] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0275.777] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d53a40 | out: lpData=0x2d53a40) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d53e4c, puLen=0xd7e810) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53af8, puLen=0xd7e790) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53b4c, puLen=0xd7e790) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53ba0, puLen=0xd7e790) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53c00, puLen=0xd7e790) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53c58, puLen=0xd7e790) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53ce0, puLen=0xd7e790) returned 1
[0275.777] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53d34, puLen=0xd7e790) returned 1
[0275.778] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53d8c, puLen=0xd7e790) returned 1
[0275.778] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53dbc, puLen=0xd7e790) returned 1
[0275.778] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.778] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53df8, puLen=0xd7e790) returned 1
[0275.778] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.778] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d53e4c, puLen=0xd7e784) returned 1
[0275.778] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.778] VerQueryValueW (in: pBlock=0x2d53a40, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d53a68, puLen=0xd7e794) returned 1
[0275.789] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0275.789] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0275.789] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.789] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0275.789] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.790] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0275.790] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d56254 | out: lpData=0x2d56254) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5662c, puLen=0xd7e810) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5630c, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56360, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d563a0, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56408, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5644c, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d564d4, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56514, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5656c, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5659c, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d565d8, puLen=0xd7e790) returned 1
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5662c, puLen=0xd7e784) returned 1
[0275.791] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.791] VerQueryValueW (in: pBlock=0x2d56254, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5627c, puLen=0xd7e794) returned 1
[0275.792] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0275.792] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0275.792] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.792] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0275.792] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.792] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0275.793] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d587ac | out: lpData=0x2d587ac) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d58b84, puLen=0xd7e810) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58864, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d588b8, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d588f8, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58960, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d589a4, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58a2c, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58a6c, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58ac4, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58af4, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58b30, puLen=0xd7e790) returned 1
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.794] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d58b84, puLen=0xd7e784) returned 1
[0275.794] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.795] VerQueryValueW (in: pBlock=0x2d587ac, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d587d4, puLen=0xd7e794) returned 1
[0275.795] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0275.795] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0275.795] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0275.795] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0275.795] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0275.796] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0275.796] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d5aee4 | out: lpData=0x2d5aee4) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5b314, puLen=0xd7e810) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5af9c, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5aff0, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b060, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b0c0, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b11c, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b1a4, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b1fc, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b254, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b284, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5b2c0, puLen=0xd7e790) returned 1
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5b314, puLen=0xd7e784) returned 1
[0275.797] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0275.797] VerQueryValueW (in: pBlock=0x2d5aee4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d5af0c, puLen=0xd7e794) returned 1
[0275.797] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0275.798] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.798] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0275.798] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.798] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.798] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c02dc
[0275.799] SetWindowLongW (hWnd=0x2c02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0275.799] GetWindowLongW (hWnd=0x2c02dc, nIndex=-4) returned 1950089536
[0275.799] SetWindowLongW (hWnd=0x2c02dc, nIndex=-4, dwNewLong=19947678) returned 1950089536
[0275.799] GetWindowLongW (hWnd=0x2c02dc, nIndex=-4) returned 19947678
[0275.799] GetWindowLongW (hWnd=0x2c02dc, nIndex=-16) returned 113311744
[0275.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0275.799] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0275.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0275.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0275.800] GetClientRect (in: hWnd=0x2c02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0275.800] GetWindowRect (in: hWnd=0x2c02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0275.800] SetWindowTextW (hWnd=0x2c02dc, lpString="WindowsFormsParkingWindow") returned 1
[0275.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0xc, wParam=0x0, lParam=0x2d204b8) returned 0x1
[0275.801] GetParent (hWnd=0x2c02dc) returned 0x0
[0275.801] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.801] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2c02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c02da
[0275.801] SetWindowLongW (hWnd=0x2c02da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0275.802] GetWindowLongW (hWnd=0x2c02da, nIndex=-4) returned 1868147648
[0275.802] SetWindowLongW (hWnd=0x2c02da, nIndex=-4, dwNewLong=19947798) returned 1868147648
[0275.802] GetWindowLongW (hWnd=0x2c02da, nIndex=-4) returned 19947798
[0275.802] GetWindowLongW (hWnd=0x2c02da, nIndex=-16) returned 1174405133
[0275.802] GetWindowLongW (hWnd=0x2c02da, nIndex=-12) returned 0
[0275.802] SetWindowLongW (hWnd=0x2c02da, nIndex=-12, dwNewLong=2884314) returned 0
[0275.802] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0275.803] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0275.803] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0275.803] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0275.803] GetWindowRect (in: hWnd=0x2c02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0275.803] GetParent (hWnd=0x2c02da) returned 0x2c02dc
[0275.803] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0275.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0275.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0275.804] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0275.804] GetWindowRect (in: hWnd=0x2c02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0275.804] GetParent (hWnd=0x2c02da) returned 0x2c02dc
[0275.804] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0275.804] SendMessageW (hWnd=0x2c02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2c02da) returned 0x0
[0275.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2c02da) returned 0x0
[0275.804] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.805] GetParent (hWnd=0x2c02da) returned 0x2c02dc
[0275.805] GdipCreateFromHWND (hwnd=0x2c02da, graphics=0xd7e844) returned 0x0
[0275.805] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0275.805] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0275.805] GetForegroundWindow () returned 0x7005c
[0275.805] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.805] GetSystemMetrics (nIndex=42) returned 0
[0275.805] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.805] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0275.806] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0275.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.806] GetSystemMetrics (nIndex=42) returned 0
[0275.806] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.806] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0275.806] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.806] GetCursorPos (in: lpPoint=0x2d5f368 | out: lpPoint=0x2d5f368*(x=260, y=620)) returned 1
[0275.806] MonitorFromPoint (pt=0x104, dwFlags=0x26c) returned 0x10001
[0275.806] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0275.806] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb7010803
[0275.807] GetDeviceCaps (hdc=0xb7010803, index=12) returned 32
[0275.807] GetDeviceCaps (hdc=0xb7010803, index=14) returned 1
[0275.807] DeleteDC (hdc=0xb7010803) returned 1
[0275.807] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0275.807] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0275.807] GetSystemMetrics (nIndex=59) returned 1460
[0275.807] GetSystemMetrics (nIndex=60) returned 920
[0275.807] GetSystemMetrics (nIndex=34) returned 136
[0275.807] GetSystemMetrics (nIndex=35) returned 39
[0275.807] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.807] GetCursorPos (in: lpPoint=0x2d5f5d4 | out: lpPoint=0x2d5f5d4*(x=260, y=620)) returned 1
[0275.807] MonitorFromPoint (pt=0x104, dwFlags=0x269) returned 0x10001
[0275.807] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0275.807] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb8010803
[0275.808] GetDeviceCaps (hdc=0xb8010803, index=12) returned 32
[0275.808] GetDeviceCaps (hdc=0xb8010803, index=14) returned 1
[0275.808] DeleteDC (hdc=0xb8010803) returned 1
[0275.808] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0275.808] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0275.808] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.808] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0275.808] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d5f86c | out: piconinfo=0x2d5f86c) returned 1
[0275.808] GetObjectW (in: h=0xb70507f1, c=24, pv=0x2d5f888 | out: pv=0x2d5f888) returned 24
[0275.808] GdipCreateBitmapFromHBITMAP (hbm=0xb70507f1, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0275.809] GdipGetImageWidth (image=0x6602710, width=0xd7e750) returned 0x0
[0275.809] GdipGetImageHeight (image=0x6602710, height=0xd7e748) returned 0x0
[0275.809] GdipGetImagePixelFormat (image=0x6602710, format=0xd7e740) returned 0x0
[0275.809] GdipBitmapLockBits (bitmap=0x6602710, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d5f940) returned 0x0
[0275.809] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0275.809] GdipBitmapLockBits (bitmap=0x6602080, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d5f978) returned 0x0
[0275.809] RtlMoveMemory (in: Destination=0x6659f20, Source=0x665eec0, Length=0x80 | out: Destination=0x6659f20)
[0275.809] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x665ee40, Length=0x80 | out: Destination=0x6659fa0)
[0275.809] RtlMoveMemory (in: Destination=0x665a020, Source=0x665edc0, Length=0x80 | out: Destination=0x665a020)
[0275.809] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x665ed40, Length=0x80 | out: Destination=0x665a0a0)
[0275.809] RtlMoveMemory (in: Destination=0x665a120, Source=0x665ecc0, Length=0x80 | out: Destination=0x665a120)
[0275.809] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x665ec40, Length=0x80 | out: Destination=0x665a1a0)
[0275.809] RtlMoveMemory (in: Destination=0x665a220, Source=0x665ebc0, Length=0x80 | out: Destination=0x665a220)
[0275.809] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x665eb40, Length=0x80 | out: Destination=0x665a2a0)
[0275.809] RtlMoveMemory (in: Destination=0x665a320, Source=0x665eac0, Length=0x80 | out: Destination=0x665a320)
[0275.809] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x665ea40, Length=0x80 | out: Destination=0x665a3a0)
[0275.809] RtlMoveMemory (in: Destination=0x665a420, Source=0x665e9c0, Length=0x80 | out: Destination=0x665a420)
[0275.811] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x665e940, Length=0x80 | out: Destination=0x665a4a0)
[0275.811] RtlMoveMemory (in: Destination=0x665a520, Source=0x665e8c0, Length=0x80 | out: Destination=0x665a520)
[0275.811] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x665e840, Length=0x80 | out: Destination=0x665a5a0)
[0275.811] RtlMoveMemory (in: Destination=0x665a620, Source=0x665e7c0, Length=0x80 | out: Destination=0x665a620)
[0275.811] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x665e740, Length=0x80 | out: Destination=0x665a6a0)
[0275.811] RtlMoveMemory (in: Destination=0x665a720, Source=0x665e6c0, Length=0x80 | out: Destination=0x665a720)
[0275.811] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x665e640, Length=0x80 | out: Destination=0x665a7a0)
[0275.811] RtlMoveMemory (in: Destination=0x665a820, Source=0x665e5c0, Length=0x80 | out: Destination=0x665a820)
[0275.811] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x665e540, Length=0x80 | out: Destination=0x665a8a0)
[0275.811] RtlMoveMemory (in: Destination=0x665a920, Source=0x665e4c0, Length=0x80 | out: Destination=0x665a920)
[0275.811] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x665e440, Length=0x80 | out: Destination=0x665a9a0)
[0275.811] RtlMoveMemory (in: Destination=0x665aa20, Source=0x665e3c0, Length=0x80 | out: Destination=0x665aa20)
[0275.811] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x665e340, Length=0x80 | out: Destination=0x665aaa0)
[0275.811] RtlMoveMemory (in: Destination=0x665ab20, Source=0x665e2c0, Length=0x80 | out: Destination=0x665ab20)
[0275.811] RtlMoveMemory (in: Destination=0x665aba0, Source=0x665e240, Length=0x80 | out: Destination=0x665aba0)
[0275.811] RtlMoveMemory (in: Destination=0x665ac20, Source=0x665e1c0, Length=0x80 | out: Destination=0x665ac20)
[0275.811] RtlMoveMemory (in: Destination=0x665aca0, Source=0x665e140, Length=0x80 | out: Destination=0x665aca0)
[0275.811] RtlMoveMemory (in: Destination=0x665ad20, Source=0x665e0c0, Length=0x80 | out: Destination=0x665ad20)
[0275.811] RtlMoveMemory (in: Destination=0x665ada0, Source=0x665e040, Length=0x80 | out: Destination=0x665ada0)
[0275.811] RtlMoveMemory (in: Destination=0x665ae20, Source=0x665dfc0, Length=0x80 | out: Destination=0x665ae20)
[0275.811] RtlMoveMemory (in: Destination=0x665aea0, Source=0x665df40, Length=0x80 | out: Destination=0x665aea0)
[0275.811] GdipBitmapUnlockBits (bitmap=0x6602710, lockedBitmapData=0x2d5f940) returned 0x0
[0275.811] GdipBitmapUnlockBits (bitmap=0x6602080, lockedBitmapData=0x2d5f978) returned 0x0
[0275.812] GdipDisposeImage (image=0x6602710) returned 0x0
[0275.812] DeleteObject (ho=0xb70507f1) returned 1
[0275.812] DeleteObject (ho=0xb9050803) returned 1
[0275.812] GetCurrentThreadId () returned 0xf50
[0275.812] GetCurrentThreadId () returned 0xf50
[0275.812] SetWindowPos (hWnd=0x2c02da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0275.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0275.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0275.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0275.812] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0275.812] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0275.812] GetWindowRect (in: hWnd=0x2c02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0275.812] GetParent (hWnd=0x2c02da) returned 0x2c02dc
[0275.812] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0275.812] InvalidateRect (hWnd=0x2c02da, lpRect=0x0, bErase=1) returned 1
[0275.813] GetWindowTextLengthW (hWnd=0x2c02da) returned 0
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0275.813] GetSystemMetrics (nIndex=42) returned 0
[0275.813] GetWindowTextW (in: hWnd=0x2c02da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0275.813] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0275.813] GetWindowRect (in: hWnd=0x2c02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0275.813] GetParent (hWnd=0x2c02da) returned 0x2c02dc
[0275.813] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0275.813] GetWindowTextLengthW (hWnd=0x2c02da) returned 0
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0275.813] GetSystemMetrics (nIndex=42) returned 0
[0275.813] GetWindowTextW (in: hWnd=0x2c02da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0275.813] GetWindowTextLengthW (hWnd=0x2c02da) returned 0
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0275.813] GetSystemMetrics (nIndex=42) returned 0
[0275.813] GetWindowTextW (in: hWnd=0x2c02da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0275.813] SetWindowTextW (hWnd=0x2c02da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0275.813] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xc, wParam=0x0, lParam=0x2d407d4) returned 0x1
[0275.814] InvalidateRect (hWnd=0x2c02da, lpRect=0x0, bErase=1) returned 1
[0275.814] GetCurrentThreadId () returned 0xf50
[0275.814] GetWindowThreadProcessId (in: hWnd=0x2c02da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0275.814] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0275.815] GdipImageForceValidation (image=0x6602710) returned 0x0
[0275.816] GdipGetImageRawFormat (image=0x6602710, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0275.816] GdipGetImageHeight (image=0x6602710, height=0xd7e824) returned 0x0
[0275.816] GdipGetImageWidth (image=0x6602710, width=0xd7e824) returned 0x0
[0275.816] GdipGetImageWidth (image=0x6602710, width=0xd7e810) returned 0x0
[0275.816] GdipGetImageHeight (image=0x6602710, height=0xd7e810) returned 0x0
[0275.816] GdipGetImageWidth (image=0x6602710, width=0xd7e800) returned 0x0
[0275.816] GdipGetImageHeight (image=0x6602710, height=0xd7e800) returned 0x0
[0275.816] GdipBitmapGetPixel (bitmap=0x6602710, x=0, y=15, color=0xd7e810) returned 0x0
[0275.816] GdipGetImageRawFormat (image=0x6602710, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0275.816] GdipGetImageWidth (image=0x6602710, width=0xd7e740) returned 0x0
[0275.816] GdipGetImageHeight (image=0x6602710, height=0xd7e740) returned 0x0
[0275.816] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0275.817] GdipGetImagePixelFormat (image=0x6600640, format=0xd7e740) returned 0x0
[0275.817] GdipGetImageGraphicsContext (image=0x6600640, graphics=0xd7e74c) returned 0x0
[0275.817] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0275.817] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0275.817] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0275.817] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602710, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0275.817] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0275.817] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0275.817] GdipDisposeImage (image=0x6602710) returned 0x0
[0275.817] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0275.818] GdipImageForceValidation (image=0x66016a8) returned 0x0
[0275.820] GdipGetImageRawFormat (image=0x66016a8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0275.820] GdipGetImageHeight (image=0x66016a8, height=0xd7e824) returned 0x0
[0275.820] GdipGetImageWidth (image=0x66016a8, width=0xd7e824) returned 0x0
[0275.820] GdipGetImageWidth (image=0x66016a8, width=0xd7e810) returned 0x0
[0275.820] GdipGetImageHeight (image=0x66016a8, height=0xd7e810) returned 0x0
[0275.820] GdipGetImageWidth (image=0x66016a8, width=0xd7e800) returned 0x0
[0275.820] GdipGetImageHeight (image=0x66016a8, height=0xd7e800) returned 0x0
[0275.820] GdipBitmapGetPixel (bitmap=0x66016a8, x=0, y=15, color=0xd7e810) returned 0x0
[0275.820] GdipGetImageRawFormat (image=0x66016a8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0275.820] GdipGetImageWidth (image=0x66016a8, width=0xd7e740) returned 0x0
[0275.820] GdipGetImageHeight (image=0x66016a8, height=0xd7e740) returned 0x0
[0275.820] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0275.820] GdipGetImagePixelFormat (image=0x6602710, format=0xd7e740) returned 0x0
[0275.820] GdipGetImageGraphicsContext (image=0x6602710, graphics=0xd7e74c) returned 0x0
[0275.820] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0275.820] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0275.821] GdipSetImageAttributesColorKeys (imageattr=0x6638a58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0275.821] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66016a8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a58, callback=0x0, callbackData=0x0) returned 0x0
[0275.821] GdipDisposeImageAttributes (imageattr=0x6638a58) returned 0x0
[0275.821] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0275.821] GdipDisposeImage (image=0x66016a8) returned 0x0
[0275.821] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.821] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0275.821] GetCurrentThreadId () returned 0xf50
[0275.821] GetCurrentThreadId () returned 0xf50
[0275.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.822] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0275.822] GetCurrentThreadId () returned 0xf50
[0275.822] GetCurrentThreadId () returned 0xf50
[0275.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.822] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0275.822] GetCurrentThreadId () returned 0xf50
[0275.822] GetCurrentThreadId () returned 0xf50
[0275.822] GetSystemMetrics (nIndex=5) returned 1
[0275.822] GetSystemMetrics (nIndex=6) returned 1
[0275.822] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.822] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0275.823] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.823] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0275.823] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.823] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0275.823] GetCurrentThreadId () returned 0xf50
[0275.823] GetCurrentThreadId () returned 0xf50
[0275.823] GetProcessWindowStation () returned 0x13c
[0275.823] GetCapture () returned 0x0
[0275.823] GetActiveWindow () returned 0x7005c
[0275.823] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0275.823] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.824] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0275.824] GetCursorPos (in: lpPoint=0x2d60ab8 | out: lpPoint=0x2d60ab8*(x=260, y=620)) returned 1
[0275.824] MonitorFromPoint (pt=0x104, dwFlags=0x26c) returned 0x10001
[0275.824] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0275.824] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xba010803
[0275.824] GetDeviceCaps (hdc=0xba010803, index=12) returned 32
[0275.824] GetDeviceCaps (hdc=0xba010803, index=14) returned 1
[0275.824] DeleteDC (hdc=0xba010803) returned 1
[0275.824] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0275.824] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.824] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c02de
[0275.825] SetWindowLongW (hWnd=0x2c02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0275.825] GetWindowLongW (hWnd=0x2c02de, nIndex=-4) returned 1950089536
[0275.825] SetWindowLongW (hWnd=0x2c02de, nIndex=-4, dwNewLong=19947118) returned 1950089536
[0275.825] GetWindowLongW (hWnd=0x2c02de, nIndex=-4) returned 19947118
[0275.825] GetWindowLongW (hWnd=0x2c02de, nIndex=-16) returned 113770496
[0275.826] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0275.826] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0275.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0275.827] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0275.827] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0275.828] SetWindowTextW (hWnd=0x2c02de, lpString="BB ransomware") returned 1
[0275.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xc, wParam=0x0, lParam=0x2d5f254) returned 0x1
[0275.828] GetStartupInfoW (in: lpStartupInfo=0x2d60df4 | out: lpStartupInfo=0x2d60df4*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0275.828] GetParent (hWnd=0x2c02de) returned 0x0
[0275.828] SetWindowLongW (hWnd=0x2c02de, nIndex=-8, dwNewLong=0) returned 0
[0275.829] SendMessageW (hWnd=0x2c02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0275.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0275.829] SendMessageW (hWnd=0x2c02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0275.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0275.829] GetSystemMenu (hWnd=0x2c02de, bRevert=0) returned 0xc0020f
[0275.829] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0275.829] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0275.829] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0275.830] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0275.830] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0275.830] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0275.830] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0275.830] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0275.830] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0275.830] SetWindowPos (hWnd=0x2c02de, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0275.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0275.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2c02de) returned 0x1
[0275.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0275.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0275.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0275.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0275.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0275.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2c02de, lParam=0x0) returned 0x0
[0275.835] GetCapture () returned 0x0
[0275.835] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0275.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0275.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0275.838] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0275.838] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0275.839] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0275.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0275.839] GetParent (hWnd=0x2c02de) returned 0x0
[0275.839] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0275.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0275.840] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0275.843] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0275.843] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0275.843] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0275.844] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0275.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0275.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0275.845] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.846] GetWindowLongW (hWnd=0x2c02de, nIndex=-16) returned 113770496
[0275.846] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0275.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.846] GetSystemMetrics (nIndex=42) returned 0
[0275.846] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0275.846] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0275.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.846] GetSystemMetrics (nIndex=42) returned 0
[0275.846] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0275.846] GetCursorPos (in: lpPoint=0x2d61030 | out: lpPoint=0x2d61030*(x=260, y=620)) returned 1
[0275.846] MonitorFromPoint (pt=0x104, dwFlags=0x26c) returned 0x10001
[0275.846] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0275.846] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x40107fc
[0275.846] GetDeviceCaps (hdc=0x40107fc, index=12) returned 32
[0275.846] GetDeviceCaps (hdc=0x40107fc, index=14) returned 1
[0275.846] DeleteDC (hdc=0x40107fc) returned 1
[0275.847] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0275.847] GetWindowLongW (hWnd=0x2c02de, nIndex=-16) returned 113770496
[0275.847] GetWindowLongW (hWnd=0x2c02de, nIndex=-20) returned 327945
[0275.847] SetWindowLongW (hWnd=0x2c02de, nIndex=-16, dwNewLong=46661632) returned 113770496
[0275.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0275.847] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0275.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0275.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0275.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0275.849] SetWindowLongW (hWnd=0x2c02de, nIndex=-20, dwNewLong=327681) returned 327945
[0275.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0275.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0275.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0275.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0275.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0275.851] SetWindowPos (hWnd=0x2c02de, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0275.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0275.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0275.851] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0275.851] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0275.851] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0275.851] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0275.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0275.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0275.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0275.853] RedrawWindow (hWnd=0x2c02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0275.853] GetSystemMenu (hWnd=0x2c02de, bRevert=0) returned 0xc0020f
[0275.853] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0275.853] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0275.853] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0275.853] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0275.853] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0275.853] EnableMenuItem (hMenu=0xc0020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0275.854] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0275.854] GetWindowLongW (hWnd=0x2c02de, nIndex=-8) returned 0
[0275.854] SetWindowLongW (hWnd=0x2c02de, nIndex=-8, dwNewLong=458844) returned 0
[0275.854] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0275.854] GetProcessWindowStation () returned 0x13c
[0275.854] GetCurrentThreadId () returned 0xf50
[0275.854] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305ee6, lParam=0x0) returned 1
[0275.854] IsWindowVisible (hWnd=0x2c02de) returned 0
[0275.854] IsWindowVisible (hWnd=0x7005c) returned 1
[0275.854] IsWindowEnabled (hWnd=0x7005c) returned 1
[0275.854] IsWindowVisible (hWnd=0x300ec) returned 0
[0275.854] IsWindowVisible (hWnd=0x502c6) returned 0
[0275.854] IsWindowVisible (hWnd=0x502be) returned 0
[0275.854] GetActiveWindow () returned 0x2c02de
[0275.855] GetFocus () returned 0x2c02de
[0275.855] IsWindow (hWnd=0x7005c) returned 1
[0275.855] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0275.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0275.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0275.855] GetWindowLongW (hWnd=0x2c02de, nIndex=-8) returned 458844
[0275.855] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0275.855] GetCurrentThreadId () returned 0xf50
[0275.855] GetWindowLongW (hWnd=0x2c02de, nIndex=-8) returned 458844
[0275.855] IsWindowEnabled (hWnd=0x7005c) returned 0
[0275.855] IsWindowEnabled (hWnd=0x2c02de) returned 1
[0275.855] ShowWindow (hWnd=0x2c02de, nCmdShow=5) returned 0
[0275.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.856] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0275.856] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.856] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.863] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2c02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2202ce
[0275.863] SetWindowLongW (hWnd=0x2202ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0275.863] GetWindowLongW (hWnd=0x2202ce, nIndex=-4) returned 1950089536
[0275.864] SetWindowLongW (hWnd=0x2202ce, nIndex=-4, dwNewLong=19947158) returned 1950089536
[0275.864] GetWindowLongW (hWnd=0x2202ce, nIndex=-4) returned 19947158
[0275.864] GetWindowLongW (hWnd=0x2202ce, nIndex=-16) returned 1174405120
[0275.864] GetWindowLongW (hWnd=0x2202ce, nIndex=-12) returned 0
[0275.864] SetWindowLongW (hWnd=0x2202ce, nIndex=-12, dwNewLong=2228942) returned 0
[0275.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0275.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0275.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0275.864] GetWindow (hWnd=0x2202ce, uCmd=0x3) returned 0x0
[0275.864] GetClientRect (in: hWnd=0x2202ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0275.864] GetWindowRect (in: hWnd=0x2202ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0275.865] GetParent (hWnd=0x2202ce) returned 0x2c02de
[0275.865] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0275.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0275.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0275.865] GetClientRect (in: hWnd=0x2202ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0275.865] GetWindowRect (in: hWnd=0x2202ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0275.865] GetParent (hWnd=0x2202ce) returned 0x2c02de
[0275.865] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0275.865] SendMessageW (hWnd=0x2202ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2202ce) returned 0x0
[0275.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2202ce) returned 0x0
[0275.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.866] GetParent (hWnd=0x2202ce) returned 0x2c02de
[0275.866] GetParent (hWnd=0x2c02da) returned 0x2c02dc
[0275.866] SetParent (hWndChild=0x2c02da, hWndNewParent=0x2c02de) returned 0x2c02dc
[0275.866] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0275.866] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0275.866] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0275.867] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0275.867] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0275.867] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0275.867] GetWindowRect (in: hWnd=0x2c02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0275.867] GetParent (hWnd=0x2c02da) returned 0x2c02de
[0275.867] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0275.867] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0275.867] GetWindowRect (in: hWnd=0x2c02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0275.867] GetParent (hWnd=0x2c02da) returned 0x2c02de
[0275.867] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0275.867] GetParent (hWnd=0x2c02da) returned 0x2c02de
[0275.867] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.867] GetWindow (hWnd=0x2c02da, uCmd=0x3) returned 0x0
[0275.867] SetWindowPos (hWnd=0x2c02da, hWndInsertAfter=0x2202ce, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0275.867] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0275.868] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0275.868] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0275.868] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0275.868] GetWindowRect (in: hWnd=0x2c02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0275.868] GetParent (hWnd=0x2c02da) returned 0x2c02de
[0275.868] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0275.868] GetParent (hWnd=0x2c02da) returned 0x2c02de
[0275.868] GetWindow (hWnd=0x2c02da, uCmd=0x3) returned 0x2202ce
[0275.868] GetWindowThreadProcessId (in: hWnd=0x2c02da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0275.868] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0275.869] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.869] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.869] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2c02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e02d8
[0275.869] SetWindowLongW (hWnd=0x2e02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0275.869] GetWindowLongW (hWnd=0x2e02d8, nIndex=-4) returned 1868032000
[0275.870] SetWindowLongW (hWnd=0x2e02d8, nIndex=-4, dwNewLong=19947478) returned 1868032000
[0275.870] GetWindowLongW (hWnd=0x2e02d8, nIndex=-4) returned 19947478
[0275.870] GetWindowLongW (hWnd=0x2e02d8, nIndex=-16) returned 1174470667
[0275.870] GetWindowLongW (hWnd=0x2e02d8, nIndex=-12) returned 0
[0275.870] SetWindowLongW (hWnd=0x2e02d8, nIndex=-12, dwNewLong=3015384) returned 0
[0275.870] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0275.870] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0275.871] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0275.871] SendMessageW (hWnd=0x2e02d8, Msg=0x2055, wParam=0x2e02d8, lParam=0x3) returned 0x2
[0275.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0275.871] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0275.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0275.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0275.872] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0275.872] RedrawWindow (hWnd=0x2202ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0275.872] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0275.872] RedrawWindow (hWnd=0x2c02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0275.872] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0275.872] RedrawWindow (hWnd=0x2e02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0275.873] RedrawWindow (hWnd=0x2c02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0275.873] GetWindow (hWnd=0x2e02d8, uCmd=0x3) returned 0x2c02da
[0275.873] GetClientRect (in: hWnd=0x2e02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0275.873] GetWindowRect (in: hWnd=0x2e02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0275.873] GetParent (hWnd=0x2e02d8) returned 0x2c02de
[0275.873] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0275.873] SetWindowTextW (hWnd=0x2e02d8, lpString="&Details") returned 1
[0275.873] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0275.874] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0275.874] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0275.874] GetClientRect (in: hWnd=0x2e02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0275.874] GetWindowRect (in: hWnd=0x2e02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0275.874] GetParent (hWnd=0x2e02d8) returned 0x2c02de
[0275.874] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0275.874] SendMessageW (hWnd=0x2e02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2e02d8) returned 0x0
[0275.874] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2e02d8) returned 0x0
[0275.874] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.875] GetParent (hWnd=0x2e02d8) returned 0x2c02de
[0275.875] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0275.875] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.875] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.875] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2c02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2602c8
[0275.876] SetWindowLongW (hWnd=0x2602c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0275.876] GetWindowLongW (hWnd=0x2602c8, nIndex=-4) returned 1868032000
[0275.876] SetWindowLongW (hWnd=0x2602c8, nIndex=-4, dwNewLong=19947438) returned 1868032000
[0275.876] GetWindowLongW (hWnd=0x2602c8, nIndex=-4) returned 19947438
[0275.876] GetWindowLongW (hWnd=0x2602c8, nIndex=-16) returned 1174470667
[0275.876] GetWindowLongW (hWnd=0x2602c8, nIndex=-12) returned 0
[0275.876] SetWindowLongW (hWnd=0x2602c8, nIndex=-12, dwNewLong=2491080) returned 0
[0275.876] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0275.877] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0275.877] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0275.878] SendMessageW (hWnd=0x2602c8, Msg=0x2055, wParam=0x2602c8, lParam=0x3) returned 0x2
[0275.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0275.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0275.878] GetWindow (hWnd=0x2602c8, uCmd=0x3) returned 0x2e02d8
[0275.878] GetClientRect (in: hWnd=0x2602c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0275.878] GetWindowRect (in: hWnd=0x2602c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0275.878] GetParent (hWnd=0x2602c8) returned 0x2c02de
[0275.878] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0275.878] SetWindowTextW (hWnd=0x2602c8, lpString="&Continue") returned 1
[0275.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0275.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0275.879] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0275.879] GetClientRect (in: hWnd=0x2602c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0275.879] GetWindowRect (in: hWnd=0x2602c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0275.879] GetParent (hWnd=0x2602c8) returned 0x2c02de
[0275.879] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0275.879] SendMessageW (hWnd=0x2602c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2602c8) returned 0x0
[0275.879] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2602c8) returned 0x0
[0275.879] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.879] GetParent (hWnd=0x2602c8) returned 0x2c02de
[0275.879] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0275.879] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.880] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.880] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2c02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f00ea
[0275.880] SetWindowLongW (hWnd=0x2f00ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0275.880] GetWindowLongW (hWnd=0x2f00ea, nIndex=-4) returned 1868032000
[0275.880] SetWindowLongW (hWnd=0x2f00ea, nIndex=-4, dwNewLong=19947718) returned 1868032000
[0275.880] GetWindowLongW (hWnd=0x2f00ea, nIndex=-4) returned 19947718
[0275.880] GetWindowLongW (hWnd=0x2f00ea, nIndex=-16) returned 1174470667
[0275.880] GetWindowLongW (hWnd=0x2f00ea, nIndex=-12) returned 0
[0275.880] SetWindowLongW (hWnd=0x2f00ea, nIndex=-12, dwNewLong=3080426) returned 0
[0275.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0275.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0275.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0275.882] SendMessageW (hWnd=0x2f00ea, Msg=0x2055, wParam=0x2f00ea, lParam=0x3) returned 0x2
[0275.882] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0275.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0275.882] GetWindow (hWnd=0x2f00ea, uCmd=0x3) returned 0x2602c8
[0275.882] GetClientRect (in: hWnd=0x2f00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0275.882] GetWindowRect (in: hWnd=0x2f00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0275.882] GetParent (hWnd=0x2f00ea) returned 0x2c02de
[0275.882] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0275.882] SetWindowTextW (hWnd=0x2f00ea, lpString="&Quit") returned 1
[0275.882] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0275.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0275.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0275.883] GetClientRect (in: hWnd=0x2f00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0275.883] GetWindowRect (in: hWnd=0x2f00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0275.883] GetParent (hWnd=0x2f00ea) returned 0x2c02de
[0275.883] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0275.883] SendMessageW (hWnd=0x2f00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2f00ea) returned 0x0
[0275.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x2210, wParam=0xea0001, lParam=0x2f00ea) returned 0x0
[0275.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.883] GetParent (hWnd=0x2f00ea) returned 0x2c02de
[0275.884] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0275.884] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0275.884] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0275.884] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2c02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2102d0
[0275.884] SetWindowLongW (hWnd=0x2102d0, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0275.885] GetWindowLongW (hWnd=0x2102d0, nIndex=-4) returned 1868026976
[0275.885] SetWindowLongW (hWnd=0x2102d0, nIndex=-4, dwNewLong=19947198) returned 1868026976
[0275.885] GetWindowLongW (hWnd=0x2102d0, nIndex=-4) returned 19947198
[0275.885] GetWindowLongW (hWnd=0x2102d0, nIndex=-16) returned 1177553092
[0275.885] GetWindowLongW (hWnd=0x2102d0, nIndex=-12) returned 0
[0275.885] SetWindowLongW (hWnd=0x2102d0, nIndex=-12, dwNewLong=2163408) returned 0
[0275.885] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0275.886] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0275.888] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0275.904] GetWindow (hWnd=0x2102d0, uCmd=0x3) returned 0x2f00ea
[0275.904] GetClientRect (in: hWnd=0x2102d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0275.904] GetWindowRect (in: hWnd=0x2102d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0275.904] GetParent (hWnd=0x2102d0) returned 0x2c02de
[0275.904] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0275.905] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0275.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.905] GetSystemMetrics (nIndex=42) returned 0
[0275.905] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.905] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0275.905] SendMessageW (hWnd=0x2102d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0275.905] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0275.909] SetWindowTextW (hWnd=0x2102d0, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0275.909] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0xc, wParam=0x0, lParam=0x2d5cc3c) returned 0x1
[0275.911] GetSystemMetrics (nIndex=5) returned 1
[0275.911] GetSystemMetrics (nIndex=6) returned 1
[0275.911] SendMessageW (hWnd=0x2102d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0275.911] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0275.912] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0275.913] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0275.913] GetClientRect (in: hWnd=0x2102d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0275.913] GetWindowRect (in: hWnd=0x2102d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0275.913] GetParent (hWnd=0x2102d0) returned 0x2c02de
[0275.913] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02de, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0275.913] SendMessageW (hWnd=0x2102d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2102d0) returned 0x0
[0275.913] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2102d0) returned 0x0
[0275.913] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0275.914] GetParent (hWnd=0x2102d0) returned 0x2c02de
[0275.914] GetWindowLongW (hWnd=0x2c02de, nIndex=-8) returned 458844
[0275.914] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0275.914] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0275.914] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb0107fc
[0275.914] GetDeviceCaps (hdc=0xb0107fc, index=12) returned 32
[0275.914] GetDeviceCaps (hdc=0xb0107fc, index=14) returned 1
[0275.915] DeleteDC (hdc=0xb0107fc) returned 1
[0275.915] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0275.915] GetWindowThreadProcessId (in: hWnd=0x2c02de, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0275.915] GetCurrentThreadId () returned 0xf50
[0275.915] PostMessageW (hWnd=0x2c02de, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0275.915] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0275.915] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.915] GetSystemMetrics (nIndex=42) returned 0
[0275.915] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.915] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0275.915] GdipImageGetFrameDimensionsCount (image=0x6602080, count=0xd7e25c) returned 0x0
[0275.915] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201748
[0275.916] GdipImageGetFrameDimensionsList (image=0x6602080, dimensionIDs=0x1201748*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0275.916] LocalFree (hMem=0x1201748) returned 0x0
[0275.916] GdipImageGetFrameDimensionsCount (image=0x6600640, count=0xd7e250) returned 0x0
[0275.916] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201868
[0275.916] GdipImageGetFrameDimensionsList (image=0x6600640, dimensionIDs=0x1201868*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0275.916] LocalFree (hMem=0x1201868) returned 0x0
[0275.916] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0275.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0275.916] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0275.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0275.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0275.928] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0275.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0275.929] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0275.929] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0275.929] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0275.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.929] GetSystemMetrics (nIndex=42) returned 0
[0275.929] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0275.930] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0275.930] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0275.930] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0275.930] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0x670507c6
[0275.930] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0275.930] SaveDC (hdc=0x107b9) returned 1
[0275.930] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0275.930] CreateSolidBrush (color=0xf0f0f0) returned 0x11007e1
[0275.930] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x11007e1) returned 1
[0275.930] DeleteObject (ho=0x11007e1) returned 1
[0275.930] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0275.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0275.931] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0275.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0275.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0275.931] GetStockObject (i=5) returned 0x900015
[0275.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0275.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0275.932] GetStockObject (i=5) returned 0x900015
[0275.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0275.932] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0275.932] GetStockObject (i=5) returned 0x900015
[0275.933] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0275.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0275.933] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0275.933] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0275.934] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0275.934] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0275.935] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0275.935] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0275.935] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0275.935] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0275.935] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0275.935] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0275.936] InvalidateRect (hWnd=0x2e02d8, lpRect=0x0, bErase=0) returned 1
[0275.936] GetFocus () returned 0x2c02de
[0275.936] GetFocus () returned 0x2c02de
[0275.936] SetFocus (hWnd=0x2e02d8) returned 0x2c02de
[0275.936] GetFocus () returned 0x2e02d8
[0275.936] IsChild (hWndParent=0x2c02de, hWnd=0x2e02d8) returned 1
[0275.936] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x8, wParam=0x2e02d8, lParam=0x0) returned 0x0
[0275.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0275.945] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0275.961] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0275.962] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x7, wParam=0x2c02de, lParam=0x0) returned 0x0
[0275.962] GetStockObject (i=5) returned 0x900015
[0275.962] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0275.962] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0275.962] GetDlgItem (hDlg=0x2c02de, nIDDlgItem=3015384) returned 0x2e02d8
[0275.962] SendMessageW (hWnd=0x2e02d8, Msg=0x202b, wParam=0x2e02d8, lParam=0xd7e0dc) returned 0x0
[0275.962] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x202b, wParam=0x2e02d8, lParam=0xd7e0dc) returned 0x0
[0275.962] InvalidateRect (hWnd=0x2e02d8, lpRect=0x0, bErase=0) returned 1
[0275.965] GetFocus () returned 0x2e02d8
[0275.973] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.974] IsWindowUnicode (hWnd=0x2c02de) returned 1
[0275.974] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.974] TranslateMessage (lpMsg=0xd7e808) returned 0
[0275.974] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0275.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0275.975] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.975] IsWindowUnicode (hWnd=0x2c02de) returned 1
[0275.975] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.975] TranslateMessage (lpMsg=0xd7e808) returned 0
[0275.975] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0275.976] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0275.976] IsWindowUnicode (hWnd=0x2c02de) returned 1
[0275.976] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.976] TranslateMessage (lpMsg=0xd7e808) returned 0
[0275.976] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0275.977] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.977] IsWindowUnicode (hWnd=0x602c4) returned 1
[0275.977] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.977] TranslateMessage (lpMsg=0xd7e808) returned 0
[0275.977] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0275.977] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0275.977] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0275.977] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.978] IsWindowUnicode (hWnd=0x2c02de) returned 1
[0275.978] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.978] TranslateMessage (lpMsg=0xd7e808) returned 0
[0275.978] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0275.978] BeginPaint (in: hWnd=0x2c02de, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0275.979] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.979] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0275.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0275.979] GetSystemMetrics (nIndex=42) returned 0
[0275.979] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0275.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0275.979] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.979] EndPaint (hWnd=0x2c02de, lpPaint=0xd7e274) returned 1
[0275.980] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.980] IsWindowUnicode (hWnd=0x2202ce) returned 1
[0275.980] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.980] TranslateMessage (lpMsg=0xd7e808) returned 0
[0275.980] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0275.980] BeginPaint (in: hWnd=0x2202ce, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0275.980] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.980] CreateCompatibleDC (hdc=0xc0107c5) returned 0x5d0107e8
[0275.980] SelectObject (hdc=0x5d0107e8, h=0x4a0507fe) returned 0x85000f
[0275.980] GdipCreateFromHDC (hdc=0x5d0107e8, graphics=0xd7e2b0) returned 0x0
[0275.981] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0275.981] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0275.981] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0275.981] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0275.981] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e310) returned 0x0
[0275.981] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0275.982] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0275.982] LocalFree (hMem=0x11eecc8) returned 0x0
[0275.982] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0275.982] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0275.982] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0275.982] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e304) returned 0x0
[0275.982] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0275.983] GetWindowTextLengthW (hWnd=0x2202ce) returned 0
[0275.983] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0275.983] GetSystemMetrics (nIndex=42) returned 0
[0275.983] GetWindowTextW (in: hWnd=0x2202ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0275.983] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0275.983] GetClientRect (in: hWnd=0x2202ce, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0275.983] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0275.983] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0275.983] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0275.983] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0275.983] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e164) returned 0x0
[0275.983] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0275.983] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0275.984] LocalFree (hMem=0x11eecc8) returned 0x0
[0275.984] GdipCombineRegionRegion (region=0x6646cb8, region2=0x6646568, combineMode=0x1) returned 0x0
[0275.984] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0275.984] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0275.984] LocalFree (hMem=0x11ee868) returned 0x0
[0275.984] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0275.984] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0275.984] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0275.984] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0275.984] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0275.984] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0275.984] GetCurrentObject (hdc=0x5d0107e8, type=0x1) returned 0xb00017
[0275.984] GetCurrentObject (hdc=0x5d0107e8, type=0x2) returned 0x900010
[0275.984] GetCurrentObject (hdc=0x5d0107e8, type=0x7) returned 0x4a0507fe
[0275.985] GetCurrentObject (hdc=0x5d0107e8, type=0x6) returned 0x8a01c2
[0275.985] SaveDC (hdc=0x5d0107e8) returned 1
[0275.985] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc40407de
[0275.985] GetClipRgn (hdc=0x5d0107e8, hrgn=0xc40407de) returned 0
[0275.985] SelectClipRgn (hdc=0x5d0107e8, hrgn=0x33040807) returned 2
[0275.985] DeleteObject (ho=0xc40407de) returned 1
[0275.985] DeleteObject (ho=0x33040807) returned 1
[0275.985] OffsetViewportOrgEx (in: hdc=0x5d0107e8, x=0, y=0, lppt=0x2d6279c | out: lppt=0x2d6279c) returned 1
[0275.985] GetNearestColor (hdc=0x5d0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0275.985] CreateSolidBrush (color=0xf0f0f0) returned 0x21007e1
[0275.985] FillRect (hDC=0x5d0107e8, lprc=0xd7e198, hbr=0x21007e1) returned 1
[0275.986] DeleteObject (ho=0x21007e1) returned 1
[0275.986] RestoreDC (hdc=0x5d0107e8, nSavedDC=-1) returned 1
[0275.986] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e8) returned 0x0
[0275.986] GdipRestoreGraphics (graphics=0x6600030, state=0xf6f00dbd) returned 0x0
[0275.986] GdipDeleteRegion (region=0x6646568) returned 0x0
[0275.986] GetWindowTextLengthW (hWnd=0x2202ce) returned 0
[0275.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0275.986] GetSystemMetrics (nIndex=42) returned 0
[0275.986] GetWindowTextW (in: hWnd=0x2202ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0275.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0275.986] GdipGetImageWidth (image=0x6602080, width=0xd7e1e0) returned 0x0
[0275.986] GdipGetImageHeight (image=0x6602080, height=0xd7e1e0) returned 0x0
[0275.987] GdipGetImageWidth (image=0x6602080, width=0xd7e1cc) returned 0x0
[0275.987] GdipGetImageHeight (image=0x6602080, height=0xd7e1cc) returned 0x0
[0275.987] GdipDrawImageRectI (graphics=0x6600030, image=0x6602080, x=16, y=16, width=32, height=32) returned 0x0
[0275.987] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0275.987] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0x5d0107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0275.987] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e8) returned 0x0
[0275.987] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0275.987] SelectObject (hdc=0x5d0107e8, h=0x85000f) returned 0x4a0507fe
[0275.987] DeleteDC (hdc=0x5d0107e8) returned 1
[0275.988] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0275.988] EndPaint (hWnd=0x2202ce, lpPaint=0xd7e294) returned 1
[0275.991] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.991] IsWindowUnicode (hWnd=0x2c02da) returned 1
[0275.991] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0275.991] TranslateMessage (lpMsg=0xd7e808) returned 0
[0275.991] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0275.991] BeginPaint (in: hWnd=0x2c02da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0275.992] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0275.992] CreateCompatibleDC (hdc=0x107b9) returned 0x5f0107e8
[0275.992] GetObjectType (h=0x107b9) returned 0x3
[0275.992] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0x240507fc
[0275.992] GetDIBits (in: hdc=0x107b9, hbm=0x240507fc, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0275.992] GetDIBits (in: hdc=0x107b9, hbm=0x240507fc, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0275.992] DeleteObject (ho=0x240507fc) returned 1
[0275.993] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x75050801
[0275.993] SelectObject (hdc=0x5f0107e8, h=0x75050801) returned 0x85000f
[0275.993] GdipCreateFromHDC (hdc=0x5f0107e8, graphics=0xd7e234) returned 0x0
[0275.993] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0275.993] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0275.993] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0275.993] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0275.993] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2d4) returned 0x0
[0275.993] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0275.994] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0275.994] LocalFree (hMem=0x11eecc8) returned 0x0
[0275.994] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0275.994] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0275.994] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0275.994] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0275.995] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0275.995] GetWindowTextLengthW (hWnd=0x2c02da) returned 232
[0275.995] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0275.995] GetSystemMetrics (nIndex=42) returned 0
[0275.995] GetWindowTextW (in: hWnd=0x2c02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0275.995] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0275.996] GetClientRect (in: hWnd=0x2c02da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0275.996] GdipCreateRegion (region=0xd7e110) returned 0x0
[0275.996] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0275.996] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0275.996] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0275.996] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e128) returned 0x0
[0275.996] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0275.996] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0275.996] LocalFree (hMem=0x11ee788) returned 0x0
[0275.996] GdipCombineRegionRegion (region=0x6646cb8, region2=0x6646838, combineMode=0x1) returned 0x0
[0275.996] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0275.996] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0275.996] LocalFree (hMem=0x11ee868) returned 0x0
[0275.997] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0275.997] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0275.997] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0275.997] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0276.016] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0276.016] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0276.016] GetCurrentObject (hdc=0x5f0107e8, type=0x1) returned 0xb00017
[0276.016] GetCurrentObject (hdc=0x5f0107e8, type=0x2) returned 0x900010
[0276.016] GetCurrentObject (hdc=0x5f0107e8, type=0x7) returned 0x75050801
[0276.016] GetCurrentObject (hdc=0x5f0107e8, type=0x6) returned 0x8a01c2
[0276.016] SaveDC (hdc=0x5f0107e8) returned 1
[0276.016] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x34040807
[0276.017] GetClipRgn (hdc=0x5f0107e8, hrgn=0x34040807) returned 0
[0276.017] SelectClipRgn (hdc=0x5f0107e8, hrgn=0xc50407de) returned 2
[0276.017] DeleteObject (ho=0x34040807) returned 1
[0276.017] DeleteObject (ho=0xc50407de) returned 1
[0276.017] OffsetViewportOrgEx (in: hdc=0x5f0107e8, x=0, y=0, lppt=0x2d64164 | out: lppt=0x2d64164) returned 1
[0276.017] GetNearestColor (hdc=0x5f0107e8, color=0xf0f0f0) returned 0xf0f0f0
[0276.017] CreateSolidBrush (color=0xf0f0f0) returned 0x31007e1
[0276.017] FillRect (hDC=0x5f0107e8, lprc=0xd7e15c, hbr=0x31007e1) returned 1
[0276.019] DeleteObject (ho=0x31007e1) returned 1
[0276.019] RestoreDC (hdc=0x5f0107e8, nSavedDC=-1) returned 1
[0276.019] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107e8) returned 0x0
[0276.019] GdipRestoreGraphics (graphics=0x6600030, state=0xf6ee0dbd) returned 0x0
[0276.019] GdipDeleteRegion (region=0x6646838) returned 0x0
[0276.019] GetWindowTextLengthW (hWnd=0x2c02da) returned 232
[0276.020] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0276.020] GetSystemMetrics (nIndex=42) returned 0
[0276.020] GetWindowTextW (in: hWnd=0x2c02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0276.020] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0276.020] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0276.020] GetCurrentObject (hdc=0x5f0107e8, type=0x1) returned 0xb00017
[0276.020] GetCurrentObject (hdc=0x5f0107e8, type=0x2) returned 0x900010
[0276.020] GetCurrentObject (hdc=0x5f0107e8, type=0x7) returned 0x75050801
[0276.020] GetCurrentObject (hdc=0x5f0107e8, type=0x6) returned 0x8a01c2
[0276.021] SaveDC (hdc=0x5f0107e8) returned 1
[0276.021] GetNearestColor (hdc=0x5f0107e8, color=0x0) returned 0x0
[0276.021] RestoreDC (hdc=0x5f0107e8, nSavedDC=-1) returned 1
[0276.021] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107e8) returned 0x0
[0276.022] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0276.022] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0276.022] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d64960 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0276.023] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0276.023] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0276.023] GetCurrentObject (hdc=0x5f0107e8, type=0x1) returned 0xb00017
[0276.023] GetCurrentObject (hdc=0x5f0107e8, type=0x2) returned 0x900010
[0276.023] GetCurrentObject (hdc=0x5f0107e8, type=0x7) returned 0x75050801
[0276.023] GetCurrentObject (hdc=0x5f0107e8, type=0x6) returned 0x8a01c2
[0276.023] SaveDC (hdc=0x5f0107e8) returned 1
[0276.023] GetTextAlign (hdc=0x5f0107e8) returned 0x0
[0276.023] GetTextColor (hdc=0x5f0107e8) returned 0x0
[0276.023] GetCurrentObject (hdc=0x5f0107e8, type=0x6) returned 0x8a01c2
[0276.024] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0276.024] SelectObject (hdc=0x5f0107e8, h=0x6d0a0520) returned 0x8a01c2
[0276.024] GetBkMode (hdc=0x5f0107e8) returned 2
[0276.024] SetBkMode (hdc=0x5f0107e8, mode=1) returned 2
[0276.024] DrawTextExW (in: hdc=0x5f0107e8, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d64b84 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0276.050] RestoreDC (hdc=0x5f0107e8, nSavedDC=-1) returned 1
[0276.051] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107e8) returned 0x0
[0276.051] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0276.051] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x5f0107e8, x1=0, y1=0, rop=0xcc0020) returned 1
[0276.051] GdipReleaseDC (graphics=0x6600030, hdc=0x5f0107e8) returned 0x0
[0276.051] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.051] SelectObject (hdc=0x5f0107e8, h=0x85000f) returned 0x75050801
[0276.051] DeleteDC (hdc=0x5f0107e8) returned 1
[0276.052] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0276.052] DeleteObject (ho=0x75050801) returned 1
[0276.052] EndPaint (hWnd=0x2c02da, lpPaint=0xd7e258) returned 1
[0276.053] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.053] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.053] IsWindowUnicode (hWnd=0x2602c8) returned 1
[0276.053] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.053] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.053] SetCursor (hCursor=0x10003) returned 0x10003
[0276.054] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.054] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.054] _TrackMouseEvent (in: lpEventTrack=0x2d64bc0 | out: lpEventTrack=0x2d64bc0) returned 1
[0276.054] SendMessageW (hWnd=0x2602c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0276.054] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0276.054] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0276.054] GetKeyState (nVirtKey=1) returned 0
[0276.054] GetKeyState (nVirtKey=2) returned 0
[0276.054] GetKeyState (nVirtKey=4) returned 0
[0276.054] GetKeyState (nVirtKey=5) returned 0
[0276.054] GetKeyState (nVirtKey=6) returned 0
[0276.054] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.054] IsWindowUnicode (hWnd=0x2e02d8) returned 1
[0276.054] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.054] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.054] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.055] BeginPaint (in: hWnd=0x2e02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0276.055] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0276.055] CreateCompatibleDC (hdc=0x60100ce) returned 0x260107fc
[0276.055] SelectObject (hdc=0x260107fc, h=0x4a0507fe) returned 0x85000f
[0276.055] GdipCreateFromHDC (hdc=0x260107fc, graphics=0xd7e268) returned 0x0
[0276.055] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0276.055] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0276.055] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0276.055] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0276.057] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0276.057] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0276.057] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0276.057] LocalFree (hMem=0x11ee9f0) returned 0x0
[0276.057] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0276.057] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0276.057] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0276.057] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0276.057] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0276.057] GdipRestoreGraphics (graphics=0x6600030, state=0xf6ec0dbd) returned 0x0
[0276.057] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0276.057] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0276.057] GetCurrentObject (hdc=0x260107fc, type=0x1) returned 0xb00017
[0276.058] GetCurrentObject (hdc=0x260107fc, type=0x2) returned 0x900010
[0276.058] GetCurrentObject (hdc=0x260107fc, type=0x7) returned 0x4a0507fe
[0276.058] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.058] SaveDC (hdc=0x260107fc) returned 1
[0276.058] GetNearestColor (hdc=0x260107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.058] GetNearestColor (hdc=0x260107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.058] GetNearestColor (hdc=0x260107fc, color=0x696969) returned 0x696969
[0276.058] GetNearestColor (hdc=0x260107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.058] GetNearestColor (hdc=0x260107fc, color=0x0) returned 0x0
[0276.058] GetNearestColor (hdc=0x260107fc, color=0xffffff) returned 0xffffff
[0276.059] GetNearestColor (hdc=0x260107fc, color=0xe5e5e5) returned 0xe5e5e5
[0276.059] GetNearestColor (hdc=0x260107fc, color=0xd7d7d7) returned 0xd7d7d7
[0276.059] GetNearestColor (hdc=0x260107fc, color=0x0) returned 0x0
[0276.059] RestoreDC (hdc=0x260107fc, nSavedDC=-1) returned 1
[0276.059] GdipReleaseDC (graphics=0x6600030, hdc=0x260107fc) returned 0x0
[0276.059] IsAppThemed () returned 0x1
[0276.059] GetThemeAppProperties () returned 0x3
[0276.064] GetThemeAppProperties () returned 0x3
[0276.064] GdipGetImageWidth (image=0x6600640, width=0xd7e168) returned 0x0
[0276.064] GdipGetImageHeight (image=0x6600640, height=0xd7e168) returned 0x0
[0276.064] IsAppThemed () returned 0x1
[0276.064] GetThemeAppProperties () returned 0x3
[0276.064] GetThemeAppProperties () returned 0x3
[0276.065] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d6532c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0276.065] IsAppThemed () returned 0x1
[0276.065] GetThemeAppProperties () returned 0x3
[0276.065] GetThemeAppProperties () returned 0x3
[0276.065] IsAppThemed () returned 0x1
[0276.065] GetThemeAppProperties () returned 0x3
[0276.065] GetThemeAppProperties () returned 0x3
[0276.065] GetFocus () returned 0x2e02d8
[0276.065] IsAppThemed () returned 0x1
[0276.065] GetThemeAppProperties () returned 0x3
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] IsAppThemed () returned 0x1
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] IsThemePartDefined () returned 0x1
[0276.066] IsAppThemed () returned 0x1
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0276.066] IsAppThemed () returned 0x1
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] IsAppThemed () returned 0x1
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] GetThemeAppProperties () returned 0x3
[0276.066] IsThemePartDefined () returned 0x1
[0276.066] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0276.066] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0276.066] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0276.066] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0276.066] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0276.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.067] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0276.067] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.067] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0276.067] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0276.067] LocalFree (hMem=0x11eea98) returned 0x0
[0276.067] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0276.067] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0276.067] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0276.067] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0276.067] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0276.067] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0276.067] GetCurrentObject (hdc=0x260107fc, type=0x1) returned 0xb00017
[0276.067] GetCurrentObject (hdc=0x260107fc, type=0x2) returned 0x900010
[0276.067] GetCurrentObject (hdc=0x260107fc, type=0x7) returned 0x4a0507fe
[0276.068] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.068] SaveDC (hdc=0x260107fc) returned 1
[0276.068] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc60407de
[0276.068] GetClipRgn (hdc=0x260107fc, hrgn=0xc60407de) returned 0
[0276.068] SelectClipRgn (hdc=0x260107fc, hrgn=0x38040807) returned 2
[0276.068] DeleteObject (ho=0xc60407de) returned 1
[0276.068] DeleteObject (ho=0x38040807) returned 1
[0276.068] OffsetViewportOrgEx (in: hdc=0x260107fc, x=0, y=0, lppt=0x2d659dc | out: lppt=0x2d659dc) returned 1
[0276.068] DrawThemeParentBackground () returned 0x0
[0276.068] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0276.068] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0276.069] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.069] GetSystemMetrics (nIndex=42) returned 0
[0276.069] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0276.069] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0276.069] GetCurrentObject (hdc=0x260107fc, type=0x1) returned 0xb00017
[0276.069] GetCurrentObject (hdc=0x260107fc, type=0x2) returned 0x900010
[0276.069] GetCurrentObject (hdc=0x260107fc, type=0x7) returned 0x4a0507fe
[0276.069] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.069] SaveDC (hdc=0x260107fc) returned 2
[0276.069] GetNearestColor (hdc=0x260107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.069] CreateSolidBrush (color=0xf0f0f0) returned 0x41007e1
[0276.069] FillRect (hDC=0x260107fc, lprc=0xd7da38, hbr=0x41007e1) returned 1
[0276.070] DeleteObject (ho=0x41007e1) returned 1
[0276.070] RestoreDC (hdc=0x260107fc, nSavedDC=-1) returned 1
[0276.070] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.070] GetSystemMetrics (nIndex=42) returned 0
[0276.070] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0276.070] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0276.070] GetCurrentObject (hdc=0x260107fc, type=0x1) returned 0xb00017
[0276.070] GetCurrentObject (hdc=0x260107fc, type=0x2) returned 0x900010
[0276.070] GetCurrentObject (hdc=0x260107fc, type=0x7) returned 0x4a0507fe
[0276.070] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.070] SaveDC (hdc=0x260107fc) returned 2
[0276.070] GetNearestColor (hdc=0x260107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.070] CreateSolidBrush (color=0xf0f0f0) returned 0x51007e1
[0276.070] FillRect (hDC=0x260107fc, lprc=0xd7d9d8, hbr=0x51007e1) returned 1
[0276.070] DeleteObject (ho=0x51007e1) returned 1
[0276.071] RestoreDC (hdc=0x260107fc, nSavedDC=-1) returned 1
[0276.071] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.071] GetSystemMetrics (nIndex=42) returned 0
[0276.071] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0276.071] RestoreDC (hdc=0x260107fc, nSavedDC=-1) returned 1
[0276.071] GdipReleaseDC (graphics=0x6600030, hdc=0x260107fc) returned 0x0
[0276.071] IsAppThemed () returned 0x1
[0276.071] GetThemeAppProperties () returned 0x3
[0276.071] GetThemeAppProperties () returned 0x3
[0276.071] IsAppThemed () returned 0x1
[0276.071] GetThemeAppProperties () returned 0x3
[0276.071] GetThemeAppProperties () returned 0x3
[0276.072] IsThemePartDefined () returned 0x1
[0276.072] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0276.072] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0276.072] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0276.072] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0276.072] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df74) returned 0x0
[0276.072] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0276.072] LocalFree (hMem=0x11ee9f0) returned 0x0
[0276.072] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0276.072] LocalFree (hMem=0x11ee910) returned 0x0
[0276.072] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0276.072] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0276.072] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0276.072] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0276.072] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0276.072] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0276.072] GetCurrentObject (hdc=0x260107fc, type=0x1) returned 0xb00017
[0276.072] GetCurrentObject (hdc=0x260107fc, type=0x2) returned 0x900010
[0276.073] GetCurrentObject (hdc=0x260107fc, type=0x7) returned 0x4a0507fe
[0276.073] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.073] SaveDC (hdc=0x260107fc) returned 1
[0276.073] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x39040807
[0276.073] GetClipRgn (hdc=0x260107fc, hrgn=0x39040807) returned 0
[0276.073] SelectClipRgn (hdc=0x260107fc, hrgn=0xc80407de) returned 2
[0276.073] DeleteObject (ho=0x39040807) returned 1
[0276.073] DeleteObject (ho=0xc80407de) returned 1
[0276.073] OffsetViewportOrgEx (in: hdc=0x260107fc, x=0, y=0, lppt=0x2d66288 | out: lppt=0x2d66288) returned 1
[0276.073] IsAppThemed () returned 0x1
[0276.096] GetThemeAppProperties () returned 0x3
[0276.096] GetThemeAppProperties () returned 0x3
[0276.096] DrawThemeBackground () returned 0x0
[0276.096] RestoreDC (hdc=0x260107fc, nSavedDC=-1) returned 1
[0276.096] GdipReleaseDC (graphics=0x6600030, hdc=0x260107fc) returned 0x0
[0276.096] GdipCreateRegion (region=0xd7df60) returned 0x0
[0276.096] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0276.096] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0276.096] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0276.096] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0276.096] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0276.096] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea98) returned 0x0
[0276.096] LocalFree (hMem=0x11eea98) returned 0x0
[0276.096] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0276.096] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0276.097] LocalFree (hMem=0x11ee8d8) returned 0x0
[0276.097] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0276.097] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0276.097] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df90) returned 0x0
[0276.097] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0276.097] GdipDeleteRegion (region=0x6646328) returned 0x0
[0276.097] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0276.097] GetCurrentObject (hdc=0x260107fc, type=0x1) returned 0xb00017
[0276.097] GetCurrentObject (hdc=0x260107fc, type=0x2) returned 0x900010
[0276.097] GetCurrentObject (hdc=0x260107fc, type=0x7) returned 0x4a0507fe
[0276.097] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.097] SaveDC (hdc=0x260107fc) returned 1
[0276.097] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc90407de
[0276.097] GetClipRgn (hdc=0x260107fc, hrgn=0xc90407de) returned 0
[0276.097] SelectClipRgn (hdc=0x260107fc, hrgn=0x3a040807) returned 2
[0276.097] DeleteObject (ho=0xc90407de) returned 1
[0276.097] DeleteObject (ho=0x3a040807) returned 1
[0276.097] OffsetViewportOrgEx (in: hdc=0x260107fc, x=0, y=0, lppt=0x2d6655c | out: lppt=0x2d6655c) returned 1
[0276.098] IsAppThemed () returned 0x1
[0276.098] GetThemeAppProperties () returned 0x3
[0276.098] GetThemeAppProperties () returned 0x3
[0276.098] GetThemeBackgroundContentRect () returned 0x0
[0276.098] RestoreDC (hdc=0x260107fc, nSavedDC=-1) returned 1
[0276.098] GdipReleaseDC (graphics=0x6600030, hdc=0x260107fc) returned 0x0
[0276.098] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0276.098] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0276.098] GdipCloneRegion (region=0x6646838, cloneRegion=0xd7e150) returned 0x0
[0276.098] GdipCombineRegionRectI (region=0x6646cb8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0276.098] GdipCombineRegionRectI (region=0x6646cb8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0276.098] GdipSetClipRegion (graphics=0x6600030, region=0x6646cb8, combineMode=0x0) returned 0x0
[0276.098] GdipGetImageWidth (image=0x6600640, width=0xd7e154) returned 0x0
[0276.098] GdipGetImageHeight (image=0x6600640, height=0xd7e148) returned 0x0
[0276.098] GdipDrawImageRectI (graphics=0x6600030, image=0x6600640, x=4, y=4, width=16, height=16) returned 0x0
[0276.098] GdipSetClipRegion (graphics=0x6600030, region=0x6646838, combineMode=0x0) returned 0x0
[0276.098] IsAppThemed () returned 0x1
[0276.098] GetThemeAppProperties () returned 0x3
[0276.098] GetThemeAppProperties () returned 0x3
[0276.098] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0276.099] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0276.099] GetCurrentObject (hdc=0x260107fc, type=0x1) returned 0xb00017
[0276.099] GetCurrentObject (hdc=0x260107fc, type=0x2) returned 0x900010
[0276.099] GetCurrentObject (hdc=0x260107fc, type=0x7) returned 0x4a0507fe
[0276.099] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.099] SaveDC (hdc=0x260107fc) returned 1
[0276.099] GetTextAlign (hdc=0x260107fc) returned 0x0
[0276.099] GetTextColor (hdc=0x260107fc) returned 0x0
[0276.099] GetCurrentObject (hdc=0x260107fc, type=0x6) returned 0x8a01c2
[0276.099] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0276.099] SelectObject (hdc=0x260107fc, h=0x6d0a0520) returned 0x8a01c2
[0276.099] GetBkMode (hdc=0x260107fc) returned 2
[0276.099] SetBkMode (hdc=0x260107fc, mode=1) returned 2
[0276.099] DrawTextExW (in: hdc=0x260107fc, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d6691c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0276.100] DrawTextExW (in: hdc=0x260107fc, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d6691c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0276.100] RestoreDC (hdc=0x260107fc, nSavedDC=-1) returned 1
[0276.100] GdipReleaseDC (graphics=0x6600030, hdc=0x260107fc) returned 0x0
[0276.100] GetFocus () returned 0x2e02d8
[0276.100] IsAppThemed () returned 0x1
[0276.100] GetThemeAppProperties () returned 0x3
[0276.100] GetThemeAppProperties () returned 0x3
[0276.100] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0276.100] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x260107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0276.101] GdipReleaseDC (graphics=0x6600030, hdc=0x260107fc) returned 0x0
[0276.101] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.101] SelectObject (hdc=0x260107fc, h=0x85000f) returned 0x4a0507fe
[0276.101] DeleteDC (hdc=0x260107fc) returned 1
[0276.101] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0276.101] EndPaint (hWnd=0x2e02d8, lpPaint=0xd7e24c) returned 1
[0276.101] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.101] IsWindowUnicode (hWnd=0x2602c8) returned 1
[0276.101] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.101] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.101] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.102] BeginPaint (in: hWnd=0x2602c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0276.102] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0276.102] CreateCompatibleDC (hdc=0xf0105ee) returned 0x280107fc
[0276.102] SelectObject (hdc=0x280107fc, h=0x4a0507fe) returned 0x85000f
[0276.102] GdipCreateFromHDC (hdc=0x280107fc, graphics=0xd7e268) returned 0x0
[0276.102] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0276.102] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0276.102] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0276.102] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0276.102] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0276.102] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.102] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0276.103] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.103] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0276.103] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0276.103] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.103] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0276.103] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0276.103] GdipRestoreGraphics (graphics=0x6600030, state=0xf6ea0dbd) returned 0x0
[0276.103] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.103] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0276.103] GetCurrentObject (hdc=0x280107fc, type=0x1) returned 0xb00017
[0276.103] GetCurrentObject (hdc=0x280107fc, type=0x2) returned 0x900010
[0276.103] GetCurrentObject (hdc=0x280107fc, type=0x7) returned 0x4a0507fe
[0276.103] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.103] SaveDC (hdc=0x280107fc) returned 1
[0276.103] GetNearestColor (hdc=0x280107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.104] GetNearestColor (hdc=0x280107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.104] GetNearestColor (hdc=0x280107fc, color=0x696969) returned 0x696969
[0276.104] GetNearestColor (hdc=0x280107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.104] GetNearestColor (hdc=0x280107fc, color=0x0) returned 0x0
[0276.104] GetNearestColor (hdc=0x280107fc, color=0xffffff) returned 0xffffff
[0276.104] GetNearestColor (hdc=0x280107fc, color=0xe5e5e5) returned 0xe5e5e5
[0276.104] GetNearestColor (hdc=0x280107fc, color=0xd7d7d7) returned 0xd7d7d7
[0276.104] GetNearestColor (hdc=0x280107fc, color=0x0) returned 0x0
[0276.104] RestoreDC (hdc=0x280107fc, nSavedDC=-1) returned 1
[0276.104] GdipReleaseDC (graphics=0x6600030, hdc=0x280107fc) returned 0x0
[0276.104] IsAppThemed () returned 0x1
[0276.104] GetThemeAppProperties () returned 0x3
[0276.104] GetThemeAppProperties () returned 0x3
[0276.104] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0276.105] SendMessageW (hWnd=0x2c02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0276.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0276.105] IsAppThemed () returned 0x1
[0276.105] GetThemeAppProperties () returned 0x3
[0276.105] GetThemeAppProperties () returned 0x3
[0276.105] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d6712c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0276.105] IsAppThemed () returned 0x1
[0276.105] GetThemeAppProperties () returned 0x3
[0276.105] GetThemeAppProperties () returned 0x3
[0276.105] IsAppThemed () returned 0x1
[0276.105] GetThemeAppProperties () returned 0x3
[0276.105] GetThemeAppProperties () returned 0x3
[0276.105] IsAppThemed () returned 0x1
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] IsAppThemed () returned 0x1
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] IsThemePartDefined () returned 0x1
[0276.106] IsAppThemed () returned 0x1
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0276.106] IsAppThemed () returned 0x1
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] IsAppThemed () returned 0x1
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] GetThemeAppProperties () returned 0x3
[0276.106] IsThemePartDefined () returned 0x1
[0276.106] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0276.106] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.106] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0276.107] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0276.107] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfe4) returned 0x0
[0276.107] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.107] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0276.107] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.107] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0276.107] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee910) returned 0x0
[0276.107] LocalFree (hMem=0x11ee910) returned 0x0
[0276.107] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0276.107] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0276.107] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0276.107] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0276.107] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.107] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0276.107] GetCurrentObject (hdc=0x280107fc, type=0x1) returned 0xb00017
[0276.107] GetCurrentObject (hdc=0x280107fc, type=0x2) returned 0x900010
[0276.107] GetCurrentObject (hdc=0x280107fc, type=0x7) returned 0x4a0507fe
[0276.108] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.108] SaveDC (hdc=0x280107fc) returned 1
[0276.108] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3b040807
[0276.108] GetClipRgn (hdc=0x280107fc, hrgn=0x3b040807) returned 0
[0276.108] SelectClipRgn (hdc=0x280107fc, hrgn=0xcd0407de) returned 2
[0276.108] DeleteObject (ho=0x3b040807) returned 1
[0276.108] DeleteObject (ho=0xcd0407de) returned 1
[0276.108] OffsetViewportOrgEx (in: hdc=0x280107fc, x=0, y=0, lppt=0x2d677dc | out: lppt=0x2d677dc) returned 1
[0276.108] DrawThemeParentBackground () returned 0x0
[0276.108] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0276.108] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0276.108] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.108] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.109] GetSystemMetrics (nIndex=42) returned 0
[0276.109] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.109] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0276.109] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0276.109] GetCurrentObject (hdc=0x280107fc, type=0x1) returned 0xb00017
[0276.109] GetCurrentObject (hdc=0x280107fc, type=0x2) returned 0x900010
[0276.109] GetCurrentObject (hdc=0x280107fc, type=0x7) returned 0x4a0507fe
[0276.109] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.109] SaveDC (hdc=0x280107fc) returned 2
[0276.109] GetNearestColor (hdc=0x280107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.109] CreateSolidBrush (color=0xf0f0f0) returned 0x61007e1
[0276.109] FillRect (hDC=0x280107fc, lprc=0xd7da30, hbr=0x61007e1) returned 1
[0276.109] DeleteObject (ho=0x61007e1) returned 1
[0276.109] RestoreDC (hdc=0x280107fc, nSavedDC=-1) returned 1
[0276.110] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.110] GetSystemMetrics (nIndex=42) returned 0
[0276.110] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0276.110] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0276.110] GetCurrentObject (hdc=0x280107fc, type=0x1) returned 0xb00017
[0276.110] GetCurrentObject (hdc=0x280107fc, type=0x2) returned 0x900010
[0276.110] GetCurrentObject (hdc=0x280107fc, type=0x7) returned 0x4a0507fe
[0276.110] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.110] SaveDC (hdc=0x280107fc) returned 2
[0276.110] GetNearestColor (hdc=0x280107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.110] CreateSolidBrush (color=0xf0f0f0) returned 0x71007e1
[0276.110] FillRect (hDC=0x280107fc, lprc=0xd7d9d0, hbr=0x71007e1) returned 1
[0276.110] DeleteObject (ho=0x71007e1) returned 1
[0276.110] RestoreDC (hdc=0x280107fc, nSavedDC=-1) returned 1
[0276.111] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.111] GetSystemMetrics (nIndex=42) returned 0
[0276.111] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0276.111] RestoreDC (hdc=0x280107fc, nSavedDC=-1) returned 1
[0276.111] GdipReleaseDC (graphics=0x6600030, hdc=0x280107fc) returned 0x0
[0276.111] IsAppThemed () returned 0x1
[0276.111] GetThemeAppProperties () returned 0x3
[0276.111] GetThemeAppProperties () returned 0x3
[0276.111] IsAppThemed () returned 0x1
[0276.111] GetThemeAppProperties () returned 0x3
[0276.111] GetThemeAppProperties () returned 0x3
[0276.111] IsThemePartDefined () returned 0x1
[0276.112] GdipCreateRegion (region=0xd7df50) returned 0x0
[0276.112] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.112] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0276.112] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0276.112] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0276.112] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0276.112] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0276.112] LocalFree (hMem=0x11ee8d8) returned 0x0
[0276.112] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0276.112] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0276.112] LocalFree (hMem=0x11ee9f0) returned 0x0
[0276.112] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0276.112] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0276.112] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0276.112] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0276.112] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.113] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0276.113] GetCurrentObject (hdc=0x280107fc, type=0x1) returned 0xb00017
[0276.113] GetCurrentObject (hdc=0x280107fc, type=0x2) returned 0x900010
[0276.113] GetCurrentObject (hdc=0x280107fc, type=0x7) returned 0x4a0507fe
[0276.113] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.113] SaveDC (hdc=0x280107fc) returned 1
[0276.113] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xce0407de
[0276.113] GetClipRgn (hdc=0x280107fc, hrgn=0xce0407de) returned 0
[0276.113] SelectClipRgn (hdc=0x280107fc, hrgn=0x3d040807) returned 2
[0276.113] DeleteObject (ho=0xce0407de) returned 1
[0276.113] DeleteObject (ho=0x3d040807) returned 1
[0276.113] OffsetViewportOrgEx (in: hdc=0x280107fc, x=0, y=0, lppt=0x2d68088 | out: lppt=0x2d68088) returned 1
[0276.113] IsAppThemed () returned 0x1
[0276.114] GetThemeAppProperties () returned 0x3
[0276.114] GetThemeAppProperties () returned 0x3
[0276.114] DrawThemeBackground () returned 0x0
[0276.114] RestoreDC (hdc=0x280107fc, nSavedDC=-1) returned 1
[0276.114] GdipReleaseDC (graphics=0x6600030, hdc=0x280107fc) returned 0x0
[0276.114] GdipCreateRegion (region=0xd7df54) returned 0x0
[0276.114] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.114] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0276.114] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0276.114] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df6c) returned 0x0
[0276.114] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0276.114] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee8d8) returned 0x0
[0276.115] LocalFree (hMem=0x11ee8d8) returned 0x0
[0276.115] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0276.115] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee910) returned 0x0
[0276.115] LocalFree (hMem=0x11ee910) returned 0x0
[0276.115] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0276.115] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0276.115] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0276.115] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0276.115] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.115] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0276.115] GetCurrentObject (hdc=0x280107fc, type=0x1) returned 0xb00017
[0276.115] GetCurrentObject (hdc=0x280107fc, type=0x2) returned 0x900010
[0276.115] GetCurrentObject (hdc=0x280107fc, type=0x7) returned 0x4a0507fe
[0276.115] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.115] SaveDC (hdc=0x280107fc) returned 1
[0276.115] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3e040807
[0276.116] GetClipRgn (hdc=0x280107fc, hrgn=0x3e040807) returned 0
[0276.116] SelectClipRgn (hdc=0x280107fc, hrgn=0xcf0407de) returned 2
[0276.116] DeleteObject (ho=0x3e040807) returned 1
[0276.116] DeleteObject (ho=0xcf0407de) returned 1
[0276.116] OffsetViewportOrgEx (in: hdc=0x280107fc, x=0, y=0, lppt=0x2d6835c | out: lppt=0x2d6835c) returned 1
[0276.116] IsAppThemed () returned 0x1
[0276.116] GetThemeAppProperties () returned 0x3
[0276.116] GetThemeAppProperties () returned 0x3
[0276.116] GetThemeBackgroundContentRect () returned 0x0
[0276.116] RestoreDC (hdc=0x280107fc, nSavedDC=-1) returned 1
[0276.116] GdipReleaseDC (graphics=0x6600030, hdc=0x280107fc) returned 0x0
[0276.116] IsAppThemed () returned 0x1
[0276.116] GetThemeAppProperties () returned 0x3
[0276.116] GetThemeAppProperties () returned 0x3
[0276.116] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0276.116] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0276.116] GetCurrentObject (hdc=0x280107fc, type=0x1) returned 0xb00017
[0276.117] GetCurrentObject (hdc=0x280107fc, type=0x2) returned 0x900010
[0276.117] GetCurrentObject (hdc=0x280107fc, type=0x7) returned 0x4a0507fe
[0276.117] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.117] SaveDC (hdc=0x280107fc) returned 1
[0276.117] GetTextAlign (hdc=0x280107fc) returned 0x0
[0276.117] GetTextColor (hdc=0x280107fc) returned 0x0
[0276.117] GetCurrentObject (hdc=0x280107fc, type=0x6) returned 0x8a01c2
[0276.117] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0276.117] SelectObject (hdc=0x280107fc, h=0x6d0a0520) returned 0x8a01c2
[0276.117] GetBkMode (hdc=0x280107fc) returned 2
[0276.117] SetBkMode (hdc=0x280107fc, mode=1) returned 2
[0276.117] DrawTextExW (in: hdc=0x280107fc, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d686fc | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0276.118] DrawTextExW (in: hdc=0x280107fc, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d686fc | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0276.118] RestoreDC (hdc=0x280107fc, nSavedDC=-1) returned 1
[0276.118] GdipReleaseDC (graphics=0x6600030, hdc=0x280107fc) returned 0x0
[0276.118] GetFocus () returned 0x2e02d8
[0276.118] IsAppThemed () returned 0x1
[0276.118] GetThemeAppProperties () returned 0x3
[0276.118] GetThemeAppProperties () returned 0x3
[0276.118] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0276.118] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x280107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0276.119] GdipReleaseDC (graphics=0x6600030, hdc=0x280107fc) returned 0x0
[0276.119] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.119] SelectObject (hdc=0x280107fc, h=0x85000f) returned 0x4a0507fe
[0276.119] DeleteDC (hdc=0x280107fc) returned 1
[0276.119] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0276.119] EndPaint (hWnd=0x2602c8, lpPaint=0xd7e24c) returned 1
[0276.119] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.119] IsWindowUnicode (hWnd=0x2f00ea) returned 1
[0276.119] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.119] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.119] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.120] BeginPaint (in: hWnd=0x2f00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0276.120] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0276.120] CreateCompatibleDC (hdc=0xc0107c5) returned 0x2a0107fc
[0276.120] SelectObject (hdc=0x2a0107fc, h=0x4a0507fe) returned 0x85000f
[0276.120] GdipCreateFromHDC (hdc=0x2a0107fc, graphics=0xd7e268) returned 0x0
[0276.120] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0276.120] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0276.120] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0276.120] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0276.120] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0276.120] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0276.120] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0276.120] LocalFree (hMem=0x11ee788) returned 0x0
[0276.121] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0276.121] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0276.121] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0276.121] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0276.121] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0276.121] GdipRestoreGraphics (graphics=0x6600030, state=0xf6e80dbd) returned 0x0
[0276.121] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0276.121] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0276.121] GetCurrentObject (hdc=0x2a0107fc, type=0x1) returned 0xb00017
[0276.121] GetCurrentObject (hdc=0x2a0107fc, type=0x2) returned 0x900010
[0276.121] GetCurrentObject (hdc=0x2a0107fc, type=0x7) returned 0x4a0507fe
[0276.121] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.121] SaveDC (hdc=0x2a0107fc) returned 1
[0276.121] GetNearestColor (hdc=0x2a0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.121] GetNearestColor (hdc=0x2a0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.121] GetNearestColor (hdc=0x2a0107fc, color=0x696969) returned 0x696969
[0276.122] GetNearestColor (hdc=0x2a0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.122] GetNearestColor (hdc=0x2a0107fc, color=0x0) returned 0x0
[0276.122] GetNearestColor (hdc=0x2a0107fc, color=0xffffff) returned 0xffffff
[0276.122] GetNearestColor (hdc=0x2a0107fc, color=0xe5e5e5) returned 0xe5e5e5
[0276.122] GetNearestColor (hdc=0x2a0107fc, color=0xd7d7d7) returned 0xd7d7d7
[0276.127] GetNearestColor (hdc=0x2a0107fc, color=0x0) returned 0x0
[0276.127] RestoreDC (hdc=0x2a0107fc, nSavedDC=-1) returned 1
[0276.127] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107fc) returned 0x0
[0276.127] IsAppThemed () returned 0x1
[0276.127] GetThemeAppProperties () returned 0x3
[0276.127] GetThemeAppProperties () returned 0x3
[0276.128] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0276.128] SendMessageW (hWnd=0x2c02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0276.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0276.128] IsAppThemed () returned 0x1
[0276.128] GetThemeAppProperties () returned 0x3
[0276.128] GetThemeAppProperties () returned 0x3
[0276.128] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d68f0c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0276.128] IsAppThemed () returned 0x1
[0276.128] GetThemeAppProperties () returned 0x3
[0276.128] GetThemeAppProperties () returned 0x3
[0276.128] IsAppThemed () returned 0x1
[0276.128] GetThemeAppProperties () returned 0x3
[0276.128] GetThemeAppProperties () returned 0x3
[0276.128] GetFocus () returned 0x2e02d8
[0276.129] IsAppThemed () returned 0x1
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] IsAppThemed () returned 0x1
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] IsThemePartDefined () returned 0x1
[0276.129] IsAppThemed () returned 0x1
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0276.129] IsAppThemed () returned 0x1
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] IsAppThemed () returned 0x1
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] GetThemeAppProperties () returned 0x3
[0276.129] IsThemePartDefined () returned 0x1
[0276.129] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0276.129] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.129] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0276.129] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0276.129] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dff0) returned 0x0
[0276.130] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0276.130] LocalFree (hMem=0x11ee788) returned 0x0
[0276.130] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee8d8) returned 0x0
[0276.130] LocalFree (hMem=0x11ee8d8) returned 0x0
[0276.130] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0276.130] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0276.130] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0276.130] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0276.130] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.130] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0276.130] GetCurrentObject (hdc=0x2a0107fc, type=0x1) returned 0xb00017
[0276.130] GetCurrentObject (hdc=0x2a0107fc, type=0x2) returned 0x900010
[0276.130] GetCurrentObject (hdc=0x2a0107fc, type=0x7) returned 0x4a0507fe
[0276.130] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.130] SaveDC (hdc=0x2a0107fc) returned 1
[0276.131] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd00407de
[0276.131] GetClipRgn (hdc=0x2a0107fc, hrgn=0xd00407de) returned 0
[0276.131] SelectClipRgn (hdc=0x2a0107fc, hrgn=0x42040807) returned 2
[0276.131] DeleteObject (ho=0xd00407de) returned 1
[0276.131] DeleteObject (ho=0x42040807) returned 1
[0276.131] OffsetViewportOrgEx (in: hdc=0x2a0107fc, x=0, y=0, lppt=0x2d695bc | out: lppt=0x2d695bc) returned 1
[0276.131] DrawThemeParentBackground () returned 0x0
[0276.131] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0276.131] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0276.131] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.131] GetSystemMetrics (nIndex=42) returned 0
[0276.132] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0276.132] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0276.132] GetCurrentObject (hdc=0x2a0107fc, type=0x1) returned 0xb00017
[0276.132] GetCurrentObject (hdc=0x2a0107fc, type=0x2) returned 0x900010
[0276.132] GetCurrentObject (hdc=0x2a0107fc, type=0x7) returned 0x4a0507fe
[0276.132] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.132] SaveDC (hdc=0x2a0107fc) returned 2
[0276.132] GetNearestColor (hdc=0x2a0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.132] CreateSolidBrush (color=0xf0f0f0) returned 0x81007e1
[0276.132] FillRect (hDC=0x2a0107fc, lprc=0xd7da38, hbr=0x81007e1) returned 1
[0276.132] DeleteObject (ho=0x81007e1) returned 1
[0276.132] RestoreDC (hdc=0x2a0107fc, nSavedDC=-1) returned 1
[0276.132] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.133] GetSystemMetrics (nIndex=42) returned 0
[0276.133] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0276.133] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0276.133] GetCurrentObject (hdc=0x2a0107fc, type=0x1) returned 0xb00017
[0276.133] GetCurrentObject (hdc=0x2a0107fc, type=0x2) returned 0x900010
[0276.133] GetCurrentObject (hdc=0x2a0107fc, type=0x7) returned 0x4a0507fe
[0276.133] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.133] SaveDC (hdc=0x2a0107fc) returned 2
[0276.133] GetNearestColor (hdc=0x2a0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.133] CreateSolidBrush (color=0xf0f0f0) returned 0x91007e1
[0276.133] FillRect (hDC=0x2a0107fc, lprc=0xd7d9d8, hbr=0x91007e1) returned 1
[0276.133] DeleteObject (ho=0x91007e1) returned 1
[0276.133] RestoreDC (hdc=0x2a0107fc, nSavedDC=-1) returned 1
[0276.133] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.134] GetSystemMetrics (nIndex=42) returned 0
[0276.134] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0276.134] RestoreDC (hdc=0x2a0107fc, nSavedDC=-1) returned 1
[0276.134] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107fc) returned 0x0
[0276.134] IsAppThemed () returned 0x1
[0276.134] GetThemeAppProperties () returned 0x3
[0276.134] GetThemeAppProperties () returned 0x3
[0276.134] IsAppThemed () returned 0x1
[0276.134] GetThemeAppProperties () returned 0x3
[0276.134] GetThemeAppProperties () returned 0x3
[0276.134] IsThemePartDefined () returned 0x1
[0276.134] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0276.134] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0276.135] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0276.135] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0276.135] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0276.135] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0276.135] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0276.135] LocalFree (hMem=0x11ee868) returned 0x0
[0276.135] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0276.135] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0276.135] LocalFree (hMem=0x11ee788) returned 0x0
[0276.135] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0276.135] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0276.135] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0276.135] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0276.201] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0276.201] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0276.201] GetCurrentObject (hdc=0x2a0107fc, type=0x1) returned 0xb00017
[0276.201] GetCurrentObject (hdc=0x2a0107fc, type=0x2) returned 0x900010
[0276.202] GetCurrentObject (hdc=0x2a0107fc, type=0x7) returned 0x4a0507fe
[0276.210] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.210] SaveDC (hdc=0x2a0107fc) returned 1
[0276.210] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x43040807
[0276.210] GetClipRgn (hdc=0x2a0107fc, hrgn=0x43040807) returned 0
[0276.210] SelectClipRgn (hdc=0x2a0107fc, hrgn=0xd20407de) returned 2
[0276.210] DeleteObject (ho=0x43040807) returned 1
[0276.210] DeleteObject (ho=0xd20407de) returned 1
[0276.210] OffsetViewportOrgEx (in: hdc=0x2a0107fc, x=0, y=0, lppt=0x2d69e68 | out: lppt=0x2d69e68) returned 1
[0276.210] IsAppThemed () returned 0x1
[0276.234] GetThemeAppProperties () returned 0x3
[0276.234] GetThemeAppProperties () returned 0x3
[0276.234] DrawThemeBackground () returned 0x0
[0276.234] RestoreDC (hdc=0x2a0107fc, nSavedDC=-1) returned 1
[0276.234] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107fc) returned 0x0
[0276.234] GdipCreateRegion (region=0xd7df60) returned 0x0
[0276.234] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.234] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0276.234] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0276.235] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0276.235] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.235] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0276.235] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.235] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0276.235] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0276.235] LocalFree (hMem=0x11ee788) returned 0x0
[0276.235] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0276.235] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0276.235] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0276.235] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0276.235] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.235] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0276.235] GetCurrentObject (hdc=0x2a0107fc, type=0x1) returned 0xb00017
[0276.235] GetCurrentObject (hdc=0x2a0107fc, type=0x2) returned 0x900010
[0276.236] GetCurrentObject (hdc=0x2a0107fc, type=0x7) returned 0x4a0507fe
[0276.236] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.236] SaveDC (hdc=0x2a0107fc) returned 1
[0276.236] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd30407de
[0276.236] GetClipRgn (hdc=0x2a0107fc, hrgn=0xd30407de) returned 0
[0276.236] SelectClipRgn (hdc=0x2a0107fc, hrgn=0x44040807) returned 2
[0276.236] DeleteObject (ho=0xd30407de) returned 1
[0276.236] DeleteObject (ho=0x44040807) returned 1
[0276.236] OffsetViewportOrgEx (in: hdc=0x2a0107fc, x=0, y=0, lppt=0x2d6a13c | out: lppt=0x2d6a13c) returned 1
[0276.236] IsAppThemed () returned 0x1
[0276.236] GetThemeAppProperties () returned 0x3
[0276.236] GetThemeAppProperties () returned 0x3
[0276.236] GetThemeBackgroundContentRect () returned 0x0
[0276.236] RestoreDC (hdc=0x2a0107fc, nSavedDC=-1) returned 1
[0276.237] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107fc) returned 0x0
[0276.237] IsAppThemed () returned 0x1
[0276.237] GetThemeAppProperties () returned 0x3
[0276.237] GetThemeAppProperties () returned 0x3
[0276.237] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0276.237] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0276.237] GetCurrentObject (hdc=0x2a0107fc, type=0x1) returned 0xb00017
[0276.237] GetCurrentObject (hdc=0x2a0107fc, type=0x2) returned 0x900010
[0276.237] GetCurrentObject (hdc=0x2a0107fc, type=0x7) returned 0x4a0507fe
[0276.237] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.237] SaveDC (hdc=0x2a0107fc) returned 1
[0276.237] GetTextAlign (hdc=0x2a0107fc) returned 0x0
[0276.237] GetTextColor (hdc=0x2a0107fc) returned 0x0
[0276.237] GetCurrentObject (hdc=0x2a0107fc, type=0x6) returned 0x8a01c2
[0276.237] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0276.238] SelectObject (hdc=0x2a0107fc, h=0x6d0a0520) returned 0x8a01c2
[0276.238] GetBkMode (hdc=0x2a0107fc) returned 2
[0276.238] SetBkMode (hdc=0x2a0107fc, mode=1) returned 2
[0276.238] DrawTextExW (in: hdc=0x2a0107fc, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d6a4dc | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0276.238] DrawTextExW (in: hdc=0x2a0107fc, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d6a4dc | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0276.238] RestoreDC (hdc=0x2a0107fc, nSavedDC=-1) returned 1
[0276.238] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107fc) returned 0x0
[0276.239] GetFocus () returned 0x2e02d8
[0276.239] IsAppThemed () returned 0x1
[0276.239] GetThemeAppProperties () returned 0x3
[0276.239] GetThemeAppProperties () returned 0x3
[0276.239] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0276.239] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x2a0107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0276.239] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107fc) returned 0x0
[0276.239] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.240] SelectObject (hdc=0x2a0107fc, h=0x85000f) returned 0x4a0507fe
[0276.240] DeleteDC (hdc=0x2a0107fc) returned 1
[0276.240] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0276.240] EndPaint (hWnd=0x2f00ea, lpPaint=0xd7e24c) returned 1
[0276.240] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.240] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.240] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.241] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.241] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.241] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.241] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.241] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.242] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.242] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.242] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.242] IsWindowUnicode (hWnd=0x2602c8) returned 1
[0276.242] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.242] GetDlgItem (hDlg=0x2c02de, nIDDlgItem=0) returned 0x0
[0276.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x210, wParam=0x201, lParam=0x650123) returned 0x0
[0276.242] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x21, wParam=0x2c02de, lParam=0x2010001) returned 0x1
[0276.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x21, wParam=0x2c02de, lParam=0x2010001) returned 0x1
[0276.243] SetCursor (hCursor=0x10003) returned 0x10003
[0276.243] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.243] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.243] GetKeyState (nVirtKey=1) returned -127
[0276.243] GetKeyState (nVirtKey=2) returned 0
[0276.243] GetKeyState (nVirtKey=4) returned 0
[0276.243] GetKeyState (nVirtKey=5) returned 0
[0276.243] GetKeyState (nVirtKey=6) returned 0
[0276.243] IsWindowVisible (hWnd=0x2602c8) returned 1
[0276.243] IsWindowEnabled (hWnd=0x2602c8) returned 1
[0276.243] SetFocus (hWnd=0x2602c8) returned 0x2e02d8
[0276.243] GetFocus () returned 0x2602c8
[0276.243] IsChild (hWndParent=0x2c02de, hWnd=0x2602c8) returned 1
[0276.243] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x8, wParam=0x2602c8, lParam=0x0) returned 0x0
[0276.243] GetCapture () returned 0x0
[0276.243] InvalidateRect (hWnd=0x2e02d8, lpRect=0x0, bErase=0) returned 1
[0276.245] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0276.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0276.252] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0276.252] InvalidateRect (hWnd=0x2e02d8, lpRect=0x0, bErase=0) returned 1
[0276.252] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0276.252] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x7, wParam=0x2e02d8, lParam=0x0) returned 0x0
[0276.252] GetStockObject (i=5) returned 0x900015
[0276.253] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0276.253] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0276.253] GetDlgItem (hDlg=0x2c02de, nIDDlgItem=2491080) returned 0x2602c8
[0276.253] SendMessageW (hWnd=0x2602c8, Msg=0x202b, wParam=0x2602c8, lParam=0xd7dddc) returned 0x0
[0276.253] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x202b, wParam=0x2602c8, lParam=0xd7dddc) returned 0x0
[0276.253] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0276.255] GetFocus () returned 0x2602c8
[0276.255] GetFocus () returned 0x2602c8
[0276.255] GetFocus () returned 0x2602c8
[0276.255] GetKeyState (nVirtKey=1) returned -127
[0276.255] GetKeyState (nVirtKey=2) returned 0
[0276.255] GetKeyState (nVirtKey=4) returned 0
[0276.255] GetKeyState (nVirtKey=5) returned 0
[0276.255] GetKeyState (nVirtKey=6) returned 0
[0276.255] GetCapture () returned 0x0
[0276.255] SetCapture (hWnd=0x2602c8) returned 0x0
[0276.255] GetKeyState (nVirtKey=1) returned -127
[0276.255] GetKeyState (nVirtKey=2) returned 0
[0276.255] GetKeyState (nVirtKey=4) returned 0
[0276.255] GetKeyState (nVirtKey=5) returned 0
[0276.255] GetKeyState (nVirtKey=6) returned 0
[0276.255] NotifyWinEvent (event=0x800a, hwnd=0x2602c8, idObject=-4, idChild=0)
[0276.255] InvalidateRect (hWnd=0x2602c8, lpRect=0xd7e430, bErase=0) returned 1
[0276.256] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.257] IsWindowUnicode (hWnd=0x2602c8) returned 1
[0276.257] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.257] TranslateMessage (lpMsg=0xd7e808) returned 0
[0276.257] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0276.257] MapWindowPoints (in: hWndFrom=0x2602c8, hWndTo=0x0, lpPoints=0x2d6a6cc, cPoints=0x1 | out: lpPoints=0x2d6a6cc) returned 30999254
[0276.257] NotifyWinEvent (event=0x800a, hwnd=0x2602c8, idObject=-4, idChild=0)
[0276.257] InvalidateRect (hWnd=0x2602c8, lpRect=0xd7e3d0, bErase=0) returned 1
[0276.257] UpdateWindow (hWnd=0x2602c8) returned 1
[0276.258] BeginPaint (in: hWnd=0x2602c8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0276.258] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0276.258] CreateCompatibleDC (hdc=0xf0105ee) returned 0x2b0107fc
[0276.258] SelectObject (hdc=0x2b0107fc, h=0x4a0507fe) returned 0x85000f
[0276.258] GdipCreateFromHDC (hdc=0x2b0107fc, graphics=0xd7df00) returned 0x0
[0276.258] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0276.258] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0276.258] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0276.259] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0276.259] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df60) returned 0x0
[0276.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.260] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eecc8) returned 0x0
[0276.260] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.260] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0276.260] GdipCreateRegion (region=0xd7df48) returned 0x0
[0276.260] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.260] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0276.260] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0276.260] GdipRestoreGraphics (graphics=0x6600030, state=0xf6e60dbd) returned 0x0
[0276.260] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.260] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0276.260] GetCurrentObject (hdc=0x2b0107fc, type=0x1) returned 0xb00017
[0276.260] GetCurrentObject (hdc=0x2b0107fc, type=0x2) returned 0x900010
[0276.260] GetCurrentObject (hdc=0x2b0107fc, type=0x7) returned 0x4a0507fe
[0276.260] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.260] SaveDC (hdc=0x2b0107fc) returned 1
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0x696969) returned 0x696969
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0xa0a0a0) returned 0xa0a0a0
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0x0) returned 0x0
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0xffffff) returned 0xffffff
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0xe5e5e5) returned 0xe5e5e5
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0xd7d7d7) returned 0xd7d7d7
[0276.261] GetNearestColor (hdc=0x2b0107fc, color=0x0) returned 0x0
[0276.261] RestoreDC (hdc=0x2b0107fc, nSavedDC=-1) returned 1
[0276.261] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107fc) returned 0x0
[0276.261] IsAppThemed () returned 0x1
[0276.262] GetThemeAppProperties () returned 0x3
[0276.262] GetThemeAppProperties () returned 0x3
[0276.262] IsAppThemed () returned 0x1
[0276.262] GetThemeAppProperties () returned 0x3
[0276.262] GetThemeAppProperties () returned 0x3
[0276.262] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d6ae24 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0276.262] IsAppThemed () returned 0x1
[0276.262] GetThemeAppProperties () returned 0x3
[0276.265] GetThemeAppProperties () returned 0x3
[0276.265] IsAppThemed () returned 0x1
[0276.265] GetThemeAppProperties () returned 0x3
[0276.265] GetThemeAppProperties () returned 0x3
[0276.265] IsAppThemed () returned 0x1
[0276.265] GetThemeAppProperties () returned 0x3
[0276.265] GetThemeAppProperties () returned 0x3
[0276.265] IsAppThemed () returned 0x1
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] IsThemePartDefined () returned 0x1
[0276.266] IsAppThemed () returned 0x1
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0276.266] IsAppThemed () returned 0x1
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] IsAppThemed () returned 0x1
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] GetThemeAppProperties () returned 0x3
[0276.266] IsThemePartDefined () returned 0x1
[0276.266] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0276.266] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.266] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0276.266] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0276.266] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc7c) returned 0x0
[0276.267] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0276.267] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0276.267] LocalFree (hMem=0x11ee868) returned 0x0
[0276.267] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.267] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0276.267] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.267] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0276.267] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0276.267] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0276.267] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0276.267] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.267] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0276.267] GetCurrentObject (hdc=0x2b0107fc, type=0x1) returned 0xb00017
[0276.267] GetCurrentObject (hdc=0x2b0107fc, type=0x2) returned 0x900010
[0276.267] GetCurrentObject (hdc=0x2b0107fc, type=0x7) returned 0x4a0507fe
[0276.268] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.268] SaveDC (hdc=0x2b0107fc) returned 1
[0276.268] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x45040807
[0276.268] GetClipRgn (hdc=0x2b0107fc, hrgn=0x45040807) returned 0
[0276.268] SelectClipRgn (hdc=0x2b0107fc, hrgn=0xd70407de) returned 2
[0276.268] DeleteObject (ho=0x45040807) returned 1
[0276.268] DeleteObject (ho=0xd70407de) returned 1
[0276.268] OffsetViewportOrgEx (in: hdc=0x2b0107fc, x=0, y=0, lppt=0x2d6b4d4 | out: lppt=0x2d6b4d4) returned 1
[0276.268] DrawThemeParentBackground () returned 0x0
[0276.268] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0276.268] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0276.268] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.269] GetSystemMetrics (nIndex=42) returned 0
[0276.269] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0276.269] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0276.269] GetCurrentObject (hdc=0x2b0107fc, type=0x1) returned 0xb00017
[0276.269] GetCurrentObject (hdc=0x2b0107fc, type=0x2) returned 0x900010
[0276.269] GetCurrentObject (hdc=0x2b0107fc, type=0x7) returned 0x4a0507fe
[0276.269] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.270] SaveDC (hdc=0x2b0107fc) returned 2
[0276.270] GetNearestColor (hdc=0x2b0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.270] CreateSolidBrush (color=0xf0f0f0) returned 0xa1007e1
[0276.270] FillRect (hDC=0x2b0107fc, lprc=0xd7d6c8, hbr=0xa1007e1) returned 1
[0276.270] DeleteObject (ho=0xa1007e1) returned 1
[0276.270] RestoreDC (hdc=0x2b0107fc, nSavedDC=-1) returned 1
[0276.270] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.270] GetSystemMetrics (nIndex=42) returned 0
[0276.270] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0276.270] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0276.270] GetCurrentObject (hdc=0x2b0107fc, type=0x1) returned 0xb00017
[0276.270] GetCurrentObject (hdc=0x2b0107fc, type=0x2) returned 0x900010
[0276.270] GetCurrentObject (hdc=0x2b0107fc, type=0x7) returned 0x4a0507fe
[0276.270] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.271] SaveDC (hdc=0x2b0107fc) returned 2
[0276.271] GetNearestColor (hdc=0x2b0107fc, color=0xf0f0f0) returned 0xf0f0f0
[0276.271] CreateSolidBrush (color=0xf0f0f0) returned 0xb1007e1
[0276.271] FillRect (hDC=0x2b0107fc, lprc=0xd7d668, hbr=0xb1007e1) returned 1
[0276.271] DeleteObject (ho=0xb1007e1) returned 1
[0276.271] RestoreDC (hdc=0x2b0107fc, nSavedDC=-1) returned 1
[0276.271] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.271] GetSystemMetrics (nIndex=42) returned 0
[0276.271] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0276.271] RestoreDC (hdc=0x2b0107fc, nSavedDC=-1) returned 1
[0276.272] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107fc) returned 0x0
[0276.272] IsAppThemed () returned 0x1
[0276.272] GetThemeAppProperties () returned 0x3
[0276.272] GetThemeAppProperties () returned 0x3
[0276.272] IsAppThemed () returned 0x1
[0276.272] GetThemeAppProperties () returned 0x3
[0276.272] GetThemeAppProperties () returned 0x3
[0276.272] IsThemePartDefined () returned 0x1
[0276.272] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0276.272] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.272] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0276.272] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0276.272] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc00) returned 0x0
[0276.272] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0276.272] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee910) returned 0x0
[0276.272] LocalFree (hMem=0x11ee910) returned 0x0
[0276.272] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.272] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0276.272] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.272] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0276.272] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0276.272] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0276.273] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0276.273] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.273] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0276.273] GetCurrentObject (hdc=0x2b0107fc, type=0x1) returned 0xb00017
[0276.273] GetCurrentObject (hdc=0x2b0107fc, type=0x2) returned 0x900010
[0276.273] GetCurrentObject (hdc=0x2b0107fc, type=0x7) returned 0x4a0507fe
[0276.273] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.273] SaveDC (hdc=0x2b0107fc) returned 1
[0276.273] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd80407de
[0276.273] GetClipRgn (hdc=0x2b0107fc, hrgn=0xd80407de) returned 0
[0276.273] SelectClipRgn (hdc=0x2b0107fc, hrgn=0x47040807) returned 2
[0276.273] DeleteObject (ho=0xd80407de) returned 1
[0276.273] DeleteObject (ho=0x47040807) returned 1
[0276.273] OffsetViewportOrgEx (in: hdc=0x2b0107fc, x=0, y=0, lppt=0x2d6bd80 | out: lppt=0x2d6bd80) returned 1
[0276.273] IsAppThemed () returned 0x1
[0276.273] GetThemeAppProperties () returned 0x3
[0276.273] GetThemeAppProperties () returned 0x3
[0276.273] DrawThemeBackground () returned 0x0
[0276.273] RestoreDC (hdc=0x2b0107fc, nSavedDC=-1) returned 1
[0276.274] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107fc) returned 0x0
[0276.274] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0276.274] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0276.274] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0276.274] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0276.274] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc04) returned 0x0
[0276.274] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0276.274] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0276.274] LocalFree (hMem=0x11ee8d8) returned 0x0
[0276.274] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.274] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0276.274] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.274] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0276.274] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0276.274] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0276.274] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0276.274] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0276.274] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0276.274] GetCurrentObject (hdc=0x2b0107fc, type=0x1) returned 0xb00017
[0276.274] GetCurrentObject (hdc=0x2b0107fc, type=0x2) returned 0x900010
[0276.274] GetCurrentObject (hdc=0x2b0107fc, type=0x7) returned 0x4a0507fe
[0276.275] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.275] SaveDC (hdc=0x2b0107fc) returned 1
[0276.275] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x48040807
[0276.275] GetClipRgn (hdc=0x2b0107fc, hrgn=0x48040807) returned 0
[0276.275] SelectClipRgn (hdc=0x2b0107fc, hrgn=0xd90407de) returned 2
[0276.275] DeleteObject (ho=0x48040807) returned 1
[0276.275] DeleteObject (ho=0xd90407de) returned 1
[0276.275] OffsetViewportOrgEx (in: hdc=0x2b0107fc, x=0, y=0, lppt=0x2d6c054 | out: lppt=0x2d6c054) returned 1
[0276.275] IsAppThemed () returned 0x1
[0276.275] GetThemeAppProperties () returned 0x3
[0276.275] GetThemeAppProperties () returned 0x3
[0276.275] GetThemeBackgroundContentRect () returned 0x0
[0276.275] RestoreDC (hdc=0x2b0107fc, nSavedDC=-1) returned 1
[0276.275] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107fc) returned 0x0
[0276.275] IsAppThemed () returned 0x1
[0276.275] GetThemeAppProperties () returned 0x3
[0276.275] GetThemeAppProperties () returned 0x3
[0276.275] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0276.275] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0276.276] GetCurrentObject (hdc=0x2b0107fc, type=0x1) returned 0xb00017
[0276.276] GetCurrentObject (hdc=0x2b0107fc, type=0x2) returned 0x900010
[0276.276] GetCurrentObject (hdc=0x2b0107fc, type=0x7) returned 0x4a0507fe
[0276.276] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.276] SaveDC (hdc=0x2b0107fc) returned 1
[0276.276] GetTextAlign (hdc=0x2b0107fc) returned 0x0
[0276.276] GetTextColor (hdc=0x2b0107fc) returned 0x0
[0276.276] GetCurrentObject (hdc=0x2b0107fc, type=0x6) returned 0x8a01c2
[0276.276] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0276.276] SelectObject (hdc=0x2b0107fc, h=0x6d0a0520) returned 0x8a01c2
[0276.276] GetBkMode (hdc=0x2b0107fc) returned 2
[0276.276] SetBkMode (hdc=0x2b0107fc, mode=1) returned 2
[0276.276] DrawTextExW (in: hdc=0x2b0107fc, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d6c3f4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0276.277] DrawTextExW (in: hdc=0x2b0107fc, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d6c3f4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0276.277] RestoreDC (hdc=0x2b0107fc, nSavedDC=-1) returned 1
[0276.277] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107fc) returned 0x0
[0276.277] GetFocus () returned 0x2602c8
[0276.277] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0276.277] SendMessageW (hWnd=0x2c02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0276.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0276.277] IsAppThemed () returned 0x1
[0276.277] GetThemeAppProperties () returned 0x3
[0276.277] GetThemeAppProperties () returned 0x3
[0276.277] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0276.277] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x2b0107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0276.277] GdipReleaseDC (graphics=0x6600030, hdc=0x2b0107fc) returned 0x0
[0276.277] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.278] SelectObject (hdc=0x2b0107fc, h=0x85000f) returned 0x4a0507fe
[0276.278] DeleteDC (hdc=0x2b0107fc) returned 1
[0276.278] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0276.278] EndPaint (hWnd=0x2602c8, lpPaint=0xd7dee4) returned 1
[0276.278] MapWindowPoints (in: hWndFrom=0x2602c8, hWndTo=0x0, lpPoints=0x2d6c4f0, cPoints=0x1 | out: lpPoints=0x2d6c4f0) returned 30999254
[0276.278] WindowFromPoint (Point=0x318) returned 0x2602c8
[0276.278] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.278] NotifyWinEvent (event=0x800a, hwnd=0x2602c8, idObject=-4, idChild=0)
[0276.279] NotifyWinEvent (event=0x800c, hwnd=0x2602c8, idObject=-4, idChild=0)
[0276.279] GetCapture () returned 0x2602c8
[0276.279] ReleaseCapture () returned 1
[0276.279] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0276.279] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0276.279] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.279] IsWindow (hWnd=0x7005c) returned 1
[0276.279] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0276.280] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0276.280] IsWindow (hWnd=0x2c02de) returned 1
[0276.280] SetActiveWindow (hWnd=0x2c02de) returned 0x2c02de
[0276.280] IsWindow (hWnd=0x2c02de) returned 1
[0276.280] SetFocus (hWnd=0x2c02de) returned 0x2602c8
[0276.281] GetFocus () returned 0x2c02de
[0276.281] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x8, wParam=0x2c02de, lParam=0x0) returned 0x0
[0276.281] GetCapture () returned 0x0
[0276.281] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0276.282] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0276.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0276.285] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0276.285] GetFocus () returned 0x2c02de
[0276.285] SetFocus (hWnd=0x2602c8) returned 0x2c02de
[0276.285] GetFocus () returned 0x2602c8
[0276.285] IsChild (hWndParent=0x2c02de, hWnd=0x2602c8) returned 1
[0276.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x8, wParam=0x2602c8, lParam=0x0) returned 0x0
[0276.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0276.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0276.289] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0276.289] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x7, wParam=0x2c02de, lParam=0x0) returned 0x0
[0276.290] GetStockObject (i=5) returned 0x900015
[0276.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0276.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0xd, wParam=0xa, lParam=0x11f5780) returned 0x9
[0276.290] GetDlgItem (hDlg=0x2c02de, nIDDlgItem=2491080) returned 0x2602c8
[0276.290] SendMessageW (hWnd=0x2602c8, Msg=0x202b, wParam=0x2602c8, lParam=0xd7ddcc) returned 0x0
[0276.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x202b, wParam=0x2602c8, lParam=0xd7ddcc) returned 0x0
[0276.290] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0276.292] GetWindowLongW (hWnd=0x2c02de, nIndex=-8) returned 458844
[0276.292] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0276.292] GetCurrentThreadId () returned 0xf50
[0276.292] IsWindow (hWnd=0x7005c) returned 1
[0276.292] IsWindow (hWnd=0x7005c) returned 1
[0276.292] IsWindowVisible (hWnd=0x7005c) returned 1
[0276.292] SetActiveWindow (hWnd=0x7005c) returned 0x2c02de
[0276.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0276.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0276.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0276.298] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0276.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0276.299] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0276.301] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0276.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0276.301] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0276.301] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0276.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0276.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0276.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0276.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2c02de) returned 0x1
[0276.309] GetFocus () returned 0x2602c8
[0276.309] SetFocus (hWnd=0x602c4) returned 0x2602c8
[0276.314] GetFocus () returned 0x602c4
[0276.314] IsChild (hWndParent=0x2c02de, hWnd=0x602c4) returned 0
[0276.314] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0276.314] GetCapture () returned 0x0
[0276.314] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0276.315] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0276.316] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0276.318] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0276.318] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0276.318] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0276.318] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0276.319] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0276.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2602c8, lParam=0x0) returned 0x0
[0276.319] GetStockObject (i=5) returned 0x900015
[0276.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0276.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0276.319] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0276.319] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0276.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0276.320] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0276.321] GetFocus () returned 0x602c4
[0276.321] IsChild (hWndParent=0x2c02de, hWnd=0x602c4) returned 0
[0276.321] ShowWindow (hWnd=0x2c02de, nCmdShow=0) returned 1
[0276.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0276.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0276.323] GetWindowPlacement (in: hWnd=0x2c02de, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0276.323] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0276.323] GetClientRect (in: hWnd=0x2c02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0276.323] GetWindowRect (in: hWnd=0x2c02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0276.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0276.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0276.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0276.325] GetWindowLongW (hWnd=0x2c02de, nIndex=-20) returned 327945
[0276.325] DestroyWindow (hWnd=0x2c02de) returned 1
[0276.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0276.340] GetWindowTextLengthW (hWnd=0x2c02de) returned 13
[0276.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.340] GetSystemMetrics (nIndex=42) returned 0
[0276.340] GetWindowTextW (in: hWnd=0x2c02de, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0276.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0276.340] GetWindowTextLengthW (hWnd=0x2202ce) returned 0
[0276.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0276.341] GetSystemMetrics (nIndex=42) returned 0
[0276.341] GetWindowTextW (in: hWnd=0x2202ce, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0276.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0276.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0276.341] GetWindowThreadProcessId (in: hWnd=0x2c02dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0276.341] GetWindow (hWnd=0x2c02dc, uCmd=0x5) returned 0x0
[0276.341] GetWindowLongW (hWnd=0x2c02dc, nIndex=-20) returned 65792
[0276.341] DestroyWindow (hWnd=0x2c02dc) returned 1
[0276.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0276.341] GetWindowTextLengthW (hWnd=0x2c02dc) returned 25
[0276.341] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0276.342] GetSystemMetrics (nIndex=42) returned 0
[0276.342] GetWindowTextW (in: hWnd=0x2c02dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0276.342] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0276.342] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0276.342] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.343] GetWindowTextLengthW (hWnd=0x2c02da) returned 232
[0276.343] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0276.343] GetSystemMetrics (nIndex=42) returned 0
[0276.344] GetWindowTextW (in: hWnd=0x2c02da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0276.344] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0276.344] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0276.344] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0276.344] InvalidateRect (hWnd=0x2602c8, lpRect=0x0, bErase=0) returned 1
[0276.344] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0276.345] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0276.345] SendMessageW (hWnd=0x2102d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0276.345] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0276.345] SendMessageW (hWnd=0x2102d0, Msg=0xb0, wParam=0x2d40174, lParam=0xd7e480) returned 0x0
[0276.345] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0xb0, wParam=0x2d40174, lParam=0xd7e480) returned 0x0
[0276.345] GetWindowTextLengthW (hWnd=0x2102d0) returned 4363
[0276.345] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0276.345] GetSystemMetrics (nIndex=42) returned 0
[0276.345] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0276.345] GetWindowTextW (in: hWnd=0x2102d0, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0276.345] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0276.345] CoTaskMemFree (pv=0x1202960)
[0276.345] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0276.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2202ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.347] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.349] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2e02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.350] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2602c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.353] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2102d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.354] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0276.384] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.384] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.384] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.384] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.384] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.384] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.385] IsWindowUnicode (hWnd=0x7005c) returned 1
[0276.385] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.385] SetCursor (hCursor=0x10003) returned 0x10003
[0276.385] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.385] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.386] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0276.386] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0276.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0276.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b025a) returned 0x0
[0276.386] GetKeyState (nVirtKey=1) returned 1
[0276.386] GetKeyState (nVirtKey=2) returned 0
[0276.386] GetKeyState (nVirtKey=4) returned 0
[0276.386] GetKeyState (nVirtKey=5) returned 0
[0276.386] GetKeyState (nVirtKey=6) returned 0
[0276.386] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.387] IsWindowUnicode (hWnd=0x7005c) returned 1
[0276.387] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.387] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.387] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.387] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.387] IsWindowUnicode (hWnd=0x7005c) returned 1
[0276.388] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.388] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e00318) returned 0x1
[0276.388] SetCursor (hCursor=0x10003) returned 0x10003
[0276.388] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.388] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.388] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b025a) returned 0x0
[0276.388] GetKeyState (nVirtKey=1) returned 1
[0276.388] GetKeyState (nVirtKey=2) returned 0
[0276.388] GetKeyState (nVirtKey=4) returned 0
[0276.388] GetKeyState (nVirtKey=5) returned 0
[0276.388] GetKeyState (nVirtKey=6) returned 0
[0276.389] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.389] IsWindowUnicode (hWnd=0x602c4) returned 1
[0276.389] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.389] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.389] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.390] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.391] IsWindowUnicode (hWnd=0x602c4) returned 1
[0276.391] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.391] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.391] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.391] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0276.391] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0276.391] CreateCompatibleDC (hdc=0x10105d6) returned 0xd4010803
[0276.391] SelectObject (hdc=0xd4010803, h=0x4a0507fe) returned 0x85000f
[0276.392] GdipCreateFromHDC (hdc=0xd4010803, graphics=0xd7e798) returned 0x0
[0276.392] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0276.392] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0276.392] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0276.392] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0276.392] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0276.392] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0276.392] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee910) returned 0x0
[0276.392] LocalFree (hMem=0x11ee910) returned 0x0
[0276.392] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0276.392] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0276.392] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0276.392] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0276.392] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0276.392] GdipRestoreGraphics (graphics=0x6600030, state=0xf6e40dbd) returned 0x0
[0276.392] GdipDeleteRegion (region=0x6646328) returned 0x0
[0276.393] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0276.393] GetCurrentObject (hdc=0xd4010803, type=0x1) returned 0xb00017
[0276.393] GetCurrentObject (hdc=0xd4010803, type=0x2) returned 0x900010
[0276.393] GetCurrentObject (hdc=0xd4010803, type=0x7) returned 0x4a0507fe
[0276.393] GetCurrentObject (hdc=0xd4010803, type=0x6) returned 0x8a01c2
[0276.393] SaveDC (hdc=0xd4010803) returned 1
[0276.393] GetNearestColor (hdc=0xd4010803, color=0xff) returned 0xff
[0276.393] GetNearestColor (hdc=0xd4010803, color=0x55) returned 0x55
[0276.393] GetNearestColor (hdc=0xd4010803, color=0x0) returned 0x0
[0276.393] GetNearestColor (hdc=0xd4010803, color=0x55) returned 0x55
[0276.393] GetNearestColor (hdc=0xd4010803, color=0x0) returned 0x0
[0276.393] GetNearestColor (hdc=0xd4010803, color=0x8080ff) returned 0x8080ff
[0276.393] GetNearestColor (hdc=0xd4010803, color=0x7373e5) returned 0x7373e5
[0276.393] GetNearestColor (hdc=0xd4010803, color=0xe5) returned 0xe5
[0276.394] GetNearestColor (hdc=0xd4010803, color=0x0) returned 0x0
[0276.394] RestoreDC (hdc=0xd4010803, nSavedDC=-1) returned 1
[0276.394] GdipReleaseDC (graphics=0x6600030, hdc=0xd4010803) returned 0x0
[0276.394] IsAppThemed () returned 0x1
[0276.394] GetThemeAppProperties () returned 0x3
[0276.394] GetThemeAppProperties () returned 0x3
[0276.394] IsAppThemed () returned 0x1
[0276.394] GetThemeAppProperties () returned 0x3
[0276.394] GetThemeAppProperties () returned 0x3
[0276.394] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d7425c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0276.394] IsAppThemed () returned 0x1
[0276.394] GetThemeAppProperties () returned 0x3
[0276.395] GetThemeAppProperties () returned 0x3
[0276.395] IsAppThemed () returned 0x1
[0276.395] GetThemeAppProperties () returned 0x3
[0276.395] GetThemeAppProperties () returned 0x3
[0276.395] GetFocus () returned 0x602c4
[0276.400] IsAppThemed () returned 0x1
[0276.400] GetThemeAppProperties () returned 0x3
[0276.400] GetThemeAppProperties () returned 0x3
[0276.400] IsAppThemed () returned 0x1
[0276.400] GetThemeAppProperties () returned 0x3
[0276.400] GetThemeAppProperties () returned 0x3
[0276.400] IsThemePartDefined () returned 0x1
[0276.400] IsAppThemed () returned 0x1
[0276.400] GetThemeAppProperties () returned 0x3
[0276.400] GetThemeAppProperties () returned 0x3
[0276.400] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0276.401] IsAppThemed () returned 0x1
[0276.401] GetThemeAppProperties () returned 0x3
[0276.401] GetThemeAppProperties () returned 0x3
[0276.401] IsAppThemed () returned 0x1
[0276.401] GetThemeAppProperties () returned 0x3
[0276.401] GetThemeAppProperties () returned 0x3
[0276.401] IsThemePartDefined () returned 0x1
[0276.401] GdipCreateRegion (region=0xd7e508) returned 0x0
[0276.401] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.401] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0276.401] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0276.401] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e520) returned 0x0
[0276.402] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0276.402] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee910) returned 0x0
[0276.402] LocalFree (hMem=0x11ee910) returned 0x0
[0276.402] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0276.402] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0276.402] LocalFree (hMem=0x11ee9f0) returned 0x0
[0276.402] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0276.402] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0276.402] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0276.402] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0276.403] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.403] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0276.403] GetCurrentObject (hdc=0xd4010803, type=0x1) returned 0xb00017
[0276.403] GetCurrentObject (hdc=0xd4010803, type=0x2) returned 0x900010
[0276.403] GetCurrentObject (hdc=0xd4010803, type=0x7) returned 0x4a0507fe
[0276.403] GetCurrentObject (hdc=0xd4010803, type=0x6) returned 0x8a01c2
[0276.403] SaveDC (hdc=0xd4010803) returned 1
[0276.403] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xda0407de
[0276.403] GetClipRgn (hdc=0xd4010803, hrgn=0xda0407de) returned 0
[0276.411] SelectClipRgn (hdc=0xd4010803, hrgn=0x4c040807) returned 2
[0276.411] DeleteObject (ho=0xda0407de) returned 1
[0276.411] DeleteObject (ho=0x4c040807) returned 1
[0276.411] OffsetViewportOrgEx (in: hdc=0xd4010803, x=0, y=0, lppt=0x2d7490c | out: lppt=0x2d7490c) returned 1
[0276.412] DrawThemeParentBackground () returned 0x0
[0276.412] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0276.412] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0276.412] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0276.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.412] GetSystemMetrics (nIndex=42) returned 0
[0276.412] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0276.412] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0276.412] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0276.412] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0276.412] SelectPalette (hdc=0xd4010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0276.413] GdipCreateFromHDC (hdc=0xd4010803, graphics=0xd7dff8) returned 0x0
[0276.413] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0276.413] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0276.413] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638a28) returned 0x0
[0276.413] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dfd0) returned 0x0
[0276.413] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0276.413] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0276.413] GdipGetClip (graphics=0x6638e08, region=0x6646448) returned 0x0
[0276.413] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6638e08, result=0xd7dfc4) returned 0x0
[0276.413] GdipDeleteRegion (region=0x6646448) returned 0x0
[0276.413] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dff0) returned 0x0
[0276.414] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0276.422] GdipFillRectangleI (graphics=0x6638e08, brush=0x6649630, x=0, y=0, width=801, height=453) returned 0x0
[0276.423] GdipDeleteBrush (brush=0x6649630) returned 0x0
[0276.424] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0276.425] SelectPalette (hdc=0xd4010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.425] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0276.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.425] GetSystemMetrics (nIndex=42) returned 0
[0276.425] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0276.425] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0276.425] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0276.425] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0276.425] SelectPalette (hdc=0xd4010803, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0276.425] GdipCreateFromHDC (hdc=0xd4010803, graphics=0xd7df98) returned 0x0
[0276.426] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0276.426] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0276.426] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638ba8) returned 0x0
[0276.426] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df70) returned 0x0
[0276.426] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0276.426] GdipCreateRegion (region=0xd7df58) returned 0x0
[0276.426] GdipGetClip (graphics=0x6638e08, region=0x6646e68) returned 0x0
[0276.426] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6638e08, result=0xd7df64) returned 0x0
[0276.426] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0276.426] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df90) returned 0x0
[0276.426] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0276.440] GdipFillRectangleI (graphics=0x6638e08, brush=0x6649018, x=0, y=0, width=801, height=453) returned 0x0
[0276.440] GdipDeleteBrush (brush=0x6649018) returned 0x0
[0276.442] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6e00dbd) returned 0x0
[0276.442] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0276.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0276.443] GetSystemMetrics (nIndex=42) returned 0
[0276.443] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0276.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0276.443] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0276.443] SelectPalette (hdc=0xd4010803, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.443] RestoreDC (hdc=0xd4010803, nSavedDC=-1) returned 1
[0276.443] GdipReleaseDC (graphics=0x6600030, hdc=0xd4010803) returned 0x0
[0276.443] IsAppThemed () returned 0x1
[0276.443] GetThemeAppProperties () returned 0x3
[0276.443] GetThemeAppProperties () returned 0x3
[0276.443] IsAppThemed () returned 0x1
[0276.444] GetThemeAppProperties () returned 0x3
[0276.444] GetThemeAppProperties () returned 0x3
[0276.444] IsThemePartDefined () returned 0x1
[0276.444] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0276.444] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.444] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0276.444] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0276.444] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e4a4) returned 0x0
[0276.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0276.444] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0276.444] LocalFree (hMem=0x11ee788) returned 0x0
[0276.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0276.444] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0276.444] LocalFree (hMem=0x11ee9f0) returned 0x0
[0276.444] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0276.444] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0276.445] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0276.445] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0276.445] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.445] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0276.445] GetCurrentObject (hdc=0xd4010803, type=0x1) returned 0xb00017
[0276.445] GetCurrentObject (hdc=0xd4010803, type=0x2) returned 0x900010
[0276.445] GetCurrentObject (hdc=0xd4010803, type=0x7) returned 0x4a0507fe
[0276.445] GetCurrentObject (hdc=0xd4010803, type=0x6) returned 0x8a01c2
[0276.445] SaveDC (hdc=0xd4010803) returned 1
[0276.445] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4d040807
[0276.445] GetClipRgn (hdc=0xd4010803, hrgn=0x4d040807) returned 0
[0276.445] SelectClipRgn (hdc=0xd4010803, hrgn=0xdc0407de) returned 2
[0276.445] DeleteObject (ho=0x4d040807) returned 1
[0276.445] DeleteObject (ho=0xdc0407de) returned 1
[0276.445] OffsetViewportOrgEx (in: hdc=0xd4010803, x=0, y=0, lppt=0x2d7b15c | out: lppt=0x2d7b15c) returned 1
[0276.446] IsAppThemed () returned 0x1
[0276.446] GetThemeAppProperties () returned 0x3
[0276.446] GetThemeAppProperties () returned 0x3
[0276.446] DrawThemeBackground () returned 0x0
[0276.446] RestoreDC (hdc=0xd4010803, nSavedDC=-1) returned 1
[0276.446] GdipReleaseDC (graphics=0x6600030, hdc=0xd4010803) returned 0x0
[0276.446] GdipCreateRegion (region=0xd7e490) returned 0x0
[0276.446] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0276.447] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0276.447] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0276.447] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e4a8) returned 0x0
[0276.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0276.447] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0276.447] LocalFree (hMem=0x11eecc8) returned 0x0
[0276.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0276.447] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0276.447] LocalFree (hMem=0x11ee788) returned 0x0
[0276.447] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0276.447] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0276.447] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0276.447] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0276.447] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0276.447] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0276.447] GetCurrentObject (hdc=0xd4010803, type=0x1) returned 0xb00017
[0276.447] GetCurrentObject (hdc=0xd4010803, type=0x2) returned 0x900010
[0276.448] GetCurrentObject (hdc=0xd4010803, type=0x7) returned 0x4a0507fe
[0276.448] GetCurrentObject (hdc=0xd4010803, type=0x6) returned 0x8a01c2
[0276.448] SaveDC (hdc=0xd4010803) returned 1
[0276.448] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdd0407de
[0276.448] GetClipRgn (hdc=0xd4010803, hrgn=0xdd0407de) returned 0
[0276.448] SelectClipRgn (hdc=0xd4010803, hrgn=0x4e040807) returned 2
[0276.448] DeleteObject (ho=0xdd0407de) returned 1
[0276.448] DeleteObject (ho=0x4e040807) returned 1
[0276.448] OffsetViewportOrgEx (in: hdc=0xd4010803, x=0, y=0, lppt=0x2d7b430 | out: lppt=0x2d7b430) returned 1
[0276.448] IsAppThemed () returned 0x1
[0276.448] GetThemeAppProperties () returned 0x3
[0276.448] GetThemeAppProperties () returned 0x3
[0276.449] GetThemeBackgroundContentRect () returned 0x0
[0276.449] RestoreDC (hdc=0xd4010803, nSavedDC=-1) returned 1
[0276.449] GdipReleaseDC (graphics=0x6600030, hdc=0xd4010803) returned 0x0
[0276.449] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0276.449] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0276.449] GdipFillRectangleI (graphics=0x6600030, brush=0x6659c70, x=4, y=4, width=67, height=15) returned 0x0
[0276.449] GdipDeleteBrush (brush=0x6659c70) returned 0x0
[0276.449] IsAppThemed () returned 0x1
[0276.449] GetThemeAppProperties () returned 0x3
[0276.449] GetThemeAppProperties () returned 0x3
[0276.449] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0276.449] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0276.449] GetCurrentObject (hdc=0xd4010803, type=0x1) returned 0xb00017
[0276.450] GetCurrentObject (hdc=0xd4010803, type=0x2) returned 0x900010
[0276.450] GetCurrentObject (hdc=0xd4010803, type=0x7) returned 0x4a0507fe
[0276.450] GetCurrentObject (hdc=0xd4010803, type=0x6) returned 0x8a01c2
[0276.450] SaveDC (hdc=0xd4010803) returned 1
[0276.450] GetTextAlign (hdc=0xd4010803) returned 0x0
[0276.450] GetTextColor (hdc=0xd4010803) returned 0x0
[0276.450] GetCurrentObject (hdc=0xd4010803, type=0x6) returned 0x8a01c2
[0276.457] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0276.457] SelectObject (hdc=0xd4010803, h=0x6d0a0520) returned 0x8a01c2
[0276.457] GetBkMode (hdc=0xd4010803) returned 2
[0276.457] SetBkMode (hdc=0xd4010803, mode=1) returned 2
[0276.457] DrawTextExW (in: hdc=0xd4010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d7b7f4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0276.458] DrawTextExW (in: hdc=0xd4010803, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d7b7f4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0276.458] RestoreDC (hdc=0xd4010803, nSavedDC=-1) returned 1
[0276.458] GdipReleaseDC (graphics=0x6600030, hdc=0xd4010803) returned 0x0
[0276.458] GetFocus () returned 0x602c4
[0276.459] IsAppThemed () returned 0x1
[0276.459] GetThemeAppProperties () returned 0x3
[0276.459] GetThemeAppProperties () returned 0x3
[0276.459] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0276.459] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xd4010803, x1=0, y1=0, rop=0xcc0020) returned 1
[0276.459] GdipReleaseDC (graphics=0x6600030, hdc=0xd4010803) returned 0x0
[0276.459] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0276.462] SelectObject (hdc=0xd4010803, h=0x85000f) returned 0x4a0507fe
[0276.463] DeleteDC (hdc=0xd4010803) returned 1
[0276.463] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0276.463] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0276.463] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.463] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.463] WaitMessage () returned 1
[0276.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.511] IsWindowUnicode (hWnd=0x7005c) returned 1
[0276.511] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.511] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.511] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.511] IsWindowUnicode (hWnd=0x7005c) returned 1
[0276.511] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.511] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.511] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10b025a) returned 0x0
[0276.514] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.515] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.515] WaitMessage () returned 1
[0276.522] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.522] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.522] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.522] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.522] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.523] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.523] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.523] WaitMessage () returned 1
[0276.525] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.525] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.525] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.525] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.525] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.526] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.526] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.526] WaitMessage () returned 1
[0276.528] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.528] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.528] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.528] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.528] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.533] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.534] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.534] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.534] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.534] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.534] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.534] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.534] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.534] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.534] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.534] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.535] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.535] WaitMessage () returned 1
[0276.535] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.535] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.536] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.536] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.536] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.537] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.537] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.537] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.537] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.538] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.538] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.538] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.538] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.538] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.538] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.538] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.539] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.539] WaitMessage () returned 1
[0276.539] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.539] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.539] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.539] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.539] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.541] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.541] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.541] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.541] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.541] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.541] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.541] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.541] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.542] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.542] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.542] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.542] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.542] WaitMessage () returned 1
[0276.543] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.543] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.543] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.543] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.543] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.554] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.555] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.555] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.555] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.555] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.555] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.555] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.555] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.555] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.555] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.555] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.556] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.556] WaitMessage () returned 1
[0276.561] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.561] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.561] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.561] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.561] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.562] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.562] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.562] WaitMessage () returned 1
[0276.563] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.563] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.563] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.564] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.564] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.565] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.565] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.565] WaitMessage () returned 1
[0276.566] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.567] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.567] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.567] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.567] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.568] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.568] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.568] WaitMessage () returned 1
[0276.572] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.572] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.572] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.572] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.573] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.574] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.575] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.575] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.575] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.575] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.575] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.575] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.580] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.580] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.580] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.580] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.580] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.580] WaitMessage () returned 1
[0276.582] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.582] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.583] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.583] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.583] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.584] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.584] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.585] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.585] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.585] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.585] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.585] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.585] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.585] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.585] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.585] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.586] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.586] WaitMessage () returned 1
[0276.592] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.592] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.592] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.593] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.593] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.594] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.595] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.595] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.595] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.595] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.595] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.604] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.604] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.605] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.605] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.607] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.607] IsWindowUnicode (hWnd=0x30122) returned 1
[0276.607] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.607] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.607] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.608] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.609] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.609] WaitMessage () returned 1
[0276.672] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.672] IsWindowUnicode (hWnd=0x502c6) returned 1
[0276.672] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0276.672] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0276.672] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0276.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0276.673] WaitMessage () returned 1
[0278.547] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.547] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00fd) returned 0x1
[0278.548] IsWindowUnicode (hWnd=0x602c4) returned 1
[0278.548] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.548] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0278.548] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0278.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0278.548] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.548] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00fd) returned 0x1
[0278.548] IsWindowUnicode (hWnd=0x602c4) returned 1
[0278.548] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.548] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00fd) returned 0x1
[0278.548] SetCursor (hCursor=0x10003) returned 0x10003
[0278.548] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0278.548] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0278.548] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0278.548] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0278.548] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0278.548] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0278.549] GetKeyState (nVirtKey=1) returned 1
[0278.549] GetKeyState (nVirtKey=2) returned 0
[0278.549] GetKeyState (nVirtKey=4) returned 0
[0278.549] GetKeyState (nVirtKey=5) returned 0
[0278.549] GetKeyState (nVirtKey=6) returned 0
[0278.549] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.549] IsWindowUnicode (hWnd=0x602c4) returned 1
[0278.549] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.549] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0278.549] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0278.549] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0278.549] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0278.549] CreateCompatibleDC (hdc=0x10105d6) returned 0x8e0107c6
[0278.549] SelectObject (hdc=0x8e0107c6, h=0x4a0507fe) returned 0x85000f
[0278.549] GdipCreateFromHDC (hdc=0x8e0107c6, graphics=0xd7e798) returned 0x0
[0278.550] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0278.550] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0278.550] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0278.550] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0278.550] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e7f8) returned 0x0
[0278.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0278.550] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eead0) returned 0x0
[0278.550] LocalFree (hMem=0x11eead0) returned 0x0
[0278.550] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0278.550] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0278.550] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0278.550] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0278.550] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0278.550] GdipRestoreGraphics (graphics=0x6600030, state=0xf6de0dbd) returned 0x0
[0278.550] GdipDeleteRegion (region=0x6646328) returned 0x0
[0278.550] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0278.550] GetCurrentObject (hdc=0x8e0107c6, type=0x1) returned 0xb00017
[0278.551] GetCurrentObject (hdc=0x8e0107c6, type=0x2) returned 0x900010
[0278.551] GetCurrentObject (hdc=0x8e0107c6, type=0x7) returned 0x4a0507fe
[0278.551] GetCurrentObject (hdc=0x8e0107c6, type=0x6) returned 0x8a01c2
[0278.551] SaveDC (hdc=0x8e0107c6) returned 1
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0xff) returned 0xff
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0x55) returned 0x55
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0x0) returned 0x0
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0x55) returned 0x55
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0x0) returned 0x0
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0x8080ff) returned 0x8080ff
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0x7373e5) returned 0x7373e5
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0xe5) returned 0xe5
[0278.551] GetNearestColor (hdc=0x8e0107c6, color=0x0) returned 0x0
[0278.551] RestoreDC (hdc=0x8e0107c6, nSavedDC=-1) returned 1
[0278.551] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107c6) returned 0x0
[0278.552] IsAppThemed () returned 0x1
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] IsAppThemed () returned 0x1
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d7c218 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0278.552] IsAppThemed () returned 0x1
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] IsAppThemed () returned 0x1
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] GetThemeAppProperties () returned 0x3
[0278.552] IsAppThemed () returned 0x1
[0278.552] GetThemeAppProperties () returned 0x3
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] IsAppThemed () returned 0x1
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] IsThemePartDefined () returned 0x1
[0278.553] IsAppThemed () returned 0x1
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0278.553] IsAppThemed () returned 0x1
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] IsAppThemed () returned 0x1
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] GetThemeAppProperties () returned 0x3
[0278.553] IsThemePartDefined () returned 0x1
[0278.553] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0278.553] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0278.553] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0278.553] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0278.553] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e514) returned 0x0
[0278.553] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0278.553] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0278.554] LocalFree (hMem=0x11eec58) returned 0x0
[0278.554] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0278.554] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0278.554] LocalFree (hMem=0x11eed00) returned 0x0
[0278.554] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0278.554] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0278.554] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0278.554] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0278.554] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.554] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0278.554] GetCurrentObject (hdc=0x8e0107c6, type=0x1) returned 0xb00017
[0278.554] GetCurrentObject (hdc=0x8e0107c6, type=0x2) returned 0x900010
[0278.554] GetCurrentObject (hdc=0x8e0107c6, type=0x7) returned 0x4a0507fe
[0278.554] GetCurrentObject (hdc=0x8e0107c6, type=0x6) returned 0x8a01c2
[0278.554] SaveDC (hdc=0x8e0107c6) returned 1
[0278.554] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4f040807
[0278.554] GetClipRgn (hdc=0x8e0107c6, hrgn=0x4f040807) returned 0
[0278.554] SelectClipRgn (hdc=0x8e0107c6, hrgn=0xe10407de) returned 2
[0278.555] DeleteObject (ho=0x4f040807) returned 1
[0278.555] DeleteObject (ho=0xe10407de) returned 1
[0278.555] OffsetViewportOrgEx (in: hdc=0x8e0107c6, x=0, y=0, lppt=0x2d7c8c8 | out: lppt=0x2d7c8c8) returned 1
[0278.555] DrawThemeParentBackground () returned 0x0
[0278.555] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0278.555] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0278.555] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0278.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0278.555] GetSystemMetrics (nIndex=42) returned 0
[0278.555] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0278.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0278.555] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0278.555] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0278.555] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0278.555] SelectPalette (hdc=0x8e0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0278.555] GdipCreateFromHDC (hdc=0x8e0107c6, graphics=0xd7dff0) returned 0x0
[0278.556] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0278.556] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0278.556] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638b18) returned 0x0
[0278.556] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfc8) returned 0x0
[0278.556] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0278.556] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0278.556] GdipGetClip (graphics=0x6638e08, region=0x6646dd8) returned 0x0
[0278.556] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6638e08, result=0xd7dfbc) returned 0x0
[0278.556] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.556] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dfe8) returned 0x0
[0278.556] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0278.563] GdipFillRectangleI (graphics=0x6638e08, brush=0x66499d8, x=0, y=0, width=801, height=453) returned 0x0
[0278.563] GdipDeleteBrush (brush=0x66499d8) returned 0x0
[0278.564] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0278.564] SelectPalette (hdc=0x8e0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0278.564] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0278.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0278.565] GetSystemMetrics (nIndex=42) returned 0
[0278.565] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0278.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0278.565] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0278.565] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0278.565] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0278.565] SelectPalette (hdc=0x8e0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0278.565] GdipCreateFromHDC (hdc=0x8e0107c6, graphics=0xd7df90) returned 0x0
[0278.565] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0278.565] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0278.565] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c98) returned 0x0
[0278.565] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df68) returned 0x0
[0278.565] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0278.565] GdipCreateRegion (region=0xd7df50) returned 0x0
[0278.565] GdipGetClip (graphics=0x6638e08, region=0x6646dd8) returned 0x0
[0278.565] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6638e08, result=0xd7df5c) returned 0x0
[0278.565] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.566] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df88) returned 0x0
[0278.566] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0278.571] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648ee0, x=0, y=0, width=801, height=453) returned 0x0
[0278.571] GdipDeleteBrush (brush=0x6648ee0) returned 0x0
[0278.573] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6da0dbd) returned 0x0
[0278.573] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0278.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0278.573] GetSystemMetrics (nIndex=42) returned 0
[0278.573] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0278.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0278.573] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0278.573] SelectPalette (hdc=0x8e0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0278.573] RestoreDC (hdc=0x8e0107c6, nSavedDC=-1) returned 1
[0278.573] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107c6) returned 0x0
[0278.574] IsAppThemed () returned 0x1
[0278.574] GetThemeAppProperties () returned 0x3
[0278.574] GetThemeAppProperties () returned 0x3
[0278.574] IsAppThemed () returned 0x1
[0278.574] GetThemeAppProperties () returned 0x3
[0278.574] GetThemeAppProperties () returned 0x3
[0278.574] IsThemePartDefined () returned 0x1
[0278.574] GdipCreateRegion (region=0xd7e480) returned 0x0
[0278.574] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0278.574] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0278.574] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0278.574] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e498) returned 0x0
[0278.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0278.574] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0278.574] LocalFree (hMem=0x11ee788) returned 0x0
[0278.574] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0278.574] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0278.574] LocalFree (hMem=0x11ee9f0) returned 0x0
[0278.574] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0278.574] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0278.574] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0278.574] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0278.575] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0278.575] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0278.575] GetCurrentObject (hdc=0x8e0107c6, type=0x1) returned 0xb00017
[0278.575] GetCurrentObject (hdc=0x8e0107c6, type=0x2) returned 0x900010
[0278.575] GetCurrentObject (hdc=0x8e0107c6, type=0x7) returned 0x4a0507fe
[0278.575] GetCurrentObject (hdc=0x8e0107c6, type=0x6) returned 0x8a01c2
[0278.575] SaveDC (hdc=0x8e0107c6) returned 1
[0278.575] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe20407de
[0278.575] GetClipRgn (hdc=0x8e0107c6, hrgn=0xe20407de) returned 0
[0278.575] SelectClipRgn (hdc=0x8e0107c6, hrgn=0x51040807) returned 2
[0278.575] DeleteObject (ho=0xe20407de) returned 1
[0278.575] DeleteObject (ho=0x51040807) returned 1
[0278.575] OffsetViewportOrgEx (in: hdc=0x8e0107c6, x=0, y=0, lppt=0x2d83118 | out: lppt=0x2d83118) returned 1
[0278.576] IsAppThemed () returned 0x1
[0278.576] GetThemeAppProperties () returned 0x3
[0278.576] GetThemeAppProperties () returned 0x3
[0278.576] DrawThemeBackground () returned 0x0
[0278.576] RestoreDC (hdc=0x8e0107c6, nSavedDC=-1) returned 1
[0278.576] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107c6) returned 0x0
[0278.576] GdipCreateRegion (region=0xd7e484) returned 0x0
[0278.576] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0278.576] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0278.576] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0278.576] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e49c) returned 0x0
[0278.576] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0278.576] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0278.576] LocalFree (hMem=0x11ee9f0) returned 0x0
[0278.576] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0278.576] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0278.576] LocalFree (hMem=0x11ee788) returned 0x0
[0278.577] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0278.577] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0278.577] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0278.577] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0278.577] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0278.577] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0278.577] GetCurrentObject (hdc=0x8e0107c6, type=0x1) returned 0xb00017
[0278.577] GetCurrentObject (hdc=0x8e0107c6, type=0x2) returned 0x900010
[0278.577] GetCurrentObject (hdc=0x8e0107c6, type=0x7) returned 0x4a0507fe
[0278.577] GetCurrentObject (hdc=0x8e0107c6, type=0x6) returned 0x8a01c2
[0278.577] SaveDC (hdc=0x8e0107c6) returned 1
[0278.577] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x52040807
[0278.577] GetClipRgn (hdc=0x8e0107c6, hrgn=0x52040807) returned 0
[0278.577] SelectClipRgn (hdc=0x8e0107c6, hrgn=0xe30407de) returned 2
[0278.577] DeleteObject (ho=0x52040807) returned 1
[0278.578] DeleteObject (ho=0xe30407de) returned 1
[0278.578] OffsetViewportOrgEx (in: hdc=0x8e0107c6, x=0, y=0, lppt=0x2d833ec | out: lppt=0x2d833ec) returned 1
[0278.578] IsAppThemed () returned 0x1
[0278.578] GetThemeAppProperties () returned 0x3
[0278.578] GetThemeAppProperties () returned 0x3
[0278.578] GetThemeBackgroundContentRect () returned 0x0
[0278.578] RestoreDC (hdc=0x8e0107c6, nSavedDC=-1) returned 1
[0278.578] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107c6) returned 0x0
[0278.578] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0278.578] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0278.578] GdipFillRectangleI (graphics=0x6600030, brush=0x6659c70, x=4, y=4, width=67, height=15) returned 0x0
[0278.578] GdipDeleteBrush (brush=0x6659c70) returned 0x0
[0278.578] IsAppThemed () returned 0x1
[0278.578] GetThemeAppProperties () returned 0x3
[0278.578] GetThemeAppProperties () returned 0x3
[0278.578] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0278.578] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0278.578] GetCurrentObject (hdc=0x8e0107c6, type=0x1) returned 0xb00017
[0278.578] GetCurrentObject (hdc=0x8e0107c6, type=0x2) returned 0x900010
[0278.579] GetCurrentObject (hdc=0x8e0107c6, type=0x7) returned 0x4a0507fe
[0278.579] GetCurrentObject (hdc=0x8e0107c6, type=0x6) returned 0x8a01c2
[0278.579] SaveDC (hdc=0x8e0107c6) returned 1
[0278.579] GetTextAlign (hdc=0x8e0107c6) returned 0x0
[0278.579] GetTextColor (hdc=0x8e0107c6) returned 0x0
[0278.579] GetCurrentObject (hdc=0x8e0107c6, type=0x6) returned 0x8a01c2
[0278.579] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0278.579] SelectObject (hdc=0x8e0107c6, h=0x6d0a0520) returned 0x8a01c2
[0278.579] GetBkMode (hdc=0x8e0107c6) returned 2
[0278.579] SetBkMode (hdc=0x8e0107c6, mode=1) returned 2
[0278.579] DrawTextExW (in: hdc=0x8e0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d837b0 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0278.580] DrawTextExW (in: hdc=0x8e0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d837b0 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0278.580] RestoreDC (hdc=0x8e0107c6, nSavedDC=-1) returned 1
[0278.580] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107c6) returned 0x0
[0278.580] GetFocus () returned 0x602c4
[0278.580] IsAppThemed () returned 0x1
[0278.580] GetThemeAppProperties () returned 0x3
[0278.580] GetThemeAppProperties () returned 0x3
[0278.580] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0278.580] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x8e0107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0278.581] GdipReleaseDC (graphics=0x6600030, hdc=0x8e0107c6) returned 0x0
[0278.581] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0278.581] SelectObject (hdc=0x8e0107c6, h=0x85000f) returned 0x4a0507fe
[0278.581] DeleteDC (hdc=0x8e0107c6) returned 1
[0278.581] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0278.581] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0278.581] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0278.581] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0278.581] WaitMessage () returned 1
[0278.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.654] IsWindowUnicode (hWnd=0x602c4) returned 1
[0278.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0278.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0278.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.654] IsWindowUnicode (hWnd=0x602c4) returned 1
[0278.654] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.654] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0278.654] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0278.654] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x60022) returned 0x0
[0278.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0278.654] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0278.654] WaitMessage () returned 1
[0278.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.797] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00fd) returned 0x1
[0278.797] IsWindowUnicode (hWnd=0x602c4) returned 1
[0278.797] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.797] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00fd) returned 0x1
[0278.800] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0278.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x198003f) returned 0x0
[0278.800] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0278.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0278.800] SetCursor (hCursor=0x10003) returned 0x10003
[0278.800] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0278.800] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0278.800] GetKeyState (nVirtKey=1) returned -128
[0278.800] GetKeyState (nVirtKey=2) returned 0
[0278.800] GetKeyState (nVirtKey=4) returned 0
[0278.800] GetKeyState (nVirtKey=5) returned 0
[0278.800] GetKeyState (nVirtKey=6) returned 0
[0278.800] IsWindowVisible (hWnd=0x602c4) returned 1
[0278.800] IsWindowEnabled (hWnd=0x602c4) returned 1
[0278.800] SetFocus (hWnd=0x602c4) returned 0x602c4
[0278.800] GetFocus () returned 0x602c4
[0278.801] GetFocus () returned 0x602c4
[0278.801] GetFocus () returned 0x602c4
[0278.801] GetKeyState (nVirtKey=1) returned -128
[0278.801] GetKeyState (nVirtKey=2) returned 0
[0278.801] GetKeyState (nVirtKey=4) returned 0
[0278.801] GetKeyState (nVirtKey=5) returned 0
[0278.801] GetKeyState (nVirtKey=6) returned 0
[0278.801] GetCapture () returned 0x0
[0278.801] SetCapture (hWnd=0x602c4) returned 0x0
[0278.801] GetKeyState (nVirtKey=1) returned -128
[0278.801] GetKeyState (nVirtKey=2) returned 0
[0278.801] GetKeyState (nVirtKey=4) returned 0
[0278.801] GetKeyState (nVirtKey=5) returned 0
[0278.801] GetKeyState (nVirtKey=6) returned 0
[0278.801] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0278.801] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0278.801] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.801] IsWindowUnicode (hWnd=0x602c4) returned 1
[0278.801] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0278.801] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0278.801] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0278.801] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d83934, cPoints=0x1 | out: lpPoints=0x2d83934) returned 40304859
[0278.801] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0278.801] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0278.802] UpdateWindow (hWnd=0x602c4) returned 1
[0278.802] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0278.802] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0278.802] CreateCompatibleDC (hdc=0x10105d6) returned 0x8f0107c6
[0278.802] SelectObject (hdc=0x8f0107c6, h=0x4a0507fe) returned 0x85000f
[0278.802] GdipCreateFromHDC (hdc=0x8f0107c6, graphics=0xd7e430) returned 0x0
[0278.802] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0278.802] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0278.802] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0278.802] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0278.802] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e490) returned 0x0
[0278.802] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0278.802] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0278.803] LocalFree (hMem=0x11eec58) returned 0x0
[0278.803] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0278.803] GdipCreateRegion (region=0xd7e478) returned 0x0
[0278.803] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0278.803] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0278.803] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0278.803] GdipRestoreGraphics (graphics=0x6600030, state=0xf6d80dbd) returned 0x0
[0278.803] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.803] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0278.803] GetCurrentObject (hdc=0x8f0107c6, type=0x1) returned 0xb00017
[0278.803] GetCurrentObject (hdc=0x8f0107c6, type=0x2) returned 0x900010
[0278.803] GetCurrentObject (hdc=0x8f0107c6, type=0x7) returned 0x4a0507fe
[0278.803] GetCurrentObject (hdc=0x8f0107c6, type=0x6) returned 0x8a01c2
[0278.803] SaveDC (hdc=0x8f0107c6) returned 1
[0278.803] GetNearestColor (hdc=0x8f0107c6, color=0xff) returned 0xff
[0278.803] GetNearestColor (hdc=0x8f0107c6, color=0x55) returned 0x55
[0278.803] GetNearestColor (hdc=0x8f0107c6, color=0x0) returned 0x0
[0278.804] GetNearestColor (hdc=0x8f0107c6, color=0x55) returned 0x55
[0278.804] GetNearestColor (hdc=0x8f0107c6, color=0x0) returned 0x0
[0278.804] GetNearestColor (hdc=0x8f0107c6, color=0x8080ff) returned 0x8080ff
[0278.804] GetNearestColor (hdc=0x8f0107c6, color=0x7373e5) returned 0x7373e5
[0278.804] GetNearestColor (hdc=0x8f0107c6, color=0xe5) returned 0xe5
[0278.804] GetNearestColor (hdc=0x8f0107c6, color=0x0) returned 0x0
[0278.804] RestoreDC (hdc=0x8f0107c6, nSavedDC=-1) returned 1
[0278.804] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107c6) returned 0x0
[0278.804] IsAppThemed () returned 0x1
[0278.804] GetThemeAppProperties () returned 0x3
[0278.804] GetThemeAppProperties () returned 0x3
[0278.804] IsAppThemed () returned 0x1
[0278.804] GetThemeAppProperties () returned 0x3
[0278.804] GetThemeAppProperties () returned 0x3
[0278.804] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d84050 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0278.805] IsAppThemed () returned 0x1
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] IsAppThemed () returned 0x1
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] IsAppThemed () returned 0x1
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] IsAppThemed () returned 0x1
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] IsThemePartDefined () returned 0x1
[0278.805] IsAppThemed () returned 0x1
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0278.805] IsAppThemed () returned 0x1
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] IsAppThemed () returned 0x1
[0278.805] GetThemeAppProperties () returned 0x3
[0278.805] GetThemeAppProperties () returned 0x3
[0278.806] IsThemePartDefined () returned 0x1
[0278.806] GdipCreateRegion (region=0xd7e194) returned 0x0
[0278.806] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0278.806] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0278.806] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0278.806] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e1ac) returned 0x0
[0278.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0278.806] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0278.806] LocalFree (hMem=0x11ee910) returned 0x0
[0278.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0278.806] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea98) returned 0x0
[0278.806] LocalFree (hMem=0x11eea98) returned 0x0
[0278.806] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0278.806] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0278.806] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0278.806] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0278.806] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.806] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0278.806] GetCurrentObject (hdc=0x8f0107c6, type=0x1) returned 0xb00017
[0278.806] GetCurrentObject (hdc=0x8f0107c6, type=0x2) returned 0x900010
[0278.806] GetCurrentObject (hdc=0x8f0107c6, type=0x7) returned 0x4a0507fe
[0278.807] GetCurrentObject (hdc=0x8f0107c6, type=0x6) returned 0x8a01c2
[0278.807] SaveDC (hdc=0x8f0107c6) returned 1
[0278.807] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe40407de
[0278.807] GetClipRgn (hdc=0x8f0107c6, hrgn=0xe40407de) returned 0
[0278.807] SelectClipRgn (hdc=0x8f0107c6, hrgn=0x56040807) returned 2
[0278.807] DeleteObject (ho=0xe40407de) returned 1
[0278.807] DeleteObject (ho=0x56040807) returned 1
[0278.807] OffsetViewportOrgEx (in: hdc=0x8f0107c6, x=0, y=0, lppt=0x2d84700 | out: lppt=0x2d84700) returned 1
[0278.807] DrawThemeParentBackground () returned 0x0
[0278.807] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0278.807] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0278.807] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0278.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0278.807] GetSystemMetrics (nIndex=42) returned 0
[0278.807] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0278.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0278.807] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0278.808] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0278.808] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0278.808] SelectPalette (hdc=0x8f0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0278.808] GdipCreateFromHDC (hdc=0x8f0107c6, graphics=0xd7dc88) returned 0x0
[0278.808] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0278.808] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0278.808] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638bd8) returned 0x0
[0278.808] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc60) returned 0x0
[0278.808] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0278.808] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0278.808] GdipGetClip (graphics=0x6638e08, region=0x6646dd8) returned 0x0
[0278.808] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6638e08, result=0xd7dc54) returned 0x0
[0278.808] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.808] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc80) returned 0x0
[0278.808] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0278.814] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648ee0, x=0, y=0, width=801, height=453) returned 0x0
[0278.814] GdipDeleteBrush (brush=0x6648ee0) returned 0x0
[0278.816] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0278.816] SelectPalette (hdc=0x8f0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0278.816] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0278.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0278.816] GetSystemMetrics (nIndex=42) returned 0
[0278.816] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0278.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0278.816] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0278.816] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0278.816] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0278.816] SelectPalette (hdc=0x8f0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0278.816] GdipCreateFromHDC (hdc=0x8f0107c6, graphics=0xd7dc28) returned 0x0
[0278.817] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0278.817] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0278.817] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638a28) returned 0x0
[0278.817] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0278.817] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0278.817] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0278.817] GdipGetClip (graphics=0x6638e08, region=0x6646568) returned 0x0
[0278.817] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6638e08, result=0xd7dbf4) returned 0x0
[0278.817] GdipDeleteRegion (region=0x6646568) returned 0x0
[0278.817] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc20) returned 0x0
[0278.817] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0278.823] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648ee0, x=0, y=0, width=801, height=453) returned 0x0
[0278.823] GdipDeleteBrush (brush=0x6648ee0) returned 0x0
[0278.824] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6d40dbd) returned 0x0
[0278.824] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0278.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0278.824] GetSystemMetrics (nIndex=42) returned 0
[0278.824] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0278.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0278.824] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0278.824] SelectPalette (hdc=0x8f0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0278.825] RestoreDC (hdc=0x8f0107c6, nSavedDC=-1) returned 1
[0278.825] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107c6) returned 0x0
[0278.825] IsAppThemed () returned 0x1
[0278.825] GetThemeAppProperties () returned 0x3
[0278.825] GetThemeAppProperties () returned 0x3
[0278.825] IsAppThemed () returned 0x1
[0278.826] GetThemeAppProperties () returned 0x3
[0278.826] GetThemeAppProperties () returned 0x3
[0278.826] IsThemePartDefined () returned 0x1
[0278.826] GdipCreateRegion (region=0xd7e118) returned 0x0
[0278.826] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0278.826] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0278.826] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0278.826] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e130) returned 0x0
[0278.826] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0278.826] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0278.826] LocalFree (hMem=0x11ee788) returned 0x0
[0278.826] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0278.826] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0278.826] LocalFree (hMem=0x11eec58) returned 0x0
[0278.826] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0278.826] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0278.826] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0278.826] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0278.826] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.826] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0278.826] GetCurrentObject (hdc=0x8f0107c6, type=0x1) returned 0xb00017
[0278.827] GetCurrentObject (hdc=0x8f0107c6, type=0x2) returned 0x900010
[0278.827] GetCurrentObject (hdc=0x8f0107c6, type=0x7) returned 0x4a0507fe
[0278.827] GetCurrentObject (hdc=0x8f0107c6, type=0x6) returned 0x8a01c2
[0278.827] SaveDC (hdc=0x8f0107c6) returned 1
[0278.827] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x57040807
[0278.827] GetClipRgn (hdc=0x8f0107c6, hrgn=0x57040807) returned 0
[0278.827] SelectClipRgn (hdc=0x8f0107c6, hrgn=0xe60407de) returned 2
[0278.827] DeleteObject (ho=0x57040807) returned 1
[0278.827] DeleteObject (ho=0xe60407de) returned 1
[0278.827] OffsetViewportOrgEx (in: hdc=0x8f0107c6, x=0, y=0, lppt=0x2d8af50 | out: lppt=0x2d8af50) returned 1
[0278.827] IsAppThemed () returned 0x1
[0278.827] GetThemeAppProperties () returned 0x3
[0278.827] GetThemeAppProperties () returned 0x3
[0278.827] DrawThemeBackground () returned 0x0
[0278.827] RestoreDC (hdc=0x8f0107c6, nSavedDC=-1) returned 1
[0278.827] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107c6) returned 0x0
[0278.828] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0278.828] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0278.828] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0278.828] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0278.828] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e134) returned 0x0
[0278.828] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0278.828] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eead0) returned 0x0
[0278.828] LocalFree (hMem=0x11eead0) returned 0x0
[0278.828] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0278.828] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0278.828] LocalFree (hMem=0x11ee788) returned 0x0
[0278.828] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0278.828] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0278.828] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0278.828] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0278.828] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0278.828] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0278.828] GetCurrentObject (hdc=0x8f0107c6, type=0x1) returned 0xb00017
[0278.828] GetCurrentObject (hdc=0x8f0107c6, type=0x2) returned 0x900010
[0278.828] GetCurrentObject (hdc=0x8f0107c6, type=0x7) returned 0x4a0507fe
[0278.828] GetCurrentObject (hdc=0x8f0107c6, type=0x6) returned 0x8a01c2
[0278.829] SaveDC (hdc=0x8f0107c6) returned 1
[0278.829] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe70407de
[0278.829] GetClipRgn (hdc=0x8f0107c6, hrgn=0xe70407de) returned 0
[0278.829] SelectClipRgn (hdc=0x8f0107c6, hrgn=0x58040807) returned 2
[0278.829] DeleteObject (ho=0xe70407de) returned 1
[0278.829] DeleteObject (ho=0x58040807) returned 1
[0278.829] OffsetViewportOrgEx (in: hdc=0x8f0107c6, x=0, y=0, lppt=0x2d8b224 | out: lppt=0x2d8b224) returned 1
[0278.829] IsAppThemed () returned 0x1
[0278.829] GetThemeAppProperties () returned 0x3
[0278.829] GetThemeAppProperties () returned 0x3
[0278.829] GetThemeBackgroundContentRect () returned 0x0
[0278.829] RestoreDC (hdc=0x8f0107c6, nSavedDC=-1) returned 1
[0278.829] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107c6) returned 0x0
[0278.829] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0278.829] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0278.829] GdipFillRectangleI (graphics=0x6600030, brush=0x6659c70, x=4, y=4, width=67, height=15) returned 0x0
[0278.829] GdipDeleteBrush (brush=0x6659c70) returned 0x0
[0278.829] IsAppThemed () returned 0x1
[0278.829] GetThemeAppProperties () returned 0x3
[0278.829] GetThemeAppProperties () returned 0x3
[0278.829] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0278.830] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0278.830] GetCurrentObject (hdc=0x8f0107c6, type=0x1) returned 0xb00017
[0278.830] GetCurrentObject (hdc=0x8f0107c6, type=0x2) returned 0x900010
[0278.830] GetCurrentObject (hdc=0x8f0107c6, type=0x7) returned 0x4a0507fe
[0278.830] GetCurrentObject (hdc=0x8f0107c6, type=0x6) returned 0x8a01c2
[0278.830] SaveDC (hdc=0x8f0107c6) returned 1
[0278.830] GetTextAlign (hdc=0x8f0107c6) returned 0x0
[0278.830] GetTextColor (hdc=0x8f0107c6) returned 0x0
[0278.830] GetCurrentObject (hdc=0x8f0107c6, type=0x6) returned 0x8a01c2
[0278.830] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0278.830] SelectObject (hdc=0x8f0107c6, h=0x6d0a0520) returned 0x8a01c2
[0278.830] GetBkMode (hdc=0x8f0107c6) returned 2
[0278.830] SetBkMode (hdc=0x8f0107c6, mode=1) returned 2
[0278.830] DrawTextExW (in: hdc=0x8f0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d8b5e8 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0278.831] DrawTextExW (in: hdc=0x8f0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d8b5e8 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0278.831] RestoreDC (hdc=0x8f0107c6, nSavedDC=-1) returned 1
[0278.831] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107c6) returned 0x0
[0278.831] GetFocus () returned 0x602c4
[0278.831] IsAppThemed () returned 0x1
[0278.831] GetThemeAppProperties () returned 0x3
[0278.831] GetThemeAppProperties () returned 0x3
[0278.831] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0278.831] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x8f0107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0278.832] GdipReleaseDC (graphics=0x6600030, hdc=0x8f0107c6) returned 0x0
[0278.832] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0278.832] SelectObject (hdc=0x8f0107c6, h=0x85000f) returned 0x4a0507fe
[0278.832] DeleteDC (hdc=0x8f0107c6) returned 1
[0278.832] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0278.832] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0278.832] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d8b6e4, cPoints=0x1 | out: lpPoints=0x2d8b6e4) returned 40304859
[0278.832] WindowFromPoint (Point=0xfd) returned 0x602c4
[0278.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26d00fd) returned 0x1
[0278.832] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0278.832] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0278.832] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0278.832] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0278.832] GetSystemMetrics (nIndex=42) returned 0
[0278.833] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0278.833] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0278.834] GetCapture () returned 0x602c4
[0278.834] ReleaseCapture () returned 1
[0278.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0278.834] GetProcessWindowStation () returned 0x13c
[0278.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.835] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0278.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.835] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0278.835] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.835] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0278.836] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.836] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0278.836] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.836] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0278.836] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.836] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0278.836] GetDC (hWnd=0x0) returned 0x107b9
[0278.836] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0278.837] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0278.837] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0278.837] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0278.837] GetSystemMetrics (nIndex=5) returned 1
[0278.837] GetSystemMetrics (nIndex=6) returned 1
[0278.837] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.837] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0278.838] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.838] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0278.840] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0278.841] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0278.841] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.841] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0278.841] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.841] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0278.842] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d91100 | out: lpData=0x2d91100) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d91510, puLen=0xd7e810) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d911b8, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9120c, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9128c, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d912f4, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91334, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d913bc, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d913f8, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91450, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d91480, puLen=0xd7e790) returned 1
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.843] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d914bc, puLen=0xd7e790) returned 1
[0278.844] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.844] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d91510, puLen=0xd7e784) returned 1
[0278.844] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.844] VerQueryValueW (in: pBlock=0x2d91100, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d91128, puLen=0xd7e794) returned 1
[0278.844] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0278.844] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0278.844] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.845] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0278.845] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.845] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0278.845] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d93070 | out: lpData=0x2d93070) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9310c, puLen=0xd7e810) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d93184, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d931b4, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d931f0, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d93220, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d93268, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d932e0, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d93324, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d93364, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d93162, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d932b0, puLen=0xd7e790) returned 1
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.845] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.846] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9310c, puLen=0xd7e784) returned 1
[0278.846] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0278.846] VerQueryValueW (in: pBlock=0x2d93070, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d93098, puLen=0xd7e794) returned 1
[0278.846] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0278.846] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0278.846] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.847] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0278.847] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.847] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0278.847] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d95348 | out: lpData=0x2d95348) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9575c, puLen=0xd7e810) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d95400, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d95454, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d954b0, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d95510, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d95568, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d955f0, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d95644, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9569c, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d956cc, puLen=0xd7e790) returned 1
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.848] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d95708, puLen=0xd7e790) returned 1
[0278.849] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.849] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9575c, puLen=0xd7e784) returned 1
[0278.849] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.849] VerQueryValueW (in: pBlock=0x2d95348, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d95370, puLen=0xd7e794) returned 1
[0278.849] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0278.849] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0278.849] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.850] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0278.850] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.850] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0278.851] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d97980 | out: lpData=0x2d97980) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d97d80, puLen=0xd7e810) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97a38, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97a8c, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97acc, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97b34, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97b8c, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97c14, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97c68, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97cc0, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97cf0, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97d2c, puLen=0xd7e790) returned 1
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d97d80, puLen=0xd7e784) returned 1
[0278.852] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.852] VerQueryValueW (in: pBlock=0x2d97980, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d979a8, puLen=0xd7e794) returned 1
[0278.853] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0278.853] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0278.853] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.853] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0278.853] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.853] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0278.854] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d9a0bc | out: lpData=0x2d9a0bc) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9a484, puLen=0xd7e810) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a174, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a1c8, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a208, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a270, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a2ac, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a334, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a36c, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a3c4, puLen=0xd7e790) returned 1
[0278.855] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a3f4, puLen=0xd7e790) returned 1
[0278.856] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.856] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9a430, puLen=0xd7e790) returned 1
[0278.856] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.856] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9a484, puLen=0xd7e784) returned 1
[0278.856] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.856] VerQueryValueW (in: pBlock=0x2d9a0bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9a0e4, puLen=0xd7e794) returned 1
[0278.858] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0278.858] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0278.858] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.859] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0278.859] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.859] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0278.859] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d9d724 | out: lpData=0x2d9d724) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9db04, puLen=0xd7e810) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d7dc, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d830, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d870, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d8d0, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d91c, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d9a4, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d9ec, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9da44, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9da74, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9dab0, puLen=0xd7e790) returned 1
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.860] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9db04, puLen=0xd7e784) returned 1
[0278.861] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.861] VerQueryValueW (in: pBlock=0x2d9d724, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9d74c, puLen=0xd7e794) returned 1
[0278.861] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0278.861] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0278.862] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.862] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0278.862] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.862] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0278.863] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d9ff44 | out: lpData=0x2d9ff44) returned 1
[0278.863] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da0350, puLen=0xd7e810) returned 1
[0278.863] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9fffc, puLen=0xd7e790) returned 1
[0278.863] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0050, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da00a4, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0104, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da015c, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da01e4, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0238, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0290, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da02c0, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da02fc, puLen=0xd7e790) returned 1
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da0350, puLen=0xd7e784) returned 1
[0278.864] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.864] VerQueryValueW (in: pBlock=0x2d9ff44, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9ff6c, puLen=0xd7e794) returned 1
[0278.865] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0278.865] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0278.865] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.865] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0278.865] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.865] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0278.866] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2da2758 | out: lpData=0x2da2758) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da2b30, puLen=0xd7e810) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2810, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2864, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da28a4, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da290c, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2950, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da29d8, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2a18, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2a70, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2aa0, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da2adc, puLen=0xd7e790) returned 1
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da2b30, puLen=0xd7e784) returned 1
[0278.867] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.867] VerQueryValueW (in: pBlock=0x2da2758, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da2780, puLen=0xd7e794) returned 1
[0278.868] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0278.868] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0278.868] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.868] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0278.869] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.869] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0278.869] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2da4cb0 | out: lpData=0x2da4cb0) returned 1
[0278.870] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da5088, puLen=0xd7e810) returned 1
[0278.870] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4d68, puLen=0xd7e790) returned 1
[0278.870] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4dbc, puLen=0xd7e790) returned 1
[0278.870] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4dfc, puLen=0xd7e790) returned 1
[0278.870] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4e64, puLen=0xd7e790) returned 1
[0278.870] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4ea8, puLen=0xd7e790) returned 1
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4f30, puLen=0xd7e790) returned 1
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4f70, puLen=0xd7e790) returned 1
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4fc8, puLen=0xd7e790) returned 1
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da4ff8, puLen=0xd7e790) returned 1
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5034, puLen=0xd7e790) returned 1
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da5088, puLen=0xd7e784) returned 1
[0278.871] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.871] VerQueryValueW (in: pBlock=0x2da4cb0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da4cd8, puLen=0xd7e794) returned 1
[0278.872] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0278.872] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0278.872] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0278.874] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0278.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0278.874] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0278.874] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2da73e8 | out: lpData=0x2da73e8) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da7818, puLen=0xd7e810) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da74a0, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da74f4, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7564, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da75c4, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7620, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da76a8, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7700, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7758, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da7788, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da77c4, puLen=0xd7e790) returned 1
[0278.875] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0278.876] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da7818, puLen=0xd7e784) returned 1
[0278.876] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0278.876] VerQueryValueW (in: pBlock=0x2da73e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da7410, puLen=0xd7e794) returned 1
[0278.876] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0278.876] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.876] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0278.877] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.877] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0278.877] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d02de
[0278.877] SetWindowLongW (hWnd=0x2d02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0278.878] GetWindowLongW (hWnd=0x2d02de, nIndex=-4) returned 1950089536
[0278.878] SetWindowLongW (hWnd=0x2d02de, nIndex=-4, dwNewLong=19947278) returned 1950089536
[0278.878] GetWindowLongW (hWnd=0x2d02de, nIndex=-4) returned 19947278
[0278.878] GetWindowLongW (hWnd=0x2d02de, nIndex=-16) returned 113311744
[0278.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0278.878] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0278.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0278.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0278.879] GetClientRect (in: hWnd=0x2d02de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0278.879] GetWindowRect (in: hWnd=0x2d02de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0278.879] SetWindowTextW (hWnd=0x2d02de, lpString="WindowsFormsParkingWindow") returned 1
[0278.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0xc, wParam=0x0, lParam=0x2d6c8e4) returned 0x1
[0278.880] GetParent (hWnd=0x2d02de) returned 0x0
[0278.880] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0278.880] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2d02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2202d0
[0278.881] SetWindowLongW (hWnd=0x2202d0, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0278.881] GetWindowLongW (hWnd=0x2202d0, nIndex=-4) returned 1868147648
[0278.881] SetWindowLongW (hWnd=0x2202d0, nIndex=-4, dwNewLong=19947398) returned 1868147648
[0278.881] GetWindowLongW (hWnd=0x2202d0, nIndex=-4) returned 19947398
[0278.881] GetWindowLongW (hWnd=0x2202d0, nIndex=-16) returned 1174405133
[0278.881] GetWindowLongW (hWnd=0x2202d0, nIndex=-12) returned 0
[0278.881] SetWindowLongW (hWnd=0x2202d0, nIndex=-12, dwNewLong=2228944) returned 0
[0278.881] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0278.882] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0278.882] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0278.883] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0278.883] GetWindowRect (in: hWnd=0x2202d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0278.883] GetParent (hWnd=0x2202d0) returned 0x2d02de
[0278.883] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02de, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0278.883] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0278.883] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0278.883] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0278.883] GetWindowRect (in: hWnd=0x2202d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0278.883] GetParent (hWnd=0x2202d0) returned 0x2d02de
[0278.883] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02de, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0278.883] SendMessageW (hWnd=0x2202d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2202d0) returned 0x0
[0278.884] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2202d0) returned 0x0
[0278.884] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0278.884] GetParent (hWnd=0x2202d0) returned 0x2d02de
[0278.884] GdipCreateFromHWND (hwnd=0x2202d0, graphics=0xd7e844) returned 0x0
[0278.884] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0278.885] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0278.885] GetForegroundWindow () returned 0x602c4
[0278.885] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.885] GetCursorPos (in: lpPoint=0x2dab6f4 | out: lpPoint=0x2dab6f4*(x=253, y=621)) returned 1
[0278.885] MonitorFromPoint (pt=0xfd, dwFlags=0x26d) returned 0x10001
[0278.885] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0278.886] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x920107c6
[0278.886] GetDeviceCaps (hdc=0x920107c6, index=12) returned 32
[0278.886] GetDeviceCaps (hdc=0x920107c6, index=14) returned 1
[0278.886] DeleteDC (hdc=0x920107c6) returned 1
[0278.886] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0278.886] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0278.886] GetSystemMetrics (nIndex=59) returned 1460
[0278.886] GetSystemMetrics (nIndex=60) returned 920
[0278.886] GetSystemMetrics (nIndex=34) returned 136
[0278.886] GetSystemMetrics (nIndex=35) returned 39
[0278.886] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.886] GetCursorPos (in: lpPoint=0x2dab960 | out: lpPoint=0x2dab960*(x=253, y=621)) returned 1
[0278.887] MonitorFromPoint (pt=0xfd, dwFlags=0x26e) returned 0x10001
[0278.887] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0278.887] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x930107c6
[0278.887] GetDeviceCaps (hdc=0x930107c6, index=12) returned 32
[0278.887] GetDeviceCaps (hdc=0x930107c6, index=14) returned 1
[0278.887] DeleteDC (hdc=0x930107c6) returned 1
[0278.887] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0278.887] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0278.887] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.888] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0278.888] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2dabbf8 | out: piconinfo=0x2dabbf8) returned 1
[0278.888] GetObjectW (in: h=0xa70507f4, c=24, pv=0x2dabc14 | out: pv=0x2dabc14) returned 24
[0278.888] GdipCreateBitmapFromHBITMAP (hbm=0xa70507f4, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0278.889] GdipGetImageWidth (image=0x6603778, width=0xd7e750) returned 0x0
[0278.889] GdipGetImageHeight (image=0x6603778, height=0xd7e748) returned 0x0
[0278.889] GdipGetImagePixelFormat (image=0x6603778, format=0xd7e740) returned 0x0
[0278.889] GdipBitmapLockBits (bitmap=0x6603778, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2dabccc) returned 0x0
[0278.889] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0278.889] GdipBitmapLockBits (bitmap=0x6602a58, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2dabd04) returned 0x0
[0278.889] RtlMoveMemory (in: Destination=0x6660f58, Source=0x6662ee0, Length=0x80 | out: Destination=0x6660f58)
[0278.889] RtlMoveMemory (in: Destination=0x6660fd8, Source=0x6662e60, Length=0x80 | out: Destination=0x6660fd8)
[0278.889] RtlMoveMemory (in: Destination=0x6661058, Source=0x6662de0, Length=0x80 | out: Destination=0x6661058)
[0278.889] RtlMoveMemory (in: Destination=0x66610d8, Source=0x6662d60, Length=0x80 | out: Destination=0x66610d8)
[0278.889] RtlMoveMemory (in: Destination=0x6661158, Source=0x6662ce0, Length=0x80 | out: Destination=0x6661158)
[0278.889] RtlMoveMemory (in: Destination=0x66611d8, Source=0x6662c60, Length=0x80 | out: Destination=0x66611d8)
[0278.889] RtlMoveMemory (in: Destination=0x6661258, Source=0x6662be0, Length=0x80 | out: Destination=0x6661258)
[0278.889] RtlMoveMemory (in: Destination=0x66612d8, Source=0x6662b60, Length=0x80 | out: Destination=0x66612d8)
[0278.889] RtlMoveMemory (in: Destination=0x6661358, Source=0x6662ae0, Length=0x80 | out: Destination=0x6661358)
[0278.889] RtlMoveMemory (in: Destination=0x66613d8, Source=0x6662a60, Length=0x80 | out: Destination=0x66613d8)
[0278.889] RtlMoveMemory (in: Destination=0x6661458, Source=0x66629e0, Length=0x80 | out: Destination=0x6661458)
[0278.889] RtlMoveMemory (in: Destination=0x66614d8, Source=0x6662960, Length=0x80 | out: Destination=0x66614d8)
[0278.889] RtlMoveMemory (in: Destination=0x6661558, Source=0x66628e0, Length=0x80 | out: Destination=0x6661558)
[0278.889] RtlMoveMemory (in: Destination=0x66615d8, Source=0x6662860, Length=0x80 | out: Destination=0x66615d8)
[0278.890] RtlMoveMemory (in: Destination=0x6661658, Source=0x66627e0, Length=0x80 | out: Destination=0x6661658)
[0278.890] RtlMoveMemory (in: Destination=0x66616d8, Source=0x6662760, Length=0x80 | out: Destination=0x66616d8)
[0278.890] RtlMoveMemory (in: Destination=0x6661758, Source=0x66626e0, Length=0x80 | out: Destination=0x6661758)
[0278.890] RtlMoveMemory (in: Destination=0x66617d8, Source=0x6662660, Length=0x80 | out: Destination=0x66617d8)
[0278.890] RtlMoveMemory (in: Destination=0x6661858, Source=0x66625e0, Length=0x80 | out: Destination=0x6661858)
[0278.890] RtlMoveMemory (in: Destination=0x66618d8, Source=0x6662560, Length=0x80 | out: Destination=0x66618d8)
[0278.890] RtlMoveMemory (in: Destination=0x6661958, Source=0x66624e0, Length=0x80 | out: Destination=0x6661958)
[0278.890] RtlMoveMemory (in: Destination=0x66619d8, Source=0x6662460, Length=0x80 | out: Destination=0x66619d8)
[0278.890] RtlMoveMemory (in: Destination=0x6661a58, Source=0x66623e0, Length=0x80 | out: Destination=0x6661a58)
[0278.890] RtlMoveMemory (in: Destination=0x6661ad8, Source=0x6662360, Length=0x80 | out: Destination=0x6661ad8)
[0278.890] RtlMoveMemory (in: Destination=0x6661b58, Source=0x66622e0, Length=0x80 | out: Destination=0x6661b58)
[0278.890] RtlMoveMemory (in: Destination=0x6661bd8, Source=0x6662260, Length=0x80 | out: Destination=0x6661bd8)
[0278.890] RtlMoveMemory (in: Destination=0x6661c58, Source=0x66621e0, Length=0x80 | out: Destination=0x6661c58)
[0278.890] RtlMoveMemory (in: Destination=0x6661cd8, Source=0x6662160, Length=0x80 | out: Destination=0x6661cd8)
[0278.890] RtlMoveMemory (in: Destination=0x6661d58, Source=0x66620e0, Length=0x80 | out: Destination=0x6661d58)
[0278.890] RtlMoveMemory (in: Destination=0x6661dd8, Source=0x6662060, Length=0x80 | out: Destination=0x6661dd8)
[0278.890] RtlMoveMemory (in: Destination=0x6661e58, Source=0x6661fe0, Length=0x80 | out: Destination=0x6661e58)
[0278.890] RtlMoveMemory (in: Destination=0x6661ed8, Source=0x6661f60, Length=0x80 | out: Destination=0x6661ed8)
[0278.890] GdipBitmapUnlockBits (bitmap=0x6603778, lockedBitmapData=0x2dabccc) returned 0x0
[0278.890] GdipBitmapUnlockBits (bitmap=0x6602a58, lockedBitmapData=0x2dabd04) returned 0x0
[0278.890] GdipDisposeImage (image=0x6603778) returned 0x0
[0278.890] DeleteObject (ho=0xa70507f4) returned 1
[0278.891] DeleteObject (ho=0x940507c6) returned 1
[0278.891] GetCurrentThreadId () returned 0xf50
[0278.891] GetCurrentThreadId () returned 0xf50
[0278.891] SetWindowPos (hWnd=0x2202d0, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0278.891] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0278.891] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0278.891] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0278.891] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0278.891] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0278.891] GetWindowRect (in: hWnd=0x2202d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0278.891] GetParent (hWnd=0x2202d0) returned 0x2d02de
[0278.891] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02de, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0278.891] InvalidateRect (hWnd=0x2202d0, lpRect=0x0, bErase=1) returned 1
[0278.892] GetWindowTextLengthW (hWnd=0x2202d0) returned 0
[0278.892] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0278.892] GetSystemMetrics (nIndex=42) returned 0
[0278.892] GetWindowTextW (in: hWnd=0x2202d0, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0278.892] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0278.892] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0278.892] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0278.892] GetWindowRect (in: hWnd=0x2202d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0278.892] GetParent (hWnd=0x2202d0) returned 0x2d02de
[0278.892] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02de, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0278.892] GetWindowTextLengthW (hWnd=0x2202d0) returned 0
[0278.892] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0278.892] GetSystemMetrics (nIndex=42) returned 0
[0278.892] GetWindowTextW (in: hWnd=0x2202d0, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0278.892] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0278.892] GetWindowTextLengthW (hWnd=0x2202d0) returned 0
[0278.892] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0278.892] GetSystemMetrics (nIndex=42) returned 0
[0278.892] GetWindowTextW (in: hWnd=0x2202d0, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0278.893] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0278.893] SetWindowTextW (hWnd=0x2202d0, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0278.893] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xc, wParam=0x0, lParam=0x2d8ccd8) returned 0x1
[0278.893] InvalidateRect (hWnd=0x2202d0, lpRect=0x0, bErase=1) returned 1
[0278.893] GetCurrentThreadId () returned 0xf50
[0278.893] GetWindowThreadProcessId (in: hWnd=0x2202d0, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0278.893] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0278.894] GdipImageForceValidation (image=0x6603778) returned 0x0
[0278.895] GdipGetImageRawFormat (image=0x6603778, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0278.895] GdipGetImageHeight (image=0x6603778, height=0xd7e824) returned 0x0
[0278.896] GdipGetImageWidth (image=0x6603778, width=0xd7e824) returned 0x0
[0278.896] GdipGetImageWidth (image=0x6603778, width=0xd7e810) returned 0x0
[0278.896] GdipGetImageHeight (image=0x6603778, height=0xd7e810) returned 0x0
[0278.896] GdipGetImageWidth (image=0x6603778, width=0xd7e800) returned 0x0
[0278.896] GdipGetImageHeight (image=0x6603778, height=0xd7e800) returned 0x0
[0278.896] GdipBitmapGetPixel (bitmap=0x6603778, x=0, y=15, color=0xd7e810) returned 0x0
[0278.896] GdipGetImageRawFormat (image=0x6603778, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0278.896] GdipGetImageWidth (image=0x6603778, width=0xd7e740) returned 0x0
[0278.896] GdipGetImageHeight (image=0x6603778, height=0xd7e740) returned 0x0
[0278.896] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0278.896] GdipGetImagePixelFormat (image=0x6601360, format=0xd7e740) returned 0x0
[0278.896] GdipGetImageGraphicsContext (image=0x6601360, graphics=0xd7e74c) returned 0x0
[0278.896] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0278.896] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0278.896] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0278.896] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603778, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0278.897] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0278.897] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0278.897] GdipDisposeImage (image=0x6603778) returned 0x0
[0278.897] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0278.898] GdipImageForceValidation (image=0x6603778) returned 0x0
[0278.899] GdipGetImageRawFormat (image=0x6603778, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0278.899] GdipGetImageHeight (image=0x6603778, height=0xd7e824) returned 0x0
[0278.899] GdipGetImageWidth (image=0x6603778, width=0xd7e824) returned 0x0
[0278.899] GdipGetImageWidth (image=0x6603778, width=0xd7e810) returned 0x0
[0278.899] GdipGetImageHeight (image=0x6603778, height=0xd7e810) returned 0x0
[0278.899] GdipGetImageWidth (image=0x6603778, width=0xd7e800) returned 0x0
[0278.899] GdipGetImageHeight (image=0x6603778, height=0xd7e800) returned 0x0
[0278.900] GdipBitmapGetPixel (bitmap=0x6603778, x=0, y=15, color=0xd7e810) returned 0x0
[0278.900] GdipGetImageRawFormat (image=0x6603778, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0278.900] GdipGetImageWidth (image=0x6603778, width=0xd7e740) returned 0x0
[0278.900] GdipGetImageHeight (image=0x6603778, height=0xd7e740) returned 0x0
[0278.900] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0278.900] GdipGetImagePixelFormat (image=0x6603e08, format=0xd7e740) returned 0x0
[0278.900] GdipGetImageGraphicsContext (image=0x6603e08, graphics=0xd7e74c) returned 0x0
[0278.900] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0278.900] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0278.900] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0278.900] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603778, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0278.900] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0278.900] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0278.900] GdipDisposeImage (image=0x6603778) returned 0x0
[0278.901] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.901] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0278.901] GetCurrentThreadId () returned 0xf50
[0278.901] GetCurrentThreadId () returned 0xf50
[0278.901] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.901] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0278.901] GetCurrentThreadId () returned 0xf50
[0278.901] GetCurrentThreadId () returned 0xf50
[0278.902] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.902] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0278.902] GetCurrentThreadId () returned 0xf50
[0278.902] GetCurrentThreadId () returned 0xf50
[0278.902] GetSystemMetrics (nIndex=5) returned 1
[0278.902] GetSystemMetrics (nIndex=6) returned 1
[0278.902] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.902] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0278.902] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.902] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0278.903] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.903] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0278.903] GetCurrentThreadId () returned 0xf50
[0278.903] GetCurrentThreadId () returned 0xf50
[0278.903] GetProcessWindowStation () returned 0x13c
[0278.903] GetCapture () returned 0x0
[0278.903] GetActiveWindow () returned 0x7005c
[0278.903] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0278.903] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.904] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0278.904] GetCursorPos (in: lpPoint=0x2dace44 | out: lpPoint=0x2dace44*(x=253, y=621)) returned 1
[0278.904] MonitorFromPoint (pt=0xfd, dwFlags=0x26d) returned 0x10001
[0278.904] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0278.904] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x950107c6
[0278.904] GetDeviceCaps (hdc=0x950107c6, index=12) returned 32
[0278.904] GetDeviceCaps (hdc=0x950107c6, index=14) returned 1
[0278.904] DeleteDC (hdc=0x950107c6) returned 1
[0278.904] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0278.905] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0278.905] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3000ea
[0278.905] SetWindowLongW (hWnd=0x3000ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0278.905] GetWindowLongW (hWnd=0x3000ea, nIndex=-4) returned 1950089536
[0278.905] SetWindowLongW (hWnd=0x3000ea, nIndex=-4, dwNewLong=19947518) returned 1950089536
[0278.906] GetWindowLongW (hWnd=0x3000ea, nIndex=-4) returned 19947518
[0278.906] GetWindowLongW (hWnd=0x3000ea, nIndex=-16) returned 113770496
[0278.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0278.906] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0278.907] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0278.907] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0278.907] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0278.908] SetWindowTextW (hWnd=0x3000ea, lpString="Microsoft .NET Framework") returned 1
[0278.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xc, wParam=0x0, lParam=0x2c2f45c) returned 0x1
[0278.908] GetStartupInfoW (in: lpStartupInfo=0x2dad180 | out: lpStartupInfo=0x2dad180*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0278.910] GetParent (hWnd=0x3000ea) returned 0x0
[0278.910] SetWindowLongW (hWnd=0x3000ea, nIndex=-8, dwNewLong=0) returned 0
[0278.911] SendMessageW (hWnd=0x3000ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0278.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0278.911] SendMessageW (hWnd=0x3000ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0278.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0278.911] GetSystemMenu (hWnd=0x3000ea, bRevert=0) returned 0x6f0113
[0278.912] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0278.912] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0278.912] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0278.912] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0278.912] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0278.912] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0278.912] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0278.912] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0278.912] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0278.912] SetWindowPos (hWnd=0x3000ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0278.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0278.913] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3000ea) returned 0x1
[0278.915] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0278.915] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0278.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0278.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0278.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0278.922] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3000ea, lParam=0x0) returned 0x0
[0278.922] GetCapture () returned 0x0
[0278.922] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0278.923] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0278.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0278.926] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0278.926] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0278.927] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0278.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0278.927] GetParent (hWnd=0x3000ea) returned 0x0
[0278.927] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0278.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0278.930] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0278.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0278.930] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0278.930] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0278.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0278.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0278.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0278.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.933] GetWindowLongW (hWnd=0x3000ea, nIndex=-16) returned 113770496
[0278.933] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0278.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0278.933] GetSystemMetrics (nIndex=42) returned 0
[0278.933] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0278.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0278.933] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0278.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0278.933] GetSystemMetrics (nIndex=42) returned 0
[0278.933] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0278.933] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0278.933] GetCursorPos (in: lpPoint=0x2dad44c | out: lpPoint=0x2dad44c*(x=253, y=621)) returned 1
[0278.934] MonitorFromPoint (pt=0xfd, dwFlags=0x26d) returned 0x10001
[0278.934] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0278.934] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xef0107f1
[0278.934] GetDeviceCaps (hdc=0xef0107f1, index=12) returned 32
[0278.934] GetDeviceCaps (hdc=0xef0107f1, index=14) returned 1
[0278.934] DeleteDC (hdc=0xef0107f1) returned 1
[0278.934] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0278.943] GetWindowLongW (hWnd=0x3000ea, nIndex=-16) returned 113770496
[0278.943] GetWindowLongW (hWnd=0x3000ea, nIndex=-20) returned 327945
[0278.943] SetWindowLongW (hWnd=0x3000ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0278.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0278.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0278.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0278.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0278.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0278.946] SetWindowLongW (hWnd=0x3000ea, nIndex=-20, dwNewLong=327681) returned 327945
[0278.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0278.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0278.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0278.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0278.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0278.949] SetWindowPos (hWnd=0x3000ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0278.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0278.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0278.950] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0278.950] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0278.950] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0278.950] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0278.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0278.952] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0278.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0278.953] RedrawWindow (hWnd=0x3000ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0278.953] GetSystemMenu (hWnd=0x3000ea, bRevert=0) returned 0x6f0113
[0278.953] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0278.953] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0278.953] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0278.953] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0278.953] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0278.954] EnableMenuItem (hMenu=0x6f0113, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0278.954] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0278.954] GetWindowLongW (hWnd=0x3000ea, nIndex=-8) returned 0
[0278.954] SetWindowLongW (hWnd=0x3000ea, nIndex=-8, dwNewLong=458844) returned 0
[0278.955] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0278.955] GetProcessWindowStation () returned 0x13c
[0278.955] GetCurrentThreadId () returned 0xf50
[0278.956] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306206, lParam=0x0) returned 1
[0278.956] IsWindowVisible (hWnd=0x3000ea) returned 0
[0278.956] IsWindowVisible (hWnd=0x7005c) returned 1
[0278.956] IsWindowEnabled (hWnd=0x7005c) returned 1
[0278.956] IsWindowVisible (hWnd=0x300ec) returned 0
[0278.956] IsWindowVisible (hWnd=0x502c6) returned 0
[0278.956] IsWindowVisible (hWnd=0x502be) returned 0
[0278.956] GetActiveWindow () returned 0x3000ea
[0278.956] GetFocus () returned 0x3000ea
[0278.956] IsWindow (hWnd=0x7005c) returned 1
[0278.956] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0278.956] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0278.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0278.957] GetWindowLongW (hWnd=0x3000ea, nIndex=-8) returned 458844
[0278.957] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0278.957] GetCurrentThreadId () returned 0xf50
[0278.958] GetWindowLongW (hWnd=0x3000ea, nIndex=-8) returned 458844
[0278.958] IsWindowEnabled (hWnd=0x7005c) returned 0
[0278.958] IsWindowEnabled (hWnd=0x3000ea) returned 1
[0278.958] ShowWindow (hWnd=0x3000ea, nCmdShow=5) returned 0
[0278.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0278.958] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0278.958] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.959] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0278.959] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3000ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2702c8
[0278.959] SetWindowLongW (hWnd=0x2702c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0278.960] GetWindowLongW (hWnd=0x2702c8, nIndex=-4) returned 1950089536
[0278.960] SetWindowLongW (hWnd=0x2702c8, nIndex=-4, dwNewLong=19948438) returned 1950089536
[0278.960] GetWindowLongW (hWnd=0x2702c8, nIndex=-4) returned 19948438
[0278.960] GetWindowLongW (hWnd=0x2702c8, nIndex=-16) returned 1174405120
[0278.960] GetWindowLongW (hWnd=0x2702c8, nIndex=-12) returned 0
[0278.960] SetWindowLongW (hWnd=0x2702c8, nIndex=-12, dwNewLong=2556616) returned 0
[0278.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0278.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0278.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0278.961] GetWindow (hWnd=0x2702c8, uCmd=0x3) returned 0x0
[0278.961] GetClientRect (in: hWnd=0x2702c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0278.961] GetWindowRect (in: hWnd=0x2702c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0278.961] GetParent (hWnd=0x2702c8) returned 0x3000ea
[0278.961] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0278.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0278.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0278.962] GetClientRect (in: hWnd=0x2702c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0278.962] GetWindowRect (in: hWnd=0x2702c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0278.962] GetParent (hWnd=0x2702c8) returned 0x3000ea
[0278.962] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0278.962] SendMessageW (hWnd=0x2702c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2702c8) returned 0x0
[0278.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2702c8) returned 0x0
[0278.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0278.963] GetParent (hWnd=0x2702c8) returned 0x3000ea
[0278.963] GetParent (hWnd=0x2202d0) returned 0x2d02de
[0278.963] SetParent (hWndChild=0x2202d0, hWndNewParent=0x3000ea) returned 0x2d02de
[0278.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0278.964] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0278.964] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0278.964] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0278.964] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0278.964] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0278.964] GetWindowRect (in: hWnd=0x2202d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0278.964] GetParent (hWnd=0x2202d0) returned 0x3000ea
[0278.964] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0278.964] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0278.964] GetWindowRect (in: hWnd=0x2202d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0278.964] GetParent (hWnd=0x2202d0) returned 0x3000ea
[0278.965] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0278.965] GetParent (hWnd=0x2202d0) returned 0x3000ea
[0278.965] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0278.965] GetWindow (hWnd=0x2202d0, uCmd=0x3) returned 0x0
[0278.965] SetWindowPos (hWnd=0x2202d0, hWndInsertAfter=0x2702c8, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0278.965] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0278.966] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0278.966] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0278.966] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0278.966] GetWindowRect (in: hWnd=0x2202d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0278.966] GetParent (hWnd=0x2202d0) returned 0x3000ea
[0278.966] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0278.966] GetParent (hWnd=0x2202d0) returned 0x3000ea
[0278.966] GetWindow (hWnd=0x2202d0, uCmd=0x3) returned 0x2702c8
[0278.967] GetWindowThreadProcessId (in: hWnd=0x2202d0, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0278.967] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0278.967] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.968] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0278.968] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3000ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f02d8
[0278.968] SetWindowLongW (hWnd=0x2f02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0278.968] GetWindowLongW (hWnd=0x2f02d8, nIndex=-4) returned 1868032000
[0278.969] SetWindowLongW (hWnd=0x2f02d8, nIndex=-4, dwNewLong=19948198) returned 1868032000
[0278.969] GetWindowLongW (hWnd=0x2f02d8, nIndex=-4) returned 19948198
[0278.969] GetWindowLongW (hWnd=0x2f02d8, nIndex=-16) returned 1174470667
[0278.969] GetWindowLongW (hWnd=0x2f02d8, nIndex=-12) returned 0
[0278.969] SetWindowLongW (hWnd=0x2f02d8, nIndex=-12, dwNewLong=3080920) returned 0
[0278.969] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0278.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0278.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0278.971] SendMessageW (hWnd=0x2f02d8, Msg=0x2055, wParam=0x2f02d8, lParam=0x3) returned 0x2
[0278.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0278.971] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0278.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0278.971] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0278.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0278.972] RedrawWindow (hWnd=0x2702c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0278.973] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0278.973] RedrawWindow (hWnd=0x2202d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0278.973] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0278.973] RedrawWindow (hWnd=0x2f02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0278.973] RedrawWindow (hWnd=0x3000ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0278.973] GetWindow (hWnd=0x2f02d8, uCmd=0x3) returned 0x2202d0
[0278.973] GetClientRect (in: hWnd=0x2f02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0278.973] GetWindowRect (in: hWnd=0x2f02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0278.973] GetParent (hWnd=0x2f02d8) returned 0x3000ea
[0278.973] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0278.974] SetWindowTextW (hWnd=0x2f02d8, lpString="&Details") returned 1
[0278.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0278.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0278.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0278.975] GetClientRect (in: hWnd=0x2f02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0278.975] GetWindowRect (in: hWnd=0x2f02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0278.975] GetParent (hWnd=0x2f02d8) returned 0x3000ea
[0278.975] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0278.975] SendMessageW (hWnd=0x2f02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2f02d8) returned 0x0
[0278.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x2f02d8) returned 0x0
[0278.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0278.975] GetParent (hWnd=0x2f02d8) returned 0x3000ea
[0278.976] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0278.976] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0278.977] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0278.977] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3000ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d02da
[0278.977] SetWindowLongW (hWnd=0x2d02da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0278.977] GetWindowLongW (hWnd=0x2d02da, nIndex=-4) returned 1868032000
[0278.978] SetWindowLongW (hWnd=0x2d02da, nIndex=-4, dwNewLong=19948518) returned 1868032000
[0278.978] GetWindowLongW (hWnd=0x2d02da, nIndex=-4) returned 19948518
[0278.978] GetWindowLongW (hWnd=0x2d02da, nIndex=-16) returned 1174470667
[0278.978] GetWindowLongW (hWnd=0x2d02da, nIndex=-12) returned 0
[0278.978] SetWindowLongW (hWnd=0x2d02da, nIndex=-12, dwNewLong=2949850) returned 0
[0278.978] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0278.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0278.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0278.981] SendMessageW (hWnd=0x2d02da, Msg=0x2055, wParam=0x2d02da, lParam=0x3) returned 0x2
[0278.981] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0278.981] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0278.981] GetWindow (hWnd=0x2d02da, uCmd=0x3) returned 0x2f02d8
[0278.981] GetClientRect (in: hWnd=0x2d02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0278.981] GetWindowRect (in: hWnd=0x2d02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0278.981] GetParent (hWnd=0x2d02da) returned 0x3000ea
[0278.981] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0279.011] SetWindowTextW (hWnd=0x2d02da, lpString="&Continue") returned 1
[0279.011] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0279.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0279.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0279.012] GetClientRect (in: hWnd=0x2d02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0279.012] GetWindowRect (in: hWnd=0x2d02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0279.012] GetParent (hWnd=0x2d02da) returned 0x3000ea
[0279.012] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0279.012] SendMessageW (hWnd=0x2d02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2d02da) returned 0x0
[0279.012] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2d02da) returned 0x0
[0279.013] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0279.014] GetParent (hWnd=0x2d02da) returned 0x3000ea
[0279.014] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0279.014] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0279.015] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0279.015] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3000ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2302ce
[0279.026] SetWindowLongW (hWnd=0x2302ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0279.026] GetWindowLongW (hWnd=0x2302ce, nIndex=-4) returned 1868032000
[0279.026] SetWindowLongW (hWnd=0x2302ce, nIndex=-4, dwNewLong=19947918) returned 1868032000
[0279.026] GetWindowLongW (hWnd=0x2302ce, nIndex=-4) returned 19947918
[0279.026] GetWindowLongW (hWnd=0x2302ce, nIndex=-16) returned 1174470667
[0279.026] GetWindowLongW (hWnd=0x2302ce, nIndex=-12) returned 0
[0279.026] SetWindowLongW (hWnd=0x2302ce, nIndex=-12, dwNewLong=2294478) returned 0
[0279.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0279.027] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0279.027] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0279.029] SendMessageW (hWnd=0x2302ce, Msg=0x2055, wParam=0x2302ce, lParam=0x3) returned 0x2
[0279.029] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0279.029] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0279.029] GetWindow (hWnd=0x2302ce, uCmd=0x3) returned 0x2d02da
[0279.029] GetClientRect (in: hWnd=0x2302ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0279.029] GetWindowRect (in: hWnd=0x2302ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0279.029] GetParent (hWnd=0x2302ce) returned 0x3000ea
[0279.029] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0279.030] SetWindowTextW (hWnd=0x2302ce, lpString="&Quit") returned 1
[0279.030] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0279.030] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0279.030] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0279.030] GetClientRect (in: hWnd=0x2302ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0279.030] GetWindowRect (in: hWnd=0x2302ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0279.030] GetParent (hWnd=0x2302ce) returned 0x3000ea
[0279.030] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0279.031] SendMessageW (hWnd=0x2302ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2302ce) returned 0x0
[0279.031] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2302ce) returned 0x0
[0279.031] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0279.032] GetParent (hWnd=0x2302ce) returned 0x3000ea
[0279.032] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0279.032] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0279.033] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0279.033] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3000ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d02dc
[0279.033] SetWindowLongW (hWnd=0x2d02dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0279.033] GetWindowLongW (hWnd=0x2d02dc, nIndex=-4) returned 1868026976
[0279.034] SetWindowLongW (hWnd=0x2d02dc, nIndex=-4, dwNewLong=19948398) returned 1868026976
[0279.034] GetWindowLongW (hWnd=0x2d02dc, nIndex=-4) returned 19948398
[0279.034] GetWindowLongW (hWnd=0x2d02dc, nIndex=-16) returned 1177553092
[0279.034] GetWindowLongW (hWnd=0x2d02dc, nIndex=-12) returned 0
[0279.034] SetWindowLongW (hWnd=0x2d02dc, nIndex=-12, dwNewLong=2949852) returned 0
[0279.034] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0279.035] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0279.036] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0279.062] GetWindow (hWnd=0x2d02dc, uCmd=0x3) returned 0x2302ce
[0279.062] GetClientRect (in: hWnd=0x2d02dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0279.063] GetWindowRect (in: hWnd=0x2d02dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0279.063] GetParent (hWnd=0x2d02dc) returned 0x3000ea
[0279.063] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0279.063] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.063] GetSystemMetrics (nIndex=42) returned 0
[0279.063] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0279.063] SendMessageW (hWnd=0x2d02dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0279.063] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0279.069] SetWindowTextW (hWnd=0x2d02dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0279.069] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0xc, wParam=0x0, lParam=0x2da9140) returned 0x1
[0279.071] GetSystemMetrics (nIndex=5) returned 1
[0279.071] GetSystemMetrics (nIndex=6) returned 1
[0279.071] SendMessageW (hWnd=0x2d02dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0279.071] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0279.073] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0279.074] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0279.074] GetClientRect (in: hWnd=0x2d02dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0279.074] GetWindowRect (in: hWnd=0x2d02dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0279.074] GetParent (hWnd=0x2d02dc) returned 0x3000ea
[0279.074] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3000ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0279.074] SendMessageW (hWnd=0x2d02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2d02dc) returned 0x0
[0279.074] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2d02dc) returned 0x0
[0279.074] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0279.074] GetParent (hWnd=0x2d02dc) returned 0x3000ea
[0279.074] GetWindowLongW (hWnd=0x3000ea, nIndex=-8) returned 458844
[0279.074] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0279.075] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0279.075] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf60107f1
[0279.075] GetDeviceCaps (hdc=0xf60107f1, index=12) returned 32
[0279.075] GetDeviceCaps (hdc=0xf60107f1, index=14) returned 1
[0279.075] DeleteDC (hdc=0xf60107f1) returned 1
[0279.076] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0279.076] GetWindowThreadProcessId (in: hWnd=0x3000ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0279.076] GetCurrentThreadId () returned 0xf50
[0279.076] PostMessageW (hWnd=0x3000ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0279.076] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.076] GetSystemMetrics (nIndex=42) returned 0
[0279.076] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0279.076] GdipImageGetFrameDimensionsCount (image=0x6602a58, count=0xd7e25c) returned 0x0
[0279.076] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201670
[0279.076] GdipImageGetFrameDimensionsList (image=0x6602a58, dimensionIDs=0x1201670*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0279.076] LocalFree (hMem=0x1201670) returned 0x0
[0279.076] GdipImageGetFrameDimensionsCount (image=0x6601360, count=0xd7e250) returned 0x0
[0279.077] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12016b8
[0279.077] GdipImageGetFrameDimensionsList (image=0x6601360, dimensionIDs=0x12016b8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0279.077] LocalFree (hMem=0x12016b8) returned 0x0
[0279.077] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0279.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0279.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0279.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0279.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0279.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0279.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0279.090] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0279.090] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0279.090] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.090] GetSystemMetrics (nIndex=42) returned 0
[0279.090] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0279.095] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0279.095] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0279.095] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0279.095] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x550507ee
[0279.095] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0279.095] SaveDC (hdc=0x10105d6) returned 1
[0279.095] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0279.095] CreateSolidBrush (color=0xf0f0f0) returned 0xc1007e1
[0279.095] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0xc1007e1) returned 1
[0279.096] DeleteObject (ho=0xc1007e1) returned 1
[0279.096] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0279.096] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0279.096] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0279.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0279.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0279.097] GetStockObject (i=5) returned 0x900015
[0279.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0279.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0279.097] GetStockObject (i=5) returned 0x900015
[0279.098] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0279.098] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0279.098] GetStockObject (i=5) returned 0x900015
[0279.098] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0279.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0279.098] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0279.098] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0279.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0279.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0279.100] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0279.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0279.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0279.101] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0279.101] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0279.101] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.101] InvalidateRect (hWnd=0x2f02d8, lpRect=0x0, bErase=0) returned 1
[0279.101] GetFocus () returned 0x3000ea
[0279.101] GetFocus () returned 0x3000ea
[0279.101] SetFocus (hWnd=0x2f02d8) returned 0x3000ea
[0279.102] GetFocus () returned 0x2f02d8
[0279.102] IsChild (hWndParent=0x3000ea, hWnd=0x2f02d8) returned 1
[0279.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x8, wParam=0x2f02d8, lParam=0x0) returned 0x0
[0279.103] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0279.105] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0279.107] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0279.107] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x7, wParam=0x3000ea, lParam=0x0) returned 0x0
[0279.107] GetStockObject (i=5) returned 0x900015
[0279.107] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0279.107] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0279.107] GetDlgItem (hDlg=0x3000ea, nIDDlgItem=3080920) returned 0x2f02d8
[0279.107] SendMessageW (hWnd=0x2f02d8, Msg=0x202b, wParam=0x2f02d8, lParam=0xd7e0dc) returned 0x0
[0279.107] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x202b, wParam=0x2f02d8, lParam=0xd7e0dc) returned 0x0
[0279.108] InvalidateRect (hWnd=0x2f02d8, lpRect=0x0, bErase=0) returned 1
[0279.110] GetFocus () returned 0x2f02d8
[0279.110] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.110] IsWindowUnicode (hWnd=0x3000ea) returned 1
[0279.110] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.110] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.110] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.110] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0279.111] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.111] IsWindowUnicode (hWnd=0x3000ea) returned 1
[0279.111] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.111] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.111] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.111] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0279.112] IsWindowUnicode (hWnd=0x3000ea) returned 1
[0279.112] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.112] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.112] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.112] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.112] IsWindowUnicode (hWnd=0x602c4) returned 1
[0279.112] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.112] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.112] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.112] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0279.112] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0279.112] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.114] IsWindowUnicode (hWnd=0x3000ea) returned 1
[0279.114] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.114] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.114] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.114] BeginPaint (in: hWnd=0x3000ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0279.114] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.114] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.114] GetSystemMetrics (nIndex=42) returned 0
[0279.115] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0279.115] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.115] EndPaint (hWnd=0x3000ea, lpPaint=0xd7e274) returned 1
[0279.115] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.115] IsWindowUnicode (hWnd=0x2702c8) returned 1
[0279.115] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.115] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.115] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.115] BeginPaint (in: hWnd=0x2702c8, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0279.115] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.116] CreateCompatibleDC (hdc=0x60100ce) returned 0x6f010781
[0279.116] SelectObject (hdc=0x6f010781, h=0x4a0507fe) returned 0x85000f
[0279.116] GdipCreateFromHDC (hdc=0x6f010781, graphics=0xd7e2b0) returned 0x0
[0279.116] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.116] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0279.116] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0279.116] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0279.116] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e310) returned 0x0
[0279.116] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0279.116] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0279.116] LocalFree (hMem=0x11ee8d8) returned 0x0
[0279.116] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0279.117] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0279.117] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0279.117] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e304) returned 0x0
[0279.117] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0279.117] GetWindowTextLengthW (hWnd=0x2702c8) returned 0
[0279.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0279.117] GetSystemMetrics (nIndex=42) returned 0
[0279.117] GetWindowTextW (in: hWnd=0x2702c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0279.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0279.117] GetClientRect (in: hWnd=0x2702c8, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0279.117] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0279.117] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0279.117] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0279.117] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0279.117] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e164) returned 0x0
[0279.117] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0279.117] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0279.117] LocalFree (hMem=0x11eecc8) returned 0x0
[0279.118] GdipCombineRegionRegion (region=0x6646328, region2=0x6646f88, combineMode=0x1) returned 0x0
[0279.118] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0279.118] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea98) returned 0x0
[0279.118] LocalFree (hMem=0x11eea98) returned 0x0
[0279.118] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0279.118] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0279.118] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0279.118] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0279.118] GdipDeleteRegion (region=0x6646328) returned 0x0
[0279.118] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0279.118] GetCurrentObject (hdc=0x6f010781, type=0x1) returned 0xb00017
[0279.118] GetCurrentObject (hdc=0x6f010781, type=0x2) returned 0x900010
[0279.118] GetCurrentObject (hdc=0x6f010781, type=0x7) returned 0x4a0507fe
[0279.118] GetCurrentObject (hdc=0x6f010781, type=0x6) returned 0x8a01c2
[0279.118] SaveDC (hdc=0x6f010781) returned 1
[0279.119] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x59040807
[0279.119] GetClipRgn (hdc=0x6f010781, hrgn=0x59040807) returned 0
[0279.119] SelectClipRgn (hdc=0x6f010781, hrgn=0xea0407de) returned 2
[0279.119] DeleteObject (ho=0x59040807) returned 1
[0279.119] DeleteObject (ho=0xea0407de) returned 1
[0279.119] OffsetViewportOrgEx (in: hdc=0x6f010781, x=0, y=0, lppt=0x2daecd8 | out: lppt=0x2daecd8) returned 1
[0279.119] GetNearestColor (hdc=0x6f010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.119] CreateSolidBrush (color=0xf0f0f0) returned 0xd1007e1
[0279.119] FillRect (hDC=0x6f010781, lprc=0xd7e198, hbr=0xd1007e1) returned 1
[0279.119] DeleteObject (ho=0xd1007e1) returned 1
[0279.119] RestoreDC (hdc=0x6f010781, nSavedDC=-1) returned 1
[0279.119] GdipReleaseDC (graphics=0x6600030, hdc=0x6f010781) returned 0x0
[0279.119] GdipRestoreGraphics (graphics=0x6600030, state=0xf6ce0dbd) returned 0x0
[0279.119] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0279.120] GetWindowTextLengthW (hWnd=0x2702c8) returned 0
[0279.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0279.120] GetSystemMetrics (nIndex=42) returned 0
[0279.120] GetWindowTextW (in: hWnd=0x2702c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0279.120] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0279.120] GdipGetImageWidth (image=0x6602a58, width=0xd7e1e0) returned 0x0
[0279.120] GdipGetImageHeight (image=0x6602a58, height=0xd7e1e0) returned 0x0
[0279.120] GdipGetImageWidth (image=0x6602a58, width=0xd7e1cc) returned 0x0
[0279.120] GdipGetImageHeight (image=0x6602a58, height=0xd7e1cc) returned 0x0
[0279.120] GdipDrawImageRectI (graphics=0x6600030, image=0x6602a58, x=16, y=16, width=32, height=32) returned 0x0
[0279.120] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0279.120] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x6f010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.120] GdipReleaseDC (graphics=0x6600030, hdc=0x6f010781) returned 0x0
[0279.120] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.120] SelectObject (hdc=0x6f010781, h=0x85000f) returned 0x4a0507fe
[0279.121] DeleteDC (hdc=0x6f010781) returned 1
[0279.121] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.121] EndPaint (hWnd=0x2702c8, lpPaint=0xd7e294) returned 1
[0279.121] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.121] IsWindowUnicode (hWnd=0x2202d0) returned 1
[0279.121] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.121] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.121] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.121] BeginPaint (in: hWnd=0x2202d0, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0279.121] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.122] CreateCompatibleDC (hdc=0x107b9) returned 0x71010781
[0279.122] GetObjectType (h=0x107b9) returned 0x3
[0279.122] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0xffffffffcc0507a1
[0279.131] GetDIBits (in: hdc=0x107b9, hbm=0xcc0507a1, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0279.131] GetDIBits (in: hdc=0x107b9, hbm=0xcc0507a1, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0279.131] DeleteObject (ho=0xcc0507a1) returned 1
[0279.131] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x1050793
[0279.131] SelectObject (hdc=0x71010781, h=0x1050793) returned 0x85000f
[0279.131] GdipCreateFromHDC (hdc=0x71010781, graphics=0xd7e234) returned 0x0
[0279.132] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.132] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0279.132] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0279.132] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0279.132] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2d4) returned 0x0
[0279.132] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0279.132] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee8d8) returned 0x0
[0279.132] LocalFree (hMem=0x11ee8d8) returned 0x0
[0279.132] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0279.132] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0279.132] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0279.132] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0279.132] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0279.132] GetWindowTextLengthW (hWnd=0x2202d0) returned 232
[0279.132] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0279.133] GetSystemMetrics (nIndex=42) returned 0
[0279.133] GetWindowTextW (in: hWnd=0x2202d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0279.133] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0279.133] GetClientRect (in: hWnd=0x2202d0, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0279.133] GdipCreateRegion (region=0xd7e110) returned 0x0
[0279.133] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0279.133] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0279.133] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0279.133] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e128) returned 0x0
[0279.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0279.133] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0279.133] LocalFree (hMem=0x11ee8d8) returned 0x0
[0279.133] GdipCombineRegionRegion (region=0x6646328, region2=0x6646f88, combineMode=0x1) returned 0x0
[0279.133] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0279.133] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee910) returned 0x0
[0279.133] LocalFree (hMem=0x11ee910) returned 0x0
[0279.133] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0279.133] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e150) returned 0x0
[0279.134] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e140) returned 0x0
[0279.134] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0279.134] GdipDeleteRegion (region=0x6646328) returned 0x0
[0279.134] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0279.134] GetCurrentObject (hdc=0x71010781, type=0x1) returned 0xb00017
[0279.134] GetCurrentObject (hdc=0x71010781, type=0x2) returned 0x900010
[0279.134] GetCurrentObject (hdc=0x71010781, type=0x7) returned 0x1050793
[0279.134] GetCurrentObject (hdc=0x71010781, type=0x6) returned 0x8a01c2
[0279.134] SaveDC (hdc=0x71010781) returned 1
[0279.134] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xeb0407de
[0279.134] GetClipRgn (hdc=0x71010781, hrgn=0xeb0407de) returned 0
[0279.134] SelectClipRgn (hdc=0x71010781, hrgn=0x5a040807) returned 2
[0279.134] DeleteObject (ho=0xeb0407de) returned 1
[0279.134] DeleteObject (ho=0x5a040807) returned 1
[0279.134] OffsetViewportOrgEx (in: hdc=0x71010781, x=0, y=0, lppt=0x2db06a0 | out: lppt=0x2db06a0) returned 1
[0279.135] GetNearestColor (hdc=0x71010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.135] CreateSolidBrush (color=0xf0f0f0) returned 0xe1007e1
[0279.135] FillRect (hDC=0x71010781, lprc=0xd7e15c, hbr=0xe1007e1) returned 1
[0279.136] DeleteObject (ho=0xe1007e1) returned 1
[0279.136] RestoreDC (hdc=0x71010781, nSavedDC=-1) returned 1
[0279.137] GdipReleaseDC (graphics=0x6600030, hdc=0x71010781) returned 0x0
[0279.137] GdipRestoreGraphics (graphics=0x6600030, state=0xf6cc0dbd) returned 0x0
[0279.137] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0279.137] GetWindowTextLengthW (hWnd=0x2202d0) returned 232
[0279.137] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0279.137] GetSystemMetrics (nIndex=42) returned 0
[0279.137] GetWindowTextW (in: hWnd=0x2202d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0279.137] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0279.137] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0279.137] GetCurrentObject (hdc=0x71010781, type=0x1) returned 0xb00017
[0279.137] GetCurrentObject (hdc=0x71010781, type=0x2) returned 0x900010
[0279.137] GetCurrentObject (hdc=0x71010781, type=0x7) returned 0x1050793
[0279.138] GetCurrentObject (hdc=0x71010781, type=0x6) returned 0x8a01c2
[0279.138] SaveDC (hdc=0x71010781) returned 1
[0279.138] GetNearestColor (hdc=0x71010781, color=0x0) returned 0x0
[0279.138] RestoreDC (hdc=0x71010781, nSavedDC=-1) returned 1
[0279.139] GdipReleaseDC (graphics=0x6600030, hdc=0x71010781) returned 0x0
[0279.139] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0279.139] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0279.139] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2db0e9c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0279.140] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0279.140] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0279.140] GetCurrentObject (hdc=0x71010781, type=0x1) returned 0xb00017
[0279.140] GetCurrentObject (hdc=0x71010781, type=0x2) returned 0x900010
[0279.140] GetCurrentObject (hdc=0x71010781, type=0x7) returned 0x1050793
[0279.140] GetCurrentObject (hdc=0x71010781, type=0x6) returned 0x8a01c2
[0279.140] SaveDC (hdc=0x71010781) returned 1
[0279.140] GetTextAlign (hdc=0x71010781) returned 0x0
[0279.141] GetTextColor (hdc=0x71010781) returned 0x0
[0279.141] GetCurrentObject (hdc=0x71010781, type=0x6) returned 0x8a01c2
[0279.141] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0279.141] SelectObject (hdc=0x71010781, h=0x6d0a0520) returned 0x8a01c2
[0279.141] GetBkMode (hdc=0x71010781) returned 2
[0279.141] SetBkMode (hdc=0x71010781, mode=1) returned 2
[0279.141] DrawTextExW (in: hdc=0x71010781, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2db10c0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0279.145] RestoreDC (hdc=0x71010781, nSavedDC=-1) returned 1
[0279.145] GdipReleaseDC (graphics=0x6600030, hdc=0x71010781) returned 0x0
[0279.145] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0279.145] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x71010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.145] GdipReleaseDC (graphics=0x6600030, hdc=0x71010781) returned 0x0
[0279.145] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.146] SelectObject (hdc=0x71010781, h=0x85000f) returned 0x1050793
[0279.146] DeleteDC (hdc=0x71010781) returned 1
[0279.146] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.146] DeleteObject (ho=0x1050793) returned 1
[0279.147] EndPaint (hWnd=0x2202d0, lpPaint=0xd7e258) returned 1
[0279.147] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.147] IsWindowUnicode (hWnd=0x2f02d8) returned 1
[0279.147] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.147] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.147] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.147] BeginPaint (in: hWnd=0x2f02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0279.147] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.147] CreateCompatibleDC (hdc=0xf0105ee) returned 0xce0107a1
[0279.148] SelectObject (hdc=0xce0107a1, h=0x4a0507fe) returned 0x85000f
[0279.148] GdipCreateFromHDC (hdc=0xce0107a1, graphics=0xd7e268) returned 0x0
[0279.148] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.148] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0279.148] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0279.148] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0279.148] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0279.148] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0279.148] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eead0) returned 0x0
[0279.148] LocalFree (hMem=0x11eead0) returned 0x0
[0279.148] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0279.148] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0279.149] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0279.149] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0279.149] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0279.149] GdipRestoreGraphics (graphics=0x6600030, state=0xf6ca0dbd) returned 0x0
[0279.149] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0279.149] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0279.149] GetCurrentObject (hdc=0xce0107a1, type=0x1) returned 0xb00017
[0279.149] GetCurrentObject (hdc=0xce0107a1, type=0x2) returned 0x900010
[0279.149] GetCurrentObject (hdc=0xce0107a1, type=0x7) returned 0x4a0507fe
[0279.149] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.149] SaveDC (hdc=0xce0107a1) returned 1
[0279.149] GetNearestColor (hdc=0xce0107a1, color=0xf0f0f0) returned 0xf0f0f0
[0279.149] GetNearestColor (hdc=0xce0107a1, color=0xa0a0a0) returned 0xa0a0a0
[0279.149] GetNearestColor (hdc=0xce0107a1, color=0x696969) returned 0x696969
[0279.150] GetNearestColor (hdc=0xce0107a1, color=0xa0a0a0) returned 0xa0a0a0
[0279.150] GetNearestColor (hdc=0xce0107a1, color=0x0) returned 0x0
[0279.150] GetNearestColor (hdc=0xce0107a1, color=0xffffff) returned 0xffffff
[0279.150] GetNearestColor (hdc=0xce0107a1, color=0xe5e5e5) returned 0xe5e5e5
[0279.150] GetNearestColor (hdc=0xce0107a1, color=0xd7d7d7) returned 0xd7d7d7
[0279.150] GetNearestColor (hdc=0xce0107a1, color=0x0) returned 0x0
[0279.150] RestoreDC (hdc=0xce0107a1, nSavedDC=-1) returned 1
[0279.150] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107a1) returned 0x0
[0279.150] IsAppThemed () returned 0x1
[0279.150] GetThemeAppProperties () returned 0x3
[0279.150] GetThemeAppProperties () returned 0x3
[0279.150] GdipGetImageWidth (image=0x6601360, width=0xd7e168) returned 0x0
[0279.150] GdipGetImageHeight (image=0x6601360, height=0xd7e168) returned 0x0
[0279.150] IsAppThemed () returned 0x1
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2db1810 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0279.151] IsAppThemed () returned 0x1
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] IsAppThemed () returned 0x1
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] GetFocus () returned 0x2f02d8
[0279.151] IsAppThemed () returned 0x1
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] GetThemeAppProperties () returned 0x3
[0279.151] IsAppThemed () returned 0x1
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] IsThemePartDefined () returned 0x1
[0279.152] IsAppThemed () returned 0x1
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0279.152] IsAppThemed () returned 0x1
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] IsAppThemed () returned 0x1
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] GetThemeAppProperties () returned 0x3
[0279.152] IsThemePartDefined () returned 0x1
[0279.152] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0279.152] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0279.152] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0279.152] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0279.152] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dff0) returned 0x0
[0279.152] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.153] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0279.153] LocalFree (hMem=0x11ee788) returned 0x0
[0279.153] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0279.153] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eead0) returned 0x0
[0279.153] LocalFree (hMem=0x11eead0) returned 0x0
[0279.153] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0279.153] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e018) returned 0x0
[0279.153] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e008) returned 0x0
[0279.153] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0279.159] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0279.159] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0279.160] GetCurrentObject (hdc=0xce0107a1, type=0x1) returned 0xb00017
[0279.160] GetCurrentObject (hdc=0xce0107a1, type=0x2) returned 0x900010
[0279.160] GetCurrentObject (hdc=0xce0107a1, type=0x7) returned 0x4a0507fe
[0279.160] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.160] SaveDC (hdc=0xce0107a1) returned 1
[0279.160] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5b040807
[0279.160] GetClipRgn (hdc=0xce0107a1, hrgn=0x5b040807) returned 0
[0279.160] SelectClipRgn (hdc=0xce0107a1, hrgn=0xef0407de) returned 2
[0279.160] DeleteObject (ho=0x5b040807) returned 1
[0279.160] DeleteObject (ho=0xef0407de) returned 1
[0279.160] OffsetViewportOrgEx (in: hdc=0xce0107a1, x=0, y=0, lppt=0x2db1ec0 | out: lppt=0x2db1ec0) returned 1
[0279.160] DrawThemeParentBackground () returned 0x0
[0279.161] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0279.161] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0279.161] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.161] GetSystemMetrics (nIndex=42) returned 0
[0279.161] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0279.161] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0279.161] GetCurrentObject (hdc=0xce0107a1, type=0x1) returned 0xb00017
[0279.161] GetCurrentObject (hdc=0xce0107a1, type=0x2) returned 0x900010
[0279.161] GetCurrentObject (hdc=0xce0107a1, type=0x7) returned 0x4a0507fe
[0279.162] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.162] SaveDC (hdc=0xce0107a1) returned 2
[0279.162] GetNearestColor (hdc=0xce0107a1, color=0xf0f0f0) returned 0xf0f0f0
[0279.162] CreateSolidBrush (color=0xf0f0f0) returned 0xf1007e1
[0279.162] FillRect (hDC=0xce0107a1, lprc=0xd7da38, hbr=0xf1007e1) returned 1
[0279.162] DeleteObject (ho=0xf1007e1) returned 1
[0279.162] RestoreDC (hdc=0xce0107a1, nSavedDC=-1) returned 1
[0279.162] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.162] GetSystemMetrics (nIndex=42) returned 0
[0279.162] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0279.162] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0279.162] GetCurrentObject (hdc=0xce0107a1, type=0x1) returned 0xb00017
[0279.163] GetCurrentObject (hdc=0xce0107a1, type=0x2) returned 0x900010
[0279.163] GetCurrentObject (hdc=0xce0107a1, type=0x7) returned 0x4a0507fe
[0279.163] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.163] SaveDC (hdc=0xce0107a1) returned 2
[0279.163] GetNearestColor (hdc=0xce0107a1, color=0xf0f0f0) returned 0xf0f0f0
[0279.163] CreateSolidBrush (color=0xf0f0f0) returned 0x101007e1
[0279.163] FillRect (hDC=0xce0107a1, lprc=0xd7d9d8, hbr=0x101007e1) returned 1
[0279.163] DeleteObject (ho=0x101007e1) returned 1
[0279.163] RestoreDC (hdc=0xce0107a1, nSavedDC=-1) returned 1
[0279.163] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.163] GetSystemMetrics (nIndex=42) returned 0
[0279.163] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0279.164] RestoreDC (hdc=0xce0107a1, nSavedDC=-1) returned 1
[0279.164] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107a1) returned 0x0
[0279.164] IsAppThemed () returned 0x1
[0279.164] GetThemeAppProperties () returned 0x3
[0279.164] GetThemeAppProperties () returned 0x3
[0279.164] IsAppThemed () returned 0x1
[0279.164] GetThemeAppProperties () returned 0x3
[0279.164] GetThemeAppProperties () returned 0x3
[0279.164] IsThemePartDefined () returned 0x1
[0279.164] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0279.164] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.164] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0279.164] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0279.164] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0279.165] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0279.165] LocalFree (hMem=0x11ee788) returned 0x0
[0279.165] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0279.165] LocalFree (hMem=0x11eec58) returned 0x0
[0279.165] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0279.165] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0279.165] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0279.165] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0279.165] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.165] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0279.165] GetCurrentObject (hdc=0xce0107a1, type=0x1) returned 0xb00017
[0279.165] GetCurrentObject (hdc=0xce0107a1, type=0x2) returned 0x900010
[0279.165] GetCurrentObject (hdc=0xce0107a1, type=0x7) returned 0x4a0507fe
[0279.165] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.165] SaveDC (hdc=0xce0107a1) returned 1
[0279.166] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf00407de
[0279.166] GetClipRgn (hdc=0xce0107a1, hrgn=0xf00407de) returned 0
[0279.166] SelectClipRgn (hdc=0xce0107a1, hrgn=0x5d040807) returned 2
[0279.166] DeleteObject (ho=0xf00407de) returned 1
[0279.166] DeleteObject (ho=0x5d040807) returned 1
[0279.166] OffsetViewportOrgEx (in: hdc=0xce0107a1, x=0, y=0, lppt=0x2db2844 | out: lppt=0x2db2844) returned 1
[0279.166] IsAppThemed () returned 0x1
[0279.166] GetThemeAppProperties () returned 0x3
[0279.166] GetThemeAppProperties () returned 0x3
[0279.166] DrawThemeBackground () returned 0x0
[0279.166] RestoreDC (hdc=0xce0107a1, nSavedDC=-1) returned 1
[0279.166] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107a1) returned 0x0
[0279.166] GdipCreateRegion (region=0xd7df60) returned 0x0
[0279.167] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0279.167] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0279.167] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0279.167] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df78) returned 0x0
[0279.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.167] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0279.167] LocalFree (hMem=0x11eec58) returned 0x0
[0279.167] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0279.167] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0279.167] LocalFree (hMem=0x11ee868) returned 0x0
[0279.167] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0279.167] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0279.167] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df90) returned 0x0
[0279.167] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0279.167] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0279.167] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0279.168] GetCurrentObject (hdc=0xce0107a1, type=0x1) returned 0xb00017
[0279.168] GetCurrentObject (hdc=0xce0107a1, type=0x2) returned 0x900010
[0279.168] GetCurrentObject (hdc=0xce0107a1, type=0x7) returned 0x4a0507fe
[0279.168] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.168] SaveDC (hdc=0xce0107a1) returned 1
[0279.168] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5e040807
[0279.168] GetClipRgn (hdc=0xce0107a1, hrgn=0x5e040807) returned 0
[0279.168] SelectClipRgn (hdc=0xce0107a1, hrgn=0xf10407de) returned 2
[0279.168] DeleteObject (ho=0x5e040807) returned 1
[0279.168] DeleteObject (ho=0xf10407de) returned 1
[0279.168] OffsetViewportOrgEx (in: hdc=0xce0107a1, x=0, y=0, lppt=0x2db2b18 | out: lppt=0x2db2b18) returned 1
[0279.168] IsAppThemed () returned 0x1
[0279.168] GetThemeAppProperties () returned 0x3
[0279.168] GetThemeAppProperties () returned 0x3
[0279.168] GetThemeBackgroundContentRect () returned 0x0
[0279.168] RestoreDC (hdc=0xce0107a1, nSavedDC=-1) returned 1
[0279.169] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107a1) returned 0x0
[0279.169] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0279.169] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0279.169] GdipCloneRegion (region=0x6646f88, cloneRegion=0xd7e150) returned 0x0
[0279.169] GdipCombineRegionRectI (region=0x6646328, rect=0xd7e138, combineMode=0x1) returned 0x0
[0279.169] GdipCombineRegionRectI (region=0x6646328, rect=0xd7e138, combineMode=0x1) returned 0x0
[0279.169] GdipSetClipRegion (graphics=0x6600030, region=0x6646328, combineMode=0x0) returned 0x0
[0279.170] GdipGetImageWidth (image=0x6601360, width=0xd7e154) returned 0x0
[0279.170] GdipGetImageHeight (image=0x6601360, height=0xd7e148) returned 0x0
[0279.170] GdipDrawImageRectI (graphics=0x6600030, image=0x6601360, x=4, y=4, width=16, height=16) returned 0x0
[0279.170] GdipSetClipRegion (graphics=0x6600030, region=0x6646f88, combineMode=0x0) returned 0x0
[0279.170] IsAppThemed () returned 0x1
[0279.170] GetThemeAppProperties () returned 0x3
[0279.170] GetThemeAppProperties () returned 0x3
[0279.170] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0279.170] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0279.170] GetCurrentObject (hdc=0xce0107a1, type=0x1) returned 0xb00017
[0279.170] GetCurrentObject (hdc=0xce0107a1, type=0x2) returned 0x900010
[0279.170] GetCurrentObject (hdc=0xce0107a1, type=0x7) returned 0x4a0507fe
[0279.170] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.170] SaveDC (hdc=0xce0107a1) returned 1
[0279.170] GetTextAlign (hdc=0xce0107a1) returned 0x0
[0279.171] GetTextColor (hdc=0xce0107a1) returned 0x0
[0279.171] GetCurrentObject (hdc=0xce0107a1, type=0x6) returned 0x8a01c2
[0279.171] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0279.171] SelectObject (hdc=0xce0107a1, h=0x6d0a0520) returned 0x8a01c2
[0279.171] GetBkMode (hdc=0xce0107a1) returned 2
[0279.171] SetBkMode (hdc=0xce0107a1, mode=1) returned 2
[0279.171] DrawTextExW (in: hdc=0xce0107a1, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2db2ed8 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0279.171] DrawTextExW (in: hdc=0xce0107a1, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2db2ed8 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0279.172] RestoreDC (hdc=0xce0107a1, nSavedDC=-1) returned 1
[0279.172] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107a1) returned 0x0
[0279.172] GetFocus () returned 0x2f02d8
[0279.172] IsAppThemed () returned 0x1
[0279.172] GetThemeAppProperties () returned 0x3
[0279.172] GetThemeAppProperties () returned 0x3
[0279.172] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0279.172] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xce0107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.172] GdipReleaseDC (graphics=0x6600030, hdc=0xce0107a1) returned 0x0
[0279.172] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.172] SelectObject (hdc=0xce0107a1, h=0x85000f) returned 0x4a0507fe
[0279.173] DeleteDC (hdc=0xce0107a1) returned 1
[0279.173] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.173] EndPaint (hWnd=0x2f02d8, lpPaint=0xd7e24c) returned 1
[0279.174] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.174] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.174] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.174] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.174] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.174] BeginPaint (in: hWnd=0x2d02da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0279.174] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.174] CreateCompatibleDC (hdc=0xc0107c5) returned 0xd00107a1
[0279.174] SelectObject (hdc=0xd00107a1, h=0x4a0507fe) returned 0x85000f
[0279.174] GdipCreateFromHDC (hdc=0xd00107a1, graphics=0xd7e268) returned 0x0
[0279.175] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.175] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0279.175] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0279.175] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0279.175] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0279.175] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0279.175] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0279.175] LocalFree (hMem=0x11eea28) returned 0x0
[0279.175] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0279.175] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0279.175] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.175] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0279.175] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0279.175] GdipRestoreGraphics (graphics=0x6600030, state=0xf6c80dbd) returned 0x0
[0279.175] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.176] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0279.176] GetCurrentObject (hdc=0xd00107a1, type=0x1) returned 0xb00017
[0279.176] GetCurrentObject (hdc=0xd00107a1, type=0x2) returned 0x900010
[0279.176] GetCurrentObject (hdc=0xd00107a1, type=0x7) returned 0x4a0507fe
[0279.176] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.176] SaveDC (hdc=0xd00107a1) returned 1
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0xf0f0f0) returned 0xf0f0f0
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0xa0a0a0) returned 0xa0a0a0
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0x696969) returned 0x696969
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0xa0a0a0) returned 0xa0a0a0
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0x0) returned 0x0
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0xffffff) returned 0xffffff
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0xe5e5e5) returned 0xe5e5e5
[0279.176] GetNearestColor (hdc=0xd00107a1, color=0xd7d7d7) returned 0xd7d7d7
[0279.177] GetNearestColor (hdc=0xd00107a1, color=0x0) returned 0x0
[0279.177] RestoreDC (hdc=0xd00107a1, nSavedDC=-1) returned 1
[0279.177] GdipReleaseDC (graphics=0x6600030, hdc=0xd00107a1) returned 0x0
[0279.177] IsAppThemed () returned 0x1
[0279.177] GetThemeAppProperties () returned 0x3
[0279.177] GetThemeAppProperties () returned 0x3
[0279.177] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0279.177] SendMessageW (hWnd=0x3000ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0279.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0279.177] IsAppThemed () returned 0x1
[0279.177] GetThemeAppProperties () returned 0x3
[0279.177] GetThemeAppProperties () returned 0x3
[0279.177] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2db36e8 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0279.178] IsAppThemed () returned 0x1
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] IsAppThemed () returned 0x1
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] GetFocus () returned 0x2f02d8
[0279.178] IsAppThemed () returned 0x1
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] IsAppThemed () returned 0x1
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] IsThemePartDefined () returned 0x1
[0279.178] IsAppThemed () returned 0x1
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] GetThemeAppProperties () returned 0x3
[0279.178] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0279.178] IsAppThemed () returned 0x1
[0279.179] GetThemeAppProperties () returned 0x3
[0279.179] GetThemeAppProperties () returned 0x3
[0279.179] IsAppThemed () returned 0x1
[0279.179] GetThemeAppProperties () returned 0x3
[0279.179] GetThemeAppProperties () returned 0x3
[0279.179] IsThemePartDefined () returned 0x1
[0279.179] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0279.179] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.179] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0279.179] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0279.179] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0279.179] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.179] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0279.179] LocalFree (hMem=0x11eec58) returned 0x0
[0279.179] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0279.179] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0279.179] LocalFree (hMem=0x11ee868) returned 0x0
[0279.179] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0279.180] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0279.180] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0279.180] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0279.180] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.180] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0279.180] GetCurrentObject (hdc=0xd00107a1, type=0x1) returned 0xb00017
[0279.180] GetCurrentObject (hdc=0xd00107a1, type=0x2) returned 0x900010
[0279.180] GetCurrentObject (hdc=0xd00107a1, type=0x7) returned 0x4a0507fe
[0279.180] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.180] SaveDC (hdc=0xd00107a1) returned 1
[0279.180] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf20407de
[0279.180] GetClipRgn (hdc=0xd00107a1, hrgn=0xf20407de) returned 0
[0279.180] SelectClipRgn (hdc=0xd00107a1, hrgn=0x62040807) returned 2
[0279.180] DeleteObject (ho=0xf20407de) returned 1
[0279.180] DeleteObject (ho=0x62040807) returned 1
[0279.181] OffsetViewportOrgEx (in: hdc=0xd00107a1, x=0, y=0, lppt=0x2db3d98 | out: lppt=0x2db3d98) returned 1
[0279.181] DrawThemeParentBackground () returned 0x0
[0279.181] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0279.181] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0279.181] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.181] GetSystemMetrics (nIndex=42) returned 0
[0279.181] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0279.181] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0279.181] GetCurrentObject (hdc=0xd00107a1, type=0x1) returned 0xb00017
[0279.181] GetCurrentObject (hdc=0xd00107a1, type=0x2) returned 0x900010
[0279.181] GetCurrentObject (hdc=0xd00107a1, type=0x7) returned 0x4a0507fe
[0279.181] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.182] SaveDC (hdc=0xd00107a1) returned 2
[0279.182] GetNearestColor (hdc=0xd00107a1, color=0xf0f0f0) returned 0xf0f0f0
[0279.182] CreateSolidBrush (color=0xf0f0f0) returned 0x111007e1
[0279.182] FillRect (hDC=0xd00107a1, lprc=0xd7da38, hbr=0x111007e1) returned 1
[0279.182] DeleteObject (ho=0x111007e1) returned 1
[0279.182] RestoreDC (hdc=0xd00107a1, nSavedDC=-1) returned 1
[0279.182] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.182] GetSystemMetrics (nIndex=42) returned 0
[0279.182] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0279.182] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0279.182] GetCurrentObject (hdc=0xd00107a1, type=0x1) returned 0xb00017
[0279.182] GetCurrentObject (hdc=0xd00107a1, type=0x2) returned 0x900010
[0279.182] GetCurrentObject (hdc=0xd00107a1, type=0x7) returned 0x4a0507fe
[0279.182] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.183] SaveDC (hdc=0xd00107a1) returned 2
[0279.183] GetNearestColor (hdc=0xd00107a1, color=0xf0f0f0) returned 0xf0f0f0
[0279.183] CreateSolidBrush (color=0xf0f0f0) returned 0x121007e1
[0279.183] FillRect (hDC=0xd00107a1, lprc=0xd7d9d8, hbr=0x121007e1) returned 1
[0279.183] DeleteObject (ho=0x121007e1) returned 1
[0279.183] RestoreDC (hdc=0xd00107a1, nSavedDC=-1) returned 1
[0279.183] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.183] GetSystemMetrics (nIndex=42) returned 0
[0279.183] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0279.221] RestoreDC (hdc=0xd00107a1, nSavedDC=-1) returned 1
[0279.221] GdipReleaseDC (graphics=0x6600030, hdc=0xd00107a1) returned 0x0
[0279.221] IsAppThemed () returned 0x1
[0279.221] GetThemeAppProperties () returned 0x3
[0279.221] GetThemeAppProperties () returned 0x3
[0279.221] IsAppThemed () returned 0x1
[0279.221] GetThemeAppProperties () returned 0x3
[0279.221] GetThemeAppProperties () returned 0x3
[0279.221] IsThemePartDefined () returned 0x1
[0279.221] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0279.221] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.221] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0279.221] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0279.222] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df74) returned 0x0
[0279.222] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.222] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0279.222] LocalFree (hMem=0x11ee788) returned 0x0
[0279.222] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.222] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0279.222] LocalFree (hMem=0x11eec58) returned 0x0
[0279.222] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0279.222] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0279.222] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0279.222] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0279.222] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.222] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0279.222] GetCurrentObject (hdc=0xd00107a1, type=0x1) returned 0xb00017
[0279.222] GetCurrentObject (hdc=0xd00107a1, type=0x2) returned 0x900010
[0279.222] GetCurrentObject (hdc=0xd00107a1, type=0x7) returned 0x4a0507fe
[0279.223] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.223] SaveDC (hdc=0xd00107a1) returned 1
[0279.223] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x63040807
[0279.223] GetClipRgn (hdc=0xd00107a1, hrgn=0x63040807) returned 0
[0279.223] SelectClipRgn (hdc=0xd00107a1, hrgn=0xf40407de) returned 2
[0279.223] DeleteObject (ho=0x63040807) returned 1
[0279.223] DeleteObject (ho=0xf40407de) returned 1
[0279.223] OffsetViewportOrgEx (in: hdc=0xd00107a1, x=0, y=0, lppt=0x2db471c | out: lppt=0x2db471c) returned 1
[0279.223] IsAppThemed () returned 0x1
[0279.223] GetThemeAppProperties () returned 0x3
[0279.223] GetThemeAppProperties () returned 0x3
[0279.223] DrawThemeBackground () returned 0x0
[0279.223] RestoreDC (hdc=0xd00107a1, nSavedDC=-1) returned 1
[0279.223] GdipReleaseDC (graphics=0x6600030, hdc=0xd00107a1) returned 0x0
[0279.224] GdipCreateRegion (region=0xd7df60) returned 0x0
[0279.224] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.224] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0279.224] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0279.224] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df78) returned 0x0
[0279.224] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.224] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0279.224] LocalFree (hMem=0x11eec58) returned 0x0
[0279.224] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0279.224] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0279.224] LocalFree (hMem=0x11eecc8) returned 0x0
[0279.224] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0279.224] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0279.224] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0279.224] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0279.224] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.224] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0279.225] GetCurrentObject (hdc=0xd00107a1, type=0x1) returned 0xb00017
[0279.225] GetCurrentObject (hdc=0xd00107a1, type=0x2) returned 0x900010
[0279.225] GetCurrentObject (hdc=0xd00107a1, type=0x7) returned 0x4a0507fe
[0279.225] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.225] SaveDC (hdc=0xd00107a1) returned 1
[0279.225] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf50407de
[0279.225] GetClipRgn (hdc=0xd00107a1, hrgn=0xf50407de) returned 0
[0279.225] SelectClipRgn (hdc=0xd00107a1, hrgn=0x64040807) returned 2
[0279.225] DeleteObject (ho=0xf50407de) returned 1
[0279.225] DeleteObject (ho=0x64040807) returned 1
[0279.225] OffsetViewportOrgEx (in: hdc=0xd00107a1, x=0, y=0, lppt=0x2db49f0 | out: lppt=0x2db49f0) returned 1
[0279.225] IsAppThemed () returned 0x1
[0279.225] GetThemeAppProperties () returned 0x3
[0279.225] GetThemeAppProperties () returned 0x3
[0279.225] GetThemeBackgroundContentRect () returned 0x0
[0279.225] RestoreDC (hdc=0xd00107a1, nSavedDC=-1) returned 1
[0279.226] GdipReleaseDC (graphics=0x6600030, hdc=0xd00107a1) returned 0x0
[0279.226] IsAppThemed () returned 0x1
[0279.226] GetThemeAppProperties () returned 0x3
[0279.226] GetThemeAppProperties () returned 0x3
[0279.226] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0279.226] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0279.226] GetCurrentObject (hdc=0xd00107a1, type=0x1) returned 0xb00017
[0279.226] GetCurrentObject (hdc=0xd00107a1, type=0x2) returned 0x900010
[0279.226] GetCurrentObject (hdc=0xd00107a1, type=0x7) returned 0x4a0507fe
[0279.226] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.226] SaveDC (hdc=0xd00107a1) returned 1
[0279.226] GetTextAlign (hdc=0xd00107a1) returned 0x0
[0279.226] GetTextColor (hdc=0xd00107a1) returned 0x0
[0279.226] GetCurrentObject (hdc=0xd00107a1, type=0x6) returned 0x8a01c2
[0279.226] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0279.227] SelectObject (hdc=0xd00107a1, h=0x6d0a0520) returned 0x8a01c2
[0279.227] GetBkMode (hdc=0xd00107a1) returned 2
[0279.227] SetBkMode (hdc=0xd00107a1, mode=1) returned 2
[0279.227] DrawTextExW (in: hdc=0xd00107a1, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2db4d90 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0279.227] DrawTextExW (in: hdc=0xd00107a1, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2db4d90 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0279.228] RestoreDC (hdc=0xd00107a1, nSavedDC=-1) returned 1
[0279.228] GdipReleaseDC (graphics=0x6600030, hdc=0xd00107a1) returned 0x0
[0279.228] GetFocus () returned 0x2f02d8
[0279.228] IsAppThemed () returned 0x1
[0279.228] GetThemeAppProperties () returned 0x3
[0279.228] GetThemeAppProperties () returned 0x3
[0279.228] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0279.228] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xd00107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.228] GdipReleaseDC (graphics=0x6600030, hdc=0xd00107a1) returned 0x0
[0279.228] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.228] SelectObject (hdc=0xd00107a1, h=0x85000f) returned 0x4a0507fe
[0279.228] DeleteDC (hdc=0xd00107a1) returned 1
[0279.228] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.229] EndPaint (hWnd=0x2d02da, lpPaint=0xd7e24c) returned 1
[0279.229] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.229] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0279.230] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.230] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0279.230] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.230] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.231] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0279.238] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.238] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.238] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.238] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.239] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.239] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.239] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.240] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.240] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.240] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.240] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.240] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.240] SetCursor (hCursor=0x10003) returned 0x10003
[0279.240] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.240] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.240] _TrackMouseEvent (in: lpEventTrack=0x2db4e8c | out: lpEventTrack=0x2db4e8c) returned 1
[0279.241] SendMessageW (hWnd=0x2d02da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0279.241] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0279.241] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.241] GetKeyState (nVirtKey=1) returned 0
[0279.241] GetKeyState (nVirtKey=2) returned 0
[0279.241] GetKeyState (nVirtKey=4) returned 0
[0279.241] GetKeyState (nVirtKey=5) returned 0
[0279.241] GetKeyState (nVirtKey=6) returned 0
[0279.241] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.241] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.241] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.242] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.242] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.242] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.242] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.242] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.242] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.243] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.243] BeginPaint (in: hWnd=0x2d02da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0279.243] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.243] CreateCompatibleDC (hdc=0xc0107c5) returned 0x7d010781
[0279.243] SelectObject (hdc=0x7d010781, h=0x4a0507fe) returned 0x85000f
[0279.243] GdipCreateFromHDC (hdc=0x7d010781, graphics=0xd7e268) returned 0x0
[0279.243] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.243] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0279.243] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0279.243] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0279.244] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0279.244] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.244] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0279.244] LocalFree (hMem=0x11eec58) returned 0x0
[0279.244] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0279.244] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0279.244] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0279.244] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0279.244] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0279.244] GdipRestoreGraphics (graphics=0x6600030, state=0xf6c60dbd) returned 0x0
[0279.244] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0279.244] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0279.244] GetCurrentObject (hdc=0x7d010781, type=0x1) returned 0xb00017
[0279.244] GetCurrentObject (hdc=0x7d010781, type=0x2) returned 0x900010
[0279.244] GetCurrentObject (hdc=0x7d010781, type=0x7) returned 0x4a0507fe
[0279.244] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.245] SaveDC (hdc=0x7d010781) returned 1
[0279.245] GetNearestColor (hdc=0x7d010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.245] GetNearestColor (hdc=0x7d010781, color=0xa0a0a0) returned 0xa0a0a0
[0279.245] GetNearestColor (hdc=0x7d010781, color=0x696969) returned 0x696969
[0279.245] GetNearestColor (hdc=0x7d010781, color=0xa0a0a0) returned 0xa0a0a0
[0279.245] GetNearestColor (hdc=0x7d010781, color=0x0) returned 0x0
[0279.245] GetNearestColor (hdc=0x7d010781, color=0xffffff) returned 0xffffff
[0279.245] GetNearestColor (hdc=0x7d010781, color=0xe5e5e5) returned 0xe5e5e5
[0279.245] GetNearestColor (hdc=0x7d010781, color=0xd7d7d7) returned 0xd7d7d7
[0279.245] GetNearestColor (hdc=0x7d010781, color=0x0) returned 0x0
[0279.245] RestoreDC (hdc=0x7d010781, nSavedDC=-1) returned 1
[0279.245] GdipReleaseDC (graphics=0x6600030, hdc=0x7d010781) returned 0x0
[0279.245] IsAppThemed () returned 0x1
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] IsAppThemed () returned 0x1
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2db55ec | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0279.246] IsAppThemed () returned 0x1
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] IsAppThemed () returned 0x1
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] GetThemeAppProperties () returned 0x3
[0279.246] IsAppThemed () returned 0x1
[0279.247] GetThemeAppProperties () returned 0x3
[0279.247] GetThemeAppProperties () returned 0x3
[0279.247] IsAppThemed () returned 0x1
[0279.247] GetThemeAppProperties () returned 0x3
[0279.247] GetThemeAppProperties () returned 0x3
[0279.247] IsThemePartDefined () returned 0x1
[0279.253] IsAppThemed () returned 0x1
[0279.253] GetThemeAppProperties () returned 0x3
[0279.253] GetThemeAppProperties () returned 0x3
[0279.254] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0279.254] IsAppThemed () returned 0x1
[0279.254] GetThemeAppProperties () returned 0x3
[0279.254] GetThemeAppProperties () returned 0x3
[0279.254] IsAppThemed () returned 0x1
[0279.254] GetThemeAppProperties () returned 0x3
[0279.254] GetThemeAppProperties () returned 0x3
[0279.254] IsThemePartDefined () returned 0x1
[0279.254] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0279.254] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.254] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0279.254] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0279.254] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfe4) returned 0x0
[0279.254] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eed00) returned 0x0
[0279.254] LocalFree (hMem=0x11eed00) returned 0x0
[0279.254] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea28) returned 0x0
[0279.254] LocalFree (hMem=0x11eea28) returned 0x0
[0279.255] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0279.255] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0279.255] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0279.255] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0279.255] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.255] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0279.255] GetCurrentObject (hdc=0x7d010781, type=0x1) returned 0xb00017
[0279.255] GetCurrentObject (hdc=0x7d010781, type=0x2) returned 0x900010
[0279.255] GetCurrentObject (hdc=0x7d010781, type=0x7) returned 0x4a0507fe
[0279.255] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.255] SaveDC (hdc=0x7d010781) returned 1
[0279.255] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x65040807
[0279.255] GetClipRgn (hdc=0x7d010781, hrgn=0x65040807) returned 0
[0279.255] SelectClipRgn (hdc=0x7d010781, hrgn=0xf90407de) returned 2
[0279.255] DeleteObject (ho=0x65040807) returned 1
[0279.255] DeleteObject (ho=0xf90407de) returned 1
[0279.255] OffsetViewportOrgEx (in: hdc=0x7d010781, x=0, y=0, lppt=0x2db5c9c | out: lppt=0x2db5c9c) returned 1
[0279.255] DrawThemeParentBackground () returned 0x0
[0279.256] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0279.256] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0279.256] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.256] GetSystemMetrics (nIndex=42) returned 0
[0279.256] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0279.256] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0279.256] GetCurrentObject (hdc=0x7d010781, type=0x1) returned 0xb00017
[0279.256] GetCurrentObject (hdc=0x7d010781, type=0x2) returned 0x900010
[0279.256] GetCurrentObject (hdc=0x7d010781, type=0x7) returned 0x4a0507fe
[0279.256] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.256] SaveDC (hdc=0x7d010781) returned 2
[0279.257] GetNearestColor (hdc=0x7d010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.257] CreateSolidBrush (color=0xf0f0f0) returned 0x131007e1
[0279.257] FillRect (hDC=0x7d010781, lprc=0xd7da30, hbr=0x131007e1) returned 1
[0279.257] DeleteObject (ho=0x131007e1) returned 1
[0279.257] RestoreDC (hdc=0x7d010781, nSavedDC=-1) returned 1
[0279.257] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.257] GetSystemMetrics (nIndex=42) returned 0
[0279.257] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0279.257] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0279.257] GetCurrentObject (hdc=0x7d010781, type=0x1) returned 0xb00017
[0279.257] GetCurrentObject (hdc=0x7d010781, type=0x2) returned 0x900010
[0279.257] GetCurrentObject (hdc=0x7d010781, type=0x7) returned 0x4a0507fe
[0279.257] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.258] SaveDC (hdc=0x7d010781) returned 2
[0279.258] GetNearestColor (hdc=0x7d010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.258] CreateSolidBrush (color=0xf0f0f0) returned 0x141007e1
[0279.258] FillRect (hDC=0x7d010781, lprc=0xd7d9d0, hbr=0x141007e1) returned 1
[0279.258] DeleteObject (ho=0x141007e1) returned 1
[0279.258] RestoreDC (hdc=0x7d010781, nSavedDC=-1) returned 1
[0279.258] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.258] GetSystemMetrics (nIndex=42) returned 0
[0279.258] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0279.258] RestoreDC (hdc=0x7d010781, nSavedDC=-1) returned 1
[0279.258] GdipReleaseDC (graphics=0x6600030, hdc=0x7d010781) returned 0x0
[0279.259] IsAppThemed () returned 0x1
[0279.259] GetThemeAppProperties () returned 0x3
[0279.259] GetThemeAppProperties () returned 0x3
[0279.259] IsAppThemed () returned 0x1
[0279.259] GetThemeAppProperties () returned 0x3
[0279.259] GetThemeAppProperties () returned 0x3
[0279.259] IsThemePartDefined () returned 0x1
[0279.259] GdipCreateRegion (region=0xd7df50) returned 0x0
[0279.259] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.259] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0279.259] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0279.259] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df68) returned 0x0
[0279.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0279.259] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0279.259] LocalFree (hMem=0x11ee868) returned 0x0
[0279.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.259] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0279.259] LocalFree (hMem=0x11ee788) returned 0x0
[0279.260] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0279.260] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0279.260] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0279.260] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0279.260] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.260] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0279.260] GetCurrentObject (hdc=0x7d010781, type=0x1) returned 0xb00017
[0279.260] GetCurrentObject (hdc=0x7d010781, type=0x2) returned 0x900010
[0279.260] GetCurrentObject (hdc=0x7d010781, type=0x7) returned 0x4a0507fe
[0279.260] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.260] SaveDC (hdc=0x7d010781) returned 1
[0279.260] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfa0407de
[0279.260] GetClipRgn (hdc=0x7d010781, hrgn=0xfa0407de) returned 0
[0279.260] SelectClipRgn (hdc=0x7d010781, hrgn=0x67040807) returned 2
[0279.261] DeleteObject (ho=0xfa0407de) returned 1
[0279.261] DeleteObject (ho=0x67040807) returned 1
[0279.261] OffsetViewportOrgEx (in: hdc=0x7d010781, x=0, y=0, lppt=0x2db6620 | out: lppt=0x2db6620) returned 1
[0279.261] IsAppThemed () returned 0x1
[0279.261] GetThemeAppProperties () returned 0x3
[0279.261] GetThemeAppProperties () returned 0x3
[0279.261] DrawThemeBackground () returned 0x0
[0279.261] RestoreDC (hdc=0x7d010781, nSavedDC=-1) returned 1
[0279.261] GdipReleaseDC (graphics=0x6600030, hdc=0x7d010781) returned 0x0
[0279.261] GdipCreateRegion (region=0xd7df54) returned 0x0
[0279.261] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0279.261] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0279.261] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0279.261] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df6c) returned 0x0
[0279.261] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0279.261] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0279.261] LocalFree (hMem=0x11ee868) returned 0x0
[0279.262] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.262] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0279.262] LocalFree (hMem=0x11eec58) returned 0x0
[0279.262] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0279.262] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df94) returned 0x0
[0279.262] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df84) returned 0x0
[0279.262] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0279.262] GdipDeleteRegion (region=0x6646448) returned 0x0
[0279.262] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0279.262] GetCurrentObject (hdc=0x7d010781, type=0x1) returned 0xb00017
[0279.262] GetCurrentObject (hdc=0x7d010781, type=0x2) returned 0x900010
[0279.262] GetCurrentObject (hdc=0x7d010781, type=0x7) returned 0x4a0507fe
[0279.262] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.262] SaveDC (hdc=0x7d010781) returned 1
[0279.263] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x68040807
[0279.263] GetClipRgn (hdc=0x7d010781, hrgn=0x68040807) returned 0
[0279.263] SelectClipRgn (hdc=0x7d010781, hrgn=0xfb0407de) returned 2
[0279.263] DeleteObject (ho=0x68040807) returned 1
[0279.263] DeleteObject (ho=0xfb0407de) returned 1
[0279.263] OffsetViewportOrgEx (in: hdc=0x7d010781, x=0, y=0, lppt=0x2db68f4 | out: lppt=0x2db68f4) returned 1
[0279.263] IsAppThemed () returned 0x1
[0279.263] GetThemeAppProperties () returned 0x3
[0279.263] GetThemeAppProperties () returned 0x3
[0279.264] GetThemeBackgroundContentRect () returned 0x0
[0279.264] RestoreDC (hdc=0x7d010781, nSavedDC=-1) returned 1
[0279.264] GdipReleaseDC (graphics=0x6600030, hdc=0x7d010781) returned 0x0
[0279.264] IsAppThemed () returned 0x1
[0279.264] GetThemeAppProperties () returned 0x3
[0279.264] GetThemeAppProperties () returned 0x3
[0279.264] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0279.264] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0279.264] GetCurrentObject (hdc=0x7d010781, type=0x1) returned 0xb00017
[0279.264] GetCurrentObject (hdc=0x7d010781, type=0x2) returned 0x900010
[0279.264] GetCurrentObject (hdc=0x7d010781, type=0x7) returned 0x4a0507fe
[0279.264] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.264] SaveDC (hdc=0x7d010781) returned 1
[0279.264] GetTextAlign (hdc=0x7d010781) returned 0x0
[0279.264] GetTextColor (hdc=0x7d010781) returned 0x0
[0279.264] GetCurrentObject (hdc=0x7d010781, type=0x6) returned 0x8a01c2
[0279.265] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0279.265] SelectObject (hdc=0x7d010781, h=0x6d0a0520) returned 0x8a01c2
[0279.265] GetBkMode (hdc=0x7d010781) returned 2
[0279.265] SetBkMode (hdc=0x7d010781, mode=1) returned 2
[0279.265] DrawTextExW (in: hdc=0x7d010781, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2db6c94 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0279.265] DrawTextExW (in: hdc=0x7d010781, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2db6c94 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0279.266] RestoreDC (hdc=0x7d010781, nSavedDC=-1) returned 1
[0279.266] GdipReleaseDC (graphics=0x6600030, hdc=0x7d010781) returned 0x0
[0279.266] GetFocus () returned 0x2f02d8
[0279.266] IsAppThemed () returned 0x1
[0279.266] GetThemeAppProperties () returned 0x3
[0279.266] GetThemeAppProperties () returned 0x3
[0279.266] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0279.266] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x7d010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.266] GdipReleaseDC (graphics=0x6600030, hdc=0x7d010781) returned 0x0
[0279.266] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.266] SelectObject (hdc=0x7d010781, h=0x85000f) returned 0x4a0507fe
[0279.266] DeleteDC (hdc=0x7d010781) returned 1
[0279.266] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.267] EndPaint (hWnd=0x2d02da, lpPaint=0xd7e24c) returned 1
[0279.267] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.267] IsWindowUnicode (hWnd=0x2302ce) returned 1
[0279.267] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.267] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.267] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.267] BeginPaint (in: hWnd=0x2302ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0279.267] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.267] CreateCompatibleDC (hdc=0x107b9) returned 0x7f010781
[0279.267] SelectObject (hdc=0x7f010781, h=0x4a0507fe) returned 0x85000f
[0279.268] GdipCreateFromHDC (hdc=0x7f010781, graphics=0xd7e268) returned 0x0
[0279.268] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.268] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0279.268] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0279.268] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0279.268] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2c8) returned 0x0
[0279.268] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0279.268] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0279.268] LocalFree (hMem=0x11eea28) returned 0x0
[0279.268] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0279.268] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0279.268] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0279.268] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0279.268] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0279.269] GdipRestoreGraphics (graphics=0x6600030, state=0xf6c40dbd) returned 0x0
[0279.269] GdipDeleteRegion (region=0x6646568) returned 0x0
[0279.269] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0279.269] GetCurrentObject (hdc=0x7f010781, type=0x1) returned 0xb00017
[0279.269] GetCurrentObject (hdc=0x7f010781, type=0x2) returned 0x900010
[0279.269] GetCurrentObject (hdc=0x7f010781, type=0x7) returned 0x4a0507fe
[0279.269] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.269] SaveDC (hdc=0x7f010781) returned 1
[0279.269] GetNearestColor (hdc=0x7f010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.269] GetNearestColor (hdc=0x7f010781, color=0xa0a0a0) returned 0xa0a0a0
[0279.269] GetNearestColor (hdc=0x7f010781, color=0x696969) returned 0x696969
[0279.269] GetNearestColor (hdc=0x7f010781, color=0xa0a0a0) returned 0xa0a0a0
[0279.269] GetNearestColor (hdc=0x7f010781, color=0x0) returned 0x0
[0279.269] GetNearestColor (hdc=0x7f010781, color=0xffffff) returned 0xffffff
[0279.270] GetNearestColor (hdc=0x7f010781, color=0xe5e5e5) returned 0xe5e5e5
[0279.270] GetNearestColor (hdc=0x7f010781, color=0xd7d7d7) returned 0xd7d7d7
[0279.270] GetNearestColor (hdc=0x7f010781, color=0x0) returned 0x0
[0279.270] RestoreDC (hdc=0x7f010781, nSavedDC=-1) returned 1
[0279.270] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010781) returned 0x0
[0279.270] IsAppThemed () returned 0x1
[0279.270] GetThemeAppProperties () returned 0x3
[0279.270] GetThemeAppProperties () returned 0x3
[0279.270] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0279.270] SendMessageW (hWnd=0x3000ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0279.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0279.270] IsAppThemed () returned 0x1
[0279.270] GetThemeAppProperties () returned 0x3
[0279.270] GetThemeAppProperties () returned 0x3
[0279.270] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2db74a4 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0279.271] IsAppThemed () returned 0x1
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] IsAppThemed () returned 0x1
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] GetFocus () returned 0x2f02d8
[0279.271] IsAppThemed () returned 0x1
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] IsAppThemed () returned 0x1
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] GetThemeAppProperties () returned 0x3
[0279.271] IsThemePartDefined () returned 0x1
[0279.271] IsAppThemed () returned 0x1
[0279.271] GetThemeAppProperties () returned 0x3
[0279.272] GetThemeAppProperties () returned 0x3
[0279.272] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0279.272] IsAppThemed () returned 0x1
[0279.272] GetThemeAppProperties () returned 0x3
[0279.272] GetThemeAppProperties () returned 0x3
[0279.272] IsAppThemed () returned 0x1
[0279.272] GetThemeAppProperties () returned 0x3
[0279.272] GetThemeAppProperties () returned 0x3
[0279.272] IsThemePartDefined () returned 0x1
[0279.272] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0279.272] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.272] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0279.272] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0279.272] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0279.272] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.272] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0279.272] LocalFree (hMem=0x11eec58) returned 0x0
[0279.272] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0279.272] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0279.272] LocalFree (hMem=0x11eec58) returned 0x0
[0279.273] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0279.273] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0279.273] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0279.273] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0279.273] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.273] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0279.273] GetCurrentObject (hdc=0x7f010781, type=0x1) returned 0xb00017
[0279.273] GetCurrentObject (hdc=0x7f010781, type=0x2) returned 0x900010
[0279.273] GetCurrentObject (hdc=0x7f010781, type=0x7) returned 0x4a0507fe
[0279.273] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.273] SaveDC (hdc=0x7f010781) returned 1
[0279.273] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfc0407de
[0279.273] GetClipRgn (hdc=0x7f010781, hrgn=0xfc0407de) returned 0
[0279.273] SelectClipRgn (hdc=0x7f010781, hrgn=0x6c040807) returned 2
[0279.273] DeleteObject (ho=0xfc0407de) returned 1
[0279.274] DeleteObject (ho=0x6c040807) returned 1
[0279.274] OffsetViewportOrgEx (in: hdc=0x7f010781, x=0, y=0, lppt=0x2db7b54 | out: lppt=0x2db7b54) returned 1
[0279.274] DrawThemeParentBackground () returned 0x0
[0279.274] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0279.274] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0279.274] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.274] GetSystemMetrics (nIndex=42) returned 0
[0279.274] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0279.274] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0279.274] GetCurrentObject (hdc=0x7f010781, type=0x1) returned 0xb00017
[0279.274] GetCurrentObject (hdc=0x7f010781, type=0x2) returned 0x900010
[0279.274] GetCurrentObject (hdc=0x7f010781, type=0x7) returned 0x4a0507fe
[0279.274] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.275] SaveDC (hdc=0x7f010781) returned 2
[0279.275] GetNearestColor (hdc=0x7f010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.275] CreateSolidBrush (color=0xf0f0f0) returned 0x151007e1
[0279.275] FillRect (hDC=0x7f010781, lprc=0xd7da38, hbr=0x151007e1) returned 1
[0279.275] DeleteObject (ho=0x151007e1) returned 1
[0279.275] RestoreDC (hdc=0x7f010781, nSavedDC=-1) returned 1
[0279.275] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.275] GetSystemMetrics (nIndex=42) returned 0
[0279.275] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0279.275] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0279.275] GetCurrentObject (hdc=0x7f010781, type=0x1) returned 0xb00017
[0279.275] GetCurrentObject (hdc=0x7f010781, type=0x2) returned 0x900010
[0279.275] GetCurrentObject (hdc=0x7f010781, type=0x7) returned 0x4a0507fe
[0279.276] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.276] SaveDC (hdc=0x7f010781) returned 2
[0279.276] GetNearestColor (hdc=0x7f010781, color=0xf0f0f0) returned 0xf0f0f0
[0279.276] CreateSolidBrush (color=0xf0f0f0) returned 0x161007e1
[0279.276] FillRect (hDC=0x7f010781, lprc=0xd7d9d8, hbr=0x161007e1) returned 1
[0279.276] DeleteObject (ho=0x161007e1) returned 1
[0279.276] RestoreDC (hdc=0x7f010781, nSavedDC=-1) returned 1
[0279.276] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.276] GetSystemMetrics (nIndex=42) returned 0
[0279.276] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0279.276] RestoreDC (hdc=0x7f010781, nSavedDC=-1) returned 1
[0279.277] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010781) returned 0x0
[0279.277] IsAppThemed () returned 0x1
[0279.277] GetThemeAppProperties () returned 0x3
[0279.277] GetThemeAppProperties () returned 0x3
[0279.277] IsAppThemed () returned 0x1
[0279.277] GetThemeAppProperties () returned 0x3
[0279.277] GetThemeAppProperties () returned 0x3
[0279.277] IsThemePartDefined () returned 0x1
[0279.277] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0279.277] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.277] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0279.277] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0279.277] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df74) returned 0x0
[0279.277] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.277] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0279.277] LocalFree (hMem=0x11ee788) returned 0x0
[0279.277] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0279.277] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee910) returned 0x0
[0279.278] LocalFree (hMem=0x11ee910) returned 0x0
[0279.278] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0279.278] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0279.278] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0279.278] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0279.278] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.278] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0279.278] GetCurrentObject (hdc=0x7f010781, type=0x1) returned 0xb00017
[0279.278] GetCurrentObject (hdc=0x7f010781, type=0x2) returned 0x900010
[0279.285] GetCurrentObject (hdc=0x7f010781, type=0x7) returned 0x4a0507fe
[0279.285] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.285] SaveDC (hdc=0x7f010781) returned 1
[0279.285] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6d040807
[0279.285] GetClipRgn (hdc=0x7f010781, hrgn=0x6d040807) returned 0
[0279.285] SelectClipRgn (hdc=0x7f010781, hrgn=0xfe0407de) returned 2
[0279.285] DeleteObject (ho=0x6d040807) returned 1
[0279.285] DeleteObject (ho=0xfe0407de) returned 1
[0279.285] OffsetViewportOrgEx (in: hdc=0x7f010781, x=0, y=0, lppt=0x2db84d8 | out: lppt=0x2db84d8) returned 1
[0279.285] IsAppThemed () returned 0x1
[0279.285] GetThemeAppProperties () returned 0x3
[0279.285] GetThemeAppProperties () returned 0x3
[0279.285] DrawThemeBackground () returned 0x0
[0279.285] RestoreDC (hdc=0x7f010781, nSavedDC=-1) returned 1
[0279.286] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010781) returned 0x0
[0279.286] GdipCreateRegion (region=0xd7df60) returned 0x0
[0279.286] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.286] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0279.286] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0279.286] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df78) returned 0x0
[0279.286] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0279.286] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0279.286] LocalFree (hMem=0x11eea28) returned 0x0
[0279.286] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0279.286] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0279.286] LocalFree (hMem=0x11eea28) returned 0x0
[0279.286] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0279.286] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0279.286] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0279.286] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0279.287] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.287] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0279.287] GetCurrentObject (hdc=0x7f010781, type=0x1) returned 0xb00017
[0279.287] GetCurrentObject (hdc=0x7f010781, type=0x2) returned 0x900010
[0279.287] GetCurrentObject (hdc=0x7f010781, type=0x7) returned 0x4a0507fe
[0279.287] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.287] SaveDC (hdc=0x7f010781) returned 1
[0279.287] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xff0407de
[0279.287] GetClipRgn (hdc=0x7f010781, hrgn=0xff0407de) returned 0
[0279.287] SelectClipRgn (hdc=0x7f010781, hrgn=0x6e040807) returned 2
[0279.287] DeleteObject (ho=0xff0407de) returned 1
[0279.287] DeleteObject (ho=0x6e040807) returned 1
[0279.287] OffsetViewportOrgEx (in: hdc=0x7f010781, x=0, y=0, lppt=0x2db87ac | out: lppt=0x2db87ac) returned 1
[0279.287] IsAppThemed () returned 0x1
[0279.287] GetThemeAppProperties () returned 0x3
[0279.287] GetThemeAppProperties () returned 0x3
[0279.288] GetThemeBackgroundContentRect () returned 0x0
[0279.288] RestoreDC (hdc=0x7f010781, nSavedDC=-1) returned 1
[0279.288] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010781) returned 0x0
[0279.288] IsAppThemed () returned 0x1
[0279.288] GetThemeAppProperties () returned 0x3
[0279.288] GetThemeAppProperties () returned 0x3
[0279.288] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0279.288] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0279.288] GetCurrentObject (hdc=0x7f010781, type=0x1) returned 0xb00017
[0279.288] GetCurrentObject (hdc=0x7f010781, type=0x2) returned 0x900010
[0279.288] GetCurrentObject (hdc=0x7f010781, type=0x7) returned 0x4a0507fe
[0279.288] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.288] SaveDC (hdc=0x7f010781) returned 1
[0279.288] GetTextAlign (hdc=0x7f010781) returned 0x0
[0279.288] GetTextColor (hdc=0x7f010781) returned 0x0
[0279.288] GetCurrentObject (hdc=0x7f010781, type=0x6) returned 0x8a01c2
[0279.289] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0279.289] SelectObject (hdc=0x7f010781, h=0x6d0a0520) returned 0x8a01c2
[0279.289] GetBkMode (hdc=0x7f010781) returned 2
[0279.289] SetBkMode (hdc=0x7f010781, mode=1) returned 2
[0279.289] DrawTextExW (in: hdc=0x7f010781, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2db8b4c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0279.289] DrawTextExW (in: hdc=0x7f010781, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2db8b4c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0279.289] RestoreDC (hdc=0x7f010781, nSavedDC=-1) returned 1
[0279.290] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010781) returned 0x0
[0279.290] GetFocus () returned 0x2f02d8
[0279.290] IsAppThemed () returned 0x1
[0279.290] GetThemeAppProperties () returned 0x3
[0279.290] GetThemeAppProperties () returned 0x3
[0279.290] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0279.290] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x7f010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.290] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010781) returned 0x0
[0279.290] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.290] SelectObject (hdc=0x7f010781, h=0x85000f) returned 0x4a0507fe
[0279.290] DeleteDC (hdc=0x7f010781) returned 1
[0279.290] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.290] EndPaint (hWnd=0x2302ce, lpPaint=0xd7e24c) returned 1
[0279.291] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.291] IsWindowUnicode (hWnd=0x602c4) returned 1
[0279.291] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.291] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.291] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.291] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0279.292] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.292] CreateCompatibleDC (hdc=0xf0105ee) returned 0x81010781
[0279.292] SelectObject (hdc=0x81010781, h=0x4a0507fe) returned 0x85000f
[0279.292] GdipCreateFromHDC (hdc=0x81010781, graphics=0xd7e268) returned 0x0
[0279.292] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.292] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0279.292] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0279.292] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0279.292] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0279.292] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.292] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0279.292] LocalFree (hMem=0x11ee788) returned 0x0
[0279.292] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0279.293] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0279.293] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0279.293] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0279.293] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0279.293] GdipRestoreGraphics (graphics=0x6600030, state=0xf6c20dbd) returned 0x0
[0279.293] GdipDeleteRegion (region=0x6646568) returned 0x0
[0279.293] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0279.293] GetCurrentObject (hdc=0x81010781, type=0x1) returned 0xb00017
[0279.293] GetCurrentObject (hdc=0x81010781, type=0x2) returned 0x900010
[0279.293] GetCurrentObject (hdc=0x81010781, type=0x7) returned 0x4a0507fe
[0279.293] GetCurrentObject (hdc=0x81010781, type=0x6) returned 0x8a01c2
[0279.293] SaveDC (hdc=0x81010781) returned 1
[0279.293] GetNearestColor (hdc=0x81010781, color=0xff) returned 0xff
[0279.293] GetNearestColor (hdc=0x81010781, color=0x55) returned 0x55
[0279.293] GetNearestColor (hdc=0x81010781, color=0x0) returned 0x0
[0279.294] GetNearestColor (hdc=0x81010781, color=0x55) returned 0x55
[0279.300] GetNearestColor (hdc=0x81010781, color=0x0) returned 0x0
[0279.300] GetNearestColor (hdc=0x81010781, color=0x8080ff) returned 0x8080ff
[0279.301] GetNearestColor (hdc=0x81010781, color=0x7373e5) returned 0x7373e5
[0279.301] GetNearestColor (hdc=0x81010781, color=0xe5) returned 0xe5
[0279.301] GetNearestColor (hdc=0x81010781, color=0x0) returned 0x0
[0279.301] RestoreDC (hdc=0x81010781, nSavedDC=-1) returned 1
[0279.301] GdipReleaseDC (graphics=0x6600030, hdc=0x81010781) returned 0x0
[0279.301] IsAppThemed () returned 0x1
[0279.301] GetThemeAppProperties () returned 0x3
[0279.301] GetThemeAppProperties () returned 0x3
[0279.301] IsAppThemed () returned 0x1
[0279.301] GetThemeAppProperties () returned 0x3
[0279.301] GetThemeAppProperties () returned 0x3
[0279.301] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2db9314 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0279.302] IsAppThemed () returned 0x1
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] IsAppThemed () returned 0x1
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] GetFocus () returned 0x2f02d8
[0279.302] IsAppThemed () returned 0x1
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] IsAppThemed () returned 0x1
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] IsThemePartDefined () returned 0x1
[0279.302] IsAppThemed () returned 0x1
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] GetThemeAppProperties () returned 0x3
[0279.302] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0279.303] IsAppThemed () returned 0x1
[0279.303] GetThemeAppProperties () returned 0x3
[0279.303] GetThemeAppProperties () returned 0x3
[0279.303] IsAppThemed () returned 0x1
[0279.303] GetThemeAppProperties () returned 0x3
[0279.303] GetThemeAppProperties () returned 0x3
[0279.303] IsThemePartDefined () returned 0x1
[0279.303] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0279.303] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.303] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0279.303] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0279.304] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0279.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.304] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0279.304] LocalFree (hMem=0x11ee788) returned 0x0
[0279.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.304] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0279.304] LocalFree (hMem=0x11ee788) returned 0x0
[0279.304] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0279.304] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0279.304] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0279.304] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0279.304] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.304] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0279.304] GetCurrentObject (hdc=0x81010781, type=0x1) returned 0xb00017
[0279.304] GetCurrentObject (hdc=0x81010781, type=0x2) returned 0x900010
[0279.304] GetCurrentObject (hdc=0x81010781, type=0x7) returned 0x4a0507fe
[0279.305] GetCurrentObject (hdc=0x81010781, type=0x6) returned 0x8a01c2
[0279.305] SaveDC (hdc=0x81010781) returned 1
[0279.305] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6f040807
[0279.305] GetClipRgn (hdc=0x81010781, hrgn=0x6f040807) returned 0
[0279.305] SelectClipRgn (hdc=0x81010781, hrgn=0x30407de) returned 2
[0279.305] DeleteObject (ho=0x6f040807) returned 1
[0279.305] DeleteObject (ho=0x30407de) returned 1
[0279.305] OffsetViewportOrgEx (in: hdc=0x81010781, x=0, y=0, lppt=0x2db99c4 | out: lppt=0x2db99c4) returned 1
[0279.305] DrawThemeParentBackground () returned 0x0
[0279.305] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0279.305] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0279.305] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0279.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0279.306] GetSystemMetrics (nIndex=42) returned 0
[0279.306] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0279.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0279.306] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0279.306] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0279.306] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0279.306] SelectPalette (hdc=0x81010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.306] GdipCreateFromHDC (hdc=0x81010781, graphics=0xd7dac8) returned 0x0
[0279.306] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0279.306] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0279.306] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638b48) returned 0x0
[0279.306] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7daa0) returned 0x0
[0279.306] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0279.306] GdipCreateRegion (region=0xd7da88) returned 0x0
[0279.307] GdipGetClip (graphics=0x6638e08, region=0x66463b8) returned 0x0
[0279.307] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6638e08, result=0xd7da94) returned 0x0
[0279.307] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.307] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dac0) returned 0x0
[0279.307] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0279.322] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648b38, x=0, y=0, width=801, height=453) returned 0x0
[0279.322] GdipDeleteBrush (brush=0x6648b38) returned 0x0
[0279.324] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0279.324] SelectPalette (hdc=0x81010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.324] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0279.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0279.324] GetSystemMetrics (nIndex=42) returned 0
[0279.324] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0279.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0279.324] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0279.325] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0279.325] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0279.325] SelectPalette (hdc=0x81010781, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.325] GdipCreateFromHDC (hdc=0x81010781, graphics=0xd7da68) returned 0x0
[0279.326] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0279.326] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0279.326] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638d88) returned 0x0
[0279.326] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7da40) returned 0x0
[0279.326] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0279.326] GdipCreateRegion (region=0xd7da28) returned 0x0
[0279.326] GdipGetClip (graphics=0x6638e08, region=0x6646448) returned 0x0
[0279.326] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6638e08, result=0xd7da34) returned 0x0
[0279.326] GdipDeleteRegion (region=0x6646448) returned 0x0
[0279.326] GdipSaveGraphics (graphics=0x6638e08, state=0xd7da60) returned 0x0
[0279.326] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0279.335] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648c70, x=0, y=0, width=801, height=453) returned 0x0
[0279.335] GdipDeleteBrush (brush=0x6648c70) returned 0x0
[0279.336] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6be0dbd) returned 0x0
[0279.336] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0279.336] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0279.337] GetSystemMetrics (nIndex=42) returned 0
[0279.337] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0279.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0279.337] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0279.337] SelectPalette (hdc=0x81010781, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.337] RestoreDC (hdc=0x81010781, nSavedDC=-1) returned 1
[0279.337] GdipReleaseDC (graphics=0x6600030, hdc=0x81010781) returned 0x0
[0279.337] IsAppThemed () returned 0x1
[0279.337] GetThemeAppProperties () returned 0x3
[0279.337] GetThemeAppProperties () returned 0x3
[0279.337] IsAppThemed () returned 0x1
[0279.338] GetThemeAppProperties () returned 0x3
[0279.338] GetThemeAppProperties () returned 0x3
[0279.338] IsThemePartDefined () returned 0x1
[0279.338] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0279.338] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.338] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0279.338] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0279.338] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0279.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0279.338] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea28) returned 0x0
[0279.338] LocalFree (hMem=0x11eea28) returned 0x0
[0279.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0279.338] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0279.338] LocalFree (hMem=0x11ee868) returned 0x0
[0279.338] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0279.338] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0279.338] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0279.338] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0279.339] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.339] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0279.339] GetCurrentObject (hdc=0x81010781, type=0x1) returned 0xb00017
[0279.339] GetCurrentObject (hdc=0x81010781, type=0x2) returned 0x900010
[0279.339] GetCurrentObject (hdc=0x81010781, type=0x7) returned 0x4a0507fe
[0279.339] GetCurrentObject (hdc=0x81010781, type=0x6) returned 0x8a01c2
[0279.339] SaveDC (hdc=0x81010781) returned 1
[0279.339] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x40407de
[0279.339] GetClipRgn (hdc=0x81010781, hrgn=0x40407de) returned 0
[0279.339] SelectClipRgn (hdc=0x81010781, hrgn=0x71040807) returned 2
[0279.339] DeleteObject (ho=0x40407de) returned 1
[0279.339] DeleteObject (ho=0x71040807) returned 1
[0279.339] OffsetViewportOrgEx (in: hdc=0x81010781, x=0, y=0, lppt=0x2dc0214 | out: lppt=0x2dc0214) returned 1
[0279.339] IsAppThemed () returned 0x1
[0279.340] GetThemeAppProperties () returned 0x3
[0279.340] GetThemeAppProperties () returned 0x3
[0279.340] DrawThemeBackground () returned 0x0
[0279.340] RestoreDC (hdc=0x81010781, nSavedDC=-1) returned 1
[0279.340] GdipReleaseDC (graphics=0x6600030, hdc=0x81010781) returned 0x0
[0279.340] GdipCreateRegion (region=0xd7df60) returned 0x0
[0279.340] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.340] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0279.340] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0279.340] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0279.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.340] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0279.340] LocalFree (hMem=0x11ee788) returned 0x0
[0279.340] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0279.340] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eead0) returned 0x0
[0279.340] LocalFree (hMem=0x11eead0) returned 0x0
[0279.340] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0279.340] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0279.340] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0279.341] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0279.348] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.348] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0279.348] GetCurrentObject (hdc=0x81010781, type=0x1) returned 0xb00017
[0279.348] GetCurrentObject (hdc=0x81010781, type=0x2) returned 0x900010
[0279.348] GetCurrentObject (hdc=0x81010781, type=0x7) returned 0x4a0507fe
[0279.348] GetCurrentObject (hdc=0x81010781, type=0x6) returned 0x8a01c2
[0279.348] SaveDC (hdc=0x81010781) returned 1
[0279.348] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x72040807
[0279.348] GetClipRgn (hdc=0x81010781, hrgn=0x72040807) returned 0
[0279.348] SelectClipRgn (hdc=0x81010781, hrgn=0x50407de) returned 2
[0279.349] DeleteObject (ho=0x72040807) returned 1
[0279.349] DeleteObject (ho=0x50407de) returned 1
[0279.349] OffsetViewportOrgEx (in: hdc=0x81010781, x=0, y=0, lppt=0x2dc04e8 | out: lppt=0x2dc04e8) returned 1
[0279.349] IsAppThemed () returned 0x1
[0279.349] GetThemeAppProperties () returned 0x3
[0279.349] GetThemeAppProperties () returned 0x3
[0279.349] GetThemeBackgroundContentRect () returned 0x0
[0279.349] RestoreDC (hdc=0x81010781, nSavedDC=-1) returned 1
[0279.349] GdipReleaseDC (graphics=0x6600030, hdc=0x81010781) returned 0x0
[0279.349] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0279.349] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0279.349] GdipFillRectangleI (graphics=0x6600030, brush=0x6659db8, x=4, y=4, width=67, height=15) returned 0x0
[0279.349] GdipDeleteBrush (brush=0x6659db8) returned 0x0
[0279.349] IsAppThemed () returned 0x1
[0279.349] GetThemeAppProperties () returned 0x3
[0279.349] GetThemeAppProperties () returned 0x3
[0279.350] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0279.350] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0279.350] GetCurrentObject (hdc=0x81010781, type=0x1) returned 0xb00017
[0279.350] GetCurrentObject (hdc=0x81010781, type=0x2) returned 0x900010
[0279.350] GetCurrentObject (hdc=0x81010781, type=0x7) returned 0x4a0507fe
[0279.350] GetCurrentObject (hdc=0x81010781, type=0x6) returned 0x8a01c2
[0279.350] SaveDC (hdc=0x81010781) returned 1
[0279.350] GetTextAlign (hdc=0x81010781) returned 0x0
[0279.350] GetTextColor (hdc=0x81010781) returned 0x0
[0279.350] GetCurrentObject (hdc=0x81010781, type=0x6) returned 0x8a01c2
[0279.350] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0279.350] SelectObject (hdc=0x81010781, h=0x6d0a0520) returned 0x8a01c2
[0279.350] GetBkMode (hdc=0x81010781) returned 2
[0279.350] SetBkMode (hdc=0x81010781, mode=1) returned 2
[0279.351] DrawTextExW (in: hdc=0x81010781, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc08ac | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0279.351] DrawTextExW (in: hdc=0x81010781, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc08ac | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0279.351] RestoreDC (hdc=0x81010781, nSavedDC=-1) returned 1
[0279.351] GdipReleaseDC (graphics=0x6600030, hdc=0x81010781) returned 0x0
[0279.352] GetFocus () returned 0x2f02d8
[0279.352] IsAppThemed () returned 0x1
[0279.352] GetThemeAppProperties () returned 0x3
[0279.352] GetThemeAppProperties () returned 0x3
[0279.352] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0279.352] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x81010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.352] GdipReleaseDC (graphics=0x6600030, hdc=0x81010781) returned 0x0
[0279.352] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.352] SelectObject (hdc=0x81010781, h=0x85000f) returned 0x4a0507fe
[0279.352] DeleteDC (hdc=0x81010781) returned 1
[0279.352] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.352] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0279.353] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.353] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.353] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.353] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.353] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.353] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.353] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.353] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.353] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.353] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.353] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x2a1, wParam=0x0, lParam=0x40042) returned 0x0
[0279.353] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0279.353] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0279.353] WaitMessage () returned 1
[0279.415] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.415] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.415] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.415] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.415] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.415] GetDlgItem (hDlg=0x3000ea, nIDDlgItem=0) returned 0x0
[0279.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x210, wParam=0x201, lParam=0x620123) returned 0x0
[0279.416] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x21, wParam=0x3000ea, lParam=0x2010001) returned 0x1
[0279.416] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x21, wParam=0x3000ea, lParam=0x2010001) returned 0x1
[0279.416] SetCursor (hCursor=0x10003) returned 0x10003
[0279.416] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.416] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.416] GetKeyState (nVirtKey=1) returned -127
[0279.416] GetKeyState (nVirtKey=2) returned 0
[0279.416] GetKeyState (nVirtKey=4) returned 0
[0279.416] GetKeyState (nVirtKey=5) returned 0
[0279.416] GetKeyState (nVirtKey=6) returned 0
[0279.416] IsWindowVisible (hWnd=0x2d02da) returned 1
[0279.416] IsWindowEnabled (hWnd=0x2d02da) returned 1
[0279.416] SetFocus (hWnd=0x2d02da) returned 0x2f02d8
[0279.417] GetFocus () returned 0x2d02da
[0279.417] IsChild (hWndParent=0x3000ea, hWnd=0x2d02da) returned 1
[0279.417] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x8, wParam=0x2d02da, lParam=0x0) returned 0x0
[0279.417] GetCapture () returned 0x0
[0279.417] InvalidateRect (hWnd=0x2f02d8, lpRect=0x0, bErase=0) returned 1
[0279.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0279.426] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0279.428] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0279.428] InvalidateRect (hWnd=0x2f02d8, lpRect=0x0, bErase=0) returned 1
[0279.428] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.428] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x7, wParam=0x2f02d8, lParam=0x0) returned 0x0
[0279.428] GetStockObject (i=5) returned 0x900015
[0279.428] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0279.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0279.429] GetDlgItem (hDlg=0x3000ea, nIDDlgItem=2949850) returned 0x2d02da
[0279.429] SendMessageW (hWnd=0x2d02da, Msg=0x202b, wParam=0x2d02da, lParam=0xd7dddc) returned 0x0
[0279.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x202b, wParam=0x2d02da, lParam=0xd7dddc) returned 0x0
[0279.429] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.431] GetFocus () returned 0x2d02da
[0279.431] GetFocus () returned 0x2d02da
[0279.431] GetFocus () returned 0x2d02da
[0279.432] GetKeyState (nVirtKey=1) returned -127
[0279.432] GetKeyState (nVirtKey=2) returned 0
[0279.432] GetKeyState (nVirtKey=4) returned 0
[0279.432] GetKeyState (nVirtKey=5) returned 0
[0279.432] GetKeyState (nVirtKey=6) returned 0
[0279.432] GetCapture () returned 0x0
[0279.432] SetCapture (hWnd=0x2d02da) returned 0x0
[0279.432] GetKeyState (nVirtKey=1) returned -127
[0279.432] GetKeyState (nVirtKey=2) returned 0
[0279.432] GetKeyState (nVirtKey=4) returned 0
[0279.432] GetKeyState (nVirtKey=5) returned 0
[0279.432] GetKeyState (nVirtKey=6) returned 0
[0279.432] NotifyWinEvent (event=0x800a, hwnd=0x2d02da, idObject=-4, idChild=0)
[0279.432] InvalidateRect (hWnd=0x2d02da, lpRect=0xd7e430, bErase=0) returned 1
[0279.432] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.432] IsWindowUnicode (hWnd=0x2d02da) returned 1
[0279.432] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.432] TranslateMessage (lpMsg=0xd7e808) returned 0
[0279.433] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0279.433] MapWindowPoints (in: hWndFrom=0x2d02da, hWndTo=0x0, lpPoints=0x2dc0ac0, cPoints=0x1 | out: lpPoints=0x2dc0ac0) returned 30999254
[0279.433] NotifyWinEvent (event=0x800a, hwnd=0x2d02da, idObject=-4, idChild=0)
[0279.433] InvalidateRect (hWnd=0x2d02da, lpRect=0xd7e3d0, bErase=0) returned 1
[0279.433] UpdateWindow (hWnd=0x2d02da) returned 1
[0279.433] BeginPaint (in: hWnd=0x2d02da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0279.433] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.433] CreateCompatibleDC (hdc=0xc0107c5) returned 0xb00107d7
[0279.433] SelectObject (hdc=0xb00107d7, h=0x4a0507fe) returned 0x85000f
[0279.433] GdipCreateFromHDC (hdc=0xb00107d7, graphics=0xd7df00) returned 0x0
[0279.433] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.434] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0279.434] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0279.434] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0279.434] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df60) returned 0x0
[0279.434] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0279.434] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee8d8) returned 0x0
[0279.434] LocalFree (hMem=0x11ee8d8) returned 0x0
[0279.434] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0279.434] GdipCreateRegion (region=0xd7df48) returned 0x0
[0279.434] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.434] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0279.434] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0279.436] GdipRestoreGraphics (graphics=0x6600030, state=0xf6bc0dbd) returned 0x0
[0279.436] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.436] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0279.436] GetCurrentObject (hdc=0xb00107d7, type=0x1) returned 0xb00017
[0279.436] GetCurrentObject (hdc=0xb00107d7, type=0x2) returned 0x900010
[0279.436] GetCurrentObject (hdc=0xb00107d7, type=0x7) returned 0x4a0507fe
[0279.436] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.436] SaveDC (hdc=0xb00107d7) returned 1
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0xf0f0f0) returned 0xf0f0f0
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0xa0a0a0) returned 0xa0a0a0
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0x696969) returned 0x696969
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0xa0a0a0) returned 0xa0a0a0
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0x0) returned 0x0
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0xffffff) returned 0xffffff
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0xe5e5e5) returned 0xe5e5e5
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0xd7d7d7) returned 0xd7d7d7
[0279.437] GetNearestColor (hdc=0xb00107d7, color=0x0) returned 0x0
[0279.437] RestoreDC (hdc=0xb00107d7, nSavedDC=-1) returned 1
[0279.437] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107d7) returned 0x0
[0279.437] IsAppThemed () returned 0x1
[0279.437] GetThemeAppProperties () returned 0x3
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] IsAppThemed () returned 0x1
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dc1218 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0279.438] IsAppThemed () returned 0x1
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] IsAppThemed () returned 0x1
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] IsAppThemed () returned 0x1
[0279.438] GetThemeAppProperties () returned 0x3
[0279.438] GetThemeAppProperties () returned 0x3
[0279.439] IsAppThemed () returned 0x1
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] IsThemePartDefined () returned 0x1
[0279.439] IsAppThemed () returned 0x1
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0279.439] IsAppThemed () returned 0x1
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] IsAppThemed () returned 0x1
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] GetThemeAppProperties () returned 0x3
[0279.439] IsThemePartDefined () returned 0x1
[0279.439] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0279.439] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.439] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0279.439] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0279.439] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc7c) returned 0x0
[0279.440] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0279.440] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0279.440] LocalFree (hMem=0x11eecc8) returned 0x0
[0279.440] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0279.440] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0279.440] LocalFree (hMem=0x11eed00) returned 0x0
[0279.440] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0279.440] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0279.440] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0279.440] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0279.440] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.440] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0279.440] GetCurrentObject (hdc=0xb00107d7, type=0x1) returned 0xb00017
[0279.440] GetCurrentObject (hdc=0xb00107d7, type=0x2) returned 0x900010
[0279.440] GetCurrentObject (hdc=0xb00107d7, type=0x7) returned 0x4a0507fe
[0279.440] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.441] SaveDC (hdc=0xb00107d7) returned 1
[0279.441] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x60407de
[0279.441] GetClipRgn (hdc=0xb00107d7, hrgn=0x60407de) returned 0
[0279.441] SelectClipRgn (hdc=0xb00107d7, hrgn=0x76040807) returned 2
[0279.441] DeleteObject (ho=0x60407de) returned 1
[0279.441] DeleteObject (ho=0x76040807) returned 1
[0279.441] OffsetViewportOrgEx (in: hdc=0xb00107d7, x=0, y=0, lppt=0x2dc18c8 | out: lppt=0x2dc18c8) returned 1
[0279.441] DrawThemeParentBackground () returned 0x0
[0279.441] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0279.441] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0279.441] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.441] GetSystemMetrics (nIndex=42) returned 0
[0279.442] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0279.442] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0279.442] GetCurrentObject (hdc=0xb00107d7, type=0x1) returned 0xb00017
[0279.442] GetCurrentObject (hdc=0xb00107d7, type=0x2) returned 0x900010
[0279.442] GetCurrentObject (hdc=0xb00107d7, type=0x7) returned 0x4a0507fe
[0279.442] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.442] SaveDC (hdc=0xb00107d7) returned 2
[0279.442] GetNearestColor (hdc=0xb00107d7, color=0xf0f0f0) returned 0xf0f0f0
[0279.442] CreateSolidBrush (color=0xf0f0f0) returned 0x171007e1
[0279.442] FillRect (hDC=0xb00107d7, lprc=0xd7d6c8, hbr=0x171007e1) returned 1
[0279.442] DeleteObject (ho=0x171007e1) returned 1
[0279.442] RestoreDC (hdc=0xb00107d7, nSavedDC=-1) returned 1
[0279.442] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.442] GetSystemMetrics (nIndex=42) returned 0
[0279.442] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0279.443] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0279.443] GetCurrentObject (hdc=0xb00107d7, type=0x1) returned 0xb00017
[0279.443] GetCurrentObject (hdc=0xb00107d7, type=0x2) returned 0x900010
[0279.443] GetCurrentObject (hdc=0xb00107d7, type=0x7) returned 0x4a0507fe
[0279.443] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.443] SaveDC (hdc=0xb00107d7) returned 2
[0279.443] GetNearestColor (hdc=0xb00107d7, color=0xf0f0f0) returned 0xf0f0f0
[0279.443] CreateSolidBrush (color=0xf0f0f0) returned 0x181007e1
[0279.443] FillRect (hDC=0xb00107d7, lprc=0xd7d668, hbr=0x181007e1) returned 1
[0279.443] DeleteObject (ho=0x181007e1) returned 1
[0279.443] RestoreDC (hdc=0xb00107d7, nSavedDC=-1) returned 1
[0279.443] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.443] GetSystemMetrics (nIndex=42) returned 0
[0279.443] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0279.444] RestoreDC (hdc=0xb00107d7, nSavedDC=-1) returned 1
[0279.444] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107d7) returned 0x0
[0279.444] IsAppThemed () returned 0x1
[0279.444] GetThemeAppProperties () returned 0x3
[0279.444] GetThemeAppProperties () returned 0x3
[0279.444] IsAppThemed () returned 0x1
[0279.444] GetThemeAppProperties () returned 0x3
[0279.444] GetThemeAppProperties () returned 0x3
[0279.444] IsThemePartDefined () returned 0x1
[0279.444] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0279.444] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0279.444] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0279.444] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0279.444] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0279.445] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0279.445] LocalFree (hMem=0x11eec58) returned 0x0
[0279.445] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0279.445] LocalFree (hMem=0x11eec58) returned 0x0
[0279.445] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0279.445] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0279.445] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0279.445] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0279.445] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0279.445] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0279.445] GetCurrentObject (hdc=0xb00107d7, type=0x1) returned 0xb00017
[0279.445] GetCurrentObject (hdc=0xb00107d7, type=0x2) returned 0x900010
[0279.445] GetCurrentObject (hdc=0xb00107d7, type=0x7) returned 0x4a0507fe
[0279.445] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.445] SaveDC (hdc=0xb00107d7) returned 1
[0279.445] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x77040807
[0279.445] GetClipRgn (hdc=0xb00107d7, hrgn=0x77040807) returned 0
[0279.446] SelectClipRgn (hdc=0xb00107d7, hrgn=0x80407de) returned 2
[0279.446] DeleteObject (ho=0x77040807) returned 1
[0279.446] DeleteObject (ho=0x80407de) returned 1
[0279.446] OffsetViewportOrgEx (in: hdc=0xb00107d7, x=0, y=0, lppt=0x2dc224c | out: lppt=0x2dc224c) returned 1
[0279.446] IsAppThemed () returned 0x1
[0279.446] GetThemeAppProperties () returned 0x3
[0279.446] GetThemeAppProperties () returned 0x3
[0279.446] DrawThemeBackground () returned 0x0
[0279.446] RestoreDC (hdc=0xb00107d7, nSavedDC=-1) returned 1
[0279.446] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107d7) returned 0x0
[0279.446] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0279.446] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.446] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0279.446] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0279.446] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc04) returned 0x0
[0279.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0279.447] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eed00) returned 0x0
[0279.447] LocalFree (hMem=0x11eed00) returned 0x0
[0279.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0279.447] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0279.447] LocalFree (hMem=0x11eecc8) returned 0x0
[0279.447] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0279.447] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0279.447] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0279.447] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0279.447] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.447] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0279.447] GetCurrentObject (hdc=0xb00107d7, type=0x1) returned 0xb00017
[0279.447] GetCurrentObject (hdc=0xb00107d7, type=0x2) returned 0x900010
[0279.447] GetCurrentObject (hdc=0xb00107d7, type=0x7) returned 0x4a0507fe
[0279.447] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.447] SaveDC (hdc=0xb00107d7) returned 1
[0279.448] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x90407de
[0279.448] GetClipRgn (hdc=0xb00107d7, hrgn=0x90407de) returned 0
[0279.448] SelectClipRgn (hdc=0xb00107d7, hrgn=0x78040807) returned 2
[0279.448] DeleteObject (ho=0x90407de) returned 1
[0279.448] DeleteObject (ho=0x78040807) returned 1
[0279.448] OffsetViewportOrgEx (in: hdc=0xb00107d7, x=0, y=0, lppt=0x2dc2520 | out: lppt=0x2dc2520) returned 1
[0279.448] IsAppThemed () returned 0x1
[0279.448] GetThemeAppProperties () returned 0x3
[0279.448] GetThemeAppProperties () returned 0x3
[0279.448] GetThemeBackgroundContentRect () returned 0x0
[0279.448] RestoreDC (hdc=0xb00107d7, nSavedDC=-1) returned 1
[0279.448] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107d7) returned 0x0
[0279.448] IsAppThemed () returned 0x1
[0279.448] GetThemeAppProperties () returned 0x3
[0279.448] GetThemeAppProperties () returned 0x3
[0279.448] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0279.449] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0279.449] GetCurrentObject (hdc=0xb00107d7, type=0x1) returned 0xb00017
[0279.449] GetCurrentObject (hdc=0xb00107d7, type=0x2) returned 0x900010
[0279.449] GetCurrentObject (hdc=0xb00107d7, type=0x7) returned 0x4a0507fe
[0279.449] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.449] SaveDC (hdc=0xb00107d7) returned 1
[0279.449] GetTextAlign (hdc=0xb00107d7) returned 0x0
[0279.449] GetTextColor (hdc=0xb00107d7) returned 0x0
[0279.449] GetCurrentObject (hdc=0xb00107d7, type=0x6) returned 0x8a01c2
[0279.449] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0279.449] SelectObject (hdc=0xb00107d7, h=0x6d0a0520) returned 0x8a01c2
[0279.449] GetBkMode (hdc=0xb00107d7) returned 2
[0279.449] SetBkMode (hdc=0xb00107d7, mode=1) returned 2
[0279.450] DrawTextExW (in: hdc=0xb00107d7, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dc28c0 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0279.452] DrawTextExW (in: hdc=0xb00107d7, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dc28c0 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0279.453] RestoreDC (hdc=0xb00107d7, nSavedDC=-1) returned 1
[0279.453] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107d7) returned 0x0
[0279.453] GetFocus () returned 0x2d02da
[0279.453] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0279.453] SendMessageW (hWnd=0x3000ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0279.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0279.453] IsAppThemed () returned 0x1
[0279.453] GetThemeAppProperties () returned 0x3
[0279.453] GetThemeAppProperties () returned 0x3
[0279.453] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0279.453] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xb00107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.453] GdipReleaseDC (graphics=0x6600030, hdc=0xb00107d7) returned 0x0
[0279.453] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.454] SelectObject (hdc=0xb00107d7, h=0x85000f) returned 0x4a0507fe
[0279.454] DeleteDC (hdc=0xb00107d7) returned 1
[0279.454] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.454] EndPaint (hWnd=0x2d02da, lpPaint=0xd7dee4) returned 1
[0279.454] MapWindowPoints (in: hWndFrom=0x2d02da, hWndTo=0x0, lpPoints=0x2dc29bc, cPoints=0x1 | out: lpPoints=0x2dc29bc) returned 30999254
[0279.454] WindowFromPoint (Point=0x318) returned 0x2d02da
[0279.454] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.454] NotifyWinEvent (event=0x800a, hwnd=0x2d02da, idObject=-4, idChild=0)
[0279.454] NotifyWinEvent (event=0x800c, hwnd=0x2d02da, idObject=-4, idChild=0)
[0279.454] GetCapture () returned 0x2d02da
[0279.454] ReleaseCapture () returned 1
[0279.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0279.455] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0279.455] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.455] IsWindow (hWnd=0x7005c) returned 1
[0279.455] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0279.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0279.456] IsWindow (hWnd=0x3000ea) returned 1
[0279.456] SetActiveWindow (hWnd=0x3000ea) returned 0x3000ea
[0279.456] IsWindow (hWnd=0x3000ea) returned 1
[0279.456] SetFocus (hWnd=0x3000ea) returned 0x2d02da
[0279.457] GetFocus () returned 0x3000ea
[0279.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x8, wParam=0x3000ea, lParam=0x0) returned 0x0
[0279.457] GetCapture () returned 0x0
[0279.457] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.458] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0279.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0279.462] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0279.462] GetFocus () returned 0x3000ea
[0279.462] SetFocus (hWnd=0x2d02da) returned 0x3000ea
[0279.462] GetFocus () returned 0x2d02da
[0279.462] IsChild (hWndParent=0x3000ea, hWnd=0x2d02da) returned 1
[0279.462] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x8, wParam=0x2d02da, lParam=0x0) returned 0x0
[0279.463] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0279.465] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0279.470] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0279.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x7, wParam=0x3000ea, lParam=0x0) returned 0x0
[0279.470] GetStockObject (i=5) returned 0x900015
[0279.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0279.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0279.470] GetDlgItem (hDlg=0x3000ea, nIDDlgItem=2949850) returned 0x2d02da
[0279.470] SendMessageW (hWnd=0x2d02da, Msg=0x202b, wParam=0x2d02da, lParam=0xd7ddcc) returned 0x0
[0279.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x202b, wParam=0x2d02da, lParam=0xd7ddcc) returned 0x0
[0279.470] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.472] GetWindowLongW (hWnd=0x3000ea, nIndex=-8) returned 458844
[0279.472] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0279.472] GetCurrentThreadId () returned 0xf50
[0279.472] IsWindow (hWnd=0x7005c) returned 1
[0279.472] IsWindow (hWnd=0x7005c) returned 1
[0279.472] IsWindowVisible (hWnd=0x7005c) returned 1
[0279.472] SetActiveWindow (hWnd=0x7005c) returned 0x3000ea
[0279.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0279.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0279.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0279.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0279.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0279.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0279.477] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0279.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0279.477] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0279.477] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0279.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0279.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0279.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0279.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3000ea) returned 0x1
[0279.482] GetFocus () returned 0x2d02da
[0279.482] SetFocus (hWnd=0x602c4) returned 0x2d02da
[0279.483] GetFocus () returned 0x602c4
[0279.483] IsChild (hWndParent=0x3000ea, hWnd=0x602c4) returned 0
[0279.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0279.483] GetCapture () returned 0x0
[0279.483] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.484] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0279.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0279.487] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0279.487] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0279.488] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0279.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0279.488] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0279.488] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2d02da, lParam=0x0) returned 0x0
[0279.489] GetStockObject (i=5) returned 0x900015
[0279.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0279.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed828) returned 0xc
[0279.489] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0279.489] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0279.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0279.489] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0279.491] GetFocus () returned 0x602c4
[0279.491] IsChild (hWndParent=0x3000ea, hWnd=0x602c4) returned 0
[0279.491] ShowWindow (hWnd=0x3000ea, nCmdShow=0) returned 1
[0279.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0279.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0279.493] GetWindowPlacement (in: hWnd=0x3000ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0279.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0279.493] GetClientRect (in: hWnd=0x3000ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0279.493] GetWindowRect (in: hWnd=0x3000ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0279.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0279.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0279.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0279.494] GetWindowLongW (hWnd=0x3000ea, nIndex=-20) returned 327945
[0279.494] DestroyWindow (hWnd=0x3000ea) returned 1
[0279.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0279.495] GetWindowTextLengthW (hWnd=0x3000ea) returned 24
[0279.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0279.495] GetSystemMetrics (nIndex=42) returned 0
[0279.495] GetWindowTextW (in: hWnd=0x3000ea, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0279.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0279.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0279.495] GetWindowTextLengthW (hWnd=0x2702c8) returned 0
[0279.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0279.495] GetSystemMetrics (nIndex=42) returned 0
[0279.495] GetWindowTextW (in: hWnd=0x2702c8, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0279.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0279.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0279.496] GetWindowThreadProcessId (in: hWnd=0x2d02de, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0279.496] GetWindow (hWnd=0x2d02de, uCmd=0x5) returned 0x0
[0279.496] GetWindowLongW (hWnd=0x2d02de, nIndex=-20) returned 65792
[0279.496] DestroyWindow (hWnd=0x2d02de) returned 1
[0279.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0279.496] GetWindowTextLengthW (hWnd=0x2d02de) returned 25
[0279.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0279.496] GetSystemMetrics (nIndex=42) returned 0
[0279.496] GetWindowTextW (in: hWnd=0x2d02de, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0279.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0279.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0279.497] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.508] GetWindowTextLengthW (hWnd=0x2202d0) returned 232
[0279.508] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0279.508] GetSystemMetrics (nIndex=42) returned 0
[0279.508] GetWindowTextW (in: hWnd=0x2202d0, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0279.508] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0279.509] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0279.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0279.509] InvalidateRect (hWnd=0x2d02da, lpRect=0x0, bErase=0) returned 1
[0279.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0279.509] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0279.509] SendMessageW (hWnd=0x2d02dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0279.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0279.509] SendMessageW (hWnd=0x2d02dc, Msg=0xb0, wParam=0x2d8c678, lParam=0xd7e480) returned 0x0
[0279.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0xb0, wParam=0x2d8c678, lParam=0xd7e480) returned 0x0
[0279.509] GetWindowTextLengthW (hWnd=0x2d02dc) returned 4363
[0279.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0279.510] GetSystemMetrics (nIndex=42) returned 0
[0279.510] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0279.510] GetWindowTextW (in: hWnd=0x2d02dc, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0279.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0279.510] CoTaskMemFree (pv=0x1202960)
[0279.510] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0279.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.512] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2202d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.513] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.515] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.516] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.517] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.519] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3000ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0279.520] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.520] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.520] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.521] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.521] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.521] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.521] IsWindowUnicode (hWnd=0x7005c) returned 1
[0279.521] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.521] SetCursor (hCursor=0x10003) returned 0x10003
[0279.522] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.522] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.522] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0279.522] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0279.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0279.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x108025a) returned 0x0
[0279.522] GetKeyState (nVirtKey=1) returned 1
[0279.522] GetKeyState (nVirtKey=2) returned 0
[0279.522] GetKeyState (nVirtKey=4) returned 0
[0279.522] GetKeyState (nVirtKey=5) returned 0
[0279.522] GetKeyState (nVirtKey=6) returned 0
[0279.522] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.523] IsWindowUnicode (hWnd=0x7005c) returned 1
[0279.523] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.523] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.523] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.523] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.524] IsWindowUnicode (hWnd=0x7005c) returned 1
[0279.524] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0318) returned 0x1
[0279.524] SetCursor (hCursor=0x10003) returned 0x10003
[0279.524] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.524] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x108025a) returned 0x0
[0279.524] GetKeyState (nVirtKey=1) returned 1
[0279.524] GetKeyState (nVirtKey=2) returned 0
[0279.524] GetKeyState (nVirtKey=4) returned 0
[0279.524] GetKeyState (nVirtKey=5) returned 0
[0279.524] GetKeyState (nVirtKey=6) returned 0
[0279.524] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.525] IsWindowUnicode (hWnd=0x602c4) returned 1
[0279.525] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.525] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.525] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.525] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.526] IsWindowUnicode (hWnd=0x602c4) returned 1
[0279.526] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.526] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.526] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.526] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0279.526] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.526] CreateCompatibleDC (hdc=0xc0107c5) returned 0xa30107c6
[0279.526] SelectObject (hdc=0xa30107c6, h=0x4a0507fe) returned 0x85000f
[0279.527] GdipCreateFromHDC (hdc=0xa30107c6, graphics=0xd7e798) returned 0x0
[0279.527] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0279.527] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0279.527] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0279.527] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0279.527] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e7f8) returned 0x0
[0279.527] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.527] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0279.527] LocalFree (hMem=0x11ee788) returned 0x0
[0279.527] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0279.527] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0279.527] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.527] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0279.528] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0279.528] GdipRestoreGraphics (graphics=0x6600030, state=0xf6ba0dbd) returned 0x0
[0279.528] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.528] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0279.528] GetCurrentObject (hdc=0xa30107c6, type=0x1) returned 0xb00017
[0279.528] GetCurrentObject (hdc=0xa30107c6, type=0x2) returned 0x900010
[0279.528] GetCurrentObject (hdc=0xa30107c6, type=0x7) returned 0x4a0507fe
[0279.528] GetCurrentObject (hdc=0xa30107c6, type=0x6) returned 0x8a01c2
[0279.537] SaveDC (hdc=0xa30107c6) returned 1
[0279.537] GetNearestColor (hdc=0xa30107c6, color=0xff) returned 0xff
[0279.537] GetNearestColor (hdc=0xa30107c6, color=0x55) returned 0x55
[0279.538] GetNearestColor (hdc=0xa30107c6, color=0x0) returned 0x0
[0279.538] GetNearestColor (hdc=0xa30107c6, color=0x55) returned 0x55
[0279.538] GetNearestColor (hdc=0xa30107c6, color=0x0) returned 0x0
[0279.538] GetNearestColor (hdc=0xa30107c6, color=0x8080ff) returned 0x8080ff
[0279.538] GetNearestColor (hdc=0xa30107c6, color=0x7373e5) returned 0x7373e5
[0279.538] GetNearestColor (hdc=0xa30107c6, color=0xe5) returned 0xe5
[0279.538] GetNearestColor (hdc=0xa30107c6, color=0x0) returned 0x0
[0279.538] RestoreDC (hdc=0xa30107c6, nSavedDC=-1) returned 1
[0279.538] GdipReleaseDC (graphics=0x6600030, hdc=0xa30107c6) returned 0x0
[0279.538] IsAppThemed () returned 0x1
[0279.538] GetThemeAppProperties () returned 0x3
[0279.538] GetThemeAppProperties () returned 0x3
[0279.538] IsAppThemed () returned 0x1
[0279.539] GetThemeAppProperties () returned 0x3
[0279.539] GetThemeAppProperties () returned 0x3
[0279.539] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2dca770 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0279.539] IsAppThemed () returned 0x1
[0279.539] GetThemeAppProperties () returned 0x3
[0279.539] GetThemeAppProperties () returned 0x3
[0279.539] IsAppThemed () returned 0x1
[0279.539] GetThemeAppProperties () returned 0x3
[0279.539] GetThemeAppProperties () returned 0x3
[0279.539] GetFocus () returned 0x602c4
[0279.539] IsAppThemed () returned 0x1
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] IsAppThemed () returned 0x1
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] IsThemePartDefined () returned 0x1
[0279.540] IsAppThemed () returned 0x1
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0279.540] IsAppThemed () returned 0x1
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] IsAppThemed () returned 0x1
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] GetThemeAppProperties () returned 0x3
[0279.540] IsThemePartDefined () returned 0x1
[0279.540] GdipCreateRegion (region=0xd7e508) returned 0x0
[0279.540] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0279.540] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0279.540] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0279.541] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e520) returned 0x0
[0279.541] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.541] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0279.541] LocalFree (hMem=0x11ee788) returned 0x0
[0279.541] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0279.541] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0279.541] LocalFree (hMem=0x11ee788) returned 0x0
[0279.541] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0279.541] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e548) returned 0x0
[0279.541] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e538) returned 0x0
[0279.541] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0279.541] GdipDeleteRegion (region=0x6646568) returned 0x0
[0279.541] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0279.541] GetCurrentObject (hdc=0xa30107c6, type=0x1) returned 0xb00017
[0279.541] GetCurrentObject (hdc=0xa30107c6, type=0x2) returned 0x900010
[0279.541] GetCurrentObject (hdc=0xa30107c6, type=0x7) returned 0x4a0507fe
[0279.542] GetCurrentObject (hdc=0xa30107c6, type=0x6) returned 0x8a01c2
[0279.542] SaveDC (hdc=0xa30107c6) returned 1
[0279.542] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x79040807
[0279.542] GetClipRgn (hdc=0xa30107c6, hrgn=0x79040807) returned 0
[0279.542] SelectClipRgn (hdc=0xa30107c6, hrgn=0xd0407de) returned 2
[0279.542] DeleteObject (ho=0x79040807) returned 1
[0279.542] DeleteObject (ho=0xd0407de) returned 1
[0279.542] OffsetViewportOrgEx (in: hdc=0xa30107c6, x=0, y=0, lppt=0x2dcae20 | out: lppt=0x2dcae20) returned 1
[0279.542] DrawThemeParentBackground () returned 0x0
[0279.542] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0279.542] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0279.542] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0279.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0279.543] GetSystemMetrics (nIndex=42) returned 0
[0279.543] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0279.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0279.543] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0279.543] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0279.543] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0279.543] SelectPalette (hdc=0xa30107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.543] GdipCreateFromHDC (hdc=0xa30107c6, graphics=0xd7dff8) returned 0x0
[0279.543] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0279.543] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0279.543] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638d28) returned 0x0
[0279.543] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dfd0) returned 0x0
[0279.544] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0279.544] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0279.544] GdipGetClip (graphics=0x6638e08, region=0x66463b8) returned 0x0
[0279.544] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6638e08, result=0xd7dfc4) returned 0x0
[0279.544] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.544] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dff0) returned 0x0
[0279.544] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0279.553] GdipFillRectangleI (graphics=0x6638e08, brush=0x66498a0, x=0, y=0, width=801, height=453) returned 0x0
[0279.553] GdipDeleteBrush (brush=0x66498a0) returned 0x0
[0279.555] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0279.555] SelectPalette (hdc=0xa30107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.555] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0279.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0279.555] GetSystemMetrics (nIndex=42) returned 0
[0279.555] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0279.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0279.555] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0279.555] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0279.555] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0279.555] SelectPalette (hdc=0xa30107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0279.555] GdipCreateFromHDC (hdc=0xa30107c6, graphics=0xd7df98) returned 0x0
[0279.556] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0279.556] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0279.556] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638d58) returned 0x0
[0279.556] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df70) returned 0x0
[0279.556] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0279.556] GdipCreateRegion (region=0xd7df58) returned 0x0
[0279.556] GdipGetClip (graphics=0x6638e08, region=0x6646568) returned 0x0
[0279.556] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6638e08, result=0xd7df64) returned 0x0
[0279.556] GdipDeleteRegion (region=0x6646568) returned 0x0
[0279.556] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df90) returned 0x0
[0279.556] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0279.603] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648b38, x=0, y=0, width=801, height=453) returned 0x0
[0279.603] GdipDeleteBrush (brush=0x6648b38) returned 0x0
[0279.604] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6b60dbd) returned 0x0
[0279.604] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0279.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0279.605] GetSystemMetrics (nIndex=42) returned 0
[0279.605] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0279.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0279.605] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0279.605] SelectPalette (hdc=0xa30107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.605] RestoreDC (hdc=0xa30107c6, nSavedDC=-1) returned 1
[0279.605] GdipReleaseDC (graphics=0x6600030, hdc=0xa30107c6) returned 0x0
[0279.605] IsAppThemed () returned 0x1
[0279.605] GetThemeAppProperties () returned 0x3
[0279.605] GetThemeAppProperties () returned 0x3
[0279.605] IsAppThemed () returned 0x1
[0279.606] GetThemeAppProperties () returned 0x3
[0279.606] GetThemeAppProperties () returned 0x3
[0279.606] IsThemePartDefined () returned 0x1
[0279.606] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0279.606] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.606] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0279.606] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0279.606] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a4) returned 0x0
[0279.606] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0279.606] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0279.606] LocalFree (hMem=0x11ee8d8) returned 0x0
[0279.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0279.613] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eed00) returned 0x0
[0279.613] LocalFree (hMem=0x11eed00) returned 0x0
[0279.613] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0279.613] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0279.613] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0279.613] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0279.613] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.613] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0279.613] GetCurrentObject (hdc=0xa30107c6, type=0x1) returned 0xb00017
[0279.613] GetCurrentObject (hdc=0xa30107c6, type=0x2) returned 0x900010
[0279.613] GetCurrentObject (hdc=0xa30107c6, type=0x7) returned 0x4a0507fe
[0279.613] GetCurrentObject (hdc=0xa30107c6, type=0x6) returned 0x8a01c2
[0279.613] SaveDC (hdc=0xa30107c6) returned 1
[0279.614] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe0407de
[0279.614] GetClipRgn (hdc=0xa30107c6, hrgn=0xe0407de) returned 0
[0279.614] SelectClipRgn (hdc=0xa30107c6, hrgn=0x7b040807) returned 2
[0279.614] DeleteObject (ho=0xe0407de) returned 1
[0279.614] DeleteObject (ho=0x7b040807) returned 1
[0279.614] OffsetViewportOrgEx (in: hdc=0xa30107c6, x=0, y=0, lppt=0x2dd1670 | out: lppt=0x2dd1670) returned 1
[0279.614] IsAppThemed () returned 0x1
[0279.614] GetThemeAppProperties () returned 0x3
[0279.614] GetThemeAppProperties () returned 0x3
[0279.614] DrawThemeBackground () returned 0x0
[0279.614] RestoreDC (hdc=0xa30107c6, nSavedDC=-1) returned 1
[0279.614] GdipReleaseDC (graphics=0x6600030, hdc=0xa30107c6) returned 0x0
[0279.614] GdipCreateRegion (region=0xd7e490) returned 0x0
[0279.614] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0279.614] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0279.615] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0279.615] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a8) returned 0x0
[0279.615] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0279.615] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0279.615] LocalFree (hMem=0x11eecc8) returned 0x0
[0279.615] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0279.615] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea98) returned 0x0
[0279.615] LocalFree (hMem=0x11eea98) returned 0x0
[0279.615] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0279.615] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0279.615] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0279.615] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0279.615] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0279.615] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0279.615] GetCurrentObject (hdc=0xa30107c6, type=0x1) returned 0xb00017
[0279.615] GetCurrentObject (hdc=0xa30107c6, type=0x2) returned 0x900010
[0279.616] GetCurrentObject (hdc=0xa30107c6, type=0x7) returned 0x4a0507fe
[0279.616] GetCurrentObject (hdc=0xa30107c6, type=0x6) returned 0x8a01c2
[0279.616] SaveDC (hdc=0xa30107c6) returned 1
[0279.616] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7c040807
[0279.616] GetClipRgn (hdc=0xa30107c6, hrgn=0x7c040807) returned 0
[0279.616] SelectClipRgn (hdc=0xa30107c6, hrgn=0xf0407de) returned 2
[0279.616] DeleteObject (ho=0x7c040807) returned 1
[0279.616] DeleteObject (ho=0xf0407de) returned 1
[0279.616] OffsetViewportOrgEx (in: hdc=0xa30107c6, x=0, y=0, lppt=0x2dd1944 | out: lppt=0x2dd1944) returned 1
[0279.616] IsAppThemed () returned 0x1
[0279.616] GetThemeAppProperties () returned 0x3
[0279.616] GetThemeAppProperties () returned 0x3
[0279.616] GetThemeBackgroundContentRect () returned 0x0
[0279.616] RestoreDC (hdc=0xa30107c6, nSavedDC=-1) returned 1
[0279.616] GdipReleaseDC (graphics=0x6600030, hdc=0xa30107c6) returned 0x0
[0279.617] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0279.617] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0279.617] GdipFillRectangleI (graphics=0x6600030, brush=0x6659db8, x=4, y=4, width=67, height=15) returned 0x0
[0279.617] GdipDeleteBrush (brush=0x6659db8) returned 0x0
[0279.617] IsAppThemed () returned 0x1
[0279.617] GetThemeAppProperties () returned 0x3
[0279.617] GetThemeAppProperties () returned 0x3
[0279.617] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0279.617] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0279.617] GetCurrentObject (hdc=0xa30107c6, type=0x1) returned 0xb00017
[0279.617] GetCurrentObject (hdc=0xa30107c6, type=0x2) returned 0x900010
[0279.617] GetCurrentObject (hdc=0xa30107c6, type=0x7) returned 0x4a0507fe
[0279.617] GetCurrentObject (hdc=0xa30107c6, type=0x6) returned 0x8a01c2
[0279.617] SaveDC (hdc=0xa30107c6) returned 1
[0279.617] GetTextAlign (hdc=0xa30107c6) returned 0x0
[0279.617] GetTextColor (hdc=0xa30107c6) returned 0x0
[0279.618] GetCurrentObject (hdc=0xa30107c6, type=0x6) returned 0x8a01c2
[0279.618] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0279.618] SelectObject (hdc=0xa30107c6, h=0x6d0a0520) returned 0x8a01c2
[0279.618] GetBkMode (hdc=0xa30107c6) returned 2
[0279.618] SetBkMode (hdc=0xa30107c6, mode=1) returned 2
[0279.618] DrawTextExW (in: hdc=0xa30107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2dd1d08 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0279.618] DrawTextExW (in: hdc=0xa30107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2dd1d08 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0279.619] RestoreDC (hdc=0xa30107c6, nSavedDC=-1) returned 1
[0279.619] GdipReleaseDC (graphics=0x6600030, hdc=0xa30107c6) returned 0x0
[0279.619] GetFocus () returned 0x602c4
[0279.619] IsAppThemed () returned 0x1
[0279.619] GetThemeAppProperties () returned 0x3
[0279.619] GetThemeAppProperties () returned 0x3
[0279.619] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0279.619] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0xa30107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0279.619] GdipReleaseDC (graphics=0x6600030, hdc=0xa30107c6) returned 0x0
[0279.619] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0279.620] SelectObject (hdc=0xa30107c6, h=0x85000f) returned 0x4a0507fe
[0279.620] DeleteDC (hdc=0xa30107c6) returned 1
[0279.620] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0279.620] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0279.620] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.620] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.620] WaitMessage () returned 1
[0279.622] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.622] IsWindowUnicode (hWnd=0x7005c) returned 1
[0279.622] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.622] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.622] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.623] IsWindowUnicode (hWnd=0x7005c) returned 1
[0279.623] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.623] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.623] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.623] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x108025a) returned 0x0
[0279.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.623] WaitMessage () returned 1
[0279.655] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.655] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.655] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.655] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.655] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.656] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.656] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.656] WaitMessage () returned 1
[0279.657] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.657] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.657] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.657] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.657] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.658] WaitMessage () returned 1
[0279.659] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.659] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.659] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.659] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.659] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.661] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.661] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.661] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.661] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.661] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.661] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.661] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.662] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.662] WaitMessage () returned 1
[0279.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.663] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.663] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.663] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.663] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.664] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.665] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.665] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.665] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.665] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.665] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.665] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.665] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.665] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.666] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.667] WaitMessage () returned 1
[0279.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.667] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.667] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.667] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.667] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.673] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.673] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.673] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.673] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.674] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.674] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.674] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.674] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.674] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.674] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.674] WaitMessage () returned 1
[0279.677] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.677] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.677] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.677] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.677] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.679] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.679] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.679] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.679] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.680] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.680] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.680] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.680] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.680] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.680] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.681] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.681] WaitMessage () returned 1
[0279.682] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.682] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.682] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.682] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.682] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.683] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.684] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.684] WaitMessage () returned 1
[0279.689] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.689] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.689] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.689] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.690] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.691] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.691] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.691] WaitMessage () returned 1
[0279.692] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.692] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.692] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.692] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.692] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.693] WaitMessage () returned 1
[0279.694] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.694] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.694] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.694] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.694] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.696] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.696] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.696] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.696] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.696] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.696] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.696] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.696] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.697] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.697] WaitMessage () returned 1
[0279.697] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.697] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.697] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.697] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.697] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.699] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.699] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.699] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.699] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.700] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.700] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.700] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.700] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.700] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.700] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.701] WaitMessage () returned 1
[0279.703] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.703] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.703] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.703] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.703] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.705] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.705] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.705] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.705] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.705] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.705] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.705] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.705] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.705] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.706] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.706] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.706] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.706] WaitMessage () returned 1
[0279.707] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.707] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.707] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.707] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.707] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.709] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.709] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.709] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.709] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.710] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.710] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.710] IsWindowUnicode (hWnd=0x30122) returned 1
[0279.710] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.710] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.710] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.710] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.711] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.711] WaitMessage () returned 1
[0279.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.797] IsWindowUnicode (hWnd=0x502c6) returned 1
[0279.797] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0279.798] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0279.798] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0279.798] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.798] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0279.798] WaitMessage () returned 1
[0281.611] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f5) returned 0x1
[0281.611] IsWindowUnicode (hWnd=0x602c4) returned 1
[0281.611] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.611] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0281.611] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0281.611] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0281.611] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f5) returned 0x1
[0281.611] IsWindowUnicode (hWnd=0x602c4) returned 1
[0281.611] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.611] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f5) returned 0x1
[0281.612] SetCursor (hCursor=0x10003) returned 0x10003
[0281.612] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0281.612] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0281.612] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0281.612] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0281.612] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0281.612] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0281.612] GetKeyState (nVirtKey=1) returned 1
[0281.612] GetKeyState (nVirtKey=2) returned 0
[0281.612] GetKeyState (nVirtKey=4) returned 0
[0281.612] GetKeyState (nVirtKey=5) returned 0
[0281.612] GetKeyState (nVirtKey=6) returned 0
[0281.612] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.612] IsWindowUnicode (hWnd=0x602c4) returned 1
[0281.612] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.612] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0281.612] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0281.612] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0281.612] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0281.613] CreateCompatibleDC (hdc=0xc0107c5) returned 0x3b0107d3
[0281.613] SelectObject (hdc=0x3b0107d3, h=0x4a0507fe) returned 0x85000f
[0281.613] GdipCreateFromHDC (hdc=0x3b0107d3, graphics=0xd7e798) returned 0x0
[0281.613] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0281.613] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0281.613] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0281.613] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0281.613] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e7f8) returned 0x0
[0281.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0281.613] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee910) returned 0x0
[0281.613] LocalFree (hMem=0x11ee910) returned 0x0
[0281.613] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0281.613] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0281.613] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.613] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0281.613] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0281.613] GdipRestoreGraphics (graphics=0x6600030, state=0xf6b40dbd) returned 0x0
[0281.613] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.614] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0281.614] GetCurrentObject (hdc=0x3b0107d3, type=0x1) returned 0xb00017
[0281.614] GetCurrentObject (hdc=0x3b0107d3, type=0x2) returned 0x900010
[0281.614] GetCurrentObject (hdc=0x3b0107d3, type=0x7) returned 0x4a0507fe
[0281.614] GetCurrentObject (hdc=0x3b0107d3, type=0x6) returned 0x8a01c2
[0281.614] SaveDC (hdc=0x3b0107d3) returned 1
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0xff) returned 0xff
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0x55) returned 0x55
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0x0) returned 0x0
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0x55) returned 0x55
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0x0) returned 0x0
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0x8080ff) returned 0x8080ff
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0x7373e5) returned 0x7373e5
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0xe5) returned 0xe5
[0281.614] GetNearestColor (hdc=0x3b0107d3, color=0x0) returned 0x0
[0281.614] RestoreDC (hdc=0x3b0107d3, nSavedDC=-1) returned 1
[0281.614] GdipReleaseDC (graphics=0x6600030, hdc=0x3b0107d3) returned 0x0
[0281.614] IsAppThemed () returned 0x1
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] IsAppThemed () returned 0x1
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2dd2750 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0281.615] IsAppThemed () returned 0x1
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] IsAppThemed () returned 0x1
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] IsAppThemed () returned 0x1
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] IsAppThemed () returned 0x1
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] GetThemeAppProperties () returned 0x3
[0281.615] IsThemePartDefined () returned 0x1
[0281.615] IsAppThemed () returned 0x1
[0281.616] GetThemeAppProperties () returned 0x3
[0281.616] GetThemeAppProperties () returned 0x3
[0281.616] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0281.616] IsAppThemed () returned 0x1
[0281.616] GetThemeAppProperties () returned 0x3
[0281.616] GetThemeAppProperties () returned 0x3
[0281.616] IsAppThemed () returned 0x1
[0281.616] GetThemeAppProperties () returned 0x3
[0281.616] GetThemeAppProperties () returned 0x3
[0281.616] IsThemePartDefined () returned 0x1
[0281.616] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0281.616] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.616] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0281.616] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0281.616] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e514) returned 0x0
[0281.616] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0281.616] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0281.616] LocalFree (hMem=0x11ee9f0) returned 0x0
[0281.616] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0281.616] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0281.616] LocalFree (hMem=0x11eec58) returned 0x0
[0281.616] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0281.616] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0281.616] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0281.616] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0281.617] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.617] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0281.617] GetCurrentObject (hdc=0x3b0107d3, type=0x1) returned 0xb00017
[0281.617] GetCurrentObject (hdc=0x3b0107d3, type=0x2) returned 0x900010
[0281.617] GetCurrentObject (hdc=0x3b0107d3, type=0x7) returned 0x4a0507fe
[0281.617] GetCurrentObject (hdc=0x3b0107d3, type=0x6) returned 0x8a01c2
[0281.617] SaveDC (hdc=0x3b0107d3) returned 1
[0281.617] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x100407de
[0281.617] GetClipRgn (hdc=0x3b0107d3, hrgn=0x100407de) returned 0
[0281.617] SelectClipRgn (hdc=0x3b0107d3, hrgn=0x80040807) returned 2
[0281.617] DeleteObject (ho=0x100407de) returned 1
[0281.617] DeleteObject (ho=0x80040807) returned 1
[0281.617] OffsetViewportOrgEx (in: hdc=0x3b0107d3, x=0, y=0, lppt=0x2dd2e00 | out: lppt=0x2dd2e00) returned 1
[0281.617] DrawThemeParentBackground () returned 0x0
[0281.617] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0281.617] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0281.617] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.617] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.618] GetSystemMetrics (nIndex=42) returned 0
[0281.618] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0281.618] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0281.618] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0281.618] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0281.618] SelectPalette (hdc=0x3b0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0281.618] GdipCreateFromHDC (hdc=0x3b0107d3, graphics=0xd7dff0) returned 0x0
[0281.618] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0281.618] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0281.618] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638c98) returned 0x0
[0281.618] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfc8) returned 0x0
[0281.618] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0281.618] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0281.618] GdipGetClip (graphics=0x6638e08, region=0x66463b8) returned 0x0
[0281.618] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6638e08, result=0xd7dfbc) returned 0x0
[0281.618] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.618] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dfe8) returned 0x0
[0281.618] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0281.627] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648ee0, x=0, y=0, width=801, height=453) returned 0x0
[0281.627] GdipDeleteBrush (brush=0x6648ee0) returned 0x0
[0281.628] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0281.628] SelectPalette (hdc=0x3b0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0281.628] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.628] GetSystemMetrics (nIndex=42) returned 0
[0281.628] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0281.628] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0281.628] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0281.628] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0281.628] SelectPalette (hdc=0x3b0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0281.629] GdipCreateFromHDC (hdc=0x3b0107d3, graphics=0xd7df90) returned 0x0
[0281.629] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0281.629] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0281.629] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638a58) returned 0x0
[0281.629] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df68) returned 0x0
[0281.629] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0281.629] GdipCreateRegion (region=0xd7df50) returned 0x0
[0281.629] GdipGetClip (graphics=0x6638e08, region=0x6646448) returned 0x0
[0281.629] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6638e08, result=0xd7df5c) returned 0x0
[0281.629] GdipDeleteRegion (region=0x6646448) returned 0x0
[0281.629] GdipSaveGraphics (graphics=0x6638e08, state=0xd7df88) returned 0x0
[0281.629] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0281.636] GdipFillRectangleI (graphics=0x6638e08, brush=0x6649018, x=0, y=0, width=801, height=453) returned 0x0
[0281.636] GdipDeleteBrush (brush=0x6649018) returned 0x0
[0281.637] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6b00dbd) returned 0x0
[0281.637] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.637] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.637] GetSystemMetrics (nIndex=42) returned 0
[0281.637] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.638] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0281.638] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0281.638] SelectPalette (hdc=0x3b0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0281.638] RestoreDC (hdc=0x3b0107d3, nSavedDC=-1) returned 1
[0281.638] GdipReleaseDC (graphics=0x6600030, hdc=0x3b0107d3) returned 0x0
[0281.638] IsAppThemed () returned 0x1
[0281.638] GetThemeAppProperties () returned 0x3
[0281.638] GetThemeAppProperties () returned 0x3
[0281.638] IsAppThemed () returned 0x1
[0281.638] GetThemeAppProperties () returned 0x3
[0281.638] GetThemeAppProperties () returned 0x3
[0281.638] IsThemePartDefined () returned 0x1
[0281.638] GdipCreateRegion (region=0xd7e480) returned 0x0
[0281.638] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.638] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0281.638] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0281.638] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e498) returned 0x0
[0281.638] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0281.639] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0281.639] LocalFree (hMem=0x11ee8d8) returned 0x0
[0281.639] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0281.639] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea28) returned 0x0
[0281.639] LocalFree (hMem=0x11eea28) returned 0x0
[0281.639] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0281.639] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0281.639] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0281.639] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0281.639] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.639] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0281.639] GetCurrentObject (hdc=0x3b0107d3, type=0x1) returned 0xb00017
[0281.639] GetCurrentObject (hdc=0x3b0107d3, type=0x2) returned 0x900010
[0281.639] GetCurrentObject (hdc=0x3b0107d3, type=0x7) returned 0x4a0507fe
[0281.639] GetCurrentObject (hdc=0x3b0107d3, type=0x6) returned 0x8a01c2
[0281.639] SaveDC (hdc=0x3b0107d3) returned 1
[0281.639] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x81040807
[0281.639] GetClipRgn (hdc=0x3b0107d3, hrgn=0x81040807) returned 0
[0281.639] SelectClipRgn (hdc=0x3b0107d3, hrgn=0x120407de) returned 2
[0281.639] DeleteObject (ho=0x81040807) returned 1
[0281.640] DeleteObject (ho=0x120407de) returned 1
[0281.640] OffsetViewportOrgEx (in: hdc=0x3b0107d3, x=0, y=0, lppt=0x2dd9650 | out: lppt=0x2dd9650) returned 1
[0281.640] IsAppThemed () returned 0x1
[0281.640] GetThemeAppProperties () returned 0x3
[0281.640] GetThemeAppProperties () returned 0x3
[0281.640] DrawThemeBackground () returned 0x0
[0281.640] RestoreDC (hdc=0x3b0107d3, nSavedDC=-1) returned 1
[0281.640] GdipReleaseDC (graphics=0x6600030, hdc=0x3b0107d3) returned 0x0
[0281.640] GdipCreateRegion (region=0xd7e484) returned 0x0
[0281.640] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.640] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0281.640] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0281.640] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e49c) returned 0x0
[0281.640] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0281.640] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0281.640] LocalFree (hMem=0x11ee868) returned 0x0
[0281.640] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0281.640] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0281.640] LocalFree (hMem=0x11ee788) returned 0x0
[0281.641] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0281.641] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0281.641] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0281.641] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0281.641] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.641] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0281.641] GetCurrentObject (hdc=0x3b0107d3, type=0x1) returned 0xb00017
[0281.641] GetCurrentObject (hdc=0x3b0107d3, type=0x2) returned 0x900010
[0281.641] GetCurrentObject (hdc=0x3b0107d3, type=0x7) returned 0x4a0507fe
[0281.641] GetCurrentObject (hdc=0x3b0107d3, type=0x6) returned 0x8a01c2
[0281.641] SaveDC (hdc=0x3b0107d3) returned 1
[0281.641] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x130407de
[0281.641] GetClipRgn (hdc=0x3b0107d3, hrgn=0x130407de) returned 0
[0281.641] SelectClipRgn (hdc=0x3b0107d3, hrgn=0x82040807) returned 2
[0281.641] DeleteObject (ho=0x130407de) returned 1
[0281.641] DeleteObject (ho=0x82040807) returned 1
[0281.641] OffsetViewportOrgEx (in: hdc=0x3b0107d3, x=0, y=0, lppt=0x2dd9924 | out: lppt=0x2dd9924) returned 1
[0281.641] IsAppThemed () returned 0x1
[0281.642] GetThemeAppProperties () returned 0x3
[0281.642] GetThemeAppProperties () returned 0x3
[0281.642] GetThemeBackgroundContentRect () returned 0x0
[0281.642] RestoreDC (hdc=0x3b0107d3, nSavedDC=-1) returned 1
[0281.642] GdipReleaseDC (graphics=0x6600030, hdc=0x3b0107d3) returned 0x0
[0281.642] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0281.642] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0281.642] GdipFillRectangleI (graphics=0x6600030, brush=0x6659db8, x=4, y=4, width=67, height=15) returned 0x0
[0281.642] GdipDeleteBrush (brush=0x6659db8) returned 0x0
[0281.642] IsAppThemed () returned 0x1
[0281.642] GetThemeAppProperties () returned 0x3
[0281.642] GetThemeAppProperties () returned 0x3
[0281.642] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0281.642] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0281.642] GetCurrentObject (hdc=0x3b0107d3, type=0x1) returned 0xb00017
[0281.642] GetCurrentObject (hdc=0x3b0107d3, type=0x2) returned 0x900010
[0281.642] GetCurrentObject (hdc=0x3b0107d3, type=0x7) returned 0x4a0507fe
[0281.642] GetCurrentObject (hdc=0x3b0107d3, type=0x6) returned 0x8a01c2
[0281.642] SaveDC (hdc=0x3b0107d3) returned 1
[0281.643] GetTextAlign (hdc=0x3b0107d3) returned 0x0
[0281.643] GetTextColor (hdc=0x3b0107d3) returned 0x0
[0281.643] GetCurrentObject (hdc=0x3b0107d3, type=0x6) returned 0x8a01c2
[0281.643] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0281.643] SelectObject (hdc=0x3b0107d3, h=0x6d0a0520) returned 0x8a01c2
[0281.643] GetBkMode (hdc=0x3b0107d3) returned 2
[0281.643] SetBkMode (hdc=0x3b0107d3, mode=1) returned 2
[0281.643] DrawTextExW (in: hdc=0x3b0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2dd9ce8 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0281.644] DrawTextExW (in: hdc=0x3b0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2dd9ce8 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0281.644] RestoreDC (hdc=0x3b0107d3, nSavedDC=-1) returned 1
[0281.644] GdipReleaseDC (graphics=0x6600030, hdc=0x3b0107d3) returned 0x0
[0281.644] GetFocus () returned 0x602c4
[0281.644] IsAppThemed () returned 0x1
[0281.644] GetThemeAppProperties () returned 0x3
[0281.644] GetThemeAppProperties () returned 0x3
[0281.644] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0281.644] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x3b0107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0281.645] GdipReleaseDC (graphics=0x6600030, hdc=0x3b0107d3) returned 0x0
[0281.645] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0281.645] SelectObject (hdc=0x3b0107d3, h=0x85000f) returned 0x4a0507fe
[0281.645] DeleteDC (hdc=0x3b0107d3) returned 1
[0281.645] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0281.645] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0281.645] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0281.645] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0281.645] WaitMessage () returned 1
[0281.717] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.717] IsWindowUnicode (hWnd=0x602c4) returned 1
[0281.717] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.717] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0281.717] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0281.717] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.717] IsWindowUnicode (hWnd=0x602c4) returned 1
[0281.717] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.717] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0281.717] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0281.717] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xe001a) returned 0x0
[0281.718] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0281.718] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0281.718] WaitMessage () returned 1
[0281.862] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.862] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f5) returned 0x1
[0281.862] IsWindowUnicode (hWnd=0x602c4) returned 1
[0281.862] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.863] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f5) returned 0x1
[0281.863] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0281.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1a00037) returned 0x0
[0281.863] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0281.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0281.863] SetCursor (hCursor=0x10003) returned 0x10003
[0281.863] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0281.863] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0281.863] GetKeyState (nVirtKey=1) returned -128
[0281.863] GetKeyState (nVirtKey=2) returned 0
[0281.863] GetKeyState (nVirtKey=4) returned 0
[0281.863] GetKeyState (nVirtKey=5) returned 0
[0281.863] GetKeyState (nVirtKey=6) returned 0
[0281.863] IsWindowVisible (hWnd=0x602c4) returned 1
[0281.863] IsWindowEnabled (hWnd=0x602c4) returned 1
[0281.863] SetFocus (hWnd=0x602c4) returned 0x602c4
[0281.864] GetFocus () returned 0x602c4
[0281.864] GetFocus () returned 0x602c4
[0281.864] GetFocus () returned 0x602c4
[0281.864] GetKeyState (nVirtKey=1) returned -128
[0281.864] GetKeyState (nVirtKey=2) returned 0
[0281.864] GetKeyState (nVirtKey=4) returned 0
[0281.864] GetKeyState (nVirtKey=5) returned 0
[0281.864] GetKeyState (nVirtKey=6) returned 0
[0281.864] GetCapture () returned 0x0
[0281.864] SetCapture (hWnd=0x602c4) returned 0x0
[0281.864] GetKeyState (nVirtKey=1) returned -128
[0281.864] GetKeyState (nVirtKey=2) returned 0
[0281.864] GetKeyState (nVirtKey=4) returned 0
[0281.864] GetKeyState (nVirtKey=5) returned 0
[0281.864] GetKeyState (nVirtKey=6) returned 0
[0281.864] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0281.864] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0281.864] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.864] IsWindowUnicode (hWnd=0x602c4) returned 1
[0281.864] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0281.864] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0281.864] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0281.864] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2dd9e6c, cPoints=0x1 | out: lpPoints=0x2dd9e6c) returned 40304859
[0281.864] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0281.864] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0281.865] UpdateWindow (hWnd=0x602c4) returned 1
[0281.865] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0281.865] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0281.865] CreateCompatibleDC (hdc=0xc0107c5) returned 0x3c0107d3
[0281.865] SelectObject (hdc=0x3c0107d3, h=0x4a0507fe) returned 0x85000f
[0281.865] GdipCreateFromHDC (hdc=0x3c0107d3, graphics=0xd7e430) returned 0x0
[0281.865] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0281.865] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0281.865] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0281.865] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0281.865] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e490) returned 0x0
[0281.865] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0281.865] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0281.865] LocalFree (hMem=0x11ee788) returned 0x0
[0281.865] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0281.866] GdipCreateRegion (region=0xd7e478) returned 0x0
[0281.866] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.866] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0281.866] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0281.866] GdipRestoreGraphics (graphics=0x6600030, state=0xf6ae0dbd) returned 0x0
[0281.866] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.866] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0281.866] GetCurrentObject (hdc=0x3c0107d3, type=0x1) returned 0xb00017
[0281.866] GetCurrentObject (hdc=0x3c0107d3, type=0x2) returned 0x900010
[0281.866] GetCurrentObject (hdc=0x3c0107d3, type=0x7) returned 0x4a0507fe
[0281.866] GetCurrentObject (hdc=0x3c0107d3, type=0x6) returned 0x8a01c2
[0281.866] SaveDC (hdc=0x3c0107d3) returned 1
[0281.866] GetNearestColor (hdc=0x3c0107d3, color=0xff) returned 0xff
[0281.866] GetNearestColor (hdc=0x3c0107d3, color=0x55) returned 0x55
[0281.866] GetNearestColor (hdc=0x3c0107d3, color=0x0) returned 0x0
[0281.866] GetNearestColor (hdc=0x3c0107d3, color=0x55) returned 0x55
[0281.866] GetNearestColor (hdc=0x3c0107d3, color=0x0) returned 0x0
[0281.866] GetNearestColor (hdc=0x3c0107d3, color=0x8080ff) returned 0x8080ff
[0281.866] GetNearestColor (hdc=0x3c0107d3, color=0x7373e5) returned 0x7373e5
[0281.867] GetNearestColor (hdc=0x3c0107d3, color=0xe5) returned 0xe5
[0281.867] GetNearestColor (hdc=0x3c0107d3, color=0x0) returned 0x0
[0281.867] RestoreDC (hdc=0x3c0107d3, nSavedDC=-1) returned 1
[0281.867] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107d3) returned 0x0
[0281.867] IsAppThemed () returned 0x1
[0281.867] GetThemeAppProperties () returned 0x3
[0281.867] GetThemeAppProperties () returned 0x3
[0281.867] IsAppThemed () returned 0x1
[0281.867] GetThemeAppProperties () returned 0x3
[0281.867] GetThemeAppProperties () returned 0x3
[0281.867] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2dda588 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0281.867] IsAppThemed () returned 0x1
[0281.867] GetThemeAppProperties () returned 0x3
[0281.867] GetThemeAppProperties () returned 0x3
[0281.867] IsAppThemed () returned 0x1
[0281.867] GetThemeAppProperties () returned 0x3
[0281.867] GetThemeAppProperties () returned 0x3
[0281.868] IsAppThemed () returned 0x1
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] IsAppThemed () returned 0x1
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] IsThemePartDefined () returned 0x1
[0281.868] IsAppThemed () returned 0x1
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0281.868] IsAppThemed () returned 0x1
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] IsAppThemed () returned 0x1
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] GetThemeAppProperties () returned 0x3
[0281.868] IsThemePartDefined () returned 0x1
[0281.868] GdipCreateRegion (region=0xd7e194) returned 0x0
[0281.868] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.868] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0281.868] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0281.868] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e1ac) returned 0x0
[0281.868] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0281.868] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0281.868] LocalFree (hMem=0x11ee8d8) returned 0x0
[0281.869] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0281.869] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0281.869] LocalFree (hMem=0x11ee788) returned 0x0
[0281.869] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0281.869] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0281.869] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0281.869] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0281.869] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.869] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0281.869] GetCurrentObject (hdc=0x3c0107d3, type=0x1) returned 0xb00017
[0281.869] GetCurrentObject (hdc=0x3c0107d3, type=0x2) returned 0x900010
[0281.869] GetCurrentObject (hdc=0x3c0107d3, type=0x7) returned 0x4a0507fe
[0281.869] GetCurrentObject (hdc=0x3c0107d3, type=0x6) returned 0x8a01c2
[0281.869] SaveDC (hdc=0x3c0107d3) returned 1
[0281.869] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x83040807
[0281.869] GetClipRgn (hdc=0x3c0107d3, hrgn=0x83040807) returned 0
[0281.869] SelectClipRgn (hdc=0x3c0107d3, hrgn=0x170407de) returned 2
[0281.869] DeleteObject (ho=0x83040807) returned 1
[0281.869] DeleteObject (ho=0x170407de) returned 1
[0281.869] OffsetViewportOrgEx (in: hdc=0x3c0107d3, x=0, y=0, lppt=0x2ddac38 | out: lppt=0x2ddac38) returned 1
[0281.869] DrawThemeParentBackground () returned 0x0
[0281.870] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0281.870] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0281.870] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.870] GetSystemMetrics (nIndex=42) returned 0
[0281.870] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0281.870] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0281.870] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0281.870] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0281.870] SelectPalette (hdc=0x3c0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0281.870] GdipCreateFromHDC (hdc=0x3c0107d3, graphics=0xd7dc88) returned 0x0
[0281.870] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0281.870] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0281.870] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638b78) returned 0x0
[0281.870] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc60) returned 0x0
[0281.870] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0281.870] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0281.870] GdipGetClip (graphics=0x6638e08, region=0x66463b8) returned 0x0
[0281.871] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6638e08, result=0xd7dc54) returned 0x0
[0281.871] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.871] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc80) returned 0x0
[0281.871] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0281.878] GdipFillRectangleI (graphics=0x6638e08, brush=0x6648b38, x=0, y=0, width=801, height=453) returned 0x0
[0281.878] GdipDeleteBrush (brush=0x6648b38) returned 0x0
[0281.879] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0281.879] SelectPalette (hdc=0x3c0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0281.879] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.879] GetSystemMetrics (nIndex=42) returned 0
[0281.879] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0281.880] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0281.880] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0281.880] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0281.880] SelectPalette (hdc=0x3c0107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0281.880] GdipCreateFromHDC (hdc=0x3c0107d3, graphics=0xd7dc28) returned 0x0
[0281.880] GdipSetPageUnit (graphics=0x6638e08, unit=0x2) returned 0x0
[0281.880] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0281.880] GdipGetWorldTransform (graphics=0x6638e08, matrix=0x6638ba8) returned 0x0
[0281.880] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc00) returned 0x0
[0281.880] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0281.880] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0281.880] GdipGetClip (graphics=0x6638e08, region=0x66463b8) returned 0x0
[0281.880] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6638e08, result=0xd7dbf4) returned 0x0
[0281.880] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.880] GdipSaveGraphics (graphics=0x6638e08, state=0xd7dc20) returned 0x0
[0281.880] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0281.888] GdipFillRectangleI (graphics=0x6638e08, brush=0x6649150, x=0, y=0, width=801, height=453) returned 0x0
[0281.888] GdipDeleteBrush (brush=0x6649150) returned 0x0
[0281.889] GdipRestoreGraphics (graphics=0x6638e08, state=0xf6aa0dbd) returned 0x0
[0281.889] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.889] GetSystemMetrics (nIndex=42) returned 0
[0281.889] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0281.889] GdipDeleteGraphics (graphics=0x6638e08) returned 0x0
[0281.889] SelectPalette (hdc=0x3c0107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0281.890] RestoreDC (hdc=0x3c0107d3, nSavedDC=-1) returned 1
[0281.890] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107d3) returned 0x0
[0281.890] IsAppThemed () returned 0x1
[0281.890] GetThemeAppProperties () returned 0x3
[0281.890] GetThemeAppProperties () returned 0x3
[0281.890] IsAppThemed () returned 0x1
[0281.890] GetThemeAppProperties () returned 0x3
[0281.890] GetThemeAppProperties () returned 0x3
[0281.890] IsThemePartDefined () returned 0x1
[0281.890] GdipCreateRegion (region=0xd7e118) returned 0x0
[0281.890] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.890] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0281.890] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0281.890] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e130) returned 0x0
[0281.890] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0281.890] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0281.890] LocalFree (hMem=0x11ee788) returned 0x0
[0281.890] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0281.890] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0281.890] LocalFree (hMem=0x11eead0) returned 0x0
[0281.891] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0281.891] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0281.891] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0281.891] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0281.891] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.891] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0281.891] GetCurrentObject (hdc=0x3c0107d3, type=0x1) returned 0xb00017
[0281.891] GetCurrentObject (hdc=0x3c0107d3, type=0x2) returned 0x900010
[0281.891] GetCurrentObject (hdc=0x3c0107d3, type=0x7) returned 0x4a0507fe
[0281.891] GetCurrentObject (hdc=0x3c0107d3, type=0x6) returned 0x8a01c2
[0281.891] SaveDC (hdc=0x3c0107d3) returned 1
[0281.891] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x180407de
[0281.891] GetClipRgn (hdc=0x3c0107d3, hrgn=0x180407de) returned 0
[0281.891] SelectClipRgn (hdc=0x3c0107d3, hrgn=0x85040807) returned 2
[0281.891] DeleteObject (ho=0x180407de) returned 1
[0281.891] DeleteObject (ho=0x85040807) returned 1
[0281.891] OffsetViewportOrgEx (in: hdc=0x3c0107d3, x=0, y=0, lppt=0x2de1488 | out: lppt=0x2de1488) returned 1
[0281.891] IsAppThemed () returned 0x1
[0281.891] GetThemeAppProperties () returned 0x3
[0281.891] GetThemeAppProperties () returned 0x3
[0281.891] DrawThemeBackground () returned 0x0
[0281.892] RestoreDC (hdc=0x3c0107d3, nSavedDC=-1) returned 1
[0281.892] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107d3) returned 0x0
[0281.892] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0281.892] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0281.892] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0281.892] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0281.892] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e134) returned 0x0
[0281.892] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0281.892] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0281.892] LocalFree (hMem=0x11eec58) returned 0x0
[0281.892] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0281.892] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0281.892] LocalFree (hMem=0x11eec58) returned 0x0
[0281.892] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0281.892] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0281.892] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0281.892] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0281.892] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0281.892] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0281.892] GetCurrentObject (hdc=0x3c0107d3, type=0x1) returned 0xb00017
[0281.892] GetCurrentObject (hdc=0x3c0107d3, type=0x2) returned 0x900010
[0281.892] GetCurrentObject (hdc=0x3c0107d3, type=0x7) returned 0x4a0507fe
[0281.892] GetCurrentObject (hdc=0x3c0107d3, type=0x6) returned 0x8a01c2
[0281.893] SaveDC (hdc=0x3c0107d3) returned 1
[0281.893] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x86040807
[0281.893] GetClipRgn (hdc=0x3c0107d3, hrgn=0x86040807) returned 0
[0281.893] SelectClipRgn (hdc=0x3c0107d3, hrgn=0x190407de) returned 2
[0281.893] DeleteObject (ho=0x86040807) returned 1
[0281.893] DeleteObject (ho=0x190407de) returned 1
[0281.893] OffsetViewportOrgEx (in: hdc=0x3c0107d3, x=0, y=0, lppt=0x2de175c | out: lppt=0x2de175c) returned 1
[0281.893] IsAppThemed () returned 0x1
[0281.893] GetThemeAppProperties () returned 0x3
[0281.893] GetThemeAppProperties () returned 0x3
[0281.893] GetThemeBackgroundContentRect () returned 0x0
[0281.893] RestoreDC (hdc=0x3c0107d3, nSavedDC=-1) returned 1
[0281.893] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107d3) returned 0x0
[0281.893] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0281.893] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0281.893] GdipFillRectangleI (graphics=0x6600030, brush=0x6659db8, x=4, y=4, width=67, height=15) returned 0x0
[0281.893] GdipDeleteBrush (brush=0x6659db8) returned 0x0
[0281.893] IsAppThemed () returned 0x1
[0281.893] GetThemeAppProperties () returned 0x3
[0281.893] GetThemeAppProperties () returned 0x3
[0281.893] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0281.893] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0281.894] GetCurrentObject (hdc=0x3c0107d3, type=0x1) returned 0xb00017
[0281.894] GetCurrentObject (hdc=0x3c0107d3, type=0x2) returned 0x900010
[0281.894] GetCurrentObject (hdc=0x3c0107d3, type=0x7) returned 0x4a0507fe
[0281.894] GetCurrentObject (hdc=0x3c0107d3, type=0x6) returned 0x8a01c2
[0281.894] SaveDC (hdc=0x3c0107d3) returned 1
[0281.894] GetTextAlign (hdc=0x3c0107d3) returned 0x0
[0281.894] GetTextColor (hdc=0x3c0107d3) returned 0x0
[0281.894] GetCurrentObject (hdc=0x3c0107d3, type=0x6) returned 0x8a01c2
[0281.894] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0281.894] SelectObject (hdc=0x3c0107d3, h=0x6d0a0520) returned 0x8a01c2
[0281.894] GetBkMode (hdc=0x3c0107d3) returned 2
[0281.894] SetBkMode (hdc=0x3c0107d3, mode=1) returned 2
[0281.894] DrawTextExW (in: hdc=0x3c0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2de1b20 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0281.894] DrawTextExW (in: hdc=0x3c0107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2de1b20 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0281.895] RestoreDC (hdc=0x3c0107d3, nSavedDC=-1) returned 1
[0281.895] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107d3) returned 0x0
[0281.895] GetFocus () returned 0x602c4
[0281.895] IsAppThemed () returned 0x1
[0281.895] GetThemeAppProperties () returned 0x3
[0281.895] GetThemeAppProperties () returned 0x3
[0281.895] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0281.895] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x3c0107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0281.895] GdipReleaseDC (graphics=0x6600030, hdc=0x3c0107d3) returned 0x0
[0281.895] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0281.896] SelectObject (hdc=0x3c0107d3, h=0x85000f) returned 0x4a0507fe
[0281.896] DeleteDC (hdc=0x3c0107d3) returned 1
[0281.896] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0281.896] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0281.896] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2de1c1c, cPoints=0x1 | out: lpPoints=0x2de1c1c) returned 40304859
[0281.896] WindowFromPoint (Point=0xf5) returned 0x602c4
[0281.896] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500f5) returned 0x1
[0281.896] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0281.896] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0281.896] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0281.896] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0281.896] GetSystemMetrics (nIndex=42) returned 0
[0281.896] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0281.896] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0281.898] GetCapture () returned 0x602c4
[0281.898] ReleaseCapture () returned 1
[0281.898] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0281.898] GetProcessWindowStation () returned 0x13c
[0281.898] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.899] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0281.899] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.899] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0281.899] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.899] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0281.899] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.899] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0281.900] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.900] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0281.900] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.900] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0281.900] GetDC (hWnd=0x0) returned 0x60100ce
[0281.900] GdipCreateFromHDC (hdc=0x60100ce, graphics=0xd7e6ec) returned 0x0
[0281.900] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0281.900] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0281.900] ReleaseDC (hWnd=0x0, hDC=0x60100ce) returned 1
[0281.900] GetSystemMetrics (nIndex=5) returned 1
[0281.901] GetSystemMetrics (nIndex=6) returned 1
[0281.901] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.901] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0281.901] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.901] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0281.904] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0281.904] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0281.904] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.904] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0281.904] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.904] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0281.905] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2de7638 | out: lpData=0x2de7638) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de7a48, puLen=0xd7e810) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de76f0, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7744, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de77c4, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de782c, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de786c, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de78f4, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7930, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de7988, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de79b8, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de79f4, puLen=0xd7e790) returned 1
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de7a48, puLen=0xd7e784) returned 1
[0281.906] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.906] VerQueryValueW (in: pBlock=0x2de7638, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de7660, puLen=0xd7e794) returned 1
[0281.907] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0281.907] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0281.907] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.907] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0281.907] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.907] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0281.907] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2de95a8 | out: lpData=0x2de95a8) returned 1
[0281.907] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2de9644, puLen=0xd7e810) returned 1
[0281.907] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de96bc, puLen=0xd7e790) returned 1
[0281.907] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de96ec, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de9728, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de9758, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de97a0, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de9818, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de985c, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de989c, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de969a, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2de97e8, puLen=0xd7e790) returned 1
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2de9644, puLen=0xd7e784) returned 1
[0281.908] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0281.908] VerQueryValueW (in: pBlock=0x2de95a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2de95d0, puLen=0xd7e794) returned 1
[0281.909] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0281.909] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0281.909] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.909] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0281.909] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.909] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0281.909] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2deb880 | out: lpData=0x2deb880) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2debc94, puLen=0xd7e810) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb938, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb98c, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb9e8, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deba48, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2debaa0, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2debb28, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2debb7c, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2debbd4, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2debc04, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2debc40, puLen=0xd7e790) returned 1
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.910] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2debc94, puLen=0xd7e784) returned 1
[0281.910] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.911] VerQueryValueW (in: pBlock=0x2deb880, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2deb8a8, puLen=0xd7e794) returned 1
[0281.911] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0281.911] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0281.911] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.911] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0281.911] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.912] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0281.912] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dedeb8 | out: lpData=0x2dedeb8) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dee2b8, puLen=0xd7e810) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dedf70, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dedfc4, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee004, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee06c, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee0c4, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee14c, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee1a0, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee1f8, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee228, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dee264, puLen=0xd7e790) returned 1
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.913] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dee2b8, puLen=0xd7e784) returned 1
[0281.913] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.914] VerQueryValueW (in: pBlock=0x2dedeb8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dedee0, puLen=0xd7e794) returned 1
[0281.914] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0281.914] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0281.914] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.914] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0281.914] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.915] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0281.915] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2df05f4 | out: lpData=0x2df05f4) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df09bc, puLen=0xd7e810) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df06ac, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df0700, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df0740, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df07a8, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df07e4, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df086c, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df08a4, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df08fc, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df092c, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df0968, puLen=0xd7e790) returned 1
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.916] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df09bc, puLen=0xd7e784) returned 1
[0281.917] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.917] VerQueryValueW (in: pBlock=0x2df05f4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df061c, puLen=0xd7e794) returned 1
[0281.917] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0281.917] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0281.917] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.917] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0281.918] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.918] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0281.918] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2df3c5c | out: lpData=0x2df3c5c) returned 1
[0281.919] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df403c, puLen=0xd7e810) returned 1
[0281.919] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3d14, puLen=0xd7e790) returned 1
[0281.919] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3d68, puLen=0xd7e790) returned 1
[0281.919] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3da8, puLen=0xd7e790) returned 1
[0281.919] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3e08, puLen=0xd7e790) returned 1
[0281.919] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3e54, puLen=0xd7e790) returned 1
[0281.919] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3edc, puLen=0xd7e790) returned 1
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3f24, puLen=0xd7e790) returned 1
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3f7c, puLen=0xd7e790) returned 1
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3fac, puLen=0xd7e790) returned 1
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df3fe8, puLen=0xd7e790) returned 1
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df403c, puLen=0xd7e784) returned 1
[0281.920] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.920] VerQueryValueW (in: pBlock=0x2df3c5c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df3c84, puLen=0xd7e794) returned 1
[0281.920] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0281.921] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0281.921] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.921] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0281.921] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.921] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0281.921] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2df647c | out: lpData=0x2df647c) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df6888, puLen=0xd7e810) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6534, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6588, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df65dc, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df663c, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6694, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df671c, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6770, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df67c8, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df67f8, puLen=0xd7e790) returned 1
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.922] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df6834, puLen=0xd7e790) returned 1
[0281.923] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.923] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df6888, puLen=0xd7e784) returned 1
[0281.923] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.923] VerQueryValueW (in: pBlock=0x2df647c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df64a4, puLen=0xd7e794) returned 1
[0281.923] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0281.923] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0281.923] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.923] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0281.924] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.924] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0281.925] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2df8c90 | out: lpData=0x2df8c90) returned 1
[0281.925] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df9068, puLen=0xd7e810) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8d48, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8d9c, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8ddc, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8e44, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8e88, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8f10, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8f50, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8fa8, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df8fd8, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9014, puLen=0xd7e790) returned 1
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df9068, puLen=0xd7e784) returned 1
[0281.926] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.926] VerQueryValueW (in: pBlock=0x2df8c90, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df8cb8, puLen=0xd7e794) returned 1
[0281.927] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0281.927] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0281.927] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.927] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0281.927] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.927] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0281.928] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dfb1e8 | out: lpData=0x2dfb1e8) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfb5c0, puLen=0xd7e810) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb2a0, puLen=0xd7e790) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb2f4, puLen=0xd7e790) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb334, puLen=0xd7e790) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb39c, puLen=0xd7e790) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb3e0, puLen=0xd7e790) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb468, puLen=0xd7e790) returned 1
[0281.929] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb4a8, puLen=0xd7e790) returned 1
[0281.930] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb500, puLen=0xd7e790) returned 1
[0281.930] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb530, puLen=0xd7e790) returned 1
[0281.930] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.930] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfb56c, puLen=0xd7e790) returned 1
[0281.930] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.930] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfb5c0, puLen=0xd7e784) returned 1
[0281.930] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.930] VerQueryValueW (in: pBlock=0x2dfb1e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfb210, puLen=0xd7e794) returned 1
[0281.931] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0281.931] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0281.931] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0281.931] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0281.931] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0281.931] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0281.932] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2dfd920 | out: lpData=0x2dfd920) returned 1
[0281.932] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfdd50, puLen=0xd7e810) returned 1
[0281.932] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfd9d8, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfda2c, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfda9c, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdafc, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdb58, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdbe0, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdc38, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdc90, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdcc0, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfdcfc, puLen=0xd7e790) returned 1
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfdd50, puLen=0xd7e784) returned 1
[0281.933] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0281.933] VerQueryValueW (in: pBlock=0x2dfd920, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfd948, puLen=0xd7e794) returned 1
[0281.934] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0281.934] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.934] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0281.934] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.938] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0281.938] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3100ea
[0281.938] SetWindowLongW (hWnd=0x3100ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0281.938] GetWindowLongW (hWnd=0x3100ea, nIndex=-4) returned 1950089536
[0281.939] SetWindowLongW (hWnd=0x3100ea, nIndex=-4, dwNewLong=19948238) returned 1950089536
[0281.939] GetWindowLongW (hWnd=0x3100ea, nIndex=-4) returned 19948238
[0281.939] GetWindowLongW (hWnd=0x3100ea, nIndex=-16) returned 113311744
[0281.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0281.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0281.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0281.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0281.940] GetClientRect (in: hWnd=0x3100ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0281.940] GetWindowRect (in: hWnd=0x3100ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0281.940] SetWindowTextW (hWnd=0x3100ea, lpString="WindowsFormsParkingWindow") returned 1
[0281.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0xc, wParam=0x0, lParam=0x2dc2df8) returned 0x1
[0281.941] GetParent (hWnd=0x3100ea) returned 0x0
[0281.941] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0281.941] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3100ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e02dc
[0281.942] SetWindowLongW (hWnd=0x2e02dc, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0281.942] GetWindowLongW (hWnd=0x2e02dc, nIndex=-4) returned 1868147648
[0281.942] SetWindowLongW (hWnd=0x2e02dc, nIndex=-4, dwNewLong=19948318) returned 1868147648
[0281.942] GetWindowLongW (hWnd=0x2e02dc, nIndex=-4) returned 19948318
[0281.942] GetWindowLongW (hWnd=0x2e02dc, nIndex=-16) returned 1174405133
[0281.942] GetWindowLongW (hWnd=0x2e02dc, nIndex=-12) returned 0
[0281.942] SetWindowLongW (hWnd=0x2e02dc, nIndex=-12, dwNewLong=3015388) returned 0
[0281.943] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0281.943] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0281.944] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0281.944] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0281.944] GetWindowRect (in: hWnd=0x2e02dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0281.944] GetParent (hWnd=0x2e02dc) returned 0x3100ea
[0281.944] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3100ea, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0281.945] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0281.945] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0281.945] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0281.945] GetWindowRect (in: hWnd=0x2e02dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0281.945] GetParent (hWnd=0x2e02dc) returned 0x3100ea
[0281.945] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3100ea, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0281.946] SendMessageW (hWnd=0x2e02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2e02dc) returned 0x0
[0281.946] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2e02dc) returned 0x0
[0281.946] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0281.946] GetParent (hWnd=0x2e02dc) returned 0x3100ea
[0281.946] GdipCreateFromHWND (hwnd=0x2e02dc, graphics=0xd7e844) returned 0x0
[0281.946] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0281.947] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0281.947] GetForegroundWindow () returned 0x7005c
[0281.947] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.947] GetSystemMetrics (nIndex=42) returned 0
[0281.947] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0281.947] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0281.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0281.947] GetSystemMetrics (nIndex=42) returned 0
[0281.947] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0281.948] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0281.948] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.948] GetCursorPos (in: lpPoint=0x2e01da4 | out: lpPoint=0x2e01da4*(x=245, y=629)) returned 1
[0281.948] MonitorFromPoint (pt=0xf5, dwFlags=0x275) returned 0x10001
[0281.948] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0281.948] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3f0107d3
[0281.949] GetDeviceCaps (hdc=0x3f0107d3, index=12) returned 32
[0281.949] GetDeviceCaps (hdc=0x3f0107d3, index=14) returned 1
[0281.949] DeleteDC (hdc=0x3f0107d3) returned 1
[0281.949] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0281.949] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0281.949] GetSystemMetrics (nIndex=59) returned 1460
[0281.949] GetSystemMetrics (nIndex=60) returned 920
[0281.949] GetSystemMetrics (nIndex=34) returned 136
[0281.949] GetSystemMetrics (nIndex=35) returned 39
[0281.949] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.950] GetCursorPos (in: lpPoint=0x2e02010 | out: lpPoint=0x2e02010*(x=245, y=629)) returned 1
[0281.950] MonitorFromPoint (pt=0xf8, dwFlags=0x274) returned 0x10001
[0281.950] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0281.950] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x400107d3
[0281.950] GetDeviceCaps (hdc=0x400107d3, index=12) returned 32
[0281.950] GetDeviceCaps (hdc=0x400107d3, index=14) returned 1
[0281.950] DeleteDC (hdc=0x400107d3) returned 1
[0281.950] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0281.951] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0281.951] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.951] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0281.951] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e022a8 | out: piconinfo=0x2e022a8) returned 1
[0281.951] GetObjectW (in: h=0xc20507f4, c=24, pv=0x2e022c4 | out: pv=0x2e022c4) returned 24
[0281.951] GdipCreateBitmapFromHBITMAP (hbm=0xc20507f4, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0281.952] GdipGetImageWidth (image=0x6603778, width=0xd7e750) returned 0x0
[0281.952] GdipGetImageHeight (image=0x6603778, height=0xd7e748) returned 0x0
[0281.952] GdipGetImagePixelFormat (image=0x6603778, format=0xd7e740) returned 0x0
[0281.952] GdipBitmapLockBits (bitmap=0x6603778, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e0237c) returned 0x0
[0281.952] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0281.952] GdipBitmapLockBits (bitmap=0x66016a8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e023b4) returned 0x0
[0281.953] RtlMoveMemory (in: Destination=0x665cf38, Source=0x665bea8, Length=0x80 | out: Destination=0x665cf38)
[0281.953] RtlMoveMemory (in: Destination=0x665cfb8, Source=0x665be28, Length=0x80 | out: Destination=0x665cfb8)
[0281.953] RtlMoveMemory (in: Destination=0x665d038, Source=0x665bda8, Length=0x80 | out: Destination=0x665d038)
[0281.953] RtlMoveMemory (in: Destination=0x665d0b8, Source=0x665bd28, Length=0x80 | out: Destination=0x665d0b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d138, Source=0x665bca8, Length=0x80 | out: Destination=0x665d138)
[0281.953] RtlMoveMemory (in: Destination=0x665d1b8, Source=0x665bc28, Length=0x80 | out: Destination=0x665d1b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d238, Source=0x665bba8, Length=0x80 | out: Destination=0x665d238)
[0281.953] RtlMoveMemory (in: Destination=0x665d2b8, Source=0x665bb28, Length=0x80 | out: Destination=0x665d2b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d338, Source=0x665baa8, Length=0x80 | out: Destination=0x665d338)
[0281.953] RtlMoveMemory (in: Destination=0x665d3b8, Source=0x665ba28, Length=0x80 | out: Destination=0x665d3b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d438, Source=0x665b9a8, Length=0x80 | out: Destination=0x665d438)
[0281.953] RtlMoveMemory (in: Destination=0x665d4b8, Source=0x665b928, Length=0x80 | out: Destination=0x665d4b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d538, Source=0x665b8a8, Length=0x80 | out: Destination=0x665d538)
[0281.953] RtlMoveMemory (in: Destination=0x665d5b8, Source=0x665b828, Length=0x80 | out: Destination=0x665d5b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d638, Source=0x665b7a8, Length=0x80 | out: Destination=0x665d638)
[0281.953] RtlMoveMemory (in: Destination=0x665d6b8, Source=0x665b728, Length=0x80 | out: Destination=0x665d6b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d738, Source=0x665b6a8, Length=0x80 | out: Destination=0x665d738)
[0281.953] RtlMoveMemory (in: Destination=0x665d7b8, Source=0x665b628, Length=0x80 | out: Destination=0x665d7b8)
[0281.953] RtlMoveMemory (in: Destination=0x665d838, Source=0x665b5a8, Length=0x80 | out: Destination=0x665d838)
[0281.954] RtlMoveMemory (in: Destination=0x665d8b8, Source=0x665b528, Length=0x80 | out: Destination=0x665d8b8)
[0281.954] RtlMoveMemory (in: Destination=0x665d938, Source=0x665b4a8, Length=0x80 | out: Destination=0x665d938)
[0281.954] RtlMoveMemory (in: Destination=0x665d9b8, Source=0x665b428, Length=0x80 | out: Destination=0x665d9b8)
[0281.954] RtlMoveMemory (in: Destination=0x665da38, Source=0x665b3a8, Length=0x80 | out: Destination=0x665da38)
[0281.954] RtlMoveMemory (in: Destination=0x665dab8, Source=0x665b328, Length=0x80 | out: Destination=0x665dab8)
[0281.954] RtlMoveMemory (in: Destination=0x665db38, Source=0x665b2a8, Length=0x80 | out: Destination=0x665db38)
[0281.954] RtlMoveMemory (in: Destination=0x665dbb8, Source=0x665b228, Length=0x80 | out: Destination=0x665dbb8)
[0281.954] RtlMoveMemory (in: Destination=0x665dc38, Source=0x665b1a8, Length=0x80 | out: Destination=0x665dc38)
[0281.954] RtlMoveMemory (in: Destination=0x665dcb8, Source=0x665b128, Length=0x80 | out: Destination=0x665dcb8)
[0281.954] RtlMoveMemory (in: Destination=0x665dd38, Source=0x665b0a8, Length=0x80 | out: Destination=0x665dd38)
[0281.954] RtlMoveMemory (in: Destination=0x665ddb8, Source=0x665b028, Length=0x80 | out: Destination=0x665ddb8)
[0281.954] RtlMoveMemory (in: Destination=0x665de38, Source=0x665afa8, Length=0x80 | out: Destination=0x665de38)
[0281.954] RtlMoveMemory (in: Destination=0x665deb8, Source=0x665af28, Length=0x80 | out: Destination=0x665deb8)
[0281.954] GdipBitmapUnlockBits (bitmap=0x6603778, lockedBitmapData=0x2e0237c) returned 0x0
[0281.954] GdipBitmapUnlockBits (bitmap=0x66016a8, lockedBitmapData=0x2e023b4) returned 0x0
[0281.954] GdipDisposeImage (image=0x6603778) returned 0x0
[0281.954] DeleteObject (ho=0xc20507f4) returned 1
[0281.955] DeleteObject (ho=0x410507d3) returned 1
[0281.955] GetCurrentThreadId () returned 0xf50
[0281.955] GetCurrentThreadId () returned 0xf50
[0281.955] SetWindowPos (hWnd=0x2e02dc, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0281.955] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0281.955] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0281.956] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0281.956] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0281.956] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0281.956] GetWindowRect (in: hWnd=0x2e02dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0281.956] GetParent (hWnd=0x2e02dc) returned 0x3100ea
[0281.956] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3100ea, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0281.956] InvalidateRect (hWnd=0x2e02dc, lpRect=0x0, bErase=1) returned 1
[0281.956] GetWindowTextLengthW (hWnd=0x2e02dc) returned 0
[0281.956] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0281.956] GetSystemMetrics (nIndex=42) returned 0
[0281.956] GetWindowTextW (in: hWnd=0x2e02dc, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0281.956] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0281.956] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0281.956] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0281.956] GetWindowRect (in: hWnd=0x2e02dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0281.956] GetParent (hWnd=0x2e02dc) returned 0x3100ea
[0281.956] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3100ea, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0281.957] GetWindowTextLengthW (hWnd=0x2e02dc) returned 0
[0281.957] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0281.957] GetSystemMetrics (nIndex=42) returned 0
[0281.957] GetWindowTextW (in: hWnd=0x2e02dc, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0281.957] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0281.957] GetWindowTextLengthW (hWnd=0x2e02dc) returned 0
[0281.957] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0281.957] GetSystemMetrics (nIndex=42) returned 0
[0281.957] GetWindowTextW (in: hWnd=0x2e02dc, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0281.957] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0281.957] SetWindowTextW (hWnd=0x2e02dc, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0281.957] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xc, wParam=0x0, lParam=0x2de3210) returned 0x1
[0281.957] InvalidateRect (hWnd=0x2e02dc, lpRect=0x0, bErase=1) returned 1
[0281.957] GetCurrentThreadId () returned 0xf50
[0281.958] GetWindowThreadProcessId (in: hWnd=0x2e02dc, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0281.958] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0281.959] GdipImageForceValidation (image=0x66019f0) returned 0x0
[0281.961] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0281.961] GdipGetImageHeight (image=0x66019f0, height=0xd7e824) returned 0x0
[0281.961] GdipGetImageWidth (image=0x66019f0, width=0xd7e824) returned 0x0
[0281.961] GdipGetImageWidth (image=0x66019f0, width=0xd7e810) returned 0x0
[0281.961] GdipGetImageHeight (image=0x66019f0, height=0xd7e810) returned 0x0
[0281.961] GdipGetImageWidth (image=0x66019f0, width=0xd7e800) returned 0x0
[0281.961] GdipGetImageHeight (image=0x66019f0, height=0xd7e800) returned 0x0
[0281.961] GdipBitmapGetPixel (bitmap=0x66019f0, x=0, y=15, color=0xd7e810) returned 0x0
[0281.961] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0281.961] GdipGetImageWidth (image=0x66019f0, width=0xd7e740) returned 0x0
[0281.961] GdipGetImageHeight (image=0x66019f0, height=0xd7e740) returned 0x0
[0281.961] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0281.961] GdipGetImagePixelFormat (image=0x6603778, format=0xd7e740) returned 0x0
[0281.961] GdipGetImageGraphicsContext (image=0x6603778, graphics=0xd7e74c) returned 0x0
[0281.962] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0281.962] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0281.962] GdipSetImageAttributesColorKeys (imageattr=0x6638ab8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0281.962] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66019f0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ab8, callback=0x0, callbackData=0x0) returned 0x0
[0281.962] GdipDisposeImageAttributes (imageattr=0x6638ab8) returned 0x0
[0281.962] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0281.962] GdipDisposeImage (image=0x66019f0) returned 0x0
[0281.964] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0281.965] GdipImageForceValidation (image=0x66019f0) returned 0x0
[0281.969] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0281.969] GdipGetImageHeight (image=0x66019f0, height=0xd7e824) returned 0x0
[0281.969] GdipGetImageWidth (image=0x66019f0, width=0xd7e824) returned 0x0
[0281.969] GdipGetImageWidth (image=0x66019f0, width=0xd7e810) returned 0x0
[0281.969] GdipGetImageHeight (image=0x66019f0, height=0xd7e810) returned 0x0
[0281.969] GdipGetImageWidth (image=0x66019f0, width=0xd7e800) returned 0x0
[0281.969] GdipGetImageHeight (image=0x66019f0, height=0xd7e800) returned 0x0
[0281.969] GdipBitmapGetPixel (bitmap=0x66019f0, x=0, y=15, color=0xd7e810) returned 0x0
[0281.969] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0281.969] GdipGetImageWidth (image=0x66019f0, width=0xd7e740) returned 0x0
[0281.969] GdipGetImageHeight (image=0x66019f0, height=0xd7e740) returned 0x0
[0281.969] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0281.969] GdipGetImagePixelFormat (image=0x6601d38, format=0xd7e740) returned 0x0
[0281.969] GdipGetImageGraphicsContext (image=0x6601d38, graphics=0xd7e74c) returned 0x0
[0281.969] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0281.969] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0281.970] GdipSetImageAttributesColorKeys (imageattr=0x6638b78, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0281.970] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66019f0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b78, callback=0x0, callbackData=0x0) returned 0x0
[0281.970] GdipDisposeImageAttributes (imageattr=0x6638b78) returned 0x0
[0281.970] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0281.970] GdipDisposeImage (image=0x66019f0) returned 0x0
[0281.970] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.970] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0281.971] GetCurrentThreadId () returned 0xf50
[0281.971] GetCurrentThreadId () returned 0xf50
[0281.971] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.971] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0281.971] GetCurrentThreadId () returned 0xf50
[0281.971] GetCurrentThreadId () returned 0xf50
[0281.971] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.971] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0281.972] GetCurrentThreadId () returned 0xf50
[0281.972] GetCurrentThreadId () returned 0xf50
[0281.972] GetSystemMetrics (nIndex=5) returned 1
[0281.972] GetSystemMetrics (nIndex=6) returned 1
[0281.972] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.972] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0281.972] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.972] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0281.973] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.973] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0281.973] GetCurrentThreadId () returned 0xf50
[0281.973] GetCurrentThreadId () returned 0xf50
[0281.973] GetProcessWindowStation () returned 0x13c
[0281.973] GetCapture () returned 0x0
[0281.973] GetActiveWindow () returned 0x7005c
[0281.973] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0281.974] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0281.974] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0281.974] GetCursorPos (in: lpPoint=0x2e034f4 | out: lpPoint=0x2e034f4*(x=245, y=629)) returned 1
[0281.974] MonitorFromPoint (pt=0xf5, dwFlags=0x275) returned 0x10001
[0281.974] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0281.974] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x420107d3
[0281.974] GetDeviceCaps (hdc=0x420107d3, index=12) returned 32
[0281.974] GetDeviceCaps (hdc=0x420107d3, index=14) returned 1
[0281.974] DeleteDC (hdc=0x420107d3) returned 1
[0281.974] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0281.975] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0281.975] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2402ce
[0281.975] SetWindowLongW (hWnd=0x2402ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0281.975] GetWindowLongW (hWnd=0x2402ce, nIndex=-4) returned 1950089536
[0281.976] SetWindowLongW (hWnd=0x2402ce, nIndex=-4, dwNewLong=19948358) returned 1950089536
[0281.976] GetWindowLongW (hWnd=0x2402ce, nIndex=-4) returned 19948358
[0281.976] GetWindowLongW (hWnd=0x2402ce, nIndex=-16) returned 113770496
[0281.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0281.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0281.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0281.978] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0281.978] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0281.978] SetWindowTextW (hWnd=0x2402ce, lpString="BB ransomware") returned 1
[0281.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xc, wParam=0x0, lParam=0x2e01c90) returned 0x1
[0281.980] GetStartupInfoW (in: lpStartupInfo=0x2e03830 | out: lpStartupInfo=0x2e03830*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0281.982] GetParent (hWnd=0x2402ce) returned 0x0
[0281.982] SetWindowLongW (hWnd=0x2402ce, nIndex=-8, dwNewLong=0) returned 0
[0281.984] SendMessageW (hWnd=0x2402ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0281.984] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0281.984] SendMessageW (hWnd=0x2402ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0281.984] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0281.984] GetSystemMenu (hWnd=0x2402ce, bRevert=0) returned 0x510111
[0281.985] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0281.985] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0281.985] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0281.985] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0281.985] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0281.985] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0281.985] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0281.985] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0281.985] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0281.985] SetWindowPos (hWnd=0x2402ce, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0281.985] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0281.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2402ce) returned 0x1
[0281.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0281.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0281.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0281.990] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0281.991] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0281.993] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2402ce, lParam=0x0) returned 0x0
[0281.993] GetCapture () returned 0x0
[0281.993] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0281.994] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0281.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0282.001] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.001] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0282.001] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0282.002] GetParent (hWnd=0x2402ce) returned 0x0
[0282.002] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0282.005] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0282.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0282.005] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0282.005] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0282.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.008] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0282.008] GetWindowLongW (hWnd=0x2402ce, nIndex=-16) returned 113770496
[0282.008] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.008] GetSystemMetrics (nIndex=42) returned 0
[0282.008] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0282.008] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.008] GetSystemMetrics (nIndex=42) returned 0
[0282.008] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0282.008] GetCursorPos (in: lpPoint=0x2e03a6c | out: lpPoint=0x2e03a6c*(x=245, y=629)) returned 1
[0282.008] MonitorFromPoint (pt=0xf3, dwFlags=0x278) returned 0x10001
[0282.009] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0282.009] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7e0107ee
[0282.009] GetDeviceCaps (hdc=0x7e0107ee, index=12) returned 32
[0282.009] GetDeviceCaps (hdc=0x7e0107ee, index=14) returned 1
[0282.009] DeleteDC (hdc=0x7e0107ee) returned 1
[0282.009] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0282.009] GetWindowLongW (hWnd=0x2402ce, nIndex=-16) returned 113770496
[0282.009] GetWindowLongW (hWnd=0x2402ce, nIndex=-20) returned 327945
[0282.009] SetWindowLongW (hWnd=0x2402ce, nIndex=-16, dwNewLong=46661632) returned 113770496
[0282.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0282.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0282.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.012] SetWindowLongW (hWnd=0x2402ce, nIndex=-20, dwNewLong=327681) returned 327945
[0282.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0282.012] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0282.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.064] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.064] SetWindowPos (hWnd=0x2402ce, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0282.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0282.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0282.065] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0282.065] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0282.065] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0282.065] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0282.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.067] RedrawWindow (hWnd=0x2402ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0282.068] GetSystemMenu (hWnd=0x2402ce, bRevert=0) returned 0x510111
[0282.068] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0282.068] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0282.068] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0282.068] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0282.068] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0282.068] EnableMenuItem (hMenu=0x510111, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0282.068] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0282.068] GetWindowLongW (hWnd=0x2402ce, nIndex=-8) returned 0
[0282.068] SetWindowLongW (hWnd=0x2402ce, nIndex=-8, dwNewLong=458844) returned 0
[0282.069] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0282.069] GetProcessWindowStation () returned 0x13c
[0282.069] GetCurrentThreadId () returned 0xf50
[0282.069] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13061b6, lParam=0x0) returned 1
[0282.070] IsWindowVisible (hWnd=0x2402ce) returned 0
[0282.070] IsWindowVisible (hWnd=0x7005c) returned 1
[0282.070] IsWindowEnabled (hWnd=0x7005c) returned 1
[0282.070] IsWindowVisible (hWnd=0x300ec) returned 0
[0282.070] IsWindowVisible (hWnd=0x502c6) returned 0
[0282.070] IsWindowVisible (hWnd=0x502be) returned 0
[0282.070] GetActiveWindow () returned 0x2402ce
[0282.070] GetFocus () returned 0x2402ce
[0282.070] IsWindow (hWnd=0x7005c) returned 1
[0282.070] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0282.070] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0282.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0282.071] GetWindowLongW (hWnd=0x2402ce, nIndex=-8) returned 458844
[0282.071] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0282.071] GetCurrentThreadId () returned 0xf50
[0282.071] GetWindowLongW (hWnd=0x2402ce, nIndex=-8) returned 458844
[0282.071] IsWindowEnabled (hWnd=0x7005c) returned 0
[0282.071] IsWindowEnabled (hWnd=0x2402ce) returned 1
[0282.071] ShowWindow (hWnd=0x2402ce, nCmdShow=5) returned 0
[0282.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0282.071] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0282.072] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0282.072] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0282.072] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2402ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e02da
[0282.073] SetWindowLongW (hWnd=0x2e02da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0282.073] GetWindowLongW (hWnd=0x2e02da, nIndex=-4) returned 1950089536
[0282.073] SetWindowLongW (hWnd=0x2e02da, nIndex=-4, dwNewLong=19949654) returned 1950089536
[0282.073] GetWindowLongW (hWnd=0x2e02da, nIndex=-4) returned 19949654
[0282.073] GetWindowLongW (hWnd=0x2e02da, nIndex=-16) returned 1174405120
[0282.073] GetWindowLongW (hWnd=0x2e02da, nIndex=-12) returned 0
[0282.073] SetWindowLongW (hWnd=0x2e02da, nIndex=-12, dwNewLong=3015386) returned 0
[0282.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0282.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0282.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0282.074] GetWindow (hWnd=0x2e02da, uCmd=0x3) returned 0x0
[0282.074] GetClientRect (in: hWnd=0x2e02da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0282.074] GetWindowRect (in: hWnd=0x2e02da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0282.074] GetParent (hWnd=0x2e02da) returned 0x2402ce
[0282.074] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0282.075] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0282.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0282.076] GetClientRect (in: hWnd=0x2e02da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0282.076] GetWindowRect (in: hWnd=0x2e02da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0282.076] GetParent (hWnd=0x2e02da) returned 0x2402ce
[0282.076] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0282.076] SendMessageW (hWnd=0x2e02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2e02da) returned 0x0
[0282.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2e02da) returned 0x0
[0282.077] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0282.078] GetParent (hWnd=0x2e02da) returned 0x2402ce
[0282.078] GetParent (hWnd=0x2e02dc) returned 0x3100ea
[0282.078] SetParent (hWndChild=0x2e02dc, hWndNewParent=0x2402ce) returned 0x3100ea
[0282.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0282.078] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0282.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0282.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0282.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0282.079] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0282.079] GetWindowRect (in: hWnd=0x2e02dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0282.079] GetParent (hWnd=0x2e02dc) returned 0x2402ce
[0282.079] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0282.079] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0282.079] GetWindowRect (in: hWnd=0x2e02dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0282.079] GetParent (hWnd=0x2e02dc) returned 0x2402ce
[0282.079] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0282.079] GetParent (hWnd=0x2e02dc) returned 0x2402ce
[0282.079] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0282.079] GetWindow (hWnd=0x2e02dc, uCmd=0x3) returned 0x0
[0282.080] SetWindowPos (hWnd=0x2e02dc, hWndInsertAfter=0x2e02da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0282.080] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0282.080] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0282.080] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0282.080] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0282.080] GetWindowRect (in: hWnd=0x2e02dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0282.080] GetParent (hWnd=0x2e02dc) returned 0x2402ce
[0282.080] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0282.080] GetParent (hWnd=0x2e02dc) returned 0x2402ce
[0282.081] GetWindow (hWnd=0x2e02dc, uCmd=0x3) returned 0x2e02da
[0282.081] GetWindowThreadProcessId (in: hWnd=0x2e02dc, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0282.081] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0282.081] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0282.081] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0282.081] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2402ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3002d8
[0282.082] SetWindowLongW (hWnd=0x3002d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0282.082] GetWindowLongW (hWnd=0x3002d8, nIndex=-4) returned 1868032000
[0282.082] SetWindowLongW (hWnd=0x3002d8, nIndex=-4, dwNewLong=19948774) returned 1868032000
[0282.082] GetWindowLongW (hWnd=0x3002d8, nIndex=-4) returned 19948774
[0282.082] GetWindowLongW (hWnd=0x3002d8, nIndex=-16) returned 1174470667
[0282.082] GetWindowLongW (hWnd=0x3002d8, nIndex=-12) returned 0
[0282.083] SetWindowLongW (hWnd=0x3002d8, nIndex=-12, dwNewLong=3146456) returned 0
[0282.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0282.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0282.084] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0282.085] SendMessageW (hWnd=0x3002d8, Msg=0x2055, wParam=0x3002d8, lParam=0x3) returned 0x2
[0282.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0282.085] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0282.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0282.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0282.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0282.085] RedrawWindow (hWnd=0x2e02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0282.085] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0282.085] RedrawWindow (hWnd=0x2e02dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0282.085] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0282.085] RedrawWindow (hWnd=0x3002d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0282.086] RedrawWindow (hWnd=0x2402ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0282.086] GetWindow (hWnd=0x3002d8, uCmd=0x3) returned 0x2e02dc
[0282.086] GetClientRect (in: hWnd=0x3002d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0282.086] GetWindowRect (in: hWnd=0x3002d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0282.086] GetParent (hWnd=0x3002d8) returned 0x2402ce
[0282.086] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0282.086] SetWindowTextW (hWnd=0x3002d8, lpString="&Details") returned 1
[0282.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0282.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0282.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0282.087] GetClientRect (in: hWnd=0x3002d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0282.087] GetWindowRect (in: hWnd=0x3002d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0282.087] GetParent (hWnd=0x3002d8) returned 0x2402ce
[0282.087] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0282.087] SendMessageW (hWnd=0x3002d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3002d8) returned 0x0
[0282.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3002d8) returned 0x0
[0282.087] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0282.087] GetParent (hWnd=0x3002d8) returned 0x2402ce
[0282.088] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0282.088] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0282.088] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0282.088] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2402ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2302d0
[0282.089] SetWindowLongW (hWnd=0x2302d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0282.089] GetWindowLongW (hWnd=0x2302d0, nIndex=-4) returned 1868032000
[0282.089] SetWindowLongW (hWnd=0x2302d0, nIndex=-4, dwNewLong=19949814) returned 1868032000
[0282.089] GetWindowLongW (hWnd=0x2302d0, nIndex=-4) returned 19949814
[0282.089] GetWindowLongW (hWnd=0x2302d0, nIndex=-16) returned 1174470667
[0282.089] GetWindowLongW (hWnd=0x2302d0, nIndex=-12) returned 0
[0282.089] SetWindowLongW (hWnd=0x2302d0, nIndex=-12, dwNewLong=2294480) returned 0
[0282.089] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0282.090] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0282.090] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0282.092] SendMessageW (hWnd=0x2302d0, Msg=0x2055, wParam=0x2302d0, lParam=0x3) returned 0x2
[0282.092] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0282.092] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0282.092] GetWindow (hWnd=0x2302d0, uCmd=0x3) returned 0x3002d8
[0282.092] GetClientRect (in: hWnd=0x2302d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0282.092] GetWindowRect (in: hWnd=0x2302d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0282.092] GetParent (hWnd=0x2302d0) returned 0x2402ce
[0282.092] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0282.092] SetWindowTextW (hWnd=0x2302d0, lpString="&Continue") returned 1
[0282.092] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0282.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0282.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0282.093] GetClientRect (in: hWnd=0x2302d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0282.093] GetWindowRect (in: hWnd=0x2302d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0282.093] GetParent (hWnd=0x2302d0) returned 0x2402ce
[0282.093] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0282.093] SendMessageW (hWnd=0x2302d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2302d0) returned 0x0
[0282.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2302d0) returned 0x0
[0282.093] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0282.094] GetParent (hWnd=0x2302d0) returned 0x2402ce
[0282.094] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0282.094] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0282.094] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0282.094] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2402ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2802c8
[0282.096] SetWindowLongW (hWnd=0x2802c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0282.096] GetWindowLongW (hWnd=0x2802c8, nIndex=-4) returned 1868032000
[0282.096] SetWindowLongW (hWnd=0x2802c8, nIndex=-4, dwNewLong=19948654) returned 1868032000
[0282.096] GetWindowLongW (hWnd=0x2802c8, nIndex=-4) returned 19948654
[0282.096] GetWindowLongW (hWnd=0x2802c8, nIndex=-16) returned 1174470667
[0282.096] GetWindowLongW (hWnd=0x2802c8, nIndex=-12) returned 0
[0282.096] SetWindowLongW (hWnd=0x2802c8, nIndex=-12, dwNewLong=2622152) returned 0
[0282.096] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0282.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0282.097] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0282.098] SendMessageW (hWnd=0x2802c8, Msg=0x2055, wParam=0x2802c8, lParam=0x3) returned 0x2
[0282.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0282.098] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0282.098] GetWindow (hWnd=0x2802c8, uCmd=0x3) returned 0x2302d0
[0282.098] GetClientRect (in: hWnd=0x2802c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0282.098] GetWindowRect (in: hWnd=0x2802c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0282.098] GetParent (hWnd=0x2802c8) returned 0x2402ce
[0282.098] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0282.099] SetWindowTextW (hWnd=0x2802c8, lpString="&Quit") returned 1
[0282.099] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0282.099] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0282.099] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0282.099] GetClientRect (in: hWnd=0x2802c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0282.099] GetWindowRect (in: hWnd=0x2802c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0282.099] GetParent (hWnd=0x2802c8) returned 0x2402ce
[0282.100] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0282.100] SendMessageW (hWnd=0x2802c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2802c8) returned 0x0
[0282.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2802c8) returned 0x0
[0282.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0282.100] GetParent (hWnd=0x2802c8) returned 0x2402ce
[0282.100] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0282.100] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0282.101] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0282.101] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2402ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e02de
[0282.101] SetWindowLongW (hWnd=0x2e02de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0282.102] GetWindowLongW (hWnd=0x2e02de, nIndex=-4) returned 1868026976
[0282.102] SetWindowLongW (hWnd=0x2e02de, nIndex=-4, dwNewLong=19949294) returned 1868026976
[0282.102] GetWindowLongW (hWnd=0x2e02de, nIndex=-4) returned 19949294
[0282.102] GetWindowLongW (hWnd=0x2e02de, nIndex=-16) returned 1177553092
[0282.102] GetWindowLongW (hWnd=0x2e02de, nIndex=-12) returned 0
[0282.102] SetWindowLongW (hWnd=0x2e02de, nIndex=-12, dwNewLong=3015390) returned 0
[0282.102] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0282.103] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0282.104] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0282.123] GetWindow (hWnd=0x2e02de, uCmd=0x3) returned 0x2802c8
[0282.123] GetClientRect (in: hWnd=0x2e02de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0282.123] GetWindowRect (in: hWnd=0x2e02de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0282.123] GetParent (hWnd=0x2e02de) returned 0x2402ce
[0282.123] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0282.123] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.123] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.123] GetSystemMetrics (nIndex=42) returned 0
[0282.123] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.123] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0282.124] SendMessageW (hWnd=0x2e02de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0282.124] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0282.129] SetWindowTextW (hWnd=0x2e02de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0282.129] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0xc, wParam=0x0, lParam=0x2dff678) returned 0x1
[0282.131] GetSystemMetrics (nIndex=5) returned 1
[0282.131] GetSystemMetrics (nIndex=6) returned 1
[0282.131] SendMessageW (hWnd=0x2e02de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0282.132] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0282.132] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0282.133] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0282.133] GetClientRect (in: hWnd=0x2e02de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0282.133] GetWindowRect (in: hWnd=0x2e02de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0282.133] GetParent (hWnd=0x2e02de) returned 0x2402ce
[0282.133] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2402ce, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0282.133] SendMessageW (hWnd=0x2e02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2e02de) returned 0x0
[0282.133] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2e02de) returned 0x0
[0282.134] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0282.134] GetParent (hWnd=0x2e02de) returned 0x2402ce
[0282.134] GetWindowLongW (hWnd=0x2402ce, nIndex=-8) returned 458844
[0282.134] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0282.134] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0282.135] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x410107f9
[0282.135] GetDeviceCaps (hdc=0x410107f9, index=12) returned 32
[0282.135] GetDeviceCaps (hdc=0x410107f9, index=14) returned 1
[0282.135] DeleteDC (hdc=0x410107f9) returned 1
[0282.135] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0282.135] GetWindowThreadProcessId (in: hWnd=0x2402ce, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0282.135] GetCurrentThreadId () returned 0xf50
[0282.135] PostMessageW (hWnd=0x2402ce, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0282.135] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.136] GetSystemMetrics (nIndex=42) returned 0
[0282.136] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0282.136] GdipImageGetFrameDimensionsCount (image=0x66016a8, count=0xd7e25c) returned 0x0
[0282.136] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201748
[0282.136] GdipImageGetFrameDimensionsList (image=0x66016a8, dimensionIDs=0x1201748*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0282.136] LocalFree (hMem=0x1201748) returned 0x0
[0282.136] GdipImageGetFrameDimensionsCount (image=0x6603778, count=0xd7e250) returned 0x0
[0282.136] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201670
[0282.136] GdipImageGetFrameDimensionsList (image=0x6603778, dimensionIDs=0x1201670*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0282.136] LocalFree (hMem=0x1201670) returned 0x0
[0282.136] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0282.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0282.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0282.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0282.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.160] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0282.160] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0282.160] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.160] GetSystemMetrics (nIndex=42) returned 0
[0282.160] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0282.161] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0282.161] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0282.161] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0282.161] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0x440507f3
[0282.161] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0282.161] SaveDC (hdc=0xc0107c5) returned 1
[0282.161] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0282.161] CreateSolidBrush (color=0xf0f0f0) returned 0x191007e1
[0282.161] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0x191007e1) returned 1
[0282.161] DeleteObject (ho=0x191007e1) returned 1
[0282.161] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0282.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0282.162] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0282.162] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0282.163] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0282.163] GetStockObject (i=5) returned 0x900015
[0282.163] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0282.163] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0282.163] GetStockObject (i=5) returned 0x900015
[0282.163] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0282.164] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0282.164] GetStockObject (i=5) returned 0x900015
[0282.166] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0282.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0282.166] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0282.166] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0282.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0282.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0282.168] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0282.168] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0282.168] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.168] InvalidateRect (hWnd=0x3002d8, lpRect=0x0, bErase=0) returned 1
[0282.168] GetFocus () returned 0x2402ce
[0282.169] GetFocus () returned 0x2402ce
[0282.169] SetFocus (hWnd=0x3002d8) returned 0x2402ce
[0282.169] GetFocus () returned 0x3002d8
[0282.170] IsChild (hWndParent=0x2402ce, hWnd=0x3002d8) returned 1
[0282.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x8, wParam=0x3002d8, lParam=0x0) returned 0x0
[0282.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0282.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0282.174] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x7, wParam=0x2402ce, lParam=0x0) returned 0x0
[0282.175] GetStockObject (i=5) returned 0x900015
[0282.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0282.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0xd, wParam=0x9, lParam=0x11f57a0) returned 0x8
[0282.175] GetDlgItem (hDlg=0x2402ce, nIDDlgItem=3146456) returned 0x3002d8
[0282.175] SendMessageW (hWnd=0x3002d8, Msg=0x202b, wParam=0x3002d8, lParam=0xd7e0dc) returned 0x0
[0282.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x202b, wParam=0x3002d8, lParam=0xd7e0dc) returned 0x0
[0282.175] InvalidateRect (hWnd=0x3002d8, lpRect=0x0, bErase=0) returned 1
[0282.178] GetFocus () returned 0x3002d8
[0282.178] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.178] IsWindowUnicode (hWnd=0x2402ce) returned 1
[0282.178] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.178] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.178] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0282.178] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.178] IsWindowUnicode (hWnd=0x2402ce) returned 1
[0282.178] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.178] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.178] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.178] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.179] IsWindowUnicode (hWnd=0x2302d0) returned 1
[0282.179] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.179] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.179] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.180] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.180] IsWindowUnicode (hWnd=0x602c4) returned 1
[0282.180] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.180] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.180] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0282.180] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0282.180] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.180] IsWindowUnicode (hWnd=0x2302d0) returned 1
[0282.180] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.180] SetCursor (hCursor=0x10003) returned 0x10003
[0282.181] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.181] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.181] _TrackMouseEvent (in: lpEventTrack=0x2e04db4 | out: lpEventTrack=0x2e04db4) returned 1
[0282.181] SendMessageW (hWnd=0x2302d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0282.181] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0282.181] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.181] GetKeyState (nVirtKey=1) returned 0
[0282.181] GetKeyState (nVirtKey=2) returned 0
[0282.181] GetKeyState (nVirtKey=4) returned 0
[0282.181] GetKeyState (nVirtKey=5) returned 0
[0282.181] GetKeyState (nVirtKey=6) returned 0
[0282.181] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.182] IsWindowUnicode (hWnd=0x2402ce) returned 1
[0282.182] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.182] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.182] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.182] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.183] IsWindowUnicode (hWnd=0x2402ce) returned 1
[0282.183] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.183] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.183] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.183] BeginPaint (in: hWnd=0x2402ce, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0282.183] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.183] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.183] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.184] GetSystemMetrics (nIndex=42) returned 0
[0282.184] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0282.184] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.184] EndPaint (hWnd=0x2402ce, lpPaint=0xd7e274) returned 1
[0282.184] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.184] IsWindowUnicode (hWnd=0x2e02da) returned 1
[0282.184] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.189] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.189] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.190] BeginPaint (in: hWnd=0x2e02da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0282.190] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.190] CreateCompatibleDC (hdc=0x60100ce) returned 0x870107ee
[0282.190] SelectObject (hdc=0x870107ee, h=0x4a0507fe) returned 0x85000f
[0282.190] GdipCreateFromHDC (hdc=0x870107ee, graphics=0xd7e2b0) returned 0x0
[0282.190] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.190] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0282.190] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0282.190] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0282.190] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e310) returned 0x0
[0282.190] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.191] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0282.191] LocalFree (hMem=0x11ee788) returned 0x0
[0282.191] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0282.191] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0282.191] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0282.191] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0282.191] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0282.191] GetWindowTextLengthW (hWnd=0x2e02da) returned 0
[0282.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0282.191] GetSystemMetrics (nIndex=42) returned 0
[0282.191] GetWindowTextW (in: hWnd=0x2e02da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0282.191] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0282.191] GetClientRect (in: hWnd=0x2e02da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0282.191] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0282.191] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0282.192] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0282.192] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0282.192] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e164) returned 0x0
[0282.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0282.192] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0282.192] LocalFree (hMem=0x11eea28) returned 0x0
[0282.192] GdipCombineRegionRegion (region=0x6645bd8, region2=0x66463b8, combineMode=0x1) returned 0x0
[0282.192] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.192] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0282.192] LocalFree (hMem=0x11ee788) returned 0x0
[0282.192] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0282.192] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0282.192] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0282.192] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0282.192] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0282.192] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0282.193] GetCurrentObject (hdc=0x870107ee, type=0x1) returned 0xb00017
[0282.193] GetCurrentObject (hdc=0x870107ee, type=0x2) returned 0x900010
[0282.193] GetCurrentObject (hdc=0x870107ee, type=0x7) returned 0x4a0507fe
[0282.193] GetCurrentObject (hdc=0x870107ee, type=0x6) returned 0x8a01c2
[0282.193] SaveDC (hdc=0x870107ee) returned 1
[0282.193] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1a0407de
[0282.193] GetClipRgn (hdc=0x870107ee, hrgn=0x1a0407de) returned 0
[0282.193] SelectClipRgn (hdc=0x870107ee, hrgn=0x89040807) returned 2
[0282.193] DeleteObject (ho=0x1a0407de) returned 1
[0282.193] DeleteObject (ho=0x89040807) returned 1
[0282.193] OffsetViewportOrgEx (in: hdc=0x870107ee, x=0, y=0, lppt=0x2e05230 | out: lppt=0x2e05230) returned 1
[0282.193] GetNearestColor (hdc=0x870107ee, color=0xf0f0f0) returned 0xf0f0f0
[0282.193] CreateSolidBrush (color=0xf0f0f0) returned 0x1a1007e1
[0282.193] FillRect (hDC=0x870107ee, lprc=0xd7e198, hbr=0x1a1007e1) returned 1
[0282.193] DeleteObject (ho=0x1a1007e1) returned 1
[0282.194] RestoreDC (hdc=0x870107ee, nSavedDC=-1) returned 1
[0282.194] GdipReleaseDC (graphics=0x6600030, hdc=0x870107ee) returned 0x0
[0282.194] GdipRestoreGraphics (graphics=0x6600030, state=0xf6a40dbd) returned 0x0
[0282.194] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0282.194] GetWindowTextLengthW (hWnd=0x2e02da) returned 0
[0282.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0282.194] GetSystemMetrics (nIndex=42) returned 0
[0282.194] GetWindowTextW (in: hWnd=0x2e02da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0282.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0282.194] GdipGetImageWidth (image=0x66016a8, width=0xd7e1e0) returned 0x0
[0282.194] GdipGetImageHeight (image=0x66016a8, height=0xd7e1e0) returned 0x0
[0282.194] GdipGetImageWidth (image=0x66016a8, width=0xd7e1cc) returned 0x0
[0282.194] GdipGetImageHeight (image=0x66016a8, height=0xd7e1cc) returned 0x0
[0282.194] GdipDrawImageRectI (graphics=0x6600030, image=0x66016a8, x=16, y=16, width=32, height=32) returned 0x0
[0282.194] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0282.194] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x870107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.195] GdipReleaseDC (graphics=0x6600030, hdc=0x870107ee) returned 0x0
[0282.195] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.195] SelectObject (hdc=0x870107ee, h=0x85000f) returned 0x4a0507fe
[0282.195] DeleteDC (hdc=0x870107ee) returned 1
[0282.195] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.195] EndPaint (hWnd=0x2e02da, lpPaint=0xd7e294) returned 1
[0282.195] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.195] IsWindowUnicode (hWnd=0x2e02dc) returned 1
[0282.195] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.195] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.195] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.196] BeginPaint (in: hWnd=0x2e02dc, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0282.196] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.196] CreateCompatibleDC (hdc=0xc0107c5) returned 0x890107ee
[0282.196] GetObjectType (h=0xc0107c5) returned 0x3
[0282.196] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0x4c0507f9
[0282.196] GetDIBits (in: hdc=0xc0107c5, hbm=0x4c0507f9, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0282.196] GetDIBits (in: hdc=0xc0107c5, hbm=0x4c0507f9, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0282.196] DeleteObject (ho=0x4c0507f9) returned 1
[0282.196] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x540507e6
[0282.197] SelectObject (hdc=0x890107ee, h=0x540507e6) returned 0x85000f
[0282.197] GdipCreateFromHDC (hdc=0x890107ee, graphics=0xd7e234) returned 0x0
[0282.197] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.197] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0282.197] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0282.197] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0282.197] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2d4) returned 0x0
[0282.197] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.197] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0282.197] LocalFree (hMem=0x11ee788) returned 0x0
[0282.197] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0282.197] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0282.197] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0282.198] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0282.198] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0282.198] GetWindowTextLengthW (hWnd=0x2e02dc) returned 232
[0282.198] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0282.198] GetSystemMetrics (nIndex=42) returned 0
[0282.198] GetWindowTextW (in: hWnd=0x2e02dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0282.198] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0282.198] GetClientRect (in: hWnd=0x2e02dc, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0282.198] GdipCreateRegion (region=0xd7e110) returned 0x0
[0282.198] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0282.198] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0282.198] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0282.198] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e128) returned 0x0
[0282.198] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.198] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0282.198] LocalFree (hMem=0x11eec58) returned 0x0
[0282.198] GdipCombineRegionRegion (region=0x66452d8, region2=0x66463b8, combineMode=0x1) returned 0x0
[0282.198] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0282.198] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea60) returned 0x0
[0282.199] LocalFree (hMem=0x11eea60) returned 0x0
[0282.199] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0282.199] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0282.199] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0282.199] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0282.199] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0282.199] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0282.199] GetCurrentObject (hdc=0x890107ee, type=0x1) returned 0xb00017
[0282.199] GetCurrentObject (hdc=0x890107ee, type=0x2) returned 0x900010
[0282.199] GetCurrentObject (hdc=0x890107ee, type=0x7) returned 0x540507e6
[0282.199] GetCurrentObject (hdc=0x890107ee, type=0x6) returned 0x8a01c2
[0282.199] SaveDC (hdc=0x890107ee) returned 1
[0282.199] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8a040807
[0282.199] GetClipRgn (hdc=0x890107ee, hrgn=0x8a040807) returned 0
[0282.199] SelectClipRgn (hdc=0x890107ee, hrgn=0x1b0407de) returned 2
[0282.200] DeleteObject (ho=0x8a040807) returned 1
[0282.200] DeleteObject (ho=0x1b0407de) returned 1
[0282.200] OffsetViewportOrgEx (in: hdc=0x890107ee, x=0, y=0, lppt=0x2e06bf8 | out: lppt=0x2e06bf8) returned 1
[0282.200] GetNearestColor (hdc=0x890107ee, color=0xf0f0f0) returned 0xf0f0f0
[0282.200] CreateSolidBrush (color=0xf0f0f0) returned 0x1b1007e1
[0282.200] FillRect (hDC=0x890107ee, lprc=0xd7e15c, hbr=0x1b1007e1) returned 1
[0282.238] DeleteObject (ho=0x1b1007e1) returned 1
[0282.238] RestoreDC (hdc=0x890107ee, nSavedDC=-1) returned 1
[0282.238] GdipReleaseDC (graphics=0x6600030, hdc=0x890107ee) returned 0x0
[0282.238] GdipRestoreGraphics (graphics=0x6600030, state=0xf6a20dbd) returned 0x0
[0282.238] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0282.238] GetWindowTextLengthW (hWnd=0x2e02dc) returned 232
[0282.238] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0282.238] GetSystemMetrics (nIndex=42) returned 0
[0282.239] GetWindowTextW (in: hWnd=0x2e02dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0282.239] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0282.239] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0282.239] GetCurrentObject (hdc=0x890107ee, type=0x1) returned 0xb00017
[0282.239] GetCurrentObject (hdc=0x890107ee, type=0x2) returned 0x900010
[0282.239] GetCurrentObject (hdc=0x890107ee, type=0x7) returned 0x540507e6
[0282.239] GetCurrentObject (hdc=0x890107ee, type=0x6) returned 0x8a01c2
[0282.239] SaveDC (hdc=0x890107ee) returned 1
[0282.239] GetNearestColor (hdc=0x890107ee, color=0x0) returned 0x0
[0282.239] RestoreDC (hdc=0x890107ee, nSavedDC=-1) returned 1
[0282.239] GdipReleaseDC (graphics=0x6600030, hdc=0x890107ee) returned 0x0
[0282.240] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0282.240] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0282.240] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e073f4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0282.240] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0282.241] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0282.241] GetCurrentObject (hdc=0x890107ee, type=0x1) returned 0xb00017
[0282.241] GetCurrentObject (hdc=0x890107ee, type=0x2) returned 0x900010
[0282.241] GetCurrentObject (hdc=0x890107ee, type=0x7) returned 0x540507e6
[0282.241] GetCurrentObject (hdc=0x890107ee, type=0x6) returned 0x8a01c2
[0282.241] SaveDC (hdc=0x890107ee) returned 1
[0282.241] GetTextAlign (hdc=0x890107ee) returned 0x0
[0282.241] GetTextColor (hdc=0x890107ee) returned 0x0
[0282.241] GetCurrentObject (hdc=0x890107ee, type=0x6) returned 0x8a01c2
[0282.241] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0282.241] SelectObject (hdc=0x890107ee, h=0x6d0a0520) returned 0x8a01c2
[0282.241] GetBkMode (hdc=0x890107ee) returned 2
[0282.241] SetBkMode (hdc=0x890107ee, mode=1) returned 2
[0282.242] DrawTextExW (in: hdc=0x890107ee, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e07618 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0282.245] RestoreDC (hdc=0x890107ee, nSavedDC=-1) returned 1
[0282.245] GdipReleaseDC (graphics=0x6600030, hdc=0x890107ee) returned 0x0
[0282.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0282.245] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0x890107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.245] GdipReleaseDC (graphics=0x6600030, hdc=0x890107ee) returned 0x0
[0282.245] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.245] SelectObject (hdc=0x890107ee, h=0x85000f) returned 0x540507e6
[0282.246] DeleteDC (hdc=0x890107ee) returned 1
[0282.246] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.246] DeleteObject (ho=0x540507e6) returned 1
[0282.246] EndPaint (hWnd=0x2e02dc, lpPaint=0xd7e258) returned 1
[0282.247] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0282.249] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.250] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0282.250] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.250] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.251] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0282.252] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.252] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.252] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.252] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.252] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.253] IsWindowUnicode (hWnd=0x3002d8) returned 1
[0282.253] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.254] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.254] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.254] BeginPaint (in: hWnd=0x3002d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0282.254] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.254] CreateCompatibleDC (hdc=0x10105d6) returned 0x570107e6
[0282.254] SelectObject (hdc=0x570107e6, h=0x4a0507fe) returned 0x85000f
[0282.254] GdipCreateFromHDC (hdc=0x570107e6, graphics=0xd7e268) returned 0x0
[0282.254] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.254] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0282.254] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0282.254] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0282.254] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0282.255] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.255] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0282.255] LocalFree (hMem=0x11eec58) returned 0x0
[0282.255] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0282.255] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0282.255] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0282.255] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0282.255] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0282.255] GdipRestoreGraphics (graphics=0x6600030, state=0xf6a00dbd) returned 0x0
[0282.255] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0282.255] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0282.255] GetCurrentObject (hdc=0x570107e6, type=0x1) returned 0xb00017
[0282.255] GetCurrentObject (hdc=0x570107e6, type=0x2) returned 0x900010
[0282.255] GetCurrentObject (hdc=0x570107e6, type=0x7) returned 0x4a0507fe
[0282.255] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.255] SaveDC (hdc=0x570107e6) returned 1
[0282.255] GetNearestColor (hdc=0x570107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.256] GetNearestColor (hdc=0x570107e6, color=0xa0a0a0) returned 0xa0a0a0
[0282.256] GetNearestColor (hdc=0x570107e6, color=0x696969) returned 0x696969
[0282.256] GetNearestColor (hdc=0x570107e6, color=0xa0a0a0) returned 0xa0a0a0
[0282.256] GetNearestColor (hdc=0x570107e6, color=0x0) returned 0x0
[0282.256] GetNearestColor (hdc=0x570107e6, color=0xffffff) returned 0xffffff
[0282.256] GetNearestColor (hdc=0x570107e6, color=0xe5e5e5) returned 0xe5e5e5
[0282.256] GetNearestColor (hdc=0x570107e6, color=0xd7d7d7) returned 0xd7d7d7
[0282.256] GetNearestColor (hdc=0x570107e6, color=0x0) returned 0x0
[0282.256] RestoreDC (hdc=0x570107e6, nSavedDC=-1) returned 1
[0282.256] GdipReleaseDC (graphics=0x6600030, hdc=0x570107e6) returned 0x0
[0282.256] IsAppThemed () returned 0x1
[0282.256] GetThemeAppProperties () returned 0x3
[0282.256] GetThemeAppProperties () returned 0x3
[0282.256] GdipGetImageWidth (image=0x6603778, width=0xd7e168) returned 0x0
[0282.257] GdipGetImageHeight (image=0x6603778, height=0xd7e168) returned 0x0
[0282.257] IsAppThemed () returned 0x1
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e07d68 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0282.257] IsAppThemed () returned 0x1
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] IsAppThemed () returned 0x1
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] GetFocus () returned 0x3002d8
[0282.257] IsAppThemed () returned 0x1
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] GetThemeAppProperties () returned 0x3
[0282.257] IsAppThemed () returned 0x1
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] IsThemePartDefined () returned 0x1
[0282.258] IsAppThemed () returned 0x1
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0282.258] IsAppThemed () returned 0x1
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] IsAppThemed () returned 0x1
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] GetThemeAppProperties () returned 0x3
[0282.258] IsThemePartDefined () returned 0x1
[0282.258] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0282.258] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0282.258] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0282.258] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0282.258] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0282.258] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.258] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0282.259] LocalFree (hMem=0x11eec58) returned 0x0
[0282.259] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.259] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0282.259] LocalFree (hMem=0x11ee788) returned 0x0
[0282.259] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0282.259] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0282.259] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0282.259] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0282.259] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0282.259] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0282.259] GetCurrentObject (hdc=0x570107e6, type=0x1) returned 0xb00017
[0282.259] GetCurrentObject (hdc=0x570107e6, type=0x2) returned 0x900010
[0282.259] GetCurrentObject (hdc=0x570107e6, type=0x7) returned 0x4a0507fe
[0282.259] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.259] SaveDC (hdc=0x570107e6) returned 1
[0282.259] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1c0407de
[0282.259] GetClipRgn (hdc=0x570107e6, hrgn=0x1c0407de) returned 0
[0282.260] SelectClipRgn (hdc=0x570107e6, hrgn=0x8e040807) returned 2
[0282.260] DeleteObject (ho=0x1c0407de) returned 1
[0282.260] DeleteObject (ho=0x8e040807) returned 1
[0282.260] OffsetViewportOrgEx (in: hdc=0x570107e6, x=0, y=0, lppt=0x2e08418 | out: lppt=0x2e08418) returned 1
[0282.260] DrawThemeParentBackground () returned 0x0
[0282.260] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0282.260] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0282.260] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.260] GetSystemMetrics (nIndex=42) returned 0
[0282.260] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0282.260] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0282.260] GetCurrentObject (hdc=0x570107e6, type=0x1) returned 0xb00017
[0282.260] GetCurrentObject (hdc=0x570107e6, type=0x2) returned 0x900010
[0282.260] GetCurrentObject (hdc=0x570107e6, type=0x7) returned 0x4a0507fe
[0282.261] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.261] SaveDC (hdc=0x570107e6) returned 2
[0282.261] GetNearestColor (hdc=0x570107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.261] CreateSolidBrush (color=0xf0f0f0) returned 0x1c1007e1
[0282.261] FillRect (hDC=0x570107e6, lprc=0xd7da38, hbr=0x1c1007e1) returned 1
[0282.261] DeleteObject (ho=0x1c1007e1) returned 1
[0282.261] RestoreDC (hdc=0x570107e6, nSavedDC=-1) returned 1
[0282.261] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.261] GetSystemMetrics (nIndex=42) returned 0
[0282.261] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0282.261] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0282.261] GetCurrentObject (hdc=0x570107e6, type=0x1) returned 0xb00017
[0282.261] GetCurrentObject (hdc=0x570107e6, type=0x2) returned 0x900010
[0282.261] GetCurrentObject (hdc=0x570107e6, type=0x7) returned 0x4a0507fe
[0282.261] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.261] SaveDC (hdc=0x570107e6) returned 2
[0282.262] GetNearestColor (hdc=0x570107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.262] CreateSolidBrush (color=0xf0f0f0) returned 0x1d1007e1
[0282.262] FillRect (hDC=0x570107e6, lprc=0xd7d9d8, hbr=0x1d1007e1) returned 1
[0282.262] DeleteObject (ho=0x1d1007e1) returned 1
[0282.262] RestoreDC (hdc=0x570107e6, nSavedDC=-1) returned 1
[0282.262] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.262] GetSystemMetrics (nIndex=42) returned 0
[0282.262] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0282.262] RestoreDC (hdc=0x570107e6, nSavedDC=-1) returned 1
[0282.262] GdipReleaseDC (graphics=0x6600030, hdc=0x570107e6) returned 0x0
[0282.262] IsAppThemed () returned 0x1
[0282.269] GetThemeAppProperties () returned 0x3
[0282.269] GetThemeAppProperties () returned 0x3
[0282.269] IsAppThemed () returned 0x1
[0282.269] GetThemeAppProperties () returned 0x3
[0282.269] GetThemeAppProperties () returned 0x3
[0282.269] IsThemePartDefined () returned 0x1
[0282.269] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0282.269] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0282.269] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0282.269] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0282.269] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df74) returned 0x0
[0282.269] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0282.269] LocalFree (hMem=0x11ee910) returned 0x0
[0282.269] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0282.269] LocalFree (hMem=0x11eec58) returned 0x0
[0282.269] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0282.269] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0282.269] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0282.270] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0282.270] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0282.270] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0282.270] GetCurrentObject (hdc=0x570107e6, type=0x1) returned 0xb00017
[0282.270] GetCurrentObject (hdc=0x570107e6, type=0x2) returned 0x900010
[0282.270] GetCurrentObject (hdc=0x570107e6, type=0x7) returned 0x4a0507fe
[0282.270] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.270] SaveDC (hdc=0x570107e6) returned 1
[0282.270] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8f040807
[0282.270] GetClipRgn (hdc=0x570107e6, hrgn=0x8f040807) returned 0
[0282.270] SelectClipRgn (hdc=0x570107e6, hrgn=0x1e0407de) returned 2
[0282.270] DeleteObject (ho=0x8f040807) returned 1
[0282.270] DeleteObject (ho=0x1e0407de) returned 1
[0282.270] OffsetViewportOrgEx (in: hdc=0x570107e6, x=0, y=0, lppt=0x2e08cc4 | out: lppt=0x2e08cc4) returned 1
[0282.270] IsAppThemed () returned 0x1
[0282.271] GetThemeAppProperties () returned 0x3
[0282.271] GetThemeAppProperties () returned 0x3
[0282.271] DrawThemeBackground () returned 0x0
[0282.271] RestoreDC (hdc=0x570107e6, nSavedDC=-1) returned 1
[0282.271] GdipReleaseDC (graphics=0x6600030, hdc=0x570107e6) returned 0x0
[0282.271] GdipCreateRegion (region=0xd7df60) returned 0x0
[0282.271] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0282.271] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0282.271] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0282.271] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df78) returned 0x0
[0282.271] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.271] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0282.271] LocalFree (hMem=0x11ee788) returned 0x0
[0282.271] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0282.271] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eed00) returned 0x0
[0282.271] LocalFree (hMem=0x11eed00) returned 0x0
[0282.271] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0282.271] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0282.272] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0282.272] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0282.272] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0282.272] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0282.272] GetCurrentObject (hdc=0x570107e6, type=0x1) returned 0xb00017
[0282.272] GetCurrentObject (hdc=0x570107e6, type=0x2) returned 0x900010
[0282.272] GetCurrentObject (hdc=0x570107e6, type=0x7) returned 0x4a0507fe
[0282.272] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.272] SaveDC (hdc=0x570107e6) returned 1
[0282.272] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f0407de
[0282.272] GetClipRgn (hdc=0x570107e6, hrgn=0x1f0407de) returned 0
[0282.272] SelectClipRgn (hdc=0x570107e6, hrgn=0x90040807) returned 2
[0282.272] DeleteObject (ho=0x1f0407de) returned 1
[0282.272] DeleteObject (ho=0x90040807) returned 1
[0282.272] OffsetViewportOrgEx (in: hdc=0x570107e6, x=0, y=0, lppt=0x2e08f98 | out: lppt=0x2e08f98) returned 1
[0282.272] IsAppThemed () returned 0x1
[0282.273] GetThemeAppProperties () returned 0x3
[0282.273] GetThemeAppProperties () returned 0x3
[0282.273] GetThemeBackgroundContentRect () returned 0x0
[0282.273] RestoreDC (hdc=0x570107e6, nSavedDC=-1) returned 1
[0282.273] GdipReleaseDC (graphics=0x6600030, hdc=0x570107e6) returned 0x0
[0282.273] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0282.273] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0282.273] GdipCloneRegion (region=0x66463b8, cloneRegion=0xd7e150) returned 0x0
[0282.273] GdipCombineRegionRectI (region=0x6645e18, rect=0xd7e138, combineMode=0x1) returned 0x0
[0282.273] GdipCombineRegionRectI (region=0x6645e18, rect=0xd7e138, combineMode=0x1) returned 0x0
[0282.273] GdipSetClipRegion (graphics=0x6600030, region=0x6645e18, combineMode=0x0) returned 0x0
[0282.273] GdipGetImageWidth (image=0x6603778, width=0xd7e154) returned 0x0
[0282.273] GdipGetImageHeight (image=0x6603778, height=0xd7e148) returned 0x0
[0282.273] GdipDrawImageRectI (graphics=0x6600030, image=0x6603778, x=4, y=4, width=16, height=16) returned 0x0
[0282.273] GdipSetClipRegion (graphics=0x6600030, region=0x66463b8, combineMode=0x0) returned 0x0
[0282.273] IsAppThemed () returned 0x1
[0282.274] GetThemeAppProperties () returned 0x3
[0282.274] GetThemeAppProperties () returned 0x3
[0282.274] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0282.274] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0282.274] GetCurrentObject (hdc=0x570107e6, type=0x1) returned 0xb00017
[0282.274] GetCurrentObject (hdc=0x570107e6, type=0x2) returned 0x900010
[0282.274] GetCurrentObject (hdc=0x570107e6, type=0x7) returned 0x4a0507fe
[0282.274] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.274] SaveDC (hdc=0x570107e6) returned 1
[0282.274] GetTextAlign (hdc=0x570107e6) returned 0x0
[0282.274] GetTextColor (hdc=0x570107e6) returned 0x0
[0282.274] GetCurrentObject (hdc=0x570107e6, type=0x6) returned 0x8a01c2
[0282.274] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0282.274] SelectObject (hdc=0x570107e6, h=0x6d0a0520) returned 0x8a01c2
[0282.275] GetBkMode (hdc=0x570107e6) returned 2
[0282.275] SetBkMode (hdc=0x570107e6, mode=1) returned 2
[0282.275] DrawTextExW (in: hdc=0x570107e6, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e09358 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0282.275] DrawTextExW (in: hdc=0x570107e6, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e09358 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0282.275] RestoreDC (hdc=0x570107e6, nSavedDC=-1) returned 1
[0282.276] GdipReleaseDC (graphics=0x6600030, hdc=0x570107e6) returned 0x0
[0282.276] GetFocus () returned 0x3002d8
[0282.276] IsAppThemed () returned 0x1
[0282.276] GetThemeAppProperties () returned 0x3
[0282.276] GetThemeAppProperties () returned 0x3
[0282.276] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0282.276] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x570107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.276] GdipReleaseDC (graphics=0x6600030, hdc=0x570107e6) returned 0x0
[0282.276] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.276] SelectObject (hdc=0x570107e6, h=0x85000f) returned 0x4a0507fe
[0282.276] DeleteDC (hdc=0x570107e6) returned 1
[0282.276] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.276] EndPaint (hWnd=0x3002d8, lpPaint=0xd7e24c) returned 1
[0282.276] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.276] IsWindowUnicode (hWnd=0x2302d0) returned 1
[0282.276] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.277] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.277] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.277] BeginPaint (in: hWnd=0x2302d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0282.277] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.277] CreateCompatibleDC (hdc=0x60100ce) returned 0x590107e6
[0282.277] SelectObject (hdc=0x590107e6, h=0x4a0507fe) returned 0x85000f
[0282.277] GdipCreateFromHDC (hdc=0x590107e6, graphics=0xd7e268) returned 0x0
[0282.277] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.277] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0282.277] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0282.277] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0282.277] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0282.277] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0282.277] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0282.277] LocalFree (hMem=0x11ee868) returned 0x0
[0282.277] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0282.277] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0282.278] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0282.278] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0282.278] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0282.278] GdipRestoreGraphics (graphics=0x6600030, state=0xf69e0dbd) returned 0x0
[0282.278] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0282.278] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0282.278] GetCurrentObject (hdc=0x590107e6, type=0x1) returned 0xb00017
[0282.278] GetCurrentObject (hdc=0x590107e6, type=0x2) returned 0x900010
[0282.278] GetCurrentObject (hdc=0x590107e6, type=0x7) returned 0x4a0507fe
[0282.278] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.278] SaveDC (hdc=0x590107e6) returned 1
[0282.278] GetNearestColor (hdc=0x590107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.278] GetNearestColor (hdc=0x590107e6, color=0xa0a0a0) returned 0xa0a0a0
[0282.279] GetNearestColor (hdc=0x590107e6, color=0x696969) returned 0x696969
[0282.279] GetNearestColor (hdc=0x590107e6, color=0xa0a0a0) returned 0xa0a0a0
[0282.279] GetNearestColor (hdc=0x590107e6, color=0x0) returned 0x0
[0282.279] GetNearestColor (hdc=0x590107e6, color=0xffffff) returned 0xffffff
[0282.279] GetNearestColor (hdc=0x590107e6, color=0xe5e5e5) returned 0xe5e5e5
[0282.279] GetNearestColor (hdc=0x590107e6, color=0xd7d7d7) returned 0xd7d7d7
[0282.279] GetNearestColor (hdc=0x590107e6, color=0x0) returned 0x0
[0282.279] RestoreDC (hdc=0x590107e6, nSavedDC=-1) returned 1
[0282.279] GdipReleaseDC (graphics=0x6600030, hdc=0x590107e6) returned 0x0
[0282.279] IsAppThemed () returned 0x1
[0282.279] GetThemeAppProperties () returned 0x3
[0282.279] GetThemeAppProperties () returned 0x3
[0282.279] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0282.279] SendMessageW (hWnd=0x2402ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0282.279] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0282.279] IsAppThemed () returned 0x1
[0282.279] GetThemeAppProperties () returned 0x3
[0282.279] GetThemeAppProperties () returned 0x3
[0282.279] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e09b68 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0282.280] IsAppThemed () returned 0x1
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] IsAppThemed () returned 0x1
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] IsAppThemed () returned 0x1
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] IsAppThemed () returned 0x1
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] IsThemePartDefined () returned 0x1
[0282.280] IsAppThemed () returned 0x1
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0282.280] IsAppThemed () returned 0x1
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] IsAppThemed () returned 0x1
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] GetThemeAppProperties () returned 0x3
[0282.280] IsThemePartDefined () returned 0x1
[0282.280] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0282.281] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0282.281] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0282.281] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0282.281] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfe4) returned 0x0
[0282.281] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.281] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0282.281] LocalFree (hMem=0x11ee788) returned 0x0
[0282.281] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0282.281] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0282.281] LocalFree (hMem=0x11ee9f0) returned 0x0
[0282.281] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0282.281] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0282.281] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0282.281] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0282.281] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0282.281] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0282.281] GetCurrentObject (hdc=0x590107e6, type=0x1) returned 0xb00017
[0282.281] GetCurrentObject (hdc=0x590107e6, type=0x2) returned 0x900010
[0282.281] GetCurrentObject (hdc=0x590107e6, type=0x7) returned 0x4a0507fe
[0282.281] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.281] SaveDC (hdc=0x590107e6) returned 1
[0282.281] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x91040807
[0282.282] GetClipRgn (hdc=0x590107e6, hrgn=0x91040807) returned 0
[0282.282] SelectClipRgn (hdc=0x590107e6, hrgn=0x230407de) returned 2
[0282.282] DeleteObject (ho=0x91040807) returned 1
[0282.282] DeleteObject (ho=0x230407de) returned 1
[0282.282] OffsetViewportOrgEx (in: hdc=0x590107e6, x=0, y=0, lppt=0x2e0a218 | out: lppt=0x2e0a218) returned 1
[0282.282] DrawThemeParentBackground () returned 0x0
[0282.282] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0282.282] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0282.282] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.282] GetSystemMetrics (nIndex=42) returned 0
[0282.282] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0282.282] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0282.282] GetCurrentObject (hdc=0x590107e6, type=0x1) returned 0xb00017
[0282.282] GetCurrentObject (hdc=0x590107e6, type=0x2) returned 0x900010
[0282.282] GetCurrentObject (hdc=0x590107e6, type=0x7) returned 0x4a0507fe
[0282.282] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.282] SaveDC (hdc=0x590107e6) returned 2
[0282.282] GetNearestColor (hdc=0x590107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.283] CreateSolidBrush (color=0xf0f0f0) returned 0x1e1007e1
[0282.283] FillRect (hDC=0x590107e6, lprc=0xd7da30, hbr=0x1e1007e1) returned 1
[0282.283] DeleteObject (ho=0x1e1007e1) returned 1
[0282.283] RestoreDC (hdc=0x590107e6, nSavedDC=-1) returned 1
[0282.283] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.283] GetSystemMetrics (nIndex=42) returned 0
[0282.283] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0282.283] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0282.283] GetCurrentObject (hdc=0x590107e6, type=0x1) returned 0xb00017
[0282.283] GetCurrentObject (hdc=0x590107e6, type=0x2) returned 0x900010
[0282.283] GetCurrentObject (hdc=0x590107e6, type=0x7) returned 0x4a0507fe
[0282.283] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.283] SaveDC (hdc=0x590107e6) returned 2
[0282.283] GetNearestColor (hdc=0x590107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.283] CreateSolidBrush (color=0xf0f0f0) returned 0x1f1007e1
[0282.283] FillRect (hDC=0x590107e6, lprc=0xd7d9d0, hbr=0x1f1007e1) returned 1
[0282.283] DeleteObject (ho=0x1f1007e1) returned 1
[0282.283] RestoreDC (hdc=0x590107e6, nSavedDC=-1) returned 1
[0282.284] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.284] GetSystemMetrics (nIndex=42) returned 0
[0282.284] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0282.284] RestoreDC (hdc=0x590107e6, nSavedDC=-1) returned 1
[0282.284] GdipReleaseDC (graphics=0x6600030, hdc=0x590107e6) returned 0x0
[0282.284] IsAppThemed () returned 0x1
[0282.284] GetThemeAppProperties () returned 0x3
[0282.284] GetThemeAppProperties () returned 0x3
[0282.284] IsAppThemed () returned 0x1
[0282.284] GetThemeAppProperties () returned 0x3
[0282.284] GetThemeAppProperties () returned 0x3
[0282.284] IsThemePartDefined () returned 0x1
[0282.284] GdipCreateRegion (region=0xd7df50) returned 0x0
[0282.284] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0282.284] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0282.284] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0282.284] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df68) returned 0x0
[0282.284] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0282.284] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eea98) returned 0x0
[0282.285] LocalFree (hMem=0x11eea98) returned 0x0
[0282.285] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0282.285] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eead0) returned 0x0
[0282.285] LocalFree (hMem=0x11eead0) returned 0x0
[0282.285] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0282.285] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0282.285] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0282.285] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0282.285] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0282.285] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0282.285] GetCurrentObject (hdc=0x590107e6, type=0x1) returned 0xb00017
[0282.285] GetCurrentObject (hdc=0x590107e6, type=0x2) returned 0x900010
[0282.285] GetCurrentObject (hdc=0x590107e6, type=0x7) returned 0x4a0507fe
[0282.285] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.285] SaveDC (hdc=0x590107e6) returned 1
[0282.285] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x240407de
[0282.285] GetClipRgn (hdc=0x590107e6, hrgn=0x240407de) returned 0
[0282.285] SelectClipRgn (hdc=0x590107e6, hrgn=0x93040807) returned 2
[0282.285] DeleteObject (ho=0x240407de) returned 1
[0282.285] DeleteObject (ho=0x93040807) returned 1
[0282.285] OffsetViewportOrgEx (in: hdc=0x590107e6, x=0, y=0, lppt=0x2e0aac4 | out: lppt=0x2e0aac4) returned 1
[0282.286] IsAppThemed () returned 0x1
[0282.286] GetThemeAppProperties () returned 0x3
[0282.286] GetThemeAppProperties () returned 0x3
[0282.286] DrawThemeBackground () returned 0x0
[0282.286] RestoreDC (hdc=0x590107e6, nSavedDC=-1) returned 1
[0282.286] GdipReleaseDC (graphics=0x6600030, hdc=0x590107e6) returned 0x0
[0282.286] GdipCreateRegion (region=0xd7df54) returned 0x0
[0282.286] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0282.286] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0282.286] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0282.286] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df6c) returned 0x0
[0282.286] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0282.286] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0282.286] LocalFree (hMem=0x11ee868) returned 0x0
[0282.286] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0282.286] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea98) returned 0x0
[0282.286] LocalFree (hMem=0x11eea98) returned 0x0
[0282.286] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0282.286] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0282.286] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0282.286] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0282.286] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0282.287] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0282.287] GetCurrentObject (hdc=0x590107e6, type=0x1) returned 0xb00017
[0282.287] GetCurrentObject (hdc=0x590107e6, type=0x2) returned 0x900010
[0282.287] GetCurrentObject (hdc=0x590107e6, type=0x7) returned 0x4a0507fe
[0282.287] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.287] SaveDC (hdc=0x590107e6) returned 1
[0282.287] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x94040807
[0282.287] GetClipRgn (hdc=0x590107e6, hrgn=0x94040807) returned 0
[0282.287] SelectClipRgn (hdc=0x590107e6, hrgn=0x250407de) returned 2
[0282.287] DeleteObject (ho=0x94040807) returned 1
[0282.287] DeleteObject (ho=0x250407de) returned 1
[0282.287] OffsetViewportOrgEx (in: hdc=0x590107e6, x=0, y=0, lppt=0x2e0ad98 | out: lppt=0x2e0ad98) returned 1
[0282.287] IsAppThemed () returned 0x1
[0282.287] GetThemeAppProperties () returned 0x3
[0282.287] GetThemeAppProperties () returned 0x3
[0282.287] GetThemeBackgroundContentRect () returned 0x0
[0282.287] RestoreDC (hdc=0x590107e6, nSavedDC=-1) returned 1
[0282.287] GdipReleaseDC (graphics=0x6600030, hdc=0x590107e6) returned 0x0
[0282.287] IsAppThemed () returned 0x1
[0282.287] GetThemeAppProperties () returned 0x3
[0282.287] GetThemeAppProperties () returned 0x3
[0282.288] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0282.288] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0282.288] GetCurrentObject (hdc=0x590107e6, type=0x1) returned 0xb00017
[0282.288] GetCurrentObject (hdc=0x590107e6, type=0x2) returned 0x900010
[0282.288] GetCurrentObject (hdc=0x590107e6, type=0x7) returned 0x4a0507fe
[0282.288] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.288] SaveDC (hdc=0x590107e6) returned 1
[0282.288] GetTextAlign (hdc=0x590107e6) returned 0x0
[0282.288] GetTextColor (hdc=0x590107e6) returned 0x0
[0282.288] GetCurrentObject (hdc=0x590107e6, type=0x6) returned 0x8a01c2
[0282.288] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0282.288] SelectObject (hdc=0x590107e6, h=0x6d0a0520) returned 0x8a01c2
[0282.288] GetBkMode (hdc=0x590107e6) returned 2
[0282.288] SetBkMode (hdc=0x590107e6, mode=1) returned 2
[0282.288] DrawTextExW (in: hdc=0x590107e6, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e0b138 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0282.289] DrawTextExW (in: hdc=0x590107e6, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e0b138 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0282.289] RestoreDC (hdc=0x590107e6, nSavedDC=-1) returned 1
[0282.289] GdipReleaseDC (graphics=0x6600030, hdc=0x590107e6) returned 0x0
[0282.289] GetFocus () returned 0x3002d8
[0282.289] IsAppThemed () returned 0x1
[0282.289] GetThemeAppProperties () returned 0x3
[0282.289] GetThemeAppProperties () returned 0x3
[0282.289] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0282.289] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x590107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.289] GdipReleaseDC (graphics=0x6600030, hdc=0x590107e6) returned 0x0
[0282.289] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.289] SelectObject (hdc=0x590107e6, h=0x85000f) returned 0x4a0507fe
[0282.289] DeleteDC (hdc=0x590107e6) returned 1
[0282.289] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.289] EndPaint (hWnd=0x2302d0, lpPaint=0xd7e24c) returned 1
[0282.290] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.290] IsWindowUnicode (hWnd=0x2802c8) returned 1
[0282.290] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.290] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.290] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.290] BeginPaint (in: hWnd=0x2802c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0282.290] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.290] CreateCompatibleDC (hdc=0xc0107c5) returned 0x5b0107e6
[0282.290] SelectObject (hdc=0x5b0107e6, h=0x4a0507fe) returned 0x85000f
[0282.290] GdipCreateFromHDC (hdc=0x5b0107e6, graphics=0xd7e268) returned 0x0
[0282.290] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.290] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0282.290] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0282.290] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0282.290] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0282.291] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee910) returned 0x0
[0282.291] LocalFree (hMem=0x11ee910) returned 0x0
[0282.291] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0282.291] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0282.291] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0282.291] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0282.291] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0282.291] GdipRestoreGraphics (graphics=0x6600030, state=0xf69c0dbd) returned 0x0
[0282.291] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0282.291] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0282.291] GetCurrentObject (hdc=0x5b0107e6, type=0x1) returned 0xb00017
[0282.291] GetCurrentObject (hdc=0x5b0107e6, type=0x2) returned 0x900010
[0282.291] GetCurrentObject (hdc=0x5b0107e6, type=0x7) returned 0x4a0507fe
[0282.291] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.291] SaveDC (hdc=0x5b0107e6) returned 1
[0282.291] GetNearestColor (hdc=0x5b0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.291] GetNearestColor (hdc=0x5b0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0282.291] GetNearestColor (hdc=0x5b0107e6, color=0x696969) returned 0x696969
[0282.291] GetNearestColor (hdc=0x5b0107e6, color=0xa0a0a0) returned 0xa0a0a0
[0282.291] GetNearestColor (hdc=0x5b0107e6, color=0x0) returned 0x0
[0282.291] GetNearestColor (hdc=0x5b0107e6, color=0xffffff) returned 0xffffff
[0282.291] GetNearestColor (hdc=0x5b0107e6, color=0xe5e5e5) returned 0xe5e5e5
[0282.292] GetNearestColor (hdc=0x5b0107e6, color=0xd7d7d7) returned 0xd7d7d7
[0282.292] GetNearestColor (hdc=0x5b0107e6, color=0x0) returned 0x0
[0282.292] RestoreDC (hdc=0x5b0107e6, nSavedDC=-1) returned 1
[0282.292] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107e6) returned 0x0
[0282.292] IsAppThemed () returned 0x1
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0282.292] SendMessageW (hWnd=0x2402ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0282.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0282.292] IsAppThemed () returned 0x1
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e0b948 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0282.292] IsAppThemed () returned 0x1
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] IsAppThemed () returned 0x1
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] GetThemeAppProperties () returned 0x3
[0282.292] GetFocus () returned 0x3002d8
[0282.293] IsAppThemed () returned 0x1
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] IsAppThemed () returned 0x1
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] IsThemePartDefined () returned 0x1
[0282.293] IsAppThemed () returned 0x1
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0282.293] IsAppThemed () returned 0x1
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] IsAppThemed () returned 0x1
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] GetThemeAppProperties () returned 0x3
[0282.293] IsThemePartDefined () returned 0x1
[0282.293] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0282.293] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0282.293] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0282.293] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0282.293] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dff0) returned 0x0
[0282.293] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0282.293] LocalFree (hMem=0x11eec58) returned 0x0
[0282.293] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0282.293] LocalFree (hMem=0x11eec58) returned 0x0
[0282.293] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0282.294] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0282.294] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0282.294] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0282.299] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0282.299] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0282.299] GetCurrentObject (hdc=0x5b0107e6, type=0x1) returned 0xb00017
[0282.299] GetCurrentObject (hdc=0x5b0107e6, type=0x2) returned 0x900010
[0282.299] GetCurrentObject (hdc=0x5b0107e6, type=0x7) returned 0x4a0507fe
[0282.299] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.299] SaveDC (hdc=0x5b0107e6) returned 1
[0282.299] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x260407de
[0282.299] GetClipRgn (hdc=0x5b0107e6, hrgn=0x260407de) returned 0
[0282.299] SelectClipRgn (hdc=0x5b0107e6, hrgn=0x98040807) returned 2
[0282.299] DeleteObject (ho=0x260407de) returned 1
[0282.299] DeleteObject (ho=0x98040807) returned 1
[0282.299] OffsetViewportOrgEx (in: hdc=0x5b0107e6, x=0, y=0, lppt=0x2e0bff8 | out: lppt=0x2e0bff8) returned 1
[0282.299] DrawThemeParentBackground () returned 0x0
[0282.300] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0282.300] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0282.300] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.300] GetSystemMetrics (nIndex=42) returned 0
[0282.300] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.300] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0282.300] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0282.300] GetCurrentObject (hdc=0x5b0107e6, type=0x1) returned 0xb00017
[0282.300] GetCurrentObject (hdc=0x5b0107e6, type=0x2) returned 0x900010
[0282.300] GetCurrentObject (hdc=0x5b0107e6, type=0x7) returned 0x4a0507fe
[0282.300] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.300] SaveDC (hdc=0x5b0107e6) returned 2
[0282.300] GetNearestColor (hdc=0x5b0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.300] CreateSolidBrush (color=0xf0f0f0) returned 0x201007e1
[0282.300] FillRect (hDC=0x5b0107e6, lprc=0xd7da38, hbr=0x201007e1) returned 1
[0282.301] DeleteObject (ho=0x201007e1) returned 1
[0282.301] RestoreDC (hdc=0x5b0107e6, nSavedDC=-1) returned 1
[0282.301] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.301] GetSystemMetrics (nIndex=42) returned 0
[0282.301] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0282.301] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0282.301] GetCurrentObject (hdc=0x5b0107e6, type=0x1) returned 0xb00017
[0282.301] GetCurrentObject (hdc=0x5b0107e6, type=0x2) returned 0x900010
[0282.301] GetCurrentObject (hdc=0x5b0107e6, type=0x7) returned 0x4a0507fe
[0282.301] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.301] SaveDC (hdc=0x5b0107e6) returned 2
[0282.301] GetNearestColor (hdc=0x5b0107e6, color=0xf0f0f0) returned 0xf0f0f0
[0282.301] CreateSolidBrush (color=0xf0f0f0) returned 0x211007e1
[0282.301] FillRect (hDC=0x5b0107e6, lprc=0xd7d9d8, hbr=0x211007e1) returned 1
[0282.301] DeleteObject (ho=0x211007e1) returned 1
[0282.302] RestoreDC (hdc=0x5b0107e6, nSavedDC=-1) returned 1
[0282.302] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.302] GetSystemMetrics (nIndex=42) returned 0
[0282.302] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0282.302] RestoreDC (hdc=0x5b0107e6, nSavedDC=-1) returned 1
[0282.302] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107e6) returned 0x0
[0282.302] IsAppThemed () returned 0x1
[0282.302] GetThemeAppProperties () returned 0x3
[0282.302] GetThemeAppProperties () returned 0x3
[0282.302] IsAppThemed () returned 0x1
[0282.302] GetThemeAppProperties () returned 0x3
[0282.302] GetThemeAppProperties () returned 0x3
[0282.302] IsThemePartDefined () returned 0x1
[0282.302] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0282.302] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0282.302] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0282.302] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0282.302] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0282.302] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0282.303] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eed00) returned 0x0
[0282.303] LocalFree (hMem=0x11eed00) returned 0x0
[0282.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0282.303] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0282.303] LocalFree (hMem=0x11ee910) returned 0x0
[0282.303] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0282.303] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0282.303] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0282.303] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0282.303] GdipDeleteRegion (region=0x6645488) returned 0x0
[0282.303] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0282.303] GetCurrentObject (hdc=0x5b0107e6, type=0x1) returned 0xb00017
[0282.303] GetCurrentObject (hdc=0x5b0107e6, type=0x2) returned 0x900010
[0282.303] GetCurrentObject (hdc=0x5b0107e6, type=0x7) returned 0x4a0507fe
[0282.303] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.303] SaveDC (hdc=0x5b0107e6) returned 1
[0282.303] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x99040807
[0282.303] GetClipRgn (hdc=0x5b0107e6, hrgn=0x99040807) returned 0
[0282.303] SelectClipRgn (hdc=0x5b0107e6, hrgn=0x280407de) returned 2
[0282.303] DeleteObject (ho=0x99040807) returned 1
[0282.303] DeleteObject (ho=0x280407de) returned 1
[0282.303] OffsetViewportOrgEx (in: hdc=0x5b0107e6, x=0, y=0, lppt=0x2e0c8a4 | out: lppt=0x2e0c8a4) returned 1
[0282.304] IsAppThemed () returned 0x1
[0282.304] GetThemeAppProperties () returned 0x3
[0282.304] GetThemeAppProperties () returned 0x3
[0282.304] DrawThemeBackground () returned 0x0
[0282.304] RestoreDC (hdc=0x5b0107e6, nSavedDC=-1) returned 1
[0282.304] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107e6) returned 0x0
[0282.304] GdipCreateRegion (region=0xd7df60) returned 0x0
[0282.304] GdipGetClip (graphics=0x6600030, region=0x66452d8) returned 0x0
[0282.304] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0282.304] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0282.304] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df78) returned 0x0
[0282.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0282.304] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0282.304] LocalFree (hMem=0x11ee868) returned 0x0
[0282.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0282.304] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0282.304] LocalFree (hMem=0x11ee9f0) returned 0x0
[0282.304] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0282.304] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0282.304] GdipIsInfiniteRegion (region=0x66452d8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0282.304] GdipGetRegionHRgn (region=0x66452d8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0282.304] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0282.304] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0282.305] GetCurrentObject (hdc=0x5b0107e6, type=0x1) returned 0xb00017
[0282.305] GetCurrentObject (hdc=0x5b0107e6, type=0x2) returned 0x900010
[0282.305] GetCurrentObject (hdc=0x5b0107e6, type=0x7) returned 0x4a0507fe
[0282.305] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.305] SaveDC (hdc=0x5b0107e6) returned 1
[0282.305] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x290407de
[0282.305] GetClipRgn (hdc=0x5b0107e6, hrgn=0x290407de) returned 0
[0282.305] SelectClipRgn (hdc=0x5b0107e6, hrgn=0x9a040807) returned 2
[0282.305] DeleteObject (ho=0x290407de) returned 1
[0282.305] DeleteObject (ho=0x9a040807) returned 1
[0282.305] OffsetViewportOrgEx (in: hdc=0x5b0107e6, x=0, y=0, lppt=0x2e0cb78 | out: lppt=0x2e0cb78) returned 1
[0282.305] IsAppThemed () returned 0x1
[0282.305] GetThemeAppProperties () returned 0x3
[0282.305] GetThemeAppProperties () returned 0x3
[0282.305] GetThemeBackgroundContentRect () returned 0x0
[0282.305] RestoreDC (hdc=0x5b0107e6, nSavedDC=-1) returned 1
[0282.305] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107e6) returned 0x0
[0282.305] IsAppThemed () returned 0x1
[0282.305] GetThemeAppProperties () returned 0x3
[0282.305] GetThemeAppProperties () returned 0x3
[0282.305] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0282.305] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0282.305] GetCurrentObject (hdc=0x5b0107e6, type=0x1) returned 0xb00017
[0282.306] GetCurrentObject (hdc=0x5b0107e6, type=0x2) returned 0x900010
[0282.306] GetCurrentObject (hdc=0x5b0107e6, type=0x7) returned 0x4a0507fe
[0282.306] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.306] SaveDC (hdc=0x5b0107e6) returned 1
[0282.306] GetTextAlign (hdc=0x5b0107e6) returned 0x0
[0282.306] GetTextColor (hdc=0x5b0107e6) returned 0x0
[0282.306] GetCurrentObject (hdc=0x5b0107e6, type=0x6) returned 0x8a01c2
[0282.306] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0282.306] SelectObject (hdc=0x5b0107e6, h=0x6d0a0520) returned 0x8a01c2
[0282.306] GetBkMode (hdc=0x5b0107e6) returned 2
[0282.306] SetBkMode (hdc=0x5b0107e6, mode=1) returned 2
[0282.306] DrawTextExW (in: hdc=0x5b0107e6, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e0cf18 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0282.306] DrawTextExW (in: hdc=0x5b0107e6, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e0cf18 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0282.307] RestoreDC (hdc=0x5b0107e6, nSavedDC=-1) returned 1
[0282.307] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107e6) returned 0x0
[0282.307] GetFocus () returned 0x3002d8
[0282.307] IsAppThemed () returned 0x1
[0282.307] GetThemeAppProperties () returned 0x3
[0282.307] GetThemeAppProperties () returned 0x3
[0282.307] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0282.307] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x5b0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.307] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107e6) returned 0x0
[0282.307] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.307] SelectObject (hdc=0x5b0107e6, h=0x85000f) returned 0x4a0507fe
[0282.307] DeleteDC (hdc=0x5b0107e6) returned 1
[0282.307] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.307] EndPaint (hWnd=0x2802c8, lpPaint=0xd7e24c) returned 1
[0282.308] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.308] IsWindowUnicode (hWnd=0x602c4) returned 1
[0282.308] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.308] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.308] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.308] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0282.308] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.308] CreateCompatibleDC (hdc=0x107b9) returned 0x5d0107e6
[0282.308] SelectObject (hdc=0x5d0107e6, h=0x4a0507fe) returned 0x85000f
[0282.308] GdipCreateFromHDC (hdc=0x5d0107e6, graphics=0xd7e268) returned 0x0
[0282.308] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.308] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0282.308] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0282.308] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0282.308] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0282.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.308] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0282.309] LocalFree (hMem=0x11eec58) returned 0x0
[0282.309] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0282.309] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0282.309] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0282.309] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0282.309] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0282.309] GdipRestoreGraphics (graphics=0x6600030, state=0xf69a0dbd) returned 0x0
[0282.309] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0282.309] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0282.309] GetCurrentObject (hdc=0x5d0107e6, type=0x1) returned 0xb00017
[0282.309] GetCurrentObject (hdc=0x5d0107e6, type=0x2) returned 0x900010
[0282.309] GetCurrentObject (hdc=0x5d0107e6, type=0x7) returned 0x4a0507fe
[0282.309] GetCurrentObject (hdc=0x5d0107e6, type=0x6) returned 0x8a01c2
[0282.309] SaveDC (hdc=0x5d0107e6) returned 1
[0282.309] GetNearestColor (hdc=0x5d0107e6, color=0xff) returned 0xff
[0282.309] GetNearestColor (hdc=0x5d0107e6, color=0x55) returned 0x55
[0282.309] GetNearestColor (hdc=0x5d0107e6, color=0x0) returned 0x0
[0282.309] GetNearestColor (hdc=0x5d0107e6, color=0x55) returned 0x55
[0282.309] GetNearestColor (hdc=0x5d0107e6, color=0x0) returned 0x0
[0282.309] GetNearestColor (hdc=0x5d0107e6, color=0x8080ff) returned 0x8080ff
[0282.310] GetNearestColor (hdc=0x5d0107e6, color=0x7373e5) returned 0x7373e5
[0282.310] GetNearestColor (hdc=0x5d0107e6, color=0xe5) returned 0xe5
[0282.310] GetNearestColor (hdc=0x5d0107e6, color=0x0) returned 0x0
[0282.310] RestoreDC (hdc=0x5d0107e6, nSavedDC=-1) returned 1
[0282.310] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e6) returned 0x0
[0282.310] IsAppThemed () returned 0x1
[0282.315] GetThemeAppProperties () returned 0x3
[0282.315] GetThemeAppProperties () returned 0x3
[0282.315] IsAppThemed () returned 0x1
[0282.315] GetThemeAppProperties () returned 0x3
[0282.315] GetThemeAppProperties () returned 0x3
[0282.315] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e0d6e0 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0282.315] IsAppThemed () returned 0x1
[0282.315] GetThemeAppProperties () returned 0x3
[0282.315] GetThemeAppProperties () returned 0x3
[0282.315] IsAppThemed () returned 0x1
[0282.315] GetThemeAppProperties () returned 0x3
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] GetFocus () returned 0x3002d8
[0282.316] IsAppThemed () returned 0x1
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] IsAppThemed () returned 0x1
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] IsThemePartDefined () returned 0x1
[0282.316] IsAppThemed () returned 0x1
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0282.316] IsAppThemed () returned 0x1
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] IsAppThemed () returned 0x1
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] GetThemeAppProperties () returned 0x3
[0282.316] IsThemePartDefined () returned 0x1
[0282.316] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0282.316] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0282.316] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0282.316] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0282.316] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dff0) returned 0x0
[0282.316] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0282.316] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0282.316] LocalFree (hMem=0x11ee910) returned 0x0
[0282.317] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0282.317] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0282.317] LocalFree (hMem=0x11ee9f0) returned 0x0
[0282.317] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0282.317] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e018) returned 0x0
[0282.317] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e008) returned 0x0
[0282.317] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0282.317] GdipDeleteRegion (region=0x6645518) returned 0x0
[0282.317] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0282.317] GetCurrentObject (hdc=0x5d0107e6, type=0x1) returned 0xb00017
[0282.317] GetCurrentObject (hdc=0x5d0107e6, type=0x2) returned 0x900010
[0282.317] GetCurrentObject (hdc=0x5d0107e6, type=0x7) returned 0x4a0507fe
[0282.317] GetCurrentObject (hdc=0x5d0107e6, type=0x6) returned 0x8a01c2
[0282.317] SaveDC (hdc=0x5d0107e6) returned 1
[0282.317] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9b040807
[0282.317] GetClipRgn (hdc=0x5d0107e6, hrgn=0x9b040807) returned 0
[0282.317] SelectClipRgn (hdc=0x5d0107e6, hrgn=0x2d0407de) returned 2
[0282.317] DeleteObject (ho=0x9b040807) returned 1
[0282.317] DeleteObject (ho=0x2d0407de) returned 1
[0282.317] OffsetViewportOrgEx (in: hdc=0x5d0107e6, x=0, y=0, lppt=0x2e0dd90 | out: lppt=0x2e0dd90) returned 1
[0282.317] DrawThemeParentBackground () returned 0x0
[0282.318] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0282.318] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0282.318] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0282.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.318] GetSystemMetrics (nIndex=42) returned 0
[0282.318] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0282.318] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0282.318] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0282.318] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0282.318] SelectPalette (hdc=0x5d0107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.318] GdipCreateFromHDC (hdc=0x5d0107e6, graphics=0xd7dac8) returned 0x0
[0282.318] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0282.318] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0282.318] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638a88) returned 0x0
[0282.318] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7daa0) returned 0x0
[0282.318] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0282.318] GdipCreateRegion (region=0xd7da88) returned 0x0
[0282.318] GdipGetClip (graphics=0x6639e10, region=0x6645128) returned 0x0
[0282.319] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6639e10, result=0xd7da94) returned 0x0
[0282.319] GdipDeleteRegion (region=0x6645128) returned 0x0
[0282.319] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dac0) returned 0x0
[0282.319] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0282.325] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659170, x=0, y=0, width=801, height=453) returned 0x0
[0282.325] GdipDeleteBrush (brush=0x6659170) returned 0x0
[0282.326] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0282.326] SelectPalette (hdc=0x5d0107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.326] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0282.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.326] GetSystemMetrics (nIndex=42) returned 0
[0282.326] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.326] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0282.327] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0282.327] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0282.327] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0282.327] SelectPalette (hdc=0x5d0107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.327] GdipCreateFromHDC (hdc=0x5d0107e6, graphics=0xd7da68) returned 0x0
[0282.327] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0282.327] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0282.327] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638db8) returned 0x0
[0282.327] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7da40) returned 0x0
[0282.327] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0282.327] GdipCreateRegion (region=0xd7da28) returned 0x0
[0282.327] GdipGetClip (graphics=0x6639e10, region=0x66455a8) returned 0x0
[0282.327] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6639e10, result=0xd7da34) returned 0x0
[0282.327] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0282.327] GdipSaveGraphics (graphics=0x6639e10, state=0xd7da60) returned 0x0
[0282.327] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0282.334] GdipFillRectangleI (graphics=0x6639e10, brush=0x66592a8, x=0, y=0, width=801, height=453) returned 0x0
[0282.334] GdipDeleteBrush (brush=0x66592a8) returned 0x0
[0282.335] GdipRestoreGraphics (graphics=0x6639e10, state=0xf6960dbd) returned 0x0
[0282.335] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0282.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.335] GetSystemMetrics (nIndex=42) returned 0
[0282.335] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0282.335] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0282.335] SelectPalette (hdc=0x5d0107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.335] RestoreDC (hdc=0x5d0107e6, nSavedDC=-1) returned 1
[0282.335] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e6) returned 0x0
[0282.336] IsAppThemed () returned 0x1
[0282.336] GetThemeAppProperties () returned 0x3
[0282.336] GetThemeAppProperties () returned 0x3
[0282.336] IsAppThemed () returned 0x1
[0282.336] GetThemeAppProperties () returned 0x3
[0282.336] GetThemeAppProperties () returned 0x3
[0282.336] IsThemePartDefined () returned 0x1
[0282.336] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0282.336] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0282.336] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0282.336] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0282.336] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0282.336] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.336] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0282.336] LocalFree (hMem=0x11eec58) returned 0x0
[0282.336] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.336] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0282.336] LocalFree (hMem=0x11ee788) returned 0x0
[0282.336] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0282.336] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0282.336] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0282.336] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0282.336] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0282.336] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0282.336] GetCurrentObject (hdc=0x5d0107e6, type=0x1) returned 0xb00017
[0282.337] GetCurrentObject (hdc=0x5d0107e6, type=0x2) returned 0x900010
[0282.337] GetCurrentObject (hdc=0x5d0107e6, type=0x7) returned 0x4a0507fe
[0282.337] GetCurrentObject (hdc=0x5d0107e6, type=0x6) returned 0x8a01c2
[0282.337] SaveDC (hdc=0x5d0107e6) returned 1
[0282.337] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2e0407de
[0282.337] GetClipRgn (hdc=0x5d0107e6, hrgn=0x2e0407de) returned 0
[0282.337] SelectClipRgn (hdc=0x5d0107e6, hrgn=0x9d040807) returned 2
[0282.337] DeleteObject (ho=0x2e0407de) returned 1
[0282.337] DeleteObject (ho=0x9d040807) returned 1
[0282.337] OffsetViewportOrgEx (in: hdc=0x5d0107e6, x=0, y=0, lppt=0x2e145e0 | out: lppt=0x2e145e0) returned 1
[0282.337] IsAppThemed () returned 0x1
[0282.337] GetThemeAppProperties () returned 0x3
[0282.337] GetThemeAppProperties () returned 0x3
[0282.337] DrawThemeBackground () returned 0x0
[0282.337] RestoreDC (hdc=0x5d0107e6, nSavedDC=-1) returned 1
[0282.337] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e6) returned 0x0
[0282.338] GdipCreateRegion (region=0xd7df60) returned 0x0
[0282.338] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0282.338] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0282.338] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0282.338] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0282.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.338] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0282.338] LocalFree (hMem=0x11eec58) returned 0x0
[0282.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0282.338] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0282.338] LocalFree (hMem=0x11eecc8) returned 0x0
[0282.338] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0282.338] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0282.338] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7df90) returned 0x0
[0282.338] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0282.338] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0282.338] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0282.338] GetCurrentObject (hdc=0x5d0107e6, type=0x1) returned 0xb00017
[0282.338] GetCurrentObject (hdc=0x5d0107e6, type=0x2) returned 0x900010
[0282.338] GetCurrentObject (hdc=0x5d0107e6, type=0x7) returned 0x4a0507fe
[0282.339] GetCurrentObject (hdc=0x5d0107e6, type=0x6) returned 0x8a01c2
[0282.339] SaveDC (hdc=0x5d0107e6) returned 1
[0282.339] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9e040807
[0282.339] GetClipRgn (hdc=0x5d0107e6, hrgn=0x9e040807) returned 0
[0282.339] SelectClipRgn (hdc=0x5d0107e6, hrgn=0x2f0407de) returned 2
[0282.339] DeleteObject (ho=0x9e040807) returned 1
[0282.339] DeleteObject (ho=0x2f0407de) returned 1
[0282.339] OffsetViewportOrgEx (in: hdc=0x5d0107e6, x=0, y=0, lppt=0x2e148b4 | out: lppt=0x2e148b4) returned 1
[0282.339] IsAppThemed () returned 0x1
[0282.339] GetThemeAppProperties () returned 0x3
[0282.339] GetThemeAppProperties () returned 0x3
[0282.339] GetThemeBackgroundContentRect () returned 0x0
[0282.339] RestoreDC (hdc=0x5d0107e6, nSavedDC=-1) returned 1
[0282.339] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e6) returned 0x0
[0282.339] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0282.339] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0282.339] GdipFillRectangleI (graphics=0x6600030, brush=0x666a850, x=4, y=4, width=67, height=15) returned 0x0
[0282.340] GdipDeleteBrush (brush=0x666a850) returned 0x0
[0282.340] IsAppThemed () returned 0x1
[0282.340] GetThemeAppProperties () returned 0x3
[0282.340] GetThemeAppProperties () returned 0x3
[0282.340] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0282.340] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0282.340] GetCurrentObject (hdc=0x5d0107e6, type=0x1) returned 0xb00017
[0282.340] GetCurrentObject (hdc=0x5d0107e6, type=0x2) returned 0x900010
[0282.340] GetCurrentObject (hdc=0x5d0107e6, type=0x7) returned 0x4a0507fe
[0282.340] GetCurrentObject (hdc=0x5d0107e6, type=0x6) returned 0x8a01c2
[0282.340] SaveDC (hdc=0x5d0107e6) returned 1
[0282.340] GetTextAlign (hdc=0x5d0107e6) returned 0x0
[0282.340] GetTextColor (hdc=0x5d0107e6) returned 0x0
[0282.340] GetCurrentObject (hdc=0x5d0107e6, type=0x6) returned 0x8a01c2
[0282.340] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0282.340] SelectObject (hdc=0x5d0107e6, h=0x6d0a0520) returned 0x8a01c2
[0282.341] GetBkMode (hdc=0x5d0107e6) returned 2
[0282.347] SetBkMode (hdc=0x5d0107e6, mode=1) returned 2
[0282.348] DrawTextExW (in: hdc=0x5d0107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e14c78 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0282.348] DrawTextExW (in: hdc=0x5d0107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e14c78 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0282.348] RestoreDC (hdc=0x5d0107e6, nSavedDC=-1) returned 1
[0282.348] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e6) returned 0x0
[0282.348] GetFocus () returned 0x3002d8
[0282.349] IsAppThemed () returned 0x1
[0282.349] GetThemeAppProperties () returned 0x3
[0282.349] GetThemeAppProperties () returned 0x3
[0282.349] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0282.349] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x5d0107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.349] GdipReleaseDC (graphics=0x6600030, hdc=0x5d0107e6) returned 0x0
[0282.349] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.349] SelectObject (hdc=0x5d0107e6, h=0x85000f) returned 0x4a0507fe
[0282.349] DeleteDC (hdc=0x5d0107e6) returned 1
[0282.349] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.349] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0282.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.350] IsWindowUnicode (hWnd=0x2302d0) returned 1
[0282.350] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.350] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.350] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.350] IsWindowUnicode (hWnd=0x2302d0) returned 1
[0282.350] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.350] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.350] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.350] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x2a1, wParam=0x0, lParam=0xc001b) returned 0x0
[0282.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.350] WaitMessage () returned 1
[0282.380] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.380] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.380] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.380] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.380] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.381] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.381] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.381] WaitMessage () returned 1
[0282.382] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.382] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.382] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.382] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.382] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.382] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.383] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.383] WaitMessage () returned 1
[0282.383] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.383] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.383] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.383] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.383] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.384] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.385] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.385] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.385] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.385] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.385] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.385] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.385] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.385] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.385] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.385] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.386] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.386] WaitMessage () returned 1
[0282.386] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.386] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.386] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.386] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.386] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.387] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.387] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.387] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.387] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.387] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.394] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.394] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.394] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.394] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.394] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.394] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.394] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.394] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.394] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.394] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.395] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.395] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.395] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.395] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.395] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.395] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.395] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.395] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.395] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.395] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.395] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.396] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0282.396] WaitMessage () returned 1
[0282.490] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.490] IsWindowUnicode (hWnd=0x2302d0) returned 1
[0282.490] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.491] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.491] GetDlgItem (hDlg=0x2402ce, nIDDlgItem=0) returned 0x0
[0282.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x210, wParam=0x201, lParam=0x6a00fc) returned 0x0
[0282.491] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x21, wParam=0x2402ce, lParam=0x2010001) returned 0x1
[0282.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x21, wParam=0x2402ce, lParam=0x2010001) returned 0x1
[0282.491] SetCursor (hCursor=0x10003) returned 0x10003
[0282.491] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.491] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.491] GetKeyState (nVirtKey=1) returned -127
[0282.491] GetKeyState (nVirtKey=2) returned 0
[0282.491] GetKeyState (nVirtKey=4) returned 0
[0282.491] GetKeyState (nVirtKey=5) returned 0
[0282.491] GetKeyState (nVirtKey=6) returned 0
[0282.491] IsWindowVisible (hWnd=0x2302d0) returned 1
[0282.491] IsWindowEnabled (hWnd=0x2302d0) returned 1
[0282.491] SetFocus (hWnd=0x2302d0) returned 0x3002d8
[0282.492] GetFocus () returned 0x2302d0
[0282.492] IsChild (hWndParent=0x2402ce, hWnd=0x2302d0) returned 1
[0282.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x8, wParam=0x2302d0, lParam=0x0) returned 0x0
[0282.492] GetCapture () returned 0x0
[0282.492] InvalidateRect (hWnd=0x3002d8, lpRect=0x0, bErase=0) returned 1
[0282.493] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0282.494] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0282.495] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.495] InvalidateRect (hWnd=0x3002d8, lpRect=0x0, bErase=0) returned 1
[0282.495] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.495] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x7, wParam=0x3002d8, lParam=0x0) returned 0x0
[0282.496] GetStockObject (i=5) returned 0x900015
[0282.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0282.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0282.496] GetDlgItem (hDlg=0x2402ce, nIDDlgItem=2294480) returned 0x2302d0
[0282.496] SendMessageW (hWnd=0x2302d0, Msg=0x202b, wParam=0x2302d0, lParam=0xd7dddc) returned 0x0
[0282.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x202b, wParam=0x2302d0, lParam=0xd7dddc) returned 0x0
[0282.496] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.497] GetFocus () returned 0x2302d0
[0282.497] GetFocus () returned 0x2302d0
[0282.497] GetFocus () returned 0x2302d0
[0282.497] GetKeyState (nVirtKey=1) returned -127
[0282.498] GetKeyState (nVirtKey=2) returned 0
[0282.498] GetKeyState (nVirtKey=4) returned 0
[0282.498] GetKeyState (nVirtKey=5) returned 0
[0282.498] GetKeyState (nVirtKey=6) returned 0
[0282.498] GetCapture () returned 0x0
[0282.498] SetCapture (hWnd=0x2302d0) returned 0x0
[0282.498] GetKeyState (nVirtKey=1) returned -127
[0282.498] GetKeyState (nVirtKey=2) returned 0
[0282.498] GetKeyState (nVirtKey=4) returned 0
[0282.498] GetKeyState (nVirtKey=5) returned 0
[0282.498] GetKeyState (nVirtKey=6) returned 0
[0282.498] NotifyWinEvent (event=0x800a, hwnd=0x2302d0, idObject=-4, idChild=0)
[0282.498] InvalidateRect (hWnd=0x2302d0, lpRect=0xd7e430, bErase=0) returned 1
[0282.498] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.498] IsWindowUnicode (hWnd=0x2302d0) returned 1
[0282.498] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.498] TranslateMessage (lpMsg=0xd7e808) returned 0
[0282.498] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0282.498] MapWindowPoints (in: hWndFrom=0x2302d0, hWndTo=0x0, lpPoints=0x2e14f1c, cPoints=0x1 | out: lpPoints=0x2e14f1c) returned 30999254
[0282.498] NotifyWinEvent (event=0x800a, hwnd=0x2302d0, idObject=-4, idChild=0)
[0282.498] InvalidateRect (hWnd=0x2302d0, lpRect=0xd7e3d0, bErase=0) returned 1
[0282.498] UpdateWindow (hWnd=0x2302d0) returned 1
[0282.498] BeginPaint (in: hWnd=0x2302d0, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0282.499] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.499] CreateCompatibleDC (hdc=0x60100ce) returned 0xdf010693
[0282.499] SelectObject (hdc=0xdf010693, h=0x4a0507fe) returned 0x85000f
[0282.499] GdipCreateFromHDC (hdc=0xdf010693, graphics=0xd7df00) returned 0x0
[0282.499] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.499] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0282.499] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0282.499] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0282.499] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df60) returned 0x0
[0282.499] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0282.499] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea98) returned 0x0
[0282.499] LocalFree (hMem=0x11eea98) returned 0x0
[0282.499] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0282.499] GdipCreateRegion (region=0xd7df48) returned 0x0
[0282.499] GdipGetClip (graphics=0x6600030, region=0x66451b8) returned 0x0
[0282.499] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0282.499] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0282.500] GdipRestoreGraphics (graphics=0x6600030, state=0xf6940dbd) returned 0x0
[0282.500] GdipDeleteRegion (region=0x66451b8) returned 0x0
[0282.500] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0282.500] GetCurrentObject (hdc=0xdf010693, type=0x1) returned 0xb00017
[0282.500] GetCurrentObject (hdc=0xdf010693, type=0x2) returned 0x900010
[0282.500] GetCurrentObject (hdc=0xdf010693, type=0x7) returned 0x4a0507fe
[0282.500] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.500] SaveDC (hdc=0xdf010693) returned 1
[0282.500] GetNearestColor (hdc=0xdf010693, color=0xf0f0f0) returned 0xf0f0f0
[0282.500] GetNearestColor (hdc=0xdf010693, color=0xa0a0a0) returned 0xa0a0a0
[0282.500] GetNearestColor (hdc=0xdf010693, color=0x696969) returned 0x696969
[0282.500] GetNearestColor (hdc=0xdf010693, color=0xa0a0a0) returned 0xa0a0a0
[0282.500] GetNearestColor (hdc=0xdf010693, color=0x0) returned 0x0
[0282.500] GetNearestColor (hdc=0xdf010693, color=0xffffff) returned 0xffffff
[0282.500] GetNearestColor (hdc=0xdf010693, color=0xe5e5e5) returned 0xe5e5e5
[0282.500] GetNearestColor (hdc=0xdf010693, color=0xd7d7d7) returned 0xd7d7d7
[0282.500] GetNearestColor (hdc=0xdf010693, color=0x0) returned 0x0
[0282.500] RestoreDC (hdc=0xdf010693, nSavedDC=-1) returned 1
[0282.501] GdipReleaseDC (graphics=0x6600030, hdc=0xdf010693) returned 0x0
[0282.501] IsAppThemed () returned 0x1
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] IsAppThemed () returned 0x1
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e15674 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0282.501] IsAppThemed () returned 0x1
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] IsAppThemed () returned 0x1
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] IsAppThemed () returned 0x1
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] IsAppThemed () returned 0x1
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] GetThemeAppProperties () returned 0x3
[0282.501] IsThemePartDefined () returned 0x1
[0282.502] IsAppThemed () returned 0x1
[0282.502] GetThemeAppProperties () returned 0x3
[0282.502] GetThemeAppProperties () returned 0x3
[0282.502] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0282.502] IsAppThemed () returned 0x1
[0282.502] GetThemeAppProperties () returned 0x3
[0282.502] GetThemeAppProperties () returned 0x3
[0282.502] IsAppThemed () returned 0x1
[0282.502] GetThemeAppProperties () returned 0x3
[0282.502] GetThemeAppProperties () returned 0x3
[0282.502] IsThemePartDefined () returned 0x1
[0282.502] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0282.502] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0282.502] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0282.502] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0282.502] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc7c) returned 0x0
[0282.502] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.502] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0282.502] LocalFree (hMem=0x11ee788) returned 0x0
[0282.502] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0282.502] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0282.502] LocalFree (hMem=0x11ee788) returned 0x0
[0282.502] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0282.502] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0282.502] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0282.502] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0282.503] GdipDeleteRegion (region=0x6645908) returned 0x0
[0282.503] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0282.503] GetCurrentObject (hdc=0xdf010693, type=0x1) returned 0xb00017
[0282.503] GetCurrentObject (hdc=0xdf010693, type=0x2) returned 0x900010
[0282.503] GetCurrentObject (hdc=0xdf010693, type=0x7) returned 0x4a0507fe
[0282.503] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.503] SaveDC (hdc=0xdf010693) returned 1
[0282.503] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x300407de
[0282.503] GetClipRgn (hdc=0xdf010693, hrgn=0x300407de) returned 0
[0282.503] SelectClipRgn (hdc=0xdf010693, hrgn=0xa2040807) returned 2
[0282.503] DeleteObject (ho=0x300407de) returned 1
[0282.503] DeleteObject (ho=0xa2040807) returned 1
[0282.503] OffsetViewportOrgEx (in: hdc=0xdf010693, x=0, y=0, lppt=0x2e15d24 | out: lppt=0x2e15d24) returned 1
[0282.503] DrawThemeParentBackground () returned 0x0
[0282.503] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0282.503] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0282.503] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.503] GetSystemMetrics (nIndex=42) returned 0
[0282.504] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0282.504] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0282.504] GetCurrentObject (hdc=0xdf010693, type=0x1) returned 0xb00017
[0282.504] GetCurrentObject (hdc=0xdf010693, type=0x2) returned 0x900010
[0282.504] GetCurrentObject (hdc=0xdf010693, type=0x7) returned 0x4a0507fe
[0282.504] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.504] SaveDC (hdc=0xdf010693) returned 2
[0282.504] GetNearestColor (hdc=0xdf010693, color=0xf0f0f0) returned 0xf0f0f0
[0282.504] CreateSolidBrush (color=0xf0f0f0) returned 0x221007e1
[0282.504] FillRect (hDC=0xdf010693, lprc=0xd7d6c8, hbr=0x221007e1) returned 1
[0282.504] DeleteObject (ho=0x221007e1) returned 1
[0282.504] RestoreDC (hdc=0xdf010693, nSavedDC=-1) returned 1
[0282.504] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.504] GetSystemMetrics (nIndex=42) returned 0
[0282.504] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0282.504] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0282.504] GetCurrentObject (hdc=0xdf010693, type=0x1) returned 0xb00017
[0282.504] GetCurrentObject (hdc=0xdf010693, type=0x2) returned 0x900010
[0282.505] GetCurrentObject (hdc=0xdf010693, type=0x7) returned 0x4a0507fe
[0282.505] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.505] SaveDC (hdc=0xdf010693) returned 2
[0282.505] GetNearestColor (hdc=0xdf010693, color=0xf0f0f0) returned 0xf0f0f0
[0282.505] CreateSolidBrush (color=0xf0f0f0) returned 0x231007e1
[0282.505] FillRect (hDC=0xdf010693, lprc=0xd7d668, hbr=0x231007e1) returned 1
[0282.505] DeleteObject (ho=0x231007e1) returned 1
[0282.505] RestoreDC (hdc=0xdf010693, nSavedDC=-1) returned 1
[0282.505] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.505] GetSystemMetrics (nIndex=42) returned 0
[0282.505] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0282.505] RestoreDC (hdc=0xdf010693, nSavedDC=-1) returned 1
[0282.505] GdipReleaseDC (graphics=0x6600030, hdc=0xdf010693) returned 0x0
[0282.505] IsAppThemed () returned 0x1
[0282.505] GetThemeAppProperties () returned 0x3
[0282.505] GetThemeAppProperties () returned 0x3
[0282.505] IsAppThemed () returned 0x1
[0282.506] GetThemeAppProperties () returned 0x3
[0282.506] GetThemeAppProperties () returned 0x3
[0282.506] IsThemePartDefined () returned 0x1
[0282.506] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0282.506] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0282.506] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0282.506] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0282.506] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dc00) returned 0x0
[0282.506] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.506] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0282.506] LocalFree (hMem=0x11eec58) returned 0x0
[0282.506] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0282.506] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0282.506] LocalFree (hMem=0x11ee9f0) returned 0x0
[0282.506] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0282.506] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0282.506] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0282.506] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0282.506] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0282.506] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0282.506] GetCurrentObject (hdc=0xdf010693, type=0x1) returned 0xb00017
[0282.506] GetCurrentObject (hdc=0xdf010693, type=0x2) returned 0x900010
[0282.506] GetCurrentObject (hdc=0xdf010693, type=0x7) returned 0x4a0507fe
[0282.506] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.507] SaveDC (hdc=0xdf010693) returned 1
[0282.507] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa3040807
[0282.507] GetClipRgn (hdc=0xdf010693, hrgn=0xa3040807) returned 0
[0282.507] SelectClipRgn (hdc=0xdf010693, hrgn=0x320407de) returned 2
[0282.507] DeleteObject (ho=0xa3040807) returned 1
[0282.507] DeleteObject (ho=0x320407de) returned 1
[0282.507] OffsetViewportOrgEx (in: hdc=0xdf010693, x=0, y=0, lppt=0x2e165d0 | out: lppt=0x2e165d0) returned 1
[0282.507] IsAppThemed () returned 0x1
[0282.507] GetThemeAppProperties () returned 0x3
[0282.507] GetThemeAppProperties () returned 0x3
[0282.507] DrawThemeBackground () returned 0x0
[0282.507] RestoreDC (hdc=0xdf010693, nSavedDC=-1) returned 1
[0282.507] GdipReleaseDC (graphics=0x6600030, hdc=0xdf010693) returned 0x0
[0282.507] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0282.507] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0282.507] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0282.507] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0282.507] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc04) returned 0x0
[0282.507] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0282.508] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0282.508] LocalFree (hMem=0x11eed00) returned 0x0
[0282.508] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0282.508] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0282.508] LocalFree (hMem=0x11ee9f0) returned 0x0
[0282.508] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0282.508] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0282.508] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0282.508] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0282.508] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0282.508] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0282.508] GetCurrentObject (hdc=0xdf010693, type=0x1) returned 0xb00017
[0282.508] GetCurrentObject (hdc=0xdf010693, type=0x2) returned 0x900010
[0282.508] GetCurrentObject (hdc=0xdf010693, type=0x7) returned 0x4a0507fe
[0282.508] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.508] SaveDC (hdc=0xdf010693) returned 1
[0282.508] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x330407de
[0282.509] GetClipRgn (hdc=0xdf010693, hrgn=0x330407de) returned 0
[0282.509] SelectClipRgn (hdc=0xdf010693, hrgn=0xa4040807) returned 2
[0282.509] DeleteObject (ho=0x330407de) returned 1
[0282.509] DeleteObject (ho=0xa4040807) returned 1
[0282.509] OffsetViewportOrgEx (in: hdc=0xdf010693, x=0, y=0, lppt=0x2e168a4 | out: lppt=0x2e168a4) returned 1
[0282.509] IsAppThemed () returned 0x1
[0282.509] GetThemeAppProperties () returned 0x3
[0282.509] GetThemeAppProperties () returned 0x3
[0282.509] GetThemeBackgroundContentRect () returned 0x0
[0282.509] RestoreDC (hdc=0xdf010693, nSavedDC=-1) returned 1
[0282.509] GdipReleaseDC (graphics=0x6600030, hdc=0xdf010693) returned 0x0
[0282.509] IsAppThemed () returned 0x1
[0282.509] GetThemeAppProperties () returned 0x3
[0282.509] GetThemeAppProperties () returned 0x3
[0282.509] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0282.509] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0282.510] GetCurrentObject (hdc=0xdf010693, type=0x1) returned 0xb00017
[0282.510] GetCurrentObject (hdc=0xdf010693, type=0x2) returned 0x900010
[0282.510] GetCurrentObject (hdc=0xdf010693, type=0x7) returned 0x4a0507fe
[0282.510] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.510] SaveDC (hdc=0xdf010693) returned 1
[0282.510] GetTextAlign (hdc=0xdf010693) returned 0x0
[0282.510] GetTextColor (hdc=0xdf010693) returned 0x0
[0282.510] GetCurrentObject (hdc=0xdf010693, type=0x6) returned 0x8a01c2
[0282.510] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0282.510] SelectObject (hdc=0xdf010693, h=0x6d0a0520) returned 0x8a01c2
[0282.510] GetBkMode (hdc=0xdf010693) returned 2
[0282.510] SetBkMode (hdc=0xdf010693, mode=1) returned 2
[0282.510] DrawTextExW (in: hdc=0xdf010693, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e16c44 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0282.511] DrawTextExW (in: hdc=0xdf010693, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e16c44 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0282.511] RestoreDC (hdc=0xdf010693, nSavedDC=-1) returned 1
[0282.511] GdipReleaseDC (graphics=0x6600030, hdc=0xdf010693) returned 0x0
[0282.511] GetFocus () returned 0x2302d0
[0282.511] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0282.511] SendMessageW (hWnd=0x2402ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0282.511] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0282.512] IsAppThemed () returned 0x1
[0282.512] GetThemeAppProperties () returned 0x3
[0282.512] GetThemeAppProperties () returned 0x3
[0282.512] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0282.512] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xdf010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.512] GdipReleaseDC (graphics=0x6600030, hdc=0xdf010693) returned 0x0
[0282.512] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.512] SelectObject (hdc=0xdf010693, h=0x85000f) returned 0x4a0507fe
[0282.512] DeleteDC (hdc=0xdf010693) returned 1
[0282.512] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.512] EndPaint (hWnd=0x2302d0, lpPaint=0xd7dee4) returned 1
[0282.515] MapWindowPoints (in: hWndFrom=0x2302d0, hWndTo=0x0, lpPoints=0x2e16d40, cPoints=0x1 | out: lpPoints=0x2e16d40) returned 30999254
[0282.515] WindowFromPoint (Point=0x2f1) returned 0x2302d0
[0282.516] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.516] NotifyWinEvent (event=0x800a, hwnd=0x2302d0, idObject=-4, idChild=0)
[0282.516] NotifyWinEvent (event=0x800c, hwnd=0x2302d0, idObject=-4, idChild=0)
[0282.516] GetCapture () returned 0x2302d0
[0282.516] ReleaseCapture () returned 1
[0282.516] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0282.516] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0282.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.517] IsWindow (hWnd=0x7005c) returned 1
[0282.517] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0282.517] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0282.517] IsWindow (hWnd=0x2402ce) returned 1
[0282.518] SetActiveWindow (hWnd=0x2402ce) returned 0x2402ce
[0282.518] IsWindow (hWnd=0x2402ce) returned 1
[0282.518] SetFocus (hWnd=0x2402ce) returned 0x2302d0
[0282.518] GetFocus () returned 0x2402ce
[0282.518] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x8, wParam=0x2402ce, lParam=0x0) returned 0x0
[0282.518] GetCapture () returned 0x0
[0282.518] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.519] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0282.521] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0282.522] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.522] GetFocus () returned 0x2402ce
[0282.523] SetFocus (hWnd=0x2302d0) returned 0x2402ce
[0282.523] GetFocus () returned 0x2302d0
[0282.523] IsChild (hWndParent=0x2402ce, hWnd=0x2302d0) returned 1
[0282.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x8, wParam=0x2302d0, lParam=0x0) returned 0x0
[0282.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0282.525] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0282.527] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x7, wParam=0x2402ce, lParam=0x0) returned 0x0
[0282.527] GetStockObject (i=5) returned 0x900015
[0282.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0282.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0282.528] GetDlgItem (hDlg=0x2402ce, nIDDlgItem=2294480) returned 0x2302d0
[0282.528] SendMessageW (hWnd=0x2302d0, Msg=0x202b, wParam=0x2302d0, lParam=0xd7ddcc) returned 0x0
[0282.528] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x202b, wParam=0x2302d0, lParam=0xd7ddcc) returned 0x0
[0282.528] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.530] GetWindowLongW (hWnd=0x2402ce, nIndex=-8) returned 458844
[0282.530] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0282.530] GetCurrentThreadId () returned 0xf50
[0282.530] IsWindow (hWnd=0x7005c) returned 1
[0282.530] IsWindow (hWnd=0x7005c) returned 1
[0282.530] IsWindowVisible (hWnd=0x7005c) returned 1
[0282.530] SetActiveWindow (hWnd=0x7005c) returned 0x2402ce
[0282.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0282.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0282.534] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0282.535] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0282.535] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0282.535] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0282.535] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0282.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2402ce) returned 0x1
[0282.540] GetFocus () returned 0x2302d0
[0282.540] SetFocus (hWnd=0x602c4) returned 0x2302d0
[0282.540] GetFocus () returned 0x602c4
[0282.540] IsChild (hWndParent=0x2402ce, hWnd=0x602c4) returned 0
[0282.540] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0282.540] GetCapture () returned 0x0
[0282.540] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.541] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0282.543] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0282.549] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.549] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0282.550] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0282.550] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0282.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2302d0, lParam=0x0) returned 0x0
[0282.550] GetStockObject (i=5) returned 0x900015
[0282.551] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0282.551] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed990) returned 0xc
[0282.551] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0282.551] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0282.551] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0282.551] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0282.553] GetFocus () returned 0x602c4
[0282.553] IsChild (hWndParent=0x2402ce, hWnd=0x602c4) returned 0
[0282.553] ShowWindow (hWnd=0x2402ce, nCmdShow=0) returned 1
[0282.554] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0282.554] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0282.555] GetWindowPlacement (in: hWnd=0x2402ce, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0282.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0282.555] GetClientRect (in: hWnd=0x2402ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0282.555] GetWindowRect (in: hWnd=0x2402ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0282.556] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0282.556] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0282.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0282.557] GetWindowLongW (hWnd=0x2402ce, nIndex=-20) returned 327945
[0282.557] DestroyWindow (hWnd=0x2402ce) returned 1
[0282.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0282.558] GetWindowTextLengthW (hWnd=0x2402ce) returned 13
[0282.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.558] GetSystemMetrics (nIndex=42) returned 0
[0282.558] GetWindowTextW (in: hWnd=0x2402ce, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0282.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0282.558] GetWindowTextLengthW (hWnd=0x2e02da) returned 0
[0282.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0282.558] GetSystemMetrics (nIndex=42) returned 0
[0282.558] GetWindowTextW (in: hWnd=0x2e02da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0282.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0282.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0282.558] GetWindowThreadProcessId (in: hWnd=0x3100ea, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0282.558] GetWindow (hWnd=0x3100ea, uCmd=0x5) returned 0x0
[0282.559] GetWindowLongW (hWnd=0x3100ea, nIndex=-20) returned 65792
[0282.559] DestroyWindow (hWnd=0x3100ea) returned 1
[0282.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0282.559] GetWindowTextLengthW (hWnd=0x3100ea) returned 25
[0282.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0282.559] GetSystemMetrics (nIndex=42) returned 0
[0282.559] GetWindowTextW (in: hWnd=0x3100ea, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0282.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0282.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0282.560] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3100ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.561] GetWindowTextLengthW (hWnd=0x2e02dc) returned 232
[0282.561] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0282.561] GetSystemMetrics (nIndex=42) returned 0
[0282.561] GetWindowTextW (in: hWnd=0x2e02dc, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0282.561] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0282.561] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0282.561] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0282.561] InvalidateRect (hWnd=0x2302d0, lpRect=0x0, bErase=0) returned 1
[0282.562] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0282.562] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0282.562] SendMessageW (hWnd=0x2e02de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0282.562] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0282.562] SendMessageW (hWnd=0x2e02de, Msg=0xb0, wParam=0x2de2bb0, lParam=0xd7e480) returned 0x0
[0282.562] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0xb0, wParam=0x2de2bb0, lParam=0xd7e480) returned 0x0
[0282.562] GetWindowTextLengthW (hWnd=0x2e02de) returned 4363
[0282.562] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0282.563] GetSystemMetrics (nIndex=42) returned 0
[0282.563] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0282.563] GetWindowTextW (in: hWnd=0x2e02de, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0282.563] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0282.563] CoTaskMemFree (pv=0x1202960)
[0282.563] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0282.563] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.565] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.567] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2302d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.569] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.570] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2e02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0282.572] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.573] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.573] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.573] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.573] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.573] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.573] IsWindowUnicode (hWnd=0x7005c) returned 1
[0282.573] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.574] SetCursor (hCursor=0x10003) returned 0x10003
[0282.574] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.574] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.574] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0282.574] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0282.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0282.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100233) returned 0x0
[0282.574] GetKeyState (nVirtKey=1) returned 1
[0282.574] GetKeyState (nVirtKey=2) returned 0
[0282.574] GetKeyState (nVirtKey=4) returned 0
[0282.574] GetKeyState (nVirtKey=5) returned 0
[0282.574] GetKeyState (nVirtKey=6) returned 0
[0282.574] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.575] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.588] IsWindowUnicode (hWnd=0x7005c) returned 1
[0282.589] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.589] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.589] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.589] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.589] IsWindowUnicode (hWnd=0x7005c) returned 1
[0282.589] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0282.590] SetCursor (hCursor=0x10003) returned 0x10003
[0282.590] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.590] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100233) returned 0x0
[0282.590] GetKeyState (nVirtKey=1) returned 1
[0282.590] GetKeyState (nVirtKey=2) returned 0
[0282.590] GetKeyState (nVirtKey=4) returned 0
[0282.590] GetKeyState (nVirtKey=5) returned 0
[0282.590] GetKeyState (nVirtKey=6) returned 0
[0282.590] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.591] IsWindowUnicode (hWnd=0x602c4) returned 1
[0282.591] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.591] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.591] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.591] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.594] IsWindowUnicode (hWnd=0x602c4) returned 1
[0282.594] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.594] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.594] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.594] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0282.594] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.594] CreateCompatibleDC (hdc=0x60100ce) returned 0x290107d0
[0282.595] SelectObject (hdc=0x290107d0, h=0x4a0507fe) returned 0x85000f
[0282.595] GdipCreateFromHDC (hdc=0x290107d0, graphics=0xd7e798) returned 0x0
[0282.595] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0282.595] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0282.595] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0282.595] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0282.595] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e7f8) returned 0x0
[0282.595] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0282.595] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0282.596] LocalFree (hMem=0x11ee8d8) returned 0x0
[0282.596] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0282.596] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0282.596] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0282.596] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0282.596] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0282.596] GdipRestoreGraphics (graphics=0x6600030, state=0xf6920dbd) returned 0x0
[0282.596] GdipDeleteRegion (region=0x6645128) returned 0x0
[0282.596] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0282.596] GetCurrentObject (hdc=0x290107d0, type=0x1) returned 0xb00017
[0282.596] GetCurrentObject (hdc=0x290107d0, type=0x2) returned 0x900010
[0282.596] GetCurrentObject (hdc=0x290107d0, type=0x7) returned 0x4a0507fe
[0282.597] GetCurrentObject (hdc=0x290107d0, type=0x6) returned 0x8a01c2
[0282.597] SaveDC (hdc=0x290107d0) returned 1
[0282.597] GetNearestColor (hdc=0x290107d0, color=0xff) returned 0xff
[0282.597] GetNearestColor (hdc=0x290107d0, color=0x55) returned 0x55
[0282.597] GetNearestColor (hdc=0x290107d0, color=0x0) returned 0x0
[0282.597] GetNearestColor (hdc=0x290107d0, color=0x55) returned 0x55
[0282.597] GetNearestColor (hdc=0x290107d0, color=0x0) returned 0x0
[0282.597] GetNearestColor (hdc=0x290107d0, color=0x8080ff) returned 0x8080ff
[0282.597] GetNearestColor (hdc=0x290107d0, color=0x7373e5) returned 0x7373e5
[0282.597] GetNearestColor (hdc=0x290107d0, color=0xe5) returned 0xe5
[0282.598] GetNearestColor (hdc=0x290107d0, color=0x0) returned 0x0
[0282.598] RestoreDC (hdc=0x290107d0, nSavedDC=-1) returned 1
[0282.598] GdipReleaseDC (graphics=0x6600030, hdc=0x290107d0) returned 0x0
[0282.598] IsAppThemed () returned 0x1
[0282.598] GetThemeAppProperties () returned 0x3
[0282.598] GetThemeAppProperties () returned 0x3
[0282.598] IsAppThemed () returned 0x1
[0282.598] GetThemeAppProperties () returned 0x3
[0282.598] GetThemeAppProperties () returned 0x3
[0282.598] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e1eaac | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0282.599] IsAppThemed () returned 0x1
[0282.599] GetThemeAppProperties () returned 0x3
[0282.599] GetThemeAppProperties () returned 0x3
[0282.599] IsAppThemed () returned 0x1
[0282.599] GetThemeAppProperties () returned 0x3
[0282.599] GetThemeAppProperties () returned 0x3
[0282.599] GetFocus () returned 0x602c4
[0282.599] IsAppThemed () returned 0x1
[0282.599] GetThemeAppProperties () returned 0x3
[0282.599] GetThemeAppProperties () returned 0x3
[0282.599] IsAppThemed () returned 0x1
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] IsThemePartDefined () returned 0x1
[0282.600] IsAppThemed () returned 0x1
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0282.600] IsAppThemed () returned 0x1
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] IsAppThemed () returned 0x1
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] GetThemeAppProperties () returned 0x3
[0282.600] IsThemePartDefined () returned 0x1
[0282.600] GdipCreateRegion (region=0xd7e508) returned 0x0
[0282.600] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0282.600] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0282.600] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0282.601] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e520) returned 0x0
[0282.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0282.601] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eed00) returned 0x0
[0282.601] LocalFree (hMem=0x11eed00) returned 0x0
[0282.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.601] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0282.601] LocalFree (hMem=0x11eec58) returned 0x0
[0282.601] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0282.601] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0282.601] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0282.601] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0282.601] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0282.601] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0282.601] GetCurrentObject (hdc=0x290107d0, type=0x1) returned 0xb00017
[0282.601] GetCurrentObject (hdc=0x290107d0, type=0x2) returned 0x900010
[0282.601] GetCurrentObject (hdc=0x290107d0, type=0x7) returned 0x4a0507fe
[0282.601] GetCurrentObject (hdc=0x290107d0, type=0x6) returned 0x8a01c2
[0282.602] SaveDC (hdc=0x290107d0) returned 1
[0282.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa5040807
[0282.602] GetClipRgn (hdc=0x290107d0, hrgn=0xa5040807) returned 0
[0282.602] SelectClipRgn (hdc=0x290107d0, hrgn=0x370407de) returned 2
[0282.602] DeleteObject (ho=0xa5040807) returned 1
[0282.602] DeleteObject (ho=0x370407de) returned 1
[0282.602] OffsetViewportOrgEx (in: hdc=0x290107d0, x=0, y=0, lppt=0x2e1f15c | out: lppt=0x2e1f15c) returned 1
[0282.602] DrawThemeParentBackground () returned 0x0
[0282.602] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0282.602] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0282.602] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0282.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.602] GetSystemMetrics (nIndex=42) returned 0
[0282.602] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0282.603] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0282.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0282.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0282.603] SelectPalette (hdc=0x290107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.603] GdipCreateFromHDC (hdc=0x290107d0, graphics=0xd7dff8) returned 0x0
[0282.604] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0282.604] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0282.604] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b48) returned 0x0
[0282.604] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfd0) returned 0x0
[0282.604] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0282.604] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0282.604] GdipGetClip (graphics=0x6639e10, region=0x6645d88) returned 0x0
[0282.604] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6639e10, result=0xd7dfc4) returned 0x0
[0282.604] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0282.604] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dff0) returned 0x0
[0282.605] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0282.614] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659b30, x=0, y=0, width=801, height=453) returned 0x0
[0282.614] GdipDeleteBrush (brush=0x6659b30) returned 0x0
[0282.616] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0282.616] SelectPalette (hdc=0x290107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.616] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0282.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.616] GetSystemMetrics (nIndex=42) returned 0
[0282.616] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0282.616] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0282.616] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0282.616] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0282.616] SelectPalette (hdc=0x290107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0282.616] GdipCreateFromHDC (hdc=0x290107d0, graphics=0xd7df98) returned 0x0
[0282.617] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0282.617] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0282.617] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cf8) returned 0x0
[0282.617] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df70) returned 0x0
[0282.617] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0282.617] GdipCreateRegion (region=0xd7df58) returned 0x0
[0282.617] GdipGetClip (graphics=0x6639e10, region=0x6645998) returned 0x0
[0282.617] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6639e10, result=0xd7df64) returned 0x0
[0282.617] GdipDeleteRegion (region=0x6645998) returned 0x0
[0282.617] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df90) returned 0x0
[0282.617] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0282.637] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659038, x=0, y=0, width=801, height=453) returned 0x0
[0282.637] GdipDeleteBrush (brush=0x6659038) returned 0x0
[0282.638] GdipRestoreGraphics (graphics=0x6639e10, state=0xf68e0dbd) returned 0x0
[0282.638] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0282.639] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0282.639] GetSystemMetrics (nIndex=42) returned 0
[0282.639] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0282.639] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0282.639] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0282.639] SelectPalette (hdc=0x290107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.639] RestoreDC (hdc=0x290107d0, nSavedDC=-1) returned 1
[0282.639] GdipReleaseDC (graphics=0x6600030, hdc=0x290107d0) returned 0x0
[0282.639] IsAppThemed () returned 0x1
[0282.639] GetThemeAppProperties () returned 0x3
[0282.639] GetThemeAppProperties () returned 0x3
[0282.639] IsAppThemed () returned 0x1
[0282.640] GetThemeAppProperties () returned 0x3
[0282.640] GetThemeAppProperties () returned 0x3
[0282.640] IsThemePartDefined () returned 0x1
[0282.640] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0282.640] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0282.640] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0282.640] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0282.640] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a4) returned 0x0
[0282.640] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.640] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0282.640] LocalFree (hMem=0x11eec58) returned 0x0
[0282.640] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0282.640] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0282.640] LocalFree (hMem=0x11ee868) returned 0x0
[0282.640] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0282.640] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0282.640] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0282.640] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0282.640] GdipDeleteRegion (region=0x6646178) returned 0x0
[0282.641] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0282.641] GetCurrentObject (hdc=0x290107d0, type=0x1) returned 0xb00017
[0282.641] GetCurrentObject (hdc=0x290107d0, type=0x2) returned 0x900010
[0282.641] GetCurrentObject (hdc=0x290107d0, type=0x7) returned 0x4a0507fe
[0282.641] GetCurrentObject (hdc=0x290107d0, type=0x6) returned 0x8a01c2
[0282.641] SaveDC (hdc=0x290107d0) returned 1
[0282.641] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x380407de
[0282.641] GetClipRgn (hdc=0x290107d0, hrgn=0x380407de) returned 0
[0282.641] SelectClipRgn (hdc=0x290107d0, hrgn=0xa7040807) returned 2
[0282.641] DeleteObject (ho=0x380407de) returned 1
[0282.641] DeleteObject (ho=0xa7040807) returned 1
[0282.641] OffsetViewportOrgEx (in: hdc=0x290107d0, x=0, y=0, lppt=0x2e259ac | out: lppt=0x2e259ac) returned 1
[0282.641] IsAppThemed () returned 0x1
[0282.641] GetThemeAppProperties () returned 0x3
[0282.641] GetThemeAppProperties () returned 0x3
[0282.641] DrawThemeBackground () returned 0x0
[0282.642] RestoreDC (hdc=0x290107d0, nSavedDC=-1) returned 1
[0282.642] GdipReleaseDC (graphics=0x6600030, hdc=0x290107d0) returned 0x0
[0282.642] GdipCreateRegion (region=0xd7e490) returned 0x0
[0282.642] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0282.642] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0282.642] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0282.642] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a8) returned 0x0
[0282.642] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0282.642] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0282.642] LocalFree (hMem=0x11ee868) returned 0x0
[0282.642] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0282.642] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0282.642] LocalFree (hMem=0x11eec58) returned 0x0
[0282.642] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0282.642] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0282.642] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0282.642] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0282.642] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0282.643] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0282.643] GetCurrentObject (hdc=0x290107d0, type=0x1) returned 0xb00017
[0282.643] GetCurrentObject (hdc=0x290107d0, type=0x2) returned 0x900010
[0282.643] GetCurrentObject (hdc=0x290107d0, type=0x7) returned 0x4a0507fe
[0282.643] GetCurrentObject (hdc=0x290107d0, type=0x6) returned 0x8a01c2
[0282.643] SaveDC (hdc=0x290107d0) returned 1
[0282.643] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa8040807
[0282.643] GetClipRgn (hdc=0x290107d0, hrgn=0xa8040807) returned 0
[0282.643] SelectClipRgn (hdc=0x290107d0, hrgn=0x390407de) returned 2
[0282.643] DeleteObject (ho=0xa8040807) returned 1
[0282.643] DeleteObject (ho=0x390407de) returned 1
[0282.643] OffsetViewportOrgEx (in: hdc=0x290107d0, x=0, y=0, lppt=0x2e25c80 | out: lppt=0x2e25c80) returned 1
[0282.643] IsAppThemed () returned 0x1
[0282.644] GetThemeAppProperties () returned 0x3
[0282.644] GetThemeAppProperties () returned 0x3
[0282.644] GetThemeBackgroundContentRect () returned 0x0
[0282.644] RestoreDC (hdc=0x290107d0, nSavedDC=-1) returned 1
[0282.644] GdipReleaseDC (graphics=0x6600030, hdc=0x290107d0) returned 0x0
[0282.644] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0282.644] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0282.644] GdipFillRectangleI (graphics=0x6600030, brush=0x666a850, x=4, y=4, width=67, height=15) returned 0x0
[0282.644] GdipDeleteBrush (brush=0x666a850) returned 0x0
[0282.644] IsAppThemed () returned 0x1
[0282.644] GetThemeAppProperties () returned 0x3
[0282.644] GetThemeAppProperties () returned 0x3
[0282.644] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0282.644] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0282.645] GetCurrentObject (hdc=0x290107d0, type=0x1) returned 0xb00017
[0282.645] GetCurrentObject (hdc=0x290107d0, type=0x2) returned 0x900010
[0282.645] GetCurrentObject (hdc=0x290107d0, type=0x7) returned 0x4a0507fe
[0282.645] GetCurrentObject (hdc=0x290107d0, type=0x6) returned 0x8a01c2
[0282.645] SaveDC (hdc=0x290107d0) returned 1
[0282.645] GetTextAlign (hdc=0x290107d0) returned 0x0
[0282.645] GetTextColor (hdc=0x290107d0) returned 0x0
[0282.645] GetCurrentObject (hdc=0x290107d0, type=0x6) returned 0x8a01c2
[0282.645] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0282.645] SelectObject (hdc=0x290107d0, h=0x6d0a0520) returned 0x8a01c2
[0282.645] GetBkMode (hdc=0x290107d0) returned 2
[0282.645] SetBkMode (hdc=0x290107d0, mode=1) returned 2
[0282.645] DrawTextExW (in: hdc=0x290107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e26044 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0282.646] DrawTextExW (in: hdc=0x290107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e26044 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0282.649] RestoreDC (hdc=0x290107d0, nSavedDC=-1) returned 1
[0282.649] GdipReleaseDC (graphics=0x6600030, hdc=0x290107d0) returned 0x0
[0282.649] GetFocus () returned 0x602c4
[0282.649] IsAppThemed () returned 0x1
[0282.649] GetThemeAppProperties () returned 0x3
[0282.649] GetThemeAppProperties () returned 0x3
[0282.649] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0282.650] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x290107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0282.650] GdipReleaseDC (graphics=0x6600030, hdc=0x290107d0) returned 0x0
[0282.650] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0282.650] SelectObject (hdc=0x290107d0, h=0x85000f) returned 0x4a0507fe
[0282.650] DeleteDC (hdc=0x290107d0) returned 1
[0282.650] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0282.650] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0282.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.650] WaitMessage () returned 1
[0282.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.651] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.651] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.651] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.651] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.652] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.652] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.652] WaitMessage () returned 1
[0282.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.678] IsWindowUnicode (hWnd=0x7005c) returned 1
[0282.678] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.678] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.678] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.678] IsWindowUnicode (hWnd=0x7005c) returned 1
[0282.678] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.678] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.678] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.678] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1100233) returned 0x0
[0282.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.678] WaitMessage () returned 1
[0282.689] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.689] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.689] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.689] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.689] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.690] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.690] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.690] WaitMessage () returned 1
[0282.692] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.692] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.692] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.692] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.692] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.693] WaitMessage () returned 1
[0282.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.696] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.696] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.696] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.696] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.697] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.698] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.698] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.698] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.698] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.698] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.698] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.698] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.698] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.698] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.698] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.699] WaitMessage () returned 1
[0282.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.699] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.700] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.700] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.700] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.711] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.712] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.712] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.712] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.712] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.712] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.713] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.713] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.713] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.722] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.722] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.723] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.723] WaitMessage () returned 1
[0282.725] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.725] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.725] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.725] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.725] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.727] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.727] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.727] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.727] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.728] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.728] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.728] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.728] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.729] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.729] WaitMessage () returned 1
[0282.729] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.729] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.729] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.729] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.729] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.731] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.731] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.731] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.731] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.731] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.732] IsWindowUnicode (hWnd=0x30122) returned 1
[0282.732] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.732] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.732] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.732] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.732] WaitMessage () returned 1
[0282.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.858] IsWindowUnicode (hWnd=0x502c6) returned 1
[0282.858] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0282.858] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0282.858] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0282.858] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.858] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0282.858] WaitMessage () returned 1
[0284.656] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f0105) returned 0x1
[0284.657] IsWindowUnicode (hWnd=0x602c4) returned 1
[0284.657] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.657] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0284.657] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0284.657] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0284.657] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.657] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f0105) returned 0x1
[0284.657] IsWindowUnicode (hWnd=0x602c4) returned 1
[0284.658] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f0105) returned 0x1
[0284.658] SetCursor (hCursor=0x10003) returned 0x10003
[0284.658] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0284.658] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0284.658] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0284.658] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0284.658] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0284.658] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0284.658] GetKeyState (nVirtKey=1) returned 1
[0284.658] GetKeyState (nVirtKey=2) returned 0
[0284.658] GetKeyState (nVirtKey=4) returned 0
[0284.658] GetKeyState (nVirtKey=5) returned 0
[0284.658] GetKeyState (nVirtKey=6) returned 0
[0284.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.658] IsWindowUnicode (hWnd=0x602c4) returned 1
[0284.658] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.659] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0284.659] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0284.659] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0284.659] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0284.659] CreateCompatibleDC (hdc=0x60100ce) returned 0x5b0107f3
[0284.659] SelectObject (hdc=0x5b0107f3, h=0x4a0507fe) returned 0x85000f
[0284.659] GdipCreateFromHDC (hdc=0x5b0107f3, graphics=0xd7e798) returned 0x0
[0284.659] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0284.659] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0284.659] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0284.659] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0284.660] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e7f8) returned 0x0
[0284.660] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0284.660] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0284.660] LocalFree (hMem=0x11ee788) returned 0x0
[0284.660] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0284.660] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0284.660] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0284.660] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0284.660] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0284.660] GdipRestoreGraphics (graphics=0x6600030, state=0xf68c0dbd) returned 0x0
[0284.660] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0284.660] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0284.660] GetCurrentObject (hdc=0x5b0107f3, type=0x1) returned 0xb00017
[0284.660] GetCurrentObject (hdc=0x5b0107f3, type=0x2) returned 0x900010
[0284.660] GetCurrentObject (hdc=0x5b0107f3, type=0x7) returned 0x4a0507fe
[0284.660] GetCurrentObject (hdc=0x5b0107f3, type=0x6) returned 0x8a01c2
[0284.660] SaveDC (hdc=0x5b0107f3) returned 1
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0xff) returned 0xff
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0x55) returned 0x55
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0x0) returned 0x0
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0x55) returned 0x55
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0x0) returned 0x0
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0x8080ff) returned 0x8080ff
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0x7373e5) returned 0x7373e5
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0xe5) returned 0xe5
[0284.661] GetNearestColor (hdc=0x5b0107f3, color=0x0) returned 0x0
[0284.661] RestoreDC (hdc=0x5b0107f3, nSavedDC=-1) returned 1
[0284.661] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107f3) returned 0x0
[0284.661] IsAppThemed () returned 0x1
[0284.661] GetThemeAppProperties () returned 0x3
[0284.661] GetThemeAppProperties () returned 0x3
[0284.661] IsAppThemed () returned 0x1
[0284.661] GetThemeAppProperties () returned 0x3
[0284.661] GetThemeAppProperties () returned 0x3
[0284.662] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e269b4 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0284.662] IsAppThemed () returned 0x1
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] IsAppThemed () returned 0x1
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] IsAppThemed () returned 0x1
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] IsAppThemed () returned 0x1
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] GetThemeAppProperties () returned 0x3
[0284.662] IsThemePartDefined () returned 0x1
[0284.662] IsAppThemed () returned 0x1
[0284.663] GetThemeAppProperties () returned 0x3
[0284.663] GetThemeAppProperties () returned 0x3
[0284.663] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0284.663] IsAppThemed () returned 0x1
[0284.663] GetThemeAppProperties () returned 0x3
[0284.663] GetThemeAppProperties () returned 0x3
[0284.663] IsAppThemed () returned 0x1
[0284.663] GetThemeAppProperties () returned 0x3
[0284.663] GetThemeAppProperties () returned 0x3
[0284.663] IsThemePartDefined () returned 0x1
[0284.663] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0284.663] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0284.663] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0284.663] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0284.663] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e514) returned 0x0
[0284.663] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0284.663] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0284.663] LocalFree (hMem=0x11eec58) returned 0x0
[0284.663] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0284.663] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0284.664] LocalFree (hMem=0x11eecc8) returned 0x0
[0284.664] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0284.664] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0284.664] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0284.664] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0284.664] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0284.664] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0284.664] GetCurrentObject (hdc=0x5b0107f3, type=0x1) returned 0xb00017
[0284.664] GetCurrentObject (hdc=0x5b0107f3, type=0x2) returned 0x900010
[0284.664] GetCurrentObject (hdc=0x5b0107f3, type=0x7) returned 0x4a0507fe
[0284.664] GetCurrentObject (hdc=0x5b0107f3, type=0x6) returned 0x8a01c2
[0284.664] SaveDC (hdc=0x5b0107f3) returned 1
[0284.664] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a0407de
[0284.664] GetClipRgn (hdc=0x5b0107f3, hrgn=0x3a0407de) returned 0
[0284.664] SelectClipRgn (hdc=0x5b0107f3, hrgn=0xac040807) returned 2
[0284.664] DeleteObject (ho=0x3a0407de) returned 1
[0284.664] DeleteObject (ho=0xac040807) returned 1
[0284.664] OffsetViewportOrgEx (in: hdc=0x5b0107f3, x=0, y=0, lppt=0x2e27064 | out: lppt=0x2e27064) returned 1
[0284.665] DrawThemeParentBackground () returned 0x0
[0284.665] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0284.665] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0284.665] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.665] GetSystemMetrics (nIndex=42) returned 0
[0284.665] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0284.665] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0284.665] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0284.665] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0284.665] SelectPalette (hdc=0x5b0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0284.665] GdipCreateFromHDC (hdc=0x5b0107f3, graphics=0xd7dff0) returned 0x0
[0284.666] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0284.666] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0284.666] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638d88) returned 0x0
[0284.666] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfc8) returned 0x0
[0284.666] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0284.666] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0284.666] GdipGetClip (graphics=0x6639e10, region=0x6645fc8) returned 0x0
[0284.666] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6639e10, result=0xd7dfbc) returned 0x0
[0284.666] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0284.666] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dfe8) returned 0x0
[0284.666] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0284.674] GdipFillRectangleI (graphics=0x6639e10, brush=0x6658dc8, x=0, y=0, width=801, height=453) returned 0x0
[0284.674] GdipDeleteBrush (brush=0x6658dc8) returned 0x0
[0284.675] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0284.675] SelectPalette (hdc=0x5b0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0284.675] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.675] GetSystemMetrics (nIndex=42) returned 0
[0284.675] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0284.675] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0284.675] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0284.675] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0284.676] SelectPalette (hdc=0x5b0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0284.676] GdipCreateFromHDC (hdc=0x5b0107f3, graphics=0xd7df90) returned 0x0
[0284.676] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0284.676] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0284.676] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638c38) returned 0x0
[0284.676] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df68) returned 0x0
[0284.676] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0284.676] GdipCreateRegion (region=0xd7df50) returned 0x0
[0284.676] GdipGetClip (graphics=0x6639e10, region=0x66455a8) returned 0x0
[0284.676] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6639e10, result=0xd7df5c) returned 0x0
[0284.676] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0284.676] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df88) returned 0x0
[0284.676] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0284.683] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659650, x=0, y=0, width=801, height=453) returned 0x0
[0284.683] GdipDeleteBrush (brush=0x6659650) returned 0x0
[0284.685] GdipRestoreGraphics (graphics=0x6639e10, state=0xf6880dbd) returned 0x0
[0284.685] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.685] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.685] GetSystemMetrics (nIndex=42) returned 0
[0284.685] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.685] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0284.685] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0284.685] SelectPalette (hdc=0x5b0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0284.685] RestoreDC (hdc=0x5b0107f3, nSavedDC=-1) returned 1
[0284.685] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107f3) returned 0x0
[0284.686] IsAppThemed () returned 0x1
[0284.686] GetThemeAppProperties () returned 0x3
[0284.686] GetThemeAppProperties () returned 0x3
[0284.686] IsAppThemed () returned 0x1
[0284.686] GetThemeAppProperties () returned 0x3
[0284.686] GetThemeAppProperties () returned 0x3
[0284.686] IsThemePartDefined () returned 0x1
[0284.686] GdipCreateRegion (region=0xd7e480) returned 0x0
[0284.686] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0284.686] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0284.686] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0284.686] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e498) returned 0x0
[0284.686] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0284.686] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0284.686] LocalFree (hMem=0x11eec58) returned 0x0
[0284.686] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0284.686] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0284.686] LocalFree (hMem=0x11ee868) returned 0x0
[0284.686] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0284.686] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0284.686] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0284.686] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0284.687] GdipDeleteRegion (region=0x6645518) returned 0x0
[0284.687] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0284.687] GetCurrentObject (hdc=0x5b0107f3, type=0x1) returned 0xb00017
[0284.687] GetCurrentObject (hdc=0x5b0107f3, type=0x2) returned 0x900010
[0284.687] GetCurrentObject (hdc=0x5b0107f3, type=0x7) returned 0x4a0507fe
[0284.687] GetCurrentObject (hdc=0x5b0107f3, type=0x6) returned 0x8a01c2
[0284.687] SaveDC (hdc=0x5b0107f3) returned 1
[0284.687] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xad040807
[0284.687] GetClipRgn (hdc=0x5b0107f3, hrgn=0xad040807) returned 0
[0284.687] SelectClipRgn (hdc=0x5b0107f3, hrgn=0x3c0407de) returned 2
[0284.687] DeleteObject (ho=0xad040807) returned 1
[0284.687] DeleteObject (ho=0x3c0407de) returned 1
[0284.687] OffsetViewportOrgEx (in: hdc=0x5b0107f3, x=0, y=0, lppt=0x2e2d8b4 | out: lppt=0x2e2d8b4) returned 1
[0284.687] IsAppThemed () returned 0x1
[0284.687] GetThemeAppProperties () returned 0x3
[0284.687] GetThemeAppProperties () returned 0x3
[0284.687] DrawThemeBackground () returned 0x0
[0284.687] RestoreDC (hdc=0x5b0107f3, nSavedDC=-1) returned 1
[0284.688] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107f3) returned 0x0
[0284.688] GdipCreateRegion (region=0xd7e484) returned 0x0
[0284.688] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0284.688] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0284.688] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0284.688] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e49c) returned 0x0
[0284.688] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0284.688] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee8d8) returned 0x0
[0284.688] LocalFree (hMem=0x11ee8d8) returned 0x0
[0284.688] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0284.688] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0284.688] LocalFree (hMem=0x11eec58) returned 0x0
[0284.688] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0284.688] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0284.688] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0284.688] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0284.688] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0284.688] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0284.688] GetCurrentObject (hdc=0x5b0107f3, type=0x1) returned 0xb00017
[0284.688] GetCurrentObject (hdc=0x5b0107f3, type=0x2) returned 0x900010
[0284.689] GetCurrentObject (hdc=0x5b0107f3, type=0x7) returned 0x4a0507fe
[0284.689] GetCurrentObject (hdc=0x5b0107f3, type=0x6) returned 0x8a01c2
[0284.689] SaveDC (hdc=0x5b0107f3) returned 1
[0284.689] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3d0407de
[0284.689] GetClipRgn (hdc=0x5b0107f3, hrgn=0x3d0407de) returned 0
[0284.689] SelectClipRgn (hdc=0x5b0107f3, hrgn=0xae040807) returned 2
[0284.689] DeleteObject (ho=0x3d0407de) returned 1
[0284.689] DeleteObject (ho=0xae040807) returned 1
[0284.689] OffsetViewportOrgEx (in: hdc=0x5b0107f3, x=0, y=0, lppt=0x2e2db88 | out: lppt=0x2e2db88) returned 1
[0284.689] IsAppThemed () returned 0x1
[0284.689] GetThemeAppProperties () returned 0x3
[0284.689] GetThemeAppProperties () returned 0x3
[0284.689] GetThemeBackgroundContentRect () returned 0x0
[0284.689] RestoreDC (hdc=0x5b0107f3, nSavedDC=-1) returned 1
[0284.689] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107f3) returned 0x0
[0284.689] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0284.689] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0284.690] GdipFillRectangleI (graphics=0x6600030, brush=0x666a850, x=4, y=4, width=67, height=15) returned 0x0
[0284.690] GdipDeleteBrush (brush=0x666a850) returned 0x0
[0284.690] IsAppThemed () returned 0x1
[0284.690] GetThemeAppProperties () returned 0x3
[0284.690] GetThemeAppProperties () returned 0x3
[0284.690] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0284.690] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0284.690] GetCurrentObject (hdc=0x5b0107f3, type=0x1) returned 0xb00017
[0284.690] GetCurrentObject (hdc=0x5b0107f3, type=0x2) returned 0x900010
[0284.690] GetCurrentObject (hdc=0x5b0107f3, type=0x7) returned 0x4a0507fe
[0284.690] GetCurrentObject (hdc=0x5b0107f3, type=0x6) returned 0x8a01c2
[0284.690] SaveDC (hdc=0x5b0107f3) returned 1
[0284.690] GetTextAlign (hdc=0x5b0107f3) returned 0x0
[0284.690] GetTextColor (hdc=0x5b0107f3) returned 0x0
[0284.690] GetCurrentObject (hdc=0x5b0107f3, type=0x6) returned 0x8a01c2
[0284.690] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0284.691] SelectObject (hdc=0x5b0107f3, h=0x6d0a0520) returned 0x8a01c2
[0284.691] GetBkMode (hdc=0x5b0107f3) returned 2
[0284.691] SetBkMode (hdc=0x5b0107f3, mode=1) returned 2
[0284.691] DrawTextExW (in: hdc=0x5b0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e2df4c | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0284.691] DrawTextExW (in: hdc=0x5b0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e2df4c | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0284.691] RestoreDC (hdc=0x5b0107f3, nSavedDC=-1) returned 1
[0284.692] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107f3) returned 0x0
[0284.692] GetFocus () returned 0x602c4
[0284.692] IsAppThemed () returned 0x1
[0284.692] GetThemeAppProperties () returned 0x3
[0284.692] GetThemeAppProperties () returned 0x3
[0284.692] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0284.692] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x5b0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0284.692] GdipReleaseDC (graphics=0x6600030, hdc=0x5b0107f3) returned 0x0
[0284.692] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0284.692] SelectObject (hdc=0x5b0107f3, h=0x85000f) returned 0x4a0507fe
[0284.693] DeleteDC (hdc=0x5b0107f3) returned 1
[0284.693] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0284.693] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0284.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0284.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0284.693] WaitMessage () returned 1
[0284.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.763] IsWindowUnicode (hWnd=0x602c4) returned 1
[0284.763] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.763] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0284.763] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0284.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.763] IsWindowUnicode (hWnd=0x602c4) returned 1
[0284.763] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.763] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0284.763] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0284.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x8002a) returned 0x0
[0284.764] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0284.764] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0284.764] WaitMessage () returned 1
[0284.892] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.892] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f0105) returned 0x1
[0284.892] IsWindowUnicode (hWnd=0x602c4) returned 1
[0284.892] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.892] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f0105) returned 0x1
[0284.893] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0284.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19a0047) returned 0x0
[0284.893] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0284.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0284.893] SetCursor (hCursor=0x10003) returned 0x10003
[0284.893] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0284.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0284.893] GetKeyState (nVirtKey=1) returned -128
[0284.893] GetKeyState (nVirtKey=2) returned 0
[0284.893] GetKeyState (nVirtKey=4) returned 0
[0284.893] GetKeyState (nVirtKey=5) returned 0
[0284.893] GetKeyState (nVirtKey=6) returned 0
[0284.893] IsWindowVisible (hWnd=0x602c4) returned 1
[0284.893] IsWindowEnabled (hWnd=0x602c4) returned 1
[0284.893] SetFocus (hWnd=0x602c4) returned 0x602c4
[0284.893] GetFocus () returned 0x602c4
[0284.893] GetFocus () returned 0x602c4
[0284.893] GetFocus () returned 0x602c4
[0284.894] GetKeyState (nVirtKey=1) returned -128
[0284.894] GetKeyState (nVirtKey=2) returned 0
[0284.894] GetKeyState (nVirtKey=4) returned 0
[0284.894] GetKeyState (nVirtKey=5) returned 0
[0284.894] GetKeyState (nVirtKey=6) returned 0
[0284.894] GetCapture () returned 0x0
[0284.894] SetCapture (hWnd=0x602c4) returned 0x0
[0284.894] GetKeyState (nVirtKey=1) returned -128
[0284.894] GetKeyState (nVirtKey=2) returned 0
[0284.894] GetKeyState (nVirtKey=4) returned 0
[0284.894] GetKeyState (nVirtKey=5) returned 0
[0284.894] GetKeyState (nVirtKey=6) returned 0
[0284.894] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0284.894] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0284.894] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.894] IsWindowUnicode (hWnd=0x602c4) returned 1
[0284.894] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0284.894] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0284.894] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0284.894] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e2e0d0, cPoints=0x1 | out: lpPoints=0x2e2e0d0) returned 40304859
[0284.894] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0284.894] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0284.894] UpdateWindow (hWnd=0x602c4) returned 1
[0284.894] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0284.895] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0284.895] CreateCompatibleDC (hdc=0x60100ce) returned 0x5c0107f3
[0284.895] SelectObject (hdc=0x5c0107f3, h=0x4a0507fe) returned 0x85000f
[0284.895] GdipCreateFromHDC (hdc=0x5c0107f3, graphics=0xd7e430) returned 0x0
[0284.895] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0284.895] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0284.895] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0284.895] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0284.895] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e490) returned 0x0
[0284.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0284.895] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0284.895] LocalFree (hMem=0x11ee8d8) returned 0x0
[0284.895] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0284.895] GdipCreateRegion (region=0xd7e478) returned 0x0
[0284.896] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0284.896] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e484) returned 0x0
[0284.896] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0284.896] GdipRestoreGraphics (graphics=0x6600030, state=0xf6860dbd) returned 0x0
[0284.896] GdipDeleteRegion (region=0x6645758) returned 0x0
[0284.896] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0284.896] GetCurrentObject (hdc=0x5c0107f3, type=0x1) returned 0xb00017
[0284.896] GetCurrentObject (hdc=0x5c0107f3, type=0x2) returned 0x900010
[0284.896] GetCurrentObject (hdc=0x5c0107f3, type=0x7) returned 0x4a0507fe
[0284.896] GetCurrentObject (hdc=0x5c0107f3, type=0x6) returned 0x8a01c2
[0284.896] SaveDC (hdc=0x5c0107f3) returned 1
[0284.896] GetNearestColor (hdc=0x5c0107f3, color=0xff) returned 0xff
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0x55) returned 0x55
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0x0) returned 0x0
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0x55) returned 0x55
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0x0) returned 0x0
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0x8080ff) returned 0x8080ff
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0x7373e5) returned 0x7373e5
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0xe5) returned 0xe5
[0284.897] GetNearestColor (hdc=0x5c0107f3, color=0x0) returned 0x0
[0284.897] RestoreDC (hdc=0x5c0107f3, nSavedDC=-1) returned 1
[0284.897] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107f3) returned 0x0
[0284.897] IsAppThemed () returned 0x1
[0284.897] GetThemeAppProperties () returned 0x3
[0284.897] GetThemeAppProperties () returned 0x3
[0284.897] IsAppThemed () returned 0x1
[0284.897] GetThemeAppProperties () returned 0x3
[0284.897] GetThemeAppProperties () returned 0x3
[0284.897] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e2e7ec | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0284.898] IsAppThemed () returned 0x1
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] IsAppThemed () returned 0x1
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] IsAppThemed () returned 0x1
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] IsAppThemed () returned 0x1
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] IsThemePartDefined () returned 0x1
[0284.898] IsAppThemed () returned 0x1
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0284.898] IsAppThemed () returned 0x1
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] GetThemeAppProperties () returned 0x3
[0284.898] IsAppThemed () returned 0x1
[0284.899] GetThemeAppProperties () returned 0x3
[0284.899] GetThemeAppProperties () returned 0x3
[0284.899] IsThemePartDefined () returned 0x1
[0284.899] GdipCreateRegion (region=0xd7e194) returned 0x0
[0284.899] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0284.899] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0284.899] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0284.899] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e1ac) returned 0x0
[0284.899] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0284.899] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0284.899] LocalFree (hMem=0x11ee788) returned 0x0
[0284.899] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0284.899] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea60) returned 0x0
[0284.899] LocalFree (hMem=0x11eea60) returned 0x0
[0284.899] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0284.899] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0284.899] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0284.899] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0284.899] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0284.899] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0284.899] GetCurrentObject (hdc=0x5c0107f3, type=0x1) returned 0xb00017
[0284.899] GetCurrentObject (hdc=0x5c0107f3, type=0x2) returned 0x900010
[0284.900] GetCurrentObject (hdc=0x5c0107f3, type=0x7) returned 0x4a0507fe
[0284.900] GetCurrentObject (hdc=0x5c0107f3, type=0x6) returned 0x8a01c2
[0284.900] SaveDC (hdc=0x5c0107f3) returned 1
[0284.900] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xaf040807
[0284.900] GetClipRgn (hdc=0x5c0107f3, hrgn=0xaf040807) returned 0
[0284.900] SelectClipRgn (hdc=0x5c0107f3, hrgn=0x410407de) returned 2
[0284.900] DeleteObject (ho=0xaf040807) returned 1
[0284.900] DeleteObject (ho=0x410407de) returned 1
[0284.900] OffsetViewportOrgEx (in: hdc=0x5c0107f3, x=0, y=0, lppt=0x2e2ee9c | out: lppt=0x2e2ee9c) returned 1
[0284.900] DrawThemeParentBackground () returned 0x0
[0284.900] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0284.900] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0284.900] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.900] GetSystemMetrics (nIndex=42) returned 0
[0284.900] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0284.901] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0284.901] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0284.901] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0284.901] SelectPalette (hdc=0x5c0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0284.901] GdipCreateFromHDC (hdc=0x5c0107f3, graphics=0xd7dc88) returned 0x0
[0284.901] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0284.901] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0284.901] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638bd8) returned 0x0
[0284.901] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc60) returned 0x0
[0284.901] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0284.901] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0284.901] GdipGetClip (graphics=0x6639e10, region=0x6645098) returned 0x0
[0284.901] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6639e10, result=0xd7dc54) returned 0x0
[0284.901] GdipDeleteRegion (region=0x6645098) returned 0x0
[0284.901] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc80) returned 0x0
[0284.901] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0284.909] GdipFillRectangleI (graphics=0x6639e10, brush=0x66598c0, x=0, y=0, width=801, height=453) returned 0x0
[0284.909] GdipDeleteBrush (brush=0x66598c0) returned 0x0
[0284.911] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0284.911] SelectPalette (hdc=0x5c0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0284.911] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.911] GetSystemMetrics (nIndex=42) returned 0
[0284.911] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.911] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0284.911] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0284.911] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0284.911] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0284.911] SelectPalette (hdc=0x5c0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0284.911] GdipCreateFromHDC (hdc=0x5c0107f3, graphics=0xd7dc28) returned 0x0
[0284.912] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0284.912] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0284.912] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b78) returned 0x0
[0284.912] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0284.912] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0284.912] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0284.912] GdipGetClip (graphics=0x6639e10, region=0x66457e8) returned 0x0
[0284.912] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6639e10, result=0xd7dbf4) returned 0x0
[0284.912] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0284.912] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc20) returned 0x0
[0284.912] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0284.920] GdipFillRectangleI (graphics=0x6639e10, brush=0x66592a8, x=0, y=0, width=801, height=453) returned 0x0
[0284.920] GdipDeleteBrush (brush=0x66592a8) returned 0x0
[0284.921] GdipRestoreGraphics (graphics=0x6639e10, state=0xf6820dbd) returned 0x0
[0284.921] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.921] GetSystemMetrics (nIndex=42) returned 0
[0284.921] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.921] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0284.921] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0284.921] SelectPalette (hdc=0x5c0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0284.922] RestoreDC (hdc=0x5c0107f3, nSavedDC=-1) returned 1
[0284.922] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107f3) returned 0x0
[0284.922] IsAppThemed () returned 0x1
[0284.922] GetThemeAppProperties () returned 0x3
[0284.922] GetThemeAppProperties () returned 0x3
[0284.922] IsAppThemed () returned 0x1
[0284.922] GetThemeAppProperties () returned 0x3
[0284.922] GetThemeAppProperties () returned 0x3
[0284.922] IsThemePartDefined () returned 0x1
[0284.922] GdipCreateRegion (region=0xd7e118) returned 0x0
[0284.922] GdipGetClip (graphics=0x6600030, region=0x6645d88) returned 0x0
[0284.922] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0284.922] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0284.922] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e130) returned 0x0
[0284.922] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0284.922] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0284.922] LocalFree (hMem=0x11eec58) returned 0x0
[0284.922] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0284.922] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0284.923] LocalFree (hMem=0x11eecc8) returned 0x0
[0284.923] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0284.923] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e158) returned 0x0
[0284.923] GdipIsInfiniteRegion (region=0x6645d88, graphics=0x6600030, result=0xd7e148) returned 0x0
[0284.923] GdipGetRegionHRgn (region=0x6645d88, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0284.923] GdipDeleteRegion (region=0x6645d88) returned 0x0
[0284.923] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0284.923] GetCurrentObject (hdc=0x5c0107f3, type=0x1) returned 0xb00017
[0284.923] GetCurrentObject (hdc=0x5c0107f3, type=0x2) returned 0x900010
[0284.923] GetCurrentObject (hdc=0x5c0107f3, type=0x7) returned 0x4a0507fe
[0284.923] GetCurrentObject (hdc=0x5c0107f3, type=0x6) returned 0x8a01c2
[0284.923] SaveDC (hdc=0x5c0107f3) returned 1
[0284.923] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x420407de
[0284.923] GetClipRgn (hdc=0x5c0107f3, hrgn=0x420407de) returned 0
[0284.923] SelectClipRgn (hdc=0x5c0107f3, hrgn=0xb1040807) returned 2
[0284.923] DeleteObject (ho=0x420407de) returned 1
[0284.923] DeleteObject (ho=0xb1040807) returned 1
[0284.923] OffsetViewportOrgEx (in: hdc=0x5c0107f3, x=0, y=0, lppt=0x2e356ec | out: lppt=0x2e356ec) returned 1
[0284.923] IsAppThemed () returned 0x1
[0284.924] GetThemeAppProperties () returned 0x3
[0284.924] GetThemeAppProperties () returned 0x3
[0284.924] DrawThemeBackground () returned 0x0
[0284.924] RestoreDC (hdc=0x5c0107f3, nSavedDC=-1) returned 1
[0284.924] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107f3) returned 0x0
[0284.924] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0284.924] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0284.924] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0284.924] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0284.924] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e134) returned 0x0
[0284.924] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0284.924] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0284.924] LocalFree (hMem=0x11ee868) returned 0x0
[0284.924] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0284.924] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0284.924] LocalFree (hMem=0x11eec58) returned 0x0
[0284.924] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0284.924] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0284.924] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0284.924] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0284.924] GdipDeleteRegion (region=0x6645908) returned 0x0
[0284.924] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0284.925] GetCurrentObject (hdc=0x5c0107f3, type=0x1) returned 0xb00017
[0284.925] GetCurrentObject (hdc=0x5c0107f3, type=0x2) returned 0x900010
[0284.925] GetCurrentObject (hdc=0x5c0107f3, type=0x7) returned 0x4a0507fe
[0284.925] GetCurrentObject (hdc=0x5c0107f3, type=0x6) returned 0x8a01c2
[0284.925] SaveDC (hdc=0x5c0107f3) returned 1
[0284.925] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb2040807
[0284.925] GetClipRgn (hdc=0x5c0107f3, hrgn=0xb2040807) returned 0
[0284.925] SelectClipRgn (hdc=0x5c0107f3, hrgn=0x430407de) returned 2
[0284.925] DeleteObject (ho=0xb2040807) returned 1
[0284.925] DeleteObject (ho=0x430407de) returned 1
[0284.925] OffsetViewportOrgEx (in: hdc=0x5c0107f3, x=0, y=0, lppt=0x2e359c0 | out: lppt=0x2e359c0) returned 1
[0284.925] IsAppThemed () returned 0x1
[0284.925] GetThemeAppProperties () returned 0x3
[0284.925] GetThemeAppProperties () returned 0x3
[0284.925] GetThemeBackgroundContentRect () returned 0x0
[0284.925] RestoreDC (hdc=0x5c0107f3, nSavedDC=-1) returned 1
[0284.925] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107f3) returned 0x0
[0284.925] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0284.925] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0284.925] GdipFillRectangleI (graphics=0x6600030, brush=0x666a850, x=4, y=4, width=67, height=15) returned 0x0
[0284.926] GdipDeleteBrush (brush=0x666a850) returned 0x0
[0284.926] IsAppThemed () returned 0x1
[0284.926] GetThemeAppProperties () returned 0x3
[0284.926] GetThemeAppProperties () returned 0x3
[0284.926] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0284.926] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0284.926] GetCurrentObject (hdc=0x5c0107f3, type=0x1) returned 0xb00017
[0284.926] GetCurrentObject (hdc=0x5c0107f3, type=0x2) returned 0x900010
[0284.926] GetCurrentObject (hdc=0x5c0107f3, type=0x7) returned 0x4a0507fe
[0284.926] GetCurrentObject (hdc=0x5c0107f3, type=0x6) returned 0x8a01c2
[0284.926] SaveDC (hdc=0x5c0107f3) returned 1
[0284.926] GetTextAlign (hdc=0x5c0107f3) returned 0x0
[0284.926] GetTextColor (hdc=0x5c0107f3) returned 0x0
[0284.926] GetCurrentObject (hdc=0x5c0107f3, type=0x6) returned 0x8a01c2
[0284.926] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0284.926] SelectObject (hdc=0x5c0107f3, h=0x6d0a0520) returned 0x8a01c2
[0284.926] GetBkMode (hdc=0x5c0107f3) returned 2
[0284.926] SetBkMode (hdc=0x5c0107f3, mode=1) returned 2
[0284.927] DrawTextExW (in: hdc=0x5c0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e35d84 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0284.927] DrawTextExW (in: hdc=0x5c0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e35d84 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0284.927] RestoreDC (hdc=0x5c0107f3, nSavedDC=-1) returned 1
[0284.927] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107f3) returned 0x0
[0284.927] GetFocus () returned 0x602c4
[0284.927] IsAppThemed () returned 0x1
[0284.927] GetThemeAppProperties () returned 0x3
[0284.927] GetThemeAppProperties () returned 0x3
[0284.927] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0284.928] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x5c0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0284.928] GdipReleaseDC (graphics=0x6600030, hdc=0x5c0107f3) returned 0x0
[0284.928] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0284.928] SelectObject (hdc=0x5c0107f3, h=0x85000f) returned 0x4a0507fe
[0284.928] DeleteDC (hdc=0x5c0107f3) returned 1
[0284.928] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0284.928] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0284.928] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e35e80, cPoints=0x1 | out: lpPoints=0x2e35e80) returned 40304859
[0284.928] WindowFromPoint (Point=0x105) returned 0x602c4
[0284.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f0105) returned 0x1
[0284.929] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0284.929] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0284.929] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0284.929] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0284.929] GetSystemMetrics (nIndex=42) returned 0
[0284.929] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0284.929] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0284.931] GetCapture () returned 0x602c4
[0284.931] ReleaseCapture () returned 1
[0284.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0284.931] GetProcessWindowStation () returned 0x13c
[0284.932] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.932] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0284.932] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.932] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0284.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.933] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0284.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.933] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0284.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.933] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0284.933] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.934] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0284.934] GetDC (hWnd=0x0) returned 0x10105d6
[0284.934] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0284.934] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0284.934] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0284.934] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0284.935] GetSystemMetrics (nIndex=5) returned 1
[0284.935] GetSystemMetrics (nIndex=6) returned 1
[0284.935] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.935] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0284.935] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.936] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0284.938] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0284.939] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0284.939] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.939] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0284.939] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.939] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0284.940] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e3b89c | out: lpData=0x2e3b89c) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3bcac, puLen=0xd7e810) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3b954, puLen=0xd7e790) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3b9a8, puLen=0xd7e790) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ba28, puLen=0xd7e790) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3ba90, puLen=0xd7e790) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bad0, puLen=0xd7e790) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bb58, puLen=0xd7e790) returned 1
[0284.941] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bb94, puLen=0xd7e790) returned 1
[0284.942] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bbec, puLen=0xd7e790) returned 1
[0284.942] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bc1c, puLen=0xd7e790) returned 1
[0284.942] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.942] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3bc58, puLen=0xd7e790) returned 1
[0284.942] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.942] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3bcac, puLen=0xd7e784) returned 1
[0284.942] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.942] VerQueryValueW (in: pBlock=0x2e3b89c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3b8c4, puLen=0xd7e794) returned 1
[0284.942] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0284.943] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0284.943] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.943] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0284.943] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.943] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0284.943] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e3d80c | out: lpData=0x2e3d80c) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3d8a8, puLen=0xd7e810) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d920, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d950, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d98c, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d9bc, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3da04, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3da7c, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3dac0, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3db00, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3d8fe, puLen=0xd7e790) returned 1
[0284.943] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3da4c, puLen=0xd7e790) returned 1
[0284.944] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.944] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.944] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3d8a8, puLen=0xd7e784) returned 1
[0284.944] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0284.944] VerQueryValueW (in: pBlock=0x2e3d80c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3d834, puLen=0xd7e794) returned 1
[0284.944] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0284.944] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0284.945] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.945] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0284.945] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.945] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0284.945] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e3fae4 | out: lpData=0x2e3fae4) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e3fef8, puLen=0xd7e810) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fb9c, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fbf0, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fc4c, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fcac, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fd04, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fd8c, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fde0, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fe38, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fe68, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e3fea4, puLen=0xd7e790) returned 1
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e3fef8, puLen=0xd7e784) returned 1
[0284.946] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.946] VerQueryValueW (in: pBlock=0x2e3fae4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e3fb0c, puLen=0xd7e794) returned 1
[0284.947] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0284.947] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0284.947] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.947] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0284.947] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.948] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0284.948] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e4211c | out: lpData=0x2e4211c) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4251c, puLen=0xd7e810) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e421d4, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e42228, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e42268, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e422d0, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e42328, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e423b0, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e42404, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4245c, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4248c, puLen=0xd7e790) returned 1
[0284.949] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.950] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e424c8, puLen=0xd7e790) returned 1
[0284.950] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.950] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4251c, puLen=0xd7e784) returned 1
[0284.950] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.950] VerQueryValueW (in: pBlock=0x2e4211c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e42144, puLen=0xd7e794) returned 1
[0284.951] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0284.951] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0284.951] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.951] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0284.951] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.951] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0284.952] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e44858 | out: lpData=0x2e44858) returned 1
[0284.952] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e44c20, puLen=0xd7e810) returned 1
[0284.952] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44910, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44964, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e449a4, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44a0c, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44a48, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44ad0, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44b08, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44b60, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44b90, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e44bcc, puLen=0xd7e790) returned 1
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e44c20, puLen=0xd7e784) returned 1
[0284.953] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.953] VerQueryValueW (in: pBlock=0x2e44858, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e44880, puLen=0xd7e794) returned 1
[0284.954] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0284.954] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0284.954] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.954] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0284.954] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.954] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0284.955] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e47ec0 | out: lpData=0x2e47ec0) returned 1
[0284.955] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e482a0, puLen=0xd7e810) returned 1
[0284.955] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47f78, puLen=0xd7e790) returned 1
[0284.955] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47fcc, puLen=0xd7e790) returned 1
[0284.955] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4800c, puLen=0xd7e790) returned 1
[0284.955] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4806c, puLen=0xd7e790) returned 1
[0284.955] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e480b8, puLen=0xd7e790) returned 1
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e48140, puLen=0xd7e790) returned 1
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e48188, puLen=0xd7e790) returned 1
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e481e0, puLen=0xd7e790) returned 1
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e48210, puLen=0xd7e790) returned 1
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4824c, puLen=0xd7e790) returned 1
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e482a0, puLen=0xd7e784) returned 1
[0284.956] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.956] VerQueryValueW (in: pBlock=0x2e47ec0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e47ee8, puLen=0xd7e794) returned 1
[0284.957] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0284.957] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0284.957] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.957] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0284.957] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.957] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0284.958] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e4a6e0 | out: lpData=0x2e4a6e0) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4aaec, puLen=0xd7e810) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a798, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a7ec, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a840, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a8a0, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a8f8, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a980, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a9d4, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4aa2c, puLen=0xd7e790) returned 1
[0284.958] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4aa5c, puLen=0xd7e790) returned 1
[0284.959] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.959] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4aa98, puLen=0xd7e790) returned 1
[0284.959] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.959] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4aaec, puLen=0xd7e784) returned 1
[0284.959] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.959] VerQueryValueW (in: pBlock=0x2e4a6e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4a708, puLen=0xd7e794) returned 1
[0284.959] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0284.960] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0284.960] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.960] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0284.960] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.960] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0284.961] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e4cef4 | out: lpData=0x2e4cef4) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4d2cc, puLen=0xd7e810) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4cfac, puLen=0xd7e790) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d000, puLen=0xd7e790) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d040, puLen=0xd7e790) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d0a8, puLen=0xd7e790) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d0ec, puLen=0xd7e790) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d174, puLen=0xd7e790) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d1b4, puLen=0xd7e790) returned 1
[0284.961] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d20c, puLen=0xd7e790) returned 1
[0284.962] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d23c, puLen=0xd7e790) returned 1
[0284.962] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.962] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d278, puLen=0xd7e790) returned 1
[0284.962] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.962] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4d2cc, puLen=0xd7e784) returned 1
[0284.962] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.962] VerQueryValueW (in: pBlock=0x2e4cef4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4cf1c, puLen=0xd7e794) returned 1
[0284.962] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0284.963] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0284.963] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.963] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0284.963] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.963] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0284.964] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e4f44c | out: lpData=0x2e4f44c) returned 1
[0284.964] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4f824, puLen=0xd7e810) returned 1
[0284.964] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f504, puLen=0xd7e790) returned 1
[0284.964] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f558, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f598, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f600, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f644, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f6cc, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f70c, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f764, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f794, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4f7d0, puLen=0xd7e790) returned 1
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4f824, puLen=0xd7e784) returned 1
[0284.965] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.965] VerQueryValueW (in: pBlock=0x2e4f44c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4f474, puLen=0xd7e794) returned 1
[0284.968] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0284.968] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0284.968] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0284.968] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0284.968] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0284.968] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0284.969] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e51b84 | out: lpData=0x2e51b84) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e51fb4, puLen=0xd7e810) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51c3c, puLen=0xd7e790) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51c90, puLen=0xd7e790) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51d00, puLen=0xd7e790) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51d60, puLen=0xd7e790) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51dbc, puLen=0xd7e790) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51e44, puLen=0xd7e790) returned 1
[0284.969] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51e9c, puLen=0xd7e790) returned 1
[0284.970] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51ef4, puLen=0xd7e790) returned 1
[0284.970] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51f24, puLen=0xd7e790) returned 1
[0284.970] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.970] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e51f60, puLen=0xd7e790) returned 1
[0284.970] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0284.970] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e51fb4, puLen=0xd7e784) returned 1
[0284.970] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0284.970] VerQueryValueW (in: pBlock=0x2e51b84, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e51bac, puLen=0xd7e794) returned 1
[0284.970] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0284.970] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.971] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0284.971] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.971] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0284.971] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2502ce
[0284.972] SetWindowLongW (hWnd=0x2502ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0284.972] GetWindowLongW (hWnd=0x2502ce, nIndex=-4) returned 1950089536
[0284.972] SetWindowLongW (hWnd=0x2502ce, nIndex=-4, dwNewLong=19948974) returned 1950089536
[0284.972] GetWindowLongW (hWnd=0x2502ce, nIndex=-4) returned 19948974
[0284.972] GetWindowLongW (hWnd=0x2502ce, nIndex=-16) returned 113311744
[0284.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0284.972] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0284.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0284.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0284.973] GetClientRect (in: hWnd=0x2502ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0284.973] GetWindowRect (in: hWnd=0x2502ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0284.974] SetWindowTextW (hWnd=0x2502ce, lpString="WindowsFormsParkingWindow") returned 1
[0284.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0xc, wParam=0x0, lParam=0x2e17134) returned 0x1
[0284.974] GetParent (hWnd=0x2502ce) returned 0x0
[0284.974] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0284.974] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2502ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f02de
[0284.975] SetWindowLongW (hWnd=0x2f02de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0284.975] GetWindowLongW (hWnd=0x2f02de, nIndex=-4) returned 1868147648
[0284.975] SetWindowLongW (hWnd=0x2f02de, nIndex=-4, dwNewLong=19949214) returned 1868147648
[0284.975] GetWindowLongW (hWnd=0x2f02de, nIndex=-4) returned 19949214
[0284.975] GetWindowLongW (hWnd=0x2f02de, nIndex=-16) returned 1174405133
[0284.975] GetWindowLongW (hWnd=0x2f02de, nIndex=-12) returned 0
[0284.975] SetWindowLongW (hWnd=0x2f02de, nIndex=-12, dwNewLong=3080926) returned 0
[0284.975] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0284.976] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0284.976] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0284.977] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0284.977] GetWindowRect (in: hWnd=0x2f02de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0284.977] GetParent (hWnd=0x2f02de) returned 0x2502ce
[0284.977] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502ce, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0284.977] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0284.978] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0284.978] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0284.978] GetWindowRect (in: hWnd=0x2f02de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0284.978] GetParent (hWnd=0x2f02de) returned 0x2502ce
[0284.978] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502ce, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0284.978] SendMessageW (hWnd=0x2f02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2f02de) returned 0x0
[0284.978] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x2210, wParam=0x2de0001, lParam=0x2f02de) returned 0x0
[0284.978] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0284.978] GetParent (hWnd=0x2f02de) returned 0x2502ce
[0284.978] GdipCreateFromHWND (hwnd=0x2f02de, graphics=0xd7e844) returned 0x0
[0284.978] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0284.980] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0284.980] GetForegroundWindow () returned 0x7005c
[0284.980] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.980] GetSystemMetrics (nIndex=42) returned 0
[0284.980] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0284.980] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0284.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0284.980] GetSystemMetrics (nIndex=42) returned 0
[0284.980] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0284.980] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0284.981] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.981] GetCursorPos (in: lpPoint=0x2e56008 | out: lpPoint=0x2e56008*(x=261, y=623)) returned 1
[0284.981] MonitorFromPoint (pt=0x105, dwFlags=0x26f) returned 0x10001
[0284.981] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0284.981] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x5f0107f3
[0284.981] GetDeviceCaps (hdc=0x5f0107f3, index=12) returned 32
[0284.981] GetDeviceCaps (hdc=0x5f0107f3, index=14) returned 1
[0284.981] DeleteDC (hdc=0x5f0107f3) returned 1
[0284.981] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0284.981] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0284.982] GetSystemMetrics (nIndex=59) returned 1460
[0284.982] GetSystemMetrics (nIndex=60) returned 920
[0284.982] GetSystemMetrics (nIndex=34) returned 136
[0284.982] GetSystemMetrics (nIndex=35) returned 39
[0284.982] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.982] GetCursorPos (in: lpPoint=0x2e56274 | out: lpPoint=0x2e56274*(x=261, y=623)) returned 1
[0284.982] MonitorFromPoint (pt=0x105, dwFlags=0x26f) returned 0x10001
[0284.982] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0284.982] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x600107f3
[0284.982] GetDeviceCaps (hdc=0x600107f3, index=12) returned 32
[0284.982] GetDeviceCaps (hdc=0x600107f3, index=14) returned 1
[0284.982] DeleteDC (hdc=0x600107f3) returned 1
[0284.982] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0284.983] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0284.983] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.983] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0284.983] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e5650c | out: piconinfo=0x2e5650c) returned 1
[0284.983] GetObjectW (in: h=0xfb0506b6, c=24, pv=0x2e56528 | out: pv=0x2e56528) returned 24
[0284.983] GdipCreateBitmapFromHBITMAP (hbm=0xfb0506b6, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0284.984] GdipGetImageWidth (image=0x66019f0, width=0xd7e750) returned 0x0
[0284.984] GdipGetImageHeight (image=0x66019f0, height=0xd7e748) returned 0x0
[0284.984] GdipGetImagePixelFormat (image=0x66019f0, format=0xd7e740) returned 0x0
[0284.984] GdipBitmapLockBits (bitmap=0x66019f0, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e565e0) returned 0x0
[0284.984] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0284.984] GdipBitmapLockBits (bitmap=0x6651518, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e56618) returned 0x0
[0284.984] RtlMoveMemory (in: Destination=0x665af28, Source=0x6662ee0, Length=0x80 | out: Destination=0x665af28)
[0284.984] RtlMoveMemory (in: Destination=0x665afa8, Source=0x6662e60, Length=0x80 | out: Destination=0x665afa8)
[0284.984] RtlMoveMemory (in: Destination=0x665b028, Source=0x6662de0, Length=0x80 | out: Destination=0x665b028)
[0284.984] RtlMoveMemory (in: Destination=0x665b0a8, Source=0x6662d60, Length=0x80 | out: Destination=0x665b0a8)
[0284.984] RtlMoveMemory (in: Destination=0x665b128, Source=0x6662ce0, Length=0x80 | out: Destination=0x665b128)
[0284.984] RtlMoveMemory (in: Destination=0x665b1a8, Source=0x6662c60, Length=0x80 | out: Destination=0x665b1a8)
[0284.984] RtlMoveMemory (in: Destination=0x665b228, Source=0x6662be0, Length=0x80 | out: Destination=0x665b228)
[0284.984] RtlMoveMemory (in: Destination=0x665b2a8, Source=0x6662b60, Length=0x80 | out: Destination=0x665b2a8)
[0284.984] RtlMoveMemory (in: Destination=0x665b328, Source=0x6662ae0, Length=0x80 | out: Destination=0x665b328)
[0284.984] RtlMoveMemory (in: Destination=0x665b3a8, Source=0x6662a60, Length=0x80 | out: Destination=0x665b3a8)
[0284.984] RtlMoveMemory (in: Destination=0x665b428, Source=0x66629e0, Length=0x80 | out: Destination=0x665b428)
[0284.984] RtlMoveMemory (in: Destination=0x665b4a8, Source=0x6662960, Length=0x80 | out: Destination=0x665b4a8)
[0284.984] RtlMoveMemory (in: Destination=0x665b528, Source=0x66628e0, Length=0x80 | out: Destination=0x665b528)
[0284.985] RtlMoveMemory (in: Destination=0x665b5a8, Source=0x6662860, Length=0x80 | out: Destination=0x665b5a8)
[0284.985] RtlMoveMemory (in: Destination=0x665b628, Source=0x66627e0, Length=0x80 | out: Destination=0x665b628)
[0284.985] RtlMoveMemory (in: Destination=0x665b6a8, Source=0x6662760, Length=0x80 | out: Destination=0x665b6a8)
[0284.985] RtlMoveMemory (in: Destination=0x665b728, Source=0x66626e0, Length=0x80 | out: Destination=0x665b728)
[0284.985] RtlMoveMemory (in: Destination=0x665b7a8, Source=0x6662660, Length=0x80 | out: Destination=0x665b7a8)
[0284.985] RtlMoveMemory (in: Destination=0x665b828, Source=0x66625e0, Length=0x80 | out: Destination=0x665b828)
[0284.985] RtlMoveMemory (in: Destination=0x665b8a8, Source=0x6662560, Length=0x80 | out: Destination=0x665b8a8)
[0284.985] RtlMoveMemory (in: Destination=0x665b928, Source=0x66624e0, Length=0x80 | out: Destination=0x665b928)
[0284.985] RtlMoveMemory (in: Destination=0x665b9a8, Source=0x6662460, Length=0x80 | out: Destination=0x665b9a8)
[0284.985] RtlMoveMemory (in: Destination=0x665ba28, Source=0x66623e0, Length=0x80 | out: Destination=0x665ba28)
[0284.985] RtlMoveMemory (in: Destination=0x665baa8, Source=0x6662360, Length=0x80 | out: Destination=0x665baa8)
[0284.985] RtlMoveMemory (in: Destination=0x665bb28, Source=0x66622e0, Length=0x80 | out: Destination=0x665bb28)
[0284.985] RtlMoveMemory (in: Destination=0x665bba8, Source=0x6662260, Length=0x80 | out: Destination=0x665bba8)
[0284.985] RtlMoveMemory (in: Destination=0x665bc28, Source=0x66621e0, Length=0x80 | out: Destination=0x665bc28)
[0284.985] RtlMoveMemory (in: Destination=0x665bca8, Source=0x6662160, Length=0x80 | out: Destination=0x665bca8)
[0284.985] RtlMoveMemory (in: Destination=0x665bd28, Source=0x66620e0, Length=0x80 | out: Destination=0x665bd28)
[0284.985] RtlMoveMemory (in: Destination=0x665bda8, Source=0x6662060, Length=0x80 | out: Destination=0x665bda8)
[0284.985] RtlMoveMemory (in: Destination=0x665be28, Source=0x6661fe0, Length=0x80 | out: Destination=0x665be28)
[0284.985] RtlMoveMemory (in: Destination=0x665bea8, Source=0x6661f60, Length=0x80 | out: Destination=0x665bea8)
[0284.985] GdipBitmapUnlockBits (bitmap=0x66019f0, lockedBitmapData=0x2e565e0) returned 0x0
[0284.985] GdipBitmapUnlockBits (bitmap=0x6651518, lockedBitmapData=0x2e56618) returned 0x0
[0284.985] GdipDisposeImage (image=0x66019f0) returned 0x0
[0284.985] DeleteObject (ho=0xfb0506b6) returned 1
[0284.986] DeleteObject (ho=0x610507f3) returned 1
[0284.986] GetCurrentThreadId () returned 0xf50
[0284.986] GetCurrentThreadId () returned 0xf50
[0284.986] SetWindowPos (hWnd=0x2f02de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0284.986] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0284.986] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0284.986] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0284.986] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0284.986] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0284.986] GetWindowRect (in: hWnd=0x2f02de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0284.986] GetParent (hWnd=0x2f02de) returned 0x2502ce
[0284.986] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502ce, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0284.986] InvalidateRect (hWnd=0x2f02de, lpRect=0x0, bErase=1) returned 1
[0284.987] GetWindowTextLengthW (hWnd=0x2f02de) returned 0
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0284.987] GetSystemMetrics (nIndex=42) returned 0
[0284.987] GetWindowTextW (in: hWnd=0x2f02de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0284.987] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0284.987] GetWindowRect (in: hWnd=0x2f02de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0284.987] GetParent (hWnd=0x2f02de) returned 0x2502ce
[0284.987] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2502ce, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0284.987] GetWindowTextLengthW (hWnd=0x2f02de) returned 0
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0284.987] GetSystemMetrics (nIndex=42) returned 0
[0284.987] GetWindowTextW (in: hWnd=0x2f02de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0284.987] GetWindowTextLengthW (hWnd=0x2f02de) returned 0
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0284.987] GetSystemMetrics (nIndex=42) returned 0
[0284.987] GetWindowTextW (in: hWnd=0x2f02de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0284.987] SetWindowTextW (hWnd=0x2f02de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0284.987] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xc, wParam=0x0, lParam=0x2e37474) returned 0x1
[0284.988] InvalidateRect (hWnd=0x2f02de, lpRect=0x0, bErase=1) returned 1
[0284.988] GetCurrentThreadId () returned 0xf50
[0284.988] GetWindowThreadProcessId (in: hWnd=0x2f02de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0284.988] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0284.989] GdipImageForceValidation (image=0x664ea70) returned 0x0
[0284.990] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0284.990] GdipGetImageHeight (image=0x664ea70, height=0xd7e824) returned 0x0
[0284.990] GdipGetImageWidth (image=0x664ea70, width=0xd7e824) returned 0x0
[0284.990] GdipGetImageWidth (image=0x664ea70, width=0xd7e810) returned 0x0
[0284.990] GdipGetImageHeight (image=0x664ea70, height=0xd7e810) returned 0x0
[0284.990] GdipGetImageWidth (image=0x664ea70, width=0xd7e800) returned 0x0
[0284.990] GdipGetImageHeight (image=0x664ea70, height=0xd7e800) returned 0x0
[0284.990] GdipBitmapGetPixel (bitmap=0x664ea70, x=0, y=15, color=0xd7e810) returned 0x0
[0284.990] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0284.990] GdipGetImageWidth (image=0x664ea70, width=0xd7e740) returned 0x0
[0284.991] GdipGetImageHeight (image=0x664ea70, height=0xd7e740) returned 0x0
[0284.991] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0284.991] GdipGetImagePixelFormat (image=0x66507f8, format=0xd7e740) returned 0x0
[0284.991] GdipGetImageGraphicsContext (image=0x66507f8, graphics=0xd7e74c) returned 0x0
[0284.991] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0284.991] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0284.991] GdipSetImageAttributesColorKeys (imageattr=0x6638bd8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0284.991] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664ea70, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638bd8, callback=0x0, callbackData=0x0) returned 0x0
[0284.991] GdipDisposeImageAttributes (imageattr=0x6638bd8) returned 0x0
[0284.991] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0284.991] GdipDisposeImage (image=0x664ea70) returned 0x0
[0284.992] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0284.992] GdipImageForceValidation (image=0x664f790) returned 0x0
[0284.993] GdipGetImageRawFormat (image=0x664f790, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0284.994] GdipGetImageHeight (image=0x664f790, height=0xd7e824) returned 0x0
[0284.994] GdipGetImageWidth (image=0x664f790, width=0xd7e824) returned 0x0
[0284.994] GdipGetImageWidth (image=0x664f790, width=0xd7e810) returned 0x0
[0284.994] GdipGetImageHeight (image=0x664f790, height=0xd7e810) returned 0x0
[0284.994] GdipGetImageWidth (image=0x664f790, width=0xd7e800) returned 0x0
[0284.994] GdipGetImageHeight (image=0x664f790, height=0xd7e800) returned 0x0
[0284.994] GdipBitmapGetPixel (bitmap=0x664f790, x=0, y=15, color=0xd7e810) returned 0x0
[0284.994] GdipGetImageRawFormat (image=0x664f790, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0284.994] GdipGetImageWidth (image=0x664f790, width=0xd7e740) returned 0x0
[0284.994] GdipGetImageHeight (image=0x664f790, height=0xd7e740) returned 0x0
[0284.994] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0284.994] GdipGetImagePixelFormat (image=0x6651860, format=0xd7e740) returned 0x0
[0284.994] GdipGetImageGraphicsContext (image=0x6651860, graphics=0xd7e74c) returned 0x0
[0284.994] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0284.994] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0284.994] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0284.994] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f790, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0284.994] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0284.994] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0284.995] GdipDisposeImage (image=0x664f790) returned 0x0
[0284.995] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.995] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0284.995] GetCurrentThreadId () returned 0xf50
[0284.995] GetCurrentThreadId () returned 0xf50
[0284.995] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.995] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0284.995] GetCurrentThreadId () returned 0xf50
[0284.995] GetCurrentThreadId () returned 0xf50
[0284.996] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.996] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0284.996] GetCurrentThreadId () returned 0xf50
[0284.996] GetCurrentThreadId () returned 0xf50
[0284.996] GetSystemMetrics (nIndex=5) returned 1
[0284.996] GetSystemMetrics (nIndex=6) returned 1
[0284.996] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.996] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0284.996] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.996] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0284.997] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.997] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0284.997] GetCurrentThreadId () returned 0xf50
[0284.997] GetCurrentThreadId () returned 0xf50
[0284.998] GetProcessWindowStation () returned 0x13c
[0284.998] GetCapture () returned 0x0
[0284.998] GetActiveWindow () returned 0x7005c
[0284.998] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0284.998] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0284.999] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0284.999] GetCursorPos (in: lpPoint=0x2e57758 | out: lpPoint=0x2e57758*(x=261, y=623)) returned 1
[0284.999] MonitorFromPoint (pt=0x108, dwFlags=0x26f) returned 0x10001
[0284.999] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0284.999] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x620107f3
[0284.999] GetDeviceCaps (hdc=0x620107f3, index=12) returned 32
[0284.999] GetDeviceCaps (hdc=0x620107f3, index=14) returned 1
[0284.999] DeleteDC (hdc=0x620107f3) returned 1
[0284.999] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0285.000] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0285.000] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2902c8
[0285.000] SetWindowLongW (hWnd=0x2902c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0285.000] GetWindowLongW (hWnd=0x2902c8, nIndex=-4) returned 1950089536
[0285.000] SetWindowLongW (hWnd=0x2902c8, nIndex=-4, dwNewLong=19948694) returned 1950089536
[0285.001] GetWindowLongW (hWnd=0x2902c8, nIndex=-4) returned 19948694
[0285.001] GetWindowLongW (hWnd=0x2902c8, nIndex=-16) returned 113770496
[0285.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0285.001] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0285.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0285.002] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0285.002] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0285.002] SetWindowTextW (hWnd=0x2902c8, lpString="BB ransomware") returned 1
[0285.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xc, wParam=0x0, lParam=0x2e55ef4) returned 0x1
[0285.003] GetStartupInfoW (in: lpStartupInfo=0x2e57a94 | out: lpStartupInfo=0x2e57a94*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0285.004] GetParent (hWnd=0x2902c8) returned 0x0
[0285.004] SetWindowLongW (hWnd=0x2902c8, nIndex=-8, dwNewLong=0) returned 0
[0285.005] SendMessageW (hWnd=0x2902c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0285.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0285.005] SendMessageW (hWnd=0x2902c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0285.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0285.005] GetSystemMenu (hWnd=0x2902c8, bRevert=0) returned 0xd1020f
[0285.006] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0285.006] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0285.006] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0285.006] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0285.006] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0285.006] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0285.006] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0285.006] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0285.006] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0285.006] SetWindowPos (hWnd=0x2902c8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0285.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0285.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2902c8) returned 0x1
[0285.009] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0285.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0285.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.013] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2902c8, lParam=0x0) returned 0x0
[0285.013] GetCapture () returned 0x0
[0285.013] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0285.014] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0285.015] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0285.017] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0285.017] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0285.017] GetParent (hWnd=0x2902c8) returned 0x0
[0285.017] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0285.020] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0285.020] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0285.020] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0285.020] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0285.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.021] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.022] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0285.022] GetWindowLongW (hWnd=0x2902c8, nIndex=-16) returned 113770496
[0285.022] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.022] GetSystemMetrics (nIndex=42) returned 0
[0285.022] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0285.022] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.022] GetSystemMetrics (nIndex=42) returned 0
[0285.022] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0285.023] GetCursorPos (in: lpPoint=0x2e57cd0 | out: lpPoint=0x2e57cd0*(x=261, y=623)) returned 1
[0285.023] MonitorFromPoint (pt=0x105, dwFlags=0x26f) returned 0x10001
[0285.023] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0285.023] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8f0105d8
[0285.023] GetDeviceCaps (hdc=0x8f0105d8, index=12) returned 32
[0285.023] GetDeviceCaps (hdc=0x8f0105d8, index=14) returned 1
[0285.023] DeleteDC (hdc=0x8f0105d8) returned 1
[0285.023] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0285.023] GetWindowLongW (hWnd=0x2902c8, nIndex=-16) returned 113770496
[0285.023] GetWindowLongW (hWnd=0x2902c8, nIndex=-20) returned 327945
[0285.023] SetWindowLongW (hWnd=0x2902c8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0285.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0285.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0285.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.025] SetWindowLongW (hWnd=0x2902c8, nIndex=-20, dwNewLong=327681) returned 327945
[0285.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0285.026] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0285.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.027] SetWindowPos (hWnd=0x2902c8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0285.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0285.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0285.042] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0285.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0285.042] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0285.042] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0285.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.043] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.044] RedrawWindow (hWnd=0x2902c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0285.044] GetSystemMenu (hWnd=0x2902c8, bRevert=0) returned 0xd1020f
[0285.044] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0285.044] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0285.044] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0285.044] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0285.044] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0285.044] EnableMenuItem (hMenu=0xd1020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0285.044] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0285.044] GetWindowLongW (hWnd=0x2902c8, nIndex=-8) returned 0
[0285.044] SetWindowLongW (hWnd=0x2902c8, nIndex=-8, dwNewLong=458844) returned 0
[0285.046] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0285.047] GetProcessWindowStation () returned 0x13c
[0285.047] GetCurrentThreadId () returned 0xf50
[0285.047] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13064be, lParam=0x0) returned 1
[0285.047] IsWindowVisible (hWnd=0x2902c8) returned 0
[0285.047] IsWindowVisible (hWnd=0x7005c) returned 1
[0285.047] IsWindowEnabled (hWnd=0x7005c) returned 1
[0285.047] IsWindowVisible (hWnd=0x300ec) returned 0
[0285.047] IsWindowVisible (hWnd=0x502c6) returned 0
[0285.047] IsWindowVisible (hWnd=0x502be) returned 0
[0285.047] GetActiveWindow () returned 0x2902c8
[0285.047] GetFocus () returned 0x2902c8
[0285.047] IsWindow (hWnd=0x7005c) returned 1
[0285.047] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0285.048] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0285.048] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0285.048] GetWindowLongW (hWnd=0x2902c8, nIndex=-8) returned 458844
[0285.048] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0285.048] GetCurrentThreadId () returned 0xf50
[0285.048] GetWindowLongW (hWnd=0x2902c8, nIndex=-8) returned 458844
[0285.048] IsWindowEnabled (hWnd=0x7005c) returned 0
[0285.048] IsWindowEnabled (hWnd=0x2902c8) returned 1
[0285.048] ShowWindow (hWnd=0x2902c8, nCmdShow=5) returned 0
[0285.048] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0285.048] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0285.049] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0285.049] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0285.049] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2902c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2402d0
[0285.049] SetWindowLongW (hWnd=0x2402d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0285.050] GetWindowLongW (hWnd=0x2402d0, nIndex=-4) returned 1950089536
[0285.050] SetWindowLongW (hWnd=0x2402d0, nIndex=-4, dwNewLong=19948854) returned 1950089536
[0285.050] GetWindowLongW (hWnd=0x2402d0, nIndex=-4) returned 19948854
[0285.050] GetWindowLongW (hWnd=0x2402d0, nIndex=-16) returned 1174405120
[0285.050] GetWindowLongW (hWnd=0x2402d0, nIndex=-12) returned 0
[0285.050] SetWindowLongW (hWnd=0x2402d0, nIndex=-12, dwNewLong=2360016) returned 0
[0285.050] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0285.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0285.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0285.051] GetWindow (hWnd=0x2402d0, uCmd=0x3) returned 0x0
[0285.051] GetClientRect (in: hWnd=0x2402d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0285.051] GetWindowRect (in: hWnd=0x2402d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0285.051] GetParent (hWnd=0x2402d0) returned 0x2902c8
[0285.051] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0285.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0285.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0285.052] GetClientRect (in: hWnd=0x2402d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0285.052] GetWindowRect (in: hWnd=0x2402d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0285.052] GetParent (hWnd=0x2402d0) returned 0x2902c8
[0285.052] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0285.052] SendMessageW (hWnd=0x2402d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2402d0) returned 0x0
[0285.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2402d0) returned 0x0
[0285.052] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0285.052] GetParent (hWnd=0x2402d0) returned 0x2902c8
[0285.052] GetParent (hWnd=0x2f02de) returned 0x2502ce
[0285.052] SetParent (hWndChild=0x2f02de, hWndNewParent=0x2902c8) returned 0x2502ce
[0285.052] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0285.053] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0285.053] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0285.053] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0285.053] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0285.053] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0285.053] GetWindowRect (in: hWnd=0x2f02de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0285.053] GetParent (hWnd=0x2f02de) returned 0x2902c8
[0285.053] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0285.054] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0285.054] GetWindowRect (in: hWnd=0x2f02de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0285.054] GetParent (hWnd=0x2f02de) returned 0x2902c8
[0285.054] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0285.054] GetParent (hWnd=0x2f02de) returned 0x2902c8
[0285.054] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0285.054] GetWindow (hWnd=0x2f02de, uCmd=0x3) returned 0x0
[0285.054] SetWindowPos (hWnd=0x2f02de, hWndInsertAfter=0x2402d0, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0285.054] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0285.055] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0285.055] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0285.055] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0285.055] GetWindowRect (in: hWnd=0x2f02de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0285.055] GetParent (hWnd=0x2f02de) returned 0x2902c8
[0285.055] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0285.055] GetParent (hWnd=0x2f02de) returned 0x2902c8
[0285.055] GetWindow (hWnd=0x2f02de, uCmd=0x3) returned 0x2402d0
[0285.055] GetWindowThreadProcessId (in: hWnd=0x2f02de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0285.055] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0285.055] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0285.057] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0285.057] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2902c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3102d8
[0285.057] SetWindowLongW (hWnd=0x3102d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0285.057] GetWindowLongW (hWnd=0x3102d8, nIndex=-4) returned 1868032000
[0285.057] SetWindowLongW (hWnd=0x3102d8, nIndex=-4, dwNewLong=19948894) returned 1868032000
[0285.057] GetWindowLongW (hWnd=0x3102d8, nIndex=-4) returned 19948894
[0285.057] GetWindowLongW (hWnd=0x3102d8, nIndex=-16) returned 1174470667
[0285.057] GetWindowLongW (hWnd=0x3102d8, nIndex=-12) returned 0
[0285.058] SetWindowLongW (hWnd=0x3102d8, nIndex=-12, dwNewLong=3211992) returned 0
[0285.058] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0285.058] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0285.058] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0285.068] SendMessageW (hWnd=0x3102d8, Msg=0x2055, wParam=0x3102d8, lParam=0x3) returned 0x2
[0285.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0285.068] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0285.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0285.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0285.068] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0285.068] RedrawWindow (hWnd=0x2402d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0285.068] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0285.068] RedrawWindow (hWnd=0x2f02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0285.068] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0285.068] RedrawWindow (hWnd=0x3102d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0285.068] RedrawWindow (hWnd=0x2902c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0285.069] GetWindow (hWnd=0x3102d8, uCmd=0x3) returned 0x2f02de
[0285.069] GetClientRect (in: hWnd=0x3102d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0285.069] GetWindowRect (in: hWnd=0x3102d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0285.069] GetParent (hWnd=0x3102d8) returned 0x2902c8
[0285.069] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0285.069] SetWindowTextW (hWnd=0x3102d8, lpString="&Details") returned 1
[0285.069] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0285.069] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0285.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0285.070] GetClientRect (in: hWnd=0x3102d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0285.070] GetWindowRect (in: hWnd=0x3102d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0285.070] GetParent (hWnd=0x3102d8) returned 0x2902c8
[0285.070] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0285.070] SendMessageW (hWnd=0x3102d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3102d8) returned 0x0
[0285.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3102d8) returned 0x0
[0285.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0285.070] GetParent (hWnd=0x3102d8) returned 0x2902c8
[0285.070] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0285.071] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0285.071] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0285.071] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2902c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f02dc
[0285.071] SetWindowLongW (hWnd=0x2f02dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0285.071] GetWindowLongW (hWnd=0x2f02dc, nIndex=-4) returned 1868032000
[0285.072] SetWindowLongW (hWnd=0x2f02dc, nIndex=-4, dwNewLong=19949014) returned 1868032000
[0285.072] GetWindowLongW (hWnd=0x2f02dc, nIndex=-4) returned 19949014
[0285.072] GetWindowLongW (hWnd=0x2f02dc, nIndex=-16) returned 1174470667
[0285.072] GetWindowLongW (hWnd=0x2f02dc, nIndex=-12) returned 0
[0285.072] SetWindowLongW (hWnd=0x2f02dc, nIndex=-12, dwNewLong=3080924) returned 0
[0285.072] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0285.072] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0285.073] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0285.073] SendMessageW (hWnd=0x2f02dc, Msg=0x2055, wParam=0x2f02dc, lParam=0x3) returned 0x2
[0285.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0285.074] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0285.074] GetWindow (hWnd=0x2f02dc, uCmd=0x3) returned 0x3102d8
[0285.074] GetClientRect (in: hWnd=0x2f02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0285.074] GetWindowRect (in: hWnd=0x2f02dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0285.074] GetParent (hWnd=0x2f02dc) returned 0x2902c8
[0285.074] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0285.074] SetWindowTextW (hWnd=0x2f02dc, lpString="&Continue") returned 1
[0285.074] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0285.075] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0285.075] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0285.075] GetClientRect (in: hWnd=0x2f02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0285.075] GetWindowRect (in: hWnd=0x2f02dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0285.075] GetParent (hWnd=0x2f02dc) returned 0x2902c8
[0285.076] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0285.076] SendMessageW (hWnd=0x2f02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2f02dc) returned 0x0
[0285.076] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x2f02dc) returned 0x0
[0285.076] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0285.076] GetParent (hWnd=0x2f02dc) returned 0x2902c8
[0285.076] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0285.076] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0285.077] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0285.077] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2902c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f02da
[0285.077] SetWindowLongW (hWnd=0x2f02da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0285.077] GetWindowLongW (hWnd=0x2f02da, nIndex=-4) returned 1868032000
[0285.077] SetWindowLongW (hWnd=0x2f02da, nIndex=-4, dwNewLong=19949334) returned 1868032000
[0285.078] GetWindowLongW (hWnd=0x2f02da, nIndex=-4) returned 19949334
[0285.078] GetWindowLongW (hWnd=0x2f02da, nIndex=-16) returned 1174470667
[0285.078] GetWindowLongW (hWnd=0x2f02da, nIndex=-12) returned 0
[0285.078] SetWindowLongW (hWnd=0x2f02da, nIndex=-12, dwNewLong=3080922) returned 0
[0285.078] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0285.078] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0285.078] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0285.079] SendMessageW (hWnd=0x2f02da, Msg=0x2055, wParam=0x2f02da, lParam=0x3) returned 0x2
[0285.079] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0285.079] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0285.079] GetWindow (hWnd=0x2f02da, uCmd=0x3) returned 0x2f02dc
[0285.079] GetClientRect (in: hWnd=0x2f02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0285.079] GetWindowRect (in: hWnd=0x2f02da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0285.079] GetParent (hWnd=0x2f02da) returned 0x2902c8
[0285.080] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0285.080] SetWindowTextW (hWnd=0x2f02da, lpString="&Quit") returned 1
[0285.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0285.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0285.080] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0285.080] GetClientRect (in: hWnd=0x2f02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0285.080] GetWindowRect (in: hWnd=0x2f02da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0285.080] GetParent (hWnd=0x2f02da) returned 0x2902c8
[0285.080] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0285.081] SendMessageW (hWnd=0x2f02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2f02da) returned 0x0
[0285.081] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x2210, wParam=0x2da0001, lParam=0x2f02da) returned 0x0
[0285.081] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0285.081] GetParent (hWnd=0x2f02da) returned 0x2902c8
[0285.081] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0285.081] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0285.082] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0285.082] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2902c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3200ea
[0285.082] SetWindowLongW (hWnd=0x3200ea, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0285.082] GetWindowLongW (hWnd=0x3200ea, nIndex=-4) returned 1868026976
[0285.082] SetWindowLongW (hWnd=0x3200ea, nIndex=-4, dwNewLong=19948934) returned 1868026976
[0285.082] GetWindowLongW (hWnd=0x3200ea, nIndex=-4) returned 19948934
[0285.082] GetWindowLongW (hWnd=0x3200ea, nIndex=-16) returned 1177553092
[0285.082] GetWindowLongW (hWnd=0x3200ea, nIndex=-12) returned 0
[0285.082] SetWindowLongW (hWnd=0x3200ea, nIndex=-12, dwNewLong=3277034) returned 0
[0285.083] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0285.084] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0285.084] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0285.101] GetWindow (hWnd=0x3200ea, uCmd=0x3) returned 0x2f02da
[0285.101] GetClientRect (in: hWnd=0x3200ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0285.101] GetWindowRect (in: hWnd=0x3200ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0285.101] GetParent (hWnd=0x3200ea) returned 0x2902c8
[0285.101] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0285.101] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.101] GetSystemMetrics (nIndex=42) returned 0
[0285.101] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0285.102] SendMessageW (hWnd=0x3200ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0285.102] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0285.106] SetWindowTextW (hWnd=0x3200ea, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0285.106] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0xc, wParam=0x0, lParam=0x2e538dc) returned 0x1
[0285.136] GetSystemMetrics (nIndex=5) returned 1
[0285.136] GetSystemMetrics (nIndex=6) returned 1
[0285.136] SendMessageW (hWnd=0x3200ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0285.136] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0285.137] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0285.137] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0285.137] GetClientRect (in: hWnd=0x3200ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0285.138] GetWindowRect (in: hWnd=0x3200ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0285.138] GetParent (hWnd=0x3200ea) returned 0x2902c8
[0285.138] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2902c8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0285.138] SendMessageW (hWnd=0x3200ea, Msg=0x2210, wParam=0xea0001, lParam=0x3200ea) returned 0x0
[0285.138] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x2210, wParam=0xea0001, lParam=0x3200ea) returned 0x0
[0285.138] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0285.139] GetParent (hWnd=0x3200ea) returned 0x2902c8
[0285.139] GetWindowLongW (hWnd=0x2902c8, nIndex=-8) returned 458844
[0285.139] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0285.139] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0285.139] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x960105d8
[0285.139] GetDeviceCaps (hdc=0x960105d8, index=12) returned 32
[0285.139] GetDeviceCaps (hdc=0x960105d8, index=14) returned 1
[0285.139] DeleteDC (hdc=0x960105d8) returned 1
[0285.139] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0285.139] GetWindowThreadProcessId (in: hWnd=0x2902c8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0285.139] GetCurrentThreadId () returned 0xf50
[0285.139] PostMessageW (hWnd=0x2902c8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0285.139] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.139] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.140] GetSystemMetrics (nIndex=42) returned 0
[0285.140] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.140] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0285.140] GdipImageGetFrameDimensionsCount (image=0x6651518, count=0xd7e25c) returned 0x0
[0285.140] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12017a8
[0285.140] GdipImageGetFrameDimensionsList (image=0x6651518, dimensionIDs=0x12017a8*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0285.140] LocalFree (hMem=0x12017a8) returned 0x0
[0285.140] GdipImageGetFrameDimensionsCount (image=0x66507f8, count=0xd7e250) returned 0x0
[0285.140] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201748
[0285.140] GdipImageGetFrameDimensionsList (image=0x66507f8, dimensionIDs=0x1201748*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0285.140] LocalFree (hMem=0x1201748) returned 0x0
[0285.140] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0285.140] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0285.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0285.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0285.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.152] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0285.152] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0285.152] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.152] GetSystemMetrics (nIndex=42) returned 0
[0285.152] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0285.152] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0285.152] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0285.152] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0285.152] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0xffffffff870507d0
[0285.153] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0285.153] SaveDC (hdc=0x60100ce) returned 1
[0285.153] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0285.153] CreateSolidBrush (color=0xf0f0f0) returned 0x241007e1
[0285.153] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0x241007e1) returned 1
[0285.153] DeleteObject (ho=0x241007e1) returned 1
[0285.153] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0285.156] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0285.157] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0285.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0285.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0285.157] GetStockObject (i=5) returned 0x900015
[0285.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0285.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0285.157] GetStockObject (i=5) returned 0x900015
[0285.158] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0285.158] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0285.158] GetStockObject (i=5) returned 0x900015
[0285.158] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0285.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0285.158] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0285.158] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0285.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.159] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0285.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0285.160] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0285.160] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0285.160] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.160] InvalidateRect (hWnd=0x3102d8, lpRect=0x0, bErase=0) returned 1
[0285.160] GetFocus () returned 0x2902c8
[0285.160] GetFocus () returned 0x2902c8
[0285.160] SetFocus (hWnd=0x3102d8) returned 0x2902c8
[0285.161] GetFocus () returned 0x3102d8
[0285.161] IsChild (hWndParent=0x2902c8, hWnd=0x3102d8) returned 1
[0285.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x8, wParam=0x3102d8, lParam=0x0) returned 0x0
[0285.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0285.163] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0285.165] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x7, wParam=0x2902c8, lParam=0x0) returned 0x0
[0285.165] GetStockObject (i=5) returned 0x900015
[0285.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0285.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0285.166] GetDlgItem (hDlg=0x2902c8, nIDDlgItem=3211992) returned 0x3102d8
[0285.166] SendMessageW (hWnd=0x3102d8, Msg=0x202b, wParam=0x3102d8, lParam=0xd7e0dc) returned 0x0
[0285.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x202b, wParam=0x3102d8, lParam=0xd7e0dc) returned 0x0
[0285.166] InvalidateRect (hWnd=0x3102d8, lpRect=0x0, bErase=0) returned 1
[0285.170] GetFocus () returned 0x3102d8
[0285.170] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.170] IsWindowUnicode (hWnd=0x2902c8) returned 1
[0285.170] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.170] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.170] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.170] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0285.170] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.170] IsWindowUnicode (hWnd=0x2902c8) returned 1
[0285.170] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.170] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.170] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.170] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.171] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.171] IsWindowUnicode (hWnd=0x2f02dc) returned 1
[0285.171] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.171] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.171] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.171] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.171] IsWindowUnicode (hWnd=0x602c4) returned 1
[0285.171] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.171] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.172] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0285.172] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0285.172] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.172] IsWindowUnicode (hWnd=0x2f02dc) returned 1
[0285.172] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.172] SetCursor (hCursor=0x10003) returned 0x10003
[0285.172] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.172] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.172] _TrackMouseEvent (in: lpEventTrack=0x2e59018 | out: lpEventTrack=0x2e59018) returned 1
[0285.172] SendMessageW (hWnd=0x2f02dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0285.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0285.172] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.173] GetKeyState (nVirtKey=1) returned 0
[0285.173] GetKeyState (nVirtKey=2) returned 0
[0285.173] GetKeyState (nVirtKey=4) returned 0
[0285.173] GetKeyState (nVirtKey=5) returned 0
[0285.173] GetKeyState (nVirtKey=6) returned 0
[0285.173] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.173] IsWindowUnicode (hWnd=0x2902c8) returned 1
[0285.173] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.173] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.173] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.173] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.174] IsWindowUnicode (hWnd=0x2902c8) returned 1
[0285.174] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.174] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.174] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.174] BeginPaint (in: hWnd=0x2902c8, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0285.174] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.174] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.174] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.175] GetSystemMetrics (nIndex=42) returned 0
[0285.175] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0285.175] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.175] EndPaint (hWnd=0x2902c8, lpPaint=0xd7e274) returned 1
[0285.175] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.175] IsWindowUnicode (hWnd=0x2402d0) returned 1
[0285.175] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.175] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.175] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.175] BeginPaint (in: hWnd=0x2402d0, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0285.175] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.175] CreateCompatibleDC (hdc=0x107b9) returned 0x4c010693
[0285.175] SelectObject (hdc=0x4c010693, h=0x4a0507fe) returned 0x85000f
[0285.176] GdipCreateFromHDC (hdc=0x4c010693, graphics=0xd7e2b0) returned 0x0
[0285.176] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.176] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0285.176] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0285.176] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0285.176] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e310) returned 0x0
[0285.176] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0285.176] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0285.176] LocalFree (hMem=0x11ee8d8) returned 0x0
[0285.176] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0285.176] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0285.176] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0285.176] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0285.176] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0285.176] GetWindowTextLengthW (hWnd=0x2402d0) returned 0
[0285.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0285.176] GetSystemMetrics (nIndex=42) returned 0
[0285.177] GetWindowTextW (in: hWnd=0x2402d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0285.177] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0285.177] GetClientRect (in: hWnd=0x2402d0, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0285.177] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0285.177] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0285.177] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0285.177] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0285.177] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e164) returned 0x0
[0285.177] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0285.177] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee910) returned 0x0
[0285.177] LocalFree (hMem=0x11ee910) returned 0x0
[0285.177] GdipCombineRegionRegion (region=0x66457e8, region2=0x66453f8, combineMode=0x1) returned 0x0
[0285.177] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.177] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0285.177] LocalFree (hMem=0x11eec58) returned 0x0
[0285.177] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0285.177] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0285.177] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0285.177] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0285.177] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0285.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0285.178] GetCurrentObject (hdc=0x4c010693, type=0x1) returned 0xb00017
[0285.178] GetCurrentObject (hdc=0x4c010693, type=0x2) returned 0x900010
[0285.178] GetCurrentObject (hdc=0x4c010693, type=0x7) returned 0x4a0507fe
[0285.178] GetCurrentObject (hdc=0x4c010693, type=0x6) returned 0x8a01c2
[0285.178] SaveDC (hdc=0x4c010693) returned 1
[0285.178] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x440407de
[0285.178] GetClipRgn (hdc=0x4c010693, hrgn=0x440407de) returned 0
[0285.178] SelectClipRgn (hdc=0x4c010693, hrgn=0xb5040807) returned 2
[0285.178] DeleteObject (ho=0x440407de) returned 1
[0285.178] DeleteObject (ho=0xb5040807) returned 1
[0285.178] OffsetViewportOrgEx (in: hdc=0x4c010693, x=0, y=0, lppt=0x2e59494 | out: lppt=0x2e59494) returned 1
[0285.178] GetNearestColor (hdc=0x4c010693, color=0xf0f0f0) returned 0xf0f0f0
[0285.178] CreateSolidBrush (color=0xf0f0f0) returned 0x251007e1
[0285.178] FillRect (hDC=0x4c010693, lprc=0xd7e198, hbr=0x251007e1) returned 1
[0285.178] DeleteObject (ho=0x251007e1) returned 1
[0285.178] RestoreDC (hdc=0x4c010693, nSavedDC=-1) returned 1
[0285.179] GdipReleaseDC (graphics=0x6600030, hdc=0x4c010693) returned 0x0
[0285.179] GdipRestoreGraphics (graphics=0x6600030, state=0xf67c0dbd) returned 0x0
[0285.179] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0285.179] GetWindowTextLengthW (hWnd=0x2402d0) returned 0
[0285.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0285.179] GetSystemMetrics (nIndex=42) returned 0
[0285.179] GetWindowTextW (in: hWnd=0x2402d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0285.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0285.179] GdipGetImageWidth (image=0x6651518, width=0xd7e1e0) returned 0x0
[0285.179] GdipGetImageHeight (image=0x6651518, height=0xd7e1e0) returned 0x0
[0285.179] GdipGetImageWidth (image=0x6651518, width=0xd7e1cc) returned 0x0
[0285.179] GdipGetImageHeight (image=0x6651518, height=0xd7e1cc) returned 0x0
[0285.179] GdipDrawImageRectI (graphics=0x6600030, image=0x6651518, x=16, y=16, width=32, height=32) returned 0x0
[0285.179] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0285.179] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0x4c010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.179] GdipReleaseDC (graphics=0x6600030, hdc=0x4c010693) returned 0x0
[0285.179] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.179] SelectObject (hdc=0x4c010693, h=0x85000f) returned 0x4a0507fe
[0285.180] DeleteDC (hdc=0x4c010693) returned 1
[0285.180] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.180] EndPaint (hWnd=0x2402d0, lpPaint=0xd7e294) returned 1
[0285.180] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.180] IsWindowUnicode (hWnd=0x2f02de) returned 1
[0285.180] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.180] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.180] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.180] BeginPaint (in: hWnd=0x2f02de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0285.180] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.180] CreateCompatibleDC (hdc=0x10105d6) returned 0x4e010693
[0285.180] GetObjectType (h=0x10105d6) returned 0x3
[0285.180] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0xffffffffbc0507eb
[0285.181] GetDIBits (in: hdc=0x10105d6, hbm=0xbc0507eb, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0285.181] GetDIBits (in: hdc=0x10105d6, hbm=0xbc0507eb, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0285.181] DeleteObject (ho=0xbc0507eb) returned 1
[0285.181] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x9f0505d8
[0285.181] SelectObject (hdc=0x4e010693, h=0x9f0505d8) returned 0x85000f
[0285.181] GdipCreateFromHDC (hdc=0x4e010693, graphics=0xd7e234) returned 0x0
[0285.181] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.181] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0285.181] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0285.181] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0285.181] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2d4) returned 0x0
[0285.182] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.182] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0285.182] LocalFree (hMem=0x11ee788) returned 0x0
[0285.182] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0285.182] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0285.182] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0285.182] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0285.182] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0285.182] GetWindowTextLengthW (hWnd=0x2f02de) returned 232
[0285.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0285.182] GetSystemMetrics (nIndex=42) returned 0
[0285.182] GetWindowTextW (in: hWnd=0x2f02de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0285.182] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0285.182] GetClientRect (in: hWnd=0x2f02de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0285.182] GdipCreateRegion (region=0xd7e110) returned 0x0
[0285.182] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0285.182] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0285.182] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0285.182] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e128) returned 0x0
[0285.182] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.182] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0285.182] LocalFree (hMem=0x11eec58) returned 0x0
[0285.183] GdipCombineRegionRegion (region=0x6645cf8, region2=0x6645c68, combineMode=0x1) returned 0x0
[0285.183] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0285.183] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0285.183] LocalFree (hMem=0x11eecc8) returned 0x0
[0285.183] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0285.183] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0285.183] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0285.183] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0285.183] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0285.183] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0285.183] GetCurrentObject (hdc=0x4e010693, type=0x1) returned 0xb00017
[0285.183] GetCurrentObject (hdc=0x4e010693, type=0x2) returned 0x900010
[0285.183] GetCurrentObject (hdc=0x4e010693, type=0x7) returned 0xffffffff9f0505d8
[0285.183] GetCurrentObject (hdc=0x4e010693, type=0x6) returned 0x8a01c2
[0285.183] SaveDC (hdc=0x4e010693) returned 1
[0285.183] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb6040807
[0285.183] GetClipRgn (hdc=0x4e010693, hrgn=0xb6040807) returned 0
[0285.183] SelectClipRgn (hdc=0x4e010693, hrgn=0x450407de) returned 2
[0285.183] DeleteObject (ho=0xb6040807) returned 1
[0285.184] DeleteObject (ho=0x450407de) returned 1
[0285.184] OffsetViewportOrgEx (in: hdc=0x4e010693, x=0, y=0, lppt=0x2e5ae5c | out: lppt=0x2e5ae5c) returned 1
[0285.184] GetNearestColor (hdc=0x4e010693, color=0xf0f0f0) returned 0xf0f0f0
[0285.184] CreateSolidBrush (color=0xf0f0f0) returned 0x261007e1
[0285.184] FillRect (hDC=0x4e010693, lprc=0xd7e15c, hbr=0x261007e1) returned 1
[0285.189] DeleteObject (ho=0x261007e1) returned 1
[0285.190] RestoreDC (hdc=0x4e010693, nSavedDC=-1) returned 1
[0285.190] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010693) returned 0x0
[0285.190] GdipRestoreGraphics (graphics=0x6600030, state=0xf67a0dbd) returned 0x0
[0285.190] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0285.190] GetWindowTextLengthW (hWnd=0x2f02de) returned 232
[0285.190] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0285.190] GetSystemMetrics (nIndex=42) returned 0
[0285.190] GetWindowTextW (in: hWnd=0x2f02de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0285.190] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0285.190] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0285.190] GetCurrentObject (hdc=0x4e010693, type=0x1) returned 0xb00017
[0285.190] GetCurrentObject (hdc=0x4e010693, type=0x2) returned 0x900010
[0285.190] GetCurrentObject (hdc=0x4e010693, type=0x7) returned 0xffffffff9f0505d8
[0285.190] GetCurrentObject (hdc=0x4e010693, type=0x6) returned 0x8a01c2
[0285.190] SaveDC (hdc=0x4e010693) returned 1
[0285.190] GetNearestColor (hdc=0x4e010693, color=0x0) returned 0x0
[0285.190] RestoreDC (hdc=0x4e010693, nSavedDC=-1) returned 1
[0285.191] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010693) returned 0x0
[0285.191] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0285.191] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0285.191] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e5b658 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0285.192] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0285.192] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0285.192] GetCurrentObject (hdc=0x4e010693, type=0x1) returned 0xb00017
[0285.192] GetCurrentObject (hdc=0x4e010693, type=0x2) returned 0x900010
[0285.192] GetCurrentObject (hdc=0x4e010693, type=0x7) returned 0xffffffff9f0505d8
[0285.192] GetCurrentObject (hdc=0x4e010693, type=0x6) returned 0x8a01c2
[0285.192] SaveDC (hdc=0x4e010693) returned 1
[0285.192] GetTextAlign (hdc=0x4e010693) returned 0x0
[0285.192] GetTextColor (hdc=0x4e010693) returned 0x0
[0285.192] GetCurrentObject (hdc=0x4e010693, type=0x6) returned 0x8a01c2
[0285.192] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0285.192] SelectObject (hdc=0x4e010693, h=0x6d0a0520) returned 0x8a01c2
[0285.192] GetBkMode (hdc=0x4e010693) returned 2
[0285.192] SetBkMode (hdc=0x4e010693, mode=1) returned 2
[0285.192] DrawTextExW (in: hdc=0x4e010693, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e5b87c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0285.195] RestoreDC (hdc=0x4e010693, nSavedDC=-1) returned 1
[0285.195] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010693) returned 0x0
[0285.195] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0285.195] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0x4e010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.195] GdipReleaseDC (graphics=0x6600030, hdc=0x4e010693) returned 0x0
[0285.195] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.196] SelectObject (hdc=0x4e010693, h=0x85000f) returned 0x9f0505d8
[0285.196] DeleteDC (hdc=0x4e010693) returned 1
[0285.196] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.196] DeleteObject (ho=0x9f0505d8) returned 1
[0285.196] EndPaint (hWnd=0x2f02de, lpPaint=0xd7e258) returned 1
[0285.196] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.197] IsWindowUnicode (hWnd=0x3102d8) returned 1
[0285.197] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.197] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.197] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.197] BeginPaint (in: hWnd=0x3102d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0285.197] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.197] CreateCompatibleDC (hdc=0xc0107c5) returned 0xbe0107eb
[0285.197] SelectObject (hdc=0xbe0107eb, h=0x4a0507fe) returned 0x85000f
[0285.197] GdipCreateFromHDC (hdc=0xbe0107eb, graphics=0xd7e268) returned 0x0
[0285.197] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.197] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0285.197] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0285.197] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0285.198] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0285.198] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0285.198] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eea28) returned 0x0
[0285.198] LocalFree (hMem=0x11eea28) returned 0x0
[0285.198] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0285.198] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0285.198] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0285.198] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0285.198] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0285.198] GdipRestoreGraphics (graphics=0x6600030, state=0xf6780dbd) returned 0x0
[0285.198] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0285.198] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0285.198] GetCurrentObject (hdc=0xbe0107eb, type=0x1) returned 0xb00017
[0285.198] GetCurrentObject (hdc=0xbe0107eb, type=0x2) returned 0x900010
[0285.198] GetCurrentObject (hdc=0xbe0107eb, type=0x7) returned 0x4a0507fe
[0285.198] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.198] SaveDC (hdc=0xbe0107eb) returned 1
[0285.198] GetNearestColor (hdc=0xbe0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0285.198] GetNearestColor (hdc=0xbe0107eb, color=0xa0a0a0) returned 0xa0a0a0
[0285.199] GetNearestColor (hdc=0xbe0107eb, color=0x696969) returned 0x696969
[0285.199] GetNearestColor (hdc=0xbe0107eb, color=0xa0a0a0) returned 0xa0a0a0
[0285.199] GetNearestColor (hdc=0xbe0107eb, color=0x0) returned 0x0
[0285.199] GetNearestColor (hdc=0xbe0107eb, color=0xffffff) returned 0xffffff
[0285.199] GetNearestColor (hdc=0xbe0107eb, color=0xe5e5e5) returned 0xe5e5e5
[0285.199] GetNearestColor (hdc=0xbe0107eb, color=0xd7d7d7) returned 0xd7d7d7
[0285.199] GetNearestColor (hdc=0xbe0107eb, color=0x0) returned 0x0
[0285.199] RestoreDC (hdc=0xbe0107eb, nSavedDC=-1) returned 1
[0285.199] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107eb) returned 0x0
[0285.199] IsAppThemed () returned 0x1
[0285.199] GetThemeAppProperties () returned 0x3
[0285.199] GetThemeAppProperties () returned 0x3
[0285.199] GdipGetImageWidth (image=0x66507f8, width=0xd7e168) returned 0x0
[0285.199] GdipGetImageHeight (image=0x66507f8, height=0xd7e168) returned 0x0
[0285.199] IsAppThemed () returned 0x1
[0285.199] GetThemeAppProperties () returned 0x3
[0285.199] GetThemeAppProperties () returned 0x3
[0285.199] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e5bfcc | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0285.200] IsAppThemed () returned 0x1
[0285.200] GetThemeAppProperties () returned 0x3
[0285.200] GetThemeAppProperties () returned 0x3
[0285.200] IsAppThemed () returned 0x1
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] GetFocus () returned 0x3102d8
[0285.243] IsAppThemed () returned 0x1
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] IsAppThemed () returned 0x1
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] IsThemePartDefined () returned 0x1
[0285.243] IsAppThemed () returned 0x1
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] GetThemeAppProperties () returned 0x3
[0285.243] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0285.243] IsAppThemed () returned 0x1
[0285.244] GetThemeAppProperties () returned 0x3
[0285.244] GetThemeAppProperties () returned 0x3
[0285.244] IsAppThemed () returned 0x1
[0285.244] GetThemeAppProperties () returned 0x3
[0285.244] GetThemeAppProperties () returned 0x3
[0285.244] IsThemePartDefined () returned 0x1
[0285.244] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0285.244] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0285.244] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0285.244] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0285.244] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0285.244] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.244] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0285.244] LocalFree (hMem=0x11ee788) returned 0x0
[0285.244] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0285.244] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0285.244] LocalFree (hMem=0x11ee868) returned 0x0
[0285.244] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0285.244] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0285.245] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0285.245] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0285.245] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0285.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0285.245] GetCurrentObject (hdc=0xbe0107eb, type=0x1) returned 0xb00017
[0285.245] GetCurrentObject (hdc=0xbe0107eb, type=0x2) returned 0x900010
[0285.245] GetCurrentObject (hdc=0xbe0107eb, type=0x7) returned 0x4a0507fe
[0285.245] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.245] SaveDC (hdc=0xbe0107eb) returned 1
[0285.245] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x460407de
[0285.245] GetClipRgn (hdc=0xbe0107eb, hrgn=0x460407de) returned 0
[0285.245] SelectClipRgn (hdc=0xbe0107eb, hrgn=0xba040807) returned 2
[0285.245] DeleteObject (ho=0x460407de) returned 1
[0285.245] DeleteObject (ho=0xba040807) returned 1
[0285.245] OffsetViewportOrgEx (in: hdc=0xbe0107eb, x=0, y=0, lppt=0x2e5c67c | out: lppt=0x2e5c67c) returned 1
[0285.246] DrawThemeParentBackground () returned 0x0
[0285.246] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0285.246] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0285.246] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.246] GetSystemMetrics (nIndex=42) returned 0
[0285.246] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.246] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0285.246] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0285.246] GetCurrentObject (hdc=0xbe0107eb, type=0x1) returned 0xb00017
[0285.246] GetCurrentObject (hdc=0xbe0107eb, type=0x2) returned 0x900010
[0285.246] GetCurrentObject (hdc=0xbe0107eb, type=0x7) returned 0x4a0507fe
[0285.246] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.246] SaveDC (hdc=0xbe0107eb) returned 2
[0285.246] GetNearestColor (hdc=0xbe0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0285.247] CreateSolidBrush (color=0xf0f0f0) returned 0x271007e1
[0285.247] FillRect (hDC=0xbe0107eb, lprc=0xd7da38, hbr=0x271007e1) returned 1
[0285.247] DeleteObject (ho=0x271007e1) returned 1
[0285.247] RestoreDC (hdc=0xbe0107eb, nSavedDC=-1) returned 1
[0285.251] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.251] GetSystemMetrics (nIndex=42) returned 0
[0285.251] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0285.251] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0285.251] GetCurrentObject (hdc=0xbe0107eb, type=0x1) returned 0xb00017
[0285.252] GetCurrentObject (hdc=0xbe0107eb, type=0x2) returned 0x900010
[0285.252] GetCurrentObject (hdc=0xbe0107eb, type=0x7) returned 0x4a0507fe
[0285.252] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.252] SaveDC (hdc=0xbe0107eb) returned 2
[0285.252] GetNearestColor (hdc=0xbe0107eb, color=0xf0f0f0) returned 0xf0f0f0
[0285.252] CreateSolidBrush (color=0xf0f0f0) returned 0x281007e1
[0285.252] FillRect (hDC=0xbe0107eb, lprc=0xd7d9d8, hbr=0x281007e1) returned 1
[0285.252] DeleteObject (ho=0x281007e1) returned 1
[0285.252] RestoreDC (hdc=0xbe0107eb, nSavedDC=-1) returned 1
[0285.252] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.252] GetSystemMetrics (nIndex=42) returned 0
[0285.252] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0285.252] RestoreDC (hdc=0xbe0107eb, nSavedDC=-1) returned 1
[0285.253] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107eb) returned 0x0
[0285.253] IsAppThemed () returned 0x1
[0285.253] GetThemeAppProperties () returned 0x3
[0285.253] GetThemeAppProperties () returned 0x3
[0285.253] IsAppThemed () returned 0x1
[0285.253] GetThemeAppProperties () returned 0x3
[0285.253] GetThemeAppProperties () returned 0x3
[0285.253] IsThemePartDefined () returned 0x1
[0285.253] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0285.253] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0285.253] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0285.253] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0285.253] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0285.253] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0285.253] LocalFree (hMem=0x11ee788) returned 0x0
[0285.253] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0285.253] LocalFree (hMem=0x11eea28) returned 0x0
[0285.253] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0285.254] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0285.254] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0285.254] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0285.254] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0285.254] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0285.254] GetCurrentObject (hdc=0xbe0107eb, type=0x1) returned 0xb00017
[0285.254] GetCurrentObject (hdc=0xbe0107eb, type=0x2) returned 0x900010
[0285.254] GetCurrentObject (hdc=0xbe0107eb, type=0x7) returned 0x4a0507fe
[0285.254] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.254] SaveDC (hdc=0xbe0107eb) returned 1
[0285.254] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbb040807
[0285.254] GetClipRgn (hdc=0xbe0107eb, hrgn=0xbb040807) returned 0
[0285.254] SelectClipRgn (hdc=0xbe0107eb, hrgn=0x480407de) returned 2
[0285.254] DeleteObject (ho=0xbb040807) returned 1
[0285.254] DeleteObject (ho=0x480407de) returned 1
[0285.254] OffsetViewportOrgEx (in: hdc=0xbe0107eb, x=0, y=0, lppt=0x2e5cf28 | out: lppt=0x2e5cf28) returned 1
[0285.254] IsAppThemed () returned 0x1
[0285.255] GetThemeAppProperties () returned 0x3
[0285.255] GetThemeAppProperties () returned 0x3
[0285.255] DrawThemeBackground () returned 0x0
[0285.255] RestoreDC (hdc=0xbe0107eb, nSavedDC=-1) returned 1
[0285.255] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107eb) returned 0x0
[0285.255] GdipCreateRegion (region=0xd7df60) returned 0x0
[0285.255] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0285.255] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0285.255] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0285.255] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0285.255] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0285.255] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea28) returned 0x0
[0285.255] LocalFree (hMem=0x11eea28) returned 0x0
[0285.255] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0285.255] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0285.255] LocalFree (hMem=0x11ee8d8) returned 0x0
[0285.255] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0285.255] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0285.256] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0285.256] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0285.256] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0285.256] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0285.256] GetCurrentObject (hdc=0xbe0107eb, type=0x1) returned 0xb00017
[0285.256] GetCurrentObject (hdc=0xbe0107eb, type=0x2) returned 0x900010
[0285.256] GetCurrentObject (hdc=0xbe0107eb, type=0x7) returned 0x4a0507fe
[0285.256] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.256] SaveDC (hdc=0xbe0107eb) returned 1
[0285.256] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x490407de
[0285.256] GetClipRgn (hdc=0xbe0107eb, hrgn=0x490407de) returned 0
[0285.256] SelectClipRgn (hdc=0xbe0107eb, hrgn=0xbc040807) returned 2
[0285.256] DeleteObject (ho=0x490407de) returned 1
[0285.256] DeleteObject (ho=0xbc040807) returned 1
[0285.256] OffsetViewportOrgEx (in: hdc=0xbe0107eb, x=0, y=0, lppt=0x2e5d1fc | out: lppt=0x2e5d1fc) returned 1
[0285.256] IsAppThemed () returned 0x1
[0285.257] GetThemeAppProperties () returned 0x3
[0285.257] GetThemeAppProperties () returned 0x3
[0285.257] GetThemeBackgroundContentRect () returned 0x0
[0285.257] RestoreDC (hdc=0xbe0107eb, nSavedDC=-1) returned 1
[0285.257] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107eb) returned 0x0
[0285.257] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0285.257] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0285.257] GdipCloneRegion (region=0x6645908, cloneRegion=0xd7e150) returned 0x0
[0285.257] GdipCombineRegionRectI (region=0x6645998, rect=0xd7e138, combineMode=0x1) returned 0x0
[0285.257] GdipCombineRegionRectI (region=0x6645998, rect=0xd7e138, combineMode=0x1) returned 0x0
[0285.257] GdipSetClipRegion (graphics=0x6600030, region=0x6645998, combineMode=0x0) returned 0x0
[0285.257] GdipGetImageWidth (image=0x66507f8, width=0xd7e154) returned 0x0
[0285.257] GdipGetImageHeight (image=0x66507f8, height=0xd7e148) returned 0x0
[0285.257] GdipDrawImageRectI (graphics=0x6600030, image=0x66507f8, x=4, y=4, width=16, height=16) returned 0x0
[0285.257] GdipSetClipRegion (graphics=0x6600030, region=0x6645908, combineMode=0x0) returned 0x0
[0285.257] IsAppThemed () returned 0x1
[0285.257] GetThemeAppProperties () returned 0x3
[0285.257] GetThemeAppProperties () returned 0x3
[0285.258] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0285.258] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0285.258] GetCurrentObject (hdc=0xbe0107eb, type=0x1) returned 0xb00017
[0285.258] GetCurrentObject (hdc=0xbe0107eb, type=0x2) returned 0x900010
[0285.258] GetCurrentObject (hdc=0xbe0107eb, type=0x7) returned 0x4a0507fe
[0285.258] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.258] SaveDC (hdc=0xbe0107eb) returned 1
[0285.258] GetTextAlign (hdc=0xbe0107eb) returned 0x0
[0285.258] GetTextColor (hdc=0xbe0107eb) returned 0x0
[0285.258] GetCurrentObject (hdc=0xbe0107eb, type=0x6) returned 0x8a01c2
[0285.258] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0285.258] SelectObject (hdc=0xbe0107eb, h=0x6d0a0520) returned 0x8a01c2
[0285.258] GetBkMode (hdc=0xbe0107eb) returned 2
[0285.258] SetBkMode (hdc=0xbe0107eb, mode=1) returned 2
[0285.259] DrawTextExW (in: hdc=0xbe0107eb, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e5d5bc | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0285.259] DrawTextExW (in: hdc=0xbe0107eb, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e5d5bc | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0285.259] RestoreDC (hdc=0xbe0107eb, nSavedDC=-1) returned 1
[0285.259] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107eb) returned 0x0
[0285.259] GetFocus () returned 0x3102d8
[0285.259] IsAppThemed () returned 0x1
[0285.259] GetThemeAppProperties () returned 0x3
[0285.259] GetThemeAppProperties () returned 0x3
[0285.259] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0285.260] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xbe0107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.260] GdipReleaseDC (graphics=0x6600030, hdc=0xbe0107eb) returned 0x0
[0285.260] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.260] SelectObject (hdc=0xbe0107eb, h=0x85000f) returned 0x4a0507fe
[0285.260] DeleteDC (hdc=0xbe0107eb) returned 1
[0285.260] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.260] EndPaint (hWnd=0x3102d8, lpPaint=0xd7e24c) returned 1
[0285.260] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0285.261] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.261] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0285.262] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.262] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.265] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0285.267] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.267] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.267] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.267] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.268] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.268] IsWindowUnicode (hWnd=0x2f02dc) returned 1
[0285.268] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.268] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.268] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.269] BeginPaint (in: hWnd=0x2f02dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0285.269] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.269] CreateCompatibleDC (hdc=0x107b9) returned 0x7f0107ec
[0285.269] SelectObject (hdc=0x7f0107ec, h=0x4a0507fe) returned 0x85000f
[0285.269] GdipCreateFromHDC (hdc=0x7f0107ec, graphics=0xd7e268) returned 0x0
[0285.269] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.269] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0285.269] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0285.269] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0285.269] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0285.269] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.269] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0285.270] LocalFree (hMem=0x11ee788) returned 0x0
[0285.270] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0285.270] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0285.270] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0285.270] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0285.270] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0285.270] GdipRestoreGraphics (graphics=0x6600030, state=0xf6760dbd) returned 0x0
[0285.270] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0285.270] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0285.270] GetCurrentObject (hdc=0x7f0107ec, type=0x1) returned 0xb00017
[0285.270] GetCurrentObject (hdc=0x7f0107ec, type=0x2) returned 0x900010
[0285.270] GetCurrentObject (hdc=0x7f0107ec, type=0x7) returned 0x4a0507fe
[0285.270] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.270] SaveDC (hdc=0x7f0107ec) returned 1
[0285.270] GetNearestColor (hdc=0x7f0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0285.270] GetNearestColor (hdc=0x7f0107ec, color=0xa0a0a0) returned 0xa0a0a0
[0285.271] GetNearestColor (hdc=0x7f0107ec, color=0x696969) returned 0x696969
[0285.271] GetNearestColor (hdc=0x7f0107ec, color=0xa0a0a0) returned 0xa0a0a0
[0285.271] GetNearestColor (hdc=0x7f0107ec, color=0x0) returned 0x0
[0285.271] GetNearestColor (hdc=0x7f0107ec, color=0xffffff) returned 0xffffff
[0285.271] GetNearestColor (hdc=0x7f0107ec, color=0xe5e5e5) returned 0xe5e5e5
[0285.271] GetNearestColor (hdc=0x7f0107ec, color=0xd7d7d7) returned 0xd7d7d7
[0285.271] GetNearestColor (hdc=0x7f0107ec, color=0x0) returned 0x0
[0285.271] RestoreDC (hdc=0x7f0107ec, nSavedDC=-1) returned 1
[0285.271] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107ec) returned 0x0
[0285.271] IsAppThemed () returned 0x1
[0285.271] GetThemeAppProperties () returned 0x3
[0285.271] GetThemeAppProperties () returned 0x3
[0285.271] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0285.271] SendMessageW (hWnd=0x2902c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0285.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0285.271] IsAppThemed () returned 0x1
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e5ddcc | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0285.272] IsAppThemed () returned 0x1
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] IsAppThemed () returned 0x1
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] IsAppThemed () returned 0x1
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] IsAppThemed () returned 0x1
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] GetThemeAppProperties () returned 0x3
[0285.272] IsThemePartDefined () returned 0x1
[0285.272] IsAppThemed () returned 0x1
[0285.273] GetThemeAppProperties () returned 0x3
[0285.273] GetThemeAppProperties () returned 0x3
[0285.273] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0285.273] IsAppThemed () returned 0x1
[0285.273] GetThemeAppProperties () returned 0x3
[0285.273] GetThemeAppProperties () returned 0x3
[0285.273] IsAppThemed () returned 0x1
[0285.273] GetThemeAppProperties () returned 0x3
[0285.273] GetThemeAppProperties () returned 0x3
[0285.273] IsThemePartDefined () returned 0x1
[0285.273] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0285.273] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0285.273] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0285.273] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0285.273] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dfe4) returned 0x0
[0285.273] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.273] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0285.273] LocalFree (hMem=0x11eec58) returned 0x0
[0285.273] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0285.273] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea60) returned 0x0
[0285.273] LocalFree (hMem=0x11eea60) returned 0x0
[0285.274] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0285.274] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0285.274] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0285.274] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0285.274] GdipDeleteRegion (region=0x6645098) returned 0x0
[0285.274] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0285.274] GetCurrentObject (hdc=0x7f0107ec, type=0x1) returned 0xb00017
[0285.274] GetCurrentObject (hdc=0x7f0107ec, type=0x2) returned 0x900010
[0285.274] GetCurrentObject (hdc=0x7f0107ec, type=0x7) returned 0x4a0507fe
[0285.274] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.274] SaveDC (hdc=0x7f0107ec) returned 1
[0285.274] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbd040807
[0285.274] GetClipRgn (hdc=0x7f0107ec, hrgn=0xbd040807) returned 0
[0285.274] SelectClipRgn (hdc=0x7f0107ec, hrgn=0x4d0407de) returned 2
[0285.274] DeleteObject (ho=0xbd040807) returned 1
[0285.274] DeleteObject (ho=0x4d0407de) returned 1
[0285.274] OffsetViewportOrgEx (in: hdc=0x7f0107ec, x=0, y=0, lppt=0x2e5e47c | out: lppt=0x2e5e47c) returned 1
[0285.275] DrawThemeParentBackground () returned 0x0
[0285.275] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0285.275] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0285.275] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.275] GetSystemMetrics (nIndex=42) returned 0
[0285.275] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0285.275] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0285.275] GetCurrentObject (hdc=0x7f0107ec, type=0x1) returned 0xb00017
[0285.275] GetCurrentObject (hdc=0x7f0107ec, type=0x2) returned 0x900010
[0285.275] GetCurrentObject (hdc=0x7f0107ec, type=0x7) returned 0x4a0507fe
[0285.275] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.275] SaveDC (hdc=0x7f0107ec) returned 2
[0285.275] GetNearestColor (hdc=0x7f0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0285.276] CreateSolidBrush (color=0xf0f0f0) returned 0x291007e1
[0285.276] FillRect (hDC=0x7f0107ec, lprc=0xd7da30, hbr=0x291007e1) returned 1
[0285.276] DeleteObject (ho=0x291007e1) returned 1
[0285.276] RestoreDC (hdc=0x7f0107ec, nSavedDC=-1) returned 1
[0285.276] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.276] GetSystemMetrics (nIndex=42) returned 0
[0285.276] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0285.276] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0285.276] GetCurrentObject (hdc=0x7f0107ec, type=0x1) returned 0xb00017
[0285.276] GetCurrentObject (hdc=0x7f0107ec, type=0x2) returned 0x900010
[0285.276] GetCurrentObject (hdc=0x7f0107ec, type=0x7) returned 0x4a0507fe
[0285.276] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.276] SaveDC (hdc=0x7f0107ec) returned 2
[0285.276] GetNearestColor (hdc=0x7f0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0285.277] CreateSolidBrush (color=0xf0f0f0) returned 0x2a1007e1
[0285.277] FillRect (hDC=0x7f0107ec, lprc=0xd7d9d0, hbr=0x2a1007e1) returned 1
[0285.277] DeleteObject (ho=0x2a1007e1) returned 1
[0285.277] RestoreDC (hdc=0x7f0107ec, nSavedDC=-1) returned 1
[0285.277] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.277] GetSystemMetrics (nIndex=42) returned 0
[0285.277] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0285.277] RestoreDC (hdc=0x7f0107ec, nSavedDC=-1) returned 1
[0285.277] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107ec) returned 0x0
[0285.277] IsAppThemed () returned 0x1
[0285.277] GetThemeAppProperties () returned 0x3
[0285.277] GetThemeAppProperties () returned 0x3
[0285.277] IsAppThemed () returned 0x1
[0285.278] GetThemeAppProperties () returned 0x3
[0285.278] GetThemeAppProperties () returned 0x3
[0285.278] IsThemePartDefined () returned 0x1
[0285.278] GdipCreateRegion (region=0xd7df50) returned 0x0
[0285.278] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0285.278] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0285.278] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0285.278] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df68) returned 0x0
[0285.278] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.278] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0285.284] LocalFree (hMem=0x11ee788) returned 0x0
[0285.284] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.284] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0285.284] LocalFree (hMem=0x11eec58) returned 0x0
[0285.284] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0285.284] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0285.284] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0285.284] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0285.284] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0285.285] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0285.285] GetCurrentObject (hdc=0x7f0107ec, type=0x1) returned 0xb00017
[0285.285] GetCurrentObject (hdc=0x7f0107ec, type=0x2) returned 0x900010
[0285.285] GetCurrentObject (hdc=0x7f0107ec, type=0x7) returned 0x4a0507fe
[0285.285] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.285] SaveDC (hdc=0x7f0107ec) returned 1
[0285.285] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4e0407de
[0285.285] GetClipRgn (hdc=0x7f0107ec, hrgn=0x4e0407de) returned 0
[0285.285] SelectClipRgn (hdc=0x7f0107ec, hrgn=0xbf040807) returned 2
[0285.285] DeleteObject (ho=0x4e0407de) returned 1
[0285.285] DeleteObject (ho=0xbf040807) returned 1
[0285.285] OffsetViewportOrgEx (in: hdc=0x7f0107ec, x=0, y=0, lppt=0x2e5ed28 | out: lppt=0x2e5ed28) returned 1
[0285.285] IsAppThemed () returned 0x1
[0285.285] GetThemeAppProperties () returned 0x3
[0285.286] GetThemeAppProperties () returned 0x3
[0285.286] DrawThemeBackground () returned 0x0
[0285.287] RestoreDC (hdc=0x7f0107ec, nSavedDC=-1) returned 1
[0285.287] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107ec) returned 0x0
[0285.287] GdipCreateRegion (region=0xd7df54) returned 0x0
[0285.287] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0285.287] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0285.287] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0285.287] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df6c) returned 0x0
[0285.287] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0285.287] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee910) returned 0x0
[0285.287] LocalFree (hMem=0x11ee910) returned 0x0
[0285.287] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.287] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0285.287] LocalFree (hMem=0x11eec58) returned 0x0
[0285.287] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0285.287] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0285.287] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0285.287] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0285.287] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0285.288] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0285.288] GetCurrentObject (hdc=0x7f0107ec, type=0x1) returned 0xb00017
[0285.288] GetCurrentObject (hdc=0x7f0107ec, type=0x2) returned 0x900010
[0285.288] GetCurrentObject (hdc=0x7f0107ec, type=0x7) returned 0x4a0507fe
[0285.288] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.288] SaveDC (hdc=0x7f0107ec) returned 1
[0285.288] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc0040807
[0285.288] GetClipRgn (hdc=0x7f0107ec, hrgn=0xc0040807) returned 0
[0285.288] SelectClipRgn (hdc=0x7f0107ec, hrgn=0x4f0407de) returned 2
[0285.288] DeleteObject (ho=0xc0040807) returned 1
[0285.288] DeleteObject (ho=0x4f0407de) returned 1
[0285.288] OffsetViewportOrgEx (in: hdc=0x7f0107ec, x=0, y=0, lppt=0x2e5effc | out: lppt=0x2e5effc) returned 1
[0285.288] IsAppThemed () returned 0x1
[0285.288] GetThemeAppProperties () returned 0x3
[0285.288] GetThemeAppProperties () returned 0x3
[0285.288] GetThemeBackgroundContentRect () returned 0x0
[0285.288] RestoreDC (hdc=0x7f0107ec, nSavedDC=-1) returned 1
[0285.289] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107ec) returned 0x0
[0285.289] IsAppThemed () returned 0x1
[0285.289] GetThemeAppProperties () returned 0x3
[0285.289] GetThemeAppProperties () returned 0x3
[0285.289] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0285.289] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0285.289] GetCurrentObject (hdc=0x7f0107ec, type=0x1) returned 0xb00017
[0285.289] GetCurrentObject (hdc=0x7f0107ec, type=0x2) returned 0x900010
[0285.289] GetCurrentObject (hdc=0x7f0107ec, type=0x7) returned 0x4a0507fe
[0285.289] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.289] SaveDC (hdc=0x7f0107ec) returned 1
[0285.289] GetTextAlign (hdc=0x7f0107ec) returned 0x0
[0285.289] GetTextColor (hdc=0x7f0107ec) returned 0x0
[0285.289] GetCurrentObject (hdc=0x7f0107ec, type=0x6) returned 0x8a01c2
[0285.289] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0285.290] SelectObject (hdc=0x7f0107ec, h=0x6d0a0520) returned 0x8a01c2
[0285.290] GetBkMode (hdc=0x7f0107ec) returned 2
[0285.290] SetBkMode (hdc=0x7f0107ec, mode=1) returned 2
[0285.290] DrawTextExW (in: hdc=0x7f0107ec, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e5f39c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0285.290] DrawTextExW (in: hdc=0x7f0107ec, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e5f39c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0285.290] RestoreDC (hdc=0x7f0107ec, nSavedDC=-1) returned 1
[0285.290] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107ec) returned 0x0
[0285.290] GetFocus () returned 0x3102d8
[0285.291] IsAppThemed () returned 0x1
[0285.291] GetThemeAppProperties () returned 0x3
[0285.291] GetThemeAppProperties () returned 0x3
[0285.291] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0285.291] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x7f0107ec, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.291] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107ec) returned 0x0
[0285.291] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.291] SelectObject (hdc=0x7f0107ec, h=0x85000f) returned 0x4a0507fe
[0285.291] DeleteDC (hdc=0x7f0107ec) returned 1
[0285.291] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.291] EndPaint (hWnd=0x2f02dc, lpPaint=0xd7e24c) returned 1
[0285.291] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.292] IsWindowUnicode (hWnd=0x2f02da) returned 1
[0285.292] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.292] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.292] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.292] BeginPaint (in: hWnd=0x2f02da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0285.292] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.292] CreateCompatibleDC (hdc=0x10105d6) returned 0x810107ec
[0285.292] SelectObject (hdc=0x810107ec, h=0x4a0507fe) returned 0x85000f
[0285.292] GdipCreateFromHDC (hdc=0x810107ec, graphics=0xd7e268) returned 0x0
[0285.292] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.292] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0285.292] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0285.293] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0285.293] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0285.293] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0285.293] LocalFree (hMem=0x11ee910) returned 0x0
[0285.293] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0285.293] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0285.293] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0285.293] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0285.293] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0285.293] GdipRestoreGraphics (graphics=0x6600030, state=0xf6740dbd) returned 0x0
[0285.293] GdipDeleteRegion (region=0x6645518) returned 0x0
[0285.293] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0285.293] GetCurrentObject (hdc=0x810107ec, type=0x1) returned 0xb00017
[0285.293] GetCurrentObject (hdc=0x810107ec, type=0x2) returned 0x900010
[0285.293] GetCurrentObject (hdc=0x810107ec, type=0x7) returned 0x4a0507fe
[0285.293] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.293] SaveDC (hdc=0x810107ec) returned 1
[0285.293] GetNearestColor (hdc=0x810107ec, color=0xf0f0f0) returned 0xf0f0f0
[0285.294] GetNearestColor (hdc=0x810107ec, color=0xa0a0a0) returned 0xa0a0a0
[0285.294] GetNearestColor (hdc=0x810107ec, color=0x696969) returned 0x696969
[0285.294] GetNearestColor (hdc=0x810107ec, color=0xa0a0a0) returned 0xa0a0a0
[0285.300] GetNearestColor (hdc=0x810107ec, color=0x0) returned 0x0
[0285.301] GetNearestColor (hdc=0x810107ec, color=0xffffff) returned 0xffffff
[0285.301] GetNearestColor (hdc=0x810107ec, color=0xe5e5e5) returned 0xe5e5e5
[0285.301] GetNearestColor (hdc=0x810107ec, color=0xd7d7d7) returned 0xd7d7d7
[0285.301] GetNearestColor (hdc=0x810107ec, color=0x0) returned 0x0
[0285.301] RestoreDC (hdc=0x810107ec, nSavedDC=-1) returned 1
[0285.301] GdipReleaseDC (graphics=0x6600030, hdc=0x810107ec) returned 0x0
[0285.301] IsAppThemed () returned 0x1
[0285.301] GetThemeAppProperties () returned 0x3
[0285.301] GetThemeAppProperties () returned 0x3
[0285.301] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0285.301] SendMessageW (hWnd=0x2902c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0285.301] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0285.301] IsAppThemed () returned 0x1
[0285.301] GetThemeAppProperties () returned 0x3
[0285.301] GetThemeAppProperties () returned 0x3
[0285.301] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e5fbac | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0285.302] IsAppThemed () returned 0x1
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] IsAppThemed () returned 0x1
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] GetFocus () returned 0x3102d8
[0285.302] IsAppThemed () returned 0x1
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] IsAppThemed () returned 0x1
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] IsThemePartDefined () returned 0x1
[0285.302] IsAppThemed () returned 0x1
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] GetThemeAppProperties () returned 0x3
[0285.302] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0285.302] IsAppThemed () returned 0x1
[0285.303] GetThemeAppProperties () returned 0x3
[0285.303] GetThemeAppProperties () returned 0x3
[0285.303] IsAppThemed () returned 0x1
[0285.303] GetThemeAppProperties () returned 0x3
[0285.303] GetThemeAppProperties () returned 0x3
[0285.303] IsThemePartDefined () returned 0x1
[0285.303] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0285.303] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0285.303] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0285.303] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0285.303] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dff0) returned 0x0
[0285.303] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0285.303] LocalFree (hMem=0x11eea28) returned 0x0
[0285.303] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0285.303] LocalFree (hMem=0x11eea28) returned 0x0
[0285.303] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0285.303] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e018) returned 0x0
[0285.303] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e008) returned 0x0
[0285.303] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0285.303] GdipDeleteRegion (region=0x6645098) returned 0x0
[0285.304] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0285.304] GetCurrentObject (hdc=0x810107ec, type=0x1) returned 0xb00017
[0285.304] GetCurrentObject (hdc=0x810107ec, type=0x2) returned 0x900010
[0285.304] GetCurrentObject (hdc=0x810107ec, type=0x7) returned 0x4a0507fe
[0285.304] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.304] SaveDC (hdc=0x810107ec) returned 1
[0285.304] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x500407de
[0285.304] GetClipRgn (hdc=0x810107ec, hrgn=0x500407de) returned 0
[0285.304] SelectClipRgn (hdc=0x810107ec, hrgn=0xc4040807) returned 2
[0285.304] DeleteObject (ho=0x500407de) returned 1
[0285.304] DeleteObject (ho=0xc4040807) returned 1
[0285.304] OffsetViewportOrgEx (in: hdc=0x810107ec, x=0, y=0, lppt=0x2e6025c | out: lppt=0x2e6025c) returned 1
[0285.304] DrawThemeParentBackground () returned 0x0
[0285.304] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0285.304] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0285.305] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.305] GetSystemMetrics (nIndex=42) returned 0
[0285.305] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0285.305] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0285.305] GetCurrentObject (hdc=0x810107ec, type=0x1) returned 0xb00017
[0285.305] GetCurrentObject (hdc=0x810107ec, type=0x2) returned 0x900010
[0285.305] GetCurrentObject (hdc=0x810107ec, type=0x7) returned 0x4a0507fe
[0285.305] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.305] SaveDC (hdc=0x810107ec) returned 2
[0285.305] GetNearestColor (hdc=0x810107ec, color=0xf0f0f0) returned 0xf0f0f0
[0285.305] CreateSolidBrush (color=0xf0f0f0) returned 0x2b1007e1
[0285.305] FillRect (hDC=0x810107ec, lprc=0xd7da38, hbr=0x2b1007e1) returned 1
[0285.305] DeleteObject (ho=0x2b1007e1) returned 1
[0285.305] RestoreDC (hdc=0x810107ec, nSavedDC=-1) returned 1
[0285.306] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.306] GetSystemMetrics (nIndex=42) returned 0
[0285.306] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0285.306] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0285.306] GetCurrentObject (hdc=0x810107ec, type=0x1) returned 0xb00017
[0285.306] GetCurrentObject (hdc=0x810107ec, type=0x2) returned 0x900010
[0285.306] GetCurrentObject (hdc=0x810107ec, type=0x7) returned 0x4a0507fe
[0285.306] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.306] SaveDC (hdc=0x810107ec) returned 2
[0285.306] GetNearestColor (hdc=0x810107ec, color=0xf0f0f0) returned 0xf0f0f0
[0285.306] CreateSolidBrush (color=0xf0f0f0) returned 0x2c1007e1
[0285.306] FillRect (hDC=0x810107ec, lprc=0xd7d9d8, hbr=0x2c1007e1) returned 1
[0285.306] DeleteObject (ho=0x2c1007e1) returned 1
[0285.306] RestoreDC (hdc=0x810107ec, nSavedDC=-1) returned 1
[0285.306] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.306] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.307] GetSystemMetrics (nIndex=42) returned 0
[0285.307] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.307] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0285.307] RestoreDC (hdc=0x810107ec, nSavedDC=-1) returned 1
[0285.307] GdipReleaseDC (graphics=0x6600030, hdc=0x810107ec) returned 0x0
[0285.307] IsAppThemed () returned 0x1
[0285.307] GetThemeAppProperties () returned 0x3
[0285.307] GetThemeAppProperties () returned 0x3
[0285.308] IsAppThemed () returned 0x1
[0285.308] GetThemeAppProperties () returned 0x3
[0285.308] GetThemeAppProperties () returned 0x3
[0285.308] IsThemePartDefined () returned 0x1
[0285.308] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0285.308] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0285.308] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0285.308] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0285.308] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0285.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0285.308] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea60) returned 0x0
[0285.308] LocalFree (hMem=0x11eea60) returned 0x0
[0285.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.308] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0285.308] LocalFree (hMem=0x11eec58) returned 0x0
[0285.308] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0285.308] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0285.308] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0285.308] GdipGetRegionHRgn (region=0x6645098, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0285.308] GdipDeleteRegion (region=0x6645098) returned 0x0
[0285.309] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0285.309] GetCurrentObject (hdc=0x810107ec, type=0x1) returned 0xb00017
[0285.309] GetCurrentObject (hdc=0x810107ec, type=0x2) returned 0x900010
[0285.309] GetCurrentObject (hdc=0x810107ec, type=0x7) returned 0x4a0507fe
[0285.309] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.309] SaveDC (hdc=0x810107ec) returned 1
[0285.309] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc5040807
[0285.309] GetClipRgn (hdc=0x810107ec, hrgn=0xc5040807) returned 0
[0285.309] SelectClipRgn (hdc=0x810107ec, hrgn=0x520407de) returned 2
[0285.309] DeleteObject (ho=0xc5040807) returned 1
[0285.309] DeleteObject (ho=0x520407de) returned 1
[0285.309] OffsetViewportOrgEx (in: hdc=0x810107ec, x=0, y=0, lppt=0x2e60b08 | out: lppt=0x2e60b08) returned 1
[0285.310] IsAppThemed () returned 0x1
[0285.310] GetThemeAppProperties () returned 0x3
[0285.310] GetThemeAppProperties () returned 0x3
[0285.310] DrawThemeBackground () returned 0x0
[0285.310] RestoreDC (hdc=0x810107ec, nSavedDC=-1) returned 1
[0285.310] GdipReleaseDC (graphics=0x6600030, hdc=0x810107ec) returned 0x0
[0285.310] GdipCreateRegion (region=0xd7df60) returned 0x0
[0285.310] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0285.310] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0285.310] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0285.310] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0285.310] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0285.311] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eecc8) returned 0x0
[0285.311] LocalFree (hMem=0x11eecc8) returned 0x0
[0285.311] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0285.311] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea28) returned 0x0
[0285.311] LocalFree (hMem=0x11eea28) returned 0x0
[0285.311] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0285.311] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0285.311] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7df90) returned 0x0
[0285.311] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0285.311] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0285.311] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0285.311] GetCurrentObject (hdc=0x810107ec, type=0x1) returned 0xb00017
[0285.311] GetCurrentObject (hdc=0x810107ec, type=0x2) returned 0x900010
[0285.311] GetCurrentObject (hdc=0x810107ec, type=0x7) returned 0x4a0507fe
[0285.311] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.311] SaveDC (hdc=0x810107ec) returned 1
[0285.311] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x530407de
[0285.312] GetClipRgn (hdc=0x810107ec, hrgn=0x530407de) returned 0
[0285.312] SelectClipRgn (hdc=0x810107ec, hrgn=0xc6040807) returned 2
[0285.312] DeleteObject (ho=0x530407de) returned 1
[0285.312] DeleteObject (ho=0xc6040807) returned 1
[0285.312] OffsetViewportOrgEx (in: hdc=0x810107ec, x=0, y=0, lppt=0x2e60ddc | out: lppt=0x2e60ddc) returned 1
[0285.312] IsAppThemed () returned 0x1
[0285.312] GetThemeAppProperties () returned 0x3
[0285.312] GetThemeAppProperties () returned 0x3
[0285.312] GetThemeBackgroundContentRect () returned 0x0
[0285.312] RestoreDC (hdc=0x810107ec, nSavedDC=-1) returned 1
[0285.312] GdipReleaseDC (graphics=0x6600030, hdc=0x810107ec) returned 0x0
[0285.312] IsAppThemed () returned 0x1
[0285.312] GetThemeAppProperties () returned 0x3
[0285.312] GetThemeAppProperties () returned 0x3
[0285.312] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0285.312] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0285.312] GetCurrentObject (hdc=0x810107ec, type=0x1) returned 0xb00017
[0285.313] GetCurrentObject (hdc=0x810107ec, type=0x2) returned 0x900010
[0285.313] GetCurrentObject (hdc=0x810107ec, type=0x7) returned 0x4a0507fe
[0285.313] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.313] SaveDC (hdc=0x810107ec) returned 1
[0285.313] GetTextAlign (hdc=0x810107ec) returned 0x0
[0285.313] GetTextColor (hdc=0x810107ec) returned 0x0
[0285.313] GetCurrentObject (hdc=0x810107ec, type=0x6) returned 0x8a01c2
[0285.313] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0285.313] SelectObject (hdc=0x810107ec, h=0x6d0a0520) returned 0x8a01c2
[0285.313] GetBkMode (hdc=0x810107ec) returned 2
[0285.313] SetBkMode (hdc=0x810107ec, mode=1) returned 2
[0285.313] DrawTextExW (in: hdc=0x810107ec, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e6117c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0285.314] DrawTextExW (in: hdc=0x810107ec, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e6117c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0285.314] RestoreDC (hdc=0x810107ec, nSavedDC=-1) returned 1
[0285.314] GdipReleaseDC (graphics=0x6600030, hdc=0x810107ec) returned 0x0
[0285.314] GetFocus () returned 0x3102d8
[0285.314] IsAppThemed () returned 0x1
[0285.314] GetThemeAppProperties () returned 0x3
[0285.314] GetThemeAppProperties () returned 0x3
[0285.314] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0285.314] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x810107ec, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.314] GdipReleaseDC (graphics=0x6600030, hdc=0x810107ec) returned 0x0
[0285.315] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.315] SelectObject (hdc=0x810107ec, h=0x85000f) returned 0x4a0507fe
[0285.315] DeleteDC (hdc=0x810107ec) returned 1
[0285.315] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.315] EndPaint (hWnd=0x2f02da, lpPaint=0xd7e24c) returned 1
[0285.315] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.315] IsWindowUnicode (hWnd=0x602c4) returned 1
[0285.315] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.315] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.315] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.315] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0285.316] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.316] CreateCompatibleDC (hdc=0xc0107c5) returned 0x830107ec
[0285.316] SelectObject (hdc=0x830107ec, h=0x4a0507fe) returned 0x85000f
[0285.316] GdipCreateFromHDC (hdc=0x830107ec, graphics=0xd7e268) returned 0x0
[0285.316] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.316] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0285.316] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0285.316] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0285.316] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0285.316] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.316] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0285.316] LocalFree (hMem=0x11ee788) returned 0x0
[0285.316] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0285.316] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0285.317] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0285.317] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0285.317] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0285.317] GdipRestoreGraphics (graphics=0x6600030, state=0xf6720dbd) returned 0x0
[0285.317] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0285.317] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0285.317] GetCurrentObject (hdc=0x830107ec, type=0x1) returned 0xb00017
[0285.317] GetCurrentObject (hdc=0x830107ec, type=0x2) returned 0x900010
[0285.317] GetCurrentObject (hdc=0x830107ec, type=0x7) returned 0x4a0507fe
[0285.317] GetCurrentObject (hdc=0x830107ec, type=0x6) returned 0x8a01c2
[0285.317] SaveDC (hdc=0x830107ec) returned 1
[0285.317] GetNearestColor (hdc=0x830107ec, color=0xff) returned 0xff
[0285.317] GetNearestColor (hdc=0x830107ec, color=0x55) returned 0x55
[0285.317] GetNearestColor (hdc=0x830107ec, color=0x0) returned 0x0
[0285.317] GetNearestColor (hdc=0x830107ec, color=0x55) returned 0x55
[0285.317] GetNearestColor (hdc=0x830107ec, color=0x0) returned 0x0
[0285.318] GetNearestColor (hdc=0x830107ec, color=0x8080ff) returned 0x8080ff
[0285.318] GetNearestColor (hdc=0x830107ec, color=0x7373e5) returned 0x7373e5
[0285.318] GetNearestColor (hdc=0x830107ec, color=0xe5) returned 0xe5
[0285.318] GetNearestColor (hdc=0x830107ec, color=0x0) returned 0x0
[0285.318] RestoreDC (hdc=0x830107ec, nSavedDC=-1) returned 1
[0285.318] GdipReleaseDC (graphics=0x6600030, hdc=0x830107ec) returned 0x0
[0285.318] IsAppThemed () returned 0x1
[0285.318] GetThemeAppProperties () returned 0x3
[0285.318] GetThemeAppProperties () returned 0x3
[0285.318] IsAppThemed () returned 0x1
[0285.318] GetThemeAppProperties () returned 0x3
[0285.318] GetThemeAppProperties () returned 0x3
[0285.318] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e61944 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0285.319] IsAppThemed () returned 0x1
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] IsAppThemed () returned 0x1
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] GetFocus () returned 0x3102d8
[0285.319] IsAppThemed () returned 0x1
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] IsAppThemed () returned 0x1
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] IsThemePartDefined () returned 0x1
[0285.319] IsAppThemed () returned 0x1
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] GetThemeAppProperties () returned 0x3
[0285.319] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0285.319] IsAppThemed () returned 0x1
[0285.319] GetThemeAppProperties () returned 0x3
[0285.320] GetThemeAppProperties () returned 0x3
[0285.320] IsAppThemed () returned 0x1
[0285.320] GetThemeAppProperties () returned 0x3
[0285.320] GetThemeAppProperties () returned 0x3
[0285.320] IsThemePartDefined () returned 0x1
[0285.320] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0285.320] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0285.320] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0285.320] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0285.320] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dff0) returned 0x0
[0285.320] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.320] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0285.320] LocalFree (hMem=0x11ee788) returned 0x0
[0285.320] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0285.320] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0285.320] LocalFree (hMem=0x11eecc8) returned 0x0
[0285.320] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0285.320] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e018) returned 0x0
[0285.320] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e008) returned 0x0
[0285.320] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0285.321] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0285.321] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0285.321] GetCurrentObject (hdc=0x830107ec, type=0x1) returned 0xb00017
[0285.321] GetCurrentObject (hdc=0x830107ec, type=0x2) returned 0x900010
[0285.321] GetCurrentObject (hdc=0x830107ec, type=0x7) returned 0x4a0507fe
[0285.321] GetCurrentObject (hdc=0x830107ec, type=0x6) returned 0x8a01c2
[0285.321] SaveDC (hdc=0x830107ec) returned 1
[0285.321] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc7040807
[0285.321] GetClipRgn (hdc=0x830107ec, hrgn=0xc7040807) returned 0
[0285.321] SelectClipRgn (hdc=0x830107ec, hrgn=0x570407de) returned 2
[0285.321] DeleteObject (ho=0xc7040807) returned 1
[0285.321] DeleteObject (ho=0x570407de) returned 1
[0285.321] OffsetViewportOrgEx (in: hdc=0x830107ec, x=0, y=0, lppt=0x2e61ff4 | out: lppt=0x2e61ff4) returned 1
[0285.321] DrawThemeParentBackground () returned 0x0
[0285.322] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0285.322] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0285.322] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0285.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.322] GetSystemMetrics (nIndex=42) returned 0
[0285.322] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0285.322] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0285.322] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0285.322] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0285.322] SelectPalette (hdc=0x830107ec, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.322] GdipCreateFromHDC (hdc=0x830107ec, graphics=0xd7dac8) returned 0x0
[0285.322] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0285.322] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0285.322] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638db8) returned 0x0
[0285.323] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7daa0) returned 0x0
[0285.323] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0285.323] GdipCreateRegion (region=0xd7da88) returned 0x0
[0285.323] GdipGetClip (graphics=0x6639e10, region=0x66455a8) returned 0x0
[0285.323] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6639e10, result=0xd7da94) returned 0x0
[0285.323] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0285.323] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dac0) returned 0x0
[0285.323] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0285.338] GdipFillRectangleI (graphics=0x6639e10, brush=0x66592a8, x=0, y=0, width=801, height=453) returned 0x0
[0285.338] GdipDeleteBrush (brush=0x66592a8) returned 0x0
[0285.340] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0285.340] SelectPalette (hdc=0x830107ec, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.340] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0285.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.340] GetSystemMetrics (nIndex=42) returned 0
[0285.341] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.347] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0285.347] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0285.347] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0285.347] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0285.347] SelectPalette (hdc=0x830107ec, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.347] GdipCreateFromHDC (hdc=0x830107ec, graphics=0xd7da68) returned 0x0
[0285.348] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0285.348] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0285.348] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638a58) returned 0x0
[0285.348] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7da40) returned 0x0
[0285.348] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0285.348] GdipCreateRegion (region=0xd7da28) returned 0x0
[0285.348] GdipGetClip (graphics=0x6639e10, region=0x6645ea8) returned 0x0
[0285.348] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6639e10, result=0xd7da34) returned 0x0
[0285.348] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0285.348] GdipSaveGraphics (graphics=0x6639e10, state=0xd7da60) returned 0x0
[0285.348] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0285.357] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659788, x=0, y=0, width=801, height=453) returned 0x0
[0285.357] GdipDeleteBrush (brush=0x6659788) returned 0x0
[0285.359] GdipRestoreGraphics (graphics=0x6639e10, state=0xf66e0dbd) returned 0x0
[0285.359] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0285.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.359] GetSystemMetrics (nIndex=42) returned 0
[0285.359] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.359] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0285.359] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0285.359] SelectPalette (hdc=0x830107ec, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.360] RestoreDC (hdc=0x830107ec, nSavedDC=-1) returned 1
[0285.360] GdipReleaseDC (graphics=0x6600030, hdc=0x830107ec) returned 0x0
[0285.360] IsAppThemed () returned 0x1
[0285.360] GetThemeAppProperties () returned 0x3
[0285.360] GetThemeAppProperties () returned 0x3
[0285.360] IsAppThemed () returned 0x1
[0285.360] GetThemeAppProperties () returned 0x3
[0285.360] GetThemeAppProperties () returned 0x3
[0285.360] IsThemePartDefined () returned 0x1
[0285.360] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0285.360] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0285.360] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0285.360] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0285.360] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0285.360] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.360] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0285.360] LocalFree (hMem=0x11eec58) returned 0x0
[0285.360] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0285.360] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0285.361] LocalFree (hMem=0x11ee8d8) returned 0x0
[0285.361] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0285.361] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0285.361] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0285.361] GdipGetRegionHRgn (region=0x6645ea8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0285.361] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0285.361] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0285.361] GetCurrentObject (hdc=0x830107ec, type=0x1) returned 0xb00017
[0285.361] GetCurrentObject (hdc=0x830107ec, type=0x2) returned 0x900010
[0285.361] GetCurrentObject (hdc=0x830107ec, type=0x7) returned 0x4a0507fe
[0285.361] GetCurrentObject (hdc=0x830107ec, type=0x6) returned 0x8a01c2
[0285.361] SaveDC (hdc=0x830107ec) returned 1
[0285.361] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x580407de
[0285.361] GetClipRgn (hdc=0x830107ec, hrgn=0x580407de) returned 0
[0285.361] SelectClipRgn (hdc=0x830107ec, hrgn=0xc9040807) returned 2
[0285.361] DeleteObject (ho=0x580407de) returned 1
[0285.362] DeleteObject (ho=0xc9040807) returned 1
[0285.362] OffsetViewportOrgEx (in: hdc=0x830107ec, x=0, y=0, lppt=0x2e68844 | out: lppt=0x2e68844) returned 1
[0285.362] IsAppThemed () returned 0x1
[0285.362] GetThemeAppProperties () returned 0x3
[0285.362] GetThemeAppProperties () returned 0x3
[0285.362] DrawThemeBackground () returned 0x0
[0285.362] RestoreDC (hdc=0x830107ec, nSavedDC=-1) returned 1
[0285.362] GdipReleaseDC (graphics=0x6600030, hdc=0x830107ec) returned 0x0
[0285.362] GdipCreateRegion (region=0xd7df60) returned 0x0
[0285.362] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0285.362] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0285.362] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0285.362] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0285.362] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.362] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0285.362] LocalFree (hMem=0x11eec58) returned 0x0
[0285.362] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0285.362] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea28) returned 0x0
[0285.363] LocalFree (hMem=0x11eea28) returned 0x0
[0285.363] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0285.363] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0285.363] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0285.363] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0285.363] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0285.363] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0285.363] GetCurrentObject (hdc=0x830107ec, type=0x1) returned 0xb00017
[0285.363] GetCurrentObject (hdc=0x830107ec, type=0x2) returned 0x900010
[0285.363] GetCurrentObject (hdc=0x830107ec, type=0x7) returned 0x4a0507fe
[0285.363] GetCurrentObject (hdc=0x830107ec, type=0x6) returned 0x8a01c2
[0285.363] SaveDC (hdc=0x830107ec) returned 1
[0285.363] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xca040807
[0285.363] GetClipRgn (hdc=0x830107ec, hrgn=0xca040807) returned 0
[0285.363] SelectClipRgn (hdc=0x830107ec, hrgn=0x590407de) returned 2
[0285.363] DeleteObject (ho=0xca040807) returned 1
[0285.363] DeleteObject (ho=0x590407de) returned 1
[0285.363] OffsetViewportOrgEx (in: hdc=0x830107ec, x=0, y=0, lppt=0x2e68b18 | out: lppt=0x2e68b18) returned 1
[0285.363] IsAppThemed () returned 0x1
[0285.364] GetThemeAppProperties () returned 0x3
[0285.364] GetThemeAppProperties () returned 0x3
[0285.364] GetThemeBackgroundContentRect () returned 0x0
[0285.364] RestoreDC (hdc=0x830107ec, nSavedDC=-1) returned 1
[0285.364] GdipReleaseDC (graphics=0x6600030, hdc=0x830107ec) returned 0x0
[0285.364] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0285.364] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0285.364] GdipFillRectangleI (graphics=0x6600030, brush=0x6640ec0, x=4, y=4, width=67, height=15) returned 0x0
[0285.364] GdipDeleteBrush (brush=0x6640ec0) returned 0x0
[0285.364] IsAppThemed () returned 0x1
[0285.364] GetThemeAppProperties () returned 0x3
[0285.364] GetThemeAppProperties () returned 0x3
[0285.364] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0285.364] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0285.364] GetCurrentObject (hdc=0x830107ec, type=0x1) returned 0xb00017
[0285.364] GetCurrentObject (hdc=0x830107ec, type=0x2) returned 0x900010
[0285.364] GetCurrentObject (hdc=0x830107ec, type=0x7) returned 0x4a0507fe
[0285.364] GetCurrentObject (hdc=0x830107ec, type=0x6) returned 0x8a01c2
[0285.364] SaveDC (hdc=0x830107ec) returned 1
[0285.364] GetTextAlign (hdc=0x830107ec) returned 0x0
[0285.365] GetTextColor (hdc=0x830107ec) returned 0x0
[0285.365] GetCurrentObject (hdc=0x830107ec, type=0x6) returned 0x8a01c2
[0285.365] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0285.365] SelectObject (hdc=0x830107ec, h=0x6d0a0520) returned 0x8a01c2
[0285.365] GetBkMode (hdc=0x830107ec) returned 2
[0285.365] SetBkMode (hdc=0x830107ec, mode=1) returned 2
[0285.365] DrawTextExW (in: hdc=0x830107ec, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e68edc | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0285.365] DrawTextExW (in: hdc=0x830107ec, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e68edc | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0285.366] RestoreDC (hdc=0x830107ec, nSavedDC=-1) returned 1
[0285.366] GdipReleaseDC (graphics=0x6600030, hdc=0x830107ec) returned 0x0
[0285.366] GetFocus () returned 0x3102d8
[0285.366] IsAppThemed () returned 0x1
[0285.366] GetThemeAppProperties () returned 0x3
[0285.366] GetThemeAppProperties () returned 0x3
[0285.366] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0285.366] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x830107ec, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.366] GdipReleaseDC (graphics=0x6600030, hdc=0x830107ec) returned 0x0
[0285.366] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.366] SelectObject (hdc=0x830107ec, h=0x85000f) returned 0x4a0507fe
[0285.367] DeleteDC (hdc=0x830107ec) returned 1
[0285.367] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.367] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0285.367] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.368] IsWindowUnicode (hWnd=0x2f02dc) returned 1
[0285.368] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.368] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.368] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.368] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.368] IsWindowUnicode (hWnd=0x2f02dc) returned 1
[0285.368] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.368] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.368] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.368] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x2a1, wParam=0x0, lParam=0x50024) returned 0x0
[0285.368] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0285.368] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0285.368] WaitMessage () returned 1
[0285.403] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.403] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.403] IsWindowUnicode (hWnd=0x2f02dc) returned 1
[0285.403] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.403] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.404] GetDlgItem (hDlg=0x2902c8, nIDDlgItem=0) returned 0x0
[0285.404] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x210, wParam=0x201, lParam=0x630105) returned 0x0
[0285.404] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x21, wParam=0x2902c8, lParam=0x2010001) returned 0x1
[0285.404] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x21, wParam=0x2902c8, lParam=0x2010001) returned 0x1
[0285.404] SetCursor (hCursor=0x10003) returned 0x10003
[0285.404] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.404] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.404] GetKeyState (nVirtKey=1) returned -127
[0285.404] GetKeyState (nVirtKey=2) returned 0
[0285.404] GetKeyState (nVirtKey=4) returned 0
[0285.404] GetKeyState (nVirtKey=5) returned 0
[0285.404] GetKeyState (nVirtKey=6) returned 0
[0285.404] IsWindowVisible (hWnd=0x2f02dc) returned 1
[0285.404] IsWindowEnabled (hWnd=0x2f02dc) returned 1
[0285.404] SetFocus (hWnd=0x2f02dc) returned 0x3102d8
[0285.405] GetFocus () returned 0x2f02dc
[0285.405] IsChild (hWndParent=0x2902c8, hWnd=0x2f02dc) returned 1
[0285.405] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x8, wParam=0x2f02dc, lParam=0x0) returned 0x0
[0285.405] GetCapture () returned 0x0
[0285.405] InvalidateRect (hWnd=0x3102d8, lpRect=0x0, bErase=0) returned 1
[0285.406] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0285.407] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0285.414] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.414] InvalidateRect (hWnd=0x3102d8, lpRect=0x0, bErase=0) returned 1
[0285.414] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x7, wParam=0x3102d8, lParam=0x0) returned 0x0
[0285.414] GetStockObject (i=5) returned 0x900015
[0285.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0285.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0285.414] GetDlgItem (hDlg=0x2902c8, nIDDlgItem=3080924) returned 0x2f02dc
[0285.414] SendMessageW (hWnd=0x2f02dc, Msg=0x202b, wParam=0x2f02dc, lParam=0xd7dddc) returned 0x0
[0285.414] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x202b, wParam=0x2f02dc, lParam=0xd7dddc) returned 0x0
[0285.414] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.417] GetFocus () returned 0x2f02dc
[0285.417] GetFocus () returned 0x2f02dc
[0285.417] GetFocus () returned 0x2f02dc
[0285.417] GetKeyState (nVirtKey=1) returned -127
[0285.417] GetKeyState (nVirtKey=2) returned 0
[0285.417] GetKeyState (nVirtKey=4) returned 0
[0285.417] GetKeyState (nVirtKey=5) returned 0
[0285.417] GetKeyState (nVirtKey=6) returned 0
[0285.417] GetCapture () returned 0x0
[0285.417] SetCapture (hWnd=0x2f02dc) returned 0x0
[0285.417] GetKeyState (nVirtKey=1) returned -127
[0285.417] GetKeyState (nVirtKey=2) returned 0
[0285.417] GetKeyState (nVirtKey=4) returned 0
[0285.417] GetKeyState (nVirtKey=5) returned 0
[0285.417] GetKeyState (nVirtKey=6) returned 0
[0285.417] NotifyWinEvent (event=0x800a, hwnd=0x2f02dc, idObject=-4, idChild=0)
[0285.417] InvalidateRect (hWnd=0x2f02dc, lpRect=0xd7e430, bErase=0) returned 1
[0285.418] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.418] IsWindowUnicode (hWnd=0x2f02dc) returned 1
[0285.418] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.418] TranslateMessage (lpMsg=0xd7e808) returned 0
[0285.418] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0285.418] MapWindowPoints (in: hWndFrom=0x2f02dc, hWndTo=0x0, lpPoints=0x2e690f0, cPoints=0x1 | out: lpPoints=0x2e690f0) returned 30999254
[0285.418] NotifyWinEvent (event=0x800a, hwnd=0x2f02dc, idObject=-4, idChild=0)
[0285.418] InvalidateRect (hWnd=0x2f02dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0285.418] UpdateWindow (hWnd=0x2f02dc) returned 1
[0285.418] BeginPaint (in: hWnd=0x2f02dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0285.418] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.418] CreateCompatibleDC (hdc=0x107b9) returned 0xa4010671
[0285.419] SelectObject (hdc=0xa4010671, h=0x4a0507fe) returned 0x85000f
[0285.419] GdipCreateFromHDC (hdc=0xa4010671, graphics=0xd7df00) returned 0x0
[0285.423] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.423] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0285.423] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0285.423] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0285.423] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df60) returned 0x0
[0285.423] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.423] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0285.423] LocalFree (hMem=0x11ee788) returned 0x0
[0285.423] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0285.423] GdipCreateRegion (region=0xd7df48) returned 0x0
[0285.423] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0285.424] GdipIsInfiniteRegion (region=0x6645ea8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0285.424] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0285.424] GdipRestoreGraphics (graphics=0x6600030, state=0xf66c0dbd) returned 0x0
[0285.424] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0285.424] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0285.424] GetCurrentObject (hdc=0xa4010671, type=0x1) returned 0xb00017
[0285.424] GetCurrentObject (hdc=0xa4010671, type=0x2) returned 0x900010
[0285.424] GetCurrentObject (hdc=0xa4010671, type=0x7) returned 0x4a0507fe
[0285.424] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.424] SaveDC (hdc=0xa4010671) returned 1
[0285.424] GetNearestColor (hdc=0xa4010671, color=0xf0f0f0) returned 0xf0f0f0
[0285.424] GetNearestColor (hdc=0xa4010671, color=0xa0a0a0) returned 0xa0a0a0
[0285.424] GetNearestColor (hdc=0xa4010671, color=0x696969) returned 0x696969
[0285.424] GetNearestColor (hdc=0xa4010671, color=0xa0a0a0) returned 0xa0a0a0
[0285.424] GetNearestColor (hdc=0xa4010671, color=0x0) returned 0x0
[0285.425] GetNearestColor (hdc=0xa4010671, color=0xffffff) returned 0xffffff
[0285.425] GetNearestColor (hdc=0xa4010671, color=0xe5e5e5) returned 0xe5e5e5
[0285.425] GetNearestColor (hdc=0xa4010671, color=0xd7d7d7) returned 0xd7d7d7
[0285.425] GetNearestColor (hdc=0xa4010671, color=0x0) returned 0x0
[0285.425] RestoreDC (hdc=0xa4010671, nSavedDC=-1) returned 1
[0285.425] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010671) returned 0x0
[0285.425] IsAppThemed () returned 0x1
[0285.425] GetThemeAppProperties () returned 0x3
[0285.425] GetThemeAppProperties () returned 0x3
[0285.425] IsAppThemed () returned 0x1
[0285.425] GetThemeAppProperties () returned 0x3
[0285.425] GetThemeAppProperties () returned 0x3
[0285.425] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e69848 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0285.426] IsAppThemed () returned 0x1
[0285.426] GetThemeAppProperties () returned 0x3
[0285.426] GetThemeAppProperties () returned 0x3
[0285.426] IsAppThemed () returned 0x1
[0285.426] GetThemeAppProperties () returned 0x3
[0285.426] GetThemeAppProperties () returned 0x3
[0285.426] IsAppThemed () returned 0x1
[0285.426] GetThemeAppProperties () returned 0x3
[0285.426] GetThemeAppProperties () returned 0x3
[0285.434] IsAppThemed () returned 0x1
[0285.434] GetThemeAppProperties () returned 0x3
[0285.434] GetThemeAppProperties () returned 0x3
[0285.434] IsThemePartDefined () returned 0x1
[0285.434] IsAppThemed () returned 0x1
[0285.434] GetThemeAppProperties () returned 0x3
[0285.434] GetThemeAppProperties () returned 0x3
[0285.434] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0285.434] IsAppThemed () returned 0x1
[0285.434] GetThemeAppProperties () returned 0x3
[0285.434] GetThemeAppProperties () returned 0x3
[0285.434] IsAppThemed () returned 0x1
[0285.434] GetThemeAppProperties () returned 0x3
[0285.434] GetThemeAppProperties () returned 0x3
[0285.439] IsThemePartDefined () returned 0x1
[0285.439] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0285.439] GdipGetClip (graphics=0x6600030, region=0x66451b8) returned 0x0
[0285.439] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0285.439] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0285.439] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc7c) returned 0x0
[0285.439] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.439] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0285.439] LocalFree (hMem=0x11eec58) returned 0x0
[0285.439] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0285.439] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eecc8) returned 0x0
[0285.439] LocalFree (hMem=0x11eecc8) returned 0x0
[0285.439] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0285.439] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0285.439] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0285.439] GdipGetRegionHRgn (region=0x66451b8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0285.440] GdipDeleteRegion (region=0x66451b8) returned 0x0
[0285.440] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0285.440] GetCurrentObject (hdc=0xa4010671, type=0x1) returned 0xb00017
[0285.440] GetCurrentObject (hdc=0xa4010671, type=0x2) returned 0x900010
[0285.440] GetCurrentObject (hdc=0xa4010671, type=0x7) returned 0x4a0507fe
[0285.440] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.440] SaveDC (hdc=0xa4010671) returned 1
[0285.440] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5a0407de
[0285.440] GetClipRgn (hdc=0xa4010671, hrgn=0x5a0407de) returned 0
[0285.440] SelectClipRgn (hdc=0xa4010671, hrgn=0xce040807) returned 2
[0285.440] DeleteObject (ho=0x5a0407de) returned 1
[0285.440] DeleteObject (ho=0xce040807) returned 1
[0285.440] OffsetViewportOrgEx (in: hdc=0xa4010671, x=0, y=0, lppt=0x2c9aed4 | out: lppt=0x2c9aed4) returned 1
[0285.440] DrawThemeParentBackground () returned 0x0
[0285.441] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0285.441] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0285.441] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.441] GetSystemMetrics (nIndex=42) returned 0
[0285.441] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0285.441] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0285.441] GetCurrentObject (hdc=0xa4010671, type=0x1) returned 0xb00017
[0285.441] GetCurrentObject (hdc=0xa4010671, type=0x2) returned 0x900010
[0285.441] GetCurrentObject (hdc=0xa4010671, type=0x7) returned 0x4a0507fe
[0285.441] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.441] SaveDC (hdc=0xa4010671) returned 2
[0285.441] GetNearestColor (hdc=0xa4010671, color=0xf0f0f0) returned 0xf0f0f0
[0285.441] CreateSolidBrush (color=0xf0f0f0) returned 0x2d1007e1
[0285.441] FillRect (hDC=0xa4010671, lprc=0xd7d6c8, hbr=0x2d1007e1) returned 1
[0285.442] DeleteObject (ho=0x2d1007e1) returned 1
[0285.442] RestoreDC (hdc=0xa4010671, nSavedDC=-1) returned 1
[0285.442] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.442] GetSystemMetrics (nIndex=42) returned 0
[0285.442] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0285.442] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0285.442] GetCurrentObject (hdc=0xa4010671, type=0x1) returned 0xb00017
[0285.442] GetCurrentObject (hdc=0xa4010671, type=0x2) returned 0x900010
[0285.442] GetCurrentObject (hdc=0xa4010671, type=0x7) returned 0x4a0507fe
[0285.442] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.442] SaveDC (hdc=0xa4010671) returned 2
[0285.442] GetNearestColor (hdc=0xa4010671, color=0xf0f0f0) returned 0xf0f0f0
[0285.442] CreateSolidBrush (color=0xf0f0f0) returned 0x2e1007e1
[0285.442] FillRect (hDC=0xa4010671, lprc=0xd7d668, hbr=0x2e1007e1) returned 1
[0285.442] DeleteObject (ho=0x2e1007e1) returned 1
[0285.443] RestoreDC (hdc=0xa4010671, nSavedDC=-1) returned 1
[0285.443] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.443] GetSystemMetrics (nIndex=42) returned 0
[0285.443] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0285.443] RestoreDC (hdc=0xa4010671, nSavedDC=-1) returned 1
[0285.443] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010671) returned 0x0
[0285.443] IsAppThemed () returned 0x1
[0285.443] GetThemeAppProperties () returned 0x3
[0285.443] GetThemeAppProperties () returned 0x3
[0285.443] IsAppThemed () returned 0x1
[0285.443] GetThemeAppProperties () returned 0x3
[0285.443] GetThemeAppProperties () returned 0x3
[0285.443] IsThemePartDefined () returned 0x1
[0285.443] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0285.444] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0285.444] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0285.444] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0285.444] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc00) returned 0x0
[0285.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.444] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0285.444] LocalFree (hMem=0x11eec58) returned 0x0
[0285.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0285.444] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0285.444] LocalFree (hMem=0x11eea28) returned 0x0
[0285.444] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0285.444] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0285.444] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0285.444] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0285.444] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0285.444] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0285.444] GetCurrentObject (hdc=0xa4010671, type=0x1) returned 0xb00017
[0285.444] GetCurrentObject (hdc=0xa4010671, type=0x2) returned 0x900010
[0285.445] GetCurrentObject (hdc=0xa4010671, type=0x7) returned 0x4a0507fe
[0285.445] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.445] SaveDC (hdc=0xa4010671) returned 1
[0285.445] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcf040807
[0285.445] GetClipRgn (hdc=0xa4010671, hrgn=0xcf040807) returned 0
[0285.445] SelectClipRgn (hdc=0xa4010671, hrgn=0x5c0407de) returned 2
[0285.445] DeleteObject (ho=0xcf040807) returned 1
[0285.445] DeleteObject (ho=0x5c0407de) returned 1
[0285.445] OffsetViewportOrgEx (in: hdc=0xa4010671, x=0, y=0, lppt=0x2c9b780 | out: lppt=0x2c9b780) returned 1
[0285.445] IsAppThemed () returned 0x1
[0285.445] GetThemeAppProperties () returned 0x3
[0285.445] GetThemeAppProperties () returned 0x3
[0285.445] DrawThemeBackground () returned 0x0
[0285.445] RestoreDC (hdc=0xa4010671, nSavedDC=-1) returned 1
[0285.445] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010671) returned 0x0
[0285.445] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0285.446] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0285.446] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0285.446] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0285.446] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc04) returned 0x0
[0285.446] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0285.446] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0285.446] LocalFree (hMem=0x11ee868) returned 0x0
[0285.446] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.446] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0285.446] LocalFree (hMem=0x11ee788) returned 0x0
[0285.446] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0285.446] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0285.446] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0285.446] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0285.446] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0285.446] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0285.446] GetCurrentObject (hdc=0xa4010671, type=0x1) returned 0xb00017
[0285.446] GetCurrentObject (hdc=0xa4010671, type=0x2) returned 0x900010
[0285.446] GetCurrentObject (hdc=0xa4010671, type=0x7) returned 0x4a0507fe
[0285.447] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.447] SaveDC (hdc=0xa4010671) returned 1
[0285.447] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5d0407de
[0285.447] GetClipRgn (hdc=0xa4010671, hrgn=0x5d0407de) returned 0
[0285.447] SelectClipRgn (hdc=0xa4010671, hrgn=0xd0040807) returned 2
[0285.447] DeleteObject (ho=0x5d0407de) returned 1
[0285.447] DeleteObject (ho=0xd0040807) returned 1
[0285.447] OffsetViewportOrgEx (in: hdc=0xa4010671, x=0, y=0, lppt=0x2c9ba54 | out: lppt=0x2c9ba54) returned 1
[0285.447] IsAppThemed () returned 0x1
[0285.447] GetThemeAppProperties () returned 0x3
[0285.447] GetThemeAppProperties () returned 0x3
[0285.447] GetThemeBackgroundContentRect () returned 0x0
[0285.447] RestoreDC (hdc=0xa4010671, nSavedDC=-1) returned 1
[0285.447] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010671) returned 0x0
[0285.447] IsAppThemed () returned 0x1
[0285.447] GetThemeAppProperties () returned 0x3
[0285.447] GetThemeAppProperties () returned 0x3
[0285.448] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0285.448] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0285.448] GetCurrentObject (hdc=0xa4010671, type=0x1) returned 0xb00017
[0285.448] GetCurrentObject (hdc=0xa4010671, type=0x2) returned 0x900010
[0285.448] GetCurrentObject (hdc=0xa4010671, type=0x7) returned 0x4a0507fe
[0285.448] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.448] SaveDC (hdc=0xa4010671) returned 1
[0285.448] GetTextAlign (hdc=0xa4010671) returned 0x0
[0285.448] GetTextColor (hdc=0xa4010671) returned 0x0
[0285.448] GetCurrentObject (hdc=0xa4010671, type=0x6) returned 0x8a01c2
[0285.448] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0285.448] SelectObject (hdc=0xa4010671, h=0x6d0a0520) returned 0x8a01c2
[0285.448] GetBkMode (hdc=0xa4010671) returned 2
[0285.448] SetBkMode (hdc=0xa4010671, mode=1) returned 2
[0285.449] DrawTextExW (in: hdc=0xa4010671, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2c9bdf4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0285.449] DrawTextExW (in: hdc=0xa4010671, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2c9bdf4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0285.449] RestoreDC (hdc=0xa4010671, nSavedDC=-1) returned 1
[0285.449] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010671) returned 0x0
[0285.449] GetFocus () returned 0x2f02dc
[0285.449] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0285.449] SendMessageW (hWnd=0x2902c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0285.450] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0285.450] IsAppThemed () returned 0x1
[0285.450] GetThemeAppProperties () returned 0x3
[0285.450] GetThemeAppProperties () returned 0x3
[0285.450] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0285.450] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xa4010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.450] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010671) returned 0x0
[0285.450] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.450] SelectObject (hdc=0xa4010671, h=0x85000f) returned 0x4a0507fe
[0285.450] DeleteDC (hdc=0xa4010671) returned 1
[0285.450] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.451] EndPaint (hWnd=0x2f02dc, lpPaint=0xd7dee4) returned 1
[0285.451] MapWindowPoints (in: hWndFrom=0x2f02dc, hWndTo=0x0, lpPoints=0x2c9bef0, cPoints=0x1 | out: lpPoints=0x2c9bef0) returned 30999254
[0285.451] WindowFromPoint (Point=0x2fa) returned 0x2f02dc
[0285.451] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.451] NotifyWinEvent (event=0x800a, hwnd=0x2f02dc, idObject=-4, idChild=0)
[0285.451] NotifyWinEvent (event=0x800c, hwnd=0x2f02dc, idObject=-4, idChild=0)
[0285.451] GetCapture () returned 0x2f02dc
[0285.451] ReleaseCapture () returned 1
[0285.451] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0285.451] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0285.452] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.452] IsWindow (hWnd=0x7005c) returned 1
[0285.452] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0285.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0285.453] IsWindow (hWnd=0x2902c8) returned 1
[0285.453] SetActiveWindow (hWnd=0x2902c8) returned 0x2902c8
[0285.453] IsWindow (hWnd=0x2902c8) returned 1
[0285.453] SetFocus (hWnd=0x2902c8) returned 0x2f02dc
[0285.453] GetFocus () returned 0x2902c8
[0285.453] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x8, wParam=0x2902c8, lParam=0x0) returned 0x0
[0285.453] GetCapture () returned 0x0
[0285.453] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.454] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0285.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0285.458] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.458] GetFocus () returned 0x2902c8
[0285.458] SetFocus (hWnd=0x2f02dc) returned 0x2902c8
[0285.458] GetFocus () returned 0x2f02dc
[0285.458] IsChild (hWndParent=0x2902c8, hWnd=0x2f02dc) returned 1
[0285.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x8, wParam=0x2f02dc, lParam=0x0) returned 0x0
[0285.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0285.460] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0285.462] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.462] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x7, wParam=0x2902c8, lParam=0x0) returned 0x0
[0285.462] GetStockObject (i=5) returned 0x900015
[0285.462] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0285.462] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0xd, wParam=0xa, lParam=0x11f55a0) returned 0x9
[0285.462] GetDlgItem (hDlg=0x2902c8, nIDDlgItem=3080924) returned 0x2f02dc
[0285.462] SendMessageW (hWnd=0x2f02dc, Msg=0x202b, wParam=0x2f02dc, lParam=0xd7ddcc) returned 0x0
[0285.463] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x202b, wParam=0x2f02dc, lParam=0xd7ddcc) returned 0x0
[0285.463] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.464] GetWindowLongW (hWnd=0x2902c8, nIndex=-8) returned 458844
[0285.464] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0285.464] GetCurrentThreadId () returned 0xf50
[0285.464] IsWindow (hWnd=0x7005c) returned 1
[0285.464] IsWindow (hWnd=0x7005c) returned 1
[0285.464] IsWindowVisible (hWnd=0x7005c) returned 1
[0285.464] SetActiveWindow (hWnd=0x7005c) returned 0x2902c8
[0285.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0285.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0285.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0285.473] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0285.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0285.473] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0285.473] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0285.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2902c8) returned 0x1
[0285.477] GetFocus () returned 0x2f02dc
[0285.477] SetFocus (hWnd=0x602c4) returned 0x2f02dc
[0285.478] GetFocus () returned 0x602c4
[0285.478] IsChild (hWndParent=0x2902c8, hWnd=0x602c4) returned 0
[0285.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0285.478] GetCapture () returned 0x0
[0285.478] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0285.480] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0285.482] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0285.482] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.482] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0285.483] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0285.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2f02dc, lParam=0x0) returned 0x0
[0285.483] GetStockObject (i=5) returned 0x900015
[0285.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0285.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed9b8) returned 0xc
[0285.483] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0285.483] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0285.483] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0285.483] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0285.485] GetFocus () returned 0x602c4
[0285.485] IsChild (hWndParent=0x2902c8, hWnd=0x602c4) returned 0
[0285.485] ShowWindow (hWnd=0x2902c8, nCmdShow=0) returned 1
[0285.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0285.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0285.487] GetWindowPlacement (in: hWnd=0x2902c8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0285.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0285.487] GetClientRect (in: hWnd=0x2902c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0285.487] GetWindowRect (in: hWnd=0x2902c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0285.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0285.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0285.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0285.488] GetWindowLongW (hWnd=0x2902c8, nIndex=-20) returned 327945
[0285.488] DestroyWindow (hWnd=0x2902c8) returned 1
[0285.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0285.489] GetWindowTextLengthW (hWnd=0x2902c8) returned 13
[0285.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.489] GetSystemMetrics (nIndex=42) returned 0
[0285.489] GetWindowTextW (in: hWnd=0x2902c8, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0285.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0285.489] GetWindowTextLengthW (hWnd=0x2402d0) returned 0
[0285.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0285.489] GetSystemMetrics (nIndex=42) returned 0
[0285.489] GetWindowTextW (in: hWnd=0x2402d0, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0285.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0285.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0285.490] GetWindowThreadProcessId (in: hWnd=0x2502ce, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0285.490] GetWindow (hWnd=0x2502ce, uCmd=0x5) returned 0x0
[0285.490] GetWindowLongW (hWnd=0x2502ce, nIndex=-20) returned 65792
[0285.490] DestroyWindow (hWnd=0x2502ce) returned 1
[0285.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0285.490] GetWindowTextLengthW (hWnd=0x2502ce) returned 25
[0285.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0285.490] GetSystemMetrics (nIndex=42) returned 0
[0285.490] GetWindowTextW (in: hWnd=0x2502ce, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0285.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0285.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0285.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2502ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.492] GetWindowTextLengthW (hWnd=0x2f02de) returned 232
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0285.492] GetSystemMetrics (nIndex=42) returned 0
[0285.492] GetWindowTextW (in: hWnd=0x2f02de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0285.492] InvalidateRect (hWnd=0x2f02dc, lpRect=0x0, bErase=0) returned 1
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0285.492] SendMessageW (hWnd=0x3200ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0285.492] SendMessageW (hWnd=0x3200ea, Msg=0xb0, wParam=0x2c963c0, lParam=0xd7e480) returned 0x0
[0285.492] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0xb0, wParam=0x2c963c0, lParam=0xd7e480) returned 0x0
[0285.493] GetWindowTextLengthW (hWnd=0x3200ea) returned 4363
[0285.493] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0285.493] GetSystemMetrics (nIndex=42) returned 0
[0285.493] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0285.493] GetWindowTextW (in: hWnd=0x3200ea, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0285.493] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0285.493] CoTaskMemFree (pv=0x1202960)
[0285.493] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0285.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2402d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.495] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2f02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.508] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.509] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3200ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0285.511] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.511] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.511] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.512] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.512] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.512] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.512] IsWindowUnicode (hWnd=0x7005c) returned 1
[0285.512] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.513] SetCursor (hCursor=0x10003) returned 0x10003
[0285.513] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.513] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.513] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0285.513] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0285.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0285.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x109023c) returned 0x0
[0285.513] GetKeyState (nVirtKey=1) returned 1
[0285.513] GetKeyState (nVirtKey=2) returned 0
[0285.513] GetKeyState (nVirtKey=4) returned 0
[0285.513] GetKeyState (nVirtKey=5) returned 0
[0285.513] GetKeyState (nVirtKey=6) returned 0
[0285.513] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.514] IsWindowUnicode (hWnd=0x7005c) returned 1
[0285.514] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.514] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.514] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.514] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.514] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.515] IsWindowUnicode (hWnd=0x7005c) returned 1
[0285.515] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de02fa) returned 0x1
[0285.515] SetCursor (hCursor=0x10003) returned 0x10003
[0285.515] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.515] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x109023c) returned 0x0
[0285.515] GetKeyState (nVirtKey=1) returned 1
[0285.515] GetKeyState (nVirtKey=2) returned 0
[0285.515] GetKeyState (nVirtKey=4) returned 0
[0285.515] GetKeyState (nVirtKey=5) returned 0
[0285.515] GetKeyState (nVirtKey=6) returned 0
[0285.515] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.516] IsWindowUnicode (hWnd=0x602c4) returned 1
[0285.516] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.516] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.516] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.516] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.517] IsWindowUnicode (hWnd=0x602c4) returned 1
[0285.517] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.517] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.517] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.517] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0285.517] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.517] CreateCompatibleDC (hdc=0x107b9) returned 0x6f0107f3
[0285.517] SelectObject (hdc=0x6f0107f3, h=0x4a0507fe) returned 0x85000f
[0285.517] GdipCreateFromHDC (hdc=0x6f0107f3, graphics=0xd7e798) returned 0x0
[0285.518] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0285.518] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0285.518] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0285.518] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0285.518] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e7f8) returned 0x0
[0285.518] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0285.518] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0285.518] LocalFree (hMem=0x11ee868) returned 0x0
[0285.518] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0285.518] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0285.518] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0285.518] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0285.518] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0285.518] GdipRestoreGraphics (graphics=0x6600030, state=0xf66a0dbd) returned 0x0
[0285.518] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0285.518] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0285.519] GetCurrentObject (hdc=0x6f0107f3, type=0x1) returned 0xb00017
[0285.519] GetCurrentObject (hdc=0x6f0107f3, type=0x2) returned 0x900010
[0285.519] GetCurrentObject (hdc=0x6f0107f3, type=0x7) returned 0x4a0507fe
[0285.519] GetCurrentObject (hdc=0x6f0107f3, type=0x6) returned 0x8a01c2
[0285.519] SaveDC (hdc=0x6f0107f3) returned 1
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0xff) returned 0xff
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0x55) returned 0x55
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0x0) returned 0x0
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0x55) returned 0x55
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0x0) returned 0x0
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0x8080ff) returned 0x8080ff
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0x7373e5) returned 0x7373e5
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0xe5) returned 0xe5
[0285.519] GetNearestColor (hdc=0x6f0107f3, color=0x0) returned 0x0
[0285.520] RestoreDC (hdc=0x6f0107f3, nSavedDC=-1) returned 1
[0285.520] GdipReleaseDC (graphics=0x6600030, hdc=0x6f0107f3) returned 0x0
[0285.520] IsAppThemed () returned 0x1
[0285.520] GetThemeAppProperties () returned 0x3
[0285.520] GetThemeAppProperties () returned 0x3
[0285.520] IsAppThemed () returned 0x1
[0285.520] GetThemeAppProperties () returned 0x3
[0285.520] GetThemeAppProperties () returned 0x3
[0285.520] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2ca3ce8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0285.520] IsAppThemed () returned 0x1
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] IsAppThemed () returned 0x1
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetFocus () returned 0x602c4
[0285.521] IsAppThemed () returned 0x1
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] IsAppThemed () returned 0x1
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] IsThemePartDefined () returned 0x1
[0285.521] IsAppThemed () returned 0x1
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0285.521] IsAppThemed () returned 0x1
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] IsAppThemed () returned 0x1
[0285.521] GetThemeAppProperties () returned 0x3
[0285.521] GetThemeAppProperties () returned 0x3
[0285.522] IsThemePartDefined () returned 0x1
[0285.522] GdipCreateRegion (region=0xd7e508) returned 0x0
[0285.522] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0285.522] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0285.522] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0285.522] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e520) returned 0x0
[0285.522] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0285.522] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0285.522] LocalFree (hMem=0x11eec58) returned 0x0
[0285.522] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0285.522] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0285.522] LocalFree (hMem=0x11ee868) returned 0x0
[0285.522] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0285.522] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0285.522] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0285.522] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0285.522] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0285.522] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0285.522] GetCurrentObject (hdc=0x6f0107f3, type=0x1) returned 0xb00017
[0285.523] GetCurrentObject (hdc=0x6f0107f3, type=0x2) returned 0x900010
[0285.523] GetCurrentObject (hdc=0x6f0107f3, type=0x7) returned 0x4a0507fe
[0285.523] GetCurrentObject (hdc=0x6f0107f3, type=0x6) returned 0x8a01c2
[0285.523] SaveDC (hdc=0x6f0107f3) returned 1
[0285.523] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd1040807
[0285.523] GetClipRgn (hdc=0x6f0107f3, hrgn=0xd1040807) returned 0
[0285.523] SelectClipRgn (hdc=0x6f0107f3, hrgn=0x610407de) returned 2
[0285.523] DeleteObject (ho=0xd1040807) returned 1
[0285.523] DeleteObject (ho=0x610407de) returned 1
[0285.523] OffsetViewportOrgEx (in: hdc=0x6f0107f3, x=0, y=0, lppt=0x2ca4398 | out: lppt=0x2ca4398) returned 1
[0285.523] DrawThemeParentBackground () returned 0x0
[0285.523] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0285.523] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0285.524] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0285.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.524] GetSystemMetrics (nIndex=42) returned 0
[0285.524] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0285.524] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0285.524] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0285.524] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0285.524] SelectPalette (hdc=0x6f0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.524] GdipCreateFromHDC (hdc=0x6f0107f3, graphics=0xd7dff8) returned 0x0
[0285.524] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0285.524] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0285.524] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b78) returned 0x0
[0285.524] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfd0) returned 0x0
[0285.524] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0285.525] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0285.525] GdipGetClip (graphics=0x6639e10, region=0x6645a28) returned 0x0
[0285.525] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6639e10, result=0xd7dfc4) returned 0x0
[0285.525] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0285.525] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dff0) returned 0x0
[0285.525] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0285.540] GdipFillRectangleI (graphics=0x6639e10, brush=0x66592a8, x=0, y=0, width=801, height=453) returned 0x0
[0285.540] GdipDeleteBrush (brush=0x66592a8) returned 0x0
[0285.541] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0285.541] SelectPalette (hdc=0x6f0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.542] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0285.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.542] GetSystemMetrics (nIndex=42) returned 0
[0285.542] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0285.542] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0285.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0285.542] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0285.542] SelectPalette (hdc=0x6f0107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0285.542] GdipCreateFromHDC (hdc=0x6f0107f3, graphics=0xd7df98) returned 0x0
[0285.542] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0285.542] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0285.542] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638c98) returned 0x0
[0285.543] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df70) returned 0x0
[0285.543] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0285.543] GdipCreateRegion (region=0xd7df58) returned 0x0
[0285.543] GdipGetClip (graphics=0x6639e10, region=0x6645f38) returned 0x0
[0285.543] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6639e10, result=0xd7df64) returned 0x0
[0285.543] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0285.543] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df90) returned 0x0
[0285.543] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0285.593] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659650, x=0, y=0, width=801, height=453) returned 0x0
[0285.593] GdipDeleteBrush (brush=0x6659650) returned 0x0
[0285.595] GdipRestoreGraphics (graphics=0x6639e10, state=0xf6660dbd) returned 0x0
[0285.595] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0285.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0285.595] GetSystemMetrics (nIndex=42) returned 0
[0285.595] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0285.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0285.595] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0285.595] SelectPalette (hdc=0x6f0107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.596] RestoreDC (hdc=0x6f0107f3, nSavedDC=-1) returned 1
[0285.596] GdipReleaseDC (graphics=0x6600030, hdc=0x6f0107f3) returned 0x0
[0285.596] IsAppThemed () returned 0x1
[0285.596] GetThemeAppProperties () returned 0x3
[0285.596] GetThemeAppProperties () returned 0x3
[0285.596] IsAppThemed () returned 0x1
[0285.596] GetThemeAppProperties () returned 0x3
[0285.596] GetThemeAppProperties () returned 0x3
[0285.596] IsThemePartDefined () returned 0x1
[0285.596] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0285.596] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0285.596] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0285.596] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0285.596] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e4a4) returned 0x0
[0285.596] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.596] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0285.596] LocalFree (hMem=0x11ee788) returned 0x0
[0285.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0285.597] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0285.597] LocalFree (hMem=0x11ee868) returned 0x0
[0285.597] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0285.597] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0285.597] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0285.597] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0285.597] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0285.597] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0285.597] GetCurrentObject (hdc=0x6f0107f3, type=0x1) returned 0xb00017
[0285.597] GetCurrentObject (hdc=0x6f0107f3, type=0x2) returned 0x900010
[0285.597] GetCurrentObject (hdc=0x6f0107f3, type=0x7) returned 0x4a0507fe
[0285.597] GetCurrentObject (hdc=0x6f0107f3, type=0x6) returned 0x8a01c2
[0285.597] SaveDC (hdc=0x6f0107f3) returned 1
[0285.597] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x620407de
[0285.597] GetClipRgn (hdc=0x6f0107f3, hrgn=0x620407de) returned 0
[0285.597] SelectClipRgn (hdc=0x6f0107f3, hrgn=0xd3040807) returned 2
[0285.598] DeleteObject (ho=0x620407de) returned 1
[0285.598] DeleteObject (ho=0xd3040807) returned 1
[0285.598] OffsetViewportOrgEx (in: hdc=0x6f0107f3, x=0, y=0, lppt=0x2caabe8 | out: lppt=0x2caabe8) returned 1
[0285.598] IsAppThemed () returned 0x1
[0285.598] GetThemeAppProperties () returned 0x3
[0285.598] GetThemeAppProperties () returned 0x3
[0285.598] DrawThemeBackground () returned 0x0
[0285.598] RestoreDC (hdc=0x6f0107f3, nSavedDC=-1) returned 1
[0285.598] GdipReleaseDC (graphics=0x6600030, hdc=0x6f0107f3) returned 0x0
[0285.598] GdipCreateRegion (region=0xd7e490) returned 0x0
[0285.598] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0285.598] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0285.598] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0285.598] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a8) returned 0x0
[0285.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0285.598] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0285.598] LocalFree (hMem=0x11ee868) returned 0x0
[0285.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0285.599] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0285.599] LocalFree (hMem=0x11ee788) returned 0x0
[0285.599] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0285.599] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0285.599] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0285.599] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0285.599] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0285.599] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0285.599] GetCurrentObject (hdc=0x6f0107f3, type=0x1) returned 0xb00017
[0285.599] GetCurrentObject (hdc=0x6f0107f3, type=0x2) returned 0x900010
[0285.599] GetCurrentObject (hdc=0x6f0107f3, type=0x7) returned 0x4a0507fe
[0285.599] GetCurrentObject (hdc=0x6f0107f3, type=0x6) returned 0x8a01c2
[0285.599] SaveDC (hdc=0x6f0107f3) returned 1
[0285.599] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd4040807
[0285.599] GetClipRgn (hdc=0x6f0107f3, hrgn=0xd4040807) returned 0
[0285.599] SelectClipRgn (hdc=0x6f0107f3, hrgn=0x630407de) returned 2
[0285.599] DeleteObject (ho=0xd4040807) returned 1
[0285.600] DeleteObject (ho=0x630407de) returned 1
[0285.600] OffsetViewportOrgEx (in: hdc=0x6f0107f3, x=0, y=0, lppt=0x2caaebc | out: lppt=0x2caaebc) returned 1
[0285.600] IsAppThemed () returned 0x1
[0285.600] GetThemeAppProperties () returned 0x3
[0285.600] GetThemeAppProperties () returned 0x3
[0285.600] GetThemeBackgroundContentRect () returned 0x0
[0285.600] RestoreDC (hdc=0x6f0107f3, nSavedDC=-1) returned 1
[0285.600] GdipReleaseDC (graphics=0x6600030, hdc=0x6f0107f3) returned 0x0
[0285.600] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0285.600] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0285.600] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0285.600] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0285.600] IsAppThemed () returned 0x1
[0285.600] GetThemeAppProperties () returned 0x3
[0285.600] GetThemeAppProperties () returned 0x3
[0285.600] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0285.600] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0285.600] GetCurrentObject (hdc=0x6f0107f3, type=0x1) returned 0xb00017
[0285.600] GetCurrentObject (hdc=0x6f0107f3, type=0x2) returned 0x900010
[0285.601] GetCurrentObject (hdc=0x6f0107f3, type=0x7) returned 0x4a0507fe
[0285.601] GetCurrentObject (hdc=0x6f0107f3, type=0x6) returned 0x8a01c2
[0285.601] SaveDC (hdc=0x6f0107f3) returned 1
[0285.601] GetTextAlign (hdc=0x6f0107f3) returned 0x0
[0285.601] GetTextColor (hdc=0x6f0107f3) returned 0x0
[0285.601] GetCurrentObject (hdc=0x6f0107f3, type=0x6) returned 0x8a01c2
[0285.601] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0285.601] SelectObject (hdc=0x6f0107f3, h=0x6d0a0520) returned 0x8a01c2
[0285.601] GetBkMode (hdc=0x6f0107f3) returned 2
[0285.601] SetBkMode (hdc=0x6f0107f3, mode=1) returned 2
[0285.601] DrawTextExW (in: hdc=0x6f0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2cab280 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0285.602] DrawTextExW (in: hdc=0x6f0107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2cab280 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0285.602] RestoreDC (hdc=0x6f0107f3, nSavedDC=-1) returned 1
[0285.602] GdipReleaseDC (graphics=0x6600030, hdc=0x6f0107f3) returned 0x0
[0285.602] GetFocus () returned 0x602c4
[0285.602] IsAppThemed () returned 0x1
[0285.602] GetThemeAppProperties () returned 0x3
[0285.602] GetThemeAppProperties () returned 0x3
[0285.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0285.602] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x6f0107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0285.603] GdipReleaseDC (graphics=0x6600030, hdc=0x6f0107f3) returned 0x0
[0285.603] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0285.603] SelectObject (hdc=0x6f0107f3, h=0x85000f) returned 0x4a0507fe
[0285.603] DeleteDC (hdc=0x6f0107f3) returned 1
[0285.603] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0285.603] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0285.603] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.603] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.603] WaitMessage () returned 1
[0285.622] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.622] IsWindowUnicode (hWnd=0x7005c) returned 1
[0285.622] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.622] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.622] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.623] IsWindowUnicode (hWnd=0x7005c) returned 1
[0285.623] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.623] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.623] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.623] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x109023c) returned 0x0
[0285.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.623] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.623] WaitMessage () returned 1
[0285.628] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.628] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.628] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.628] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.628] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.629] WaitMessage () returned 1
[0285.630] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.630] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.630] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.630] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.630] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.631] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.631] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.631] WaitMessage () returned 1
[0285.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.632] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.632] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.632] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.632] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.633] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.634] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.634] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.634] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.634] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.634] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.634] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.634] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.634] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.634] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.634] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.635] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.635] WaitMessage () returned 1
[0285.635] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.635] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.635] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.635] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.635] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.637] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.641] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.641] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.641] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.641] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.642] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.642] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.642] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.642] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.642] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.642] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.643] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.643] WaitMessage () returned 1
[0285.644] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.644] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.645] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.645] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.645] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.646] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.646] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.646] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.646] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.646] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.647] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.647] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.647] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.647] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.647] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.647] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.648] WaitMessage () returned 1
[0285.648] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.648] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.648] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.648] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.648] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.650] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.650] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.650] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.650] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.650] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.650] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.650] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.650] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.650] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.651] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.651] WaitMessage () returned 1
[0285.653] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.653] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.653] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.653] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.653] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.658] WaitMessage () returned 1
[0285.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.661] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.661] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.661] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.661] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.662] WaitMessage () returned 1
[0285.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.664] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.664] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.664] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.664] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.665] WaitMessage () returned 1
[0285.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.665] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.665] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.665] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.665] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.667] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.667] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.667] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.667] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.667] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.667] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.667] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.667] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.668] WaitMessage () returned 1
[0285.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.668] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.668] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.669] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.669] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.670] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.670] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.670] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.671] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.671] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.671] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.671] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.671] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.671] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.671] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.671] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.672] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.672] WaitMessage () returned 1
[0285.672] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.672] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.672] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.672] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.672] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.674] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.674] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.674] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.674] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.674] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.674] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.674] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.675] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.675] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.675] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.675] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.676] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.676] WaitMessage () returned 1
[0285.677] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.677] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.677] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.677] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.677] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.679] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.679] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.679] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.679] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.679] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.679] IsWindowUnicode (hWnd=0x30122) returned 1
[0285.679] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.679] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.679] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.679] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.680] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.680] WaitMessage () returned 1
[0285.796] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.796] IsWindowUnicode (hWnd=0x502c6) returned 1
[0285.796] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0285.796] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0285.797] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0285.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.797] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0285.797] WaitMessage () returned 1
[0287.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f8) returned 0x1
[0287.728] IsWindowUnicode (hWnd=0x602c4) returned 1
[0287.728] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.728] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0287.728] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0287.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0287.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f8) returned 0x1
[0287.728] IsWindowUnicode (hWnd=0x602c4) returned 1
[0287.728] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f8) returned 0x1
[0287.728] SetCursor (hCursor=0x10003) returned 0x10003
[0287.729] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0287.729] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0287.729] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0287.729] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0287.729] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0287.729] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0287.729] GetKeyState (nVirtKey=1) returned 1
[0287.729] GetKeyState (nVirtKey=2) returned 0
[0287.729] GetKeyState (nVirtKey=4) returned 0
[0287.729] GetKeyState (nVirtKey=5) returned 0
[0287.729] GetKeyState (nVirtKey=6) returned 0
[0287.729] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.729] IsWindowUnicode (hWnd=0x602c4) returned 1
[0287.729] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.729] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0287.729] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0287.729] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0287.729] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0287.729] CreateCompatibleDC (hdc=0x107b9) returned 0x170106b6
[0287.729] SelectObject (hdc=0x170106b6, h=0x4a0507fe) returned 0x85000f
[0287.730] GdipCreateFromHDC (hdc=0x170106b6, graphics=0xd7e798) returned 0x0
[0287.730] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0287.730] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0287.730] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0287.730] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0287.730] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e7f8) returned 0x0
[0287.730] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0287.730] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0287.730] LocalFree (hMem=0x11ee788) returned 0x0
[0287.730] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0287.730] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0287.730] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0287.730] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0287.730] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0287.730] GdipRestoreGraphics (graphics=0x6600030, state=0xf6640dbd) returned 0x0
[0287.730] GdipDeleteRegion (region=0x6646718) returned 0x0
[0287.730] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0287.730] GetCurrentObject (hdc=0x170106b6, type=0x1) returned 0xb00017
[0287.730] GetCurrentObject (hdc=0x170106b6, type=0x2) returned 0x900010
[0287.731] GetCurrentObject (hdc=0x170106b6, type=0x7) returned 0x4a0507fe
[0287.731] GetCurrentObject (hdc=0x170106b6, type=0x6) returned 0x8a01c2
[0287.731] SaveDC (hdc=0x170106b6) returned 1
[0287.731] GetNearestColor (hdc=0x170106b6, color=0xff) returned 0xff
[0287.731] GetNearestColor (hdc=0x170106b6, color=0x55) returned 0x55
[0287.731] GetNearestColor (hdc=0x170106b6, color=0x0) returned 0x0
[0287.731] GetNearestColor (hdc=0x170106b6, color=0x55) returned 0x55
[0287.731] GetNearestColor (hdc=0x170106b6, color=0x0) returned 0x0
[0287.731] GetNearestColor (hdc=0x170106b6, color=0x8080ff) returned 0x8080ff
[0287.731] GetNearestColor (hdc=0x170106b6, color=0x7373e5) returned 0x7373e5
[0287.731] GetNearestColor (hdc=0x170106b6, color=0xe5) returned 0xe5
[0287.731] GetNearestColor (hdc=0x170106b6, color=0x0) returned 0x0
[0287.731] RestoreDC (hdc=0x170106b6, nSavedDC=-1) returned 1
[0287.731] GdipReleaseDC (graphics=0x6600030, hdc=0x170106b6) returned 0x0
[0287.732] IsAppThemed () returned 0x1
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] IsAppThemed () returned 0x1
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2cabcc8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0287.732] IsAppThemed () returned 0x1
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] IsAppThemed () returned 0x1
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] GetThemeAppProperties () returned 0x3
[0287.732] IsAppThemed () returned 0x1
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] IsAppThemed () returned 0x1
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] IsThemePartDefined () returned 0x1
[0287.733] IsAppThemed () returned 0x1
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0287.733] IsAppThemed () returned 0x1
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] IsAppThemed () returned 0x1
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] GetThemeAppProperties () returned 0x3
[0287.733] IsThemePartDefined () returned 0x1
[0287.733] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0287.733] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0287.733] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0287.733] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0287.733] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e514) returned 0x0
[0287.733] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0287.734] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0287.734] LocalFree (hMem=0x11ee9f0) returned 0x0
[0287.734] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0287.734] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0287.734] LocalFree (hMem=0x11ee8d8) returned 0x0
[0287.734] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0287.734] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0287.734] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0287.734] GdipGetRegionHRgn (region=0x6646c28, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0287.734] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0287.734] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0287.734] GetCurrentObject (hdc=0x170106b6, type=0x1) returned 0xb00017
[0287.734] GetCurrentObject (hdc=0x170106b6, type=0x2) returned 0x900010
[0287.734] GetCurrentObject (hdc=0x170106b6, type=0x7) returned 0x4a0507fe
[0287.734] GetCurrentObject (hdc=0x170106b6, type=0x6) returned 0x8a01c2
[0287.734] SaveDC (hdc=0x170106b6) returned 1
[0287.734] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x640407de
[0287.735] GetClipRgn (hdc=0x170106b6, hrgn=0x640407de) returned 0
[0287.735] SelectClipRgn (hdc=0x170106b6, hrgn=0xd8040807) returned 2
[0287.735] DeleteObject (ho=0x640407de) returned 1
[0287.735] DeleteObject (ho=0xd8040807) returned 1
[0287.735] OffsetViewportOrgEx (in: hdc=0x170106b6, x=0, y=0, lppt=0x2cac378 | out: lppt=0x2cac378) returned 1
[0287.735] DrawThemeParentBackground () returned 0x0
[0287.735] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0287.735] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0287.735] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0287.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0287.735] GetSystemMetrics (nIndex=42) returned 0
[0287.735] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0287.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0287.735] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0287.735] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0287.736] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0287.736] SelectPalette (hdc=0x170106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0287.736] GdipCreateFromHDC (hdc=0x170106b6, graphics=0xd7dff0) returned 0x0
[0287.736] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0287.736] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0287.736] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638c08) returned 0x0
[0287.736] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfc8) returned 0x0
[0287.736] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0287.736] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0287.736] GdipGetClip (graphics=0x6639e10, region=0x6646448) returned 0x0
[0287.736] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6639e10, result=0xd7dfbc) returned 0x0
[0287.736] GdipDeleteRegion (region=0x6646448) returned 0x0
[0287.736] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dfe8) returned 0x0
[0287.736] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0287.743] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659788, x=0, y=0, width=801, height=453) returned 0x0
[0287.743] GdipDeleteBrush (brush=0x6659788) returned 0x0
[0287.744] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0287.744] SelectPalette (hdc=0x170106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0287.744] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0287.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0287.745] GetSystemMetrics (nIndex=42) returned 0
[0287.745] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0287.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0287.745] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0287.745] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0287.745] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0287.745] SelectPalette (hdc=0x170106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0287.745] GdipCreateFromHDC (hdc=0x170106b6, graphics=0xd7df90) returned 0x0
[0287.745] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0287.745] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0287.745] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cf8) returned 0x0
[0287.745] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df68) returned 0x0
[0287.745] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0287.745] GdipCreateRegion (region=0xd7df50) returned 0x0
[0287.745] GdipGetClip (graphics=0x6639e10, region=0x66465f8) returned 0x0
[0287.745] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6639e10, result=0xd7df5c) returned 0x0
[0287.745] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0287.745] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df88) returned 0x0
[0287.745] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0287.752] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659650, x=0, y=0, width=801, height=453) returned 0x0
[0287.752] GdipDeleteBrush (brush=0x6659650) returned 0x0
[0287.754] GdipRestoreGraphics (graphics=0x6639e10, state=0xf6600dbd) returned 0x0
[0287.754] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0287.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0287.754] GetSystemMetrics (nIndex=42) returned 0
[0287.754] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0287.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0287.754] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0287.754] SelectPalette (hdc=0x170106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0287.754] RestoreDC (hdc=0x170106b6, nSavedDC=-1) returned 1
[0287.754] GdipReleaseDC (graphics=0x6600030, hdc=0x170106b6) returned 0x0
[0287.754] IsAppThemed () returned 0x1
[0287.755] GetThemeAppProperties () returned 0x3
[0287.755] GetThemeAppProperties () returned 0x3
[0287.755] IsAppThemed () returned 0x1
[0287.755] GetThemeAppProperties () returned 0x3
[0287.755] GetThemeAppProperties () returned 0x3
[0287.755] IsThemePartDefined () returned 0x1
[0287.755] GdipCreateRegion (region=0xd7e480) returned 0x0
[0287.755] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0287.755] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0287.755] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0287.755] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e498) returned 0x0
[0287.755] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0287.755] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0287.755] LocalFree (hMem=0x11ee9f0) returned 0x0
[0287.755] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0287.755] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0287.755] LocalFree (hMem=0x11eec58) returned 0x0
[0287.755] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0287.755] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0287.755] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0287.755] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0287.755] GdipDeleteRegion (region=0x6646298) returned 0x0
[0287.756] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0287.756] GetCurrentObject (hdc=0x170106b6, type=0x1) returned 0xb00017
[0287.756] GetCurrentObject (hdc=0x170106b6, type=0x2) returned 0x900010
[0287.756] GetCurrentObject (hdc=0x170106b6, type=0x7) returned 0x4a0507fe
[0287.756] GetCurrentObject (hdc=0x170106b6, type=0x6) returned 0x8a01c2
[0287.756] SaveDC (hdc=0x170106b6) returned 1
[0287.756] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd9040807
[0287.756] GetClipRgn (hdc=0x170106b6, hrgn=0xd9040807) returned 0
[0287.756] SelectClipRgn (hdc=0x170106b6, hrgn=0x660407de) returned 2
[0287.756] DeleteObject (ho=0xd9040807) returned 1
[0287.756] DeleteObject (ho=0x660407de) returned 1
[0287.756] OffsetViewportOrgEx (in: hdc=0x170106b6, x=0, y=0, lppt=0x2cb2bc8 | out: lppt=0x2cb2bc8) returned 1
[0287.756] IsAppThemed () returned 0x1
[0287.756] GetThemeAppProperties () returned 0x3
[0287.756] GetThemeAppProperties () returned 0x3
[0287.756] DrawThemeBackground () returned 0x0
[0287.756] RestoreDC (hdc=0x170106b6, nSavedDC=-1) returned 1
[0287.757] GdipReleaseDC (graphics=0x6600030, hdc=0x170106b6) returned 0x0
[0287.757] GdipCreateRegion (region=0xd7e484) returned 0x0
[0287.757] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0287.757] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0287.757] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0287.757] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e49c) returned 0x0
[0287.757] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0287.757] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0287.757] LocalFree (hMem=0x11ee910) returned 0x0
[0287.757] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0287.757] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0287.757] LocalFree (hMem=0x11eea60) returned 0x0
[0287.757] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0287.757] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0287.757] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0287.757] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0287.757] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0287.757] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0287.757] GetCurrentObject (hdc=0x170106b6, type=0x1) returned 0xb00017
[0287.757] GetCurrentObject (hdc=0x170106b6, type=0x2) returned 0x900010
[0287.757] GetCurrentObject (hdc=0x170106b6, type=0x7) returned 0x4a0507fe
[0287.757] GetCurrentObject (hdc=0x170106b6, type=0x6) returned 0x8a01c2
[0287.758] SaveDC (hdc=0x170106b6) returned 1
[0287.758] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x670407de
[0287.758] GetClipRgn (hdc=0x170106b6, hrgn=0x670407de) returned 0
[0287.758] SelectClipRgn (hdc=0x170106b6, hrgn=0xda040807) returned 2
[0287.758] DeleteObject (ho=0x670407de) returned 1
[0287.758] DeleteObject (ho=0xda040807) returned 1
[0287.758] OffsetViewportOrgEx (in: hdc=0x170106b6, x=0, y=0, lppt=0x2cb2e9c | out: lppt=0x2cb2e9c) returned 1
[0287.758] IsAppThemed () returned 0x1
[0287.758] GetThemeAppProperties () returned 0x3
[0287.758] GetThemeAppProperties () returned 0x3
[0287.758] GetThemeBackgroundContentRect () returned 0x0
[0287.758] RestoreDC (hdc=0x170106b6, nSavedDC=-1) returned 1
[0287.758] GdipReleaseDC (graphics=0x6600030, hdc=0x170106b6) returned 0x0
[0287.758] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0287.758] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0287.758] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0287.758] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0287.759] IsAppThemed () returned 0x1
[0287.759] GetThemeAppProperties () returned 0x3
[0287.759] GetThemeAppProperties () returned 0x3
[0287.759] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0287.759] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0287.759] GetCurrentObject (hdc=0x170106b6, type=0x1) returned 0xb00017
[0287.759] GetCurrentObject (hdc=0x170106b6, type=0x2) returned 0x900010
[0287.759] GetCurrentObject (hdc=0x170106b6, type=0x7) returned 0x4a0507fe
[0287.759] GetCurrentObject (hdc=0x170106b6, type=0x6) returned 0x8a01c2
[0287.759] SaveDC (hdc=0x170106b6) returned 1
[0287.759] GetTextAlign (hdc=0x170106b6) returned 0x0
[0287.759] GetTextColor (hdc=0x170106b6) returned 0x0
[0287.759] GetCurrentObject (hdc=0x170106b6, type=0x6) returned 0x8a01c2
[0287.759] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0287.759] SelectObject (hdc=0x170106b6, h=0x6d0a0520) returned 0x8a01c2
[0287.759] GetBkMode (hdc=0x170106b6) returned 2
[0287.760] SetBkMode (hdc=0x170106b6, mode=1) returned 2
[0287.760] DrawTextExW (in: hdc=0x170106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2cb3260 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0287.760] DrawTextExW (in: hdc=0x170106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2cb3260 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0287.760] RestoreDC (hdc=0x170106b6, nSavedDC=-1) returned 1
[0287.760] GdipReleaseDC (graphics=0x6600030, hdc=0x170106b6) returned 0x0
[0287.760] GetFocus () returned 0x602c4
[0287.761] IsAppThemed () returned 0x1
[0287.761] GetThemeAppProperties () returned 0x3
[0287.761] GetThemeAppProperties () returned 0x3
[0287.761] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0287.761] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x170106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0287.761] GdipReleaseDC (graphics=0x6600030, hdc=0x170106b6) returned 0x0
[0287.761] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0287.761] SelectObject (hdc=0x170106b6, h=0x85000f) returned 0x4a0507fe
[0287.761] DeleteDC (hdc=0x170106b6) returned 1
[0287.761] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0287.762] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0287.762] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0287.762] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0287.762] WaitMessage () returned 1
[0287.826] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.826] IsWindowUnicode (hWnd=0x602c4) returned 1
[0287.826] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.826] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0287.826] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0287.826] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.826] IsWindowUnicode (hWnd=0x602c4) returned 1
[0287.826] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.826] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0287.826] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0287.826] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x8001d) returned 0x0
[0287.826] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0287.826] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0287.826] WaitMessage () returned 1
[0287.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.960] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f8) returned 0x1
[0287.960] IsWindowUnicode (hWnd=0x602c4) returned 1
[0287.960] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.961] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f8) returned 0x1
[0287.961] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0287.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19a003a) returned 0x0
[0287.961] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0287.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0287.961] SetCursor (hCursor=0x10003) returned 0x10003
[0287.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0287.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0287.961] GetKeyState (nVirtKey=1) returned -128
[0287.961] GetKeyState (nVirtKey=2) returned 0
[0287.961] GetKeyState (nVirtKey=4) returned 0
[0287.961] GetKeyState (nVirtKey=5) returned 0
[0287.961] GetKeyState (nVirtKey=6) returned 0
[0287.961] IsWindowVisible (hWnd=0x602c4) returned 1
[0287.961] IsWindowEnabled (hWnd=0x602c4) returned 1
[0287.962] SetFocus (hWnd=0x602c4) returned 0x602c4
[0287.962] GetFocus () returned 0x602c4
[0287.962] GetFocus () returned 0x602c4
[0287.962] GetFocus () returned 0x602c4
[0287.962] GetKeyState (nVirtKey=1) returned -128
[0287.962] GetKeyState (nVirtKey=2) returned 0
[0287.962] GetKeyState (nVirtKey=4) returned 0
[0287.962] GetKeyState (nVirtKey=5) returned 0
[0287.962] GetKeyState (nVirtKey=6) returned 0
[0287.962] GetCapture () returned 0x0
[0287.962] SetCapture (hWnd=0x602c4) returned 0x0
[0287.962] GetKeyState (nVirtKey=1) returned -128
[0287.962] GetKeyState (nVirtKey=2) returned 0
[0287.962] GetKeyState (nVirtKey=4) returned 0
[0287.962] GetKeyState (nVirtKey=5) returned 0
[0287.962] GetKeyState (nVirtKey=6) returned 0
[0287.962] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0287.962] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0287.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.962] IsWindowUnicode (hWnd=0x602c4) returned 1
[0287.962] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0287.962] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0287.962] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0287.962] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cb33e4, cPoints=0x1 | out: lpPoints=0x2cb33e4) returned 40304859
[0287.962] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0287.963] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0287.963] UpdateWindow (hWnd=0x602c4) returned 1
[0287.963] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0287.963] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0287.963] CreateCompatibleDC (hdc=0x107b9) returned 0x180106b6
[0287.963] SelectObject (hdc=0x180106b6, h=0x4a0507fe) returned 0x85000f
[0287.963] GdipCreateFromHDC (hdc=0x180106b6, graphics=0xd7e430) returned 0x0
[0287.963] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0287.963] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0287.963] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0287.963] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0287.963] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e490) returned 0x0
[0287.963] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0287.963] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0287.964] LocalFree (hMem=0x11ee9f0) returned 0x0
[0287.964] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0287.964] GdipCreateRegion (region=0xd7e478) returned 0x0
[0287.964] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0287.964] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e484) returned 0x0
[0287.964] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0287.964] GdipRestoreGraphics (graphics=0x6600030, state=0xf65e0dbd) returned 0x0
[0287.964] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0287.964] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0287.964] GetCurrentObject (hdc=0x180106b6, type=0x1) returned 0xb00017
[0287.964] GetCurrentObject (hdc=0x180106b6, type=0x2) returned 0x900010
[0287.964] GetCurrentObject (hdc=0x180106b6, type=0x7) returned 0x4a0507fe
[0287.964] GetCurrentObject (hdc=0x180106b6, type=0x6) returned 0x8a01c2
[0287.964] SaveDC (hdc=0x180106b6) returned 1
[0287.964] GetNearestColor (hdc=0x180106b6, color=0xff) returned 0xff
[0287.964] GetNearestColor (hdc=0x180106b6, color=0x55) returned 0x55
[0287.964] GetNearestColor (hdc=0x180106b6, color=0x0) returned 0x0
[0287.964] GetNearestColor (hdc=0x180106b6, color=0x55) returned 0x55
[0287.964] GetNearestColor (hdc=0x180106b6, color=0x0) returned 0x0
[0287.964] GetNearestColor (hdc=0x180106b6, color=0x8080ff) returned 0x8080ff
[0287.965] GetNearestColor (hdc=0x180106b6, color=0x7373e5) returned 0x7373e5
[0287.965] GetNearestColor (hdc=0x180106b6, color=0xe5) returned 0xe5
[0287.965] GetNearestColor (hdc=0x180106b6, color=0x0) returned 0x0
[0287.965] RestoreDC (hdc=0x180106b6, nSavedDC=-1) returned 1
[0287.965] GdipReleaseDC (graphics=0x6600030, hdc=0x180106b6) returned 0x0
[0287.965] IsAppThemed () returned 0x1
[0287.965] GetThemeAppProperties () returned 0x3
[0287.965] GetThemeAppProperties () returned 0x3
[0287.965] IsAppThemed () returned 0x1
[0287.965] GetThemeAppProperties () returned 0x3
[0287.965] GetThemeAppProperties () returned 0x3
[0287.965] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2cb3b00 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0287.965] IsAppThemed () returned 0x1
[0287.965] GetThemeAppProperties () returned 0x3
[0287.965] GetThemeAppProperties () returned 0x3
[0287.965] IsAppThemed () returned 0x1
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] IsAppThemed () returned 0x1
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] IsAppThemed () returned 0x1
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] IsThemePartDefined () returned 0x1
[0287.966] IsAppThemed () returned 0x1
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] GetThemeAppProperties () returned 0x3
[0287.966] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0287.966] IsAppThemed () returned 0x1
[0287.967] GetThemeAppProperties () returned 0x3
[0287.967] GetThemeAppProperties () returned 0x3
[0287.967] IsAppThemed () returned 0x1
[0287.967] GetThemeAppProperties () returned 0x3
[0287.967] GetThemeAppProperties () returned 0x3
[0287.967] IsThemePartDefined () returned 0x1
[0287.967] GdipCreateRegion (region=0xd7e194) returned 0x0
[0287.967] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0287.967] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0287.967] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0287.967] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e1ac) returned 0x0
[0287.967] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0287.967] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0287.967] LocalFree (hMem=0x11ee8d8) returned 0x0
[0287.967] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0287.967] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0287.967] LocalFree (hMem=0x11ee8d8) returned 0x0
[0287.967] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0287.967] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0287.967] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0287.967] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0287.967] GdipDeleteRegion (region=0x6646718) returned 0x0
[0287.967] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0287.968] GetCurrentObject (hdc=0x180106b6, type=0x1) returned 0xb00017
[0287.968] GetCurrentObject (hdc=0x180106b6, type=0x2) returned 0x900010
[0287.968] GetCurrentObject (hdc=0x180106b6, type=0x7) returned 0x4a0507fe
[0287.968] GetCurrentObject (hdc=0x180106b6, type=0x6) returned 0x8a01c2
[0287.968] SaveDC (hdc=0x180106b6) returned 1
[0287.968] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdb040807
[0287.968] GetClipRgn (hdc=0x180106b6, hrgn=0xdb040807) returned 0
[0287.968] SelectClipRgn (hdc=0x180106b6, hrgn=0x6b0407de) returned 2
[0287.968] DeleteObject (ho=0xdb040807) returned 1
[0287.968] DeleteObject (ho=0x6b0407de) returned 1
[0287.968] OffsetViewportOrgEx (in: hdc=0x180106b6, x=0, y=0, lppt=0x2cb41b0 | out: lppt=0x2cb41b0) returned 1
[0287.968] DrawThemeParentBackground () returned 0x0
[0287.969] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0287.969] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0287.969] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0287.969] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0287.969] GetSystemMetrics (nIndex=42) returned 0
[0287.969] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0287.969] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0287.969] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0287.969] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0287.969] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0287.969] SelectPalette (hdc=0x180106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0287.969] GdipCreateFromHDC (hdc=0x180106b6, graphics=0xd7dc88) returned 0x0
[0287.969] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0287.969] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0287.969] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b48) returned 0x0
[0287.969] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dc60) returned 0x0
[0287.969] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0287.969] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0287.969] GdipGetClip (graphics=0x6639e10, region=0x6646958) returned 0x0
[0287.969] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6639e10, result=0xd7dc54) returned 0x0
[0287.969] GdipDeleteRegion (region=0x6646958) returned 0x0
[0287.970] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc80) returned 0x0
[0287.970] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0287.976] GdipFillRectangleI (graphics=0x6639e10, brush=0x6658c90, x=0, y=0, width=801, height=453) returned 0x0
[0287.976] GdipDeleteBrush (brush=0x6658c90) returned 0x0
[0287.978] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0287.978] SelectPalette (hdc=0x180106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0287.978] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0287.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0287.978] GetSystemMetrics (nIndex=42) returned 0
[0287.978] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0287.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0287.978] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0287.978] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0287.978] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0287.978] SelectPalette (hdc=0x180106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0287.978] GdipCreateFromHDC (hdc=0x180106b6, graphics=0xd7dc28) returned 0x0
[0287.978] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0287.978] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0287.979] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cf8) returned 0x0
[0287.979] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0287.979] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0287.979] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0287.979] GdipGetClip (graphics=0x6639e10, region=0x6646dd8) returned 0x0
[0287.979] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6639e10, result=0xd7dbf4) returned 0x0
[0287.979] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0287.979] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc20) returned 0x0
[0287.979] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0287.987] GdipFillRectangleI (graphics=0x6639e10, brush=0x6659518, x=0, y=0, width=801, height=453) returned 0x0
[0287.987] GdipDeleteBrush (brush=0x6659518) returned 0x0
[0287.989] GdipRestoreGraphics (graphics=0x6639e10, state=0xf65a0dbd) returned 0x0
[0287.989] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0287.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0287.989] GetSystemMetrics (nIndex=42) returned 0
[0287.989] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0287.989] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0287.989] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0287.989] SelectPalette (hdc=0x180106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0287.989] RestoreDC (hdc=0x180106b6, nSavedDC=-1) returned 1
[0287.990] GdipReleaseDC (graphics=0x6600030, hdc=0x180106b6) returned 0x0
[0287.990] IsAppThemed () returned 0x1
[0287.990] GetThemeAppProperties () returned 0x3
[0287.990] GetThemeAppProperties () returned 0x3
[0287.990] IsAppThemed () returned 0x1
[0287.990] GetThemeAppProperties () returned 0x3
[0287.990] GetThemeAppProperties () returned 0x3
[0287.990] IsThemePartDefined () returned 0x1
[0287.990] GdipCreateRegion (region=0xd7e118) returned 0x0
[0287.990] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0287.990] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0287.990] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0287.990] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e130) returned 0x0
[0287.990] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0287.990] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0287.990] LocalFree (hMem=0x11eec58) returned 0x0
[0287.990] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0287.990] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea28) returned 0x0
[0287.991] LocalFree (hMem=0x11eea28) returned 0x0
[0287.991] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0287.991] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0287.991] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0287.991] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0287.991] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0287.991] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0287.991] GetCurrentObject (hdc=0x180106b6, type=0x1) returned 0xb00017
[0287.991] GetCurrentObject (hdc=0x180106b6, type=0x2) returned 0x900010
[0287.991] GetCurrentObject (hdc=0x180106b6, type=0x7) returned 0x4a0507fe
[0287.991] GetCurrentObject (hdc=0x180106b6, type=0x6) returned 0x8a01c2
[0287.991] SaveDC (hdc=0x180106b6) returned 1
[0287.991] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6c0407de
[0287.991] GetClipRgn (hdc=0x180106b6, hrgn=0x6c0407de) returned 0
[0287.991] SelectClipRgn (hdc=0x180106b6, hrgn=0xdd040807) returned 2
[0287.991] DeleteObject (ho=0x6c0407de) returned 1
[0287.992] DeleteObject (ho=0xdd040807) returned 1
[0287.992] OffsetViewportOrgEx (in: hdc=0x180106b6, x=0, y=0, lppt=0x2cbaa00 | out: lppt=0x2cbaa00) returned 1
[0287.992] IsAppThemed () returned 0x1
[0287.992] GetThemeAppProperties () returned 0x3
[0287.992] GetThemeAppProperties () returned 0x3
[0287.992] DrawThemeBackground () returned 0x0
[0287.992] RestoreDC (hdc=0x180106b6, nSavedDC=-1) returned 1
[0287.992] GdipReleaseDC (graphics=0x6600030, hdc=0x180106b6) returned 0x0
[0287.992] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0287.992] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0287.992] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0287.992] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0287.992] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e134) returned 0x0
[0287.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0287.992] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0287.992] LocalFree (hMem=0x11ee9f0) returned 0x0
[0287.992] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0287.992] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0287.993] LocalFree (hMem=0x11ee9f0) returned 0x0
[0287.993] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0287.993] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0287.993] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0287.993] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0287.993] GdipDeleteRegion (region=0x6646568) returned 0x0
[0287.993] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0287.993] GetCurrentObject (hdc=0x180106b6, type=0x1) returned 0xb00017
[0287.993] GetCurrentObject (hdc=0x180106b6, type=0x2) returned 0x900010
[0287.993] GetCurrentObject (hdc=0x180106b6, type=0x7) returned 0x4a0507fe
[0287.993] GetCurrentObject (hdc=0x180106b6, type=0x6) returned 0x8a01c2
[0287.993] SaveDC (hdc=0x180106b6) returned 1
[0287.993] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xde040807
[0287.993] GetClipRgn (hdc=0x180106b6, hrgn=0xde040807) returned 0
[0287.993] SelectClipRgn (hdc=0x180106b6, hrgn=0x6d0407de) returned 2
[0287.993] DeleteObject (ho=0xde040807) returned 1
[0287.994] DeleteObject (ho=0x6d0407de) returned 1
[0287.994] OffsetViewportOrgEx (in: hdc=0x180106b6, x=0, y=0, lppt=0x2cbacd4 | out: lppt=0x2cbacd4) returned 1
[0287.994] IsAppThemed () returned 0x1
[0287.994] GetThemeAppProperties () returned 0x3
[0287.994] GetThemeAppProperties () returned 0x3
[0287.994] GetThemeBackgroundContentRect () returned 0x0
[0287.994] RestoreDC (hdc=0x180106b6, nSavedDC=-1) returned 1
[0287.994] GdipReleaseDC (graphics=0x6600030, hdc=0x180106b6) returned 0x0
[0287.994] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0287.994] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0287.994] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0287.994] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0287.994] IsAppThemed () returned 0x1
[0287.994] GetThemeAppProperties () returned 0x3
[0287.994] GetThemeAppProperties () returned 0x3
[0287.994] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0287.994] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0287.994] GetCurrentObject (hdc=0x180106b6, type=0x1) returned 0xb00017
[0287.994] GetCurrentObject (hdc=0x180106b6, type=0x2) returned 0x900010
[0287.995] GetCurrentObject (hdc=0x180106b6, type=0x7) returned 0x4a0507fe
[0287.995] GetCurrentObject (hdc=0x180106b6, type=0x6) returned 0x8a01c2
[0287.995] SaveDC (hdc=0x180106b6) returned 1
[0287.995] GetTextAlign (hdc=0x180106b6) returned 0x0
[0287.995] GetTextColor (hdc=0x180106b6) returned 0x0
[0287.995] GetCurrentObject (hdc=0x180106b6, type=0x6) returned 0x8a01c2
[0287.995] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0287.995] SelectObject (hdc=0x180106b6, h=0x6d0a0520) returned 0x8a01c2
[0287.995] GetBkMode (hdc=0x180106b6) returned 2
[0287.995] SetBkMode (hdc=0x180106b6, mode=1) returned 2
[0287.995] DrawTextExW (in: hdc=0x180106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2cbb098 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0287.996] DrawTextExW (in: hdc=0x180106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2cbb098 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0287.996] RestoreDC (hdc=0x180106b6, nSavedDC=-1) returned 1
[0287.996] GdipReleaseDC (graphics=0x6600030, hdc=0x180106b6) returned 0x0
[0287.996] GetFocus () returned 0x602c4
[0287.996] IsAppThemed () returned 0x1
[0287.996] GetThemeAppProperties () returned 0x3
[0287.996] GetThemeAppProperties () returned 0x3
[0287.996] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0287.997] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x180106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0287.998] GdipReleaseDC (graphics=0x6600030, hdc=0x180106b6) returned 0x0
[0287.998] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0287.998] SelectObject (hdc=0x180106b6, h=0x85000f) returned 0x4a0507fe
[0287.998] DeleteDC (hdc=0x180106b6) returned 1
[0287.998] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0287.998] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0287.998] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cbb194, cPoints=0x1 | out: lpPoints=0x2cbb194) returned 40304859
[0287.998] WindowFromPoint (Point=0xf8) returned 0x602c4
[0287.998] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26f00f8) returned 0x1
[0287.998] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0287.999] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0287.999] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0287.999] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0287.999] GetSystemMetrics (nIndex=42) returned 0
[0287.999] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0287.999] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0288.001] GetCapture () returned 0x602c4
[0288.001] ReleaseCapture () returned 1
[0288.001] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0288.001] GetProcessWindowStation () returned 0x13c
[0288.001] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.003] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0288.003] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.004] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0288.004] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.004] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0288.004] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.004] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0288.005] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.005] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0288.005] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.005] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0288.005] GetDC (hWnd=0x0) returned 0xf0105ee
[0288.005] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0288.006] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0288.006] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.006] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0288.006] GetSystemMetrics (nIndex=5) returned 1
[0288.006] GetSystemMetrics (nIndex=6) returned 1
[0288.006] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.007] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0288.007] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.007] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0288.014] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0288.014] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0288.014] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.014] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0288.014] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.014] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0288.015] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2cc2264 | out: lpData=0x2cc2264) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc2674, puLen=0xd7e810) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc231c, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2370, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc23f0, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2458, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2498, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2520, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc255c, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc25b4, puLen=0xd7e790) returned 1
[0288.016] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc25e4, puLen=0xd7e790) returned 1
[0288.017] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.017] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc2620, puLen=0xd7e790) returned 1
[0288.017] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.017] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc2674, puLen=0xd7e784) returned 1
[0288.017] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.017] VerQueryValueW (in: pBlock=0x2cc2264, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc228c, puLen=0xd7e794) returned 1
[0288.017] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0288.017] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0288.018] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.018] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0288.018] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.018] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0288.018] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2cc41d4 | out: lpData=0x2cc41d4) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc4270, puLen=0xd7e810) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc42e8, puLen=0xd7e790) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4318, puLen=0xd7e790) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4354, puLen=0xd7e790) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4384, puLen=0xd7e790) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc43cc, puLen=0xd7e790) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4444, puLen=0xd7e790) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4488, puLen=0xd7e790) returned 1
[0288.018] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc44c8, puLen=0xd7e790) returned 1
[0288.019] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc42c6, puLen=0xd7e790) returned 1
[0288.019] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc4414, puLen=0xd7e790) returned 1
[0288.019] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.019] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.019] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc4270, puLen=0xd7e784) returned 1
[0288.019] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0288.019] VerQueryValueW (in: pBlock=0x2cc41d4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc41fc, puLen=0xd7e794) returned 1
[0288.020] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0288.020] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0288.020] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.020] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0288.020] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.020] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0288.021] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2cc64ac | out: lpData=0x2cc64ac) returned 1
[0288.021] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc68c0, puLen=0xd7e810) returned 1
[0288.021] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc6564, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc65b8, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc6614, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc6674, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc66cc, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc6754, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc67a8, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc6800, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc6830, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc686c, puLen=0xd7e790) returned 1
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc68c0, puLen=0xd7e784) returned 1
[0288.022] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.022] VerQueryValueW (in: pBlock=0x2cc64ac, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc64d4, puLen=0xd7e794) returned 1
[0288.023] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0288.023] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0288.023] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.023] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0288.023] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.023] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0288.024] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2cc8ae4 | out: lpData=0x2cc8ae4) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cc8ee4, puLen=0xd7e810) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8b9c, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8bf0, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8c30, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8c98, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8cf0, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8d78, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8dcc, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8e24, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8e54, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cc8e90, puLen=0xd7e790) returned 1
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.025] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cc8ee4, puLen=0xd7e784) returned 1
[0288.025] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.026] VerQueryValueW (in: pBlock=0x2cc8ae4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cc8b0c, puLen=0xd7e794) returned 1
[0288.026] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0288.026] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0288.026] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.027] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0288.027] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.027] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0288.028] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2ccb220 | out: lpData=0x2ccb220) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ccb5e8, puLen=0xd7e810) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb2d8, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb32c, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb36c, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb3d4, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb410, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb498, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb4d0, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb528, puLen=0xd7e790) returned 1
[0288.039] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb558, puLen=0xd7e790) returned 1
[0288.040] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.040] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccb594, puLen=0xd7e790) returned 1
[0288.040] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.040] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ccb5e8, puLen=0xd7e784) returned 1
[0288.040] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.040] VerQueryValueW (in: pBlock=0x2ccb220, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2ccb248, puLen=0xd7e794) returned 1
[0288.040] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0288.040] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0288.041] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.041] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0288.041] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.041] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0288.041] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2cce888 | out: lpData=0x2cce888) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ccec68, puLen=0xd7e810) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cce940, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cce994, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cce9d4, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccea34, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccea80, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cceb08, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cceb50, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cceba8, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccebd8, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ccec14, puLen=0xd7e790) returned 1
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.042] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ccec68, puLen=0xd7e784) returned 1
[0288.042] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.043] VerQueryValueW (in: pBlock=0x2cce888, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cce8b0, puLen=0xd7e794) returned 1
[0288.043] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0288.043] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0288.043] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.043] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0288.043] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.044] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0288.045] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2cd10a8 | out: lpData=0x2cd10a8) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cd14b4, puLen=0xd7e810) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1160, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd11b4, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1208, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1268, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd12c0, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1348, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd139c, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd13f4, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1424, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd1460, puLen=0xd7e790) returned 1
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cd14b4, puLen=0xd7e784) returned 1
[0288.046] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.046] VerQueryValueW (in: pBlock=0x2cd10a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd10d0, puLen=0xd7e794) returned 1
[0288.047] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0288.047] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0288.047] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.047] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0288.047] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.047] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0288.048] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cd38bc | out: lpData=0x2cd38bc) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cd3c94, puLen=0xd7e810) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3974, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd39c8, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3a08, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3a70, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3ab4, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3b3c, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3b7c, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3bd4, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3c04, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd3c40, puLen=0xd7e790) returned 1
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cd3c94, puLen=0xd7e784) returned 1
[0288.049] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.049] VerQueryValueW (in: pBlock=0x2cd38bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd38e4, puLen=0xd7e794) returned 1
[0288.050] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0288.050] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0288.050] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.050] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0288.050] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.051] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0288.052] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cd5e14 | out: lpData=0x2cd5e14) returned 1
[0288.052] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cd61ec, puLen=0xd7e810) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd5ecc, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd5f20, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd5f60, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd5fc8, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd600c, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd6094, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd60d4, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd612c, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd615c, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd6198, puLen=0xd7e790) returned 1
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cd61ec, puLen=0xd7e784) returned 1
[0288.053] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.053] VerQueryValueW (in: pBlock=0x2cd5e14, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd5e3c, puLen=0xd7e794) returned 1
[0288.054] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0288.054] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0288.054] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0288.054] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0288.054] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0288.054] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0288.055] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2cd854c | out: lpData=0x2cd854c) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cd897c, puLen=0xd7e810) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd8604, puLen=0xd7e790) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd8658, puLen=0xd7e790) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd86c8, puLen=0xd7e790) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd8728, puLen=0xd7e790) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd8784, puLen=0xd7e790) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd880c, puLen=0xd7e790) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd8864, puLen=0xd7e790) returned 1
[0288.055] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd88bc, puLen=0xd7e790) returned 1
[0288.056] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd88ec, puLen=0xd7e790) returned 1
[0288.057] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.057] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cd8928, puLen=0xd7e790) returned 1
[0288.057] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0288.057] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cd897c, puLen=0xd7e784) returned 1
[0288.058] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0288.058] VerQueryValueW (in: pBlock=0x2cd854c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cd8574, puLen=0xd7e794) returned 1
[0288.058] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0288.058] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.058] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0288.059] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.059] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.059] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a02c8
[0288.059] SetWindowLongW (hWnd=0x2a02c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0288.060] GetWindowLongW (hWnd=0x2a02c8, nIndex=-4) returned 1950089536
[0288.060] SetWindowLongW (hWnd=0x2a02c8, nIndex=-4, dwNewLong=19948734) returned 1950089536
[0288.060] GetWindowLongW (hWnd=0x2a02c8, nIndex=-4) returned 19948734
[0288.060] GetWindowLongW (hWnd=0x2a02c8, nIndex=-16) returned 113311744
[0288.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0288.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0288.061] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0288.061] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0288.061] GetClientRect (in: hWnd=0x2a02c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0288.061] GetWindowRect (in: hWnd=0x2a02c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0288.061] SetWindowTextW (hWnd=0x2a02c8, lpString="WindowsFormsParkingWindow") returned 1
[0288.061] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0xc, wParam=0x0, lParam=0x2c9c370) returned 0x1
[0288.062] GetParent (hWnd=0x2a02c8) returned 0x0
[0288.062] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.062] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2a02c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3300ea
[0288.062] SetWindowLongW (hWnd=0x3300ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0288.063] GetWindowLongW (hWnd=0x3300ea, nIndex=-4) returned 1868147648
[0288.063] SetWindowLongW (hWnd=0x3300ea, nIndex=-4, dwNewLong=19949054) returned 1868147648
[0288.063] GetWindowLongW (hWnd=0x3300ea, nIndex=-4) returned 19949054
[0288.063] GetWindowLongW (hWnd=0x3300ea, nIndex=-16) returned 1174405133
[0288.063] GetWindowLongW (hWnd=0x3300ea, nIndex=-12) returned 0
[0288.063] SetWindowLongW (hWnd=0x3300ea, nIndex=-12, dwNewLong=3342570) returned 0
[0288.063] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0288.063] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0288.064] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0288.064] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0288.064] GetWindowRect (in: hWnd=0x3300ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0288.064] GetParent (hWnd=0x3300ea) returned 0x2a02c8
[0288.064] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02c8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0288.065] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0288.065] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0288.065] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0288.065] GetWindowRect (in: hWnd=0x3300ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0288.065] GetParent (hWnd=0x3300ea) returned 0x2a02c8
[0288.065] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02c8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0288.065] SendMessageW (hWnd=0x3300ea, Msg=0x2210, wParam=0xea0001, lParam=0x3300ea) returned 0x0
[0288.065] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x2210, wParam=0xea0001, lParam=0x3300ea) returned 0x0
[0288.065] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.065] GetParent (hWnd=0x3300ea) returned 0x2a02c8
[0288.065] GdipCreateFromHWND (hwnd=0x3300ea, graphics=0xd7e844) returned 0x0
[0288.066] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0288.066] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.066] GetForegroundWindow () returned 0x7005c
[0288.066] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.066] GetSystemMetrics (nIndex=42) returned 0
[0288.066] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0288.067] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.067] GetSystemMetrics (nIndex=42) returned 0
[0288.067] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.067] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0288.067] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.067] GetCursorPos (in: lpPoint=0x2cdc9d0 | out: lpPoint=0x2cdc9d0*(x=248, y=623)) returned 1
[0288.067] MonitorFromPoint (pt=0xf8, dwFlags=0x26f) returned 0x10001
[0288.068] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0288.068] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1b0106b6
[0288.068] GetDeviceCaps (hdc=0x1b0106b6, index=12) returned 32
[0288.068] GetDeviceCaps (hdc=0x1b0106b6, index=14) returned 1
[0288.068] DeleteDC (hdc=0x1b0106b6) returned 1
[0288.068] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0288.068] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0288.068] GetSystemMetrics (nIndex=59) returned 1460
[0288.068] GetSystemMetrics (nIndex=60) returned 920
[0288.068] GetSystemMetrics (nIndex=34) returned 136
[0288.068] GetSystemMetrics (nIndex=35) returned 39
[0288.069] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.069] GetCursorPos (in: lpPoint=0x2cdcc3c | out: lpPoint=0x2cdcc3c*(x=248, y=623)) returned 1
[0288.069] MonitorFromPoint (pt=0xf8, dwFlags=0x26f) returned 0x10001
[0288.069] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0288.069] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1c0106b6
[0288.069] GetDeviceCaps (hdc=0x1c0106b6, index=12) returned 32
[0288.069] GetDeviceCaps (hdc=0x1c0106b6, index=14) returned 1
[0288.069] DeleteDC (hdc=0x1c0106b6) returned 1
[0288.070] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0288.070] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0288.070] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.070] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0288.070] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2cdced4 | out: piconinfo=0x2cdced4) returned 1
[0288.070] GetObjectW (in: h=0xa00507d0, c=24, pv=0x2cdcef0 | out: pv=0x2cdcef0) returned 24
[0288.070] GdipCreateBitmapFromHBITMAP (hbm=0xa00507d0, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0288.071] GdipGetImageWidth (image=0x6651ba8, width=0xd7e750) returned 0x0
[0288.071] GdipGetImageHeight (image=0x6651ba8, height=0xd7e748) returned 0x0
[0288.071] GdipGetImagePixelFormat (image=0x6651ba8, format=0xd7e740) returned 0x0
[0288.071] GdipBitmapLockBits (bitmap=0x6651ba8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2cdcfa8) returned 0x0
[0288.071] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0288.071] GdipBitmapLockBits (bitmap=0x6651ef0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2cdcfe0) returned 0x0
[0288.071] RtlMoveMemory (in: Destination=0x665bf30, Source=0x6661ed8, Length=0x80 | out: Destination=0x665bf30)
[0288.071] RtlMoveMemory (in: Destination=0x665bfb0, Source=0x6661e58, Length=0x80 | out: Destination=0x665bfb0)
[0288.071] RtlMoveMemory (in: Destination=0x665c030, Source=0x6661dd8, Length=0x80 | out: Destination=0x665c030)
[0288.071] RtlMoveMemory (in: Destination=0x665c0b0, Source=0x6661d58, Length=0x80 | out: Destination=0x665c0b0)
[0288.071] RtlMoveMemory (in: Destination=0x665c130, Source=0x6661cd8, Length=0x80 | out: Destination=0x665c130)
[0288.071] RtlMoveMemory (in: Destination=0x665c1b0, Source=0x6661c58, Length=0x80 | out: Destination=0x665c1b0)
[0288.071] RtlMoveMemory (in: Destination=0x665c230, Source=0x6661bd8, Length=0x80 | out: Destination=0x665c230)
[0288.071] RtlMoveMemory (in: Destination=0x665c2b0, Source=0x6661b58, Length=0x80 | out: Destination=0x665c2b0)
[0288.071] RtlMoveMemory (in: Destination=0x665c330, Source=0x6661ad8, Length=0x80 | out: Destination=0x665c330)
[0288.071] RtlMoveMemory (in: Destination=0x665c3b0, Source=0x6661a58, Length=0x80 | out: Destination=0x665c3b0)
[0288.071] RtlMoveMemory (in: Destination=0x665c430, Source=0x66619d8, Length=0x80 | out: Destination=0x665c430)
[0288.072] RtlMoveMemory (in: Destination=0x665c4b0, Source=0x6661958, Length=0x80 | out: Destination=0x665c4b0)
[0288.072] RtlMoveMemory (in: Destination=0x665c530, Source=0x66618d8, Length=0x80 | out: Destination=0x665c530)
[0288.072] RtlMoveMemory (in: Destination=0x665c5b0, Source=0x6661858, Length=0x80 | out: Destination=0x665c5b0)
[0288.072] RtlMoveMemory (in: Destination=0x665c630, Source=0x66617d8, Length=0x80 | out: Destination=0x665c630)
[0288.072] RtlMoveMemory (in: Destination=0x665c6b0, Source=0x6661758, Length=0x80 | out: Destination=0x665c6b0)
[0288.072] RtlMoveMemory (in: Destination=0x665c730, Source=0x66616d8, Length=0x80 | out: Destination=0x665c730)
[0288.072] RtlMoveMemory (in: Destination=0x665c7b0, Source=0x6661658, Length=0x80 | out: Destination=0x665c7b0)
[0288.072] RtlMoveMemory (in: Destination=0x665c830, Source=0x66615d8, Length=0x80 | out: Destination=0x665c830)
[0288.072] RtlMoveMemory (in: Destination=0x665c8b0, Source=0x6661558, Length=0x80 | out: Destination=0x665c8b0)
[0288.072] RtlMoveMemory (in: Destination=0x665c930, Source=0x66614d8, Length=0x80 | out: Destination=0x665c930)
[0288.072] RtlMoveMemory (in: Destination=0x665c9b0, Source=0x6661458, Length=0x80 | out: Destination=0x665c9b0)
[0288.072] RtlMoveMemory (in: Destination=0x665ca30, Source=0x66613d8, Length=0x80 | out: Destination=0x665ca30)
[0288.072] RtlMoveMemory (in: Destination=0x665cab0, Source=0x6661358, Length=0x80 | out: Destination=0x665cab0)
[0288.072] RtlMoveMemory (in: Destination=0x665cb30, Source=0x66612d8, Length=0x80 | out: Destination=0x665cb30)
[0288.072] RtlMoveMemory (in: Destination=0x665cbb0, Source=0x6661258, Length=0x80 | out: Destination=0x665cbb0)
[0288.072] RtlMoveMemory (in: Destination=0x665cc30, Source=0x66611d8, Length=0x80 | out: Destination=0x665cc30)
[0288.072] RtlMoveMemory (in: Destination=0x665ccb0, Source=0x6661158, Length=0x80 | out: Destination=0x665ccb0)
[0288.072] RtlMoveMemory (in: Destination=0x665cd30, Source=0x66610d8, Length=0x80 | out: Destination=0x665cd30)
[0288.072] RtlMoveMemory (in: Destination=0x665cdb0, Source=0x6661058, Length=0x80 | out: Destination=0x665cdb0)
[0288.072] RtlMoveMemory (in: Destination=0x665ce30, Source=0x6660fd8, Length=0x80 | out: Destination=0x665ce30)
[0288.072] RtlMoveMemory (in: Destination=0x665ceb0, Source=0x6660f58, Length=0x80 | out: Destination=0x665ceb0)
[0288.073] GdipBitmapUnlockBits (bitmap=0x6651ba8, lockedBitmapData=0x2cdcfa8) returned 0x0
[0288.073] GdipBitmapUnlockBits (bitmap=0x6651ef0, lockedBitmapData=0x2cdcfe0) returned 0x0
[0288.073] GdipDisposeImage (image=0x6651ba8) returned 0x0
[0288.073] DeleteObject (ho=0xa00507d0) returned 1
[0288.073] DeleteObject (ho=0x1d0506b6) returned 1
[0288.073] GetCurrentThreadId () returned 0xf50
[0288.073] GetCurrentThreadId () returned 0xf50
[0288.073] SetWindowPos (hWnd=0x3300ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0288.073] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0288.073] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0288.074] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0288.074] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0288.074] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0288.074] GetWindowRect (in: hWnd=0x3300ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0288.074] GetParent (hWnd=0x3300ea) returned 0x2a02c8
[0288.074] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02c8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0288.074] InvalidateRect (hWnd=0x3300ea, lpRect=0x0, bErase=1) returned 1
[0288.074] GetWindowTextLengthW (hWnd=0x3300ea) returned 0
[0288.074] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0288.074] GetSystemMetrics (nIndex=42) returned 0
[0288.074] GetWindowTextW (in: hWnd=0x3300ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0288.074] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0288.074] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0288.074] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0288.074] GetWindowRect (in: hWnd=0x3300ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0288.074] GetParent (hWnd=0x3300ea) returned 0x2a02c8
[0288.074] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2a02c8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0288.075] GetWindowTextLengthW (hWnd=0x3300ea) returned 0
[0288.075] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0288.075] GetSystemMetrics (nIndex=42) returned 0
[0288.075] GetWindowTextW (in: hWnd=0x3300ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0288.075] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0288.075] GetWindowTextLengthW (hWnd=0x3300ea) returned 0
[0288.075] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0288.075] GetSystemMetrics (nIndex=42) returned 0
[0288.075] GetWindowTextW (in: hWnd=0x3300ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0288.075] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0288.075] SetWindowTextW (hWnd=0x3300ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0288.075] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xc, wParam=0x0, lParam=0x2cbc788) returned 0x1
[0288.075] InvalidateRect (hWnd=0x3300ea, lpRect=0x0, bErase=1) returned 1
[0288.075] GetCurrentThreadId () returned 0xf50
[0288.075] GetWindowThreadProcessId (in: hWnd=0x3300ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0288.076] GdipCreateBitmapFromStream (stream=0x509ff30, bitmap=0xd7e840) returned 0x0
[0288.077] GdipImageForceValidation (image=0x664ea70) returned 0x0
[0288.078] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0288.078] GdipGetImageHeight (image=0x664ea70, height=0xd7e824) returned 0x0
[0288.078] GdipGetImageWidth (image=0x664ea70, width=0xd7e824) returned 0x0
[0288.078] GdipGetImageWidth (image=0x664ea70, width=0xd7e810) returned 0x0
[0288.078] GdipGetImageHeight (image=0x664ea70, height=0xd7e810) returned 0x0
[0288.078] GdipGetImageWidth (image=0x664ea70, width=0xd7e800) returned 0x0
[0288.078] GdipGetImageHeight (image=0x664ea70, height=0xd7e800) returned 0x0
[0288.078] GdipBitmapGetPixel (bitmap=0x664ea70, x=0, y=15, color=0xd7e810) returned 0x0
[0288.078] GdipGetImageRawFormat (image=0x664ea70, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0288.078] GdipGetImageWidth (image=0x664ea70, width=0xd7e740) returned 0x0
[0288.078] GdipGetImageHeight (image=0x664ea70, height=0xd7e740) returned 0x0
[0288.078] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0288.079] GdipGetImagePixelFormat (image=0x66511d0, format=0xd7e740) returned 0x0
[0288.079] GdipGetImageGraphicsContext (image=0x66511d0, graphics=0xd7e74c) returned 0x0
[0288.079] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0288.079] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0288.079] GdipSetImageAttributesColorKeys (imageattr=0x6638b78, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0288.079] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664ea70, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b78, callback=0x0, callbackData=0x0) returned 0x0
[0288.079] GdipDisposeImageAttributes (imageattr=0x6638b78) returned 0x0
[0288.079] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.079] GdipDisposeImage (image=0x664ea70) returned 0x0
[0288.079] GdipCreateBitmapFromStream (stream=0x509ff50, bitmap=0xd7e840) returned 0x0
[0288.080] GdipImageForceValidation (image=0x6650168) returned 0x0
[0288.081] GdipGetImageRawFormat (image=0x6650168, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0288.081] GdipGetImageHeight (image=0x6650168, height=0xd7e824) returned 0x0
[0288.081] GdipGetImageWidth (image=0x6650168, width=0xd7e824) returned 0x0
[0288.082] GdipGetImageWidth (image=0x6650168, width=0xd7e810) returned 0x0
[0288.082] GdipGetImageHeight (image=0x6650168, height=0xd7e810) returned 0x0
[0288.082] GdipGetImageWidth (image=0x6650168, width=0xd7e800) returned 0x0
[0288.082] GdipGetImageHeight (image=0x6650168, height=0xd7e800) returned 0x0
[0288.082] GdipBitmapGetPixel (bitmap=0x6650168, x=0, y=15, color=0xd7e810) returned 0x0
[0288.082] GdipGetImageRawFormat (image=0x6650168, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0288.082] GdipGetImageWidth (image=0x6650168, width=0xd7e740) returned 0x0
[0288.082] GdipGetImageHeight (image=0x6650168, height=0xd7e740) returned 0x0
[0288.082] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0288.082] GdipGetImagePixelFormat (image=0x6652580, format=0xd7e740) returned 0x0
[0288.082] GdipGetImageGraphicsContext (image=0x6652580, graphics=0xd7e74c) returned 0x0
[0288.082] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0288.082] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0288.082] GdipSetImageAttributesColorKeys (imageattr=0x6638c08, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0288.082] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650168, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c08, callback=0x0, callbackData=0x0) returned 0x0
[0288.082] GdipDisposeImageAttributes (imageattr=0x6638c08) returned 0x0
[0288.082] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.082] GdipDisposeImage (image=0x6650168) returned 0x0
[0288.083] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.083] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0288.083] GetCurrentThreadId () returned 0xf50
[0288.083] GetCurrentThreadId () returned 0xf50
[0288.083] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.083] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0288.083] GetCurrentThreadId () returned 0xf50
[0288.083] GetCurrentThreadId () returned 0xf50
[0288.084] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.084] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0288.084] GetCurrentThreadId () returned 0xf50
[0288.084] GetCurrentThreadId () returned 0xf50
[0288.084] GetSystemMetrics (nIndex=5) returned 1
[0288.084] GetSystemMetrics (nIndex=6) returned 1
[0288.084] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.084] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0288.084] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.084] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0288.085] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.085] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0288.085] GetCurrentThreadId () returned 0xf50
[0288.085] GetCurrentThreadId () returned 0xf50
[0288.085] GetProcessWindowStation () returned 0x13c
[0288.085] GetCapture () returned 0x0
[0288.085] GetActiveWindow () returned 0x7005c
[0288.085] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0288.085] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.085] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0288.085] GetCursorPos (in: lpPoint=0x2cde158 | out: lpPoint=0x2cde158*(x=248, y=623)) returned 1
[0288.085] MonitorFromPoint (pt=0xf8, dwFlags=0x26f) returned 0x10001
[0288.085] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0288.085] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x1e0106b6
[0288.086] GetDeviceCaps (hdc=0x1e0106b6, index=12) returned 32
[0288.086] GetDeviceCaps (hdc=0x1e0106b6, index=14) returned 1
[0288.086] DeleteDC (hdc=0x1e0106b6) returned 1
[0288.086] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0288.086] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.086] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3002da
[0288.086] SetWindowLongW (hWnd=0x3002da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0288.087] GetWindowLongW (hWnd=0x3002da, nIndex=-4) returned 1950089536
[0288.087] SetWindowLongW (hWnd=0x3002da, nIndex=-4, dwNewLong=19949774) returned 1950089536
[0288.087] GetWindowLongW (hWnd=0x3002da, nIndex=-4) returned 19949774
[0288.087] GetWindowLongW (hWnd=0x3002da, nIndex=-16) returned 113770496
[0288.087] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0288.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0288.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0288.089] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0288.089] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0288.089] SetWindowTextW (hWnd=0x3002da, lpString="BB ransomware") returned 1
[0288.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xc, wParam=0x0, lParam=0x2cdc8bc) returned 0x1
[0288.090] GetStartupInfoW (in: lpStartupInfo=0x2cde494 | out: lpStartupInfo=0x2cde494*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0288.092] GetParent (hWnd=0x3002da) returned 0x0
[0288.092] SetWindowLongW (hWnd=0x3002da, nIndex=-8, dwNewLong=0) returned 0
[0288.093] SendMessageW (hWnd=0x3002da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0288.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0288.093] SendMessageW (hWnd=0x3002da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0288.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0288.093] GetSystemMenu (hWnd=0x3002da, bRevert=0) returned 0x6400e1
[0288.094] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0288.094] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0288.094] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0288.094] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0288.094] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0288.094] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0288.094] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0288.094] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0288.094] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0288.094] SetWindowPos (hWnd=0x3002da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0288.094] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0288.095] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3002da) returned 0x1
[0288.097] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0288.097] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0288.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.098] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.100] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3002da, lParam=0x0) returned 0x0
[0288.100] GetCapture () returned 0x0
[0288.100] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0288.101] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0288.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0288.103] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.103] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0288.104] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0288.104] GetParent (hWnd=0x3002da) returned 0x0
[0288.104] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.104] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0288.110] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0288.111] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0288.111] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0288.111] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0288.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.113] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.113] GetWindowLongW (hWnd=0x3002da, nIndex=-16) returned 113770496
[0288.113] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.113] GetSystemMetrics (nIndex=42) returned 0
[0288.113] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0288.113] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.113] GetSystemMetrics (nIndex=42) returned 0
[0288.113] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0288.113] GetCursorPos (in: lpPoint=0x2cde6d0 | out: lpPoint=0x2cde6d0*(x=248, y=623)) returned 1
[0288.113] MonitorFromPoint (pt=0xf6, dwFlags=0x270) returned 0x10001
[0288.113] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0288.113] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3e0107fc
[0288.114] GetDeviceCaps (hdc=0x3e0107fc, index=12) returned 32
[0288.114] GetDeviceCaps (hdc=0x3e0107fc, index=14) returned 1
[0288.114] DeleteDC (hdc=0x3e0107fc) returned 1
[0288.114] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0288.114] GetWindowLongW (hWnd=0x3002da, nIndex=-16) returned 113770496
[0288.114] GetWindowLongW (hWnd=0x3002da, nIndex=-20) returned 327945
[0288.114] SetWindowLongW (hWnd=0x3002da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0288.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0288.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0288.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.116] SetWindowLongW (hWnd=0x3002da, nIndex=-20, dwNewLong=327681) returned 327945
[0288.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0288.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0288.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.117] SetWindowPos (hWnd=0x3002da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0288.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0288.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0288.118] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0288.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0288.118] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0288.118] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0288.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.120] RedrawWindow (hWnd=0x3002da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0288.120] GetSystemMenu (hWnd=0x3002da, bRevert=0) returned 0x6400e1
[0288.120] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0288.120] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0288.120] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0288.120] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0288.120] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0288.120] EnableMenuItem (hMenu=0x6400e1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0288.120] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0288.120] GetWindowLongW (hWnd=0x3002da, nIndex=-8) returned 0
[0288.120] SetWindowLongW (hWnd=0x3002da, nIndex=-8, dwNewLong=458844) returned 0
[0288.122] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0288.122] GetProcessWindowStation () returned 0x13c
[0288.122] GetCurrentThreadId () returned 0xf50
[0288.123] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306626, lParam=0x0) returned 1
[0288.123] IsWindowVisible (hWnd=0x3002da) returned 0
[0288.123] IsWindowVisible (hWnd=0x7005c) returned 1
[0288.123] IsWindowEnabled (hWnd=0x7005c) returned 1
[0288.123] IsWindowVisible (hWnd=0x300ec) returned 0
[0288.123] IsWindowVisible (hWnd=0x502c6) returned 0
[0288.123] IsWindowVisible (hWnd=0x502be) returned 0
[0288.123] GetActiveWindow () returned 0x3002da
[0288.123] GetFocus () returned 0x3002da
[0288.123] IsWindow (hWnd=0x7005c) returned 1
[0288.123] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0288.123] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0288.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0288.124] GetWindowLongW (hWnd=0x3002da, nIndex=-8) returned 458844
[0288.124] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0288.124] GetCurrentThreadId () returned 0xf50
[0288.124] GetWindowLongW (hWnd=0x3002da, nIndex=-8) returned 458844
[0288.124] IsWindowEnabled (hWnd=0x7005c) returned 0
[0288.124] IsWindowEnabled (hWnd=0x3002da) returned 1
[0288.124] ShowWindow (hWnd=0x3002da, nCmdShow=5) returned 0
[0288.124] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.124] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0288.124] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.125] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.125] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3002dc
[0288.125] SetWindowLongW (hWnd=0x3002dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0288.125] GetWindowLongW (hWnd=0x3002dc, nIndex=-4) returned 1950089536
[0288.125] SetWindowLongW (hWnd=0x3002dc, nIndex=-4, dwNewLong=19949414) returned 1950089536
[0288.125] GetWindowLongW (hWnd=0x3002dc, nIndex=-4) returned 19949414
[0288.125] GetWindowLongW (hWnd=0x3002dc, nIndex=-16) returned 1174405120
[0288.125] GetWindowLongW (hWnd=0x3002dc, nIndex=-12) returned 0
[0288.125] SetWindowLongW (hWnd=0x3002dc, nIndex=-12, dwNewLong=3146460) returned 0
[0288.126] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0288.126] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0288.126] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0288.126] GetWindow (hWnd=0x3002dc, uCmd=0x3) returned 0x0
[0288.126] GetClientRect (in: hWnd=0x3002dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0288.126] GetWindowRect (in: hWnd=0x3002dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0288.126] GetParent (hWnd=0x3002dc) returned 0x3002da
[0288.126] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0288.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0288.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0288.127] GetClientRect (in: hWnd=0x3002dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0288.127] GetWindowRect (in: hWnd=0x3002dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0288.127] GetParent (hWnd=0x3002dc) returned 0x3002da
[0288.127] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0288.127] SendMessageW (hWnd=0x3002dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3002dc) returned 0x0
[0288.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3002dc) returned 0x0
[0288.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.128] GetParent (hWnd=0x3002dc) returned 0x3002da
[0288.128] GetParent (hWnd=0x3300ea) returned 0x2a02c8
[0288.128] SetParent (hWndChild=0x3300ea, hWndNewParent=0x3002da) returned 0x2a02c8
[0288.128] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0288.128] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0288.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0288.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0288.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0288.129] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0288.129] GetWindowRect (in: hWnd=0x3300ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0288.129] GetParent (hWnd=0x3300ea) returned 0x3002da
[0288.129] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0288.129] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0288.129] GetWindowRect (in: hWnd=0x3300ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0288.129] GetParent (hWnd=0x3300ea) returned 0x3002da
[0288.129] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0288.129] GetParent (hWnd=0x3300ea) returned 0x3002da
[0288.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.129] GetWindow (hWnd=0x3300ea, uCmd=0x3) returned 0x0
[0288.129] SetWindowPos (hWnd=0x3300ea, hWndInsertAfter=0x3002dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0288.129] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0288.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0288.130] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0288.130] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0288.130] GetWindowRect (in: hWnd=0x3300ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0288.130] GetParent (hWnd=0x3300ea) returned 0x3002da
[0288.130] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0288.130] GetParent (hWnd=0x3300ea) returned 0x3002da
[0288.130] GetWindow (hWnd=0x3300ea, uCmd=0x3) returned 0x3002dc
[0288.130] GetWindowThreadProcessId (in: hWnd=0x3300ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0288.130] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0288.130] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.131] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.131] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3202d8
[0288.131] SetWindowLongW (hWnd=0x3202d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0288.131] GetWindowLongW (hWnd=0x3202d8, nIndex=-4) returned 1868032000
[0288.131] SetWindowLongW (hWnd=0x3202d8, nIndex=-4, dwNewLong=19949454) returned 1868032000
[0288.132] GetWindowLongW (hWnd=0x3202d8, nIndex=-4) returned 19949454
[0288.132] GetWindowLongW (hWnd=0x3202d8, nIndex=-16) returned 1174470667
[0288.132] GetWindowLongW (hWnd=0x3202d8, nIndex=-12) returned 0
[0288.132] SetWindowLongW (hWnd=0x3202d8, nIndex=-12, dwNewLong=3277528) returned 0
[0288.132] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0288.132] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0288.132] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0288.133] SendMessageW (hWnd=0x3202d8, Msg=0x2055, wParam=0x3202d8, lParam=0x3) returned 0x2
[0288.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0288.133] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0288.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0288.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0288.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0288.133] RedrawWindow (hWnd=0x3002dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0288.134] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0288.134] RedrawWindow (hWnd=0x3300ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0288.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0288.134] RedrawWindow (hWnd=0x3202d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0288.134] RedrawWindow (hWnd=0x3002da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0288.134] GetWindow (hWnd=0x3202d8, uCmd=0x3) returned 0x3300ea
[0288.134] GetClientRect (in: hWnd=0x3202d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0288.134] GetWindowRect (in: hWnd=0x3202d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0288.134] GetParent (hWnd=0x3202d8) returned 0x3002da
[0288.134] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0288.134] SetWindowTextW (hWnd=0x3202d8, lpString="&Details") returned 1
[0288.134] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0288.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0288.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0288.135] GetClientRect (in: hWnd=0x3202d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0288.135] GetWindowRect (in: hWnd=0x3202d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0288.135] GetParent (hWnd=0x3202d8) returned 0x3002da
[0288.135] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0288.135] SendMessageW (hWnd=0x3202d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3202d8) returned 0x0
[0288.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3202d8) returned 0x0
[0288.135] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.135] GetParent (hWnd=0x3202d8) returned 0x3002da
[0288.135] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0288.136] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.136] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.136] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3002de
[0288.136] SetWindowLongW (hWnd=0x3002de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0288.136] GetWindowLongW (hWnd=0x3002de, nIndex=-4) returned 1868032000
[0288.137] SetWindowLongW (hWnd=0x3002de, nIndex=-4, dwNewLong=19949494) returned 1868032000
[0288.137] GetWindowLongW (hWnd=0x3002de, nIndex=-4) returned 19949494
[0288.137] GetWindowLongW (hWnd=0x3002de, nIndex=-16) returned 1174470667
[0288.137] GetWindowLongW (hWnd=0x3002de, nIndex=-12) returned 0
[0288.137] SetWindowLongW (hWnd=0x3002de, nIndex=-12, dwNewLong=3146462) returned 0
[0288.137] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0288.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0288.144] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0288.145] SendMessageW (hWnd=0x3002de, Msg=0x2055, wParam=0x3002de, lParam=0x3) returned 0x2
[0288.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0288.145] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0288.145] GetWindow (hWnd=0x3002de, uCmd=0x3) returned 0x3202d8
[0288.145] GetClientRect (in: hWnd=0x3002de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0288.145] GetWindowRect (in: hWnd=0x3002de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0288.145] GetParent (hWnd=0x3002de) returned 0x3002da
[0288.145] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0288.146] SetWindowTextW (hWnd=0x3002de, lpString="&Continue") returned 1
[0288.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0288.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0288.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0288.146] GetClientRect (in: hWnd=0x3002de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0288.146] GetWindowRect (in: hWnd=0x3002de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0288.146] GetParent (hWnd=0x3002de) returned 0x3002da
[0288.146] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0288.146] SendMessageW (hWnd=0x3002de, Msg=0x2210, wParam=0x2de0001, lParam=0x3002de) returned 0x0
[0288.146] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x2210, wParam=0x2de0001, lParam=0x3002de) returned 0x0
[0288.147] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.147] GetParent (hWnd=0x3002de) returned 0x3002da
[0288.147] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0288.147] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.147] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.147] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2502d0
[0288.148] SetWindowLongW (hWnd=0x2502d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0288.148] GetWindowLongW (hWnd=0x2502d0, nIndex=-4) returned 1868032000
[0288.148] SetWindowLongW (hWnd=0x2502d0, nIndex=-4, dwNewLong=19949534) returned 1868032000
[0288.148] GetWindowLongW (hWnd=0x2502d0, nIndex=-4) returned 19949534
[0288.148] GetWindowLongW (hWnd=0x2502d0, nIndex=-16) returned 1174470667
[0288.148] GetWindowLongW (hWnd=0x2502d0, nIndex=-12) returned 0
[0288.148] SetWindowLongW (hWnd=0x2502d0, nIndex=-12, dwNewLong=2425552) returned 0
[0288.148] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0288.149] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0288.149] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0288.150] SendMessageW (hWnd=0x2502d0, Msg=0x2055, wParam=0x2502d0, lParam=0x3) returned 0x2
[0288.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0288.150] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0288.150] GetWindow (hWnd=0x2502d0, uCmd=0x3) returned 0x3002de
[0288.150] GetClientRect (in: hWnd=0x2502d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0288.150] GetWindowRect (in: hWnd=0x2502d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0288.150] GetParent (hWnd=0x2502d0) returned 0x3002da
[0288.150] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0288.150] SetWindowTextW (hWnd=0x2502d0, lpString="&Quit") returned 1
[0288.150] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0288.150] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0288.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0288.151] GetClientRect (in: hWnd=0x2502d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0288.151] GetWindowRect (in: hWnd=0x2502d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0288.151] GetParent (hWnd=0x2502d0) returned 0x3002da
[0288.151] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0288.151] SendMessageW (hWnd=0x2502d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2502d0) returned 0x0
[0288.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2502d0) returned 0x0
[0288.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.151] GetParent (hWnd=0x2502d0) returned 0x3002da
[0288.151] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0288.151] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.152] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0288.152] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3002da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2602ce
[0288.152] SetWindowLongW (hWnd=0x2602ce, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0288.152] GetWindowLongW (hWnd=0x2602ce, nIndex=-4) returned 1868026976
[0288.152] SetWindowLongW (hWnd=0x2602ce, nIndex=-4, dwNewLong=19949734) returned 1868026976
[0288.152] GetWindowLongW (hWnd=0x2602ce, nIndex=-4) returned 19949734
[0288.152] GetWindowLongW (hWnd=0x2602ce, nIndex=-16) returned 1177553092
[0288.152] GetWindowLongW (hWnd=0x2602ce, nIndex=-12) returned 0
[0288.152] SetWindowLongW (hWnd=0x2602ce, nIndex=-12, dwNewLong=2491086) returned 0
[0288.152] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0288.153] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0288.154] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0288.203] GetWindow (hWnd=0x2602ce, uCmd=0x3) returned 0x2502d0
[0288.203] GetClientRect (in: hWnd=0x2602ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0288.203] GetWindowRect (in: hWnd=0x2602ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0288.203] GetParent (hWnd=0x2602ce) returned 0x3002da
[0288.203] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0288.203] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.203] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.204] GetSystemMetrics (nIndex=42) returned 0
[0288.204] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0288.204] SendMessageW (hWnd=0x2602ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0288.204] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0288.209] SetWindowTextW (hWnd=0x2602ce, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0288.209] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0xc, wParam=0x0, lParam=0x2cda2a4) returned 0x1
[0288.211] GetSystemMetrics (nIndex=5) returned 1
[0288.211] GetSystemMetrics (nIndex=6) returned 1
[0288.211] SendMessageW (hWnd=0x2602ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0288.211] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0288.212] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0288.213] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0288.213] GetClientRect (in: hWnd=0x2602ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0288.213] GetWindowRect (in: hWnd=0x2602ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0288.213] GetParent (hWnd=0x2602ce) returned 0x3002da
[0288.213] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0288.213] SendMessageW (hWnd=0x2602ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2602ce) returned 0x0
[0288.213] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2602ce) returned 0x0
[0288.213] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0288.214] GetParent (hWnd=0x2602ce) returned 0x3002da
[0288.214] GetWindowLongW (hWnd=0x3002da, nIndex=-8) returned 458844
[0288.214] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0288.214] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0288.214] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xe10107c6
[0288.214] GetDeviceCaps (hdc=0xe10107c6, index=12) returned 32
[0288.214] GetDeviceCaps (hdc=0xe10107c6, index=14) returned 1
[0288.214] DeleteDC (hdc=0xe10107c6) returned 1
[0288.214] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0288.214] GetWindowThreadProcessId (in: hWnd=0x3002da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0288.214] GetCurrentThreadId () returned 0xf50
[0288.214] PostMessageW (hWnd=0x3002da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0288.215] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.215] GetSystemMetrics (nIndex=42) returned 0
[0288.215] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0288.215] GdipImageGetFrameDimensionsCount (image=0x6651ef0, count=0xd7e25c) returned 0x0
[0288.215] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12018c8
[0288.215] GdipImageGetFrameDimensionsList (image=0x6651ef0, dimensionIDs=0x12018c8*(Data1=0x12018b0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0288.215] LocalFree (hMem=0x12018c8) returned 0x0
[0288.215] GdipImageGetFrameDimensionsCount (image=0x66511d0, count=0xd7e250) returned 0x0
[0288.215] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201958
[0288.215] GdipImageGetFrameDimensionsList (image=0x66511d0, dimensionIDs=0x1201958*(Data1=0x1201910, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0288.215] LocalFree (hMem=0x1201958) returned 0x0
[0288.215] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0288.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0288.216] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0288.253] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0288.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.255] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0288.255] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0288.255] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.255] GetSystemMetrics (nIndex=42) returned 0
[0288.255] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0288.255] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0288.255] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0288.255] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0288.255] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x4b0507d3
[0288.255] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0288.256] SaveDC (hdc=0x10105d6) returned 1
[0288.256] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0288.256] CreateSolidBrush (color=0xf0f0f0) returned 0x2f1007e1
[0288.256] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x2f1007e1) returned 1
[0288.256] DeleteObject (ho=0x2f1007e1) returned 1
[0288.256] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0288.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0288.256] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0288.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0288.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0288.257] GetStockObject (i=5) returned 0x900015
[0288.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0288.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0288.257] GetStockObject (i=5) returned 0x900015
[0288.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0288.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0288.257] GetStockObject (i=5) returned 0x900015
[0288.258] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0288.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0288.258] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0288.258] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0288.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0288.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0288.260] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0288.260] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0288.260] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.260] InvalidateRect (hWnd=0x3202d8, lpRect=0x0, bErase=0) returned 1
[0288.260] GetFocus () returned 0x3002da
[0288.260] GetFocus () returned 0x3002da
[0288.260] SetFocus (hWnd=0x3202d8) returned 0x3002da
[0288.261] GetFocus () returned 0x3202d8
[0288.261] IsChild (hWndParent=0x3002da, hWnd=0x3202d8) returned 1
[0288.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x8, wParam=0x3202d8, lParam=0x0) returned 0x0
[0288.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0288.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0288.269] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.269] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x7, wParam=0x3002da, lParam=0x0) returned 0x0
[0288.269] GetStockObject (i=5) returned 0x900015
[0288.269] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0288.269] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0288.269] GetDlgItem (hDlg=0x3002da, nIDDlgItem=3277528) returned 0x3202d8
[0288.269] SendMessageW (hWnd=0x3202d8, Msg=0x202b, wParam=0x3202d8, lParam=0xd7e0dc) returned 0x0
[0288.269] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x202b, wParam=0x3202d8, lParam=0xd7e0dc) returned 0x0
[0288.269] InvalidateRect (hWnd=0x3202d8, lpRect=0x0, bErase=0) returned 1
[0288.271] GetFocus () returned 0x3202d8
[0288.272] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0288.272] IsWindowUnicode (hWnd=0x3002da) returned 1
[0288.272] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0288.273] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.273] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0288.273] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0288.278] IsWindowUnicode (hWnd=0x3002da) returned 1
[0288.278] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.278] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.278] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.278] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.279] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.279] IsWindowUnicode (hWnd=0x3002de) returned 1
[0288.279] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.279] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.279] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.279] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.279] IsWindowUnicode (hWnd=0x602c4) returned 1
[0288.279] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.279] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.279] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.279] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0288.279] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0288.279] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.279] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.279] IsWindowUnicode (hWnd=0x3002de) returned 1
[0288.279] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.279] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.280] SetCursor (hCursor=0x10003) returned 0x10003
[0288.280] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.280] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.280] _TrackMouseEvent (in: lpEventTrack=0x2cdfa18 | out: lpEventTrack=0x2cdfa18) returned 1
[0288.280] SendMessageW (hWnd=0x3002de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0288.280] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0288.280] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.280] GetKeyState (nVirtKey=1) returned 0
[0288.280] GetKeyState (nVirtKey=2) returned 0
[0288.280] GetKeyState (nVirtKey=4) returned 0
[0288.280] GetKeyState (nVirtKey=5) returned 0
[0288.280] GetKeyState (nVirtKey=6) returned 0
[0288.280] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.280] IsWindowUnicode (hWnd=0x3002da) returned 1
[0288.280] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.281] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.281] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.281] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.285] IsWindowUnicode (hWnd=0x3002da) returned 1
[0288.285] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.285] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.285] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.285] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.285] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.285] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.285] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.285] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.286] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.286] IsWindowUnicode (hWnd=0x3002da) returned 1
[0288.286] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.286] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.286] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.286] BeginPaint (in: hWnd=0x3002da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0288.286] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.286] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.287] GetSystemMetrics (nIndex=42) returned 0
[0288.287] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.287] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0288.287] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.287] EndPaint (hWnd=0x3002da, lpPaint=0xd7e274) returned 1
[0288.287] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.287] IsWindowUnicode (hWnd=0x3002dc) returned 1
[0288.287] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.287] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.287] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.287] BeginPaint (in: hWnd=0x3002dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0288.287] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.287] CreateCompatibleDC (hdc=0x10105d6) returned 0x97010693
[0288.287] SelectObject (hdc=0x97010693, h=0x4a0507fe) returned 0x85000f
[0288.287] GdipCreateFromHDC (hdc=0x97010693, graphics=0xd7e2b0) returned 0x0
[0288.288] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.288] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0288.288] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0288.288] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0288.288] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e310) returned 0x0
[0288.288] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.288] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0288.288] LocalFree (hMem=0x11ee788) returned 0x0
[0288.288] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0288.288] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0288.288] GdipGetClip (graphics=0x6600030, region=0x6646c28) returned 0x0
[0288.288] GdipIsInfiniteRegion (region=0x6646c28, graphics=0x6600030, result=0xd7e304) returned 0x0
[0288.288] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0288.288] GetWindowTextLengthW (hWnd=0x3002dc) returned 0
[0288.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0288.288] GetSystemMetrics (nIndex=42) returned 0
[0288.288] GetWindowTextW (in: hWnd=0x3002dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0288.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0288.288] GetClientRect (in: hWnd=0x3002dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0288.288] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0288.289] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0288.289] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0288.289] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0288.289] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e164) returned 0x0
[0288.289] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.289] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0288.289] LocalFree (hMem=0x11eec58) returned 0x0
[0288.289] GdipCombineRegionRegion (region=0x6646e68, region2=0x6646c28, combineMode=0x1) returned 0x0
[0288.289] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0288.289] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0288.289] LocalFree (hMem=0x11ee8d8) returned 0x0
[0288.289] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0288.289] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0288.289] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0288.289] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0288.289] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0288.289] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0288.289] GetCurrentObject (hdc=0x97010693, type=0x1) returned 0xb00017
[0288.289] GetCurrentObject (hdc=0x97010693, type=0x2) returned 0x900010
[0288.289] GetCurrentObject (hdc=0x97010693, type=0x7) returned 0x4a0507fe
[0288.289] GetCurrentObject (hdc=0x97010693, type=0x6) returned 0x8a01c2
[0288.289] SaveDC (hdc=0x97010693) returned 1
[0288.289] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e0407de
[0288.290] GetClipRgn (hdc=0x97010693, hrgn=0x6e0407de) returned 0
[0288.290] SelectClipRgn (hdc=0x97010693, hrgn=0xe1040807) returned 2
[0288.290] DeleteObject (ho=0x6e0407de) returned 1
[0288.290] DeleteObject (ho=0xe1040807) returned 1
[0288.290] OffsetViewportOrgEx (in: hdc=0x97010693, x=0, y=0, lppt=0x2cdfe94 | out: lppt=0x2cdfe94) returned 1
[0288.290] GetNearestColor (hdc=0x97010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.290] CreateSolidBrush (color=0xf0f0f0) returned 0x301007e1
[0288.290] FillRect (hDC=0x97010693, lprc=0xd7e198, hbr=0x301007e1) returned 1
[0288.290] DeleteObject (ho=0x301007e1) returned 1
[0288.290] RestoreDC (hdc=0x97010693, nSavedDC=-1) returned 1
[0288.290] GdipReleaseDC (graphics=0x6600030, hdc=0x97010693) returned 0x0
[0288.290] GdipRestoreGraphics (graphics=0x6600030, state=0xf6540dbd) returned 0x0
[0288.290] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0288.290] GetWindowTextLengthW (hWnd=0x3002dc) returned 0
[0288.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0288.290] GetSystemMetrics (nIndex=42) returned 0
[0288.290] GetWindowTextW (in: hWnd=0x3002dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0288.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0288.290] GdipGetImageWidth (image=0x6651ef0, width=0xd7e1e0) returned 0x0
[0288.290] GdipGetImageHeight (image=0x6651ef0, height=0xd7e1e0) returned 0x0
[0288.290] GdipGetImageWidth (image=0x6651ef0, width=0xd7e1cc) returned 0x0
[0288.291] GdipGetImageHeight (image=0x6651ef0, height=0xd7e1cc) returned 0x0
[0288.291] GdipDrawImageRectI (graphics=0x6600030, image=0x6651ef0, x=16, y=16, width=32, height=32) returned 0x0
[0288.291] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0288.291] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x97010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.291] GdipReleaseDC (graphics=0x6600030, hdc=0x97010693) returned 0x0
[0288.291] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.291] SelectObject (hdc=0x97010693, h=0x85000f) returned 0x4a0507fe
[0288.291] DeleteDC (hdc=0x97010693) returned 1
[0288.291] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.291] EndPaint (hWnd=0x3002dc, lpPaint=0xd7e294) returned 1
[0288.291] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.291] IsWindowUnicode (hWnd=0x3300ea) returned 1
[0288.291] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.291] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.291] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.292] BeginPaint (in: hWnd=0x3300ea, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0288.292] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.292] CreateCompatibleDC (hdc=0xf0105ee) returned 0x99010693
[0288.292] GetObjectType (h=0xf0105ee) returned 0x3
[0288.292] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0x530507a1
[0288.292] GetDIBits (in: hdc=0xf0105ee, hbm=0x530507a1, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0288.292] GetDIBits (in: hdc=0xf0105ee, hbm=0x530507a1, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0288.292] DeleteObject (ho=0x530507a1) returned 1
[0288.292] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x5905065e
[0288.292] SelectObject (hdc=0x99010693, h=0x5905065e) returned 0x85000f
[0288.292] GdipCreateFromHDC (hdc=0x99010693, graphics=0xd7e234) returned 0x0
[0288.293] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.293] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0288.293] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0288.293] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0288.293] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2d4) returned 0x0
[0288.293] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0288.293] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0288.293] LocalFree (hMem=0x11ee868) returned 0x0
[0288.293] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0288.293] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0288.293] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0288.293] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0288.293] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0288.293] GetWindowTextLengthW (hWnd=0x3300ea) returned 232
[0288.293] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0288.293] GetSystemMetrics (nIndex=42) returned 0
[0288.293] GetWindowTextW (in: hWnd=0x3300ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0288.293] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0288.293] GetClientRect (in: hWnd=0x3300ea, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0288.293] GdipCreateRegion (region=0xd7e110) returned 0x0
[0288.293] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0288.293] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0288.293] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0288.294] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e128) returned 0x0
[0288.294] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0288.294] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0288.298] LocalFree (hMem=0x11eed00) returned 0x0
[0288.298] GdipCombineRegionRegion (region=0x6646b98, region2=0x6646cb8, combineMode=0x1) returned 0x0
[0288.298] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.298] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0288.298] LocalFree (hMem=0x11ee788) returned 0x0
[0288.298] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0288.298] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e150) returned 0x0
[0288.298] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e140) returned 0x0
[0288.298] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0288.299] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0288.299] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0288.299] GetCurrentObject (hdc=0x99010693, type=0x1) returned 0xb00017
[0288.299] GetCurrentObject (hdc=0x99010693, type=0x2) returned 0x900010
[0288.299] GetCurrentObject (hdc=0x99010693, type=0x7) returned 0x5905065e
[0288.299] GetCurrentObject (hdc=0x99010693, type=0x6) returned 0x8a01c2
[0288.299] SaveDC (hdc=0x99010693) returned 1
[0288.299] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe2040807
[0288.299] GetClipRgn (hdc=0x99010693, hrgn=0xe2040807) returned 0
[0288.299] SelectClipRgn (hdc=0x99010693, hrgn=0x6f0407de) returned 2
[0288.299] DeleteObject (ho=0xe2040807) returned 1
[0288.299] DeleteObject (ho=0x6f0407de) returned 1
[0288.299] OffsetViewportOrgEx (in: hdc=0x99010693, x=0, y=0, lppt=0x2ce185c | out: lppt=0x2ce185c) returned 1
[0288.299] GetNearestColor (hdc=0x99010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.299] CreateSolidBrush (color=0xf0f0f0) returned 0x311007e1
[0288.299] FillRect (hDC=0x99010693, lprc=0xd7e15c, hbr=0x311007e1) returned 1
[0288.300] DeleteObject (ho=0x311007e1) returned 1
[0288.301] RestoreDC (hdc=0x99010693, nSavedDC=-1) returned 1
[0288.301] GdipReleaseDC (graphics=0x6600030, hdc=0x99010693) returned 0x0
[0288.301] GdipRestoreGraphics (graphics=0x6600030, state=0xf6520dbd) returned 0x0
[0288.301] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0288.301] GetWindowTextLengthW (hWnd=0x3300ea) returned 232
[0288.301] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0288.301] GetSystemMetrics (nIndex=42) returned 0
[0288.301] GetWindowTextW (in: hWnd=0x3300ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0288.301] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0288.301] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0288.301] GetCurrentObject (hdc=0x99010693, type=0x1) returned 0xb00017
[0288.301] GetCurrentObject (hdc=0x99010693, type=0x2) returned 0x900010
[0288.301] GetCurrentObject (hdc=0x99010693, type=0x7) returned 0x5905065e
[0288.301] GetCurrentObject (hdc=0x99010693, type=0x6) returned 0x8a01c2
[0288.301] SaveDC (hdc=0x99010693) returned 1
[0288.301] GetNearestColor (hdc=0x99010693, color=0x0) returned 0x0
[0288.301] RestoreDC (hdc=0x99010693, nSavedDC=-1) returned 1
[0288.301] GdipReleaseDC (graphics=0x6600030, hdc=0x99010693) returned 0x0
[0288.302] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0288.302] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0288.302] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2ce2058 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0288.302] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0288.302] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0288.302] GetCurrentObject (hdc=0x99010693, type=0x1) returned 0xb00017
[0288.303] GetCurrentObject (hdc=0x99010693, type=0x2) returned 0x900010
[0288.303] GetCurrentObject (hdc=0x99010693, type=0x7) returned 0x5905065e
[0288.303] GetCurrentObject (hdc=0x99010693, type=0x6) returned 0x8a01c2
[0288.303] SaveDC (hdc=0x99010693) returned 1
[0288.303] GetTextAlign (hdc=0x99010693) returned 0x0
[0288.303] GetTextColor (hdc=0x99010693) returned 0x0
[0288.303] GetCurrentObject (hdc=0x99010693, type=0x6) returned 0x8a01c2
[0288.303] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0288.303] SelectObject (hdc=0x99010693, h=0x6d0a0520) returned 0x8a01c2
[0288.303] GetBkMode (hdc=0x99010693) returned 2
[0288.303] SetBkMode (hdc=0x99010693, mode=1) returned 2
[0288.303] DrawTextExW (in: hdc=0x99010693, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2ce227c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0288.307] RestoreDC (hdc=0x99010693, nSavedDC=-1) returned 1
[0288.307] GdipReleaseDC (graphics=0x6600030, hdc=0x99010693) returned 0x0
[0288.307] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0288.307] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0x99010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.307] GdipReleaseDC (graphics=0x6600030, hdc=0x99010693) returned 0x0
[0288.307] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.307] SelectObject (hdc=0x99010693, h=0x85000f) returned 0x5905065e
[0288.307] DeleteDC (hdc=0x99010693) returned 1
[0288.307] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.307] DeleteObject (ho=0x5905065e) returned 1
[0288.308] EndPaint (hWnd=0x3300ea, lpPaint=0xd7e258) returned 1
[0288.308] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.308] IsWindowUnicode (hWnd=0x3202d8) returned 1
[0288.308] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.308] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.308] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.308] BeginPaint (in: hWnd=0x3202d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0288.309] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.309] CreateCompatibleDC (hdc=0xc0107c5) returned 0x560107a1
[0288.309] SelectObject (hdc=0x560107a1, h=0x4a0507fe) returned 0x85000f
[0288.309] GdipCreateFromHDC (hdc=0x560107a1, graphics=0xd7e268) returned 0x0
[0288.309] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.309] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0288.309] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0288.309] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0288.309] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0288.323] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.323] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0288.323] LocalFree (hMem=0x11eec58) returned 0x0
[0288.323] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0288.323] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0288.324] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0288.324] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0288.324] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0288.324] GdipRestoreGraphics (graphics=0x6600030, state=0xf6500dbd) returned 0x0
[0288.324] GdipDeleteRegion (region=0x6646298) returned 0x0
[0288.324] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0288.324] GetCurrentObject (hdc=0x560107a1, type=0x1) returned 0xb00017
[0288.324] GetCurrentObject (hdc=0x560107a1, type=0x2) returned 0x900010
[0288.324] GetCurrentObject (hdc=0x560107a1, type=0x7) returned 0x4a0507fe
[0288.324] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.324] SaveDC (hdc=0x560107a1) returned 1
[0288.324] GetNearestColor (hdc=0x560107a1, color=0xf0f0f0) returned 0xf0f0f0
[0288.324] GetNearestColor (hdc=0x560107a1, color=0xa0a0a0) returned 0xa0a0a0
[0288.324] GetNearestColor (hdc=0x560107a1, color=0x696969) returned 0x696969
[0288.324] GetNearestColor (hdc=0x560107a1, color=0xa0a0a0) returned 0xa0a0a0
[0288.325] GetNearestColor (hdc=0x560107a1, color=0x0) returned 0x0
[0288.325] GetNearestColor (hdc=0x560107a1, color=0xffffff) returned 0xffffff
[0288.325] GetNearestColor (hdc=0x560107a1, color=0xe5e5e5) returned 0xe5e5e5
[0288.325] GetNearestColor (hdc=0x560107a1, color=0xd7d7d7) returned 0xd7d7d7
[0288.325] GetNearestColor (hdc=0x560107a1, color=0x0) returned 0x0
[0288.325] RestoreDC (hdc=0x560107a1, nSavedDC=-1) returned 1
[0288.326] GdipReleaseDC (graphics=0x6600030, hdc=0x560107a1) returned 0x0
[0288.326] IsAppThemed () returned 0x1
[0288.326] GetThemeAppProperties () returned 0x3
[0288.326] GetThemeAppProperties () returned 0x3
[0288.326] GdipGetImageWidth (image=0x66511d0, width=0xd7e168) returned 0x0
[0288.326] GdipGetImageHeight (image=0x66511d0, height=0xd7e168) returned 0x0
[0288.326] IsAppThemed () returned 0x1
[0288.326] GetThemeAppProperties () returned 0x3
[0288.326] GetThemeAppProperties () returned 0x3
[0288.326] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2ce29cc | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0288.326] IsAppThemed () returned 0x1
[0288.326] GetThemeAppProperties () returned 0x3
[0288.326] GetThemeAppProperties () returned 0x3
[0288.326] IsAppThemed () returned 0x1
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] GetFocus () returned 0x3202d8
[0288.327] IsAppThemed () returned 0x1
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] IsAppThemed () returned 0x1
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] IsThemePartDefined () returned 0x1
[0288.327] IsAppThemed () returned 0x1
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0288.327] IsAppThemed () returned 0x1
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] IsAppThemed () returned 0x1
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] GetThemeAppProperties () returned 0x3
[0288.327] IsThemePartDefined () returned 0x1
[0288.327] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0288.328] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0288.328] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0288.328] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0288.328] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dff0) returned 0x0
[0288.328] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0288.328] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea60) returned 0x0
[0288.328] LocalFree (hMem=0x11eea60) returned 0x0
[0288.328] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0288.328] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea60) returned 0x0
[0288.328] LocalFree (hMem=0x11eea60) returned 0x0
[0288.328] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0288.328] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e018) returned 0x0
[0288.328] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e008) returned 0x0
[0288.328] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0288.328] GdipDeleteRegion (region=0x6646718) returned 0x0
[0288.328] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0288.328] GetCurrentObject (hdc=0x560107a1, type=0x1) returned 0xb00017
[0288.328] GetCurrentObject (hdc=0x560107a1, type=0x2) returned 0x900010
[0288.329] GetCurrentObject (hdc=0x560107a1, type=0x7) returned 0x4a0507fe
[0288.329] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.329] SaveDC (hdc=0x560107a1) returned 1
[0288.329] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x700407de
[0288.329] GetClipRgn (hdc=0x560107a1, hrgn=0x700407de) returned 0
[0288.329] SelectClipRgn (hdc=0x560107a1, hrgn=0xe6040807) returned 2
[0288.329] DeleteObject (ho=0x700407de) returned 1
[0288.329] DeleteObject (ho=0xe6040807) returned 1
[0288.329] OffsetViewportOrgEx (in: hdc=0x560107a1, x=0, y=0, lppt=0x2ce307c | out: lppt=0x2ce307c) returned 1
[0288.329] DrawThemeParentBackground () returned 0x0
[0288.329] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0288.329] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0288.329] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.330] GetSystemMetrics (nIndex=42) returned 0
[0288.330] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0288.330] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0288.330] GetCurrentObject (hdc=0x560107a1, type=0x1) returned 0xb00017
[0288.330] GetCurrentObject (hdc=0x560107a1, type=0x2) returned 0x900010
[0288.330] GetCurrentObject (hdc=0x560107a1, type=0x7) returned 0x4a0507fe
[0288.330] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.330] SaveDC (hdc=0x560107a1) returned 2
[0288.330] GetNearestColor (hdc=0x560107a1, color=0xf0f0f0) returned 0xf0f0f0
[0288.330] CreateSolidBrush (color=0xf0f0f0) returned 0x321007e1
[0288.330] FillRect (hDC=0x560107a1, lprc=0xd7da38, hbr=0x321007e1) returned 1
[0288.330] DeleteObject (ho=0x321007e1) returned 1
[0288.330] RestoreDC (hdc=0x560107a1, nSavedDC=-1) returned 1
[0288.330] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.331] GetSystemMetrics (nIndex=42) returned 0
[0288.331] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0288.331] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0288.331] GetCurrentObject (hdc=0x560107a1, type=0x1) returned 0xb00017
[0288.331] GetCurrentObject (hdc=0x560107a1, type=0x2) returned 0x900010
[0288.331] GetCurrentObject (hdc=0x560107a1, type=0x7) returned 0x4a0507fe
[0288.331] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.331] SaveDC (hdc=0x560107a1) returned 2
[0288.331] GetNearestColor (hdc=0x560107a1, color=0xf0f0f0) returned 0xf0f0f0
[0288.331] CreateSolidBrush (color=0xf0f0f0) returned 0x331007e1
[0288.331] FillRect (hDC=0x560107a1, lprc=0xd7d9d8, hbr=0x331007e1) returned 1
[0288.331] DeleteObject (ho=0x331007e1) returned 1
[0288.331] RestoreDC (hdc=0x560107a1, nSavedDC=-1) returned 1
[0288.331] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.331] GetSystemMetrics (nIndex=42) returned 0
[0288.331] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.332] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0288.332] RestoreDC (hdc=0x560107a1, nSavedDC=-1) returned 1
[0288.332] GdipReleaseDC (graphics=0x6600030, hdc=0x560107a1) returned 0x0
[0288.332] IsAppThemed () returned 0x1
[0288.332] GetThemeAppProperties () returned 0x3
[0288.332] GetThemeAppProperties () returned 0x3
[0288.332] IsAppThemed () returned 0x1
[0288.332] GetThemeAppProperties () returned 0x3
[0288.333] GetThemeAppProperties () returned 0x3
[0288.333] IsThemePartDefined () returned 0x1
[0288.333] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0288.333] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0288.333] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0288.333] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0288.333] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df74) returned 0x0
[0288.333] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0288.333] LocalFree (hMem=0x11eec58) returned 0x0
[0288.333] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea28) returned 0x0
[0288.333] LocalFree (hMem=0x11eea28) returned 0x0
[0288.333] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0288.333] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0288.333] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0288.333] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0288.333] GdipDeleteRegion (region=0x6646448) returned 0x0
[0288.333] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0288.333] GetCurrentObject (hdc=0x560107a1, type=0x1) returned 0xb00017
[0288.333] GetCurrentObject (hdc=0x560107a1, type=0x2) returned 0x900010
[0288.333] GetCurrentObject (hdc=0x560107a1, type=0x7) returned 0x4a0507fe
[0288.334] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.334] SaveDC (hdc=0x560107a1) returned 1
[0288.334] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe7040807
[0288.334] GetClipRgn (hdc=0x560107a1, hrgn=0xe7040807) returned 0
[0288.334] SelectClipRgn (hdc=0x560107a1, hrgn=0x720407de) returned 2
[0288.334] DeleteObject (ho=0xe7040807) returned 1
[0288.334] DeleteObject (ho=0x720407de) returned 1
[0288.334] OffsetViewportOrgEx (in: hdc=0x560107a1, x=0, y=0, lppt=0x2ce3928 | out: lppt=0x2ce3928) returned 1
[0288.334] IsAppThemed () returned 0x1
[0288.334] GetThemeAppProperties () returned 0x3
[0288.334] GetThemeAppProperties () returned 0x3
[0288.334] DrawThemeBackground () returned 0x0
[0288.334] RestoreDC (hdc=0x560107a1, nSavedDC=-1) returned 1
[0288.334] GdipReleaseDC (graphics=0x6600030, hdc=0x560107a1) returned 0x0
[0288.334] GdipCreateRegion (region=0xd7df60) returned 0x0
[0288.335] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0288.335] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0288.335] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0288.335] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df78) returned 0x0
[0288.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.335] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0288.335] LocalFree (hMem=0x11eec58) returned 0x0
[0288.335] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.335] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0288.335] LocalFree (hMem=0x11ee788) returned 0x0
[0288.335] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0288.335] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0288.335] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0288.335] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0288.335] GdipDeleteRegion (region=0x6646448) returned 0x0
[0288.335] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0288.335] GetCurrentObject (hdc=0x560107a1, type=0x1) returned 0xb00017
[0288.335] GetCurrentObject (hdc=0x560107a1, type=0x2) returned 0x900010
[0288.336] GetCurrentObject (hdc=0x560107a1, type=0x7) returned 0x4a0507fe
[0288.336] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.336] SaveDC (hdc=0x560107a1) returned 1
[0288.336] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x730407de
[0288.336] GetClipRgn (hdc=0x560107a1, hrgn=0x730407de) returned 0
[0288.336] SelectClipRgn (hdc=0x560107a1, hrgn=0xe8040807) returned 2
[0288.336] DeleteObject (ho=0x730407de) returned 1
[0288.336] DeleteObject (ho=0xe8040807) returned 1
[0288.336] OffsetViewportOrgEx (in: hdc=0x560107a1, x=0, y=0, lppt=0x2ce3bfc | out: lppt=0x2ce3bfc) returned 1
[0288.336] IsAppThemed () returned 0x1
[0288.336] GetThemeAppProperties () returned 0x3
[0288.336] GetThemeAppProperties () returned 0x3
[0288.336] GetThemeBackgroundContentRect () returned 0x0
[0288.336] RestoreDC (hdc=0x560107a1, nSavedDC=-1) returned 1
[0288.336] GdipReleaseDC (graphics=0x6600030, hdc=0x560107a1) returned 0x0
[0288.336] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0288.336] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0288.337] GdipCloneRegion (region=0x6646b98, cloneRegion=0xd7e150) returned 0x0
[0288.337] GdipCombineRegionRectI (region=0x6646c28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0288.337] GdipCombineRegionRectI (region=0x6646c28, rect=0xd7e138, combineMode=0x1) returned 0x0
[0288.337] GdipSetClipRegion (graphics=0x6600030, region=0x6646c28, combineMode=0x0) returned 0x0
[0288.337] GdipGetImageWidth (image=0x66511d0, width=0xd7e154) returned 0x0
[0288.337] GdipGetImageHeight (image=0x66511d0, height=0xd7e148) returned 0x0
[0288.337] GdipDrawImageRectI (graphics=0x6600030, image=0x66511d0, x=4, y=4, width=16, height=16) returned 0x0
[0288.337] GdipSetClipRegion (graphics=0x6600030, region=0x6646b98, combineMode=0x0) returned 0x0
[0288.337] IsAppThemed () returned 0x1
[0288.337] GetThemeAppProperties () returned 0x3
[0288.337] GetThemeAppProperties () returned 0x3
[0288.337] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0288.337] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0288.337] GetCurrentObject (hdc=0x560107a1, type=0x1) returned 0xb00017
[0288.337] GetCurrentObject (hdc=0x560107a1, type=0x2) returned 0x900010
[0288.337] GetCurrentObject (hdc=0x560107a1, type=0x7) returned 0x4a0507fe
[0288.337] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.338] SaveDC (hdc=0x560107a1) returned 1
[0288.338] GetTextAlign (hdc=0x560107a1) returned 0x0
[0288.338] GetTextColor (hdc=0x560107a1) returned 0x0
[0288.338] GetCurrentObject (hdc=0x560107a1, type=0x6) returned 0x8a01c2
[0288.338] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0288.338] SelectObject (hdc=0x560107a1, h=0x6d0a0520) returned 0x8a01c2
[0288.338] GetBkMode (hdc=0x560107a1) returned 2
[0288.338] SetBkMode (hdc=0x560107a1, mode=1) returned 2
[0288.338] DrawTextExW (in: hdc=0x560107a1, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2ce3fbc | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0288.338] DrawTextExW (in: hdc=0x560107a1, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ce3fbc | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0288.339] RestoreDC (hdc=0x560107a1, nSavedDC=-1) returned 1
[0288.339] GdipReleaseDC (graphics=0x6600030, hdc=0x560107a1) returned 0x0
[0288.339] GetFocus () returned 0x3202d8
[0288.339] IsAppThemed () returned 0x1
[0288.339] GetThemeAppProperties () returned 0x3
[0288.339] GetThemeAppProperties () returned 0x3
[0288.339] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0288.339] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x560107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.339] GdipReleaseDC (graphics=0x6600030, hdc=0x560107a1) returned 0x0
[0288.339] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.340] SelectObject (hdc=0x560107a1, h=0x85000f) returned 0x4a0507fe
[0288.340] DeleteDC (hdc=0x560107a1) returned 1
[0288.340] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.340] EndPaint (hWnd=0x3202d8, lpPaint=0xd7e24c) returned 1
[0288.340] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.348] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.348] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.348] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.348] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.350] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.350] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.350] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.350] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.350] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.350] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.351] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.351] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.351] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.351] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.351] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.352] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.352] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.352] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.352] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.352] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.352] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.352] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.352] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.353] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.353] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.353] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.353] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.353] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.353] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.354] IsWindowUnicode (hWnd=0x3002de) returned 1
[0288.354] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.354] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.354] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.354] BeginPaint (in: hWnd=0x3002de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0288.354] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.354] CreateCompatibleDC (hdc=0x107b9) returned 0xa2010693
[0288.354] SelectObject (hdc=0xa2010693, h=0x4a0507fe) returned 0x85000f
[0288.354] GdipCreateFromHDC (hdc=0xa2010693, graphics=0xd7e268) returned 0x0
[0288.354] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.355] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0288.355] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0288.355] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0288.355] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0288.355] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0288.355] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0288.355] LocalFree (hMem=0x11ee9f0) returned 0x0
[0288.355] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0288.355] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0288.355] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0288.355] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0288.355] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0288.355] GdipRestoreGraphics (graphics=0x6600030, state=0xf64e0dbd) returned 0x0
[0288.355] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0288.355] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0288.355] GetCurrentObject (hdc=0xa2010693, type=0x1) returned 0xb00017
[0288.356] GetCurrentObject (hdc=0xa2010693, type=0x2) returned 0x900010
[0288.356] GetCurrentObject (hdc=0xa2010693, type=0x7) returned 0x4a0507fe
[0288.356] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.356] SaveDC (hdc=0xa2010693) returned 1
[0288.356] GetNearestColor (hdc=0xa2010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.356] GetNearestColor (hdc=0xa2010693, color=0xa0a0a0) returned 0xa0a0a0
[0288.356] GetNearestColor (hdc=0xa2010693, color=0x696969) returned 0x696969
[0288.356] GetNearestColor (hdc=0xa2010693, color=0xa0a0a0) returned 0xa0a0a0
[0288.356] GetNearestColor (hdc=0xa2010693, color=0x0) returned 0x0
[0288.361] GetNearestColor (hdc=0xa2010693, color=0xffffff) returned 0xffffff
[0288.361] GetNearestColor (hdc=0xa2010693, color=0xe5e5e5) returned 0xe5e5e5
[0288.361] GetNearestColor (hdc=0xa2010693, color=0xd7d7d7) returned 0xd7d7d7
[0288.361] GetNearestColor (hdc=0xa2010693, color=0x0) returned 0x0
[0288.361] RestoreDC (hdc=0xa2010693, nSavedDC=-1) returned 1
[0288.361] GdipReleaseDC (graphics=0x6600030, hdc=0xa2010693) returned 0x0
[0288.361] IsAppThemed () returned 0x1
[0288.361] GetThemeAppProperties () returned 0x3
[0288.361] GetThemeAppProperties () returned 0x3
[0288.361] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0288.361] SendMessageW (hWnd=0x3002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0288.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0288.361] IsAppThemed () returned 0x1
[0288.362] GetThemeAppProperties () returned 0x3
[0288.362] GetThemeAppProperties () returned 0x3
[0288.362] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2ce47cc | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0288.362] IsAppThemed () returned 0x1
[0288.362] GetThemeAppProperties () returned 0x3
[0288.362] GetThemeAppProperties () returned 0x3
[0288.362] IsAppThemed () returned 0x1
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] IsAppThemed () returned 0x1
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] IsAppThemed () returned 0x1
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] IsThemePartDefined () returned 0x1
[0288.363] IsAppThemed () returned 0x1
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0288.363] IsAppThemed () returned 0x1
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] IsAppThemed () returned 0x1
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] GetThemeAppProperties () returned 0x3
[0288.363] IsThemePartDefined () returned 0x1
[0288.363] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0288.363] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0288.364] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0288.364] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0288.364] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dfe4) returned 0x0
[0288.364] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0288.364] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee910) returned 0x0
[0288.364] LocalFree (hMem=0x11ee910) returned 0x0
[0288.364] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.364] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0288.364] LocalFree (hMem=0x11eec58) returned 0x0
[0288.364] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0288.364] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0288.364] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0288.364] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0288.364] GdipDeleteRegion (region=0x6646448) returned 0x0
[0288.364] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0288.364] GetCurrentObject (hdc=0xa2010693, type=0x1) returned 0xb00017
[0288.364] GetCurrentObject (hdc=0xa2010693, type=0x2) returned 0x900010
[0288.364] GetCurrentObject (hdc=0xa2010693, type=0x7) returned 0x4a0507fe
[0288.365] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.365] SaveDC (hdc=0xa2010693) returned 1
[0288.365] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe9040807
[0288.365] GetClipRgn (hdc=0xa2010693, hrgn=0xe9040807) returned 0
[0288.365] SelectClipRgn (hdc=0xa2010693, hrgn=0x770407de) returned 2
[0288.365] DeleteObject (ho=0xe9040807) returned 1
[0288.365] DeleteObject (ho=0x770407de) returned 1
[0288.365] OffsetViewportOrgEx (in: hdc=0xa2010693, x=0, y=0, lppt=0x2ce4e7c | out: lppt=0x2ce4e7c) returned 1
[0288.365] DrawThemeParentBackground () returned 0x0
[0288.365] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0288.365] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0288.365] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.366] GetSystemMetrics (nIndex=42) returned 0
[0288.366] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0288.366] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0288.366] GetCurrentObject (hdc=0xa2010693, type=0x1) returned 0xb00017
[0288.366] GetCurrentObject (hdc=0xa2010693, type=0x2) returned 0x900010
[0288.366] GetCurrentObject (hdc=0xa2010693, type=0x7) returned 0x4a0507fe
[0288.366] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.366] SaveDC (hdc=0xa2010693) returned 2
[0288.366] GetNearestColor (hdc=0xa2010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.366] CreateSolidBrush (color=0xf0f0f0) returned 0x341007e1
[0288.366] FillRect (hDC=0xa2010693, lprc=0xd7da30, hbr=0x341007e1) returned 1
[0288.366] DeleteObject (ho=0x341007e1) returned 1
[0288.366] RestoreDC (hdc=0xa2010693, nSavedDC=-1) returned 1
[0288.366] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.366] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.367] GetSystemMetrics (nIndex=42) returned 0
[0288.367] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0288.367] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0288.367] GetCurrentObject (hdc=0xa2010693, type=0x1) returned 0xb00017
[0288.367] GetCurrentObject (hdc=0xa2010693, type=0x2) returned 0x900010
[0288.367] GetCurrentObject (hdc=0xa2010693, type=0x7) returned 0x4a0507fe
[0288.367] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.367] SaveDC (hdc=0xa2010693) returned 2
[0288.367] GetNearestColor (hdc=0xa2010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.367] CreateSolidBrush (color=0xf0f0f0) returned 0x351007e1
[0288.367] FillRect (hDC=0xa2010693, lprc=0xd7d9d0, hbr=0x351007e1) returned 1
[0288.367] DeleteObject (ho=0x351007e1) returned 1
[0288.367] RestoreDC (hdc=0xa2010693, nSavedDC=-1) returned 1
[0288.367] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.367] GetSystemMetrics (nIndex=42) returned 0
[0288.368] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0288.368] RestoreDC (hdc=0xa2010693, nSavedDC=-1) returned 1
[0288.368] GdipReleaseDC (graphics=0x6600030, hdc=0xa2010693) returned 0x0
[0288.368] IsAppThemed () returned 0x1
[0288.368] GetThemeAppProperties () returned 0x3
[0288.368] GetThemeAppProperties () returned 0x3
[0288.368] IsAppThemed () returned 0x1
[0288.368] GetThemeAppProperties () returned 0x3
[0288.368] GetThemeAppProperties () returned 0x3
[0288.368] IsThemePartDefined () returned 0x1
[0288.368] GdipCreateRegion (region=0xd7df50) returned 0x0
[0288.368] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0288.368] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0288.368] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0288.369] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0288.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.369] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0288.369] LocalFree (hMem=0x11ee788) returned 0x0
[0288.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.369] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0288.369] LocalFree (hMem=0x11eec58) returned 0x0
[0288.369] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0288.369] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df90) returned 0x0
[0288.369] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7df80) returned 0x0
[0288.369] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0288.369] GdipDeleteRegion (region=0x6646298) returned 0x0
[0288.369] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0288.369] GetCurrentObject (hdc=0xa2010693, type=0x1) returned 0xb00017
[0288.369] GetCurrentObject (hdc=0xa2010693, type=0x2) returned 0x900010
[0288.369] GetCurrentObject (hdc=0xa2010693, type=0x7) returned 0x4a0507fe
[0288.369] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.369] SaveDC (hdc=0xa2010693) returned 1
[0288.370] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x780407de
[0288.370] GetClipRgn (hdc=0xa2010693, hrgn=0x780407de) returned 0
[0288.370] SelectClipRgn (hdc=0xa2010693, hrgn=0xeb040807) returned 2
[0288.370] DeleteObject (ho=0x780407de) returned 1
[0288.370] DeleteObject (ho=0xeb040807) returned 1
[0288.370] OffsetViewportOrgEx (in: hdc=0xa2010693, x=0, y=0, lppt=0x2ce5728 | out: lppt=0x2ce5728) returned 1
[0288.370] IsAppThemed () returned 0x1
[0288.370] GetThemeAppProperties () returned 0x3
[0288.370] GetThemeAppProperties () returned 0x3
[0288.370] DrawThemeBackground () returned 0x0
[0288.370] RestoreDC (hdc=0xa2010693, nSavedDC=-1) returned 1
[0288.370] GdipReleaseDC (graphics=0x6600030, hdc=0xa2010693) returned 0x0
[0288.370] GdipCreateRegion (region=0xd7df54) returned 0x0
[0288.370] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0288.370] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0288.370] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0288.371] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df6c) returned 0x0
[0288.371] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0288.371] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0288.371] LocalFree (hMem=0x11ee9f0) returned 0x0
[0288.371] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.371] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0288.371] LocalFree (hMem=0x11ee788) returned 0x0
[0288.371] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0288.371] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0288.371] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0288.371] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0288.371] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0288.371] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0288.371] GetCurrentObject (hdc=0xa2010693, type=0x1) returned 0xb00017
[0288.371] GetCurrentObject (hdc=0xa2010693, type=0x2) returned 0x900010
[0288.371] GetCurrentObject (hdc=0xa2010693, type=0x7) returned 0x4a0507fe
[0288.371] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.372] SaveDC (hdc=0xa2010693) returned 1
[0288.372] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xec040807
[0288.372] GetClipRgn (hdc=0xa2010693, hrgn=0xec040807) returned 0
[0288.374] SelectClipRgn (hdc=0xa2010693, hrgn=0x790407de) returned 2
[0288.374] DeleteObject (ho=0xec040807) returned 1
[0288.374] DeleteObject (ho=0x790407de) returned 1
[0288.374] OffsetViewportOrgEx (in: hdc=0xa2010693, x=0, y=0, lppt=0x2ce59fc | out: lppt=0x2ce59fc) returned 1
[0288.374] IsAppThemed () returned 0x1
[0288.375] GetThemeAppProperties () returned 0x3
[0288.375] GetThemeAppProperties () returned 0x3
[0288.375] GetThemeBackgroundContentRect () returned 0x0
[0288.375] RestoreDC (hdc=0xa2010693, nSavedDC=-1) returned 1
[0288.375] GdipReleaseDC (graphics=0x6600030, hdc=0xa2010693) returned 0x0
[0288.375] IsAppThemed () returned 0x1
[0288.375] GetThemeAppProperties () returned 0x3
[0288.375] GetThemeAppProperties () returned 0x3
[0288.375] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0288.375] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0288.375] GetCurrentObject (hdc=0xa2010693, type=0x1) returned 0xb00017
[0288.375] GetCurrentObject (hdc=0xa2010693, type=0x2) returned 0x900010
[0288.375] GetCurrentObject (hdc=0xa2010693, type=0x7) returned 0x4a0507fe
[0288.375] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.375] SaveDC (hdc=0xa2010693) returned 1
[0288.375] GetTextAlign (hdc=0xa2010693) returned 0x0
[0288.376] GetTextColor (hdc=0xa2010693) returned 0x0
[0288.376] GetCurrentObject (hdc=0xa2010693, type=0x6) returned 0x8a01c2
[0288.376] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0288.376] SelectObject (hdc=0xa2010693, h=0x6d0a0520) returned 0x8a01c2
[0288.376] GetBkMode (hdc=0xa2010693) returned 2
[0288.376] SetBkMode (hdc=0xa2010693, mode=1) returned 2
[0288.376] DrawTextExW (in: hdc=0xa2010693, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2ce5d9c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0288.376] DrawTextExW (in: hdc=0xa2010693, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2ce5d9c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0288.377] RestoreDC (hdc=0xa2010693, nSavedDC=-1) returned 1
[0288.377] GdipReleaseDC (graphics=0x6600030, hdc=0xa2010693) returned 0x0
[0288.377] GetFocus () returned 0x3202d8
[0288.377] IsAppThemed () returned 0x1
[0288.377] GetThemeAppProperties () returned 0x3
[0288.377] GetThemeAppProperties () returned 0x3
[0288.377] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0288.377] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xa2010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.377] GdipReleaseDC (graphics=0x6600030, hdc=0xa2010693) returned 0x0
[0288.377] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.377] SelectObject (hdc=0xa2010693, h=0x85000f) returned 0x4a0507fe
[0288.377] DeleteDC (hdc=0xa2010693) returned 1
[0288.378] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.378] EndPaint (hWnd=0x3002de, lpPaint=0xd7e24c) returned 1
[0288.378] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.378] IsWindowUnicode (hWnd=0x2502d0) returned 1
[0288.378] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.378] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.378] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.378] BeginPaint (in: hWnd=0x2502d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0288.378] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.378] CreateCompatibleDC (hdc=0x10105d6) returned 0xa4010693
[0288.378] SelectObject (hdc=0xa4010693, h=0x4a0507fe) returned 0x85000f
[0288.379] GdipCreateFromHDC (hdc=0xa4010693, graphics=0xd7e268) returned 0x0
[0288.379] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.379] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0288.379] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0288.379] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0288.379] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0288.379] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0288.379] LocalFree (hMem=0x11ee788) returned 0x0
[0288.379] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0288.379] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0288.379] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0288.379] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0288.379] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0288.379] GdipRestoreGraphics (graphics=0x6600030, state=0xf64c0dbd) returned 0x0
[0288.379] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0288.380] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0288.380] GetCurrentObject (hdc=0xa4010693, type=0x1) returned 0xb00017
[0288.380] GetCurrentObject (hdc=0xa4010693, type=0x2) returned 0x900010
[0288.380] GetCurrentObject (hdc=0xa4010693, type=0x7) returned 0x4a0507fe
[0288.380] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.380] SaveDC (hdc=0xa4010693) returned 1
[0288.380] GetNearestColor (hdc=0xa4010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.380] GetNearestColor (hdc=0xa4010693, color=0xa0a0a0) returned 0xa0a0a0
[0288.380] GetNearestColor (hdc=0xa4010693, color=0x696969) returned 0x696969
[0288.380] GetNearestColor (hdc=0xa4010693, color=0xa0a0a0) returned 0xa0a0a0
[0288.380] GetNearestColor (hdc=0xa4010693, color=0x0) returned 0x0
[0288.380] GetNearestColor (hdc=0xa4010693, color=0xffffff) returned 0xffffff
[0288.380] GetNearestColor (hdc=0xa4010693, color=0xe5e5e5) returned 0xe5e5e5
[0288.380] GetNearestColor (hdc=0xa4010693, color=0xd7d7d7) returned 0xd7d7d7
[0288.380] GetNearestColor (hdc=0xa4010693, color=0x0) returned 0x0
[0288.380] RestoreDC (hdc=0xa4010693, nSavedDC=-1) returned 1
[0288.381] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010693) returned 0x0
[0288.381] IsAppThemed () returned 0x1
[0288.381] GetThemeAppProperties () returned 0x3
[0288.381] GetThemeAppProperties () returned 0x3
[0288.381] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0288.381] SendMessageW (hWnd=0x3002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0288.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0288.381] IsAppThemed () returned 0x1
[0288.381] GetThemeAppProperties () returned 0x3
[0288.381] GetThemeAppProperties () returned 0x3
[0288.381] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2ce65ac | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0288.381] IsAppThemed () returned 0x1
[0288.381] GetThemeAppProperties () returned 0x3
[0288.381] GetThemeAppProperties () returned 0x3
[0288.381] IsAppThemed () returned 0x1
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] GetFocus () returned 0x3202d8
[0288.382] IsAppThemed () returned 0x1
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] IsAppThemed () returned 0x1
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] IsThemePartDefined () returned 0x1
[0288.382] IsAppThemed () returned 0x1
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0288.382] IsAppThemed () returned 0x1
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] IsAppThemed () returned 0x1
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] GetThemeAppProperties () returned 0x3
[0288.382] IsThemePartDefined () returned 0x1
[0288.383] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0288.383] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0288.383] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0288.383] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0288.383] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0288.383] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0288.383] LocalFree (hMem=0x11ee8d8) returned 0x0
[0288.383] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0288.383] LocalFree (hMem=0x11ee8d8) returned 0x0
[0288.383] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0288.383] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e018) returned 0x0
[0288.383] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e008) returned 0x0
[0288.383] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0288.383] GdipDeleteRegion (region=0x6646718) returned 0x0
[0288.383] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0288.383] GetCurrentObject (hdc=0xa4010693, type=0x1) returned 0xb00017
[0288.383] GetCurrentObject (hdc=0xa4010693, type=0x2) returned 0x900010
[0288.383] GetCurrentObject (hdc=0xa4010693, type=0x7) returned 0x4a0507fe
[0288.383] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.383] SaveDC (hdc=0xa4010693) returned 1
[0288.384] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7a0407de
[0288.384] GetClipRgn (hdc=0xa4010693, hrgn=0x7a0407de) returned 0
[0288.384] SelectClipRgn (hdc=0xa4010693, hrgn=0xf0040807) returned 2
[0288.384] DeleteObject (ho=0x7a0407de) returned 1
[0288.384] DeleteObject (ho=0xf0040807) returned 1
[0288.384] OffsetViewportOrgEx (in: hdc=0xa4010693, x=0, y=0, lppt=0x2ce6c5c | out: lppt=0x2ce6c5c) returned 1
[0288.384] DrawThemeParentBackground () returned 0x0
[0288.384] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0288.384] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0288.384] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.384] GetSystemMetrics (nIndex=42) returned 0
[0288.384] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0288.384] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0288.385] GetCurrentObject (hdc=0xa4010693, type=0x1) returned 0xb00017
[0288.385] GetCurrentObject (hdc=0xa4010693, type=0x2) returned 0x900010
[0288.385] GetCurrentObject (hdc=0xa4010693, type=0x7) returned 0x4a0507fe
[0288.385] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.385] SaveDC (hdc=0xa4010693) returned 2
[0288.385] GetNearestColor (hdc=0xa4010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.385] CreateSolidBrush (color=0xf0f0f0) returned 0x361007e1
[0288.385] FillRect (hDC=0xa4010693, lprc=0xd7da38, hbr=0x361007e1) returned 1
[0288.385] DeleteObject (ho=0x361007e1) returned 1
[0288.385] RestoreDC (hdc=0xa4010693, nSavedDC=-1) returned 1
[0288.385] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.385] GetSystemMetrics (nIndex=42) returned 0
[0288.385] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0288.385] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0288.386] GetCurrentObject (hdc=0xa4010693, type=0x1) returned 0xb00017
[0288.386] GetCurrentObject (hdc=0xa4010693, type=0x2) returned 0x900010
[0288.386] GetCurrentObject (hdc=0xa4010693, type=0x7) returned 0x4a0507fe
[0288.386] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.386] SaveDC (hdc=0xa4010693) returned 2
[0288.386] GetNearestColor (hdc=0xa4010693, color=0xf0f0f0) returned 0xf0f0f0
[0288.386] CreateSolidBrush (color=0xf0f0f0) returned 0x371007e1
[0288.386] FillRect (hDC=0xa4010693, lprc=0xd7d9d8, hbr=0x371007e1) returned 1
[0288.386] DeleteObject (ho=0x371007e1) returned 1
[0288.386] RestoreDC (hdc=0xa4010693, nSavedDC=-1) returned 1
[0288.386] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.386] GetSystemMetrics (nIndex=42) returned 0
[0288.386] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0288.387] RestoreDC (hdc=0xa4010693, nSavedDC=-1) returned 1
[0288.387] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010693) returned 0x0
[0288.387] IsAppThemed () returned 0x1
[0288.387] GetThemeAppProperties () returned 0x3
[0288.387] GetThemeAppProperties () returned 0x3
[0288.387] IsAppThemed () returned 0x1
[0288.387] GetThemeAppProperties () returned 0x3
[0288.387] GetThemeAppProperties () returned 0x3
[0288.387] IsThemePartDefined () returned 0x1
[0288.387] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0288.387] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0288.387] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0288.387] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0288.387] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df74) returned 0x0
[0288.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0288.387] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea98) returned 0x0
[0288.387] LocalFree (hMem=0x11eea98) returned 0x0
[0288.388] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0288.388] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0288.394] LocalFree (hMem=0x11ee868) returned 0x0
[0288.394] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0288.394] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0288.394] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0288.394] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0288.394] GdipDeleteRegion (region=0x6646838) returned 0x0
[0288.394] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0288.394] GetCurrentObject (hdc=0xa4010693, type=0x1) returned 0xb00017
[0288.394] GetCurrentObject (hdc=0xa4010693, type=0x2) returned 0x900010
[0288.394] GetCurrentObject (hdc=0xa4010693, type=0x7) returned 0x4a0507fe
[0288.394] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.394] SaveDC (hdc=0xa4010693) returned 1
[0288.394] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf1040807
[0288.394] GetClipRgn (hdc=0xa4010693, hrgn=0xf1040807) returned 0
[0288.394] SelectClipRgn (hdc=0xa4010693, hrgn=0x7c0407de) returned 2
[0288.395] DeleteObject (ho=0xf1040807) returned 1
[0288.395] DeleteObject (ho=0x7c0407de) returned 1
[0288.395] OffsetViewportOrgEx (in: hdc=0xa4010693, x=0, y=0, lppt=0x2ce7508 | out: lppt=0x2ce7508) returned 1
[0288.395] IsAppThemed () returned 0x1
[0288.395] GetThemeAppProperties () returned 0x3
[0288.395] GetThemeAppProperties () returned 0x3
[0288.395] DrawThemeBackground () returned 0x0
[0288.395] RestoreDC (hdc=0xa4010693, nSavedDC=-1) returned 1
[0288.395] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010693) returned 0x0
[0288.395] GdipCreateRegion (region=0xd7df60) returned 0x0
[0288.395] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0288.395] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0288.395] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0288.395] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df78) returned 0x0
[0288.395] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.395] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0288.396] LocalFree (hMem=0x11eec58) returned 0x0
[0288.396] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.396] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0288.396] LocalFree (hMem=0x11ee788) returned 0x0
[0288.396] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0288.396] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0288.396] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7df90) returned 0x0
[0288.396] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0288.396] GdipDeleteRegion (region=0x6646688) returned 0x0
[0288.396] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0288.396] GetCurrentObject (hdc=0xa4010693, type=0x1) returned 0xb00017
[0288.396] GetCurrentObject (hdc=0xa4010693, type=0x2) returned 0x900010
[0288.396] GetCurrentObject (hdc=0xa4010693, type=0x7) returned 0x4a0507fe
[0288.396] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.396] SaveDC (hdc=0xa4010693) returned 1
[0288.396] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7d0407de
[0288.396] GetClipRgn (hdc=0xa4010693, hrgn=0x7d0407de) returned 0
[0288.397] SelectClipRgn (hdc=0xa4010693, hrgn=0xf2040807) returned 2
[0288.397] DeleteObject (ho=0x7d0407de) returned 1
[0288.397] DeleteObject (ho=0xf2040807) returned 1
[0288.397] OffsetViewportOrgEx (in: hdc=0xa4010693, x=0, y=0, lppt=0x2ce77dc | out: lppt=0x2ce77dc) returned 1
[0288.397] IsAppThemed () returned 0x1
[0288.397] GetThemeAppProperties () returned 0x3
[0288.397] GetThemeAppProperties () returned 0x3
[0288.397] GetThemeBackgroundContentRect () returned 0x0
[0288.397] RestoreDC (hdc=0xa4010693, nSavedDC=-1) returned 1
[0288.397] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010693) returned 0x0
[0288.397] IsAppThemed () returned 0x1
[0288.397] GetThemeAppProperties () returned 0x3
[0288.397] GetThemeAppProperties () returned 0x3
[0288.397] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0288.397] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0288.397] GetCurrentObject (hdc=0xa4010693, type=0x1) returned 0xb00017
[0288.397] GetCurrentObject (hdc=0xa4010693, type=0x2) returned 0x900010
[0288.397] GetCurrentObject (hdc=0xa4010693, type=0x7) returned 0x4a0507fe
[0288.398] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.398] SaveDC (hdc=0xa4010693) returned 1
[0288.398] GetTextAlign (hdc=0xa4010693) returned 0x0
[0288.398] GetTextColor (hdc=0xa4010693) returned 0x0
[0288.398] GetCurrentObject (hdc=0xa4010693, type=0x6) returned 0x8a01c2
[0288.398] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0288.398] SelectObject (hdc=0xa4010693, h=0x6d0a0520) returned 0x8a01c2
[0288.398] GetBkMode (hdc=0xa4010693) returned 2
[0288.398] SetBkMode (hdc=0xa4010693, mode=1) returned 2
[0288.398] DrawTextExW (in: hdc=0xa4010693, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2ce7b7c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0288.399] DrawTextExW (in: hdc=0xa4010693, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2ce7b7c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0288.399] RestoreDC (hdc=0xa4010693, nSavedDC=-1) returned 1
[0288.399] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010693) returned 0x0
[0288.399] GetFocus () returned 0x3202d8
[0288.399] IsAppThemed () returned 0x1
[0288.399] GetThemeAppProperties () returned 0x3
[0288.399] GetThemeAppProperties () returned 0x3
[0288.399] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0288.399] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xa4010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.399] GdipReleaseDC (graphics=0x6600030, hdc=0xa4010693) returned 0x0
[0288.399] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.400] SelectObject (hdc=0xa4010693, h=0x85000f) returned 0x4a0507fe
[0288.400] DeleteDC (hdc=0xa4010693) returned 1
[0288.400] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.400] EndPaint (hWnd=0x2502d0, lpPaint=0xd7e24c) returned 1
[0288.400] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.400] IsWindowUnicode (hWnd=0x602c4) returned 1
[0288.400] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.400] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.400] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.400] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0288.401] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.401] CreateCompatibleDC (hdc=0xf0105ee) returned 0xa6010693
[0288.401] SelectObject (hdc=0xa6010693, h=0x4a0507fe) returned 0x85000f
[0288.401] GdipCreateFromHDC (hdc=0xa6010693, graphics=0xd7e268) returned 0x0
[0288.401] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.401] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0288.401] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0288.401] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0288.401] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2c8) returned 0x0
[0288.401] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.401] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0288.401] LocalFree (hMem=0x11ee788) returned 0x0
[0288.401] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0288.402] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0288.402] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0288.402] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0288.402] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0288.402] GdipRestoreGraphics (graphics=0x6600030, state=0xf64a0dbd) returned 0x0
[0288.402] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0288.402] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0288.402] GetCurrentObject (hdc=0xa6010693, type=0x1) returned 0xb00017
[0288.402] GetCurrentObject (hdc=0xa6010693, type=0x2) returned 0x900010
[0288.402] GetCurrentObject (hdc=0xa6010693, type=0x7) returned 0x4a0507fe
[0288.402] GetCurrentObject (hdc=0xa6010693, type=0x6) returned 0x8a01c2
[0288.402] SaveDC (hdc=0xa6010693) returned 1
[0288.402] GetNearestColor (hdc=0xa6010693, color=0xff) returned 0xff
[0288.402] GetNearestColor (hdc=0xa6010693, color=0x55) returned 0x55
[0288.402] GetNearestColor (hdc=0xa6010693, color=0x0) returned 0x0
[0288.402] GetNearestColor (hdc=0xa6010693, color=0x55) returned 0x55
[0288.403] GetNearestColor (hdc=0xa6010693, color=0x0) returned 0x0
[0288.403] GetNearestColor (hdc=0xa6010693, color=0x8080ff) returned 0x8080ff
[0288.403] GetNearestColor (hdc=0xa6010693, color=0x7373e5) returned 0x7373e5
[0288.403] GetNearestColor (hdc=0xa6010693, color=0xe5) returned 0xe5
[0288.403] GetNearestColor (hdc=0xa6010693, color=0x0) returned 0x0
[0288.403] RestoreDC (hdc=0xa6010693, nSavedDC=-1) returned 1
[0288.403] GdipReleaseDC (graphics=0x6600030, hdc=0xa6010693) returned 0x0
[0288.404] IsAppThemed () returned 0x1
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] IsAppThemed () returned 0x1
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2ce8344 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0288.404] IsAppThemed () returned 0x1
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] IsAppThemed () returned 0x1
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] GetThemeAppProperties () returned 0x3
[0288.404] GetFocus () returned 0x3202d8
[0288.405] IsAppThemed () returned 0x1
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] IsAppThemed () returned 0x1
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] IsThemePartDefined () returned 0x1
[0288.405] IsAppThemed () returned 0x1
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0288.405] IsAppThemed () returned 0x1
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] IsAppThemed () returned 0x1
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] GetThemeAppProperties () returned 0x3
[0288.405] IsThemePartDefined () returned 0x1
[0288.405] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0288.405] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0288.405] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0288.405] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0288.405] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0288.405] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0288.405] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0288.405] LocalFree (hMem=0x11eea60) returned 0x0
[0288.405] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.405] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0288.406] LocalFree (hMem=0x11eec58) returned 0x0
[0288.406] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0288.406] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e018) returned 0x0
[0288.406] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e008) returned 0x0
[0288.406] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0288.406] GdipDeleteRegion (region=0x6646838) returned 0x0
[0288.406] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0288.406] GetCurrentObject (hdc=0xa6010693, type=0x1) returned 0xb00017
[0288.406] GetCurrentObject (hdc=0xa6010693, type=0x2) returned 0x900010
[0288.406] GetCurrentObject (hdc=0xa6010693, type=0x7) returned 0x4a0507fe
[0288.406] GetCurrentObject (hdc=0xa6010693, type=0x6) returned 0x8a01c2
[0288.406] SaveDC (hdc=0xa6010693) returned 1
[0288.406] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf3040807
[0288.406] GetClipRgn (hdc=0xa6010693, hrgn=0xf3040807) returned 0
[0288.406] SelectClipRgn (hdc=0xa6010693, hrgn=0x810407de) returned 2
[0288.406] DeleteObject (ho=0xf3040807) returned 1
[0288.406] DeleteObject (ho=0x810407de) returned 1
[0288.406] OffsetViewportOrgEx (in: hdc=0xa6010693, x=0, y=0, lppt=0x2ce89f4 | out: lppt=0x2ce89f4) returned 1
[0288.406] DrawThemeParentBackground () returned 0x0
[0288.407] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0288.407] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0288.407] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.407] GetSystemMetrics (nIndex=42) returned 0
[0288.407] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.407] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0288.407] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0288.407] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0288.407] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0288.407] SelectPalette (hdc=0xa6010693, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.407] GdipCreateFromHDC (hdc=0xa6010693, graphics=0xd7dac8) returned 0x0
[0288.407] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0288.407] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0288.407] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638cc8) returned 0x0
[0288.408] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7daa0) returned 0x0
[0288.408] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0288.408] GdipCreateRegion (region=0xd7da88) returned 0x0
[0288.408] GdipGetClip (graphics=0x6631910, region=0x6646328) returned 0x0
[0288.408] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6631910, result=0xd7da94) returned 0x0
[0288.408] GdipDeleteRegion (region=0x6646328) returned 0x0
[0288.408] GdipSaveGraphics (graphics=0x6631910, state=0xd7dac0) returned 0x0
[0288.408] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0288.416] GdipFillRectangleI (graphics=0x6631910, brush=0x664d348, x=0, y=0, width=801, height=453) returned 0x0
[0288.416] GdipDeleteBrush (brush=0x664d348) returned 0x0
[0288.418] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0288.418] SelectPalette (hdc=0xa6010693, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.418] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.418] GetSystemMetrics (nIndex=42) returned 0
[0288.418] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.418] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0288.418] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0288.418] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0288.418] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0288.418] SelectPalette (hdc=0xa6010693, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.419] GdipCreateFromHDC (hdc=0xa6010693, graphics=0xd7da68) returned 0x0
[0288.425] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0288.425] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0288.425] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638d88) returned 0x0
[0288.425] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7da40) returned 0x0
[0288.425] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0288.425] GdipCreateRegion (region=0xd7da28) returned 0x0
[0288.425] GdipGetClip (graphics=0x6631910, region=0x66467a8) returned 0x0
[0288.425] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6631910, result=0xd7da34) returned 0x0
[0288.425] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0288.426] GdipSaveGraphics (graphics=0x6631910, state=0xd7da60) returned 0x0
[0288.426] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0288.434] GdipFillRectangleI (graphics=0x6631910, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0288.434] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0288.443] GdipRestoreGraphics (graphics=0x6631910, state=0xf6460dbd) returned 0x0
[0288.443] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.443] GetSystemMetrics (nIndex=42) returned 0
[0288.443] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.443] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0288.443] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0288.443] SelectPalette (hdc=0xa6010693, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.444] RestoreDC (hdc=0xa6010693, nSavedDC=-1) returned 1
[0288.444] GdipReleaseDC (graphics=0x6600030, hdc=0xa6010693) returned 0x0
[0288.444] IsAppThemed () returned 0x1
[0288.444] GetThemeAppProperties () returned 0x3
[0288.444] GetThemeAppProperties () returned 0x3
[0288.444] IsAppThemed () returned 0x1
[0288.444] GetThemeAppProperties () returned 0x3
[0288.444] GetThemeAppProperties () returned 0x3
[0288.444] IsThemePartDefined () returned 0x1
[0288.444] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0288.444] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0288.444] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0288.444] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0288.444] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0288.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.444] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0288.444] LocalFree (hMem=0x11eec58) returned 0x0
[0288.444] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.445] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0288.445] LocalFree (hMem=0x11eec58) returned 0x0
[0288.445] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0288.445] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0288.445] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0288.445] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0288.445] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0288.445] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0288.445] GetCurrentObject (hdc=0xa6010693, type=0x1) returned 0xb00017
[0288.445] GetCurrentObject (hdc=0xa6010693, type=0x2) returned 0x900010
[0288.445] GetCurrentObject (hdc=0xa6010693, type=0x7) returned 0x4a0507fe
[0288.445] GetCurrentObject (hdc=0xa6010693, type=0x6) returned 0x8a01c2
[0288.445] SaveDC (hdc=0xa6010693) returned 1
[0288.445] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x820407de
[0288.445] GetClipRgn (hdc=0xa6010693, hrgn=0x820407de) returned 0
[0288.445] SelectClipRgn (hdc=0xa6010693, hrgn=0xf5040807) returned 2
[0288.446] DeleteObject (ho=0x820407de) returned 1
[0288.446] DeleteObject (ho=0xf5040807) returned 1
[0288.446] OffsetViewportOrgEx (in: hdc=0xa6010693, x=0, y=0, lppt=0x2cef244 | out: lppt=0x2cef244) returned 1
[0288.446] IsAppThemed () returned 0x1
[0288.467] GetThemeAppProperties () returned 0x3
[0288.467] GetThemeAppProperties () returned 0x3
[0288.467] DrawThemeBackground () returned 0x0
[0288.467] RestoreDC (hdc=0xa6010693, nSavedDC=-1) returned 1
[0288.468] GdipReleaseDC (graphics=0x6600030, hdc=0xa6010693) returned 0x0
[0288.468] GdipCreateRegion (region=0xd7df60) returned 0x0
[0288.468] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0288.468] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0288.468] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0288.468] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df78) returned 0x0
[0288.468] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0288.468] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea60) returned 0x0
[0288.468] LocalFree (hMem=0x11eea60) returned 0x0
[0288.468] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0288.468] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0288.468] LocalFree (hMem=0x11ee868) returned 0x0
[0288.468] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0288.468] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0288.468] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7df90) returned 0x0
[0288.468] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0288.469] GdipDeleteRegion (region=0x6646958) returned 0x0
[0288.469] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0288.469] GetCurrentObject (hdc=0xa6010693, type=0x1) returned 0xb00017
[0288.469] GetCurrentObject (hdc=0xa6010693, type=0x2) returned 0x900010
[0288.469] GetCurrentObject (hdc=0xa6010693, type=0x7) returned 0x4a0507fe
[0288.469] GetCurrentObject (hdc=0xa6010693, type=0x6) returned 0x8a01c2
[0288.469] SaveDC (hdc=0xa6010693) returned 1
[0288.469] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf6040807
[0288.469] GetClipRgn (hdc=0xa6010693, hrgn=0xf6040807) returned 0
[0288.469] SelectClipRgn (hdc=0xa6010693, hrgn=0x830407de) returned 2
[0288.469] DeleteObject (ho=0xf6040807) returned 1
[0288.469] DeleteObject (ho=0x830407de) returned 1
[0288.469] OffsetViewportOrgEx (in: hdc=0xa6010693, x=0, y=0, lppt=0x2cef518 | out: lppt=0x2cef518) returned 1
[0288.469] IsAppThemed () returned 0x1
[0288.469] GetThemeAppProperties () returned 0x3
[0288.469] GetThemeAppProperties () returned 0x3
[0288.469] GetThemeBackgroundContentRect () returned 0x0
[0288.469] RestoreDC (hdc=0xa6010693, nSavedDC=-1) returned 1
[0288.470] GdipReleaseDC (graphics=0x6600030, hdc=0xa6010693) returned 0x0
[0288.470] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0288.470] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0288.470] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0288.470] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0288.470] IsAppThemed () returned 0x1
[0288.473] GetThemeAppProperties () returned 0x3
[0288.473] GetThemeAppProperties () returned 0x3
[0288.473] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0288.473] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0288.473] GetCurrentObject (hdc=0xa6010693, type=0x1) returned 0xb00017
[0288.473] GetCurrentObject (hdc=0xa6010693, type=0x2) returned 0x900010
[0288.473] GetCurrentObject (hdc=0xa6010693, type=0x7) returned 0x4a0507fe
[0288.473] GetCurrentObject (hdc=0xa6010693, type=0x6) returned 0x8a01c2
[0288.473] SaveDC (hdc=0xa6010693) returned 1
[0288.473] GetTextAlign (hdc=0xa6010693) returned 0x0
[0288.473] GetTextColor (hdc=0xa6010693) returned 0x0
[0288.473] GetCurrentObject (hdc=0xa6010693, type=0x6) returned 0x8a01c2
[0288.473] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0288.473] SelectObject (hdc=0xa6010693, h=0x6d0a0520) returned 0x8a01c2
[0288.473] GetBkMode (hdc=0xa6010693) returned 2
[0288.473] SetBkMode (hdc=0xa6010693, mode=1) returned 2
[0288.474] DrawTextExW (in: hdc=0xa6010693, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2cef8dc | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0288.474] DrawTextExW (in: hdc=0xa6010693, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2cef8dc | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0288.474] RestoreDC (hdc=0xa6010693, nSavedDC=-1) returned 1
[0288.474] GdipReleaseDC (graphics=0x6600030, hdc=0xa6010693) returned 0x0
[0288.474] GetFocus () returned 0x3202d8
[0288.475] IsAppThemed () returned 0x1
[0288.475] GetThemeAppProperties () returned 0x3
[0288.475] GetThemeAppProperties () returned 0x3
[0288.475] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0288.475] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xa6010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.475] GdipReleaseDC (graphics=0x6600030, hdc=0xa6010693) returned 0x0
[0288.475] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.475] SelectObject (hdc=0xa6010693, h=0x85000f) returned 0x4a0507fe
[0288.475] DeleteDC (hdc=0xa6010693) returned 1
[0288.475] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.475] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0288.476] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.476] IsWindowUnicode (hWnd=0x3002de) returned 1
[0288.476] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.476] GetDlgItem (hDlg=0x3002da, nIDDlgItem=0) returned 0x0
[0288.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x210, wParam=0x201, lParam=0x640107) returned 0x0
[0288.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x21, wParam=0x3002da, lParam=0x2010001) returned 0x1
[0288.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x21, wParam=0x3002da, lParam=0x2010001) returned 0x1
[0288.476] SetCursor (hCursor=0x10003) returned 0x10003
[0288.477] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.477] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.477] GetKeyState (nVirtKey=1) returned -127
[0288.477] GetKeyState (nVirtKey=2) returned 0
[0288.477] GetKeyState (nVirtKey=4) returned 0
[0288.477] GetKeyState (nVirtKey=5) returned 0
[0288.477] GetKeyState (nVirtKey=6) returned 0
[0288.477] IsWindowVisible (hWnd=0x3002de) returned 1
[0288.477] IsWindowEnabled (hWnd=0x3002de) returned 1
[0288.477] SetFocus (hWnd=0x3002de) returned 0x3202d8
[0288.478] GetFocus () returned 0x3002de
[0288.478] IsChild (hWndParent=0x3002da, hWnd=0x3002de) returned 1
[0288.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x8, wParam=0x3002de, lParam=0x0) returned 0x0
[0288.478] GetCapture () returned 0x0
[0288.479] InvalidateRect (hWnd=0x3202d8, lpRect=0x0, bErase=0) returned 1
[0288.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0288.481] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0288.489] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.489] InvalidateRect (hWnd=0x3202d8, lpRect=0x0, bErase=0) returned 1
[0288.489] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x7, wParam=0x3202d8, lParam=0x0) returned 0x0
[0288.489] GetStockObject (i=5) returned 0x900015
[0288.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0288.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0288.489] GetDlgItem (hDlg=0x3002da, nIDDlgItem=3146462) returned 0x3002de
[0288.489] SendMessageW (hWnd=0x3002de, Msg=0x202b, wParam=0x3002de, lParam=0xd7dddc) returned 0x0
[0288.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x202b, wParam=0x3002de, lParam=0xd7dddc) returned 0x0
[0288.489] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.492] GetFocus () returned 0x3002de
[0288.492] GetFocus () returned 0x3002de
[0288.493] GetFocus () returned 0x3002de
[0288.493] GetKeyState (nVirtKey=1) returned -127
[0288.493] GetKeyState (nVirtKey=2) returned 0
[0288.493] GetKeyState (nVirtKey=4) returned 0
[0288.493] GetKeyState (nVirtKey=5) returned 0
[0288.493] GetKeyState (nVirtKey=6) returned 0
[0288.493] GetCapture () returned 0x0
[0288.493] SetCapture (hWnd=0x3002de) returned 0x0
[0288.493] GetKeyState (nVirtKey=1) returned -127
[0288.493] GetKeyState (nVirtKey=2) returned 0
[0288.493] GetKeyState (nVirtKey=4) returned 0
[0288.493] GetKeyState (nVirtKey=5) returned 0
[0288.493] GetKeyState (nVirtKey=6) returned 0
[0288.493] NotifyWinEvent (event=0x800a, hwnd=0x3002de, idObject=-4, idChild=0)
[0288.493] InvalidateRect (hWnd=0x3002de, lpRect=0xd7e430, bErase=0) returned 1
[0288.493] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.493] IsWindowUnicode (hWnd=0x3002de) returned 1
[0288.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0288.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0288.494] MapWindowPoints (in: hWndFrom=0x3002de, hWndTo=0x0, lpPoints=0x2cefacc, cPoints=0x1 | out: lpPoints=0x2cefacc) returned 30999254
[0288.494] NotifyWinEvent (event=0x800a, hwnd=0x3002de, idObject=-4, idChild=0)
[0288.494] InvalidateRect (hWnd=0x3002de, lpRect=0xd7e3d0, bErase=0) returned 1
[0288.494] UpdateWindow (hWnd=0x3002de) returned 1
[0288.494] BeginPaint (in: hWnd=0x3002de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0288.494] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.494] CreateCompatibleDC (hdc=0x107b9) returned 0x7001065e
[0288.494] SelectObject (hdc=0x7001065e, h=0x4a0507fe) returned 0x85000f
[0288.494] GdipCreateFromHDC (hdc=0x7001065e, graphics=0xd7df00) returned 0x0
[0288.494] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.494] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0288.495] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0288.495] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0288.495] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df60) returned 0x0
[0288.495] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0288.495] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0288.495] LocalFree (hMem=0x11ee9f0) returned 0x0
[0288.495] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0288.495] GdipCreateRegion (region=0xd7df48) returned 0x0
[0288.495] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0288.495] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df54) returned 0x0
[0288.495] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0288.495] GdipRestoreGraphics (graphics=0x6600030, state=0xf6440dbd) returned 0x0
[0288.495] GdipDeleteRegion (region=0x6646838) returned 0x0
[0288.495] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0288.495] GetCurrentObject (hdc=0x7001065e, type=0x1) returned 0xb00017
[0288.495] GetCurrentObject (hdc=0x7001065e, type=0x2) returned 0x900010
[0288.495] GetCurrentObject (hdc=0x7001065e, type=0x7) returned 0x4a0507fe
[0288.496] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.496] SaveDC (hdc=0x7001065e) returned 1
[0288.496] GetNearestColor (hdc=0x7001065e, color=0xf0f0f0) returned 0xf0f0f0
[0288.496] GetNearestColor (hdc=0x7001065e, color=0xa0a0a0) returned 0xa0a0a0
[0288.496] GetNearestColor (hdc=0x7001065e, color=0x696969) returned 0x696969
[0288.496] GetNearestColor (hdc=0x7001065e, color=0xa0a0a0) returned 0xa0a0a0
[0288.496] GetNearestColor (hdc=0x7001065e, color=0x0) returned 0x0
[0288.496] GetNearestColor (hdc=0x7001065e, color=0xffffff) returned 0xffffff
[0288.496] GetNearestColor (hdc=0x7001065e, color=0xe5e5e5) returned 0xe5e5e5
[0288.496] GetNearestColor (hdc=0x7001065e, color=0xd7d7d7) returned 0xd7d7d7
[0288.496] GetNearestColor (hdc=0x7001065e, color=0x0) returned 0x0
[0288.496] RestoreDC (hdc=0x7001065e, nSavedDC=-1) returned 1
[0288.496] GdipReleaseDC (graphics=0x6600030, hdc=0x7001065e) returned 0x0
[0288.496] IsAppThemed () returned 0x1
[0288.497] GetThemeAppProperties () returned 0x3
[0288.497] GetThemeAppProperties () returned 0x3
[0288.497] IsAppThemed () returned 0x1
[0288.497] GetThemeAppProperties () returned 0x3
[0288.502] GetThemeAppProperties () returned 0x3
[0288.502] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2cf0224 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0288.503] IsAppThemed () returned 0x1
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] IsAppThemed () returned 0x1
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] IsAppThemed () returned 0x1
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] IsAppThemed () returned 0x1
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] IsThemePartDefined () returned 0x1
[0288.503] IsAppThemed () returned 0x1
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0288.503] IsAppThemed () returned 0x1
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] GetThemeAppProperties () returned 0x3
[0288.503] IsAppThemed () returned 0x1
[0288.504] GetThemeAppProperties () returned 0x3
[0288.504] GetThemeAppProperties () returned 0x3
[0288.504] IsThemePartDefined () returned 0x1
[0288.504] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0288.504] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0288.504] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0288.504] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0288.504] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc7c) returned 0x0
[0288.504] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.504] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0288.504] LocalFree (hMem=0x11eec58) returned 0x0
[0288.504] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.504] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0288.504] LocalFree (hMem=0x11ee788) returned 0x0
[0288.504] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0288.504] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0288.504] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0288.504] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0288.505] GdipDeleteRegion (region=0x6646328) returned 0x0
[0288.505] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0288.505] GetCurrentObject (hdc=0x7001065e, type=0x1) returned 0xb00017
[0288.505] GetCurrentObject (hdc=0x7001065e, type=0x2) returned 0x900010
[0288.505] GetCurrentObject (hdc=0x7001065e, type=0x7) returned 0x4a0507fe
[0288.505] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.505] SaveDC (hdc=0x7001065e) returned 1
[0288.505] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x840407de
[0288.505] GetClipRgn (hdc=0x7001065e, hrgn=0x840407de) returned 0
[0288.505] SelectClipRgn (hdc=0x7001065e, hrgn=0xfa040807) returned 2
[0288.505] DeleteObject (ho=0x840407de) returned 1
[0288.505] DeleteObject (ho=0xfa040807) returned 1
[0288.505] OffsetViewportOrgEx (in: hdc=0x7001065e, x=0, y=0, lppt=0x2cf08d4 | out: lppt=0x2cf08d4) returned 1
[0288.505] DrawThemeParentBackground () returned 0x0
[0288.506] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0288.506] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0288.506] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.506] GetSystemMetrics (nIndex=42) returned 0
[0288.506] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.506] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0288.506] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0288.506] GetCurrentObject (hdc=0x7001065e, type=0x1) returned 0xb00017
[0288.506] GetCurrentObject (hdc=0x7001065e, type=0x2) returned 0x900010
[0288.506] GetCurrentObject (hdc=0x7001065e, type=0x7) returned 0x4a0507fe
[0288.506] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.506] SaveDC (hdc=0x7001065e) returned 2
[0288.506] GetNearestColor (hdc=0x7001065e, color=0xf0f0f0) returned 0xf0f0f0
[0288.506] CreateSolidBrush (color=0xf0f0f0) returned 0x381007e1
[0288.506] FillRect (hDC=0x7001065e, lprc=0xd7d6c8, hbr=0x381007e1) returned 1
[0288.507] DeleteObject (ho=0x381007e1) returned 1
[0288.507] RestoreDC (hdc=0x7001065e, nSavedDC=-1) returned 1
[0288.507] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.507] GetSystemMetrics (nIndex=42) returned 0
[0288.507] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.507] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0288.507] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0288.507] GetCurrentObject (hdc=0x7001065e, type=0x1) returned 0xb00017
[0288.507] GetCurrentObject (hdc=0x7001065e, type=0x2) returned 0x900010
[0288.507] GetCurrentObject (hdc=0x7001065e, type=0x7) returned 0x4a0507fe
[0288.507] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.507] SaveDC (hdc=0x7001065e) returned 2
[0288.507] GetNearestColor (hdc=0x7001065e, color=0xf0f0f0) returned 0xf0f0f0
[0288.507] CreateSolidBrush (color=0xf0f0f0) returned 0x391007e1
[0288.507] FillRect (hDC=0x7001065e, lprc=0xd7d668, hbr=0x391007e1) returned 1
[0288.508] DeleteObject (ho=0x391007e1) returned 1
[0288.508] RestoreDC (hdc=0x7001065e, nSavedDC=-1) returned 1
[0288.508] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.508] GetSystemMetrics (nIndex=42) returned 0
[0288.508] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0288.508] RestoreDC (hdc=0x7001065e, nSavedDC=-1) returned 1
[0288.508] GdipReleaseDC (graphics=0x6600030, hdc=0x7001065e) returned 0x0
[0288.508] IsAppThemed () returned 0x1
[0288.508] GetThemeAppProperties () returned 0x3
[0288.508] GetThemeAppProperties () returned 0x3
[0288.508] IsAppThemed () returned 0x1
[0288.508] GetThemeAppProperties () returned 0x3
[0288.508] GetThemeAppProperties () returned 0x3
[0288.509] IsThemePartDefined () returned 0x1
[0288.509] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0288.509] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0288.509] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0288.509] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0288.509] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dc00) returned 0x0
[0288.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0288.509] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0288.509] LocalFree (hMem=0x11eec58) returned 0x0
[0288.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0288.509] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee910) returned 0x0
[0288.509] LocalFree (hMem=0x11ee910) returned 0x0
[0288.509] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0288.509] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0288.509] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0288.509] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0288.509] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0288.509] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0288.509] GetCurrentObject (hdc=0x7001065e, type=0x1) returned 0xb00017
[0288.510] GetCurrentObject (hdc=0x7001065e, type=0x2) returned 0x900010
[0288.510] GetCurrentObject (hdc=0x7001065e, type=0x7) returned 0x4a0507fe
[0288.510] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.510] SaveDC (hdc=0x7001065e) returned 1
[0288.510] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfb040807
[0288.510] GetClipRgn (hdc=0x7001065e, hrgn=0xfb040807) returned 0
[0288.510] SelectClipRgn (hdc=0x7001065e, hrgn=0x860407de) returned 2
[0288.510] DeleteObject (ho=0xfb040807) returned 1
[0288.510] DeleteObject (ho=0x860407de) returned 1
[0288.510] OffsetViewportOrgEx (in: hdc=0x7001065e, x=0, y=0, lppt=0x2cf1180 | out: lppt=0x2cf1180) returned 1
[0288.510] IsAppThemed () returned 0x1
[0288.510] GetThemeAppProperties () returned 0x3
[0288.510] GetThemeAppProperties () returned 0x3
[0288.510] DrawThemeBackground () returned 0x0
[0288.510] RestoreDC (hdc=0x7001065e, nSavedDC=-1) returned 1
[0288.511] GdipReleaseDC (graphics=0x6600030, hdc=0x7001065e) returned 0x0
[0288.511] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0288.511] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0288.511] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0288.511] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0288.511] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc04) returned 0x0
[0288.511] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0288.511] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea60) returned 0x0
[0288.511] LocalFree (hMem=0x11eea60) returned 0x0
[0288.511] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0288.511] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0288.511] LocalFree (hMem=0x11ee868) returned 0x0
[0288.511] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0288.511] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0288.511] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0288.511] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0288.511] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0288.512] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0288.512] GetCurrentObject (hdc=0x7001065e, type=0x1) returned 0xb00017
[0288.512] GetCurrentObject (hdc=0x7001065e, type=0x2) returned 0x900010
[0288.512] GetCurrentObject (hdc=0x7001065e, type=0x7) returned 0x4a0507fe
[0288.512] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.512] SaveDC (hdc=0x7001065e) returned 1
[0288.512] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x870407de
[0288.512] GetClipRgn (hdc=0x7001065e, hrgn=0x870407de) returned 0
[0288.512] SelectClipRgn (hdc=0x7001065e, hrgn=0xfc040807) returned 2
[0288.512] DeleteObject (ho=0x870407de) returned 1
[0288.512] DeleteObject (ho=0xfc040807) returned 1
[0288.512] OffsetViewportOrgEx (in: hdc=0x7001065e, x=0, y=0, lppt=0x2cf1454 | out: lppt=0x2cf1454) returned 1
[0288.512] IsAppThemed () returned 0x1
[0288.513] GetThemeAppProperties () returned 0x3
[0288.513] GetThemeAppProperties () returned 0x3
[0288.513] GetThemeBackgroundContentRect () returned 0x0
[0288.513] RestoreDC (hdc=0x7001065e, nSavedDC=-1) returned 1
[0288.513] GdipReleaseDC (graphics=0x6600030, hdc=0x7001065e) returned 0x0
[0288.513] IsAppThemed () returned 0x1
[0288.513] GetThemeAppProperties () returned 0x3
[0288.513] GetThemeAppProperties () returned 0x3
[0288.513] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0288.513] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0288.513] GetCurrentObject (hdc=0x7001065e, type=0x1) returned 0xb00017
[0288.513] GetCurrentObject (hdc=0x7001065e, type=0x2) returned 0x900010
[0288.514] GetCurrentObject (hdc=0x7001065e, type=0x7) returned 0x4a0507fe
[0288.514] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.514] SaveDC (hdc=0x7001065e) returned 1
[0288.514] GetTextAlign (hdc=0x7001065e) returned 0x0
[0288.514] GetTextColor (hdc=0x7001065e) returned 0x0
[0288.514] GetCurrentObject (hdc=0x7001065e, type=0x6) returned 0x8a01c2
[0288.514] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0288.514] SelectObject (hdc=0x7001065e, h=0x6d0a0520) returned 0x8a01c2
[0288.514] GetBkMode (hdc=0x7001065e) returned 2
[0288.514] SetBkMode (hdc=0x7001065e, mode=1) returned 2
[0288.514] DrawTextExW (in: hdc=0x7001065e, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2cf17f4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0288.515] DrawTextExW (in: hdc=0x7001065e, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2cf17f4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0288.515] RestoreDC (hdc=0x7001065e, nSavedDC=-1) returned 1
[0288.515] GdipReleaseDC (graphics=0x6600030, hdc=0x7001065e) returned 0x0
[0288.515] GetFocus () returned 0x3002de
[0288.515] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0288.515] SendMessageW (hWnd=0x3002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0288.515] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0288.515] IsAppThemed () returned 0x1
[0288.515] GetThemeAppProperties () returned 0x3
[0288.515] GetThemeAppProperties () returned 0x3
[0288.515] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0288.516] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x7001065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.516] GdipReleaseDC (graphics=0x6600030, hdc=0x7001065e) returned 0x0
[0288.516] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.516] SelectObject (hdc=0x7001065e, h=0x85000f) returned 0x4a0507fe
[0288.516] DeleteDC (hdc=0x7001065e) returned 1
[0288.516] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.516] EndPaint (hWnd=0x3002de, lpPaint=0xd7dee4) returned 1
[0288.516] MapWindowPoints (in: hWndFrom=0x3002de, hWndTo=0x0, lpPoints=0x2cf18f0, cPoints=0x1 | out: lpPoints=0x2cf18f0) returned 30999254
[0288.516] WindowFromPoint (Point=0x2fc) returned 0x3002de
[0288.516] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.517] NotifyWinEvent (event=0x800a, hwnd=0x3002de, idObject=-4, idChild=0)
[0288.517] NotifyWinEvent (event=0x800c, hwnd=0x3002de, idObject=-4, idChild=0)
[0288.517] GetCapture () returned 0x3002de
[0288.517] ReleaseCapture () returned 1
[0288.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0288.517] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0288.517] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.518] IsWindow (hWnd=0x7005c) returned 1
[0288.518] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0288.518] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0288.518] IsWindow (hWnd=0x3002da) returned 1
[0288.518] SetActiveWindow (hWnd=0x3002da) returned 0x3002da
[0288.518] IsWindow (hWnd=0x3002da) returned 1
[0288.518] SetFocus (hWnd=0x3002da) returned 0x3002de
[0288.519] GetFocus () returned 0x3002da
[0288.519] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x8, wParam=0x3002da, lParam=0x0) returned 0x0
[0288.519] GetCapture () returned 0x0
[0288.519] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.520] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0288.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0288.523] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.523] GetFocus () returned 0x3002da
[0288.524] SetFocus (hWnd=0x3002de) returned 0x3002da
[0288.524] GetFocus () returned 0x3002de
[0288.524] IsChild (hWndParent=0x3002da, hWnd=0x3002de) returned 1
[0288.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x8, wParam=0x3002de, lParam=0x0) returned 0x0
[0288.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0288.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0288.535] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.535] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x7, wParam=0x3002da, lParam=0x0) returned 0x0
[0288.535] GetStockObject (i=5) returned 0x900015
[0288.535] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0288.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0xd, wParam=0xa, lParam=0x11f57a0) returned 0x9
[0288.536] GetDlgItem (hDlg=0x3002da, nIDDlgItem=3146462) returned 0x3002de
[0288.536] SendMessageW (hWnd=0x3002de, Msg=0x202b, wParam=0x3002de, lParam=0xd7ddcc) returned 0x0
[0288.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x202b, wParam=0x3002de, lParam=0xd7ddcc) returned 0x0
[0288.536] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.538] GetWindowLongW (hWnd=0x3002da, nIndex=-8) returned 458844
[0288.538] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0288.538] GetCurrentThreadId () returned 0xf50
[0288.538] IsWindow (hWnd=0x7005c) returned 1
[0288.538] IsWindow (hWnd=0x7005c) returned 1
[0288.538] IsWindowVisible (hWnd=0x7005c) returned 1
[0288.538] SetActiveWindow (hWnd=0x7005c) returned 0x3002da
[0288.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0288.540] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0288.542] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0288.543] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0288.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0288.544] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0288.544] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0288.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3002da) returned 0x1
[0288.553] GetFocus () returned 0x3002de
[0288.553] SetFocus (hWnd=0x602c4) returned 0x3002de
[0288.553] GetFocus () returned 0x602c4
[0288.553] IsChild (hWndParent=0x3002da, hWnd=0x602c4) returned 0
[0288.553] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0288.554] GetCapture () returned 0x0
[0288.554] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.555] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0288.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0288.557] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.557] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0288.558] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.558] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0288.558] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0288.558] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x3002de, lParam=0x0) returned 0x0
[0288.558] GetStockObject (i=5) returned 0x900015
[0288.558] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0288.558] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed760) returned 0xc
[0288.558] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0288.559] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0288.559] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0288.559] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0288.564] GetFocus () returned 0x602c4
[0288.564] IsChild (hWndParent=0x3002da, hWnd=0x602c4) returned 0
[0288.564] ShowWindow (hWnd=0x3002da, nCmdShow=0) returned 1
[0288.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0288.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0288.566] GetWindowPlacement (in: hWnd=0x3002da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0288.566] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0288.566] GetClientRect (in: hWnd=0x3002da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0288.566] GetWindowRect (in: hWnd=0x3002da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0288.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0288.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0288.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0288.567] GetWindowLongW (hWnd=0x3002da, nIndex=-20) returned 327945
[0288.567] DestroyWindow (hWnd=0x3002da) returned 1
[0288.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0288.568] GetWindowTextLengthW (hWnd=0x3002da) returned 13
[0288.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.568] GetSystemMetrics (nIndex=42) returned 0
[0288.568] GetWindowTextW (in: hWnd=0x3002da, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0288.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0288.568] GetWindowTextLengthW (hWnd=0x3002dc) returned 0
[0288.568] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0288.568] GetSystemMetrics (nIndex=42) returned 0
[0288.568] GetWindowTextW (in: hWnd=0x3002dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0288.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0288.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0288.569] GetWindowThreadProcessId (in: hWnd=0x2a02c8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0288.569] GetWindow (hWnd=0x2a02c8, uCmd=0x5) returned 0x0
[0288.569] GetWindowLongW (hWnd=0x2a02c8, nIndex=-20) returned 65792
[0288.569] DestroyWindow (hWnd=0x2a02c8) returned 1
[0288.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0288.569] GetWindowTextLengthW (hWnd=0x2a02c8) returned 25
[0288.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0288.569] GetSystemMetrics (nIndex=42) returned 0
[0288.569] GetWindowTextW (in: hWnd=0x2a02c8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0288.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0288.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0288.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2a02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.570] GetWindowTextLengthW (hWnd=0x3300ea) returned 232
[0288.570] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0288.570] GetSystemMetrics (nIndex=42) returned 0
[0288.570] GetWindowTextW (in: hWnd=0x3300ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0288.570] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0288.570] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0288.570] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0288.571] InvalidateRect (hWnd=0x3002de, lpRect=0x0, bErase=0) returned 1
[0288.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0288.571] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0288.571] SendMessageW (hWnd=0x2602ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0288.571] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0288.571] SendMessageW (hWnd=0x2602ce, Msg=0xb0, wParam=0x2cbc128, lParam=0xd7e480) returned 0x0
[0288.571] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0xb0, wParam=0x2cbc128, lParam=0xd7e480) returned 0x0
[0288.571] GetWindowTextLengthW (hWnd=0x2602ce) returned 4363
[0288.571] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0288.571] GetSystemMetrics (nIndex=42) returned 0
[0288.571] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0288.571] GetWindowTextW (in: hWnd=0x2602ce, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0288.571] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0288.571] CoTaskMemFree (pv=0x1202960)
[0288.571] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0288.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.573] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3300ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.574] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.575] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3002de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.587] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2502d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.588] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2602ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0288.592] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.592] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.592] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.592] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.592] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.593] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.593] IsWindowUnicode (hWnd=0x7005c) returned 1
[0288.593] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.593] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.593] SetCursor (hCursor=0x10003) returned 0x10003
[0288.593] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.594] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.594] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0288.594] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0288.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0288.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a023e) returned 0x0
[0288.594] GetKeyState (nVirtKey=1) returned 1
[0288.594] GetKeyState (nVirtKey=2) returned 0
[0288.594] GetKeyState (nVirtKey=4) returned 0
[0288.594] GetKeyState (nVirtKey=5) returned 0
[0288.594] GetKeyState (nVirtKey=6) returned 0
[0288.594] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.595] IsWindowUnicode (hWnd=0x7005c) returned 1
[0288.595] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.595] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.595] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.595] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.595] IsWindowUnicode (hWnd=0x7005c) returned 1
[0288.595] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df02fc) returned 0x1
[0288.596] SetCursor (hCursor=0x10003) returned 0x10003
[0288.596] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.596] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a023e) returned 0x0
[0288.596] GetKeyState (nVirtKey=1) returned 1
[0288.596] GetKeyState (nVirtKey=2) returned 0
[0288.596] GetKeyState (nVirtKey=4) returned 0
[0288.596] GetKeyState (nVirtKey=5) returned 0
[0288.596] GetKeyState (nVirtKey=6) returned 0
[0288.596] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.596] IsWindowUnicode (hWnd=0x602c4) returned 1
[0288.596] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.596] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.596] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.597] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.597] IsWindowUnicode (hWnd=0x602c4) returned 1
[0288.597] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.597] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.597] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.597] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0288.597] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.598] CreateCompatibleDC (hdc=0x107b9) returned 0x7e01065e
[0288.598] SelectObject (hdc=0x7e01065e, h=0x4a0507fe) returned 0x85000f
[0288.598] GdipCreateFromHDC (hdc=0x7e01065e, graphics=0xd7e798) returned 0x0
[0288.598] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0288.598] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0288.598] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0288.598] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0288.598] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e7f8) returned 0x0
[0288.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0288.598] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee9f0) returned 0x0
[0288.598] LocalFree (hMem=0x11ee9f0) returned 0x0
[0288.598] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0288.598] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0288.598] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0288.598] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0288.598] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0288.598] GdipRestoreGraphics (graphics=0x6600030, state=0xf6420dbd) returned 0x0
[0288.598] GdipDeleteRegion (region=0x6646688) returned 0x0
[0288.599] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0288.599] GetCurrentObject (hdc=0x7e01065e, type=0x1) returned 0xb00017
[0288.599] GetCurrentObject (hdc=0x7e01065e, type=0x2) returned 0x900010
[0288.599] GetCurrentObject (hdc=0x7e01065e, type=0x7) returned 0x4a0507fe
[0288.599] GetCurrentObject (hdc=0x7e01065e, type=0x6) returned 0x8a01c2
[0288.599] SaveDC (hdc=0x7e01065e) returned 1
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0xff) returned 0xff
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0x55) returned 0x55
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0x0) returned 0x0
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0x55) returned 0x55
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0x0) returned 0x0
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0x8080ff) returned 0x8080ff
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0x7373e5) returned 0x7373e5
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0xe5) returned 0xe5
[0288.599] GetNearestColor (hdc=0x7e01065e, color=0x0) returned 0x0
[0288.599] RestoreDC (hdc=0x7e01065e, nSavedDC=-1) returned 1
[0288.599] GdipReleaseDC (graphics=0x6600030, hdc=0x7e01065e) returned 0x0
[0288.599] IsAppThemed () returned 0x1
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] IsAppThemed () returned 0x1
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2cf965c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0288.600] IsAppThemed () returned 0x1
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] IsAppThemed () returned 0x1
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] GetFocus () returned 0x602c4
[0288.600] IsAppThemed () returned 0x1
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] IsAppThemed () returned 0x1
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] GetThemeAppProperties () returned 0x3
[0288.600] IsThemePartDefined () returned 0x1
[0288.600] IsAppThemed () returned 0x1
[0288.601] GetThemeAppProperties () returned 0x3
[0288.601] GetThemeAppProperties () returned 0x3
[0288.601] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0288.601] IsAppThemed () returned 0x1
[0288.601] GetThemeAppProperties () returned 0x3
[0288.601] GetThemeAppProperties () returned 0x3
[0288.601] IsAppThemed () returned 0x1
[0288.601] GetThemeAppProperties () returned 0x3
[0288.601] GetThemeAppProperties () returned 0x3
[0288.601] IsThemePartDefined () returned 0x1
[0288.601] GdipCreateRegion (region=0xd7e508) returned 0x0
[0288.601] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0288.601] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0288.601] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0288.601] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e520) returned 0x0
[0288.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0288.601] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0288.601] LocalFree (hMem=0x11eecc8) returned 0x0
[0288.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0288.601] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0288.602] LocalFree (hMem=0x11eecc8) returned 0x0
[0288.602] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0288.602] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e548) returned 0x0
[0288.602] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e538) returned 0x0
[0288.602] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0288.602] GdipDeleteRegion (region=0x6646958) returned 0x0
[0288.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0288.602] GetCurrentObject (hdc=0x7e01065e, type=0x1) returned 0xb00017
[0288.602] GetCurrentObject (hdc=0x7e01065e, type=0x2) returned 0x900010
[0288.602] GetCurrentObject (hdc=0x7e01065e, type=0x7) returned 0x4a0507fe
[0288.602] GetCurrentObject (hdc=0x7e01065e, type=0x6) returned 0x8a01c2
[0288.602] SaveDC (hdc=0x7e01065e) returned 1
[0288.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfd040807
[0288.602] GetClipRgn (hdc=0x7e01065e, hrgn=0xfd040807) returned 0
[0288.602] SelectClipRgn (hdc=0x7e01065e, hrgn=0x8b0407de) returned 2
[0288.602] DeleteObject (ho=0xfd040807) returned 1
[0288.602] DeleteObject (ho=0x8b0407de) returned 1
[0288.602] OffsetViewportOrgEx (in: hdc=0x7e01065e, x=0, y=0, lppt=0x2cf9d0c | out: lppt=0x2cf9d0c) returned 1
[0288.602] DrawThemeParentBackground () returned 0x0
[0288.603] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0288.603] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0288.603] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.603] GetSystemMetrics (nIndex=42) returned 0
[0288.603] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0288.603] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0288.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0288.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0288.603] SelectPalette (hdc=0x7e01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.603] GdipCreateFromHDC (hdc=0x7e01065e, graphics=0xd7dff8) returned 0x0
[0288.603] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0288.603] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0288.603] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638b18) returned 0x0
[0288.603] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfd0) returned 0x0
[0288.603] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0288.603] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0288.603] GdipGetClip (graphics=0x6631910, region=0x6646958) returned 0x0
[0288.604] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6631910, result=0xd7dfc4) returned 0x0
[0288.604] GdipDeleteRegion (region=0x6646958) returned 0x0
[0288.604] GdipSaveGraphics (graphics=0x6631910, state=0xd7dff0) returned 0x0
[0288.604] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0288.625] GdipFillRectangleI (graphics=0x6631910, brush=0x664d6f0, x=0, y=0, width=801, height=453) returned 0x0
[0288.625] GdipDeleteBrush (brush=0x664d6f0) returned 0x0
[0288.626] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0288.626] SelectPalette (hdc=0x7e01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.627] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.627] GetSystemMetrics (nIndex=42) returned 0
[0288.627] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.627] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0288.627] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0288.627] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0288.627] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0288.627] SelectPalette (hdc=0x7e01065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0288.627] GdipCreateFromHDC (hdc=0x7e01065e, graphics=0xd7df98) returned 0x0
[0288.627] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0288.627] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0288.627] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638c38) returned 0x0
[0288.627] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df70) returned 0x0
[0288.627] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0288.627] GdipCreateRegion (region=0xd7df58) returned 0x0
[0288.627] GdipGetClip (graphics=0x6631910, region=0x6646448) returned 0x0
[0288.627] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6631910, result=0xd7df64) returned 0x0
[0288.627] GdipDeleteRegion (region=0x6646448) returned 0x0
[0288.627] GdipSaveGraphics (graphics=0x6631910, state=0xd7df90) returned 0x0
[0288.628] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0288.635] GdipFillRectangleI (graphics=0x6631910, brush=0x664d210, x=0, y=0, width=801, height=453) returned 0x0
[0288.635] GdipDeleteBrush (brush=0x664d210) returned 0x0
[0288.636] GdipRestoreGraphics (graphics=0x6631910, state=0xf63e0dbd) returned 0x0
[0288.636] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0288.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0288.636] GetSystemMetrics (nIndex=42) returned 0
[0288.636] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0288.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0288.636] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0288.636] SelectPalette (hdc=0x7e01065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.636] RestoreDC (hdc=0x7e01065e, nSavedDC=-1) returned 1
[0288.636] GdipReleaseDC (graphics=0x6600030, hdc=0x7e01065e) returned 0x0
[0288.636] IsAppThemed () returned 0x1
[0288.637] GetThemeAppProperties () returned 0x3
[0288.637] GetThemeAppProperties () returned 0x3
[0288.637] IsAppThemed () returned 0x1
[0288.637] GetThemeAppProperties () returned 0x3
[0288.637] GetThemeAppProperties () returned 0x3
[0288.637] IsThemePartDefined () returned 0x1
[0288.637] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0288.637] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0288.637] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0288.637] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0288.637] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e4a4) returned 0x0
[0288.637] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0288.637] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0288.637] LocalFree (hMem=0x11eecc8) returned 0x0
[0288.637] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0288.637] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0288.637] LocalFree (hMem=0x11ee788) returned 0x0
[0288.637] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0288.637] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0288.637] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0288.637] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0288.652] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0288.652] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0288.652] GetCurrentObject (hdc=0x7e01065e, type=0x1) returned 0xb00017
[0288.652] GetCurrentObject (hdc=0x7e01065e, type=0x2) returned 0x900010
[0288.652] GetCurrentObject (hdc=0x7e01065e, type=0x7) returned 0x4a0507fe
[0288.652] GetCurrentObject (hdc=0x7e01065e, type=0x6) returned 0x8a01c2
[0288.652] SaveDC (hdc=0x7e01065e) returned 1
[0288.652] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8c0407de
[0288.652] GetClipRgn (hdc=0x7e01065e, hrgn=0x8c0407de) returned 0
[0288.652] SelectClipRgn (hdc=0x7e01065e, hrgn=0xff040807) returned 2
[0288.652] DeleteObject (ho=0x8c0407de) returned 1
[0288.652] DeleteObject (ho=0xff040807) returned 1
[0288.652] OffsetViewportOrgEx (in: hdc=0x7e01065e, x=0, y=0, lppt=0x2d0055c | out: lppt=0x2d0055c) returned 1
[0288.652] IsAppThemed () returned 0x1
[0288.652] GetThemeAppProperties () returned 0x3
[0288.653] GetThemeAppProperties () returned 0x3
[0288.653] DrawThemeBackground () returned 0x0
[0288.653] RestoreDC (hdc=0x7e01065e, nSavedDC=-1) returned 1
[0288.653] GdipReleaseDC (graphics=0x6600030, hdc=0x7e01065e) returned 0x0
[0288.653] GdipCreateRegion (region=0xd7e490) returned 0x0
[0288.653] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0288.653] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0288.653] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0288.653] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e4a8) returned 0x0
[0288.653] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0288.653] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0288.658] LocalFree (hMem=0x11eecc8) returned 0x0
[0288.658] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0288.658] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0288.658] LocalFree (hMem=0x11eecc8) returned 0x0
[0288.658] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0288.658] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0288.658] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0288.658] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0288.658] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0288.658] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0288.658] GetCurrentObject (hdc=0x7e01065e, type=0x1) returned 0xb00017
[0288.658] GetCurrentObject (hdc=0x7e01065e, type=0x2) returned 0x900010
[0288.658] GetCurrentObject (hdc=0x7e01065e, type=0x7) returned 0x4a0507fe
[0288.658] GetCurrentObject (hdc=0x7e01065e, type=0x6) returned 0x8a01c2
[0288.658] SaveDC (hdc=0x7e01065e) returned 1
[0288.658] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x40807
[0288.658] GetClipRgn (hdc=0x7e01065e, hrgn=0x40807) returned 0
[0288.659] SelectClipRgn (hdc=0x7e01065e, hrgn=0x8d0407de) returned 2
[0288.659] DeleteObject (ho=0x40807) returned 1
[0288.659] DeleteObject (ho=0x8d0407de) returned 1
[0288.659] OffsetViewportOrgEx (in: hdc=0x7e01065e, x=0, y=0, lppt=0x2d00830 | out: lppt=0x2d00830) returned 1
[0288.659] IsAppThemed () returned 0x1
[0288.659] GetThemeAppProperties () returned 0x3
[0288.659] GetThemeAppProperties () returned 0x3
[0288.659] GetThemeBackgroundContentRect () returned 0x0
[0288.659] RestoreDC (hdc=0x7e01065e, nSavedDC=-1) returned 1
[0288.659] GdipReleaseDC (graphics=0x6600030, hdc=0x7e01065e) returned 0x0
[0288.659] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0288.659] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0288.659] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0288.659] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0288.659] IsAppThemed () returned 0x1
[0288.659] GetThemeAppProperties () returned 0x3
[0288.659] GetThemeAppProperties () returned 0x3
[0288.659] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0288.659] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0288.660] GetCurrentObject (hdc=0x7e01065e, type=0x1) returned 0xb00017
[0288.660] GetCurrentObject (hdc=0x7e01065e, type=0x2) returned 0x900010
[0288.660] GetCurrentObject (hdc=0x7e01065e, type=0x7) returned 0x4a0507fe
[0288.660] GetCurrentObject (hdc=0x7e01065e, type=0x6) returned 0x8a01c2
[0288.660] SaveDC (hdc=0x7e01065e) returned 1
[0288.660] GetTextAlign (hdc=0x7e01065e) returned 0x0
[0288.660] GetTextColor (hdc=0x7e01065e) returned 0x0
[0288.660] GetCurrentObject (hdc=0x7e01065e, type=0x6) returned 0x8a01c2
[0288.660] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0288.660] SelectObject (hdc=0x7e01065e, h=0x6d0a0520) returned 0x8a01c2
[0288.660] GetBkMode (hdc=0x7e01065e) returned 2
[0288.660] SetBkMode (hdc=0x7e01065e, mode=1) returned 2
[0288.660] DrawTextExW (in: hdc=0x7e01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d00bf4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0288.661] DrawTextExW (in: hdc=0x7e01065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d00bf4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0288.661] RestoreDC (hdc=0x7e01065e, nSavedDC=-1) returned 1
[0288.661] GdipReleaseDC (graphics=0x6600030, hdc=0x7e01065e) returned 0x0
[0288.661] GetFocus () returned 0x602c4
[0288.661] IsAppThemed () returned 0x1
[0288.661] GetThemeAppProperties () returned 0x3
[0288.661] GetThemeAppProperties () returned 0x3
[0288.661] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0288.661] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x7e01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0288.661] GdipReleaseDC (graphics=0x6600030, hdc=0x7e01065e) returned 0x0
[0288.661] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0288.661] SelectObject (hdc=0x7e01065e, h=0x85000f) returned 0x4a0507fe
[0288.661] DeleteDC (hdc=0x7e01065e) returned 1
[0288.662] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0288.662] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0288.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.662] WaitMessage () returned 1
[0288.662] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.662] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.662] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.662] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.662] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.663] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.663] WaitMessage () returned 1
[0288.664] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.664] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.664] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.664] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.664] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.665] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.665] WaitMessage () returned 1
[0288.666] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.666] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.666] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.666] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.666] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.667] WaitMessage () returned 1
[0288.667] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.667] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.667] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.667] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.667] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.668] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.669] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.669] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.669] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.669] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.669] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.669] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.669] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.669] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.669] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.669] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.670] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.670] WaitMessage () returned 1
[0288.670] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.670] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.670] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.670] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.670] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.672] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.672] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.672] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.672] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.672] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.672] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.672] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.672] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.672] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.672] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.672] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.673] WaitMessage () returned 1
[0288.673] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.673] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.673] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.673] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.673] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.674] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.675] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.675] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.675] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.675] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.675] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.675] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.675] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.675] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.675] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.675] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.676] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.676] WaitMessage () returned 1
[0288.676] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.676] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.676] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.676] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.676] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.677] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.677] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.677] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.677] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.677] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.678] IsWindowUnicode (hWnd=0x30122) returned 1
[0288.678] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.678] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.678] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.678] WaitMessage () returned 1
[0288.700] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.700] IsWindowUnicode (hWnd=0x7005c) returned 1
[0288.700] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.700] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.700] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.701] IsWindowUnicode (hWnd=0x7005c) returned 1
[0288.701] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.701] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.701] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.701] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10a023e) returned 0x0
[0288.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.701] WaitMessage () returned 1
[0288.859] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.859] IsWindowUnicode (hWnd=0x502c6) returned 1
[0288.859] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0288.859] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0288.859] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0288.859] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.859] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0288.859] WaitMessage () returned 1
[0290.763] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.763] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300fd) returned 0x1
[0290.764] IsWindowUnicode (hWnd=0x602c4) returned 1
[0290.764] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.764] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0290.764] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0290.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0290.764] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300fd) returned 0x1
[0290.764] IsWindowUnicode (hWnd=0x602c4) returned 1
[0290.764] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300fd) returned 0x1
[0290.764] SetCursor (hCursor=0x10003) returned 0x10003
[0290.764] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0290.764] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0290.764] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0290.764] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0290.764] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0290.764] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0290.765] GetKeyState (nVirtKey=1) returned 1
[0290.765] GetKeyState (nVirtKey=2) returned 0
[0290.765] GetKeyState (nVirtKey=4) returned 0
[0290.765] GetKeyState (nVirtKey=5) returned 0
[0290.765] GetKeyState (nVirtKey=6) returned 0
[0290.765] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.765] IsWindowUnicode (hWnd=0x602c4) returned 1
[0290.765] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.765] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0290.765] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0290.765] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0290.765] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0290.765] CreateCompatibleDC (hdc=0x107b9) returned 0xf8010671
[0290.765] SelectObject (hdc=0xf8010671, h=0x4a0507fe) returned 0x85000f
[0290.765] GdipCreateFromHDC (hdc=0xf8010671, graphics=0xd7e798) returned 0x0
[0290.766] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0290.766] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0290.766] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0290.766] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0290.766] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e7f8) returned 0x0
[0290.766] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0290.766] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee8d8) returned 0x0
[0290.766] LocalFree (hMem=0x11ee8d8) returned 0x0
[0290.766] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0290.766] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0290.766] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0290.766] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0290.766] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0290.766] GdipRestoreGraphics (graphics=0x6600030, state=0xf63c0dbd) returned 0x0
[0290.766] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0290.766] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0290.766] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0290.766] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0290.766] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0290.766] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0290.766] SaveDC (hdc=0xf8010671) returned 1
[0290.767] GetNearestColor (hdc=0xf8010671, color=0xff) returned 0xff
[0290.767] GetNearestColor (hdc=0xf8010671, color=0x55) returned 0x55
[0290.767] GetNearestColor (hdc=0xf8010671, color=0x0) returned 0x0
[0290.767] GetNearestColor (hdc=0xf8010671, color=0x55) returned 0x55
[0290.767] GetNearestColor (hdc=0xf8010671, color=0x0) returned 0x0
[0290.767] GetNearestColor (hdc=0xf8010671, color=0x8080ff) returned 0x8080ff
[0290.767] GetNearestColor (hdc=0xf8010671, color=0x7373e5) returned 0x7373e5
[0290.767] GetNearestColor (hdc=0xf8010671, color=0xe5) returned 0xe5
[0290.767] GetNearestColor (hdc=0xf8010671, color=0x0) returned 0x0
[0290.767] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0290.767] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0290.767] IsAppThemed () returned 0x1
[0290.767] GetThemeAppProperties () returned 0x3
[0290.767] GetThemeAppProperties () returned 0x3
[0290.767] IsAppThemed () returned 0x1
[0290.767] GetThemeAppProperties () returned 0x3
[0290.767] GetThemeAppProperties () returned 0x3
[0290.767] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d01564 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0290.768] IsAppThemed () returned 0x1
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] IsAppThemed () returned 0x1
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] IsAppThemed () returned 0x1
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] IsAppThemed () returned 0x1
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] IsThemePartDefined () returned 0x1
[0290.768] IsAppThemed () returned 0x1
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0290.768] IsAppThemed () returned 0x1
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] GetThemeAppProperties () returned 0x3
[0290.768] IsAppThemed () returned 0x1
[0290.769] GetThemeAppProperties () returned 0x3
[0290.769] GetThemeAppProperties () returned 0x3
[0290.769] IsThemePartDefined () returned 0x1
[0290.769] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0290.769] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0290.769] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0290.769] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0290.769] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e514) returned 0x0
[0290.769] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0290.769] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0290.769] LocalFree (hMem=0x11eec58) returned 0x0
[0290.769] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0290.769] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0290.769] LocalFree (hMem=0x11eec58) returned 0x0
[0290.769] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0290.769] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0290.769] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0290.769] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0290.769] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0290.769] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0290.769] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0290.769] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0290.769] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0290.769] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0290.770] SaveDC (hdc=0xf8010671) returned 1
[0290.770] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8e0407de
[0290.770] GetClipRgn (hdc=0xf8010671, hrgn=0x8e0407de) returned 0
[0290.770] SelectClipRgn (hdc=0xf8010671, hrgn=0x4040807) returned 2
[0290.770] DeleteObject (ho=0x8e0407de) returned 1
[0290.770] DeleteObject (ho=0x4040807) returned 1
[0290.770] OffsetViewportOrgEx (in: hdc=0xf8010671, x=0, y=0, lppt=0x2d01c14 | out: lppt=0x2d01c14) returned 1
[0290.770] DrawThemeParentBackground () returned 0x0
[0290.770] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0290.770] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0290.770] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0290.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0290.770] GetSystemMetrics (nIndex=42) returned 0
[0290.770] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0290.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0290.770] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0290.770] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0290.770] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0290.770] SelectPalette (hdc=0xf8010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0290.771] GdipCreateFromHDC (hdc=0xf8010671, graphics=0xd7dff0) returned 0x0
[0290.771] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0290.771] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0290.771] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638ab8) returned 0x0
[0290.771] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dfc8) returned 0x0
[0290.771] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0290.771] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0290.771] GdipGetClip (graphics=0x6631910, region=0x6646718) returned 0x0
[0290.771] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6631910, result=0xd7dfbc) returned 0x0
[0290.771] GdipDeleteRegion (region=0x6646718) returned 0x0
[0290.771] GdipSaveGraphics (graphics=0x6631910, state=0xd7dfe8) returned 0x0
[0290.771] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0290.777] GdipFillRectangleI (graphics=0x6631910, brush=0x664d6f0, x=0, y=0, width=801, height=453) returned 0x0
[0290.778] GdipDeleteBrush (brush=0x664d6f0) returned 0x0
[0290.779] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0290.779] SelectPalette (hdc=0xf8010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0290.779] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0290.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0290.779] GetSystemMetrics (nIndex=42) returned 0
[0290.779] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0290.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0290.779] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0290.779] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0290.779] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0290.779] SelectPalette (hdc=0xf8010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0290.779] GdipCreateFromHDC (hdc=0xf8010671, graphics=0xd7df90) returned 0x0
[0290.780] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0290.780] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0290.780] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638a28) returned 0x0
[0290.780] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0290.780] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0290.780] GdipCreateRegion (region=0xd7df50) returned 0x0
[0290.780] GdipGetClip (graphics=0x6631910, region=0x6646cb8) returned 0x0
[0290.780] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6631910, result=0xd7df5c) returned 0x0
[0290.780] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0290.780] GdipSaveGraphics (graphics=0x6631910, state=0xd7df88) returned 0x0
[0290.780] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0290.786] GdipFillRectangleI (graphics=0x6631910, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0290.786] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0290.787] GdipRestoreGraphics (graphics=0x6631910, state=0xf6380dbd) returned 0x0
[0290.787] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0290.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0290.788] GetSystemMetrics (nIndex=42) returned 0
[0290.788] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0290.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0290.788] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0290.788] SelectPalette (hdc=0xf8010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0290.788] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0290.788] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0290.788] IsAppThemed () returned 0x1
[0290.788] GetThemeAppProperties () returned 0x3
[0290.788] GetThemeAppProperties () returned 0x3
[0290.788] IsAppThemed () returned 0x1
[0290.788] GetThemeAppProperties () returned 0x3
[0290.788] GetThemeAppProperties () returned 0x3
[0290.788] IsThemePartDefined () returned 0x1
[0290.788] GdipCreateRegion (region=0xd7e480) returned 0x0
[0290.788] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0290.788] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0290.788] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0290.788] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e498) returned 0x0
[0290.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0290.789] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0290.789] LocalFree (hMem=0x11ee9f0) returned 0x0
[0290.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0290.789] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0290.789] LocalFree (hMem=0x11ee788) returned 0x0
[0290.789] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0290.789] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0290.789] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0290.789] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0290.789] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0290.789] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0290.789] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0290.789] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0290.789] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0290.789] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0290.789] SaveDC (hdc=0xf8010671) returned 1
[0290.789] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5040807
[0290.789] GetClipRgn (hdc=0xf8010671, hrgn=0x5040807) returned 0
[0290.789] SelectClipRgn (hdc=0xf8010671, hrgn=0x900407de) returned 2
[0290.789] DeleteObject (ho=0x5040807) returned 1
[0290.790] DeleteObject (ho=0x900407de) returned 1
[0290.790] OffsetViewportOrgEx (in: hdc=0xf8010671, x=0, y=0, lppt=0x2d08464 | out: lppt=0x2d08464) returned 1
[0290.790] IsAppThemed () returned 0x1
[0290.790] GetThemeAppProperties () returned 0x3
[0290.790] GetThemeAppProperties () returned 0x3
[0290.790] DrawThemeBackground () returned 0x0
[0290.790] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0290.790] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0290.790] GdipCreateRegion (region=0xd7e484) returned 0x0
[0290.790] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0290.790] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0290.790] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0290.790] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e49c) returned 0x0
[0290.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0290.790] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0290.790] LocalFree (hMem=0x11ee788) returned 0x0
[0290.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0290.790] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0290.790] LocalFree (hMem=0x11ee788) returned 0x0
[0290.790] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0290.790] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0290.790] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0290.790] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0290.791] GdipDeleteRegion (region=0x6646298) returned 0x0
[0290.791] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0290.791] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0290.791] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0290.791] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0290.791] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0290.791] SaveDC (hdc=0xf8010671) returned 1
[0290.791] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x910407de
[0290.791] GetClipRgn (hdc=0xf8010671, hrgn=0x910407de) returned 0
[0290.791] SelectClipRgn (hdc=0xf8010671, hrgn=0x6040807) returned 2
[0290.791] DeleteObject (ho=0x910407de) returned 1
[0290.791] DeleteObject (ho=0x6040807) returned 1
[0290.791] OffsetViewportOrgEx (in: hdc=0xf8010671, x=0, y=0, lppt=0x2d08738 | out: lppt=0x2d08738) returned 1
[0290.791] IsAppThemed () returned 0x1
[0290.791] GetThemeAppProperties () returned 0x3
[0290.791] GetThemeAppProperties () returned 0x3
[0290.791] GetThemeBackgroundContentRect () returned 0x0
[0290.791] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0290.791] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0290.791] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0290.791] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0290.792] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0290.792] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0290.792] IsAppThemed () returned 0x1
[0290.792] GetThemeAppProperties () returned 0x3
[0290.792] GetThemeAppProperties () returned 0x3
[0290.792] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0290.792] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0290.792] GetCurrentObject (hdc=0xf8010671, type=0x1) returned 0xb00017
[0290.792] GetCurrentObject (hdc=0xf8010671, type=0x2) returned 0x900010
[0290.792] GetCurrentObject (hdc=0xf8010671, type=0x7) returned 0x4a0507fe
[0290.792] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0290.792] SaveDC (hdc=0xf8010671) returned 1
[0290.792] GetTextAlign (hdc=0xf8010671) returned 0x0
[0290.792] GetTextColor (hdc=0xf8010671) returned 0x0
[0290.792] GetCurrentObject (hdc=0xf8010671, type=0x6) returned 0x8a01c2
[0290.792] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0290.792] SelectObject (hdc=0xf8010671, h=0x6d0a0520) returned 0x8a01c2
[0290.792] GetBkMode (hdc=0xf8010671) returned 2
[0290.792] SetBkMode (hdc=0xf8010671, mode=1) returned 2
[0290.793] DrawTextExW (in: hdc=0xf8010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d08afc | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0290.793] DrawTextExW (in: hdc=0xf8010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d08afc | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0290.793] RestoreDC (hdc=0xf8010671, nSavedDC=-1) returned 1
[0290.793] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0290.793] GetFocus () returned 0x602c4
[0290.793] IsAppThemed () returned 0x1
[0290.793] GetThemeAppProperties () returned 0x3
[0290.793] GetThemeAppProperties () returned 0x3
[0290.793] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0290.793] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xf8010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0290.794] GdipReleaseDC (graphics=0x6600030, hdc=0xf8010671) returned 0x0
[0290.794] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0290.794] SelectObject (hdc=0xf8010671, h=0x85000f) returned 0x4a0507fe
[0290.794] DeleteDC (hdc=0xf8010671) returned 1
[0290.794] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0290.794] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0290.794] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0290.794] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0290.794] WaitMessage () returned 1
[0290.872] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.872] IsWindowUnicode (hWnd=0x602c4) returned 1
[0290.872] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.872] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0290.872] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0290.872] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.873] IsWindowUnicode (hWnd=0x602c4) returned 1
[0290.873] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0290.873] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0290.873] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0290.873] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0022) returned 0x0
[0290.873] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0290.873] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0290.873] WaitMessage () returned 1
[0291.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.002] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300fd) returned 0x1
[0291.002] IsWindowUnicode (hWnd=0x602c4) returned 1
[0291.002] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.002] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300fd) returned 0x1
[0291.002] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0291.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e003f) returned 0x0
[0291.002] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0291.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0291.002] SetCursor (hCursor=0x10003) returned 0x10003
[0291.002] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.002] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.003] GetKeyState (nVirtKey=1) returned -128
[0291.003] GetKeyState (nVirtKey=2) returned 0
[0291.003] GetKeyState (nVirtKey=4) returned 0
[0291.003] GetKeyState (nVirtKey=5) returned 0
[0291.003] GetKeyState (nVirtKey=6) returned 0
[0291.003] IsWindowVisible (hWnd=0x602c4) returned 1
[0291.003] IsWindowEnabled (hWnd=0x602c4) returned 1
[0291.003] SetFocus (hWnd=0x602c4) returned 0x602c4
[0291.003] GetFocus () returned 0x602c4
[0291.003] GetFocus () returned 0x602c4
[0291.003] GetFocus () returned 0x602c4
[0291.003] GetKeyState (nVirtKey=1) returned -128
[0291.003] GetKeyState (nVirtKey=2) returned 0
[0291.003] GetKeyState (nVirtKey=4) returned 0
[0291.003] GetKeyState (nVirtKey=5) returned 0
[0291.003] GetKeyState (nVirtKey=6) returned 0
[0291.003] GetCapture () returned 0x0
[0291.003] SetCapture (hWnd=0x602c4) returned 0x0
[0291.003] GetKeyState (nVirtKey=1) returned -128
[0291.003] GetKeyState (nVirtKey=2) returned 0
[0291.003] GetKeyState (nVirtKey=4) returned 0
[0291.003] GetKeyState (nVirtKey=5) returned 0
[0291.003] GetKeyState (nVirtKey=6) returned 0
[0291.003] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0291.003] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0291.003] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.004] IsWindowUnicode (hWnd=0x602c4) returned 1
[0291.004] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.004] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.004] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.004] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d08c80, cPoints=0x1 | out: lpPoints=0x2d08c80) returned 40304859
[0291.004] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0291.004] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0291.004] UpdateWindow (hWnd=0x602c4) returned 1
[0291.004] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0291.004] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.004] CreateCompatibleDC (hdc=0x107b9) returned 0xf9010671
[0291.004] SelectObject (hdc=0xf9010671, h=0x4a0507fe) returned 0x85000f
[0291.004] GdipCreateFromHDC (hdc=0xf9010671, graphics=0xd7e430) returned 0x0
[0291.004] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.004] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0291.005] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0291.005] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0291.005] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e490) returned 0x0
[0291.005] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0291.005] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee8d8) returned 0x0
[0291.005] LocalFree (hMem=0x11ee8d8) returned 0x0
[0291.005] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0291.005] GdipCreateRegion (region=0xd7e478) returned 0x0
[0291.005] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0291.005] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e484) returned 0x0
[0291.005] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0291.005] GdipRestoreGraphics (graphics=0x6600030, state=0xf6360dbd) returned 0x0
[0291.005] GdipDeleteRegion (region=0x6646838) returned 0x0
[0291.005] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0291.005] GetCurrentObject (hdc=0xf9010671, type=0x1) returned 0xb00017
[0291.005] GetCurrentObject (hdc=0xf9010671, type=0x2) returned 0x900010
[0291.005] GetCurrentObject (hdc=0xf9010671, type=0x7) returned 0x4a0507fe
[0291.005] GetCurrentObject (hdc=0xf9010671, type=0x6) returned 0x8a01c2
[0291.005] SaveDC (hdc=0xf9010671) returned 1
[0291.005] GetNearestColor (hdc=0xf9010671, color=0xff) returned 0xff
[0291.006] GetNearestColor (hdc=0xf9010671, color=0x55) returned 0x55
[0291.006] GetNearestColor (hdc=0xf9010671, color=0x0) returned 0x0
[0291.006] GetNearestColor (hdc=0xf9010671, color=0x55) returned 0x55
[0291.006] GetNearestColor (hdc=0xf9010671, color=0x0) returned 0x0
[0291.006] GetNearestColor (hdc=0xf9010671, color=0x8080ff) returned 0x8080ff
[0291.006] GetNearestColor (hdc=0xf9010671, color=0x7373e5) returned 0x7373e5
[0291.006] GetNearestColor (hdc=0xf9010671, color=0xe5) returned 0xe5
[0291.006] GetNearestColor (hdc=0xf9010671, color=0x0) returned 0x0
[0291.006] RestoreDC (hdc=0xf9010671, nSavedDC=-1) returned 1
[0291.006] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010671) returned 0x0
[0291.006] IsAppThemed () returned 0x1
[0291.006] GetThemeAppProperties () returned 0x3
[0291.006] GetThemeAppProperties () returned 0x3
[0291.006] IsAppThemed () returned 0x1
[0291.006] GetThemeAppProperties () returned 0x3
[0291.006] GetThemeAppProperties () returned 0x3
[0291.006] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d0939c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0291.007] IsAppThemed () returned 0x1
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] IsAppThemed () returned 0x1
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] IsAppThemed () returned 0x1
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] IsAppThemed () returned 0x1
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] IsThemePartDefined () returned 0x1
[0291.007] IsAppThemed () returned 0x1
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] GetThemeAppProperties () returned 0x3
[0291.007] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0291.007] IsAppThemed () returned 0x1
[0291.007] GetThemeAppProperties () returned 0x3
[0291.008] GetThemeAppProperties () returned 0x3
[0291.008] IsAppThemed () returned 0x1
[0291.008] GetThemeAppProperties () returned 0x3
[0291.008] GetThemeAppProperties () returned 0x3
[0291.008] IsThemePartDefined () returned 0x1
[0291.008] GdipCreateRegion (region=0xd7e194) returned 0x0
[0291.008] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0291.008] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0291.008] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0291.008] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e1ac) returned 0x0
[0291.008] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.008] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0291.008] LocalFree (hMem=0x11ee868) returned 0x0
[0291.008] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0291.008] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0291.009] LocalFree (hMem=0x11ee9f0) returned 0x0
[0291.009] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0291.009] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0291.009] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0291.009] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0291.009] GdipDeleteRegion (region=0x6646688) returned 0x0
[0291.009] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0291.009] GetCurrentObject (hdc=0xf9010671, type=0x1) returned 0xb00017
[0291.009] GetCurrentObject (hdc=0xf9010671, type=0x2) returned 0x900010
[0291.009] GetCurrentObject (hdc=0xf9010671, type=0x7) returned 0x4a0507fe
[0291.009] GetCurrentObject (hdc=0xf9010671, type=0x6) returned 0x8a01c2
[0291.009] SaveDC (hdc=0xf9010671) returned 1
[0291.009] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7040807
[0291.009] GetClipRgn (hdc=0xf9010671, hrgn=0x7040807) returned 0
[0291.009] SelectClipRgn (hdc=0xf9010671, hrgn=0x950407de) returned 2
[0291.009] DeleteObject (ho=0x7040807) returned 1
[0291.009] DeleteObject (ho=0x950407de) returned 1
[0291.009] OffsetViewportOrgEx (in: hdc=0xf9010671, x=0, y=0, lppt=0x2d09a4c | out: lppt=0x2d09a4c) returned 1
[0291.009] DrawThemeParentBackground () returned 0x0
[0291.010] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0291.010] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0291.010] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.010] GetSystemMetrics (nIndex=42) returned 0
[0291.010] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0291.010] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0291.010] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0291.010] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0291.010] SelectPalette (hdc=0xf9010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.010] GdipCreateFromHDC (hdc=0xf9010671, graphics=0xd7dc88) returned 0x0
[0291.010] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0291.010] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0291.010] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638cc8) returned 0x0
[0291.010] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc60) returned 0x0
[0291.010] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0291.010] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0291.010] GdipGetClip (graphics=0x6631910, region=0x6646298) returned 0x0
[0291.010] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6631910, result=0xd7dc54) returned 0x0
[0291.011] GdipDeleteRegion (region=0x6646298) returned 0x0
[0291.011] GdipSaveGraphics (graphics=0x6631910, state=0xd7dc80) returned 0x0
[0291.011] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0291.017] GdipFillRectangleI (graphics=0x6631910, brush=0x664d480, x=0, y=0, width=801, height=453) returned 0x0
[0291.018] GdipDeleteBrush (brush=0x664d480) returned 0x0
[0291.019] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0291.019] SelectPalette (hdc=0xf9010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.019] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.019] GetSystemMetrics (nIndex=42) returned 0
[0291.019] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.019] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0291.019] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0291.019] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0291.019] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0291.019] SelectPalette (hdc=0xf9010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.019] GdipCreateFromHDC (hdc=0xf9010671, graphics=0xd7dc28) returned 0x0
[0291.020] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0291.020] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0291.020] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638ab8) returned 0x0
[0291.020] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc00) returned 0x0
[0291.020] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0291.020] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0291.020] GdipGetClip (graphics=0x6631910, region=0x6646dd8) returned 0x0
[0291.020] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6631910, result=0xd7dbf4) returned 0x0
[0291.020] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0291.020] GdipSaveGraphics (graphics=0x6631910, state=0xd7dc20) returned 0x0
[0291.020] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0291.027] GdipFillRectangleI (graphics=0x6631910, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0291.027] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0291.037] GdipRestoreGraphics (graphics=0x6631910, state=0xf6320dbd) returned 0x0
[0291.037] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.037] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.037] GetSystemMetrics (nIndex=42) returned 0
[0291.037] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.037] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0291.038] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0291.038] SelectPalette (hdc=0xf9010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.038] RestoreDC (hdc=0xf9010671, nSavedDC=-1) returned 1
[0291.038] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010671) returned 0x0
[0291.038] IsAppThemed () returned 0x1
[0291.038] GetThemeAppProperties () returned 0x3
[0291.038] GetThemeAppProperties () returned 0x3
[0291.038] IsAppThemed () returned 0x1
[0291.038] GetThemeAppProperties () returned 0x3
[0291.038] GetThemeAppProperties () returned 0x3
[0291.038] IsThemePartDefined () returned 0x1
[0291.038] GdipCreateRegion (region=0xd7e118) returned 0x0
[0291.038] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0291.038] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0291.038] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0291.038] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e130) returned 0x0
[0291.039] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.039] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0291.039] LocalFree (hMem=0x11ee868) returned 0x0
[0291.039] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0291.039] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0291.039] LocalFree (hMem=0x11eea60) returned 0x0
[0291.039] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0291.039] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0291.039] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0291.039] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0291.039] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0291.039] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0291.039] GetCurrentObject (hdc=0xf9010671, type=0x1) returned 0xb00017
[0291.039] GetCurrentObject (hdc=0xf9010671, type=0x2) returned 0x900010
[0291.039] GetCurrentObject (hdc=0xf9010671, type=0x7) returned 0x4a0507fe
[0291.039] GetCurrentObject (hdc=0xf9010671, type=0x6) returned 0x8a01c2
[0291.039] SaveDC (hdc=0xf9010671) returned 1
[0291.039] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x960407de
[0291.039] GetClipRgn (hdc=0xf9010671, hrgn=0x960407de) returned 0
[0291.039] SelectClipRgn (hdc=0xf9010671, hrgn=0x9040807) returned 2
[0291.040] DeleteObject (ho=0x960407de) returned 1
[0291.040] DeleteObject (ho=0x9040807) returned 1
[0291.040] OffsetViewportOrgEx (in: hdc=0xf9010671, x=0, y=0, lppt=0x2d1029c | out: lppt=0x2d1029c) returned 1
[0291.040] IsAppThemed () returned 0x1
[0291.040] GetThemeAppProperties () returned 0x3
[0291.040] GetThemeAppProperties () returned 0x3
[0291.040] DrawThemeBackground () returned 0x0
[0291.040] RestoreDC (hdc=0xf9010671, nSavedDC=-1) returned 1
[0291.040] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010671) returned 0x0
[0291.040] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0291.040] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0291.040] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0291.040] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0291.040] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e134) returned 0x0
[0291.040] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0291.040] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eed00) returned 0x0
[0291.040] LocalFree (hMem=0x11eed00) returned 0x0
[0291.041] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0291.041] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eecc8) returned 0x0
[0291.041] LocalFree (hMem=0x11eecc8) returned 0x0
[0291.041] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0291.041] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0291.041] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0291.041] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0291.041] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0291.041] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0291.041] GetCurrentObject (hdc=0xf9010671, type=0x1) returned 0xb00017
[0291.041] GetCurrentObject (hdc=0xf9010671, type=0x2) returned 0x900010
[0291.041] GetCurrentObject (hdc=0xf9010671, type=0x7) returned 0x4a0507fe
[0291.041] GetCurrentObject (hdc=0xf9010671, type=0x6) returned 0x8a01c2
[0291.041] SaveDC (hdc=0xf9010671) returned 1
[0291.041] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa040807
[0291.041] GetClipRgn (hdc=0xf9010671, hrgn=0xa040807) returned 0
[0291.041] SelectClipRgn (hdc=0xf9010671, hrgn=0x970407de) returned 2
[0291.041] DeleteObject (ho=0xa040807) returned 1
[0291.041] DeleteObject (ho=0x970407de) returned 1
[0291.041] OffsetViewportOrgEx (in: hdc=0xf9010671, x=0, y=0, lppt=0x2d10570 | out: lppt=0x2d10570) returned 1
[0291.041] IsAppThemed () returned 0x1
[0291.042] GetThemeAppProperties () returned 0x3
[0291.042] GetThemeAppProperties () returned 0x3
[0291.042] GetThemeBackgroundContentRect () returned 0x0
[0291.042] RestoreDC (hdc=0xf9010671, nSavedDC=-1) returned 1
[0291.042] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010671) returned 0x0
[0291.042] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0291.042] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0291.042] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0291.042] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0291.042] IsAppThemed () returned 0x1
[0291.042] GetThemeAppProperties () returned 0x3
[0291.042] GetThemeAppProperties () returned 0x3
[0291.042] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0291.042] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0291.042] GetCurrentObject (hdc=0xf9010671, type=0x1) returned 0xb00017
[0291.042] GetCurrentObject (hdc=0xf9010671, type=0x2) returned 0x900010
[0291.042] GetCurrentObject (hdc=0xf9010671, type=0x7) returned 0x4a0507fe
[0291.042] GetCurrentObject (hdc=0xf9010671, type=0x6) returned 0x8a01c2
[0291.042] SaveDC (hdc=0xf9010671) returned 1
[0291.042] GetTextAlign (hdc=0xf9010671) returned 0x0
[0291.042] GetTextColor (hdc=0xf9010671) returned 0x0
[0291.042] GetCurrentObject (hdc=0xf9010671, type=0x6) returned 0x8a01c2
[0291.043] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0291.043] SelectObject (hdc=0xf9010671, h=0x6d0a0520) returned 0x8a01c2
[0291.043] GetBkMode (hdc=0xf9010671) returned 2
[0291.043] SetBkMode (hdc=0xf9010671, mode=1) returned 2
[0291.043] DrawTextExW (in: hdc=0xf9010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d10934 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0291.043] DrawTextExW (in: hdc=0xf9010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d10934 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0291.043] RestoreDC (hdc=0xf9010671, nSavedDC=-1) returned 1
[0291.043] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010671) returned 0x0
[0291.044] GetFocus () returned 0x602c4
[0291.044] IsAppThemed () returned 0x1
[0291.044] GetThemeAppProperties () returned 0x3
[0291.044] GetThemeAppProperties () returned 0x3
[0291.044] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0291.044] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xf9010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.045] GdipReleaseDC (graphics=0x6600030, hdc=0xf9010671) returned 0x0
[0291.045] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.045] SelectObject (hdc=0xf9010671, h=0x85000f) returned 0x4a0507fe
[0291.045] DeleteDC (hdc=0xf9010671) returned 1
[0291.045] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.045] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0291.045] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d10a30, cPoints=0x1 | out: lpPoints=0x2d10a30) returned 40304859
[0291.045] WindowFromPoint (Point=0xfd) returned 0x602c4
[0291.045] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300fd) returned 0x1
[0291.045] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0291.045] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0291.045] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0291.045] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0291.045] GetSystemMetrics (nIndex=42) returned 0
[0291.046] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0291.046] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0291.047] GetCapture () returned 0x602c4
[0291.047] ReleaseCapture () returned 1
[0291.047] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0291.047] GetProcessWindowStation () returned 0x13c
[0291.048] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.048] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0291.048] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.048] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0291.049] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.049] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0291.049] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.049] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0291.049] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.049] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0291.049] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.049] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0291.049] GetDC (hWnd=0x0) returned 0xc0107c5
[0291.050] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0291.050] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0291.050] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.050] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0291.050] GetSystemMetrics (nIndex=5) returned 1
[0291.050] GetSystemMetrics (nIndex=6) returned 1
[0291.050] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.050] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0291.051] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.051] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0291.053] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0291.053] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0291.054] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.054] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0291.054] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.054] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0291.055] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d1644c | out: lpData=0x2d1644c) returned 1
[0291.055] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d1685c, puLen=0xd7e810) returned 1
[0291.056] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16504, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16558, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d165d8, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16640, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16680, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16708, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16744, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1679c, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d167cc, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d16808, puLen=0xd7e790) returned 1
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d1685c, puLen=0xd7e784) returned 1
[0291.057] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.057] VerQueryValueW (in: pBlock=0x2d1644c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d16474, puLen=0xd7e794) returned 1
[0291.058] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0291.058] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0291.058] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.058] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0291.058] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.058] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0291.058] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d183bc | out: lpData=0x2d183bc) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d18458, puLen=0xd7e810) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d184d0, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18500, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1853c, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1856c, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d185b4, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1862c, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d18670, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d186b0, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d184ae, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d185fc, puLen=0xd7e790) returned 1
[0291.058] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.059] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.059] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d18458, puLen=0xd7e784) returned 1
[0291.059] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0291.059] VerQueryValueW (in: pBlock=0x2d183bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d183e4, puLen=0xd7e794) returned 1
[0291.060] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0291.060] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0291.060] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.060] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0291.060] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.060] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0291.061] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d1a694 | out: lpData=0x2d1a694) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d1aaa8, puLen=0xd7e810) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a74c, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a7a0, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a7fc, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a85c, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a8b4, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a93c, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a990, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1a9e8, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1aa18, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1aa54, puLen=0xd7e790) returned 1
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d1aaa8, puLen=0xd7e784) returned 1
[0291.062] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.062] VerQueryValueW (in: pBlock=0x2d1a694, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d1a6bc, puLen=0xd7e794) returned 1
[0291.063] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0291.063] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0291.063] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.063] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0291.063] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.063] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0291.064] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d1cccc | out: lpData=0x2d1cccc) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d1d0cc, puLen=0xd7e810) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1cd84, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1cdd8, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1ce18, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1ce80, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1ced8, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1cf60, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1cfb4, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1d00c, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1d03c, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1d078, puLen=0xd7e790) returned 1
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d1d0cc, puLen=0xd7e784) returned 1
[0291.065] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.065] VerQueryValueW (in: pBlock=0x2d1cccc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d1ccf4, puLen=0xd7e794) returned 1
[0291.066] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0291.066] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0291.066] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.066] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0291.066] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.066] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0291.067] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d1f408 | out: lpData=0x2d1f408) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d1f7d0, puLen=0xd7e810) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f4c0, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f514, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f554, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f5bc, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f5f8, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f680, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f6b8, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f710, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f740, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d1f77c, puLen=0xd7e790) returned 1
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d1f7d0, puLen=0xd7e784) returned 1
[0291.068] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.068] VerQueryValueW (in: pBlock=0x2d1f408, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d1f430, puLen=0xd7e794) returned 1
[0291.069] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0291.069] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0291.069] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.069] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0291.069] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.069] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0291.070] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d22a70 | out: lpData=0x2d22a70) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d22e50, puLen=0xd7e810) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22b28, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22b7c, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22bbc, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22c1c, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22c68, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22cf0, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22d38, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22d90, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22dc0, puLen=0xd7e790) returned 1
[0291.070] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.071] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d22dfc, puLen=0xd7e790) returned 1
[0291.071] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.071] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d22e50, puLen=0xd7e784) returned 1
[0291.071] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.071] VerQueryValueW (in: pBlock=0x2d22a70, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d22a98, puLen=0xd7e794) returned 1
[0291.071] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0291.071] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0291.071] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.072] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0291.072] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.072] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0291.072] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d25290 | out: lpData=0x2d25290) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2569c, puLen=0xd7e810) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25348, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2539c, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d253f0, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25450, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d254a8, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25530, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25584, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d255dc, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2560c, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d25648, puLen=0xd7e790) returned 1
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2569c, puLen=0xd7e784) returned 1
[0291.073] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.073] VerQueryValueW (in: pBlock=0x2d25290, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d252b8, puLen=0xd7e794) returned 1
[0291.074] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0291.074] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0291.074] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.074] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0291.074] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.074] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0291.075] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d27aa4 | out: lpData=0x2d27aa4) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d27e7c, puLen=0xd7e810) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27b5c, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27bb0, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27bf0, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27c58, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27c9c, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27d24, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27d64, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27dbc, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27dec, puLen=0xd7e790) returned 1
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.076] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d27e28, puLen=0xd7e790) returned 1
[0291.077] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.077] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d27e7c, puLen=0xd7e784) returned 1
[0291.077] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.077] VerQueryValueW (in: pBlock=0x2d27aa4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d27acc, puLen=0xd7e794) returned 1
[0291.077] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0291.077] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0291.078] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.078] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0291.078] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.078] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0291.078] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d29ffc | out: lpData=0x2d29ffc) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2a3d4, puLen=0xd7e810) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a0b4, puLen=0xd7e790) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a108, puLen=0xd7e790) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a148, puLen=0xd7e790) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a1b0, puLen=0xd7e790) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a1f4, puLen=0xd7e790) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a27c, puLen=0xd7e790) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a2bc, puLen=0xd7e790) returned 1
[0291.079] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a314, puLen=0xd7e790) returned 1
[0291.080] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a344, puLen=0xd7e790) returned 1
[0291.080] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.080] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2a380, puLen=0xd7e790) returned 1
[0291.080] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.080] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2a3d4, puLen=0xd7e784) returned 1
[0291.080] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.080] VerQueryValueW (in: pBlock=0x2d29ffc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2a024, puLen=0xd7e794) returned 1
[0291.080] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0291.080] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0291.080] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0291.081] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0291.081] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0291.081] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0291.081] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d2c734 | out: lpData=0x2d2c734) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d2cb64, puLen=0xd7e810) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c7ec, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c840, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c8b0, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c910, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c96c, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2c9f4, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2ca4c, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2caa4, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2cad4, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d2cb10, puLen=0xd7e790) returned 1
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d2cb64, puLen=0xd7e784) returned 1
[0291.082] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0291.082] VerQueryValueW (in: pBlock=0x2d2c734, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d2c75c, puLen=0xd7e794) returned 1
[0291.083] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0291.083] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.083] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0291.083] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.083] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.083] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3102da
[0291.084] SetWindowLongW (hWnd=0x3102da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0291.084] GetWindowLongW (hWnd=0x3102da, nIndex=-4) returned 1950089536
[0291.084] SetWindowLongW (hWnd=0x3102da, nIndex=-4, dwNewLong=19949614) returned 1950089536
[0291.085] GetWindowLongW (hWnd=0x3102da, nIndex=-4) returned 19949614
[0291.085] GetWindowLongW (hWnd=0x3102da, nIndex=-16) returned 113311744
[0291.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0291.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0291.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0291.086] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0291.086] GetClientRect (in: hWnd=0x3102da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0291.086] GetWindowRect (in: hWnd=0x3102da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0291.086] SetWindowTextW (hWnd=0x3102da, lpString="WindowsFormsParkingWindow") returned 1
[0291.086] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0xc, wParam=0x0, lParam=0x2cf1ce4) returned 0x1
[0291.086] GetParent (hWnd=0x3102da) returned 0x0
[0291.087] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.087] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3102da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2702ce
[0291.087] SetWindowLongW (hWnd=0x2702ce, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0291.087] GetWindowLongW (hWnd=0x2702ce, nIndex=-4) returned 1868147648
[0291.087] SetWindowLongW (hWnd=0x2702ce, nIndex=-4, dwNewLong=19949574) returned 1868147648
[0291.087] GetWindowLongW (hWnd=0x2702ce, nIndex=-4) returned 19949574
[0291.087] GetWindowLongW (hWnd=0x2702ce, nIndex=-16) returned 1174405133
[0291.087] GetWindowLongW (hWnd=0x2702ce, nIndex=-12) returned 0
[0291.087] SetWindowLongW (hWnd=0x2702ce, nIndex=-12, dwNewLong=2556622) returned 0
[0291.087] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0291.088] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0291.088] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0291.088] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0291.089] GetWindowRect (in: hWnd=0x2702ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0291.089] GetParent (hWnd=0x2702ce) returned 0x3102da
[0291.089] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0291.089] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0291.089] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0291.089] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0291.089] GetWindowRect (in: hWnd=0x2702ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0291.089] GetParent (hWnd=0x2702ce) returned 0x3102da
[0291.089] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0291.089] SendMessageW (hWnd=0x2702ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2702ce) returned 0x0
[0291.089] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2702ce) returned 0x0
[0291.089] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.090] GetParent (hWnd=0x2702ce) returned 0x3102da
[0291.090] GdipCreateFromHWND (hwnd=0x2702ce, graphics=0xd7e844) returned 0x0
[0291.090] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0291.090] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.090] GetForegroundWindow () returned 0x7005c
[0291.090] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.093] GetSystemMetrics (nIndex=42) returned 0
[0291.093] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0291.093] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.093] GetSystemMetrics (nIndex=42) returned 0
[0291.093] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.093] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0291.093] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.093] GetCursorPos (in: lpPoint=0x2d30bb8 | out: lpPoint=0x2d30bb8*(x=253, y=627)) returned 1
[0291.093] MonitorFromPoint (pt=0xfd, dwFlags=0x273) returned 0x10001
[0291.093] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0291.093] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfc010671
[0291.094] GetDeviceCaps (hdc=0xfc010671, index=12) returned 32
[0291.094] GetDeviceCaps (hdc=0xfc010671, index=14) returned 1
[0291.094] DeleteDC (hdc=0xfc010671) returned 1
[0291.094] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0291.094] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0291.094] GetSystemMetrics (nIndex=59) returned 1460
[0291.094] GetSystemMetrics (nIndex=60) returned 920
[0291.094] GetSystemMetrics (nIndex=34) returned 136
[0291.094] GetSystemMetrics (nIndex=35) returned 39
[0291.094] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.094] GetCursorPos (in: lpPoint=0x2d30e24 | out: lpPoint=0x2d30e24*(x=253, y=627)) returned 1
[0291.094] MonitorFromPoint (pt=0xff, dwFlags=0x275) returned 0x10001
[0291.094] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0291.095] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xfd010671
[0291.095] GetDeviceCaps (hdc=0xfd010671, index=12) returned 32
[0291.095] GetDeviceCaps (hdc=0xfd010671, index=14) returned 1
[0291.095] DeleteDC (hdc=0xfd010671) returned 1
[0291.095] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0291.095] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0291.095] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.095] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0291.095] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d310bc | out: piconinfo=0x2d310bc) returned 1
[0291.095] GetObjectW (in: h=0x20507f3, c=24, pv=0x2d310d8 | out: pv=0x2d310d8) returned 24
[0291.096] GdipCreateBitmapFromHBITMAP (hbm=0x20507f3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0291.096] GdipGetImageWidth (image=0x664f790, width=0xd7e750) returned 0x0
[0291.096] GdipGetImageHeight (image=0x664f790, height=0xd7e748) returned 0x0
[0291.096] GdipGetImagePixelFormat (image=0x664f790, format=0xd7e740) returned 0x0
[0291.096] GdipBitmapLockBits (bitmap=0x664f790, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d31190) returned 0x0
[0291.096] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0291.096] GdipBitmapLockBits (bitmap=0x6651ba8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d311c8) returned 0x0
[0291.096] RtlMoveMemory (in: Destination=0x665df40, Source=0x665deb8, Length=0x80 | out: Destination=0x665df40)
[0291.096] RtlMoveMemory (in: Destination=0x665dfc0, Source=0x665de38, Length=0x80 | out: Destination=0x665dfc0)
[0291.096] RtlMoveMemory (in: Destination=0x665e040, Source=0x665ddb8, Length=0x80 | out: Destination=0x665e040)
[0291.096] RtlMoveMemory (in: Destination=0x665e0c0, Source=0x665dd38, Length=0x80 | out: Destination=0x665e0c0)
[0291.096] RtlMoveMemory (in: Destination=0x665e140, Source=0x665dcb8, Length=0x80 | out: Destination=0x665e140)
[0291.096] RtlMoveMemory (in: Destination=0x665e1c0, Source=0x665dc38, Length=0x80 | out: Destination=0x665e1c0)
[0291.096] RtlMoveMemory (in: Destination=0x665e240, Source=0x665dbb8, Length=0x80 | out: Destination=0x665e240)
[0291.096] RtlMoveMemory (in: Destination=0x665e2c0, Source=0x665db38, Length=0x80 | out: Destination=0x665e2c0)
[0291.097] RtlMoveMemory (in: Destination=0x665e340, Source=0x665dab8, Length=0x80 | out: Destination=0x665e340)
[0291.097] RtlMoveMemory (in: Destination=0x665e3c0, Source=0x665da38, Length=0x80 | out: Destination=0x665e3c0)
[0291.097] RtlMoveMemory (in: Destination=0x665e440, Source=0x665d9b8, Length=0x80 | out: Destination=0x665e440)
[0291.097] RtlMoveMemory (in: Destination=0x665e4c0, Source=0x665d938, Length=0x80 | out: Destination=0x665e4c0)
[0291.097] RtlMoveMemory (in: Destination=0x665e540, Source=0x665d8b8, Length=0x80 | out: Destination=0x665e540)
[0291.097] RtlMoveMemory (in: Destination=0x665e5c0, Source=0x665d838, Length=0x80 | out: Destination=0x665e5c0)
[0291.097] RtlMoveMemory (in: Destination=0x665e640, Source=0x665d7b8, Length=0x80 | out: Destination=0x665e640)
[0291.097] RtlMoveMemory (in: Destination=0x665e6c0, Source=0x665d738, Length=0x80 | out: Destination=0x665e6c0)
[0291.097] RtlMoveMemory (in: Destination=0x665e740, Source=0x665d6b8, Length=0x80 | out: Destination=0x665e740)
[0291.097] RtlMoveMemory (in: Destination=0x665e7c0, Source=0x665d638, Length=0x80 | out: Destination=0x665e7c0)
[0291.097] RtlMoveMemory (in: Destination=0x665e840, Source=0x665d5b8, Length=0x80 | out: Destination=0x665e840)
[0291.097] RtlMoveMemory (in: Destination=0x665e8c0, Source=0x665d538, Length=0x80 | out: Destination=0x665e8c0)
[0291.097] RtlMoveMemory (in: Destination=0x665e940, Source=0x665d4b8, Length=0x80 | out: Destination=0x665e940)
[0291.097] RtlMoveMemory (in: Destination=0x665e9c0, Source=0x665d438, Length=0x80 | out: Destination=0x665e9c0)
[0291.097] RtlMoveMemory (in: Destination=0x665ea40, Source=0x665d3b8, Length=0x80 | out: Destination=0x665ea40)
[0291.097] RtlMoveMemory (in: Destination=0x665eac0, Source=0x665d338, Length=0x80 | out: Destination=0x665eac0)
[0291.097] RtlMoveMemory (in: Destination=0x665eb40, Source=0x665d2b8, Length=0x80 | out: Destination=0x665eb40)
[0291.097] RtlMoveMemory (in: Destination=0x665ebc0, Source=0x665d238, Length=0x80 | out: Destination=0x665ebc0)
[0291.097] RtlMoveMemory (in: Destination=0x665ec40, Source=0x665d1b8, Length=0x80 | out: Destination=0x665ec40)
[0291.097] RtlMoveMemory (in: Destination=0x665ecc0, Source=0x665d138, Length=0x80 | out: Destination=0x665ecc0)
[0291.097] RtlMoveMemory (in: Destination=0x665ed40, Source=0x665d0b8, Length=0x80 | out: Destination=0x665ed40)
[0291.097] RtlMoveMemory (in: Destination=0x665edc0, Source=0x665d038, Length=0x80 | out: Destination=0x665edc0)
[0291.097] RtlMoveMemory (in: Destination=0x665ee40, Source=0x665cfb8, Length=0x80 | out: Destination=0x665ee40)
[0291.097] RtlMoveMemory (in: Destination=0x665eec0, Source=0x665cf38, Length=0x80 | out: Destination=0x665eec0)
[0291.098] GdipBitmapUnlockBits (bitmap=0x664f790, lockedBitmapData=0x2d31190) returned 0x0
[0291.098] GdipBitmapUnlockBits (bitmap=0x6651ba8, lockedBitmapData=0x2d311c8) returned 0x0
[0291.098] GdipDisposeImage (image=0x664f790) returned 0x0
[0291.098] DeleteObject (ho=0x20507f3) returned 1
[0291.098] DeleteObject (ho=0xfe050671) returned 1
[0291.098] GetCurrentThreadId () returned 0xf50
[0291.098] GetCurrentThreadId () returned 0xf50
[0291.098] SetWindowPos (hWnd=0x2702ce, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0291.098] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0291.098] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0291.098] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0291.098] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0291.098] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0291.098] GetWindowRect (in: hWnd=0x2702ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0291.099] GetParent (hWnd=0x2702ce) returned 0x3102da
[0291.099] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0291.099] InvalidateRect (hWnd=0x2702ce, lpRect=0x0, bErase=1) returned 1
[0291.099] GetWindowTextLengthW (hWnd=0x2702ce) returned 0
[0291.099] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0291.099] GetSystemMetrics (nIndex=42) returned 0
[0291.099] GetWindowTextW (in: hWnd=0x2702ce, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0291.099] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0291.099] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0291.099] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0291.099] GetWindowRect (in: hWnd=0x2702ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0291.099] GetParent (hWnd=0x2702ce) returned 0x3102da
[0291.099] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0291.099] GetWindowTextLengthW (hWnd=0x2702ce) returned 0
[0291.099] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0291.099] GetSystemMetrics (nIndex=42) returned 0
[0291.099] GetWindowTextW (in: hWnd=0x2702ce, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0291.099] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0291.099] GetWindowTextLengthW (hWnd=0x2702ce) returned 0
[0291.099] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0291.099] GetSystemMetrics (nIndex=42) returned 0
[0291.099] GetWindowTextW (in: hWnd=0x2702ce, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0291.100] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0291.100] SetWindowTextW (hWnd=0x2702ce, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0291.100] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xc, wParam=0x0, lParam=0x2d12024) returned 0x1
[0291.100] InvalidateRect (hWnd=0x2702ce, lpRect=0x0, bErase=1) returned 1
[0291.100] GetCurrentThreadId () returned 0xf50
[0291.100] GetWindowThreadProcessId (in: hWnd=0x2702ce, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0291.100] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0291.101] GdipImageForceValidation (image=0x6652238) returned 0x0
[0291.102] GdipGetImageRawFormat (image=0x6652238, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0291.102] GdipGetImageHeight (image=0x6652238, height=0xd7e824) returned 0x0
[0291.102] GdipGetImageWidth (image=0x6652238, width=0xd7e824) returned 0x0
[0291.102] GdipGetImageWidth (image=0x6652238, width=0xd7e810) returned 0x0
[0291.102] GdipGetImageHeight (image=0x6652238, height=0xd7e810) returned 0x0
[0291.102] GdipGetImageWidth (image=0x6652238, width=0xd7e800) returned 0x0
[0291.102] GdipGetImageHeight (image=0x6652238, height=0xd7e800) returned 0x0
[0291.102] GdipBitmapGetPixel (bitmap=0x6652238, x=0, y=15, color=0xd7e810) returned 0x0
[0291.102] GdipGetImageRawFormat (image=0x6652238, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0291.103] GdipGetImageWidth (image=0x6652238, width=0xd7e740) returned 0x0
[0291.103] GdipGetImageHeight (image=0x6652238, height=0xd7e740) returned 0x0
[0291.103] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0291.103] GdipGetImagePixelFormat (image=0x664fad8, format=0xd7e740) returned 0x0
[0291.103] GdipGetImageGraphicsContext (image=0x664fad8, graphics=0xd7e74c) returned 0x0
[0291.103] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0291.103] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0291.103] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0291.103] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6652238, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0291.104] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0291.104] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.104] GdipDisposeImage (image=0x6652238) returned 0x0
[0291.104] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0291.105] GdipImageForceValidation (image=0x664fe20) returned 0x0
[0291.106] GdipGetImageRawFormat (image=0x664fe20, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0291.106] GdipGetImageHeight (image=0x664fe20, height=0xd7e824) returned 0x0
[0291.107] GdipGetImageWidth (image=0x664fe20, width=0xd7e824) returned 0x0
[0291.107] GdipGetImageWidth (image=0x664fe20, width=0xd7e810) returned 0x0
[0291.107] GdipGetImageHeight (image=0x664fe20, height=0xd7e810) returned 0x0
[0291.107] GdipGetImageWidth (image=0x664fe20, width=0xd7e800) returned 0x0
[0291.107] GdipGetImageHeight (image=0x664fe20, height=0xd7e800) returned 0x0
[0291.107] GdipBitmapGetPixel (bitmap=0x664fe20, x=0, y=15, color=0xd7e810) returned 0x0
[0291.107] GdipGetImageRawFormat (image=0x664fe20, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0291.107] GdipGetImageWidth (image=0x664fe20, width=0xd7e740) returned 0x0
[0291.107] GdipGetImageHeight (image=0x664fe20, height=0xd7e740) returned 0x0
[0291.108] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0291.108] GdipGetImagePixelFormat (image=0x6650b40, format=0xd7e740) returned 0x0
[0291.108] GdipGetImageGraphicsContext (image=0x6650b40, graphics=0xd7e74c) returned 0x0
[0291.108] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0291.108] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0291.108] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0291.108] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664fe20, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0291.108] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0291.108] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.108] GdipDisposeImage (image=0x664fe20) returned 0x0
[0291.109] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.109] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0291.109] GetCurrentThreadId () returned 0xf50
[0291.109] GetCurrentThreadId () returned 0xf50
[0291.109] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.109] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0291.109] GetCurrentThreadId () returned 0xf50
[0291.109] GetCurrentThreadId () returned 0xf50
[0291.109] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.109] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0291.109] GetCurrentThreadId () returned 0xf50
[0291.109] GetCurrentThreadId () returned 0xf50
[0291.109] GetSystemMetrics (nIndex=5) returned 1
[0291.109] GetSystemMetrics (nIndex=6) returned 1
[0291.110] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.110] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0291.110] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.110] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0291.110] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.110] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0291.110] GetCurrentThreadId () returned 0xf50
[0291.110] GetCurrentThreadId () returned 0xf50
[0291.110] GetProcessWindowStation () returned 0x13c
[0291.111] GetCapture () returned 0x0
[0291.111] GetActiveWindow () returned 0x7005c
[0291.111] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0291.111] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.111] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0291.111] GetCursorPos (in: lpPoint=0x2d32308 | out: lpPoint=0x2d32308*(x=253, y=627)) returned 1
[0291.111] MonitorFromPoint (pt=0xfd, dwFlags=0x273) returned 0x10001
[0291.111] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0291.111] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xff010671
[0291.111] GetDeviceCaps (hdc=0xff010671, index=12) returned 32
[0291.111] GetDeviceCaps (hdc=0xff010671, index=14) returned 1
[0291.111] DeleteDC (hdc=0xff010671) returned 1
[0291.111] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0291.112] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.112] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2602d0
[0291.112] SetWindowLongW (hWnd=0x2602d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0291.112] GetWindowLongW (hWnd=0x2602d0, nIndex=-4) returned 1950089536
[0291.112] SetWindowLongW (hWnd=0x2602d0, nIndex=-4, dwNewLong=19949694) returned 1950089536
[0291.112] GetWindowLongW (hWnd=0x2602d0, nIndex=-4) returned 19949694
[0291.113] GetWindowLongW (hWnd=0x2602d0, nIndex=-16) returned 113770496
[0291.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0291.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0291.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0291.114] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0291.114] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0291.114] SetWindowTextW (hWnd=0x2602d0, lpString="BB ransomware") returned 1
[0291.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xc, wParam=0x0, lParam=0x2d30aa4) returned 0x1
[0291.115] GetStartupInfoW (in: lpStartupInfo=0x2d32644 | out: lpStartupInfo=0x2d32644*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0291.116] GetParent (hWnd=0x2602d0) returned 0x0
[0291.116] SetWindowLongW (hWnd=0x2602d0, nIndex=-8, dwNewLong=0) returned 0
[0291.117] SendMessageW (hWnd=0x2602d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0291.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0291.117] SendMessageW (hWnd=0x2602d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0291.117] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0291.117] GetSystemMenu (hWnd=0x2602d0, bRevert=0) returned 0x770113
[0291.117] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0291.117] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0291.117] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0291.118] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0291.118] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0291.118] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0291.118] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0291.118] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0291.118] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0291.118] SetWindowPos (hWnd=0x2602d0, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0291.118] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0291.119] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2602d0) returned 0x1
[0291.121] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0291.121] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0291.122] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.122] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.122] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.124] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2602d0, lParam=0x0) returned 0x0
[0291.124] GetCapture () returned 0x0
[0291.124] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0291.124] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0291.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0291.127] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.127] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0291.127] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0291.127] GetParent (hWnd=0x2602d0) returned 0x0
[0291.127] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0291.130] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0291.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0291.130] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0291.130] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0291.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.131] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.132] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.132] GetWindowLongW (hWnd=0x2602d0, nIndex=-16) returned 113770496
[0291.132] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.132] GetSystemMetrics (nIndex=42) returned 0
[0291.132] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0291.132] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.132] GetSystemMetrics (nIndex=42) returned 0
[0291.132] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0291.132] GetCursorPos (in: lpPoint=0x2d32880 | out: lpPoint=0x2d32880*(x=253, y=627)) returned 1
[0291.132] MonitorFromPoint (pt=0xfd, dwFlags=0x273) returned 0x10001
[0291.132] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0291.132] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2010801
[0291.133] GetDeviceCaps (hdc=0x2010801, index=12) returned 32
[0291.133] GetDeviceCaps (hdc=0x2010801, index=14) returned 1
[0291.133] DeleteDC (hdc=0x2010801) returned 1
[0291.133] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0291.133] GetWindowLongW (hWnd=0x2602d0, nIndex=-16) returned 113770496
[0291.133] GetWindowLongW (hWnd=0x2602d0, nIndex=-20) returned 327945
[0291.133] SetWindowLongW (hWnd=0x2602d0, nIndex=-16, dwNewLong=46661632) returned 113770496
[0291.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0291.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0291.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.135] SetWindowLongW (hWnd=0x2602d0, nIndex=-20, dwNewLong=327681) returned 327945
[0291.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0291.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0291.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.136] SetWindowPos (hWnd=0x2602d0, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0291.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0291.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0291.137] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0291.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0291.137] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0291.137] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0291.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.142] RedrawWindow (hWnd=0x2602d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0291.142] GetSystemMenu (hWnd=0x2602d0, bRevert=0) returned 0x770113
[0291.142] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0291.142] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0291.142] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0291.142] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0291.142] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0291.142] EnableMenuItem (hMenu=0x770113, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0291.142] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0291.142] GetWindowLongW (hWnd=0x2602d0, nIndex=-8) returned 0
[0291.142] SetWindowLongW (hWnd=0x2602d0, nIndex=-8, dwNewLong=458844) returned 0
[0291.143] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0291.143] GetProcessWindowStation () returned 0x13c
[0291.143] GetCurrentThreadId () returned 0xf50
[0291.144] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306ad6, lParam=0x0) returned 1
[0291.144] IsWindowVisible (hWnd=0x2602d0) returned 0
[0291.144] IsWindowVisible (hWnd=0x7005c) returned 1
[0291.144] IsWindowEnabled (hWnd=0x7005c) returned 1
[0291.144] IsWindowVisible (hWnd=0x300ec) returned 0
[0291.144] IsWindowVisible (hWnd=0x502c6) returned 0
[0291.144] IsWindowVisible (hWnd=0x502be) returned 0
[0291.144] GetActiveWindow () returned 0x2602d0
[0291.144] GetFocus () returned 0x2602d0
[0291.144] IsWindow (hWnd=0x7005c) returned 1
[0291.144] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0291.144] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0291.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0291.145] GetWindowLongW (hWnd=0x2602d0, nIndex=-8) returned 458844
[0291.145] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0291.145] GetCurrentThreadId () returned 0xf50
[0291.145] GetWindowLongW (hWnd=0x2602d0, nIndex=-8) returned 458844
[0291.145] IsWindowEnabled (hWnd=0x7005c) returned 0
[0291.145] IsWindowEnabled (hWnd=0x2602d0) returned 1
[0291.145] ShowWindow (hWnd=0x2602d0, nCmdShow=5) returned 0
[0291.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.145] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0291.145] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.145] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.145] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2602d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3102de
[0291.146] SetWindowLongW (hWnd=0x3102de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0291.146] GetWindowLongW (hWnd=0x3102de, nIndex=-4) returned 1950089536
[0291.146] SetWindowLongW (hWnd=0x3102de, nIndex=-4, dwNewLong=19950494) returned 1950089536
[0291.146] GetWindowLongW (hWnd=0x3102de, nIndex=-4) returned 19950494
[0291.146] GetWindowLongW (hWnd=0x3102de, nIndex=-16) returned 1174405120
[0291.146] GetWindowLongW (hWnd=0x3102de, nIndex=-12) returned 0
[0291.146] SetWindowLongW (hWnd=0x3102de, nIndex=-12, dwNewLong=3211998) returned 0
[0291.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0291.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0291.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0291.147] GetWindow (hWnd=0x3102de, uCmd=0x3) returned 0x0
[0291.147] GetClientRect (in: hWnd=0x3102de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0291.147] GetWindowRect (in: hWnd=0x3102de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0291.147] GetParent (hWnd=0x3102de) returned 0x2602d0
[0291.147] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0291.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0291.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0291.148] GetClientRect (in: hWnd=0x3102de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0291.148] GetWindowRect (in: hWnd=0x3102de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0291.148] GetParent (hWnd=0x3102de) returned 0x2602d0
[0291.148] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0291.148] SendMessageW (hWnd=0x3102de, Msg=0x2210, wParam=0x2de0001, lParam=0x3102de) returned 0x0
[0291.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x2210, wParam=0x2de0001, lParam=0x3102de) returned 0x0
[0291.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.148] GetParent (hWnd=0x3102de) returned 0x2602d0
[0291.148] GetParent (hWnd=0x2702ce) returned 0x3102da
[0291.149] SetParent (hWndChild=0x2702ce, hWndNewParent=0x2602d0) returned 0x3102da
[0291.149] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0291.149] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0291.149] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0291.149] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0291.149] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0291.149] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0291.149] GetWindowRect (in: hWnd=0x2702ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0291.149] GetParent (hWnd=0x2702ce) returned 0x2602d0
[0291.150] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0291.150] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0291.150] GetWindowRect (in: hWnd=0x2702ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0291.150] GetParent (hWnd=0x2702ce) returned 0x2602d0
[0291.150] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0291.150] GetParent (hWnd=0x2702ce) returned 0x2602d0
[0291.150] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.150] GetWindow (hWnd=0x2702ce, uCmd=0x3) returned 0x0
[0291.150] SetWindowPos (hWnd=0x2702ce, hWndInsertAfter=0x3102de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0291.150] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0291.150] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0291.151] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0291.151] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0291.151] GetWindowRect (in: hWnd=0x2702ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0291.151] GetParent (hWnd=0x2702ce) returned 0x2602d0
[0291.151] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0291.151] GetParent (hWnd=0x2702ce) returned 0x2602d0
[0291.151] GetWindow (hWnd=0x2702ce, uCmd=0x3) returned 0x3102de
[0291.151] GetWindowThreadProcessId (in: hWnd=0x2702ce, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0291.151] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0291.151] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.151] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.151] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2602d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3302d8
[0291.152] SetWindowLongW (hWnd=0x3302d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0291.152] GetWindowLongW (hWnd=0x3302d8, nIndex=-4) returned 1868032000
[0291.152] SetWindowLongW (hWnd=0x3302d8, nIndex=-4, dwNewLong=19950134) returned 1868032000
[0291.152] GetWindowLongW (hWnd=0x3302d8, nIndex=-4) returned 19950134
[0291.152] GetWindowLongW (hWnd=0x3302d8, nIndex=-16) returned 1174470667
[0291.152] GetWindowLongW (hWnd=0x3302d8, nIndex=-12) returned 0
[0291.152] SetWindowLongW (hWnd=0x3302d8, nIndex=-12, dwNewLong=3343064) returned 0
[0291.152] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0291.153] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0291.153] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0291.155] SendMessageW (hWnd=0x3302d8, Msg=0x2055, wParam=0x3302d8, lParam=0x3) returned 0x2
[0291.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0291.155] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0291.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0291.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0291.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0291.155] RedrawWindow (hWnd=0x3102de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0291.155] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0291.155] RedrawWindow (hWnd=0x2702ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0291.155] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0291.155] RedrawWindow (hWnd=0x3302d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0291.155] RedrawWindow (hWnd=0x2602d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0291.156] GetWindow (hWnd=0x3302d8, uCmd=0x3) returned 0x2702ce
[0291.156] GetClientRect (in: hWnd=0x3302d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0291.156] GetWindowRect (in: hWnd=0x3302d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0291.156] GetParent (hWnd=0x3302d8) returned 0x2602d0
[0291.156] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0291.156] SetWindowTextW (hWnd=0x3302d8, lpString="&Details") returned 1
[0291.156] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0291.156] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0291.156] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0291.157] GetClientRect (in: hWnd=0x3302d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0291.157] GetWindowRect (in: hWnd=0x3302d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0291.157] GetParent (hWnd=0x3302d8) returned 0x2602d0
[0291.157] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0291.157] SendMessageW (hWnd=0x3302d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3302d8) returned 0x0
[0291.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3302d8) returned 0x0
[0291.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.157] GetParent (hWnd=0x3302d8) returned 0x2602d0
[0291.157] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0291.157] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.158] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.158] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2602d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3400ea
[0291.158] SetWindowLongW (hWnd=0x3400ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0291.158] GetWindowLongW (hWnd=0x3400ea, nIndex=-4) returned 1868032000
[0291.158] SetWindowLongW (hWnd=0x3400ea, nIndex=-4, dwNewLong=19951070) returned 1868032000
[0291.158] GetWindowLongW (hWnd=0x3400ea, nIndex=-4) returned 19951070
[0291.158] GetWindowLongW (hWnd=0x3400ea, nIndex=-16) returned 1174470667
[0291.158] GetWindowLongW (hWnd=0x3400ea, nIndex=-12) returned 0
[0291.158] SetWindowLongW (hWnd=0x3400ea, nIndex=-12, dwNewLong=3408106) returned 0
[0291.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0291.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0291.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0291.160] SendMessageW (hWnd=0x3400ea, Msg=0x2055, wParam=0x3400ea, lParam=0x3) returned 0x2
[0291.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0291.160] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0291.160] GetWindow (hWnd=0x3400ea, uCmd=0x3) returned 0x3302d8
[0291.160] GetClientRect (in: hWnd=0x3400ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0291.160] GetWindowRect (in: hWnd=0x3400ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0291.160] GetParent (hWnd=0x3400ea) returned 0x2602d0
[0291.160] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0291.161] SetWindowTextW (hWnd=0x3400ea, lpString="&Continue") returned 1
[0291.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0291.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0291.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0291.161] GetClientRect (in: hWnd=0x3400ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0291.161] GetWindowRect (in: hWnd=0x3400ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0291.161] GetParent (hWnd=0x3400ea) returned 0x2602d0
[0291.161] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0291.161] SendMessageW (hWnd=0x3400ea, Msg=0x2210, wParam=0xea0001, lParam=0x3400ea) returned 0x0
[0291.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x2210, wParam=0xea0001, lParam=0x3400ea) returned 0x0
[0291.161] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.162] GetParent (hWnd=0x3400ea) returned 0x2602d0
[0291.162] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0291.162] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.162] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.162] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2602d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3102dc
[0291.163] SetWindowLongW (hWnd=0x3102dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0291.163] GetWindowLongW (hWnd=0x3102dc, nIndex=-4) returned 1868032000
[0291.163] SetWindowLongW (hWnd=0x3102dc, nIndex=-4, dwNewLong=19950710) returned 1868032000
[0291.163] GetWindowLongW (hWnd=0x3102dc, nIndex=-4) returned 19950710
[0291.163] GetWindowLongW (hWnd=0x3102dc, nIndex=-16) returned 1174470667
[0291.163] GetWindowLongW (hWnd=0x3102dc, nIndex=-12) returned 0
[0291.163] SetWindowLongW (hWnd=0x3102dc, nIndex=-12, dwNewLong=3211996) returned 0
[0291.163] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0291.164] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0291.164] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0291.165] SendMessageW (hWnd=0x3102dc, Msg=0x2055, wParam=0x3102dc, lParam=0x3) returned 0x2
[0291.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0291.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0291.165] GetWindow (hWnd=0x3102dc, uCmd=0x3) returned 0x3400ea
[0291.165] GetClientRect (in: hWnd=0x3102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0291.165] GetWindowRect (in: hWnd=0x3102dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0291.165] GetParent (hWnd=0x3102dc) returned 0x2602d0
[0291.165] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0291.165] SetWindowTextW (hWnd=0x3102dc, lpString="&Quit") returned 1
[0291.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0291.165] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0291.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0291.166] GetClientRect (in: hWnd=0x3102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0291.166] GetWindowRect (in: hWnd=0x3102dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0291.166] GetParent (hWnd=0x3102dc) returned 0x2602d0
[0291.166] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0291.166] SendMessageW (hWnd=0x3102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3102dc) returned 0x0
[0291.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3102dc) returned 0x0
[0291.166] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.166] GetParent (hWnd=0x3102dc) returned 0x2602d0
[0291.166] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0291.166] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.167] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0291.167] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2602d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b02c8
[0291.167] SetWindowLongW (hWnd=0x2b02c8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0291.167] GetWindowLongW (hWnd=0x2b02c8, nIndex=-4) returned 1868026976
[0291.167] SetWindowLongW (hWnd=0x2b02c8, nIndex=-4, dwNewLong=19951270) returned 1868026976
[0291.168] GetWindowLongW (hWnd=0x2b02c8, nIndex=-4) returned 19951270
[0291.168] GetWindowLongW (hWnd=0x2b02c8, nIndex=-16) returned 1177553092
[0291.168] GetWindowLongW (hWnd=0x2b02c8, nIndex=-12) returned 0
[0291.168] SetWindowLongW (hWnd=0x2b02c8, nIndex=-12, dwNewLong=2818760) returned 0
[0291.168] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0291.176] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0291.177] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0291.192] GetWindow (hWnd=0x2b02c8, uCmd=0x3) returned 0x3102dc
[0291.192] GetClientRect (in: hWnd=0x2b02c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0291.192] GetWindowRect (in: hWnd=0x2b02c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0291.192] GetParent (hWnd=0x2b02c8) returned 0x2602d0
[0291.192] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0291.192] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.192] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.193] GetSystemMetrics (nIndex=42) returned 0
[0291.193] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.193] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0291.193] SendMessageW (hWnd=0x2b02c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0291.193] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0291.203] SetWindowTextW (hWnd=0x2b02c8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0291.203] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0xc, wParam=0x0, lParam=0x2d2e48c) returned 0x1
[0291.206] GetSystemMetrics (nIndex=5) returned 1
[0291.206] GetSystemMetrics (nIndex=6) returned 1
[0291.206] SendMessageW (hWnd=0x2b02c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0291.206] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0291.207] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0291.207] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0291.207] GetClientRect (in: hWnd=0x2b02c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0291.208] GetWindowRect (in: hWnd=0x2b02c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0291.208] GetParent (hWnd=0x2b02c8) returned 0x2602d0
[0291.208] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2602d0, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0291.208] SendMessageW (hWnd=0x2b02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2b02c8) returned 0x0
[0291.208] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2b02c8) returned 0x0
[0291.208] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0291.208] GetParent (hWnd=0x2b02c8) returned 0x2602d0
[0291.208] GetWindowLongW (hWnd=0x2602d0, nIndex=-8) returned 458844
[0291.208] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0291.208] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0291.209] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9010801
[0291.209] GetDeviceCaps (hdc=0x9010801, index=12) returned 32
[0291.209] GetDeviceCaps (hdc=0x9010801, index=14) returned 1
[0291.209] DeleteDC (hdc=0x9010801) returned 1
[0291.209] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0291.209] GetWindowThreadProcessId (in: hWnd=0x2602d0, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0291.209] GetCurrentThreadId () returned 0xf50
[0291.209] PostMessageW (hWnd=0x2602d0, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0291.209] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.209] GetSystemMetrics (nIndex=42) returned 0
[0291.209] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.209] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0291.209] GdipImageGetFrameDimensionsCount (image=0x6651ba8, count=0xd7e25c) returned 0x0
[0291.209] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12018c8
[0291.209] GdipImageGetFrameDimensionsList (image=0x6651ba8, dimensionIDs=0x12018c8*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0291.209] LocalFree (hMem=0x12018c8) returned 0x0
[0291.210] GdipImageGetFrameDimensionsCount (image=0x664fad8, count=0xd7e250) returned 0x0
[0291.210] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201940
[0291.210] GdipImageGetFrameDimensionsList (image=0x664fad8, dimensionIDs=0x1201940*(Data1=0x502be, Data2=0x3278, Data3=0x11d, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0291.210] LocalFree (hMem=0x1201940) returned 0x0
[0291.210] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0291.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0291.210] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0291.250] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0291.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.252] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0291.252] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0291.252] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.252] GetSystemMetrics (nIndex=42) returned 0
[0291.252] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0291.252] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0291.252] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0291.252] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0291.252] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0x2b0506b6
[0291.252] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0291.252] SaveDC (hdc=0x107b9) returned 1
[0291.252] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0291.252] CreateSolidBrush (color=0xf0f0f0) returned 0x3a1007e1
[0291.253] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x3a1007e1) returned 1
[0291.253] DeleteObject (ho=0x3a1007e1) returned 1
[0291.253] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0291.253] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0291.254] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0291.254] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0291.254] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0291.254] GetStockObject (i=5) returned 0x900015
[0291.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0291.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0291.255] GetStockObject (i=5) returned 0x900015
[0291.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0291.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0291.255] GetStockObject (i=5) returned 0x900015
[0291.255] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0291.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0291.255] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0291.255] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0291.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0291.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0291.258] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0291.258] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0291.258] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.258] InvalidateRect (hWnd=0x3302d8, lpRect=0x0, bErase=0) returned 1
[0291.258] GetFocus () returned 0x2602d0
[0291.258] GetFocus () returned 0x2602d0
[0291.258] SetFocus (hWnd=0x3302d8) returned 0x2602d0
[0291.259] GetFocus () returned 0x3302d8
[0291.259] IsChild (hWndParent=0x2602d0, hWnd=0x3302d8) returned 1
[0291.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x8, wParam=0x3302d8, lParam=0x0) returned 0x0
[0291.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0291.261] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0291.265] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.265] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x7, wParam=0x2602d0, lParam=0x0) returned 0x0
[0291.265] GetStockObject (i=5) returned 0x900015
[0291.265] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0291.265] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0291.265] GetDlgItem (hDlg=0x2602d0, nIDDlgItem=3343064) returned 0x3302d8
[0291.265] SendMessageW (hWnd=0x3302d8, Msg=0x202b, wParam=0x3302d8, lParam=0xd7e0dc) returned 0x0
[0291.265] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x202b, wParam=0x3302d8, lParam=0xd7e0dc) returned 0x0
[0291.266] InvalidateRect (hWnd=0x3302d8, lpRect=0x0, bErase=0) returned 1
[0291.268] GetFocus () returned 0x3302d8
[0291.268] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.268] IsWindowUnicode (hWnd=0x2602d0) returned 1
[0291.268] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.268] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.268] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0291.269] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.269] IsWindowUnicode (hWnd=0x2602d0) returned 1
[0291.269] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.269] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.269] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.269] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0291.270] IsWindowUnicode (hWnd=0x2602d0) returned 1
[0291.270] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.270] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.270] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.270] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.270] IsWindowUnicode (hWnd=0x602c4) returned 1
[0291.270] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.270] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.270] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.270] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0291.270] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0291.270] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.271] IsWindowUnicode (hWnd=0x2602d0) returned 1
[0291.271] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.271] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.271] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.271] BeginPaint (in: hWnd=0x2602d0, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x10105d6
[0291.271] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.272] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.272] GetSystemMetrics (nIndex=42) returned 0
[0291.272] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0291.272] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.272] EndPaint (hWnd=0x2602d0, lpPaint=0xd7e274) returned 1
[0291.272] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.272] IsWindowUnicode (hWnd=0x3102de) returned 1
[0291.272] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.272] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.272] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.272] BeginPaint (in: hWnd=0x3102de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0291.273] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.273] CreateCompatibleDC (hdc=0xf0105ee) returned 0xe60107d0
[0291.273] SelectObject (hdc=0xe60107d0, h=0x4a0507fe) returned 0x85000f
[0291.273] GdipCreateFromHDC (hdc=0xe60107d0, graphics=0xd7e2b0) returned 0x0
[0291.273] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.273] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0291.273] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0291.273] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0291.273] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e310) returned 0x0
[0291.273] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.273] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0291.273] LocalFree (hMem=0x11ee868) returned 0x0
[0291.274] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0291.274] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0291.274] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0291.274] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0291.274] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0291.274] GetWindowTextLengthW (hWnd=0x3102de) returned 0
[0291.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0291.274] GetSystemMetrics (nIndex=42) returned 0
[0291.274] GetWindowTextW (in: hWnd=0x3102de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0291.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0291.274] GetClientRect (in: hWnd=0x3102de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0291.274] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0291.274] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0291.274] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0291.274] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0291.274] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e164) returned 0x0
[0291.274] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0291.274] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0291.274] LocalFree (hMem=0x11ee9f0) returned 0x0
[0291.275] GdipCombineRegionRegion (region=0x6646568, region2=0x6646cb8, combineMode=0x1) returned 0x0
[0291.275] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0291.275] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0291.275] LocalFree (hMem=0x11ee8d8) returned 0x0
[0291.275] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0291.275] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0291.275] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0291.275] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0291.275] GdipDeleteRegion (region=0x6646568) returned 0x0
[0291.275] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0291.275] GetCurrentObject (hdc=0xe60107d0, type=0x1) returned 0xb00017
[0291.275] GetCurrentObject (hdc=0xe60107d0, type=0x2) returned 0x900010
[0291.275] GetCurrentObject (hdc=0xe60107d0, type=0x7) returned 0x4a0507fe
[0291.275] GetCurrentObject (hdc=0xe60107d0, type=0x6) returned 0x8a01c2
[0291.275] SaveDC (hdc=0xe60107d0) returned 1
[0291.276] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x980407de
[0291.276] GetClipRgn (hdc=0xe60107d0, hrgn=0x980407de) returned 0
[0291.276] SelectClipRgn (hdc=0xe60107d0, hrgn=0xd040807) returned 2
[0291.276] DeleteObject (ho=0x980407de) returned 1
[0291.276] DeleteObject (ho=0xd040807) returned 1
[0291.276] OffsetViewportOrgEx (in: hdc=0xe60107d0, x=0, y=0, lppt=0x2d33fec | out: lppt=0x2d33fec) returned 1
[0291.276] GetNearestColor (hdc=0xe60107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.276] CreateSolidBrush (color=0xf0f0f0) returned 0x3b1007e1
[0291.276] FillRect (hDC=0xe60107d0, lprc=0xd7e198, hbr=0x3b1007e1) returned 1
[0291.276] DeleteObject (ho=0x3b1007e1) returned 1
[0291.276] RestoreDC (hdc=0xe60107d0, nSavedDC=-1) returned 1
[0291.276] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107d0) returned 0x0
[0291.276] GdipRestoreGraphics (graphics=0x6600030, state=0xf62c0dbd) returned 0x0
[0291.276] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0291.276] GetWindowTextLengthW (hWnd=0x3102de) returned 0
[0291.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0291.277] GetSystemMetrics (nIndex=42) returned 0
[0291.277] GetWindowTextW (in: hWnd=0x3102de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0291.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0291.277] GdipGetImageWidth (image=0x6651ba8, width=0xd7e1e0) returned 0x0
[0291.277] GdipGetImageHeight (image=0x6651ba8, height=0xd7e1e0) returned 0x0
[0291.277] GdipGetImageWidth (image=0x6651ba8, width=0xd7e1cc) returned 0x0
[0291.277] GdipGetImageHeight (image=0x6651ba8, height=0xd7e1cc) returned 0x0
[0291.277] GdipDrawImageRectI (graphics=0x6600030, image=0x6651ba8, x=16, y=16, width=32, height=32) returned 0x0
[0291.277] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0291.277] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0xe60107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.277] GdipReleaseDC (graphics=0x6600030, hdc=0xe60107d0) returned 0x0
[0291.277] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.277] SelectObject (hdc=0xe60107d0, h=0x85000f) returned 0x4a0507fe
[0291.277] DeleteDC (hdc=0xe60107d0) returned 1
[0291.278] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.278] EndPaint (hWnd=0x3102de, lpPaint=0xd7e294) returned 1
[0291.278] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.278] IsWindowUnicode (hWnd=0x2702ce) returned 1
[0291.278] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.280] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.280] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.280] BeginPaint (in: hWnd=0x2702ce, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0291.280] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.280] CreateCompatibleDC (hdc=0x107b9) returned 0xfb0107bb
[0291.280] GetObjectType (h=0x107b9) returned 0x3
[0291.280] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0x13050801
[0291.281] GetDIBits (in: hdc=0x107b9, hbm=0x13050801, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0291.281] GetDIBits (in: hdc=0x107b9, hbm=0x13050801, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0291.281] DeleteObject (ho=0x13050801) returned 1
[0291.281] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xe80507d0
[0291.281] SelectObject (hdc=0xfb0107bb, h=0xe80507d0) returned 0x85000f
[0291.281] GdipCreateFromHDC (hdc=0xfb0107bb, graphics=0xd7e234) returned 0x0
[0291.281] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.282] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0291.282] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0291.282] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0291.282] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0291.282] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0291.282] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0291.282] LocalFree (hMem=0x11eed00) returned 0x0
[0291.282] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0291.282] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0291.282] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0291.282] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0291.282] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0291.282] GetWindowTextLengthW (hWnd=0x2702ce) returned 232
[0291.282] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0291.282] GetSystemMetrics (nIndex=42) returned 0
[0291.282] GetWindowTextW (in: hWnd=0x2702ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0291.282] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0291.282] GetClientRect (in: hWnd=0x2702ce, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0291.282] GdipCreateRegion (region=0xd7e110) returned 0x0
[0291.283] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0291.283] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0291.283] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0291.283] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e128) returned 0x0
[0291.283] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0291.283] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eed00) returned 0x0
[0291.283] LocalFree (hMem=0x11eed00) returned 0x0
[0291.283] GdipCombineRegionRegion (region=0x6646568, region2=0x6646328, combineMode=0x1) returned 0x0
[0291.283] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.283] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0291.283] LocalFree (hMem=0x11ee868) returned 0x0
[0291.283] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0291.283] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e150) returned 0x0
[0291.283] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e140) returned 0x0
[0291.283] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0291.283] GdipDeleteRegion (region=0x6646568) returned 0x0
[0291.283] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0291.283] GetCurrentObject (hdc=0xfb0107bb, type=0x1) returned 0xb00017
[0291.284] GetCurrentObject (hdc=0xfb0107bb, type=0x2) returned 0x900010
[0291.284] GetCurrentObject (hdc=0xfb0107bb, type=0x7) returned 0xffffffffe80507d0
[0291.284] GetCurrentObject (hdc=0xfb0107bb, type=0x6) returned 0x8a01c2
[0291.284] SaveDC (hdc=0xfb0107bb) returned 1
[0291.284] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe040807
[0291.284] GetClipRgn (hdc=0xfb0107bb, hrgn=0xe040807) returned 0
[0291.284] SelectClipRgn (hdc=0xfb0107bb, hrgn=0x990407de) returned 2
[0291.284] DeleteObject (ho=0xe040807) returned 1
[0291.284] DeleteObject (ho=0x990407de) returned 1
[0291.284] OffsetViewportOrgEx (in: hdc=0xfb0107bb, x=0, y=0, lppt=0x2d359b4 | out: lppt=0x2d359b4) returned 1
[0291.284] GetNearestColor (hdc=0xfb0107bb, color=0xf0f0f0) returned 0xf0f0f0
[0291.284] CreateSolidBrush (color=0xf0f0f0) returned 0x3c1007e1
[0291.284] FillRect (hDC=0xfb0107bb, lprc=0xd7e15c, hbr=0x3c1007e1) returned 1
[0291.286] DeleteObject (ho=0x3c1007e1) returned 1
[0291.286] RestoreDC (hdc=0xfb0107bb, nSavedDC=-1) returned 1
[0291.286] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107bb) returned 0x0
[0291.286] GdipRestoreGraphics (graphics=0x6600030, state=0xf62a0dbd) returned 0x0
[0291.286] GdipDeleteRegion (region=0x6646328) returned 0x0
[0291.286] GetWindowTextLengthW (hWnd=0x2702ce) returned 232
[0291.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0291.286] GetSystemMetrics (nIndex=42) returned 0
[0291.286] GetWindowTextW (in: hWnd=0x2702ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0291.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0291.286] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0291.286] GetCurrentObject (hdc=0xfb0107bb, type=0x1) returned 0xb00017
[0291.287] GetCurrentObject (hdc=0xfb0107bb, type=0x2) returned 0x900010
[0291.287] GetCurrentObject (hdc=0xfb0107bb, type=0x7) returned 0xffffffffe80507d0
[0291.287] GetCurrentObject (hdc=0xfb0107bb, type=0x6) returned 0x8a01c2
[0291.287] SaveDC (hdc=0xfb0107bb) returned 1
[0291.287] GetNearestColor (hdc=0xfb0107bb, color=0x0) returned 0x0
[0291.287] RestoreDC (hdc=0xfb0107bb, nSavedDC=-1) returned 1
[0291.287] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107bb) returned 0x0
[0291.287] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0291.288] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0291.288] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d361b0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0291.288] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0291.288] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0291.288] GetCurrentObject (hdc=0xfb0107bb, type=0x1) returned 0xb00017
[0291.288] GetCurrentObject (hdc=0xfb0107bb, type=0x2) returned 0x900010
[0291.288] GetCurrentObject (hdc=0xfb0107bb, type=0x7) returned 0xffffffffe80507d0
[0291.288] GetCurrentObject (hdc=0xfb0107bb, type=0x6) returned 0x8a01c2
[0291.288] SaveDC (hdc=0xfb0107bb) returned 1
[0291.289] GetTextAlign (hdc=0xfb0107bb) returned 0x0
[0291.289] GetTextColor (hdc=0xfb0107bb) returned 0x0
[0291.289] GetCurrentObject (hdc=0xfb0107bb, type=0x6) returned 0x8a01c2
[0291.289] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0291.289] SelectObject (hdc=0xfb0107bb, h=0x6d0a0520) returned 0x8a01c2
[0291.289] GetBkMode (hdc=0xfb0107bb) returned 2
[0291.289] SetBkMode (hdc=0xfb0107bb, mode=1) returned 2
[0291.289] DrawTextExW (in: hdc=0xfb0107bb, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d363d4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0291.292] RestoreDC (hdc=0xfb0107bb, nSavedDC=-1) returned 1
[0291.292] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107bb) returned 0x0
[0291.292] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0291.292] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0xfb0107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.293] GdipReleaseDC (graphics=0x6600030, hdc=0xfb0107bb) returned 0x0
[0291.293] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.293] SelectObject (hdc=0xfb0107bb, h=0x85000f) returned 0xe80507d0
[0291.293] DeleteDC (hdc=0xfb0107bb) returned 1
[0291.293] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.293] DeleteObject (ho=0xe80507d0) returned 1
[0291.307] EndPaint (hWnd=0x2702ce, lpPaint=0xd7e258) returned 1
[0291.307] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.307] IsWindowUnicode (hWnd=0x3400ea) returned 1
[0291.307] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.307] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.308] SetCursor (hCursor=0x10003) returned 0x10003
[0291.308] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.308] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.308] _TrackMouseEvent (in: lpEventTrack=0x2d36410 | out: lpEventTrack=0x2d36410) returned 1
[0291.308] SendMessageW (hWnd=0x3400ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0291.308] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0291.308] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.308] GetKeyState (nVirtKey=1) returned 0
[0291.308] GetKeyState (nVirtKey=2) returned 0
[0291.308] GetKeyState (nVirtKey=4) returned 0
[0291.308] GetKeyState (nVirtKey=5) returned 0
[0291.308] GetKeyState (nVirtKey=6) returned 0
[0291.308] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.308] IsWindowUnicode (hWnd=0x3302d8) returned 1
[0291.309] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.309] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.309] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.309] BeginPaint (in: hWnd=0x3302d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0291.309] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.309] CreateCompatibleDC (hdc=0x60100ce) returned 0xea0107d0
[0291.309] SelectObject (hdc=0xea0107d0, h=0x4a0507fe) returned 0x85000f
[0291.309] GdipCreateFromHDC (hdc=0xea0107d0, graphics=0xd7e268) returned 0x0
[0291.310] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.310] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0291.310] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0291.310] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0291.310] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0291.310] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0291.310] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea60) returned 0x0
[0291.310] LocalFree (hMem=0x11eea60) returned 0x0
[0291.310] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0291.310] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0291.310] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0291.310] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0291.310] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0291.311] GdipRestoreGraphics (graphics=0x6600030, state=0xf6280dbd) returned 0x0
[0291.311] GdipDeleteRegion (region=0x6646958) returned 0x0
[0291.311] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0291.311] GetCurrentObject (hdc=0xea0107d0, type=0x1) returned 0xb00017
[0291.311] GetCurrentObject (hdc=0xea0107d0, type=0x2) returned 0x900010
[0291.311] GetCurrentObject (hdc=0xea0107d0, type=0x7) returned 0x4a0507fe
[0291.311] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.311] SaveDC (hdc=0xea0107d0) returned 1
[0291.311] GetNearestColor (hdc=0xea0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.311] GetNearestColor (hdc=0xea0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0291.311] GetNearestColor (hdc=0xea0107d0, color=0x696969) returned 0x696969
[0291.311] GetNearestColor (hdc=0xea0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0291.311] GetNearestColor (hdc=0xea0107d0, color=0x0) returned 0x0
[0291.311] GetNearestColor (hdc=0xea0107d0, color=0xffffff) returned 0xffffff
[0291.312] GetNearestColor (hdc=0xea0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0291.312] GetNearestColor (hdc=0xea0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0291.312] GetNearestColor (hdc=0xea0107d0, color=0x0) returned 0x0
[0291.312] RestoreDC (hdc=0xea0107d0, nSavedDC=-1) returned 1
[0291.312] GdipReleaseDC (graphics=0x6600030, hdc=0xea0107d0) returned 0x0
[0291.312] IsAppThemed () returned 0x1
[0291.312] GetThemeAppProperties () returned 0x3
[0291.312] GetThemeAppProperties () returned 0x3
[0291.312] GdipGetImageWidth (image=0x664fad8, width=0xd7e168) returned 0x0
[0291.312] GdipGetImageHeight (image=0x664fad8, height=0xd7e168) returned 0x0
[0291.312] IsAppThemed () returned 0x1
[0291.312] GetThemeAppProperties () returned 0x3
[0291.312] GetThemeAppProperties () returned 0x3
[0291.312] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d36b7c | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0291.313] IsAppThemed () returned 0x1
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] IsAppThemed () returned 0x1
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] GetFocus () returned 0x3302d8
[0291.313] IsAppThemed () returned 0x1
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] IsAppThemed () returned 0x1
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] IsThemePartDefined () returned 0x1
[0291.313] IsAppThemed () returned 0x1
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] GetThemeAppProperties () returned 0x3
[0291.313] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0291.313] IsAppThemed () returned 0x1
[0291.314] GetThemeAppProperties () returned 0x3
[0291.314] GetThemeAppProperties () returned 0x3
[0291.314] IsAppThemed () returned 0x1
[0291.314] GetThemeAppProperties () returned 0x3
[0291.314] GetThemeAppProperties () returned 0x3
[0291.314] IsThemePartDefined () returned 0x1
[0291.314] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0291.314] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0291.314] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0291.314] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0291.314] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dff0) returned 0x0
[0291.314] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.314] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0291.314] LocalFree (hMem=0x11eec58) returned 0x0
[0291.314] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0291.314] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0291.314] LocalFree (hMem=0x11ee9f0) returned 0x0
[0291.314] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0291.314] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0291.314] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0291.315] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0291.315] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0291.315] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0291.315] GetCurrentObject (hdc=0xea0107d0, type=0x1) returned 0xb00017
[0291.315] GetCurrentObject (hdc=0xea0107d0, type=0x2) returned 0x900010
[0291.315] GetCurrentObject (hdc=0xea0107d0, type=0x7) returned 0x4a0507fe
[0291.315] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.315] SaveDC (hdc=0xea0107d0) returned 1
[0291.315] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9a0407de
[0291.315] GetClipRgn (hdc=0xea0107d0, hrgn=0x9a0407de) returned 0
[0291.315] SelectClipRgn (hdc=0xea0107d0, hrgn=0x12040807) returned 2
[0291.315] DeleteObject (ho=0x9a0407de) returned 1
[0291.315] DeleteObject (ho=0x12040807) returned 1
[0291.315] OffsetViewportOrgEx (in: hdc=0xea0107d0, x=0, y=0, lppt=0x2d3722c | out: lppt=0x2d3722c) returned 1
[0291.315] DrawThemeParentBackground () returned 0x0
[0291.316] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0291.316] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0291.316] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.316] GetSystemMetrics (nIndex=42) returned 0
[0291.316] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.316] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0291.316] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0291.316] GetCurrentObject (hdc=0xea0107d0, type=0x1) returned 0xb00017
[0291.316] GetCurrentObject (hdc=0xea0107d0, type=0x2) returned 0x900010
[0291.316] GetCurrentObject (hdc=0xea0107d0, type=0x7) returned 0x4a0507fe
[0291.316] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.316] SaveDC (hdc=0xea0107d0) returned 2
[0291.316] GetNearestColor (hdc=0xea0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.316] CreateSolidBrush (color=0xf0f0f0) returned 0x3d1007e1
[0291.316] FillRect (hDC=0xea0107d0, lprc=0xd7da38, hbr=0x3d1007e1) returned 1
[0291.317] DeleteObject (ho=0x3d1007e1) returned 1
[0291.317] RestoreDC (hdc=0xea0107d0, nSavedDC=-1) returned 1
[0291.317] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.317] GetSystemMetrics (nIndex=42) returned 0
[0291.317] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0291.317] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0291.317] GetCurrentObject (hdc=0xea0107d0, type=0x1) returned 0xb00017
[0291.317] GetCurrentObject (hdc=0xea0107d0, type=0x2) returned 0x900010
[0291.317] GetCurrentObject (hdc=0xea0107d0, type=0x7) returned 0x4a0507fe
[0291.317] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.317] SaveDC (hdc=0xea0107d0) returned 2
[0291.317] GetNearestColor (hdc=0xea0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.317] CreateSolidBrush (color=0xf0f0f0) returned 0x3e1007e1
[0291.317] FillRect (hDC=0xea0107d0, lprc=0xd7d9d8, hbr=0x3e1007e1) returned 1
[0291.317] DeleteObject (ho=0x3e1007e1) returned 1
[0291.317] RestoreDC (hdc=0xea0107d0, nSavedDC=-1) returned 1
[0291.318] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.318] GetSystemMetrics (nIndex=42) returned 0
[0291.318] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0291.318] RestoreDC (hdc=0xea0107d0, nSavedDC=-1) returned 1
[0291.318] GdipReleaseDC (graphics=0x6600030, hdc=0xea0107d0) returned 0x0
[0291.318] IsAppThemed () returned 0x1
[0291.318] GetThemeAppProperties () returned 0x3
[0291.318] GetThemeAppProperties () returned 0x3
[0291.318] IsAppThemed () returned 0x1
[0291.318] GetThemeAppProperties () returned 0x3
[0291.318] GetThemeAppProperties () returned 0x3
[0291.318] IsThemePartDefined () returned 0x1
[0291.318] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0291.318] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0291.318] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0291.319] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0291.319] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0291.319] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0291.319] LocalFree (hMem=0x11eec58) returned 0x0
[0291.319] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0291.319] LocalFree (hMem=0x11ee868) returned 0x0
[0291.319] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0291.319] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0291.319] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0291.319] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0291.319] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0291.319] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0291.319] GetCurrentObject (hdc=0xea0107d0, type=0x1) returned 0xb00017
[0291.319] GetCurrentObject (hdc=0xea0107d0, type=0x2) returned 0x900010
[0291.319] GetCurrentObject (hdc=0xea0107d0, type=0x7) returned 0x4a0507fe
[0291.319] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.319] SaveDC (hdc=0xea0107d0) returned 1
[0291.319] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x13040807
[0291.320] GetClipRgn (hdc=0xea0107d0, hrgn=0x13040807) returned 0
[0291.320] SelectClipRgn (hdc=0xea0107d0, hrgn=0x9c0407de) returned 2
[0291.320] DeleteObject (ho=0x13040807) returned 1
[0291.320] DeleteObject (ho=0x9c0407de) returned 1
[0291.320] OffsetViewportOrgEx (in: hdc=0xea0107d0, x=0, y=0, lppt=0x2d37ad8 | out: lppt=0x2d37ad8) returned 1
[0291.320] IsAppThemed () returned 0x1
[0291.320] GetThemeAppProperties () returned 0x3
[0291.320] GetThemeAppProperties () returned 0x3
[0291.320] DrawThemeBackground () returned 0x0
[0291.320] RestoreDC (hdc=0xea0107d0, nSavedDC=-1) returned 1
[0291.320] GdipReleaseDC (graphics=0x6600030, hdc=0xea0107d0) returned 0x0
[0291.320] GdipCreateRegion (region=0xd7df60) returned 0x0
[0291.320] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0291.320] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0291.320] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0291.320] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0291.320] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.321] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0291.321] LocalFree (hMem=0x11eec58) returned 0x0
[0291.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.321] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0291.321] LocalFree (hMem=0x11ee868) returned 0x0
[0291.321] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0291.321] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0291.321] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0291.321] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0291.321] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0291.321] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0291.321] GetCurrentObject (hdc=0xea0107d0, type=0x1) returned 0xb00017
[0291.321] GetCurrentObject (hdc=0xea0107d0, type=0x2) returned 0x900010
[0291.321] GetCurrentObject (hdc=0xea0107d0, type=0x7) returned 0x4a0507fe
[0291.321] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.321] SaveDC (hdc=0xea0107d0) returned 1
[0291.322] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9d0407de
[0291.322] GetClipRgn (hdc=0xea0107d0, hrgn=0x9d0407de) returned 0
[0291.322] SelectClipRgn (hdc=0xea0107d0, hrgn=0x14040807) returned 2
[0291.322] DeleteObject (ho=0x9d0407de) returned 1
[0291.322] DeleteObject (ho=0x14040807) returned 1
[0291.322] OffsetViewportOrgEx (in: hdc=0xea0107d0, x=0, y=0, lppt=0x2d37dac | out: lppt=0x2d37dac) returned 1
[0291.322] IsAppThemed () returned 0x1
[0291.322] GetThemeAppProperties () returned 0x3
[0291.322] GetThemeAppProperties () returned 0x3
[0291.322] GetThemeBackgroundContentRect () returned 0x0
[0291.322] RestoreDC (hdc=0xea0107d0, nSavedDC=-1) returned 1
[0291.322] GdipReleaseDC (graphics=0x6600030, hdc=0xea0107d0) returned 0x0
[0291.322] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0291.322] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0291.322] GdipCloneRegion (region=0x6646cb8, cloneRegion=0xd7e150) returned 0x0
[0291.322] GdipCombineRegionRectI (region=0x6646f88, rect=0xd7e138, combineMode=0x1) returned 0x0
[0291.322] GdipCombineRegionRectI (region=0x6646f88, rect=0xd7e138, combineMode=0x1) returned 0x0
[0291.323] GdipSetClipRegion (graphics=0x6600030, region=0x6646f88, combineMode=0x0) returned 0x0
[0291.323] GdipGetImageWidth (image=0x664fad8, width=0xd7e154) returned 0x0
[0291.323] GdipGetImageHeight (image=0x664fad8, height=0xd7e148) returned 0x0
[0291.323] GdipDrawImageRectI (graphics=0x6600030, image=0x664fad8, x=4, y=4, width=16, height=16) returned 0x0
[0291.323] GdipSetClipRegion (graphics=0x6600030, region=0x6646cb8, combineMode=0x0) returned 0x0
[0291.323] IsAppThemed () returned 0x1
[0291.323] GetThemeAppProperties () returned 0x3
[0291.323] GetThemeAppProperties () returned 0x3
[0291.323] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0291.323] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0291.323] GetCurrentObject (hdc=0xea0107d0, type=0x1) returned 0xb00017
[0291.323] GetCurrentObject (hdc=0xea0107d0, type=0x2) returned 0x900010
[0291.323] GetCurrentObject (hdc=0xea0107d0, type=0x7) returned 0x4a0507fe
[0291.323] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.323] SaveDC (hdc=0xea0107d0) returned 1
[0291.323] GetTextAlign (hdc=0xea0107d0) returned 0x0
[0291.323] GetTextColor (hdc=0xea0107d0) returned 0x0
[0291.324] GetCurrentObject (hdc=0xea0107d0, type=0x6) returned 0x8a01c2
[0291.324] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0291.324] SelectObject (hdc=0xea0107d0, h=0x6d0a0520) returned 0x8a01c2
[0291.324] GetBkMode (hdc=0xea0107d0) returned 2
[0291.324] SetBkMode (hdc=0xea0107d0, mode=1) returned 2
[0291.324] DrawTextExW (in: hdc=0xea0107d0, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d3816c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0291.324] DrawTextExW (in: hdc=0xea0107d0, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d3816c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0291.325] RestoreDC (hdc=0xea0107d0, nSavedDC=-1) returned 1
[0291.325] GdipReleaseDC (graphics=0x6600030, hdc=0xea0107d0) returned 0x0
[0291.325] GetFocus () returned 0x3302d8
[0291.325] IsAppThemed () returned 0x1
[0291.332] GetThemeAppProperties () returned 0x3
[0291.332] GetThemeAppProperties () returned 0x3
[0291.332] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0291.332] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xea0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.332] GdipReleaseDC (graphics=0x6600030, hdc=0xea0107d0) returned 0x0
[0291.332] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.332] SelectObject (hdc=0xea0107d0, h=0x85000f) returned 0x4a0507fe
[0291.332] DeleteDC (hdc=0xea0107d0) returned 1
[0291.332] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.332] EndPaint (hWnd=0x3302d8, lpPaint=0xd7e24c) returned 1
[0291.333] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.333] IsWindowUnicode (hWnd=0x3400ea) returned 1
[0291.333] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.333] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.333] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.333] BeginPaint (in: hWnd=0x3400ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0291.333] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.333] CreateCompatibleDC (hdc=0x10105d6) returned 0xec0107d0
[0291.333] SelectObject (hdc=0xec0107d0, h=0x4a0507fe) returned 0x85000f
[0291.334] GdipCreateFromHDC (hdc=0xec0107d0, graphics=0xd7e268) returned 0x0
[0291.334] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.334] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0291.334] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0291.334] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0291.334] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0291.334] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.334] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0291.334] LocalFree (hMem=0x11ee868) returned 0x0
[0291.334] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0291.334] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0291.334] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0291.334] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0291.334] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0291.334] GdipRestoreGraphics (graphics=0x6600030, state=0xf6260dbd) returned 0x0
[0291.335] GdipDeleteRegion (region=0x6646688) returned 0x0
[0291.335] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0291.335] GetCurrentObject (hdc=0xec0107d0, type=0x1) returned 0xb00017
[0291.335] GetCurrentObject (hdc=0xec0107d0, type=0x2) returned 0x900010
[0291.335] GetCurrentObject (hdc=0xec0107d0, type=0x7) returned 0x4a0507fe
[0291.335] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.335] SaveDC (hdc=0xec0107d0) returned 1
[0291.335] GetNearestColor (hdc=0xec0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.335] GetNearestColor (hdc=0xec0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0291.335] GetNearestColor (hdc=0xec0107d0, color=0x696969) returned 0x696969
[0291.335] GetNearestColor (hdc=0xec0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0291.335] GetNearestColor (hdc=0xec0107d0, color=0x0) returned 0x0
[0291.335] GetNearestColor (hdc=0xec0107d0, color=0xffffff) returned 0xffffff
[0291.335] GetNearestColor (hdc=0xec0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0291.336] GetNearestColor (hdc=0xec0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0291.336] GetNearestColor (hdc=0xec0107d0, color=0x0) returned 0x0
[0291.336] RestoreDC (hdc=0xec0107d0, nSavedDC=-1) returned 1
[0291.336] GdipReleaseDC (graphics=0x6600030, hdc=0xec0107d0) returned 0x0
[0291.336] IsAppThemed () returned 0x1
[0291.336] GetThemeAppProperties () returned 0x3
[0291.336] GetThemeAppProperties () returned 0x3
[0291.336] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0291.336] SendMessageW (hWnd=0x2602d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0291.336] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0291.336] IsAppThemed () returned 0x1
[0291.336] GetThemeAppProperties () returned 0x3
[0291.336] GetThemeAppProperties () returned 0x3
[0291.336] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d3897c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0291.337] IsAppThemed () returned 0x1
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] IsAppThemed () returned 0x1
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] IsAppThemed () returned 0x1
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] IsAppThemed () returned 0x1
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] IsThemePartDefined () returned 0x1
[0291.337] IsAppThemed () returned 0x1
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0291.337] IsAppThemed () returned 0x1
[0291.337] GetThemeAppProperties () returned 0x3
[0291.337] GetThemeAppProperties () returned 0x3
[0291.338] IsAppThemed () returned 0x1
[0291.338] GetThemeAppProperties () returned 0x3
[0291.338] GetThemeAppProperties () returned 0x3
[0291.338] IsThemePartDefined () returned 0x1
[0291.338] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0291.338] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0291.338] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0291.338] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0291.338] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dfe4) returned 0x0
[0291.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.338] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0291.338] LocalFree (hMem=0x11eec58) returned 0x0
[0291.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.338] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0291.338] LocalFree (hMem=0x11eec58) returned 0x0
[0291.338] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0291.338] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0291.338] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0291.338] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0291.339] GdipDeleteRegion (region=0x6646568) returned 0x0
[0291.339] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0291.339] GetCurrentObject (hdc=0xec0107d0, type=0x1) returned 0xb00017
[0291.339] GetCurrentObject (hdc=0xec0107d0, type=0x2) returned 0x900010
[0291.339] GetCurrentObject (hdc=0xec0107d0, type=0x7) returned 0x4a0507fe
[0291.339] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.339] SaveDC (hdc=0xec0107d0) returned 1
[0291.339] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x15040807
[0291.339] GetClipRgn (hdc=0xec0107d0, hrgn=0x15040807) returned 0
[0291.339] SelectClipRgn (hdc=0xec0107d0, hrgn=0xa10407de) returned 2
[0291.339] DeleteObject (ho=0x15040807) returned 1
[0291.339] DeleteObject (ho=0xa10407de) returned 1
[0291.339] OffsetViewportOrgEx (in: hdc=0xec0107d0, x=0, y=0, lppt=0x2d3902c | out: lppt=0x2d3902c) returned 1
[0291.339] DrawThemeParentBackground () returned 0x0
[0291.340] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0291.340] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0291.340] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.340] GetSystemMetrics (nIndex=42) returned 0
[0291.340] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0291.340] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0291.340] GetCurrentObject (hdc=0xec0107d0, type=0x1) returned 0xb00017
[0291.340] GetCurrentObject (hdc=0xec0107d0, type=0x2) returned 0x900010
[0291.340] GetCurrentObject (hdc=0xec0107d0, type=0x7) returned 0x4a0507fe
[0291.340] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.340] SaveDC (hdc=0xec0107d0) returned 2
[0291.340] GetNearestColor (hdc=0xec0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.340] CreateSolidBrush (color=0xf0f0f0) returned 0x3f1007e1
[0291.340] FillRect (hDC=0xec0107d0, lprc=0xd7da30, hbr=0x3f1007e1) returned 1
[0291.340] DeleteObject (ho=0x3f1007e1) returned 1
[0291.345] RestoreDC (hdc=0xec0107d0, nSavedDC=-1) returned 1
[0291.345] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.345] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.345] GetSystemMetrics (nIndex=42) returned 0
[0291.345] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.345] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0291.345] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0291.345] GetCurrentObject (hdc=0xec0107d0, type=0x1) returned 0xb00017
[0291.345] GetCurrentObject (hdc=0xec0107d0, type=0x2) returned 0x900010
[0291.345] GetCurrentObject (hdc=0xec0107d0, type=0x7) returned 0x4a0507fe
[0291.345] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.345] SaveDC (hdc=0xec0107d0) returned 2
[0291.346] GetNearestColor (hdc=0xec0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.346] CreateSolidBrush (color=0xf0f0f0) returned 0x401007e1
[0291.346] FillRect (hDC=0xec0107d0, lprc=0xd7d9d0, hbr=0x401007e1) returned 1
[0291.346] DeleteObject (ho=0x401007e1) returned 1
[0291.346] RestoreDC (hdc=0xec0107d0, nSavedDC=-1) returned 1
[0291.346] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.346] GetSystemMetrics (nIndex=42) returned 0
[0291.346] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.346] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0291.346] RestoreDC (hdc=0xec0107d0, nSavedDC=-1) returned 1
[0291.346] GdipReleaseDC (graphics=0x6600030, hdc=0xec0107d0) returned 0x0
[0291.346] IsAppThemed () returned 0x1
[0291.347] GetThemeAppProperties () returned 0x3
[0291.347] GetThemeAppProperties () returned 0x3
[0291.347] IsAppThemed () returned 0x1
[0291.347] GetThemeAppProperties () returned 0x3
[0291.347] GetThemeAppProperties () returned 0x3
[0291.347] IsThemePartDefined () returned 0x1
[0291.347] GdipCreateRegion (region=0xd7df50) returned 0x0
[0291.347] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0291.347] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0291.347] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0291.347] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df68) returned 0x0
[0291.347] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.347] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0291.347] LocalFree (hMem=0x11ee868) returned 0x0
[0291.347] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0291.347] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0291.347] LocalFree (hMem=0x11ee9f0) returned 0x0
[0291.347] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0291.347] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0291.348] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0291.348] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0291.348] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0291.348] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0291.348] GetCurrentObject (hdc=0xec0107d0, type=0x1) returned 0xb00017
[0291.348] GetCurrentObject (hdc=0xec0107d0, type=0x2) returned 0x900010
[0291.348] GetCurrentObject (hdc=0xec0107d0, type=0x7) returned 0x4a0507fe
[0291.348] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.348] SaveDC (hdc=0xec0107d0) returned 1
[0291.348] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa20407de
[0291.348] GetClipRgn (hdc=0xec0107d0, hrgn=0xa20407de) returned 0
[0291.348] SelectClipRgn (hdc=0xec0107d0, hrgn=0x17040807) returned 2
[0291.348] DeleteObject (ho=0xa20407de) returned 1
[0291.348] DeleteObject (ho=0x17040807) returned 1
[0291.348] OffsetViewportOrgEx (in: hdc=0xec0107d0, x=0, y=0, lppt=0x2d398d8 | out: lppt=0x2d398d8) returned 1
[0291.348] IsAppThemed () returned 0x1
[0291.349] GetThemeAppProperties () returned 0x3
[0291.349] GetThemeAppProperties () returned 0x3
[0291.349] DrawThemeBackground () returned 0x0
[0291.349] RestoreDC (hdc=0xec0107d0, nSavedDC=-1) returned 1
[0291.349] GdipReleaseDC (graphics=0x6600030, hdc=0xec0107d0) returned 0x0
[0291.349] GdipCreateRegion (region=0xd7df54) returned 0x0
[0291.349] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0291.349] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0291.349] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0291.349] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df6c) returned 0x0
[0291.349] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.349] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0291.349] LocalFree (hMem=0x11eec58) returned 0x0
[0291.349] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0291.349] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea28) returned 0x0
[0291.349] LocalFree (hMem=0x11eea28) returned 0x0
[0291.349] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0291.349] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df94) returned 0x0
[0291.350] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df84) returned 0x0
[0291.350] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0291.350] GdipDeleteRegion (region=0x6646328) returned 0x0
[0291.350] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0291.350] GetCurrentObject (hdc=0xec0107d0, type=0x1) returned 0xb00017
[0291.350] GetCurrentObject (hdc=0xec0107d0, type=0x2) returned 0x900010
[0291.350] GetCurrentObject (hdc=0xec0107d0, type=0x7) returned 0x4a0507fe
[0291.350] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.350] SaveDC (hdc=0xec0107d0) returned 1
[0291.350] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x18040807
[0291.350] GetClipRgn (hdc=0xec0107d0, hrgn=0x18040807) returned 0
[0291.350] SelectClipRgn (hdc=0xec0107d0, hrgn=0xa30407de) returned 2
[0291.350] DeleteObject (ho=0x18040807) returned 1
[0291.350] DeleteObject (ho=0xa30407de) returned 1
[0291.350] OffsetViewportOrgEx (in: hdc=0xec0107d0, x=0, y=0, lppt=0x2d39bac | out: lppt=0x2d39bac) returned 1
[0291.350] IsAppThemed () returned 0x1
[0291.351] GetThemeAppProperties () returned 0x3
[0291.351] GetThemeAppProperties () returned 0x3
[0291.351] GetThemeBackgroundContentRect () returned 0x0
[0291.351] RestoreDC (hdc=0xec0107d0, nSavedDC=-1) returned 1
[0291.351] GdipReleaseDC (graphics=0x6600030, hdc=0xec0107d0) returned 0x0
[0291.351] IsAppThemed () returned 0x1
[0291.351] GetThemeAppProperties () returned 0x3
[0291.351] GetThemeAppProperties () returned 0x3
[0291.351] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0291.351] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0291.351] GetCurrentObject (hdc=0xec0107d0, type=0x1) returned 0xb00017
[0291.351] GetCurrentObject (hdc=0xec0107d0, type=0x2) returned 0x900010
[0291.351] GetCurrentObject (hdc=0xec0107d0, type=0x7) returned 0x4a0507fe
[0291.351] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.351] SaveDC (hdc=0xec0107d0) returned 1
[0291.351] GetTextAlign (hdc=0xec0107d0) returned 0x0
[0291.351] GetTextColor (hdc=0xec0107d0) returned 0x0
[0291.351] GetCurrentObject (hdc=0xec0107d0, type=0x6) returned 0x8a01c2
[0291.352] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0291.352] SelectObject (hdc=0xec0107d0, h=0x6d0a0520) returned 0x8a01c2
[0291.352] GetBkMode (hdc=0xec0107d0) returned 2
[0291.352] SetBkMode (hdc=0xec0107d0, mode=1) returned 2
[0291.352] DrawTextExW (in: hdc=0xec0107d0, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d39f4c | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0291.352] DrawTextExW (in: hdc=0xec0107d0, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d39f4c | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0291.353] RestoreDC (hdc=0xec0107d0, nSavedDC=-1) returned 1
[0291.353] GdipReleaseDC (graphics=0x6600030, hdc=0xec0107d0) returned 0x0
[0291.353] GetFocus () returned 0x3302d8
[0291.353] IsAppThemed () returned 0x1
[0291.353] GetThemeAppProperties () returned 0x3
[0291.353] GetThemeAppProperties () returned 0x3
[0291.353] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0291.353] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xec0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.353] GdipReleaseDC (graphics=0x6600030, hdc=0xec0107d0) returned 0x0
[0291.353] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.353] SelectObject (hdc=0xec0107d0, h=0x85000f) returned 0x4a0507fe
[0291.353] DeleteDC (hdc=0xec0107d0) returned 1
[0291.353] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.354] EndPaint (hWnd=0x3400ea, lpPaint=0xd7e24c) returned 1
[0291.354] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.354] IsWindowUnicode (hWnd=0x3102dc) returned 1
[0291.354] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.354] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.354] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.354] BeginPaint (in: hWnd=0x3102dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0291.354] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.354] CreateCompatibleDC (hdc=0xf0105ee) returned 0xee0107d0
[0291.354] SelectObject (hdc=0xee0107d0, h=0x4a0507fe) returned 0x85000f
[0291.354] GdipCreateFromHDC (hdc=0xee0107d0, graphics=0xd7e268) returned 0x0
[0291.355] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.355] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0291.355] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0291.355] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0291.355] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0291.355] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.355] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0291.355] LocalFree (hMem=0x11eec58) returned 0x0
[0291.355] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0291.355] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0291.355] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0291.355] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0291.355] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0291.355] GdipRestoreGraphics (graphics=0x6600030, state=0xf6240dbd) returned 0x0
[0291.355] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0291.355] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0291.356] GetCurrentObject (hdc=0xee0107d0, type=0x1) returned 0xb00017
[0291.356] GetCurrentObject (hdc=0xee0107d0, type=0x2) returned 0x900010
[0291.356] GetCurrentObject (hdc=0xee0107d0, type=0x7) returned 0x4a0507fe
[0291.356] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.356] SaveDC (hdc=0xee0107d0) returned 1
[0291.356] GetNearestColor (hdc=0xee0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.356] GetNearestColor (hdc=0xee0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0291.356] GetNearestColor (hdc=0xee0107d0, color=0x696969) returned 0x696969
[0291.356] GetNearestColor (hdc=0xee0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0291.356] GetNearestColor (hdc=0xee0107d0, color=0x0) returned 0x0
[0291.362] GetNearestColor (hdc=0xee0107d0, color=0xffffff) returned 0xffffff
[0291.362] GetNearestColor (hdc=0xee0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0291.362] GetNearestColor (hdc=0xee0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0291.363] GetNearestColor (hdc=0xee0107d0, color=0x0) returned 0x0
[0291.363] RestoreDC (hdc=0xee0107d0, nSavedDC=-1) returned 1
[0291.363] GdipReleaseDC (graphics=0x6600030, hdc=0xee0107d0) returned 0x0
[0291.363] IsAppThemed () returned 0x1
[0291.363] GetThemeAppProperties () returned 0x3
[0291.363] GetThemeAppProperties () returned 0x3
[0291.363] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0291.363] SendMessageW (hWnd=0x2602d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0291.363] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0291.363] IsAppThemed () returned 0x1
[0291.363] GetThemeAppProperties () returned 0x3
[0291.363] GetThemeAppProperties () returned 0x3
[0291.363] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d3a75c | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0291.364] IsAppThemed () returned 0x1
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] IsAppThemed () returned 0x1
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] GetFocus () returned 0x3302d8
[0291.364] IsAppThemed () returned 0x1
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] IsAppThemed () returned 0x1
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] IsThemePartDefined () returned 0x1
[0291.364] IsAppThemed () returned 0x1
[0291.364] GetThemeAppProperties () returned 0x3
[0291.364] GetThemeAppProperties () returned 0x3
[0291.365] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0291.365] IsAppThemed () returned 0x1
[0291.365] GetThemeAppProperties () returned 0x3
[0291.365] GetThemeAppProperties () returned 0x3
[0291.365] IsAppThemed () returned 0x1
[0291.365] GetThemeAppProperties () returned 0x3
[0291.365] GetThemeAppProperties () returned 0x3
[0291.365] IsThemePartDefined () returned 0x1
[0291.365] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0291.365] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0291.365] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0291.365] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0291.365] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dff0) returned 0x0
[0291.365] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0291.365] LocalFree (hMem=0x11ee9f0) returned 0x0
[0291.365] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0291.365] LocalFree (hMem=0x11ee9f0) returned 0x0
[0291.365] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0291.365] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e018) returned 0x0
[0291.365] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e008) returned 0x0
[0291.366] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0291.366] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0291.366] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0291.366] GetCurrentObject (hdc=0xee0107d0, type=0x1) returned 0xb00017
[0291.366] GetCurrentObject (hdc=0xee0107d0, type=0x2) returned 0x900010
[0291.366] GetCurrentObject (hdc=0xee0107d0, type=0x7) returned 0x4a0507fe
[0291.366] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.366] SaveDC (hdc=0xee0107d0) returned 1
[0291.366] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa40407de
[0291.366] GetClipRgn (hdc=0xee0107d0, hrgn=0xa40407de) returned 0
[0291.366] SelectClipRgn (hdc=0xee0107d0, hrgn=0x1c040807) returned 2
[0291.366] DeleteObject (ho=0xa40407de) returned 1
[0291.366] DeleteObject (ho=0x1c040807) returned 1
[0291.366] OffsetViewportOrgEx (in: hdc=0xee0107d0, x=0, y=0, lppt=0x2d3ae0c | out: lppt=0x2d3ae0c) returned 1
[0291.366] DrawThemeParentBackground () returned 0x0
[0291.367] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0291.367] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0291.367] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.367] GetSystemMetrics (nIndex=42) returned 0
[0291.367] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0291.367] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0291.367] GetCurrentObject (hdc=0xee0107d0, type=0x1) returned 0xb00017
[0291.367] GetCurrentObject (hdc=0xee0107d0, type=0x2) returned 0x900010
[0291.367] GetCurrentObject (hdc=0xee0107d0, type=0x7) returned 0x4a0507fe
[0291.367] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.367] SaveDC (hdc=0xee0107d0) returned 2
[0291.367] GetNearestColor (hdc=0xee0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.367] CreateSolidBrush (color=0xf0f0f0) returned 0x411007e1
[0291.367] FillRect (hDC=0xee0107d0, lprc=0xd7da38, hbr=0x411007e1) returned 1
[0291.367] DeleteObject (ho=0x411007e1) returned 1
[0291.368] RestoreDC (hdc=0xee0107d0, nSavedDC=-1) returned 1
[0291.368] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.368] GetSystemMetrics (nIndex=42) returned 0
[0291.368] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.368] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0291.368] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0291.368] GetCurrentObject (hdc=0xee0107d0, type=0x1) returned 0xb00017
[0291.368] GetCurrentObject (hdc=0xee0107d0, type=0x2) returned 0x900010
[0291.368] GetCurrentObject (hdc=0xee0107d0, type=0x7) returned 0x4a0507fe
[0291.368] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.368] SaveDC (hdc=0xee0107d0) returned 2
[0291.368] GetNearestColor (hdc=0xee0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0291.368] CreateSolidBrush (color=0xf0f0f0) returned 0x421007e1
[0291.368] FillRect (hDC=0xee0107d0, lprc=0xd7d9d8, hbr=0x421007e1) returned 1
[0291.368] DeleteObject (ho=0x421007e1) returned 1
[0291.369] RestoreDC (hdc=0xee0107d0, nSavedDC=-1) returned 1
[0291.369] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.369] GetSystemMetrics (nIndex=42) returned 0
[0291.369] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0291.369] RestoreDC (hdc=0xee0107d0, nSavedDC=-1) returned 1
[0291.369] GdipReleaseDC (graphics=0x6600030, hdc=0xee0107d0) returned 0x0
[0291.369] IsAppThemed () returned 0x1
[0291.369] GetThemeAppProperties () returned 0x3
[0291.369] GetThemeAppProperties () returned 0x3
[0291.369] IsAppThemed () returned 0x1
[0291.369] GetThemeAppProperties () returned 0x3
[0291.369] GetThemeAppProperties () returned 0x3
[0291.369] IsThemePartDefined () returned 0x1
[0291.369] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0291.370] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0291.370] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0291.370] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0291.370] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0291.370] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.370] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0291.370] LocalFree (hMem=0x11ee868) returned 0x0
[0291.370] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.370] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0291.370] LocalFree (hMem=0x11ee868) returned 0x0
[0291.370] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0291.370] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0291.370] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0291.370] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0291.370] GdipDeleteRegion (region=0x6646328) returned 0x0
[0291.370] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0291.370] GetCurrentObject (hdc=0xee0107d0, type=0x1) returned 0xb00017
[0291.370] GetCurrentObject (hdc=0xee0107d0, type=0x2) returned 0x900010
[0291.371] GetCurrentObject (hdc=0xee0107d0, type=0x7) returned 0x4a0507fe
[0291.371] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.371] SaveDC (hdc=0xee0107d0) returned 1
[0291.371] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1d040807
[0291.371] GetClipRgn (hdc=0xee0107d0, hrgn=0x1d040807) returned 0
[0291.371] SelectClipRgn (hdc=0xee0107d0, hrgn=0xa60407de) returned 2
[0291.371] DeleteObject (ho=0x1d040807) returned 1
[0291.371] DeleteObject (ho=0xa60407de) returned 1
[0291.371] OffsetViewportOrgEx (in: hdc=0xee0107d0, x=0, y=0, lppt=0x2d3b6b8 | out: lppt=0x2d3b6b8) returned 1
[0291.371] IsAppThemed () returned 0x1
[0291.371] GetThemeAppProperties () returned 0x3
[0291.371] GetThemeAppProperties () returned 0x3
[0291.371] DrawThemeBackground () returned 0x0
[0291.371] RestoreDC (hdc=0xee0107d0, nSavedDC=-1) returned 1
[0291.372] GdipReleaseDC (graphics=0x6600030, hdc=0xee0107d0) returned 0x0
[0291.372] GdipCreateRegion (region=0xd7df60) returned 0x0
[0291.372] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0291.372] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0291.372] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0291.408] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df78) returned 0x0
[0291.408] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.408] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0291.408] LocalFree (hMem=0x11eec58) returned 0x0
[0291.408] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0291.408] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0291.408] LocalFree (hMem=0x11ee8d8) returned 0x0
[0291.408] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0291.408] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0291.408] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df90) returned 0x0
[0291.408] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0291.408] GdipDeleteRegion (region=0x6646328) returned 0x0
[0291.408] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0291.408] GetCurrentObject (hdc=0xee0107d0, type=0x1) returned 0xb00017
[0291.409] GetCurrentObject (hdc=0xee0107d0, type=0x2) returned 0x900010
[0291.409] GetCurrentObject (hdc=0xee0107d0, type=0x7) returned 0x4a0507fe
[0291.409] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.409] SaveDC (hdc=0xee0107d0) returned 1
[0291.409] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa70407de
[0291.409] GetClipRgn (hdc=0xee0107d0, hrgn=0xa70407de) returned 0
[0291.409] SelectClipRgn (hdc=0xee0107d0, hrgn=0x1e040807) returned 2
[0291.409] DeleteObject (ho=0xa70407de) returned 1
[0291.409] DeleteObject (ho=0x1e040807) returned 1
[0291.409] OffsetViewportOrgEx (in: hdc=0xee0107d0, x=0, y=0, lppt=0x2d3b98c | out: lppt=0x2d3b98c) returned 1
[0291.409] IsAppThemed () returned 0x1
[0291.409] GetThemeAppProperties () returned 0x3
[0291.409] GetThemeAppProperties () returned 0x3
[0291.409] GetThemeBackgroundContentRect () returned 0x0
[0291.409] RestoreDC (hdc=0xee0107d0, nSavedDC=-1) returned 1
[0291.410] GdipReleaseDC (graphics=0x6600030, hdc=0xee0107d0) returned 0x0
[0291.410] IsAppThemed () returned 0x1
[0291.410] GetThemeAppProperties () returned 0x3
[0291.410] GetThemeAppProperties () returned 0x3
[0291.410] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0291.410] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0291.410] GetCurrentObject (hdc=0xee0107d0, type=0x1) returned 0xb00017
[0291.410] GetCurrentObject (hdc=0xee0107d0, type=0x2) returned 0x900010
[0291.410] GetCurrentObject (hdc=0xee0107d0, type=0x7) returned 0x4a0507fe
[0291.410] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.410] SaveDC (hdc=0xee0107d0) returned 1
[0291.410] GetTextAlign (hdc=0xee0107d0) returned 0x0
[0291.410] GetTextColor (hdc=0xee0107d0) returned 0x0
[0291.410] GetCurrentObject (hdc=0xee0107d0, type=0x6) returned 0x8a01c2
[0291.410] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0291.411] SelectObject (hdc=0xee0107d0, h=0x6d0a0520) returned 0x8a01c2
[0291.411] GetBkMode (hdc=0xee0107d0) returned 2
[0291.411] SetBkMode (hdc=0xee0107d0, mode=1) returned 2
[0291.411] DrawTextExW (in: hdc=0xee0107d0, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d3bd2c | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0291.411] DrawTextExW (in: hdc=0xee0107d0, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d3bd2c | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0291.411] RestoreDC (hdc=0xee0107d0, nSavedDC=-1) returned 1
[0291.411] GdipReleaseDC (graphics=0x6600030, hdc=0xee0107d0) returned 0x0
[0291.412] GetFocus () returned 0x3302d8
[0291.412] IsAppThemed () returned 0x1
[0291.412] GetThemeAppProperties () returned 0x3
[0291.412] GetThemeAppProperties () returned 0x3
[0291.412] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0291.412] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xee0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.412] GdipReleaseDC (graphics=0x6600030, hdc=0xee0107d0) returned 0x0
[0291.412] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.412] SelectObject (hdc=0xee0107d0, h=0x85000f) returned 0x4a0507fe
[0291.412] DeleteDC (hdc=0xee0107d0) returned 1
[0291.412] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.412] EndPaint (hWnd=0x3102dc, lpPaint=0xd7e24c) returned 1
[0291.413] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0291.414] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.414] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.414] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0291.414] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.414] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.415] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.415] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0291.416] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.416] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.416] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.416] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.416] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.417] IsWindowUnicode (hWnd=0x602c4) returned 1
[0291.417] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.417] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.417] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.417] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0291.417] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.418] CreateCompatibleDC (hdc=0x60100ce) returned 0xf00107d0
[0291.418] SelectObject (hdc=0xf00107d0, h=0x4a0507fe) returned 0x85000f
[0291.418] GdipCreateFromHDC (hdc=0xf00107d0, graphics=0xd7e268) returned 0x0
[0291.418] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.418] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0291.418] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0291.418] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0291.418] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e2c8) returned 0x0
[0291.418] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0291.418] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea98) returned 0x0
[0291.418] LocalFree (hMem=0x11eea98) returned 0x0
[0291.418] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0291.418] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0291.419] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0291.419] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0291.419] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0291.419] GdipRestoreGraphics (graphics=0x6600030, state=0xf6220dbd) returned 0x0
[0291.419] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0291.419] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0291.419] GetCurrentObject (hdc=0xf00107d0, type=0x1) returned 0xb00017
[0291.419] GetCurrentObject (hdc=0xf00107d0, type=0x2) returned 0x900010
[0291.419] GetCurrentObject (hdc=0xf00107d0, type=0x7) returned 0x4a0507fe
[0291.419] GetCurrentObject (hdc=0xf00107d0, type=0x6) returned 0x8a01c2
[0291.419] SaveDC (hdc=0xf00107d0) returned 1
[0291.419] GetNearestColor (hdc=0xf00107d0, color=0xff) returned 0xff
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0x55) returned 0x55
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0x0) returned 0x0
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0x55) returned 0x55
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0x0) returned 0x0
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0x8080ff) returned 0x8080ff
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0x7373e5) returned 0x7373e5
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0xe5) returned 0xe5
[0291.420] GetNearestColor (hdc=0xf00107d0, color=0x0) returned 0x0
[0291.420] RestoreDC (hdc=0xf00107d0, nSavedDC=-1) returned 1
[0291.420] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107d0) returned 0x0
[0291.420] IsAppThemed () returned 0x1
[0291.420] GetThemeAppProperties () returned 0x3
[0291.420] GetThemeAppProperties () returned 0x3
[0291.420] IsAppThemed () returned 0x1
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d3c4f4 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0291.421] IsAppThemed () returned 0x1
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] IsAppThemed () returned 0x1
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] GetFocus () returned 0x3302d8
[0291.421] IsAppThemed () returned 0x1
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] GetThemeAppProperties () returned 0x3
[0291.421] IsAppThemed () returned 0x1
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] IsThemePartDefined () returned 0x1
[0291.422] IsAppThemed () returned 0x1
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0291.422] IsAppThemed () returned 0x1
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] IsAppThemed () returned 0x1
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] GetThemeAppProperties () returned 0x3
[0291.422] IsThemePartDefined () returned 0x1
[0291.422] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0291.422] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0291.422] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0291.422] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0291.422] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0291.422] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.422] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0291.422] LocalFree (hMem=0x11eec58) returned 0x0
[0291.423] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.423] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0291.423] LocalFree (hMem=0x11ee868) returned 0x0
[0291.423] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0291.423] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0291.423] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0291.423] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0291.423] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0291.423] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0291.423] GetCurrentObject (hdc=0xf00107d0, type=0x1) returned 0xb00017
[0291.423] GetCurrentObject (hdc=0xf00107d0, type=0x2) returned 0x900010
[0291.423] GetCurrentObject (hdc=0xf00107d0, type=0x7) returned 0x4a0507fe
[0291.423] GetCurrentObject (hdc=0xf00107d0, type=0x6) returned 0x8a01c2
[0291.423] SaveDC (hdc=0xf00107d0) returned 1
[0291.423] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1f040807
[0291.423] GetClipRgn (hdc=0xf00107d0, hrgn=0x1f040807) returned 0
[0291.424] SelectClipRgn (hdc=0xf00107d0, hrgn=0xab0407de) returned 2
[0291.424] DeleteObject (ho=0x1f040807) returned 1
[0291.424] DeleteObject (ho=0xab0407de) returned 1
[0291.424] OffsetViewportOrgEx (in: hdc=0xf00107d0, x=0, y=0, lppt=0x2d3cba4 | out: lppt=0x2d3cba4) returned 1
[0291.424] DrawThemeParentBackground () returned 0x0
[0291.424] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0291.424] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0291.424] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.424] GetSystemMetrics (nIndex=42) returned 0
[0291.424] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.424] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0291.424] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0291.424] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0291.424] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0291.425] SelectPalette (hdc=0xf00107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.425] GdipCreateFromHDC (hdc=0xf00107d0, graphics=0xd7dac8) returned 0x0
[0291.425] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0291.425] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0291.425] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638db8) returned 0x0
[0291.425] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7daa0) returned 0x0
[0291.425] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0291.425] GdipCreateRegion (region=0xd7da88) returned 0x0
[0291.425] GdipGetClip (graphics=0x6635ec8, region=0x6646328) returned 0x0
[0291.425] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6635ec8, result=0xd7da94) returned 0x0
[0291.425] GdipDeleteRegion (region=0x6646328) returned 0x0
[0291.425] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7dac0) returned 0x0
[0291.425] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0291.433] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d480, x=0, y=0, width=801, height=453) returned 0x0
[0291.433] GdipDeleteBrush (brush=0x664d480) returned 0x0
[0291.439] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0291.439] SelectPalette (hdc=0xf00107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.440] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.440] GetSystemMetrics (nIndex=42) returned 0
[0291.440] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.440] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0291.440] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0291.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0291.440] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0291.440] SelectPalette (hdc=0xf00107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.440] GdipCreateFromHDC (hdc=0xf00107d0, graphics=0xd7da68) returned 0x0
[0291.440] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0291.440] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0291.441] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638d28) returned 0x0
[0291.441] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7da40) returned 0x0
[0291.441] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0291.441] GdipCreateRegion (region=0xd7da28) returned 0x0
[0291.441] GdipGetClip (graphics=0x6635ec8, region=0x6646d48) returned 0x0
[0291.441] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6635ec8, result=0xd7da34) returned 0x0
[0291.441] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0291.441] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7da60) returned 0x0
[0291.441] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0291.448] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d348, x=0, y=0, width=801, height=453) returned 0x0
[0291.448] GdipDeleteBrush (brush=0x664d348) returned 0x0
[0291.449] GdipRestoreGraphics (graphics=0x6635ec8, state=0xf61e0dbd) returned 0x0
[0291.449] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.449] GetSystemMetrics (nIndex=42) returned 0
[0291.449] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0291.449] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0291.449] SelectPalette (hdc=0xf00107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.450] RestoreDC (hdc=0xf00107d0, nSavedDC=-1) returned 1
[0291.450] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107d0) returned 0x0
[0291.450] IsAppThemed () returned 0x1
[0291.450] GetThemeAppProperties () returned 0x3
[0291.450] GetThemeAppProperties () returned 0x3
[0291.450] IsAppThemed () returned 0x1
[0291.451] GetThemeAppProperties () returned 0x3
[0291.451] GetThemeAppProperties () returned 0x3
[0291.451] IsThemePartDefined () returned 0x1
[0291.451] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0291.451] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0291.451] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0291.451] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0291.451] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df74) returned 0x0
[0291.451] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0291.451] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0291.451] LocalFree (hMem=0x11eecc8) returned 0x0
[0291.451] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0291.451] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0291.451] LocalFree (hMem=0x11ee8d8) returned 0x0
[0291.451] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0291.451] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0291.451] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0291.451] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0291.451] GdipDeleteRegion (region=0x6646328) returned 0x0
[0291.451] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0291.451] GetCurrentObject (hdc=0xf00107d0, type=0x1) returned 0xb00017
[0291.451] GetCurrentObject (hdc=0xf00107d0, type=0x2) returned 0x900010
[0291.451] GetCurrentObject (hdc=0xf00107d0, type=0x7) returned 0x4a0507fe
[0291.452] GetCurrentObject (hdc=0xf00107d0, type=0x6) returned 0x8a01c2
[0291.452] SaveDC (hdc=0xf00107d0) returned 1
[0291.452] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xac0407de
[0291.452] GetClipRgn (hdc=0xf00107d0, hrgn=0xac0407de) returned 0
[0291.452] SelectClipRgn (hdc=0xf00107d0, hrgn=0x21040807) returned 2
[0291.452] DeleteObject (ho=0xac0407de) returned 1
[0291.452] DeleteObject (ho=0x21040807) returned 1
[0291.452] OffsetViewportOrgEx (in: hdc=0xf00107d0, x=0, y=0, lppt=0x2d433f4 | out: lppt=0x2d433f4) returned 1
[0291.452] IsAppThemed () returned 0x1
[0291.452] GetThemeAppProperties () returned 0x3
[0291.452] GetThemeAppProperties () returned 0x3
[0291.452] DrawThemeBackground () returned 0x0
[0291.452] RestoreDC (hdc=0xf00107d0, nSavedDC=-1) returned 1
[0291.452] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107d0) returned 0x0
[0291.452] GdipCreateRegion (region=0xd7df60) returned 0x0
[0291.452] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0291.452] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0291.452] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0291.452] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0291.452] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0291.452] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0291.453] LocalFree (hMem=0x11ee8d8) returned 0x0
[0291.453] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.453] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0291.453] LocalFree (hMem=0x11ee868) returned 0x0
[0291.453] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0291.453] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0291.453] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0291.453] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0291.453] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0291.453] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0291.453] GetCurrentObject (hdc=0xf00107d0, type=0x1) returned 0xb00017
[0291.453] GetCurrentObject (hdc=0xf00107d0, type=0x2) returned 0x900010
[0291.453] GetCurrentObject (hdc=0xf00107d0, type=0x7) returned 0x4a0507fe
[0291.453] GetCurrentObject (hdc=0xf00107d0, type=0x6) returned 0x8a01c2
[0291.453] SaveDC (hdc=0xf00107d0) returned 1
[0291.453] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x22040807
[0291.453] GetClipRgn (hdc=0xf00107d0, hrgn=0x22040807) returned 0
[0291.453] SelectClipRgn (hdc=0xf00107d0, hrgn=0xad0407de) returned 2
[0291.453] DeleteObject (ho=0x22040807) returned 1
[0291.453] DeleteObject (ho=0xad0407de) returned 1
[0291.453] OffsetViewportOrgEx (in: hdc=0xf00107d0, x=0, y=0, lppt=0x2d436c8 | out: lppt=0x2d436c8) returned 1
[0291.453] IsAppThemed () returned 0x1
[0291.453] GetThemeAppProperties () returned 0x3
[0291.453] GetThemeAppProperties () returned 0x3
[0291.453] GetThemeBackgroundContentRect () returned 0x0
[0291.454] RestoreDC (hdc=0xf00107d0, nSavedDC=-1) returned 1
[0291.454] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107d0) returned 0x0
[0291.454] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0291.454] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0291.454] GdipFillRectangleI (graphics=0x6600030, brush=0x666a708, x=4, y=4, width=67, height=15) returned 0x0
[0291.454] GdipDeleteBrush (brush=0x666a708) returned 0x0
[0291.454] IsAppThemed () returned 0x1
[0291.454] GetThemeAppProperties () returned 0x3
[0291.454] GetThemeAppProperties () returned 0x3
[0291.454] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0291.454] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0291.454] GetCurrentObject (hdc=0xf00107d0, type=0x1) returned 0xb00017
[0291.454] GetCurrentObject (hdc=0xf00107d0, type=0x2) returned 0x900010
[0291.454] GetCurrentObject (hdc=0xf00107d0, type=0x7) returned 0x4a0507fe
[0291.454] GetCurrentObject (hdc=0xf00107d0, type=0x6) returned 0x8a01c2
[0291.454] SaveDC (hdc=0xf00107d0) returned 1
[0291.454] GetTextAlign (hdc=0xf00107d0) returned 0x0
[0291.454] GetTextColor (hdc=0xf00107d0) returned 0x0
[0291.454] GetCurrentObject (hdc=0xf00107d0, type=0x6) returned 0x8a01c2
[0291.454] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0291.454] SelectObject (hdc=0xf00107d0, h=0x6d0a0520) returned 0x8a01c2
[0291.454] GetBkMode (hdc=0xf00107d0) returned 2
[0291.454] SetBkMode (hdc=0xf00107d0, mode=1) returned 2
[0291.455] DrawTextExW (in: hdc=0xf00107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d43a8c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0291.455] DrawTextExW (in: hdc=0xf00107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d43a8c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0291.455] RestoreDC (hdc=0xf00107d0, nSavedDC=-1) returned 1
[0291.455] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107d0) returned 0x0
[0291.455] GetFocus () returned 0x3302d8
[0291.455] IsAppThemed () returned 0x1
[0291.455] GetThemeAppProperties () returned 0x3
[0291.455] GetThemeAppProperties () returned 0x3
[0291.455] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0291.455] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xf00107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.456] GdipReleaseDC (graphics=0x6600030, hdc=0xf00107d0) returned 0x0
[0291.456] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.456] SelectObject (hdc=0xf00107d0, h=0x85000f) returned 0x4a0507fe
[0291.456] DeleteDC (hdc=0xf00107d0) returned 1
[0291.456] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.456] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0291.456] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.456] IsWindowUnicode (hWnd=0x3400ea) returned 1
[0291.456] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.456] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.456] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.456] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.456] IsWindowUnicode (hWnd=0x3400ea) returned 1
[0291.456] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.456] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.456] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.457] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x2a1, wParam=0x0, lParam=0x50031) returned 0x0
[0291.457] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.457] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.457] WaitMessage () returned 1
[0291.470] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.470] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.470] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.470] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.470] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.471] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.471] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.471] WaitMessage () returned 1
[0291.472] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.472] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.472] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.472] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.472] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.473] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.473] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.473] WaitMessage () returned 1
[0291.474] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.474] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.474] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.474] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.474] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.475] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.475] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.475] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.475] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.475] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.476] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.476] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.476] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.476] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.476] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.476] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.476] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.476] WaitMessage () returned 1
[0291.477] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.477] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.477] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.477] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.477] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.478] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.478] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.478] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.478] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.478] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.479] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.479] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.479] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.479] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.479] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.479] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.480] WaitMessage () returned 1
[0291.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.480] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.480] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.480] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.480] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.481] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.481] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.481] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.482] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.482] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.482] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.482] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.482] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.482] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.482] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.482] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.482] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.482] WaitMessage () returned 1
[0291.484] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.484] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.484] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.484] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.484] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.485] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.486] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.486] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.486] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.486] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.486] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.486] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.486] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.486] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.487] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0291.487] WaitMessage () returned 1
[0291.528] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.532] IsWindowUnicode (hWnd=0x3400ea) returned 1
[0291.532] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.533] GetDlgItem (hDlg=0x2602d0, nIDDlgItem=0) returned 0x0
[0291.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x210, wParam=0x201, lParam=0x630112) returned 0x0
[0291.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x21, wParam=0x2602d0, lParam=0x2010001) returned 0x1
[0291.533] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x21, wParam=0x2602d0, lParam=0x2010001) returned 0x1
[0291.533] SetCursor (hCursor=0x10003) returned 0x10003
[0291.533] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.533] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.533] GetKeyState (nVirtKey=1) returned -127
[0291.533] GetKeyState (nVirtKey=2) returned 0
[0291.533] GetKeyState (nVirtKey=4) returned 0
[0291.533] GetKeyState (nVirtKey=5) returned 0
[0291.533] GetKeyState (nVirtKey=6) returned 0
[0291.533] IsWindowVisible (hWnd=0x3400ea) returned 1
[0291.533] IsWindowEnabled (hWnd=0x3400ea) returned 1
[0291.533] SetFocus (hWnd=0x3400ea) returned 0x3302d8
[0291.534] GetFocus () returned 0x3400ea
[0291.534] IsChild (hWndParent=0x2602d0, hWnd=0x3400ea) returned 1
[0291.534] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x8, wParam=0x3400ea, lParam=0x0) returned 0x0
[0291.534] GetCapture () returned 0x0
[0291.534] InvalidateRect (hWnd=0x3302d8, lpRect=0x0, bErase=0) returned 1
[0291.535] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0291.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0291.537] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.537] InvalidateRect (hWnd=0x3302d8, lpRect=0x0, bErase=0) returned 1
[0291.537] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x7, wParam=0x3302d8, lParam=0x0) returned 0x0
[0291.538] GetStockObject (i=5) returned 0x900015
[0291.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0291.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0291.538] GetDlgItem (hDlg=0x2602d0, nIDDlgItem=3408106) returned 0x3400ea
[0291.538] SendMessageW (hWnd=0x3400ea, Msg=0x202b, wParam=0x3400ea, lParam=0xd7dddc) returned 0x0
[0291.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x202b, wParam=0x3400ea, lParam=0xd7dddc) returned 0x0
[0291.538] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.539] GetFocus () returned 0x3400ea
[0291.539] GetFocus () returned 0x3400ea
[0291.539] GetFocus () returned 0x3400ea
[0291.539] GetKeyState (nVirtKey=1) returned -127
[0291.540] GetKeyState (nVirtKey=2) returned 0
[0291.540] GetKeyState (nVirtKey=4) returned 0
[0291.540] GetKeyState (nVirtKey=5) returned 0
[0291.540] GetKeyState (nVirtKey=6) returned 0
[0291.540] GetCapture () returned 0x0
[0291.540] SetCapture (hWnd=0x3400ea) returned 0x0
[0291.540] GetKeyState (nVirtKey=1) returned -127
[0291.540] GetKeyState (nVirtKey=2) returned 0
[0291.540] GetKeyState (nVirtKey=4) returned 0
[0291.540] GetKeyState (nVirtKey=5) returned 0
[0291.540] GetKeyState (nVirtKey=6) returned 0
[0291.540] NotifyWinEvent (event=0x800a, hwnd=0x3400ea, idObject=-4, idChild=0)
[0291.540] InvalidateRect (hWnd=0x3400ea, lpRect=0xd7e430, bErase=0) returned 1
[0291.540] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.540] IsWindowUnicode (hWnd=0x3400ea) returned 1
[0291.540] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.540] TranslateMessage (lpMsg=0xd7e808) returned 0
[0291.540] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0291.540] MapWindowPoints (in: hWndFrom=0x3400ea, hWndTo=0x0, lpPoints=0x2d43d78, cPoints=0x1 | out: lpPoints=0x2d43d78) returned 30999254
[0291.540] NotifyWinEvent (event=0x800a, hwnd=0x3400ea, idObject=-4, idChild=0)
[0291.540] InvalidateRect (hWnd=0x3400ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0291.540] UpdateWindow (hWnd=0x3400ea) returned 1
[0291.540] BeginPaint (in: hWnd=0x3400ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0291.541] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.541] CreateCompatibleDC (hdc=0x10105d6) returned 0x63010173
[0291.541] SelectObject (hdc=0x63010173, h=0x4a0507fe) returned 0x85000f
[0291.541] GdipCreateFromHDC (hdc=0x63010173, graphics=0xd7df00) returned 0x0
[0291.541] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.541] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0291.541] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0291.541] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0291.541] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df60) returned 0x0
[0291.541] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.541] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0291.541] LocalFree (hMem=0x11eec58) returned 0x0
[0291.541] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0291.541] GdipCreateRegion (region=0xd7df48) returned 0x0
[0291.541] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0291.541] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0291.541] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0291.542] GdipRestoreGraphics (graphics=0x6600030, state=0xf61c0dbd) returned 0x0
[0291.542] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0291.542] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0291.542] GetCurrentObject (hdc=0x63010173, type=0x1) returned 0xb00017
[0291.542] GetCurrentObject (hdc=0x63010173, type=0x2) returned 0x900010
[0291.542] GetCurrentObject (hdc=0x63010173, type=0x7) returned 0x4a0507fe
[0291.542] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.542] SaveDC (hdc=0x63010173) returned 1
[0291.542] GetNearestColor (hdc=0x63010173, color=0xf0f0f0) returned 0xf0f0f0
[0291.542] GetNearestColor (hdc=0x63010173, color=0xa0a0a0) returned 0xa0a0a0
[0291.542] GetNearestColor (hdc=0x63010173, color=0x696969) returned 0x696969
[0291.542] GetNearestColor (hdc=0x63010173, color=0xa0a0a0) returned 0xa0a0a0
[0291.542] GetNearestColor (hdc=0x63010173, color=0x0) returned 0x0
[0291.542] GetNearestColor (hdc=0x63010173, color=0xffffff) returned 0xffffff
[0291.542] GetNearestColor (hdc=0x63010173, color=0xe5e5e5) returned 0xe5e5e5
[0291.542] GetNearestColor (hdc=0x63010173, color=0xd7d7d7) returned 0xd7d7d7
[0291.542] GetNearestColor (hdc=0x63010173, color=0x0) returned 0x0
[0291.542] RestoreDC (hdc=0x63010173, nSavedDC=-1) returned 1
[0291.543] GdipReleaseDC (graphics=0x6600030, hdc=0x63010173) returned 0x0
[0291.543] IsAppThemed () returned 0x1
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] IsAppThemed () returned 0x1
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d444d0 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0291.543] IsAppThemed () returned 0x1
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] IsAppThemed () returned 0x1
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] IsAppThemed () returned 0x1
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] IsAppThemed () returned 0x1
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] GetThemeAppProperties () returned 0x3
[0291.543] IsThemePartDefined () returned 0x1
[0291.543] IsAppThemed () returned 0x1
[0291.544] GetThemeAppProperties () returned 0x3
[0291.544] GetThemeAppProperties () returned 0x3
[0291.544] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0291.544] IsAppThemed () returned 0x1
[0291.546] GetThemeAppProperties () returned 0x3
[0291.546] GetThemeAppProperties () returned 0x3
[0291.546] IsAppThemed () returned 0x1
[0291.546] GetThemeAppProperties () returned 0x3
[0291.546] GetThemeAppProperties () returned 0x3
[0291.546] IsThemePartDefined () returned 0x1
[0291.546] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0291.546] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0291.546] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0291.546] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0291.546] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc7c) returned 0x0
[0291.546] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0291.546] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee788) returned 0x0
[0291.547] LocalFree (hMem=0x11ee788) returned 0x0
[0291.547] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0291.547] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0291.547] LocalFree (hMem=0x11eed00) returned 0x0
[0291.547] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0291.547] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0291.547] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0291.547] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0291.547] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0291.547] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0291.547] GetCurrentObject (hdc=0x63010173, type=0x1) returned 0xb00017
[0291.547] GetCurrentObject (hdc=0x63010173, type=0x2) returned 0x900010
[0291.547] GetCurrentObject (hdc=0x63010173, type=0x7) returned 0x4a0507fe
[0291.547] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.547] SaveDC (hdc=0x63010173) returned 1
[0291.547] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xae0407de
[0291.547] GetClipRgn (hdc=0x63010173, hrgn=0xae0407de) returned 0
[0291.547] SelectClipRgn (hdc=0x63010173, hrgn=0x26040807) returned 2
[0291.547] DeleteObject (ho=0xae0407de) returned 1
[0291.547] DeleteObject (ho=0x26040807) returned 1
[0291.547] OffsetViewportOrgEx (in: hdc=0x63010173, x=0, y=0, lppt=0x2d44b80 | out: lppt=0x2d44b80) returned 1
[0291.548] DrawThemeParentBackground () returned 0x0
[0291.548] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0291.548] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0291.548] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.548] GetSystemMetrics (nIndex=42) returned 0
[0291.548] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.548] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0291.548] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0291.548] GetCurrentObject (hdc=0x63010173, type=0x1) returned 0xb00017
[0291.548] GetCurrentObject (hdc=0x63010173, type=0x2) returned 0x900010
[0291.548] GetCurrentObject (hdc=0x63010173, type=0x7) returned 0x4a0507fe
[0291.548] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.548] SaveDC (hdc=0x63010173) returned 2
[0291.548] GetNearestColor (hdc=0x63010173, color=0xf0f0f0) returned 0xf0f0f0
[0291.548] CreateSolidBrush (color=0xf0f0f0) returned 0x431007e1
[0291.548] FillRect (hDC=0x63010173, lprc=0xd7d6c8, hbr=0x431007e1) returned 1
[0291.548] DeleteObject (ho=0x431007e1) returned 1
[0291.548] RestoreDC (hdc=0x63010173, nSavedDC=-1) returned 1
[0291.549] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.549] GetSystemMetrics (nIndex=42) returned 0
[0291.549] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0291.549] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0291.549] GetCurrentObject (hdc=0x63010173, type=0x1) returned 0xb00017
[0291.549] GetCurrentObject (hdc=0x63010173, type=0x2) returned 0x900010
[0291.549] GetCurrentObject (hdc=0x63010173, type=0x7) returned 0x4a0507fe
[0291.549] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.549] SaveDC (hdc=0x63010173) returned 2
[0291.549] GetNearestColor (hdc=0x63010173, color=0xf0f0f0) returned 0xf0f0f0
[0291.549] CreateSolidBrush (color=0xf0f0f0) returned 0x441007e1
[0291.549] FillRect (hDC=0x63010173, lprc=0xd7d668, hbr=0x441007e1) returned 1
[0291.549] DeleteObject (ho=0x441007e1) returned 1
[0291.549] RestoreDC (hdc=0x63010173, nSavedDC=-1) returned 1
[0291.549] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.549] GetSystemMetrics (nIndex=42) returned 0
[0291.549] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0291.550] RestoreDC (hdc=0x63010173, nSavedDC=-1) returned 1
[0291.550] GdipReleaseDC (graphics=0x6600030, hdc=0x63010173) returned 0x0
[0291.550] IsAppThemed () returned 0x1
[0291.550] GetThemeAppProperties () returned 0x3
[0291.550] GetThemeAppProperties () returned 0x3
[0291.550] IsAppThemed () returned 0x1
[0291.550] GetThemeAppProperties () returned 0x3
[0291.550] GetThemeAppProperties () returned 0x3
[0291.550] IsThemePartDefined () returned 0x1
[0291.550] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0291.550] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0291.550] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0291.550] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0291.550] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0291.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0291.550] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0291.550] LocalFree (hMem=0x11ee788) returned 0x0
[0291.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.550] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0291.550] LocalFree (hMem=0x11eec58) returned 0x0
[0291.550] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0291.550] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0291.551] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0291.551] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0291.551] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0291.551] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0291.551] GetCurrentObject (hdc=0x63010173, type=0x1) returned 0xb00017
[0291.551] GetCurrentObject (hdc=0x63010173, type=0x2) returned 0x900010
[0291.551] GetCurrentObject (hdc=0x63010173, type=0x7) returned 0x4a0507fe
[0291.551] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.551] SaveDC (hdc=0x63010173) returned 1
[0291.551] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x27040807
[0291.551] GetClipRgn (hdc=0x63010173, hrgn=0x27040807) returned 0
[0291.551] SelectClipRgn (hdc=0x63010173, hrgn=0xb00407de) returned 2
[0291.551] DeleteObject (ho=0x27040807) returned 1
[0291.551] DeleteObject (ho=0xb00407de) returned 1
[0291.551] OffsetViewportOrgEx (in: hdc=0x63010173, x=0, y=0, lppt=0x2d4542c | out: lppt=0x2d4542c) returned 1
[0291.551] IsAppThemed () returned 0x1
[0291.551] GetThemeAppProperties () returned 0x3
[0291.551] GetThemeAppProperties () returned 0x3
[0291.551] DrawThemeBackground () returned 0x0
[0291.551] RestoreDC (hdc=0x63010173, nSavedDC=-1) returned 1
[0291.551] GdipReleaseDC (graphics=0x6600030, hdc=0x63010173) returned 0x0
[0291.552] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0291.552] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0291.552] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0291.552] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0291.552] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc04) returned 0x0
[0291.552] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0291.552] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0291.552] LocalFree (hMem=0x11ee8d8) returned 0x0
[0291.552] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0291.552] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0291.552] LocalFree (hMem=0x11eec58) returned 0x0
[0291.552] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0291.552] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0291.552] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0291.552] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0291.552] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0291.552] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0291.552] GetCurrentObject (hdc=0x63010173, type=0x1) returned 0xb00017
[0291.552] GetCurrentObject (hdc=0x63010173, type=0x2) returned 0x900010
[0291.552] GetCurrentObject (hdc=0x63010173, type=0x7) returned 0x4a0507fe
[0291.552] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.552] SaveDC (hdc=0x63010173) returned 1
[0291.552] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb10407de
[0291.553] GetClipRgn (hdc=0x63010173, hrgn=0xb10407de) returned 0
[0291.553] SelectClipRgn (hdc=0x63010173, hrgn=0x28040807) returned 2
[0291.553] DeleteObject (ho=0xb10407de) returned 1
[0291.553] DeleteObject (ho=0x28040807) returned 1
[0291.553] OffsetViewportOrgEx (in: hdc=0x63010173, x=0, y=0, lppt=0x2d45700 | out: lppt=0x2d45700) returned 1
[0291.553] IsAppThemed () returned 0x1
[0291.553] GetThemeAppProperties () returned 0x3
[0291.553] GetThemeAppProperties () returned 0x3
[0291.553] GetThemeBackgroundContentRect () returned 0x0
[0291.553] RestoreDC (hdc=0x63010173, nSavedDC=-1) returned 1
[0291.553] GdipReleaseDC (graphics=0x6600030, hdc=0x63010173) returned 0x0
[0291.553] IsAppThemed () returned 0x1
[0291.553] GetThemeAppProperties () returned 0x3
[0291.553] GetThemeAppProperties () returned 0x3
[0291.553] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0291.553] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0291.553] GetCurrentObject (hdc=0x63010173, type=0x1) returned 0xb00017
[0291.553] GetCurrentObject (hdc=0x63010173, type=0x2) returned 0x900010
[0291.553] GetCurrentObject (hdc=0x63010173, type=0x7) returned 0x4a0507fe
[0291.553] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.553] SaveDC (hdc=0x63010173) returned 1
[0291.553] GetTextAlign (hdc=0x63010173) returned 0x0
[0291.554] GetTextColor (hdc=0x63010173) returned 0x0
[0291.554] GetCurrentObject (hdc=0x63010173, type=0x6) returned 0x8a01c2
[0291.554] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0291.554] SelectObject (hdc=0x63010173, h=0x6d0a0520) returned 0x8a01c2
[0291.554] GetBkMode (hdc=0x63010173) returned 2
[0291.554] SetBkMode (hdc=0x63010173, mode=1) returned 2
[0291.554] DrawTextExW (in: hdc=0x63010173, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d45aa0 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0291.554] DrawTextExW (in: hdc=0x63010173, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d45aa0 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0291.554] RestoreDC (hdc=0x63010173, nSavedDC=-1) returned 1
[0291.554] GdipReleaseDC (graphics=0x6600030, hdc=0x63010173) returned 0x0
[0291.554] GetFocus () returned 0x3400ea
[0291.555] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0291.555] SendMessageW (hWnd=0x2602d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0291.555] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0291.555] IsAppThemed () returned 0x1
[0291.555] GetThemeAppProperties () returned 0x3
[0291.555] GetThemeAppProperties () returned 0x3
[0291.555] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0291.555] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x63010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.555] GdipReleaseDC (graphics=0x6600030, hdc=0x63010173) returned 0x0
[0291.555] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.555] SelectObject (hdc=0x63010173, h=0x85000f) returned 0x4a0507fe
[0291.555] DeleteDC (hdc=0x63010173) returned 1
[0291.555] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.555] EndPaint (hWnd=0x3400ea, lpPaint=0xd7dee4) returned 1
[0291.555] MapWindowPoints (in: hWndFrom=0x3400ea, hWndTo=0x0, lpPoints=0x2d45b9c, cPoints=0x1 | out: lpPoints=0x2d45b9c) returned 30999254
[0291.555] WindowFromPoint (Point=0x307) returned 0x3400ea
[0291.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.556] NotifyWinEvent (event=0x800a, hwnd=0x3400ea, idObject=-4, idChild=0)
[0291.556] NotifyWinEvent (event=0x800c, hwnd=0x3400ea, idObject=-4, idChild=0)
[0291.556] GetCapture () returned 0x3400ea
[0291.556] ReleaseCapture () returned 1
[0291.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0291.556] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0291.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.556] IsWindow (hWnd=0x7005c) returned 1
[0291.556] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0291.557] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0291.557] IsWindow (hWnd=0x2602d0) returned 1
[0291.557] SetActiveWindow (hWnd=0x2602d0) returned 0x2602d0
[0291.557] IsWindow (hWnd=0x2602d0) returned 1
[0291.557] SetFocus (hWnd=0x2602d0) returned 0x3400ea
[0291.557] GetFocus () returned 0x2602d0
[0291.557] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x8, wParam=0x2602d0, lParam=0x0) returned 0x0
[0291.557] GetCapture () returned 0x0
[0291.557] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.558] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0291.559] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0291.562] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.562] GetFocus () returned 0x2602d0
[0291.562] SetFocus (hWnd=0x3400ea) returned 0x2602d0
[0291.562] GetFocus () returned 0x3400ea
[0291.562] IsChild (hWndParent=0x2602d0, hWnd=0x3400ea) returned 1
[0291.562] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x8, wParam=0x3400ea, lParam=0x0) returned 0x0
[0291.563] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0291.564] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0291.565] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.565] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x7, wParam=0x2602d0, lParam=0x0) returned 0x0
[0291.565] GetStockObject (i=5) returned 0x900015
[0291.565] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0291.565] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0291.566] GetDlgItem (hDlg=0x2602d0, nIDDlgItem=3408106) returned 0x3400ea
[0291.566] SendMessageW (hWnd=0x3400ea, Msg=0x202b, wParam=0x3400ea, lParam=0xd7ddcc) returned 0x0
[0291.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x202b, wParam=0x3400ea, lParam=0xd7ddcc) returned 0x0
[0291.566] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.567] GetWindowLongW (hWnd=0x2602d0, nIndex=-8) returned 458844
[0291.567] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0291.567] GetCurrentThreadId () returned 0xf50
[0291.567] IsWindow (hWnd=0x7005c) returned 1
[0291.567] IsWindow (hWnd=0x7005c) returned 1
[0291.567] IsWindowVisible (hWnd=0x7005c) returned 1
[0291.567] SetActiveWindow (hWnd=0x7005c) returned 0x2602d0
[0291.567] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0291.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.569] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0291.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0291.570] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0291.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0291.570] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0291.571] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0291.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2602d0) returned 0x1
[0291.574] GetFocus () returned 0x3400ea
[0291.574] SetFocus (hWnd=0x602c4) returned 0x3400ea
[0291.574] GetFocus () returned 0x602c4
[0291.574] IsChild (hWndParent=0x2602d0, hWnd=0x602c4) returned 0
[0291.574] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0291.574] GetCapture () returned 0x0
[0291.574] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.575] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0291.577] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0291.578] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0291.578] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0291.579] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0291.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x3400ea, lParam=0x0) returned 0x0
[0291.579] GetStockObject (i=5) returned 0x900015
[0291.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0291.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed850) returned 0xc
[0291.579] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0291.579] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0291.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0291.579] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0291.580] GetFocus () returned 0x602c4
[0291.580] IsChild (hWndParent=0x2602d0, hWnd=0x602c4) returned 0
[0291.580] ShowWindow (hWnd=0x2602d0, nCmdShow=0) returned 1
[0291.580] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0291.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0291.582] GetWindowPlacement (in: hWnd=0x2602d0, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0291.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0291.582] GetClientRect (in: hWnd=0x2602d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0291.582] GetWindowRect (in: hWnd=0x2602d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0291.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0291.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0291.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0291.583] GetWindowLongW (hWnd=0x2602d0, nIndex=-20) returned 327945
[0291.583] DestroyWindow (hWnd=0x2602d0) returned 1
[0291.583] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0291.584] GetWindowTextLengthW (hWnd=0x2602d0) returned 13
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.584] GetSystemMetrics (nIndex=42) returned 0
[0291.584] GetWindowTextW (in: hWnd=0x2602d0, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0291.584] GetWindowTextLengthW (hWnd=0x3102de) returned 0
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0291.584] GetSystemMetrics (nIndex=42) returned 0
[0291.584] GetWindowTextW (in: hWnd=0x3102de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0291.584] GetWindowThreadProcessId (in: hWnd=0x3102da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0291.584] GetWindow (hWnd=0x3102da, uCmd=0x5) returned 0x0
[0291.584] GetWindowLongW (hWnd=0x3102da, nIndex=-20) returned 65792
[0291.584] DestroyWindow (hWnd=0x3102da) returned 1
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0291.584] GetWindowTextLengthW (hWnd=0x3102da) returned 25
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0291.584] GetSystemMetrics (nIndex=42) returned 0
[0291.584] GetWindowTextW (in: hWnd=0x3102da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0291.584] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0291.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0291.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.586] GetWindowTextLengthW (hWnd=0x2702ce) returned 232
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0291.586] GetSystemMetrics (nIndex=42) returned 0
[0291.586] GetWindowTextW (in: hWnd=0x2702ce, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0291.586] InvalidateRect (hWnd=0x3400ea, lpRect=0x0, bErase=0) returned 1
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0291.586] SendMessageW (hWnd=0x2b02c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0291.586] SendMessageW (hWnd=0x2b02c8, Msg=0xb0, wParam=0x2d119c4, lParam=0xd7e480) returned 0x0
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0xb0, wParam=0x2d119c4, lParam=0xd7e480) returned 0x0
[0291.586] GetWindowTextLengthW (hWnd=0x2b02c8) returned 4363
[0291.586] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0291.587] GetSystemMetrics (nIndex=42) returned 0
[0291.587] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0291.587] GetWindowTextW (in: hWnd=0x2b02c8, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0291.587] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0291.587] CoTaskMemFree (pv=0x1202960)
[0291.587] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0291.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.588] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2702ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.589] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3302d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.590] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3400ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.599] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3102dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.601] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2b02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2602d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0291.603] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.603] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.603] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.603] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.603] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.604] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.604] IsWindowUnicode (hWnd=0x7005c) returned 1
[0291.604] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.604] SetCursor (hCursor=0x10003) returned 0x10003
[0291.604] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.604] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.604] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0291.604] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0291.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0291.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1090249) returned 0x0
[0291.604] GetKeyState (nVirtKey=1) returned 1
[0291.604] GetKeyState (nVirtKey=2) returned 0
[0291.605] GetKeyState (nVirtKey=4) returned 0
[0291.605] GetKeyState (nVirtKey=5) returned 0
[0291.605] GetKeyState (nVirtKey=6) returned 0
[0291.605] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.605] IsWindowUnicode (hWnd=0x7005c) returned 1
[0291.605] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.605] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.605] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.605] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.606] IsWindowUnicode (hWnd=0x7005c) returned 1
[0291.606] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1de0307) returned 0x1
[0291.606] SetCursor (hCursor=0x10003) returned 0x10003
[0291.606] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.606] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1090249) returned 0x0
[0291.606] GetKeyState (nVirtKey=1) returned 1
[0291.606] GetKeyState (nVirtKey=2) returned 0
[0291.606] GetKeyState (nVirtKey=4) returned 0
[0291.606] GetKeyState (nVirtKey=5) returned 0
[0291.606] GetKeyState (nVirtKey=6) returned 0
[0291.606] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.611] IsWindowUnicode (hWnd=0x602c4) returned 1
[0291.611] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.611] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.611] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.612] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.612] IsWindowUnicode (hWnd=0x602c4) returned 1
[0291.612] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.612] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.613] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.613] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0291.613] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.613] CreateCompatibleDC (hdc=0x10105d6) returned 0xc010671
[0291.613] SelectObject (hdc=0xc010671, h=0x4a0507fe) returned 0x85000f
[0291.613] GdipCreateFromHDC (hdc=0xc010671, graphics=0xd7e798) returned 0x0
[0291.613] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0291.613] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0291.613] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0291.613] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0291.613] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e7f8) returned 0x0
[0291.613] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0291.613] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0291.613] LocalFree (hMem=0x11ee788) returned 0x0
[0291.613] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0291.614] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0291.614] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0291.614] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0291.614] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0291.614] GdipRestoreGraphics (graphics=0x6600030, state=0xf61a0dbd) returned 0x0
[0291.614] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0291.614] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0291.614] GetCurrentObject (hdc=0xc010671, type=0x1) returned 0xb00017
[0291.614] GetCurrentObject (hdc=0xc010671, type=0x2) returned 0x900010
[0291.614] GetCurrentObject (hdc=0xc010671, type=0x7) returned 0x4a0507fe
[0291.614] GetCurrentObject (hdc=0xc010671, type=0x6) returned 0x8a01c2
[0291.614] SaveDC (hdc=0xc010671) returned 1
[0291.614] GetNearestColor (hdc=0xc010671, color=0xff) returned 0xff
[0291.614] GetNearestColor (hdc=0xc010671, color=0x55) returned 0x55
[0291.614] GetNearestColor (hdc=0xc010671, color=0x0) returned 0x0
[0291.614] GetNearestColor (hdc=0xc010671, color=0x55) returned 0x55
[0291.614] GetNearestColor (hdc=0xc010671, color=0x0) returned 0x0
[0291.614] GetNearestColor (hdc=0xc010671, color=0x8080ff) returned 0x8080ff
[0291.614] GetNearestColor (hdc=0xc010671, color=0x7373e5) returned 0x7373e5
[0291.615] GetNearestColor (hdc=0xc010671, color=0xe5) returned 0xe5
[0291.615] GetNearestColor (hdc=0xc010671, color=0x0) returned 0x0
[0291.615] RestoreDC (hdc=0xc010671, nSavedDC=-1) returned 1
[0291.615] GdipReleaseDC (graphics=0x6600030, hdc=0xc010671) returned 0x0
[0291.615] IsAppThemed () returned 0x1
[0291.615] GetThemeAppProperties () returned 0x3
[0291.615] GetThemeAppProperties () returned 0x3
[0291.615] IsAppThemed () returned 0x1
[0291.615] GetThemeAppProperties () returned 0x3
[0291.615] GetThemeAppProperties () returned 0x3
[0291.615] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d4d908 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0291.615] IsAppThemed () returned 0x1
[0291.615] GetThemeAppProperties () returned 0x3
[0291.615] GetThemeAppProperties () returned 0x3
[0291.615] IsAppThemed () returned 0x1
[0291.615] GetThemeAppProperties () returned 0x3
[0291.615] GetThemeAppProperties () returned 0x3
[0291.616] GetFocus () returned 0x602c4
[0291.616] IsAppThemed () returned 0x1
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] IsAppThemed () returned 0x1
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] IsThemePartDefined () returned 0x1
[0291.616] IsAppThemed () returned 0x1
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0291.616] IsAppThemed () returned 0x1
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] IsAppThemed () returned 0x1
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] GetThemeAppProperties () returned 0x3
[0291.616] IsThemePartDefined () returned 0x1
[0291.616] GdipCreateRegion (region=0xd7e508) returned 0x0
[0291.616] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0291.616] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0291.616] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0291.616] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e520) returned 0x0
[0291.616] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0291.616] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea28) returned 0x0
[0291.617] LocalFree (hMem=0x11eea28) returned 0x0
[0291.617] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0291.617] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea28) returned 0x0
[0291.617] LocalFree (hMem=0x11eea28) returned 0x0
[0291.617] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0291.617] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0291.617] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0291.617] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0291.617] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0291.617] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0291.617] GetCurrentObject (hdc=0xc010671, type=0x1) returned 0xb00017
[0291.617] GetCurrentObject (hdc=0xc010671, type=0x2) returned 0x900010
[0291.617] GetCurrentObject (hdc=0xc010671, type=0x7) returned 0x4a0507fe
[0291.617] GetCurrentObject (hdc=0xc010671, type=0x6) returned 0x8a01c2
[0291.617] SaveDC (hdc=0xc010671) returned 1
[0291.617] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x29040807
[0291.617] GetClipRgn (hdc=0xc010671, hrgn=0x29040807) returned 0
[0291.617] SelectClipRgn (hdc=0xc010671, hrgn=0xb50407de) returned 2
[0291.617] DeleteObject (ho=0x29040807) returned 1
[0291.617] DeleteObject (ho=0xb50407de) returned 1
[0291.617] OffsetViewportOrgEx (in: hdc=0xc010671, x=0, y=0, lppt=0x2d4dfb8 | out: lppt=0x2d4dfb8) returned 1
[0291.617] DrawThemeParentBackground () returned 0x0
[0291.618] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0291.618] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0291.618] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.618] GetSystemMetrics (nIndex=42) returned 0
[0291.618] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0291.618] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0291.618] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0291.618] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0291.618] SelectPalette (hdc=0xc010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.618] GdipCreateFromHDC (hdc=0xc010671, graphics=0xd7dff8) returned 0x0
[0291.618] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0291.618] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0291.618] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638c98) returned 0x0
[0291.618] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dfd0) returned 0x0
[0291.618] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0291.619] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0291.619] GdipGetClip (graphics=0x6635ec8, region=0x6646d48) returned 0x0
[0291.619] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6635ec8, result=0xd7dfc4) returned 0x0
[0291.619] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0291.619] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7dff0) returned 0x0
[0291.619] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0291.633] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d828, x=0, y=0, width=801, height=453) returned 0x0
[0291.633] GdipDeleteBrush (brush=0x664d828) returned 0x0
[0291.634] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0291.634] SelectPalette (hdc=0xc010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.634] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.634] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.634] GetSystemMetrics (nIndex=42) returned 0
[0291.634] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.634] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0291.634] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0291.634] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0291.634] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0291.634] SelectPalette (hdc=0xc010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0291.635] GdipCreateFromHDC (hdc=0xc010671, graphics=0xd7df98) returned 0x0
[0291.635] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0291.635] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0291.635] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638a88) returned 0x0
[0291.635] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df70) returned 0x0
[0291.635] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0291.635] GdipCreateRegion (region=0xd7df58) returned 0x0
[0291.635] GdipGetClip (graphics=0x6635ec8, region=0x66469e8) returned 0x0
[0291.635] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6635ec8, result=0xd7df64) returned 0x0
[0291.635] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0291.635] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7df90) returned 0x0
[0291.635] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0291.647] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d480, x=0, y=0, width=801, height=453) returned 0x0
[0291.647] GdipDeleteBrush (brush=0x664d480) returned 0x0
[0291.648] GdipRestoreGraphics (graphics=0x6635ec8, state=0xf6160dbd) returned 0x0
[0291.648] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0291.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0291.648] GetSystemMetrics (nIndex=42) returned 0
[0291.649] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0291.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0291.649] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0291.649] SelectPalette (hdc=0xc010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.649] RestoreDC (hdc=0xc010671, nSavedDC=-1) returned 1
[0291.649] GdipReleaseDC (graphics=0x6600030, hdc=0xc010671) returned 0x0
[0291.649] IsAppThemed () returned 0x1
[0291.649] GetThemeAppProperties () returned 0x3
[0291.649] GetThemeAppProperties () returned 0x3
[0291.649] IsAppThemed () returned 0x1
[0291.649] GetThemeAppProperties () returned 0x3
[0291.649] GetThemeAppProperties () returned 0x3
[0291.649] IsThemePartDefined () returned 0x1
[0291.649] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0291.649] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0291.649] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0291.649] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0291.649] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a4) returned 0x0
[0291.649] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0291.650] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0291.650] LocalFree (hMem=0x11ee8d8) returned 0x0
[0291.650] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0291.650] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0291.650] LocalFree (hMem=0x11ee868) returned 0x0
[0291.650] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0291.650] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0291.650] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0291.650] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0291.650] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0291.650] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0291.650] GetCurrentObject (hdc=0xc010671, type=0x1) returned 0xb00017
[0291.650] GetCurrentObject (hdc=0xc010671, type=0x2) returned 0x900010
[0291.650] GetCurrentObject (hdc=0xc010671, type=0x7) returned 0x4a0507fe
[0291.650] GetCurrentObject (hdc=0xc010671, type=0x6) returned 0x8a01c2
[0291.650] SaveDC (hdc=0xc010671) returned 1
[0291.650] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb60407de
[0291.650] GetClipRgn (hdc=0xc010671, hrgn=0xb60407de) returned 0
[0291.650] SelectClipRgn (hdc=0xc010671, hrgn=0x2b040807) returned 2
[0291.650] DeleteObject (ho=0xb60407de) returned 1
[0291.650] DeleteObject (ho=0x2b040807) returned 1
[0291.651] OffsetViewportOrgEx (in: hdc=0xc010671, x=0, y=0, lppt=0x2d54808 | out: lppt=0x2d54808) returned 1
[0291.651] IsAppThemed () returned 0x1
[0291.651] GetThemeAppProperties () returned 0x3
[0291.651] GetThemeAppProperties () returned 0x3
[0291.651] DrawThemeBackground () returned 0x0
[0291.651] RestoreDC (hdc=0xc010671, nSavedDC=-1) returned 1
[0291.651] GdipReleaseDC (graphics=0x6600030, hdc=0xc010671) returned 0x0
[0291.651] GdipCreateRegion (region=0xd7e490) returned 0x0
[0291.651] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0291.651] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0291.651] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0291.651] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e4a8) returned 0x0
[0291.651] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0291.651] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea28) returned 0x0
[0291.651] LocalFree (hMem=0x11eea28) returned 0x0
[0291.651] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0291.651] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eed00) returned 0x0
[0291.651] LocalFree (hMem=0x11eed00) returned 0x0
[0291.651] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0291.651] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0291.651] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0291.651] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0291.651] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0291.652] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0291.652] GetCurrentObject (hdc=0xc010671, type=0x1) returned 0xb00017
[0291.652] GetCurrentObject (hdc=0xc010671, type=0x2) returned 0x900010
[0291.652] GetCurrentObject (hdc=0xc010671, type=0x7) returned 0x4a0507fe
[0291.652] GetCurrentObject (hdc=0xc010671, type=0x6) returned 0x8a01c2
[0291.652] SaveDC (hdc=0xc010671) returned 1
[0291.652] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2c040807
[0291.652] GetClipRgn (hdc=0xc010671, hrgn=0x2c040807) returned 0
[0291.652] SelectClipRgn (hdc=0xc010671, hrgn=0xb70407de) returned 2
[0291.652] DeleteObject (ho=0x2c040807) returned 1
[0291.652] DeleteObject (ho=0xb70407de) returned 1
[0291.652] OffsetViewportOrgEx (in: hdc=0xc010671, x=0, y=0, lppt=0x2d54adc | out: lppt=0x2d54adc) returned 1
[0291.652] IsAppThemed () returned 0x1
[0291.652] GetThemeAppProperties () returned 0x3
[0291.652] GetThemeAppProperties () returned 0x3
[0291.652] GetThemeBackgroundContentRect () returned 0x0
[0291.652] RestoreDC (hdc=0xc010671, nSavedDC=-1) returned 1
[0291.652] GdipReleaseDC (graphics=0x6600030, hdc=0xc010671) returned 0x0
[0291.652] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0291.652] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0291.652] GdipFillRectangleI (graphics=0x6600030, brush=0x6659c70, x=4, y=4, width=67, height=15) returned 0x0
[0291.652] GdipDeleteBrush (brush=0x6659c70) returned 0x0
[0291.653] IsAppThemed () returned 0x1
[0291.653] GetThemeAppProperties () returned 0x3
[0291.653] GetThemeAppProperties () returned 0x3
[0291.653] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0291.653] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0291.653] GetCurrentObject (hdc=0xc010671, type=0x1) returned 0xb00017
[0291.653] GetCurrentObject (hdc=0xc010671, type=0x2) returned 0x900010
[0291.653] GetCurrentObject (hdc=0xc010671, type=0x7) returned 0x4a0507fe
[0291.653] GetCurrentObject (hdc=0xc010671, type=0x6) returned 0x8a01c2
[0291.653] SaveDC (hdc=0xc010671) returned 1
[0291.653] GetTextAlign (hdc=0xc010671) returned 0x0
[0291.658] GetTextColor (hdc=0xc010671) returned 0x0
[0291.658] GetCurrentObject (hdc=0xc010671, type=0x6) returned 0x8a01c2
[0291.658] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0291.658] SelectObject (hdc=0xc010671, h=0x6d0a0520) returned 0x8a01c2
[0291.658] GetBkMode (hdc=0xc010671) returned 2
[0291.658] SetBkMode (hdc=0xc010671, mode=1) returned 2
[0291.658] DrawTextExW (in: hdc=0xc010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d54ea0 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0291.659] DrawTextExW (in: hdc=0xc010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d54ea0 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0291.659] RestoreDC (hdc=0xc010671, nSavedDC=-1) returned 1
[0291.659] GdipReleaseDC (graphics=0x6600030, hdc=0xc010671) returned 0x0
[0291.659] GetFocus () returned 0x602c4
[0291.659] IsAppThemed () returned 0x1
[0291.659] GetThemeAppProperties () returned 0x3
[0291.659] GetThemeAppProperties () returned 0x3
[0291.659] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0291.659] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xc010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0291.660] GdipReleaseDC (graphics=0x6600030, hdc=0xc010671) returned 0x0
[0291.660] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0291.660] SelectObject (hdc=0xc010671, h=0x85000f) returned 0x4a0507fe
[0291.660] DeleteDC (hdc=0xc010671) returned 1
[0291.660] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0291.660] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0291.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.660] WaitMessage () returned 1
[0291.660] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.660] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.660] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.660] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.660] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.661] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.661] WaitMessage () returned 1
[0291.677] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.677] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.677] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.677] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.677] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.678] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.678] WaitMessage () returned 1
[0291.679] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.679] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.679] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.679] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.679] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.680] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.680] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.680] WaitMessage () returned 1
[0291.680] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.680] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.681] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.682] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.682] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.688] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.688] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.688] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.688] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.688] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.688] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.688] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.688] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.689] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.689] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.689] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.689] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.689] WaitMessage () returned 1
[0291.691] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.691] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.691] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.691] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.691] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.692] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.692] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.692] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.692] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.692] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.692] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.692] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.692] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.692] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.693] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.693] WaitMessage () returned 1
[0291.693] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.693] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.693] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.693] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.693] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.694] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.695] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.695] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.695] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.695] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.695] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.695] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.695] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.695] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.695] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.696] WaitMessage () returned 1
[0291.696] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.696] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.696] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.696] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.696] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.698] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.698] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.698] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.698] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.698] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.698] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.699] IsWindowUnicode (hWnd=0x30122) returned 1
[0291.699] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.699] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.699] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.699] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.699] WaitMessage () returned 1
[0291.700] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.700] IsWindowUnicode (hWnd=0x7005c) returned 1
[0291.700] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.700] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.700] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.700] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.701] IsWindowUnicode (hWnd=0x7005c) returned 1
[0291.701] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.701] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.701] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.701] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1090249) returned 0x0
[0291.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.701] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.701] WaitMessage () returned 1
[0291.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.890] IsWindowUnicode (hWnd=0x502c6) returned 1
[0291.890] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0291.890] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0291.890] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0291.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0291.891] WaitMessage () returned 1
[0293.820] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0293.820] IsWindowUnicode (hWnd=0x602c4) returned 1
[0293.820] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.820] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0293.820] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0293.820] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0293.820] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0293.820] IsWindowUnicode (hWnd=0x602c4) returned 1
[0293.820] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0293.821] SetCursor (hCursor=0x10003) returned 0x10003
[0293.821] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0293.821] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0293.821] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0293.821] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0293.821] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0293.821] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0293.821] GetKeyState (nVirtKey=1) returned 1
[0293.821] GetKeyState (nVirtKey=2) returned 0
[0293.821] GetKeyState (nVirtKey=4) returned 0
[0293.821] GetKeyState (nVirtKey=5) returned 0
[0293.821] GetKeyState (nVirtKey=6) returned 0
[0293.821] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.821] IsWindowUnicode (hWnd=0x602c4) returned 1
[0293.821] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.821] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0293.821] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0293.822] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0293.822] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0293.822] CreateCompatibleDC (hdc=0x10105d6) returned 0x770107ae
[0293.822] SelectObject (hdc=0x770107ae, h=0x4a0507fe) returned 0x85000f
[0293.822] GdipCreateFromHDC (hdc=0x770107ae, graphics=0xd7e798) returned 0x0
[0293.822] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0293.822] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0293.822] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0293.823] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0293.823] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e7f8) returned 0x0
[0293.823] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0293.823] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0293.823] LocalFree (hMem=0x11eec58) returned 0x0
[0293.823] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0293.823] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0293.823] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0293.823] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0293.823] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0293.823] GdipRestoreGraphics (graphics=0x6600030, state=0xf6140dbd) returned 0x0
[0293.823] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0293.823] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0293.823] GetCurrentObject (hdc=0x770107ae, type=0x1) returned 0xb00017
[0293.823] GetCurrentObject (hdc=0x770107ae, type=0x2) returned 0x900010
[0293.823] GetCurrentObject (hdc=0x770107ae, type=0x7) returned 0x4a0507fe
[0293.823] GetCurrentObject (hdc=0x770107ae, type=0x6) returned 0x8a01c2
[0293.824] SaveDC (hdc=0x770107ae) returned 1
[0293.824] GetNearestColor (hdc=0x770107ae, color=0xff) returned 0xff
[0293.824] GetNearestColor (hdc=0x770107ae, color=0x55) returned 0x55
[0293.824] GetNearestColor (hdc=0x770107ae, color=0x0) returned 0x0
[0293.824] GetNearestColor (hdc=0x770107ae, color=0x55) returned 0x55
[0293.824] GetNearestColor (hdc=0x770107ae, color=0x0) returned 0x0
[0293.824] GetNearestColor (hdc=0x770107ae, color=0x8080ff) returned 0x8080ff
[0293.824] GetNearestColor (hdc=0x770107ae, color=0x7373e5) returned 0x7373e5
[0293.824] GetNearestColor (hdc=0x770107ae, color=0xe5) returned 0xe5
[0293.824] GetNearestColor (hdc=0x770107ae, color=0x0) returned 0x0
[0293.824] RestoreDC (hdc=0x770107ae, nSavedDC=-1) returned 1
[0293.824] GdipReleaseDC (graphics=0x6600030, hdc=0x770107ae) returned 0x0
[0293.824] IsAppThemed () returned 0x1
[0293.824] GetThemeAppProperties () returned 0x3
[0293.824] GetThemeAppProperties () returned 0x3
[0293.824] IsAppThemed () returned 0x1
[0293.825] GetThemeAppProperties () returned 0x3
[0293.825] GetThemeAppProperties () returned 0x3
[0293.825] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d55810 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0293.825] IsAppThemed () returned 0x1
[0293.825] GetThemeAppProperties () returned 0x3
[0293.825] GetThemeAppProperties () returned 0x3
[0293.825] IsAppThemed () returned 0x1
[0293.825] GetThemeAppProperties () returned 0x3
[0293.825] GetThemeAppProperties () returned 0x3
[0293.825] IsAppThemed () returned 0x1
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] IsAppThemed () returned 0x1
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] IsThemePartDefined () returned 0x1
[0293.826] IsAppThemed () returned 0x1
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0293.826] IsAppThemed () returned 0x1
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] IsAppThemed () returned 0x1
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] GetThemeAppProperties () returned 0x3
[0293.826] IsThemePartDefined () returned 0x1
[0293.826] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0293.826] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0293.826] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0293.826] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0293.826] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e514) returned 0x0
[0293.826] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0293.826] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0293.826] LocalFree (hMem=0x11ee788) returned 0x0
[0293.826] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0293.826] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee910) returned 0x0
[0293.827] LocalFree (hMem=0x11ee910) returned 0x0
[0293.827] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0293.827] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0293.827] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0293.827] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0293.827] GdipDeleteRegion (region=0x6646568) returned 0x0
[0293.827] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0293.827] GetCurrentObject (hdc=0x770107ae, type=0x1) returned 0xb00017
[0293.827] GetCurrentObject (hdc=0x770107ae, type=0x2) returned 0x900010
[0293.827] GetCurrentObject (hdc=0x770107ae, type=0x7) returned 0x4a0507fe
[0293.827] GetCurrentObject (hdc=0x770107ae, type=0x6) returned 0x8a01c2
[0293.827] SaveDC (hdc=0x770107ae) returned 1
[0293.827] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb80407de
[0293.827] GetClipRgn (hdc=0x770107ae, hrgn=0xb80407de) returned 0
[0293.827] SelectClipRgn (hdc=0x770107ae, hrgn=0x30040807) returned 2
[0293.827] DeleteObject (ho=0xb80407de) returned 1
[0293.827] DeleteObject (ho=0x30040807) returned 1
[0293.827] OffsetViewportOrgEx (in: hdc=0x770107ae, x=0, y=0, lppt=0x2d55ec0 | out: lppt=0x2d55ec0) returned 1
[0293.827] DrawThemeParentBackground () returned 0x0
[0293.828] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0293.828] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0293.828] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0293.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0293.828] GetSystemMetrics (nIndex=42) returned 0
[0293.828] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0293.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0293.828] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0293.828] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0293.828] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0293.828] SelectPalette (hdc=0x770107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0293.828] GdipCreateFromHDC (hdc=0x770107ae, graphics=0xd7dff0) returned 0x0
[0293.828] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0293.828] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0293.828] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638c38) returned 0x0
[0293.828] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dfc8) returned 0x0
[0293.828] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0293.829] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0293.829] GdipGetClip (graphics=0x6635ec8, region=0x6646448) returned 0x0
[0293.829] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6635ec8, result=0xd7dfbc) returned 0x0
[0293.829] GdipDeleteRegion (region=0x6646448) returned 0x0
[0293.829] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7dfe8) returned 0x0
[0293.829] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0293.835] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d210, x=0, y=0, width=801, height=453) returned 0x0
[0293.836] GdipDeleteBrush (brush=0x664d210) returned 0x0
[0293.837] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0293.837] SelectPalette (hdc=0x770107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0293.837] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0293.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0293.837] GetSystemMetrics (nIndex=42) returned 0
[0293.837] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0293.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0293.838] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0293.838] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0293.838] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0293.838] SelectPalette (hdc=0x770107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0293.838] GdipCreateFromHDC (hdc=0x770107ae, graphics=0xd7df90) returned 0x0
[0293.838] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0293.838] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0293.838] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638b78) returned 0x0
[0293.838] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df68) returned 0x0
[0293.838] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0293.838] GdipCreateRegion (region=0xd7df50) returned 0x0
[0293.838] GdipGetClip (graphics=0x6635ec8, region=0x6646d48) returned 0x0
[0293.838] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6635ec8, result=0xd7df5c) returned 0x0
[0293.838] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0293.838] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7df88) returned 0x0
[0293.838] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0293.845] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d828, x=0, y=0, width=801, height=453) returned 0x0
[0293.845] GdipDeleteBrush (brush=0x664d828) returned 0x0
[0293.846] GdipRestoreGraphics (graphics=0x6635ec8, state=0xf6100dbd) returned 0x0
[0293.846] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0293.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0293.846] GetSystemMetrics (nIndex=42) returned 0
[0293.846] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0293.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0293.846] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0293.846] SelectPalette (hdc=0x770107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0293.846] RestoreDC (hdc=0x770107ae, nSavedDC=-1) returned 1
[0293.846] GdipReleaseDC (graphics=0x6600030, hdc=0x770107ae) returned 0x0
[0293.847] IsAppThemed () returned 0x1
[0293.847] GetThemeAppProperties () returned 0x3
[0293.847] GetThemeAppProperties () returned 0x3
[0293.847] IsAppThemed () returned 0x1
[0293.847] GetThemeAppProperties () returned 0x3
[0293.847] GetThemeAppProperties () returned 0x3
[0293.847] IsThemePartDefined () returned 0x1
[0293.847] GdipCreateRegion (region=0xd7e480) returned 0x0
[0293.847] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0293.847] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0293.847] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0293.847] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e498) returned 0x0
[0293.847] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0293.847] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea98) returned 0x0
[0293.847] LocalFree (hMem=0x11eea98) returned 0x0
[0293.847] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0293.847] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0293.847] LocalFree (hMem=0x11ee868) returned 0x0
[0293.847] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0293.847] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0293.847] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0293.847] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0293.847] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0293.848] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0293.848] GetCurrentObject (hdc=0x770107ae, type=0x1) returned 0xb00017
[0293.848] GetCurrentObject (hdc=0x770107ae, type=0x2) returned 0x900010
[0293.848] GetCurrentObject (hdc=0x770107ae, type=0x7) returned 0x4a0507fe
[0293.848] GetCurrentObject (hdc=0x770107ae, type=0x6) returned 0x8a01c2
[0293.848] SaveDC (hdc=0x770107ae) returned 1
[0293.848] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x31040807
[0293.848] GetClipRgn (hdc=0x770107ae, hrgn=0x31040807) returned 0
[0293.848] SelectClipRgn (hdc=0x770107ae, hrgn=0xba0407de) returned 2
[0293.848] DeleteObject (ho=0x31040807) returned 1
[0293.848] DeleteObject (ho=0xba0407de) returned 1
[0293.848] OffsetViewportOrgEx (in: hdc=0x770107ae, x=0, y=0, lppt=0x2d5c710 | out: lppt=0x2d5c710) returned 1
[0293.848] IsAppThemed () returned 0x1
[0293.848] GetThemeAppProperties () returned 0x3
[0293.848] GetThemeAppProperties () returned 0x3
[0293.848] DrawThemeBackground () returned 0x0
[0293.848] RestoreDC (hdc=0x770107ae, nSavedDC=-1) returned 1
[0293.849] GdipReleaseDC (graphics=0x6600030, hdc=0x770107ae) returned 0x0
[0293.849] GdipCreateRegion (region=0xd7e484) returned 0x0
[0293.849] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0293.849] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0293.849] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0293.849] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e49c) returned 0x0
[0293.849] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0293.849] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0293.849] LocalFree (hMem=0x11eec58) returned 0x0
[0293.849] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0293.849] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0293.849] LocalFree (hMem=0x11ee788) returned 0x0
[0293.849] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0293.849] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0293.849] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0293.849] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0293.849] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0293.849] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0293.849] GetCurrentObject (hdc=0x770107ae, type=0x1) returned 0xb00017
[0293.849] GetCurrentObject (hdc=0x770107ae, type=0x2) returned 0x900010
[0293.849] GetCurrentObject (hdc=0x770107ae, type=0x7) returned 0x4a0507fe
[0293.849] GetCurrentObject (hdc=0x770107ae, type=0x6) returned 0x8a01c2
[0293.849] SaveDC (hdc=0x770107ae) returned 1
[0293.850] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbb0407de
[0293.850] GetClipRgn (hdc=0x770107ae, hrgn=0xbb0407de) returned 0
[0293.850] SelectClipRgn (hdc=0x770107ae, hrgn=0x32040807) returned 2
[0293.850] DeleteObject (ho=0xbb0407de) returned 1
[0293.850] DeleteObject (ho=0x32040807) returned 1
[0293.850] OffsetViewportOrgEx (in: hdc=0x770107ae, x=0, y=0, lppt=0x2d5c9e4 | out: lppt=0x2d5c9e4) returned 1
[0293.850] IsAppThemed () returned 0x1
[0293.850] GetThemeAppProperties () returned 0x3
[0293.850] GetThemeAppProperties () returned 0x3
[0293.850] GetThemeBackgroundContentRect () returned 0x0
[0293.850] RestoreDC (hdc=0x770107ae, nSavedDC=-1) returned 1
[0293.850] GdipReleaseDC (graphics=0x6600030, hdc=0x770107ae) returned 0x0
[0293.850] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0293.850] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0293.850] GdipFillRectangleI (graphics=0x6600030, brush=0x6659c70, x=4, y=4, width=67, height=15) returned 0x0
[0293.850] GdipDeleteBrush (brush=0x6659c70) returned 0x0
[0293.850] IsAppThemed () returned 0x1
[0293.850] GetThemeAppProperties () returned 0x3
[0293.850] GetThemeAppProperties () returned 0x3
[0293.850] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0293.850] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0293.850] GetCurrentObject (hdc=0x770107ae, type=0x1) returned 0xb00017
[0293.850] GetCurrentObject (hdc=0x770107ae, type=0x2) returned 0x900010
[0293.851] GetCurrentObject (hdc=0x770107ae, type=0x7) returned 0x4a0507fe
[0293.851] GetCurrentObject (hdc=0x770107ae, type=0x6) returned 0x8a01c2
[0293.851] SaveDC (hdc=0x770107ae) returned 1
[0293.851] GetTextAlign (hdc=0x770107ae) returned 0x0
[0293.851] GetTextColor (hdc=0x770107ae) returned 0x0
[0293.851] GetCurrentObject (hdc=0x770107ae, type=0x6) returned 0x8a01c2
[0293.851] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0293.851] SelectObject (hdc=0x770107ae, h=0x6d0a0520) returned 0x8a01c2
[0293.851] GetBkMode (hdc=0x770107ae) returned 2
[0293.851] SetBkMode (hdc=0x770107ae, mode=1) returned 2
[0293.851] DrawTextExW (in: hdc=0x770107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d5cda8 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0293.851] DrawTextExW (in: hdc=0x770107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d5cda8 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0293.852] RestoreDC (hdc=0x770107ae, nSavedDC=-1) returned 1
[0293.852] GdipReleaseDC (graphics=0x6600030, hdc=0x770107ae) returned 0x0
[0293.852] GetFocus () returned 0x602c4
[0293.852] IsAppThemed () returned 0x1
[0293.852] GetThemeAppProperties () returned 0x3
[0293.852] GetThemeAppProperties () returned 0x3
[0293.852] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0293.852] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x770107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0293.852] GdipReleaseDC (graphics=0x6600030, hdc=0x770107ae) returned 0x0
[0293.852] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0293.853] SelectObject (hdc=0x770107ae, h=0x85000f) returned 0x4a0507fe
[0293.853] DeleteDC (hdc=0x770107ae) returned 1
[0293.853] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0293.853] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0293.853] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0293.853] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0293.853] WaitMessage () returned 1
[0293.919] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.919] IsWindowUnicode (hWnd=0x602c4) returned 1
[0293.919] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.919] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0293.919] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0293.919] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.919] IsWindowUnicode (hWnd=0x602c4) returned 1
[0293.919] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0293.920] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0293.920] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0293.920] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0018) returned 0x0
[0293.920] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0293.920] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0293.920] WaitMessage () returned 1
[0294.016] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0294.016] IsWindowUnicode (hWnd=0x602c4) returned 1
[0294.016] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0294.017] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0294.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e0035) returned 0x0
[0294.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0294.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0294.017] SetCursor (hCursor=0x10003) returned 0x10003
[0294.017] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.017] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.017] GetKeyState (nVirtKey=1) returned -128
[0294.017] GetKeyState (nVirtKey=2) returned 0
[0294.017] GetKeyState (nVirtKey=4) returned 0
[0294.017] GetKeyState (nVirtKey=5) returned 0
[0294.017] GetKeyState (nVirtKey=6) returned 0
[0294.017] IsWindowVisible (hWnd=0x602c4) returned 1
[0294.017] IsWindowEnabled (hWnd=0x602c4) returned 1
[0294.017] SetFocus (hWnd=0x602c4) returned 0x602c4
[0294.017] GetFocus () returned 0x602c4
[0294.017] GetFocus () returned 0x602c4
[0294.018] GetFocus () returned 0x602c4
[0294.018] GetKeyState (nVirtKey=1) returned -128
[0294.018] GetKeyState (nVirtKey=2) returned 0
[0294.018] GetKeyState (nVirtKey=4) returned 0
[0294.018] GetKeyState (nVirtKey=5) returned 0
[0294.018] GetKeyState (nVirtKey=6) returned 0
[0294.018] GetCapture () returned 0x0
[0294.018] SetCapture (hWnd=0x602c4) returned 0x0
[0294.018] GetKeyState (nVirtKey=1) returned -128
[0294.018] GetKeyState (nVirtKey=2) returned 0
[0294.018] GetKeyState (nVirtKey=4) returned 0
[0294.018] GetKeyState (nVirtKey=5) returned 0
[0294.018] GetKeyState (nVirtKey=6) returned 0
[0294.018] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0294.018] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0294.018] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.018] IsWindowUnicode (hWnd=0x602c4) returned 1
[0294.018] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.018] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.018] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.018] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d5cf2c, cPoints=0x1 | out: lpPoints=0x2d5cf2c) returned 40304859
[0294.018] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0294.018] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0294.018] UpdateWindow (hWnd=0x602c4) returned 1
[0294.019] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0294.019] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.019] CreateCompatibleDC (hdc=0x10105d6) returned 0x780107ae
[0294.019] SelectObject (hdc=0x780107ae, h=0x4a0507fe) returned 0x85000f
[0294.019] GdipCreateFromHDC (hdc=0x780107ae, graphics=0xd7e430) returned 0x0
[0294.019] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.019] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0294.019] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0294.019] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0294.019] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e490) returned 0x0
[0294.019] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.019] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0294.019] LocalFree (hMem=0x11eec58) returned 0x0
[0294.019] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0294.019] GdipCreateRegion (region=0xd7e478) returned 0x0
[0294.020] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0294.020] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e484) returned 0x0
[0294.020] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0294.020] GdipRestoreGraphics (graphics=0x6600030, state=0xf60e0dbd) returned 0x0
[0294.020] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.020] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0294.020] GetCurrentObject (hdc=0x780107ae, type=0x1) returned 0xb00017
[0294.020] GetCurrentObject (hdc=0x780107ae, type=0x2) returned 0x900010
[0294.020] GetCurrentObject (hdc=0x780107ae, type=0x7) returned 0x4a0507fe
[0294.020] GetCurrentObject (hdc=0x780107ae, type=0x6) returned 0x8a01c2
[0294.020] SaveDC (hdc=0x780107ae) returned 1
[0294.020] GetNearestColor (hdc=0x780107ae, color=0xff) returned 0xff
[0294.020] GetNearestColor (hdc=0x780107ae, color=0x55) returned 0x55
[0294.020] GetNearestColor (hdc=0x780107ae, color=0x0) returned 0x0
[0294.020] GetNearestColor (hdc=0x780107ae, color=0x55) returned 0x55
[0294.020] GetNearestColor (hdc=0x780107ae, color=0x0) returned 0x0
[0294.020] GetNearestColor (hdc=0x780107ae, color=0x8080ff) returned 0x8080ff
[0294.020] GetNearestColor (hdc=0x780107ae, color=0x7373e5) returned 0x7373e5
[0294.020] GetNearestColor (hdc=0x780107ae, color=0xe5) returned 0xe5
[0294.021] GetNearestColor (hdc=0x780107ae, color=0x0) returned 0x0
[0294.021] RestoreDC (hdc=0x780107ae, nSavedDC=-1) returned 1
[0294.021] GdipReleaseDC (graphics=0x6600030, hdc=0x780107ae) returned 0x0
[0294.021] IsAppThemed () returned 0x1
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] IsAppThemed () returned 0x1
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d5d648 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0294.021] IsAppThemed () returned 0x1
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] IsAppThemed () returned 0x1
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] GetThemeAppProperties () returned 0x3
[0294.021] IsAppThemed () returned 0x1
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] IsAppThemed () returned 0x1
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] IsThemePartDefined () returned 0x1
[0294.022] IsAppThemed () returned 0x1
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0294.022] IsAppThemed () returned 0x1
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] IsAppThemed () returned 0x1
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] GetThemeAppProperties () returned 0x3
[0294.022] IsThemePartDefined () returned 0x1
[0294.022] GdipCreateRegion (region=0xd7e194) returned 0x0
[0294.022] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.022] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0294.022] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0294.022] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e1ac) returned 0x0
[0294.022] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.022] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0294.022] LocalFree (hMem=0x11ee788) returned 0x0
[0294.022] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.022] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0294.023] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.023] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0294.023] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0294.023] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0294.023] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0294.023] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.023] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0294.023] GetCurrentObject (hdc=0x780107ae, type=0x1) returned 0xb00017
[0294.023] GetCurrentObject (hdc=0x780107ae, type=0x2) returned 0x900010
[0294.023] GetCurrentObject (hdc=0x780107ae, type=0x7) returned 0x4a0507fe
[0294.023] GetCurrentObject (hdc=0x780107ae, type=0x6) returned 0x8a01c2
[0294.023] SaveDC (hdc=0x780107ae) returned 1
[0294.023] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x33040807
[0294.023] GetClipRgn (hdc=0x780107ae, hrgn=0x33040807) returned 0
[0294.023] SelectClipRgn (hdc=0x780107ae, hrgn=0xbf0407de) returned 2
[0294.023] DeleteObject (ho=0x33040807) returned 1
[0294.023] DeleteObject (ho=0xbf0407de) returned 1
[0294.023] OffsetViewportOrgEx (in: hdc=0x780107ae, x=0, y=0, lppt=0x2d5dcf8 | out: lppt=0x2d5dcf8) returned 1
[0294.023] DrawThemeParentBackground () returned 0x0
[0294.024] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0294.024] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0294.024] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.024] GetSystemMetrics (nIndex=42) returned 0
[0294.024] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0294.024] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0294.024] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0294.024] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0294.024] SelectPalette (hdc=0x780107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.024] GdipCreateFromHDC (hdc=0x780107ae, graphics=0xd7dc88) returned 0x0
[0294.024] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0294.024] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0294.024] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638cc8) returned 0x0
[0294.024] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc60) returned 0x0
[0294.024] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0294.024] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0294.024] GdipGetClip (graphics=0x6635ec8, region=0x66467a8) returned 0x0
[0294.024] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6635ec8, result=0xd7dc54) returned 0x0
[0294.024] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.024] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7dc80) returned 0x0
[0294.025] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0294.032] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d6f0, x=0, y=0, width=801, height=453) returned 0x0
[0294.032] GdipDeleteBrush (brush=0x664d6f0) returned 0x0
[0294.033] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0294.033] SelectPalette (hdc=0x780107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.041] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.041] GetSystemMetrics (nIndex=42) returned 0
[0294.042] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0294.042] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0294.042] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0294.042] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0294.042] SelectPalette (hdc=0x780107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.042] GdipCreateFromHDC (hdc=0x780107ae, graphics=0xd7dc28) returned 0x0
[0294.042] GdipSetPageUnit (graphics=0x6635ec8, unit=0x2) returned 0x0
[0294.042] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0294.042] GdipGetWorldTransform (graphics=0x6635ec8, matrix=0x6638c68) returned 0x0
[0294.042] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc00) returned 0x0
[0294.042] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0294.042] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0294.042] GdipGetClip (graphics=0x6635ec8, region=0x6646d48) returned 0x0
[0294.042] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6635ec8, result=0xd7dbf4) returned 0x0
[0294.042] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.042] GdipSaveGraphics (graphics=0x6635ec8, state=0xd7dc20) returned 0x0
[0294.042] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0294.050] GdipFillRectangleI (graphics=0x6635ec8, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0294.050] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0294.051] GdipRestoreGraphics (graphics=0x6635ec8, state=0xf60a0dbd) returned 0x0
[0294.051] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.051] GetSystemMetrics (nIndex=42) returned 0
[0294.051] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.051] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0294.051] GdipDeleteGraphics (graphics=0x6635ec8) returned 0x0
[0294.051] SelectPalette (hdc=0x780107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.052] RestoreDC (hdc=0x780107ae, nSavedDC=-1) returned 1
[0294.052] GdipReleaseDC (graphics=0x6600030, hdc=0x780107ae) returned 0x0
[0294.052] IsAppThemed () returned 0x1
[0294.052] GetThemeAppProperties () returned 0x3
[0294.052] GetThemeAppProperties () returned 0x3
[0294.052] IsAppThemed () returned 0x1
[0294.052] GetThemeAppProperties () returned 0x3
[0294.052] GetThemeAppProperties () returned 0x3
[0294.052] IsThemePartDefined () returned 0x1
[0294.052] GdipCreateRegion (region=0xd7e118) returned 0x0
[0294.052] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0294.052] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0294.052] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0294.052] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e130) returned 0x0
[0294.052] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.052] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0294.053] LocalFree (hMem=0x11eec58) returned 0x0
[0294.053] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0294.053] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eea98) returned 0x0
[0294.053] LocalFree (hMem=0x11eea98) returned 0x0
[0294.053] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0294.053] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0294.053] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0294.053] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0294.053] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0294.053] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0294.053] GetCurrentObject (hdc=0x780107ae, type=0x1) returned 0xb00017
[0294.053] GetCurrentObject (hdc=0x780107ae, type=0x2) returned 0x900010
[0294.053] GetCurrentObject (hdc=0x780107ae, type=0x7) returned 0x4a0507fe
[0294.053] GetCurrentObject (hdc=0x780107ae, type=0x6) returned 0x8a01c2
[0294.053] SaveDC (hdc=0x780107ae) returned 1
[0294.053] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc00407de
[0294.053] GetClipRgn (hdc=0x780107ae, hrgn=0xc00407de) returned 0
[0294.054] SelectClipRgn (hdc=0x780107ae, hrgn=0x35040807) returned 2
[0294.054] DeleteObject (ho=0xc00407de) returned 1
[0294.054] DeleteObject (ho=0x35040807) returned 1
[0294.054] OffsetViewportOrgEx (in: hdc=0x780107ae, x=0, y=0, lppt=0x2d64548 | out: lppt=0x2d64548) returned 1
[0294.054] IsAppThemed () returned 0x1
[0294.054] GetThemeAppProperties () returned 0x3
[0294.054] GetThemeAppProperties () returned 0x3
[0294.054] DrawThemeBackground () returned 0x0
[0294.054] RestoreDC (hdc=0x780107ae, nSavedDC=-1) returned 1
[0294.054] GdipReleaseDC (graphics=0x6600030, hdc=0x780107ae) returned 0x0
[0294.054] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0294.054] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0294.054] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0294.054] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0294.054] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e134) returned 0x0
[0294.054] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0294.054] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0294.054] LocalFree (hMem=0x11ee868) returned 0x0
[0294.054] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.054] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0294.054] LocalFree (hMem=0x11ee788) returned 0x0
[0294.055] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0294.055] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0294.055] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0294.055] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0294.055] GdipDeleteRegion (region=0x6646448) returned 0x0
[0294.055] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0294.055] GetCurrentObject (hdc=0x780107ae, type=0x1) returned 0xb00017
[0294.055] GetCurrentObject (hdc=0x780107ae, type=0x2) returned 0x900010
[0294.055] GetCurrentObject (hdc=0x780107ae, type=0x7) returned 0x4a0507fe
[0294.055] GetCurrentObject (hdc=0x780107ae, type=0x6) returned 0x8a01c2
[0294.055] SaveDC (hdc=0x780107ae) returned 1
[0294.055] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x36040807
[0294.055] GetClipRgn (hdc=0x780107ae, hrgn=0x36040807) returned 0
[0294.055] SelectClipRgn (hdc=0x780107ae, hrgn=0xc10407de) returned 2
[0294.055] DeleteObject (ho=0x36040807) returned 1
[0294.055] DeleteObject (ho=0xc10407de) returned 1
[0294.055] OffsetViewportOrgEx (in: hdc=0x780107ae, x=0, y=0, lppt=0x2d6481c | out: lppt=0x2d6481c) returned 1
[0294.055] IsAppThemed () returned 0x1
[0294.056] GetThemeAppProperties () returned 0x3
[0294.056] GetThemeAppProperties () returned 0x3
[0294.056] GetThemeBackgroundContentRect () returned 0x0
[0294.057] RestoreDC (hdc=0x780107ae, nSavedDC=-1) returned 1
[0294.057] GdipReleaseDC (graphics=0x6600030, hdc=0x780107ae) returned 0x0
[0294.057] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0294.057] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0294.057] GdipFillRectangleI (graphics=0x6600030, brush=0x6659c70, x=4, y=4, width=67, height=15) returned 0x0
[0294.057] GdipDeleteBrush (brush=0x6659c70) returned 0x0
[0294.057] IsAppThemed () returned 0x1
[0294.057] GetThemeAppProperties () returned 0x3
[0294.057] GetThemeAppProperties () returned 0x3
[0294.057] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0294.057] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0294.057] GetCurrentObject (hdc=0x780107ae, type=0x1) returned 0xb00017
[0294.057] GetCurrentObject (hdc=0x780107ae, type=0x2) returned 0x900010
[0294.057] GetCurrentObject (hdc=0x780107ae, type=0x7) returned 0x4a0507fe
[0294.057] GetCurrentObject (hdc=0x780107ae, type=0x6) returned 0x8a01c2
[0294.057] SaveDC (hdc=0x780107ae) returned 1
[0294.057] GetTextAlign (hdc=0x780107ae) returned 0x0
[0294.057] GetTextColor (hdc=0x780107ae) returned 0x0
[0294.057] GetCurrentObject (hdc=0x780107ae, type=0x6) returned 0x8a01c2
[0294.057] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0294.058] SelectObject (hdc=0x780107ae, h=0x6d0a0520) returned 0x8a01c2
[0294.058] GetBkMode (hdc=0x780107ae) returned 2
[0294.058] SetBkMode (hdc=0x780107ae, mode=1) returned 2
[0294.058] DrawTextExW (in: hdc=0x780107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d64be0 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0294.058] DrawTextExW (in: hdc=0x780107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d64be0 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0294.058] RestoreDC (hdc=0x780107ae, nSavedDC=-1) returned 1
[0294.058] GdipReleaseDC (graphics=0x6600030, hdc=0x780107ae) returned 0x0
[0294.058] GetFocus () returned 0x602c4
[0294.058] IsAppThemed () returned 0x1
[0294.059] GetThemeAppProperties () returned 0x3
[0294.059] GetThemeAppProperties () returned 0x3
[0294.059] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0294.059] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x780107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.059] GdipReleaseDC (graphics=0x6600030, hdc=0x780107ae) returned 0x0
[0294.059] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.059] SelectObject (hdc=0x780107ae, h=0x85000f) returned 0x4a0507fe
[0294.059] DeleteDC (hdc=0x780107ae) returned 1
[0294.059] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.059] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0294.059] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d64cdc, cPoints=0x1 | out: lpPoints=0x2d64cdc) returned 40304859
[0294.059] WindowFromPoint (Point=0xf3) returned 0x602c4
[0294.060] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27300f3) returned 0x1
[0294.060] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0294.060] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0294.060] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0294.060] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0294.060] GetSystemMetrics (nIndex=42) returned 0
[0294.060] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0294.060] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0294.062] GetCapture () returned 0x602c4
[0294.062] ReleaseCapture () returned 1
[0294.062] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0294.062] GetProcessWindowStation () returned 0x13c
[0294.063] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.063] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0294.063] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.063] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0294.064] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.064] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0294.064] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.064] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0294.064] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.064] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0294.064] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.064] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0294.064] GetDC (hWnd=0x0) returned 0x107b9
[0294.065] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0294.065] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0294.065] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.065] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0294.065] GetSystemMetrics (nIndex=5) returned 1
[0294.065] GetSystemMetrics (nIndex=6) returned 1
[0294.065] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.065] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0294.066] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.066] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0294.069] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0294.069] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0294.069] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.069] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0294.069] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.069] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0294.070] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d6a6f8 | out: lpData=0x2d6a6f8) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d6ab08, puLen=0xd7e810) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6a7b0, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6a804, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6a884, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6a8ec, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6a92c, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6a9b4, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6a9f0, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6aa48, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6aa78, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6aab4, puLen=0xd7e790) returned 1
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d6ab08, puLen=0xd7e784) returned 1
[0294.071] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.071] VerQueryValueW (in: pBlock=0x2d6a6f8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6a720, puLen=0xd7e794) returned 1
[0294.072] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0294.072] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0294.072] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.072] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0294.072] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.072] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0294.072] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d6c668 | out: lpData=0x2d6c668) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d6c704, puLen=0xd7e810) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c77c, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c7ac, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c7e8, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c818, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c860, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c8d8, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c91c, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c95c, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c75a, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6c8a8, puLen=0xd7e790) returned 1
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d6c704, puLen=0xd7e784) returned 1
[0294.073] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0294.073] VerQueryValueW (in: pBlock=0x2d6c668, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6c690, puLen=0xd7e794) returned 1
[0294.074] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0294.074] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0294.074] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.074] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0294.074] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.074] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0294.075] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d6e940 | out: lpData=0x2d6e940) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d6ed54, puLen=0xd7e810) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6e9f8, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ea4c, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6eaa8, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6eb08, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6eb60, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ebe8, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ec3c, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ec94, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ecc4, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d6ed00, puLen=0xd7e790) returned 1
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d6ed54, puLen=0xd7e784) returned 1
[0294.076] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.076] VerQueryValueW (in: pBlock=0x2d6e940, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d6e968, puLen=0xd7e794) returned 1
[0294.077] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0294.077] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0294.077] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.077] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0294.077] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.077] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0294.078] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d70f78 | out: lpData=0x2d70f78) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d71378, puLen=0xd7e810) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d71030, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d71084, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d710c4, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7112c, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d71184, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7120c, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d71260, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d712b8, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d712e8, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d71324, puLen=0xd7e790) returned 1
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d71378, puLen=0xd7e784) returned 1
[0294.079] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.079] VerQueryValueW (in: pBlock=0x2d70f78, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d70fa0, puLen=0xd7e794) returned 1
[0294.080] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0294.080] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0294.080] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.080] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0294.080] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.080] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0294.081] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d736b4 | out: lpData=0x2d736b4) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d73a7c, puLen=0xd7e810) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7376c, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d737c0, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d73800, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d73868, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d738a4, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7392c, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d73964, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d739bc, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d739ec, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d73a28, puLen=0xd7e790) returned 1
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d73a7c, puLen=0xd7e784) returned 1
[0294.082] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.082] VerQueryValueW (in: pBlock=0x2d736b4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d736dc, puLen=0xd7e794) returned 1
[0294.083] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0294.083] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0294.083] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.083] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0294.083] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.083] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0294.084] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d76d1c | out: lpData=0x2d76d1c) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d770fc, puLen=0xd7e810) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d76dd4, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d76e28, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d76e68, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d76ec8, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d76f14, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d76f9c, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d76fe4, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7703c, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7706c, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d770a8, puLen=0xd7e790) returned 1
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d770fc, puLen=0xd7e784) returned 1
[0294.085] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.085] VerQueryValueW (in: pBlock=0x2d76d1c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d76d44, puLen=0xd7e794) returned 1
[0294.086] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0294.086] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0294.086] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.086] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0294.086] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.086] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0294.087] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d7953c | out: lpData=0x2d7953c) returned 1
[0294.087] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d79948, puLen=0xd7e810) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d795f4, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79648, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7969c, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d796fc, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79754, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d797dc, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79830, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d79888, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d798b8, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d798f4, puLen=0xd7e790) returned 1
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d79948, puLen=0xd7e784) returned 1
[0294.088] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.088] VerQueryValueW (in: pBlock=0x2d7953c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d79564, puLen=0xd7e794) returned 1
[0294.089] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0294.089] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0294.089] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.089] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0294.089] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.089] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0294.090] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d7bd50 | out: lpData=0x2d7bd50) returned 1
[0294.090] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d7c128, puLen=0xd7e810) returned 1
[0294.090] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7be08, puLen=0xd7e790) returned 1
[0294.090] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7be5c, puLen=0xd7e790) returned 1
[0294.090] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7be9c, puLen=0xd7e790) returned 1
[0294.091] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bf04, puLen=0xd7e790) returned 1
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bf48, puLen=0xd7e790) returned 1
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7bfd0, puLen=0xd7e790) returned 1
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7c010, puLen=0xd7e790) returned 1
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7c068, puLen=0xd7e790) returned 1
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7c098, puLen=0xd7e790) returned 1
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7c0d4, puLen=0xd7e790) returned 1
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d7c128, puLen=0xd7e784) returned 1
[0294.093] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.093] VerQueryValueW (in: pBlock=0x2d7bd50, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d7bd78, puLen=0xd7e794) returned 1
[0294.094] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0294.094] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0294.094] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.094] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0294.094] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.094] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0294.095] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d7e2a8 | out: lpData=0x2d7e2a8) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d7e680, puLen=0xd7e810) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e360, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e3b4, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e3f4, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e45c, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e4a0, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e528, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e568, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e5c0, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e5f0, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d7e62c, puLen=0xd7e790) returned 1
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d7e680, puLen=0xd7e784) returned 1
[0294.096] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.096] VerQueryValueW (in: pBlock=0x2d7e2a8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d7e2d0, puLen=0xd7e794) returned 1
[0294.097] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0294.097] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0294.097] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0294.097] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0294.097] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0294.097] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0294.098] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d809e0 | out: lpData=0x2d809e0) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d80e10, puLen=0xd7e810) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80a98, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80aec, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80b5c, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80bbc, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80c18, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80ca0, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80cf8, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80d50, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80d80, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d80dbc, puLen=0xd7e790) returned 1
[0294.098] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0294.099] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d80e10, puLen=0xd7e784) returned 1
[0294.099] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0294.099] VerQueryValueW (in: pBlock=0x2d809e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d80a08, puLen=0xd7e794) returned 1
[0294.099] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0294.099] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.099] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0294.100] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.100] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.100] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2702d0
[0294.100] SetWindowLongW (hWnd=0x2702d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0294.100] GetWindowLongW (hWnd=0x2702d0, nIndex=-4) returned 1950089536
[0294.101] SetWindowLongW (hWnd=0x2702d0, nIndex=-4, dwNewLong=19951630) returned 1950089536
[0294.101] GetWindowLongW (hWnd=0x2702d0, nIndex=-4) returned 19951630
[0294.101] GetWindowLongW (hWnd=0x2702d0, nIndex=-16) returned 113311744
[0294.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0294.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0294.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0294.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0294.102] GetClientRect (in: hWnd=0x2702d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0294.102] GetWindowRect (in: hWnd=0x2702d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0294.102] SetWindowTextW (hWnd=0x2702d0, lpString="WindowsFormsParkingWindow") returned 1
[0294.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0xc, wParam=0x0, lParam=0x2d45f90) returned 0x1
[0294.103] GetParent (hWnd=0x2702d0) returned 0x0
[0294.103] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.103] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2702d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c02c8
[0294.103] SetWindowLongW (hWnd=0x2c02c8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0294.103] GetWindowLongW (hWnd=0x2c02c8, nIndex=-4) returned 1868147648
[0294.104] SetWindowLongW (hWnd=0x2c02c8, nIndex=-4, dwNewLong=19951350) returned 1868147648
[0294.104] GetWindowLongW (hWnd=0x2c02c8, nIndex=-4) returned 19951350
[0294.104] GetWindowLongW (hWnd=0x2c02c8, nIndex=-16) returned 1174405133
[0294.104] GetWindowLongW (hWnd=0x2c02c8, nIndex=-12) returned 0
[0294.104] SetWindowLongW (hWnd=0x2c02c8, nIndex=-12, dwNewLong=2884296) returned 0
[0294.104] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0294.104] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0294.104] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0294.105] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0294.105] GetWindowRect (in: hWnd=0x2c02c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0294.105] GetParent (hWnd=0x2c02c8) returned 0x2702d0
[0294.105] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2702d0, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0294.106] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0294.106] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0294.106] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0294.106] GetWindowRect (in: hWnd=0x2c02c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0294.106] GetParent (hWnd=0x2c02c8) returned 0x2702d0
[0294.106] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2702d0, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0294.106] SendMessageW (hWnd=0x2c02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2c02c8) returned 0x0
[0294.106] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2c02c8) returned 0x0
[0294.106] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.106] GetParent (hWnd=0x2c02c8) returned 0x2702d0
[0294.106] GdipCreateFromHWND (hwnd=0x2c02c8, graphics=0xd7e844) returned 0x0
[0294.107] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0294.107] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.107] GetForegroundWindow () returned 0x602c4
[0294.108] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.108] GetCursorPos (in: lpPoint=0x2d84cec | out: lpPoint=0x2d84cec*(x=243, y=627)) returned 1
[0294.108] MonitorFromPoint (pt=0xf3, dwFlags=0x273) returned 0x10001
[0294.108] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0294.108] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7b0107ae
[0294.108] GetDeviceCaps (hdc=0x7b0107ae, index=12) returned 32
[0294.108] GetDeviceCaps (hdc=0x7b0107ae, index=14) returned 1
[0294.108] DeleteDC (hdc=0x7b0107ae) returned 1
[0294.108] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0294.108] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0294.108] GetSystemMetrics (nIndex=59) returned 1460
[0294.108] GetSystemMetrics (nIndex=60) returned 920
[0294.108] GetSystemMetrics (nIndex=34) returned 136
[0294.109] GetSystemMetrics (nIndex=35) returned 39
[0294.109] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.109] GetCursorPos (in: lpPoint=0x2d84f58 | out: lpPoint=0x2d84f58*(x=243, y=627)) returned 1
[0294.109] MonitorFromPoint (pt=0xf0, dwFlags=0x275) returned 0x10001
[0294.109] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0294.109] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7c0107ae
[0294.109] GetDeviceCaps (hdc=0x7c0107ae, index=12) returned 32
[0294.109] GetDeviceCaps (hdc=0x7c0107ae, index=14) returned 1
[0294.109] DeleteDC (hdc=0x7c0107ae) returned 1
[0294.109] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0294.109] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0294.110] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.110] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0294.110] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d851f0 | out: piconinfo=0x2d851f0) returned 1
[0294.110] GetObjectW (in: h=0x250507f3, c=24, pv=0x2d8520c | out: pv=0x2d8520c) returned 24
[0294.110] GdipCreateBitmapFromHBITMAP (hbm=0x250507f3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0294.111] GdipGetImageWidth (image=0x664fe20, width=0xd7e750) returned 0x0
[0294.111] GdipGetImageHeight (image=0x664fe20, height=0xd7e748) returned 0x0
[0294.111] GdipGetImagePixelFormat (image=0x664fe20, format=0xd7e740) returned 0x0
[0294.111] GdipBitmapLockBits (bitmap=0x664fe20, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d852c4) returned 0x0
[0294.111] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0294.111] GdipBitmapLockBits (bitmap=0x664edb8, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d852fc) returned 0x0
[0294.111] RtlMoveMemory (in: Destination=0x6660f58, Source=0x665deb8, Length=0x80 | out: Destination=0x6660f58)
[0294.111] RtlMoveMemory (in: Destination=0x6660fd8, Source=0x665de38, Length=0x80 | out: Destination=0x6660fd8)
[0294.111] RtlMoveMemory (in: Destination=0x6661058, Source=0x665ddb8, Length=0x80 | out: Destination=0x6661058)
[0294.111] RtlMoveMemory (in: Destination=0x66610d8, Source=0x665dd38, Length=0x80 | out: Destination=0x66610d8)
[0294.111] RtlMoveMemory (in: Destination=0x6661158, Source=0x665dcb8, Length=0x80 | out: Destination=0x6661158)
[0294.111] RtlMoveMemory (in: Destination=0x66611d8, Source=0x665dc38, Length=0x80 | out: Destination=0x66611d8)
[0294.111] RtlMoveMemory (in: Destination=0x6661258, Source=0x665dbb8, Length=0x80 | out: Destination=0x6661258)
[0294.111] RtlMoveMemory (in: Destination=0x66612d8, Source=0x665db38, Length=0x80 | out: Destination=0x66612d8)
[0294.111] RtlMoveMemory (in: Destination=0x6661358, Source=0x665dab8, Length=0x80 | out: Destination=0x6661358)
[0294.111] RtlMoveMemory (in: Destination=0x66613d8, Source=0x665da38, Length=0x80 | out: Destination=0x66613d8)
[0294.111] RtlMoveMemory (in: Destination=0x6661458, Source=0x665d9b8, Length=0x80 | out: Destination=0x6661458)
[0294.111] RtlMoveMemory (in: Destination=0x66614d8, Source=0x665d938, Length=0x80 | out: Destination=0x66614d8)
[0294.111] RtlMoveMemory (in: Destination=0x6661558, Source=0x665d8b8, Length=0x80 | out: Destination=0x6661558)
[0294.111] RtlMoveMemory (in: Destination=0x66615d8, Source=0x665d838, Length=0x80 | out: Destination=0x66615d8)
[0294.111] RtlMoveMemory (in: Destination=0x6661658, Source=0x665d7b8, Length=0x80 | out: Destination=0x6661658)
[0294.111] RtlMoveMemory (in: Destination=0x66616d8, Source=0x665d738, Length=0x80 | out: Destination=0x66616d8)
[0294.112] RtlMoveMemory (in: Destination=0x6661758, Source=0x665d6b8, Length=0x80 | out: Destination=0x6661758)
[0294.112] RtlMoveMemory (in: Destination=0x66617d8, Source=0x665d638, Length=0x80 | out: Destination=0x66617d8)
[0294.112] RtlMoveMemory (in: Destination=0x6661858, Source=0x665d5b8, Length=0x80 | out: Destination=0x6661858)
[0294.112] RtlMoveMemory (in: Destination=0x66618d8, Source=0x665d538, Length=0x80 | out: Destination=0x66618d8)
[0294.112] RtlMoveMemory (in: Destination=0x6661958, Source=0x665d4b8, Length=0x80 | out: Destination=0x6661958)
[0294.112] RtlMoveMemory (in: Destination=0x66619d8, Source=0x665d438, Length=0x80 | out: Destination=0x66619d8)
[0294.112] RtlMoveMemory (in: Destination=0x6661a58, Source=0x665d3b8, Length=0x80 | out: Destination=0x6661a58)
[0294.112] RtlMoveMemory (in: Destination=0x6661ad8, Source=0x665d338, Length=0x80 | out: Destination=0x6661ad8)
[0294.112] RtlMoveMemory (in: Destination=0x6661b58, Source=0x665d2b8, Length=0x80 | out: Destination=0x6661b58)
[0294.112] RtlMoveMemory (in: Destination=0x6661bd8, Source=0x665d238, Length=0x80 | out: Destination=0x6661bd8)
[0294.112] RtlMoveMemory (in: Destination=0x6661c58, Source=0x665d1b8, Length=0x80 | out: Destination=0x6661c58)
[0294.112] RtlMoveMemory (in: Destination=0x6661cd8, Source=0x665d138, Length=0x80 | out: Destination=0x6661cd8)
[0294.112] RtlMoveMemory (in: Destination=0x6661d58, Source=0x665d0b8, Length=0x80 | out: Destination=0x6661d58)
[0294.112] RtlMoveMemory (in: Destination=0x6661dd8, Source=0x665d038, Length=0x80 | out: Destination=0x6661dd8)
[0294.112] RtlMoveMemory (in: Destination=0x6661e58, Source=0x665cfb8, Length=0x80 | out: Destination=0x6661e58)
[0294.112] RtlMoveMemory (in: Destination=0x6661ed8, Source=0x665cf38, Length=0x80 | out: Destination=0x6661ed8)
[0294.112] GdipBitmapUnlockBits (bitmap=0x664fe20, lockedBitmapData=0x2d852c4) returned 0x0
[0294.112] GdipBitmapUnlockBits (bitmap=0x664edb8, lockedBitmapData=0x2d852fc) returned 0x0
[0294.112] GdipDisposeImage (image=0x664fe20) returned 0x0
[0294.113] DeleteObject (ho=0x250507f3) returned 1
[0294.113] DeleteObject (ho=0x7d0507ae) returned 1
[0294.113] GetCurrentThreadId () returned 0xf50
[0294.113] GetCurrentThreadId () returned 0xf50
[0294.113] SetWindowPos (hWnd=0x2c02c8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0294.113] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0294.113] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0294.113] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0294.113] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0294.113] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0294.113] GetWindowRect (in: hWnd=0x2c02c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0294.113] GetParent (hWnd=0x2c02c8) returned 0x2702d0
[0294.113] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2702d0, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0294.114] InvalidateRect (hWnd=0x2c02c8, lpRect=0x0, bErase=1) returned 1
[0294.114] GetWindowTextLengthW (hWnd=0x2c02c8) returned 0
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0294.114] GetSystemMetrics (nIndex=42) returned 0
[0294.114] GetWindowTextW (in: hWnd=0x2c02c8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0294.114] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0294.114] GetWindowRect (in: hWnd=0x2c02c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0294.114] GetParent (hWnd=0x2c02c8) returned 0x2702d0
[0294.114] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2702d0, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0294.114] GetWindowTextLengthW (hWnd=0x2c02c8) returned 0
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0294.114] GetSystemMetrics (nIndex=42) returned 0
[0294.114] GetWindowTextW (in: hWnd=0x2c02c8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0294.114] GetWindowTextLengthW (hWnd=0x2c02c8) returned 0
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0294.114] GetSystemMetrics (nIndex=42) returned 0
[0294.114] GetWindowTextW (in: hWnd=0x2c02c8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0294.114] SetWindowTextW (hWnd=0x2c02c8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0294.114] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xc, wParam=0x0, lParam=0x2d662d0) returned 0x1
[0294.115] InvalidateRect (hWnd=0x2c02c8, lpRect=0x0, bErase=1) returned 1
[0294.115] GetCurrentThreadId () returned 0xf50
[0294.115] GetWindowThreadProcessId (in: hWnd=0x2c02c8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0294.115] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0294.117] GdipImageForceValidation (image=0x6652238) returned 0x0
[0294.118] GdipGetImageRawFormat (image=0x6652238, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0294.118] GdipGetImageHeight (image=0x6652238, height=0xd7e824) returned 0x0
[0294.118] GdipGetImageWidth (image=0x6652238, width=0xd7e824) returned 0x0
[0294.118] GdipGetImageWidth (image=0x6652238, width=0xd7e810) returned 0x0
[0294.118] GdipGetImageHeight (image=0x6652238, height=0xd7e810) returned 0x0
[0294.118] GdipGetImageWidth (image=0x6652238, width=0xd7e800) returned 0x0
[0294.118] GdipGetImageHeight (image=0x6652238, height=0xd7e800) returned 0x0
[0294.118] GdipBitmapGetPixel (bitmap=0x6652238, x=0, y=15, color=0xd7e810) returned 0x0
[0294.118] GdipGetImageRawFormat (image=0x6652238, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0294.118] GdipGetImageWidth (image=0x6652238, width=0xd7e740) returned 0x0
[0294.118] GdipGetImageHeight (image=0x6652238, height=0xd7e740) returned 0x0
[0294.118] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0294.118] GdipGetImagePixelFormat (image=0x664f100, format=0xd7e740) returned 0x0
[0294.118] GdipGetImageGraphicsContext (image=0x664f100, graphics=0xd7e74c) returned 0x0
[0294.118] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0294.118] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0294.118] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0294.119] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6652238, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0294.119] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0294.119] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.119] GdipDisposeImage (image=0x6652238) returned 0x0
[0294.119] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0294.120] GdipImageForceValidation (image=0x6652238) returned 0x0
[0294.121] GdipGetImageRawFormat (image=0x6652238, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0294.121] GdipGetImageHeight (image=0x6652238, height=0xd7e824) returned 0x0
[0294.121] GdipGetImageWidth (image=0x6652238, width=0xd7e824) returned 0x0
[0294.121] GdipGetImageWidth (image=0x6652238, width=0xd7e810) returned 0x0
[0294.121] GdipGetImageHeight (image=0x6652238, height=0xd7e810) returned 0x0
[0294.121] GdipGetImageWidth (image=0x6652238, width=0xd7e800) returned 0x0
[0294.121] GdipGetImageHeight (image=0x6652238, height=0xd7e800) returned 0x0
[0294.121] GdipBitmapGetPixel (bitmap=0x6652238, x=0, y=15, color=0xd7e810) returned 0x0
[0294.121] GdipGetImageRawFormat (image=0x6652238, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0294.121] GdipGetImageWidth (image=0x6652238, width=0xd7e740) returned 0x0
[0294.122] GdipGetImageHeight (image=0x6652238, height=0xd7e740) returned 0x0
[0294.122] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0294.122] GdipGetImagePixelFormat (image=0x664ea70, format=0xd7e740) returned 0x0
[0294.122] GdipGetImageGraphicsContext (image=0x664ea70, graphics=0xd7e74c) returned 0x0
[0294.122] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0294.123] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0294.123] GdipSetImageAttributesColorKeys (imageattr=0x6638c98, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0294.123] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6652238, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c98, callback=0x0, callbackData=0x0) returned 0x0
[0294.123] GdipDisposeImageAttributes (imageattr=0x6638c98) returned 0x0
[0294.123] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.123] GdipDisposeImage (image=0x6652238) returned 0x0
[0294.124] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.124] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0294.124] GetCurrentThreadId () returned 0xf50
[0294.124] GetCurrentThreadId () returned 0xf50
[0294.124] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.124] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0294.124] GetCurrentThreadId () returned 0xf50
[0294.124] GetCurrentThreadId () returned 0xf50
[0294.124] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.124] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0294.124] GetCurrentThreadId () returned 0xf50
[0294.124] GetCurrentThreadId () returned 0xf50
[0294.125] GetSystemMetrics (nIndex=5) returned 1
[0294.125] GetSystemMetrics (nIndex=6) returned 1
[0294.125] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.125] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0294.125] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.125] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0294.125] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.125] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0294.125] GetCurrentThreadId () returned 0xf50
[0294.125] GetCurrentThreadId () returned 0xf50
[0294.126] GetProcessWindowStation () returned 0x13c
[0294.126] GetCapture () returned 0x0
[0294.126] GetActiveWindow () returned 0x7005c
[0294.126] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0294.126] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.126] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0294.126] GetCursorPos (in: lpPoint=0x2d8643c | out: lpPoint=0x2d8643c*(x=243, y=627)) returned 1
[0294.126] MonitorFromPoint (pt=0xf3, dwFlags=0x273) returned 0x10001
[0294.126] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0294.126] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7e0107ae
[0294.126] GetDeviceCaps (hdc=0x7e0107ae, index=12) returned 32
[0294.127] GetDeviceCaps (hdc=0x7e0107ae, index=14) returned 1
[0294.127] DeleteDC (hdc=0x7e0107ae) returned 1
[0294.127] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0294.127] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.127] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3202dc
[0294.127] SetWindowLongW (hWnd=0x3202dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0294.127] GetWindowLongW (hWnd=0x3202dc, nIndex=-4) returned 1950089536
[0294.128] SetWindowLongW (hWnd=0x3202dc, nIndex=-4, dwNewLong=19951750) returned 1950089536
[0294.128] GetWindowLongW (hWnd=0x3202dc, nIndex=-4) returned 19951750
[0294.128] GetWindowLongW (hWnd=0x3202dc, nIndex=-16) returned 113770496
[0294.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0294.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0294.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0294.129] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0294.129] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0294.129] SetWindowTextW (hWnd=0x3202dc, lpString="Microsoft .NET Framework") returned 1
[0294.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xc, wParam=0x0, lParam=0x2c2f45c) returned 0x1
[0294.130] GetStartupInfoW (in: lpStartupInfo=0x2d86778 | out: lpStartupInfo=0x2d86778*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0294.131] GetParent (hWnd=0x3202dc) returned 0x0
[0294.131] SetWindowLongW (hWnd=0x3202dc, nIndex=-8, dwNewLong=0) returned 0
[0294.132] SendMessageW (hWnd=0x3202dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0294.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0294.132] SendMessageW (hWnd=0x3202dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0294.132] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0294.132] GetSystemMenu (hWnd=0x3202dc, bRevert=0) returned 0x440087
[0294.133] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0294.133] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0294.133] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0294.133] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0294.133] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0294.133] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0294.133] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0294.133] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0294.133] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0294.133] SetWindowPos (hWnd=0x3202dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0294.133] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0294.134] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3202dc) returned 0x1
[0294.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0294.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0294.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.139] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3202dc, lParam=0x0) returned 0x0
[0294.139] GetCapture () returned 0x0
[0294.139] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0294.140] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0294.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0294.142] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.142] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0294.143] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0294.143] GetParent (hWnd=0x3202dc) returned 0x0
[0294.143] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.143] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0294.145] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0294.145] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0294.145] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0294.145] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0294.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.148] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.148] GetWindowLongW (hWnd=0x3202dc, nIndex=-16) returned 113770496
[0294.148] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.148] GetSystemMetrics (nIndex=42) returned 0
[0294.148] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0294.148] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.148] GetSystemMetrics (nIndex=42) returned 0
[0294.148] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.148] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0294.148] GetCursorPos (in: lpPoint=0x2d86a44 | out: lpPoint=0x2d86a44*(x=243, y=627)) returned 1
[0294.148] MonitorFromPoint (pt=0xf3, dwFlags=0x273) returned 0x10001
[0294.148] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0294.148] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x5b0106b6
[0294.149] GetDeviceCaps (hdc=0x5b0106b6, index=12) returned 32
[0294.149] GetDeviceCaps (hdc=0x5b0106b6, index=14) returned 1
[0294.149] DeleteDC (hdc=0x5b0106b6) returned 1
[0294.149] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0294.149] GetWindowLongW (hWnd=0x3202dc, nIndex=-16) returned 113770496
[0294.149] GetWindowLongW (hWnd=0x3202dc, nIndex=-20) returned 327945
[0294.149] SetWindowLongW (hWnd=0x3202dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0294.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0294.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0294.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.151] SetWindowLongW (hWnd=0x3202dc, nIndex=-20, dwNewLong=327681) returned 327945
[0294.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0294.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0294.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.153] SetWindowPos (hWnd=0x3202dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0294.153] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0294.153] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0294.156] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0294.156] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0294.156] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0294.156] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0294.157] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.158] RedrawWindow (hWnd=0x3202dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0294.158] GetSystemMenu (hWnd=0x3202dc, bRevert=0) returned 0x440087
[0294.158] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0294.158] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0294.158] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0294.158] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0294.158] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0294.158] EnableMenuItem (hMenu=0x440087, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0294.158] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0294.158] GetWindowLongW (hWnd=0x3202dc, nIndex=-8) returned 0
[0294.158] SetWindowLongW (hWnd=0x3202dc, nIndex=-8, dwNewLong=458844) returned 0
[0294.159] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0294.159] GetProcessWindowStation () returned 0x13c
[0294.159] GetCurrentThreadId () returned 0xf50
[0294.160] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1306cc6, lParam=0x0) returned 1
[0294.160] IsWindowVisible (hWnd=0x3202dc) returned 0
[0294.160] IsWindowVisible (hWnd=0x7005c) returned 1
[0294.160] IsWindowEnabled (hWnd=0x7005c) returned 1
[0294.160] IsWindowVisible (hWnd=0x300ec) returned 0
[0294.160] IsWindowVisible (hWnd=0x502c6) returned 0
[0294.160] IsWindowVisible (hWnd=0x502be) returned 0
[0294.160] GetActiveWindow () returned 0x3202dc
[0294.160] GetFocus () returned 0x3202dc
[0294.160] IsWindow (hWnd=0x7005c) returned 1
[0294.160] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0294.160] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0294.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0294.161] GetWindowLongW (hWnd=0x3202dc, nIndex=-8) returned 458844
[0294.161] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0294.161] GetCurrentThreadId () returned 0xf50
[0294.161] GetWindowLongW (hWnd=0x3202dc, nIndex=-8) returned 458844
[0294.161] IsWindowEnabled (hWnd=0x7005c) returned 0
[0294.161] IsWindowEnabled (hWnd=0x3202dc) returned 1
[0294.161] ShowWindow (hWnd=0x3202dc, nCmdShow=5) returned 0
[0294.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.161] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0294.161] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.162] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.162] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3500ea
[0294.162] SetWindowLongW (hWnd=0x3500ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0294.162] GetWindowLongW (hWnd=0x3500ea, nIndex=-4) returned 1950089536
[0294.163] SetWindowLongW (hWnd=0x3500ea, nIndex=-4, dwNewLong=19952270) returned 1950089536
[0294.163] GetWindowLongW (hWnd=0x3500ea, nIndex=-4) returned 19952270
[0294.163] GetWindowLongW (hWnd=0x3500ea, nIndex=-16) returned 1174405120
[0294.163] GetWindowLongW (hWnd=0x3500ea, nIndex=-12) returned 0
[0294.163] SetWindowLongW (hWnd=0x3500ea, nIndex=-12, dwNewLong=3473642) returned 0
[0294.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0294.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0294.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0294.163] GetWindow (hWnd=0x3500ea, uCmd=0x3) returned 0x0
[0294.163] GetClientRect (in: hWnd=0x3500ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0294.163] GetWindowRect (in: hWnd=0x3500ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0294.163] GetParent (hWnd=0x3500ea) returned 0x3202dc
[0294.164] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0294.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0294.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0294.164] GetClientRect (in: hWnd=0x3500ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0294.164] GetWindowRect (in: hWnd=0x3500ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0294.164] GetParent (hWnd=0x3500ea) returned 0x3202dc
[0294.164] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0294.164] SendMessageW (hWnd=0x3500ea, Msg=0x2210, wParam=0xea0001, lParam=0x3500ea) returned 0x0
[0294.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x2210, wParam=0xea0001, lParam=0x3500ea) returned 0x0
[0294.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.165] GetParent (hWnd=0x3500ea) returned 0x3202dc
[0294.165] GetParent (hWnd=0x2c02c8) returned 0x2702d0
[0294.165] SetParent (hWndChild=0x2c02c8, hWndNewParent=0x3202dc) returned 0x2702d0
[0294.165] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0294.165] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0294.166] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0294.166] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0294.166] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0294.166] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0294.166] GetWindowRect (in: hWnd=0x2c02c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0294.166] GetParent (hWnd=0x2c02c8) returned 0x3202dc
[0294.166] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0294.166] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0294.166] GetWindowRect (in: hWnd=0x2c02c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0294.166] GetParent (hWnd=0x2c02c8) returned 0x3202dc
[0294.166] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0294.166] GetParent (hWnd=0x2c02c8) returned 0x3202dc
[0294.166] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.166] GetWindow (hWnd=0x2c02c8, uCmd=0x3) returned 0x0
[0294.166] SetWindowPos (hWnd=0x2c02c8, hWndInsertAfter=0x3500ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0294.166] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0294.167] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0294.167] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0294.167] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0294.167] GetWindowRect (in: hWnd=0x2c02c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0294.167] GetParent (hWnd=0x2c02c8) returned 0x3202dc
[0294.167] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0294.167] GetParent (hWnd=0x2c02c8) returned 0x3202dc
[0294.167] GetWindow (hWnd=0x2c02c8, uCmd=0x3) returned 0x3500ea
[0294.167] GetWindowThreadProcessId (in: hWnd=0x2c02c8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0294.167] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0294.168] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.168] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.168] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3402d8
[0294.168] SetWindowLongW (hWnd=0x3402d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0294.168] GetWindowLongW (hWnd=0x3402d8, nIndex=-4) returned 1868032000
[0294.169] SetWindowLongW (hWnd=0x3402d8, nIndex=-4, dwNewLong=19952110) returned 1868032000
[0294.169] GetWindowLongW (hWnd=0x3402d8, nIndex=-4) returned 19952110
[0294.169] GetWindowLongW (hWnd=0x3402d8, nIndex=-16) returned 1174470667
[0294.169] GetWindowLongW (hWnd=0x3402d8, nIndex=-12) returned 0
[0294.169] SetWindowLongW (hWnd=0x3402d8, nIndex=-12, dwNewLong=3408600) returned 0
[0294.169] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0294.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0294.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0294.171] SendMessageW (hWnd=0x3402d8, Msg=0x2055, wParam=0x3402d8, lParam=0x3) returned 0x2
[0294.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0294.171] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0294.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0294.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0294.171] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0294.171] RedrawWindow (hWnd=0x3500ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0294.171] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0294.171] RedrawWindow (hWnd=0x2c02c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0294.171] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0294.171] RedrawWindow (hWnd=0x3402d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0294.171] RedrawWindow (hWnd=0x3202dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0294.172] GetWindow (hWnd=0x3402d8, uCmd=0x3) returned 0x2c02c8
[0294.172] GetClientRect (in: hWnd=0x3402d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0294.172] GetWindowRect (in: hWnd=0x3402d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0294.172] GetParent (hWnd=0x3402d8) returned 0x3202dc
[0294.172] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0294.172] SetWindowTextW (hWnd=0x3402d8, lpString="&Details") returned 1
[0294.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0294.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0294.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0294.172] GetClientRect (in: hWnd=0x3402d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0294.172] GetWindowRect (in: hWnd=0x3402d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0294.172] GetParent (hWnd=0x3402d8) returned 0x3202dc
[0294.172] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0294.173] SendMessageW (hWnd=0x3402d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3402d8) returned 0x0
[0294.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3402d8) returned 0x0
[0294.173] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.173] GetParent (hWnd=0x3402d8) returned 0x3202dc
[0294.173] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0294.173] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.173] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.174] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2802ce
[0294.174] SetWindowLongW (hWnd=0x2802ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0294.174] GetWindowLongW (hWnd=0x2802ce, nIndex=-4) returned 1868032000
[0294.174] SetWindowLongW (hWnd=0x2802ce, nIndex=-4, dwNewLong=19952070) returned 1868032000
[0294.174] GetWindowLongW (hWnd=0x2802ce, nIndex=-4) returned 19952070
[0294.174] GetWindowLongW (hWnd=0x2802ce, nIndex=-16) returned 1174470667
[0294.174] GetWindowLongW (hWnd=0x2802ce, nIndex=-12) returned 0
[0294.174] SetWindowLongW (hWnd=0x2802ce, nIndex=-12, dwNewLong=2622158) returned 0
[0294.174] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0294.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0294.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0294.176] SendMessageW (hWnd=0x2802ce, Msg=0x2055, wParam=0x2802ce, lParam=0x3) returned 0x2
[0294.176] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0294.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0294.176] GetWindow (hWnd=0x2802ce, uCmd=0x3) returned 0x3402d8
[0294.176] GetClientRect (in: hWnd=0x2802ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0294.176] GetWindowRect (in: hWnd=0x2802ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0294.176] GetParent (hWnd=0x2802ce) returned 0x3202dc
[0294.176] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0294.177] SetWindowTextW (hWnd=0x2802ce, lpString="&Continue") returned 1
[0294.177] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0294.177] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0294.177] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0294.177] GetClientRect (in: hWnd=0x2802ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0294.177] GetWindowRect (in: hWnd=0x2802ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0294.177] GetParent (hWnd=0x2802ce) returned 0x3202dc
[0294.177] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0294.177] SendMessageW (hWnd=0x2802ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2802ce) returned 0x0
[0294.177] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2802ce) returned 0x0
[0294.177] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.178] GetParent (hWnd=0x2802ce) returned 0x3202dc
[0294.178] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0294.178] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.178] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.178] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3202de
[0294.179] SetWindowLongW (hWnd=0x3202de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0294.179] GetWindowLongW (hWnd=0x3202de, nIndex=-4) returned 1868032000
[0294.179] SetWindowLongW (hWnd=0x3202de, nIndex=-4, dwNewLong=19952230) returned 1868032000
[0294.179] GetWindowLongW (hWnd=0x3202de, nIndex=-4) returned 19952230
[0294.179] GetWindowLongW (hWnd=0x3202de, nIndex=-16) returned 1174470667
[0294.179] GetWindowLongW (hWnd=0x3202de, nIndex=-12) returned 0
[0294.179] SetWindowLongW (hWnd=0x3202de, nIndex=-12, dwNewLong=3277534) returned 0
[0294.179] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0294.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0294.180] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0294.181] SendMessageW (hWnd=0x3202de, Msg=0x2055, wParam=0x3202de, lParam=0x3) returned 0x2
[0294.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0294.181] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0294.181] GetWindow (hWnd=0x3202de, uCmd=0x3) returned 0x2802ce
[0294.181] GetClientRect (in: hWnd=0x3202de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0294.181] GetWindowRect (in: hWnd=0x3202de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0294.181] GetParent (hWnd=0x3202de) returned 0x3202dc
[0294.181] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0294.181] SetWindowTextW (hWnd=0x3202de, lpString="&Quit") returned 1
[0294.181] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0294.181] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0294.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0294.182] GetClientRect (in: hWnd=0x3202de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0294.182] GetWindowRect (in: hWnd=0x3202de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0294.182] GetParent (hWnd=0x3202de) returned 0x3202dc
[0294.182] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0294.182] SendMessageW (hWnd=0x3202de, Msg=0x2210, wParam=0x2de0001, lParam=0x3202de) returned 0x0
[0294.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x2210, wParam=0x2de0001, lParam=0x3202de) returned 0x0
[0294.182] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.182] GetParent (hWnd=0x3202de) returned 0x3202dc
[0294.182] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0294.182] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.183] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0294.183] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3202dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3202da
[0294.183] SetWindowLongW (hWnd=0x3202da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0294.183] GetWindowLongW (hWnd=0x3202da, nIndex=-4) returned 1868026976
[0294.183] SetWindowLongW (hWnd=0x3202da, nIndex=-4, dwNewLong=19952190) returned 1868026976
[0294.183] GetWindowLongW (hWnd=0x3202da, nIndex=-4) returned 19952190
[0294.183] GetWindowLongW (hWnd=0x3202da, nIndex=-16) returned 1177553092
[0294.183] GetWindowLongW (hWnd=0x3202da, nIndex=-12) returned 0
[0294.184] SetWindowLongW (hWnd=0x3202da, nIndex=-12, dwNewLong=3277530) returned 0
[0294.184] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0294.191] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0294.192] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0294.208] GetWindow (hWnd=0x3202da, uCmd=0x3) returned 0x3202de
[0294.208] GetClientRect (in: hWnd=0x3202da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0294.208] GetWindowRect (in: hWnd=0x3202da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0294.208] GetParent (hWnd=0x3202da) returned 0x3202dc
[0294.208] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0294.208] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.208] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.208] GetSystemMetrics (nIndex=42) returned 0
[0294.208] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.208] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0294.208] SendMessageW (hWnd=0x3202da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0294.208] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0294.217] SetWindowTextW (hWnd=0x3202da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0294.217] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0xc, wParam=0x0, lParam=0x2d82738) returned 0x1
[0294.219] GetSystemMetrics (nIndex=5) returned 1
[0294.219] GetSystemMetrics (nIndex=6) returned 1
[0294.219] SendMessageW (hWnd=0x3202da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0294.219] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0294.219] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0294.220] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0294.220] GetClientRect (in: hWnd=0x3202da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0294.220] GetWindowRect (in: hWnd=0x3202da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0294.220] GetParent (hWnd=0x3202da) returned 0x3202dc
[0294.220] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3202dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0294.220] SendMessageW (hWnd=0x3202da, Msg=0x2210, wParam=0x2da0001, lParam=0x3202da) returned 0x0
[0294.220] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x2210, wParam=0x2da0001, lParam=0x3202da) returned 0x0
[0294.220] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0294.221] GetParent (hWnd=0x3202da) returned 0x3202dc
[0294.221] GetWindowLongW (hWnd=0x3202dc, nIndex=-8) returned 458844
[0294.221] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0294.221] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0294.221] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x620106b6
[0294.221] GetDeviceCaps (hdc=0x620106b6, index=12) returned 32
[0294.221] GetDeviceCaps (hdc=0x620106b6, index=14) returned 1
[0294.221] DeleteDC (hdc=0x620106b6) returned 1
[0294.221] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0294.221] GetWindowThreadProcessId (in: hWnd=0x3202dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0294.221] GetCurrentThreadId () returned 0xf50
[0294.221] PostMessageW (hWnd=0x3202dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0294.221] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.221] GetSystemMetrics (nIndex=42) returned 0
[0294.221] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0294.221] GdipImageGetFrameDimensionsCount (image=0x664edb8, count=0xd7e25c) returned 0x0
[0294.222] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200b78
[0294.222] GdipImageGetFrameDimensionsList (image=0x664edb8, dimensionIDs=0x1200b78*(Data1=0x1200b90, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0294.222] LocalFree (hMem=0x1200b78) returned 0x0
[0294.222] GdipImageGetFrameDimensionsCount (image=0x664f100, count=0xd7e250) returned 0x0
[0294.222] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200ad0
[0294.222] GdipImageGetFrameDimensionsList (image=0x664f100, dimensionIDs=0x1200ad0*(Data1=0x1200b60, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0294.222] LocalFree (hMem=0x1200ad0) returned 0x0
[0294.222] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0294.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0294.222] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0294.236] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0294.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.238] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0294.238] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0294.238] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.238] GetSystemMetrics (nIndex=42) returned 0
[0294.238] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.238] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0294.238] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0294.238] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0294.238] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0294.238] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x4050173
[0294.238] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0294.238] SaveDC (hdc=0x10105d6) returned 1
[0294.238] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0294.238] CreateSolidBrush (color=0xf0f0f0) returned 0x451007e1
[0294.238] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x451007e1) returned 1
[0294.239] DeleteObject (ho=0x451007e1) returned 1
[0294.239] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0294.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0294.239] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0294.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0294.239] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0294.239] GetStockObject (i=5) returned 0x900015
[0294.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0294.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0294.240] GetStockObject (i=5) returned 0x900015
[0294.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0294.240] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0294.240] GetStockObject (i=5) returned 0x900015
[0294.240] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0294.240] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0294.240] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0294.240] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0294.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0294.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0294.243] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0294.243] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0294.243] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.243] InvalidateRect (hWnd=0x3402d8, lpRect=0x0, bErase=0) returned 1
[0294.243] GetFocus () returned 0x3202dc
[0294.243] GetFocus () returned 0x3202dc
[0294.243] SetFocus (hWnd=0x3402d8) returned 0x3202dc
[0294.244] GetFocus () returned 0x3402d8
[0294.244] IsChild (hWndParent=0x3202dc, hWnd=0x3402d8) returned 1
[0294.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x8, wParam=0x3402d8, lParam=0x0) returned 0x0
[0294.244] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0294.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0294.248] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.248] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x7, wParam=0x3202dc, lParam=0x0) returned 0x0
[0294.248] GetStockObject (i=5) returned 0x900015
[0294.248] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0294.248] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0294.248] GetDlgItem (hDlg=0x3202dc, nIDDlgItem=3408600) returned 0x3402d8
[0294.249] SendMessageW (hWnd=0x3402d8, Msg=0x202b, wParam=0x3402d8, lParam=0xd7e0dc) returned 0x0
[0294.249] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x202b, wParam=0x3402d8, lParam=0xd7e0dc) returned 0x0
[0294.249] InvalidateRect (hWnd=0x3402d8, lpRect=0x0, bErase=0) returned 1
[0294.251] GetFocus () returned 0x3402d8
[0294.251] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.251] IsWindowUnicode (hWnd=0x3202dc) returned 1
[0294.251] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.251] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.251] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0294.251] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.251] IsWindowUnicode (hWnd=0x3202dc) returned 1
[0294.251] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.251] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.251] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.251] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0294.252] IsWindowUnicode (hWnd=0x3202dc) returned 1
[0294.252] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.252] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.252] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.252] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.252] IsWindowUnicode (hWnd=0x602c4) returned 1
[0294.252] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.252] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.252] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.252] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0294.252] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0294.252] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.253] IsWindowUnicode (hWnd=0x3202dc) returned 1
[0294.253] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.253] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.253] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.253] BeginPaint (in: hWnd=0x3202dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0294.253] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.253] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.253] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.253] GetSystemMetrics (nIndex=42) returned 0
[0294.254] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.254] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0294.254] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.254] EndPaint (hWnd=0x3202dc, lpPaint=0xd7e274) returned 1
[0294.254] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.254] IsWindowUnicode (hWnd=0x3500ea) returned 1
[0294.254] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.254] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.254] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.254] BeginPaint (in: hWnd=0x3500ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0294.254] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.254] CreateCompatibleDC (hdc=0x60100ce) returned 0x1f0107ee
[0294.254] SelectObject (hdc=0x1f0107ee, h=0x4a0507fe) returned 0x85000f
[0294.254] GdipCreateFromHDC (hdc=0x1f0107ee, graphics=0xd7e2b0) returned 0x0
[0294.255] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.255] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0294.255] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0294.255] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0294.255] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e310) returned 0x0
[0294.255] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.255] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0294.255] LocalFree (hMem=0x11ee788) returned 0x0
[0294.255] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0294.255] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0294.255] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0294.255] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e304) returned 0x0
[0294.255] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0294.255] GetWindowTextLengthW (hWnd=0x3500ea) returned 0
[0294.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0294.255] GetSystemMetrics (nIndex=42) returned 0
[0294.255] GetWindowTextW (in: hWnd=0x3500ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0294.255] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0294.255] GetClientRect (in: hWnd=0x3500ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0294.255] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0294.255] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0294.255] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0294.256] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0294.256] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e164) returned 0x0
[0294.256] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0294.256] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0294.256] LocalFree (hMem=0x11ee868) returned 0x0
[0294.256] GdipCombineRegionRegion (region=0x6646dd8, region2=0x6646d48, combineMode=0x1) returned 0x0
[0294.256] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.256] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0294.256] LocalFree (hMem=0x11eec58) returned 0x0
[0294.256] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0294.256] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0294.256] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0294.256] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0294.256] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0294.256] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0294.256] GetCurrentObject (hdc=0x1f0107ee, type=0x1) returned 0xb00017
[0294.256] GetCurrentObject (hdc=0x1f0107ee, type=0x2) returned 0x900010
[0294.256] GetCurrentObject (hdc=0x1f0107ee, type=0x7) returned 0x4a0507fe
[0294.256] GetCurrentObject (hdc=0x1f0107ee, type=0x6) returned 0x8a01c2
[0294.256] SaveDC (hdc=0x1f0107ee) returned 1
[0294.256] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc20407de
[0294.256] GetClipRgn (hdc=0x1f0107ee, hrgn=0xc20407de) returned 0
[0294.257] SelectClipRgn (hdc=0x1f0107ee, hrgn=0x39040807) returned 2
[0294.257] DeleteObject (ho=0xc20407de) returned 1
[0294.257] DeleteObject (ho=0x39040807) returned 1
[0294.257] OffsetViewportOrgEx (in: hdc=0x1f0107ee, x=0, y=0, lppt=0x2d882d0 | out: lppt=0x2d882d0) returned 1
[0294.257] GetNearestColor (hdc=0x1f0107ee, color=0xf0f0f0) returned 0xf0f0f0
[0294.257] CreateSolidBrush (color=0xf0f0f0) returned 0x461007e1
[0294.257] FillRect (hDC=0x1f0107ee, lprc=0xd7e198, hbr=0x461007e1) returned 1
[0294.257] DeleteObject (ho=0x461007e1) returned 1
[0294.257] RestoreDC (hdc=0x1f0107ee, nSavedDC=-1) returned 1
[0294.257] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107ee) returned 0x0
[0294.257] GdipRestoreGraphics (graphics=0x6600030, state=0xf6040dbd) returned 0x0
[0294.257] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.257] GetWindowTextLengthW (hWnd=0x3500ea) returned 0
[0294.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0294.257] GetSystemMetrics (nIndex=42) returned 0
[0294.257] GetWindowTextW (in: hWnd=0x3500ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0294.257] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0294.258] GdipGetImageWidth (image=0x664edb8, width=0xd7e1e0) returned 0x0
[0294.258] GdipGetImageHeight (image=0x664edb8, height=0xd7e1e0) returned 0x0
[0294.258] GdipGetImageWidth (image=0x664edb8, width=0xd7e1cc) returned 0x0
[0294.258] GdipGetImageHeight (image=0x664edb8, height=0xd7e1cc) returned 0x0
[0294.258] GdipDrawImageRectI (graphics=0x6600030, image=0x664edb8, x=16, y=16, width=32, height=32) returned 0x0
[0294.258] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0294.258] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0x1f0107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.258] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107ee) returned 0x0
[0294.258] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.258] SelectObject (hdc=0x1f0107ee, h=0x85000f) returned 0x4a0507fe
[0294.258] DeleteDC (hdc=0x1f0107ee) returned 1
[0294.258] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.258] EndPaint (hWnd=0x3500ea, lpPaint=0xd7e294) returned 1
[0294.259] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.259] IsWindowUnicode (hWnd=0x2c02c8) returned 1
[0294.259] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.259] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.259] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.259] BeginPaint (in: hWnd=0x2c02c8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0294.259] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.259] CreateCompatibleDC (hdc=0x107b9) returned 0x210107ee
[0294.259] GetObjectType (h=0x107b9) returned 0x3
[0294.259] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0x260507d0
[0294.259] GetDIBits (in: hdc=0x107b9, hbm=0x260507d0, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0294.259] GetDIBits (in: hdc=0x107b9, hbm=0x260507d0, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0294.259] DeleteObject (ho=0x260507d0) returned 1
[0294.260] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x6b0506b6
[0294.260] SelectObject (hdc=0x210107ee, h=0x6b0506b6) returned 0x85000f
[0294.260] GdipCreateFromHDC (hdc=0x210107ee, graphics=0xd7e234) returned 0x0
[0294.260] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.260] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0294.260] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0294.260] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0294.260] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2d4) returned 0x0
[0294.260] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0294.260] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea28) returned 0x0
[0294.260] LocalFree (hMem=0x11eea28) returned 0x0
[0294.260] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0294.260] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0294.260] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.260] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0294.260] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0294.261] GetWindowTextLengthW (hWnd=0x2c02c8) returned 232
[0294.261] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0294.261] GetSystemMetrics (nIndex=42) returned 0
[0294.261] GetWindowTextW (in: hWnd=0x2c02c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0294.261] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0294.261] GetClientRect (in: hWnd=0x2c02c8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0294.261] GdipCreateRegion (region=0xd7e110) returned 0x0
[0294.261] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0294.261] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0294.261] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0294.261] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e128) returned 0x0
[0294.261] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0294.261] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea98) returned 0x0
[0294.261] LocalFree (hMem=0x11eea98) returned 0x0
[0294.261] GdipCombineRegionRegion (region=0x6646328, region2=0x66467a8, combineMode=0x1) returned 0x0
[0294.261] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.261] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0294.261] LocalFree (hMem=0x11eec58) returned 0x0
[0294.261] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0294.261] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e150) returned 0x0
[0294.261] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e140) returned 0x0
[0294.261] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0294.261] GdipDeleteRegion (region=0x6646328) returned 0x0
[0294.261] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0294.262] GetCurrentObject (hdc=0x210107ee, type=0x1) returned 0xb00017
[0294.262] GetCurrentObject (hdc=0x210107ee, type=0x2) returned 0x900010
[0294.262] GetCurrentObject (hdc=0x210107ee, type=0x7) returned 0x6b0506b6
[0294.262] GetCurrentObject (hdc=0x210107ee, type=0x6) returned 0x8a01c2
[0294.262] SaveDC (hdc=0x210107ee) returned 1
[0294.262] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3a040807
[0294.262] GetClipRgn (hdc=0x210107ee, hrgn=0x3a040807) returned 0
[0294.262] SelectClipRgn (hdc=0x210107ee, hrgn=0xc30407de) returned 2
[0294.262] DeleteObject (ho=0x3a040807) returned 1
[0294.262] DeleteObject (ho=0xc30407de) returned 1
[0294.262] OffsetViewportOrgEx (in: hdc=0x210107ee, x=0, y=0, lppt=0x2d89c98 | out: lppt=0x2d89c98) returned 1
[0294.262] GetNearestColor (hdc=0x210107ee, color=0xf0f0f0) returned 0xf0f0f0
[0294.262] CreateSolidBrush (color=0xf0f0f0) returned 0x471007e1
[0294.262] FillRect (hDC=0x210107ee, lprc=0xd7e15c, hbr=0x471007e1) returned 1
[0294.268] DeleteObject (ho=0x471007e1) returned 1
[0294.268] RestoreDC (hdc=0x210107ee, nSavedDC=-1) returned 1
[0294.268] GdipReleaseDC (graphics=0x6600030, hdc=0x210107ee) returned 0x0
[0294.268] GdipRestoreGraphics (graphics=0x6600030, state=0xf6020dbd) returned 0x0
[0294.268] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.268] GetWindowTextLengthW (hWnd=0x2c02c8) returned 232
[0294.268] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0294.268] GetSystemMetrics (nIndex=42) returned 0
[0294.268] GetWindowTextW (in: hWnd=0x2c02c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0294.268] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0294.268] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0294.268] GetCurrentObject (hdc=0x210107ee, type=0x1) returned 0xb00017
[0294.268] GetCurrentObject (hdc=0x210107ee, type=0x2) returned 0x900010
[0294.268] GetCurrentObject (hdc=0x210107ee, type=0x7) returned 0x6b0506b6
[0294.268] GetCurrentObject (hdc=0x210107ee, type=0x6) returned 0x8a01c2
[0294.268] SaveDC (hdc=0x210107ee) returned 1
[0294.268] GetNearestColor (hdc=0x210107ee, color=0x0) returned 0x0
[0294.268] RestoreDC (hdc=0x210107ee, nSavedDC=-1) returned 1
[0294.268] GdipReleaseDC (graphics=0x6600030, hdc=0x210107ee) returned 0x0
[0294.269] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0294.269] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0294.269] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d8a494 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0294.269] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0294.269] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0294.269] GetCurrentObject (hdc=0x210107ee, type=0x1) returned 0xb00017
[0294.269] GetCurrentObject (hdc=0x210107ee, type=0x2) returned 0x900010
[0294.270] GetCurrentObject (hdc=0x210107ee, type=0x7) returned 0x6b0506b6
[0294.270] GetCurrentObject (hdc=0x210107ee, type=0x6) returned 0x8a01c2
[0294.270] SaveDC (hdc=0x210107ee) returned 1
[0294.270] GetTextAlign (hdc=0x210107ee) returned 0x0
[0294.270] GetTextColor (hdc=0x210107ee) returned 0x0
[0294.270] GetCurrentObject (hdc=0x210107ee, type=0x6) returned 0x8a01c2
[0294.270] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0294.270] SelectObject (hdc=0x210107ee, h=0x6d0a0520) returned 0x8a01c2
[0294.270] GetBkMode (hdc=0x210107ee) returned 2
[0294.270] SetBkMode (hdc=0x210107ee, mode=1) returned 2
[0294.270] DrawTextExW (in: hdc=0x210107ee, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d8a6b8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0294.273] RestoreDC (hdc=0x210107ee, nSavedDC=-1) returned 1
[0294.273] GdipReleaseDC (graphics=0x6600030, hdc=0x210107ee) returned 0x0
[0294.273] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0294.273] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x210107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.273] GdipReleaseDC (graphics=0x6600030, hdc=0x210107ee) returned 0x0
[0294.273] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.273] SelectObject (hdc=0x210107ee, h=0x85000f) returned 0x6b0506b6
[0294.273] DeleteDC (hdc=0x210107ee) returned 1
[0294.273] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.273] DeleteObject (ho=0x6b0506b6) returned 1
[0294.274] EndPaint (hWnd=0x2c02c8, lpPaint=0xd7e258) returned 1
[0294.274] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.274] IsWindowUnicode (hWnd=0x3402d8) returned 1
[0294.274] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.274] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.274] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.274] BeginPaint (in: hWnd=0x3402d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0294.274] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.274] CreateCompatibleDC (hdc=0xf0105ee) returned 0x280107d0
[0294.274] SelectObject (hdc=0x280107d0, h=0x4a0507fe) returned 0x85000f
[0294.274] GdipCreateFromHDC (hdc=0x280107d0, graphics=0xd7e268) returned 0x0
[0294.275] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.275] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0294.275] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0294.275] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0294.275] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0294.275] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.275] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0294.275] LocalFree (hMem=0x11eec58) returned 0x0
[0294.275] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0294.275] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0294.275] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0294.275] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0294.275] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0294.275] GdipRestoreGraphics (graphics=0x6600030, state=0xf6000dbd) returned 0x0
[0294.275] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0294.275] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0294.275] GetCurrentObject (hdc=0x280107d0, type=0x1) returned 0xb00017
[0294.275] GetCurrentObject (hdc=0x280107d0, type=0x2) returned 0x900010
[0294.275] GetCurrentObject (hdc=0x280107d0, type=0x7) returned 0x4a0507fe
[0294.275] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.275] SaveDC (hdc=0x280107d0) returned 1
[0294.276] GetNearestColor (hdc=0x280107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.276] GetNearestColor (hdc=0x280107d0, color=0xa0a0a0) returned 0xa0a0a0
[0294.276] GetNearestColor (hdc=0x280107d0, color=0x696969) returned 0x696969
[0294.276] GetNearestColor (hdc=0x280107d0, color=0xa0a0a0) returned 0xa0a0a0
[0294.276] GetNearestColor (hdc=0x280107d0, color=0x0) returned 0x0
[0294.276] GetNearestColor (hdc=0x280107d0, color=0xffffff) returned 0xffffff
[0294.276] GetNearestColor (hdc=0x280107d0, color=0xe5e5e5) returned 0xe5e5e5
[0294.276] GetNearestColor (hdc=0x280107d0, color=0xd7d7d7) returned 0xd7d7d7
[0294.276] GetNearestColor (hdc=0x280107d0, color=0x0) returned 0x0
[0294.276] RestoreDC (hdc=0x280107d0, nSavedDC=-1) returned 1
[0294.276] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d0) returned 0x0
[0294.276] IsAppThemed () returned 0x1
[0294.276] GetThemeAppProperties () returned 0x3
[0294.276] GetThemeAppProperties () returned 0x3
[0294.276] GdipGetImageWidth (image=0x664f100, width=0xd7e168) returned 0x0
[0294.276] GdipGetImageHeight (image=0x664f100, height=0xd7e168) returned 0x0
[0294.276] IsAppThemed () returned 0x1
[0294.276] GetThemeAppProperties () returned 0x3
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d8ae08 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0294.277] IsAppThemed () returned 0x1
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] IsAppThemed () returned 0x1
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] GetFocus () returned 0x3402d8
[0294.277] IsAppThemed () returned 0x1
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] IsAppThemed () returned 0x1
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] GetThemeAppProperties () returned 0x3
[0294.277] IsThemePartDefined () returned 0x1
[0294.277] IsAppThemed () returned 0x1
[0294.278] GetThemeAppProperties () returned 0x3
[0294.278] GetThemeAppProperties () returned 0x3
[0294.278] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0294.278] IsAppThemed () returned 0x1
[0294.278] GetThemeAppProperties () returned 0x3
[0294.278] GetThemeAppProperties () returned 0x3
[0294.278] IsAppThemed () returned 0x1
[0294.278] GetThemeAppProperties () returned 0x3
[0294.278] GetThemeAppProperties () returned 0x3
[0294.278] IsThemePartDefined () returned 0x1
[0294.278] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0294.278] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0294.278] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0294.308] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0294.308] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0294.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.308] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0294.308] LocalFree (hMem=0x11eec58) returned 0x0
[0294.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0294.308] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eed00) returned 0x0
[0294.308] LocalFree (hMem=0x11eed00) returned 0x0
[0294.308] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0294.309] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0294.309] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0294.309] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0294.309] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0294.309] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0294.309] GetCurrentObject (hdc=0x280107d0, type=0x1) returned 0xb00017
[0294.309] GetCurrentObject (hdc=0x280107d0, type=0x2) returned 0x900010
[0294.309] GetCurrentObject (hdc=0x280107d0, type=0x7) returned 0x4a0507fe
[0294.309] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.309] SaveDC (hdc=0x280107d0) returned 1
[0294.309] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc40407de
[0294.309] GetClipRgn (hdc=0x280107d0, hrgn=0xc40407de) returned 0
[0294.309] SelectClipRgn (hdc=0x280107d0, hrgn=0x3e040807) returned 2
[0294.309] DeleteObject (ho=0xc40407de) returned 1
[0294.309] DeleteObject (ho=0x3e040807) returned 1
[0294.309] OffsetViewportOrgEx (in: hdc=0x280107d0, x=0, y=0, lppt=0x2d8b4b8 | out: lppt=0x2d8b4b8) returned 1
[0294.317] DrawThemeParentBackground () returned 0x0
[0294.317] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0294.317] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0294.317] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.317] GetSystemMetrics (nIndex=42) returned 0
[0294.317] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.317] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0294.317] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0294.317] GetCurrentObject (hdc=0x280107d0, type=0x1) returned 0xb00017
[0294.317] GetCurrentObject (hdc=0x280107d0, type=0x2) returned 0x900010
[0294.317] GetCurrentObject (hdc=0x280107d0, type=0x7) returned 0x4a0507fe
[0294.317] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.318] SaveDC (hdc=0x280107d0) returned 2
[0294.318] GetNearestColor (hdc=0x280107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.318] CreateSolidBrush (color=0xf0f0f0) returned 0x481007e1
[0294.318] FillRect (hDC=0x280107d0, lprc=0xd7da38, hbr=0x481007e1) returned 1
[0294.318] DeleteObject (ho=0x481007e1) returned 1
[0294.318] RestoreDC (hdc=0x280107d0, nSavedDC=-1) returned 1
[0294.318] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.318] GetSystemMetrics (nIndex=42) returned 0
[0294.318] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.318] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0294.318] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0294.318] GetCurrentObject (hdc=0x280107d0, type=0x1) returned 0xb00017
[0294.318] GetCurrentObject (hdc=0x280107d0, type=0x2) returned 0x900010
[0294.318] GetCurrentObject (hdc=0x280107d0, type=0x7) returned 0x4a0507fe
[0294.318] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.318] SaveDC (hdc=0x280107d0) returned 2
[0294.318] GetNearestColor (hdc=0x280107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.318] CreateSolidBrush (color=0xf0f0f0) returned 0x491007e1
[0294.318] FillRect (hDC=0x280107d0, lprc=0xd7d9d8, hbr=0x491007e1) returned 1
[0294.319] DeleteObject (ho=0x491007e1) returned 1
[0294.319] RestoreDC (hdc=0x280107d0, nSavedDC=-1) returned 1
[0294.319] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.319] GetSystemMetrics (nIndex=42) returned 0
[0294.319] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0294.319] RestoreDC (hdc=0x280107d0, nSavedDC=-1) returned 1
[0294.319] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d0) returned 0x0
[0294.319] IsAppThemed () returned 0x1
[0294.319] GetThemeAppProperties () returned 0x3
[0294.319] GetThemeAppProperties () returned 0x3
[0294.319] IsAppThemed () returned 0x1
[0294.319] GetThemeAppProperties () returned 0x3
[0294.319] GetThemeAppProperties () returned 0x3
[0294.319] IsThemePartDefined () returned 0x1
[0294.319] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0294.319] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0294.319] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0294.319] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0294.319] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7df74) returned 0x0
[0294.320] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0294.320] LocalFree (hMem=0x11eec58) returned 0x0
[0294.320] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0294.320] LocalFree (hMem=0x11ee868) returned 0x0
[0294.320] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0294.320] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0294.320] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0294.320] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0294.320] GdipDeleteRegion (region=0x6646328) returned 0x0
[0294.320] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0294.320] GetCurrentObject (hdc=0x280107d0, type=0x1) returned 0xb00017
[0294.320] GetCurrentObject (hdc=0x280107d0, type=0x2) returned 0x900010
[0294.320] GetCurrentObject (hdc=0x280107d0, type=0x7) returned 0x4a0507fe
[0294.320] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.320] SaveDC (hdc=0x280107d0) returned 1
[0294.320] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3f040807
[0294.320] GetClipRgn (hdc=0x280107d0, hrgn=0x3f040807) returned 0
[0294.320] SelectClipRgn (hdc=0x280107d0, hrgn=0xc60407de) returned 2
[0294.320] DeleteObject (ho=0x3f040807) returned 1
[0294.320] DeleteObject (ho=0xc60407de) returned 1
[0294.320] OffsetViewportOrgEx (in: hdc=0x280107d0, x=0, y=0, lppt=0x2d8be3c | out: lppt=0x2d8be3c) returned 1
[0294.321] IsAppThemed () returned 0x1
[0294.321] GetThemeAppProperties () returned 0x3
[0294.321] GetThemeAppProperties () returned 0x3
[0294.321] DrawThemeBackground () returned 0x0
[0294.321] RestoreDC (hdc=0x280107d0, nSavedDC=-1) returned 1
[0294.321] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d0) returned 0x0
[0294.321] GdipCreateRegion (region=0xd7df60) returned 0x0
[0294.321] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.321] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0294.321] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0294.321] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df78) returned 0x0
[0294.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.321] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0294.321] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.321] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0294.321] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0294.321] LocalFree (hMem=0x11eea28) returned 0x0
[0294.321] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0294.321] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0294.321] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0294.321] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0294.321] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.321] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0294.322] GetCurrentObject (hdc=0x280107d0, type=0x1) returned 0xb00017
[0294.322] GetCurrentObject (hdc=0x280107d0, type=0x2) returned 0x900010
[0294.322] GetCurrentObject (hdc=0x280107d0, type=0x7) returned 0x4a0507fe
[0294.322] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.322] SaveDC (hdc=0x280107d0) returned 1
[0294.322] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc70407de
[0294.322] GetClipRgn (hdc=0x280107d0, hrgn=0xc70407de) returned 0
[0294.322] SelectClipRgn (hdc=0x280107d0, hrgn=0x40040807) returned 2
[0294.322] DeleteObject (ho=0xc70407de) returned 1
[0294.322] DeleteObject (ho=0x40040807) returned 1
[0294.322] OffsetViewportOrgEx (in: hdc=0x280107d0, x=0, y=0, lppt=0x2d8c110 | out: lppt=0x2d8c110) returned 1
[0294.322] IsAppThemed () returned 0x1
[0294.322] GetThemeAppProperties () returned 0x3
[0294.322] GetThemeAppProperties () returned 0x3
[0294.322] GetThemeBackgroundContentRect () returned 0x0
[0294.322] RestoreDC (hdc=0x280107d0, nSavedDC=-1) returned 1
[0294.322] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d0) returned 0x0
[0294.322] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0294.322] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0294.323] GdipCloneRegion (region=0x6646328, cloneRegion=0xd7e150) returned 0x0
[0294.323] GdipCombineRegionRectI (region=0x66468c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0294.323] GdipCombineRegionRectI (region=0x66468c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0294.323] GdipSetClipRegion (graphics=0x6600030, region=0x66468c8, combineMode=0x0) returned 0x0
[0294.323] GdipGetImageWidth (image=0x664f100, width=0xd7e154) returned 0x0
[0294.323] GdipGetImageHeight (image=0x664f100, height=0xd7e148) returned 0x0
[0294.323] GdipDrawImageRectI (graphics=0x6600030, image=0x664f100, x=4, y=4, width=16, height=16) returned 0x0
[0294.323] GdipSetClipRegion (graphics=0x6600030, region=0x6646328, combineMode=0x0) returned 0x0
[0294.323] IsAppThemed () returned 0x1
[0294.323] GetThemeAppProperties () returned 0x3
[0294.323] GetThemeAppProperties () returned 0x3
[0294.323] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0294.323] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0294.323] GetCurrentObject (hdc=0x280107d0, type=0x1) returned 0xb00017
[0294.323] GetCurrentObject (hdc=0x280107d0, type=0x2) returned 0x900010
[0294.323] GetCurrentObject (hdc=0x280107d0, type=0x7) returned 0x4a0507fe
[0294.323] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.324] SaveDC (hdc=0x280107d0) returned 1
[0294.324] GetTextAlign (hdc=0x280107d0) returned 0x0
[0294.324] GetTextColor (hdc=0x280107d0) returned 0x0
[0294.324] GetCurrentObject (hdc=0x280107d0, type=0x6) returned 0x8a01c2
[0294.324] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0294.324] SelectObject (hdc=0x280107d0, h=0x6d0a0520) returned 0x8a01c2
[0294.324] GetBkMode (hdc=0x280107d0) returned 2
[0294.324] SetBkMode (hdc=0x280107d0, mode=1) returned 2
[0294.324] DrawTextExW (in: hdc=0x280107d0, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d8c4d0 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0294.324] DrawTextExW (in: hdc=0x280107d0, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d8c4d0 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0294.325] RestoreDC (hdc=0x280107d0, nSavedDC=-1) returned 1
[0294.325] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d0) returned 0x0
[0294.325] GetFocus () returned 0x3402d8
[0294.325] IsAppThemed () returned 0x1
[0294.325] GetThemeAppProperties () returned 0x3
[0294.325] GetThemeAppProperties () returned 0x3
[0294.325] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0294.327] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x280107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.327] GdipReleaseDC (graphics=0x6600030, hdc=0x280107d0) returned 0x0
[0294.327] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.327] SelectObject (hdc=0x280107d0, h=0x85000f) returned 0x4a0507fe
[0294.327] DeleteDC (hdc=0x280107d0) returned 1
[0294.327] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.327] EndPaint (hWnd=0x3402d8, lpPaint=0xd7e24c) returned 1
[0294.327] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.327] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.328] IsWindowUnicode (hWnd=0x2802ce) returned 1
[0294.328] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.328] SetCursor (hCursor=0x10003) returned 0x10003
[0294.328] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.328] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.328] _TrackMouseEvent (in: lpEventTrack=0x2d8c5cc | out: lpEventTrack=0x2d8c5cc) returned 1
[0294.328] SendMessageW (hWnd=0x2802ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0294.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0294.328] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.328] GetKeyState (nVirtKey=1) returned 0
[0294.328] GetKeyState (nVirtKey=2) returned 0
[0294.328] GetKeyState (nVirtKey=4) returned 0
[0294.328] GetKeyState (nVirtKey=5) returned 0
[0294.328] GetKeyState (nVirtKey=6) returned 0
[0294.328] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.328] IsWindowUnicode (hWnd=0x2802ce) returned 1
[0294.328] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.329] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.329] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.329] BeginPaint (in: hWnd=0x2802ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0294.329] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.329] CreateCompatibleDC (hdc=0xc0107c5) returned 0x2a0107d0
[0294.329] SelectObject (hdc=0x2a0107d0, h=0x4a0507fe) returned 0x85000f
[0294.329] GdipCreateFromHDC (hdc=0x2a0107d0, graphics=0xd7e268) returned 0x0
[0294.329] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.329] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0294.329] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0294.329] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0294.329] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0294.329] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0294.329] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea28) returned 0x0
[0294.329] LocalFree (hMem=0x11eea28) returned 0x0
[0294.329] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0294.330] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0294.330] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0294.330] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0294.330] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0294.330] GdipRestoreGraphics (graphics=0x6600030, state=0xf5fe0dbd) returned 0x0
[0294.330] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.330] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0294.330] GetCurrentObject (hdc=0x2a0107d0, type=0x1) returned 0xb00017
[0294.330] GetCurrentObject (hdc=0x2a0107d0, type=0x2) returned 0x900010
[0294.330] GetCurrentObject (hdc=0x2a0107d0, type=0x7) returned 0x4a0507fe
[0294.330] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.330] SaveDC (hdc=0x2a0107d0) returned 1
[0294.330] GetNearestColor (hdc=0x2a0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.330] GetNearestColor (hdc=0x2a0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0294.330] GetNearestColor (hdc=0x2a0107d0, color=0x696969) returned 0x696969
[0294.330] GetNearestColor (hdc=0x2a0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0294.330] GetNearestColor (hdc=0x2a0107d0, color=0x0) returned 0x0
[0294.330] GetNearestColor (hdc=0x2a0107d0, color=0xffffff) returned 0xffffff
[0294.330] GetNearestColor (hdc=0x2a0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0294.331] GetNearestColor (hdc=0x2a0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0294.331] GetNearestColor (hdc=0x2a0107d0, color=0x0) returned 0x0
[0294.331] RestoreDC (hdc=0x2a0107d0, nSavedDC=-1) returned 1
[0294.331] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107d0) returned 0x0
[0294.331] IsAppThemed () returned 0x1
[0294.331] GetThemeAppProperties () returned 0x3
[0294.331] GetThemeAppProperties () returned 0x3
[0294.331] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0294.331] SendMessageW (hWnd=0x3202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0294.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0294.331] IsAppThemed () returned 0x1
[0294.331] GetThemeAppProperties () returned 0x3
[0294.331] GetThemeAppProperties () returned 0x3
[0294.331] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d8cd38 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0294.331] IsAppThemed () returned 0x1
[0294.331] GetThemeAppProperties () returned 0x3
[0294.331] GetThemeAppProperties () returned 0x3
[0294.331] IsAppThemed () returned 0x1
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] IsAppThemed () returned 0x1
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] IsAppThemed () returned 0x1
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] IsThemePartDefined () returned 0x1
[0294.332] IsAppThemed () returned 0x1
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0294.332] IsAppThemed () returned 0x1
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] IsAppThemed () returned 0x1
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] GetThemeAppProperties () returned 0x3
[0294.332] IsThemePartDefined () returned 0x1
[0294.332] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0294.332] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0294.332] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0294.332] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0294.332] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dfe4) returned 0x0
[0294.332] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.332] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0294.332] LocalFree (hMem=0x11ee788) returned 0x0
[0294.333] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.333] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0294.333] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.333] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0294.333] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0294.333] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0294.333] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0294.333] GdipDeleteRegion (region=0x6646958) returned 0x0
[0294.333] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0294.333] GetCurrentObject (hdc=0x2a0107d0, type=0x1) returned 0xb00017
[0294.333] GetCurrentObject (hdc=0x2a0107d0, type=0x2) returned 0x900010
[0294.333] GetCurrentObject (hdc=0x2a0107d0, type=0x7) returned 0x4a0507fe
[0294.333] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.333] SaveDC (hdc=0x2a0107d0) returned 1
[0294.333] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x41040807
[0294.333] GetClipRgn (hdc=0x2a0107d0, hrgn=0x41040807) returned 0
[0294.333] SelectClipRgn (hdc=0x2a0107d0, hrgn=0xcb0407de) returned 2
[0294.333] DeleteObject (ho=0x41040807) returned 1
[0294.333] DeleteObject (ho=0xcb0407de) returned 1
[0294.333] OffsetViewportOrgEx (in: hdc=0x2a0107d0, x=0, y=0, lppt=0x2d8d3e8 | out: lppt=0x2d8d3e8) returned 1
[0294.333] DrawThemeParentBackground () returned 0x0
[0294.334] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0294.334] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0294.334] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.334] GetSystemMetrics (nIndex=42) returned 0
[0294.334] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.334] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0294.334] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0294.334] GetCurrentObject (hdc=0x2a0107d0, type=0x1) returned 0xb00017
[0294.334] GetCurrentObject (hdc=0x2a0107d0, type=0x2) returned 0x900010
[0294.334] GetCurrentObject (hdc=0x2a0107d0, type=0x7) returned 0x4a0507fe
[0294.334] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.334] SaveDC (hdc=0x2a0107d0) returned 2
[0294.334] GetNearestColor (hdc=0x2a0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.334] CreateSolidBrush (color=0xf0f0f0) returned 0x4a1007e1
[0294.334] FillRect (hDC=0x2a0107d0, lprc=0xd7da30, hbr=0x4a1007e1) returned 1
[0294.334] DeleteObject (ho=0x4a1007e1) returned 1
[0294.334] RestoreDC (hdc=0x2a0107d0, nSavedDC=-1) returned 1
[0294.334] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.335] GetSystemMetrics (nIndex=42) returned 0
[0294.335] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0294.335] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0294.335] GetCurrentObject (hdc=0x2a0107d0, type=0x1) returned 0xb00017
[0294.335] GetCurrentObject (hdc=0x2a0107d0, type=0x2) returned 0x900010
[0294.335] GetCurrentObject (hdc=0x2a0107d0, type=0x7) returned 0x4a0507fe
[0294.335] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.335] SaveDC (hdc=0x2a0107d0) returned 2
[0294.335] GetNearestColor (hdc=0x2a0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.335] CreateSolidBrush (color=0xf0f0f0) returned 0x4b1007e1
[0294.335] FillRect (hDC=0x2a0107d0, lprc=0xd7d9d0, hbr=0x4b1007e1) returned 1
[0294.335] DeleteObject (ho=0x4b1007e1) returned 1
[0294.335] RestoreDC (hdc=0x2a0107d0, nSavedDC=-1) returned 1
[0294.335] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.335] GetSystemMetrics (nIndex=42) returned 0
[0294.335] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.335] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0294.336] RestoreDC (hdc=0x2a0107d0, nSavedDC=-1) returned 1
[0294.336] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107d0) returned 0x0
[0294.336] IsAppThemed () returned 0x1
[0294.336] GetThemeAppProperties () returned 0x3
[0294.336] GetThemeAppProperties () returned 0x3
[0294.336] IsAppThemed () returned 0x1
[0294.336] GetThemeAppProperties () returned 0x3
[0294.336] GetThemeAppProperties () returned 0x3
[0294.336] IsThemePartDefined () returned 0x1
[0294.336] GdipCreateRegion (region=0xd7df50) returned 0x0
[0294.336] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0294.336] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0294.336] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0294.336] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0294.336] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.336] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0294.336] LocalFree (hMem=0x11eec58) returned 0x0
[0294.336] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0294.336] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eead0) returned 0x0
[0294.336] LocalFree (hMem=0x11eead0) returned 0x0
[0294.336] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0294.336] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0294.336] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0294.336] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0294.337] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0294.337] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0294.337] GetCurrentObject (hdc=0x2a0107d0, type=0x1) returned 0xb00017
[0294.337] GetCurrentObject (hdc=0x2a0107d0, type=0x2) returned 0x900010
[0294.337] GetCurrentObject (hdc=0x2a0107d0, type=0x7) returned 0x4a0507fe
[0294.337] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.337] SaveDC (hdc=0x2a0107d0) returned 1
[0294.337] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcc0407de
[0294.337] GetClipRgn (hdc=0x2a0107d0, hrgn=0xcc0407de) returned 0
[0294.337] SelectClipRgn (hdc=0x2a0107d0, hrgn=0x43040807) returned 2
[0294.337] DeleteObject (ho=0xcc0407de) returned 1
[0294.337] DeleteObject (ho=0x43040807) returned 1
[0294.337] OffsetViewportOrgEx (in: hdc=0x2a0107d0, x=0, y=0, lppt=0x2d8dd6c | out: lppt=0x2d8dd6c) returned 1
[0294.337] IsAppThemed () returned 0x1
[0294.337] GetThemeAppProperties () returned 0x3
[0294.337] GetThemeAppProperties () returned 0x3
[0294.337] DrawThemeBackground () returned 0x0
[0294.337] RestoreDC (hdc=0x2a0107d0, nSavedDC=-1) returned 1
[0294.337] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107d0) returned 0x0
[0294.337] GdipCreateRegion (region=0xd7df54) returned 0x0
[0294.337] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0294.338] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0294.338] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0294.338] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df6c) returned 0x0
[0294.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.338] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0294.338] LocalFree (hMem=0x11ee788) returned 0x0
[0294.338] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.338] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0294.338] LocalFree (hMem=0x11eec58) returned 0x0
[0294.338] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0294.338] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7df94) returned 0x0
[0294.338] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7df84) returned 0x0
[0294.338] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0294.338] GdipDeleteRegion (region=0x6646958) returned 0x0
[0294.338] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0294.338] GetCurrentObject (hdc=0x2a0107d0, type=0x1) returned 0xb00017
[0294.338] GetCurrentObject (hdc=0x2a0107d0, type=0x2) returned 0x900010
[0294.338] GetCurrentObject (hdc=0x2a0107d0, type=0x7) returned 0x4a0507fe
[0294.338] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.338] SaveDC (hdc=0x2a0107d0) returned 1
[0294.338] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x44040807
[0294.338] GetClipRgn (hdc=0x2a0107d0, hrgn=0x44040807) returned 0
[0294.339] SelectClipRgn (hdc=0x2a0107d0, hrgn=0xcd0407de) returned 2
[0294.339] DeleteObject (ho=0x44040807) returned 1
[0294.339] DeleteObject (ho=0xcd0407de) returned 1
[0294.339] OffsetViewportOrgEx (in: hdc=0x2a0107d0, x=0, y=0, lppt=0x2d8e040 | out: lppt=0x2d8e040) returned 1
[0294.339] IsAppThemed () returned 0x1
[0294.339] GetThemeAppProperties () returned 0x3
[0294.339] GetThemeAppProperties () returned 0x3
[0294.339] GetThemeBackgroundContentRect () returned 0x0
[0294.339] RestoreDC (hdc=0x2a0107d0, nSavedDC=-1) returned 1
[0294.339] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107d0) returned 0x0
[0294.339] IsAppThemed () returned 0x1
[0294.339] GetThemeAppProperties () returned 0x3
[0294.339] GetThemeAppProperties () returned 0x3
[0294.339] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0294.339] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0294.339] GetCurrentObject (hdc=0x2a0107d0, type=0x1) returned 0xb00017
[0294.339] GetCurrentObject (hdc=0x2a0107d0, type=0x2) returned 0x900010
[0294.339] GetCurrentObject (hdc=0x2a0107d0, type=0x7) returned 0x4a0507fe
[0294.339] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.339] SaveDC (hdc=0x2a0107d0) returned 1
[0294.339] GetTextAlign (hdc=0x2a0107d0) returned 0x0
[0294.339] GetTextColor (hdc=0x2a0107d0) returned 0x0
[0294.339] GetCurrentObject (hdc=0x2a0107d0, type=0x6) returned 0x8a01c2
[0294.340] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0294.340] SelectObject (hdc=0x2a0107d0, h=0x6d0a0520) returned 0x8a01c2
[0294.340] GetBkMode (hdc=0x2a0107d0) returned 2
[0294.340] SetBkMode (hdc=0x2a0107d0, mode=1) returned 2
[0294.340] DrawTextExW (in: hdc=0x2a0107d0, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d8e3e0 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0294.340] DrawTextExW (in: hdc=0x2a0107d0, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d8e3e0 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0294.340] RestoreDC (hdc=0x2a0107d0, nSavedDC=-1) returned 1
[0294.340] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107d0) returned 0x0
[0294.340] GetFocus () returned 0x3402d8
[0294.340] IsAppThemed () returned 0x1
[0294.346] GetThemeAppProperties () returned 0x3
[0294.346] GetThemeAppProperties () returned 0x3
[0294.346] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0294.346] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x2a0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.346] GdipReleaseDC (graphics=0x6600030, hdc=0x2a0107d0) returned 0x0
[0294.346] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.346] SelectObject (hdc=0x2a0107d0, h=0x85000f) returned 0x4a0507fe
[0294.346] DeleteDC (hdc=0x2a0107d0) returned 1
[0294.346] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.346] EndPaint (hWnd=0x2802ce, lpPaint=0xd7e24c) returned 1
[0294.347] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.347] IsWindowUnicode (hWnd=0x3202de) returned 1
[0294.347] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.347] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.347] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.347] BeginPaint (in: hWnd=0x3202de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0294.347] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.347] CreateCompatibleDC (hdc=0x60100ce) returned 0x2c0107d0
[0294.347] SelectObject (hdc=0x2c0107d0, h=0x4a0507fe) returned 0x85000f
[0294.347] GdipCreateFromHDC (hdc=0x2c0107d0, graphics=0xd7e268) returned 0x0
[0294.347] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.347] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0294.347] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0294.348] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0294.348] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2c8) returned 0x0
[0294.348] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0294.348] LocalFree (hMem=0x11ee868) returned 0x0
[0294.348] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0294.348] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0294.348] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0294.348] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0294.348] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0294.348] GdipRestoreGraphics (graphics=0x6600030, state=0xf5fc0dbd) returned 0x0
[0294.348] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0294.348] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0294.348] GetCurrentObject (hdc=0x2c0107d0, type=0x1) returned 0xb00017
[0294.348] GetCurrentObject (hdc=0x2c0107d0, type=0x2) returned 0x900010
[0294.348] GetCurrentObject (hdc=0x2c0107d0, type=0x7) returned 0x4a0507fe
[0294.348] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.348] SaveDC (hdc=0x2c0107d0) returned 1
[0294.348] GetNearestColor (hdc=0x2c0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.348] GetNearestColor (hdc=0x2c0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0294.348] GetNearestColor (hdc=0x2c0107d0, color=0x696969) returned 0x696969
[0294.348] GetNearestColor (hdc=0x2c0107d0, color=0xa0a0a0) returned 0xa0a0a0
[0294.348] GetNearestColor (hdc=0x2c0107d0, color=0x0) returned 0x0
[0294.349] GetNearestColor (hdc=0x2c0107d0, color=0xffffff) returned 0xffffff
[0294.349] GetNearestColor (hdc=0x2c0107d0, color=0xe5e5e5) returned 0xe5e5e5
[0294.349] GetNearestColor (hdc=0x2c0107d0, color=0xd7d7d7) returned 0xd7d7d7
[0294.349] GetNearestColor (hdc=0x2c0107d0, color=0x0) returned 0x0
[0294.349] RestoreDC (hdc=0x2c0107d0, nSavedDC=-1) returned 1
[0294.349] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107d0) returned 0x0
[0294.349] IsAppThemed () returned 0x1
[0294.349] GetThemeAppProperties () returned 0x3
[0294.349] GetThemeAppProperties () returned 0x3
[0294.349] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0294.349] SendMessageW (hWnd=0x3202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0294.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0294.349] IsAppThemed () returned 0x1
[0294.349] GetThemeAppProperties () returned 0x3
[0294.349] GetThemeAppProperties () returned 0x3
[0294.349] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d8ebf0 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0294.349] IsAppThemed () returned 0x1
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] IsAppThemed () returned 0x1
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetFocus () returned 0x3402d8
[0294.350] IsAppThemed () returned 0x1
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] IsAppThemed () returned 0x1
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] IsThemePartDefined () returned 0x1
[0294.350] IsAppThemed () returned 0x1
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0294.350] IsAppThemed () returned 0x1
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] IsAppThemed () returned 0x1
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] GetThemeAppProperties () returned 0x3
[0294.350] IsThemePartDefined () returned 0x1
[0294.350] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0294.350] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0294.350] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0294.350] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0294.350] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0294.351] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0294.351] LocalFree (hMem=0x11ee788) returned 0x0
[0294.351] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0294.351] LocalFree (hMem=0x11eec58) returned 0x0
[0294.351] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0294.351] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e018) returned 0x0
[0294.351] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e008) returned 0x0
[0294.351] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0294.351] GdipDeleteRegion (region=0x6646958) returned 0x0
[0294.351] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0294.351] GetCurrentObject (hdc=0x2c0107d0, type=0x1) returned 0xb00017
[0294.351] GetCurrentObject (hdc=0x2c0107d0, type=0x2) returned 0x900010
[0294.351] GetCurrentObject (hdc=0x2c0107d0, type=0x7) returned 0x4a0507fe
[0294.351] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.351] SaveDC (hdc=0x2c0107d0) returned 1
[0294.351] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xce0407de
[0294.351] GetClipRgn (hdc=0x2c0107d0, hrgn=0xce0407de) returned 0
[0294.351] SelectClipRgn (hdc=0x2c0107d0, hrgn=0x48040807) returned 2
[0294.351] DeleteObject (ho=0xce0407de) returned 1
[0294.351] DeleteObject (ho=0x48040807) returned 1
[0294.351] OffsetViewportOrgEx (in: hdc=0x2c0107d0, x=0, y=0, lppt=0x2d8f2a0 | out: lppt=0x2d8f2a0) returned 1
[0294.351] DrawThemeParentBackground () returned 0x0
[0294.352] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0294.352] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0294.352] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.352] GetSystemMetrics (nIndex=42) returned 0
[0294.352] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0294.352] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0294.352] GetCurrentObject (hdc=0x2c0107d0, type=0x1) returned 0xb00017
[0294.352] GetCurrentObject (hdc=0x2c0107d0, type=0x2) returned 0x900010
[0294.352] GetCurrentObject (hdc=0x2c0107d0, type=0x7) returned 0x4a0507fe
[0294.352] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.352] SaveDC (hdc=0x2c0107d0) returned 2
[0294.352] GetNearestColor (hdc=0x2c0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.352] CreateSolidBrush (color=0xf0f0f0) returned 0x4c1007e1
[0294.352] FillRect (hDC=0x2c0107d0, lprc=0xd7da38, hbr=0x4c1007e1) returned 1
[0294.352] DeleteObject (ho=0x4c1007e1) returned 1
[0294.352] RestoreDC (hdc=0x2c0107d0, nSavedDC=-1) returned 1
[0294.352] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.353] GetSystemMetrics (nIndex=42) returned 0
[0294.353] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0294.353] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0294.353] GetCurrentObject (hdc=0x2c0107d0, type=0x1) returned 0xb00017
[0294.353] GetCurrentObject (hdc=0x2c0107d0, type=0x2) returned 0x900010
[0294.353] GetCurrentObject (hdc=0x2c0107d0, type=0x7) returned 0x4a0507fe
[0294.353] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.353] SaveDC (hdc=0x2c0107d0) returned 2
[0294.353] GetNearestColor (hdc=0x2c0107d0, color=0xf0f0f0) returned 0xf0f0f0
[0294.353] CreateSolidBrush (color=0xf0f0f0) returned 0x4d1007e1
[0294.353] FillRect (hDC=0x2c0107d0, lprc=0xd7d9d8, hbr=0x4d1007e1) returned 1
[0294.353] DeleteObject (ho=0x4d1007e1) returned 1
[0294.353] RestoreDC (hdc=0x2c0107d0, nSavedDC=-1) returned 1
[0294.353] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.353] GetSystemMetrics (nIndex=42) returned 0
[0294.353] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.353] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0294.354] RestoreDC (hdc=0x2c0107d0, nSavedDC=-1) returned 1
[0294.354] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107d0) returned 0x0
[0294.354] IsAppThemed () returned 0x1
[0294.354] GetThemeAppProperties () returned 0x3
[0294.354] GetThemeAppProperties () returned 0x3
[0294.354] IsAppThemed () returned 0x1
[0294.354] GetThemeAppProperties () returned 0x3
[0294.354] GetThemeAppProperties () returned 0x3
[0294.354] IsThemePartDefined () returned 0x1
[0294.354] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0294.354] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0294.354] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0294.354] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0294.354] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0294.354] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.354] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0294.354] LocalFree (hMem=0x11ee788) returned 0x0
[0294.354] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.354] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0294.354] LocalFree (hMem=0x11ee788) returned 0x0
[0294.354] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0294.354] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0294.354] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0294.354] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0294.355] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.355] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0294.355] GetCurrentObject (hdc=0x2c0107d0, type=0x1) returned 0xb00017
[0294.355] GetCurrentObject (hdc=0x2c0107d0, type=0x2) returned 0x900010
[0294.355] GetCurrentObject (hdc=0x2c0107d0, type=0x7) returned 0x4a0507fe
[0294.355] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.355] SaveDC (hdc=0x2c0107d0) returned 1
[0294.355] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x49040807
[0294.355] GetClipRgn (hdc=0x2c0107d0, hrgn=0x49040807) returned 0
[0294.355] SelectClipRgn (hdc=0x2c0107d0, hrgn=0xd00407de) returned 2
[0294.355] DeleteObject (ho=0x49040807) returned 1
[0294.355] DeleteObject (ho=0xd00407de) returned 1
[0294.355] OffsetViewportOrgEx (in: hdc=0x2c0107d0, x=0, y=0, lppt=0x2d8fc24 | out: lppt=0x2d8fc24) returned 1
[0294.355] IsAppThemed () returned 0x1
[0294.355] GetThemeAppProperties () returned 0x3
[0294.355] GetThemeAppProperties () returned 0x3
[0294.355] DrawThemeBackground () returned 0x0
[0294.355] RestoreDC (hdc=0x2c0107d0, nSavedDC=-1) returned 1
[0294.355] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107d0) returned 0x0
[0294.355] GdipCreateRegion (region=0xd7df60) returned 0x0
[0294.355] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.356] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0294.356] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0294.356] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0294.356] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.356] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0294.356] LocalFree (hMem=0x11ee788) returned 0x0
[0294.356] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.356] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0294.356] LocalFree (hMem=0x11eec58) returned 0x0
[0294.356] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0294.356] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0294.356] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0294.356] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0294.360] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.360] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0294.360] GetCurrentObject (hdc=0x2c0107d0, type=0x1) returned 0xb00017
[0294.360] GetCurrentObject (hdc=0x2c0107d0, type=0x2) returned 0x900010
[0294.360] GetCurrentObject (hdc=0x2c0107d0, type=0x7) returned 0x4a0507fe
[0294.360] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.360] SaveDC (hdc=0x2c0107d0) returned 1
[0294.360] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd10407de
[0294.361] GetClipRgn (hdc=0x2c0107d0, hrgn=0xd10407de) returned 0
[0294.361] SelectClipRgn (hdc=0x2c0107d0, hrgn=0x4a040807) returned 2
[0294.361] DeleteObject (ho=0xd10407de) returned 1
[0294.361] DeleteObject (ho=0x4a040807) returned 1
[0294.361] OffsetViewportOrgEx (in: hdc=0x2c0107d0, x=0, y=0, lppt=0x2d8fef8 | out: lppt=0x2d8fef8) returned 1
[0294.361] IsAppThemed () returned 0x1
[0294.361] GetThemeAppProperties () returned 0x3
[0294.361] GetThemeAppProperties () returned 0x3
[0294.361] GetThemeBackgroundContentRect () returned 0x0
[0294.361] RestoreDC (hdc=0x2c0107d0, nSavedDC=-1) returned 1
[0294.361] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107d0) returned 0x0
[0294.361] IsAppThemed () returned 0x1
[0294.361] GetThemeAppProperties () returned 0x3
[0294.361] GetThemeAppProperties () returned 0x3
[0294.361] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0294.361] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0294.361] GetCurrentObject (hdc=0x2c0107d0, type=0x1) returned 0xb00017
[0294.361] GetCurrentObject (hdc=0x2c0107d0, type=0x2) returned 0x900010
[0294.361] GetCurrentObject (hdc=0x2c0107d0, type=0x7) returned 0x4a0507fe
[0294.361] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.361] SaveDC (hdc=0x2c0107d0) returned 1
[0294.362] GetTextAlign (hdc=0x2c0107d0) returned 0x0
[0294.362] GetTextColor (hdc=0x2c0107d0) returned 0x0
[0294.362] GetCurrentObject (hdc=0x2c0107d0, type=0x6) returned 0x8a01c2
[0294.362] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0294.362] SelectObject (hdc=0x2c0107d0, h=0x6d0a0520) returned 0x8a01c2
[0294.362] GetBkMode (hdc=0x2c0107d0) returned 2
[0294.362] SetBkMode (hdc=0x2c0107d0, mode=1) returned 2
[0294.362] DrawTextExW (in: hdc=0x2c0107d0, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d90298 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0294.362] DrawTextExW (in: hdc=0x2c0107d0, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d90298 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0294.363] RestoreDC (hdc=0x2c0107d0, nSavedDC=-1) returned 1
[0294.363] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107d0) returned 0x0
[0294.363] GetFocus () returned 0x3402d8
[0294.363] IsAppThemed () returned 0x1
[0294.363] GetThemeAppProperties () returned 0x3
[0294.363] GetThemeAppProperties () returned 0x3
[0294.363] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0294.363] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x2c0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.363] GdipReleaseDC (graphics=0x6600030, hdc=0x2c0107d0) returned 0x0
[0294.363] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.363] SelectObject (hdc=0x2c0107d0, h=0x85000f) returned 0x4a0507fe
[0294.363] DeleteDC (hdc=0x2c0107d0) returned 1
[0294.364] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.364] EndPaint (hWnd=0x3202de, lpPaint=0xd7e24c) returned 1
[0294.364] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.364] IsWindowUnicode (hWnd=0x602c4) returned 1
[0294.364] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.364] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.364] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.364] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0294.364] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.364] CreateCompatibleDC (hdc=0x107b9) returned 0x2e0107d0
[0294.364] SelectObject (hdc=0x2e0107d0, h=0x4a0507fe) returned 0x85000f
[0294.365] GdipCreateFromHDC (hdc=0x2e0107d0, graphics=0xd7e268) returned 0x0
[0294.365] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.365] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0294.365] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0294.365] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0294.365] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0294.365] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.365] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0294.365] LocalFree (hMem=0x11eec58) returned 0x0
[0294.365] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0294.365] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0294.365] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0294.365] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0294.365] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0294.365] GdipRestoreGraphics (graphics=0x6600030, state=0xf5fa0dbd) returned 0x0
[0294.366] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0294.366] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0294.366] GetCurrentObject (hdc=0x2e0107d0, type=0x1) returned 0xb00017
[0294.366] GetCurrentObject (hdc=0x2e0107d0, type=0x2) returned 0x900010
[0294.366] GetCurrentObject (hdc=0x2e0107d0, type=0x7) returned 0x4a0507fe
[0294.366] GetCurrentObject (hdc=0x2e0107d0, type=0x6) returned 0x8a01c2
[0294.366] SaveDC (hdc=0x2e0107d0) returned 1
[0294.366] GetNearestColor (hdc=0x2e0107d0, color=0xff) returned 0xff
[0294.366] GetNearestColor (hdc=0x2e0107d0, color=0x55) returned 0x55
[0294.366] GetNearestColor (hdc=0x2e0107d0, color=0x0) returned 0x0
[0294.366] GetNearestColor (hdc=0x2e0107d0, color=0x55) returned 0x55
[0294.366] GetNearestColor (hdc=0x2e0107d0, color=0x0) returned 0x0
[0294.366] GetNearestColor (hdc=0x2e0107d0, color=0x8080ff) returned 0x8080ff
[0294.366] GetNearestColor (hdc=0x2e0107d0, color=0x7373e5) returned 0x7373e5
[0294.367] GetNearestColor (hdc=0x2e0107d0, color=0xe5) returned 0xe5
[0294.367] GetNearestColor (hdc=0x2e0107d0, color=0x0) returned 0x0
[0294.367] RestoreDC (hdc=0x2e0107d0, nSavedDC=-1) returned 1
[0294.367] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107d0) returned 0x0
[0294.367] IsAppThemed () returned 0x1
[0294.367] GetThemeAppProperties () returned 0x3
[0294.367] GetThemeAppProperties () returned 0x3
[0294.367] IsAppThemed () returned 0x1
[0294.367] GetThemeAppProperties () returned 0x3
[0294.367] GetThemeAppProperties () returned 0x3
[0294.367] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d90a60 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0294.367] IsAppThemed () returned 0x1
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] IsAppThemed () returned 0x1
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] GetFocus () returned 0x3402d8
[0294.368] IsAppThemed () returned 0x1
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] IsAppThemed () returned 0x1
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] IsThemePartDefined () returned 0x1
[0294.368] IsAppThemed () returned 0x1
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0294.368] IsAppThemed () returned 0x1
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] GetThemeAppProperties () returned 0x3
[0294.368] IsAppThemed () returned 0x1
[0294.369] GetThemeAppProperties () returned 0x3
[0294.369] GetThemeAppProperties () returned 0x3
[0294.369] IsThemePartDefined () returned 0x1
[0294.369] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0294.369] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0294.369] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0294.369] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0294.369] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dff0) returned 0x0
[0294.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.369] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0294.369] LocalFree (hMem=0x11eec58) returned 0x0
[0294.369] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.369] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0294.369] LocalFree (hMem=0x11ee788) returned 0x0
[0294.369] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0294.369] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0294.369] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0294.369] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0294.370] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0294.370] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0294.370] GetCurrentObject (hdc=0x2e0107d0, type=0x1) returned 0xb00017
[0294.370] GetCurrentObject (hdc=0x2e0107d0, type=0x2) returned 0x900010
[0294.370] GetCurrentObject (hdc=0x2e0107d0, type=0x7) returned 0x4a0507fe
[0294.370] GetCurrentObject (hdc=0x2e0107d0, type=0x6) returned 0x8a01c2
[0294.370] SaveDC (hdc=0x2e0107d0) returned 1
[0294.370] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4b040807
[0294.370] GetClipRgn (hdc=0x2e0107d0, hrgn=0x4b040807) returned 0
[0294.370] SelectClipRgn (hdc=0x2e0107d0, hrgn=0xd50407de) returned 2
[0294.370] DeleteObject (ho=0x4b040807) returned 1
[0294.370] DeleteObject (ho=0xd50407de) returned 1
[0294.370] OffsetViewportOrgEx (in: hdc=0x2e0107d0, x=0, y=0, lppt=0x2d91110 | out: lppt=0x2d91110) returned 1
[0294.370] DrawThemeParentBackground () returned 0x0
[0294.371] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0294.371] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0294.371] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.371] GetSystemMetrics (nIndex=42) returned 0
[0294.371] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0294.371] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0294.371] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0294.371] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0294.371] SelectPalette (hdc=0x2e0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.371] GdipCreateFromHDC (hdc=0x2e0107d0, graphics=0xd7dac8) returned 0x0
[0294.371] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0294.371] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0294.372] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b18) returned 0x0
[0294.372] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7daa0) returned 0x0
[0294.372] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0294.372] GdipCreateRegion (region=0xd7da88) returned 0x0
[0294.372] GdipGetClip (graphics=0x6639e10, region=0x66463b8) returned 0x0
[0294.372] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6639e10, result=0xd7da94) returned 0x0
[0294.372] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0294.373] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dac0) returned 0x0
[0294.373] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0294.381] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d348, x=0, y=0, width=801, height=453) returned 0x0
[0294.381] GdipDeleteBrush (brush=0x664d348) returned 0x0
[0294.383] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0294.383] SelectPalette (hdc=0x2e0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.383] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.383] GetSystemMetrics (nIndex=42) returned 0
[0294.383] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0294.383] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0294.383] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0294.383] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0294.383] SelectPalette (hdc=0x2e0107d0, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.384] GdipCreateFromHDC (hdc=0x2e0107d0, graphics=0xd7da68) returned 0x0
[0294.384] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0294.384] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0294.384] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638ab8) returned 0x0
[0294.384] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7da40) returned 0x0
[0294.384] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0294.384] GdipCreateRegion (region=0xd7da28) returned 0x0
[0294.384] GdipGetClip (graphics=0x6639e10, region=0x66463b8) returned 0x0
[0294.384] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6639e10, result=0xd7da34) returned 0x0
[0294.384] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0294.384] GdipSaveGraphics (graphics=0x6639e10, state=0xd7da60) returned 0x0
[0294.384] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0294.425] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d6f0, x=0, y=0, width=801, height=453) returned 0x0
[0294.425] GdipDeleteBrush (brush=0x664d6f0) returned 0x0
[0294.427] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5f60dbd) returned 0x0
[0294.427] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.427] GetSystemMetrics (nIndex=42) returned 0
[0294.427] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0294.428] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0294.428] SelectPalette (hdc=0x2e0107d0, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.428] RestoreDC (hdc=0x2e0107d0, nSavedDC=-1) returned 1
[0294.428] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107d0) returned 0x0
[0294.428] IsAppThemed () returned 0x1
[0294.428] GetThemeAppProperties () returned 0x3
[0294.428] GetThemeAppProperties () returned 0x3
[0294.428] IsAppThemed () returned 0x1
[0294.428] GetThemeAppProperties () returned 0x3
[0294.428] GetThemeAppProperties () returned 0x3
[0294.428] IsThemePartDefined () returned 0x1
[0294.428] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0294.428] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0294.428] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0294.429] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0294.429] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0294.429] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.429] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0294.429] LocalFree (hMem=0x11eec58) returned 0x0
[0294.429] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.429] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0294.429] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.429] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0294.429] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0294.429] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0294.429] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0294.429] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.429] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0294.429] GetCurrentObject (hdc=0x2e0107d0, type=0x1) returned 0xb00017
[0294.429] GetCurrentObject (hdc=0x2e0107d0, type=0x2) returned 0x900010
[0294.429] GetCurrentObject (hdc=0x2e0107d0, type=0x7) returned 0x4a0507fe
[0294.430] GetCurrentObject (hdc=0x2e0107d0, type=0x6) returned 0x8a01c2
[0294.430] SaveDC (hdc=0x2e0107d0) returned 1
[0294.430] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd60407de
[0294.430] GetClipRgn (hdc=0x2e0107d0, hrgn=0xd60407de) returned 0
[0294.430] SelectClipRgn (hdc=0x2e0107d0, hrgn=0x4d040807) returned 2
[0294.430] DeleteObject (ho=0xd60407de) returned 1
[0294.430] DeleteObject (ho=0x4d040807) returned 1
[0294.430] OffsetViewportOrgEx (in: hdc=0x2e0107d0, x=0, y=0, lppt=0x2d97960 | out: lppt=0x2d97960) returned 1
[0294.430] IsAppThemed () returned 0x1
[0294.430] GetThemeAppProperties () returned 0x3
[0294.430] GetThemeAppProperties () returned 0x3
[0294.430] DrawThemeBackground () returned 0x0
[0294.430] RestoreDC (hdc=0x2e0107d0, nSavedDC=-1) returned 1
[0294.430] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107d0) returned 0x0
[0294.431] GdipCreateRegion (region=0xd7df60) returned 0x0
[0294.431] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.431] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0294.431] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0294.431] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0294.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0294.431] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eea28) returned 0x0
[0294.431] LocalFree (hMem=0x11eea28) returned 0x0
[0294.431] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.431] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0294.431] LocalFree (hMem=0x11ee788) returned 0x0
[0294.431] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0294.431] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0294.431] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0294.431] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0294.431] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.431] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0294.431] GetCurrentObject (hdc=0x2e0107d0, type=0x1) returned 0xb00017
[0294.432] GetCurrentObject (hdc=0x2e0107d0, type=0x2) returned 0x900010
[0294.432] GetCurrentObject (hdc=0x2e0107d0, type=0x7) returned 0x4a0507fe
[0294.432] GetCurrentObject (hdc=0x2e0107d0, type=0x6) returned 0x8a01c2
[0294.432] SaveDC (hdc=0x2e0107d0) returned 1
[0294.432] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4e040807
[0294.432] GetClipRgn (hdc=0x2e0107d0, hrgn=0x4e040807) returned 0
[0294.432] SelectClipRgn (hdc=0x2e0107d0, hrgn=0xd70407de) returned 2
[0294.432] DeleteObject (ho=0x4e040807) returned 1
[0294.432] DeleteObject (ho=0xd70407de) returned 1
[0294.432] OffsetViewportOrgEx (in: hdc=0x2e0107d0, x=0, y=0, lppt=0x2d97c34 | out: lppt=0x2d97c34) returned 1
[0294.432] IsAppThemed () returned 0x1
[0294.432] GetThemeAppProperties () returned 0x3
[0294.432] GetThemeAppProperties () returned 0x3
[0294.432] GetThemeBackgroundContentRect () returned 0x0
[0294.432] RestoreDC (hdc=0x2e0107d0, nSavedDC=-1) returned 1
[0294.432] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107d0) returned 0x0
[0294.432] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0294.432] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0294.433] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0294.433] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0294.433] IsAppThemed () returned 0x1
[0294.433] GetThemeAppProperties () returned 0x3
[0294.433] GetThemeAppProperties () returned 0x3
[0294.433] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0294.433] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0294.433] GetCurrentObject (hdc=0x2e0107d0, type=0x1) returned 0xb00017
[0294.433] GetCurrentObject (hdc=0x2e0107d0, type=0x2) returned 0x900010
[0294.433] GetCurrentObject (hdc=0x2e0107d0, type=0x7) returned 0x4a0507fe
[0294.433] GetCurrentObject (hdc=0x2e0107d0, type=0x6) returned 0x8a01c2
[0294.433] SaveDC (hdc=0x2e0107d0) returned 1
[0294.433] GetTextAlign (hdc=0x2e0107d0) returned 0x0
[0294.433] GetTextColor (hdc=0x2e0107d0) returned 0x0
[0294.433] GetCurrentObject (hdc=0x2e0107d0, type=0x6) returned 0x8a01c2
[0294.433] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0294.434] SelectObject (hdc=0x2e0107d0, h=0x6d0a0520) returned 0x8a01c2
[0294.434] GetBkMode (hdc=0x2e0107d0) returned 2
[0294.434] SetBkMode (hdc=0x2e0107d0, mode=1) returned 2
[0294.434] DrawTextExW (in: hdc=0x2e0107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d97ff8 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0294.434] DrawTextExW (in: hdc=0x2e0107d0, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d97ff8 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0294.440] RestoreDC (hdc=0x2e0107d0, nSavedDC=-1) returned 1
[0294.440] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107d0) returned 0x0
[0294.440] GetFocus () returned 0x3402d8
[0294.440] IsAppThemed () returned 0x1
[0294.441] GetThemeAppProperties () returned 0x3
[0294.441] GetThemeAppProperties () returned 0x3
[0294.441] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0294.441] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x2e0107d0, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.441] GdipReleaseDC (graphics=0x6600030, hdc=0x2e0107d0) returned 0x0
[0294.441] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.441] SelectObject (hdc=0x2e0107d0, h=0x85000f) returned 0x4a0507fe
[0294.441] DeleteDC (hdc=0x2e0107d0) returned 1
[0294.441] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.441] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0294.441] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.441] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0294.442] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.442] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.442] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0294.443] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.443] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.444] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0294.445] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.445] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.445] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.445] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.445] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.446] IsWindowUnicode (hWnd=0x2802ce) returned 1
[0294.446] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.446] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.446] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.446] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.446] IsWindowUnicode (hWnd=0x2802ce) returned 1
[0294.446] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.447] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.447] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.447] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x2a1, wParam=0x0, lParam=0xb0039) returned 0x0
[0294.447] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.447] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.447] WaitMessage () returned 1
[0294.478] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.478] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.478] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.478] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.478] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.479] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.480] WaitMessage () returned 1
[0294.481] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.481] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.481] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.481] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.481] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.482] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.482] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.482] WaitMessage () returned 1
[0294.483] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.483] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.483] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.483] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.483] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.485] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.485] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.485] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.485] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.485] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.485] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.486] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.486] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.486] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.486] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.486] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.486] WaitMessage () returned 1
[0294.487] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.487] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.487] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.487] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.487] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.489] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.489] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.489] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.489] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.489] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.490] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.490] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.490] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.490] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.490] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.490] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.490] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.490] WaitMessage () returned 1
[0294.491] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.491] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.491] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.491] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.491] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.492] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.493] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.493] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.493] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.493] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.493] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.493] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.494] WaitMessage () returned 1
[0294.494] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.494] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.494] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.496] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.496] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.496] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.497] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.497] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.497] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.501] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.501] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.501] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.501] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.501] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.501] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0294.501] WaitMessage () returned 1
[0294.550] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.550] IsWindowUnicode (hWnd=0x2802ce) returned 1
[0294.550] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.550] GetDlgItem (hDlg=0x3202dc, nIDDlgItem=0) returned 0x0
[0294.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x210, wParam=0x201, lParam=0x69011a) returned 0x0
[0294.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x21, wParam=0x3202dc, lParam=0x2010001) returned 0x1
[0294.550] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x21, wParam=0x3202dc, lParam=0x2010001) returned 0x1
[0294.551] SetCursor (hCursor=0x10003) returned 0x10003
[0294.551] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.551] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.551] GetKeyState (nVirtKey=1) returned -127
[0294.551] GetKeyState (nVirtKey=2) returned 0
[0294.551] GetKeyState (nVirtKey=4) returned 0
[0294.551] GetKeyState (nVirtKey=5) returned 0
[0294.551] GetKeyState (nVirtKey=6) returned 0
[0294.551] IsWindowVisible (hWnd=0x2802ce) returned 1
[0294.551] IsWindowEnabled (hWnd=0x2802ce) returned 1
[0294.551] SetFocus (hWnd=0x2802ce) returned 0x3402d8
[0294.551] GetFocus () returned 0x2802ce
[0294.551] IsChild (hWndParent=0x3202dc, hWnd=0x2802ce) returned 1
[0294.552] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x8, wParam=0x2802ce, lParam=0x0) returned 0x0
[0294.552] GetCapture () returned 0x0
[0294.552] InvalidateRect (hWnd=0x3402d8, lpRect=0x0, bErase=0) returned 1
[0294.552] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0294.554] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0294.555] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.555] InvalidateRect (hWnd=0x3402d8, lpRect=0x0, bErase=0) returned 1
[0294.555] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.555] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x7, wParam=0x3402d8, lParam=0x0) returned 0x0
[0294.555] GetStockObject (i=5) returned 0x900015
[0294.555] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0294.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0xd, wParam=0xa, lParam=0x11f57a0) returned 0x9
[0294.556] GetDlgItem (hDlg=0x3202dc, nIDDlgItem=2622158) returned 0x2802ce
[0294.556] SendMessageW (hWnd=0x2802ce, Msg=0x202b, wParam=0x2802ce, lParam=0xd7dddc) returned 0x0
[0294.556] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x202b, wParam=0x2802ce, lParam=0xd7dddc) returned 0x0
[0294.556] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.557] GetFocus () returned 0x2802ce
[0294.557] GetFocus () returned 0x2802ce
[0294.557] GetFocus () returned 0x2802ce
[0294.557] GetKeyState (nVirtKey=1) returned -127
[0294.557] GetKeyState (nVirtKey=2) returned 0
[0294.557] GetKeyState (nVirtKey=4) returned 0
[0294.557] GetKeyState (nVirtKey=5) returned 0
[0294.557] GetKeyState (nVirtKey=6) returned 0
[0294.557] GetCapture () returned 0x0
[0294.557] SetCapture (hWnd=0x2802ce) returned 0x0
[0294.557] GetKeyState (nVirtKey=1) returned -127
[0294.557] GetKeyState (nVirtKey=2) returned 0
[0294.557] GetKeyState (nVirtKey=4) returned 0
[0294.557] GetKeyState (nVirtKey=5) returned 0
[0294.557] GetKeyState (nVirtKey=6) returned 0
[0294.557] NotifyWinEvent (event=0x800a, hwnd=0x2802ce, idObject=-4, idChild=0)
[0294.557] InvalidateRect (hWnd=0x2802ce, lpRect=0xd7e430, bErase=0) returned 1
[0294.558] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.558] IsWindowUnicode (hWnd=0x2802ce) returned 1
[0294.558] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.558] TranslateMessage (lpMsg=0xd7e808) returned 0
[0294.558] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0294.558] MapWindowPoints (in: hWndFrom=0x2802ce, hWndTo=0x0, lpPoints=0x2d982e4, cPoints=0x1 | out: lpPoints=0x2d982e4) returned 30999254
[0294.558] NotifyWinEvent (event=0x800a, hwnd=0x2802ce, idObject=-4, idChild=0)
[0294.558] InvalidateRect (hWnd=0x2802ce, lpRect=0xd7e3d0, bErase=0) returned 1
[0294.558] UpdateWindow (hWnd=0x2802ce) returned 1
[0294.558] BeginPaint (in: hWnd=0x2802ce, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0294.558] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.558] CreateCompatibleDC (hdc=0xc0107c5) returned 0x210107bb
[0294.558] SelectObject (hdc=0x210107bb, h=0x4a0507fe) returned 0x85000f
[0294.558] GdipCreateFromHDC (hdc=0x210107bb, graphics=0xd7df00) returned 0x0
[0294.559] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.559] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0294.559] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0294.559] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0294.559] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df60) returned 0x0
[0294.559] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.559] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0294.559] LocalFree (hMem=0x11eec58) returned 0x0
[0294.559] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0294.559] GdipCreateRegion (region=0xd7df48) returned 0x0
[0294.559] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.559] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0294.559] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0294.559] GdipRestoreGraphics (graphics=0x6600030, state=0xf5f40dbd) returned 0x0
[0294.560] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.560] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0294.560] GetCurrentObject (hdc=0x210107bb, type=0x1) returned 0xb00017
[0294.560] GetCurrentObject (hdc=0x210107bb, type=0x2) returned 0x900010
[0294.560] GetCurrentObject (hdc=0x210107bb, type=0x7) returned 0x4a0507fe
[0294.560] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.560] SaveDC (hdc=0x210107bb) returned 1
[0294.560] GetNearestColor (hdc=0x210107bb, color=0xf0f0f0) returned 0xf0f0f0
[0294.560] GetNearestColor (hdc=0x210107bb, color=0xa0a0a0) returned 0xa0a0a0
[0294.560] GetNearestColor (hdc=0x210107bb, color=0x696969) returned 0x696969
[0294.560] GetNearestColor (hdc=0x210107bb, color=0xa0a0a0) returned 0xa0a0a0
[0294.560] GetNearestColor (hdc=0x210107bb, color=0x0) returned 0x0
[0294.560] GetNearestColor (hdc=0x210107bb, color=0xffffff) returned 0xffffff
[0294.560] GetNearestColor (hdc=0x210107bb, color=0xe5e5e5) returned 0xe5e5e5
[0294.560] GetNearestColor (hdc=0x210107bb, color=0xd7d7d7) returned 0xd7d7d7
[0294.560] GetNearestColor (hdc=0x210107bb, color=0x0) returned 0x0
[0294.560] RestoreDC (hdc=0x210107bb, nSavedDC=-1) returned 1
[0294.561] GdipReleaseDC (graphics=0x6600030, hdc=0x210107bb) returned 0x0
[0294.561] IsAppThemed () returned 0x1
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] IsAppThemed () returned 0x1
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d98a3c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0294.561] IsAppThemed () returned 0x1
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] IsAppThemed () returned 0x1
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] IsAppThemed () returned 0x1
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] GetThemeAppProperties () returned 0x3
[0294.561] IsAppThemed () returned 0x1
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] IsThemePartDefined () returned 0x1
[0294.562] IsAppThemed () returned 0x1
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0294.562] IsAppThemed () returned 0x1
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] IsAppThemed () returned 0x1
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] GetThemeAppProperties () returned 0x3
[0294.562] IsThemePartDefined () returned 0x1
[0294.562] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0294.562] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0294.562] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0294.562] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0294.562] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc7c) returned 0x0
[0294.562] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0294.562] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0294.562] LocalFree (hMem=0x11eea28) returned 0x0
[0294.562] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0294.562] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0294.562] LocalFree (hMem=0x11ee868) returned 0x0
[0294.562] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0294.563] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0294.563] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0294.563] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0294.563] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.563] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0294.563] GetCurrentObject (hdc=0x210107bb, type=0x1) returned 0xb00017
[0294.563] GetCurrentObject (hdc=0x210107bb, type=0x2) returned 0x900010
[0294.563] GetCurrentObject (hdc=0x210107bb, type=0x7) returned 0x4a0507fe
[0294.563] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.563] SaveDC (hdc=0x210107bb) returned 1
[0294.563] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd80407de
[0294.563] GetClipRgn (hdc=0x210107bb, hrgn=0xd80407de) returned 0
[0294.563] SelectClipRgn (hdc=0x210107bb, hrgn=0x52040807) returned 2
[0294.563] DeleteObject (ho=0xd80407de) returned 1
[0294.563] DeleteObject (ho=0x52040807) returned 1
[0294.563] OffsetViewportOrgEx (in: hdc=0x210107bb, x=0, y=0, lppt=0x2d990ec | out: lppt=0x2d990ec) returned 1
[0294.563] DrawThemeParentBackground () returned 0x0
[0294.563] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0294.564] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0294.564] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.564] GetSystemMetrics (nIndex=42) returned 0
[0294.564] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0294.564] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0294.564] GetCurrentObject (hdc=0x210107bb, type=0x1) returned 0xb00017
[0294.564] GetCurrentObject (hdc=0x210107bb, type=0x2) returned 0x900010
[0294.564] GetCurrentObject (hdc=0x210107bb, type=0x7) returned 0x4a0507fe
[0294.564] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.564] SaveDC (hdc=0x210107bb) returned 2
[0294.564] GetNearestColor (hdc=0x210107bb, color=0xf0f0f0) returned 0xf0f0f0
[0294.564] CreateSolidBrush (color=0xf0f0f0) returned 0x4e1007e1
[0294.564] FillRect (hDC=0x210107bb, lprc=0xd7d6c8, hbr=0x4e1007e1) returned 1
[0294.564] DeleteObject (ho=0x4e1007e1) returned 1
[0294.564] RestoreDC (hdc=0x210107bb, nSavedDC=-1) returned 1
[0294.564] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.564] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.564] GetSystemMetrics (nIndex=42) returned 0
[0294.564] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0294.565] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0294.565] GetCurrentObject (hdc=0x210107bb, type=0x1) returned 0xb00017
[0294.565] GetCurrentObject (hdc=0x210107bb, type=0x2) returned 0x900010
[0294.565] GetCurrentObject (hdc=0x210107bb, type=0x7) returned 0x4a0507fe
[0294.565] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.565] SaveDC (hdc=0x210107bb) returned 2
[0294.565] GetNearestColor (hdc=0x210107bb, color=0xf0f0f0) returned 0xf0f0f0
[0294.565] CreateSolidBrush (color=0xf0f0f0) returned 0x4f1007e1
[0294.565] FillRect (hDC=0x210107bb, lprc=0xd7d668, hbr=0x4f1007e1) returned 1
[0294.565] DeleteObject (ho=0x4f1007e1) returned 1
[0294.565] RestoreDC (hdc=0x210107bb, nSavedDC=-1) returned 1
[0294.565] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.565] GetSystemMetrics (nIndex=42) returned 0
[0294.565] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.565] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0294.566] RestoreDC (hdc=0x210107bb, nSavedDC=-1) returned 1
[0294.566] GdipReleaseDC (graphics=0x6600030, hdc=0x210107bb) returned 0x0
[0294.566] IsAppThemed () returned 0x1
[0294.566] GetThemeAppProperties () returned 0x3
[0294.566] GetThemeAppProperties () returned 0x3
[0294.566] IsAppThemed () returned 0x1
[0294.566] GetThemeAppProperties () returned 0x3
[0294.566] GetThemeAppProperties () returned 0x3
[0294.566] IsThemePartDefined () returned 0x1
[0294.566] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0294.566] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0294.566] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0294.566] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0294.566] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc00) returned 0x0
[0294.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0294.566] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eecc8) returned 0x0
[0294.566] LocalFree (hMem=0x11eecc8) returned 0x0
[0294.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0294.566] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0294.566] LocalFree (hMem=0x11ee9f0) returned 0x0
[0294.566] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0294.566] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0294.567] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0294.567] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0294.567] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0294.567] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0294.567] GetCurrentObject (hdc=0x210107bb, type=0x1) returned 0xb00017
[0294.567] GetCurrentObject (hdc=0x210107bb, type=0x2) returned 0x900010
[0294.567] GetCurrentObject (hdc=0x210107bb, type=0x7) returned 0x4a0507fe
[0294.567] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.567] SaveDC (hdc=0x210107bb) returned 1
[0294.567] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x53040807
[0294.567] GetClipRgn (hdc=0x210107bb, hrgn=0x53040807) returned 0
[0294.567] SelectClipRgn (hdc=0x210107bb, hrgn=0xda0407de) returned 2
[0294.567] DeleteObject (ho=0x53040807) returned 1
[0294.567] DeleteObject (ho=0xda0407de) returned 1
[0294.567] OffsetViewportOrgEx (in: hdc=0x210107bb, x=0, y=0, lppt=0x2d99a70 | out: lppt=0x2d99a70) returned 1
[0294.567] IsAppThemed () returned 0x1
[0294.567] GetThemeAppProperties () returned 0x3
[0294.567] GetThemeAppProperties () returned 0x3
[0294.567] DrawThemeBackground () returned 0x0
[0294.567] RestoreDC (hdc=0x210107bb, nSavedDC=-1) returned 1
[0294.568] GdipReleaseDC (graphics=0x6600030, hdc=0x210107bb) returned 0x0
[0294.568] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0294.568] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.568] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0294.568] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0294.568] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc04) returned 0x0
[0294.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.568] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0294.568] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.568] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0294.568] LocalFree (hMem=0x11eec58) returned 0x0
[0294.568] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0294.568] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0294.568] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0294.568] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0294.568] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.568] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0294.568] GetCurrentObject (hdc=0x210107bb, type=0x1) returned 0xb00017
[0294.568] GetCurrentObject (hdc=0x210107bb, type=0x2) returned 0x900010
[0294.568] GetCurrentObject (hdc=0x210107bb, type=0x7) returned 0x4a0507fe
[0294.568] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.569] SaveDC (hdc=0x210107bb) returned 1
[0294.569] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdb0407de
[0294.569] GetClipRgn (hdc=0x210107bb, hrgn=0xdb0407de) returned 0
[0294.569] SelectClipRgn (hdc=0x210107bb, hrgn=0x54040807) returned 2
[0294.569] DeleteObject (ho=0xdb0407de) returned 1
[0294.569] DeleteObject (ho=0x54040807) returned 1
[0294.569] OffsetViewportOrgEx (in: hdc=0x210107bb, x=0, y=0, lppt=0x2d99d44 | out: lppt=0x2d99d44) returned 1
[0294.569] IsAppThemed () returned 0x1
[0294.569] GetThemeAppProperties () returned 0x3
[0294.569] GetThemeAppProperties () returned 0x3
[0294.569] GetThemeBackgroundContentRect () returned 0x0
[0294.569] RestoreDC (hdc=0x210107bb, nSavedDC=-1) returned 1
[0294.569] GdipReleaseDC (graphics=0x6600030, hdc=0x210107bb) returned 0x0
[0294.569] IsAppThemed () returned 0x1
[0294.569] GetThemeAppProperties () returned 0x3
[0294.569] GetThemeAppProperties () returned 0x3
[0294.569] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0294.569] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0294.569] GetCurrentObject (hdc=0x210107bb, type=0x1) returned 0xb00017
[0294.569] GetCurrentObject (hdc=0x210107bb, type=0x2) returned 0x900010
[0294.569] GetCurrentObject (hdc=0x210107bb, type=0x7) returned 0x4a0507fe
[0294.570] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.570] SaveDC (hdc=0x210107bb) returned 1
[0294.570] GetTextAlign (hdc=0x210107bb) returned 0x0
[0294.570] GetTextColor (hdc=0x210107bb) returned 0x0
[0294.570] GetCurrentObject (hdc=0x210107bb, type=0x6) returned 0x8a01c2
[0294.570] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0294.570] SelectObject (hdc=0x210107bb, h=0x6d0a0520) returned 0x8a01c2
[0294.570] GetBkMode (hdc=0x210107bb) returned 2
[0294.570] SetBkMode (hdc=0x210107bb, mode=1) returned 2
[0294.570] DrawTextExW (in: hdc=0x210107bb, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d9a0e4 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0294.570] DrawTextExW (in: hdc=0x210107bb, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d9a0e4 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0294.571] RestoreDC (hdc=0x210107bb, nSavedDC=-1) returned 1
[0294.571] GdipReleaseDC (graphics=0x6600030, hdc=0x210107bb) returned 0x0
[0294.571] GetFocus () returned 0x2802ce
[0294.571] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0294.571] SendMessageW (hWnd=0x3202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0294.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0294.571] IsAppThemed () returned 0x1
[0294.571] GetThemeAppProperties () returned 0x3
[0294.571] GetThemeAppProperties () returned 0x3
[0294.571] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0294.571] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x210107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.571] GdipReleaseDC (graphics=0x6600030, hdc=0x210107bb) returned 0x0
[0294.571] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.571] SelectObject (hdc=0x210107bb, h=0x85000f) returned 0x4a0507fe
[0294.571] DeleteDC (hdc=0x210107bb) returned 1
[0294.571] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.572] EndPaint (hWnd=0x2802ce, lpPaint=0xd7dee4) returned 1
[0294.572] MapWindowPoints (in: hWndFrom=0x2802ce, hWndTo=0x0, lpPoints=0x2d9a1e0, cPoints=0x1 | out: lpPoints=0x2d9a1e0) returned 30999254
[0294.572] WindowFromPoint (Point=0x30f) returned 0x2802ce
[0294.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.572] NotifyWinEvent (event=0x800a, hwnd=0x2802ce, idObject=-4, idChild=0)
[0294.572] NotifyWinEvent (event=0x800c, hwnd=0x2802ce, idObject=-4, idChild=0)
[0294.572] GetCapture () returned 0x2802ce
[0294.572] ReleaseCapture () returned 1
[0294.572] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0294.572] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0294.573] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.573] IsWindow (hWnd=0x7005c) returned 1
[0294.573] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0294.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0294.573] IsWindow (hWnd=0x3202dc) returned 1
[0294.573] SetActiveWindow (hWnd=0x3202dc) returned 0x3202dc
[0294.573] IsWindow (hWnd=0x3202dc) returned 1
[0294.573] SetFocus (hWnd=0x3202dc) returned 0x2802ce
[0294.574] GetFocus () returned 0x3202dc
[0294.574] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x8, wParam=0x3202dc, lParam=0x0) returned 0x0
[0294.574] GetCapture () returned 0x0
[0294.574] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.575] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0294.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0294.580] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.580] GetFocus () returned 0x3202dc
[0294.580] SetFocus (hWnd=0x2802ce) returned 0x3202dc
[0294.581] GetFocus () returned 0x2802ce
[0294.581] IsChild (hWndParent=0x3202dc, hWnd=0x2802ce) returned 1
[0294.581] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x8, wParam=0x2802ce, lParam=0x0) returned 0x0
[0294.582] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0294.583] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0294.584] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.584] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x7, wParam=0x3202dc, lParam=0x0) returned 0x0
[0294.584] GetStockObject (i=5) returned 0x900015
[0294.584] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0294.584] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0294.584] GetDlgItem (hDlg=0x3202dc, nIDDlgItem=2622158) returned 0x2802ce
[0294.584] SendMessageW (hWnd=0x2802ce, Msg=0x202b, wParam=0x2802ce, lParam=0xd7ddcc) returned 0x0
[0294.584] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x202b, wParam=0x2802ce, lParam=0xd7ddcc) returned 0x0
[0294.585] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.586] GetWindowLongW (hWnd=0x3202dc, nIndex=-8) returned 458844
[0294.586] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0294.586] GetCurrentThreadId () returned 0xf50
[0294.586] IsWindow (hWnd=0x7005c) returned 1
[0294.586] IsWindow (hWnd=0x7005c) returned 1
[0294.586] IsWindowVisible (hWnd=0x7005c) returned 1
[0294.586] SetActiveWindow (hWnd=0x7005c) returned 0x3202dc
[0294.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0294.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.588] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0294.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0294.590] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0294.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0294.590] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0294.590] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0294.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.591] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.591] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.591] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3202dc) returned 0x1
[0294.594] GetFocus () returned 0x2802ce
[0294.594] SetFocus (hWnd=0x602c4) returned 0x2802ce
[0294.594] GetFocus () returned 0x602c4
[0294.594] IsChild (hWndParent=0x3202dc, hWnd=0x602c4) returned 0
[0294.594] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0294.594] GetCapture () returned 0x0
[0294.594] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0294.596] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0294.597] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.597] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0294.598] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.598] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0294.598] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0294.598] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2802ce, lParam=0x0) returned 0x0
[0294.598] GetStockObject (i=5) returned 0x900015
[0294.598] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0294.598] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0294.599] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0294.599] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0294.599] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0294.599] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0294.600] GetFocus () returned 0x602c4
[0294.600] IsChild (hWndParent=0x3202dc, hWnd=0x602c4) returned 0
[0294.600] ShowWindow (hWnd=0x3202dc, nCmdShow=0) returned 1
[0294.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0294.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0294.601] GetWindowPlacement (in: hWnd=0x3202dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0294.601] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0294.602] GetClientRect (in: hWnd=0x3202dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0294.602] GetWindowRect (in: hWnd=0x3202dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0294.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0294.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0294.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0294.603] GetWindowLongW (hWnd=0x3202dc, nIndex=-20) returned 327945
[0294.603] DestroyWindow (hWnd=0x3202dc) returned 1
[0294.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0294.603] GetWindowTextLengthW (hWnd=0x3202dc) returned 24
[0294.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0294.603] GetSystemMetrics (nIndex=42) returned 0
[0294.603] GetWindowTextW (in: hWnd=0x3202dc, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0294.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0294.604] GetWindowTextLengthW (hWnd=0x3500ea) returned 0
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0294.604] GetSystemMetrics (nIndex=42) returned 0
[0294.604] GetWindowTextW (in: hWnd=0x3500ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0294.604] GetWindowThreadProcessId (in: hWnd=0x2702d0, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0294.604] GetWindow (hWnd=0x2702d0, uCmd=0x5) returned 0x0
[0294.604] GetWindowLongW (hWnd=0x2702d0, nIndex=-20) returned 65792
[0294.604] DestroyWindow (hWnd=0x2702d0) returned 1
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0294.604] GetWindowTextLengthW (hWnd=0x2702d0) returned 25
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0294.604] GetSystemMetrics (nIndex=42) returned 0
[0294.604] GetWindowTextW (in: hWnd=0x2702d0, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0294.604] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0294.605] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2702d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.605] GetWindowTextLengthW (hWnd=0x2c02c8) returned 232
[0294.605] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0294.606] GetSystemMetrics (nIndex=42) returned 0
[0294.606] GetWindowTextW (in: hWnd=0x2c02c8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0294.606] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0294.606] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0294.606] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0294.606] InvalidateRect (hWnd=0x2802ce, lpRect=0x0, bErase=0) returned 1
[0294.606] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0294.606] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0294.614] SendMessageW (hWnd=0x3202da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0294.614] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0294.614] SendMessageW (hWnd=0x3202da, Msg=0xb0, wParam=0x2d65c70, lParam=0xd7e480) returned 0x0
[0294.614] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0xb0, wParam=0x2d65c70, lParam=0xd7e480) returned 0x0
[0294.614] GetWindowTextLengthW (hWnd=0x3202da) returned 4363
[0294.614] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0294.615] GetSystemMetrics (nIndex=42) returned 0
[0294.615] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0294.615] GetWindowTextW (in: hWnd=0x3202da, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0294.615] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0294.615] CoTaskMemFree (pv=0x1202960)
[0294.615] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0294.615] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3500ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.616] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2c02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2802ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.619] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3202de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.620] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3202dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0294.627] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.627] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.627] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.628] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.628] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.628] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.628] IsWindowUnicode (hWnd=0x7005c) returned 1
[0294.628] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.628] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.628] SetCursor (hCursor=0x10003) returned 0x10003
[0294.629] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.629] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.629] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0294.629] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0294.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0294.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0251) returned 0x0
[0294.629] GetKeyState (nVirtKey=1) returned 1
[0294.629] GetKeyState (nVirtKey=2) returned 0
[0294.629] GetKeyState (nVirtKey=4) returned 0
[0294.629] GetKeyState (nVirtKey=5) returned 0
[0294.629] GetKeyState (nVirtKey=6) returned 0
[0294.629] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.630] IsWindowUnicode (hWnd=0x7005c) returned 1
[0294.630] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.630] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.630] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.630] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.631] IsWindowUnicode (hWnd=0x7005c) returned 1
[0294.631] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e4030f) returned 0x1
[0294.631] SetCursor (hCursor=0x10003) returned 0x10003
[0294.631] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.631] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10f0251) returned 0x0
[0294.631] GetKeyState (nVirtKey=1) returned 1
[0294.631] GetKeyState (nVirtKey=2) returned 0
[0294.631] GetKeyState (nVirtKey=4) returned 0
[0294.631] GetKeyState (nVirtKey=5) returned 0
[0294.631] GetKeyState (nVirtKey=6) returned 0
[0294.631] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.632] IsWindowUnicode (hWnd=0x602c4) returned 1
[0294.632] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.632] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.632] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.632] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.633] IsWindowUnicode (hWnd=0x602c4) returned 1
[0294.633] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.633] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.633] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.633] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0294.633] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.633] CreateCompatibleDC (hdc=0xc0107c5) returned 0x8b0107ae
[0294.634] SelectObject (hdc=0x8b0107ae, h=0x4a0507fe) returned 0x85000f
[0294.634] GdipCreateFromHDC (hdc=0x8b0107ae, graphics=0xd7e798) returned 0x0
[0294.634] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0294.634] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0294.634] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0294.634] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0294.634] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e7f8) returned 0x0
[0294.634] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0294.634] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0294.634] LocalFree (hMem=0x11eecc8) returned 0x0
[0294.634] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0294.634] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0294.634] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0294.634] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0294.635] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0294.635] GdipRestoreGraphics (graphics=0x6600030, state=0xf5f20dbd) returned 0x0
[0294.635] GdipDeleteRegion (region=0x6646958) returned 0x0
[0294.635] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0294.635] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0294.635] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0294.635] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0294.635] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0294.635] SaveDC (hdc=0x8b0107ae) returned 1
[0294.635] GetNearestColor (hdc=0x8b0107ae, color=0xff) returned 0xff
[0294.635] GetNearestColor (hdc=0x8b0107ae, color=0x55) returned 0x55
[0294.635] GetNearestColor (hdc=0x8b0107ae, color=0x0) returned 0x0
[0294.635] GetNearestColor (hdc=0x8b0107ae, color=0x55) returned 0x55
[0294.635] GetNearestColor (hdc=0x8b0107ae, color=0x0) returned 0x0
[0294.636] GetNearestColor (hdc=0x8b0107ae, color=0x8080ff) returned 0x8080ff
[0294.636] GetNearestColor (hdc=0x8b0107ae, color=0x7373e5) returned 0x7373e5
[0294.636] GetNearestColor (hdc=0x8b0107ae, color=0xe5) returned 0xe5
[0294.636] GetNearestColor (hdc=0x8b0107ae, color=0x0) returned 0x0
[0294.636] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0294.636] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0294.636] IsAppThemed () returned 0x1
[0294.636] GetThemeAppProperties () returned 0x3
[0294.636] GetThemeAppProperties () returned 0x3
[0294.636] IsAppThemed () returned 0x1
[0294.636] GetThemeAppProperties () returned 0x3
[0294.636] GetThemeAppProperties () returned 0x3
[0294.636] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2da1f94 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0294.637] IsAppThemed () returned 0x1
[0294.637] GetThemeAppProperties () returned 0x3
[0294.637] GetThemeAppProperties () returned 0x3
[0294.637] IsAppThemed () returned 0x1
[0294.637] GetThemeAppProperties () returned 0x3
[0294.637] GetThemeAppProperties () returned 0x3
[0294.637] GetFocus () returned 0x602c4
[0294.637] IsAppThemed () returned 0x1
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] IsAppThemed () returned 0x1
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] IsThemePartDefined () returned 0x1
[0294.646] IsAppThemed () returned 0x1
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0294.646] IsAppThemed () returned 0x1
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] IsAppThemed () returned 0x1
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] GetThemeAppProperties () returned 0x3
[0294.646] IsThemePartDefined () returned 0x1
[0294.646] GdipCreateRegion (region=0xd7e508) returned 0x0
[0294.647] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0294.647] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0294.647] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0294.647] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e520) returned 0x0
[0294.647] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.647] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0294.647] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.647] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.647] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0294.647] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.647] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0294.647] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0294.647] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0294.647] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0294.647] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0294.647] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0294.647] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0294.648] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0294.648] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0294.648] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0294.648] SaveDC (hdc=0x8b0107ae) returned 1
[0294.648] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x55040807
[0294.648] GetClipRgn (hdc=0x8b0107ae, hrgn=0x55040807) returned 0
[0294.648] SelectClipRgn (hdc=0x8b0107ae, hrgn=0xdf0407de) returned 2
[0294.648] DeleteObject (ho=0x55040807) returned 1
[0294.648] DeleteObject (ho=0xdf0407de) returned 1
[0294.648] OffsetViewportOrgEx (in: hdc=0x8b0107ae, x=0, y=0, lppt=0x2da2644 | out: lppt=0x2da2644) returned 1
[0294.648] DrawThemeParentBackground () returned 0x0
[0294.648] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0294.649] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0294.649] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.649] GetSystemMetrics (nIndex=42) returned 0
[0294.649] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0294.649] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0294.649] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0294.649] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0294.649] SelectPalette (hdc=0x8b0107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.649] GdipCreateFromHDC (hdc=0x8b0107ae, graphics=0xd7dff8) returned 0x0
[0294.649] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0294.649] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0294.649] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638d58) returned 0x0
[0294.650] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfd0) returned 0x0
[0294.650] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0294.650] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0294.650] GdipGetClip (graphics=0x6639e10, region=0x6646d48) returned 0x0
[0294.650] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6639e10, result=0xd7dfc4) returned 0x0
[0294.650] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.650] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dff0) returned 0x0
[0294.650] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0294.667] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d828, x=0, y=0, width=801, height=453) returned 0x0
[0294.667] GdipDeleteBrush (brush=0x664d828) returned 0x0
[0294.668] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0294.668] SelectPalette (hdc=0x8b0107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.675] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.675] GetSystemMetrics (nIndex=42) returned 0
[0294.675] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.675] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0294.675] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0294.675] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0294.675] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0294.675] SelectPalette (hdc=0x8b0107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0294.676] GdipCreateFromHDC (hdc=0x8b0107ae, graphics=0xd7df98) returned 0x0
[0294.676] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0294.676] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0294.676] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638c38) returned 0x0
[0294.676] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df70) returned 0x0
[0294.676] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0294.676] GdipCreateRegion (region=0xd7df58) returned 0x0
[0294.676] GdipGetClip (graphics=0x6639e10, region=0x66467a8) returned 0x0
[0294.676] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6639e10, result=0xd7df64) returned 0x0
[0294.676] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.676] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df90) returned 0x0
[0294.676] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0294.693] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d828, x=0, y=0, width=801, height=453) returned 0x0
[0294.693] GdipDeleteBrush (brush=0x664d828) returned 0x0
[0294.694] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5ee0dbd) returned 0x0
[0294.695] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0294.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0294.695] GetSystemMetrics (nIndex=42) returned 0
[0294.695] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0294.695] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0294.695] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0294.695] SelectPalette (hdc=0x8b0107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.695] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0294.695] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0294.695] IsAppThemed () returned 0x1
[0294.696] GetThemeAppProperties () returned 0x3
[0294.696] GetThemeAppProperties () returned 0x3
[0294.696] IsAppThemed () returned 0x1
[0294.696] GetThemeAppProperties () returned 0x3
[0294.696] GetThemeAppProperties () returned 0x3
[0294.696] IsThemePartDefined () returned 0x1
[0294.696] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0294.696] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0294.696] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0294.696] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0294.696] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a4) returned 0x0
[0294.696] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0294.696] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0294.696] LocalFree (hMem=0x11eec58) returned 0x0
[0294.696] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0294.696] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0294.696] LocalFree (hMem=0x11ee8d8) returned 0x0
[0294.696] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0294.696] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0294.697] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0294.697] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0294.697] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0294.697] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0294.697] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0294.697] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0294.697] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0294.697] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0294.697] SaveDC (hdc=0x8b0107ae) returned 1
[0294.697] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe00407de
[0294.697] GetClipRgn (hdc=0x8b0107ae, hrgn=0xe00407de) returned 0
[0294.697] SelectClipRgn (hdc=0x8b0107ae, hrgn=0x57040807) returned 2
[0294.697] DeleteObject (ho=0xe00407de) returned 1
[0294.697] DeleteObject (ho=0x57040807) returned 1
[0294.697] OffsetViewportOrgEx (in: hdc=0x8b0107ae, x=0, y=0, lppt=0x2da8e94 | out: lppt=0x2da8e94) returned 1
[0294.698] IsAppThemed () returned 0x1
[0294.698] GetThemeAppProperties () returned 0x3
[0294.698] GetThemeAppProperties () returned 0x3
[0294.698] DrawThemeBackground () returned 0x0
[0294.698] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0294.698] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0294.698] GdipCreateRegion (region=0xd7e490) returned 0x0
[0294.698] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0294.698] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0294.698] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0294.698] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e4a8) returned 0x0
[0294.698] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0294.698] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0294.698] LocalFree (hMem=0x11ee788) returned 0x0
[0294.698] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0294.698] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0294.698] LocalFree (hMem=0x11ee9f0) returned 0x0
[0294.699] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0294.699] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0294.699] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0294.699] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0294.699] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0294.699] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0294.699] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0294.699] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0294.699] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0294.699] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0294.699] SaveDC (hdc=0x8b0107ae) returned 1
[0294.699] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x58040807
[0294.699] GetClipRgn (hdc=0x8b0107ae, hrgn=0x58040807) returned 0
[0294.699] SelectClipRgn (hdc=0x8b0107ae, hrgn=0xe10407de) returned 2
[0294.699] DeleteObject (ho=0x58040807) returned 1
[0294.700] DeleteObject (ho=0xe10407de) returned 1
[0294.700] OffsetViewportOrgEx (in: hdc=0x8b0107ae, x=0, y=0, lppt=0x2da9168 | out: lppt=0x2da9168) returned 1
[0294.700] IsAppThemed () returned 0x1
[0294.700] GetThemeAppProperties () returned 0x3
[0294.700] GetThemeAppProperties () returned 0x3
[0294.700] GetThemeBackgroundContentRect () returned 0x0
[0294.700] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0294.707] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0294.707] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0294.708] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0294.708] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0294.708] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0294.708] IsAppThemed () returned 0x1
[0294.708] GetThemeAppProperties () returned 0x3
[0294.708] GetThemeAppProperties () returned 0x3
[0294.708] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0294.708] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0294.708] GetCurrentObject (hdc=0x8b0107ae, type=0x1) returned 0xb00017
[0294.708] GetCurrentObject (hdc=0x8b0107ae, type=0x2) returned 0x900010
[0294.708] GetCurrentObject (hdc=0x8b0107ae, type=0x7) returned 0x4a0507fe
[0294.708] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0294.708] SaveDC (hdc=0x8b0107ae) returned 1
[0294.708] GetTextAlign (hdc=0x8b0107ae) returned 0x0
[0294.708] GetTextColor (hdc=0x8b0107ae) returned 0x0
[0294.708] GetCurrentObject (hdc=0x8b0107ae, type=0x6) returned 0x8a01c2
[0294.709] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0294.709] SelectObject (hdc=0x8b0107ae, h=0x6d0a0520) returned 0x8a01c2
[0294.709] GetBkMode (hdc=0x8b0107ae) returned 2
[0294.709] SetBkMode (hdc=0x8b0107ae, mode=1) returned 2
[0294.709] DrawTextExW (in: hdc=0x8b0107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2da952c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0294.709] DrawTextExW (in: hdc=0x8b0107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2da952c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0294.710] RestoreDC (hdc=0x8b0107ae, nSavedDC=-1) returned 1
[0294.710] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0294.710] GetFocus () returned 0x602c4
[0294.710] IsAppThemed () returned 0x1
[0294.710] GetThemeAppProperties () returned 0x3
[0294.710] GetThemeAppProperties () returned 0x3
[0294.710] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0294.710] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x8b0107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0294.710] GdipReleaseDC (graphics=0x6600030, hdc=0x8b0107ae) returned 0x0
[0294.710] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0294.710] SelectObject (hdc=0x8b0107ae, h=0x85000f) returned 0x4a0507fe
[0294.710] DeleteDC (hdc=0x8b0107ae) returned 1
[0294.711] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0294.711] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0294.711] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.711] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.711] WaitMessage () returned 1
[0294.711] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.711] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.711] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.711] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.711] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.712] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.712] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.712] WaitMessage () returned 1
[0294.727] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.727] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.727] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.727] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.727] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.728] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.728] WaitMessage () returned 1
[0294.729] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.729] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.729] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.729] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.729] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.730] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.730] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.730] WaitMessage () returned 1
[0294.731] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.731] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.731] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.731] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.731] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.735] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.736] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.736] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.736] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.736] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.736] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.736] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.736] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.736] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.736] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.736] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.737] IsWindowUnicode (hWnd=0x7005c) returned 1
[0294.737] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.737] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.737] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.737] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.737] IsWindowUnicode (hWnd=0x7005c) returned 1
[0294.737] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.737] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.737] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.737] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10f0251) returned 0x0
[0294.737] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.737] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.737] WaitMessage () returned 1
[0294.739] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.739] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.739] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.739] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.739] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.740] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.740] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.740] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.740] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.740] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.740] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.741] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.741] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.741] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.741] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.741] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.741] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.741] WaitMessage () returned 1
[0294.741] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.741] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.741] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.742] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.742] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.743] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.743] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.743] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.743] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.743] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.743] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.743] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.743] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.743] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.743] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.743] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.744] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.744] WaitMessage () returned 1
[0294.744] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.744] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.744] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.744] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.744] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.746] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.746] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.746] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.746] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.746] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.747] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.747] IsWindowUnicode (hWnd=0x30122) returned 1
[0294.747] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.747] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.750] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.750] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.751] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.751] WaitMessage () returned 1
[0294.907] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.907] IsWindowUnicode (hWnd=0x502c6) returned 1
[0294.907] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0294.907] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0294.907] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0294.908] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.908] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0294.908] WaitMessage () returned 1
[0296.807] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.807] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500ee) returned 0x1
[0296.807] IsWindowUnicode (hWnd=0x602c4) returned 1
[0296.807] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.807] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0296.807] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0296.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0296.808] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.808] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500ee) returned 0x1
[0296.808] IsWindowUnicode (hWnd=0x602c4) returned 1
[0296.808] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.808] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500ee) returned 0x1
[0296.808] SetCursor (hCursor=0x10003) returned 0x10003
[0296.808] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0296.808] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0296.808] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0296.808] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0296.808] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0296.808] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0296.809] GetKeyState (nVirtKey=1) returned 1
[0296.809] GetKeyState (nVirtKey=2) returned 0
[0296.809] GetKeyState (nVirtKey=4) returned 0
[0296.809] GetKeyState (nVirtKey=5) returned 0
[0296.809] GetKeyState (nVirtKey=6) returned 0
[0296.809] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.809] IsWindowUnicode (hWnd=0x602c4) returned 1
[0296.809] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.809] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0296.809] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0296.809] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0296.809] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0296.809] CreateCompatibleDC (hdc=0xc0107c5) returned 0x80010671
[0296.810] SelectObject (hdc=0x80010671, h=0x4a0507fe) returned 0x85000f
[0296.810] GdipCreateFromHDC (hdc=0x80010671, graphics=0xd7e798) returned 0x0
[0296.810] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0296.810] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0296.810] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0296.810] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0296.810] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e7f8) returned 0x0
[0296.810] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0296.810] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0296.810] LocalFree (hMem=0x11ee788) returned 0x0
[0296.810] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0296.810] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0296.810] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0296.810] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0296.811] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0296.811] GdipRestoreGraphics (graphics=0x6600030, state=0xf5ec0dbd) returned 0x0
[0296.811] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0296.811] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0296.811] GetCurrentObject (hdc=0x80010671, type=0x1) returned 0xb00017
[0296.811] GetCurrentObject (hdc=0x80010671, type=0x2) returned 0x900010
[0296.811] GetCurrentObject (hdc=0x80010671, type=0x7) returned 0x4a0507fe
[0296.811] GetCurrentObject (hdc=0x80010671, type=0x6) returned 0x8a01c2
[0296.811] SaveDC (hdc=0x80010671) returned 1
[0296.811] GetNearestColor (hdc=0x80010671, color=0xff) returned 0xff
[0296.811] GetNearestColor (hdc=0x80010671, color=0x55) returned 0x55
[0296.811] GetNearestColor (hdc=0x80010671, color=0x0) returned 0x0
[0296.811] GetNearestColor (hdc=0x80010671, color=0x55) returned 0x55
[0296.811] GetNearestColor (hdc=0x80010671, color=0x0) returned 0x0
[0296.812] GetNearestColor (hdc=0x80010671, color=0x8080ff) returned 0x8080ff
[0296.812] GetNearestColor (hdc=0x80010671, color=0x7373e5) returned 0x7373e5
[0296.812] GetNearestColor (hdc=0x80010671, color=0xe5) returned 0xe5
[0296.812] GetNearestColor (hdc=0x80010671, color=0x0) returned 0x0
[0296.812] RestoreDC (hdc=0x80010671, nSavedDC=-1) returned 1
[0296.812] GdipReleaseDC (graphics=0x6600030, hdc=0x80010671) returned 0x0
[0296.812] IsAppThemed () returned 0x1
[0296.812] GetThemeAppProperties () returned 0x3
[0296.812] GetThemeAppProperties () returned 0x3
[0296.812] IsAppThemed () returned 0x1
[0296.812] GetThemeAppProperties () returned 0x3
[0296.812] GetThemeAppProperties () returned 0x3
[0296.812] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2da9e78 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0296.813] IsAppThemed () returned 0x1
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] IsAppThemed () returned 0x1
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] IsAppThemed () returned 0x1
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] IsAppThemed () returned 0x1
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] IsThemePartDefined () returned 0x1
[0296.813] IsAppThemed () returned 0x1
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] GetThemeAppProperties () returned 0x3
[0296.813] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0296.813] IsAppThemed () returned 0x1
[0296.813] GetThemeAppProperties () returned 0x3
[0296.814] GetThemeAppProperties () returned 0x3
[0296.814] IsAppThemed () returned 0x1
[0296.814] GetThemeAppProperties () returned 0x3
[0296.814] GetThemeAppProperties () returned 0x3
[0296.814] IsThemePartDefined () returned 0x1
[0296.814] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0296.814] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0296.814] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0296.814] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0296.814] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e514) returned 0x0
[0296.814] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0296.814] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0296.814] LocalFree (hMem=0x11ee868) returned 0x0
[0296.814] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0296.814] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0296.814] LocalFree (hMem=0x11ee8d8) returned 0x0
[0296.814] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0296.814] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0296.814] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0296.815] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0296.815] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0296.815] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0296.815] GetCurrentObject (hdc=0x80010671, type=0x1) returned 0xb00017
[0296.815] GetCurrentObject (hdc=0x80010671, type=0x2) returned 0x900010
[0296.815] GetCurrentObject (hdc=0x80010671, type=0x7) returned 0x4a0507fe
[0296.815] GetCurrentObject (hdc=0x80010671, type=0x6) returned 0x8a01c2
[0296.815] SaveDC (hdc=0x80010671) returned 1
[0296.815] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe20407de
[0296.815] GetClipRgn (hdc=0x80010671, hrgn=0xe20407de) returned 0
[0296.815] SelectClipRgn (hdc=0x80010671, hrgn=0x5c040807) returned 2
[0296.815] DeleteObject (ho=0xe20407de) returned 1
[0296.815] DeleteObject (ho=0x5c040807) returned 1
[0296.815] OffsetViewportOrgEx (in: hdc=0x80010671, x=0, y=0, lppt=0x2daa528 | out: lppt=0x2daa528) returned 1
[0296.815] DrawThemeParentBackground () returned 0x0
[0296.816] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0296.816] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0296.816] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0296.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0296.816] GetSystemMetrics (nIndex=42) returned 0
[0296.816] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0296.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0296.816] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0296.816] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0296.816] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0296.816] SelectPalette (hdc=0x80010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0296.816] GdipCreateFromHDC (hdc=0x80010671, graphics=0xd7dff0) returned 0x0
[0296.816] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0296.817] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0296.817] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638db8) returned 0x0
[0296.817] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dfc8) returned 0x0
[0296.817] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0296.817] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0296.817] GdipGetClip (graphics=0x6639e10, region=0x6646958) returned 0x0
[0296.817] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6639e10, result=0xd7dfbc) returned 0x0
[0296.817] GdipDeleteRegion (region=0x6646958) returned 0x0
[0296.817] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dfe8) returned 0x0
[0296.817] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0296.826] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0296.826] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0296.828] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0296.828] SelectPalette (hdc=0x80010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0296.828] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0296.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0296.828] GetSystemMetrics (nIndex=42) returned 0
[0296.829] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0296.829] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0296.829] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0296.829] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0296.829] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0296.829] SelectPalette (hdc=0x80010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0296.829] GdipCreateFromHDC (hdc=0x80010671, graphics=0xd7df90) returned 0x0
[0296.829] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0296.829] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0296.829] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638d88) returned 0x0
[0296.829] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df68) returned 0x0
[0296.829] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0296.829] GdipCreateRegion (region=0xd7df50) returned 0x0
[0296.829] GdipGetClip (graphics=0x6639e10, region=0x66463b8) returned 0x0
[0296.829] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6639e10, result=0xd7df5c) returned 0x0
[0296.830] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0296.830] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df88) returned 0x0
[0296.830] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0296.838] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0296.838] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0296.840] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5e80dbd) returned 0x0
[0296.840] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0296.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0296.840] GetSystemMetrics (nIndex=42) returned 0
[0296.840] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0296.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0296.840] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0296.840] SelectPalette (hdc=0x80010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0296.841] RestoreDC (hdc=0x80010671, nSavedDC=-1) returned 1
[0296.841] GdipReleaseDC (graphics=0x6600030, hdc=0x80010671) returned 0x0
[0296.841] IsAppThemed () returned 0x1
[0296.841] GetThemeAppProperties () returned 0x3
[0296.841] GetThemeAppProperties () returned 0x3
[0296.841] IsAppThemed () returned 0x1
[0296.841] GetThemeAppProperties () returned 0x3
[0296.841] GetThemeAppProperties () returned 0x3
[0296.841] IsThemePartDefined () returned 0x1
[0296.841] GdipCreateRegion (region=0xd7e480) returned 0x0
[0296.842] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0296.842] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0296.842] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0296.842] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e498) returned 0x0
[0296.842] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0296.842] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0296.842] LocalFree (hMem=0x11eec58) returned 0x0
[0296.842] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0296.842] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eea98) returned 0x0
[0296.842] LocalFree (hMem=0x11eea98) returned 0x0
[0296.842] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0296.842] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0296.842] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0296.842] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0296.842] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0296.842] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0296.842] GetCurrentObject (hdc=0x80010671, type=0x1) returned 0xb00017
[0296.842] GetCurrentObject (hdc=0x80010671, type=0x2) returned 0x900010
[0296.843] GetCurrentObject (hdc=0x80010671, type=0x7) returned 0x4a0507fe
[0296.843] GetCurrentObject (hdc=0x80010671, type=0x6) returned 0x8a01c2
[0296.843] SaveDC (hdc=0x80010671) returned 1
[0296.843] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5d040807
[0296.843] GetClipRgn (hdc=0x80010671, hrgn=0x5d040807) returned 0
[0296.843] SelectClipRgn (hdc=0x80010671, hrgn=0xe40407de) returned 2
[0296.843] DeleteObject (ho=0x5d040807) returned 1
[0296.843] DeleteObject (ho=0xe40407de) returned 1
[0296.843] OffsetViewportOrgEx (in: hdc=0x80010671, x=0, y=0, lppt=0x2db0d78 | out: lppt=0x2db0d78) returned 1
[0296.843] IsAppThemed () returned 0x1
[0296.843] GetThemeAppProperties () returned 0x3
[0296.843] GetThemeAppProperties () returned 0x3
[0296.843] DrawThemeBackground () returned 0x0
[0296.843] RestoreDC (hdc=0x80010671, nSavedDC=-1) returned 1
[0296.843] GdipReleaseDC (graphics=0x6600030, hdc=0x80010671) returned 0x0
[0296.844] GdipCreateRegion (region=0xd7e484) returned 0x0
[0296.844] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0296.844] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0296.844] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0296.844] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e49c) returned 0x0
[0296.844] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0296.844] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0296.844] LocalFree (hMem=0x11ee788) returned 0x0
[0296.844] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0296.844] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0296.844] LocalFree (hMem=0x11ee788) returned 0x0
[0296.844] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0296.844] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0296.844] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0296.844] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0296.844] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0296.844] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0296.844] GetCurrentObject (hdc=0x80010671, type=0x1) returned 0xb00017
[0296.844] GetCurrentObject (hdc=0x80010671, type=0x2) returned 0x900010
[0296.845] GetCurrentObject (hdc=0x80010671, type=0x7) returned 0x4a0507fe
[0296.845] GetCurrentObject (hdc=0x80010671, type=0x6) returned 0x8a01c2
[0296.845] SaveDC (hdc=0x80010671) returned 1
[0296.845] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe50407de
[0296.845] GetClipRgn (hdc=0x80010671, hrgn=0xe50407de) returned 0
[0296.845] SelectClipRgn (hdc=0x80010671, hrgn=0x5e040807) returned 2
[0296.845] DeleteObject (ho=0xe50407de) returned 1
[0296.845] DeleteObject (ho=0x5e040807) returned 1
[0296.845] OffsetViewportOrgEx (in: hdc=0x80010671, x=0, y=0, lppt=0x2db104c | out: lppt=0x2db104c) returned 1
[0296.845] IsAppThemed () returned 0x1
[0296.845] GetThemeAppProperties () returned 0x3
[0296.845] GetThemeAppProperties () returned 0x3
[0296.845] GetThemeBackgroundContentRect () returned 0x0
[0296.845] RestoreDC (hdc=0x80010671, nSavedDC=-1) returned 1
[0296.845] GdipReleaseDC (graphics=0x6600030, hdc=0x80010671) returned 0x0
[0296.845] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0296.845] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0296.846] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0296.846] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0296.846] IsAppThemed () returned 0x1
[0296.846] GetThemeAppProperties () returned 0x3
[0296.846] GetThemeAppProperties () returned 0x3
[0296.846] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0296.846] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0296.846] GetCurrentObject (hdc=0x80010671, type=0x1) returned 0xb00017
[0296.846] GetCurrentObject (hdc=0x80010671, type=0x2) returned 0x900010
[0296.846] GetCurrentObject (hdc=0x80010671, type=0x7) returned 0x4a0507fe
[0296.846] GetCurrentObject (hdc=0x80010671, type=0x6) returned 0x8a01c2
[0296.846] SaveDC (hdc=0x80010671) returned 1
[0296.846] GetTextAlign (hdc=0x80010671) returned 0x0
[0296.846] GetTextColor (hdc=0x80010671) returned 0x0
[0296.846] GetCurrentObject (hdc=0x80010671, type=0x6) returned 0x8a01c2
[0296.847] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0296.847] SelectObject (hdc=0x80010671, h=0x6d0a0520) returned 0x8a01c2
[0296.847] GetBkMode (hdc=0x80010671) returned 2
[0296.847] SetBkMode (hdc=0x80010671, mode=1) returned 2
[0296.847] DrawTextExW (in: hdc=0x80010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2db1410 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0296.847] DrawTextExW (in: hdc=0x80010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2db1410 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0296.848] RestoreDC (hdc=0x80010671, nSavedDC=-1) returned 1
[0296.848] GdipReleaseDC (graphics=0x6600030, hdc=0x80010671) returned 0x0
[0296.848] GetFocus () returned 0x602c4
[0296.848] IsAppThemed () returned 0x1
[0296.848] GetThemeAppProperties () returned 0x3
[0296.848] GetThemeAppProperties () returned 0x3
[0296.848] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0296.848] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x80010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0296.848] GdipReleaseDC (graphics=0x6600030, hdc=0x80010671) returned 0x0
[0296.849] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0296.849] SelectObject (hdc=0x80010671, h=0x85000f) returned 0x4a0507fe
[0296.849] DeleteDC (hdc=0x80010671) returned 1
[0296.849] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0296.849] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0296.849] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0296.849] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0296.849] WaitMessage () returned 1
[0296.905] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.905] IsWindowUnicode (hWnd=0x602c4) returned 1
[0296.905] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.905] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0296.905] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0296.905] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.905] IsWindowUnicode (hWnd=0x602c4) returned 1
[0296.905] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0296.905] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0296.905] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0296.905] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xe0013) returned 0x0
[0296.906] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0296.906] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0296.906] WaitMessage () returned 1
[0297.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.141] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500ee) returned 0x1
[0297.141] IsWindowUnicode (hWnd=0x602c4) returned 1
[0297.141] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.141] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500ee) returned 0x1
[0297.142] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0297.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x1a00030) returned 0x0
[0297.142] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0297.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0297.142] SetCursor (hCursor=0x10003) returned 0x10003
[0297.142] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.142] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.142] GetKeyState (nVirtKey=1) returned -128
[0297.142] GetKeyState (nVirtKey=2) returned 0
[0297.142] GetKeyState (nVirtKey=4) returned 0
[0297.142] GetKeyState (nVirtKey=5) returned 0
[0297.142] GetKeyState (nVirtKey=6) returned 0
[0297.142] IsWindowVisible (hWnd=0x602c4) returned 1
[0297.142] IsWindowEnabled (hWnd=0x602c4) returned 1
[0297.142] SetFocus (hWnd=0x602c4) returned 0x602c4
[0297.142] GetFocus () returned 0x602c4
[0297.142] GetFocus () returned 0x602c4
[0297.142] GetFocus () returned 0x602c4
[0297.142] GetKeyState (nVirtKey=1) returned -128
[0297.142] GetKeyState (nVirtKey=2) returned 0
[0297.142] GetKeyState (nVirtKey=4) returned 0
[0297.143] GetKeyState (nVirtKey=5) returned 0
[0297.143] GetKeyState (nVirtKey=6) returned 0
[0297.143] GetCapture () returned 0x0
[0297.143] SetCapture (hWnd=0x602c4) returned 0x0
[0297.143] GetKeyState (nVirtKey=1) returned -128
[0297.143] GetKeyState (nVirtKey=2) returned 0
[0297.143] GetKeyState (nVirtKey=4) returned 0
[0297.143] GetKeyState (nVirtKey=5) returned 0
[0297.143] GetKeyState (nVirtKey=6) returned 0
[0297.143] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0297.143] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0297.143] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.143] IsWindowUnicode (hWnd=0x602c4) returned 1
[0297.143] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.143] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.143] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.143] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2db1594, cPoints=0x1 | out: lpPoints=0x2db1594) returned 40304859
[0297.143] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0297.143] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0297.143] UpdateWindow (hWnd=0x602c4) returned 1
[0297.143] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0297.144] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.144] CreateCompatibleDC (hdc=0xc0107c5) returned 0x81010671
[0297.144] SelectObject (hdc=0x81010671, h=0x4a0507fe) returned 0x85000f
[0297.144] GdipCreateFromHDC (hdc=0x81010671, graphics=0xd7e430) returned 0x0
[0297.144] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.144] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0297.144] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0297.144] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0297.144] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e490) returned 0x0
[0297.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.144] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0297.144] LocalFree (hMem=0x11eec58) returned 0x0
[0297.144] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0297.144] GdipCreateRegion (region=0xd7e478) returned 0x0
[0297.144] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0297.144] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0297.144] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0297.145] GdipRestoreGraphics (graphics=0x6600030, state=0xf5e60dbd) returned 0x0
[0297.145] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0297.145] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0297.145] GetCurrentObject (hdc=0x81010671, type=0x1) returned 0xb00017
[0297.145] GetCurrentObject (hdc=0x81010671, type=0x2) returned 0x900010
[0297.145] GetCurrentObject (hdc=0x81010671, type=0x7) returned 0x4a0507fe
[0297.145] GetCurrentObject (hdc=0x81010671, type=0x6) returned 0x8a01c2
[0297.145] SaveDC (hdc=0x81010671) returned 1
[0297.145] GetNearestColor (hdc=0x81010671, color=0xff) returned 0xff
[0297.145] GetNearestColor (hdc=0x81010671, color=0x55) returned 0x55
[0297.145] GetNearestColor (hdc=0x81010671, color=0x0) returned 0x0
[0297.145] GetNearestColor (hdc=0x81010671, color=0x55) returned 0x55
[0297.145] GetNearestColor (hdc=0x81010671, color=0x0) returned 0x0
[0297.145] GetNearestColor (hdc=0x81010671, color=0x8080ff) returned 0x8080ff
[0297.145] GetNearestColor (hdc=0x81010671, color=0x7373e5) returned 0x7373e5
[0297.145] GetNearestColor (hdc=0x81010671, color=0xe5) returned 0xe5
[0297.145] GetNearestColor (hdc=0x81010671, color=0x0) returned 0x0
[0297.145] RestoreDC (hdc=0x81010671, nSavedDC=-1) returned 1
[0297.145] GdipReleaseDC (graphics=0x6600030, hdc=0x81010671) returned 0x0
[0297.146] IsAppThemed () returned 0x1
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] IsAppThemed () returned 0x1
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2db1cb0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0297.146] IsAppThemed () returned 0x1
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] IsAppThemed () returned 0x1
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] IsAppThemed () returned 0x1
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] IsAppThemed () returned 0x1
[0297.146] GetThemeAppProperties () returned 0x3
[0297.146] GetThemeAppProperties () returned 0x3
[0297.147] IsThemePartDefined () returned 0x1
[0297.147] IsAppThemed () returned 0x1
[0297.147] GetThemeAppProperties () returned 0x3
[0297.147] GetThemeAppProperties () returned 0x3
[0297.147] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0297.147] IsAppThemed () returned 0x1
[0297.147] GetThemeAppProperties () returned 0x3
[0297.147] GetThemeAppProperties () returned 0x3
[0297.147] IsAppThemed () returned 0x1
[0297.147] GetThemeAppProperties () returned 0x3
[0297.147] GetThemeAppProperties () returned 0x3
[0297.147] IsThemePartDefined () returned 0x1
[0297.147] GdipCreateRegion (region=0xd7e194) returned 0x0
[0297.147] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0297.147] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0297.147] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0297.147] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e1ac) returned 0x0
[0297.147] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.147] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0297.147] LocalFree (hMem=0x11eec58) returned 0x0
[0297.147] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0297.147] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0297.147] LocalFree (hMem=0x11eecc8) returned 0x0
[0297.147] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0297.148] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0297.148] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0297.148] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0297.148] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0297.148] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0297.148] GetCurrentObject (hdc=0x81010671, type=0x1) returned 0xb00017
[0297.148] GetCurrentObject (hdc=0x81010671, type=0x2) returned 0x900010
[0297.148] GetCurrentObject (hdc=0x81010671, type=0x7) returned 0x4a0507fe
[0297.148] GetCurrentObject (hdc=0x81010671, type=0x6) returned 0x8a01c2
[0297.148] SaveDC (hdc=0x81010671) returned 1
[0297.148] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5f040807
[0297.148] GetClipRgn (hdc=0x81010671, hrgn=0x5f040807) returned 0
[0297.148] SelectClipRgn (hdc=0x81010671, hrgn=0xe90407de) returned 2
[0297.148] DeleteObject (ho=0x5f040807) returned 1
[0297.148] DeleteObject (ho=0xe90407de) returned 1
[0297.148] OffsetViewportOrgEx (in: hdc=0x81010671, x=0, y=0, lppt=0x2db2360 | out: lppt=0x2db2360) returned 1
[0297.148] DrawThemeParentBackground () returned 0x0
[0297.148] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0297.149] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0297.149] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.149] GetSystemMetrics (nIndex=42) returned 0
[0297.149] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.149] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0297.149] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0297.149] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0297.149] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0297.149] SelectPalette (hdc=0x81010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.149] GdipCreateFromHDC (hdc=0x81010671, graphics=0xd7dc88) returned 0x0
[0297.149] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0297.149] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0297.149] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cc8) returned 0x0
[0297.149] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc60) returned 0x0
[0297.149] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0297.149] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0297.149] GdipGetClip (graphics=0x6639e10, region=0x66469e8) returned 0x0
[0297.149] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6639e10, result=0xd7dc54) returned 0x0
[0297.149] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0297.149] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc80) returned 0x0
[0297.150] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0297.157] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d6f0, x=0, y=0, width=801, height=453) returned 0x0
[0297.157] GdipDeleteBrush (brush=0x664d6f0) returned 0x0
[0297.158] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0297.158] SelectPalette (hdc=0x81010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.158] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.158] GetSystemMetrics (nIndex=42) returned 0
[0297.158] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.158] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0297.158] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0297.158] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0297.158] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0297.158] SelectPalette (hdc=0x81010671, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.158] GdipCreateFromHDC (hdc=0x81010671, graphics=0xd7dc28) returned 0x0
[0297.159] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0297.159] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0297.159] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638c68) returned 0x0
[0297.159] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc00) returned 0x0
[0297.159] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0297.159] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0297.159] GdipGetClip (graphics=0x6639e10, region=0x66467a8) returned 0x0
[0297.159] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6639e10, result=0xd7dbf4) returned 0x0
[0297.159] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0297.159] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc20) returned 0x0
[0297.159] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0297.165] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d828, x=0, y=0, width=801, height=453) returned 0x0
[0297.166] GdipDeleteBrush (brush=0x664d828) returned 0x0
[0297.167] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5e20dbd) returned 0x0
[0297.167] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.167] GetSystemMetrics (nIndex=42) returned 0
[0297.167] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0297.167] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0297.167] SelectPalette (hdc=0x81010671, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.167] RestoreDC (hdc=0x81010671, nSavedDC=-1) returned 1
[0297.167] GdipReleaseDC (graphics=0x6600030, hdc=0x81010671) returned 0x0
[0297.167] IsAppThemed () returned 0x1
[0297.168] GetThemeAppProperties () returned 0x3
[0297.168] GetThemeAppProperties () returned 0x3
[0297.168] IsAppThemed () returned 0x1
[0297.168] GetThemeAppProperties () returned 0x3
[0297.168] GetThemeAppProperties () returned 0x3
[0297.168] IsThemePartDefined () returned 0x1
[0297.168] GdipCreateRegion (region=0xd7e118) returned 0x0
[0297.168] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0297.168] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0297.168] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0297.168] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e130) returned 0x0
[0297.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.168] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0297.168] LocalFree (hMem=0x11ee868) returned 0x0
[0297.168] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.168] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0297.168] LocalFree (hMem=0x11eec58) returned 0x0
[0297.168] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0297.168] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e158) returned 0x0
[0297.168] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e148) returned 0x0
[0297.168] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0297.168] GdipDeleteRegion (region=0x6646958) returned 0x0
[0297.168] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0297.168] GetCurrentObject (hdc=0x81010671, type=0x1) returned 0xb00017
[0297.169] GetCurrentObject (hdc=0x81010671, type=0x2) returned 0x900010
[0297.169] GetCurrentObject (hdc=0x81010671, type=0x7) returned 0x4a0507fe
[0297.169] GetCurrentObject (hdc=0x81010671, type=0x6) returned 0x8a01c2
[0297.169] SaveDC (hdc=0x81010671) returned 1
[0297.169] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xea0407de
[0297.169] GetClipRgn (hdc=0x81010671, hrgn=0xea0407de) returned 0
[0297.169] SelectClipRgn (hdc=0x81010671, hrgn=0x61040807) returned 2
[0297.169] DeleteObject (ho=0xea0407de) returned 1
[0297.169] DeleteObject (ho=0x61040807) returned 1
[0297.169] OffsetViewportOrgEx (in: hdc=0x81010671, x=0, y=0, lppt=0x2db8bb0 | out: lppt=0x2db8bb0) returned 1
[0297.169] IsAppThemed () returned 0x1
[0297.169] GetThemeAppProperties () returned 0x3
[0297.169] GetThemeAppProperties () returned 0x3
[0297.169] DrawThemeBackground () returned 0x0
[0297.169] RestoreDC (hdc=0x81010671, nSavedDC=-1) returned 1
[0297.169] GdipReleaseDC (graphics=0x6600030, hdc=0x81010671) returned 0x0
[0297.169] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0297.169] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0297.170] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0297.170] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0297.170] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e134) returned 0x0
[0297.170] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0297.170] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee910) returned 0x0
[0297.170] LocalFree (hMem=0x11ee910) returned 0x0
[0297.170] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.170] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0297.170] LocalFree (hMem=0x11eec58) returned 0x0
[0297.170] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0297.170] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0297.170] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0297.170] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0297.170] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0297.170] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0297.170] GetCurrentObject (hdc=0x81010671, type=0x1) returned 0xb00017
[0297.170] GetCurrentObject (hdc=0x81010671, type=0x2) returned 0x900010
[0297.170] GetCurrentObject (hdc=0x81010671, type=0x7) returned 0x4a0507fe
[0297.170] GetCurrentObject (hdc=0x81010671, type=0x6) returned 0x8a01c2
[0297.170] SaveDC (hdc=0x81010671) returned 1
[0297.170] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x62040807
[0297.170] GetClipRgn (hdc=0x81010671, hrgn=0x62040807) returned 0
[0297.171] SelectClipRgn (hdc=0x81010671, hrgn=0xeb0407de) returned 2
[0297.171] DeleteObject (ho=0x62040807) returned 1
[0297.171] DeleteObject (ho=0xeb0407de) returned 1
[0297.171] OffsetViewportOrgEx (in: hdc=0x81010671, x=0, y=0, lppt=0x2db8e84 | out: lppt=0x2db8e84) returned 1
[0297.171] IsAppThemed () returned 0x1
[0297.171] GetThemeAppProperties () returned 0x3
[0297.171] GetThemeAppProperties () returned 0x3
[0297.171] GetThemeBackgroundContentRect () returned 0x0
[0297.171] RestoreDC (hdc=0x81010671, nSavedDC=-1) returned 1
[0297.171] GdipReleaseDC (graphics=0x6600030, hdc=0x81010671) returned 0x0
[0297.171] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0297.171] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0297.171] GdipFillRectangleI (graphics=0x6600030, brush=0x6669f00, x=4, y=4, width=67, height=15) returned 0x0
[0297.171] GdipDeleteBrush (brush=0x6669f00) returned 0x0
[0297.171] IsAppThemed () returned 0x1
[0297.171] GetThemeAppProperties () returned 0x3
[0297.171] GetThemeAppProperties () returned 0x3
[0297.171] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0297.171] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0297.171] GetCurrentObject (hdc=0x81010671, type=0x1) returned 0xb00017
[0297.171] GetCurrentObject (hdc=0x81010671, type=0x2) returned 0x900010
[0297.171] GetCurrentObject (hdc=0x81010671, type=0x7) returned 0x4a0507fe
[0297.171] GetCurrentObject (hdc=0x81010671, type=0x6) returned 0x8a01c2
[0297.172] SaveDC (hdc=0x81010671) returned 1
[0297.172] GetTextAlign (hdc=0x81010671) returned 0x0
[0297.172] GetTextColor (hdc=0x81010671) returned 0x0
[0297.172] GetCurrentObject (hdc=0x81010671, type=0x6) returned 0x8a01c2
[0297.172] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0297.172] SelectObject (hdc=0x81010671, h=0x6d0a0520) returned 0x8a01c2
[0297.172] GetBkMode (hdc=0x81010671) returned 2
[0297.172] SetBkMode (hdc=0x81010671, mode=1) returned 2
[0297.172] DrawTextExW (in: hdc=0x81010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2db9248 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0297.172] DrawTextExW (in: hdc=0x81010671, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2db9248 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0297.173] RestoreDC (hdc=0x81010671, nSavedDC=-1) returned 1
[0297.173] GdipReleaseDC (graphics=0x6600030, hdc=0x81010671) returned 0x0
[0297.173] GetFocus () returned 0x602c4
[0297.173] IsAppThemed () returned 0x1
[0297.173] GetThemeAppProperties () returned 0x3
[0297.173] GetThemeAppProperties () returned 0x3
[0297.173] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0297.173] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x81010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.173] GdipReleaseDC (graphics=0x6600030, hdc=0x81010671) returned 0x0
[0297.173] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.173] SelectObject (hdc=0x81010671, h=0x85000f) returned 0x4a0507fe
[0297.173] DeleteDC (hdc=0x81010671) returned 1
[0297.173] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.174] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0297.174] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2db9344, cPoints=0x1 | out: lpPoints=0x2db9344) returned 40304859
[0297.174] WindowFromPoint (Point=0xee) returned 0x602c4
[0297.174] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27500ee) returned 0x1
[0297.174] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0297.174] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0297.174] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0297.174] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0297.174] GetSystemMetrics (nIndex=42) returned 0
[0297.174] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0297.174] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0297.176] GetCapture () returned 0x602c4
[0297.176] ReleaseCapture () returned 1
[0297.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0297.176] GetProcessWindowStation () returned 0x13c
[0297.176] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.176] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0297.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.177] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0297.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.177] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0297.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.177] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0297.177] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.177] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0297.178] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.178] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0297.178] GetDC (hWnd=0x0) returned 0xf0105ee
[0297.178] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0297.178] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0297.178] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.178] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0297.178] GetSystemMetrics (nIndex=5) returned 1
[0297.178] GetSystemMetrics (nIndex=6) returned 1
[0297.179] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.179] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0297.179] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.179] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0297.182] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0297.182] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0297.182] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.182] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0297.182] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.182] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0297.183] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2dbed60 | out: lpData=0x2dbed60) returned 1
[0297.183] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dbf170, puLen=0xd7e810) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbee18, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbee6c, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbeeec, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbef54, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbef94, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbf01c, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbf058, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbf0b0, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbf0e0, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dbf11c, puLen=0xd7e790) returned 1
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dbf170, puLen=0xd7e784) returned 1
[0297.184] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.184] VerQueryValueW (in: pBlock=0x2dbed60, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dbed88, puLen=0xd7e794) returned 1
[0297.185] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0297.186] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0297.186] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.186] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0297.186] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.186] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0297.186] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2dc0cd0 | out: lpData=0x2dc0cd0) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dc0d6c, puLen=0xd7e810) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0de4, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0e14, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0e50, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0e80, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0ec8, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0f40, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0f84, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0fc4, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0dc2, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc0f10, puLen=0xd7e790) returned 1
[0297.186] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.187] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.187] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dc0d6c, puLen=0xd7e784) returned 1
[0297.187] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0297.187] VerQueryValueW (in: pBlock=0x2dc0cd0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dc0cf8, puLen=0xd7e794) returned 1
[0297.187] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0297.187] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0297.187] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.188] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0297.188] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.188] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0297.189] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2dc2fa8 | out: lpData=0x2dc2fa8) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dc33bc, puLen=0xd7e810) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc3060, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc30b4, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc3110, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc3170, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc31c8, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc3250, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc32a4, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc32fc, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc332c, puLen=0xd7e790) returned 1
[0297.189] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.190] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc3368, puLen=0xd7e790) returned 1
[0297.190] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.190] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dc33bc, puLen=0xd7e784) returned 1
[0297.190] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.190] VerQueryValueW (in: pBlock=0x2dc2fa8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dc2fd0, puLen=0xd7e794) returned 1
[0297.190] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0297.190] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0297.190] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.191] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0297.191] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.191] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0297.192] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2dc55e0 | out: lpData=0x2dc55e0) returned 1
[0297.192] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dc59e0, puLen=0xd7e810) returned 1
[0297.192] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc5698, puLen=0xd7e790) returned 1
[0297.192] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc56ec, puLen=0xd7e790) returned 1
[0297.192] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc572c, puLen=0xd7e790) returned 1
[0297.192] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc5794, puLen=0xd7e790) returned 1
[0297.192] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc57ec, puLen=0xd7e790) returned 1
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc5874, puLen=0xd7e790) returned 1
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc58c8, puLen=0xd7e790) returned 1
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc5920, puLen=0xd7e790) returned 1
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc5950, puLen=0xd7e790) returned 1
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc598c, puLen=0xd7e790) returned 1
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dc59e0, puLen=0xd7e784) returned 1
[0297.193] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.193] VerQueryValueW (in: pBlock=0x2dc55e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dc5608, puLen=0xd7e794) returned 1
[0297.194] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0297.194] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0297.194] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.194] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0297.194] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.194] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0297.195] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2dc7d1c | out: lpData=0x2dc7d1c) returned 1
[0297.195] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dc80e4, puLen=0xd7e810) returned 1
[0297.195] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc7dd4, puLen=0xd7e790) returned 1
[0297.195] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc7e28, puLen=0xd7e790) returned 1
[0297.195] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc7e68, puLen=0xd7e790) returned 1
[0297.195] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc7ed0, puLen=0xd7e790) returned 1
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc7f0c, puLen=0xd7e790) returned 1
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc7f94, puLen=0xd7e790) returned 1
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc7fcc, puLen=0xd7e790) returned 1
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc8024, puLen=0xd7e790) returned 1
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc8054, puLen=0xd7e790) returned 1
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dc8090, puLen=0xd7e790) returned 1
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dc80e4, puLen=0xd7e784) returned 1
[0297.196] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.196] VerQueryValueW (in: pBlock=0x2dc7d1c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dc7d44, puLen=0xd7e794) returned 1
[0297.197] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0297.197] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0297.197] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.197] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0297.197] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.197] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0297.198] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2dcb384 | out: lpData=0x2dcb384) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dcb764, puLen=0xd7e810) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb43c, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb490, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb4d0, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb530, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb57c, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb604, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb64c, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb6a4, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb6d4, puLen=0xd7e790) returned 1
[0297.198] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.199] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcb710, puLen=0xd7e790) returned 1
[0297.199] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.199] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dcb764, puLen=0xd7e784) returned 1
[0297.199] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.199] VerQueryValueW (in: pBlock=0x2dcb384, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dcb3ac, puLen=0xd7e794) returned 1
[0297.199] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0297.199] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0297.199] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.200] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0297.200] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.200] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0297.202] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2dcdba4 | out: lpData=0x2dcdba4) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dcdfb0, puLen=0xd7e810) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdc5c, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdcb0, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdd04, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdd64, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcddbc, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcde44, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcde98, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdef0, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdf20, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dcdf5c, puLen=0xd7e790) returned 1
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dcdfb0, puLen=0xd7e784) returned 1
[0297.203] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.203] VerQueryValueW (in: pBlock=0x2dcdba4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dcdbcc, puLen=0xd7e794) returned 1
[0297.204] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0297.204] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0297.204] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.204] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0297.204] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.204] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0297.205] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dd03b8 | out: lpData=0x2dd03b8) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd0790, puLen=0xd7e810) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0470, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd04c4, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0504, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd056c, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd05b0, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0638, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0678, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd06d0, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd0700, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd073c, puLen=0xd7e790) returned 1
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd0790, puLen=0xd7e784) returned 1
[0297.206] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.206] VerQueryValueW (in: pBlock=0x2dd03b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd03e0, puLen=0xd7e794) returned 1
[0297.207] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0297.207] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0297.207] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.207] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0297.207] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.207] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0297.208] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dd2910 | out: lpData=0x2dd2910) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd2ce8, puLen=0xd7e810) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd29c8, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2a1c, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2a5c, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2ac4, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2b08, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2b90, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2bd0, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2c28, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2c58, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd2c94, puLen=0xd7e790) returned 1
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd2ce8, puLen=0xd7e784) returned 1
[0297.209] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.209] VerQueryValueW (in: pBlock=0x2dd2910, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd2938, puLen=0xd7e794) returned 1
[0297.210] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0297.210] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0297.210] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0297.210] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0297.210] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0297.210] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0297.211] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2dd5048 | out: lpData=0x2dd5048) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dd5478, puLen=0xd7e810) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5100, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5154, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd51c4, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5224, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5280, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5308, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5360, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd53b8, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd53e8, puLen=0xd7e790) returned 1
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.211] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dd5424, puLen=0xd7e790) returned 1
[0297.212] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0297.212] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dd5478, puLen=0xd7e784) returned 1
[0297.212] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0297.212] VerQueryValueW (in: pBlock=0x2dd5048, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dd5070, puLen=0xd7e794) returned 1
[0297.212] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0297.212] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.212] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0297.213] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.213] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.213] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3302dc
[0297.214] SetWindowLongW (hWnd=0x3302dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0297.214] GetWindowLongW (hWnd=0x3302dc, nIndex=-4) returned 1950089536
[0297.214] SetWindowLongW (hWnd=0x3302dc, nIndex=-4, dwNewLong=19952150) returned 1950089536
[0297.214] GetWindowLongW (hWnd=0x3302dc, nIndex=-4) returned 19952150
[0297.214] GetWindowLongW (hWnd=0x3302dc, nIndex=-16) returned 113311744
[0297.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0297.214] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0297.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0297.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0297.215] GetClientRect (in: hWnd=0x3302dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0297.215] GetWindowRect (in: hWnd=0x3302dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0297.215] SetWindowTextW (hWnd=0x3302dc, lpString="WindowsFormsParkingWindow") returned 1
[0297.215] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0xc, wParam=0x0, lParam=0x2d9a61c) returned 0x1
[0297.216] GetParent (hWnd=0x3302dc) returned 0x0
[0297.216] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.216] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3302dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3302da
[0297.217] SetWindowLongW (hWnd=0x3302da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0297.217] GetWindowLongW (hWnd=0x3302da, nIndex=-4) returned 1868147648
[0297.217] SetWindowLongW (hWnd=0x3302da, nIndex=-4, dwNewLong=19952630) returned 1868147648
[0297.217] GetWindowLongW (hWnd=0x3302da, nIndex=-4) returned 19952630
[0297.217] GetWindowLongW (hWnd=0x3302da, nIndex=-16) returned 1174405133
[0297.217] GetWindowLongW (hWnd=0x3302da, nIndex=-12) returned 0
[0297.217] SetWindowLongW (hWnd=0x3302da, nIndex=-12, dwNewLong=3343066) returned 0
[0297.217] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0297.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0297.218] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0297.218] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0297.218] GetWindowRect (in: hWnd=0x3302da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0297.218] GetParent (hWnd=0x3302da) returned 0x3302dc
[0297.218] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0297.219] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0297.219] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0297.219] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0297.219] GetWindowRect (in: hWnd=0x3302da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0297.219] GetParent (hWnd=0x3302da) returned 0x3302dc
[0297.219] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0297.219] SendMessageW (hWnd=0x3302da, Msg=0x2210, wParam=0x2da0001, lParam=0x3302da) returned 0x0
[0297.219] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x2210, wParam=0x2da0001, lParam=0x3302da) returned 0x0
[0297.219] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.219] GetParent (hWnd=0x3302da) returned 0x3302dc
[0297.220] GdipCreateFromHWND (hwnd=0x3302da, graphics=0xd7e844) returned 0x0
[0297.220] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0297.220] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.220] GetForegroundWindow () returned 0x7005c
[0297.220] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.220] GetSystemMetrics (nIndex=42) returned 0
[0297.220] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0297.220] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.221] GetSystemMetrics (nIndex=42) returned 0
[0297.221] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.221] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0297.221] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.221] GetCursorPos (in: lpPoint=0x2dd94cc | out: lpPoint=0x2dd94cc*(x=238, y=629)) returned 1
[0297.221] MonitorFromPoint (pt=0xee, dwFlags=0x275) returned 0x10001
[0297.221] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0297.221] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x84010671
[0297.222] GetDeviceCaps (hdc=0x84010671, index=12) returned 32
[0297.222] GetDeviceCaps (hdc=0x84010671, index=14) returned 1
[0297.222] DeleteDC (hdc=0x84010671) returned 1
[0297.222] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0297.222] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0297.222] GetSystemMetrics (nIndex=59) returned 1460
[0297.222] GetSystemMetrics (nIndex=60) returned 920
[0297.222] GetSystemMetrics (nIndex=34) returned 136
[0297.222] GetSystemMetrics (nIndex=35) returned 39
[0297.222] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.222] GetCursorPos (in: lpPoint=0x2dd9738 | out: lpPoint=0x2dd9738*(x=238, y=629)) returned 1
[0297.222] MonitorFromPoint (pt=0xf0, dwFlags=0x278) returned 0x10001
[0297.222] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0297.222] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x85010671
[0297.223] GetDeviceCaps (hdc=0x85010671, index=12) returned 32
[0297.223] GetDeviceCaps (hdc=0x85010671, index=14) returned 1
[0297.223] DeleteDC (hdc=0x85010671) returned 1
[0297.223] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0297.223] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0297.223] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.223] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0297.223] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2dd99d0 | out: piconinfo=0x2dd99d0) returned 1
[0297.223] GetObjectW (in: h=0x400507f3, c=24, pv=0x2dd99ec | out: pv=0x2dd99ec) returned 24
[0297.224] GdipCreateBitmapFromHBITMAP (hbm=0x400507f3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0297.224] GdipGetImageWidth (image=0x664f448, width=0xd7e750) returned 0x0
[0297.224] GdipGetImageHeight (image=0x664f448, height=0xd7e748) returned 0x0
[0297.224] GdipGetImagePixelFormat (image=0x664f448, format=0xd7e740) returned 0x0
[0297.224] GdipBitmapLockBits (bitmap=0x664f448, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2dd9aa4) returned 0x0
[0297.224] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0297.224] GdipBitmapLockBits (bitmap=0x66504b0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2dd9adc) returned 0x0
[0297.224] RtlMoveMemory (in: Destination=0x665ef48, Source=0x665aea0, Length=0x80 | out: Destination=0x665ef48)
[0297.224] RtlMoveMemory (in: Destination=0x665efc8, Source=0x665ae20, Length=0x80 | out: Destination=0x665efc8)
[0297.224] RtlMoveMemory (in: Destination=0x665f048, Source=0x665ada0, Length=0x80 | out: Destination=0x665f048)
[0297.224] RtlMoveMemory (in: Destination=0x665f0c8, Source=0x665ad20, Length=0x80 | out: Destination=0x665f0c8)
[0297.224] RtlMoveMemory (in: Destination=0x665f148, Source=0x665aca0, Length=0x80 | out: Destination=0x665f148)
[0297.224] RtlMoveMemory (in: Destination=0x665f1c8, Source=0x665ac20, Length=0x80 | out: Destination=0x665f1c8)
[0297.224] RtlMoveMemory (in: Destination=0x665f248, Source=0x665aba0, Length=0x80 | out: Destination=0x665f248)
[0297.224] RtlMoveMemory (in: Destination=0x665f2c8, Source=0x665ab20, Length=0x80 | out: Destination=0x665f2c8)
[0297.224] RtlMoveMemory (in: Destination=0x665f348, Source=0x665aaa0, Length=0x80 | out: Destination=0x665f348)
[0297.225] RtlMoveMemory (in: Destination=0x665f3c8, Source=0x665aa20, Length=0x80 | out: Destination=0x665f3c8)
[0297.225] RtlMoveMemory (in: Destination=0x665f448, Source=0x665a9a0, Length=0x80 | out: Destination=0x665f448)
[0297.225] RtlMoveMemory (in: Destination=0x665f4c8, Source=0x665a920, Length=0x80 | out: Destination=0x665f4c8)
[0297.225] RtlMoveMemory (in: Destination=0x665f548, Source=0x665a8a0, Length=0x80 | out: Destination=0x665f548)
[0297.225] RtlMoveMemory (in: Destination=0x665f5c8, Source=0x665a820, Length=0x80 | out: Destination=0x665f5c8)
[0297.225] RtlMoveMemory (in: Destination=0x665f648, Source=0x665a7a0, Length=0x80 | out: Destination=0x665f648)
[0297.225] RtlMoveMemory (in: Destination=0x665f6c8, Source=0x665a720, Length=0x80 | out: Destination=0x665f6c8)
[0297.225] RtlMoveMemory (in: Destination=0x665f748, Source=0x665a6a0, Length=0x80 | out: Destination=0x665f748)
[0297.225] RtlMoveMemory (in: Destination=0x665f7c8, Source=0x665a620, Length=0x80 | out: Destination=0x665f7c8)
[0297.225] RtlMoveMemory (in: Destination=0x665f848, Source=0x665a5a0, Length=0x80 | out: Destination=0x665f848)
[0297.225] RtlMoveMemory (in: Destination=0x665f8c8, Source=0x665a520, Length=0x80 | out: Destination=0x665f8c8)
[0297.225] RtlMoveMemory (in: Destination=0x665f948, Source=0x665a4a0, Length=0x80 | out: Destination=0x665f948)
[0297.225] RtlMoveMemory (in: Destination=0x665f9c8, Source=0x665a420, Length=0x80 | out: Destination=0x665f9c8)
[0297.225] RtlMoveMemory (in: Destination=0x665fa48, Source=0x665a3a0, Length=0x80 | out: Destination=0x665fa48)
[0297.225] RtlMoveMemory (in: Destination=0x665fac8, Source=0x665a320, Length=0x80 | out: Destination=0x665fac8)
[0297.225] RtlMoveMemory (in: Destination=0x665fb48, Source=0x665a2a0, Length=0x80 | out: Destination=0x665fb48)
[0297.225] RtlMoveMemory (in: Destination=0x665fbc8, Source=0x665a220, Length=0x80 | out: Destination=0x665fbc8)
[0297.225] RtlMoveMemory (in: Destination=0x665fc48, Source=0x665a1a0, Length=0x80 | out: Destination=0x665fc48)
[0297.225] RtlMoveMemory (in: Destination=0x665fcc8, Source=0x665a120, Length=0x80 | out: Destination=0x665fcc8)
[0297.225] RtlMoveMemory (in: Destination=0x665fd48, Source=0x665a0a0, Length=0x80 | out: Destination=0x665fd48)
[0297.225] RtlMoveMemory (in: Destination=0x665fdc8, Source=0x665a020, Length=0x80 | out: Destination=0x665fdc8)
[0297.225] RtlMoveMemory (in: Destination=0x665fe48, Source=0x6659fa0, Length=0x80 | out: Destination=0x665fe48)
[0297.225] RtlMoveMemory (in: Destination=0x665fec8, Source=0x6659f20, Length=0x80 | out: Destination=0x665fec8)
[0297.226] GdipBitmapUnlockBits (bitmap=0x664f448, lockedBitmapData=0x2dd9aa4) returned 0x0
[0297.226] GdipBitmapUnlockBits (bitmap=0x66504b0, lockedBitmapData=0x2dd9adc) returned 0x0
[0297.226] GdipDisposeImage (image=0x664f448) returned 0x0
[0297.226] DeleteObject (ho=0x400507f3) returned 1
[0297.226] DeleteObject (ho=0x86050671) returned 1
[0297.226] GetCurrentThreadId () returned 0xf50
[0297.226] GetCurrentThreadId () returned 0xf50
[0297.226] SetWindowPos (hWnd=0x3302da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0297.226] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0297.226] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0297.226] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0297.226] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0297.227] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0297.227] GetWindowRect (in: hWnd=0x3302da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0297.227] GetParent (hWnd=0x3302da) returned 0x3302dc
[0297.227] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0297.227] InvalidateRect (hWnd=0x3302da, lpRect=0x0, bErase=1) returned 1
[0297.227] GetWindowTextLengthW (hWnd=0x3302da) returned 0
[0297.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0297.227] GetSystemMetrics (nIndex=42) returned 0
[0297.227] GetWindowTextW (in: hWnd=0x3302da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0297.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0297.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0297.227] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0297.227] GetWindowRect (in: hWnd=0x3302da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0297.227] GetParent (hWnd=0x3302da) returned 0x3302dc
[0297.227] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0297.227] GetWindowTextLengthW (hWnd=0x3302da) returned 0
[0297.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0297.227] GetSystemMetrics (nIndex=42) returned 0
[0297.227] GetWindowTextW (in: hWnd=0x3302da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0297.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0297.227] GetWindowTextLengthW (hWnd=0x3302da) returned 0
[0297.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0297.227] GetSystemMetrics (nIndex=42) returned 0
[0297.227] GetWindowTextW (in: hWnd=0x3302da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0297.227] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0297.228] SetWindowTextW (hWnd=0x3302da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0297.228] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xc, wParam=0x0, lParam=0x2dba938) returned 0x1
[0297.228] InvalidateRect (hWnd=0x3302da, lpRect=0x0, bErase=1) returned 1
[0297.228] GetCurrentThreadId () returned 0xf50
[0297.228] GetWindowThreadProcessId (in: hWnd=0x3302da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0297.228] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0297.229] GdipImageForceValidation (image=0x6650e88) returned 0x0
[0297.231] GdipGetImageRawFormat (image=0x6650e88, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0297.231] GdipGetImageHeight (image=0x6650e88, height=0xd7e824) returned 0x0
[0297.231] GdipGetImageWidth (image=0x6650e88, width=0xd7e824) returned 0x0
[0297.231] GdipGetImageWidth (image=0x6650e88, width=0xd7e810) returned 0x0
[0297.231] GdipGetImageHeight (image=0x6650e88, height=0xd7e810) returned 0x0
[0297.231] GdipGetImageWidth (image=0x6650e88, width=0xd7e800) returned 0x0
[0297.231] GdipGetImageHeight (image=0x6650e88, height=0xd7e800) returned 0x0
[0297.231] GdipBitmapGetPixel (bitmap=0x6650e88, x=0, y=15, color=0xd7e810) returned 0x0
[0297.231] GdipGetImageRawFormat (image=0x6650e88, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0297.231] GdipGetImageWidth (image=0x6650e88, width=0xd7e740) returned 0x0
[0297.231] GdipGetImageHeight (image=0x6650e88, height=0xd7e740) returned 0x0
[0297.231] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0297.232] GdipGetImagePixelFormat (image=0x664f448, format=0xd7e740) returned 0x0
[0297.232] GdipGetImageGraphicsContext (image=0x664f448, graphics=0xd7e74c) returned 0x0
[0297.232] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0297.233] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0297.233] GdipSetImageAttributesColorKeys (imageattr=0x6638db8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0297.233] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6650e88, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638db8, callback=0x0, callbackData=0x0) returned 0x0
[0297.233] GdipDisposeImageAttributes (imageattr=0x6638db8) returned 0x0
[0297.233] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.233] GdipDisposeImage (image=0x6650e88) returned 0x0
[0297.233] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0297.234] GdipImageForceValidation (image=0x664f790) returned 0x0
[0297.235] GdipGetImageRawFormat (image=0x664f790, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0297.235] GdipGetImageHeight (image=0x664f790, height=0xd7e824) returned 0x0
[0297.235] GdipGetImageWidth (image=0x664f790, width=0xd7e824) returned 0x0
[0297.235] GdipGetImageWidth (image=0x664f790, width=0xd7e810) returned 0x0
[0297.235] GdipGetImageHeight (image=0x664f790, height=0xd7e810) returned 0x0
[0297.235] GdipGetImageWidth (image=0x664f790, width=0xd7e800) returned 0x0
[0297.235] GdipGetImageHeight (image=0x664f790, height=0xd7e800) returned 0x0
[0297.236] GdipBitmapGetPixel (bitmap=0x664f790, x=0, y=15, color=0xd7e810) returned 0x0
[0297.236] GdipGetImageRawFormat (image=0x664f790, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0297.236] GdipGetImageWidth (image=0x664f790, width=0xd7e740) returned 0x0
[0297.236] GdipGetImageHeight (image=0x664f790, height=0xd7e740) returned 0x0
[0297.236] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0297.236] GdipGetImagePixelFormat (image=0x6650e88, format=0xd7e740) returned 0x0
[0297.236] GdipGetImageGraphicsContext (image=0x6650e88, graphics=0xd7e74c) returned 0x0
[0297.236] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0297.236] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0297.236] GdipSetImageAttributesColorKeys (imageattr=0x6638bd8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0297.236] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f790, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638bd8, callback=0x0, callbackData=0x0) returned 0x0
[0297.236] GdipDisposeImageAttributes (imageattr=0x6638bd8) returned 0x0
[0297.236] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.236] GdipDisposeImage (image=0x664f790) returned 0x0
[0297.237] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.237] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0297.237] GetCurrentThreadId () returned 0xf50
[0297.237] GetCurrentThreadId () returned 0xf50
[0297.237] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.237] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0297.237] GetCurrentThreadId () returned 0xf50
[0297.237] GetCurrentThreadId () returned 0xf50
[0297.237] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.238] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0297.238] GetCurrentThreadId () returned 0xf50
[0297.238] GetCurrentThreadId () returned 0xf50
[0297.238] GetSystemMetrics (nIndex=5) returned 1
[0297.238] GetSystemMetrics (nIndex=6) returned 1
[0297.238] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.238] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0297.238] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.238] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0297.238] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.238] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0297.238] GetCurrentThreadId () returned 0xf50
[0297.239] GetCurrentThreadId () returned 0xf50
[0297.239] GetProcessWindowStation () returned 0x13c
[0297.239] GetCapture () returned 0x0
[0297.239] GetActiveWindow () returned 0x7005c
[0297.239] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0297.239] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.239] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0297.239] GetCursorPos (in: lpPoint=0x2ddac1c | out: lpPoint=0x2ddac1c*(x=238, y=629)) returned 1
[0297.239] MonitorFromPoint (pt=0xee, dwFlags=0x275) returned 0x10001
[0297.239] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0297.239] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x87010671
[0297.240] GetDeviceCaps (hdc=0x87010671, index=12) returned 32
[0297.240] GetDeviceCaps (hdc=0x87010671, index=14) returned 1
[0297.240] DeleteDC (hdc=0x87010671) returned 1
[0297.240] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0297.240] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.240] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3302de
[0297.241] SetWindowLongW (hWnd=0x3302de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0297.241] GetWindowLongW (hWnd=0x3302de, nIndex=-4) returned 1950089536
[0297.241] SetWindowLongW (hWnd=0x3302de, nIndex=-4, dwNewLong=19952470) returned 1950089536
[0297.241] GetWindowLongW (hWnd=0x3302de, nIndex=-4) returned 19952470
[0297.241] GetWindowLongW (hWnd=0x3302de, nIndex=-16) returned 113770496
[0297.241] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0297.242] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0297.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0297.243] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0297.243] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0297.243] SetWindowTextW (hWnd=0x3302de, lpString="BB ransomware") returned 1
[0297.243] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xc, wParam=0x0, lParam=0x2dd93b8) returned 0x1
[0297.244] GetStartupInfoW (in: lpStartupInfo=0x2ddaf58 | out: lpStartupInfo=0x2ddaf58*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0297.245] GetParent (hWnd=0x3302de) returned 0x0
[0297.245] SetWindowLongW (hWnd=0x3302de, nIndex=-8, dwNewLong=0) returned 0
[0297.247] SendMessageW (hWnd=0x3302de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0297.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0297.247] SendMessageW (hWnd=0x3302de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0297.247] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0297.247] GetSystemMenu (hWnd=0x3302de, bRevert=0) returned 0xe3020f
[0297.248] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0297.248] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0297.248] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0297.248] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0297.248] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0297.248] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0297.248] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0297.248] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0297.248] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0297.248] SetWindowPos (hWnd=0x3302de, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0297.248] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0297.249] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3302de) returned 0x1
[0297.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0297.251] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0297.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.252] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.254] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3302de, lParam=0x0) returned 0x0
[0297.254] GetCapture () returned 0x0
[0297.254] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0297.255] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0297.256] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0297.257] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.257] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0297.258] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0297.258] GetParent (hWnd=0x3302de) returned 0x0
[0297.258] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0297.261] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0297.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0297.261] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0297.261] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0297.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.262] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.263] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.263] GetWindowLongW (hWnd=0x3302de, nIndex=-16) returned 113770496
[0297.263] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.263] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.263] GetSystemMetrics (nIndex=42) returned 0
[0297.263] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.263] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0297.263] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.263] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.263] GetSystemMetrics (nIndex=42) returned 0
[0297.264] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0297.264] GetCursorPos (in: lpPoint=0x2ddb194 | out: lpPoint=0x2ddb194*(x=238, y=629)) returned 1
[0297.264] MonitorFromPoint (pt=0xf1, dwFlags=0x277) returned 0x10001
[0297.264] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0297.264] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2d010173
[0297.264] GetDeviceCaps (hdc=0x2d010173, index=12) returned 32
[0297.264] GetDeviceCaps (hdc=0x2d010173, index=14) returned 1
[0297.264] DeleteDC (hdc=0x2d010173) returned 1
[0297.264] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0297.264] GetWindowLongW (hWnd=0x3302de, nIndex=-16) returned 113770496
[0297.264] GetWindowLongW (hWnd=0x3302de, nIndex=-20) returned 327945
[0297.264] SetWindowLongW (hWnd=0x3302de, nIndex=-16, dwNewLong=46661632) returned 113770496
[0297.264] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0297.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0297.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.266] SetWindowLongW (hWnd=0x3302de, nIndex=-20, dwNewLong=327681) returned 327945
[0297.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0297.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0297.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.268] SetWindowPos (hWnd=0x3302de, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0297.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0297.268] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0297.268] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0297.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0297.269] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0297.269] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0297.269] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.270] RedrawWindow (hWnd=0x3302de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0297.270] GetSystemMenu (hWnd=0x3302de, bRevert=0) returned 0xe3020f
[0297.271] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0297.271] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0297.271] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0297.271] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0297.271] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0297.271] EnableMenuItem (hMenu=0xe3020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0297.271] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0297.271] GetWindowLongW (hWnd=0x3302de, nIndex=-8) returned 0
[0297.271] SetWindowLongW (hWnd=0x3302de, nIndex=-8, dwNewLong=458844) returned 0
[0297.272] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0297.272] GetProcessWindowStation () returned 0x13c
[0297.272] GetCurrentThreadId () returned 0xf50
[0297.272] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x130732e, lParam=0x0) returned 1
[0297.272] IsWindowVisible (hWnd=0x3302de) returned 0
[0297.272] IsWindowVisible (hWnd=0x7005c) returned 1
[0297.272] IsWindowEnabled (hWnd=0x7005c) returned 1
[0297.272] IsWindowVisible (hWnd=0x300ec) returned 0
[0297.272] IsWindowVisible (hWnd=0x502c6) returned 0
[0297.272] IsWindowVisible (hWnd=0x502be) returned 0
[0297.272] GetActiveWindow () returned 0x3302de
[0297.272] GetFocus () returned 0x3302de
[0297.272] IsWindow (hWnd=0x7005c) returned 1
[0297.272] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0297.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0297.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0297.273] GetWindowLongW (hWnd=0x3302de, nIndex=-8) returned 458844
[0297.273] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0297.273] GetCurrentThreadId () returned 0xf50
[0297.273] GetWindowLongW (hWnd=0x3302de, nIndex=-8) returned 458844
[0297.273] IsWindowEnabled (hWnd=0x7005c) returned 0
[0297.273] IsWindowEnabled (hWnd=0x3302de) returned 1
[0297.273] ShowWindow (hWnd=0x3302de, nCmdShow=5) returned 0
[0297.273] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.273] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0297.274] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.274] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.274] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3302de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2902ce
[0297.274] SetWindowLongW (hWnd=0x2902ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0297.274] GetWindowLongW (hWnd=0x2902ce, nIndex=-4) returned 1950089536
[0297.275] SetWindowLongW (hWnd=0x2902ce, nIndex=-4, dwNewLong=19952310) returned 1950089536
[0297.275] GetWindowLongW (hWnd=0x2902ce, nIndex=-4) returned 19952310
[0297.275] GetWindowLongW (hWnd=0x2902ce, nIndex=-16) returned 1174405120
[0297.275] GetWindowLongW (hWnd=0x2902ce, nIndex=-12) returned 0
[0297.275] SetWindowLongW (hWnd=0x2902ce, nIndex=-12, dwNewLong=2687694) returned 0
[0297.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0297.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0297.275] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0297.276] GetWindow (hWnd=0x2902ce, uCmd=0x3) returned 0x0
[0297.276] GetClientRect (in: hWnd=0x2902ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0297.276] GetWindowRect (in: hWnd=0x2902ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0297.276] GetParent (hWnd=0x2902ce) returned 0x3302de
[0297.276] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0297.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0297.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0297.276] GetClientRect (in: hWnd=0x2902ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0297.276] GetWindowRect (in: hWnd=0x2902ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0297.276] GetParent (hWnd=0x2902ce) returned 0x3302de
[0297.276] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0297.276] SendMessageW (hWnd=0x2902ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2902ce) returned 0x0
[0297.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2902ce) returned 0x0
[0297.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.277] GetParent (hWnd=0x2902ce) returned 0x3302de
[0297.277] GetParent (hWnd=0x3302da) returned 0x3302dc
[0297.277] SetParent (hWndChild=0x3302da, hWndNewParent=0x3302de) returned 0x3302dc
[0297.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0297.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0297.277] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0297.278] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0297.278] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0297.278] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0297.278] GetWindowRect (in: hWnd=0x3302da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0297.278] GetParent (hWnd=0x3302da) returned 0x3302de
[0297.278] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0297.278] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0297.278] GetWindowRect (in: hWnd=0x3302da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0297.278] GetParent (hWnd=0x3302da) returned 0x3302de
[0297.278] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0297.278] GetParent (hWnd=0x3302da) returned 0x3302de
[0297.281] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.281] GetWindow (hWnd=0x3302da, uCmd=0x3) returned 0x0
[0297.281] SetWindowPos (hWnd=0x3302da, hWndInsertAfter=0x2902ce, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0297.282] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0297.282] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0297.282] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0297.282] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0297.282] GetWindowRect (in: hWnd=0x3302da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0297.282] GetParent (hWnd=0x3302da) returned 0x3302de
[0297.282] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0297.282] GetParent (hWnd=0x3302da) returned 0x3302de
[0297.282] GetWindow (hWnd=0x3302da, uCmd=0x3) returned 0x2902ce
[0297.283] GetWindowThreadProcessId (in: hWnd=0x3302da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0297.283] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0297.283] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.283] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.283] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3302de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3502d8
[0297.284] SetWindowLongW (hWnd=0x3502d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0297.284] GetWindowLongW (hWnd=0x3502d8, nIndex=-4) returned 1868032000
[0297.284] SetWindowLongW (hWnd=0x3502d8, nIndex=-4, dwNewLong=19952030) returned 1868032000
[0297.284] GetWindowLongW (hWnd=0x3502d8, nIndex=-4) returned 19952030
[0297.284] GetWindowLongW (hWnd=0x3502d8, nIndex=-16) returned 1174470667
[0297.284] GetWindowLongW (hWnd=0x3502d8, nIndex=-12) returned 0
[0297.284] SetWindowLongW (hWnd=0x3502d8, nIndex=-12, dwNewLong=3474136) returned 0
[0297.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0297.285] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0297.285] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0297.286] SendMessageW (hWnd=0x3502d8, Msg=0x2055, wParam=0x3502d8, lParam=0x3) returned 0x2
[0297.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0297.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0297.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0297.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0297.286] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0297.286] RedrawWindow (hWnd=0x2902ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0297.286] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0297.286] RedrawWindow (hWnd=0x3302da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0297.286] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0297.286] RedrawWindow (hWnd=0x3502d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0297.286] RedrawWindow (hWnd=0x3302de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0297.287] GetWindow (hWnd=0x3502d8, uCmd=0x3) returned 0x3302da
[0297.287] GetClientRect (in: hWnd=0x3502d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0297.287] GetWindowRect (in: hWnd=0x3502d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0297.287] GetParent (hWnd=0x3502d8) returned 0x3302de
[0297.287] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0297.287] SetWindowTextW (hWnd=0x3502d8, lpString="&Details") returned 1
[0297.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0297.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0297.287] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0297.287] GetClientRect (in: hWnd=0x3502d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0297.287] GetWindowRect (in: hWnd=0x3502d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0297.288] GetParent (hWnd=0x3502d8) returned 0x3302de
[0297.288] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0297.288] SendMessageW (hWnd=0x3502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3502d8) returned 0x0
[0297.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3502d8) returned 0x0
[0297.288] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.288] GetParent (hWnd=0x3502d8) returned 0x3302de
[0297.288] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0297.288] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.289] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.289] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3302de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d02c8
[0297.289] SetWindowLongW (hWnd=0x2d02c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0297.289] GetWindowLongW (hWnd=0x2d02c8, nIndex=-4) returned 1868032000
[0297.289] SetWindowLongW (hWnd=0x2d02c8, nIndex=-4, dwNewLong=19952350) returned 1868032000
[0297.289] GetWindowLongW (hWnd=0x2d02c8, nIndex=-4) returned 19952350
[0297.289] GetWindowLongW (hWnd=0x2d02c8, nIndex=-16) returned 1174470667
[0297.290] GetWindowLongW (hWnd=0x2d02c8, nIndex=-12) returned 0
[0297.290] SetWindowLongW (hWnd=0x2d02c8, nIndex=-12, dwNewLong=2949832) returned 0
[0297.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0297.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0297.290] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0297.291] SendMessageW (hWnd=0x2d02c8, Msg=0x2055, wParam=0x2d02c8, lParam=0x3) returned 0x2
[0297.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0297.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0297.291] GetWindow (hWnd=0x2d02c8, uCmd=0x3) returned 0x3502d8
[0297.291] GetClientRect (in: hWnd=0x2d02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0297.291] GetWindowRect (in: hWnd=0x2d02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0297.291] GetParent (hWnd=0x2d02c8) returned 0x3302de
[0297.291] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0297.291] SetWindowTextW (hWnd=0x2d02c8, lpString="&Continue") returned 1
[0297.291] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0297.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0297.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0297.292] GetClientRect (in: hWnd=0x2d02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0297.292] GetWindowRect (in: hWnd=0x2d02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0297.292] GetParent (hWnd=0x2d02c8) returned 0x3302de
[0297.292] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0297.292] SendMessageW (hWnd=0x2d02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2d02c8) returned 0x0
[0297.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2d02c8) returned 0x0
[0297.292] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.293] GetParent (hWnd=0x2d02c8) returned 0x3302de
[0297.293] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0297.293] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.293] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.293] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3302de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3600ea
[0297.294] SetWindowLongW (hWnd=0x3600ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0297.300] GetWindowLongW (hWnd=0x3600ea, nIndex=-4) returned 1868032000
[0297.300] SetWindowLongW (hWnd=0x3600ea, nIndex=-4, dwNewLong=19952390) returned 1868032000
[0297.301] GetWindowLongW (hWnd=0x3600ea, nIndex=-4) returned 19952390
[0297.301] GetWindowLongW (hWnd=0x3600ea, nIndex=-16) returned 1174470667
[0297.301] GetWindowLongW (hWnd=0x3600ea, nIndex=-12) returned 0
[0297.301] SetWindowLongW (hWnd=0x3600ea, nIndex=-12, dwNewLong=3539178) returned 0
[0297.301] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0297.301] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0297.301] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0297.302] SendMessageW (hWnd=0x3600ea, Msg=0x2055, wParam=0x3600ea, lParam=0x3) returned 0x2
[0297.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0297.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0297.302] GetWindow (hWnd=0x3600ea, uCmd=0x3) returned 0x2d02c8
[0297.302] GetClientRect (in: hWnd=0x3600ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0297.302] GetWindowRect (in: hWnd=0x3600ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0297.302] GetParent (hWnd=0x3600ea) returned 0x3302de
[0297.303] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0297.303] SetWindowTextW (hWnd=0x3600ea, lpString="&Quit") returned 1
[0297.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0297.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0297.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0297.303] GetClientRect (in: hWnd=0x3600ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0297.303] GetWindowRect (in: hWnd=0x3600ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0297.303] GetParent (hWnd=0x3600ea) returned 0x3302de
[0297.303] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0297.303] SendMessageW (hWnd=0x3600ea, Msg=0x2210, wParam=0xea0001, lParam=0x3600ea) returned 0x0
[0297.303] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x2210, wParam=0xea0001, lParam=0x3600ea) returned 0x0
[0297.304] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.304] GetParent (hWnd=0x3600ea) returned 0x3302de
[0297.304] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0297.304] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.304] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0297.305] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3302de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2802d0
[0297.305] SetWindowLongW (hWnd=0x2802d0, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0297.305] GetWindowLongW (hWnd=0x2802d0, nIndex=-4) returned 1868026976
[0297.305] SetWindowLongW (hWnd=0x2802d0, nIndex=-4, dwNewLong=19952510) returned 1868026976
[0297.305] GetWindowLongW (hWnd=0x2802d0, nIndex=-4) returned 19952510
[0297.305] GetWindowLongW (hWnd=0x2802d0, nIndex=-16) returned 1177553092
[0297.305] GetWindowLongW (hWnd=0x2802d0, nIndex=-12) returned 0
[0297.305] SetWindowLongW (hWnd=0x2802d0, nIndex=-12, dwNewLong=2622160) returned 0
[0297.305] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0297.306] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0297.307] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0297.322] GetWindow (hWnd=0x2802d0, uCmd=0x3) returned 0x3600ea
[0297.322] GetClientRect (in: hWnd=0x2802d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0297.322] GetWindowRect (in: hWnd=0x2802d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0297.322] GetParent (hWnd=0x2802d0) returned 0x3302de
[0297.322] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0297.322] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.322] GetSystemMetrics (nIndex=42) returned 0
[0297.322] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.322] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0297.322] SendMessageW (hWnd=0x2802d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0297.322] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0297.327] SetWindowTextW (hWnd=0x2802d0, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0297.327] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0xc, wParam=0x0, lParam=0x2dd6da0) returned 0x1
[0297.329] GetSystemMetrics (nIndex=5) returned 1
[0297.329] GetSystemMetrics (nIndex=6) returned 1
[0297.329] SendMessageW (hWnd=0x2802d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0297.329] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0297.329] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0297.330] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0297.330] GetClientRect (in: hWnd=0x2802d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0297.330] GetWindowRect (in: hWnd=0x2802d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0297.330] GetParent (hWnd=0x2802d0) returned 0x3302de
[0297.330] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3302de, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0297.330] SendMessageW (hWnd=0x2802d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2802d0) returned 0x0
[0297.330] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2802d0) returned 0x0
[0297.330] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0297.331] GetParent (hWnd=0x2802d0) returned 0x3302de
[0297.331] GetWindowLongW (hWnd=0x3302de, nIndex=-8) returned 458844
[0297.331] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0297.331] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0297.331] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x34010173
[0297.331] GetDeviceCaps (hdc=0x34010173, index=12) returned 32
[0297.331] GetDeviceCaps (hdc=0x34010173, index=14) returned 1
[0297.331] DeleteDC (hdc=0x34010173) returned 1
[0297.331] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0297.331] GetWindowThreadProcessId (in: hWnd=0x3302de, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0297.331] GetCurrentThreadId () returned 0xf50
[0297.331] PostMessageW (hWnd=0x3302de, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0297.331] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.331] GetSystemMetrics (nIndex=42) returned 0
[0297.331] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.332] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0297.332] GdipImageGetFrameDimensionsCount (image=0x66504b0, count=0xd7e25c) returned 0x0
[0297.332] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200b78
[0297.332] GdipImageGetFrameDimensionsList (image=0x66504b0, dimensionIDs=0x1200b78*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0297.332] LocalFree (hMem=0x1200b78) returned 0x0
[0297.332] GdipImageGetFrameDimensionsCount (image=0x664f448, count=0xd7e250) returned 0x0
[0297.332] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200b78
[0297.332] GdipImageGetFrameDimensionsList (image=0x664f448, dimensionIDs=0x1200b78*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0297.332] LocalFree (hMem=0x1200b78) returned 0x0
[0297.332] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0297.332] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0297.332] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0297.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0297.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.387] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.390] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0297.390] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0297.390] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.390] GetSystemMetrics (nIndex=42) returned 0
[0297.390] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0297.390] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0297.391] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0297.391] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0297.391] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0x770507ec
[0297.391] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0297.391] SaveDC (hdc=0xc0107c5) returned 1
[0297.391] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0297.391] CreateSolidBrush (color=0xf0f0f0) returned 0x501007e1
[0297.391] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0x501007e1) returned 1
[0297.391] DeleteObject (ho=0x501007e1) returned 1
[0297.391] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0297.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0297.391] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0297.392] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0297.392] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0297.392] GetStockObject (i=5) returned 0x900015
[0297.392] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0297.392] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0297.392] GetStockObject (i=5) returned 0x900015
[0297.392] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0297.393] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0297.393] GetStockObject (i=5) returned 0x900015
[0297.393] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0297.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0297.393] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0297.393] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0297.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0297.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0297.395] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0297.395] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0297.395] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.395] InvalidateRect (hWnd=0x3502d8, lpRect=0x0, bErase=0) returned 1
[0297.395] GetFocus () returned 0x3302de
[0297.395] GetFocus () returned 0x3302de
[0297.396] SetFocus (hWnd=0x3502d8) returned 0x3302de
[0297.396] GetFocus () returned 0x3502d8
[0297.396] IsChild (hWndParent=0x3302de, hWnd=0x3502d8) returned 1
[0297.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x8, wParam=0x3502d8, lParam=0x0) returned 0x0
[0297.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0297.398] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0297.399] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.399] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x7, wParam=0x3302de, lParam=0x0) returned 0x0
[0297.399] GetStockObject (i=5) returned 0x900015
[0297.399] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0297.399] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0297.400] GetDlgItem (hDlg=0x3302de, nIDDlgItem=3474136) returned 0x3502d8
[0297.400] SendMessageW (hWnd=0x3502d8, Msg=0x202b, wParam=0x3502d8, lParam=0xd7e0dc) returned 0x0
[0297.400] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x202b, wParam=0x3502d8, lParam=0xd7e0dc) returned 0x0
[0297.400] InvalidateRect (hWnd=0x3502d8, lpRect=0x0, bErase=0) returned 1
[0297.401] GetFocus () returned 0x3502d8
[0297.401] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.402] IsWindowUnicode (hWnd=0x3302de) returned 1
[0297.402] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.402] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.402] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0297.402] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.402] IsWindowUnicode (hWnd=0x3302de) returned 1
[0297.402] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.402] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.402] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.402] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0297.403] IsWindowUnicode (hWnd=0x3302de) returned 1
[0297.403] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.403] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.403] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.403] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.403] IsWindowUnicode (hWnd=0x602c4) returned 1
[0297.403] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.403] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.403] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.403] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0297.407] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0297.407] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.407] IsWindowUnicode (hWnd=0x3302de) returned 1
[0297.407] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.407] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.407] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.407] BeginPaint (in: hWnd=0x3302de, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0297.408] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.408] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.408] GetSystemMetrics (nIndex=42) returned 0
[0297.408] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.408] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0297.408] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.408] EndPaint (hWnd=0x3302de, lpPaint=0xd7e274) returned 1
[0297.408] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.408] IsWindowUnicode (hWnd=0x2902ce) returned 1
[0297.408] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.408] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.408] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.408] BeginPaint (in: hWnd=0x2902ce, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xf0105ee
[0297.408] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.409] CreateCompatibleDC (hdc=0xf0105ee) returned 0x9e0107f9
[0297.409] SelectObject (hdc=0x9e0107f9, h=0x4a0507fe) returned 0x85000f
[0297.409] GdipCreateFromHDC (hdc=0x9e0107f9, graphics=0xd7e2b0) returned 0x0
[0297.409] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.409] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0297.409] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0297.409] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0297.409] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e310) returned 0x0
[0297.409] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.409] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0297.409] LocalFree (hMem=0x11eec58) returned 0x0
[0297.409] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0297.409] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0297.409] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.409] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e304) returned 0x0
[0297.409] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0297.409] GetWindowTextLengthW (hWnd=0x2902ce) returned 0
[0297.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0297.409] GetSystemMetrics (nIndex=42) returned 0
[0297.410] GetWindowTextW (in: hWnd=0x2902ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0297.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0297.410] GetClientRect (in: hWnd=0x2902ce, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0297.410] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0297.410] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0297.410] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0297.410] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0297.410] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e164) returned 0x0
[0297.410] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.410] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0297.410] LocalFree (hMem=0x11ee788) returned 0x0
[0297.410] GdipCombineRegionRegion (region=0x66463b8, region2=0x6646d48, combineMode=0x1) returned 0x0
[0297.410] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.410] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0297.410] LocalFree (hMem=0x11ee788) returned 0x0
[0297.410] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0297.410] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0297.410] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0297.410] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0297.410] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0297.410] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0297.410] GetCurrentObject (hdc=0x9e0107f9, type=0x1) returned 0xb00017
[0297.410] GetCurrentObject (hdc=0x9e0107f9, type=0x2) returned 0x900010
[0297.410] GetCurrentObject (hdc=0x9e0107f9, type=0x7) returned 0x4a0507fe
[0297.411] GetCurrentObject (hdc=0x9e0107f9, type=0x6) returned 0x8a01c2
[0297.411] SaveDC (hdc=0x9e0107f9) returned 1
[0297.411] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xec0407de
[0297.411] GetClipRgn (hdc=0x9e0107f9, hrgn=0xec0407de) returned 0
[0297.411] SelectClipRgn (hdc=0x9e0107f9, hrgn=0x65040807) returned 2
[0297.411] DeleteObject (ho=0xec0407de) returned 1
[0297.411] DeleteObject (ho=0x65040807) returned 1
[0297.411] OffsetViewportOrgEx (in: hdc=0x9e0107f9, x=0, y=0, lppt=0x2ddc900 | out: lppt=0x2ddc900) returned 1
[0297.411] GetNearestColor (hdc=0x9e0107f9, color=0xf0f0f0) returned 0xf0f0f0
[0297.411] CreateSolidBrush (color=0xf0f0f0) returned 0x511007e1
[0297.411] FillRect (hDC=0x9e0107f9, lprc=0xd7e198, hbr=0x511007e1) returned 1
[0297.411] DeleteObject (ho=0x511007e1) returned 1
[0297.411] RestoreDC (hdc=0x9e0107f9, nSavedDC=-1) returned 1
[0297.411] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107f9) returned 0x0
[0297.411] GdipRestoreGraphics (graphics=0x6600030, state=0xf5dc0dbd) returned 0x0
[0297.411] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.411] GetWindowTextLengthW (hWnd=0x2902ce) returned 0
[0297.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0297.411] GetSystemMetrics (nIndex=42) returned 0
[0297.411] GetWindowTextW (in: hWnd=0x2902ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0297.411] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0297.412] GdipGetImageWidth (image=0x66504b0, width=0xd7e1e0) returned 0x0
[0297.412] GdipGetImageHeight (image=0x66504b0, height=0xd7e1e0) returned 0x0
[0297.412] GdipGetImageWidth (image=0x66504b0, width=0xd7e1cc) returned 0x0
[0297.412] GdipGetImageHeight (image=0x66504b0, height=0xd7e1cc) returned 0x0
[0297.412] GdipDrawImageRectI (graphics=0x6600030, image=0x66504b0, x=16, y=16, width=32, height=32) returned 0x0
[0297.412] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0297.412] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=64, cy=64, hdcSrc=0x9e0107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.412] GdipReleaseDC (graphics=0x6600030, hdc=0x9e0107f9) returned 0x0
[0297.412] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.412] SelectObject (hdc=0x9e0107f9, h=0x85000f) returned 0x4a0507fe
[0297.412] DeleteDC (hdc=0x9e0107f9) returned 1
[0297.412] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.412] EndPaint (hWnd=0x2902ce, lpPaint=0xd7e294) returned 1
[0297.412] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.412] IsWindowUnicode (hWnd=0x3302da) returned 1
[0297.412] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.413] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.413] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.413] BeginPaint (in: hWnd=0x3302da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xc0107c5
[0297.413] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.413] CreateCompatibleDC (hdc=0xc0107c5) returned 0xa00107f9
[0297.413] GetObjectType (h=0xc0107c5) returned 0x3
[0297.413] CreateCompatibleBitmap (hdc=0xc0107c5, cx=1, cy=1) returned 0x40050173
[0297.413] GetDIBits (in: hdc=0xc0107c5, hbm=0x40050173, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0297.413] GetDIBits (in: hdc=0xc0107c5, hbm=0x40050173, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0297.413] DeleteObject (ho=0x40050173) returned 1
[0297.413] CreateDIBSection (in: hdc=0xc0107c5, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xe50507ae
[0297.413] SelectObject (hdc=0xa00107f9, h=0xe50507ae) returned 0x85000f
[0297.413] GdipCreateFromHDC (hdc=0xa00107f9, graphics=0xd7e234) returned 0x0
[0297.414] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.414] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0297.414] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0297.414] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0297.414] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0297.414] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.414] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0297.414] LocalFree (hMem=0x11eec58) returned 0x0
[0297.414] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0297.414] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0297.414] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0297.414] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0297.414] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0297.414] GetWindowTextLengthW (hWnd=0x3302da) returned 232
[0297.414] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0297.414] GetSystemMetrics (nIndex=42) returned 0
[0297.414] GetWindowTextW (in: hWnd=0x3302da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0297.414] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0297.415] GetClientRect (in: hWnd=0x3302da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0297.415] GdipCreateRegion (region=0xd7e110) returned 0x0
[0297.415] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.415] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0297.415] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0297.415] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e128) returned 0x0
[0297.415] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.415] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0297.415] LocalFree (hMem=0x11eec58) returned 0x0
[0297.415] GdipCombineRegionRegion (region=0x6646448, region2=0x66463b8, combineMode=0x1) returned 0x0
[0297.415] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.415] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0297.415] LocalFree (hMem=0x11ee868) returned 0x0
[0297.415] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0297.415] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e150) returned 0x0
[0297.415] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e140) returned 0x0
[0297.415] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0297.415] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.415] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0297.415] GetCurrentObject (hdc=0xa00107f9, type=0x1) returned 0xb00017
[0297.415] GetCurrentObject (hdc=0xa00107f9, type=0x2) returned 0x900010
[0297.415] GetCurrentObject (hdc=0xa00107f9, type=0x7) returned 0xffffffffe50507ae
[0297.416] GetCurrentObject (hdc=0xa00107f9, type=0x6) returned 0x8a01c2
[0297.416] SaveDC (hdc=0xa00107f9) returned 1
[0297.416] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x66040807
[0297.416] GetClipRgn (hdc=0xa00107f9, hrgn=0x66040807) returned 0
[0297.416] SelectClipRgn (hdc=0xa00107f9, hrgn=0xed0407de) returned 2
[0297.416] DeleteObject (ho=0x66040807) returned 1
[0297.416] DeleteObject (ho=0xed0407de) returned 1
[0297.416] OffsetViewportOrgEx (in: hdc=0xa00107f9, x=0, y=0, lppt=0x2dde2c8 | out: lppt=0x2dde2c8) returned 1
[0297.416] GetNearestColor (hdc=0xa00107f9, color=0xf0f0f0) returned 0xf0f0f0
[0297.416] CreateSolidBrush (color=0xf0f0f0) returned 0x521007e1
[0297.416] FillRect (hDC=0xa00107f9, lprc=0xd7e15c, hbr=0x521007e1) returned 1
[0297.417] DeleteObject (ho=0x521007e1) returned 1
[0297.417] RestoreDC (hdc=0xa00107f9, nSavedDC=-1) returned 1
[0297.417] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107f9) returned 0x0
[0297.417] GdipRestoreGraphics (graphics=0x6600030, state=0xf5da0dbd) returned 0x0
[0297.417] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0297.417] GetWindowTextLengthW (hWnd=0x3302da) returned 232
[0297.417] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0297.417] GetSystemMetrics (nIndex=42) returned 0
[0297.417] GetWindowTextW (in: hWnd=0x3302da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0297.417] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0297.417] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0297.417] GetCurrentObject (hdc=0xa00107f9, type=0x1) returned 0xb00017
[0297.417] GetCurrentObject (hdc=0xa00107f9, type=0x2) returned 0x900010
[0297.418] GetCurrentObject (hdc=0xa00107f9, type=0x7) returned 0xffffffffe50507ae
[0297.418] GetCurrentObject (hdc=0xa00107f9, type=0x6) returned 0x8a01c2
[0297.418] SaveDC (hdc=0xa00107f9) returned 1
[0297.418] GetNearestColor (hdc=0xa00107f9, color=0x0) returned 0x0
[0297.418] RestoreDC (hdc=0xa00107f9, nSavedDC=-1) returned 1
[0297.418] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107f9) returned 0x0
[0297.418] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0297.418] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0297.418] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2ddeac4 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0297.428] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0297.428] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0297.428] GetCurrentObject (hdc=0xa00107f9, type=0x1) returned 0xb00017
[0297.428] GetCurrentObject (hdc=0xa00107f9, type=0x2) returned 0x900010
[0297.428] GetCurrentObject (hdc=0xa00107f9, type=0x7) returned 0xffffffffe50507ae
[0297.428] GetCurrentObject (hdc=0xa00107f9, type=0x6) returned 0x8a01c2
[0297.428] SaveDC (hdc=0xa00107f9) returned 1
[0297.428] GetTextAlign (hdc=0xa00107f9) returned 0x0
[0297.428] GetTextColor (hdc=0xa00107f9) returned 0x0
[0297.428] GetCurrentObject (hdc=0xa00107f9, type=0x6) returned 0x8a01c2
[0297.428] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0297.428] SelectObject (hdc=0xa00107f9, h=0x6d0a0520) returned 0x8a01c2
[0297.428] GetBkMode (hdc=0xa00107f9) returned 2
[0297.428] SetBkMode (hdc=0xa00107f9, mode=1) returned 2
[0297.428] DrawTextExW (in: hdc=0xa00107f9, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2ddece8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0297.431] RestoreDC (hdc=0xa00107f9, nSavedDC=-1) returned 1
[0297.431] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107f9) returned 0x0
[0297.431] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0297.431] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=354, cy=68, hdcSrc=0xa00107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.431] GdipReleaseDC (graphics=0x6600030, hdc=0xa00107f9) returned 0x0
[0297.431] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.431] SelectObject (hdc=0xa00107f9, h=0x85000f) returned 0xe50507ae
[0297.431] DeleteDC (hdc=0xa00107f9) returned 1
[0297.455] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.455] DeleteObject (ho=0xe50507ae) returned 1
[0297.456] EndPaint (hWnd=0x3302da, lpPaint=0xd7e258) returned 1
[0297.456] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0297.456] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.457] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0297.457] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.457] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.458] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0297.458] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.458] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.458] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.459] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.459] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.459] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.459] IsWindowUnicode (hWnd=0x2d02c8) returned 1
[0297.459] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.459] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.459] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.460] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.460] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.460] IsWindowUnicode (hWnd=0x2d02c8) returned 1
[0297.460] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.460] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.460] SetCursor (hCursor=0x10003) returned 0x10003
[0297.460] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.460] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.460] _TrackMouseEvent (in: lpEventTrack=0x2dded24 | out: lpEventTrack=0x2dded24) returned 1
[0297.460] SendMessageW (hWnd=0x2d02c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0297.460] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0297.460] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.460] GetKeyState (nVirtKey=1) returned 0
[0297.460] GetKeyState (nVirtKey=2) returned 0
[0297.460] GetKeyState (nVirtKey=4) returned 0
[0297.460] GetKeyState (nVirtKey=5) returned 0
[0297.460] GetKeyState (nVirtKey=6) returned 0
[0297.460] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.461] IsWindowUnicode (hWnd=0x3502d8) returned 1
[0297.461] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.461] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.461] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.461] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.461] IsWindowUnicode (hWnd=0x3502d8) returned 1
[0297.462] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.462] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.462] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.462] BeginPaint (in: hWnd=0x3502d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0297.462] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.462] CreateCompatibleDC (hdc=0x107b9) returned 0x43010173
[0297.462] SelectObject (hdc=0x43010173, h=0x4a0507fe) returned 0x85000f
[0297.462] GdipCreateFromHDC (hdc=0x43010173, graphics=0xd7e268) returned 0x0
[0297.462] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.462] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0297.462] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0297.462] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0297.462] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2c8) returned 0x0
[0297.462] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.463] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0297.463] LocalFree (hMem=0x11eec58) returned 0x0
[0297.463] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0297.463] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0297.463] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0297.463] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0297.463] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0297.463] GdipRestoreGraphics (graphics=0x6600030, state=0xf5d80dbd) returned 0x0
[0297.463] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0297.463] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0297.463] GetCurrentObject (hdc=0x43010173, type=0x1) returned 0xb00017
[0297.463] GetCurrentObject (hdc=0x43010173, type=0x2) returned 0x900010
[0297.463] GetCurrentObject (hdc=0x43010173, type=0x7) returned 0x4a0507fe
[0297.463] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.463] SaveDC (hdc=0x43010173) returned 1
[0297.463] GetNearestColor (hdc=0x43010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.463] GetNearestColor (hdc=0x43010173, color=0xa0a0a0) returned 0xa0a0a0
[0297.463] GetNearestColor (hdc=0x43010173, color=0x696969) returned 0x696969
[0297.463] GetNearestColor (hdc=0x43010173, color=0xa0a0a0) returned 0xa0a0a0
[0297.464] GetNearestColor (hdc=0x43010173, color=0x0) returned 0x0
[0297.464] GetNearestColor (hdc=0x43010173, color=0xffffff) returned 0xffffff
[0297.464] GetNearestColor (hdc=0x43010173, color=0xe5e5e5) returned 0xe5e5e5
[0297.464] GetNearestColor (hdc=0x43010173, color=0xd7d7d7) returned 0xd7d7d7
[0297.464] GetNearestColor (hdc=0x43010173, color=0x0) returned 0x0
[0297.464] RestoreDC (hdc=0x43010173, nSavedDC=-1) returned 1
[0297.464] GdipReleaseDC (graphics=0x6600030, hdc=0x43010173) returned 0x0
[0297.464] IsAppThemed () returned 0x1
[0297.464] GetThemeAppProperties () returned 0x3
[0297.464] GetThemeAppProperties () returned 0x3
[0297.464] GdipGetImageWidth (image=0x664f448, width=0xd7e168) returned 0x0
[0297.464] GdipGetImageHeight (image=0x664f448, height=0xd7e168) returned 0x0
[0297.464] IsAppThemed () returned 0x1
[0297.464] GetThemeAppProperties () returned 0x3
[0297.464] GetThemeAppProperties () returned 0x3
[0297.464] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2ddf490 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0297.464] IsAppThemed () returned 0x1
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] IsAppThemed () returned 0x1
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetFocus () returned 0x3502d8
[0297.465] IsAppThemed () returned 0x1
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] IsAppThemed () returned 0x1
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] IsThemePartDefined () returned 0x1
[0297.465] IsAppThemed () returned 0x1
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0297.465] IsAppThemed () returned 0x1
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] IsAppThemed () returned 0x1
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] GetThemeAppProperties () returned 0x3
[0297.465] IsThemePartDefined () returned 0x1
[0297.465] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0297.465] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0297.465] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0297.471] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0297.471] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dff0) returned 0x0
[0297.471] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0297.471] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0297.471] LocalFree (hMem=0x11ee9f0) returned 0x0
[0297.471] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0297.471] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea98) returned 0x0
[0297.471] LocalFree (hMem=0x11eea98) returned 0x0
[0297.471] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0297.471] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0297.471] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0297.471] GdipGetRegionHRgn (region=0x66469e8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0297.471] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0297.471] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0297.471] GetCurrentObject (hdc=0x43010173, type=0x1) returned 0xb00017
[0297.471] GetCurrentObject (hdc=0x43010173, type=0x2) returned 0x900010
[0297.471] GetCurrentObject (hdc=0x43010173, type=0x7) returned 0x4a0507fe
[0297.471] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.471] SaveDC (hdc=0x43010173) returned 1
[0297.472] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xee0407de
[0297.472] GetClipRgn (hdc=0x43010173, hrgn=0xee0407de) returned 0
[0297.472] SelectClipRgn (hdc=0x43010173, hrgn=0x6a040807) returned 2
[0297.472] DeleteObject (ho=0xee0407de) returned 1
[0297.472] DeleteObject (ho=0x6a040807) returned 1
[0297.472] OffsetViewportOrgEx (in: hdc=0x43010173, x=0, y=0, lppt=0x2ddfb40 | out: lppt=0x2ddfb40) returned 1
[0297.472] DrawThemeParentBackground () returned 0x0
[0297.472] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0297.472] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0297.472] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.472] GetSystemMetrics (nIndex=42) returned 0
[0297.472] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.472] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0297.472] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0297.472] GetCurrentObject (hdc=0x43010173, type=0x1) returned 0xb00017
[0297.472] GetCurrentObject (hdc=0x43010173, type=0x2) returned 0x900010
[0297.472] GetCurrentObject (hdc=0x43010173, type=0x7) returned 0x4a0507fe
[0297.472] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.473] SaveDC (hdc=0x43010173) returned 2
[0297.473] GetNearestColor (hdc=0x43010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.473] CreateSolidBrush (color=0xf0f0f0) returned 0x531007e1
[0297.473] FillRect (hDC=0x43010173, lprc=0xd7da38, hbr=0x531007e1) returned 1
[0297.473] DeleteObject (ho=0x531007e1) returned 1
[0297.473] RestoreDC (hdc=0x43010173, nSavedDC=-1) returned 1
[0297.473] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.473] GetSystemMetrics (nIndex=42) returned 0
[0297.473] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0297.473] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0297.473] GetCurrentObject (hdc=0x43010173, type=0x1) returned 0xb00017
[0297.473] GetCurrentObject (hdc=0x43010173, type=0x2) returned 0x900010
[0297.473] GetCurrentObject (hdc=0x43010173, type=0x7) returned 0x4a0507fe
[0297.473] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.473] SaveDC (hdc=0x43010173) returned 2
[0297.473] GetNearestColor (hdc=0x43010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.473] CreateSolidBrush (color=0xf0f0f0) returned 0x541007e1
[0297.473] FillRect (hDC=0x43010173, lprc=0xd7d9d8, hbr=0x541007e1) returned 1
[0297.473] DeleteObject (ho=0x541007e1) returned 1
[0297.474] RestoreDC (hdc=0x43010173, nSavedDC=-1) returned 1
[0297.474] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.474] GetSystemMetrics (nIndex=42) returned 0
[0297.474] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.474] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0297.474] RestoreDC (hdc=0x43010173, nSavedDC=-1) returned 1
[0297.474] GdipReleaseDC (graphics=0x6600030, hdc=0x43010173) returned 0x0
[0297.474] IsAppThemed () returned 0x1
[0297.474] GetThemeAppProperties () returned 0x3
[0297.474] GetThemeAppProperties () returned 0x3
[0297.474] IsAppThemed () returned 0x1
[0297.474] GetThemeAppProperties () returned 0x3
[0297.474] GetThemeAppProperties () returned 0x3
[0297.474] IsThemePartDefined () returned 0x1
[0297.474] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0297.474] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0297.474] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0297.474] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0297.474] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df74) returned 0x0
[0297.474] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0297.475] LocalFree (hMem=0x11ee788) returned 0x0
[0297.475] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0297.475] LocalFree (hMem=0x11eecc8) returned 0x0
[0297.475] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0297.475] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0297.475] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0297.475] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0297.475] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0297.475] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0297.475] GetCurrentObject (hdc=0x43010173, type=0x1) returned 0xb00017
[0297.475] GetCurrentObject (hdc=0x43010173, type=0x2) returned 0x900010
[0297.475] GetCurrentObject (hdc=0x43010173, type=0x7) returned 0x4a0507fe
[0297.475] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.475] SaveDC (hdc=0x43010173) returned 1
[0297.475] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6b040807
[0297.475] GetClipRgn (hdc=0x43010173, hrgn=0x6b040807) returned 0
[0297.475] SelectClipRgn (hdc=0x43010173, hrgn=0xf00407de) returned 2
[0297.475] DeleteObject (ho=0x6b040807) returned 1
[0297.475] DeleteObject (ho=0xf00407de) returned 1
[0297.475] OffsetViewportOrgEx (in: hdc=0x43010173, x=0, y=0, lppt=0x2de03ec | out: lppt=0x2de03ec) returned 1
[0297.475] IsAppThemed () returned 0x1
[0297.475] GetThemeAppProperties () returned 0x3
[0297.475] GetThemeAppProperties () returned 0x3
[0297.476] DrawThemeBackground () returned 0x0
[0297.476] RestoreDC (hdc=0x43010173, nSavedDC=-1) returned 1
[0297.476] GdipReleaseDC (graphics=0x6600030, hdc=0x43010173) returned 0x0
[0297.476] GdipCreateRegion (region=0xd7df60) returned 0x0
[0297.476] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0297.476] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0297.476] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0297.476] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0297.476] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.476] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0297.476] LocalFree (hMem=0x11ee788) returned 0x0
[0297.476] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0297.476] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0297.476] LocalFree (hMem=0x11ee910) returned 0x0
[0297.476] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0297.476] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0297.476] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0297.476] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0297.476] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0297.476] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0297.476] GetCurrentObject (hdc=0x43010173, type=0x1) returned 0xb00017
[0297.476] GetCurrentObject (hdc=0x43010173, type=0x2) returned 0x900010
[0297.476] GetCurrentObject (hdc=0x43010173, type=0x7) returned 0x4a0507fe
[0297.477] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.477] SaveDC (hdc=0x43010173) returned 1
[0297.477] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf10407de
[0297.477] GetClipRgn (hdc=0x43010173, hrgn=0xf10407de) returned 0
[0297.477] SelectClipRgn (hdc=0x43010173, hrgn=0x6c040807) returned 2
[0297.477] DeleteObject (ho=0xf10407de) returned 1
[0297.477] DeleteObject (ho=0x6c040807) returned 1
[0297.477] OffsetViewportOrgEx (in: hdc=0x43010173, x=0, y=0, lppt=0x2de06c0 | out: lppt=0x2de06c0) returned 1
[0297.477] IsAppThemed () returned 0x1
[0297.477] GetThemeAppProperties () returned 0x3
[0297.477] GetThemeAppProperties () returned 0x3
[0297.477] GetThemeBackgroundContentRect () returned 0x0
[0297.477] RestoreDC (hdc=0x43010173, nSavedDC=-1) returned 1
[0297.477] GdipReleaseDC (graphics=0x6600030, hdc=0x43010173) returned 0x0
[0297.477] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0297.477] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0297.477] GdipCloneRegion (region=0x66469e8, cloneRegion=0xd7e150) returned 0x0
[0297.477] GdipCombineRegionRectI (region=0x66463b8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0297.477] GdipCombineRegionRectI (region=0x66463b8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0297.477] GdipSetClipRegion (graphics=0x6600030, region=0x66463b8, combineMode=0x0) returned 0x0
[0297.478] GdipGetImageWidth (image=0x664f448, width=0xd7e154) returned 0x0
[0297.478] GdipGetImageHeight (image=0x664f448, height=0xd7e148) returned 0x0
[0297.478] GdipDrawImageRectI (graphics=0x6600030, image=0x664f448, x=4, y=4, width=16, height=16) returned 0x0
[0297.478] GdipSetClipRegion (graphics=0x6600030, region=0x66469e8, combineMode=0x0) returned 0x0
[0297.478] IsAppThemed () returned 0x1
[0297.478] GetThemeAppProperties () returned 0x3
[0297.478] GetThemeAppProperties () returned 0x3
[0297.478] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0297.478] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0297.478] GetCurrentObject (hdc=0x43010173, type=0x1) returned 0xb00017
[0297.478] GetCurrentObject (hdc=0x43010173, type=0x2) returned 0x900010
[0297.478] GetCurrentObject (hdc=0x43010173, type=0x7) returned 0x4a0507fe
[0297.478] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.478] SaveDC (hdc=0x43010173) returned 1
[0297.478] GetTextAlign (hdc=0x43010173) returned 0x0
[0297.478] GetTextColor (hdc=0x43010173) returned 0x0
[0297.478] GetCurrentObject (hdc=0x43010173, type=0x6) returned 0x8a01c2
[0297.478] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0297.478] SelectObject (hdc=0x43010173, h=0x6d0a0520) returned 0x8a01c2
[0297.478] GetBkMode (hdc=0x43010173) returned 2
[0297.479] SetBkMode (hdc=0x43010173, mode=1) returned 2
[0297.479] DrawTextExW (in: hdc=0x43010173, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2de0a80 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0297.479] DrawTextExW (in: hdc=0x43010173, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2de0a80 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0297.479] RestoreDC (hdc=0x43010173, nSavedDC=-1) returned 1
[0297.479] GdipReleaseDC (graphics=0x6600030, hdc=0x43010173) returned 0x0
[0297.479] GetFocus () returned 0x3502d8
[0297.479] IsAppThemed () returned 0x1
[0297.479] GetThemeAppProperties () returned 0x3
[0297.479] GetThemeAppProperties () returned 0x3
[0297.479] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0297.479] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x43010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.480] GdipReleaseDC (graphics=0x6600030, hdc=0x43010173) returned 0x0
[0297.480] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.480] SelectObject (hdc=0x43010173, h=0x85000f) returned 0x4a0507fe
[0297.480] DeleteDC (hdc=0x43010173) returned 1
[0297.480] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.480] EndPaint (hWnd=0x3502d8, lpPaint=0xd7e24c) returned 1
[0297.480] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.480] IsWindowUnicode (hWnd=0x2d02c8) returned 1
[0297.480] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.480] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.480] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.480] BeginPaint (in: hWnd=0x2d02c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0297.480] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.480] CreateCompatibleDC (hdc=0xf0105ee) returned 0x45010173
[0297.481] SelectObject (hdc=0x45010173, h=0x4a0507fe) returned 0x85000f
[0297.481] GdipCreateFromHDC (hdc=0x45010173, graphics=0xd7e268) returned 0x0
[0297.481] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.481] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0297.481] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0297.481] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0297.481] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2c8) returned 0x0
[0297.481] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.481] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0297.481] LocalFree (hMem=0x11ee868) returned 0x0
[0297.481] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0297.482] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0297.482] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.482] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0297.482] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0297.482] GdipRestoreGraphics (graphics=0x6600030, state=0xf5d60dbd) returned 0x0
[0297.482] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.482] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0297.482] GetCurrentObject (hdc=0x45010173, type=0x1) returned 0xb00017
[0297.482] GetCurrentObject (hdc=0x45010173, type=0x2) returned 0x900010
[0297.482] GetCurrentObject (hdc=0x45010173, type=0x7) returned 0x4a0507fe
[0297.482] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.482] SaveDC (hdc=0x45010173) returned 1
[0297.482] GetNearestColor (hdc=0x45010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.482] GetNearestColor (hdc=0x45010173, color=0xa0a0a0) returned 0xa0a0a0
[0297.482] GetNearestColor (hdc=0x45010173, color=0x696969) returned 0x696969
[0297.482] GetNearestColor (hdc=0x45010173, color=0xa0a0a0) returned 0xa0a0a0
[0297.482] GetNearestColor (hdc=0x45010173, color=0x0) returned 0x0
[0297.483] GetNearestColor (hdc=0x45010173, color=0xffffff) returned 0xffffff
[0297.483] GetNearestColor (hdc=0x45010173, color=0xe5e5e5) returned 0xe5e5e5
[0297.483] GetNearestColor (hdc=0x45010173, color=0xd7d7d7) returned 0xd7d7d7
[0297.483] GetNearestColor (hdc=0x45010173, color=0x0) returned 0x0
[0297.483] RestoreDC (hdc=0x45010173, nSavedDC=-1) returned 1
[0297.483] GdipReleaseDC (graphics=0x6600030, hdc=0x45010173) returned 0x0
[0297.483] IsAppThemed () returned 0x1
[0297.483] GetThemeAppProperties () returned 0x3
[0297.483] GetThemeAppProperties () returned 0x3
[0297.483] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0297.483] SendMessageW (hWnd=0x3302de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0297.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0297.483] IsAppThemed () returned 0x1
[0297.483] GetThemeAppProperties () returned 0x3
[0297.483] GetThemeAppProperties () returned 0x3
[0297.483] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2de1290 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0297.483] IsAppThemed () returned 0x1
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] IsAppThemed () returned 0x1
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] IsAppThemed () returned 0x1
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] IsAppThemed () returned 0x1
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] IsThemePartDefined () returned 0x1
[0297.484] IsAppThemed () returned 0x1
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0297.484] IsAppThemed () returned 0x1
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] IsAppThemed () returned 0x1
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] GetThemeAppProperties () returned 0x3
[0297.484] IsThemePartDefined () returned 0x1
[0297.484] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0297.484] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.484] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0297.484] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0297.484] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfe4) returned 0x0
[0297.485] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0297.485] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0297.485] LocalFree (hMem=0x11eecc8) returned 0x0
[0297.485] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0297.485] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0297.485] LocalFree (hMem=0x11ee9f0) returned 0x0
[0297.485] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0297.485] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0297.485] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0297.485] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0297.485] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.485] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0297.485] GetCurrentObject (hdc=0x45010173, type=0x1) returned 0xb00017
[0297.485] GetCurrentObject (hdc=0x45010173, type=0x2) returned 0x900010
[0297.485] GetCurrentObject (hdc=0x45010173, type=0x7) returned 0x4a0507fe
[0297.485] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.485] SaveDC (hdc=0x45010173) returned 1
[0297.485] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6d040807
[0297.485] GetClipRgn (hdc=0x45010173, hrgn=0x6d040807) returned 0
[0297.485] SelectClipRgn (hdc=0x45010173, hrgn=0xf50407de) returned 2
[0297.485] DeleteObject (ho=0x6d040807) returned 1
[0297.486] DeleteObject (ho=0xf50407de) returned 1
[0297.486] OffsetViewportOrgEx (in: hdc=0x45010173, x=0, y=0, lppt=0x2de1940 | out: lppt=0x2de1940) returned 1
[0297.486] DrawThemeParentBackground () returned 0x0
[0297.486] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0297.486] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0297.486] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.486] GetSystemMetrics (nIndex=42) returned 0
[0297.486] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0297.486] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0297.486] GetCurrentObject (hdc=0x45010173, type=0x1) returned 0xb00017
[0297.486] GetCurrentObject (hdc=0x45010173, type=0x2) returned 0x900010
[0297.486] GetCurrentObject (hdc=0x45010173, type=0x7) returned 0x4a0507fe
[0297.486] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.486] SaveDC (hdc=0x45010173) returned 2
[0297.486] GetNearestColor (hdc=0x45010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.486] CreateSolidBrush (color=0xf0f0f0) returned 0x551007e1
[0297.486] FillRect (hDC=0x45010173, lprc=0xd7da30, hbr=0x551007e1) returned 1
[0297.487] DeleteObject (ho=0x551007e1) returned 1
[0297.487] RestoreDC (hdc=0x45010173, nSavedDC=-1) returned 1
[0297.487] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.487] GetSystemMetrics (nIndex=42) returned 0
[0297.487] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0297.487] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0297.487] GetCurrentObject (hdc=0x45010173, type=0x1) returned 0xb00017
[0297.487] GetCurrentObject (hdc=0x45010173, type=0x2) returned 0x900010
[0297.487] GetCurrentObject (hdc=0x45010173, type=0x7) returned 0x4a0507fe
[0297.487] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.487] SaveDC (hdc=0x45010173) returned 2
[0297.487] GetNearestColor (hdc=0x45010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.487] CreateSolidBrush (color=0xf0f0f0) returned 0x561007e1
[0297.487] FillRect (hDC=0x45010173, lprc=0xd7d9d0, hbr=0x561007e1) returned 1
[0297.487] DeleteObject (ho=0x561007e1) returned 1
[0297.487] RestoreDC (hdc=0x45010173, nSavedDC=-1) returned 1
[0297.487] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.487] GetSystemMetrics (nIndex=42) returned 0
[0297.488] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0297.488] RestoreDC (hdc=0x45010173, nSavedDC=-1) returned 1
[0297.488] GdipReleaseDC (graphics=0x6600030, hdc=0x45010173) returned 0x0
[0297.488] IsAppThemed () returned 0x1
[0297.488] GetThemeAppProperties () returned 0x3
[0297.488] GetThemeAppProperties () returned 0x3
[0297.488] IsAppThemed () returned 0x1
[0297.488] GetThemeAppProperties () returned 0x3
[0297.488] GetThemeAppProperties () returned 0x3
[0297.488] IsThemePartDefined () returned 0x1
[0297.488] GdipCreateRegion (region=0xd7df50) returned 0x0
[0297.488] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.488] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0297.488] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0297.488] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df68) returned 0x0
[0297.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.488] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0297.488] LocalFree (hMem=0x11ee868) returned 0x0
[0297.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.488] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0297.489] LocalFree (hMem=0x11eec58) returned 0x0
[0297.489] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0297.489] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0297.489] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df80) returned 0x0
[0297.489] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0297.489] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.489] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0297.489] GetCurrentObject (hdc=0x45010173, type=0x1) returned 0xb00017
[0297.489] GetCurrentObject (hdc=0x45010173, type=0x2) returned 0x900010
[0297.489] GetCurrentObject (hdc=0x45010173, type=0x7) returned 0x4a0507fe
[0297.489] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.489] SaveDC (hdc=0x45010173) returned 1
[0297.489] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf60407de
[0297.489] GetClipRgn (hdc=0x45010173, hrgn=0xf60407de) returned 0
[0297.489] SelectClipRgn (hdc=0x45010173, hrgn=0x6f040807) returned 2
[0297.489] DeleteObject (ho=0xf60407de) returned 1
[0297.489] DeleteObject (ho=0x6f040807) returned 1
[0297.489] OffsetViewportOrgEx (in: hdc=0x45010173, x=0, y=0, lppt=0x2de21ec | out: lppt=0x2de21ec) returned 1
[0297.489] IsAppThemed () returned 0x1
[0297.489] GetThemeAppProperties () returned 0x3
[0297.489] GetThemeAppProperties () returned 0x3
[0297.489] DrawThemeBackground () returned 0x0
[0297.490] RestoreDC (hdc=0x45010173, nSavedDC=-1) returned 1
[0297.490] GdipReleaseDC (graphics=0x6600030, hdc=0x45010173) returned 0x0
[0297.490] GdipCreateRegion (region=0xd7df54) returned 0x0
[0297.490] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.490] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0297.490] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0297.490] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df6c) returned 0x0
[0297.490] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.490] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0297.490] LocalFree (hMem=0x11ee788) returned 0x0
[0297.490] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.490] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0297.490] LocalFree (hMem=0x11eec58) returned 0x0
[0297.490] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0297.490] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df94) returned 0x0
[0297.490] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df84) returned 0x0
[0297.490] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0297.490] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.490] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0297.490] GetCurrentObject (hdc=0x45010173, type=0x1) returned 0xb00017
[0297.490] GetCurrentObject (hdc=0x45010173, type=0x2) returned 0x900010
[0297.490] GetCurrentObject (hdc=0x45010173, type=0x7) returned 0x4a0507fe
[0297.490] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.491] SaveDC (hdc=0x45010173) returned 1
[0297.491] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x70040807
[0297.491] GetClipRgn (hdc=0x45010173, hrgn=0x70040807) returned 0
[0297.491] SelectClipRgn (hdc=0x45010173, hrgn=0xf70407de) returned 2
[0297.491] DeleteObject (ho=0x70040807) returned 1
[0297.491] DeleteObject (ho=0xf70407de) returned 1
[0297.491] OffsetViewportOrgEx (in: hdc=0x45010173, x=0, y=0, lppt=0x2de24c0 | out: lppt=0x2de24c0) returned 1
[0297.491] IsAppThemed () returned 0x1
[0297.491] GetThemeAppProperties () returned 0x3
[0297.491] GetThemeAppProperties () returned 0x3
[0297.491] GetThemeBackgroundContentRect () returned 0x0
[0297.491] RestoreDC (hdc=0x45010173, nSavedDC=-1) returned 1
[0297.491] GdipReleaseDC (graphics=0x6600030, hdc=0x45010173) returned 0x0
[0297.491] IsAppThemed () returned 0x1
[0297.491] GetThemeAppProperties () returned 0x3
[0297.491] GetThemeAppProperties () returned 0x3
[0297.491] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0297.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0297.491] GetCurrentObject (hdc=0x45010173, type=0x1) returned 0xb00017
[0297.491] GetCurrentObject (hdc=0x45010173, type=0x2) returned 0x900010
[0297.491] GetCurrentObject (hdc=0x45010173, type=0x7) returned 0x4a0507fe
[0297.491] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.492] SaveDC (hdc=0x45010173) returned 1
[0297.492] GetTextAlign (hdc=0x45010173) returned 0x0
[0297.492] GetTextColor (hdc=0x45010173) returned 0x0
[0297.492] GetCurrentObject (hdc=0x45010173, type=0x6) returned 0x8a01c2
[0297.492] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0297.492] SelectObject (hdc=0x45010173, h=0x6d0a0520) returned 0x8a01c2
[0297.492] GetBkMode (hdc=0x45010173) returned 2
[0297.492] SetBkMode (hdc=0x45010173, mode=1) returned 2
[0297.492] DrawTextExW (in: hdc=0x45010173, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2de2860 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0297.492] DrawTextExW (in: hdc=0x45010173, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2de2860 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0297.492] RestoreDC (hdc=0x45010173, nSavedDC=-1) returned 1
[0297.493] GdipReleaseDC (graphics=0x6600030, hdc=0x45010173) returned 0x0
[0297.493] GetFocus () returned 0x3502d8
[0297.493] IsAppThemed () returned 0x1
[0297.493] GetThemeAppProperties () returned 0x3
[0297.493] GetThemeAppProperties () returned 0x3
[0297.493] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0297.493] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x45010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.493] GdipReleaseDC (graphics=0x6600030, hdc=0x45010173) returned 0x0
[0297.493] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.493] SelectObject (hdc=0x45010173, h=0x85000f) returned 0x4a0507fe
[0297.493] DeleteDC (hdc=0x45010173) returned 1
[0297.493] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.493] EndPaint (hWnd=0x2d02c8, lpPaint=0xd7e24c) returned 1
[0297.493] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.493] IsWindowUnicode (hWnd=0x3600ea) returned 1
[0297.493] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.494] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.494] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.494] BeginPaint (in: hWnd=0x3600ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0297.494] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.494] CreateCompatibleDC (hdc=0xc0107c5) returned 0x47010173
[0297.494] SelectObject (hdc=0x47010173, h=0x4a0507fe) returned 0x85000f
[0297.494] GdipCreateFromHDC (hdc=0x47010173, graphics=0xd7e268) returned 0x0
[0297.494] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.494] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0297.494] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0297.494] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0297.494] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0297.494] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.495] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0297.495] LocalFree (hMem=0x11eec58) returned 0x0
[0297.495] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0297.495] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0297.495] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.495] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0297.495] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0297.495] GdipRestoreGraphics (graphics=0x6600030, state=0xf5d40dbd) returned 0x0
[0297.495] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.495] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0297.495] GetCurrentObject (hdc=0x47010173, type=0x1) returned 0xb00017
[0297.495] GetCurrentObject (hdc=0x47010173, type=0x2) returned 0x900010
[0297.495] GetCurrentObject (hdc=0x47010173, type=0x7) returned 0x4a0507fe
[0297.495] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.495] SaveDC (hdc=0x47010173) returned 1
[0297.495] GetNearestColor (hdc=0x47010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.495] GetNearestColor (hdc=0x47010173, color=0xa0a0a0) returned 0xa0a0a0
[0297.495] GetNearestColor (hdc=0x47010173, color=0x696969) returned 0x696969
[0297.495] GetNearestColor (hdc=0x47010173, color=0xa0a0a0) returned 0xa0a0a0
[0297.495] GetNearestColor (hdc=0x47010173, color=0x0) returned 0x0
[0297.495] GetNearestColor (hdc=0x47010173, color=0xffffff) returned 0xffffff
[0297.495] GetNearestColor (hdc=0x47010173, color=0xe5e5e5) returned 0xe5e5e5
[0297.496] GetNearestColor (hdc=0x47010173, color=0xd7d7d7) returned 0xd7d7d7
[0297.496] GetNearestColor (hdc=0x47010173, color=0x0) returned 0x0
[0297.496] RestoreDC (hdc=0x47010173, nSavedDC=-1) returned 1
[0297.496] GdipReleaseDC (graphics=0x6600030, hdc=0x47010173) returned 0x0
[0297.496] IsAppThemed () returned 0x1
[0297.496] GetThemeAppProperties () returned 0x3
[0297.496] GetThemeAppProperties () returned 0x3
[0297.496] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0297.496] SendMessageW (hWnd=0x3302de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0297.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0297.496] IsAppThemed () returned 0x1
[0297.496] GetThemeAppProperties () returned 0x3
[0297.496] GetThemeAppProperties () returned 0x3
[0297.496] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2de3070 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0297.496] IsAppThemed () returned 0x1
[0297.496] GetThemeAppProperties () returned 0x3
[0297.496] GetThemeAppProperties () returned 0x3
[0297.496] IsAppThemed () returned 0x1
[0297.497] GetThemeAppProperties () returned 0x3
[0297.497] GetThemeAppProperties () returned 0x3
[0297.497] GetFocus () returned 0x3502d8
[0297.497] IsAppThemed () returned 0x1
[0297.497] GetThemeAppProperties () returned 0x3
[0297.497] GetThemeAppProperties () returned 0x3
[0297.497] IsAppThemed () returned 0x1
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] IsThemePartDefined () returned 0x1
[0297.502] IsAppThemed () returned 0x1
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0297.502] IsAppThemed () returned 0x1
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] IsAppThemed () returned 0x1
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] GetThemeAppProperties () returned 0x3
[0297.502] IsThemePartDefined () returned 0x1
[0297.502] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0297.502] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.502] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0297.502] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0297.502] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dff0) returned 0x0
[0297.502] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0297.502] LocalFree (hMem=0x11eec58) returned 0x0
[0297.502] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0297.502] LocalFree (hMem=0x11ee788) returned 0x0
[0297.503] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0297.503] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e018) returned 0x0
[0297.503] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e008) returned 0x0
[0297.503] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0297.503] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.503] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0297.503] GetCurrentObject (hdc=0x47010173, type=0x1) returned 0xb00017
[0297.503] GetCurrentObject (hdc=0x47010173, type=0x2) returned 0x900010
[0297.503] GetCurrentObject (hdc=0x47010173, type=0x7) returned 0x4a0507fe
[0297.503] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.503] SaveDC (hdc=0x47010173) returned 1
[0297.503] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf80407de
[0297.503] GetClipRgn (hdc=0x47010173, hrgn=0xf80407de) returned 0
[0297.503] SelectClipRgn (hdc=0x47010173, hrgn=0x74040807) returned 2
[0297.503] DeleteObject (ho=0xf80407de) returned 1
[0297.503] DeleteObject (ho=0x74040807) returned 1
[0297.503] OffsetViewportOrgEx (in: hdc=0x47010173, x=0, y=0, lppt=0x2de3720 | out: lppt=0x2de3720) returned 1
[0297.503] DrawThemeParentBackground () returned 0x0
[0297.503] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0297.503] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0297.504] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.504] GetSystemMetrics (nIndex=42) returned 0
[0297.504] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0297.504] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0297.504] GetCurrentObject (hdc=0x47010173, type=0x1) returned 0xb00017
[0297.504] GetCurrentObject (hdc=0x47010173, type=0x2) returned 0x900010
[0297.504] GetCurrentObject (hdc=0x47010173, type=0x7) returned 0x4a0507fe
[0297.504] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.504] SaveDC (hdc=0x47010173) returned 2
[0297.504] GetNearestColor (hdc=0x47010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.504] CreateSolidBrush (color=0xf0f0f0) returned 0x571007e1
[0297.504] FillRect (hDC=0x47010173, lprc=0xd7da38, hbr=0x571007e1) returned 1
[0297.504] DeleteObject (ho=0x571007e1) returned 1
[0297.504] RestoreDC (hdc=0x47010173, nSavedDC=-1) returned 1
[0297.504] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.504] GetSystemMetrics (nIndex=42) returned 0
[0297.504] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0297.504] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0297.505] GetCurrentObject (hdc=0x47010173, type=0x1) returned 0xb00017
[0297.505] GetCurrentObject (hdc=0x47010173, type=0x2) returned 0x900010
[0297.505] GetCurrentObject (hdc=0x47010173, type=0x7) returned 0x4a0507fe
[0297.505] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.505] SaveDC (hdc=0x47010173) returned 2
[0297.505] GetNearestColor (hdc=0x47010173, color=0xf0f0f0) returned 0xf0f0f0
[0297.505] CreateSolidBrush (color=0xf0f0f0) returned 0x581007e1
[0297.505] FillRect (hDC=0x47010173, lprc=0xd7d9d8, hbr=0x581007e1) returned 1
[0297.505] DeleteObject (ho=0x581007e1) returned 1
[0297.505] RestoreDC (hdc=0x47010173, nSavedDC=-1) returned 1
[0297.505] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.505] GetSystemMetrics (nIndex=42) returned 0
[0297.505] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0297.505] RestoreDC (hdc=0x47010173, nSavedDC=-1) returned 1
[0297.505] GdipReleaseDC (graphics=0x6600030, hdc=0x47010173) returned 0x0
[0297.505] IsAppThemed () returned 0x1
[0297.506] GetThemeAppProperties () returned 0x3
[0297.506] GetThemeAppProperties () returned 0x3
[0297.506] IsAppThemed () returned 0x1
[0297.506] GetThemeAppProperties () returned 0x3
[0297.506] GetThemeAppProperties () returned 0x3
[0297.506] IsThemePartDefined () returned 0x1
[0297.506] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0297.506] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0297.506] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0297.506] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0297.506] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df74) returned 0x0
[0297.506] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.506] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0297.506] LocalFree (hMem=0x11ee788) returned 0x0
[0297.506] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0297.506] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee910) returned 0x0
[0297.506] LocalFree (hMem=0x11ee910) returned 0x0
[0297.506] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0297.506] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0297.506] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0297.506] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0297.506] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0297.506] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0297.506] GetCurrentObject (hdc=0x47010173, type=0x1) returned 0xb00017
[0297.506] GetCurrentObject (hdc=0x47010173, type=0x2) returned 0x900010
[0297.507] GetCurrentObject (hdc=0x47010173, type=0x7) returned 0x4a0507fe
[0297.507] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.507] SaveDC (hdc=0x47010173) returned 1
[0297.507] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x75040807
[0297.507] GetClipRgn (hdc=0x47010173, hrgn=0x75040807) returned 0
[0297.507] SelectClipRgn (hdc=0x47010173, hrgn=0xfa0407de) returned 2
[0297.507] DeleteObject (ho=0x75040807) returned 1
[0297.507] DeleteObject (ho=0xfa0407de) returned 1
[0297.507] OffsetViewportOrgEx (in: hdc=0x47010173, x=0, y=0, lppt=0x2de3fcc | out: lppt=0x2de3fcc) returned 1
[0297.507] IsAppThemed () returned 0x1
[0297.507] GetThemeAppProperties () returned 0x3
[0297.507] GetThemeAppProperties () returned 0x3
[0297.507] DrawThemeBackground () returned 0x0
[0297.507] RestoreDC (hdc=0x47010173, nSavedDC=-1) returned 1
[0297.507] GdipReleaseDC (graphics=0x6600030, hdc=0x47010173) returned 0x0
[0297.507] GdipCreateRegion (region=0xd7df60) returned 0x0
[0297.507] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0297.507] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0297.507] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0297.508] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df78) returned 0x0
[0297.508] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0297.508] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee910) returned 0x0
[0297.508] LocalFree (hMem=0x11ee910) returned 0x0
[0297.508] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.508] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0297.508] LocalFree (hMem=0x11eec58) returned 0x0
[0297.508] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0297.508] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0297.508] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0297.508] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0297.508] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0297.508] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0297.508] GetCurrentObject (hdc=0x47010173, type=0x1) returned 0xb00017
[0297.508] GetCurrentObject (hdc=0x47010173, type=0x2) returned 0x900010
[0297.508] GetCurrentObject (hdc=0x47010173, type=0x7) returned 0x4a0507fe
[0297.508] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.508] SaveDC (hdc=0x47010173) returned 1
[0297.508] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfb0407de
[0297.508] GetClipRgn (hdc=0x47010173, hrgn=0xfb0407de) returned 0
[0297.508] SelectClipRgn (hdc=0x47010173, hrgn=0x76040807) returned 2
[0297.508] DeleteObject (ho=0xfb0407de) returned 1
[0297.509] DeleteObject (ho=0x76040807) returned 1
[0297.509] OffsetViewportOrgEx (in: hdc=0x47010173, x=0, y=0, lppt=0x2de42a0 | out: lppt=0x2de42a0) returned 1
[0297.509] IsAppThemed () returned 0x1
[0297.509] GetThemeAppProperties () returned 0x3
[0297.509] GetThemeAppProperties () returned 0x3
[0297.509] GetThemeBackgroundContentRect () returned 0x0
[0297.509] RestoreDC (hdc=0x47010173, nSavedDC=-1) returned 1
[0297.509] GdipReleaseDC (graphics=0x6600030, hdc=0x47010173) returned 0x0
[0297.509] IsAppThemed () returned 0x1
[0297.509] GetThemeAppProperties () returned 0x3
[0297.509] GetThemeAppProperties () returned 0x3
[0297.509] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0297.509] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0297.509] GetCurrentObject (hdc=0x47010173, type=0x1) returned 0xb00017
[0297.509] GetCurrentObject (hdc=0x47010173, type=0x2) returned 0x900010
[0297.509] GetCurrentObject (hdc=0x47010173, type=0x7) returned 0x4a0507fe
[0297.509] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.509] SaveDC (hdc=0x47010173) returned 1
[0297.509] GetTextAlign (hdc=0x47010173) returned 0x0
[0297.509] GetTextColor (hdc=0x47010173) returned 0x0
[0297.509] GetCurrentObject (hdc=0x47010173, type=0x6) returned 0x8a01c2
[0297.509] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0297.510] SelectObject (hdc=0x47010173, h=0x6d0a0520) returned 0x8a01c2
[0297.510] GetBkMode (hdc=0x47010173) returned 2
[0297.510] SetBkMode (hdc=0x47010173, mode=1) returned 2
[0297.510] DrawTextExW (in: hdc=0x47010173, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2de4640 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0297.510] DrawTextExW (in: hdc=0x47010173, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2de4640 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0297.510] RestoreDC (hdc=0x47010173, nSavedDC=-1) returned 1
[0297.510] GdipReleaseDC (graphics=0x6600030, hdc=0x47010173) returned 0x0
[0297.510] GetFocus () returned 0x3502d8
[0297.510] IsAppThemed () returned 0x1
[0297.510] GetThemeAppProperties () returned 0x3
[0297.510] GetThemeAppProperties () returned 0x3
[0297.510] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0297.511] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x47010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.511] GdipReleaseDC (graphics=0x6600030, hdc=0x47010173) returned 0x0
[0297.511] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.511] SelectObject (hdc=0x47010173, h=0x85000f) returned 0x4a0507fe
[0297.511] DeleteDC (hdc=0x47010173) returned 1
[0297.511] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.511] EndPaint (hWnd=0x3600ea, lpPaint=0xd7e24c) returned 1
[0297.511] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.511] IsWindowUnicode (hWnd=0x602c4) returned 1
[0297.511] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.511] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.511] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.511] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0297.511] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.512] CreateCompatibleDC (hdc=0x60100ce) returned 0x49010173
[0297.512] SelectObject (hdc=0x49010173, h=0x4a0507fe) returned 0x85000f
[0297.512] GdipCreateFromHDC (hdc=0x49010173, graphics=0xd7e268) returned 0x0
[0297.512] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.512] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0297.512] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0297.512] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0297.512] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0297.512] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0297.512] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea28) returned 0x0
[0297.512] LocalFree (hMem=0x11eea28) returned 0x0
[0297.512] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0297.512] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0297.512] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.512] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0297.512] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0297.518] GdipRestoreGraphics (graphics=0x6600030, state=0xf5d20dbd) returned 0x0
[0297.518] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.518] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0297.518] GetCurrentObject (hdc=0x49010173, type=0x1) returned 0xb00017
[0297.518] GetCurrentObject (hdc=0x49010173, type=0x2) returned 0x900010
[0297.518] GetCurrentObject (hdc=0x49010173, type=0x7) returned 0x4a0507fe
[0297.518] GetCurrentObject (hdc=0x49010173, type=0x6) returned 0x8a01c2
[0297.518] SaveDC (hdc=0x49010173) returned 1
[0297.518] GetNearestColor (hdc=0x49010173, color=0xff) returned 0xff
[0297.518] GetNearestColor (hdc=0x49010173, color=0x55) returned 0x55
[0297.518] GetNearestColor (hdc=0x49010173, color=0x0) returned 0x0
[0297.518] GetNearestColor (hdc=0x49010173, color=0x55) returned 0x55
[0297.519] GetNearestColor (hdc=0x49010173, color=0x0) returned 0x0
[0297.519] GetNearestColor (hdc=0x49010173, color=0x8080ff) returned 0x8080ff
[0297.519] GetNearestColor (hdc=0x49010173, color=0x7373e5) returned 0x7373e5
[0297.519] GetNearestColor (hdc=0x49010173, color=0xe5) returned 0xe5
[0297.519] GetNearestColor (hdc=0x49010173, color=0x0) returned 0x0
[0297.519] RestoreDC (hdc=0x49010173, nSavedDC=-1) returned 1
[0297.519] GdipReleaseDC (graphics=0x6600030, hdc=0x49010173) returned 0x0
[0297.519] IsAppThemed () returned 0x1
[0297.519] GetThemeAppProperties () returned 0x3
[0297.519] GetThemeAppProperties () returned 0x3
[0297.519] IsAppThemed () returned 0x1
[0297.519] GetThemeAppProperties () returned 0x3
[0297.519] GetThemeAppProperties () returned 0x3
[0297.519] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2de4e08 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0297.519] IsAppThemed () returned 0x1
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] IsAppThemed () returned 0x1
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetFocus () returned 0x3502d8
[0297.520] IsAppThemed () returned 0x1
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] IsAppThemed () returned 0x1
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] IsThemePartDefined () returned 0x1
[0297.520] IsAppThemed () returned 0x1
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0297.520] IsAppThemed () returned 0x1
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] IsAppThemed () returned 0x1
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] GetThemeAppProperties () returned 0x3
[0297.520] IsThemePartDefined () returned 0x1
[0297.520] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0297.520] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0297.520] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0297.521] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0297.521] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dff0) returned 0x0
[0297.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0297.521] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0297.521] LocalFree (hMem=0x11ee9f0) returned 0x0
[0297.521] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0297.521] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0297.521] LocalFree (hMem=0x11ee9f0) returned 0x0
[0297.521] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0297.521] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0297.521] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0297.521] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0297.521] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0297.521] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0297.521] GetCurrentObject (hdc=0x49010173, type=0x1) returned 0xb00017
[0297.521] GetCurrentObject (hdc=0x49010173, type=0x2) returned 0x900010
[0297.521] GetCurrentObject (hdc=0x49010173, type=0x7) returned 0x4a0507fe
[0297.521] GetCurrentObject (hdc=0x49010173, type=0x6) returned 0x8a01c2
[0297.521] SaveDC (hdc=0x49010173) returned 1
[0297.521] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x77040807
[0297.521] GetClipRgn (hdc=0x49010173, hrgn=0x77040807) returned 0
[0297.522] SelectClipRgn (hdc=0x49010173, hrgn=0xff0407de) returned 2
[0297.522] DeleteObject (ho=0x77040807) returned 1
[0297.522] DeleteObject (ho=0xff0407de) returned 1
[0297.522] OffsetViewportOrgEx (in: hdc=0x49010173, x=0, y=0, lppt=0x2de54b8 | out: lppt=0x2de54b8) returned 1
[0297.522] DrawThemeParentBackground () returned 0x0
[0297.522] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0297.522] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0297.522] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.522] GetSystemMetrics (nIndex=42) returned 0
[0297.522] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0297.522] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0297.522] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0297.522] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0297.522] SelectPalette (hdc=0x49010173, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.522] GdipCreateFromHDC (hdc=0x49010173, graphics=0xd7dac8) returned 0x0
[0297.523] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0297.523] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0297.523] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638d88) returned 0x0
[0297.523] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7daa0) returned 0x0
[0297.523] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0297.523] GdipCreateRegion (region=0xd7da88) returned 0x0
[0297.523] GdipGetClip (graphics=0x6639e10, region=0x6646d48) returned 0x0
[0297.523] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6639e10, result=0xd7da94) returned 0x0
[0297.523] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.523] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dac0) returned 0x0
[0297.523] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0297.530] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d828, x=0, y=0, width=801, height=453) returned 0x0
[0297.531] GdipDeleteBrush (brush=0x664d828) returned 0x0
[0297.532] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0297.532] SelectPalette (hdc=0x49010173, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.532] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.532] GetSystemMetrics (nIndex=42) returned 0
[0297.532] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.532] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0297.532] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0297.532] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0297.532] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0297.532] SelectPalette (hdc=0x49010173, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.532] GdipCreateFromHDC (hdc=0x49010173, graphics=0xd7da68) returned 0x0
[0297.533] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0297.533] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0297.533] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b18) returned 0x0
[0297.533] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7da40) returned 0x0
[0297.533] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0297.533] GdipCreateRegion (region=0xd7da28) returned 0x0
[0297.533] GdipGetClip (graphics=0x6639e10, region=0x6646d48) returned 0x0
[0297.533] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6639e10, result=0xd7da34) returned 0x0
[0297.533] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.533] GdipSaveGraphics (graphics=0x6639e10, state=0xd7da60) returned 0x0
[0297.533] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0297.540] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0297.540] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0297.541] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5ce0dbd) returned 0x0
[0297.541] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.541] GetSystemMetrics (nIndex=42) returned 0
[0297.541] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0297.541] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0297.541] SelectPalette (hdc=0x49010173, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.541] RestoreDC (hdc=0x49010173, nSavedDC=-1) returned 1
[0297.542] GdipReleaseDC (graphics=0x6600030, hdc=0x49010173) returned 0x0
[0297.542] IsAppThemed () returned 0x1
[0297.542] GetThemeAppProperties () returned 0x3
[0297.542] GetThemeAppProperties () returned 0x3
[0297.542] IsAppThemed () returned 0x1
[0297.542] GetThemeAppProperties () returned 0x3
[0297.542] GetThemeAppProperties () returned 0x3
[0297.542] IsThemePartDefined () returned 0x1
[0297.542] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0297.542] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.542] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0297.542] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0297.542] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0297.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0297.542] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0297.542] LocalFree (hMem=0x11eecc8) returned 0x0
[0297.542] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0297.542] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eed00) returned 0x0
[0297.542] LocalFree (hMem=0x11eed00) returned 0x0
[0297.542] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0297.542] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0297.542] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0297.542] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0297.543] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.543] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0297.543] GetCurrentObject (hdc=0x49010173, type=0x1) returned 0xb00017
[0297.543] GetCurrentObject (hdc=0x49010173, type=0x2) returned 0x900010
[0297.543] GetCurrentObject (hdc=0x49010173, type=0x7) returned 0x4a0507fe
[0297.543] GetCurrentObject (hdc=0x49010173, type=0x6) returned 0x8a01c2
[0297.543] SaveDC (hdc=0x49010173) returned 1
[0297.543] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x407de
[0297.543] GetClipRgn (hdc=0x49010173, hrgn=0x407de) returned 0
[0297.543] SelectClipRgn (hdc=0x49010173, hrgn=0x79040807) returned 2
[0297.543] DeleteObject (ho=0x407de) returned 1
[0297.543] DeleteObject (ho=0x79040807) returned 1
[0297.543] OffsetViewportOrgEx (in: hdc=0x49010173, x=0, y=0, lppt=0x2debd08 | out: lppt=0x2debd08) returned 1
[0297.543] IsAppThemed () returned 0x1
[0297.543] GetThemeAppProperties () returned 0x3
[0297.543] GetThemeAppProperties () returned 0x3
[0297.543] DrawThemeBackground () returned 0x0
[0297.543] RestoreDC (hdc=0x49010173, nSavedDC=-1) returned 1
[0297.543] GdipReleaseDC (graphics=0x6600030, hdc=0x49010173) returned 0x0
[0297.543] GdipCreateRegion (region=0xd7df60) returned 0x0
[0297.544] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.544] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0297.544] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0297.549] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df78) returned 0x0
[0297.549] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0297.549] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea98) returned 0x0
[0297.549] LocalFree (hMem=0x11eea98) returned 0x0
[0297.549] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0297.549] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0297.549] LocalFree (hMem=0x11eecc8) returned 0x0
[0297.550] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0297.550] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0297.550] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0297.550] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0297.550] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.550] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0297.550] GetCurrentObject (hdc=0x49010173, type=0x1) returned 0xb00017
[0297.550] GetCurrentObject (hdc=0x49010173, type=0x2) returned 0x900010
[0297.550] GetCurrentObject (hdc=0x49010173, type=0x7) returned 0x4a0507fe
[0297.550] GetCurrentObject (hdc=0x49010173, type=0x6) returned 0x8a01c2
[0297.550] SaveDC (hdc=0x49010173) returned 1
[0297.550] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7a040807
[0297.550] GetClipRgn (hdc=0x49010173, hrgn=0x7a040807) returned 0
[0297.550] SelectClipRgn (hdc=0x49010173, hrgn=0x10407de) returned 2
[0297.550] DeleteObject (ho=0x7a040807) returned 1
[0297.550] DeleteObject (ho=0x10407de) returned 1
[0297.550] OffsetViewportOrgEx (in: hdc=0x49010173, x=0, y=0, lppt=0x2debfdc | out: lppt=0x2debfdc) returned 1
[0297.550] IsAppThemed () returned 0x1
[0297.550] GetThemeAppProperties () returned 0x3
[0297.550] GetThemeAppProperties () returned 0x3
[0297.550] GetThemeBackgroundContentRect () returned 0x0
[0297.550] RestoreDC (hdc=0x49010173, nSavedDC=-1) returned 1
[0297.551] GdipReleaseDC (graphics=0x6600030, hdc=0x49010173) returned 0x0
[0297.551] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0297.551] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0297.551] GdipFillRectangleI (graphics=0x6600030, brush=0x666a048, x=4, y=4, width=67, height=15) returned 0x0
[0297.551] GdipDeleteBrush (brush=0x666a048) returned 0x0
[0297.551] IsAppThemed () returned 0x1
[0297.551] GetThemeAppProperties () returned 0x3
[0297.551] GetThemeAppProperties () returned 0x3
[0297.551] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0297.551] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0297.551] GetCurrentObject (hdc=0x49010173, type=0x1) returned 0xb00017
[0297.551] GetCurrentObject (hdc=0x49010173, type=0x2) returned 0x900010
[0297.551] GetCurrentObject (hdc=0x49010173, type=0x7) returned 0x4a0507fe
[0297.551] GetCurrentObject (hdc=0x49010173, type=0x6) returned 0x8a01c2
[0297.551] SaveDC (hdc=0x49010173) returned 1
[0297.551] GetTextAlign (hdc=0x49010173) returned 0x0
[0297.551] GetTextColor (hdc=0x49010173) returned 0x0
[0297.551] GetCurrentObject (hdc=0x49010173, type=0x6) returned 0x8a01c2
[0297.551] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0297.551] SelectObject (hdc=0x49010173, h=0x6d0a0520) returned 0x8a01c2
[0297.551] GetBkMode (hdc=0x49010173) returned 2
[0297.552] SetBkMode (hdc=0x49010173, mode=1) returned 2
[0297.552] DrawTextExW (in: hdc=0x49010173, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dec3a0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0297.552] DrawTextExW (in: hdc=0x49010173, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dec3a0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0297.552] RestoreDC (hdc=0x49010173, nSavedDC=-1) returned 1
[0297.552] GdipReleaseDC (graphics=0x6600030, hdc=0x49010173) returned 0x0
[0297.552] GetFocus () returned 0x3502d8
[0297.552] IsAppThemed () returned 0x1
[0297.552] GetThemeAppProperties () returned 0x3
[0297.552] GetThemeAppProperties () returned 0x3
[0297.553] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0297.553] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x49010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.553] GdipReleaseDC (graphics=0x6600030, hdc=0x49010173) returned 0x0
[0297.553] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.553] SelectObject (hdc=0x49010173, h=0x85000f) returned 0x4a0507fe
[0297.553] DeleteDC (hdc=0x49010173) returned 1
[0297.553] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.553] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0297.553] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.553] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.553] WaitMessage () returned 1
[0297.563] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.563] IsWindowUnicode (hWnd=0x2d02c8) returned 1
[0297.563] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.563] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.563] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.563] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.563] IsWindowUnicode (hWnd=0x2d02c8) returned 1
[0297.563] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.563] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.563] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.563] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x2a1, wParam=0x0, lParam=0xa002b) returned 0x0
[0297.563] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.563] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.563] WaitMessage () returned 1
[0297.573] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.573] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.573] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.573] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.573] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.574] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.574] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.574] WaitMessage () returned 1
[0297.574] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.574] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.574] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.574] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.575] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.576] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.576] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.576] WaitMessage () returned 1
[0297.576] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.576] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.576] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.576] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.576] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.577] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.578] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.578] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.578] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.578] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.578] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.578] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.578] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.578] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.578] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.578] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.579] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.579] WaitMessage () returned 1
[0297.579] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.579] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.579] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.579] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.579] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.580] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.580] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.580] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.580] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.580] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.581] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.581] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.581] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.581] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.581] WaitMessage () returned 1
[0297.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.582] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.582] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.582] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.582] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.583] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.583] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.583] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.583] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.583] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.583] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.583] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.583] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.584] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.584] WaitMessage () returned 1
[0297.585] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.585] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.585] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.585] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.585] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.586] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.586] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.586] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.586] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.586] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.587] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.587] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.587] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.587] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.587] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.587] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.587] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0297.587] WaitMessage () returned 1
[0297.673] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.674] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.674] IsWindowUnicode (hWnd=0x2d02c8) returned 1
[0297.674] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.674] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.674] GetDlgItem (hDlg=0x3302de, nIDDlgItem=0) returned 0x0
[0297.674] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x210, wParam=0x201, lParam=0x68010c) returned 0x0
[0297.674] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x21, wParam=0x3302de, lParam=0x2010001) returned 0x1
[0297.674] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x21, wParam=0x3302de, lParam=0x2010001) returned 0x1
[0297.674] SetCursor (hCursor=0x10003) returned 0x10003
[0297.674] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.674] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.674] GetKeyState (nVirtKey=1) returned -127
[0297.674] GetKeyState (nVirtKey=2) returned 0
[0297.675] GetKeyState (nVirtKey=4) returned 0
[0297.675] GetKeyState (nVirtKey=5) returned 0
[0297.675] GetKeyState (nVirtKey=6) returned 0
[0297.675] IsWindowVisible (hWnd=0x2d02c8) returned 1
[0297.675] IsWindowEnabled (hWnd=0x2d02c8) returned 1
[0297.675] SetFocus (hWnd=0x2d02c8) returned 0x3502d8
[0297.675] GetFocus () returned 0x2d02c8
[0297.675] IsChild (hWndParent=0x3302de, hWnd=0x2d02c8) returned 1
[0297.675] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x8, wParam=0x2d02c8, lParam=0x0) returned 0x0
[0297.675] GetCapture () returned 0x0
[0297.675] InvalidateRect (hWnd=0x3502d8, lpRect=0x0, bErase=0) returned 1
[0297.676] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0297.677] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0297.681] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.681] InvalidateRect (hWnd=0x3502d8, lpRect=0x0, bErase=0) returned 1
[0297.681] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.681] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x7, wParam=0x3502d8, lParam=0x0) returned 0x0
[0297.681] GetStockObject (i=5) returned 0x900015
[0297.681] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0297.681] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0297.681] GetDlgItem (hDlg=0x3302de, nIDDlgItem=2949832) returned 0x2d02c8
[0297.681] SendMessageW (hWnd=0x2d02c8, Msg=0x202b, wParam=0x2d02c8, lParam=0xd7dddc) returned 0x0
[0297.681] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x202b, wParam=0x2d02c8, lParam=0xd7dddc) returned 0x0
[0297.681] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.684] GetFocus () returned 0x2d02c8
[0297.684] GetFocus () returned 0x2d02c8
[0297.684] GetFocus () returned 0x2d02c8
[0297.684] GetKeyState (nVirtKey=1) returned -127
[0297.684] GetKeyState (nVirtKey=2) returned 0
[0297.684] GetKeyState (nVirtKey=4) returned 0
[0297.684] GetKeyState (nVirtKey=5) returned 0
[0297.684] GetKeyState (nVirtKey=6) returned 0
[0297.684] GetCapture () returned 0x0
[0297.684] SetCapture (hWnd=0x2d02c8) returned 0x0
[0297.684] GetKeyState (nVirtKey=1) returned -127
[0297.684] GetKeyState (nVirtKey=2) returned 0
[0297.684] GetKeyState (nVirtKey=4) returned 0
[0297.684] GetKeyState (nVirtKey=5) returned 0
[0297.684] GetKeyState (nVirtKey=6) returned 0
[0297.684] NotifyWinEvent (event=0x800a, hwnd=0x2d02c8, idObject=-4, idChild=0)
[0297.687] InvalidateRect (hWnd=0x2d02c8, lpRect=0xd7e430, bErase=0) returned 1
[0297.687] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.687] IsWindowUnicode (hWnd=0x2d02c8) returned 1
[0297.687] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.687] TranslateMessage (lpMsg=0xd7e808) returned 0
[0297.687] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0297.687] MapWindowPoints (in: hWndFrom=0x2d02c8, hWndTo=0x0, lpPoints=0x2dec6b0, cPoints=0x1 | out: lpPoints=0x2dec6b0) returned 30999254
[0297.687] NotifyWinEvent (event=0x800a, hwnd=0x2d02c8, idObject=-4, idChild=0)
[0297.688] InvalidateRect (hWnd=0x2d02c8, lpRect=0xd7e3d0, bErase=0) returned 1
[0297.688] UpdateWindow (hWnd=0x2d02c8) returned 1
[0297.688] BeginPaint (in: hWnd=0x2d02c8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0297.688] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.688] CreateCompatibleDC (hdc=0xf0105ee) returned 0x850107fc
[0297.688] SelectObject (hdc=0x850107fc, h=0x4a0507fe) returned 0x85000f
[0297.688] GdipCreateFromHDC (hdc=0x850107fc, graphics=0xd7df00) returned 0x0
[0297.688] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.688] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0297.688] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0297.688] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0297.688] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df60) returned 0x0
[0297.688] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.688] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0297.689] LocalFree (hMem=0x11eec58) returned 0x0
[0297.689] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0297.689] GdipCreateRegion (region=0xd7df48) returned 0x0
[0297.689] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.689] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df54) returned 0x0
[0297.689] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0297.689] GdipRestoreGraphics (graphics=0x6600030, state=0xf5cc0dbd) returned 0x0
[0297.689] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.689] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0297.689] GetCurrentObject (hdc=0x850107fc, type=0x1) returned 0xb00017
[0297.689] GetCurrentObject (hdc=0x850107fc, type=0x2) returned 0x900010
[0297.689] GetCurrentObject (hdc=0x850107fc, type=0x7) returned 0x4a0507fe
[0297.689] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.689] SaveDC (hdc=0x850107fc) returned 1
[0297.689] GetNearestColor (hdc=0x850107fc, color=0xf0f0f0) returned 0xf0f0f0
[0297.689] GetNearestColor (hdc=0x850107fc, color=0xa0a0a0) returned 0xa0a0a0
[0297.689] GetNearestColor (hdc=0x850107fc, color=0x696969) returned 0x696969
[0297.689] GetNearestColor (hdc=0x850107fc, color=0xa0a0a0) returned 0xa0a0a0
[0297.689] GetNearestColor (hdc=0x850107fc, color=0x0) returned 0x0
[0297.689] GetNearestColor (hdc=0x850107fc, color=0xffffff) returned 0xffffff
[0297.690] GetNearestColor (hdc=0x850107fc, color=0xe5e5e5) returned 0xe5e5e5
[0297.690] GetNearestColor (hdc=0x850107fc, color=0xd7d7d7) returned 0xd7d7d7
[0297.690] GetNearestColor (hdc=0x850107fc, color=0x0) returned 0x0
[0297.690] RestoreDC (hdc=0x850107fc, nSavedDC=-1) returned 1
[0297.690] GdipReleaseDC (graphics=0x6600030, hdc=0x850107fc) returned 0x0
[0297.690] IsAppThemed () returned 0x1
[0297.690] GetThemeAppProperties () returned 0x3
[0297.690] GetThemeAppProperties () returned 0x3
[0297.690] IsAppThemed () returned 0x1
[0297.690] GetThemeAppProperties () returned 0x3
[0297.690] GetThemeAppProperties () returned 0x3
[0297.690] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dece08 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0297.690] IsAppThemed () returned 0x1
[0297.690] GetThemeAppProperties () returned 0x3
[0297.690] GetThemeAppProperties () returned 0x3
[0297.690] IsAppThemed () returned 0x1
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] IsAppThemed () returned 0x1
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] IsAppThemed () returned 0x1
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] IsThemePartDefined () returned 0x1
[0297.691] IsAppThemed () returned 0x1
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0297.691] IsAppThemed () returned 0x1
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] IsAppThemed () returned 0x1
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] GetThemeAppProperties () returned 0x3
[0297.691] IsThemePartDefined () returned 0x1
[0297.691] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0297.691] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.691] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0297.691] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0297.691] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc7c) returned 0x0
[0297.691] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.691] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0297.692] LocalFree (hMem=0x11ee868) returned 0x0
[0297.692] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.692] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0297.692] LocalFree (hMem=0x11ee788) returned 0x0
[0297.692] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0297.692] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0297.692] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0297.692] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0297.692] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.692] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0297.692] GetCurrentObject (hdc=0x850107fc, type=0x1) returned 0xb00017
[0297.692] GetCurrentObject (hdc=0x850107fc, type=0x2) returned 0x900010
[0297.692] GetCurrentObject (hdc=0x850107fc, type=0x7) returned 0x4a0507fe
[0297.692] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.692] SaveDC (hdc=0x850107fc) returned 1
[0297.692] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x20407de
[0297.692] GetClipRgn (hdc=0x850107fc, hrgn=0x20407de) returned 0
[0297.692] SelectClipRgn (hdc=0x850107fc, hrgn=0x7e040807) returned 2
[0297.692] DeleteObject (ho=0x20407de) returned 1
[0297.692] DeleteObject (ho=0x7e040807) returned 1
[0297.692] OffsetViewportOrgEx (in: hdc=0x850107fc, x=0, y=0, lppt=0x2ded4b8 | out: lppt=0x2ded4b8) returned 1
[0297.693] DrawThemeParentBackground () returned 0x0
[0297.693] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0297.693] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0297.693] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.693] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.693] GetSystemMetrics (nIndex=42) returned 0
[0297.693] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.693] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0297.693] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0297.693] GetCurrentObject (hdc=0x850107fc, type=0x1) returned 0xb00017
[0297.693] GetCurrentObject (hdc=0x850107fc, type=0x2) returned 0x900010
[0297.693] GetCurrentObject (hdc=0x850107fc, type=0x7) returned 0x4a0507fe
[0297.693] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.693] SaveDC (hdc=0x850107fc) returned 2
[0297.693] GetNearestColor (hdc=0x850107fc, color=0xf0f0f0) returned 0xf0f0f0
[0297.693] CreateSolidBrush (color=0xf0f0f0) returned 0x591007e1
[0297.693] FillRect (hDC=0x850107fc, lprc=0xd7d6c8, hbr=0x591007e1) returned 1
[0297.693] DeleteObject (ho=0x591007e1) returned 1
[0297.693] RestoreDC (hdc=0x850107fc, nSavedDC=-1) returned 1
[0297.694] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.694] GetSystemMetrics (nIndex=42) returned 0
[0297.694] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0297.694] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0297.694] GetCurrentObject (hdc=0x850107fc, type=0x1) returned 0xb00017
[0297.694] GetCurrentObject (hdc=0x850107fc, type=0x2) returned 0x900010
[0297.694] GetCurrentObject (hdc=0x850107fc, type=0x7) returned 0x4a0507fe
[0297.694] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.694] SaveDC (hdc=0x850107fc) returned 2
[0297.694] GetNearestColor (hdc=0x850107fc, color=0xf0f0f0) returned 0xf0f0f0
[0297.694] CreateSolidBrush (color=0xf0f0f0) returned 0x5a1007e1
[0297.694] FillRect (hDC=0x850107fc, lprc=0xd7d668, hbr=0x5a1007e1) returned 1
[0297.694] DeleteObject (ho=0x5a1007e1) returned 1
[0297.694] RestoreDC (hdc=0x850107fc, nSavedDC=-1) returned 1
[0297.694] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.694] GetSystemMetrics (nIndex=42) returned 0
[0297.694] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0297.695] RestoreDC (hdc=0x850107fc, nSavedDC=-1) returned 1
[0297.695] GdipReleaseDC (graphics=0x6600030, hdc=0x850107fc) returned 0x0
[0297.695] IsAppThemed () returned 0x1
[0297.695] GetThemeAppProperties () returned 0x3
[0297.695] GetThemeAppProperties () returned 0x3
[0297.695] IsAppThemed () returned 0x1
[0297.695] GetThemeAppProperties () returned 0x3
[0297.695] GetThemeAppProperties () returned 0x3
[0297.695] IsThemePartDefined () returned 0x1
[0297.695] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0297.695] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.695] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0297.695] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0297.695] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dc00) returned 0x0
[0297.695] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.695] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0297.695] LocalFree (hMem=0x11ee868) returned 0x0
[0297.695] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0297.695] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eed00) returned 0x0
[0297.695] LocalFree (hMem=0x11eed00) returned 0x0
[0297.696] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0297.696] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0297.696] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0297.696] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0297.696] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.696] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0297.696] GetCurrentObject (hdc=0x850107fc, type=0x1) returned 0xb00017
[0297.696] GetCurrentObject (hdc=0x850107fc, type=0x2) returned 0x900010
[0297.696] GetCurrentObject (hdc=0x850107fc, type=0x7) returned 0x4a0507fe
[0297.696] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.696] SaveDC (hdc=0x850107fc) returned 1
[0297.696] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7f040807
[0297.696] GetClipRgn (hdc=0x850107fc, hrgn=0x7f040807) returned 0
[0297.696] SelectClipRgn (hdc=0x850107fc, hrgn=0x40407de) returned 2
[0297.696] DeleteObject (ho=0x7f040807) returned 1
[0297.696] DeleteObject (ho=0x40407de) returned 1
[0297.696] OffsetViewportOrgEx (in: hdc=0x850107fc, x=0, y=0, lppt=0x2dedd64 | out: lppt=0x2dedd64) returned 1
[0297.696] IsAppThemed () returned 0x1
[0297.697] GetThemeAppProperties () returned 0x3
[0297.697] GetThemeAppProperties () returned 0x3
[0297.697] DrawThemeBackground () returned 0x0
[0297.697] RestoreDC (hdc=0x850107fc, nSavedDC=-1) returned 1
[0297.697] GdipReleaseDC (graphics=0x6600030, hdc=0x850107fc) returned 0x0
[0297.697] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0297.697] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0297.697] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0297.697] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0297.697] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dc04) returned 0x0
[0297.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.697] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0297.697] LocalFree (hMem=0x11ee868) returned 0x0
[0297.697] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.697] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0297.697] LocalFree (hMem=0x11ee788) returned 0x0
[0297.697] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0297.698] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0297.698] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0297.698] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0297.698] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0297.698] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0297.698] GetCurrentObject (hdc=0x850107fc, type=0x1) returned 0xb00017
[0297.698] GetCurrentObject (hdc=0x850107fc, type=0x2) returned 0x900010
[0297.698] GetCurrentObject (hdc=0x850107fc, type=0x7) returned 0x4a0507fe
[0297.698] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.698] SaveDC (hdc=0x850107fc) returned 1
[0297.698] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x50407de
[0297.698] GetClipRgn (hdc=0x850107fc, hrgn=0x50407de) returned 0
[0297.698] SelectClipRgn (hdc=0x850107fc, hrgn=0x80040807) returned 2
[0297.698] DeleteObject (ho=0x50407de) returned 1
[0297.698] DeleteObject (ho=0x80040807) returned 1
[0297.698] OffsetViewportOrgEx (in: hdc=0x850107fc, x=0, y=0, lppt=0x2dee038 | out: lppt=0x2dee038) returned 1
[0297.698] IsAppThemed () returned 0x1
[0297.699] GetThemeAppProperties () returned 0x3
[0297.699] GetThemeAppProperties () returned 0x3
[0297.699] GetThemeBackgroundContentRect () returned 0x0
[0297.699] RestoreDC (hdc=0x850107fc, nSavedDC=-1) returned 1
[0297.699] GdipReleaseDC (graphics=0x6600030, hdc=0x850107fc) returned 0x0
[0297.699] IsAppThemed () returned 0x1
[0297.699] GetThemeAppProperties () returned 0x3
[0297.699] GetThemeAppProperties () returned 0x3
[0297.699] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0297.699] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0297.699] GetCurrentObject (hdc=0x850107fc, type=0x1) returned 0xb00017
[0297.699] GetCurrentObject (hdc=0x850107fc, type=0x2) returned 0x900010
[0297.699] GetCurrentObject (hdc=0x850107fc, type=0x7) returned 0x4a0507fe
[0297.699] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.699] SaveDC (hdc=0x850107fc) returned 1
[0297.699] GetTextAlign (hdc=0x850107fc) returned 0x0
[0297.699] GetTextColor (hdc=0x850107fc) returned 0x0
[0297.699] GetCurrentObject (hdc=0x850107fc, type=0x6) returned 0x8a01c2
[0297.699] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0297.700] SelectObject (hdc=0x850107fc, h=0x6d0a0520) returned 0x8a01c2
[0297.700] GetBkMode (hdc=0x850107fc) returned 2
[0297.700] SetBkMode (hdc=0x850107fc, mode=1) returned 2
[0297.700] DrawTextExW (in: hdc=0x850107fc, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dee3d8 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0297.702] DrawTextExW (in: hdc=0x850107fc, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dee3d8 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0297.702] RestoreDC (hdc=0x850107fc, nSavedDC=-1) returned 1
[0297.702] GdipReleaseDC (graphics=0x6600030, hdc=0x850107fc) returned 0x0
[0297.702] GetFocus () returned 0x2d02c8
[0297.702] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0297.702] SendMessageW (hWnd=0x3302de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0297.702] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0297.702] IsAppThemed () returned 0x1
[0297.703] GetThemeAppProperties () returned 0x3
[0297.703] GetThemeAppProperties () returned 0x3
[0297.703] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0297.703] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x850107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.703] GdipReleaseDC (graphics=0x6600030, hdc=0x850107fc) returned 0x0
[0297.703] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.703] SelectObject (hdc=0x850107fc, h=0x85000f) returned 0x4a0507fe
[0297.703] DeleteDC (hdc=0x850107fc) returned 1
[0297.703] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.703] EndPaint (hWnd=0x2d02c8, lpPaint=0xd7dee4) returned 1
[0297.703] MapWindowPoints (in: hWndFrom=0x2d02c8, hWndTo=0x0, lpPoints=0x2dee4d4, cPoints=0x1 | out: lpPoints=0x2dee4d4) returned 30999254
[0297.703] WindowFromPoint (Point=0x301) returned 0x2d02c8
[0297.703] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.703] NotifyWinEvent (event=0x800a, hwnd=0x2d02c8, idObject=-4, idChild=0)
[0297.703] NotifyWinEvent (event=0x800c, hwnd=0x2d02c8, idObject=-4, idChild=0)
[0297.703] GetCapture () returned 0x2d02c8
[0297.704] ReleaseCapture () returned 1
[0297.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0297.704] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0297.704] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.704] IsWindow (hWnd=0x7005c) returned 1
[0297.704] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0297.705] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0297.705] IsWindow (hWnd=0x3302de) returned 1
[0297.705] SetActiveWindow (hWnd=0x3302de) returned 0x3302de
[0297.705] IsWindow (hWnd=0x3302de) returned 1
[0297.705] SetFocus (hWnd=0x3302de) returned 0x2d02c8
[0297.705] GetFocus () returned 0x3302de
[0297.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x8, wParam=0x3302de, lParam=0x0) returned 0x0
[0297.706] GetCapture () returned 0x0
[0297.706] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0297.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0297.709] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.709] GetFocus () returned 0x3302de
[0297.709] SetFocus (hWnd=0x2d02c8) returned 0x3302de
[0297.710] GetFocus () returned 0x2d02c8
[0297.710] IsChild (hWndParent=0x3302de, hWnd=0x2d02c8) returned 1
[0297.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x8, wParam=0x2d02c8, lParam=0x0) returned 0x0
[0297.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0297.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0297.713] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x7, wParam=0x3302de, lParam=0x0) returned 0x0
[0297.713] GetStockObject (i=5) returned 0x900015
[0297.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0297.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0xd, wParam=0xa, lParam=0x11f57a0) returned 0x9
[0297.713] GetDlgItem (hDlg=0x3302de, nIDDlgItem=2949832) returned 0x2d02c8
[0297.713] SendMessageW (hWnd=0x2d02c8, Msg=0x202b, wParam=0x2d02c8, lParam=0xd7ddcc) returned 0x0
[0297.713] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x202b, wParam=0x2d02c8, lParam=0xd7ddcc) returned 0x0
[0297.713] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.715] GetWindowLongW (hWnd=0x3302de, nIndex=-8) returned 458844
[0297.715] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0297.715] GetCurrentThreadId () returned 0xf50
[0297.715] IsWindow (hWnd=0x7005c) returned 1
[0297.719] IsWindow (hWnd=0x7005c) returned 1
[0297.719] IsWindowVisible (hWnd=0x7005c) returned 1
[0297.719] SetActiveWindow (hWnd=0x7005c) returned 0x3302de
[0297.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0297.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.721] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0297.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0297.723] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0297.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0297.723] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0297.723] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0297.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3302de) returned 0x1
[0297.726] GetFocus () returned 0x2d02c8
[0297.727] SetFocus (hWnd=0x602c4) returned 0x2d02c8
[0297.727] GetFocus () returned 0x602c4
[0297.727] IsChild (hWndParent=0x3302de, hWnd=0x602c4) returned 0
[0297.727] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0297.727] GetCapture () returned 0x0
[0297.727] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.728] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0297.729] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0297.730] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.730] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0297.731] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.731] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0297.732] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0297.732] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2d02c8, lParam=0x0) returned 0x0
[0297.732] GetStockObject (i=5) returned 0x900015
[0297.732] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0297.732] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11edb48) returned 0xc
[0297.732] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0297.733] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0297.733] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0297.733] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0297.737] GetFocus () returned 0x602c4
[0297.737] IsChild (hWndParent=0x3302de, hWnd=0x602c4) returned 0
[0297.737] ShowWindow (hWnd=0x3302de, nCmdShow=0) returned 1
[0297.737] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0297.737] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0297.738] GetWindowPlacement (in: hWnd=0x3302de, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0297.738] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0297.739] GetClientRect (in: hWnd=0x3302de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0297.739] GetWindowRect (in: hWnd=0x3302de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0297.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0297.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0297.739] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0297.740] GetWindowLongW (hWnd=0x3302de, nIndex=-20) returned 327945
[0297.740] DestroyWindow (hWnd=0x3302de) returned 1
[0297.740] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0297.741] GetWindowTextLengthW (hWnd=0x3302de) returned 13
[0297.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.741] GetSystemMetrics (nIndex=42) returned 0
[0297.741] GetWindowTextW (in: hWnd=0x3302de, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0297.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0297.741] GetWindowTextLengthW (hWnd=0x2902ce) returned 0
[0297.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0297.741] GetSystemMetrics (nIndex=42) returned 0
[0297.741] GetWindowTextW (in: hWnd=0x2902ce, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0297.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0297.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0297.741] GetWindowThreadProcessId (in: hWnd=0x3302dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0297.741] GetWindow (hWnd=0x3302dc, uCmd=0x5) returned 0x0
[0297.741] GetWindowLongW (hWnd=0x3302dc, nIndex=-20) returned 65792
[0297.741] DestroyWindow (hWnd=0x3302dc) returned 1
[0297.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0297.741] GetWindowTextLengthW (hWnd=0x3302dc) returned 25
[0297.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0297.742] GetSystemMetrics (nIndex=42) returned 0
[0297.742] GetWindowTextW (in: hWnd=0x3302dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0297.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0297.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0297.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.743] GetWindowTextLengthW (hWnd=0x3302da) returned 232
[0297.743] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0297.743] GetSystemMetrics (nIndex=42) returned 0
[0297.743] GetWindowTextW (in: hWnd=0x3302da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0297.743] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0297.743] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0297.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0297.743] InvalidateRect (hWnd=0x2d02c8, lpRect=0x0, bErase=0) returned 1
[0297.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0297.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0297.743] SendMessageW (hWnd=0x2802d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0297.744] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0297.744] SendMessageW (hWnd=0x2802d0, Msg=0xb0, wParam=0x2dba2d8, lParam=0xd7e480) returned 0x0
[0297.744] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0xb0, wParam=0x2dba2d8, lParam=0xd7e480) returned 0x0
[0297.744] GetWindowTextLengthW (hWnd=0x2802d0) returned 4363
[0297.744] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0297.744] GetSystemMetrics (nIndex=42) returned 0
[0297.744] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0297.744] GetWindowTextW (in: hWnd=0x2802d0, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0297.744] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0297.744] CoTaskMemFree (pv=0x1202960)
[0297.744] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0297.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2902ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.745] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.746] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3502d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.758] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2d02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.759] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3600ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.760] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2802d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.761] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3302de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0297.774] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.774] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.774] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.775] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.775] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.775] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.775] IsWindowUnicode (hWnd=0x7005c) returned 1
[0297.775] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.775] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.775] SetCursor (hCursor=0x10003) returned 0x10003
[0297.775] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.775] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.775] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0297.776] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0297.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0297.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0243) returned 0x0
[0297.776] GetKeyState (nVirtKey=1) returned 1
[0297.776] GetKeyState (nVirtKey=2) returned 0
[0297.776] GetKeyState (nVirtKey=4) returned 0
[0297.776] GetKeyState (nVirtKey=5) returned 0
[0297.776] GetKeyState (nVirtKey=6) returned 0
[0297.776] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.776] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.776] IsWindowUnicode (hWnd=0x7005c) returned 1
[0297.776] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.776] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.776] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.777] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.777] IsWindowUnicode (hWnd=0x7005c) returned 1
[0297.777] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30301) returned 0x1
[0297.777] SetCursor (hCursor=0x10003) returned 0x10003
[0297.777] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.777] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0243) returned 0x0
[0297.777] GetKeyState (nVirtKey=1) returned 1
[0297.777] GetKeyState (nVirtKey=2) returned 0
[0297.777] GetKeyState (nVirtKey=4) returned 0
[0297.777] GetKeyState (nVirtKey=5) returned 0
[0297.777] GetKeyState (nVirtKey=6) returned 0
[0297.777] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.778] IsWindowUnicode (hWnd=0x602c4) returned 1
[0297.778] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.778] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.778] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.778] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.782] IsWindowUnicode (hWnd=0x602c4) returned 1
[0297.782] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.782] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.782] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.782] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0297.782] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.782] CreateCompatibleDC (hdc=0x10105d6) returned 0x900107fc
[0297.782] SelectObject (hdc=0x900107fc, h=0x4a0507fe) returned 0x85000f
[0297.782] GdipCreateFromHDC (hdc=0x900107fc, graphics=0xd7e798) returned 0x0
[0297.782] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0297.783] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0297.783] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0297.783] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0297.783] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e7f8) returned 0x0
[0297.783] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0297.783] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0297.783] LocalFree (hMem=0x11ee868) returned 0x0
[0297.783] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0297.783] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0297.783] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.783] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0297.783] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0297.783] GdipRestoreGraphics (graphics=0x6600030, state=0xf5ca0dbd) returned 0x0
[0297.783] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.783] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0297.783] GetCurrentObject (hdc=0x900107fc, type=0x1) returned 0xb00017
[0297.783] GetCurrentObject (hdc=0x900107fc, type=0x2) returned 0x900010
[0297.783] GetCurrentObject (hdc=0x900107fc, type=0x7) returned 0x4a0507fe
[0297.783] GetCurrentObject (hdc=0x900107fc, type=0x6) returned 0x8a01c2
[0297.783] SaveDC (hdc=0x900107fc) returned 1
[0297.784] GetNearestColor (hdc=0x900107fc, color=0xff) returned 0xff
[0297.784] GetNearestColor (hdc=0x900107fc, color=0x55) returned 0x55
[0297.784] GetNearestColor (hdc=0x900107fc, color=0x0) returned 0x0
[0297.784] GetNearestColor (hdc=0x900107fc, color=0x55) returned 0x55
[0297.784] GetNearestColor (hdc=0x900107fc, color=0x0) returned 0x0
[0297.784] GetNearestColor (hdc=0x900107fc, color=0x8080ff) returned 0x8080ff
[0297.784] GetNearestColor (hdc=0x900107fc, color=0x7373e5) returned 0x7373e5
[0297.784] GetNearestColor (hdc=0x900107fc, color=0xe5) returned 0xe5
[0297.784] GetNearestColor (hdc=0x900107fc, color=0x0) returned 0x0
[0297.784] RestoreDC (hdc=0x900107fc, nSavedDC=-1) returned 1
[0297.784] GdipReleaseDC (graphics=0x6600030, hdc=0x900107fc) returned 0x0
[0297.784] IsAppThemed () returned 0x1
[0297.784] GetThemeAppProperties () returned 0x3
[0297.784] GetThemeAppProperties () returned 0x3
[0297.784] IsAppThemed () returned 0x1
[0297.784] GetThemeAppProperties () returned 0x3
[0297.784] GetThemeAppProperties () returned 0x3
[0297.784] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2df6240 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0297.785] IsAppThemed () returned 0x1
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] IsAppThemed () returned 0x1
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] GetFocus () returned 0x602c4
[0297.785] IsAppThemed () returned 0x1
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] IsAppThemed () returned 0x1
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] IsThemePartDefined () returned 0x1
[0297.785] IsAppThemed () returned 0x1
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] GetThemeAppProperties () returned 0x3
[0297.785] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0297.785] IsAppThemed () returned 0x1
[0297.786] GetThemeAppProperties () returned 0x3
[0297.786] GetThemeAppProperties () returned 0x3
[0297.786] IsAppThemed () returned 0x1
[0297.786] GetThemeAppProperties () returned 0x3
[0297.786] GetThemeAppProperties () returned 0x3
[0297.787] IsThemePartDefined () returned 0x1
[0297.787] GdipCreateRegion (region=0xd7e508) returned 0x0
[0297.787] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.787] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0297.788] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0297.788] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e520) returned 0x0
[0297.788] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.788] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0297.788] LocalFree (hMem=0x11ee788) returned 0x0
[0297.788] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.788] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0297.788] LocalFree (hMem=0x11eec58) returned 0x0
[0297.788] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0297.788] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e548) returned 0x0
[0297.788] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e538) returned 0x0
[0297.788] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0297.788] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.788] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0297.788] GetCurrentObject (hdc=0x900107fc, type=0x1) returned 0xb00017
[0297.788] GetCurrentObject (hdc=0x900107fc, type=0x2) returned 0x900010
[0297.788] GetCurrentObject (hdc=0x900107fc, type=0x7) returned 0x4a0507fe
[0297.788] GetCurrentObject (hdc=0x900107fc, type=0x6) returned 0x8a01c2
[0297.788] SaveDC (hdc=0x900107fc) returned 1
[0297.788] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x81040807
[0297.788] GetClipRgn (hdc=0x900107fc, hrgn=0x81040807) returned 0
[0297.788] SelectClipRgn (hdc=0x900107fc, hrgn=0x90407de) returned 2
[0297.789] DeleteObject (ho=0x81040807) returned 1
[0297.789] DeleteObject (ho=0x90407de) returned 1
[0297.789] OffsetViewportOrgEx (in: hdc=0x900107fc, x=0, y=0, lppt=0x2df68f0 | out: lppt=0x2df68f0) returned 1
[0297.789] DrawThemeParentBackground () returned 0x0
[0297.789] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0297.789] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0297.789] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.789] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.789] GetSystemMetrics (nIndex=42) returned 0
[0297.789] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.789] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0297.789] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0297.789] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0297.789] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0297.789] SelectPalette (hdc=0x900107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.789] GdipCreateFromHDC (hdc=0x900107fc, graphics=0xd7dff8) returned 0x0
[0297.790] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0297.790] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0297.790] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638d58) returned 0x0
[0297.790] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dfd0) returned 0x0
[0297.790] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0297.790] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0297.790] GdipGetClip (graphics=0x6639e10, region=0x6646d48) returned 0x0
[0297.790] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6639e10, result=0xd7dfc4) returned 0x0
[0297.790] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.790] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dff0) returned 0x0
[0297.790] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0297.799] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d6f0, x=0, y=0, width=801, height=453) returned 0x0
[0297.799] GdipDeleteBrush (brush=0x664d6f0) returned 0x0
[0297.800] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0297.800] SelectPalette (hdc=0x900107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.800] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.800] GetSystemMetrics (nIndex=42) returned 0
[0297.800] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.800] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0297.800] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0297.800] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0297.800] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0297.800] SelectPalette (hdc=0x900107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0297.800] GdipCreateFromHDC (hdc=0x900107fc, graphics=0xd7df98) returned 0x0
[0297.801] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0297.801] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0297.801] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638ab8) returned 0x0
[0297.801] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df70) returned 0x0
[0297.801] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0297.801] GdipCreateRegion (region=0xd7df58) returned 0x0
[0297.801] GdipGetClip (graphics=0x6639e10, region=0x6646d48) returned 0x0
[0297.801] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6639e10, result=0xd7df64) returned 0x0
[0297.801] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.801] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df90) returned 0x0
[0297.801] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0297.808] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d480, x=0, y=0, width=801, height=453) returned 0x0
[0297.808] GdipDeleteBrush (brush=0x664d480) returned 0x0
[0297.814] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5c60dbd) returned 0x0
[0297.814] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0297.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0297.814] GetSystemMetrics (nIndex=42) returned 0
[0297.814] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0297.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0297.814] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0297.814] SelectPalette (hdc=0x900107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.815] RestoreDC (hdc=0x900107fc, nSavedDC=-1) returned 1
[0297.815] GdipReleaseDC (graphics=0x6600030, hdc=0x900107fc) returned 0x0
[0297.815] IsAppThemed () returned 0x1
[0297.815] GetThemeAppProperties () returned 0x3
[0297.815] GetThemeAppProperties () returned 0x3
[0297.815] IsAppThemed () returned 0x1
[0297.815] GetThemeAppProperties () returned 0x3
[0297.815] GetThemeAppProperties () returned 0x3
[0297.815] IsThemePartDefined () returned 0x1
[0297.815] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0297.815] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0297.815] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0297.815] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0297.815] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a4) returned 0x0
[0297.815] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0297.815] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0297.815] LocalFree (hMem=0x11ee788) returned 0x0
[0297.815] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.815] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0297.816] LocalFree (hMem=0x11eec58) returned 0x0
[0297.816] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0297.816] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0297.816] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0297.816] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0297.816] GdipDeleteRegion (region=0x6646448) returned 0x0
[0297.816] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0297.816] GetCurrentObject (hdc=0x900107fc, type=0x1) returned 0xb00017
[0297.816] GetCurrentObject (hdc=0x900107fc, type=0x2) returned 0x900010
[0297.816] GetCurrentObject (hdc=0x900107fc, type=0x7) returned 0x4a0507fe
[0297.816] GetCurrentObject (hdc=0x900107fc, type=0x6) returned 0x8a01c2
[0297.816] SaveDC (hdc=0x900107fc) returned 1
[0297.816] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa0407de
[0297.816] GetClipRgn (hdc=0x900107fc, hrgn=0xa0407de) returned 0
[0297.816] SelectClipRgn (hdc=0x900107fc, hrgn=0x83040807) returned 2
[0297.816] DeleteObject (ho=0xa0407de) returned 1
[0297.816] DeleteObject (ho=0x83040807) returned 1
[0297.816] OffsetViewportOrgEx (in: hdc=0x900107fc, x=0, y=0, lppt=0x2dfd140 | out: lppt=0x2dfd140) returned 1
[0297.816] IsAppThemed () returned 0x1
[0297.816] GetThemeAppProperties () returned 0x3
[0297.816] GetThemeAppProperties () returned 0x3
[0297.817] DrawThemeBackground () returned 0x0
[0297.817] RestoreDC (hdc=0x900107fc, nSavedDC=-1) returned 1
[0297.817] GdipReleaseDC (graphics=0x6600030, hdc=0x900107fc) returned 0x0
[0297.817] GdipCreateRegion (region=0xd7e490) returned 0x0
[0297.817] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0297.817] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0297.817] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0297.817] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e4a8) returned 0x0
[0297.817] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0297.817] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea28) returned 0x0
[0297.817] LocalFree (hMem=0x11eea28) returned 0x0
[0297.817] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0297.817] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0297.817] LocalFree (hMem=0x11eec58) returned 0x0
[0297.817] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0297.817] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0297.817] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0297.817] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0297.817] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0297.817] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0297.817] GetCurrentObject (hdc=0x900107fc, type=0x1) returned 0xb00017
[0297.817] GetCurrentObject (hdc=0x900107fc, type=0x2) returned 0x900010
[0297.817] GetCurrentObject (hdc=0x900107fc, type=0x7) returned 0x4a0507fe
[0297.818] GetCurrentObject (hdc=0x900107fc, type=0x6) returned 0x8a01c2
[0297.818] SaveDC (hdc=0x900107fc) returned 1
[0297.818] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x84040807
[0297.818] GetClipRgn (hdc=0x900107fc, hrgn=0x84040807) returned 0
[0297.818] SelectClipRgn (hdc=0x900107fc, hrgn=0xb0407de) returned 2
[0297.818] DeleteObject (ho=0x84040807) returned 1
[0297.818] DeleteObject (ho=0xb0407de) returned 1
[0297.818] OffsetViewportOrgEx (in: hdc=0x900107fc, x=0, y=0, lppt=0x2dfd414 | out: lppt=0x2dfd414) returned 1
[0297.818] IsAppThemed () returned 0x1
[0297.818] GetThemeAppProperties () returned 0x3
[0297.818] GetThemeAppProperties () returned 0x3
[0297.818] GetThemeBackgroundContentRect () returned 0x0
[0297.818] RestoreDC (hdc=0x900107fc, nSavedDC=-1) returned 1
[0297.818] GdipReleaseDC (graphics=0x6600030, hdc=0x900107fc) returned 0x0
[0297.818] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0297.818] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0297.818] GdipFillRectangleI (graphics=0x6600030, brush=0x666a048, x=4, y=4, width=67, height=15) returned 0x0
[0297.818] GdipDeleteBrush (brush=0x666a048) returned 0x0
[0297.818] IsAppThemed () returned 0x1
[0297.818] GetThemeAppProperties () returned 0x3
[0297.818] GetThemeAppProperties () returned 0x3
[0297.819] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0297.819] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0297.819] GetCurrentObject (hdc=0x900107fc, type=0x1) returned 0xb00017
[0297.819] GetCurrentObject (hdc=0x900107fc, type=0x2) returned 0x900010
[0297.819] GetCurrentObject (hdc=0x900107fc, type=0x7) returned 0x4a0507fe
[0297.819] GetCurrentObject (hdc=0x900107fc, type=0x6) returned 0x8a01c2
[0297.819] SaveDC (hdc=0x900107fc) returned 1
[0297.819] GetTextAlign (hdc=0x900107fc) returned 0x0
[0297.819] GetTextColor (hdc=0x900107fc) returned 0x0
[0297.819] GetCurrentObject (hdc=0x900107fc, type=0x6) returned 0x8a01c2
[0297.819] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0297.819] SelectObject (hdc=0x900107fc, h=0x6d0a0520) returned 0x8a01c2
[0297.819] GetBkMode (hdc=0x900107fc) returned 2
[0297.819] SetBkMode (hdc=0x900107fc, mode=1) returned 2
[0297.819] DrawTextExW (in: hdc=0x900107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2dfd7d8 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0297.820] DrawTextExW (in: hdc=0x900107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2dfd7d8 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0297.820] RestoreDC (hdc=0x900107fc, nSavedDC=-1) returned 1
[0297.820] GdipReleaseDC (graphics=0x6600030, hdc=0x900107fc) returned 0x0
[0297.820] GetFocus () returned 0x602c4
[0297.820] IsAppThemed () returned 0x1
[0297.820] GetThemeAppProperties () returned 0x3
[0297.820] GetThemeAppProperties () returned 0x3
[0297.820] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0297.820] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x900107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0297.820] GdipReleaseDC (graphics=0x6600030, hdc=0x900107fc) returned 0x0
[0297.820] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0297.820] SelectObject (hdc=0x900107fc, h=0x85000f) returned 0x4a0507fe
[0297.820] DeleteDC (hdc=0x900107fc) returned 1
[0297.821] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0297.821] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0297.821] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.821] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.821] WaitMessage () returned 1
[0297.822] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.822] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.822] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.822] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.822] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.823] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.823] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.823] WaitMessage () returned 1
[0297.837] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.837] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.837] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.837] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.837] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.838] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.838] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.838] WaitMessage () returned 1
[0297.839] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.839] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.839] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.840] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.840] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.840] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.840] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.840] WaitMessage () returned 1
[0297.846] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.846] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.846] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.846] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.846] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.847] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.847] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.847] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.847] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.847] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.848] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.848] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.848] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.848] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.848] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.848] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.848] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.848] WaitMessage () returned 1
[0297.851] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.851] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.851] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.851] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.851] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.856] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.856] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.856] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.856] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.856] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.857] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.857] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.857] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.857] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.857] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.857] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.857] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.857] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.857] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.858] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.858] IsWindowUnicode (hWnd=0x30122) returned 1
[0297.858] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.858] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.858] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.858] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.858] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.858] WaitMessage () returned 1
[0297.875] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.875] IsWindowUnicode (hWnd=0x7005c) returned 1
[0297.875] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.875] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.875] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.876] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.876] IsWindowUnicode (hWnd=0x7005c) returned 1
[0297.876] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0297.876] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0297.876] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0297.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10e0243) returned 0x0
[0297.876] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.876] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0297.876] WaitMessage () returned 1
[0298.030] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0298.030] IsWindowUnicode (hWnd=0x502c6) returned 1
[0298.030] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0298.030] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0298.030] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0298.030] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0298.031] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0298.031] WaitMessage () returned 1
[0299.928] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0299.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010e) returned 0x1
[0299.929] IsWindowUnicode (hWnd=0x602c4) returned 1
[0299.929] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0299.929] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0299.929] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0299.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0299.929] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0299.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010e) returned 0x1
[0299.929] IsWindowUnicode (hWnd=0x602c4) returned 1
[0299.929] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0299.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010e) returned 0x1
[0299.929] SetCursor (hCursor=0x10003) returned 0x10003
[0299.929] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0299.929] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0299.929] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0299.930] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0299.930] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0299.930] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0299.930] GetKeyState (nVirtKey=1) returned 1
[0299.930] GetKeyState (nVirtKey=2) returned 0
[0299.930] GetKeyState (nVirtKey=4) returned 0
[0299.930] GetKeyState (nVirtKey=5) returned 0
[0299.930] GetKeyState (nVirtKey=6) returned 0
[0299.930] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0299.930] IsWindowUnicode (hWnd=0x602c4) returned 1
[0299.930] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0299.930] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0299.930] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0299.930] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0299.930] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0299.930] CreateCompatibleDC (hdc=0x10105d6) returned 0x640107f3
[0299.930] SelectObject (hdc=0x640107f3, h=0x4a0507fe) returned 0x85000f
[0299.930] GdipCreateFromHDC (hdc=0x640107f3, graphics=0xd7e798) returned 0x0
[0299.931] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0299.931] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0299.931] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0299.931] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0299.931] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e7f8) returned 0x0
[0299.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0299.931] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0299.931] LocalFree (hMem=0x11ee788) returned 0x0
[0299.931] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0299.931] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0299.931] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0299.931] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0299.931] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0299.931] GdipRestoreGraphics (graphics=0x6600030, state=0xf5c40dbd) returned 0x0
[0299.931] GdipDeleteRegion (region=0x6646448) returned 0x0
[0299.931] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0299.931] GetCurrentObject (hdc=0x640107f3, type=0x1) returned 0xb00017
[0299.931] GetCurrentObject (hdc=0x640107f3, type=0x2) returned 0x900010
[0299.931] GetCurrentObject (hdc=0x640107f3, type=0x7) returned 0x4a0507fe
[0299.931] GetCurrentObject (hdc=0x640107f3, type=0x6) returned 0x8a01c2
[0299.932] SaveDC (hdc=0x640107f3) returned 1
[0299.932] GetNearestColor (hdc=0x640107f3, color=0xff) returned 0xff
[0299.932] GetNearestColor (hdc=0x640107f3, color=0x55) returned 0x55
[0299.932] GetNearestColor (hdc=0x640107f3, color=0x0) returned 0x0
[0299.932] GetNearestColor (hdc=0x640107f3, color=0x55) returned 0x55
[0299.932] GetNearestColor (hdc=0x640107f3, color=0x0) returned 0x0
[0299.932] GetNearestColor (hdc=0x640107f3, color=0x8080ff) returned 0x8080ff
[0299.932] GetNearestColor (hdc=0x640107f3, color=0x7373e5) returned 0x7373e5
[0299.932] GetNearestColor (hdc=0x640107f3, color=0xe5) returned 0xe5
[0299.932] GetNearestColor (hdc=0x640107f3, color=0x0) returned 0x0
[0299.932] RestoreDC (hdc=0x640107f3, nSavedDC=-1) returned 1
[0299.932] GdipReleaseDC (graphics=0x6600030, hdc=0x640107f3) returned 0x0
[0299.932] IsAppThemed () returned 0x1
[0299.932] GetThemeAppProperties () returned 0x3
[0299.932] GetThemeAppProperties () returned 0x3
[0299.932] IsAppThemed () returned 0x1
[0299.932] GetThemeAppProperties () returned 0x3
[0299.932] GetThemeAppProperties () returned 0x3
[0299.932] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2dfe100 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0299.933] IsAppThemed () returned 0x1
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] IsAppThemed () returned 0x1
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] IsAppThemed () returned 0x1
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] IsAppThemed () returned 0x1
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] IsThemePartDefined () returned 0x1
[0299.933] IsAppThemed () returned 0x1
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0299.933] IsAppThemed () returned 0x1
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] GetThemeAppProperties () returned 0x3
[0299.933] IsAppThemed () returned 0x1
[0299.934] GetThemeAppProperties () returned 0x3
[0299.934] GetThemeAppProperties () returned 0x3
[0299.934] IsThemePartDefined () returned 0x1
[0299.934] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0299.934] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0299.934] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0299.934] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0299.934] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e514) returned 0x0
[0299.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0299.934] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0299.934] LocalFree (hMem=0x11ee788) returned 0x0
[0299.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0299.934] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0299.934] LocalFree (hMem=0x11ee910) returned 0x0
[0299.934] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0299.934] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0299.934] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0299.934] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0299.934] GdipDeleteRegion (region=0x6646448) returned 0x0
[0299.934] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0299.934] GetCurrentObject (hdc=0x640107f3, type=0x1) returned 0xb00017
[0299.935] GetCurrentObject (hdc=0x640107f3, type=0x2) returned 0x900010
[0299.935] GetCurrentObject (hdc=0x640107f3, type=0x7) returned 0x4a0507fe
[0299.935] GetCurrentObject (hdc=0x640107f3, type=0x6) returned 0x8a01c2
[0299.935] SaveDC (hdc=0x640107f3) returned 1
[0299.935] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc0407de
[0299.935] GetClipRgn (hdc=0x640107f3, hrgn=0xc0407de) returned 0
[0299.935] SelectClipRgn (hdc=0x640107f3, hrgn=0x88040807) returned 2
[0299.935] DeleteObject (ho=0xc0407de) returned 1
[0299.935] DeleteObject (ho=0x88040807) returned 1
[0299.935] OffsetViewportOrgEx (in: hdc=0x640107f3, x=0, y=0, lppt=0x2dfe7b0 | out: lppt=0x2dfe7b0) returned 1
[0299.935] DrawThemeParentBackground () returned 0x0
[0299.935] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0299.935] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0299.935] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0299.935] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0299.935] GetSystemMetrics (nIndex=42) returned 0
[0299.935] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0299.935] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0299.935] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0299.936] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0299.936] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0299.936] SelectPalette (hdc=0x640107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0299.936] GdipCreateFromHDC (hdc=0x640107f3, graphics=0xd7dff0) returned 0x0
[0299.936] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0299.936] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0299.936] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638d88) returned 0x0
[0299.936] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dfc8) returned 0x0
[0299.936] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0299.936] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0299.936] GdipGetClip (graphics=0x6639e10, region=0x6646448) returned 0x0
[0299.936] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6639e10, result=0xd7dfbc) returned 0x0
[0299.936] GdipDeleteRegion (region=0x6646448) returned 0x0
[0299.936] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dfe8) returned 0x0
[0299.936] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0299.943] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0299.943] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0299.944] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0299.944] SelectPalette (hdc=0x640107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0299.944] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0299.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0299.944] GetSystemMetrics (nIndex=42) returned 0
[0299.944] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0299.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0299.944] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0299.945] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0299.945] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0299.945] SelectPalette (hdc=0x640107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0299.945] GdipCreateFromHDC (hdc=0x640107f3, graphics=0xd7df90) returned 0x0
[0299.945] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0299.945] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0299.945] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638a28) returned 0x0
[0299.945] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df68) returned 0x0
[0299.945] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0299.945] GdipCreateRegion (region=0xd7df50) returned 0x0
[0299.945] GdipGetClip (graphics=0x6639e10, region=0x6646448) returned 0x0
[0299.945] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6639e10, result=0xd7df5c) returned 0x0
[0299.945] GdipDeleteRegion (region=0x6646448) returned 0x0
[0299.945] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df88) returned 0x0
[0299.945] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0299.952] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d5b8, x=0, y=0, width=801, height=453) returned 0x0
[0299.952] GdipDeleteBrush (brush=0x664d5b8) returned 0x0
[0299.953] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5c00dbd) returned 0x0
[0299.953] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0299.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0299.953] GetSystemMetrics (nIndex=42) returned 0
[0299.953] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0299.953] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0299.953] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0299.953] SelectPalette (hdc=0x640107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0299.953] RestoreDC (hdc=0x640107f3, nSavedDC=-1) returned 1
[0299.954] GdipReleaseDC (graphics=0x6600030, hdc=0x640107f3) returned 0x0
[0299.954] IsAppThemed () returned 0x1
[0299.954] GetThemeAppProperties () returned 0x3
[0299.954] GetThemeAppProperties () returned 0x3
[0299.954] IsAppThemed () returned 0x1
[0299.954] GetThemeAppProperties () returned 0x3
[0299.954] GetThemeAppProperties () returned 0x3
[0299.954] IsThemePartDefined () returned 0x1
[0299.954] GdipCreateRegion (region=0xd7e480) returned 0x0
[0299.954] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0299.954] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0299.954] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0299.954] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e498) returned 0x0
[0299.954] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0299.954] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea60) returned 0x0
[0299.954] LocalFree (hMem=0x11eea60) returned 0x0
[0299.954] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0299.954] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0299.954] LocalFree (hMem=0x11eec58) returned 0x0
[0299.954] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0299.954] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0299.954] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0299.954] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0299.954] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0299.955] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0299.955] GetCurrentObject (hdc=0x640107f3, type=0x1) returned 0xb00017
[0299.955] GetCurrentObject (hdc=0x640107f3, type=0x2) returned 0x900010
[0299.955] GetCurrentObject (hdc=0x640107f3, type=0x7) returned 0x4a0507fe
[0299.955] GetCurrentObject (hdc=0x640107f3, type=0x6) returned 0x8a01c2
[0299.955] SaveDC (hdc=0x640107f3) returned 1
[0299.955] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x89040807
[0299.955] GetClipRgn (hdc=0x640107f3, hrgn=0x89040807) returned 0
[0299.955] SelectClipRgn (hdc=0x640107f3, hrgn=0xe0407de) returned 2
[0299.955] DeleteObject (ho=0x89040807) returned 1
[0299.955] DeleteObject (ho=0xe0407de) returned 1
[0299.955] OffsetViewportOrgEx (in: hdc=0x640107f3, x=0, y=0, lppt=0x2e05000 | out: lppt=0x2e05000) returned 1
[0299.955] IsAppThemed () returned 0x1
[0299.955] GetThemeAppProperties () returned 0x3
[0299.955] GetThemeAppProperties () returned 0x3
[0299.955] DrawThemeBackground () returned 0x0
[0299.955] RestoreDC (hdc=0x640107f3, nSavedDC=-1) returned 1
[0299.955] GdipReleaseDC (graphics=0x6600030, hdc=0x640107f3) returned 0x0
[0299.955] GdipCreateRegion (region=0xd7e484) returned 0x0
[0299.955] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0299.956] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0299.956] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0299.956] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e49c) returned 0x0
[0299.956] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0299.956] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0299.956] LocalFree (hMem=0x11ee788) returned 0x0
[0299.956] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0299.956] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0299.956] LocalFree (hMem=0x11eec58) returned 0x0
[0299.956] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0299.956] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0299.956] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0299.956] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0299.956] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0299.956] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0299.956] GetCurrentObject (hdc=0x640107f3, type=0x1) returned 0xb00017
[0299.956] GetCurrentObject (hdc=0x640107f3, type=0x2) returned 0x900010
[0299.956] GetCurrentObject (hdc=0x640107f3, type=0x7) returned 0x4a0507fe
[0299.956] GetCurrentObject (hdc=0x640107f3, type=0x6) returned 0x8a01c2
[0299.956] SaveDC (hdc=0x640107f3) returned 1
[0299.956] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf0407de
[0299.957] GetClipRgn (hdc=0x640107f3, hrgn=0xf0407de) returned 0
[0299.957] SelectClipRgn (hdc=0x640107f3, hrgn=0x8a040807) returned 2
[0299.957] DeleteObject (ho=0xf0407de) returned 1
[0299.957] DeleteObject (ho=0x8a040807) returned 1
[0299.957] OffsetViewportOrgEx (in: hdc=0x640107f3, x=0, y=0, lppt=0x2e052d4 | out: lppt=0x2e052d4) returned 1
[0299.957] IsAppThemed () returned 0x1
[0299.957] GetThemeAppProperties () returned 0x3
[0299.957] GetThemeAppProperties () returned 0x3
[0299.957] GetThemeBackgroundContentRect () returned 0x0
[0299.957] RestoreDC (hdc=0x640107f3, nSavedDC=-1) returned 1
[0299.957] GdipReleaseDC (graphics=0x6600030, hdc=0x640107f3) returned 0x0
[0299.957] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0299.957] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0299.957] GdipFillRectangleI (graphics=0x6600030, brush=0x666a048, x=4, y=4, width=67, height=15) returned 0x0
[0299.957] GdipDeleteBrush (brush=0x666a048) returned 0x0
[0299.957] IsAppThemed () returned 0x1
[0299.958] GetThemeAppProperties () returned 0x3
[0299.958] GetThemeAppProperties () returned 0x3
[0299.958] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0299.958] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0299.958] GetCurrentObject (hdc=0x640107f3, type=0x1) returned 0xb00017
[0299.958] GetCurrentObject (hdc=0x640107f3, type=0x2) returned 0x900010
[0299.958] GetCurrentObject (hdc=0x640107f3, type=0x7) returned 0x4a0507fe
[0299.958] GetCurrentObject (hdc=0x640107f3, type=0x6) returned 0x8a01c2
[0299.958] SaveDC (hdc=0x640107f3) returned 1
[0299.958] GetTextAlign (hdc=0x640107f3) returned 0x0
[0299.958] GetTextColor (hdc=0x640107f3) returned 0x0
[0299.958] GetCurrentObject (hdc=0x640107f3, type=0x6) returned 0x8a01c2
[0299.958] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0299.958] SelectObject (hdc=0x640107f3, h=0x6d0a0520) returned 0x8a01c2
[0299.958] GetBkMode (hdc=0x640107f3) returned 2
[0299.958] SetBkMode (hdc=0x640107f3, mode=1) returned 2
[0299.958] DrawTextExW (in: hdc=0x640107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e05698 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0299.959] DrawTextExW (in: hdc=0x640107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e05698 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0299.959] RestoreDC (hdc=0x640107f3, nSavedDC=-1) returned 1
[0299.959] GdipReleaseDC (graphics=0x6600030, hdc=0x640107f3) returned 0x0
[0299.959] GetFocus () returned 0x602c4
[0299.959] IsAppThemed () returned 0x1
[0299.959] GetThemeAppProperties () returned 0x3
[0299.959] GetThemeAppProperties () returned 0x3
[0299.959] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0299.959] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x640107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0299.960] GdipReleaseDC (graphics=0x6600030, hdc=0x640107f3) returned 0x0
[0299.960] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0299.960] SelectObject (hdc=0x640107f3, h=0x85000f) returned 0x4a0507fe
[0299.960] DeleteDC (hdc=0x640107f3) returned 1
[0299.960] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0299.960] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0299.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0299.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0299.960] WaitMessage () returned 1
[0300.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.054] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.054] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.054] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.054] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.054] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.054] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.054] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0033) returned 0x0
[0300.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.054] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.054] WaitMessage () returned 1
[0300.157] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010e) returned 0x1
[0300.157] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.157] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010e) returned 0x1
[0300.157] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0300.157] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0050) returned 0x0
[0300.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0300.157] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0300.158] SetCursor (hCursor=0x10003) returned 0x10003
[0300.158] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.158] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.158] GetKeyState (nVirtKey=1) returned -128
[0300.158] GetKeyState (nVirtKey=2) returned 0
[0300.158] GetKeyState (nVirtKey=4) returned 0
[0300.158] GetKeyState (nVirtKey=5) returned 0
[0300.158] GetKeyState (nVirtKey=6) returned 0
[0300.158] IsWindowVisible (hWnd=0x602c4) returned 1
[0300.158] IsWindowEnabled (hWnd=0x602c4) returned 1
[0300.158] SetFocus (hWnd=0x602c4) returned 0x602c4
[0300.158] GetFocus () returned 0x602c4
[0300.158] GetFocus () returned 0x602c4
[0300.158] GetFocus () returned 0x602c4
[0300.158] GetKeyState (nVirtKey=1) returned -128
[0300.158] GetKeyState (nVirtKey=2) returned 0
[0300.158] GetKeyState (nVirtKey=4) returned 0
[0300.158] GetKeyState (nVirtKey=5) returned 0
[0300.158] GetKeyState (nVirtKey=6) returned 0
[0300.158] GetCapture () returned 0x0
[0300.158] SetCapture (hWnd=0x602c4) returned 0x0
[0300.159] GetKeyState (nVirtKey=1) returned -128
[0300.159] GetKeyState (nVirtKey=2) returned 0
[0300.159] GetKeyState (nVirtKey=4) returned 0
[0300.159] GetKeyState (nVirtKey=5) returned 0
[0300.159] GetKeyState (nVirtKey=6) returned 0
[0300.159] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0300.159] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0300.159] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.159] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.159] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.159] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.159] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.159] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e0581c, cPoints=0x1 | out: lpPoints=0x2e0581c) returned 40304859
[0300.159] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0300.159] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0300.159] UpdateWindow (hWnd=0x602c4) returned 1
[0300.159] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0300.159] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.159] CreateCompatibleDC (hdc=0x10105d6) returned 0x650107f3
[0300.160] SelectObject (hdc=0x650107f3, h=0x4a0507fe) returned 0x85000f
[0300.160] GdipCreateFromHDC (hdc=0x650107f3, graphics=0xd7e430) returned 0x0
[0300.160] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.160] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0300.160] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0300.160] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0300.160] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e490) returned 0x0
[0300.160] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.160] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0300.160] LocalFree (hMem=0x11ee788) returned 0x0
[0300.160] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0300.160] GdipCreateRegion (region=0xd7e478) returned 0x0
[0300.160] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.160] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e484) returned 0x0
[0300.160] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0300.160] GdipRestoreGraphics (graphics=0x6600030, state=0xf5be0dbd) returned 0x0
[0300.160] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.161] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0300.161] GetCurrentObject (hdc=0x650107f3, type=0x1) returned 0xb00017
[0300.161] GetCurrentObject (hdc=0x650107f3, type=0x2) returned 0x900010
[0300.161] GetCurrentObject (hdc=0x650107f3, type=0x7) returned 0x4a0507fe
[0300.161] GetCurrentObject (hdc=0x650107f3, type=0x6) returned 0x8a01c2
[0300.161] SaveDC (hdc=0x650107f3) returned 1
[0300.161] GetNearestColor (hdc=0x650107f3, color=0xff) returned 0xff
[0300.161] GetNearestColor (hdc=0x650107f3, color=0x55) returned 0x55
[0300.161] GetNearestColor (hdc=0x650107f3, color=0x0) returned 0x0
[0300.161] GetNearestColor (hdc=0x650107f3, color=0x55) returned 0x55
[0300.161] GetNearestColor (hdc=0x650107f3, color=0x0) returned 0x0
[0300.161] GetNearestColor (hdc=0x650107f3, color=0x8080ff) returned 0x8080ff
[0300.161] GetNearestColor (hdc=0x650107f3, color=0x7373e5) returned 0x7373e5
[0300.161] GetNearestColor (hdc=0x650107f3, color=0xe5) returned 0xe5
[0300.161] GetNearestColor (hdc=0x650107f3, color=0x0) returned 0x0
[0300.161] RestoreDC (hdc=0x650107f3, nSavedDC=-1) returned 1
[0300.161] GdipReleaseDC (graphics=0x6600030, hdc=0x650107f3) returned 0x0
[0300.161] IsAppThemed () returned 0x1
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] IsAppThemed () returned 0x1
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e05f38 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0300.162] IsAppThemed () returned 0x1
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] IsAppThemed () returned 0x1
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] IsAppThemed () returned 0x1
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] IsAppThemed () returned 0x1
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] GetThemeAppProperties () returned 0x3
[0300.162] IsThemePartDefined () returned 0x1
[0300.162] IsAppThemed () returned 0x1
[0300.162] GetThemeAppProperties () returned 0x3
[0300.163] GetThemeAppProperties () returned 0x3
[0300.163] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0300.163] IsAppThemed () returned 0x1
[0300.163] GetThemeAppProperties () returned 0x3
[0300.163] GetThemeAppProperties () returned 0x3
[0300.163] IsAppThemed () returned 0x1
[0300.163] GetThemeAppProperties () returned 0x3
[0300.163] GetThemeAppProperties () returned 0x3
[0300.163] IsThemePartDefined () returned 0x1
[0300.163] GdipCreateRegion (region=0xd7e194) returned 0x0
[0300.163] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0300.163] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0300.163] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0300.163] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e1ac) returned 0x0
[0300.163] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.163] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0300.163] LocalFree (hMem=0x11ee788) returned 0x0
[0300.163] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.163] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0300.163] LocalFree (hMem=0x11eec58) returned 0x0
[0300.163] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0300.163] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0300.163] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0300.163] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0300.164] GdipDeleteRegion (region=0x6646448) returned 0x0
[0300.164] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0300.164] GetCurrentObject (hdc=0x650107f3, type=0x1) returned 0xb00017
[0300.164] GetCurrentObject (hdc=0x650107f3, type=0x2) returned 0x900010
[0300.164] GetCurrentObject (hdc=0x650107f3, type=0x7) returned 0x4a0507fe
[0300.164] GetCurrentObject (hdc=0x650107f3, type=0x6) returned 0x8a01c2
[0300.164] SaveDC (hdc=0x650107f3) returned 1
[0300.164] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8b040807
[0300.164] GetClipRgn (hdc=0x650107f3, hrgn=0x8b040807) returned 0
[0300.164] SelectClipRgn (hdc=0x650107f3, hrgn=0x130407de) returned 2
[0300.164] DeleteObject (ho=0x8b040807) returned 1
[0300.164] DeleteObject (ho=0x130407de) returned 1
[0300.164] OffsetViewportOrgEx (in: hdc=0x650107f3, x=0, y=0, lppt=0x2e065e8 | out: lppt=0x2e065e8) returned 1
[0300.164] DrawThemeParentBackground () returned 0x0
[0300.164] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0300.164] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0300.164] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.164] GetSystemMetrics (nIndex=42) returned 0
[0300.165] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0300.165] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0300.165] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0300.165] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0300.165] SelectPalette (hdc=0x650107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.165] GdipCreateFromHDC (hdc=0x650107f3, graphics=0xd7dc88) returned 0x0
[0300.165] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0300.165] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0300.165] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cc8) returned 0x0
[0300.165] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc60) returned 0x0
[0300.165] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0300.165] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0300.165] GdipGetClip (graphics=0x6639e10, region=0x6646d48) returned 0x0
[0300.165] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6639e10, result=0xd7dc54) returned 0x0
[0300.165] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.165] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc80) returned 0x0
[0300.165] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0300.173] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d828, x=0, y=0, width=801, height=453) returned 0x0
[0300.173] GdipDeleteBrush (brush=0x664d828) returned 0x0
[0300.174] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0300.174] SelectPalette (hdc=0x650107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.175] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.175] GetSystemMetrics (nIndex=42) returned 0
[0300.175] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.175] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0300.175] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0300.175] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0300.175] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0300.175] SelectPalette (hdc=0x650107f3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.175] GdipCreateFromHDC (hdc=0x650107f3, graphics=0xd7dc28) returned 0x0
[0300.175] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0300.175] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0300.175] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b78) returned 0x0
[0300.175] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc00) returned 0x0
[0300.175] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0300.175] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0300.175] GdipGetClip (graphics=0x6639e10, region=0x6646d48) returned 0x0
[0300.175] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6639e10, result=0xd7dbf4) returned 0x0
[0300.176] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.176] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc20) returned 0x0
[0300.176] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0300.183] GdipFillRectangleI (graphics=0x6639e10, brush=0x664d210, x=0, y=0, width=801, height=453) returned 0x0
[0300.183] GdipDeleteBrush (brush=0x664d210) returned 0x0
[0300.184] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5ba0dbd) returned 0x0
[0300.184] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.184] GetSystemMetrics (nIndex=42) returned 0
[0300.184] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0300.184] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0300.184] SelectPalette (hdc=0x650107f3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.184] RestoreDC (hdc=0x650107f3, nSavedDC=-1) returned 1
[0300.185] GdipReleaseDC (graphics=0x6600030, hdc=0x650107f3) returned 0x0
[0300.185] IsAppThemed () returned 0x1
[0300.185] GetThemeAppProperties () returned 0x3
[0300.185] GetThemeAppProperties () returned 0x3
[0300.185] IsAppThemed () returned 0x1
[0300.185] GetThemeAppProperties () returned 0x3
[0300.185] GetThemeAppProperties () returned 0x3
[0300.185] IsThemePartDefined () returned 0x1
[0300.185] GdipCreateRegion (region=0xd7e118) returned 0x0
[0300.185] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.185] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0300.185] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0300.185] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e130) returned 0x0
[0300.185] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0300.185] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0300.185] LocalFree (hMem=0x11eecc8) returned 0x0
[0300.185] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0300.185] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0300.185] LocalFree (hMem=0x11eea98) returned 0x0
[0300.185] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0300.185] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e158) returned 0x0
[0300.185] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e148) returned 0x0
[0300.185] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0300.186] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.186] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0300.186] GetCurrentObject (hdc=0x650107f3, type=0x1) returned 0xb00017
[0300.186] GetCurrentObject (hdc=0x650107f3, type=0x2) returned 0x900010
[0300.186] GetCurrentObject (hdc=0x650107f3, type=0x7) returned 0x4a0507fe
[0300.186] GetCurrentObject (hdc=0x650107f3, type=0x6) returned 0x8a01c2
[0300.186] SaveDC (hdc=0x650107f3) returned 1
[0300.186] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x140407de
[0300.186] GetClipRgn (hdc=0x650107f3, hrgn=0x140407de) returned 0
[0300.186] SelectClipRgn (hdc=0x650107f3, hrgn=0x8d040807) returned 2
[0300.186] DeleteObject (ho=0x140407de) returned 1
[0300.186] DeleteObject (ho=0x8d040807) returned 1
[0300.186] OffsetViewportOrgEx (in: hdc=0x650107f3, x=0, y=0, lppt=0x2e0ce38 | out: lppt=0x2e0ce38) returned 1
[0300.186] IsAppThemed () returned 0x1
[0300.186] GetThemeAppProperties () returned 0x3
[0300.186] GetThemeAppProperties () returned 0x3
[0300.186] DrawThemeBackground () returned 0x0
[0300.186] RestoreDC (hdc=0x650107f3, nSavedDC=-1) returned 1
[0300.186] GdipReleaseDC (graphics=0x6600030, hdc=0x650107f3) returned 0x0
[0300.186] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0300.187] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.187] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0300.187] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0300.187] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e134) returned 0x0
[0300.187] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0300.187] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0300.187] LocalFree (hMem=0x11eecc8) returned 0x0
[0300.187] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0300.187] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0300.187] LocalFree (hMem=0x11ee910) returned 0x0
[0300.187] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0300.187] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0300.187] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0300.187] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0300.187] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.187] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0300.187] GetCurrentObject (hdc=0x650107f3, type=0x1) returned 0xb00017
[0300.187] GetCurrentObject (hdc=0x650107f3, type=0x2) returned 0x900010
[0300.187] GetCurrentObject (hdc=0x650107f3, type=0x7) returned 0x4a0507fe
[0300.187] GetCurrentObject (hdc=0x650107f3, type=0x6) returned 0x8a01c2
[0300.187] SaveDC (hdc=0x650107f3) returned 1
[0300.188] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8e040807
[0300.188] GetClipRgn (hdc=0x650107f3, hrgn=0x8e040807) returned 0
[0300.188] SelectClipRgn (hdc=0x650107f3, hrgn=0x150407de) returned 2
[0300.188] DeleteObject (ho=0x8e040807) returned 1
[0300.188] DeleteObject (ho=0x150407de) returned 1
[0300.188] OffsetViewportOrgEx (in: hdc=0x650107f3, x=0, y=0, lppt=0x2e0d10c | out: lppt=0x2e0d10c) returned 1
[0300.188] IsAppThemed () returned 0x1
[0300.188] GetThemeAppProperties () returned 0x3
[0300.188] GetThemeAppProperties () returned 0x3
[0300.188] GetThemeBackgroundContentRect () returned 0x0
[0300.188] RestoreDC (hdc=0x650107f3, nSavedDC=-1) returned 1
[0300.188] GdipReleaseDC (graphics=0x6600030, hdc=0x650107f3) returned 0x0
[0300.188] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0300.188] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0300.188] GdipFillRectangleI (graphics=0x6600030, brush=0x666a048, x=4, y=4, width=67, height=15) returned 0x0
[0300.188] GdipDeleteBrush (brush=0x666a048) returned 0x0
[0300.188] IsAppThemed () returned 0x1
[0300.188] GetThemeAppProperties () returned 0x3
[0300.188] GetThemeAppProperties () returned 0x3
[0300.188] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0300.188] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0300.188] GetCurrentObject (hdc=0x650107f3, type=0x1) returned 0xb00017
[0300.189] GetCurrentObject (hdc=0x650107f3, type=0x2) returned 0x900010
[0300.189] GetCurrentObject (hdc=0x650107f3, type=0x7) returned 0x4a0507fe
[0300.189] GetCurrentObject (hdc=0x650107f3, type=0x6) returned 0x8a01c2
[0300.189] SaveDC (hdc=0x650107f3) returned 1
[0300.189] GetTextAlign (hdc=0x650107f3) returned 0x0
[0300.189] GetTextColor (hdc=0x650107f3) returned 0x0
[0300.189] GetCurrentObject (hdc=0x650107f3, type=0x6) returned 0x8a01c2
[0300.189] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0300.189] SelectObject (hdc=0x650107f3, h=0x6d0a0520) returned 0x8a01c2
[0300.189] GetBkMode (hdc=0x650107f3) returned 2
[0300.189] SetBkMode (hdc=0x650107f3, mode=1) returned 2
[0300.189] DrawTextExW (in: hdc=0x650107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e0d4d0 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0300.189] DrawTextExW (in: hdc=0x650107f3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e0d4d0 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0300.190] RestoreDC (hdc=0x650107f3, nSavedDC=-1) returned 1
[0300.190] GdipReleaseDC (graphics=0x6600030, hdc=0x650107f3) returned 0x0
[0300.190] GetFocus () returned 0x602c4
[0300.190] IsAppThemed () returned 0x1
[0300.190] GetThemeAppProperties () returned 0x3
[0300.190] GetThemeAppProperties () returned 0x3
[0300.190] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0300.190] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x650107f3, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.190] GdipReleaseDC (graphics=0x6600030, hdc=0x650107f3) returned 0x0
[0300.190] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.191] SelectObject (hdc=0x650107f3, h=0x85000f) returned 0x4a0507fe
[0300.191] DeleteDC (hdc=0x650107f3) returned 1
[0300.191] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.191] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0300.191] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e0d5cc, cPoints=0x1 | out: lpPoints=0x2e0d5cc) returned 40304859
[0300.191] WindowFromPoint (Point=0x10e) returned 0x602c4
[0300.191] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x274010e) returned 0x1
[0300.191] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0300.191] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0300.191] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0300.191] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0300.191] GetSystemMetrics (nIndex=42) returned 0
[0300.191] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0300.191] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0300.193] GetCapture () returned 0x602c4
[0300.193] ReleaseCapture () returned 1
[0300.193] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0300.193] GetProcessWindowStation () returned 0x13c
[0300.193] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.194] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0300.194] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.194] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0300.194] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.194] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0300.194] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.194] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0300.195] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.195] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0300.195] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.195] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0300.195] GetDC (hWnd=0x0) returned 0x107b9
[0300.195] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0300.195] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0300.195] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.196] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0300.196] GetSystemMetrics (nIndex=5) returned 1
[0300.196] GetSystemMetrics (nIndex=6) returned 1
[0300.196] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.196] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0300.196] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.196] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0300.199] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0300.199] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0300.199] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.199] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0300.199] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.199] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0300.201] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e12fe8 | out: lpData=0x2e12fe8) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e133f8, puLen=0xd7e810) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e130a0, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e130f4, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e13174, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e131dc, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1321c, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e132a4, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e132e0, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e13338, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e13368, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e133a4, puLen=0xd7e790) returned 1
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e133f8, puLen=0xd7e784) returned 1
[0300.202] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.202] VerQueryValueW (in: pBlock=0x2e12fe8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e13010, puLen=0xd7e794) returned 1
[0300.203] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0300.203] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0300.203] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.203] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0300.203] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.203] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0300.203] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e14f58 | out: lpData=0x2e14f58) returned 1
[0300.203] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e14ff4, puLen=0xd7e810) returned 1
[0300.203] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1506c, puLen=0xd7e790) returned 1
[0300.203] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1509c, puLen=0xd7e790) returned 1
[0300.203] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e150d8, puLen=0xd7e790) returned 1
[0300.203] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e15108, puLen=0xd7e790) returned 1
[0300.203] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e15150, puLen=0xd7e790) returned 1
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e151c8, puLen=0xd7e790) returned 1
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1520c, puLen=0xd7e790) returned 1
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1524c, puLen=0xd7e790) returned 1
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1504a, puLen=0xd7e790) returned 1
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e15198, puLen=0xd7e790) returned 1
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e14ff4, puLen=0xd7e784) returned 1
[0300.204] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0300.204] VerQueryValueW (in: pBlock=0x2e14f58, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e14f80, puLen=0xd7e794) returned 1
[0300.205] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0300.205] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0300.205] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.205] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0300.205] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.205] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0300.205] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e17230 | out: lpData=0x2e17230) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e17644, puLen=0xd7e810) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e172e8, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1733c, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e17398, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e173f8, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e17450, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e174d8, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1752c, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e17584, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e175b4, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e175f0, puLen=0xd7e790) returned 1
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e17644, puLen=0xd7e784) returned 1
[0300.206] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.206] VerQueryValueW (in: pBlock=0x2e17230, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e17258, puLen=0xd7e794) returned 1
[0300.207] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0300.207] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0300.207] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.207] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0300.207] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.207] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0300.208] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e19868 | out: lpData=0x2e19868) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e19c68, puLen=0xd7e810) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19920, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19974, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e199b4, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19a1c, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19a74, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19afc, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19b50, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19ba8, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19bd8, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e19c14, puLen=0xd7e790) returned 1
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e19c68, puLen=0xd7e784) returned 1
[0300.209] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.209] VerQueryValueW (in: pBlock=0x2e19868, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e19890, puLen=0xd7e794) returned 1
[0300.210] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0300.210] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0300.210] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.210] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0300.210] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.210] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0300.211] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e1bfa4 | out: lpData=0x2e1bfa4) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e1c36c, puLen=0xd7e810) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c05c, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c0b0, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c0f0, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c158, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c194, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c21c, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c254, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c2ac, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c2dc, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1c318, puLen=0xd7e790) returned 1
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e1c36c, puLen=0xd7e784) returned 1
[0300.212] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.212] VerQueryValueW (in: pBlock=0x2e1bfa4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e1bfcc, puLen=0xd7e794) returned 1
[0300.213] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0300.213] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0300.213] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.213] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0300.213] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.213] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0300.214] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e1f60c | out: lpData=0x2e1f60c) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e1f9ec, puLen=0xd7e810) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f6c4, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f718, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f758, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f7b8, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f804, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f88c, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f8d4, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f92c, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f95c, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e1f998, puLen=0xd7e790) returned 1
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e1f9ec, puLen=0xd7e784) returned 1
[0300.215] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.215] VerQueryValueW (in: pBlock=0x2e1f60c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e1f634, puLen=0xd7e794) returned 1
[0300.218] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0300.218] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0300.218] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.218] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0300.218] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.218] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0300.218] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e21e2c | out: lpData=0x2e21e2c) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e22238, puLen=0xd7e810) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21ee4, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21f38, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21f8c, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e21fec, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e22044, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e220cc, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e22120, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e22178, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e221a8, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e221e4, puLen=0xd7e790) returned 1
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.219] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e22238, puLen=0xd7e784) returned 1
[0300.219] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.220] VerQueryValueW (in: pBlock=0x2e21e2c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e21e54, puLen=0xd7e794) returned 1
[0300.220] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0300.220] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0300.220] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.220] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0300.221] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.221] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0300.221] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e24640 | out: lpData=0x2e24640) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e24a18, puLen=0xd7e810) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e246f8, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2474c, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2478c, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e247f4, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24838, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e248c0, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24900, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24958, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e24988, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e249c4, puLen=0xd7e790) returned 1
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e24a18, puLen=0xd7e784) returned 1
[0300.222] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.222] VerQueryValueW (in: pBlock=0x2e24640, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e24668, puLen=0xd7e794) returned 1
[0300.223] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0300.223] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0300.223] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.223] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0300.223] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.223] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0300.224] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e26b98 | out: lpData=0x2e26b98) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e26f70, puLen=0xd7e810) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26c50, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26ca4, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26ce4, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26d4c, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26d90, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26e18, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26e58, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26eb0, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26ee0, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e26f1c, puLen=0xd7e790) returned 1
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e26f70, puLen=0xd7e784) returned 1
[0300.225] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.225] VerQueryValueW (in: pBlock=0x2e26b98, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e26bc0, puLen=0xd7e794) returned 1
[0300.226] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0300.226] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0300.226] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0300.226] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0300.226] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0300.226] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0300.227] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e292d0 | out: lpData=0x2e292d0) returned 1
[0300.227] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e29700, puLen=0xd7e810) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e29388, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e293dc, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e2944c, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e294ac, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e29508, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e29590, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e295e8, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e29640, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e29670, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e296ac, puLen=0xd7e790) returned 1
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e29700, puLen=0xd7e784) returned 1
[0300.228] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0300.228] VerQueryValueW (in: pBlock=0x2e292d0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e292f8, puLen=0xd7e794) returned 1
[0300.228] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0300.229] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.229] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0300.229] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.229] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.229] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3402de
[0300.230] SetWindowLongW (hWnd=0x3402de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0300.230] GetWindowLongW (hWnd=0x3402de, nIndex=-4) returned 1950089536
[0300.230] SetWindowLongW (hWnd=0x3402de, nIndex=-4, dwNewLong=19952550) returned 1950089536
[0300.231] GetWindowLongW (hWnd=0x3402de, nIndex=-4) returned 19952550
[0300.231] GetWindowLongW (hWnd=0x3402de, nIndex=-16) returned 113311744
[0300.231] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0300.231] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0300.231] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0300.232] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0300.232] GetClientRect (in: hWnd=0x3402de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0300.232] GetWindowRect (in: hWnd=0x3402de, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0300.232] SetWindowTextW (hWnd=0x3402de, lpString="WindowsFormsParkingWindow") returned 1
[0300.232] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0xc, wParam=0x0, lParam=0x2dee8c8) returned 0x1
[0300.232] GetParent (hWnd=0x3402de) returned 0x0
[0300.233] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.233] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3402de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2902d0
[0300.233] SetWindowLongW (hWnd=0x2902d0, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0300.233] GetWindowLongW (hWnd=0x2902d0, nIndex=-4) returned 1868147648
[0300.233] SetWindowLongW (hWnd=0x2902d0, nIndex=-4, dwNewLong=19952590) returned 1868147648
[0300.233] GetWindowLongW (hWnd=0x2902d0, nIndex=-4) returned 19952590
[0300.233] GetWindowLongW (hWnd=0x2902d0, nIndex=-16) returned 1174405133
[0300.234] GetWindowLongW (hWnd=0x2902d0, nIndex=-12) returned 0
[0300.234] SetWindowLongW (hWnd=0x2902d0, nIndex=-12, dwNewLong=2687696) returned 0
[0300.234] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0300.234] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0300.234] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0300.235] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0300.235] GetWindowRect (in: hWnd=0x2902d0, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0300.235] GetParent (hWnd=0x2902d0) returned 0x3402de
[0300.235] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3402de, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0300.236] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0300.236] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0300.236] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0300.236] GetWindowRect (in: hWnd=0x2902d0, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0300.236] GetParent (hWnd=0x2902d0) returned 0x3402de
[0300.236] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3402de, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0300.236] SendMessageW (hWnd=0x2902d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2902d0) returned 0x0
[0300.236] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2902d0) returned 0x0
[0300.236] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.236] GetParent (hWnd=0x2902d0) returned 0x3402de
[0300.236] GdipCreateFromHWND (hwnd=0x2902d0, graphics=0xd7e844) returned 0x0
[0300.236] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0300.237] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.237] GetForegroundWindow () returned 0x7005c
[0300.237] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.237] GetSystemMetrics (nIndex=42) returned 0
[0300.237] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0300.237] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.237] GetSystemMetrics (nIndex=42) returned 0
[0300.237] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.237] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0300.238] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.238] GetCursorPos (in: lpPoint=0x2e2d754 | out: lpPoint=0x2e2d754*(x=270, y=628)) returned 1
[0300.238] MonitorFromPoint (pt=0x10e, dwFlags=0x274) returned 0x10001
[0300.238] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0300.238] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x680107f3
[0300.238] GetDeviceCaps (hdc=0x680107f3, index=12) returned 32
[0300.238] GetDeviceCaps (hdc=0x680107f3, index=14) returned 1
[0300.238] DeleteDC (hdc=0x680107f3) returned 1
[0300.238] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0300.239] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0300.239] GetSystemMetrics (nIndex=59) returned 1460
[0300.239] GetSystemMetrics (nIndex=60) returned 920
[0300.239] GetSystemMetrics (nIndex=34) returned 136
[0300.239] GetSystemMetrics (nIndex=35) returned 39
[0300.239] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.239] GetCursorPos (in: lpPoint=0x2e2d9c0 | out: lpPoint=0x2e2d9c0*(x=270, y=628)) returned 1
[0300.239] MonitorFromPoint (pt=0x10e, dwFlags=0x274) returned 0x10001
[0300.239] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0300.239] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x690107f3
[0300.239] GetDeviceCaps (hdc=0x690107f3, index=12) returned 32
[0300.239] GetDeviceCaps (hdc=0x690107f3, index=14) returned 1
[0300.239] DeleteDC (hdc=0x690107f3) returned 1
[0300.240] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0300.240] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0300.240] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.240] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0300.240] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e2dc58 | out: piconinfo=0x2e2dc58) returned 1
[0300.240] GetObjectW (in: h=0x930507ec, c=24, pv=0x2e2dc74 | out: pv=0x2e2dc74) returned 24
[0300.241] GdipCreateBitmapFromHBITMAP (hbm=0x930507ec, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0300.241] GdipGetImageWidth (image=0x664f790, width=0xd7e750) returned 0x0
[0300.241] GdipGetImageHeight (image=0x664f790, height=0xd7e748) returned 0x0
[0300.241] GdipGetImagePixelFormat (image=0x664f790, format=0xd7e740) returned 0x0
[0300.241] GdipBitmapLockBits (bitmap=0x664f790, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e2dd2c) returned 0x0
[0300.241] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0300.241] GdipBitmapLockBits (bitmap=0x664fe20, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e2dd64) returned 0x0
[0300.241] RtlMoveMemory (in: Destination=0x6659f20, Source=0x6660ed0, Length=0x80 | out: Destination=0x6659f20)
[0300.241] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x6660e50, Length=0x80 | out: Destination=0x6659fa0)
[0300.242] RtlMoveMemory (in: Destination=0x665a020, Source=0x6660dd0, Length=0x80 | out: Destination=0x665a020)
[0300.242] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x6660d50, Length=0x80 | out: Destination=0x665a0a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a120, Source=0x6660cd0, Length=0x80 | out: Destination=0x665a120)
[0300.242] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x6660c50, Length=0x80 | out: Destination=0x665a1a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a220, Source=0x6660bd0, Length=0x80 | out: Destination=0x665a220)
[0300.242] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x6660b50, Length=0x80 | out: Destination=0x665a2a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a320, Source=0x6660ad0, Length=0x80 | out: Destination=0x665a320)
[0300.242] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x6660a50, Length=0x80 | out: Destination=0x665a3a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a420, Source=0x66609d0, Length=0x80 | out: Destination=0x665a420)
[0300.242] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x6660950, Length=0x80 | out: Destination=0x665a4a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a520, Source=0x66608d0, Length=0x80 | out: Destination=0x665a520)
[0300.242] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x6660850, Length=0x80 | out: Destination=0x665a5a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a620, Source=0x66607d0, Length=0x80 | out: Destination=0x665a620)
[0300.242] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x6660750, Length=0x80 | out: Destination=0x665a6a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a720, Source=0x66606d0, Length=0x80 | out: Destination=0x665a720)
[0300.242] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x6660650, Length=0x80 | out: Destination=0x665a7a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a820, Source=0x66605d0, Length=0x80 | out: Destination=0x665a820)
[0300.242] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x6660550, Length=0x80 | out: Destination=0x665a8a0)
[0300.242] RtlMoveMemory (in: Destination=0x665a920, Source=0x66604d0, Length=0x80 | out: Destination=0x665a920)
[0300.242] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x6660450, Length=0x80 | out: Destination=0x665a9a0)
[0300.243] RtlMoveMemory (in: Destination=0x665aa20, Source=0x66603d0, Length=0x80 | out: Destination=0x665aa20)
[0300.243] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x6660350, Length=0x80 | out: Destination=0x665aaa0)
[0300.243] RtlMoveMemory (in: Destination=0x665ab20, Source=0x66602d0, Length=0x80 | out: Destination=0x665ab20)
[0300.243] RtlMoveMemory (in: Destination=0x665aba0, Source=0x6660250, Length=0x80 | out: Destination=0x665aba0)
[0300.243] RtlMoveMemory (in: Destination=0x665ac20, Source=0x66601d0, Length=0x80 | out: Destination=0x665ac20)
[0300.243] RtlMoveMemory (in: Destination=0x665aca0, Source=0x6660150, Length=0x80 | out: Destination=0x665aca0)
[0300.243] RtlMoveMemory (in: Destination=0x665ad20, Source=0x66600d0, Length=0x80 | out: Destination=0x665ad20)
[0300.243] RtlMoveMemory (in: Destination=0x665ada0, Source=0x6660050, Length=0x80 | out: Destination=0x665ada0)
[0300.243] RtlMoveMemory (in: Destination=0x665ae20, Source=0x665ffd0, Length=0x80 | out: Destination=0x665ae20)
[0300.243] RtlMoveMemory (in: Destination=0x665aea0, Source=0x665ff50, Length=0x80 | out: Destination=0x665aea0)
[0300.243] GdipBitmapUnlockBits (bitmap=0x664f790, lockedBitmapData=0x2e2dd2c) returned 0x0
[0300.243] GdipBitmapUnlockBits (bitmap=0x664fe20, lockedBitmapData=0x2e2dd64) returned 0x0
[0300.243] GdipDisposeImage (image=0x664f790) returned 0x0
[0300.243] DeleteObject (ho=0x930507ec) returned 1
[0300.243] DeleteObject (ho=0x6a0507f3) returned 1
[0300.243] GetCurrentThreadId () returned 0xf50
[0300.243] GetCurrentThreadId () returned 0xf50
[0300.243] SetWindowPos (hWnd=0x2902d0, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0300.244] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0300.244] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0300.244] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0300.244] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0300.244] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0300.244] GetWindowRect (in: hWnd=0x2902d0, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0300.244] GetParent (hWnd=0x2902d0) returned 0x3402de
[0300.244] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3402de, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0300.244] InvalidateRect (hWnd=0x2902d0, lpRect=0x0, bErase=1) returned 1
[0300.244] GetWindowTextLengthW (hWnd=0x2902d0) returned 0
[0300.244] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0300.244] GetSystemMetrics (nIndex=42) returned 0
[0300.244] GetWindowTextW (in: hWnd=0x2902d0, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0300.244] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0300.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0300.245] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0300.245] GetWindowRect (in: hWnd=0x2902d0, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0300.245] GetParent (hWnd=0x2902d0) returned 0x3402de
[0300.245] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3402de, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0300.245] GetWindowTextLengthW (hWnd=0x2902d0) returned 0
[0300.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0300.245] GetSystemMetrics (nIndex=42) returned 0
[0300.245] GetWindowTextW (in: hWnd=0x2902d0, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0300.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0300.245] GetWindowTextLengthW (hWnd=0x2902d0) returned 0
[0300.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0300.245] GetSystemMetrics (nIndex=42) returned 0
[0300.245] GetWindowTextW (in: hWnd=0x2902d0, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0300.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0300.245] SetWindowTextW (hWnd=0x2902d0, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0300.245] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xc, wParam=0x0, lParam=0x2e0ebc0) returned 0x1
[0300.245] InvalidateRect (hWnd=0x2902d0, lpRect=0x0, bErase=1) returned 1
[0300.245] GetCurrentThreadId () returned 0xf50
[0300.245] GetWindowThreadProcessId (in: hWnd=0x2902d0, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0300.246] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0300.247] GdipImageForceValidation (image=0x6652238) returned 0x0
[0300.249] GdipGetImageRawFormat (image=0x6652238, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0300.249] GdipGetImageHeight (image=0x6652238, height=0xd7e824) returned 0x0
[0300.249] GdipGetImageWidth (image=0x6652238, width=0xd7e824) returned 0x0
[0300.249] GdipGetImageWidth (image=0x6652238, width=0xd7e810) returned 0x0
[0300.249] GdipGetImageHeight (image=0x6652238, height=0xd7e810) returned 0x0
[0300.249] GdipGetImageWidth (image=0x6652238, width=0xd7e800) returned 0x0
[0300.249] GdipGetImageHeight (image=0x6652238, height=0xd7e800) returned 0x0
[0300.249] GdipBitmapGetPixel (bitmap=0x6652238, x=0, y=15, color=0xd7e810) returned 0x0
[0300.249] GdipGetImageRawFormat (image=0x6652238, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0300.250] GdipGetImageWidth (image=0x6652238, width=0xd7e740) returned 0x0
[0300.250] GdipGetImageHeight (image=0x6652238, height=0xd7e740) returned 0x0
[0300.250] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0300.250] GdipGetImagePixelFormat (image=0x664f790, format=0xd7e740) returned 0x0
[0300.250] GdipGetImageGraphicsContext (image=0x664f790, graphics=0xd7e74c) returned 0x0
[0300.250] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0300.250] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0300.250] GdipSetImageAttributesColorKeys (imageattr=0x6638ba8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0300.250] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6652238, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ba8, callback=0x0, callbackData=0x0) returned 0x0
[0300.250] GdipDisposeImageAttributes (imageattr=0x6638ba8) returned 0x0
[0300.250] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.250] GdipDisposeImage (image=0x6652238) returned 0x0
[0300.251] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0300.251] GdipImageForceValidation (image=0x6652238) returned 0x0
[0300.253] GdipGetImageRawFormat (image=0x6652238, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0300.253] GdipGetImageHeight (image=0x6652238, height=0xd7e824) returned 0x0
[0300.253] GdipGetImageWidth (image=0x6652238, width=0xd7e824) returned 0x0
[0300.253] GdipGetImageWidth (image=0x6652238, width=0xd7e810) returned 0x0
[0300.253] GdipGetImageHeight (image=0x6652238, height=0xd7e810) returned 0x0
[0300.253] GdipGetImageWidth (image=0x6652238, width=0xd7e800) returned 0x0
[0300.253] GdipGetImageHeight (image=0x6652238, height=0xd7e800) returned 0x0
[0300.253] GdipBitmapGetPixel (bitmap=0x6652238, x=0, y=15, color=0xd7e810) returned 0x0
[0300.253] GdipGetImageRawFormat (image=0x6652238, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0300.253] GdipGetImageWidth (image=0x6652238, width=0xd7e740) returned 0x0
[0300.253] GdipGetImageHeight (image=0x6652238, height=0xd7e740) returned 0x0
[0300.253] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0300.253] GdipGetImagePixelFormat (image=0x6650168, format=0xd7e740) returned 0x0
[0300.253] GdipGetImageGraphicsContext (image=0x6650168, graphics=0xd7e74c) returned 0x0
[0300.253] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0300.253] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0300.253] GdipSetImageAttributesColorKeys (imageattr=0x6638ab8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0300.253] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6652238, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ab8, callback=0x0, callbackData=0x0) returned 0x0
[0300.254] GdipDisposeImageAttributes (imageattr=0x6638ab8) returned 0x0
[0300.254] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.254] GdipDisposeImage (image=0x6652238) returned 0x0
[0300.254] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.254] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0300.254] GetCurrentThreadId () returned 0xf50
[0300.254] GetCurrentThreadId () returned 0xf50
[0300.255] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.255] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0300.255] GetCurrentThreadId () returned 0xf50
[0300.255] GetCurrentThreadId () returned 0xf50
[0300.255] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.255] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0300.255] GetCurrentThreadId () returned 0xf50
[0300.255] GetCurrentThreadId () returned 0xf50
[0300.255] GetSystemMetrics (nIndex=5) returned 1
[0300.255] GetSystemMetrics (nIndex=6) returned 1
[0300.255] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.255] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0300.256] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.256] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0300.256] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.256] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0300.256] GetCurrentThreadId () returned 0xf50
[0300.256] GetCurrentThreadId () returned 0xf50
[0300.256] GetProcessWindowStation () returned 0x13c
[0300.256] GetCapture () returned 0x0
[0300.256] GetActiveWindow () returned 0x7005c
[0300.256] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0300.256] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.257] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0300.257] GetCursorPos (in: lpPoint=0x2e2eea4 | out: lpPoint=0x2e2eea4*(x=270, y=628)) returned 1
[0300.257] MonitorFromPoint (pt=0x10d, dwFlags=0x274) returned 0x10001
[0300.257] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0300.257] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x6b0107f3
[0300.257] GetDeviceCaps (hdc=0x6b0107f3, index=12) returned 32
[0300.257] GetDeviceCaps (hdc=0x6b0107f3, index=14) returned 1
[0300.257] DeleteDC (hdc=0x6b0107f3) returned 1
[0300.257] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0300.257] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.257] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3700ea
[0300.258] SetWindowLongW (hWnd=0x3700ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0300.258] GetWindowLongW (hWnd=0x3700ea, nIndex=-4) returned 1950089536
[0300.258] SetWindowLongW (hWnd=0x3700ea, nIndex=-4, dwNewLong=19951950) returned 1950089536
[0300.258] GetWindowLongW (hWnd=0x3700ea, nIndex=-4) returned 19951950
[0300.258] GetWindowLongW (hWnd=0x3700ea, nIndex=-16) returned 113770496
[0300.258] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0300.259] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0300.260] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0300.260] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0300.260] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0300.261] SetWindowTextW (hWnd=0x3700ea, lpString="BB ransomware") returned 1
[0300.261] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xc, wParam=0x0, lParam=0x2e2d640) returned 0x1
[0300.262] GetStartupInfoW (in: lpStartupInfo=0x2e2f1e0 | out: lpStartupInfo=0x2e2f1e0*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0300.263] GetParent (hWnd=0x3700ea) returned 0x0
[0300.263] SetWindowLongW (hWnd=0x3700ea, nIndex=-8, dwNewLong=0) returned 0
[0300.265] SendMessageW (hWnd=0x3700ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0300.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0300.265] SendMessageW (hWnd=0x3700ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0300.265] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0300.265] GetSystemMenu (hWnd=0x3700ea, bRevert=0) returned 0xc002a1
[0300.266] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0300.266] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0300.266] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0300.266] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0300.266] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0300.266] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0300.266] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0300.266] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0300.266] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0300.266] SetWindowPos (hWnd=0x3700ea, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0300.266] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0300.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3700ea) returned 0x1
[0300.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0300.270] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0300.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.271] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.272] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.273] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3700ea, lParam=0x0) returned 0x0
[0300.273] GetCapture () returned 0x0
[0300.273] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0300.274] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0300.276] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0300.278] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.278] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0300.282] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.282] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0300.283] GetParent (hWnd=0x3700ea) returned 0x0
[0300.283] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.283] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0300.285] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0300.285] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0300.285] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0300.285] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0300.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.288] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.289] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.289] GetWindowLongW (hWnd=0x3700ea, nIndex=-16) returned 113770496
[0300.289] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.289] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.290] GetSystemMetrics (nIndex=42) returned 0
[0300.290] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0300.290] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.290] GetSystemMetrics (nIndex=42) returned 0
[0300.290] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.290] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0300.290] GetCursorPos (in: lpPoint=0x2e2f41c | out: lpPoint=0x2e2f41c*(x=270, y=628)) returned 1
[0300.290] MonitorFromPoint (pt=0x10e, dwFlags=0x274) returned 0x10001
[0300.290] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0300.290] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xad0107bb
[0300.290] GetDeviceCaps (hdc=0xad0107bb, index=12) returned 32
[0300.290] GetDeviceCaps (hdc=0xad0107bb, index=14) returned 1
[0300.290] DeleteDC (hdc=0xad0107bb) returned 1
[0300.291] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0300.291] GetWindowLongW (hWnd=0x3700ea, nIndex=-16) returned 113770496
[0300.291] GetWindowLongW (hWnd=0x3700ea, nIndex=-20) returned 327945
[0300.291] SetWindowLongW (hWnd=0x3700ea, nIndex=-16, dwNewLong=46661632) returned 113770496
[0300.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0300.291] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0300.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.293] SetWindowLongW (hWnd=0x3700ea, nIndex=-20, dwNewLong=327681) returned 327945
[0300.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0300.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0300.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.303] SetWindowPos (hWnd=0x3700ea, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0300.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0300.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0300.304] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0300.304] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0300.304] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0300.304] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0300.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.305] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.306] RedrawWindow (hWnd=0x3700ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0300.306] GetSystemMenu (hWnd=0x3700ea, bRevert=0) returned 0xc002a1
[0300.306] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0300.306] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0300.306] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0300.306] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0300.306] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0300.306] EnableMenuItem (hMenu=0xc002a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0300.306] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0300.306] GetWindowLongW (hWnd=0x3700ea, nIndex=-8) returned 0
[0300.306] SetWindowLongW (hWnd=0x3700ea, nIndex=-8, dwNewLong=458844) returned 0
[0300.307] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0300.307] GetProcessWindowStation () returned 0x13c
[0300.307] GetCurrentThreadId () returned 0xf50
[0300.307] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1307176, lParam=0x0) returned 1
[0300.307] IsWindowVisible (hWnd=0x3700ea) returned 0
[0300.307] IsWindowVisible (hWnd=0x7005c) returned 1
[0300.307] IsWindowEnabled (hWnd=0x7005c) returned 1
[0300.307] IsWindowVisible (hWnd=0x300ec) returned 0
[0300.307] IsWindowVisible (hWnd=0x502c6) returned 0
[0300.307] IsWindowVisible (hWnd=0x502be) returned 0
[0300.308] GetActiveWindow () returned 0x3700ea
[0300.308] GetFocus () returned 0x3700ea
[0300.308] IsWindow (hWnd=0x7005c) returned 1
[0300.308] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0300.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0300.308] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0300.308] GetWindowLongW (hWnd=0x3700ea, nIndex=-8) returned 458844
[0300.308] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0300.308] GetCurrentThreadId () returned 0xf50
[0300.309] GetWindowLongW (hWnd=0x3700ea, nIndex=-8) returned 458844
[0300.309] IsWindowEnabled (hWnd=0x7005c) returned 0
[0300.309] IsWindowEnabled (hWnd=0x3700ea) returned 1
[0300.309] ShowWindow (hWnd=0x3700ea, nCmdShow=5) returned 0
[0300.309] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.309] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0300.309] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.309] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.310] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3700ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e02c8
[0300.310] SetWindowLongW (hWnd=0x2e02c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0300.310] GetWindowLongW (hWnd=0x2e02c8, nIndex=-4) returned 1950089536
[0300.311] SetWindowLongW (hWnd=0x2e02c8, nIndex=-4, dwNewLong=19948238) returned 1950089536
[0300.311] GetWindowLongW (hWnd=0x2e02c8, nIndex=-4) returned 19948238
[0300.311] GetWindowLongW (hWnd=0x2e02c8, nIndex=-16) returned 1174405120
[0300.311] GetWindowLongW (hWnd=0x2e02c8, nIndex=-12) returned 0
[0300.311] SetWindowLongW (hWnd=0x2e02c8, nIndex=-12, dwNewLong=3015368) returned 0
[0300.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0300.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0300.311] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0300.311] GetWindow (hWnd=0x2e02c8, uCmd=0x3) returned 0x0
[0300.311] GetClientRect (in: hWnd=0x2e02c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0300.311] GetWindowRect (in: hWnd=0x2e02c8, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0300.311] GetParent (hWnd=0x2e02c8) returned 0x3700ea
[0300.311] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0300.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0300.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0300.312] GetClientRect (in: hWnd=0x2e02c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0300.312] GetWindowRect (in: hWnd=0x2e02c8, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0300.312] GetParent (hWnd=0x2e02c8) returned 0x3700ea
[0300.312] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0300.312] SendMessageW (hWnd=0x2e02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2e02c8) returned 0x0
[0300.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2e02c8) returned 0x0
[0300.312] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.313] GetParent (hWnd=0x2e02c8) returned 0x3700ea
[0300.313] GetParent (hWnd=0x2902d0) returned 0x3402de
[0300.313] SetParent (hWndChild=0x2902d0, hWndNewParent=0x3700ea) returned 0x3402de
[0300.313] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0300.313] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0300.313] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0300.314] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0300.314] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0300.314] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0300.314] GetWindowRect (in: hWnd=0x2902d0, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0300.314] GetParent (hWnd=0x2902d0) returned 0x3700ea
[0300.314] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0300.314] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0300.314] GetWindowRect (in: hWnd=0x2902d0, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0300.314] GetParent (hWnd=0x2902d0) returned 0x3700ea
[0300.314] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0300.314] GetParent (hWnd=0x2902d0) returned 0x3700ea
[0300.314] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.314] GetWindow (hWnd=0x2902d0, uCmd=0x3) returned 0x0
[0300.314] SetWindowPos (hWnd=0x2902d0, hWndInsertAfter=0x2e02c8, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0300.315] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0300.315] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0300.315] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0300.315] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0300.315] GetWindowRect (in: hWnd=0x2902d0, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0300.315] GetParent (hWnd=0x2902d0) returned 0x3700ea
[0300.315] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0300.316] GetParent (hWnd=0x2902d0) returned 0x3700ea
[0300.316] GetWindow (hWnd=0x2902d0, uCmd=0x3) returned 0x2e02c8
[0300.316] GetWindowThreadProcessId (in: hWnd=0x2902d0, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0300.316] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0300.316] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.316] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.316] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3700ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3602d8
[0300.317] SetWindowLongW (hWnd=0x3602d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0300.317] GetWindowLongW (hWnd=0x3602d8, nIndex=-4) returned 1868032000
[0300.317] SetWindowLongW (hWnd=0x3602d8, nIndex=-4, dwNewLong=19947958) returned 1868032000
[0300.317] GetWindowLongW (hWnd=0x3602d8, nIndex=-4) returned 19947958
[0300.317] GetWindowLongW (hWnd=0x3602d8, nIndex=-16) returned 1174470667
[0300.317] GetWindowLongW (hWnd=0x3602d8, nIndex=-12) returned 0
[0300.317] SetWindowLongW (hWnd=0x3602d8, nIndex=-12, dwNewLong=3539672) returned 0
[0300.317] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0300.318] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0300.318] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0300.319] SendMessageW (hWnd=0x3602d8, Msg=0x2055, wParam=0x3602d8, lParam=0x3) returned 0x2
[0300.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0300.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0300.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0300.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0300.319] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0300.319] RedrawWindow (hWnd=0x2e02c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0300.319] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0300.319] RedrawWindow (hWnd=0x2902d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0300.319] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0300.319] RedrawWindow (hWnd=0x3602d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0300.319] RedrawWindow (hWnd=0x3700ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0300.320] GetWindow (hWnd=0x3602d8, uCmd=0x3) returned 0x2902d0
[0300.320] GetClientRect (in: hWnd=0x3602d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0300.320] GetWindowRect (in: hWnd=0x3602d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0300.320] GetParent (hWnd=0x3602d8) returned 0x3700ea
[0300.320] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0300.320] SetWindowTextW (hWnd=0x3602d8, lpString="&Details") returned 1
[0300.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0300.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0300.320] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0300.320] GetClientRect (in: hWnd=0x3602d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0300.320] GetWindowRect (in: hWnd=0x3602d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0300.320] GetParent (hWnd=0x3602d8) returned 0x3700ea
[0300.321] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0300.321] SendMessageW (hWnd=0x3602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3602d8) returned 0x0
[0300.321] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3602d8) returned 0x0
[0300.321] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.321] GetParent (hWnd=0x3602d8) returned 0x3700ea
[0300.321] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0300.321] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.322] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.322] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3700ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3402da
[0300.322] SetWindowLongW (hWnd=0x3402da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0300.322] GetWindowLongW (hWnd=0x3402da, nIndex=-4) returned 1868032000
[0300.322] SetWindowLongW (hWnd=0x3402da, nIndex=-4, dwNewLong=19948038) returned 1868032000
[0300.322] GetWindowLongW (hWnd=0x3402da, nIndex=-4) returned 19948038
[0300.322] GetWindowLongW (hWnd=0x3402da, nIndex=-16) returned 1174470667
[0300.322] GetWindowLongW (hWnd=0x3402da, nIndex=-12) returned 0
[0300.322] SetWindowLongW (hWnd=0x3402da, nIndex=-12, dwNewLong=3408602) returned 0
[0300.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0300.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0300.323] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0300.324] SendMessageW (hWnd=0x3402da, Msg=0x2055, wParam=0x3402da, lParam=0x3) returned 0x2
[0300.324] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0300.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0300.324] GetWindow (hWnd=0x3402da, uCmd=0x3) returned 0x3602d8
[0300.324] GetClientRect (in: hWnd=0x3402da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0300.324] GetWindowRect (in: hWnd=0x3402da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0300.324] GetParent (hWnd=0x3402da) returned 0x3700ea
[0300.324] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0300.324] SetWindowTextW (hWnd=0x3402da, lpString="&Continue") returned 1
[0300.324] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0300.325] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0300.325] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0300.325] GetClientRect (in: hWnd=0x3402da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0300.325] GetWindowRect (in: hWnd=0x3402da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0300.325] GetParent (hWnd=0x3402da) returned 0x3700ea
[0300.325] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0300.325] SendMessageW (hWnd=0x3402da, Msg=0x2210, wParam=0x2da0001, lParam=0x3402da) returned 0x0
[0300.325] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x2210, wParam=0x2da0001, lParam=0x3402da) returned 0x0
[0300.325] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.326] GetParent (hWnd=0x3402da) returned 0x3700ea
[0300.326] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0300.326] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.326] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.326] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3700ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a02ce
[0300.327] SetWindowLongW (hWnd=0x2a02ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0300.327] GetWindowLongW (hWnd=0x2a02ce, nIndex=-4) returned 1868032000
[0300.327] SetWindowLongW (hWnd=0x2a02ce, nIndex=-4, dwNewLong=19946918) returned 1868032000
[0300.327] GetWindowLongW (hWnd=0x2a02ce, nIndex=-4) returned 19946918
[0300.327] GetWindowLongW (hWnd=0x2a02ce, nIndex=-16) returned 1174470667
[0300.327] GetWindowLongW (hWnd=0x2a02ce, nIndex=-12) returned 0
[0300.327] SetWindowLongW (hWnd=0x2a02ce, nIndex=-12, dwNewLong=2753230) returned 0
[0300.327] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0300.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0300.328] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0300.329] SendMessageW (hWnd=0x2a02ce, Msg=0x2055, wParam=0x2a02ce, lParam=0x3) returned 0x2
[0300.329] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0300.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0300.329] GetWindow (hWnd=0x2a02ce, uCmd=0x3) returned 0x3402da
[0300.329] GetClientRect (in: hWnd=0x2a02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0300.329] GetWindowRect (in: hWnd=0x2a02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0300.329] GetParent (hWnd=0x2a02ce) returned 0x3700ea
[0300.329] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0300.329] SetWindowTextW (hWnd=0x2a02ce, lpString="&Quit") returned 1
[0300.329] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0300.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0300.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0300.330] GetClientRect (in: hWnd=0x2a02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0300.330] GetWindowRect (in: hWnd=0x2a02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0300.330] GetParent (hWnd=0x2a02ce) returned 0x3700ea
[0300.330] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0300.330] SendMessageW (hWnd=0x2a02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2a02ce) returned 0x0
[0300.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2a02ce) returned 0x0
[0300.330] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.331] GetParent (hWnd=0x2a02ce) returned 0x3700ea
[0300.331] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0300.331] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.331] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0300.331] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3700ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3402dc
[0300.331] SetWindowLongW (hWnd=0x3402dc, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0300.332] GetWindowLongW (hWnd=0x3402dc, nIndex=-4) returned 1868026976
[0300.332] SetWindowLongW (hWnd=0x3402dc, nIndex=-4, dwNewLong=19947558) returned 1868026976
[0300.332] GetWindowLongW (hWnd=0x3402dc, nIndex=-4) returned 19947558
[0300.332] GetWindowLongW (hWnd=0x3402dc, nIndex=-16) returned 1177553092
[0300.332] GetWindowLongW (hWnd=0x3402dc, nIndex=-12) returned 0
[0300.332] SetWindowLongW (hWnd=0x3402dc, nIndex=-12, dwNewLong=3408604) returned 0
[0300.332] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0300.333] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0300.334] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0300.348] GetWindow (hWnd=0x3402dc, uCmd=0x3) returned 0x2a02ce
[0300.348] GetClientRect (in: hWnd=0x3402dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0300.348] GetWindowRect (in: hWnd=0x3402dc, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0300.348] GetParent (hWnd=0x3402dc) returned 0x3700ea
[0300.348] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0300.349] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.349] GetSystemMetrics (nIndex=42) returned 0
[0300.349] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0300.349] SendMessageW (hWnd=0x3402dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0300.349] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0300.357] SetWindowTextW (hWnd=0x3402dc, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0300.357] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0xc, wParam=0x0, lParam=0x2e2b028) returned 0x1
[0300.359] GetSystemMetrics (nIndex=5) returned 1
[0300.359] GetSystemMetrics (nIndex=6) returned 1
[0300.359] SendMessageW (hWnd=0x3402dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0300.359] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0300.359] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0300.360] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0300.360] GetClientRect (in: hWnd=0x3402dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0300.360] GetWindowRect (in: hWnd=0x3402dc, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0300.360] GetParent (hWnd=0x3402dc) returned 0x3700ea
[0300.360] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3700ea, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0300.360] SendMessageW (hWnd=0x3402dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3402dc) returned 0x0
[0300.360] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3402dc) returned 0x0
[0300.360] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0300.361] GetParent (hWnd=0x3402dc) returned 0x3700ea
[0300.361] GetWindowLongW (hWnd=0x3700ea, nIndex=-8) returned 458844
[0300.361] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0300.361] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0300.361] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xb010693
[0300.361] GetDeviceCaps (hdc=0xb010693, index=12) returned 32
[0300.361] GetDeviceCaps (hdc=0xb010693, index=14) returned 1
[0300.361] DeleteDC (hdc=0xb010693) returned 1
[0300.361] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0300.361] GetWindowThreadProcessId (in: hWnd=0x3700ea, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0300.361] GetCurrentThreadId () returned 0xf50
[0300.361] PostMessageW (hWnd=0x3700ea, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0300.361] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.361] GetSystemMetrics (nIndex=42) returned 0
[0300.361] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.361] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0300.362] GdipImageGetFrameDimensionsCount (image=0x664fe20, count=0xd7e25c) returned 0x0
[0300.362] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12009e0
[0300.362] GdipImageGetFrameDimensionsList (image=0x664fe20, dimensionIDs=0x12009e0*(Data1=0x12009c8, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0300.362] LocalFree (hMem=0x12009e0) returned 0x0
[0300.362] GdipImageGetFrameDimensionsCount (image=0x664f790, count=0xd7e250) returned 0x0
[0300.362] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12009e0
[0300.362] GdipImageGetFrameDimensionsList (image=0x664f790, dimensionIDs=0x12009e0*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0300.362] LocalFree (hMem=0x12009e0) returned 0x0
[0300.362] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0300.363] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0300.363] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0300.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0300.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.377] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0300.377] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0300.378] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.378] GetSystemMetrics (nIndex=42) returned 0
[0300.378] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0300.378] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0300.378] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0300.378] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0300.378] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x690507d3
[0300.378] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0300.378] SaveDC (hdc=0x10105d6) returned 1
[0300.378] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0300.378] CreateSolidBrush (color=0xf0f0f0) returned 0x5b1007e1
[0300.378] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x5b1007e1) returned 1
[0300.378] DeleteObject (ho=0x5b1007e1) returned 1
[0300.378] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0300.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0300.379] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0300.379] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0300.379] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0300.379] GetStockObject (i=5) returned 0x900015
[0300.379] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0300.379] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0300.379] GetStockObject (i=5) returned 0x900015
[0300.380] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0300.380] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0300.380] GetStockObject (i=5) returned 0x900015
[0300.380] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0300.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0300.380] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0300.380] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0300.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0300.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0300.383] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0300.383] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0300.383] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.383] InvalidateRect (hWnd=0x3602d8, lpRect=0x0, bErase=0) returned 1
[0300.383] GetFocus () returned 0x3700ea
[0300.383] GetFocus () returned 0x3700ea
[0300.383] SetFocus (hWnd=0x3602d8) returned 0x3700ea
[0300.384] GetFocus () returned 0x3602d8
[0300.384] IsChild (hWndParent=0x3700ea, hWnd=0x3602d8) returned 1
[0300.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x8, wParam=0x3602d8, lParam=0x0) returned 0x0
[0300.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0300.386] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0300.387] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x7, wParam=0x3700ea, lParam=0x0) returned 0x0
[0300.387] GetStockObject (i=5) returned 0x900015
[0300.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0300.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0xd, wParam=0x9, lParam=0x11f5760) returned 0x8
[0300.387] GetDlgItem (hDlg=0x3700ea, nIDDlgItem=3539672) returned 0x3602d8
[0300.387] SendMessageW (hWnd=0x3602d8, Msg=0x202b, wParam=0x3602d8, lParam=0xd7e0dc) returned 0x0
[0300.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x202b, wParam=0x3602d8, lParam=0xd7e0dc) returned 0x0
[0300.417] InvalidateRect (hWnd=0x3602d8, lpRect=0x0, bErase=0) returned 1
[0300.422] GetFocus () returned 0x3602d8
[0300.422] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.422] IsWindowUnicode (hWnd=0x3700ea) returned 1
[0300.422] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.423] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.423] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0300.423] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.423] IsWindowUnicode (hWnd=0x3700ea) returned 1
[0300.423] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.423] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.423] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.423] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.423] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0300.424] IsWindowUnicode (hWnd=0x3700ea) returned 1
[0300.424] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.424] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.424] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.424] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.424] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.424] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.424] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.424] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.424] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0300.424] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0300.424] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.425] IsWindowUnicode (hWnd=0x3700ea) returned 1
[0300.425] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.425] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.425] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.425] BeginPaint (in: hWnd=0x3700ea, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0300.425] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.425] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.425] GetSystemMetrics (nIndex=42) returned 0
[0300.425] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.425] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0300.425] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.425] EndPaint (hWnd=0x3700ea, lpPaint=0xd7e274) returned 1
[0300.426] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.426] IsWindowUnicode (hWnd=0x2e02c8) returned 1
[0300.426] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.426] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.426] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.426] BeginPaint (in: hWnd=0x2e02c8, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x107b9
[0300.426] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.426] CreateCompatibleDC (hdc=0x107b9) returned 0xb70107bb
[0300.426] SelectObject (hdc=0xb70107bb, h=0x4a0507fe) returned 0x85000f
[0300.426] GdipCreateFromHDC (hdc=0xb70107bb, graphics=0xd7e2b0) returned 0x0
[0300.426] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.426] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0300.426] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0300.426] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0300.426] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e310) returned 0x0
[0300.427] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.427] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0300.427] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.427] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0300.427] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0300.427] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.427] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e304) returned 0x0
[0300.427] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0300.427] GetWindowTextLengthW (hWnd=0x2e02c8) returned 0
[0300.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0300.427] GetSystemMetrics (nIndex=42) returned 0
[0300.427] GetWindowTextW (in: hWnd=0x2e02c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0300.427] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0300.427] GetClientRect (in: hWnd=0x2e02c8, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0300.427] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0300.427] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0300.427] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0300.427] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0300.427] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e164) returned 0x0
[0300.427] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.427] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0300.427] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.427] GdipCombineRegionRegion (region=0x6645488, region2=0x6646d48, combineMode=0x1) returned 0x0
[0300.428] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.428] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0300.428] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.428] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0300.428] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0300.428] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0300.428] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0300.428] GdipDeleteRegion (region=0x6645488) returned 0x0
[0300.428] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0300.428] GetCurrentObject (hdc=0xb70107bb, type=0x1) returned 0xb00017
[0300.428] GetCurrentObject (hdc=0xb70107bb, type=0x2) returned 0x900010
[0300.428] GetCurrentObject (hdc=0xb70107bb, type=0x7) returned 0x4a0507fe
[0300.428] GetCurrentObject (hdc=0xb70107bb, type=0x6) returned 0x8a01c2
[0300.428] SaveDC (hdc=0xb70107bb) returned 1
[0300.428] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x160407de
[0300.428] GetClipRgn (hdc=0xb70107bb, hrgn=0x160407de) returned 0
[0300.428] SelectClipRgn (hdc=0xb70107bb, hrgn=0x91040807) returned 2
[0300.428] DeleteObject (ho=0x160407de) returned 1
[0300.428] DeleteObject (ho=0x91040807) returned 1
[0300.428] OffsetViewportOrgEx (in: hdc=0xb70107bb, x=0, y=0, lppt=0x2e30b88 | out: lppt=0x2e30b88) returned 1
[0300.429] GetNearestColor (hdc=0xb70107bb, color=0xf0f0f0) returned 0xf0f0f0
[0300.429] CreateSolidBrush (color=0xf0f0f0) returned 0x5c1007e1
[0300.429] FillRect (hDC=0xb70107bb, lprc=0xd7e198, hbr=0x5c1007e1) returned 1
[0300.429] DeleteObject (ho=0x5c1007e1) returned 1
[0300.429] RestoreDC (hdc=0xb70107bb, nSavedDC=-1) returned 1
[0300.429] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0300.429] GdipRestoreGraphics (graphics=0x6600030, state=0xf5b40dbd) returned 0x0
[0300.429] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.429] GetWindowTextLengthW (hWnd=0x2e02c8) returned 0
[0300.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0300.429] GetSystemMetrics (nIndex=42) returned 0
[0300.429] GetWindowTextW (in: hWnd=0x2e02c8, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0300.429] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0300.429] GdipGetImageWidth (image=0x664fe20, width=0xd7e1e0) returned 0x0
[0300.429] GdipGetImageHeight (image=0x664fe20, height=0xd7e1e0) returned 0x0
[0300.429] GdipGetImageWidth (image=0x664fe20, width=0xd7e1cc) returned 0x0
[0300.429] GdipGetImageHeight (image=0x664fe20, height=0xd7e1cc) returned 0x0
[0300.429] GdipDrawImageRectI (graphics=0x6600030, image=0x664fe20, x=16, y=16, width=32, height=32) returned 0x0
[0300.429] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0300.429] BitBlt (hdc=0x107b9, x=0, y=0, cx=64, cy=64, hdcSrc=0xb70107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.430] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107bb) returned 0x0
[0300.430] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.430] SelectObject (hdc=0xb70107bb, h=0x85000f) returned 0x4a0507fe
[0300.430] DeleteDC (hdc=0xb70107bb) returned 1
[0300.430] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.430] EndPaint (hWnd=0x2e02c8, lpPaint=0xd7e294) returned 1
[0300.431] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.431] IsWindowUnicode (hWnd=0x2902d0) returned 1
[0300.431] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.431] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.431] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.431] BeginPaint (in: hWnd=0x2902d0, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0300.431] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.431] CreateCompatibleDC (hdc=0x10105d6) returned 0xb90107bb
[0300.431] GetObjectType (h=0x10105d6) returned 0x3
[0300.431] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0x17050693
[0300.431] GetDIBits (in: hdc=0x10105d6, hbm=0x17050693, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0300.431] GetDIBits (in: hdc=0x10105d6, hbm=0x17050693, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0300.431] DeleteObject (ho=0x17050693) returned 1
[0300.432] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x79050803
[0300.432] SelectObject (hdc=0xb90107bb, h=0x79050803) returned 0x85000f
[0300.432] GdipCreateFromHDC (hdc=0xb90107bb, graphics=0xd7e234) returned 0x0
[0300.432] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.432] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0300.432] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0300.432] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0300.432] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0300.432] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.432] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0300.432] LocalFree (hMem=0x11ee788) returned 0x0
[0300.432] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0300.432] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0300.432] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.432] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0300.432] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0300.433] GetWindowTextLengthW (hWnd=0x2902d0) returned 232
[0300.433] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0300.433] GetSystemMetrics (nIndex=42) returned 0
[0300.433] GetWindowTextW (in: hWnd=0x2902d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0300.433] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0300.433] GetClientRect (in: hWnd=0x2902d0, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0300.433] GdipCreateRegion (region=0xd7e110) returned 0x0
[0300.433] GdipGetClip (graphics=0x6600030, region=0x66456c8) returned 0x0
[0300.433] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0300.433] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0300.433] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e128) returned 0x0
[0300.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.433] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0300.433] LocalFree (hMem=0x11ee788) returned 0x0
[0300.433] GdipCombineRegionRegion (region=0x66456c8, region2=0x6646d48, combineMode=0x1) returned 0x0
[0300.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.433] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0300.433] LocalFree (hMem=0x11ee788) returned 0x0
[0300.433] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0300.433] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0300.433] GdipIsInfiniteRegion (region=0x66456c8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0300.433] GdipGetRegionHRgn (region=0x66456c8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0300.433] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0300.433] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0300.434] GetCurrentObject (hdc=0xb90107bb, type=0x1) returned 0xb00017
[0300.434] GetCurrentObject (hdc=0xb90107bb, type=0x2) returned 0x900010
[0300.434] GetCurrentObject (hdc=0xb90107bb, type=0x7) returned 0x79050803
[0300.434] GetCurrentObject (hdc=0xb90107bb, type=0x6) returned 0x8a01c2
[0300.434] SaveDC (hdc=0xb90107bb) returned 1
[0300.434] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x92040807
[0300.434] GetClipRgn (hdc=0xb90107bb, hrgn=0x92040807) returned 0
[0300.434] SelectClipRgn (hdc=0xb90107bb, hrgn=0x170407de) returned 2
[0300.434] DeleteObject (ho=0x92040807) returned 1
[0300.434] DeleteObject (ho=0x170407de) returned 1
[0300.434] OffsetViewportOrgEx (in: hdc=0xb90107bb, x=0, y=0, lppt=0x2e32550 | out: lppt=0x2e32550) returned 1
[0300.434] GetNearestColor (hdc=0xb90107bb, color=0xf0f0f0) returned 0xf0f0f0
[0300.434] CreateSolidBrush (color=0xf0f0f0) returned 0x5d1007e1
[0300.434] FillRect (hDC=0xb90107bb, lprc=0xd7e15c, hbr=0x5d1007e1) returned 1
[0300.439] DeleteObject (ho=0x5d1007e1) returned 1
[0300.439] RestoreDC (hdc=0xb90107bb, nSavedDC=-1) returned 1
[0300.439] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107bb) returned 0x0
[0300.439] GdipRestoreGraphics (graphics=0x6600030, state=0xf5b20dbd) returned 0x0
[0300.439] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.439] GetWindowTextLengthW (hWnd=0x2902d0) returned 232
[0300.439] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0300.439] GetSystemMetrics (nIndex=42) returned 0
[0300.439] GetWindowTextW (in: hWnd=0x2902d0, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0300.439] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0300.439] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0300.439] GetCurrentObject (hdc=0xb90107bb, type=0x1) returned 0xb00017
[0300.439] GetCurrentObject (hdc=0xb90107bb, type=0x2) returned 0x900010
[0300.439] GetCurrentObject (hdc=0xb90107bb, type=0x7) returned 0x79050803
[0300.439] GetCurrentObject (hdc=0xb90107bb, type=0x6) returned 0x8a01c2
[0300.439] SaveDC (hdc=0xb90107bb) returned 1
[0300.439] GetNearestColor (hdc=0xb90107bb, color=0x0) returned 0x0
[0300.440] RestoreDC (hdc=0xb90107bb, nSavedDC=-1) returned 1
[0300.440] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107bb) returned 0x0
[0300.440] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0300.440] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0300.440] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e32d4c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0300.440] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0300.441] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0300.441] GetCurrentObject (hdc=0xb90107bb, type=0x1) returned 0xb00017
[0300.441] GetCurrentObject (hdc=0xb90107bb, type=0x2) returned 0x900010
[0300.441] GetCurrentObject (hdc=0xb90107bb, type=0x7) returned 0x79050803
[0300.441] GetCurrentObject (hdc=0xb90107bb, type=0x6) returned 0x8a01c2
[0300.441] SaveDC (hdc=0xb90107bb) returned 1
[0300.441] GetTextAlign (hdc=0xb90107bb) returned 0x0
[0300.441] GetTextColor (hdc=0xb90107bb) returned 0x0
[0300.441] GetCurrentObject (hdc=0xb90107bb, type=0x6) returned 0x8a01c2
[0300.441] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0300.441] SelectObject (hdc=0xb90107bb, h=0x6d0a0520) returned 0x8a01c2
[0300.441] GetBkMode (hdc=0xb90107bb) returned 2
[0300.441] SetBkMode (hdc=0xb90107bb, mode=1) returned 2
[0300.441] DrawTextExW (in: hdc=0xb90107bb, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e32f70 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0300.444] RestoreDC (hdc=0xb90107bb, nSavedDC=-1) returned 1
[0300.444] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107bb) returned 0x0
[0300.444] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0300.444] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xb90107bb, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.444] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107bb) returned 0x0
[0300.444] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.444] SelectObject (hdc=0xb90107bb, h=0x85000f) returned 0x79050803
[0300.444] DeleteDC (hdc=0xb90107bb) returned 1
[0300.444] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.444] DeleteObject (ho=0x79050803) returned 1
[0300.445] EndPaint (hWnd=0x2902d0, lpPaint=0xd7e258) returned 1
[0300.445] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.445] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.445] IsWindowUnicode (hWnd=0x3402da) returned 1
[0300.445] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.446] SetCursor (hCursor=0x10003) returned 0x10003
[0300.446] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.446] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.446] _TrackMouseEvent (in: lpEventTrack=0x2e32fac | out: lpEventTrack=0x2e32fac) returned 1
[0300.446] SendMessageW (hWnd=0x3402da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0300.446] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0300.446] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.446] GetKeyState (nVirtKey=1) returned 0
[0300.446] GetKeyState (nVirtKey=2) returned 0
[0300.446] GetKeyState (nVirtKey=4) returned 0
[0300.446] GetKeyState (nVirtKey=5) returned 0
[0300.446] GetKeyState (nVirtKey=6) returned 0
[0300.446] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.446] IsWindowUnicode (hWnd=0x3602d8) returned 1
[0300.446] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.446] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.446] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.446] BeginPaint (in: hWnd=0x3602d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0300.447] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.447] CreateCompatibleDC (hdc=0xc0107c5) returned 0x19010693
[0300.447] SelectObject (hdc=0x19010693, h=0x4a0507fe) returned 0x85000f
[0300.447] GdipCreateFromHDC (hdc=0x19010693, graphics=0xd7e268) returned 0x0
[0300.447] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.447] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0300.447] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0300.447] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0300.447] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e2c8) returned 0x0
[0300.447] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0300.447] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee910) returned 0x0
[0300.447] LocalFree (hMem=0x11ee910) returned 0x0
[0300.447] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0300.447] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0300.447] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.447] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0300.448] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0300.448] GdipRestoreGraphics (graphics=0x6600030, state=0xf5b00dbd) returned 0x0
[0300.448] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.448] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0300.448] GetCurrentObject (hdc=0x19010693, type=0x1) returned 0xb00017
[0300.448] GetCurrentObject (hdc=0x19010693, type=0x2) returned 0x900010
[0300.448] GetCurrentObject (hdc=0x19010693, type=0x7) returned 0x4a0507fe
[0300.448] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.448] SaveDC (hdc=0x19010693) returned 1
[0300.448] GetNearestColor (hdc=0x19010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.448] GetNearestColor (hdc=0x19010693, color=0xa0a0a0) returned 0xa0a0a0
[0300.448] GetNearestColor (hdc=0x19010693, color=0x696969) returned 0x696969
[0300.448] GetNearestColor (hdc=0x19010693, color=0xa0a0a0) returned 0xa0a0a0
[0300.448] GetNearestColor (hdc=0x19010693, color=0x0) returned 0x0
[0300.448] GetNearestColor (hdc=0x19010693, color=0xffffff) returned 0xffffff
[0300.448] GetNearestColor (hdc=0x19010693, color=0xe5e5e5) returned 0xe5e5e5
[0300.448] GetNearestColor (hdc=0x19010693, color=0xd7d7d7) returned 0xd7d7d7
[0300.448] GetNearestColor (hdc=0x19010693, color=0x0) returned 0x0
[0300.448] RestoreDC (hdc=0x19010693, nSavedDC=-1) returned 1
[0300.449] GdipReleaseDC (graphics=0x6600030, hdc=0x19010693) returned 0x0
[0300.449] IsAppThemed () returned 0x1
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] GdipGetImageWidth (image=0x664f790, width=0xd7e168) returned 0x0
[0300.449] GdipGetImageHeight (image=0x664f790, height=0xd7e168) returned 0x0
[0300.449] IsAppThemed () returned 0x1
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e33718 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0300.449] IsAppThemed () returned 0x1
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] IsAppThemed () returned 0x1
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] GetThemeAppProperties () returned 0x3
[0300.449] GetFocus () returned 0x3602d8
[0300.449] IsAppThemed () returned 0x1
[0300.450] GetThemeAppProperties () returned 0x3
[0300.450] GetThemeAppProperties () returned 0x3
[0300.450] IsAppThemed () returned 0x1
[0300.450] GetThemeAppProperties () returned 0x3
[0300.450] GetThemeAppProperties () returned 0x3
[0300.450] IsThemePartDefined () returned 0x1
[0300.450] IsAppThemed () returned 0x1
[0300.450] GetThemeAppProperties () returned 0x3
[0300.450] GetThemeAppProperties () returned 0x3
[0300.450] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0300.450] IsAppThemed () returned 0x1
[0300.455] GetThemeAppProperties () returned 0x3
[0300.455] GetThemeAppProperties () returned 0x3
[0300.455] IsAppThemed () returned 0x1
[0300.455] GetThemeAppProperties () returned 0x3
[0300.455] GetThemeAppProperties () returned 0x3
[0300.455] IsThemePartDefined () returned 0x1
[0300.455] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0300.455] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.455] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0300.455] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0300.455] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dff0) returned 0x0
[0300.455] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.455] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0300.455] LocalFree (hMem=0x11eec58) returned 0x0
[0300.455] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.455] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee9f0) returned 0x0
[0300.455] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.455] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0300.455] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e018) returned 0x0
[0300.455] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7e008) returned 0x0
[0300.455] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0300.455] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.456] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0300.456] GetCurrentObject (hdc=0x19010693, type=0x1) returned 0xb00017
[0300.456] GetCurrentObject (hdc=0x19010693, type=0x2) returned 0x900010
[0300.456] GetCurrentObject (hdc=0x19010693, type=0x7) returned 0x4a0507fe
[0300.456] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.456] SaveDC (hdc=0x19010693) returned 1
[0300.456] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x180407de
[0300.456] GetClipRgn (hdc=0x19010693, hrgn=0x180407de) returned 0
[0300.456] SelectClipRgn (hdc=0x19010693, hrgn=0x96040807) returned 2
[0300.456] DeleteObject (ho=0x180407de) returned 1
[0300.456] DeleteObject (ho=0x96040807) returned 1
[0300.456] OffsetViewportOrgEx (in: hdc=0x19010693, x=0, y=0, lppt=0x2e33dc8 | out: lppt=0x2e33dc8) returned 1
[0300.456] DrawThemeParentBackground () returned 0x0
[0300.456] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0300.456] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0300.456] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.457] GetSystemMetrics (nIndex=42) returned 0
[0300.457] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0300.457] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0300.457] GetCurrentObject (hdc=0x19010693, type=0x1) returned 0xb00017
[0300.457] GetCurrentObject (hdc=0x19010693, type=0x2) returned 0x900010
[0300.457] GetCurrentObject (hdc=0x19010693, type=0x7) returned 0x4a0507fe
[0300.457] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.457] SaveDC (hdc=0x19010693) returned 2
[0300.457] GetNearestColor (hdc=0x19010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.457] CreateSolidBrush (color=0xf0f0f0) returned 0x5e1007e1
[0300.457] FillRect (hDC=0x19010693, lprc=0xd7da38, hbr=0x5e1007e1) returned 1
[0300.457] DeleteObject (ho=0x5e1007e1) returned 1
[0300.457] RestoreDC (hdc=0x19010693, nSavedDC=-1) returned 1
[0300.457] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.457] GetSystemMetrics (nIndex=42) returned 0
[0300.457] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0300.457] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0300.457] GetCurrentObject (hdc=0x19010693, type=0x1) returned 0xb00017
[0300.457] GetCurrentObject (hdc=0x19010693, type=0x2) returned 0x900010
[0300.457] GetCurrentObject (hdc=0x19010693, type=0x7) returned 0x4a0507fe
[0300.458] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.458] SaveDC (hdc=0x19010693) returned 2
[0300.458] GetNearestColor (hdc=0x19010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.458] CreateSolidBrush (color=0xf0f0f0) returned 0x5f1007e1
[0300.458] FillRect (hDC=0x19010693, lprc=0xd7d9d8, hbr=0x5f1007e1) returned 1
[0300.458] DeleteObject (ho=0x5f1007e1) returned 1
[0300.458] RestoreDC (hdc=0x19010693, nSavedDC=-1) returned 1
[0300.458] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.458] GetSystemMetrics (nIndex=42) returned 0
[0300.458] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0300.458] RestoreDC (hdc=0x19010693, nSavedDC=-1) returned 1
[0300.458] GdipReleaseDC (graphics=0x6600030, hdc=0x19010693) returned 0x0
[0300.458] IsAppThemed () returned 0x1
[0300.458] GetThemeAppProperties () returned 0x3
[0300.458] GetThemeAppProperties () returned 0x3
[0300.458] IsAppThemed () returned 0x1
[0300.458] GetThemeAppProperties () returned 0x3
[0300.459] GetThemeAppProperties () returned 0x3
[0300.459] IsThemePartDefined () returned 0x1
[0300.459] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0300.459] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.459] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0300.459] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0300.459] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0300.459] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0300.459] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.459] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0300.459] LocalFree (hMem=0x11ee788) returned 0x0
[0300.459] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0300.459] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0300.459] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0300.459] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0300.459] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.459] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0300.459] GetCurrentObject (hdc=0x19010693, type=0x1) returned 0xb00017
[0300.459] GetCurrentObject (hdc=0x19010693, type=0x2) returned 0x900010
[0300.459] GetCurrentObject (hdc=0x19010693, type=0x7) returned 0x4a0507fe
[0300.459] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.459] SaveDC (hdc=0x19010693) returned 1
[0300.459] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x97040807
[0300.459] GetClipRgn (hdc=0x19010693, hrgn=0x97040807) returned 0
[0300.460] SelectClipRgn (hdc=0x19010693, hrgn=0x1a0407de) returned 2
[0300.460] DeleteObject (ho=0x97040807) returned 1
[0300.460] DeleteObject (ho=0x1a0407de) returned 1
[0300.460] OffsetViewportOrgEx (in: hdc=0x19010693, x=0, y=0, lppt=0x2e34674 | out: lppt=0x2e34674) returned 1
[0300.460] IsAppThemed () returned 0x1
[0300.460] GetThemeAppProperties () returned 0x3
[0300.460] GetThemeAppProperties () returned 0x3
[0300.460] DrawThemeBackground () returned 0x0
[0300.460] RestoreDC (hdc=0x19010693, nSavedDC=-1) returned 1
[0300.460] GdipReleaseDC (graphics=0x6600030, hdc=0x19010693) returned 0x0
[0300.460] GdipCreateRegion (region=0xd7df60) returned 0x0
[0300.460] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.460] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0300.460] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0300.460] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df78) returned 0x0
[0300.460] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0300.460] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea98) returned 0x0
[0300.460] LocalFree (hMem=0x11eea98) returned 0x0
[0300.460] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.460] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0300.460] LocalFree (hMem=0x11eec58) returned 0x0
[0300.461] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0300.461] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0300.461] GdipIsInfiniteRegion (region=0x6646d48, graphics=0x6600030, result=0xd7df90) returned 0x0
[0300.461] GdipGetRegionHRgn (region=0x6646d48, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0300.461] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0300.461] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0300.461] GetCurrentObject (hdc=0x19010693, type=0x1) returned 0xb00017
[0300.461] GetCurrentObject (hdc=0x19010693, type=0x2) returned 0x900010
[0300.461] GetCurrentObject (hdc=0x19010693, type=0x7) returned 0x4a0507fe
[0300.461] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.461] SaveDC (hdc=0x19010693) returned 1
[0300.461] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1b0407de
[0300.461] GetClipRgn (hdc=0x19010693, hrgn=0x1b0407de) returned 0
[0300.461] SelectClipRgn (hdc=0x19010693, hrgn=0x98040807) returned 2
[0300.461] DeleteObject (ho=0x1b0407de) returned 1
[0300.461] DeleteObject (ho=0x98040807) returned 1
[0300.461] OffsetViewportOrgEx (in: hdc=0x19010693, x=0, y=0, lppt=0x2e34948 | out: lppt=0x2e34948) returned 1
[0300.461] IsAppThemed () returned 0x1
[0300.461] GetThemeAppProperties () returned 0x3
[0300.461] GetThemeAppProperties () returned 0x3
[0300.461] GetThemeBackgroundContentRect () returned 0x0
[0300.461] RestoreDC (hdc=0x19010693, nSavedDC=-1) returned 1
[0300.462] GdipReleaseDC (graphics=0x6600030, hdc=0x19010693) returned 0x0
[0300.462] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0300.462] GdipGetClip (graphics=0x6600030, region=0x6646d48) returned 0x0
[0300.462] GdipCloneRegion (region=0x6646d48, cloneRegion=0xd7e150) returned 0x0
[0300.462] GdipCombineRegionRectI (region=0x6646058, rect=0xd7e138, combineMode=0x1) returned 0x0
[0300.462] GdipCombineRegionRectI (region=0x6646058, rect=0xd7e138, combineMode=0x1) returned 0x0
[0300.462] GdipSetClipRegion (graphics=0x6600030, region=0x6646058, combineMode=0x0) returned 0x0
[0300.462] GdipGetImageWidth (image=0x664f790, width=0xd7e154) returned 0x0
[0300.462] GdipGetImageHeight (image=0x664f790, height=0xd7e148) returned 0x0
[0300.462] GdipDrawImageRectI (graphics=0x6600030, image=0x664f790, x=4, y=4, width=16, height=16) returned 0x0
[0300.462] GdipSetClipRegion (graphics=0x6600030, region=0x6646d48, combineMode=0x0) returned 0x0
[0300.462] IsAppThemed () returned 0x1
[0300.462] GetThemeAppProperties () returned 0x3
[0300.462] GetThemeAppProperties () returned 0x3
[0300.462] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0300.462] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0300.462] GetCurrentObject (hdc=0x19010693, type=0x1) returned 0xb00017
[0300.462] GetCurrentObject (hdc=0x19010693, type=0x2) returned 0x900010
[0300.462] GetCurrentObject (hdc=0x19010693, type=0x7) returned 0x4a0507fe
[0300.462] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.463] SaveDC (hdc=0x19010693) returned 1
[0300.463] GetTextAlign (hdc=0x19010693) returned 0x0
[0300.463] GetTextColor (hdc=0x19010693) returned 0x0
[0300.463] GetCurrentObject (hdc=0x19010693, type=0x6) returned 0x8a01c2
[0300.463] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0300.463] SelectObject (hdc=0x19010693, h=0x6d0a0520) returned 0x8a01c2
[0300.463] GetBkMode (hdc=0x19010693) returned 2
[0300.463] SetBkMode (hdc=0x19010693, mode=1) returned 2
[0300.463] DrawTextExW (in: hdc=0x19010693, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e34d08 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0300.463] DrawTextExW (in: hdc=0x19010693, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e34d08 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0300.464] RestoreDC (hdc=0x19010693, nSavedDC=-1) returned 1
[0300.464] GdipReleaseDC (graphics=0x6600030, hdc=0x19010693) returned 0x0
[0300.464] GetFocus () returned 0x3602d8
[0300.464] IsAppThemed () returned 0x1
[0300.464] GetThemeAppProperties () returned 0x3
[0300.464] GetThemeAppProperties () returned 0x3
[0300.464] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0300.464] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x19010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.464] GdipReleaseDC (graphics=0x6600030, hdc=0x19010693) returned 0x0
[0300.464] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.464] SelectObject (hdc=0x19010693, h=0x85000f) returned 0x4a0507fe
[0300.464] DeleteDC (hdc=0x19010693) returned 1
[0300.464] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.464] EndPaint (hWnd=0x3602d8, lpPaint=0xd7e24c) returned 1
[0300.464] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.465] IsWindowUnicode (hWnd=0x3402da) returned 1
[0300.465] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.465] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.465] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.465] BeginPaint (in: hWnd=0x3402da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0300.465] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.465] CreateCompatibleDC (hdc=0xf0105ee) returned 0x1b010693
[0300.465] SelectObject (hdc=0x1b010693, h=0x4a0507fe) returned 0x85000f
[0300.465] GdipCreateFromHDC (hdc=0x1b010693, graphics=0xd7e268) returned 0x0
[0300.465] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.465] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0300.465] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0300.465] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0300.465] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0300.465] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.465] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0300.465] LocalFree (hMem=0x11ee788) returned 0x0
[0300.475] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0300.475] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0300.475] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0300.475] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0300.475] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0300.475] GdipRestoreGraphics (graphics=0x6600030, state=0xf5ae0dbd) returned 0x0
[0300.475] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0300.475] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0300.475] GetCurrentObject (hdc=0x1b010693, type=0x1) returned 0xb00017
[0300.475] GetCurrentObject (hdc=0x1b010693, type=0x2) returned 0x900010
[0300.475] GetCurrentObject (hdc=0x1b010693, type=0x7) returned 0x4a0507fe
[0300.475] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.475] SaveDC (hdc=0x1b010693) returned 1
[0300.476] GetNearestColor (hdc=0x1b010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.476] GetNearestColor (hdc=0x1b010693, color=0xa0a0a0) returned 0xa0a0a0
[0300.476] GetNearestColor (hdc=0x1b010693, color=0x696969) returned 0x696969
[0300.476] GetNearestColor (hdc=0x1b010693, color=0xa0a0a0) returned 0xa0a0a0
[0300.476] GetNearestColor (hdc=0x1b010693, color=0x0) returned 0x0
[0300.476] GetNearestColor (hdc=0x1b010693, color=0xffffff) returned 0xffffff
[0300.476] GetNearestColor (hdc=0x1b010693, color=0xe5e5e5) returned 0xe5e5e5
[0300.476] GetNearestColor (hdc=0x1b010693, color=0xd7d7d7) returned 0xd7d7d7
[0300.476] GetNearestColor (hdc=0x1b010693, color=0x0) returned 0x0
[0300.476] RestoreDC (hdc=0x1b010693, nSavedDC=-1) returned 1
[0300.476] GdipReleaseDC (graphics=0x6600030, hdc=0x1b010693) returned 0x0
[0300.476] IsAppThemed () returned 0x1
[0300.476] GetThemeAppProperties () returned 0x3
[0300.476] GetThemeAppProperties () returned 0x3
[0300.476] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0300.476] SendMessageW (hWnd=0x3700ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0300.476] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0300.476] IsAppThemed () returned 0x1
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e35518 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0300.477] IsAppThemed () returned 0x1
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] IsAppThemed () returned 0x1
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] IsAppThemed () returned 0x1
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] IsAppThemed () returned 0x1
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] IsThemePartDefined () returned 0x1
[0300.477] IsAppThemed () returned 0x1
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] GetThemeAppProperties () returned 0x3
[0300.477] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0300.477] IsAppThemed () returned 0x1
[0300.478] GetThemeAppProperties () returned 0x3
[0300.478] GetThemeAppProperties () returned 0x3
[0300.478] IsAppThemed () returned 0x1
[0300.478] GetThemeAppProperties () returned 0x3
[0300.478] GetThemeAppProperties () returned 0x3
[0300.478] IsThemePartDefined () returned 0x1
[0300.478] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0300.478] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0300.478] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0300.478] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0300.478] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfe4) returned 0x0
[0300.478] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.478] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0300.478] LocalFree (hMem=0x11eec58) returned 0x0
[0300.478] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.478] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0300.478] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.478] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0300.478] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0300.478] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0300.478] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0300.478] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0300.478] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0300.478] GetCurrentObject (hdc=0x1b010693, type=0x1) returned 0xb00017
[0300.478] GetCurrentObject (hdc=0x1b010693, type=0x2) returned 0x900010
[0300.479] GetCurrentObject (hdc=0x1b010693, type=0x7) returned 0x4a0507fe
[0300.479] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.479] SaveDC (hdc=0x1b010693) returned 1
[0300.479] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x99040807
[0300.479] GetClipRgn (hdc=0x1b010693, hrgn=0x99040807) returned 0
[0300.479] SelectClipRgn (hdc=0x1b010693, hrgn=0x1f0407de) returned 2
[0300.479] DeleteObject (ho=0x99040807) returned 1
[0300.479] DeleteObject (ho=0x1f0407de) returned 1
[0300.479] OffsetViewportOrgEx (in: hdc=0x1b010693, x=0, y=0, lppt=0x2e35bc8 | out: lppt=0x2e35bc8) returned 1
[0300.479] DrawThemeParentBackground () returned 0x0
[0300.479] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0300.479] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0300.479] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.479] GetSystemMetrics (nIndex=42) returned 0
[0300.479] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0300.479] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0300.479] GetCurrentObject (hdc=0x1b010693, type=0x1) returned 0xb00017
[0300.480] GetCurrentObject (hdc=0x1b010693, type=0x2) returned 0x900010
[0300.480] GetCurrentObject (hdc=0x1b010693, type=0x7) returned 0x4a0507fe
[0300.480] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.480] SaveDC (hdc=0x1b010693) returned 2
[0300.480] GetNearestColor (hdc=0x1b010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.480] CreateSolidBrush (color=0xf0f0f0) returned 0x601007e1
[0300.480] FillRect (hDC=0x1b010693, lprc=0xd7da30, hbr=0x601007e1) returned 1
[0300.480] DeleteObject (ho=0x601007e1) returned 1
[0300.480] RestoreDC (hdc=0x1b010693, nSavedDC=-1) returned 1
[0300.480] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.480] GetSystemMetrics (nIndex=42) returned 0
[0300.480] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.480] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0300.480] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0300.480] GetCurrentObject (hdc=0x1b010693, type=0x1) returned 0xb00017
[0300.480] GetCurrentObject (hdc=0x1b010693, type=0x2) returned 0x900010
[0300.480] GetCurrentObject (hdc=0x1b010693, type=0x7) returned 0x4a0507fe
[0300.480] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.480] SaveDC (hdc=0x1b010693) returned 2
[0300.481] GetNearestColor (hdc=0x1b010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.481] CreateSolidBrush (color=0xf0f0f0) returned 0x611007e1
[0300.481] FillRect (hDC=0x1b010693, lprc=0xd7d9d0, hbr=0x611007e1) returned 1
[0300.481] DeleteObject (ho=0x611007e1) returned 1
[0300.481] RestoreDC (hdc=0x1b010693, nSavedDC=-1) returned 1
[0300.481] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.481] GetSystemMetrics (nIndex=42) returned 0
[0300.481] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0300.481] RestoreDC (hdc=0x1b010693, nSavedDC=-1) returned 1
[0300.481] GdipReleaseDC (graphics=0x6600030, hdc=0x1b010693) returned 0x0
[0300.481] IsAppThemed () returned 0x1
[0300.481] GetThemeAppProperties () returned 0x3
[0300.481] GetThemeAppProperties () returned 0x3
[0300.482] IsAppThemed () returned 0x1
[0300.482] GetThemeAppProperties () returned 0x3
[0300.482] GetThemeAppProperties () returned 0x3
[0300.482] IsThemePartDefined () returned 0x1
[0300.482] GdipCreateRegion (region=0xd7df50) returned 0x0
[0300.482] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0300.482] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0300.482] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0300.482] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df68) returned 0x0
[0300.482] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.482] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0300.482] LocalFree (hMem=0x11ee788) returned 0x0
[0300.482] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.482] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee9f0) returned 0x0
[0300.482] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.482] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0300.482] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0300.482] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0300.482] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0300.482] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0300.482] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0300.482] GetCurrentObject (hdc=0x1b010693, type=0x1) returned 0xb00017
[0300.482] GetCurrentObject (hdc=0x1b010693, type=0x2) returned 0x900010
[0300.482] GetCurrentObject (hdc=0x1b010693, type=0x7) returned 0x4a0507fe
[0300.483] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.483] SaveDC (hdc=0x1b010693) returned 1
[0300.483] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x200407de
[0300.483] GetClipRgn (hdc=0x1b010693, hrgn=0x200407de) returned 0
[0300.483] SelectClipRgn (hdc=0x1b010693, hrgn=0x9b040807) returned 2
[0300.483] DeleteObject (ho=0x200407de) returned 1
[0300.483] DeleteObject (ho=0x9b040807) returned 1
[0300.483] OffsetViewportOrgEx (in: hdc=0x1b010693, x=0, y=0, lppt=0x2e36474 | out: lppt=0x2e36474) returned 1
[0300.483] IsAppThemed () returned 0x1
[0300.483] GetThemeAppProperties () returned 0x3
[0300.483] GetThemeAppProperties () returned 0x3
[0300.483] DrawThemeBackground () returned 0x0
[0300.483] RestoreDC (hdc=0x1b010693, nSavedDC=-1) returned 1
[0300.483] GdipReleaseDC (graphics=0x6600030, hdc=0x1b010693) returned 0x0
[0300.483] GdipCreateRegion (region=0xd7df54) returned 0x0
[0300.483] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0300.483] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0300.483] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0300.483] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df6c) returned 0x0
[0300.483] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.483] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0300.484] LocalFree (hMem=0x11ee788) returned 0x0
[0300.484] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.484] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0300.484] LocalFree (hMem=0x11eec58) returned 0x0
[0300.484] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0300.484] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0300.484] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0300.484] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0300.484] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0300.484] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0300.484] GetCurrentObject (hdc=0x1b010693, type=0x1) returned 0xb00017
[0300.484] GetCurrentObject (hdc=0x1b010693, type=0x2) returned 0x900010
[0300.484] GetCurrentObject (hdc=0x1b010693, type=0x7) returned 0x4a0507fe
[0300.484] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.484] SaveDC (hdc=0x1b010693) returned 1
[0300.484] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9c040807
[0300.484] GetClipRgn (hdc=0x1b010693, hrgn=0x9c040807) returned 0
[0300.484] SelectClipRgn (hdc=0x1b010693, hrgn=0x210407de) returned 2
[0300.484] DeleteObject (ho=0x9c040807) returned 1
[0300.484] DeleteObject (ho=0x210407de) returned 1
[0300.484] OffsetViewportOrgEx (in: hdc=0x1b010693, x=0, y=0, lppt=0x2e36748 | out: lppt=0x2e36748) returned 1
[0300.484] IsAppThemed () returned 0x1
[0300.485] GetThemeAppProperties () returned 0x3
[0300.485] GetThemeAppProperties () returned 0x3
[0300.485] GetThemeBackgroundContentRect () returned 0x0
[0300.485] RestoreDC (hdc=0x1b010693, nSavedDC=-1) returned 1
[0300.485] GdipReleaseDC (graphics=0x6600030, hdc=0x1b010693) returned 0x0
[0300.485] IsAppThemed () returned 0x1
[0300.485] GetThemeAppProperties () returned 0x3
[0300.485] GetThemeAppProperties () returned 0x3
[0300.485] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0300.485] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0300.485] GetCurrentObject (hdc=0x1b010693, type=0x1) returned 0xb00017
[0300.485] GetCurrentObject (hdc=0x1b010693, type=0x2) returned 0x900010
[0300.485] GetCurrentObject (hdc=0x1b010693, type=0x7) returned 0x4a0507fe
[0300.485] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.485] SaveDC (hdc=0x1b010693) returned 1
[0300.485] GetTextAlign (hdc=0x1b010693) returned 0x0
[0300.485] GetTextColor (hdc=0x1b010693) returned 0x0
[0300.485] GetCurrentObject (hdc=0x1b010693, type=0x6) returned 0x8a01c2
[0300.485] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0300.486] SelectObject (hdc=0x1b010693, h=0x6d0a0520) returned 0x8a01c2
[0300.486] GetBkMode (hdc=0x1b010693) returned 2
[0300.486] SetBkMode (hdc=0x1b010693, mode=1) returned 2
[0300.486] DrawTextExW (in: hdc=0x1b010693, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e36ae8 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0300.486] DrawTextExW (in: hdc=0x1b010693, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e36ae8 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0300.486] RestoreDC (hdc=0x1b010693, nSavedDC=-1) returned 1
[0300.486] GdipReleaseDC (graphics=0x6600030, hdc=0x1b010693) returned 0x0
[0300.486] GetFocus () returned 0x3602d8
[0300.486] IsAppThemed () returned 0x1
[0300.486] GetThemeAppProperties () returned 0x3
[0300.486] GetThemeAppProperties () returned 0x3
[0300.486] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0300.487] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x1b010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.487] GdipReleaseDC (graphics=0x6600030, hdc=0x1b010693) returned 0x0
[0300.487] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.487] SelectObject (hdc=0x1b010693, h=0x85000f) returned 0x4a0507fe
[0300.487] DeleteDC (hdc=0x1b010693) returned 1
[0300.487] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.487] EndPaint (hWnd=0x3402da, lpPaint=0xd7e24c) returned 1
[0300.487] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.487] IsWindowUnicode (hWnd=0x2a02ce) returned 1
[0300.487] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.487] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.487] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.488] BeginPaint (in: hWnd=0x2a02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0300.488] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.488] CreateCompatibleDC (hdc=0x107b9) returned 0x1d010693
[0300.488] SelectObject (hdc=0x1d010693, h=0x4a0507fe) returned 0x85000f
[0300.488] GdipCreateFromHDC (hdc=0x1d010693, graphics=0xd7e268) returned 0x0
[0300.488] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.488] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0300.488] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0300.488] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0300.488] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0300.488] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0300.488] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee8d8) returned 0x0
[0300.488] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.488] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0300.488] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0300.488] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0300.488] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0300.488] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0300.489] GdipRestoreGraphics (graphics=0x6600030, state=0xf5ac0dbd) returned 0x0
[0300.489] GdipDeleteRegion (region=0x6646178) returned 0x0
[0300.489] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0300.489] GetCurrentObject (hdc=0x1d010693, type=0x1) returned 0xb00017
[0300.489] GetCurrentObject (hdc=0x1d010693, type=0x2) returned 0x900010
[0300.489] GetCurrentObject (hdc=0x1d010693, type=0x7) returned 0x4a0507fe
[0300.489] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.489] SaveDC (hdc=0x1d010693) returned 1
[0300.489] GetNearestColor (hdc=0x1d010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.489] GetNearestColor (hdc=0x1d010693, color=0xa0a0a0) returned 0xa0a0a0
[0300.489] GetNearestColor (hdc=0x1d010693, color=0x696969) returned 0x696969
[0300.489] GetNearestColor (hdc=0x1d010693, color=0xa0a0a0) returned 0xa0a0a0
[0300.489] GetNearestColor (hdc=0x1d010693, color=0x0) returned 0x0
[0300.489] GetNearestColor (hdc=0x1d010693, color=0xffffff) returned 0xffffff
[0300.489] GetNearestColor (hdc=0x1d010693, color=0xe5e5e5) returned 0xe5e5e5
[0300.489] GetNearestColor (hdc=0x1d010693, color=0xd7d7d7) returned 0xd7d7d7
[0300.489] GetNearestColor (hdc=0x1d010693, color=0x0) returned 0x0
[0300.489] RestoreDC (hdc=0x1d010693, nSavedDC=-1) returned 1
[0300.489] GdipReleaseDC (graphics=0x6600030, hdc=0x1d010693) returned 0x0
[0300.489] IsAppThemed () returned 0x1
[0300.489] GetThemeAppProperties () returned 0x3
[0300.489] GetThemeAppProperties () returned 0x3
[0300.490] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0300.490] SendMessageW (hWnd=0x3700ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0300.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0300.490] IsAppThemed () returned 0x1
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e372f8 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0300.490] IsAppThemed () returned 0x1
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] IsAppThemed () returned 0x1
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] GetFocus () returned 0x3602d8
[0300.490] IsAppThemed () returned 0x1
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] IsAppThemed () returned 0x1
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] GetThemeAppProperties () returned 0x3
[0300.490] IsThemePartDefined () returned 0x1
[0300.490] IsAppThemed () returned 0x1
[0300.491] GetThemeAppProperties () returned 0x3
[0300.491] GetThemeAppProperties () returned 0x3
[0300.491] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0300.491] IsAppThemed () returned 0x1
[0300.491] GetThemeAppProperties () returned 0x3
[0300.491] GetThemeAppProperties () returned 0x3
[0300.491] IsAppThemed () returned 0x1
[0300.491] GetThemeAppProperties () returned 0x3
[0300.491] GetThemeAppProperties () returned 0x3
[0300.491] IsThemePartDefined () returned 0x1
[0300.491] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0300.491] GdipGetClip (graphics=0x6600030, region=0x66455a8) returned 0x0
[0300.491] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0300.491] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0300.491] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0300.491] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0300.491] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.491] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0300.491] LocalFree (hMem=0x11ee788) returned 0x0
[0300.491] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0300.491] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0300.491] GdipIsInfiniteRegion (region=0x66455a8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0300.491] GdipGetRegionHRgn (region=0x66455a8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0300.491] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0300.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0300.492] GetCurrentObject (hdc=0x1d010693, type=0x1) returned 0xb00017
[0300.492] GetCurrentObject (hdc=0x1d010693, type=0x2) returned 0x900010
[0300.492] GetCurrentObject (hdc=0x1d010693, type=0x7) returned 0x4a0507fe
[0300.492] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.492] SaveDC (hdc=0x1d010693) returned 1
[0300.492] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x220407de
[0300.492] GetClipRgn (hdc=0x1d010693, hrgn=0x220407de) returned 0
[0300.492] SelectClipRgn (hdc=0x1d010693, hrgn=0xa0040807) returned 2
[0300.492] DeleteObject (ho=0x220407de) returned 1
[0300.492] DeleteObject (ho=0xa0040807) returned 1
[0300.492] OffsetViewportOrgEx (in: hdc=0x1d010693, x=0, y=0, lppt=0x2e379a8 | out: lppt=0x2e379a8) returned 1
[0300.492] DrawThemeParentBackground () returned 0x0
[0300.492] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0300.492] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0300.492] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.492] GetSystemMetrics (nIndex=42) returned 0
[0300.492] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0300.492] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x1) returned 0xb00017
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x2) returned 0x900010
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x7) returned 0x4a0507fe
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.493] SaveDC (hdc=0x1d010693) returned 2
[0300.493] GetNearestColor (hdc=0x1d010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.493] CreateSolidBrush (color=0xf0f0f0) returned 0x621007e1
[0300.493] FillRect (hDC=0x1d010693, lprc=0xd7da38, hbr=0x621007e1) returned 1
[0300.493] DeleteObject (ho=0x621007e1) returned 1
[0300.493] RestoreDC (hdc=0x1d010693, nSavedDC=-1) returned 1
[0300.493] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.493] GetSystemMetrics (nIndex=42) returned 0
[0300.493] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0300.493] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x1) returned 0xb00017
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x2) returned 0x900010
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x7) returned 0x4a0507fe
[0300.493] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.494] SaveDC (hdc=0x1d010693) returned 2
[0300.494] GetNearestColor (hdc=0x1d010693, color=0xf0f0f0) returned 0xf0f0f0
[0300.494] CreateSolidBrush (color=0xf0f0f0) returned 0x631007e1
[0300.494] FillRect (hDC=0x1d010693, lprc=0xd7d9d8, hbr=0x631007e1) returned 1
[0300.494] DeleteObject (ho=0x631007e1) returned 1
[0300.494] RestoreDC (hdc=0x1d010693, nSavedDC=-1) returned 1
[0300.494] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.494] GetSystemMetrics (nIndex=42) returned 0
[0300.494] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0300.494] RestoreDC (hdc=0x1d010693, nSavedDC=-1) returned 1
[0300.494] GdipReleaseDC (graphics=0x6600030, hdc=0x1d010693) returned 0x0
[0300.494] IsAppThemed () returned 0x1
[0300.494] GetThemeAppProperties () returned 0x3
[0300.494] GetThemeAppProperties () returned 0x3
[0300.494] IsAppThemed () returned 0x1
[0300.494] GetThemeAppProperties () returned 0x3
[0300.494] GetThemeAppProperties () returned 0x3
[0300.494] IsThemePartDefined () returned 0x1
[0300.495] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0300.495] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0300.495] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0300.495] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0300.495] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0300.495] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.495] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0300.495] LocalFree (hMem=0x11eec58) returned 0x0
[0300.495] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0300.495] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0300.495] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.495] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0300.495] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0300.495] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0300.495] GdipGetRegionHRgn (region=0x6645c68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0300.495] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0300.495] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0300.495] GetCurrentObject (hdc=0x1d010693, type=0x1) returned 0xb00017
[0300.495] GetCurrentObject (hdc=0x1d010693, type=0x2) returned 0x900010
[0300.495] GetCurrentObject (hdc=0x1d010693, type=0x7) returned 0x4a0507fe
[0300.495] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.495] SaveDC (hdc=0x1d010693) returned 1
[0300.495] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa1040807
[0300.496] GetClipRgn (hdc=0x1d010693, hrgn=0xa1040807) returned 0
[0300.496] SelectClipRgn (hdc=0x1d010693, hrgn=0x240407de) returned 2
[0300.496] DeleteObject (ho=0xa1040807) returned 1
[0300.496] DeleteObject (ho=0x240407de) returned 1
[0300.496] OffsetViewportOrgEx (in: hdc=0x1d010693, x=0, y=0, lppt=0x2e38254 | out: lppt=0x2e38254) returned 1
[0300.496] IsAppThemed () returned 0x1
[0300.496] GetThemeAppProperties () returned 0x3
[0300.496] GetThemeAppProperties () returned 0x3
[0300.496] DrawThemeBackground () returned 0x0
[0300.496] RestoreDC (hdc=0x1d010693, nSavedDC=-1) returned 1
[0300.496] GdipReleaseDC (graphics=0x6600030, hdc=0x1d010693) returned 0x0
[0300.496] GdipCreateRegion (region=0xd7df60) returned 0x0
[0300.496] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0300.496] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0300.496] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0300.496] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7df78) returned 0x0
[0300.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.496] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee788) returned 0x0
[0300.496] LocalFree (hMem=0x11ee788) returned 0x0
[0300.496] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.496] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eec58) returned 0x0
[0300.496] LocalFree (hMem=0x11eec58) returned 0x0
[0300.497] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0300.497] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0300.497] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0300.497] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0300.497] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0300.497] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0300.501] GetCurrentObject (hdc=0x1d010693, type=0x1) returned 0xb00017
[0300.501] GetCurrentObject (hdc=0x1d010693, type=0x2) returned 0x900010
[0300.501] GetCurrentObject (hdc=0x1d010693, type=0x7) returned 0x4a0507fe
[0300.501] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.501] SaveDC (hdc=0x1d010693) returned 1
[0300.501] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x250407de
[0300.501] GetClipRgn (hdc=0x1d010693, hrgn=0x250407de) returned 0
[0300.501] SelectClipRgn (hdc=0x1d010693, hrgn=0xa2040807) returned 2
[0300.501] DeleteObject (ho=0x250407de) returned 1
[0300.501] DeleteObject (ho=0xa2040807) returned 1
[0300.501] OffsetViewportOrgEx (in: hdc=0x1d010693, x=0, y=0, lppt=0x2e38528 | out: lppt=0x2e38528) returned 1
[0300.501] IsAppThemed () returned 0x1
[0300.501] GetThemeAppProperties () returned 0x3
[0300.501] GetThemeAppProperties () returned 0x3
[0300.501] GetThemeBackgroundContentRect () returned 0x0
[0300.501] RestoreDC (hdc=0x1d010693, nSavedDC=-1) returned 1
[0300.501] GdipReleaseDC (graphics=0x6600030, hdc=0x1d010693) returned 0x0
[0300.501] IsAppThemed () returned 0x1
[0300.501] GetThemeAppProperties () returned 0x3
[0300.502] GetThemeAppProperties () returned 0x3
[0300.502] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0300.502] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0300.502] GetCurrentObject (hdc=0x1d010693, type=0x1) returned 0xb00017
[0300.502] GetCurrentObject (hdc=0x1d010693, type=0x2) returned 0x900010
[0300.502] GetCurrentObject (hdc=0x1d010693, type=0x7) returned 0x4a0507fe
[0300.502] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.502] SaveDC (hdc=0x1d010693) returned 1
[0300.502] GetTextAlign (hdc=0x1d010693) returned 0x0
[0300.502] GetTextColor (hdc=0x1d010693) returned 0x0
[0300.502] GetCurrentObject (hdc=0x1d010693, type=0x6) returned 0x8a01c2
[0300.502] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0300.502] SelectObject (hdc=0x1d010693, h=0x6d0a0520) returned 0x8a01c2
[0300.502] GetBkMode (hdc=0x1d010693) returned 2
[0300.502] SetBkMode (hdc=0x1d010693, mode=1) returned 2
[0300.502] DrawTextExW (in: hdc=0x1d010693, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e388c8 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0300.503] DrawTextExW (in: hdc=0x1d010693, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e388c8 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0300.503] RestoreDC (hdc=0x1d010693, nSavedDC=-1) returned 1
[0300.503] GdipReleaseDC (graphics=0x6600030, hdc=0x1d010693) returned 0x0
[0300.503] GetFocus () returned 0x3602d8
[0300.503] IsAppThemed () returned 0x1
[0300.503] GetThemeAppProperties () returned 0x3
[0300.503] GetThemeAppProperties () returned 0x3
[0300.503] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0300.503] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x1d010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.503] GdipReleaseDC (graphics=0x6600030, hdc=0x1d010693) returned 0x0
[0300.503] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.503] SelectObject (hdc=0x1d010693, h=0x85000f) returned 0x4a0507fe
[0300.503] DeleteDC (hdc=0x1d010693) returned 1
[0300.503] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.504] EndPaint (hWnd=0x2a02ce, lpPaint=0xd7e24c) returned 1
[0300.504] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.504] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.504] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.504] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.504] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.504] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0300.504] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.504] CreateCompatibleDC (hdc=0x10105d6) returned 0x1f010693
[0300.504] SelectObject (hdc=0x1f010693, h=0x4a0507fe) returned 0x85000f
[0300.504] GdipCreateFromHDC (hdc=0x1f010693, graphics=0xd7e268) returned 0x0
[0300.504] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.504] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0300.504] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0300.505] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0300.505] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0300.505] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.505] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0300.505] LocalFree (hMem=0x11eec58) returned 0x0
[0300.505] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0300.505] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0300.505] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0300.505] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0300.505] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0300.505] GdipRestoreGraphics (graphics=0x6600030, state=0xf5aa0dbd) returned 0x0
[0300.505] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0300.505] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0300.505] GetCurrentObject (hdc=0x1f010693, type=0x1) returned 0xb00017
[0300.505] GetCurrentObject (hdc=0x1f010693, type=0x2) returned 0x900010
[0300.505] GetCurrentObject (hdc=0x1f010693, type=0x7) returned 0x4a0507fe
[0300.505] GetCurrentObject (hdc=0x1f010693, type=0x6) returned 0x8a01c2
[0300.505] SaveDC (hdc=0x1f010693) returned 1
[0300.505] GetNearestColor (hdc=0x1f010693, color=0xff) returned 0xff
[0300.505] GetNearestColor (hdc=0x1f010693, color=0x55) returned 0x55
[0300.505] GetNearestColor (hdc=0x1f010693, color=0x0) returned 0x0
[0300.506] GetNearestColor (hdc=0x1f010693, color=0x55) returned 0x55
[0300.506] GetNearestColor (hdc=0x1f010693, color=0x0) returned 0x0
[0300.506] GetNearestColor (hdc=0x1f010693, color=0x8080ff) returned 0x8080ff
[0300.506] GetNearestColor (hdc=0x1f010693, color=0x7373e5) returned 0x7373e5
[0300.506] GetNearestColor (hdc=0x1f010693, color=0xe5) returned 0xe5
[0300.506] GetNearestColor (hdc=0x1f010693, color=0x0) returned 0x0
[0300.506] RestoreDC (hdc=0x1f010693, nSavedDC=-1) returned 1
[0300.506] GdipReleaseDC (graphics=0x6600030, hdc=0x1f010693) returned 0x0
[0300.506] IsAppThemed () returned 0x1
[0300.506] GetThemeAppProperties () returned 0x3
[0300.506] GetThemeAppProperties () returned 0x3
[0300.506] IsAppThemed () returned 0x1
[0300.506] GetThemeAppProperties () returned 0x3
[0300.506] GetThemeAppProperties () returned 0x3
[0300.506] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e39090 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0300.506] IsAppThemed () returned 0x1
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] IsAppThemed () returned 0x1
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetFocus () returned 0x3602d8
[0300.507] IsAppThemed () returned 0x1
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] IsAppThemed () returned 0x1
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] IsThemePartDefined () returned 0x1
[0300.507] IsAppThemed () returned 0x1
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0300.507] IsAppThemed () returned 0x1
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] IsAppThemed () returned 0x1
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] GetThemeAppProperties () returned 0x3
[0300.507] IsThemePartDefined () returned 0x1
[0300.507] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0300.507] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0300.507] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0300.507] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0300.508] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0300.508] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0300.508] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0300.508] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.508] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0300.508] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0300.508] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.508] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0300.508] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e018) returned 0x0
[0300.508] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e008) returned 0x0
[0300.508] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0300.508] GdipDeleteRegion (region=0x6645758) returned 0x0
[0300.508] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0300.508] GetCurrentObject (hdc=0x1f010693, type=0x1) returned 0xb00017
[0300.508] GetCurrentObject (hdc=0x1f010693, type=0x2) returned 0x900010
[0300.508] GetCurrentObject (hdc=0x1f010693, type=0x7) returned 0x4a0507fe
[0300.508] GetCurrentObject (hdc=0x1f010693, type=0x6) returned 0x8a01c2
[0300.508] SaveDC (hdc=0x1f010693) returned 1
[0300.508] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa3040807
[0300.508] GetClipRgn (hdc=0x1f010693, hrgn=0xa3040807) returned 0
[0300.508] SelectClipRgn (hdc=0x1f010693, hrgn=0x290407de) returned 2
[0300.509] DeleteObject (ho=0xa3040807) returned 1
[0300.509] DeleteObject (ho=0x290407de) returned 1
[0300.509] OffsetViewportOrgEx (in: hdc=0x1f010693, x=0, y=0, lppt=0x2e39740 | out: lppt=0x2e39740) returned 1
[0300.509] DrawThemeParentBackground () returned 0x0
[0300.509] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0300.509] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0300.509] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.509] GetSystemMetrics (nIndex=42) returned 0
[0300.509] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0300.509] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0300.509] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0300.509] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0300.509] SelectPalette (hdc=0x1f010693, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.509] GdipCreateFromHDC (hdc=0x1f010693, graphics=0xd7dac8) returned 0x0
[0300.509] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0300.510] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0300.510] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638b18) returned 0x0
[0300.510] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7daa0) returned 0x0
[0300.510] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0300.510] GdipCreateRegion (region=0xd7da88) returned 0x0
[0300.510] GdipGetClip (graphics=0x6631910, region=0x6645638) returned 0x0
[0300.510] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6631910, result=0xd7da94) returned 0x0
[0300.510] GdipDeleteRegion (region=0x6645638) returned 0x0
[0300.510] GdipSaveGraphics (graphics=0x6631910, state=0xd7dac0) returned 0x0
[0300.510] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0300.542] GdipFillRectangleI (graphics=0x6631910, brush=0x664e3d8, x=0, y=0, width=801, height=453) returned 0x0
[0300.542] GdipDeleteBrush (brush=0x664e3d8) returned 0x0
[0300.543] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0300.543] SelectPalette (hdc=0x1f010693, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.544] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.549] GetSystemMetrics (nIndex=42) returned 0
[0300.549] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.549] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0300.549] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0300.549] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0300.549] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0300.550] SelectPalette (hdc=0x1f010693, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.550] GdipCreateFromHDC (hdc=0x1f010693, graphics=0xd7da68) returned 0x0
[0300.550] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0300.550] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0300.550] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638c08) returned 0x0
[0300.550] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7da40) returned 0x0
[0300.550] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0300.550] GdipCreateRegion (region=0xd7da28) returned 0x0
[0300.550] GdipGetClip (graphics=0x6631910, region=0x6645f38) returned 0x0
[0300.550] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6631910, result=0xd7da34) returned 0x0
[0300.550] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0300.550] GdipSaveGraphics (graphics=0x6631910, state=0xd7da60) returned 0x0
[0300.550] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0300.557] GdipFillRectangleI (graphics=0x6631910, brush=0x664e168, x=0, y=0, width=801, height=453) returned 0x0
[0300.557] GdipDeleteBrush (brush=0x664e168) returned 0x0
[0300.558] GdipRestoreGraphics (graphics=0x6631910, state=0xf5a60dbd) returned 0x0
[0300.558] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.558] GetSystemMetrics (nIndex=42) returned 0
[0300.558] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.558] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0300.558] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0300.558] SelectPalette (hdc=0x1f010693, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.559] RestoreDC (hdc=0x1f010693, nSavedDC=-1) returned 1
[0300.559] GdipReleaseDC (graphics=0x6600030, hdc=0x1f010693) returned 0x0
[0300.559] IsAppThemed () returned 0x1
[0300.559] GetThemeAppProperties () returned 0x3
[0300.559] GetThemeAppProperties () returned 0x3
[0300.559] IsAppThemed () returned 0x1
[0300.559] GetThemeAppProperties () returned 0x3
[0300.559] GetThemeAppProperties () returned 0x3
[0300.559] IsThemePartDefined () returned 0x1
[0300.559] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0300.559] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0300.559] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0300.559] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0300.559] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0300.559] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0300.559] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea98) returned 0x0
[0300.559] LocalFree (hMem=0x11eea98) returned 0x0
[0300.565] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.565] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0300.565] LocalFree (hMem=0x11eec58) returned 0x0
[0300.565] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0300.565] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0300.565] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0300.565] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0300.565] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0300.565] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0300.565] GetCurrentObject (hdc=0x1f010693, type=0x1) returned 0xb00017
[0300.565] GetCurrentObject (hdc=0x1f010693, type=0x2) returned 0x900010
[0300.565] GetCurrentObject (hdc=0x1f010693, type=0x7) returned 0x4a0507fe
[0300.565] GetCurrentObject (hdc=0x1f010693, type=0x6) returned 0x8a01c2
[0300.565] SaveDC (hdc=0x1f010693) returned 1
[0300.565] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2a0407de
[0300.566] GetClipRgn (hdc=0x1f010693, hrgn=0x2a0407de) returned 0
[0300.566] SelectClipRgn (hdc=0x1f010693, hrgn=0xa5040807) returned 2
[0300.566] DeleteObject (ho=0x2a0407de) returned 1
[0300.566] DeleteObject (ho=0xa5040807) returned 1
[0300.566] OffsetViewportOrgEx (in: hdc=0x1f010693, x=0, y=0, lppt=0x2e3ff90 | out: lppt=0x2e3ff90) returned 1
[0300.566] IsAppThemed () returned 0x1
[0300.566] GetThemeAppProperties () returned 0x3
[0300.566] GetThemeAppProperties () returned 0x3
[0300.566] DrawThemeBackground () returned 0x0
[0300.566] RestoreDC (hdc=0x1f010693, nSavedDC=-1) returned 1
[0300.566] GdipReleaseDC (graphics=0x6600030, hdc=0x1f010693) returned 0x0
[0300.566] GdipCreateRegion (region=0xd7df60) returned 0x0
[0300.566] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0300.566] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0300.566] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0300.566] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df78) returned 0x0
[0300.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0300.566] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0300.566] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.566] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0300.567] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea98) returned 0x0
[0300.567] LocalFree (hMem=0x11eea98) returned 0x0
[0300.567] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0300.567] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0300.567] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0300.567] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0300.567] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0300.567] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0300.567] GetCurrentObject (hdc=0x1f010693, type=0x1) returned 0xb00017
[0300.567] GetCurrentObject (hdc=0x1f010693, type=0x2) returned 0x900010
[0300.567] GetCurrentObject (hdc=0x1f010693, type=0x7) returned 0x4a0507fe
[0300.567] GetCurrentObject (hdc=0x1f010693, type=0x6) returned 0x8a01c2
[0300.567] SaveDC (hdc=0x1f010693) returned 1
[0300.567] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa6040807
[0300.567] GetClipRgn (hdc=0x1f010693, hrgn=0xa6040807) returned 0
[0300.567] SelectClipRgn (hdc=0x1f010693, hrgn=0x2b0407de) returned 2
[0300.567] DeleteObject (ho=0xa6040807) returned 1
[0300.567] DeleteObject (ho=0x2b0407de) returned 1
[0300.567] OffsetViewportOrgEx (in: hdc=0x1f010693, x=0, y=0, lppt=0x2e40264 | out: lppt=0x2e40264) returned 1
[0300.567] IsAppThemed () returned 0x1
[0300.567] GetThemeAppProperties () returned 0x3
[0300.567] GetThemeAppProperties () returned 0x3
[0300.567] GetThemeBackgroundContentRect () returned 0x0
[0300.568] RestoreDC (hdc=0x1f010693, nSavedDC=-1) returned 1
[0300.568] GdipReleaseDC (graphics=0x6600030, hdc=0x1f010693) returned 0x0
[0300.568] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0300.568] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0300.568] GdipFillRectangleI (graphics=0x6600030, brush=0x6639f58, x=4, y=4, width=67, height=15) returned 0x0
[0300.568] GdipDeleteBrush (brush=0x6639f58) returned 0x0
[0300.568] IsAppThemed () returned 0x1
[0300.568] GetThemeAppProperties () returned 0x3
[0300.568] GetThemeAppProperties () returned 0x3
[0300.568] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0300.568] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0300.568] GetCurrentObject (hdc=0x1f010693, type=0x1) returned 0xb00017
[0300.568] GetCurrentObject (hdc=0x1f010693, type=0x2) returned 0x900010
[0300.568] GetCurrentObject (hdc=0x1f010693, type=0x7) returned 0x4a0507fe
[0300.568] GetCurrentObject (hdc=0x1f010693, type=0x6) returned 0x8a01c2
[0300.568] SaveDC (hdc=0x1f010693) returned 1
[0300.568] GetTextAlign (hdc=0x1f010693) returned 0x0
[0300.568] GetTextColor (hdc=0x1f010693) returned 0x0
[0300.568] GetCurrentObject (hdc=0x1f010693, type=0x6) returned 0x8a01c2
[0300.568] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0300.568] SelectObject (hdc=0x1f010693, h=0x6d0a0520) returned 0x8a01c2
[0300.568] GetBkMode (hdc=0x1f010693) returned 2
[0300.568] SetBkMode (hdc=0x1f010693, mode=1) returned 2
[0300.569] DrawTextExW (in: hdc=0x1f010693, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e40628 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0300.569] DrawTextExW (in: hdc=0x1f010693, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e40628 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0300.569] RestoreDC (hdc=0x1f010693, nSavedDC=-1) returned 1
[0300.569] GdipReleaseDC (graphics=0x6600030, hdc=0x1f010693) returned 0x0
[0300.569] GetFocus () returned 0x3602d8
[0300.569] IsAppThemed () returned 0x1
[0300.569] GetThemeAppProperties () returned 0x3
[0300.569] GetThemeAppProperties () returned 0x3
[0300.569] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0300.569] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x1f010693, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.570] GdipReleaseDC (graphics=0x6600030, hdc=0x1f010693) returned 0x0
[0300.570] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.570] SelectObject (hdc=0x1f010693, h=0x85000f) returned 0x4a0507fe
[0300.570] DeleteDC (hdc=0x1f010693) returned 1
[0300.570] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.570] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0300.570] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.570] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0300.571] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.571] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.571] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0300.571] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.571] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.572] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0300.573] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.573] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.573] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.573] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.573] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.573] IsWindowUnicode (hWnd=0x3402da) returned 1
[0300.573] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.574] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.574] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.574] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.574] IsWindowUnicode (hWnd=0x3402da) returned 1
[0300.574] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.574] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.574] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.574] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x2a1, wParam=0x0, lParam=0x4002b) returned 0x0
[0300.574] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.574] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.574] WaitMessage () returned 1
[0300.580] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.580] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.580] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.580] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.580] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.581] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.581] WaitMessage () returned 1
[0300.582] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.582] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.582] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.582] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.582] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.582] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.582] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.583] WaitMessage () returned 1
[0300.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.583] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.583] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.583] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.583] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.584] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.584] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.585] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.585] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.585] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.585] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.585] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.585] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.585] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.585] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.585] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.585] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.585] WaitMessage () returned 1
[0300.586] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.586] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.586] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.586] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.586] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.587] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.587] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.587] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.587] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.587] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.587] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.587] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.587] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.587] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.588] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.588] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.588] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.588] WaitMessage () returned 1
[0300.588] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.588] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.588] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.588] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.588] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.590] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.590] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.590] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.590] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.590] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.590] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.594] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.594] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.594] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.594] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.594] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.594] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.595] WaitMessage () returned 1
[0300.596] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.596] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.596] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.596] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.596] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.598] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.598] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.598] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.598] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.598] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.598] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.598] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.598] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.598] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.598] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.598] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.599] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0300.599] WaitMessage () returned 1
[0300.668] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.668] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.668] IsWindowUnicode (hWnd=0x3402da) returned 1
[0300.668] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.668] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.669] GetDlgItem (hDlg=0x3700ea, nIDDlgItem=0) returned 0x0
[0300.669] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x210, wParam=0x201, lParam=0x62010c) returned 0x0
[0300.676] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x21, wParam=0x3700ea, lParam=0x2010001) returned 0x1
[0300.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x21, wParam=0x3700ea, lParam=0x2010001) returned 0x1
[0300.677] SetCursor (hCursor=0x10003) returned 0x10003
[0300.677] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.677] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.677] GetKeyState (nVirtKey=1) returned -127
[0300.677] GetKeyState (nVirtKey=2) returned 0
[0300.677] GetKeyState (nVirtKey=4) returned 0
[0300.677] GetKeyState (nVirtKey=5) returned 0
[0300.677] GetKeyState (nVirtKey=6) returned 0
[0300.677] IsWindowVisible (hWnd=0x3402da) returned 1
[0300.677] IsWindowEnabled (hWnd=0x3402da) returned 1
[0300.677] SetFocus (hWnd=0x3402da) returned 0x3602d8
[0300.678] GetFocus () returned 0x3402da
[0300.678] IsChild (hWndParent=0x3700ea, hWnd=0x3402da) returned 1
[0300.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x8, wParam=0x3402da, lParam=0x0) returned 0x0
[0300.678] GetCapture () returned 0x0
[0300.678] InvalidateRect (hWnd=0x3602d8, lpRect=0x0, bErase=0) returned 1
[0300.679] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0300.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0300.682] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.682] InvalidateRect (hWnd=0x3602d8, lpRect=0x0, bErase=0) returned 1
[0300.682] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.682] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x7, wParam=0x3602d8, lParam=0x0) returned 0x0
[0300.682] GetStockObject (i=5) returned 0x900015
[0300.683] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0300.683] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0xd, wParam=0xa, lParam=0x11f5780) returned 0x9
[0300.683] GetDlgItem (hDlg=0x3700ea, nIDDlgItem=3408602) returned 0x3402da
[0300.683] SendMessageW (hWnd=0x3402da, Msg=0x202b, wParam=0x3402da, lParam=0xd7dddc) returned 0x0
[0300.683] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x202b, wParam=0x3402da, lParam=0xd7dddc) returned 0x0
[0300.683] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.688] GetFocus () returned 0x3402da
[0300.688] GetFocus () returned 0x3402da
[0300.688] GetFocus () returned 0x3402da
[0300.688] GetKeyState (nVirtKey=1) returned -127
[0300.688] GetKeyState (nVirtKey=2) returned 0
[0300.688] GetKeyState (nVirtKey=4) returned 0
[0300.688] GetKeyState (nVirtKey=5) returned 0
[0300.688] GetKeyState (nVirtKey=6) returned 0
[0300.688] GetCapture () returned 0x0
[0300.688] SetCapture (hWnd=0x3402da) returned 0x0
[0300.689] GetKeyState (nVirtKey=1) returned -127
[0300.689] GetKeyState (nVirtKey=2) returned 0
[0300.689] GetKeyState (nVirtKey=4) returned 0
[0300.689] GetKeyState (nVirtKey=5) returned 0
[0300.689] GetKeyState (nVirtKey=6) returned 0
[0300.689] NotifyWinEvent (event=0x800a, hwnd=0x3402da, idObject=-4, idChild=0)
[0300.689] InvalidateRect (hWnd=0x3402da, lpRect=0xd7e430, bErase=0) returned 1
[0300.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.689] IsWindowUnicode (hWnd=0x3402da) returned 1
[0300.689] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.689] TranslateMessage (lpMsg=0xd7e808) returned 0
[0300.689] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0300.689] MapWindowPoints (in: hWndFrom=0x3402da, hWndTo=0x0, lpPoints=0x2e40914, cPoints=0x1 | out: lpPoints=0x2e40914) returned 30999254
[0300.689] NotifyWinEvent (event=0x800a, hwnd=0x3402da, idObject=-4, idChild=0)
[0300.689] InvalidateRect (hWnd=0x3402da, lpRect=0xd7e3d0, bErase=0) returned 1
[0300.689] UpdateWindow (hWnd=0x3402da) returned 1
[0300.690] BeginPaint (in: hWnd=0x3402da, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0300.690] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.690] CreateCompatibleDC (hdc=0xf0105ee) returned 0xe50107f9
[0300.690] SelectObject (hdc=0xe50107f9, h=0x4a0507fe) returned 0x85000f
[0300.690] GdipCreateFromHDC (hdc=0xe50107f9, graphics=0xd7df00) returned 0x0
[0300.690] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.690] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0300.690] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0300.690] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0300.690] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df60) returned 0x0
[0300.690] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.690] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0300.691] LocalFree (hMem=0x11eec58) returned 0x0
[0300.691] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0300.691] GdipCreateRegion (region=0xd7df48) returned 0x0
[0300.691] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0300.691] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7df54) returned 0x0
[0300.691] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0300.691] GdipRestoreGraphics (graphics=0x6600030, state=0xf5a40dbd) returned 0x0
[0300.691] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0300.691] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0300.691] GetCurrentObject (hdc=0xe50107f9, type=0x1) returned 0xb00017
[0300.691] GetCurrentObject (hdc=0xe50107f9, type=0x2) returned 0x900010
[0300.691] GetCurrentObject (hdc=0xe50107f9, type=0x7) returned 0x4a0507fe
[0300.691] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.691] SaveDC (hdc=0xe50107f9) returned 1
[0300.691] GetNearestColor (hdc=0xe50107f9, color=0xf0f0f0) returned 0xf0f0f0
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0xa0a0a0) returned 0xa0a0a0
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0x696969) returned 0x696969
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0xa0a0a0) returned 0xa0a0a0
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0x0) returned 0x0
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0xffffff) returned 0xffffff
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0xe5e5e5) returned 0xe5e5e5
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0xd7d7d7) returned 0xd7d7d7
[0300.692] GetNearestColor (hdc=0xe50107f9, color=0x0) returned 0x0
[0300.692] RestoreDC (hdc=0xe50107f9, nSavedDC=-1) returned 1
[0300.692] GdipReleaseDC (graphics=0x6600030, hdc=0xe50107f9) returned 0x0
[0300.692] IsAppThemed () returned 0x1
[0300.692] GetThemeAppProperties () returned 0x3
[0300.692] GetThemeAppProperties () returned 0x3
[0300.692] IsAppThemed () returned 0x1
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e4106c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0300.693] IsAppThemed () returned 0x1
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] IsAppThemed () returned 0x1
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] IsAppThemed () returned 0x1
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] IsAppThemed () returned 0x1
[0300.693] GetThemeAppProperties () returned 0x3
[0300.693] GetThemeAppProperties () returned 0x3
[0300.694] IsThemePartDefined () returned 0x1
[0300.694] IsAppThemed () returned 0x1
[0300.694] GetThemeAppProperties () returned 0x3
[0300.694] GetThemeAppProperties () returned 0x3
[0300.694] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0300.694] IsAppThemed () returned 0x1
[0300.694] GetThemeAppProperties () returned 0x3
[0300.694] GetThemeAppProperties () returned 0x3
[0300.694] IsAppThemed () returned 0x1
[0300.694] GetThemeAppProperties () returned 0x3
[0300.694] GetThemeAppProperties () returned 0x3
[0300.694] IsThemePartDefined () returned 0x1
[0300.694] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0300.694] GdipGetClip (graphics=0x6600030, region=0x6645488) returned 0x0
[0300.694] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0300.694] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0300.694] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc7c) returned 0x0
[0300.694] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.694] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0300.694] LocalFree (hMem=0x11eec58) returned 0x0
[0300.695] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.695] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0300.695] LocalFree (hMem=0x11eec58) returned 0x0
[0300.695] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0300.695] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0300.695] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0300.695] GdipGetRegionHRgn (region=0x6645488, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0300.695] GdipDeleteRegion (region=0x6645488) returned 0x0
[0300.695] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0300.695] GetCurrentObject (hdc=0xe50107f9, type=0x1) returned 0xb00017
[0300.695] GetCurrentObject (hdc=0xe50107f9, type=0x2) returned 0x900010
[0300.695] GetCurrentObject (hdc=0xe50107f9, type=0x7) returned 0x4a0507fe
[0300.695] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.695] SaveDC (hdc=0xe50107f9) returned 1
[0300.695] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2c0407de
[0300.696] GetClipRgn (hdc=0xe50107f9, hrgn=0x2c0407de) returned 0
[0300.696] SelectClipRgn (hdc=0xe50107f9, hrgn=0xaa040807) returned 2
[0300.696] DeleteObject (ho=0x2c0407de) returned 1
[0300.696] DeleteObject (ho=0xaa040807) returned 1
[0300.696] OffsetViewportOrgEx (in: hdc=0xe50107f9, x=0, y=0, lppt=0x2e4171c | out: lppt=0x2e4171c) returned 1
[0300.696] DrawThemeParentBackground () returned 0x0
[0300.696] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0300.696] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0300.696] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.696] GetSystemMetrics (nIndex=42) returned 0
[0300.696] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0300.696] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0300.696] GetCurrentObject (hdc=0xe50107f9, type=0x1) returned 0xb00017
[0300.697] GetCurrentObject (hdc=0xe50107f9, type=0x2) returned 0x900010
[0300.697] GetCurrentObject (hdc=0xe50107f9, type=0x7) returned 0x4a0507fe
[0300.697] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.697] SaveDC (hdc=0xe50107f9) returned 2
[0300.697] GetNearestColor (hdc=0xe50107f9, color=0xf0f0f0) returned 0xf0f0f0
[0300.697] CreateSolidBrush (color=0xf0f0f0) returned 0x641007e1
[0300.697] FillRect (hDC=0xe50107f9, lprc=0xd7d6c8, hbr=0x641007e1) returned 1
[0300.697] DeleteObject (ho=0x641007e1) returned 1
[0300.697] RestoreDC (hdc=0xe50107f9, nSavedDC=-1) returned 1
[0300.697] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.697] GetSystemMetrics (nIndex=42) returned 0
[0300.697] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0300.697] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0300.698] GetCurrentObject (hdc=0xe50107f9, type=0x1) returned 0xb00017
[0300.698] GetCurrentObject (hdc=0xe50107f9, type=0x2) returned 0x900010
[0300.698] GetCurrentObject (hdc=0xe50107f9, type=0x7) returned 0x4a0507fe
[0300.698] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.698] SaveDC (hdc=0xe50107f9) returned 2
[0300.698] GetNearestColor (hdc=0xe50107f9, color=0xf0f0f0) returned 0xf0f0f0
[0300.698] CreateSolidBrush (color=0xf0f0f0) returned 0x651007e1
[0300.698] FillRect (hDC=0xe50107f9, lprc=0xd7d668, hbr=0x651007e1) returned 1
[0300.698] DeleteObject (ho=0x651007e1) returned 1
[0300.698] RestoreDC (hdc=0xe50107f9, nSavedDC=-1) returned 1
[0300.698] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.698] GetSystemMetrics (nIndex=42) returned 0
[0300.698] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0300.699] RestoreDC (hdc=0xe50107f9, nSavedDC=-1) returned 1
[0300.699] GdipReleaseDC (graphics=0x6600030, hdc=0xe50107f9) returned 0x0
[0300.699] IsAppThemed () returned 0x1
[0300.699] GetThemeAppProperties () returned 0x3
[0300.699] GetThemeAppProperties () returned 0x3
[0300.699] IsAppThemed () returned 0x1
[0300.699] GetThemeAppProperties () returned 0x3
[0300.699] GetThemeAppProperties () returned 0x3
[0300.699] IsThemePartDefined () returned 0x1
[0300.699] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0300.699] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0300.699] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0300.699] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0300.699] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc00) returned 0x0
[0300.699] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.699] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0300.700] LocalFree (hMem=0x11ee788) returned 0x0
[0300.700] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0300.700] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0300.700] LocalFree (hMem=0x11ee868) returned 0x0
[0300.700] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0300.700] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0300.700] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0300.701] GdipGetRegionHRgn (region=0x6645fc8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0300.701] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0300.701] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0300.701] GetCurrentObject (hdc=0xe50107f9, type=0x1) returned 0xb00017
[0300.701] GetCurrentObject (hdc=0xe50107f9, type=0x2) returned 0x900010
[0300.701] GetCurrentObject (hdc=0xe50107f9, type=0x7) returned 0x4a0507fe
[0300.701] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.702] SaveDC (hdc=0xe50107f9) returned 1
[0300.702] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xab040807
[0300.702] GetClipRgn (hdc=0xe50107f9, hrgn=0xab040807) returned 0
[0300.702] SelectClipRgn (hdc=0xe50107f9, hrgn=0x2e0407de) returned 2
[0300.702] DeleteObject (ho=0xab040807) returned 1
[0300.702] DeleteObject (ho=0x2e0407de) returned 1
[0300.702] OffsetViewportOrgEx (in: hdc=0xe50107f9, x=0, y=0, lppt=0x2e41fc8 | out: lppt=0x2e41fc8) returned 1
[0300.702] IsAppThemed () returned 0x1
[0300.702] GetThemeAppProperties () returned 0x3
[0300.702] GetThemeAppProperties () returned 0x3
[0300.702] DrawThemeBackground () returned 0x0
[0300.702] RestoreDC (hdc=0xe50107f9, nSavedDC=-1) returned 1
[0300.702] GdipReleaseDC (graphics=0x6600030, hdc=0xe50107f9) returned 0x0
[0300.702] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0300.702] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0300.702] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0300.703] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0300.703] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dc04) returned 0x0
[0300.703] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.703] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0300.703] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.703] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.703] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0300.703] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.703] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0300.703] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0300.703] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0300.703] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0300.703] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0300.703] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0300.703] GetCurrentObject (hdc=0xe50107f9, type=0x1) returned 0xb00017
[0300.703] GetCurrentObject (hdc=0xe50107f9, type=0x2) returned 0x900010
[0300.703] GetCurrentObject (hdc=0xe50107f9, type=0x7) returned 0x4a0507fe
[0300.704] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.704] SaveDC (hdc=0xe50107f9) returned 1
[0300.704] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2f0407de
[0300.704] GetClipRgn (hdc=0xe50107f9, hrgn=0x2f0407de) returned 0
[0300.704] SelectClipRgn (hdc=0xe50107f9, hrgn=0xac040807) returned 2
[0300.704] DeleteObject (ho=0x2f0407de) returned 1
[0300.704] DeleteObject (ho=0xac040807) returned 1
[0300.704] OffsetViewportOrgEx (in: hdc=0xe50107f9, x=0, y=0, lppt=0x2e4229c | out: lppt=0x2e4229c) returned 1
[0300.704] IsAppThemed () returned 0x1
[0300.704] GetThemeAppProperties () returned 0x3
[0300.704] GetThemeAppProperties () returned 0x3
[0300.704] GetThemeBackgroundContentRect () returned 0x0
[0300.704] RestoreDC (hdc=0xe50107f9, nSavedDC=-1) returned 1
[0300.704] GdipReleaseDC (graphics=0x6600030, hdc=0xe50107f9) returned 0x0
[0300.704] IsAppThemed () returned 0x1
[0300.704] GetThemeAppProperties () returned 0x3
[0300.704] GetThemeAppProperties () returned 0x3
[0300.704] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0300.704] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0300.704] GetCurrentObject (hdc=0xe50107f9, type=0x1) returned 0xb00017
[0300.704] GetCurrentObject (hdc=0xe50107f9, type=0x2) returned 0x900010
[0300.705] GetCurrentObject (hdc=0xe50107f9, type=0x7) returned 0x4a0507fe
[0300.705] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.705] SaveDC (hdc=0xe50107f9) returned 1
[0300.705] GetTextAlign (hdc=0xe50107f9) returned 0x0
[0300.705] GetTextColor (hdc=0xe50107f9) returned 0x0
[0300.705] GetCurrentObject (hdc=0xe50107f9, type=0x6) returned 0x8a01c2
[0300.705] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0300.705] SelectObject (hdc=0xe50107f9, h=0x6d0a0520) returned 0x8a01c2
[0300.705] GetBkMode (hdc=0xe50107f9) returned 2
[0300.705] SetBkMode (hdc=0xe50107f9, mode=1) returned 2
[0300.705] DrawTextExW (in: hdc=0xe50107f9, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e4263c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0300.706] DrawTextExW (in: hdc=0xe50107f9, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e4263c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0300.706] RestoreDC (hdc=0xe50107f9, nSavedDC=-1) returned 1
[0300.706] GdipReleaseDC (graphics=0x6600030, hdc=0xe50107f9) returned 0x0
[0300.706] GetFocus () returned 0x3402da
[0300.706] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0300.706] SendMessageW (hWnd=0x3700ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0300.706] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0300.706] IsAppThemed () returned 0x1
[0300.707] GetThemeAppProperties () returned 0x3
[0300.707] GetThemeAppProperties () returned 0x3
[0300.707] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0300.707] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xe50107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.707] GdipReleaseDC (graphics=0x6600030, hdc=0xe50107f9) returned 0x0
[0300.707] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.707] SelectObject (hdc=0xe50107f9, h=0x85000f) returned 0x4a0507fe
[0300.707] DeleteDC (hdc=0xe50107f9) returned 1
[0300.707] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.707] EndPaint (hWnd=0x3402da, lpPaint=0xd7dee4) returned 1
[0300.707] MapWindowPoints (in: hWndFrom=0x3402da, hWndTo=0x0, lpPoints=0x2e42738, cPoints=0x1 | out: lpPoints=0x2e42738) returned 30999254
[0300.707] WindowFromPoint (Point=0x301) returned 0x3402da
[0300.708] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.708] NotifyWinEvent (event=0x800a, hwnd=0x3402da, idObject=-4, idChild=0)
[0300.708] NotifyWinEvent (event=0x800c, hwnd=0x3402da, idObject=-4, idChild=0)
[0300.708] GetCapture () returned 0x3402da
[0300.708] ReleaseCapture () returned 1
[0300.708] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0300.708] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0300.709] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.709] IsWindow (hWnd=0x7005c) returned 1
[0300.709] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0300.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0300.710] IsWindow (hWnd=0x3700ea) returned 1
[0300.710] SetActiveWindow (hWnd=0x3700ea) returned 0x3700ea
[0300.710] IsWindow (hWnd=0x3700ea) returned 1
[0300.710] SetFocus (hWnd=0x3700ea) returned 0x3402da
[0300.710] GetFocus () returned 0x3700ea
[0300.710] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x8, wParam=0x3700ea, lParam=0x0) returned 0x0
[0300.710] GetCapture () returned 0x0
[0300.710] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.711] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0300.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0300.714] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.715] GetFocus () returned 0x3700ea
[0300.715] SetFocus (hWnd=0x3402da) returned 0x3700ea
[0300.715] GetFocus () returned 0x3402da
[0300.715] IsChild (hWndParent=0x3700ea, hWnd=0x3402da) returned 1
[0300.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x8, wParam=0x3402da, lParam=0x0) returned 0x0
[0300.716] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0300.718] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0300.719] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.719] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x7, wParam=0x3700ea, lParam=0x0) returned 0x0
[0300.719] GetStockObject (i=5) returned 0x900015
[0300.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0300.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0300.720] GetDlgItem (hDlg=0x3700ea, nIDDlgItem=3408602) returned 0x3402da
[0300.720] SendMessageW (hWnd=0x3402da, Msg=0x202b, wParam=0x3402da, lParam=0xd7ddcc) returned 0x0
[0300.720] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x202b, wParam=0x3402da, lParam=0xd7ddcc) returned 0x0
[0300.720] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.721] GetWindowLongW (hWnd=0x3700ea, nIndex=-8) returned 458844
[0300.722] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0300.722] GetCurrentThreadId () returned 0xf50
[0300.722] IsWindow (hWnd=0x7005c) returned 1
[0300.722] IsWindow (hWnd=0x7005c) returned 1
[0300.722] IsWindowVisible (hWnd=0x7005c) returned 1
[0300.722] SetActiveWindow (hWnd=0x7005c) returned 0x3700ea
[0300.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0300.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0300.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0300.726] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0300.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0300.726] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0300.726] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0300.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3700ea) returned 0x1
[0300.731] GetFocus () returned 0x3402da
[0300.731] SetFocus (hWnd=0x602c4) returned 0x3402da
[0300.731] GetFocus () returned 0x602c4
[0300.731] IsChild (hWndParent=0x3700ea, hWnd=0x602c4) returned 0
[0300.736] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0300.736] GetCapture () returned 0x0
[0300.736] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.737] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0300.738] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0300.740] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.741] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0300.741] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.741] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0300.742] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0300.742] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x3402da, lParam=0x0) returned 0x0
[0300.742] GetStockObject (i=5) returned 0x900015
[0300.742] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0300.742] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed8c8) returned 0xc
[0300.742] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0300.742] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0300.742] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0300.742] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0300.744] GetFocus () returned 0x602c4
[0300.744] IsChild (hWndParent=0x3700ea, hWnd=0x602c4) returned 0
[0300.744] ShowWindow (hWnd=0x3700ea, nCmdShow=0) returned 1
[0300.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0300.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0300.746] GetWindowPlacement (in: hWnd=0x3700ea, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0300.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0300.746] GetClientRect (in: hWnd=0x3700ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0300.746] GetWindowRect (in: hWnd=0x3700ea, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0300.747] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0300.761] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0300.761] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0300.762] GetWindowLongW (hWnd=0x3700ea, nIndex=-20) returned 327945
[0300.762] DestroyWindow (hWnd=0x3700ea) returned 1
[0300.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0300.764] GetWindowTextLengthW (hWnd=0x3700ea) returned 13
[0300.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.764] GetSystemMetrics (nIndex=42) returned 0
[0300.764] GetWindowTextW (in: hWnd=0x3700ea, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0300.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0300.764] GetWindowTextLengthW (hWnd=0x2e02c8) returned 0
[0300.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0300.765] GetSystemMetrics (nIndex=42) returned 0
[0300.765] GetWindowTextW (in: hWnd=0x2e02c8, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0300.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0300.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0300.765] GetWindowThreadProcessId (in: hWnd=0x3402de, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0300.765] GetWindow (hWnd=0x3402de, uCmd=0x5) returned 0x0
[0300.765] GetWindowLongW (hWnd=0x3402de, nIndex=-20) returned 65792
[0300.765] DestroyWindow (hWnd=0x3402de) returned 1
[0300.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0300.765] GetWindowTextLengthW (hWnd=0x3402de) returned 25
[0300.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0300.765] GetSystemMetrics (nIndex=42) returned 0
[0300.765] GetWindowTextW (in: hWnd=0x3402de, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0300.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0300.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0300.766] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3402de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.767] GetWindowTextLengthW (hWnd=0x2902d0) returned 232
[0300.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0300.767] GetSystemMetrics (nIndex=42) returned 0
[0300.767] GetWindowTextW (in: hWnd=0x2902d0, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0300.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0300.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0300.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0300.768] InvalidateRect (hWnd=0x3402da, lpRect=0x0, bErase=0) returned 1
[0300.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0300.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0300.768] SendMessageW (hWnd=0x3402dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0300.768] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0300.768] SendMessageW (hWnd=0x3402dc, Msg=0xb0, wParam=0x2e0e560, lParam=0xd7e480) returned 0x0
[0300.768] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0xb0, wParam=0x2e0e560, lParam=0xd7e480) returned 0x0
[0300.768] GetWindowTextLengthW (hWnd=0x3402dc) returned 4363
[0300.768] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0300.768] GetSystemMetrics (nIndex=42) returned 0
[0300.768] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0300.768] GetWindowTextW (in: hWnd=0x3402dc, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0300.768] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0300.768] CoTaskMemFree (pv=0x1202960)
[0300.769] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0300.769] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.770] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2902d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.773] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.775] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3402dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.777] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3700ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0300.778] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.778] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.778] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.779] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.779] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.779] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.779] IsWindowUnicode (hWnd=0x7005c) returned 1
[0300.779] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.779] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.779] SetCursor (hCursor=0x10003) returned 0x10003
[0300.780] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.780] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.780] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0300.780] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0300.780] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0300.780] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080243) returned 0x0
[0300.780] GetKeyState (nVirtKey=1) returned 1
[0300.780] GetKeyState (nVirtKey=2) returned 0
[0300.780] GetKeyState (nVirtKey=4) returned 0
[0300.780] GetKeyState (nVirtKey=5) returned 0
[0300.780] GetKeyState (nVirtKey=6) returned 0
[0300.780] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.781] IsWindowUnicode (hWnd=0x7005c) returned 1
[0300.781] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.781] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.781] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.781] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.781] IsWindowUnicode (hWnd=0x7005c) returned 1
[0300.781] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.781] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1dd0301) returned 0x1
[0300.782] SetCursor (hCursor=0x10003) returned 0x10003
[0300.782] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.782] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1080243) returned 0x0
[0300.782] GetKeyState (nVirtKey=1) returned 1
[0300.782] GetKeyState (nVirtKey=2) returned 0
[0300.782] GetKeyState (nVirtKey=4) returned 0
[0300.782] GetKeyState (nVirtKey=5) returned 0
[0300.782] GetKeyState (nVirtKey=6) returned 0
[0300.782] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.783] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.783] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.783] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.783] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.783] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.784] IsWindowUnicode (hWnd=0x602c4) returned 1
[0300.784] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.784] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.784] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.784] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0300.784] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.784] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc00107ee
[0300.784] SelectObject (hdc=0xc00107ee, h=0x4a0507fe) returned 0x85000f
[0300.784] GdipCreateFromHDC (hdc=0xc00107ee, graphics=0xd7e798) returned 0x0
[0300.785] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0300.785] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0300.785] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0300.785] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0300.785] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e7f8) returned 0x0
[0300.785] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.785] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0300.785] LocalFree (hMem=0x11eec58) returned 0x0
[0300.785] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0300.785] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0300.785] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0300.785] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0300.785] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0300.785] GdipRestoreGraphics (graphics=0x6600030, state=0xf5a20dbd) returned 0x0
[0300.785] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0300.785] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0300.786] GetCurrentObject (hdc=0xc00107ee, type=0x1) returned 0xb00017
[0300.786] GetCurrentObject (hdc=0xc00107ee, type=0x2) returned 0x900010
[0300.786] GetCurrentObject (hdc=0xc00107ee, type=0x7) returned 0x4a0507fe
[0300.786] GetCurrentObject (hdc=0xc00107ee, type=0x6) returned 0x8a01c2
[0300.786] SaveDC (hdc=0xc00107ee) returned 1
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0xff) returned 0xff
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0x55) returned 0x55
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0x0) returned 0x0
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0x55) returned 0x55
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0x0) returned 0x0
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0x8080ff) returned 0x8080ff
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0x7373e5) returned 0x7373e5
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0xe5) returned 0xe5
[0300.786] GetNearestColor (hdc=0xc00107ee, color=0x0) returned 0x0
[0300.787] RestoreDC (hdc=0xc00107ee, nSavedDC=-1) returned 1
[0300.787] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ee) returned 0x0
[0300.787] IsAppThemed () returned 0x1
[0300.787] GetThemeAppProperties () returned 0x3
[0300.787] GetThemeAppProperties () returned 0x3
[0300.787] IsAppThemed () returned 0x1
[0300.787] GetThemeAppProperties () returned 0x3
[0300.787] GetThemeAppProperties () returned 0x3
[0300.787] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e4a4a4 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0300.787] IsAppThemed () returned 0x1
[0300.787] GetThemeAppProperties () returned 0x3
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] IsAppThemed () returned 0x1
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] GetFocus () returned 0x602c4
[0300.788] IsAppThemed () returned 0x1
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] IsAppThemed () returned 0x1
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] IsThemePartDefined () returned 0x1
[0300.788] IsAppThemed () returned 0x1
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0300.788] IsAppThemed () returned 0x1
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] GetThemeAppProperties () returned 0x3
[0300.788] IsAppThemed () returned 0x1
[0300.788] GetThemeAppProperties () returned 0x3
[0300.789] GetThemeAppProperties () returned 0x3
[0300.789] IsThemePartDefined () returned 0x1
[0300.789] GdipCreateRegion (region=0xd7e508) returned 0x0
[0300.789] GdipGetClip (graphics=0x6600030, region=0x6645b48) returned 0x0
[0300.789] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0300.789] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0300.789] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e520) returned 0x0
[0300.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.789] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0300.789] LocalFree (hMem=0x11ee788) returned 0x0
[0300.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0300.789] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0300.789] LocalFree (hMem=0x11ee788) returned 0x0
[0300.789] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0300.789] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7e548) returned 0x0
[0300.789] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7e538) returned 0x0
[0300.789] GdipGetRegionHRgn (region=0x6645b48, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0300.789] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0300.789] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0300.790] GetCurrentObject (hdc=0xc00107ee, type=0x1) returned 0xb00017
[0300.790] GetCurrentObject (hdc=0xc00107ee, type=0x2) returned 0x900010
[0300.790] GetCurrentObject (hdc=0xc00107ee, type=0x7) returned 0x4a0507fe
[0300.790] GetCurrentObject (hdc=0xc00107ee, type=0x6) returned 0x8a01c2
[0300.790] SaveDC (hdc=0xc00107ee) returned 1
[0300.790] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xad040807
[0300.790] GetClipRgn (hdc=0xc00107ee, hrgn=0xad040807) returned 0
[0300.790] SelectClipRgn (hdc=0xc00107ee, hrgn=0x330407de) returned 2
[0300.790] DeleteObject (ho=0xad040807) returned 1
[0300.790] DeleteObject (ho=0x330407de) returned 1
[0300.790] OffsetViewportOrgEx (in: hdc=0xc00107ee, x=0, y=0, lppt=0x2e4ab54 | out: lppt=0x2e4ab54) returned 1
[0300.790] DrawThemeParentBackground () returned 0x0
[0300.790] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0300.791] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0300.791] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.791] GetSystemMetrics (nIndex=42) returned 0
[0300.791] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.791] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0300.791] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0300.791] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0300.791] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0300.791] SelectPalette (hdc=0xc00107ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.791] GdipCreateFromHDC (hdc=0xc00107ee, graphics=0xd7dff8) returned 0x0
[0300.791] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0300.791] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0300.791] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638ae8) returned 0x0
[0300.792] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfd0) returned 0x0
[0300.792] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0300.792] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0300.792] GdipGetClip (graphics=0x6631910, region=0x6645488) returned 0x0
[0300.792] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6631910, result=0xd7dfc4) returned 0x0
[0300.792] GdipDeleteRegion (region=0x6645488) returned 0x0
[0300.792] GdipSaveGraphics (graphics=0x6631910, state=0xd7dff0) returned 0x0
[0300.792] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0300.813] GdipFillRectangleI (graphics=0x6631910, brush=0x664ddc0, x=0, y=0, width=801, height=453) returned 0x0
[0300.813] GdipDeleteBrush (brush=0x664ddc0) returned 0x0
[0300.815] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0300.815] SelectPalette (hdc=0xc00107ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.815] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.815] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.816] GetSystemMetrics (nIndex=42) returned 0
[0300.816] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0300.816] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0300.816] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0300.816] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0300.816] SelectPalette (hdc=0xc00107ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0300.816] GdipCreateFromHDC (hdc=0xc00107ee, graphics=0xd7df98) returned 0x0
[0300.816] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0300.816] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0300.816] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638a88) returned 0x0
[0300.816] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df70) returned 0x0
[0300.816] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0300.816] GdipCreateRegion (region=0xd7df58) returned 0x0
[0300.817] GdipGetClip (graphics=0x6631910, region=0x6645a28) returned 0x0
[0300.817] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6631910, result=0xd7df64) returned 0x0
[0300.817] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0300.817] GdipSaveGraphics (graphics=0x6631910, state=0xd7df90) returned 0x0
[0300.817] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0300.829] GdipFillRectangleI (graphics=0x6631910, brush=0x664da18, x=0, y=0, width=801, height=453) returned 0x0
[0300.829] GdipDeleteBrush (brush=0x664da18) returned 0x0
[0300.831] GdipRestoreGraphics (graphics=0x6631910, state=0xf59e0dbd) returned 0x0
[0300.831] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0300.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0300.831] GetSystemMetrics (nIndex=42) returned 0
[0300.831] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0300.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0300.832] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0300.832] SelectPalette (hdc=0xc00107ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.832] RestoreDC (hdc=0xc00107ee, nSavedDC=-1) returned 1
[0300.832] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ee) returned 0x0
[0300.832] IsAppThemed () returned 0x1
[0300.832] GetThemeAppProperties () returned 0x3
[0300.832] GetThemeAppProperties () returned 0x3
[0300.832] IsAppThemed () returned 0x1
[0300.832] GetThemeAppProperties () returned 0x3
[0300.832] GetThemeAppProperties () returned 0x3
[0300.832] IsThemePartDefined () returned 0x1
[0300.832] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0300.832] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0300.833] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0300.833] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0300.833] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e4a4) returned 0x0
[0300.833] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0300.833] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0300.833] LocalFree (hMem=0x11ee9f0) returned 0x0
[0300.833] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0300.833] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea98) returned 0x0
[0300.833] LocalFree (hMem=0x11eea98) returned 0x0
[0300.833] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0300.833] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0300.833] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0300.833] GdipGetRegionHRgn (region=0x6645518, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0300.833] GdipDeleteRegion (region=0x6645518) returned 0x0
[0300.833] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0300.833] GetCurrentObject (hdc=0xc00107ee, type=0x1) returned 0xb00017
[0300.833] GetCurrentObject (hdc=0xc00107ee, type=0x2) returned 0x900010
[0300.833] GetCurrentObject (hdc=0xc00107ee, type=0x7) returned 0x4a0507fe
[0300.834] GetCurrentObject (hdc=0xc00107ee, type=0x6) returned 0x8a01c2
[0300.834] SaveDC (hdc=0xc00107ee) returned 1
[0300.834] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x340407de
[0300.834] GetClipRgn (hdc=0xc00107ee, hrgn=0x340407de) returned 0
[0300.834] SelectClipRgn (hdc=0xc00107ee, hrgn=0xaf040807) returned 2
[0300.834] DeleteObject (ho=0x340407de) returned 1
[0300.834] DeleteObject (ho=0xaf040807) returned 1
[0300.834] OffsetViewportOrgEx (in: hdc=0xc00107ee, x=0, y=0, lppt=0x2e513a4 | out: lppt=0x2e513a4) returned 1
[0300.834] IsAppThemed () returned 0x1
[0300.834] GetThemeAppProperties () returned 0x3
[0300.834] GetThemeAppProperties () returned 0x3
[0300.834] DrawThemeBackground () returned 0x0
[0300.834] RestoreDC (hdc=0xc00107ee, nSavedDC=-1) returned 1
[0300.834] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ee) returned 0x0
[0300.835] GdipCreateRegion (region=0xd7e490) returned 0x0
[0300.835] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0300.835] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0300.835] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0300.835] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e4a8) returned 0x0
[0300.835] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0300.835] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0300.835] LocalFree (hMem=0x11eec58) returned 0x0
[0300.835] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0300.835] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0300.835] LocalFree (hMem=0x11ee8d8) returned 0x0
[0300.835] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0300.835] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0300.835] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0300.835] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0300.835] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0300.835] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0300.835] GetCurrentObject (hdc=0xc00107ee, type=0x1) returned 0xb00017
[0300.836] GetCurrentObject (hdc=0xc00107ee, type=0x2) returned 0x900010
[0300.836] GetCurrentObject (hdc=0xc00107ee, type=0x7) returned 0x4a0507fe
[0300.836] GetCurrentObject (hdc=0xc00107ee, type=0x6) returned 0x8a01c2
[0300.836] SaveDC (hdc=0xc00107ee) returned 1
[0300.836] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb0040807
[0300.836] GetClipRgn (hdc=0xc00107ee, hrgn=0xb0040807) returned 0
[0300.836] SelectClipRgn (hdc=0xc00107ee, hrgn=0x350407de) returned 2
[0300.836] DeleteObject (ho=0xb0040807) returned 1
[0300.836] DeleteObject (ho=0x350407de) returned 1
[0300.836] OffsetViewportOrgEx (in: hdc=0xc00107ee, x=0, y=0, lppt=0x2e51678 | out: lppt=0x2e51678) returned 1
[0300.836] IsAppThemed () returned 0x1
[0300.836] GetThemeAppProperties () returned 0x3
[0300.836] GetThemeAppProperties () returned 0x3
[0300.836] GetThemeBackgroundContentRect () returned 0x0
[0300.836] RestoreDC (hdc=0xc00107ee, nSavedDC=-1) returned 1
[0300.837] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ee) returned 0x0
[0300.837] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0300.837] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0300.837] GdipFillRectangleI (graphics=0x6600030, brush=0x6639f58, x=4, y=4, width=67, height=15) returned 0x0
[0300.837] GdipDeleteBrush (brush=0x6639f58) returned 0x0
[0300.837] IsAppThemed () returned 0x1
[0300.837] GetThemeAppProperties () returned 0x3
[0300.837] GetThemeAppProperties () returned 0x3
[0300.837] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0300.837] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0300.837] GetCurrentObject (hdc=0xc00107ee, type=0x1) returned 0xb00017
[0300.837] GetCurrentObject (hdc=0xc00107ee, type=0x2) returned 0x900010
[0300.837] GetCurrentObject (hdc=0xc00107ee, type=0x7) returned 0x4a0507fe
[0300.837] GetCurrentObject (hdc=0xc00107ee, type=0x6) returned 0x8a01c2
[0300.837] SaveDC (hdc=0xc00107ee) returned 1
[0300.837] GetTextAlign (hdc=0xc00107ee) returned 0x0
[0300.837] GetTextColor (hdc=0xc00107ee) returned 0x0
[0300.838] GetCurrentObject (hdc=0xc00107ee, type=0x6) returned 0x8a01c2
[0300.838] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0300.838] SelectObject (hdc=0xc00107ee, h=0x6d0a0520) returned 0x8a01c2
[0300.838] GetBkMode (hdc=0xc00107ee) returned 2
[0300.838] SetBkMode (hdc=0xc00107ee, mode=1) returned 2
[0300.838] DrawTextExW (in: hdc=0xc00107ee, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e51a3c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0300.838] DrawTextExW (in: hdc=0xc00107ee, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e51a3c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0300.839] RestoreDC (hdc=0xc00107ee, nSavedDC=-1) returned 1
[0300.839] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ee) returned 0x0
[0300.839] GetFocus () returned 0x602c4
[0300.839] IsAppThemed () returned 0x1
[0300.839] GetThemeAppProperties () returned 0x3
[0300.839] GetThemeAppProperties () returned 0x3
[0300.839] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0300.839] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0xc00107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0300.839] GdipReleaseDC (graphics=0x6600030, hdc=0xc00107ee) returned 0x0
[0300.839] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0300.840] SelectObject (hdc=0xc00107ee, h=0x85000f) returned 0x4a0507fe
[0300.840] DeleteDC (hdc=0xc00107ee) returned 1
[0300.840] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0300.840] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0300.843] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.843] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.843] WaitMessage () returned 1
[0300.843] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.843] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.843] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.843] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.843] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.844] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.844] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.844] WaitMessage () returned 1
[0300.865] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.865] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.865] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.865] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.866] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.867] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.867] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.867] WaitMessage () returned 1
[0300.868] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.868] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.869] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.869] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.869] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.870] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.870] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.870] WaitMessage () returned 1
[0300.870] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.870] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.871] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.871] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.871] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.876] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.876] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.876] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.877] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.877] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.877] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.877] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.877] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.877] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.877] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.877] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.878] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.878] WaitMessage () returned 1
[0300.880] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.880] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.880] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.880] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.880] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.881] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.882] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.882] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.882] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.882] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.882] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.882] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.882] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.882] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.882] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.882] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.883] WaitMessage () returned 1
[0300.883] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.883] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.883] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.883] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.883] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.885] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.886] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.886] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.886] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.886] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.886] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.886] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.886] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.886] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.886] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.886] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.887] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.887] WaitMessage () returned 1
[0300.887] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.887] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.887] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.887] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.887] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.889] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.890] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.890] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.890] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.890] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.890] IsWindowUnicode (hWnd=0x30122) returned 1
[0300.890] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.890] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.890] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.891] IsWindowUnicode (hWnd=0x7005c) returned 1
[0300.891] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.891] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.891] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.891] IsWindowUnicode (hWnd=0x7005c) returned 1
[0300.891] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0300.891] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0300.891] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0300.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1080243) returned 0x0
[0300.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.892] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0300.892] WaitMessage () returned 1
[0301.055] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0301.055] IsWindowUnicode (hWnd=0x502c6) returned 1
[0301.055] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0301.055] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0301.055] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0301.056] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0301.056] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0301.056] WaitMessage () returned 1
[0303.016] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730110) returned 0x1
[0303.016] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.016] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.016] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.016] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.017] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0303.017] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730110) returned 0x1
[0303.017] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.017] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730110) returned 0x1
[0303.017] SetCursor (hCursor=0x10003) returned 0x10003
[0303.017] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.017] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.017] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0303.017] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0303.017] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0303.017] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0303.017] GetKeyState (nVirtKey=1) returned 1
[0303.017] GetKeyState (nVirtKey=2) returned 0
[0303.017] GetKeyState (nVirtKey=4) returned 0
[0303.018] GetKeyState (nVirtKey=5) returned 0
[0303.018] GetKeyState (nVirtKey=6) returned 0
[0303.018] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.018] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.018] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.018] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.018] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.018] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0303.018] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.018] CreateCompatibleDC (hdc=0xf0105ee) returned 0x96010793
[0303.018] SelectObject (hdc=0x96010793, h=0x4a0507fe) returned 0x85000f
[0303.018] GdipCreateFromHDC (hdc=0x96010793, graphics=0xd7e798) returned 0x0
[0303.019] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.019] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0303.019] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0303.019] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0303.019] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e7f8) returned 0x0
[0303.019] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.019] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0303.019] LocalFree (hMem=0x11ee788) returned 0x0
[0303.019] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0303.019] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0303.019] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0303.019] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0303.020] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0303.020] GdipRestoreGraphics (graphics=0x6600030, state=0xf59c0dbd) returned 0x0
[0303.020] GdipDeleteRegion (region=0x6645128) returned 0x0
[0303.020] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0303.020] GetCurrentObject (hdc=0x96010793, type=0x1) returned 0xb00017
[0303.020] GetCurrentObject (hdc=0x96010793, type=0x2) returned 0x900010
[0303.020] GetCurrentObject (hdc=0x96010793, type=0x7) returned 0x4a0507fe
[0303.020] GetCurrentObject (hdc=0x96010793, type=0x6) returned 0x8a01c2
[0303.020] SaveDC (hdc=0x96010793) returned 1
[0303.020] GetNearestColor (hdc=0x96010793, color=0xff) returned 0xff
[0303.020] GetNearestColor (hdc=0x96010793, color=0x55) returned 0x55
[0303.020] GetNearestColor (hdc=0x96010793, color=0x0) returned 0x0
[0303.020] GetNearestColor (hdc=0x96010793, color=0x55) returned 0x55
[0303.020] GetNearestColor (hdc=0x96010793, color=0x0) returned 0x0
[0303.020] GetNearestColor (hdc=0x96010793, color=0x8080ff) returned 0x8080ff
[0303.021] GetNearestColor (hdc=0x96010793, color=0x7373e5) returned 0x7373e5
[0303.021] GetNearestColor (hdc=0x96010793, color=0xe5) returned 0xe5
[0303.021] GetNearestColor (hdc=0x96010793, color=0x0) returned 0x0
[0303.021] RestoreDC (hdc=0x96010793, nSavedDC=-1) returned 1
[0303.021] GdipReleaseDC (graphics=0x6600030, hdc=0x96010793) returned 0x0
[0303.021] IsAppThemed () returned 0x1
[0303.021] GetThemeAppProperties () returned 0x3
[0303.021] GetThemeAppProperties () returned 0x3
[0303.021] IsAppThemed () returned 0x1
[0303.021] GetThemeAppProperties () returned 0x3
[0303.021] GetThemeAppProperties () returned 0x3
[0303.021] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e52388 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0303.022] IsAppThemed () returned 0x1
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] IsAppThemed () returned 0x1
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] IsAppThemed () returned 0x1
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] IsAppThemed () returned 0x1
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] GetThemeAppProperties () returned 0x3
[0303.022] IsThemePartDefined () returned 0x1
[0303.022] IsAppThemed () returned 0x1
[0303.023] GetThemeAppProperties () returned 0x3
[0303.023] GetThemeAppProperties () returned 0x3
[0303.023] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.023] IsAppThemed () returned 0x1
[0303.023] GetThemeAppProperties () returned 0x3
[0303.023] GetThemeAppProperties () returned 0x3
[0303.023] IsAppThemed () returned 0x1
[0303.023] GetThemeAppProperties () returned 0x3
[0303.023] GetThemeAppProperties () returned 0x3
[0303.023] IsThemePartDefined () returned 0x1
[0303.023] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0303.023] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0303.023] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0303.023] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0303.023] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e514) returned 0x0
[0303.023] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.023] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0303.023] LocalFree (hMem=0x11eec58) returned 0x0
[0303.023] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.023] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0303.023] LocalFree (hMem=0x11eec58) returned 0x0
[0303.023] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0303.023] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0303.023] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0303.023] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0303.024] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0303.024] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0303.024] GetCurrentObject (hdc=0x96010793, type=0x1) returned 0xb00017
[0303.024] GetCurrentObject (hdc=0x96010793, type=0x2) returned 0x900010
[0303.024] GetCurrentObject (hdc=0x96010793, type=0x7) returned 0x4a0507fe
[0303.024] GetCurrentObject (hdc=0x96010793, type=0x6) returned 0x8a01c2
[0303.024] SaveDC (hdc=0x96010793) returned 1
[0303.024] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x360407de
[0303.024] GetClipRgn (hdc=0x96010793, hrgn=0x360407de) returned 0
[0303.024] SelectClipRgn (hdc=0x96010793, hrgn=0xb4040807) returned 2
[0303.024] DeleteObject (ho=0x360407de) returned 1
[0303.024] DeleteObject (ho=0xb4040807) returned 1
[0303.024] OffsetViewportOrgEx (in: hdc=0x96010793, x=0, y=0, lppt=0x2e52a38 | out: lppt=0x2e52a38) returned 1
[0303.024] DrawThemeParentBackground () returned 0x0
[0303.024] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0303.024] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0303.024] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.024] GetSystemMetrics (nIndex=42) returned 0
[0303.025] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0303.025] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0303.025] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0303.025] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0303.025] SelectPalette (hdc=0x96010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.025] GdipCreateFromHDC (hdc=0x96010793, graphics=0xd7dff0) returned 0x0
[0303.025] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.025] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0303.025] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638b18) returned 0x0
[0303.025] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfc8) returned 0x0
[0303.025] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0303.025] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0303.025] GdipGetClip (graphics=0x6631910, region=0x6645488) returned 0x0
[0303.025] GdipIsInfiniteRegion (region=0x6645488, graphics=0x6631910, result=0xd7dfbc) returned 0x0
[0303.025] GdipDeleteRegion (region=0x6645488) returned 0x0
[0303.025] GdipSaveGraphics (graphics=0x6631910, state=0xd7dfe8) returned 0x0
[0303.025] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0303.033] GdipFillRectangleI (graphics=0x6631910, brush=0x664def8, x=0, y=0, width=801, height=453) returned 0x0
[0303.033] GdipDeleteBrush (brush=0x664def8) returned 0x0
[0303.035] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.035] SelectPalette (hdc=0x96010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.035] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.035] GetSystemMetrics (nIndex=42) returned 0
[0303.035] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0303.035] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0303.035] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0303.035] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0303.035] SelectPalette (hdc=0x96010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.035] GdipCreateFromHDC (hdc=0x96010793, graphics=0xd7df90) returned 0x0
[0303.035] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.036] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0303.036] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638c38) returned 0x0
[0303.036] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df68) returned 0x0
[0303.036] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0303.036] GdipCreateRegion (region=0xd7df50) returned 0x0
[0303.036] GdipGetClip (graphics=0x6631910, region=0x6645638) returned 0x0
[0303.036] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6631910, result=0xd7df5c) returned 0x0
[0303.036] GdipDeleteRegion (region=0x6645638) returned 0x0
[0303.036] GdipSaveGraphics (graphics=0x6631910, state=0xd7df88) returned 0x0
[0303.036] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0303.043] GdipFillRectangleI (graphics=0x6631910, brush=0x664def8, x=0, y=0, width=801, height=453) returned 0x0
[0303.043] GdipDeleteBrush (brush=0x664def8) returned 0x0
[0303.055] GdipRestoreGraphics (graphics=0x6631910, state=0xf5980dbd) returned 0x0
[0303.056] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.057] GetSystemMetrics (nIndex=42) returned 0
[0303.057] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0303.057] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.057] SelectPalette (hdc=0x96010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.057] RestoreDC (hdc=0x96010793, nSavedDC=-1) returned 1
[0303.057] GdipReleaseDC (graphics=0x6600030, hdc=0x96010793) returned 0x0
[0303.057] IsAppThemed () returned 0x1
[0303.057] GetThemeAppProperties () returned 0x3
[0303.057] GetThemeAppProperties () returned 0x3
[0303.057] IsAppThemed () returned 0x1
[0303.058] GetThemeAppProperties () returned 0x3
[0303.058] GetThemeAppProperties () returned 0x3
[0303.058] IsThemePartDefined () returned 0x1
[0303.058] GdipCreateRegion (region=0xd7e480) returned 0x0
[0303.058] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0303.058] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0303.058] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0303.058] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e498) returned 0x0
[0303.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0303.058] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0303.058] LocalFree (hMem=0x11ee868) returned 0x0
[0303.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.058] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0303.058] LocalFree (hMem=0x11eec58) returned 0x0
[0303.058] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0303.058] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0303.058] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0303.058] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0303.058] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0303.058] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0303.058] GetCurrentObject (hdc=0x96010793, type=0x1) returned 0xb00017
[0303.058] GetCurrentObject (hdc=0x96010793, type=0x2) returned 0x900010
[0303.058] GetCurrentObject (hdc=0x96010793, type=0x7) returned 0x4a0507fe
[0303.059] GetCurrentObject (hdc=0x96010793, type=0x6) returned 0x8a01c2
[0303.059] SaveDC (hdc=0x96010793) returned 1
[0303.059] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb5040807
[0303.059] GetClipRgn (hdc=0x96010793, hrgn=0xb5040807) returned 0
[0303.059] SelectClipRgn (hdc=0x96010793, hrgn=0x380407de) returned 2
[0303.059] DeleteObject (ho=0xb5040807) returned 1
[0303.059] DeleteObject (ho=0x380407de) returned 1
[0303.059] OffsetViewportOrgEx (in: hdc=0x96010793, x=0, y=0, lppt=0x2e59288 | out: lppt=0x2e59288) returned 1
[0303.059] IsAppThemed () returned 0x1
[0303.059] GetThemeAppProperties () returned 0x3
[0303.059] GetThemeAppProperties () returned 0x3
[0303.059] DrawThemeBackground () returned 0x0
[0303.059] RestoreDC (hdc=0x96010793, nSavedDC=-1) returned 1
[0303.059] GdipReleaseDC (graphics=0x6600030, hdc=0x96010793) returned 0x0
[0303.059] GdipCreateRegion (region=0xd7e484) returned 0x0
[0303.059] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0303.059] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0303.059] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0303.059] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e49c) returned 0x0
[0303.060] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.060] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0303.060] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.060] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.060] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee9f0) returned 0x0
[0303.060] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.060] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0303.060] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0303.060] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0303.060] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0303.060] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0303.060] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0303.060] GetCurrentObject (hdc=0x96010793, type=0x1) returned 0xb00017
[0303.060] GetCurrentObject (hdc=0x96010793, type=0x2) returned 0x900010
[0303.060] GetCurrentObject (hdc=0x96010793, type=0x7) returned 0x4a0507fe
[0303.060] GetCurrentObject (hdc=0x96010793, type=0x6) returned 0x8a01c2
[0303.060] SaveDC (hdc=0x96010793) returned 1
[0303.060] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x390407de
[0303.060] GetClipRgn (hdc=0x96010793, hrgn=0x390407de) returned 0
[0303.060] SelectClipRgn (hdc=0x96010793, hrgn=0xb6040807) returned 2
[0303.060] DeleteObject (ho=0x390407de) returned 1
[0303.061] DeleteObject (ho=0xb6040807) returned 1
[0303.061] OffsetViewportOrgEx (in: hdc=0x96010793, x=0, y=0, lppt=0x2e5955c | out: lppt=0x2e5955c) returned 1
[0303.061] IsAppThemed () returned 0x1
[0303.061] GetThemeAppProperties () returned 0x3
[0303.061] GetThemeAppProperties () returned 0x3
[0303.061] GetThemeBackgroundContentRect () returned 0x0
[0303.061] RestoreDC (hdc=0x96010793, nSavedDC=-1) returned 1
[0303.061] GdipReleaseDC (graphics=0x6600030, hdc=0x96010793) returned 0x0
[0303.061] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0303.061] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0303.061] GdipFillRectangleI (graphics=0x6600030, brush=0x6639f58, x=4, y=4, width=67, height=15) returned 0x0
[0303.061] GdipDeleteBrush (brush=0x6639f58) returned 0x0
[0303.061] IsAppThemed () returned 0x1
[0303.061] GetThemeAppProperties () returned 0x3
[0303.061] GetThemeAppProperties () returned 0x3
[0303.061] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0303.061] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0303.061] GetCurrentObject (hdc=0x96010793, type=0x1) returned 0xb00017
[0303.061] GetCurrentObject (hdc=0x96010793, type=0x2) returned 0x900010
[0303.061] GetCurrentObject (hdc=0x96010793, type=0x7) returned 0x4a0507fe
[0303.061] GetCurrentObject (hdc=0x96010793, type=0x6) returned 0x8a01c2
[0303.062] SaveDC (hdc=0x96010793) returned 1
[0303.062] GetTextAlign (hdc=0x96010793) returned 0x0
[0303.062] GetTextColor (hdc=0x96010793) returned 0x0
[0303.062] GetCurrentObject (hdc=0x96010793, type=0x6) returned 0x8a01c2
[0303.062] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0303.062] SelectObject (hdc=0x96010793, h=0x6d0a0520) returned 0x8a01c2
[0303.062] GetBkMode (hdc=0x96010793) returned 2
[0303.062] SetBkMode (hdc=0x96010793, mode=1) returned 2
[0303.062] DrawTextExW (in: hdc=0x96010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e59920 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0303.062] DrawTextExW (in: hdc=0x96010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e59920 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0303.063] RestoreDC (hdc=0x96010793, nSavedDC=-1) returned 1
[0303.063] GdipReleaseDC (graphics=0x6600030, hdc=0x96010793) returned 0x0
[0303.063] GetFocus () returned 0x602c4
[0303.063] IsAppThemed () returned 0x1
[0303.063] GetThemeAppProperties () returned 0x3
[0303.063] GetThemeAppProperties () returned 0x3
[0303.063] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0303.063] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x96010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.064] GdipReleaseDC (graphics=0x6600030, hdc=0x96010793) returned 0x0
[0303.064] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.064] SelectObject (hdc=0x96010793, h=0x85000f) returned 0x4a0507fe
[0303.064] DeleteDC (hdc=0x96010793) returned 1
[0303.064] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.064] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0303.064] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.064] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.064] WaitMessage () returned 1
[0303.123] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.123] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.124] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.124] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.124] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.124] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.124] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.124] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.124] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.124] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.124] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xc0035) returned 0x0
[0303.124] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.124] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.124] WaitMessage () returned 1
[0303.267] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730110) returned 0x1
[0303.267] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.267] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730110) returned 0x1
[0303.267] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0303.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19e0052) returned 0x0
[0303.267] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0303.267] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0303.267] SetCursor (hCursor=0x10003) returned 0x10003
[0303.267] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.267] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.268] GetKeyState (nVirtKey=1) returned -128
[0303.268] GetKeyState (nVirtKey=2) returned 0
[0303.268] GetKeyState (nVirtKey=4) returned 0
[0303.268] GetKeyState (nVirtKey=5) returned 0
[0303.268] GetKeyState (nVirtKey=6) returned 0
[0303.268] IsWindowVisible (hWnd=0x602c4) returned 1
[0303.268] IsWindowEnabled (hWnd=0x602c4) returned 1
[0303.268] SetFocus (hWnd=0x602c4) returned 0x602c4
[0303.268] GetFocus () returned 0x602c4
[0303.268] GetFocus () returned 0x602c4
[0303.268] GetFocus () returned 0x602c4
[0303.268] GetKeyState (nVirtKey=1) returned -128
[0303.268] GetKeyState (nVirtKey=2) returned 0
[0303.268] GetKeyState (nVirtKey=4) returned 0
[0303.268] GetKeyState (nVirtKey=5) returned 0
[0303.268] GetKeyState (nVirtKey=6) returned 0
[0303.268] GetCapture () returned 0x0
[0303.268] SetCapture (hWnd=0x602c4) returned 0x0
[0303.268] GetKeyState (nVirtKey=1) returned -128
[0303.268] GetKeyState (nVirtKey=2) returned 0
[0303.268] GetKeyState (nVirtKey=4) returned 0
[0303.268] GetKeyState (nVirtKey=5) returned 0
[0303.268] GetKeyState (nVirtKey=6) returned 0
[0303.268] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0303.268] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0303.268] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.268] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.269] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.269] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.269] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.269] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e59aa4, cPoints=0x1 | out: lpPoints=0x2e59aa4) returned 40304859
[0303.269] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0303.269] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0303.269] UpdateWindow (hWnd=0x602c4) returned 1
[0303.269] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0303.269] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.269] CreateCompatibleDC (hdc=0xf0105ee) returned 0x97010793
[0303.269] SelectObject (hdc=0x97010793, h=0x4a0507fe) returned 0x85000f
[0303.269] GdipCreateFromHDC (hdc=0x97010793, graphics=0xd7e430) returned 0x0
[0303.269] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.269] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0303.269] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0303.269] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0303.270] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e490) returned 0x0
[0303.270] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0303.270] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eed00) returned 0x0
[0303.270] LocalFree (hMem=0x11eed00) returned 0x0
[0303.270] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0303.270] GdipCreateRegion (region=0xd7e478) returned 0x0
[0303.270] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0303.270] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0303.270] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0303.270] GdipRestoreGraphics (graphics=0x6600030, state=0xf5960dbd) returned 0x0
[0303.270] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0303.270] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0303.270] GetCurrentObject (hdc=0x97010793, type=0x1) returned 0xb00017
[0303.270] GetCurrentObject (hdc=0x97010793, type=0x2) returned 0x900010
[0303.270] GetCurrentObject (hdc=0x97010793, type=0x7) returned 0x4a0507fe
[0303.270] GetCurrentObject (hdc=0x97010793, type=0x6) returned 0x8a01c2
[0303.270] SaveDC (hdc=0x97010793) returned 1
[0303.270] GetNearestColor (hdc=0x97010793, color=0xff) returned 0xff
[0303.270] GetNearestColor (hdc=0x97010793, color=0x55) returned 0x55
[0303.271] GetNearestColor (hdc=0x97010793, color=0x0) returned 0x0
[0303.271] GetNearestColor (hdc=0x97010793, color=0x55) returned 0x55
[0303.271] GetNearestColor (hdc=0x97010793, color=0x0) returned 0x0
[0303.271] GetNearestColor (hdc=0x97010793, color=0x8080ff) returned 0x8080ff
[0303.271] GetNearestColor (hdc=0x97010793, color=0x7373e5) returned 0x7373e5
[0303.271] GetNearestColor (hdc=0x97010793, color=0xe5) returned 0xe5
[0303.271] GetNearestColor (hdc=0x97010793, color=0x0) returned 0x0
[0303.271] RestoreDC (hdc=0x97010793, nSavedDC=-1) returned 1
[0303.271] GdipReleaseDC (graphics=0x6600030, hdc=0x97010793) returned 0x0
[0303.271] IsAppThemed () returned 0x1
[0303.271] GetThemeAppProperties () returned 0x3
[0303.271] GetThemeAppProperties () returned 0x3
[0303.271] IsAppThemed () returned 0x1
[0303.271] GetThemeAppProperties () returned 0x3
[0303.271] GetThemeAppProperties () returned 0x3
[0303.271] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e5a1c0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0303.272] IsAppThemed () returned 0x1
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] IsAppThemed () returned 0x1
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] IsAppThemed () returned 0x1
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] IsAppThemed () returned 0x1
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] IsThemePartDefined () returned 0x1
[0303.272] IsAppThemed () returned 0x1
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.272] IsAppThemed () returned 0x1
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] IsAppThemed () returned 0x1
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] GetThemeAppProperties () returned 0x3
[0303.272] IsThemePartDefined () returned 0x1
[0303.273] GdipCreateRegion (region=0xd7e194) returned 0x0
[0303.273] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0303.273] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0303.273] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0303.273] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e1ac) returned 0x0
[0303.273] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.273] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0303.273] LocalFree (hMem=0x11eec58) returned 0x0
[0303.273] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0303.273] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0303.273] LocalFree (hMem=0x11ee868) returned 0x0
[0303.273] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0303.273] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0303.273] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0303.273] GdipGetRegionHRgn (region=0x6645a28, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0303.273] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0303.273] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0303.273] GetCurrentObject (hdc=0x97010793, type=0x1) returned 0xb00017
[0303.273] GetCurrentObject (hdc=0x97010793, type=0x2) returned 0x900010
[0303.273] GetCurrentObject (hdc=0x97010793, type=0x7) returned 0x4a0507fe
[0303.273] GetCurrentObject (hdc=0x97010793, type=0x6) returned 0x8a01c2
[0303.273] SaveDC (hdc=0x97010793) returned 1
[0303.273] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb7040807
[0303.274] GetClipRgn (hdc=0x97010793, hrgn=0xb7040807) returned 0
[0303.274] SelectClipRgn (hdc=0x97010793, hrgn=0x3d0407de) returned 2
[0303.274] DeleteObject (ho=0xb7040807) returned 1
[0303.274] DeleteObject (ho=0x3d0407de) returned 1
[0303.274] OffsetViewportOrgEx (in: hdc=0x97010793, x=0, y=0, lppt=0x2e5a870 | out: lppt=0x2e5a870) returned 1
[0303.274] DrawThemeParentBackground () returned 0x0
[0303.274] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0303.274] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0303.274] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.274] GetSystemMetrics (nIndex=42) returned 0
[0303.274] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.274] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0303.274] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0303.274] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0303.274] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0303.274] SelectPalette (hdc=0x97010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.274] GdipCreateFromHDC (hdc=0x97010793, graphics=0xd7dc88) returned 0x0
[0303.275] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.275] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0303.275] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638d58) returned 0x0
[0303.275] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc60) returned 0x0
[0303.275] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0303.275] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0303.275] GdipGetClip (graphics=0x6631910, region=0x66453f8) returned 0x0
[0303.275] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6631910, result=0xd7dc54) returned 0x0
[0303.275] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.275] GdipSaveGraphics (graphics=0x6631910, state=0xd7dc80) returned 0x0
[0303.275] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0303.282] GdipFillRectangleI (graphics=0x6631910, brush=0x664e648, x=0, y=0, width=801, height=453) returned 0x0
[0303.282] GdipDeleteBrush (brush=0x664e648) returned 0x0
[0303.284] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.284] SelectPalette (hdc=0x97010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.284] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.284] GetSystemMetrics (nIndex=42) returned 0
[0303.284] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0303.284] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0303.284] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0303.284] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0303.284] SelectPalette (hdc=0x97010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.284] GdipCreateFromHDC (hdc=0x97010793, graphics=0xd7dc28) returned 0x0
[0303.284] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.284] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0303.284] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638c98) returned 0x0
[0303.284] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc00) returned 0x0
[0303.284] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0303.285] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0303.285] GdipGetClip (graphics=0x6631910, region=0x6645c68) returned 0x0
[0303.285] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6631910, result=0xd7dbf4) returned 0x0
[0303.285] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0303.285] GdipSaveGraphics (graphics=0x6631910, state=0xd7dc20) returned 0x0
[0303.285] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0303.292] GdipFillRectangleI (graphics=0x6631910, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0303.292] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0303.293] GdipRestoreGraphics (graphics=0x6631910, state=0xf5920dbd) returned 0x0
[0303.293] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.293] GetSystemMetrics (nIndex=42) returned 0
[0303.293] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0303.293] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.293] SelectPalette (hdc=0x97010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.294] RestoreDC (hdc=0x97010793, nSavedDC=-1) returned 1
[0303.294] GdipReleaseDC (graphics=0x6600030, hdc=0x97010793) returned 0x0
[0303.294] IsAppThemed () returned 0x1
[0303.294] GetThemeAppProperties () returned 0x3
[0303.294] GetThemeAppProperties () returned 0x3
[0303.294] IsAppThemed () returned 0x1
[0303.294] GetThemeAppProperties () returned 0x3
[0303.294] GetThemeAppProperties () returned 0x3
[0303.294] IsThemePartDefined () returned 0x1
[0303.294] GdipCreateRegion (region=0xd7e118) returned 0x0
[0303.294] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.294] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0303.294] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0303.294] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e130) returned 0x0
[0303.294] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.294] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0303.294] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.294] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0303.295] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea28) returned 0x0
[0303.295] LocalFree (hMem=0x11eea28) returned 0x0
[0303.295] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0303.295] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0303.295] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0303.295] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0303.295] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.295] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0303.295] GetCurrentObject (hdc=0x97010793, type=0x1) returned 0xb00017
[0303.295] GetCurrentObject (hdc=0x97010793, type=0x2) returned 0x900010
[0303.295] GetCurrentObject (hdc=0x97010793, type=0x7) returned 0x4a0507fe
[0303.295] GetCurrentObject (hdc=0x97010793, type=0x6) returned 0x8a01c2
[0303.295] SaveDC (hdc=0x97010793) returned 1
[0303.295] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3e0407de
[0303.295] GetClipRgn (hdc=0x97010793, hrgn=0x3e0407de) returned 0
[0303.295] SelectClipRgn (hdc=0x97010793, hrgn=0xb9040807) returned 2
[0303.295] DeleteObject (ho=0x3e0407de) returned 1
[0303.295] DeleteObject (ho=0xb9040807) returned 1
[0303.295] OffsetViewportOrgEx (in: hdc=0x97010793, x=0, y=0, lppt=0x2e610c0 | out: lppt=0x2e610c0) returned 1
[0303.295] IsAppThemed () returned 0x1
[0303.296] GetThemeAppProperties () returned 0x3
[0303.296] GetThemeAppProperties () returned 0x3
[0303.296] DrawThemeBackground () returned 0x0
[0303.296] RestoreDC (hdc=0x97010793, nSavedDC=-1) returned 1
[0303.296] GdipReleaseDC (graphics=0x6600030, hdc=0x97010793) returned 0x0
[0303.296] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0303.296] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0303.296] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0303.296] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0303.296] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e134) returned 0x0
[0303.296] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0303.296] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eed00) returned 0x0
[0303.296] LocalFree (hMem=0x11eed00) returned 0x0
[0303.296] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0303.296] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee910) returned 0x0
[0303.296] LocalFree (hMem=0x11ee910) returned 0x0
[0303.296] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0303.296] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0303.296] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0303.296] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0303.296] GdipDeleteRegion (region=0x6645998) returned 0x0
[0303.296] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0303.296] GetCurrentObject (hdc=0x97010793, type=0x1) returned 0xb00017
[0303.296] GetCurrentObject (hdc=0x97010793, type=0x2) returned 0x900010
[0303.297] GetCurrentObject (hdc=0x97010793, type=0x7) returned 0x4a0507fe
[0303.297] GetCurrentObject (hdc=0x97010793, type=0x6) returned 0x8a01c2
[0303.297] SaveDC (hdc=0x97010793) returned 1
[0303.297] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xba040807
[0303.297] GetClipRgn (hdc=0x97010793, hrgn=0xba040807) returned 0
[0303.297] SelectClipRgn (hdc=0x97010793, hrgn=0x3f0407de) returned 2
[0303.297] DeleteObject (ho=0xba040807) returned 1
[0303.297] DeleteObject (ho=0x3f0407de) returned 1
[0303.297] OffsetViewportOrgEx (in: hdc=0x97010793, x=0, y=0, lppt=0x2e61394 | out: lppt=0x2e61394) returned 1
[0303.297] IsAppThemed () returned 0x1
[0303.297] GetThemeAppProperties () returned 0x3
[0303.297] GetThemeAppProperties () returned 0x3
[0303.297] GetThemeBackgroundContentRect () returned 0x0
[0303.297] RestoreDC (hdc=0x97010793, nSavedDC=-1) returned 1
[0303.297] GdipReleaseDC (graphics=0x6600030, hdc=0x97010793) returned 0x0
[0303.297] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0303.297] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0303.297] GdipFillRectangleI (graphics=0x6600030, brush=0x6639f58, x=4, y=4, width=67, height=15) returned 0x0
[0303.297] GdipDeleteBrush (brush=0x6639f58) returned 0x0
[0303.297] IsAppThemed () returned 0x1
[0303.298] GetThemeAppProperties () returned 0x3
[0303.298] GetThemeAppProperties () returned 0x3
[0303.298] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0303.298] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0303.298] GetCurrentObject (hdc=0x97010793, type=0x1) returned 0xb00017
[0303.298] GetCurrentObject (hdc=0x97010793, type=0x2) returned 0x900010
[0303.298] GetCurrentObject (hdc=0x97010793, type=0x7) returned 0x4a0507fe
[0303.298] GetCurrentObject (hdc=0x97010793, type=0x6) returned 0x8a01c2
[0303.298] SaveDC (hdc=0x97010793) returned 1
[0303.298] GetTextAlign (hdc=0x97010793) returned 0x0
[0303.298] GetTextColor (hdc=0x97010793) returned 0x0
[0303.298] GetCurrentObject (hdc=0x97010793, type=0x6) returned 0x8a01c2
[0303.298] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0303.298] SelectObject (hdc=0x97010793, h=0x6d0a0520) returned 0x8a01c2
[0303.298] GetBkMode (hdc=0x97010793) returned 2
[0303.298] SetBkMode (hdc=0x97010793, mode=1) returned 2
[0303.298] DrawTextExW (in: hdc=0x97010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e61758 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0303.299] DrawTextExW (in: hdc=0x97010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e61758 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0303.299] RestoreDC (hdc=0x97010793, nSavedDC=-1) returned 1
[0303.299] GdipReleaseDC (graphics=0x6600030, hdc=0x97010793) returned 0x0
[0303.299] GetFocus () returned 0x602c4
[0303.299] IsAppThemed () returned 0x1
[0303.299] GetThemeAppProperties () returned 0x3
[0303.299] GetThemeAppProperties () returned 0x3
[0303.299] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0303.299] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x97010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.300] GdipReleaseDC (graphics=0x6600030, hdc=0x97010793) returned 0x0
[0303.300] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.300] SelectObject (hdc=0x97010793, h=0x85000f) returned 0x4a0507fe
[0303.300] DeleteDC (hdc=0x97010793) returned 1
[0303.300] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.300] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0303.300] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e61854, cPoints=0x1 | out: lpPoints=0x2e61854) returned 40304859
[0303.300] WindowFromPoint (Point=0x110) returned 0x602c4
[0303.300] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2730110) returned 0x1
[0303.300] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0303.300] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0303.300] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0303.300] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0303.300] GetSystemMetrics (nIndex=42) returned 0
[0303.301] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0303.301] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0303.302] GetCapture () returned 0x602c4
[0303.302] ReleaseCapture () returned 1
[0303.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0303.303] GetProcessWindowStation () returned 0x13c
[0303.303] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.303] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0303.303] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.303] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0303.304] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.304] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0303.304] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.304] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0303.304] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.304] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0303.304] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.304] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0303.304] GetDC (hWnd=0x0) returned 0xc0107c5
[0303.305] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0303.305] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0303.305] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.305] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0303.305] GetSystemMetrics (nIndex=5) returned 1
[0303.305] GetSystemMetrics (nIndex=6) returned 1
[0303.305] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.306] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0303.306] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.306] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0303.309] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0303.309] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0303.309] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.309] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0303.309] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.309] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0303.311] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e67270 | out: lpData=0x2e67270) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e67680, puLen=0xd7e810) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e67328, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6737c, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e673fc, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e67464, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e674a4, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6752c, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e67568, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e675c0, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e675f0, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6762c, puLen=0xd7e790) returned 1
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e67680, puLen=0xd7e784) returned 1
[0303.312] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.312] VerQueryValueW (in: pBlock=0x2e67270, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e67298, puLen=0xd7e794) returned 1
[0303.313] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0303.313] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0303.313] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.313] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0303.313] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.313] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0303.313] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e691e0 | out: lpData=0x2e691e0) returned 1
[0303.313] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e6927c, puLen=0xd7e810) returned 1
[0303.313] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e692f4, puLen=0xd7e790) returned 1
[0303.313] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e69324, puLen=0xd7e790) returned 1
[0303.313] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e69360, puLen=0xd7e790) returned 1
[0303.313] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e69390, puLen=0xd7e790) returned 1
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e693d8, puLen=0xd7e790) returned 1
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e69450, puLen=0xd7e790) returned 1
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e69494, puLen=0xd7e790) returned 1
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e694d4, puLen=0xd7e790) returned 1
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e692d2, puLen=0xd7e790) returned 1
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e69420, puLen=0xd7e790) returned 1
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e6927c, puLen=0xd7e784) returned 1
[0303.314] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0303.314] VerQueryValueW (in: pBlock=0x2e691e0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e69208, puLen=0xd7e794) returned 1
[0303.315] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0303.315] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0303.315] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.315] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0303.315] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.315] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0303.315] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e6b4b8 | out: lpData=0x2e6b4b8) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e6b8cc, puLen=0xd7e810) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b570, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b5c4, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b620, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b680, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b6d8, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b760, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b7b4, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b80c, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b83c, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6b878, puLen=0xd7e790) returned 1
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e6b8cc, puLen=0xd7e784) returned 1
[0303.316] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.316] VerQueryValueW (in: pBlock=0x2e6b4b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e6b4e0, puLen=0xd7e794) returned 1
[0303.317] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0303.317] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0303.317] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.317] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0303.317] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.318] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0303.318] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e6daf0 | out: lpData=0x2e6daf0) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e6def0, puLen=0xd7e810) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6dba8, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6dbfc, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6dc3c, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6dca4, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6dcfc, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6dd84, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6ddd8, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6de30, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6de60, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e6de9c, puLen=0xd7e790) returned 1
[0303.319] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.320] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e6def0, puLen=0xd7e784) returned 1
[0303.320] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.320] VerQueryValueW (in: pBlock=0x2e6daf0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e6db18, puLen=0xd7e794) returned 1
[0303.320] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0303.320] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0303.320] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.320] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0303.321] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.321] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0303.321] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e7022c | out: lpData=0x2e7022c) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e705f4, puLen=0xd7e810) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e702e4, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e70338, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e70378, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e703e0, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7041c, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e704a4, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e704dc, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e70534, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e70564, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e705a0, puLen=0xd7e790) returned 1
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.322] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e705f4, puLen=0xd7e784) returned 1
[0303.323] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.323] VerQueryValueW (in: pBlock=0x2e7022c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e70254, puLen=0xd7e794) returned 1
[0303.323] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0303.323] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0303.323] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.323] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0303.324] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.324] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0303.324] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e73894 | out: lpData=0x2e73894) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e73c74, puLen=0xd7e810) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7394c, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e739a0, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e739e0, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73a40, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73a8c, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73b14, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73b5c, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73bb4, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73be4, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e73c20, puLen=0xd7e790) returned 1
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e73c74, puLen=0xd7e784) returned 1
[0303.325] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.325] VerQueryValueW (in: pBlock=0x2e73894, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e738bc, puLen=0xd7e794) returned 1
[0303.326] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0303.326] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0303.326] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.326] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0303.326] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.326] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0303.327] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e760b4 | out: lpData=0x2e760b4) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e764c0, puLen=0xd7e810) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7616c, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e761c0, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76214, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76274, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e762cc, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76354, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e763a8, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76400, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e76430, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7646c, puLen=0xd7e790) returned 1
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e764c0, puLen=0xd7e784) returned 1
[0303.328] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.328] VerQueryValueW (in: pBlock=0x2e760b4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e760dc, puLen=0xd7e794) returned 1
[0303.329] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0303.329] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0303.329] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.329] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0303.329] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.329] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0303.330] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e788c8 | out: lpData=0x2e788c8) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e78ca0, puLen=0xd7e810) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78980, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e789d4, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78a14, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78a7c, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78ac0, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78b48, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78b88, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78be0, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78c10, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e78c4c, puLen=0xd7e790) returned 1
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e78ca0, puLen=0xd7e784) returned 1
[0303.331] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.331] VerQueryValueW (in: pBlock=0x2e788c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e788f0, puLen=0xd7e794) returned 1
[0303.332] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0303.332] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0303.332] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.332] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0303.332] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.332] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0303.333] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e7ae20 | out: lpData=0x2e7ae20) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7b1f8, puLen=0xd7e810) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7aed8, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7af2c, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7af6c, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7afd4, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7b018, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7b0a0, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7b0e0, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7b138, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7b168, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7b1a4, puLen=0xd7e790) returned 1
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.334] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7b1f8, puLen=0xd7e784) returned 1
[0303.334] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.335] VerQueryValueW (in: pBlock=0x2e7ae20, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7ae48, puLen=0xd7e794) returned 1
[0303.335] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0303.335] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0303.335] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0303.335] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0303.336] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0303.336] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0303.337] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e7d558 | out: lpData=0x2e7d558) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e7d988, puLen=0xd7e810) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d610, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d664, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d6d4, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d734, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d790, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d818, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d870, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d8c8, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d8f8, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e7d934, puLen=0xd7e790) returned 1
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0303.337] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e7d988, puLen=0xd7e784) returned 1
[0303.338] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0303.338] VerQueryValueW (in: pBlock=0x2e7d558, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e7d580, puLen=0xd7e794) returned 1
[0303.338] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0303.338] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.338] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0303.339] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.339] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.339] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3800ea
[0303.340] SetWindowLongW (hWnd=0x3800ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0303.340] GetWindowLongW (hWnd=0x3800ea, nIndex=-4) returned 1950089536
[0303.340] SetWindowLongW (hWnd=0x3800ea, nIndex=-4, dwNewLong=19947238) returned 1950089536
[0303.340] GetWindowLongW (hWnd=0x3800ea, nIndex=-4) returned 19947238
[0303.340] GetWindowLongW (hWnd=0x3800ea, nIndex=-16) returned 113311744
[0303.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0303.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0303.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0303.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0303.343] GetClientRect (in: hWnd=0x3800ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0303.343] GetWindowRect (in: hWnd=0x3800ea, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0303.343] SetWindowTextW (hWnd=0x3800ea, lpString="WindowsFormsParkingWindow") returned 1
[0303.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0xc, wParam=0x0, lParam=0x2e42b2c) returned 0x1
[0303.344] GetParent (hWnd=0x3800ea) returned 0x0
[0303.344] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.344] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3800ea, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3502dc
[0303.344] SetWindowLongW (hWnd=0x3502dc, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0303.344] GetWindowLongW (hWnd=0x3502dc, nIndex=-4) returned 1868147648
[0303.345] SetWindowLongW (hWnd=0x3502dc, nIndex=-4, dwNewLong=19947678) returned 1868147648
[0303.345] GetWindowLongW (hWnd=0x3502dc, nIndex=-4) returned 19947678
[0303.345] GetWindowLongW (hWnd=0x3502dc, nIndex=-16) returned 1174405133
[0303.345] GetWindowLongW (hWnd=0x3502dc, nIndex=-12) returned 0
[0303.345] SetWindowLongW (hWnd=0x3502dc, nIndex=-12, dwNewLong=3474140) returned 0
[0303.345] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0303.345] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0303.346] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0303.346] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0303.346] GetWindowRect (in: hWnd=0x3502dc, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0303.346] GetParent (hWnd=0x3502dc) returned 0x3800ea
[0303.346] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3800ea, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0303.347] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0303.347] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0303.347] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0303.347] GetWindowRect (in: hWnd=0x3502dc, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0303.347] GetParent (hWnd=0x3502dc) returned 0x3800ea
[0303.347] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3800ea, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0303.347] SendMessageW (hWnd=0x3502dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3502dc) returned 0x0
[0303.347] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3502dc) returned 0x0
[0303.347] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.347] GetParent (hWnd=0x3502dc) returned 0x3800ea
[0303.347] GdipCreateFromHWND (hwnd=0x3502dc, graphics=0xd7e844) returned 0x0
[0303.348] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0303.348] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.348] GetForegroundWindow () returned 0x7005c
[0303.348] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.349] GetSystemMetrics (nIndex=42) returned 0
[0303.349] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0303.349] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.349] GetSystemMetrics (nIndex=42) returned 0
[0303.349] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.349] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0303.349] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.349] GetCursorPos (in: lpPoint=0x2e819dc | out: lpPoint=0x2e819dc*(x=272, y=627)) returned 1
[0303.349] MonitorFromPoint (pt=0x110, dwFlags=0x273) returned 0x10001
[0303.349] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0303.350] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9a010793
[0303.350] GetDeviceCaps (hdc=0x9a010793, index=12) returned 32
[0303.350] GetDeviceCaps (hdc=0x9a010793, index=14) returned 1
[0303.350] DeleteDC (hdc=0x9a010793) returned 1
[0303.350] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0303.350] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0303.350] GetSystemMetrics (nIndex=59) returned 1460
[0303.350] GetSystemMetrics (nIndex=60) returned 920
[0303.350] GetSystemMetrics (nIndex=34) returned 136
[0303.350] GetSystemMetrics (nIndex=35) returned 39
[0303.350] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.350] GetCursorPos (in: lpPoint=0x2e81c48 | out: lpPoint=0x2e81c48*(x=272, y=627)) returned 1
[0303.350] MonitorFromPoint (pt=0x110, dwFlags=0x273) returned 0x10001
[0303.351] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0303.351] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9b010793
[0303.351] GetDeviceCaps (hdc=0x9b010793, index=12) returned 32
[0303.351] GetDeviceCaps (hdc=0x9b010793, index=14) returned 1
[0303.351] DeleteDC (hdc=0x9b010793) returned 1
[0303.351] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0303.351] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0303.351] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.351] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0303.351] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e81ee0 | out: piconinfo=0x2e81ee0) returned 1
[0303.352] GetObjectW (in: h=0x840507d3, c=24, pv=0x2e81efc | out: pv=0x2e81efc) returned 24
[0303.352] GdipCreateBitmapFromHBITMAP (hbm=0x840507d3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0303.352] GdipGetImageWidth (image=0x6652238, width=0xd7e750) returned 0x0
[0303.352] GdipGetImageHeight (image=0x6652238, height=0xd7e748) returned 0x0
[0303.352] GdipGetImagePixelFormat (image=0x6652238, format=0xd7e740) returned 0x0
[0303.352] GdipBitmapLockBits (bitmap=0x6652238, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e81fb4) returned 0x0
[0303.352] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0303.352] GdipBitmapLockBits (bitmap=0x6603e08, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e81fec) returned 0x0
[0303.352] RtlMoveMemory (in: Destination=0x665ff50, Source=0x6662ee0, Length=0x80 | out: Destination=0x665ff50)
[0303.352] RtlMoveMemory (in: Destination=0x665ffd0, Source=0x6662e60, Length=0x80 | out: Destination=0x665ffd0)
[0303.352] RtlMoveMemory (in: Destination=0x6660050, Source=0x6662de0, Length=0x80 | out: Destination=0x6660050)
[0303.353] RtlMoveMemory (in: Destination=0x66600d0, Source=0x6662d60, Length=0x80 | out: Destination=0x66600d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660150, Source=0x6662ce0, Length=0x80 | out: Destination=0x6660150)
[0303.353] RtlMoveMemory (in: Destination=0x66601d0, Source=0x6662c60, Length=0x80 | out: Destination=0x66601d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660250, Source=0x6662be0, Length=0x80 | out: Destination=0x6660250)
[0303.353] RtlMoveMemory (in: Destination=0x66602d0, Source=0x6662b60, Length=0x80 | out: Destination=0x66602d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660350, Source=0x6662ae0, Length=0x80 | out: Destination=0x6660350)
[0303.353] RtlMoveMemory (in: Destination=0x66603d0, Source=0x6662a60, Length=0x80 | out: Destination=0x66603d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660450, Source=0x66629e0, Length=0x80 | out: Destination=0x6660450)
[0303.353] RtlMoveMemory (in: Destination=0x66604d0, Source=0x6662960, Length=0x80 | out: Destination=0x66604d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660550, Source=0x66628e0, Length=0x80 | out: Destination=0x6660550)
[0303.353] RtlMoveMemory (in: Destination=0x66605d0, Source=0x6662860, Length=0x80 | out: Destination=0x66605d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660650, Source=0x66627e0, Length=0x80 | out: Destination=0x6660650)
[0303.353] RtlMoveMemory (in: Destination=0x66606d0, Source=0x6662760, Length=0x80 | out: Destination=0x66606d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660750, Source=0x66626e0, Length=0x80 | out: Destination=0x6660750)
[0303.353] RtlMoveMemory (in: Destination=0x66607d0, Source=0x6662660, Length=0x80 | out: Destination=0x66607d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660850, Source=0x66625e0, Length=0x80 | out: Destination=0x6660850)
[0303.353] RtlMoveMemory (in: Destination=0x66608d0, Source=0x6662560, Length=0x80 | out: Destination=0x66608d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660950, Source=0x66624e0, Length=0x80 | out: Destination=0x6660950)
[0303.353] RtlMoveMemory (in: Destination=0x66609d0, Source=0x6662460, Length=0x80 | out: Destination=0x66609d0)
[0303.353] RtlMoveMemory (in: Destination=0x6660a50, Source=0x66623e0, Length=0x80 | out: Destination=0x6660a50)
[0303.353] RtlMoveMemory (in: Destination=0x6660ad0, Source=0x6662360, Length=0x80 | out: Destination=0x6660ad0)
[0303.353] RtlMoveMemory (in: Destination=0x6660b50, Source=0x66622e0, Length=0x80 | out: Destination=0x6660b50)
[0303.353] RtlMoveMemory (in: Destination=0x6660bd0, Source=0x6662260, Length=0x80 | out: Destination=0x6660bd0)
[0303.353] RtlMoveMemory (in: Destination=0x6660c50, Source=0x66621e0, Length=0x80 | out: Destination=0x6660c50)
[0303.353] RtlMoveMemory (in: Destination=0x6660cd0, Source=0x6662160, Length=0x80 | out: Destination=0x6660cd0)
[0303.354] RtlMoveMemory (in: Destination=0x6660d50, Source=0x66620e0, Length=0x80 | out: Destination=0x6660d50)
[0303.354] RtlMoveMemory (in: Destination=0x6660dd0, Source=0x6662060, Length=0x80 | out: Destination=0x6660dd0)
[0303.354] RtlMoveMemory (in: Destination=0x6660e50, Source=0x6661fe0, Length=0x80 | out: Destination=0x6660e50)
[0303.354] RtlMoveMemory (in: Destination=0x6660ed0, Source=0x6661f60, Length=0x80 | out: Destination=0x6660ed0)
[0303.354] GdipBitmapUnlockBits (bitmap=0x6652238, lockedBitmapData=0x2e81fb4) returned 0x0
[0303.354] GdipBitmapUnlockBits (bitmap=0x6603e08, lockedBitmapData=0x2e81fec) returned 0x0
[0303.354] GdipDisposeImage (image=0x6652238) returned 0x0
[0303.354] DeleteObject (ho=0x840507d3) returned 1
[0303.354] DeleteObject (ho=0x9c050793) returned 1
[0303.354] GetCurrentThreadId () returned 0xf50
[0303.354] GetCurrentThreadId () returned 0xf50
[0303.354] SetWindowPos (hWnd=0x3502dc, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0303.354] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0303.354] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0303.355] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0303.355] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0303.355] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0303.355] GetWindowRect (in: hWnd=0x3502dc, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0303.355] GetParent (hWnd=0x3502dc) returned 0x3800ea
[0303.355] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3800ea, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0303.355] InvalidateRect (hWnd=0x3502dc, lpRect=0x0, bErase=1) returned 1
[0303.355] GetWindowTextLengthW (hWnd=0x3502dc) returned 0
[0303.355] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0303.355] GetSystemMetrics (nIndex=42) returned 0
[0303.355] GetWindowTextW (in: hWnd=0x3502dc, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0303.355] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0303.355] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0303.355] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0303.355] GetWindowRect (in: hWnd=0x3502dc, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0303.355] GetParent (hWnd=0x3502dc) returned 0x3800ea
[0303.355] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3800ea, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0303.356] GetWindowTextLengthW (hWnd=0x3502dc) returned 0
[0303.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0303.356] GetSystemMetrics (nIndex=42) returned 0
[0303.356] GetWindowTextW (in: hWnd=0x3502dc, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0303.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0303.356] GetWindowTextLengthW (hWnd=0x3502dc) returned 0
[0303.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0303.356] GetSystemMetrics (nIndex=42) returned 0
[0303.356] GetWindowTextW (in: hWnd=0x3502dc, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0303.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0303.356] SetWindowTextW (hWnd=0x3502dc, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0303.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xc, wParam=0x0, lParam=0x2e62e48) returned 0x1
[0303.356] InvalidateRect (hWnd=0x3502dc, lpRect=0x0, bErase=1) returned 1
[0303.357] GetCurrentThreadId () returned 0xf50
[0303.357] GetWindowThreadProcessId (in: hWnd=0x3502dc, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0303.358] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0303.359] GdipImageForceValidation (image=0x6602710) returned 0x0
[0303.360] GdipGetImageRawFormat (image=0x6602710, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0303.360] GdipGetImageHeight (image=0x6602710, height=0xd7e824) returned 0x0
[0303.360] GdipGetImageWidth (image=0x6602710, width=0xd7e824) returned 0x0
[0303.360] GdipGetImageWidth (image=0x6602710, width=0xd7e810) returned 0x0
[0303.360] GdipGetImageHeight (image=0x6602710, height=0xd7e810) returned 0x0
[0303.360] GdipGetImageWidth (image=0x6602710, width=0xd7e800) returned 0x0
[0303.360] GdipGetImageHeight (image=0x6602710, height=0xd7e800) returned 0x0
[0303.360] GdipBitmapGetPixel (bitmap=0x6602710, x=0, y=15, color=0xd7e810) returned 0x0
[0303.360] GdipGetImageRawFormat (image=0x6602710, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0303.360] GdipGetImageWidth (image=0x6602710, width=0xd7e740) returned 0x0
[0303.360] GdipGetImageHeight (image=0x6602710, height=0xd7e740) returned 0x0
[0303.360] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0303.361] GdipGetImagePixelFormat (image=0x6601018, format=0xd7e740) returned 0x0
[0303.361] GdipGetImageGraphicsContext (image=0x6601018, graphics=0xd7e74c) returned 0x0
[0303.361] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0303.361] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0303.361] GdipSetImageAttributesColorKeys (imageattr=0x6638c38, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0303.361] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6602710, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638c38, callback=0x0, callbackData=0x0) returned 0x0
[0303.361] GdipDisposeImageAttributes (imageattr=0x6638c38) returned 0x0
[0303.361] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.361] GdipDisposeImage (image=0x6602710) returned 0x0
[0303.362] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0303.362] GdipImageForceValidation (image=0x6600cd0) returned 0x0
[0303.364] GdipGetImageRawFormat (image=0x6600cd0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0303.364] GdipGetImageHeight (image=0x6600cd0, height=0xd7e824) returned 0x0
[0303.364] GdipGetImageWidth (image=0x6600cd0, width=0xd7e824) returned 0x0
[0303.364] GdipGetImageWidth (image=0x6600cd0, width=0xd7e810) returned 0x0
[0303.364] GdipGetImageHeight (image=0x6600cd0, height=0xd7e810) returned 0x0
[0303.364] GdipGetImageWidth (image=0x6600cd0, width=0xd7e800) returned 0x0
[0303.364] GdipGetImageHeight (image=0x6600cd0, height=0xd7e800) returned 0x0
[0303.364] GdipBitmapGetPixel (bitmap=0x6600cd0, x=0, y=15, color=0xd7e810) returned 0x0
[0303.364] GdipGetImageRawFormat (image=0x6600cd0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0303.364] GdipGetImageWidth (image=0x6600cd0, width=0xd7e740) returned 0x0
[0303.364] GdipGetImageHeight (image=0x6600cd0, height=0xd7e740) returned 0x0
[0303.364] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0303.364] GdipGetImagePixelFormat (image=0x66023c8, format=0xd7e740) returned 0x0
[0303.364] GdipGetImageGraphicsContext (image=0x66023c8, graphics=0xd7e74c) returned 0x0
[0303.364] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0303.364] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0303.364] GdipSetImageAttributesColorKeys (imageattr=0x6638cc8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0303.364] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600cd0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cc8, callback=0x0, callbackData=0x0) returned 0x0
[0303.365] GdipDisposeImageAttributes (imageattr=0x6638cc8) returned 0x0
[0303.365] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.365] GdipDisposeImage (image=0x6600cd0) returned 0x0
[0303.365] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.365] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0303.365] GetCurrentThreadId () returned 0xf50
[0303.365] GetCurrentThreadId () returned 0xf50
[0303.366] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.366] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0303.366] GetCurrentThreadId () returned 0xf50
[0303.366] GetCurrentThreadId () returned 0xf50
[0303.366] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.366] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0303.366] GetCurrentThreadId () returned 0xf50
[0303.366] GetCurrentThreadId () returned 0xf50
[0303.366] GetSystemMetrics (nIndex=5) returned 1
[0303.366] GetSystemMetrics (nIndex=6) returned 1
[0303.366] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.366] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0303.366] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.367] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0303.367] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.367] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0303.367] GetCurrentThreadId () returned 0xf50
[0303.367] GetCurrentThreadId () returned 0xf50
[0303.367] GetProcessWindowStation () returned 0x13c
[0303.367] GetCapture () returned 0x0
[0303.367] GetActiveWindow () returned 0x7005c
[0303.367] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0303.367] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.367] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0303.367] GetCursorPos (in: lpPoint=0x2e8312c | out: lpPoint=0x2e8312c*(x=272, y=627)) returned 1
[0303.368] MonitorFromPoint (pt=0x110, dwFlags=0x273) returned 0x10001
[0303.368] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0303.368] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x9d010793
[0303.368] GetDeviceCaps (hdc=0x9d010793, index=12) returned 32
[0303.368] GetDeviceCaps (hdc=0x9d010793, index=14) returned 1
[0303.368] DeleteDC (hdc=0x9d010793) returned 1
[0303.368] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0303.368] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.368] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b02ce
[0303.369] SetWindowLongW (hWnd=0x2b02ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0303.369] GetWindowLongW (hWnd=0x2b02ce, nIndex=-4) returned 1950089536
[0303.369] SetWindowLongW (hWnd=0x2b02ce, nIndex=-4, dwNewLong=19946718) returned 1950089536
[0303.369] GetWindowLongW (hWnd=0x2b02ce, nIndex=-4) returned 19946718
[0303.369] GetWindowLongW (hWnd=0x2b02ce, nIndex=-16) returned 113770496
[0303.369] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0303.370] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0303.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0303.371] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0303.371] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0303.371] SetWindowTextW (hWnd=0x2b02ce, lpString="BB ransomware") returned 1
[0303.371] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xc, wParam=0x0, lParam=0x2e818c8) returned 0x1
[0303.372] GetStartupInfoW (in: lpStartupInfo=0x2e83468 | out: lpStartupInfo=0x2e83468*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0303.373] GetParent (hWnd=0x2b02ce) returned 0x0
[0303.373] SetWindowLongW (hWnd=0x2b02ce, nIndex=-8, dwNewLong=0) returned 0
[0303.374] SendMessageW (hWnd=0x2b02ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0303.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0303.374] SendMessageW (hWnd=0x2b02ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0303.374] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0303.374] GetSystemMenu (hWnd=0x2b02ce, bRevert=0) returned 0x7d02b9
[0303.375] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0303.375] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0303.375] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0303.375] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0303.375] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0303.375] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0303.375] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0303.375] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0303.375] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0303.375] SetWindowPos (hWnd=0x2b02ce, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0303.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0303.376] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2b02ce) returned 0x1
[0303.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0303.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0303.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.381] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2b02ce, lParam=0x0) returned 0x0
[0303.381] GetCapture () returned 0x0
[0303.381] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0303.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0303.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0303.385] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0303.386] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0303.386] GetParent (hWnd=0x2b02ce) returned 0x0
[0303.386] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0303.396] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0303.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0303.396] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0303.396] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0303.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.399] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.399] GetWindowLongW (hWnd=0x2b02ce, nIndex=-16) returned 113770496
[0303.399] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.399] GetSystemMetrics (nIndex=42) returned 0
[0303.399] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0303.399] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.399] GetSystemMetrics (nIndex=42) returned 0
[0303.399] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0303.399] GetCursorPos (in: lpPoint=0x2e836a4 | out: lpPoint=0x2e836a4*(x=272, y=627)) returned 1
[0303.400] MonitorFromPoint (pt=0x111, dwFlags=0x275) returned 0x10001
[0303.400] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0303.400] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xea01065e
[0303.400] GetDeviceCaps (hdc=0xea01065e, index=12) returned 32
[0303.400] GetDeviceCaps (hdc=0xea01065e, index=14) returned 1
[0303.400] DeleteDC (hdc=0xea01065e) returned 1
[0303.400] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0303.400] GetWindowLongW (hWnd=0x2b02ce, nIndex=-16) returned 113770496
[0303.400] GetWindowLongW (hWnd=0x2b02ce, nIndex=-20) returned 327945
[0303.400] SetWindowLongW (hWnd=0x2b02ce, nIndex=-16, dwNewLong=46661632) returned 113770496
[0303.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0303.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0303.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.403] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.403] SetWindowLongW (hWnd=0x2b02ce, nIndex=-20, dwNewLong=327681) returned 327945
[0303.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0303.444] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0303.445] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.446] SetWindowPos (hWnd=0x2b02ce, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0303.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0303.446] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0303.447] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0303.447] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0303.447] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0303.447] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0303.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.449] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.450] RedrawWindow (hWnd=0x2b02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0303.450] GetSystemMenu (hWnd=0x2b02ce, bRevert=0) returned 0x7d02b9
[0303.450] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0303.450] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0303.450] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0303.450] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0303.450] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0303.450] EnableMenuItem (hMenu=0x7d02b9, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0303.450] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0303.450] GetWindowLongW (hWnd=0x2b02ce, nIndex=-8) returned 0
[0303.450] SetWindowLongW (hWnd=0x2b02ce, nIndex=-8, dwNewLong=458844) returned 0
[0303.451] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0303.452] GetProcessWindowStation () returned 0x13c
[0303.452] GetCurrentThreadId () returned 0xf50
[0303.452] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1305f0e, lParam=0x0) returned 1
[0303.452] IsWindowVisible (hWnd=0x2b02ce) returned 0
[0303.452] IsWindowVisible (hWnd=0x7005c) returned 1
[0303.452] IsWindowEnabled (hWnd=0x7005c) returned 1
[0303.452] IsWindowVisible (hWnd=0x300ec) returned 0
[0303.452] IsWindowVisible (hWnd=0x502c6) returned 0
[0303.452] IsWindowVisible (hWnd=0x502be) returned 0
[0303.452] GetActiveWindow () returned 0x2b02ce
[0303.452] GetFocus () returned 0x2b02ce
[0303.453] IsWindow (hWnd=0x7005c) returned 1
[0303.453] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0303.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0303.453] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0303.453] GetWindowLongW (hWnd=0x2b02ce, nIndex=-8) returned 458844
[0303.454] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0303.454] GetCurrentThreadId () returned 0xf50
[0303.454] GetWindowLongW (hWnd=0x2b02ce, nIndex=-8) returned 458844
[0303.454] IsWindowEnabled (hWnd=0x7005c) returned 0
[0303.454] IsWindowEnabled (hWnd=0x2b02ce) returned 1
[0303.454] ShowWindow (hWnd=0x2b02ce, nCmdShow=5) returned 0
[0303.454] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.454] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0303.454] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.455] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.455] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2b02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3502da
[0303.455] SetWindowLongW (hWnd=0x3502da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0303.455] GetWindowLongW (hWnd=0x3502da, nIndex=-4) returned 1950089536
[0303.456] SetWindowLongW (hWnd=0x3502da, nIndex=-4, dwNewLong=19946758) returned 1950089536
[0303.456] GetWindowLongW (hWnd=0x3502da, nIndex=-4) returned 19946758
[0303.456] GetWindowLongW (hWnd=0x3502da, nIndex=-16) returned 1174405120
[0303.456] GetWindowLongW (hWnd=0x3502da, nIndex=-12) returned 0
[0303.456] SetWindowLongW (hWnd=0x3502da, nIndex=-12, dwNewLong=3474138) returned 0
[0303.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0303.456] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0303.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0303.457] GetWindow (hWnd=0x3502da, uCmd=0x3) returned 0x0
[0303.457] GetClientRect (in: hWnd=0x3502da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0303.457] GetWindowRect (in: hWnd=0x3502da, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0303.457] GetParent (hWnd=0x3502da) returned 0x2b02ce
[0303.457] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0303.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0303.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0303.458] GetClientRect (in: hWnd=0x3502da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0303.458] GetWindowRect (in: hWnd=0x3502da, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0303.458] GetParent (hWnd=0x3502da) returned 0x2b02ce
[0303.458] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0303.458] SendMessageW (hWnd=0x3502da, Msg=0x2210, wParam=0x2da0001, lParam=0x3502da) returned 0x0
[0303.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x2210, wParam=0x2da0001, lParam=0x3502da) returned 0x0
[0303.458] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.458] GetParent (hWnd=0x3502da) returned 0x2b02ce
[0303.458] GetParent (hWnd=0x3502dc) returned 0x3800ea
[0303.458] SetParent (hWndChild=0x3502dc, hWndNewParent=0x2b02ce) returned 0x3800ea
[0303.458] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0303.459] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0303.459] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0303.460] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0303.460] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0303.460] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0303.460] GetWindowRect (in: hWnd=0x3502dc, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0303.460] GetParent (hWnd=0x3502dc) returned 0x2b02ce
[0303.460] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0303.460] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0303.460] GetWindowRect (in: hWnd=0x3502dc, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0303.460] GetParent (hWnd=0x3502dc) returned 0x2b02ce
[0303.460] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0303.460] GetParent (hWnd=0x3502dc) returned 0x2b02ce
[0303.460] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.460] GetWindow (hWnd=0x3502dc, uCmd=0x3) returned 0x0
[0303.460] SetWindowPos (hWnd=0x3502dc, hWndInsertAfter=0x3502da, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0303.460] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0303.461] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0303.461] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0303.461] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0303.461] GetWindowRect (in: hWnd=0x3502dc, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0303.461] GetParent (hWnd=0x3502dc) returned 0x2b02ce
[0303.461] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0303.461] GetParent (hWnd=0x3502dc) returned 0x2b02ce
[0303.461] GetWindow (hWnd=0x3502dc, uCmd=0x3) returned 0x3502da
[0303.461] GetWindowThreadProcessId (in: hWnd=0x3502dc, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0303.461] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0303.462] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.462] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.462] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2b02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3702d8
[0303.463] SetWindowLongW (hWnd=0x3702d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0303.464] GetWindowLongW (hWnd=0x3702d8, nIndex=-4) returned 1868032000
[0303.464] SetWindowLongW (hWnd=0x3702d8, nIndex=-4, dwNewLong=19940550) returned 1868032000
[0303.464] GetWindowLongW (hWnd=0x3702d8, nIndex=-4) returned 19940550
[0303.464] GetWindowLongW (hWnd=0x3702d8, nIndex=-16) returned 1174470667
[0303.464] GetWindowLongW (hWnd=0x3702d8, nIndex=-12) returned 0
[0303.464] SetWindowLongW (hWnd=0x3702d8, nIndex=-12, dwNewLong=3605208) returned 0
[0303.464] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0303.466] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0303.467] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0303.467] SendMessageW (hWnd=0x3702d8, Msg=0x2055, wParam=0x3702d8, lParam=0x3) returned 0x2
[0303.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0303.467] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0303.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0303.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0303.468] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0303.468] RedrawWindow (hWnd=0x3502da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0303.468] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0303.468] RedrawWindow (hWnd=0x3502dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0303.468] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0303.468] RedrawWindow (hWnd=0x3702d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0303.468] RedrawWindow (hWnd=0x2b02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0303.468] GetWindow (hWnd=0x3702d8, uCmd=0x3) returned 0x3502dc
[0303.468] GetClientRect (in: hWnd=0x3702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0303.468] GetWindowRect (in: hWnd=0x3702d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0303.468] GetParent (hWnd=0x3702d8) returned 0x2b02ce
[0303.468] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0303.469] SetWindowTextW (hWnd=0x3702d8, lpString="&Details") returned 1
[0303.469] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0303.469] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0303.469] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0303.469] GetClientRect (in: hWnd=0x3702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0303.469] GetWindowRect (in: hWnd=0x3702d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0303.469] GetParent (hWnd=0x3702d8) returned 0x2b02ce
[0303.469] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0303.469] SendMessageW (hWnd=0x3702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3702d8) returned 0x0
[0303.469] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3702d8) returned 0x0
[0303.470] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.470] GetParent (hWnd=0x3702d8) returned 0x2b02ce
[0303.470] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0303.470] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.471] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.471] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2b02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2a02d0
[0303.471] SetWindowLongW (hWnd=0x2a02d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0303.471] GetWindowLongW (hWnd=0x2a02d0, nIndex=-4) returned 1868032000
[0303.471] SetWindowLongW (hWnd=0x2a02d0, nIndex=-4, dwNewLong=19941390) returned 1868032000
[0303.471] GetWindowLongW (hWnd=0x2a02d0, nIndex=-4) returned 19941390
[0303.471] GetWindowLongW (hWnd=0x2a02d0, nIndex=-16) returned 1174470667
[0303.471] GetWindowLongW (hWnd=0x2a02d0, nIndex=-12) returned 0
[0303.471] SetWindowLongW (hWnd=0x2a02d0, nIndex=-12, dwNewLong=2753232) returned 0
[0303.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0303.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0303.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0303.473] SendMessageW (hWnd=0x2a02d0, Msg=0x2055, wParam=0x2a02d0, lParam=0x3) returned 0x2
[0303.473] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0303.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0303.473] GetWindow (hWnd=0x2a02d0, uCmd=0x3) returned 0x3702d8
[0303.473] GetClientRect (in: hWnd=0x2a02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0303.473] GetWindowRect (in: hWnd=0x2a02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0303.473] GetParent (hWnd=0x2a02d0) returned 0x2b02ce
[0303.473] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0303.473] SetWindowTextW (hWnd=0x2a02d0, lpString="&Continue") returned 1
[0303.473] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0303.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0303.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0303.474] GetClientRect (in: hWnd=0x2a02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0303.474] GetWindowRect (in: hWnd=0x2a02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0303.474] GetParent (hWnd=0x2a02d0) returned 0x2b02ce
[0303.474] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0303.474] SendMessageW (hWnd=0x2a02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2a02d0) returned 0x0
[0303.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2a02d0) returned 0x0
[0303.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.475] GetParent (hWnd=0x2a02d0) returned 0x2b02ce
[0303.475] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0303.475] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.475] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.475] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2b02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f02c8
[0303.475] SetWindowLongW (hWnd=0x2f02c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0303.476] GetWindowLongW (hWnd=0x2f02c8, nIndex=-4) returned 1868032000
[0303.476] SetWindowLongW (hWnd=0x2f02c8, nIndex=-4, dwNewLong=19940590) returned 1868032000
[0303.476] GetWindowLongW (hWnd=0x2f02c8, nIndex=-4) returned 19940590
[0303.476] GetWindowLongW (hWnd=0x2f02c8, nIndex=-16) returned 1174470667
[0303.476] GetWindowLongW (hWnd=0x2f02c8, nIndex=-12) returned 0
[0303.476] SetWindowLongW (hWnd=0x2f02c8, nIndex=-12, dwNewLong=3080904) returned 0
[0303.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0303.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0303.477] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0303.478] SendMessageW (hWnd=0x2f02c8, Msg=0x2055, wParam=0x2f02c8, lParam=0x3) returned 0x2
[0303.478] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0303.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0303.478] GetWindow (hWnd=0x2f02c8, uCmd=0x3) returned 0x2a02d0
[0303.478] GetClientRect (in: hWnd=0x2f02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0303.478] GetWindowRect (in: hWnd=0x2f02c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0303.478] GetParent (hWnd=0x2f02c8) returned 0x2b02ce
[0303.478] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0303.478] SetWindowTextW (hWnd=0x2f02c8, lpString="&Quit") returned 1
[0303.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0303.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0303.478] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0303.479] GetClientRect (in: hWnd=0x2f02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0303.479] GetWindowRect (in: hWnd=0x2f02c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0303.479] GetParent (hWnd=0x2f02c8) returned 0x2b02ce
[0303.479] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0303.479] SendMessageW (hWnd=0x2f02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2f02c8) returned 0x0
[0303.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x2210, wParam=0x2c80001, lParam=0x2f02c8) returned 0x0
[0303.479] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.479] GetParent (hWnd=0x2f02c8) returned 0x2b02ce
[0303.479] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0303.479] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.480] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0303.480] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2b02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3502de
[0303.481] SetWindowLongW (hWnd=0x3502de, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0303.481] GetWindowLongW (hWnd=0x3502de, nIndex=-4) returned 1868026976
[0303.481] SetWindowLongW (hWnd=0x3502de, nIndex=-4, dwNewLong=19940750) returned 1868026976
[0303.481] GetWindowLongW (hWnd=0x3502de, nIndex=-4) returned 19940750
[0303.481] GetWindowLongW (hWnd=0x3502de, nIndex=-16) returned 1177553092
[0303.481] GetWindowLongW (hWnd=0x3502de, nIndex=-12) returned 0
[0303.481] SetWindowLongW (hWnd=0x3502de, nIndex=-12, dwNewLong=3474142) returned 0
[0303.482] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0303.482] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0303.483] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0303.499] GetWindow (hWnd=0x3502de, uCmd=0x3) returned 0x2f02c8
[0303.499] GetClientRect (in: hWnd=0x3502de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0303.499] GetWindowRect (in: hWnd=0x3502de, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0303.499] GetParent (hWnd=0x3502de) returned 0x2b02ce
[0303.499] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0303.499] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.499] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.499] GetSystemMetrics (nIndex=42) returned 0
[0303.499] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.499] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0303.499] SendMessageW (hWnd=0x3502de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0303.499] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0303.504] SetWindowTextW (hWnd=0x3502de, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0303.504] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0xc, wParam=0x0, lParam=0x2e7f2b0) returned 0x1
[0303.506] GetSystemMetrics (nIndex=5) returned 1
[0303.506] GetSystemMetrics (nIndex=6) returned 1
[0303.506] SendMessageW (hWnd=0x3502de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0303.506] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0303.506] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0303.507] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0303.507] GetClientRect (in: hWnd=0x3502de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0303.507] GetWindowRect (in: hWnd=0x3502de, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0303.507] GetParent (hWnd=0x3502de) returned 0x2b02ce
[0303.507] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2b02ce, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0303.507] SendMessageW (hWnd=0x3502de, Msg=0x2210, wParam=0x2de0001, lParam=0x3502de) returned 0x0
[0303.507] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x2210, wParam=0x2de0001, lParam=0x3502de) returned 0x0
[0303.507] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0303.508] GetParent (hWnd=0x3502de) returned 0x2b02ce
[0303.508] GetWindowLongW (hWnd=0x2b02ce, nIndex=-8) returned 458844
[0303.508] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0303.508] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0303.508] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xf101065e
[0303.508] GetDeviceCaps (hdc=0xf101065e, index=12) returned 32
[0303.508] GetDeviceCaps (hdc=0xf101065e, index=14) returned 1
[0303.508] DeleteDC (hdc=0xf101065e) returned 1
[0303.508] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0303.508] GetWindowThreadProcessId (in: hWnd=0x2b02ce, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0303.508] GetCurrentThreadId () returned 0xf50
[0303.508] PostMessageW (hWnd=0x2b02ce, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0303.508] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.508] GetSystemMetrics (nIndex=42) returned 0
[0303.508] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0303.509] GdipImageGetFrameDimensionsCount (image=0x6603e08, count=0xd7e25c) returned 0x0
[0303.509] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200d70
[0303.509] GdipImageGetFrameDimensionsList (image=0x6603e08, dimensionIDs=0x1200d70*(Data1=0x11f7778, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0303.509] LocalFree (hMem=0x1200d70) returned 0x0
[0303.509] GdipImageGetFrameDimensionsCount (image=0x6601018, count=0xd7e250) returned 0x0
[0303.509] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200d70
[0303.509] GdipImageGetFrameDimensionsList (image=0x6601018, dimensionIDs=0x1200d70*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0303.509] LocalFree (hMem=0x1200d70) returned 0x0
[0303.509] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0303.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0303.509] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0303.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0303.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.524] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0303.524] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0303.524] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.524] GetSystemMetrics (nIndex=42) returned 0
[0303.524] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.524] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0303.524] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0303.524] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0303.524] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0303.524] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0x750507e0
[0303.524] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0303.525] SaveDC (hdc=0xf0105ee) returned 1
[0303.525] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0303.525] CreateSolidBrush (color=0xf0f0f0) returned 0x661007e1
[0303.525] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0x661007e1) returned 1
[0303.525] DeleteObject (ho=0x661007e1) returned 1
[0303.525] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0303.525] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0303.525] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0303.525] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0303.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0303.526] GetStockObject (i=5) returned 0x900015
[0303.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0303.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0303.526] GetStockObject (i=5) returned 0x900015
[0303.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0303.526] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0303.526] GetStockObject (i=5) returned 0x900015
[0303.526] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0303.527] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0303.527] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0303.527] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0303.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.528] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.529] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0303.529] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0303.529] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0303.529] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0303.529] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.529] InvalidateRect (hWnd=0x3702d8, lpRect=0x0, bErase=0) returned 1
[0303.529] GetFocus () returned 0x2b02ce
[0303.529] GetFocus () returned 0x2b02ce
[0303.529] SetFocus (hWnd=0x3702d8) returned 0x2b02ce
[0303.530] GetFocus () returned 0x3702d8
[0303.530] IsChild (hWndParent=0x2b02ce, hWnd=0x3702d8) returned 1
[0303.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x8, wParam=0x3702d8, lParam=0x0) returned 0x0
[0303.531] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0303.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0303.533] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x7, wParam=0x2b02ce, lParam=0x0) returned 0x0
[0303.533] GetStockObject (i=5) returned 0x900015
[0303.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0303.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0303.533] GetDlgItem (hDlg=0x2b02ce, nIDDlgItem=3605208) returned 0x3702d8
[0303.533] SendMessageW (hWnd=0x3702d8, Msg=0x202b, wParam=0x3702d8, lParam=0xd7e0dc) returned 0x0
[0303.533] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x202b, wParam=0x3702d8, lParam=0xd7e0dc) returned 0x0
[0303.533] InvalidateRect (hWnd=0x3702d8, lpRect=0x0, bErase=0) returned 1
[0303.535] GetFocus () returned 0x3702d8
[0303.535] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.535] IsWindowUnicode (hWnd=0x2b02ce) returned 1
[0303.535] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.535] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.535] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0303.536] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.536] IsWindowUnicode (hWnd=0x2b02ce) returned 1
[0303.536] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.536] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.536] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.536] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.536] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0303.536] IsWindowUnicode (hWnd=0x2b02ce) returned 1
[0303.536] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.536] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.536] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.537] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.537] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.537] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.537] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.537] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.537] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0303.537] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0303.538] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.538] IsWindowUnicode (hWnd=0x2b02ce) returned 1
[0303.538] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.539] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.539] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.539] BeginPaint (in: hWnd=0x2b02ce, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0303.539] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.539] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.539] GetSystemMetrics (nIndex=42) returned 0
[0303.539] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.539] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0303.539] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.539] EndPaint (hWnd=0x2b02ce, lpPaint=0xd7e274) returned 1
[0303.539] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.539] IsWindowUnicode (hWnd=0x3502da) returned 1
[0303.539] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.539] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.539] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.540] BeginPaint (in: hWnd=0x3502da, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0303.540] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.540] CreateCompatibleDC (hdc=0x10105d6) returned 0x230107ee
[0303.540] SelectObject (hdc=0x230107ee, h=0x4a0507fe) returned 0x85000f
[0303.540] GdipCreateFromHDC (hdc=0x230107ee, graphics=0xd7e2b0) returned 0x0
[0303.540] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.540] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0303.540] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0303.540] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0303.540] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e310) returned 0x0
[0303.540] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0303.540] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eecc8) returned 0x0
[0303.540] LocalFree (hMem=0x11eecc8) returned 0x0
[0303.540] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0303.540] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0303.540] GdipGetClip (graphics=0x6600030, region=0x6645a28) returned 0x0
[0303.541] GdipIsInfiniteRegion (region=0x6645a28, graphics=0x6600030, result=0xd7e304) returned 0x0
[0303.541] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0303.541] GetWindowTextLengthW (hWnd=0x3502da) returned 0
[0303.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0303.541] GetSystemMetrics (nIndex=42) returned 0
[0303.541] GetWindowTextW (in: hWnd=0x3502da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0303.541] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0303.541] GetClientRect (in: hWnd=0x3502da, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0303.541] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0303.541] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.541] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0303.541] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0303.541] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e164) returned 0x0
[0303.541] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.541] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0303.541] LocalFree (hMem=0x11ee788) returned 0x0
[0303.541] GdipCombineRegionRegion (region=0x66453f8, region2=0x6645a28, combineMode=0x1) returned 0x0
[0303.541] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.541] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0303.541] LocalFree (hMem=0x11eec58) returned 0x0
[0303.541] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0303.541] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0303.541] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0303.541] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0303.542] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.542] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0303.542] GetCurrentObject (hdc=0x230107ee, type=0x1) returned 0xb00017
[0303.542] GetCurrentObject (hdc=0x230107ee, type=0x2) returned 0x900010
[0303.542] GetCurrentObject (hdc=0x230107ee, type=0x7) returned 0x4a0507fe
[0303.542] GetCurrentObject (hdc=0x230107ee, type=0x6) returned 0x8a01c2
[0303.542] SaveDC (hdc=0x230107ee) returned 1
[0303.542] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x400407de
[0303.542] GetClipRgn (hdc=0x230107ee, hrgn=0x400407de) returned 0
[0303.542] SelectClipRgn (hdc=0x230107ee, hrgn=0xbd040807) returned 2
[0303.542] DeleteObject (ho=0x400407de) returned 1
[0303.542] DeleteObject (ho=0xbd040807) returned 1
[0303.542] OffsetViewportOrgEx (in: hdc=0x230107ee, x=0, y=0, lppt=0x2e84e10 | out: lppt=0x2e84e10) returned 1
[0303.542] GetNearestColor (hdc=0x230107ee, color=0xf0f0f0) returned 0xf0f0f0
[0303.542] CreateSolidBrush (color=0xf0f0f0) returned 0x671007e1
[0303.542] FillRect (hDC=0x230107ee, lprc=0xd7e198, hbr=0x671007e1) returned 1
[0303.543] DeleteObject (ho=0x671007e1) returned 1
[0303.543] RestoreDC (hdc=0x230107ee, nSavedDC=-1) returned 1
[0303.543] GdipReleaseDC (graphics=0x6600030, hdc=0x230107ee) returned 0x0
[0303.543] GdipRestoreGraphics (graphics=0x6600030, state=0xf58c0dbd) returned 0x0
[0303.543] GdipDeleteRegion (region=0x6645a28) returned 0x0
[0303.543] GetWindowTextLengthW (hWnd=0x3502da) returned 0
[0303.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0303.543] GetSystemMetrics (nIndex=42) returned 0
[0303.543] GetWindowTextW (in: hWnd=0x3502da, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0303.543] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0303.543] GdipGetImageWidth (image=0x6603e08, width=0xd7e1e0) returned 0x0
[0303.543] GdipGetImageHeight (image=0x6603e08, height=0xd7e1e0) returned 0x0
[0303.543] GdipGetImageWidth (image=0x6603e08, width=0xd7e1cc) returned 0x0
[0303.543] GdipGetImageHeight (image=0x6603e08, height=0xd7e1cc) returned 0x0
[0303.543] GdipDrawImageRectI (graphics=0x6600030, image=0x6603e08, x=16, y=16, width=32, height=32) returned 0x0
[0303.543] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0303.543] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x230107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.544] GdipReleaseDC (graphics=0x6600030, hdc=0x230107ee) returned 0x0
[0303.544] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.549] SelectObject (hdc=0x230107ee, h=0x85000f) returned 0x4a0507fe
[0303.549] DeleteDC (hdc=0x230107ee) returned 1
[0303.550] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.550] EndPaint (hWnd=0x3502da, lpPaint=0xd7e294) returned 1
[0303.550] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.550] IsWindowUnicode (hWnd=0x2a02d0) returned 1
[0303.550] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.550] SetCursor (hCursor=0x10003) returned 0x10003
[0303.550] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.550] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.550] _TrackMouseEvent (in: lpEventTrack=0x2e84edc | out: lpEventTrack=0x2e84edc) returned 1
[0303.550] SendMessageW (hWnd=0x2a02d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0303.550] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0303.550] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.551] GetKeyState (nVirtKey=1) returned 0
[0303.551] GetKeyState (nVirtKey=2) returned 0
[0303.551] GetKeyState (nVirtKey=4) returned 0
[0303.551] GetKeyState (nVirtKey=5) returned 0
[0303.551] GetKeyState (nVirtKey=6) returned 0
[0303.551] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.551] IsWindowUnicode (hWnd=0x3502dc) returned 1
[0303.551] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.551] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.551] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.551] BeginPaint (in: hWnd=0x3502dc, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0303.551] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.551] CreateCompatibleDC (hdc=0xf0105ee) returned 0x250107ee
[0303.551] GetObjectType (h=0xf0105ee) returned 0x3
[0303.551] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0xfffffffffc05065e
[0303.552] GetDIBits (in: hdc=0xf0105ee, hbm=0xfc05065e, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0303.552] GetDIBits (in: hdc=0xf0105ee, hbm=0xfc05065e, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0303.552] DeleteObject (ho=0xfc05065e) returned 1
[0303.552] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x760507f4
[0303.552] SelectObject (hdc=0x250107ee, h=0x760507f4) returned 0x85000f
[0303.552] GdipCreateFromHDC (hdc=0x250107ee, graphics=0xd7e234) returned 0x0
[0303.552] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.552] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0303.552] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0303.552] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0303.552] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e2d4) returned 0x0
[0303.552] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0303.553] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0303.553] LocalFree (hMem=0x11ee910) returned 0x0
[0303.553] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0303.553] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0303.553] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0303.553] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0303.553] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0303.553] GetWindowTextLengthW (hWnd=0x3502dc) returned 232
[0303.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0303.553] GetSystemMetrics (nIndex=42) returned 0
[0303.553] GetWindowTextW (in: hWnd=0x3502dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0303.553] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0303.553] GetClientRect (in: hWnd=0x3502dc, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0303.553] GdipCreateRegion (region=0xd7e110) returned 0x0
[0303.553] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0303.553] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0303.553] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0303.553] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e128) returned 0x0
[0303.553] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.553] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0303.553] LocalFree (hMem=0x11ee788) returned 0x0
[0303.553] GdipCombineRegionRegion (region=0x6645758, region2=0x6645518, combineMode=0x1) returned 0x0
[0303.553] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.554] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0303.554] LocalFree (hMem=0x11eec58) returned 0x0
[0303.554] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0303.554] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e150) returned 0x0
[0303.554] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7e140) returned 0x0
[0303.554] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0303.554] GdipDeleteRegion (region=0x6645758) returned 0x0
[0303.554] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0303.554] GetCurrentObject (hdc=0x250107ee, type=0x1) returned 0xb00017
[0303.554] GetCurrentObject (hdc=0x250107ee, type=0x2) returned 0x900010
[0303.554] GetCurrentObject (hdc=0x250107ee, type=0x7) returned 0x760507f4
[0303.554] GetCurrentObject (hdc=0x250107ee, type=0x6) returned 0x8a01c2
[0303.554] SaveDC (hdc=0x250107ee) returned 1
[0303.554] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbe040807
[0303.554] GetClipRgn (hdc=0x250107ee, hrgn=0xbe040807) returned 0
[0303.554] SelectClipRgn (hdc=0x250107ee, hrgn=0x410407de) returned 2
[0303.554] DeleteObject (ho=0xbe040807) returned 1
[0303.554] DeleteObject (ho=0x410407de) returned 1
[0303.554] OffsetViewportOrgEx (in: hdc=0x250107ee, x=0, y=0, lppt=0x2e86830 | out: lppt=0x2e86830) returned 1
[0303.554] GetNearestColor (hdc=0x250107ee, color=0xf0f0f0) returned 0xf0f0f0
[0303.554] CreateSolidBrush (color=0xf0f0f0) returned 0x681007e1
[0303.555] FillRect (hDC=0x250107ee, lprc=0xd7e15c, hbr=0x681007e1) returned 1
[0303.556] DeleteObject (ho=0x681007e1) returned 1
[0303.556] RestoreDC (hdc=0x250107ee, nSavedDC=-1) returned 1
[0303.556] GdipReleaseDC (graphics=0x6600030, hdc=0x250107ee) returned 0x0
[0303.556] GdipRestoreGraphics (graphics=0x6600030, state=0xf58a0dbd) returned 0x0
[0303.556] GdipDeleteRegion (region=0x6645518) returned 0x0
[0303.556] GetWindowTextLengthW (hWnd=0x3502dc) returned 232
[0303.556] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0303.556] GetSystemMetrics (nIndex=42) returned 0
[0303.556] GetWindowTextW (in: hWnd=0x3502dc, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0303.556] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0303.556] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0303.556] GetCurrentObject (hdc=0x250107ee, type=0x1) returned 0xb00017
[0303.556] GetCurrentObject (hdc=0x250107ee, type=0x2) returned 0x900010
[0303.556] GetCurrentObject (hdc=0x250107ee, type=0x7) returned 0x760507f4
[0303.556] GetCurrentObject (hdc=0x250107ee, type=0x6) returned 0x8a01c2
[0303.556] SaveDC (hdc=0x250107ee) returned 1
[0303.556] GetNearestColor (hdc=0x250107ee, color=0x0) returned 0x0
[0303.556] RestoreDC (hdc=0x250107ee, nSavedDC=-1) returned 1
[0303.556] GdipReleaseDC (graphics=0x6600030, hdc=0x250107ee) returned 0x0
[0303.557] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0303.557] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0303.557] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e8702c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0303.557] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0303.557] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0303.557] GetCurrentObject (hdc=0x250107ee, type=0x1) returned 0xb00017
[0303.557] GetCurrentObject (hdc=0x250107ee, type=0x2) returned 0x900010
[0303.558] GetCurrentObject (hdc=0x250107ee, type=0x7) returned 0x760507f4
[0303.558] GetCurrentObject (hdc=0x250107ee, type=0x6) returned 0x8a01c2
[0303.558] SaveDC (hdc=0x250107ee) returned 1
[0303.558] GetTextAlign (hdc=0x250107ee) returned 0x0
[0303.558] GetTextColor (hdc=0x250107ee) returned 0x0
[0303.558] GetCurrentObject (hdc=0x250107ee, type=0x6) returned 0x8a01c2
[0303.558] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0303.558] SelectObject (hdc=0x250107ee, h=0x6d0a0520) returned 0x8a01c2
[0303.558] GetBkMode (hdc=0x250107ee) returned 2
[0303.558] SetBkMode (hdc=0x250107ee, mode=1) returned 2
[0303.558] DrawTextExW (in: hdc=0x250107ee, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e87250 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0303.604] RestoreDC (hdc=0x250107ee, nSavedDC=-1) returned 1
[0303.604] GdipReleaseDC (graphics=0x6600030, hdc=0x250107ee) returned 0x0
[0303.604] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0303.605] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0x250107ee, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.605] GdipReleaseDC (graphics=0x6600030, hdc=0x250107ee) returned 0x0
[0303.605] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.605] SelectObject (hdc=0x250107ee, h=0x85000f) returned 0x760507f4
[0303.605] DeleteDC (hdc=0x250107ee) returned 1
[0303.605] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.605] DeleteObject (ho=0x760507f4) returned 1
[0303.606] EndPaint (hWnd=0x3502dc, lpPaint=0xd7e258) returned 1
[0303.606] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.607] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0303.607] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.607] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.608] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0303.608] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.608] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.609] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.609] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0303.610] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.610] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.610] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.610] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.610] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.611] IsWindowUnicode (hWnd=0x3702d8) returned 1
[0303.611] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.611] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.611] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.611] BeginPaint (in: hWnd=0x3702d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0303.611] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.611] CreateCompatibleDC (hdc=0x60100ce) returned 0xff01065e
[0303.612] SelectObject (hdc=0xff01065e, h=0x4a0507fe) returned 0x85000f
[0303.612] GdipCreateFromHDC (hdc=0xff01065e, graphics=0xd7e268) returned 0x0
[0303.612] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.612] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0303.612] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0303.612] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0303.612] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e2c8) returned 0x0
[0303.612] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.612] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0303.612] LocalFree (hMem=0x11ee788) returned 0x0
[0303.612] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0303.612] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0303.612] GdipGetClip (graphics=0x6600030, region=0x6645098) returned 0x0
[0303.613] GdipIsInfiniteRegion (region=0x6645098, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0303.613] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0303.613] GdipRestoreGraphics (graphics=0x6600030, state=0xf5880dbd) returned 0x0
[0303.613] GdipDeleteRegion (region=0x6645098) returned 0x0
[0303.613] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0303.613] GetCurrentObject (hdc=0xff01065e, type=0x1) returned 0xb00017
[0303.613] GetCurrentObject (hdc=0xff01065e, type=0x2) returned 0x900010
[0303.613] GetCurrentObject (hdc=0xff01065e, type=0x7) returned 0x4a0507fe
[0303.613] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.613] SaveDC (hdc=0xff01065e) returned 1
[0303.613] GetNearestColor (hdc=0xff01065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.613] GetNearestColor (hdc=0xff01065e, color=0xa0a0a0) returned 0xa0a0a0
[0303.613] GetNearestColor (hdc=0xff01065e, color=0x696969) returned 0x696969
[0303.613] GetNearestColor (hdc=0xff01065e, color=0xa0a0a0) returned 0xa0a0a0
[0303.614] GetNearestColor (hdc=0xff01065e, color=0x0) returned 0x0
[0303.614] GetNearestColor (hdc=0xff01065e, color=0xffffff) returned 0xffffff
[0303.614] GetNearestColor (hdc=0xff01065e, color=0xe5e5e5) returned 0xe5e5e5
[0303.614] GetNearestColor (hdc=0xff01065e, color=0xd7d7d7) returned 0xd7d7d7
[0303.614] GetNearestColor (hdc=0xff01065e, color=0x0) returned 0x0
[0303.614] RestoreDC (hdc=0xff01065e, nSavedDC=-1) returned 1
[0303.614] GdipReleaseDC (graphics=0x6600030, hdc=0xff01065e) returned 0x0
[0303.614] IsAppThemed () returned 0x1
[0303.614] GetThemeAppProperties () returned 0x3
[0303.614] GetThemeAppProperties () returned 0x3
[0303.614] GdipGetImageWidth (image=0x6601018, width=0xd7e168) returned 0x0
[0303.614] GdipGetImageHeight (image=0x6601018, height=0xd7e168) returned 0x0
[0303.614] IsAppThemed () returned 0x1
[0303.614] GetThemeAppProperties () returned 0x3
[0303.614] GetThemeAppProperties () returned 0x3
[0303.614] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e879a0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0303.615] IsAppThemed () returned 0x1
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] IsAppThemed () returned 0x1
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] GetFocus () returned 0x3702d8
[0303.615] IsAppThemed () returned 0x1
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] IsAppThemed () returned 0x1
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] GetThemeAppProperties () returned 0x3
[0303.615] IsThemePartDefined () returned 0x1
[0303.615] IsAppThemed () returned 0x1
[0303.616] GetThemeAppProperties () returned 0x3
[0303.616] GetThemeAppProperties () returned 0x3
[0303.616] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.616] IsAppThemed () returned 0x1
[0303.616] GetThemeAppProperties () returned 0x3
[0303.616] GetThemeAppProperties () returned 0x3
[0303.616] IsAppThemed () returned 0x1
[0303.616] GetThemeAppProperties () returned 0x3
[0303.616] GetThemeAppProperties () returned 0x3
[0303.616] IsThemePartDefined () returned 0x1
[0303.616] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0303.616] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0303.616] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0303.616] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0303.616] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dff0) returned 0x0
[0303.616] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.616] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0303.617] LocalFree (hMem=0x11ee788) returned 0x0
[0303.617] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.617] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0303.617] LocalFree (hMem=0x11eec58) returned 0x0
[0303.617] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0303.617] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0303.617] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0303.617] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0303.617] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0303.617] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0303.617] GetCurrentObject (hdc=0xff01065e, type=0x1) returned 0xb00017
[0303.617] GetCurrentObject (hdc=0xff01065e, type=0x2) returned 0x900010
[0303.617] GetCurrentObject (hdc=0xff01065e, type=0x7) returned 0x4a0507fe
[0303.617] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.617] SaveDC (hdc=0xff01065e) returned 1
[0303.617] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x420407de
[0303.618] GetClipRgn (hdc=0xff01065e, hrgn=0x420407de) returned 0
[0303.618] SelectClipRgn (hdc=0xff01065e, hrgn=0xc2040807) returned 2
[0303.618] DeleteObject (ho=0x420407de) returned 1
[0303.618] DeleteObject (ho=0xc2040807) returned 1
[0303.618] OffsetViewportOrgEx (in: hdc=0xff01065e, x=0, y=0, lppt=0x2e88050 | out: lppt=0x2e88050) returned 1
[0303.618] DrawThemeParentBackground () returned 0x0
[0303.618] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0303.618] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0303.618] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.618] GetSystemMetrics (nIndex=42) returned 0
[0303.618] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.618] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0303.618] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0303.618] GetCurrentObject (hdc=0xff01065e, type=0x1) returned 0xb00017
[0303.618] GetCurrentObject (hdc=0xff01065e, type=0x2) returned 0x900010
[0303.619] GetCurrentObject (hdc=0xff01065e, type=0x7) returned 0x4a0507fe
[0303.619] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.619] SaveDC (hdc=0xff01065e) returned 2
[0303.619] GetNearestColor (hdc=0xff01065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.619] CreateSolidBrush (color=0xf0f0f0) returned 0x691007e1
[0303.619] FillRect (hDC=0xff01065e, lprc=0xd7da38, hbr=0x691007e1) returned 1
[0303.619] DeleteObject (ho=0x691007e1) returned 1
[0303.619] RestoreDC (hdc=0xff01065e, nSavedDC=-1) returned 1
[0303.619] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.619] GetSystemMetrics (nIndex=42) returned 0
[0303.619] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0303.619] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0303.619] GetCurrentObject (hdc=0xff01065e, type=0x1) returned 0xb00017
[0303.619] GetCurrentObject (hdc=0xff01065e, type=0x2) returned 0x900010
[0303.620] GetCurrentObject (hdc=0xff01065e, type=0x7) returned 0x4a0507fe
[0303.620] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.620] SaveDC (hdc=0xff01065e) returned 2
[0303.620] GetNearestColor (hdc=0xff01065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.620] CreateSolidBrush (color=0xf0f0f0) returned 0x6a1007e1
[0303.620] FillRect (hDC=0xff01065e, lprc=0xd7d9d8, hbr=0x6a1007e1) returned 1
[0303.620] DeleteObject (ho=0x6a1007e1) returned 1
[0303.620] RestoreDC (hdc=0xff01065e, nSavedDC=-1) returned 1
[0303.620] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.620] GetSystemMetrics (nIndex=42) returned 0
[0303.620] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0303.620] RestoreDC (hdc=0xff01065e, nSavedDC=-1) returned 1
[0303.620] GdipReleaseDC (graphics=0x6600030, hdc=0xff01065e) returned 0x0
[0303.621] IsAppThemed () returned 0x1
[0303.621] GetThemeAppProperties () returned 0x3
[0303.621] GetThemeAppProperties () returned 0x3
[0303.621] IsAppThemed () returned 0x1
[0303.621] GetThemeAppProperties () returned 0x3
[0303.621] GetThemeAppProperties () returned 0x3
[0303.621] IsThemePartDefined () returned 0x1
[0303.621] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0303.621] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0303.621] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0303.621] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0303.621] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df74) returned 0x0
[0303.621] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee8d8) returned 0x0
[0303.621] LocalFree (hMem=0x11ee8d8) returned 0x0
[0303.621] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0303.621] LocalFree (hMem=0x11ee788) returned 0x0
[0303.621] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0303.621] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0303.621] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0303.621] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0303.622] GdipDeleteRegion (region=0x6645638) returned 0x0
[0303.622] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0303.622] GetCurrentObject (hdc=0xff01065e, type=0x1) returned 0xb00017
[0303.622] GetCurrentObject (hdc=0xff01065e, type=0x2) returned 0x900010
[0303.622] GetCurrentObject (hdc=0xff01065e, type=0x7) returned 0x4a0507fe
[0303.622] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.622] SaveDC (hdc=0xff01065e) returned 1
[0303.622] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc3040807
[0303.626] GetClipRgn (hdc=0xff01065e, hrgn=0xc3040807) returned 0
[0303.626] SelectClipRgn (hdc=0xff01065e, hrgn=0x440407de) returned 2
[0303.626] DeleteObject (ho=0xc3040807) returned 1
[0303.626] DeleteObject (ho=0x440407de) returned 1
[0303.626] OffsetViewportOrgEx (in: hdc=0xff01065e, x=0, y=0, lppt=0x2e888fc | out: lppt=0x2e888fc) returned 1
[0303.626] IsAppThemed () returned 0x1
[0303.626] GetThemeAppProperties () returned 0x3
[0303.626] GetThemeAppProperties () returned 0x3
[0303.626] DrawThemeBackground () returned 0x0
[0303.627] RestoreDC (hdc=0xff01065e, nSavedDC=-1) returned 1
[0303.627] GdipReleaseDC (graphics=0x6600030, hdc=0xff01065e) returned 0x0
[0303.627] GdipCreateRegion (region=0xd7df60) returned 0x0
[0303.627] GdipGetClip (graphics=0x6600030, region=0x6645638) returned 0x0
[0303.627] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0303.627] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0303.627] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0303.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.627] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0303.627] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.627] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.627] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0303.627] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.627] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0303.627] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0303.627] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6600030, result=0xd7df90) returned 0x0
[0303.627] GdipGetRegionHRgn (region=0x6645638, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0303.628] GdipDeleteRegion (region=0x6645638) returned 0x0
[0303.628] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0303.628] GetCurrentObject (hdc=0xff01065e, type=0x1) returned 0xb00017
[0303.628] GetCurrentObject (hdc=0xff01065e, type=0x2) returned 0x900010
[0303.628] GetCurrentObject (hdc=0xff01065e, type=0x7) returned 0x4a0507fe
[0303.628] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.628] SaveDC (hdc=0xff01065e) returned 1
[0303.628] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x450407de
[0303.628] GetClipRgn (hdc=0xff01065e, hrgn=0x450407de) returned 0
[0303.628] SelectClipRgn (hdc=0xff01065e, hrgn=0xc4040807) returned 2
[0303.628] DeleteObject (ho=0x450407de) returned 1
[0303.628] DeleteObject (ho=0xc4040807) returned 1
[0303.628] OffsetViewportOrgEx (in: hdc=0xff01065e, x=0, y=0, lppt=0x2e88bd0 | out: lppt=0x2e88bd0) returned 1
[0303.628] IsAppThemed () returned 0x1
[0303.628] GetThemeAppProperties () returned 0x3
[0303.628] GetThemeAppProperties () returned 0x3
[0303.628] GetThemeBackgroundContentRect () returned 0x0
[0303.629] RestoreDC (hdc=0xff01065e, nSavedDC=-1) returned 1
[0303.629] GdipReleaseDC (graphics=0x6600030, hdc=0xff01065e) returned 0x0
[0303.629] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0303.629] GdipGetClip (graphics=0x6600030, region=0x6645ea8) returned 0x0
[0303.629] GdipCloneRegion (region=0x6645ea8, cloneRegion=0xd7e150) returned 0x0
[0303.629] GdipCombineRegionRectI (region=0x66457e8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0303.629] GdipCombineRegionRectI (region=0x66457e8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0303.629] GdipSetClipRegion (graphics=0x6600030, region=0x66457e8, combineMode=0x0) returned 0x0
[0303.629] GdipGetImageWidth (image=0x6601018, width=0xd7e154) returned 0x0
[0303.629] GdipGetImageHeight (image=0x6601018, height=0xd7e148) returned 0x0
[0303.629] GdipDrawImageRectI (graphics=0x6600030, image=0x6601018, x=4, y=4, width=16, height=16) returned 0x0
[0303.629] GdipSetClipRegion (graphics=0x6600030, region=0x6645ea8, combineMode=0x0) returned 0x0
[0303.629] IsAppThemed () returned 0x1
[0303.629] GetThemeAppProperties () returned 0x3
[0303.629] GetThemeAppProperties () returned 0x3
[0303.629] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0303.629] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0303.629] GetCurrentObject (hdc=0xff01065e, type=0x1) returned 0xb00017
[0303.630] GetCurrentObject (hdc=0xff01065e, type=0x2) returned 0x900010
[0303.630] GetCurrentObject (hdc=0xff01065e, type=0x7) returned 0x4a0507fe
[0303.630] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.630] SaveDC (hdc=0xff01065e) returned 1
[0303.630] GetTextAlign (hdc=0xff01065e) returned 0x0
[0303.630] GetTextColor (hdc=0xff01065e) returned 0x0
[0303.630] GetCurrentObject (hdc=0xff01065e, type=0x6) returned 0x8a01c2
[0303.630] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0303.630] SelectObject (hdc=0xff01065e, h=0x6d0a0520) returned 0x8a01c2
[0303.630] GetBkMode (hdc=0xff01065e) returned 2
[0303.630] SetBkMode (hdc=0xff01065e, mode=1) returned 2
[0303.630] DrawTextExW (in: hdc=0xff01065e, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e88f90 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0303.631] DrawTextExW (in: hdc=0xff01065e, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e88f90 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0303.631] RestoreDC (hdc=0xff01065e, nSavedDC=-1) returned 1
[0303.631] GdipReleaseDC (graphics=0x6600030, hdc=0xff01065e) returned 0x0
[0303.631] GetFocus () returned 0x3702d8
[0303.631] IsAppThemed () returned 0x1
[0303.631] GetThemeAppProperties () returned 0x3
[0303.631] GetThemeAppProperties () returned 0x3
[0303.631] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0303.631] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0xff01065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.631] GdipReleaseDC (graphics=0x6600030, hdc=0xff01065e) returned 0x0
[0303.632] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.632] SelectObject (hdc=0xff01065e, h=0x85000f) returned 0x4a0507fe
[0303.632] DeleteDC (hdc=0xff01065e) returned 1
[0303.632] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.632] EndPaint (hWnd=0x3702d8, lpPaint=0xd7e24c) returned 1
[0303.632] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.632] IsWindowUnicode (hWnd=0x2a02d0) returned 1
[0303.632] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.632] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.632] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.632] BeginPaint (in: hWnd=0x2a02d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0303.633] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.633] CreateCompatibleDC (hdc=0x10105d6) returned 0x101065e
[0303.633] SelectObject (hdc=0x101065e, h=0x4a0507fe) returned 0x85000f
[0303.633] GdipCreateFromHDC (hdc=0x101065e, graphics=0xd7e268) returned 0x0
[0303.633] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.633] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0303.633] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0303.633] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0303.633] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0303.633] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.633] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0303.633] LocalFree (hMem=0x11ee788) returned 0x0
[0303.633] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0303.633] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0303.633] GdipGetClip (graphics=0x6600030, region=0x66451b8) returned 0x0
[0303.634] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0303.634] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0303.634] GdipRestoreGraphics (graphics=0x6600030, state=0xf5860dbd) returned 0x0
[0303.634] GdipDeleteRegion (region=0x66451b8) returned 0x0
[0303.634] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0303.634] GetCurrentObject (hdc=0x101065e, type=0x1) returned 0xb00017
[0303.634] GetCurrentObject (hdc=0x101065e, type=0x2) returned 0x900010
[0303.634] GetCurrentObject (hdc=0x101065e, type=0x7) returned 0x4a0507fe
[0303.634] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.634] SaveDC (hdc=0x101065e) returned 1
[0303.634] GetNearestColor (hdc=0x101065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.634] GetNearestColor (hdc=0x101065e, color=0xa0a0a0) returned 0xa0a0a0
[0303.634] GetNearestColor (hdc=0x101065e, color=0x696969) returned 0x696969
[0303.634] GetNearestColor (hdc=0x101065e, color=0xa0a0a0) returned 0xa0a0a0
[0303.634] GetNearestColor (hdc=0x101065e, color=0x0) returned 0x0
[0303.635] GetNearestColor (hdc=0x101065e, color=0xffffff) returned 0xffffff
[0303.635] GetNearestColor (hdc=0x101065e, color=0xe5e5e5) returned 0xe5e5e5
[0303.635] GetNearestColor (hdc=0x101065e, color=0xd7d7d7) returned 0xd7d7d7
[0303.635] GetNearestColor (hdc=0x101065e, color=0x0) returned 0x0
[0303.635] RestoreDC (hdc=0x101065e, nSavedDC=-1) returned 1
[0303.635] GdipReleaseDC (graphics=0x6600030, hdc=0x101065e) returned 0x0
[0303.635] IsAppThemed () returned 0x1
[0303.635] GetThemeAppProperties () returned 0x3
[0303.635] GetThemeAppProperties () returned 0x3
[0303.635] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0303.635] SendMessageW (hWnd=0x2b02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0303.635] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0303.635] IsAppThemed () returned 0x1
[0303.635] GetThemeAppProperties () returned 0x3
[0303.635] GetThemeAppProperties () returned 0x3
[0303.635] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e897a0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0303.636] IsAppThemed () returned 0x1
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] IsAppThemed () returned 0x1
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] IsAppThemed () returned 0x1
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] IsAppThemed () returned 0x1
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] IsThemePartDefined () returned 0x1
[0303.636] IsAppThemed () returned 0x1
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] GetThemeAppProperties () returned 0x3
[0303.636] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.636] IsAppThemed () returned 0x1
[0303.637] GetThemeAppProperties () returned 0x3
[0303.637] GetThemeAppProperties () returned 0x3
[0303.637] IsAppThemed () returned 0x1
[0303.637] GetThemeAppProperties () returned 0x3
[0303.637] GetThemeAppProperties () returned 0x3
[0303.637] IsThemePartDefined () returned 0x1
[0303.637] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0303.637] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0303.637] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0303.637] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0303.637] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfe4) returned 0x0
[0303.637] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.637] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0303.637] LocalFree (hMem=0x11eec58) returned 0x0
[0303.637] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.637] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0303.637] LocalFree (hMem=0x11ee788) returned 0x0
[0303.637] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0303.638] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0303.638] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0303.638] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0303.638] GdipDeleteRegion (region=0x6645998) returned 0x0
[0303.638] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0303.638] GetCurrentObject (hdc=0x101065e, type=0x1) returned 0xb00017
[0303.638] GetCurrentObject (hdc=0x101065e, type=0x2) returned 0x900010
[0303.638] GetCurrentObject (hdc=0x101065e, type=0x7) returned 0x4a0507fe
[0303.638] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.638] SaveDC (hdc=0x101065e) returned 1
[0303.638] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc5040807
[0303.638] GetClipRgn (hdc=0x101065e, hrgn=0xc5040807) returned 0
[0303.638] SelectClipRgn (hdc=0x101065e, hrgn=0x490407de) returned 2
[0303.639] DeleteObject (ho=0xc5040807) returned 1
[0303.639] DeleteObject (ho=0x490407de) returned 1
[0303.639] OffsetViewportOrgEx (in: hdc=0x101065e, x=0, y=0, lppt=0x2e89e50 | out: lppt=0x2e89e50) returned 1
[0303.639] DrawThemeParentBackground () returned 0x0
[0303.639] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0303.639] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0303.639] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.639] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.639] GetSystemMetrics (nIndex=42) returned 0
[0303.639] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.639] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0303.639] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0303.639] GetCurrentObject (hdc=0x101065e, type=0x1) returned 0xb00017
[0303.639] GetCurrentObject (hdc=0x101065e, type=0x2) returned 0x900010
[0303.639] GetCurrentObject (hdc=0x101065e, type=0x7) returned 0x4a0507fe
[0303.639] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.640] SaveDC (hdc=0x101065e) returned 2
[0303.640] GetNearestColor (hdc=0x101065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.640] CreateSolidBrush (color=0xf0f0f0) returned 0x6b1007e1
[0303.640] FillRect (hDC=0x101065e, lprc=0xd7da30, hbr=0x6b1007e1) returned 1
[0303.640] DeleteObject (ho=0x6b1007e1) returned 1
[0303.640] RestoreDC (hdc=0x101065e, nSavedDC=-1) returned 1
[0303.640] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.640] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.640] GetSystemMetrics (nIndex=42) returned 0
[0303.640] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.640] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0303.640] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0303.640] GetCurrentObject (hdc=0x101065e, type=0x1) returned 0xb00017
[0303.640] GetCurrentObject (hdc=0x101065e, type=0x2) returned 0x900010
[0303.640] GetCurrentObject (hdc=0x101065e, type=0x7) returned 0x4a0507fe
[0303.640] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.641] SaveDC (hdc=0x101065e) returned 2
[0303.641] GetNearestColor (hdc=0x101065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.641] CreateSolidBrush (color=0xf0f0f0) returned 0x6c1007e1
[0303.641] FillRect (hDC=0x101065e, lprc=0xd7d9d0, hbr=0x6c1007e1) returned 1
[0303.641] DeleteObject (ho=0x6c1007e1) returned 1
[0303.641] RestoreDC (hdc=0x101065e, nSavedDC=-1) returned 1
[0303.641] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.641] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.641] GetSystemMetrics (nIndex=42) returned 0
[0303.641] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.641] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0303.641] RestoreDC (hdc=0x101065e, nSavedDC=-1) returned 1
[0303.641] GdipReleaseDC (graphics=0x6600030, hdc=0x101065e) returned 0x0
[0303.641] IsAppThemed () returned 0x1
[0303.642] GetThemeAppProperties () returned 0x3
[0303.642] GetThemeAppProperties () returned 0x3
[0303.642] IsAppThemed () returned 0x1
[0303.642] GetThemeAppProperties () returned 0x3
[0303.642] GetThemeAppProperties () returned 0x3
[0303.642] IsThemePartDefined () returned 0x1
[0303.642] GdipCreateRegion (region=0xd7df50) returned 0x0
[0303.642] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.642] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0303.642] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0303.642] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df68) returned 0x0
[0303.642] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.642] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0303.642] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.642] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0303.642] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0303.642] LocalFree (hMem=0x11eecc8) returned 0x0
[0303.642] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0303.642] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0303.642] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0303.643] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0303.643] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.643] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0303.643] GetCurrentObject (hdc=0x101065e, type=0x1) returned 0xb00017
[0303.643] GetCurrentObject (hdc=0x101065e, type=0x2) returned 0x900010
[0303.643] GetCurrentObject (hdc=0x101065e, type=0x7) returned 0x4a0507fe
[0303.643] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.643] SaveDC (hdc=0x101065e) returned 1
[0303.643] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4a0407de
[0303.643] GetClipRgn (hdc=0x101065e, hrgn=0x4a0407de) returned 0
[0303.643] SelectClipRgn (hdc=0x101065e, hrgn=0xc7040807) returned 2
[0303.643] DeleteObject (ho=0x4a0407de) returned 1
[0303.643] DeleteObject (ho=0xc7040807) returned 1
[0303.643] OffsetViewportOrgEx (in: hdc=0x101065e, x=0, y=0, lppt=0x2e8a6fc | out: lppt=0x2e8a6fc) returned 1
[0303.643] IsAppThemed () returned 0x1
[0303.643] GetThemeAppProperties () returned 0x3
[0303.643] GetThemeAppProperties () returned 0x3
[0303.644] DrawThemeBackground () returned 0x0
[0303.644] RestoreDC (hdc=0x101065e, nSavedDC=-1) returned 1
[0303.644] GdipReleaseDC (graphics=0x6600030, hdc=0x101065e) returned 0x0
[0303.644] GdipCreateRegion (region=0xd7df54) returned 0x0
[0303.644] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.644] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0303.644] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0303.644] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df6c) returned 0x0
[0303.644] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0303.644] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eed00) returned 0x0
[0303.644] LocalFree (hMem=0x11eed00) returned 0x0
[0303.644] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.644] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0303.644] LocalFree (hMem=0x11eec58) returned 0x0
[0303.644] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0303.644] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0303.644] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0303.644] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0303.645] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.645] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0303.645] GetCurrentObject (hdc=0x101065e, type=0x1) returned 0xb00017
[0303.645] GetCurrentObject (hdc=0x101065e, type=0x2) returned 0x900010
[0303.645] GetCurrentObject (hdc=0x101065e, type=0x7) returned 0x4a0507fe
[0303.645] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.645] SaveDC (hdc=0x101065e) returned 1
[0303.645] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc8040807
[0303.645] GetClipRgn (hdc=0x101065e, hrgn=0xc8040807) returned 0
[0303.645] SelectClipRgn (hdc=0x101065e, hrgn=0x4b0407de) returned 2
[0303.645] DeleteObject (ho=0xc8040807) returned 1
[0303.645] DeleteObject (ho=0x4b0407de) returned 1
[0303.645] OffsetViewportOrgEx (in: hdc=0x101065e, x=0, y=0, lppt=0x2e8a9d0 | out: lppt=0x2e8a9d0) returned 1
[0303.645] IsAppThemed () returned 0x1
[0303.645] GetThemeAppProperties () returned 0x3
[0303.645] GetThemeAppProperties () returned 0x3
[0303.645] GetThemeBackgroundContentRect () returned 0x0
[0303.645] RestoreDC (hdc=0x101065e, nSavedDC=-1) returned 1
[0303.646] GdipReleaseDC (graphics=0x6600030, hdc=0x101065e) returned 0x0
[0303.646] IsAppThemed () returned 0x1
[0303.646] GetThemeAppProperties () returned 0x3
[0303.646] GetThemeAppProperties () returned 0x3
[0303.646] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0303.646] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0303.646] GetCurrentObject (hdc=0x101065e, type=0x1) returned 0xb00017
[0303.646] GetCurrentObject (hdc=0x101065e, type=0x2) returned 0x900010
[0303.646] GetCurrentObject (hdc=0x101065e, type=0x7) returned 0x4a0507fe
[0303.646] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.646] SaveDC (hdc=0x101065e) returned 1
[0303.646] GetTextAlign (hdc=0x101065e) returned 0x0
[0303.646] GetTextColor (hdc=0x101065e) returned 0x0
[0303.646] GetCurrentObject (hdc=0x101065e, type=0x6) returned 0x8a01c2
[0303.646] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0303.646] SelectObject (hdc=0x101065e, h=0x6d0a0520) returned 0x8a01c2
[0303.647] GetBkMode (hdc=0x101065e) returned 2
[0303.647] SetBkMode (hdc=0x101065e, mode=1) returned 2
[0303.647] DrawTextExW (in: hdc=0x101065e, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e8ad70 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0303.647] DrawTextExW (in: hdc=0x101065e, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e8ad70 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0303.647] RestoreDC (hdc=0x101065e, nSavedDC=-1) returned 1
[0303.647] GdipReleaseDC (graphics=0x6600030, hdc=0x101065e) returned 0x0
[0303.647] GetFocus () returned 0x3702d8
[0303.648] IsAppThemed () returned 0x1
[0303.648] GetThemeAppProperties () returned 0x3
[0303.648] GetThemeAppProperties () returned 0x3
[0303.648] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0303.648] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x101065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.648] GdipReleaseDC (graphics=0x6600030, hdc=0x101065e) returned 0x0
[0303.648] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.648] SelectObject (hdc=0x101065e, h=0x85000f) returned 0x4a0507fe
[0303.648] DeleteDC (hdc=0x101065e) returned 1
[0303.648] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.648] EndPaint (hWnd=0x2a02d0, lpPaint=0xd7e24c) returned 1
[0303.649] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.649] IsWindowUnicode (hWnd=0x2f02c8) returned 1
[0303.649] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.649] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.649] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.649] BeginPaint (in: hWnd=0x2f02c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0303.649] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.649] CreateCompatibleDC (hdc=0xf0105ee) returned 0x301065e
[0303.650] SelectObject (hdc=0x301065e, h=0x4a0507fe) returned 0x85000f
[0303.650] GdipCreateFromHDC (hdc=0x301065e, graphics=0xd7e268) returned 0x0
[0303.650] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.650] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0303.650] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0303.650] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0303.650] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e2c8) returned 0x0
[0303.650] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.650] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0303.650] LocalFree (hMem=0x11eec58) returned 0x0
[0303.650] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0303.650] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0303.650] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.650] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0303.650] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0303.651] GdipRestoreGraphics (graphics=0x6600030, state=0xf5840dbd) returned 0x0
[0303.651] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.651] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0303.651] GetCurrentObject (hdc=0x301065e, type=0x1) returned 0xb00017
[0303.651] GetCurrentObject (hdc=0x301065e, type=0x2) returned 0x900010
[0303.651] GetCurrentObject (hdc=0x301065e, type=0x7) returned 0x4a0507fe
[0303.651] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.651] SaveDC (hdc=0x301065e) returned 1
[0303.651] GetNearestColor (hdc=0x301065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.651] GetNearestColor (hdc=0x301065e, color=0xa0a0a0) returned 0xa0a0a0
[0303.651] GetNearestColor (hdc=0x301065e, color=0x696969) returned 0x696969
[0303.651] GetNearestColor (hdc=0x301065e, color=0xa0a0a0) returned 0xa0a0a0
[0303.651] GetNearestColor (hdc=0x301065e, color=0x0) returned 0x0
[0303.651] GetNearestColor (hdc=0x301065e, color=0xffffff) returned 0xffffff
[0303.651] GetNearestColor (hdc=0x301065e, color=0xe5e5e5) returned 0xe5e5e5
[0303.651] GetNearestColor (hdc=0x301065e, color=0xd7d7d7) returned 0xd7d7d7
[0303.651] GetNearestColor (hdc=0x301065e, color=0x0) returned 0x0
[0303.652] RestoreDC (hdc=0x301065e, nSavedDC=-1) returned 1
[0303.652] GdipReleaseDC (graphics=0x6600030, hdc=0x301065e) returned 0x0
[0303.652] IsAppThemed () returned 0x1
[0303.652] GetThemeAppProperties () returned 0x3
[0303.652] GetThemeAppProperties () returned 0x3
[0303.652] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0303.652] SendMessageW (hWnd=0x2b02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0303.652] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0303.652] IsAppThemed () returned 0x1
[0303.652] GetThemeAppProperties () returned 0x3
[0303.652] GetThemeAppProperties () returned 0x3
[0303.652] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e8b580 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0303.652] IsAppThemed () returned 0x1
[0303.652] GetThemeAppProperties () returned 0x3
[0303.653] GetThemeAppProperties () returned 0x3
[0303.653] IsAppThemed () returned 0x1
[0303.653] GetThemeAppProperties () returned 0x3
[0303.653] GetThemeAppProperties () returned 0x3
[0303.653] GetFocus () returned 0x3702d8
[0303.653] IsAppThemed () returned 0x1
[0303.653] GetThemeAppProperties () returned 0x3
[0303.653] GetThemeAppProperties () returned 0x3
[0303.653] IsAppThemed () returned 0x1
[0303.653] GetThemeAppProperties () returned 0x3
[0303.653] GetThemeAppProperties () returned 0x3
[0303.657] IsThemePartDefined () returned 0x1
[0303.657] IsAppThemed () returned 0x1
[0303.657] GetThemeAppProperties () returned 0x3
[0303.657] GetThemeAppProperties () returned 0x3
[0303.657] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.658] IsAppThemed () returned 0x1
[0303.658] GetThemeAppProperties () returned 0x3
[0303.658] GetThemeAppProperties () returned 0x3
[0303.658] IsAppThemed () returned 0x1
[0303.658] GetThemeAppProperties () returned 0x3
[0303.658] GetThemeAppProperties () returned 0x3
[0303.658] IsThemePartDefined () returned 0x1
[0303.658] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0303.658] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0303.658] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0303.658] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0303.658] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0303.658] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0303.658] LocalFree (hMem=0x11ee8d8) returned 0x0
[0303.658] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0303.658] LocalFree (hMem=0x11eecc8) returned 0x0
[0303.658] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0303.658] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e018) returned 0x0
[0303.658] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e008) returned 0x0
[0303.658] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0303.659] GdipDeleteRegion (region=0x6645908) returned 0x0
[0303.659] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0303.659] GetCurrentObject (hdc=0x301065e, type=0x1) returned 0xb00017
[0303.659] GetCurrentObject (hdc=0x301065e, type=0x2) returned 0x900010
[0303.659] GetCurrentObject (hdc=0x301065e, type=0x7) returned 0x4a0507fe
[0303.659] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.659] SaveDC (hdc=0x301065e) returned 1
[0303.659] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4c0407de
[0303.659] GetClipRgn (hdc=0x301065e, hrgn=0x4c0407de) returned 0
[0303.659] SelectClipRgn (hdc=0x301065e, hrgn=0xcc040807) returned 2
[0303.659] DeleteObject (ho=0x4c0407de) returned 1
[0303.659] DeleteObject (ho=0xcc040807) returned 1
[0303.659] OffsetViewportOrgEx (in: hdc=0x301065e, x=0, y=0, lppt=0x2e8bc30 | out: lppt=0x2e8bc30) returned 1
[0303.659] DrawThemeParentBackground () returned 0x0
[0303.659] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0303.660] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0303.660] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.660] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.660] GetSystemMetrics (nIndex=42) returned 0
[0303.660] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.660] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0303.660] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0303.660] GetCurrentObject (hdc=0x301065e, type=0x1) returned 0xb00017
[0303.660] GetCurrentObject (hdc=0x301065e, type=0x2) returned 0x900010
[0303.660] GetCurrentObject (hdc=0x301065e, type=0x7) returned 0x4a0507fe
[0303.660] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.660] SaveDC (hdc=0x301065e) returned 2
[0303.660] GetNearestColor (hdc=0x301065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.660] CreateSolidBrush (color=0xf0f0f0) returned 0x6d1007e1
[0303.660] FillRect (hDC=0x301065e, lprc=0xd7da38, hbr=0x6d1007e1) returned 1
[0303.660] DeleteObject (ho=0x6d1007e1) returned 1
[0303.661] RestoreDC (hdc=0x301065e, nSavedDC=-1) returned 1
[0303.661] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.661] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.661] GetSystemMetrics (nIndex=42) returned 0
[0303.661] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.661] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0303.661] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0303.661] GetCurrentObject (hdc=0x301065e, type=0x1) returned 0xb00017
[0303.661] GetCurrentObject (hdc=0x301065e, type=0x2) returned 0x900010
[0303.661] GetCurrentObject (hdc=0x301065e, type=0x7) returned 0x4a0507fe
[0303.661] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.661] SaveDC (hdc=0x301065e) returned 2
[0303.661] GetNearestColor (hdc=0x301065e, color=0xf0f0f0) returned 0xf0f0f0
[0303.661] CreateSolidBrush (color=0xf0f0f0) returned 0x6e1007e1
[0303.661] FillRect (hDC=0x301065e, lprc=0xd7d9d8, hbr=0x6e1007e1) returned 1
[0303.662] DeleteObject (ho=0x6e1007e1) returned 1
[0303.662] RestoreDC (hdc=0x301065e, nSavedDC=-1) returned 1
[0303.662] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.662] GetSystemMetrics (nIndex=42) returned 0
[0303.662] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0303.662] RestoreDC (hdc=0x301065e, nSavedDC=-1) returned 1
[0303.662] GdipReleaseDC (graphics=0x6600030, hdc=0x301065e) returned 0x0
[0303.662] IsAppThemed () returned 0x1
[0303.662] GetThemeAppProperties () returned 0x3
[0303.662] GetThemeAppProperties () returned 0x3
[0303.662] IsAppThemed () returned 0x1
[0303.662] GetThemeAppProperties () returned 0x3
[0303.662] GetThemeAppProperties () returned 0x3
[0303.662] IsThemePartDefined () returned 0x1
[0303.662] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0303.663] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0303.663] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0303.663] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0303.663] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0303.663] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0303.663] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea60) returned 0x0
[0303.663] LocalFree (hMem=0x11eea60) returned 0x0
[0303.663] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.663] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee9f0) returned 0x0
[0303.663] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.663] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0303.663] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0303.663] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0303.663] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0303.663] GdipDeleteRegion (region=0x6645908) returned 0x0
[0303.663] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0303.663] GetCurrentObject (hdc=0x301065e, type=0x1) returned 0xb00017
[0303.663] GetCurrentObject (hdc=0x301065e, type=0x2) returned 0x900010
[0303.664] GetCurrentObject (hdc=0x301065e, type=0x7) returned 0x4a0507fe
[0303.664] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.664] SaveDC (hdc=0x301065e) returned 1
[0303.664] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcd040807
[0303.664] GetClipRgn (hdc=0x301065e, hrgn=0xcd040807) returned 0
[0303.664] SelectClipRgn (hdc=0x301065e, hrgn=0x4e0407de) returned 2
[0303.664] DeleteObject (ho=0xcd040807) returned 1
[0303.664] DeleteObject (ho=0x4e0407de) returned 1
[0303.664] OffsetViewportOrgEx (in: hdc=0x301065e, x=0, y=0, lppt=0x2e8c4dc | out: lppt=0x2e8c4dc) returned 1
[0303.664] IsAppThemed () returned 0x1
[0303.664] GetThemeAppProperties () returned 0x3
[0303.664] GetThemeAppProperties () returned 0x3
[0303.664] DrawThemeBackground () returned 0x0
[0303.664] RestoreDC (hdc=0x301065e, nSavedDC=-1) returned 1
[0303.664] GdipReleaseDC (graphics=0x6600030, hdc=0x301065e) returned 0x0
[0303.664] GdipCreateRegion (region=0xd7df60) returned 0x0
[0303.664] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0303.665] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0303.665] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0303.665] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df78) returned 0x0
[0303.665] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0303.665] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0303.665] LocalFree (hMem=0x11ee8d8) returned 0x0
[0303.665] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0303.665] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0303.665] LocalFree (hMem=0x11eea98) returned 0x0
[0303.665] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0303.665] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0303.665] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7df90) returned 0x0
[0303.665] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0303.665] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0303.665] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0303.665] GetCurrentObject (hdc=0x301065e, type=0x1) returned 0xb00017
[0303.665] GetCurrentObject (hdc=0x301065e, type=0x2) returned 0x900010
[0303.665] GetCurrentObject (hdc=0x301065e, type=0x7) returned 0x4a0507fe
[0303.666] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.666] SaveDC (hdc=0x301065e) returned 1
[0303.666] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4f0407de
[0303.666] GetClipRgn (hdc=0x301065e, hrgn=0x4f0407de) returned 0
[0303.666] SelectClipRgn (hdc=0x301065e, hrgn=0xce040807) returned 2
[0303.666] DeleteObject (ho=0x4f0407de) returned 1
[0303.666] DeleteObject (ho=0xce040807) returned 1
[0303.666] OffsetViewportOrgEx (in: hdc=0x301065e, x=0, y=0, lppt=0x2e8c7b0 | out: lppt=0x2e8c7b0) returned 1
[0303.666] IsAppThemed () returned 0x1
[0303.666] GetThemeAppProperties () returned 0x3
[0303.666] GetThemeAppProperties () returned 0x3
[0303.666] GetThemeBackgroundContentRect () returned 0x0
[0303.666] RestoreDC (hdc=0x301065e, nSavedDC=-1) returned 1
[0303.666] GdipReleaseDC (graphics=0x6600030, hdc=0x301065e) returned 0x0
[0303.666] IsAppThemed () returned 0x1
[0303.666] GetThemeAppProperties () returned 0x3
[0303.666] GetThemeAppProperties () returned 0x3
[0303.667] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0303.667] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0303.667] GetCurrentObject (hdc=0x301065e, type=0x1) returned 0xb00017
[0303.667] GetCurrentObject (hdc=0x301065e, type=0x2) returned 0x900010
[0303.667] GetCurrentObject (hdc=0x301065e, type=0x7) returned 0x4a0507fe
[0303.667] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.667] SaveDC (hdc=0x301065e) returned 1
[0303.667] GetTextAlign (hdc=0x301065e) returned 0x0
[0303.667] GetTextColor (hdc=0x301065e) returned 0x0
[0303.667] GetCurrentObject (hdc=0x301065e, type=0x6) returned 0x8a01c2
[0303.667] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0303.667] SelectObject (hdc=0x301065e, h=0x6d0a0520) returned 0x8a01c2
[0303.667] GetBkMode (hdc=0x301065e) returned 2
[0303.667] SetBkMode (hdc=0x301065e, mode=1) returned 2
[0303.668] DrawTextExW (in: hdc=0x301065e, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e8cb50 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0303.668] DrawTextExW (in: hdc=0x301065e, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e8cb50 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0303.668] RestoreDC (hdc=0x301065e, nSavedDC=-1) returned 1
[0303.668] GdipReleaseDC (graphics=0x6600030, hdc=0x301065e) returned 0x0
[0303.668] GetFocus () returned 0x3702d8
[0303.668] IsAppThemed () returned 0x1
[0303.668] GetThemeAppProperties () returned 0x3
[0303.668] GetThemeAppProperties () returned 0x3
[0303.668] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0303.668] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x301065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.669] GdipReleaseDC (graphics=0x6600030, hdc=0x301065e) returned 0x0
[0303.669] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.669] SelectObject (hdc=0x301065e, h=0x85000f) returned 0x4a0507fe
[0303.669] DeleteDC (hdc=0x301065e) returned 1
[0303.669] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.669] EndPaint (hWnd=0x2f02c8, lpPaint=0xd7e24c) returned 1
[0303.669] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.670] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.670] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.670] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.670] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.670] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0303.670] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.670] CreateCompatibleDC (hdc=0x107b9) returned 0x501065e
[0303.670] SelectObject (hdc=0x501065e, h=0x4a0507fe) returned 0x85000f
[0303.670] GdipCreateFromHDC (hdc=0x501065e, graphics=0xd7e268) returned 0x0
[0303.670] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.670] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0303.670] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0303.671] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0303.671] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0303.671] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0303.671] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea60) returned 0x0
[0303.671] LocalFree (hMem=0x11eea60) returned 0x0
[0303.671] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0303.671] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0303.671] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0303.671] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0303.671] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0303.671] GdipRestoreGraphics (graphics=0x6600030, state=0xf5820dbd) returned 0x0
[0303.671] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0303.671] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0303.671] GetCurrentObject (hdc=0x501065e, type=0x1) returned 0xb00017
[0303.671] GetCurrentObject (hdc=0x501065e, type=0x2) returned 0x900010
[0303.671] GetCurrentObject (hdc=0x501065e, type=0x7) returned 0x4a0507fe
[0303.671] GetCurrentObject (hdc=0x501065e, type=0x6) returned 0x8a01c2
[0303.672] SaveDC (hdc=0x501065e) returned 1
[0303.672] GetNearestColor (hdc=0x501065e, color=0xff) returned 0xff
[0303.672] GetNearestColor (hdc=0x501065e, color=0x55) returned 0x55
[0303.672] GetNearestColor (hdc=0x501065e, color=0x0) returned 0x0
[0303.672] GetNearestColor (hdc=0x501065e, color=0x55) returned 0x55
[0303.672] GetNearestColor (hdc=0x501065e, color=0x0) returned 0x0
[0303.672] GetNearestColor (hdc=0x501065e, color=0x8080ff) returned 0x8080ff
[0303.672] GetNearestColor (hdc=0x501065e, color=0x7373e5) returned 0x7373e5
[0303.672] GetNearestColor (hdc=0x501065e, color=0xe5) returned 0xe5
[0303.672] GetNearestColor (hdc=0x501065e, color=0x0) returned 0x0
[0303.672] RestoreDC (hdc=0x501065e, nSavedDC=-1) returned 1
[0303.672] GdipReleaseDC (graphics=0x6600030, hdc=0x501065e) returned 0x0
[0303.672] IsAppThemed () returned 0x1
[0303.672] GetThemeAppProperties () returned 0x3
[0303.672] GetThemeAppProperties () returned 0x3
[0303.673] IsAppThemed () returned 0x1
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e8d318 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0303.673] IsAppThemed () returned 0x1
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] IsAppThemed () returned 0x1
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] GetFocus () returned 0x3702d8
[0303.673] IsAppThemed () returned 0x1
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] GetThemeAppProperties () returned 0x3
[0303.673] IsAppThemed () returned 0x1
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] IsThemePartDefined () returned 0x1
[0303.674] IsAppThemed () returned 0x1
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.674] IsAppThemed () returned 0x1
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] IsAppThemed () returned 0x1
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] GetThemeAppProperties () returned 0x3
[0303.674] IsThemePartDefined () returned 0x1
[0303.674] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0303.674] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0303.674] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0303.674] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0303.674] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dff0) returned 0x0
[0303.674] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0303.674] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0303.674] LocalFree (hMem=0x11ee788) returned 0x0
[0303.675] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0303.675] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0303.675] LocalFree (hMem=0x11ee8d8) returned 0x0
[0303.675] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0303.675] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e018) returned 0x0
[0303.675] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e008) returned 0x0
[0303.675] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0303.675] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0303.675] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0303.675] GetCurrentObject (hdc=0x501065e, type=0x1) returned 0xb00017
[0303.675] GetCurrentObject (hdc=0x501065e, type=0x2) returned 0x900010
[0303.675] GetCurrentObject (hdc=0x501065e, type=0x7) returned 0x4a0507fe
[0303.675] GetCurrentObject (hdc=0x501065e, type=0x6) returned 0x8a01c2
[0303.675] SaveDC (hdc=0x501065e) returned 1
[0303.675] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcf040807
[0303.675] GetClipRgn (hdc=0x501065e, hrgn=0xcf040807) returned 0
[0303.676] SelectClipRgn (hdc=0x501065e, hrgn=0x530407de) returned 2
[0303.676] DeleteObject (ho=0xcf040807) returned 1
[0303.676] DeleteObject (ho=0x530407de) returned 1
[0303.676] OffsetViewportOrgEx (in: hdc=0x501065e, x=0, y=0, lppt=0x2e8d9c8 | out: lppt=0x2e8d9c8) returned 1
[0303.676] DrawThemeParentBackground () returned 0x0
[0303.676] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0303.676] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0303.676] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.676] GetSystemMetrics (nIndex=42) returned 0
[0303.676] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0303.676] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0303.676] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0303.676] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0303.677] SelectPalette (hdc=0x501065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.677] GdipCreateFromHDC (hdc=0x501065e, graphics=0xd7dac8) returned 0x0
[0303.677] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.677] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0303.677] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638c98) returned 0x0
[0303.677] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7daa0) returned 0x0
[0303.677] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0303.677] GdipCreateRegion (region=0xd7da88) returned 0x0
[0303.677] GdipGetClip (graphics=0x6631910, region=0x6645998) returned 0x0
[0303.677] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6631910, result=0xd7da94) returned 0x0
[0303.677] GdipDeleteRegion (region=0x6645998) returned 0x0
[0303.677] GdipSaveGraphics (graphics=0x6631910, state=0xd7dac0) returned 0x0
[0303.677] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0303.690] GdipFillRectangleI (graphics=0x6631910, brush=0x664e510, x=0, y=0, width=801, height=453) returned 0x0
[0303.690] GdipDeleteBrush (brush=0x664e510) returned 0x0
[0303.692] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.692] SelectPalette (hdc=0x501065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.692] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.692] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.692] GetSystemMetrics (nIndex=42) returned 0
[0303.692] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.692] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0303.692] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0303.692] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0303.692] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0303.692] SelectPalette (hdc=0x501065e, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.693] GdipCreateFromHDC (hdc=0x501065e, graphics=0xd7da68) returned 0x0
[0303.693] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.693] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0303.693] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638d58) returned 0x0
[0303.693] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7da40) returned 0x0
[0303.693] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0303.693] GdipCreateRegion (region=0xd7da28) returned 0x0
[0303.693] GdipGetClip (graphics=0x6631910, region=0x6645638) returned 0x0
[0303.693] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6631910, result=0xd7da34) returned 0x0
[0303.693] GdipDeleteRegion (region=0x6645638) returned 0x0
[0303.693] GdipSaveGraphics (graphics=0x6631910, state=0xd7da60) returned 0x0
[0303.693] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0303.701] GdipFillRectangleI (graphics=0x6631910, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0303.702] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0303.703] GdipRestoreGraphics (graphics=0x6631910, state=0xf57e0dbd) returned 0x0
[0303.703] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.703] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.703] GetSystemMetrics (nIndex=42) returned 0
[0303.703] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.703] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0303.703] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.703] SelectPalette (hdc=0x501065e, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.704] RestoreDC (hdc=0x501065e, nSavedDC=-1) returned 1
[0303.704] GdipReleaseDC (graphics=0x6600030, hdc=0x501065e) returned 0x0
[0303.704] IsAppThemed () returned 0x1
[0303.704] GetThemeAppProperties () returned 0x3
[0303.704] GetThemeAppProperties () returned 0x3
[0303.704] IsAppThemed () returned 0x1
[0303.704] GetThemeAppProperties () returned 0x3
[0303.704] GetThemeAppProperties () returned 0x3
[0303.704] IsThemePartDefined () returned 0x1
[0303.704] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0303.704] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.704] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0303.704] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0303.704] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df74) returned 0x0
[0303.704] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.705] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee9f0) returned 0x0
[0303.705] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.705] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0303.705] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eead0) returned 0x0
[0303.705] LocalFree (hMem=0x11eead0) returned 0x0
[0303.705] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0303.705] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0303.705] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0303.705] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0303.705] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.705] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0303.705] GetCurrentObject (hdc=0x501065e, type=0x1) returned 0xb00017
[0303.705] GetCurrentObject (hdc=0x501065e, type=0x2) returned 0x900010
[0303.705] GetCurrentObject (hdc=0x501065e, type=0x7) returned 0x4a0507fe
[0303.705] GetCurrentObject (hdc=0x501065e, type=0x6) returned 0x8a01c2
[0303.705] SaveDC (hdc=0x501065e) returned 1
[0303.705] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x540407de
[0303.706] GetClipRgn (hdc=0x501065e, hrgn=0x540407de) returned 0
[0303.706] SelectClipRgn (hdc=0x501065e, hrgn=0xd1040807) returned 2
[0303.706] DeleteObject (ho=0x540407de) returned 1
[0303.706] DeleteObject (ho=0xd1040807) returned 1
[0303.706] OffsetViewportOrgEx (in: hdc=0x501065e, x=0, y=0, lppt=0x2e94218 | out: lppt=0x2e94218) returned 1
[0303.706] IsAppThemed () returned 0x1
[0303.706] GetThemeAppProperties () returned 0x3
[0303.706] GetThemeAppProperties () returned 0x3
[0303.706] DrawThemeBackground () returned 0x0
[0303.706] RestoreDC (hdc=0x501065e, nSavedDC=-1) returned 1
[0303.706] GdipReleaseDC (graphics=0x6600030, hdc=0x501065e) returned 0x0
[0303.706] GdipCreateRegion (region=0xd7df60) returned 0x0
[0303.706] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.706] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0303.706] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0303.706] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0303.706] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0303.706] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eecc8) returned 0x0
[0303.707] LocalFree (hMem=0x11eecc8) returned 0x0
[0303.707] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.707] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0303.707] LocalFree (hMem=0x11eec58) returned 0x0
[0303.707] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0303.707] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0303.707] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0303.707] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0303.707] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.707] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0303.707] GetCurrentObject (hdc=0x501065e, type=0x1) returned 0xb00017
[0303.707] GetCurrentObject (hdc=0x501065e, type=0x2) returned 0x900010
[0303.707] GetCurrentObject (hdc=0x501065e, type=0x7) returned 0x4a0507fe
[0303.707] GetCurrentObject (hdc=0x501065e, type=0x6) returned 0x8a01c2
[0303.707] SaveDC (hdc=0x501065e) returned 1
[0303.707] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd2040807
[0303.707] GetClipRgn (hdc=0x501065e, hrgn=0xd2040807) returned 0
[0303.707] SelectClipRgn (hdc=0x501065e, hrgn=0x550407de) returned 2
[0303.708] DeleteObject (ho=0xd2040807) returned 1
[0303.708] DeleteObject (ho=0x550407de) returned 1
[0303.708] OffsetViewportOrgEx (in: hdc=0x501065e, x=0, y=0, lppt=0x2e944ec | out: lppt=0x2e944ec) returned 1
[0303.708] IsAppThemed () returned 0x1
[0303.708] GetThemeAppProperties () returned 0x3
[0303.708] GetThemeAppProperties () returned 0x3
[0303.708] GetThemeBackgroundContentRect () returned 0x0
[0303.708] RestoreDC (hdc=0x501065e, nSavedDC=-1) returned 1
[0303.708] GdipReleaseDC (graphics=0x6600030, hdc=0x501065e) returned 0x0
[0303.708] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0303.708] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0303.708] GdipFillRectangleI (graphics=0x6600030, brush=0x6631910, x=4, y=4, width=67, height=15) returned 0x0
[0303.708] GdipDeleteBrush (brush=0x6631910) returned 0x0
[0303.708] IsAppThemed () returned 0x1
[0303.708] GetThemeAppProperties () returned 0x3
[0303.708] GetThemeAppProperties () returned 0x3
[0303.708] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0303.708] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0303.708] GetCurrentObject (hdc=0x501065e, type=0x1) returned 0xb00017
[0303.708] GetCurrentObject (hdc=0x501065e, type=0x2) returned 0x900010
[0303.708] GetCurrentObject (hdc=0x501065e, type=0x7) returned 0x4a0507fe
[0303.709] GetCurrentObject (hdc=0x501065e, type=0x6) returned 0x8a01c2
[0303.709] SaveDC (hdc=0x501065e) returned 1
[0303.709] GetTextAlign (hdc=0x501065e) returned 0x0
[0303.709] GetTextColor (hdc=0x501065e) returned 0x0
[0303.709] GetCurrentObject (hdc=0x501065e, type=0x6) returned 0x8a01c2
[0303.709] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0303.709] SelectObject (hdc=0x501065e, h=0x6d0a0520) returned 0x8a01c2
[0303.709] GetBkMode (hdc=0x501065e) returned 2
[0303.709] SetBkMode (hdc=0x501065e, mode=1) returned 2
[0303.709] DrawTextExW (in: hdc=0x501065e, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e948b0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0303.709] DrawTextExW (in: hdc=0x501065e, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e948b0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0303.710] RestoreDC (hdc=0x501065e, nSavedDC=-1) returned 1
[0303.710] GdipReleaseDC (graphics=0x6600030, hdc=0x501065e) returned 0x0
[0303.710] GetFocus () returned 0x3702d8
[0303.710] IsAppThemed () returned 0x1
[0303.710] GetThemeAppProperties () returned 0x3
[0303.710] GetThemeAppProperties () returned 0x3
[0303.710] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0303.710] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x501065e, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.710] GdipReleaseDC (graphics=0x6600030, hdc=0x501065e) returned 0x0
[0303.710] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.711] SelectObject (hdc=0x501065e, h=0x85000f) returned 0x4a0507fe
[0303.711] DeleteDC (hdc=0x501065e) returned 1
[0303.711] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.711] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0303.711] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.711] IsWindowUnicode (hWnd=0x2a02d0) returned 1
[0303.711] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.711] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.711] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.711] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.711] IsWindowUnicode (hWnd=0x2a02d0) returned 1
[0303.711] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.712] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.712] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.712] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x2a1, wParam=0x0, lParam=0xc001b) returned 0x0
[0303.712] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0303.712] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0303.712] WaitMessage () returned 1
[0303.736] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.736] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.737] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.737] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.737] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.742] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.743] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.743] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.743] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.743] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.743] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.743] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.743] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.743] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.743] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.744] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.744] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.744] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.744] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.744] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.744] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.744] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.744] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.744] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.745] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.745] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.745] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.745] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.745] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.745] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.745] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0303.746] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0303.746] WaitMessage () returned 1
[0303.788] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.788] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.788] IsWindowUnicode (hWnd=0x2a02d0) returned 1
[0303.788] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.788] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.788] GetDlgItem (hDlg=0x2b02ce, nIDDlgItem=0) returned 0x0
[0303.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x210, wParam=0x201, lParam=0x6a00fc) returned 0x0
[0303.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x21, wParam=0x2b02ce, lParam=0x2010001) returned 0x1
[0303.789] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x21, wParam=0x2b02ce, lParam=0x2010001) returned 0x1
[0303.789] SetCursor (hCursor=0x10003) returned 0x10003
[0303.789] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.789] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.789] GetKeyState (nVirtKey=1) returned -127
[0303.789] GetKeyState (nVirtKey=2) returned 0
[0303.789] GetKeyState (nVirtKey=4) returned 0
[0303.789] GetKeyState (nVirtKey=5) returned 0
[0303.789] GetKeyState (nVirtKey=6) returned 0
[0303.789] IsWindowVisible (hWnd=0x2a02d0) returned 1
[0303.789] IsWindowEnabled (hWnd=0x2a02d0) returned 1
[0303.789] SetFocus (hWnd=0x2a02d0) returned 0x3702d8
[0303.790] GetFocus () returned 0x2a02d0
[0303.790] IsChild (hWndParent=0x2b02ce, hWnd=0x2a02d0) returned 1
[0303.790] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x8, wParam=0x2a02d0, lParam=0x0) returned 0x0
[0303.790] GetCapture () returned 0x0
[0303.790] InvalidateRect (hWnd=0x3702d8, lpRect=0x0, bErase=0) returned 1
[0303.791] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0303.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0303.794] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.794] InvalidateRect (hWnd=0x3702d8, lpRect=0x0, bErase=0) returned 1
[0303.794] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.794] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x7, wParam=0x3702d8, lParam=0x0) returned 0x0
[0303.794] GetStockObject (i=5) returned 0x900015
[0303.794] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0303.794] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0303.794] GetDlgItem (hDlg=0x2b02ce, nIDDlgItem=2753232) returned 0x2a02d0
[0303.794] SendMessageW (hWnd=0x2a02d0, Msg=0x202b, wParam=0x2a02d0, lParam=0xd7dddc) returned 0x0
[0303.794] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x202b, wParam=0x2a02d0, lParam=0xd7dddc) returned 0x0
[0303.794] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.796] GetFocus () returned 0x2a02d0
[0303.796] GetFocus () returned 0x2a02d0
[0303.796] GetFocus () returned 0x2a02d0
[0303.796] GetKeyState (nVirtKey=1) returned -127
[0303.796] GetKeyState (nVirtKey=2) returned 0
[0303.796] GetKeyState (nVirtKey=4) returned 0
[0303.796] GetKeyState (nVirtKey=5) returned 0
[0303.796] GetKeyState (nVirtKey=6) returned 0
[0303.796] GetCapture () returned 0x0
[0303.796] SetCapture (hWnd=0x2a02d0) returned 0x0
[0303.796] GetKeyState (nVirtKey=1) returned -127
[0303.796] GetKeyState (nVirtKey=2) returned 0
[0303.796] GetKeyState (nVirtKey=4) returned 0
[0303.796] GetKeyState (nVirtKey=5) returned 0
[0303.796] GetKeyState (nVirtKey=6) returned 0
[0303.796] NotifyWinEvent (event=0x800a, hwnd=0x2a02d0, idObject=-4, idChild=0)
[0303.796] InvalidateRect (hWnd=0x2a02d0, lpRect=0xd7e430, bErase=0) returned 1
[0303.796] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.796] IsWindowUnicode (hWnd=0x2a02d0) returned 1
[0303.796] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.797] TranslateMessage (lpMsg=0xd7e808) returned 0
[0303.797] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0303.797] MapWindowPoints (in: hWndFrom=0x2a02d0, hWndTo=0x0, lpPoints=0x2e94ae8, cPoints=0x1 | out: lpPoints=0x2e94ae8) returned 30999254
[0303.797] NotifyWinEvent (event=0x800a, hwnd=0x2a02d0, idObject=-4, idChild=0)
[0303.797] InvalidateRect (hWnd=0x2a02d0, lpRect=0xd7e3d0, bErase=0) returned 1
[0303.797] UpdateWindow (hWnd=0x2a02d0) returned 1
[0303.797] BeginPaint (in: hWnd=0x2a02d0, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0303.797] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.797] CreateCompatibleDC (hdc=0x10105d6) returned 0x760107eb
[0303.797] SelectObject (hdc=0x760107eb, h=0x4a0507fe) returned 0x85000f
[0303.797] GdipCreateFromHDC (hdc=0x760107eb, graphics=0xd7df00) returned 0x0
[0303.797] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.797] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0303.797] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0303.797] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0303.797] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df60) returned 0x0
[0303.797] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.797] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eec58) returned 0x0
[0303.798] LocalFree (hMem=0x11eec58) returned 0x0
[0303.798] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0303.798] GdipCreateRegion (region=0xd7df48) returned 0x0
[0303.798] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.798] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0303.798] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0303.798] GdipRestoreGraphics (graphics=0x6600030, state=0xf57c0dbd) returned 0x0
[0303.798] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.798] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0303.798] GetCurrentObject (hdc=0x760107eb, type=0x1) returned 0xb00017
[0303.798] GetCurrentObject (hdc=0x760107eb, type=0x2) returned 0x900010
[0303.798] GetCurrentObject (hdc=0x760107eb, type=0x7) returned 0x4a0507fe
[0303.798] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.798] SaveDC (hdc=0x760107eb) returned 1
[0303.798] GetNearestColor (hdc=0x760107eb, color=0xf0f0f0) returned 0xf0f0f0
[0303.798] GetNearestColor (hdc=0x760107eb, color=0xa0a0a0) returned 0xa0a0a0
[0303.798] GetNearestColor (hdc=0x760107eb, color=0x696969) returned 0x696969
[0303.798] GetNearestColor (hdc=0x760107eb, color=0xa0a0a0) returned 0xa0a0a0
[0303.798] GetNearestColor (hdc=0x760107eb, color=0x0) returned 0x0
[0303.799] GetNearestColor (hdc=0x760107eb, color=0xffffff) returned 0xffffff
[0303.799] GetNearestColor (hdc=0x760107eb, color=0xe5e5e5) returned 0xe5e5e5
[0303.799] GetNearestColor (hdc=0x760107eb, color=0xd7d7d7) returned 0xd7d7d7
[0303.799] GetNearestColor (hdc=0x760107eb, color=0x0) returned 0x0
[0303.799] RestoreDC (hdc=0x760107eb, nSavedDC=-1) returned 1
[0303.799] GdipReleaseDC (graphics=0x6600030, hdc=0x760107eb) returned 0x0
[0303.799] IsAppThemed () returned 0x1
[0303.799] GetThemeAppProperties () returned 0x3
[0303.799] GetThemeAppProperties () returned 0x3
[0303.799] IsAppThemed () returned 0x1
[0303.799] GetThemeAppProperties () returned 0x3
[0303.799] GetThemeAppProperties () returned 0x3
[0303.799] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e95240 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0303.799] IsAppThemed () returned 0x1
[0303.799] GetThemeAppProperties () returned 0x3
[0303.799] GetThemeAppProperties () returned 0x3
[0303.799] IsAppThemed () returned 0x1
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] IsAppThemed () returned 0x1
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] IsAppThemed () returned 0x1
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] IsThemePartDefined () returned 0x1
[0303.800] IsAppThemed () returned 0x1
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.800] IsAppThemed () returned 0x1
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] IsAppThemed () returned 0x1
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] GetThemeAppProperties () returned 0x3
[0303.800] IsThemePartDefined () returned 0x1
[0303.800] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0303.800] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0303.800] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0303.800] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0303.800] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dc7c) returned 0x0
[0303.800] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0303.800] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee8d8) returned 0x0
[0303.800] LocalFree (hMem=0x11ee8d8) returned 0x0
[0303.801] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0303.801] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0303.801] LocalFree (hMem=0x11ee868) returned 0x0
[0303.801] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0303.801] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0303.801] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0303.801] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0303.801] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0303.801] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0303.801] GetCurrentObject (hdc=0x760107eb, type=0x1) returned 0xb00017
[0303.801] GetCurrentObject (hdc=0x760107eb, type=0x2) returned 0x900010
[0303.801] GetCurrentObject (hdc=0x760107eb, type=0x7) returned 0x4a0507fe
[0303.801] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.801] SaveDC (hdc=0x760107eb) returned 1
[0303.801] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x560407de
[0303.801] GetClipRgn (hdc=0x760107eb, hrgn=0x560407de) returned 0
[0303.801] SelectClipRgn (hdc=0x760107eb, hrgn=0xd6040807) returned 2
[0303.801] DeleteObject (ho=0x560407de) returned 1
[0303.801] DeleteObject (ho=0xd6040807) returned 1
[0303.801] OffsetViewportOrgEx (in: hdc=0x760107eb, x=0, y=0, lppt=0x2e958f0 | out: lppt=0x2e958f0) returned 1
[0303.801] DrawThemeParentBackground () returned 0x0
[0303.802] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0303.802] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0303.802] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.802] GetSystemMetrics (nIndex=42) returned 0
[0303.802] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0303.802] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0303.802] GetCurrentObject (hdc=0x760107eb, type=0x1) returned 0xb00017
[0303.802] GetCurrentObject (hdc=0x760107eb, type=0x2) returned 0x900010
[0303.802] GetCurrentObject (hdc=0x760107eb, type=0x7) returned 0x4a0507fe
[0303.802] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.802] SaveDC (hdc=0x760107eb) returned 2
[0303.802] GetNearestColor (hdc=0x760107eb, color=0xf0f0f0) returned 0xf0f0f0
[0303.802] CreateSolidBrush (color=0xf0f0f0) returned 0x6f1007e1
[0303.802] FillRect (hDC=0x760107eb, lprc=0xd7d6c8, hbr=0x6f1007e1) returned 1
[0303.802] DeleteObject (ho=0x6f1007e1) returned 1
[0303.802] RestoreDC (hdc=0x760107eb, nSavedDC=-1) returned 1
[0303.802] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.802] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.803] GetSystemMetrics (nIndex=42) returned 0
[0303.803] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0303.803] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0303.803] GetCurrentObject (hdc=0x760107eb, type=0x1) returned 0xb00017
[0303.803] GetCurrentObject (hdc=0x760107eb, type=0x2) returned 0x900010
[0303.803] GetCurrentObject (hdc=0x760107eb, type=0x7) returned 0x4a0507fe
[0303.803] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.803] SaveDC (hdc=0x760107eb) returned 2
[0303.803] GetNearestColor (hdc=0x760107eb, color=0xf0f0f0) returned 0xf0f0f0
[0303.803] CreateSolidBrush (color=0xf0f0f0) returned 0x701007e1
[0303.803] FillRect (hDC=0x760107eb, lprc=0xd7d668, hbr=0x701007e1) returned 1
[0303.803] DeleteObject (ho=0x701007e1) returned 1
[0303.803] RestoreDC (hdc=0x760107eb, nSavedDC=-1) returned 1
[0303.803] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.803] GetSystemMetrics (nIndex=42) returned 0
[0303.803] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.803] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0303.804] RestoreDC (hdc=0x760107eb, nSavedDC=-1) returned 1
[0303.804] GdipReleaseDC (graphics=0x6600030, hdc=0x760107eb) returned 0x0
[0303.804] IsAppThemed () returned 0x1
[0303.804] GetThemeAppProperties () returned 0x3
[0303.804] GetThemeAppProperties () returned 0x3
[0303.804] IsAppThemed () returned 0x1
[0303.804] GetThemeAppProperties () returned 0x3
[0303.804] GetThemeAppProperties () returned 0x3
[0303.804] IsThemePartDefined () returned 0x1
[0303.804] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0303.804] GdipGetClip (graphics=0x6600030, region=0x6645758) returned 0x0
[0303.804] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0303.804] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0303.804] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc00) returned 0x0
[0303.804] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0303.804] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0303.804] LocalFree (hMem=0x11ee910) returned 0x0
[0303.804] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.804] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0303.804] LocalFree (hMem=0x11eec58) returned 0x0
[0303.804] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0303.804] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0303.804] GdipIsInfiniteRegion (region=0x6645758, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0303.805] GdipGetRegionHRgn (region=0x6645758, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0303.805] GdipDeleteRegion (region=0x6645758) returned 0x0
[0303.805] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0303.805] GetCurrentObject (hdc=0x760107eb, type=0x1) returned 0xb00017
[0303.805] GetCurrentObject (hdc=0x760107eb, type=0x2) returned 0x900010
[0303.805] GetCurrentObject (hdc=0x760107eb, type=0x7) returned 0x4a0507fe
[0303.805] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.805] SaveDC (hdc=0x760107eb) returned 1
[0303.805] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd7040807
[0303.805] GetClipRgn (hdc=0x760107eb, hrgn=0xd7040807) returned 0
[0303.805] SelectClipRgn (hdc=0x760107eb, hrgn=0x580407de) returned 2
[0303.805] DeleteObject (ho=0xd7040807) returned 1
[0303.805] DeleteObject (ho=0x580407de) returned 1
[0303.805] OffsetViewportOrgEx (in: hdc=0x760107eb, x=0, y=0, lppt=0x2e9619c | out: lppt=0x2e9619c) returned 1
[0303.805] IsAppThemed () returned 0x1
[0303.805] GetThemeAppProperties () returned 0x3
[0303.805] GetThemeAppProperties () returned 0x3
[0303.805] DrawThemeBackground () returned 0x0
[0303.805] RestoreDC (hdc=0x760107eb, nSavedDC=-1) returned 1
[0303.805] GdipReleaseDC (graphics=0x6600030, hdc=0x760107eb) returned 0x0
[0303.805] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0303.806] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0303.806] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0303.806] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0303.806] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7dc04) returned 0x0
[0303.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0303.806] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0303.806] LocalFree (hMem=0x11ee868) returned 0x0
[0303.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0303.806] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee8d8) returned 0x0
[0303.806] LocalFree (hMem=0x11ee8d8) returned 0x0
[0303.806] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0303.806] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0303.806] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0303.806] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0303.806] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0303.806] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0303.806] GetCurrentObject (hdc=0x760107eb, type=0x1) returned 0xb00017
[0303.806] GetCurrentObject (hdc=0x760107eb, type=0x2) returned 0x900010
[0303.806] GetCurrentObject (hdc=0x760107eb, type=0x7) returned 0x4a0507fe
[0303.806] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.806] SaveDC (hdc=0x760107eb) returned 1
[0303.806] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x590407de
[0303.806] GetClipRgn (hdc=0x760107eb, hrgn=0x590407de) returned 0
[0303.807] SelectClipRgn (hdc=0x760107eb, hrgn=0xd8040807) returned 2
[0303.807] DeleteObject (ho=0x590407de) returned 1
[0303.807] DeleteObject (ho=0xd8040807) returned 1
[0303.807] OffsetViewportOrgEx (in: hdc=0x760107eb, x=0, y=0, lppt=0x2e96470 | out: lppt=0x2e96470) returned 1
[0303.807] IsAppThemed () returned 0x1
[0303.807] GetThemeAppProperties () returned 0x3
[0303.807] GetThemeAppProperties () returned 0x3
[0303.807] GetThemeBackgroundContentRect () returned 0x0
[0303.807] RestoreDC (hdc=0x760107eb, nSavedDC=-1) returned 1
[0303.807] GdipReleaseDC (graphics=0x6600030, hdc=0x760107eb) returned 0x0
[0303.807] IsAppThemed () returned 0x1
[0303.807] GetThemeAppProperties () returned 0x3
[0303.807] GetThemeAppProperties () returned 0x3
[0303.807] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0303.807] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0303.807] GetCurrentObject (hdc=0x760107eb, type=0x1) returned 0xb00017
[0303.807] GetCurrentObject (hdc=0x760107eb, type=0x2) returned 0x900010
[0303.807] GetCurrentObject (hdc=0x760107eb, type=0x7) returned 0x4a0507fe
[0303.807] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.807] SaveDC (hdc=0x760107eb) returned 1
[0303.807] GetTextAlign (hdc=0x760107eb) returned 0x0
[0303.807] GetTextColor (hdc=0x760107eb) returned 0x0
[0303.808] GetCurrentObject (hdc=0x760107eb, type=0x6) returned 0x8a01c2
[0303.808] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0303.808] SelectObject (hdc=0x760107eb, h=0x6d0a0520) returned 0x8a01c2
[0303.808] GetBkMode (hdc=0x760107eb) returned 2
[0303.808] SetBkMode (hdc=0x760107eb, mode=1) returned 2
[0303.808] DrawTextExW (in: hdc=0x760107eb, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e96810 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0303.808] DrawTextExW (in: hdc=0x760107eb, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e96810 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0303.808] RestoreDC (hdc=0x760107eb, nSavedDC=-1) returned 1
[0303.808] GdipReleaseDC (graphics=0x6600030, hdc=0x760107eb) returned 0x0
[0303.808] GetFocus () returned 0x2a02d0
[0303.809] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0303.809] SendMessageW (hWnd=0x2b02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0303.809] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0303.809] IsAppThemed () returned 0x1
[0303.809] GetThemeAppProperties () returned 0x3
[0303.809] GetThemeAppProperties () returned 0x3
[0303.809] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0303.809] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x760107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.809] GdipReleaseDC (graphics=0x6600030, hdc=0x760107eb) returned 0x0
[0303.809] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.809] SelectObject (hdc=0x760107eb, h=0x85000f) returned 0x4a0507fe
[0303.809] DeleteDC (hdc=0x760107eb) returned 1
[0303.809] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.813] EndPaint (hWnd=0x2a02d0, lpPaint=0xd7dee4) returned 1
[0303.813] MapWindowPoints (in: hWndFrom=0x2a02d0, hWndTo=0x0, lpPoints=0x2e9690c, cPoints=0x1 | out: lpPoints=0x2e9690c) returned 30999254
[0303.813] WindowFromPoint (Point=0x2f1) returned 0x2a02d0
[0303.813] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.813] NotifyWinEvent (event=0x800a, hwnd=0x2a02d0, idObject=-4, idChild=0)
[0303.813] NotifyWinEvent (event=0x800c, hwnd=0x2a02d0, idObject=-4, idChild=0)
[0303.813] GetCapture () returned 0x2a02d0
[0303.813] ReleaseCapture () returned 1
[0303.813] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0303.813] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0303.814] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.814] IsWindow (hWnd=0x7005c) returned 1
[0303.814] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0303.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0303.814] IsWindow (hWnd=0x2b02ce) returned 1
[0303.814] SetActiveWindow (hWnd=0x2b02ce) returned 0x2b02ce
[0303.814] IsWindow (hWnd=0x2b02ce) returned 1
[0303.814] SetFocus (hWnd=0x2b02ce) returned 0x2a02d0
[0303.815] GetFocus () returned 0x2b02ce
[0303.815] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x8, wParam=0x2b02ce, lParam=0x0) returned 0x0
[0303.815] GetCapture () returned 0x0
[0303.815] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.816] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0303.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0303.818] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.818] GetFocus () returned 0x2b02ce
[0303.818] SetFocus (hWnd=0x2a02d0) returned 0x2b02ce
[0303.818] GetFocus () returned 0x2a02d0
[0303.818] IsChild (hWndParent=0x2b02ce, hWnd=0x2a02d0) returned 1
[0303.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x8, wParam=0x2a02d0, lParam=0x0) returned 0x0
[0303.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0303.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0303.821] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.821] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x7, wParam=0x2b02ce, lParam=0x0) returned 0x0
[0303.822] GetStockObject (i=5) returned 0x900015
[0303.822] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0303.822] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0xd, wParam=0xa, lParam=0x11f57a0) returned 0x9
[0303.822] GetDlgItem (hDlg=0x2b02ce, nIDDlgItem=2753232) returned 0x2a02d0
[0303.822] SendMessageW (hWnd=0x2a02d0, Msg=0x202b, wParam=0x2a02d0, lParam=0xd7ddcc) returned 0x0
[0303.822] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x202b, wParam=0x2a02d0, lParam=0xd7ddcc) returned 0x0
[0303.822] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.823] GetWindowLongW (hWnd=0x2b02ce, nIndex=-8) returned 458844
[0303.823] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0303.823] GetCurrentThreadId () returned 0xf50
[0303.823] IsWindow (hWnd=0x7005c) returned 1
[0303.823] IsWindow (hWnd=0x7005c) returned 1
[0303.823] IsWindowVisible (hWnd=0x7005c) returned 1
[0303.823] SetActiveWindow (hWnd=0x7005c) returned 0x2b02ce
[0303.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0303.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.825] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.826] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0303.826] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0303.827] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0303.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0303.827] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0303.827] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0303.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2b02ce) returned 0x1
[0303.831] GetFocus () returned 0x2a02d0
[0303.831] SetFocus (hWnd=0x602c4) returned 0x2a02d0
[0303.831] GetFocus () returned 0x602c4
[0303.831] IsChild (hWndParent=0x2b02ce, hWnd=0x602c4) returned 0
[0303.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0303.831] GetCapture () returned 0x0
[0303.831] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.832] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0303.833] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0303.834] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0303.834] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.834] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0303.835] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0303.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2a02d0, lParam=0x0) returned 0x0
[0303.835] GetStockObject (i=5) returned 0x900015
[0303.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0303.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed800) returned 0xc
[0303.835] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0303.835] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0303.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0303.835] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0303.837] GetFocus () returned 0x602c4
[0303.837] IsChild (hWndParent=0x2b02ce, hWnd=0x602c4) returned 0
[0303.837] ShowWindow (hWnd=0x2b02ce, nCmdShow=0) returned 1
[0303.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0303.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0303.838] GetWindowPlacement (in: hWnd=0x2b02ce, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0303.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0303.838] GetClientRect (in: hWnd=0x2b02ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0303.838] GetWindowRect (in: hWnd=0x2b02ce, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0303.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0303.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0303.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0303.839] GetWindowLongW (hWnd=0x2b02ce, nIndex=-20) returned 327945
[0303.839] DestroyWindow (hWnd=0x2b02ce) returned 1
[0303.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0303.840] GetWindowTextLengthW (hWnd=0x2b02ce) returned 13
[0303.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.840] GetSystemMetrics (nIndex=42) returned 0
[0303.840] GetWindowTextW (in: hWnd=0x2b02ce, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0303.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0303.840] GetWindowTextLengthW (hWnd=0x3502da) returned 0
[0303.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0303.840] GetSystemMetrics (nIndex=42) returned 0
[0303.840] GetWindowTextW (in: hWnd=0x3502da, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0303.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0303.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0303.840] GetWindowThreadProcessId (in: hWnd=0x3800ea, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0303.849] GetWindow (hWnd=0x3800ea, uCmd=0x5) returned 0x0
[0303.849] GetWindowLongW (hWnd=0x3800ea, nIndex=-20) returned 65792
[0303.849] DestroyWindow (hWnd=0x3800ea) returned 1
[0303.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0303.850] GetWindowTextLengthW (hWnd=0x3800ea) returned 25
[0303.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0303.850] GetSystemMetrics (nIndex=42) returned 0
[0303.850] GetWindowTextW (in: hWnd=0x3800ea, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0303.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0303.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0303.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3800ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.851] GetWindowTextLengthW (hWnd=0x3502dc) returned 232
[0303.851] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0303.851] GetSystemMetrics (nIndex=42) returned 0
[0303.851] GetWindowTextW (in: hWnd=0x3502dc, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0303.851] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0303.851] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0303.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0303.851] InvalidateRect (hWnd=0x2a02d0, lpRect=0x0, bErase=0) returned 1
[0303.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0303.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0303.852] SendMessageW (hWnd=0x3502de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0303.852] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0303.852] SendMessageW (hWnd=0x3502de, Msg=0xb0, wParam=0x2e627e8, lParam=0xd7e480) returned 0x0
[0303.852] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0xb0, wParam=0x2e627e8, lParam=0xd7e480) returned 0x0
[0303.852] GetWindowTextLengthW (hWnd=0x3502de) returned 4363
[0303.852] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0303.852] GetSystemMetrics (nIndex=42) returned 0
[0303.852] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0303.852] GetWindowTextW (in: hWnd=0x3502de, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0303.852] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0303.852] CoTaskMemFree (pv=0x1202960)
[0303.855] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0303.856] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3502da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.857] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3502dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.858] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.858] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2a02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.860] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.860] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3502de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.861] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0303.862] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.863] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.863] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.863] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.863] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.863] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.863] IsWindowUnicode (hWnd=0x7005c) returned 1
[0303.863] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.863] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.863] SetCursor (hCursor=0x10003) returned 0x10003
[0303.864] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.864] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.864] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0303.864] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0303.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0303.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100233) returned 0x0
[0303.864] GetKeyState (nVirtKey=1) returned 1
[0303.864] GetKeyState (nVirtKey=2) returned 0
[0303.864] GetKeyState (nVirtKey=4) returned 0
[0303.864] GetKeyState (nVirtKey=5) returned 0
[0303.864] GetKeyState (nVirtKey=6) returned 0
[0303.864] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.864] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.865] IsWindowUnicode (hWnd=0x7005c) returned 1
[0303.865] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.865] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.865] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.865] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.865] IsWindowUnicode (hWnd=0x7005c) returned 1
[0303.865] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e502f1) returned 0x1
[0303.865] SetCursor (hCursor=0x10003) returned 0x10003
[0303.865] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.865] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.865] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x1100233) returned 0x0
[0303.865] GetKeyState (nVirtKey=1) returned 1
[0303.865] GetKeyState (nVirtKey=2) returned 0
[0303.865] GetKeyState (nVirtKey=4) returned 0
[0303.866] GetKeyState (nVirtKey=5) returned 0
[0303.866] GetKeyState (nVirtKey=6) returned 0
[0303.866] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.866] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.866] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.866] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.866] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.866] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.867] IsWindowUnicode (hWnd=0x602c4) returned 1
[0303.867] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.867] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.867] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.867] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0303.867] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.867] CreateCompatibleDC (hdc=0x10105d6) returned 0xaa010793
[0303.867] SelectObject (hdc=0xaa010793, h=0x4a0507fe) returned 0x85000f
[0303.867] GdipCreateFromHDC (hdc=0xaa010793, graphics=0xd7e798) returned 0x0
[0303.867] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0303.867] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0303.867] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0303.868] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0303.868] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e7f8) returned 0x0
[0303.868] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0303.868] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eed00) returned 0x0
[0303.868] LocalFree (hMem=0x11eed00) returned 0x0
[0303.868] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0303.868] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0303.868] GdipGetClip (graphics=0x6600030, region=0x6645c68) returned 0x0
[0303.868] GdipIsInfiniteRegion (region=0x6645c68, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0303.868] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0303.868] GdipRestoreGraphics (graphics=0x6600030, state=0xf57a0dbd) returned 0x0
[0303.868] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0303.868] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0303.868] GetCurrentObject (hdc=0xaa010793, type=0x1) returned 0xb00017
[0303.868] GetCurrentObject (hdc=0xaa010793, type=0x2) returned 0x900010
[0303.868] GetCurrentObject (hdc=0xaa010793, type=0x7) returned 0x4a0507fe
[0303.868] GetCurrentObject (hdc=0xaa010793, type=0x6) returned 0x8a01c2
[0303.868] SaveDC (hdc=0xaa010793) returned 1
[0303.868] GetNearestColor (hdc=0xaa010793, color=0xff) returned 0xff
[0303.868] GetNearestColor (hdc=0xaa010793, color=0x55) returned 0x55
[0303.869] GetNearestColor (hdc=0xaa010793, color=0x0) returned 0x0
[0303.869] GetNearestColor (hdc=0xaa010793, color=0x55) returned 0x55
[0303.869] GetNearestColor (hdc=0xaa010793, color=0x0) returned 0x0
[0303.869] GetNearestColor (hdc=0xaa010793, color=0x8080ff) returned 0x8080ff
[0303.869] GetNearestColor (hdc=0xaa010793, color=0x7373e5) returned 0x7373e5
[0303.869] GetNearestColor (hdc=0xaa010793, color=0xe5) returned 0xe5
[0303.869] GetNearestColor (hdc=0xaa010793, color=0x0) returned 0x0
[0303.869] RestoreDC (hdc=0xaa010793, nSavedDC=-1) returned 1
[0303.869] GdipReleaseDC (graphics=0x6600030, hdc=0xaa010793) returned 0x0
[0303.869] IsAppThemed () returned 0x1
[0303.869] GetThemeAppProperties () returned 0x3
[0303.869] GetThemeAppProperties () returned 0x3
[0303.869] IsAppThemed () returned 0x1
[0303.869] GetThemeAppProperties () returned 0x3
[0303.869] GetThemeAppProperties () returned 0x3
[0303.869] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2cd00a8 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0303.870] IsAppThemed () returned 0x1
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] IsAppThemed () returned 0x1
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetFocus () returned 0x602c4
[0303.870] IsAppThemed () returned 0x1
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] IsAppThemed () returned 0x1
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] IsThemePartDefined () returned 0x1
[0303.870] IsAppThemed () returned 0x1
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0303.870] IsAppThemed () returned 0x1
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] IsAppThemed () returned 0x1
[0303.870] GetThemeAppProperties () returned 0x3
[0303.870] GetThemeAppProperties () returned 0x3
[0303.871] IsThemePartDefined () returned 0x1
[0303.871] GdipCreateRegion (region=0xd7e508) returned 0x0
[0303.871] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0303.871] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0303.871] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0303.871] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e520) returned 0x0
[0303.871] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0303.871] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0303.871] LocalFree (hMem=0x11ee9f0) returned 0x0
[0303.871] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.871] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0303.871] LocalFree (hMem=0x11eec58) returned 0x0
[0303.871] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0303.871] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e548) returned 0x0
[0303.871] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e538) returned 0x0
[0303.871] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0303.871] GdipDeleteRegion (region=0x6645998) returned 0x0
[0303.871] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0303.871] GetCurrentObject (hdc=0xaa010793, type=0x1) returned 0xb00017
[0303.871] GetCurrentObject (hdc=0xaa010793, type=0x2) returned 0x900010
[0303.871] GetCurrentObject (hdc=0xaa010793, type=0x7) returned 0x4a0507fe
[0303.871] GetCurrentObject (hdc=0xaa010793, type=0x6) returned 0x8a01c2
[0303.871] SaveDC (hdc=0xaa010793) returned 1
[0303.872] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd9040807
[0303.872] GetClipRgn (hdc=0xaa010793, hrgn=0xd9040807) returned 0
[0303.872] SelectClipRgn (hdc=0xaa010793, hrgn=0x5d0407de) returned 2
[0303.872] DeleteObject (ho=0xd9040807) returned 1
[0303.872] DeleteObject (ho=0x5d0407de) returned 1
[0303.879] OffsetViewportOrgEx (in: hdc=0xaa010793, x=0, y=0, lppt=0x2cd0758 | out: lppt=0x2cd0758) returned 1
[0303.879] DrawThemeParentBackground () returned 0x0
[0303.879] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0303.879] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0303.879] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.879] GetSystemMetrics (nIndex=42) returned 0
[0303.879] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0303.879] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0303.879] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0303.879] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0303.880] SelectPalette (hdc=0xaa010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.880] GdipCreateFromHDC (hdc=0xaa010793, graphics=0xd7dff8) returned 0x0
[0303.880] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.880] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0303.880] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638a88) returned 0x0
[0303.880] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfd0) returned 0x0
[0303.880] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0303.880] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0303.880] GdipGetClip (graphics=0x6631910, region=0x6645638) returned 0x0
[0303.880] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6631910, result=0xd7dfc4) returned 0x0
[0303.880] GdipDeleteRegion (region=0x6645638) returned 0x0
[0303.880] GdipSaveGraphics (graphics=0x6631910, state=0xd7dff0) returned 0x0
[0303.880] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0303.887] GdipFillRectangleI (graphics=0x6631910, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0303.890] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0303.892] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.892] SelectPalette (hdc=0xaa010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.892] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.892] GetSystemMetrics (nIndex=42) returned 0
[0303.892] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0303.892] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0303.892] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0303.892] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0303.892] SelectPalette (hdc=0xaa010793, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0303.892] GdipCreateFromHDC (hdc=0xaa010793, graphics=0xd7df98) returned 0x0
[0303.892] GdipSetPageUnit (graphics=0x6631910, unit=0x2) returned 0x0
[0303.893] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0303.893] GdipGetWorldTransform (graphics=0x6631910, matrix=0x6638cf8) returned 0x0
[0303.893] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df70) returned 0x0
[0303.893] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0303.893] GdipCreateRegion (region=0xd7df58) returned 0x0
[0303.893] GdipGetClip (graphics=0x6631910, region=0x66460e8) returned 0x0
[0303.893] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6631910, result=0xd7df64) returned 0x0
[0303.893] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0303.893] GdipSaveGraphics (graphics=0x6631910, state=0xd7df90) returned 0x0
[0303.893] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0303.900] GdipFillRectangleI (graphics=0x6631910, brush=0x664def8, x=0, y=0, width=801, height=453) returned 0x0
[0303.900] GdipDeleteBrush (brush=0x664def8) returned 0x0
[0303.901] GdipRestoreGraphics (graphics=0x6631910, state=0xf5760dbd) returned 0x0
[0303.901] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0303.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0303.901] GetSystemMetrics (nIndex=42) returned 0
[0303.901] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0303.901] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0303.901] GdipDeleteGraphics (graphics=0x6631910) returned 0x0
[0303.901] SelectPalette (hdc=0xaa010793, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.902] RestoreDC (hdc=0xaa010793, nSavedDC=-1) returned 1
[0303.902] GdipReleaseDC (graphics=0x6600030, hdc=0xaa010793) returned 0x0
[0303.902] IsAppThemed () returned 0x1
[0303.902] GetThemeAppProperties () returned 0x3
[0303.902] GetThemeAppProperties () returned 0x3
[0303.902] IsAppThemed () returned 0x1
[0303.902] GetThemeAppProperties () returned 0x3
[0303.902] GetThemeAppProperties () returned 0x3
[0303.902] IsThemePartDefined () returned 0x1
[0303.902] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0303.902] GdipGetClip (graphics=0x6600030, region=0x6645f38) returned 0x0
[0303.902] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0303.902] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0303.902] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e4a4) returned 0x0
[0303.902] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0303.902] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0303.902] LocalFree (hMem=0x11ee868) returned 0x0
[0303.902] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0303.902] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0303.902] LocalFree (hMem=0x11ee868) returned 0x0
[0303.903] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0303.903] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0303.903] GdipIsInfiniteRegion (region=0x6645f38, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0303.903] GdipGetRegionHRgn (region=0x6645f38, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0303.903] GdipDeleteRegion (region=0x6645f38) returned 0x0
[0303.903] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0303.903] GetCurrentObject (hdc=0xaa010793, type=0x1) returned 0xb00017
[0303.903] GetCurrentObject (hdc=0xaa010793, type=0x2) returned 0x900010
[0303.903] GetCurrentObject (hdc=0xaa010793, type=0x7) returned 0x4a0507fe
[0303.903] GetCurrentObject (hdc=0xaa010793, type=0x6) returned 0x8a01c2
[0303.903] SaveDC (hdc=0xaa010793) returned 1
[0303.906] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5e0407de
[0303.906] GetClipRgn (hdc=0xaa010793, hrgn=0x5e0407de) returned 0
[0303.906] SelectClipRgn (hdc=0xaa010793, hrgn=0xdb040807) returned 2
[0303.906] DeleteObject (ho=0x5e0407de) returned 1
[0303.906] DeleteObject (ho=0xdb040807) returned 1
[0303.906] OffsetViewportOrgEx (in: hdc=0xaa010793, x=0, y=0, lppt=0x2cd6fa8 | out: lppt=0x2cd6fa8) returned 1
[0303.906] IsAppThemed () returned 0x1
[0303.906] GetThemeAppProperties () returned 0x3
[0303.906] GetThemeAppProperties () returned 0x3
[0303.907] DrawThemeBackground () returned 0x0
[0303.907] RestoreDC (hdc=0xaa010793, nSavedDC=-1) returned 1
[0303.907] GdipReleaseDC (graphics=0x6600030, hdc=0xaa010793) returned 0x0
[0303.907] GdipCreateRegion (region=0xd7e490) returned 0x0
[0303.907] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0303.907] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0303.907] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0303.907] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e4a8) returned 0x0
[0303.907] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0303.907] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eea98) returned 0x0
[0303.907] LocalFree (hMem=0x11eea98) returned 0x0
[0303.907] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0303.907] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0303.907] LocalFree (hMem=0x11eec58) returned 0x0
[0303.907] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0303.907] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0303.907] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0303.907] GdipGetRegionHRgn (region=0x6645128, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0303.907] GdipDeleteRegion (region=0x6645128) returned 0x0
[0303.907] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0303.907] GetCurrentObject (hdc=0xaa010793, type=0x1) returned 0xb00017
[0303.908] GetCurrentObject (hdc=0xaa010793, type=0x2) returned 0x900010
[0303.908] GetCurrentObject (hdc=0xaa010793, type=0x7) returned 0x4a0507fe
[0303.908] GetCurrentObject (hdc=0xaa010793, type=0x6) returned 0x8a01c2
[0303.908] SaveDC (hdc=0xaa010793) returned 1
[0303.908] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdc040807
[0303.908] GetClipRgn (hdc=0xaa010793, hrgn=0xdc040807) returned 0
[0303.908] SelectClipRgn (hdc=0xaa010793, hrgn=0x5f0407de) returned 2
[0303.908] DeleteObject (ho=0xdc040807) returned 1
[0303.908] DeleteObject (ho=0x5f0407de) returned 1
[0303.908] OffsetViewportOrgEx (in: hdc=0xaa010793, x=0, y=0, lppt=0x2cd727c | out: lppt=0x2cd727c) returned 1
[0303.908] IsAppThemed () returned 0x1
[0303.908] GetThemeAppProperties () returned 0x3
[0303.908] GetThemeAppProperties () returned 0x3
[0303.908] GetThemeBackgroundContentRect () returned 0x0
[0303.908] RestoreDC (hdc=0xaa010793, nSavedDC=-1) returned 1
[0303.908] GdipReleaseDC (graphics=0x6600030, hdc=0xaa010793) returned 0x0
[0303.908] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0303.908] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0303.908] GdipFillRectangleI (graphics=0x6600030, brush=0x6631910, x=4, y=4, width=67, height=15) returned 0x0
[0303.908] GdipDeleteBrush (brush=0x6631910) returned 0x0
[0303.908] IsAppThemed () returned 0x1
[0303.909] GetThemeAppProperties () returned 0x3
[0303.909] GetThemeAppProperties () returned 0x3
[0303.909] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0303.909] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0303.909] GetCurrentObject (hdc=0xaa010793, type=0x1) returned 0xb00017
[0303.909] GetCurrentObject (hdc=0xaa010793, type=0x2) returned 0x900010
[0303.909] GetCurrentObject (hdc=0xaa010793, type=0x7) returned 0x4a0507fe
[0303.909] GetCurrentObject (hdc=0xaa010793, type=0x6) returned 0x8a01c2
[0303.909] SaveDC (hdc=0xaa010793) returned 1
[0303.909] GetTextAlign (hdc=0xaa010793) returned 0x0
[0303.909] GetTextColor (hdc=0xaa010793) returned 0x0
[0303.909] GetCurrentObject (hdc=0xaa010793, type=0x6) returned 0x8a01c2
[0303.909] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0303.909] SelectObject (hdc=0xaa010793, h=0x6d0a0520) returned 0x8a01c2
[0303.909] GetBkMode (hdc=0xaa010793) returned 2
[0303.909] SetBkMode (hdc=0xaa010793, mode=1) returned 2
[0303.909] DrawTextExW (in: hdc=0xaa010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2cd7640 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0303.910] DrawTextExW (in: hdc=0xaa010793, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2cd7640 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0303.910] RestoreDC (hdc=0xaa010793, nSavedDC=-1) returned 1
[0303.910] GdipReleaseDC (graphics=0x6600030, hdc=0xaa010793) returned 0x0
[0303.910] GetFocus () returned 0x602c4
[0303.910] IsAppThemed () returned 0x1
[0303.910] GetThemeAppProperties () returned 0x3
[0303.910] GetThemeAppProperties () returned 0x3
[0303.910] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0303.910] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xaa010793, x1=0, y1=0, rop=0xcc0020) returned 1
[0303.910] GdipReleaseDC (graphics=0x6600030, hdc=0xaa010793) returned 0x0
[0303.911] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0303.911] SelectObject (hdc=0xaa010793, h=0x85000f) returned 0x4a0507fe
[0303.911] DeleteDC (hdc=0xaa010793) returned 1
[0303.911] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0303.911] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0303.911] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.911] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.911] WaitMessage () returned 1
[0303.916] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.916] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.916] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.916] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.916] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.917] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.917] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.917] WaitMessage () returned 1
[0303.954] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.954] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.954] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.955] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.955] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.955] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.955] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.955] WaitMessage () returned 1
[0303.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.959] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.959] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.959] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.959] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.961] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.961] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.961] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.961] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.962] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.962] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.962] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.962] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.962] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.962] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.962] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.962] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0303.963] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.963] WaitMessage () returned 1
[0303.969] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.969] IsWindowUnicode (hWnd=0x7005c) returned 1
[0303.969] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.969] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.969] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.969] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.969] IsWindowUnicode (hWnd=0x7005c) returned 1
[0303.969] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0303.969] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0303.969] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0303.969] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x1100233) returned 0x0
[0303.969] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.969] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0303.969] WaitMessage () returned 1
[0304.148] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0304.149] IsWindowUnicode (hWnd=0x502c6) returned 1
[0304.149] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0304.149] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0304.149] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0304.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0304.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0304.149] WaitMessage () returned 1
[0306.059] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.059] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400ff) returned 0x1
[0306.059] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.059] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.060] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.060] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.060] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0306.060] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.060] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400ff) returned 0x1
[0306.060] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.060] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.060] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400ff) returned 0x1
[0306.060] SetCursor (hCursor=0x10003) returned 0x10003
[0306.060] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.060] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.060] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0306.060] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0306.060] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0306.061] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0306.061] GetKeyState (nVirtKey=1) returned 1
[0306.061] GetKeyState (nVirtKey=2) returned 0
[0306.061] GetKeyState (nVirtKey=4) returned 0
[0306.061] GetKeyState (nVirtKey=5) returned 0
[0306.061] GetKeyState (nVirtKey=6) returned 0
[0306.061] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.061] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.061] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.061] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.061] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.061] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x10105d6
[0306.061] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.061] CreateCompatibleDC (hdc=0x10105d6) returned 0xa80107d3
[0306.061] SelectObject (hdc=0xa80107d3, h=0x4a0507fe) returned 0x85000f
[0306.061] GdipCreateFromHDC (hdc=0xa80107d3, graphics=0xd7e798) returned 0x0
[0306.061] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.062] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0306.062] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0306.062] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0306.062] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e7f8) returned 0x0
[0306.062] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.062] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0306.062] LocalFree (hMem=0x11ee788) returned 0x0
[0306.062] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0306.062] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0306.062] GdipGetClip (graphics=0x6600030, region=0x66469e8) returned 0x0
[0306.062] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0306.062] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0306.062] GdipRestoreGraphics (graphics=0x6600030, state=0xf5740dbd) returned 0x0
[0306.062] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0306.062] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0306.062] GetCurrentObject (hdc=0xa80107d3, type=0x1) returned 0xb00017
[0306.062] GetCurrentObject (hdc=0xa80107d3, type=0x2) returned 0x900010
[0306.062] GetCurrentObject (hdc=0xa80107d3, type=0x7) returned 0x4a0507fe
[0306.062] GetCurrentObject (hdc=0xa80107d3, type=0x6) returned 0x8a01c2
[0306.062] SaveDC (hdc=0xa80107d3) returned 1
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0xff) returned 0xff
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0x55) returned 0x55
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0x0) returned 0x0
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0x55) returned 0x55
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0x0) returned 0x0
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0x8080ff) returned 0x8080ff
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0x7373e5) returned 0x7373e5
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0xe5) returned 0xe5
[0306.063] GetNearestColor (hdc=0xa80107d3, color=0x0) returned 0x0
[0306.063] RestoreDC (hdc=0xa80107d3, nSavedDC=-1) returned 1
[0306.063] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107d3) returned 0x0
[0306.063] IsAppThemed () returned 0x1
[0306.063] GetThemeAppProperties () returned 0x3
[0306.063] GetThemeAppProperties () returned 0x3
[0306.063] IsAppThemed () returned 0x1
[0306.063] GetThemeAppProperties () returned 0x3
[0306.063] GetThemeAppProperties () returned 0x3
[0306.063] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2cd7f20 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0306.064] IsAppThemed () returned 0x1
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] IsAppThemed () returned 0x1
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] IsAppThemed () returned 0x1
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] IsAppThemed () returned 0x1
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] IsThemePartDefined () returned 0x1
[0306.064] IsAppThemed () returned 0x1
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.064] IsAppThemed () returned 0x1
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] IsAppThemed () returned 0x1
[0306.064] GetThemeAppProperties () returned 0x3
[0306.064] GetThemeAppProperties () returned 0x3
[0306.065] IsThemePartDefined () returned 0x1
[0306.065] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0306.065] GdipGetClip (graphics=0x6600030, region=0x6646688) returned 0x0
[0306.065] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0306.065] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0306.065] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e514) returned 0x0
[0306.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.065] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0306.065] LocalFree (hMem=0x11ee868) returned 0x0
[0306.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.065] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee788) returned 0x0
[0306.065] LocalFree (hMem=0x11ee788) returned 0x0
[0306.065] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0306.065] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0306.065] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0306.065] GdipGetRegionHRgn (region=0x6646688, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0306.065] GdipDeleteRegion (region=0x6646688) returned 0x0
[0306.065] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0306.065] GetCurrentObject (hdc=0xa80107d3, type=0x1) returned 0xb00017
[0306.065] GetCurrentObject (hdc=0xa80107d3, type=0x2) returned 0x900010
[0306.065] GetCurrentObject (hdc=0xa80107d3, type=0x7) returned 0x4a0507fe
[0306.065] GetCurrentObject (hdc=0xa80107d3, type=0x6) returned 0x8a01c2
[0306.065] SaveDC (hdc=0xa80107d3) returned 1
[0306.066] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x600407de
[0306.066] GetClipRgn (hdc=0xa80107d3, hrgn=0x600407de) returned 0
[0306.066] SelectClipRgn (hdc=0xa80107d3, hrgn=0xe0040807) returned 2
[0306.066] DeleteObject (ho=0x600407de) returned 1
[0306.066] DeleteObject (ho=0xe0040807) returned 1
[0306.066] OffsetViewportOrgEx (in: hdc=0xa80107d3, x=0, y=0, lppt=0x2cd85d0 | out: lppt=0x2cd85d0) returned 1
[0306.066] DrawThemeParentBackground () returned 0x0
[0306.066] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0306.066] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0306.066] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.066] GetSystemMetrics (nIndex=42) returned 0
[0306.066] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0306.066] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0306.066] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0306.066] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0306.066] SelectPalette (hdc=0xa80107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.066] GdipCreateFromHDC (hdc=0xa80107d3, graphics=0xd7dff0) returned 0x0
[0306.067] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.067] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0306.067] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638db8) returned 0x0
[0306.067] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dfc8) returned 0x0
[0306.067] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0306.067] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0306.067] GdipGetClip (graphics=0x6639e10, region=0x6646688) returned 0x0
[0306.067] GdipIsInfiniteRegion (region=0x6646688, graphics=0x6639e10, result=0xd7dfbc) returned 0x0
[0306.067] GdipDeleteRegion (region=0x6646688) returned 0x0
[0306.067] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dfe8) returned 0x0
[0306.067] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0306.074] GdipFillRectangleI (graphics=0x6639e10, brush=0x664def8, x=0, y=0, width=801, height=453) returned 0x0
[0306.074] GdipDeleteBrush (brush=0x664def8) returned 0x0
[0306.075] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.075] SelectPalette (hdc=0xa80107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.075] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.075] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.075] GetSystemMetrics (nIndex=42) returned 0
[0306.076] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.076] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0306.076] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0306.076] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0306.076] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0306.076] SelectPalette (hdc=0xa80107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.076] GdipCreateFromHDC (hdc=0xa80107d3, graphics=0xd7df90) returned 0x0
[0306.076] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.076] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0306.076] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b78) returned 0x0
[0306.076] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df68) returned 0x0
[0306.076] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0306.076] GdipCreateRegion (region=0xd7df50) returned 0x0
[0306.076] GdipGetClip (graphics=0x6639e10, region=0x6646cb8) returned 0x0
[0306.076] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6639e10, result=0xd7df5c) returned 0x0
[0306.076] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0306.076] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df88) returned 0x0
[0306.076] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0306.083] GdipFillRectangleI (graphics=0x6639e10, brush=0x664db50, x=0, y=0, width=801, height=453) returned 0x0
[0306.083] GdipDeleteBrush (brush=0x664db50) returned 0x0
[0306.084] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5700dbd) returned 0x0
[0306.084] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.084] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.085] GetSystemMetrics (nIndex=42) returned 0
[0306.085] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.085] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0306.085] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.085] SelectPalette (hdc=0xa80107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.085] RestoreDC (hdc=0xa80107d3, nSavedDC=-1) returned 1
[0306.085] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107d3) returned 0x0
[0306.085] IsAppThemed () returned 0x1
[0306.085] GetThemeAppProperties () returned 0x3
[0306.085] GetThemeAppProperties () returned 0x3
[0306.085] IsAppThemed () returned 0x1
[0306.085] GetThemeAppProperties () returned 0x3
[0306.085] GetThemeAppProperties () returned 0x3
[0306.085] IsThemePartDefined () returned 0x1
[0306.085] GdipCreateRegion (region=0xd7e480) returned 0x0
[0306.085] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0306.086] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0306.086] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0306.086] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e498) returned 0x0
[0306.086] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.086] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0306.086] LocalFree (hMem=0x11eec58) returned 0x0
[0306.086] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0306.086] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea28) returned 0x0
[0306.086] LocalFree (hMem=0x11eea28) returned 0x0
[0306.086] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0306.086] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0306.086] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0306.086] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0306.086] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0306.086] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0306.086] GetCurrentObject (hdc=0xa80107d3, type=0x1) returned 0xb00017
[0306.086] GetCurrentObject (hdc=0xa80107d3, type=0x2) returned 0x900010
[0306.086] GetCurrentObject (hdc=0xa80107d3, type=0x7) returned 0x4a0507fe
[0306.086] GetCurrentObject (hdc=0xa80107d3, type=0x6) returned 0x8a01c2
[0306.086] SaveDC (hdc=0xa80107d3) returned 1
[0306.086] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe1040807
[0306.086] GetClipRgn (hdc=0xa80107d3, hrgn=0xe1040807) returned 0
[0306.087] SelectClipRgn (hdc=0xa80107d3, hrgn=0x620407de) returned 2
[0306.087] DeleteObject (ho=0xe1040807) returned 1
[0306.087] DeleteObject (ho=0x620407de) returned 1
[0306.087] OffsetViewportOrgEx (in: hdc=0xa80107d3, x=0, y=0, lppt=0x2cdee20 | out: lppt=0x2cdee20) returned 1
[0306.087] IsAppThemed () returned 0x1
[0306.087] GetThemeAppProperties () returned 0x3
[0306.087] GetThemeAppProperties () returned 0x3
[0306.087] DrawThemeBackground () returned 0x0
[0306.087] RestoreDC (hdc=0xa80107d3, nSavedDC=-1) returned 1
[0306.087] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107d3) returned 0x0
[0306.087] GdipCreateRegion (region=0xd7e484) returned 0x0
[0306.087] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0306.087] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0306.087] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0306.087] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e49c) returned 0x0
[0306.087] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.087] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0306.087] LocalFree (hMem=0x11eec58) returned 0x0
[0306.087] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0306.087] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0306.087] LocalFree (hMem=0x11ee8d8) returned 0x0
[0306.087] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0306.088] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0306.088] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0306.088] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0306.088] GdipDeleteRegion (region=0x6646568) returned 0x0
[0306.088] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0306.088] GetCurrentObject (hdc=0xa80107d3, type=0x1) returned 0xb00017
[0306.088] GetCurrentObject (hdc=0xa80107d3, type=0x2) returned 0x900010
[0306.088] GetCurrentObject (hdc=0xa80107d3, type=0x7) returned 0x4a0507fe
[0306.088] GetCurrentObject (hdc=0xa80107d3, type=0x6) returned 0x8a01c2
[0306.088] SaveDC (hdc=0xa80107d3) returned 1
[0306.088] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x630407de
[0306.088] GetClipRgn (hdc=0xa80107d3, hrgn=0x630407de) returned 0
[0306.088] SelectClipRgn (hdc=0xa80107d3, hrgn=0xe2040807) returned 2
[0306.088] DeleteObject (ho=0x630407de) returned 1
[0306.088] DeleteObject (ho=0xe2040807) returned 1
[0306.088] OffsetViewportOrgEx (in: hdc=0xa80107d3, x=0, y=0, lppt=0x2cdf0f4 | out: lppt=0x2cdf0f4) returned 1
[0306.088] IsAppThemed () returned 0x1
[0306.088] GetThemeAppProperties () returned 0x3
[0306.088] GetThemeAppProperties () returned 0x3
[0306.088] GetThemeBackgroundContentRect () returned 0x0
[0306.088] RestoreDC (hdc=0xa80107d3, nSavedDC=-1) returned 1
[0306.088] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107d3) returned 0x0
[0306.089] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0306.089] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0306.089] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0306.089] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0306.089] IsAppThemed () returned 0x1
[0306.089] GetThemeAppProperties () returned 0x3
[0306.089] GetThemeAppProperties () returned 0x3
[0306.089] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0306.089] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0306.089] GetCurrentObject (hdc=0xa80107d3, type=0x1) returned 0xb00017
[0306.089] GetCurrentObject (hdc=0xa80107d3, type=0x2) returned 0x900010
[0306.089] GetCurrentObject (hdc=0xa80107d3, type=0x7) returned 0x4a0507fe
[0306.089] GetCurrentObject (hdc=0xa80107d3, type=0x6) returned 0x8a01c2
[0306.089] SaveDC (hdc=0xa80107d3) returned 1
[0306.089] GetTextAlign (hdc=0xa80107d3) returned 0x0
[0306.089] GetTextColor (hdc=0xa80107d3) returned 0x0
[0306.089] GetCurrentObject (hdc=0xa80107d3, type=0x6) returned 0x8a01c2
[0306.089] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0306.089] SelectObject (hdc=0xa80107d3, h=0x6d0a0520) returned 0x8a01c2
[0306.089] GetBkMode (hdc=0xa80107d3) returned 2
[0306.090] SetBkMode (hdc=0xa80107d3, mode=1) returned 2
[0306.090] DrawTextExW (in: hdc=0xa80107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2cdf4b8 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0306.090] DrawTextExW (in: hdc=0xa80107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2cdf4b8 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0306.090] RestoreDC (hdc=0xa80107d3, nSavedDC=-1) returned 1
[0306.090] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107d3) returned 0x0
[0306.090] GetFocus () returned 0x602c4
[0306.090] IsAppThemed () returned 0x1
[0306.090] GetThemeAppProperties () returned 0x3
[0306.090] GetThemeAppProperties () returned 0x3
[0306.090] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0306.091] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xa80107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.091] GdipReleaseDC (graphics=0x6600030, hdc=0xa80107d3) returned 0x0
[0306.091] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.091] SelectObject (hdc=0xa80107d3, h=0x85000f) returned 0x4a0507fe
[0306.091] DeleteDC (hdc=0xa80107d3) returned 1
[0306.091] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.091] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0306.091] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.091] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.091] WaitMessage () returned 1
[0306.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.170] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.170] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.170] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.170] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.170] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.170] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.170] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.170] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.170] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0024) returned 0x0
[0306.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.170] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.170] WaitMessage () returned 1
[0306.276] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.276] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400ff) returned 0x1
[0306.276] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.276] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.277] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400ff) returned 0x1
[0306.277] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0306.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0041) returned 0x0
[0306.277] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0306.277] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0306.277] SetCursor (hCursor=0x10003) returned 0x10003
[0306.277] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.277] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.277] GetKeyState (nVirtKey=1) returned -128
[0306.277] GetKeyState (nVirtKey=2) returned 0
[0306.277] GetKeyState (nVirtKey=4) returned 0
[0306.277] GetKeyState (nVirtKey=5) returned 0
[0306.277] GetKeyState (nVirtKey=6) returned 0
[0306.277] IsWindowVisible (hWnd=0x602c4) returned 1
[0306.277] IsWindowEnabled (hWnd=0x602c4) returned 1
[0306.277] SetFocus (hWnd=0x602c4) returned 0x602c4
[0306.277] GetFocus () returned 0x602c4
[0306.277] GetFocus () returned 0x602c4
[0306.278] GetFocus () returned 0x602c4
[0306.278] GetKeyState (nVirtKey=1) returned -128
[0306.278] GetKeyState (nVirtKey=2) returned 0
[0306.278] GetKeyState (nVirtKey=4) returned 0
[0306.278] GetKeyState (nVirtKey=5) returned 0
[0306.278] GetKeyState (nVirtKey=6) returned 0
[0306.278] GetCapture () returned 0x0
[0306.278] SetCapture (hWnd=0x602c4) returned 0x0
[0306.278] GetKeyState (nVirtKey=1) returned -128
[0306.278] GetKeyState (nVirtKey=2) returned 0
[0306.278] GetKeyState (nVirtKey=4) returned 0
[0306.278] GetKeyState (nVirtKey=5) returned 0
[0306.278] GetKeyState (nVirtKey=6) returned 0
[0306.278] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0306.278] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0306.279] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.279] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.279] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.279] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.279] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.279] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2cdf63c, cPoints=0x1 | out: lpPoints=0x2cdf63c) returned 40304859
[0306.279] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0306.279] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0306.279] UpdateWindow (hWnd=0x602c4) returned 1
[0306.279] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x10105d6
[0306.279] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.279] CreateCompatibleDC (hdc=0x10105d6) returned 0xa90107d3
[0306.279] SelectObject (hdc=0xa90107d3, h=0x4a0507fe) returned 0x85000f
[0306.279] GdipCreateFromHDC (hdc=0xa90107d3, graphics=0xd7e430) returned 0x0
[0306.280] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.280] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0306.280] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0306.280] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0306.280] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e490) returned 0x0
[0306.280] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.280] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0306.280] LocalFree (hMem=0x11eec58) returned 0x0
[0306.280] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0306.280] GdipCreateRegion (region=0xd7e478) returned 0x0
[0306.280] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0306.280] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0306.280] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0306.280] GdipRestoreGraphics (graphics=0x6600030, state=0xf56e0dbd) returned 0x0
[0306.280] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0306.280] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0306.280] GetCurrentObject (hdc=0xa90107d3, type=0x1) returned 0xb00017
[0306.280] GetCurrentObject (hdc=0xa90107d3, type=0x2) returned 0x900010
[0306.280] GetCurrentObject (hdc=0xa90107d3, type=0x7) returned 0x4a0507fe
[0306.280] GetCurrentObject (hdc=0xa90107d3, type=0x6) returned 0x8a01c2
[0306.281] SaveDC (hdc=0xa90107d3) returned 1
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0xff) returned 0xff
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0x55) returned 0x55
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0x0) returned 0x0
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0x55) returned 0x55
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0x0) returned 0x0
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0x8080ff) returned 0x8080ff
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0x7373e5) returned 0x7373e5
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0xe5) returned 0xe5
[0306.281] GetNearestColor (hdc=0xa90107d3, color=0x0) returned 0x0
[0306.281] RestoreDC (hdc=0xa90107d3, nSavedDC=-1) returned 1
[0306.281] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107d3) returned 0x0
[0306.281] IsAppThemed () returned 0x1
[0306.281] GetThemeAppProperties () returned 0x3
[0306.281] GetThemeAppProperties () returned 0x3
[0306.281] IsAppThemed () returned 0x1
[0306.281] GetThemeAppProperties () returned 0x3
[0306.281] GetThemeAppProperties () returned 0x3
[0306.281] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2cdfd58 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0306.282] IsAppThemed () returned 0x1
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] IsAppThemed () returned 0x1
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] IsAppThemed () returned 0x1
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] IsAppThemed () returned 0x1
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] IsThemePartDefined () returned 0x1
[0306.282] IsAppThemed () returned 0x1
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.282] IsAppThemed () returned 0x1
[0306.282] GetThemeAppProperties () returned 0x3
[0306.282] GetThemeAppProperties () returned 0x3
[0306.283] IsAppThemed () returned 0x1
[0306.283] GetThemeAppProperties () returned 0x3
[0306.283] GetThemeAppProperties () returned 0x3
[0306.283] IsThemePartDefined () returned 0x1
[0306.283] GdipCreateRegion (region=0xd7e194) returned 0x0
[0306.283] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0306.283] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0306.283] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0306.283] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e1ac) returned 0x0
[0306.283] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.283] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0306.283] LocalFree (hMem=0x11eec58) returned 0x0
[0306.283] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.283] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0306.283] LocalFree (hMem=0x11ee788) returned 0x0
[0306.283] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0306.283] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0306.283] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0306.283] GdipGetRegionHRgn (region=0x66464d8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0306.283] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0306.283] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0306.283] GetCurrentObject (hdc=0xa90107d3, type=0x1) returned 0xb00017
[0306.283] GetCurrentObject (hdc=0xa90107d3, type=0x2) returned 0x900010
[0306.283] GetCurrentObject (hdc=0xa90107d3, type=0x7) returned 0x4a0507fe
[0306.284] GetCurrentObject (hdc=0xa90107d3, type=0x6) returned 0x8a01c2
[0306.284] SaveDC (hdc=0xa90107d3) returned 1
[0306.284] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe3040807
[0306.284] GetClipRgn (hdc=0xa90107d3, hrgn=0xe3040807) returned 0
[0306.284] SelectClipRgn (hdc=0xa90107d3, hrgn=0x670407de) returned 2
[0306.284] DeleteObject (ho=0xe3040807) returned 1
[0306.284] DeleteObject (ho=0x670407de) returned 1
[0306.284] OffsetViewportOrgEx (in: hdc=0xa90107d3, x=0, y=0, lppt=0x2ce0408 | out: lppt=0x2ce0408) returned 1
[0306.284] DrawThemeParentBackground () returned 0x0
[0306.284] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0306.284] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0306.284] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.284] GetSystemMetrics (nIndex=42) returned 0
[0306.284] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0306.285] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0306.285] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0306.285] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0306.285] SelectPalette (hdc=0xa90107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.285] GdipCreateFromHDC (hdc=0xa90107d3, graphics=0xd7dc88) returned 0x0
[0306.285] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.285] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0306.285] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638ae8) returned 0x0
[0306.285] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc60) returned 0x0
[0306.285] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0306.285] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0306.285] GdipGetClip (graphics=0x6639e10, region=0x6646568) returned 0x0
[0306.285] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6639e10, result=0xd7dc54) returned 0x0
[0306.285] GdipDeleteRegion (region=0x6646568) returned 0x0
[0306.285] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc80) returned 0x0
[0306.285] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0306.291] GdipFillRectangleI (graphics=0x6639e10, brush=0x664e510, x=0, y=0, width=801, height=453) returned 0x0
[0306.291] GdipDeleteBrush (brush=0x664e510) returned 0x0
[0306.293] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.293] SelectPalette (hdc=0xa90107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.293] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.293] GetSystemMetrics (nIndex=42) returned 0
[0306.293] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.293] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0306.293] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0306.293] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0306.293] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0306.293] SelectPalette (hdc=0xa90107d3, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.293] GdipCreateFromHDC (hdc=0xa90107d3, graphics=0xd7dc28) returned 0x0
[0306.293] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.293] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0306.293] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b18) returned 0x0
[0306.293] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0306.293] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0306.294] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0306.294] GdipGetClip (graphics=0x6639e10, region=0x66469e8) returned 0x0
[0306.294] GdipIsInfiniteRegion (region=0x66469e8, graphics=0x6639e10, result=0xd7dbf4) returned 0x0
[0306.294] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0306.294] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc20) returned 0x0
[0306.294] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0306.300] GdipFillRectangleI (graphics=0x6639e10, brush=0x664dc88, x=0, y=0, width=801, height=453) returned 0x0
[0306.300] GdipDeleteBrush (brush=0x664dc88) returned 0x0
[0306.302] GdipRestoreGraphics (graphics=0x6639e10, state=0xf56a0dbd) returned 0x0
[0306.302] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.302] GetSystemMetrics (nIndex=42) returned 0
[0306.302] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.302] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0306.302] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.302] SelectPalette (hdc=0xa90107d3, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.302] RestoreDC (hdc=0xa90107d3, nSavedDC=-1) returned 1
[0306.302] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107d3) returned 0x0
[0306.302] IsAppThemed () returned 0x1
[0306.302] GetThemeAppProperties () returned 0x3
[0306.302] GetThemeAppProperties () returned 0x3
[0306.302] IsAppThemed () returned 0x1
[0306.303] GetThemeAppProperties () returned 0x3
[0306.303] GetThemeAppProperties () returned 0x3
[0306.303] IsThemePartDefined () returned 0x1
[0306.303] GdipCreateRegion (region=0xd7e118) returned 0x0
[0306.303] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0306.303] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0306.303] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0306.303] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e130) returned 0x0
[0306.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0306.303] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11eead0) returned 0x0
[0306.303] LocalFree (hMem=0x11eead0) returned 0x0
[0306.303] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.303] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0306.303] LocalFree (hMem=0x11ee868) returned 0x0
[0306.303] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0306.303] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e158) returned 0x0
[0306.303] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e148) returned 0x0
[0306.303] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0306.303] GdipDeleteRegion (region=0x6646298) returned 0x0
[0306.303] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0306.303] GetCurrentObject (hdc=0xa90107d3, type=0x1) returned 0xb00017
[0306.303] GetCurrentObject (hdc=0xa90107d3, type=0x2) returned 0x900010
[0306.303] GetCurrentObject (hdc=0xa90107d3, type=0x7) returned 0x4a0507fe
[0306.303] GetCurrentObject (hdc=0xa90107d3, type=0x6) returned 0x8a01c2
[0306.304] SaveDC (hdc=0xa90107d3) returned 1
[0306.304] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x680407de
[0306.304] GetClipRgn (hdc=0xa90107d3, hrgn=0x680407de) returned 0
[0306.304] SelectClipRgn (hdc=0xa90107d3, hrgn=0xe5040807) returned 2
[0306.304] DeleteObject (ho=0x680407de) returned 1
[0306.304] DeleteObject (ho=0xe5040807) returned 1
[0306.304] OffsetViewportOrgEx (in: hdc=0xa90107d3, x=0, y=0, lppt=0x2ce6c58 | out: lppt=0x2ce6c58) returned 1
[0306.304] IsAppThemed () returned 0x1
[0306.304] GetThemeAppProperties () returned 0x3
[0306.304] GetThemeAppProperties () returned 0x3
[0306.304] DrawThemeBackground () returned 0x0
[0306.304] RestoreDC (hdc=0xa90107d3, nSavedDC=-1) returned 1
[0306.304] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107d3) returned 0x0
[0306.304] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0306.304] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0306.304] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0306.304] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0306.304] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e134) returned 0x0
[0306.304] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.304] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0306.304] LocalFree (hMem=0x11eec58) returned 0x0
[0306.305] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.305] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0306.305] LocalFree (hMem=0x11eec58) returned 0x0
[0306.305] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0306.305] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0306.305] GdipIsInfiniteRegion (region=0x6646dd8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0306.305] GdipGetRegionHRgn (region=0x6646dd8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0306.305] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0306.305] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0306.305] GetCurrentObject (hdc=0xa90107d3, type=0x1) returned 0xb00017
[0306.305] GetCurrentObject (hdc=0xa90107d3, type=0x2) returned 0x900010
[0306.305] GetCurrentObject (hdc=0xa90107d3, type=0x7) returned 0x4a0507fe
[0306.305] GetCurrentObject (hdc=0xa90107d3, type=0x6) returned 0x8a01c2
[0306.305] SaveDC (hdc=0xa90107d3) returned 1
[0306.305] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe6040807
[0306.305] GetClipRgn (hdc=0xa90107d3, hrgn=0xe6040807) returned 0
[0306.305] SelectClipRgn (hdc=0xa90107d3, hrgn=0x690407de) returned 2
[0306.305] DeleteObject (ho=0xe6040807) returned 1
[0306.305] DeleteObject (ho=0x690407de) returned 1
[0306.305] OffsetViewportOrgEx (in: hdc=0xa90107d3, x=0, y=0, lppt=0x2ce6f2c | out: lppt=0x2ce6f2c) returned 1
[0306.305] IsAppThemed () returned 0x1
[0306.305] GetThemeAppProperties () returned 0x3
[0306.306] GetThemeAppProperties () returned 0x3
[0306.306] GetThemeBackgroundContentRect () returned 0x0
[0306.306] RestoreDC (hdc=0xa90107d3, nSavedDC=-1) returned 1
[0306.306] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107d3) returned 0x0
[0306.306] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0306.306] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0306.306] GdipFillRectangleI (graphics=0x6600030, brush=0x66327f0, x=4, y=4, width=67, height=15) returned 0x0
[0306.306] GdipDeleteBrush (brush=0x66327f0) returned 0x0
[0306.306] IsAppThemed () returned 0x1
[0306.306] GetThemeAppProperties () returned 0x3
[0306.306] GetThemeAppProperties () returned 0x3
[0306.306] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0306.306] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0306.306] GetCurrentObject (hdc=0xa90107d3, type=0x1) returned 0xb00017
[0306.306] GetCurrentObject (hdc=0xa90107d3, type=0x2) returned 0x900010
[0306.306] GetCurrentObject (hdc=0xa90107d3, type=0x7) returned 0x4a0507fe
[0306.306] GetCurrentObject (hdc=0xa90107d3, type=0x6) returned 0x8a01c2
[0306.306] SaveDC (hdc=0xa90107d3) returned 1
[0306.306] GetTextAlign (hdc=0xa90107d3) returned 0x0
[0306.306] GetTextColor (hdc=0xa90107d3) returned 0x0
[0306.306] GetCurrentObject (hdc=0xa90107d3, type=0x6) returned 0x8a01c2
[0306.306] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0306.307] SelectObject (hdc=0xa90107d3, h=0x6d0a0520) returned 0x8a01c2
[0306.307] GetBkMode (hdc=0xa90107d3) returned 2
[0306.307] SetBkMode (hdc=0xa90107d3, mode=1) returned 2
[0306.307] DrawTextExW (in: hdc=0xa90107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2ce72f0 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0306.307] DrawTextExW (in: hdc=0xa90107d3, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2ce72f0 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0306.307] RestoreDC (hdc=0xa90107d3, nSavedDC=-1) returned 1
[0306.307] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107d3) returned 0x0
[0306.307] GetFocus () returned 0x602c4
[0306.308] IsAppThemed () returned 0x1
[0306.308] GetThemeAppProperties () returned 0x3
[0306.308] GetThemeAppProperties () returned 0x3
[0306.308] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0306.308] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0xa90107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.308] GdipReleaseDC (graphics=0x6600030, hdc=0xa90107d3) returned 0x0
[0306.308] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.308] SelectObject (hdc=0xa90107d3, h=0x85000f) returned 0x4a0507fe
[0306.308] DeleteDC (hdc=0xa90107d3) returned 1
[0306.308] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.308] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0306.308] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ce73ec, cPoints=0x1 | out: lpPoints=0x2ce73ec) returned 40304859
[0306.308] WindowFromPoint (Point=0xff) returned 0x602c4
[0306.309] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400ff) returned 0x1
[0306.309] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0306.309] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0306.309] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0306.309] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0306.309] GetSystemMetrics (nIndex=42) returned 0
[0306.309] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0306.309] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0306.310] GetCapture () returned 0x602c4
[0306.310] ReleaseCapture () returned 1
[0306.311] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0306.311] GetProcessWindowStation () returned 0x13c
[0306.311] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.311] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0306.311] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.311] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0306.312] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.312] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0306.312] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.312] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0306.312] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.312] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0306.312] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.312] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0306.312] GetDC (hWnd=0x0) returned 0xc0107c5
[0306.313] GdipCreateFromHDC (hdc=0xc0107c5, graphics=0xd7e6ec) returned 0x0
[0306.313] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0306.313] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.313] ReleaseDC (hWnd=0x0, hDC=0xc0107c5) returned 1
[0306.313] GetSystemMetrics (nIndex=5) returned 1
[0306.313] GetSystemMetrics (nIndex=6) returned 1
[0306.313] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.313] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0306.314] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.314] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0306.320] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0306.320] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0306.320] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.320] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0306.320] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.320] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0306.321] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2cee4bc | out: lpData=0x2cee4bc) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cee8cc, puLen=0xd7e810) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee574, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee5c8, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee648, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee6b0, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee6f0, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee778, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee7b4, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee80c, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee83c, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cee878, puLen=0xd7e790) returned 1
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cee8cc, puLen=0xd7e784) returned 1
[0306.322] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.322] VerQueryValueW (in: pBlock=0x2cee4bc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cee4e4, puLen=0xd7e794) returned 1
[0306.323] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0306.323] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0306.323] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.323] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0306.323] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.323] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0306.323] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2cf042c | out: lpData=0x2cf042c) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf04c8, puLen=0xd7e810) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0540, puLen=0xd7e790) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0570, puLen=0xd7e790) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf05ac, puLen=0xd7e790) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf05dc, puLen=0xd7e790) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0624, puLen=0xd7e790) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf069c, puLen=0xd7e790) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf06e0, puLen=0xd7e790) returned 1
[0306.323] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf0720, puLen=0xd7e790) returned 1
[0306.324] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf051e, puLen=0xd7e790) returned 1
[0306.324] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf066c, puLen=0xd7e790) returned 1
[0306.324] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.324] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.324] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf04c8, puLen=0xd7e784) returned 1
[0306.324] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0306.324] VerQueryValueW (in: pBlock=0x2cf042c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf0454, puLen=0xd7e794) returned 1
[0306.324] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0306.324] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0306.324] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.325] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0306.325] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.325] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0306.326] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2cf2704 | out: lpData=0x2cf2704) returned 1
[0306.326] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf2b18, puLen=0xd7e810) returned 1
[0306.326] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf27bc, puLen=0xd7e790) returned 1
[0306.326] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2810, puLen=0xd7e790) returned 1
[0306.326] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf286c, puLen=0xd7e790) returned 1
[0306.326] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf28cc, puLen=0xd7e790) returned 1
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2924, puLen=0xd7e790) returned 1
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf29ac, puLen=0xd7e790) returned 1
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2a00, puLen=0xd7e790) returned 1
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2a58, puLen=0xd7e790) returned 1
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2a88, puLen=0xd7e790) returned 1
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf2ac4, puLen=0xd7e790) returned 1
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf2b18, puLen=0xd7e784) returned 1
[0306.327] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.327] VerQueryValueW (in: pBlock=0x2cf2704, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf272c, puLen=0xd7e794) returned 1
[0306.328] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0306.328] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0306.328] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.328] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0306.328] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.328] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0306.329] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2cf4d3c | out: lpData=0x2cf4d3c) returned 1
[0306.329] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf513c, puLen=0xd7e810) returned 1
[0306.329] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4df4, puLen=0xd7e790) returned 1
[0306.329] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4e48, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4e88, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4ef0, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4f48, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf4fd0, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf5024, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf507c, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf50ac, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf50e8, puLen=0xd7e790) returned 1
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf513c, puLen=0xd7e784) returned 1
[0306.330] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.330] VerQueryValueW (in: pBlock=0x2cf4d3c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf4d64, puLen=0xd7e794) returned 1
[0306.331] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0306.331] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0306.331] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.331] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0306.331] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.331] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0306.332] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2cf7478 | out: lpData=0x2cf7478) returned 1
[0306.332] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cf7840, puLen=0xd7e810) returned 1
[0306.332] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7530, puLen=0xd7e790) returned 1
[0306.332] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7584, puLen=0xd7e790) returned 1
[0306.332] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf75c4, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf762c, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7668, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf76f0, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7728, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf7780, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf77b0, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cf77ec, puLen=0xd7e790) returned 1
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cf7840, puLen=0xd7e784) returned 1
[0306.333] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.333] VerQueryValueW (in: pBlock=0x2cf7478, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cf74a0, puLen=0xd7e794) returned 1
[0306.334] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0306.334] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0306.334] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.334] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0306.334] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.334] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0306.334] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2cfaae0 | out: lpData=0x2cfaae0) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cfaec0, puLen=0xd7e810) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfab98, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfabec, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfac2c, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfac8c, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfacd8, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfad60, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfada8, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfae00, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfae30, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfae6c, puLen=0xd7e790) returned 1
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.335] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cfaec0, puLen=0xd7e784) returned 1
[0306.335] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.336] VerQueryValueW (in: pBlock=0x2cfaae0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cfab08, puLen=0xd7e794) returned 1
[0306.336] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0306.336] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0306.336] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.336] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0306.336] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.336] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0306.337] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2cfd300 | out: lpData=0x2cfd300) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cfd70c, puLen=0xd7e810) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd3b8, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd40c, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd460, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd4c0, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd518, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd5a0, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd5f4, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd64c, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd67c, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cfd6b8, puLen=0xd7e790) returned 1
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cfd70c, puLen=0xd7e784) returned 1
[0306.338] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.338] VerQueryValueW (in: pBlock=0x2cfd300, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cfd328, puLen=0xd7e794) returned 1
[0306.339] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0306.339] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0306.339] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.339] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0306.339] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.339] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0306.340] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2cffb14 | out: lpData=0x2cffb14) returned 1
[0306.340] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2cffeec, puLen=0xd7e810) returned 1
[0306.340] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffbcc, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffc20, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffc60, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffcc8, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffd0c, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffd94, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffdd4, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffe2c, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffe5c, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2cffe98, puLen=0xd7e790) returned 1
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2cffeec, puLen=0xd7e784) returned 1
[0306.343] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.343] VerQueryValueW (in: pBlock=0x2cffb14, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2cffb3c, puLen=0xd7e794) returned 1
[0306.344] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0306.344] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0306.344] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.344] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0306.344] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.344] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0306.345] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d0206c | out: lpData=0x2d0206c) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d02444, puLen=0xd7e810) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02124, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02178, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d021b8, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02220, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02264, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d022ec, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0232c, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d02384, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d023b4, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d023f0, puLen=0xd7e790) returned 1
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d02444, puLen=0xd7e784) returned 1
[0306.346] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.346] VerQueryValueW (in: pBlock=0x2d0206c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d02094, puLen=0xd7e794) returned 1
[0306.347] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0306.347] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0306.347] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0306.347] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0306.347] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0306.347] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0306.348] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d047a4 | out: lpData=0x2d047a4) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d04bd4, puLen=0xd7e810) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d0485c, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d048b0, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04920, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04980, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d049dc, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04a64, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04abc, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04b14, puLen=0xd7e790) returned 1
[0306.348] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04b44, puLen=0xd7e790) returned 1
[0306.349] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.349] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d04b80, puLen=0xd7e790) returned 1
[0306.349] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0306.349] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d04bd4, puLen=0xd7e784) returned 1
[0306.349] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0306.349] VerQueryValueW (in: pBlock=0x2d047a4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d047cc, puLen=0xd7e794) returned 1
[0306.349] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0306.349] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.349] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0306.350] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.350] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.350] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c02ce
[0306.350] SetWindowLongW (hWnd=0x2c02ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0306.350] GetWindowLongW (hWnd=0x2c02ce, nIndex=-4) returned 1950089536
[0306.351] SetWindowLongW (hWnd=0x2c02ce, nIndex=-4, dwNewLong=19940670) returned 1950089536
[0306.351] GetWindowLongW (hWnd=0x2c02ce, nIndex=-4) returned 19940670
[0306.351] GetWindowLongW (hWnd=0x2c02ce, nIndex=-16) returned 113311744
[0306.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0306.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0306.351] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0306.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0306.352] GetClientRect (in: hWnd=0x2c02ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0306.352] GetWindowRect (in: hWnd=0x2c02ce, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0306.352] SetWindowTextW (hWnd=0x2c02ce, lpString="WindowsFormsParkingWindow") returned 1
[0306.352] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0xc, wParam=0x0, lParam=0x2ccae60) returned 0x1
[0306.352] GetParent (hWnd=0x2c02ce) returned 0x0
[0306.353] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.353] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2c02ce, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3602de
[0306.353] SetWindowLongW (hWnd=0x3602de, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0306.353] GetWindowLongW (hWnd=0x3602de, nIndex=-4) returned 1868147648
[0306.354] SetWindowLongW (hWnd=0x3602de, nIndex=-4, dwNewLong=19941110) returned 1868147648
[0306.354] GetWindowLongW (hWnd=0x3602de, nIndex=-4) returned 19941110
[0306.354] GetWindowLongW (hWnd=0x3602de, nIndex=-16) returned 1174405133
[0306.354] GetWindowLongW (hWnd=0x3602de, nIndex=-12) returned 0
[0306.354] SetWindowLongW (hWnd=0x3602de, nIndex=-12, dwNewLong=3539678) returned 0
[0306.354] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0306.354] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0306.354] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0306.355] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0306.355] GetWindowRect (in: hWnd=0x3602de, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0306.355] GetParent (hWnd=0x3602de) returned 0x2c02ce
[0306.355] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02ce, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0306.355] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0306.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0306.356] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0306.356] GetWindowRect (in: hWnd=0x3602de, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0306.356] GetParent (hWnd=0x3602de) returned 0x2c02ce
[0306.356] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02ce, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0306.356] SendMessageW (hWnd=0x3602de, Msg=0x2210, wParam=0x2de0001, lParam=0x3602de) returned 0x0
[0306.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x2210, wParam=0x2de0001, lParam=0x3602de) returned 0x0
[0306.356] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.356] GetParent (hWnd=0x3602de) returned 0x2c02ce
[0306.356] GdipCreateFromHWND (hwnd=0x3602de, graphics=0xd7e844) returned 0x0
[0306.356] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0306.357] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.357] GetForegroundWindow () returned 0x7005c
[0306.357] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.357] GetSystemMetrics (nIndex=42) returned 0
[0306.357] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0306.357] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.357] GetSystemMetrics (nIndex=42) returned 0
[0306.357] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0306.358] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.358] GetCursorPos (in: lpPoint=0x2d08c28 | out: lpPoint=0x2d08c28*(x=255, y=628)) returned 1
[0306.358] MonitorFromPoint (pt=0xff, dwFlags=0x274) returned 0x10001
[0306.358] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0306.358] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xac0107d3
[0306.358] GetDeviceCaps (hdc=0xac0107d3, index=12) returned 32
[0306.358] GetDeviceCaps (hdc=0xac0107d3, index=14) returned 1
[0306.358] DeleteDC (hdc=0xac0107d3) returned 1
[0306.358] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0306.358] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0306.358] GetSystemMetrics (nIndex=59) returned 1460
[0306.358] GetSystemMetrics (nIndex=60) returned 920
[0306.358] GetSystemMetrics (nIndex=34) returned 136
[0306.359] GetSystemMetrics (nIndex=35) returned 39
[0306.359] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.359] GetCursorPos (in: lpPoint=0x2d08e94 | out: lpPoint=0x2d08e94*(x=255, y=628)) returned 1
[0306.359] MonitorFromPoint (pt=0xfe, dwFlags=0x277) returned 0x10001
[0306.359] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0306.359] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xad0107d3
[0306.359] GetDeviceCaps (hdc=0xad0107d3, index=12) returned 32
[0306.359] GetDeviceCaps (hdc=0xad0107d3, index=14) returned 1
[0306.359] DeleteDC (hdc=0xad0107d3) returned 1
[0306.360] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0306.360] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0306.360] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.360] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0306.360] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d0912c | out: piconinfo=0x2d0912c) returned 1
[0306.360] GetObjectW (in: h=0x940507e0, c=24, pv=0x2d09148 | out: pv=0x2d09148) returned 24
[0306.360] GdipCreateBitmapFromHBITMAP (hbm=0x940507e0, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0306.361] GdipGetImageWidth (image=0x6600640, width=0xd7e750) returned 0x0
[0306.361] GdipGetImageHeight (image=0x6600640, height=0xd7e748) returned 0x0
[0306.361] GdipGetImagePixelFormat (image=0x6600640, format=0xd7e740) returned 0x0
[0306.361] GdipBitmapLockBits (bitmap=0x6600640, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d09200) returned 0x0
[0306.361] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0306.361] GdipBitmapLockBits (bitmap=0x6600cd0, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d09238) returned 0x0
[0306.361] RtlMoveMemory (in: Destination=0x665df40, Source=0x665aea0, Length=0x80 | out: Destination=0x665df40)
[0306.361] RtlMoveMemory (in: Destination=0x665dfc0, Source=0x665ae20, Length=0x80 | out: Destination=0x665dfc0)
[0306.361] RtlMoveMemory (in: Destination=0x665e040, Source=0x665ada0, Length=0x80 | out: Destination=0x665e040)
[0306.361] RtlMoveMemory (in: Destination=0x665e0c0, Source=0x665ad20, Length=0x80 | out: Destination=0x665e0c0)
[0306.361] RtlMoveMemory (in: Destination=0x665e140, Source=0x665aca0, Length=0x80 | out: Destination=0x665e140)
[0306.361] RtlMoveMemory (in: Destination=0x665e1c0, Source=0x665ac20, Length=0x80 | out: Destination=0x665e1c0)
[0306.361] RtlMoveMemory (in: Destination=0x665e240, Source=0x665aba0, Length=0x80 | out: Destination=0x665e240)
[0306.361] RtlMoveMemory (in: Destination=0x665e2c0, Source=0x665ab20, Length=0x80 | out: Destination=0x665e2c0)
[0306.361] RtlMoveMemory (in: Destination=0x665e340, Source=0x665aaa0, Length=0x80 | out: Destination=0x665e340)
[0306.361] RtlMoveMemory (in: Destination=0x665e3c0, Source=0x665aa20, Length=0x80 | out: Destination=0x665e3c0)
[0306.361] RtlMoveMemory (in: Destination=0x665e440, Source=0x665a9a0, Length=0x80 | out: Destination=0x665e440)
[0306.361] RtlMoveMemory (in: Destination=0x665e4c0, Source=0x665a920, Length=0x80 | out: Destination=0x665e4c0)
[0306.361] RtlMoveMemory (in: Destination=0x665e540, Source=0x665a8a0, Length=0x80 | out: Destination=0x665e540)
[0306.361] RtlMoveMemory (in: Destination=0x665e5c0, Source=0x665a820, Length=0x80 | out: Destination=0x665e5c0)
[0306.361] RtlMoveMemory (in: Destination=0x665e640, Source=0x665a7a0, Length=0x80 | out: Destination=0x665e640)
[0306.362] RtlMoveMemory (in: Destination=0x665e6c0, Source=0x665a720, Length=0x80 | out: Destination=0x665e6c0)
[0306.362] RtlMoveMemory (in: Destination=0x665e740, Source=0x665a6a0, Length=0x80 | out: Destination=0x665e740)
[0306.362] RtlMoveMemory (in: Destination=0x665e7c0, Source=0x665a620, Length=0x80 | out: Destination=0x665e7c0)
[0306.362] RtlMoveMemory (in: Destination=0x665e840, Source=0x665a5a0, Length=0x80 | out: Destination=0x665e840)
[0306.362] RtlMoveMemory (in: Destination=0x665e8c0, Source=0x665a520, Length=0x80 | out: Destination=0x665e8c0)
[0306.362] RtlMoveMemory (in: Destination=0x665e940, Source=0x665a4a0, Length=0x80 | out: Destination=0x665e940)
[0306.362] RtlMoveMemory (in: Destination=0x665e9c0, Source=0x665a420, Length=0x80 | out: Destination=0x665e9c0)
[0306.362] RtlMoveMemory (in: Destination=0x665ea40, Source=0x665a3a0, Length=0x80 | out: Destination=0x665ea40)
[0306.362] RtlMoveMemory (in: Destination=0x665eac0, Source=0x665a320, Length=0x80 | out: Destination=0x665eac0)
[0306.362] RtlMoveMemory (in: Destination=0x665eb40, Source=0x665a2a0, Length=0x80 | out: Destination=0x665eb40)
[0306.362] RtlMoveMemory (in: Destination=0x665ebc0, Source=0x665a220, Length=0x80 | out: Destination=0x665ebc0)
[0306.362] RtlMoveMemory (in: Destination=0x665ec40, Source=0x665a1a0, Length=0x80 | out: Destination=0x665ec40)
[0306.362] RtlMoveMemory (in: Destination=0x665ecc0, Source=0x665a120, Length=0x80 | out: Destination=0x665ecc0)
[0306.362] RtlMoveMemory (in: Destination=0x665ed40, Source=0x665a0a0, Length=0x80 | out: Destination=0x665ed40)
[0306.362] RtlMoveMemory (in: Destination=0x665edc0, Source=0x665a020, Length=0x80 | out: Destination=0x665edc0)
[0306.362] RtlMoveMemory (in: Destination=0x665ee40, Source=0x6659fa0, Length=0x80 | out: Destination=0x665ee40)
[0306.362] RtlMoveMemory (in: Destination=0x665eec0, Source=0x6659f20, Length=0x80 | out: Destination=0x665eec0)
[0306.362] GdipBitmapUnlockBits (bitmap=0x6600640, lockedBitmapData=0x2d09200) returned 0x0
[0306.362] GdipBitmapUnlockBits (bitmap=0x6600cd0, lockedBitmapData=0x2d09238) returned 0x0
[0306.362] GdipDisposeImage (image=0x6600640) returned 0x0
[0306.362] DeleteObject (ho=0x940507e0) returned 1
[0306.362] DeleteObject (ho=0xae0507d3) returned 1
[0306.362] GetCurrentThreadId () returned 0xf50
[0306.363] GetCurrentThreadId () returned 0xf50
[0306.363] SetWindowPos (hWnd=0x3602de, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0306.363] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0306.363] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0306.363] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0306.363] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0306.363] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0306.363] GetWindowRect (in: hWnd=0x3602de, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0306.363] GetParent (hWnd=0x3602de) returned 0x2c02ce
[0306.363] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02ce, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0306.363] InvalidateRect (hWnd=0x3602de, lpRect=0x0, bErase=1) returned 1
[0306.363] GetWindowTextLengthW (hWnd=0x3602de) returned 0
[0306.363] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0306.363] GetSystemMetrics (nIndex=42) returned 0
[0306.363] GetWindowTextW (in: hWnd=0x3602de, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0306.363] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0306.364] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0306.364] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0306.364] GetWindowRect (in: hWnd=0x3602de, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0306.364] GetParent (hWnd=0x3602de) returned 0x2c02ce
[0306.364] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2c02ce, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0306.364] GetWindowTextLengthW (hWnd=0x3602de) returned 0
[0306.364] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0306.364] GetSystemMetrics (nIndex=42) returned 0
[0306.364] GetWindowTextW (in: hWnd=0x3602de, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0306.364] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0306.364] GetWindowTextLengthW (hWnd=0x3602de) returned 0
[0306.364] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0306.364] GetSystemMetrics (nIndex=42) returned 0
[0306.364] GetWindowTextW (in: hWnd=0x3602de, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0306.364] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0306.364] SetWindowTextW (hWnd=0x3602de, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0306.364] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xc, wParam=0x0, lParam=0x2ce89e0) returned 0x1
[0306.364] InvalidateRect (hWnd=0x3602de, lpRect=0x0, bErase=1) returned 1
[0306.364] GetCurrentThreadId () returned 0xf50
[0306.364] GetWindowThreadProcessId (in: hWnd=0x3602de, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0306.365] GdipCreateBitmapFromStream (stream=0x509ffd0, bitmap=0xd7e840) returned 0x0
[0306.366] GdipImageForceValidation (image=0x6600640) returned 0x0
[0306.367] GdipGetImageRawFormat (image=0x6600640, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0306.367] GdipGetImageHeight (image=0x6600640, height=0xd7e824) returned 0x0
[0306.367] GdipGetImageWidth (image=0x6600640, width=0xd7e824) returned 0x0
[0306.367] GdipGetImageWidth (image=0x6600640, width=0xd7e810) returned 0x0
[0306.367] GdipGetImageHeight (image=0x6600640, height=0xd7e810) returned 0x0
[0306.367] GdipGetImageWidth (image=0x6600640, width=0xd7e800) returned 0x0
[0306.367] GdipGetImageHeight (image=0x6600640, height=0xd7e800) returned 0x0
[0306.367] GdipBitmapGetPixel (bitmap=0x6600640, x=0, y=15, color=0xd7e810) returned 0x0
[0306.367] GdipGetImageRawFormat (image=0x6600640, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0306.367] GdipGetImageWidth (image=0x6600640, width=0xd7e740) returned 0x0
[0306.367] GdipGetImageHeight (image=0x6600640, height=0xd7e740) returned 0x0
[0306.367] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0306.367] GdipGetImagePixelFormat (image=0x6602710, format=0xd7e740) returned 0x0
[0306.367] GdipGetImageGraphicsContext (image=0x6602710, graphics=0xd7e74c) returned 0x0
[0306.367] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0306.367] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0306.367] GdipSetImageAttributesColorKeys (imageattr=0x6638ab8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0306.367] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600640, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ab8, callback=0x0, callbackData=0x0) returned 0x0
[0306.368] GdipDisposeImageAttributes (imageattr=0x6638ab8) returned 0x0
[0306.368] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.368] GdipDisposeImage (image=0x6600640) returned 0x0
[0306.368] GdipCreateBitmapFromStream (stream=0x509ffb0, bitmap=0xd7e840) returned 0x0
[0306.369] GdipImageForceValidation (image=0x6600640) returned 0x0
[0306.370] GdipGetImageRawFormat (image=0x6600640, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0306.370] GdipGetImageHeight (image=0x6600640, height=0xd7e824) returned 0x0
[0306.370] GdipGetImageWidth (image=0x6600640, width=0xd7e824) returned 0x0
[0306.370] GdipGetImageWidth (image=0x6600640, width=0xd7e810) returned 0x0
[0306.370] GdipGetImageHeight (image=0x6600640, height=0xd7e810) returned 0x0
[0306.370] GdipGetImageWidth (image=0x6600640, width=0xd7e800) returned 0x0
[0306.370] GdipGetImageHeight (image=0x6600640, height=0xd7e800) returned 0x0
[0306.370] GdipBitmapGetPixel (bitmap=0x6600640, x=0, y=15, color=0xd7e810) returned 0x0
[0306.370] GdipGetImageRawFormat (image=0x6600640, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0306.370] GdipGetImageWidth (image=0x6600640, width=0xd7e740) returned 0x0
[0306.370] GdipGetImageHeight (image=0x6600640, height=0xd7e740) returned 0x0
[0306.370] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0306.370] GdipGetImagePixelFormat (image=0x6600988, format=0xd7e740) returned 0x0
[0306.370] GdipGetImageGraphicsContext (image=0x6600988, graphics=0xd7e74c) returned 0x0
[0306.371] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0306.371] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0306.371] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0306.371] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600640, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0306.371] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0306.371] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.371] GdipDisposeImage (image=0x6600640) returned 0x0
[0306.371] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.371] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0306.371] GetCurrentThreadId () returned 0xf50
[0306.371] GetCurrentThreadId () returned 0xf50
[0306.372] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.372] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0306.373] GetCurrentThreadId () returned 0xf50
[0306.373] GetCurrentThreadId () returned 0xf50
[0306.374] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.374] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0306.374] GetCurrentThreadId () returned 0xf50
[0306.374] GetCurrentThreadId () returned 0xf50
[0306.374] GetSystemMetrics (nIndex=5) returned 1
[0306.374] GetSystemMetrics (nIndex=6) returned 1
[0306.374] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.374] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0306.374] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.374] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0306.374] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.375] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0306.375] GetCurrentThreadId () returned 0xf50
[0306.375] GetCurrentThreadId () returned 0xf50
[0306.375] GetProcessWindowStation () returned 0x13c
[0306.375] GetCapture () returned 0x0
[0306.375] GetActiveWindow () returned 0x7005c
[0306.375] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0306.375] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.375] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0306.375] GetCursorPos (in: lpPoint=0x2d0a404 | out: lpPoint=0x2d0a404*(x=255, y=628)) returned 1
[0306.375] MonitorFromPoint (pt=0xff, dwFlags=0x274) returned 0x10001
[0306.375] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0306.375] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0xec010671
[0306.376] GetDeviceCaps (hdc=0xec010671, index=12) returned 32
[0306.376] GetDeviceCaps (hdc=0xec010671, index=14) returned 1
[0306.376] DeleteDC (hdc=0xec010671) returned 1
[0306.376] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0306.376] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.376] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3002c8
[0306.376] SetWindowLongW (hWnd=0x3002c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0306.377] GetWindowLongW (hWnd=0x3002c8, nIndex=-4) returned 1950089536
[0306.377] SetWindowLongW (hWnd=0x3002c8, nIndex=-4, dwNewLong=19940430) returned 1950089536
[0306.377] GetWindowLongW (hWnd=0x3002c8, nIndex=-4) returned 19940430
[0306.377] GetWindowLongW (hWnd=0x3002c8, nIndex=-16) returned 113770496
[0306.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0306.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0306.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0306.378] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0306.378] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0306.378] SetWindowTextW (hWnd=0x3002c8, lpString="BB ransomware") returned 1
[0306.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xc, wParam=0x0, lParam=0x2d08b14) returned 0x1
[0306.379] GetStartupInfoW (in: lpStartupInfo=0x2d0a740 | out: lpStartupInfo=0x2d0a740*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0306.380] GetParent (hWnd=0x3002c8) returned 0x0
[0306.380] SetWindowLongW (hWnd=0x3002c8, nIndex=-8, dwNewLong=0) returned 0
[0306.381] SendMessageW (hWnd=0x3002c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0306.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0306.381] SendMessageW (hWnd=0x3002c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0306.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0306.381] GetSystemMenu (hWnd=0x3002c8, bRevert=0) returned 0xc302a1
[0306.382] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0306.382] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0306.382] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0306.382] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0306.382] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0306.382] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0306.382] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0306.382] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0306.382] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0306.382] SetWindowPos (hWnd=0x3002c8, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0306.382] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0306.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3002c8) returned 0x1
[0306.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0306.385] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0306.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.386] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.388] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3002c8, lParam=0x0) returned 0x0
[0306.388] GetCapture () returned 0x0
[0306.388] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0306.389] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0306.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0306.391] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.391] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0306.391] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.391] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0306.392] GetParent (hWnd=0x3002c8) returned 0x0
[0306.392] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0306.394] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0306.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0306.394] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0306.394] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0306.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.396] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.396] GetWindowLongW (hWnd=0x3002c8, nIndex=-16) returned 113770496
[0306.396] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.396] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.397] GetSystemMetrics (nIndex=42) returned 0
[0306.397] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0306.397] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.397] GetSystemMetrics (nIndex=42) returned 0
[0306.397] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.397] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0306.397] GetCursorPos (in: lpPoint=0x2d0a97c | out: lpPoint=0x2d0a97c*(x=255, y=628)) returned 1
[0306.397] MonitorFromPoint (pt=0xff, dwFlags=0x274) returned 0x10001
[0306.397] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0306.397] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x106b6
[0306.397] GetDeviceCaps (hdc=0x106b6, index=12) returned 32
[0306.397] GetDeviceCaps (hdc=0x106b6, index=14) returned 1
[0306.397] DeleteDC (hdc=0x106b6) returned 1
[0306.397] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0306.397] GetWindowLongW (hWnd=0x3002c8, nIndex=-16) returned 113770496
[0306.398] GetWindowLongW (hWnd=0x3002c8, nIndex=-20) returned 327945
[0306.398] SetWindowLongW (hWnd=0x3002c8, nIndex=-16, dwNewLong=46661632) returned 113770496
[0306.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0306.398] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0306.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.399] SetWindowLongW (hWnd=0x3002c8, nIndex=-20, dwNewLong=327681) returned 327945
[0306.399] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0306.400] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0306.400] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.401] SetWindowPos (hWnd=0x3002c8, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0306.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0306.401] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0306.402] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0306.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0306.402] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0306.402] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0306.403] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.403] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.403] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.407] RedrawWindow (hWnd=0x3002c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0306.407] GetSystemMenu (hWnd=0x3002c8, bRevert=0) returned 0xc302a1
[0306.407] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0306.407] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0306.407] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0306.407] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0306.407] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0306.407] EnableMenuItem (hMenu=0xc302a1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0306.407] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0306.407] GetWindowLongW (hWnd=0x3002c8, nIndex=-8) returned 0
[0306.407] SetWindowLongW (hWnd=0x3002c8, nIndex=-8, dwNewLong=458844) returned 0
[0306.408] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0306.408] GetProcessWindowStation () returned 0x13c
[0306.409] GetCurrentThreadId () returned 0xf50
[0306.409] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304836, lParam=0x0) returned 1
[0306.409] IsWindowVisible (hWnd=0x3002c8) returned 0
[0306.409] IsWindowVisible (hWnd=0x7005c) returned 1
[0306.409] IsWindowEnabled (hWnd=0x7005c) returned 1
[0306.409] IsWindowVisible (hWnd=0x300ec) returned 0
[0306.409] IsWindowVisible (hWnd=0x502c6) returned 0
[0306.409] IsWindowVisible (hWnd=0x502be) returned 0
[0306.409] GetActiveWindow () returned 0x3002c8
[0306.409] GetFocus () returned 0x3002c8
[0306.409] IsWindow (hWnd=0x7005c) returned 1
[0306.409] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0306.409] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0306.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0306.410] GetWindowLongW (hWnd=0x3002c8, nIndex=-8) returned 458844
[0306.410] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0306.410] GetCurrentThreadId () returned 0xf50
[0306.410] GetWindowLongW (hWnd=0x3002c8, nIndex=-8) returned 458844
[0306.410] IsWindowEnabled (hWnd=0x7005c) returned 0
[0306.410] IsWindowEnabled (hWnd=0x3002c8) returned 1
[0306.410] ShowWindow (hWnd=0x3002c8, nCmdShow=5) returned 0
[0306.410] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.410] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0306.410] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.411] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.411] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3002c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2b02d0
[0306.411] SetWindowLongW (hWnd=0x2b02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0306.411] GetWindowLongW (hWnd=0x2b02d0, nIndex=-4) returned 1950089536
[0306.411] SetWindowLongW (hWnd=0x2b02d0, nIndex=-4, dwNewLong=19940510) returned 1950089536
[0306.412] GetWindowLongW (hWnd=0x2b02d0, nIndex=-4) returned 19940510
[0306.412] GetWindowLongW (hWnd=0x2b02d0, nIndex=-16) returned 1174405120
[0306.412] GetWindowLongW (hWnd=0x2b02d0, nIndex=-12) returned 0
[0306.412] SetWindowLongW (hWnd=0x2b02d0, nIndex=-12, dwNewLong=2818768) returned 0
[0306.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0306.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0306.412] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0306.412] GetWindow (hWnd=0x2b02d0, uCmd=0x3) returned 0x0
[0306.412] GetClientRect (in: hWnd=0x2b02d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0306.412] GetWindowRect (in: hWnd=0x2b02d0, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0306.412] GetParent (hWnd=0x2b02d0) returned 0x3002c8
[0306.412] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0306.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0306.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0306.413] GetClientRect (in: hWnd=0x2b02d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0306.413] GetWindowRect (in: hWnd=0x2b02d0, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0306.413] GetParent (hWnd=0x2b02d0) returned 0x3002c8
[0306.413] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0306.413] SendMessageW (hWnd=0x2b02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2b02d0) returned 0x0
[0306.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2b02d0) returned 0x0
[0306.413] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.414] GetParent (hWnd=0x2b02d0) returned 0x3002c8
[0306.414] GetParent (hWnd=0x3602de) returned 0x2c02ce
[0306.414] SetParent (hWndChild=0x3602de, hWndNewParent=0x3002c8) returned 0x2c02ce
[0306.414] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0306.414] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0306.414] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0306.414] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0306.415] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0306.415] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0306.415] GetWindowRect (in: hWnd=0x3602de, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0306.415] GetParent (hWnd=0x3602de) returned 0x3002c8
[0306.415] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0306.415] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0306.415] GetWindowRect (in: hWnd=0x3602de, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0306.415] GetParent (hWnd=0x3602de) returned 0x3002c8
[0306.415] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0306.415] GetParent (hWnd=0x3602de) returned 0x3002c8
[0306.415] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.415] GetWindow (hWnd=0x3602de, uCmd=0x3) returned 0x0
[0306.415] SetWindowPos (hWnd=0x3602de, hWndInsertAfter=0x2b02d0, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0306.415] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0306.416] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0306.416] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0306.416] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0306.416] GetWindowRect (in: hWnd=0x3602de, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0306.416] GetParent (hWnd=0x3602de) returned 0x3002c8
[0306.416] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0306.416] GetParent (hWnd=0x3602de) returned 0x3002c8
[0306.416] GetWindow (hWnd=0x3602de, uCmd=0x3) returned 0x2b02d0
[0306.416] GetWindowThreadProcessId (in: hWnd=0x3602de, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0306.416] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0306.416] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.417] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.417] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3002c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3802d8
[0306.417] SetWindowLongW (hWnd=0x3802d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0306.417] GetWindowLongW (hWnd=0x3802d8, nIndex=-4) returned 1868032000
[0306.417] SetWindowLongW (hWnd=0x3802d8, nIndex=-4, dwNewLong=19940630) returned 1868032000
[0306.418] GetWindowLongW (hWnd=0x3802d8, nIndex=-4) returned 19940630
[0306.418] GetWindowLongW (hWnd=0x3802d8, nIndex=-16) returned 1174470667
[0306.418] GetWindowLongW (hWnd=0x3802d8, nIndex=-12) returned 0
[0306.418] SetWindowLongW (hWnd=0x3802d8, nIndex=-12, dwNewLong=3670744) returned 0
[0306.418] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0306.419] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0306.419] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0306.420] SendMessageW (hWnd=0x3802d8, Msg=0x2055, wParam=0x3802d8, lParam=0x3) returned 0x2
[0306.420] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0306.420] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0306.420] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0306.420] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0306.420] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0306.420] RedrawWindow (hWnd=0x2b02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0306.421] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0306.421] RedrawWindow (hWnd=0x3602de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0306.421] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0306.421] RedrawWindow (hWnd=0x3802d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0306.421] RedrawWindow (hWnd=0x3002c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0306.421] GetWindow (hWnd=0x3802d8, uCmd=0x3) returned 0x3602de
[0306.421] GetClientRect (in: hWnd=0x3802d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0306.421] GetWindowRect (in: hWnd=0x3802d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0306.421] GetParent (hWnd=0x3802d8) returned 0x3002c8
[0306.421] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0306.421] SetWindowTextW (hWnd=0x3802d8, lpString="&Details") returned 1
[0306.421] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0306.422] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0306.422] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0306.422] GetClientRect (in: hWnd=0x3802d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0306.422] GetWindowRect (in: hWnd=0x3802d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0306.422] GetParent (hWnd=0x3802d8) returned 0x3002c8
[0306.422] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0306.422] SendMessageW (hWnd=0x3802d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3802d8) returned 0x0
[0306.422] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3802d8) returned 0x0
[0306.422] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.423] GetParent (hWnd=0x3802d8) returned 0x3002c8
[0306.423] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0306.423] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.423] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.423] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3002c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3602dc
[0306.423] SetWindowLongW (hWnd=0x3602dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0306.424] GetWindowLongW (hWnd=0x3602dc, nIndex=-4) returned 1868032000
[0306.424] SetWindowLongW (hWnd=0x3602dc, nIndex=-4, dwNewLong=19940790) returned 1868032000
[0306.424] GetWindowLongW (hWnd=0x3602dc, nIndex=-4) returned 19940790
[0306.424] GetWindowLongW (hWnd=0x3602dc, nIndex=-16) returned 1174470667
[0306.424] GetWindowLongW (hWnd=0x3602dc, nIndex=-12) returned 0
[0306.424] SetWindowLongW (hWnd=0x3602dc, nIndex=-12, dwNewLong=3539676) returned 0
[0306.424] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0306.425] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0306.425] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0306.425] SendMessageW (hWnd=0x3602dc, Msg=0x2055, wParam=0x3602dc, lParam=0x3) returned 0x2
[0306.426] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0306.426] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0306.426] GetWindow (hWnd=0x3602dc, uCmd=0x3) returned 0x3802d8
[0306.426] GetClientRect (in: hWnd=0x3602dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0306.426] GetWindowRect (in: hWnd=0x3602dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0306.426] GetParent (hWnd=0x3602dc) returned 0x3002c8
[0306.426] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0306.426] SetWindowTextW (hWnd=0x3602dc, lpString="&Continue") returned 1
[0306.426] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0306.426] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0306.426] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0306.426] GetClientRect (in: hWnd=0x3602dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0306.427] GetWindowRect (in: hWnd=0x3602dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0306.427] GetParent (hWnd=0x3602dc) returned 0x3002c8
[0306.427] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0306.427] SendMessageW (hWnd=0x3602dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3602dc) returned 0x0
[0306.427] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3602dc) returned 0x0
[0306.427] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.427] GetParent (hWnd=0x3602dc) returned 0x3002c8
[0306.427] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0306.427] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.428] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.428] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3002c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3602da
[0306.428] SetWindowLongW (hWnd=0x3602da, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0306.428] GetWindowLongW (hWnd=0x3602da, nIndex=-4) returned 1868032000
[0306.428] SetWindowLongW (hWnd=0x3602da, nIndex=-4, dwNewLong=19941150) returned 1868032000
[0306.428] GetWindowLongW (hWnd=0x3602da, nIndex=-4) returned 19941150
[0306.428] GetWindowLongW (hWnd=0x3602da, nIndex=-16) returned 1174470667
[0306.428] GetWindowLongW (hWnd=0x3602da, nIndex=-12) returned 0
[0306.428] SetWindowLongW (hWnd=0x3602da, nIndex=-12, dwNewLong=3539674) returned 0
[0306.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0306.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0306.429] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0306.430] SendMessageW (hWnd=0x3602da, Msg=0x2055, wParam=0x3602da, lParam=0x3) returned 0x2
[0306.430] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0306.430] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0306.430] GetWindow (hWnd=0x3602da, uCmd=0x3) returned 0x3602dc
[0306.430] GetClientRect (in: hWnd=0x3602da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0306.430] GetWindowRect (in: hWnd=0x3602da, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0306.430] GetParent (hWnd=0x3602da) returned 0x3002c8
[0306.430] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0306.430] SetWindowTextW (hWnd=0x3602da, lpString="&Quit") returned 1
[0306.430] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0306.431] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0306.431] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0306.431] GetClientRect (in: hWnd=0x3602da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0306.431] GetWindowRect (in: hWnd=0x3602da, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0306.431] GetParent (hWnd=0x3602da) returned 0x3002c8
[0306.431] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0306.431] SendMessageW (hWnd=0x3602da, Msg=0x2210, wParam=0x2da0001, lParam=0x3602da) returned 0x0
[0306.431] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x2210, wParam=0x2da0001, lParam=0x3602da) returned 0x0
[0306.431] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.431] GetParent (hWnd=0x3602da) returned 0x3002c8
[0306.431] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0306.432] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.432] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0306.432] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3002c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3900ea
[0306.432] SetWindowLongW (hWnd=0x3900ea, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0306.432] GetWindowLongW (hWnd=0x3900ea, nIndex=-4) returned 1868026976
[0306.433] SetWindowLongW (hWnd=0x3900ea, nIndex=-4, dwNewLong=19941350) returned 1868026976
[0306.433] GetWindowLongW (hWnd=0x3900ea, nIndex=-4) returned 19941350
[0306.433] GetWindowLongW (hWnd=0x3900ea, nIndex=-16) returned 1177553092
[0306.433] GetWindowLongW (hWnd=0x3900ea, nIndex=-12) returned 0
[0306.433] SetWindowLongW (hWnd=0x3900ea, nIndex=-12, dwNewLong=3735786) returned 0
[0306.433] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0306.434] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0306.441] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0306.457] GetWindow (hWnd=0x3900ea, uCmd=0x3) returned 0x3602da
[0306.457] GetClientRect (in: hWnd=0x3900ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0306.457] GetWindowRect (in: hWnd=0x3900ea, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0306.457] GetParent (hWnd=0x3900ea) returned 0x3002c8
[0306.457] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0306.457] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.457] GetSystemMetrics (nIndex=42) returned 0
[0306.457] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.457] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0306.457] SendMessageW (hWnd=0x3900ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0306.457] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0306.466] SetWindowTextW (hWnd=0x3900ea, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0306.466] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0xc, wParam=0x0, lParam=0x2d064fc) returned 0x1
[0306.468] GetSystemMetrics (nIndex=5) returned 1
[0306.468] GetSystemMetrics (nIndex=6) returned 1
[0306.468] SendMessageW (hWnd=0x3900ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0306.468] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0306.468] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0306.469] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0306.469] GetClientRect (in: hWnd=0x3900ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0306.469] GetWindowRect (in: hWnd=0x3900ea, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0306.469] GetParent (hWnd=0x3900ea) returned 0x3002c8
[0306.469] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3002c8, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0306.469] SendMessageW (hWnd=0x3900ea, Msg=0x2210, wParam=0xea0001, lParam=0x3900ea) returned 0x0
[0306.469] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x2210, wParam=0xea0001, lParam=0x3900ea) returned 0x0
[0306.469] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0306.470] GetParent (hWnd=0x3900ea) returned 0x3002c8
[0306.470] GetWindowLongW (hWnd=0x3002c8, nIndex=-8) returned 458844
[0306.470] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0306.470] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0306.470] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x70106b6
[0306.470] GetDeviceCaps (hdc=0x70106b6, index=12) returned 32
[0306.470] GetDeviceCaps (hdc=0x70106b6, index=14) returned 1
[0306.470] DeleteDC (hdc=0x70106b6) returned 1
[0306.470] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0306.470] GetWindowThreadProcessId (in: hWnd=0x3002c8, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0306.470] GetCurrentThreadId () returned 0xf50
[0306.470] PostMessageW (hWnd=0x3002c8, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0306.470] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.470] GetSystemMetrics (nIndex=42) returned 0
[0306.470] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0306.471] GdipImageGetFrameDimensionsCount (image=0x6600cd0, count=0xd7e25c) returned 0x0
[0306.471] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200dd0
[0306.471] GdipImageGetFrameDimensionsList (image=0x6600cd0, dimensionIDs=0x1200dd0*(Data1=0x11f7748, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0306.471] LocalFree (hMem=0x1200dd0) returned 0x0
[0306.471] GdipImageGetFrameDimensionsCount (image=0x6602710, count=0xd7e250) returned 0x0
[0306.471] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200e18
[0306.471] GdipImageGetFrameDimensionsList (image=0x6602710, dimensionIDs=0x1200e18*(Data1=0x1201148, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0306.471] LocalFree (hMem=0x1200e18) returned 0x0
[0306.471] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0306.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0306.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0306.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0306.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.488] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0306.488] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0306.488] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.488] GetSystemMetrics (nIndex=42) returned 0
[0306.488] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0306.488] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0306.488] GetCurrentObject (hdc=0x10105d6, type=0x1) returned 0xb00017
[0306.488] GetCurrentObject (hdc=0x10105d6, type=0x2) returned 0x900010
[0306.488] GetCurrentObject (hdc=0x10105d6, type=0x7) returned 0x770507f3
[0306.488] GetCurrentObject (hdc=0x10105d6, type=0x6) returned 0x8a01c2
[0306.488] SaveDC (hdc=0x10105d6) returned 1
[0306.488] GetNearestColor (hdc=0x10105d6, color=0xf0f0f0) returned 0xf0f0f0
[0306.488] CreateSolidBrush (color=0xf0f0f0) returned 0x711007e1
[0306.488] FillRect (hDC=0x10105d6, lprc=0xd7e1b8, hbr=0x711007e1) returned 1
[0306.488] DeleteObject (ho=0x711007e1) returned 1
[0306.488] RestoreDC (hdc=0x10105d6, nSavedDC=-1) returned 1
[0306.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0306.489] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0306.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0306.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0306.489] GetStockObject (i=5) returned 0x900015
[0306.489] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0306.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0306.490] GetStockObject (i=5) returned 0x900015
[0306.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0306.490] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0306.490] GetStockObject (i=5) returned 0x900015
[0306.490] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0306.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0306.490] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0306.490] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0306.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0306.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0306.492] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0306.492] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0306.492] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.492] InvalidateRect (hWnd=0x3802d8, lpRect=0x0, bErase=0) returned 1
[0306.492] GetFocus () returned 0x3002c8
[0306.492] GetFocus () returned 0x3002c8
[0306.492] SetFocus (hWnd=0x3802d8) returned 0x3002c8
[0306.493] GetFocus () returned 0x3802d8
[0306.493] IsChild (hWndParent=0x3002c8, hWnd=0x3802d8) returned 1
[0306.493] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x8, wParam=0x3802d8, lParam=0x0) returned 0x0
[0306.494] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0306.495] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0306.496] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x7, wParam=0x3002c8, lParam=0x0) returned 0x0
[0306.496] GetStockObject (i=5) returned 0x900015
[0306.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0306.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0306.496] GetDlgItem (hDlg=0x3002c8, nIDDlgItem=3670744) returned 0x3802d8
[0306.496] SendMessageW (hWnd=0x3802d8, Msg=0x202b, wParam=0x3802d8, lParam=0xd7e0dc) returned 0x0
[0306.496] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x202b, wParam=0x3802d8, lParam=0xd7e0dc) returned 0x0
[0306.497] InvalidateRect (hWnd=0x3802d8, lpRect=0x0, bErase=0) returned 1
[0306.504] GetFocus () returned 0x3802d8
[0306.504] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.504] IsWindowUnicode (hWnd=0x3002c8) returned 1
[0306.504] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.504] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.504] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0306.505] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.505] IsWindowUnicode (hWnd=0x3002c8) returned 1
[0306.505] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.505] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.505] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.505] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0306.506] IsWindowUnicode (hWnd=0x3002c8) returned 1
[0306.506] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.506] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.506] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.506] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.506] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.506] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.506] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.506] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.506] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0306.506] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0306.506] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.507] IsWindowUnicode (hWnd=0x3002c8) returned 1
[0306.507] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.507] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.507] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.507] BeginPaint (in: hWnd=0x3002c8, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x107b9
[0306.507] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.508] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.508] GetSystemMetrics (nIndex=42) returned 0
[0306.508] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.508] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0306.508] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.508] EndPaint (hWnd=0x3002c8, lpPaint=0xd7e274) returned 1
[0306.508] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.508] IsWindowUnicode (hWnd=0x2b02d0) returned 1
[0306.508] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.508] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.508] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.508] BeginPaint (in: hWnd=0x2b02d0, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0xc0107c5
[0306.508] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.509] CreateCompatibleDC (hdc=0xc0107c5) returned 0xb70107d3
[0306.509] SelectObject (hdc=0xb70107d3, h=0x4a0507fe) returned 0x85000f
[0306.509] GdipCreateFromHDC (hdc=0xb70107d3, graphics=0xd7e2b0) returned 0x0
[0306.509] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.509] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0306.509] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0306.509] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0306.509] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e310) returned 0x0
[0306.509] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.509] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0306.509] LocalFree (hMem=0x11eec58) returned 0x0
[0306.509] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0306.509] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0306.510] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0306.510] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0306.510] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0306.510] GetWindowTextLengthW (hWnd=0x2b02d0) returned 0
[0306.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0306.510] GetSystemMetrics (nIndex=42) returned 0
[0306.510] GetWindowTextW (in: hWnd=0x2b02d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0306.510] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0306.510] GetClientRect (in: hWnd=0x2b02d0, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0306.510] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0306.510] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0306.510] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0306.510] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0306.510] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e164) returned 0x0
[0306.510] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.510] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0306.510] LocalFree (hMem=0x11ee788) returned 0x0
[0306.510] GdipCombineRegionRegion (region=0x6646ef8, region2=0x66463b8, combineMode=0x1) returned 0x0
[0306.510] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0306.510] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0306.511] LocalFree (hMem=0x11ee9f0) returned 0x0
[0306.511] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0306.511] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0306.511] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0306.511] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0306.511] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0306.511] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0306.511] GetCurrentObject (hdc=0xb70107d3, type=0x1) returned 0xb00017
[0306.511] GetCurrentObject (hdc=0xb70107d3, type=0x2) returned 0x900010
[0306.511] GetCurrentObject (hdc=0xb70107d3, type=0x7) returned 0x4a0507fe
[0306.511] GetCurrentObject (hdc=0xb70107d3, type=0x6) returned 0x8a01c2
[0306.511] SaveDC (hdc=0xb70107d3) returned 1
[0306.511] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6a0407de
[0306.511] GetClipRgn (hdc=0xb70107d3, hrgn=0x6a0407de) returned 0
[0306.511] SelectClipRgn (hdc=0xb70107d3, hrgn=0xe9040807) returned 2
[0306.511] DeleteObject (ho=0x6a0407de) returned 1
[0306.512] DeleteObject (ho=0xe9040807) returned 1
[0306.512] OffsetViewportOrgEx (in: hdc=0xb70107d3, x=0, y=0, lppt=0x2d0c0e8 | out: lppt=0x2d0c0e8) returned 1
[0306.512] GetNearestColor (hdc=0xb70107d3, color=0xf0f0f0) returned 0xf0f0f0
[0306.512] CreateSolidBrush (color=0xf0f0f0) returned 0x721007e1
[0306.512] FillRect (hDC=0xb70107d3, lprc=0xd7e198, hbr=0x721007e1) returned 1
[0306.512] DeleteObject (ho=0x721007e1) returned 1
[0306.512] RestoreDC (hdc=0xb70107d3, nSavedDC=-1) returned 1
[0306.512] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107d3) returned 0x0
[0306.512] GdipRestoreGraphics (graphics=0x6600030, state=0xf5640dbd) returned 0x0
[0306.512] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0306.512] GetWindowTextLengthW (hWnd=0x2b02d0) returned 0
[0306.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0306.512] GetSystemMetrics (nIndex=42) returned 0
[0306.512] GetWindowTextW (in: hWnd=0x2b02d0, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0306.512] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0306.512] GdipGetImageWidth (image=0x6600cd0, width=0xd7e1e0) returned 0x0
[0306.516] GdipGetImageHeight (image=0x6600cd0, height=0xd7e1e0) returned 0x0
[0306.516] GdipGetImageWidth (image=0x6600cd0, width=0xd7e1cc) returned 0x0
[0306.516] GdipGetImageHeight (image=0x6600cd0, height=0xd7e1cc) returned 0x0
[0306.516] GdipDrawImageRectI (graphics=0x6600030, image=0x6600cd0, x=16, y=16, width=32, height=32) returned 0x0
[0306.516] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0306.516] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=64, cy=64, hdcSrc=0xb70107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.516] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107d3) returned 0x0
[0306.516] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.516] SelectObject (hdc=0xb70107d3, h=0x85000f) returned 0x4a0507fe
[0306.516] DeleteDC (hdc=0xb70107d3) returned 1
[0306.516] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.516] EndPaint (hWnd=0x2b02d0, lpPaint=0xd7e294) returned 1
[0306.516] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.517] IsWindowUnicode (hWnd=0x3602de) returned 1
[0306.517] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.517] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.517] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.518] BeginPaint (in: hWnd=0x3602de, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x10105d6
[0306.518] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.518] CreateCompatibleDC (hdc=0x10105d6) returned 0xb90107d3
[0306.518] GetObjectType (h=0x10105d6) returned 0x3
[0306.518] CreateCompatibleBitmap (hdc=0x10105d6, cx=1, cy=1) returned 0x130506b6
[0306.518] GetDIBits (in: hdc=0x10105d6, hbm=0x130506b6, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0306.518] GetDIBits (in: hdc=0x10105d6, hbm=0x130506b6, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0306.518] DeleteObject (ho=0x130506b6) returned 1
[0306.518] CreateDIBSection (in: hdc=0x10105d6, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xfa0507ec
[0306.518] SelectObject (hdc=0xb90107d3, h=0xfa0507ec) returned 0x85000f
[0306.518] GdipCreateFromHDC (hdc=0xb90107d3, graphics=0xd7e234) returned 0x0
[0306.519] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.519] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0306.519] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0306.519] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0306.519] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2d4) returned 0x0
[0306.519] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.519] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0306.519] LocalFree (hMem=0x11eec58) returned 0x0
[0306.519] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0306.519] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0306.519] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0306.519] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0306.519] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0306.519] GetWindowTextLengthW (hWnd=0x3602de) returned 232
[0306.519] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0306.519] GetSystemMetrics (nIndex=42) returned 0
[0306.519] GetWindowTextW (in: hWnd=0x3602de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0306.519] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0306.519] GetClientRect (in: hWnd=0x3602de, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0306.519] GdipCreateRegion (region=0xd7e110) returned 0x0
[0306.519] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0306.519] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0306.520] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0306.520] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e128) returned 0x0
[0306.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.520] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0306.520] LocalFree (hMem=0x11ee788) returned 0x0
[0306.520] GdipCombineRegionRegion (region=0x6646328, region2=0x6646448, combineMode=0x1) returned 0x0
[0306.520] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.520] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0306.520] LocalFree (hMem=0x11eec58) returned 0x0
[0306.520] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0306.520] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e150) returned 0x0
[0306.520] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e140) returned 0x0
[0306.520] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0306.520] GdipDeleteRegion (region=0x6646328) returned 0x0
[0306.520] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0306.520] GetCurrentObject (hdc=0xb90107d3, type=0x1) returned 0xb00017
[0306.520] GetCurrentObject (hdc=0xb90107d3, type=0x2) returned 0x900010
[0306.520] GetCurrentObject (hdc=0xb90107d3, type=0x7) returned 0xfffffffffa0507ec
[0306.520] GetCurrentObject (hdc=0xb90107d3, type=0x6) returned 0x8a01c2
[0306.520] SaveDC (hdc=0xb90107d3) returned 1
[0306.520] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xea040807
[0306.520] GetClipRgn (hdc=0xb90107d3, hrgn=0xea040807) returned 0
[0306.521] SelectClipRgn (hdc=0xb90107d3, hrgn=0x6b0407de) returned 2
[0306.521] DeleteObject (ho=0xea040807) returned 1
[0306.521] DeleteObject (ho=0x6b0407de) returned 1
[0306.521] OffsetViewportOrgEx (in: hdc=0xb90107d3, x=0, y=0, lppt=0x2d0dab0 | out: lppt=0x2d0dab0) returned 1
[0306.521] GetNearestColor (hdc=0xb90107d3, color=0xf0f0f0) returned 0xf0f0f0
[0306.521] CreateSolidBrush (color=0xf0f0f0) returned 0x731007e1
[0306.521] FillRect (hDC=0xb90107d3, lprc=0xd7e15c, hbr=0x731007e1) returned 1
[0306.522] DeleteObject (ho=0x731007e1) returned 1
[0306.522] RestoreDC (hdc=0xb90107d3, nSavedDC=-1) returned 1
[0306.522] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107d3) returned 0x0
[0306.522] GdipRestoreGraphics (graphics=0x6600030, state=0xf5620dbd) returned 0x0
[0306.522] GdipDeleteRegion (region=0x6646448) returned 0x0
[0306.522] GetWindowTextLengthW (hWnd=0x3602de) returned 232
[0306.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0306.522] GetSystemMetrics (nIndex=42) returned 0
[0306.522] GetWindowTextW (in: hWnd=0x3602de, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0306.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0306.522] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0306.522] GetCurrentObject (hdc=0xb90107d3, type=0x1) returned 0xb00017
[0306.522] GetCurrentObject (hdc=0xb90107d3, type=0x2) returned 0x900010
[0306.522] GetCurrentObject (hdc=0xb90107d3, type=0x7) returned 0xfffffffffa0507ec
[0306.523] GetCurrentObject (hdc=0xb90107d3, type=0x6) returned 0x8a01c2
[0306.523] SaveDC (hdc=0xb90107d3) returned 1
[0306.523] GetNearestColor (hdc=0xb90107d3, color=0x0) returned 0x0
[0306.523] RestoreDC (hdc=0xb90107d3, nSavedDC=-1) returned 1
[0306.523] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107d3) returned 0x0
[0306.523] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0306.523] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0306.523] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d0e2ac | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0306.524] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0306.524] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0306.524] GetCurrentObject (hdc=0xb90107d3, type=0x1) returned 0xb00017
[0306.524] GetCurrentObject (hdc=0xb90107d3, type=0x2) returned 0x900010
[0306.524] GetCurrentObject (hdc=0xb90107d3, type=0x7) returned 0xfffffffffa0507ec
[0306.524] GetCurrentObject (hdc=0xb90107d3, type=0x6) returned 0x8a01c2
[0306.524] SaveDC (hdc=0xb90107d3) returned 1
[0306.524] GetTextAlign (hdc=0xb90107d3) returned 0x0
[0306.524] GetTextColor (hdc=0xb90107d3) returned 0x0
[0306.524] GetCurrentObject (hdc=0xb90107d3, type=0x6) returned 0x8a01c2
[0306.524] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0306.524] SelectObject (hdc=0xb90107d3, h=0x6d0a0520) returned 0x8a01c2
[0306.524] GetBkMode (hdc=0xb90107d3) returned 2
[0306.524] SetBkMode (hdc=0xb90107d3, mode=1) returned 2
[0306.524] DrawTextExW (in: hdc=0xb90107d3, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d0e4d0 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0306.527] RestoreDC (hdc=0xb90107d3, nSavedDC=-1) returned 1
[0306.527] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107d3) returned 0x0
[0306.527] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0306.527] BitBlt (hdc=0x10105d6, x=0, y=0, cx=354, cy=68, hdcSrc=0xb90107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.527] GdipReleaseDC (graphics=0x6600030, hdc=0xb90107d3) returned 0x0
[0306.527] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.527] SelectObject (hdc=0xb90107d3, h=0x85000f) returned 0xfa0507ec
[0306.527] DeleteDC (hdc=0xb90107d3) returned 1
[0306.527] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.527] DeleteObject (ho=0xfa0507ec) returned 1
[0306.528] EndPaint (hWnd=0x3602de, lpPaint=0xd7e258) returned 1
[0306.565] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.566] IsWindowUnicode (hWnd=0x3602dc) returned 1
[0306.566] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.566] SetCursor (hCursor=0x10003) returned 0x10003
[0306.566] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.566] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.566] _TrackMouseEvent (in: lpEventTrack=0x2d0e50c | out: lpEventTrack=0x2d0e50c) returned 1
[0306.566] SendMessageW (hWnd=0x3602dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0306.566] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0306.566] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.566] GetKeyState (nVirtKey=1) returned 0
[0306.566] GetKeyState (nVirtKey=2) returned 0
[0306.566] GetKeyState (nVirtKey=4) returned 0
[0306.566] GetKeyState (nVirtKey=5) returned 0
[0306.566] GetKeyState (nVirtKey=6) returned 0
[0306.567] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.567] IsWindowUnicode (hWnd=0x3802d8) returned 1
[0306.567] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.567] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.567] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.567] BeginPaint (in: hWnd=0x3802d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0306.567] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.567] CreateCompatibleDC (hdc=0xf0105ee) returned 0xfc0107ec
[0306.567] SelectObject (hdc=0xfc0107ec, h=0x4a0507fe) returned 0x85000f
[0306.567] GdipCreateFromHDC (hdc=0xfc0107ec, graphics=0xd7e268) returned 0x0
[0306.567] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.567] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0306.567] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0306.567] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0306.567] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e2c8) returned 0x0
[0306.568] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.568] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eec58) returned 0x0
[0306.568] LocalFree (hMem=0x11eec58) returned 0x0
[0306.568] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0306.568] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0306.568] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0306.568] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0306.568] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0306.568] GdipRestoreGraphics (graphics=0x6600030, state=0xf5600dbd) returned 0x0
[0306.568] GdipDeleteRegion (region=0x6646718) returned 0x0
[0306.568] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0306.568] GetCurrentObject (hdc=0xfc0107ec, type=0x1) returned 0xb00017
[0306.568] GetCurrentObject (hdc=0xfc0107ec, type=0x2) returned 0x900010
[0306.568] GetCurrentObject (hdc=0xfc0107ec, type=0x7) returned 0x4a0507fe
[0306.568] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.568] SaveDC (hdc=0xfc0107ec) returned 1
[0306.568] GetNearestColor (hdc=0xfc0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.568] GetNearestColor (hdc=0xfc0107ec, color=0xa0a0a0) returned 0xa0a0a0
[0306.568] GetNearestColor (hdc=0xfc0107ec, color=0x696969) returned 0x696969
[0306.568] GetNearestColor (hdc=0xfc0107ec, color=0xa0a0a0) returned 0xa0a0a0
[0306.569] GetNearestColor (hdc=0xfc0107ec, color=0x0) returned 0x0
[0306.569] GetNearestColor (hdc=0xfc0107ec, color=0xffffff) returned 0xffffff
[0306.569] GetNearestColor (hdc=0xfc0107ec, color=0xe5e5e5) returned 0xe5e5e5
[0306.569] GetNearestColor (hdc=0xfc0107ec, color=0xd7d7d7) returned 0xd7d7d7
[0306.569] GetNearestColor (hdc=0xfc0107ec, color=0x0) returned 0x0
[0306.569] RestoreDC (hdc=0xfc0107ec, nSavedDC=-1) returned 1
[0306.569] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107ec) returned 0x0
[0306.569] IsAppThemed () returned 0x1
[0306.569] GetThemeAppProperties () returned 0x3
[0306.569] GetThemeAppProperties () returned 0x3
[0306.569] GdipGetImageWidth (image=0x6602710, width=0xd7e168) returned 0x0
[0306.569] GdipGetImageHeight (image=0x6602710, height=0xd7e168) returned 0x0
[0306.569] IsAppThemed () returned 0x1
[0306.569] GetThemeAppProperties () returned 0x3
[0306.569] GetThemeAppProperties () returned 0x3
[0306.569] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d0ec78 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0306.569] IsAppThemed () returned 0x1
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] IsAppThemed () returned 0x1
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetFocus () returned 0x3802d8
[0306.570] IsAppThemed () returned 0x1
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] IsAppThemed () returned 0x1
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] IsThemePartDefined () returned 0x1
[0306.570] IsAppThemed () returned 0x1
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.570] IsAppThemed () returned 0x1
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] IsAppThemed () returned 0x1
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] GetThemeAppProperties () returned 0x3
[0306.570] IsThemePartDefined () returned 0x1
[0306.570] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0306.570] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0306.570] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0306.571] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0306.571] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0306.571] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.571] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0306.571] LocalFree (hMem=0x11ee788) returned 0x0
[0306.571] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0306.571] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee910) returned 0x0
[0306.571] LocalFree (hMem=0x11ee910) returned 0x0
[0306.571] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0306.571] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e018) returned 0x0
[0306.571] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e008) returned 0x0
[0306.571] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0306.571] GdipDeleteRegion (region=0x6646718) returned 0x0
[0306.571] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0306.571] GetCurrentObject (hdc=0xfc0107ec, type=0x1) returned 0xb00017
[0306.571] GetCurrentObject (hdc=0xfc0107ec, type=0x2) returned 0x900010
[0306.571] GetCurrentObject (hdc=0xfc0107ec, type=0x7) returned 0x4a0507fe
[0306.571] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.571] SaveDC (hdc=0xfc0107ec) returned 1
[0306.571] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6c0407de
[0306.571] GetClipRgn (hdc=0xfc0107ec, hrgn=0x6c0407de) returned 0
[0306.572] SelectClipRgn (hdc=0xfc0107ec, hrgn=0xee040807) returned 2
[0306.572] DeleteObject (ho=0x6c0407de) returned 1
[0306.572] DeleteObject (ho=0xee040807) returned 1
[0306.572] OffsetViewportOrgEx (in: hdc=0xfc0107ec, x=0, y=0, lppt=0x2d0f328 | out: lppt=0x2d0f328) returned 1
[0306.572] DrawThemeParentBackground () returned 0x0
[0306.572] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0306.572] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0306.572] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.572] GetSystemMetrics (nIndex=42) returned 0
[0306.572] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.572] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0306.572] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0306.572] GetCurrentObject (hdc=0xfc0107ec, type=0x1) returned 0xb00017
[0306.572] GetCurrentObject (hdc=0xfc0107ec, type=0x2) returned 0x900010
[0306.572] GetCurrentObject (hdc=0xfc0107ec, type=0x7) returned 0x4a0507fe
[0306.572] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.572] SaveDC (hdc=0xfc0107ec) returned 2
[0306.572] GetNearestColor (hdc=0xfc0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.572] CreateSolidBrush (color=0xf0f0f0) returned 0x741007e1
[0306.573] FillRect (hDC=0xfc0107ec, lprc=0xd7da38, hbr=0x741007e1) returned 1
[0306.573] DeleteObject (ho=0x741007e1) returned 1
[0306.573] RestoreDC (hdc=0xfc0107ec, nSavedDC=-1) returned 1
[0306.573] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.573] GetSystemMetrics (nIndex=42) returned 0
[0306.573] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0306.573] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0306.573] GetCurrentObject (hdc=0xfc0107ec, type=0x1) returned 0xb00017
[0306.573] GetCurrentObject (hdc=0xfc0107ec, type=0x2) returned 0x900010
[0306.573] GetCurrentObject (hdc=0xfc0107ec, type=0x7) returned 0x4a0507fe
[0306.573] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.573] SaveDC (hdc=0xfc0107ec) returned 2
[0306.573] GetNearestColor (hdc=0xfc0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.573] CreateSolidBrush (color=0xf0f0f0) returned 0x751007e1
[0306.573] FillRect (hDC=0xfc0107ec, lprc=0xd7d9d8, hbr=0x751007e1) returned 1
[0306.573] DeleteObject (ho=0x751007e1) returned 1
[0306.573] RestoreDC (hdc=0xfc0107ec, nSavedDC=-1) returned 1
[0306.573] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.573] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.573] GetSystemMetrics (nIndex=42) returned 0
[0306.573] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.574] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0306.574] RestoreDC (hdc=0xfc0107ec, nSavedDC=-1) returned 1
[0306.574] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107ec) returned 0x0
[0306.574] IsAppThemed () returned 0x1
[0306.574] GetThemeAppProperties () returned 0x3
[0306.574] GetThemeAppProperties () returned 0x3
[0306.574] IsAppThemed () returned 0x1
[0306.574] GetThemeAppProperties () returned 0x3
[0306.574] GetThemeAppProperties () returned 0x3
[0306.574] IsThemePartDefined () returned 0x1
[0306.574] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0306.574] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0306.574] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0306.574] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0306.574] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0306.574] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0306.574] LocalFree (hMem=0x11ee9f0) returned 0x0
[0306.574] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eed00) returned 0x0
[0306.574] LocalFree (hMem=0x11eed00) returned 0x0
[0306.574] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0306.574] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0306.575] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0306.575] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0306.575] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0306.575] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0306.575] GetCurrentObject (hdc=0xfc0107ec, type=0x1) returned 0xb00017
[0306.575] GetCurrentObject (hdc=0xfc0107ec, type=0x2) returned 0x900010
[0306.575] GetCurrentObject (hdc=0xfc0107ec, type=0x7) returned 0x4a0507fe
[0306.575] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.578] SaveDC (hdc=0xfc0107ec) returned 1
[0306.578] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xef040807
[0306.579] GetClipRgn (hdc=0xfc0107ec, hrgn=0xef040807) returned 0
[0306.579] SelectClipRgn (hdc=0xfc0107ec, hrgn=0x6e0407de) returned 2
[0306.579] DeleteObject (ho=0xef040807) returned 1
[0306.579] DeleteObject (ho=0x6e0407de) returned 1
[0306.579] OffsetViewportOrgEx (in: hdc=0xfc0107ec, x=0, y=0, lppt=0x2d0fbd4 | out: lppt=0x2d0fbd4) returned 1
[0306.579] IsAppThemed () returned 0x1
[0306.579] GetThemeAppProperties () returned 0x3
[0306.579] GetThemeAppProperties () returned 0x3
[0306.579] DrawThemeBackground () returned 0x0
[0306.579] RestoreDC (hdc=0xfc0107ec, nSavedDC=-1) returned 1
[0306.579] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107ec) returned 0x0
[0306.579] GdipCreateRegion (region=0xd7df60) returned 0x0
[0306.579] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0306.579] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0306.579] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0306.579] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0306.579] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0306.579] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0306.579] LocalFree (hMem=0x11ee910) returned 0x0
[0306.579] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.580] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0306.580] LocalFree (hMem=0x11ee788) returned 0x0
[0306.580] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0306.580] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0306.580] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df90) returned 0x0
[0306.580] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0306.580] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0306.580] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0306.580] GetCurrentObject (hdc=0xfc0107ec, type=0x1) returned 0xb00017
[0306.580] GetCurrentObject (hdc=0xfc0107ec, type=0x2) returned 0x900010
[0306.580] GetCurrentObject (hdc=0xfc0107ec, type=0x7) returned 0x4a0507fe
[0306.580] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.580] SaveDC (hdc=0xfc0107ec) returned 1
[0306.580] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6f0407de
[0306.580] GetClipRgn (hdc=0xfc0107ec, hrgn=0x6f0407de) returned 0
[0306.580] SelectClipRgn (hdc=0xfc0107ec, hrgn=0xf0040807) returned 2
[0306.580] DeleteObject (ho=0x6f0407de) returned 1
[0306.580] DeleteObject (ho=0xf0040807) returned 1
[0306.580] OffsetViewportOrgEx (in: hdc=0xfc0107ec, x=0, y=0, lppt=0x2d0fea8 | out: lppt=0x2d0fea8) returned 1
[0306.580] IsAppThemed () returned 0x1
[0306.580] GetThemeAppProperties () returned 0x3
[0306.580] GetThemeAppProperties () returned 0x3
[0306.581] GetThemeBackgroundContentRect () returned 0x0
[0306.581] RestoreDC (hdc=0xfc0107ec, nSavedDC=-1) returned 1
[0306.581] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107ec) returned 0x0
[0306.581] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0306.581] GdipGetClip (graphics=0x6600030, region=0x6646dd8) returned 0x0
[0306.581] GdipCloneRegion (region=0x6646dd8, cloneRegion=0xd7e150) returned 0x0
[0306.581] GdipCombineRegionRectI (region=0x66469e8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0306.581] GdipCombineRegionRectI (region=0x66469e8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0306.581] GdipSetClipRegion (graphics=0x6600030, region=0x66469e8, combineMode=0x0) returned 0x0
[0306.581] GdipGetImageWidth (image=0x6602710, width=0xd7e154) returned 0x0
[0306.581] GdipGetImageHeight (image=0x6602710, height=0xd7e148) returned 0x0
[0306.581] GdipDrawImageRectI (graphics=0x6600030, image=0x6602710, x=4, y=4, width=16, height=16) returned 0x0
[0306.581] GdipSetClipRegion (graphics=0x6600030, region=0x6646dd8, combineMode=0x0) returned 0x0
[0306.581] IsAppThemed () returned 0x1
[0306.581] GetThemeAppProperties () returned 0x3
[0306.581] GetThemeAppProperties () returned 0x3
[0306.581] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0306.581] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0306.581] GetCurrentObject (hdc=0xfc0107ec, type=0x1) returned 0xb00017
[0306.581] GetCurrentObject (hdc=0xfc0107ec, type=0x2) returned 0x900010
[0306.581] GetCurrentObject (hdc=0xfc0107ec, type=0x7) returned 0x4a0507fe
[0306.581] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.582] SaveDC (hdc=0xfc0107ec) returned 1
[0306.582] GetTextAlign (hdc=0xfc0107ec) returned 0x0
[0306.582] GetTextColor (hdc=0xfc0107ec) returned 0x0
[0306.582] GetCurrentObject (hdc=0xfc0107ec, type=0x6) returned 0x8a01c2
[0306.582] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0306.582] SelectObject (hdc=0xfc0107ec, h=0x6d0a0520) returned 0x8a01c2
[0306.582] GetBkMode (hdc=0xfc0107ec) returned 2
[0306.582] SetBkMode (hdc=0xfc0107ec, mode=1) returned 2
[0306.582] DrawTextExW (in: hdc=0xfc0107ec, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d10268 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0306.582] DrawTextExW (in: hdc=0xfc0107ec, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d10268 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0306.582] RestoreDC (hdc=0xfc0107ec, nSavedDC=-1) returned 1
[0306.583] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107ec) returned 0x0
[0306.583] GetFocus () returned 0x3802d8
[0306.583] IsAppThemed () returned 0x1
[0306.583] GetThemeAppProperties () returned 0x3
[0306.583] GetThemeAppProperties () returned 0x3
[0306.583] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0306.583] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xfc0107ec, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.583] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107ec) returned 0x0
[0306.583] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.583] SelectObject (hdc=0xfc0107ec, h=0x85000f) returned 0x4a0507fe
[0306.583] DeleteDC (hdc=0xfc0107ec) returned 1
[0306.583] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.583] EndPaint (hWnd=0x3802d8, lpPaint=0xd7e24c) returned 1
[0306.583] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.584] IsWindowUnicode (hWnd=0x3602dc) returned 1
[0306.584] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.584] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.584] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.584] BeginPaint (in: hWnd=0x3602dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0306.584] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.584] CreateCompatibleDC (hdc=0x107b9) returned 0xfe0107ec
[0306.584] SelectObject (hdc=0xfe0107ec, h=0x4a0507fe) returned 0x85000f
[0306.584] GdipCreateFromHDC (hdc=0xfe0107ec, graphics=0xd7e268) returned 0x0
[0306.584] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.584] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0306.584] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0306.584] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0306.584] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0306.584] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.584] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0306.585] LocalFree (hMem=0x11ee868) returned 0x0
[0306.585] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0306.585] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0306.585] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0306.585] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0306.585] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0306.585] GdipRestoreGraphics (graphics=0x6600030, state=0xf55e0dbd) returned 0x0
[0306.585] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0306.585] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0306.585] GetCurrentObject (hdc=0xfe0107ec, type=0x1) returned 0xb00017
[0306.585] GetCurrentObject (hdc=0xfe0107ec, type=0x2) returned 0x900010
[0306.585] GetCurrentObject (hdc=0xfe0107ec, type=0x7) returned 0x4a0507fe
[0306.585] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.585] SaveDC (hdc=0xfe0107ec) returned 1
[0306.585] GetNearestColor (hdc=0xfe0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.585] GetNearestColor (hdc=0xfe0107ec, color=0xa0a0a0) returned 0xa0a0a0
[0306.585] GetNearestColor (hdc=0xfe0107ec, color=0x696969) returned 0x696969
[0306.585] GetNearestColor (hdc=0xfe0107ec, color=0xa0a0a0) returned 0xa0a0a0
[0306.585] GetNearestColor (hdc=0xfe0107ec, color=0x0) returned 0x0
[0306.585] GetNearestColor (hdc=0xfe0107ec, color=0xffffff) returned 0xffffff
[0306.586] GetNearestColor (hdc=0xfe0107ec, color=0xe5e5e5) returned 0xe5e5e5
[0306.586] GetNearestColor (hdc=0xfe0107ec, color=0xd7d7d7) returned 0xd7d7d7
[0306.586] GetNearestColor (hdc=0xfe0107ec, color=0x0) returned 0x0
[0306.586] RestoreDC (hdc=0xfe0107ec, nSavedDC=-1) returned 1
[0306.586] GdipReleaseDC (graphics=0x6600030, hdc=0xfe0107ec) returned 0x0
[0306.586] IsAppThemed () returned 0x1
[0306.586] GetThemeAppProperties () returned 0x3
[0306.586] GetThemeAppProperties () returned 0x3
[0306.586] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0306.586] SendMessageW (hWnd=0x3002c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0306.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0306.586] IsAppThemed () returned 0x1
[0306.586] GetThemeAppProperties () returned 0x3
[0306.586] GetThemeAppProperties () returned 0x3
[0306.586] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d10a78 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0306.586] IsAppThemed () returned 0x1
[0306.586] GetThemeAppProperties () returned 0x3
[0306.586] GetThemeAppProperties () returned 0x3
[0306.586] IsAppThemed () returned 0x1
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] IsAppThemed () returned 0x1
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] IsAppThemed () returned 0x1
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] IsThemePartDefined () returned 0x1
[0306.587] IsAppThemed () returned 0x1
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.587] IsAppThemed () returned 0x1
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] IsAppThemed () returned 0x1
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] GetThemeAppProperties () returned 0x3
[0306.587] IsThemePartDefined () returned 0x1
[0306.587] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0306.587] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0306.587] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0306.587] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0306.587] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfe4) returned 0x0
[0306.587] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0306.587] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eed00) returned 0x0
[0306.588] LocalFree (hMem=0x11eed00) returned 0x0
[0306.588] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.588] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0306.588] LocalFree (hMem=0x11ee868) returned 0x0
[0306.588] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0306.588] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0306.588] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0306.588] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0306.588] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0306.588] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0306.588] GetCurrentObject (hdc=0xfe0107ec, type=0x1) returned 0xb00017
[0306.588] GetCurrentObject (hdc=0xfe0107ec, type=0x2) returned 0x900010
[0306.588] GetCurrentObject (hdc=0xfe0107ec, type=0x7) returned 0x4a0507fe
[0306.588] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.588] SaveDC (hdc=0xfe0107ec) returned 1
[0306.588] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf1040807
[0306.588] GetClipRgn (hdc=0xfe0107ec, hrgn=0xf1040807) returned 0
[0306.588] SelectClipRgn (hdc=0xfe0107ec, hrgn=0x730407de) returned 2
[0306.588] DeleteObject (ho=0xf1040807) returned 1
[0306.588] DeleteObject (ho=0x730407de) returned 1
[0306.588] OffsetViewportOrgEx (in: hdc=0xfe0107ec, x=0, y=0, lppt=0x2d11128 | out: lppt=0x2d11128) returned 1
[0306.589] DrawThemeParentBackground () returned 0x0
[0306.589] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0306.589] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0306.589] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.589] GetSystemMetrics (nIndex=42) returned 0
[0306.589] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.589] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0306.589] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0306.589] GetCurrentObject (hdc=0xfe0107ec, type=0x1) returned 0xb00017
[0306.589] GetCurrentObject (hdc=0xfe0107ec, type=0x2) returned 0x900010
[0306.589] GetCurrentObject (hdc=0xfe0107ec, type=0x7) returned 0x4a0507fe
[0306.589] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.589] SaveDC (hdc=0xfe0107ec) returned 2
[0306.589] GetNearestColor (hdc=0xfe0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.589] CreateSolidBrush (color=0xf0f0f0) returned 0x761007e1
[0306.589] FillRect (hDC=0xfe0107ec, lprc=0xd7da30, hbr=0x761007e1) returned 1
[0306.589] DeleteObject (ho=0x761007e1) returned 1
[0306.589] RestoreDC (hdc=0xfe0107ec, nSavedDC=-1) returned 1
[0306.590] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.590] GetSystemMetrics (nIndex=42) returned 0
[0306.590] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0306.590] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0306.590] GetCurrentObject (hdc=0xfe0107ec, type=0x1) returned 0xb00017
[0306.590] GetCurrentObject (hdc=0xfe0107ec, type=0x2) returned 0x900010
[0306.590] GetCurrentObject (hdc=0xfe0107ec, type=0x7) returned 0x4a0507fe
[0306.590] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.590] SaveDC (hdc=0xfe0107ec) returned 2
[0306.590] GetNearestColor (hdc=0xfe0107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.590] CreateSolidBrush (color=0xf0f0f0) returned 0x771007e1
[0306.590] FillRect (hDC=0xfe0107ec, lprc=0xd7d9d0, hbr=0x771007e1) returned 1
[0306.590] DeleteObject (ho=0x771007e1) returned 1
[0306.590] RestoreDC (hdc=0xfe0107ec, nSavedDC=-1) returned 1
[0306.590] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.590] GetSystemMetrics (nIndex=42) returned 0
[0306.590] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0306.595] RestoreDC (hdc=0xfe0107ec, nSavedDC=-1) returned 1
[0306.595] GdipReleaseDC (graphics=0x6600030, hdc=0xfe0107ec) returned 0x0
[0306.595] IsAppThemed () returned 0x1
[0306.595] GetThemeAppProperties () returned 0x3
[0306.595] GetThemeAppProperties () returned 0x3
[0306.595] IsAppThemed () returned 0x1
[0306.595] GetThemeAppProperties () returned 0x3
[0306.595] GetThemeAppProperties () returned 0x3
[0306.596] IsThemePartDefined () returned 0x1
[0306.596] GdipCreateRegion (region=0xd7df50) returned 0x0
[0306.596] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0306.596] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0306.596] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0306.596] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df68) returned 0x0
[0306.596] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.596] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0306.596] LocalFree (hMem=0x11eec58) returned 0x0
[0306.596] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0306.596] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eead0) returned 0x0
[0306.596] LocalFree (hMem=0x11eead0) returned 0x0
[0306.596] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0306.596] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df90) returned 0x0
[0306.596] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df80) returned 0x0
[0306.596] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0306.596] GdipDeleteRegion (region=0x6646448) returned 0x0
[0306.596] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0306.596] GetCurrentObject (hdc=0xfe0107ec, type=0x1) returned 0xb00017
[0306.596] GetCurrentObject (hdc=0xfe0107ec, type=0x2) returned 0x900010
[0306.596] GetCurrentObject (hdc=0xfe0107ec, type=0x7) returned 0x4a0507fe
[0306.596] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.596] SaveDC (hdc=0xfe0107ec) returned 1
[0306.597] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x740407de
[0306.597] GetClipRgn (hdc=0xfe0107ec, hrgn=0x740407de) returned 0
[0306.597] SelectClipRgn (hdc=0xfe0107ec, hrgn=0xf3040807) returned 2
[0306.597] DeleteObject (ho=0x740407de) returned 1
[0306.597] DeleteObject (ho=0xf3040807) returned 1
[0306.597] OffsetViewportOrgEx (in: hdc=0xfe0107ec, x=0, y=0, lppt=0x2d119d4 | out: lppt=0x2d119d4) returned 1
[0306.597] IsAppThemed () returned 0x1
[0306.597] GetThemeAppProperties () returned 0x3
[0306.597] GetThemeAppProperties () returned 0x3
[0306.597] DrawThemeBackground () returned 0x0
[0306.597] RestoreDC (hdc=0xfe0107ec, nSavedDC=-1) returned 1
[0306.597] GdipReleaseDC (graphics=0x6600030, hdc=0xfe0107ec) returned 0x0
[0306.597] GdipCreateRegion (region=0xd7df54) returned 0x0
[0306.597] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0306.597] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0306.597] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0306.597] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df6c) returned 0x0
[0306.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.597] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0306.597] LocalFree (hMem=0x11eec58) returned 0x0
[0306.597] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0306.597] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea60) returned 0x0
[0306.598] LocalFree (hMem=0x11eea60) returned 0x0
[0306.598] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0306.598] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df94) returned 0x0
[0306.598] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7df84) returned 0x0
[0306.598] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0306.598] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0306.598] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0306.598] GetCurrentObject (hdc=0xfe0107ec, type=0x1) returned 0xb00017
[0306.598] GetCurrentObject (hdc=0xfe0107ec, type=0x2) returned 0x900010
[0306.598] GetCurrentObject (hdc=0xfe0107ec, type=0x7) returned 0x4a0507fe
[0306.598] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.598] SaveDC (hdc=0xfe0107ec) returned 1
[0306.598] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf4040807
[0306.598] GetClipRgn (hdc=0xfe0107ec, hrgn=0xf4040807) returned 0
[0306.598] SelectClipRgn (hdc=0xfe0107ec, hrgn=0x750407de) returned 2
[0306.598] DeleteObject (ho=0xf4040807) returned 1
[0306.598] DeleteObject (ho=0x750407de) returned 1
[0306.598] OffsetViewportOrgEx (in: hdc=0xfe0107ec, x=0, y=0, lppt=0x2d11ca8 | out: lppt=0x2d11ca8) returned 1
[0306.598] IsAppThemed () returned 0x1
[0306.598] GetThemeAppProperties () returned 0x3
[0306.598] GetThemeAppProperties () returned 0x3
[0306.598] GetThemeBackgroundContentRect () returned 0x0
[0306.598] RestoreDC (hdc=0xfe0107ec, nSavedDC=-1) returned 1
[0306.599] GdipReleaseDC (graphics=0x6600030, hdc=0xfe0107ec) returned 0x0
[0306.599] IsAppThemed () returned 0x1
[0306.599] GetThemeAppProperties () returned 0x3
[0306.599] GetThemeAppProperties () returned 0x3
[0306.599] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0306.599] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0306.599] GetCurrentObject (hdc=0xfe0107ec, type=0x1) returned 0xb00017
[0306.599] GetCurrentObject (hdc=0xfe0107ec, type=0x2) returned 0x900010
[0306.599] GetCurrentObject (hdc=0xfe0107ec, type=0x7) returned 0x4a0507fe
[0306.599] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.599] SaveDC (hdc=0xfe0107ec) returned 1
[0306.599] GetTextAlign (hdc=0xfe0107ec) returned 0x0
[0306.599] GetTextColor (hdc=0xfe0107ec) returned 0x0
[0306.599] GetCurrentObject (hdc=0xfe0107ec, type=0x6) returned 0x8a01c2
[0306.599] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0306.599] SelectObject (hdc=0xfe0107ec, h=0x6d0a0520) returned 0x8a01c2
[0306.599] GetBkMode (hdc=0xfe0107ec) returned 2
[0306.599] SetBkMode (hdc=0xfe0107ec, mode=1) returned 2
[0306.600] DrawTextExW (in: hdc=0xfe0107ec, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d12048 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0306.600] DrawTextExW (in: hdc=0xfe0107ec, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d12048 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0306.600] RestoreDC (hdc=0xfe0107ec, nSavedDC=-1) returned 1
[0306.600] GdipReleaseDC (graphics=0x6600030, hdc=0xfe0107ec) returned 0x0
[0306.600] GetFocus () returned 0x3802d8
[0306.600] IsAppThemed () returned 0x1
[0306.600] GetThemeAppProperties () returned 0x3
[0306.600] GetThemeAppProperties () returned 0x3
[0306.600] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0306.600] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0xfe0107ec, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.600] GdipReleaseDC (graphics=0x6600030, hdc=0xfe0107ec) returned 0x0
[0306.600] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.601] SelectObject (hdc=0xfe0107ec, h=0x85000f) returned 0x4a0507fe
[0306.601] DeleteDC (hdc=0xfe0107ec) returned 1
[0306.601] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.601] EndPaint (hWnd=0x3602dc, lpPaint=0xd7e24c) returned 1
[0306.601] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.601] IsWindowUnicode (hWnd=0x3602da) returned 1
[0306.601] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.601] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.601] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.601] BeginPaint (in: hWnd=0x3602da, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0306.601] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.601] CreateCompatibleDC (hdc=0xc0107c5) returned 0x107ec
[0306.601] SelectObject (hdc=0x107ec, h=0x4a0507fe) returned 0x85000f
[0306.602] GdipCreateFromHDC (hdc=0x107ec, graphics=0xd7e268) returned 0x0
[0306.602] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.602] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0306.602] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0306.602] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0306.602] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0306.602] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0306.602] LocalFree (hMem=0x11eec58) returned 0x0
[0306.602] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0306.602] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0306.602] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0306.602] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0306.602] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0306.602] GdipRestoreGraphics (graphics=0x6600030, state=0xf55c0dbd) returned 0x0
[0306.602] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0306.602] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0306.602] GetCurrentObject (hdc=0x107ec, type=0x1) returned 0xb00017
[0306.602] GetCurrentObject (hdc=0x107ec, type=0x2) returned 0x900010
[0306.602] GetCurrentObject (hdc=0x107ec, type=0x7) returned 0x4a0507fe
[0306.602] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.603] SaveDC (hdc=0x107ec) returned 1
[0306.603] GetNearestColor (hdc=0x107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.603] GetNearestColor (hdc=0x107ec, color=0xa0a0a0) returned 0xa0a0a0
[0306.603] GetNearestColor (hdc=0x107ec, color=0x696969) returned 0x696969
[0306.603] GetNearestColor (hdc=0x107ec, color=0xa0a0a0) returned 0xa0a0a0
[0306.603] GetNearestColor (hdc=0x107ec, color=0x0) returned 0x0
[0306.603] GetNearestColor (hdc=0x107ec, color=0xffffff) returned 0xffffff
[0306.603] GetNearestColor (hdc=0x107ec, color=0xe5e5e5) returned 0xe5e5e5
[0306.603] GetNearestColor (hdc=0x107ec, color=0xd7d7d7) returned 0xd7d7d7
[0306.603] GetNearestColor (hdc=0x107ec, color=0x0) returned 0x0
[0306.603] RestoreDC (hdc=0x107ec, nSavedDC=-1) returned 1
[0306.603] GdipReleaseDC (graphics=0x6600030, hdc=0x107ec) returned 0x0
[0306.603] IsAppThemed () returned 0x1
[0306.603] GetThemeAppProperties () returned 0x3
[0306.603] GetThemeAppProperties () returned 0x3
[0306.603] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0306.603] SendMessageW (hWnd=0x3002c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0306.603] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0306.603] IsAppThemed () returned 0x1
[0306.603] GetThemeAppProperties () returned 0x3
[0306.603] GetThemeAppProperties () returned 0x3
[0306.604] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d12858 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0306.604] IsAppThemed () returned 0x1
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] IsAppThemed () returned 0x1
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] GetFocus () returned 0x3802d8
[0306.604] IsAppThemed () returned 0x1
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] IsAppThemed () returned 0x1
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] IsThemePartDefined () returned 0x1
[0306.604] IsAppThemed () returned 0x1
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.604] IsAppThemed () returned 0x1
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] GetThemeAppProperties () returned 0x3
[0306.604] IsAppThemed () returned 0x1
[0306.605] GetThemeAppProperties () returned 0x3
[0306.605] GetThemeAppProperties () returned 0x3
[0306.605] IsThemePartDefined () returned 0x1
[0306.605] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0306.605] GdipGetClip (graphics=0x6600030, region=0x6646298) returned 0x0
[0306.605] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0306.605] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0306.605] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0306.605] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0306.605] LocalFree (hMem=0x11ee9f0) returned 0x0
[0306.605] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0306.605] LocalFree (hMem=0x11eec58) returned 0x0
[0306.605] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0306.605] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e018) returned 0x0
[0306.605] GdipIsInfiniteRegion (region=0x6646298, graphics=0x6600030, result=0xd7e008) returned 0x0
[0306.605] GdipGetRegionHRgn (region=0x6646298, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0306.605] GdipDeleteRegion (region=0x6646298) returned 0x0
[0306.605] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0306.605] GetCurrentObject (hdc=0x107ec, type=0x1) returned 0xb00017
[0306.605] GetCurrentObject (hdc=0x107ec, type=0x2) returned 0x900010
[0306.605] GetCurrentObject (hdc=0x107ec, type=0x7) returned 0x4a0507fe
[0306.605] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.605] SaveDC (hdc=0x107ec) returned 1
[0306.605] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x760407de
[0306.605] GetClipRgn (hdc=0x107ec, hrgn=0x760407de) returned 0
[0306.605] SelectClipRgn (hdc=0x107ec, hrgn=0xf8040807) returned 2
[0306.606] DeleteObject (ho=0x760407de) returned 1
[0306.606] DeleteObject (ho=0xf8040807) returned 1
[0306.606] OffsetViewportOrgEx (in: hdc=0x107ec, x=0, y=0, lppt=0x2d12f08 | out: lppt=0x2d12f08) returned 1
[0306.606] DrawThemeParentBackground () returned 0x0
[0306.606] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0306.606] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0306.606] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.606] GetSystemMetrics (nIndex=42) returned 0
[0306.606] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0306.607] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0306.607] GetCurrentObject (hdc=0x107ec, type=0x1) returned 0xb00017
[0306.607] GetCurrentObject (hdc=0x107ec, type=0x2) returned 0x900010
[0306.607] GetCurrentObject (hdc=0x107ec, type=0x7) returned 0x4a0507fe
[0306.607] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.607] SaveDC (hdc=0x107ec) returned 2
[0306.607] GetNearestColor (hdc=0x107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.607] CreateSolidBrush (color=0xf0f0f0) returned 0x781007e1
[0306.607] FillRect (hDC=0x107ec, lprc=0xd7da38, hbr=0x781007e1) returned 1
[0306.607] DeleteObject (ho=0x781007e1) returned 1
[0306.607] RestoreDC (hdc=0x107ec, nSavedDC=-1) returned 1
[0306.607] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.607] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.607] GetSystemMetrics (nIndex=42) returned 0
[0306.607] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.608] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0306.608] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0306.608] GetCurrentObject (hdc=0x107ec, type=0x1) returned 0xb00017
[0306.608] GetCurrentObject (hdc=0x107ec, type=0x2) returned 0x900010
[0306.608] GetCurrentObject (hdc=0x107ec, type=0x7) returned 0x4a0507fe
[0306.608] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.608] SaveDC (hdc=0x107ec) returned 2
[0306.608] GetNearestColor (hdc=0x107ec, color=0xf0f0f0) returned 0xf0f0f0
[0306.608] CreateSolidBrush (color=0xf0f0f0) returned 0x791007e1
[0306.608] FillRect (hDC=0x107ec, lprc=0xd7d9d8, hbr=0x791007e1) returned 1
[0306.608] DeleteObject (ho=0x791007e1) returned 1
[0306.608] RestoreDC (hdc=0x107ec, nSavedDC=-1) returned 1
[0306.608] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.608] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.608] GetSystemMetrics (nIndex=42) returned 0
[0306.608] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.608] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0306.608] RestoreDC (hdc=0x107ec, nSavedDC=-1) returned 1
[0306.609] GdipReleaseDC (graphics=0x6600030, hdc=0x107ec) returned 0x0
[0306.609] IsAppThemed () returned 0x1
[0306.609] GetThemeAppProperties () returned 0x3
[0306.609] GetThemeAppProperties () returned 0x3
[0306.609] IsAppThemed () returned 0x1
[0306.609] GetThemeAppProperties () returned 0x3
[0306.609] GetThemeAppProperties () returned 0x3
[0306.609] IsThemePartDefined () returned 0x1
[0306.609] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0306.609] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0306.609] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0306.609] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0306.609] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0306.609] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0306.609] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea98) returned 0x0
[0306.609] LocalFree (hMem=0x11eea98) returned 0x0
[0306.609] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.609] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0306.609] LocalFree (hMem=0x11eec58) returned 0x0
[0306.609] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0306.609] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0306.609] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0306.609] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0306.609] GdipDeleteRegion (region=0x6646838) returned 0x0
[0306.609] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0306.610] GetCurrentObject (hdc=0x107ec, type=0x1) returned 0xb00017
[0306.610] GetCurrentObject (hdc=0x107ec, type=0x2) returned 0x900010
[0306.610] GetCurrentObject (hdc=0x107ec, type=0x7) returned 0x4a0507fe
[0306.610] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.610] SaveDC (hdc=0x107ec) returned 1
[0306.610] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf9040807
[0306.610] GetClipRgn (hdc=0x107ec, hrgn=0xf9040807) returned 0
[0306.610] SelectClipRgn (hdc=0x107ec, hrgn=0x780407de) returned 2
[0306.610] DeleteObject (ho=0xf9040807) returned 1
[0306.610] DeleteObject (ho=0x780407de) returned 1
[0306.610] OffsetViewportOrgEx (in: hdc=0x107ec, x=0, y=0, lppt=0x2d137b4 | out: lppt=0x2d137b4) returned 1
[0306.610] IsAppThemed () returned 0x1
[0306.610] GetThemeAppProperties () returned 0x3
[0306.610] GetThemeAppProperties () returned 0x3
[0306.610] DrawThemeBackground () returned 0x0
[0306.610] RestoreDC (hdc=0x107ec, nSavedDC=-1) returned 1
[0306.610] GdipReleaseDC (graphics=0x6600030, hdc=0x107ec) returned 0x0
[0306.610] GdipCreateRegion (region=0xd7df60) returned 0x0
[0306.610] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0306.610] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0306.610] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0306.611] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0306.611] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0306.611] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eed00) returned 0x0
[0306.611] LocalFree (hMem=0x11eed00) returned 0x0
[0306.611] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.611] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0306.611] LocalFree (hMem=0x11eec58) returned 0x0
[0306.611] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0306.611] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0306.611] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0306.611] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0306.611] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0306.611] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0306.611] GetCurrentObject (hdc=0x107ec, type=0x1) returned 0xb00017
[0306.611] GetCurrentObject (hdc=0x107ec, type=0x2) returned 0x900010
[0306.611] GetCurrentObject (hdc=0x107ec, type=0x7) returned 0x4a0507fe
[0306.611] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.611] SaveDC (hdc=0x107ec) returned 1
[0306.611] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x790407de
[0306.611] GetClipRgn (hdc=0x107ec, hrgn=0x790407de) returned 0
[0306.611] SelectClipRgn (hdc=0x107ec, hrgn=0xfa040807) returned 2
[0306.611] DeleteObject (ho=0x790407de) returned 1
[0306.612] DeleteObject (ho=0xfa040807) returned 1
[0306.612] OffsetViewportOrgEx (in: hdc=0x107ec, x=0, y=0, lppt=0x2d13a88 | out: lppt=0x2d13a88) returned 1
[0306.612] IsAppThemed () returned 0x1
[0306.612] GetThemeAppProperties () returned 0x3
[0306.612] GetThemeAppProperties () returned 0x3
[0306.612] GetThemeBackgroundContentRect () returned 0x0
[0306.612] RestoreDC (hdc=0x107ec, nSavedDC=-1) returned 1
[0306.612] GdipReleaseDC (graphics=0x6600030, hdc=0x107ec) returned 0x0
[0306.612] IsAppThemed () returned 0x1
[0306.612] GetThemeAppProperties () returned 0x3
[0306.612] GetThemeAppProperties () returned 0x3
[0306.612] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0306.612] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0306.612] GetCurrentObject (hdc=0x107ec, type=0x1) returned 0xb00017
[0306.612] GetCurrentObject (hdc=0x107ec, type=0x2) returned 0x900010
[0306.612] GetCurrentObject (hdc=0x107ec, type=0x7) returned 0x4a0507fe
[0306.612] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.612] SaveDC (hdc=0x107ec) returned 1
[0306.612] GetTextAlign (hdc=0x107ec) returned 0x0
[0306.612] GetTextColor (hdc=0x107ec) returned 0x0
[0306.612] GetCurrentObject (hdc=0x107ec, type=0x6) returned 0x8a01c2
[0306.612] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0306.613] SelectObject (hdc=0x107ec, h=0x6d0a0520) returned 0x8a01c2
[0306.613] GetBkMode (hdc=0x107ec) returned 2
[0306.613] SetBkMode (hdc=0x107ec, mode=1) returned 2
[0306.613] DrawTextExW (in: hdc=0x107ec, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d13e28 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0306.613] DrawTextExW (in: hdc=0x107ec, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d13e28 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0306.613] RestoreDC (hdc=0x107ec, nSavedDC=-1) returned 1
[0306.613] GdipReleaseDC (graphics=0x6600030, hdc=0x107ec) returned 0x0
[0306.613] GetFocus () returned 0x3802d8
[0306.613] IsAppThemed () returned 0x1
[0306.613] GetThemeAppProperties () returned 0x3
[0306.613] GetThemeAppProperties () returned 0x3
[0306.613] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0306.613] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x107ec, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.614] GdipReleaseDC (graphics=0x6600030, hdc=0x107ec) returned 0x0
[0306.614] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.614] SelectObject (hdc=0x107ec, h=0x85000f) returned 0x4a0507fe
[0306.614] DeleteDC (hdc=0x107ec) returned 1
[0306.614] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.614] EndPaint (hWnd=0x3602da, lpPaint=0xd7e24c) returned 1
[0306.614] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.614] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.614] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.614] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.614] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.614] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0306.614] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.614] CreateCompatibleDC (hdc=0x10105d6) returned 0x20107ec
[0306.615] SelectObject (hdc=0x20107ec, h=0x4a0507fe) returned 0x85000f
[0306.615] GdipCreateFromHDC (hdc=0x20107ec, graphics=0xd7e268) returned 0x0
[0306.615] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.615] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0306.615] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0306.615] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0306.615] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e2c8) returned 0x0
[0306.615] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.615] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0306.615] LocalFree (hMem=0x11ee868) returned 0x0
[0306.615] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0306.615] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0306.615] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0306.615] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0306.615] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0306.615] GdipRestoreGraphics (graphics=0x6600030, state=0xf55a0dbd) returned 0x0
[0306.615] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0306.615] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0306.615] GetCurrentObject (hdc=0x20107ec, type=0x1) returned 0xb00017
[0306.615] GetCurrentObject (hdc=0x20107ec, type=0x2) returned 0x900010
[0306.616] GetCurrentObject (hdc=0x20107ec, type=0x7) returned 0x4a0507fe
[0306.616] GetCurrentObject (hdc=0x20107ec, type=0x6) returned 0x8a01c2
[0306.616] SaveDC (hdc=0x20107ec) returned 1
[0306.616] GetNearestColor (hdc=0x20107ec, color=0xff) returned 0xff
[0306.616] GetNearestColor (hdc=0x20107ec, color=0x55) returned 0x55
[0306.616] GetNearestColor (hdc=0x20107ec, color=0x0) returned 0x0
[0306.616] GetNearestColor (hdc=0x20107ec, color=0x55) returned 0x55
[0306.616] GetNearestColor (hdc=0x20107ec, color=0x0) returned 0x0
[0306.616] GetNearestColor (hdc=0x20107ec, color=0x8080ff) returned 0x8080ff
[0306.616] GetNearestColor (hdc=0x20107ec, color=0x7373e5) returned 0x7373e5
[0306.616] GetNearestColor (hdc=0x20107ec, color=0xe5) returned 0xe5
[0306.616] GetNearestColor (hdc=0x20107ec, color=0x0) returned 0x0
[0306.616] RestoreDC (hdc=0x20107ec, nSavedDC=-1) returned 1
[0306.616] GdipReleaseDC (graphics=0x6600030, hdc=0x20107ec) returned 0x0
[0306.616] IsAppThemed () returned 0x1
[0306.616] GetThemeAppProperties () returned 0x3
[0306.616] GetThemeAppProperties () returned 0x3
[0306.616] IsAppThemed () returned 0x1
[0306.616] GetThemeAppProperties () returned 0x3
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d145f0 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0306.617] IsAppThemed () returned 0x1
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] IsAppThemed () returned 0x1
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] GetFocus () returned 0x3802d8
[0306.617] IsAppThemed () returned 0x1
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] IsAppThemed () returned 0x1
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] IsThemePartDefined () returned 0x1
[0306.617] IsAppThemed () returned 0x1
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] GetThemeAppProperties () returned 0x3
[0306.617] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.617] IsAppThemed () returned 0x1
[0306.617] GetThemeAppProperties () returned 0x3
[0306.618] GetThemeAppProperties () returned 0x3
[0306.618] IsAppThemed () returned 0x1
[0306.618] GetThemeAppProperties () returned 0x3
[0306.618] GetThemeAppProperties () returned 0x3
[0306.618] IsThemePartDefined () returned 0x1
[0306.618] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0306.618] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0306.618] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0306.618] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0306.618] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7dff0) returned 0x0
[0306.618] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.618] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0306.618] LocalFree (hMem=0x11ee788) returned 0x0
[0306.618] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.618] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0306.618] LocalFree (hMem=0x11ee868) returned 0x0
[0306.618] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0306.618] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e018) returned 0x0
[0306.618] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e008) returned 0x0
[0306.618] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0306.618] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0306.618] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0306.618] GetCurrentObject (hdc=0x20107ec, type=0x1) returned 0xb00017
[0306.618] GetCurrentObject (hdc=0x20107ec, type=0x2) returned 0x900010
[0306.618] GetCurrentObject (hdc=0x20107ec, type=0x7) returned 0x4a0507fe
[0306.619] GetCurrentObject (hdc=0x20107ec, type=0x6) returned 0x8a01c2
[0306.619] SaveDC (hdc=0x20107ec) returned 1
[0306.619] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfb040807
[0306.619] GetClipRgn (hdc=0x20107ec, hrgn=0xfb040807) returned 0
[0306.619] SelectClipRgn (hdc=0x20107ec, hrgn=0x7d0407de) returned 2
[0306.619] DeleteObject (ho=0xfb040807) returned 1
[0306.619] DeleteObject (ho=0x7d0407de) returned 1
[0306.619] OffsetViewportOrgEx (in: hdc=0x20107ec, x=0, y=0, lppt=0x2d14ca0 | out: lppt=0x2d14ca0) returned 1
[0306.619] DrawThemeParentBackground () returned 0x0
[0306.619] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0306.619] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0306.619] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.619] GetSystemMetrics (nIndex=42) returned 0
[0306.619] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0306.619] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0306.619] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0306.619] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0306.619] SelectPalette (hdc=0x20107ec, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.620] GdipCreateFromHDC (hdc=0x20107ec, graphics=0xd7dac8) returned 0x0
[0306.620] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.620] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0306.620] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cf8) returned 0x0
[0306.620] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7daa0) returned 0x0
[0306.620] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0306.620] GdipCreateRegion (region=0xd7da88) returned 0x0
[0306.620] GdipGetClip (graphics=0x6639e10, region=0x6646a78) returned 0x0
[0306.620] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6639e10, result=0xd7da94) returned 0x0
[0306.620] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0306.620] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dac0) returned 0x0
[0306.620] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0306.630] GdipFillRectangleI (graphics=0x6639e10, brush=0x664db50, x=0, y=0, width=801, height=453) returned 0x0
[0306.630] GdipDeleteBrush (brush=0x664db50) returned 0x0
[0306.632] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.632] SelectPalette (hdc=0x20107ec, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.632] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.632] GetSystemMetrics (nIndex=42) returned 0
[0306.632] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0306.632] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0306.632] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0306.632] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0306.632] SelectPalette (hdc=0x20107ec, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.632] GdipCreateFromHDC (hdc=0x20107ec, graphics=0xd7da68) returned 0x0
[0306.632] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.633] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0306.633] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638ab8) returned 0x0
[0306.633] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7da40) returned 0x0
[0306.633] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0306.633] GdipCreateRegion (region=0xd7da28) returned 0x0
[0306.633] GdipGetClip (graphics=0x6639e10, region=0x66468c8) returned 0x0
[0306.633] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6639e10, result=0xd7da34) returned 0x0
[0306.633] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0306.633] GdipSaveGraphics (graphics=0x6639e10, state=0xd7da60) returned 0x0
[0306.633] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0306.664] GdipFillRectangleI (graphics=0x6639e10, brush=0x664e780, x=0, y=0, width=801, height=453) returned 0x0
[0306.664] GdipDeleteBrush (brush=0x664e780) returned 0x0
[0306.666] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5560dbd) returned 0x0
[0306.666] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.666] GetSystemMetrics (nIndex=42) returned 0
[0306.666] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0306.666] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.666] SelectPalette (hdc=0x20107ec, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.666] RestoreDC (hdc=0x20107ec, nSavedDC=-1) returned 1
[0306.666] GdipReleaseDC (graphics=0x6600030, hdc=0x20107ec) returned 0x0
[0306.666] IsAppThemed () returned 0x1
[0306.666] GetThemeAppProperties () returned 0x3
[0306.666] GetThemeAppProperties () returned 0x3
[0306.666] IsAppThemed () returned 0x1
[0306.667] GetThemeAppProperties () returned 0x3
[0306.667] GetThemeAppProperties () returned 0x3
[0306.667] IsThemePartDefined () returned 0x1
[0306.667] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0306.667] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0306.667] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0306.667] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0306.667] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df74) returned 0x0
[0306.667] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.667] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0306.667] LocalFree (hMem=0x11eec58) returned 0x0
[0306.667] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.667] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0306.667] LocalFree (hMem=0x11eec58) returned 0x0
[0306.667] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0306.667] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0306.667] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0306.667] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0306.667] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0306.667] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0306.667] GetCurrentObject (hdc=0x20107ec, type=0x1) returned 0xb00017
[0306.667] GetCurrentObject (hdc=0x20107ec, type=0x2) returned 0x900010
[0306.667] GetCurrentObject (hdc=0x20107ec, type=0x7) returned 0x4a0507fe
[0306.667] GetCurrentObject (hdc=0x20107ec, type=0x6) returned 0x8a01c2
[0306.668] SaveDC (hdc=0x20107ec) returned 1
[0306.668] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7e0407de
[0306.668] GetClipRgn (hdc=0x20107ec, hrgn=0x7e0407de) returned 0
[0306.668] SelectClipRgn (hdc=0x20107ec, hrgn=0xfd040807) returned 2
[0306.668] DeleteObject (ho=0x7e0407de) returned 1
[0306.668] DeleteObject (ho=0xfd040807) returned 1
[0306.668] OffsetViewportOrgEx (in: hdc=0x20107ec, x=0, y=0, lppt=0x2d1b4f0 | out: lppt=0x2d1b4f0) returned 1
[0306.668] IsAppThemed () returned 0x1
[0306.668] GetThemeAppProperties () returned 0x3
[0306.668] GetThemeAppProperties () returned 0x3
[0306.668] DrawThemeBackground () returned 0x0
[0306.668] RestoreDC (hdc=0x20107ec, nSavedDC=-1) returned 1
[0306.668] GdipReleaseDC (graphics=0x6600030, hdc=0x20107ec) returned 0x0
[0306.668] GdipCreateRegion (region=0xd7df60) returned 0x0
[0306.668] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0306.668] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0306.668] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0306.668] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0306.668] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0306.668] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea98) returned 0x0
[0306.669] LocalFree (hMem=0x11eea98) returned 0x0
[0306.669] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.672] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0306.672] LocalFree (hMem=0x11eec58) returned 0x0
[0306.672] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0306.672] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0306.672] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df90) returned 0x0
[0306.672] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0306.672] GdipDeleteRegion (region=0x6646718) returned 0x0
[0306.672] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0306.672] GetCurrentObject (hdc=0x20107ec, type=0x1) returned 0xb00017
[0306.672] GetCurrentObject (hdc=0x20107ec, type=0x2) returned 0x900010
[0306.672] GetCurrentObject (hdc=0x20107ec, type=0x7) returned 0x4a0507fe
[0306.672] GetCurrentObject (hdc=0x20107ec, type=0x6) returned 0x8a01c2
[0306.673] SaveDC (hdc=0x20107ec) returned 1
[0306.673] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfe040807
[0306.673] GetClipRgn (hdc=0x20107ec, hrgn=0xfe040807) returned 0
[0306.673] SelectClipRgn (hdc=0x20107ec, hrgn=0x7f0407de) returned 2
[0306.673] DeleteObject (ho=0xfe040807) returned 1
[0306.673] DeleteObject (ho=0x7f0407de) returned 1
[0306.673] OffsetViewportOrgEx (in: hdc=0x20107ec, x=0, y=0, lppt=0x2d1b7c4 | out: lppt=0x2d1b7c4) returned 1
[0306.673] IsAppThemed () returned 0x1
[0306.673] GetThemeAppProperties () returned 0x3
[0306.673] GetThemeAppProperties () returned 0x3
[0306.673] GetThemeBackgroundContentRect () returned 0x0
[0306.673] RestoreDC (hdc=0x20107ec, nSavedDC=-1) returned 1
[0306.673] GdipReleaseDC (graphics=0x6600030, hdc=0x20107ec) returned 0x0
[0306.673] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0306.673] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0306.673] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0306.673] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0306.673] IsAppThemed () returned 0x1
[0306.673] GetThemeAppProperties () returned 0x3
[0306.673] GetThemeAppProperties () returned 0x3
[0306.673] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0306.673] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0306.673] GetCurrentObject (hdc=0x20107ec, type=0x1) returned 0xb00017
[0306.673] GetCurrentObject (hdc=0x20107ec, type=0x2) returned 0x900010
[0306.674] GetCurrentObject (hdc=0x20107ec, type=0x7) returned 0x4a0507fe
[0306.674] GetCurrentObject (hdc=0x20107ec, type=0x6) returned 0x8a01c2
[0306.674] SaveDC (hdc=0x20107ec) returned 1
[0306.674] GetTextAlign (hdc=0x20107ec) returned 0x0
[0306.674] GetTextColor (hdc=0x20107ec) returned 0x0
[0306.674] GetCurrentObject (hdc=0x20107ec, type=0x6) returned 0x8a01c2
[0306.674] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0306.674] SelectObject (hdc=0x20107ec, h=0x6d0a0520) returned 0x8a01c2
[0306.674] GetBkMode (hdc=0x20107ec) returned 2
[0306.674] SetBkMode (hdc=0x20107ec, mode=1) returned 2
[0306.674] DrawTextExW (in: hdc=0x20107ec, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d1bb88 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0306.674] DrawTextExW (in: hdc=0x20107ec, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d1bb88 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0306.675] RestoreDC (hdc=0x20107ec, nSavedDC=-1) returned 1
[0306.675] GdipReleaseDC (graphics=0x6600030, hdc=0x20107ec) returned 0x0
[0306.675] GetFocus () returned 0x3802d8
[0306.675] IsAppThemed () returned 0x1
[0306.675] GetThemeAppProperties () returned 0x3
[0306.675] GetThemeAppProperties () returned 0x3
[0306.675] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0306.675] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x20107ec, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.675] GdipReleaseDC (graphics=0x6600030, hdc=0x20107ec) returned 0x0
[0306.675] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.675] SelectObject (hdc=0x20107ec, h=0x85000f) returned 0x4a0507fe
[0306.675] DeleteDC (hdc=0x20107ec) returned 1
[0306.675] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.675] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0306.676] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0306.676] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.676] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0306.677] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.677] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.677] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0306.678] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.678] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.678] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.678] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.678] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.679] IsWindowUnicode (hWnd=0x3602dc) returned 1
[0306.679] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.679] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.679] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.679] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.680] IsWindowUnicode (hWnd=0x3602dc) returned 1
[0306.680] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.680] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.680] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x2a1, wParam=0x0, lParam=0x70027) returned 0x0
[0306.680] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.680] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.680] WaitMessage () returned 1
[0306.686] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.686] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.686] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.686] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.686] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.687] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.687] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.687] WaitMessage () returned 1
[0306.688] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.688] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.688] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.688] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.688] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.689] WaitMessage () returned 1
[0306.689] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.689] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.689] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.689] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.689] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.690] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.691] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.691] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.691] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.691] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.691] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.691] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.691] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.691] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.691] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.691] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.692] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.692] WaitMessage () returned 1
[0306.692] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.692] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.692] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.692] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.692] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.694] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.694] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.694] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.694] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.694] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.694] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.694] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.694] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.694] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.694] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.694] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.695] WaitMessage () returned 1
[0306.695] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.695] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.695] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.695] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.695] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.696] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.696] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.696] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.696] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.696] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.697] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.697] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.697] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.697] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.697] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.697] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.697] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.697] WaitMessage () returned 1
[0306.698] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.698] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.698] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.698] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.698] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.699] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.699] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.699] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.699] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.699] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.699] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.699] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.699] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.700] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.700] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.700] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.703] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0306.703] WaitMessage () returned 1
[0306.789] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.789] IsWindowUnicode (hWnd=0x3602dc) returned 1
[0306.789] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.789] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.790] GetDlgItem (hDlg=0x3002c8, nIDDlgItem=0) returned 0x0
[0306.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x210, wParam=0x201, lParam=0x650108) returned 0x0
[0306.790] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x21, wParam=0x3002c8, lParam=0x2010001) returned 0x1
[0306.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x21, wParam=0x3002c8, lParam=0x2010001) returned 0x1
[0306.790] SetCursor (hCursor=0x10003) returned 0x10003
[0306.790] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.790] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.790] GetKeyState (nVirtKey=1) returned -127
[0306.790] GetKeyState (nVirtKey=2) returned 0
[0306.790] GetKeyState (nVirtKey=4) returned 0
[0306.790] GetKeyState (nVirtKey=5) returned 0
[0306.790] GetKeyState (nVirtKey=6) returned 0
[0306.790] IsWindowVisible (hWnd=0x3602dc) returned 1
[0306.790] IsWindowEnabled (hWnd=0x3602dc) returned 1
[0306.790] SetFocus (hWnd=0x3602dc) returned 0x3802d8
[0306.791] GetFocus () returned 0x3602dc
[0306.791] IsChild (hWndParent=0x3002c8, hWnd=0x3602dc) returned 1
[0306.791] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x8, wParam=0x3602dc, lParam=0x0) returned 0x0
[0306.791] GetCapture () returned 0x0
[0306.791] InvalidateRect (hWnd=0x3802d8, lpRect=0x0, bErase=0) returned 1
[0306.792] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0306.794] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0306.798] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.798] InvalidateRect (hWnd=0x3802d8, lpRect=0x0, bErase=0) returned 1
[0306.798] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.798] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x7, wParam=0x3802d8, lParam=0x0) returned 0x0
[0306.798] GetStockObject (i=5) returned 0x900015
[0306.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0306.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0306.799] GetDlgItem (hDlg=0x3002c8, nIDDlgItem=3539676) returned 0x3602dc
[0306.799] SendMessageW (hWnd=0x3602dc, Msg=0x202b, wParam=0x3602dc, lParam=0xd7dddc) returned 0x0
[0306.799] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x202b, wParam=0x3602dc, lParam=0xd7dddc) returned 0x0
[0306.799] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.800] GetFocus () returned 0x3602dc
[0306.800] GetFocus () returned 0x3602dc
[0306.801] GetFocus () returned 0x3602dc
[0306.801] GetKeyState (nVirtKey=1) returned -127
[0306.801] GetKeyState (nVirtKey=2) returned 0
[0306.801] GetKeyState (nVirtKey=4) returned 0
[0306.801] GetKeyState (nVirtKey=5) returned 0
[0306.801] GetKeyState (nVirtKey=6) returned 0
[0306.801] GetCapture () returned 0x0
[0306.801] SetCapture (hWnd=0x3602dc) returned 0x0
[0306.801] GetKeyState (nVirtKey=1) returned -127
[0306.801] GetKeyState (nVirtKey=2) returned 0
[0306.801] GetKeyState (nVirtKey=4) returned 0
[0306.801] GetKeyState (nVirtKey=5) returned 0
[0306.801] GetKeyState (nVirtKey=6) returned 0
[0306.801] NotifyWinEvent (event=0x800a, hwnd=0x3602dc, idObject=-4, idChild=0)
[0306.801] InvalidateRect (hWnd=0x3602dc, lpRect=0xd7e430, bErase=0) returned 1
[0306.801] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.801] IsWindowUnicode (hWnd=0x3602dc) returned 1
[0306.801] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.801] TranslateMessage (lpMsg=0xd7e808) returned 0
[0306.801] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0306.802] MapWindowPoints (in: hWndFrom=0x3602dc, hWndTo=0x0, lpPoints=0x2d1be74, cPoints=0x1 | out: lpPoints=0x2d1be74) returned 30999254
[0306.802] NotifyWinEvent (event=0x800a, hwnd=0x3602dc, idObject=-4, idChild=0)
[0306.802] InvalidateRect (hWnd=0x3602dc, lpRect=0xd7e3d0, bErase=0) returned 1
[0306.802] UpdateWindow (hWnd=0x3602dc) returned 1
[0306.802] BeginPaint (in: hWnd=0x3602dc, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x107b9
[0306.802] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.802] CreateCompatibleDC (hdc=0x107b9) returned 0x7f0107d7
[0306.802] SelectObject (hdc=0x7f0107d7, h=0x4a0507fe) returned 0x85000f
[0306.802] GdipCreateFromHDC (hdc=0x7f0107d7, graphics=0xd7df00) returned 0x0
[0306.802] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.802] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0306.802] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0306.803] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0306.803] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df60) returned 0x0
[0306.803] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0306.803] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0306.803] LocalFree (hMem=0x11eea28) returned 0x0
[0306.803] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0306.803] GdipCreateRegion (region=0xd7df48) returned 0x0
[0306.803] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0306.803] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0306.803] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0306.803] GdipRestoreGraphics (graphics=0x6600030, state=0xf5540dbd) returned 0x0
[0306.803] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0306.803] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0306.803] GetCurrentObject (hdc=0x7f0107d7, type=0x1) returned 0xb00017
[0306.803] GetCurrentObject (hdc=0x7f0107d7, type=0x2) returned 0x900010
[0306.803] GetCurrentObject (hdc=0x7f0107d7, type=0x7) returned 0x4a0507fe
[0306.803] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.804] SaveDC (hdc=0x7f0107d7) returned 1
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0xf0f0f0) returned 0xf0f0f0
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0xa0a0a0) returned 0xa0a0a0
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0x696969) returned 0x696969
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0xa0a0a0) returned 0xa0a0a0
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0x0) returned 0x0
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0xffffff) returned 0xffffff
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0xe5e5e5) returned 0xe5e5e5
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0xd7d7d7) returned 0xd7d7d7
[0306.804] GetNearestColor (hdc=0x7f0107d7, color=0x0) returned 0x0
[0306.804] RestoreDC (hdc=0x7f0107d7, nSavedDC=-1) returned 1
[0306.804] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d7) returned 0x0
[0306.804] IsAppThemed () returned 0x1
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] IsAppThemed () returned 0x1
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d1c5cc | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0306.805] IsAppThemed () returned 0x1
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] IsAppThemed () returned 0x1
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] IsAppThemed () returned 0x1
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] GetThemeAppProperties () returned 0x3
[0306.805] IsAppThemed () returned 0x1
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] IsThemePartDefined () returned 0x1
[0306.806] IsAppThemed () returned 0x1
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.806] IsAppThemed () returned 0x1
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] IsAppThemed () returned 0x1
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] GetThemeAppProperties () returned 0x3
[0306.806] IsThemePartDefined () returned 0x1
[0306.806] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0306.806] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0306.806] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0306.806] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0306.806] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc7c) returned 0x0
[0306.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.806] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0306.807] LocalFree (hMem=0x11eec58) returned 0x0
[0306.807] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.807] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0306.807] LocalFree (hMem=0x11ee868) returned 0x0
[0306.807] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0306.807] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0306.807] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0306.807] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0306.807] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0306.807] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0306.807] GetCurrentObject (hdc=0x7f0107d7, type=0x1) returned 0xb00017
[0306.807] GetCurrentObject (hdc=0x7f0107d7, type=0x2) returned 0x900010
[0306.807] GetCurrentObject (hdc=0x7f0107d7, type=0x7) returned 0x4a0507fe
[0306.807] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.807] SaveDC (hdc=0x7f0107d7) returned 1
[0306.807] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x800407de
[0306.807] GetClipRgn (hdc=0x7f0107d7, hrgn=0x800407de) returned 0
[0306.808] SelectClipRgn (hdc=0x7f0107d7, hrgn=0x2040807) returned 2
[0306.808] DeleteObject (ho=0x800407de) returned 1
[0306.808] DeleteObject (ho=0x2040807) returned 1
[0306.808] OffsetViewportOrgEx (in: hdc=0x7f0107d7, x=0, y=0, lppt=0x2d1cc7c | out: lppt=0x2d1cc7c) returned 1
[0306.808] DrawThemeParentBackground () returned 0x0
[0306.808] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0306.808] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0306.808] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.808] GetSystemMetrics (nIndex=42) returned 0
[0306.808] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0306.808] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0306.808] GetCurrentObject (hdc=0x7f0107d7, type=0x1) returned 0xb00017
[0306.809] GetCurrentObject (hdc=0x7f0107d7, type=0x2) returned 0x900010
[0306.809] GetCurrentObject (hdc=0x7f0107d7, type=0x7) returned 0x4a0507fe
[0306.809] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.809] SaveDC (hdc=0x7f0107d7) returned 2
[0306.809] GetNearestColor (hdc=0x7f0107d7, color=0xf0f0f0) returned 0xf0f0f0
[0306.809] CreateSolidBrush (color=0xf0f0f0) returned 0x7a1007e1
[0306.809] FillRect (hDC=0x7f0107d7, lprc=0xd7d6c8, hbr=0x7a1007e1) returned 1
[0306.809] DeleteObject (ho=0x7a1007e1) returned 1
[0306.809] RestoreDC (hdc=0x7f0107d7, nSavedDC=-1) returned 1
[0306.809] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.809] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.810] GetSystemMetrics (nIndex=42) returned 0
[0306.810] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.810] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0306.810] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0306.810] GetCurrentObject (hdc=0x7f0107d7, type=0x1) returned 0xb00017
[0306.810] GetCurrentObject (hdc=0x7f0107d7, type=0x2) returned 0x900010
[0306.811] GetCurrentObject (hdc=0x7f0107d7, type=0x7) returned 0x4a0507fe
[0306.811] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.811] SaveDC (hdc=0x7f0107d7) returned 2
[0306.811] GetNearestColor (hdc=0x7f0107d7, color=0xf0f0f0) returned 0xf0f0f0
[0306.811] CreateSolidBrush (color=0xf0f0f0) returned 0x7b1007e1
[0306.811] FillRect (hDC=0x7f0107d7, lprc=0xd7d668, hbr=0x7b1007e1) returned 1
[0306.811] DeleteObject (ho=0x7b1007e1) returned 1
[0306.811] RestoreDC (hdc=0x7f0107d7, nSavedDC=-1) returned 1
[0306.811] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.811] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.811] GetSystemMetrics (nIndex=42) returned 0
[0306.811] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.811] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0306.812] RestoreDC (hdc=0x7f0107d7, nSavedDC=-1) returned 1
[0306.812] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d7) returned 0x0
[0306.812] IsAppThemed () returned 0x1
[0306.812] GetThemeAppProperties () returned 0x3
[0306.812] GetThemeAppProperties () returned 0x3
[0306.812] IsAppThemed () returned 0x1
[0306.812] GetThemeAppProperties () returned 0x3
[0306.812] GetThemeAppProperties () returned 0x3
[0306.812] IsThemePartDefined () returned 0x1
[0306.812] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0306.812] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0306.812] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0306.812] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0306.812] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc00) returned 0x0
[0306.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.812] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0306.812] LocalFree (hMem=0x11eec58) returned 0x0
[0306.812] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.813] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0306.813] LocalFree (hMem=0x11ee868) returned 0x0
[0306.813] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0306.813] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0306.813] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0306.813] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0306.813] GdipDeleteRegion (region=0x6646568) returned 0x0
[0306.813] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0306.813] GetCurrentObject (hdc=0x7f0107d7, type=0x1) returned 0xb00017
[0306.813] GetCurrentObject (hdc=0x7f0107d7, type=0x2) returned 0x900010
[0306.813] GetCurrentObject (hdc=0x7f0107d7, type=0x7) returned 0x4a0507fe
[0306.813] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.813] SaveDC (hdc=0x7f0107d7) returned 1
[0306.813] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3040807
[0306.813] GetClipRgn (hdc=0x7f0107d7, hrgn=0x3040807) returned 0
[0306.813] SelectClipRgn (hdc=0x7f0107d7, hrgn=0x820407de) returned 2
[0306.814] DeleteObject (ho=0x3040807) returned 1
[0306.814] DeleteObject (ho=0x820407de) returned 1
[0306.814] OffsetViewportOrgEx (in: hdc=0x7f0107d7, x=0, y=0, lppt=0x2d1d528 | out: lppt=0x2d1d528) returned 1
[0306.814] IsAppThemed () returned 0x1
[0306.814] GetThemeAppProperties () returned 0x3
[0306.814] GetThemeAppProperties () returned 0x3
[0306.814] DrawThemeBackground () returned 0x0
[0306.814] RestoreDC (hdc=0x7f0107d7, nSavedDC=-1) returned 1
[0306.814] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d7) returned 0x0
[0306.814] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0306.814] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0306.814] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0306.814] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0306.814] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc04) returned 0x0
[0306.814] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0306.814] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eea28) returned 0x0
[0306.814] LocalFree (hMem=0x11eea28) returned 0x0
[0306.815] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0306.815] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0306.815] LocalFree (hMem=0x11ee788) returned 0x0
[0306.815] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0306.815] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0306.815] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0306.815] GdipGetRegionHRgn (region=0x6646e68, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0306.815] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0306.815] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0306.815] GetCurrentObject (hdc=0x7f0107d7, type=0x1) returned 0xb00017
[0306.815] GetCurrentObject (hdc=0x7f0107d7, type=0x2) returned 0x900010
[0306.815] GetCurrentObject (hdc=0x7f0107d7, type=0x7) returned 0x4a0507fe
[0306.815] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.815] SaveDC (hdc=0x7f0107d7) returned 1
[0306.815] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x830407de
[0306.815] GetClipRgn (hdc=0x7f0107d7, hrgn=0x830407de) returned 0
[0306.816] SelectClipRgn (hdc=0x7f0107d7, hrgn=0x4040807) returned 2
[0306.816] DeleteObject (ho=0x830407de) returned 1
[0306.816] DeleteObject (ho=0x4040807) returned 1
[0306.816] OffsetViewportOrgEx (in: hdc=0x7f0107d7, x=0, y=0, lppt=0x2d1d7fc | out: lppt=0x2d1d7fc) returned 1
[0306.816] IsAppThemed () returned 0x1
[0306.816] GetThemeAppProperties () returned 0x3
[0306.816] GetThemeAppProperties () returned 0x3
[0306.816] GetThemeBackgroundContentRect () returned 0x0
[0306.816] RestoreDC (hdc=0x7f0107d7, nSavedDC=-1) returned 1
[0306.816] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d7) returned 0x0
[0306.816] IsAppThemed () returned 0x1
[0306.816] GetThemeAppProperties () returned 0x3
[0306.816] GetThemeAppProperties () returned 0x3
[0306.816] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0306.816] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0306.816] GetCurrentObject (hdc=0x7f0107d7, type=0x1) returned 0xb00017
[0306.816] GetCurrentObject (hdc=0x7f0107d7, type=0x2) returned 0x900010
[0306.816] GetCurrentObject (hdc=0x7f0107d7, type=0x7) returned 0x4a0507fe
[0306.817] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.817] SaveDC (hdc=0x7f0107d7) returned 1
[0306.817] GetTextAlign (hdc=0x7f0107d7) returned 0x0
[0306.817] GetTextColor (hdc=0x7f0107d7) returned 0x0
[0306.817] GetCurrentObject (hdc=0x7f0107d7, type=0x6) returned 0x8a01c2
[0306.817] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0306.817] SelectObject (hdc=0x7f0107d7, h=0x6d0a0520) returned 0x8a01c2
[0306.817] GetBkMode (hdc=0x7f0107d7) returned 2
[0306.817] SetBkMode (hdc=0x7f0107d7, mode=1) returned 2
[0306.817] DrawTextExW (in: hdc=0x7f0107d7, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d1db9c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0306.818] DrawTextExW (in: hdc=0x7f0107d7, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d1db9c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0306.818] RestoreDC (hdc=0x7f0107d7, nSavedDC=-1) returned 1
[0306.818] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d7) returned 0x0
[0306.818] GetFocus () returned 0x3602dc
[0306.818] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0306.818] SendMessageW (hWnd=0x3002c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0306.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0306.818] IsAppThemed () returned 0x1
[0306.818] GetThemeAppProperties () returned 0x3
[0306.818] GetThemeAppProperties () returned 0x3
[0306.818] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0306.818] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x7f0107d7, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.819] GdipReleaseDC (graphics=0x6600030, hdc=0x7f0107d7) returned 0x0
[0306.819] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.819] SelectObject (hdc=0x7f0107d7, h=0x85000f) returned 0x4a0507fe
[0306.819] DeleteDC (hdc=0x7f0107d7) returned 1
[0306.819] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.819] EndPaint (hWnd=0x3602dc, lpPaint=0xd7dee4) returned 1
[0306.819] MapWindowPoints (in: hWndFrom=0x3602dc, hWndTo=0x0, lpPoints=0x2d1dc98, cPoints=0x1 | out: lpPoints=0x2d1dc98) returned 30999254
[0306.819] WindowFromPoint (Point=0x2fd) returned 0x3602dc
[0306.819] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.819] NotifyWinEvent (event=0x800a, hwnd=0x3602dc, idObject=-4, idChild=0)
[0306.820] NotifyWinEvent (event=0x800c, hwnd=0x3602dc, idObject=-4, idChild=0)
[0306.820] GetCapture () returned 0x3602dc
[0306.820] ReleaseCapture () returned 1
[0306.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0306.820] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0306.820] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.820] IsWindow (hWnd=0x7005c) returned 1
[0306.820] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0306.821] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0306.821] IsWindow (hWnd=0x3002c8) returned 1
[0306.821] SetActiveWindow (hWnd=0x3002c8) returned 0x3002c8
[0306.821] IsWindow (hWnd=0x3002c8) returned 1
[0306.821] SetFocus (hWnd=0x3002c8) returned 0x3602dc
[0306.822] GetFocus () returned 0x3002c8
[0306.822] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x8, wParam=0x3002c8, lParam=0x0) returned 0x0
[0306.822] GetCapture () returned 0x0
[0306.822] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.823] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0306.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0306.826] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.826] GetFocus () returned 0x3002c8
[0306.826] SetFocus (hWnd=0x3602dc) returned 0x3002c8
[0306.827] GetFocus () returned 0x3602dc
[0306.827] IsChild (hWndParent=0x3002c8, hWnd=0x3602dc) returned 1
[0306.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x8, wParam=0x3602dc, lParam=0x0) returned 0x0
[0306.828] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0306.829] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0306.831] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x7, wParam=0x3002c8, lParam=0x0) returned 0x0
[0306.831] GetStockObject (i=5) returned 0x900015
[0306.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0306.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0306.831] GetDlgItem (hDlg=0x3002c8, nIDDlgItem=3539676) returned 0x3602dc
[0306.831] SendMessageW (hWnd=0x3602dc, Msg=0x202b, wParam=0x3602dc, lParam=0xd7ddcc) returned 0x0
[0306.831] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x202b, wParam=0x3602dc, lParam=0xd7ddcc) returned 0x0
[0306.831] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.833] GetWindowLongW (hWnd=0x3002c8, nIndex=-8) returned 458844
[0306.833] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0306.833] GetCurrentThreadId () returned 0xf50
[0306.833] IsWindow (hWnd=0x7005c) returned 1
[0306.833] IsWindow (hWnd=0x7005c) returned 1
[0306.833] IsWindowVisible (hWnd=0x7005c) returned 1
[0306.833] SetActiveWindow (hWnd=0x7005c) returned 0x3002c8
[0306.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0306.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.835] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0306.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0306.837] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0306.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0306.838] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0306.838] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0306.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3002c8) returned 0x1
[0306.847] GetFocus () returned 0x3602dc
[0306.847] SetFocus (hWnd=0x602c4) returned 0x3602dc
[0306.847] GetFocus () returned 0x602c4
[0306.847] IsChild (hWndParent=0x3002c8, hWnd=0x602c4) returned 0
[0306.847] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0306.847] GetCapture () returned 0x0
[0306.847] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.848] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0306.850] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0306.851] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.851] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0306.851] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0306.852] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0306.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x3602dc, lParam=0x0) returned 0x0
[0306.852] GetStockObject (i=5) returned 0x900015
[0306.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0306.852] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed828) returned 0xc
[0306.853] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0306.853] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0306.853] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0306.853] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0306.854] GetFocus () returned 0x602c4
[0306.854] IsChild (hWndParent=0x3002c8, hWnd=0x602c4) returned 0
[0306.854] ShowWindow (hWnd=0x3002c8, nCmdShow=0) returned 1
[0306.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0306.855] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0306.870] GetWindowPlacement (in: hWnd=0x3002c8, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0306.870] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0306.870] GetClientRect (in: hWnd=0x3002c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0306.870] GetWindowRect (in: hWnd=0x3002c8, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0306.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0306.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0306.871] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0306.874] GetWindowLongW (hWnd=0x3002c8, nIndex=-20) returned 327945
[0306.874] DestroyWindow (hWnd=0x3002c8) returned 1
[0306.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0306.874] GetWindowTextLengthW (hWnd=0x3002c8) returned 13
[0306.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.874] GetSystemMetrics (nIndex=42) returned 0
[0306.874] GetWindowTextW (in: hWnd=0x3002c8, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0306.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0306.875] GetWindowTextLengthW (hWnd=0x2b02d0) returned 0
[0306.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0306.875] GetSystemMetrics (nIndex=42) returned 0
[0306.875] GetWindowTextW (in: hWnd=0x2b02d0, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0306.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0306.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0306.875] GetWindowThreadProcessId (in: hWnd=0x2c02ce, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0306.875] GetWindow (hWnd=0x2c02ce, uCmd=0x5) returned 0x0
[0306.875] GetWindowLongW (hWnd=0x2c02ce, nIndex=-20) returned 65792
[0306.875] DestroyWindow (hWnd=0x2c02ce) returned 1
[0306.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0306.875] GetWindowTextLengthW (hWnd=0x2c02ce) returned 25
[0306.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0306.875] GetSystemMetrics (nIndex=42) returned 0
[0306.875] GetWindowTextW (in: hWnd=0x2c02ce, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0306.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0306.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0306.876] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2c02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.877] GetWindowTextLengthW (hWnd=0x3602de) returned 232
[0306.877] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0306.877] GetSystemMetrics (nIndex=42) returned 0
[0306.877] GetWindowTextW (in: hWnd=0x3602de, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0306.877] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0306.877] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0306.877] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0306.877] InvalidateRect (hWnd=0x3602dc, lpRect=0x0, bErase=0) returned 1
[0306.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0306.878] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0306.878] SendMessageW (hWnd=0x3900ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0306.878] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0306.878] SendMessageW (hWnd=0x3900ea, Msg=0xb0, wParam=0x2ce8380, lParam=0xd7e480) returned 0x0
[0306.878] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0xb0, wParam=0x2ce8380, lParam=0xd7e480) returned 0x0
[0306.878] GetWindowTextLengthW (hWnd=0x3900ea) returned 4363
[0306.878] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0306.878] GetSystemMetrics (nIndex=42) returned 0
[0306.878] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0306.878] GetWindowTextW (in: hWnd=0x3900ea, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0306.878] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0306.878] CoTaskMemFree (pv=0x1202960)
[0306.878] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0306.879] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2b02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.880] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3602de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.881] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.883] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.884] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3602da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.885] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3900ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.886] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0306.888] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.888] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.888] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.888] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.888] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.888] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.889] IsWindowUnicode (hWnd=0x7005c) returned 1
[0306.889] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.889] SetCursor (hCursor=0x10003) returned 0x10003
[0306.889] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.889] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.889] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0306.889] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0306.889] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0306.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b023f) returned 0x0
[0306.890] GetKeyState (nVirtKey=1) returned 1
[0306.890] GetKeyState (nVirtKey=2) returned 0
[0306.890] GetKeyState (nVirtKey=4) returned 0
[0306.890] GetKeyState (nVirtKey=5) returned 0
[0306.890] GetKeyState (nVirtKey=6) returned 0
[0306.890] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.890] IsWindowUnicode (hWnd=0x7005c) returned 1
[0306.890] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.890] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.891] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.891] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.891] IsWindowUnicode (hWnd=0x7005c) returned 1
[0306.891] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e002fd) returned 0x1
[0306.891] SetCursor (hCursor=0x10003) returned 0x10003
[0306.891] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.891] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.892] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10b023f) returned 0x0
[0306.892] GetKeyState (nVirtKey=1) returned 1
[0306.892] GetKeyState (nVirtKey=2) returned 0
[0306.892] GetKeyState (nVirtKey=4) returned 0
[0306.892] GetKeyState (nVirtKey=5) returned 0
[0306.892] GetKeyState (nVirtKey=6) returned 0
[0306.892] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.892] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.892] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.892] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.892] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.892] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.893] IsWindowUnicode (hWnd=0x602c4) returned 1
[0306.893] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.893] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.893] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.893] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0306.894] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.894] CreateCompatibleDC (hdc=0x107b9) returned 0xfc0107c6
[0306.894] SelectObject (hdc=0xfc0107c6, h=0x4a0507fe) returned 0x85000f
[0306.894] GdipCreateFromHDC (hdc=0xfc0107c6, graphics=0xd7e798) returned 0x0
[0306.894] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0306.894] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0306.894] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0306.894] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0306.894] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e7f8) returned 0x0
[0306.894] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0306.894] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0306.894] LocalFree (hMem=0x11ee868) returned 0x0
[0306.894] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0306.895] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0306.895] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0306.895] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0306.895] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0306.895] GdipRestoreGraphics (graphics=0x6600030, state=0xf5520dbd) returned 0x0
[0306.895] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0306.895] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0306.895] GetCurrentObject (hdc=0xfc0107c6, type=0x1) returned 0xb00017
[0306.895] GetCurrentObject (hdc=0xfc0107c6, type=0x2) returned 0x900010
[0306.895] GetCurrentObject (hdc=0xfc0107c6, type=0x7) returned 0x4a0507fe
[0306.895] GetCurrentObject (hdc=0xfc0107c6, type=0x6) returned 0x8a01c2
[0306.895] SaveDC (hdc=0xfc0107c6) returned 1
[0306.895] GetNearestColor (hdc=0xfc0107c6, color=0xff) returned 0xff
[0306.895] GetNearestColor (hdc=0xfc0107c6, color=0x55) returned 0x55
[0306.895] GetNearestColor (hdc=0xfc0107c6, color=0x0) returned 0x0
[0306.896] GetNearestColor (hdc=0xfc0107c6, color=0x55) returned 0x55
[0306.896] GetNearestColor (hdc=0xfc0107c6, color=0x0) returned 0x0
[0306.896] GetNearestColor (hdc=0xfc0107c6, color=0x8080ff) returned 0x8080ff
[0306.896] GetNearestColor (hdc=0xfc0107c6, color=0x7373e5) returned 0x7373e5
[0306.896] GetNearestColor (hdc=0xfc0107c6, color=0xe5) returned 0xe5
[0306.896] GetNearestColor (hdc=0xfc0107c6, color=0x0) returned 0x0
[0306.896] RestoreDC (hdc=0xfc0107c6, nSavedDC=-1) returned 1
[0306.896] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107c6) returned 0x0
[0306.896] IsAppThemed () returned 0x1
[0306.896] GetThemeAppProperties () returned 0x3
[0306.896] GetThemeAppProperties () returned 0x3
[0306.896] IsAppThemed () returned 0x1
[0306.896] GetThemeAppProperties () returned 0x3
[0306.896] GetThemeAppProperties () returned 0x3
[0306.896] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d25a3c | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0306.897] IsAppThemed () returned 0x1
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] IsAppThemed () returned 0x1
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] GetFocus () returned 0x602c4
[0306.897] IsAppThemed () returned 0x1
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] IsAppThemed () returned 0x1
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] GetThemeAppProperties () returned 0x3
[0306.897] IsThemePartDefined () returned 0x1
[0306.897] IsAppThemed () returned 0x1
[0306.898] GetThemeAppProperties () returned 0x3
[0306.898] GetThemeAppProperties () returned 0x3
[0306.898] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0306.898] IsAppThemed () returned 0x1
[0306.898] GetThemeAppProperties () returned 0x3
[0306.898] GetThemeAppProperties () returned 0x3
[0306.898] IsAppThemed () returned 0x1
[0306.898] GetThemeAppProperties () returned 0x3
[0306.898] GetThemeAppProperties () returned 0x3
[0306.898] IsThemePartDefined () returned 0x1
[0306.898] GdipCreateRegion (region=0xd7e508) returned 0x0
[0306.898] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0306.898] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0306.898] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0306.898] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e520) returned 0x0
[0306.898] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.898] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0306.898] LocalFree (hMem=0x11eec58) returned 0x0
[0306.898] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0306.898] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee8d8) returned 0x0
[0306.898] LocalFree (hMem=0x11ee8d8) returned 0x0
[0306.898] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0306.899] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e548) returned 0x0
[0306.899] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e538) returned 0x0
[0306.899] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0306.899] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0306.899] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0306.899] GetCurrentObject (hdc=0xfc0107c6, type=0x1) returned 0xb00017
[0306.899] GetCurrentObject (hdc=0xfc0107c6, type=0x2) returned 0x900010
[0306.899] GetCurrentObject (hdc=0xfc0107c6, type=0x7) returned 0x4a0507fe
[0306.899] GetCurrentObject (hdc=0xfc0107c6, type=0x6) returned 0x8a01c2
[0306.899] SaveDC (hdc=0xfc0107c6) returned 1
[0306.899] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5040807
[0306.899] GetClipRgn (hdc=0xfc0107c6, hrgn=0x5040807) returned 0
[0306.899] SelectClipRgn (hdc=0xfc0107c6, hrgn=0x870407de) returned 2
[0306.899] DeleteObject (ho=0x5040807) returned 1
[0306.899] DeleteObject (ho=0x870407de) returned 1
[0306.899] OffsetViewportOrgEx (in: hdc=0xfc0107c6, x=0, y=0, lppt=0x2d260ec | out: lppt=0x2d260ec) returned 1
[0306.899] DrawThemeParentBackground () returned 0x0
[0306.900] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0306.900] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0306.900] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.900] GetSystemMetrics (nIndex=42) returned 0
[0306.900] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.900] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0306.900] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0306.900] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0306.900] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0306.900] SelectPalette (hdc=0xfc0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.900] GdipCreateFromHDC (hdc=0xfc0107c6, graphics=0xd7dff8) returned 0x0
[0306.900] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.900] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0306.900] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638b18) returned 0x0
[0306.900] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfd0) returned 0x0
[0306.900] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0306.901] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0306.901] GdipGetClip (graphics=0x6639e10, region=0x66464d8) returned 0x0
[0306.901] GdipIsInfiniteRegion (region=0x66464d8, graphics=0x6639e10, result=0xd7dfc4) returned 0x0
[0306.901] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0306.901] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dff0) returned 0x0
[0306.901] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0306.917] GdipFillRectangleI (graphics=0x6639e10, brush=0x664db50, x=0, y=0, width=801, height=453) returned 0x0
[0306.917] GdipDeleteBrush (brush=0x664db50) returned 0x0
[0306.918] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.918] SelectPalette (hdc=0xfc0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.918] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.918] GetSystemMetrics (nIndex=42) returned 0
[0306.918] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0306.919] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0306.919] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0306.919] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0306.919] SelectPalette (hdc=0xfc0107c6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0306.919] GdipCreateFromHDC (hdc=0xfc0107c6, graphics=0xd7df98) returned 0x0
[0306.920] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0306.920] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0306.920] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cf8) returned 0x0
[0306.920] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df70) returned 0x0
[0306.920] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0306.920] GdipCreateRegion (region=0xd7df58) returned 0x0
[0306.920] GdipGetClip (graphics=0x6639e10, region=0x6646e68) returned 0x0
[0306.920] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6639e10, result=0xd7df64) returned 0x0
[0306.920] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0306.920] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df90) returned 0x0
[0306.920] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0306.928] GdipFillRectangleI (graphics=0x6639e10, brush=0x664da18, x=0, y=0, width=801, height=453) returned 0x0
[0306.928] GdipDeleteBrush (brush=0x664da18) returned 0x0
[0306.930] GdipRestoreGraphics (graphics=0x6639e10, state=0xf54e0dbd) returned 0x0
[0306.930] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0306.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0306.930] GetSystemMetrics (nIndex=42) returned 0
[0306.930] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0306.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0306.930] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0306.930] SelectPalette (hdc=0xfc0107c6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.930] RestoreDC (hdc=0xfc0107c6, nSavedDC=-1) returned 1
[0306.931] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107c6) returned 0x0
[0306.931] IsAppThemed () returned 0x1
[0306.931] GetThemeAppProperties () returned 0x3
[0306.931] GetThemeAppProperties () returned 0x3
[0306.931] IsAppThemed () returned 0x1
[0306.931] GetThemeAppProperties () returned 0x3
[0306.931] GetThemeAppProperties () returned 0x3
[0306.931] IsThemePartDefined () returned 0x1
[0306.931] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0306.931] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0306.931] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0306.931] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0306.931] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e4a4) returned 0x0
[0306.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0306.931] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0306.931] LocalFree (hMem=0x11ee9f0) returned 0x0
[0306.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0306.931] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0306.931] LocalFree (hMem=0x11eec58) returned 0x0
[0306.932] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0306.932] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0306.932] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0306.932] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0306.932] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0306.932] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0306.932] GetCurrentObject (hdc=0xfc0107c6, type=0x1) returned 0xb00017
[0306.932] GetCurrentObject (hdc=0xfc0107c6, type=0x2) returned 0x900010
[0306.932] GetCurrentObject (hdc=0xfc0107c6, type=0x7) returned 0x4a0507fe
[0306.932] GetCurrentObject (hdc=0xfc0107c6, type=0x6) returned 0x8a01c2
[0306.932] SaveDC (hdc=0xfc0107c6) returned 1
[0306.932] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x880407de
[0306.932] GetClipRgn (hdc=0xfc0107c6, hrgn=0x880407de) returned 0
[0306.932] SelectClipRgn (hdc=0xfc0107c6, hrgn=0x7040807) returned 2
[0306.932] DeleteObject (ho=0x880407de) returned 1
[0306.932] DeleteObject (ho=0x7040807) returned 1
[0306.932] OffsetViewportOrgEx (in: hdc=0xfc0107c6, x=0, y=0, lppt=0x2d2c93c | out: lppt=0x2d2c93c) returned 1
[0306.932] IsAppThemed () returned 0x1
[0306.932] GetThemeAppProperties () returned 0x3
[0306.933] GetThemeAppProperties () returned 0x3
[0306.933] DrawThemeBackground () returned 0x0
[0306.933] RestoreDC (hdc=0xfc0107c6, nSavedDC=-1) returned 1
[0306.933] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107c6) returned 0x0
[0306.933] GdipCreateRegion (region=0xd7e490) returned 0x0
[0306.933] GdipGetClip (graphics=0x6600030, region=0x6646ef8) returned 0x0
[0306.933] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0306.933] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0306.933] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e4a8) returned 0x0
[0306.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0306.933] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eecc8) returned 0x0
[0306.933] LocalFree (hMem=0x11eecc8) returned 0x0
[0306.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0306.933] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea28) returned 0x0
[0306.933] LocalFree (hMem=0x11eea28) returned 0x0
[0306.933] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0306.933] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0306.933] GdipIsInfiniteRegion (region=0x6646ef8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0306.933] GdipGetRegionHRgn (region=0x6646ef8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0306.933] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0306.933] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0306.933] GetCurrentObject (hdc=0xfc0107c6, type=0x1) returned 0xb00017
[0306.933] GetCurrentObject (hdc=0xfc0107c6, type=0x2) returned 0x900010
[0306.934] GetCurrentObject (hdc=0xfc0107c6, type=0x7) returned 0x4a0507fe
[0306.934] GetCurrentObject (hdc=0xfc0107c6, type=0x6) returned 0x8a01c2
[0306.934] SaveDC (hdc=0xfc0107c6) returned 1
[0306.934] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8040807
[0306.934] GetClipRgn (hdc=0xfc0107c6, hrgn=0x8040807) returned 0
[0306.934] SelectClipRgn (hdc=0xfc0107c6, hrgn=0x890407de) returned 2
[0306.934] DeleteObject (ho=0x8040807) returned 1
[0306.934] DeleteObject (ho=0x890407de) returned 1
[0306.934] OffsetViewportOrgEx (in: hdc=0xfc0107c6, x=0, y=0, lppt=0x2d2cc10 | out: lppt=0x2d2cc10) returned 1
[0306.934] IsAppThemed () returned 0x1
[0306.934] GetThemeAppProperties () returned 0x3
[0306.934] GetThemeAppProperties () returned 0x3
[0306.934] GetThemeBackgroundContentRect () returned 0x0
[0306.939] RestoreDC (hdc=0xfc0107c6, nSavedDC=-1) returned 1
[0306.939] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107c6) returned 0x0
[0306.939] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0306.939] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0306.939] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0306.939] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0306.939] IsAppThemed () returned 0x1
[0306.939] GetThemeAppProperties () returned 0x3
[0306.939] GetThemeAppProperties () returned 0x3
[0306.939] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0306.939] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0306.939] GetCurrentObject (hdc=0xfc0107c6, type=0x1) returned 0xb00017
[0306.939] GetCurrentObject (hdc=0xfc0107c6, type=0x2) returned 0x900010
[0306.939] GetCurrentObject (hdc=0xfc0107c6, type=0x7) returned 0x4a0507fe
[0306.939] GetCurrentObject (hdc=0xfc0107c6, type=0x6) returned 0x8a01c2
[0306.940] SaveDC (hdc=0xfc0107c6) returned 1
[0306.940] GetTextAlign (hdc=0xfc0107c6) returned 0x0
[0306.940] GetTextColor (hdc=0xfc0107c6) returned 0x0
[0306.940] GetCurrentObject (hdc=0xfc0107c6, type=0x6) returned 0x8a01c2
[0306.940] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0306.940] SelectObject (hdc=0xfc0107c6, h=0x6d0a0520) returned 0x8a01c2
[0306.940] GetBkMode (hdc=0xfc0107c6) returned 2
[0306.940] SetBkMode (hdc=0xfc0107c6, mode=1) returned 2
[0306.940] DrawTextExW (in: hdc=0xfc0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d2cfd4 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0306.940] DrawTextExW (in: hdc=0xfc0107c6, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d2cfd4 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0306.941] RestoreDC (hdc=0xfc0107c6, nSavedDC=-1) returned 1
[0306.941] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107c6) returned 0x0
[0306.941] GetFocus () returned 0x602c4
[0306.941] IsAppThemed () returned 0x1
[0306.941] GetThemeAppProperties () returned 0x3
[0306.941] GetThemeAppProperties () returned 0x3
[0306.941] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0306.941] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xfc0107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0306.941] GdipReleaseDC (graphics=0x6600030, hdc=0xfc0107c6) returned 0x0
[0306.941] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0306.941] SelectObject (hdc=0xfc0107c6, h=0x85000f) returned 0x4a0507fe
[0306.941] DeleteDC (hdc=0xfc0107c6) returned 1
[0306.941] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0306.941] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0306.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.942] WaitMessage () returned 1
[0306.942] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.942] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.942] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.942] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.942] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.943] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.943] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.943] WaitMessage () returned 1
[0306.954] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.954] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.955] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.955] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.955] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.955] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.955] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.955] WaitMessage () returned 1
[0306.957] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.957] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.957] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.957] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.957] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.958] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.958] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.958] WaitMessage () returned 1
[0306.959] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.959] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.959] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.959] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.959] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.960] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.960] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.960] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.960] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.960] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.960] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.960] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.961] WaitMessage () returned 1
[0306.961] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.961] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.961] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.961] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.961] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.962] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.963] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.963] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.963] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.963] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.963] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.964] WaitMessage () returned 1
[0306.964] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.964] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.964] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.964] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.964] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.965] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.965] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.965] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.965] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.965] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.969] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.969] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.969] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.969] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.969] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.969] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.970] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.970] WaitMessage () returned 1
[0306.971] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.971] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.971] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.971] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.971] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.973] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.973] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.973] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.973] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0306.974] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0306.974] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0306.974] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0306.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.974] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0306.974] WaitMessage () returned 1
[0307.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0307.002] IsWindowUnicode (hWnd=0x7005c) returned 1
[0307.002] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0307.002] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0307.002] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0307.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0307.002] IsWindowUnicode (hWnd=0x7005c) returned 1
[0307.002] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0307.002] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0307.002] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0307.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10b023f) returned 0x0
[0307.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0307.002] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0307.002] WaitMessage () returned 1
[0307.155] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0307.155] IsWindowUnicode (hWnd=0x502c6) returned 1
[0307.155] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0307.155] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0307.155] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0307.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0307.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0307.156] WaitMessage () returned 1
[0309.130] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.130] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720100) returned 0x1
[0309.130] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.130] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.130] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0309.130] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0309.130] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0309.130] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.130] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720100) returned 0x1
[0309.130] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.130] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.130] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720100) returned 0x1
[0309.131] SetCursor (hCursor=0x10003) returned 0x10003
[0309.131] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0309.131] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0309.131] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0309.131] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0309.131] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0309.131] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0309.131] GetKeyState (nVirtKey=1) returned 1
[0309.131] GetKeyState (nVirtKey=2) returned 0
[0309.131] GetKeyState (nVirtKey=4) returned 0
[0309.131] GetKeyState (nVirtKey=5) returned 0
[0309.131] GetKeyState (nVirtKey=6) returned 0
[0309.131] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.131] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.131] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.131] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0309.131] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0309.131] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0309.132] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.132] CreateCompatibleDC (hdc=0x107b9) returned 0x770107fc
[0309.132] SelectObject (hdc=0x770107fc, h=0x4a0507fe) returned 0x85000f
[0309.132] GdipCreateFromHDC (hdc=0x770107fc, graphics=0xd7e798) returned 0x0
[0309.132] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.132] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0309.132] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0309.132] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0309.132] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e7f8) returned 0x0
[0309.132] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0309.132] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eed00) returned 0x0
[0309.132] LocalFree (hMem=0x11eed00) returned 0x0
[0309.132] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0309.133] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0309.133] GdipGetClip (graphics=0x6600030, region=0x6646e68) returned 0x0
[0309.133] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0309.133] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0309.133] GdipRestoreGraphics (graphics=0x6600030, state=0xf54c0dbd) returned 0x0
[0309.133] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0309.133] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0309.133] GetCurrentObject (hdc=0x770107fc, type=0x1) returned 0xb00017
[0309.133] GetCurrentObject (hdc=0x770107fc, type=0x2) returned 0x900010
[0309.133] GetCurrentObject (hdc=0x770107fc, type=0x7) returned 0x4a0507fe
[0309.133] GetCurrentObject (hdc=0x770107fc, type=0x6) returned 0x8a01c2
[0309.133] SaveDC (hdc=0x770107fc) returned 1
[0309.133] GetNearestColor (hdc=0x770107fc, color=0xff) returned 0xff
[0309.133] GetNearestColor (hdc=0x770107fc, color=0x55) returned 0x55
[0309.133] GetNearestColor (hdc=0x770107fc, color=0x0) returned 0x0
[0309.133] GetNearestColor (hdc=0x770107fc, color=0x55) returned 0x55
[0309.133] GetNearestColor (hdc=0x770107fc, color=0x0) returned 0x0
[0309.133] GetNearestColor (hdc=0x770107fc, color=0x8080ff) returned 0x8080ff
[0309.133] GetNearestColor (hdc=0x770107fc, color=0x7373e5) returned 0x7373e5
[0309.134] GetNearestColor (hdc=0x770107fc, color=0xe5) returned 0xe5
[0309.134] GetNearestColor (hdc=0x770107fc, color=0x0) returned 0x0
[0309.134] RestoreDC (hdc=0x770107fc, nSavedDC=-1) returned 1
[0309.134] GdipReleaseDC (graphics=0x6600030, hdc=0x770107fc) returned 0x0
[0309.134] IsAppThemed () returned 0x1
[0309.134] GetThemeAppProperties () returned 0x3
[0309.134] GetThemeAppProperties () returned 0x3
[0309.134] IsAppThemed () returned 0x1
[0309.134] GetThemeAppProperties () returned 0x3
[0309.134] GetThemeAppProperties () returned 0x3
[0309.134] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d2d944 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0309.134] IsAppThemed () returned 0x1
[0309.134] GetThemeAppProperties () returned 0x3
[0309.134] GetThemeAppProperties () returned 0x3
[0309.134] IsAppThemed () returned 0x1
[0309.134] GetThemeAppProperties () returned 0x3
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] IsAppThemed () returned 0x1
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] IsAppThemed () returned 0x1
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] IsThemePartDefined () returned 0x1
[0309.135] IsAppThemed () returned 0x1
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0309.135] IsAppThemed () returned 0x1
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] IsAppThemed () returned 0x1
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] GetThemeAppProperties () returned 0x3
[0309.135] IsThemePartDefined () returned 0x1
[0309.135] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0309.135] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0309.135] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0309.135] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0309.135] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e514) returned 0x0
[0309.135] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.135] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0309.135] LocalFree (hMem=0x11ee788) returned 0x0
[0309.136] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0309.136] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eed00) returned 0x0
[0309.136] LocalFree (hMem=0x11eed00) returned 0x0
[0309.136] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0309.136] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0309.136] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0309.136] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0309.136] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0309.136] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0309.136] GetCurrentObject (hdc=0x770107fc, type=0x1) returned 0xb00017
[0309.136] GetCurrentObject (hdc=0x770107fc, type=0x2) returned 0x900010
[0309.136] GetCurrentObject (hdc=0x770107fc, type=0x7) returned 0x4a0507fe
[0309.136] GetCurrentObject (hdc=0x770107fc, type=0x6) returned 0x8a01c2
[0309.136] SaveDC (hdc=0x770107fc) returned 1
[0309.136] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8a0407de
[0309.136] GetClipRgn (hdc=0x770107fc, hrgn=0x8a0407de) returned 0
[0309.136] SelectClipRgn (hdc=0x770107fc, hrgn=0xc040807) returned 2
[0309.136] DeleteObject (ho=0x8a0407de) returned 1
[0309.136] DeleteObject (ho=0xc040807) returned 1
[0309.136] OffsetViewportOrgEx (in: hdc=0x770107fc, x=0, y=0, lppt=0x2d2dff4 | out: lppt=0x2d2dff4) returned 1
[0309.136] DrawThemeParentBackground () returned 0x0
[0309.137] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0309.137] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0309.137] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.137] GetSystemMetrics (nIndex=42) returned 0
[0309.137] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0309.137] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0309.137] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0309.137] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0309.137] SelectPalette (hdc=0x770107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.137] GdipCreateFromHDC (hdc=0x770107fc, graphics=0xd7dff0) returned 0x0
[0309.137] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0309.137] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0309.138] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638a58) returned 0x0
[0309.138] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dfc8) returned 0x0
[0309.138] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0309.138] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0309.138] GdipGetClip (graphics=0x6639e10, region=0x6646e68) returned 0x0
[0309.138] GdipIsInfiniteRegion (region=0x6646e68, graphics=0x6639e10, result=0xd7dfbc) returned 0x0
[0309.138] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0309.138] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dfe8) returned 0x0
[0309.138] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0309.145] GdipFillRectangleI (graphics=0x6639e10, brush=0x664ddc0, x=0, y=0, width=801, height=453) returned 0x0
[0309.145] GdipDeleteBrush (brush=0x664ddc0) returned 0x0
[0309.146] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0309.146] SelectPalette (hdc=0x770107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.146] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.146] GetSystemMetrics (nIndex=42) returned 0
[0309.146] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.146] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0309.146] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0309.146] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0309.146] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0309.146] SelectPalette (hdc=0x770107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.146] GdipCreateFromHDC (hdc=0x770107fc, graphics=0xd7df90) returned 0x0
[0309.147] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0309.147] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0309.147] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638bd8) returned 0x0
[0309.147] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df68) returned 0x0
[0309.147] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0309.147] GdipCreateRegion (region=0xd7df50) returned 0x0
[0309.147] GdipGetClip (graphics=0x6639e10, region=0x66463b8) returned 0x0
[0309.147] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6639e10, result=0xd7df5c) returned 0x0
[0309.147] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0309.147] GdipSaveGraphics (graphics=0x6639e10, state=0xd7df88) returned 0x0
[0309.147] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0309.154] GdipFillRectangleI (graphics=0x6639e10, brush=0x664e168, x=0, y=0, width=801, height=453) returned 0x0
[0309.154] GdipDeleteBrush (brush=0x664e168) returned 0x0
[0309.155] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5480dbd) returned 0x0
[0309.155] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.155] GetSystemMetrics (nIndex=42) returned 0
[0309.155] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0309.155] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0309.155] SelectPalette (hdc=0x770107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.156] RestoreDC (hdc=0x770107fc, nSavedDC=-1) returned 1
[0309.156] GdipReleaseDC (graphics=0x6600030, hdc=0x770107fc) returned 0x0
[0309.156] IsAppThemed () returned 0x1
[0309.156] GetThemeAppProperties () returned 0x3
[0309.156] GetThemeAppProperties () returned 0x3
[0309.156] IsAppThemed () returned 0x1
[0309.156] GetThemeAppProperties () returned 0x3
[0309.156] GetThemeAppProperties () returned 0x3
[0309.156] IsThemePartDefined () returned 0x1
[0309.156] GdipCreateRegion (region=0xd7e480) returned 0x0
[0309.156] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0309.156] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0309.156] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0309.156] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e498) returned 0x0
[0309.156] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.156] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0309.156] LocalFree (hMem=0x11ee788) returned 0x0
[0309.156] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.156] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0309.156] LocalFree (hMem=0x11ee868) returned 0x0
[0309.157] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0309.157] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0309.157] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0309.157] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0309.157] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0309.157] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0309.157] GetCurrentObject (hdc=0x770107fc, type=0x1) returned 0xb00017
[0309.157] GetCurrentObject (hdc=0x770107fc, type=0x2) returned 0x900010
[0309.157] GetCurrentObject (hdc=0x770107fc, type=0x7) returned 0x4a0507fe
[0309.157] GetCurrentObject (hdc=0x770107fc, type=0x6) returned 0x8a01c2
[0309.157] SaveDC (hdc=0x770107fc) returned 1
[0309.157] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd040807
[0309.157] GetClipRgn (hdc=0x770107fc, hrgn=0xd040807) returned 0
[0309.157] SelectClipRgn (hdc=0x770107fc, hrgn=0x8c0407de) returned 2
[0309.157] DeleteObject (ho=0xd040807) returned 1
[0309.157] DeleteObject (ho=0x8c0407de) returned 1
[0309.157] OffsetViewportOrgEx (in: hdc=0x770107fc, x=0, y=0, lppt=0x2d34844 | out: lppt=0x2d34844) returned 1
[0309.157] IsAppThemed () returned 0x1
[0309.157] GetThemeAppProperties () returned 0x3
[0309.157] GetThemeAppProperties () returned 0x3
[0309.157] DrawThemeBackground () returned 0x0
[0309.158] RestoreDC (hdc=0x770107fc, nSavedDC=-1) returned 1
[0309.158] GdipReleaseDC (graphics=0x6600030, hdc=0x770107fc) returned 0x0
[0309.158] GdipCreateRegion (region=0xd7e484) returned 0x0
[0309.158] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0309.158] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0309.158] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0309.158] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e49c) returned 0x0
[0309.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.158] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0309.158] LocalFree (hMem=0x11ee788) returned 0x0
[0309.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.158] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0309.158] LocalFree (hMem=0x11ee788) returned 0x0
[0309.158] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0309.158] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0309.158] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0309.158] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0309.158] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0309.158] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0309.158] GetCurrentObject (hdc=0x770107fc, type=0x1) returned 0xb00017
[0309.158] GetCurrentObject (hdc=0x770107fc, type=0x2) returned 0x900010
[0309.158] GetCurrentObject (hdc=0x770107fc, type=0x7) returned 0x4a0507fe
[0309.158] GetCurrentObject (hdc=0x770107fc, type=0x6) returned 0x8a01c2
[0309.159] SaveDC (hdc=0x770107fc) returned 1
[0309.159] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8d0407de
[0309.159] GetClipRgn (hdc=0x770107fc, hrgn=0x8d0407de) returned 0
[0309.159] SelectClipRgn (hdc=0x770107fc, hrgn=0xe040807) returned 2
[0309.159] DeleteObject (ho=0x8d0407de) returned 1
[0309.159] DeleteObject (ho=0xe040807) returned 1
[0309.159] OffsetViewportOrgEx (in: hdc=0x770107fc, x=0, y=0, lppt=0x2d34b18 | out: lppt=0x2d34b18) returned 1
[0309.159] IsAppThemed () returned 0x1
[0309.159] GetThemeAppProperties () returned 0x3
[0309.159] GetThemeAppProperties () returned 0x3
[0309.159] GetThemeBackgroundContentRect () returned 0x0
[0309.159] RestoreDC (hdc=0x770107fc, nSavedDC=-1) returned 1
[0309.159] GdipReleaseDC (graphics=0x6600030, hdc=0x770107fc) returned 0x0
[0309.159] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0309.159] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0309.159] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0309.159] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0309.159] IsAppThemed () returned 0x1
[0309.159] GetThemeAppProperties () returned 0x3
[0309.159] GetThemeAppProperties () returned 0x3
[0309.159] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0309.159] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0309.160] GetCurrentObject (hdc=0x770107fc, type=0x1) returned 0xb00017
[0309.160] GetCurrentObject (hdc=0x770107fc, type=0x2) returned 0x900010
[0309.160] GetCurrentObject (hdc=0x770107fc, type=0x7) returned 0x4a0507fe
[0309.160] GetCurrentObject (hdc=0x770107fc, type=0x6) returned 0x8a01c2
[0309.160] SaveDC (hdc=0x770107fc) returned 1
[0309.160] GetTextAlign (hdc=0x770107fc) returned 0x0
[0309.160] GetTextColor (hdc=0x770107fc) returned 0x0
[0309.160] GetCurrentObject (hdc=0x770107fc, type=0x6) returned 0x8a01c2
[0309.160] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0309.160] SelectObject (hdc=0x770107fc, h=0x6d0a0520) returned 0x8a01c2
[0309.160] GetBkMode (hdc=0x770107fc) returned 2
[0309.160] SetBkMode (hdc=0x770107fc, mode=1) returned 2
[0309.160] DrawTextExW (in: hdc=0x770107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d34edc | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0309.161] DrawTextExW (in: hdc=0x770107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d34edc | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0309.161] RestoreDC (hdc=0x770107fc, nSavedDC=-1) returned 1
[0309.161] GdipReleaseDC (graphics=0x6600030, hdc=0x770107fc) returned 0x0
[0309.161] GetFocus () returned 0x602c4
[0309.161] IsAppThemed () returned 0x1
[0309.161] GetThemeAppProperties () returned 0x3
[0309.161] GetThemeAppProperties () returned 0x3
[0309.161] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0309.161] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x770107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.162] GdipReleaseDC (graphics=0x6600030, hdc=0x770107fc) returned 0x0
[0309.162] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.162] SelectObject (hdc=0x770107fc, h=0x85000f) returned 0x4a0507fe
[0309.162] DeleteDC (hdc=0x770107fc) returned 1
[0309.162] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.162] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0309.162] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0309.162] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0309.162] WaitMessage () returned 1
[0309.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.232] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.232] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.232] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0309.232] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0309.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.232] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.232] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.232] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0309.232] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0309.232] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xb0025) returned 0x0
[0309.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0309.232] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0309.232] WaitMessage () returned 1
[0309.357] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.357] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720100) returned 0x1
[0309.357] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.357] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.357] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720100) returned 0x1
[0309.357] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0309.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19d0042) returned 0x0
[0309.357] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0309.357] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0309.358] SetCursor (hCursor=0x10003) returned 0x10003
[0309.358] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0309.358] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0309.358] GetKeyState (nVirtKey=1) returned -128
[0309.358] GetKeyState (nVirtKey=2) returned 0
[0309.358] GetKeyState (nVirtKey=4) returned 0
[0309.358] GetKeyState (nVirtKey=5) returned 0
[0309.358] GetKeyState (nVirtKey=6) returned 0
[0309.358] IsWindowVisible (hWnd=0x602c4) returned 1
[0309.358] IsWindowEnabled (hWnd=0x602c4) returned 1
[0309.358] SetFocus (hWnd=0x602c4) returned 0x602c4
[0309.358] GetFocus () returned 0x602c4
[0309.358] GetFocus () returned 0x602c4
[0309.358] GetFocus () returned 0x602c4
[0309.358] GetKeyState (nVirtKey=1) returned -128
[0309.358] GetKeyState (nVirtKey=2) returned 0
[0309.358] GetKeyState (nVirtKey=4) returned 0
[0309.358] GetKeyState (nVirtKey=5) returned 0
[0309.358] GetKeyState (nVirtKey=6) returned 0
[0309.358] GetCapture () returned 0x0
[0309.358] SetCapture (hWnd=0x602c4) returned 0x0
[0309.358] GetKeyState (nVirtKey=1) returned -128
[0309.358] GetKeyState (nVirtKey=2) returned 0
[0309.358] GetKeyState (nVirtKey=4) returned 0
[0309.359] GetKeyState (nVirtKey=5) returned 0
[0309.359] GetKeyState (nVirtKey=6) returned 0
[0309.359] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0309.359] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0309.359] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.359] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.359] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0309.359] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0309.359] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0309.359] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d35060, cPoints=0x1 | out: lpPoints=0x2d35060) returned 40304859
[0309.359] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0309.359] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0309.359] UpdateWindow (hWnd=0x602c4) returned 1
[0309.359] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x107b9
[0309.359] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.359] CreateCompatibleDC (hdc=0x107b9) returned 0x780107fc
[0309.359] SelectObject (hdc=0x780107fc, h=0x4a0507fe) returned 0x85000f
[0309.360] GdipCreateFromHDC (hdc=0x780107fc, graphics=0xd7e430) returned 0x0
[0309.360] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.360] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0309.360] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0309.360] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0309.360] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e490) returned 0x0
[0309.360] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.360] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11eec58) returned 0x0
[0309.360] LocalFree (hMem=0x11eec58) returned 0x0
[0309.360] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0309.360] GdipCreateRegion (region=0xd7e478) returned 0x0
[0309.360] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0309.360] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0309.360] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0309.360] GdipRestoreGraphics (graphics=0x6600030, state=0xf5460dbd) returned 0x0
[0309.360] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0309.360] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0309.360] GetCurrentObject (hdc=0x780107fc, type=0x1) returned 0xb00017
[0309.361] GetCurrentObject (hdc=0x780107fc, type=0x2) returned 0x900010
[0309.361] GetCurrentObject (hdc=0x780107fc, type=0x7) returned 0x4a0507fe
[0309.361] GetCurrentObject (hdc=0x780107fc, type=0x6) returned 0x8a01c2
[0309.361] SaveDC (hdc=0x780107fc) returned 1
[0309.361] GetNearestColor (hdc=0x780107fc, color=0xff) returned 0xff
[0309.361] GetNearestColor (hdc=0x780107fc, color=0x55) returned 0x55
[0309.361] GetNearestColor (hdc=0x780107fc, color=0x0) returned 0x0
[0309.361] GetNearestColor (hdc=0x780107fc, color=0x55) returned 0x55
[0309.361] GetNearestColor (hdc=0x780107fc, color=0x0) returned 0x0
[0309.361] GetNearestColor (hdc=0x780107fc, color=0x8080ff) returned 0x8080ff
[0309.361] GetNearestColor (hdc=0x780107fc, color=0x7373e5) returned 0x7373e5
[0309.361] GetNearestColor (hdc=0x780107fc, color=0xe5) returned 0xe5
[0309.361] GetNearestColor (hdc=0x780107fc, color=0x0) returned 0x0
[0309.361] RestoreDC (hdc=0x780107fc, nSavedDC=-1) returned 1
[0309.361] GdipReleaseDC (graphics=0x6600030, hdc=0x780107fc) returned 0x0
[0309.361] IsAppThemed () returned 0x1
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] IsAppThemed () returned 0x1
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d3577c | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0309.362] IsAppThemed () returned 0x1
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] IsAppThemed () returned 0x1
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] IsAppThemed () returned 0x1
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] IsAppThemed () returned 0x1
[0309.362] GetThemeAppProperties () returned 0x3
[0309.362] GetThemeAppProperties () returned 0x3
[0309.363] IsThemePartDefined () returned 0x1
[0309.363] IsAppThemed () returned 0x1
[0309.363] GetThemeAppProperties () returned 0x3
[0309.363] GetThemeAppProperties () returned 0x3
[0309.363] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0309.363] IsAppThemed () returned 0x1
[0309.363] GetThemeAppProperties () returned 0x3
[0309.363] GetThemeAppProperties () returned 0x3
[0309.363] IsAppThemed () returned 0x1
[0309.363] GetThemeAppProperties () returned 0x3
[0309.363] GetThemeAppProperties () returned 0x3
[0309.363] IsThemePartDefined () returned 0x1
[0309.363] GdipCreateRegion (region=0xd7e194) returned 0x0
[0309.363] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0309.363] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0309.363] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0309.363] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e1ac) returned 0x0
[0309.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.363] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee788) returned 0x0
[0309.363] LocalFree (hMem=0x11ee788) returned 0x0
[0309.363] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.363] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0309.363] LocalFree (hMem=0x11ee868) returned 0x0
[0309.363] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0309.364] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0309.364] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0309.364] GdipGetRegionHRgn (region=0x6646a78, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0309.364] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0309.364] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0309.364] GetCurrentObject (hdc=0x780107fc, type=0x1) returned 0xb00017
[0309.364] GetCurrentObject (hdc=0x780107fc, type=0x2) returned 0x900010
[0309.364] GetCurrentObject (hdc=0x780107fc, type=0x7) returned 0x4a0507fe
[0309.364] GetCurrentObject (hdc=0x780107fc, type=0x6) returned 0x8a01c2
[0309.364] SaveDC (hdc=0x780107fc) returned 1
[0309.364] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf040807
[0309.364] GetClipRgn (hdc=0x780107fc, hrgn=0xf040807) returned 0
[0309.364] SelectClipRgn (hdc=0x780107fc, hrgn=0x910407de) returned 2
[0309.364] DeleteObject (ho=0xf040807) returned 1
[0309.364] DeleteObject (ho=0x910407de) returned 1
[0309.364] OffsetViewportOrgEx (in: hdc=0x780107fc, x=0, y=0, lppt=0x2d35e2c | out: lppt=0x2d35e2c) returned 1
[0309.364] DrawThemeParentBackground () returned 0x0
[0309.365] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0309.365] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0309.365] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.365] GetSystemMetrics (nIndex=42) returned 0
[0309.365] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.365] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0309.365] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0309.365] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0309.365] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0309.365] SelectPalette (hdc=0x780107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.365] GdipCreateFromHDC (hdc=0x780107fc, graphics=0xd7dc88) returned 0x0
[0309.365] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0309.365] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0309.365] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638cf8) returned 0x0
[0309.365] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc60) returned 0x0
[0309.365] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0309.365] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0309.365] GdipGetClip (graphics=0x6639e10, region=0x6646328) returned 0x0
[0309.365] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6639e10, result=0xd7dc54) returned 0x0
[0309.366] GdipDeleteRegion (region=0x6646328) returned 0x0
[0309.366] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc80) returned 0x0
[0309.366] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0309.373] GdipFillRectangleI (graphics=0x6639e10, brush=0x664e648, x=0, y=0, width=801, height=453) returned 0x0
[0309.373] GdipDeleteBrush (brush=0x664e648) returned 0x0
[0309.375] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0309.375] SelectPalette (hdc=0x780107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.375] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.375] GetSystemMetrics (nIndex=42) returned 0
[0309.375] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0309.375] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0309.375] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0309.375] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0309.375] SelectPalette (hdc=0x780107fc, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.375] GdipCreateFromHDC (hdc=0x780107fc, graphics=0xd7dc28) returned 0x0
[0309.375] GdipSetPageUnit (graphics=0x6639e10, unit=0x2) returned 0x0
[0309.375] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0309.376] GdipGetWorldTransform (graphics=0x6639e10, matrix=0x6638bd8) returned 0x0
[0309.376] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc00) returned 0x0
[0309.376] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0309.376] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0309.376] GdipGetClip (graphics=0x6639e10, region=0x6646cb8) returned 0x0
[0309.376] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6639e10, result=0xd7dbf4) returned 0x0
[0309.376] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0309.376] GdipSaveGraphics (graphics=0x6639e10, state=0xd7dc20) returned 0x0
[0309.376] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0309.382] GdipFillRectangleI (graphics=0x6639e10, brush=0x664e030, x=0, y=0, width=801, height=453) returned 0x0
[0309.382] GdipDeleteBrush (brush=0x664e030) returned 0x0
[0309.384] GdipRestoreGraphics (graphics=0x6639e10, state=0xf5420dbd) returned 0x0
[0309.384] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.384] GetSystemMetrics (nIndex=42) returned 0
[0309.384] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.384] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0309.384] GdipDeleteGraphics (graphics=0x6639e10) returned 0x0
[0309.384] SelectPalette (hdc=0x780107fc, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.384] RestoreDC (hdc=0x780107fc, nSavedDC=-1) returned 1
[0309.384] GdipReleaseDC (graphics=0x6600030, hdc=0x780107fc) returned 0x0
[0309.384] IsAppThemed () returned 0x1
[0309.384] GetThemeAppProperties () returned 0x3
[0309.384] GetThemeAppProperties () returned 0x3
[0309.385] IsAppThemed () returned 0x1
[0309.385] GetThemeAppProperties () returned 0x3
[0309.385] GetThemeAppProperties () returned 0x3
[0309.385] IsThemePartDefined () returned 0x1
[0309.385] GdipCreateRegion (region=0xd7e118) returned 0x0
[0309.385] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0309.385] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0309.385] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0309.385] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e130) returned 0x0
[0309.385] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.385] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0309.385] LocalFree (hMem=0x11ee868) returned 0x0
[0309.385] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.385] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0309.385] LocalFree (hMem=0x11ee868) returned 0x0
[0309.385] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0309.385] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e158) returned 0x0
[0309.385] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e148) returned 0x0
[0309.385] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0309.385] GdipDeleteRegion (region=0x6646958) returned 0x0
[0309.385] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0309.385] GetCurrentObject (hdc=0x780107fc, type=0x1) returned 0xb00017
[0309.385] GetCurrentObject (hdc=0x780107fc, type=0x2) returned 0x900010
[0309.385] GetCurrentObject (hdc=0x780107fc, type=0x7) returned 0x4a0507fe
[0309.386] GetCurrentObject (hdc=0x780107fc, type=0x6) returned 0x8a01c2
[0309.386] SaveDC (hdc=0x780107fc) returned 1
[0309.386] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x920407de
[0309.386] GetClipRgn (hdc=0x780107fc, hrgn=0x920407de) returned 0
[0309.386] SelectClipRgn (hdc=0x780107fc, hrgn=0x11040807) returned 2
[0309.386] DeleteObject (ho=0x920407de) returned 1
[0309.386] DeleteObject (ho=0x11040807) returned 1
[0309.386] OffsetViewportOrgEx (in: hdc=0x780107fc, x=0, y=0, lppt=0x2d3c67c | out: lppt=0x2d3c67c) returned 1
[0309.386] IsAppThemed () returned 0x1
[0309.386] GetThemeAppProperties () returned 0x3
[0309.386] GetThemeAppProperties () returned 0x3
[0309.386] DrawThemeBackground () returned 0x0
[0309.386] RestoreDC (hdc=0x780107fc, nSavedDC=-1) returned 1
[0309.386] GdipReleaseDC (graphics=0x6600030, hdc=0x780107fc) returned 0x0
[0309.386] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0309.386] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0309.386] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0309.386] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0309.386] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e134) returned 0x0
[0309.386] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.387] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0309.387] LocalFree (hMem=0x11eec58) returned 0x0
[0309.387] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.387] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eec58) returned 0x0
[0309.387] LocalFree (hMem=0x11eec58) returned 0x0
[0309.387] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0309.387] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0309.387] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0309.387] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0309.387] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0309.387] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0309.387] GetCurrentObject (hdc=0x780107fc, type=0x1) returned 0xb00017
[0309.387] GetCurrentObject (hdc=0x780107fc, type=0x2) returned 0x900010
[0309.387] GetCurrentObject (hdc=0x780107fc, type=0x7) returned 0x4a0507fe
[0309.387] GetCurrentObject (hdc=0x780107fc, type=0x6) returned 0x8a01c2
[0309.387] SaveDC (hdc=0x780107fc) returned 1
[0309.387] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x12040807
[0309.387] GetClipRgn (hdc=0x780107fc, hrgn=0x12040807) returned 0
[0309.388] SelectClipRgn (hdc=0x780107fc, hrgn=0x930407de) returned 2
[0309.388] DeleteObject (ho=0x12040807) returned 1
[0309.388] DeleteObject (ho=0x930407de) returned 1
[0309.388] OffsetViewportOrgEx (in: hdc=0x780107fc, x=0, y=0, lppt=0x2d3c950 | out: lppt=0x2d3c950) returned 1
[0309.388] IsAppThemed () returned 0x1
[0309.388] GetThemeAppProperties () returned 0x3
[0309.388] GetThemeAppProperties () returned 0x3
[0309.388] GetThemeBackgroundContentRect () returned 0x0
[0309.388] RestoreDC (hdc=0x780107fc, nSavedDC=-1) returned 1
[0309.388] GdipReleaseDC (graphics=0x6600030, hdc=0x780107fc) returned 0x0
[0309.388] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0309.388] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0309.388] GdipFillRectangleI (graphics=0x6600030, brush=0x65ffae0, x=4, y=4, width=67, height=15) returned 0x0
[0309.388] GdipDeleteBrush (brush=0x65ffae0) returned 0x0
[0309.388] IsAppThemed () returned 0x1
[0309.389] GetThemeAppProperties () returned 0x3
[0309.389] GetThemeAppProperties () returned 0x3
[0309.389] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0309.389] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0309.389] GetCurrentObject (hdc=0x780107fc, type=0x1) returned 0xb00017
[0309.389] GetCurrentObject (hdc=0x780107fc, type=0x2) returned 0x900010
[0309.389] GetCurrentObject (hdc=0x780107fc, type=0x7) returned 0x4a0507fe
[0309.389] GetCurrentObject (hdc=0x780107fc, type=0x6) returned 0x8a01c2
[0309.389] SaveDC (hdc=0x780107fc) returned 1
[0309.389] GetTextAlign (hdc=0x780107fc) returned 0x0
[0309.389] GetTextColor (hdc=0x780107fc) returned 0x0
[0309.389] GetCurrentObject (hdc=0x780107fc, type=0x6) returned 0x8a01c2
[0309.389] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0309.389] SelectObject (hdc=0x780107fc, h=0x6d0a0520) returned 0x8a01c2
[0309.389] GetBkMode (hdc=0x780107fc) returned 2
[0309.389] SetBkMode (hdc=0x780107fc, mode=1) returned 2
[0309.389] DrawTextExW (in: hdc=0x780107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d3cd14 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0309.390] DrawTextExW (in: hdc=0x780107fc, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d3cd14 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0309.390] RestoreDC (hdc=0x780107fc, nSavedDC=-1) returned 1
[0309.390] GdipReleaseDC (graphics=0x6600030, hdc=0x780107fc) returned 0x0
[0309.390] GetFocus () returned 0x602c4
[0309.390] IsAppThemed () returned 0x1
[0309.390] GetThemeAppProperties () returned 0x3
[0309.390] GetThemeAppProperties () returned 0x3
[0309.390] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0309.390] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x780107fc, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.391] GdipReleaseDC (graphics=0x6600030, hdc=0x780107fc) returned 0x0
[0309.391] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.391] SelectObject (hdc=0x780107fc, h=0x85000f) returned 0x4a0507fe
[0309.391] DeleteDC (hdc=0x780107fc) returned 1
[0309.391] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.391] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0309.391] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d3ce10, cPoints=0x1 | out: lpPoints=0x2d3ce10) returned 40304859
[0309.391] WindowFromPoint (Point=0x100) returned 0x602c4
[0309.391] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x2720100) returned 0x1
[0309.391] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0309.391] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0309.391] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0309.391] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0309.391] GetSystemMetrics (nIndex=42) returned 0
[0309.391] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0309.391] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0309.393] GetCapture () returned 0x602c4
[0309.393] ReleaseCapture () returned 1
[0309.393] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0309.393] GetProcessWindowStation () returned 0x13c
[0309.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.394] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0309.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.394] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0309.394] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0309.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0309.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0309.395] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.395] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0309.395] GetDC (hWnd=0x0) returned 0xf0105ee
[0309.396] GdipCreateFromHDC (hdc=0xf0105ee, graphics=0xd7e6ec) returned 0x0
[0309.396] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0309.396] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.396] ReleaseDC (hWnd=0x0, hDC=0xf0105ee) returned 1
[0309.396] GetSystemMetrics (nIndex=5) returned 1
[0309.396] GetSystemMetrics (nIndex=6) returned 1
[0309.396] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.396] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0309.397] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.397] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0309.399] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0309.399] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0309.400] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.400] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0309.400] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.400] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0309.401] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d4282c | out: lpData=0x2d4282c) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d42c3c, puLen=0xd7e810) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d428e4, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42938, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d429b8, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42a20, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42a60, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42ae8, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42b24, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42b7c, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42bac, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d42be8, puLen=0xd7e790) returned 1
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d42c3c, puLen=0xd7e784) returned 1
[0309.402] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.402] VerQueryValueW (in: pBlock=0x2d4282c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d42854, puLen=0xd7e794) returned 1
[0309.403] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0309.403] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0309.403] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.403] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0309.403] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.403] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0309.404] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d4479c | out: lpData=0x2d4479c) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d44838, puLen=0xd7e810) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d448b0, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d448e0, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4491c, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4494c, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44994, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44a0c, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44a50, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d44a90, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4488e, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d449dc, puLen=0xd7e790) returned 1
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d44838, puLen=0xd7e784) returned 1
[0309.404] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0309.404] VerQueryValueW (in: pBlock=0x2d4479c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d447c4, puLen=0xd7e794) returned 1
[0309.405] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0309.405] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0309.405] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.405] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0309.405] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.405] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0309.406] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d46a74 | out: lpData=0x2d46a74) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d46e88, puLen=0xd7e810) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46b2c, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46b80, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46bdc, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46c3c, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46c94, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46d1c, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46d70, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46dc8, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46df8, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d46e34, puLen=0xd7e790) returned 1
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d46e88, puLen=0xd7e784) returned 1
[0309.407] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.407] VerQueryValueW (in: pBlock=0x2d46a74, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d46a9c, puLen=0xd7e794) returned 1
[0309.408] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0309.408] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0309.408] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.408] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0309.408] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.408] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0309.409] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d490ac | out: lpData=0x2d490ac) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d494ac, puLen=0xd7e810) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49164, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d491b8, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d491f8, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49260, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d492b8, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49340, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49394, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d493ec, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4941c, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d49458, puLen=0xd7e790) returned 1
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d494ac, puLen=0xd7e784) returned 1
[0309.410] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.410] VerQueryValueW (in: pBlock=0x2d490ac, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d490d4, puLen=0xd7e794) returned 1
[0309.411] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0309.411] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0309.411] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.411] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0309.412] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.412] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0309.412] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d4b7e8 | out: lpData=0x2d4b7e8) returned 1
[0309.413] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4bbb0, puLen=0xd7e810) returned 1
[0309.413] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b8a0, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b8f4, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b934, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b99c, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4b9d8, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ba60, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ba98, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4baf0, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4bb20, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4bb5c, puLen=0xd7e790) returned 1
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4bbb0, puLen=0xd7e784) returned 1
[0309.414] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.414] VerQueryValueW (in: pBlock=0x2d4b7e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d4b810, puLen=0xd7e794) returned 1
[0309.415] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0309.415] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0309.415] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.415] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0309.415] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.415] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0309.416] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2d4ee50 | out: lpData=0x2d4ee50) returned 1
[0309.416] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d4f230, puLen=0xd7e810) returned 1
[0309.416] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ef08, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ef5c, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4ef9c, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4effc, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f048, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f0d0, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f118, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f170, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f1a0, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d4f1dc, puLen=0xd7e790) returned 1
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d4f230, puLen=0xd7e784) returned 1
[0309.417] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.417] VerQueryValueW (in: pBlock=0x2d4ee50, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d4ee78, puLen=0xd7e794) returned 1
[0309.418] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0309.418] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0309.418] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.418] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0309.418] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.418] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0309.419] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2d51670 | out: lpData=0x2d51670) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d51a7c, puLen=0xd7e810) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51728, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5177c, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d517d0, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51830, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51888, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51910, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51964, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d519bc, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d519ec, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d51a28, puLen=0xd7e790) returned 1
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d51a7c, puLen=0xd7e784) returned 1
[0309.420] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.420] VerQueryValueW (in: pBlock=0x2d51670, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d51698, puLen=0xd7e794) returned 1
[0309.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0309.421] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0309.421] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.421] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0309.421] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.421] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0309.422] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d53e84 | out: lpData=0x2d53e84) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d5425c, puLen=0xd7e810) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53f3c, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53f90, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d53fd0, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54038, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5407c, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54104, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54144, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5419c, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d541cc, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d54208, puLen=0xd7e790) returned 1
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d5425c, puLen=0xd7e784) returned 1
[0309.423] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.423] VerQueryValueW (in: pBlock=0x2d53e84, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d53eac, puLen=0xd7e794) returned 1
[0309.424] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0309.424] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0309.424] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.424] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0309.424] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.424] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0309.425] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2d563dc | out: lpData=0x2d563dc) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d567b4, puLen=0xd7e810) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56494, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d564e8, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56528, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56590, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d565d4, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5665c, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d5669c, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d566f4, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56724, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d56760, puLen=0xd7e790) returned 1
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d567b4, puLen=0xd7e784) returned 1
[0309.426] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.426] VerQueryValueW (in: pBlock=0x2d563dc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d56404, puLen=0xd7e794) returned 1
[0309.427] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0309.427] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0309.427] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0309.427] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0309.427] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0309.427] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0309.428] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2d58b14 | out: lpData=0x2d58b14) returned 1
[0309.428] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d58f44, puLen=0xd7e810) returned 1
[0309.428] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58bcc, puLen=0xd7e790) returned 1
[0309.428] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58c20, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58c90, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58cf0, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58d4c, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58dd4, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58e2c, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58e84, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58eb4, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d58ef0, puLen=0xd7e790) returned 1
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d58f44, puLen=0xd7e784) returned 1
[0309.429] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0309.429] VerQueryValueW (in: pBlock=0x2d58b14, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d58b3c, puLen=0xd7e794) returned 1
[0309.429] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0309.430] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.430] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0309.430] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.430] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.430] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3102c8
[0309.431] SetWindowLongW (hWnd=0x3102c8, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0309.431] GetWindowLongW (hWnd=0x3102c8, nIndex=-4) returned 1950089536
[0309.431] SetWindowLongW (hWnd=0x3102c8, nIndex=-4, dwNewLong=19941550) returned 1950089536
[0309.432] GetWindowLongW (hWnd=0x3102c8, nIndex=-4) returned 19941550
[0309.432] GetWindowLongW (hWnd=0x3102c8, nIndex=-16) returned 113311744
[0309.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0309.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0309.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0309.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0309.433] GetClientRect (in: hWnd=0x3102c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0309.433] GetWindowRect (in: hWnd=0x3102c8, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0309.433] SetWindowTextW (hWnd=0x3102c8, lpString="WindowsFormsParkingWindow") returned 1
[0309.433] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0xc, wParam=0x0, lParam=0x2d1e0c4) returned 0x1
[0309.433] GetParent (hWnd=0x3102c8) returned 0x0
[0309.434] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.434] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3102c8, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3a00ea
[0309.434] SetWindowLongW (hWnd=0x3a00ea, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0309.434] GetWindowLongW (hWnd=0x3a00ea, nIndex=-4) returned 1868147648
[0309.434] SetWindowLongW (hWnd=0x3a00ea, nIndex=-4, dwNewLong=19940710) returned 1868147648
[0309.435] GetWindowLongW (hWnd=0x3a00ea, nIndex=-4) returned 19940710
[0309.435] GetWindowLongW (hWnd=0x3a00ea, nIndex=-16) returned 1174405133
[0309.435] GetWindowLongW (hWnd=0x3a00ea, nIndex=-12) returned 0
[0309.435] SetWindowLongW (hWnd=0x3a00ea, nIndex=-12, dwNewLong=3801322) returned 0
[0309.435] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0309.435] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0309.435] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0309.436] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0309.436] GetWindowRect (in: hWnd=0x3a00ea, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0309.436] GetParent (hWnd=0x3a00ea) returned 0x3102c8
[0309.436] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102c8, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0309.436] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0309.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0309.437] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0309.437] GetWindowRect (in: hWnd=0x3a00ea, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0309.437] GetParent (hWnd=0x3a00ea) returned 0x3102c8
[0309.437] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102c8, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0309.437] SendMessageW (hWnd=0x3a00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3a00ea) returned 0x0
[0309.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3a00ea) returned 0x0
[0309.437] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.437] GetParent (hWnd=0x3a00ea) returned 0x3102c8
[0309.437] GdipCreateFromHWND (hwnd=0x3a00ea, graphics=0xd7e844) returned 0x0
[0309.437] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0309.438] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.438] GetForegroundWindow () returned 0x602c4
[0309.438] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.438] GetCursorPos (in: lpPoint=0x2d5ce20 | out: lpPoint=0x2d5ce20*(x=256, y=626)) returned 1
[0309.438] MonitorFromPoint (pt=0x100, dwFlags=0x272) returned 0x10001
[0309.438] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0309.439] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7b0107fc
[0309.439] GetDeviceCaps (hdc=0x7b0107fc, index=12) returned 32
[0309.439] GetDeviceCaps (hdc=0x7b0107fc, index=14) returned 1
[0309.439] DeleteDC (hdc=0x7b0107fc) returned 1
[0309.439] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0309.439] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0309.439] GetSystemMetrics (nIndex=59) returned 1460
[0309.439] GetSystemMetrics (nIndex=60) returned 920
[0309.439] GetSystemMetrics (nIndex=34) returned 136
[0309.439] GetSystemMetrics (nIndex=35) returned 39
[0309.440] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.440] GetCursorPos (in: lpPoint=0x2d5d08c | out: lpPoint=0x2d5d08c*(x=256, y=626)) returned 1
[0309.440] MonitorFromPoint (pt=0x101, dwFlags=0x26f) returned 0x10001
[0309.440] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0309.440] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7c0107fc
[0309.440] GetDeviceCaps (hdc=0x7c0107fc, index=12) returned 32
[0309.440] GetDeviceCaps (hdc=0x7c0107fc, index=14) returned 1
[0309.440] DeleteDC (hdc=0x7c0107fc) returned 1
[0309.440] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0309.440] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0309.441] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.441] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0309.441] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2d5d324 | out: piconinfo=0x2d5d324) returned 1
[0309.441] GetObjectW (in: h=0x950507f3, c=24, pv=0x2d5d340 | out: pv=0x2d5d340) returned 24
[0309.441] GdipCreateBitmapFromHBITMAP (hbm=0x950507f3, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0309.441] GdipGetImageWidth (image=0x6601360, width=0xd7e750) returned 0x0
[0309.441] GdipGetImageHeight (image=0x6601360, height=0xd7e748) returned 0x0
[0309.441] GdipGetImagePixelFormat (image=0x6601360, format=0xd7e740) returned 0x0
[0309.441] GdipBitmapLockBits (bitmap=0x6601360, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2d5d3f8) returned 0x0
[0309.441] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0309.442] GdipBitmapLockBits (bitmap=0x6602080, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2d5d430) returned 0x0
[0309.442] RtlMoveMemory (in: Destination=0x6660f58, Source=0x665deb8, Length=0x80 | out: Destination=0x6660f58)
[0309.442] RtlMoveMemory (in: Destination=0x6660fd8, Source=0x665de38, Length=0x80 | out: Destination=0x6660fd8)
[0309.442] RtlMoveMemory (in: Destination=0x6661058, Source=0x665ddb8, Length=0x80 | out: Destination=0x6661058)
[0309.442] RtlMoveMemory (in: Destination=0x66610d8, Source=0x665dd38, Length=0x80 | out: Destination=0x66610d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661158, Source=0x665dcb8, Length=0x80 | out: Destination=0x6661158)
[0309.442] RtlMoveMemory (in: Destination=0x66611d8, Source=0x665dc38, Length=0x80 | out: Destination=0x66611d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661258, Source=0x665dbb8, Length=0x80 | out: Destination=0x6661258)
[0309.442] RtlMoveMemory (in: Destination=0x66612d8, Source=0x665db38, Length=0x80 | out: Destination=0x66612d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661358, Source=0x665dab8, Length=0x80 | out: Destination=0x6661358)
[0309.442] RtlMoveMemory (in: Destination=0x66613d8, Source=0x665da38, Length=0x80 | out: Destination=0x66613d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661458, Source=0x665d9b8, Length=0x80 | out: Destination=0x6661458)
[0309.442] RtlMoveMemory (in: Destination=0x66614d8, Source=0x665d938, Length=0x80 | out: Destination=0x66614d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661558, Source=0x665d8b8, Length=0x80 | out: Destination=0x6661558)
[0309.442] RtlMoveMemory (in: Destination=0x66615d8, Source=0x665d838, Length=0x80 | out: Destination=0x66615d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661658, Source=0x665d7b8, Length=0x80 | out: Destination=0x6661658)
[0309.442] RtlMoveMemory (in: Destination=0x66616d8, Source=0x665d738, Length=0x80 | out: Destination=0x66616d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661758, Source=0x665d6b8, Length=0x80 | out: Destination=0x6661758)
[0309.442] RtlMoveMemory (in: Destination=0x66617d8, Source=0x665d638, Length=0x80 | out: Destination=0x66617d8)
[0309.442] RtlMoveMemory (in: Destination=0x6661858, Source=0x665d5b8, Length=0x80 | out: Destination=0x6661858)
[0309.442] RtlMoveMemory (in: Destination=0x66618d8, Source=0x665d538, Length=0x80 | out: Destination=0x66618d8)
[0309.443] RtlMoveMemory (in: Destination=0x6661958, Source=0x665d4b8, Length=0x80 | out: Destination=0x6661958)
[0309.443] RtlMoveMemory (in: Destination=0x66619d8, Source=0x665d438, Length=0x80 | out: Destination=0x66619d8)
[0309.443] RtlMoveMemory (in: Destination=0x6661a58, Source=0x665d3b8, Length=0x80 | out: Destination=0x6661a58)
[0309.443] RtlMoveMemory (in: Destination=0x6661ad8, Source=0x665d338, Length=0x80 | out: Destination=0x6661ad8)
[0309.443] RtlMoveMemory (in: Destination=0x6661b58, Source=0x665d2b8, Length=0x80 | out: Destination=0x6661b58)
[0309.443] RtlMoveMemory (in: Destination=0x6661bd8, Source=0x665d238, Length=0x80 | out: Destination=0x6661bd8)
[0309.443] RtlMoveMemory (in: Destination=0x6661c58, Source=0x665d1b8, Length=0x80 | out: Destination=0x6661c58)
[0309.443] RtlMoveMemory (in: Destination=0x6661cd8, Source=0x665d138, Length=0x80 | out: Destination=0x6661cd8)
[0309.443] RtlMoveMemory (in: Destination=0x6661d58, Source=0x665d0b8, Length=0x80 | out: Destination=0x6661d58)
[0309.443] RtlMoveMemory (in: Destination=0x6661dd8, Source=0x665d038, Length=0x80 | out: Destination=0x6661dd8)
[0309.443] RtlMoveMemory (in: Destination=0x6661e58, Source=0x665cfb8, Length=0x80 | out: Destination=0x6661e58)
[0309.443] RtlMoveMemory (in: Destination=0x6661ed8, Source=0x665cf38, Length=0x80 | out: Destination=0x6661ed8)
[0309.443] GdipBitmapUnlockBits (bitmap=0x6601360, lockedBitmapData=0x2d5d3f8) returned 0x0
[0309.443] GdipBitmapUnlockBits (bitmap=0x6602080, lockedBitmapData=0x2d5d430) returned 0x0
[0309.443] GdipDisposeImage (image=0x6601360) returned 0x0
[0309.443] DeleteObject (ho=0x950507f3) returned 1
[0309.443] DeleteObject (ho=0x7d0507fc) returned 1
[0309.443] GetCurrentThreadId () returned 0xf50
[0309.443] GetCurrentThreadId () returned 0xf50
[0309.443] SetWindowPos (hWnd=0x3a00ea, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0309.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0309.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0309.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0309.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0309.444] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0309.444] GetWindowRect (in: hWnd=0x3a00ea, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0309.444] GetParent (hWnd=0x3a00ea) returned 0x3102c8
[0309.444] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102c8, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0309.444] InvalidateRect (hWnd=0x3a00ea, lpRect=0x0, bErase=1) returned 1
[0309.444] GetWindowTextLengthW (hWnd=0x3a00ea) returned 0
[0309.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0309.444] GetSystemMetrics (nIndex=42) returned 0
[0309.444] GetWindowTextW (in: hWnd=0x3a00ea, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0309.444] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0309.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0309.445] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0309.445] GetWindowRect (in: hWnd=0x3a00ea, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0309.445] GetParent (hWnd=0x3a00ea) returned 0x3102c8
[0309.445] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3102c8, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0309.445] GetWindowTextLengthW (hWnd=0x3a00ea) returned 0
[0309.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0309.445] GetSystemMetrics (nIndex=42) returned 0
[0309.445] GetWindowTextW (in: hWnd=0x3a00ea, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0309.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0309.445] GetWindowTextLengthW (hWnd=0x3a00ea) returned 0
[0309.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0309.445] GetSystemMetrics (nIndex=42) returned 0
[0309.445] GetWindowTextW (in: hWnd=0x3a00ea, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0309.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0309.445] SetWindowTextW (hWnd=0x3a00ea, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0309.445] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xc, wParam=0x0, lParam=0x2d3e404) returned 0x1
[0309.445] InvalidateRect (hWnd=0x3a00ea, lpRect=0x0, bErase=1) returned 1
[0309.445] GetCurrentThreadId () returned 0xf50
[0309.445] GetWindowThreadProcessId (in: hWnd=0x3a00ea, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0309.446] GdipCreateBitmapFromStream (stream=0x509fe70, bitmap=0xd7e840) returned 0x0
[0309.447] GdipImageForceValidation (image=0x6601360) returned 0x0
[0309.448] GdipGetImageRawFormat (image=0x6601360, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0309.448] GdipGetImageHeight (image=0x6601360, height=0xd7e824) returned 0x0
[0309.448] GdipGetImageWidth (image=0x6601360, width=0xd7e824) returned 0x0
[0309.448] GdipGetImageWidth (image=0x6601360, width=0xd7e810) returned 0x0
[0309.448] GdipGetImageHeight (image=0x6601360, height=0xd7e810) returned 0x0
[0309.448] GdipGetImageWidth (image=0x6601360, width=0xd7e800) returned 0x0
[0309.448] GdipGetImageHeight (image=0x6601360, height=0xd7e800) returned 0x0
[0309.448] GdipBitmapGetPixel (bitmap=0x6601360, x=0, y=15, color=0xd7e810) returned 0x0
[0309.448] GdipGetImageRawFormat (image=0x6601360, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0309.448] GdipGetImageWidth (image=0x6601360, width=0xd7e740) returned 0x0
[0309.448] GdipGetImageHeight (image=0x6601360, height=0xd7e740) returned 0x0
[0309.448] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0309.448] GdipGetImagePixelFormat (image=0x66016a8, format=0xd7e740) returned 0x0
[0309.448] GdipGetImageGraphicsContext (image=0x66016a8, graphics=0xd7e74c) returned 0x0
[0309.448] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0309.449] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0309.449] GdipSetImageAttributesColorKeys (imageattr=0x6638cc8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0309.449] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6601360, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638cc8, callback=0x0, callbackData=0x0) returned 0x0
[0309.449] GdipDisposeImageAttributes (imageattr=0x6638cc8) returned 0x0
[0309.449] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.449] GdipDisposeImage (image=0x6601360) returned 0x0
[0309.449] GdipCreateBitmapFromStream (stream=0x509fe90, bitmap=0xd7e840) returned 0x0
[0309.452] GdipImageForceValidation (image=0x6600640) returned 0x0
[0309.453] GdipGetImageRawFormat (image=0x6600640, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0309.453] GdipGetImageHeight (image=0x6600640, height=0xd7e824) returned 0x0
[0309.453] GdipGetImageWidth (image=0x6600640, width=0xd7e824) returned 0x0
[0309.453] GdipGetImageWidth (image=0x6600640, width=0xd7e810) returned 0x0
[0309.453] GdipGetImageHeight (image=0x6600640, height=0xd7e810) returned 0x0
[0309.453] GdipGetImageWidth (image=0x6600640, width=0xd7e800) returned 0x0
[0309.453] GdipGetImageHeight (image=0x6600640, height=0xd7e800) returned 0x0
[0309.453] GdipBitmapGetPixel (bitmap=0x6600640, x=0, y=15, color=0xd7e810) returned 0x0
[0309.453] GdipGetImageRawFormat (image=0x6600640, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0309.453] GdipGetImageWidth (image=0x6600640, width=0xd7e740) returned 0x0
[0309.453] GdipGetImageHeight (image=0x6600640, height=0xd7e740) returned 0x0
[0309.453] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0309.454] GdipGetImagePixelFormat (image=0x6601d38, format=0xd7e740) returned 0x0
[0309.454] GdipGetImageGraphicsContext (image=0x6601d38, graphics=0xd7e74c) returned 0x0
[0309.454] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0309.454] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0309.454] GdipSetImageAttributesColorKeys (imageattr=0x6638a88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0309.454] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6600640, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638a88, callback=0x0, callbackData=0x0) returned 0x0
[0309.454] GdipDisposeImageAttributes (imageattr=0x6638a88) returned 0x0
[0309.454] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.454] GdipDisposeImage (image=0x6600640) returned 0x0
[0309.455] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.455] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0309.455] GetCurrentThreadId () returned 0xf50
[0309.455] GetCurrentThreadId () returned 0xf50
[0309.455] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.455] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0309.455] GetCurrentThreadId () returned 0xf50
[0309.455] GetCurrentThreadId () returned 0xf50
[0309.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.456] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0309.456] GetCurrentThreadId () returned 0xf50
[0309.456] GetCurrentThreadId () returned 0xf50
[0309.456] GetSystemMetrics (nIndex=5) returned 1
[0309.456] GetSystemMetrics (nIndex=6) returned 1
[0309.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.456] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0309.456] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.456] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0309.457] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.457] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0309.457] GetCurrentThreadId () returned 0xf50
[0309.457] GetCurrentThreadId () returned 0xf50
[0309.457] GetProcessWindowStation () returned 0x13c
[0309.457] GetCapture () returned 0x0
[0309.457] GetActiveWindow () returned 0x7005c
[0309.457] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0309.457] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.457] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0309.457] GetCursorPos (in: lpPoint=0x2d5e570 | out: lpPoint=0x2d5e570*(x=256, y=626)) returned 1
[0309.457] MonitorFromPoint (pt=0x100, dwFlags=0x272) returned 0x10001
[0309.458] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0309.458] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x7e0107fc
[0309.458] GetDeviceCaps (hdc=0x7e0107fc, index=12) returned 32
[0309.458] GetDeviceCaps (hdc=0x7e0107fc, index=14) returned 1
[0309.458] DeleteDC (hdc=0x7e0107fc) returned 1
[0309.458] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0309.458] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.458] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="Microsoft .NET Framework", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3702da
[0309.459] SetWindowLongW (hWnd=0x3702da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0309.459] GetWindowLongW (hWnd=0x3702da, nIndex=-4) returned 1950089536
[0309.459] SetWindowLongW (hWnd=0x3702da, nIndex=-4, dwNewLong=19941190) returned 1950089536
[0309.459] GetWindowLongW (hWnd=0x3702da, nIndex=-4) returned 19941190
[0309.459] GetWindowLongW (hWnd=0x3702da, nIndex=-16) returned 113770496
[0309.459] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0309.460] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0309.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0309.461] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0309.461] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0309.461] SetWindowTextW (hWnd=0x3702da, lpString="Microsoft .NET Framework") returned 1
[0309.461] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xc, wParam=0x0, lParam=0x2c2f45c) returned 0x1
[0309.462] GetStartupInfoW (in: lpStartupInfo=0x2d5e8ac | out: lpStartupInfo=0x2d5e8ac*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0309.463] GetParent (hWnd=0x3702da) returned 0x0
[0309.463] SetWindowLongW (hWnd=0x3702da, nIndex=-8, dwNewLong=0) returned 0
[0309.464] SendMessageW (hWnd=0x3702da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0309.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0309.464] SendMessageW (hWnd=0x3702da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0309.464] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0309.464] GetSystemMenu (hWnd=0x3702da, bRevert=0) returned 0x610087
[0309.464] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0309.465] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0309.465] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0309.465] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0309.465] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0309.465] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0309.465] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0309.465] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0309.465] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0309.465] SetWindowPos (hWnd=0x3702da, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0309.465] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0309.467] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3702da) returned 0x1
[0309.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0309.469] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0309.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.470] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.471] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.472] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3702da, lParam=0x0) returned 0x0
[0309.472] GetCapture () returned 0x0
[0309.472] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0309.474] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0309.475] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0309.476] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.476] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0309.476] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0309.477] GetParent (hWnd=0x3702da) returned 0x0
[0309.477] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.477] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0309.479] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0309.479] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0309.479] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0309.479] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0309.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.481] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.482] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.482] GetWindowLongW (hWnd=0x3702da, nIndex=-16) returned 113770496
[0309.482] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.482] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.482] GetSystemMetrics (nIndex=42) returned 0
[0309.483] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0309.483] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.483] GetSystemMetrics (nIndex=42) returned 0
[0309.483] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7e734, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.483] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7e734) returned 0x18
[0309.483] GetCursorPos (in: lpPoint=0x2d5eb78 | out: lpPoint=0x2d5eb78*(x=256, y=626)) returned 1
[0309.483] MonitorFromPoint (pt=0x100, dwFlags=0x272) returned 0x10001
[0309.483] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0309.483] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3a010781
[0309.483] GetDeviceCaps (hdc=0x3a010781, index=12) returned 32
[0309.483] GetDeviceCaps (hdc=0x3a010781, index=14) returned 1
[0309.484] DeleteDC (hdc=0x3a010781) returned 1
[0309.484] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0309.484] GetWindowLongW (hWnd=0x3702da, nIndex=-16) returned 113770496
[0309.484] GetWindowLongW (hWnd=0x3702da, nIndex=-20) returned 327945
[0309.484] SetWindowLongW (hWnd=0x3702da, nIndex=-16, dwNewLong=46661632) returned 113770496
[0309.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0309.484] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0309.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.486] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.487] SetWindowLongW (hWnd=0x3702da, nIndex=-20, dwNewLong=327681) returned 327945
[0309.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0309.487] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0309.488] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.489] SetWindowPos (hWnd=0x3702da, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0309.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0309.489] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0309.490] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0309.490] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0309.490] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0309.490] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0309.491] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.492] RedrawWindow (hWnd=0x3702da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0309.492] GetSystemMenu (hWnd=0x3702da, bRevert=0) returned 0x610087
[0309.492] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0309.492] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0309.492] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0309.493] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0309.493] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0309.493] EnableMenuItem (hMenu=0x610087, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0309.493] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0309.493] GetWindowLongW (hWnd=0x3702da, nIndex=-8) returned 0
[0309.493] SetWindowLongW (hWnd=0x3702da, nIndex=-8, dwNewLong=458844) returned 0
[0309.494] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0309.494] GetProcessWindowStation () returned 0x13c
[0309.494] GetCurrentThreadId () returned 0xf50
[0309.495] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304656, lParam=0x0) returned 1
[0309.495] IsWindowVisible (hWnd=0x3702da) returned 0
[0309.495] IsWindowVisible (hWnd=0x7005c) returned 1
[0309.495] IsWindowEnabled (hWnd=0x7005c) returned 1
[0309.495] IsWindowVisible (hWnd=0x300ec) returned 0
[0309.495] IsWindowVisible (hWnd=0x502c6) returned 0
[0309.495] IsWindowVisible (hWnd=0x502be) returned 0
[0309.495] GetActiveWindow () returned 0x3702da
[0309.495] GetFocus () returned 0x3702da
[0309.495] IsWindow (hWnd=0x7005c) returned 1
[0309.495] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0309.495] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0309.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0309.496] GetWindowLongW (hWnd=0x3702da, nIndex=-8) returned 458844
[0309.496] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0309.496] GetCurrentThreadId () returned 0xf50
[0309.496] GetWindowLongW (hWnd=0x3702da, nIndex=-8) returned 458844
[0309.496] IsWindowEnabled (hWnd=0x7005c) returned 0
[0309.496] IsWindowEnabled (hWnd=0x3702da) returned 1
[0309.496] ShowWindow (hWnd=0x3702da, nCmdShow=5) returned 0
[0309.496] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.496] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0309.497] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.502] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.502] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3702da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3702dc
[0309.502] SetWindowLongW (hWnd=0x3702dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0309.503] GetWindowLongW (hWnd=0x3702dc, nIndex=-4) returned 1950089536
[0309.503] SetWindowLongW (hWnd=0x3702dc, nIndex=-4, dwNewLong=19940830) returned 1950089536
[0309.503] GetWindowLongW (hWnd=0x3702dc, nIndex=-4) returned 19940830
[0309.503] GetWindowLongW (hWnd=0x3702dc, nIndex=-16) returned 1174405120
[0309.503] GetWindowLongW (hWnd=0x3702dc, nIndex=-12) returned 0
[0309.503] SetWindowLongW (hWnd=0x3702dc, nIndex=-12, dwNewLong=3605212) returned 0
[0309.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0309.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0309.504] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0309.504] GetWindow (hWnd=0x3702dc, uCmd=0x3) returned 0x0
[0309.504] GetClientRect (in: hWnd=0x3702dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0309.504] GetWindowRect (in: hWnd=0x3702dc, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0309.504] GetParent (hWnd=0x3702dc) returned 0x3702da
[0309.504] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0309.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0309.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0309.505] GetClientRect (in: hWnd=0x3702dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0309.505] GetWindowRect (in: hWnd=0x3702dc, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0309.505] GetParent (hWnd=0x3702dc) returned 0x3702da
[0309.505] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0309.505] SendMessageW (hWnd=0x3702dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3702dc) returned 0x0
[0309.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3702dc) returned 0x0
[0309.505] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.506] GetParent (hWnd=0x3702dc) returned 0x3702da
[0309.506] GetParent (hWnd=0x3a00ea) returned 0x3102c8
[0309.506] SetParent (hWndChild=0x3a00ea, hWndNewParent=0x3702da) returned 0x3102c8
[0309.506] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0309.506] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0309.507] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0309.507] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0309.507] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0309.507] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0309.507] GetWindowRect (in: hWnd=0x3a00ea, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0309.507] GetParent (hWnd=0x3a00ea) returned 0x3702da
[0309.507] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0309.507] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0309.507] GetWindowRect (in: hWnd=0x3a00ea, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0309.507] GetParent (hWnd=0x3a00ea) returned 0x3702da
[0309.507] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0309.507] GetParent (hWnd=0x3a00ea) returned 0x3702da
[0309.507] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.508] GetWindow (hWnd=0x3a00ea, uCmd=0x3) returned 0x0
[0309.508] SetWindowPos (hWnd=0x3a00ea, hWndInsertAfter=0x3702dc, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0309.508] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0309.508] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0309.509] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0309.509] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0309.509] GetWindowRect (in: hWnd=0x3a00ea, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0309.509] GetParent (hWnd=0x3a00ea) returned 0x3702da
[0309.509] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0309.509] GetParent (hWnd=0x3a00ea) returned 0x3702da
[0309.509] GetWindow (hWnd=0x3a00ea, uCmd=0x3) returned 0x3702dc
[0309.509] GetWindowThreadProcessId (in: hWnd=0x3a00ea, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0309.509] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0309.509] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.510] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.510] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3702da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3902d8
[0309.510] SetWindowLongW (hWnd=0x3902d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0309.510] GetWindowLongW (hWnd=0x3902d8, nIndex=-4) returned 1868032000
[0309.511] SetWindowLongW (hWnd=0x3902d8, nIndex=-4, dwNewLong=19941510) returned 1868032000
[0309.511] GetWindowLongW (hWnd=0x3902d8, nIndex=-4) returned 19941510
[0309.511] GetWindowLongW (hWnd=0x3902d8, nIndex=-16) returned 1174470667
[0309.511] GetWindowLongW (hWnd=0x3902d8, nIndex=-12) returned 0
[0309.511] SetWindowLongW (hWnd=0x3902d8, nIndex=-12, dwNewLong=3736280) returned 0
[0309.511] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0309.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0309.512] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0309.522] SendMessageW (hWnd=0x3902d8, Msg=0x2055, wParam=0x3902d8, lParam=0x3) returned 0x2
[0309.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0309.522] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0309.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0309.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0309.522] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0309.522] RedrawWindow (hWnd=0x3702dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0309.522] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0309.522] RedrawWindow (hWnd=0x3a00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0309.523] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0309.523] RedrawWindow (hWnd=0x3902d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0309.523] RedrawWindow (hWnd=0x3702da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0309.523] GetWindow (hWnd=0x3902d8, uCmd=0x3) returned 0x3a00ea
[0309.523] GetClientRect (in: hWnd=0x3902d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0309.523] GetWindowRect (in: hWnd=0x3902d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0309.523] GetParent (hWnd=0x3902d8) returned 0x3702da
[0309.523] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0309.523] SetWindowTextW (hWnd=0x3902d8, lpString="&Details") returned 1
[0309.523] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0309.524] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0309.524] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0309.524] GetClientRect (in: hWnd=0x3902d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0309.524] GetWindowRect (in: hWnd=0x3902d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0309.524] GetParent (hWnd=0x3902d8) returned 0x3702da
[0309.524] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0309.524] SendMessageW (hWnd=0x3902d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3902d8) returned 0x0
[0309.524] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3902d8) returned 0x0
[0309.525] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.525] GetParent (hWnd=0x3902d8) returned 0x3702da
[0309.525] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0309.525] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.526] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.526] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3702da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3702de
[0309.526] SetWindowLongW (hWnd=0x3702de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0309.527] GetWindowLongW (hWnd=0x3702de, nIndex=-4) returned 1868032000
[0309.527] SetWindowLongW (hWnd=0x3702de, nIndex=-4, dwNewLong=19940870) returned 1868032000
[0309.527] GetWindowLongW (hWnd=0x3702de, nIndex=-4) returned 19940870
[0309.527] GetWindowLongW (hWnd=0x3702de, nIndex=-16) returned 1174470667
[0309.527] GetWindowLongW (hWnd=0x3702de, nIndex=-12) returned 0
[0309.527] SetWindowLongW (hWnd=0x3702de, nIndex=-12, dwNewLong=3605214) returned 0
[0309.527] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0309.529] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0309.529] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0309.530] SendMessageW (hWnd=0x3702de, Msg=0x2055, wParam=0x3702de, lParam=0x3) returned 0x2
[0309.530] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0309.530] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0309.530] GetWindow (hWnd=0x3702de, uCmd=0x3) returned 0x3902d8
[0309.530] GetClientRect (in: hWnd=0x3702de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0309.530] GetWindowRect (in: hWnd=0x3702de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0309.530] GetParent (hWnd=0x3702de) returned 0x3702da
[0309.530] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0309.531] SetWindowTextW (hWnd=0x3702de, lpString="&Continue") returned 1
[0309.531] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0309.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0309.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0309.532] GetClientRect (in: hWnd=0x3702de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0309.532] GetWindowRect (in: hWnd=0x3702de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0309.532] GetParent (hWnd=0x3702de) returned 0x3702da
[0309.532] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0309.532] SendMessageW (hWnd=0x3702de, Msg=0x2210, wParam=0x2de0001, lParam=0x3702de) returned 0x0
[0309.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x2210, wParam=0x2de0001, lParam=0x3702de) returned 0x0
[0309.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.533] GetParent (hWnd=0x3702de) returned 0x3702da
[0309.533] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0309.533] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.534] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.534] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3702da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2c02d0
[0309.534] SetWindowLongW (hWnd=0x2c02d0, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0309.534] GetWindowLongW (hWnd=0x2c02d0, nIndex=-4) returned 1868032000
[0309.535] SetWindowLongW (hWnd=0x2c02d0, nIndex=-4, dwNewLong=19941230) returned 1868032000
[0309.535] GetWindowLongW (hWnd=0x2c02d0, nIndex=-4) returned 19941230
[0309.535] GetWindowLongW (hWnd=0x2c02d0, nIndex=-16) returned 1174470667
[0309.535] GetWindowLongW (hWnd=0x2c02d0, nIndex=-12) returned 0
[0309.535] SetWindowLongW (hWnd=0x2c02d0, nIndex=-12, dwNewLong=2884304) returned 0
[0309.535] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0309.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0309.536] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0309.537] SendMessageW (hWnd=0x2c02d0, Msg=0x2055, wParam=0x2c02d0, lParam=0x3) returned 0x2
[0309.537] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0309.537] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0309.537] GetWindow (hWnd=0x2c02d0, uCmd=0x3) returned 0x3702de
[0309.537] GetClientRect (in: hWnd=0x2c02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0309.537] GetWindowRect (in: hWnd=0x2c02d0, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0309.537] GetParent (hWnd=0x2c02d0) returned 0x3702da
[0309.537] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0309.537] SetWindowTextW (hWnd=0x2c02d0, lpString="&Quit") returned 1
[0309.537] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0309.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0309.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0309.538] GetClientRect (in: hWnd=0x2c02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0309.538] GetWindowRect (in: hWnd=0x2c02d0, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0309.538] GetParent (hWnd=0x2c02d0) returned 0x3702da
[0309.538] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0309.538] SendMessageW (hWnd=0x2c02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2c02d0) returned 0x0
[0309.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2c02d0) returned 0x0
[0309.538] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.539] GetParent (hWnd=0x2c02d0) returned 0x3702da
[0309.539] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0309.539] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.540] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0309.540] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3702da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d02ce
[0309.540] SetWindowLongW (hWnd=0x2d02ce, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0309.540] GetWindowLongW (hWnd=0x2d02ce, nIndex=-4) returned 1868026976
[0309.541] SetWindowLongW (hWnd=0x2d02ce, nIndex=-4, dwNewLong=19940910) returned 1868026976
[0309.541] GetWindowLongW (hWnd=0x2d02ce, nIndex=-4) returned 19940910
[0309.541] GetWindowLongW (hWnd=0x2d02ce, nIndex=-16) returned 1177553092
[0309.541] GetWindowLongW (hWnd=0x2d02ce, nIndex=-12) returned 0
[0309.541] SetWindowLongW (hWnd=0x2d02ce, nIndex=-12, dwNewLong=2949838) returned 0
[0309.541] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0309.542] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0309.543] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0309.590] GetWindow (hWnd=0x2d02ce, uCmd=0x3) returned 0x2c02d0
[0309.590] GetClientRect (in: hWnd=0x2d02ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0309.590] GetWindowRect (in: hWnd=0x2d02ce, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0309.590] GetParent (hWnd=0x2d02ce) returned 0x3702da
[0309.590] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0309.590] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.590] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.591] GetSystemMetrics (nIndex=42) returned 0
[0309.591] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7d830, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.591] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7d830) returned 0x18
[0309.591] SendMessageW (hWnd=0x2d02ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0309.591] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0309.595] SetWindowTextW (hWnd=0x2d02ce, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0309.595] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0xc, wParam=0x0, lParam=0x2d5a86c) returned 0x1
[0309.597] GetSystemMetrics (nIndex=5) returned 1
[0309.597] GetSystemMetrics (nIndex=6) returned 1
[0309.597] SendMessageW (hWnd=0x2d02ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0309.597] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0309.597] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0309.599] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0309.599] GetClientRect (in: hWnd=0x2d02ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0309.599] GetWindowRect (in: hWnd=0x2d02ce, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0309.599] GetParent (hWnd=0x2d02ce) returned 0x3702da
[0309.599] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3702da, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0309.599] SendMessageW (hWnd=0x2d02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2d02ce) returned 0x0
[0309.599] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2d02ce) returned 0x0
[0309.599] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0309.599] GetParent (hWnd=0x2d02ce) returned 0x3702da
[0309.599] GetWindowLongW (hWnd=0x3702da, nIndex=-8) returned 458844
[0309.599] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0309.599] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0309.600] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x41010781
[0309.600] GetDeviceCaps (hdc=0x41010781, index=12) returned 32
[0309.600] GetDeviceCaps (hdc=0x41010781, index=14) returned 1
[0309.600] DeleteDC (hdc=0x41010781) returned 1
[0309.600] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0309.600] GetWindowThreadProcessId (in: hWnd=0x3702da, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0309.600] GetCurrentThreadId () returned 0xf50
[0309.600] PostMessageW (hWnd=0x3702da, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0309.600] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.600] GetSystemMetrics (nIndex=42) returned 0
[0309.600] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7e260, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.600] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7e260) returned 0x18
[0309.600] GdipImageGetFrameDimensionsCount (image=0x6602080, count=0xd7e25c) returned 0x0
[0309.600] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200cb0
[0309.600] GdipImageGetFrameDimensionsList (image=0x6602080, dimensionIDs=0x1200cb0*(Data1=0x1200cc8, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0309.601] LocalFree (hMem=0x1200cb0) returned 0x0
[0309.601] GdipImageGetFrameDimensionsCount (image=0x66016a8, count=0xd7e250) returned 0x0
[0309.601] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200dd0
[0309.601] GdipImageGetFrameDimensionsList (image=0x66016a8, dimensionIDs=0x1200dd0*(Data1=0x7462dc86, Data2=0x6180, Data3=0x4c7e, Data4=([0]=0x8e, [1]=0x3f, [2]=0xee, [3]=0x73, [4]=0x33, [5]=0xa7, [6]=0xa4, [7]=0x83)), count=0x1) returned 0x0
[0309.601] LocalFree (hMem=0x1200dd0) returned 0x0
[0309.601] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0309.601] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0309.601] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0309.612] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0309.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.613] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.614] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0309.614] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0309.614] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.614] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.615] GetSystemMetrics (nIndex=42) returned 0
[0309.615] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7e2b4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.615] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7e2b4) returned 0x18
[0309.615] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0309.615] GetCurrentObject (hdc=0x107b9, type=0x1) returned 0xb00017
[0309.615] GetCurrentObject (hdc=0x107b9, type=0x2) returned 0x900010
[0309.615] GetCurrentObject (hdc=0x107b9, type=0x7) returned 0x210507f2
[0309.615] GetCurrentObject (hdc=0x107b9, type=0x6) returned 0x8a01c2
[0309.615] SaveDC (hdc=0x107b9) returned 1
[0309.615] GetNearestColor (hdc=0x107b9, color=0xf0f0f0) returned 0xf0f0f0
[0309.615] CreateSolidBrush (color=0xf0f0f0) returned 0x7c1007e1
[0309.615] FillRect (hDC=0x107b9, lprc=0xd7e1b8, hbr=0x7c1007e1) returned 1
[0309.615] DeleteObject (ho=0x7c1007e1) returned 1
[0309.615] RestoreDC (hdc=0x107b9, nSavedDC=-1) returned 1
[0309.616] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0309.616] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0309.616] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0309.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0309.617] GetStockObject (i=5) returned 0x900015
[0309.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0309.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0309.617] GetStockObject (i=5) returned 0x900015
[0309.617] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0309.618] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0309.618] GetStockObject (i=5) returned 0x900015
[0309.618] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0309.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0309.619] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0309.619] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0309.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0309.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0309.621] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0309.621] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0309.622] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0309.622] InvalidateRect (hWnd=0x3902d8, lpRect=0x0, bErase=0) returned 1
[0309.622] GetFocus () returned 0x3702da
[0309.622] GetFocus () returned 0x3702da
[0309.622] SetFocus (hWnd=0x3902d8) returned 0x3702da
[0309.623] GetFocus () returned 0x3902d8
[0309.623] IsChild (hWndParent=0x3702da, hWnd=0x3902d8) returned 1
[0309.623] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x8, wParam=0x3902d8, lParam=0x0) returned 0x0
[0309.624] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0309.626] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0309.627] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x7, wParam=0x3702da, lParam=0x0) returned 0x0
[0309.628] GetStockObject (i=5) returned 0x900015
[0309.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0309.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0309.628] GetDlgItem (hDlg=0x3702da, nIDDlgItem=3736280) returned 0x3902d8
[0309.628] SendMessageW (hWnd=0x3902d8, Msg=0x202b, wParam=0x3902d8, lParam=0xd7e0dc) returned 0x0
[0309.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x202b, wParam=0x3902d8, lParam=0xd7e0dc) returned 0x0
[0309.628] InvalidateRect (hWnd=0x3902d8, lpRect=0x0, bErase=0) returned 1
[0309.631] GetFocus () returned 0x3902d8
[0309.631] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.632] IsWindowUnicode (hWnd=0x3702da) returned 1
[0309.632] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.632] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.632] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.632] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0309.632] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.632] IsWindowUnicode (hWnd=0x3702da) returned 1
[0309.632] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.632] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.632] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.632] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.633] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0309.633] IsWindowUnicode (hWnd=0x3702da) returned 1
[0309.633] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.633] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.633] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.634] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.634] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.634] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.634] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.634] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0309.634] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0309.634] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.635] IsWindowUnicode (hWnd=0x3702da) returned 1
[0309.635] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.635] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.635] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.635] BeginPaint (in: hWnd=0x3702da, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0x60100ce
[0309.635] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.635] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.635] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.635] GetSystemMetrics (nIndex=42) returned 0
[0309.635] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7e1ec, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.636] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7e1ec) returned 0x18
[0309.636] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.636] EndPaint (hWnd=0x3702da, lpPaint=0xd7e274) returned 1
[0309.636] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.636] IsWindowUnicode (hWnd=0x3702dc) returned 1
[0309.636] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.636] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.636] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.636] BeginPaint (in: hWnd=0x3702dc, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0309.636] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.637] CreateCompatibleDC (hdc=0x10105d6) returned 0x640107c6
[0309.637] SelectObject (hdc=0x640107c6, h=0x4a0507fe) returned 0x85000f
[0309.637] GdipCreateFromHDC (hdc=0x640107c6, graphics=0xd7e2b0) returned 0x0
[0309.637] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.637] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0309.637] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0309.637] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0309.637] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e310) returned 0x0
[0309.637] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.637] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0309.637] LocalFree (hMem=0x11ee788) returned 0x0
[0309.645] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0309.645] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0309.645] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0309.646] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e304) returned 0x0
[0309.646] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0309.646] GetWindowTextLengthW (hWnd=0x3702dc) returned 0
[0309.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0309.646] GetSystemMetrics (nIndex=42) returned 0
[0309.646] GetWindowTextW (in: hWnd=0x3702dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0309.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0309.646] GetClientRect (in: hWnd=0x3702dc, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0309.646] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0309.646] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0309.646] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0309.646] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0309.646] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e164) returned 0x0
[0309.646] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.646] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee788) returned 0x0
[0309.646] LocalFree (hMem=0x11ee788) returned 0x0
[0309.646] GdipCombineRegionRegion (region=0x6646f88, region2=0x6646b98, combineMode=0x1) returned 0x0
[0309.647] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0309.647] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0309.647] LocalFree (hMem=0x11ee8d8) returned 0x0
[0309.647] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0309.647] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0309.647] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0309.647] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0309.647] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0309.649] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0309.649] GetCurrentObject (hdc=0x640107c6, type=0x1) returned 0xb00017
[0309.649] GetCurrentObject (hdc=0x640107c6, type=0x2) returned 0x900010
[0309.649] GetCurrentObject (hdc=0x640107c6, type=0x7) returned 0x4a0507fe
[0309.649] GetCurrentObject (hdc=0x640107c6, type=0x6) returned 0x8a01c2
[0309.649] SaveDC (hdc=0x640107c6) returned 1
[0309.649] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x940407de
[0309.650] GetClipRgn (hdc=0x640107c6, hrgn=0x940407de) returned 0
[0309.650] SelectClipRgn (hdc=0x640107c6, hrgn=0x15040807) returned 2
[0309.650] DeleteObject (ho=0x940407de) returned 1
[0309.650] DeleteObject (ho=0x15040807) returned 1
[0309.650] OffsetViewportOrgEx (in: hdc=0x640107c6, x=0, y=0, lppt=0x2d60404 | out: lppt=0x2d60404) returned 1
[0309.650] GetNearestColor (hdc=0x640107c6, color=0xf0f0f0) returned 0xf0f0f0
[0309.650] CreateSolidBrush (color=0xf0f0f0) returned 0x7d1007e1
[0309.650] FillRect (hDC=0x640107c6, lprc=0xd7e198, hbr=0x7d1007e1) returned 1
[0309.650] DeleteObject (ho=0x7d1007e1) returned 1
[0309.650] RestoreDC (hdc=0x640107c6, nSavedDC=-1) returned 1
[0309.650] GdipReleaseDC (graphics=0x6600030, hdc=0x640107c6) returned 0x0
[0309.650] GdipRestoreGraphics (graphics=0x6600030, state=0xf53c0dbd) returned 0x0
[0309.650] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0309.650] GetWindowTextLengthW (hWnd=0x3702dc) returned 0
[0309.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0309.651] GetSystemMetrics (nIndex=42) returned 0
[0309.651] GetWindowTextW (in: hWnd=0x3702dc, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0309.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0309.651] GdipGetImageWidth (image=0x6602080, width=0xd7e1e0) returned 0x0
[0309.651] GdipGetImageHeight (image=0x6602080, height=0xd7e1e0) returned 0x0
[0309.651] GdipGetImageWidth (image=0x6602080, width=0xd7e1cc) returned 0x0
[0309.651] GdipGetImageHeight (image=0x6602080, height=0xd7e1cc) returned 0x0
[0309.651] GdipDrawImageRectI (graphics=0x6600030, image=0x6602080, x=16, y=16, width=32, height=32) returned 0x0
[0309.651] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0309.651] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x640107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.651] GdipReleaseDC (graphics=0x6600030, hdc=0x640107c6) returned 0x0
[0309.651] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.652] SelectObject (hdc=0x640107c6, h=0x85000f) returned 0x4a0507fe
[0309.652] DeleteDC (hdc=0x640107c6) returned 1
[0309.652] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.652] EndPaint (hWnd=0x3702dc, lpPaint=0xd7e294) returned 1
[0309.652] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.652] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0309.652] IsWindowUnicode (hWnd=0x3702de) returned 1
[0309.652] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.652] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0309.653] SetCursor (hCursor=0x10003) returned 0x10003
[0309.653] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.653] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.653] _TrackMouseEvent (in: lpEventTrack=0x2d604d0 | out: lpEventTrack=0x2d604d0) returned 1
[0309.653] SendMessageW (hWnd=0x3702de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0309.653] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0309.653] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0309.653] GetKeyState (nVirtKey=1) returned 0
[0309.653] GetKeyState (nVirtKey=2) returned 0
[0309.653] GetKeyState (nVirtKey=4) returned 0
[0309.653] GetKeyState (nVirtKey=5) returned 0
[0309.653] GetKeyState (nVirtKey=6) returned 0
[0309.653] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.653] IsWindowUnicode (hWnd=0x3a00ea) returned 1
[0309.653] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.653] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.653] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.654] BeginPaint (in: hWnd=0x3a00ea, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0309.654] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.654] CreateCompatibleDC (hdc=0x107b9) returned 0x660107c6
[0309.654] GetObjectType (h=0x107b9) returned 0x3
[0309.654] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0x4d050781
[0309.654] GetDIBits (in: hdc=0x107b9, hbm=0x4d050781, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0309.654] GetDIBits (in: hdc=0x107b9, hbm=0x4d050781, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0309.654] DeleteObject (ho=0x4d050781) returned 1
[0309.654] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xa40507a2
[0309.655] SelectObject (hdc=0x660107c6, h=0xa40507a2) returned 0x85000f
[0309.655] GdipCreateFromHDC (hdc=0x660107c6, graphics=0xd7e234) returned 0x0
[0309.655] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.655] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0309.655] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0309.655] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0309.655] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2d4) returned 0x0
[0309.655] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.655] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0309.655] LocalFree (hMem=0x11ee868) returned 0x0
[0309.655] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0309.656] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0309.656] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0309.656] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0309.656] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0309.656] GetWindowTextLengthW (hWnd=0x3a00ea) returned 232
[0309.656] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0309.656] GetSystemMetrics (nIndex=42) returned 0
[0309.656] GetWindowTextW (in: hWnd=0x3a00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0309.656] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0309.656] GetClientRect (in: hWnd=0x3a00ea, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0309.656] GdipCreateRegion (region=0xd7e110) returned 0x0
[0309.656] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0309.656] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0309.656] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0309.656] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e128) returned 0x0
[0309.656] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.656] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee868) returned 0x0
[0309.656] LocalFree (hMem=0x11ee868) returned 0x0
[0309.657] GdipCombineRegionRegion (region=0x6646718, region2=0x6646f88, combineMode=0x1) returned 0x0
[0309.657] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0309.657] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0309.657] LocalFree (hMem=0x11ee9f0) returned 0x0
[0309.657] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0309.657] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e150) returned 0x0
[0309.657] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7e140) returned 0x0
[0309.657] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0309.657] GdipDeleteRegion (region=0x6646718) returned 0x0
[0309.657] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0309.657] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0309.657] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0309.657] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0xffffffffa40507a2
[0309.657] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0309.657] SaveDC (hdc=0x660107c6) returned 1
[0309.658] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x16040807
[0309.658] GetClipRgn (hdc=0x660107c6, hrgn=0x16040807) returned 0
[0309.658] SelectClipRgn (hdc=0x660107c6, hrgn=0x950407de) returned 2
[0309.658] DeleteObject (ho=0x16040807) returned 1
[0309.658] DeleteObject (ho=0x950407de) returned 1
[0309.658] OffsetViewportOrgEx (in: hdc=0x660107c6, x=0, y=0, lppt=0x2d61e24 | out: lppt=0x2d61e24) returned 1
[0309.658] GetNearestColor (hdc=0x660107c6, color=0xf0f0f0) returned 0xf0f0f0
[0309.658] CreateSolidBrush (color=0xf0f0f0) returned 0x7e1007e1
[0309.658] FillRect (hDC=0x660107c6, lprc=0xd7e15c, hbr=0x7e1007e1) returned 1
[0309.665] DeleteObject (ho=0x7e1007e1) returned 1
[0309.665] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0309.666] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0309.666] GdipRestoreGraphics (graphics=0x6600030, state=0xf53a0dbd) returned 0x0
[0309.666] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0309.666] GetWindowTextLengthW (hWnd=0x3a00ea) returned 232
[0309.666] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0309.666] GetSystemMetrics (nIndex=42) returned 0
[0309.666] GetWindowTextW (in: hWnd=0x3a00ea, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0309.666] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0309.666] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0309.666] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0309.666] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0309.666] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0xffffffffa40507a2
[0309.666] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0309.666] SaveDC (hdc=0x660107c6) returned 1
[0309.667] GetNearestColor (hdc=0x660107c6, color=0x0) returned 0x0
[0309.667] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0309.667] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0309.667] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0309.667] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0309.668] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2d62620 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0309.668] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0309.668] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0309.668] GetCurrentObject (hdc=0x660107c6, type=0x1) returned 0xb00017
[0309.668] GetCurrentObject (hdc=0x660107c6, type=0x2) returned 0x900010
[0309.668] GetCurrentObject (hdc=0x660107c6, type=0x7) returned 0xffffffffa40507a2
[0309.668] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0309.668] SaveDC (hdc=0x660107c6) returned 1
[0309.668] GetTextAlign (hdc=0x660107c6) returned 0x0
[0309.668] GetTextColor (hdc=0x660107c6) returned 0x0
[0309.668] GetCurrentObject (hdc=0x660107c6, type=0x6) returned 0x8a01c2
[0309.669] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0309.669] SelectObject (hdc=0x660107c6, h=0x6d0a0520) returned 0x8a01c2
[0309.669] GetBkMode (hdc=0x660107c6) returned 2
[0309.669] SetBkMode (hdc=0x660107c6, mode=1) returned 2
[0309.669] DrawTextExW (in: hdc=0x660107c6, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2d62844 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0309.672] RestoreDC (hdc=0x660107c6, nSavedDC=-1) returned 1
[0309.672] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0309.672] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0309.673] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0x660107c6, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.673] GdipReleaseDC (graphics=0x6600030, hdc=0x660107c6) returned 0x0
[0309.673] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.673] SelectObject (hdc=0x660107c6, h=0x85000f) returned 0xa40507a2
[0309.673] DeleteDC (hdc=0x660107c6) returned 1
[0309.673] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.673] DeleteObject (ho=0xa40507a2) returned 1
[0309.674] EndPaint (hWnd=0x3a00ea, lpPaint=0xd7e258) returned 1
[0309.674] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.674] IsWindowUnicode (hWnd=0x3902d8) returned 1
[0309.674] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.674] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.674] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.674] BeginPaint (in: hWnd=0x3902d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0309.674] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.675] CreateCompatibleDC (hdc=0xc0107c5) returned 0x4f010781
[0309.675] SelectObject (hdc=0x4f010781, h=0x4a0507fe) returned 0x85000f
[0309.675] GdipCreateFromHDC (hdc=0x4f010781, graphics=0xd7e268) returned 0x0
[0309.675] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.675] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0309.675] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0309.675] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0309.675] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7e2c8) returned 0x0
[0309.675] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0309.675] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11eed00) returned 0x0
[0309.676] LocalFree (hMem=0x11eed00) returned 0x0
[0309.684] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0309.684] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0309.684] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0309.684] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0309.684] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0309.684] GdipRestoreGraphics (graphics=0x6600030, state=0xf5380dbd) returned 0x0
[0309.684] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0309.684] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0309.684] GetCurrentObject (hdc=0x4f010781, type=0x1) returned 0xb00017
[0309.684] GetCurrentObject (hdc=0x4f010781, type=0x2) returned 0x900010
[0309.684] GetCurrentObject (hdc=0x4f010781, type=0x7) returned 0x4a0507fe
[0309.684] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.711] SaveDC (hdc=0x4f010781) returned 1
[0309.711] GetNearestColor (hdc=0x4f010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.711] GetNearestColor (hdc=0x4f010781, color=0xa0a0a0) returned 0xa0a0a0
[0309.711] GetNearestColor (hdc=0x4f010781, color=0x696969) returned 0x696969
[0309.711] GetNearestColor (hdc=0x4f010781, color=0xa0a0a0) returned 0xa0a0a0
[0309.711] GetNearestColor (hdc=0x4f010781, color=0x0) returned 0x0
[0309.711] GetNearestColor (hdc=0x4f010781, color=0xffffff) returned 0xffffff
[0309.711] GetNearestColor (hdc=0x4f010781, color=0xe5e5e5) returned 0xe5e5e5
[0309.711] GetNearestColor (hdc=0x4f010781, color=0xd7d7d7) returned 0xd7d7d7
[0309.711] GetNearestColor (hdc=0x4f010781, color=0x0) returned 0x0
[0309.711] RestoreDC (hdc=0x4f010781, nSavedDC=-1) returned 1
[0309.712] GdipReleaseDC (graphics=0x6600030, hdc=0x4f010781) returned 0x0
[0309.712] IsAppThemed () returned 0x1
[0309.712] GetThemeAppProperties () returned 0x3
[0309.712] GetThemeAppProperties () returned 0x3
[0309.712] GdipGetImageWidth (image=0x66016a8, width=0xd7e168) returned 0x0
[0309.712] GdipGetImageHeight (image=0x66016a8, height=0xd7e168) returned 0x0
[0309.712] IsAppThemed () returned 0x1
[0309.712] GetThemeAppProperties () returned 0x3
[0309.712] GetThemeAppProperties () returned 0x3
[0309.712] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2d62f94 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0309.712] IsAppThemed () returned 0x1
[0309.712] GetThemeAppProperties () returned 0x3
[0309.712] GetThemeAppProperties () returned 0x3
[0309.713] IsAppThemed () returned 0x1
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] GetFocus () returned 0x3902d8
[0309.713] IsAppThemed () returned 0x1
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] IsAppThemed () returned 0x1
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] IsThemePartDefined () returned 0x1
[0309.713] IsAppThemed () returned 0x1
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0309.713] IsAppThemed () returned 0x1
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] GetThemeAppProperties () returned 0x3
[0309.713] IsAppThemed () returned 0x1
[0309.713] GetThemeAppProperties () returned 0x3
[0309.714] GetThemeAppProperties () returned 0x3
[0309.714] IsThemePartDefined () returned 0x1
[0309.714] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0309.714] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0309.714] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0309.714] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0309.714] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dff0) returned 0x0
[0309.714] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0309.714] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0309.714] LocalFree (hMem=0x11ee8d8) returned 0x0
[0309.714] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0309.714] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0309.714] LocalFree (hMem=0x11eea60) returned 0x0
[0309.714] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0309.714] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0309.714] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0309.714] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0309.715] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0309.715] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0309.715] GetCurrentObject (hdc=0x4f010781, type=0x1) returned 0xb00017
[0309.715] GetCurrentObject (hdc=0x4f010781, type=0x2) returned 0x900010
[0309.715] GetCurrentObject (hdc=0x4f010781, type=0x7) returned 0x4a0507fe
[0309.715] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.715] SaveDC (hdc=0x4f010781) returned 1
[0309.715] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x960407de
[0309.715] GetClipRgn (hdc=0x4f010781, hrgn=0x960407de) returned 0
[0309.715] SelectClipRgn (hdc=0x4f010781, hrgn=0x1a040807) returned 2
[0309.715] DeleteObject (ho=0x960407de) returned 1
[0309.715] DeleteObject (ho=0x1a040807) returned 1
[0309.715] OffsetViewportOrgEx (in: hdc=0x4f010781, x=0, y=0, lppt=0x2d63644 | out: lppt=0x2d63644) returned 1
[0309.715] DrawThemeParentBackground () returned 0x0
[0309.722] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0309.722] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0309.722] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.722] GetSystemMetrics (nIndex=42) returned 0
[0309.722] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0309.722] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0309.722] GetCurrentObject (hdc=0x4f010781, type=0x1) returned 0xb00017
[0309.722] GetCurrentObject (hdc=0x4f010781, type=0x2) returned 0x900010
[0309.722] GetCurrentObject (hdc=0x4f010781, type=0x7) returned 0x4a0507fe
[0309.722] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.722] SaveDC (hdc=0x4f010781) returned 2
[0309.723] GetNearestColor (hdc=0x4f010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.723] CreateSolidBrush (color=0xf0f0f0) returned 0x7f1007e1
[0309.723] FillRect (hDC=0x4f010781, lprc=0xd7da38, hbr=0x7f1007e1) returned 1
[0309.723] DeleteObject (ho=0x7f1007e1) returned 1
[0309.723] RestoreDC (hdc=0x4f010781, nSavedDC=-1) returned 1
[0309.723] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.723] GetSystemMetrics (nIndex=42) returned 0
[0309.723] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.723] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0309.723] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0309.723] GetCurrentObject (hdc=0x4f010781, type=0x1) returned 0xb00017
[0309.723] GetCurrentObject (hdc=0x4f010781, type=0x2) returned 0x900010
[0309.723] GetCurrentObject (hdc=0x4f010781, type=0x7) returned 0x4a0507fe
[0309.723] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.723] SaveDC (hdc=0x4f010781) returned 2
[0309.723] GetNearestColor (hdc=0x4f010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.724] CreateSolidBrush (color=0xf0f0f0) returned 0x801007e1
[0309.724] FillRect (hDC=0x4f010781, lprc=0xd7d9d8, hbr=0x801007e1) returned 1
[0309.724] DeleteObject (ho=0x801007e1) returned 1
[0309.724] RestoreDC (hdc=0x4f010781, nSavedDC=-1) returned 1
[0309.724] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.724] GetSystemMetrics (nIndex=42) returned 0
[0309.724] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0309.724] RestoreDC (hdc=0x4f010781, nSavedDC=-1) returned 1
[0309.724] GdipReleaseDC (graphics=0x6600030, hdc=0x4f010781) returned 0x0
[0309.724] IsAppThemed () returned 0x1
[0309.724] GetThemeAppProperties () returned 0x3
[0309.724] GetThemeAppProperties () returned 0x3
[0309.724] IsAppThemed () returned 0x1
[0309.725] GetThemeAppProperties () returned 0x3
[0309.725] GetThemeAppProperties () returned 0x3
[0309.725] IsThemePartDefined () returned 0x1
[0309.725] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0309.725] GdipGetClip (graphics=0x6600030, region=0x6646448) returned 0x0
[0309.725] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0309.725] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0309.725] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df74) returned 0x0
[0309.725] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0309.725] LocalFree (hMem=0x11eec58) returned 0x0
[0309.725] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee8d8) returned 0x0
[0309.725] LocalFree (hMem=0x11ee8d8) returned 0x0
[0309.725] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0309.725] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0309.725] GdipIsInfiniteRegion (region=0x6646448, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0309.725] GdipGetRegionHRgn (region=0x6646448, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0309.725] GdipDeleteRegion (region=0x6646448) returned 0x0
[0309.725] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0309.726] GetCurrentObject (hdc=0x4f010781, type=0x1) returned 0xb00017
[0309.726] GetCurrentObject (hdc=0x4f010781, type=0x2) returned 0x900010
[0309.726] GetCurrentObject (hdc=0x4f010781, type=0x7) returned 0x4a0507fe
[0309.726] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.726] SaveDC (hdc=0x4f010781) returned 1
[0309.726] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1b040807
[0309.726] GetClipRgn (hdc=0x4f010781, hrgn=0x1b040807) returned 0
[0309.726] SelectClipRgn (hdc=0x4f010781, hrgn=0x980407de) returned 2
[0309.726] DeleteObject (ho=0x1b040807) returned 1
[0309.726] DeleteObject (ho=0x980407de) returned 1
[0309.726] OffsetViewportOrgEx (in: hdc=0x4f010781, x=0, y=0, lppt=0x2d63fc8 | out: lppt=0x2d63fc8) returned 1
[0309.726] IsAppThemed () returned 0x1
[0309.726] GetThemeAppProperties () returned 0x3
[0309.726] GetThemeAppProperties () returned 0x3
[0309.726] DrawThemeBackground () returned 0x0
[0309.726] RestoreDC (hdc=0x4f010781, nSavedDC=-1) returned 1
[0309.727] GdipReleaseDC (graphics=0x6600030, hdc=0x4f010781) returned 0x0
[0309.727] GdipCreateRegion (region=0xd7df60) returned 0x0
[0309.727] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0309.727] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0309.727] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0309.727] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0309.727] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.727] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0309.727] LocalFree (hMem=0x11ee788) returned 0x0
[0309.727] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.727] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0309.727] LocalFree (hMem=0x11eec58) returned 0x0
[0309.727] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0309.727] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0309.727] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0309.727] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0309.728] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0309.728] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0309.728] GetCurrentObject (hdc=0x4f010781, type=0x1) returned 0xb00017
[0309.728] GetCurrentObject (hdc=0x4f010781, type=0x2) returned 0x900010
[0309.728] GetCurrentObject (hdc=0x4f010781, type=0x7) returned 0x4a0507fe
[0309.728] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.728] SaveDC (hdc=0x4f010781) returned 1
[0309.728] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x990407de
[0309.728] GetClipRgn (hdc=0x4f010781, hrgn=0x990407de) returned 0
[0309.728] SelectClipRgn (hdc=0x4f010781, hrgn=0x1c040807) returned 2
[0309.728] DeleteObject (ho=0x990407de) returned 1
[0309.728] DeleteObject (ho=0x1c040807) returned 1
[0309.728] OffsetViewportOrgEx (in: hdc=0x4f010781, x=0, y=0, lppt=0x2d6429c | out: lppt=0x2d6429c) returned 1
[0309.728] IsAppThemed () returned 0x1
[0309.728] GetThemeAppProperties () returned 0x3
[0309.728] GetThemeAppProperties () returned 0x3
[0309.728] GetThemeBackgroundContentRect () returned 0x0
[0309.729] RestoreDC (hdc=0x4f010781, nSavedDC=-1) returned 1
[0309.729] GdipReleaseDC (graphics=0x6600030, hdc=0x4f010781) returned 0x0
[0309.729] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0309.729] GdipGetClip (graphics=0x6600030, region=0x66464d8) returned 0x0
[0309.729] GdipCloneRegion (region=0x66464d8, cloneRegion=0xd7e150) returned 0x0
[0309.729] GdipCombineRegionRectI (region=0x6646448, rect=0xd7e138, combineMode=0x1) returned 0x0
[0309.729] GdipCombineRegionRectI (region=0x6646448, rect=0xd7e138, combineMode=0x1) returned 0x0
[0309.729] GdipSetClipRegion (graphics=0x6600030, region=0x6646448, combineMode=0x0) returned 0x0
[0309.729] GdipGetImageWidth (image=0x66016a8, width=0xd7e154) returned 0x0
[0309.729] GdipGetImageHeight (image=0x66016a8, height=0xd7e148) returned 0x0
[0309.729] GdipDrawImageRectI (graphics=0x6600030, image=0x66016a8, x=4, y=4, width=16, height=16) returned 0x0
[0309.729] GdipSetClipRegion (graphics=0x6600030, region=0x66464d8, combineMode=0x0) returned 0x0
[0309.729] IsAppThemed () returned 0x1
[0309.729] GetThemeAppProperties () returned 0x3
[0309.730] GetThemeAppProperties () returned 0x3
[0309.730] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0309.730] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0309.730] GetCurrentObject (hdc=0x4f010781, type=0x1) returned 0xb00017
[0309.730] GetCurrentObject (hdc=0x4f010781, type=0x2) returned 0x900010
[0309.730] GetCurrentObject (hdc=0x4f010781, type=0x7) returned 0x4a0507fe
[0309.730] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.730] SaveDC (hdc=0x4f010781) returned 1
[0309.730] GetTextAlign (hdc=0x4f010781) returned 0x0
[0309.730] GetTextColor (hdc=0x4f010781) returned 0x0
[0309.730] GetCurrentObject (hdc=0x4f010781, type=0x6) returned 0x8a01c2
[0309.730] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0309.731] SelectObject (hdc=0x4f010781, h=0x6d0a0520) returned 0x8a01c2
[0309.731] GetBkMode (hdc=0x4f010781) returned 2
[0309.731] SetBkMode (hdc=0x4f010781, mode=1) returned 2
[0309.731] DrawTextExW (in: hdc=0x4f010781, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2d6465c | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0309.731] DrawTextExW (in: hdc=0x4f010781, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d6465c | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0309.731] RestoreDC (hdc=0x4f010781, nSavedDC=-1) returned 1
[0309.732] GdipReleaseDC (graphics=0x6600030, hdc=0x4f010781) returned 0x0
[0309.732] GetFocus () returned 0x3902d8
[0309.732] IsAppThemed () returned 0x1
[0309.737] GetThemeAppProperties () returned 0x3
[0309.737] GetThemeAppProperties () returned 0x3
[0309.737] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0309.737] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x4f010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.737] GdipReleaseDC (graphics=0x6600030, hdc=0x4f010781) returned 0x0
[0309.737] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.737] SelectObject (hdc=0x4f010781, h=0x85000f) returned 0x4a0507fe
[0309.737] DeleteDC (hdc=0x4f010781) returned 1
[0309.737] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.737] EndPaint (hWnd=0x3902d8, lpPaint=0xd7e24c) returned 1
[0309.738] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.738] IsWindowUnicode (hWnd=0x3702de) returned 1
[0309.738] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.738] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.738] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.738] BeginPaint (in: hWnd=0x3702de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0309.738] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.738] CreateCompatibleDC (hdc=0x60100ce) returned 0x51010781
[0309.738] SelectObject (hdc=0x51010781, h=0x4a0507fe) returned 0x85000f
[0309.738] GdipCreateFromHDC (hdc=0x51010781, graphics=0xd7e268) returned 0x0
[0309.739] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.739] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0309.739] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0309.739] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0309.739] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0309.739] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.739] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0309.739] LocalFree (hMem=0x11ee868) returned 0x0
[0309.739] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0309.739] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0309.739] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0309.739] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0309.739] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0309.739] GdipRestoreGraphics (graphics=0x6600030, state=0xf5360dbd) returned 0x0
[0309.739] GdipDeleteRegion (region=0x6646958) returned 0x0
[0309.739] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0309.740] GetCurrentObject (hdc=0x51010781, type=0x1) returned 0xb00017
[0309.740] GetCurrentObject (hdc=0x51010781, type=0x2) returned 0x900010
[0309.740] GetCurrentObject (hdc=0x51010781, type=0x7) returned 0x4a0507fe
[0309.740] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.740] SaveDC (hdc=0x51010781) returned 1
[0309.740] GetNearestColor (hdc=0x51010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.740] GetNearestColor (hdc=0x51010781, color=0xa0a0a0) returned 0xa0a0a0
[0309.740] GetNearestColor (hdc=0x51010781, color=0x696969) returned 0x696969
[0309.740] GetNearestColor (hdc=0x51010781, color=0xa0a0a0) returned 0xa0a0a0
[0309.740] GetNearestColor (hdc=0x51010781, color=0x0) returned 0x0
[0309.740] GetNearestColor (hdc=0x51010781, color=0xffffff) returned 0xffffff
[0309.740] GetNearestColor (hdc=0x51010781, color=0xe5e5e5) returned 0xe5e5e5
[0309.740] GetNearestColor (hdc=0x51010781, color=0xd7d7d7) returned 0xd7d7d7
[0309.740] GetNearestColor (hdc=0x51010781, color=0x0) returned 0x0
[0309.741] RestoreDC (hdc=0x51010781, nSavedDC=-1) returned 1
[0309.741] GdipReleaseDC (graphics=0x6600030, hdc=0x51010781) returned 0x0
[0309.741] IsAppThemed () returned 0x1
[0309.741] GetThemeAppProperties () returned 0x3
[0309.741] GetThemeAppProperties () returned 0x3
[0309.741] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0309.741] SendMessageW (hWnd=0x3702da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0309.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0309.741] IsAppThemed () returned 0x1
[0309.741] GetThemeAppProperties () returned 0x3
[0309.741] GetThemeAppProperties () returned 0x3
[0309.741] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2d64e6c | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0309.741] IsAppThemed () returned 0x1
[0309.741] GetThemeAppProperties () returned 0x3
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] IsAppThemed () returned 0x1
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] IsAppThemed () returned 0x1
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] IsAppThemed () returned 0x1
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] IsThemePartDefined () returned 0x1
[0309.742] IsAppThemed () returned 0x1
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0309.742] IsAppThemed () returned 0x1
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] IsAppThemed () returned 0x1
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] GetThemeAppProperties () returned 0x3
[0309.742] IsThemePartDefined () returned 0x1
[0309.742] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0309.743] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0309.743] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0309.743] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0309.743] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dfe4) returned 0x0
[0309.743] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.743] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0309.743] LocalFree (hMem=0x11ee788) returned 0x0
[0309.743] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0309.743] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eead0) returned 0x0
[0309.743] LocalFree (hMem=0x11eead0) returned 0x0
[0309.743] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0309.743] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0309.743] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0309.743] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0309.743] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0309.743] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0309.743] GetCurrentObject (hdc=0x51010781, type=0x1) returned 0xb00017
[0309.744] GetCurrentObject (hdc=0x51010781, type=0x2) returned 0x900010
[0309.744] GetCurrentObject (hdc=0x51010781, type=0x7) returned 0x4a0507fe
[0309.744] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.744] SaveDC (hdc=0x51010781) returned 1
[0309.744] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1d040807
[0309.744] GetClipRgn (hdc=0x51010781, hrgn=0x1d040807) returned 0
[0309.744] SelectClipRgn (hdc=0x51010781, hrgn=0x9d0407de) returned 2
[0309.744] DeleteObject (ho=0x1d040807) returned 1
[0309.744] DeleteObject (ho=0x9d0407de) returned 1
[0309.744] OffsetViewportOrgEx (in: hdc=0x51010781, x=0, y=0, lppt=0x2d6551c | out: lppt=0x2d6551c) returned 1
[0309.744] DrawThemeParentBackground () returned 0x0
[0309.744] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0309.744] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0309.744] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.744] GetSystemMetrics (nIndex=42) returned 0
[0309.744] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7db2c, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.744] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7db2c) returned 0x18
[0309.745] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x1) returned 0xb00017
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x2) returned 0x900010
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x7) returned 0x4a0507fe
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.745] SaveDC (hdc=0x51010781) returned 2
[0309.745] GetNearestColor (hdc=0x51010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.745] CreateSolidBrush (color=0xf0f0f0) returned 0x811007e1
[0309.745] FillRect (hDC=0x51010781, lprc=0xd7da30, hbr=0x811007e1) returned 1
[0309.745] DeleteObject (ho=0x811007e1) returned 1
[0309.745] RestoreDC (hdc=0x51010781, nSavedDC=-1) returned 1
[0309.745] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.745] GetSystemMetrics (nIndex=42) returned 0
[0309.745] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.745] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0309.745] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x1) returned 0xb00017
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x2) returned 0x900010
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x7) returned 0x4a0507fe
[0309.745] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.746] SaveDC (hdc=0x51010781) returned 2
[0309.746] GetNearestColor (hdc=0x51010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.746] CreateSolidBrush (color=0xf0f0f0) returned 0x821007e1
[0309.746] FillRect (hDC=0x51010781, lprc=0xd7d9d0, hbr=0x821007e1) returned 1
[0309.746] DeleteObject (ho=0x821007e1) returned 1
[0309.746] RestoreDC (hdc=0x51010781, nSavedDC=-1) returned 1
[0309.746] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.746] GetSystemMetrics (nIndex=42) returned 0
[0309.746] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7dacc, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.746] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7dacc) returned 0x18
[0309.746] RestoreDC (hdc=0x51010781, nSavedDC=-1) returned 1
[0309.746] GdipReleaseDC (graphics=0x6600030, hdc=0x51010781) returned 0x0
[0309.746] IsAppThemed () returned 0x1
[0309.746] GetThemeAppProperties () returned 0x3
[0309.746] GetThemeAppProperties () returned 0x3
[0309.746] IsAppThemed () returned 0x1
[0309.746] GetThemeAppProperties () returned 0x3
[0309.746] GetThemeAppProperties () returned 0x3
[0309.746] IsThemePartDefined () returned 0x1
[0309.746] GdipCreateRegion (region=0xd7df50) returned 0x0
[0309.747] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0309.747] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0309.747] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0309.747] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7df68) returned 0x0
[0309.747] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0309.747] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eead0) returned 0x0
[0309.789] LocalFree (hMem=0x11eead0) returned 0x0
[0309.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.790] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0309.790] LocalFree (hMem=0x11ee788) returned 0x0
[0309.790] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0309.790] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0309.790] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0309.790] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0309.790] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0309.790] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0309.790] GetCurrentObject (hdc=0x51010781, type=0x1) returned 0xb00017
[0309.790] GetCurrentObject (hdc=0x51010781, type=0x2) returned 0x900010
[0309.790] GetCurrentObject (hdc=0x51010781, type=0x7) returned 0x4a0507fe
[0309.790] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.790] SaveDC (hdc=0x51010781) returned 1
[0309.790] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9e0407de
[0309.790] GetClipRgn (hdc=0x51010781, hrgn=0x9e0407de) returned 0
[0309.791] SelectClipRgn (hdc=0x51010781, hrgn=0x1f040807) returned 2
[0309.791] DeleteObject (ho=0x9e0407de) returned 1
[0309.791] DeleteObject (ho=0x1f040807) returned 1
[0309.791] OffsetViewportOrgEx (in: hdc=0x51010781, x=0, y=0, lppt=0x2d65ea0 | out: lppt=0x2d65ea0) returned 1
[0309.791] IsAppThemed () returned 0x1
[0309.791] GetThemeAppProperties () returned 0x3
[0309.791] GetThemeAppProperties () returned 0x3
[0309.791] DrawThemeBackground () returned 0x0
[0309.791] RestoreDC (hdc=0x51010781, nSavedDC=-1) returned 1
[0309.791] GdipReleaseDC (graphics=0x6600030, hdc=0x51010781) returned 0x0
[0309.791] GdipCreateRegion (region=0xd7df54) returned 0x0
[0309.791] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0309.791] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0309.791] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0309.791] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df6c) returned 0x0
[0309.792] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0309.792] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eed00) returned 0x0
[0309.792] LocalFree (hMem=0x11eed00) returned 0x0
[0309.792] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.792] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0309.792] LocalFree (hMem=0x11eec58) returned 0x0
[0309.792] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0309.792] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df94) returned 0x0
[0309.792] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7df84) returned 0x0
[0309.792] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0309.792] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0309.792] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0309.792] GetCurrentObject (hdc=0x51010781, type=0x1) returned 0xb00017
[0309.792] GetCurrentObject (hdc=0x51010781, type=0x2) returned 0x900010
[0309.792] GetCurrentObject (hdc=0x51010781, type=0x7) returned 0x4a0507fe
[0309.792] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.793] SaveDC (hdc=0x51010781) returned 1
[0309.793] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x20040807
[0309.793] GetClipRgn (hdc=0x51010781, hrgn=0x20040807) returned 0
[0309.793] SelectClipRgn (hdc=0x51010781, hrgn=0x9f0407de) returned 2
[0309.793] DeleteObject (ho=0x20040807) returned 1
[0309.793] DeleteObject (ho=0x9f0407de) returned 1
[0309.793] OffsetViewportOrgEx (in: hdc=0x51010781, x=0, y=0, lppt=0x2d66174 | out: lppt=0x2d66174) returned 1
[0309.793] IsAppThemed () returned 0x1
[0309.793] GetThemeAppProperties () returned 0x3
[0309.793] GetThemeAppProperties () returned 0x3
[0309.793] GetThemeBackgroundContentRect () returned 0x0
[0309.793] RestoreDC (hdc=0x51010781, nSavedDC=-1) returned 1
[0309.793] GdipReleaseDC (graphics=0x6600030, hdc=0x51010781) returned 0x0
[0309.793] IsAppThemed () returned 0x1
[0309.793] GetThemeAppProperties () returned 0x3
[0309.793] GetThemeAppProperties () returned 0x3
[0309.794] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0309.794] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0309.794] GetCurrentObject (hdc=0x51010781, type=0x1) returned 0xb00017
[0309.804] GetCurrentObject (hdc=0x51010781, type=0x2) returned 0x900010
[0309.804] GetCurrentObject (hdc=0x51010781, type=0x7) returned 0x4a0507fe
[0309.804] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.804] SaveDC (hdc=0x51010781) returned 1
[0309.804] GetTextAlign (hdc=0x51010781) returned 0x0
[0309.804] GetTextColor (hdc=0x51010781) returned 0x0
[0309.804] GetCurrentObject (hdc=0x51010781, type=0x6) returned 0x8a01c2
[0309.804] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0309.804] SelectObject (hdc=0x51010781, h=0x6d0a0520) returned 0x8a01c2
[0309.804] GetBkMode (hdc=0x51010781) returned 2
[0309.805] SetBkMode (hdc=0x51010781, mode=1) returned 2
[0309.805] DrawTextExW (in: hdc=0x51010781, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2d66514 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0309.805] DrawTextExW (in: hdc=0x51010781, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2d66514 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0309.805] RestoreDC (hdc=0x51010781, nSavedDC=-1) returned 1
[0309.805] GdipReleaseDC (graphics=0x6600030, hdc=0x51010781) returned 0x0
[0309.805] GetFocus () returned 0x3902d8
[0309.806] IsAppThemed () returned 0x1
[0309.806] GetThemeAppProperties () returned 0x3
[0309.806] GetThemeAppProperties () returned 0x3
[0309.806] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0309.806] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x51010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.806] GdipReleaseDC (graphics=0x6600030, hdc=0x51010781) returned 0x0
[0309.806] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.806] SelectObject (hdc=0x51010781, h=0x85000f) returned 0x4a0507fe
[0309.806] DeleteDC (hdc=0x51010781) returned 1
[0309.806] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.806] EndPaint (hWnd=0x3702de, lpPaint=0xd7e24c) returned 1
[0309.807] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.807] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0309.807] IsWindowUnicode (hWnd=0x30122) returned 1
[0309.807] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.808] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0309.808] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.808] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.809] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.814] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0309.815] IsWindowUnicode (hWnd=0x30122) returned 1
[0309.815] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.815] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.815] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.815] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.816] IsWindowUnicode (hWnd=0x2c02d0) returned 1
[0309.816] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.816] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.816] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.816] BeginPaint (in: hWnd=0x2c02d0, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0309.817] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.817] CreateCompatibleDC (hdc=0x107b9) returned 0x54010781
[0309.817] SelectObject (hdc=0x54010781, h=0x4a0507fe) returned 0x85000f
[0309.817] GdipCreateFromHDC (hdc=0x54010781, graphics=0xd7e268) returned 0x0
[0309.817] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.817] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0309.817] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0309.817] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0309.817] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e2c8) returned 0x0
[0309.817] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.817] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0309.818] LocalFree (hMem=0x11ee868) returned 0x0
[0309.818] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0309.818] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0309.818] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0309.818] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0309.818] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0309.818] GdipRestoreGraphics (graphics=0x6600030, state=0xf5340dbd) returned 0x0
[0309.818] GdipDeleteRegion (region=0x6646568) returned 0x0
[0309.818] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0309.818] GetCurrentObject (hdc=0x54010781, type=0x1) returned 0xb00017
[0309.818] GetCurrentObject (hdc=0x54010781, type=0x2) returned 0x900010
[0309.818] GetCurrentObject (hdc=0x54010781, type=0x7) returned 0x4a0507fe
[0309.818] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.818] SaveDC (hdc=0x54010781) returned 1
[0309.818] GetNearestColor (hdc=0x54010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.818] GetNearestColor (hdc=0x54010781, color=0xa0a0a0) returned 0xa0a0a0
[0309.818] GetNearestColor (hdc=0x54010781, color=0x696969) returned 0x696969
[0309.819] GetNearestColor (hdc=0x54010781, color=0xa0a0a0) returned 0xa0a0a0
[0309.819] GetNearestColor (hdc=0x54010781, color=0x0) returned 0x0
[0309.819] GetNearestColor (hdc=0x54010781, color=0xffffff) returned 0xffffff
[0309.819] GetNearestColor (hdc=0x54010781, color=0xe5e5e5) returned 0xe5e5e5
[0309.819] GetNearestColor (hdc=0x54010781, color=0xd7d7d7) returned 0xd7d7d7
[0309.819] GetNearestColor (hdc=0x54010781, color=0x0) returned 0x0
[0309.819] RestoreDC (hdc=0x54010781, nSavedDC=-1) returned 1
[0309.819] GdipReleaseDC (graphics=0x6600030, hdc=0x54010781) returned 0x0
[0309.819] IsAppThemed () returned 0x1
[0309.819] GetThemeAppProperties () returned 0x3
[0309.819] GetThemeAppProperties () returned 0x3
[0309.819] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0309.819] SendMessageW (hWnd=0x3702da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0309.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0309.819] IsAppThemed () returned 0x1
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2d66d24 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0309.820] IsAppThemed () returned 0x1
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] IsAppThemed () returned 0x1
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] GetFocus () returned 0x3902d8
[0309.820] IsAppThemed () returned 0x1
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] IsAppThemed () returned 0x1
[0309.820] GetThemeAppProperties () returned 0x3
[0309.820] GetThemeAppProperties () returned 0x3
[0309.821] IsThemePartDefined () returned 0x1
[0309.821] IsAppThemed () returned 0x1
[0309.821] GetThemeAppProperties () returned 0x3
[0309.821] GetThemeAppProperties () returned 0x3
[0309.821] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0309.821] IsAppThemed () returned 0x1
[0309.821] GetThemeAppProperties () returned 0x3
[0309.821] GetThemeAppProperties () returned 0x3
[0309.821] IsAppThemed () returned 0x1
[0309.821] GetThemeAppProperties () returned 0x3
[0309.821] GetThemeAppProperties () returned 0x3
[0309.821] IsThemePartDefined () returned 0x1
[0309.821] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0309.821] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0309.821] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0309.821] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0309.821] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dff0) returned 0x0
[0309.821] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0309.821] LocalFree (hMem=0x11ee868) returned 0x0
[0309.821] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea60) returned 0x0
[0309.822] LocalFree (hMem=0x11eea60) returned 0x0
[0309.822] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0309.822] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e018) returned 0x0
[0309.822] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e008) returned 0x0
[0309.822] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0309.822] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0309.822] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0309.822] GetCurrentObject (hdc=0x54010781, type=0x1) returned 0xb00017
[0309.822] GetCurrentObject (hdc=0x54010781, type=0x2) returned 0x900010
[0309.822] GetCurrentObject (hdc=0x54010781, type=0x7) returned 0x4a0507fe
[0309.822] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.822] SaveDC (hdc=0x54010781) returned 1
[0309.822] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa00407de
[0309.822] GetClipRgn (hdc=0x54010781, hrgn=0xa00407de) returned 0
[0309.822] SelectClipRgn (hdc=0x54010781, hrgn=0x24040807) returned 2
[0309.822] DeleteObject (ho=0xa00407de) returned 1
[0309.822] DeleteObject (ho=0x24040807) returned 1
[0309.822] OffsetViewportOrgEx (in: hdc=0x54010781, x=0, y=0, lppt=0x2d673d4 | out: lppt=0x2d673d4) returned 1
[0309.823] DrawThemeParentBackground () returned 0x0
[0309.823] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0309.823] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0309.823] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.823] GetSystemMetrics (nIndex=42) returned 0
[0309.823] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7db34, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.823] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7db34) returned 0x18
[0309.823] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0309.823] GetCurrentObject (hdc=0x54010781, type=0x1) returned 0xb00017
[0309.823] GetCurrentObject (hdc=0x54010781, type=0x2) returned 0x900010
[0309.823] GetCurrentObject (hdc=0x54010781, type=0x7) returned 0x4a0507fe
[0309.823] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.823] SaveDC (hdc=0x54010781) returned 2
[0309.824] GetNearestColor (hdc=0x54010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.824] CreateSolidBrush (color=0xf0f0f0) returned 0x831007e1
[0309.824] FillRect (hDC=0x54010781, lprc=0xd7da38, hbr=0x831007e1) returned 1
[0309.824] DeleteObject (ho=0x831007e1) returned 1
[0309.824] RestoreDC (hdc=0x54010781, nSavedDC=-1) returned 1
[0309.824] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.824] GetSystemMetrics (nIndex=42) returned 0
[0309.824] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.824] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0309.824] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0309.824] GetCurrentObject (hdc=0x54010781, type=0x1) returned 0xb00017
[0309.824] GetCurrentObject (hdc=0x54010781, type=0x2) returned 0x900010
[0309.824] GetCurrentObject (hdc=0x54010781, type=0x7) returned 0x4a0507fe
[0309.824] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.824] SaveDC (hdc=0x54010781) returned 2
[0309.825] GetNearestColor (hdc=0x54010781, color=0xf0f0f0) returned 0xf0f0f0
[0309.825] CreateSolidBrush (color=0xf0f0f0) returned 0x841007e1
[0309.825] FillRect (hDC=0x54010781, lprc=0xd7d9d8, hbr=0x841007e1) returned 1
[0309.825] DeleteObject (ho=0x841007e1) returned 1
[0309.825] RestoreDC (hdc=0x54010781, nSavedDC=-1) returned 1
[0309.827] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.827] GetSystemMetrics (nIndex=42) returned 0
[0309.827] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7dad4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7dad4) returned 0x18
[0309.828] RestoreDC (hdc=0x54010781, nSavedDC=-1) returned 1
[0309.828] GdipReleaseDC (graphics=0x6600030, hdc=0x54010781) returned 0x0
[0309.828] IsAppThemed () returned 0x1
[0309.828] GetThemeAppProperties () returned 0x3
[0309.828] GetThemeAppProperties () returned 0x3
[0309.828] IsAppThemed () returned 0x1
[0309.828] GetThemeAppProperties () returned 0x3
[0309.828] GetThemeAppProperties () returned 0x3
[0309.828] IsThemePartDefined () returned 0x1
[0309.828] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0309.828] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0309.828] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0309.828] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0309.828] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df74) returned 0x0
[0309.828] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.828] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0309.829] LocalFree (hMem=0x11eec58) returned 0x0
[0309.829] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0309.829] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee9f0) returned 0x0
[0309.829] LocalFree (hMem=0x11ee9f0) returned 0x0
[0309.829] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0309.829] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0309.829] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0309.829] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0309.829] GdipDeleteRegion (region=0x6646838) returned 0x0
[0309.829] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0309.829] GetCurrentObject (hdc=0x54010781, type=0x1) returned 0xb00017
[0309.829] GetCurrentObject (hdc=0x54010781, type=0x2) returned 0x900010
[0309.829] GetCurrentObject (hdc=0x54010781, type=0x7) returned 0x4a0507fe
[0309.829] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.829] SaveDC (hdc=0x54010781) returned 1
[0309.829] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x25040807
[0309.829] GetClipRgn (hdc=0x54010781, hrgn=0x25040807) returned 0
[0309.830] SelectClipRgn (hdc=0x54010781, hrgn=0xa20407de) returned 2
[0309.830] DeleteObject (ho=0x25040807) returned 1
[0309.830] DeleteObject (ho=0xa20407de) returned 1
[0309.830] OffsetViewportOrgEx (in: hdc=0x54010781, x=0, y=0, lppt=0x2d67d58 | out: lppt=0x2d67d58) returned 1
[0309.830] IsAppThemed () returned 0x1
[0309.830] GetThemeAppProperties () returned 0x3
[0309.830] GetThemeAppProperties () returned 0x3
[0309.830] DrawThemeBackground () returned 0x0
[0309.830] RestoreDC (hdc=0x54010781, nSavedDC=-1) returned 1
[0309.830] GdipReleaseDC (graphics=0x6600030, hdc=0x54010781) returned 0x0
[0309.830] GdipCreateRegion (region=0xd7df60) returned 0x0
[0309.830] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0309.830] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0309.830] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0309.830] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0309.830] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.831] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0309.831] LocalFree (hMem=0x11ee788) returned 0x0
[0309.831] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.831] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0309.831] LocalFree (hMem=0x11ee788) returned 0x0
[0309.831] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0309.831] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0309.831] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0309.831] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0309.831] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0309.831] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0309.831] GetCurrentObject (hdc=0x54010781, type=0x1) returned 0xb00017
[0309.831] GetCurrentObject (hdc=0x54010781, type=0x2) returned 0x900010
[0309.831] GetCurrentObject (hdc=0x54010781, type=0x7) returned 0x4a0507fe
[0309.831] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.831] SaveDC (hdc=0x54010781) returned 1
[0309.832] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa30407de
[0309.832] GetClipRgn (hdc=0x54010781, hrgn=0xa30407de) returned 0
[0309.832] SelectClipRgn (hdc=0x54010781, hrgn=0x26040807) returned 2
[0309.832] DeleteObject (ho=0xa30407de) returned 1
[0309.832] DeleteObject (ho=0x26040807) returned 1
[0309.832] OffsetViewportOrgEx (in: hdc=0x54010781, x=0, y=0, lppt=0x2d6802c | out: lppt=0x2d6802c) returned 1
[0309.832] IsAppThemed () returned 0x1
[0309.832] GetThemeAppProperties () returned 0x3
[0309.832] GetThemeAppProperties () returned 0x3
[0309.832] GetThemeBackgroundContentRect () returned 0x0
[0309.832] RestoreDC (hdc=0x54010781, nSavedDC=-1) returned 1
[0309.832] GdipReleaseDC (graphics=0x6600030, hdc=0x54010781) returned 0x0
[0309.832] IsAppThemed () returned 0x1
[0309.832] GetThemeAppProperties () returned 0x3
[0309.832] GetThemeAppProperties () returned 0x3
[0309.832] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0309.833] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0309.833] GetCurrentObject (hdc=0x54010781, type=0x1) returned 0xb00017
[0309.833] GetCurrentObject (hdc=0x54010781, type=0x2) returned 0x900010
[0309.833] GetCurrentObject (hdc=0x54010781, type=0x7) returned 0x4a0507fe
[0309.833] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.833] SaveDC (hdc=0x54010781) returned 1
[0309.833] GetTextAlign (hdc=0x54010781) returned 0x0
[0309.833] GetTextColor (hdc=0x54010781) returned 0x0
[0309.833] GetCurrentObject (hdc=0x54010781, type=0x6) returned 0x8a01c2
[0309.833] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0309.833] SelectObject (hdc=0x54010781, h=0x6d0a0520) returned 0x8a01c2
[0309.833] GetBkMode (hdc=0x54010781) returned 2
[0309.833] SetBkMode (hdc=0x54010781, mode=1) returned 2
[0309.834] DrawTextExW (in: hdc=0x54010781, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2d683cc | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0309.834] DrawTextExW (in: hdc=0x54010781, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d683cc | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0309.834] RestoreDC (hdc=0x54010781, nSavedDC=-1) returned 1
[0309.834] GdipReleaseDC (graphics=0x6600030, hdc=0x54010781) returned 0x0
[0309.834] GetFocus () returned 0x3902d8
[0309.834] IsAppThemed () returned 0x1
[0309.834] GetThemeAppProperties () returned 0x3
[0309.834] GetThemeAppProperties () returned 0x3
[0309.835] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0309.835] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x54010781, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.835] GdipReleaseDC (graphics=0x6600030, hdc=0x54010781) returned 0x0
[0309.835] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.835] SelectObject (hdc=0x54010781, h=0x85000f) returned 0x4a0507fe
[0309.835] DeleteDC (hdc=0x54010781) returned 1
[0309.835] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.835] EndPaint (hWnd=0x2c02d0, lpPaint=0xd7e24c) returned 1
[0309.836] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.856] IsWindowUnicode (hWnd=0x602c4) returned 1
[0309.856] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.856] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.856] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.856] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0309.857] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.857] CreateCompatibleDC (hdc=0xc0107c5) returned 0x400107e6
[0309.857] SelectObject (hdc=0x400107e6, h=0x4a0507fe) returned 0x85000f
[0309.857] GdipCreateFromHDC (hdc=0x400107e6, graphics=0xd7e268) returned 0x0
[0309.857] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.857] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0309.857] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0309.857] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0309.857] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0309.857] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0309.857] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eed00) returned 0x0
[0309.858] LocalFree (hMem=0x11eed00) returned 0x0
[0309.858] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0309.858] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0309.858] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0309.858] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0309.858] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0309.858] GdipRestoreGraphics (graphics=0x6600030, state=0xf5320dbd) returned 0x0
[0309.858] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0309.858] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0309.858] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0309.858] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0309.858] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0309.858] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0309.858] SaveDC (hdc=0x400107e6) returned 1
[0309.858] GetNearestColor (hdc=0x400107e6, color=0xff) returned 0xff
[0309.859] GetNearestColor (hdc=0x400107e6, color=0x55) returned 0x55
[0309.859] GetNearestColor (hdc=0x400107e6, color=0x0) returned 0x0
[0309.859] GetNearestColor (hdc=0x400107e6, color=0x55) returned 0x55
[0309.859] GetNearestColor (hdc=0x400107e6, color=0x0) returned 0x0
[0309.859] GetNearestColor (hdc=0x400107e6, color=0x8080ff) returned 0x8080ff
[0309.859] GetNearestColor (hdc=0x400107e6, color=0x7373e5) returned 0x7373e5
[0309.859] GetNearestColor (hdc=0x400107e6, color=0xe5) returned 0xe5
[0309.859] GetNearestColor (hdc=0x400107e6, color=0x0) returned 0x0
[0309.859] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0309.859] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0309.859] IsAppThemed () returned 0x1
[0309.859] GetThemeAppProperties () returned 0x3
[0309.859] GetThemeAppProperties () returned 0x3
[0309.859] IsAppThemed () returned 0x1
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2d68b94 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0309.860] IsAppThemed () returned 0x1
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] IsAppThemed () returned 0x1
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] GetFocus () returned 0x3902d8
[0309.860] IsAppThemed () returned 0x1
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] GetThemeAppProperties () returned 0x3
[0309.860] IsAppThemed () returned 0x1
[0309.861] GetThemeAppProperties () returned 0x3
[0309.861] GetThemeAppProperties () returned 0x3
[0309.861] IsThemePartDefined () returned 0x1
[0309.861] IsAppThemed () returned 0x1
[0309.865] GetThemeAppProperties () returned 0x3
[0309.865] GetThemeAppProperties () returned 0x3
[0309.865] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0309.865] IsAppThemed () returned 0x1
[0309.865] GetThemeAppProperties () returned 0x3
[0309.865] GetThemeAppProperties () returned 0x3
[0309.865] IsAppThemed () returned 0x1
[0309.865] GetThemeAppProperties () returned 0x3
[0309.865] GetThemeAppProperties () returned 0x3
[0309.865] IsThemePartDefined () returned 0x1
[0309.865] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0309.865] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0309.865] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0309.865] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0309.865] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0309.865] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.865] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0309.865] LocalFree (hMem=0x11eec58) returned 0x0
[0309.866] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0309.866] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0309.866] LocalFree (hMem=0x11ee9f0) returned 0x0
[0309.866] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0309.866] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e018) returned 0x0
[0309.866] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e008) returned 0x0
[0309.866] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0309.866] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0309.866] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0309.866] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0309.866] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0309.866] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0309.866] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0309.866] SaveDC (hdc=0x400107e6) returned 1
[0309.866] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x27040807
[0309.866] GetClipRgn (hdc=0x400107e6, hrgn=0x27040807) returned 0
[0309.867] SelectClipRgn (hdc=0x400107e6, hrgn=0xa70407de) returned 2
[0309.867] DeleteObject (ho=0x27040807) returned 1
[0309.867] DeleteObject (ho=0xa70407de) returned 1
[0309.867] OffsetViewportOrgEx (in: hdc=0x400107e6, x=0, y=0, lppt=0x2d69244 | out: lppt=0x2d69244) returned 1
[0309.867] DrawThemeParentBackground () returned 0x0
[0309.867] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0309.867] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0309.867] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.867] GetSystemMetrics (nIndex=42) returned 0
[0309.867] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.867] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0309.867] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0309.867] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0309.868] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0309.868] SelectPalette (hdc=0x400107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.868] GdipCreateFromHDC (hdc=0x400107e6, graphics=0xd7dac8) returned 0x0
[0309.868] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0309.868] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0309.868] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638cc8) returned 0x0
[0309.868] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7daa0) returned 0x0
[0309.868] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0309.868] GdipCreateRegion (region=0xd7da88) returned 0x0
[0309.868] GdipGetClip (graphics=0x66376e0, region=0x6646568) returned 0x0
[0309.868] GdipIsInfiniteRegion (region=0x6646568, graphics=0x66376e0, result=0xd7da94) returned 0x0
[0309.868] GdipDeleteRegion (region=0x6646568) returned 0x0
[0309.868] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dac0) returned 0x0
[0309.868] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0309.883] GdipFillRectangleI (graphics=0x66376e0, brush=0x664db50, x=0, y=0, width=801, height=453) returned 0x0
[0309.883] GdipDeleteBrush (brush=0x664db50) returned 0x0
[0309.885] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0309.885] SelectPalette (hdc=0x400107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.885] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.885] GetSystemMetrics (nIndex=42) returned 0
[0309.885] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0309.885] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0309.885] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0309.885] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0309.886] SelectPalette (hdc=0x400107e6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.886] GdipCreateFromHDC (hdc=0x400107e6, graphics=0xd7da68) returned 0x0
[0309.886] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0309.886] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0309.886] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638c38) returned 0x0
[0309.886] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7da40) returned 0x0
[0309.886] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0309.886] GdipCreateRegion (region=0xd7da28) returned 0x0
[0309.886] GdipGetClip (graphics=0x66376e0, region=0x66463b8) returned 0x0
[0309.886] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x66376e0, result=0xd7da34) returned 0x0
[0309.886] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0309.886] GdipSaveGraphics (graphics=0x66376e0, state=0xd7da60) returned 0x0
[0309.886] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0309.894] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0309.894] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0309.896] GdipRestoreGraphics (graphics=0x66376e0, state=0xf52e0dbd) returned 0x0
[0309.896] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0309.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0309.896] GetSystemMetrics (nIndex=42) returned 0
[0309.896] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0309.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0309.896] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0309.896] SelectPalette (hdc=0x400107e6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.897] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0309.897] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0309.897] IsAppThemed () returned 0x1
[0309.897] GetThemeAppProperties () returned 0x3
[0309.897] GetThemeAppProperties () returned 0x3
[0309.897] IsAppThemed () returned 0x1
[0309.897] GetThemeAppProperties () returned 0x3
[0309.897] GetThemeAppProperties () returned 0x3
[0309.897] IsThemePartDefined () returned 0x1
[0309.897] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0309.897] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0309.897] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0309.897] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0309.897] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0309.897] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0309.897] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0309.898] LocalFree (hMem=0x11ee9f0) returned 0x0
[0309.898] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.898] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eec58) returned 0x0
[0309.898] LocalFree (hMem=0x11eec58) returned 0x0
[0309.898] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0309.898] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0309.898] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0309.898] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0309.898] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0309.898] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0309.898] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0309.898] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0309.898] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0309.898] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0309.898] SaveDC (hdc=0x400107e6) returned 1
[0309.898] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa80407de
[0309.899] GetClipRgn (hdc=0x400107e6, hrgn=0xa80407de) returned 0
[0309.899] SelectClipRgn (hdc=0x400107e6, hrgn=0x29040807) returned 2
[0309.899] DeleteObject (ho=0xa80407de) returned 1
[0309.899] DeleteObject (ho=0x29040807) returned 1
[0309.899] OffsetViewportOrgEx (in: hdc=0x400107e6, x=0, y=0, lppt=0x2d6fa94 | out: lppt=0x2d6fa94) returned 1
[0309.899] IsAppThemed () returned 0x1
[0309.899] GetThemeAppProperties () returned 0x3
[0309.899] GetThemeAppProperties () returned 0x3
[0309.899] DrawThemeBackground () returned 0x0
[0309.899] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0309.899] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0309.899] GdipCreateRegion (region=0xd7df60) returned 0x0
[0309.899] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0309.899] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0309.899] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0309.899] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0309.899] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.900] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0309.900] LocalFree (hMem=0x11ee788) returned 0x0
[0309.900] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0309.900] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0309.900] LocalFree (hMem=0x11ee8d8) returned 0x0
[0309.900] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0309.900] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0309.900] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df90) returned 0x0
[0309.900] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0309.900] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0309.900] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0309.900] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0309.900] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0309.900] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0309.900] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0309.900] SaveDC (hdc=0x400107e6) returned 1
[0309.900] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2a040807
[0309.900] GetClipRgn (hdc=0x400107e6, hrgn=0x2a040807) returned 0
[0309.901] SelectClipRgn (hdc=0x400107e6, hrgn=0xa90407de) returned 2
[0309.901] DeleteObject (ho=0x2a040807) returned 1
[0309.901] DeleteObject (ho=0xa90407de) returned 1
[0309.901] OffsetViewportOrgEx (in: hdc=0x400107e6, x=0, y=0, lppt=0x2d6fd68 | out: lppt=0x2d6fd68) returned 1
[0309.901] IsAppThemed () returned 0x1
[0309.901] GetThemeAppProperties () returned 0x3
[0309.901] GetThemeAppProperties () returned 0x3
[0309.901] GetThemeBackgroundContentRect () returned 0x0
[0309.901] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0309.901] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0309.901] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0309.901] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0309.901] GdipFillRectangleI (graphics=0x6600030, brush=0x6640d78, x=4, y=4, width=67, height=15) returned 0x0
[0309.901] GdipDeleteBrush (brush=0x6640d78) returned 0x0
[0309.901] IsAppThemed () returned 0x1
[0309.901] GetThemeAppProperties () returned 0x3
[0309.901] GetThemeAppProperties () returned 0x3
[0309.901] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0309.901] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0309.901] GetCurrentObject (hdc=0x400107e6, type=0x1) returned 0xb00017
[0309.902] GetCurrentObject (hdc=0x400107e6, type=0x2) returned 0x900010
[0309.902] GetCurrentObject (hdc=0x400107e6, type=0x7) returned 0x4a0507fe
[0309.902] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0309.902] SaveDC (hdc=0x400107e6) returned 1
[0309.902] GetTextAlign (hdc=0x400107e6) returned 0x0
[0309.902] GetTextColor (hdc=0x400107e6) returned 0x0
[0309.902] GetCurrentObject (hdc=0x400107e6, type=0x6) returned 0x8a01c2
[0309.902] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0309.902] SelectObject (hdc=0x400107e6, h=0x6d0a0520) returned 0x8a01c2
[0309.902] GetBkMode (hdc=0x400107e6) returned 2
[0309.902] SetBkMode (hdc=0x400107e6, mode=1) returned 2
[0309.902] DrawTextExW (in: hdc=0x400107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2d7012c | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0309.903] DrawTextExW (in: hdc=0x400107e6, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2d7012c | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0309.910] RestoreDC (hdc=0x400107e6, nSavedDC=-1) returned 1
[0309.910] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0309.910] GetFocus () returned 0x3902d8
[0309.910] IsAppThemed () returned 0x1
[0309.910] GetThemeAppProperties () returned 0x3
[0309.910] GetThemeAppProperties () returned 0x3
[0309.910] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0309.910] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x400107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.910] GdipReleaseDC (graphics=0x6600030, hdc=0x400107e6) returned 0x0
[0309.910] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.910] SelectObject (hdc=0x400107e6, h=0x85000f) returned 0x4a0507fe
[0309.911] DeleteDC (hdc=0x400107e6) returned 1
[0309.911] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.911] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0309.911] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.911] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0309.911] IsWindowUnicode (hWnd=0x3702de) returned 1
[0309.911] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.911] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0309.912] GetDlgItem (hDlg=0x3702da, nIDDlgItem=0) returned 0x0
[0309.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x210, wParam=0x201, lParam=0x68010d) returned 0x0
[0309.912] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x21, wParam=0x3702da, lParam=0x2010001) returned 0x1
[0309.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x21, wParam=0x3702da, lParam=0x2010001) returned 0x1
[0309.912] SetCursor (hCursor=0x10003) returned 0x10003
[0309.912] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.912] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.912] GetKeyState (nVirtKey=1) returned -127
[0309.912] GetKeyState (nVirtKey=2) returned 0
[0309.912] GetKeyState (nVirtKey=4) returned 0
[0309.912] GetKeyState (nVirtKey=5) returned 0
[0309.912] GetKeyState (nVirtKey=6) returned 0
[0309.912] IsWindowVisible (hWnd=0x3702de) returned 1
[0309.912] IsWindowEnabled (hWnd=0x3702de) returned 1
[0309.912] SetFocus (hWnd=0x3702de) returned 0x3902d8
[0309.913] GetFocus () returned 0x3702de
[0309.913] IsChild (hWndParent=0x3702da, hWnd=0x3702de) returned 1
[0309.914] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x8, wParam=0x3702de, lParam=0x0) returned 0x0
[0309.914] GetCapture () returned 0x0
[0309.914] InvalidateRect (hWnd=0x3902d8, lpRect=0x0, bErase=0) returned 1
[0309.915] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0309.916] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0309.918] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.918] InvalidateRect (hWnd=0x3902d8, lpRect=0x0, bErase=0) returned 1
[0309.918] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0309.918] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x7, wParam=0x3902d8, lParam=0x0) returned 0x0
[0309.918] GetStockObject (i=5) returned 0x900015
[0309.919] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0309.919] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0309.919] GetDlgItem (hDlg=0x3702da, nIDDlgItem=3605214) returned 0x3702de
[0309.919] SendMessageW (hWnd=0x3702de, Msg=0x202b, wParam=0x3702de, lParam=0xd7dddc) returned 0x0
[0309.919] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x202b, wParam=0x3702de, lParam=0xd7dddc) returned 0x0
[0309.919] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0309.922] GetFocus () returned 0x3702de
[0309.922] GetFocus () returned 0x3702de
[0309.922] GetFocus () returned 0x3702de
[0309.922] GetKeyState (nVirtKey=1) returned -127
[0309.922] GetKeyState (nVirtKey=2) returned 0
[0309.922] GetKeyState (nVirtKey=4) returned 0
[0309.922] GetKeyState (nVirtKey=5) returned 0
[0309.922] GetKeyState (nVirtKey=6) returned 0
[0309.922] GetCapture () returned 0x0
[0309.922] SetCapture (hWnd=0x3702de) returned 0x0
[0309.922] GetKeyState (nVirtKey=1) returned -127
[0309.922] GetKeyState (nVirtKey=2) returned 0
[0309.922] GetKeyState (nVirtKey=4) returned 0
[0309.923] GetKeyState (nVirtKey=5) returned 0
[0309.923] GetKeyState (nVirtKey=6) returned 0
[0309.923] NotifyWinEvent (event=0x800a, hwnd=0x3702de, idObject=-4, idChild=0)
[0309.923] InvalidateRect (hWnd=0x3702de, lpRect=0xd7e430, bErase=0) returned 1
[0309.923] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.923] IsWindowUnicode (hWnd=0x3702de) returned 1
[0309.923] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.923] TranslateMessage (lpMsg=0xd7e808) returned 0
[0309.923] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0309.923] MapWindowPoints (in: hWndFrom=0x3702de, hWndTo=0x0, lpPoints=0x2d7031c, cPoints=0x1 | out: lpPoints=0x2d7031c) returned 30999254
[0309.923] NotifyWinEvent (event=0x800a, hwnd=0x3702de, idObject=-4, idChild=0)
[0309.923] InvalidateRect (hWnd=0x3702de, lpRect=0xd7e3d0, bErase=0) returned 1
[0309.923] UpdateWindow (hWnd=0x3702de) returned 1
[0309.923] BeginPaint (in: hWnd=0x3702de, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x60100ce
[0309.924] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0309.924] CreateCompatibleDC (hdc=0x60100ce) returned 0x410107e6
[0309.924] SelectObject (hdc=0x410107e6, h=0x4a0507fe) returned 0x85000f
[0309.924] GdipCreateFromHDC (hdc=0x410107e6, graphics=0xd7df00) returned 0x0
[0309.924] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0309.924] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0309.924] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0309.924] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0309.924] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df60) returned 0x0
[0309.924] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0309.924] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0309.925] LocalFree (hMem=0x11ee788) returned 0x0
[0309.925] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0309.925] GdipCreateRegion (region=0xd7df48) returned 0x0
[0309.925] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0309.925] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0309.925] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0309.925] GdipRestoreGraphics (graphics=0x6600030, state=0xf52c0dbd) returned 0x0
[0309.925] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0309.925] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0309.925] GetCurrentObject (hdc=0x410107e6, type=0x1) returned 0xb00017
[0309.925] GetCurrentObject (hdc=0x410107e6, type=0x2) returned 0x900010
[0309.925] GetCurrentObject (hdc=0x410107e6, type=0x7) returned 0x4a0507fe
[0309.925] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.925] SaveDC (hdc=0x410107e6) returned 1
[0309.925] GetNearestColor (hdc=0x410107e6, color=0xf0f0f0) returned 0xf0f0f0
[0309.926] GetNearestColor (hdc=0x410107e6, color=0xa0a0a0) returned 0xa0a0a0
[0309.926] GetNearestColor (hdc=0x410107e6, color=0x696969) returned 0x696969
[0309.926] GetNearestColor (hdc=0x410107e6, color=0xa0a0a0) returned 0xa0a0a0
[0309.926] GetNearestColor (hdc=0x410107e6, color=0x0) returned 0x0
[0309.926] GetNearestColor (hdc=0x410107e6, color=0xffffff) returned 0xffffff
[0309.926] GetNearestColor (hdc=0x410107e6, color=0xe5e5e5) returned 0xe5e5e5
[0309.926] GetNearestColor (hdc=0x410107e6, color=0xd7d7d7) returned 0xd7d7d7
[0309.926] GetNearestColor (hdc=0x410107e6, color=0x0) returned 0x0
[0309.926] RestoreDC (hdc=0x410107e6, nSavedDC=-1) returned 1
[0309.926] GdipReleaseDC (graphics=0x6600030, hdc=0x410107e6) returned 0x0
[0309.926] IsAppThemed () returned 0x1
[0309.926] GetThemeAppProperties () returned 0x3
[0309.926] GetThemeAppProperties () returned 0x3
[0309.926] IsAppThemed () returned 0x1
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2d70a74 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0309.927] IsAppThemed () returned 0x1
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] IsAppThemed () returned 0x1
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] IsAppThemed () returned 0x1
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] GetThemeAppProperties () returned 0x3
[0309.927] IsAppThemed () returned 0x1
[0309.927] GetThemeAppProperties () returned 0x3
[0309.928] GetThemeAppProperties () returned 0x3
[0309.928] IsThemePartDefined () returned 0x1
[0309.928] IsAppThemed () returned 0x1
[0309.928] GetThemeAppProperties () returned 0x3
[0309.928] GetThemeAppProperties () returned 0x3
[0309.928] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0309.928] IsAppThemed () returned 0x1
[0309.928] GetThemeAppProperties () returned 0x3
[0309.928] GetThemeAppProperties () returned 0x3
[0309.928] IsAppThemed () returned 0x1
[0309.928] GetThemeAppProperties () returned 0x3
[0309.928] GetThemeAppProperties () returned 0x3
[0309.928] IsThemePartDefined () returned 0x1
[0309.928] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0309.928] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0309.928] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0309.928] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0309.928] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dc7c) returned 0x0
[0309.928] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0309.928] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0309.929] LocalFree (hMem=0x11eea28) returned 0x0
[0309.929] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0309.929] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0309.929] LocalFree (hMem=0x11ee910) returned 0x0
[0309.929] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0309.929] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0309.929] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0309.929] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0309.929] GdipDeleteRegion (region=0x6646568) returned 0x0
[0309.929] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0309.929] GetCurrentObject (hdc=0x410107e6, type=0x1) returned 0xb00017
[0309.929] GetCurrentObject (hdc=0x410107e6, type=0x2) returned 0x900010
[0309.929] GetCurrentObject (hdc=0x410107e6, type=0x7) returned 0x4a0507fe
[0309.929] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.929] SaveDC (hdc=0x410107e6) returned 1
[0309.929] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xaa0407de
[0309.930] GetClipRgn (hdc=0x410107e6, hrgn=0xaa0407de) returned 0
[0309.930] SelectClipRgn (hdc=0x410107e6, hrgn=0x2e040807) returned 2
[0309.930] DeleteObject (ho=0xaa0407de) returned 1
[0309.930] DeleteObject (ho=0x2e040807) returned 1
[0309.930] OffsetViewportOrgEx (in: hdc=0x410107e6, x=0, y=0, lppt=0x2d71124 | out: lppt=0x2d71124) returned 1
[0309.930] DrawThemeParentBackground () returned 0x0
[0309.930] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0309.930] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0309.930] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.930] GetSystemMetrics (nIndex=42) returned 0
[0309.930] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7d7c4, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7d7c4) returned 0x18
[0309.930] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0309.930] GetCurrentObject (hdc=0x410107e6, type=0x1) returned 0xb00017
[0309.931] GetCurrentObject (hdc=0x410107e6, type=0x2) returned 0x900010
[0309.931] GetCurrentObject (hdc=0x410107e6, type=0x7) returned 0x4a0507fe
[0309.931] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.931] SaveDC (hdc=0x410107e6) returned 2
[0309.931] GetNearestColor (hdc=0x410107e6, color=0xf0f0f0) returned 0xf0f0f0
[0309.931] CreateSolidBrush (color=0xf0f0f0) returned 0x851007e1
[0309.931] FillRect (hDC=0x410107e6, lprc=0xd7d6c8, hbr=0x851007e1) returned 1
[0309.931] DeleteObject (ho=0x851007e1) returned 1
[0309.931] RestoreDC (hdc=0x410107e6, nSavedDC=-1) returned 1
[0309.931] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.931] GetSystemMetrics (nIndex=42) returned 0
[0309.931] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0309.932] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0309.932] GetCurrentObject (hdc=0x410107e6, type=0x1) returned 0xb00017
[0309.932] GetCurrentObject (hdc=0x410107e6, type=0x2) returned 0x900010
[0309.932] GetCurrentObject (hdc=0x410107e6, type=0x7) returned 0x4a0507fe
[0309.932] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.932] SaveDC (hdc=0x410107e6) returned 2
[0309.932] GetNearestColor (hdc=0x410107e6, color=0xf0f0f0) returned 0xf0f0f0
[0309.932] CreateSolidBrush (color=0xf0f0f0) returned 0x861007e1
[0309.932] FillRect (hDC=0x410107e6, lprc=0xd7d668, hbr=0x861007e1) returned 1
[0309.932] DeleteObject (ho=0x861007e1) returned 1
[0309.932] RestoreDC (hdc=0x410107e6, nSavedDC=-1) returned 1
[0309.932] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0309.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0309.932] GetSystemMetrics (nIndex=42) returned 0
[0309.932] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7d764, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0309.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7d764) returned 0x18
[0309.933] RestoreDC (hdc=0x410107e6, nSavedDC=-1) returned 1
[0309.933] GdipReleaseDC (graphics=0x6600030, hdc=0x410107e6) returned 0x0
[0309.933] IsAppThemed () returned 0x1
[0309.933] GetThemeAppProperties () returned 0x3
[0309.933] GetThemeAppProperties () returned 0x3
[0309.933] IsAppThemed () returned 0x1
[0309.933] GetThemeAppProperties () returned 0x3
[0309.933] GetThemeAppProperties () returned 0x3
[0309.933] IsThemePartDefined () returned 0x1
[0309.933] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0309.933] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0309.933] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0309.933] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0309.933] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc00) returned 0x0
[0309.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.933] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0309.934] LocalFree (hMem=0x11eec58) returned 0x0
[0309.934] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.934] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0309.934] LocalFree (hMem=0x11ee868) returned 0x0
[0309.934] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0309.934] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0309.934] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0309.934] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0309.934] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0309.934] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0309.934] GetCurrentObject (hdc=0x410107e6, type=0x1) returned 0xb00017
[0309.934] GetCurrentObject (hdc=0x410107e6, type=0x2) returned 0x900010
[0309.934] GetCurrentObject (hdc=0x410107e6, type=0x7) returned 0x4a0507fe
[0309.940] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.941] SaveDC (hdc=0x410107e6) returned 1
[0309.941] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2f040807
[0309.941] GetClipRgn (hdc=0x410107e6, hrgn=0x2f040807) returned 0
[0309.941] SelectClipRgn (hdc=0x410107e6, hrgn=0xac0407de) returned 2
[0309.941] DeleteObject (ho=0x2f040807) returned 1
[0309.941] DeleteObject (ho=0xac0407de) returned 1
[0309.941] OffsetViewportOrgEx (in: hdc=0x410107e6, x=0, y=0, lppt=0x2d71aa8 | out: lppt=0x2d71aa8) returned 1
[0309.941] IsAppThemed () returned 0x1
[0309.941] GetThemeAppProperties () returned 0x3
[0309.941] GetThemeAppProperties () returned 0x3
[0309.941] DrawThemeBackground () returned 0x0
[0309.941] RestoreDC (hdc=0x410107e6, nSavedDC=-1) returned 1
[0309.941] GdipReleaseDC (graphics=0x6600030, hdc=0x410107e6) returned 0x0
[0309.941] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0309.941] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0309.942] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0309.942] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0309.942] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7dc04) returned 0x0
[0309.942] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0309.942] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0309.942] LocalFree (hMem=0x11eec58) returned 0x0
[0309.942] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0309.942] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0309.942] LocalFree (hMem=0x11ee868) returned 0x0
[0309.942] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0309.942] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0309.942] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0309.942] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0309.942] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0309.942] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0309.942] GetCurrentObject (hdc=0x410107e6, type=0x1) returned 0xb00017
[0309.942] GetCurrentObject (hdc=0x410107e6, type=0x2) returned 0x900010
[0309.942] GetCurrentObject (hdc=0x410107e6, type=0x7) returned 0x4a0507fe
[0309.943] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.943] SaveDC (hdc=0x410107e6) returned 1
[0309.943] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xad0407de
[0309.943] GetClipRgn (hdc=0x410107e6, hrgn=0xad0407de) returned 0
[0309.943] SelectClipRgn (hdc=0x410107e6, hrgn=0x30040807) returned 2
[0309.943] DeleteObject (ho=0xad0407de) returned 1
[0309.943] DeleteObject (ho=0x30040807) returned 1
[0309.943] OffsetViewportOrgEx (in: hdc=0x410107e6, x=0, y=0, lppt=0x2d71d7c | out: lppt=0x2d71d7c) returned 1
[0309.943] IsAppThemed () returned 0x1
[0309.943] GetThemeAppProperties () returned 0x3
[0309.943] GetThemeAppProperties () returned 0x3
[0309.943] GetThemeBackgroundContentRect () returned 0x0
[0309.943] RestoreDC (hdc=0x410107e6, nSavedDC=-1) returned 1
[0309.943] GdipReleaseDC (graphics=0x6600030, hdc=0x410107e6) returned 0x0
[0309.943] IsAppThemed () returned 0x1
[0309.943] GetThemeAppProperties () returned 0x3
[0309.943] GetThemeAppProperties () returned 0x3
[0309.944] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0309.944] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0309.944] GetCurrentObject (hdc=0x410107e6, type=0x1) returned 0xb00017
[0309.944] GetCurrentObject (hdc=0x410107e6, type=0x2) returned 0x900010
[0309.944] GetCurrentObject (hdc=0x410107e6, type=0x7) returned 0x4a0507fe
[0309.944] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.944] SaveDC (hdc=0x410107e6) returned 1
[0309.944] GetTextAlign (hdc=0x410107e6) returned 0x0
[0309.944] GetTextColor (hdc=0x410107e6) returned 0x0
[0309.944] GetCurrentObject (hdc=0x410107e6, type=0x6) returned 0x8a01c2
[0309.944] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0309.944] SelectObject (hdc=0x410107e6, h=0x6d0a0520) returned 0x8a01c2
[0309.944] GetBkMode (hdc=0x410107e6) returned 2
[0309.944] SetBkMode (hdc=0x410107e6, mode=1) returned 2
[0309.945] DrawTextExW (in: hdc=0x410107e6, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2d7211c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0309.945] DrawTextExW (in: hdc=0x410107e6, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2d7211c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0309.945] RestoreDC (hdc=0x410107e6, nSavedDC=-1) returned 1
[0309.945] GdipReleaseDC (graphics=0x6600030, hdc=0x410107e6) returned 0x0
[0309.945] GetFocus () returned 0x3702de
[0309.945] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0309.945] SendMessageW (hWnd=0x3702da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0309.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0309.946] IsAppThemed () returned 0x1
[0309.946] GetThemeAppProperties () returned 0x3
[0309.946] GetThemeAppProperties () returned 0x3
[0309.946] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0309.946] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x410107e6, x1=0, y1=0, rop=0xcc0020) returned 1
[0309.946] GdipReleaseDC (graphics=0x6600030, hdc=0x410107e6) returned 0x0
[0309.946] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0309.946] SelectObject (hdc=0x410107e6, h=0x85000f) returned 0x4a0507fe
[0309.946] DeleteDC (hdc=0x410107e6) returned 1
[0309.946] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0309.946] EndPaint (hWnd=0x3702de, lpPaint=0xd7dee4) returned 1
[0309.946] MapWindowPoints (in: hWndFrom=0x3702de, hWndTo=0x0, lpPoints=0x2d72218, cPoints=0x1 | out: lpPoints=0x2d72218) returned 30999254
[0309.947] WindowFromPoint (Point=0x302) returned 0x3702de
[0309.947] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0309.947] NotifyWinEvent (event=0x800a, hwnd=0x3702de, idObject=-4, idChild=0)
[0309.947] NotifyWinEvent (event=0x800c, hwnd=0x3702de, idObject=-4, idChild=0)
[0309.947] GetCapture () returned 0x3702de
[0309.947] ReleaseCapture () returned 1
[0309.947] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0309.947] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0309.948] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0309.948] IsWindow (hWnd=0x7005c) returned 1
[0309.948] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0309.955] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0309.955] IsWindow (hWnd=0x3702da) returned 1
[0309.955] SetActiveWindow (hWnd=0x3702da) returned 0x3702da
[0309.955] IsWindow (hWnd=0x3702da) returned 1
[0309.955] SetFocus (hWnd=0x3702da) returned 0x3702de
[0309.956] GetFocus () returned 0x3702da
[0309.956] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x8, wParam=0x3702da, lParam=0x0) returned 0x0
[0309.956] GetCapture () returned 0x0
[0309.956] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0309.957] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0309.958] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0309.960] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.960] GetFocus () returned 0x3702da
[0309.960] SetFocus (hWnd=0x3702de) returned 0x3702da
[0309.961] GetFocus () returned 0x3702de
[0309.961] IsChild (hWndParent=0x3702da, hWnd=0x3702de) returned 1
[0309.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x8, wParam=0x3702de, lParam=0x0) returned 0x0
[0309.962] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0309.963] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0309.965] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x7, wParam=0x3702da, lParam=0x0) returned 0x0
[0309.965] GetStockObject (i=5) returned 0x900015
[0309.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0309.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0309.965] GetDlgItem (hDlg=0x3702da, nIDDlgItem=3605214) returned 0x3702de
[0309.965] SendMessageW (hWnd=0x3702de, Msg=0x202b, wParam=0x3702de, lParam=0xd7ddcc) returned 0x0
[0309.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x202b, wParam=0x3702de, lParam=0xd7ddcc) returned 0x0
[0309.965] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0309.973] GetWindowLongW (hWnd=0x3702da, nIndex=-8) returned 458844
[0309.973] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0309.973] GetCurrentThreadId () returned 0xf50
[0309.973] IsWindow (hWnd=0x7005c) returned 1
[0309.973] IsWindow (hWnd=0x7005c) returned 1
[0309.973] IsWindowVisible (hWnd=0x7005c) returned 1
[0309.973] SetActiveWindow (hWnd=0x7005c) returned 0x3702da
[0309.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0309.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.975] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.976] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0309.977] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0309.978] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0309.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0309.978] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0309.978] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0309.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0309.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0309.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0309.979] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3702da) returned 0x1
[0309.989] GetFocus () returned 0x3702de
[0309.989] SetFocus (hWnd=0x602c4) returned 0x3702de
[0309.990] GetFocus () returned 0x602c4
[0309.990] IsChild (hWndParent=0x3702da, hWnd=0x602c4) returned 0
[0309.990] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0309.990] GetCapture () returned 0x0
[0309.990] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0309.991] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0309.993] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0309.994] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0309.995] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.995] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0309.995] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0309.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x3702de, lParam=0x0) returned 0x0
[0309.996] GetStockObject (i=5) returned 0x900015
[0309.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0309.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed800) returned 0xc
[0309.996] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0309.996] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0309.996] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0309.996] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0310.001] GetFocus () returned 0x602c4
[0310.001] IsChild (hWndParent=0x3702da, hWnd=0x602c4) returned 0
[0310.001] ShowWindow (hWnd=0x3702da, nCmdShow=0) returned 1
[0310.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0310.002] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0310.004] GetWindowPlacement (in: hWnd=0x3702da, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0310.004] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0310.004] GetClientRect (in: hWnd=0x3702da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0310.004] GetWindowRect (in: hWnd=0x3702da, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0310.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0310.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0310.005] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0310.006] GetWindowLongW (hWnd=0x3702da, nIndex=-20) returned 327945
[0310.006] DestroyWindow (hWnd=0x3702da) returned 1
[0310.006] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0310.007] GetWindowTextLengthW (hWnd=0x3702da) returned 24
[0310.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x18
[0310.007] GetSystemMetrics (nIndex=42) returned 0
[0310.007] GetWindowTextW (in: hWnd=0x3702da, lpString=0xd7e390, nMaxCount=25 | out: lpString="Microsoft .NET Framework") returned 24
[0310.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0xd, wParam=0x19, lParam=0xd7e390) returned 0x18
[0310.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0310.007] GetWindowTextLengthW (hWnd=0x3702dc) returned 0
[0310.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0310.007] GetSystemMetrics (nIndex=42) returned 0
[0310.007] GetWindowTextW (in: hWnd=0x3702dc, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0310.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0310.007] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0310.007] GetWindowThreadProcessId (in: hWnd=0x3102c8, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0310.007] GetWindow (hWnd=0x3102c8, uCmd=0x5) returned 0x0
[0310.008] GetWindowLongW (hWnd=0x3102c8, nIndex=-20) returned 65792
[0310.008] DestroyWindow (hWnd=0x3102c8) returned 1
[0310.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0310.008] GetWindowTextLengthW (hWnd=0x3102c8) returned 25
[0310.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0310.008] GetSystemMetrics (nIndex=42) returned 0
[0310.008] GetWindowTextW (in: hWnd=0x3102c8, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0310.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0310.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0310.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3102c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.009] GetWindowTextLengthW (hWnd=0x3a00ea) returned 232
[0310.009] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0310.009] GetSystemMetrics (nIndex=42) returned 0
[0310.009] GetWindowTextW (in: hWnd=0x3a00ea, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0310.009] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0310.009] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0310.010] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0310.010] InvalidateRect (hWnd=0x3702de, lpRect=0x0, bErase=0) returned 1
[0310.010] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0310.010] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0310.010] SendMessageW (hWnd=0x2d02ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0310.010] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0310.010] SendMessageW (hWnd=0x2d02ce, Msg=0xb0, wParam=0x2d3dda4, lParam=0xd7e480) returned 0x0
[0310.010] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0xb0, wParam=0x2d3dda4, lParam=0xd7e480) returned 0x0
[0310.010] GetWindowTextLengthW (hWnd=0x2d02ce) returned 4363
[0310.010] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0310.010] GetSystemMetrics (nIndex=42) returned 0
[0310.010] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0310.010] GetWindowTextW (in: hWnd=0x2d02ce, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0310.010] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0310.011] CoTaskMemFree (pv=0x1202960)
[0310.011] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0310.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.012] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.031] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.032] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3702de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.034] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2c02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.035] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2d02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3702da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0310.038] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.038] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.038] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.038] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.038] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.038] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.038] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0310.039] IsWindowUnicode (hWnd=0x7005c) returned 1
[0310.039] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0310.039] SetCursor (hCursor=0x10003) returned 0x10003
[0310.039] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.039] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.039] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0310.039] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0310.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0310.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0244) returned 0x0
[0310.039] GetKeyState (nVirtKey=1) returned 1
[0310.039] GetKeyState (nVirtKey=2) returned 0
[0310.039] GetKeyState (nVirtKey=4) returned 0
[0310.039] GetKeyState (nVirtKey=5) returned 0
[0310.039] GetKeyState (nVirtKey=6) returned 0
[0310.039] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0310.040] IsWindowUnicode (hWnd=0x7005c) returned 1
[0310.040] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.040] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.040] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.040] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0310.040] IsWindowUnicode (hWnd=0x7005c) returned 1
[0310.040] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.040] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e30302) returned 0x1
[0310.040] SetCursor (hCursor=0x10003) returned 0x10003
[0310.041] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.041] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e0244) returned 0x0
[0310.041] GetKeyState (nVirtKey=1) returned 1
[0310.041] GetKeyState (nVirtKey=2) returned 0
[0310.041] GetKeyState (nVirtKey=4) returned 0
[0310.041] GetKeyState (nVirtKey=5) returned 0
[0310.041] GetKeyState (nVirtKey=6) returned 0
[0310.041] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.041] IsWindowUnicode (hWnd=0x602c4) returned 1
[0310.041] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.041] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.041] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.041] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.042] IsWindowUnicode (hWnd=0x602c4) returned 1
[0310.042] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.042] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.042] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.042] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0310.042] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0310.042] CreateCompatibleDC (hdc=0x60100ce) returned 0x370106b6
[0310.042] SelectObject (hdc=0x370106b6, h=0x4a0507fe) returned 0x85000f
[0310.042] GdipCreateFromHDC (hdc=0x370106b6, graphics=0xd7e798) returned 0x0
[0310.043] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0310.043] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0310.043] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0310.043] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0310.043] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e7f8) returned 0x0
[0310.043] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0310.043] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eea98) returned 0x0
[0310.043] LocalFree (hMem=0x11eea98) returned 0x0
[0310.043] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0310.043] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0310.043] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0310.043] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0310.043] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0310.043] GdipRestoreGraphics (graphics=0x6600030, state=0xf52a0dbd) returned 0x0
[0310.043] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0310.043] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0310.043] GetCurrentObject (hdc=0x370106b6, type=0x1) returned 0xb00017
[0310.043] GetCurrentObject (hdc=0x370106b6, type=0x2) returned 0x900010
[0310.043] GetCurrentObject (hdc=0x370106b6, type=0x7) returned 0x4a0507fe
[0310.043] GetCurrentObject (hdc=0x370106b6, type=0x6) returned 0x8a01c2
[0310.043] SaveDC (hdc=0x370106b6) returned 1
[0310.044] GetNearestColor (hdc=0x370106b6, color=0xff) returned 0xff
[0310.044] GetNearestColor (hdc=0x370106b6, color=0x55) returned 0x55
[0310.044] GetNearestColor (hdc=0x370106b6, color=0x0) returned 0x0
[0310.059] GetNearestColor (hdc=0x370106b6, color=0x55) returned 0x55
[0310.062] GetNearestColor (hdc=0x370106b6, color=0x0) returned 0x0
[0310.062] GetNearestColor (hdc=0x370106b6, color=0x8080ff) returned 0x8080ff
[0310.062] GetNearestColor (hdc=0x370106b6, color=0x7373e5) returned 0x7373e5
[0310.062] GetNearestColor (hdc=0x370106b6, color=0xe5) returned 0xe5
[0310.062] GetNearestColor (hdc=0x370106b6, color=0x0) returned 0x0
[0310.062] RestoreDC (hdc=0x370106b6, nSavedDC=-1) returned 1
[0310.062] GdipReleaseDC (graphics=0x6600030, hdc=0x370106b6) returned 0x0
[0310.062] IsAppThemed () returned 0x1
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] IsAppThemed () returned 0x1
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2d79fcc | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0310.063] IsAppThemed () returned 0x1
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] IsAppThemed () returned 0x1
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] GetThemeAppProperties () returned 0x3
[0310.063] GetFocus () returned 0x602c4
[0310.064] IsAppThemed () returned 0x1
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] IsAppThemed () returned 0x1
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] IsThemePartDefined () returned 0x1
[0310.064] IsAppThemed () returned 0x1
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0310.064] IsAppThemed () returned 0x1
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] IsAppThemed () returned 0x1
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] GetThemeAppProperties () returned 0x3
[0310.064] IsThemePartDefined () returned 0x1
[0310.064] GdipCreateRegion (region=0xd7e508) returned 0x0
[0310.064] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0310.064] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0310.064] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0310.064] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e520) returned 0x0
[0310.064] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0310.064] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0310.064] LocalFree (hMem=0x11ee868) returned 0x0
[0310.065] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0310.065] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee868) returned 0x0
[0310.065] LocalFree (hMem=0x11ee868) returned 0x0
[0310.065] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0310.065] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0310.065] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0310.065] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0310.065] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0310.065] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0310.065] GetCurrentObject (hdc=0x370106b6, type=0x1) returned 0xb00017
[0310.065] GetCurrentObject (hdc=0x370106b6, type=0x2) returned 0x900010
[0310.065] GetCurrentObject (hdc=0x370106b6, type=0x7) returned 0x4a0507fe
[0310.065] GetCurrentObject (hdc=0x370106b6, type=0x6) returned 0x8a01c2
[0310.065] SaveDC (hdc=0x370106b6) returned 1
[0310.065] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x31040807
[0310.065] GetClipRgn (hdc=0x370106b6, hrgn=0x31040807) returned 0
[0310.065] SelectClipRgn (hdc=0x370106b6, hrgn=0xb10407de) returned 2
[0310.065] DeleteObject (ho=0x31040807) returned 1
[0310.065] DeleteObject (ho=0xb10407de) returned 1
[0310.065] OffsetViewportOrgEx (in: hdc=0x370106b6, x=0, y=0, lppt=0x2d7a67c | out: lppt=0x2d7a67c) returned 1
[0310.065] DrawThemeParentBackground () returned 0x0
[0310.066] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0310.066] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0310.066] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0310.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0310.066] GetSystemMetrics (nIndex=42) returned 0
[0310.066] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0310.066] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0310.066] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0310.066] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0310.066] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0310.066] SelectPalette (hdc=0x370106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0310.066] GdipCreateFromHDC (hdc=0x370106b6, graphics=0xd7dff8) returned 0x0
[0310.066] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0310.066] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0310.066] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638c68) returned 0x0
[0310.066] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfd0) returned 0x0
[0310.066] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0310.067] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0310.067] GdipGetClip (graphics=0x66376e0, region=0x6646cb8) returned 0x0
[0310.067] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x66376e0, result=0xd7dfc4) returned 0x0
[0310.067] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0310.067] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dff0) returned 0x0
[0310.067] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0310.073] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e3d8, x=0, y=0, width=801, height=453) returned 0x0
[0310.073] GdipDeleteBrush (brush=0x664e3d8) returned 0x0
[0310.074] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0310.074] SelectPalette (hdc=0x370106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0310.074] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0310.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0310.074] GetSystemMetrics (nIndex=42) returned 0
[0310.074] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0310.075] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0310.075] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0310.075] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0310.075] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0310.075] SelectPalette (hdc=0x370106b6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0310.075] GdipCreateFromHDC (hdc=0x370106b6, graphics=0xd7df98) returned 0x0
[0310.079] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0310.079] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0310.079] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638d58) returned 0x0
[0310.079] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df70) returned 0x0
[0310.079] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0310.079] GdipCreateRegion (region=0xd7df58) returned 0x0
[0310.079] GdipGetClip (graphics=0x66376e0, region=0x6646f88) returned 0x0
[0310.080] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x66376e0, result=0xd7df64) returned 0x0
[0310.080] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0310.080] GdipSaveGraphics (graphics=0x66376e0, state=0xd7df90) returned 0x0
[0310.080] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0310.086] GdipFillRectangleI (graphics=0x66376e0, brush=0x664def8, x=0, y=0, width=801, height=453) returned 0x0
[0310.086] GdipDeleteBrush (brush=0x664def8) returned 0x0
[0310.087] GdipRestoreGraphics (graphics=0x66376e0, state=0xf5260dbd) returned 0x0
[0310.087] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0310.087] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0310.087] GetSystemMetrics (nIndex=42) returned 0
[0310.087] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0310.087] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0310.087] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0310.088] SelectPalette (hdc=0x370106b6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0310.088] RestoreDC (hdc=0x370106b6, nSavedDC=-1) returned 1
[0310.088] GdipReleaseDC (graphics=0x6600030, hdc=0x370106b6) returned 0x0
[0310.088] IsAppThemed () returned 0x1
[0310.088] GetThemeAppProperties () returned 0x3
[0310.088] GetThemeAppProperties () returned 0x3
[0310.088] IsAppThemed () returned 0x1
[0310.088] GetThemeAppProperties () returned 0x3
[0310.088] GetThemeAppProperties () returned 0x3
[0310.088] IsThemePartDefined () returned 0x1
[0310.088] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0310.088] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0310.088] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0310.088] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0310.088] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e4a4) returned 0x0
[0310.088] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0310.088] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eec58) returned 0x0
[0310.088] LocalFree (hMem=0x11eec58) returned 0x0
[0310.088] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0310.088] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee868) returned 0x0
[0310.089] LocalFree (hMem=0x11ee868) returned 0x0
[0310.089] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0310.089] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0310.089] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0310.089] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0310.089] GdipDeleteRegion (region=0x6646328) returned 0x0
[0310.089] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0310.089] GetCurrentObject (hdc=0x370106b6, type=0x1) returned 0xb00017
[0310.089] GetCurrentObject (hdc=0x370106b6, type=0x2) returned 0x900010
[0310.089] GetCurrentObject (hdc=0x370106b6, type=0x7) returned 0x4a0507fe
[0310.089] GetCurrentObject (hdc=0x370106b6, type=0x6) returned 0x8a01c2
[0310.089] SaveDC (hdc=0x370106b6) returned 1
[0310.089] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb20407de
[0310.089] GetClipRgn (hdc=0x370106b6, hrgn=0xb20407de) returned 0
[0310.089] SelectClipRgn (hdc=0x370106b6, hrgn=0x33040807) returned 2
[0310.089] DeleteObject (ho=0xb20407de) returned 1
[0310.089] DeleteObject (ho=0x33040807) returned 1
[0310.089] OffsetViewportOrgEx (in: hdc=0x370106b6, x=0, y=0, lppt=0x2d80ecc | out: lppt=0x2d80ecc) returned 1
[0310.089] IsAppThemed () returned 0x1
[0310.089] GetThemeAppProperties () returned 0x3
[0310.089] GetThemeAppProperties () returned 0x3
[0310.089] DrawThemeBackground () returned 0x0
[0310.090] RestoreDC (hdc=0x370106b6, nSavedDC=-1) returned 1
[0310.090] GdipReleaseDC (graphics=0x6600030, hdc=0x370106b6) returned 0x0
[0310.090] GdipCreateRegion (region=0xd7e490) returned 0x0
[0310.090] GdipGetClip (graphics=0x6600030, region=0x6646f88) returned 0x0
[0310.090] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0310.090] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0310.090] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e4a8) returned 0x0
[0310.090] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0310.090] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0310.090] LocalFree (hMem=0x11ee788) returned 0x0
[0310.090] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0310.090] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0310.090] LocalFree (hMem=0x11ee9f0) returned 0x0
[0310.090] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0310.090] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0310.090] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0310.090] GdipGetRegionHRgn (region=0x6646f88, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0310.090] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0310.090] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0310.090] GetCurrentObject (hdc=0x370106b6, type=0x1) returned 0xb00017
[0310.090] GetCurrentObject (hdc=0x370106b6, type=0x2) returned 0x900010
[0310.090] GetCurrentObject (hdc=0x370106b6, type=0x7) returned 0x4a0507fe
[0310.090] GetCurrentObject (hdc=0x370106b6, type=0x6) returned 0x8a01c2
[0310.090] SaveDC (hdc=0x370106b6) returned 1
[0310.095] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x34040807
[0310.095] GetClipRgn (hdc=0x370106b6, hrgn=0x34040807) returned 0
[0310.095] SelectClipRgn (hdc=0x370106b6, hrgn=0xb30407de) returned 2
[0310.095] DeleteObject (ho=0x34040807) returned 1
[0310.095] DeleteObject (ho=0xb30407de) returned 1
[0310.095] OffsetViewportOrgEx (in: hdc=0x370106b6, x=0, y=0, lppt=0x2d811a0 | out: lppt=0x2d811a0) returned 1
[0310.095] IsAppThemed () returned 0x1
[0310.095] GetThemeAppProperties () returned 0x3
[0310.095] GetThemeAppProperties () returned 0x3
[0310.095] GetThemeBackgroundContentRect () returned 0x0
[0310.095] RestoreDC (hdc=0x370106b6, nSavedDC=-1) returned 1
[0310.095] GdipReleaseDC (graphics=0x6600030, hdc=0x370106b6) returned 0x0
[0310.095] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0310.095] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0310.095] GdipFillRectangleI (graphics=0x6600030, brush=0x6640d78, x=4, y=4, width=67, height=15) returned 0x0
[0310.095] GdipDeleteBrush (brush=0x6640d78) returned 0x0
[0310.096] IsAppThemed () returned 0x1
[0310.096] GetThemeAppProperties () returned 0x3
[0310.096] GetThemeAppProperties () returned 0x3
[0310.096] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0310.096] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0310.096] GetCurrentObject (hdc=0x370106b6, type=0x1) returned 0xb00017
[0310.096] GetCurrentObject (hdc=0x370106b6, type=0x2) returned 0x900010
[0310.096] GetCurrentObject (hdc=0x370106b6, type=0x7) returned 0x4a0507fe
[0310.096] GetCurrentObject (hdc=0x370106b6, type=0x6) returned 0x8a01c2
[0310.096] SaveDC (hdc=0x370106b6) returned 1
[0310.096] GetTextAlign (hdc=0x370106b6) returned 0x0
[0310.096] GetTextColor (hdc=0x370106b6) returned 0x0
[0310.096] GetCurrentObject (hdc=0x370106b6, type=0x6) returned 0x8a01c2
[0310.096] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0310.096] SelectObject (hdc=0x370106b6, h=0x6d0a0520) returned 0x8a01c2
[0310.096] GetBkMode (hdc=0x370106b6) returned 2
[0310.096] SetBkMode (hdc=0x370106b6, mode=1) returned 2
[0310.096] DrawTextExW (in: hdc=0x370106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2d81564 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0310.097] DrawTextExW (in: hdc=0x370106b6, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2d81564 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0310.097] RestoreDC (hdc=0x370106b6, nSavedDC=-1) returned 1
[0310.097] GdipReleaseDC (graphics=0x6600030, hdc=0x370106b6) returned 0x0
[0310.097] GetFocus () returned 0x602c4
[0310.097] IsAppThemed () returned 0x1
[0310.097] GetThemeAppProperties () returned 0x3
[0310.097] GetThemeAppProperties () returned 0x3
[0310.097] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0310.097] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x370106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0310.097] GdipReleaseDC (graphics=0x6600030, hdc=0x370106b6) returned 0x0
[0310.097] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0310.097] SelectObject (hdc=0x370106b6, h=0x85000f) returned 0x4a0507fe
[0310.098] DeleteDC (hdc=0x370106b6) returned 1
[0310.098] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0310.098] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0310.098] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.098] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.098] WaitMessage () returned 1
[0310.114] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.114] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.114] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.114] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.114] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.115] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.115] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.115] WaitMessage () returned 1
[0310.116] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.116] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.116] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.116] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.116] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.117] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.117] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.117] WaitMessage () returned 1
[0310.118] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.118] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.118] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.118] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.118] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.119] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.119] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.119] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.119] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.119] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.120] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.120] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.120] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.120] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.120] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.120] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.120] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.120] WaitMessage () returned 1
[0310.120] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.120] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.121] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.121] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.121] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.122] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.125] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.125] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.125] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.125] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.125] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.125] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.125] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.126] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.126] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.126] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.126] WaitMessage () returned 1
[0310.128] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.128] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.128] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.128] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.128] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.129] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.129] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.129] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.129] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.129] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.129] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.129] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.129] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.129] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.129] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.129] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.130] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.130] WaitMessage () returned 1
[0310.130] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.130] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.130] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.130] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.130] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.131] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.132] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.132] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.132] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.132] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.132] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.132] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.132] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.132] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.132] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.132] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.133] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.133] WaitMessage () returned 1
[0310.134] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.134] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.134] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.134] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.134] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.135] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.135] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.135] WaitMessage () returned 1
[0310.136] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.136] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.136] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.136] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.136] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.137] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.137] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.137] WaitMessage () returned 1
[0310.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.141] IsWindowUnicode (hWnd=0x7005c) returned 1
[0310.141] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.141] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.141] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.141] IsWindowUnicode (hWnd=0x7005c) returned 1
[0310.141] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.141] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.141] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10e0244) returned 0x0
[0310.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.141] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.141] WaitMessage () returned 1
[0310.144] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.144] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.144] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.144] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.144] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.144] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.144] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.145] WaitMessage () returned 1
[0310.145] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.145] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.145] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.145] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.145] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.146] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.146] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.146] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.146] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.146] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.147] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.147] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.147] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.147] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.147] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.147] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.147] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.147] WaitMessage () returned 1
[0310.147] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.147] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.147] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.148] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.148] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.149] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.149] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.149] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.149] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.149] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.149] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.149] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.149] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.149] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.150] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.150] WaitMessage () returned 1
[0310.155] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.155] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.155] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.155] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.155] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.156] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.156] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.156] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.156] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.156] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.157] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.157] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.157] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.157] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.157] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.157] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.157] IsWindowUnicode (hWnd=0x30122) returned 1
[0310.157] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.157] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.157] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.157] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.158] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.158] WaitMessage () returned 1
[0310.296] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.296] IsWindowUnicode (hWnd=0x502c6) returned 1
[0310.296] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0310.296] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0310.296] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0310.296] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.296] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0310.296] WaitMessage () returned 1
[0312.283] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.283] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00ed) returned 0x1
[0312.283] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.283] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.283] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0312.284] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0312.284] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0312.284] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00ed) returned 0x1
[0312.284] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.284] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.284] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00ed) returned 0x1
[0312.284] SetCursor (hCursor=0x10003) returned 0x10003
[0312.284] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0312.284] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0312.284] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0312.285] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0312.285] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0312.285] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0312.285] GetKeyState (nVirtKey=1) returned 1
[0312.285] GetKeyState (nVirtKey=2) returned 0
[0312.285] GetKeyState (nVirtKey=4) returned 0
[0312.285] GetKeyState (nVirtKey=5) returned 0
[0312.285] GetKeyState (nVirtKey=6) returned 0
[0312.285] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.285] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.285] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.285] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0312.285] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0312.286] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x60100ce
[0312.286] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.286] CreateCompatibleDC (hdc=0x60100ce) returned 0x3d0107f2
[0312.286] SelectObject (hdc=0x3d0107f2, h=0x4a0507fe) returned 0x85000f
[0312.286] GdipCreateFromHDC (hdc=0x3d0107f2, graphics=0xd7e798) returned 0x0
[0312.286] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.286] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0312.286] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0312.286] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0312.286] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e7f8) returned 0x0
[0312.286] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0312.286] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eea60) returned 0x0
[0312.286] LocalFree (hMem=0x11eea60) returned 0x0
[0312.287] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0312.287] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0312.287] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0312.287] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0312.287] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0312.287] GdipRestoreGraphics (graphics=0x6600030, state=0xf5240dbd) returned 0x0
[0312.287] GdipDeleteRegion (region=0x6646328) returned 0x0
[0312.287] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0312.287] GetCurrentObject (hdc=0x3d0107f2, type=0x1) returned 0xb00017
[0312.287] GetCurrentObject (hdc=0x3d0107f2, type=0x2) returned 0x900010
[0312.287] GetCurrentObject (hdc=0x3d0107f2, type=0x7) returned 0x4a0507fe
[0312.287] GetCurrentObject (hdc=0x3d0107f2, type=0x6) returned 0x8a01c2
[0312.287] SaveDC (hdc=0x3d0107f2) returned 1
[0312.287] GetNearestColor (hdc=0x3d0107f2, color=0xff) returned 0xff
[0312.287] GetNearestColor (hdc=0x3d0107f2, color=0x55) returned 0x55
[0312.287] GetNearestColor (hdc=0x3d0107f2, color=0x0) returned 0x0
[0312.287] GetNearestColor (hdc=0x3d0107f2, color=0x55) returned 0x55
[0312.287] GetNearestColor (hdc=0x3d0107f2, color=0x0) returned 0x0
[0312.288] GetNearestColor (hdc=0x3d0107f2, color=0x8080ff) returned 0x8080ff
[0312.288] GetNearestColor (hdc=0x3d0107f2, color=0x7373e5) returned 0x7373e5
[0312.288] GetNearestColor (hdc=0x3d0107f2, color=0xe5) returned 0xe5
[0312.288] GetNearestColor (hdc=0x3d0107f2, color=0x0) returned 0x0
[0312.288] RestoreDC (hdc=0x3d0107f2, nSavedDC=-1) returned 1
[0312.288] GdipReleaseDC (graphics=0x6600030, hdc=0x3d0107f2) returned 0x0
[0312.288] IsAppThemed () returned 0x1
[0312.288] GetThemeAppProperties () returned 0x3
[0312.288] GetThemeAppProperties () returned 0x3
[0312.288] IsAppThemed () returned 0x1
[0312.288] GetThemeAppProperties () returned 0x3
[0312.288] GetThemeAppProperties () returned 0x3
[0312.288] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2d81f88 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0312.289] IsAppThemed () returned 0x1
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] IsAppThemed () returned 0x1
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] IsAppThemed () returned 0x1
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] IsAppThemed () returned 0x1
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] IsThemePartDefined () returned 0x1
[0312.289] IsAppThemed () returned 0x1
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0312.289] IsAppThemed () returned 0x1
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] GetThemeAppProperties () returned 0x3
[0312.289] IsAppThemed () returned 0x1
[0312.290] GetThemeAppProperties () returned 0x3
[0312.290] GetThemeAppProperties () returned 0x3
[0312.290] IsThemePartDefined () returned 0x1
[0312.290] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0312.290] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0312.290] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0312.290] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0312.290] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e514) returned 0x0
[0312.290] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0312.290] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0312.290] LocalFree (hMem=0x11eec58) returned 0x0
[0312.290] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.290] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0312.290] LocalFree (hMem=0x11ee788) returned 0x0
[0312.290] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0312.290] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0312.290] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0312.290] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0312.291] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0312.291] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0312.291] GetCurrentObject (hdc=0x3d0107f2, type=0x1) returned 0xb00017
[0312.291] GetCurrentObject (hdc=0x3d0107f2, type=0x2) returned 0x900010
[0312.291] GetCurrentObject (hdc=0x3d0107f2, type=0x7) returned 0x4a0507fe
[0312.291] GetCurrentObject (hdc=0x3d0107f2, type=0x6) returned 0x8a01c2
[0312.291] SaveDC (hdc=0x3d0107f2) returned 1
[0312.291] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb40407de
[0312.291] GetClipRgn (hdc=0x3d0107f2, hrgn=0xb40407de) returned 0
[0312.291] SelectClipRgn (hdc=0x3d0107f2, hrgn=0x38040807) returned 2
[0312.291] DeleteObject (ho=0xb40407de) returned 1
[0312.291] DeleteObject (ho=0x38040807) returned 1
[0312.291] OffsetViewportOrgEx (in: hdc=0x3d0107f2, x=0, y=0, lppt=0x2d82638 | out: lppt=0x2d82638) returned 1
[0312.291] DrawThemeParentBackground () returned 0x0
[0312.292] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0312.292] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0312.292] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.292] GetSystemMetrics (nIndex=42) returned 0
[0312.292] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.292] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0312.292] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0312.292] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0312.292] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0312.292] SelectPalette (hdc=0x3d0107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.292] GdipCreateFromHDC (hdc=0x3d0107f2, graphics=0xd7dff0) returned 0x0
[0312.293] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0312.293] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0312.293] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638a88) returned 0x0
[0312.293] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dfc8) returned 0x0
[0312.293] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0312.293] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0312.293] GdipGetClip (graphics=0x66376e0, region=0x6646568) returned 0x0
[0312.293] GdipIsInfiniteRegion (region=0x6646568, graphics=0x66376e0, result=0xd7dfbc) returned 0x0
[0312.293] GdipDeleteRegion (region=0x6646568) returned 0x0
[0312.293] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dfe8) returned 0x0
[0312.293] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0312.301] GdipFillRectangleI (graphics=0x66376e0, brush=0x664ddc0, x=0, y=0, width=801, height=453) returned 0x0
[0312.301] GdipDeleteBrush (brush=0x664ddc0) returned 0x0
[0312.303] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0312.303] SelectPalette (hdc=0x3d0107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.303] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.303] GetSystemMetrics (nIndex=42) returned 0
[0312.303] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.303] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0312.303] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0312.303] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0312.303] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0312.303] SelectPalette (hdc=0x3d0107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.303] GdipCreateFromHDC (hdc=0x3d0107f2, graphics=0xd7df90) returned 0x0
[0312.304] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0312.304] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0312.304] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638c68) returned 0x0
[0312.304] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0312.304] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0312.304] GdipCreateRegion (region=0xd7df50) returned 0x0
[0312.304] GdipGetClip (graphics=0x66376e0, region=0x6646f88) returned 0x0
[0312.304] GdipIsInfiniteRegion (region=0x6646f88, graphics=0x66376e0, result=0xd7df5c) returned 0x0
[0312.304] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0312.304] GdipSaveGraphics (graphics=0x66376e0, state=0xd7df88) returned 0x0
[0312.304] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0312.312] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0312.312] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0312.313] GdipRestoreGraphics (graphics=0x66376e0, state=0xf5200dbd) returned 0x0
[0312.313] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.314] GetSystemMetrics (nIndex=42) returned 0
[0312.314] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0312.314] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0312.314] SelectPalette (hdc=0x3d0107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.314] RestoreDC (hdc=0x3d0107f2, nSavedDC=-1) returned 1
[0312.314] GdipReleaseDC (graphics=0x6600030, hdc=0x3d0107f2) returned 0x0
[0312.314] IsAppThemed () returned 0x1
[0312.314] GetThemeAppProperties () returned 0x3
[0312.314] GetThemeAppProperties () returned 0x3
[0312.314] IsAppThemed () returned 0x1
[0312.314] GetThemeAppProperties () returned 0x3
[0312.315] GetThemeAppProperties () returned 0x3
[0312.315] IsThemePartDefined () returned 0x1
[0312.315] GdipCreateRegion (region=0xd7e480) returned 0x0
[0312.315] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0312.315] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0312.315] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0312.315] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e498) returned 0x0
[0312.315] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.315] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0312.315] LocalFree (hMem=0x11ee788) returned 0x0
[0312.315] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.315] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0312.315] LocalFree (hMem=0x11ee788) returned 0x0
[0312.315] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0312.315] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0312.315] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0312.315] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0312.315] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0312.316] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0312.316] GetCurrentObject (hdc=0x3d0107f2, type=0x1) returned 0xb00017
[0312.316] GetCurrentObject (hdc=0x3d0107f2, type=0x2) returned 0x900010
[0312.316] GetCurrentObject (hdc=0x3d0107f2, type=0x7) returned 0x4a0507fe
[0312.316] GetCurrentObject (hdc=0x3d0107f2, type=0x6) returned 0x8a01c2
[0312.316] SaveDC (hdc=0x3d0107f2) returned 1
[0312.316] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x39040807
[0312.316] GetClipRgn (hdc=0x3d0107f2, hrgn=0x39040807) returned 0
[0312.316] SelectClipRgn (hdc=0x3d0107f2, hrgn=0xb60407de) returned 2
[0312.316] DeleteObject (ho=0x39040807) returned 1
[0312.316] DeleteObject (ho=0xb60407de) returned 1
[0312.316] OffsetViewportOrgEx (in: hdc=0x3d0107f2, x=0, y=0, lppt=0x2d88e88 | out: lppt=0x2d88e88) returned 1
[0312.316] IsAppThemed () returned 0x1
[0312.316] GetThemeAppProperties () returned 0x3
[0312.316] GetThemeAppProperties () returned 0x3
[0312.316] DrawThemeBackground () returned 0x0
[0312.317] RestoreDC (hdc=0x3d0107f2, nSavedDC=-1) returned 1
[0312.317] GdipReleaseDC (graphics=0x6600030, hdc=0x3d0107f2) returned 0x0
[0312.317] GdipCreateRegion (region=0xd7e484) returned 0x0
[0312.317] GdipGetClip (graphics=0x6600030, region=0x6646568) returned 0x0
[0312.317] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0312.317] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0312.317] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e49c) returned 0x0
[0312.317] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0312.317] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eecc8) returned 0x0
[0312.317] LocalFree (hMem=0x11eecc8) returned 0x0
[0312.317] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.317] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0312.317] LocalFree (hMem=0x11ee788) returned 0x0
[0312.317] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0312.317] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0312.317] GdipIsInfiniteRegion (region=0x6646568, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0312.318] GdipGetRegionHRgn (region=0x6646568, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0312.318] GdipDeleteRegion (region=0x6646568) returned 0x0
[0312.318] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0312.318] GetCurrentObject (hdc=0x3d0107f2, type=0x1) returned 0xb00017
[0312.318] GetCurrentObject (hdc=0x3d0107f2, type=0x2) returned 0x900010
[0312.318] GetCurrentObject (hdc=0x3d0107f2, type=0x7) returned 0x4a0507fe
[0312.318] GetCurrentObject (hdc=0x3d0107f2, type=0x6) returned 0x8a01c2
[0312.318] SaveDC (hdc=0x3d0107f2) returned 1
[0312.318] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb70407de
[0312.318] GetClipRgn (hdc=0x3d0107f2, hrgn=0xb70407de) returned 0
[0312.318] SelectClipRgn (hdc=0x3d0107f2, hrgn=0x3a040807) returned 2
[0312.318] DeleteObject (ho=0xb70407de) returned 1
[0312.318] DeleteObject (ho=0x3a040807) returned 1
[0312.318] OffsetViewportOrgEx (in: hdc=0x3d0107f2, x=0, y=0, lppt=0x2d8915c | out: lppt=0x2d8915c) returned 1
[0312.318] IsAppThemed () returned 0x1
[0312.319] GetThemeAppProperties () returned 0x3
[0312.319] GetThemeAppProperties () returned 0x3
[0312.319] GetThemeBackgroundContentRect () returned 0x0
[0312.319] RestoreDC (hdc=0x3d0107f2, nSavedDC=-1) returned 1
[0312.319] GdipReleaseDC (graphics=0x6600030, hdc=0x3d0107f2) returned 0x0
[0312.319] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0312.319] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0312.319] GdipFillRectangleI (graphics=0x6600030, brush=0x6640d78, x=4, y=4, width=67, height=15) returned 0x0
[0312.319] GdipDeleteBrush (brush=0x6640d78) returned 0x0
[0312.319] IsAppThemed () returned 0x1
[0312.319] GetThemeAppProperties () returned 0x3
[0312.319] GetThemeAppProperties () returned 0x3
[0312.319] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0312.319] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0312.319] GetCurrentObject (hdc=0x3d0107f2, type=0x1) returned 0xb00017
[0312.319] GetCurrentObject (hdc=0x3d0107f2, type=0x2) returned 0x900010
[0312.319] GetCurrentObject (hdc=0x3d0107f2, type=0x7) returned 0x4a0507fe
[0312.320] GetCurrentObject (hdc=0x3d0107f2, type=0x6) returned 0x8a01c2
[0312.320] SaveDC (hdc=0x3d0107f2) returned 1
[0312.320] GetTextAlign (hdc=0x3d0107f2) returned 0x0
[0312.320] GetTextColor (hdc=0x3d0107f2) returned 0x0
[0312.320] GetCurrentObject (hdc=0x3d0107f2, type=0x6) returned 0x8a01c2
[0312.320] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0312.320] SelectObject (hdc=0x3d0107f2, h=0x6d0a0520) returned 0x8a01c2
[0312.320] GetBkMode (hdc=0x3d0107f2) returned 2
[0312.320] SetBkMode (hdc=0x3d0107f2, mode=1) returned 2
[0312.320] DrawTextExW (in: hdc=0x3d0107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2d89520 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0312.321] DrawTextExW (in: hdc=0x3d0107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2d89520 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0312.321] RestoreDC (hdc=0x3d0107f2, nSavedDC=-1) returned 1
[0312.321] GdipReleaseDC (graphics=0x6600030, hdc=0x3d0107f2) returned 0x0
[0312.321] GetFocus () returned 0x602c4
[0312.322] IsAppThemed () returned 0x1
[0312.322] GetThemeAppProperties () returned 0x3
[0312.322] GetThemeAppProperties () returned 0x3
[0312.322] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0312.322] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x3d0107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.322] GdipReleaseDC (graphics=0x6600030, hdc=0x3d0107f2) returned 0x0
[0312.322] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.322] SelectObject (hdc=0x3d0107f2, h=0x85000f) returned 0x4a0507fe
[0312.322] DeleteDC (hdc=0x3d0107f2) returned 1
[0312.323] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.323] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0312.323] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0312.323] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0312.323] WaitMessage () returned 1
[0312.388] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.388] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.388] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.388] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0312.388] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0312.388] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.388] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.388] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.388] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0312.388] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0312.388] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x40012) returned 0x0
[0312.389] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0312.389] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0312.389] WaitMessage () returned 1
[0312.491] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00ed) returned 0x1
[0312.492] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.492] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00ed) returned 0x1
[0312.492] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0312.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x196002f) returned 0x0
[0312.492] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0312.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0312.492] SetCursor (hCursor=0x10003) returned 0x10003
[0312.493] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0312.493] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0312.493] GetKeyState (nVirtKey=1) returned -128
[0312.493] GetKeyState (nVirtKey=2) returned 0
[0312.493] GetKeyState (nVirtKey=4) returned 0
[0312.493] GetKeyState (nVirtKey=5) returned 0
[0312.493] GetKeyState (nVirtKey=6) returned 0
[0312.493] IsWindowVisible (hWnd=0x602c4) returned 1
[0312.493] IsWindowEnabled (hWnd=0x602c4) returned 1
[0312.493] SetFocus (hWnd=0x602c4) returned 0x602c4
[0312.493] GetFocus () returned 0x602c4
[0312.493] GetFocus () returned 0x602c4
[0312.493] GetFocus () returned 0x602c4
[0312.493] GetKeyState (nVirtKey=1) returned -128
[0312.493] GetKeyState (nVirtKey=2) returned 0
[0312.493] GetKeyState (nVirtKey=4) returned 0
[0312.493] GetKeyState (nVirtKey=5) returned 0
[0312.493] GetKeyState (nVirtKey=6) returned 0
[0312.493] GetCapture () returned 0x0
[0312.493] SetCapture (hWnd=0x602c4) returned 0x0
[0312.493] GetKeyState (nVirtKey=1) returned -128
[0312.494] GetKeyState (nVirtKey=2) returned 0
[0312.494] GetKeyState (nVirtKey=4) returned 0
[0312.494] GetKeyState (nVirtKey=5) returned 0
[0312.494] GetKeyState (nVirtKey=6) returned 0
[0312.494] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0312.494] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0312.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.494] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.494] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0312.494] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0312.494] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0312.494] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d896a4, cPoints=0x1 | out: lpPoints=0x2d896a4) returned 40304859
[0312.494] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0312.494] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0312.494] UpdateWindow (hWnd=0x602c4) returned 1
[0312.494] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0x60100ce
[0312.495] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.495] CreateCompatibleDC (hdc=0x60100ce) returned 0x3e0107f2
[0312.495] SelectObject (hdc=0x3e0107f2, h=0x4a0507fe) returned 0x85000f
[0312.495] GdipCreateFromHDC (hdc=0x3e0107f2, graphics=0xd7e430) returned 0x0
[0312.495] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.495] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0312.495] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0312.495] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0312.495] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e490) returned 0x0
[0312.495] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0312.495] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee9f0) returned 0x0
[0312.495] LocalFree (hMem=0x11ee9f0) returned 0x0
[0312.496] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0312.496] GdipCreateRegion (region=0xd7e478) returned 0x0
[0312.496] GdipGetClip (graphics=0x6600030, region=0x6646a78) returned 0x0
[0312.496] GdipIsInfiniteRegion (region=0x6646a78, graphics=0x6600030, result=0xd7e484) returned 0x0
[0312.496] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0312.496] GdipRestoreGraphics (graphics=0x6600030, state=0xf51e0dbd) returned 0x0
[0312.496] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0312.496] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0312.496] GetCurrentObject (hdc=0x3e0107f2, type=0x1) returned 0xb00017
[0312.496] GetCurrentObject (hdc=0x3e0107f2, type=0x2) returned 0x900010
[0312.496] GetCurrentObject (hdc=0x3e0107f2, type=0x7) returned 0x4a0507fe
[0312.496] GetCurrentObject (hdc=0x3e0107f2, type=0x6) returned 0x8a01c2
[0312.496] SaveDC (hdc=0x3e0107f2) returned 1
[0312.496] GetNearestColor (hdc=0x3e0107f2, color=0xff) returned 0xff
[0312.496] GetNearestColor (hdc=0x3e0107f2, color=0x55) returned 0x55
[0312.497] GetNearestColor (hdc=0x3e0107f2, color=0x0) returned 0x0
[0312.497] GetNearestColor (hdc=0x3e0107f2, color=0x55) returned 0x55
[0312.497] GetNearestColor (hdc=0x3e0107f2, color=0x0) returned 0x0
[0312.497] GetNearestColor (hdc=0x3e0107f2, color=0x8080ff) returned 0x8080ff
[0312.498] GetNearestColor (hdc=0x3e0107f2, color=0x7373e5) returned 0x7373e5
[0312.498] GetNearestColor (hdc=0x3e0107f2, color=0xe5) returned 0xe5
[0312.498] GetNearestColor (hdc=0x3e0107f2, color=0x0) returned 0x0
[0312.498] RestoreDC (hdc=0x3e0107f2, nSavedDC=-1) returned 1
[0312.498] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107f2) returned 0x0
[0312.498] IsAppThemed () returned 0x1
[0312.498] GetThemeAppProperties () returned 0x3
[0312.498] GetThemeAppProperties () returned 0x3
[0312.498] IsAppThemed () returned 0x1
[0312.498] GetThemeAppProperties () returned 0x3
[0312.498] GetThemeAppProperties () returned 0x3
[0312.498] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2d89dc0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0312.499] IsAppThemed () returned 0x1
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] IsAppThemed () returned 0x1
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] IsAppThemed () returned 0x1
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] IsAppThemed () returned 0x1
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] IsThemePartDefined () returned 0x1
[0312.499] IsAppThemed () returned 0x1
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] GetThemeAppProperties () returned 0x3
[0312.499] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0312.499] IsAppThemed () returned 0x1
[0312.500] GetThemeAppProperties () returned 0x3
[0312.500] GetThemeAppProperties () returned 0x3
[0312.500] IsAppThemed () returned 0x1
[0312.500] GetThemeAppProperties () returned 0x3
[0312.500] GetThemeAppProperties () returned 0x3
[0312.500] IsThemePartDefined () returned 0x1
[0312.500] GdipCreateRegion (region=0xd7e194) returned 0x0
[0312.500] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0312.500] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0312.500] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0312.500] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e1ac) returned 0x0
[0312.500] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0312.500] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0312.500] LocalFree (hMem=0x11ee868) returned 0x0
[0312.500] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0312.500] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0312.500] LocalFree (hMem=0x11ee9f0) returned 0x0
[0312.500] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0312.500] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0312.501] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0312.501] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0312.501] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0312.501] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0312.501] GetCurrentObject (hdc=0x3e0107f2, type=0x1) returned 0xb00017
[0312.501] GetCurrentObject (hdc=0x3e0107f2, type=0x2) returned 0x900010
[0312.501] GetCurrentObject (hdc=0x3e0107f2, type=0x7) returned 0x4a0507fe
[0312.501] GetCurrentObject (hdc=0x3e0107f2, type=0x6) returned 0x8a01c2
[0312.501] SaveDC (hdc=0x3e0107f2) returned 1
[0312.501] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3b040807
[0312.501] GetClipRgn (hdc=0x3e0107f2, hrgn=0x3b040807) returned 0
[0312.501] SelectClipRgn (hdc=0x3e0107f2, hrgn=0xbb0407de) returned 2
[0312.501] DeleteObject (ho=0x3b040807) returned 1
[0312.501] DeleteObject (ho=0xbb0407de) returned 1
[0312.501] OffsetViewportOrgEx (in: hdc=0x3e0107f2, x=0, y=0, lppt=0x2d8a470 | out: lppt=0x2d8a470) returned 1
[0312.501] DrawThemeParentBackground () returned 0x0
[0312.502] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0312.502] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0312.502] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.502] GetSystemMetrics (nIndex=42) returned 0
[0312.502] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.502] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0312.502] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0312.502] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0312.502] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0312.502] SelectPalette (hdc=0x3e0107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.502] GdipCreateFromHDC (hdc=0x3e0107f2, graphics=0xd7dc88) returned 0x0
[0312.502] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0312.503] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0312.503] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638bd8) returned 0x0
[0312.503] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc60) returned 0x0
[0312.503] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0312.503] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0312.503] GdipGetClip (graphics=0x66376e0, region=0x66463b8) returned 0x0
[0312.503] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x66376e0, result=0xd7dc54) returned 0x0
[0312.503] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0312.503] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dc80) returned 0x0
[0312.503] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0312.510] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0312.511] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0312.512] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0312.512] SelectPalette (hdc=0x3e0107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.513] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.513] GetSystemMetrics (nIndex=42) returned 0
[0312.513] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.513] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0312.513] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0312.513] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0312.513] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0312.513] SelectPalette (hdc=0x3e0107f2, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.514] GdipCreateFromHDC (hdc=0x3e0107f2, graphics=0xd7dc28) returned 0x0
[0312.514] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0312.514] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0312.514] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638c98) returned 0x0
[0312.514] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7dc00) returned 0x0
[0312.514] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0312.514] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0312.514] GdipGetClip (graphics=0x66376e0, region=0x66465f8) returned 0x0
[0312.514] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x66376e0, result=0xd7dbf4) returned 0x0
[0312.514] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0312.514] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dc20) returned 0x0
[0312.514] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0312.521] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e780, x=0, y=0, width=801, height=453) returned 0x0
[0312.521] GdipDeleteBrush (brush=0x664e780) returned 0x0
[0312.523] GdipRestoreGraphics (graphics=0x66376e0, state=0xf51a0dbd) returned 0x0
[0312.523] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.523] GetSystemMetrics (nIndex=42) returned 0
[0312.523] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.523] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0312.523] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0312.523] SelectPalette (hdc=0x3e0107f2, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.524] RestoreDC (hdc=0x3e0107f2, nSavedDC=-1) returned 1
[0312.524] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107f2) returned 0x0
[0312.524] IsAppThemed () returned 0x1
[0312.524] GetThemeAppProperties () returned 0x3
[0312.524] GetThemeAppProperties () returned 0x3
[0312.524] IsAppThemed () returned 0x1
[0312.524] GetThemeAppProperties () returned 0x3
[0312.524] GetThemeAppProperties () returned 0x3
[0312.524] IsThemePartDefined () returned 0x1
[0312.524] GdipCreateRegion (region=0xd7e118) returned 0x0
[0312.524] GdipGetClip (graphics=0x6600030, region=0x6646958) returned 0x0
[0312.524] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0312.524] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0312.524] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e130) returned 0x0
[0312.524] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0312.524] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee8d8) returned 0x0
[0312.525] LocalFree (hMem=0x11ee8d8) returned 0x0
[0312.525] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0312.525] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee910) returned 0x0
[0312.525] LocalFree (hMem=0x11ee910) returned 0x0
[0312.525] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0312.525] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e158) returned 0x0
[0312.525] GdipIsInfiniteRegion (region=0x6646958, graphics=0x6600030, result=0xd7e148) returned 0x0
[0312.525] GdipGetRegionHRgn (region=0x6646958, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0312.525] GdipDeleteRegion (region=0x6646958) returned 0x0
[0312.525] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0312.525] GetCurrentObject (hdc=0x3e0107f2, type=0x1) returned 0xb00017
[0312.525] GetCurrentObject (hdc=0x3e0107f2, type=0x2) returned 0x900010
[0312.525] GetCurrentObject (hdc=0x3e0107f2, type=0x7) returned 0x4a0507fe
[0312.525] GetCurrentObject (hdc=0x3e0107f2, type=0x6) returned 0x8a01c2
[0312.525] SaveDC (hdc=0x3e0107f2) returned 1
[0312.525] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbc0407de
[0312.526] GetClipRgn (hdc=0x3e0107f2, hrgn=0xbc0407de) returned 0
[0312.526] SelectClipRgn (hdc=0x3e0107f2, hrgn=0x3d040807) returned 2
[0312.526] DeleteObject (ho=0xbc0407de) returned 1
[0312.526] DeleteObject (ho=0x3d040807) returned 1
[0312.526] OffsetViewportOrgEx (in: hdc=0x3e0107f2, x=0, y=0, lppt=0x2d90cc0 | out: lppt=0x2d90cc0) returned 1
[0312.526] IsAppThemed () returned 0x1
[0312.526] GetThemeAppProperties () returned 0x3
[0312.526] GetThemeAppProperties () returned 0x3
[0312.526] DrawThemeBackground () returned 0x0
[0312.526] RestoreDC (hdc=0x3e0107f2, nSavedDC=-1) returned 1
[0312.526] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107f2) returned 0x0
[0312.526] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0312.526] GdipGetClip (graphics=0x6600030, region=0x6646b08) returned 0x0
[0312.526] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0312.526] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0312.526] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e134) returned 0x0
[0312.527] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0312.527] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0312.527] LocalFree (hMem=0x11ee868) returned 0x0
[0312.527] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0312.527] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea28) returned 0x0
[0312.527] LocalFree (hMem=0x11eea28) returned 0x0
[0312.527] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0312.527] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0312.527] GdipIsInfiniteRegion (region=0x6646b08, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0312.527] GdipGetRegionHRgn (region=0x6646b08, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0312.527] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0312.527] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0312.527] GetCurrentObject (hdc=0x3e0107f2, type=0x1) returned 0xb00017
[0312.527] GetCurrentObject (hdc=0x3e0107f2, type=0x2) returned 0x900010
[0312.527] GetCurrentObject (hdc=0x3e0107f2, type=0x7) returned 0x4a0507fe
[0312.527] GetCurrentObject (hdc=0x3e0107f2, type=0x6) returned 0x8a01c2
[0312.527] SaveDC (hdc=0x3e0107f2) returned 1
[0312.528] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3e040807
[0312.528] GetClipRgn (hdc=0x3e0107f2, hrgn=0x3e040807) returned 0
[0312.528] SelectClipRgn (hdc=0x3e0107f2, hrgn=0xbd0407de) returned 2
[0312.528] DeleteObject (ho=0x3e040807) returned 1
[0312.528] DeleteObject (ho=0xbd0407de) returned 1
[0312.528] OffsetViewportOrgEx (in: hdc=0x3e0107f2, x=0, y=0, lppt=0x2d90f94 | out: lppt=0x2d90f94) returned 1
[0312.528] IsAppThemed () returned 0x1
[0312.528] GetThemeAppProperties () returned 0x3
[0312.528] GetThemeAppProperties () returned 0x3
[0312.528] GetThemeBackgroundContentRect () returned 0x0
[0312.528] RestoreDC (hdc=0x3e0107f2, nSavedDC=-1) returned 1
[0312.528] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107f2) returned 0x0
[0312.528] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0312.528] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0312.528] GdipFillRectangleI (graphics=0x6600030, brush=0x6640d78, x=4, y=4, width=67, height=15) returned 0x0
[0312.529] GdipDeleteBrush (brush=0x6640d78) returned 0x0
[0312.529] IsAppThemed () returned 0x1
[0312.529] GetThemeAppProperties () returned 0x3
[0312.529] GetThemeAppProperties () returned 0x3
[0312.529] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0312.529] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0312.529] GetCurrentObject (hdc=0x3e0107f2, type=0x1) returned 0xb00017
[0312.529] GetCurrentObject (hdc=0x3e0107f2, type=0x2) returned 0x900010
[0312.529] GetCurrentObject (hdc=0x3e0107f2, type=0x7) returned 0x4a0507fe
[0312.529] GetCurrentObject (hdc=0x3e0107f2, type=0x6) returned 0x8a01c2
[0312.529] SaveDC (hdc=0x3e0107f2) returned 1
[0312.529] GetTextAlign (hdc=0x3e0107f2) returned 0x0
[0312.529] GetTextColor (hdc=0x3e0107f2) returned 0x0
[0312.529] GetCurrentObject (hdc=0x3e0107f2, type=0x6) returned 0x8a01c2
[0312.529] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0312.530] SelectObject (hdc=0x3e0107f2, h=0x6d0a0520) returned 0x8a01c2
[0312.530] GetBkMode (hdc=0x3e0107f2) returned 2
[0312.530] SetBkMode (hdc=0x3e0107f2, mode=1) returned 2
[0312.530] DrawTextExW (in: hdc=0x3e0107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2d91358 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0312.530] DrawTextExW (in: hdc=0x3e0107f2, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2d91358 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0312.530] RestoreDC (hdc=0x3e0107f2, nSavedDC=-1) returned 1
[0312.531] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107f2) returned 0x0
[0312.531] GetFocus () returned 0x602c4
[0312.531] IsAppThemed () returned 0x1
[0312.531] GetThemeAppProperties () returned 0x3
[0312.531] GetThemeAppProperties () returned 0x3
[0312.531] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0312.531] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x3e0107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.531] GdipReleaseDC (graphics=0x6600030, hdc=0x3e0107f2) returned 0x0
[0312.531] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.531] SelectObject (hdc=0x3e0107f2, h=0x85000f) returned 0x4a0507fe
[0312.532] DeleteDC (hdc=0x3e0107f2) returned 1
[0312.532] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.532] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0312.532] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2d91454, cPoints=0x1 | out: lpPoints=0x2d91454) returned 40304859
[0312.532] WindowFromPoint (Point=0xed) returned 0x602c4
[0312.532] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x26b00ed) returned 0x1
[0312.532] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0312.532] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0312.532] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0312.532] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0312.532] GetSystemMetrics (nIndex=42) returned 0
[0312.532] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0312.532] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0312.534] GetCapture () returned 0x602c4
[0312.534] ReleaseCapture () returned 1
[0312.535] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0312.535] GetProcessWindowStation () returned 0x13c
[0312.535] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.535] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0312.536] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.536] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0312.536] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.536] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0312.537] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.537] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0312.537] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.537] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0312.537] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.537] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0312.537] GetDC (hWnd=0x0) returned 0x10105d6
[0312.538] GdipCreateFromHDC (hdc=0x10105d6, graphics=0xd7e6ec) returned 0x0
[0312.538] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0312.538] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.538] ReleaseDC (hWnd=0x0, hDC=0x10105d6) returned 1
[0312.538] GetSystemMetrics (nIndex=5) returned 1
[0312.538] GetSystemMetrics (nIndex=6) returned 1
[0312.539] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.539] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0312.539] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.539] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0312.543] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0312.543] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0312.543] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.543] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0312.543] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.543] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0312.545] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2d96e70 | out: lpData=0x2d96e70) returned 1
[0312.546] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d97280, puLen=0xd7e810) returned 1
[0312.546] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d96f28, puLen=0xd7e790) returned 1
[0312.546] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d96f7c, puLen=0xd7e790) returned 1
[0312.546] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d96ffc, puLen=0xd7e790) returned 1
[0312.546] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97064, puLen=0xd7e790) returned 1
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d970a4, puLen=0xd7e790) returned 1
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9712c, puLen=0xd7e790) returned 1
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d97168, puLen=0xd7e790) returned 1
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d971c0, puLen=0xd7e790) returned 1
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d971f0, puLen=0xd7e790) returned 1
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9722c, puLen=0xd7e790) returned 1
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d97280, puLen=0xd7e784) returned 1
[0312.547] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.547] VerQueryValueW (in: pBlock=0x2d96e70, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d96e98, puLen=0xd7e794) returned 1
[0312.548] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0312.548] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0312.548] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.548] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0312.548] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.548] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0312.548] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2d98de0 | out: lpData=0x2d98de0) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d98e7c, puLen=0xd7e810) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d98ef4, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d98f24, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d98f60, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d98f90, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d98fd8, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d99050, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d99094, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d990d4, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d98ed2, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d99020, puLen=0xd7e790) returned 1
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d98e7c, puLen=0xd7e784) returned 1
[0312.549] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0312.549] VerQueryValueW (in: pBlock=0x2d98de0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d98e08, puLen=0xd7e794) returned 1
[0312.550] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0312.550] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0312.550] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.550] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0312.550] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.551] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0312.551] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2d9b0b8 | out: lpData=0x2d9b0b8) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9b4cc, puLen=0xd7e810) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b170, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b1c4, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b220, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b280, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b2d8, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b360, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b3b4, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b40c, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b43c, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9b478, puLen=0xd7e790) returned 1
[0312.552] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.553] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9b4cc, puLen=0xd7e784) returned 1
[0312.553] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.553] VerQueryValueW (in: pBlock=0x2d9b0b8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9b0e0, puLen=0xd7e794) returned 1
[0312.554] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0312.554] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0312.554] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.554] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0312.554] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.554] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0312.555] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2d9d6f0 | out: lpData=0x2d9d6f0) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2d9daf0, puLen=0xd7e810) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d7a8, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d7fc, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d83c, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d8a4, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d8fc, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d984, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9d9d8, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9da30, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9da60, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9da9c, puLen=0xd7e790) returned 1
[0312.556] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.557] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2d9daf0, puLen=0xd7e784) returned 1
[0312.557] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.557] VerQueryValueW (in: pBlock=0x2d9d6f0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9d718, puLen=0xd7e794) returned 1
[0312.557] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0312.558] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0312.558] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.558] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0312.558] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.558] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0312.559] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2d9fe2c | out: lpData=0x2d9fe2c) returned 1
[0312.563] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da01f4, puLen=0xd7e810) returned 1
[0312.563] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9fee4, puLen=0xd7e790) returned 1
[0312.563] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9ff38, puLen=0xd7e790) returned 1
[0312.563] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9ff78, puLen=0xd7e790) returned 1
[0312.563] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2d9ffe0, puLen=0xd7e790) returned 1
[0312.563] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da001c, puLen=0xd7e790) returned 1
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da00a4, puLen=0xd7e790) returned 1
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da00dc, puLen=0xd7e790) returned 1
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0134, puLen=0xd7e790) returned 1
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da0164, puLen=0xd7e790) returned 1
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da01a0, puLen=0xd7e790) returned 1
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da01f4, puLen=0xd7e784) returned 1
[0312.564] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.564] VerQueryValueW (in: pBlock=0x2d9fe2c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2d9fe54, puLen=0xd7e794) returned 1
[0312.565] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0312.565] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0312.565] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.565] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0312.565] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.565] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0312.566] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2da3494 | out: lpData=0x2da3494) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da3874, puLen=0xd7e810) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da354c, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da35a0, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da35e0, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3640, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da368c, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3714, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da375c, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da37b4, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da37e4, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da3820, puLen=0xd7e790) returned 1
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.567] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da3874, puLen=0xd7e784) returned 1
[0312.567] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.568] VerQueryValueW (in: pBlock=0x2da3494, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da34bc, puLen=0xd7e794) returned 1
[0312.568] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0312.568] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0312.569] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.569] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0312.569] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.569] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0312.570] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2da5cb4 | out: lpData=0x2da5cb4) returned 1
[0312.570] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da60c0, puLen=0xd7e810) returned 1
[0312.570] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5d6c, puLen=0xd7e790) returned 1
[0312.570] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5dc0, puLen=0xd7e790) returned 1
[0312.570] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5e14, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5e74, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5ecc, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5f54, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da5fa8, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6000, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da6030, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da606c, puLen=0xd7e790) returned 1
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da60c0, puLen=0xd7e784) returned 1
[0312.571] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.571] VerQueryValueW (in: pBlock=0x2da5cb4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da5cdc, puLen=0xd7e794) returned 1
[0312.572] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0312.572] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0312.572] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.572] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0312.572] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.572] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0312.573] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2da84c8 | out: lpData=0x2da84c8) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2da88a0, puLen=0xd7e810) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8580, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da85d4, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8614, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da867c, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da86c0, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8748, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8788, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da87e0, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da8810, puLen=0xd7e790) returned 1
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.574] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2da884c, puLen=0xd7e790) returned 1
[0312.575] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.575] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2da88a0, puLen=0xd7e784) returned 1
[0312.575] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.575] VerQueryValueW (in: pBlock=0x2da84c8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2da84f0, puLen=0xd7e794) returned 1
[0312.576] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0312.576] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0312.576] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.576] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0312.576] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.576] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0312.577] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2daaa20 | out: lpData=0x2daaa20) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2daadf8, puLen=0xd7e810) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daaad8, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daab2c, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daab6c, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daabd4, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daac18, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daaca0, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daace0, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daad38, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daad68, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2daada4, puLen=0xd7e790) returned 1
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.578] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2daadf8, puLen=0xd7e784) returned 1
[0312.578] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.579] VerQueryValueW (in: pBlock=0x2daaa20, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2daaa48, puLen=0xd7e794) returned 1
[0312.580] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0312.580] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0312.580] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0312.580] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0312.580] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0312.580] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0312.581] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2dad158 | out: lpData=0x2dad158) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dad588, puLen=0xd7e810) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad210, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad264, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad2d4, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad334, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad390, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad418, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad470, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad4c8, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad4f8, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dad534, puLen=0xd7e790) returned 1
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dad588, puLen=0xd7e784) returned 1
[0312.582] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0312.582] VerQueryValueW (in: pBlock=0x2dad158, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dad180, puLen=0xd7e794) returned 1
[0312.583] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0312.583] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.583] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0312.583] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.584] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.584] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3802da
[0312.584] SetWindowLongW (hWnd=0x3802da, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0312.584] GetWindowLongW (hWnd=0x3802da, nIndex=-4) returned 1950089536
[0312.585] SetWindowLongW (hWnd=0x3802da, nIndex=-4, dwNewLong=19940990) returned 1950089536
[0312.585] GetWindowLongW (hWnd=0x3802da, nIndex=-4) returned 19940990
[0312.585] GetWindowLongW (hWnd=0x3802da, nIndex=-16) returned 113311744
[0312.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0312.585] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0312.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0312.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0312.586] GetClientRect (in: hWnd=0x3802da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0312.586] GetWindowRect (in: hWnd=0x3802da, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0312.586] SetWindowTextW (hWnd=0x3802da, lpString="WindowsFormsParkingWindow") returned 1
[0312.587] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0xc, wParam=0x0, lParam=0x2d72654) returned 0x1
[0312.587] GetParent (hWnd=0x3802da) returned 0x0
[0312.587] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.587] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3802da, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e02ce
[0312.588] SetWindowLongW (hWnd=0x2e02ce, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0312.588] GetWindowLongW (hWnd=0x2e02ce, nIndex=-4) returned 1868147648
[0312.588] SetWindowLongW (hWnd=0x2e02ce, nIndex=-4, dwNewLong=19941030) returned 1868147648
[0312.588] GetWindowLongW (hWnd=0x2e02ce, nIndex=-4) returned 19941030
[0312.588] GetWindowLongW (hWnd=0x2e02ce, nIndex=-16) returned 1174405133
[0312.588] GetWindowLongW (hWnd=0x2e02ce, nIndex=-12) returned 0
[0312.588] SetWindowLongW (hWnd=0x2e02ce, nIndex=-12, dwNewLong=3015374) returned 0
[0312.589] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0312.589] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0312.589] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0312.590] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0312.590] GetWindowRect (in: hWnd=0x2e02ce, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0312.590] GetParent (hWnd=0x2e02ce) returned 0x3802da
[0312.590] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3802da, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0312.592] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0312.592] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0312.592] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0312.592] GetWindowRect (in: hWnd=0x2e02ce, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0312.592] GetParent (hWnd=0x2e02ce) returned 0x3802da
[0312.592] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3802da, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0312.592] SendMessageW (hWnd=0x2e02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2e02ce) returned 0x0
[0312.592] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2e02ce) returned 0x0
[0312.593] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.593] GetParent (hWnd=0x2e02ce) returned 0x3802da
[0312.593] GdipCreateFromHWND (hwnd=0x2e02ce, graphics=0xd7e844) returned 0x0
[0312.593] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0312.594] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.594] GetForegroundWindow () returned 0x7005c
[0312.594] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.594] GetSystemMetrics (nIndex=42) returned 0
[0312.594] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0312.594] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.594] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.594] GetSystemMetrics (nIndex=42) returned 0
[0312.594] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0312.595] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.595] GetCursorPos (in: lpPoint=0x2db15dc | out: lpPoint=0x2db15dc*(x=237, y=619)) returned 1
[0312.595] MonitorFromPoint (pt=0xed, dwFlags=0x26b) returned 0x10001
[0312.595] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0312.595] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x130107f8
[0312.596] GetDeviceCaps (hdc=0x130107f8, index=12) returned 32
[0312.596] GetDeviceCaps (hdc=0x130107f8, index=14) returned 1
[0312.596] DeleteDC (hdc=0x130107f8) returned 1
[0312.596] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0312.596] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0312.596] GetSystemMetrics (nIndex=59) returned 1460
[0312.596] GetSystemMetrics (nIndex=60) returned 920
[0312.596] GetSystemMetrics (nIndex=34) returned 136
[0312.596] GetSystemMetrics (nIndex=35) returned 39
[0312.596] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.596] GetCursorPos (in: lpPoint=0x2db1848 | out: lpPoint=0x2db1848*(x=237, y=619)) returned 1
[0312.597] MonitorFromPoint (pt=0xee, dwFlags=0x26b) returned 0x10001
[0312.597] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0312.597] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x140107f8
[0312.597] GetDeviceCaps (hdc=0x140107f8, index=12) returned 32
[0312.597] GetDeviceCaps (hdc=0x140107f8, index=14) returned 1
[0312.597] DeleteDC (hdc=0x140107f8) returned 1
[0312.597] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0312.597] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0312.598] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.598] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0312.598] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2db1ae0 | out: piconinfo=0x2db1ae0) returned 1
[0312.598] GetObjectW (in: h=0x6a0507eb, c=24, pv=0x2db1afc | out: pv=0x2db1afc) returned 24
[0312.598] GdipCreateBitmapFromHBITMAP (hbm=0x6a0507eb, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0312.598] GdipGetImageWidth (image=0x6600640, width=0xd7e750) returned 0x0
[0312.598] GdipGetImageHeight (image=0x6600640, height=0xd7e748) returned 0x0
[0312.599] GdipGetImagePixelFormat (image=0x6600640, format=0xd7e740) returned 0x0
[0312.599] GdipBitmapLockBits (bitmap=0x6600640, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2db1bb4) returned 0x0
[0312.599] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0312.599] GdipBitmapLockBits (bitmap=0x6601360, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2db1bec) returned 0x0
[0312.599] RtlMoveMemory (in: Destination=0x6659f20, Source=0x665ceb0, Length=0x80 | out: Destination=0x6659f20)
[0312.599] RtlMoveMemory (in: Destination=0x6659fa0, Source=0x665ce30, Length=0x80 | out: Destination=0x6659fa0)
[0312.599] RtlMoveMemory (in: Destination=0x665a020, Source=0x665cdb0, Length=0x80 | out: Destination=0x665a020)
[0312.599] RtlMoveMemory (in: Destination=0x665a0a0, Source=0x665cd30, Length=0x80 | out: Destination=0x665a0a0)
[0312.599] RtlMoveMemory (in: Destination=0x665a120, Source=0x665ccb0, Length=0x80 | out: Destination=0x665a120)
[0312.599] RtlMoveMemory (in: Destination=0x665a1a0, Source=0x665cc30, Length=0x80 | out: Destination=0x665a1a0)
[0312.599] RtlMoveMemory (in: Destination=0x665a220, Source=0x665cbb0, Length=0x80 | out: Destination=0x665a220)
[0312.599] RtlMoveMemory (in: Destination=0x665a2a0, Source=0x665cb30, Length=0x80 | out: Destination=0x665a2a0)
[0312.599] RtlMoveMemory (in: Destination=0x665a320, Source=0x665cab0, Length=0x80 | out: Destination=0x665a320)
[0312.599] RtlMoveMemory (in: Destination=0x665a3a0, Source=0x665ca30, Length=0x80 | out: Destination=0x665a3a0)
[0312.599] RtlMoveMemory (in: Destination=0x665a420, Source=0x665c9b0, Length=0x80 | out: Destination=0x665a420)
[0312.599] RtlMoveMemory (in: Destination=0x665a4a0, Source=0x665c930, Length=0x80 | out: Destination=0x665a4a0)
[0312.600] RtlMoveMemory (in: Destination=0x665a520, Source=0x665c8b0, Length=0x80 | out: Destination=0x665a520)
[0312.600] RtlMoveMemory (in: Destination=0x665a5a0, Source=0x665c830, Length=0x80 | out: Destination=0x665a5a0)
[0312.600] RtlMoveMemory (in: Destination=0x665a620, Source=0x665c7b0, Length=0x80 | out: Destination=0x665a620)
[0312.600] RtlMoveMemory (in: Destination=0x665a6a0, Source=0x665c730, Length=0x80 | out: Destination=0x665a6a0)
[0312.600] RtlMoveMemory (in: Destination=0x665a720, Source=0x665c6b0, Length=0x80 | out: Destination=0x665a720)
[0312.600] RtlMoveMemory (in: Destination=0x665a7a0, Source=0x665c630, Length=0x80 | out: Destination=0x665a7a0)
[0312.600] RtlMoveMemory (in: Destination=0x665a820, Source=0x665c5b0, Length=0x80 | out: Destination=0x665a820)
[0312.600] RtlMoveMemory (in: Destination=0x665a8a0, Source=0x665c530, Length=0x80 | out: Destination=0x665a8a0)
[0312.600] RtlMoveMemory (in: Destination=0x665a920, Source=0x665c4b0, Length=0x80 | out: Destination=0x665a920)
[0312.600] RtlMoveMemory (in: Destination=0x665a9a0, Source=0x665c430, Length=0x80 | out: Destination=0x665a9a0)
[0312.600] RtlMoveMemory (in: Destination=0x665aa20, Source=0x665c3b0, Length=0x80 | out: Destination=0x665aa20)
[0312.600] RtlMoveMemory (in: Destination=0x665aaa0, Source=0x665c330, Length=0x80 | out: Destination=0x665aaa0)
[0312.600] RtlMoveMemory (in: Destination=0x665ab20, Source=0x665c2b0, Length=0x80 | out: Destination=0x665ab20)
[0312.600] RtlMoveMemory (in: Destination=0x665aba0, Source=0x665c230, Length=0x80 | out: Destination=0x665aba0)
[0312.600] RtlMoveMemory (in: Destination=0x665ac20, Source=0x665c1b0, Length=0x80 | out: Destination=0x665ac20)
[0312.600] RtlMoveMemory (in: Destination=0x665aca0, Source=0x665c130, Length=0x80 | out: Destination=0x665aca0)
[0312.600] RtlMoveMemory (in: Destination=0x665ad20, Source=0x665c0b0, Length=0x80 | out: Destination=0x665ad20)
[0312.600] RtlMoveMemory (in: Destination=0x665ada0, Source=0x665c030, Length=0x80 | out: Destination=0x665ada0)
[0312.600] RtlMoveMemory (in: Destination=0x665ae20, Source=0x665bfb0, Length=0x80 | out: Destination=0x665ae20)
[0312.601] RtlMoveMemory (in: Destination=0x665aea0, Source=0x665bf30, Length=0x80 | out: Destination=0x665aea0)
[0312.601] GdipBitmapUnlockBits (bitmap=0x6600640, lockedBitmapData=0x2db1bb4) returned 0x0
[0312.601] GdipBitmapUnlockBits (bitmap=0x6601360, lockedBitmapData=0x2db1bec) returned 0x0
[0312.601] GdipDisposeImage (image=0x6600640) returned 0x0
[0312.601] DeleteObject (ho=0x6a0507eb) returned 1
[0312.601] DeleteObject (ho=0x150507f8) returned 1
[0312.601] GetCurrentThreadId () returned 0xf50
[0312.601] GetCurrentThreadId () returned 0xf50
[0312.601] SetWindowPos (hWnd=0x2e02ce, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0312.601] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0312.601] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0312.602] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0312.602] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0312.602] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0312.602] GetWindowRect (in: hWnd=0x2e02ce, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0312.602] GetParent (hWnd=0x2e02ce) returned 0x3802da
[0312.602] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3802da, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0312.602] InvalidateRect (hWnd=0x2e02ce, lpRect=0x0, bErase=1) returned 1
[0312.602] GetWindowTextLengthW (hWnd=0x2e02ce) returned 0
[0312.602] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0312.602] GetSystemMetrics (nIndex=42) returned 0
[0312.602] GetWindowTextW (in: hWnd=0x2e02ce, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0312.602] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0312.602] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0312.602] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0312.602] GetWindowRect (in: hWnd=0x2e02ce, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0312.603] GetParent (hWnd=0x2e02ce) returned 0x3802da
[0312.603] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3802da, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0312.603] GetWindowTextLengthW (hWnd=0x2e02ce) returned 0
[0312.603] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0312.603] GetSystemMetrics (nIndex=42) returned 0
[0312.603] GetWindowTextW (in: hWnd=0x2e02ce, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0312.603] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0312.603] GetWindowTextLengthW (hWnd=0x2e02ce) returned 0
[0312.603] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0312.603] GetSystemMetrics (nIndex=42) returned 0
[0312.603] GetWindowTextW (in: hWnd=0x2e02ce, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0312.603] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0312.603] SetWindowTextW (hWnd=0x2e02ce, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0312.603] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xc, wParam=0x0, lParam=0x2d92a48) returned 0x1
[0312.603] InvalidateRect (hWnd=0x2e02ce, lpRect=0x0, bErase=1) returned 1
[0312.603] GetCurrentThreadId () returned 0xf50
[0312.603] GetWindowThreadProcessId (in: hWnd=0x2e02ce, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0312.604] GdipCreateBitmapFromStream (stream=0x509feb0, bitmap=0xd7e840) returned 0x0
[0312.605] GdipImageForceValidation (image=0x66030e8) returned 0x0
[0312.607] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0312.607] GdipGetImageHeight (image=0x66030e8, height=0xd7e824) returned 0x0
[0312.607] GdipGetImageWidth (image=0x66030e8, width=0xd7e824) returned 0x0
[0312.607] GdipGetImageWidth (image=0x66030e8, width=0xd7e810) returned 0x0
[0312.607] GdipGetImageHeight (image=0x66030e8, height=0xd7e810) returned 0x0
[0312.607] GdipGetImageWidth (image=0x66030e8, width=0xd7e800) returned 0x0
[0312.607] GdipGetImageHeight (image=0x66030e8, height=0xd7e800) returned 0x0
[0312.607] GdipBitmapGetPixel (bitmap=0x66030e8, x=0, y=15, color=0xd7e810) returned 0x0
[0312.608] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0312.608] GdipGetImageWidth (image=0x66030e8, width=0xd7e740) returned 0x0
[0312.608] GdipGetImageHeight (image=0x66030e8, height=0xd7e740) returned 0x0
[0312.608] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0312.608] GdipGetImagePixelFormat (image=0x6602a58, format=0xd7e740) returned 0x0
[0312.608] GdipGetImageGraphicsContext (image=0x6602a58, graphics=0xd7e74c) returned 0x0
[0312.608] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0312.608] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0312.608] GdipSetImageAttributesColorKeys (imageattr=0x6638b48, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0312.608] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66030e8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b48, callback=0x0, callbackData=0x0) returned 0x0
[0312.608] GdipDisposeImageAttributes (imageattr=0x6638b48) returned 0x0
[0312.608] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.608] GdipDisposeImage (image=0x66030e8) returned 0x0
[0312.609] GdipCreateBitmapFromStream (stream=0x509fed0, bitmap=0xd7e840) returned 0x0
[0312.610] GdipImageForceValidation (image=0x66030e8) returned 0x0
[0312.611] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0312.611] GdipGetImageHeight (image=0x66030e8, height=0xd7e824) returned 0x0
[0312.612] GdipGetImageWidth (image=0x66030e8, width=0xd7e824) returned 0x0
[0312.612] GdipGetImageWidth (image=0x66030e8, width=0xd7e810) returned 0x0
[0312.612] GdipGetImageHeight (image=0x66030e8, height=0xd7e810) returned 0x0
[0312.612] GdipGetImageWidth (image=0x66030e8, width=0xd7e800) returned 0x0
[0312.612] GdipGetImageHeight (image=0x66030e8, height=0xd7e800) returned 0x0
[0312.612] GdipBitmapGetPixel (bitmap=0x66030e8, x=0, y=15, color=0xd7e810) returned 0x0
[0312.612] GdipGetImageRawFormat (image=0x66030e8, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0312.612] GdipGetImageWidth (image=0x66030e8, width=0xd7e740) returned 0x0
[0312.612] GdipGetImageHeight (image=0x66030e8, height=0xd7e740) returned 0x0
[0312.612] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0312.612] GdipGetImagePixelFormat (image=0x6600640, format=0xd7e740) returned 0x0
[0312.612] GdipGetImageGraphicsContext (image=0x6600640, graphics=0xd7e74c) returned 0x0
[0312.612] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0312.612] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0312.612] GdipSetImageAttributesColorKeys (imageattr=0x6638ae8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0312.612] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66030e8, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ae8, callback=0x0, callbackData=0x0) returned 0x0
[0312.613] GdipDisposeImageAttributes (imageattr=0x6638ae8) returned 0x0
[0312.613] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.613] GdipDisposeImage (image=0x66030e8) returned 0x0
[0312.613] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.613] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0312.613] GetCurrentThreadId () returned 0xf50
[0312.613] GetCurrentThreadId () returned 0xf50
[0312.614] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.614] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0312.614] GetCurrentThreadId () returned 0xf50
[0312.614] GetCurrentThreadId () returned 0xf50
[0312.614] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.614] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0312.614] GetCurrentThreadId () returned 0xf50
[0312.614] GetCurrentThreadId () returned 0xf50
[0312.614] GetSystemMetrics (nIndex=5) returned 1
[0312.614] GetSystemMetrics (nIndex=6) returned 1
[0312.615] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.615] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0312.615] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.615] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0312.615] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.616] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0312.616] GetCurrentThreadId () returned 0xf50
[0312.616] GetCurrentThreadId () returned 0xf50
[0312.616] GetProcessWindowStation () returned 0x13c
[0312.616] GetCapture () returned 0x0
[0312.616] GetActiveWindow () returned 0x7005c
[0312.616] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0312.616] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.616] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0312.616] GetCursorPos (in: lpPoint=0x2db2d2c | out: lpPoint=0x2db2d2c*(x=237, y=619)) returned 1
[0312.616] MonitorFromPoint (pt=0xed, dwFlags=0x26b) returned 0x10001
[0312.617] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0312.617] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x160107f8
[0312.617] GetDeviceCaps (hdc=0x160107f8, index=12) returned 32
[0312.617] GetDeviceCaps (hdc=0x160107f8, index=14) returned 1
[0312.617] DeleteDC (hdc=0x160107f8) returned 1
[0312.617] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0312.617] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.617] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2d02d0
[0312.618] SetWindowLongW (hWnd=0x2d02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0312.618] GetWindowLongW (hWnd=0x2d02d0, nIndex=-4) returned 1950089536
[0312.618] SetWindowLongW (hWnd=0x2d02d0, nIndex=-4, dwNewLong=19941070) returned 1950089536
[0312.618] GetWindowLongW (hWnd=0x2d02d0, nIndex=-4) returned 19941070
[0312.619] GetWindowLongW (hWnd=0x2d02d0, nIndex=-16) returned 113770496
[0312.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0312.620] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0312.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0312.621] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0312.621] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0312.621] SetWindowTextW (hWnd=0x2d02d0, lpString="BB ransomware") returned 1
[0312.621] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xc, wParam=0x0, lParam=0x2db14c8) returned 0x1
[0312.622] GetStartupInfoW (in: lpStartupInfo=0x2db3068 | out: lpStartupInfo=0x2db3068*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0312.623] GetParent (hWnd=0x2d02d0) returned 0x0
[0312.623] SetWindowLongW (hWnd=0x2d02d0, nIndex=-8, dwNewLong=0) returned 0
[0312.624] SendMessageW (hWnd=0x2d02d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0312.624] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0312.624] SendMessageW (hWnd=0x2d02d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0312.624] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0312.624] GetSystemMenu (hWnd=0x2d02d0, bRevert=0) returned 0x7700e1
[0312.625] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0312.625] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0312.625] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0312.625] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0312.625] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0312.625] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0312.626] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0312.626] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0312.626] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0312.626] SetWindowPos (hWnd=0x2d02d0, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0312.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0312.626] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x2d02d0) returned 0x1
[0312.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0312.629] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0312.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0312.630] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0312.631] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0312.633] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x2d02d0, lParam=0x0) returned 0x0
[0312.633] GetCapture () returned 0x0
[0312.633] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0312.634] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0312.635] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0312.637] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0312.637] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0312.637] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0312.641] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0312.642] GetParent (hWnd=0x2d02d0) returned 0x0
[0312.642] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0312.642] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0312.644] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0312.644] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0312.644] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0312.644] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0312.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0312.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0312.646] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0312.647] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.647] GetWindowLongW (hWnd=0x2d02d0, nIndex=-16) returned 113770496
[0312.647] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.647] GetSystemMetrics (nIndex=42) returned 0
[0312.647] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.647] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0312.648] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.648] GetSystemMetrics (nIndex=42) returned 0
[0312.648] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.648] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0312.648] GetCursorPos (in: lpPoint=0x2db32a4 | out: lpPoint=0x2db32a4*(x=237, y=619)) returned 1
[0312.648] MonitorFromPoint (pt=0xee, dwFlags=0x26a) returned 0x10001
[0312.648] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0312.648] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x6a010801
[0312.648] GetDeviceCaps (hdc=0x6a010801, index=12) returned 32
[0312.648] GetDeviceCaps (hdc=0x6a010801, index=14) returned 1
[0312.648] DeleteDC (hdc=0x6a010801) returned 1
[0312.649] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0312.649] GetWindowLongW (hWnd=0x2d02d0, nIndex=-16) returned 113770496
[0312.649] GetWindowLongW (hWnd=0x2d02d0, nIndex=-20) returned 327945
[0312.649] SetWindowLongW (hWnd=0x2d02d0, nIndex=-16, dwNewLong=46661632) returned 113770496
[0312.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0312.649] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0312.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0312.650] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0312.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0312.651] SetWindowLongW (hWnd=0x2d02d0, nIndex=-20, dwNewLong=327681) returned 327945
[0312.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0312.651] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0312.653] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0312.653] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0312.653] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0312.661] SetWindowPos (hWnd=0x2d02d0, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0312.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0312.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0312.662] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0312.662] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0312.662] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0312.662] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0312.663] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0312.663] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0312.663] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0312.664] RedrawWindow (hWnd=0x2d02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0312.664] GetSystemMenu (hWnd=0x2d02d0, bRevert=0) returned 0x7700e1
[0312.664] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0312.664] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0312.664] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0312.664] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0312.664] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0312.664] EnableMenuItem (hMenu=0x7700e1, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0312.664] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0312.664] GetWindowLongW (hWnd=0x2d02d0, nIndex=-8) returned 0
[0312.664] SetWindowLongW (hWnd=0x2d02d0, nIndex=-8, dwNewLong=458844) returned 0
[0312.665] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0312.665] GetProcessWindowStation () returned 0x13c
[0312.665] GetCurrentThreadId () returned 0xf50
[0312.665] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304796, lParam=0x0) returned 1
[0312.666] IsWindowVisible (hWnd=0x2d02d0) returned 0
[0312.666] IsWindowVisible (hWnd=0x7005c) returned 1
[0312.666] IsWindowEnabled (hWnd=0x7005c) returned 1
[0312.666] IsWindowVisible (hWnd=0x300ec) returned 0
[0312.666] IsWindowVisible (hWnd=0x502c6) returned 0
[0312.666] IsWindowVisible (hWnd=0x502be) returned 0
[0312.666] GetActiveWindow () returned 0x2d02d0
[0312.666] GetFocus () returned 0x2d02d0
[0312.666] IsWindow (hWnd=0x7005c) returned 1
[0312.666] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0312.666] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0312.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0312.667] GetWindowLongW (hWnd=0x2d02d0, nIndex=-8) returned 458844
[0312.667] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0312.667] GetCurrentThreadId () returned 0xf50
[0312.667] GetWindowLongW (hWnd=0x2d02d0, nIndex=-8) returned 458844
[0312.667] IsWindowEnabled (hWnd=0x7005c) returned 0
[0312.667] IsWindowEnabled (hWnd=0x2d02d0) returned 1
[0312.667] ShowWindow (hWnd=0x2d02d0, nCmdShow=5) returned 0
[0312.667] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.667] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0312.667] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.668] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.668] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x2d02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3802de
[0312.668] SetWindowLongW (hWnd=0x3802de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0312.668] GetWindowLongW (hWnd=0x3802de, nIndex=-4) returned 1950089536
[0312.668] SetWindowLongW (hWnd=0x3802de, nIndex=-4, dwNewLong=19941630) returned 1950089536
[0312.668] GetWindowLongW (hWnd=0x3802de, nIndex=-4) returned 19941630
[0312.668] GetWindowLongW (hWnd=0x3802de, nIndex=-16) returned 1174405120
[0312.668] GetWindowLongW (hWnd=0x3802de, nIndex=-12) returned 0
[0312.668] SetWindowLongW (hWnd=0x3802de, nIndex=-12, dwNewLong=3670750) returned 0
[0312.668] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0312.669] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0312.669] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0312.670] GetWindow (hWnd=0x3802de, uCmd=0x3) returned 0x0
[0312.670] GetClientRect (in: hWnd=0x3802de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0312.670] GetWindowRect (in: hWnd=0x3802de, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0312.670] GetParent (hWnd=0x3802de) returned 0x2d02d0
[0312.670] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0312.670] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0312.670] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0312.670] GetClientRect (in: hWnd=0x3802de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0312.670] GetWindowRect (in: hWnd=0x3802de, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0312.670] GetParent (hWnd=0x3802de) returned 0x2d02d0
[0312.670] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0312.670] SendMessageW (hWnd=0x3802de, Msg=0x2210, wParam=0x2de0001, lParam=0x3802de) returned 0x0
[0312.670] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x2210, wParam=0x2de0001, lParam=0x3802de) returned 0x0
[0312.671] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.671] GetParent (hWnd=0x3802de) returned 0x2d02d0
[0312.671] GetParent (hWnd=0x2e02ce) returned 0x3802da
[0312.671] SetParent (hWndChild=0x2e02ce, hWndNewParent=0x2d02d0) returned 0x3802da
[0312.671] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0312.671] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0312.672] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0312.672] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0312.672] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0312.672] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0312.672] GetWindowRect (in: hWnd=0x2e02ce, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0312.672] GetParent (hWnd=0x2e02ce) returned 0x2d02d0
[0312.672] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0312.672] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0312.672] GetWindowRect (in: hWnd=0x2e02ce, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0312.672] GetParent (hWnd=0x2e02ce) returned 0x2d02d0
[0312.672] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0312.672] GetParent (hWnd=0x2e02ce) returned 0x2d02d0
[0312.672] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.672] GetWindow (hWnd=0x2e02ce, uCmd=0x3) returned 0x0
[0312.672] SetWindowPos (hWnd=0x2e02ce, hWndInsertAfter=0x3802de, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0312.672] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0312.673] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0312.673] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0312.673] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0312.673] GetWindowRect (in: hWnd=0x2e02ce, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0312.673] GetParent (hWnd=0x2e02ce) returned 0x2d02d0
[0312.673] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0312.673] GetParent (hWnd=0x2e02ce) returned 0x2d02d0
[0312.673] GetWindow (hWnd=0x2e02ce, uCmd=0x3) returned 0x3802de
[0312.673] GetWindowThreadProcessId (in: hWnd=0x2e02ce, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0312.673] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0312.673] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.674] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.674] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x2d02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3a02d8
[0312.674] SetWindowLongW (hWnd=0x3a02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0312.674] GetWindowLongW (hWnd=0x3a02d8, nIndex=-4) returned 1868032000
[0312.675] SetWindowLongW (hWnd=0x3a02d8, nIndex=-4, dwNewLong=19941590) returned 1868032000
[0312.675] GetWindowLongW (hWnd=0x3a02d8, nIndex=-4) returned 19941590
[0312.675] GetWindowLongW (hWnd=0x3a02d8, nIndex=-16) returned 1174470667
[0312.675] GetWindowLongW (hWnd=0x3a02d8, nIndex=-12) returned 0
[0312.675] SetWindowLongW (hWnd=0x3a02d8, nIndex=-12, dwNewLong=3801816) returned 0
[0312.675] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0312.675] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0312.676] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0312.676] SendMessageW (hWnd=0x3a02d8, Msg=0x2055, wParam=0x3a02d8, lParam=0x3) returned 0x2
[0312.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0312.676] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0312.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0312.676] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0312.677] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0312.677] RedrawWindow (hWnd=0x3802de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0312.677] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0312.677] RedrawWindow (hWnd=0x2e02ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0312.677] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0312.677] RedrawWindow (hWnd=0x3a02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0312.677] RedrawWindow (hWnd=0x2d02d0, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0312.677] GetWindow (hWnd=0x3a02d8, uCmd=0x3) returned 0x2e02ce
[0312.677] GetClientRect (in: hWnd=0x3a02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0312.677] GetWindowRect (in: hWnd=0x3a02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0312.677] GetParent (hWnd=0x3a02d8) returned 0x2d02d0
[0312.677] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0312.677] SetWindowTextW (hWnd=0x3a02d8, lpString="&Details") returned 1
[0312.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0312.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0312.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0312.678] GetClientRect (in: hWnd=0x3a02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0312.678] GetWindowRect (in: hWnd=0x3a02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0312.678] GetParent (hWnd=0x3a02d8) returned 0x2d02d0
[0312.678] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0312.678] SendMessageW (hWnd=0x3a02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3a02d8) returned 0x0
[0312.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3a02d8) returned 0x0
[0312.678] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.679] GetParent (hWnd=0x3a02d8) returned 0x2d02d0
[0312.679] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0312.679] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.679] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.679] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x2d02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3b00ea
[0312.680] SetWindowLongW (hWnd=0x3b00ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0312.680] GetWindowLongW (hWnd=0x3b00ea, nIndex=-4) returned 1868032000
[0312.680] SetWindowLongW (hWnd=0x3b00ea, nIndex=-4, dwNewLong=19941310) returned 1868032000
[0312.680] GetWindowLongW (hWnd=0x3b00ea, nIndex=-4) returned 19941310
[0312.680] GetWindowLongW (hWnd=0x3b00ea, nIndex=-16) returned 1174470667
[0312.680] GetWindowLongW (hWnd=0x3b00ea, nIndex=-12) returned 0
[0312.680] SetWindowLongW (hWnd=0x3b00ea, nIndex=-12, dwNewLong=3866858) returned 0
[0312.680] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0312.681] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0312.681] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0312.682] SendMessageW (hWnd=0x3b00ea, Msg=0x2055, wParam=0x3b00ea, lParam=0x3) returned 0x2
[0312.682] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0312.682] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0312.682] GetWindow (hWnd=0x3b00ea, uCmd=0x3) returned 0x3a02d8
[0312.682] GetClientRect (in: hWnd=0x3b00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0312.682] GetWindowRect (in: hWnd=0x3b00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0312.682] GetParent (hWnd=0x3b00ea) returned 0x2d02d0
[0312.682] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0312.682] SetWindowTextW (hWnd=0x3b00ea, lpString="&Continue") returned 1
[0312.682] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0312.682] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0312.683] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0312.683] GetClientRect (in: hWnd=0x3b00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0312.683] GetWindowRect (in: hWnd=0x3b00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0312.683] GetParent (hWnd=0x3b00ea) returned 0x2d02d0
[0312.683] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0312.683] SendMessageW (hWnd=0x3b00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3b00ea) returned 0x0
[0312.683] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3b00ea) returned 0x0
[0312.683] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.683] GetParent (hWnd=0x3b00ea) returned 0x2d02d0
[0312.683] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0312.683] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.684] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.684] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x2d02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3802dc
[0312.684] SetWindowLongW (hWnd=0x3802dc, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0312.684] GetWindowLongW (hWnd=0x3802dc, nIndex=-4) returned 1868032000
[0312.685] SetWindowLongW (hWnd=0x3802dc, nIndex=-4, dwNewLong=19941470) returned 1868032000
[0312.685] GetWindowLongW (hWnd=0x3802dc, nIndex=-4) returned 19941470
[0312.685] GetWindowLongW (hWnd=0x3802dc, nIndex=-16) returned 1174470667
[0312.685] GetWindowLongW (hWnd=0x3802dc, nIndex=-12) returned 0
[0312.685] SetWindowLongW (hWnd=0x3802dc, nIndex=-12, dwNewLong=3670748) returned 0
[0312.685] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0312.686] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0312.686] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0312.686] SendMessageW (hWnd=0x3802dc, Msg=0x2055, wParam=0x3802dc, lParam=0x3) returned 0x2
[0312.686] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0312.687] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0312.687] GetWindow (hWnd=0x3802dc, uCmd=0x3) returned 0x3b00ea
[0312.687] GetClientRect (in: hWnd=0x3802dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0312.687] GetWindowRect (in: hWnd=0x3802dc, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0312.687] GetParent (hWnd=0x3802dc) returned 0x2d02d0
[0312.687] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0312.687] SetWindowTextW (hWnd=0x3802dc, lpString="&Quit") returned 1
[0312.687] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0312.687] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0312.687] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0312.687] GetClientRect (in: hWnd=0x3802dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0312.687] GetWindowRect (in: hWnd=0x3802dc, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0312.687] GetParent (hWnd=0x3802dc) returned 0x2d02d0
[0312.687] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0312.688] SendMessageW (hWnd=0x3802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3802dc) returned 0x0
[0312.688] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x2210, wParam=0x2dc0001, lParam=0x3802dc) returned 0x0
[0312.688] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.688] GetParent (hWnd=0x3802dc) returned 0x2d02d0
[0312.688] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0312.688] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.688] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0312.689] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x2d02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3202c8
[0312.689] SetWindowLongW (hWnd=0x3202c8, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0312.689] GetWindowLongW (hWnd=0x3202c8, nIndex=-4) returned 1868026976
[0312.689] SetWindowLongW (hWnd=0x3202c8, nIndex=-4, dwNewLong=19940390) returned 1868026976
[0312.689] GetWindowLongW (hWnd=0x3202c8, nIndex=-4) returned 19940390
[0312.689] GetWindowLongW (hWnd=0x3202c8, nIndex=-16) returned 1177553092
[0312.689] GetWindowLongW (hWnd=0x3202c8, nIndex=-12) returned 0
[0312.689] SetWindowLongW (hWnd=0x3202c8, nIndex=-12, dwNewLong=3277512) returned 0
[0312.689] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0312.691] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0312.692] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0312.705] GetWindow (hWnd=0x3202c8, uCmd=0x3) returned 0x3802dc
[0312.705] GetClientRect (in: hWnd=0x3202c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0312.706] GetWindowRect (in: hWnd=0x3202c8, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0312.706] GetParent (hWnd=0x3202c8) returned 0x2d02d0
[0312.706] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0312.706] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.706] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.706] GetSystemMetrics (nIndex=42) returned 0
[0312.706] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.706] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0312.706] SendMessageW (hWnd=0x3202c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0312.706] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0312.714] SetWindowTextW (hWnd=0x3202c8, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0312.714] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0xc, wParam=0x0, lParam=0x2daeeb0) returned 0x1
[0312.716] GetSystemMetrics (nIndex=5) returned 1
[0312.716] GetSystemMetrics (nIndex=6) returned 1
[0312.716] SendMessageW (hWnd=0x3202c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0312.716] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0312.717] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0312.717] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0312.717] GetClientRect (in: hWnd=0x3202c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0312.717] GetWindowRect (in: hWnd=0x3202c8, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0312.717] GetParent (hWnd=0x3202c8) returned 0x2d02d0
[0312.717] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2d02d0, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0312.717] SendMessageW (hWnd=0x3202c8, Msg=0x2210, wParam=0x2c80001, lParam=0x3202c8) returned 0x0
[0312.718] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x2210, wParam=0x2c80001, lParam=0x3202c8) returned 0x0
[0312.718] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0312.718] GetParent (hWnd=0x3202c8) returned 0x2d02d0
[0312.718] GetWindowLongW (hWnd=0x2d02d0, nIndex=-8) returned 458844
[0312.718] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0312.718] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0312.718] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x71010801
[0312.718] GetDeviceCaps (hdc=0x71010801, index=12) returned 32
[0312.718] GetDeviceCaps (hdc=0x71010801, index=14) returned 1
[0312.718] DeleteDC (hdc=0x71010801) returned 1
[0312.718] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0312.718] GetWindowThreadProcessId (in: hWnd=0x2d02d0, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0312.719] GetCurrentThreadId () returned 0xf50
[0312.719] PostMessageW (hWnd=0x2d02d0, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0312.719] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.719] GetSystemMetrics (nIndex=42) returned 0
[0312.719] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.719] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0312.719] GdipImageGetFrameDimensionsCount (image=0x6601360, count=0xd7e25c) returned 0x0
[0312.719] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200cc8
[0312.719] GdipImageGetFrameDimensionsList (image=0x6601360, dimensionIDs=0x1200cc8*(Data1=0x1200e60, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0312.719] LocalFree (hMem=0x1200cc8) returned 0x0
[0312.719] GdipImageGetFrameDimensionsCount (image=0x6602a58, count=0xd7e250) returned 0x0
[0312.719] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1200f98
[0312.719] GdipImageGetFrameDimensionsList (image=0x6602a58, dimensionIDs=0x1200f98*(Data1=0x1200cb0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0312.719] LocalFree (hMem=0x1200f98) returned 0x0
[0312.719] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0312.720] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0312.720] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0312.762] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0312.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0312.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0312.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0312.765] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0312.765] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0312.765] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.765] GetSystemMetrics (nIndex=42) returned 0
[0312.765] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.765] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0312.766] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0312.766] GetCurrentObject (hdc=0x60100ce, type=0x1) returned 0xb00017
[0312.766] GetCurrentObject (hdc=0x60100ce, type=0x2) returned 0x900010
[0312.766] GetCurrentObject (hdc=0x60100ce, type=0x7) returned 0xffffffffa80505d8
[0312.766] GetCurrentObject (hdc=0x60100ce, type=0x6) returned 0x8a01c2
[0312.766] SaveDC (hdc=0x60100ce) returned 1
[0312.766] GetNearestColor (hdc=0x60100ce, color=0xf0f0f0) returned 0xf0f0f0
[0312.766] CreateSolidBrush (color=0xf0f0f0) returned 0x871007e1
[0312.766] FillRect (hDC=0x60100ce, lprc=0xd7e1b8, hbr=0x871007e1) returned 1
[0312.766] DeleteObject (ho=0x871007e1) returned 1
[0312.766] RestoreDC (hdc=0x60100ce, nSavedDC=-1) returned 1
[0312.766] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0312.767] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0312.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0312.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x14, wParam=0x107b9, lParam=0x0) returned 0x1
[0312.767] GetStockObject (i=5) returned 0x900015
[0312.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0312.767] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0312.767] GetStockObject (i=5) returned 0x900015
[0312.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0312.768] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0312.768] GetStockObject (i=5) returned 0x900015
[0312.768] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0312.768] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0312.768] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0312.768] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0312.770] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0312.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0312.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0312.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0312.771] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0312.771] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0312.771] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0312.771] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0312.771] InvalidateRect (hWnd=0x3a02d8, lpRect=0x0, bErase=0) returned 1
[0312.771] GetFocus () returned 0x2d02d0
[0312.772] GetFocus () returned 0x2d02d0
[0312.772] SetFocus (hWnd=0x3a02d8) returned 0x2d02d0
[0312.772] GetFocus () returned 0x3a02d8
[0312.772] IsChild (hWndParent=0x2d02d0, hWnd=0x3a02d8) returned 1
[0312.772] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x8, wParam=0x3a02d8, lParam=0x0) returned 0x0
[0312.773] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0312.774] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0312.776] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0312.776] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x7, wParam=0x2d02d0, lParam=0x0) returned 0x0
[0312.776] GetStockObject (i=5) returned 0x900015
[0312.776] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0312.776] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0xd, wParam=0x9, lParam=0x11f55a0) returned 0x8
[0312.776] GetDlgItem (hDlg=0x2d02d0, nIDDlgItem=3801816) returned 0x3a02d8
[0312.776] SendMessageW (hWnd=0x3a02d8, Msg=0x202b, wParam=0x3a02d8, lParam=0xd7e0dc) returned 0x0
[0312.776] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x202b, wParam=0x3a02d8, lParam=0xd7e0dc) returned 0x0
[0312.776] InvalidateRect (hWnd=0x3a02d8, lpRect=0x0, bErase=0) returned 1
[0312.782] GetFocus () returned 0x3a02d8
[0312.782] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.782] IsWindowUnicode (hWnd=0x2d02d0) returned 1
[0312.782] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.782] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.782] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.782] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0312.783] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.783] IsWindowUnicode (hWnd=0x2d02d0) returned 1
[0312.783] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.783] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.783] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.783] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.783] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0312.783] IsWindowUnicode (hWnd=0x3b00ea) returned 1
[0312.783] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.783] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.783] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.784] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.784] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.784] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.784] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.784] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.784] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0312.784] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0312.784] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.784] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0312.784] IsWindowUnicode (hWnd=0x3b00ea) returned 1
[0312.784] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.784] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0312.784] SetCursor (hCursor=0x10003) returned 0x10003
[0312.784] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.784] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.784] _TrackMouseEvent (in: lpEventTrack=0x2db45ec | out: lpEventTrack=0x2db45ec) returned 1
[0312.785] SendMessageW (hWnd=0x3b00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0312.785] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0312.785] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0312.785] GetKeyState (nVirtKey=1) returned 0
[0312.785] GetKeyState (nVirtKey=2) returned 0
[0312.785] GetKeyState (nVirtKey=4) returned 0
[0312.785] GetKeyState (nVirtKey=5) returned 0
[0312.785] GetKeyState (nVirtKey=6) returned 0
[0312.785] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.785] IsWindowUnicode (hWnd=0x2d02d0) returned 1
[0312.785] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.785] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.785] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.787] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.787] IsWindowUnicode (hWnd=0x2d02d0) returned 1
[0312.787] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.787] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.787] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.788] BeginPaint (in: hWnd=0x2d02d0, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0312.788] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.788] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.788] GetSystemMetrics (nIndex=42) returned 0
[0312.788] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.788] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0312.788] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.788] EndPaint (hWnd=0x2d02d0, lpPaint=0xd7e274) returned 1
[0312.788] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.788] IsWindowUnicode (hWnd=0x3802de) returned 1
[0312.788] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.788] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.788] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.788] BeginPaint (in: hWnd=0x3802de, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0312.789] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.789] CreateCompatibleDC (hdc=0x10105d6) returned 0x470107f2
[0312.789] SelectObject (hdc=0x470107f2, h=0x4a0507fe) returned 0x85000f
[0312.789] GdipCreateFromHDC (hdc=0x470107f2, graphics=0xd7e2b0) returned 0x0
[0312.789] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.789] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0312.789] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0312.789] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0312.789] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7e310) returned 0x0
[0312.789] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0312.789] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0312.789] LocalFree (hMem=0x11eec58) returned 0x0
[0312.789] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0312.789] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0312.789] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0312.789] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0312.790] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0312.790] GetWindowTextLengthW (hWnd=0x3802de) returned 0
[0312.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0312.790] GetSystemMetrics (nIndex=42) returned 0
[0312.790] GetWindowTextW (in: hWnd=0x3802de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0312.790] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0312.790] GetClientRect (in: hWnd=0x3802de, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0312.790] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0312.790] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0312.790] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0312.790] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0312.790] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e164) returned 0x0
[0312.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0312.790] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0312.790] LocalFree (hMem=0x11ee910) returned 0x0
[0312.790] GdipCombineRegionRegion (region=0x6646328, region2=0x6646cb8, combineMode=0x1) returned 0x0
[0312.790] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.790] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0312.790] LocalFree (hMem=0x11ee788) returned 0x0
[0312.790] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0312.790] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0312.790] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0312.790] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0312.791] GdipDeleteRegion (region=0x6646328) returned 0x0
[0312.791] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0312.791] GetCurrentObject (hdc=0x470107f2, type=0x1) returned 0xb00017
[0312.791] GetCurrentObject (hdc=0x470107f2, type=0x2) returned 0x900010
[0312.791] GetCurrentObject (hdc=0x470107f2, type=0x7) returned 0x4a0507fe
[0312.791] GetCurrentObject (hdc=0x470107f2, type=0x6) returned 0x8a01c2
[0312.791] SaveDC (hdc=0x470107f2) returned 1
[0312.791] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbe0407de
[0312.791] GetClipRgn (hdc=0x470107f2, hrgn=0xbe0407de) returned 0
[0312.791] SelectClipRgn (hdc=0x470107f2, hrgn=0x41040807) returned 2
[0312.791] DeleteObject (ho=0xbe0407de) returned 1
[0312.791] DeleteObject (ho=0x41040807) returned 1
[0312.791] OffsetViewportOrgEx (in: hdc=0x470107f2, x=0, y=0, lppt=0x2db4a68 | out: lppt=0x2db4a68) returned 1
[0312.791] GetNearestColor (hdc=0x470107f2, color=0xf0f0f0) returned 0xf0f0f0
[0312.791] CreateSolidBrush (color=0xf0f0f0) returned 0x881007e1
[0312.791] FillRect (hDC=0x470107f2, lprc=0xd7e198, hbr=0x881007e1) returned 1
[0312.791] DeleteObject (ho=0x881007e1) returned 1
[0312.791] RestoreDC (hdc=0x470107f2, nSavedDC=-1) returned 1
[0312.791] GdipReleaseDC (graphics=0x6600030, hdc=0x470107f2) returned 0x0
[0312.792] GdipRestoreGraphics (graphics=0x6600030, state=0xf5140dbd) returned 0x0
[0312.792] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0312.792] GetWindowTextLengthW (hWnd=0x3802de) returned 0
[0312.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0312.792] GetSystemMetrics (nIndex=42) returned 0
[0312.792] GetWindowTextW (in: hWnd=0x3802de, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0312.792] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0312.792] GdipGetImageWidth (image=0x6601360, width=0xd7e1e0) returned 0x0
[0312.792] GdipGetImageHeight (image=0x6601360, height=0xd7e1e0) returned 0x0
[0312.792] GdipGetImageWidth (image=0x6601360, width=0xd7e1cc) returned 0x0
[0312.792] GdipGetImageHeight (image=0x6601360, height=0xd7e1cc) returned 0x0
[0312.792] GdipDrawImageRectI (graphics=0x6600030, image=0x6601360, x=16, y=16, width=32, height=32) returned 0x0
[0312.792] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0312.792] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x470107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.792] GdipReleaseDC (graphics=0x6600030, hdc=0x470107f2) returned 0x0
[0312.792] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.792] SelectObject (hdc=0x470107f2, h=0x85000f) returned 0x4a0507fe
[0312.792] DeleteDC (hdc=0x470107f2) returned 1
[0312.792] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.793] EndPaint (hWnd=0x3802de, lpPaint=0xd7e294) returned 1
[0312.793] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.793] IsWindowUnicode (hWnd=0x2e02ce) returned 1
[0312.793] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.793] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.793] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.793] BeginPaint (in: hWnd=0x2e02ce, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x60100ce
[0312.793] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.793] CreateCompatibleDC (hdc=0x60100ce) returned 0x490107f2
[0312.793] GetObjectType (h=0x60100ce) returned 0x3
[0312.793] CreateCompatibleBitmap (hdc=0x60100ce, cx=1, cy=1) returned 0x7d050801
[0312.793] GetDIBits (in: hdc=0x60100ce, hbm=0x7d050801, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0312.794] GetDIBits (in: hdc=0x60100ce, hbm=0x7d050801, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0312.794] DeleteObject (ho=0x7d050801) returned 1
[0312.794] CreateDIBSection (in: hdc=0x60100ce, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x507e0
[0312.794] SelectObject (hdc=0x490107f2, h=0x507e0) returned 0x85000f
[0312.794] GdipCreateFromHDC (hdc=0x490107f2, graphics=0xd7e234) returned 0x0
[0312.795] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.795] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0312.795] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0312.795] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0312.795] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2d4) returned 0x0
[0312.795] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0312.795] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0312.795] LocalFree (hMem=0x11eec58) returned 0x0
[0312.795] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0312.795] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0312.795] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0312.795] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0312.795] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0312.795] GetWindowTextLengthW (hWnd=0x2e02ce) returned 232
[0312.795] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0312.795] GetSystemMetrics (nIndex=42) returned 0
[0312.795] GetWindowTextW (in: hWnd=0x2e02ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0312.795] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0312.795] GetClientRect (in: hWnd=0x2e02ce, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0312.796] GdipCreateRegion (region=0xd7e110) returned 0x0
[0312.796] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0312.796] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0312.796] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0312.796] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e128) returned 0x0
[0312.796] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0312.796] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0312.796] LocalFree (hMem=0x11ee868) returned 0x0
[0312.796] GdipCombineRegionRegion (region=0x6646b98, region2=0x6646328, combineMode=0x1) returned 0x0
[0312.796] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0312.796] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0312.796] LocalFree (hMem=0x11ee8d8) returned 0x0
[0312.796] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0312.796] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e150) returned 0x0
[0312.796] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e140) returned 0x0
[0312.796] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0312.796] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0312.796] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0312.796] GetCurrentObject (hdc=0x490107f2, type=0x1) returned 0xb00017
[0312.796] GetCurrentObject (hdc=0x490107f2, type=0x2) returned 0x900010
[0312.796] GetCurrentObject (hdc=0x490107f2, type=0x7) returned 0x507e0
[0312.796] GetCurrentObject (hdc=0x490107f2, type=0x6) returned 0x8a01c2
[0312.797] SaveDC (hdc=0x490107f2) returned 1
[0312.797] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x42040807
[0312.797] GetClipRgn (hdc=0x490107f2, hrgn=0x42040807) returned 0
[0312.797] SelectClipRgn (hdc=0x490107f2, hrgn=0xbf0407de) returned 2
[0312.797] DeleteObject (ho=0x42040807) returned 1
[0312.797] DeleteObject (ho=0xbf0407de) returned 1
[0312.797] OffsetViewportOrgEx (in: hdc=0x490107f2, x=0, y=0, lppt=0x2db6430 | out: lppt=0x2db6430) returned 1
[0312.797] GetNearestColor (hdc=0x490107f2, color=0xf0f0f0) returned 0xf0f0f0
[0312.797] CreateSolidBrush (color=0xf0f0f0) returned 0x891007e1
[0312.797] FillRect (hDC=0x490107f2, lprc=0xd7e15c, hbr=0x891007e1) returned 1
[0312.798] DeleteObject (ho=0x891007e1) returned 1
[0312.798] RestoreDC (hdc=0x490107f2, nSavedDC=-1) returned 1
[0312.798] GdipReleaseDC (graphics=0x6600030, hdc=0x490107f2) returned 0x0
[0312.798] GdipRestoreGraphics (graphics=0x6600030, state=0xf5120dbd) returned 0x0
[0312.798] GdipDeleteRegion (region=0x6646328) returned 0x0
[0312.798] GetWindowTextLengthW (hWnd=0x2e02ce) returned 232
[0312.798] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0312.799] GetSystemMetrics (nIndex=42) returned 0
[0312.799] GetWindowTextW (in: hWnd=0x2e02ce, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0312.799] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0312.799] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0312.799] GetCurrentObject (hdc=0x490107f2, type=0x1) returned 0xb00017
[0312.799] GetCurrentObject (hdc=0x490107f2, type=0x2) returned 0x900010
[0312.799] GetCurrentObject (hdc=0x490107f2, type=0x7) returned 0x507e0
[0312.799] GetCurrentObject (hdc=0x490107f2, type=0x6) returned 0x8a01c2
[0312.799] SaveDC (hdc=0x490107f2) returned 1
[0312.799] GetNearestColor (hdc=0x490107f2, color=0x0) returned 0x0
[0312.799] RestoreDC (hdc=0x490107f2, nSavedDC=-1) returned 1
[0312.799] GdipReleaseDC (graphics=0x6600030, hdc=0x490107f2) returned 0x0
[0312.800] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0312.800] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0312.800] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2db6c2c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0312.800] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0312.800] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0312.800] GetCurrentObject (hdc=0x490107f2, type=0x1) returned 0xb00017
[0312.800] GetCurrentObject (hdc=0x490107f2, type=0x2) returned 0x900010
[0312.800] GetCurrentObject (hdc=0x490107f2, type=0x7) returned 0x507e0
[0312.800] GetCurrentObject (hdc=0x490107f2, type=0x6) returned 0x8a01c2
[0312.800] SaveDC (hdc=0x490107f2) returned 1
[0312.801] GetTextAlign (hdc=0x490107f2) returned 0x0
[0312.801] GetTextColor (hdc=0x490107f2) returned 0x0
[0312.801] GetCurrentObject (hdc=0x490107f2, type=0x6) returned 0x8a01c2
[0312.801] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0312.801] SelectObject (hdc=0x490107f2, h=0x6d0a0520) returned 0x8a01c2
[0312.801] GetBkMode (hdc=0x490107f2) returned 2
[0312.801] SetBkMode (hdc=0x490107f2, mode=1) returned 2
[0312.801] DrawTextExW (in: hdc=0x490107f2, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2db6e50 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0312.804] RestoreDC (hdc=0x490107f2, nSavedDC=-1) returned 1
[0312.804] GdipReleaseDC (graphics=0x6600030, hdc=0x490107f2) returned 0x0
[0312.804] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0312.804] BitBlt (hdc=0x60100ce, x=0, y=0, cx=354, cy=68, hdcSrc=0x490107f2, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.804] GdipReleaseDC (graphics=0x6600030, hdc=0x490107f2) returned 0x0
[0312.804] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.804] SelectObject (hdc=0x490107f2, h=0x85000f) returned 0x507e0
[0312.804] DeleteDC (hdc=0x490107f2) returned 1
[0312.804] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.804] DeleteObject (ho=0x507e0) returned 1
[0312.805] EndPaint (hWnd=0x2e02ce, lpPaint=0xd7e258) returned 1
[0312.805] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.805] IsWindowUnicode (hWnd=0x3a02d8) returned 1
[0312.805] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.805] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.805] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.805] BeginPaint (in: hWnd=0x3a02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x107b9
[0312.805] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.806] CreateCompatibleDC (hdc=0x107b9) returned 0x7f010801
[0312.806] SelectObject (hdc=0x7f010801, h=0x4a0507fe) returned 0x85000f
[0312.806] GdipCreateFromHDC (hdc=0x7f010801, graphics=0xd7e268) returned 0x0
[0312.806] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.806] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0312.806] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0312.806] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0312.806] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0312.806] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.806] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0312.806] LocalFree (hMem=0x11ee788) returned 0x0
[0312.806] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0312.806] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0312.806] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0312.806] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0312.806] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0312.806] GdipRestoreGraphics (graphics=0x6600030, state=0xf5100dbd) returned 0x0
[0312.807] GdipDeleteRegion (region=0x6646328) returned 0x0
[0312.807] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0312.807] GetCurrentObject (hdc=0x7f010801, type=0x1) returned 0xb00017
[0312.807] GetCurrentObject (hdc=0x7f010801, type=0x2) returned 0x900010
[0312.807] GetCurrentObject (hdc=0x7f010801, type=0x7) returned 0x4a0507fe
[0312.807] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.807] SaveDC (hdc=0x7f010801) returned 1
[0312.807] GetNearestColor (hdc=0x7f010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.807] GetNearestColor (hdc=0x7f010801, color=0xa0a0a0) returned 0xa0a0a0
[0312.807] GetNearestColor (hdc=0x7f010801, color=0x696969) returned 0x696969
[0312.807] GetNearestColor (hdc=0x7f010801, color=0xa0a0a0) returned 0xa0a0a0
[0312.807] GetNearestColor (hdc=0x7f010801, color=0x0) returned 0x0
[0312.807] GetNearestColor (hdc=0x7f010801, color=0xffffff) returned 0xffffff
[0312.807] GetNearestColor (hdc=0x7f010801, color=0xe5e5e5) returned 0xe5e5e5
[0312.807] GetNearestColor (hdc=0x7f010801, color=0xd7d7d7) returned 0xd7d7d7
[0312.807] GetNearestColor (hdc=0x7f010801, color=0x0) returned 0x0
[0312.807] RestoreDC (hdc=0x7f010801, nSavedDC=-1) returned 1
[0312.807] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010801) returned 0x0
[0312.808] IsAppThemed () returned 0x1
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] GdipGetImageWidth (image=0x6602a58, width=0xd7e168) returned 0x0
[0312.808] GdipGetImageHeight (image=0x6602a58, height=0xd7e168) returned 0x0
[0312.808] IsAppThemed () returned 0x1
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2db75a0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0312.808] IsAppThemed () returned 0x1
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] IsAppThemed () returned 0x1
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] GetFocus () returned 0x3a02d8
[0312.808] IsAppThemed () returned 0x1
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] GetThemeAppProperties () returned 0x3
[0312.808] IsAppThemed () returned 0x1
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] IsThemePartDefined () returned 0x1
[0312.809] IsAppThemed () returned 0x1
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0312.809] IsAppThemed () returned 0x1
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] IsAppThemed () returned 0x1
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] GetThemeAppProperties () returned 0x3
[0312.809] IsThemePartDefined () returned 0x1
[0312.809] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0312.809] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0312.809] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0312.809] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0312.814] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0312.814] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0312.814] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee9f0) returned 0x0
[0312.814] LocalFree (hMem=0x11ee9f0) returned 0x0
[0312.814] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0312.814] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0312.814] LocalFree (hMem=0x11eec58) returned 0x0
[0312.814] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0312.814] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e018) returned 0x0
[0312.814] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7e008) returned 0x0
[0312.814] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0312.814] GdipDeleteRegion (region=0x6646328) returned 0x0
[0312.814] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0312.815] GetCurrentObject (hdc=0x7f010801, type=0x1) returned 0xb00017
[0312.815] GetCurrentObject (hdc=0x7f010801, type=0x2) returned 0x900010
[0312.815] GetCurrentObject (hdc=0x7f010801, type=0x7) returned 0x4a0507fe
[0312.815] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.815] SaveDC (hdc=0x7f010801) returned 1
[0312.815] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc00407de
[0312.815] GetClipRgn (hdc=0x7f010801, hrgn=0xc00407de) returned 0
[0312.815] SelectClipRgn (hdc=0x7f010801, hrgn=0x46040807) returned 2
[0312.815] DeleteObject (ho=0xc00407de) returned 1
[0312.815] DeleteObject (ho=0x46040807) returned 1
[0312.815] OffsetViewportOrgEx (in: hdc=0x7f010801, x=0, y=0, lppt=0x2db7c50 | out: lppt=0x2db7c50) returned 1
[0312.815] DrawThemeParentBackground () returned 0x0
[0312.815] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0312.815] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0312.815] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.816] GetSystemMetrics (nIndex=42) returned 0
[0312.816] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0312.816] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0312.816] GetCurrentObject (hdc=0x7f010801, type=0x1) returned 0xb00017
[0312.816] GetCurrentObject (hdc=0x7f010801, type=0x2) returned 0x900010
[0312.816] GetCurrentObject (hdc=0x7f010801, type=0x7) returned 0x4a0507fe
[0312.816] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.816] SaveDC (hdc=0x7f010801) returned 2
[0312.816] GetNearestColor (hdc=0x7f010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.816] CreateSolidBrush (color=0xf0f0f0) returned 0x8a1007e1
[0312.816] FillRect (hDC=0x7f010801, lprc=0xd7da38, hbr=0x8a1007e1) returned 1
[0312.816] DeleteObject (ho=0x8a1007e1) returned 1
[0312.816] RestoreDC (hdc=0x7f010801, nSavedDC=-1) returned 1
[0312.816] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.816] GetSystemMetrics (nIndex=42) returned 0
[0312.816] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.816] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0312.817] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0312.817] GetCurrentObject (hdc=0x7f010801, type=0x1) returned 0xb00017
[0312.817] GetCurrentObject (hdc=0x7f010801, type=0x2) returned 0x900010
[0312.817] GetCurrentObject (hdc=0x7f010801, type=0x7) returned 0x4a0507fe
[0312.817] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.817] SaveDC (hdc=0x7f010801) returned 2
[0312.817] GetNearestColor (hdc=0x7f010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.817] CreateSolidBrush (color=0xf0f0f0) returned 0x8b1007e1
[0312.817] FillRect (hDC=0x7f010801, lprc=0xd7d9d8, hbr=0x8b1007e1) returned 1
[0312.817] DeleteObject (ho=0x8b1007e1) returned 1
[0312.817] RestoreDC (hdc=0x7f010801, nSavedDC=-1) returned 1
[0312.817] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.817] GetSystemMetrics (nIndex=42) returned 0
[0312.817] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.817] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0312.817] RestoreDC (hdc=0x7f010801, nSavedDC=-1) returned 1
[0312.817] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010801) returned 0x0
[0312.817] IsAppThemed () returned 0x1
[0312.818] GetThemeAppProperties () returned 0x3
[0312.818] GetThemeAppProperties () returned 0x3
[0312.818] IsAppThemed () returned 0x1
[0312.818] GetThemeAppProperties () returned 0x3
[0312.818] GetThemeAppProperties () returned 0x3
[0312.818] IsThemePartDefined () returned 0x1
[0312.818] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0312.818] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0312.818] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0312.818] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0312.818] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0312.818] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee9f0) returned 0x0
[0312.818] LocalFree (hMem=0x11ee9f0) returned 0x0
[0312.818] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee788) returned 0x0
[0312.818] LocalFree (hMem=0x11ee788) returned 0x0
[0312.818] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0312.818] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0312.818] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0312.818] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0312.818] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0312.818] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0312.818] GetCurrentObject (hdc=0x7f010801, type=0x1) returned 0xb00017
[0312.818] GetCurrentObject (hdc=0x7f010801, type=0x2) returned 0x900010
[0312.819] GetCurrentObject (hdc=0x7f010801, type=0x7) returned 0x4a0507fe
[0312.819] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.819] SaveDC (hdc=0x7f010801) returned 1
[0312.819] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x47040807
[0312.819] GetClipRgn (hdc=0x7f010801, hrgn=0x47040807) returned 0
[0312.819] SelectClipRgn (hdc=0x7f010801, hrgn=0xc20407de) returned 2
[0312.819] DeleteObject (ho=0x47040807) returned 1
[0312.819] DeleteObject (ho=0xc20407de) returned 1
[0312.819] OffsetViewportOrgEx (in: hdc=0x7f010801, x=0, y=0, lppt=0x2db84fc | out: lppt=0x2db84fc) returned 1
[0312.819] IsAppThemed () returned 0x1
[0312.819] GetThemeAppProperties () returned 0x3
[0312.819] GetThemeAppProperties () returned 0x3
[0312.819] DrawThemeBackground () returned 0x0
[0312.819] RestoreDC (hdc=0x7f010801, nSavedDC=-1) returned 1
[0312.819] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010801) returned 0x0
[0312.819] GdipCreateRegion (region=0xd7df60) returned 0x0
[0312.819] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0312.819] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0312.820] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0312.820] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df78) returned 0x0
[0312.820] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.820] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0312.820] LocalFree (hMem=0x11ee788) returned 0x0
[0312.820] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.820] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0312.820] LocalFree (hMem=0x11ee788) returned 0x0
[0312.820] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0312.820] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0312.820] GdipIsInfiniteRegion (region=0x6646328, graphics=0x6600030, result=0xd7df90) returned 0x0
[0312.820] GdipGetRegionHRgn (region=0x6646328, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0312.820] GdipDeleteRegion (region=0x6646328) returned 0x0
[0312.820] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0312.820] GetCurrentObject (hdc=0x7f010801, type=0x1) returned 0xb00017
[0312.820] GetCurrentObject (hdc=0x7f010801, type=0x2) returned 0x900010
[0312.820] GetCurrentObject (hdc=0x7f010801, type=0x7) returned 0x4a0507fe
[0312.820] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.820] SaveDC (hdc=0x7f010801) returned 1
[0312.820] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc30407de
[0312.821] GetClipRgn (hdc=0x7f010801, hrgn=0xc30407de) returned 0
[0312.821] SelectClipRgn (hdc=0x7f010801, hrgn=0x48040807) returned 2
[0312.821] DeleteObject (ho=0xc30407de) returned 1
[0312.821] DeleteObject (ho=0x48040807) returned 1
[0312.821] OffsetViewportOrgEx (in: hdc=0x7f010801, x=0, y=0, lppt=0x2db87d0 | out: lppt=0x2db87d0) returned 1
[0312.821] IsAppThemed () returned 0x1
[0312.821] GetThemeAppProperties () returned 0x3
[0312.821] GetThemeAppProperties () returned 0x3
[0312.821] GetThemeBackgroundContentRect () returned 0x0
[0312.821] RestoreDC (hdc=0x7f010801, nSavedDC=-1) returned 1
[0312.821] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010801) returned 0x0
[0312.821] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0312.821] GdipGetClip (graphics=0x6600030, region=0x6646328) returned 0x0
[0312.821] GdipCloneRegion (region=0x6646328, cloneRegion=0xd7e150) returned 0x0
[0312.821] GdipCombineRegionRectI (region=0x6646b08, rect=0xd7e138, combineMode=0x1) returned 0x0
[0312.821] GdipCombineRegionRectI (region=0x6646b08, rect=0xd7e138, combineMode=0x1) returned 0x0
[0312.821] GdipSetClipRegion (graphics=0x6600030, region=0x6646b08, combineMode=0x0) returned 0x0
[0312.821] GdipGetImageWidth (image=0x6602a58, width=0xd7e154) returned 0x0
[0312.821] GdipGetImageHeight (image=0x6602a58, height=0xd7e148) returned 0x0
[0312.822] GdipDrawImageRectI (graphics=0x6600030, image=0x6602a58, x=4, y=4, width=16, height=16) returned 0x0
[0312.822] GdipSetClipRegion (graphics=0x6600030, region=0x6646328, combineMode=0x0) returned 0x0
[0312.822] IsAppThemed () returned 0x1
[0312.822] GetThemeAppProperties () returned 0x3
[0312.822] GetThemeAppProperties () returned 0x3
[0312.822] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0312.822] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0312.822] GetCurrentObject (hdc=0x7f010801, type=0x1) returned 0xb00017
[0312.822] GetCurrentObject (hdc=0x7f010801, type=0x2) returned 0x900010
[0312.822] GetCurrentObject (hdc=0x7f010801, type=0x7) returned 0x4a0507fe
[0312.822] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.822] SaveDC (hdc=0x7f010801) returned 1
[0312.822] GetTextAlign (hdc=0x7f010801) returned 0x0
[0312.822] GetTextColor (hdc=0x7f010801) returned 0x0
[0312.822] GetCurrentObject (hdc=0x7f010801, type=0x6) returned 0x8a01c2
[0312.822] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0312.822] SelectObject (hdc=0x7f010801, h=0x6d0a0520) returned 0x8a01c2
[0312.823] GetBkMode (hdc=0x7f010801) returned 2
[0312.823] SetBkMode (hdc=0x7f010801, mode=1) returned 2
[0312.823] DrawTextExW (in: hdc=0x7f010801, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2db8b90 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0312.823] DrawTextExW (in: hdc=0x7f010801, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2db8b90 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0312.823] RestoreDC (hdc=0x7f010801, nSavedDC=-1) returned 1
[0312.823] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010801) returned 0x0
[0312.823] GetFocus () returned 0x3a02d8
[0312.823] IsAppThemed () returned 0x1
[0312.823] GetThemeAppProperties () returned 0x3
[0312.823] GetThemeAppProperties () returned 0x3
[0312.824] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0312.824] BitBlt (hdc=0x107b9, x=0, y=0, cx=100, cy=23, hdcSrc=0x7f010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.824] GdipReleaseDC (graphics=0x6600030, hdc=0x7f010801) returned 0x0
[0312.824] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.824] SelectObject (hdc=0x7f010801, h=0x85000f) returned 0x4a0507fe
[0312.824] DeleteDC (hdc=0x7f010801) returned 1
[0312.824] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.824] EndPaint (hWnd=0x3a02d8, lpPaint=0xd7e24c) returned 1
[0312.824] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.824] IsWindowUnicode (hWnd=0x3b00ea) returned 1
[0312.824] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.824] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.824] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.825] BeginPaint (in: hWnd=0x3b00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xc0107c5
[0312.825] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.825] CreateCompatibleDC (hdc=0xc0107c5) returned 0x81010801
[0312.825] SelectObject (hdc=0x81010801, h=0x4a0507fe) returned 0x85000f
[0312.825] GdipCreateFromHDC (hdc=0x81010801, graphics=0xd7e268) returned 0x0
[0312.825] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.825] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0312.826] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0312.826] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0312.826] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0312.826] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0312.826] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea60) returned 0x0
[0312.826] LocalFree (hMem=0x11eea60) returned 0x0
[0312.826] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0312.826] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0312.826] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0312.826] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0312.826] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0312.826] GdipRestoreGraphics (graphics=0x6600030, state=0xf50e0dbd) returned 0x0
[0312.826] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0312.826] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0312.826] GetCurrentObject (hdc=0x81010801, type=0x1) returned 0xb00017
[0312.826] GetCurrentObject (hdc=0x81010801, type=0x2) returned 0x900010
[0312.826] GetCurrentObject (hdc=0x81010801, type=0x7) returned 0x4a0507fe
[0312.826] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.826] SaveDC (hdc=0x81010801) returned 1
[0312.826] GetNearestColor (hdc=0x81010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.827] GetNearestColor (hdc=0x81010801, color=0xa0a0a0) returned 0xa0a0a0
[0312.827] GetNearestColor (hdc=0x81010801, color=0x696969) returned 0x696969
[0312.827] GetNearestColor (hdc=0x81010801, color=0xa0a0a0) returned 0xa0a0a0
[0312.827] GetNearestColor (hdc=0x81010801, color=0x0) returned 0x0
[0312.827] GetNearestColor (hdc=0x81010801, color=0xffffff) returned 0xffffff
[0312.827] GetNearestColor (hdc=0x81010801, color=0xe5e5e5) returned 0xe5e5e5
[0312.827] GetNearestColor (hdc=0x81010801, color=0xd7d7d7) returned 0xd7d7d7
[0312.827] GetNearestColor (hdc=0x81010801, color=0x0) returned 0x0
[0312.827] RestoreDC (hdc=0x81010801, nSavedDC=-1) returned 1
[0312.827] GdipReleaseDC (graphics=0x6600030, hdc=0x81010801) returned 0x0
[0312.827] IsAppThemed () returned 0x1
[0312.827] GetThemeAppProperties () returned 0x3
[0312.827] GetThemeAppProperties () returned 0x3
[0312.827] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0312.827] SendMessageW (hWnd=0x2d02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0312.827] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0312.827] IsAppThemed () returned 0x1
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2db93a0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0312.828] IsAppThemed () returned 0x1
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] IsAppThemed () returned 0x1
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] IsAppThemed () returned 0x1
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] IsAppThemed () returned 0x1
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] IsThemePartDefined () returned 0x1
[0312.828] IsAppThemed () returned 0x1
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] GetThemeAppProperties () returned 0x3
[0312.828] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0312.828] IsAppThemed () returned 0x1
[0312.829] GetThemeAppProperties () returned 0x3
[0312.829] GetThemeAppProperties () returned 0x3
[0312.829] IsAppThemed () returned 0x1
[0312.829] GetThemeAppProperties () returned 0x3
[0312.829] GetThemeAppProperties () returned 0x3
[0312.829] IsThemePartDefined () returned 0x1
[0312.829] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0312.829] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0312.829] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0312.829] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0312.829] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dfe4) returned 0x0
[0312.829] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0312.829] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0312.829] LocalFree (hMem=0x11ee9f0) returned 0x0
[0312.829] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0312.829] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eea60) returned 0x0
[0312.829] LocalFree (hMem=0x11eea60) returned 0x0
[0312.829] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0312.829] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0312.829] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0312.829] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0312.829] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0312.829] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0312.830] GetCurrentObject (hdc=0x81010801, type=0x1) returned 0xb00017
[0312.830] GetCurrentObject (hdc=0x81010801, type=0x2) returned 0x900010
[0312.830] GetCurrentObject (hdc=0x81010801, type=0x7) returned 0x4a0507fe
[0312.830] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.830] SaveDC (hdc=0x81010801) returned 1
[0312.830] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x49040807
[0312.830] GetClipRgn (hdc=0x81010801, hrgn=0x49040807) returned 0
[0312.830] SelectClipRgn (hdc=0x81010801, hrgn=0xc70407de) returned 2
[0312.830] DeleteObject (ho=0x49040807) returned 1
[0312.830] DeleteObject (ho=0xc70407de) returned 1
[0312.830] OffsetViewportOrgEx (in: hdc=0x81010801, x=0, y=0, lppt=0x2db9a50 | out: lppt=0x2db9a50) returned 1
[0312.830] DrawThemeParentBackground () returned 0x0
[0312.830] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0312.830] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0312.830] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.830] GetSystemMetrics (nIndex=42) returned 0
[0312.830] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.830] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0312.831] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x1) returned 0xb00017
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x2) returned 0x900010
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x7) returned 0x4a0507fe
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.831] SaveDC (hdc=0x81010801) returned 2
[0312.831] GetNearestColor (hdc=0x81010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.831] CreateSolidBrush (color=0xf0f0f0) returned 0x8c1007e1
[0312.831] FillRect (hDC=0x81010801, lprc=0xd7da30, hbr=0x8c1007e1) returned 1
[0312.831] DeleteObject (ho=0x8c1007e1) returned 1
[0312.831] RestoreDC (hdc=0x81010801, nSavedDC=-1) returned 1
[0312.831] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.831] GetSystemMetrics (nIndex=42) returned 0
[0312.831] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.831] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0312.831] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x1) returned 0xb00017
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x2) returned 0x900010
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x7) returned 0x4a0507fe
[0312.831] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.832] SaveDC (hdc=0x81010801) returned 2
[0312.832] GetNearestColor (hdc=0x81010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.832] CreateSolidBrush (color=0xf0f0f0) returned 0x8d1007e1
[0312.832] FillRect (hDC=0x81010801, lprc=0xd7d9d0, hbr=0x8d1007e1) returned 1
[0312.832] DeleteObject (ho=0x8d1007e1) returned 1
[0312.832] RestoreDC (hdc=0x81010801, nSavedDC=-1) returned 1
[0312.832] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.832] GetSystemMetrics (nIndex=42) returned 0
[0312.832] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0312.832] RestoreDC (hdc=0x81010801, nSavedDC=-1) returned 1
[0312.832] GdipReleaseDC (graphics=0x6600030, hdc=0x81010801) returned 0x0
[0312.832] IsAppThemed () returned 0x1
[0312.832] GetThemeAppProperties () returned 0x3
[0312.832] GetThemeAppProperties () returned 0x3
[0312.832] IsAppThemed () returned 0x1
[0312.832] GetThemeAppProperties () returned 0x3
[0312.832] GetThemeAppProperties () returned 0x3
[0312.832] IsThemePartDefined () returned 0x1
[0312.833] GdipCreateRegion (region=0xd7df50) returned 0x0
[0312.833] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0312.833] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0312.833] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0312.833] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0312.833] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0312.833] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea60) returned 0x0
[0312.833] LocalFree (hMem=0x11eea60) returned 0x0
[0312.833] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0312.833] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0312.833] LocalFree (hMem=0x11ee868) returned 0x0
[0312.833] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0312.833] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df90) returned 0x0
[0312.833] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df80) returned 0x0
[0312.833] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0312.833] GdipDeleteRegion (region=0x6646718) returned 0x0
[0312.833] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0312.833] GetCurrentObject (hdc=0x81010801, type=0x1) returned 0xb00017
[0312.833] GetCurrentObject (hdc=0x81010801, type=0x2) returned 0x900010
[0312.833] GetCurrentObject (hdc=0x81010801, type=0x7) returned 0x4a0507fe
[0312.833] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.834] SaveDC (hdc=0x81010801) returned 1
[0312.834] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc80407de
[0312.834] GetClipRgn (hdc=0x81010801, hrgn=0xc80407de) returned 0
[0312.834] SelectClipRgn (hdc=0x81010801, hrgn=0x4b040807) returned 2
[0312.834] DeleteObject (ho=0xc80407de) returned 1
[0312.834] DeleteObject (ho=0x4b040807) returned 1
[0312.834] OffsetViewportOrgEx (in: hdc=0x81010801, x=0, y=0, lppt=0x2dba2fc | out: lppt=0x2dba2fc) returned 1
[0312.834] IsAppThemed () returned 0x1
[0312.834] GetThemeAppProperties () returned 0x3
[0312.834] GetThemeAppProperties () returned 0x3
[0312.834] DrawThemeBackground () returned 0x0
[0312.834] RestoreDC (hdc=0x81010801, nSavedDC=-1) returned 1
[0312.834] GdipReleaseDC (graphics=0x6600030, hdc=0x81010801) returned 0x0
[0312.834] GdipCreateRegion (region=0xd7df54) returned 0x0
[0312.834] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0312.834] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0312.834] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0312.834] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7df6c) returned 0x0
[0312.834] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.834] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0312.835] LocalFree (hMem=0x11ee788) returned 0x0
[0312.835] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0312.835] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0312.835] LocalFree (hMem=0x11eec58) returned 0x0
[0312.835] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0312.835] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df94) returned 0x0
[0312.835] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df84) returned 0x0
[0312.835] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0312.835] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0312.835] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0312.835] GetCurrentObject (hdc=0x81010801, type=0x1) returned 0xb00017
[0312.835] GetCurrentObject (hdc=0x81010801, type=0x2) returned 0x900010
[0312.835] GetCurrentObject (hdc=0x81010801, type=0x7) returned 0x4a0507fe
[0312.835] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.835] SaveDC (hdc=0x81010801) returned 1
[0312.835] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x4c040807
[0312.835] GetClipRgn (hdc=0x81010801, hrgn=0x4c040807) returned 0
[0312.835] SelectClipRgn (hdc=0x81010801, hrgn=0xc90407de) returned 2
[0312.835] DeleteObject (ho=0x4c040807) returned 1
[0312.835] DeleteObject (ho=0xc90407de) returned 1
[0312.835] OffsetViewportOrgEx (in: hdc=0x81010801, x=0, y=0, lppt=0x2dba5d0 | out: lppt=0x2dba5d0) returned 1
[0312.836] IsAppThemed () returned 0x1
[0312.836] GetThemeAppProperties () returned 0x3
[0312.836] GetThemeAppProperties () returned 0x3
[0312.836] GetThemeBackgroundContentRect () returned 0x0
[0312.836] RestoreDC (hdc=0x81010801, nSavedDC=-1) returned 1
[0312.836] GdipReleaseDC (graphics=0x6600030, hdc=0x81010801) returned 0x0
[0312.836] IsAppThemed () returned 0x1
[0312.836] GetThemeAppProperties () returned 0x3
[0312.836] GetThemeAppProperties () returned 0x3
[0312.836] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0312.836] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0312.836] GetCurrentObject (hdc=0x81010801, type=0x1) returned 0xb00017
[0312.836] GetCurrentObject (hdc=0x81010801, type=0x2) returned 0x900010
[0312.836] GetCurrentObject (hdc=0x81010801, type=0x7) returned 0x4a0507fe
[0312.836] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.836] SaveDC (hdc=0x81010801) returned 1
[0312.836] GetTextAlign (hdc=0x81010801) returned 0x0
[0312.836] GetTextColor (hdc=0x81010801) returned 0x0
[0312.836] GetCurrentObject (hdc=0x81010801, type=0x6) returned 0x8a01c2
[0312.836] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0312.836] SelectObject (hdc=0x81010801, h=0x6d0a0520) returned 0x8a01c2
[0312.837] GetBkMode (hdc=0x81010801) returned 2
[0312.837] SetBkMode (hdc=0x81010801, mode=1) returned 2
[0312.837] DrawTextExW (in: hdc=0x81010801, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2dba970 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0312.837] DrawTextExW (in: hdc=0x81010801, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2dba970 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0312.837] RestoreDC (hdc=0x81010801, nSavedDC=-1) returned 1
[0312.837] GdipReleaseDC (graphics=0x6600030, hdc=0x81010801) returned 0x0
[0312.837] GetFocus () returned 0x3a02d8
[0312.837] IsAppThemed () returned 0x1
[0312.837] GetThemeAppProperties () returned 0x3
[0312.837] GetThemeAppProperties () returned 0x3
[0312.837] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0312.837] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0x81010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.838] GdipReleaseDC (graphics=0x6600030, hdc=0x81010801) returned 0x0
[0312.838] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.838] SelectObject (hdc=0x81010801, h=0x85000f) returned 0x4a0507fe
[0312.838] DeleteDC (hdc=0x81010801) returned 1
[0312.838] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.838] EndPaint (hWnd=0x3b00ea, lpPaint=0xd7e24c) returned 1
[0312.838] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.838] IsWindowUnicode (hWnd=0x3802dc) returned 1
[0312.838] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.838] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.838] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.838] BeginPaint (in: hWnd=0x3802dc, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0312.839] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.839] CreateCompatibleDC (hdc=0x10105d6) returned 0x83010801
[0312.839] SelectObject (hdc=0x83010801, h=0x4a0507fe) returned 0x85000f
[0312.839] GdipCreateFromHDC (hdc=0x83010801, graphics=0xd7e268) returned 0x0
[0312.839] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.839] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0312.839] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0312.839] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0312.839] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e2c8) returned 0x0
[0312.839] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0312.839] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0312.839] LocalFree (hMem=0x11ee9f0) returned 0x0
[0312.839] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0312.839] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0312.839] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0312.839] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0312.839] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0312.839] GdipRestoreGraphics (graphics=0x6600030, state=0xf50c0dbd) returned 0x0
[0312.839] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0312.839] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0312.840] GetCurrentObject (hdc=0x83010801, type=0x1) returned 0xb00017
[0312.840] GetCurrentObject (hdc=0x83010801, type=0x2) returned 0x900010
[0312.840] GetCurrentObject (hdc=0x83010801, type=0x7) returned 0x4a0507fe
[0312.840] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.840] SaveDC (hdc=0x83010801) returned 1
[0312.840] GetNearestColor (hdc=0x83010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.840] GetNearestColor (hdc=0x83010801, color=0xa0a0a0) returned 0xa0a0a0
[0312.840] GetNearestColor (hdc=0x83010801, color=0x696969) returned 0x696969
[0312.840] GetNearestColor (hdc=0x83010801, color=0xa0a0a0) returned 0xa0a0a0
[0312.840] GetNearestColor (hdc=0x83010801, color=0x0) returned 0x0
[0312.840] GetNearestColor (hdc=0x83010801, color=0xffffff) returned 0xffffff
[0312.840] GetNearestColor (hdc=0x83010801, color=0xe5e5e5) returned 0xe5e5e5
[0312.840] GetNearestColor (hdc=0x83010801, color=0xd7d7d7) returned 0xd7d7d7
[0312.840] GetNearestColor (hdc=0x83010801, color=0x0) returned 0x0
[0312.840] RestoreDC (hdc=0x83010801, nSavedDC=-1) returned 1
[0312.840] GdipReleaseDC (graphics=0x6600030, hdc=0x83010801) returned 0x0
[0312.840] IsAppThemed () returned 0x1
[0312.840] GetThemeAppProperties () returned 0x3
[0312.840] GetThemeAppProperties () returned 0x3
[0312.840] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0312.840] SendMessageW (hWnd=0x2d02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0312.849] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0312.849] IsAppThemed () returned 0x1
[0312.849] GetThemeAppProperties () returned 0x3
[0312.849] GetThemeAppProperties () returned 0x3
[0312.849] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2dbb180 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0312.849] IsAppThemed () returned 0x1
[0312.849] GetThemeAppProperties () returned 0x3
[0312.849] GetThemeAppProperties () returned 0x3
[0312.850] IsAppThemed () returned 0x1
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] GetFocus () returned 0x3a02d8
[0312.850] IsAppThemed () returned 0x1
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] IsAppThemed () returned 0x1
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] IsThemePartDefined () returned 0x1
[0312.850] IsAppThemed () returned 0x1
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0312.850] IsAppThemed () returned 0x1
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] IsAppThemed () returned 0x1
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] GetThemeAppProperties () returned 0x3
[0312.850] IsThemePartDefined () returned 0x1
[0312.850] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0312.850] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0312.850] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0312.850] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0312.850] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7dff0) returned 0x0
[0312.851] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0312.851] LocalFree (hMem=0x11ee868) returned 0x0
[0312.851] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee9f0) returned 0x0
[0312.851] LocalFree (hMem=0x11ee9f0) returned 0x0
[0312.851] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0312.851] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0312.851] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0312.851] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0312.851] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0312.851] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0312.851] GetCurrentObject (hdc=0x83010801, type=0x1) returned 0xb00017
[0312.851] GetCurrentObject (hdc=0x83010801, type=0x2) returned 0x900010
[0312.851] GetCurrentObject (hdc=0x83010801, type=0x7) returned 0x4a0507fe
[0312.851] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.851] SaveDC (hdc=0x83010801) returned 1
[0312.851] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xca0407de
[0312.851] GetClipRgn (hdc=0x83010801, hrgn=0xca0407de) returned 0
[0312.851] SelectClipRgn (hdc=0x83010801, hrgn=0x50040807) returned 2
[0312.851] DeleteObject (ho=0xca0407de) returned 1
[0312.851] DeleteObject (ho=0x50040807) returned 1
[0312.851] OffsetViewportOrgEx (in: hdc=0x83010801, x=0, y=0, lppt=0x2dbb830 | out: lppt=0x2dbb830) returned 1
[0312.852] DrawThemeParentBackground () returned 0x0
[0312.852] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0312.852] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0312.852] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.852] GetSystemMetrics (nIndex=42) returned 0
[0312.852] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0312.852] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0312.852] GetCurrentObject (hdc=0x83010801, type=0x1) returned 0xb00017
[0312.852] GetCurrentObject (hdc=0x83010801, type=0x2) returned 0x900010
[0312.852] GetCurrentObject (hdc=0x83010801, type=0x7) returned 0x4a0507fe
[0312.852] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.852] SaveDC (hdc=0x83010801) returned 2
[0312.852] GetNearestColor (hdc=0x83010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.852] CreateSolidBrush (color=0xf0f0f0) returned 0x8e1007e1
[0312.852] FillRect (hDC=0x83010801, lprc=0xd7da38, hbr=0x8e1007e1) returned 1
[0312.852] DeleteObject (ho=0x8e1007e1) returned 1
[0312.852] RestoreDC (hdc=0x83010801, nSavedDC=-1) returned 1
[0312.853] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.853] GetSystemMetrics (nIndex=42) returned 0
[0312.853] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0312.853] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0312.853] GetCurrentObject (hdc=0x83010801, type=0x1) returned 0xb00017
[0312.853] GetCurrentObject (hdc=0x83010801, type=0x2) returned 0x900010
[0312.853] GetCurrentObject (hdc=0x83010801, type=0x7) returned 0x4a0507fe
[0312.853] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.853] SaveDC (hdc=0x83010801) returned 2
[0312.853] GetNearestColor (hdc=0x83010801, color=0xf0f0f0) returned 0xf0f0f0
[0312.853] CreateSolidBrush (color=0xf0f0f0) returned 0x8f1007e1
[0312.853] FillRect (hDC=0x83010801, lprc=0xd7d9d8, hbr=0x8f1007e1) returned 1
[0312.853] DeleteObject (ho=0x8f1007e1) returned 1
[0312.853] RestoreDC (hdc=0x83010801, nSavedDC=-1) returned 1
[0312.853] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0312.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.853] GetSystemMetrics (nIndex=42) returned 0
[0312.853] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.853] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0312.854] RestoreDC (hdc=0x83010801, nSavedDC=-1) returned 1
[0312.854] GdipReleaseDC (graphics=0x6600030, hdc=0x83010801) returned 0x0
[0312.854] IsAppThemed () returned 0x1
[0312.854] GetThemeAppProperties () returned 0x3
[0312.854] GetThemeAppProperties () returned 0x3
[0312.854] IsAppThemed () returned 0x1
[0312.854] GetThemeAppProperties () returned 0x3
[0312.854] GetThemeAppProperties () returned 0x3
[0312.854] IsThemePartDefined () returned 0x1
[0312.854] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0312.854] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0312.854] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0312.854] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0312.854] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df74) returned 0x0
[0312.854] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.854] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0312.854] LocalFree (hMem=0x11ee788) returned 0x0
[0312.854] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0312.854] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0312.854] LocalFree (hMem=0x11eec58) returned 0x0
[0312.854] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0312.855] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0312.855] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0312.855] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0312.855] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0312.855] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0312.855] GetCurrentObject (hdc=0x83010801, type=0x1) returned 0xb00017
[0312.855] GetCurrentObject (hdc=0x83010801, type=0x2) returned 0x900010
[0312.855] GetCurrentObject (hdc=0x83010801, type=0x7) returned 0x4a0507fe
[0312.855] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.855] SaveDC (hdc=0x83010801) returned 1
[0312.855] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x51040807
[0312.855] GetClipRgn (hdc=0x83010801, hrgn=0x51040807) returned 0
[0312.855] SelectClipRgn (hdc=0x83010801, hrgn=0xcc0407de) returned 2
[0312.855] DeleteObject (ho=0x51040807) returned 1
[0312.855] DeleteObject (ho=0xcc0407de) returned 1
[0312.855] OffsetViewportOrgEx (in: hdc=0x83010801, x=0, y=0, lppt=0x2dbc0dc | out: lppt=0x2dbc0dc) returned 1
[0312.855] IsAppThemed () returned 0x1
[0312.855] GetThemeAppProperties () returned 0x3
[0312.855] GetThemeAppProperties () returned 0x3
[0312.855] DrawThemeBackground () returned 0x0
[0312.856] RestoreDC (hdc=0x83010801, nSavedDC=-1) returned 1
[0312.856] GdipReleaseDC (graphics=0x6600030, hdc=0x83010801) returned 0x0
[0312.856] GdipCreateRegion (region=0xd7df60) returned 0x0
[0312.856] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0312.856] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0312.856] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0312.856] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0312.856] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.856] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0312.856] LocalFree (hMem=0x11ee788) returned 0x0
[0312.856] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0312.856] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0312.856] LocalFree (hMem=0x11eecc8) returned 0x0
[0312.860] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0312.860] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0312.860] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df90) returned 0x0
[0312.860] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0312.860] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0312.860] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0312.860] GetCurrentObject (hdc=0x83010801, type=0x1) returned 0xb00017
[0312.860] GetCurrentObject (hdc=0x83010801, type=0x2) returned 0x900010
[0312.860] GetCurrentObject (hdc=0x83010801, type=0x7) returned 0x4a0507fe
[0312.860] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.860] SaveDC (hdc=0x83010801) returned 1
[0312.860] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xcd0407de
[0312.860] GetClipRgn (hdc=0x83010801, hrgn=0xcd0407de) returned 0
[0312.860] SelectClipRgn (hdc=0x83010801, hrgn=0x52040807) returned 2
[0312.860] DeleteObject (ho=0xcd0407de) returned 1
[0312.860] DeleteObject (ho=0x52040807) returned 1
[0312.860] OffsetViewportOrgEx (in: hdc=0x83010801, x=0, y=0, lppt=0x2dbc3b0 | out: lppt=0x2dbc3b0) returned 1
[0312.861] IsAppThemed () returned 0x1
[0312.861] GetThemeAppProperties () returned 0x3
[0312.861] GetThemeAppProperties () returned 0x3
[0312.861] GetThemeBackgroundContentRect () returned 0x0
[0312.861] RestoreDC (hdc=0x83010801, nSavedDC=-1) returned 1
[0312.861] GdipReleaseDC (graphics=0x6600030, hdc=0x83010801) returned 0x0
[0312.861] IsAppThemed () returned 0x1
[0312.861] GetThemeAppProperties () returned 0x3
[0312.861] GetThemeAppProperties () returned 0x3
[0312.861] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0312.861] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0312.861] GetCurrentObject (hdc=0x83010801, type=0x1) returned 0xb00017
[0312.861] GetCurrentObject (hdc=0x83010801, type=0x2) returned 0x900010
[0312.861] GetCurrentObject (hdc=0x83010801, type=0x7) returned 0x4a0507fe
[0312.861] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.861] SaveDC (hdc=0x83010801) returned 1
[0312.861] GetTextAlign (hdc=0x83010801) returned 0x0
[0312.861] GetTextColor (hdc=0x83010801) returned 0x0
[0312.861] GetCurrentObject (hdc=0x83010801, type=0x6) returned 0x8a01c2
[0312.861] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0312.862] SelectObject (hdc=0x83010801, h=0x6d0a0520) returned 0x8a01c2
[0312.862] GetBkMode (hdc=0x83010801) returned 2
[0312.862] SetBkMode (hdc=0x83010801, mode=1) returned 2
[0312.862] DrawTextExW (in: hdc=0x83010801, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2dbc750 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0312.862] DrawTextExW (in: hdc=0x83010801, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dbc750 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0312.862] RestoreDC (hdc=0x83010801, nSavedDC=-1) returned 1
[0312.862] GdipReleaseDC (graphics=0x6600030, hdc=0x83010801) returned 0x0
[0312.862] GetFocus () returned 0x3a02d8
[0312.862] IsAppThemed () returned 0x1
[0312.862] GetThemeAppProperties () returned 0x3
[0312.862] GetThemeAppProperties () returned 0x3
[0312.862] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0312.862] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x83010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.863] GdipReleaseDC (graphics=0x6600030, hdc=0x83010801) returned 0x0
[0312.863] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.863] SelectObject (hdc=0x83010801, h=0x85000f) returned 0x4a0507fe
[0312.863] DeleteDC (hdc=0x83010801) returned 1
[0312.863] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.863] EndPaint (hWnd=0x3802dc, lpPaint=0xd7e24c) returned 1
[0312.863] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.864] IsWindowUnicode (hWnd=0x602c4) returned 1
[0312.864] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.864] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.864] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.864] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0312.864] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.864] CreateCompatibleDC (hdc=0x60100ce) returned 0x85010801
[0312.864] SelectObject (hdc=0x85010801, h=0x4a0507fe) returned 0x85000f
[0312.864] GdipCreateFromHDC (hdc=0x85010801, graphics=0xd7e268) returned 0x0
[0312.864] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0312.864] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0312.864] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0312.864] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0312.864] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e2c8) returned 0x0
[0312.864] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.865] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0312.865] LocalFree (hMem=0x11ee788) returned 0x0
[0312.865] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0312.865] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0312.865] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0312.865] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0312.865] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0312.865] GdipRestoreGraphics (graphics=0x6600030, state=0xf50a0dbd) returned 0x0
[0312.865] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0312.865] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0312.865] GetCurrentObject (hdc=0x85010801, type=0x1) returned 0xb00017
[0312.865] GetCurrentObject (hdc=0x85010801, type=0x2) returned 0x900010
[0312.865] GetCurrentObject (hdc=0x85010801, type=0x7) returned 0x4a0507fe
[0312.865] GetCurrentObject (hdc=0x85010801, type=0x6) returned 0x8a01c2
[0312.865] SaveDC (hdc=0x85010801) returned 1
[0312.865] GetNearestColor (hdc=0x85010801, color=0xff) returned 0xff
[0312.865] GetNearestColor (hdc=0x85010801, color=0x55) returned 0x55
[0312.865] GetNearestColor (hdc=0x85010801, color=0x0) returned 0x0
[0312.865] GetNearestColor (hdc=0x85010801, color=0x55) returned 0x55
[0312.866] GetNearestColor (hdc=0x85010801, color=0x0) returned 0x0
[0312.866] GetNearestColor (hdc=0x85010801, color=0x8080ff) returned 0x8080ff
[0312.866] GetNearestColor (hdc=0x85010801, color=0x7373e5) returned 0x7373e5
[0312.866] GetNearestColor (hdc=0x85010801, color=0xe5) returned 0xe5
[0312.866] GetNearestColor (hdc=0x85010801, color=0x0) returned 0x0
[0312.866] RestoreDC (hdc=0x85010801, nSavedDC=-1) returned 1
[0312.866] GdipReleaseDC (graphics=0x6600030, hdc=0x85010801) returned 0x0
[0312.866] IsAppThemed () returned 0x1
[0312.866] GetThemeAppProperties () returned 0x3
[0312.866] GetThemeAppProperties () returned 0x3
[0312.866] IsAppThemed () returned 0x1
[0312.866] GetThemeAppProperties () returned 0x3
[0312.866] GetThemeAppProperties () returned 0x3
[0312.866] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2dbcf18 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0312.866] IsAppThemed () returned 0x1
[0312.866] GetThemeAppProperties () returned 0x3
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] IsAppThemed () returned 0x1
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] GetFocus () returned 0x3a02d8
[0312.867] IsAppThemed () returned 0x1
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] IsAppThemed () returned 0x1
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] IsThemePartDefined () returned 0x1
[0312.867] IsAppThemed () returned 0x1
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0312.867] IsAppThemed () returned 0x1
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] IsAppThemed () returned 0x1
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] GetThemeAppProperties () returned 0x3
[0312.867] IsThemePartDefined () returned 0x1
[0312.867] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0312.867] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0312.867] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0312.867] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0312.868] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7dff0) returned 0x0
[0312.868] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0312.868] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eea98) returned 0x0
[0312.868] LocalFree (hMem=0x11eea98) returned 0x0
[0312.868] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.868] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0312.868] LocalFree (hMem=0x11ee788) returned 0x0
[0312.868] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0312.868] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0312.868] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0312.868] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0312.868] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0312.868] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0312.868] GetCurrentObject (hdc=0x85010801, type=0x1) returned 0xb00017
[0312.868] GetCurrentObject (hdc=0x85010801, type=0x2) returned 0x900010
[0312.868] GetCurrentObject (hdc=0x85010801, type=0x7) returned 0x4a0507fe
[0312.868] GetCurrentObject (hdc=0x85010801, type=0x6) returned 0x8a01c2
[0312.868] SaveDC (hdc=0x85010801) returned 1
[0312.868] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x53040807
[0312.869] GetClipRgn (hdc=0x85010801, hrgn=0x53040807) returned 0
[0312.869] SelectClipRgn (hdc=0x85010801, hrgn=0xd10407de) returned 2
[0312.869] DeleteObject (ho=0x53040807) returned 1
[0312.869] DeleteObject (ho=0xd10407de) returned 1
[0312.869] OffsetViewportOrgEx (in: hdc=0x85010801, x=0, y=0, lppt=0x2dbd5c8 | out: lppt=0x2dbd5c8) returned 1
[0312.869] DrawThemeParentBackground () returned 0x0
[0312.869] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0312.869] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0312.869] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.869] GetSystemMetrics (nIndex=42) returned 0
[0312.869] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.869] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0312.869] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0312.869] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0312.869] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0312.869] SelectPalette (hdc=0x85010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.869] GdipCreateFromHDC (hdc=0x85010801, graphics=0xd7dac8) returned 0x0
[0312.870] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0312.870] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0312.870] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638cf8) returned 0x0
[0312.870] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7daa0) returned 0x0
[0312.870] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0312.870] GdipCreateRegion (region=0xd7da88) returned 0x0
[0312.870] GdipGetClip (graphics=0x66376e0, region=0x66465f8) returned 0x0
[0312.870] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x66376e0, result=0xd7da94) returned 0x0
[0312.870] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0312.870] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dac0) returned 0x0
[0312.870] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0312.910] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e510, x=0, y=0, width=801, height=453) returned 0x0
[0312.910] GdipDeleteBrush (brush=0x664e510) returned 0x0
[0312.912] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0312.912] SelectPalette (hdc=0x85010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.912] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.912] GetSystemMetrics (nIndex=42) returned 0
[0312.912] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.912] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0312.912] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0312.912] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0312.912] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0312.912] SelectPalette (hdc=0x85010801, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0312.913] GdipCreateFromHDC (hdc=0x85010801, graphics=0xd7da68) returned 0x0
[0312.913] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0312.913] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0312.913] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638ae8) returned 0x0
[0312.913] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7da40) returned 0x0
[0312.913] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0312.913] GdipCreateRegion (region=0xd7da28) returned 0x0
[0312.913] GdipGetClip (graphics=0x66376e0, region=0x6646718) returned 0x0
[0312.913] GdipIsInfiniteRegion (region=0x6646718, graphics=0x66376e0, result=0xd7da34) returned 0x0
[0312.913] GdipDeleteRegion (region=0x6646718) returned 0x0
[0312.913] GdipSaveGraphics (graphics=0x66376e0, state=0xd7da60) returned 0x0
[0312.913] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0312.927] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0312.927] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0312.929] GdipRestoreGraphics (graphics=0x66376e0, state=0xf5060dbd) returned 0x0
[0312.929] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0312.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0312.929] GetSystemMetrics (nIndex=42) returned 0
[0312.929] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0312.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0312.929] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0312.930] SelectPalette (hdc=0x85010801, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.930] RestoreDC (hdc=0x85010801, nSavedDC=-1) returned 1
[0312.930] GdipReleaseDC (graphics=0x6600030, hdc=0x85010801) returned 0x0
[0312.930] IsAppThemed () returned 0x1
[0312.930] GetThemeAppProperties () returned 0x3
[0312.930] GetThemeAppProperties () returned 0x3
[0312.930] IsAppThemed () returned 0x1
[0312.930] GetThemeAppProperties () returned 0x3
[0312.930] GetThemeAppProperties () returned 0x3
[0312.930] IsThemePartDefined () returned 0x1
[0312.930] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0312.930] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0312.930] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0312.930] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0312.931] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7df74) returned 0x0
[0312.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0312.931] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eea60) returned 0x0
[0312.931] LocalFree (hMem=0x11eea60) returned 0x0
[0312.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0312.931] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0312.931] LocalFree (hMem=0x11ee788) returned 0x0
[0312.931] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0312.931] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0312.931] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0312.931] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0312.931] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0312.931] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0312.931] GetCurrentObject (hdc=0x85010801, type=0x1) returned 0xb00017
[0312.931] GetCurrentObject (hdc=0x85010801, type=0x2) returned 0x900010
[0312.931] GetCurrentObject (hdc=0x85010801, type=0x7) returned 0x4a0507fe
[0312.932] GetCurrentObject (hdc=0x85010801, type=0x6) returned 0x8a01c2
[0312.932] SaveDC (hdc=0x85010801) returned 1
[0312.932] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd20407de
[0312.932] GetClipRgn (hdc=0x85010801, hrgn=0xd20407de) returned 0
[0312.932] SelectClipRgn (hdc=0x85010801, hrgn=0x55040807) returned 2
[0312.932] DeleteObject (ho=0xd20407de) returned 1
[0312.932] DeleteObject (ho=0x55040807) returned 1
[0312.932] OffsetViewportOrgEx (in: hdc=0x85010801, x=0, y=0, lppt=0x2dc3e18 | out: lppt=0x2dc3e18) returned 1
[0312.932] IsAppThemed () returned 0x1
[0312.932] GetThemeAppProperties () returned 0x3
[0312.932] GetThemeAppProperties () returned 0x3
[0312.932] DrawThemeBackground () returned 0x0
[0312.932] RestoreDC (hdc=0x85010801, nSavedDC=-1) returned 1
[0312.932] GdipReleaseDC (graphics=0x6600030, hdc=0x85010801) returned 0x0
[0312.932] GdipCreateRegion (region=0xd7df60) returned 0x0
[0312.933] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0312.933] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0312.933] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a28) returned 0x0
[0312.933] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7df78) returned 0x0
[0312.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0312.933] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee8d8) returned 0x0
[0312.933] LocalFree (hMem=0x11ee8d8) returned 0x0
[0312.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0312.933] GdipGetMatrixElements (matrix=0x6638a28, matrixOut=0x11ee868) returned 0x0
[0312.933] LocalFree (hMem=0x11ee868) returned 0x0
[0312.933] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0312.933] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0312.933] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df90) returned 0x0
[0312.933] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0312.933] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0312.933] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0312.933] GetCurrentObject (hdc=0x85010801, type=0x1) returned 0xb00017
[0312.933] GetCurrentObject (hdc=0x85010801, type=0x2) returned 0x900010
[0312.933] GetCurrentObject (hdc=0x85010801, type=0x7) returned 0x4a0507fe
[0312.934] GetCurrentObject (hdc=0x85010801, type=0x6) returned 0x8a01c2
[0312.934] SaveDC (hdc=0x85010801) returned 1
[0312.934] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x56040807
[0312.934] GetClipRgn (hdc=0x85010801, hrgn=0x56040807) returned 0
[0312.934] SelectClipRgn (hdc=0x85010801, hrgn=0xd30407de) returned 2
[0312.934] DeleteObject (ho=0x56040807) returned 1
[0312.934] DeleteObject (ho=0xd30407de) returned 1
[0312.934] OffsetViewportOrgEx (in: hdc=0x85010801, x=0, y=0, lppt=0x2dc40ec | out: lppt=0x2dc40ec) returned 1
[0312.934] IsAppThemed () returned 0x1
[0312.934] GetThemeAppProperties () returned 0x3
[0312.934] GetThemeAppProperties () returned 0x3
[0312.934] GetThemeBackgroundContentRect () returned 0x0
[0312.934] RestoreDC (hdc=0x85010801, nSavedDC=-1) returned 1
[0312.934] GdipReleaseDC (graphics=0x6600030, hdc=0x85010801) returned 0x0
[0312.935] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0312.935] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0312.935] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0312.935] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0312.935] IsAppThemed () returned 0x1
[0312.935] GetThemeAppProperties () returned 0x3
[0312.935] GetThemeAppProperties () returned 0x3
[0312.935] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0312.935] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0312.935] GetCurrentObject (hdc=0x85010801, type=0x1) returned 0xb00017
[0312.935] GetCurrentObject (hdc=0x85010801, type=0x2) returned 0x900010
[0312.935] GetCurrentObject (hdc=0x85010801, type=0x7) returned 0x4a0507fe
[0312.935] GetCurrentObject (hdc=0x85010801, type=0x6) returned 0x8a01c2
[0312.936] SaveDC (hdc=0x85010801) returned 1
[0312.936] GetTextAlign (hdc=0x85010801) returned 0x0
[0312.936] GetTextColor (hdc=0x85010801) returned 0x0
[0312.936] GetCurrentObject (hdc=0x85010801, type=0x6) returned 0x8a01c2
[0312.936] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0312.936] SelectObject (hdc=0x85010801, h=0x6d0a0520) returned 0x8a01c2
[0312.936] GetBkMode (hdc=0x85010801) returned 2
[0312.936] SetBkMode (hdc=0x85010801, mode=1) returned 2
[0312.936] DrawTextExW (in: hdc=0x85010801, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2dc44b0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0312.937] DrawTextExW (in: hdc=0x85010801, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2dc44b0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0312.937] RestoreDC (hdc=0x85010801, nSavedDC=-1) returned 1
[0312.937] GdipReleaseDC (graphics=0x6600030, hdc=0x85010801) returned 0x0
[0312.937] GetFocus () returned 0x3a02d8
[0312.937] IsAppThemed () returned 0x1
[0312.937] GetThemeAppProperties () returned 0x3
[0312.937] GetThemeAppProperties () returned 0x3
[0312.937] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0312.937] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0x85010801, x1=0, y1=0, rop=0xcc0020) returned 1
[0312.937] GdipReleaseDC (graphics=0x6600030, hdc=0x85010801) returned 0x0
[0312.938] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0312.938] SelectObject (hdc=0x85010801, h=0x85000f) returned 0x4a0507fe
[0312.938] DeleteDC (hdc=0x85010801) returned 1
[0312.938] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0312.938] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0312.938] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.938] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0312.939] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.939] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0312.940] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.940] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.940] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0312.941] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.941] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.941] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.941] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.942] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.942] IsWindowUnicode (hWnd=0x3b00ea) returned 1
[0312.942] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.943] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.943] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.943] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.943] IsWindowUnicode (hWnd=0x3b00ea) returned 1
[0312.943] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.943] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.943] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.943] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x2a1, wParam=0x0, lParam=0x60033) returned 0x0
[0312.943] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.943] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.943] WaitMessage () returned 1
[0312.957] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.957] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.957] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.957] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.957] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.958] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.958] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.958] WaitMessage () returned 1
[0312.959] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.959] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.959] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.959] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.959] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.960] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.960] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.960] WaitMessage () returned 1
[0312.960] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.960] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.960] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.960] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.961] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.962] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.962] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.962] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.962] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.962] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.963] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.963] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.963] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.963] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.963] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.963] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.964] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.964] WaitMessage () returned 1
[0312.964] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.964] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.964] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.964] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.964] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.969] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.970] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.970] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.970] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.970] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.970] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.970] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.970] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.970] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.970] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.970] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.971] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.971] WaitMessage () returned 1
[0312.992] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.992] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.992] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.992] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.992] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.994] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.994] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.994] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.994] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.994] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.994] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.994] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.994] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.995] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.995] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0312.995] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.995] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0312.995] WaitMessage () returned 1
[0312.996] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.996] IsWindowUnicode (hWnd=0x30122) returned 1
[0312.996] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0312.996] TranslateMessage (lpMsg=0xd7e808) returned 0
[0312.996] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0313.002] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0313.002] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.002] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0313.002] TranslateMessage (lpMsg=0xd7e808) returned 0
[0313.002] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0313.002] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0313.002] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.002] IsWindowUnicode (hWnd=0x3b00ea) returned 1
[0313.002] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0313.003] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.003] GetDlgItem (hDlg=0x2d02d0, nIDDlgItem=0) returned 0x0
[0313.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x210, wParam=0x201, lParam=0x640114) returned 0x0
[0313.003] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x21, wParam=0x2d02d0, lParam=0x2010001) returned 0x1
[0313.003] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x21, wParam=0x2d02d0, lParam=0x2010001) returned 0x1
[0313.003] SetCursor (hCursor=0x10003) returned 0x10003
[0313.003] TranslateMessage (lpMsg=0xd7e808) returned 0
[0313.003] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0313.003] GetKeyState (nVirtKey=1) returned -127
[0313.003] GetKeyState (nVirtKey=2) returned 0
[0313.003] GetKeyState (nVirtKey=4) returned 0
[0313.003] GetKeyState (nVirtKey=5) returned 0
[0313.003] GetKeyState (nVirtKey=6) returned 0
[0313.003] IsWindowVisible (hWnd=0x3b00ea) returned 1
[0313.003] IsWindowEnabled (hWnd=0x3b00ea) returned 1
[0313.003] SetFocus (hWnd=0x3b00ea) returned 0x3a02d8
[0313.004] GetFocus () returned 0x3b00ea
[0313.004] IsChild (hWndParent=0x2d02d0, hWnd=0x3b00ea) returned 1
[0313.004] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x8, wParam=0x3b00ea, lParam=0x0) returned 0x0
[0313.004] GetCapture () returned 0x0
[0313.004] InvalidateRect (hWnd=0x3a02d8, lpRect=0x0, bErase=0) returned 1
[0313.005] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0313.006] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0313.008] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0313.008] InvalidateRect (hWnd=0x3a02d8, lpRect=0x0, bErase=0) returned 1
[0313.008] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0313.008] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x7, wParam=0x3a02d8, lParam=0x0) returned 0x0
[0313.009] GetStockObject (i=5) returned 0x900015
[0313.009] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0313.009] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0313.009] GetDlgItem (hDlg=0x2d02d0, nIDDlgItem=3866858) returned 0x3b00ea
[0313.009] SendMessageW (hWnd=0x3b00ea, Msg=0x202b, wParam=0x3b00ea, lParam=0xd7dddc) returned 0x0
[0313.009] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x202b, wParam=0x3b00ea, lParam=0xd7dddc) returned 0x0
[0313.009] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0313.011] GetFocus () returned 0x3b00ea
[0313.011] GetFocus () returned 0x3b00ea
[0313.011] GetFocus () returned 0x3b00ea
[0313.011] GetKeyState (nVirtKey=1) returned -127
[0313.011] GetKeyState (nVirtKey=2) returned 0
[0313.011] GetKeyState (nVirtKey=4) returned 0
[0313.011] GetKeyState (nVirtKey=5) returned 0
[0313.011] GetKeyState (nVirtKey=6) returned 0
[0313.011] GetCapture () returned 0x0
[0313.011] SetCapture (hWnd=0x3b00ea) returned 0x0
[0313.011] GetKeyState (nVirtKey=1) returned -127
[0313.011] GetKeyState (nVirtKey=2) returned 0
[0313.011] GetKeyState (nVirtKey=4) returned 0
[0313.011] GetKeyState (nVirtKey=5) returned 0
[0313.011] GetKeyState (nVirtKey=6) returned 0
[0313.011] NotifyWinEvent (event=0x800a, hwnd=0x3b00ea, idObject=-4, idChild=0)
[0313.011] InvalidateRect (hWnd=0x3b00ea, lpRect=0xd7e430, bErase=0) returned 1
[0313.011] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0313.012] IsWindowUnicode (hWnd=0x3b00ea) returned 1
[0313.012] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0313.012] TranslateMessage (lpMsg=0xd7e808) returned 0
[0313.012] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0313.012] MapWindowPoints (in: hWndFrom=0x3b00ea, hWndTo=0x0, lpPoints=0x2dc4778, cPoints=0x1 | out: lpPoints=0x2dc4778) returned 30999254
[0313.012] NotifyWinEvent (event=0x800a, hwnd=0x3b00ea, idObject=-4, idChild=0)
[0313.012] InvalidateRect (hWnd=0x3b00ea, lpRect=0xd7e3d0, bErase=0) returned 1
[0313.012] UpdateWindow (hWnd=0x3b00ea) returned 1
[0313.012] BeginPaint (in: hWnd=0x3b00ea, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xc0107c5
[0313.012] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0313.012] CreateCompatibleDC (hdc=0xc0107c5) returned 0xe00107d3
[0313.012] SelectObject (hdc=0xe00107d3, h=0x4a0507fe) returned 0x85000f
[0313.016] GdipCreateFromHDC (hdc=0xe00107d3, graphics=0xd7df00) returned 0x0
[0313.016] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0313.017] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0313.017] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0313.017] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0313.017] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df60) returned 0x0
[0313.017] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0313.017] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee910) returned 0x0
[0313.017] LocalFree (hMem=0x11ee910) returned 0x0
[0313.017] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0313.017] GdipCreateRegion (region=0xd7df48) returned 0x0
[0313.017] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0313.017] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7df54) returned 0x0
[0313.017] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0313.017] GdipRestoreGraphics (graphics=0x6600030, state=0xf5040dbd) returned 0x0
[0313.017] GdipDeleteRegion (region=0x6646718) returned 0x0
[0313.017] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0313.017] GetCurrentObject (hdc=0xe00107d3, type=0x1) returned 0xb00017
[0313.018] GetCurrentObject (hdc=0xe00107d3, type=0x2) returned 0x900010
[0313.018] GetCurrentObject (hdc=0xe00107d3, type=0x7) returned 0x4a0507fe
[0313.018] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.018] SaveDC (hdc=0xe00107d3) returned 1
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0xf0f0f0) returned 0xf0f0f0
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0xa0a0a0) returned 0xa0a0a0
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0x696969) returned 0x696969
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0xa0a0a0) returned 0xa0a0a0
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0x0) returned 0x0
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0xffffff) returned 0xffffff
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0xe5e5e5) returned 0xe5e5e5
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0xd7d7d7) returned 0xd7d7d7
[0313.018] GetNearestColor (hdc=0xe00107d3, color=0x0) returned 0x0
[0313.019] RestoreDC (hdc=0xe00107d3, nSavedDC=-1) returned 1
[0313.019] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107d3) returned 0x0
[0313.019] IsAppThemed () returned 0x1
[0313.019] GetThemeAppProperties () returned 0x3
[0313.019] GetThemeAppProperties () returned 0x3
[0313.019] IsAppThemed () returned 0x1
[0313.019] GetThemeAppProperties () returned 0x3
[0313.019] GetThemeAppProperties () returned 0x3
[0313.019] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2dc4ed0 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0313.019] IsAppThemed () returned 0x1
[0313.019] GetThemeAppProperties () returned 0x3
[0313.019] GetThemeAppProperties () returned 0x3
[0313.019] IsAppThemed () returned 0x1
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] IsAppThemed () returned 0x1
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] IsAppThemed () returned 0x1
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] IsThemePartDefined () returned 0x1
[0313.020] IsAppThemed () returned 0x1
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0313.020] IsAppThemed () returned 0x1
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] IsAppThemed () returned 0x1
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] GetThemeAppProperties () returned 0x3
[0313.020] IsThemePartDefined () returned 0x1
[0313.020] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0313.020] GdipGetClip (graphics=0x6600030, region=0x6646718) returned 0x0
[0313.021] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0313.021] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0313.021] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7dc7c) returned 0x0
[0313.021] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0313.021] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0313.021] LocalFree (hMem=0x11eec58) returned 0x0
[0313.021] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0313.021] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee910) returned 0x0
[0313.021] LocalFree (hMem=0x11ee910) returned 0x0
[0313.021] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0313.021] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0313.021] GdipIsInfiniteRegion (region=0x6646718, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0313.021] GdipGetRegionHRgn (region=0x6646718, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0313.021] GdipDeleteRegion (region=0x6646718) returned 0x0
[0313.021] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0313.021] GetCurrentObject (hdc=0xe00107d3, type=0x1) returned 0xb00017
[0313.021] GetCurrentObject (hdc=0xe00107d3, type=0x2) returned 0x900010
[0313.022] GetCurrentObject (hdc=0xe00107d3, type=0x7) returned 0x4a0507fe
[0313.022] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.022] SaveDC (hdc=0xe00107d3) returned 1
[0313.022] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd40407de
[0313.022] GetClipRgn (hdc=0xe00107d3, hrgn=0xd40407de) returned 0
[0313.022] SelectClipRgn (hdc=0xe00107d3, hrgn=0x5a040807) returned 2
[0313.022] DeleteObject (ho=0xd40407de) returned 1
[0313.022] DeleteObject (ho=0x5a040807) returned 1
[0313.022] OffsetViewportOrgEx (in: hdc=0xe00107d3, x=0, y=0, lppt=0x2dc5580 | out: lppt=0x2dc5580) returned 1
[0313.022] DrawThemeParentBackground () returned 0x0
[0313.022] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0313.022] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0313.022] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0313.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0313.023] GetSystemMetrics (nIndex=42) returned 0
[0313.023] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0313.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0313.023] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0313.023] GetCurrentObject (hdc=0xe00107d3, type=0x1) returned 0xb00017
[0313.023] GetCurrentObject (hdc=0xe00107d3, type=0x2) returned 0x900010
[0313.023] GetCurrentObject (hdc=0xe00107d3, type=0x7) returned 0x4a0507fe
[0313.023] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.023] SaveDC (hdc=0xe00107d3) returned 2
[0313.023] GetNearestColor (hdc=0xe00107d3, color=0xf0f0f0) returned 0xf0f0f0
[0313.023] CreateSolidBrush (color=0xf0f0f0) returned 0x901007e1
[0313.023] FillRect (hDC=0xe00107d3, lprc=0xd7d6c8, hbr=0x901007e1) returned 1
[0313.023] DeleteObject (ho=0x901007e1) returned 1
[0313.023] RestoreDC (hdc=0xe00107d3, nSavedDC=-1) returned 1
[0313.023] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0313.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0313.024] GetSystemMetrics (nIndex=42) returned 0
[0313.024] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0313.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0313.024] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0313.024] GetCurrentObject (hdc=0xe00107d3, type=0x1) returned 0xb00017
[0313.024] GetCurrentObject (hdc=0xe00107d3, type=0x2) returned 0x900010
[0313.024] GetCurrentObject (hdc=0xe00107d3, type=0x7) returned 0x4a0507fe
[0313.024] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.024] SaveDC (hdc=0xe00107d3) returned 2
[0313.024] GetNearestColor (hdc=0xe00107d3, color=0xf0f0f0) returned 0xf0f0f0
[0313.024] CreateSolidBrush (color=0xf0f0f0) returned 0x911007e1
[0313.024] FillRect (hDC=0xe00107d3, lprc=0xd7d668, hbr=0x911007e1) returned 1
[0313.024] DeleteObject (ho=0x911007e1) returned 1
[0313.024] RestoreDC (hdc=0xe00107d3, nSavedDC=-1) returned 1
[0313.024] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0313.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0313.025] GetSystemMetrics (nIndex=42) returned 0
[0313.025] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0313.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0313.025] RestoreDC (hdc=0xe00107d3, nSavedDC=-1) returned 1
[0313.025] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107d3) returned 0x0
[0313.025] IsAppThemed () returned 0x1
[0313.025] GetThemeAppProperties () returned 0x3
[0313.025] GetThemeAppProperties () returned 0x3
[0313.025] IsAppThemed () returned 0x1
[0313.025] GetThemeAppProperties () returned 0x3
[0313.025] GetThemeAppProperties () returned 0x3
[0313.025] IsThemePartDefined () returned 0x1
[0313.025] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0313.025] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0313.025] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0313.026] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0313.026] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc00) returned 0x0
[0313.026] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0313.026] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0313.026] LocalFree (hMem=0x11ee9f0) returned 0x0
[0313.026] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0313.026] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0313.026] LocalFree (hMem=0x11ee9f0) returned 0x0
[0313.026] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0313.026] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0313.026] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0313.026] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0313.026] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0313.026] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0313.026] GetCurrentObject (hdc=0xe00107d3, type=0x1) returned 0xb00017
[0313.026] GetCurrentObject (hdc=0xe00107d3, type=0x2) returned 0x900010
[0313.026] GetCurrentObject (hdc=0xe00107d3, type=0x7) returned 0x4a0507fe
[0313.027] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.027] SaveDC (hdc=0xe00107d3) returned 1
[0313.027] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5b040807
[0313.027] GetClipRgn (hdc=0xe00107d3, hrgn=0x5b040807) returned 0
[0313.027] SelectClipRgn (hdc=0xe00107d3, hrgn=0xd60407de) returned 2
[0313.027] DeleteObject (ho=0x5b040807) returned 1
[0313.027] DeleteObject (ho=0xd60407de) returned 1
[0313.027] OffsetViewportOrgEx (in: hdc=0xe00107d3, x=0, y=0, lppt=0x2dc5e2c | out: lppt=0x2dc5e2c) returned 1
[0313.027] IsAppThemed () returned 0x1
[0313.027] GetThemeAppProperties () returned 0x3
[0313.027] GetThemeAppProperties () returned 0x3
[0313.027] DrawThemeBackground () returned 0x0
[0313.027] RestoreDC (hdc=0xe00107d3, nSavedDC=-1) returned 1
[0313.027] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107d3) returned 0x0
[0313.027] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0313.027] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0313.028] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0313.028] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0313.028] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc04) returned 0x0
[0313.028] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0313.028] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee910) returned 0x0
[0313.028] LocalFree (hMem=0x11ee910) returned 0x0
[0313.028] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0313.028] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0313.028] LocalFree (hMem=0x11ee788) returned 0x0
[0313.032] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0313.032] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0313.032] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0313.032] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0313.032] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0313.032] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0313.032] GetCurrentObject (hdc=0xe00107d3, type=0x1) returned 0xb00017
[0313.032] GetCurrentObject (hdc=0xe00107d3, type=0x2) returned 0x900010
[0313.032] GetCurrentObject (hdc=0xe00107d3, type=0x7) returned 0x4a0507fe
[0313.033] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.033] SaveDC (hdc=0xe00107d3) returned 1
[0313.033] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xd70407de
[0313.033] GetClipRgn (hdc=0xe00107d3, hrgn=0xd70407de) returned 0
[0313.033] SelectClipRgn (hdc=0xe00107d3, hrgn=0x5c040807) returned 2
[0313.033] DeleteObject (ho=0xd70407de) returned 1
[0313.033] DeleteObject (ho=0x5c040807) returned 1
[0313.033] OffsetViewportOrgEx (in: hdc=0xe00107d3, x=0, y=0, lppt=0x2dc6100 | out: lppt=0x2dc6100) returned 1
[0313.033] IsAppThemed () returned 0x1
[0313.033] GetThemeAppProperties () returned 0x3
[0313.033] GetThemeAppProperties () returned 0x3
[0313.033] GetThemeBackgroundContentRect () returned 0x0
[0313.033] RestoreDC (hdc=0xe00107d3, nSavedDC=-1) returned 1
[0313.033] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107d3) returned 0x0
[0313.033] IsAppThemed () returned 0x1
[0313.034] GetThemeAppProperties () returned 0x3
[0313.034] GetThemeAppProperties () returned 0x3
[0313.034] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0313.034] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0313.034] GetCurrentObject (hdc=0xe00107d3, type=0x1) returned 0xb00017
[0313.034] GetCurrentObject (hdc=0xe00107d3, type=0x2) returned 0x900010
[0313.034] GetCurrentObject (hdc=0xe00107d3, type=0x7) returned 0x4a0507fe
[0313.034] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.034] SaveDC (hdc=0xe00107d3) returned 1
[0313.034] GetTextAlign (hdc=0xe00107d3) returned 0x0
[0313.034] GetTextColor (hdc=0xe00107d3) returned 0x0
[0313.034] GetCurrentObject (hdc=0xe00107d3, type=0x6) returned 0x8a01c2
[0313.034] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0313.034] SelectObject (hdc=0xe00107d3, h=0x6d0a0520) returned 0x8a01c2
[0313.034] GetBkMode (hdc=0xe00107d3) returned 2
[0313.035] SetBkMode (hdc=0xe00107d3, mode=1) returned 2
[0313.035] DrawTextExW (in: hdc=0xe00107d3, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2dc64a0 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0313.035] DrawTextExW (in: hdc=0xe00107d3, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2dc64a0 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0313.035] RestoreDC (hdc=0xe00107d3, nSavedDC=-1) returned 1
[0313.035] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107d3) returned 0x0
[0313.035] GetFocus () returned 0x3b00ea
[0313.035] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0313.036] SendMessageW (hWnd=0x2d02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0313.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0313.036] IsAppThemed () returned 0x1
[0313.036] GetThemeAppProperties () returned 0x3
[0313.036] GetThemeAppProperties () returned 0x3
[0313.036] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0313.036] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=100, cy=23, hdcSrc=0xe00107d3, x1=0, y1=0, rop=0xcc0020) returned 1
[0313.036] GdipReleaseDC (graphics=0x6600030, hdc=0xe00107d3) returned 0x0
[0313.036] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0313.036] SelectObject (hdc=0xe00107d3, h=0x85000f) returned 0x4a0507fe
[0313.036] DeleteDC (hdc=0xe00107d3) returned 1
[0313.036] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0313.036] EndPaint (hWnd=0x3b00ea, lpPaint=0xd7dee4) returned 1
[0313.037] MapWindowPoints (in: hWndFrom=0x3b00ea, hWndTo=0x0, lpPoints=0x2dc659c, cPoints=0x1 | out: lpPoints=0x2dc659c) returned 30999254
[0313.037] WindowFromPoint (Point=0x309) returned 0x3b00ea
[0313.037] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.037] NotifyWinEvent (event=0x800a, hwnd=0x3b00ea, idObject=-4, idChild=0)
[0313.037] NotifyWinEvent (event=0x800c, hwnd=0x3b00ea, idObject=-4, idChild=0)
[0313.037] GetCapture () returned 0x3b00ea
[0313.037] ReleaseCapture () returned 1
[0313.037] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0313.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0313.038] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.038] IsWindow (hWnd=0x7005c) returned 1
[0313.038] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0313.039] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0313.039] IsWindow (hWnd=0x2d02d0) returned 1
[0313.039] SetActiveWindow (hWnd=0x2d02d0) returned 0x2d02d0
[0313.039] IsWindow (hWnd=0x2d02d0) returned 1
[0313.039] SetFocus (hWnd=0x2d02d0) returned 0x3b00ea
[0313.039] GetFocus () returned 0x2d02d0
[0313.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x8, wParam=0x2d02d0, lParam=0x0) returned 0x0
[0313.039] GetCapture () returned 0x0
[0313.039] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0313.040] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0313.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0313.044] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0313.061] GetFocus () returned 0x2d02d0
[0313.061] SetFocus (hWnd=0x3b00ea) returned 0x2d02d0
[0313.062] GetFocus () returned 0x3b00ea
[0313.062] IsChild (hWndParent=0x2d02d0, hWnd=0x3b00ea) returned 1
[0313.062] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x8, wParam=0x3b00ea, lParam=0x0) returned 0x0
[0313.063] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0313.065] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0313.067] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0313.067] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x7, wParam=0x2d02d0, lParam=0x0) returned 0x0
[0313.067] GetStockObject (i=5) returned 0x900015
[0313.067] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0313.067] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0xd, wParam=0xa, lParam=0x11f5780) returned 0x9
[0313.067] GetDlgItem (hDlg=0x2d02d0, nIDDlgItem=3866858) returned 0x3b00ea
[0313.067] SendMessageW (hWnd=0x3b00ea, Msg=0x202b, wParam=0x3b00ea, lParam=0xd7ddcc) returned 0x0
[0313.067] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x202b, wParam=0x3b00ea, lParam=0xd7ddcc) returned 0x0
[0313.067] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0313.069] GetWindowLongW (hWnd=0x2d02d0, nIndex=-8) returned 458844
[0313.069] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0313.069] GetCurrentThreadId () returned 0xf50
[0313.069] IsWindow (hWnd=0x7005c) returned 1
[0313.069] IsWindow (hWnd=0x7005c) returned 1
[0313.069] IsWindowVisible (hWnd=0x7005c) returned 1
[0313.069] SetActiveWindow (hWnd=0x7005c) returned 0x2d02d0
[0313.069] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0313.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0313.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0313.071] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0313.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0313.072] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0313.073] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0313.073] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0313.073] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0313.073] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0313.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0313.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0313.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0313.074] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x2d02d0) returned 0x1
[0313.081] GetFocus () returned 0x3b00ea
[0313.081] SetFocus (hWnd=0x602c4) returned 0x3b00ea
[0313.081] GetFocus () returned 0x602c4
[0313.081] IsChild (hWndParent=0x2d02d0, hWnd=0x602c4) returned 0
[0313.081] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0313.081] GetCapture () returned 0x0
[0313.081] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0313.082] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0313.083] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0313.085] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0313.085] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0313.085] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0313.085] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0313.086] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0313.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x3b00ea, lParam=0x0) returned 0x0
[0313.086] GetStockObject (i=5) returned 0x900015
[0313.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0313.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0313.086] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0313.086] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0313.086] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0313.086] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0313.087] GetFocus () returned 0x602c4
[0313.088] IsChild (hWndParent=0x2d02d0, hWnd=0x602c4) returned 0
[0313.088] ShowWindow (hWnd=0x2d02d0, nCmdShow=0) returned 1
[0313.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0313.088] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0313.089] GetWindowPlacement (in: hWnd=0x2d02d0, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0313.089] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0313.089] GetClientRect (in: hWnd=0x2d02d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0313.089] GetWindowRect (in: hWnd=0x2d02d0, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0313.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0313.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0313.090] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0313.090] GetWindowLongW (hWnd=0x2d02d0, nIndex=-20) returned 327945
[0313.090] DestroyWindow (hWnd=0x2d02d0) returned 1
[0313.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0313.101] GetWindowTextLengthW (hWnd=0x2d02d0) returned 13
[0313.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0313.101] GetSystemMetrics (nIndex=42) returned 0
[0313.101] GetWindowTextW (in: hWnd=0x2d02d0, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0313.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0313.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0313.101] GetWindowTextLengthW (hWnd=0x3802de) returned 0
[0313.101] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0313.101] GetSystemMetrics (nIndex=42) returned 0
[0313.101] GetWindowTextW (in: hWnd=0x3802de, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0313.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0313.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0313.102] GetWindowThreadProcessId (in: hWnd=0x3802da, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0313.102] GetWindow (hWnd=0x3802da, uCmd=0x5) returned 0x0
[0313.102] GetWindowLongW (hWnd=0x3802da, nIndex=-20) returned 65792
[0313.102] DestroyWindow (hWnd=0x3802da) returned 1
[0313.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0313.102] GetWindowTextLengthW (hWnd=0x3802da) returned 25
[0313.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0313.102] GetSystemMetrics (nIndex=42) returned 0
[0313.102] GetWindowTextW (in: hWnd=0x3802da, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0313.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0313.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0313.102] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.103] GetWindowTextLengthW (hWnd=0x2e02ce) returned 232
[0313.103] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0313.103] GetSystemMetrics (nIndex=42) returned 0
[0313.104] GetWindowTextW (in: hWnd=0x2e02ce, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0313.104] InvalidateRect (hWnd=0x3b00ea, lpRect=0x0, bErase=0) returned 1
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0313.104] SendMessageW (hWnd=0x3202c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0313.104] SendMessageW (hWnd=0x3202c8, Msg=0xb0, wParam=0x2d923e8, lParam=0xd7e480) returned 0x0
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0xb0, wParam=0x2d923e8, lParam=0xd7e480) returned 0x0
[0313.104] GetWindowTextLengthW (hWnd=0x3202c8) returned 4363
[0313.104] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0313.104] GetSystemMetrics (nIndex=42) returned 0
[0313.104] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0313.104] GetWindowTextW (in: hWnd=0x3202c8, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0313.105] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0313.105] CoTaskMemFree (pv=0x1202960)
[0313.105] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0313.105] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3802de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.106] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x2e02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.107] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3a02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.109] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.110] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3802dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.111] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3202c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.112] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2d02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0313.113] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.113] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.113] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.113] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.113] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.113] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.113] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.113] IsWindowUnicode (hWnd=0x7005c) returned 1
[0313.114] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.114] SetCursor (hCursor=0x10003) returned 0x10003
[0313.114] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.114] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.114] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0313.114] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0313.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0313.114] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a024b) returned 0x0
[0313.114] GetKeyState (nVirtKey=1) returned 1
[0313.114] GetKeyState (nVirtKey=2) returned 0
[0313.114] GetKeyState (nVirtKey=4) returned 0
[0313.114] GetKeyState (nVirtKey=5) returned 0
[0313.114] GetKeyState (nVirtKey=6) returned 0
[0313.114] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.115] IsWindowUnicode (hWnd=0x7005c) returned 1
[0313.115] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.115] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.115] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.115] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.115] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.115] IsWindowUnicode (hWnd=0x7005c) returned 1
[0313.115] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df0309) returned 0x1
[0313.116] SetCursor (hCursor=0x10003) returned 0x10003
[0313.116] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.116] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.116] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a024b) returned 0x0
[0313.116] GetKeyState (nVirtKey=1) returned 1
[0313.116] GetKeyState (nVirtKey=2) returned 0
[0313.116] GetKeyState (nVirtKey=4) returned 0
[0313.116] GetKeyState (nVirtKey=5) returned 0
[0313.116] GetKeyState (nVirtKey=6) returned 0
[0313.116] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.117] IsWindowUnicode (hWnd=0x602c4) returned 1
[0313.117] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.117] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.117] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.117] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.117] IsWindowUnicode (hWnd=0x602c4) returned 1
[0313.118] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.118] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.118] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.118] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0313.118] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0313.118] CreateCompatibleDC (hdc=0xc0107c5) returned 0x230107f8
[0313.118] SelectObject (hdc=0x230107f8, h=0x4a0507fe) returned 0x85000f
[0313.118] GdipCreateFromHDC (hdc=0x230107f8, graphics=0xd7e798) returned 0x0
[0313.118] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0313.118] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0313.118] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0313.118] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0313.118] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e7f8) returned 0x0
[0313.119] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0313.119] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0313.119] LocalFree (hMem=0x11eec58) returned 0x0
[0313.119] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0313.119] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0313.119] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0313.119] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0313.119] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0313.119] GdipRestoreGraphics (graphics=0x6600030, state=0xf5020dbd) returned 0x0
[0313.119] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0313.119] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0313.119] GetCurrentObject (hdc=0x230107f8, type=0x1) returned 0xb00017
[0313.119] GetCurrentObject (hdc=0x230107f8, type=0x2) returned 0x900010
[0313.119] GetCurrentObject (hdc=0x230107f8, type=0x7) returned 0x4a0507fe
[0313.119] GetCurrentObject (hdc=0x230107f8, type=0x6) returned 0x8a01c2
[0313.119] SaveDC (hdc=0x230107f8) returned 1
[0313.119] GetNearestColor (hdc=0x230107f8, color=0xff) returned 0xff
[0313.119] GetNearestColor (hdc=0x230107f8, color=0x55) returned 0x55
[0313.120] GetNearestColor (hdc=0x230107f8, color=0x0) returned 0x0
[0313.120] GetNearestColor (hdc=0x230107f8, color=0x55) returned 0x55
[0313.120] GetNearestColor (hdc=0x230107f8, color=0x0) returned 0x0
[0313.120] GetNearestColor (hdc=0x230107f8, color=0x8080ff) returned 0x8080ff
[0313.120] GetNearestColor (hdc=0x230107f8, color=0x7373e5) returned 0x7373e5
[0313.120] GetNearestColor (hdc=0x230107f8, color=0xe5) returned 0xe5
[0313.120] GetNearestColor (hdc=0x230107f8, color=0x0) returned 0x0
[0313.120] RestoreDC (hdc=0x230107f8, nSavedDC=-1) returned 1
[0313.120] GdipReleaseDC (graphics=0x6600030, hdc=0x230107f8) returned 0x0
[0313.120] IsAppThemed () returned 0x1
[0313.120] GetThemeAppProperties () returned 0x3
[0313.120] GetThemeAppProperties () returned 0x3
[0313.120] IsAppThemed () returned 0x1
[0313.120] GetThemeAppProperties () returned 0x3
[0313.120] GetThemeAppProperties () returned 0x3
[0313.120] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2dce308 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0313.121] IsAppThemed () returned 0x1
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] IsAppThemed () returned 0x1
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] GetFocus () returned 0x602c4
[0313.121] IsAppThemed () returned 0x1
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] IsAppThemed () returned 0x1
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] IsThemePartDefined () returned 0x1
[0313.121] IsAppThemed () returned 0x1
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] GetThemeAppProperties () returned 0x3
[0313.121] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0313.121] IsAppThemed () returned 0x1
[0313.121] GetThemeAppProperties () returned 0x3
[0313.122] GetThemeAppProperties () returned 0x3
[0313.122] IsAppThemed () returned 0x1
[0313.122] GetThemeAppProperties () returned 0x3
[0313.122] GetThemeAppProperties () returned 0x3
[0313.122] IsThemePartDefined () returned 0x1
[0313.122] GdipCreateRegion (region=0xd7e508) returned 0x0
[0313.122] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0313.148] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0313.148] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0313.148] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e520) returned 0x0
[0313.148] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0313.148] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0313.148] LocalFree (hMem=0x11eec58) returned 0x0
[0313.148] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0313.148] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0313.148] LocalFree (hMem=0x11ee788) returned 0x0
[0313.149] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0313.149] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e548) returned 0x0
[0313.149] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e538) returned 0x0
[0313.149] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0313.149] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0313.149] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0313.149] GetCurrentObject (hdc=0x230107f8, type=0x1) returned 0xb00017
[0313.149] GetCurrentObject (hdc=0x230107f8, type=0x2) returned 0x900010
[0313.149] GetCurrentObject (hdc=0x230107f8, type=0x7) returned 0x4a0507fe
[0313.149] GetCurrentObject (hdc=0x230107f8, type=0x6) returned 0x8a01c2
[0313.149] SaveDC (hdc=0x230107f8) returned 1
[0313.149] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x5d040807
[0313.149] GetClipRgn (hdc=0x230107f8, hrgn=0x5d040807) returned 0
[0313.149] SelectClipRgn (hdc=0x230107f8, hrgn=0xdb0407de) returned 2
[0313.149] DeleteObject (ho=0x5d040807) returned 1
[0313.149] DeleteObject (ho=0xdb0407de) returned 1
[0313.149] OffsetViewportOrgEx (in: hdc=0x230107f8, x=0, y=0, lppt=0x2dce9b8 | out: lppt=0x2dce9b8) returned 1
[0313.149] DrawThemeParentBackground () returned 0x0
[0313.150] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0313.150] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0313.150] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0313.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0313.150] GetSystemMetrics (nIndex=42) returned 0
[0313.150] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0313.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0313.150] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0313.150] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0313.150] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0313.150] SelectPalette (hdc=0x230107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0313.150] GdipCreateFromHDC (hdc=0x230107f8, graphics=0xd7dff8) returned 0x0
[0313.150] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0313.150] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0313.150] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638cc8) returned 0x0
[0313.151] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dfd0) returned 0x0
[0313.151] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0313.151] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0313.151] GdipGetClip (graphics=0x66376e0, region=0x66465f8) returned 0x0
[0313.151] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x66376e0, result=0xd7dfc4) returned 0x0
[0313.151] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0313.151] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dff0) returned 0x0
[0313.151] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0313.162] GdipFillRectangleI (graphics=0x66376e0, brush=0x664def8, x=0, y=0, width=801, height=453) returned 0x0
[0313.162] GdipDeleteBrush (brush=0x664def8) returned 0x0
[0313.163] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0313.163] SelectPalette (hdc=0x230107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0313.163] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0313.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0313.163] GetSystemMetrics (nIndex=42) returned 0
[0313.163] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0313.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0313.163] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0313.163] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0313.163] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0313.163] SelectPalette (hdc=0x230107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0313.164] GdipCreateFromHDC (hdc=0x230107f8, graphics=0xd7df98) returned 0x0
[0313.164] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0313.164] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0313.164] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638b78) returned 0x0
[0313.164] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df70) returned 0x0
[0313.164] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0313.164] GdipCreateRegion (region=0xd7df58) returned 0x0
[0313.164] GdipGetClip (graphics=0x66376e0, region=0x6646718) returned 0x0
[0313.164] GdipIsInfiniteRegion (region=0x6646718, graphics=0x66376e0, result=0xd7df64) returned 0x0
[0313.164] GdipDeleteRegion (region=0x6646718) returned 0x0
[0313.164] GdipSaveGraphics (graphics=0x66376e0, state=0xd7df90) returned 0x0
[0313.164] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0313.171] GdipFillRectangleI (graphics=0x66376e0, brush=0x664def8, x=0, y=0, width=801, height=453) returned 0x0
[0313.171] GdipDeleteBrush (brush=0x664def8) returned 0x0
[0313.172] GdipRestoreGraphics (graphics=0x66376e0, state=0xf4fe0dbd) returned 0x0
[0313.172] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0313.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0313.172] GetSystemMetrics (nIndex=42) returned 0
[0313.172] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0313.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0313.172] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0313.172] SelectPalette (hdc=0x230107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0313.173] RestoreDC (hdc=0x230107f8, nSavedDC=-1) returned 1
[0313.173] GdipReleaseDC (graphics=0x6600030, hdc=0x230107f8) returned 0x0
[0313.173] IsAppThemed () returned 0x1
[0313.173] GetThemeAppProperties () returned 0x3
[0313.173] GetThemeAppProperties () returned 0x3
[0313.173] IsAppThemed () returned 0x1
[0313.173] GetThemeAppProperties () returned 0x3
[0313.173] GetThemeAppProperties () returned 0x3
[0313.173] IsThemePartDefined () returned 0x1
[0313.173] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0313.173] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0313.173] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0313.173] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0313.173] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e4a4) returned 0x0
[0313.173] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0313.173] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eec58) returned 0x0
[0313.173] LocalFree (hMem=0x11eec58) returned 0x0
[0313.173] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0313.173] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee910) returned 0x0
[0313.174] LocalFree (hMem=0x11ee910) returned 0x0
[0313.174] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0313.174] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0313.174] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0313.174] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0313.174] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0313.174] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0313.174] GetCurrentObject (hdc=0x230107f8, type=0x1) returned 0xb00017
[0313.174] GetCurrentObject (hdc=0x230107f8, type=0x2) returned 0x900010
[0313.174] GetCurrentObject (hdc=0x230107f8, type=0x7) returned 0x4a0507fe
[0313.174] GetCurrentObject (hdc=0x230107f8, type=0x6) returned 0x8a01c2
[0313.174] SaveDC (hdc=0x230107f8) returned 1
[0313.174] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xdc0407de
[0313.174] GetClipRgn (hdc=0x230107f8, hrgn=0xdc0407de) returned 0
[0313.174] SelectClipRgn (hdc=0x230107f8, hrgn=0x5f040807) returned 2
[0313.174] DeleteObject (ho=0xdc0407de) returned 1
[0313.174] DeleteObject (ho=0x5f040807) returned 1
[0313.174] OffsetViewportOrgEx (in: hdc=0x230107f8, x=0, y=0, lppt=0x2dd5208 | out: lppt=0x2dd5208) returned 1
[0313.174] IsAppThemed () returned 0x1
[0313.175] GetThemeAppProperties () returned 0x3
[0313.175] GetThemeAppProperties () returned 0x3
[0313.175] DrawThemeBackground () returned 0x0
[0313.175] RestoreDC (hdc=0x230107f8, nSavedDC=-1) returned 1
[0313.175] GdipReleaseDC (graphics=0x6600030, hdc=0x230107f8) returned 0x0
[0313.175] GdipCreateRegion (region=0xd7e490) returned 0x0
[0313.175] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0313.175] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0313.175] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0313.175] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e4a8) returned 0x0
[0313.175] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0313.175] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee788) returned 0x0
[0313.175] LocalFree (hMem=0x11ee788) returned 0x0
[0313.175] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0313.175] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee8d8) returned 0x0
[0313.175] LocalFree (hMem=0x11ee8d8) returned 0x0
[0313.175] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0313.175] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0313.175] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0313.175] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0313.175] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0313.176] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0313.176] GetCurrentObject (hdc=0x230107f8, type=0x1) returned 0xb00017
[0313.176] GetCurrentObject (hdc=0x230107f8, type=0x2) returned 0x900010
[0313.176] GetCurrentObject (hdc=0x230107f8, type=0x7) returned 0x4a0507fe
[0313.176] GetCurrentObject (hdc=0x230107f8, type=0x6) returned 0x8a01c2
[0313.176] SaveDC (hdc=0x230107f8) returned 1
[0313.176] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x60040807
[0313.176] GetClipRgn (hdc=0x230107f8, hrgn=0x60040807) returned 0
[0313.176] SelectClipRgn (hdc=0x230107f8, hrgn=0xdd0407de) returned 2
[0313.176] DeleteObject (ho=0x60040807) returned 1
[0313.176] DeleteObject (ho=0xdd0407de) returned 1
[0313.176] OffsetViewportOrgEx (in: hdc=0x230107f8, x=0, y=0, lppt=0x2dd54dc | out: lppt=0x2dd54dc) returned 1
[0313.176] IsAppThemed () returned 0x1
[0313.176] GetThemeAppProperties () returned 0x3
[0313.176] GetThemeAppProperties () returned 0x3
[0313.176] GetThemeBackgroundContentRect () returned 0x0
[0313.176] RestoreDC (hdc=0x230107f8, nSavedDC=-1) returned 1
[0313.176] GdipReleaseDC (graphics=0x6600030, hdc=0x230107f8) returned 0x0
[0313.176] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0313.176] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0313.177] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0313.177] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0313.177] IsAppThemed () returned 0x1
[0313.177] GetThemeAppProperties () returned 0x3
[0313.177] GetThemeAppProperties () returned 0x3
[0313.177] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0313.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0313.177] GetCurrentObject (hdc=0x230107f8, type=0x1) returned 0xb00017
[0313.177] GetCurrentObject (hdc=0x230107f8, type=0x2) returned 0x900010
[0313.177] GetCurrentObject (hdc=0x230107f8, type=0x7) returned 0x4a0507fe
[0313.177] GetCurrentObject (hdc=0x230107f8, type=0x6) returned 0x8a01c2
[0313.177] SaveDC (hdc=0x230107f8) returned 1
[0313.177] GetTextAlign (hdc=0x230107f8) returned 0x0
[0313.177] GetTextColor (hdc=0x230107f8) returned 0x0
[0313.177] GetCurrentObject (hdc=0x230107f8, type=0x6) returned 0x8a01c2
[0313.177] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0313.177] SelectObject (hdc=0x230107f8, h=0x6d0a0520) returned 0x8a01c2
[0313.177] GetBkMode (hdc=0x230107f8) returned 2
[0313.178] SetBkMode (hdc=0x230107f8, mode=1) returned 2
[0313.178] DrawTextExW (in: hdc=0x230107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2dd58a0 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0313.178] DrawTextExW (in: hdc=0x230107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2dd58a0 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0313.178] RestoreDC (hdc=0x230107f8, nSavedDC=-1) returned 1
[0313.178] GdipReleaseDC (graphics=0x6600030, hdc=0x230107f8) returned 0x0
[0313.178] GetFocus () returned 0x602c4
[0313.178] IsAppThemed () returned 0x1
[0313.178] GetThemeAppProperties () returned 0x3
[0313.178] GetThemeAppProperties () returned 0x3
[0313.179] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0313.179] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x230107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0313.179] GdipReleaseDC (graphics=0x6600030, hdc=0x230107f8) returned 0x0
[0313.179] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0313.179] SelectObject (hdc=0x230107f8, h=0x85000f) returned 0x4a0507fe
[0313.179] DeleteDC (hdc=0x230107f8) returned 1
[0313.179] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0313.179] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0313.179] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.179] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.179] WaitMessage () returned 1
[0313.179] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.179] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.179] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.180] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.180] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.181] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.182] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.182] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.182] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.182] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.182] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.182] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.182] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.182] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.182] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.182] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.182] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.183] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.183] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.183] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.183] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.183] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.183] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.183] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.183] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.184] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.184] IsWindowUnicode (hWnd=0x30122) returned 1
[0313.184] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.184] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.184] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.184] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.190] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.190] WaitMessage () returned 1
[0313.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.220] IsWindowUnicode (hWnd=0x7005c) returned 1
[0313.220] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.220] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.220] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.220] IsWindowUnicode (hWnd=0x7005c) returned 1
[0313.220] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.220] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.220] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.220] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10a024b) returned 0x0
[0313.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.220] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.220] WaitMessage () returned 1
[0313.390] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.391] IsWindowUnicode (hWnd=0x502c6) returned 1
[0313.391] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0313.391] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0313.391] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0313.391] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.391] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0313.391] WaitMessage () returned 1
[0315.343] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f5) returned 0x1
[0315.343] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.343] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.343] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0315.343] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0315.343] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0315.343] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f5) returned 0x1
[0315.343] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.343] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.343] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f5) returned 0x1
[0315.344] SetCursor (hCursor=0x10003) returned 0x10003
[0315.344] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0315.344] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0315.344] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0315.344] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0315.344] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0315.344] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0315.344] GetKeyState (nVirtKey=1) returned 1
[0315.344] GetKeyState (nVirtKey=2) returned 0
[0315.344] GetKeyState (nVirtKey=4) returned 0
[0315.344] GetKeyState (nVirtKey=5) returned 0
[0315.344] GetKeyState (nVirtKey=6) returned 0
[0315.344] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.344] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.344] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.344] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0315.344] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0315.344] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xc0107c5
[0315.344] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.345] CreateCompatibleDC (hdc=0xc0107c5) returned 0x890107eb
[0315.345] SelectObject (hdc=0x890107eb, h=0x4a0507fe) returned 0x85000f
[0315.345] GdipCreateFromHDC (hdc=0x890107eb, graphics=0xd7e798) returned 0x0
[0315.345] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.345] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0315.345] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0315.345] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0315.345] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e7f8) returned 0x0
[0315.345] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0315.345] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0315.345] LocalFree (hMem=0x11ee9f0) returned 0x0
[0315.345] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0315.345] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0315.345] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.345] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0315.345] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0315.346] GdipRestoreGraphics (graphics=0x6600030, state=0xf4fc0dbd) returned 0x0
[0315.346] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.346] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0315.346] GetCurrentObject (hdc=0x890107eb, type=0x1) returned 0xb00017
[0315.346] GetCurrentObject (hdc=0x890107eb, type=0x2) returned 0x900010
[0315.346] GetCurrentObject (hdc=0x890107eb, type=0x7) returned 0x4a0507fe
[0315.346] GetCurrentObject (hdc=0x890107eb, type=0x6) returned 0x8a01c2
[0315.346] SaveDC (hdc=0x890107eb) returned 1
[0315.346] GetNearestColor (hdc=0x890107eb, color=0xff) returned 0xff
[0315.346] GetNearestColor (hdc=0x890107eb, color=0x55) returned 0x55
[0315.346] GetNearestColor (hdc=0x890107eb, color=0x0) returned 0x0
[0315.346] GetNearestColor (hdc=0x890107eb, color=0x55) returned 0x55
[0315.346] GetNearestColor (hdc=0x890107eb, color=0x0) returned 0x0
[0315.346] GetNearestColor (hdc=0x890107eb, color=0x8080ff) returned 0x8080ff
[0315.346] GetNearestColor (hdc=0x890107eb, color=0x7373e5) returned 0x7373e5
[0315.346] GetNearestColor (hdc=0x890107eb, color=0xe5) returned 0xe5
[0315.346] GetNearestColor (hdc=0x890107eb, color=0x0) returned 0x0
[0315.347] RestoreDC (hdc=0x890107eb, nSavedDC=-1) returned 1
[0315.347] GdipReleaseDC (graphics=0x6600030, hdc=0x890107eb) returned 0x0
[0315.347] IsAppThemed () returned 0x1
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] IsAppThemed () returned 0x1
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2dd6138 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0315.347] IsAppThemed () returned 0x1
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] IsAppThemed () returned 0x1
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] GetThemeAppProperties () returned 0x3
[0315.347] IsAppThemed () returned 0x1
[0315.347] GetThemeAppProperties () returned 0x3
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] IsAppThemed () returned 0x1
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] IsThemePartDefined () returned 0x1
[0315.348] IsAppThemed () returned 0x1
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0315.348] IsAppThemed () returned 0x1
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] IsAppThemed () returned 0x1
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] GetThemeAppProperties () returned 0x3
[0315.348] IsThemePartDefined () returned 0x1
[0315.348] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0315.348] GdipGetClip (graphics=0x6600030, region=0x66468c8) returned 0x0
[0315.348] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0315.348] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0315.348] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e514) returned 0x0
[0315.348] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0315.348] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0315.348] LocalFree (hMem=0x11eec58) returned 0x0
[0315.348] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0315.348] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0315.349] LocalFree (hMem=0x11eec58) returned 0x0
[0315.349] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0315.349] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0315.349] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0315.349] GdipGetRegionHRgn (region=0x66468c8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0315.349] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0315.349] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0315.349] GetCurrentObject (hdc=0x890107eb, type=0x1) returned 0xb00017
[0315.349] GetCurrentObject (hdc=0x890107eb, type=0x2) returned 0x900010
[0315.349] GetCurrentObject (hdc=0x890107eb, type=0x7) returned 0x4a0507fe
[0315.349] GetCurrentObject (hdc=0x890107eb, type=0x6) returned 0x8a01c2
[0315.349] SaveDC (hdc=0x890107eb) returned 1
[0315.349] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xde0407de
[0315.349] GetClipRgn (hdc=0x890107eb, hrgn=0xde0407de) returned 0
[0315.349] SelectClipRgn (hdc=0x890107eb, hrgn=0x64040807) returned 2
[0315.349] DeleteObject (ho=0xde0407de) returned 1
[0315.349] DeleteObject (ho=0x64040807) returned 1
[0315.349] OffsetViewportOrgEx (in: hdc=0x890107eb, x=0, y=0, lppt=0x2dd67e8 | out: lppt=0x2dd67e8) returned 1
[0315.349] DrawThemeParentBackground () returned 0x0
[0315.350] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0315.350] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0315.350] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.350] GetSystemMetrics (nIndex=42) returned 0
[0315.350] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.350] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0315.350] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0315.350] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0315.350] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0315.350] SelectPalette (hdc=0x890107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.350] GdipCreateFromHDC (hdc=0x890107eb, graphics=0xd7dff0) returned 0x0
[0315.350] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0315.350] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0315.350] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638a28) returned 0x0
[0315.350] GdipIsMatrixIdentity (matrix=0x6638a28, result=0xd7dfc8) returned 0x0
[0315.350] GdipDeleteMatrix (matrix=0x6638a28) returned 0x0
[0315.350] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0315.350] GdipGetClip (graphics=0x66376e0, region=0x66463b8) returned 0x0
[0315.350] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x66376e0, result=0xd7dfbc) returned 0x0
[0315.351] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.351] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dfe8) returned 0x0
[0315.351] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0315.357] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e168, x=0, y=0, width=801, height=453) returned 0x0
[0315.357] GdipDeleteBrush (brush=0x664e168) returned 0x0
[0315.358] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0315.358] SelectPalette (hdc=0x890107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.358] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.358] GetSystemMetrics (nIndex=42) returned 0
[0315.358] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.358] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0315.358] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0315.358] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0315.359] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0315.359] SelectPalette (hdc=0x890107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.359] GdipCreateFromHDC (hdc=0x890107eb, graphics=0xd7df90) returned 0x0
[0315.359] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0315.359] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0315.359] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638c08) returned 0x0
[0315.359] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df68) returned 0x0
[0315.359] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0315.359] GdipCreateRegion (region=0xd7df50) returned 0x0
[0315.359] GdipGetClip (graphics=0x66376e0, region=0x66468c8) returned 0x0
[0315.359] GdipIsInfiniteRegion (region=0x66468c8, graphics=0x66376e0, result=0xd7df5c) returned 0x0
[0315.359] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0315.359] GdipSaveGraphics (graphics=0x66376e0, state=0xd7df88) returned 0x0
[0315.359] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0315.365] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e8b8, x=0, y=0, width=801, height=453) returned 0x0
[0315.365] GdipDeleteBrush (brush=0x664e8b8) returned 0x0
[0315.367] GdipRestoreGraphics (graphics=0x66376e0, state=0xf4f80dbd) returned 0x0
[0315.367] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.367] GetSystemMetrics (nIndex=42) returned 0
[0315.367] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.367] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0315.367] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0315.367] SelectPalette (hdc=0x890107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.367] RestoreDC (hdc=0x890107eb, nSavedDC=-1) returned 1
[0315.367] GdipReleaseDC (graphics=0x6600030, hdc=0x890107eb) returned 0x0
[0315.367] IsAppThemed () returned 0x1
[0315.368] GetThemeAppProperties () returned 0x3
[0315.368] GetThemeAppProperties () returned 0x3
[0315.368] IsAppThemed () returned 0x1
[0315.368] GetThemeAppProperties () returned 0x3
[0315.368] GetThemeAppProperties () returned 0x3
[0315.368] IsThemePartDefined () returned 0x1
[0315.368] GdipCreateRegion (region=0xd7e480) returned 0x0
[0315.368] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0315.368] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0315.368] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0315.368] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e498) returned 0x0
[0315.368] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.368] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0315.368] LocalFree (hMem=0x11ee788) returned 0x0
[0315.368] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.368] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0315.368] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.368] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0315.368] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0315.368] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0315.368] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0315.368] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0315.368] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0315.368] GetCurrentObject (hdc=0x890107eb, type=0x1) returned 0xb00017
[0315.369] GetCurrentObject (hdc=0x890107eb, type=0x2) returned 0x900010
[0315.369] GetCurrentObject (hdc=0x890107eb, type=0x7) returned 0x4a0507fe
[0315.369] GetCurrentObject (hdc=0x890107eb, type=0x6) returned 0x8a01c2
[0315.369] SaveDC (hdc=0x890107eb) returned 1
[0315.369] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x65040807
[0315.369] GetClipRgn (hdc=0x890107eb, hrgn=0x65040807) returned 0
[0315.369] SelectClipRgn (hdc=0x890107eb, hrgn=0xe00407de) returned 2
[0315.369] DeleteObject (ho=0x65040807) returned 1
[0315.369] DeleteObject (ho=0xe00407de) returned 1
[0315.369] OffsetViewportOrgEx (in: hdc=0x890107eb, x=0, y=0, lppt=0x2ddd038 | out: lppt=0x2ddd038) returned 1
[0315.369] IsAppThemed () returned 0x1
[0315.369] GetThemeAppProperties () returned 0x3
[0315.369] GetThemeAppProperties () returned 0x3
[0315.369] DrawThemeBackground () returned 0x0
[0315.369] RestoreDC (hdc=0x890107eb, nSavedDC=-1) returned 1
[0315.369] GdipReleaseDC (graphics=0x6600030, hdc=0x890107eb) returned 0x0
[0315.369] GdipCreateRegion (region=0xd7e484) returned 0x0
[0315.369] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0315.369] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0315.370] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0315.370] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e49c) returned 0x0
[0315.370] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.370] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee788) returned 0x0
[0315.370] LocalFree (hMem=0x11ee788) returned 0x0
[0315.370] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0315.370] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eead0) returned 0x0
[0315.370] LocalFree (hMem=0x11eead0) returned 0x0
[0315.370] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0315.370] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0315.370] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0315.370] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0315.370] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0315.370] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0315.370] GetCurrentObject (hdc=0x890107eb, type=0x1) returned 0xb00017
[0315.370] GetCurrentObject (hdc=0x890107eb, type=0x2) returned 0x900010
[0315.370] GetCurrentObject (hdc=0x890107eb, type=0x7) returned 0x4a0507fe
[0315.370] GetCurrentObject (hdc=0x890107eb, type=0x6) returned 0x8a01c2
[0315.370] SaveDC (hdc=0x890107eb) returned 1
[0315.370] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe10407de
[0315.370] GetClipRgn (hdc=0x890107eb, hrgn=0xe10407de) returned 0
[0315.370] SelectClipRgn (hdc=0x890107eb, hrgn=0x66040807) returned 2
[0315.371] DeleteObject (ho=0xe10407de) returned 1
[0315.371] DeleteObject (ho=0x66040807) returned 1
[0315.371] OffsetViewportOrgEx (in: hdc=0x890107eb, x=0, y=0, lppt=0x2ddd30c | out: lppt=0x2ddd30c) returned 1
[0315.371] IsAppThemed () returned 0x1
[0315.371] GetThemeAppProperties () returned 0x3
[0315.371] GetThemeAppProperties () returned 0x3
[0315.371] GetThemeBackgroundContentRect () returned 0x0
[0315.371] RestoreDC (hdc=0x890107eb, nSavedDC=-1) returned 1
[0315.371] GdipReleaseDC (graphics=0x6600030, hdc=0x890107eb) returned 0x0
[0315.371] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0315.371] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0315.371] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0315.371] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0315.371] IsAppThemed () returned 0x1
[0315.371] GetThemeAppProperties () returned 0x3
[0315.371] GetThemeAppProperties () returned 0x3
[0315.371] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0315.371] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0315.371] GetCurrentObject (hdc=0x890107eb, type=0x1) returned 0xb00017
[0315.371] GetCurrentObject (hdc=0x890107eb, type=0x2) returned 0x900010
[0315.371] GetCurrentObject (hdc=0x890107eb, type=0x7) returned 0x4a0507fe
[0315.371] GetCurrentObject (hdc=0x890107eb, type=0x6) returned 0x8a01c2
[0315.372] SaveDC (hdc=0x890107eb) returned 1
[0315.372] GetTextAlign (hdc=0x890107eb) returned 0x0
[0315.372] GetTextColor (hdc=0x890107eb) returned 0x0
[0315.372] GetCurrentObject (hdc=0x890107eb, type=0x6) returned 0x8a01c2
[0315.372] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0315.372] SelectObject (hdc=0x890107eb, h=0x6d0a0520) returned 0x8a01c2
[0315.372] GetBkMode (hdc=0x890107eb) returned 2
[0315.372] SetBkMode (hdc=0x890107eb, mode=1) returned 2
[0315.372] DrawTextExW (in: hdc=0x890107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2ddd6d0 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0315.372] DrawTextExW (in: hdc=0x890107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2ddd6d0 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0315.373] RestoreDC (hdc=0x890107eb, nSavedDC=-1) returned 1
[0315.373] GdipReleaseDC (graphics=0x6600030, hdc=0x890107eb) returned 0x0
[0315.373] GetFocus () returned 0x602c4
[0315.373] IsAppThemed () returned 0x1
[0315.373] GetThemeAppProperties () returned 0x3
[0315.373] GetThemeAppProperties () returned 0x3
[0315.373] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0315.373] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x890107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.373] GdipReleaseDC (graphics=0x6600030, hdc=0x890107eb) returned 0x0
[0315.373] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.373] SelectObject (hdc=0x890107eb, h=0x85000f) returned 0x4a0507fe
[0315.374] DeleteDC (hdc=0x890107eb) returned 1
[0315.374] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.374] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0315.374] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0315.374] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0315.374] WaitMessage () returned 1
[0315.451] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.451] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.451] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.451] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0315.451] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0315.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.452] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.452] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.452] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0315.452] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0315.452] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd001a) returned 0x0
[0315.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0315.452] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0315.452] WaitMessage () returned 1
[0315.595] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f5) returned 0x1
[0315.595] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.595] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.595] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f5) returned 0x1
[0315.595] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0315.595] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0037) returned 0x0
[0315.596] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0315.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0315.596] SetCursor (hCursor=0x10003) returned 0x10003
[0315.596] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0315.596] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0315.596] GetKeyState (nVirtKey=1) returned -128
[0315.596] GetKeyState (nVirtKey=2) returned 0
[0315.596] GetKeyState (nVirtKey=4) returned 0
[0315.596] GetKeyState (nVirtKey=5) returned 0
[0315.596] GetKeyState (nVirtKey=6) returned 0
[0315.596] IsWindowVisible (hWnd=0x602c4) returned 1
[0315.596] IsWindowEnabled (hWnd=0x602c4) returned 1
[0315.596] SetFocus (hWnd=0x602c4) returned 0x602c4
[0315.596] GetFocus () returned 0x602c4
[0315.596] GetFocus () returned 0x602c4
[0315.596] GetFocus () returned 0x602c4
[0315.596] GetKeyState (nVirtKey=1) returned -128
[0315.596] GetKeyState (nVirtKey=2) returned 0
[0315.596] GetKeyState (nVirtKey=4) returned 0
[0315.596] GetKeyState (nVirtKey=5) returned 0
[0315.596] GetKeyState (nVirtKey=6) returned 0
[0315.596] GetCapture () returned 0x0
[0315.596] SetCapture (hWnd=0x602c4) returned 0x0
[0315.597] GetKeyState (nVirtKey=1) returned -128
[0315.597] GetKeyState (nVirtKey=2) returned 0
[0315.597] GetKeyState (nVirtKey=4) returned 0
[0315.597] GetKeyState (nVirtKey=5) returned 0
[0315.597] GetKeyState (nVirtKey=6) returned 0
[0315.597] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0315.597] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0315.597] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.597] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.597] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0315.597] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0315.597] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0315.597] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2ddd854, cPoints=0x1 | out: lpPoints=0x2ddd854) returned 40304859
[0315.597] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0315.597] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0315.597] UpdateWindow (hWnd=0x602c4) returned 1
[0315.597] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xc0107c5
[0315.597] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.597] CreateCompatibleDC (hdc=0xc0107c5) returned 0x8a0107eb
[0315.598] SelectObject (hdc=0x8a0107eb, h=0x4a0507fe) returned 0x85000f
[0315.598] GdipCreateFromHDC (hdc=0x8a0107eb, graphics=0xd7e430) returned 0x0
[0315.598] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.598] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0315.598] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0315.598] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0315.598] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e490) returned 0x0
[0315.598] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.598] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0315.598] LocalFree (hMem=0x11ee788) returned 0x0
[0315.598] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0315.598] GdipCreateRegion (region=0xd7e478) returned 0x0
[0315.598] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.598] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0315.598] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0315.598] GdipRestoreGraphics (graphics=0x6600030, state=0xf4f60dbd) returned 0x0
[0315.598] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.598] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0315.599] GetCurrentObject (hdc=0x8a0107eb, type=0x1) returned 0xb00017
[0315.599] GetCurrentObject (hdc=0x8a0107eb, type=0x2) returned 0x900010
[0315.599] GetCurrentObject (hdc=0x8a0107eb, type=0x7) returned 0x4a0507fe
[0315.599] GetCurrentObject (hdc=0x8a0107eb, type=0x6) returned 0x8a01c2
[0315.599] SaveDC (hdc=0x8a0107eb) returned 1
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0xff) returned 0xff
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0x55) returned 0x55
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0x0) returned 0x0
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0x55) returned 0x55
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0x0) returned 0x0
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0x8080ff) returned 0x8080ff
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0x7373e5) returned 0x7373e5
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0xe5) returned 0xe5
[0315.599] GetNearestColor (hdc=0x8a0107eb, color=0x0) returned 0x0
[0315.599] RestoreDC (hdc=0x8a0107eb, nSavedDC=-1) returned 1
[0315.599] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107eb) returned 0x0
[0315.599] IsAppThemed () returned 0x1
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] IsAppThemed () returned 0x1
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2dddf70 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0315.600] IsAppThemed () returned 0x1
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] IsAppThemed () returned 0x1
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] IsAppThemed () returned 0x1
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] IsAppThemed () returned 0x1
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] GetThemeAppProperties () returned 0x3
[0315.600] IsThemePartDefined () returned 0x1
[0315.600] IsAppThemed () returned 0x1
[0315.600] GetThemeAppProperties () returned 0x3
[0315.601] GetThemeAppProperties () returned 0x3
[0315.601] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0315.601] IsAppThemed () returned 0x1
[0315.601] GetThemeAppProperties () returned 0x3
[0315.601] GetThemeAppProperties () returned 0x3
[0315.601] IsAppThemed () returned 0x1
[0315.601] GetThemeAppProperties () returned 0x3
[0315.601] GetThemeAppProperties () returned 0x3
[0315.601] IsThemePartDefined () returned 0x1
[0315.601] GdipCreateRegion (region=0xd7e194) returned 0x0
[0315.601] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.601] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0315.601] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0315.601] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e1ac) returned 0x0
[0315.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0315.601] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eec58) returned 0x0
[0315.601] LocalFree (hMem=0x11eec58) returned 0x0
[0315.601] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0315.601] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0315.601] LocalFree (hMem=0x11ee868) returned 0x0
[0315.601] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0315.601] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0315.601] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0315.601] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0315.601] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.601] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0315.602] GetCurrentObject (hdc=0x8a0107eb, type=0x1) returned 0xb00017
[0315.602] GetCurrentObject (hdc=0x8a0107eb, type=0x2) returned 0x900010
[0315.602] GetCurrentObject (hdc=0x8a0107eb, type=0x7) returned 0x4a0507fe
[0315.602] GetCurrentObject (hdc=0x8a0107eb, type=0x6) returned 0x8a01c2
[0315.602] SaveDC (hdc=0x8a0107eb) returned 1
[0315.602] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x67040807
[0315.602] GetClipRgn (hdc=0x8a0107eb, hrgn=0x67040807) returned 0
[0315.602] SelectClipRgn (hdc=0x8a0107eb, hrgn=0xe50407de) returned 2
[0315.602] DeleteObject (ho=0x67040807) returned 1
[0315.602] DeleteObject (ho=0xe50407de) returned 1
[0315.602] OffsetViewportOrgEx (in: hdc=0x8a0107eb, x=0, y=0, lppt=0x2dde620 | out: lppt=0x2dde620) returned 1
[0315.602] DrawThemeParentBackground () returned 0x0
[0315.602] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0315.602] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0315.602] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.602] GetSystemMetrics (nIndex=42) returned 0
[0315.602] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.602] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0315.603] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0315.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0315.603] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0315.603] SelectPalette (hdc=0x8a0107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.603] GdipCreateFromHDC (hdc=0x8a0107eb, graphics=0xd7dc88) returned 0x0
[0315.603] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0315.603] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0315.603] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638ba8) returned 0x0
[0315.603] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc60) returned 0x0
[0315.603] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0315.603] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0315.603] GdipGetClip (graphics=0x66376e0, region=0x66465f8) returned 0x0
[0315.603] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x66376e0, result=0xd7dc54) returned 0x0
[0315.603] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0315.603] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dc80) returned 0x0
[0315.603] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0315.609] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0315.609] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0315.610] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0315.610] SelectPalette (hdc=0x8a0107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.611] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.611] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.611] GetSystemMetrics (nIndex=42) returned 0
[0315.611] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.611] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0315.611] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0315.611] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0315.611] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0315.611] SelectPalette (hdc=0x8a0107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.611] GdipCreateFromHDC (hdc=0x8a0107eb, graphics=0xd7dc28) returned 0x0
[0315.611] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0315.611] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0315.611] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638ab8) returned 0x0
[0315.611] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc00) returned 0x0
[0315.611] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0315.611] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0315.611] GdipGetClip (graphics=0x66376e0, region=0x66465f8) returned 0x0
[0315.612] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x66376e0, result=0xd7dbf4) returned 0x0
[0315.612] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0315.612] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dc20) returned 0x0
[0315.612] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0315.617] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e3d8, x=0, y=0, width=801, height=453) returned 0x0
[0315.617] GdipDeleteBrush (brush=0x664e3d8) returned 0x0
[0315.619] GdipRestoreGraphics (graphics=0x66376e0, state=0xf4f20dbd) returned 0x0
[0315.619] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.619] GetSystemMetrics (nIndex=42) returned 0
[0315.619] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.619] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0315.619] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0315.619] SelectPalette (hdc=0x8a0107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.619] RestoreDC (hdc=0x8a0107eb, nSavedDC=-1) returned 1
[0315.619] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107eb) returned 0x0
[0315.619] IsAppThemed () returned 0x1
[0315.619] GetThemeAppProperties () returned 0x3
[0315.619] GetThemeAppProperties () returned 0x3
[0315.619] IsAppThemed () returned 0x1
[0315.620] GetThemeAppProperties () returned 0x3
[0315.620] GetThemeAppProperties () returned 0x3
[0315.620] IsThemePartDefined () returned 0x1
[0315.620] GdipCreateRegion (region=0xd7e118) returned 0x0
[0315.620] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.620] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0315.620] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0315.620] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7e130) returned 0x0
[0315.620] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.620] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee788) returned 0x0
[0315.620] LocalFree (hMem=0x11ee788) returned 0x0
[0315.620] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0315.620] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee8d8) returned 0x0
[0315.620] LocalFree (hMem=0x11ee8d8) returned 0x0
[0315.620] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0315.620] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0315.620] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0315.620] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0315.620] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.620] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0315.620] GetCurrentObject (hdc=0x8a0107eb, type=0x1) returned 0xb00017
[0315.620] GetCurrentObject (hdc=0x8a0107eb, type=0x2) returned 0x900010
[0315.620] GetCurrentObject (hdc=0x8a0107eb, type=0x7) returned 0x4a0507fe
[0315.621] GetCurrentObject (hdc=0x8a0107eb, type=0x6) returned 0x8a01c2
[0315.621] SaveDC (hdc=0x8a0107eb) returned 1
[0315.621] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe60407de
[0315.621] GetClipRgn (hdc=0x8a0107eb, hrgn=0xe60407de) returned 0
[0315.621] SelectClipRgn (hdc=0x8a0107eb, hrgn=0x69040807) returned 2
[0315.621] DeleteObject (ho=0xe60407de) returned 1
[0315.621] DeleteObject (ho=0x69040807) returned 1
[0315.621] OffsetViewportOrgEx (in: hdc=0x8a0107eb, x=0, y=0, lppt=0x2de4e70 | out: lppt=0x2de4e70) returned 1
[0315.621] IsAppThemed () returned 0x1
[0315.621] GetThemeAppProperties () returned 0x3
[0315.621] GetThemeAppProperties () returned 0x3
[0315.621] DrawThemeBackground () returned 0x0
[0315.621] RestoreDC (hdc=0x8a0107eb, nSavedDC=-1) returned 1
[0315.621] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107eb) returned 0x0
[0315.621] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0315.621] GdipGetClip (graphics=0x6600030, region=0x66465f8) returned 0x0
[0315.621] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0315.621] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0315.621] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e134) returned 0x0
[0315.621] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0315.622] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea28) returned 0x0
[0315.622] LocalFree (hMem=0x11eea28) returned 0x0
[0315.622] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0315.622] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0315.622] LocalFree (hMem=0x11ee910) returned 0x0
[0315.622] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0315.622] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0315.622] GdipIsInfiniteRegion (region=0x66465f8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0315.622] GdipGetRegionHRgn (region=0x66465f8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0315.622] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0315.622] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0315.622] GetCurrentObject (hdc=0x8a0107eb, type=0x1) returned 0xb00017
[0315.623] GetCurrentObject (hdc=0x8a0107eb, type=0x2) returned 0x900010
[0315.623] GetCurrentObject (hdc=0x8a0107eb, type=0x7) returned 0x4a0507fe
[0315.623] GetCurrentObject (hdc=0x8a0107eb, type=0x6) returned 0x8a01c2
[0315.623] SaveDC (hdc=0x8a0107eb) returned 1
[0315.623] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6a040807
[0315.623] GetClipRgn (hdc=0x8a0107eb, hrgn=0x6a040807) returned 0
[0315.623] SelectClipRgn (hdc=0x8a0107eb, hrgn=0xe70407de) returned 2
[0315.623] DeleteObject (ho=0x6a040807) returned 1
[0315.623] DeleteObject (ho=0xe70407de) returned 1
[0315.623] OffsetViewportOrgEx (in: hdc=0x8a0107eb, x=0, y=0, lppt=0x2de5144 | out: lppt=0x2de5144) returned 1
[0315.623] IsAppThemed () returned 0x1
[0315.623] GetThemeAppProperties () returned 0x3
[0315.623] GetThemeAppProperties () returned 0x3
[0315.623] GetThemeBackgroundContentRect () returned 0x0
[0315.623] RestoreDC (hdc=0x8a0107eb, nSavedDC=-1) returned 1
[0315.623] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107eb) returned 0x0
[0315.623] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0315.623] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0315.623] GdipFillRectangleI (graphics=0x6600030, brush=0x6671db0, x=4, y=4, width=67, height=15) returned 0x0
[0315.623] GdipDeleteBrush (brush=0x6671db0) returned 0x0
[0315.624] IsAppThemed () returned 0x1
[0315.624] GetThemeAppProperties () returned 0x3
[0315.624] GetThemeAppProperties () returned 0x3
[0315.624] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0315.624] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0315.624] GetCurrentObject (hdc=0x8a0107eb, type=0x1) returned 0xb00017
[0315.624] GetCurrentObject (hdc=0x8a0107eb, type=0x2) returned 0x900010
[0315.624] GetCurrentObject (hdc=0x8a0107eb, type=0x7) returned 0x4a0507fe
[0315.624] GetCurrentObject (hdc=0x8a0107eb, type=0x6) returned 0x8a01c2
[0315.624] SaveDC (hdc=0x8a0107eb) returned 1
[0315.624] GetTextAlign (hdc=0x8a0107eb) returned 0x0
[0315.624] GetTextColor (hdc=0x8a0107eb) returned 0x0
[0315.624] GetCurrentObject (hdc=0x8a0107eb, type=0x6) returned 0x8a01c2
[0315.624] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0315.624] SelectObject (hdc=0x8a0107eb, h=0x6d0a0520) returned 0x8a01c2
[0315.624] GetBkMode (hdc=0x8a0107eb) returned 2
[0315.624] SetBkMode (hdc=0x8a0107eb, mode=1) returned 2
[0315.624] DrawTextExW (in: hdc=0x8a0107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2de5508 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0315.625] DrawTextExW (in: hdc=0x8a0107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2de5508 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0315.625] RestoreDC (hdc=0x8a0107eb, nSavedDC=-1) returned 1
[0315.625] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107eb) returned 0x0
[0315.625] GetFocus () returned 0x602c4
[0315.625] IsAppThemed () returned 0x1
[0315.625] GetThemeAppProperties () returned 0x3
[0315.625] GetThemeAppProperties () returned 0x3
[0315.625] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0315.625] BitBlt (hdc=0xc0107c5, x=0, y=0, cx=75, cy=23, hdcSrc=0x8a0107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.626] GdipReleaseDC (graphics=0x6600030, hdc=0x8a0107eb) returned 0x0
[0315.626] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.626] SelectObject (hdc=0x8a0107eb, h=0x85000f) returned 0x4a0507fe
[0315.626] DeleteDC (hdc=0x8a0107eb) returned 1
[0315.626] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.626] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0315.626] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2de5604, cPoints=0x1 | out: lpPoints=0x2de5604) returned 40304859
[0315.626] WindowFromPoint (Point=0xf5) returned 0x602c4
[0315.626] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f5) returned 0x1
[0315.626] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0315.626] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0315.626] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0315.626] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0315.626] GetSystemMetrics (nIndex=42) returned 0
[0315.626] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0315.626] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0315.628] GetCapture () returned 0x602c4
[0315.628] ReleaseCapture () returned 1
[0315.628] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0315.628] GetProcessWindowStation () returned 0x13c
[0315.629] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.629] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0315.629] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.629] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0315.629] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.629] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0315.629] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.630] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0315.630] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.630] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0315.630] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.630] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0315.630] GetDC (hWnd=0x0) returned 0x107b9
[0315.630] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0315.630] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0315.630] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.631] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0315.631] GetSystemMetrics (nIndex=5) returned 1
[0315.631] GetSystemMetrics (nIndex=6) returned 1
[0315.631] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.631] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0315.631] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.631] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0315.634] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0315.634] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0315.634] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.634] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0315.634] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.634] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0315.635] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2deb020 | out: lpData=0x2deb020) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2deb430, puLen=0xd7e810) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb0d8, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb12c, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb1ac, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb214, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb254, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb2dc, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb318, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb370, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb3a0, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2deb3dc, puLen=0xd7e790) returned 1
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2deb430, puLen=0xd7e784) returned 1
[0315.636] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.636] VerQueryValueW (in: pBlock=0x2deb020, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2deb048, puLen=0xd7e794) returned 1
[0315.637] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0315.637] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0315.637] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.637] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0315.637] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.637] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0315.637] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2decf90 | out: lpData=0x2decf90) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2ded02c, puLen=0xd7e810) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded0a4, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded0d4, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded110, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded140, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded188, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded200, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded244, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded284, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded082, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2ded1d0, puLen=0xd7e790) returned 1
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2ded02c, puLen=0xd7e784) returned 1
[0315.638] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0315.638] VerQueryValueW (in: pBlock=0x2decf90, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2decfb8, puLen=0xd7e794) returned 1
[0315.639] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0315.639] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0315.639] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.639] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0315.639] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.639] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0315.640] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2def268 | out: lpData=0x2def268) returned 1
[0315.640] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2def67c, puLen=0xd7e810) returned 1
[0315.640] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def320, puLen=0xd7e790) returned 1
[0315.640] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def374, puLen=0xd7e790) returned 1
[0315.640] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def3d0, puLen=0xd7e790) returned 1
[0315.640] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def430, puLen=0xd7e790) returned 1
[0315.640] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def488, puLen=0xd7e790) returned 1
[0315.640] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def510, puLen=0xd7e790) returned 1
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def564, puLen=0xd7e790) returned 1
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def5bc, puLen=0xd7e790) returned 1
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def5ec, puLen=0xd7e790) returned 1
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2def628, puLen=0xd7e790) returned 1
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2def67c, puLen=0xd7e784) returned 1
[0315.641] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.641] VerQueryValueW (in: pBlock=0x2def268, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2def290, puLen=0xd7e794) returned 1
[0315.641] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0315.642] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0315.642] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.642] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0315.642] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.642] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0315.643] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2df18a0 | out: lpData=0x2df18a0) returned 1
[0315.643] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df1ca0, puLen=0xd7e810) returned 1
[0315.643] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1958, puLen=0xd7e790) returned 1
[0315.643] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df19ac, puLen=0xd7e790) returned 1
[0315.643] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df19ec, puLen=0xd7e790) returned 1
[0315.643] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1a54, puLen=0xd7e790) returned 1
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1aac, puLen=0xd7e790) returned 1
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1b34, puLen=0xd7e790) returned 1
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1b88, puLen=0xd7e790) returned 1
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1be0, puLen=0xd7e790) returned 1
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1c10, puLen=0xd7e790) returned 1
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df1c4c, puLen=0xd7e790) returned 1
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df1ca0, puLen=0xd7e784) returned 1
[0315.644] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.644] VerQueryValueW (in: pBlock=0x2df18a0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df18c8, puLen=0xd7e794) returned 1
[0315.645] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0315.645] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0315.645] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.645] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0315.645] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.645] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0315.646] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2df3fdc | out: lpData=0x2df3fdc) returned 1
[0315.646] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df43a4, puLen=0xd7e810) returned 1
[0315.646] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4094, puLen=0xd7e790) returned 1
[0315.646] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df40e8, puLen=0xd7e790) returned 1
[0315.646] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4128, puLen=0xd7e790) returned 1
[0315.646] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4190, puLen=0xd7e790) returned 1
[0315.646] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df41cc, puLen=0xd7e790) returned 1
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4254, puLen=0xd7e790) returned 1
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df428c, puLen=0xd7e790) returned 1
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df42e4, puLen=0xd7e790) returned 1
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4314, puLen=0xd7e790) returned 1
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df4350, puLen=0xd7e790) returned 1
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df43a4, puLen=0xd7e784) returned 1
[0315.647] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.647] VerQueryValueW (in: pBlock=0x2df3fdc, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df4004, puLen=0xd7e794) returned 1
[0315.648] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0315.648] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0315.648] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.648] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0315.648] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.648] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0315.648] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2df7644 | out: lpData=0x2df7644) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2df7a24, puLen=0xd7e810) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df76fc, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df7750, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df7790, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df77f0, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df783c, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df78c4, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df790c, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df7964, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df7994, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df79d0, puLen=0xd7e790) returned 1
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.649] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2df7a24, puLen=0xd7e784) returned 1
[0315.650] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.650] VerQueryValueW (in: pBlock=0x2df7644, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df766c, puLen=0xd7e794) returned 1
[0315.650] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0315.650] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0315.650] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.650] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0315.650] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.651] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0315.651] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2df9e64 | out: lpData=0x2df9e64) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfa270, puLen=0xd7e810) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9f1c, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9f70, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2df9fc4, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa024, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa07c, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa104, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa158, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa1b0, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa1e0, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfa21c, puLen=0xd7e790) returned 1
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.652] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfa270, puLen=0xd7e784) returned 1
[0315.653] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.653] VerQueryValueW (in: pBlock=0x2df9e64, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2df9e8c, puLen=0xd7e794) returned 1
[0315.654] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0315.654] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0315.654] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.654] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0315.654] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.654] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0315.655] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dfc678 | out: lpData=0x2dfc678) returned 1
[0315.655] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfca50, puLen=0xd7e810) returned 1
[0315.655] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc730, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc784, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc7c4, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc82c, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc870, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc8f8, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc938, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc990, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc9c0, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfc9fc, puLen=0xd7e790) returned 1
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfca50, puLen=0xd7e784) returned 1
[0315.656] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.656] VerQueryValueW (in: pBlock=0x2dfc678, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfc6a0, puLen=0xd7e794) returned 1
[0315.657] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0315.657] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0315.657] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.657] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0315.657] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.657] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0315.658] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2dfebd0 | out: lpData=0x2dfebd0) returned 1
[0315.658] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2dfefa8, puLen=0xd7e810) returned 1
[0315.658] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfec88, puLen=0xd7e790) returned 1
[0315.658] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfecdc, puLen=0xd7e790) returned 1
[0315.658] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfed1c, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfed84, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfedc8, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfee50, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfee90, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfeee8, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfef18, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2dfef54, puLen=0xd7e790) returned 1
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2dfefa8, puLen=0xd7e784) returned 1
[0315.659] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.659] VerQueryValueW (in: pBlock=0x2dfebd0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2dfebf8, puLen=0xd7e794) returned 1
[0315.660] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0315.660] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0315.660] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0315.660] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0315.660] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0315.660] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0315.660] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e01308 | out: lpData=0x2e01308) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e01738, puLen=0xd7e810) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e013c0, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01414, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01484, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e014e4, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01540, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e015c8, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01620, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e01678, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e016a8, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e016e4, puLen=0xd7e790) returned 1
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e01738, puLen=0xd7e784) returned 1
[0315.661] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0315.661] VerQueryValueW (in: pBlock=0x2e01308, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e01330, puLen=0xd7e794) returned 1
[0315.662] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0315.662] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.662] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0315.662] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.663] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.663] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2e02d0
[0315.664] SetWindowLongW (hWnd=0x2e02d0, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0315.664] GetWindowLongW (hWnd=0x2e02d0, nIndex=-4) returned 1950089536
[0315.664] SetWindowLongW (hWnd=0x2e02d0, nIndex=-4, dwNewLong=19940470) returned 1950089536
[0315.664] GetWindowLongW (hWnd=0x2e02d0, nIndex=-4) returned 19940470
[0315.664] GetWindowLongW (hWnd=0x2e02d0, nIndex=-16) returned 113311744
[0315.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0315.664] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0315.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0315.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0315.665] GetClientRect (in: hWnd=0x2e02d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0315.665] GetWindowRect (in: hWnd=0x2e02d0, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0315.665] SetWindowTextW (hWnd=0x2e02d0, lpString="WindowsFormsParkingWindow") returned 1
[0315.665] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0xc, wParam=0x0, lParam=0x2dc6990) returned 0x1
[0315.666] GetParent (hWnd=0x2e02d0) returned 0x0
[0315.666] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.666] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x2e02d0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3302c8
[0315.666] SetWindowLongW (hWnd=0x3302c8, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0315.666] GetWindowLongW (hWnd=0x3302c8, nIndex=-4) returned 1868147648
[0315.667] SetWindowLongW (hWnd=0x3302c8, nIndex=-4, dwNewLong=19941950) returned 1868147648
[0315.667] GetWindowLongW (hWnd=0x3302c8, nIndex=-4) returned 19941950
[0315.667] GetWindowLongW (hWnd=0x3302c8, nIndex=-16) returned 1174405133
[0315.667] GetWindowLongW (hWnd=0x3302c8, nIndex=-12) returned 0
[0315.667] SetWindowLongW (hWnd=0x3302c8, nIndex=-12, dwNewLong=3343048) returned 0
[0315.667] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0315.668] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0315.668] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0315.668] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0315.668] GetWindowRect (in: hWnd=0x3302c8, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0315.668] GetParent (hWnd=0x3302c8) returned 0x2e02d0
[0315.668] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2e02d0, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0315.670] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0315.670] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0315.670] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0315.670] GetWindowRect (in: hWnd=0x3302c8, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0315.670] GetParent (hWnd=0x3302c8) returned 0x2e02d0
[0315.671] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2e02d0, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0315.671] SendMessageW (hWnd=0x3302c8, Msg=0x2210, wParam=0x2c80001, lParam=0x3302c8) returned 0x0
[0315.671] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x2210, wParam=0x2c80001, lParam=0x3302c8) returned 0x0
[0315.671] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.671] GetParent (hWnd=0x3302c8) returned 0x2e02d0
[0315.671] GdipCreateFromHWND (hwnd=0x3302c8, graphics=0xd7e844) returned 0x0
[0315.671] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0315.672] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.672] GetForegroundWindow () returned 0x7005c
[0315.672] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.672] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.672] GetSystemMetrics (nIndex=42) returned 0
[0315.672] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.672] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0315.672] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.672] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.672] GetSystemMetrics (nIndex=42) returned 0
[0315.672] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.672] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0315.672] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.673] GetCursorPos (in: lpPoint=0x2e0578c | out: lpPoint=0x2e0578c*(x=245, y=628)) returned 1
[0315.673] MonitorFromPoint (pt=0xf5, dwFlags=0x274) returned 0x10001
[0315.673] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0315.673] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8d0107eb
[0315.673] GetDeviceCaps (hdc=0x8d0107eb, index=12) returned 32
[0315.673] GetDeviceCaps (hdc=0x8d0107eb, index=14) returned 1
[0315.673] DeleteDC (hdc=0x8d0107eb) returned 1
[0315.673] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0315.673] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0315.673] GetSystemMetrics (nIndex=59) returned 1460
[0315.673] GetSystemMetrics (nIndex=60) returned 920
[0315.673] GetSystemMetrics (nIndex=34) returned 136
[0315.673] GetSystemMetrics (nIndex=35) returned 39
[0315.674] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.674] GetCursorPos (in: lpPoint=0x2e059f8 | out: lpPoint=0x2e059f8*(x=245, y=628)) returned 1
[0315.674] MonitorFromPoint (pt=0xf5, dwFlags=0x274) returned 0x10001
[0315.674] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0315.674] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8e0107eb
[0315.674] GetDeviceCaps (hdc=0x8e0107eb, index=12) returned 32
[0315.674] GetDeviceCaps (hdc=0x8e0107eb, index=14) returned 1
[0315.674] DeleteDC (hdc=0x8e0107eb) returned 1
[0315.674] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0315.674] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0315.675] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.675] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0315.675] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e05c90 | out: piconinfo=0x2e05c90) returned 1
[0315.675] GetObjectW (in: h=0xc40505d8, c=24, pv=0x2e05cac | out: pv=0x2e05cac) returned 24
[0315.675] GdipCreateBitmapFromHBITMAP (hbm=0xc40505d8, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0315.675] GdipGetImageWidth (image=0x66030e8, width=0xd7e750) returned 0x0
[0315.675] GdipGetImageHeight (image=0x66030e8, height=0xd7e748) returned 0x0
[0315.675] GdipGetImagePixelFormat (image=0x66030e8, format=0xd7e740) returned 0x0
[0315.675] GdipBitmapLockBits (bitmap=0x66030e8, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e05d64) returned 0x0
[0315.676] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0315.676] GdipBitmapLockBits (bitmap=0x6603430, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e05d9c) returned 0x0
[0315.676] RtlMoveMemory (in: Destination=0x6662f68, Source=0x6662ee0, Length=0x80 | out: Destination=0x6662f68)
[0315.676] RtlMoveMemory (in: Destination=0x6662fe8, Source=0x6662e60, Length=0x80 | out: Destination=0x6662fe8)
[0315.676] RtlMoveMemory (in: Destination=0x6663068, Source=0x6662de0, Length=0x80 | out: Destination=0x6663068)
[0315.676] RtlMoveMemory (in: Destination=0x66630e8, Source=0x6662d60, Length=0x80 | out: Destination=0x66630e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663168, Source=0x6662ce0, Length=0x80 | out: Destination=0x6663168)
[0315.676] RtlMoveMemory (in: Destination=0x66631e8, Source=0x6662c60, Length=0x80 | out: Destination=0x66631e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663268, Source=0x6662be0, Length=0x80 | out: Destination=0x6663268)
[0315.676] RtlMoveMemory (in: Destination=0x66632e8, Source=0x6662b60, Length=0x80 | out: Destination=0x66632e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663368, Source=0x6662ae0, Length=0x80 | out: Destination=0x6663368)
[0315.676] RtlMoveMemory (in: Destination=0x66633e8, Source=0x6662a60, Length=0x80 | out: Destination=0x66633e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663468, Source=0x66629e0, Length=0x80 | out: Destination=0x6663468)
[0315.676] RtlMoveMemory (in: Destination=0x66634e8, Source=0x6662960, Length=0x80 | out: Destination=0x66634e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663568, Source=0x66628e0, Length=0x80 | out: Destination=0x6663568)
[0315.676] RtlMoveMemory (in: Destination=0x66635e8, Source=0x6662860, Length=0x80 | out: Destination=0x66635e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663668, Source=0x66627e0, Length=0x80 | out: Destination=0x6663668)
[0315.676] RtlMoveMemory (in: Destination=0x66636e8, Source=0x6662760, Length=0x80 | out: Destination=0x66636e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663768, Source=0x66626e0, Length=0x80 | out: Destination=0x6663768)
[0315.676] RtlMoveMemory (in: Destination=0x66637e8, Source=0x6662660, Length=0x80 | out: Destination=0x66637e8)
[0315.676] RtlMoveMemory (in: Destination=0x6663868, Source=0x66625e0, Length=0x80 | out: Destination=0x6663868)
[0315.677] RtlMoveMemory (in: Destination=0x66638e8, Source=0x6662560, Length=0x80 | out: Destination=0x66638e8)
[0315.677] RtlMoveMemory (in: Destination=0x6663968, Source=0x66624e0, Length=0x80 | out: Destination=0x6663968)
[0315.677] RtlMoveMemory (in: Destination=0x66639e8, Source=0x6662460, Length=0x80 | out: Destination=0x66639e8)
[0315.677] RtlMoveMemory (in: Destination=0x6663a68, Source=0x66623e0, Length=0x80 | out: Destination=0x6663a68)
[0315.677] RtlMoveMemory (in: Destination=0x6663ae8, Source=0x6662360, Length=0x80 | out: Destination=0x6663ae8)
[0315.677] RtlMoveMemory (in: Destination=0x6663b68, Source=0x66622e0, Length=0x80 | out: Destination=0x6663b68)
[0315.677] RtlMoveMemory (in: Destination=0x6663be8, Source=0x6662260, Length=0x80 | out: Destination=0x6663be8)
[0315.677] RtlMoveMemory (in: Destination=0x6663c68, Source=0x66621e0, Length=0x80 | out: Destination=0x6663c68)
[0315.677] RtlMoveMemory (in: Destination=0x6663ce8, Source=0x6662160, Length=0x80 | out: Destination=0x6663ce8)
[0315.677] RtlMoveMemory (in: Destination=0x6663d68, Source=0x66620e0, Length=0x80 | out: Destination=0x6663d68)
[0315.677] RtlMoveMemory (in: Destination=0x6663de8, Source=0x6662060, Length=0x80 | out: Destination=0x6663de8)
[0315.677] RtlMoveMemory (in: Destination=0x6663e68, Source=0x6661fe0, Length=0x80 | out: Destination=0x6663e68)
[0315.677] RtlMoveMemory (in: Destination=0x6663ee8, Source=0x6661f60, Length=0x80 | out: Destination=0x6663ee8)
[0315.677] GdipBitmapUnlockBits (bitmap=0x66030e8, lockedBitmapData=0x2e05d64) returned 0x0
[0315.677] GdipBitmapUnlockBits (bitmap=0x6603430, lockedBitmapData=0x2e05d9c) returned 0x0
[0315.677] GdipDisposeImage (image=0x66030e8) returned 0x0
[0315.677] DeleteObject (ho=0xc40505d8) returned 1
[0315.677] DeleteObject (ho=0x8f0507eb) returned 1
[0315.677] GetCurrentThreadId () returned 0xf50
[0315.677] GetCurrentThreadId () returned 0xf50
[0315.677] SetWindowPos (hWnd=0x3302c8, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0315.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0315.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0315.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0315.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0315.678] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0315.678] GetWindowRect (in: hWnd=0x3302c8, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0315.678] GetParent (hWnd=0x3302c8) returned 0x2e02d0
[0315.678] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2e02d0, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0315.678] InvalidateRect (hWnd=0x3302c8, lpRect=0x0, bErase=1) returned 1
[0315.678] GetWindowTextLengthW (hWnd=0x3302c8) returned 0
[0315.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0315.678] GetSystemMetrics (nIndex=42) returned 0
[0315.678] GetWindowTextW (in: hWnd=0x3302c8, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0315.678] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0315.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0315.679] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0315.679] GetWindowRect (in: hWnd=0x3302c8, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0315.679] GetParent (hWnd=0x3302c8) returned 0x2e02d0
[0315.679] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x2e02d0, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0315.679] GetWindowTextLengthW (hWnd=0x3302c8) returned 0
[0315.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0315.679] GetSystemMetrics (nIndex=42) returned 0
[0315.679] GetWindowTextW (in: hWnd=0x3302c8, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0315.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0315.679] GetWindowTextLengthW (hWnd=0x3302c8) returned 0
[0315.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0315.679] GetSystemMetrics (nIndex=42) returned 0
[0315.679] GetWindowTextW (in: hWnd=0x3302c8, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0315.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0315.679] SetWindowTextW (hWnd=0x3302c8, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0315.679] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xc, wParam=0x0, lParam=0x2de6bf8) returned 0x1
[0315.679] InvalidateRect (hWnd=0x3302c8, lpRect=0x0, bErase=1) returned 1
[0315.679] GetCurrentThreadId () returned 0xf50
[0315.679] GetWindowThreadProcessId (in: hWnd=0x3302c8, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0315.680] GdipCreateBitmapFromStream (stream=0x509fff0, bitmap=0xd7e840) returned 0x0
[0315.681] GdipImageForceValidation (image=0x66019f0) returned 0x0
[0315.682] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0315.682] GdipGetImageHeight (image=0x66019f0, height=0xd7e824) returned 0x0
[0315.683] GdipGetImageWidth (image=0x66019f0, width=0xd7e824) returned 0x0
[0315.683] GdipGetImageWidth (image=0x66019f0, width=0xd7e810) returned 0x0
[0315.683] GdipGetImageHeight (image=0x66019f0, height=0xd7e810) returned 0x0
[0315.683] GdipGetImageWidth (image=0x66019f0, width=0xd7e800) returned 0x0
[0315.683] GdipGetImageHeight (image=0x66019f0, height=0xd7e800) returned 0x0
[0315.683] GdipBitmapGetPixel (bitmap=0x66019f0, x=0, y=15, color=0xd7e810) returned 0x0
[0315.683] GdipGetImageRawFormat (image=0x66019f0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0315.683] GdipGetImageWidth (image=0x66019f0, width=0xd7e740) returned 0x0
[0315.683] GdipGetImageHeight (image=0x66019f0, height=0xd7e740) returned 0x0
[0315.683] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0315.683] GdipGetImagePixelFormat (image=0x66030e8, format=0xd7e740) returned 0x0
[0315.683] GdipGetImageGraphicsContext (image=0x66030e8, graphics=0xd7e74c) returned 0x0
[0315.683] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0315.683] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0315.683] GdipSetImageAttributesColorKeys (imageattr=0x6638ba8, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0315.683] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66019f0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638ba8, callback=0x0, callbackData=0x0) returned 0x0
[0315.683] GdipDisposeImageAttributes (imageattr=0x6638ba8) returned 0x0
[0315.683] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.684] GdipDisposeImage (image=0x66019f0) returned 0x0
[0315.684] GdipCreateBitmapFromStream (stream=0x5090010, bitmap=0xd7e840) returned 0x0
[0315.685] GdipImageForceValidation (image=0x6603778) returned 0x0
[0315.686] GdipGetImageRawFormat (image=0x6603778, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0315.686] GdipGetImageHeight (image=0x6603778, height=0xd7e824) returned 0x0
[0315.686] GdipGetImageWidth (image=0x6603778, width=0xd7e824) returned 0x0
[0315.686] GdipGetImageWidth (image=0x6603778, width=0xd7e810) returned 0x0
[0315.686] GdipGetImageHeight (image=0x6603778, height=0xd7e810) returned 0x0
[0315.686] GdipGetImageWidth (image=0x6603778, width=0xd7e800) returned 0x0
[0315.686] GdipGetImageHeight (image=0x6603778, height=0xd7e800) returned 0x0
[0315.687] GdipBitmapGetPixel (bitmap=0x6603778, x=0, y=15, color=0xd7e810) returned 0x0
[0315.687] GdipGetImageRawFormat (image=0x6603778, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0315.687] GdipGetImageWidth (image=0x6603778, width=0xd7e740) returned 0x0
[0315.687] GdipGetImageHeight (image=0x6603778, height=0xd7e740) returned 0x0
[0315.687] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0315.687] GdipGetImagePixelFormat (image=0x66019f0, format=0xd7e740) returned 0x0
[0315.687] GdipGetImageGraphicsContext (image=0x66019f0, graphics=0xd7e74c) returned 0x0
[0315.687] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0315.687] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0315.687] GdipSetImageAttributesColorKeys (imageattr=0x6638d88, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0315.687] GdipDrawImageRectRectI (graphics=0x6600030, image=0x6603778, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d88, callback=0x0, callbackData=0x0) returned 0x0
[0315.687] GdipDisposeImageAttributes (imageattr=0x6638d88) returned 0x0
[0315.687] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.687] GdipDisposeImage (image=0x6603778) returned 0x0
[0315.688] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.688] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0315.688] GetCurrentThreadId () returned 0xf50
[0315.688] GetCurrentThreadId () returned 0xf50
[0315.688] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.688] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0315.688] GetCurrentThreadId () returned 0xf50
[0315.688] GetCurrentThreadId () returned 0xf50
[0315.688] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.689] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0315.689] GetCurrentThreadId () returned 0xf50
[0315.689] GetCurrentThreadId () returned 0xf50
[0315.689] GetSystemMetrics (nIndex=5) returned 1
[0315.689] GetSystemMetrics (nIndex=6) returned 1
[0315.689] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.689] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0315.689] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.689] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0315.689] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.689] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0315.689] GetCurrentThreadId () returned 0xf50
[0315.689] GetCurrentThreadId () returned 0xf50
[0315.690] GetProcessWindowStation () returned 0x13c
[0315.690] GetCapture () returned 0x0
[0315.690] GetActiveWindow () returned 0x7005c
[0315.690] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0315.690] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.690] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0315.690] GetCursorPos (in: lpPoint=0x2e06edc | out: lpPoint=0x2e06edc*(x=245, y=628)) returned 1
[0315.690] MonitorFromPoint (pt=0xf8, dwFlags=0x274) returned 0x10001
[0315.690] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0315.690] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x900107eb
[0315.690] GetDeviceCaps (hdc=0x900107eb, index=12) returned 32
[0315.690] GetDeviceCaps (hdc=0x900107eb, index=14) returned 1
[0315.690] DeleteDC (hdc=0x900107eb) returned 1
[0315.691] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0315.691] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.691] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3902dc
[0315.691] SetWindowLongW (hWnd=0x3902dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0315.691] GetWindowLongW (hWnd=0x3902dc, nIndex=-4) returned 1950089536
[0315.692] SetWindowLongW (hWnd=0x3902dc, nIndex=-4, dwNewLong=19941910) returned 1950089536
[0315.692] GetWindowLongW (hWnd=0x3902dc, nIndex=-4) returned 19941910
[0315.692] GetWindowLongW (hWnd=0x3902dc, nIndex=-16) returned 113770496
[0315.692] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0315.693] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0315.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0315.694] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0315.694] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0315.694] SetWindowTextW (hWnd=0x3902dc, lpString="BB ransomware") returned 1
[0315.694] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xc, wParam=0x0, lParam=0x2e05678) returned 0x1
[0315.694] GetStartupInfoW (in: lpStartupInfo=0x2e07218 | out: lpStartupInfo=0x2e07218*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0315.695] GetParent (hWnd=0x3902dc) returned 0x0
[0315.695] SetWindowLongW (hWnd=0x3902dc, nIndex=-8, dwNewLong=0) returned 0
[0315.696] SendMessageW (hWnd=0x3902dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0315.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0315.696] SendMessageW (hWnd=0x3902dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0315.696] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0315.696] GetSystemMenu (hWnd=0x3902dc, bRevert=0) returned 0x104020f
[0315.697] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0315.697] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0315.697] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0315.697] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0315.697] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0315.697] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0315.697] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0315.697] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0315.697] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0315.697] SetWindowPos (hWnd=0x3902dc, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0315.697] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0315.698] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3902dc) returned 0x1
[0315.700] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0315.700] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0315.704] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0315.704] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0315.704] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0315.706] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3902dc, lParam=0x0) returned 0x0
[0315.706] GetCapture () returned 0x0
[0315.706] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0315.707] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0315.708] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0315.709] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0315.709] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0315.709] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0315.709] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0315.710] GetParent (hWnd=0x3902dc) returned 0x0
[0315.710] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0315.710] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0315.712] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0315.712] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0315.712] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0315.712] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0315.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0315.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0315.713] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0315.714] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.714] GetWindowLongW (hWnd=0x3902dc, nIndex=-16) returned 113770496
[0315.714] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.714] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.714] GetSystemMetrics (nIndex=42) returned 0
[0315.715] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0315.715] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.715] GetSystemMetrics (nIndex=42) returned 0
[0315.715] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.715] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0315.715] GetCursorPos (in: lpPoint=0x2e07454 | out: lpPoint=0x2e07454*(x=245, y=628)) returned 1
[0315.715] MonitorFromPoint (pt=0xf5, dwFlags=0x274) returned 0x10001
[0315.715] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0315.715] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x2c010793
[0315.715] GetDeviceCaps (hdc=0x2c010793, index=12) returned 32
[0315.715] GetDeviceCaps (hdc=0x2c010793, index=14) returned 1
[0315.715] DeleteDC (hdc=0x2c010793) returned 1
[0315.715] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0315.722] GetWindowLongW (hWnd=0x3902dc, nIndex=-16) returned 113770496
[0315.722] GetWindowLongW (hWnd=0x3902dc, nIndex=-20) returned 327945
[0315.722] SetWindowLongW (hWnd=0x3902dc, nIndex=-16, dwNewLong=46661632) returned 113770496
[0315.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0315.722] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0315.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0315.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0315.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0315.724] SetWindowLongW (hWnd=0x3902dc, nIndex=-20, dwNewLong=327681) returned 327945
[0315.724] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0315.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0315.725] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0315.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0315.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0315.726] SetWindowPos (hWnd=0x3902dc, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0315.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0315.726] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0315.727] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0315.727] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0315.727] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0315.727] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0315.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0315.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0315.728] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0315.728] RedrawWindow (hWnd=0x3902dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0315.728] GetSystemMenu (hWnd=0x3902dc, bRevert=0) returned 0x104020f
[0315.729] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0315.729] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0315.729] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0315.729] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0315.729] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0315.729] EnableMenuItem (hMenu=0x104020f, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0315.729] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0315.729] GetWindowLongW (hWnd=0x3902dc, nIndex=-8) returned 0
[0315.729] SetWindowLongW (hWnd=0x3902dc, nIndex=-8, dwNewLong=458844) returned 0
[0315.730] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0315.730] GetProcessWindowStation () returned 0x13c
[0315.730] GetCurrentThreadId () returned 0xf50
[0315.730] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x13049c6, lParam=0x0) returned 1
[0315.730] IsWindowVisible (hWnd=0x3902dc) returned 0
[0315.730] IsWindowVisible (hWnd=0x7005c) returned 1
[0315.730] IsWindowEnabled (hWnd=0x7005c) returned 1
[0315.730] IsWindowVisible (hWnd=0x300ec) returned 0
[0315.730] IsWindowVisible (hWnd=0x502c6) returned 0
[0315.730] IsWindowVisible (hWnd=0x502be) returned 0
[0315.730] GetActiveWindow () returned 0x3902dc
[0315.730] GetFocus () returned 0x3902dc
[0315.730] IsWindow (hWnd=0x7005c) returned 1
[0315.730] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0315.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0315.731] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0315.732] GetWindowLongW (hWnd=0x3902dc, nIndex=-8) returned 458844
[0315.732] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0315.732] GetCurrentThreadId () returned 0xf50
[0315.732] GetWindowLongW (hWnd=0x3902dc, nIndex=-8) returned 458844
[0315.732] IsWindowEnabled (hWnd=0x7005c) returned 0
[0315.732] IsWindowEnabled (hWnd=0x3902dc) returned 1
[0315.732] ShowWindow (hWnd=0x3902dc, nCmdShow=5) returned 0
[0315.732] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.732] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0315.733] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.733] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.733] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3902dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3c00ea
[0315.733] SetWindowLongW (hWnd=0x3c00ea, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0315.733] GetWindowLongW (hWnd=0x3c00ea, nIndex=-4) returned 1950089536
[0315.734] SetWindowLongW (hWnd=0x3c00ea, nIndex=-4, dwNewLong=19941990) returned 1950089536
[0315.734] GetWindowLongW (hWnd=0x3c00ea, nIndex=-4) returned 19941990
[0315.734] GetWindowLongW (hWnd=0x3c00ea, nIndex=-16) returned 1174405120
[0315.734] GetWindowLongW (hWnd=0x3c00ea, nIndex=-12) returned 0
[0315.734] SetWindowLongW (hWnd=0x3c00ea, nIndex=-12, dwNewLong=3932394) returned 0
[0315.734] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0315.734] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0315.734] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0315.734] GetWindow (hWnd=0x3c00ea, uCmd=0x3) returned 0x0
[0315.734] GetClientRect (in: hWnd=0x3c00ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0315.734] GetWindowRect (in: hWnd=0x3c00ea, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0315.734] GetParent (hWnd=0x3c00ea) returned 0x3902dc
[0315.734] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0315.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0315.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0315.736] GetClientRect (in: hWnd=0x3c00ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0315.736] GetWindowRect (in: hWnd=0x3c00ea, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0315.736] GetParent (hWnd=0x3c00ea) returned 0x3902dc
[0315.736] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0315.736] SendMessageW (hWnd=0x3c00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3c00ea) returned 0x0
[0315.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3c00ea) returned 0x0
[0315.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.736] GetParent (hWnd=0x3c00ea) returned 0x3902dc
[0315.736] GetParent (hWnd=0x3302c8) returned 0x2e02d0
[0315.736] SetParent (hWndChild=0x3302c8, hWndNewParent=0x3902dc) returned 0x2e02d0
[0315.736] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0315.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0315.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0315.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0315.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0315.737] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0315.737] GetWindowRect (in: hWnd=0x3302c8, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0315.737] GetParent (hWnd=0x3302c8) returned 0x3902dc
[0315.737] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0315.737] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0315.737] GetWindowRect (in: hWnd=0x3302c8, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0315.737] GetParent (hWnd=0x3302c8) returned 0x3902dc
[0315.737] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0315.737] GetParent (hWnd=0x3302c8) returned 0x3902dc
[0315.737] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.738] GetWindow (hWnd=0x3302c8, uCmd=0x3) returned 0x0
[0315.738] SetWindowPos (hWnd=0x3302c8, hWndInsertAfter=0x3c00ea, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0315.738] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0315.738] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0315.738] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0315.738] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0315.738] GetWindowRect (in: hWnd=0x3302c8, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0315.738] GetParent (hWnd=0x3302c8) returned 0x3902dc
[0315.738] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0315.738] GetParent (hWnd=0x3302c8) returned 0x3902dc
[0315.738] GetWindow (hWnd=0x3302c8, uCmd=0x3) returned 0x3c00ea
[0315.738] GetWindowThreadProcessId (in: hWnd=0x3302c8, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0315.738] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0315.739] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.739] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.739] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3902dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3b02d8
[0315.739] SetWindowLongW (hWnd=0x3b02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0315.740] GetWindowLongW (hWnd=0x3b02d8, nIndex=-4) returned 1868032000
[0315.740] SetWindowLongW (hWnd=0x3b02d8, nIndex=-4, dwNewLong=19941870) returned 1868032000
[0315.740] GetWindowLongW (hWnd=0x3b02d8, nIndex=-4) returned 19941870
[0315.740] GetWindowLongW (hWnd=0x3b02d8, nIndex=-16) returned 1174470667
[0315.740] GetWindowLongW (hWnd=0x3b02d8, nIndex=-12) returned 0
[0315.740] SetWindowLongW (hWnd=0x3b02d8, nIndex=-12, dwNewLong=3867352) returned 0
[0315.740] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0315.740] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0315.741] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0315.741] SendMessageW (hWnd=0x3b02d8, Msg=0x2055, wParam=0x3b02d8, lParam=0x3) returned 0x2
[0315.741] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0315.742] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0315.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0315.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0315.742] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0315.742] RedrawWindow (hWnd=0x3c00ea, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0315.742] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0315.742] RedrawWindow (hWnd=0x3302c8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0315.742] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0315.742] RedrawWindow (hWnd=0x3b02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0315.742] RedrawWindow (hWnd=0x3902dc, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0315.742] GetWindow (hWnd=0x3b02d8, uCmd=0x3) returned 0x3302c8
[0315.742] GetClientRect (in: hWnd=0x3b02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0315.742] GetWindowRect (in: hWnd=0x3b02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0315.742] GetParent (hWnd=0x3b02d8) returned 0x3902dc
[0315.742] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0315.743] SetWindowTextW (hWnd=0x3b02d8, lpString="&Details") returned 1
[0315.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0315.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0315.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0315.743] GetClientRect (in: hWnd=0x3b02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0315.743] GetWindowRect (in: hWnd=0x3b02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0315.743] GetParent (hWnd=0x3b02d8) returned 0x3902dc
[0315.743] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0315.743] SendMessageW (hWnd=0x3b02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3b02d8) returned 0x0
[0315.743] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3b02d8) returned 0x0
[0315.744] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.744] GetParent (hWnd=0x3b02d8) returned 0x3902dc
[0315.744] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0315.744] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.744] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.744] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3902dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f02ce
[0315.745] SetWindowLongW (hWnd=0x2f02ce, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0315.745] GetWindowLongW (hWnd=0x2f02ce, nIndex=-4) returned 1868032000
[0315.745] SetWindowLongW (hWnd=0x2f02ce, nIndex=-4, dwNewLong=19942310) returned 1868032000
[0315.745] GetWindowLongW (hWnd=0x2f02ce, nIndex=-4) returned 19942310
[0315.745] GetWindowLongW (hWnd=0x2f02ce, nIndex=-16) returned 1174470667
[0315.745] GetWindowLongW (hWnd=0x2f02ce, nIndex=-12) returned 0
[0315.745] SetWindowLongW (hWnd=0x2f02ce, nIndex=-12, dwNewLong=3080910) returned 0
[0315.745] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0315.746] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0315.746] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0315.747] SendMessageW (hWnd=0x2f02ce, Msg=0x2055, wParam=0x2f02ce, lParam=0x3) returned 0x2
[0315.747] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0315.780] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0315.780] GetWindow (hWnd=0x2f02ce, uCmd=0x3) returned 0x3b02d8
[0315.780] GetClientRect (in: hWnd=0x2f02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0315.780] GetWindowRect (in: hWnd=0x2f02ce, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0315.780] GetParent (hWnd=0x2f02ce) returned 0x3902dc
[0315.780] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0315.780] SetWindowTextW (hWnd=0x2f02ce, lpString="&Continue") returned 1
[0315.780] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0315.781] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0315.781] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0315.781] GetClientRect (in: hWnd=0x2f02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0315.781] GetWindowRect (in: hWnd=0x2f02ce, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0315.781] GetParent (hWnd=0x2f02ce) returned 0x3902dc
[0315.781] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0315.781] SendMessageW (hWnd=0x2f02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2f02ce) returned 0x0
[0315.781] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x2f02ce) returned 0x0
[0315.781] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.781] GetParent (hWnd=0x2f02ce) returned 0x3902dc
[0315.781] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0315.782] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.782] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.782] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3902dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3902de
[0315.783] SetWindowLongW (hWnd=0x3902de, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0315.783] GetWindowLongW (hWnd=0x3902de, nIndex=-4) returned 1868032000
[0315.783] SetWindowLongW (hWnd=0x3902de, nIndex=-4, dwNewLong=19942070) returned 1868032000
[0315.783] GetWindowLongW (hWnd=0x3902de, nIndex=-4) returned 19942070
[0315.783] GetWindowLongW (hWnd=0x3902de, nIndex=-16) returned 1174470667
[0315.783] GetWindowLongW (hWnd=0x3902de, nIndex=-12) returned 0
[0315.783] SetWindowLongW (hWnd=0x3902de, nIndex=-12, dwNewLong=3736286) returned 0
[0315.783] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0315.784] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0315.784] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0315.785] SendMessageW (hWnd=0x3902de, Msg=0x2055, wParam=0x3902de, lParam=0x3) returned 0x2
[0315.785] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0315.785] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0315.785] GetWindow (hWnd=0x3902de, uCmd=0x3) returned 0x2f02ce
[0315.785] GetClientRect (in: hWnd=0x3902de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0315.785] GetWindowRect (in: hWnd=0x3902de, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0315.785] GetParent (hWnd=0x3902de) returned 0x3902dc
[0315.785] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0315.785] SetWindowTextW (hWnd=0x3902de, lpString="&Quit") returned 1
[0315.785] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0315.785] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0315.786] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0315.786] GetClientRect (in: hWnd=0x3902de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0315.786] GetWindowRect (in: hWnd=0x3902de, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0315.786] GetParent (hWnd=0x3902de) returned 0x3902dc
[0315.786] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0315.786] SendMessageW (hWnd=0x3902de, Msg=0x2210, wParam=0x2de0001, lParam=0x3902de) returned 0x0
[0315.786] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x2210, wParam=0x2de0001, lParam=0x3902de) returned 0x0
[0315.786] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.786] GetParent (hWnd=0x3902de) returned 0x3902dc
[0315.786] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0315.786] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.787] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0315.787] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3902dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3902da
[0315.787] SetWindowLongW (hWnd=0x3902da, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0315.787] GetWindowLongW (hWnd=0x3902da, nIndex=-4) returned 1868026976
[0315.787] SetWindowLongW (hWnd=0x3902da, nIndex=-4, dwNewLong=19942030) returned 1868026976
[0315.787] GetWindowLongW (hWnd=0x3902da, nIndex=-4) returned 19942030
[0315.788] GetWindowLongW (hWnd=0x3902da, nIndex=-16) returned 1177553092
[0315.788] GetWindowLongW (hWnd=0x3902da, nIndex=-12) returned 0
[0315.788] SetWindowLongW (hWnd=0x3902da, nIndex=-12, dwNewLong=3736282) returned 0
[0315.788] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0315.788] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0315.789] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0315.804] GetWindow (hWnd=0x3902da, uCmd=0x3) returned 0x3902de
[0315.804] GetClientRect (in: hWnd=0x3902da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0315.804] GetWindowRect (in: hWnd=0x3902da, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0315.804] GetParent (hWnd=0x3902da) returned 0x3902dc
[0315.804] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0315.804] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.804] GetSystemMetrics (nIndex=42) returned 0
[0315.804] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.804] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0315.804] SendMessageW (hWnd=0x3902da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0315.804] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0315.813] SetWindowTextW (hWnd=0x3902da, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0315.813] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0xc, wParam=0x0, lParam=0x2e03060) returned 0x1
[0315.815] GetSystemMetrics (nIndex=5) returned 1
[0315.815] GetSystemMetrics (nIndex=6) returned 1
[0315.815] SendMessageW (hWnd=0x3902da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0315.815] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0315.815] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0315.816] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0315.816] GetClientRect (in: hWnd=0x3902da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0315.816] GetWindowRect (in: hWnd=0x3902da, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0315.816] GetParent (hWnd=0x3902da) returned 0x3902dc
[0315.816] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3902dc, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0315.816] SendMessageW (hWnd=0x3902da, Msg=0x2210, wParam=0x2da0001, lParam=0x3902da) returned 0x0
[0315.816] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x2210, wParam=0x2da0001, lParam=0x3902da) returned 0x0
[0315.816] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0315.817] GetParent (hWnd=0x3902da) returned 0x3902dc
[0315.817] GetWindowLongW (hWnd=0x3902dc, nIndex=-8) returned 458844
[0315.817] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0315.817] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0315.817] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x33010793
[0315.817] GetDeviceCaps (hdc=0x33010793, index=12) returned 32
[0315.817] GetDeviceCaps (hdc=0x33010793, index=14) returned 1
[0315.817] DeleteDC (hdc=0x33010793) returned 1
[0315.817] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0315.817] GetWindowThreadProcessId (in: hWnd=0x3902dc, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0315.817] GetCurrentThreadId () returned 0xf50
[0315.817] PostMessageW (hWnd=0x3902dc, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0315.817] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.818] GetSystemMetrics (nIndex=42) returned 0
[0315.818] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0315.818] GdipImageGetFrameDimensionsCount (image=0x6603430, count=0xd7e25c) returned 0x0
[0315.818] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201178
[0315.818] GdipImageGetFrameDimensionsList (image=0x6603430, dimensionIDs=0x1201178*(Data1=0x12011f0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0315.818] LocalFree (hMem=0x1201178) returned 0x0
[0315.818] GdipImageGetFrameDimensionsCount (image=0x66030e8, count=0xd7e250) returned 0x0
[0315.818] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201040
[0315.818] GdipImageGetFrameDimensionsList (image=0x66030e8, dimensionIDs=0x1201040*(Data1=0x1201058, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0315.818] LocalFree (hMem=0x1201040) returned 0x0
[0315.818] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0315.818] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0315.819] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0315.832] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0315.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0315.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0315.833] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0315.833] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0315.833] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0315.834] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.834] GetSystemMetrics (nIndex=42) returned 0
[0315.834] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0315.834] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0315.834] GetCurrentObject (hdc=0xc0107c5, type=0x1) returned 0xb00017
[0315.834] GetCurrentObject (hdc=0xc0107c5, type=0x2) returned 0x900010
[0315.834] GetCurrentObject (hdc=0xc0107c5, type=0x7) returned 0xa050173
[0315.834] GetCurrentObject (hdc=0xc0107c5, type=0x6) returned 0x8a01c2
[0315.834] SaveDC (hdc=0xc0107c5) returned 1
[0315.834] GetNearestColor (hdc=0xc0107c5, color=0xf0f0f0) returned 0xf0f0f0
[0315.834] CreateSolidBrush (color=0xf0f0f0) returned 0x921007e1
[0315.834] FillRect (hDC=0xc0107c5, lprc=0xd7e1b8, hbr=0x921007e1) returned 1
[0315.834] DeleteObject (ho=0x921007e1) returned 1
[0315.834] RestoreDC (hdc=0xc0107c5, nSavedDC=-1) returned 1
[0315.834] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0315.835] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0315.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0315.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0315.835] GetStockObject (i=5) returned 0x900015
[0315.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0315.835] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0315.835] GetStockObject (i=5) returned 0x900015
[0315.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0315.836] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x14, wParam=0xc0107c5, lParam=0x0) returned 0x1
[0315.836] GetStockObject (i=5) returned 0x900015
[0315.836] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0315.836] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0315.836] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0315.836] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0315.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0315.837] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0315.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0315.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0315.838] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0315.838] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0315.838] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0315.838] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0315.838] InvalidateRect (hWnd=0x3b02d8, lpRect=0x0, bErase=0) returned 1
[0315.838] GetFocus () returned 0x3902dc
[0315.838] GetFocus () returned 0x3902dc
[0315.838] SetFocus (hWnd=0x3b02d8) returned 0x3902dc
[0315.839] GetFocus () returned 0x3b02d8
[0315.839] IsChild (hWndParent=0x3902dc, hWnd=0x3b02d8) returned 1
[0315.839] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x8, wParam=0x3b02d8, lParam=0x0) returned 0x0
[0315.840] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0315.841] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0315.842] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0315.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x7, wParam=0x3902dc, lParam=0x0) returned 0x0
[0315.843] GetStockObject (i=5) returned 0x900015
[0315.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0315.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0315.843] GetDlgItem (hDlg=0x3902dc, nIDDlgItem=3867352) returned 0x3b02d8
[0315.843] SendMessageW (hWnd=0x3b02d8, Msg=0x202b, wParam=0x3b02d8, lParam=0xd7e0dc) returned 0x0
[0315.843] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x202b, wParam=0x3b02d8, lParam=0xd7e0dc) returned 0x0
[0315.843] InvalidateRect (hWnd=0x3b02d8, lpRect=0x0, bErase=0) returned 1
[0315.845] GetFocus () returned 0x3b02d8
[0315.845] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.845] IsWindowUnicode (hWnd=0x3902dc) returned 1
[0315.845] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.845] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.845] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.845] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0315.845] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.845] IsWindowUnicode (hWnd=0x3902dc) returned 1
[0315.845] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.845] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.845] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.845] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.846] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0315.846] IsWindowUnicode (hWnd=0x3902dc) returned 1
[0315.846] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.846] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.846] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.846] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.846] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.846] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.846] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.846] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.846] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0315.846] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0315.846] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.847] IsWindowUnicode (hWnd=0x3902dc) returned 1
[0315.847] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.847] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.847] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.847] BeginPaint (in: hWnd=0x3902dc, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xf0105ee
[0315.848] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.848] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.848] GetSystemMetrics (nIndex=42) returned 0
[0315.848] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.848] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0315.848] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.848] EndPaint (hWnd=0x3902dc, lpPaint=0xd7e274) returned 1
[0315.849] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.849] IsWindowUnicode (hWnd=0x3c00ea) returned 1
[0315.849] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.849] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.849] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.849] BeginPaint (in: hWnd=0x3c00ea, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x60100ce
[0315.849] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.849] CreateCompatibleDC (hdc=0x60100ce) returned 0xe6010671
[0315.849] SelectObject (hdc=0xe6010671, h=0x4a0507fe) returned 0x85000f
[0315.849] GdipCreateFromHDC (hdc=0xe6010671, graphics=0xd7e2b0) returned 0x0
[0315.849] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.849] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0315.849] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0315.849] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0315.849] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7e310) returned 0x0
[0315.849] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0315.850] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee9f0) returned 0x0
[0315.850] LocalFree (hMem=0x11ee9f0) returned 0x0
[0315.850] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0315.850] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0315.850] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0315.850] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0315.850] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0315.850] GetWindowTextLengthW (hWnd=0x3c00ea) returned 0
[0315.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0315.850] GetSystemMetrics (nIndex=42) returned 0
[0315.850] GetWindowTextW (in: hWnd=0x3c00ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0315.850] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0315.850] GetClientRect (in: hWnd=0x3c00ea, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0315.850] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0315.850] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0315.850] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0315.850] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0315.850] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e164) returned 0x0
[0315.850] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.850] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0315.850] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.850] GdipCombineRegionRegion (region=0x6646b98, region2=0x6646cb8, combineMode=0x1) returned 0x0
[0315.850] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.850] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0315.851] LocalFree (hMem=0x11ee788) returned 0x0
[0315.851] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0315.851] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0315.851] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0315.851] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0315.851] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0315.851] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0315.851] GetCurrentObject (hdc=0xe6010671, type=0x1) returned 0xb00017
[0315.851] GetCurrentObject (hdc=0xe6010671, type=0x2) returned 0x900010
[0315.851] GetCurrentObject (hdc=0xe6010671, type=0x7) returned 0x4a0507fe
[0315.851] GetCurrentObject (hdc=0xe6010671, type=0x6) returned 0x8a01c2
[0315.851] SaveDC (hdc=0xe6010671) returned 1
[0315.851] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xe80407de
[0315.851] GetClipRgn (hdc=0xe6010671, hrgn=0xe80407de) returned 0
[0315.851] SelectClipRgn (hdc=0xe6010671, hrgn=0x6d040807) returned 2
[0315.851] DeleteObject (ho=0xe80407de) returned 1
[0315.851] DeleteObject (ho=0x6d040807) returned 1
[0315.851] OffsetViewportOrgEx (in: hdc=0xe6010671, x=0, y=0, lppt=0x2e08bc0 | out: lppt=0x2e08bc0) returned 1
[0315.851] GetNearestColor (hdc=0xe6010671, color=0xf0f0f0) returned 0xf0f0f0
[0315.851] CreateSolidBrush (color=0xf0f0f0) returned 0x931007e1
[0315.852] FillRect (hDC=0xe6010671, lprc=0xd7e198, hbr=0x931007e1) returned 1
[0315.852] DeleteObject (ho=0x931007e1) returned 1
[0315.852] RestoreDC (hdc=0xe6010671, nSavedDC=-1) returned 1
[0315.852] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010671) returned 0x0
[0315.852] GdipRestoreGraphics (graphics=0x6600030, state=0xf4ec0dbd) returned 0x0
[0315.852] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0315.852] GetWindowTextLengthW (hWnd=0x3c00ea) returned 0
[0315.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0315.852] GetSystemMetrics (nIndex=42) returned 0
[0315.852] GetWindowTextW (in: hWnd=0x3c00ea, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0315.852] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0315.852] GdipGetImageWidth (image=0x6603430, width=0xd7e1e0) returned 0x0
[0315.852] GdipGetImageHeight (image=0x6603430, height=0xd7e1e0) returned 0x0
[0315.852] GdipGetImageWidth (image=0x6603430, width=0xd7e1cc) returned 0x0
[0315.852] GdipGetImageHeight (image=0x6603430, height=0xd7e1cc) returned 0x0
[0315.852] GdipDrawImageRectI (graphics=0x6600030, image=0x6603430, x=16, y=16, width=32, height=32) returned 0x0
[0315.852] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0315.852] BitBlt (hdc=0x60100ce, x=0, y=0, cx=64, cy=64, hdcSrc=0xe6010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.852] GdipReleaseDC (graphics=0x6600030, hdc=0xe6010671) returned 0x0
[0315.852] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.853] SelectObject (hdc=0xe6010671, h=0x85000f) returned 0x4a0507fe
[0315.853] DeleteDC (hdc=0xe6010671) returned 1
[0315.853] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.853] EndPaint (hWnd=0x3c00ea, lpPaint=0xd7e294) returned 1
[0315.853] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.853] IsWindowUnicode (hWnd=0x3302c8) returned 1
[0315.853] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.853] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.853] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.853] BeginPaint (in: hWnd=0x3302c8, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0x107b9
[0315.853] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.853] CreateCompatibleDC (hdc=0x107b9) returned 0xe8010671
[0315.853] GetObjectType (h=0x107b9) returned 0x3
[0315.853] CreateCompatibleBitmap (hdc=0x107b9, cx=1, cy=1) returned 0x180507f4
[0315.854] GetDIBits (in: hdc=0x107b9, hbm=0x180507f4, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0315.854] GetDIBits (in: hdc=0x107b9, hbm=0x180507f4, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0315.854] DeleteObject (ho=0x180507f4) returned 1
[0315.854] CreateDIBSection (in: hdc=0x107b9, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0x3c050793
[0315.854] SelectObject (hdc=0xe8010671, h=0x3c050793) returned 0x85000f
[0315.854] GdipCreateFromHDC (hdc=0xe8010671, graphics=0xd7e234) returned 0x0
[0315.854] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.854] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0315.854] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0315.854] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0315.854] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e2d4) returned 0x0
[0315.854] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.854] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0315.855] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.855] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0315.855] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0315.855] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0315.855] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0315.855] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0315.855] GetWindowTextLengthW (hWnd=0x3302c8) returned 232
[0315.855] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0315.855] GetSystemMetrics (nIndex=42) returned 0
[0315.855] GetWindowTextW (in: hWnd=0x3302c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0315.855] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0315.855] GetClientRect (in: hWnd=0x3302c8, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0315.855] GdipCreateRegion (region=0xd7e110) returned 0x0
[0315.855] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.855] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0315.855] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0315.855] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e128) returned 0x0
[0315.855] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.855] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0315.855] LocalFree (hMem=0x11ee788) returned 0x0
[0315.855] GdipCombineRegionRegion (region=0x66463b8, region2=0x6646b98, combineMode=0x1) returned 0x0
[0315.855] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.855] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eecc8) returned 0x0
[0315.855] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.855] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0315.856] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e150) returned 0x0
[0315.856] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e140) returned 0x0
[0315.856] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0315.856] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.856] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0315.856] GetCurrentObject (hdc=0xe8010671, type=0x1) returned 0xb00017
[0315.856] GetCurrentObject (hdc=0xe8010671, type=0x2) returned 0x900010
[0315.856] GetCurrentObject (hdc=0xe8010671, type=0x7) returned 0x3c050793
[0315.856] GetCurrentObject (hdc=0xe8010671, type=0x6) returned 0x8a01c2
[0315.856] SaveDC (hdc=0xe8010671) returned 1
[0315.856] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x6e040807
[0315.856] GetClipRgn (hdc=0xe8010671, hrgn=0x6e040807) returned 0
[0315.856] SelectClipRgn (hdc=0xe8010671, hrgn=0xe90407de) returned 2
[0315.860] DeleteObject (ho=0x6e040807) returned 1
[0315.860] DeleteObject (ho=0xe90407de) returned 1
[0315.860] OffsetViewportOrgEx (in: hdc=0xe8010671, x=0, y=0, lppt=0x2e0a588 | out: lppt=0x2e0a588) returned 1
[0315.860] GetNearestColor (hdc=0xe8010671, color=0xf0f0f0) returned 0xf0f0f0
[0315.860] CreateSolidBrush (color=0xf0f0f0) returned 0x941007e1
[0315.860] FillRect (hDC=0xe8010671, lprc=0xd7e15c, hbr=0x941007e1) returned 1
[0315.861] DeleteObject (ho=0x941007e1) returned 1
[0315.861] RestoreDC (hdc=0xe8010671, nSavedDC=-1) returned 1
[0315.861] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010671) returned 0x0
[0315.861] GdipRestoreGraphics (graphics=0x6600030, state=0xf4ea0dbd) returned 0x0
[0315.861] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0315.862] GetWindowTextLengthW (hWnd=0x3302c8) returned 232
[0315.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0315.862] GetSystemMetrics (nIndex=42) returned 0
[0315.862] GetWindowTextW (in: hWnd=0x3302c8, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0315.862] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0315.862] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0315.862] GetCurrentObject (hdc=0xe8010671, type=0x1) returned 0xb00017
[0315.862] GetCurrentObject (hdc=0xe8010671, type=0x2) returned 0x900010
[0315.862] GetCurrentObject (hdc=0xe8010671, type=0x7) returned 0x3c050793
[0315.862] GetCurrentObject (hdc=0xe8010671, type=0x6) returned 0x8a01c2
[0315.862] SaveDC (hdc=0xe8010671) returned 1
[0315.862] GetNearestColor (hdc=0xe8010671, color=0x0) returned 0x0
[0315.862] RestoreDC (hdc=0xe8010671, nSavedDC=-1) returned 1
[0315.862] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010671) returned 0x0
[0315.863] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0315.863] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0315.863] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e0ad84 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0315.863] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0315.863] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0315.863] GetCurrentObject (hdc=0xe8010671, type=0x1) returned 0xb00017
[0315.863] GetCurrentObject (hdc=0xe8010671, type=0x2) returned 0x900010
[0315.863] GetCurrentObject (hdc=0xe8010671, type=0x7) returned 0x3c050793
[0315.863] GetCurrentObject (hdc=0xe8010671, type=0x6) returned 0x8a01c2
[0315.863] SaveDC (hdc=0xe8010671) returned 1
[0315.863] GetTextAlign (hdc=0xe8010671) returned 0x0
[0315.863] GetTextColor (hdc=0xe8010671) returned 0x0
[0315.863] GetCurrentObject (hdc=0xe8010671, type=0x6) returned 0x8a01c2
[0315.864] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0315.864] SelectObject (hdc=0xe8010671, h=0x6d0a0520) returned 0x8a01c2
[0315.864] GetBkMode (hdc=0xe8010671) returned 2
[0315.864] SetBkMode (hdc=0xe8010671, mode=1) returned 2
[0315.864] DrawTextExW (in: hdc=0xe8010671, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e0afa8 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0315.866] RestoreDC (hdc=0xe8010671, nSavedDC=-1) returned 1
[0315.866] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010671) returned 0x0
[0315.866] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0315.866] BitBlt (hdc=0x107b9, x=0, y=0, cx=354, cy=68, hdcSrc=0xe8010671, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.866] GdipReleaseDC (graphics=0x6600030, hdc=0xe8010671) returned 0x0
[0315.866] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.866] SelectObject (hdc=0xe8010671, h=0x85000f) returned 0x3c050793
[0315.867] DeleteDC (hdc=0xe8010671) returned 1
[0315.867] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.867] DeleteObject (ho=0x3c050793) returned 1
[0315.867] EndPaint (hWnd=0x3302c8, lpPaint=0xd7e258) returned 1
[0315.868] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.868] IsWindowUnicode (hWnd=0x3b02d8) returned 1
[0315.868] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.868] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.868] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.869] BeginPaint (in: hWnd=0x3b02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0315.869] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.869] CreateCompatibleDC (hdc=0x10105d6) returned 0x1a0107f4
[0315.869] SelectObject (hdc=0x1a0107f4, h=0x4a0507fe) returned 0x85000f
[0315.869] GdipCreateFromHDC (hdc=0x1a0107f4, graphics=0xd7e268) returned 0x0
[0315.869] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.869] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0315.869] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0315.869] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0315.869] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e2c8) returned 0x0
[0315.869] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0315.869] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0315.869] LocalFree (hMem=0x11ee868) returned 0x0
[0315.869] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0315.869] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0315.869] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0315.869] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0315.870] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0315.870] GdipRestoreGraphics (graphics=0x6600030, state=0xf4e80dbd) returned 0x0
[0315.870] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0315.870] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0315.870] GetCurrentObject (hdc=0x1a0107f4, type=0x1) returned 0xb00017
[0315.870] GetCurrentObject (hdc=0x1a0107f4, type=0x2) returned 0x900010
[0315.870] GetCurrentObject (hdc=0x1a0107f4, type=0x7) returned 0x4a0507fe
[0315.870] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.870] SaveDC (hdc=0x1a0107f4) returned 1
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0x696969) returned 0x696969
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0x0) returned 0x0
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0xffffff) returned 0xffffff
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0xe5e5e5) returned 0xe5e5e5
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0xd7d7d7) returned 0xd7d7d7
[0315.870] GetNearestColor (hdc=0x1a0107f4, color=0x0) returned 0x0
[0315.870] RestoreDC (hdc=0x1a0107f4, nSavedDC=-1) returned 1
[0315.871] GdipReleaseDC (graphics=0x6600030, hdc=0x1a0107f4) returned 0x0
[0315.871] IsAppThemed () returned 0x1
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] GdipGetImageWidth (image=0x66030e8, width=0xd7e168) returned 0x0
[0315.871] GdipGetImageHeight (image=0x66030e8, height=0xd7e168) returned 0x0
[0315.871] IsAppThemed () returned 0x1
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e0b6f8 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0315.871] IsAppThemed () returned 0x1
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] IsAppThemed () returned 0x1
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] GetThemeAppProperties () returned 0x3
[0315.871] GetFocus () returned 0x3b02d8
[0315.871] IsAppThemed () returned 0x1
[0315.871] GetThemeAppProperties () returned 0x3
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] IsAppThemed () returned 0x1
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] IsThemePartDefined () returned 0x1
[0315.872] IsAppThemed () returned 0x1
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0315.872] IsAppThemed () returned 0x1
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] IsAppThemed () returned 0x1
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] GetThemeAppProperties () returned 0x3
[0315.872] IsThemePartDefined () returned 0x1
[0315.872] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0315.872] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0315.873] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0315.873] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0315.873] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dff0) returned 0x0
[0315.873] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0315.873] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eead0) returned 0x0
[0315.873] LocalFree (hMem=0x11eead0) returned 0x0
[0315.873] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0315.873] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eea98) returned 0x0
[0315.873] LocalFree (hMem=0x11eea98) returned 0x0
[0315.873] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0315.873] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0315.873] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0315.873] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0315.873] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0315.873] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0315.873] GetCurrentObject (hdc=0x1a0107f4, type=0x1) returned 0xb00017
[0315.873] GetCurrentObject (hdc=0x1a0107f4, type=0x2) returned 0x900010
[0315.873] GetCurrentObject (hdc=0x1a0107f4, type=0x7) returned 0x4a0507fe
[0315.873] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.873] SaveDC (hdc=0x1a0107f4) returned 1
[0315.873] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xea0407de
[0315.873] GetClipRgn (hdc=0x1a0107f4, hrgn=0xea0407de) returned 0
[0315.874] SelectClipRgn (hdc=0x1a0107f4, hrgn=0x72040807) returned 2
[0315.874] DeleteObject (ho=0xea0407de) returned 1
[0315.874] DeleteObject (ho=0x72040807) returned 1
[0315.874] OffsetViewportOrgEx (in: hdc=0x1a0107f4, x=0, y=0, lppt=0x2e0bda8 | out: lppt=0x2e0bda8) returned 1
[0315.874] DrawThemeParentBackground () returned 0x0
[0315.874] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0315.874] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0315.874] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.874] GetSystemMetrics (nIndex=42) returned 0
[0315.874] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.874] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0315.874] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0315.874] GetCurrentObject (hdc=0x1a0107f4, type=0x1) returned 0xb00017
[0315.874] GetCurrentObject (hdc=0x1a0107f4, type=0x2) returned 0x900010
[0315.874] GetCurrentObject (hdc=0x1a0107f4, type=0x7) returned 0x4a0507fe
[0315.874] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.874] SaveDC (hdc=0x1a0107f4) returned 2
[0315.874] GetNearestColor (hdc=0x1a0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.874] CreateSolidBrush (color=0xf0f0f0) returned 0x951007e1
[0315.875] FillRect (hDC=0x1a0107f4, lprc=0xd7da38, hbr=0x951007e1) returned 1
[0315.875] DeleteObject (ho=0x951007e1) returned 1
[0315.875] RestoreDC (hdc=0x1a0107f4, nSavedDC=-1) returned 1
[0315.875] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.875] GetSystemMetrics (nIndex=42) returned 0
[0315.875] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0315.875] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0315.875] GetCurrentObject (hdc=0x1a0107f4, type=0x1) returned 0xb00017
[0315.875] GetCurrentObject (hdc=0x1a0107f4, type=0x2) returned 0x900010
[0315.875] GetCurrentObject (hdc=0x1a0107f4, type=0x7) returned 0x4a0507fe
[0315.875] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.875] SaveDC (hdc=0x1a0107f4) returned 2
[0315.875] GetNearestColor (hdc=0x1a0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.875] CreateSolidBrush (color=0xf0f0f0) returned 0x961007e1
[0315.875] FillRect (hDC=0x1a0107f4, lprc=0xd7d9d8, hbr=0x961007e1) returned 1
[0315.875] DeleteObject (ho=0x961007e1) returned 1
[0315.875] RestoreDC (hdc=0x1a0107f4, nSavedDC=-1) returned 1
[0315.875] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.875] GetSystemMetrics (nIndex=42) returned 0
[0315.875] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.875] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0315.876] RestoreDC (hdc=0x1a0107f4, nSavedDC=-1) returned 1
[0315.876] GdipReleaseDC (graphics=0x6600030, hdc=0x1a0107f4) returned 0x0
[0315.876] IsAppThemed () returned 0x1
[0315.876] GetThemeAppProperties () returned 0x3
[0315.876] GetThemeAppProperties () returned 0x3
[0315.876] IsAppThemed () returned 0x1
[0315.876] GetThemeAppProperties () returned 0x3
[0315.876] GetThemeAppProperties () returned 0x3
[0315.876] IsThemePartDefined () returned 0x1
[0315.876] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0315.876] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0315.876] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0315.876] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0315.876] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0315.876] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eecc8) returned 0x0
[0315.876] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.876] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0315.876] LocalFree (hMem=0x11ee868) returned 0x0
[0315.876] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0315.876] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0315.876] GdipIsInfiniteRegion (region=0x6646b98, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0315.877] GdipGetRegionHRgn (region=0x6646b98, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0315.877] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0315.877] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0315.877] GetCurrentObject (hdc=0x1a0107f4, type=0x1) returned 0xb00017
[0315.877] GetCurrentObject (hdc=0x1a0107f4, type=0x2) returned 0x900010
[0315.877] GetCurrentObject (hdc=0x1a0107f4, type=0x7) returned 0x4a0507fe
[0315.877] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.877] SaveDC (hdc=0x1a0107f4) returned 1
[0315.877] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x73040807
[0315.877] GetClipRgn (hdc=0x1a0107f4, hrgn=0x73040807) returned 0
[0315.877] SelectClipRgn (hdc=0x1a0107f4, hrgn=0xec0407de) returned 2
[0315.877] DeleteObject (ho=0x73040807) returned 1
[0315.877] DeleteObject (ho=0xec0407de) returned 1
[0315.877] OffsetViewportOrgEx (in: hdc=0x1a0107f4, x=0, y=0, lppt=0x2e0c654 | out: lppt=0x2e0c654) returned 1
[0315.877] IsAppThemed () returned 0x1
[0315.877] GetThemeAppProperties () returned 0x3
[0315.877] GetThemeAppProperties () returned 0x3
[0315.877] DrawThemeBackground () returned 0x0
[0315.877] RestoreDC (hdc=0x1a0107f4, nSavedDC=-1) returned 1
[0315.877] GdipReleaseDC (graphics=0x6600030, hdc=0x1a0107f4) returned 0x0
[0315.877] GdipCreateRegion (region=0xd7df60) returned 0x0
[0315.877] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.878] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0315.878] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0315.878] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df78) returned 0x0
[0315.878] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0315.878] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea28) returned 0x0
[0315.878] LocalFree (hMem=0x11eea28) returned 0x0
[0315.878] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0315.878] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee868) returned 0x0
[0315.878] LocalFree (hMem=0x11ee868) returned 0x0
[0315.878] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0315.878] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0315.878] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0315.878] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0315.878] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.878] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0315.878] GetCurrentObject (hdc=0x1a0107f4, type=0x1) returned 0xb00017
[0315.878] GetCurrentObject (hdc=0x1a0107f4, type=0x2) returned 0x900010
[0315.878] GetCurrentObject (hdc=0x1a0107f4, type=0x7) returned 0x4a0507fe
[0315.878] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.878] SaveDC (hdc=0x1a0107f4) returned 1
[0315.878] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xed0407de
[0315.878] GetClipRgn (hdc=0x1a0107f4, hrgn=0xed0407de) returned 0
[0315.878] SelectClipRgn (hdc=0x1a0107f4, hrgn=0x74040807) returned 2
[0315.879] DeleteObject (ho=0xed0407de) returned 1
[0315.879] DeleteObject (ho=0x74040807) returned 1
[0315.879] OffsetViewportOrgEx (in: hdc=0x1a0107f4, x=0, y=0, lppt=0x2e0c928 | out: lppt=0x2e0c928) returned 1
[0315.879] IsAppThemed () returned 0x1
[0315.879] GetThemeAppProperties () returned 0x3
[0315.879] GetThemeAppProperties () returned 0x3
[0315.879] GetThemeBackgroundContentRect () returned 0x0
[0315.879] RestoreDC (hdc=0x1a0107f4, nSavedDC=-1) returned 1
[0315.879] GdipReleaseDC (graphics=0x6600030, hdc=0x1a0107f4) returned 0x0
[0315.879] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0315.879] GdipGetClip (graphics=0x6600030, region=0x6646b98) returned 0x0
[0315.879] GdipCloneRegion (region=0x6646b98, cloneRegion=0xd7e150) returned 0x0
[0315.879] GdipCombineRegionRectI (region=0x66468c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0315.879] GdipCombineRegionRectI (region=0x66468c8, rect=0xd7e138, combineMode=0x1) returned 0x0
[0315.879] GdipSetClipRegion (graphics=0x6600030, region=0x66468c8, combineMode=0x0) returned 0x0
[0315.879] GdipGetImageWidth (image=0x66030e8, width=0xd7e154) returned 0x0
[0315.879] GdipGetImageHeight (image=0x66030e8, height=0xd7e148) returned 0x0
[0315.879] GdipDrawImageRectI (graphics=0x6600030, image=0x66030e8, x=4, y=4, width=16, height=16) returned 0x0
[0315.879] GdipSetClipRegion (graphics=0x6600030, region=0x6646b98, combineMode=0x0) returned 0x0
[0315.879] IsAppThemed () returned 0x1
[0315.879] GetThemeAppProperties () returned 0x3
[0315.879] GetThemeAppProperties () returned 0x3
[0315.879] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0315.880] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0315.880] GetCurrentObject (hdc=0x1a0107f4, type=0x1) returned 0xb00017
[0315.880] GetCurrentObject (hdc=0x1a0107f4, type=0x2) returned 0x900010
[0315.880] GetCurrentObject (hdc=0x1a0107f4, type=0x7) returned 0x4a0507fe
[0315.880] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.880] SaveDC (hdc=0x1a0107f4) returned 1
[0315.880] GetTextAlign (hdc=0x1a0107f4) returned 0x0
[0315.880] GetTextColor (hdc=0x1a0107f4) returned 0x0
[0315.880] GetCurrentObject (hdc=0x1a0107f4, type=0x6) returned 0x8a01c2
[0315.880] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0315.880] SelectObject (hdc=0x1a0107f4, h=0x6d0a0520) returned 0x8a01c2
[0315.880] GetBkMode (hdc=0x1a0107f4) returned 2
[0315.880] SetBkMode (hdc=0x1a0107f4, mode=1) returned 2
[0315.880] DrawTextExW (in: hdc=0x1a0107f4, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e0cce8 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0315.880] DrawTextExW (in: hdc=0x1a0107f4, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e0cce8 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0315.881] RestoreDC (hdc=0x1a0107f4, nSavedDC=-1) returned 1
[0315.881] GdipReleaseDC (graphics=0x6600030, hdc=0x1a0107f4) returned 0x0
[0315.881] GetFocus () returned 0x3b02d8
[0315.881] IsAppThemed () returned 0x1
[0315.881] GetThemeAppProperties () returned 0x3
[0315.881] GetThemeAppProperties () returned 0x3
[0315.881] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0315.881] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x1a0107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.881] GdipReleaseDC (graphics=0x6600030, hdc=0x1a0107f4) returned 0x0
[0315.881] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.881] SelectObject (hdc=0x1a0107f4, h=0x85000f) returned 0x4a0507fe
[0315.881] DeleteDC (hdc=0x1a0107f4) returned 1
[0315.881] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.881] EndPaint (hWnd=0x3b02d8, lpPaint=0xd7e24c) returned 1
[0315.882] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.882] IsWindowUnicode (hWnd=0x2f02ce) returned 1
[0315.882] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.882] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.882] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.882] BeginPaint (in: hWnd=0x2f02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0315.882] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.883] CreateCompatibleDC (hdc=0xf0105ee) returned 0x1c0107f4
[0315.883] SelectObject (hdc=0x1c0107f4, h=0x4a0507fe) returned 0x85000f
[0315.883] GdipCreateFromHDC (hdc=0x1c0107f4, graphics=0xd7e268) returned 0x0
[0315.883] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.883] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0315.883] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0315.883] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0315.883] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0315.883] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.883] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee788) returned 0x0
[0315.883] LocalFree (hMem=0x11ee788) returned 0x0
[0315.883] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0315.883] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0315.883] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.883] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0315.883] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0315.883] GdipRestoreGraphics (graphics=0x6600030, state=0xf4e60dbd) returned 0x0
[0315.883] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.883] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0315.883] GetCurrentObject (hdc=0x1c0107f4, type=0x1) returned 0xb00017
[0315.884] GetCurrentObject (hdc=0x1c0107f4, type=0x2) returned 0x900010
[0315.884] GetCurrentObject (hdc=0x1c0107f4, type=0x7) returned 0x4a0507fe
[0315.884] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.884] SaveDC (hdc=0x1c0107f4) returned 1
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0x696969) returned 0x696969
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0x0) returned 0x0
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0xffffff) returned 0xffffff
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0xe5e5e5) returned 0xe5e5e5
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0xd7d7d7) returned 0xd7d7d7
[0315.884] GetNearestColor (hdc=0x1c0107f4, color=0x0) returned 0x0
[0315.884] RestoreDC (hdc=0x1c0107f4, nSavedDC=-1) returned 1
[0315.884] GdipReleaseDC (graphics=0x6600030, hdc=0x1c0107f4) returned 0x0
[0315.884] IsAppThemed () returned 0x1
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0315.885] SendMessageW (hWnd=0x3902dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0315.885] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0315.885] IsAppThemed () returned 0x1
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df90, format=0x102415, lpdtp=0x2e0d4f8 | out: lpchText="&Continue", lprc=0xd7df90) returned 13
[0315.885] IsAppThemed () returned 0x1
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] IsAppThemed () returned 0x1
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] GetFocus () returned 0x3b02d8
[0315.885] IsAppThemed () returned 0x1
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] IsAppThemed () returned 0x1
[0315.885] GetThemeAppProperties () returned 0x3
[0315.885] GetThemeAppProperties () returned 0x3
[0315.886] IsThemePartDefined () returned 0x1
[0315.886] IsAppThemed () returned 0x1
[0315.886] GetThemeAppProperties () returned 0x3
[0315.886] GetThemeAppProperties () returned 0x3
[0315.886] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0315.886] IsAppThemed () returned 0x1
[0315.886] GetThemeAppProperties () returned 0x3
[0315.886] GetThemeAppProperties () returned 0x3
[0315.886] IsAppThemed () returned 0x1
[0315.886] GetThemeAppProperties () returned 0x3
[0315.886] GetThemeAppProperties () returned 0x3
[0315.886] IsThemePartDefined () returned 0x1
[0315.886] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0315.886] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.886] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0315.886] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0315.886] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dff0) returned 0x0
[0315.886] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.886] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0315.886] LocalFree (hMem=0x11ee788) returned 0x0
[0315.886] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0315.886] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0315.886] LocalFree (hMem=0x11ee9f0) returned 0x0
[0315.886] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0315.886] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0315.886] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0315.886] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0315.887] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.887] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0315.887] GetCurrentObject (hdc=0x1c0107f4, type=0x1) returned 0xb00017
[0315.887] GetCurrentObject (hdc=0x1c0107f4, type=0x2) returned 0x900010
[0315.887] GetCurrentObject (hdc=0x1c0107f4, type=0x7) returned 0x4a0507fe
[0315.887] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.887] SaveDC (hdc=0x1c0107f4) returned 1
[0315.887] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x75040807
[0315.887] GetClipRgn (hdc=0x1c0107f4, hrgn=0x75040807) returned 0
[0315.887] SelectClipRgn (hdc=0x1c0107f4, hrgn=0xf10407de) returned 2
[0315.887] DeleteObject (ho=0x75040807) returned 1
[0315.887] DeleteObject (ho=0xf10407de) returned 1
[0315.887] OffsetViewportOrgEx (in: hdc=0x1c0107f4, x=0, y=0, lppt=0x2e0dba8 | out: lppt=0x2e0dba8) returned 1
[0315.887] DrawThemeParentBackground () returned 0x0
[0315.887] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0315.887] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0315.893] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.893] GetSystemMetrics (nIndex=42) returned 0
[0315.893] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.893] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0315.893] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0315.893] GetCurrentObject (hdc=0x1c0107f4, type=0x1) returned 0xb00017
[0315.893] GetCurrentObject (hdc=0x1c0107f4, type=0x2) returned 0x900010
[0315.893] GetCurrentObject (hdc=0x1c0107f4, type=0x7) returned 0x4a0507fe
[0315.893] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.893] SaveDC (hdc=0x1c0107f4) returned 2
[0315.893] GetNearestColor (hdc=0x1c0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.893] CreateSolidBrush (color=0xf0f0f0) returned 0x971007e1
[0315.894] FillRect (hDC=0x1c0107f4, lprc=0xd7da38, hbr=0x971007e1) returned 1
[0315.894] DeleteObject (ho=0x971007e1) returned 1
[0315.894] RestoreDC (hdc=0x1c0107f4, nSavedDC=-1) returned 1
[0315.894] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.894] GetSystemMetrics (nIndex=42) returned 0
[0315.894] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0315.894] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0315.894] GetCurrentObject (hdc=0x1c0107f4, type=0x1) returned 0xb00017
[0315.894] GetCurrentObject (hdc=0x1c0107f4, type=0x2) returned 0x900010
[0315.894] GetCurrentObject (hdc=0x1c0107f4, type=0x7) returned 0x4a0507fe
[0315.894] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.894] SaveDC (hdc=0x1c0107f4) returned 2
[0315.894] GetNearestColor (hdc=0x1c0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.894] CreateSolidBrush (color=0xf0f0f0) returned 0x981007e1
[0315.894] FillRect (hDC=0x1c0107f4, lprc=0xd7d9d8, hbr=0x981007e1) returned 1
[0315.894] DeleteObject (ho=0x981007e1) returned 1
[0315.894] RestoreDC (hdc=0x1c0107f4, nSavedDC=-1) returned 1
[0315.894] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.894] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.895] GetSystemMetrics (nIndex=42) returned 0
[0315.895] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.895] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0315.895] RestoreDC (hdc=0x1c0107f4, nSavedDC=-1) returned 1
[0315.895] GdipReleaseDC (graphics=0x6600030, hdc=0x1c0107f4) returned 0x0
[0315.895] IsAppThemed () returned 0x1
[0315.895] GetThemeAppProperties () returned 0x3
[0315.895] GetThemeAppProperties () returned 0x3
[0315.895] IsAppThemed () returned 0x1
[0315.895] GetThemeAppProperties () returned 0x3
[0315.895] GetThemeAppProperties () returned 0x3
[0315.895] IsThemePartDefined () returned 0x1
[0315.895] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0315.895] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0315.895] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0315.895] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0315.895] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7df74) returned 0x0
[0315.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.895] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eecc8) returned 0x0
[0315.895] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.895] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.896] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee788) returned 0x0
[0315.896] LocalFree (hMem=0x11ee788) returned 0x0
[0315.896] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0315.896] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0315.896] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0315.896] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0315.896] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0315.896] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0315.896] GetCurrentObject (hdc=0x1c0107f4, type=0x1) returned 0xb00017
[0315.896] GetCurrentObject (hdc=0x1c0107f4, type=0x2) returned 0x900010
[0315.896] GetCurrentObject (hdc=0x1c0107f4, type=0x7) returned 0x4a0507fe
[0315.896] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.896] SaveDC (hdc=0x1c0107f4) returned 1
[0315.896] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf20407de
[0315.896] GetClipRgn (hdc=0x1c0107f4, hrgn=0xf20407de) returned 0
[0315.896] SelectClipRgn (hdc=0x1c0107f4, hrgn=0x77040807) returned 2
[0315.896] DeleteObject (ho=0xf20407de) returned 1
[0315.896] DeleteObject (ho=0x77040807) returned 1
[0315.896] OffsetViewportOrgEx (in: hdc=0x1c0107f4, x=0, y=0, lppt=0x2e0e454 | out: lppt=0x2e0e454) returned 1
[0315.896] IsAppThemed () returned 0x1
[0315.897] GetThemeAppProperties () returned 0x3
[0315.897] GetThemeAppProperties () returned 0x3
[0315.897] DrawThemeBackground () returned 0x0
[0315.897] RestoreDC (hdc=0x1c0107f4, nSavedDC=-1) returned 1
[0315.897] GdipReleaseDC (graphics=0x6600030, hdc=0x1c0107f4) returned 0x0
[0315.897] GdipCreateRegion (region=0xd7df60) returned 0x0
[0315.897] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.897] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0315.897] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0315.897] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7df78) returned 0x0
[0315.897] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0315.897] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eea98) returned 0x0
[0315.897] LocalFree (hMem=0x11eea98) returned 0x0
[0315.897] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0315.897] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee910) returned 0x0
[0315.897] LocalFree (hMem=0x11ee910) returned 0x0
[0315.897] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0315.897] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0315.897] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0315.897] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0315.897] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.897] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0315.897] GetCurrentObject (hdc=0x1c0107f4, type=0x1) returned 0xb00017
[0315.897] GetCurrentObject (hdc=0x1c0107f4, type=0x2) returned 0x900010
[0315.898] GetCurrentObject (hdc=0x1c0107f4, type=0x7) returned 0x4a0507fe
[0315.898] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.898] SaveDC (hdc=0x1c0107f4) returned 1
[0315.898] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x78040807
[0315.898] GetClipRgn (hdc=0x1c0107f4, hrgn=0x78040807) returned 0
[0315.898] SelectClipRgn (hdc=0x1c0107f4, hrgn=0xf30407de) returned 2
[0315.898] DeleteObject (ho=0x78040807) returned 1
[0315.898] DeleteObject (ho=0xf30407de) returned 1
[0315.898] OffsetViewportOrgEx (in: hdc=0x1c0107f4, x=0, y=0, lppt=0x2e0e728 | out: lppt=0x2e0e728) returned 1
[0315.898] IsAppThemed () returned 0x1
[0315.898] GetThemeAppProperties () returned 0x3
[0315.898] GetThemeAppProperties () returned 0x3
[0315.898] GetThemeBackgroundContentRect () returned 0x0
[0315.898] RestoreDC (hdc=0x1c0107f4, nSavedDC=-1) returned 1
[0315.898] GdipReleaseDC (graphics=0x6600030, hdc=0x1c0107f4) returned 0x0
[0315.898] IsAppThemed () returned 0x1
[0315.898] GetThemeAppProperties () returned 0x3
[0315.898] GetThemeAppProperties () returned 0x3
[0315.898] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0315.898] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0315.898] GetCurrentObject (hdc=0x1c0107f4, type=0x1) returned 0xb00017
[0315.898] GetCurrentObject (hdc=0x1c0107f4, type=0x2) returned 0x900010
[0315.899] GetCurrentObject (hdc=0x1c0107f4, type=0x7) returned 0x4a0507fe
[0315.899] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.899] SaveDC (hdc=0x1c0107f4) returned 1
[0315.899] GetTextAlign (hdc=0x1c0107f4) returned 0x0
[0315.899] GetTextColor (hdc=0x1c0107f4) returned 0x0
[0315.899] GetCurrentObject (hdc=0x1c0107f4, type=0x6) returned 0x8a01c2
[0315.899] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0315.899] SelectObject (hdc=0x1c0107f4, h=0x6d0a0520) returned 0x8a01c2
[0315.899] GetBkMode (hdc=0x1c0107f4) returned 2
[0315.899] SetBkMode (hdc=0x1c0107f4, mode=1) returned 2
[0315.899] DrawTextExW (in: hdc=0x1c0107f4, lpchText="&Continue", cchText=9, lprc=0xd7def8, format=0x102415, lpdtp=0x2e0eac8 | out: lpchText="&Continue", lprc=0xd7def8) returned 13
[0315.899] DrawTextExW (in: hdc=0x1c0107f4, lpchText="&Continue", cchText=9, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e0eac8 | out: lpchText="&Continue", lprc=0xd7e05c) returned 13
[0315.900] RestoreDC (hdc=0x1c0107f4, nSavedDC=-1) returned 1
[0315.900] GdipReleaseDC (graphics=0x6600030, hdc=0x1c0107f4) returned 0x0
[0315.900] GetFocus () returned 0x3b02d8
[0315.900] IsAppThemed () returned 0x1
[0315.900] GetThemeAppProperties () returned 0x3
[0315.900] GetThemeAppProperties () returned 0x3
[0315.900] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0315.900] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x1c0107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.900] GdipReleaseDC (graphics=0x6600030, hdc=0x1c0107f4) returned 0x0
[0315.900] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.900] SelectObject (hdc=0x1c0107f4, h=0x85000f) returned 0x4a0507fe
[0315.900] DeleteDC (hdc=0x1c0107f4) returned 1
[0315.900] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.900] EndPaint (hWnd=0x2f02ce, lpPaint=0xd7e24c) returned 1
[0315.901] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0315.901] IsWindowUnicode (hWnd=0x2f02ce) returned 1
[0315.901] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0315.901] SetCursor (hCursor=0x10003) returned 0x10003
[0315.901] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.901] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.901] _TrackMouseEvent (in: lpEventTrack=0x2e0ebc4 | out: lpEventTrack=0x2e0ebc4) returned 1
[0315.901] SendMessageW (hWnd=0x2f02ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0315.901] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0315.901] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0315.901] GetKeyState (nVirtKey=1) returned 0
[0315.901] GetKeyState (nVirtKey=2) returned 0
[0315.901] GetKeyState (nVirtKey=4) returned 0
[0315.901] GetKeyState (nVirtKey=5) returned 0
[0315.901] GetKeyState (nVirtKey=6) returned 0
[0315.901] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.902] IsWindowUnicode (hWnd=0x2f02ce) returned 1
[0315.902] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.902] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.902] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.902] BeginPaint (in: hWnd=0x2f02ce, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0315.902] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.902] CreateCompatibleDC (hdc=0xf0105ee) returned 0x1d0107f4
[0315.902] SelectObject (hdc=0x1d0107f4, h=0x4a0507fe) returned 0x85000f
[0315.902] GdipCreateFromHDC (hdc=0x1d0107f4, graphics=0xd7e268) returned 0x0
[0315.902] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.902] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0315.902] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0315.902] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0315.902] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0315.902] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.902] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0315.902] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.902] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0315.903] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0315.903] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.903] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0315.903] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0315.903] GdipRestoreGraphics (graphics=0x6600030, state=0xf4e40dbd) returned 0x0
[0315.903] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.903] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0315.903] GetCurrentObject (hdc=0x1d0107f4, type=0x1) returned 0xb00017
[0315.903] GetCurrentObject (hdc=0x1d0107f4, type=0x2) returned 0x900010
[0315.903] GetCurrentObject (hdc=0x1d0107f4, type=0x7) returned 0x4a0507fe
[0315.903] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.903] SaveDC (hdc=0x1d0107f4) returned 1
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0x696969) returned 0x696969
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0x0) returned 0x0
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0xffffff) returned 0xffffff
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0xe5e5e5) returned 0xe5e5e5
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0xd7d7d7) returned 0xd7d7d7
[0315.904] GetNearestColor (hdc=0x1d0107f4, color=0x0) returned 0x0
[0315.904] RestoreDC (hdc=0x1d0107f4, nSavedDC=-1) returned 1
[0315.904] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107f4) returned 0x0
[0315.904] IsAppThemed () returned 0x1
[0315.904] GetThemeAppProperties () returned 0x3
[0315.904] GetThemeAppProperties () returned 0x3
[0315.904] IsAppThemed () returned 0x1
[0315.904] GetThemeAppProperties () returned 0x3
[0315.904] GetThemeAppProperties () returned 0x3
[0315.904] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e0f324 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0315.905] IsAppThemed () returned 0x1
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] IsAppThemed () returned 0x1
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] IsAppThemed () returned 0x1
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] IsAppThemed () returned 0x1
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] IsThemePartDefined () returned 0x1
[0315.905] IsAppThemed () returned 0x1
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0315.905] IsAppThemed () returned 0x1
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] IsAppThemed () returned 0x1
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] GetThemeAppProperties () returned 0x3
[0315.905] IsThemePartDefined () returned 0x1
[0315.905] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0315.905] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0315.905] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0315.906] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0315.906] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dfe4) returned 0x0
[0315.906] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee868) returned 0x0
[0315.906] LocalFree (hMem=0x11ee868) returned 0x0
[0315.906] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11ee8d8) returned 0x0
[0315.906] LocalFree (hMem=0x11ee8d8) returned 0x0
[0315.906] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0315.906] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0315.906] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0315.906] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0315.906] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0315.906] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0315.906] GetCurrentObject (hdc=0x1d0107f4, type=0x1) returned 0xb00017
[0315.906] GetCurrentObject (hdc=0x1d0107f4, type=0x2) returned 0x900010
[0315.906] GetCurrentObject (hdc=0x1d0107f4, type=0x7) returned 0x4a0507fe
[0315.906] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.906] SaveDC (hdc=0x1d0107f4) returned 1
[0315.906] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf40407de
[0315.906] GetClipRgn (hdc=0x1d0107f4, hrgn=0xf40407de) returned 0
[0315.906] SelectClipRgn (hdc=0x1d0107f4, hrgn=0x7c040807) returned 2
[0315.906] DeleteObject (ho=0xf40407de) returned 1
[0315.906] DeleteObject (ho=0x7c040807) returned 1
[0315.906] OffsetViewportOrgEx (in: hdc=0x1d0107f4, x=0, y=0, lppt=0x2e0f9d4 | out: lppt=0x2e0f9d4) returned 1
[0315.907] DrawThemeParentBackground () returned 0x0
[0315.907] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0315.907] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0315.907] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.907] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.907] GetSystemMetrics (nIndex=42) returned 0
[0315.907] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.907] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0315.907] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0315.907] GetCurrentObject (hdc=0x1d0107f4, type=0x1) returned 0xb00017
[0315.907] GetCurrentObject (hdc=0x1d0107f4, type=0x2) returned 0x900010
[0315.907] GetCurrentObject (hdc=0x1d0107f4, type=0x7) returned 0x4a0507fe
[0315.907] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.907] SaveDC (hdc=0x1d0107f4) returned 2
[0315.907] GetNearestColor (hdc=0x1d0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.907] CreateSolidBrush (color=0xf0f0f0) returned 0x991007e1
[0315.907] FillRect (hDC=0x1d0107f4, lprc=0xd7da30, hbr=0x991007e1) returned 1
[0315.907] DeleteObject (ho=0x991007e1) returned 1
[0315.907] RestoreDC (hdc=0x1d0107f4, nSavedDC=-1) returned 1
[0315.908] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.908] GetSystemMetrics (nIndex=42) returned 0
[0315.908] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0315.908] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0315.908] GetCurrentObject (hdc=0x1d0107f4, type=0x1) returned 0xb00017
[0315.908] GetCurrentObject (hdc=0x1d0107f4, type=0x2) returned 0x900010
[0315.908] GetCurrentObject (hdc=0x1d0107f4, type=0x7) returned 0x4a0507fe
[0315.908] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.908] SaveDC (hdc=0x1d0107f4) returned 2
[0315.908] GetNearestColor (hdc=0x1d0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.908] CreateSolidBrush (color=0xf0f0f0) returned 0x9a1007e1
[0315.908] FillRect (hDC=0x1d0107f4, lprc=0xd7d9d0, hbr=0x9a1007e1) returned 1
[0315.908] DeleteObject (ho=0x9a1007e1) returned 1
[0315.908] RestoreDC (hdc=0x1d0107f4, nSavedDC=-1) returned 1
[0315.908] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.908] GetSystemMetrics (nIndex=42) returned 0
[0315.908] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.908] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0315.909] RestoreDC (hdc=0x1d0107f4, nSavedDC=-1) returned 1
[0315.909] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107f4) returned 0x0
[0315.909] IsAppThemed () returned 0x1
[0315.909] GetThemeAppProperties () returned 0x3
[0315.909] GetThemeAppProperties () returned 0x3
[0315.909] IsAppThemed () returned 0x1
[0315.909] GetThemeAppProperties () returned 0x3
[0315.909] GetThemeAppProperties () returned 0x3
[0315.909] IsThemePartDefined () returned 0x1
[0315.909] GdipCreateRegion (region=0xd7df50) returned 0x0
[0315.909] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0315.909] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0315.909] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0315.909] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7df68) returned 0x0
[0315.909] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0315.909] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee9f0) returned 0x0
[0315.909] LocalFree (hMem=0x11ee9f0) returned 0x0
[0315.909] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.909] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0315.909] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.909] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0315.909] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0315.910] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0315.910] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0315.910] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0315.910] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0315.910] GetCurrentObject (hdc=0x1d0107f4, type=0x1) returned 0xb00017
[0315.910] GetCurrentObject (hdc=0x1d0107f4, type=0x2) returned 0x900010
[0315.910] GetCurrentObject (hdc=0x1d0107f4, type=0x7) returned 0x4a0507fe
[0315.910] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.910] SaveDC (hdc=0x1d0107f4) returned 1
[0315.910] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7d040807
[0315.910] GetClipRgn (hdc=0x1d0107f4, hrgn=0x7d040807) returned 0
[0315.910] SelectClipRgn (hdc=0x1d0107f4, hrgn=0xf60407de) returned 2
[0315.910] DeleteObject (ho=0x7d040807) returned 1
[0315.910] DeleteObject (ho=0xf60407de) returned 1
[0315.910] OffsetViewportOrgEx (in: hdc=0x1d0107f4, x=0, y=0, lppt=0x2e10280 | out: lppt=0x2e10280) returned 1
[0315.910] IsAppThemed () returned 0x1
[0315.910] GetThemeAppProperties () returned 0x3
[0315.910] GetThemeAppProperties () returned 0x3
[0315.910] DrawThemeBackground () returned 0x0
[0315.910] RestoreDC (hdc=0x1d0107f4, nSavedDC=-1) returned 1
[0315.910] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107f4) returned 0x0
[0315.911] GdipCreateRegion (region=0xd7df54) returned 0x0
[0315.911] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0315.911] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0315.911] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0315.911] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7df6c) returned 0x0
[0315.911] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0315.911] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee9f0) returned 0x0
[0315.911] LocalFree (hMem=0x11ee9f0) returned 0x0
[0315.911] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0315.911] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0315.911] LocalFree (hMem=0x11ee868) returned 0x0
[0315.911] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0315.911] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0315.911] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0315.911] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0315.911] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0315.911] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0315.911] GetCurrentObject (hdc=0x1d0107f4, type=0x1) returned 0xb00017
[0315.911] GetCurrentObject (hdc=0x1d0107f4, type=0x2) returned 0x900010
[0315.911] GetCurrentObject (hdc=0x1d0107f4, type=0x7) returned 0x4a0507fe
[0315.911] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.911] SaveDC (hdc=0x1d0107f4) returned 1
[0315.912] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xf70407de
[0315.912] GetClipRgn (hdc=0x1d0107f4, hrgn=0xf70407de) returned 0
[0315.912] SelectClipRgn (hdc=0x1d0107f4, hrgn=0x7e040807) returned 2
[0315.912] DeleteObject (ho=0xf70407de) returned 1
[0315.912] DeleteObject (ho=0x7e040807) returned 1
[0315.912] OffsetViewportOrgEx (in: hdc=0x1d0107f4, x=0, y=0, lppt=0x2e10554 | out: lppt=0x2e10554) returned 1
[0315.912] IsAppThemed () returned 0x1
[0315.912] GetThemeAppProperties () returned 0x3
[0315.912] GetThemeAppProperties () returned 0x3
[0315.912] GetThemeBackgroundContentRect () returned 0x0
[0315.912] RestoreDC (hdc=0x1d0107f4, nSavedDC=-1) returned 1
[0315.912] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107f4) returned 0x0
[0315.912] IsAppThemed () returned 0x1
[0315.912] GetThemeAppProperties () returned 0x3
[0315.912] GetThemeAppProperties () returned 0x3
[0315.912] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0315.912] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0315.912] GetCurrentObject (hdc=0x1d0107f4, type=0x1) returned 0xb00017
[0315.912] GetCurrentObject (hdc=0x1d0107f4, type=0x2) returned 0x900010
[0315.912] GetCurrentObject (hdc=0x1d0107f4, type=0x7) returned 0x4a0507fe
[0315.912] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.912] SaveDC (hdc=0x1d0107f4) returned 1
[0315.913] GetTextAlign (hdc=0x1d0107f4) returned 0x0
[0315.913] GetTextColor (hdc=0x1d0107f4) returned 0x0
[0315.913] GetCurrentObject (hdc=0x1d0107f4, type=0x6) returned 0x8a01c2
[0315.913] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0315.913] SelectObject (hdc=0x1d0107f4, h=0x6d0a0520) returned 0x8a01c2
[0315.913] GetBkMode (hdc=0x1d0107f4) returned 2
[0315.913] SetBkMode (hdc=0x1d0107f4, mode=1) returned 2
[0315.913] DrawTextExW (in: hdc=0x1d0107f4, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e108f4 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0315.913] DrawTextExW (in: hdc=0x1d0107f4, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e108f4 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0315.913] RestoreDC (hdc=0x1d0107f4, nSavedDC=-1) returned 1
[0315.913] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107f4) returned 0x0
[0315.914] GetFocus () returned 0x3b02d8
[0315.914] IsAppThemed () returned 0x1
[0315.914] GetThemeAppProperties () returned 0x3
[0315.914] GetThemeAppProperties () returned 0x3
[0315.914] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0315.914] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0x1d0107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.914] GdipReleaseDC (graphics=0x6600030, hdc=0x1d0107f4) returned 0x0
[0315.914] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.914] SelectObject (hdc=0x1d0107f4, h=0x85000f) returned 0x4a0507fe
[0315.914] DeleteDC (hdc=0x1d0107f4) returned 1
[0315.914] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.914] EndPaint (hWnd=0x2f02ce, lpPaint=0xd7e24c) returned 1
[0315.914] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.914] IsWindowUnicode (hWnd=0x3902de) returned 1
[0315.914] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.915] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.915] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.915] BeginPaint (in: hWnd=0x3902de, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0315.915] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.915] CreateCompatibleDC (hdc=0x60100ce) returned 0x1f0107f4
[0315.915] SelectObject (hdc=0x1f0107f4, h=0x4a0507fe) returned 0x85000f
[0315.915] GdipCreateFromHDC (hdc=0x1f0107f4, graphics=0xd7e268) returned 0x0
[0315.915] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.915] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0315.915] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0315.915] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0315.915] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0315.915] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0315.915] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee9f0) returned 0x0
[0315.915] LocalFree (hMem=0x11ee9f0) returned 0x0
[0315.916] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0315.916] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0315.916] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.916] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0315.916] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0315.916] GdipRestoreGraphics (graphics=0x6600030, state=0xf4e20dbd) returned 0x0
[0315.916] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.916] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0315.916] GetCurrentObject (hdc=0x1f0107f4, type=0x1) returned 0xb00017
[0315.916] GetCurrentObject (hdc=0x1f0107f4, type=0x2) returned 0x900010
[0315.916] GetCurrentObject (hdc=0x1f0107f4, type=0x7) returned 0x4a0507fe
[0315.916] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.916] SaveDC (hdc=0x1f0107f4) returned 1
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0x696969) returned 0x696969
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0xa0a0a0) returned 0xa0a0a0
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0x0) returned 0x0
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0xffffff) returned 0xffffff
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0xe5e5e5) returned 0xe5e5e5
[0315.916] GetNearestColor (hdc=0x1f0107f4, color=0xd7d7d7) returned 0xd7d7d7
[0315.917] GetNearestColor (hdc=0x1f0107f4, color=0x0) returned 0x0
[0315.917] RestoreDC (hdc=0x1f0107f4, nSavedDC=-1) returned 1
[0315.917] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107f4) returned 0x0
[0315.917] IsAppThemed () returned 0x1
[0315.917] GetThemeAppProperties () returned 0x3
[0315.917] GetThemeAppProperties () returned 0x3
[0315.917] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0315.917] SendMessageW (hWnd=0x3902dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0315.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0315.917] IsAppThemed () returned 0x1
[0315.917] GetThemeAppProperties () returned 0x3
[0315.917] GetThemeAppProperties () returned 0x3
[0315.917] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e11104 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0315.917] IsAppThemed () returned 0x1
[0315.917] GetThemeAppProperties () returned 0x3
[0315.917] GetThemeAppProperties () returned 0x3
[0315.917] IsAppThemed () returned 0x1
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] GetFocus () returned 0x3b02d8
[0315.918] IsAppThemed () returned 0x1
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] IsAppThemed () returned 0x1
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] IsThemePartDefined () returned 0x1
[0315.918] IsAppThemed () returned 0x1
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0315.918] IsAppThemed () returned 0x1
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] IsAppThemed () returned 0x1
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] GetThemeAppProperties () returned 0x3
[0315.918] IsThemePartDefined () returned 0x1
[0315.918] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0315.918] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.918] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0315.918] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0315.918] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7dff0) returned 0x0
[0315.918] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.918] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0315.919] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.919] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0315.919] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11eecc8) returned 0x0
[0315.928] LocalFree (hMem=0x11eecc8) returned 0x0
[0315.928] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0315.928] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0315.928] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0315.928] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0315.928] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.928] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0315.928] GetCurrentObject (hdc=0x1f0107f4, type=0x1) returned 0xb00017
[0315.928] GetCurrentObject (hdc=0x1f0107f4, type=0x2) returned 0x900010
[0315.928] GetCurrentObject (hdc=0x1f0107f4, type=0x7) returned 0x4a0507fe
[0315.928] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.928] SaveDC (hdc=0x1f0107f4) returned 1
[0315.928] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x7f040807
[0315.928] GetClipRgn (hdc=0x1f0107f4, hrgn=0x7f040807) returned 0
[0315.928] SelectClipRgn (hdc=0x1f0107f4, hrgn=0xfb0407de) returned 2
[0315.928] DeleteObject (ho=0x7f040807) returned 1
[0315.928] DeleteObject (ho=0xfb0407de) returned 1
[0315.928] OffsetViewportOrgEx (in: hdc=0x1f0107f4, x=0, y=0, lppt=0x2e117b4 | out: lppt=0x2e117b4) returned 1
[0315.928] DrawThemeParentBackground () returned 0x0
[0315.929] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0315.929] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0315.929] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.929] GetSystemMetrics (nIndex=42) returned 0
[0315.929] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.929] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0315.929] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0315.929] GetCurrentObject (hdc=0x1f0107f4, type=0x1) returned 0xb00017
[0315.929] GetCurrentObject (hdc=0x1f0107f4, type=0x2) returned 0x900010
[0315.929] GetCurrentObject (hdc=0x1f0107f4, type=0x7) returned 0x4a0507fe
[0315.929] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.929] SaveDC (hdc=0x1f0107f4) returned 2
[0315.929] GetNearestColor (hdc=0x1f0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.929] CreateSolidBrush (color=0xf0f0f0) returned 0x9b1007e1
[0315.929] FillRect (hDC=0x1f0107f4, lprc=0xd7da38, hbr=0x9b1007e1) returned 1
[0315.929] DeleteObject (ho=0x9b1007e1) returned 1
[0315.929] RestoreDC (hdc=0x1f0107f4, nSavedDC=-1) returned 1
[0315.930] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.930] GetSystemMetrics (nIndex=42) returned 0
[0315.930] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0315.930] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0315.930] GetCurrentObject (hdc=0x1f0107f4, type=0x1) returned 0xb00017
[0315.930] GetCurrentObject (hdc=0x1f0107f4, type=0x2) returned 0x900010
[0315.930] GetCurrentObject (hdc=0x1f0107f4, type=0x7) returned 0x4a0507fe
[0315.930] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.930] SaveDC (hdc=0x1f0107f4) returned 2
[0315.930] GetNearestColor (hdc=0x1f0107f4, color=0xf0f0f0) returned 0xf0f0f0
[0315.930] CreateSolidBrush (color=0xf0f0f0) returned 0x9c1007e1
[0315.930] FillRect (hDC=0x1f0107f4, lprc=0xd7d9d8, hbr=0x9c1007e1) returned 1
[0315.930] DeleteObject (ho=0x9c1007e1) returned 1
[0315.930] RestoreDC (hdc=0x1f0107f4, nSavedDC=-1) returned 1
[0315.930] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0315.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.930] GetSystemMetrics (nIndex=42) returned 0
[0315.930] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0315.931] RestoreDC (hdc=0x1f0107f4, nSavedDC=-1) returned 1
[0315.931] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107f4) returned 0x0
[0315.931] IsAppThemed () returned 0x1
[0315.931] GetThemeAppProperties () returned 0x3
[0315.931] GetThemeAppProperties () returned 0x3
[0315.931] IsAppThemed () returned 0x1
[0315.931] GetThemeAppProperties () returned 0x3
[0315.931] GetThemeAppProperties () returned 0x3
[0315.931] IsThemePartDefined () returned 0x1
[0315.931] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0315.931] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0315.931] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0315.931] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ae8) returned 0x0
[0315.931] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df74) returned 0x0
[0315.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0315.931] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eea28) returned 0x0
[0315.931] LocalFree (hMem=0x11eea28) returned 0x0
[0315.931] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0315.931] GdipGetMatrixElements (matrix=0x6638ae8, matrixOut=0x11eead0) returned 0x0
[0315.932] LocalFree (hMem=0x11eead0) returned 0x0
[0315.932] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0315.932] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0315.932] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0315.932] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0315.932] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0315.932] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0315.932] GetCurrentObject (hdc=0x1f0107f4, type=0x1) returned 0xb00017
[0315.932] GetCurrentObject (hdc=0x1f0107f4, type=0x2) returned 0x900010
[0315.932] GetCurrentObject (hdc=0x1f0107f4, type=0x7) returned 0x4a0507fe
[0315.932] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.932] SaveDC (hdc=0x1f0107f4) returned 1
[0315.932] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfc0407de
[0315.932] GetClipRgn (hdc=0x1f0107f4, hrgn=0xfc0407de) returned 0
[0315.932] SelectClipRgn (hdc=0x1f0107f4, hrgn=0x81040807) returned 2
[0315.932] DeleteObject (ho=0xfc0407de) returned 1
[0315.932] DeleteObject (ho=0x81040807) returned 1
[0315.932] OffsetViewportOrgEx (in: hdc=0x1f0107f4, x=0, y=0, lppt=0x2e12060 | out: lppt=0x2e12060) returned 1
[0315.932] IsAppThemed () returned 0x1
[0315.932] GetThemeAppProperties () returned 0x3
[0315.932] GetThemeAppProperties () returned 0x3
[0315.933] DrawThemeBackground () returned 0x0
[0315.933] RestoreDC (hdc=0x1f0107f4, nSavedDC=-1) returned 1
[0315.933] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107f4) returned 0x0
[0315.933] GdipCreateRegion (region=0xd7df60) returned 0x0
[0315.933] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0315.933] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0315.933] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0315.933] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0315.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0315.933] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee9f0) returned 0x0
[0315.933] LocalFree (hMem=0x11ee9f0) returned 0x0
[0315.933] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0315.933] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eead0) returned 0x0
[0315.933] LocalFree (hMem=0x11eead0) returned 0x0
[0315.933] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0315.933] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0315.933] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0315.933] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0315.933] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0315.933] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0315.933] GetCurrentObject (hdc=0x1f0107f4, type=0x1) returned 0xb00017
[0315.933] GetCurrentObject (hdc=0x1f0107f4, type=0x2) returned 0x900010
[0315.933] GetCurrentObject (hdc=0x1f0107f4, type=0x7) returned 0x4a0507fe
[0315.934] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.934] SaveDC (hdc=0x1f0107f4) returned 1
[0315.934] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x82040807
[0315.934] GetClipRgn (hdc=0x1f0107f4, hrgn=0x82040807) returned 0
[0315.934] SelectClipRgn (hdc=0x1f0107f4, hrgn=0xfd0407de) returned 2
[0315.934] DeleteObject (ho=0x82040807) returned 1
[0315.934] DeleteObject (ho=0xfd0407de) returned 1
[0315.934] OffsetViewportOrgEx (in: hdc=0x1f0107f4, x=0, y=0, lppt=0x2e12334 | out: lppt=0x2e12334) returned 1
[0315.934] IsAppThemed () returned 0x1
[0315.934] GetThemeAppProperties () returned 0x3
[0315.934] GetThemeAppProperties () returned 0x3
[0315.934] GetThemeBackgroundContentRect () returned 0x0
[0315.934] RestoreDC (hdc=0x1f0107f4, nSavedDC=-1) returned 1
[0315.934] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107f4) returned 0x0
[0315.934] IsAppThemed () returned 0x1
[0315.934] GetThemeAppProperties () returned 0x3
[0315.970] GetThemeAppProperties () returned 0x3
[0315.970] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0315.970] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0315.970] GetCurrentObject (hdc=0x1f0107f4, type=0x1) returned 0xb00017
[0315.970] GetCurrentObject (hdc=0x1f0107f4, type=0x2) returned 0x900010
[0315.971] GetCurrentObject (hdc=0x1f0107f4, type=0x7) returned 0x4a0507fe
[0315.971] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.971] SaveDC (hdc=0x1f0107f4) returned 1
[0315.971] GetTextAlign (hdc=0x1f0107f4) returned 0x0
[0315.971] GetTextColor (hdc=0x1f0107f4) returned 0x0
[0315.971] GetCurrentObject (hdc=0x1f0107f4, type=0x6) returned 0x8a01c2
[0315.971] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0315.971] SelectObject (hdc=0x1f0107f4, h=0x6d0a0520) returned 0x8a01c2
[0315.971] GetBkMode (hdc=0x1f0107f4) returned 2
[0315.971] SetBkMode (hdc=0x1f0107f4, mode=1) returned 2
[0315.971] DrawTextExW (in: hdc=0x1f0107f4, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e126d4 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0315.971] DrawTextExW (in: hdc=0x1f0107f4, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e126d4 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0315.972] RestoreDC (hdc=0x1f0107f4, nSavedDC=-1) returned 1
[0315.972] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107f4) returned 0x0
[0315.972] GetFocus () returned 0x3b02d8
[0315.972] IsAppThemed () returned 0x1
[0315.972] GetThemeAppProperties () returned 0x3
[0315.972] GetThemeAppProperties () returned 0x3
[0315.972] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0315.972] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x1f0107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0315.972] GdipReleaseDC (graphics=0x6600030, hdc=0x1f0107f4) returned 0x0
[0315.972] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.972] SelectObject (hdc=0x1f0107f4, h=0x85000f) returned 0x4a0507fe
[0315.972] DeleteDC (hdc=0x1f0107f4) returned 1
[0315.972] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0315.972] EndPaint (hWnd=0x3902de, lpPaint=0xd7e24c) returned 1
[0315.972] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0315.973] IsWindowUnicode (hWnd=0x30122) returned 1
[0315.973] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.973] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0315.974] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.974] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.974] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0315.975] IsWindowUnicode (hWnd=0x30122) returned 1
[0315.975] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.975] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.975] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.976] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.976] IsWindowUnicode (hWnd=0x602c4) returned 1
[0315.976] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0315.976] TranslateMessage (lpMsg=0xd7e808) returned 0
[0315.976] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0315.976] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0315.976] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.976] CreateCompatibleDC (hdc=0x10105d6) returned 0x210107f4
[0315.976] SelectObject (hdc=0x210107f4, h=0x4a0507fe) returned 0x85000f
[0315.977] GdipCreateFromHDC (hdc=0x210107f4, graphics=0xd7e268) returned 0x0
[0315.977] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0315.977] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0315.977] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0315.977] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0315.977] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e2c8) returned 0x0
[0315.977] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.977] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0315.977] LocalFree (hMem=0x11ee788) returned 0x0
[0315.977] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0315.977] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0315.977] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.977] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0315.977] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0315.977] GdipRestoreGraphics (graphics=0x6600030, state=0xf4e00dbd) returned 0x0
[0315.977] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.977] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0315.977] GetCurrentObject (hdc=0x210107f4, type=0x1) returned 0xb00017
[0315.978] GetCurrentObject (hdc=0x210107f4, type=0x2) returned 0x900010
[0315.978] GetCurrentObject (hdc=0x210107f4, type=0x7) returned 0x4a0507fe
[0315.978] GetCurrentObject (hdc=0x210107f4, type=0x6) returned 0x8a01c2
[0315.978] SaveDC (hdc=0x210107f4) returned 1
[0315.978] GetNearestColor (hdc=0x210107f4, color=0xff) returned 0xff
[0315.978] GetNearestColor (hdc=0x210107f4, color=0x55) returned 0x55
[0315.978] GetNearestColor (hdc=0x210107f4, color=0x0) returned 0x0
[0315.978] GetNearestColor (hdc=0x210107f4, color=0x55) returned 0x55
[0315.978] GetNearestColor (hdc=0x210107f4, color=0x0) returned 0x0
[0315.978] GetNearestColor (hdc=0x210107f4, color=0x8080ff) returned 0x8080ff
[0315.978] GetNearestColor (hdc=0x210107f4, color=0x7373e5) returned 0x7373e5
[0315.978] GetNearestColor (hdc=0x210107f4, color=0xe5) returned 0xe5
[0315.978] GetNearestColor (hdc=0x210107f4, color=0x0) returned 0x0
[0315.978] RestoreDC (hdc=0x210107f4, nSavedDC=-1) returned 1
[0315.978] GdipReleaseDC (graphics=0x6600030, hdc=0x210107f4) returned 0x0
[0315.978] IsAppThemed () returned 0x1
[0315.978] GetThemeAppProperties () returned 0x3
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] IsAppThemed () returned 0x1
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e12e9c | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0315.979] IsAppThemed () returned 0x1
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] IsAppThemed () returned 0x1
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] GetFocus () returned 0x3b02d8
[0315.979] IsAppThemed () returned 0x1
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] IsAppThemed () returned 0x1
[0315.979] GetThemeAppProperties () returned 0x3
[0315.979] GetThemeAppProperties () returned 0x3
[0315.980] IsThemePartDefined () returned 0x1
[0315.980] IsAppThemed () returned 0x1
[0315.980] GetThemeAppProperties () returned 0x3
[0315.980] GetThemeAppProperties () returned 0x3
[0315.980] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0315.980] IsAppThemed () returned 0x1
[0315.980] GetThemeAppProperties () returned 0x3
[0315.980] GetThemeAppProperties () returned 0x3
[0315.980] IsAppThemed () returned 0x1
[0315.980] GetThemeAppProperties () returned 0x3
[0315.980] GetThemeAppProperties () returned 0x3
[0315.980] IsThemePartDefined () returned 0x1
[0315.980] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0315.980] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0315.980] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0315.980] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0315.980] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dff0) returned 0x0
[0315.980] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0315.980] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee910) returned 0x0
[0315.980] LocalFree (hMem=0x11ee910) returned 0x0
[0315.980] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0315.980] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee788) returned 0x0
[0315.980] LocalFree (hMem=0x11ee788) returned 0x0
[0315.980] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0315.980] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0315.980] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0315.981] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0315.981] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.981] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0315.981] GetCurrentObject (hdc=0x210107f4, type=0x1) returned 0xb00017
[0315.981] GetCurrentObject (hdc=0x210107f4, type=0x2) returned 0x900010
[0315.981] GetCurrentObject (hdc=0x210107f4, type=0x7) returned 0x4a0507fe
[0315.981] GetCurrentObject (hdc=0x210107f4, type=0x6) returned 0x8a01c2
[0315.981] SaveDC (hdc=0x210107f4) returned 1
[0315.981] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xfe0407de
[0315.981] GetClipRgn (hdc=0x210107f4, hrgn=0xfe0407de) returned 0
[0315.981] SelectClipRgn (hdc=0x210107f4, hrgn=0x86040807) returned 2
[0315.981] DeleteObject (ho=0xfe0407de) returned 1
[0315.986] DeleteObject (ho=0x86040807) returned 1
[0315.986] OffsetViewportOrgEx (in: hdc=0x210107f4, x=0, y=0, lppt=0x2e1354c | out: lppt=0x2e1354c) returned 1
[0315.986] DrawThemeParentBackground () returned 0x0
[0315.986] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0315.986] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0315.986] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.986] GetSystemMetrics (nIndex=42) returned 0
[0315.986] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.986] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0315.987] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0315.987] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0315.987] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0315.987] SelectPalette (hdc=0x210107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.987] GdipCreateFromHDC (hdc=0x210107f4, graphics=0xd7dac8) returned 0x0
[0315.987] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0315.987] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0315.987] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638b18) returned 0x0
[0315.987] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7daa0) returned 0x0
[0315.987] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0315.987] GdipCreateRegion (region=0xd7da88) returned 0x0
[0315.987] GdipGetClip (graphics=0x66376e0, region=0x66467a8) returned 0x0
[0315.987] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x66376e0, result=0xd7da94) returned 0x0
[0315.987] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0315.987] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dac0) returned 0x0
[0315.987] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0315.993] GdipFillRectangleI (graphics=0x66376e0, brush=0x664dc88, x=0, y=0, width=801, height=453) returned 0x0
[0315.993] GdipDeleteBrush (brush=0x664dc88) returned 0x0
[0315.995] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0315.995] SelectPalette (hdc=0x210107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0315.995] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0315.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0315.995] GetSystemMetrics (nIndex=42) returned 0
[0315.995] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0315.995] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0315.995] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0315.995] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0315.995] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0315.995] SelectPalette (hdc=0x210107f4, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0315.995] GdipCreateFromHDC (hdc=0x210107f4, graphics=0xd7da68) returned 0x0
[0315.995] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0315.995] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0315.995] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638ae8) returned 0x0
[0315.995] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7da40) returned 0x0
[0315.996] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0315.996] GdipCreateRegion (region=0xd7da28) returned 0x0
[0315.996] GdipGetClip (graphics=0x66376e0, region=0x66463b8) returned 0x0
[0315.996] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x66376e0, result=0xd7da34) returned 0x0
[0315.996] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0315.996] GdipSaveGraphics (graphics=0x66376e0, state=0xd7da60) returned 0x0
[0315.996] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0316.007] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e2a0, x=0, y=0, width=801, height=453) returned 0x0
[0316.007] GdipDeleteBrush (brush=0x664e2a0) returned 0x0
[0316.008] GdipRestoreGraphics (graphics=0x66376e0, state=0xf4dc0dbd) returned 0x0
[0316.008] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0316.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.008] GetSystemMetrics (nIndex=42) returned 0
[0316.008] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.008] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0316.008] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0316.008] SelectPalette (hdc=0x210107f4, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0316.009] RestoreDC (hdc=0x210107f4, nSavedDC=-1) returned 1
[0316.009] GdipReleaseDC (graphics=0x6600030, hdc=0x210107f4) returned 0x0
[0316.009] IsAppThemed () returned 0x1
[0316.009] GetThemeAppProperties () returned 0x3
[0316.009] GetThemeAppProperties () returned 0x3
[0316.009] IsAppThemed () returned 0x1
[0316.009] GetThemeAppProperties () returned 0x3
[0316.009] GetThemeAppProperties () returned 0x3
[0316.009] IsThemePartDefined () returned 0x1
[0316.009] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0316.009] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0316.009] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0316.009] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0316.009] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df74) returned 0x0
[0316.009] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0316.009] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11ee8d8) returned 0x0
[0316.009] LocalFree (hMem=0x11ee8d8) returned 0x0
[0316.009] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0316.009] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eecc8) returned 0x0
[0316.010] LocalFree (hMem=0x11eecc8) returned 0x0
[0316.010] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0316.010] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0316.010] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0316.010] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0316.010] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0316.010] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0316.010] GetCurrentObject (hdc=0x210107f4, type=0x1) returned 0xb00017
[0316.010] GetCurrentObject (hdc=0x210107f4, type=0x2) returned 0x900010
[0316.010] GetCurrentObject (hdc=0x210107f4, type=0x7) returned 0x4a0507fe
[0316.010] GetCurrentObject (hdc=0x210107f4, type=0x6) returned 0x8a01c2
[0316.010] SaveDC (hdc=0x210107f4) returned 1
[0316.010] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x87040807
[0316.010] GetClipRgn (hdc=0x210107f4, hrgn=0x87040807) returned 0
[0316.010] SelectClipRgn (hdc=0x210107f4, hrgn=0x407de) returned 2
[0316.010] DeleteObject (ho=0x87040807) returned 1
[0316.010] DeleteObject (ho=0x407de) returned 1
[0316.010] OffsetViewportOrgEx (in: hdc=0x210107f4, x=0, y=0, lppt=0x2e19d9c | out: lppt=0x2e19d9c) returned 1
[0316.010] IsAppThemed () returned 0x1
[0316.010] GetThemeAppProperties () returned 0x3
[0316.010] GetThemeAppProperties () returned 0x3
[0316.011] DrawThemeBackground () returned 0x0
[0316.011] RestoreDC (hdc=0x210107f4, nSavedDC=-1) returned 1
[0316.011] GdipReleaseDC (graphics=0x6600030, hdc=0x210107f4) returned 0x0
[0316.011] GdipCreateRegion (region=0xd7df60) returned 0x0
[0316.011] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0316.011] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0316.011] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0316.011] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7df78) returned 0x0
[0316.011] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0316.011] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0316.011] LocalFree (hMem=0x11ee788) returned 0x0
[0316.011] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0316.011] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11ee788) returned 0x0
[0316.011] LocalFree (hMem=0x11ee788) returned 0x0
[0316.011] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0316.011] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0316.011] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7df90) returned 0x0
[0316.011] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0316.011] GdipDeleteRegion (region=0x6646838) returned 0x0
[0316.011] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0316.011] GetCurrentObject (hdc=0x210107f4, type=0x1) returned 0xb00017
[0316.011] GetCurrentObject (hdc=0x210107f4, type=0x2) returned 0x900010
[0316.011] GetCurrentObject (hdc=0x210107f4, type=0x7) returned 0x4a0507fe
[0316.012] GetCurrentObject (hdc=0x210107f4, type=0x6) returned 0x8a01c2
[0316.012] SaveDC (hdc=0x210107f4) returned 1
[0316.012] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x10407de
[0316.012] GetClipRgn (hdc=0x210107f4, hrgn=0x10407de) returned 0
[0316.012] SelectClipRgn (hdc=0x210107f4, hrgn=0x88040807) returned 2
[0316.012] DeleteObject (ho=0x10407de) returned 1
[0316.012] DeleteObject (ho=0x88040807) returned 1
[0316.012] OffsetViewportOrgEx (in: hdc=0x210107f4, x=0, y=0, lppt=0x2e1a070 | out: lppt=0x2e1a070) returned 1
[0316.012] IsAppThemed () returned 0x1
[0316.012] GetThemeAppProperties () returned 0x3
[0316.012] GetThemeAppProperties () returned 0x3
[0316.012] GetThemeBackgroundContentRect () returned 0x0
[0316.012] RestoreDC (hdc=0x210107f4, nSavedDC=-1) returned 1
[0316.012] GdipReleaseDC (graphics=0x6600030, hdc=0x210107f4) returned 0x0
[0316.012] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0316.012] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0316.012] GdipFillRectangleI (graphics=0x6600030, brush=0x66376e0, x=4, y=4, width=67, height=15) returned 0x0
[0316.012] GdipDeleteBrush (brush=0x66376e0) returned 0x0
[0316.013] IsAppThemed () returned 0x1
[0316.013] GetThemeAppProperties () returned 0x3
[0316.013] GetThemeAppProperties () returned 0x3
[0316.013] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0316.013] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0316.013] GetCurrentObject (hdc=0x210107f4, type=0x1) returned 0xb00017
[0316.013] GetCurrentObject (hdc=0x210107f4, type=0x2) returned 0x900010
[0316.013] GetCurrentObject (hdc=0x210107f4, type=0x7) returned 0x4a0507fe
[0316.013] GetCurrentObject (hdc=0x210107f4, type=0x6) returned 0x8a01c2
[0316.013] SaveDC (hdc=0x210107f4) returned 1
[0316.013] GetTextAlign (hdc=0x210107f4) returned 0x0
[0316.013] GetTextColor (hdc=0x210107f4) returned 0x0
[0316.013] GetCurrentObject (hdc=0x210107f4, type=0x6) returned 0x8a01c2
[0316.013] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0316.014] SelectObject (hdc=0x210107f4, h=0x6d0a0520) returned 0x8a01c2
[0316.014] GetBkMode (hdc=0x210107f4) returned 2
[0316.014] SetBkMode (hdc=0x210107f4, mode=1) returned 2
[0316.014] DrawTextExW (in: hdc=0x210107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e1a434 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0316.014] DrawTextExW (in: hdc=0x210107f4, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e1a434 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0316.014] RestoreDC (hdc=0x210107f4, nSavedDC=-1) returned 1
[0316.014] GdipReleaseDC (graphics=0x6600030, hdc=0x210107f4) returned 0x0
[0316.014] GetFocus () returned 0x3b02d8
[0316.014] IsAppThemed () returned 0x1
[0316.015] GetThemeAppProperties () returned 0x3
[0316.015] GetThemeAppProperties () returned 0x3
[0316.015] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0316.015] BitBlt (hdc=0x10105d6, x=0, y=0, cx=75, cy=23, hdcSrc=0x210107f4, x1=0, y1=0, rop=0xcc0020) returned 1
[0316.015] GdipReleaseDC (graphics=0x6600030, hdc=0x210107f4) returned 0x0
[0316.015] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0316.015] SelectObject (hdc=0x210107f4, h=0x85000f) returned 0x4a0507fe
[0316.015] DeleteDC (hdc=0x210107f4) returned 1
[0316.015] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0316.015] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0316.015] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.015] IsWindowUnicode (hWnd=0x2f02ce) returned 1
[0316.015] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.015] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.015] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.015] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.016] IsWindowUnicode (hWnd=0x2f02ce) returned 1
[0316.016] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.016] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.016] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.016] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x2a1, wParam=0x0, lParam=0x60049) returned 0x0
[0316.016] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.016] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.016] WaitMessage () returned 1
[0316.021] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.021] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.022] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.022] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.022] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.022] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.022] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.022] WaitMessage () returned 1
[0316.023] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.023] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.023] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.023] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.023] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.024] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.024] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.024] WaitMessage () returned 1
[0316.024] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.024] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.025] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.025] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.025] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.026] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.026] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.026] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.026] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.026] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.026] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.026] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.026] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.026] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.027] WaitMessage () returned 1
[0316.027] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.027] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.027] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.027] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.027] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.032] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.032] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.032] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.032] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.032] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.033] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.033] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.033] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.033] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.033] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.033] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.033] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.033] WaitMessage () returned 1
[0316.035] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.035] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.035] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.035] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.035] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.036] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.037] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.037] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.037] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.037] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.037] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.037] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.037] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.037] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.037] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.038] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.038] WaitMessage () returned 1
[0316.038] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.038] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.038] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.038] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.038] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.039] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.039] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.039] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.039] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.039] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.040] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.040] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.040] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.040] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.040] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0316.040] WaitMessage () returned 1
[0316.125] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.125] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.125] IsWindowUnicode (hWnd=0x2f02ce) returned 1
[0316.125] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.125] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.125] GetDlgItem (hDlg=0x3902dc, nIDDlgItem=0) returned 0x0
[0316.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x210, wParam=0x201, lParam=0x64012a) returned 0x0
[0316.125] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x21, wParam=0x3902dc, lParam=0x2010001) returned 0x1
[0316.125] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x21, wParam=0x3902dc, lParam=0x2010001) returned 0x1
[0316.126] SetCursor (hCursor=0x10003) returned 0x10003
[0316.126] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.126] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.126] GetKeyState (nVirtKey=1) returned -127
[0316.126] GetKeyState (nVirtKey=2) returned 0
[0316.126] GetKeyState (nVirtKey=4) returned 0
[0316.126] GetKeyState (nVirtKey=5) returned 0
[0316.126] GetKeyState (nVirtKey=6) returned 0
[0316.126] IsWindowVisible (hWnd=0x2f02ce) returned 1
[0316.126] IsWindowEnabled (hWnd=0x2f02ce) returned 1
[0316.126] SetFocus (hWnd=0x2f02ce) returned 0x3b02d8
[0316.126] GetFocus () returned 0x2f02ce
[0316.127] IsChild (hWndParent=0x3902dc, hWnd=0x2f02ce) returned 1
[0316.127] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x8, wParam=0x2f02ce, lParam=0x0) returned 0x0
[0316.127] GetCapture () returned 0x0
[0316.127] InvalidateRect (hWnd=0x3b02d8, lpRect=0x0, bErase=0) returned 1
[0316.127] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0316.129] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0316.130] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0316.130] InvalidateRect (hWnd=0x3b02d8, lpRect=0x0, bErase=0) returned 1
[0316.130] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0316.130] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x7, wParam=0x3b02d8, lParam=0x0) returned 0x0
[0316.130] GetStockObject (i=5) returned 0x900015
[0316.130] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0316.130] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0316.130] GetDlgItem (hDlg=0x3902dc, nIDDlgItem=3080910) returned 0x2f02ce
[0316.130] SendMessageW (hWnd=0x2f02ce, Msg=0x202b, wParam=0x2f02ce, lParam=0xd7dddc) returned 0x0
[0316.131] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x202b, wParam=0x2f02ce, lParam=0xd7dddc) returned 0x0
[0316.131] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0316.132] GetFocus () returned 0x2f02ce
[0316.132] GetFocus () returned 0x2f02ce
[0316.132] GetFocus () returned 0x2f02ce
[0316.132] GetKeyState (nVirtKey=1) returned -127
[0316.132] GetKeyState (nVirtKey=2) returned 0
[0316.132] GetKeyState (nVirtKey=4) returned 0
[0316.132] GetKeyState (nVirtKey=5) returned 0
[0316.132] GetKeyState (nVirtKey=6) returned 0
[0316.132] GetCapture () returned 0x0
[0316.132] SetCapture (hWnd=0x2f02ce) returned 0x0
[0316.132] GetKeyState (nVirtKey=1) returned -127
[0316.132] GetKeyState (nVirtKey=2) returned 0
[0316.132] GetKeyState (nVirtKey=4) returned 0
[0316.132] GetKeyState (nVirtKey=5) returned 0
[0316.132] GetKeyState (nVirtKey=6) returned 0
[0316.132] NotifyWinEvent (event=0x800a, hwnd=0x2f02ce, idObject=-4, idChild=0)
[0316.132] InvalidateRect (hWnd=0x2f02ce, lpRect=0xd7e430, bErase=0) returned 1
[0316.132] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.133] IsWindowUnicode (hWnd=0x2f02ce) returned 1
[0316.133] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.133] TranslateMessage (lpMsg=0xd7e808) returned 0
[0316.133] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0316.133] MapWindowPoints (in: hWndFrom=0x2f02ce, hWndTo=0x0, lpPoints=0x2e1a720, cPoints=0x1 | out: lpPoints=0x2e1a720) returned 30999254
[0316.133] NotifyWinEvent (event=0x800a, hwnd=0x2f02ce, idObject=-4, idChild=0)
[0316.133] InvalidateRect (hWnd=0x2f02ce, lpRect=0xd7e3d0, bErase=0) returned 1
[0316.133] UpdateWindow (hWnd=0x2f02ce) returned 1
[0316.133] BeginPaint (in: hWnd=0x2f02ce, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0xf0105ee
[0316.133] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0316.133] CreateCompatibleDC (hdc=0xf0105ee) returned 0xc80107f9
[0316.133] SelectObject (hdc=0xc80107f9, h=0x4a0507fe) returned 0x85000f
[0316.133] GdipCreateFromHDC (hdc=0xc80107f9, graphics=0xd7df00) returned 0x0
[0316.133] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0316.133] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0316.133] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0316.134] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0316.134] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df60) returned 0x0
[0316.134] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0316.134] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eea28) returned 0x0
[0316.134] LocalFree (hMem=0x11eea28) returned 0x0
[0316.134] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0316.134] GdipCreateRegion (region=0xd7df48) returned 0x0
[0316.134] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0316.134] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7df54) returned 0x0
[0316.134] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0316.134] GdipRestoreGraphics (graphics=0x6600030, state=0xf4da0dbd) returned 0x0
[0316.134] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0316.134] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0316.134] GetCurrentObject (hdc=0xc80107f9, type=0x1) returned 0xb00017
[0316.134] GetCurrentObject (hdc=0xc80107f9, type=0x2) returned 0x900010
[0316.134] GetCurrentObject (hdc=0xc80107f9, type=0x7) returned 0x4a0507fe
[0316.134] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.134] SaveDC (hdc=0xc80107f9) returned 1
[0316.134] GetNearestColor (hdc=0xc80107f9, color=0xf0f0f0) returned 0xf0f0f0
[0316.134] GetNearestColor (hdc=0xc80107f9, color=0xa0a0a0) returned 0xa0a0a0
[0316.134] GetNearestColor (hdc=0xc80107f9, color=0x696969) returned 0x696969
[0316.135] GetNearestColor (hdc=0xc80107f9, color=0xa0a0a0) returned 0xa0a0a0
[0316.135] GetNearestColor (hdc=0xc80107f9, color=0x0) returned 0x0
[0316.135] GetNearestColor (hdc=0xc80107f9, color=0xffffff) returned 0xffffff
[0316.135] GetNearestColor (hdc=0xc80107f9, color=0xe5e5e5) returned 0xe5e5e5
[0316.135] GetNearestColor (hdc=0xc80107f9, color=0xd7d7d7) returned 0xd7d7d7
[0316.135] GetNearestColor (hdc=0xc80107f9, color=0x0) returned 0x0
[0316.135] RestoreDC (hdc=0xc80107f9, nSavedDC=-1) returned 1
[0316.135] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107f9) returned 0x0
[0316.135] IsAppThemed () returned 0x1
[0316.135] GetThemeAppProperties () returned 0x3
[0316.135] GetThemeAppProperties () returned 0x3
[0316.135] IsAppThemed () returned 0x1
[0316.135] GetThemeAppProperties () returned 0x3
[0316.135] GetThemeAppProperties () returned 0x3
[0316.135] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e1ae78 | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0316.135] IsAppThemed () returned 0x1
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] IsAppThemed () returned 0x1
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] IsAppThemed () returned 0x1
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] IsAppThemed () returned 0x1
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] IsThemePartDefined () returned 0x1
[0316.136] IsAppThemed () returned 0x1
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0316.136] IsAppThemed () returned 0x1
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] IsAppThemed () returned 0x1
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] GetThemeAppProperties () returned 0x3
[0316.136] IsThemePartDefined () returned 0x1
[0316.136] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0316.136] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0316.136] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0316.136] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0316.136] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc7c) returned 0x0
[0316.137] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0316.137] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee788) returned 0x0
[0316.137] LocalFree (hMem=0x11ee788) returned 0x0
[0316.137] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0316.137] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0316.137] LocalFree (hMem=0x11eec58) returned 0x0
[0316.137] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0316.137] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0316.137] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0316.137] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0316.137] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0316.137] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0316.137] GetCurrentObject (hdc=0xc80107f9, type=0x1) returned 0xb00017
[0316.137] GetCurrentObject (hdc=0xc80107f9, type=0x2) returned 0x900010
[0316.137] GetCurrentObject (hdc=0xc80107f9, type=0x7) returned 0x4a0507fe
[0316.137] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.137] SaveDC (hdc=0xc80107f9) returned 1
[0316.137] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x89040807
[0316.137] GetClipRgn (hdc=0xc80107f9, hrgn=0x89040807) returned 0
[0316.140] SelectClipRgn (hdc=0xc80107f9, hrgn=0x50407de) returned 2
[0316.140] DeleteObject (ho=0x89040807) returned 1
[0316.140] DeleteObject (ho=0x50407de) returned 1
[0316.140] OffsetViewportOrgEx (in: hdc=0xc80107f9, x=0, y=0, lppt=0x2e1b528 | out: lppt=0x2e1b528) returned 1
[0316.140] DrawThemeParentBackground () returned 0x0
[0316.141] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0316.141] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0316.141] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0316.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.141] GetSystemMetrics (nIndex=42) returned 0
[0316.141] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0316.141] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0316.141] GetCurrentObject (hdc=0xc80107f9, type=0x1) returned 0xb00017
[0316.141] GetCurrentObject (hdc=0xc80107f9, type=0x2) returned 0x900010
[0316.141] GetCurrentObject (hdc=0xc80107f9, type=0x7) returned 0x4a0507fe
[0316.141] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.141] SaveDC (hdc=0xc80107f9) returned 2
[0316.141] GetNearestColor (hdc=0xc80107f9, color=0xf0f0f0) returned 0xf0f0f0
[0316.141] CreateSolidBrush (color=0xf0f0f0) returned 0x9d1007e1
[0316.141] FillRect (hDC=0xc80107f9, lprc=0xd7d6c8, hbr=0x9d1007e1) returned 1
[0316.141] DeleteObject (ho=0x9d1007e1) returned 1
[0316.141] RestoreDC (hdc=0xc80107f9, nSavedDC=-1) returned 1
[0316.141] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0316.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.141] GetSystemMetrics (nIndex=42) returned 0
[0316.141] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.141] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0316.142] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0316.142] GetCurrentObject (hdc=0xc80107f9, type=0x1) returned 0xb00017
[0316.142] GetCurrentObject (hdc=0xc80107f9, type=0x2) returned 0x900010
[0316.142] GetCurrentObject (hdc=0xc80107f9, type=0x7) returned 0x4a0507fe
[0316.142] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.142] SaveDC (hdc=0xc80107f9) returned 2
[0316.142] GetNearestColor (hdc=0xc80107f9, color=0xf0f0f0) returned 0xf0f0f0
[0316.142] CreateSolidBrush (color=0xf0f0f0) returned 0x9e1007e1
[0316.142] FillRect (hDC=0xc80107f9, lprc=0xd7d668, hbr=0x9e1007e1) returned 1
[0316.142] DeleteObject (ho=0x9e1007e1) returned 1
[0316.142] RestoreDC (hdc=0xc80107f9, nSavedDC=-1) returned 1
[0316.142] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0316.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.142] GetSystemMetrics (nIndex=42) returned 0
[0316.142] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.142] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0316.142] RestoreDC (hdc=0xc80107f9, nSavedDC=-1) returned 1
[0316.142] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107f9) returned 0x0
[0316.142] IsAppThemed () returned 0x1
[0316.142] GetThemeAppProperties () returned 0x3
[0316.142] GetThemeAppProperties () returned 0x3
[0316.143] IsAppThemed () returned 0x1
[0316.143] GetThemeAppProperties () returned 0x3
[0316.143] GetThemeAppProperties () returned 0x3
[0316.143] IsThemePartDefined () returned 0x1
[0316.143] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0316.143] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0316.143] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0316.143] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0316.143] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7dc00) returned 0x0
[0316.143] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee788) returned 0x0
[0316.143] LocalFree (hMem=0x11ee788) returned 0x0
[0316.143] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee9f0) returned 0x0
[0316.143] LocalFree (hMem=0x11ee9f0) returned 0x0
[0316.143] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0316.143] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0316.143] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0316.143] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0316.143] GdipDeleteRegion (region=0x6646838) returned 0x0
[0316.143] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0316.143] GetCurrentObject (hdc=0xc80107f9, type=0x1) returned 0xb00017
[0316.143] GetCurrentObject (hdc=0xc80107f9, type=0x2) returned 0x900010
[0316.143] GetCurrentObject (hdc=0xc80107f9, type=0x7) returned 0x4a0507fe
[0316.143] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.143] SaveDC (hdc=0xc80107f9) returned 1
[0316.144] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x60407de
[0316.144] GetClipRgn (hdc=0xc80107f9, hrgn=0x60407de) returned 0
[0316.144] SelectClipRgn (hdc=0xc80107f9, hrgn=0x8b040807) returned 2
[0316.144] DeleteObject (ho=0x60407de) returned 1
[0316.144] DeleteObject (ho=0x8b040807) returned 1
[0316.144] OffsetViewportOrgEx (in: hdc=0xc80107f9, x=0, y=0, lppt=0x2e1bdd4 | out: lppt=0x2e1bdd4) returned 1
[0316.144] IsAppThemed () returned 0x1
[0316.144] GetThemeAppProperties () returned 0x3
[0316.144] GetThemeAppProperties () returned 0x3
[0316.144] DrawThemeBackground () returned 0x0
[0316.144] RestoreDC (hdc=0xc80107f9, nSavedDC=-1) returned 1
[0316.144] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107f9) returned 0x0
[0316.144] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0316.144] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0316.144] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0316.144] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0316.144] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7dc04) returned 0x0
[0316.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0316.144] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0316.144] LocalFree (hMem=0x11ee9f0) returned 0x0
[0316.144] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0316.144] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0316.145] LocalFree (hMem=0x11ee868) returned 0x0
[0316.145] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0316.145] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0316.145] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0316.145] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0316.145] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0316.145] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0316.145] GetCurrentObject (hdc=0xc80107f9, type=0x1) returned 0xb00017
[0316.145] GetCurrentObject (hdc=0xc80107f9, type=0x2) returned 0x900010
[0316.145] GetCurrentObject (hdc=0xc80107f9, type=0x7) returned 0x4a0507fe
[0316.145] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.145] SaveDC (hdc=0xc80107f9) returned 1
[0316.145] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x8c040807
[0316.145] GetClipRgn (hdc=0xc80107f9, hrgn=0x8c040807) returned 0
[0316.145] SelectClipRgn (hdc=0xc80107f9, hrgn=0x70407de) returned 2
[0316.145] DeleteObject (ho=0x8c040807) returned 1
[0316.145] DeleteObject (ho=0x70407de) returned 1
[0316.145] OffsetViewportOrgEx (in: hdc=0xc80107f9, x=0, y=0, lppt=0x2e1c0a8 | out: lppt=0x2e1c0a8) returned 1
[0316.145] IsAppThemed () returned 0x1
[0316.145] GetThemeAppProperties () returned 0x3
[0316.145] GetThemeAppProperties () returned 0x3
[0316.145] GetThemeBackgroundContentRect () returned 0x0
[0316.145] RestoreDC (hdc=0xc80107f9, nSavedDC=-1) returned 1
[0316.146] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107f9) returned 0x0
[0316.146] IsAppThemed () returned 0x1
[0316.146] GetThemeAppProperties () returned 0x3
[0316.146] GetThemeAppProperties () returned 0x3
[0316.146] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0316.146] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0316.146] GetCurrentObject (hdc=0xc80107f9, type=0x1) returned 0xb00017
[0316.146] GetCurrentObject (hdc=0xc80107f9, type=0x2) returned 0x900010
[0316.146] GetCurrentObject (hdc=0xc80107f9, type=0x7) returned 0x4a0507fe
[0316.146] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.146] SaveDC (hdc=0xc80107f9) returned 1
[0316.146] GetTextAlign (hdc=0xc80107f9) returned 0x0
[0316.146] GetTextColor (hdc=0xc80107f9) returned 0x0
[0316.146] GetCurrentObject (hdc=0xc80107f9, type=0x6) returned 0x8a01c2
[0316.146] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0316.146] SelectObject (hdc=0xc80107f9, h=0x6d0a0520) returned 0x8a01c2
[0316.146] GetBkMode (hdc=0xc80107f9) returned 2
[0316.146] SetBkMode (hdc=0xc80107f9, mode=1) returned 2
[0316.147] DrawTextExW (in: hdc=0xc80107f9, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e1c448 | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0316.147] DrawTextExW (in: hdc=0xc80107f9, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e1c448 | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0316.147] RestoreDC (hdc=0xc80107f9, nSavedDC=-1) returned 1
[0316.147] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107f9) returned 0x0
[0316.147] GetFocus () returned 0x2f02ce
[0316.147] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0316.147] SendMessageW (hWnd=0x3902dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0316.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0316.147] IsAppThemed () returned 0x1
[0316.147] GetThemeAppProperties () returned 0x3
[0316.147] GetThemeAppProperties () returned 0x3
[0316.147] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0316.147] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xc80107f9, x1=0, y1=0, rop=0xcc0020) returned 1
[0316.148] GdipReleaseDC (graphics=0x6600030, hdc=0xc80107f9) returned 0x0
[0316.148] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0316.148] SelectObject (hdc=0xc80107f9, h=0x85000f) returned 0x4a0507fe
[0316.148] DeleteDC (hdc=0xc80107f9) returned 1
[0316.148] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0316.148] EndPaint (hWnd=0x2f02ce, lpPaint=0xd7dee4) returned 1
[0316.148] MapWindowPoints (in: hWndFrom=0x2f02ce, hWndTo=0x0, lpPoints=0x2e1c544, cPoints=0x1 | out: lpPoints=0x2e1c544) returned 30999254
[0316.148] WindowFromPoint (Point=0x31f) returned 0x2f02ce
[0316.148] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.148] NotifyWinEvent (event=0x800a, hwnd=0x2f02ce, idObject=-4, idChild=0)
[0316.148] NotifyWinEvent (event=0x800c, hwnd=0x2f02ce, idObject=-4, idChild=0)
[0316.148] GetCapture () returned 0x2f02ce
[0316.148] ReleaseCapture () returned 1
[0316.148] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0316.149] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0316.149] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.149] IsWindow (hWnd=0x7005c) returned 1
[0316.149] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0316.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0316.150] IsWindow (hWnd=0x3902dc) returned 1
[0316.150] SetActiveWindow (hWnd=0x3902dc) returned 0x3902dc
[0316.150] IsWindow (hWnd=0x3902dc) returned 1
[0316.150] SetFocus (hWnd=0x3902dc) returned 0x2f02ce
[0316.150] GetFocus () returned 0x3902dc
[0316.150] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x8, wParam=0x3902dc, lParam=0x0) returned 0x0
[0316.150] GetCapture () returned 0x0
[0316.150] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0316.151] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0316.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0316.155] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0316.155] GetFocus () returned 0x3902dc
[0316.155] SetFocus (hWnd=0x2f02ce) returned 0x3902dc
[0316.155] GetFocus () returned 0x2f02ce
[0316.155] IsChild (hWndParent=0x3902dc, hWnd=0x2f02ce) returned 1
[0316.155] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x8, wParam=0x2f02ce, lParam=0x0) returned 0x0
[0316.156] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0316.157] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0316.158] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0316.158] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x7, wParam=0x3902dc, lParam=0x0) returned 0x0
[0316.158] GetStockObject (i=5) returned 0x900015
[0316.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0316.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0xd, wParam=0xa, lParam=0x11f5760) returned 0x9
[0316.159] GetDlgItem (hDlg=0x3902dc, nIDDlgItem=3080910) returned 0x2f02ce
[0316.159] SendMessageW (hWnd=0x2f02ce, Msg=0x202b, wParam=0x2f02ce, lParam=0xd7ddcc) returned 0x0
[0316.159] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x202b, wParam=0x2f02ce, lParam=0xd7ddcc) returned 0x0
[0316.159] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0316.160] GetWindowLongW (hWnd=0x3902dc, nIndex=-8) returned 458844
[0316.160] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0316.160] GetCurrentThreadId () returned 0xf50
[0316.160] IsWindow (hWnd=0x7005c) returned 1
[0316.161] IsWindow (hWnd=0x7005c) returned 1
[0316.161] IsWindowVisible (hWnd=0x7005c) returned 1
[0316.161] SetActiveWindow (hWnd=0x7005c) returned 0x3902dc
[0316.161] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0316.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0316.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0316.162] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0316.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0316.163] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0316.164] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0316.164] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0316.164] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0316.164] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0316.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0316.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0316.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0316.166] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3902dc) returned 0x1
[0316.168] GetFocus () returned 0x2f02ce
[0316.168] SetFocus (hWnd=0x602c4) returned 0x2f02ce
[0316.168] GetFocus () returned 0x602c4
[0316.168] IsChild (hWndParent=0x3902dc, hWnd=0x602c4) returned 0
[0316.168] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0316.168] GetCapture () returned 0x0
[0316.168] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0316.172] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0316.174] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0316.175] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0316.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0316.175] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0316.175] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0316.176] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0316.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x2f02ce, lParam=0x0) returned 0x0
[0316.176] GetStockObject (i=5) returned 0x900015
[0316.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0316.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11eda58) returned 0xc
[0316.176] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0316.176] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0316.176] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0316.176] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0316.177] GetFocus () returned 0x602c4
[0316.177] IsChild (hWndParent=0x3902dc, hWnd=0x602c4) returned 0
[0316.177] ShowWindow (hWnd=0x3902dc, nCmdShow=0) returned 1
[0316.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0316.178] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0316.179] GetWindowPlacement (in: hWnd=0x3902dc, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0316.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0316.179] GetClientRect (in: hWnd=0x3902dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0316.179] GetWindowRect (in: hWnd=0x3902dc, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0316.179] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0316.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0316.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0316.180] GetWindowLongW (hWnd=0x3902dc, nIndex=-20) returned 327945
[0316.180] DestroyWindow (hWnd=0x3902dc) returned 1
[0316.180] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0316.181] GetWindowTextLengthW (hWnd=0x3902dc) returned 13
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.181] GetSystemMetrics (nIndex=42) returned 0
[0316.181] GetWindowTextW (in: hWnd=0x3902dc, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0316.181] GetWindowTextLengthW (hWnd=0x3c00ea) returned 0
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0316.181] GetSystemMetrics (nIndex=42) returned 0
[0316.181] GetWindowTextW (in: hWnd=0x3c00ea, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0316.181] GetWindowThreadProcessId (in: hWnd=0x2e02d0, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0316.181] GetWindow (hWnd=0x2e02d0, uCmd=0x5) returned 0x0
[0316.181] GetWindowLongW (hWnd=0x2e02d0, nIndex=-20) returned 65792
[0316.181] DestroyWindow (hWnd=0x2e02d0) returned 1
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0316.181] GetWindowTextLengthW (hWnd=0x2e02d0) returned 25
[0316.181] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0316.181] GetSystemMetrics (nIndex=42) returned 0
[0316.181] GetWindowTextW (in: hWnd=0x2e02d0, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0316.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0316.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0316.182] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x2e02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.183] GetWindowTextLengthW (hWnd=0x3302c8) returned 232
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0316.183] GetSystemMetrics (nIndex=42) returned 0
[0316.183] GetWindowTextW (in: hWnd=0x3302c8, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0316.183] InvalidateRect (hWnd=0x2f02ce, lpRect=0x0, bErase=0) returned 1
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0316.183] SendMessageW (hWnd=0x3902da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0316.183] SendMessageW (hWnd=0x3902da, Msg=0xb0, wParam=0x2de6598, lParam=0xd7e480) returned 0x0
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0xb0, wParam=0x2de6598, lParam=0xd7e480) returned 0x0
[0316.183] GetWindowTextLengthW (hWnd=0x3902da) returned 4363
[0316.183] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0316.184] GetSystemMetrics (nIndex=42) returned 0
[0316.184] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0316.184] GetWindowTextW (in: hWnd=0x3902da, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0316.184] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0316.184] CoTaskMemFree (pv=0x1202960)
[0316.184] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0316.194] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3c00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.195] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3302c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3b02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.197] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x2f02ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.198] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3902de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.199] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x3902da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.202] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3902dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0316.203] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.203] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.203] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.203] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.203] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.203] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.203] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.204] IsWindowUnicode (hWnd=0x7005c) returned 1
[0316.204] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.204] SetCursor (hCursor=0x10003) returned 0x10003
[0316.204] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.204] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.204] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0316.204] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0316.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0316.204] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a0261) returned 0x0
[0316.204] GetKeyState (nVirtKey=1) returned 1
[0316.204] GetKeyState (nVirtKey=2) returned 0
[0316.204] GetKeyState (nVirtKey=4) returned 0
[0316.204] GetKeyState (nVirtKey=5) returned 0
[0316.204] GetKeyState (nVirtKey=6) returned 0
[0316.204] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.205] IsWindowUnicode (hWnd=0x7005c) returned 1
[0316.205] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.205] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.205] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.205] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.205] IsWindowUnicode (hWnd=0x7005c) returned 1
[0316.205] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.205] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1df031f) returned 0x1
[0316.206] SetCursor (hCursor=0x10003) returned 0x10003
[0316.206] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.206] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.206] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10a0261) returned 0x0
[0316.206] GetKeyState (nVirtKey=1) returned 1
[0316.206] GetKeyState (nVirtKey=2) returned 0
[0316.206] GetKeyState (nVirtKey=4) returned 0
[0316.206] GetKeyState (nVirtKey=5) returned 0
[0316.206] GetKeyState (nVirtKey=6) returned 0
[0316.206] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.206] IsWindowUnicode (hWnd=0x602c4) returned 1
[0316.206] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.206] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.206] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.207] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.207] IsWindowUnicode (hWnd=0x602c4) returned 1
[0316.207] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.207] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.207] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.207] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0316.207] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0316.208] CreateCompatibleDC (hdc=0xf0105ee) returned 0x9d0107eb
[0316.208] SelectObject (hdc=0x9d0107eb, h=0x4a0507fe) returned 0x85000f
[0316.208] GdipCreateFromHDC (hdc=0x9d0107eb, graphics=0xd7e798) returned 0x0
[0316.208] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0316.208] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0316.208] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0316.208] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0316.208] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e7f8) returned 0x0
[0316.208] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0316.208] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea28) returned 0x0
[0316.208] LocalFree (hMem=0x11eea28) returned 0x0
[0316.208] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0316.208] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0316.208] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0316.208] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0316.208] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0316.208] GdipRestoreGraphics (graphics=0x6600030, state=0xf4d80dbd) returned 0x0
[0316.209] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0316.209] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0316.209] GetCurrentObject (hdc=0x9d0107eb, type=0x1) returned 0xb00017
[0316.209] GetCurrentObject (hdc=0x9d0107eb, type=0x2) returned 0x900010
[0316.209] GetCurrentObject (hdc=0x9d0107eb, type=0x7) returned 0x4a0507fe
[0316.209] GetCurrentObject (hdc=0x9d0107eb, type=0x6) returned 0x8a01c2
[0316.209] SaveDC (hdc=0x9d0107eb) returned 1
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0xff) returned 0xff
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0x55) returned 0x55
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0x0) returned 0x0
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0x55) returned 0x55
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0x0) returned 0x0
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0x8080ff) returned 0x8080ff
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0x7373e5) returned 0x7373e5
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0xe5) returned 0xe5
[0316.209] GetNearestColor (hdc=0x9d0107eb, color=0x0) returned 0x0
[0316.209] RestoreDC (hdc=0x9d0107eb, nSavedDC=-1) returned 1
[0316.209] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107eb) returned 0x0
[0316.210] IsAppThemed () returned 0x1
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] IsAppThemed () returned 0x1
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e242b0 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0316.210] IsAppThemed () returned 0x1
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] IsAppThemed () returned 0x1
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] GetFocus () returned 0x602c4
[0316.210] IsAppThemed () returned 0x1
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] GetThemeAppProperties () returned 0x3
[0316.210] IsAppThemed () returned 0x1
[0316.210] GetThemeAppProperties () returned 0x3
[0316.211] GetThemeAppProperties () returned 0x3
[0316.211] IsThemePartDefined () returned 0x1
[0316.211] IsAppThemed () returned 0x1
[0316.211] GetThemeAppProperties () returned 0x3
[0316.211] GetThemeAppProperties () returned 0x3
[0316.211] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0316.211] IsAppThemed () returned 0x1
[0316.211] GetThemeAppProperties () returned 0x3
[0316.211] GetThemeAppProperties () returned 0x3
[0316.211] IsAppThemed () returned 0x1
[0316.211] GetThemeAppProperties () returned 0x3
[0316.211] GetThemeAppProperties () returned 0x3
[0316.211] IsThemePartDefined () returned 0x1
[0316.211] GdipCreateRegion (region=0xd7e508) returned 0x0
[0316.211] GdipGetClip (graphics=0x6600030, region=0x6646838) returned 0x0
[0316.211] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0316.211] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0316.211] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7e520) returned 0x0
[0316.211] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0316.211] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eed00) returned 0x0
[0316.211] LocalFree (hMem=0x11eed00) returned 0x0
[0316.211] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0316.211] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11eec58) returned 0x0
[0316.211] LocalFree (hMem=0x11eec58) returned 0x0
[0316.211] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0316.211] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e548) returned 0x0
[0316.212] GdipIsInfiniteRegion (region=0x6646838, graphics=0x6600030, result=0xd7e538) returned 0x0
[0316.212] GdipGetRegionHRgn (region=0x6646838, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0316.212] GdipDeleteRegion (region=0x6646838) returned 0x0
[0316.212] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0316.212] GetCurrentObject (hdc=0x9d0107eb, type=0x1) returned 0xb00017
[0316.212] GetCurrentObject (hdc=0x9d0107eb, type=0x2) returned 0x900010
[0316.212] GetCurrentObject (hdc=0x9d0107eb, type=0x7) returned 0x4a0507fe
[0316.212] GetCurrentObject (hdc=0x9d0107eb, type=0x6) returned 0x8a01c2
[0316.212] SaveDC (hdc=0x9d0107eb) returned 1
[0316.212] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x80407de
[0316.212] GetClipRgn (hdc=0x9d0107eb, hrgn=0x80407de) returned 0
[0316.212] SelectClipRgn (hdc=0x9d0107eb, hrgn=0x90040807) returned 2
[0316.212] DeleteObject (ho=0x80407de) returned 1
[0316.212] DeleteObject (ho=0x90040807) returned 1
[0316.212] OffsetViewportOrgEx (in: hdc=0x9d0107eb, x=0, y=0, lppt=0x2e24960 | out: lppt=0x2e24960) returned 1
[0316.212] DrawThemeParentBackground () returned 0x0
[0316.212] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0316.212] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0316.212] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0316.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.213] GetSystemMetrics (nIndex=42) returned 0
[0316.213] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.213] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0316.213] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0316.213] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0316.213] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0316.213] SelectPalette (hdc=0x9d0107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0316.213] GdipCreateFromHDC (hdc=0x9d0107eb, graphics=0xd7dff8) returned 0x0
[0316.213] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0316.213] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0316.213] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638a58) returned 0x0
[0316.213] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dfd0) returned 0x0
[0316.213] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0316.213] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0316.213] GdipGetClip (graphics=0x66376e0, region=0x66463b8) returned 0x0
[0316.213] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x66376e0, result=0xd7dfc4) returned 0x0
[0316.213] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0316.213] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dff0) returned 0x0
[0316.214] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0316.226] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e168, x=0, y=0, width=801, height=453) returned 0x0
[0316.226] GdipDeleteBrush (brush=0x664e168) returned 0x0
[0316.227] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0316.227] SelectPalette (hdc=0x9d0107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0316.227] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0316.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.227] GetSystemMetrics (nIndex=42) returned 0
[0316.227] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.227] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0316.227] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0316.227] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0316.227] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0316.227] SelectPalette (hdc=0x9d0107eb, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0316.227] GdipCreateFromHDC (hdc=0x9d0107eb, graphics=0xd7df98) returned 0x0
[0316.228] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0316.228] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0316.228] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638ae8) returned 0x0
[0316.228] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7df70) returned 0x0
[0316.228] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0316.228] GdipCreateRegion (region=0xd7df58) returned 0x0
[0316.228] GdipGetClip (graphics=0x66376e0, region=0x6646838) returned 0x0
[0316.228] GdipIsInfiniteRegion (region=0x6646838, graphics=0x66376e0, result=0xd7df64) returned 0x0
[0316.228] GdipDeleteRegion (region=0x6646838) returned 0x0
[0316.228] GdipSaveGraphics (graphics=0x66376e0, state=0xd7df90) returned 0x0
[0316.228] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0316.237] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e3d8, x=0, y=0, width=801, height=453) returned 0x0
[0316.237] GdipDeleteBrush (brush=0x664e3d8) returned 0x0
[0316.238] GdipRestoreGraphics (graphics=0x66376e0, state=0xf4d40dbd) returned 0x0
[0316.238] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0316.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0316.239] GetSystemMetrics (nIndex=42) returned 0
[0316.239] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0316.239] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0316.239] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0316.239] SelectPalette (hdc=0x9d0107eb, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0316.239] RestoreDC (hdc=0x9d0107eb, nSavedDC=-1) returned 1
[0316.239] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107eb) returned 0x0
[0316.239] IsAppThemed () returned 0x1
[0316.239] GetThemeAppProperties () returned 0x3
[0316.239] GetThemeAppProperties () returned 0x3
[0316.239] IsAppThemed () returned 0x1
[0316.239] GetThemeAppProperties () returned 0x3
[0316.239] GetThemeAppProperties () returned 0x3
[0316.239] IsThemePartDefined () returned 0x1
[0316.239] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0316.239] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0316.239] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0316.239] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0316.239] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e4a4) returned 0x0
[0316.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0316.240] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0316.240] LocalFree (hMem=0x11ee788) returned 0x0
[0316.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0316.240] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee788) returned 0x0
[0316.240] LocalFree (hMem=0x11ee788) returned 0x0
[0316.240] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0316.240] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0316.240] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0316.240] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0316.240] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0316.240] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0316.240] GetCurrentObject (hdc=0x9d0107eb, type=0x1) returned 0xb00017
[0316.240] GetCurrentObject (hdc=0x9d0107eb, type=0x2) returned 0x900010
[0316.240] GetCurrentObject (hdc=0x9d0107eb, type=0x7) returned 0x4a0507fe
[0316.240] GetCurrentObject (hdc=0x9d0107eb, type=0x6) returned 0x8a01c2
[0316.240] SaveDC (hdc=0x9d0107eb) returned 1
[0316.240] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x91040807
[0316.240] GetClipRgn (hdc=0x9d0107eb, hrgn=0x91040807) returned 0
[0316.240] SelectClipRgn (hdc=0x9d0107eb, hrgn=0xa0407de) returned 2
[0316.240] DeleteObject (ho=0x91040807) returned 1
[0316.241] DeleteObject (ho=0xa0407de) returned 1
[0316.241] OffsetViewportOrgEx (in: hdc=0x9d0107eb, x=0, y=0, lppt=0x2e2b1b0 | out: lppt=0x2e2b1b0) returned 1
[0316.241] IsAppThemed () returned 0x1
[0316.241] GetThemeAppProperties () returned 0x3
[0316.241] GetThemeAppProperties () returned 0x3
[0316.241] DrawThemeBackground () returned 0x0
[0316.241] RestoreDC (hdc=0x9d0107eb, nSavedDC=-1) returned 1
[0316.241] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107eb) returned 0x0
[0316.241] GdipCreateRegion (region=0xd7e490) returned 0x0
[0316.241] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0316.241] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0316.241] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0316.241] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7e4a8) returned 0x0
[0316.241] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0316.241] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0316.241] LocalFree (hMem=0x11ee868) returned 0x0
[0316.241] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0316.241] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0316.241] LocalFree (hMem=0x11ee868) returned 0x0
[0316.241] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0316.241] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0316.241] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0316.242] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0316.242] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0316.242] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0316.242] GetCurrentObject (hdc=0x9d0107eb, type=0x1) returned 0xb00017
[0316.242] GetCurrentObject (hdc=0x9d0107eb, type=0x2) returned 0x900010
[0316.242] GetCurrentObject (hdc=0x9d0107eb, type=0x7) returned 0x4a0507fe
[0316.242] GetCurrentObject (hdc=0x9d0107eb, type=0x6) returned 0x8a01c2
[0316.242] SaveDC (hdc=0x9d0107eb) returned 1
[0316.242] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb0407de
[0316.242] GetClipRgn (hdc=0x9d0107eb, hrgn=0xb0407de) returned 0
[0316.242] SelectClipRgn (hdc=0x9d0107eb, hrgn=0x92040807) returned 2
[0316.242] DeleteObject (ho=0xb0407de) returned 1
[0316.242] DeleteObject (ho=0x92040807) returned 1
[0316.242] OffsetViewportOrgEx (in: hdc=0x9d0107eb, x=0, y=0, lppt=0x2e2b484 | out: lppt=0x2e2b484) returned 1
[0316.242] IsAppThemed () returned 0x1
[0316.242] GetThemeAppProperties () returned 0x3
[0316.242] GetThemeAppProperties () returned 0x3
[0316.242] GetThemeBackgroundContentRect () returned 0x0
[0316.242] RestoreDC (hdc=0x9d0107eb, nSavedDC=-1) returned 1
[0316.243] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107eb) returned 0x0
[0316.243] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0316.243] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0316.243] GdipFillRectangleI (graphics=0x6600030, brush=0x66376e0, x=4, y=4, width=67, height=15) returned 0x0
[0316.243] GdipDeleteBrush (brush=0x66376e0) returned 0x0
[0316.243] IsAppThemed () returned 0x1
[0316.243] GetThemeAppProperties () returned 0x3
[0316.243] GetThemeAppProperties () returned 0x3
[0316.243] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0316.243] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0316.243] GetCurrentObject (hdc=0x9d0107eb, type=0x1) returned 0xb00017
[0316.243] GetCurrentObject (hdc=0x9d0107eb, type=0x2) returned 0x900010
[0316.243] GetCurrentObject (hdc=0x9d0107eb, type=0x7) returned 0x4a0507fe
[0316.243] GetCurrentObject (hdc=0x9d0107eb, type=0x6) returned 0x8a01c2
[0316.243] SaveDC (hdc=0x9d0107eb) returned 1
[0316.243] GetTextAlign (hdc=0x9d0107eb) returned 0x0
[0316.243] GetTextColor (hdc=0x9d0107eb) returned 0x0
[0316.243] GetCurrentObject (hdc=0x9d0107eb, type=0x6) returned 0x8a01c2
[0316.244] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0316.244] SelectObject (hdc=0x9d0107eb, h=0x6d0a0520) returned 0x8a01c2
[0316.244] GetBkMode (hdc=0x9d0107eb) returned 2
[0316.244] SetBkMode (hdc=0x9d0107eb, mode=1) returned 2
[0316.244] DrawTextExW (in: hdc=0x9d0107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e2b848 | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0316.244] DrawTextExW (in: hdc=0x9d0107eb, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e2b848 | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0316.244] RestoreDC (hdc=0x9d0107eb, nSavedDC=-1) returned 1
[0316.244] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107eb) returned 0x0
[0316.245] GetFocus () returned 0x602c4
[0316.245] IsAppThemed () returned 0x1
[0316.245] GetThemeAppProperties () returned 0x3
[0316.245] GetThemeAppProperties () returned 0x3
[0316.245] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0316.245] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x9d0107eb, x1=0, y1=0, rop=0xcc0020) returned 1
[0316.245] GdipReleaseDC (graphics=0x6600030, hdc=0x9d0107eb) returned 0x0
[0316.245] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0316.245] SelectObject (hdc=0x9d0107eb, h=0x85000f) returned 0x4a0507fe
[0316.245] DeleteDC (hdc=0x9d0107eb) returned 1
[0316.245] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0316.245] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0316.245] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.245] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.245] WaitMessage () returned 1
[0316.245] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.246] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.246] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.246] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.246] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.246] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.247] WaitMessage () returned 1
[0316.312] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.312] IsWindowUnicode (hWnd=0x7005c) returned 1
[0316.313] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.313] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.313] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.313] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.313] IsWindowUnicode (hWnd=0x7005c) returned 1
[0316.313] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.313] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.313] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10a0261) returned 0x0
[0316.313] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.313] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.313] WaitMessage () returned 1
[0316.315] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.315] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.315] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.315] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.315] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.316] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.316] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.316] WaitMessage () returned 1
[0316.317] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.317] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.317] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.317] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.317] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.318] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.318] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.318] WaitMessage () returned 1
[0316.319] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.319] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.319] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.319] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.319] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.320] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.320] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.320] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.320] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.320] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.320] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.320] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.321] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.321] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.321] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.321] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.321] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.321] WaitMessage () returned 1
[0316.322] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.322] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.322] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.322] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.322] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.323] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.323] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.323] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.323] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.323] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.323] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.323] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.324] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.324] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.324] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.324] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.324] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.324] WaitMessage () returned 1
[0316.324] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.324] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.324] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.325] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.325] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.329] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.329] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.329] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.329] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.329] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.330] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.330] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.330] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.330] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.330] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.330] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.330] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.330] WaitMessage () returned 1
[0316.332] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.332] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.332] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.332] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.332] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.333] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.334] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.334] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.334] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.334] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.334] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.334] IsWindowUnicode (hWnd=0x30122) returned 1
[0316.334] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.334] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.334] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.334] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.334] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.334] WaitMessage () returned 1
[0316.483] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.483] IsWindowUnicode (hWnd=0x502c6) returned 1
[0316.483] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0316.484] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0316.484] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0316.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0316.484] WaitMessage () returned 1
[0318.484] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f3) returned 0x1
[0318.485] IsWindowUnicode (hWnd=0x602c4) returned 1
[0318.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0318.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0318.485] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0318.485] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f3) returned 0x1
[0318.485] IsWindowUnicode (hWnd=0x602c4) returned 1
[0318.485] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.485] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f3) returned 0x1
[0318.485] SetCursor (hCursor=0x10003) returned 0x10003
[0318.485] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0318.485] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0318.485] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0318.486] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0318.486] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0318.486] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0318.486] GetKeyState (nVirtKey=1) returned 1
[0318.486] GetKeyState (nVirtKey=2) returned 0
[0318.486] GetKeyState (nVirtKey=4) returned 0
[0318.486] GetKeyState (nVirtKey=5) returned 0
[0318.486] GetKeyState (nVirtKey=6) returned 0
[0318.486] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.486] IsWindowUnicode (hWnd=0x602c4) returned 1
[0318.486] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.486] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0318.486] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0318.486] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0xf0105ee
[0318.486] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0318.486] CreateCompatibleDC (hdc=0xf0105ee) returned 0x860107f8
[0318.486] SelectObject (hdc=0x860107f8, h=0x4a0507fe) returned 0x85000f
[0318.487] GdipCreateFromHDC (hdc=0x860107f8, graphics=0xd7e798) returned 0x0
[0318.487] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0318.487] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0318.487] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0318.487] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0318.487] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e7f8) returned 0x0
[0318.487] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0318.487] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee788) returned 0x0
[0318.487] LocalFree (hMem=0x11ee788) returned 0x0
[0318.487] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0318.487] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0318.487] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0318.487] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0318.487] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0318.487] GdipRestoreGraphics (graphics=0x6600030, state=0xf4d20dbd) returned 0x0
[0318.487] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0318.488] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0318.488] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0318.488] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0318.488] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0318.488] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0318.488] SaveDC (hdc=0x860107f8) returned 1
[0318.488] GetNearestColor (hdc=0x860107f8, color=0xff) returned 0xff
[0318.488] GetNearestColor (hdc=0x860107f8, color=0x55) returned 0x55
[0318.488] GetNearestColor (hdc=0x860107f8, color=0x0) returned 0x0
[0318.488] GetNearestColor (hdc=0x860107f8, color=0x55) returned 0x55
[0318.488] GetNearestColor (hdc=0x860107f8, color=0x0) returned 0x0
[0318.488] GetNearestColor (hdc=0x860107f8, color=0x8080ff) returned 0x8080ff
[0318.488] GetNearestColor (hdc=0x860107f8, color=0x7373e5) returned 0x7373e5
[0318.488] GetNearestColor (hdc=0x860107f8, color=0xe5) returned 0xe5
[0318.488] GetNearestColor (hdc=0x860107f8, color=0x0) returned 0x0
[0318.488] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0318.488] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0318.489] IsAppThemed () returned 0x1
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] IsAppThemed () returned 0x1
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e2c1b8 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0318.489] IsAppThemed () returned 0x1
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] IsAppThemed () returned 0x1
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] IsAppThemed () returned 0x1
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] GetThemeAppProperties () returned 0x3
[0318.489] IsAppThemed () returned 0x1
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] IsThemePartDefined () returned 0x1
[0318.490] IsAppThemed () returned 0x1
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0318.490] IsAppThemed () returned 0x1
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] IsAppThemed () returned 0x1
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] GetThemeAppProperties () returned 0x3
[0318.490] IsThemePartDefined () returned 0x1
[0318.490] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0318.490] GdipGetClip (graphics=0x6600030, region=0x6646cb8) returned 0x0
[0318.490] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0318.490] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0318.490] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e514) returned 0x0
[0318.490] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0318.490] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0318.490] LocalFree (hMem=0x11eec58) returned 0x0
[0318.490] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0318.490] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0318.490] LocalFree (hMem=0x11eec58) returned 0x0
[0318.491] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0318.491] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0318.491] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0318.491] GdipGetRegionHRgn (region=0x6646cb8, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0318.491] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0318.491] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0318.491] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0318.491] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0318.491] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0318.491] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0318.491] SaveDC (hdc=0x860107f8) returned 1
[0318.491] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x93040807
[0318.491] GetClipRgn (hdc=0x860107f8, hrgn=0x93040807) returned 0
[0318.491] SelectClipRgn (hdc=0x860107f8, hrgn=0xf0407de) returned 2
[0318.491] DeleteObject (ho=0x93040807) returned 1
[0318.491] DeleteObject (ho=0xf0407de) returned 1
[0318.491] OffsetViewportOrgEx (in: hdc=0x860107f8, x=0, y=0, lppt=0x2e2c868 | out: lppt=0x2e2c868) returned 1
[0318.491] DrawThemeParentBackground () returned 0x0
[0318.492] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0318.492] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0318.492] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.492] GetSystemMetrics (nIndex=42) returned 0
[0318.492] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.492] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0318.492] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0318.492] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0318.492] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0318.492] SelectPalette (hdc=0x860107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0318.492] GdipCreateFromHDC (hdc=0x860107f8, graphics=0xd7dff0) returned 0x0
[0318.492] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0318.492] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0318.492] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638cc8) returned 0x0
[0318.492] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dfc8) returned 0x0
[0318.493] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0318.493] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0318.493] GdipGetClip (graphics=0x66376e0, region=0x6646838) returned 0x0
[0318.493] GdipIsInfiniteRegion (region=0x6646838, graphics=0x66376e0, result=0xd7dfbc) returned 0x0
[0318.493] GdipDeleteRegion (region=0x6646838) returned 0x0
[0318.493] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dfe8) returned 0x0
[0318.493] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0318.501] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e168, x=0, y=0, width=801, height=453) returned 0x0
[0318.502] GdipDeleteBrush (brush=0x664e168) returned 0x0
[0318.503] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0318.503] SelectPalette (hdc=0x860107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0318.503] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.503] GetSystemMetrics (nIndex=42) returned 0
[0318.503] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.503] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0318.503] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0318.503] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0318.503] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0318.503] SelectPalette (hdc=0x860107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0318.504] GdipCreateFromHDC (hdc=0x860107f8, graphics=0xd7df90) returned 0x0
[0318.504] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0318.504] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0318.504] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638cf8) returned 0x0
[0318.504] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7df68) returned 0x0
[0318.504] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0318.504] GdipCreateRegion (region=0xd7df50) returned 0x0
[0318.504] GdipGetClip (graphics=0x66376e0, region=0x6646cb8) returned 0x0
[0318.504] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x66376e0, result=0xd7df5c) returned 0x0
[0318.504] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0318.504] GdipSaveGraphics (graphics=0x66376e0, state=0xd7df88) returned 0x0
[0318.504] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0318.546] GdipFillRectangleI (graphics=0x66376e0, brush=0x664db50, x=0, y=0, width=801, height=453) returned 0x0
[0318.546] GdipDeleteBrush (brush=0x664db50) returned 0x0
[0318.547] GdipRestoreGraphics (graphics=0x66376e0, state=0xf4ce0dbd) returned 0x0
[0318.547] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.547] GetSystemMetrics (nIndex=42) returned 0
[0318.547] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.547] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0318.547] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0318.547] SelectPalette (hdc=0x860107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0318.548] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0318.548] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0318.548] IsAppThemed () returned 0x1
[0318.548] GetThemeAppProperties () returned 0x3
[0318.548] GetThemeAppProperties () returned 0x3
[0318.548] IsAppThemed () returned 0x1
[0318.548] GetThemeAppProperties () returned 0x3
[0318.548] GetThemeAppProperties () returned 0x3
[0318.548] IsThemePartDefined () returned 0x1
[0318.548] GdipCreateRegion (region=0xd7e480) returned 0x0
[0318.548] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0318.548] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0318.548] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0318.548] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e498) returned 0x0
[0318.548] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0318.548] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eead0) returned 0x0
[0318.548] LocalFree (hMem=0x11eead0) returned 0x0
[0318.548] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0318.548] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11eecc8) returned 0x0
[0318.548] LocalFree (hMem=0x11eecc8) returned 0x0
[0318.548] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0318.549] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0318.549] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0318.549] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0318.549] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0318.549] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0318.549] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0318.549] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0318.549] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0318.549] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0318.549] SaveDC (hdc=0x860107f8) returned 1
[0318.549] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x100407de
[0318.549] GetClipRgn (hdc=0x860107f8, hrgn=0x100407de) returned 0
[0318.549] SelectClipRgn (hdc=0x860107f8, hrgn=0x95040807) returned 2
[0318.549] DeleteObject (ho=0x100407de) returned 1
[0318.549] DeleteObject (ho=0x95040807) returned 1
[0318.549] OffsetViewportOrgEx (in: hdc=0x860107f8, x=0, y=0, lppt=0x2e330b8 | out: lppt=0x2e330b8) returned 1
[0318.549] IsAppThemed () returned 0x1
[0318.549] GetThemeAppProperties () returned 0x3
[0318.549] GetThemeAppProperties () returned 0x3
[0318.549] DrawThemeBackground () returned 0x0
[0318.550] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0318.550] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0318.550] GdipCreateRegion (region=0xd7e484) returned 0x0
[0318.550] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0318.550] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0318.550] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0318.550] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e49c) returned 0x0
[0318.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0318.550] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee788) returned 0x0
[0318.550] LocalFree (hMem=0x11ee788) returned 0x0
[0318.550] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0318.550] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0318.550] LocalFree (hMem=0x11eec58) returned 0x0
[0318.550] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0318.550] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0318.550] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0318.550] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0318.550] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0318.550] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0318.550] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0318.550] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0318.550] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0318.551] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0318.551] SaveDC (hdc=0x860107f8) returned 1
[0318.551] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x96040807
[0318.551] GetClipRgn (hdc=0x860107f8, hrgn=0x96040807) returned 0
[0318.551] SelectClipRgn (hdc=0x860107f8, hrgn=0x110407de) returned 2
[0318.551] DeleteObject (ho=0x96040807) returned 1
[0318.551] DeleteObject (ho=0x110407de) returned 1
[0318.551] OffsetViewportOrgEx (in: hdc=0x860107f8, x=0, y=0, lppt=0x2e3338c | out: lppt=0x2e3338c) returned 1
[0318.551] IsAppThemed () returned 0x1
[0318.551] GetThemeAppProperties () returned 0x3
[0318.551] GetThemeAppProperties () returned 0x3
[0318.551] GetThemeBackgroundContentRect () returned 0x0
[0318.551] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0318.551] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0318.551] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0318.551] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0318.551] GdipFillRectangleI (graphics=0x6600030, brush=0x66376e0, x=4, y=4, width=67, height=15) returned 0x0
[0318.551] GdipDeleteBrush (brush=0x66376e0) returned 0x0
[0318.551] IsAppThemed () returned 0x1
[0318.552] GetThemeAppProperties () returned 0x3
[0318.552] GetThemeAppProperties () returned 0x3
[0318.552] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0318.552] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0318.552] GetCurrentObject (hdc=0x860107f8, type=0x1) returned 0xb00017
[0318.552] GetCurrentObject (hdc=0x860107f8, type=0x2) returned 0x900010
[0318.552] GetCurrentObject (hdc=0x860107f8, type=0x7) returned 0x4a0507fe
[0318.552] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0318.552] SaveDC (hdc=0x860107f8) returned 1
[0318.552] GetTextAlign (hdc=0x860107f8) returned 0x0
[0318.552] GetTextColor (hdc=0x860107f8) returned 0x0
[0318.552] GetCurrentObject (hdc=0x860107f8, type=0x6) returned 0x8a01c2
[0318.552] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0318.553] SelectObject (hdc=0x860107f8, h=0x6d0a0520) returned 0x8a01c2
[0318.553] GetBkMode (hdc=0x860107f8) returned 2
[0318.553] SetBkMode (hdc=0x860107f8, mode=1) returned 2
[0318.553] DrawTextExW (in: hdc=0x860107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e33750 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0318.553] DrawTextExW (in: hdc=0x860107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e33750 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0318.553] RestoreDC (hdc=0x860107f8, nSavedDC=-1) returned 1
[0318.553] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0318.553] GetFocus () returned 0x602c4
[0318.553] IsAppThemed () returned 0x1
[0318.554] GetThemeAppProperties () returned 0x3
[0318.554] GetThemeAppProperties () returned 0x3
[0318.554] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0318.554] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x860107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0318.554] GdipReleaseDC (graphics=0x6600030, hdc=0x860107f8) returned 0x0
[0318.554] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0318.554] SelectObject (hdc=0x860107f8, h=0x85000f) returned 0x4a0507fe
[0318.554] DeleteDC (hdc=0x860107f8) returned 1
[0318.554] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0318.554] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0318.554] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0318.554] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0318.554] WaitMessage () returned 1
[0318.593] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.594] IsWindowUnicode (hWnd=0x602c4) returned 1
[0318.594] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.594] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0318.594] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0318.594] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.594] IsWindowUnicode (hWnd=0x602c4) returned 1
[0318.594] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.594] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0318.594] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0318.594] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0xd0018) returned 0x0
[0318.594] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0318.594] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0318.594] WaitMessage () returned 1
[0318.735] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.735] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f3) returned 0x1
[0318.735] IsWindowUnicode (hWnd=0x602c4) returned 1
[0318.735] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.735] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f3) returned 0x1
[0318.735] GetDlgItem (hDlg=0x7005c, nIDDlgItem=0) returned 0x0
[0318.735] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x210, wParam=0x201, lParam=0x19f0035) returned 0x0
[0318.736] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0318.736] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x21, wParam=0x7005c, lParam=0x2010001) returned 0x1
[0318.736] SetCursor (hCursor=0x10003) returned 0x10003
[0318.736] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0318.736] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0318.736] GetKeyState (nVirtKey=1) returned -128
[0318.736] GetKeyState (nVirtKey=2) returned 0
[0318.736] GetKeyState (nVirtKey=4) returned 0
[0318.736] GetKeyState (nVirtKey=5) returned 0
[0318.736] GetKeyState (nVirtKey=6) returned 0
[0318.736] IsWindowVisible (hWnd=0x602c4) returned 1
[0318.736] IsWindowEnabled (hWnd=0x602c4) returned 1
[0318.736] SetFocus (hWnd=0x602c4) returned 0x602c4
[0318.736] GetFocus () returned 0x602c4
[0318.736] GetFocus () returned 0x602c4
[0318.736] GetFocus () returned 0x602c4
[0318.736] GetKeyState (nVirtKey=1) returned -128
[0318.736] GetKeyState (nVirtKey=2) returned 0
[0318.736] GetKeyState (nVirtKey=4) returned 0
[0318.736] GetKeyState (nVirtKey=5) returned 0
[0318.736] GetKeyState (nVirtKey=6) returned 0
[0318.736] GetCapture () returned 0x0
[0318.737] SetCapture (hWnd=0x602c4) returned 0x0
[0318.737] GetKeyState (nVirtKey=1) returned -128
[0318.737] GetKeyState (nVirtKey=2) returned 0
[0318.737] GetKeyState (nVirtKey=4) returned 0
[0318.737] GetKeyState (nVirtKey=5) returned 0
[0318.737] GetKeyState (nVirtKey=6) returned 0
[0318.737] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0318.737] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e960, bErase=0) returned 1
[0318.737] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.737] IsWindowUnicode (hWnd=0x602c4) returned 1
[0318.737] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0318.737] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0318.737] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0318.737] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e338d4, cPoints=0x1 | out: lpPoints=0x2e338d4) returned 40304859
[0318.737] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0318.737] InvalidateRect (hWnd=0x602c4, lpRect=0xd7e900, bErase=0) returned 1
[0318.737] UpdateWindow (hWnd=0x602c4) returned 1
[0318.737] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e418 | out: lpPaint=0xd7e418) returned 0xf0105ee
[0318.737] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0318.737] CreateCompatibleDC (hdc=0xf0105ee) returned 0x870107f8
[0318.738] SelectObject (hdc=0x870107f8, h=0x4a0507fe) returned 0x85000f
[0318.738] GdipCreateFromHDC (hdc=0x870107f8, graphics=0xd7e430) returned 0x0
[0318.738] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0318.738] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0318.738] GdipCreateMatrix (matrix=0xd7e478) returned 0x0
[0318.738] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0318.738] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e490) returned 0x0
[0318.738] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0318.738] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11ee910) returned 0x0
[0318.738] LocalFree (hMem=0x11ee910) returned 0x0
[0318.738] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0318.738] GdipCreateRegion (region=0xd7e478) returned 0x0
[0318.738] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0318.738] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e484) returned 0x0
[0318.738] GdipSaveGraphics (graphics=0x6600030, state=0xd7e4b0) returned 0x0
[0318.738] GdipRestoreGraphics (graphics=0x6600030, state=0xf4cc0dbd) returned 0x0
[0318.738] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0318.739] GdipGetDC (graphics=0x6600030, hdc=0xd7e290) returned 0x0
[0318.739] GetCurrentObject (hdc=0x870107f8, type=0x1) returned 0xb00017
[0318.739] GetCurrentObject (hdc=0x870107f8, type=0x2) returned 0x900010
[0318.739] GetCurrentObject (hdc=0x870107f8, type=0x7) returned 0x4a0507fe
[0318.739] GetCurrentObject (hdc=0x870107f8, type=0x6) returned 0x8a01c2
[0318.739] SaveDC (hdc=0x870107f8) returned 1
[0318.739] GetNearestColor (hdc=0x870107f8, color=0xff) returned 0xff
[0318.739] GetNearestColor (hdc=0x870107f8, color=0x55) returned 0x55
[0318.739] GetNearestColor (hdc=0x870107f8, color=0x0) returned 0x0
[0318.739] GetNearestColor (hdc=0x870107f8, color=0x55) returned 0x55
[0318.739] GetNearestColor (hdc=0x870107f8, color=0x0) returned 0x0
[0318.739] GetNearestColor (hdc=0x870107f8, color=0x8080ff) returned 0x8080ff
[0318.739] GetNearestColor (hdc=0x870107f8, color=0x7373e5) returned 0x7373e5
[0318.739] GetNearestColor (hdc=0x870107f8, color=0xe5) returned 0xe5
[0318.739] GetNearestColor (hdc=0x870107f8, color=0x0) returned 0x0
[0318.739] RestoreDC (hdc=0x870107f8, nSavedDC=-1) returned 1
[0318.739] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f8) returned 0x0
[0318.740] IsAppThemed () returned 0x1
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] IsAppThemed () returned 0x1
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e14c, format=0x102415, lpdtp=0x2e33ff0 | out: lpchText="Decrypt file", lprc=0xd7e14c) returned 13
[0318.740] IsAppThemed () returned 0x1
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] IsAppThemed () returned 0x1
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] IsAppThemed () returned 0x1
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] GetThemeAppProperties () returned 0x3
[0318.740] IsAppThemed () returned 0x1
[0318.740] GetThemeAppProperties () returned 0x3
[0318.741] GetThemeAppProperties () returned 0x3
[0318.741] IsThemePartDefined () returned 0x1
[0318.741] IsAppThemed () returned 0x1
[0318.741] GetThemeAppProperties () returned 0x3
[0318.741] GetThemeAppProperties () returned 0x3
[0318.741] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0318.741] IsAppThemed () returned 0x1
[0318.741] GetThemeAppProperties () returned 0x3
[0318.741] GetThemeAppProperties () returned 0x3
[0318.741] IsAppThemed () returned 0x1
[0318.741] GetThemeAppProperties () returned 0x3
[0318.741] GetThemeAppProperties () returned 0x3
[0318.741] IsThemePartDefined () returned 0x1
[0318.741] GdipCreateRegion (region=0xd7e194) returned 0x0
[0318.741] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0318.741] GdipCreateMatrix (matrix=0xd7e194) returned 0x0
[0318.741] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0318.741] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e1ac) returned 0x0
[0318.741] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0318.741] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea28) returned 0x0
[0318.741] LocalFree (hMem=0x11eea28) returned 0x0
[0318.741] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0318.741] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee788) returned 0x0
[0318.741] LocalFree (hMem=0x11ee788) returned 0x0
[0318.741] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0318.742] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e1d4) returned 0x0
[0318.742] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e1c4) returned 0x0
[0318.742] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e1c4) returned 0x0
[0318.742] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0318.742] GdipGetDC (graphics=0x6600030, hdc=0xd7e1dc) returned 0x0
[0318.742] GetCurrentObject (hdc=0x870107f8, type=0x1) returned 0xb00017
[0318.742] GetCurrentObject (hdc=0x870107f8, type=0x2) returned 0x900010
[0318.742] GetCurrentObject (hdc=0x870107f8, type=0x7) returned 0x4a0507fe
[0318.742] GetCurrentObject (hdc=0x870107f8, type=0x6) returned 0x8a01c2
[0318.742] SaveDC (hdc=0x870107f8) returned 1
[0318.742] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x120407de
[0318.742] GetClipRgn (hdc=0x870107f8, hrgn=0x120407de) returned 0
[0318.742] SelectClipRgn (hdc=0x870107f8, hrgn=0x9a040807) returned 2
[0318.742] DeleteObject (ho=0x120407de) returned 1
[0318.742] DeleteObject (ho=0x9a040807) returned 1
[0318.742] OffsetViewportOrgEx (in: hdc=0x870107f8, x=0, y=0, lppt=0x2e346a0 | out: lppt=0x2e346a0) returned 1
[0318.742] DrawThemeParentBackground () returned 0x0
[0318.743] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dea4 | out: lpwndpl=0xd7dea4) returned 1
[0318.743] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7de50 | out: lpRect=0xd7de50) returned 1
[0318.743] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.743] GetSystemMetrics (nIndex=42) returned 0
[0318.743] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dd0c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.743] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dd0c) returned 0xd
[0318.743] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dd58 | out: lpRect=0xd7dd58) returned 1
[0318.743] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0318.743] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc90) returned 0x0
[0318.743] SelectPalette (hdc=0x870107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0318.743] GdipCreateFromHDC (hdc=0x870107f8, graphics=0xd7dc88) returned 0x0
[0318.743] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0318.744] GdipCreateMatrix (matrix=0xd7dc48) returned 0x0
[0318.744] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638ae8) returned 0x0
[0318.744] GdipIsMatrixIdentity (matrix=0x6638ae8, result=0xd7dc60) returned 0x0
[0318.744] GdipDeleteMatrix (matrix=0x6638ae8) returned 0x0
[0318.744] GdipCreateRegion (region=0xd7dc48) returned 0x0
[0318.744] GdipGetClip (graphics=0x66376e0, region=0x66467a8) returned 0x0
[0318.744] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x66376e0, result=0xd7dc54) returned 0x0
[0318.744] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0318.744] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dc80) returned 0x0
[0318.744] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7db1c) returned 0x0
[0318.752] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e8b8, x=0, y=0, width=801, height=453) returned 0x0
[0318.752] GdipDeleteBrush (brush=0x664e8b8) returned 0x0
[0318.754] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0318.754] SelectPalette (hdc=0x870107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0318.754] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.754] GetSystemMetrics (nIndex=42) returned 0
[0318.754] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.754] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0318.754] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dcf8 | out: lpRect=0xd7dcf8) returned 1
[0318.754] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0318.754] GdipGetImageFlags (image=0x65ff260, flags=0xd7dc30) returned 0x0
[0318.754] SelectPalette (hdc=0x870107f8, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0318.754] GdipCreateFromHDC (hdc=0x870107f8, graphics=0xd7dc28) returned 0x0
[0318.754] GdipSetPageUnit (graphics=0x66376e0, unit=0x2) returned 0x0
[0318.755] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0318.755] GdipGetWorldTransform (graphics=0x66376e0, matrix=0x6638b18) returned 0x0
[0318.755] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7dc00) returned 0x0
[0318.755] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0318.755] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0318.755] GdipGetClip (graphics=0x66376e0, region=0x6646cb8) returned 0x0
[0318.755] GdipIsInfiniteRegion (region=0x6646cb8, graphics=0x66376e0, result=0xd7dbf4) returned 0x0
[0318.755] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0318.755] GdipSaveGraphics (graphics=0x66376e0, state=0xd7dc20) returned 0x0
[0318.755] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7dabc) returned 0x0
[0318.762] GdipFillRectangleI (graphics=0x66376e0, brush=0x664e3d8, x=0, y=0, width=801, height=453) returned 0x0
[0318.762] GdipDeleteBrush (brush=0x664e3d8) returned 0x0
[0318.764] GdipRestoreGraphics (graphics=0x66376e0, state=0xf4c80dbd) returned 0x0
[0318.764] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.764] GetSystemMetrics (nIndex=42) returned 0
[0318.764] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7dcac, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.764] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7dcac) returned 0xd
[0318.764] GdipDeleteGraphics (graphics=0x66376e0) returned 0x0
[0318.764] SelectPalette (hdc=0x870107f8, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0318.764] RestoreDC (hdc=0x870107f8, nSavedDC=-1) returned 1
[0318.764] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f8) returned 0x0
[0318.764] IsAppThemed () returned 0x1
[0318.764] GetThemeAppProperties () returned 0x3
[0318.765] GetThemeAppProperties () returned 0x3
[0318.765] IsAppThemed () returned 0x1
[0318.765] GetThemeAppProperties () returned 0x3
[0318.765] GetThemeAppProperties () returned 0x3
[0318.765] IsThemePartDefined () returned 0x1
[0318.765] GdipCreateRegion (region=0xd7e118) returned 0x0
[0318.765] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0318.765] GdipCreateMatrix (matrix=0xd7e118) returned 0x0
[0318.765] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0318.765] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e130) returned 0x0
[0318.765] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0318.765] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0318.765] LocalFree (hMem=0x11ee8d8) returned 0x0
[0318.765] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0318.765] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee8d8) returned 0x0
[0318.765] LocalFree (hMem=0x11ee8d8) returned 0x0
[0318.765] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0318.765] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e158) returned 0x0
[0318.765] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e148) returned 0x0
[0318.765] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e148) returned 0x0
[0318.765] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0318.765] GdipGetDC (graphics=0x6600030, hdc=0xd7e160) returned 0x0
[0318.765] GetCurrentObject (hdc=0x870107f8, type=0x1) returned 0xb00017
[0318.765] GetCurrentObject (hdc=0x870107f8, type=0x2) returned 0x900010
[0318.766] GetCurrentObject (hdc=0x870107f8, type=0x7) returned 0x4a0507fe
[0318.766] GetCurrentObject (hdc=0x870107f8, type=0x6) returned 0x8a01c2
[0318.766] SaveDC (hdc=0x870107f8) returned 1
[0318.766] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9b040807
[0318.766] GetClipRgn (hdc=0x870107f8, hrgn=0x9b040807) returned 0
[0318.766] SelectClipRgn (hdc=0x870107f8, hrgn=0x140407de) returned 2
[0318.766] DeleteObject (ho=0x9b040807) returned 1
[0318.766] DeleteObject (ho=0x140407de) returned 1
[0318.766] OffsetViewportOrgEx (in: hdc=0x870107f8, x=0, y=0, lppt=0x2e3aef0 | out: lppt=0x2e3aef0) returned 1
[0318.766] IsAppThemed () returned 0x1
[0318.766] GetThemeAppProperties () returned 0x3
[0318.766] GetThemeAppProperties () returned 0x3
[0318.766] DrawThemeBackground () returned 0x0
[0318.766] RestoreDC (hdc=0x870107f8, nSavedDC=-1) returned 1
[0318.766] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f8) returned 0x0
[0318.766] GdipCreateRegion (region=0xd7e11c) returned 0x0
[0318.766] GdipGetClip (graphics=0x6600030, region=0x66467a8) returned 0x0
[0318.766] GdipCreateMatrix (matrix=0xd7e11c) returned 0x0
[0318.766] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d28) returned 0x0
[0318.766] GdipIsMatrixIdentity (matrix=0x6638d28, result=0xd7e134) returned 0x0
[0318.766] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee788
[0318.767] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee788) returned 0x0
[0318.767] LocalFree (hMem=0x11ee788) returned 0x0
[0318.767] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0318.767] GdipGetMatrixElements (matrix=0x6638d28, matrixOut=0x11ee910) returned 0x0
[0318.767] LocalFree (hMem=0x11ee910) returned 0x0
[0318.767] GdipDeleteMatrix (matrix=0x6638d28) returned 0x0
[0318.767] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e15c) returned 0x0
[0318.767] GdipIsInfiniteRegion (region=0x66467a8, graphics=0x6600030, result=0xd7e14c) returned 0x0
[0318.767] GdipGetRegionHRgn (region=0x66467a8, graphics=0x6600030, hRgn=0xd7e14c) returned 0x0
[0318.767] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0318.767] GdipGetDC (graphics=0x6600030, hdc=0xd7e164) returned 0x0
[0318.767] GetCurrentObject (hdc=0x870107f8, type=0x1) returned 0xb00017
[0318.767] GetCurrentObject (hdc=0x870107f8, type=0x2) returned 0x900010
[0318.767] GetCurrentObject (hdc=0x870107f8, type=0x7) returned 0x4a0507fe
[0318.767] GetCurrentObject (hdc=0x870107f8, type=0x6) returned 0x8a01c2
[0318.767] SaveDC (hdc=0x870107f8) returned 1
[0318.767] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x150407de
[0318.767] GetClipRgn (hdc=0x870107f8, hrgn=0x150407de) returned 0
[0318.767] SelectClipRgn (hdc=0x870107f8, hrgn=0x9c040807) returned 2
[0318.767] DeleteObject (ho=0x150407de) returned 1
[0318.767] DeleteObject (ho=0x9c040807) returned 1
[0318.767] OffsetViewportOrgEx (in: hdc=0x870107f8, x=0, y=0, lppt=0x2e3b1c4 | out: lppt=0x2e3b1c4) returned 1
[0318.768] IsAppThemed () returned 0x1
[0318.768] GetThemeAppProperties () returned 0x3
[0318.768] GetThemeAppProperties () returned 0x3
[0318.768] GetThemeBackgroundContentRect () returned 0x0
[0318.768] RestoreDC (hdc=0x870107f8, nSavedDC=-1) returned 1
[0318.768] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f8) returned 0x0
[0318.768] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e270) returned 0x0
[0318.768] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e26c) returned 0x0
[0318.768] GdipFillRectangleI (graphics=0x6600030, brush=0x66376e0, x=4, y=4, width=67, height=15) returned 0x0
[0318.768] GdipDeleteBrush (brush=0x66376e0) returned 0x0
[0318.768] IsAppThemed () returned 0x1
[0318.768] GetThemeAppProperties () returned 0x3
[0318.768] GetThemeAppProperties () returned 0x3
[0318.768] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e298) returned 0x0
[0318.768] GdipGetDC (graphics=0x6600030, hdc=0xd7e284) returned 0x0
[0318.768] GetCurrentObject (hdc=0x870107f8, type=0x1) returned 0xb00017
[0318.768] GetCurrentObject (hdc=0x870107f8, type=0x2) returned 0x900010
[0318.768] GetCurrentObject (hdc=0x870107f8, type=0x7) returned 0x4a0507fe
[0318.768] GetCurrentObject (hdc=0x870107f8, type=0x6) returned 0x8a01c2
[0318.768] SaveDC (hdc=0x870107f8) returned 1
[0318.768] GetTextAlign (hdc=0x870107f8) returned 0x0
[0318.769] GetTextColor (hdc=0x870107f8) returned 0x0
[0318.769] GetCurrentObject (hdc=0x870107f8, type=0x6) returned 0x8a01c2
[0318.769] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7dfcc | out: pv=0xd7dfcc) returned 92
[0318.769] SelectObject (hdc=0x870107f8, h=0x6d0a0520) returned 0x8a01c2
[0318.769] GetBkMode (hdc=0x870107f8) returned 2
[0318.769] SetBkMode (hdc=0x870107f8, mode=1) returned 2
[0318.769] DrawTextExW (in: hdc=0x870107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e0b4, format=0x102415, lpdtp=0x2e3b588 | out: lpchText="Decrypt file", lprc=0xd7e0b4) returned 13
[0318.769] DrawTextExW (in: hdc=0x870107f8, lpchText="Decrypt file", cchText=12, lprc=0xd7e218, format=0x102015, lpdtp=0x2e3b588 | out: lpchText="Decrypt file", lprc=0xd7e218) returned 13
[0318.769] RestoreDC (hdc=0x870107f8, nSavedDC=-1) returned 1
[0318.770] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f8) returned 0x0
[0318.770] GetFocus () returned 0x602c4
[0318.770] IsAppThemed () returned 0x1
[0318.770] GetThemeAppProperties () returned 0x3
[0318.770] GetThemeAppProperties () returned 0x3
[0318.770] GdipGetDC (graphics=0x6600030, hdc=0xd7e470) returned 0x0
[0318.770] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=75, cy=23, hdcSrc=0x870107f8, x1=0, y1=0, rop=0xcc0020) returned 1
[0318.770] GdipReleaseDC (graphics=0x6600030, hdc=0x870107f8) returned 0x0
[0318.770] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0318.770] SelectObject (hdc=0x870107f8, h=0x85000f) returned 0x4a0507fe
[0318.770] DeleteDC (hdc=0x870107f8) returned 1
[0318.770] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0318.770] EndPaint (hWnd=0x602c4, lpPaint=0xd7e414) returned 1
[0318.771] MapWindowPoints (in: hWndFrom=0x602c4, hWndTo=0x0, lpPoints=0x2e3b684, cPoints=0x1 | out: lpPoints=0x2e3b684) returned 40304859
[0318.771] WindowFromPoint (Point=0xf3) returned 0x602c4
[0318.771] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27400f3) returned 0x1
[0318.771] NotifyWinEvent (event=0x800a, hwnd=0x602c4, idObject=-4, idChild=0)
[0318.771] NotifyWinEvent (event=0x800c, hwnd=0x602c4, idObject=-4, idChild=0)
[0318.771] GetWindowTextLengthW (hWnd=0x6002e) returned 0
[0318.771] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0318.771] GetSystemMetrics (nIndex=42) returned 0
[0318.771] GetWindowTextW (in: hWnd=0x6002e, lpString=0xd7e7d8, nMaxCount=1 | out: lpString="") returned 0
[0318.771] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x6002e, Msg=0xd, wParam=0x1, lParam=0xd7e7d8) returned 0x0
[0318.772] GetCapture () returned 0x602c4
[0318.773] ReleaseCapture () returned 1
[0318.773] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0318.773] GetProcessWindowStation () returned 0x13c
[0318.773] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.773] AdjustWindowRectEx (in: lpRect=0xd7e81c, dwStyle=0x56010000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e81c) returned 1
[0318.773] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.773] AdjustWindowRectEx (in: lpRect=0xd7e818, dwStyle=0x5601008d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e818) returned 1
[0318.774] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.774] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0318.774] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.774] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0318.774] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.774] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0318.774] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.774] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e814) returned 1
[0318.774] GetDC (hWnd=0x0) returned 0x107b9
[0318.775] GdipCreateFromHDC (hdc=0x107b9, graphics=0xd7e6ec) returned 0x0
[0318.775] GdipGetFontHeight (font=0x54eef48, graphics=0x6600030, height=0xd7e6e4) returned 0x0
[0318.775] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0318.775] ReleaseDC (hWnd=0x0, hDC=0x107b9) returned 1
[0318.775] GetSystemMetrics (nIndex=5) returned 1
[0318.775] GetSystemMetrics (nIndex=6) returned 1
[0318.775] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.775] AdjustWindowRectEx (in: lpRect=0xd7e814, dwStyle=0x560101c0, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e814) returned 1
[0318.776] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.776] AdjustWindowRectEx (in: lpRect=0xd7e7e8, dwStyle=0x56cf0000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7e8) returned 1
[0318.859] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x3b
[0318.859] GetFullPathNameW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", nBufferLength=0x3b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpFilePart=0x0) returned 0x3a
[0318.859] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.859] GetFileAttributesExW (in: lpFileName="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll" (normalized: "c:\\windows\\microsoft.net\\framework\\v4.0.30319\\mscorlib.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7954f49e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7954f49e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7957570c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x55aaa8)) returned 1
[0318.859] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.859] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x82c
[0318.860] GetFileVersionInfoW (in: lptstrFilename="C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorlib.dll", dwHandle=0x0, dwLen=0x82c, lpData=0x2e410a0 | out: lpData=0x2e410a0) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e414b0, puLen=0xd7e810) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41158, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e411ac, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4122c, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41294, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e412d4, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4135c, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41398, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e413f0, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e41420, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4145c, puLen=0xd7e790) returned 1
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e414b0, puLen=0xd7e784) returned 1
[0318.861] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.861] VerQueryValueW (in: pBlock=0x2e410a0, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e410c8, puLen=0xd7e794) returned 1
[0318.862] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x2a
[0318.862] GetFullPathNameW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", nBufferLength=0x2a, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpFilePart=0x0) returned 0x29
[0318.862] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.862] GetFileAttributesExW (in: lpFileName="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe" (normalized: "c:\\users\\fd1hvy\\desktop\\bb ransomware.exe"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0xd15e9d00, ftCreationTime.dwHighDateTime=0x1d6075d, ftLastAccessTime.dwLowDateTime=0xd1f73380, ftLastAccessTime.dwHighDateTime=0x1d6075d, ftLastWriteTime.dwLowDateTime=0x9ef87400, ftLastWriteTime.dwHighDateTime=0x1d6074c, nFileSizeHigh=0x0, nFileSizeLow=0x2b800)) returned 1
[0318.862] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.862] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x67c
[0318.862] GetFileVersionInfoW (in: lptstrFilename="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwHandle=0x0, dwLen=0x67c, lpData=0x2e43010 | out: lpData=0x2e43010) returned 1
[0318.862] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e430ac, puLen=0xd7e810) returned 1
[0318.862] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43124, puLen=0xd7e790) returned 1
[0318.862] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43154, puLen=0xd7e790) returned 1
[0318.862] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43190, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e431c0, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43208, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43280, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e432c4, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43304, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43102, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e43250, puLen=0xd7e790) returned 1
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\\\StringFileInfo\\\\000004B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e430ac, puLen=0xd7e784) returned 1
[0318.863] VerLanguageNameW (in: wLang=0x0, szLang=0xd7e518, cchLang=0x100 | out: szLang="Language Neutral") returned 0x10
[0318.863] VerQueryValueW (in: pBlock=0x2e43010, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e43038, puLen=0xd7e794) returned 1
[0318.864] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7b
[0318.864] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", nBufferLength=0x7b, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpFilePart=0x0) returned 0x7a
[0318.864] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.864] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\microsoft.visualbasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\microsoft.visualbasic.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93fc05ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93fc05ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93fc05ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x9c4e0)) returned 1
[0318.864] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.864] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x834
[0318.864] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\Microsoft.VisualBasic\\v4.0_10.0.0.0__b03f5f7f11d50a3a\\Microsoft.VisualBasic.dll", dwHandle=0x0, dwLen=0x834, lpData=0x2e452e8 | out: lpData=0x2e452e8) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e456fc, puLen=0xd7e810) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e453a0, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e453f4, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e45450, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e454b0, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e45508, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e45590, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e455e4, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4563c, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4566c, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e456a8, puLen=0xd7e790) returned 1
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.865] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e456fc, puLen=0xd7e784) returned 1
[0318.865] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.866] VerQueryValueW (in: pBlock=0x2e452e8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e45310, puLen=0xd7e794) returned 1
[0318.866] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0318.866] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpFilePart=0x0) returned 0x77
[0318.866] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.866] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.windows.forms\\v4.0_4.0.0.0__b77a5c561934e089\\system.windows.forms.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x79490901, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x79490901, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x794b6b79, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x4f12d8)) returned 1
[0318.866] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.866] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x80c
[0318.867] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Windows.Forms\\v4.0_4.0.0.0__b77a5c561934e089\\System.Windows.Forms.dll", dwHandle=0x0, dwLen=0x80c, lpData=0x2e47920 | out: lpData=0x2e47920) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e47d20, puLen=0xd7e810) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e479d8, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47a2c, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47a6c, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47ad4, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47b2c, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47bb4, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47c08, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47c60, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47c90, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e47ccc, puLen=0xd7e790) returned 1
[0318.868] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.869] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e47d20, puLen=0xd7e784) returned 1
[0318.869] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.869] VerQueryValueW (in: pBlock=0x2e47920, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e47948, puLen=0xd7e794) returned 1
[0318.869] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x5c
[0318.869] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", nBufferLength=0x5c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpFilePart=0x0) returned 0x5b
[0318.869] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.869] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system\\v4.0_4.0.0.0__b77a5c561934e089\\system.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7960e088, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7960e088, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7963430c, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x35ce88)) returned 1
[0318.870] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.870] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x79c
[0318.870] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System\\v4.0_4.0.0.0__b77a5c561934e089\\System.dll", dwHandle=0x0, dwLen=0x79c, lpData=0x2e4a05c | out: lpData=0x2e4a05c) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4a424, puLen=0xd7e810) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a114, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a168, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a1a8, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a210, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a24c, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a2d4, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a30c, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a364, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a394, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4a3d0, puLen=0xd7e790) returned 1
[0318.871] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.872] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4a424, puLen=0xd7e784) returned 1
[0318.872] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.872] VerQueryValueW (in: pBlock=0x2e4a05c, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4a084, puLen=0xd7e794) returned 1
[0318.874] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x6c
[0318.874] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", nBufferLength=0x6c, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpFilePart=0x0) returned 0x6b
[0318.874] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.874] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.drawing.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x93f019ce, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x93f019ce, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x93f019ce, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x926b0)) returned 1
[0318.874] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.874] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7cc
[0318.875] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Drawing\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Drawing.dll", dwHandle=0x0, dwLen=0x7cc, lpData=0x2e4d6c4 | out: lpData=0x2e4d6c4) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e4daa4, puLen=0xd7e810) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d77c, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d7d0, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d810, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d870, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d8bc, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d944, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d98c, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4d9e4, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4da14, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4da50, puLen=0xd7e790) returned 1
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e4daa4, puLen=0xd7e784) returned 1
[0318.876] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.876] VerQueryValueW (in: pBlock=0x2e4d6c4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4d6ec, puLen=0xd7e794) returned 1
[0318.877] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x78
[0318.877] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", nBufferLength=0x78, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpFilePart=0x0) returned 0x77
[0318.877] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.877] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\system.configuration.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x917f6420, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x917f6420, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x917f6420, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x634d8)) returned 1
[0318.877] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.877] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x824
[0318.878] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Configuration\\v4.0_4.0.0.0__b03f5f7f11d50a3a\\System.Configuration.dll", dwHandle=0x0, dwLen=0x824, lpData=0x2e4fee4 | out: lpData=0x2e4fee4) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e502f0, puLen=0xd7e810) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4ff9c, puLen=0xd7e790) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e4fff0, puLen=0xd7e790) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50044, puLen=0xd7e790) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e500a4, puLen=0xd7e790) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e500fc, puLen=0xd7e790) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50184, puLen=0xd7e790) returned 1
[0318.878] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e501d8, puLen=0xd7e790) returned 1
[0318.879] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50230, puLen=0xd7e790) returned 1
[0318.879] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e50260, puLen=0xd7e790) returned 1
[0318.879] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.879] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e5029c, puLen=0xd7e790) returned 1
[0318.879] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.879] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e502f0, puLen=0xd7e784) returned 1
[0318.879] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.879] VerQueryValueW (in: pBlock=0x2e4fee4, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e4ff0c, puLen=0xd7e794) returned 1
[0318.879] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x66
[0318.879] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", nBufferLength=0x66, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpFilePart=0x0) returned 0x65
[0318.880] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.880] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.core\\v4.0_4.0.0.0__b77a5c561934e089\\system.core.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x7676a078, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x7676a078, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x7676a078, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x1514a0)) returned 1
[0318.880] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.880] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0318.880] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Core\\v4.0_4.0.0.0__b77a5c561934e089\\System.Core.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e526f8 | out: lpData=0x2e526f8) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e52ad0, puLen=0xd7e810) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e527b0, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52804, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52844, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e528ac, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e528f0, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52978, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e529b8, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52a10, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52a40, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e52a7c, puLen=0xd7e790) returned 1
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.881] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e52ad0, puLen=0xd7e784) returned 1
[0318.882] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.882] VerQueryValueW (in: pBlock=0x2e526f8, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e52720, puLen=0xd7e794) returned 1
[0318.882] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x64
[0318.882] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", nBufferLength=0x64, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpFilePart=0x0) returned 0x63
[0318.882] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.882] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.xml\\v4.0_4.0.0.0__b77a5c561934e089\\system.xml.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x765ec96e, ftCreationTime.dwHighDateTime=0x1d32794, ftLastAccessTime.dwLowDateTime=0x765ec96e, ftLastAccessTime.dwHighDateTime=0x1d32794, ftLastWriteTime.dwLowDateTime=0x76612aa8, ftLastWriteTime.dwHighDateTime=0x1d32794, nFileSizeHigh=0x0, nFileSizeLow=0x28b098)) returned 1
[0318.883] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.883] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x7bc
[0318.883] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Xml\\v4.0_4.0.0.0__b77a5c561934e089\\System.Xml.dll", dwHandle=0x0, dwLen=0x7bc, lpData=0x2e54c50 | out: lpData=0x2e54c50) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e55028, puLen=0xd7e810) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54d08, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54d5c, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54d9c, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54e04, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54e48, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54ed0, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54f10, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54f68, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54f98, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e54fd4, puLen=0xd7e790) returned 1
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.884] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e55028, puLen=0xd7e784) returned 1
[0318.885] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.885] VerQueryValueW (in: pBlock=0x2e54c50, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e54c78, puLen=0xd7e794) returned 1
[0318.885] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x0, lpBuffer=0x0, lpFilePart=0x0 | out: lpBuffer=0x0, lpFilePart=0x0) returned 0x7e
[0318.885] GetFullPathNameW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", nBufferLength=0x7e, lpBuffer=0x119a500, lpFilePart=0x0 | out: lpBuffer="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpFilePart=0x0) returned 0x7d
[0318.885] SetThreadErrorMode (dwNewMode=0x1, lpOldMode=0xd7e750) returned 1
[0318.885] GetFileAttributesExW (in: lpFileName="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll" (normalized: "c:\\windows\\microsoft.net\\assembly\\gac_msil\\system.runtime.remoting\\v4.0_4.0.0.0__b77a5c561934e089\\system.runtime.remoting.dll"), fInfoLevelId=0x0, lpFileInformation=0xd7e7cc | out: lpFileInformation=0xd7e7cc*(dwFileAttributes=0x20, ftCreationTime.dwLowDateTime=0x918b5024, ftCreationTime.dwHighDateTime=0x1d2a02a, ftLastAccessTime.dwLowDateTime=0x918b5024, ftLastAccessTime.dwHighDateTime=0x1d2a02a, ftLastWriteTime.dwLowDateTime=0x918b5024, ftLastWriteTime.dwHighDateTime=0x1d2a02a, nFileSizeHigh=0x0, nFileSizeLow=0x54af0)) returned 1
[0318.885] SetThreadErrorMode (dwNewMode=0x0, lpOldMode=0xd7e74c) returned 1
[0318.886] GetFileVersionInfoSizeW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", lpdwHandle=0xd7e840 | out: lpdwHandle=0xd7e840) returned 0x86c
[0318.886] GetFileVersionInfoW (in: lptstrFilename="C:\\WINDOWS\\Microsoft.Net\\assembly\\GAC_MSIL\\System.Runtime.Remoting\\v4.0_4.0.0.0__b77a5c561934e089\\System.Runtime.Remoting.dll", dwHandle=0x0, dwLen=0x86c, lpData=0x2e57388 | out: lpData=0x2e57388) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e814, puLen=0xd7e810 | out: lplpBuffer=0xd7e814*=0x2e577b8, puLen=0xd7e810) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\CompanyName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57440, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileDescription", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57494, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\FileVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57504, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\InternalName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57564, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalCopyright", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e575c0, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\OriginalFilename", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57648, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductName", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e576a0, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\ProductVersion", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e576f8, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\Comments", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57728, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\LegalTrademarks", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\PrivateBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x2e57764, puLen=0xd7e790) returned 1
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\\\StringFileInfo\\\\040904B0\\\\SpecialBuild", lplpBuffer=0xd7e794, puLen=0xd7e790 | out: lplpBuffer=0xd7e794*=0x0, puLen=0xd7e790) returned 0
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\VarFileInfo\\Translation", lplpBuffer=0xd7e788, puLen=0xd7e784 | out: lplpBuffer=0xd7e788*=0x2e577b8, puLen=0xd7e784) returned 1
[0318.887] VerLanguageNameW (in: wLang=0x409, szLang=0xd7e518, cchLang=0x100 | out: szLang="English (United States)") returned 0x17
[0318.887] VerQueryValueW (in: pBlock=0x2e57388, lpSubBlock="\\", lplpBuffer=0xd7e798, puLen=0xd7e794 | out: lplpBuffer=0xd7e798*=0x2e573b0, puLen=0xd7e794) returned 1
[0318.887] GetCurrentActCtx (in: lphActCtx=0xd7e7c0 | out: lphActCtx=0xd7e7c0*=0x11b39e4) returned 1
[0318.888] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.888] GetCurrentActCtx (in: lphActCtx=0xd7e748 | out: lphActCtx=0xd7e748*=0x11b39e4) returned 1
[0318.888] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.888] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.888] CreateWindowExW (dwExStyle=0x10000, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="WindowsFormsParkingWindow", dwStyle=0x2010000, X=0, Y=0, nWidth=136, nHeight=39, hWndParent=0xfffffffd, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3a02dc
[0318.889] SetWindowLongW (hWnd=0x3a02dc, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0318.889] GetWindowLongW (hWnd=0x3a02dc, nIndex=-4) returned 1950089536
[0318.889] SetWindowLongW (hWnd=0x3a02dc, nIndex=-4, dwNewLong=19942110) returned 1950089536
[0318.889] GetWindowLongW (hWnd=0x3a02dc, nIndex=-4) returned 19942110
[0318.889] GetWindowLongW (hWnd=0x3a02dc, nIndex=-16) returned 113311744
[0318.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0x24, wParam=0x0, lParam=0xd7e174) returned 0x0
[0318.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0x81, wParam=0x0, lParam=0xd7e168) returned 0x1
[0318.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0x83, wParam=0x0, lParam=0xd7e154) returned 0x0
[0318.890] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0x1, wParam=0x0, lParam=0xd7e168) returned 0x0
[0318.890] GetClientRect (in: hWnd=0x3a02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0318.890] GetWindowRect (in: hWnd=0x3a02dc, lpRect=0xd7de34 | out: lpRect=0xd7de34) returned 1
[0318.891] SetWindowTextW (hWnd=0x3a02dc, lpString="WindowsFormsParkingWindow") returned 1
[0318.891] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0xc, wParam=0x0, lParam=0x2e1c938) returned 0x1
[0318.891] GetParent (hWnd=0x3a02dc) returned 0x0
[0318.891] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.891] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.STATIC.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x5600000d, X=0, Y=0, nWidth=100, nHeight=23, hWndParent=0x3a02dc, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3a02da
[0318.892] SetWindowLongW (hWnd=0x3a02da, nIndex=-4, dwNewLong=1868147648) returned 19925926
[0318.892] GetWindowLongW (hWnd=0x3a02da, nIndex=-4) returned 1868147648
[0318.892] SetWindowLongW (hWnd=0x3a02da, nIndex=-4, dwNewLong=19941750) returned 1868147648
[0318.892] GetWindowLongW (hWnd=0x3a02da, nIndex=-4) returned 19941750
[0318.892] GetWindowLongW (hWnd=0x3a02da, nIndex=-16) returned 1174405133
[0318.892] GetWindowLongW (hWnd=0x3a02da, nIndex=-12) returned 0
[0318.892] SetWindowLongW (hWnd=0x3a02da, nIndex=-12, dwNewLong=3801818) returned 0
[0318.892] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x81, wParam=0x0, lParam=0xd7e1e0) returned 0x1
[0318.893] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x83, wParam=0x0, lParam=0xd7e1cc) returned 0x0
[0318.893] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x1, wParam=0x0, lParam=0xd7e1e0) returned 0x0
[0318.893] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0318.893] GetWindowRect (in: hWnd=0x3a02da, lpRect=0xd7de8c | out: lpRect=0xd7de8c) returned 1
[0318.893] GetParent (hWnd=0x3a02da) returned 0x3a02dc
[0318.893] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02dc, lpPoints=0xd7de8c, cPoints=0x2 | out: lpPoints=0xd7de8c) returned -1966088
[0318.894] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0318.894] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0318.894] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0318.894] GetWindowRect (in: hWnd=0x3a02da, lpRect=0xd7dee4 | out: lpRect=0xd7dee4) returned 1
[0318.894] GetParent (hWnd=0x3a02da) returned 0x3a02dc
[0318.894] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02dc, lpPoints=0xd7dee4, cPoints=0x2 | out: lpPoints=0xd7dee4) returned -1966088
[0318.894] SendMessageW (hWnd=0x3a02da, Msg=0x2210, wParam=0x2da0001, lParam=0x3a02da) returned 0x0
[0318.894] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x2210, wParam=0x2da0001, lParam=0x3a02da) returned 0x0
[0318.894] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0318.895] GetParent (hWnd=0x3a02da) returned 0x3a02dc
[0318.895] GdipCreateFromHWND (hwnd=0x3a02da, graphics=0xd7e844) returned 0x0
[0318.895] GdipMeasureString (graphics=0x6600030, string="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", length=232, font=0x54eef48, layoutRect=0xd7e80c, stringFormat=0x0, boundingBox=0xd7e7fc, codepointsFitted=0xd7e7f8, linesFilled=0xd7e7f4) returned 0x0
[0318.895] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0318.895] GetForegroundWindow () returned 0x7005c
[0318.895] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.895] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.896] GetSystemMetrics (nIndex=42) returned 0
[0318.896] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0318.896] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0318.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.896] GetSystemMetrics (nIndex=42) returned 0
[0318.896] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e770, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.896] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e770) returned 0xd
[0318.896] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.896] GetCursorPos (in: lpPoint=0x2e5b80c | out: lpPoint=0x2e5b80c*(x=243, y=628)) returned 1
[0318.896] MonitorFromPoint (pt=0xf3, dwFlags=0x274) returned 0x10001
[0318.896] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e5f0 | out: lpmi=0xd7e5f0) returned 1
[0318.896] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8a0107f8
[0318.897] GetDeviceCaps (hdc=0x8a0107f8, index=12) returned 32
[0318.897] GetDeviceCaps (hdc=0x8a0107f8, index=14) returned 1
[0318.897] DeleteDC (hdc=0x8a0107f8) returned 1
[0318.897] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e640 | out: lpmi=0xd7e640) returned 1
[0318.897] AdjustWindowRectEx (in: lpRect=0xd7e7d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e7d8) returned 1
[0318.897] GetSystemMetrics (nIndex=59) returned 1460
[0318.897] GetSystemMetrics (nIndex=60) returned 920
[0318.897] GetSystemMetrics (nIndex=34) returned 136
[0318.897] GetSystemMetrics (nIndex=35) returned 39
[0318.897] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.897] GetCursorPos (in: lpPoint=0x2e5ba78 | out: lpPoint=0x2e5ba78*(x=243, y=628)) returned 1
[0318.897] MonitorFromPoint (pt=0xf3, dwFlags=0x274) returned 0x10001
[0318.897] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e4f4 | out: lpmi=0xd7e4f4) returned 1
[0318.897] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8b0107f8
[0318.898] GetDeviceCaps (hdc=0x8b0107f8, index=12) returned 32
[0318.898] GetDeviceCaps (hdc=0x8b0107f8, index=14) returned 1
[0318.898] DeleteDC (hdc=0x8b0107f8) returned 1
[0318.898] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e544 | out: lpmi=0xd7e544) returned 1
[0318.898] AdjustWindowRectEx (in: lpRect=0xd7e6d8, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e6d8) returned 1
[0318.898] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.898] AdjustWindowRectEx (in: lpRect=0xd7e7a4, dwStyle=0x56000000, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7a4) returned 1
[0318.898] GetIconInfo (in: hIcon=0x1002d, piconinfo=0x2e5bd10 | out: piconinfo=0x2e5bd10) returned 1
[0318.898] GetObjectW (in: h=0xd90507fc, c=24, pv=0x2e5bd2c | out: pv=0x2e5bd2c) returned 24
[0318.899] GdipCreateBitmapFromHBITMAP (hbm=0xd90507fc, hpal=0x0, bitmap=0xd7e730) returned 0x0
[0318.899] GdipGetImageWidth (image=0x6603778, width=0xd7e750) returned 0x0
[0318.899] GdipGetImageHeight (image=0x6603778, height=0xd7e748) returned 0x0
[0318.899] GdipGetImagePixelFormat (image=0x6603778, format=0xd7e740) returned 0x0
[0318.899] GdipBitmapLockBits (bitmap=0x6603778, rect=0xd7e704, flags=0x1, format=0x22009, lockedBitmapData=0x2e5bde4) returned 0x0
[0318.899] GdipCreateBitmapFromScan0 (width=32, height=32, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e740) returned 0x0
[0318.899] GdipBitmapLockBits (bitmap=0x664fe20, rect=0xd7e704, flags=0x2, format=0x26200a, lockedBitmapData=0x2e5be1c) returned 0x0
[0318.899] RtlMoveMemory (in: Destination=0x665cf38, Source=0x6662ee0, Length=0x80 | out: Destination=0x665cf38)
[0318.899] RtlMoveMemory (in: Destination=0x665cfb8, Source=0x6662e60, Length=0x80 | out: Destination=0x665cfb8)
[0318.899] RtlMoveMemory (in: Destination=0x665d038, Source=0x6662de0, Length=0x80 | out: Destination=0x665d038)
[0318.899] RtlMoveMemory (in: Destination=0x665d0b8, Source=0x6662d60, Length=0x80 | out: Destination=0x665d0b8)
[0318.899] RtlMoveMemory (in: Destination=0x665d138, Source=0x6662ce0, Length=0x80 | out: Destination=0x665d138)
[0318.899] RtlMoveMemory (in: Destination=0x665d1b8, Source=0x6662c60, Length=0x80 | out: Destination=0x665d1b8)
[0318.899] RtlMoveMemory (in: Destination=0x665d238, Source=0x6662be0, Length=0x80 | out: Destination=0x665d238)
[0318.899] RtlMoveMemory (in: Destination=0x665d2b8, Source=0x6662b60, Length=0x80 | out: Destination=0x665d2b8)
[0318.900] RtlMoveMemory (in: Destination=0x665d338, Source=0x6662ae0, Length=0x80 | out: Destination=0x665d338)
[0318.900] RtlMoveMemory (in: Destination=0x665d3b8, Source=0x6662a60, Length=0x80 | out: Destination=0x665d3b8)
[0318.900] RtlMoveMemory (in: Destination=0x665d438, Source=0x66629e0, Length=0x80 | out: Destination=0x665d438)
[0318.900] RtlMoveMemory (in: Destination=0x665d4b8, Source=0x6662960, Length=0x80 | out: Destination=0x665d4b8)
[0318.900] RtlMoveMemory (in: Destination=0x665d538, Source=0x66628e0, Length=0x80 | out: Destination=0x665d538)
[0318.900] RtlMoveMemory (in: Destination=0x665d5b8, Source=0x6662860, Length=0x80 | out: Destination=0x665d5b8)
[0318.900] RtlMoveMemory (in: Destination=0x665d638, Source=0x66627e0, Length=0x80 | out: Destination=0x665d638)
[0318.900] RtlMoveMemory (in: Destination=0x665d6b8, Source=0x6662760, Length=0x80 | out: Destination=0x665d6b8)
[0318.900] RtlMoveMemory (in: Destination=0x665d738, Source=0x66626e0, Length=0x80 | out: Destination=0x665d738)
[0318.900] RtlMoveMemory (in: Destination=0x665d7b8, Source=0x6662660, Length=0x80 | out: Destination=0x665d7b8)
[0318.900] RtlMoveMemory (in: Destination=0x665d838, Source=0x66625e0, Length=0x80 | out: Destination=0x665d838)
[0318.900] RtlMoveMemory (in: Destination=0x665d8b8, Source=0x6662560, Length=0x80 | out: Destination=0x665d8b8)
[0318.900] RtlMoveMemory (in: Destination=0x665d938, Source=0x66624e0, Length=0x80 | out: Destination=0x665d938)
[0318.900] RtlMoveMemory (in: Destination=0x665d9b8, Source=0x6662460, Length=0x80 | out: Destination=0x665d9b8)
[0318.900] RtlMoveMemory (in: Destination=0x665da38, Source=0x66623e0, Length=0x80 | out: Destination=0x665da38)
[0318.900] RtlMoveMemory (in: Destination=0x665dab8, Source=0x6662360, Length=0x80 | out: Destination=0x665dab8)
[0318.900] RtlMoveMemory (in: Destination=0x665db38, Source=0x66622e0, Length=0x80 | out: Destination=0x665db38)
[0318.900] RtlMoveMemory (in: Destination=0x665dbb8, Source=0x6662260, Length=0x80 | out: Destination=0x665dbb8)
[0318.900] RtlMoveMemory (in: Destination=0x665dc38, Source=0x66621e0, Length=0x80 | out: Destination=0x665dc38)
[0318.900] RtlMoveMemory (in: Destination=0x665dcb8, Source=0x6662160, Length=0x80 | out: Destination=0x665dcb8)
[0318.900] RtlMoveMemory (in: Destination=0x665dd38, Source=0x66620e0, Length=0x80 | out: Destination=0x665dd38)
[0318.900] RtlMoveMemory (in: Destination=0x665ddb8, Source=0x6662060, Length=0x80 | out: Destination=0x665ddb8)
[0318.900] RtlMoveMemory (in: Destination=0x665de38, Source=0x6661fe0, Length=0x80 | out: Destination=0x665de38)
[0318.900] RtlMoveMemory (in: Destination=0x665deb8, Source=0x6661f60, Length=0x80 | out: Destination=0x665deb8)
[0318.901] GdipBitmapUnlockBits (bitmap=0x6603778, lockedBitmapData=0x2e5bde4) returned 0x0
[0318.901] GdipBitmapUnlockBits (bitmap=0x664fe20, lockedBitmapData=0x2e5be1c) returned 0x0
[0318.901] GdipDisposeImage (image=0x6603778) returned 0x0
[0318.901] DeleteObject (ho=0xd90507fc) returned 1
[0318.901] DeleteObject (ho=0x8c0507f8) returned 1
[0318.901] GetCurrentThreadId () returned 0xf50
[0318.901] GetCurrentThreadId () returned 0xf50
[0318.901] SetWindowPos (hWnd=0x3a02da, hWndInsertAfter=0x0, X=64, Y=8, cx=354, cy=68, uFlags=0x14) returned 1
[0318.901] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x46, wParam=0x0, lParam=0xd7e724) returned 0x0
[0318.901] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x83, wParam=0x1, lParam=0xd7e6fc) returned 0x0
[0318.901] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x47, wParam=0x0, lParam=0xd7e724) returned 0x0
[0318.901] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0318.901] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0318.902] GetWindowRect (in: hWnd=0x3a02da, lpRect=0xd7dcb4 | out: lpRect=0xd7dcb4) returned 1
[0318.902] GetParent (hWnd=0x3a02da) returned 0x3a02dc
[0318.902] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02dc, lpPoints=0xd7dcb4, cPoints=0x2 | out: lpPoints=0xd7dcb4) returned -1966088
[0318.902] InvalidateRect (hWnd=0x3a02da, lpRect=0x0, bErase=1) returned 1
[0318.902] GetWindowTextLengthW (hWnd=0x3a02da) returned 0
[0318.902] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0318.902] GetSystemMetrics (nIndex=42) returned 0
[0318.902] GetWindowTextW (in: hWnd=0x3a02da, lpString=0xd7db44, nMaxCount=1 | out: lpString="") returned 0
[0318.902] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xd, wParam=0x1, lParam=0xd7db44) returned 0x0
[0318.902] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x5, wParam=0x0, lParam=0x440162) returned 0x0
[0318.902] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0318.902] GetWindowRect (in: hWnd=0x3a02da, lpRect=0xd7e3e4 | out: lpRect=0xd7e3e4) returned 1
[0318.902] GetParent (hWnd=0x3a02da) returned 0x3a02dc
[0318.902] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02dc, lpPoints=0xd7e3e4, cPoints=0x2 | out: lpPoints=0xd7e3e4) returned -1966088
[0318.902] GetWindowTextLengthW (hWnd=0x3a02da) returned 0
[0318.902] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0318.902] GetSystemMetrics (nIndex=42) returned 0
[0318.902] GetWindowTextW (in: hWnd=0x3a02da, lpString=0xd7e77c, nMaxCount=1 | out: lpString="") returned 0
[0318.902] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xd, wParam=0x1, lParam=0xd7e77c) returned 0x0
[0318.902] GetWindowTextLengthW (hWnd=0x3a02da) returned 0
[0318.902] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0318.902] GetSystemMetrics (nIndex=42) returned 0
[0318.903] GetWindowTextW (in: hWnd=0x3a02da, lpString=0xd7e778, nMaxCount=1 | out: lpString="") returned 0
[0318.903] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xd, wParam=0x1, lParam=0xd7e778) returned 0x0
[0318.903] SetWindowTextW (hWnd=0x3a02da, lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 1
[0318.903] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xc, wParam=0x0, lParam=0x2e3cc78) returned 0x1
[0318.903] InvalidateRect (hWnd=0x3a02da, lpRect=0x0, bErase=1) returned 1
[0318.903] GetCurrentThreadId () returned 0xf50
[0318.903] GetWindowThreadProcessId (in: hWnd=0x3a02da, lpdwProcessId=0xd7e804 | out: lpdwProcessId=0xd7e804) returned 0xf50
[0318.905] GdipCreateBitmapFromStream (stream=0x509ff90, bitmap=0xd7e840) returned 0x0
[0318.906] GdipImageForceValidation (image=0x66511d0) returned 0x0
[0318.908] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0318.908] GdipGetImageHeight (image=0x66511d0, height=0xd7e824) returned 0x0
[0318.908] GdipGetImageWidth (image=0x66511d0, width=0xd7e824) returned 0x0
[0318.908] GdipGetImageWidth (image=0x66511d0, width=0xd7e810) returned 0x0
[0318.908] GdipGetImageHeight (image=0x66511d0, height=0xd7e810) returned 0x0
[0318.908] GdipGetImageWidth (image=0x66511d0, width=0xd7e800) returned 0x0
[0318.908] GdipGetImageHeight (image=0x66511d0, height=0xd7e800) returned 0x0
[0318.908] GdipBitmapGetPixel (bitmap=0x66511d0, x=0, y=15, color=0xd7e810) returned 0x0
[0318.908] GdipGetImageRawFormat (image=0x66511d0, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0318.908] GdipGetImageWidth (image=0x66511d0, width=0xd7e740) returned 0x0
[0318.908] GdipGetImageHeight (image=0x66511d0, height=0xd7e740) returned 0x0
[0318.908] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0318.908] GdipGetImagePixelFormat (image=0x6652238, format=0xd7e740) returned 0x0
[0318.908] GdipGetImageGraphicsContext (image=0x6652238, graphics=0xd7e74c) returned 0x0
[0318.908] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0318.908] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0318.908] GdipSetImageAttributesColorKeys (imageattr=0x6638b18, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0318.908] GdipDrawImageRectRectI (graphics=0x6600030, image=0x66511d0, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638b18, callback=0x0, callbackData=0x0) returned 0x0
[0318.909] GdipDisposeImageAttributes (imageattr=0x6638b18) returned 0x0
[0318.909] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0318.909] GdipDisposeImage (image=0x66511d0) returned 0x0
[0318.909] GdipCreateBitmapFromStream (stream=0x509ff70, bitmap=0xd7e840) returned 0x0
[0318.910] GdipImageForceValidation (image=0x664f100) returned 0x0
[0318.911] GdipGetImageRawFormat (image=0x664f100, format=0xd7e7b4*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0318.911] GdipGetImageHeight (image=0x664f100, height=0xd7e824) returned 0x0
[0318.911] GdipGetImageWidth (image=0x664f100, width=0xd7e824) returned 0x0
[0318.911] GdipGetImageWidth (image=0x664f100, width=0xd7e810) returned 0x0
[0318.911] GdipGetImageHeight (image=0x664f100, height=0xd7e810) returned 0x0
[0318.911] GdipGetImageWidth (image=0x664f100, width=0xd7e800) returned 0x0
[0318.911] GdipGetImageHeight (image=0x664f100, height=0xd7e800) returned 0x0
[0318.911] GdipBitmapGetPixel (bitmap=0x664f100, x=0, y=15, color=0xd7e810) returned 0x0
[0318.911] GdipGetImageRawFormat (image=0x664f100, format=0xd7e740*(Data1=0x0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0))) returned 0x0
[0318.911] GdipGetImageWidth (image=0x664f100, width=0xd7e740) returned 0x0
[0318.911] GdipGetImageHeight (image=0x664f100, height=0xd7e740) returned 0x0
[0318.911] GdipCreateBitmapFromScan0 (width=16, height=16, stride=0, format=0x26200a, scan0=0x0, bitmap=0xd7e744) returned 0x0
[0318.912] GdipGetImagePixelFormat (image=0x6650b40, format=0xd7e740) returned 0x0
[0318.912] GdipGetImageGraphicsContext (image=0x6650b40, graphics=0xd7e74c) returned 0x0
[0318.912] GdipGraphicsClear (graphics=0x6600030, color=0xffffff) returned 0x0
[0318.912] GdipCreateImageAttributes (imageattr=0xd7e750) returned 0x0
[0318.912] GdipSetImageAttributesColorKeys (imageattr=0x6638d58, type=0x0, enableFlag=1, colorLow=0xffc0c0c0, colorHigh=0xffc0c0c0) returned 0x0
[0318.912] GdipDrawImageRectRectI (graphics=0x6600030, image=0x664f100, dstx=0, dsty=0, dstwidth=16, dstheight=16, srcx=0, srcy=0, srcwidth=16, srcheight=16, srcUnit=0x2, imageAttributes=0x6638d58, callback=0x0, callbackData=0x0) returned 0x0
[0318.912] GdipDisposeImageAttributes (imageattr=0x6638d58) returned 0x0
[0318.912] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0318.912] GdipDisposeImage (image=0x664f100) returned 0x0
[0318.912] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.913] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0318.913] GetCurrentThreadId () returned 0xf50
[0318.913] GetCurrentThreadId () returned 0xf50
[0318.913] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.913] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0318.913] GetCurrentThreadId () returned 0xf50
[0318.913] GetCurrentThreadId () returned 0xf50
[0318.913] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.913] AdjustWindowRectEx (in: lpRect=0xd7e7bc, dwStyle=0x5601000b, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e7bc) returned 1
[0318.913] GetCurrentThreadId () returned 0xf50
[0318.913] GetCurrentThreadId () returned 0xf50
[0318.913] GetSystemMetrics (nIndex=5) returned 1
[0318.913] GetSystemMetrics (nIndex=6) returned 1
[0318.914] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.914] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0318.914] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.914] AdjustWindowRectEx (in: lpRect=0xd7e710, dwStyle=0x56210044, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e710) returned 1
[0318.914] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.914] AdjustWindowRectEx (in: lpRect=0xd7e790, dwStyle=0x563008c4, bMenu=0, dwExStyle=0x200 | out: lpRect=0xd7e790) returned 1
[0318.914] GetCurrentThreadId () returned 0xf50
[0318.914] GetCurrentThreadId () returned 0xf50
[0318.914] GetProcessWindowStation () returned 0x13c
[0318.914] GetCapture () returned 0x0
[0318.914] GetActiveWindow () returned 0x7005c
[0318.914] GetCurrentActCtx (in: lphActCtx=0xd7e804 | out: lphActCtx=0xd7e804*=0x11b39e4) returned 1
[0318.915] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.915] AdjustWindowRectEx (in: lpRect=0xd7e764, dwStyle=0x2c80000, bMenu=0, dwExStyle=0x50001 | out: lpRect=0xd7e764) returned 1
[0318.915] GetCursorPos (in: lpPoint=0x2e5cf5c | out: lpPoint=0x2e5cf5c*(x=243, y=628)) returned 1
[0318.915] MonitorFromPoint (pt=0xf3, dwFlags=0x274) returned 0x10001
[0318.915] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e648 | out: lpmi=0xd7e648) returned 1
[0318.915] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x8d0107f8
[0318.915] GetDeviceCaps (hdc=0x8d0107f8, index=12) returned 32
[0318.915] GetDeviceCaps (hdc=0x8d0107f8, index=14) returned 1
[0318.915] DeleteDC (hdc=0x8d0107f8) returned 1
[0318.915] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e698 | out: lpmi=0xd7e698) returned 1
[0318.916] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.916] CreateWindowExW (dwExStyle=0x50001, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName="BB ransomware", dwStyle=0x2c80000, X=493, Y=348, nWidth=454, nHeight=164, hWndParent=0x0, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3a02de
[0318.916] SetWindowLongW (hWnd=0x3a02de, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0318.916] GetWindowLongW (hWnd=0x3a02de, nIndex=-4) returned 1950089536
[0318.917] SetWindowLongW (hWnd=0x3a02de, nIndex=-4, dwNewLong=19942190) returned 1950089536
[0318.917] GetWindowLongW (hWnd=0x3a02de, nIndex=-4) returned 19942190
[0318.917] GetWindowLongW (hWnd=0x3a02de, nIndex=-16) returned 113770496
[0318.917] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x81, wParam=0x0, lParam=0xd7e228) returned 0x1
[0318.918] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x83, wParam=0x0, lParam=0xd7e214) returned 0x0
[0318.919] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x1, wParam=0x0, lParam=0xd7e228) returned 0x0
[0318.919] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0318.919] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7dee0 | out: lpRect=0xd7dee0) returned 1
[0318.919] SetWindowTextW (hWnd=0x3a02de, lpString="BB ransomware") returned 1
[0318.919] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xc, wParam=0x0, lParam=0x2e5b6f8) returned 0x1
[0318.920] GetStartupInfoW (in: lpStartupInfo=0x2e5d298 | out: lpStartupInfo=0x2e5d298*(cb=0x44, lpReserved="", lpDesktop="WinSta0\\Default", lpTitle="C:\\Users\\FD1HVy\\Desktop\\BB ransomware.exe", dwX=0x0, dwY=0x0, dwXSize=0x0, dwYSize=0x0, dwXCountChars=0x0, dwYCountChars=0x0, dwFillAttribute=0x0, dwFlags=0x401, wShowWindow=0x1, cbReserved2=0x0, lpReserved2=0x0, hStdInput=0x0, hStdOutput=0x10001, hStdError=0x0))
[0318.921] GetParent (hWnd=0x3a02de) returned 0x0
[0318.921] SetWindowLongW (hWnd=0x3a02de, nIndex=-8, dwNewLong=0) returned 0
[0318.921] SendMessageW (hWnd=0x3a02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0318.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x80, wParam=0x0, lParam=0x0) returned 0x0
[0318.922] SendMessageW (hWnd=0x3a02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0318.922] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x80, wParam=0x1, lParam=0x0) returned 0x0
[0318.922] GetSystemMenu (hWnd=0x3a02de, bRevert=0) returned 0xa1013b
[0318.922] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e814 | out: lpwndpl=0xd7e814) returned 1
[0318.922] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf020, uEnable=0x1) returned 0
[0318.922] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf030, uEnable=0x1) returned 0
[0318.922] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0318.922] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf120, uEnable=0x1) returned 0
[0318.922] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf000, uEnable=0x1) returned 0
[0318.923] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e858 | out: lpRect=0xd7e858) returned 1
[0318.923] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0318.923] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7e7b8 | out: lpRect=0xd7e7b8) returned 1
[0318.923] SetWindowPos (hWnd=0x3a02de, hWndInsertAfter=0xffffffff, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0318.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0318.923] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x0, lParam=0x3a02de) returned 0x1
[0318.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x46, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0318.925] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x86, wParam=0x1, lParam=0x7005c) returned 0x1
[0318.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0318.926] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0318.927] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0318.928] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x8, wParam=0x3a02de, lParam=0x0) returned 0x0
[0318.928] GetCapture () returned 0x0
[0318.928] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0318.929] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0318.930] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0318.931] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0318.931] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0318.931] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0318.931] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0318.932] GetParent (hWnd=0x3a02de) returned 0x0
[0318.932] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0318.932] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7, wParam=0x602c4, lParam=0x0) returned 0x0
[0318.934] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e500 | out: lpwndpl=0xd7e500) returned 1
[0318.934] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x47, wParam=0x0, lParam=0xd7e7d4) returned 0x0
[0318.934] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0318.938] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7e4b0 | out: lpRect=0xd7e4b0) returned 1
[0318.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0318.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0318.939] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0318.940] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.940] GetWindowLongW (hWnd=0x3a02de, nIndex=-16) returned 113770496
[0318.940] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0318.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.940] GetSystemMetrics (nIndex=42) returned 0
[0318.940] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0318.940] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0318.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0318.940] GetSystemMetrics (nIndex=42) returned 0
[0318.940] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7e74c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0318.940] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7e74c) returned 0xd
[0318.940] GetCursorPos (in: lpPoint=0x2e5d4d4 | out: lpPoint=0x2e5d4d4*(x=243, y=628)) returned 1
[0318.940] MonitorFromPoint (pt=0xf1, dwFlags=0x275) returned 0x10001
[0318.940] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e688 | out: lpmi=0xd7e688) returned 1
[0318.940] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x37010173
[0318.941] GetDeviceCaps (hdc=0x37010173, index=12) returned 32
[0318.941] GetDeviceCaps (hdc=0x37010173, index=14) returned 1
[0318.941] DeleteDC (hdc=0x37010173) returned 1
[0318.941] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e6d8 | out: lpmi=0xd7e6d8) returned 1
[0318.941] GetWindowLongW (hWnd=0x3a02de, nIndex=-16) returned 113770496
[0318.941] GetWindowLongW (hWnd=0x3a02de, nIndex=-20) returned 327945
[0318.941] SetWindowLongW (hWnd=0x3a02de, nIndex=-16, dwNewLong=46661632) returned 113770496
[0318.941] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7c, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0318.941] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7d, wParam=0xfffffff0, lParam=0xd7e7b4) returned 0x0
[0318.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0318.942] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0318.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0318.943] SetWindowLongW (hWnd=0x3a02de, nIndex=-20, dwNewLong=327681) returned 327945
[0318.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7c, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0318.943] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7d, wParam=0xffffffec, lParam=0xd7e7b4) returned 0x0
[0318.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0318.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0318.944] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0318.945] SetWindowPos (hWnd=0x3a02de, hWndInsertAfter=0x0, X=0, Y=0, cx=0, cy=0, uFlags=0x37) returned 1
[0318.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x46, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0318.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x83, wParam=0x1, lParam=0xd7e7a4) returned 0x0
[0318.945] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e4f8 | out: lpwndpl=0xd7e4f8) returned 1
[0318.945] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x47, wParam=0x0, lParam=0xd7e7cc) returned 0x0
[0318.945] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0318.945] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7e4a8 | out: lpRect=0xd7e4a8) returned 1
[0318.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0318.946] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0318.947] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0318.947] RedrawWindow (hWnd=0x3a02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0318.947] GetSystemMenu (hWnd=0x3a02de, bRevert=0) returned 0xa1013b
[0318.947] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e804 | out: lpwndpl=0xd7e804) returned 1
[0318.947] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf020, uEnable=0x1) returned 1
[0318.947] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf030, uEnable=0x1) returned 1
[0318.947] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf060, uEnable=0x0) returned 0
[0318.947] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf120, uEnable=0x1) returned 1
[0318.947] EnableMenuItem (hMenu=0xa1013b, uIDEnableItem=0xf000, uEnable=0x1) returned 1
[0318.947] GetWindowLongW (hWnd=0x7005c, nIndex=-8) returned 0
[0318.947] GetWindowLongW (hWnd=0x3a02de, nIndex=-8) returned 0
[0318.947] SetWindowLongW (hWnd=0x3a02de, nIndex=-8, dwNewLong=458844) returned 0
[0318.948] GetCurrentActCtx (in: lphActCtx=0xd7e884 | out: lphActCtx=0xd7e884*=0x11b39e4) returned 1
[0318.948] GetProcessWindowStation () returned 0x13c
[0318.948] GetCurrentThreadId () returned 0xf50
[0318.949] EnumThreadWindows (dwThreadId=0xf50, lpfn=0x1304bce, lParam=0x0) returned 1
[0318.949] IsWindowVisible (hWnd=0x3a02de) returned 0
[0318.949] IsWindowVisible (hWnd=0x7005c) returned 1
[0318.949] IsWindowEnabled (hWnd=0x7005c) returned 1
[0318.949] IsWindowVisible (hWnd=0x300ec) returned 0
[0318.949] IsWindowVisible (hWnd=0x502c6) returned 0
[0318.949] IsWindowVisible (hWnd=0x502be) returned 0
[0318.949] GetActiveWindow () returned 0x3a02de
[0318.949] GetFocus () returned 0x3a02de
[0318.949] IsWindow (hWnd=0x7005c) returned 1
[0318.949] EnableWindow (hWnd=0x7005c, bEnable=0) returned 0
[0318.949] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x1f, wParam=0x0, lParam=0x0) returned 0x0
[0318.950] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x0, lParam=0x0) returned 0x0
[0318.950] GetWindowLongW (hWnd=0x3a02de, nIndex=-8) returned 458844
[0318.950] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7bc | out: lpdwProcessId=0xd7e7bc) returned 0xf50
[0318.950] GetCurrentThreadId () returned 0xf50
[0318.950] GetWindowLongW (hWnd=0x3a02de, nIndex=-8) returned 458844
[0318.950] IsWindowEnabled (hWnd=0x7005c) returned 0
[0318.950] IsWindowEnabled (hWnd=0x3a02de) returned 1
[0318.950] ShowWindow (hWnd=0x3a02de, nCmdShow=5) returned 0
[0318.957] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0318.957] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0318.957] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.958] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.958] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.Window.8.app.0.141b42a_r9_ad1", lpWindowName=0x0, dwStyle=0x56000000, X=0, Y=0, nWidth=64, nHeight=64, hWndParent=0x3a02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3002ce
[0318.959] SetWindowLongW (hWnd=0x3002ce, nIndex=-4, dwNewLong=1950089536) returned 19924454
[0318.959] GetWindowLongW (hWnd=0x3002ce, nIndex=-4) returned 1950089536
[0318.959] SetWindowLongW (hWnd=0x3002ce, nIndex=-4, dwNewLong=19942150) returned 1950089536
[0318.959] GetWindowLongW (hWnd=0x3002ce, nIndex=-4) returned 19942150
[0318.959] GetWindowLongW (hWnd=0x3002ce, nIndex=-16) returned 1174405120
[0318.959] GetWindowLongW (hWnd=0x3002ce, nIndex=-12) returned 0
[0318.959] SetWindowLongW (hWnd=0x3002ce, nIndex=-12, dwNewLong=3146446) returned 0
[0318.959] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0318.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0318.960] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0318.960] GetWindow (hWnd=0x3002ce, uCmd=0x3) returned 0x0
[0318.960] GetClientRect (in: hWnd=0x3002ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0318.960] GetWindowRect (in: hWnd=0x3002ce, lpRect=0xd7da00 | out: lpRect=0xd7da00) returned 1
[0318.960] GetParent (hWnd=0x3002ce) returned 0x3a02de
[0318.960] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7da00, cPoints=0x2 | out: lpPoints=0xd7da00) returned -24773109
[0318.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x5, wParam=0x0, lParam=0x400040) returned 0x0
[0318.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x3, wParam=0x0, lParam=0x0) returned 0x0
[0318.961] GetClientRect (in: hWnd=0x3002ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0318.961] GetWindowRect (in: hWnd=0x3002ce, lpRect=0xd7da58 | out: lpRect=0xd7da58) returned 1
[0318.961] GetParent (hWnd=0x3002ce) returned 0x3a02de
[0318.961] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7da58, cPoints=0x2 | out: lpPoints=0xd7da58) returned -24773109
[0318.961] SendMessageW (hWnd=0x3002ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x3002ce) returned 0x0
[0318.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x2210, wParam=0x2ce0001, lParam=0x3002ce) returned 0x0
[0318.961] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0318.961] GetParent (hWnd=0x3002ce) returned 0x3a02de
[0318.961] GetParent (hWnd=0x3a02da) returned 0x3a02dc
[0318.961] SetParent (hWndChild=0x3a02da, hWndNewParent=0x3a02de) returned 0x3a02dc
[0318.961] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0318.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x46, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0318.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0318.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x47, wParam=0x0, lParam=0xd7e2cc) returned 0x0
[0318.962] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x3, wParam=0x0, lParam=0x80040) returned 0x0
[0318.962] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0318.962] GetWindowRect (in: hWnd=0x3a02da, lpRect=0xd7d85c | out: lpRect=0xd7d85c) returned 1
[0318.962] GetParent (hWnd=0x3a02da) returned 0x3a02de
[0318.962] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7d85c, cPoints=0x2 | out: lpPoints=0xd7d85c) returned -24773109
[0318.962] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0318.962] GetWindowRect (in: hWnd=0x3a02da, lpRect=0xd7df8c | out: lpRect=0xd7df8c) returned 1
[0318.962] GetParent (hWnd=0x3a02da) returned 0x3a02de
[0318.962] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7df8c, cPoints=0x2 | out: lpPoints=0xd7df8c) returned -24773109
[0318.962] GetParent (hWnd=0x3a02da) returned 0x3a02de
[0318.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0318.963] GetWindow (hWnd=0x3a02da, uCmd=0x3) returned 0x0
[0318.963] SetWindowPos (hWnd=0x3a02da, hWndInsertAfter=0x3002ce, X=0, Y=0, cx=0, cy=0, uFlags=0x3) returned 1
[0318.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x46, wParam=0x0, lParam=0xd7e284) returned 0x0
[0318.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x22, wParam=0x0, lParam=0x0) returned 0x0
[0318.963] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x47, wParam=0x0, lParam=0xd7e284) returned 0x0
[0318.963] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0318.963] GetWindowRect (in: hWnd=0x3a02da, lpRect=0xd7df44 | out: lpRect=0xd7df44) returned 1
[0318.963] GetParent (hWnd=0x3a02da) returned 0x3a02de
[0318.963] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7df44, cPoints=0x2 | out: lpPoints=0xd7df44) returned -24773109
[0318.963] GetParent (hWnd=0x3a02da) returned 0x3a02de
[0318.964] GetWindow (hWnd=0x3a02da, uCmd=0x3) returned 0x3002ce
[0318.964] GetWindowThreadProcessId (in: hWnd=0x3a02da, lpdwProcessId=0xd7e358 | out: lpdwProcessId=0xd7e358) returned 0xf50
[0318.964] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0318.964] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.964] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.964] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Details", dwStyle=0x5601000b, X=8, Y=94, nWidth=100, nHeight=23, hWndParent=0x3a02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3c02d8
[0318.965] SetWindowLongW (hWnd=0x3c02d8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0318.965] GetWindowLongW (hWnd=0x3c02d8, nIndex=-4) returned 1868032000
[0318.965] SetWindowLongW (hWnd=0x3c02d8, nIndex=-4, dwNewLong=19942230) returned 1868032000
[0318.965] GetWindowLongW (hWnd=0x3c02d8, nIndex=-4) returned 19942230
[0318.965] GetWindowLongW (hWnd=0x3c02d8, nIndex=-16) returned 1174470667
[0318.965] GetWindowLongW (hWnd=0x3c02d8, nIndex=-12) returned 0
[0318.965] SetWindowLongW (hWnd=0x3c02d8, nIndex=-12, dwNewLong=3932888) returned 0
[0318.965] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0318.967] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0318.967] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0318.968] SendMessageW (hWnd=0x3c02d8, Msg=0x2055, wParam=0x3c02d8, lParam=0x3) returned 0x2
[0318.968] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x0
[0318.968] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0318.968] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0318.968] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0318.968] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0318.968] RedrawWindow (hWnd=0x3002ce, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0318.969] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0318.969] RedrawWindow (hWnd=0x3a02da, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0318.969] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x128, wParam=0x30001, lParam=0x0) returned 0x0
[0318.969] RedrawWindow (hWnd=0x3c02d8, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0318.969] RedrawWindow (hWnd=0x3a02de, lprcUpdate=0x0, hrgnUpdate=0x0, flags=0x85) returned 1
[0318.969] GetWindow (hWnd=0x3c02d8, uCmd=0x3) returned 0x3a02da
[0318.969] GetClientRect (in: hWnd=0x3c02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0318.969] GetWindowRect (in: hWnd=0x3c02d8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0318.969] GetParent (hWnd=0x3c02d8) returned 0x3a02de
[0318.969] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0318.969] SetWindowTextW (hWnd=0x3c02d8, lpString="&Details") returned 1
[0318.969] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0xc, wParam=0x0, lParam=0x2c2ef5c) returned 0x1
[0318.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0318.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x3, wParam=0x0, lParam=0x5e0008) returned 0x0
[0318.970] GetClientRect (in: hWnd=0x3c02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0318.970] GetWindowRect (in: hWnd=0x3c02d8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0318.970] GetParent (hWnd=0x3c02d8) returned 0x3a02de
[0318.970] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0318.970] SendMessageW (hWnd=0x3c02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3c02d8) returned 0x0
[0318.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x2210, wParam=0x2d80001, lParam=0x3c02d8) returned 0x0
[0318.970] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0318.970] GetParent (hWnd=0x3c02d8) returned 0x3a02de
[0318.970] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0318.971] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.971] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.971] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Continue", dwStyle=0x5601000b, X=225, Y=94, nWidth=100, nHeight=23, hWndParent=0x3a02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3402c8
[0318.971] SetWindowLongW (hWnd=0x3402c8, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0318.972] GetWindowLongW (hWnd=0x3402c8, nIndex=-4) returned 1868032000
[0318.972] SetWindowLongW (hWnd=0x3402c8, nIndex=-4, dwNewLong=19942270) returned 1868032000
[0318.972] GetWindowLongW (hWnd=0x3402c8, nIndex=-4) returned 19942270
[0318.972] GetWindowLongW (hWnd=0x3402c8, nIndex=-16) returned 1174470667
[0318.972] GetWindowLongW (hWnd=0x3402c8, nIndex=-12) returned 0
[0318.972] SetWindowLongW (hWnd=0x3402c8, nIndex=-12, dwNewLong=3408584) returned 0
[0318.972] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0318.972] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0318.973] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0318.973] SendMessageW (hWnd=0x3402c8, Msg=0x2055, wParam=0x3402c8, lParam=0x3) returned 0x2
[0318.974] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0318.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0318.974] GetWindow (hWnd=0x3402c8, uCmd=0x3) returned 0x3c02d8
[0318.974] GetClientRect (in: hWnd=0x3402c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0318.974] GetWindowRect (in: hWnd=0x3402c8, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0318.974] GetParent (hWnd=0x3402c8) returned 0x3a02de
[0318.974] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0318.974] SetWindowTextW (hWnd=0x3402c8, lpString="&Continue") returned 1
[0318.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0xc, wParam=0x0, lParam=0x2c2ef00) returned 0x1
[0318.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0318.974] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x3, wParam=0x0, lParam=0x5e00e1) returned 0x0
[0318.975] GetClientRect (in: hWnd=0x3402c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0318.975] GetWindowRect (in: hWnd=0x3402c8, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0318.975] GetParent (hWnd=0x3402c8) returned 0x3a02de
[0318.975] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0318.975] SendMessageW (hWnd=0x3402c8, Msg=0x2210, wParam=0x2c80001, lParam=0x3402c8) returned 0x0
[0318.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x2210, wParam=0x2c80001, lParam=0x3402c8) returned 0x0
[0318.975] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0318.975] GetParent (hWnd=0x3402c8) returned 0x3a02de
[0318.975] GetCurrentActCtx (in: lphActCtx=0xd7e2f4 | out: lphActCtx=0xd7e2f4*=0x11b39e4) returned 1
[0318.975] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.976] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.976] CreateWindowExW (dwExStyle=0x0, lpClassName="WindowsForms10.BUTTON.app.0.141b42a_r9_ad1", lpWindowName="&Quit", dwStyle=0x5601000b, X=330, Y=94, nWidth=100, nHeight=23, hWndParent=0x3a02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x3d00ea
[0318.976] SetWindowLongW (hWnd=0x3d00ea, nIndex=-4, dwNewLong=1868032000) returned 19925806
[0318.976] GetWindowLongW (hWnd=0x3d00ea, nIndex=-4) returned 1868032000
[0318.976] SetWindowLongW (hWnd=0x3d00ea, nIndex=-4, dwNewLong=19941670) returned 1868032000
[0318.977] GetWindowLongW (hWnd=0x3d00ea, nIndex=-4) returned 19941670
[0318.977] GetWindowLongW (hWnd=0x3d00ea, nIndex=-16) returned 1174470667
[0318.977] GetWindowLongW (hWnd=0x3d00ea, nIndex=-12) returned 0
[0318.977] SetWindowLongW (hWnd=0x3d00ea, nIndex=-12, dwNewLong=3997930) returned 0
[0318.977] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x81, wParam=0x0, lParam=0xd7dd18) returned 0x1
[0318.977] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x83, wParam=0x0, lParam=0xd7dd04) returned 0x0
[0318.978] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x1, wParam=0x0, lParam=0xd7dd18) returned 0x0
[0318.978] SendMessageW (hWnd=0x3d00ea, Msg=0x2055, wParam=0x3d00ea, lParam=0x3) returned 0x2
[0318.978] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x129, wParam=0x0, lParam=0x0) returned 0x3
[0318.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x127, wParam=0x3, lParam=0x0) returned 0x0
[0318.979] GetWindow (hWnd=0x3d00ea, uCmd=0x3) returned 0x3402c8
[0318.979] GetClientRect (in: hWnd=0x3d00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0318.979] GetWindowRect (in: hWnd=0x3d00ea, lpRect=0xd7d9b8 | out: lpRect=0xd7d9b8) returned 1
[0318.979] GetParent (hWnd=0x3d00ea) returned 0x3a02de
[0318.979] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7d9b8, cPoints=0x2 | out: lpPoints=0xd7d9b8) returned -24773109
[0318.979] SetWindowTextW (hWnd=0x3d00ea, lpString="&Quit") returned 1
[0318.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0xc, wParam=0x0, lParam=0x2c2ef20) returned 0x1
[0318.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x5, wParam=0x0, lParam=0x170064) returned 0x0
[0318.979] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x3, wParam=0x0, lParam=0x5e014a) returned 0x0
[0318.979] GetClientRect (in: hWnd=0x3d00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0318.979] GetWindowRect (in: hWnd=0x3d00ea, lpRect=0xd7da10 | out: lpRect=0xd7da10) returned 1
[0318.979] GetParent (hWnd=0x3d00ea) returned 0x3a02de
[0318.979] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7da10, cPoints=0x2 | out: lpPoints=0xd7da10) returned -24773109
[0318.980] SendMessageW (hWnd=0x3d00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3d00ea) returned 0x0
[0318.980] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x2210, wParam=0xea0001, lParam=0x3d00ea) returned 0x0
[0318.980] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0318.980] GetParent (hWnd=0x3d00ea) returned 0x3a02de
[0318.980] GetCurrentActCtx (in: lphActCtx=0xd7e2d0 | out: lphActCtx=0xd7e2d0*=0x11b39e4) returned 1
[0318.980] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0318.980] GetModuleHandleW (lpModuleName=0x0) returned 0x9c0000
[0318.981] CreateWindowExW (dwExStyle=0x200, lpClassName="WindowsForms10.EDIT.app.0.141b42a_r9_ad1", lpWindowName="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n", dwStyle=0x563008c4, X=8, Y=125, nWidth=422, nHeight=154, hWndParent=0x3a02de, hMenu=0x0, hInstance=0x9c0000, lpParam=0x0) returned 0x2f02d0
[0318.981] SetWindowLongW (hWnd=0x2f02d0, nIndex=-4, dwNewLong=1868026976) returned 19926046
[0318.981] GetWindowLongW (hWnd=0x2f02d0, nIndex=-4) returned 1868026976
[0318.981] SetWindowLongW (hWnd=0x2f02d0, nIndex=-4, dwNewLong=19941710) returned 1868026976
[0318.982] GetWindowLongW (hWnd=0x2f02d0, nIndex=-4) returned 19941710
[0318.982] GetWindowLongW (hWnd=0x2f02d0, nIndex=-16) returned 1177553092
[0318.982] GetWindowLongW (hWnd=0x2f02d0, nIndex=-12) returned 0
[0318.982] SetWindowLongW (hWnd=0x2f02d0, nIndex=-12, dwNewLong=3080912) returned 0
[0318.982] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x81, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0318.983] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x83, wParam=0x0, lParam=0xd7dcdc) returned 0x0
[0318.983] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x1, wParam=0x0, lParam=0xd7dcf0) returned 0x1
[0319.000] GetWindow (hWnd=0x2f02d0, uCmd=0x3) returned 0x3d00ea
[0319.000] GetClientRect (in: hWnd=0x2f02d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0319.000] GetWindowRect (in: hWnd=0x2f02d0, lpRect=0xd7d9b0 | out: lpRect=0xd7d9b0) returned 1
[0319.000] GetParent (hWnd=0x2f02d0) returned 0x3a02de
[0319.000] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7d9b0, cPoints=0x2 | out: lpPoints=0xd7d9b0) returned -24773109
[0319.000] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.000] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.000] GetSystemMetrics (nIndex=42) returned 0
[0319.000] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7d848, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.000] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7d848) returned 0xd
[0319.001] SendMessageW (hWnd=0x2f02d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0319.001] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x30, wParam=0x230a0786, lParam=0x0) returned 0x1
[0319.005] SetWindowTextW (hWnd=0x2f02d0, lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 1
[0319.005] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0xc, wParam=0x0, lParam=0x2e590e0) returned 0x1
[0319.006] GetSystemMetrics (nIndex=5) returned 1
[0319.006] GetSystemMetrics (nIndex=6) returned 1
[0319.006] SendMessageW (hWnd=0x2f02d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0319.006] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0xc5, wParam=0x7fff, lParam=0x0) returned 0x1
[0319.007] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x5, wParam=0x0, lParam=0x850191) returned 0x1
[0319.008] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x3, wParam=0x0, lParam=0x7f000a) returned 0x0
[0319.008] GetClientRect (in: hWnd=0x2f02d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0319.008] GetWindowRect (in: hWnd=0x2f02d0, lpRect=0xd7da08 | out: lpRect=0xd7da08) returned 1
[0319.008] GetParent (hWnd=0x2f02d0) returned 0x3a02de
[0319.008] MapWindowPoints (in: hWndFrom=0x0, hWndTo=0x3a02de, lpPoints=0xd7da08, cPoints=0x2 | out: lpPoints=0xd7da08) returned -24773109
[0319.008] SendMessageW (hWnd=0x2f02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2f02d0) returned 0x0
[0319.009] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x2210, wParam=0x2d00001, lParam=0x2f02d0) returned 0x0
[0319.009] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x18, wParam=0x1, lParam=0x0) returned 0x0
[0319.009] GetParent (hWnd=0x2f02d0) returned 0x3a02de
[0319.009] GetWindowLongW (hWnd=0x3a02de, nIndex=-8) returned 458844
[0319.009] MonitorFromWindow (hwnd=0x7005c, dwFlags=0x2) returned 0x10001
[0319.009] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e234 | out: lpmi=0xd7e234) returned 1
[0319.009] CreateDCW (pwszDriver="\\\\.\\DISPLAY1", pwszDevice=0x0, pszPort=0x0, pdm=0x0) returned 0x3e010173
[0319.009] GetDeviceCaps (hdc=0x3e010173, index=12) returned 32
[0319.009] GetDeviceCaps (hdc=0x3e010173, index=14) returned 1
[0319.009] DeleteDC (hdc=0x3e010173) returned 1
[0319.009] GetMonitorInfoW (in: hMonitor=0x10001, lpmi=0xd7e258 | out: lpmi=0xd7e258) returned 1
[0319.010] GetWindowThreadProcessId (in: hWnd=0x3a02de, lpdwProcessId=0xd7e308 | out: lpdwProcessId=0xd7e308) returned 0xf50
[0319.010] GetCurrentThreadId () returned 0xf50
[0319.010] PostMessageW (hWnd=0x3a02de, Msg=0xc1a6, wParam=0x0, lParam=0x0) returned 1
[0319.010] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.010] GetSystemMetrics (nIndex=42) returned 0
[0319.010] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7e278, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.010] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7e278) returned 0xd
[0319.010] GdipImageGetFrameDimensionsCount (image=0x664fe20, count=0xd7e25c) returned 0x0
[0319.010] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x12010a0
[0319.010] GdipImageGetFrameDimensionsList (image=0x664fe20, dimensionIDs=0x12010a0*(Data1=0x1200fe0, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0319.010] LocalFree (hMem=0x12010a0) returned 0x0
[0319.010] GdipImageGetFrameDimensionsCount (image=0x6652238, count=0xd7e250) returned 0x0
[0319.010] LocalAlloc (uFlags=0x0, uBytes=0x10) returned 0x1201238
[0319.010] GdipImageGetFrameDimensionsList (image=0x6652238, dimensionIDs=0x1201238*(Data1=0x1201190, Data2=0x0, Data3=0x0, Data4=([0]=0x0, [1]=0x0, [2]=0x0, [3]=0x0, [4]=0x0, [5]=0x0, [6]=0x0, [7]=0x0)), count=0x1) returned 0x0
[0319.010] LocalFree (hMem=0x1201238) returned 0x0
[0319.010] SystemParametersInfoW (in: uiAction=0x5f, uiParam=0x0, pvParam=0xd7e3a0, fWinIni=0x0 | out: pvParam=0xd7e3a0) returned 1
[0319.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0319.011] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0319.022] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0319.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0319.023] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0319.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0319.024] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e464 | out: lpwndpl=0xd7e464) returned 1
[0319.024] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e410 | out: lpRect=0xd7e410) returned 1
[0319.024] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.024] GetSystemMetrics (nIndex=42) returned 0
[0319.024] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7e2cc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.024] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7e2cc) returned 0xd
[0319.024] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e318 | out: lpRect=0xd7e318) returned 1
[0319.024] GetCurrentObject (hdc=0xf0105ee, type=0x1) returned 0xb00017
[0319.024] GetCurrentObject (hdc=0xf0105ee, type=0x2) returned 0x900010
[0319.025] GetCurrentObject (hdc=0xf0105ee, type=0x7) returned 0x4d0507ae
[0319.025] GetCurrentObject (hdc=0xf0105ee, type=0x6) returned 0x8a01c2
[0319.025] SaveDC (hdc=0xf0105ee) returned 1
[0319.025] GetNearestColor (hdc=0xf0105ee, color=0xf0f0f0) returned 0xf0f0f0
[0319.025] CreateSolidBrush (color=0xf0f0f0) returned 0x9f1007e1
[0319.025] FillRect (hDC=0xf0105ee, lprc=0xd7e1b8, hbr=0x9f1007e1) returned 1
[0319.025] DeleteObject (ho=0x9f1007e1) returned 1
[0319.025] RestoreDC (hdc=0xf0105ee, nSavedDC=-1) returned 1
[0319.025] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0319.025] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0319.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0319.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x14, wParam=0x60100ce, lParam=0x0) returned 0x1
[0319.026] GetStockObject (i=5) returned 0x900015
[0319.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0319.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x14, wParam=0x10105d6, lParam=0x0) returned 0x1
[0319.026] GetStockObject (i=5) returned 0x900015
[0319.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x85, wParam=0x1, lParam=0x0) returned 0x0
[0319.026] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x14, wParam=0xf0105ee, lParam=0x0) returned 0x1
[0319.026] GetStockObject (i=5) returned 0x900015
[0319.027] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e448 | out: lpwndpl=0xd7e448) returned 1
[0319.027] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x47, wParam=0x0, lParam=0xd7e71c) returned 0x0
[0319.027] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0319.027] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7e3f8 | out: lpRect=0xd7e3f8) returned 1
[0319.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0319.028] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0319.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0319.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x5, wParam=0x0, lParam=0x7d01b6) returned 0x0
[0319.033] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x3, wParam=0x0, lParam=0x17b01f5) returned 0x0
[0319.033] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0319.033] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7e428 | out: lpRect=0xd7e428) returned 1
[0319.034] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.034] InvalidateRect (hWnd=0x3c02d8, lpRect=0x0, bErase=0) returned 1
[0319.034] GetFocus () returned 0x3a02de
[0319.034] GetFocus () returned 0x3a02de
[0319.034] SetFocus (hWnd=0x3c02d8) returned 0x3a02de
[0319.034] GetFocus () returned 0x3c02d8
[0319.035] IsChild (hWndParent=0x3a02de, hWnd=0x3c02d8) returned 1
[0319.035] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x8, wParam=0x3c02d8, lParam=0x0) returned 0x0
[0319.036] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0319.037] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0319.038] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0319.038] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x7, wParam=0x3a02de, lParam=0x0) returned 0x0
[0319.039] GetStockObject (i=5) returned 0x900015
[0319.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x8
[0319.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0xd, wParam=0x9, lParam=0x11f5560) returned 0x8
[0319.039] GetDlgItem (hDlg=0x3a02de, nIDDlgItem=3932888) returned 0x3c02d8
[0319.039] SendMessageW (hWnd=0x3c02d8, Msg=0x202b, wParam=0x3c02d8, lParam=0xd7e0dc) returned 0x0
[0319.039] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x202b, wParam=0x3c02d8, lParam=0xd7e0dc) returned 0x0
[0319.039] InvalidateRect (hWnd=0x3c02d8, lpRect=0x0, bErase=0) returned 1
[0319.041] GetFocus () returned 0x3c02d8
[0319.041] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.041] IsWindowUnicode (hWnd=0x3a02de) returned 1
[0319.041] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.041] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.041] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.041] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x31f, wParam=0x1, lParam=0x0) returned 0x0
[0319.041] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.041] IsWindowUnicode (hWnd=0x3a02de) returned 1
[0319.042] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.042] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.042] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.042] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.042] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x20, wParam=0x7005c, lParam=0x200fffe) returned 0x0
[0319.042] IsWindowUnicode (hWnd=0x3a02de) returned 1
[0319.042] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.042] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.042] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.042] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.042] IsWindowUnicode (hWnd=0x602c4) returned 1
[0319.043] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.043] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.043] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.043] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0319.043] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0319.043] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.043] IsWindowUnicode (hWnd=0x3a02de) returned 1
[0319.043] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.043] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.043] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.044] BeginPaint (in: hWnd=0x3a02de, lpPaint=0xd7e278 | out: lpPaint=0xd7e278) returned 0xc0107c5
[0319.044] SelectPalette (hdc=0xc0107c5, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.054] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.054] GetSystemMetrics (nIndex=42) returned 0
[0319.054] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7e204, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.054] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7e204) returned 0xd
[0319.054] SelectPalette (hdc=0xc0107c5, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.054] EndPaint (hWnd=0x3a02de, lpPaint=0xd7e274) returned 1
[0319.055] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.055] IsWindowUnicode (hWnd=0x3002ce) returned 1
[0319.055] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.055] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.055] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.055] BeginPaint (in: hWnd=0x3002ce, lpPaint=0xd7e298 | out: lpPaint=0xd7e298) returned 0x10105d6
[0319.055] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.055] CreateCompatibleDC (hdc=0x10105d6) returned 0x980106b6
[0319.055] SelectObject (hdc=0x980106b6, h=0x4a0507fe) returned 0x85000f
[0319.055] GdipCreateFromHDC (hdc=0x980106b6, graphics=0xd7e2b0) returned 0x0
[0319.055] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.056] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=64, height=64, combineMode=0x0) returned 0x0
[0319.056] GdipCreateMatrix (matrix=0xd7e2f8) returned 0x0
[0319.057] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0319.057] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7e310) returned 0x0
[0319.057] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.057] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11ee868) returned 0x0
[0319.057] LocalFree (hMem=0x11ee868) returned 0x0
[0319.057] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0319.057] GdipCreateRegion (region=0xd7e2f8) returned 0x0
[0319.057] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0319.057] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e304) returned 0x0
[0319.057] GdipSaveGraphics (graphics=0x6600030, state=0xd7e330) returned 0x0
[0319.057] GetWindowTextLengthW (hWnd=0x3002ce) returned 0
[0319.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0319.057] GetSystemMetrics (nIndex=42) returned 0
[0319.057] GetWindowTextW (in: hWnd=0x3002ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0319.057] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0319.057] GetClientRect (in: hWnd=0x3002ce, lpRect=0xd7e2f8 | out: lpRect=0xd7e2f8) returned 1
[0319.057] GdipCreateRegion (region=0xd7e14c) returned 0x0
[0319.057] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0319.057] GdipCreateMatrix (matrix=0xd7e14c) returned 0x0
[0319.057] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0319.057] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7e164) returned 0x0
[0319.057] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.057] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0319.058] LocalFree (hMem=0x11ee868) returned 0x0
[0319.058] GdipCombineRegionRegion (region=0x6646178, region2=0x66463b8, combineMode=0x1) returned 0x0
[0319.058] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0319.058] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee9f0) returned 0x0
[0319.058] LocalFree (hMem=0x11ee9f0) returned 0x0
[0319.058] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0319.058] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e18c) returned 0x0
[0319.058] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e17c) returned 0x0
[0319.058] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e17c) returned 0x0
[0319.058] GdipDeleteRegion (region=0x6646178) returned 0x0
[0319.058] GdipGetDC (graphics=0x6600030, hdc=0xd7e194) returned 0x0
[0319.058] GetCurrentObject (hdc=0x980106b6, type=0x1) returned 0xb00017
[0319.058] GetCurrentObject (hdc=0x980106b6, type=0x2) returned 0x900010
[0319.058] GetCurrentObject (hdc=0x980106b6, type=0x7) returned 0x4a0507fe
[0319.058] GetCurrentObject (hdc=0x980106b6, type=0x6) returned 0x8a01c2
[0319.058] SaveDC (hdc=0x980106b6) returned 1
[0319.058] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9d040807
[0319.058] GetClipRgn (hdc=0x980106b6, hrgn=0x9d040807) returned 0
[0319.058] SelectClipRgn (hdc=0x980106b6, hrgn=0x180407de) returned 2
[0319.058] DeleteObject (ho=0x9d040807) returned 1
[0319.058] DeleteObject (ho=0x180407de) returned 1
[0319.059] OffsetViewportOrgEx (in: hdc=0x980106b6, x=0, y=0, lppt=0x2e5ec40 | out: lppt=0x2e5ec40) returned 1
[0319.059] GetNearestColor (hdc=0x980106b6, color=0xf0f0f0) returned 0xf0f0f0
[0319.059] CreateSolidBrush (color=0xf0f0f0) returned 0xa01007e1
[0319.059] FillRect (hDC=0x980106b6, lprc=0xd7e198, hbr=0xa01007e1) returned 1
[0319.059] DeleteObject (ho=0xa01007e1) returned 1
[0319.059] RestoreDC (hdc=0x980106b6, nSavedDC=-1) returned 1
[0319.059] GdipReleaseDC (graphics=0x6600030, hdc=0x980106b6) returned 0x0
[0319.059] GdipRestoreGraphics (graphics=0x6600030, state=0xf4c20dbd) returned 0x0
[0319.059] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0319.059] GetWindowTextLengthW (hWnd=0x3002ce) returned 0
[0319.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0319.059] GetSystemMetrics (nIndex=42) returned 0
[0319.059] GetWindowTextW (in: hWnd=0x3002ce, lpString=0xd7e248, nMaxCount=1 | out: lpString="") returned 0
[0319.059] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0xd, wParam=0x1, lParam=0xd7e248) returned 0x0
[0319.059] GdipGetImageWidth (image=0x664fe20, width=0xd7e1e0) returned 0x0
[0319.059] GdipGetImageHeight (image=0x664fe20, height=0xd7e1e0) returned 0x0
[0319.069] GdipGetImageWidth (image=0x664fe20, width=0xd7e1cc) returned 0x0
[0319.069] GdipGetImageHeight (image=0x664fe20, height=0xd7e1cc) returned 0x0
[0319.069] GdipDrawImageRectI (graphics=0x6600030, image=0x664fe20, x=16, y=16, width=32, height=32) returned 0x0
[0319.069] GdipGetDC (graphics=0x6600030, hdc=0xd7e2f0) returned 0x0
[0319.069] BitBlt (hdc=0x10105d6, x=0, y=0, cx=64, cy=64, hdcSrc=0x980106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.069] GdipReleaseDC (graphics=0x6600030, hdc=0x980106b6) returned 0x0
[0319.069] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.069] SelectObject (hdc=0x980106b6, h=0x85000f) returned 0x4a0507fe
[0319.069] DeleteDC (hdc=0x980106b6) returned 1
[0319.070] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.070] EndPaint (hWnd=0x3002ce, lpPaint=0xd7e294) returned 1
[0319.070] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.070] IsWindowUnicode (hWnd=0x3402c8) returned 1
[0319.070] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.070] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.070] SetCursor (hCursor=0x10003) returned 0x10003
[0319.071] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.071] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.071] _TrackMouseEvent (in: lpEventTrack=0x2e5ed0c | out: lpEventTrack=0x2e5ed0c) returned 1
[0319.071] SendMessageW (hWnd=0x3402c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0319.071] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0319.071] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.071] GetKeyState (nVirtKey=1) returned 0
[0319.071] GetKeyState (nVirtKey=2) returned 0
[0319.071] GetKeyState (nVirtKey=4) returned 0
[0319.071] GetKeyState (nVirtKey=5) returned 0
[0319.071] GetKeyState (nVirtKey=6) returned 0
[0319.071] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.071] IsWindowUnicode (hWnd=0x3a02da) returned 1
[0319.071] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.071] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.071] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.072] BeginPaint (in: hWnd=0x3a02da, lpPaint=0xd7e25c | out: lpPaint=0xd7e25c) returned 0xf0105ee
[0319.072] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.072] CreateCompatibleDC (hdc=0xf0105ee) returned 0x9a0106b6
[0319.072] GetObjectType (h=0xf0105ee) returned 0x3
[0319.072] CreateCompatibleBitmap (hdc=0xf0105ee, cx=1, cy=1) returned 0x49050173
[0319.072] GetDIBits (in: hdc=0xf0105ee, hbm=0x49050173, start=0x0, cLines=0x0, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0319.072] GetDIBits (in: hdc=0xf0105ee, hbm=0x49050173, start=0x0, cLines=0x1, lpvBits=0x0, lpbmi=0xd7dd0c, usage=0x0 | out: lpvBits=0x0, lpbmi=0xd7dd0c) returned 1
[0319.072] DeleteObject (ho=0x49050173) returned 1
[0319.072] CreateDIBSection (in: hdc=0xf0105ee, lpbmi=0xd7dd5c, usage=0x0, ppvBits=0xd7e250, hSection=0x0, offset=0x0 | out: ppvBits=0xd7e250) returned 0xa5050793
[0319.073] SelectObject (hdc=0x9a0106b6, h=0xa5050793) returned 0x85000f
[0319.073] GdipCreateFromHDC (hdc=0x9a0106b6, graphics=0xd7e234) returned 0x0
[0319.073] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.073] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=354, height=68, combineMode=0x0) returned 0x0
[0319.073] GdipCreateMatrix (matrix=0xd7e2bc) returned 0x0
[0319.073] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0319.073] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7e2d4) returned 0x0
[0319.073] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.073] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0319.073] LocalFree (hMem=0x11eec58) returned 0x0
[0319.073] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0319.074] GdipCreateRegion (region=0xd7e2bc) returned 0x0
[0319.074] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0319.074] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2c8) returned 0x0
[0319.074] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2f4) returned 0x0
[0319.074] GetWindowTextLengthW (hWnd=0x3a02da) returned 232
[0319.074] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0319.074] GetSystemMetrics (nIndex=42) returned 0
[0319.074] GetWindowTextW (in: hWnd=0x3a02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0319.074] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0319.074] GetClientRect (in: hWnd=0x3a02da, lpRect=0xd7e2bc | out: lpRect=0xd7e2bc) returned 1
[0319.074] GdipCreateRegion (region=0xd7e110) returned 0x0
[0319.074] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0319.074] GdipCreateMatrix (matrix=0xd7e110) returned 0x0
[0319.074] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b48) returned 0x0
[0319.074] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7e128) returned 0x0
[0319.074] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.074] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0319.074] LocalFree (hMem=0x11ee868) returned 0x0
[0319.075] GdipCombineRegionRegion (region=0x6645998, region2=0x66463b8, combineMode=0x1) returned 0x0
[0319.075] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.075] GdipGetMatrixElements (matrix=0x6638b48, matrixOut=0x11ee868) returned 0x0
[0319.075] LocalFree (hMem=0x11ee868) returned 0x0
[0319.075] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0319.075] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e150) returned 0x0
[0319.078] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e140) returned 0x0
[0319.078] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e140) returned 0x0
[0319.078] GdipDeleteRegion (region=0x6645998) returned 0x0
[0319.078] GdipGetDC (graphics=0x6600030, hdc=0xd7e158) returned 0x0
[0319.078] GetCurrentObject (hdc=0x9a0106b6, type=0x1) returned 0xb00017
[0319.078] GetCurrentObject (hdc=0x9a0106b6, type=0x2) returned 0x900010
[0319.079] GetCurrentObject (hdc=0x9a0106b6, type=0x7) returned 0xffffffffa5050793
[0319.079] GetCurrentObject (hdc=0x9a0106b6, type=0x6) returned 0x8a01c2
[0319.079] SaveDC (hdc=0x9a0106b6) returned 1
[0319.079] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x190407de
[0319.079] GetClipRgn (hdc=0x9a0106b6, hrgn=0x190407de) returned 0
[0319.079] SelectClipRgn (hdc=0x9a0106b6, hrgn=0x9e040807) returned 2
[0319.079] DeleteObject (ho=0x190407de) returned 1
[0319.079] DeleteObject (ho=0x9e040807) returned 1
[0319.079] OffsetViewportOrgEx (in: hdc=0x9a0106b6, x=0, y=0, lppt=0x2e60660 | out: lppt=0x2e60660) returned 1
[0319.079] GetNearestColor (hdc=0x9a0106b6, color=0xf0f0f0) returned 0xf0f0f0
[0319.079] CreateSolidBrush (color=0xf0f0f0) returned 0xa11007e1
[0319.079] FillRect (hDC=0x9a0106b6, lprc=0xd7e15c, hbr=0xa11007e1) returned 1
[0319.081] DeleteObject (ho=0xa11007e1) returned 1
[0319.081] RestoreDC (hdc=0x9a0106b6, nSavedDC=-1) returned 1
[0319.081] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0106b6) returned 0x0
[0319.081] GdipRestoreGraphics (graphics=0x6600030, state=0xf4c00dbd) returned 0x0
[0319.081] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0319.081] GetWindowTextLengthW (hWnd=0x3a02da) returned 232
[0319.081] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0319.081] GetSystemMetrics (nIndex=42) returned 0
[0319.081] GetWindowTextW (in: hWnd=0x3a02da, lpString=0xd7e03c, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0319.081] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xd, wParam=0xe9, lParam=0xd7e03c) returned 0xe8
[0319.082] GdipGetDC (graphics=0x6600030, hdc=0xd7e178) returned 0x0
[0319.082] GetCurrentObject (hdc=0x9a0106b6, type=0x1) returned 0xb00017
[0319.082] GetCurrentObject (hdc=0x9a0106b6, type=0x2) returned 0x900010
[0319.082] GetCurrentObject (hdc=0x9a0106b6, type=0x7) returned 0xffffffffa5050793
[0319.082] GetCurrentObject (hdc=0x9a0106b6, type=0x6) returned 0x8a01c2
[0319.082] SaveDC (hdc=0x9a0106b6) returned 1
[0319.082] GetNearestColor (hdc=0x9a0106b6, color=0x0) returned 0x0
[0319.082] RestoreDC (hdc=0x9a0106b6, nSavedDC=-1) returned 1
[0319.082] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0106b6) returned 0x0
[0319.083] GetModuleHandleW (lpModuleName="comctl32.dll") returned 0x6f520000
[0319.083] AdjustWindowRectEx (in: lpRect=0xd7e098, dwStyle=0x5600000d, bMenu=0, dwExStyle=0x0 | out: lpRect=0xd7e098) returned 1
[0319.083] DrawTextExW (in: hdc=0x65010512, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e084, format=0x102400, lpdtp=0x2e60e5c | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e084) returned 39
[0319.083] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e118) returned 0x0
[0319.083] GdipGetDC (graphics=0x6600030, hdc=0xd7e104) returned 0x0
[0319.083] GetCurrentObject (hdc=0x9a0106b6, type=0x1) returned 0xb00017
[0319.083] GetCurrentObject (hdc=0x9a0106b6, type=0x2) returned 0x900010
[0319.083] GetCurrentObject (hdc=0x9a0106b6, type=0x7) returned 0xffffffffa5050793
[0319.084] GetCurrentObject (hdc=0x9a0106b6, type=0x6) returned 0x8a01c2
[0319.084] SaveDC (hdc=0x9a0106b6) returned 1
[0319.084] GetTextAlign (hdc=0x9a0106b6) returned 0x0
[0319.084] GetTextColor (hdc=0x9a0106b6) returned 0x0
[0319.084] GetCurrentObject (hdc=0x9a0106b6, type=0x6) returned 0x8a01c2
[0319.084] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de4c | out: pv=0xd7de4c) returned 92
[0319.084] SelectObject (hdc=0x9a0106b6, h=0x6d0a0520) returned 0x8a01c2
[0319.084] GetBkMode (hdc=0x9a0106b6) returned 2
[0319.084] SetBkMode (hdc=0x9a0106b6, mode=1) returned 2
[0319.084] DrawTextExW (in: hdc=0x9a0106b6, lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", cchText=232, lprc=0xd7e098, format=0x102010, lpdtp=0x2e61080 | out: lpchText="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.", lprc=0xd7e098) returned 65
[0319.088] RestoreDC (hdc=0x9a0106b6, nSavedDC=-1) returned 1
[0319.088] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0106b6) returned 0x0
[0319.088] GdipGetDC (graphics=0x6600030, hdc=0xd7e2b4) returned 0x0
[0319.088] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=354, cy=68, hdcSrc=0x9a0106b6, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.088] GdipReleaseDC (graphics=0x6600030, hdc=0x9a0106b6) returned 0x0
[0319.088] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.088] SelectObject (hdc=0x9a0106b6, h=0x85000f) returned 0xa5050793
[0319.088] DeleteDC (hdc=0x9a0106b6) returned 1
[0319.088] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.088] DeleteObject (ho=0xa5050793) returned 1
[0319.089] EndPaint (hWnd=0x3a02da, lpPaint=0xd7e258) returned 1
[0319.089] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.090] IsWindowUnicode (hWnd=0x3c02d8) returned 1
[0319.090] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.090] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.090] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.090] BeginPaint (in: hWnd=0x3c02d8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0319.090] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.090] CreateCompatibleDC (hdc=0x60100ce) returned 0x4b010173
[0319.090] SelectObject (hdc=0x4b010173, h=0x4a0507fe) returned 0x85000f
[0319.090] GdipCreateFromHDC (hdc=0x4b010173, graphics=0xd7e268) returned 0x0
[0319.090] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.090] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0319.122] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0319.122] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0319.122] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7e2c8) returned 0x0
[0319.122] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.122] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eec58) returned 0x0
[0319.122] LocalFree (hMem=0x11eec58) returned 0x0
[0319.123] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0319.123] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0319.123] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0319.123] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0319.123] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0319.123] GdipRestoreGraphics (graphics=0x6600030, state=0xf4be0dbd) returned 0x0
[0319.123] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0319.123] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0319.123] GetCurrentObject (hdc=0x4b010173, type=0x1) returned 0xb00017
[0319.123] GetCurrentObject (hdc=0x4b010173, type=0x2) returned 0x900010
[0319.123] GetCurrentObject (hdc=0x4b010173, type=0x7) returned 0x4a0507fe
[0319.123] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.123] SaveDC (hdc=0x4b010173) returned 1
[0319.123] GetNearestColor (hdc=0x4b010173, color=0xf0f0f0) returned 0xf0f0f0
[0319.123] GetNearestColor (hdc=0x4b010173, color=0xa0a0a0) returned 0xa0a0a0
[0319.123] GetNearestColor (hdc=0x4b010173, color=0x696969) returned 0x696969
[0319.123] GetNearestColor (hdc=0x4b010173, color=0xa0a0a0) returned 0xa0a0a0
[0319.123] GetNearestColor (hdc=0x4b010173, color=0x0) returned 0x0
[0319.123] GetNearestColor (hdc=0x4b010173, color=0xffffff) returned 0xffffff
[0319.124] GetNearestColor (hdc=0x4b010173, color=0xe5e5e5) returned 0xe5e5e5
[0319.124] GetNearestColor (hdc=0x4b010173, color=0xd7d7d7) returned 0xd7d7d7
[0319.124] GetNearestColor (hdc=0x4b010173, color=0x0) returned 0x0
[0319.124] RestoreDC (hdc=0x4b010173, nSavedDC=-1) returned 1
[0319.124] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010173) returned 0x0
[0319.124] IsAppThemed () returned 0x1
[0319.124] GetThemeAppProperties () returned 0x3
[0319.124] GetThemeAppProperties () returned 0x3
[0319.124] GdipGetImageWidth (image=0x6652238, width=0xd7e168) returned 0x0
[0319.124] GdipGetImageHeight (image=0x6652238, height=0xd7e168) returned 0x0
[0319.124] IsAppThemed () returned 0x1
[0319.124] GetThemeAppProperties () returned 0x3
[0319.124] GetThemeAppProperties () returned 0x3
[0319.124] DrawTextExW (in: hdc=0x65010512, lpchText="&Details", cchText=8, lprc=0xd7df90, format=0x102415, lpdtp=0x2e617d0 | out: lpchText="&Details", lprc=0xd7df90) returned 13
[0319.124] IsAppThemed () returned 0x1
[0319.124] GetThemeAppProperties () returned 0x3
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] IsAppThemed () returned 0x1
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] GetFocus () returned 0x3c02d8
[0319.125] IsAppThemed () returned 0x1
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] IsAppThemed () returned 0x1
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] IsThemePartDefined () returned 0x1
[0319.125] IsAppThemed () returned 0x1
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0319.125] IsAppThemed () returned 0x1
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] IsAppThemed () returned 0x1
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] GetThemeAppProperties () returned 0x3
[0319.125] IsThemePartDefined () returned 0x1
[0319.125] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0319.125] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0319.125] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0319.125] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0319.126] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dff0) returned 0x0
[0319.126] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0319.126] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea98) returned 0x0
[0319.126] LocalFree (hMem=0x11eea98) returned 0x0
[0319.126] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0319.126] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eecc8) returned 0x0
[0319.126] LocalFree (hMem=0x11eecc8) returned 0x0
[0319.126] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0319.126] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e018) returned 0x0
[0319.126] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7e008) returned 0x0
[0319.126] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0319.126] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0319.126] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0319.126] GetCurrentObject (hdc=0x4b010173, type=0x1) returned 0xb00017
[0319.126] GetCurrentObject (hdc=0x4b010173, type=0x2) returned 0x900010
[0319.126] GetCurrentObject (hdc=0x4b010173, type=0x7) returned 0x4a0507fe
[0319.126] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.126] SaveDC (hdc=0x4b010173) returned 1
[0319.126] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x9f040807
[0319.126] GetClipRgn (hdc=0x4b010173, hrgn=0x9f040807) returned 0
[0319.126] SelectClipRgn (hdc=0x4b010173, hrgn=0x1d0407de) returned 2
[0319.127] DeleteObject (ho=0x9f040807) returned 1
[0319.127] DeleteObject (ho=0x1d0407de) returned 1
[0319.127] OffsetViewportOrgEx (in: hdc=0x4b010173, x=0, y=0, lppt=0x2e61e80 | out: lppt=0x2e61e80) returned 1
[0319.127] DrawThemeParentBackground () returned 0x0
[0319.127] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0319.127] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0319.127] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.127] GetSystemMetrics (nIndex=42) returned 0
[0319.127] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.127] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0319.127] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0319.127] GetCurrentObject (hdc=0x4b010173, type=0x1) returned 0xb00017
[0319.127] GetCurrentObject (hdc=0x4b010173, type=0x2) returned 0x900010
[0319.127] GetCurrentObject (hdc=0x4b010173, type=0x7) returned 0x4a0507fe
[0319.127] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.127] SaveDC (hdc=0x4b010173) returned 2
[0319.127] GetNearestColor (hdc=0x4b010173, color=0xf0f0f0) returned 0xf0f0f0
[0319.128] CreateSolidBrush (color=0xf0f0f0) returned 0xa21007e1
[0319.128] FillRect (hDC=0x4b010173, lprc=0xd7da38, hbr=0xa21007e1) returned 1
[0319.128] DeleteObject (ho=0xa21007e1) returned 1
[0319.128] RestoreDC (hdc=0x4b010173, nSavedDC=-1) returned 1
[0319.128] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.128] GetSystemMetrics (nIndex=42) returned 0
[0319.128] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0319.128] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0319.128] GetCurrentObject (hdc=0x4b010173, type=0x1) returned 0xb00017
[0319.128] GetCurrentObject (hdc=0x4b010173, type=0x2) returned 0x900010
[0319.128] GetCurrentObject (hdc=0x4b010173, type=0x7) returned 0x4a0507fe
[0319.128] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.128] SaveDC (hdc=0x4b010173) returned 2
[0319.128] GetNearestColor (hdc=0x4b010173, color=0xf0f0f0) returned 0xf0f0f0
[0319.128] CreateSolidBrush (color=0xf0f0f0) returned 0xa31007e1
[0319.128] FillRect (hDC=0x4b010173, lprc=0xd7d9d8, hbr=0xa31007e1) returned 1
[0319.128] DeleteObject (ho=0xa31007e1) returned 1
[0319.128] RestoreDC (hdc=0x4b010173, nSavedDC=-1) returned 1
[0319.128] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.128] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.128] GetSystemMetrics (nIndex=42) returned 0
[0319.128] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.129] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0319.129] RestoreDC (hdc=0x4b010173, nSavedDC=-1) returned 1
[0319.129] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010173) returned 0x0
[0319.129] IsAppThemed () returned 0x1
[0319.129] GetThemeAppProperties () returned 0x3
[0319.129] GetThemeAppProperties () returned 0x3
[0319.129] IsAppThemed () returned 0x1
[0319.129] GetThemeAppProperties () returned 0x3
[0319.129] GetThemeAppProperties () returned 0x3
[0319.129] IsThemePartDefined () returned 0x1
[0319.129] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0319.129] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0319.129] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0319.129] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0319.129] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0319.130] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0319.130] LocalFree (hMem=0x11eec58) returned 0x0
[0319.130] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0319.130] LocalFree (hMem=0x11ee868) returned 0x0
[0319.130] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0319.130] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0319.130] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0319.130] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0319.130] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0319.130] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0319.130] GetCurrentObject (hdc=0x4b010173, type=0x1) returned 0xb00017
[0319.130] GetCurrentObject (hdc=0x4b010173, type=0x2) returned 0x900010
[0319.130] GetCurrentObject (hdc=0x4b010173, type=0x7) returned 0x4a0507fe
[0319.130] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.130] SaveDC (hdc=0x4b010173) returned 1
[0319.130] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x1e0407de
[0319.130] GetClipRgn (hdc=0x4b010173, hrgn=0x1e0407de) returned 0
[0319.130] SelectClipRgn (hdc=0x4b010173, hrgn=0xa1040807) returned 2
[0319.130] DeleteObject (ho=0x1e0407de) returned 1
[0319.130] DeleteObject (ho=0xa1040807) returned 1
[0319.130] OffsetViewportOrgEx (in: hdc=0x4b010173, x=0, y=0, lppt=0x2e6272c | out: lppt=0x2e6272c) returned 1
[0319.130] IsAppThemed () returned 0x1
[0319.131] GetThemeAppProperties () returned 0x3
[0319.131] GetThemeAppProperties () returned 0x3
[0319.131] DrawThemeBackground () returned 0x0
[0319.131] RestoreDC (hdc=0x4b010173, nSavedDC=-1) returned 1
[0319.131] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010173) returned 0x0
[0319.131] GdipCreateRegion (region=0xd7df60) returned 0x0
[0319.131] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0319.131] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0319.131] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0319.131] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df78) returned 0x0
[0319.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0319.131] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eea28) returned 0x0
[0319.131] LocalFree (hMem=0x11eea28) returned 0x0
[0319.131] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.131] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0319.131] LocalFree (hMem=0x11eec58) returned 0x0
[0319.131] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0319.131] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0319.131] GdipIsInfiniteRegion (region=0x66463b8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0319.131] GdipGetRegionHRgn (region=0x66463b8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0319.131] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0319.131] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0319.132] GetCurrentObject (hdc=0x4b010173, type=0x1) returned 0xb00017
[0319.132] GetCurrentObject (hdc=0x4b010173, type=0x2) returned 0x900010
[0319.132] GetCurrentObject (hdc=0x4b010173, type=0x7) returned 0x4a0507fe
[0319.132] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.132] SaveDC (hdc=0x4b010173) returned 1
[0319.132] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa2040807
[0319.132] GetClipRgn (hdc=0x4b010173, hrgn=0xa2040807) returned 0
[0319.132] SelectClipRgn (hdc=0x4b010173, hrgn=0x1f0407de) returned 2
[0319.132] DeleteObject (ho=0xa2040807) returned 1
[0319.132] DeleteObject (ho=0x1f0407de) returned 1
[0319.132] OffsetViewportOrgEx (in: hdc=0x4b010173, x=0, y=0, lppt=0x2e62a00 | out: lppt=0x2e62a00) returned 1
[0319.132] IsAppThemed () returned 0x1
[0319.132] GetThemeAppProperties () returned 0x3
[0319.132] GetThemeAppProperties () returned 0x3
[0319.132] GetThemeBackgroundContentRect () returned 0x0
[0319.132] RestoreDC (hdc=0x4b010173, nSavedDC=-1) returned 1
[0319.132] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010173) returned 0x0
[0319.132] GdipCreateRegion (region=0xd7e13c) returned 0x0
[0319.132] GdipGetClip (graphics=0x6600030, region=0x66463b8) returned 0x0
[0319.132] GdipCloneRegion (region=0x66463b8, cloneRegion=0xd7e150) returned 0x0
[0319.132] GdipCombineRegionRectI (region=0x6645758, rect=0xd7e138, combineMode=0x1) returned 0x0
[0319.133] GdipCombineRegionRectI (region=0x6645758, rect=0xd7e138, combineMode=0x1) returned 0x0
[0319.133] GdipSetClipRegion (graphics=0x6600030, region=0x6645758, combineMode=0x0) returned 0x0
[0319.133] GdipGetImageWidth (image=0x6652238, width=0xd7e154) returned 0x0
[0319.133] GdipGetImageHeight (image=0x6652238, height=0xd7e148) returned 0x0
[0319.133] GdipDrawImageRectI (graphics=0x6600030, image=0x6652238, x=4, y=4, width=16, height=16) returned 0x0
[0319.133] GdipSetClipRegion (graphics=0x6600030, region=0x66463b8, combineMode=0x0) returned 0x0
[0319.133] IsAppThemed () returned 0x1
[0319.133] GetThemeAppProperties () returned 0x3
[0319.133] GetThemeAppProperties () returned 0x3
[0319.133] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0319.133] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0319.133] GetCurrentObject (hdc=0x4b010173, type=0x1) returned 0xb00017
[0319.133] GetCurrentObject (hdc=0x4b010173, type=0x2) returned 0x900010
[0319.133] GetCurrentObject (hdc=0x4b010173, type=0x7) returned 0x4a0507fe
[0319.133] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.133] SaveDC (hdc=0x4b010173) returned 1
[0319.133] GetTextAlign (hdc=0x4b010173) returned 0x0
[0319.133] GetTextColor (hdc=0x4b010173) returned 0x0
[0319.133] GetCurrentObject (hdc=0x4b010173, type=0x6) returned 0x8a01c2
[0319.133] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0319.134] SelectObject (hdc=0x4b010173, h=0x6d0a0520) returned 0x8a01c2
[0319.134] GetBkMode (hdc=0x4b010173) returned 2
[0319.134] SetBkMode (hdc=0x4b010173, mode=1) returned 2
[0319.134] DrawTextExW (in: hdc=0x4b010173, lpchText="&Details", cchText=8, lprc=0xd7def8, format=0x102415, lpdtp=0x2e62dc0 | out: lpchText="&Details", lprc=0xd7def8) returned 13
[0319.134] DrawTextExW (in: hdc=0x4b010173, lpchText="&Details", cchText=8, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e62dc0 | out: lpchText="&Details", lprc=0xd7e05c) returned 13
[0319.134] RestoreDC (hdc=0x4b010173, nSavedDC=-1) returned 1
[0319.134] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010173) returned 0x0
[0319.134] GetFocus () returned 0x3c02d8
[0319.134] IsAppThemed () returned 0x1
[0319.134] GetThemeAppProperties () returned 0x3
[0319.134] GetThemeAppProperties () returned 0x3
[0319.134] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0319.135] BitBlt (hdc=0x60100ce, x=0, y=0, cx=100, cy=23, hdcSrc=0x4b010173, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.135] GdipReleaseDC (graphics=0x6600030, hdc=0x4b010173) returned 0x0
[0319.135] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.135] SelectObject (hdc=0x4b010173, h=0x85000f) returned 0x4a0507fe
[0319.135] DeleteDC (hdc=0x4b010173) returned 1
[0319.135] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.135] EndPaint (hWnd=0x3c02d8, lpPaint=0xd7e24c) returned 1
[0319.135] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.135] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x60) returned 0x0
[0319.136] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.136] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.136] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x60) returned 0x0
[0319.137] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.137] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.137] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.137] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x60) returned 0x0
[0319.144] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.144] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.144] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.144] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.144] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.145] IsWindowUnicode (hWnd=0x3402c8) returned 1
[0319.145] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.145] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.145] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.145] BeginPaint (in: hWnd=0x3402c8, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x10105d6
[0319.145] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.145] CreateCompatibleDC (hdc=0x10105d6) returned 0xb30107a1
[0319.145] SelectObject (hdc=0xb30107a1, h=0x4a0507fe) returned 0x85000f
[0319.145] GdipCreateFromHDC (hdc=0xb30107a1, graphics=0xd7e268) returned 0x0
[0319.146] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.146] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0319.146] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0319.146] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c38) returned 0x0
[0319.146] GdipIsMatrixIdentity (matrix=0x6638c38, result=0xd7e2c8) returned 0x0
[0319.146] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.146] GdipGetMatrixElements (matrix=0x6638c38, matrixOut=0x11eec58) returned 0x0
[0319.146] LocalFree (hMem=0x11eec58) returned 0x0
[0319.146] GdipDeleteMatrix (matrix=0x6638c38) returned 0x0
[0319.146] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0319.146] GdipGetClip (graphics=0x6600030, region=0x6645518) returned 0x0
[0319.146] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0319.146] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0319.146] GdipRestoreGraphics (graphics=0x6600030, state=0xf4bc0dbd) returned 0x0
[0319.146] GdipDeleteRegion (region=0x6645518) returned 0x0
[0319.146] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0319.146] GetCurrentObject (hdc=0xb30107a1, type=0x1) returned 0xb00017
[0319.146] GetCurrentObject (hdc=0xb30107a1, type=0x2) returned 0x900010
[0319.146] GetCurrentObject (hdc=0xb30107a1, type=0x7) returned 0x4a0507fe
[0319.146] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.147] SaveDC (hdc=0xb30107a1) returned 1
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0xf0f0f0) returned 0xf0f0f0
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0xa0a0a0) returned 0xa0a0a0
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0x696969) returned 0x696969
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0xa0a0a0) returned 0xa0a0a0
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0x0) returned 0x0
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0xffffff) returned 0xffffff
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0xe5e5e5) returned 0xe5e5e5
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0xd7d7d7) returned 0xd7d7d7
[0319.147] GetNearestColor (hdc=0xb30107a1, color=0x0) returned 0x0
[0319.147] RestoreDC (hdc=0xb30107a1, nSavedDC=-1) returned 1
[0319.147] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a1) returned 0x0
[0319.147] IsAppThemed () returned 0x1
[0319.147] GetThemeAppProperties () returned 0x3
[0319.147] GetThemeAppProperties () returned 0x3
[0319.147] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e134, fWinIni=0x0 | out: pvParam=0xd7e134) returned 1
[0319.147] SendMessageW (hWnd=0x3a02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0319.147] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0319.148] IsAppThemed () returned 0x1
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7df84, format=0x102415, lpdtp=0x2e635d0 | out: lpchText="&Continue", lprc=0xd7df84) returned 13
[0319.148] IsAppThemed () returned 0x1
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] IsAppThemed () returned 0x1
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] IsAppThemed () returned 0x1
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] IsAppThemed () returned 0x1
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] IsThemePartDefined () returned 0x1
[0319.148] IsAppThemed () returned 0x1
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] GetThemeAppProperties () returned 0x3
[0319.148] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0319.148] IsAppThemed () returned 0x1
[0319.149] GetThemeAppProperties () returned 0x3
[0319.149] GetThemeAppProperties () returned 0x3
[0319.149] IsAppThemed () returned 0x1
[0319.149] GetThemeAppProperties () returned 0x3
[0319.149] GetThemeAppProperties () returned 0x3
[0319.149] IsThemePartDefined () returned 0x1
[0319.149] GdipCreateRegion (region=0xd7dfcc) returned 0x0
[0319.149] GdipGetClip (graphics=0x6600030, region=0x66457e8) returned 0x0
[0319.149] GdipCreateMatrix (matrix=0xd7dfcc) returned 0x0
[0319.149] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0319.149] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7dfe4) returned 0x0
[0319.149] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eecc8
[0319.149] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eecc8) returned 0x0
[0319.149] LocalFree (hMem=0x11eecc8) returned 0x0
[0319.149] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.149] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0319.149] LocalFree (hMem=0x11eec58) returned 0x0
[0319.149] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0319.149] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7e00c) returned 0x0
[0319.149] GdipIsInfiniteRegion (region=0x66457e8, graphics=0x6600030, result=0xd7dffc) returned 0x0
[0319.149] GdipGetRegionHRgn (region=0x66457e8, graphics=0x6600030, hRgn=0xd7dffc) returned 0x0
[0319.149] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0319.149] GdipGetDC (graphics=0x6600030, hdc=0xd7e014) returned 0x0
[0319.149] GetCurrentObject (hdc=0xb30107a1, type=0x1) returned 0xb00017
[0319.149] GetCurrentObject (hdc=0xb30107a1, type=0x2) returned 0x900010
[0319.150] GetCurrentObject (hdc=0xb30107a1, type=0x7) returned 0x4a0507fe
[0319.150] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.150] SaveDC (hdc=0xb30107a1) returned 1
[0319.150] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x200407de
[0319.150] GetClipRgn (hdc=0xb30107a1, hrgn=0x200407de) returned 0
[0319.150] SelectClipRgn (hdc=0xb30107a1, hrgn=0xa6040807) returned 2
[0319.150] DeleteObject (ho=0x200407de) returned 1
[0319.150] DeleteObject (ho=0xa6040807) returned 1
[0319.150] OffsetViewportOrgEx (in: hdc=0xb30107a1, x=0, y=0, lppt=0x2e63c80 | out: lppt=0x2e63c80) returned 1
[0319.150] DrawThemeParentBackground () returned 0x0
[0319.150] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7dcdc | out: lpwndpl=0xd7dcdc) returned 1
[0319.150] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7dc88 | out: lpRect=0xd7dc88) returned 1
[0319.150] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.150] GetSystemMetrics (nIndex=42) returned 0
[0319.150] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7db44, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.150] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7db44) returned 0xd
[0319.151] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7db90 | out: lpRect=0xd7db90) returned 1
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x1) returned 0xb00017
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x2) returned 0x900010
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x7) returned 0x4a0507fe
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.151] SaveDC (hdc=0xb30107a1) returned 2
[0319.151] GetNearestColor (hdc=0xb30107a1, color=0xf0f0f0) returned 0xf0f0f0
[0319.151] CreateSolidBrush (color=0xf0f0f0) returned 0xa41007e1
[0319.151] FillRect (hDC=0xb30107a1, lprc=0xd7da30, hbr=0xa41007e1) returned 1
[0319.151] DeleteObject (ho=0xa41007e1) returned 1
[0319.151] RestoreDC (hdc=0xb30107a1, nSavedDC=-1) returned 1
[0319.151] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.151] GetSystemMetrics (nIndex=42) returned 0
[0319.151] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.151] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0319.151] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7db30 | out: lpRect=0xd7db30) returned 1
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x1) returned 0xb00017
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x2) returned 0x900010
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x7) returned 0x4a0507fe
[0319.151] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.152] SaveDC (hdc=0xb30107a1) returned 2
[0319.152] GetNearestColor (hdc=0xb30107a1, color=0xf0f0f0) returned 0xf0f0f0
[0319.152] CreateSolidBrush (color=0xf0f0f0) returned 0xa51007e1
[0319.152] FillRect (hDC=0xb30107a1, lprc=0xd7d9d0, hbr=0xa51007e1) returned 1
[0319.152] DeleteObject (ho=0xa51007e1) returned 1
[0319.152] RestoreDC (hdc=0xb30107a1, nSavedDC=-1) returned 1
[0319.152] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.152] GetSystemMetrics (nIndex=42) returned 0
[0319.152] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7dae4, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.152] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7dae4) returned 0xd
[0319.152] RestoreDC (hdc=0xb30107a1, nSavedDC=-1) returned 1
[0319.152] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a1) returned 0x0
[0319.152] IsAppThemed () returned 0x1
[0319.152] GetThemeAppProperties () returned 0x3
[0319.152] GetThemeAppProperties () returned 0x3
[0319.152] IsAppThemed () returned 0x1
[0319.153] GetThemeAppProperties () returned 0x3
[0319.153] GetThemeAppProperties () returned 0x3
[0319.153] IsThemePartDefined () returned 0x1
[0319.153] GdipCreateRegion (region=0xd7df50) returned 0x0
[0319.153] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0319.153] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0319.153] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d88) returned 0x0
[0319.153] GdipIsMatrixIdentity (matrix=0x6638d88, result=0xd7df68) returned 0x0
[0319.153] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.153] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11ee868) returned 0x0
[0319.153] LocalFree (hMem=0x11ee868) returned 0x0
[0319.153] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0319.153] GdipGetMatrixElements (matrix=0x6638d88, matrixOut=0x11eea28) returned 0x0
[0319.157] LocalFree (hMem=0x11eea28) returned 0x0
[0319.157] GdipDeleteMatrix (matrix=0x6638d88) returned 0x0
[0319.157] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0319.157] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df80) returned 0x0
[0319.157] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7df80) returned 0x0
[0319.157] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0319.157] GdipGetDC (graphics=0x6600030, hdc=0xd7df98) returned 0x0
[0319.157] GetCurrentObject (hdc=0xb30107a1, type=0x1) returned 0xb00017
[0319.157] GetCurrentObject (hdc=0xb30107a1, type=0x2) returned 0x900010
[0319.157] GetCurrentObject (hdc=0xb30107a1, type=0x7) returned 0x4a0507fe
[0319.157] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.157] SaveDC (hdc=0xb30107a1) returned 1
[0319.158] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa7040807
[0319.158] GetClipRgn (hdc=0xb30107a1, hrgn=0xa7040807) returned 0
[0319.158] SelectClipRgn (hdc=0xb30107a1, hrgn=0x220407de) returned 2
[0319.158] DeleteObject (ho=0xa7040807) returned 1
[0319.158] DeleteObject (ho=0x220407de) returned 1
[0319.158] OffsetViewportOrgEx (in: hdc=0xb30107a1, x=0, y=0, lppt=0x2e6452c | out: lppt=0x2e6452c) returned 1
[0319.158] IsAppThemed () returned 0x1
[0319.158] GetThemeAppProperties () returned 0x3
[0319.158] GetThemeAppProperties () returned 0x3
[0319.158] DrawThemeBackground () returned 0x0
[0319.158] RestoreDC (hdc=0xb30107a1, nSavedDC=-1) returned 1
[0319.158] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a1) returned 0x0
[0319.158] GdipCreateRegion (region=0xd7df54) returned 0x0
[0319.158] GdipGetClip (graphics=0x6600030, region=0x66453f8) returned 0x0
[0319.158] GdipCreateMatrix (matrix=0xd7df54) returned 0x0
[0319.158] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c08) returned 0x0
[0319.158] GdipIsMatrixIdentity (matrix=0x6638c08, result=0xd7df6c) returned 0x0
[0319.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.158] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11ee868) returned 0x0
[0319.158] LocalFree (hMem=0x11ee868) returned 0x0
[0319.158] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.159] GdipGetMatrixElements (matrix=0x6638c08, matrixOut=0x11eec58) returned 0x0
[0319.159] LocalFree (hMem=0x11eec58) returned 0x0
[0319.159] GdipDeleteMatrix (matrix=0x6638c08) returned 0x0
[0319.159] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df94) returned 0x0
[0319.159] GdipIsInfiniteRegion (region=0x66453f8, graphics=0x6600030, result=0xd7df84) returned 0x0
[0319.159] GdipGetRegionHRgn (region=0x66453f8, graphics=0x6600030, hRgn=0xd7df84) returned 0x0
[0319.159] GdipDeleteRegion (region=0x66453f8) returned 0x0
[0319.159] GdipGetDC (graphics=0x6600030, hdc=0xd7df9c) returned 0x0
[0319.159] GetCurrentObject (hdc=0xb30107a1, type=0x1) returned 0xb00017
[0319.159] GetCurrentObject (hdc=0xb30107a1, type=0x2) returned 0x900010
[0319.159] GetCurrentObject (hdc=0xb30107a1, type=0x7) returned 0x4a0507fe
[0319.159] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.159] SaveDC (hdc=0xb30107a1) returned 1
[0319.159] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x230407de
[0319.159] GetClipRgn (hdc=0xb30107a1, hrgn=0x230407de) returned 0
[0319.159] SelectClipRgn (hdc=0xb30107a1, hrgn=0xa8040807) returned 2
[0319.159] DeleteObject (ho=0x230407de) returned 1
[0319.159] DeleteObject (ho=0xa8040807) returned 1
[0319.159] OffsetViewportOrgEx (in: hdc=0xb30107a1, x=0, y=0, lppt=0x2e64800 | out: lppt=0x2e64800) returned 1
[0319.159] IsAppThemed () returned 0x1
[0319.159] GetThemeAppProperties () returned 0x3
[0319.159] GetThemeAppProperties () returned 0x3
[0319.160] GetThemeBackgroundContentRect () returned 0x0
[0319.160] RestoreDC (hdc=0xb30107a1, nSavedDC=-1) returned 1
[0319.160] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a1) returned 0x0
[0319.160] IsAppThemed () returned 0x1
[0319.160] GetThemeAppProperties () returned 0x3
[0319.160] GetThemeAppProperties () returned 0x3
[0319.160] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0d0) returned 0x0
[0319.160] GdipGetDC (graphics=0x6600030, hdc=0xd7e0bc) returned 0x0
[0319.160] GetCurrentObject (hdc=0xb30107a1, type=0x1) returned 0xb00017
[0319.160] GetCurrentObject (hdc=0xb30107a1, type=0x2) returned 0x900010
[0319.160] GetCurrentObject (hdc=0xb30107a1, type=0x7) returned 0x4a0507fe
[0319.160] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.160] SaveDC (hdc=0xb30107a1) returned 1
[0319.160] GetTextAlign (hdc=0xb30107a1) returned 0x0
[0319.160] GetTextColor (hdc=0xb30107a1) returned 0x0
[0319.160] GetCurrentObject (hdc=0xb30107a1, type=0x6) returned 0x8a01c2
[0319.160] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de04 | out: pv=0xd7de04) returned 92
[0319.160] SelectObject (hdc=0xb30107a1, h=0x6d0a0520) returned 0x8a01c2
[0319.160] GetBkMode (hdc=0xb30107a1) returned 2
[0319.160] SetBkMode (hdc=0xb30107a1, mode=1) returned 2
[0319.161] DrawTextExW (in: hdc=0xb30107a1, lpchText="&Continue", cchText=9, lprc=0xd7deec, format=0x102415, lpdtp=0x2e64ba0 | out: lpchText="&Continue", lprc=0xd7deec) returned 13
[0319.161] DrawTextExW (in: hdc=0xb30107a1, lpchText="&Continue", cchText=9, lprc=0xd7e050, format=0x102015, lpdtp=0x2e64ba0 | out: lpchText="&Continue", lprc=0xd7e050) returned 13
[0319.161] RestoreDC (hdc=0xb30107a1, nSavedDC=-1) returned 1
[0319.161] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a1) returned 0x0
[0319.161] GetFocus () returned 0x3c02d8
[0319.161] IsAppThemed () returned 0x1
[0319.161] GetThemeAppProperties () returned 0x3
[0319.161] GetThemeAppProperties () returned 0x3
[0319.161] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0319.161] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0xb30107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.161] GdipReleaseDC (graphics=0x6600030, hdc=0xb30107a1) returned 0x0
[0319.161] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.162] SelectObject (hdc=0xb30107a1, h=0x85000f) returned 0x4a0507fe
[0319.162] DeleteDC (hdc=0xb30107a1) returned 1
[0319.162] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.162] EndPaint (hWnd=0x3402c8, lpPaint=0xd7e24c) returned 1
[0319.162] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.162] IsWindowUnicode (hWnd=0x3d00ea) returned 1
[0319.162] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.163] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.163] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.163] BeginPaint (in: hWnd=0x3d00ea, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0xf0105ee
[0319.163] SelectPalette (hdc=0xf0105ee, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.163] CreateCompatibleDC (hdc=0xf0105ee) returned 0xb50107a1
[0319.163] SelectObject (hdc=0xb50107a1, h=0x4a0507fe) returned 0x85000f
[0319.163] GdipCreateFromHDC (hdc=0xb50107a1, graphics=0xd7e268) returned 0x0
[0319.163] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.163] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0319.163] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0319.163] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0319.163] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e2c8) returned 0x0
[0319.163] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.163] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee868) returned 0x0
[0319.163] LocalFree (hMem=0x11ee868) returned 0x0
[0319.163] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0319.163] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0319.164] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0319.164] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0319.164] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0319.164] GdipRestoreGraphics (graphics=0x6600030, state=0xf4ba0dbd) returned 0x0
[0319.164] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0319.164] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0319.164] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0319.164] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0319.164] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0319.164] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.164] SaveDC (hdc=0xb50107a1) returned 1
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0xf0f0f0) returned 0xf0f0f0
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0xa0a0a0) returned 0xa0a0a0
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0x696969) returned 0x696969
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0xa0a0a0) returned 0xa0a0a0
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0x0) returned 0x0
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0xffffff) returned 0xffffff
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0xe5e5e5) returned 0xe5e5e5
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0xd7d7d7) returned 0xd7d7d7
[0319.164] GetNearestColor (hdc=0xb50107a1, color=0x0) returned 0x0
[0319.164] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0319.164] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0319.165] IsAppThemed () returned 0x1
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7e140, fWinIni=0x0 | out: pvParam=0xd7e140) returned 1
[0319.165] SendMessageW (hWnd=0x3a02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0319.165] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0319.165] IsAppThemed () returned 0x1
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] DrawTextExW (in: hdc=0x65010512, lpchText="&Quit", cchText=5, lprc=0xd7df90, format=0x102415, lpdtp=0x2e653b0 | out: lpchText="&Quit", lprc=0xd7df90) returned 13
[0319.165] IsAppThemed () returned 0x1
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] IsAppThemed () returned 0x1
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] GetFocus () returned 0x3c02d8
[0319.165] IsAppThemed () returned 0x1
[0319.165] GetThemeAppProperties () returned 0x3
[0319.165] GetThemeAppProperties () returned 0x3
[0319.166] IsAppThemed () returned 0x1
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] IsThemePartDefined () returned 0x1
[0319.166] IsAppThemed () returned 0x1
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0319.166] IsAppThemed () returned 0x1
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] IsAppThemed () returned 0x1
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] GetThemeAppProperties () returned 0x3
[0319.166] IsThemePartDefined () returned 0x1
[0319.166] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0319.166] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0319.166] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0319.166] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0319.166] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7dff0) returned 0x0
[0319.166] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eea98) returned 0x0
[0319.166] LocalFree (hMem=0x11eea98) returned 0x0
[0319.166] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0319.166] LocalFree (hMem=0x11ee868) returned 0x0
[0319.166] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0319.166] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e018) returned 0x0
[0319.166] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e008) returned 0x0
[0319.167] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0319.167] GdipDeleteRegion (region=0x6645908) returned 0x0
[0319.167] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0319.167] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0319.167] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0319.167] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0319.167] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.167] SaveDC (hdc=0xb50107a1) returned 1
[0319.167] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xa9040807
[0319.167] GetClipRgn (hdc=0xb50107a1, hrgn=0xa9040807) returned 0
[0319.167] SelectClipRgn (hdc=0xb50107a1, hrgn=0x270407de) returned 2
[0319.167] DeleteObject (ho=0xa9040807) returned 1
[0319.167] DeleteObject (ho=0x270407de) returned 1
[0319.167] OffsetViewportOrgEx (in: hdc=0xb50107a1, x=0, y=0, lppt=0x2e65a60 | out: lppt=0x2e65a60) returned 1
[0319.167] DrawThemeParentBackground () returned 0x0
[0319.167] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0319.167] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0319.167] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.167] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.168] GetSystemMetrics (nIndex=42) returned 0
[0319.168] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0319.168] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0319.168] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0319.168] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0319.168] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0319.168] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.168] SaveDC (hdc=0xb50107a1) returned 2
[0319.168] GetNearestColor (hdc=0xb50107a1, color=0xf0f0f0) returned 0xf0f0f0
[0319.168] CreateSolidBrush (color=0xf0f0f0) returned 0xa61007e1
[0319.168] FillRect (hDC=0xb50107a1, lprc=0xd7da38, hbr=0xa61007e1) returned 1
[0319.168] DeleteObject (ho=0xa61007e1) returned 1
[0319.168] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0319.168] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.168] GetSystemMetrics (nIndex=42) returned 0
[0319.168] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.168] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0319.168] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0319.168] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0319.169] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0319.169] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0319.169] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.171] SaveDC (hdc=0xb50107a1) returned 2
[0319.171] GetNearestColor (hdc=0xb50107a1, color=0xf0f0f0) returned 0xf0f0f0
[0319.171] CreateSolidBrush (color=0xf0f0f0) returned 0xa71007e1
[0319.172] FillRect (hDC=0xb50107a1, lprc=0xd7d9d8, hbr=0xa71007e1) returned 1
[0319.172] DeleteObject (ho=0xa71007e1) returned 1
[0319.172] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0319.172] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.172] GetSystemMetrics (nIndex=42) returned 0
[0319.172] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.172] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0319.172] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0319.172] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0319.172] IsAppThemed () returned 0x1
[0319.172] GetThemeAppProperties () returned 0x3
[0319.172] GetThemeAppProperties () returned 0x3
[0319.172] IsAppThemed () returned 0x1
[0319.172] GetThemeAppProperties () returned 0x3
[0319.172] GetThemeAppProperties () returned 0x3
[0319.172] IsThemePartDefined () returned 0x1
[0319.173] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0319.173] GdipGetClip (graphics=0x6600030, region=0x6645ab8) returned 0x0
[0319.173] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0319.173] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0319.173] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df74) returned 0x0
[0319.173] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.173] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eec58) returned 0x0
[0319.173] LocalFree (hMem=0x11eec58) returned 0x0
[0319.173] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0319.173] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11eea98) returned 0x0
[0319.173] LocalFree (hMem=0x11eea98) returned 0x0
[0319.173] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0319.173] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0319.173] GdipIsInfiniteRegion (region=0x6645ab8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0319.173] GdipGetRegionHRgn (region=0x6645ab8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0319.173] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0319.173] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0319.173] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0319.173] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0319.173] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0319.173] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.173] SaveDC (hdc=0xb50107a1) returned 1
[0319.174] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x280407de
[0319.174] GetClipRgn (hdc=0xb50107a1, hrgn=0x280407de) returned 0
[0319.174] SelectClipRgn (hdc=0xb50107a1, hrgn=0xab040807) returned 2
[0319.174] DeleteObject (ho=0x280407de) returned 1
[0319.174] DeleteObject (ho=0xab040807) returned 1
[0319.174] OffsetViewportOrgEx (in: hdc=0xb50107a1, x=0, y=0, lppt=0x2e6630c | out: lppt=0x2e6630c) returned 1
[0319.174] IsAppThemed () returned 0x1
[0319.174] GetThemeAppProperties () returned 0x3
[0319.174] GetThemeAppProperties () returned 0x3
[0319.174] DrawThemeBackground () returned 0x0
[0319.174] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0319.174] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0319.174] GdipCreateRegion (region=0xd7df60) returned 0x0
[0319.174] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0319.174] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0319.174] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638d58) returned 0x0
[0319.174] GdipIsMatrixIdentity (matrix=0x6638d58, result=0xd7df78) returned 0x0
[0319.174] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.174] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11ee868) returned 0x0
[0319.174] LocalFree (hMem=0x11ee868) returned 0x0
[0319.174] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.175] GdipGetMatrixElements (matrix=0x6638d58, matrixOut=0x11eec58) returned 0x0
[0319.175] LocalFree (hMem=0x11eec58) returned 0x0
[0319.175] GdipDeleteMatrix (matrix=0x6638d58) returned 0x0
[0319.175] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0319.175] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7df90) returned 0x0
[0319.175] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0319.175] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0319.175] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0319.175] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0319.175] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0319.175] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0319.175] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.175] SaveDC (hdc=0xb50107a1) returned 1
[0319.175] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xac040807
[0319.175] GetClipRgn (hdc=0xb50107a1, hrgn=0xac040807) returned 0
[0319.175] SelectClipRgn (hdc=0xb50107a1, hrgn=0x290407de) returned 2
[0319.175] DeleteObject (ho=0xac040807) returned 1
[0319.175] DeleteObject (ho=0x290407de) returned 1
[0319.175] OffsetViewportOrgEx (in: hdc=0xb50107a1, x=0, y=0, lppt=0x2e665e0 | out: lppt=0x2e665e0) returned 1
[0319.175] IsAppThemed () returned 0x1
[0319.176] GetThemeAppProperties () returned 0x3
[0319.176] GetThemeAppProperties () returned 0x3
[0319.176] GetThemeBackgroundContentRect () returned 0x0
[0319.176] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0319.176] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0319.176] IsAppThemed () returned 0x1
[0319.176] GetThemeAppProperties () returned 0x3
[0319.176] GetThemeAppProperties () returned 0x3
[0319.176] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0319.176] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0319.176] GetCurrentObject (hdc=0xb50107a1, type=0x1) returned 0xb00017
[0319.176] GetCurrentObject (hdc=0xb50107a1, type=0x2) returned 0x900010
[0319.176] GetCurrentObject (hdc=0xb50107a1, type=0x7) returned 0x4a0507fe
[0319.176] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.176] SaveDC (hdc=0xb50107a1) returned 1
[0319.176] GetTextAlign (hdc=0xb50107a1) returned 0x0
[0319.176] GetTextColor (hdc=0xb50107a1) returned 0x0
[0319.176] GetCurrentObject (hdc=0xb50107a1, type=0x6) returned 0x8a01c2
[0319.176] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0319.176] SelectObject (hdc=0xb50107a1, h=0x6d0a0520) returned 0x8a01c2
[0319.177] GetBkMode (hdc=0xb50107a1) returned 2
[0319.177] SetBkMode (hdc=0xb50107a1, mode=1) returned 2
[0319.177] DrawTextExW (in: hdc=0xb50107a1, lpchText="&Quit", cchText=5, lprc=0xd7def8, format=0x102415, lpdtp=0x2e66980 | out: lpchText="&Quit", lprc=0xd7def8) returned 13
[0319.177] DrawTextExW (in: hdc=0xb50107a1, lpchText="&Quit", cchText=5, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e66980 | out: lpchText="&Quit", lprc=0xd7e05c) returned 13
[0319.177] RestoreDC (hdc=0xb50107a1, nSavedDC=-1) returned 1
[0319.177] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0319.177] GetFocus () returned 0x3c02d8
[0319.177] IsAppThemed () returned 0x1
[0319.177] GetThemeAppProperties () returned 0x3
[0319.177] GetThemeAppProperties () returned 0x3
[0319.177] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0319.177] BitBlt (hdc=0xf0105ee, x=0, y=0, cx=100, cy=23, hdcSrc=0xb50107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.178] GdipReleaseDC (graphics=0x6600030, hdc=0xb50107a1) returned 0x0
[0319.178] SelectPalette (hdc=0xf0105ee, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.178] SelectObject (hdc=0xb50107a1, h=0x85000f) returned 0x4a0507fe
[0319.178] DeleteDC (hdc=0xb50107a1) returned 1
[0319.178] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.178] EndPaint (hWnd=0x3d00ea, lpPaint=0xd7e24c) returned 1
[0319.178] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.178] IsWindowUnicode (hWnd=0x602c4) returned 1
[0319.178] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.178] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.178] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.178] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e250 | out: lpPaint=0xd7e250) returned 0x60100ce
[0319.178] SelectPalette (hdc=0x60100ce, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.179] CreateCompatibleDC (hdc=0x60100ce) returned 0xb70107a1
[0319.179] SelectObject (hdc=0xb70107a1, h=0x4a0507fe) returned 0x85000f
[0319.179] GdipCreateFromHDC (hdc=0xb70107a1, graphics=0xd7e268) returned 0x0
[0319.179] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.179] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0319.179] GdipCreateMatrix (matrix=0xd7e2b0) returned 0x0
[0319.179] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b18) returned 0x0
[0319.179] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7e2c8) returned 0x0
[0319.179] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.179] GdipGetMatrixElements (matrix=0x6638b18, matrixOut=0x11eec58) returned 0x0
[0319.179] LocalFree (hMem=0x11eec58) returned 0x0
[0319.179] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0319.179] GdipCreateRegion (region=0xd7e2b0) returned 0x0
[0319.179] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0319.179] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e2bc) returned 0x0
[0319.180] GdipSaveGraphics (graphics=0x6600030, state=0xd7e2e8) returned 0x0
[0319.180] GdipRestoreGraphics (graphics=0x6600030, state=0xf4b80dbd) returned 0x0
[0319.180] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0319.180] GdipGetDC (graphics=0x6600030, hdc=0xd7e0d4) returned 0x0
[0319.180] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0319.180] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0319.180] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x4a0507fe
[0319.180] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0319.180] SaveDC (hdc=0xb70107a1) returned 1
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0xff) returned 0xff
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0x55) returned 0x55
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0x0) returned 0x0
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0x55) returned 0x55
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0x0) returned 0x0
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0x8080ff) returned 0x8080ff
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0x7373e5) returned 0x7373e5
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0xe5) returned 0xe5
[0319.180] GetNearestColor (hdc=0xb70107a1, color=0x0) returned 0x0
[0319.180] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0319.181] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0319.181] IsAppThemed () returned 0x1
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] IsAppThemed () returned 0x1
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7df90, format=0x102415, lpdtp=0x2e67148 | out: lpchText="Decrypt file", lprc=0xd7df90) returned 13
[0319.181] IsAppThemed () returned 0x1
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] IsAppThemed () returned 0x1
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] GetFocus () returned 0x3c02d8
[0319.181] IsAppThemed () returned 0x1
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] GetThemeAppProperties () returned 0x3
[0319.181] IsAppThemed () returned 0x1
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] IsThemePartDefined () returned 0x1
[0319.182] IsAppThemed () returned 0x1
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0319.182] IsAppThemed () returned 0x1
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] IsAppThemed () returned 0x1
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] GetThemeAppProperties () returned 0x3
[0319.182] IsThemePartDefined () returned 0x1
[0319.182] GdipCreateRegion (region=0xd7dfd8) returned 0x0
[0319.182] GdipGetClip (graphics=0x6600030, region=0x6646178) returned 0x0
[0319.182] GdipCreateMatrix (matrix=0xd7dfd8) returned 0x0
[0319.182] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0319.182] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dff0) returned 0x0
[0319.182] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.182] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee868) returned 0x0
[0319.182] LocalFree (hMem=0x11ee868) returned 0x0
[0319.182] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0319.182] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea28) returned 0x0
[0319.182] LocalFree (hMem=0x11eea28) returned 0x0
[0319.182] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0319.183] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e018) returned 0x0
[0319.183] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6600030, result=0xd7e008) returned 0x0
[0319.183] GdipGetRegionHRgn (region=0x6646178, graphics=0x6600030, hRgn=0xd7e008) returned 0x0
[0319.183] GdipDeleteRegion (region=0x6646178) returned 0x0
[0319.183] GdipGetDC (graphics=0x6600030, hdc=0xd7e020) returned 0x0
[0319.183] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0319.183] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0319.183] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x4a0507fe
[0319.183] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0319.183] SaveDC (hdc=0xb70107a1) returned 1
[0319.183] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2a0407de
[0319.183] GetClipRgn (hdc=0xb70107a1, hrgn=0x2a0407de) returned 0
[0319.183] SelectClipRgn (hdc=0xb70107a1, hrgn=0xb0040807) returned 2
[0319.183] DeleteObject (ho=0x2a0407de) returned 1
[0319.183] DeleteObject (ho=0xb0040807) returned 1
[0319.183] OffsetViewportOrgEx (in: hdc=0xb70107a1, x=0, y=0, lppt=0x2e677f8 | out: lppt=0x2e677f8) returned 1
[0319.183] DrawThemeParentBackground () returned 0x0
[0319.183] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7dce4 | out: lpwndpl=0xd7dce4) returned 1
[0319.184] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7dc90 | out: lpRect=0xd7dc90) returned 1
[0319.184] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0319.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.184] GetSystemMetrics (nIndex=42) returned 0
[0319.184] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7db4c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.184] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7db4c) returned 0xd
[0319.184] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db98 | out: lpRect=0xd7db98) returned 1
[0319.184] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0319.184] GdipGetImageFlags (image=0x65ff260, flags=0xd7dad0) returned 0x0
[0319.184] SelectPalette (hdc=0xb70107a1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.184] GdipCreateFromHDC (hdc=0xb70107a1, graphics=0xd7dac8) returned 0x0
[0319.184] GdipSetPageUnit (graphics=0x6639a18, unit=0x2) returned 0x0
[0319.184] GdipCreateMatrix (matrix=0xd7da88) returned 0x0
[0319.184] GdipGetWorldTransform (graphics=0x6639a18, matrix=0x6638bd8) returned 0x0
[0319.184] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7daa0) returned 0x0
[0319.189] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0319.189] GdipCreateRegion (region=0xd7da88) returned 0x0
[0319.189] GdipGetClip (graphics=0x6639a18, region=0x6645518) returned 0x0
[0319.189] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6639a18, result=0xd7da94) returned 0x0
[0319.189] GdipDeleteRegion (region=0x6645518) returned 0x0
[0319.189] GdipSaveGraphics (graphics=0x6639a18, state=0xd7dac0) returned 0x0
[0319.189] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d95c) returned 0x0
[0319.198] GdipFillRectangleI (graphics=0x6639a18, brush=0x664e8b8, x=0, y=0, width=801, height=453) returned 0x0
[0319.198] GdipDeleteBrush (brush=0x664e8b8) returned 0x0
[0319.199] GdipDeleteGraphics (graphics=0x6639a18) returned 0x0
[0319.199] SelectPalette (hdc=0xb70107a1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.199] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0319.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.199] GetSystemMetrics (nIndex=42) returned 0
[0319.199] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.199] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0319.200] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7db38 | out: lpRect=0xd7db38) returned 1
[0319.200] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0319.200] GdipGetImageFlags (image=0x65ff260, flags=0xd7da70) returned 0x0
[0319.200] SelectPalette (hdc=0xb70107a1, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.200] GdipCreateFromHDC (hdc=0xb70107a1, graphics=0xd7da68) returned 0x0
[0319.200] GdipSetPageUnit (graphics=0x6639a18, unit=0x2) returned 0x0
[0319.212] GdipCreateMatrix (matrix=0xd7da28) returned 0x0
[0319.212] GdipGetWorldTransform (graphics=0x6639a18, matrix=0x6638b18) returned 0x0
[0319.212] GdipIsMatrixIdentity (matrix=0x6638b18, result=0xd7da40) returned 0x0
[0319.212] GdipDeleteMatrix (matrix=0x6638b18) returned 0x0
[0319.212] GdipCreateRegion (region=0xd7da28) returned 0x0
[0319.212] GdipGetClip (graphics=0x6639a18, region=0x6645518) returned 0x0
[0319.212] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6639a18, result=0xd7da34) returned 0x0
[0319.212] GdipDeleteRegion (region=0x6645518) returned 0x0
[0319.212] GdipSaveGraphics (graphics=0x6639a18, state=0xd7da60) returned 0x0
[0319.212] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7d8fc) returned 0x0
[0319.228] GdipFillRectangleI (graphics=0x6639a18, brush=0x664ddc0, x=0, y=0, width=801, height=453) returned 0x0
[0319.228] GdipDeleteBrush (brush=0x664ddc0) returned 0x0
[0319.230] GdipRestoreGraphics (graphics=0x6639a18, state=0xf4b40dbd) returned 0x0
[0319.230] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0319.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.230] GetSystemMetrics (nIndex=42) returned 0
[0319.230] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7daec, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.230] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7daec) returned 0xd
[0319.231] GdipDeleteGraphics (graphics=0x6639a18) returned 0x0
[0319.231] SelectPalette (hdc=0xb70107a1, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.231] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0319.231] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0319.231] IsAppThemed () returned 0x1
[0319.231] GetThemeAppProperties () returned 0x3
[0319.237] GetThemeAppProperties () returned 0x3
[0319.237] IsAppThemed () returned 0x1
[0319.237] GetThemeAppProperties () returned 0x3
[0319.237] GetThemeAppProperties () returned 0x3
[0319.237] IsThemePartDefined () returned 0x1
[0319.238] GdipCreateRegion (region=0xd7df5c) returned 0x0
[0319.238] GdipGetClip (graphics=0x6600030, region=0x66451b8) returned 0x0
[0319.238] GdipCreateMatrix (matrix=0xd7df5c) returned 0x0
[0319.238] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0319.238] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7df74) returned 0x0
[0319.238] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0319.238] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea28) returned 0x0
[0319.238] LocalFree (hMem=0x11eea28) returned 0x0
[0319.238] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea98
[0319.238] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eea98) returned 0x0
[0319.238] LocalFree (hMem=0x11eea98) returned 0x0
[0319.238] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0319.238] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7df9c) returned 0x0
[0319.238] GdipIsInfiniteRegion (region=0x66451b8, graphics=0x6600030, result=0xd7df8c) returned 0x0
[0319.238] GdipGetRegionHRgn (region=0x66451b8, graphics=0x6600030, hRgn=0xd7df8c) returned 0x0
[0319.238] GdipDeleteRegion (region=0x66451b8) returned 0x0
[0319.239] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa4) returned 0x0
[0319.239] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0319.239] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0319.239] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x4a0507fe
[0319.239] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0319.239] SaveDC (hdc=0xb70107a1) returned 1
[0319.239] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb1040807
[0319.239] GetClipRgn (hdc=0xb70107a1, hrgn=0xb1040807) returned 0
[0319.239] SelectClipRgn (hdc=0xb70107a1, hrgn=0x2c0407de) returned 2
[0319.239] DeleteObject (ho=0xb1040807) returned 1
[0319.239] DeleteObject (ho=0x2c0407de) returned 1
[0319.239] OffsetViewportOrgEx (in: hdc=0xb70107a1, x=0, y=0, lppt=0x2e6e048 | out: lppt=0x2e6e048) returned 1
[0319.239] IsAppThemed () returned 0x1
[0319.239] GetThemeAppProperties () returned 0x3
[0319.239] GetThemeAppProperties () returned 0x3
[0319.240] DrawThemeBackground () returned 0x0
[0319.240] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0319.240] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0319.240] GdipCreateRegion (region=0xd7df60) returned 0x0
[0319.240] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0319.240] GdipCreateMatrix (matrix=0xd7df60) returned 0x0
[0319.240] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638bd8) returned 0x0
[0319.240] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df78) returned 0x0
[0319.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.240] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11eec58) returned 0x0
[0319.240] LocalFree (hMem=0x11eec58) returned 0x0
[0319.240] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.240] GdipGetMatrixElements (matrix=0x6638bd8, matrixOut=0x11ee868) returned 0x0
[0319.240] LocalFree (hMem=0x11ee868) returned 0x0
[0319.240] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0319.240] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7dfa0) returned 0x0
[0319.241] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7df90) returned 0x0
[0319.241] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7df90) returned 0x0
[0319.241] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0319.241] GdipGetDC (graphics=0x6600030, hdc=0xd7dfa8) returned 0x0
[0319.241] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0319.241] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0319.241] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x4a0507fe
[0319.241] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0319.241] SaveDC (hdc=0xb70107a1) returned 1
[0319.241] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x2d0407de
[0319.241] GetClipRgn (hdc=0xb70107a1, hrgn=0x2d0407de) returned 0
[0319.241] SelectClipRgn (hdc=0xb70107a1, hrgn=0xb2040807) returned 2
[0319.241] DeleteObject (ho=0x2d0407de) returned 1
[0319.241] DeleteObject (ho=0xb2040807) returned 1
[0319.241] OffsetViewportOrgEx (in: hdc=0xb70107a1, x=0, y=0, lppt=0x2e6e31c | out: lppt=0x2e6e31c) returned 1
[0319.241] IsAppThemed () returned 0x1
[0319.241] GetThemeAppProperties () returned 0x3
[0319.241] GetThemeAppProperties () returned 0x3
[0319.242] GetThemeBackgroundContentRect () returned 0x0
[0319.242] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0319.242] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0319.242] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e0b4) returned 0x0
[0319.242] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e0b0) returned 0x0
[0319.242] GdipFillRectangleI (graphics=0x6600030, brush=0x6637828, x=4, y=4, width=67, height=15) returned 0x0
[0319.242] GdipDeleteBrush (brush=0x6637828) returned 0x0
[0319.242] IsAppThemed () returned 0x1
[0319.242] GetThemeAppProperties () returned 0x3
[0319.242] GetThemeAppProperties () returned 0x3
[0319.242] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e0dc) returned 0x0
[0319.242] GdipGetDC (graphics=0x6600030, hdc=0xd7e0c8) returned 0x0
[0319.242] GetCurrentObject (hdc=0xb70107a1, type=0x1) returned 0xb00017
[0319.242] GetCurrentObject (hdc=0xb70107a1, type=0x2) returned 0x900010
[0319.242] GetCurrentObject (hdc=0xb70107a1, type=0x7) returned 0x4a0507fe
[0319.242] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0319.242] SaveDC (hdc=0xb70107a1) returned 1
[0319.242] GetTextAlign (hdc=0xb70107a1) returned 0x0
[0319.243] GetTextColor (hdc=0xb70107a1) returned 0x0
[0319.243] GetCurrentObject (hdc=0xb70107a1, type=0x6) returned 0x8a01c2
[0319.243] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7de10 | out: pv=0xd7de10) returned 92
[0319.243] SelectObject (hdc=0xb70107a1, h=0x6d0a0520) returned 0x8a01c2
[0319.243] GetBkMode (hdc=0xb70107a1) returned 2
[0319.243] SetBkMode (hdc=0xb70107a1, mode=1) returned 2
[0319.243] DrawTextExW (in: hdc=0xb70107a1, lpchText="Decrypt file", cchText=12, lprc=0xd7def8, format=0x102415, lpdtp=0x2e6e6e0 | out: lpchText="Decrypt file", lprc=0xd7def8) returned 13
[0319.243] DrawTextExW (in: hdc=0xb70107a1, lpchText="Decrypt file", cchText=12, lprc=0xd7e05c, format=0x102015, lpdtp=0x2e6e6e0 | out: lpchText="Decrypt file", lprc=0xd7e05c) returned 13
[0319.244] RestoreDC (hdc=0xb70107a1, nSavedDC=-1) returned 1
[0319.244] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0319.244] GetFocus () returned 0x3c02d8
[0319.244] IsAppThemed () returned 0x1
[0319.244] GetThemeAppProperties () returned 0x3
[0319.244] GetThemeAppProperties () returned 0x3
[0319.244] GdipGetDC (graphics=0x6600030, hdc=0xd7e2a8) returned 0x0
[0319.244] BitBlt (hdc=0x60100ce, x=0, y=0, cx=75, cy=23, hdcSrc=0xb70107a1, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.244] GdipReleaseDC (graphics=0x6600030, hdc=0xb70107a1) returned 0x0
[0319.244] SelectPalette (hdc=0x60100ce, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.245] SelectObject (hdc=0xb70107a1, h=0x85000f) returned 0x4a0507fe
[0319.245] DeleteDC (hdc=0xb70107a1) returned 1
[0319.245] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.245] EndPaint (hWnd=0x602c4, lpPaint=0xd7e24c) returned 1
[0319.245] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.245] IsWindowUnicode (hWnd=0x3402c8) returned 1
[0319.245] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.245] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.245] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.245] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.245] IsWindowUnicode (hWnd=0x3402c8) returned 1
[0319.246] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.246] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.246] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.246] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x2a1, wParam=0x0, lParam=0xa0037) returned 0x0
[0319.246] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0319.246] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 0
[0319.246] WaitMessage () returned 1
[0319.296] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.297] IsWindowUnicode (hWnd=0x3402c8) returned 1
[0319.297] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.297] GetDlgItem (hDlg=0x3a02de, nIDDlgItem=0) returned 0x0
[0319.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x210, wParam=0x201, lParam=0x680118) returned 0x0
[0319.297] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x21, wParam=0x3a02de, lParam=0x2010001) returned 0x1
[0319.297] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x21, wParam=0x3a02de, lParam=0x2010001) returned 0x1
[0319.297] SetCursor (hCursor=0x10003) returned 0x10003
[0319.297] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.297] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.297] GetKeyState (nVirtKey=1) returned -127
[0319.297] GetKeyState (nVirtKey=2) returned 0
[0319.298] GetKeyState (nVirtKey=4) returned 0
[0319.298] GetKeyState (nVirtKey=5) returned 0
[0319.298] GetKeyState (nVirtKey=6) returned 0
[0319.298] IsWindowVisible (hWnd=0x3402c8) returned 1
[0319.298] IsWindowEnabled (hWnd=0x3402c8) returned 1
[0319.298] SetFocus (hWnd=0x3402c8) returned 0x3c02d8
[0319.298] GetFocus () returned 0x3402c8
[0319.298] IsChild (hWndParent=0x3a02de, hWnd=0x3402c8) returned 1
[0319.298] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x8, wParam=0x3402c8, lParam=0x0) returned 0x0
[0319.298] GetCapture () returned 0x0
[0319.298] InvalidateRect (hWnd=0x3c02d8, lpRect=0x0, bErase=0) returned 1
[0319.299] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0319.300] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0319.301] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0319.302] InvalidateRect (hWnd=0x3c02d8, lpRect=0x0, bErase=0) returned 1
[0319.302] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x7, wParam=0x3c02d8, lParam=0x0) returned 0x0
[0319.302] GetStockObject (i=5) returned 0x900015
[0319.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0319.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0xd, wParam=0xa, lParam=0x11f57a0) returned 0x9
[0319.302] GetDlgItem (hDlg=0x3a02de, nIDDlgItem=3408584) returned 0x3402c8
[0319.302] SendMessageW (hWnd=0x3402c8, Msg=0x202b, wParam=0x3402c8, lParam=0xd7dddc) returned 0x0
[0319.302] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x202b, wParam=0x3402c8, lParam=0xd7dddc) returned 0x0
[0319.302] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.303] GetFocus () returned 0x3402c8
[0319.303] GetFocus () returned 0x3402c8
[0319.303] GetFocus () returned 0x3402c8
[0319.304] GetKeyState (nVirtKey=1) returned -127
[0319.304] GetKeyState (nVirtKey=2) returned 0
[0319.304] GetKeyState (nVirtKey=4) returned 0
[0319.304] GetKeyState (nVirtKey=5) returned 0
[0319.304] GetKeyState (nVirtKey=6) returned 0
[0319.304] GetCapture () returned 0x0
[0319.304] SetCapture (hWnd=0x3402c8) returned 0x0
[0319.304] GetKeyState (nVirtKey=1) returned -127
[0319.304] GetKeyState (nVirtKey=2) returned 0
[0319.304] GetKeyState (nVirtKey=4) returned 0
[0319.304] GetKeyState (nVirtKey=5) returned 0
[0319.304] GetKeyState (nVirtKey=6) returned 0
[0319.304] NotifyWinEvent (event=0x800a, hwnd=0x3402c8, idObject=-4, idChild=0)
[0319.304] InvalidateRect (hWnd=0x3402c8, lpRect=0xd7e430, bErase=0) returned 1
[0319.304] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.304] IsWindowUnicode (hWnd=0x3402c8) returned 1
[0319.304] GetMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.304] TranslateMessage (lpMsg=0xd7e808) returned 0
[0319.304] DispatchMessageW (lpMsg=0xd7e808) returned 0x0
[0319.304] MapWindowPoints (in: hWndFrom=0x3402c8, hWndTo=0x0, lpPoints=0x2e6e8f4, cPoints=0x1 | out: lpPoints=0x2e6e8f4) returned 30999254
[0319.304] NotifyWinEvent (event=0x800a, hwnd=0x3402c8, idObject=-4, idChild=0)
[0319.304] InvalidateRect (hWnd=0x3402c8, lpRect=0xd7e3d0, bErase=0) returned 1
[0319.304] UpdateWindow (hWnd=0x3402c8) returned 1
[0319.305] BeginPaint (in: hWnd=0x3402c8, lpPaint=0xd7dee8 | out: lpPaint=0xd7dee8) returned 0x10105d6
[0319.305] SelectPalette (hdc=0x10105d6, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.305] CreateCompatibleDC (hdc=0x10105d6) returned 0x860107a2
[0319.305] SelectObject (hdc=0x860107a2, h=0x4a0507fe) returned 0x85000f
[0319.305] GdipCreateFromHDC (hdc=0x860107a2, graphics=0xd7df00) returned 0x0
[0319.305] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.305] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=100, height=23, combineMode=0x0) returned 0x0
[0319.305] GdipCreateMatrix (matrix=0xd7df48) returned 0x0
[0319.305] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638db8) returned 0x0
[0319.305] GdipIsMatrixIdentity (matrix=0x6638db8, result=0xd7df60) returned 0x0
[0319.305] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.305] GdipGetMatrixElements (matrix=0x6638db8, matrixOut=0x11eec58) returned 0x0
[0319.305] LocalFree (hMem=0x11eec58) returned 0x0
[0319.305] GdipDeleteMatrix (matrix=0x6638db8) returned 0x0
[0319.305] GdipCreateRegion (region=0xd7df48) returned 0x0
[0319.306] GdipGetClip (graphics=0x6600030, region=0x6645128) returned 0x0
[0319.306] GdipIsInfiniteRegion (region=0x6645128, graphics=0x6600030, result=0xd7df54) returned 0x0
[0319.306] GdipSaveGraphics (graphics=0x6600030, state=0xd7df80) returned 0x0
[0319.306] GdipRestoreGraphics (graphics=0x6600030, state=0xf4b20dbd) returned 0x0
[0319.306] GdipDeleteRegion (region=0x6645128) returned 0x0
[0319.306] GdipGetDC (graphics=0x6600030, hdc=0xd7dd60) returned 0x0
[0319.306] GetCurrentObject (hdc=0x860107a2, type=0x1) returned 0xb00017
[0319.306] GetCurrentObject (hdc=0x860107a2, type=0x2) returned 0x900010
[0319.306] GetCurrentObject (hdc=0x860107a2, type=0x7) returned 0x4a0507fe
[0319.306] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.306] SaveDC (hdc=0x860107a2) returned 1
[0319.306] GetNearestColor (hdc=0x860107a2, color=0xf0f0f0) returned 0xf0f0f0
[0319.306] GetNearestColor (hdc=0x860107a2, color=0xa0a0a0) returned 0xa0a0a0
[0319.306] GetNearestColor (hdc=0x860107a2, color=0x696969) returned 0x696969
[0319.306] GetNearestColor (hdc=0x860107a2, color=0xa0a0a0) returned 0xa0a0a0
[0319.306] GetNearestColor (hdc=0x860107a2, color=0x0) returned 0x0
[0319.306] GetNearestColor (hdc=0x860107a2, color=0xffffff) returned 0xffffff
[0319.306] GetNearestColor (hdc=0x860107a2, color=0xe5e5e5) returned 0xe5e5e5
[0319.307] GetNearestColor (hdc=0x860107a2, color=0xd7d7d7) returned 0xd7d7d7
[0319.307] GetNearestColor (hdc=0x860107a2, color=0x0) returned 0x0
[0319.307] RestoreDC (hdc=0x860107a2, nSavedDC=-1) returned 1
[0319.307] GdipReleaseDC (graphics=0x6600030, hdc=0x860107a2) returned 0x0
[0319.307] IsAppThemed () returned 0x1
[0319.307] GetThemeAppProperties () returned 0x3
[0319.307] GetThemeAppProperties () returned 0x3
[0319.307] IsAppThemed () returned 0x1
[0319.307] GetThemeAppProperties () returned 0x3
[0319.307] GetThemeAppProperties () returned 0x3
[0319.307] DrawTextExW (in: hdc=0x65010512, lpchText="&Continue", cchText=9, lprc=0xd7dc1c, format=0x102415, lpdtp=0x2e6f04c | out: lpchText="&Continue", lprc=0xd7dc1c) returned 13
[0319.307] IsAppThemed () returned 0x1
[0319.307] GetThemeAppProperties () returned 0x3
[0319.307] GetThemeAppProperties () returned 0x3
[0319.307] IsAppThemed () returned 0x1
[0319.307] GetThemeAppProperties () returned 0x3
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] IsAppThemed () returned 0x1
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] IsAppThemed () returned 0x1
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] IsThemePartDefined () returned 0x1
[0319.308] IsAppThemed () returned 0x1
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0319.308] IsAppThemed () returned 0x1
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] IsAppThemed () returned 0x1
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] GetThemeAppProperties () returned 0x3
[0319.308] IsThemePartDefined () returned 0x1
[0319.308] GdipCreateRegion (region=0xd7dc64) returned 0x0
[0319.308] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0319.308] GdipCreateMatrix (matrix=0xd7dc64) returned 0x0
[0319.308] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ba8) returned 0x0
[0319.308] GdipIsMatrixIdentity (matrix=0x6638ba8, result=0xd7dc7c) returned 0x0
[0319.308] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea60
[0319.308] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11eea60) returned 0x0
[0319.309] LocalFree (hMem=0x11eea60) returned 0x0
[0319.309] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee910
[0319.309] GdipGetMatrixElements (matrix=0x6638ba8, matrixOut=0x11ee910) returned 0x0
[0319.309] LocalFree (hMem=0x11ee910) returned 0x0
[0319.309] GdipDeleteMatrix (matrix=0x6638ba8) returned 0x0
[0319.309] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7dca4) returned 0x0
[0319.309] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7dc94) returned 0x0
[0319.309] GdipGetRegionHRgn (region=0x66460e8, graphics=0x6600030, hRgn=0xd7dc94) returned 0x0
[0319.309] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0319.309] GdipGetDC (graphics=0x6600030, hdc=0xd7dcac) returned 0x0
[0319.309] GetCurrentObject (hdc=0x860107a2, type=0x1) returned 0xb00017
[0319.309] GetCurrentObject (hdc=0x860107a2, type=0x2) returned 0x900010
[0319.309] GetCurrentObject (hdc=0x860107a2, type=0x7) returned 0x4a0507fe
[0319.309] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.309] SaveDC (hdc=0x860107a2) returned 1
[0319.312] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb3040807
[0319.313] GetClipRgn (hdc=0x860107a2, hrgn=0xb3040807) returned 0
[0319.313] SelectClipRgn (hdc=0x860107a2, hrgn=0x310407de) returned 2
[0319.313] DeleteObject (ho=0xb3040807) returned 1
[0319.313] DeleteObject (ho=0x310407de) returned 1
[0319.313] OffsetViewportOrgEx (in: hdc=0x860107a2, x=0, y=0, lppt=0x2e6f6fc | out: lppt=0x2e6f6fc) returned 1
[0319.313] DrawThemeParentBackground () returned 0x0
[0319.313] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7d974 | out: lpwndpl=0xd7d974) returned 1
[0319.313] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7d920 | out: lpRect=0xd7d920) returned 1
[0319.313] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.313] GetSystemMetrics (nIndex=42) returned 0
[0319.313] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7d7dc, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.313] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7d7dc) returned 0xd
[0319.313] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7d828 | out: lpRect=0xd7d828) returned 1
[0319.313] GetCurrentObject (hdc=0x860107a2, type=0x1) returned 0xb00017
[0319.313] GetCurrentObject (hdc=0x860107a2, type=0x2) returned 0x900010
[0319.313] GetCurrentObject (hdc=0x860107a2, type=0x7) returned 0x4a0507fe
[0319.314] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.314] SaveDC (hdc=0x860107a2) returned 2
[0319.314] GetNearestColor (hdc=0x860107a2, color=0xf0f0f0) returned 0xf0f0f0
[0319.314] CreateSolidBrush (color=0xf0f0f0) returned 0xa81007e1
[0319.314] FillRect (hDC=0x860107a2, lprc=0xd7d6c8, hbr=0xa81007e1) returned 1
[0319.314] DeleteObject (ho=0xa81007e1) returned 1
[0319.314] RestoreDC (hdc=0x860107a2, nSavedDC=-1) returned 1
[0319.314] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.314] GetSystemMetrics (nIndex=42) returned 0
[0319.314] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.314] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0319.314] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7d7c8 | out: lpRect=0xd7d7c8) returned 1
[0319.314] GetCurrentObject (hdc=0x860107a2, type=0x1) returned 0xb00017
[0319.314] GetCurrentObject (hdc=0x860107a2, type=0x2) returned 0x900010
[0319.314] GetCurrentObject (hdc=0x860107a2, type=0x7) returned 0x4a0507fe
[0319.314] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.314] SaveDC (hdc=0x860107a2) returned 2
[0319.315] GetNearestColor (hdc=0x860107a2, color=0xf0f0f0) returned 0xf0f0f0
[0319.315] CreateSolidBrush (color=0xf0f0f0) returned 0xa91007e1
[0319.315] FillRect (hDC=0x860107a2, lprc=0xd7d668, hbr=0xa91007e1) returned 1
[0319.315] DeleteObject (ho=0xa91007e1) returned 1
[0319.315] RestoreDC (hdc=0x860107a2, nSavedDC=-1) returned 1
[0319.315] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.315] GetSystemMetrics (nIndex=42) returned 0
[0319.315] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7d77c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.315] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7d77c) returned 0xd
[0319.315] RestoreDC (hdc=0x860107a2, nSavedDC=-1) returned 1
[0319.315] GdipReleaseDC (graphics=0x6600030, hdc=0x860107a2) returned 0x0
[0319.315] IsAppThemed () returned 0x1
[0319.315] GetThemeAppProperties () returned 0x3
[0319.315] GetThemeAppProperties () returned 0x3
[0319.315] IsAppThemed () returned 0x1
[0319.315] GetThemeAppProperties () returned 0x3
[0319.315] GetThemeAppProperties () returned 0x3
[0319.315] IsThemePartDefined () returned 0x1
[0319.316] GdipCreateRegion (region=0xd7dbe8) returned 0x0
[0319.316] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0319.316] GdipCreateMatrix (matrix=0xd7dbe8) returned 0x0
[0319.316] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638ab8) returned 0x0
[0319.316] GdipIsMatrixIdentity (matrix=0x6638ab8, result=0xd7dc00) returned 0x0
[0319.316] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0319.316] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eec58) returned 0x0
[0319.316] LocalFree (hMem=0x11eec58) returned 0x0
[0319.316] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0319.316] GdipGetMatrixElements (matrix=0x6638ab8, matrixOut=0x11eea28) returned 0x0
[0319.316] LocalFree (hMem=0x11eea28) returned 0x0
[0319.316] GdipDeleteMatrix (matrix=0x6638ab8) returned 0x0
[0319.316] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7dc28) returned 0x0
[0319.316] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7dc18) returned 0x0
[0319.316] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7dc18) returned 0x0
[0319.316] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0319.316] GdipGetDC (graphics=0x6600030, hdc=0xd7dc30) returned 0x0
[0319.316] GetCurrentObject (hdc=0x860107a2, type=0x1) returned 0xb00017
[0319.316] GetCurrentObject (hdc=0x860107a2, type=0x2) returned 0x900010
[0319.316] GetCurrentObject (hdc=0x860107a2, type=0x7) returned 0x4a0507fe
[0319.317] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.317] SaveDC (hdc=0x860107a2) returned 1
[0319.317] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x320407de
[0319.317] GetClipRgn (hdc=0x860107a2, hrgn=0x320407de) returned 0
[0319.317] SelectClipRgn (hdc=0x860107a2, hrgn=0xb5040807) returned 2
[0319.317] DeleteObject (ho=0x320407de) returned 1
[0319.317] DeleteObject (ho=0xb5040807) returned 1
[0319.317] OffsetViewportOrgEx (in: hdc=0x860107a2, x=0, y=0, lppt=0x2e6ffa8 | out: lppt=0x2e6ffa8) returned 1
[0319.317] IsAppThemed () returned 0x1
[0319.317] GetThemeAppProperties () returned 0x3
[0319.317] GetThemeAppProperties () returned 0x3
[0319.317] DrawThemeBackground () returned 0x0
[0319.317] RestoreDC (hdc=0x860107a2, nSavedDC=-1) returned 1
[0319.317] GdipReleaseDC (graphics=0x6600030, hdc=0x860107a2) returned 0x0
[0319.317] GdipCreateRegion (region=0xd7dbec) returned 0x0
[0319.317] GdipGetClip (graphics=0x6600030, region=0x6645b48) returned 0x0
[0319.317] GdipCreateMatrix (matrix=0xd7dbec) returned 0x0
[0319.317] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cc8) returned 0x0
[0319.317] GdipIsMatrixIdentity (matrix=0x6638cc8, result=0xd7dc04) returned 0x0
[0319.317] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.318] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0319.318] LocalFree (hMem=0x11ee868) returned 0x0
[0319.318] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.318] GdipGetMatrixElements (matrix=0x6638cc8, matrixOut=0x11ee868) returned 0x0
[0319.318] LocalFree (hMem=0x11ee868) returned 0x0
[0319.318] GdipDeleteMatrix (matrix=0x6638cc8) returned 0x0
[0319.318] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7dc2c) returned 0x0
[0319.318] GdipIsInfiniteRegion (region=0x6645b48, graphics=0x6600030, result=0xd7dc1c) returned 0x0
[0319.318] GdipGetRegionHRgn (region=0x6645b48, graphics=0x6600030, hRgn=0xd7dc1c) returned 0x0
[0319.318] GdipDeleteRegion (region=0x6645b48) returned 0x0
[0319.318] GdipGetDC (graphics=0x6600030, hdc=0xd7dc34) returned 0x0
[0319.318] GetCurrentObject (hdc=0x860107a2, type=0x1) returned 0xb00017
[0319.318] GetCurrentObject (hdc=0x860107a2, type=0x2) returned 0x900010
[0319.318] GetCurrentObject (hdc=0x860107a2, type=0x7) returned 0x4a0507fe
[0319.318] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.318] SaveDC (hdc=0x860107a2) returned 1
[0319.318] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xb6040807
[0319.318] GetClipRgn (hdc=0x860107a2, hrgn=0xb6040807) returned 0
[0319.318] SelectClipRgn (hdc=0x860107a2, hrgn=0x330407de) returned 2
[0319.318] DeleteObject (ho=0xb6040807) returned 1
[0319.318] DeleteObject (ho=0x330407de) returned 1
[0319.319] OffsetViewportOrgEx (in: hdc=0x860107a2, x=0, y=0, lppt=0x2e7027c | out: lppt=0x2e7027c) returned 1
[0319.319] IsAppThemed () returned 0x1
[0319.319] GetThemeAppProperties () returned 0x3
[0319.319] GetThemeAppProperties () returned 0x3
[0319.319] GetThemeBackgroundContentRect () returned 0x0
[0319.319] RestoreDC (hdc=0x860107a2, nSavedDC=-1) returned 1
[0319.319] GdipReleaseDC (graphics=0x6600030, hdc=0x860107a2) returned 0x0
[0319.319] IsAppThemed () returned 0x1
[0319.319] GetThemeAppProperties () returned 0x3
[0319.319] GetThemeAppProperties () returned 0x3
[0319.319] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7dd68) returned 0x0
[0319.319] GdipGetDC (graphics=0x6600030, hdc=0xd7dd54) returned 0x0
[0319.319] GetCurrentObject (hdc=0x860107a2, type=0x1) returned 0xb00017
[0319.319] GetCurrentObject (hdc=0x860107a2, type=0x2) returned 0x900010
[0319.319] GetCurrentObject (hdc=0x860107a2, type=0x7) returned 0x4a0507fe
[0319.319] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.319] SaveDC (hdc=0x860107a2) returned 1
[0319.319] GetTextAlign (hdc=0x860107a2) returned 0x0
[0319.319] GetTextColor (hdc=0x860107a2) returned 0x0
[0319.319] GetCurrentObject (hdc=0x860107a2, type=0x6) returned 0x8a01c2
[0319.319] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7da9c | out: pv=0xd7da9c) returned 92
[0319.320] SelectObject (hdc=0x860107a2, h=0x6d0a0520) returned 0x8a01c2
[0319.320] GetBkMode (hdc=0x860107a2) returned 2
[0319.320] SetBkMode (hdc=0x860107a2, mode=1) returned 2
[0319.320] DrawTextExW (in: hdc=0x860107a2, lpchText="&Continue", cchText=9, lprc=0xd7db84, format=0x102415, lpdtp=0x2e7061c | out: lpchText="&Continue", lprc=0xd7db84) returned 13
[0319.320] DrawTextExW (in: hdc=0x860107a2, lpchText="&Continue", cchText=9, lprc=0xd7dce8, format=0x102015, lpdtp=0x2e7061c | out: lpchText="&Continue", lprc=0xd7dce8) returned 13
[0319.320] RestoreDC (hdc=0x860107a2, nSavedDC=-1) returned 1
[0319.320] GdipReleaseDC (graphics=0x6600030, hdc=0x860107a2) returned 0x0
[0319.320] GetFocus () returned 0x3402c8
[0319.320] SystemParametersInfoW (in: uiAction=0x100a, uiParam=0x0, pvParam=0xd7de20, fWinIni=0x0 | out: pvParam=0xd7de20) returned 1
[0319.320] SendMessageW (hWnd=0x3a02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0319.321] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x127, wParam=0x30001, lParam=0x0) returned 0x0
[0319.321] IsAppThemed () returned 0x1
[0319.321] GetThemeAppProperties () returned 0x3
[0319.321] GetThemeAppProperties () returned 0x3
[0319.321] GdipGetDC (graphics=0x6600030, hdc=0xd7df40) returned 0x0
[0319.321] BitBlt (hdc=0x10105d6, x=0, y=0, cx=100, cy=23, hdcSrc=0x860107a2, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.321] GdipReleaseDC (graphics=0x6600030, hdc=0x860107a2) returned 0x0
[0319.321] SelectPalette (hdc=0x10105d6, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.321] SelectObject (hdc=0x860107a2, h=0x85000f) returned 0x4a0507fe
[0319.321] DeleteDC (hdc=0x860107a2) returned 1
[0319.321] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.321] EndPaint (hWnd=0x3402c8, lpPaint=0xd7dee4) returned 1
[0319.321] MapWindowPoints (in: hWndFrom=0x3402c8, hWndTo=0x0, lpPoints=0x2e70718, cPoints=0x1 | out: lpPoints=0x2e70718) returned 30999254
[0319.321] WindowFromPoint (Point=0x30d) returned 0x3402c8
[0319.321] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.322] NotifyWinEvent (event=0x800a, hwnd=0x3402c8, idObject=-4, idChild=0)
[0319.322] NotifyWinEvent (event=0x800c, hwnd=0x3402c8, idObject=-4, idChild=0)
[0319.322] GetCapture () returned 0x3402c8
[0319.322] ReleaseCapture () returned 1
[0319.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x215, wParam=0x0, lParam=0x0) returned 0x0
[0319.322] PeekMessageW (in: lpMsg=0xd7e808, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7e808) returned 1
[0319.322] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.322] IsWindow (hWnd=0x7005c) returned 1
[0319.322] EnableWindow (hWnd=0x7005c, bEnable=1) returned 1
[0319.325] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xa, wParam=0x1, lParam=0x0) returned 0x0
[0319.325] IsWindow (hWnd=0x3a02de) returned 1
[0319.325] SetActiveWindow (hWnd=0x3a02de) returned 0x3a02de
[0319.325] IsWindow (hWnd=0x3a02de) returned 1
[0319.325] SetFocus (hWnd=0x3a02de) returned 0x3402c8
[0319.325] GetFocus () returned 0x3a02de
[0319.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x8, wParam=0x3a02de, lParam=0x0) returned 0x0
[0319.326] GetCapture () returned 0x0
[0319.326] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.326] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0319.328] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0319.329] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0319.329] GetFocus () returned 0x3a02de
[0319.329] SetFocus (hWnd=0x3402c8) returned 0x3a02de
[0319.330] GetFocus () returned 0x3402c8
[0319.330] IsChild (hWndParent=0x3a02de, hWnd=0x3402c8) returned 1
[0319.330] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x8, wParam=0x3402c8, lParam=0x0) returned 0x0
[0319.331] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0319.332] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0319.333] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0319.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x7, wParam=0x3a02de, lParam=0x0) returned 0x0
[0319.333] GetStockObject (i=5) returned 0x900015
[0319.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x9
[0319.333] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0xd, wParam=0xa, lParam=0x11f5560) returned 0x9
[0319.333] GetDlgItem (hDlg=0x3a02de, nIDDlgItem=3408584) returned 0x3402c8
[0319.334] SendMessageW (hWnd=0x3402c8, Msg=0x202b, wParam=0x3402c8, lParam=0xd7ddcc) returned 0x0
[0319.334] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x202b, wParam=0x3402c8, lParam=0xd7ddcc) returned 0x0
[0319.334] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.336] GetWindowLongW (hWnd=0x3a02de, nIndex=-8) returned 458844
[0319.336] GetWindowThreadProcessId (in: hWnd=0x7005c, lpdwProcessId=0xd7e7c4 | out: lpdwProcessId=0xd7e7c4) returned 0xf50
[0319.336] GetCurrentThreadId () returned 0xf50
[0319.336] IsWindow (hWnd=0x7005c) returned 1
[0319.336] IsWindow (hWnd=0x7005c) returned 1
[0319.336] IsWindowVisible (hWnd=0x7005c) returned 1
[0319.336] SetActiveWindow (hWnd=0x7005c) returned 0x3a02de
[0319.336] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x86, wParam=0x0, lParam=0x7005c) returned 0x1
[0319.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0319.337] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0319.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0319.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0319.338] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x46, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0319.339] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e5a8 | out: lpwndpl=0xd7e5a8) returned 1
[0319.339] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x47, wParam=0x0, lParam=0xd7e87c) returned 0x0
[0319.339] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0319.339] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7e558 | out: lpRect=0xd7e558) returned 1
[0319.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0319.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0319.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0319.340] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x86, wParam=0x1, lParam=0x3a02de) returned 0x1
[0319.350] GetFocus () returned 0x3402c8
[0319.350] SetFocus (hWnd=0x602c4) returned 0x3402c8
[0319.351] GetFocus () returned 0x602c4
[0319.351] IsChild (hWndParent=0x3a02de, hWnd=0x602c4) returned 0
[0319.351] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x8, wParam=0x602c4, lParam=0x0) returned 0x0
[0319.351] GetCapture () returned 0x0
[0319.351] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.352] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x281, wParam=0x0, lParam=0xc000000f) returned 0x0
[0319.353] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x281, wParam=0x1, lParam=0xc000000f) returned 0x0
[0319.354] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0319.354] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x282, wParam=0x1, lParam=0x0) returned 0x0
[0319.354] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0319.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x282, wParam=0x2, lParam=0x0) returned 0x0
[0319.355] GetKeyboardLayout (idThread=0x0) returned 0x4090409
[0319.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x7, wParam=0x3402c8, lParam=0x0) returned 0x0
[0319.355] GetStockObject (i=5) returned 0x900015
[0319.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xc
[0319.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xd, wParam=0xd, lParam=0x11ed788) returned 0xc
[0319.355] GetDlgItem (hDlg=0x7005c, nIDDlgItem=393924) returned 0x602c4
[0319.355] SendMessageW (hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0319.355] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x202b, wParam=0x602c4, lParam=0xd7dedc) returned 0x0
[0319.355] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0319.375] GetFocus () returned 0x602c4
[0319.375] IsChild (hWndParent=0x3a02de, hWnd=0x602c4) returned 0
[0319.375] ShowWindow (hWnd=0x3a02de, nCmdShow=0) returned 1
[0319.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x18, wParam=0x0, lParam=0x0) returned 0x0
[0319.375] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x46, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0319.377] GetWindowPlacement (in: hWnd=0x3a02de, lpwndpl=0xd7e4d8 | out: lpwndpl=0xd7e4d8) returned 1
[0319.377] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x47, wParam=0x0, lParam=0xd7e7ac) returned 0x0
[0319.377] GetClientRect (in: hWnd=0x3a02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0319.377] GetWindowRect (in: hWnd=0x3a02de, lpRect=0xd7e488 | out: lpRect=0xd7e488) returned 1
[0319.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x2, lParam=0x0) returned 0x0
[0319.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x0, lParam=0x0) returned 0x0
[0319.378] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x7f, wParam=0x1, lParam=0x0) returned 0x0
[0319.378] GetWindowLongW (hWnd=0x3a02de, nIndex=-20) returned 327945
[0319.378] DestroyWindow (hWnd=0x3a02de) returned 1
[0319.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0319.379] GetWindowTextLengthW (hWnd=0x3a02de) returned 13
[0319.379] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.379] GetSystemMetrics (nIndex=42) returned 0
[0319.379] GetWindowTextW (in: hWnd=0x3a02de, lpString=0xd7e3a8, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0xd, wParam=0xe, lParam=0xd7e3a8) returned 0xd
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0319.380] GetWindowTextLengthW (hWnd=0x3002ce) returned 0
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x0
[0319.380] GetSystemMetrics (nIndex=42) returned 0
[0319.380] GetWindowTextW (in: hWnd=0x3002ce, lpString=0xd7e3c4, nMaxCount=1 | out: lpString="") returned 0
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0xd, wParam=0x1, lParam=0xd7e3c4) returned 0x0
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0319.380] GetWindowThreadProcessId (in: hWnd=0x3a02dc, lpdwProcessId=0xd7e454 | out: lpdwProcessId=0xd7e454) returned 0xf50
[0319.380] GetWindow (hWnd=0x3a02dc, uCmd=0x5) returned 0x0
[0319.380] GetWindowLongW (hWnd=0x3a02dc, nIndex=-20) returned 65792
[0319.380] DestroyWindow (hWnd=0x3a02dc) returned 1
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0x90, wParam=0x0, lParam=0x0) returned 0x0
[0319.380] GetWindowTextLengthW (hWnd=0x3a02dc) returned 25
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x19
[0319.380] GetSystemMetrics (nIndex=42) returned 0
[0319.380] GetWindowTextW (in: hWnd=0x3a02dc, lpString=0xd7df10, nMaxCount=26 | out: lpString="WindowsFormsParkingWindow") returned 25
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0xd, wParam=0x1a, lParam=0xd7df10) returned 0x19
[0319.380] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0319.381] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02dc, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.381] GetWindowTextLengthW (hWnd=0x3a02da) returned 232
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xe8
[0319.382] GetSystemMetrics (nIndex=42) returned 0
[0319.382] GetWindowTextW (in: hWnd=0x3a02da, lpString=0xd7e1e0, nMaxCount=233 | out: lpString="Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.\r\n\r\nEmpty path name is not legal.") returned 232
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0xd, wParam=0xe9, lParam=0xd7e1e0) returned 0xe8
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0319.382] InvalidateRect (hWnd=0x3402c8, lpRect=0x0, bErase=0) returned 1
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x0
[0319.382] SendMessageW (hWnd=0x2f02d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0xb8, wParam=0x0, lParam=0x0) returned 0x0
[0319.382] SendMessageW (hWnd=0x2f02d0, Msg=0xb0, wParam=0x2e3c618, lParam=0xd7e480) returned 0x0
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0xb0, wParam=0x2e3c618, lParam=0xd7e480) returned 0x0
[0319.382] GetWindowTextLengthW (hWnd=0x2f02d0) returned 4363
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0xe, wParam=0x0, lParam=0x0) returned 0x110b
[0319.382] GetSystemMetrics (nIndex=42) returned 0
[0319.382] CoTaskMemAlloc (cb=0x221c) returned 0x1202960
[0319.382] GetWindowTextW (in: hWnd=0x2f02d0, lpString=0x1202960, nMaxCount=4364 | out: lpString="See the end of this message for details on invoking \r\njust-in-time (JIT) debugging instead of this dialog box.\r\n\r\n************** Exception Text **************\r\nSystem.ArgumentException: Empty path name is not legal.\r\n at System.IO.File.ReadAllText(String path)\r\n at Microsoft.VisualBasic.MyServices.FileSystemProxy.ReadAllText(String file)\r\n at BB_ransomware.Form1.Button1_Click(Object sender, EventArgs e)\r\n at System.Windows.Forms.Control.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnClick(EventArgs e)\r\n at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)\r\n at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)\r\n at System.Windows.Forms.Control.WndProc(Message& m)\r\n at System.Windows.Forms.ButtonBase.WndProc(Message& m)\r\n at System.Windows.Forms.Button.WndProc(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)\r\n at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)\r\n at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)\r\n\r\n\r\n************** Loaded Assemblies **************\r\nmscorlib\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll\r\n----------------------------------------\r\nBB ransomware\r\n Assembly Version: 1.0.0.0\r\n Win32 Version: 1.0.0.0\r\n CodeBase: file:///C:/Users/FD1HVy/Desktop/BB%20ransomware.exe\r\n----------------------------------------\r\nMicrosoft.VisualBasic\r\n Assembly Version: 10.0.0.0\r\n Win32 Version: 14.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll\r\n----------------------------------------\r\nSystem.Windows.Forms\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2104.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll\r\n----------------------------------------\r\nSystem\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2103.2 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll\r\n----------------------------------------\r\nSystem.Drawing\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll\r\n----------------------------------------\r\nSystem.Configuration\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll\r\n----------------------------------------\r\nSystem.Core\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll\r\n----------------------------------------\r\nSystem.Xml\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2102.0 built by: NET47REL1LAST\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll\r\n----------------------------------------\r\nSystem.Runtime.Remoting\r\n Assembly Version: 4.0.0.0\r\n Win32 Version: 4.7.2046.0 built by: NET47REL1\r\n CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll\r\n----------------------------------------\r\n\r\n************** JIT Debugging **************\r\nTo enable just-in-time (JIT) debugging, the .config file for this\r\napplication or computer (machine.config) must have the\r\njitDebugging value set in the system.windows.forms section.\r\nThe application must also be compiled with debugging\r\nenabled.\r\n\r\nFor example:\r\n\r\n\r\n \r\n\r\n\r\nWhen JIT debugging is enabled, any unhandled exception\r\nwill be sent to the JIT debugger registered on the computer\r\nrather than be handled by this dialog box.\r\n\r\n\r\n") returned 4363
[0319.382] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0xd, wParam=0x110c, lParam=0x1202960) returned 0x110b
[0319.383] CoTaskMemFree (pv=0x1202960)
[0319.383] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x2, wParam=0x0, lParam=0x0) returned 0x1
[0319.383] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3002ce, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.384] CallWindowProcW (lpPrevWndFunc=0x6f59abc0, hWnd=0x3a02da, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.385] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3c02d8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.386] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3402c8, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.387] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x3d00ea, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.389] CallWindowProcW (lpPrevWndFunc=0x6f57d460, hWnd=0x2f02d0, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.390] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x3a02de, Msg=0x82, wParam=0x0, lParam=0x0) returned 0x0
[0319.392] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.392] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.392] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.392] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.392] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.392] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.392] IsWindowUnicode (hWnd=0x7005c) returned 1
[0319.392] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.392] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.393] SetCursor (hCursor=0x10003) returned 0x10003
[0319.393] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.393] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.393] _TrackMouseEvent (in: lpEventTrack=0x2c2f380 | out: lpEventTrack=0x2c2f380) returned 1
[0319.393] SendMessageW (hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0319.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0319.393] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e024f) returned 0x0
[0319.393] GetKeyState (nVirtKey=1) returned 1
[0319.393] GetKeyState (nVirtKey=2) returned 0
[0319.393] GetKeyState (nVirtKey=4) returned 0
[0319.393] GetKeyState (nVirtKey=5) returned 0
[0319.393] GetKeyState (nVirtKey=6) returned 0
[0319.393] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.394] IsWindowUnicode (hWnd=0x7005c) returned 1
[0319.394] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.394] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.394] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.394] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.394] IsWindowUnicode (hWnd=0x7005c) returned 1
[0319.394] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.394] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x84, wParam=0x0, lParam=0x1e3030d) returned 0x1
[0319.395] SetCursor (hCursor=0x10003) returned 0x10003
[0319.395] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.395] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.395] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x200, wParam=0x0, lParam=0x10e024f) returned 0x0
[0319.395] GetKeyState (nVirtKey=1) returned 1
[0319.395] GetKeyState (nVirtKey=2) returned 0
[0319.395] GetKeyState (nVirtKey=4) returned 0
[0319.395] GetKeyState (nVirtKey=5) returned 0
[0319.395] GetKeyState (nVirtKey=6) returned 0
[0319.395] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.395] IsWindowUnicode (hWnd=0x602c4) returned 1
[0319.395] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.396] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.396] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.396] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.397] IsWindowUnicode (hWnd=0x602c4) returned 1
[0319.397] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.397] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.397] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.397] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0319.397] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.397] CreateCompatibleDC (hdc=0x107b9) returned 0xd50107ef
[0319.397] SelectObject (hdc=0xd50107ef, h=0x4a0507fe) returned 0x85000f
[0319.397] GdipCreateFromHDC (hdc=0xd50107ef, graphics=0xd7e798) returned 0x0
[0319.397] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0319.397] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0319.397] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0319.397] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638cf8) returned 0x0
[0319.397] GdipIsMatrixIdentity (matrix=0x6638cf8, result=0xd7e7f8) returned 0x0
[0319.397] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.397] GdipGetMatrixElements (matrix=0x6638cf8, matrixOut=0x11ee868) returned 0x0
[0319.398] LocalFree (hMem=0x11ee868) returned 0x0
[0319.398] GdipDeleteMatrix (matrix=0x6638cf8) returned 0x0
[0319.398] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0319.398] GdipGetClip (graphics=0x6600030, region=0x6645fc8) returned 0x0
[0319.398] GdipIsInfiniteRegion (region=0x6645fc8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0319.398] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0319.398] GdipRestoreGraphics (graphics=0x6600030, state=0xf4b00dbd) returned 0x0
[0319.398] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0319.398] GdipGetDC (graphics=0x6600030, hdc=0xd7e604) returned 0x0
[0319.398] GetCurrentObject (hdc=0xd50107ef, type=0x1) returned 0xb00017
[0319.398] GetCurrentObject (hdc=0xd50107ef, type=0x2) returned 0x900010
[0319.398] GetCurrentObject (hdc=0xd50107ef, type=0x7) returned 0x4a0507fe
[0319.398] GetCurrentObject (hdc=0xd50107ef, type=0x6) returned 0x8a01c2
[0319.398] SaveDC (hdc=0xd50107ef) returned 1
[0319.398] GetNearestColor (hdc=0xd50107ef, color=0xff) returned 0xff
[0319.398] GetNearestColor (hdc=0xd50107ef, color=0x55) returned 0x55
[0319.398] GetNearestColor (hdc=0xd50107ef, color=0x0) returned 0x0
[0319.398] GetNearestColor (hdc=0xd50107ef, color=0x55) returned 0x55
[0319.399] GetNearestColor (hdc=0xd50107ef, color=0x0) returned 0x0
[0319.399] GetNearestColor (hdc=0xd50107ef, color=0x8080ff) returned 0x8080ff
[0319.399] GetNearestColor (hdc=0xd50107ef, color=0x7373e5) returned 0x7373e5
[0319.399] GetNearestColor (hdc=0xd50107ef, color=0xe5) returned 0xe5
[0319.399] GetNearestColor (hdc=0xd50107ef, color=0x0) returned 0x0
[0319.399] RestoreDC (hdc=0xd50107ef, nSavedDC=-1) returned 1
[0319.399] GdipReleaseDC (graphics=0x6600030, hdc=0xd50107ef) returned 0x0
[0319.399] IsAppThemed () returned 0x1
[0319.399] GetThemeAppProperties () returned 0x3
[0319.399] GetThemeAppProperties () returned 0x3
[0319.399] IsAppThemed () returned 0x1
[0319.399] GetThemeAppProperties () returned 0x3
[0319.399] GetThemeAppProperties () returned 0x3
[0319.399] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4c0, format=0x102415, lpdtp=0x2e78484 | out: lpchText="Decrypt file", lprc=0xd7e4c0) returned 13
[0319.399] IsAppThemed () returned 0x1
[0319.399] GetThemeAppProperties () returned 0x3
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] IsAppThemed () returned 0x1
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] GetFocus () returned 0x602c4
[0319.400] IsAppThemed () returned 0x1
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] IsAppThemed () returned 0x1
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] IsThemePartDefined () returned 0x1
[0319.400] IsAppThemed () returned 0x1
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0319.400] IsAppThemed () returned 0x1
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] IsAppThemed () returned 0x1
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] GetThemeAppProperties () returned 0x3
[0319.400] IsThemePartDefined () returned 0x1
[0319.400] GdipCreateRegion (region=0xd7e508) returned 0x0
[0319.400] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0319.400] GdipCreateMatrix (matrix=0xd7e508) returned 0x0
[0319.400] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0319.401] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e520) returned 0x0
[0319.401] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eed00
[0319.401] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eed00) returned 0x0
[0319.401] LocalFree (hMem=0x11eed00) returned 0x0
[0319.401] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eead0
[0319.401] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11eead0) returned 0x0
[0319.401] LocalFree (hMem=0x11eead0) returned 0x0
[0319.401] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0319.401] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e548) returned 0x0
[0319.401] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e538) returned 0x0
[0319.401] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e538) returned 0x0
[0319.401] GdipDeleteRegion (region=0x6645998) returned 0x0
[0319.401] GdipGetDC (graphics=0x6600030, hdc=0xd7e550) returned 0x0
[0319.401] GetCurrentObject (hdc=0xd50107ef, type=0x1) returned 0xb00017
[0319.401] GetCurrentObject (hdc=0xd50107ef, type=0x2) returned 0x900010
[0319.401] GetCurrentObject (hdc=0xd50107ef, type=0x7) returned 0x4a0507fe
[0319.401] GetCurrentObject (hdc=0xd50107ef, type=0x6) returned 0x8a01c2
[0319.401] SaveDC (hdc=0xd50107ef) returned 1
[0319.401] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x340407de
[0319.401] GetClipRgn (hdc=0xd50107ef, hrgn=0x340407de) returned 0
[0319.402] SelectClipRgn (hdc=0xd50107ef, hrgn=0xba040807) returned 2
[0319.402] DeleteObject (ho=0x340407de) returned 1
[0319.402] DeleteObject (ho=0xba040807) returned 1
[0319.402] OffsetViewportOrgEx (in: hdc=0xd50107ef, x=0, y=0, lppt=0x2e78b34 | out: lppt=0x2e78b34) returned 1
[0319.402] DrawThemeParentBackground () returned 0x0
[0319.402] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e214 | out: lpwndpl=0xd7e214) returned 1
[0319.402] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1c0 | out: lpRect=0xd7e1c0) returned 1
[0319.402] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0319.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.402] GetSystemMetrics (nIndex=42) returned 0
[0319.402] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e07c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.402] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e07c) returned 0xd
[0319.402] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c8 | out: lpRect=0xd7e0c8) returned 1
[0319.402] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0319.402] GdipGetImageFlags (image=0x65ff260, flags=0xd7e000) returned 0x0
[0319.402] SelectPalette (hdc=0xd50107ef, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.402] GdipCreateFromHDC (hdc=0xd50107ef, graphics=0xd7dff8) returned 0x0
[0319.403] GdipSetPageUnit (graphics=0x6639a18, unit=0x2) returned 0x0
[0319.403] GdipCreateMatrix (matrix=0xd7dfb8) returned 0x0
[0319.403] GdipGetWorldTransform (graphics=0x6639a18, matrix=0x6638b48) returned 0x0
[0319.403] GdipIsMatrixIdentity (matrix=0x6638b48, result=0xd7dfd0) returned 0x0
[0319.403] GdipDeleteMatrix (matrix=0x6638b48) returned 0x0
[0319.403] GdipCreateRegion (region=0xd7dfb8) returned 0x0
[0319.403] GdipGetClip (graphics=0x6639a18, region=0x6645908) returned 0x0
[0319.403] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6639a18, result=0xd7dfc4) returned 0x0
[0319.403] GdipDeleteRegion (region=0x6645908) returned 0x0
[0319.403] GdipSaveGraphics (graphics=0x6639a18, state=0xd7dff0) returned 0x0
[0319.403] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de8c) returned 0x0
[0319.421] GdipFillRectangleI (graphics=0x6639a18, brush=0x664da18, x=0, y=0, width=801, height=453) returned 0x0
[0319.421] GdipDeleteBrush (brush=0x664da18) returned 0x0
[0319.422] GdipDeleteGraphics (graphics=0x6639a18) returned 0x0
[0319.422] SelectPalette (hdc=0xd50107ef, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.422] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0319.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.422] GetSystemMetrics (nIndex=42) returned 0
[0319.422] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.422] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0319.422] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e068 | out: lpRect=0xd7e068) returned 1
[0319.422] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0319.422] GdipGetImageFlags (image=0x65ff260, flags=0xd7dfa0) returned 0x0
[0319.422] SelectPalette (hdc=0xd50107ef, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0319.422] GdipCreateFromHDC (hdc=0xd50107ef, graphics=0xd7df98) returned 0x0
[0319.423] GdipSetPageUnit (graphics=0x6639a18, unit=0x2) returned 0x0
[0319.423] GdipCreateMatrix (matrix=0xd7df58) returned 0x0
[0319.423] GdipGetWorldTransform (graphics=0x6639a18, matrix=0x6638bd8) returned 0x0
[0319.423] GdipIsMatrixIdentity (matrix=0x6638bd8, result=0xd7df70) returned 0x0
[0319.423] GdipDeleteMatrix (matrix=0x6638bd8) returned 0x0
[0319.423] GdipCreateRegion (region=0xd7df58) returned 0x0
[0319.423] GdipGetClip (graphics=0x6639a18, region=0x6646178) returned 0x0
[0319.423] GdipIsInfiniteRegion (region=0x6646178, graphics=0x6639a18, result=0xd7df64) returned 0x0
[0319.423] GdipDeleteRegion (region=0x6646178) returned 0x0
[0319.423] GdipSaveGraphics (graphics=0x6639a18, state=0xd7df90) returned 0x0
[0319.423] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de2c) returned 0x0
[0319.430] GdipFillRectangleI (graphics=0x6639a18, brush=0x664e030, x=0, y=0, width=801, height=453) returned 0x0
[0319.431] GdipDeleteBrush (brush=0x664e030) returned 0x0
[0319.432] GdipRestoreGraphics (graphics=0x6639a18, state=0xf4ac0dbd) returned 0x0
[0319.432] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0319.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0319.432] GetSystemMetrics (nIndex=42) returned 0
[0319.432] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e01c, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0319.432] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e01c) returned 0xd
[0319.432] GdipDeleteGraphics (graphics=0x6639a18) returned 0x0
[0319.432] SelectPalette (hdc=0xd50107ef, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.432] RestoreDC (hdc=0xd50107ef, nSavedDC=-1) returned 1
[0319.432] GdipReleaseDC (graphics=0x6600030, hdc=0xd50107ef) returned 0x0
[0319.432] IsAppThemed () returned 0x1
[0319.432] GetThemeAppProperties () returned 0x3
[0319.432] GetThemeAppProperties () returned 0x3
[0319.432] IsAppThemed () returned 0x1
[0319.433] GetThemeAppProperties () returned 0x3
[0319.433] GetThemeAppProperties () returned 0x3
[0319.433] IsThemePartDefined () returned 0x1
[0319.433] GdipCreateRegion (region=0xd7e48c) returned 0x0
[0319.433] GdipGetClip (graphics=0x6600030, region=0x6645998) returned 0x0
[0319.433] GdipCreateMatrix (matrix=0xd7e48c) returned 0x0
[0319.433] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638b78) returned 0x0
[0319.433] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7e4a4) returned 0x0
[0319.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.433] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0319.433] LocalFree (hMem=0x11ee868) returned 0x0
[0319.433] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.433] GdipGetMatrixElements (matrix=0x6638b78, matrixOut=0x11ee868) returned 0x0
[0319.433] LocalFree (hMem=0x11ee868) returned 0x0
[0319.433] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0319.433] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e4cc) returned 0x0
[0319.433] GdipIsInfiniteRegion (region=0x6645998, graphics=0x6600030, result=0xd7e4bc) returned 0x0
[0319.433] GdipGetRegionHRgn (region=0x6645998, graphics=0x6600030, hRgn=0xd7e4bc) returned 0x0
[0319.433] GdipDeleteRegion (region=0x6645998) returned 0x0
[0319.433] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d4) returned 0x0
[0319.433] GetCurrentObject (hdc=0xd50107ef, type=0x1) returned 0xb00017
[0319.433] GetCurrentObject (hdc=0xd50107ef, type=0x2) returned 0x900010
[0319.433] GetCurrentObject (hdc=0xd50107ef, type=0x7) returned 0x4a0507fe
[0319.434] GetCurrentObject (hdc=0xd50107ef, type=0x6) returned 0x8a01c2
[0319.434] SaveDC (hdc=0xd50107ef) returned 1
[0319.434] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbb040807
[0319.434] GetClipRgn (hdc=0xd50107ef, hrgn=0xbb040807) returned 0
[0319.434] SelectClipRgn (hdc=0xd50107ef, hrgn=0x360407de) returned 2
[0319.434] DeleteObject (ho=0xbb040807) returned 1
[0319.434] DeleteObject (ho=0x360407de) returned 1
[0319.434] OffsetViewportOrgEx (in: hdc=0xd50107ef, x=0, y=0, lppt=0x2e7f384 | out: lppt=0x2e7f384) returned 1
[0319.434] IsAppThemed () returned 0x1
[0319.434] GetThemeAppProperties () returned 0x3
[0319.434] GetThemeAppProperties () returned 0x3
[0319.434] DrawThemeBackground () returned 0x0
[0319.434] RestoreDC (hdc=0xd50107ef, nSavedDC=-1) returned 1
[0319.434] GdipReleaseDC (graphics=0x6600030, hdc=0xd50107ef) returned 0x0
[0319.434] GdipCreateRegion (region=0xd7e490) returned 0x0
[0319.439] GdipGetClip (graphics=0x6600030, region=0x6645e18) returned 0x0
[0319.439] GdipCreateMatrix (matrix=0xd7e490) returned 0x0
[0319.439] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c98) returned 0x0
[0319.439] GdipIsMatrixIdentity (matrix=0x6638c98, result=0xd7e4a8) returned 0x0
[0319.439] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eea28
[0319.439] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11eea28) returned 0x0
[0319.439] LocalFree (hMem=0x11eea28) returned 0x0
[0319.439] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0319.439] GdipGetMatrixElements (matrix=0x6638c98, matrixOut=0x11ee868) returned 0x0
[0319.439] LocalFree (hMem=0x11ee868) returned 0x0
[0319.439] GdipDeleteMatrix (matrix=0x6638c98) returned 0x0
[0319.439] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4d0) returned 0x0
[0319.439] GdipIsInfiniteRegion (region=0x6645e18, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0319.439] GdipGetRegionHRgn (region=0x6645e18, graphics=0x6600030, hRgn=0xd7e4c0) returned 0x0
[0319.439] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0319.439] GdipGetDC (graphics=0x6600030, hdc=0xd7e4d8) returned 0x0
[0319.439] GetCurrentObject (hdc=0xd50107ef, type=0x1) returned 0xb00017
[0319.439] GetCurrentObject (hdc=0xd50107ef, type=0x2) returned 0x900010
[0319.439] GetCurrentObject (hdc=0xd50107ef, type=0x7) returned 0x4a0507fe
[0319.440] GetCurrentObject (hdc=0xd50107ef, type=0x6) returned 0x8a01c2
[0319.440] SaveDC (hdc=0xd50107ef) returned 1
[0319.440] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x370407de
[0319.440] GetClipRgn (hdc=0xd50107ef, hrgn=0x370407de) returned 0
[0319.440] SelectClipRgn (hdc=0xd50107ef, hrgn=0xbc040807) returned 2
[0319.440] DeleteObject (ho=0x370407de) returned 1
[0319.440] DeleteObject (ho=0xbc040807) returned 1
[0319.440] OffsetViewportOrgEx (in: hdc=0xd50107ef, x=0, y=0, lppt=0x2e7f658 | out: lppt=0x2e7f658) returned 1
[0319.440] IsAppThemed () returned 0x1
[0319.440] GetThemeAppProperties () returned 0x3
[0319.440] GetThemeAppProperties () returned 0x3
[0319.440] GetThemeBackgroundContentRect () returned 0x0
[0319.440] RestoreDC (hdc=0xd50107ef, nSavedDC=-1) returned 1
[0319.440] GdipReleaseDC (graphics=0x6600030, hdc=0xd50107ef) returned 0x0
[0319.440] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5e4) returned 0x0
[0319.440] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5e0) returned 0x0
[0319.440] GdipFillRectangleI (graphics=0x6600030, brush=0x6637828, x=4, y=4, width=67, height=15) returned 0x0
[0319.440] GdipDeleteBrush (brush=0x6637828) returned 0x0
[0319.440] IsAppThemed () returned 0x1
[0319.440] GetThemeAppProperties () returned 0x3
[0319.440] GetThemeAppProperties () returned 0x3
[0319.441] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e60c) returned 0x0
[0319.441] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0319.441] GetCurrentObject (hdc=0xd50107ef, type=0x1) returned 0xb00017
[0319.441] GetCurrentObject (hdc=0xd50107ef, type=0x2) returned 0x900010
[0319.441] GetCurrentObject (hdc=0xd50107ef, type=0x7) returned 0x4a0507fe
[0319.441] GetCurrentObject (hdc=0xd50107ef, type=0x6) returned 0x8a01c2
[0319.441] SaveDC (hdc=0xd50107ef) returned 1
[0319.441] GetTextAlign (hdc=0xd50107ef) returned 0x0
[0319.441] GetTextColor (hdc=0xd50107ef) returned 0x0
[0319.441] GetCurrentObject (hdc=0xd50107ef, type=0x6) returned 0x8a01c2
[0319.441] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e340 | out: pv=0xd7e340) returned 92
[0319.441] SelectObject (hdc=0xd50107ef, h=0x6d0a0520) returned 0x8a01c2
[0319.441] GetBkMode (hdc=0xd50107ef) returned 2
[0319.441] SetBkMode (hdc=0xd50107ef, mode=1) returned 2
[0319.441] DrawTextExW (in: hdc=0xd50107ef, lpchText="Decrypt file", cchText=12, lprc=0xd7e428, format=0x102415, lpdtp=0x2e7fa1c | out: lpchText="Decrypt file", lprc=0xd7e428) returned 13
[0319.442] DrawTextExW (in: hdc=0xd50107ef, lpchText="Decrypt file", cchText=12, lprc=0xd7e58c, format=0x102015, lpdtp=0x2e7fa1c | out: lpchText="Decrypt file", lprc=0xd7e58c) returned 13
[0319.442] RestoreDC (hdc=0xd50107ef, nSavedDC=-1) returned 1
[0319.442] GdipReleaseDC (graphics=0x6600030, hdc=0xd50107ef) returned 0x0
[0319.442] GetFocus () returned 0x602c4
[0319.442] IsAppThemed () returned 0x1
[0319.442] GetThemeAppProperties () returned 0x3
[0319.442] GetThemeAppProperties () returned 0x3
[0319.442] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0319.442] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0xd50107ef, x1=0, y1=0, rop=0xcc0020) returned 1
[0319.442] GdipReleaseDC (graphics=0x6600030, hdc=0xd50107ef) returned 0x0
[0319.442] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0319.442] SelectObject (hdc=0xd50107ef, h=0x85000f) returned 0x4a0507fe
[0319.442] DeleteDC (hdc=0xd50107ef) returned 1
[0319.442] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0319.443] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0319.443] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.443] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.443] WaitMessage () returned 1
[0319.467] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.467] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.467] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.467] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.467] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.468] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.468] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.468] WaitMessage () returned 1
[0319.469] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.469] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.469] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.469] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.469] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.470] WaitMessage () returned 1
[0319.470] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.470] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.470] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.471] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.471] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.472] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.472] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.472] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.472] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.472] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.472] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.472] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.472] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.472] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.472] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.472] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.473] WaitMessage () returned 1
[0319.473] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.473] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.473] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.473] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.473] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.474] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.474] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.474] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.475] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.475] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.475] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.475] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.475] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.475] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.475] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.475] WaitMessage () returned 1
[0319.476] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.476] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.476] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.476] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.476] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.477] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.477] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.477] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.477] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.477] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.477] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.477] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.477] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.478] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.478] WaitMessage () returned 1
[0319.478] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.478] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.478] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.478] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.478] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.480] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.480] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.480] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.480] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.480] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.480] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.480] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.480] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.481] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.481] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.481] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.481] WaitMessage () returned 1
[0319.487] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.487] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.487] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.487] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.487] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.488] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.488] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.488] WaitMessage () returned 1
[0319.489] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.489] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.489] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.489] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.489] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.490] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.490] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.490] WaitMessage () returned 1
[0319.490] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.491] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.491] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.491] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.491] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.491] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.491] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.491] WaitMessage () returned 1
[0319.492] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.492] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.492] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.492] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.492] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.493] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.493] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.493] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.493] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.493] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.494] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.494] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.494] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.494] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.494] WaitMessage () returned 1
[0319.494] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.494] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.494] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.495] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.495] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.496] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.496] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.496] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.496] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.496] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.497] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.497] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.497] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.497] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.497] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.500] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.501] IsWindowUnicode (hWnd=0x7005c) returned 1
[0319.501] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.501] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.501] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.501] IsWindowUnicode (hWnd=0x7005c) returned 1
[0319.501] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.501] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.501] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.501] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a1, wParam=0x0, lParam=0x10e024f) returned 0x0
[0319.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.501] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.501] WaitMessage () returned 1
[0319.503] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.503] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.503] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.503] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.503] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.504] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.504] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.504] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.504] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.504] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.504] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.504] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.504] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.504] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.505] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.505] WaitMessage () returned 1
[0319.505] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.505] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.505] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.505] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.505] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.507] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.507] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.507] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.507] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.507] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.507] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.507] IsWindowUnicode (hWnd=0x30122) returned 1
[0319.507] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.507] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.507] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.507] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.508] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.508] WaitMessage () returned 1
[0319.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.658] IsWindowUnicode (hWnd=0x502c6) returned 1
[0319.658] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0319.658] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0319.658] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0319.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.658] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0319.658] WaitMessage () returned 1
[0321.577] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.578] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0321.578] IsWindowUnicode (hWnd=0x602c4) returned 1
[0321.578] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.579] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0321.579] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0321.579] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0x2a3, wParam=0x0, lParam=0x0) returned 0x0
[0321.579] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0321.579] IsWindowUnicode (hWnd=0x602c4) returned 1
[0321.579] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x84, wParam=0x0, lParam=0x27000fc) returned 0x1
[0321.579] SetCursor (hCursor=0x10003) returned 0x10003
[0321.579] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0321.579] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0321.579] _TrackMouseEvent (in: lpEventTrack=0x2c2b560 | out: lpEventTrack=0x2c2b560) returned 1
[0321.579] SendMessageW (hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0321.579] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0xc19e, wParam=0x0, lParam=0x0) returned 0x0
[0321.579] InvalidateRect (hWnd=0x602c4, lpRect=0x0, bErase=0) returned 1
[0321.580] GetKeyState (nVirtKey=1) returned 1
[0321.580] GetKeyState (nVirtKey=2) returned 0
[0321.580] GetKeyState (nVirtKey=4) returned 0
[0321.580] GetKeyState (nVirtKey=5) returned 0
[0321.580] GetKeyState (nVirtKey=6) returned 0
[0321.580] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.580] IsWindowUnicode (hWnd=0x602c4) returned 1
[0321.580] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.580] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0321.580] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0321.580] BeginPaint (in: hWnd=0x602c4, lpPaint=0xd7e780 | out: lpPaint=0xd7e780) returned 0x107b9
[0321.580] SelectPalette (hdc=0x107b9, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0321.580] CreateCompatibleDC (hdc=0x107b9) returned 0x640107ae
[0321.580] SelectObject (hdc=0x640107ae, h=0x4a0507fe) returned 0x85000f
[0321.580] GdipCreateFromHDC (hdc=0x640107ae, graphics=0xd7e798) returned 0x0
[0321.581] GdipTranslateWorldTransform (graphics=0x6600030, dx=0x0, dy=0x0, order=0x0) returned 0x0
[0321.581] GdipSetClipRectI (graphics=0x6600030, x=0, y=0, width=75, height=23, combineMode=0x0) returned 0x0
[0321.581] GdipCreateMatrix (matrix=0xd7e7e0) returned 0x0
[0321.581] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0321.581] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e7f8) returned 0x0
[0321.581] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0321.581] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0321.581] LocalFree (hMem=0x11eec58) returned 0x0
[0321.581] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0321.581] GdipCreateRegion (region=0xd7e7e0) returned 0x0
[0321.581] GdipGetClip (graphics=0x6600030, region=0x66460e8) returned 0x0
[0321.581] GdipIsInfiniteRegion (region=0x66460e8, graphics=0x6600030, result=0xd7e7ec) returned 0x0
[0321.581] GdipSaveGraphics (graphics=0x6600030, state=0xd7e818) returned 0x0
[0321.581] GdipRestoreGraphics (graphics=0x6600030, state=0xf4aa0dbd) returned 0x0
[0321.581] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0321.582] GdipGetDC (graphics=0x6600030, hdc=0xd7e5f8) returned 0x0
[0321.582] GetCurrentObject (hdc=0x640107ae, type=0x1) returned 0xb00017
[0321.582] GetCurrentObject (hdc=0x640107ae, type=0x2) returned 0x900010
[0321.582] GetCurrentObject (hdc=0x640107ae, type=0x7) returned 0x4a0507fe
[0321.582] GetCurrentObject (hdc=0x640107ae, type=0x6) returned 0x8a01c2
[0321.582] SaveDC (hdc=0x640107ae) returned 1
[0321.582] GetNearestColor (hdc=0x640107ae, color=0xff) returned 0xff
[0321.582] GetNearestColor (hdc=0x640107ae, color=0x55) returned 0x55
[0321.582] GetNearestColor (hdc=0x640107ae, color=0x0) returned 0x0
[0321.582] GetNearestColor (hdc=0x640107ae, color=0x55) returned 0x55
[0321.582] GetNearestColor (hdc=0x640107ae, color=0x0) returned 0x0
[0321.582] GetNearestColor (hdc=0x640107ae, color=0x8080ff) returned 0x8080ff
[0321.582] GetNearestColor (hdc=0x640107ae, color=0x7373e5) returned 0x7373e5
[0321.582] GetNearestColor (hdc=0x640107ae, color=0xe5) returned 0xe5
[0321.582] GetNearestColor (hdc=0x640107ae, color=0x0) returned 0x0
[0321.582] RestoreDC (hdc=0x640107ae, nSavedDC=-1) returned 1
[0321.582] GdipReleaseDC (graphics=0x6600030, hdc=0x640107ae) returned 0x0
[0321.583] IsAppThemed () returned 0x1
[0321.583] GetThemeAppProperties () returned 0x3
[0321.583] GetThemeAppProperties () returned 0x3
[0321.583] IsAppThemed () returned 0x1
[0321.583] GetThemeAppProperties () returned 0x3
[0321.583] GetThemeAppProperties () returned 0x3
[0321.583] DrawTextExW (in: hdc=0x65010512, lpchText="Decrypt file", cchText=12, lprc=0xd7e4b4, format=0x102415, lpdtp=0x2e80440 | out: lpchText="Decrypt file", lprc=0xd7e4b4) returned 13
[0321.583] IsAppThemed () returned 0x1
[0321.583] GetThemeAppProperties () returned 0x3
[0321.583] GetThemeAppProperties () returned 0x3
[0321.583] IsAppThemed () returned 0x1
[0321.583] GetThemeAppProperties () returned 0x3
[0321.583] GetThemeAppProperties () returned 0x3
[0321.584] IsAppThemed () returned 0x1
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] IsAppThemed () returned 0x1
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] IsThemePartDefined () returned 0x1
[0321.584] IsAppThemed () returned 0x1
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] IsThemeBackgroundPartiallyTransparent () returned 0x1
[0321.584] IsAppThemed () returned 0x1
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] IsAppThemed () returned 0x1
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] GetThemeAppProperties () returned 0x3
[0321.584] IsThemePartDefined () returned 0x1
[0321.584] GdipCreateRegion (region=0xd7e4fc) returned 0x0
[0321.584] GdipGetClip (graphics=0x6600030, region=0x6645908) returned 0x0
[0321.584] GdipCreateMatrix (matrix=0xd7e4fc) returned 0x0
[0321.584] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638c68) returned 0x0
[0321.584] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7e514) returned 0x0
[0321.584] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0321.584] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0321.584] LocalFree (hMem=0x11ee9f0) returned 0x0
[0321.585] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0321.585] GdipGetMatrixElements (matrix=0x6638c68, matrixOut=0x11ee9f0) returned 0x0
[0321.585] LocalFree (hMem=0x11ee9f0) returned 0x0
[0321.585] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0321.585] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e53c) returned 0x0
[0321.585] GdipIsInfiniteRegion (region=0x6645908, graphics=0x6600030, result=0xd7e52c) returned 0x0
[0321.585] GdipGetRegionHRgn (region=0x6645908, graphics=0x6600030, hRgn=0xd7e52c) returned 0x0
[0321.585] GdipDeleteRegion (region=0x6645908) returned 0x0
[0321.585] GdipGetDC (graphics=0x6600030, hdc=0xd7e544) returned 0x0
[0321.585] GetCurrentObject (hdc=0x640107ae, type=0x1) returned 0xb00017
[0321.585] GetCurrentObject (hdc=0x640107ae, type=0x2) returned 0x900010
[0321.585] GetCurrentObject (hdc=0x640107ae, type=0x7) returned 0x4a0507fe
[0321.585] GetCurrentObject (hdc=0x640107ae, type=0x6) returned 0x8a01c2
[0321.585] SaveDC (hdc=0x640107ae) returned 1
[0321.585] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xbd040807
[0321.585] GetClipRgn (hdc=0x640107ae, hrgn=0xbd040807) returned 0
[0321.585] SelectClipRgn (hdc=0x640107ae, hrgn=0x3b0407de) returned 2
[0321.585] DeleteObject (ho=0xbd040807) returned 1
[0321.585] DeleteObject (ho=0x3b0407de) returned 1
[0321.585] OffsetViewportOrgEx (in: hdc=0x640107ae, x=0, y=0, lppt=0x2e80af0 | out: lppt=0x2e80af0) returned 1
[0321.585] DrawThemeParentBackground () returned 0x0
[0321.586] GetWindowPlacement (in: hWnd=0x7005c, lpwndpl=0xd7e20c | out: lpwndpl=0xd7e20c) returned 1
[0321.586] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e1b8 | out: lpRect=0xd7e1b8) returned 1
[0321.586] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0321.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0321.586] GetSystemMetrics (nIndex=42) returned 0
[0321.586] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e074, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0321.586] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e074) returned 0xd
[0321.586] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e0c0 | out: lpRect=0xd7e0c0) returned 1
[0321.586] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0321.586] GdipGetImageFlags (image=0x65ff260, flags=0xd7dff8) returned 0x0
[0321.586] SelectPalette (hdc=0x640107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0321.586] GdipCreateFromHDC (hdc=0x640107ae, graphics=0xd7dff0) returned 0x0
[0321.586] GdipSetPageUnit (graphics=0x6639a18, unit=0x2) returned 0x0
[0321.586] GdipCreateMatrix (matrix=0xd7dfb0) returned 0x0
[0321.586] GdipGetWorldTransform (graphics=0x6639a18, matrix=0x6638b78) returned 0x0
[0321.587] GdipIsMatrixIdentity (matrix=0x6638b78, result=0xd7dfc8) returned 0x0
[0321.587] GdipDeleteMatrix (matrix=0x6638b78) returned 0x0
[0321.587] GdipCreateRegion (region=0xd7dfb0) returned 0x0
[0321.587] GdipGetClip (graphics=0x6639a18, region=0x6645518) returned 0x0
[0321.587] GdipIsInfiniteRegion (region=0x6645518, graphics=0x6639a18, result=0xd7dfbc) returned 0x0
[0321.587] GdipDeleteRegion (region=0x6645518) returned 0x0
[0321.587] GdipSaveGraphics (graphics=0x6639a18, state=0xd7dfe8) returned 0x0
[0321.587] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de84) returned 0x0
[0321.595] GdipFillRectangleI (graphics=0x6639a18, brush=0x664e030, x=0, y=0, width=801, height=453) returned 0x0
[0321.595] GdipDeleteBrush (brush=0x664e030) returned 0x0
[0321.596] GdipDeleteGraphics (graphics=0x6639a18) returned 0x0
[0321.596] SelectPalette (hdc=0x640107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0321.596] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0321.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0321.596] GetSystemMetrics (nIndex=42) returned 0
[0321.596] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0321.596] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0321.596] GetClientRect (in: hWnd=0x7005c, lpRect=0xd7e060 | out: lpRect=0xd7e060) returned 1
[0321.596] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0321.596] GdipGetImageFlags (image=0x65ff260, flags=0xd7df98) returned 0x0
[0321.596] SelectPalette (hdc=0x640107ae, hPal=0x2e0801a9, bForceBkgd=1) returned 0x88000b
[0321.597] GdipCreateFromHDC (hdc=0x640107ae, graphics=0xd7df90) returned 0x0
[0321.597] GdipSetPageUnit (graphics=0x6639a18, unit=0x2) returned 0x0
[0321.597] GdipCreateMatrix (matrix=0xd7df50) returned 0x0
[0321.597] GdipGetWorldTransform (graphics=0x6639a18, matrix=0x6638c68) returned 0x0
[0321.597] GdipIsMatrixIdentity (matrix=0x6638c68, result=0xd7df68) returned 0x0
[0321.597] GdipDeleteMatrix (matrix=0x6638c68) returned 0x0
[0321.597] GdipCreateRegion (region=0xd7df50) returned 0x0
[0321.597] GdipGetClip (graphics=0x6639a18, region=0x6645638) returned 0x0
[0321.597] GdipIsInfiniteRegion (region=0x6645638, graphics=0x6639a18, result=0xd7df5c) returned 0x0
[0321.597] GdipDeleteRegion (region=0x6645638) returned 0x0
[0321.597] GdipSaveGraphics (graphics=0x6639a18, state=0xd7df88) returned 0x0
[0321.597] GdipCreateTexture (image=0x65ff260, wrapmode=0x0, texture=0xd7de24) returned 0x0
[0321.604] GdipFillRectangleI (graphics=0x6639a18, brush=0x664da18, x=0, y=0, width=801, height=453) returned 0x0
[0321.605] GdipDeleteBrush (brush=0x664da18) returned 0x0
[0321.606] GdipRestoreGraphics (graphics=0x6639a18, state=0xf4a60dbd) returned 0x0
[0321.606] GetWindowTextLengthW (hWnd=0x7005c) returned 13
[0321.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xe, wParam=0x0, lParam=0x0) returned 0xd
[0321.606] GetSystemMetrics (nIndex=42) returned 0
[0321.606] GetWindowTextW (in: hWnd=0x7005c, lpString=0xd7e014, nMaxCount=14 | out: lpString="BB ransomware") returned 13
[0321.606] CallWindowProcW (lpPrevWndFunc=0x743c0140, hWnd=0x7005c, Msg=0xd, wParam=0xe, lParam=0xd7e014) returned 0xd
[0321.606] GdipDeleteGraphics (graphics=0x6639a18) returned 0x0
[0321.606] SelectPalette (hdc=0x640107ae, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0321.606] RestoreDC (hdc=0x640107ae, nSavedDC=-1) returned 1
[0321.606] GdipReleaseDC (graphics=0x6600030, hdc=0x640107ae) returned 0x0
[0321.606] IsAppThemed () returned 0x1
[0321.606] GetThemeAppProperties () returned 0x3
[0321.607] GetThemeAppProperties () returned 0x3
[0321.607] IsAppThemed () returned 0x1
[0321.607] GetThemeAppProperties () returned 0x3
[0321.607] GetThemeAppProperties () returned 0x3
[0321.607] IsThemePartDefined () returned 0x1
[0321.607] GdipCreateRegion (region=0xd7e480) returned 0x0
[0321.607] GdipGetClip (graphics=0x6600030, region=0x6645bd8) returned 0x0
[0321.607] GdipCreateMatrix (matrix=0xd7e480) returned 0x0
[0321.607] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a88) returned 0x0
[0321.607] GdipIsMatrixIdentity (matrix=0x6638a88, result=0xd7e498) returned 0x0
[0321.607] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee8d8
[0321.607] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11ee8d8) returned 0x0
[0321.607] LocalFree (hMem=0x11ee8d8) returned 0x0
[0321.607] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11eec58
[0321.607] GdipGetMatrixElements (matrix=0x6638a88, matrixOut=0x11eec58) returned 0x0
[0321.607] LocalFree (hMem=0x11eec58) returned 0x0
[0321.607] GdipDeleteMatrix (matrix=0x6638a88) returned 0x0
[0321.607] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e4c0) returned 0x0
[0321.607] GdipIsInfiniteRegion (region=0x6645bd8, graphics=0x6600030, result=0xd7e4b0) returned 0x0
[0321.607] GdipGetRegionHRgn (region=0x6645bd8, graphics=0x6600030, hRgn=0xd7e4b0) returned 0x0
[0321.607] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0321.607] GdipGetDC (graphics=0x6600030, hdc=0xd7e4c8) returned 0x0
[0321.607] GetCurrentObject (hdc=0x640107ae, type=0x1) returned 0xb00017
[0321.608] GetCurrentObject (hdc=0x640107ae, type=0x2) returned 0x900010
[0321.608] GetCurrentObject (hdc=0x640107ae, type=0x7) returned 0x4a0507fe
[0321.608] GetCurrentObject (hdc=0x640107ae, type=0x6) returned 0x8a01c2
[0321.608] SaveDC (hdc=0x640107ae) returned 1
[0321.608] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0x3c0407de
[0321.608] GetClipRgn (hdc=0x640107ae, hrgn=0x3c0407de) returned 0
[0321.608] SelectClipRgn (hdc=0x640107ae, hrgn=0xbf040807) returned 2
[0321.608] DeleteObject (ho=0x3c0407de) returned 1
[0321.608] DeleteObject (ho=0xbf040807) returned 1
[0321.608] OffsetViewportOrgEx (in: hdc=0x640107ae, x=0, y=0, lppt=0x2e87340 | out: lppt=0x2e87340) returned 1
[0321.608] IsAppThemed () returned 0x1
[0321.608] GetThemeAppProperties () returned 0x3
[0321.608] GetThemeAppProperties () returned 0x3
[0321.608] DrawThemeBackground () returned 0x0
[0321.608] RestoreDC (hdc=0x640107ae, nSavedDC=-1) returned 1
[0321.608] GdipReleaseDC (graphics=0x6600030, hdc=0x640107ae) returned 0x0
[0321.608] GdipCreateRegion (region=0xd7e484) returned 0x0
[0321.608] GdipGetClip (graphics=0x6600030, region=0x6645cf8) returned 0x0
[0321.608] GdipCreateMatrix (matrix=0xd7e484) returned 0x0
[0321.609] GdipGetWorldTransform (graphics=0x6600030, matrix=0x6638a58) returned 0x0
[0321.609] GdipIsMatrixIdentity (matrix=0x6638a58, result=0xd7e49c) returned 0x0
[0321.609] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee9f0
[0321.609] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee9f0) returned 0x0
[0321.609] LocalFree (hMem=0x11ee9f0) returned 0x0
[0321.609] LocalAlloc (uFlags=0x0, uBytes=0x30) returned 0x11ee868
[0321.609] GdipGetMatrixElements (matrix=0x6638a58, matrixOut=0x11ee868) returned 0x0
[0321.609] LocalFree (hMem=0x11ee868) returned 0x0
[0321.609] GdipDeleteMatrix (matrix=0x6638a58) returned 0x0
[0321.609] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e4c4) returned 0x0
[0321.609] GdipIsInfiniteRegion (region=0x6645cf8, graphics=0x6600030, result=0xd7e4b4) returned 0x0
[0321.609] GdipGetRegionHRgn (region=0x6645cf8, graphics=0x6600030, hRgn=0xd7e4b4) returned 0x0
[0321.609] GdipDeleteRegion (region=0x6645cf8) returned 0x0
[0321.609] GdipGetDC (graphics=0x6600030, hdc=0xd7e4cc) returned 0x0
[0321.609] GetCurrentObject (hdc=0x640107ae, type=0x1) returned 0xb00017
[0321.609] GetCurrentObject (hdc=0x640107ae, type=0x2) returned 0x900010
[0321.609] GetCurrentObject (hdc=0x640107ae, type=0x7) returned 0x4a0507fe
[0321.609] GetCurrentObject (hdc=0x640107ae, type=0x6) returned 0x8a01c2
[0321.609] SaveDC (hdc=0x640107ae) returned 1
[0321.609] CreateRectRgn (x1=0, y1=0, x2=0, y2=0) returned 0xc0040807
[0321.609] GetClipRgn (hdc=0x640107ae, hrgn=0xc0040807) returned 0
[0321.609] SelectClipRgn (hdc=0x640107ae, hrgn=0x3d0407de) returned 2
[0321.610] DeleteObject (ho=0xc0040807) returned 1
[0321.610] DeleteObject (ho=0x3d0407de) returned 1
[0321.610] OffsetViewportOrgEx (in: hdc=0x640107ae, x=0, y=0, lppt=0x2e87614 | out: lppt=0x2e87614) returned 1
[0321.610] IsAppThemed () returned 0x1
[0321.610] GetThemeAppProperties () returned 0x3
[0321.610] GetThemeAppProperties () returned 0x3
[0321.610] GetThemeBackgroundContentRect () returned 0x0
[0321.610] RestoreDC (hdc=0x640107ae, nSavedDC=-1) returned 1
[0321.610] GdipReleaseDC (graphics=0x6600030, hdc=0x640107ae) returned 0x0
[0321.610] GdipGetNearestColor (graphics=0x6600030, argb=0xd7e5d8) returned 0x0
[0321.610] GdipCreateSolidFill (color=0xffff0000, brush=0xd7e5d4) returned 0x0
[0321.610] GdipFillRectangleI (graphics=0x6600030, brush=0x6637828, x=4, y=4, width=67, height=15) returned 0x0
[0321.610] GdipDeleteBrush (brush=0x6637828) returned 0x0
[0321.610] IsAppThemed () returned 0x1
[0321.610] GetThemeAppProperties () returned 0x3
[0321.610] GetThemeAppProperties () returned 0x3
[0321.610] GdipGetTextRenderingHint (graphics=0x6600030, mode=0xd7e600) returned 0x0
[0321.610] GdipGetDC (graphics=0x6600030, hdc=0xd7e5ec) returned 0x0
[0321.610] GetCurrentObject (hdc=0x640107ae, type=0x1) returned 0xb00017
[0321.610] GetCurrentObject (hdc=0x640107ae, type=0x2) returned 0x900010
[0321.610] GetCurrentObject (hdc=0x640107ae, type=0x7) returned 0x4a0507fe
[0321.610] GetCurrentObject (hdc=0x640107ae, type=0x6) returned 0x8a01c2
[0321.611] SaveDC (hdc=0x640107ae) returned 1
[0321.611] GetTextAlign (hdc=0x640107ae) returned 0x0
[0321.611] GetTextColor (hdc=0x640107ae) returned 0x0
[0321.611] GetCurrentObject (hdc=0x640107ae, type=0x6) returned 0x8a01c2
[0321.611] GetObjectW (in: h=0x8a01c2, c=92, pv=0xd7e334 | out: pv=0xd7e334) returned 92
[0321.611] SelectObject (hdc=0x640107ae, h=0x6d0a0520) returned 0x8a01c2
[0321.611] GetBkMode (hdc=0x640107ae) returned 2
[0321.611] SetBkMode (hdc=0x640107ae, mode=1) returned 2
[0321.611] DrawTextExW (in: hdc=0x640107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e41c, format=0x102415, lpdtp=0x2e879d8 | out: lpchText="Decrypt file", lprc=0xd7e41c) returned 13
[0321.611] DrawTextExW (in: hdc=0x640107ae, lpchText="Decrypt file", cchText=12, lprc=0xd7e580, format=0x102015, lpdtp=0x2e879d8 | out: lpchText="Decrypt file", lprc=0xd7e580) returned 13
[0321.612] RestoreDC (hdc=0x640107ae, nSavedDC=-1) returned 1
[0321.612] GdipReleaseDC (graphics=0x6600030, hdc=0x640107ae) returned 0x0
[0321.612] GetFocus () returned 0x602c4
[0321.612] IsAppThemed () returned 0x1
[0321.612] GetThemeAppProperties () returned 0x3
[0321.612] GetThemeAppProperties () returned 0x3
[0321.612] GdipGetDC (graphics=0x6600030, hdc=0xd7e7d8) returned 0x0
[0321.612] BitBlt (hdc=0x107b9, x=0, y=0, cx=75, cy=23, hdcSrc=0x640107ae, x1=0, y1=0, rop=0xcc0020) returned 1
[0321.612] GdipReleaseDC (graphics=0x6600030, hdc=0x640107ae) returned 0x0
[0321.612] SelectPalette (hdc=0x107b9, hPal=0x88000b, bForceBkgd=0) returned 0x2e0801a9
[0321.612] SelectObject (hdc=0x640107ae, h=0x85000f) returned 0x4a0507fe
[0321.612] DeleteDC (hdc=0x640107ae) returned 1
[0321.613] GdipDeleteGraphics (graphics=0x6600030) returned 0x0
[0321.613] EndPaint (hWnd=0x602c4, lpPaint=0xd7e77c) returned 1
[0321.613] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0321.613] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0321.613] WaitMessage () returned 1
[0321.685] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.685] IsWindowUnicode (hWnd=0x602c4) returned 1
[0321.685] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.685] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0321.685] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0321.685] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.685] IsWindowUnicode (hWnd=0x602c4) returned 1
[0321.685] GetMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0 | out: lpMsg=0xd7ed38) returned 1
[0321.685] TranslateMessage (lpMsg=0xd7ed38) returned 0
[0321.685] DispatchMessageW (lpMsg=0xd7ed38) returned 0x0
[0321.685] CallWindowProcW (lpPrevWndFunc=0x6f57e800, hWnd=0x602c4, Msg=0x2a1, wParam=0x0, lParam=0x90021) returned 0x0
[0321.685] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0321.685] PeekMessageW (in: lpMsg=0xd7ed38, hWnd=0x0, wMsgFilterMin=0x0, wMsgFilterMax=0x0, wRemoveMsg=0x0 | out: lpMsg=0xd7ed38) returned 0
[0321.685] WaitMessage ()
Thread:
id = 2
os_tid = 0x12c8
Thread:
id = 3
os_tid = 0x1338
Thread:
id = 4
os_tid = 0x12f4
[0099.239] CoGetContextToken (in: pToken=0x4cff714 | out: pToken=0x4cff714) returned 0x800401f0
[0099.239] CoInitializeEx (pvReserved=0x0, dwCoInit=0x0) returned 0x0
[0099.239] RoInitialize () returned 0x1
[0099.239] RoUninitialize () returned 0x0
[0132.153] CloseHandle (hObject=0x2f0) returned 1
[0132.153] CloseHandle (hObject=0x2ec) returned 1
[0132.154] CloseHandle (hObject=0x2e8) returned 1
[0132.154] CloseHandle (hObject=0x2e4) returned 1
[0132.154] CloseHandle (hObject=0x2e0) returned 1
[0132.154] CloseHandle (hObject=0x2dc) returned 1
[0132.154] CloseHandle (hObject=0x2d8) returned 1
[0132.155] CloseHandle (hObject=0x2d0) returned 1
[0132.155] CloseHandle (hObject=0xe4) returned 1
[0132.155] CloseHandle (hObject=0x2f4) returned 1
[0156.682] GdipDeleteRegion (region=0x6600220) returned 0x0
[0156.682] GdipDeleteRegion (region=0x6600030) returned 0x0
[0156.684] GdipDisposeImage (image=0x66462f8) returned 0x0
[0156.684] GdipDisposeImage (image=0x663ac98) returned 0x0
[0156.685] GdipDisposeImage (image=0x6631910) returned 0x0
[0156.685] GdipDisposeImage (image=0x663e560) returned 0x0
[0156.686] GdipDisposeImage (image=0x6647690) returned 0x0
[0156.686] GdipDisposeImage (image=0x6647360) returned 0x0
[0156.688] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0156.688] GdipDeleteRegion (region=0x66447d8) returned 0x0
[0156.692] GdipDeleteRegion (region=0x6637928) returned 0x0
[0156.692] GdipDeleteRegion (region=0x66377f8) returned 0x0
[0156.693] GdipDisposeImage (image=0x663a560) returned 0x0
[0156.693] GdipDisposeImage (image=0x66372d8) returned 0x0
[0156.693] GdipDisposeImage (image=0x663bbb0) returned 0x0
[0156.696] GdipDisposeImage (image=0x663b7d8) returned 0x0
[0156.696] GdipDisposeImage (image=0x6642d00) returned 0x0
[0156.697] GdipDisposeImage (image=0x6635e20) returned 0x0
[0176.289] GdipDisposeImage (image=0x6600640) returned 0x0
[0176.290] GdipDisposeImage (image=0x6601360) returned 0x0
[0176.291] GdipDisposeImage (image=0x663f258) returned 0x0
[0176.291] GdipDisposeImage (image=0x663ebc8) returned 0x0
[0176.293] GdipDisposeImage (image=0x66016a8) returned 0x0
[0176.295] GdipDeleteRegion (region=0x6644988) returned 0x0
[0176.295] GdipDeleteRegion (region=0x6644bc8) returned 0x0
[0176.295] GdipDisposeImage (image=0x6601018) returned 0x0
[0176.296] GdipDisposeImage (image=0x6602da0) returned 0x0
[0176.298] GdipDeleteRegion (region=0x66442c8) returned 0x0
[0176.298] GdipDeleteRegion (region=0x6644238) returned 0x0
[0176.303] GdipDisposeImage (image=0x6603778) returned 0x0
[0176.304] GdipDisposeImage (image=0x66023c8) returned 0x0
[0176.304] GdipDisposeImage (image=0x6601d38) returned 0x0
[0176.304] GdipDisposeImage (image=0x663ef10) returned 0x0
[0176.304] GdipDisposeImage (image=0x663ff78) returned 0x0
[0176.304] GdipDisposeImage (image=0x6640608) returned 0x0
[0176.306] GdipDeleteRegion (region=0x6644e08) returned 0x0
[0176.306] GdipDeleteRegion (region=0x6644d78) returned 0x0
[0176.306] GdipDeleteRegion (region=0x6646958) returned 0x0
[0176.307] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0176.307] GdipDeleteRegion (region=0x6644e98) returned 0x0
[0176.307] GdipDeleteRegion (region=0x6644868) returned 0x0
[0176.307] GdipDisposeImage (image=0x663f5a0) returned 0x0
[0176.307] GdipDisposeImage (image=0x66402c0) returned 0x0
[0176.307] GdipDisposeImage (image=0x663fc30) returned 0x0
[0176.307] GdipDisposeImage (image=0x6600988) returned 0x0
[0176.307] GdipDeleteRegion (region=0x6644f28) returned 0x0
[0176.307] GdipDeleteRegion (region=0x66446b8) returned 0x0
[0176.307] GdipDisposeImage (image=0x6604150) returned 0x0
[0193.141] GdipDisposeImage (image=0x66016a8) returned 0x0
[0193.141] GdipDeleteRegion (region=0x6646178) returned 0x0
[0193.141] GdipDisposeImage (image=0x6603430) returned 0x0
[0193.141] GdipDisposeImage (image=0x6602da0) returned 0x0
[0193.141] GdipDeleteRegion (region=0x66460e8) returned 0x0
[0193.143] GdipDisposeImage (image=0x6600988) returned 0x0
[0193.144] GdipDisposeImage (image=0x6601d38) returned 0x0
[0193.144] GdipDisposeImage (image=0x66019f0) returned 0x0
[0193.150] GdipDeleteRegion (region=0x6646688) returned 0x0
[0193.150] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0193.150] GdipDisposeImage (image=0x6602710) returned 0x0
[0193.151] GdipDisposeImage (image=0x6601360) returned 0x0
[0193.151] GdipDisposeImage (image=0x6602a58) returned 0x0
[0193.152] GdipDisposeImage (image=0x66023c8) returned 0x0
[0193.152] GdipDisposeImage (image=0x66030e8) returned 0x0
[0193.152] GdipDisposeImage (image=0x6603778) returned 0x0
[0193.152] GdipDisposeImage (image=0x6604150) returned 0x0
[0193.152] GdipDisposeImage (image=0x6601018) returned 0x0
[0193.152] GdipDisposeImage (image=0x6600640) returned 0x0
[0193.152] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0193.152] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0193.152] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0193.152] GdipDeleteRegion (region=0x6646958) returned 0x0
[0193.152] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0193.152] GdipDeleteRegion (region=0x6646298) returned 0x0
[0193.152] GdipDeleteRegion (region=0x6646568) returned 0x0
[0193.153] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0211.231] GdipDisposeImage (image=0x6651860) returned 0x0
[0211.231] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0211.231] GdipDisposeImage (image=0x6650b40) returned 0x0
[0211.231] GdipDisposeImage (image=0x6651ef0) returned 0x0
[0211.231] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0211.233] GdipDisposeImage (image=0x6650e88) returned 0x0
[0211.234] GdipDisposeImage (image=0x6652580) returned 0x0
[0211.234] GdipDisposeImage (image=0x664f448) returned 0x0
[0211.240] GdipDeleteRegion (region=0x6646ef8) returned 0x0
[0211.240] GdipDeleteRegion (region=0x6646298) returned 0x0
[0211.240] GdipDisposeImage (image=0x664fad8) returned 0x0
[0211.240] GdipDisposeImage (image=0x664ea70) returned 0x0
[0211.240] GdipDisposeImage (image=0x6651518) returned 0x0
[0211.240] GdipDisposeImage (image=0x664f790) returned 0x0
[0211.240] GdipDeleteRegion (region=0x6646448) returned 0x0
[0211.240] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0211.240] GdipDisposeImage (image=0x664fe20) returned 0x0
[0211.240] GdipDisposeImage (image=0x6650168) returned 0x0
[0211.240] GdipDisposeImage (image=0x6651ba8) returned 0x0
[0211.240] GdipDisposeImage (image=0x664f100) returned 0x0
[0211.240] GdipDisposeImage (image=0x66504b0) returned 0x0
[0211.240] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0211.240] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0211.240] GdipDeleteRegion (region=0x6646958) returned 0x0
[0211.240] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0211.241] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0211.241] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0230.128] GdipDisposeImage (image=0x66511d0) returned 0x0
[0230.128] GdipDisposeImage (image=0x664fe20) returned 0x0
[0230.128] GdipDisposeImage (image=0x664f100) returned 0x0
[0230.129] GdipDisposeImage (image=0x6650e88) returned 0x0
[0230.130] GdipDisposeImage (image=0x6650b40) returned 0x0
[0230.130] GdipDisposeImage (image=0x664ea70) returned 0x0
[0230.131] GdipDeleteRegion (region=0x6646dd8) returned 0x0
[0230.131] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0230.133] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0230.134] GdipDisposeImage (image=0x66030e8) returned 0x0
[0230.134] GdipDisposeImage (image=0x6601d38) returned 0x0
[0230.136] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0230.136] GdipDeleteRegion (region=0x6646e68) returned 0x0
[0230.137] GdipDeleteRegion (region=0x6646688) returned 0x0
[0230.137] GdipDeleteRegion (region=0x66464d8) returned 0x0
[0230.161] GdipDeleteRegion (region=0x66455a8) returned 0x0
[0230.161] GdipDeleteRegion (region=0x6645998) returned 0x0
[0230.161] GdipDisposeImage (image=0x6651ba8) returned 0x0
[0230.161] GdipDisposeImage (image=0x664fad8) returned 0x0
[0230.161] GdipDisposeImage (image=0x6650168) returned 0x0
[0230.161] GdipDisposeImage (image=0x6652580) returned 0x0
[0230.161] GdipDisposeImage (image=0x6651ef0) returned 0x0
[0230.161] GdipDisposeImage (image=0x66504b0) returned 0x0
[0230.161] GdipDeleteRegion (region=0x6646958) returned 0x0
[0230.161] GdipDeleteRegion (region=0x6646b08) returned 0x0
[0230.161] GdipDeleteRegion (region=0x6645098) returned 0x0
[0230.161] GdipDeleteRegion (region=0x6645518) returned 0x0
[0248.563] GdipDeleteRegion (region=0x66465f8) returned 0x0
[0248.569] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0248.570] GdipDeleteRegion (region=0x66456c8) returned 0x0
[0248.573] GdipDeleteRegion (region=0x6646718) returned 0x0
[0248.573] GdipDeleteRegion (region=0x6645878) returned 0x0
[0248.580] GdipDisposeImage (image=0x6603ac0) returned 0x0
[0248.580] GdipDeleteRegion (region=0x6645758) returned 0x0
[0248.581] GdipDeleteRegion (region=0x6645ab8) returned 0x0
[0248.581] GdipDisposeImage (image=0x6601d38) returned 0x0
[0248.581] GdipDisposeImage (image=0x6601360) returned 0x0
[0248.584] GdipDisposeImage (image=0x664f448) returned 0x0
[0248.585] GdipDisposeImage (image=0x6650168) returned 0x0
[0248.585] GdipDisposeImage (image=0x6651ba8) returned 0x0
[0248.586] GdipDisposeImage (image=0x6602a58) returned 0x0
[0248.586] GdipDisposeImage (image=0x66030e8) returned 0x0
[0248.586] GdipDisposeImage (image=0x6602da0) returned 0x0
[0248.586] GdipDeleteRegion (region=0x6645098) returned 0x0
[0248.586] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0248.586] GdipDeleteRegion (region=0x6645248) returned 0x0
[0248.586] GdipDeleteRegion (region=0x6645518) returned 0x0
[0248.587] GdipDisposeImage (image=0x6600640) returned 0x0
[0248.587] GdipDisposeImage (image=0x66023c8) returned 0x0
[0248.587] GdipDisposeImage (image=0x6603430) returned 0x0
[0248.587] GdipDeleteRegion (region=0x6645128) returned 0x0
[0248.587] GdipDeleteRegion (region=0x6645638) returned 0x0
[0248.587] GdipDisposeImage (image=0x6604150) returned 0x0
[0248.587] GdipDisposeImage (image=0x66019f0) returned 0x0
[0248.587] GdipDisposeImage (image=0x6603778) returned 0x0
[0248.587] GdipDeleteRegion (region=0x6646688) returned 0x0
[0266.710] GdipDisposeImage (image=0x6600988) returned 0x0
[0266.710] GdipDisposeImage (image=0x6650e88) returned 0x0
[0266.711] GdipDeleteRegion (region=0x6645488) returned 0x0
[0266.711] GdipDeleteRegion (region=0x66452d8) returned 0x0
[0266.711] GdipDisposeImage (image=0x6652580) returned 0x0
[0266.711] GdipDisposeImage (image=0x664fad8) returned 0x0
[0266.711] GdipDisposeImage (image=0x6602710) returned 0x0
[0266.713] GdipDisposeImage (image=0x6651ba8) returned 0x0
[0266.713] GdipDisposeImage (image=0x664fe20) returned 0x0
[0266.713] GdipDisposeImage (image=0x664f448) returned 0x0
[0266.713] GdipDisposeImage (image=0x66016a8) returned 0x0
[0266.715] GdipDisposeImage (image=0x6651860) returned 0x0
[0266.721] GdipDisposeImage (image=0x664f790) returned 0x0
[0266.722] GdipDeleteRegion (region=0x6645bd8) returned 0x0
[0266.722] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0266.723] GdipDisposeImage (image=0x6651518) returned 0x0
[0266.723] GdipDisposeImage (image=0x6651ef0) returned 0x0
[0266.724] GdipDeleteRegion (region=0x6646718) returned 0x0
[0266.724] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0266.724] GdipDisposeImage (image=0x66507f8) returned 0x0
[0266.726] GdipDisposeImage (image=0x66023c8) returned 0x0
[0266.726] GdipDisposeImage (image=0x66030e8) returned 0x0
[0266.726] GdipDisposeImage (image=0x6603778) returned 0x0
[0266.726] GdipDisposeImage (image=0x6650b40) returned 0x0
[0266.726] GdipDisposeImage (image=0x6602080) returned 0x0
[0266.726] GdipDeleteRegion (region=0x6645fc8) returned 0x0
[0266.726] GdipDeleteRegion (region=0x6645c68) returned 0x0
[0266.726] GdipDisposeImage (image=0x6652238) returned 0x0
[0266.726] GdipDisposeImage (image=0x664edb8) returned 0x0
[0266.726] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0266.727] GdipDeleteRegion (region=0x6646688) returned 0x0
[0266.727] GdipDisposeImage (image=0x664ea70) returned 0x0
[0266.727] GdipDisposeImage (image=0x6650168) returned 0x0
[0266.727] GdipDisposeImage (image=0x66511d0) returned 0x0
[0266.727] GdipDisposeImage (image=0x6600cd0) returned 0x0
[0266.727] GdipDisposeImage (image=0x6603e08) returned 0x0
[0266.727] GdipDisposeImage (image=0x664f100) returned 0x0
[0266.727] GdipDisposeImage (image=0x66019f0) returned 0x0
[0266.727] GdipDisposeImage (image=0x6602a58) returned 0x0
[0266.727] GdipDisposeImage (image=0x6601360) returned 0x0
[0266.727] GdipDeleteRegion (region=0x6646a78) returned 0x0
[0266.727] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0285.560] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0285.560] GdipDeleteRegion (region=0x6646838) returned 0x0
[0285.560] GdipDisposeImage (image=0x6601018) returned 0x0
[0285.561] GdipDisposeImage (image=0x6600cd0) returned 0x0
[0285.561] GdipDisposeImage (image=0x66023c8) returned 0x0
[0285.563] GdipDeleteRegion (region=0x6646958) returned 0x0
[0285.563] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0285.570] GdipDisposeImage (image=0x6603430) returned 0x0
[0285.571] GdipDisposeImage (image=0x66030e8) returned 0x0
[0285.571] GdipDisposeImage (image=0x6600988) returned 0x0
[0285.573] GdipDisposeImage (image=0x6602710) returned 0x0
[0285.573] GdipDeleteRegion (region=0x6645998) returned 0x0
[0285.573] GdipDisposeImage (image=0x6600640) returned 0x0
[0285.574] GdipDisposeImage (image=0x6602080) returned 0x0
[0285.575] GdipDeleteRegion (region=0x6645908) returned 0x0
[0285.580] GdipDisposeImage (image=0x6603e08) returned 0x0
[0285.580] GdipDisposeImage (image=0x6601360) returned 0x0
[0285.580] GdipDisposeImage (image=0x6602a58) returned 0x0
[0285.581] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0285.581] GdipDeleteRegion (region=0x66467a8) returned 0x0
[0285.581] GdipDisposeImage (image=0x6601d38) returned 0x0
[0285.581] GdipDisposeImage (image=0x6603778) returned 0x0
[0285.581] GdipDisposeImage (image=0x66016a8) returned 0x0
[0285.581] GdipDeleteRegion (region=0x6645e18) returned 0x0
[0285.581] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0285.581] GdipDeleteRegion (region=0x6646328) returned 0x0
[0285.581] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0303.924] GdipDeleteRegion (region=0x6646f88) returned 0x0
[0303.924] GdipDeleteRegion (region=0x6646cb8) returned 0x0
[0303.925] GdipDeleteRegion (region=0x66463b8) returned 0x0
[0303.925] GdipDeleteRegion (region=0x66469e8) returned 0x0
[0303.927] GdipDeleteRegion (region=0x66457e8) returned 0x0
[0303.928] GdipDeleteRegion (region=0x6645ea8) returned 0x0
[0303.931] GdipDisposeImage (image=0x6650b40) returned 0x0
[0303.931] GdipDisposeImage (image=0x664fad8) returned 0x0
[0303.931] GdipDisposeImage (image=0x6651ba8) returned 0x0
[0303.932] GdipDeleteRegion (region=0x6646c28) returned 0x0
[0303.932] GdipDeleteRegion (region=0x6646b98) returned 0x0
[0303.932] GdipDeleteRegion (region=0x66468c8) returned 0x0
[0303.932] GdipDeleteRegion (region=0x6646328) returned 0x0
[0303.934] GdipDisposeImage (image=0x6650168) returned 0x0
[0303.939] GdipDisposeImage (image=0x664f790) returned 0x0
[0303.940] GdipDisposeImage (image=0x664fe20) returned 0x0
[0303.940] GdipDisposeImage (image=0x6652580) returned 0x0
[0303.940] GdipDisposeImage (image=0x66511d0) returned 0x0
[0303.940] GdipDisposeImage (image=0x6651ef0) returned 0x0
[0303.941] GdipDisposeImage (image=0x6650e88) returned 0x0
[0303.941] GdipDeleteRegion (region=0x6646058) returned 0x0
[0303.941] GdipDeleteRegion (region=0x6646d48) returned 0x0
[0303.941] GdipDisposeImage (image=0x664f448) returned 0x0
[0303.941] GdipDisposeImage (image=0x66504b0) returned 0x0
[0303.941] GdipDisposeImage (image=0x664ea70) returned 0x0
[0303.941] GdipDisposeImage (image=0x664f100) returned 0x0
[0303.941] GdipDisposeImage (image=0x664edb8) returned 0x0
Thread:
id = 5
os_tid = 0x67c
Thread:
id = 6
os_tid = 0xa74
Thread:
id = 7
os_tid = 0x139c
Thread:
id = 8
os_tid = 0xfcc